Skip to content

C
configuration
Commit 18ddd445 by John Jarvis
Options

formatting updates, upstart bash wrapper for forum

parent f6a7e2b5
Showing with 201 additions and 291 deletions
playbooks/edx-east/edx_continuous_integration.yml
......@@ -8,27 +8,24 @@
openid_workaround: True
roles:
- common
# - role: nginx
# nginx_sites:
# - cms
# - lms
# - lms-preview
# - ora
# - xqueue
# - xserver
# - edxlocal
# - role: supervisor
# supervisor_servers:
# - forum
# - lms
# - mongo
# - edxapp
# - { role: 'rabbitmq', rabbitmq_ip: '127.0.0.1' }
# - { role: 'edxapp', celery_worker: True }
# - oraclejdk
# - elasticsearch
# - forum
# - { role: "xqueue", update_users: True }
# - xserver
# - ora
- role: nginx
nginx_sites:
- cms
- lms
- lms-preview
- ora
- xqueue
- xserver
- edxlocal
- supervisor
- mongo
- edxapp
- { role: 'rabbitmq', rabbitmq_ip: '127.0.0.1' }
- { role: 'edxapp', celery_worker: True }
- oraclejdk
- elasticsearch
- forum
- { role: "xqueue", update_users: True }
- xserver
- ora
- discern
playbooks/group_vars/all
......@@ -5,7 +5,6 @@
data_dir: /edx/var
app_dir: /edx/app
log_dir: "{{ data_dir }}/log"
venvs_dir: "{{ app_dir }}/venvs"
bin_dir: /edx/bin
cfg_dir: /edx/etc
......
playbooks/roles/common/tasks/main.yml
......@@ -7,30 +7,29 @@
- name: common | Create common directories
file: >
path={{ item }}
state=directory
owner=root
group=root
mode=0755
path={{ item }} state=directory owner=root
group=root mode=0755
with_items:
- "{{ data_dir }}"
- "{{ app_dir }}"
- "{{ log_dir }}"
- "{{ venvs_dir }}"
- "{{ bin_dir }}"
- "{{ cfg_dir }}"
- name: common | Install role-independent useful system packages
# do this before log dir setup; rsyslog package guarantees syslog user present
apt: pkg={{','.join(common_debian_pkgs)}} install_recommends=yes state=present update_cache=yes
apt: >
pkg={{','.join(common_debian_pkgs)}} install_recommends=yes
state=present update_cache=yes
- name: common | upload sudo config for key forwarding as root
copy: src=ssh_key_forward dest=/etc/sudoers.d/ssh_key_forward validate='visudo -c -f %s' owner=root group=root mode=0440
copy: >
src=ssh_key_forward dest=/etc/sudoers.d/ssh_key_forward
validate='visudo -c -f %s' owner=root group=root mode=0440
- name: common | pip install virtualenv
pip: >
name="{{ item }}"
state=present
name="{{ item }}" state=present
extra_args="-i {{ PYPI_MIRROR_URL }}"
with_items: common_pip_pkgs
......
playbooks/roles/discern/tasks/main.yml
......@@ -26,19 +26,21 @@
with_items: discern_ease_debian_pkgs
- name: discern | render celery service from template
template: src=celery.conf.j2 dest=/etc/init/celery.conf
template: >
src=celery.conf.j2 dest=/etc/init/celery.conf
owner=root group=root
notify: discern | restart celery
- name: discern | render discern service from template
template: src=discern.conf.j2 dest=/etc/init/discern.conf
template: >
src=discern.conf.j2 dest=/etc/init/discern.conf
owner=root group=root
notify: discern | restart discern
- name: discern | copy sudoers file for discern
copy: >
src=sudoers-discern
dest=/etc/sudoers.d/discern
mode=0440
validate='visudo -cf %s'
src=sudoers-discern dest=/etc/sudoers.d/discern
mode=0440 validate='visudo -cf %s' owner=root group=root
#Needed if using redis to prevent memory issues
- name: discern | change memory commit settings -- needed for redis
......
playbooks/roles/edxapp/tasks/main.yml
......@@ -9,33 +9,26 @@
- name: edxapp | create application user
user: >
name="{{ edxapp_user }}"
home="{{ edxapp_app_dir }}"
createhome=no
shell=/bin/false
name="{{ edxapp_user }}" home="{{ edxapp_app_dir }}"
createhome=no shell=/bin/false
- name: edxapp | create edxapp app dir
file: >
path="{{ item }}"
state=directory
owner="{{ edxapp_user }}"
group="{{ common_web_group }}"
path="{{ item }}" state=directory
owner="{{ edxapp_user }}" group="{{ common_web_group }}"
with_items:
- "{{ edxapp_app_dir }}"
- "{{ edxapp_venvs_dir }}"
- name: edxapp | create edxapp log dir
file: >
path="{{ edxapp_log_dir }}"
state=directory
owner="{{ common_log_user }}"
group="{{ common_log_user }}"
path="{{ edxapp_log_dir }}" state=directory
owner="{{ common_log_user }}" group="{{ common_log_user }}"
- name: edxapp | create edxapp writable dirs
file: >
path="{{ item }}"
state=directory
owner="{{ edxapp_user }}"
path="{{ item }}" state=directory
owner="{{ edxapp_user }}" group="{{ edxapp_user }}"
with_items:
- "{{ edxapp_staticfile_dir }}"
- "{{ edxapp_theme_dir }}"
......@@ -43,10 +36,8 @@
- name: edxapp | create web-writable edxapp data dirs
file: >
path="{{ item }}"
state=directory
owner="{{ common_web_user }}"
group="{{ edxapp_user }}"
path="{{ item }}" state=directory
owner="{{ common_web_user }}" group="{{ edxapp_user }}"
mode="0775"
with_items:
- "{{ edxapp_course_data_dir }}"
......@@ -57,19 +48,21 @@
- name: edxapp | creating edxapp upstart script
sudo: True
template: src=edxapp.conf.j2 dest=/etc/init/edxapp.conf owner=root group=root
template: >
src=edxapp.conf.j2 dest=/etc/init/edxapp.conf
owner=root group=root
when: "celery_worker is not defined"
- name: edxapp | create edx-workers upstart script
template: src=edx-workers.conf.j2 dest=/etc/init/edx-workers.conf owner=root group=root
template: >
src=edx-workers.conf.j2 dest=/etc/init/edx-workers.conf
owner=root group=root
when: "celery_worker is defined"
- name: edxapp | create log directories for service variants
file: >
path={{ edxapp_log_dir }}/{{ item }}
state=directory
owner={{ common_log_user }}
group={{ common_log_user }}
path={{ edxapp_log_dir }}/{{ item }} state=directory
owner={{ common_log_user }} group={{ common_log_user }}
mode=0750
with_items:
- lms
......
playbooks/roles/forum/tasks/main.yml
......@@ -23,28 +23,37 @@
- name: forum | create application user
user: >
name="{{ forum_user }}"
home="{{ forum_app_dir }}"
name="{{ forum_user }}" home="{{ forum_app_dir }}"
createhome=no
shell=/bin/false
- name: forum | create forum app dir
file: >
path="{{ forum_app_dir }}"
state=directory
owner="{{ forum_user }}"
group="{{ common_web_group }}"
path="{{ forum_app_dir }}" state=directory
owner="{{ forum_user }}" group="{{ common_web_group }}"
- name: forum | setup the forum env
template: src=forum_env.j2 dest={{ forum_app_dir }}/forum_env
sudo_user: "{{ forum_user }}"
template: >
src=forum_env.j2 dest={{ forum_app_dir }}/forum_env
owner={{ forum_user }} group={{ forum_user }}
notify:
- forum | restart the forum service
- name: forum | create the supervisor config
template: >
src=forum.conf.j2 dest={{ supervisor_cfg_dir }}/forum.conf
owner={{ common_web_user }} group={{ supervisor_user }}
register: forum_supervisor
- include: deploy.yml
- name: forum | create the supervisor config
template: src=forum.conf.j2 dest={{ supervisor_cfg_dir }}/forum.conf
notify:
- forum | restart the forum service
# Reload supervisor right away when the configuration
# changes, this happens after deploy.yml tasks so
# that the application is installed
- name: forum | reload supervisor
shell: "{{ supervisor_ctl }} -c {{ supervisor_cfg }} reload"
when: forum_supervisor.changed
- include: test.yml
playbooks/roles/forum/templates/forum-supervisor.sh.j2 0 → 100644
#!/bin/bash
source {{ forum_app_dir }}/forum_env
cd {{ forum_code_dir }}
{{ forum_rbenv_shims }}/ruby app.rb
playbooks/roles/forum/templates/forum.conf.j2
......@@ -5,6 +5,5 @@ user={{ common_web_user }}
startsecs=10
stdout_logfile={{ supervisor_log_dir }}/%(program_name)-stdout.log
stderr_logfile={{ supervisor_log_dir }}/%(program_name)-stderr.log
stderr_logfile_maxbytes=1MB
killasgroup=true
stopasgroup=true
playbooks/roles/gh_users/tasks/main.yml
......@@ -22,16 +22,12 @@
- name: gh_users | grant full sudo access to gh group
copy: >
content="%adm ALL=(ALL) NOPASSWD:ALL"
dest=/etc/sudoers.d/gh
owner=root
group=root
mode=0440
validate='visudo -cf %s'
dest=/etc/sudoers.d/gh owner=root group=root
mode=0440 validate='visudo -cf %s'
- name: gh_users | create github users
user:
name={{ item }}
group=gh
name={{ item }} group=gh
shell=/bin/bash
with_items: gh_users
......
playbooks/roles/mongo/tasks/main.yml
......@@ -3,10 +3,8 @@
- name: mongo | install python pymongo for mongo_user ansible module
pip: >
name=pymongo
state=present
version=2.6.3
extra_args="-i {{ PYPI_MIRROR_URL }}"
name=pymongo state=present
version=2.6.3 extra_args="-i {{ PYPI_MIRROR_URL }}"
- name: mongo | add the mongodb signing key
apt_key: >
......@@ -22,15 +20,18 @@
- name: mongo | install mongo server and recommends
apt: >
pkg=mongodb-10gen={{ mongo_version }}
state=present
install_recommends=yes
state=present install_recommends=yes
update_cache=yes
- name: mongo | create mongo data dir
- name: mongo | create mongo dirs
file: >
path="{{ mongo_data_dir }}"
state=directory
path="{{ item }}" state=directory
owner="{{ mongo_user }}"
group="{{ mongo_user }}"
with_items:
- "{{ mongo_data_dir }}"
- "{{ mongo_dbpath }}"
- "{{ mongo_app_dir }}"
- name: mongo | stop mongo service
service: name=mongodb state=stopped
......
playbooks/roles/nginx/tasks/main.yml
......@@ -4,85 +4,70 @@
- name: nginx | Install nginx
apt: pkg=nginx state={{ pkgs.nginx.state }}
notify: nginx | restart nginx
tags:
- nginx
- install
- name: nginx | Server configuration file
copy: src={{secure_dir}}/files/nginx.conf dest=/etc/nginx/nginx.conf owner=root group=root mode=0644
copy: >
src={{secure_dir}}/files/nginx.conf dest=/etc/nginx/nginx.conf
owner=root group=root mode=0644
when: nginx_conf is defined
notify: nginx | reload nginx
tags:
- nginx
- install
- name: nginx | Creating common nginx configuration
template: src=edx-release.j2 dest=/etc/nginx/sites-available/edx-release owner=root group=root mode=0600
template: >
src=edx-release.j2 dest=/etc/nginx/sites-available/edx-release
owner=root group=root mode=0600
notify: nginx | reload nginx
tags:
- nginx
- name: nginx | Creating link for common nginx configuration
file: src=/etc/nginx/sites-available/edx-release dest=/etc/nginx/sites-enabled/edx-release state=link owner=root group=root
file: >
src=/etc/nginx/sites-available/edx-release dest=/etc/nginx/sites-enabled/edx-release
state=link owner=root group=root
notify: nginx | reload nginx
tags:
- nginx
- name: nginx | Copying nginx configs for {{ nginx_sites }}
template: src={{ item }}.j2 dest=/etc/nginx/sites-available/{{ item }} owner=root group=root mode=0600
template: >
src={{ item }}.j2 dest=/etc/nginx/sites-available/{{ item }}
owner=root group=root mode=0600
notify: nginx | reload nginx
with_items: nginx_sites
tags:
- nginx
- name: nginx | Creating nginx config links for {{ nginx_sites }}
file: src=/etc/nginx/sites-available/{{ item }} dest=/etc/nginx/sites-enabled/{{ item }} state=link owner=root group=root
file: >
src=/etc/nginx/sites-available/{{ item }}
dest=/etc/nginx/sites-enabled/{{ item }} state=link owner=root group=root
notify: nginx | reload nginx
with_items: nginx_sites
tags:
- nginx
- name: nginx | Write out default htpasswd file
copy: content={{ nginx_cfg.htpasswd }} dest=/etc/nginx/nginx.htpasswd owner=www-data group=www-data mode=0600
tags:
- nginx
- update
copy: >
content={{ nginx_cfg.htpasswd }} dest=/etc/nginx/nginx.htpasswd
owner=www-data group=www-data mode=0600
- name: nginx | Create nginx log file location (just in case)
file: path={{log_dir}}/nginx state=directory owner=syslog group=syslog mode=2770 recurse=yes
tags:
- nginx
- logging
- update
file: >
path={{log_dir}}/nginx state=directory
owner=syslog group=syslog mode=2770 recurse=yes
# removing default link
- name: nginx | Removing default nginx config and restart (enabled)
file: path=/etc/nginx/sites-enabled/default state=absent
notify: nginx | reload nginx
tags:
- nginx
- update
# Note that nginx logs to /var/log until it reads its configuration, so /etc/logrotate.d/nginx is still good
- name: nginx | Set up nginx access log rotation
template: dest=/etc/logrotate.d/nginx-access src=edx_logrotate_nginx_access.j2 owner=root group=root mode=644
tags:
- logging
- update
template: >
dest=/etc/logrotate.d/nginx-access src=edx_logrotate_nginx_access.j2
owner=root group=root mode=644
- name: nginx | Set up nginx access log rotation
template: dest=/etc/logrotate.d/nginx-error src=edx_logrotate_nginx_error.j2 owner=root group=root mode=644
tags:
- logging
- update
template: >
dest=/etc/logrotate.d/nginx-error src=edx_logrotate_nginx_error.j2
owner=root group=root mode=644
- name: nginx | Removing default nginx config (available)
file: path=/etc/nginx/sites-available/default state=absent
notify: nginx | reload nginx
tags:
- nginx
- update
# If tasks that notify restart nginx don't change the state of the remote system
# their corresponding notifications don't get run. If nginx has been stopped for
......
playbooks/roles/nginx/templates/basic-auth.j2
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/nginx.htpasswd;
root {{ nginx_app_dir }}/main_static;
index index.html
proxy_set_header X-Forwarded-Proto https;
playbooks/roles/notifier/tasks/main.yml
......@@ -2,16 +2,16 @@
#
# notifier
#
#
# Overview:
#
# Provides the edX notifier service, a service for sending
#
# Provides the edX notifier service, a service for sending
# notifications over messaging protocols.
#
# Dependencies:
#
# * common
#
#
# Example play:
# roles:
# - common
......@@ -19,153 +19,84 @@
#
- name: notifier | install notifier specific system packages
apt: pkg={{','.join(notifier_debian_pkgs)}} state=present
tags:
- notifier
- install
- update
- name: notifier | check if incommon ca is installed
command: test -e /usr/share/ca-certificates/incommon/InCommonServerCA.crt
register: incommon_present
ignore_errors: yes
tags:
- notifier
- install
- update
- name: common | create incommon ca directory
file:
file:
path="/usr/share/ca-certificates/incommon" mode=2775 state=directory
when: incommon_present|failed
tags:
- notifier
- install
- update
- ubuntu
- name: common | retrieve incommon server CA
shell: curl https://www.incommon.org/cert/repository/InCommonServerCA.txt -o /usr/share/ca-certificates/incommon/InCommonServerCA.crt
when: incommon_present|failed
tags:
- notifier
- install
- update
- ubuntu
- name: common | add InCommon ca cert
lineinfile:
dest=/etc/ca-certificates.conf
regexp='incommon/InCommonServerCA.crt'
regexp='incommon/InCommonServerCA.crt'
line='incommon/InCommonServerCA.crt'
tags:
- notifier
- install
- update
- ubuntu
- name: common | update ca certs globally
shell: update-ca-certificates
tags:
- notifier
- install
- update
- ubuntu
- name: notifier | create notifier user {{ NOTIFIER_USER }}
user:
name={{ NOTIFIER_USER }} state=present shell=/bin/bash
user:
name={{ NOTIFIER_USER }} state=present shell=/bin/bash
home={{ NOTIFIER_HOME }} createhome=yes
tags:
- notifier
- install
- update
- name: notifier | setup the notifier env
template:
src=notifier_env.j2 dest={{ NOTIFIER_HOME }}/notifier_env
template:
src=notifier_env.j2 dest={{ NOTIFIER_HOME }}/notifier_env
owner="{{ NOTIFIER_USER }}" group="{{ NOTIFIER_USER }}"
tags:
- notifier
- install
- update
- name: notifier | drop a bash_profile
copy: >
src=../../common/files/bash_profile
dest={{ NOTIFIER_HOME }}/.bash_profile
owner={{ NOTIFIER_USER }}
src=../../common/files/bash_profile
dest={{ NOTIFIER_HOME }}/.bash_profile
owner={{ NOTIFIER_USER }}
group={{ NOTIFIER_USER }}
- name: notifier | ensure .bashrc exists
shell: touch {{ NOTIFIER_HOME }}/.bashrc
sudo: true
sudo: true
sudo_user: "{{ NOTIFIER_USER }}"
tags:
- notifier
- install
- update
- name: notifier | add source of notifier_env to .bashrc
lineinfile:
dest={{ NOTIFIER_HOME }}/.bashrc
regexp='. {{ NOTIFIER_HOME }}/notifier_env'
regexp='. {{ NOTIFIER_HOME }}/notifier_env'
line='. {{ NOTIFIER_HOME }}/notifier_env'
tags:
- notifier
- install
- update
- name: notifier | add source venv to .bashrc
lineinfile:
dest={{ NOTIFIER_HOME }}/.bashrc
regexp='. {{ NOTIFIER_VENV_DIR }}/bin/activate'
regexp='. {{ NOTIFIER_VENV_DIR }}/bin/activate'
line='. {{ NOTIFIER_VENV_DIR }}/bin/activate'
tags:
- notifier
- install
- update
- name: notifier | create notifier DB directory
file:
path="{{ NOTIFIER_DB_DIR }}" mode=2775 state=directory
tags:
- notifier
- install
- update
- name: notifier | create notifier/bin directory
file:
file:
path="{{ NOTIFIER_HOME }}/bin" mode=2775 state=directory
tags:
- notifier
- install
- update
- name: common | create supervisor log directoy
file:
file:
path={{NOTIFIER_SUPERVISOR_LOG_DEST }} mode=2750 state=directory
tags:
- notifier
- install
- update
- ubuntu
- name: notifier | supervisord config for celery workers
template:
src=etc/supervisor/conf.d/notifier-celery-workers.conf.j2 dest=/etc/supervisor/conf.d/notifier-celery-workers.conf
template:
src=etc/supervisor/conf.d/notifier-celery-workers.conf.j2 dest=/etc/supervisor/conf.d/notifier-celery-workers.conf
notify: notifier | restart notifier-celery-workers
tags:
- notifier
- install
- update
- name: notifier | supervisord config for scheduler
template:
src=etc/supervisor/conf.d/notifier-scheduler.conf.j2 dest=/etc/supervisor/conf.d/notifier-scheduler.conf
template:
src=etc/supervisor/conf.d/notifier-scheduler.conf.j2 dest=/etc/supervisor/conf.d/notifier-scheduler.conf
notify: notifier | restart notifier-scheduler
tags:
- notifier
- install
- update
- include: deploy.yml
playbooks/roles/ora/tasks/main.yml
......@@ -5,17 +5,13 @@
- name: ora | create application user
user: >
name="{{ ora_user }}"
home="{{ ora_app_dir }}"
createhome=no
shell=/bin/false
name="{{ ora_user }}" home="{{ ora_app_dir }}"
createhome=no shell=/bin/false
- name: ora | create ora app and data dir
file: >
path="{{ item }}"
state=directory
owner="{{ ora_user }}"
group="{{ common_web_group }}"
path="{{ item }}" state=directory
owner="{{ ora_user }}" group="{{ common_web_group }}"
with_items:
- "{{ ora_venvs_dir }}"
- "{{ ora_app_dir }}"
......@@ -35,5 +31,4 @@
- name: ora | create a symlink for venv python
file: >
src="{{ ora_venv_bin }}/python"
dest={{ cfg_dir }}/python.ora
state=link
dest={{ cfg_dir }}/python.ora state=link
playbooks/roles/oraclejdk/tasks/main.yml
---
# oraclejdk
#
#
# Dependencies:
#
# * common
#
#
# Example play:
#
# roles:
......@@ -16,40 +16,28 @@
command: test -d /usr/lib/jvm/{{ oraclejdk_base }}
ignore_errors: true
register: oraclejdk_present
tags:
- oraclejdk
- install
- name: oraclejdk | download Oracle Java
shell: >
curl -b gpw_e24=http%3A%2F%2Fwww.oracle.com -O -L {{ oraclejdk_url }}
executable=/bin/bash
chdir=/var/tmp
creates=/var/tmp/{{ oraclejdk_file }}
curl -b gpw_e24=http%3A%2F%2Fwww.oracle.com -O -L {{ oraclejdk_url }}
executable=/bin/bash
chdir=/var/tmp
creates=/var/tmp/{{ oraclejdk_file }}
when: oraclejdk_present|failed
- name: oraclejdk | install Oracle Java
shell: >
mkdir -p /usr/lib/jvm && tar -C /usr/lib/jvm -zxvf /var/tmp/{{ oraclejdk_file }}
mkdir -p /usr/lib/jvm && tar -C /usr/lib/jvm -zxvf /var/tmp/{{ oraclejdk_file }}
creates=/usr/lib/jvm/{{ oraclejdk_base }}
executable=/bin/bash
executable=/bin/bash
sudo: true
when: oraclejdk_present|failed
tags:
- oraclejdk
- install
- name: oraclejdk | create symlink expected by elasticsearch
file: src=/usr/lib/jvm/{{ oraclejdk_base }} dest={{ oraclejdk_link }} state=link
when: oraclejdk_present|failed
tags:
- oraclejdk
- install
- name: oraclejdk | add JAVA_HOME for Oracle Java
template: src=java.sh.j2 dest=/etc/profile.d/java.sh owner=root group=root mode=0755
when: oraclejdk_present|failed
tags:
- oraclejdk
- install
playbooks/roles/rabbitmq/tasks/main.yml
......@@ -20,26 +20,35 @@
# Defaulting to /var/lib/rabbitmq
- name: rabbitmq | create cookie directory
file: path={{rabbitmq_cookie_dir}} owner=rabbitmq group=rabbitmq mode=0755 state=directory
file: >
path={{rabbitmq_cookie_dir}}
owner=rabbitmq group=rabbitmq mode=0755 state=directory
- name: rabbitmq | add rabbitmq erlang cookie
template: src=erlang.cookie.j2 dest={{rabbitmq_cookie_location}} owner=rabbitmq group=rabbitmq mode=0400
template: >
src=erlang.cookie.j2 dest={{rabbitmq_cookie_location}}
owner=rabbitmq group=rabbitmq mode=0400
register: erlang_cookie
# Defaulting to /etc/rabbitmq
- name: rabbitmq | create rabbitmq config directory
file: path={{rabbitmq_config_dir}} owner=root group=root mode=0755 state=directory
file: >
path={{rabbitmq_config_dir}}
owner=root group=root mode=0755 state=directory
- name: rabbitmq | add rabbitmq environment configuration
template: src=rabbitmq-env.conf.j2 dest={{rabbitmq_config_dir}}/rabbitmq-env.conf owner=root group=root mode=0644
template: >
src=rabbitmq-env.conf.j2 dest={{rabbitmq_config_dir}}/rabbitmq-env.conf
owner=root group=root mode=0644
- name: rabbitmq | add rabbitmq cluster configuration
template: src=rabbitmq.config.j2 dest={{rabbitmq_config_dir}}/rabbitmq.config owner=root group=root mode=0644
template: >
src=rabbitmq.config.j2 dest={{rabbitmq_config_dir}}/rabbitmq.config
owner=root group=root mode=0644
register: cluster_configuration
- name: rabbitmq | install plugins
rabbitmq_plugin:
rabbitmq_plugin:
names={{",".join(rabbitmq_plugins)}} state=enabled
# When rabbitmq starts up it creates a folder of metadata at '/var/lib/rabbitmq/mnesia'.
......@@ -60,13 +69,9 @@
- name: rabbitmq | add admin users
rabbitmq_user: >
user='{{item.name}}'
password='{{item.password}}'
read_priv='.*'
write_priv='.*'
configure_priv='.*'
tags="administrator"
state=present
user='{{item.name}}' password='{{item.password}}'
read_priv='.*' write_priv='.*'
configure_priv='.*' tags="administrator" state=present
with_items: rabbitmq_auth_config.admins
when: "'admins' in rabbitmq_auth_config"
......@@ -74,11 +79,11 @@
# Depends upon the management plugin
#
- name: rabbitmq | install admin tools
get_url:
get_url: >
url=http://localhost:{{ rabbitmq_management_port }}/cli/rabbitmqadmin
dest=/usr/local/bin/rabbitmqadmin
- name: rabbitmq | ensure rabbitmqadmin attributes
file:
path=/usr/local/bin/rabbitmqadmin owner=root
file: >
path=/usr/local/bin/rabbitmqadmin owner=root
group=root mode=0655
playbooks/roles/rbenv/tasks/main.yml
......@@ -36,16 +36,13 @@
- name: rbenv | create rbenv user {{ rbenv_user }}
user: >
name={{ rbenv_user }}
home={{ rbenv_dir }}
shell=/bin/false
createhome=no
name={{ rbenv_user }} home={{ rbenv_dir }}
shell=/bin/false createhome=no
when: rbenv_user != common_web_user
- name: rbenv | create rbenv dir if it does not exist
file: >
path="{{ rbenv_dir }}"
owner="{{ rbenv_user }}"
path="{{ rbenv_dir }}" owner="{{ rbenv_user }}"
state=directory
- name: rbenv | install build depends
......@@ -55,14 +52,12 @@
- name: rbenv | update rbenv repo
git: >
repo=https://github.com/sstephenson/rbenv.git
dest={{ rbenv_dir }}/.rbenv
version={{ rbenv_version }}
dest={{ rbenv_dir }}/.rbenv version={{ rbenv_version }}
sudo_user: "{{ rbenv_user }}"
- name: rbenv | ensure ruby_env exists
template: >
src=ruby_env.j2
dest={{ rbenv_dir }}/ruby_env
src=ruby_env.j2 dest={{ rbenv_dir }}/ruby_env
sudo_user: "{{ rbenv_user }}"
- name: rbenv | check ruby-build installed
......
playbooks/roles/supervisor/defaults/main.yml
......@@ -14,7 +14,7 @@
supervisor_app_dir: "{{ app_dir }}/supervisor"
supervisor_cfg_dir: "{{ supervisor_app_dir }}/conf.d"
supervisor_data_dir: "{{ data_dir }}/supervisor"
supervisor_venvs_dir: "{{ venvs_dir }}/supervisor"
supervisor_venvs_dir: "{{ supervisor_app_dir }}/venvs"
supervisor_venv_dir: "{{ supervisor_venvs_dir }}/supervisor"
supervisor_venv_bin: "{{ supervisor_venv_dir }}/bin"
supervisor_ctl: "{{ supervisor_venv_bin }}/supervisorctl"
......
playbooks/roles/supervisor/handlers/main.yml
......@@ -2,3 +2,6 @@
service: >
name=supervisor
state=restarted
- name: supervisor | reload supervisor
shell: "{{ supervisor_ctl }} -c {{ supervisor_cfg }} reload"
playbooks/roles/supervisor/tasks/main.yml
......@@ -38,7 +38,6 @@
group={{ common_web_user }}
with_items:
- "{{ supervisor_app_dir }}"
- "{{ supervisor_cfg_dir }}"
- "{{ supervisor_venvs_dir }}"
- name: supervisor | create supervisor directories
......@@ -48,6 +47,7 @@
owner={{ common_web_user }}
group={{ supervisor_user }}
with_items:
- "{{ supervisor_cfg_dir }}"
- "{{ supervisor_data_dir }}"
- "{{ supervisor_log_dir }}"
......@@ -58,12 +58,15 @@
notify: supervisor | restart supervisor
- name: supervisor | create supervisor upstart job
template: src=supervisor-upstart.conf.j2 dest=/etc/init/supervisor.conf
template: >
src=supervisor-upstart.conf.j2 dest=/etc/init/supervisor.conf
owner=root group=root
notify: supervisor | restart supervisor
- name: supervisor | create supervisor master config
template: src=supervisord.conf.j2 dest={{ supervisor_cfg }}
sudo_user: "{{ supervisor_user }}"
template: >
src=supervisord.conf.j2 dest={{ supervisor_cfg }}
owner={{ supervisor_user }}
notify: supervisor | restart supervisor
- name: supervisor | create a symlink for supervisortctl
......@@ -78,5 +81,12 @@
dest={{ cfg_dir }}/{{ supervisor_cfg|basename }}
state=link
- name: supervisor | create a symlink for supervisor cfg
file: >
src={{ supervisor_cfg_dir }}
dest={{ cfg_dir }}/supervisor.{{ supervisor_cfg_dir|basename }}
state=link
- name: supervisor | ensure supervisor is started
service: name=supervisor state=started
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment