Updated ecommerce play to use edx_django_service play

- This removes the duplication across the various IDA configurations
- Updated Dockerfile for Docker-based devstack

ECOM-6569

docker/build/ecommerce/Dockerfile

-# docker build -f docker/build/ecommerce/Dockerfile . -t edxops/ecommerce
+# To build this Dockerfile:
+#
+# From the root of configuration:
+#
+# docker build -f docker/build/ecommerce/Dockerfile .
+#
+# This allows the dockerfile to update /edx/app/edx_ansible/edx_ansible
+# with the currently checked-out configuration repo.
+
 FROM edxops/xenial-common:latest
 MAINTAINER edxops
+USER root
+CMD ["/edx/app/supervisor/venvs/supervisor/bin/supervisord", "-n", "--configuration", "/edx/app/supervisor/supervisord.conf"]
 
 ADD . /edx/app/edx_ansible/edx_ansible
-
 WORKDIR /edx/app/edx_ansible/edx_ansible/docker/plays
 
-RUN echo '{ "allow_root": true }' > /root/.bowerrc
-
-RUN apt-get update
-RUN apt install -y xvfb firefox gettext
-
 COPY docker/build/ecommerce/ansible_overrides.yml /
-RUN /edx/app/edx_ansible/venvs/edx_ansible/bin/ansible-playbook ecommerce.yml -i '127.0.0.1,' -c local -t "install:base,install:system-requirements,install:configuration,install:app-requirements,install:code" -e@/ansible_overrides.yml
-COPY docker/build/ecommerce/docker-run.sh /
+COPY docker/build/devstack/ansible_overrides.yml /devstack/ansible_overrides.yml
+
+RUN sudo /edx/app/edx_ansible/venvs/edx_ansible/bin/ansible-playbook ecommerce.yml \
+    -c local -i '127.0.0.1,' \
+    -t 'install,assets,devstack' \
+    --extra-vars="@/ansible_overrides.yml" \
+    --extra-vars="@/devstack/ansible_overrides.yml"
 
-CMD ["/docker-run.sh"]
-EXPOSE 8130
+EXPOSE 18130

docker/build/ecommerce/ansible_overrides.yml

 ---
+COMMON_GIT_PATH: 'edx'
+ECOMMERCE_VERSION: 'master'
 
-DOCKER_TLD: "edx"
-
-ECOMMERCE_DATABASES:
-  # rw user
-  default:
-    ENGINE: 'django.db.backends.mysql'
-    NAME: '{{ ECOMMERCE_DEFAULT_DB_NAME }}'
-    USER: 'ecomm001'
-    PASSWORD: 'password'
-    HOST: 'db.{{ DOCKER_TLD  }}'
-    PORT: '3306'
-    ATOMIC_REQUESTS: true
-    CONN_MAX_AGE: 60
\ No newline at end of file
+COMMON_MYSQL_MIGRATE_USER: '{{ ECOMMERCE_MYSQL_USER }}'
+COMMON_MYSQL_MIGRATE_PASS: '{{ ECOMMERCE_MYSQL_PASSWORD }}'
+
+EDXAPP_LMS_BASE: 'edx.devstack.lms:18000'
+EDXAPP_LMS_ROOT_URL: 'http://{{ EDXAPP_LMS_BASE }}'
+EDXAPP_LMS_PUBLIC_ROOT_URL: 'http://localhost:18000'
+EDXAPP_JWT_AUDIENCE: 'lms-key'
+
+
+ECOMMERCE_DATABASE_HOST: 'edx.devstack.mysql'
+# TODO Determine the correct value of COMPREHENSIVE_THEME_DIRS to enable this. We should be able to replicate
+# production locally. The lack of theming is a big miss.
+ECOMMERCE_ENABLE_COMPREHENSIVE_THEMING: false
+ECOMMERCE_DJANGO_SETTINGS_MODULE: 'ecommerce.settings.devstack'
+ECOMMERCE_GUNICORN_EXTRA: '--reload'
+ECOMMERCE_MEMCACHE: ['edx.devstack.memcached:11211']
+ECOMMERCE_COURSE_CATALOG_URL: 'http://edx.devstack.discovery:18381'
+ECOMMERCE_ECOMMERCE_URL_ROOT: 'http://localhost:18130'
+
+edx_django_service_is_devstack: true

docker/build/ecommerce/docker-run.sh

-#!/bin/bash
-set -e
-
-/usr/sbin/rsyslogd
-/edx/app/supervisor/venvs/supervisor/bin/supervisord --nodaemon --configuration /edx/app/supervisor/supervisord.conf

docker/plays/ecommerce.yml

@@ -6,6 +6,7 @@
     serial_count: 1
   serial: "{{ serial_count }}"
   roles:
-    - common_vars
-    - docker
-    - ecommerce
+    - nginx
+    - role: ecommerce
+      nginx_default_sites:
+        - ecommerce

playbooks/roles/ecommerce/defaults/main.yml

@@ -20,60 +20,33 @@ ECOMMERCE_PIP_EXTRA_ARGS: "-i {{ COMMON_PYPI_MIRROR_URL }}"
 ECOMMERCE_NGINX_PORT: "18130"
 ECOMMERCE_SSL_NGINX_PORT: 48130
 
+ECOMMERCE_MEMCACHE: [ 'memcache' ]
+
 ECOMMERCE_DEFAULT_DB_NAME: 'ecommerce'
 ECOMMERCE_DATABASE_USER: "ecomm001"
 ECOMMERCE_DATABASE_PASSWORD: "password"
 ECOMMERCE_DATABASE_HOST: "localhost"
-ECOMMERCE_DATABASE_PORT: 3306
-ECOMMERCE_MYSQL_OPTIONS:
-  connect_timeout: 10
-
-ECOMMERCE_DATABASES:
-  # rw user
-  default:
-    ENGINE: 'django.db.backends.mysql'
-    NAME: '{{ ECOMMERCE_DEFAULT_DB_NAME }}'
-    USER: '{{ ECOMMERCE_DATABASE_USER }}'
-    PASSWORD: '{{ ECOMMERCE_DATABASE_PASSWORD }}'
-    HOST: '{{ ECOMMERCE_DATABASE_HOST }}'
-    PORT: '{{ ECOMMERCE_DATABASE_PORT }}'
-    OPTIONS: '{{ ECOMMERCE_MYSQL_OPTIONS }}'
-    ATOMIC_REQUESTS: true
-    CONN_MAX_AGE: 60
 
 ECOMMERCE_VERSION: "master"
 ECOMMERCE_DJANGO_SETTINGS_MODULE: "ecommerce.settings.production"
 
-ECOMMERCE_OAUTH_URL_ROOT: '{{ EDXAPP_LMS_ROOT_URL | default("http://127.0.0.1:8000") }}/oauth2'
-ECOMMERCE_OIDC_LOGOUT_URL: '{{ EDXAPP_LMS_ROOT_URL | default("http://127.0.0.1:8000") }}/logout'
-
-ECOMMERCE_SESSION_EXPIRE_AT_BROWSER_CLOSE: false
 ECOMMERCE_SECRET_KEY: 'Your secret key here'
-ECOMMERCE_TIME_ZONE: 'UTC'
 ECOMMERCE_LANGUAGE_CODE: 'en-us'
 ECOMMERCE_EDX_API_KEY: 'PUT_YOUR_API_KEY_HERE'  # This should match the value set for edxapp
 ECOMMERCE_ECOMMERCE_URL_ROOT: 'http://localhost:8002'
 ECOMMERCE_LOGOUT_URL: '{{ ECOMMERCE_ECOMMERCE_URL_ROOT }}/logout/'
 ECOMMERCE_LMS_URL_ROOT: 'http://127.0.0.1:8000'
-ECOMMERCE_JWT_SECRET_KEY: '{{ EDXAPP_JWT_SECRET_KEY | default("lms-secret") }}'
-ECOMMERCE_JWT_ALGORITHM: 'HS256'
-ECOMMERCE_JWT_VERIFY_EXPIRATION: true
-ECOMMERCE_JWT_DECODE_HANDLER: 'ecommerce.extensions.api.handlers.jwt_decode_handler'
-ECOMMERCE_JWT_ISSUERS:
-  - '{{ ECOMMERCE_OAUTH_URL_ROOT }}'
-  - 'ecommerce_worker'  # Must match the value of JWT_ISSUER configured for the ecommerce worker.
-ECOMMERCE_JWT_LEEWAY: 1
-# NOTE: We have an array of keys to allow for support of multiple when, for example,
-# we change keys. This will ensure we continue to operate with JWTs issued signed with the old key
-# while migrating to the new key.
-ECOMMERCE_JWT_SECRET_KEYS:
-  - '{{ ECOMMERCE_JWT_SECRET_KEY }}'
+ECOMMERCE_SESSION_EXPIRE_AT_BROWSER_CLOSE: false
+
+# TODO Restore support for ecomworker's JWT issuer, or move to a single issuer!
 
 # Used to automatically configure OAuth2 Client
 ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_KEY : 'ecommerce-key'
 ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_SECRET : 'ecommerce-secret'
 ECOMMERCE_SOCIAL_AUTH_REDIRECT_IS_HTTPS: false
-ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_ISSUER: '{{ ECOMMERCE_OAUTH_URL_ROOT }}'
+
+# Analytics related
+ECOMMERCE_SEGMENT_KEY: !!null
 
 # Settings for affiliate cookie tracking
 ECOMMERCE_AFFILIATE_COOKIE_NAME: '{{ EDXAPP_AFFILIATE_COOKIE_NAME | default("dev_affiliate_id") }}'
@@ -142,11 +115,6 @@ ECOMMERCE_COURSE_CATALOG_URL: 'http://localhost:8008'
 ECOMMERCE_ENTERPRISE_URL: '{{ ECOMMERCE_LMS_URL_ROOT }}'
 
 ECOMMERCE_SERVICE_CONFIG:
-  SESSION_EXPIRE_AT_BROWSER_CLOSE: '{{ ECOMMERCE_SESSION_EXPIRE_AT_BROWSER_CLOSE }}'
-
-  SECRET_KEY: '{{ ECOMMERCE_SECRET_KEY }}'
-  TIME_ZONE: '{{ ECOMMERCE_TIME_ZONE }}'
-  LANGUAGE_CODE: '{{ ECOMMERCE_LANGUAGE_CODE }}'
   EDX_API_KEY: '{{ ECOMMERCE_EDX_API_KEY }}'
   OSCAR_FROM_EMAIL: '{{ ECOMMERCE_OSCAR_FROM_EMAIL }}'
 
@@ -158,29 +126,11 @@ ECOMMERCE_SERVICE_CONFIG:
   ENROLLMENT_API_URL: '{{ ECOMMERCE_LMS_URL_ROOT }}/api/enrollment/v1/enrollment'
   COMMERCE_API_URL: '{{ ECOMMERCE_LMS_URL_ROOT }}/api/commerce/v1/'
   LMS_DASHBOARD_URL: '{{ ECOMMERCE_LMS_URL_ROOT }}/dashboard'
-  JWT_AUTH:
-    JWT_SECRET_KEY: '{{ ECOMMERCE_JWT_SECRET_KEY }}'
-    JWT_ALGORITHM: '{{ ECOMMERCE_JWT_ALGORITHM }}'
-    JWT_VERIFY_EXPIRATION: '{{ ECOMMERCE_JWT_VERIFY_EXPIRATION }}'
-    JWT_LEEWAY: '{{ ECOMMERCE_JWT_LEEWAY }}'
-    JWT_DECODE_HANDLER: '{{ ECOMMERCE_JWT_DECODE_HANDLER }}'
-    JWT_ISSUERS: '{{ ECOMMERCE_JWT_ISSUERS }}'
-    JWT_SECRET_KEYS: '{{ ECOMMERCE_JWT_SECRET_KEYS }}'
-  SOCIAL_AUTH_EDX_OIDC_KEY: '{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_KEY }}'
-  SOCIAL_AUTH_EDX_OIDC_SECRET: '{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_SECRET }}'
-  SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY: '{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_SECRET }}'
-  SOCIAL_AUTH_EDX_OIDC_URL_ROOT: '{{ ECOMMERCE_OAUTH_URL_ROOT }}'
-  SOCIAL_AUTH_EDX_OIDC_LOGOUT_URL: '{{ ECOMMERCE_OIDC_LOGOUT_URL }}'
-  SOCIAL_AUTH_REDIRECT_IS_HTTPS: '{{ ECOMMERCE_SOCIAL_AUTH_REDIRECT_IS_HTTPS }}'
-  SOCIAL_AUTH_EDX_OIDC_ISSUER: '{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_ISSUER }}'
-  AFFILIATE_COOKIE_KEY: '{{ ECOMMERCE_AFFILIATE_COOKIE_NAME }}'
 
-  STATIC_ROOT: "{{ COMMON_DATA_DIR }}/{{ ecommerce_service_name }}/staticfiles"
-  # db config
-  DATABASES: '{{ ECOMMERCE_DATABASES }}'
+  SEGMENT_KEY: '{{ ECOMMERCE_SEGMENT_KEY }}'
+  AFFILIATE_COOKIE_KEY: '{{ ECOMMERCE_AFFILIATE_COOKIE_NAME }}'
 
   PAYMENT_PROCESSOR_CONFIG: '{{ ECOMMERCE_PAYMENT_PROCESSOR_CONFIG }}'
-  OAUTH2_PROVIDER_URL: '{{ ECOMMERCE_LMS_URL_ROOT }}/oauth2'
 
   PLATFORM_NAME: '{{ ECOMMERCE_PLATFORM_NAME }}'
   THEME_SCSS: '{{ ECOMMERCE_THEME_SCSS }}'
@@ -221,11 +171,8 @@ ecommerce_nodeenv_dir: "{{ ecommerce_home }}/nodeenvs/{{ ecommerce_service_name
 ecommerce_nodeenv_bin: "{{ ecommerce_nodeenv_dir }}/bin"
 ecommerce_node_modules_dir: "{{ ecommerce_code_dir }}/node_modules"
 ecommerce_node_bin: "{{ ecommerce_node_modules_dir }}/.bin"
-ecommerce_node_version: "{{ common_node_version }}"
 
-ecommerce_gunicorn_host: "127.0.0.1"
 ecommerce_gunicorn_port: "8130"
-ecommerce_gunicorn_timeout: "300"
 
 ecommerce_log_dir: "{{ COMMON_LOG_DIR }}/{{ ecommerce_service_name }}"
 
@@ -235,9 +182,7 @@ ecommerce_requirements:
   - optional.txt
 
 ecommerce_environment:
-  DJANGO_SETTINGS_MODULE: "{{ ECOMMERCE_DJANGO_SETTINGS_MODULE }}"
   ECOMMERCE_CFG: "{{ COMMON_CFG_DIR }}/{{ ecommerce_service_name }}.yml"
-  PATH: "{{ ecommerce_nodeenv_bin }}:{{ ecommerce_venv_dir }}/bin:{{ ansible_env.PATH }}"
 
 #
 # OS packages

playbooks/roles/ecommerce/meta/main.yml

@@ -9,22 +9,35 @@
 #
 ##
 # Role includes for role ecommerce
-# 
+#
 dependencies:
-  - common
-  - supervisor
-  - role: edx_service
-    edx_service_name: "{{ ecommerce_service_name }}"
-    edx_service_config: "{{ ECOMMERCE_SERVICE_CONFIG }}"
-    edx_service_repos: "{{ ECOMMERCE_REPOS }}"
-    edx_service_user: "{{ ecommerce_user }}"
-    edx_service_home: "{{ ecommerce_home }}"
-    edx_service_packages:
-      debian: "{{ ecommerce_debian_pkgs }}"
-      redhat: "{{ ecommerce_redhat_pkgs }}"
+  - role: edx_django_service
+    edx_django_service_version: "{{ ECOMMERCE_VERSION }}"
+    edx_django_service_name: "{{ ecommerce_service_name }}"
+    edx_django_service_config_overrides: "{{ ECOMMERCE_SERVICE_CONFIG }}"
+    edx_django_service_debian_pkgs_extra: "{{ ecommerce_debian_pkgs }}"
+    edx_django_service_gunicorn_port: "{{ ecommerce_gunicorn_port }}"
+    edx_django_service_django_settings_module: "{{ ECOMMERCE_DJANGO_SETTINGS_MODULE }}"
+    edx_django_service_environment_extra: "{{ ecommerce_environment }}"
+    edx_django_service_gunicorn_extra: "{{ ECOMMERCE_GUNICORN_EXTRA }}"
+    edx_django_service_nginx_port: "{{ ECOMMERCE_NGINX_PORT }}"
+    edx_django_service_ssl_nginx_port: "{{ ECOMMERCE_SSL_NGINX_PORT }}"
+    edx_django_service_use_python3: false
+    edx_django_service_language_code: '{{ ECOMMERCE_LANGUAGE_CODE }}'
+    edx_django_service_secret_key: '{{ ECOMMERCE_SECRET_KEY }}'
+#    edx_django_service_staticfiles_storage: '{{ ECOMMERCE_STATICFILES_STORAGE }}'
+#    edx_django_service_media_storage_backend: '{{ ECOMMERCE_MEDIA_STORAGE_BACKEND }}'
+    edx_django_service_memcache: '{{ ECOMMERCE_MEMCACHE }}'
+    edx_django_service_default_db_host: '{{ ECOMMERCE_DATABASE_HOST }}'
+    edx_django_service_default_db_name: '{{ ECOMMERCE_DEFAULT_DB_NAME }}'
+    edx_django_service_default_db_atomic_requests: true
+    edx_django_service_db_user: '{{ ECOMMERCE_DATABASE_USER }}'
+    edx_django_service_db_password: '{{ ECOMMERCE_DATABASE_PASSWORD }}'
+    edx_django_service_social_auth_edx_oidc_key: '{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_KEY }}'
+    edx_django_service_social_auth_edx_oidc_secret: '{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_SECRET }}'
+    edx_django_service_social_auth_redirect_is_https: '{{ ECOMMERCE_SOCIAL_AUTH_REDIRECT_IS_HTTPS }}'
+    edx_django_service_session_expire_at_browser_close: '{{ ECOMMERCE_SESSION_EXPIRE_AT_BROWSER_CLOSE }}'
   - role: edx_themes
     theme_users:
       - "{{ ecommerce_user }}"
     when: "{{ ECOMMERCE_ENABLE_COMPREHENSIVE_THEMING }}"
-
-  - oraclejdk

playbooks/roles/ecommerce/tasks/main.yml

@@ -20,86 +20,6 @@
 # Example play:
 #
 #
-- name: Add gunicorn configuration file
-  template:
-    src: "edx/app/ecommerce/ecommerce_gunicorn.py.j2"
-    dest: "{{ ecommerce_home }}/ecommerce_gunicorn.py"
-  become_user: "{{ ecommerce_user }}"
-  tags:
-      - install
-      - install:configuration
-
-- name: Install application requirements
-  pip:
-    requirements: "{{ ecommerce_requirements_base }}/{{ item }}"
-    virtualenv: "{{ ecommerce_venv_dir }}"
-    state: present
-  become_user: "{{ ecommerce_user }}"
-  with_items: "{{ ecommerce_requirements }}"
-  tags:
-    - install
-    - install:app-requirements
-
-- name: Create nodeenv
-  shell: "{{ ecommerce_venv_dir }}/bin/nodeenv {{ ecommerce_nodeenv_dir }} --node={{ ecommerce_node_version }} --prebuilt --force"
-  become_user: "{{ ecommerce_user }}"
-  tags:
-    - install
-    - install:system-requirements
-
-- name: Install node dependencies
-  npm:
-    executable: "{{ ecommerce_nodeenv_bin }}/npm"
-    path: "{{ ecommerce_code_dir }}"
-    production: yes
-    state: latest
-  become_user: "{{ ecommerce_user }}"
-  environment: "{{ ecommerce_environment }}"
-  tags:
-    - install
-    - install:app-requirements
-
-- name: Install bower dependencies
-  shell: ". {{ ecommerce_nodeenv_bin }}/activate && {{ ecommerce_node_bin }}/bower install --production --config.interactive=false"
-  args:
-    chdir: "{{ ecommerce_code_dir }}"
-  become_user: "{{ ecommerce_user }}"
-  tags:
-    - install
-    - install:app-requirements
-
-# This is a hacked fix for the fact that the table `thumbnail_kvstore` exists in
-# some environments, which won't need the 3rd party newly introduced migration
-# to create this table, so we fake the migration.
-# This is required for the Ginkgo release.
-# TODO: Delete this task for the Hawthorn release.
-- name: fake thumbnails
-  shell: >
-    table_exists=`mysql -uroot -ss -e "SELECT EXISTS(SELECT * FROM information_schema.tables WHERE table_schema = '{{ ECOMMERCE_DEFAULT_DB_NAME }}' AND table_name = 'thumbnail_kvstore')"`;
-    if [ "$table_exists" -eq "1" ]; then {{ ecommerce_venv_dir }}/bin/python ./manage.py migrate thumbnail 0001 --fake; fi;
-  args:
-    chdir: "{{ ecommerce_code_dir }}"
-  become_user: "{{ ecommerce_user }}"
-  environment: "{{ ecommerce_environment }}"
-  when: migrate_db is defined and migrate_db|lower == "yes"
-  tags:
-    - migrate
-    - migrate:db
-
-- name: Migrate
-  shell: >
-    DB_MIGRATION_USER='{{ COMMON_MYSQL_MIGRATE_USER }}'
-    DB_MIGRATION_PASS='{{ COMMON_MYSQL_MIGRATE_PASS }}'
-    {{ ecommerce_venv_dir }}/bin/python ./manage.py migrate --noinput
-  args:
-    chdir: "{{ ecommerce_code_dir }}"
-  become_user: "{{ ecommerce_user }}"
-  environment: "{{ ecommerce_environment }}"
-  when: migrate_db is defined and migrate_db|lower == "yes"
-  tags:
-    - migrate
-    - migrate:db
-
 - name: Populate countries
   shell: "DB_MIGRATION_USER={{ COMMON_MYSQL_MIGRATE_USER }} DB_MIGRATION_PASS={{ COMMON_MYSQL_MIGRATE_PASS }} {{ ecommerce_venv_dir }}/bin/python ./manage.py oscar_populate_countries --initial-only"
   args:
@@ -110,127 +30,3 @@
   tags:
     - migrate
     - migrate:db
-
-- name: compile sass
-  shell: "{{ ecommerce_venv_dir }}/bin/python manage.py {{ item }}"
-  args:
-    chdir: "{{ ecommerce_code_dir }}"
-  become_user: "{{ ecommerce_user }}"
-  environment: "{{ ecommerce_environment }}"
-  with_items:
-    - "update_assets --skip-collect"
-  when: not devstack
-  tags:
-    - assets
-    - assets:gather
-
-- name: Run r.js optimizer
-  shell: ". {{ ecommerce_nodeenv_bin }}/activate && {{ ecommerce_node_bin }}/r.js -o build.js"
-  args:
-    chdir: "{{ ecommerce_code_dir }}"
-  become_user: "{{ ecommerce_user }}"
-  when: not devstack
-  tags:
-    - assets
-    - assets:gather
-
-- name: Run collectstatic
-  shell: "{{ ecommerce_venv_dir }}/bin/python manage.py {{ item }}"
-  args:
-    chdir: "{{ ecommerce_code_dir }}"
-  become_user: "{{ ecommerce_user }}"
-  environment: "{{ ecommerce_environment }}"
-  with_items:
-    - "collectstatic --noinput"
-    - "compress"
-  when: not devstack
-  tags:
-    - assets
-    - assets:gather
-
-- name: Write out the supervisor wrapper
-  template:
-    src: "edx/app/ecommerce/ecommerce.sh.j2"
-    dest: "{{ ecommerce_home }}/{{ ecommerce_service_name }}.sh"
-    mode: "0650"
-    owner: "{{ supervisor_user }}"
-    group: "{{ common_web_user }}"
-  tags:
-    - install
-    - install:configuration
-
-- name: Write supervisord config
-  template:
-    src: "edx/app/supervisor/conf.d.available/ecommerce.conf.j2"
-    dest: "{{ supervisor_available_dir }}/{{ ecommerce_service_name }}.conf"
-    owner: "{{ supervisor_user }}"
-    group: "{{ common_web_user }}"
-    mode: "0644"
-  tags:
-    - install
-    - install:configuration
-
-- name: Setup the ecommence env file
-  template:
-    src: "./{{ ecommerce_home }}/{{ ecommerce_service_name }}_env.j2"
-    dest: "{{ ecommerce_home }}/ecommerce_env"
-    owner: "{{ ecommerce_user }}"
-    group: "{{ ecommerce_user }}"
-    mode: "0644"
-  tags:
-    - install
-    - install:configuration
-
-- name: Enable supervisor script
-  file:
-    src: "{{ supervisor_available_dir }}/{{ ecommerce_service_name }}.conf"
-    dest: "{{ supervisor_cfg_dir }}/{{ ecommerce_service_name }}.conf"
-    state: link
-    force: yes
-  when: not disable_edx_services
-  tags:
-    - install
-    - install:configuration
-
-- name: Update supervisor configuration
-  shell: "{{ supervisor_ctl }} -c {{ supervisor_cfg }} update"
-  when: not disable_edx_services
-  tags:
-    - manage
-    - manage:start
-
-- name: Create symlinks from the-er venv bin dir
-  file:
-    src: "{{ ecommerce_venv_dir }}/bin/{{ item }}"
-    dest: "{{ COMMON_BIN_DIR }}/{{ item.split('.', 1) | first }}.ecommerce"
-    state: link
-  with_items:
-    - python
-    - pip
-    - django-admin.py
-  tags:
-    - install
-    - install:app-requirements
-
-- name: Create symlinks from the repo dir
-  file:
-    src: "{{ ecommerce_code_dir }}/{{ item }}"
-    dest: "{{ COMMON_BIN_DIR }}/{{ item.split('.', 1) | first }}.ecommerce"
-    state: link
-  with_items:
-    - manage.py
-  tags:
-    - install
-    - install:app-requirements
-
-- name: Restart the applicaton
-  supervisorctl:
-    name: "{{ ecommerce_service_name }}"
-    state: restarted
-    supervisorctl_path: "{{ supervisor_ctl }}"
-    config: "{{ supervisor_cfg }}"
-  when: not disable_edx_services
-  become_user: "{{ supervisor_service_user }}"
-  tags:
-    - manage
-    - manage:start

playbooks/roles/ecommerce/templates/edx/app/ecommerce/ecommerce.sh.j2

-#!/usr/bin/env bash
-
-# {{ ansible_managed }}
-
-{% set ecommerce_venv_bin = ecommerce_home + "/venvs/" + ecommerce_service_name + "/bin" %}
-{% if COMMON_ENABLE_NEWRELIC_APP %}
-{% set executable = ecommerce_venv_bin + '/newrelic-admin run-program ' + ecommerce_venv_bin + '/gunicorn' %}
-{% else %}
-{% set executable = ecommerce_venv_bin + '/gunicorn' %}
-{% endif %}
-
-{% if COMMON_ENABLE_NEWRELIC_APP %}
-export NEW_RELIC_APP_NAME="{{ ECOMMERCE_NEWRELIC_APPNAME }}"
-export NEW_RELIC_LICENSE_KEY="{{ NEWRELIC_LICENSE_KEY }}"
-{% endif -%}
-
-source {{ ecommerce_home }}/ecommerce_env
-{{ executable }} -c {{ ecommerce_home }}/ecommerce_gunicorn.py {{ ECOMMERCE_GUNICORN_EXTRA }} ecommerce.wsgi:application

playbooks/roles/ecommerce/templates/edx/app/ecommerce/ecommerce_env.j2

-# {{ ansible_managed }}
-
-{% for name,value in ecommerce_environment.items() -%}
-{%- if value -%}
-export {{ name }}="{{ value }}"
-{% endif %}
-{%- endfor %}

playbooks/roles/ecommerce/templates/edx/app/ecommerce/ecommerce_gunicorn.py.j2

-"""
-gunicorn configuration file: http://docs.gunicorn.org/en/develop/configure.html
-{{ ansible_managed }}
-"""
-
-timeout = {{ ecommerce_gunicorn_timeout }}
-bind = "{{ ecommerce_gunicorn_host }}:{{ ecommerce_gunicorn_port }}"
-pythonpath = "{{ ecommerce_code_dir }}"
-workers = {{ ECOMMERCE_GUNICORN_WORKERS }}
-worker_class = "{{ ECOMMERCE_GUNICORN_WORKER_CLASS }}"
-
-{% if ECOMMERCE_GUNICORN_MAX_REQUESTS %}
-max_requests = {{ ECOMMERCE_GUNICORN_MAX_REQUESTS }}
-{% endif %}
-
-{{ ECOMMERCE_GUNICORN_EXTRA_CONF }}

playbooks/roles/ecommerce/templates/edx/app/supervisor/conf.d.available/ecommerce.conf.j2

-#
-# {{ ansible_managed }}
-# 
-[program:{{ ecommerce_service_name }}]
-
-command={{ ecommerce_home }}/{{ ecommerce_service_name }}.sh
-user={{ common_web_user }}
-directory={{ ecommerce_code_dir }}
-stdout_logfile={{ supervisor_log_dir }}/%(program_name)s-stdout.log
-stderr_logfile={{ supervisor_log_dir }}/%(program_name)s-stderr.log
-killasgroup=true
-stopasgroup=true

playbooks/roles/nginx/templates/edx/app/nginx/sites-available/ecommerce.j2

-#
-# {{ ansible_managed }}
-#
-
-
-{% if "ecommerce" in nginx_default_sites %}
-  {% set default_site = "default_server" %}
-{% else %}
-  {% set default_site = "" %}
-{% endif %}
-
-upstream ecommerce_app_server {
-{% for host in nginx_ecommerce_gunicorn_hosts %}
-    server {{ host }}:{{ ecommerce_gunicorn_port }} fail_timeout=0;
-{% endfor %}
-}
-
-server {
-  server_name {{ ECOMMERCE_HOSTNAME }};
-
-  listen {{ ECOMMERCE_NGINX_PORT }} {{ default_site }};
-
-  {% if NGINX_ENABLE_SSL %}
-
-  listen {{ ECOMMERCE_SSL_NGINX_PORT }} ssl;
-
-  {% include "common-settings.j2" %}
-
-  ssl_certificate /etc/ssl/certs/{{ NGINX_SSL_CERTIFICATE|basename }};
-  ssl_certificate_key /etc/ssl/private/{{ NGINX_SSL_KEY|basename }};
-  # request the browser to use SSL for all connections
-  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
-  {% endif %}
-
-  # Prevent invalid display courseware in IE 10+ with high privacy settings
-  add_header P3P '{{ NGINX_P3P_MESSAGE }}';
-
-  # Nginx does not support nested condition or or conditions so
-  # there is an unfortunate mix of conditonals here.
-  {% if NGINX_REDIRECT_TO_HTTPS %}
-     {% if NGINX_HTTPS_REDIRECT_STRATEGY == "scheme" %}
-  # Redirect http to https over single instance
-  if ($scheme != "https") 
-  { 
-   set $do_redirect_to_https "true";
-  }
-
-     {% elif NGINX_HTTPS_REDIRECT_STRATEGY == "forward_for_proto" %}
-  # Forward to HTTPS if we're an HTTP request... and the server is behind ELB 
-  if ($http_x_forwarded_proto = "http") 
-  {
-   set $do_redirect_to_https "true";
-  }
-     {% endif %}
-  # Execute the actual redirect
-  if ($do_redirect_to_https = "true")
-  {
-  return 301 https://$host$request_uri;
-  }
-  {% endif %}
-
-  location ~ ^/static/(?P<file>.*) {
-    root {{ COMMON_DATA_DIR }}/{{ ecommerce_service_name }};
-    try_files /staticfiles/$file =404;
-  }
-
-  location / {
-    {% if ECOMMERCE_ENABLE_BASIC_AUTH|bool %}
-      {% include "basic-auth.j2" %}
-    {% endif %}
-    try_files $uri @proxy_to_app;
-  }
-
-  # The API should be secured with OAuth 2.0 or or JWT.
-  location /api {
-    try_files $uri @proxy_to_app;
-  }
-
-  # Allow access to this API for POST back from payment processors.
-  location /payment {
-    try_files $uri @proxy_to_app;
-  }
-
-  {% include "robots.j2" %}
-
-location @proxy_to_app {
-    {% if NGINX_SET_X_FORWARDED_HEADERS %}
-    proxy_set_header X-Forwarded-Proto $scheme;
-    proxy_set_header X-Forwarded-Port $server_port;
-    proxy_set_header X-Forwarded-For $remote_addr;
-    {% else %}
-    proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
-    proxy_set_header X-Forwarded-Port $http_x_forwarded_port;
-    proxy_set_header X-Forwarded-For $http_x_forwarded_for;
-    {% endif %}
-
-    # newrelic-specific header records the time when nginx handles a request.
-    proxy_set_header X-Queue-Start "t=${msec}";
-
-    proxy_set_header Host $http_host;
-
-    proxy_redirect off;
-    proxy_pass http://ecommerce_app_server;
-  }
-
-}
-