Skip to content

C
configuration
Commit 5417daac by Clinton Blackburn
Options

Added common play for Django-based IDAs 

LEARNER-812
parent 9d27b4db
Showing with 654 additions and 0 deletions
playbooks/roles/edx_django_service/defaults/main.yml 0 → 100644
---
edx_django_service_name: ' NOT-SET '
edx_django_service_repo: '{{ edx_django_service_name }}'
edx_django_service_home: '{{ COMMON_APP_DIR }}/{{ edx_django_service_name }}'
edx_django_service_user: '{{ edx_django_service_name }}'
edx_django_service_use_python3: true
# This should be overwritten at the time Ansible is run.
edx_django_service_is_devstack: false
edx_django_service_has_static_assets: true
edx_django_service_wsgi_name: '{{ edx_django_service_name }}'
edx_django_service_name_devstack_logs:
- '{{ supervisor_log_dir }}/{{ edx_django_service_name }}-stdout.log'
- '{{ supervisor_log_dir }}/{{ edx_django_service_name }}-stderr.log'
edx_django_service_version: 'master'
edx_django_service_git_identity: null
edx_django_service_django_settings_module: null
edx_django_service_code_dir: '{{ edx_django_service_home }}/{{ edx_django_service_name }}'
edx_django_service_venv_dir: '{{ edx_django_service_home }}/venvs/{{ edx_django_service_name }}'
edx_django_service_venv_bin_dir: '{{ edx_django_service_venv_dir }}/bin'
edx_django_service_nodeenv_dir: '{{ edx_django_service_home }}/nodeenvs/{{ edx_django_service_name }}'
edx_django_service_nodeenv_bin: '{{ edx_django_service_nodeenv_dir }}/bin'
edx_django_service_node_modules_dir: '{{ edx_django_service_code_dir }}/node_modules'
edx_django_service_node_bin: '{{ edx_django_service_node_modules_dir }}/.bin'
edx_django_service_node_version: '{{ common_node_version }}'
edx_django_service_environment_default:
DJANGO_SETTINGS_MODULE: '{{ edx_django_service_django_settings_module }}'
PATH: '{{ edx_django_service_nodeenv_bin }}:{{ edx_django_service_venv_dir }}/bin:{{ ansible_env.PATH }}'
edx_django_service_environment_extra: {}
edx_django_service_environment: '{{ edx_django_service_environment_default | combine(edx_django_service_environment_extra) }}'
edx_django_service_migration_environment_default:
DB_MIGRATION_USER: '{{ COMMON_MYSQL_MIGRATE_USER }}'
DB_MIGRATION_PASS: '{{ COMMON_MYSQL_MIGRATE_PASS }}'
edx_django_service_migration_environment: '{{ edx_django_service_environment|combine(edx_django_service_migration_environment_default) }}'
edx_django_service_debian_pkgs_default:
- gettext
- libffi-dev # Needed to install the Python cryptography library for asymmetric JWT signing
- libmemcached-dev
- libmysqlclient-dev
- libssl-dev
edx_django_service_debian_pkgs_extra: []
edx_django_service_debian_pkgs: '{{ edx_django_service_debian_pkgs_default + edx_django_service_debian_pkgs_extra }}'
edx_django_service_gunicorn_extra: ''
edx_django_service_gunicorn_extra_conf: ''
edx_django_service_gunicorn_host: '127.0.0.1'
edx_django_service_gunicorn_port: null
edx_django_service_gunicorn_timeout: 300
edx_django_service_gunicorn_workers: 2
edx_django_service_gunicorn_worker_class: 'gevent'
edx_django_service_cors_whitelist: []
nginx_edx_django_service_gunicorn_hosts:
- 127.0.0.1
edx_django_service_hostname: '~^((stage|prod)-)?{{ edx_django_service_name }}.*'
edx_django_service_nginx_port: '1{{ edx_django_service_gunicorn_port }}'
edx_django_service_ssl_nginx_port: '4{{ edx_django_service_gunicorn_port }}'
edx_django_service_enable_basic_auth: false
edx_django_service_basic_auth_exempted_paths_default:
- api
edx_django_service_basic_auth_exempted_paths_extra: []
edx_django_service_basic_auth_exempted_paths: '{{ edx_django_service_basic_auth_exempted_paths_default + edx_django_service_basic_auth_exempted_paths_extra }}'
edx_django_service_newrelic_appname: '{{ COMMON_ENVIRONMENT }}-{{ COMMON_DEPLOYMENT }}-{{ edx_django_service_name }}'
edx_django_service_repos:
- PROTOCOL: '{{ COMMON_GIT_PROTOCOL }}'
DOMAIN: '{{ COMMON_GIT_MIRROR }}'
PATH: '{{ COMMON_GIT_PATH }}'
REPO: '{{ edx_django_service_repo }}.git'
VERSION: '{{ edx_django_service_version }}'
DESTINATION: '{{ edx_django_service_code_dir }}'
SSH_KEY: '{{ edx_django_service_git_identity }}'
edx_django_service_secret_key: null
edx_django_service_language_code: 'en-us'
edx_django_service_data_dir: '{{ COMMON_DATA_DIR }}/{{ edx_django_service_name }}'
edx_django_service_media_root: '{{ edx_django_service_data_dir }}/media'
edx_django_service_media_url: '/media/'
edx_django_service_static_root: '{{ COMMON_DATA_DIR }}/{{ edx_django_service_name }}/staticfiles'
edx_django_service_staticfiles_storage: 'django.contrib.staticfiles.storage.StaticFilesStorage'
edx_django_service_media_storage_backend:
DEFAULT_FILE_STORAGE: 'django.core.files.storage.FileSystemStorage'
MEDIA_ROOT: '{{ edx_django_service_media_root }}'
MEDIA_URL: '{{ edx_django_service_media_url }}'
edx_django_service_memcache: [ 'memcache' ]
edx_django_service_caches:
default:
BACKEND: 'django.core.cache.backends.memcached.MemcachedCache'
KEY_PREFIX: '{{ edx_django_service_name }}'
LOCATION: '{{ edx_django_service_memcache }}'
edx_django_service_default_db_host: 'localhost'
edx_django_service_default_db_name: '{{ edx_django_service_name }}'
edx_django_service_default_db_atomic_requests: false
edx_django_service_db_user: 'REPLACE-ME'
edx_django_service_db_password: 'password'
edx_django_service_databases:
default:
ENGINE: 'django.db.backends.mysql'
NAME: '{{ edx_django_service_default_db_name }}'
USER: '{{ edx_django_service_db_user }}'
PASSWORD: '{{ edx_django_service_db_password }}'
HOST: '{{ edx_django_service_default_db_host }}'
PORT: '3306'
ATOMIC_REQUESTS: '{{ edx_django_service_default_db_atomic_requests }}'
CONN_MAX_AGE: 60
edx_django_service_social_auth_edx_oidc_key: '{{ edx_django_service_name }}-key'
edx_django_service_social_auth_edx_oidc_secret: '{{ edx_django_service_name }}-secret'
edx_django_service_social_auth_redirect_is_https: false
edx_django_service_oauth_public_url_root: '{{ EDXAPP_LMS_PUBLIC_ROOT_URL | default("http://127.0.0.1:8000") }}/oauth2'
edx_django_service_oauth_url_root: '{{ EDXAPP_LMS_ROOT_URL | default("http://127.0.0.1:8000") }}/oauth2'
edx_django_service_oidc_logout_url: '{{ EDXAPP_LMS_PUBLIC_ROOT_URL | default("http://127.0.0.1:8000") }}/logout'
edx_django_service_oidc_issuer: '{{ edx_django_service_oauth_url_root }}'
edx_django_service_jwt_audience: '{{ EDXAPP_JWT_AUDIENCE | default("SET-ME-PLEASE") }}'
edx_django_service_jwt_issuer: '{{ edx_django_service_oauth_url_root }}'
edx_django_service_jwt_secret_key: '{{ EDXAPP_JWT_SECRET_KEY | default("lms-secret") }}'
edx_django_service_session_expire_at_browser_close: false
edx_django_service_jwt_auth:
JWT_ISSUERS:
- AUDIENCE: '{{ edx_django_service_jwt_audience }}'
ISSUER: '{{ edx_django_service_jwt_issuer }}'
SECRET_KEY: '{{ edx_django_service_jwt_secret_key }}'
edx_django_service_extra_apps: []
edx_django_service_config_default:
LANGUAGE_CODE: '{{ edx_django_service_language_code }}'
SECRET_KEY: '{{ edx_django_service_secret_key }}'
TIME_ZONE: 'UTC'
STATIC_ROOT: '{{ edx_django_service_static_root }}'
MEDIA_STORAGE_BACKEND: '{{ edx_django_service_media_storage_backend }}'
STATICFILES_STORAGE: '{{ edx_django_service_staticfiles_storage }}'
CACHES: '{{ edx_django_service_caches }}'
DATABASES: '{{ edx_django_service_databases }}'
SOCIAL_AUTH_EDX_OIDC_KEY: '{{ edx_django_service_social_auth_edx_oidc_key }}'
SOCIAL_AUTH_EDX_OIDC_SECRET: '{{ edx_django_service_social_auth_edx_oidc_secret }}'
SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY: '{{ edx_django_service_social_auth_edx_oidc_secret }}'
SOCIAL_AUTH_EDX_OIDC_URL_ROOT: '{{ edx_django_service_oauth_url_root }}'
SOCIAL_AUTH_EDX_OIDC_PUBLIC_URL_ROOT: '{{ edx_django_service_oauth_public_url_root }}'
SOCIAL_AUTH_REDIRECT_IS_HTTPS: '{{ edx_django_service_social_auth_redirect_is_https }}'
SOCIAL_AUTH_EDX_OIDC_LOGOUT_URL: '{{ edx_django_service_oidc_logout_url }}'
SOCIAL_AUTH_EDX_OIDC_ISSUER: '{{ edx_django_service_oidc_issuer }}'
JWT_AUTH: '{{ edx_django_service_jwt_auth }}'
EXTRA_APPS: '{{ edx_django_service_extra_apps }}'
EDX_DRF_EXTENSIONS:
OAUTH2_USER_INFO_URL: '{{ edx_django_service_oauth_url_root }}/user_info'
SESSION_EXPIRE_AT_BROWSER_CLOSE: '{{ edx_django_service_session_expire_at_browser_close }}'
# NOTE: This should be overridden by inheriting service-specific role.
edx_django_service_config_overrides: {}
edx_django_service_config: '{{ edx_django_service_config_default|combine(edx_django_service_config_overrides) }}'
playbooks/roles/edx_django_service/meta/main.yml 0 → 100644
---
dependencies:
- common
- supervisor
- role: edx_service
edx_service_name: "{{ edx_django_service_name }}"
edx_service_config: "{{ edx_django_service_config }}"
edx_service_repos: "{{ edx_django_service_repos }}"
edx_service_user: "{{ edx_django_service_user }}"
edx_service_home: "{{ edx_django_service_home }}"
edx_service_packages:
debian: "{{ edx_django_service_debian_pkgs }}"
redhat: []
playbooks/roles/edx_django_service/tasks/main.yml 0 → 100644
---
#
# edX Configuration
#
# github: https://github.com/edx/configuration
# wiki: https://openedx.atlassian.net/wiki/display/OpenOPS
# code style: https://openedx.atlassian.net/wiki/display/OpenOPS/Ansible+Code+Conventions
# license: https://github.com/edx/configuration/blob/master/LICENSE.TXT
#
#
#
# Tasks for role edx_django_service
#
# Overview:
# For devstack set edx_django_service_is_devstack to true.
#
# Dependencies:
#
#
# Example play:
#
#
- name: add gunicorn configuration file
template:
src: "edx/app/app/app_gunicorn.py.j2"
dest: "{{ edx_django_service_home }}/{{ edx_django_service_name }}_gunicorn.py"
become_user: "{{ edx_django_service_user }}"
tags:
- install
- install:configuration
- name: install python3
apt:
name: "{{ item }}"
when: edx_django_service_use_python3
with_items:
- python3-pip
- python3-dev
tags:
- install
- install:system-requirements
- name: build virtualenv with python3
command: "virtualenv --python=python3 {{ edx_django_service_venv_dir }}"
args:
creates: "{{ edx_django_service_venv_dir }}/bin/pip"
become_user: "{{ edx_django_service_user }}"
when: edx_django_service_use_python3
tags:
- install
- install:system-requirements
- name: build virtualenv with python2.7
command: "virtualenv --python=python2.7 {{ edx_django_service_venv_dir }}"
args:
creates: "{{ edx_django_service_venv_dir }}/bin/pip"
become_user: "{{ edx_django_service_user }}"
when: not edx_django_service_use_python3
tags:
- install
- install:system-requirements
# NOTE (CCB): Ideally we should use the pip Ansible command,
# but that doesn't seem to work with the Python 3.x virtualenv.
- name: install nodenv
command: pip install nodeenv
become_user: "{{ edx_django_service_user }}"
environment: "{{ edx_django_service_environment }}"
tags:
- install
- install:system-requirements
- name: create nodeenv
command: "nodeenv {{ edx_django_service_nodeenv_dir }} --node={{ edx_django_service_node_version }} --prebuilt"
args:
creates: "{{ edx_django_service_nodeenv_dir }}"
become_user: "{{ edx_django_service_user }}"
environment: "{{ edx_django_service_environment }}"
tags:
- install
- install:system-requirements
- name: install production requirements
command: make production-requirements
args:
chdir: "{{ edx_django_service_code_dir }}"
become_user: "{{ edx_django_service_user }}"
environment: "{{ edx_django_service_environment }}"
tags:
- install
- install:app-requirements
- name: install development requirements
command: make requirements
args:
chdir: "{{ edx_django_service_code_dir }}"
become_user: "{{ edx_django_service_user }}"
environment: "{{ edx_django_service_environment }}"
when: edx_django_service_is_devstack is defined and edx_django_service_is_devstack
tags:
- install
- install:app-requirements
- devstack
- devstack:install
- name: migrate database
command: make migrate
args:
chdir: "{{ edx_django_service_code_dir }}"
become_user: "{{ edx_django_service_user }}"
environment: "{{ edx_django_service_migration_environment }}"
when: migrate_db is defined and migrate_db|lower == "yes"
tags:
- migrate
- migrate:db
- name: write out the supervisor wrapper
template:
src: "edx/app/app/app.sh.j2"
dest: "{{ edx_django_service_home }}/{{ edx_django_service_name }}.sh"
mode: 0650
owner: "{{ supervisor_user }}"
group: "{{ common_web_user }}"
tags:
- install
- install:configuration
- name: write supervisord config
template:
src: "edx/app/supervisor/conf.d.available/app.conf.j2"
dest: "{{ supervisor_available_dir }}/{{ edx_django_service_name }}.conf"
owner: "{{ supervisor_user }}"
group: "{{ common_web_user }}"
mode: 0644
tags:
- install
- install:configuration
- name: write devstack script
template:
src: "edx/app/app/devstack.sh.j2"
dest: "{{ edx_django_service_home }}/devstack.sh"
owner: "{{ supervisor_user }}"
group: "{{ common_web_user }}"
mode: 0744
when: edx_django_service_is_devstack is defined and edx_django_service_is_devstack
tags:
- devstack
- devstack:install
- name: setup the app env file
template:
src: "edx/app/app/app_env.j2"
dest: "{{ edx_django_service_home }}/{{ edx_django_service_name }}_env"
owner: "{{ edx_django_service_user }}"
group: "{{ edx_django_service_user }}"
mode: 0644
tags:
- install
- install:configuration
- name: enable supervisor script
file:
src: "{{ supervisor_available_dir }}/{{ edx_django_service_name }}.conf"
dest: "{{ supervisor_cfg_dir }}/{{ edx_django_service_name }}.conf"
state: link
force: yes
when: not disable_edx_services
tags:
- install
- install:configuration
- name: update supervisor configuration
command: "{{ supervisor_ctl }} -c {{ supervisor_cfg }} update"
when: not disable_edx_services
tags:
- manage
- manage:start
- name: create symlinks from the venv bin dir
file:
src: "{{ edx_django_service_venv_dir }}/bin/{{ item }}"
dest: "{{ COMMON_BIN_DIR }}/{{ item.split('.')[0] }}.{{ edx_django_service_name }}"
state: link
with_items:
- python
- pip
- django-admin.py
tags:
- install
- install:app-requirements
- name: create symlinks from the repo dir
file:
src: "{{ edx_django_service_code_dir }}/{{ item }}"
dest: "{{ COMMON_BIN_DIR }}/{{ item.split('.')[0] }}.{{ edx_django_service_name }}"
state: link
with_items:
- manage.py
tags:
- install
- install:app-requirements
- name: compile static assets
command: make static
args:
chdir: "{{ edx_django_service_code_dir }}"
become_user: "{{ edx_django_service_user }}"
environment: "{{ edx_django_service_environment }}"
when: edx_django_service_has_static_assets
tags:
- assets
- assets:gather
- name: restart the application
supervisorctl:
state: restarted
supervisorctl_path: "{{ supervisor_ctl }}"
config: "{{ supervisor_cfg }}"
name: "{{ edx_django_service_name }}"
when: not disable_edx_services
become_user: "{{ supervisor_service_user }}"
tags:
- manage
- manage:start
- name: Copying nginx configs for the service
template:
src: "edx/app/nginx/sites-available/app.j2"
dest: "{{ nginx_sites_available_dir }}/{{ edx_django_service_name }}"
owner: root
group: "{{ common_web_user }}"
mode: 0640
notify: reload nginx
tags:
- install
- install:vhosts
- name: Creating nginx config links for the service
file:
src: "{{ nginx_sites_available_dir }}/{{ edx_django_service_name }}"
dest: "{{ nginx_sites_enabled_dir }}/{{ edx_django_service_name }}"
state: link
owner: root
group: root
notify: reload nginx
tags:
- install
- install:vhosts
playbooks/roles/edx_django_service/templates/edx/app/app/app.sh.j2 0 → 100644
#!/usr/bin/env bash
# {{ ansible_managed }}
{% set edx_django_service_venv_bin = edx_django_service_venv_dir + "/bin" %}
{% if COMMON_ENABLE_NEWRELIC_APP %}
{% set executable = edx_django_service_venv_bin + '/newrelic-admin run-program ' + edx_django_service_venv_bin + '/gunicorn' %}
{% else %}
{% set executable = edx_django_service_venv_bin + '/gunicorn' %}
{% endif %}
{% if COMMON_ENABLE_NEWRELIC_APP %}
export NEW_RELIC_APP_NAME="{{ edx_django_service_newrelic_appname }}"
export NEW_RELIC_LICENSE_KEY="{{ NEWRELIC_LICENSE_KEY }}"
{% endif -%}
source {{ edx_django_service_home }}/{{ edx_django_service_name }}_env
{{ executable }} -c {{ edx_django_service_home }}/{{ edx_django_service_name }}_gunicorn.py {{ edx_django_service_gunicorn_extra }} {{ edx_django_service_wsgi_name }}.wsgi:application
playbooks/roles/edx_django_service/templates/edx/app/app/app_env.j2 0 → 100644
# {{ ansible_managed }}
{% for name,value in edx_django_service_environment.items() -%}
{%- if value -%}
export {{ name }}="{{ value }}"
{% endif %}
{%- endfor %}
playbooks/roles/edx_django_service/templates/edx/app/app/app_gunicorn.py.j2 0 → 100644
"""
gunicorn configuration file: http://docs.gunicorn.org/en/develop/configure.html
{{ ansible_managed }}
"""
timeout = {{ edx_django_service_gunicorn_timeout }}
bind = "{{ edx_django_service_gunicorn_host }}:{{ edx_django_service_gunicorn_port }}"
pythonpath = "{{ edx_django_service_code_dir }}"
workers = {{ edx_django_service_gunicorn_workers }}
worker_class = "{{ edx_django_service_gunicorn_worker_class }}"
{{ edx_django_service_gunicorn_extra_conf }}
playbooks/roles/edx_django_service/templates/edx/app/app/devstack.sh.j2 0 → 100644
#!/usr/bin/env bash
# {{ ansible_managed }}
source {{ edx_django_service_home }}/{{ edx_django_service_name }}_env
COMMAND=$1
case $COMMAND in
start)
{{ supervisor_venv_bin }}/supervisord --configuration {{ supervisor_cfg }}
# Needed to run bower as root. See explanation around 'edx_django_service_user=root'
echo '{ "allow_root": true }' > /root/.bowerrc
# Docker requires an active foreground task. Tail the logs to appease Docker and
# provide useful output for development.
tail -f {{ edx_django_service_name_devstack_logs | join(" -f ") }}
;;
open)
. {{ edx_django_service_nodeenv_bin }}/activate
. {{ edx_django_service_venv_bin_dir }}/activate
cd {{ edx_django_service_code_dir }}
/bin/bash
;;
esac
playbooks/roles/edx_django_service/templates/edx/app/nginx/sites-available/app.j2 0 → 100644
#
# {{ ansible_managed }}
#
{% if nginx_default_sites is defined and edx_django_service_name in nginx_default_sites %}
{% set default_site = "default_server" %}
{% else %}
{% set default_site = "" %}
{% endif %}
upstream {{ edx_django_service_name }}_app_server {
{% for host in nginx_edx_django_service_gunicorn_hosts %}
server {{ host }}:{{ edx_django_service_gunicorn_port }} fail_timeout=0;
{% endfor %}
}
# The Origin request header indicates where a fetch originates from. It doesn't include any path information,
# but only the server name (e.g. https://www.example.com).
# See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin for details.
#
# Here we set the value that is included in the Access-Control-Allow-Origin response header. If the origin is one
# of our known hosts--served via HTTP or HTTPS--we allow for CORS. Otherwise, we set the "null" value, disallowing CORS.
map $http_origin $cors_origin {
default "null";
{% for host in edx_django_service_cors_whitelist %}
"~*^https?:\/\/{{ host|replace('.', '\.') }}$" $http_origin;
{% endfor %}
}
server {
server_name {{ edx_django_service_hostname }};
{% if NGINX_ENABLE_SSL %}
listen {{ edx_django_service_nginx_port }} {{ default_site }};
listen {{ edx_django_service_ssl_nginx_port }} ssl;
ssl_certificate /etc/ssl/certs/{{ NGINX_SSL_CERTIFICATE|basename }};
ssl_certificate_key /etc/ssl/private/{{ NGINX_SSL_KEY|basename }};
# request the browser to use SSL for all connections
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
{% else %}
listen {{ edx_django_service_nginx_port }} {{ default_site }};
{% endif %}
location ~ ^/static/(?P<file>.*) {
root {{ COMMON_DATA_DIR }}/{{ edx_django_service_name }};
add_header 'Access-Control-Allow-Origin' $cors_origin;
# Inform downstream caches to take certain headers into account when reading/writing to cache.
add_header 'Vary' 'Accept-Encoding,Origin';
try_files /staticfiles/$file =404;
}
location ~ ^/media/(?P<file>.*) {
root {{ COMMON_DATA_DIR }}/{{ edx_django_service_name }};
try_files /media/$file =404;
}
location / {
{% if edx_django_service_enable_basic_auth|bool %}
{% include 'basic-auth.j2' %}
{% endif %}
try_files $uri @proxy_to_app;
}
# API endpoints have their own authentication and authorization
# schemes, so we bypass basic auth.
location ~ ^/({{ edx_django_service_basic_auth_exempted_paths | join('|') }})/ {
try_files $uri @proxy_to_app;
}
{% include 'robots.j2' %}
location @proxy_to_app {
{% if NGINX_SET_X_FORWARDED_HEADERS %}
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $remote_addr;
{% else %}
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header X-Forwarded-Port $http_x_forwarded_port;
proxy_set_header X-Forwarded-For $http_x_forwarded_for;
{% endif %}
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://{{ edx_django_service_name }}_app_server;
}
# Forward to HTTPS if we're an HTTP request...
if ($http_x_forwarded_proto = "http") {
set $do_redirect "true";
}
# Run our actual redirect...
if ($do_redirect = "true") {
rewrite ^ https://$host$request_uri? permanent;
}
}
playbooks/roles/edx_django_service/templates/edx/app/nginx/sites-available/basic-auth.j2 0 → 100644
satisfy any;
allow 127.0.0.1;
{% for cidr in COMMON_BASIC_AUTH_EXCEPTIONS %}
allow {{ cidr }};
{% endfor %}
deny all;
auth_basic "Restricted";
auth_basic_user_file {{ nginx_htpasswd_file }};
index index.html
proxy_set_header X-Forwarded-Proto https;
playbooks/roles/edx_django_service/templates/edx/app/nginx/sites-available/robots.j2 0 → 100644
{% if NGINX_ROBOT_RULES|length > 0 %}
location /robots.txt {
root {{ nginx_app_dir }};
try_files $uri /robots.txt =404;
}
{% endif %}
playbooks/roles/edx_django_service/templates/edx/app/supervisor/conf.d.available/app.conf.j2 0 → 100644
#
# {{ ansible_managed }}
#
{% if edx_django_service_is_devstack %}
[program:nginx]
command=nginx -g 'daemon off;'
killasgroup=true
stopasgroup=true
{% endif %}
[program:{{ edx_django_service_name }}]
command={{ edx_django_service_home }}/{{ edx_django_service_name }}.sh
user={{ common_web_user }}
directory={{ edx_django_service_code_dir }}
stdout_logfile={{ supervisor_log_dir }}/%(program_name)s-stdout.log
stderr_logfile={{ supervisor_log_dir }}/%(program_name)s-stderr.log
killasgroup=true
stopasgroup=true
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment