Merge pull request #2074 from edx/e0d/no-discern

E0d/no discern

Merge pull request #2074 from edx/e0d/no-discern
E0d/no discern
781fbef3 · Edward Zarecor · 937c3aef · 8ac3e3c9 · 937c3aef · 937c3aef
Commit 781fbef3 authored Jun 29, 2015 by Edward Zarecor
21 changed files
--- a/playbooks/edx-east/discern.yml
+++ b/playbooks/edx-east/discern.yml
- name: Deploy discern
-  hosts: all
-  sudo: True
-  gather_facts: True
-  vars:
-    serial_count: 1
-  serial: "{{ serial_count }}"
-  roles:
-    - aws
-    - role: nginx
-      nginx_sites:
-      - discern
-    - discern
-    - role: datadog
-      when: COMMON_ENABLE_DATADOG
-    - role: splunkforwarder
-      when: COMMON_ENABLE_SPLUNKFORWARDER
-    - role: newrelic
-      when: COMMON_ENABLE_NEWRELIC
--- a/playbooks/edx-east/legacy_ora.yml
+++ b/playbooks/edx-east/legacy_ora.yml
-# ansible-playbook -i ec2.py --limit="tag_group_grader:&tag_environment_stage" legacy_ora.yml -e "COMMON_ENVIRONMENT=stage COMMON_DEPLOYMENT=edx secure_dir=/path/to/secure/dir"
- name: Deploy legacy_ora
-  hosts: all
-  sudo: True
-  gather_facts: True
-  vars:
-    serial_count: 1
-  serial: "{{ serial_count }}"
-  vars_files:
-  - "{{secure_dir}}/vars/{{COMMON_ENVIRONMENT}}/legacy-ora.yml"
-  roles:
-    - legacy_ora
-    - splunkforwarder
-    - newrelic
--- a/playbooks/edx-east/ora.yml
+++ b/playbooks/edx-east/ora.yml
- name: Deploy ora
-  hosts: all
-  sudo: True
-  gather_facts: True
-  vars:
-    serial_count: 1
-  serial: "{{ serial_count }}"
-  roles:
-    - role: nginx
-      nginx_sites:
-      - ora
-    - ora
--- a/playbooks/edx-west/prod-ora.yml
+++ b/playbooks/edx-west/prod-ora.yml
-# this gets all running prod webservers
-#- hosts: tag_environment_prod:&tag_function_ora
-# or we can get subsets of them by name
-#- hosts: ~tag_Name_ora(10|11)_prod
- hosts: ~tag_Name_ora10_prod
-#- hosts: ~tag_Name_ora11_prod
-#- hosts: security_group_edx-prod-EdxappServerSecurityGroup-NSKCQTMZIPQB
-  sudo: True
-  vars:
-    secure_dir: '../../../configuration-secure/ansible'
-    # this indicates the path to site-specific (with precedence)
-    # things like nginx template files
-    local_dir:  '../../../configuration-secure/ansible/local'
-    migrate_db: "no"
-  vars_files:
-    - "{{ secure_dir }}/vars/ora_prod_vars.yml"
-    - "{{ secure_dir }}/vars/users.yml"
-    - "{{ secure_dir }}/vars/edxapp_prod_users.yml"
-  roles:
-    - common
-    - supervisor
-    - role: nginx
-      nginx_sites:
-      - ora
-    - ora
--- a/playbooks/edx-west/stage-ora.yml
+++ b/playbooks/edx-west/stage-ora.yml
---
- hosts: tag_environment_stage:&tag_function_ora
-  sudo: True
-  vars:
-    secure_dir: ../../../configuration-secure/ansible
-    local_dir: ../../../configuration-secure/ansible/local
-    migrate_db: "yes"
-  vars_files:
-    - "{{ secure_dir }}/vars/ora_stage_vars.yml"
-    - "{{ secure_dir }}/vars/edxapp_stage_users.yml"
-    - "{{ secure_dir }}/vars/datadog_stage.yml"
-  roles:
-    - common
-    - supervisor
-    - role: nginx
-      nginx_sites:
-      - ora
-    - ora
-    - datadog
-    #- splunkforwarder
--- a/playbooks/roles/discern/defaults/main.yml
+++ b/playbooks/roles/discern/defaults/main.yml
-DISCERN_NGINX_PORT: 18070
-DISCERN_MEMCACHE: [ 'localhost:11211' ]
-DISCERN_AWS_ACCESS_KEY_ID: ""
-DISCERN_AWS_SECRET_ACCESS_KEY: ""
-DISCERN_BROKER_URL: ""
-DISCERN_RESULT_BACKEND: ""
-DISCERN_GOOGLE_ANALYTICS_PROPERTY_ID: ""
-DISCERN_MYSQL_DB_NAME: 'discern'
-DISCERN_MYSQL_USER: 'discern001'
-DISCERN_MYSQL_PASSWORD: 'password'
-DISCERN_MYSQL_HOST: 'localhost'
-DISCERN_MYSQL_PORT: '3306'
-DISCERN_LANG: "en_US.UTF-8"
-DISCERN_GUNICORN_EXTRA: ""
-discern_app_dir: "{{ COMMON_APP_DIR }}/discern"
-discern_code_dir: "{{ discern_app_dir }}/discern"
-discern_data_dir: "{{ COMMON_DATA_DIR }}/discern"
-discern_venvs_dir: "{{ discern_app_dir }}/venvs"
-discern_venv_dir: "{{ discern_venvs_dir }}/discern"
-discern_venv_bin: "{{ discern_venv_dir }}/bin"
-discern_pre_requirements_file: "{{ discern_code_dir }}/pre-requirements.txt"
-discern_post_requirements_file: "{{ discern_code_dir }}/requirements.txt"
-discern_user: "discern"
-discern_ease_venv_dir: "{{ discern_venv_dir }}"
-discern_ease_code_dir: "{{ discern_app_dir }}/ease"
-discern_ease_source_repo: https://github.com/edx/ease.git
-discern_ease_version: 'HEAD'
-discern_ease_pre_requirements_file: "{{ discern_ease_code_dir }}/pre-requirements.txt"
-discern_ease_post_requirements_file: "{{ discern_ease_code_dir }}/requirements.txt"
-discern_nltk_data_dir: "{{ discern_data_dir}}/nltk_data"
-discern_nltk_download_url: http://edx-static.s3.amazonaws.com/nltk/nltk-data-20131113.tar.gz
-discern_nltk_tmp_file: "{{ discern_data_dir }}/nltk.tmp.tar.tz"
-discern_source_repo: https://github.com/edx/discern.git
-discern_settings: discern.aws
-discern_version: master
-discern_gunicorn_port: 8070
-discern_gunicorn_host: 127.0.0.1
-discern_worker_mult: 2
-discern_env_config:
-  ACCOUNT_EMAIL_VERIFICATION: "mandatory"
-  AWS_SES_REGION_NAME: "us-east-1"
-  DEFAULT_FROM_EMAIL: "registration@example.com"
-  DNS_HOSTNAME: ""
-  ELB_HOSTNAME: ""
-  EMAIL_BACKEND: "django.core.mail.backends.smtp.EmailBackend"
-  S3_BUCKETNAME: ""
-  USE_S3_TO_STORE_MODElS: false
-discern_auth_config:
-  AWS_ACCESS_KEY_ID: "{{ DISCERN_AWS_ACCESS_KEY_ID }}"
-  AWS_SECRET_ACCESS_KEY: "{{ DISCERN_SECRET_ACCESS_KEY }}"
-  BROKER_URL: "{{ DISCERN_BROKER_URL }}"
-  CACHES:
-    default:
-      BACKEND: 'django.core.cache.backends.memcached.MemcachedCache'
-      LOCATION: "{{ DISCERN_MEMCACHE }}"
-  CELERY_RESULT_BACKEND: "{{ DISCERN_RESULT_BACKEND }}"
-  DATABASES:
-    default:
-      ENGINE: django.db.backends.mysql
-      HOST: "{{ DISCERN_MYSQL_HOST }}"
-      NAME: "{{ DISCERN_MYSQL_DB_NAME }}"
-      PASSWORD: "{{ DISCERN_MYSQL_PASSWORD }}"
-      PORT: "{{ DISCERN_MYSQL_PORT }}"
-      USER: "{{ DISCERN_MYSQL_USER }}"
-  GOOGLE_ANALYTICS_PROPERTY_ID: "{{ DISCERN_GOOGLE_ANALYTICS_PROPERTY_ID }}"
-discern_debian_pkgs:
-  - policykit-1
-  - python-virtualenv
-  - gcc
-  - g++
-  - build-essential
-  - python-dev
-  - gfortran
-  - libfreetype6-dev
-  - libpng12-dev
-  - libxml2-dev
-  - libxslt1-dev
-  - libreadline6
-  - libreadline6-dev
-  - redis-server
-  - python-pip
-  - ipython
-  - nginx
-  - libmysqlclient-dev
-  - libblas3gf
-  - libblas-dev
-  - liblapack3gf
-  - liblapack-dev
-  - libatlas-base-dev
-  - curl
-  - yui-compressor
-discern_ease_debian_pkgs:
-  - python-pip
-  - gcc
-  - g++
-  - gfortran
-  - libblas3gf
-  - libblas-dev
-  - liblapack3gf
-  - liblapack-dev
-  - libatlas-base-dev
-  - libxml2-dev
-  - libxslt1-dev
-  - aspell
-  - python
--- a/playbooks/roles/discern/files/git_ssh.sh
+++ b/playbooks/roles/discern/files/git_ssh.sh
-#!/bin/sh
-exec /usr/bin/ssh -o StrictHostKeyChecking=no  "$@"
--- a/playbooks/roles/discern/files/sudoers-discern
+++ b/playbooks/roles/discern/files/sudoers-discern
-Defaults        env_keep+=SSH_AUTH_SOCK
--- a/playbooks/roles/discern/handlers/main.yml
+++ b/playbooks/roles/discern/handlers/main.yml
---
- name: restart discern
-  supervisorctl: >
-    name=discern
-    supervisorctl_path={{ supervisor_ctl }}
-    config={{ supervisor_cfg }}
-    state=restarted
-  when: discern_installed is defined and not disable_edx_services
-  with_items:
-  - discern
-  - discern_celery
--- a/playbooks/roles/discern/meta/main.yml
+++ b/playbooks/roles/discern/meta/main.yml
---
-dependencies:
-  - supervisor
--- a/playbooks/roles/discern/tasks/deploy.yml
+++ b/playbooks/roles/discern/tasks/deploy.yml
---
- name: create supervisor scripts - discern, discern_celery
-  template: >
-    src={{ item }}.conf.j2 dest={{ supervisor_available_dir }}/{{ item }}.conf
-    owner={{ supervisor_user }} mode=0644
-  sudo_user: "{{ supervisor_user }}"
-  with_items: ['discern', 'discern_celery']
- name: enable supervisor scripts - discern, discern_celery
-  file: >
-    src={{ supervisor_available_dir }}/{{ item }}.conf
-    dest={{ supervisor_cfg_dir }}/{{ item }}.conf
-    owner={{ supervisor_user }}
-    state=link
-    force=yes
-    mode=0644
-  sudo_user: "{{ supervisor_user }}"
-  with_items: ['discern', 'discern_celery']
-  when: not disable_edx_services
-#Upload config files for django (auth and env)
- name: create discern application config env.json file
-  template: src=env.json.j2 dest={{ discern_app_dir }}/env.json
-  sudo_user: "{{ discern_user }}"
-  notify:
-    - restart discern
- name: create discern auth file auth.json
-  template: src=auth.json.j2 dest={{ discern_app_dir }}/auth.json
-  sudo_user: "{{ discern_user }}"
-  notify:
-    - restart discern
- name: git checkout discern repo into discern_code_dir
-  git: >
-    dest={{ discern_code_dir }} repo={{ discern_source_repo }} version={{ discern_version }}
-    accept_hostkey=yes
-  sudo_user: "{{ discern_user }}"
-  notify:
-    - restart discern
- name: git checkout ease repo into discern_ease_code_dir
-  git: >
-    dest={{ discern_ease_code_dir}} repo={{ discern_ease_source_repo }} version={{ discern_ease_version }}
-    accept_hostkey=yes
-  sudo_user: "{{ discern_user }}"
-  notify:
-    - restart discern
-#Numpy has to be a pre-requirement in order for scipy to build
- name : install python pre-requirements for discern and ease
-  pip: >
-    requirements={{ item }} virtualenv={{ discern_venv_dir }} state=present
-    extra_args="-i {{ COMMON_PYPI_MIRROR_URL }}"
-  sudo_user: "{{ discern_user }}"
-  notify:
-    - restart discern
-  with_items:
-    - "{{ discern_pre_requirements_file }}"
-    - "{{ discern_ease_pre_requirements_file }}"
- name : install python requirements for discern and ease
-  pip: >
-    requirements={{ item }} virtualenv={{ discern_venv_dir }} state=present
-    extra_args="-i {{ COMMON_PYPI_MIRROR_URL }}"
-  sudo_user: "{{ discern_user }}"
-  notify:
-    - restart discern
-  with_items:
-    - "{{ discern_post_requirements_file }}"
-    - "{{ discern_ease_post_requirements_file }}"
- name: install ease python package
-  shell: >
-    {{ discern_venv_dir }}/bin/activate; cd {{ discern_ease_code_dir }}; python setup.py install
-  notify:
-    - restart discern
- name: download and install nltk
-  shell: |
-      set -e
-      curl -o {{ discern_nltk_tmp_file }} {{ discern_nltk_download_url }}
-      tar zxf {{ discern_nltk_tmp_file }}
-      rm -f {{ discern_nltk_tmp_file }}
-      touch {{ discern_nltk_download_url|basename }}-installed
-      creates={{ discern_data_dir }}/{{ discern_nltk_download_url|basename }}-installed
-      chdir={{ discern_data_dir }}
-  sudo_user: "{{ discern_user }}"
-  notify:
-    - restart discern
-#Run this instead of using the ansible module because the ansible module only support syncdb of these three, and does not
-#support virtualenvs as of this comment
- name: django syncdb migrate and collectstatic for discern
-  shell: >
-    {{ discern_venv_dir }}/bin/python {{ discern_code_dir }}/manage.py {{ item }} --noinput --settings={{discern_settings}} --pythonpath={{discern_code_dir}}
-    chdir={{ discern_code_dir }}
-  sudo_user: "{{ discern_user }}"
-  notify:
-    - restart discern
-  with_items:
-    - syncdb
-    - migrate
-    - collectstatic
-#Have this separate from the other three because it doesn't take the noinput flag
- name: django update_index for discern
-  shell: >
-    {{ discern_venv_dir}}/bin/python {{ discern_code_dir }}/manage.py update_index --settings={{ discern_settings }} --pythonpath={{discern_code_dir}}
-    chdir={{ discern_code_dir }}
-  sudo_user: "{{ discern_user }}"
-  notify:
-    - restart discern
-  # call supervisorctl update. this reloads
-  # the supervisorctl config and restarts
-  # the services if any of the configurations
-  # have changed.
-  #
- name: update supervisor configuration
-  shell:  "{{ supervisor_ctl }} -c {{ supervisor_cfg }} update"
-  register: supervisor_update
-  sudo_user: "{{ supervisor_service_user }}"
-  changed_when: supervisor_update.stdout is defined and supervisor_update.stdout != ""
-  when: not disable_edx_services
- name: ensure discern, discern_celery has started
-  supervisorctl: >
-    name={{ item }}
-    supervisorctl_path={{ supervisor_ctl }}
-    config={{ supervisor_cfg }}
-    state=started
-  with_items:
-  - discern
-  - discern_celery
-  when: not disable_edx_services
- name: create a symlink for venv python
-  file: >
-    src="{{ discern_venv_bin }}/{{ item }}"
-    dest={{ COMMON_BIN_DIR }}/{{ item }}.discern
-    state=link
-  with_items:
-  - python
-  - pip
- set_fact: discern_installed=true
--- a/playbooks/roles/discern/tasks/main.yml
+++ b/playbooks/roles/discern/tasks/main.yml
---
- name: create application user
-  user: >
-    name="{{ discern_user }}"
-    home="{{ discern_app_dir }}"
-    createhome=no
-    shell=/bin/false
-  notify:
-    - restart discern
- name: create discern app dirs owned by discern
-  file: >
-    path="{{ item }}"
-    state=directory
-    owner="{{ discern_user }}"
-    group="{{ common_web_group }}"
-  notify:
-    - restart discern
-  with_items:
-    - "{{ discern_app_dir }}"
-    - "{{ discern_venvs_dir }}"
- name: create discern data dir, owned by {{ common_web_user }}
-  file: >
-    path="{{ discern_data_dir }}" state=directory
-    owner="{{ common_web_user }}" group="{{ discern_user  }}"
-    mode=0775
-  notify:
-    - restart discern
- name: install debian packages that discern needs
-  apt: pkg={{ item }} state=present
-  notify:
-    - restart discern
-  with_items: discern_debian_pkgs
- name: install debian packages for ease that discern needs
-  apt: pkg={{ item }} state=present
-  notify:
-    - restart discern
-  with_items: discern_ease_debian_pkgs
- name: copy sudoers file for discern
-  copy: >
-    src=sudoers-discern dest=/etc/sudoers.d/discern
-    mode=0440 validate='visudo -cf %s' owner=root group=root
-  notify:
-    - restart discern
-#Needed if using redis to prevent memory issues
- name: change memory commit settings -- needed for redis
-  command: sysctl vm.overcommit_memory=1
-  notify:
-    - restart discern
- include: deploy.yml tags=deploy
--- a/playbooks/roles/discern/templates/auth.json.j2
+++ b/playbooks/roles/discern/templates/auth.json.j2
-{{ discern_auth_config | to_nice_json }}
--- a/playbooks/roles/discern/templates/celery.conf.j2
+++ b/playbooks/roles/discern/templates/celery.conf.j2
-#Celery task for ml api
-description "Celery ML api"
-author "Vik Paruchuri <vik@edx.org>"
-start on runlevel [2345]
-stop on runlevel [!2345]
-respawn
-respawn limit 3 30
-env DJANGO_SETTINGS_MODULE={{ discern_settings }}
-chdir {{ discern_code_dir }}
-setuid {{ discern_user }}
-exec {{ discern_venv_dir }}/bin/python {{ discern_code_dir }}/manage.py celeryd --loglevel=info --settings={{ discern_settings }} --pythonpath={{ discern_code_dir }} -B --autoscale={{ ansible_processor_cores * 2 }},1
--- a/playbooks/roles/discern/templates/discern.conf.j2
+++ b/playbooks/roles/discern/templates/discern.conf.j2
-[program:discern]
-{% if ansible_processor|length > 0 %}
-command={{ discern_venv_bin }}/gunicorn --preload -b {{ discern_gunicorn_host }}:{{ discern_gunicorn_port }} -w  {{ ansible_processor|length * discern_worker_mult }} --timeout=30 --pythonpath={{ discern_code_dir }} {{ DISCERN_GUNICORN_EXTRA }} discern.wsgi
-{% else %}
-command={{ discern_venv_bin }}/gunicorn --preload -b {{ discern_gunicorn_host }}:{{ discern_gunicorn_port }} -w  {{ discern_worker_mult }} --timeout=30 --pythonpath={{ discern_code_dir }} {{ DISCERN_GUNICORN_EXTRA }} discern.wsgi
-{% endif %}
-user={{ common_web_user }}
-directory={{ discern_code_dir }}
-environment=LANG={{ DISCERN_LANG }},DJANGO_SETTINGS_MODULE={{ discern_settings }},SERVICE_VARIANT=discern
-stdout_logfile={{ supervisor_log_dir }}/%(program_name)s-stdout.log
-stderr_logfile={{ supervisor_log_dir }}/%(program_name)s-stderr.log
-killasgroup=true
-stopasgroup=true
--- a/playbooks/roles/discern/templates/discern_celery.conf.j2
+++ b/playbooks/roles/discern/templates/discern_celery.conf.j2
-[program:discern_celery]
-command={{ discern_venv_bin }}/python {{ discern_code_dir }}/manage.py celeryd --loglevel=info --settings=discern.aws --pythonpath={{ discern_code_dir }} -B --autoscale=4,1 --schedule={{ discern_data_dir }}/celerybeat-schedule
-user={{ common_web_user }}
-directory={{ discern_code_dir }}
-environment=DJANGO_SETTINGS_MODULE=discern.aws,SERVICE_VARIANT=discern
-stdout_logfile={{ supervisor_log_dir }}/%(program_name)s-stdout.log
-stderr_logfile={{ supervisor_log_dir }}/%(program_name)s-stderr.log
-killasgroup=true
-stopasgroup=true
--- a/playbooks/roles/discern/templates/env.json.j2
+++ b/playbooks/roles/discern/templates/env.json.j2
-{{ discern_env_config | to_nice_json }}
--- a/playbooks/roles/edx_ansible/templates/update.j2
+++ b/playbooks/roles/edx_ansible/templates/update.j2
@@ -49,8 +49,6 @@ repos_to_cmd["edx-platform"]="$edx_ansible_cmd edxapp.yml -e 'edx_platform_versi
 repos_to_cmd["xqueue"]="$edx_ansible_cmd xqueue.yml -e 'xqueue_version=$2'"
 repos_to_cmd["cs_comments_service"]="$edx_ansible_cmd forum.yml -e 'forum_version=$2'"
 repos_to_cmd["xserver"]="$edx_ansible_cmd xserver.yml -e 'xserver_version=$2'"
-repos_to_cmd["ease"]="$edx_ansible_cmd discern.yml -e 'discern_ease_version=$2' && $edx_ansible_cmd ora.yml -e 'ora_ease_version=$2'"
-repos_to_cmd["edx-ora"]="$edx_ansible_cmd ora.yml -e 'ora_version=$2'"
 repos_to_cmd["configuration"]="$edx_ansible_cmd edx_ansible.yml -e 'configuration_version=$2'"
 repos_to_cmd["read-only-certificate-code"]="$edx_ansible_cmd certs.yml -e 'certs_version=$2'"
 repos_to_cmd["edx-analytics-data-api"]="$edx_ansible_cmd analyticsapi.yml -e 'ANALYTICS_API_VERSION=$2'"

--- a/playbooks/roles/legacy_ora/tasks/main.yml
+++ b/playbooks/roles/legacy_ora/tasks/main.yml
-#
-# Update config for a legacy ora installation.
-#
-# This role requires that ora_app_dir and ora_user both be defined.
-# There is no default for them.
-#
- fail: msg="ora_app_dir not defined. eg. /edx/app/ora, /opt/wwc"
-  when: ora_app_dir is not defined
- fail: msg="ora_user not defined. eg. ora, www-data"
-  when: ora_user is not defined
- fail: msg="COMMON_ENVIRONMENT not defined. eg. stage, prod"
-  when: COMMON_ENVIRONMENT is not defined
- fail: msg="secure_dir not defined. This is a path to the secure ora config file."
-  when: secure_dir is not defined
- name: create ora application config
-  copy:
-    src={{ secure_dir }}/files/{{ COMMON_ENVIRONMENT }}/legacy_ora/ora.env.json
-    dest={{ ora_app_dir }}/env.json
-  sudo_user: "{{ ora_user }}"
-  register: env_state
- name: create ora auth file
-  copy:
-    src={{ secure_dir }}/files/{{ COMMON_ENVIRONMENT }}/legacy_ora/ora.auth.json
-    dest={{ ora_app_dir }}/auth.json
-  sudo_user: "{{ ora_user }}"
-  register: auth_state
-# Restart ORA Services
- name: restart edx-ora
-  service:
-    name=edx-ora
-    state=restarted
-  when: env_state.changed or auth_state.changed
- name: restart edx-ora-celery
-  service:
-    name=edx-ora-celery
-    state=restarted
-  when: env_state.changed or auth_state.changed
--- a/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/discern.j2
+++ b/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/discern.j2
-server {
-    listen {{ DISCERN_NGINX_PORT }};
-    server_name localhost;
-    set $my_host $http_host;
-    if ($host ~ "\d+\.\d+\.\d+\.\d+") {
-        set $my_host "127.0.0.1";
-    }
-    # https://docs.djangoproject.com/en/dev/howto/static-files/#serving-static-files-in-production
-    location /static/ { # STATIC_URL
-        alias {{ discern_app_dir }}/staticfiles/;
-        expires 1m;
-	autoindex on;
-    }
-    location /media/ { # MEDIA_URL
-        alias /home/www/myhostname/static/; # MEDIA_ROOT
-        expires 30d;
-    }
-    location / {
-        {% include "basic-auth.j2" %}
-        proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
-        proxy_set_header X-Forwarded-Port $http_x_forwarded_port;
-        proxy_set_header X-Forwarded-For $http_x_forwarded_for;
-        proxy_set_header Host $my_host;
-        proxy_pass http://127.0.0.1:7999;
-    }
-}
--- a/playbooks/roles/ora/tasks/main.yml
+++ b/playbooks/roles/ora/tasks/main.yml
-# requires:
-#  - group_vars/all
-#  - common/tasks/main.yml
---
- name: create application user
-  user: >
-    name="{{ ora_user }}" home="{{ ora_app_dir }}"
-    createhome=no shell=/bin/false
-  notify:
-    - restart ora
-    - restart ora_celery
- name: create ora app dir
-  file: >
-    path="{{ item }}" state=directory
-    owner="{{ ora_user }}" group="{{ common_web_group }}"
-  notify:
-    - restart ora
-    - restart ora_celery
-  with_items:
-    - "{{ ora_venvs_dir }}"
-    - "{{ ora_app_dir }}"
- name: create ora data dir, owned by {{ common_web_user }}
-  file: >
-    path="{{ item }}" state=directory
-    owner="{{ common_web_user }}" group="{{ common_web_group }}"
-  notify:
-    - restart ora
-    - restart ora_celery
-  with_items:
-    - "{{ ora_data_dir }}"
-    - "{{ ora_data_course_dir }}"
-    - "{{ ora_app_dir }}/ml_models"
- name: install debian packages that ora needs
-  apt: pkg={{ item }} state=present
-  notify:
-    - restart ora
-    - restart ora_celery
-  with_items: ora_debian_pkgs
- name: install debian packages for ease that ora needs
-  apt: pkg={{ item }} state=present
-  notify:
-    - restart ora
-    - restart ora_celery
-  with_items: ora_ease_debian_pkgs
- include: deploy.yml tags=deploy