Files @ 5ea45eee5187
Branch filter:

Location: majic-ansible-roles/roles/wsgi_website/playbook.yml - annotation

branko
MAR-124: Updated mail_forwarder test_tls_enforced_towards_relay_mail_server to be a bit robust against race condition.
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
8f33126c7555
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
eba5d5d69e4f
eba5d5d69e4f
eba5d5d69e4f
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
998aab91d6b4
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
998aab91d6b4
998aab91d6b4
998aab91d6b4
998aab91d6b4
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
b68d19ad38a3
---

- hosts: all
  tasks:

    - name: Update all caches to avoid errors due to missing remote archives
      apt:
        update_cache: yes
      changed_when: False

    - name: Set-up /etc/hosts entries
      lineinfile:
        dest: /etc/hosts
        line: "{{ ansible_eth0.ipv4.address }} parameters-mandatory parameters-optional.local parameters-paste-req wsgi-website"

    - name: Install curl for testing redirects and webpage content
      apt:
        name: curl
        state: installed

    - name: Install swaks for testing mail forwarding
      apt:
        name: swaks
        state: installed

    - name: Install Postfix for testing mail forwarding (Exim4 not covered)
      apt:
        name: postfix
        state: installed

    - name: Set-up group for an additional user
      group:
        name: user
        state: present

    - name: Set-up additional user for testing mail delivery
      user:
        name: user
        group: user
        shell: /bin/bash

- hosts: all
  vars:
    # common
    ca_certificates:
      testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"

    # web_server
    default_https_tls_certificate: "{{ lookup('file', 'tests/data/x509/wsgi-website_https.cert.pem') }}"
    default_https_tls_key: "{{ lookup('file', 'tests/data/x509/wsgi-website_https.key.pem') }}"

    # Common parameters (general, not role).
    tls_certificate_dir: tests/data/x509/
    tls_private_key_dir: tests/data/x509/

  roles:
    - role: wsgi_website
      fqdn: parameters-mandatory
      wsgi_application: testapp:application

    - role: wsgi_website
      fqdn: parameters-optional.local
      additional_nginx_config:
        - comment: Custom missing page.
          value: error_page 404 /my/own/error/page;
      admin_uid: 5000
      enforce_https: no
      environment_indicator:
        background_colour: "#ff0000"
        text_colour: "#00ff00"
        text: "parameters-optional"
      environment_variables:
        MY_ENV_VAR: "My environment variable"
      futures_version: 3.1.0
      gunicorn_version: 19.7.0
      https_tls_certificate: "{{ lookup('file', 'tests/data/x509/parameters-optional.local_https.cert.pem') }}"
      https_tls_key: "{{ lookup('file', 'tests/data/x509/parameters-optional.local_https.key.pem') }}"
      packages:
        - libmariadb-client-lgpl-dev-compat
        - global
      proxy_headers:
        Accept-Encoding: '""'
      rewrites:
        - '^/rewrite1/(.*) /rewritten1/ last'
        - '^/rewrite2/(.*) /rewritten2/$1 last'
      static_locations:
        - /static/
        - /media/
      uid: 5001
      use_paste: no
      virtualenv_packages:
        - dnspython==1.15.0
        - ptpython==0.41
        - prompt-toolkit==1.0.15
      website_mail_recipients: user
      wsgi_application: testapp:application
      wsgi_requirements: []

    - role: wsgi_website
      fqdn: parameters-paste-req
      use_paste: yes
      virtualenv_packages:
        - click==6.7
        - Flask==0.12.2
        - itsdangerous==0.24
        - Jinja2==2.9.6
        - MarkupSafe==1.0
        - Paste==2.0.3
        - PasteDeploy==1.5.2
        - PasteScript==2.0.2
        - six==1.10.0
        - Werkzeug==0.12.2
      wsgi_application: config.ini
      wsgi_requirements:
        - futures==3.1.0
        - gunicorn==19.7.0
      https_tls_certificate: "{{ lookup('file', 'tests/data/x509/parameters-paste-req_https.cert.pem') }}"
      https_tls_key: "{{ lookup('file', 'tests/data/x509/parameters-paste-req_https.key.pem') }}"


- hosts: all
  tasks:
    # parameters-mandatory application
    - name: Set-up directories where application files are hosted at
      file:
        path: "/var/www/parameters-mandatory/{{ item }}"
        state: directory
        owner: admin-parameters-mandatory
        group: web-parameters-mandatory
        mode: 02750
      with_items:
        - htdocs/static
        - htdocs/media
        - code
    - name: Deploy WSGI application
      copy:
        src: "tests/data/python/wsgi/testapp.py"
        dest: "/var/www/parameters-mandatory/code/testapp.py"
        owner: admin-parameters-mandatory
        group: web-parameters-mandatory
        mode: 0640
      notify:
        - Restart parameters-mandatory
    - name: Deploy a static file
      copy:
        src: "tests/data/static_file.txt"
        dest: "/var/www/parameters-mandatory/htdocs/static/static_file.txt"
        owner: admin-parameters-mandatory
        group: web-parameters-mandatory
        mode: 0640
    - name: Deploy a media file
      copy:
        src: "tests/data/media_file.txt"
        dest: "/var/www/parameters-mandatory/htdocs/media/media_file.txt"
        owner: admin-parameters-mandatory
        group: web-parameters-mandatory
        mode: 0640

    # parameters-optional application
    - name: Set-up directories where application files are hosted at
      file:
        path: "/var/www/parameters-optional.local/{{ item }}"
        state: directory
        owner: admin-parameters-optional_local
        group: web-parameters-optional_local
        mode: 02750
      with_items:
        - htdocs/static
        - htdocs/media
        - code
    - name: Deploy WSGI application
      copy:
        src: "tests/data/python/wsgi/testapp.py"
        dest: "/var/www/parameters-optional.local/code/testapp.py"
        owner: admin-parameters-optional_local
        group: web-parameters-optional_local
        mode: 0640
      notify:
        - Restart parameters-optional.local
    - name: Deploy a static file
      copy:
        src: "tests/data/static_file.txt"
        dest: "/var/www/parameters-optional.local/htdocs/static/static_file.txt"
        owner: admin-parameters-optional_local
        group: web-parameters-optional_local
        mode: 0640
    - name: Deploy a media file
      copy:
        src: "tests/data/media_file.txt"
        dest: "/var/www/parameters-optional.local/htdocs/media/media_file.txt"
        owner: admin-parameters-optional_local
        group: web-parameters-optional_local
        mode: 0640

    # parameters-paste-req application
    - name: Set-up directories where application files are hosted at
      file:
        path: "/var/www/parameters-paste-req/{{ item }}"
        state: directory
        owner: admin-parameters-paste-req
        group: web-parameters-paste-req
        mode: 02750
      with_items:
        - htdocs/static
        - htdocs/media
        - code
    - name: Deploy WSGI application
      copy:
        src: "tests/data/python/paste/{{ item }}"
        dest: "/var/www/parameters-paste-req/code/{{ item }}"
        owner: admin-parameters-paste-req
        group: web-parameters-paste-req
        mode: 0640
      with_items:
        - config.ini
        - testapp.py
        - wsgi.py
      notify:
        - Restart parameters-paste-req
    - name: Deploy a static file
      copy:
        src: "tests/data/static_file.txt"
        dest: "/var/www/parameters-paste-req/htdocs/static/static_file.txt"
        owner: admin-parameters-paste-req
        group: web-parameters-paste-req
        mode: 0640
    - name: Deploy a media file
      copy:
        src: "tests/data/media_file.txt"
        dest: "/var/www/parameters-paste-req/htdocs/media/media_file.txt"
        owner: admin-parameters-paste-req
        group: web-parameters-paste-req
        mode: 0640

  handlers:
    - name: Restart parameters-mandatory
      service:
        name: parameters-mandatory
        state: restarted
    - name: Restart parameters-optional.local
      service:
        name: parameters-optional.local
        state: restarted
    - name: Restart parameters-paste-req
      service:
        name: parameters-paste-req
        state: restarted