majic-ansible-roles Changeset

Changeset - 09625826d96f

Parent rev.

Child rev.

[Not reviewed]

0 3 4

Branko Majic (branko) - 9 years ago 2015-08-16 21:25:25
branko@majic.rs

MAR-15: Added implementation for the database server role. Performs very simpled deployment and set-up of MariaDB database server.

7 files changed with 75 insertions and 0 deletions:

docs/rolereference.rst

roles/database_server/files/utf8.cnf

roles/database_server/handlers/main.yml

roles/database_server/tasks/main.yml

roles/database_server/templates/root_my.cnf.j2

testsite/group_vars/web.yml

testsite/playbooks/web.yml

0 comments (0 inline, 0 general)

docs/rolereference.rst

➞

Show inline comments

@@ @@ -1135,48 +1135,82 @@ Parameters @@
   option ``rewrite``. The keyword ``rewrite`` itself should be omitted, as well
   as trailing semi-colon (``;``).
 **static_locations** (list, optional)
   List of locations that should be treated as static-only, and not processed by
   the WSGI application at all. This is normally used for designating serving of
   static/media files by Nginx (for example, in case of Django projects for
   ``/static/`` and ``/media/``).
 **uid** (integer, mandatory)
   UID/GID (they are set-up to be the same) of the dedicated website
   user/group.
 **use_paste** (boolean, optional)
   Tell Gunicorn to assume that the passed-in ``wsgi_application`` value is a
   filename of a Python Paste ``ini`` file instead of WSGI application.
 **virtuaelnv_packages** (list, optional)
   A list of additional packages to install for this particular PHP
   appliction. This is usually going to be different PHP extensions.
 **wsgi_application** (string, mandatory)
   WSGI application that should be started by Gunicorn. The format should be
   conformant to what the ``gunicorn`` command-line tool accepts. If the
   ``use_paste`` option is enabled, the value should be equal to filename of the
   Python Paste ini file, located in the ``code`` sub-directory.
 Examples
 ~~~~~~~~
 Here is an example configuration for setting-up a (base) WSGI website (for
 running a bare Django project):
 .. code-block:: yaml
     - role: wsgi_website
       admin: admin
       fqdn: django.example.com
       static_locations:
         - /static
         - /media
       uid: 2004
       virtualenv_packages:
         - django
       wsgi_application: django_example_com.wsgi:application
       https_tls_key: "{{ inventory_dir }}/tls/wsgi.example.com_https.key"
       https_tls_certificate: "{{ inventory_dir }}/tls/wsgi.example.com_https.pem"
 Database Server
 ---------------
 The ``database_server`` role can be used for setting-up a MariaDB database
 server on destination machine.
 The role implements the following:
 * Installs MariaDB server and client.
 * Configures MariaDB server and client to use *UTF-8* encoding by default.
 * Sets password for the database root user.
 * Deploys MariaDB client configuration in location ``/root/.my.cnf`` that
   contains username and password for the root database user.
 Parameters
 ~~~~~~~~~~
 **db_root_password** (string, mandatory)
   Password for the *root* database user.
 Examples
 ~~~~~~~~
 Here is an example configuration for setting-up the database server:
 .. code-block:: yaml
    ---
    db_root_password: root

roles/database_server/files/utf8.cnf

➞

Show inline comments

@@ new file 100644 @@
 [client]
 default-character-set = utf8
 [mysqld]
 character-set-server  = utf8
 collation-server      = utf8_general_ci
 character_set_server  = utf8
 collation_server      = utf8_general_ci

roles/database_server/handlers/main.yml

➞

Show inline comments

@@ new file 100644 @@
 ---
 - name: Restart MariaDB
   service: name=mysql state=restarted
@@ \ No newline at end of file @@

roles/database_server/tasks/main.yml

➞

Show inline comments

@@ new file 100644 @@
 ---
 - name: Install MariaDB
   apt: name="{{ item }}" state=installed
   with_items:
     - mariadb-client
     - mariadb-server
     - python-mysqldb
 - name: Enable and start MariaDB
   service: name=mysql enabled=yes state=started
 - name: Set password for the root database user
   mysql_user: check_implicit_admin=yes name=root password="{{ db_root_password }}"
 - name: Deploy username and password for the root database user
   template: src="root_my.cnf.j2" dest="/root/.my.cnf"
             owner=root group=root mode=400
 - name: Set UTF-8 encoding as default for MariaDB
   copy: src="utf8.cnf" dest="/etc/mysql/conf.d/utf8.cnf"
         owner=root group=root mode=644
   notify: Restart MariaDB

roles/database_server/templates/root_my.cnf.j2

➞

Show inline comments

@@ new file 100644 @@
 [client]
 user=root
 password={{ db_root_password }}

testsite/group_vars/web.yml

➞

Show inline comments

 ---
 ldap_client_config:
   - comment: Set the base DN
     option: BASE
     value: dc=example,dc=com
   - comment: Set the default URI
     option: URI
     value: ldap://ldap.example.com/
   - comment: Set the LDAP TLS truststore
     option: TLS_CACERT
     value: /etc/ssl/certs/example_ca_chain.pem
 local_mail_aliases:
   root: "root john.doe@example.com"
 smtp_relay_host: mail.example.com
 smtp_relay_truststore: /etc/ssl/certs/example_ca_chain.pem
 https_tls_key: "{{ inventory_dir }}/tls/web.example.com_https.key"
 https_tls_certificate: "{{ inventory_dir }}/tls/web.example.com_https.pem"
 web_default_title: "Welcome to Example Inc."
 web_default_message: "You are attempting to access the web server using a wrong name or an IP address. Please check your URL."
 db_root_password: "root"
@@ \ No newline at end of file @@

testsite/playbooks/web.yml

➞

Show inline comments

 ---
 - hosts: web
   remote_user: ansible
   sudo: yes
   roles:
     - common
     - ldap_client
     - mail_forwarder
     - database_server
     - web_server
     - phpinfo
     - wsgihello

0 comments (0 inline, 0 general)