majic-ansible-roles Changeset

Changeset - 96b84032cb00

Parent rev.

Child rev.

[Not reviewed]

0 3 0

Branko Majic (branko) - 9 years ago 2016-06-17 22:22:48
branko@majic.rs

Noticket: No need to add the website admin to user group, this is the admin's main group anyway. Do not define admin variable for testsite wsgihello role."

3 files changed with 0 insertions and 7 deletions:

roles/php_website/tasks/main.yml

roles/wsgi_website/tasks/main.yml

testsite/playbooks/roles/wsgihello/meta/main.yml

0 comments (0 inline, 0 general)

roles/php_website/tasks/main.yml

➞

Show inline comments

@@ @@ -5,51 +5,48 @@ @@
     admin: "admin-{{ fqdn | replace('.', '_') }}"
     user: "web-{{ fqdn | replace('.', '_') }}"
     home: "/var/www/{{ fqdn }}"
 - name: Create PHP website group
   group: name="{{ user }}" gid="{{ uid | default(omit) }}" state=present
 - name: Create PHP website admin user
   user: name="{{ admin }}" uid="{{ admin_uid | default(omit) }}" group="{{ user }}"
         shell=/bin/bash createhome=no home="{{ home }}" state=present
 - name: Create home directory for the user (avoid populating with skeleton)
   file: path="{{ home }}" state=directory
         owner="{{ admin }}" group="{{ user }}" mode=2750
 - name: Create PHP website user
   user: name="{{ user }}" uid="{{ uid | default(omit) }}" group="{{ user }}"
         system=yes createhome=no state=present
 - name: Add nginx user to website group
   user: name="www-data" groups="{{ user }}" append="yes"
   notify:
     - Restart nginx
 - name: Add admin to website group
   user: name="{{ admin }}" groups="{{ user }}" append="yes"
 - name: Install extra packages for website
   apt: name="{{ item }}" state=installed
   with_items: "{{ packages }}"
 - name: Deploy PHP FPM configuration file for website
   template: src="fpm_site.conf.j2" dest="/etc/php5/fpm/pool.d/{{ fqdn }}.conf" validate="php5-fpm -t -y %s"
   notify:
     - Restart php5-fpm
 - name: Deploy nginx TLS private key for website
   copy: dest="/etc/ssl/private/{{ fqdn }}_https.key" content="{{ https_tls_key }}"
         mode=640 owner=root group=root
   notify:
     - Restart nginx
 - name: Deploy nginx TLS certificate for website
   copy: dest="/etc/ssl/certs/{{ fqdn }}_https.pem" content="{{ https_tls_certificate }}"
         mode=644 owner=root group=root
   notify:
     - Restart nginx
 - name: Deploy nginx configuration file for website
   template: src="nginx_site.j2" dest="/etc/nginx/sites-available/{{ fqdn }}"
             owner=root group=root mode=640 validate="/usr/local/bin/nginx_verify_site.sh -n '{{ fqdn }}' %s"

roles/wsgi_website/tasks/main.yml

➞

Show inline comments

@@ @@ -4,51 +4,48 @@ @@
     admin: "admin-{{ fqdn | replace('.', '_') }}"
     user: "web-{{ fqdn | replace('.', '_') }}"
     home: "/var/www/{{ fqdn }}"
 - name: Create WSGI website group
   group: name="{{ user }}" gid="{{ uid | default(omit) }}" state=present
 - name: Create WSGI website admin user
   user: name="{{ admin }}" uid="{{ admin_uid | default(omit) }}" group="{{ user }}"
         shell=/bin/bash createhome=no home="{{ home }}" state=present
 - name: Create home directory for the user (avoid populating with skeleton)
   file: path="{{ home }}" state=directory
         owner="{{ admin }}" group="{{ user }}" mode=2750
 - name: Create WSGI website user
   user: name="{{ user }}" uid="{{ uid | default(omit) }}" group="{{ user }}"
         system=yes createhome=no state=present
 - name: Add nginx user to website group
   user: name="www-data" groups="{{ user }}" append="yes"
   notify:
     - Restart nginx
 - name: Add admin to website group
   user: name="{{ admin }}" groups="{{ user }}" append="yes"
 - name: Install extra packages for website
   apt: name="{{ item }}" state=present
   with_items: "{{ packages }}"
 - name: Create directory for storing the Python virtual environment
   file: path="{{ home }}/virtualenv" state=directory
         owner="{{ admin }}" group="{{ user }}" mode="2750"
 - name: Create Python virtual environment
   become_user: "{{ admin }}"
   command: /usr/bin/virtualenv --prompt "({{ fqdn }})" "{{ home }}/virtualenv" creates="{{ home }}/virtualenv/bin/activate"
 - name: Configure project directory for the Python virtual environment
   template: src="venv_project.j2" dest="{{ home }}/virtualenv/.project"
             owner="{{ admin }}" group="{{ user }}" mode="640"
 - name: Deploy virtualenv wrapper
   template: src="venv_exec.j2" dest="{{ home }}/virtualenv/bin/exec"
             owner="{{ admin }}" group="{{ user }}" mode="750"
 - name: Deploy minimalistic bashrc for auto-activating the virtual environment
   copy: src="bashrc" dest="{{ item }}"
         owner="root" group="{{ user }}" mode="640"
   with_items:

testsite/playbooks/roles/wsgihello/meta/main.yml

➞

Show inline comments

 ---
 dependencies:
   - role: wsgi_website
     admin: admin
     fqdn: wsgi.{{ testsite_domain }}
     admin_uid: 3001
     uid: 2001
     wsgi_application: wsgi:application
     static_locations:
       - /static/
     https_tls_key: "{{ lookup('file', inventory_dir + '/tls/wsgi.' + testsite_domain + '_https.key') }}"
     https_tls_certificate: "{{ lookup('file', inventory_dir + '/tls/wsgi.' + testsite_domain + '_https.pem') }}"
   - role: database
     db_name: wsgi_{{ testsite_domain_underscores }}
     db_password: wsgi_{{ testsite_domain_underscores }}
@@ \ No newline at end of file @@

0 comments (0 inline, 0 general)