amélioration de l'install de CHexpire
parent
a59531dc4f
commit
6018d9b0b1
|
@ -25,7 +25,7 @@ Vagrant.configure("2") do |config|
|
|||
# within the machine from a port on the host machine. In the example below,
|
||||
# accessing "localhost:8080" will access port 80 on the guest machine.
|
||||
# NOTE: This will enable public access to the opened port
|
||||
# config.vm.network "forwarded_port", guest: 80, host: 8080
|
||||
config.vm.network "forwarded_port", guest: 80, host: 8080
|
||||
|
||||
# Create a forwarded port mapping which allows access to a specific port
|
||||
# within the machine from a port on the host machine and only allow access
|
||||
|
|
14
config.yml
14
config.yml
|
@ -8,10 +8,11 @@
|
|||
- vars/main.yml
|
||||
|
||||
roles:
|
||||
# - { role: rbenv, username: "{{ ansible_user }}", rbenv_ruby_version: "2.6.4" }
|
||||
# - { role: nodejs, nodejs_install_yarn: yes }
|
||||
# - apache-vhost
|
||||
- { role: rbenv, username: "{{ ansible_user }}", rbenv_ruby_version: "{{ ruby_version }}" }
|
||||
- { role: nodejs, nodejs_install_yarn: yes }
|
||||
- chexpire-admin-init
|
||||
- apache-vhost
|
||||
- puma-systemd
|
||||
|
||||
post_tasks:
|
||||
- include_role:
|
||||
|
@ -29,3 +30,10 @@
|
|||
|
||||
roles:
|
||||
- { role: chexpire-user-init, username: "{{ ansible_user }}" }
|
||||
|
||||
tasks:
|
||||
- name: Puma systemd unit is started
|
||||
systemd:
|
||||
name: puma-chexpire
|
||||
state: started
|
||||
become: yes
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
# /vagrant-ansible-playbook evolinux.yml
|
||||
---
|
||||
|
||||
- hosts: all
|
||||
|
@ -8,7 +9,7 @@
|
|||
- vars/main.yml
|
||||
|
||||
roles:
|
||||
# - evolinux-base
|
||||
- evolinux-base
|
||||
- apache
|
||||
- mysql
|
||||
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
|
||||
- name: reload apache2
|
||||
systemd:
|
||||
name: apache2
|
||||
state: reloaded
|
|
@ -1 +1,34 @@
|
|||
---
|
||||
|
||||
- name: log directory is present
|
||||
file:
|
||||
dest: /home/vagrant/log
|
||||
mode: "0750"
|
||||
owner: vagrant
|
||||
group: vagrant
|
||||
state: directory
|
||||
|
||||
- name: Chexpire VHost is present
|
||||
template:
|
||||
src: chexpire.conf.j2
|
||||
dest: /etc/apache2/sites-available/chexpire.conf
|
||||
force: yes
|
||||
notify: reload apache2
|
||||
|
||||
- name: Chexpire VHost is enabled
|
||||
command: a2ensite chexpire
|
||||
args:
|
||||
creates: /etc/apache2/sites-enabled/chexpire.conf
|
||||
notify: reload apache2
|
||||
|
||||
- name: Default VHost is disabled
|
||||
command: a2dissite 000-default
|
||||
args:
|
||||
removes: /etc/apache2/sites-enabled/000-default.conf
|
||||
notify: reload apache2
|
||||
|
||||
- name: Proxy modules are enabled
|
||||
command: a2enmod proxy_http
|
||||
args:
|
||||
creates: /etc/apache2/mods-enabled/proxy_http.load
|
||||
notify: reload apache2
|
||||
|
|
|
@ -1,16 +1,16 @@
|
|||
<VirtualHost *:80 *:443>
|
||||
|
||||
# FQDN principal
|
||||
# ServerName chexpire.evolix.org
|
||||
ServerName chexpire.evolix.org
|
||||
#ServerAlias chexpire.evolix.org
|
||||
|
||||
# Repertoire principal
|
||||
DocumentRoot /home/vagrant/www/current/public
|
||||
DocumentRoot /home/vagrant/www/public
|
||||
|
||||
# Include /etc/apache2/ssl/chexpire.conf
|
||||
|
||||
# Propriete du repertoire
|
||||
<Directory /home/vagrant/www/current/public/>
|
||||
<Directory /home/vagrant/www/public/>
|
||||
#Options +Indexes +SymLinksIfOwnerMatch
|
||||
Options +SymLinksIfOwnerMatch
|
||||
AllowOverride AuthConfig Limit FileInfo
|
||||
|
@ -32,8 +32,8 @@
|
|||
</Location>
|
||||
|
||||
ProxyPreserveHost On
|
||||
ProxyPass / http://127.0.0.1:3000/
|
||||
ProxyPassReverse / http://127.0.0.1:3000/
|
||||
ProxyPass / http://127.0.0.1:{{ puma_port }}/
|
||||
ProxyPassReverse / http://127.0.0.1:{{ puma_port }}/
|
||||
|
||||
RequestHeader set X-Forwarded-Proto https
|
||||
|
||||
|
@ -63,8 +63,8 @@
|
|||
# RewriteCond %{HTTP_HOST} !^chexpire.evolix.org$
|
||||
# RewriteRule ^/(.*) http://%{SERVER_NAME}/$1 [L,R]
|
||||
|
||||
# no PHP
|
||||
php_admin_flag engine off
|
||||
AddType text/html .html
|
||||
# # no PHP
|
||||
# php_admin_flag engine off
|
||||
# AddType text/html .html
|
||||
|
||||
</VirtualHost>
|
|
@ -6,3 +6,52 @@
|
|||
with_items:
|
||||
- libsodium-dev
|
||||
- default-libmysqlclient-dev
|
||||
|
||||
- name: MySQL database is present
|
||||
mysql_db:
|
||||
name: "{{ mysql_chexpire_db }}"
|
||||
state: present
|
||||
|
||||
- name: Is there a .my.cnf file
|
||||
stat:
|
||||
path: /home/vagrant/.my.cnf
|
||||
register: my_cnf_file
|
||||
|
||||
- name: create a password for mysql
|
||||
command: "apg -n 1 -m 16 -M lcN"
|
||||
register: _result
|
||||
changed_when: False
|
||||
check_mode: no
|
||||
when: not my_cnf_file.stat.exists
|
||||
|
||||
- name: Chexpire .my.cnf file is present
|
||||
ini_file:
|
||||
dest: /home/vagrant/.my.cnf
|
||||
mode: "0600"
|
||||
owner: vagrant
|
||||
group: vagrant
|
||||
section: client
|
||||
option: '{{ item.option }}'
|
||||
value: '{{ item.value }}'
|
||||
create: yes
|
||||
with_items:
|
||||
- { option: 'user', value: '{{ mysql_chexpire_username }}' }
|
||||
- { option: 'password', value: '{{ _result.stdout }}' }
|
||||
when: not my_cnf_file.stat.exists
|
||||
|
||||
- name: read .my.cnf file for password
|
||||
shell: cat /home/vagrant/.my.cnf | grep password | cut -d '=' -f2 | xargs
|
||||
changed_when: False
|
||||
register: _result
|
||||
|
||||
- set_fact:
|
||||
mysql_chexpire_password: "{{ _result.stdout }}"
|
||||
|
||||
- name: MySQL user is present
|
||||
mysql_user:
|
||||
name: "{{ mysql_chexpire_username }}"
|
||||
password: "{{ mysql_chexpire_password }}"
|
||||
priv: '{{ mysql_chexpire_db }}.*:ALL'
|
||||
host: localhost
|
||||
state: present
|
||||
register: mysql_chexpire_user
|
||||
|
|
|
@ -1,5 +1 @@
|
|||
---
|
||||
|
||||
chexpire_app_directory: "www"
|
||||
chexpire_config__mailer_default_from: "from@example.org"
|
||||
chexpire_config__host: "chexpire.local"
|
||||
|
|
|
@ -1,22 +1,48 @@
|
|||
---
|
||||
|
||||
|
||||
# - name: Repository is checked-out
|
||||
# git:
|
||||
# repo: 'https://github.com/Evolix/chexpire.git'
|
||||
# dest: "{{ chexpire_app_directory }}"
|
||||
#
|
||||
# - name: Bundle dependencies are installed
|
||||
# bundler:
|
||||
# executable: ~/.rbenv/shims/bundle
|
||||
# chdir: "{{ chexpire_app_directory }}"
|
||||
# state: present
|
||||
# deployment_mode: yes
|
||||
#
|
||||
# - name: Yarn dependencies are installed
|
||||
# command: "yarn install --check-files"
|
||||
# args:
|
||||
# chdir: "{{ chexpire_app_directory }}"
|
||||
- name: Repository is checked-out
|
||||
git:
|
||||
repo: 'https://github.com/Evolix/chexpire.git'
|
||||
dest: "{{ chexpire_app_directory }}"
|
||||
update: no
|
||||
|
||||
- name: Bundle dependencies are installed
|
||||
bundler:
|
||||
executable: ~/.rbenv/shims/bundle
|
||||
chdir: "{{ chexpire_app_directory }}"
|
||||
state: present
|
||||
deployment_mode: yes
|
||||
|
||||
- name: Yarn dependencies are installed
|
||||
command: "yarn install --check-files"
|
||||
args:
|
||||
chdir: "{{ chexpire_app_directory }}"
|
||||
|
||||
- name: read .my.cnf file for password
|
||||
shell: cat /home/vagrant/.my.cnf | grep password | cut -d '=' -f2 | xargs
|
||||
changed_when: False
|
||||
register: _result
|
||||
|
||||
- set_fact:
|
||||
mysql_chexpire_password: "{{ _result.stdout }}"
|
||||
|
||||
- name: .rbenv-vars file is initialized
|
||||
lineinfile:
|
||||
dest: "{{ chexpire_app_directory }}/.rbenv-vars"
|
||||
line: "{{ item.key }}={{ item.value }}"
|
||||
regexp: "^{{ item.key }}="
|
||||
create: True
|
||||
with_items:
|
||||
- { key: "WEB_CONCURRENCY", value: "1" }
|
||||
- { key: "DATABASE_URL", value: "mysql2://{{ mysql_chexpire_username }}:{{ mysql_chexpire_password }}@127.0.0.1/{{ mysql_chexpire_db }}" }
|
||||
- { key: "PORT", value: "{{ puma_port }}" }
|
||||
|
||||
- name: .ruby-version file is initialized
|
||||
copy:
|
||||
dest: "{{ chexpire_app_directory }}/.ruby-version"
|
||||
content: "{{ ruby_version }}"
|
||||
force: yes
|
||||
|
||||
- name: Chexpire config file is present
|
||||
template:
|
||||
|
@ -24,20 +50,50 @@
|
|||
src: chexpire.yml.j2
|
||||
force: no
|
||||
|
||||
- name: Database config file is copied
|
||||
command: "cp {{ chexpire_app_directory }}/config/database.example.yml {{ chexpire_app_directory }}/config/database.yml"
|
||||
args:
|
||||
creates: "{{ chexpire_app_directory }}/config/database.yml"
|
||||
- name: Database config file is present
|
||||
template:
|
||||
dest: "{{ chexpire_app_directory }}/config/database.yml"
|
||||
src: database.yml.j2
|
||||
force: yes
|
||||
|
||||
- name: Secret key base is generated
|
||||
command: ~/.rbenv/shims/bundle exec rails secret
|
||||
register: secret_key_base
|
||||
command: "~/.rbenv/shims/bundle exec rails secret"
|
||||
args:
|
||||
chdir: "{{ chexpire_app_directory }}"
|
||||
creates: "{{ chexpire_app_directory }}/config/secrets.yml"
|
||||
creates: "config/secrets.yml"
|
||||
register: secret_key_base
|
||||
|
||||
- name: Secret key is in the secrets file
|
||||
template:
|
||||
dest: "{{ chexpire_app_directory }}/config/secrets.yml"
|
||||
src: secrets.yml.j2
|
||||
force: no
|
||||
|
||||
# - name: Check migrations status
|
||||
# command: "~/.rbenv/shims/bundle exec rails db:migrate:status"
|
||||
# failed_when: False
|
||||
# changed_when: False
|
||||
# args:
|
||||
# chdir: "{{ chexpire_app_directory }}"
|
||||
# register: db_migrate_status
|
||||
|
||||
- name: Migration are applied
|
||||
command: "~/.rbenv/shims/bundle exec rails db:migrate"
|
||||
args:
|
||||
chdir: "{{ chexpire_app_directory }}"
|
||||
register: db_migrate
|
||||
# when: db_migrate_status.rc != 0
|
||||
|
||||
- debug:
|
||||
var: db_migrate
|
||||
verbosity: 3
|
||||
#
|
||||
# - name: DB is prepared
|
||||
# command: "~/.rbenv/shims/bundle exec rails db:prepare"
|
||||
# args:
|
||||
# chdir: "{{ chexpire_app_directory }}"
|
||||
# register: db_prepare
|
||||
#
|
||||
# - debug:
|
||||
# var: db_prepare
|
||||
# verbosity: 3
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
production:
|
||||
url: <%= ENV.fetch('DATABASE_URL') %>
|
||||
pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
|
||||
encoding: utf8
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
|
||||
- name: systemctl daemon-reload
|
||||
systemd:
|
||||
daemon_reload: True
|
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
|
||||
- name: Puma systemd unit is present
|
||||
template:
|
||||
src: puma-chexpire.service.j2
|
||||
dest: /etc/systemd/system/puma-chexpire.service
|
||||
notify: systemctl daemon-reload
|
||||
|
||||
- name: Puma systemd unit is enabled
|
||||
systemd:
|
||||
name: puma-chexpire
|
||||
enabled: True
|
||||
|
||||
- name: log directory is present
|
||||
file:
|
||||
dest: "/home/vagrant/www/tmp/{{ item }}"
|
||||
mode: "0750"
|
||||
owner: vagrant
|
||||
group: vagrant
|
||||
state: directory
|
||||
with_items:
|
||||
- sockets
|
||||
- pids
|
|
@ -0,0 +1,21 @@
|
|||
[Unit]
|
||||
Description=Puma Server for Chexpire
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
User=vagrant
|
||||
EnvironmentFile=/home/vagrant/{{ chexpire_app_directory }}/.rbenv-vars
|
||||
Environment=RAILS_ENV=production
|
||||
WorkingDirectory=/home/vagrant/{{ chexpire_app_directory }}/
|
||||
PIDFile=/home/vagrant/{{ chexpire_app_directory }}/tmp/pids/puma.pid
|
||||
|
||||
ExecStart=/home/vagrant/.rbenv/bin/rbenv exec bundle exec puma -C /home/vagrant/{{ chexpire_app_directory }}/config/puma.rb --daemon
|
||||
ExecStop=/home/vagrant/.rbenv/bin/rbenv exec bundle exec pumactl -F /home/vagrant/{{ chexpire_app_directory }}/config/puma.rb stop
|
||||
ExecReload=/home/vagrant/.rbenv/bin/rbenv exec bundle exec pumactl -F /home/vagrant/{{ chexpire_app_directory }}/config/puma.rb phased-restart
|
||||
|
||||
Restart=no
|
||||
RemainAfterExit=yes
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -9,3 +9,14 @@ evolinux_fail2ban_include: False
|
|||
mysql_custom_datadir: '/home/mysql'
|
||||
mysql_custom_tmpdir: '/home/tmpmysql'
|
||||
mysql_custom_logdir: '/home/mysql-logs'
|
||||
|
||||
mysql_chexpire_username: chexpire_production
|
||||
mysql_chexpire_db: chexpire_production
|
||||
|
||||
ruby_version: "2.6.4"
|
||||
|
||||
chexpire_app_directory: "www"
|
||||
chexpire_config__mailer_default_from: "from@example.org"
|
||||
chexpire_config__host: "chexpire.local"
|
||||
|
||||
puma_port: 3000
|
||||
|
|
Loading…
Reference in New Issue