amélioration de l'install de CHexpire
This commit is contained in:
parent
a59531dc4f
commit
6018d9b0b1
2
Vagrantfile
vendored
2
Vagrantfile
vendored
|
@ -25,7 +25,7 @@ Vagrant.configure("2") do |config|
|
||||||
# within the machine from a port on the host machine. In the example below,
|
# within the machine from a port on the host machine. In the example below,
|
||||||
# accessing "localhost:8080" will access port 80 on the guest machine.
|
# accessing "localhost:8080" will access port 80 on the guest machine.
|
||||||
# NOTE: This will enable public access to the opened port
|
# NOTE: This will enable public access to the opened port
|
||||||
# config.vm.network "forwarded_port", guest: 80, host: 8080
|
config.vm.network "forwarded_port", guest: 80, host: 8080
|
||||||
|
|
||||||
# Create a forwarded port mapping which allows access to a specific port
|
# Create a forwarded port mapping which allows access to a specific port
|
||||||
# within the machine from a port on the host machine and only allow access
|
# within the machine from a port on the host machine and only allow access
|
||||||
|
|
14
config.yml
14
config.yml
|
@ -8,10 +8,11 @@
|
||||||
- vars/main.yml
|
- vars/main.yml
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
# - { role: rbenv, username: "{{ ansible_user }}", rbenv_ruby_version: "2.6.4" }
|
- { role: rbenv, username: "{{ ansible_user }}", rbenv_ruby_version: "{{ ruby_version }}" }
|
||||||
# - { role: nodejs, nodejs_install_yarn: yes }
|
- { role: nodejs, nodejs_install_yarn: yes }
|
||||||
# - apache-vhost
|
|
||||||
- chexpire-admin-init
|
- chexpire-admin-init
|
||||||
|
- apache-vhost
|
||||||
|
- puma-systemd
|
||||||
|
|
||||||
post_tasks:
|
post_tasks:
|
||||||
- include_role:
|
- include_role:
|
||||||
|
@ -29,3 +30,10 @@
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
- { role: chexpire-user-init, username: "{{ ansible_user }}" }
|
- { role: chexpire-user-init, username: "{{ ansible_user }}" }
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
- name: Puma systemd unit is started
|
||||||
|
systemd:
|
||||||
|
name: puma-chexpire
|
||||||
|
state: started
|
||||||
|
become: yes
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
# /vagrant-ansible-playbook evolinux.yml
|
||||||
---
|
---
|
||||||
|
|
||||||
- hosts: all
|
- hosts: all
|
||||||
|
@ -8,7 +9,7 @@
|
||||||
- vars/main.yml
|
- vars/main.yml
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
# - evolinux-base
|
- evolinux-base
|
||||||
- apache
|
- apache
|
||||||
- mysql
|
- mysql
|
||||||
|
|
||||||
|
|
6
roles/apache-vhost/handlers/main.yml
Normal file
6
roles/apache-vhost/handlers/main.yml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: reload apache2
|
||||||
|
systemd:
|
||||||
|
name: apache2
|
||||||
|
state: reloaded
|
|
@ -1 +1,34 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
|
- name: log directory is present
|
||||||
|
file:
|
||||||
|
dest: /home/vagrant/log
|
||||||
|
mode: "0750"
|
||||||
|
owner: vagrant
|
||||||
|
group: vagrant
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Chexpire VHost is present
|
||||||
|
template:
|
||||||
|
src: chexpire.conf.j2
|
||||||
|
dest: /etc/apache2/sites-available/chexpire.conf
|
||||||
|
force: yes
|
||||||
|
notify: reload apache2
|
||||||
|
|
||||||
|
- name: Chexpire VHost is enabled
|
||||||
|
command: a2ensite chexpire
|
||||||
|
args:
|
||||||
|
creates: /etc/apache2/sites-enabled/chexpire.conf
|
||||||
|
notify: reload apache2
|
||||||
|
|
||||||
|
- name: Default VHost is disabled
|
||||||
|
command: a2dissite 000-default
|
||||||
|
args:
|
||||||
|
removes: /etc/apache2/sites-enabled/000-default.conf
|
||||||
|
notify: reload apache2
|
||||||
|
|
||||||
|
- name: Proxy modules are enabled
|
||||||
|
command: a2enmod proxy_http
|
||||||
|
args:
|
||||||
|
creates: /etc/apache2/mods-enabled/proxy_http.load
|
||||||
|
notify: reload apache2
|
||||||
|
|
|
@ -1,16 +1,16 @@
|
||||||
<VirtualHost *:80 *:443>
|
<VirtualHost *:80 *:443>
|
||||||
|
|
||||||
# FQDN principal
|
# FQDN principal
|
||||||
# ServerName chexpire.evolix.org
|
ServerName chexpire.evolix.org
|
||||||
#ServerAlias chexpire.evolix.org
|
#ServerAlias chexpire.evolix.org
|
||||||
|
|
||||||
# Repertoire principal
|
# Repertoire principal
|
||||||
DocumentRoot /home/vagrant/www/current/public
|
DocumentRoot /home/vagrant/www/public
|
||||||
|
|
||||||
# Include /etc/apache2/ssl/chexpire.conf
|
# Include /etc/apache2/ssl/chexpire.conf
|
||||||
|
|
||||||
# Propriete du repertoire
|
# Propriete du repertoire
|
||||||
<Directory /home/vagrant/www/current/public/>
|
<Directory /home/vagrant/www/public/>
|
||||||
#Options +Indexes +SymLinksIfOwnerMatch
|
#Options +Indexes +SymLinksIfOwnerMatch
|
||||||
Options +SymLinksIfOwnerMatch
|
Options +SymLinksIfOwnerMatch
|
||||||
AllowOverride AuthConfig Limit FileInfo
|
AllowOverride AuthConfig Limit FileInfo
|
||||||
|
@ -32,8 +32,8 @@
|
||||||
</Location>
|
</Location>
|
||||||
|
|
||||||
ProxyPreserveHost On
|
ProxyPreserveHost On
|
||||||
ProxyPass / http://127.0.0.1:3000/
|
ProxyPass / http://127.0.0.1:{{ puma_port }}/
|
||||||
ProxyPassReverse / http://127.0.0.1:3000/
|
ProxyPassReverse / http://127.0.0.1:{{ puma_port }}/
|
||||||
|
|
||||||
RequestHeader set X-Forwarded-Proto https
|
RequestHeader set X-Forwarded-Proto https
|
||||||
|
|
||||||
|
@ -63,8 +63,8 @@
|
||||||
# RewriteCond %{HTTP_HOST} !^chexpire.evolix.org$
|
# RewriteCond %{HTTP_HOST} !^chexpire.evolix.org$
|
||||||
# RewriteRule ^/(.*) http://%{SERVER_NAME}/$1 [L,R]
|
# RewriteRule ^/(.*) http://%{SERVER_NAME}/$1 [L,R]
|
||||||
|
|
||||||
# no PHP
|
# # no PHP
|
||||||
php_admin_flag engine off
|
# php_admin_flag engine off
|
||||||
AddType text/html .html
|
# AddType text/html .html
|
||||||
|
|
||||||
</VirtualHost>
|
</VirtualHost>
|
|
@ -6,3 +6,52 @@
|
||||||
with_items:
|
with_items:
|
||||||
- libsodium-dev
|
- libsodium-dev
|
||||||
- default-libmysqlclient-dev
|
- default-libmysqlclient-dev
|
||||||
|
|
||||||
|
- name: MySQL database is present
|
||||||
|
mysql_db:
|
||||||
|
name: "{{ mysql_chexpire_db }}"
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Is there a .my.cnf file
|
||||||
|
stat:
|
||||||
|
path: /home/vagrant/.my.cnf
|
||||||
|
register: my_cnf_file
|
||||||
|
|
||||||
|
- name: create a password for mysql
|
||||||
|
command: "apg -n 1 -m 16 -M lcN"
|
||||||
|
register: _result
|
||||||
|
changed_when: False
|
||||||
|
check_mode: no
|
||||||
|
when: not my_cnf_file.stat.exists
|
||||||
|
|
||||||
|
- name: Chexpire .my.cnf file is present
|
||||||
|
ini_file:
|
||||||
|
dest: /home/vagrant/.my.cnf
|
||||||
|
mode: "0600"
|
||||||
|
owner: vagrant
|
||||||
|
group: vagrant
|
||||||
|
section: client
|
||||||
|
option: '{{ item.option }}'
|
||||||
|
value: '{{ item.value }}'
|
||||||
|
create: yes
|
||||||
|
with_items:
|
||||||
|
- { option: 'user', value: '{{ mysql_chexpire_username }}' }
|
||||||
|
- { option: 'password', value: '{{ _result.stdout }}' }
|
||||||
|
when: not my_cnf_file.stat.exists
|
||||||
|
|
||||||
|
- name: read .my.cnf file for password
|
||||||
|
shell: cat /home/vagrant/.my.cnf | grep password | cut -d '=' -f2 | xargs
|
||||||
|
changed_when: False
|
||||||
|
register: _result
|
||||||
|
|
||||||
|
- set_fact:
|
||||||
|
mysql_chexpire_password: "{{ _result.stdout }}"
|
||||||
|
|
||||||
|
- name: MySQL user is present
|
||||||
|
mysql_user:
|
||||||
|
name: "{{ mysql_chexpire_username }}"
|
||||||
|
password: "{{ mysql_chexpire_password }}"
|
||||||
|
priv: '{{ mysql_chexpire_db }}.*:ALL'
|
||||||
|
host: localhost
|
||||||
|
state: present
|
||||||
|
register: mysql_chexpire_user
|
||||||
|
|
|
@ -1,5 +1 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
chexpire_app_directory: "www"
|
|
||||||
chexpire_config__mailer_default_from: "from@example.org"
|
|
||||||
chexpire_config__host: "chexpire.local"
|
|
||||||
|
|
|
@ -1,22 +1,48 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
|
|
||||||
# - name: Repository is checked-out
|
- name: Repository is checked-out
|
||||||
# git:
|
git:
|
||||||
# repo: 'https://github.com/Evolix/chexpire.git'
|
repo: 'https://github.com/Evolix/chexpire.git'
|
||||||
# dest: "{{ chexpire_app_directory }}"
|
dest: "{{ chexpire_app_directory }}"
|
||||||
#
|
update: no
|
||||||
# - name: Bundle dependencies are installed
|
|
||||||
# bundler:
|
- name: Bundle dependencies are installed
|
||||||
# executable: ~/.rbenv/shims/bundle
|
bundler:
|
||||||
# chdir: "{{ chexpire_app_directory }}"
|
executable: ~/.rbenv/shims/bundle
|
||||||
# state: present
|
chdir: "{{ chexpire_app_directory }}"
|
||||||
# deployment_mode: yes
|
state: present
|
||||||
#
|
deployment_mode: yes
|
||||||
# - name: Yarn dependencies are installed
|
|
||||||
# command: "yarn install --check-files"
|
- name: Yarn dependencies are installed
|
||||||
# args:
|
command: "yarn install --check-files"
|
||||||
# chdir: "{{ chexpire_app_directory }}"
|
args:
|
||||||
|
chdir: "{{ chexpire_app_directory }}"
|
||||||
|
|
||||||
|
- name: read .my.cnf file for password
|
||||||
|
shell: cat /home/vagrant/.my.cnf | grep password | cut -d '=' -f2 | xargs
|
||||||
|
changed_when: False
|
||||||
|
register: _result
|
||||||
|
|
||||||
|
- set_fact:
|
||||||
|
mysql_chexpire_password: "{{ _result.stdout }}"
|
||||||
|
|
||||||
|
- name: .rbenv-vars file is initialized
|
||||||
|
lineinfile:
|
||||||
|
dest: "{{ chexpire_app_directory }}/.rbenv-vars"
|
||||||
|
line: "{{ item.key }}={{ item.value }}"
|
||||||
|
regexp: "^{{ item.key }}="
|
||||||
|
create: True
|
||||||
|
with_items:
|
||||||
|
- { key: "WEB_CONCURRENCY", value: "1" }
|
||||||
|
- { key: "DATABASE_URL", value: "mysql2://{{ mysql_chexpire_username }}:{{ mysql_chexpire_password }}@127.0.0.1/{{ mysql_chexpire_db }}" }
|
||||||
|
- { key: "PORT", value: "{{ puma_port }}" }
|
||||||
|
|
||||||
|
- name: .ruby-version file is initialized
|
||||||
|
copy:
|
||||||
|
dest: "{{ chexpire_app_directory }}/.ruby-version"
|
||||||
|
content: "{{ ruby_version }}"
|
||||||
|
force: yes
|
||||||
|
|
||||||
- name: Chexpire config file is present
|
- name: Chexpire config file is present
|
||||||
template:
|
template:
|
||||||
|
@ -24,20 +50,50 @@
|
||||||
src: chexpire.yml.j2
|
src: chexpire.yml.j2
|
||||||
force: no
|
force: no
|
||||||
|
|
||||||
- name: Database config file is copied
|
- name: Database config file is present
|
||||||
command: "cp {{ chexpire_app_directory }}/config/database.example.yml {{ chexpire_app_directory }}/config/database.yml"
|
template:
|
||||||
args:
|
dest: "{{ chexpire_app_directory }}/config/database.yml"
|
||||||
creates: "{{ chexpire_app_directory }}/config/database.yml"
|
src: database.yml.j2
|
||||||
|
force: yes
|
||||||
|
|
||||||
- name: Secret key base is generated
|
- name: Secret key base is generated
|
||||||
command: ~/.rbenv/shims/bundle exec rails secret
|
command: "~/.rbenv/shims/bundle exec rails secret"
|
||||||
register: secret_key_base
|
|
||||||
args:
|
args:
|
||||||
chdir: "{{ chexpire_app_directory }}"
|
chdir: "{{ chexpire_app_directory }}"
|
||||||
creates: "{{ chexpire_app_directory }}/config/secrets.yml"
|
creates: "config/secrets.yml"
|
||||||
|
register: secret_key_base
|
||||||
|
|
||||||
- name: Secret key is in the secrets file
|
- name: Secret key is in the secrets file
|
||||||
template:
|
template:
|
||||||
dest: "{{ chexpire_app_directory }}/config/secrets.yml"
|
dest: "{{ chexpire_app_directory }}/config/secrets.yml"
|
||||||
src: secrets.yml.j2
|
src: secrets.yml.j2
|
||||||
force: no
|
force: no
|
||||||
|
|
||||||
|
# - name: Check migrations status
|
||||||
|
# command: "~/.rbenv/shims/bundle exec rails db:migrate:status"
|
||||||
|
# failed_when: False
|
||||||
|
# changed_when: False
|
||||||
|
# args:
|
||||||
|
# chdir: "{{ chexpire_app_directory }}"
|
||||||
|
# register: db_migrate_status
|
||||||
|
|
||||||
|
- name: Migration are applied
|
||||||
|
command: "~/.rbenv/shims/bundle exec rails db:migrate"
|
||||||
|
args:
|
||||||
|
chdir: "{{ chexpire_app_directory }}"
|
||||||
|
register: db_migrate
|
||||||
|
# when: db_migrate_status.rc != 0
|
||||||
|
|
||||||
|
- debug:
|
||||||
|
var: db_migrate
|
||||||
|
verbosity: 3
|
||||||
|
#
|
||||||
|
# - name: DB is prepared
|
||||||
|
# command: "~/.rbenv/shims/bundle exec rails db:prepare"
|
||||||
|
# args:
|
||||||
|
# chdir: "{{ chexpire_app_directory }}"
|
||||||
|
# register: db_prepare
|
||||||
|
#
|
||||||
|
# - debug:
|
||||||
|
# var: db_prepare
|
||||||
|
# verbosity: 3
|
||||||
|
|
4
roles/chexpire-user-init/templates/database.yml.j2
Normal file
4
roles/chexpire-user-init/templates/database.yml.j2
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
production:
|
||||||
|
url: <%= ENV.fetch('DATABASE_URL') %>
|
||||||
|
pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
|
||||||
|
encoding: utf8
|
5
roles/puma-systemd/handlers/main.yml
Normal file
5
roles/puma-systemd/handlers/main.yml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: systemctl daemon-reload
|
||||||
|
systemd:
|
||||||
|
daemon_reload: True
|
23
roles/puma-systemd/tasks/main.yml
Normal file
23
roles/puma-systemd/tasks/main.yml
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: Puma systemd unit is present
|
||||||
|
template:
|
||||||
|
src: puma-chexpire.service.j2
|
||||||
|
dest: /etc/systemd/system/puma-chexpire.service
|
||||||
|
notify: systemctl daemon-reload
|
||||||
|
|
||||||
|
- name: Puma systemd unit is enabled
|
||||||
|
systemd:
|
||||||
|
name: puma-chexpire
|
||||||
|
enabled: True
|
||||||
|
|
||||||
|
- name: log directory is present
|
||||||
|
file:
|
||||||
|
dest: "/home/vagrant/www/tmp/{{ item }}"
|
||||||
|
mode: "0750"
|
||||||
|
owner: vagrant
|
||||||
|
group: vagrant
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- sockets
|
||||||
|
- pids
|
21
roles/puma-systemd/templates/puma-chexpire.service.j2
Normal file
21
roles/puma-systemd/templates/puma-chexpire.service.j2
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
[Unit]
|
||||||
|
Description=Puma Server for Chexpire
|
||||||
|
After=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=forking
|
||||||
|
User=vagrant
|
||||||
|
EnvironmentFile=/home/vagrant/{{ chexpire_app_directory }}/.rbenv-vars
|
||||||
|
Environment=RAILS_ENV=production
|
||||||
|
WorkingDirectory=/home/vagrant/{{ chexpire_app_directory }}/
|
||||||
|
PIDFile=/home/vagrant/{{ chexpire_app_directory }}/tmp/pids/puma.pid
|
||||||
|
|
||||||
|
ExecStart=/home/vagrant/.rbenv/bin/rbenv exec bundle exec puma -C /home/vagrant/{{ chexpire_app_directory }}/config/puma.rb --daemon
|
||||||
|
ExecStop=/home/vagrant/.rbenv/bin/rbenv exec bundle exec pumactl -F /home/vagrant/{{ chexpire_app_directory }}/config/puma.rb stop
|
||||||
|
ExecReload=/home/vagrant/.rbenv/bin/rbenv exec bundle exec pumactl -F /home/vagrant/{{ chexpire_app_directory }}/config/puma.rb phased-restart
|
||||||
|
|
||||||
|
Restart=no
|
||||||
|
RemainAfterExit=yes
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
|
@ -9,3 +9,14 @@ evolinux_fail2ban_include: False
|
||||||
mysql_custom_datadir: '/home/mysql'
|
mysql_custom_datadir: '/home/mysql'
|
||||||
mysql_custom_tmpdir: '/home/tmpmysql'
|
mysql_custom_tmpdir: '/home/tmpmysql'
|
||||||
mysql_custom_logdir: '/home/mysql-logs'
|
mysql_custom_logdir: '/home/mysql-logs'
|
||||||
|
|
||||||
|
mysql_chexpire_username: chexpire_production
|
||||||
|
mysql_chexpire_db: chexpire_production
|
||||||
|
|
||||||
|
ruby_version: "2.6.4"
|
||||||
|
|
||||||
|
chexpire_app_directory: "www"
|
||||||
|
chexpire_config__mailer_default_from: "from@example.org"
|
||||||
|
chexpire_config__host: "chexpire.local"
|
||||||
|
|
||||||
|
puma_port: 3000
|
||||||
|
|
Loading…
Reference in a new issue