subspace 2.4.0 → 2.5.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +0 -0
- data/.rspec +0 -0
- data/.ruby-gemset +0 -0
- data/.ruby-version +0 -0
- data/.travis.yml +0 -0
- data/CHANGELOG.md +26 -0
- data/CODE_OF_CONDUCT.md +0 -0
- data/Gemfile +0 -0
- data/LICENSE.txt +0 -0
- data/README.md +10 -2
- data/Rakefile +0 -0
- data/TODO +0 -0
- data/ansible/playbooks/local_template.yml +0 -0
- data/ansible/playbooks/maintenance_mode.yml +0 -0
- data/ansible/roles/alienvault/tasks/main.yml +0 -0
- data/ansible/roles/apache-rails/tasks/main.yml +0 -0
- data/ansible/roles/apache-rails/templates/_canonical_domain.conf +0 -0
- data/ansible/roles/apache-rails/templates/_rails.conf +0 -0
- data/ansible/roles/apache-rails/templates/project-ssl.conf +0 -0
- data/ansible/roles/apache-rails/templates/project.conf +0 -0
- data/ansible/roles/apache/defaults/main.yml +0 -0
- data/ansible/roles/apache/handlers/main.yml +0 -0
- data/ansible/roles/apache/tasks/main.yml +0 -0
- data/ansible/roles/apache/templates/server_status.conf +0 -0
- data/ansible/roles/awscli/tasks/main.yml +0 -0
- data/ansible/roles/collectd/defaults/main.yml +0 -0
- data/ansible/roles/collectd/handlers/main.yml +0 -0
- data/ansible/roles/collectd/tasks/main.yml +0 -0
- data/ansible/roles/collectd/templates/apache2.conf +0 -0
- data/ansible/roles/collectd/templates/delayed_job_postgres.conf +0 -0
- data/ansible/roles/collectd/templates/df.conf +0 -0
- data/ansible/roles/collectd/templates/graphite.conf +0 -0
- data/ansible/roles/collectd/templates/hostname.conf +0 -0
- data/ansible/roles/collectd/templates/nginx.conf +0 -0
- data/ansible/roles/collectd/templates/nodejs-process.conf +0 -0
- data/ansible/roles/collectd/templates/puma-process.conf +0 -0
- data/ansible/roles/collectd/templates/rails_lograge.conf +0 -0
- data/ansible/roles/common/defaults/main.yml +0 -0
- data/ansible/roles/common/files/sudoers-service +0 -0
- data/ansible/roles/common/handlers/main.yml +0 -0
- data/ansible/roles/common/tasks/main.yml +42 -6
- data/ansible/roles/common/tasks/swap.yml +0 -0
- data/ansible/roles/common/templates/motd +1 -1
- data/ansible/roles/common/templates/motd2 +0 -0
- data/ansible/roles/common/templates/terminalcolor +0 -0
- data/ansible/roles/delayed_job/README.md +0 -0
- data/ansible/roles/delayed_job/defaults/main.yml +0 -0
- data/ansible/roles/delayed_job/handlers/main.yml +0 -0
- data/ansible/roles/delayed_job/meta/main.yml +0 -0
- data/ansible/roles/delayed_job/tasks/main.yml +0 -0
- data/ansible/roles/delayed_job/templates/delayed-job-monit-rc +0 -0
- data/ansible/roles/letsencrypt/defaults/main.yml +0 -0
- data/ansible/roles/letsencrypt/tasks/legacy.yml +0 -0
- data/ansible/roles/letsencrypt/tasks/main.yml +1 -1
- data/ansible/roles/letsencrypt/tasks/modern.yml +0 -0
- data/ansible/roles/letsencrypt_dns/defaults/main.yml +0 -0
- data/ansible/roles/letsencrypt_dns/tasks/main.yml +0 -0
- data/ansible/roles/logrotate/LICENSE +0 -0
- data/ansible/roles/logrotate/README.md +0 -0
- data/ansible/roles/logrotate/defaults/main.yml +0 -0
- data/ansible/roles/logrotate/meta/main.yml +0 -0
- data/ansible/roles/logrotate/tasks/main.yml +0 -0
- data/ansible/roles/logrotate/templates/logrotate.d.j2 +0 -0
- data/ansible/roles/memcache/tasks/main.yml +0 -0
- data/ansible/roles/monit/files/monit-http.conf +0 -0
- data/ansible/roles/monit/files/sudoers-monit +0 -0
- data/ansible/roles/monit/handlers/main.yml +0 -0
- data/ansible/roles/monit/tasks/main.yml +0 -0
- data/ansible/roles/mtpereira.passenger/.bumpversion.cfg +0 -0
- data/ansible/roles/mtpereira.passenger/.gitignore +0 -0
- data/ansible/roles/mtpereira.passenger/LICENSE +0 -0
- data/ansible/roles/mtpereira.passenger/README.md +0 -0
- data/ansible/roles/mtpereira.passenger/defaults/main.yml +0 -0
- data/ansible/roles/mtpereira.passenger/handlers/main.yml +0 -0
- data/ansible/roles/mtpereira.passenger/meta/.galaxy_install_info +0 -0
- data/ansible/roles/mtpereira.passenger/meta/main.yml +0 -0
- data/ansible/roles/mtpereira.passenger/tasks/apt.yml +0 -0
- data/ansible/roles/mtpereira.passenger/tasks/main.yml +0 -0
- data/ansible/roles/mtpereira.passenger/tasks/pkg.yml +0 -0
- data/ansible/roles/mtpereira.passenger/tasks/service.yml +0 -0
- data/ansible/roles/mysql/meta/main.yml +0 -0
- data/ansible/roles/mysql/tasks/main.yml +0 -0
- data/ansible/roles/mysql/templates/mysql_database.yml +0 -0
- data/ansible/roles/mysql2_gem/meta/main.yml +0 -0
- data/ansible/roles/mysql2_gem/tasks/main.yml +0 -0
- data/ansible/roles/newrelic/handlers/main.yml +0 -0
- data/ansible/roles/newrelic/tasks/main.yml +0 -0
- data/ansible/roles/nginx-maintenance/tasks/main.yml +0 -0
- data/ansible/roles/nginx-rails/defaults/main.yml +2 -0
- data/ansible/roles/nginx-rails/tasks/main.yml +19 -3
- data/ansible/roles/nginx-rails/templates/_asset_cors.conf +0 -0
- data/ansible/roles/nginx-rails/templates/_rails.conf +2 -1
- data/ansible/roles/nginx-rails/templates/_upstream.conf +0 -0
- data/ansible/roles/nginx-rails/templates/default_server +0 -0
- data/ansible/roles/nginx-rails/templates/nginx-project +0 -0
- data/ansible/roles/nginx-rails/templates/nginx-project-ssl +0 -0
- data/ansible/roles/nginx/defaults/main.yml +0 -0
- data/ansible/roles/nginx/handlers/main.yml +0 -0
- data/ansible/roles/nginx/tasks/main.yml +0 -0
- data/ansible/roles/nginx/templates/status +0 -0
- data/ansible/roles/nodejs/tasks/main.yml +0 -0
- data/ansible/roles/papertrail/tasks/main.yml +0 -0
- data/ansible/roles/papertrail/templates/log_files.yml +0 -0
- data/ansible/roles/passenger/files/sudoers-passenger +0 -0
- data/ansible/roles/passenger/meta/main.yml +0 -0
- data/ansible/roles/passenger/tasks/main.yml +0 -0
- data/ansible/roles/postgresql-client/tasks/main.yml +39 -4
- data/ansible/roles/postgresql/README.md +0 -0
- data/ansible/roles/postgresql/defaults/main.yml +0 -0
- data/ansible/roles/postgresql/handlers/main.yml +0 -0
- data/ansible/roles/postgresql/meta/main.yml +0 -0
- data/ansible/roles/postgresql/tasks/backups.yml +0 -0
- data/ansible/roles/postgresql/tasks/main.yml +0 -0
- data/ansible/roles/puma/defaults/main.yml +0 -0
- data/ansible/roles/puma/meta/main.yml +0 -0
- data/ansible/roles/puma/tasks/main.yml +0 -0
- data/ansible/roles/puma/templates/etc-puma.conf +0 -0
- data/ansible/roles/puma/templates/puma-monit-rc +0 -0
- data/ansible/roles/puma/templates/puma.rb +0 -0
- data/ansible/roles/rails/defaults/main.yml +0 -0
- data/ansible/roles/rails/tasks/main.yml +0 -0
- data/ansible/roles/rails/templates/application.yml +0 -0
- data/ansible/roles/rails/templates/database.yml +0 -0
- data/ansible/roles/redis/defaults/main.yml +0 -0
- data/ansible/roles/redis/tasks/main.yml +0 -0
- data/ansible/roles/ruby-common/README.md +0 -0
- data/ansible/roles/ruby-common/defaults/main.yml +0 -0
- data/ansible/roles/ruby-common/meta/main.yml +0 -0
- data/ansible/roles/ruby-common/tasks/main.yml +1 -6
- data/ansible/roles/ruby-common/templates/install-ruby.j2 +0 -0
- data/ansible/roles/ruby-common/templates/rake-env.j2 +0 -0
- data/ansible/roles/ruby-common/templates/ruby-gc-wrapper.j2 +0 -0
- data/ansible/roles/ruby-common/vars/main.yml +0 -0
- data/ansible/roles/sidekiq/README.md +0 -0
- data/ansible/roles/sidekiq/defaults/main.yml +0 -0
- data/ansible/roles/sidekiq/meta/main.yml +0 -0
- data/ansible/roles/sidekiq/tasks/main.yml +0 -0
- data/ansible/roles/sidekiq/templates/sidekiq-monit-rc +0 -0
- data/ansible/roles/yarn/tasks/main.yml +0 -0
- data/ansible/roles/zenoamaro.postgresql/.gitignore +0 -0
- data/ansible/roles/zenoamaro.postgresql/.travis.yml +0 -0
- data/ansible/roles/zenoamaro.postgresql/LICENSE.md +0 -0
- data/ansible/roles/zenoamaro.postgresql/README.md +0 -0
- data/ansible/roles/zenoamaro.postgresql/Vagrantfile +0 -0
- data/ansible/roles/zenoamaro.postgresql/boxed.yml +0 -0
- data/ansible/roles/zenoamaro.postgresql/defaults/main.yml +0 -0
- data/ansible/roles/zenoamaro.postgresql/handlers/main.yml +0 -0
- data/ansible/roles/zenoamaro.postgresql/inventory +0 -0
- data/ansible/roles/zenoamaro.postgresql/main.yml +0 -0
- data/ansible/roles/zenoamaro.postgresql/meta/.galaxy_install_info +0 -0
- data/ansible/roles/zenoamaro.postgresql/meta/main.yml +0 -0
- data/ansible/roles/zenoamaro.postgresql/tasks/configure.yml +0 -0
- data/ansible/roles/zenoamaro.postgresql/tasks/extensions.yml +0 -0
- data/ansible/roles/zenoamaro.postgresql/tasks/install.yml +0 -0
- data/ansible/roles/zenoamaro.postgresql/tasks/main.yml +0 -0
- data/ansible/roles/zenoamaro.postgresql/templates/environment +0 -0
- data/ansible/roles/zenoamaro.postgresql/templates/pg_ctl.conf +0 -0
- data/ansible/roles/zenoamaro.postgresql/templates/pg_hba.conf +0 -0
- data/ansible/roles/zenoamaro.postgresql/templates/pg_ident.conf +0 -0
- data/ansible/roles/zenoamaro.postgresql/templates/postgresql.conf +0 -0
- data/ansible/roles/zenoamaro.postgresql/test.yml +0 -0
- data/lib/subspace.rb +0 -0
- data/lib/subspace/commands/ansible.rb +0 -0
- data/lib/subspace/commands/base.rb +4 -0
- data/lib/subspace/commands/bootstrap.rb +0 -0
- data/lib/subspace/commands/configure.rb +0 -0
- data/lib/subspace/commands/init.rb +0 -0
- data/lib/subspace/commands/maintain.rb +1 -0
- data/lib/subspace/commands/maintenance_mode.rb +0 -0
- data/lib/subspace/commands/override.rb +0 -0
- data/lib/subspace/commands/provision.rb +1 -0
- data/lib/subspace/commands/ssh.rb +0 -0
- data/lib/subspace/commands/vars.rb +0 -0
- data/lib/subspace/configuration.rb +0 -0
- data/lib/subspace/version.rb +1 -1
- data/subspace.gemspec +0 -0
- data/template/provision.rb.erb +0 -0
- data/template/provision/.gitignore +0 -0
- data/template/provision/ansible.cfg.erb +0 -0
- data/template/provision/group_vars/all.erb +0 -0
- data/template/provision/group_vars/template.erb +0 -0
- data/template/provision/host_vars/template.erb +0 -0
- data/template/provision/hosts.erb +0 -0
- data/template/provision/playbook.yml.erb +0 -0
- data/template/provision/templates/application.yml.template +0 -0
- data/template/provision/vars/template.erb +0 -0
- metadata +6 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5ec1fed10091007f72b23e57d0493ff65646a9bc4cf530de36adbb9fdeb8e00f
|
4
|
+
data.tar.gz: fcaaff33ec9cb84b996258e74d3fc525f6fd727d0ef24b27e5bc71883fe4f95b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6429f545796109a5974e7183b8de7f992caf9d47742d08e2a9676053e6b5d634ee38b0f833cdc1e875fe03a64801841eec94517bccbe3d39adb5e7340d683fc2
|
7
|
+
data.tar.gz: 4afb2d4d2a0f772ec67bd923da0469c57ff65c51d65e656d7db89ef90c546cd6371c04593869ca36558c546e36e5e45788be550d2c601c17f38daa7e9c69dae9
|
data/.gitignore
CHANGED
File without changes
|
data/.rspec
CHANGED
File without changes
|
data/.ruby-gemset
CHANGED
File without changes
|
data/.ruby-version
CHANGED
File without changes
|
data/.travis.yml
CHANGED
File without changes
|
data/CHANGELOG.md
CHANGED
@@ -10,6 +10,32 @@ This project attempts to follow [semantic versioning](https://semver.org/)
|
|
10
10
|
* Not working on OSX - macs don't read from /etc/profile.d/
|
11
11
|
* Stops showing color if you `sudo su`
|
12
12
|
|
13
|
+
## 2.5.2
|
14
|
+
* Always specify the letsencrypt cert_name so they are consistent
|
15
|
+
|
16
|
+
## 2.5.1
|
17
|
+
* Fix os upgrades stat collection for ubuntu 20
|
18
|
+
|
19
|
+
## 2.5
|
20
|
+
* Get actual os version number along with kernal name
|
21
|
+
* Update MOTD version automatically!
|
22
|
+
* Get and upload unattended security updates
|
23
|
+
|
24
|
+
## 2.4.2
|
25
|
+
* Update deprecated syntax for ansible
|
26
|
+
* Fix postgresql-client for python 3
|
27
|
+
|
28
|
+
## 2.4.1
|
29
|
+
* Allow extra nginx options via extra_nginx_config eg:
|
30
|
+
```
|
31
|
+
extra_nginx_config: |
|
32
|
+
proxy_http_version 1.1;
|
33
|
+
chunked_transfer_encoding off;
|
34
|
+
proxy_buffering off;
|
35
|
+
proxy_cache off;
|
36
|
+
```
|
37
|
+
* Add keepalive_timeout for nginx
|
38
|
+
|
13
39
|
## 2.4
|
14
40
|
Lots of modifications for ubuntu 20.04, which has python3 as a default
|
15
41
|
|
data/CODE_OF_CONDUCT.md
CHANGED
File without changes
|
data/Gemfile
CHANGED
File without changes
|
data/LICENSE.txt
CHANGED
File without changes
|
data/README.md
CHANGED
@@ -291,6 +291,10 @@ Configures nginx to look at localhost:9292 for the socket/backend connection. I
|
|
291
291
|
defaults are here, we'll probably add more:
|
292
292
|
|
293
293
|
client_max_body_size: 4G
|
294
|
+
ssl_force_redirect: true
|
295
|
+
default_server: true
|
296
|
+
keepalive_timeout: 10
|
297
|
+
extra_nginx_config: ""
|
294
298
|
|
295
299
|
Optional variables:
|
296
300
|
|
@@ -300,6 +304,12 @@ Optional variables:
|
|
300
304
|
nginx_proxy_read_timeout: Set [proxy_read_timeout](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_read_timeout). This is in seconds. You probably only want to change this if using rack-timeout (although I may be wrong). If using rack-timeout, it should be slightly higher than the rack-timeout timeout. I'm doing 5 seconds higher, but that was arbitrarily chosen.
|
301
305
|
|
302
306
|
ssl_force_redirect: redirect all HTTP traffic to HTTPS on the same host. Defaults to true and only applies if ssl_enabled is also true.
|
307
|
+
extra_nginx_config: anything else you want to configure in the main nginx config block, formatted like:
|
308
|
+
extra_nginx_config: |
|
309
|
+
proxy_http_version 1.1;
|
310
|
+
chunked_transfer_encoding off;
|
311
|
+
proxy_buffering off;
|
312
|
+
proxy_cache off;
|
303
313
|
|
304
314
|
## nodejs
|
305
315
|
|
@@ -348,8 +358,6 @@ Installs redis on the server.
|
|
348
358
|
# Change to * if you want tthis available everywhere.
|
349
359
|
redis_bind: 127.0.0.1
|
350
360
|
|
351
|
-
|
352
|
-
|
353
361
|
## ruby-common
|
354
362
|
|
355
363
|
Installs ruby on the machine. YOu can set a version by picking off the download url and sha hash from ruby-lang.org
|
data/Rakefile
CHANGED
File without changes
|
data/TODO
CHANGED
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -72,10 +72,6 @@
|
|
72
72
|
tags:
|
73
73
|
- maintenance
|
74
74
|
|
75
|
-
- name: Add ppa:ondrej/nginx apt repository for TLS 1.3
|
76
|
-
apt_repository:
|
77
|
-
repo: ppa:ondrej/nginx
|
78
|
-
|
79
75
|
- name: apt-get update
|
80
76
|
apt: update_cache=yes cache_valid_time=86400
|
81
77
|
become: true
|
@@ -83,6 +79,10 @@
|
|
83
79
|
- upgrade
|
84
80
|
- maintenance
|
85
81
|
|
82
|
+
- name: Add ppa:ondrej/nginx apt repository for TLS 1.3
|
83
|
+
apt_repository:
|
84
|
+
repo: ppa:ondrej/nginx
|
85
|
+
|
86
86
|
- name: /usr/lib/update-notifier/apt-check --human-readable
|
87
87
|
command: /usr/lib/update-notifier/apt-check --human-readable
|
88
88
|
tags:
|
@@ -129,7 +129,7 @@
|
|
129
129
|
shell:
|
130
130
|
cmd: |
|
131
131
|
sed -n "/$(date '+%Y-%m')/,+2p" updates.log | # Groups of lines from the current month
|
132
|
-
grep 'packages' | # Only lines matching 'packages'
|
132
|
+
grep 'packages\|immediately' | # Only lines matching 'packages' or 'immediately'
|
133
133
|
grep -P -o '(^\d+)' | #Extract the numbers at the beginning of the lines
|
134
134
|
awk '{s+=$1} END {print s}' # Sum all the lines
|
135
135
|
args:
|
@@ -158,6 +158,42 @@
|
|
158
158
|
- maintenance
|
159
159
|
- stats
|
160
160
|
|
161
|
+
- name: Get unattended security updates
|
162
|
+
shell:
|
163
|
+
cmd: cat /var/log/unattended-upgrades/unattended-upgrades.log | grep "Packages that will be upgraded:" | grep $(date '+%Y-%m') | cut -d " " -f 9- | wc -w
|
164
|
+
register: out
|
165
|
+
tags:
|
166
|
+
- maintenance
|
167
|
+
- stats
|
168
|
+
|
169
|
+
- name: get current date as month
|
170
|
+
shell:
|
171
|
+
cmd: date '+%Y-%m'
|
172
|
+
register: current_month
|
173
|
+
tags:
|
174
|
+
- maintenance
|
175
|
+
- stats
|
176
|
+
|
177
|
+
- name: Save unattended updates to /opt/subspace/updates.log
|
178
|
+
lineinfile:
|
179
|
+
path: /opt/subspace/updates.log
|
180
|
+
line: "[{{current_month.stdout}}]\n{{ out.stdout }} unattended security updates"
|
181
|
+
insertafter: EOF
|
182
|
+
create: yes
|
183
|
+
become: true
|
184
|
+
tags:
|
185
|
+
- maintenance
|
186
|
+
- stats
|
187
|
+
when: out.stdout != "0"
|
188
|
+
|
189
|
+
- name: Update unattended-upgrades.log
|
190
|
+
shell:
|
191
|
+
cmd: perl -i -pe 's/Packages that will be upgraded:/Packages already upgraded and logged in Subspace:/smg' /var/log/unattended-upgrades/unattended-upgrades.log
|
192
|
+
become: true
|
193
|
+
tags:
|
194
|
+
- maintenance
|
195
|
+
- stats
|
196
|
+
|
161
197
|
- name: Get os_security_upgrades stats
|
162
198
|
shell:
|
163
199
|
cmd: |
|
@@ -253,7 +289,7 @@
|
|
253
289
|
- maintenance
|
254
290
|
|
255
291
|
- name: Grab OS version
|
256
|
-
shell: uname
|
292
|
+
shell: uname -rv
|
257
293
|
register: stats_os_version
|
258
294
|
when: send_stats == true and stats_url is defined and stats_api_key is defined
|
259
295
|
tags:
|
File without changes
|
@@ -4,7 +4,7 @@ This server brought to you by:
|
|
4
4
|
\___ \| | | | '_ \___ \| '_ \ / _` |/ __/ _ \
|
5
5
|
___) | |_| | |_) |__) | |_) | (_| | (_| __/
|
6
6
|
|____/ \__,_|_.__/____/| .__/ \__,_|\___\___|
|
7
|
-
|_|
|
7
|
+
|_| v{{lookup('env', 'SUBSPACE_VERSION')}}
|
8
8
|
~~~ https://github.com/tenforwardconsulting/subspace ~~~
|
9
9
|
|
10
10
|
If you need to make configuration changes to the server, please modify the
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -44,7 +44,7 @@
|
|
44
44
|
- name: Run default
|
45
45
|
when: le_ssl_certs is not defined
|
46
46
|
become: true
|
47
|
-
command: "{{certbot_bin}} certonly --email {{letsencrypt_email}} --domains {{([server_name] + server_aliases) | join(',')}} --standalone --agree-tos --expand --non-interactive"
|
47
|
+
command: "{{certbot_bin}} certonly --email {{letsencrypt_email}} --domains {{([server_name] + server_aliases) | join(',')}} --cert-name {{server_name}} --standalone --agree-tos --expand --non-interactive"
|
48
48
|
|
49
49
|
- name: Generate SSL Certificates
|
50
50
|
become: true
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -5,11 +5,19 @@
|
|
5
5
|
dest: /etc/nginx/sites-available/{{project_name}}
|
6
6
|
become: true
|
7
7
|
|
8
|
-
- name: Enable the app
|
8
|
+
- name: Enable the non-ssl app
|
9
9
|
file:
|
10
10
|
src: /etc/nginx/sites-available/{{project_name}}
|
11
11
|
dest: /etc/nginx/sites-enabled/{{project_name}}
|
12
|
-
state:
|
12
|
+
state: link
|
13
|
+
when: ssl_enabled != true or nginx_ssl_config is not defined
|
14
|
+
become: true
|
15
|
+
|
16
|
+
- name: Disable the non-ssl app
|
17
|
+
file:
|
18
|
+
dest: /etc/nginx/sites-enabled/{{project_name}}
|
19
|
+
state: absent
|
20
|
+
when: (ssl_enabled and nginx_ssl_config is defined)
|
13
21
|
become: true
|
14
22
|
|
15
23
|
- name: create ssl nginx config for rails app
|
@@ -23,7 +31,15 @@
|
|
23
31
|
file:
|
24
32
|
src: /etc/nginx/sites-available/{{project_name}}-ssl
|
25
33
|
dest: /etc/nginx/sites-enabled/{{project_name}}-ssl
|
26
|
-
state:
|
34
|
+
state: link
|
35
|
+
when: (ssl_enabled and nginx_ssl_config is defined)
|
36
|
+
become: true
|
37
|
+
|
38
|
+
- name: Disable SSL configured app
|
39
|
+
file:
|
40
|
+
dest: /etc/nginx/sites-enabled/{{project_name}}-ssl
|
41
|
+
state: absent
|
42
|
+
when: ssl_enabled != true or nginx_ssl_config is not defined
|
27
43
|
become: true
|
28
44
|
|
29
45
|
- name: Enable a default server if one is not defined in the app
|
File without changes
|
@@ -15,6 +15,7 @@
|
|
15
15
|
{% if nginx_proxy_read_timeout is defined %}
|
16
16
|
proxy_read_timeout {{nginx_proxy_read_timeout}};
|
17
17
|
{% endif %}
|
18
|
+
{{ extra_nginx_config | indent( width=4 ) }}
|
18
19
|
}
|
19
20
|
|
20
21
|
{% if asset_cors_allow_origin is defined %}
|
@@ -29,5 +30,5 @@
|
|
29
30
|
root /opt/subspace;
|
30
31
|
}
|
31
32
|
client_max_body_size {{client_max_body_size}};
|
32
|
-
keepalive_timeout
|
33
|
+
keepalive_timeout {{keepalive_timeout}};
|
33
34
|
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -35,14 +35,49 @@
|
|
35
35
|
- db
|
36
36
|
- deps
|
37
37
|
|
38
|
-
- name: Install
|
38
|
+
- name: Install libpq-dev
|
39
39
|
when: ansible_os_family == 'Debian'
|
40
40
|
become: yes
|
41
41
|
apt:
|
42
|
-
name: "
|
42
|
+
name: "libpq-dev"
|
43
|
+
state: present
|
44
|
+
update_cache: yes
|
45
|
+
cache_valid_time: 3600
|
46
|
+
tags:
|
47
|
+
- postgresql
|
48
|
+
- db
|
49
|
+
- deps
|
50
|
+
|
51
|
+
- name: "Detect python3"
|
52
|
+
shell: "which python3"
|
53
|
+
register: is_python3
|
54
|
+
|
55
|
+
- name: Ensure pip is installed (python3)
|
56
|
+
when: is_python3 is succeeded
|
57
|
+
apt:
|
58
|
+
name: python3-pip
|
59
|
+
state: present
|
60
|
+
update_cache: yes
|
61
|
+
tags:
|
62
|
+
- postgresql
|
63
|
+
- db
|
64
|
+
- deps
|
65
|
+
|
66
|
+
- name: Install psycopg2 (python3)
|
67
|
+
when: is_python3 is succeeded
|
68
|
+
become: yes
|
69
|
+
command: "pip3 install psycopg2"
|
70
|
+
tags:
|
71
|
+
- postgresql
|
72
|
+
- db
|
73
|
+
- deps
|
74
|
+
|
75
|
+
- name: Install psycopg2 (python2)
|
76
|
+
when: is_python3 is failed
|
77
|
+
become: yes
|
78
|
+
apt:
|
79
|
+
name: python-psycopg2
|
43
80
|
state: latest
|
44
|
-
with_items:
|
45
|
-
- python-psycopg2
|
46
81
|
tags:
|
47
82
|
- postgresql
|
48
83
|
- db
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -87,12 +87,7 @@
|
|
87
87
|
ignore_errors: yes
|
88
88
|
|
89
89
|
- name: Install Bundler
|
90
|
-
gem
|
91
|
-
name: bundler
|
92
|
-
version: "{{ bundler_version }}"
|
93
|
-
state: present
|
94
|
-
user_install: no
|
95
|
-
executable: "{{ ruby_location }}/bin/gem"
|
90
|
+
shell: "{{ ruby_location }}/bin/gem install bundler -v {{ bundler_version }}"
|
96
91
|
become: true
|
97
92
|
|
98
93
|
- name: Make Ruby symlinks
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
data/lib/subspace.rb
CHANGED
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
data/lib/subspace/version.rb
CHANGED
data/subspace.gemspec
CHANGED
File without changes
|
data/template/provision.rb.erb
CHANGED
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: subspace
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.5.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Brian Samson
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-02-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -291,7 +291,7 @@ licenses:
|
|
291
291
|
- MIT
|
292
292
|
metadata:
|
293
293
|
allowed_push_host: https://rubygems.org
|
294
|
-
post_install_message:
|
294
|
+
post_install_message:
|
295
295
|
rdoc_options: []
|
296
296
|
require_paths:
|
297
297
|
- lib
|
@@ -306,8 +306,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
306
306
|
- !ruby/object:Gem::Version
|
307
307
|
version: '0'
|
308
308
|
requirements: []
|
309
|
-
rubygems_version: 3.
|
310
|
-
signing_key:
|
309
|
+
rubygems_version: 3.0.8
|
310
|
+
signing_key:
|
311
311
|
specification_version: 4
|
312
312
|
summary: Ansible-based server provisioning for rails projects
|
313
313
|
test_files: []
|