subspace 3.0.0 → 3.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -1
- data/ansible/roles/delayed_job/templates/delayed-job-systemd.service +2 -2
- data/ansible/roles/nginx/tasks/main.yml +6 -0
- data/ansible/roles/rails/tasks/main.yml +0 -17
- data/ansible/roles/redis/tasks/main.yml +7 -0
- data/ansible/roles/tailscale/tasks/main.yml +10 -3
- data/lib/subspace/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6ad6288b03639fd9b79a3fb69e14c32f952d8c816f3ea00c55f78eb360855408
|
4
|
+
data.tar.gz: 5b8eb9d18bd3e43cd17c0142eee6137748536e03566ccdd172109212ab96b9d3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6e4b42e4a10031f9fe0078e4453709578f31be3cb5208ac691cf9f46737111b0949c979affb6153245e95fdb94fedb996ad271154366377d60d772c658d46f64
|
7
|
+
data.tar.gz: e5de029bbf3f4ee9ba1590925ef2294f24eab635e5b6a922519f11c5730afd2344a9b855e2d3dea5d41e78e4c91a1fdcad26488f75ed9360d45e92e4a1c1f96d
|
data/CHANGELOG.md
CHANGED
@@ -12,7 +12,11 @@ This project attempts to follow [semantic versioning](https://semver.org/).
|
|
12
12
|
|
13
13
|
## Unreleased
|
14
14
|
|
15
|
-
## 3.0.
|
15
|
+
## 3.0.1
|
16
|
+
* Add maintenance tag to tailscale commands
|
17
|
+
* Only run tailscale up if forcing reauth
|
18
|
+
|
19
|
+
## 3.0.0.rc2
|
16
20
|
* Install redis from vendor repos (BREAKING, see README)
|
17
21
|
* Removed outdated awscli role
|
18
22
|
* Added `subspace secrets rekey` to generate and rekey ansible-vault secrets
|
@@ -3,7 +3,7 @@ Description=Start delayed_job_{{job_queue}}{{loop_index}} instance
|
|
3
3
|
After=syslog.target network.target
|
4
4
|
|
5
5
|
[Service]
|
6
|
-
Type=
|
6
|
+
Type=forking
|
7
7
|
|
8
8
|
# Uncomment this if you are going to use this as a system service
|
9
9
|
# if using as a user service then leave commented out, or you will get an error trying to start the service
|
@@ -18,7 +18,7 @@ WorkingDirectory=/u/apps/{{project_name}}/current
|
|
18
18
|
ExecStart=/usr/local/bin/bundle exec {{delayed_job_command}} --identifier={{job_queue}}{{loop_index}} --queue={{job_queue}} start
|
19
19
|
ExecStop=/usr/local/bin/bundle exec {{delayed_job_command}} --identifier={{job_queue}}{{loop_index}} --queue={{job_queue}} stop
|
20
20
|
TimeoutSec=120
|
21
|
-
PIDFile=/u/apps/{{project_name}}/shared/tmp/pids/
|
21
|
+
PIDFile=/u/apps/{{project_name}}/shared/tmp/pids/delayed_job.{{job_queue}}{{loop_index}}.pid
|
22
22
|
|
23
23
|
# if we crash, restart
|
24
24
|
RestartSec=1
|
@@ -2,6 +2,12 @@
|
|
2
2
|
apt: pkg=nginx state=latest
|
3
3
|
become: true
|
4
4
|
|
5
|
+
- name: Disable Server tokens
|
6
|
+
lineinfile:
|
7
|
+
path: /etc/nginx/nginx.conf
|
8
|
+
regexp: '# server_tokens off'
|
9
|
+
line: "\tserver_tokens off;"
|
10
|
+
|
5
11
|
- name: Remove the default app
|
6
12
|
file:
|
7
13
|
path: /etc/nginx/sites-enabled/default
|
@@ -44,23 +44,6 @@
|
|
44
44
|
owner: "{{deploy_user}}"
|
45
45
|
become: true
|
46
46
|
|
47
|
-
- name: Create application.yml (legacy)
|
48
|
-
when: appyml is defined
|
49
|
-
template:
|
50
|
-
src: application.yml
|
51
|
-
dest: /u/apps/{{project_name}}/shared/config/application.yml
|
52
|
-
owner: "{{deploy_user}}"
|
53
|
-
become: true
|
54
|
-
tags:
|
55
|
-
- appyml
|
56
|
-
|
57
|
-
- debug:
|
58
|
-
msg: "Warning: Using legacy appyml for variable configuration. Consider switching to application.yml.template"
|
59
|
-
verbosity: 0
|
60
|
-
when: appyml is defined
|
61
|
-
tags:
|
62
|
-
- appyml
|
63
|
-
|
64
47
|
- name: Create application.yml
|
65
48
|
when: appyml is not defined
|
66
49
|
template:
|
@@ -32,6 +32,13 @@
|
|
32
32
|
line: 'bind {{redis_bind}}'
|
33
33
|
state: present
|
34
34
|
|
35
|
+
- name: Disable protected-mode
|
36
|
+
become: true
|
37
|
+
lineinfile:
|
38
|
+
name: /etc/redis/redis.conf
|
39
|
+
regexp: '^protected-mode yes'
|
40
|
+
line: 'protected-mode no'
|
41
|
+
|
35
42
|
- name: restart redis
|
36
43
|
become: true
|
37
44
|
systemd:
|
@@ -4,19 +4,26 @@
|
|
4
4
|
apt_key:
|
5
5
|
url: https://pkgs.tailscale.com/stable/ubuntu/{{ansible_distribution_release}}.gpg
|
6
6
|
state: present
|
7
|
+
tags:
|
8
|
+
- maintenance
|
7
9
|
|
8
10
|
- name: "Add Tailscale apt repos"
|
9
11
|
become: true
|
10
12
|
apt_repository:
|
11
13
|
repo: "deb https://pkgs.tailscale.com/stable/ubuntu {{ansible_distribution_release}} main"
|
12
14
|
state: present
|
15
|
+
tags:
|
16
|
+
- maintenance
|
13
17
|
|
14
|
-
- name: "Install tailscale from
|
18
|
+
- name: "Install tailscale from apt"
|
15
19
|
apt:
|
16
20
|
name: tailscale
|
17
21
|
state: latest
|
18
22
|
update_cache: yes
|
23
|
+
tags:
|
24
|
+
- maintenance
|
19
25
|
|
20
|
-
- name: "Join the tailnet"
|
26
|
+
- name: "Join the tailnet and force reauth"
|
21
27
|
become: true
|
22
|
-
command: tailscale up --ssh --auth-key={{tailscale_auth_key}} --hostname={{project_name}}-{{hostname}} --accept-risk=lose-ssh {{tailscale_options}}
|
28
|
+
command: tailscale up --ssh --auth-key={{tailscale_auth_key}} --hostname={{project_name}}-{{hostname}} --accept-risk=lose-ssh {{tailscale_options}} --force-reauth
|
29
|
+
tags: [ 'never', 'tailscale_reauth' ]
|
data/lib/subspace/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: subspace
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.0.
|
4
|
+
version: 3.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Brian Samson
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-05-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -313,7 +313,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
313
313
|
- !ruby/object:Gem::Version
|
314
314
|
version: '0'
|
315
315
|
requirements: []
|
316
|
-
rubygems_version: 3.
|
316
|
+
rubygems_version: 3.4.13
|
317
317
|
signing_key:
|
318
318
|
specification_version: 4
|
319
319
|
summary: Ansible-based server provisioning for rails projects
|