taperole 1.7.1 → 1.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -0
- data/README.md +4 -4
- data/Vagrantfile +2 -2
- data/lib/taperole/commands/ansible.rb +5 -1
- data/lib/taperole/core/ansible_runner.rb +12 -1
- data/lib/taperole/version.rb +1 -1
- data/roles/backend_checkout/tasks/main.yml +0 -6
- data/roles/backend_config/tasks/main.yml +0 -4
- data/roles/backend_install_essentials/tasks/main.yml +0 -7
- data/roles/database_load/defaults/main.yml +0 -1
- data/roles/database_load/tasks/db_reset.yml +8 -5
- data/roles/database_load/tasks/main.yml +0 -2
- data/roles/delayed_job/tasks/main.yml +0 -2
- data/roles/deployer_user/tasks/keys.yml +0 -7
- data/roles/dev_keys/tasks/main.yml +6 -0
- data/roles/frontend_deploy/tasks/main.yml +0 -9
- data/roles/general/tasks/main.yml +0 -3
- data/roles/imagemagick/tasks/main.yml +6 -0
- data/roles/nginx/tasks/main.yml +4 -12
- data/roles/ruby/tasks/apt_build_depends.yml +0 -4
- data/roles/ruby/tasks/main.yml +0 -20
- data/roles/sidekiq/tasks/main.yml +0 -2
- data/roles/unicorn_activate/tasks/main.yml +0 -4
- data/roles/whenever/tasks/main.yml +4 -0
- data/templates/base/deploy.example.yml +2 -1
- data/templates/base/omnibox.example.yml +3 -0
- data/vendor/ANXS.postgresql/meta/.galaxy_install_info +1 -1
- data/vendor/ANXS.postgresql/tasks/extensions/postgis.yml +1 -1
- data/vendor/ANXS.postgresql/tasks/install_yum.yml +1 -0
- data/vendor/ANXS.postgresql/templates/HOWTO.postgresql.conf +1 -0
- data/vendor/ANXS.postgresql/templates/etc_monit_conf.d_postgresql.j2 +1 -0
- data/vendor/ANXS.postgresql/templates/pg_hba.conf.j2 +1 -0
- data/vendor/ANXS.postgresql/templates/postgresql.conf-9.1.j2 +1 -0
- data/vendor/ANXS.postgresql/templates/postgresql.conf-9.1.orig +557 -0
- data/vendor/ANXS.postgresql/templates/postgresql.conf-9.2.j2 +1 -0
- data/vendor/ANXS.postgresql/templates/postgresql.conf-9.2.orig +574 -0
- data/vendor/ANXS.postgresql/templates/postgresql.conf-9.3.j2 +1 -0
- data/vendor/ANXS.postgresql/templates/postgresql.conf-9.3.orig +596 -0
- data/vendor/ANXS.postgresql/templates/postgresql.conf-9.4.j2 +1 -0
- data/vendor/ANXS.postgresql/templates/postgresql.conf-9.4.orig +614 -0
- data/vendor/ANXS.postgresql/templates/postgresql.conf-9.5.j2 +1 -0
- data/vendor/ANXS.postgresql/templates/postgresql.conf-9.5.orig +630 -0
- data/vendor/Stouts.backup/meta/.galaxy_install_info +1 -1
- data/vendor/geerlingguy.memcached/meta/.galaxy_install_info +1 -1
- data/vendor/jnv.unattended-upgrades/meta/.galaxy_install_info +1 -1
- data/vendor/lxhunter.apt/meta/.galaxy_install_info +1 -1
- data/vendor/tersmitten.htop/.gitignore +1 -0
- data/vendor/tersmitten.htop/.travis.yml +23 -18
- data/vendor/tersmitten.htop/README.md +1 -1
- data/vendor/tersmitten.htop/Vagrantfile +13 -21
- data/vendor/tersmitten.htop/defaults/main.yml +1 -1
- data/vendor/tersmitten.htop/handlers/main.yml +1 -1
- data/vendor/tersmitten.htop/meta/.galaxy_install_info +1 -1
- data/vendor/tersmitten.htop/meta/main.yml +13 -10
- data/vendor/tersmitten.htop/tasks/main.yml +19 -9
- data/vendor/tersmitten.htop/tests/test.yml +4 -3
- data/vendor/tersmitten.htop/tests/vagrant.yml +2 -2
- data/vendor/tersmitten.htop/vars/main.yml +3 -1
- metadata +10 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 04c8ed5420729d25e87791048c01bb0f682c444f
|
|
4
|
+
data.tar.gz: a0432626ee02d79e36669df0374905710b56c4af
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c74dee23fdb912f399a26fd1ad5002aaef27b9bb1c66cf9305c99514d9bc921c7d4589a2e88c0ab1e83a00e179802562d754c3d1857239ebdfb6b5b16d9e72e7
|
|
7
|
+
data.tar.gz: 7fb79c490b14c6c68f5b3a5f47866a1f3f23f45524bdc0007c36effc6ed530bf5a0bdd3ccd3edc2fe7e63ef9422e37455ef6d054b9a049cfaf4075da70d924fc
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,12 @@
|
|
|
1
|
+
### 1.8.0
|
|
2
|
+
* Updates to multiple Ansible galaxy roles
|
|
3
|
+
* Support for deploying a specific branch
|
|
4
|
+
* Adds support for the ruby gem whenever
|
|
5
|
+
* Remove all Ansible tags from roles
|
|
6
|
+
* Removes imagemagick as a default install on all rails servers
|
|
7
|
+
* Move deployment keys setup into a separate role that can be run on every deploy
|
|
8
|
+
* Only create dhparam if it does not already exist
|
|
9
|
+
|
|
1
10
|
### 1.6.0
|
|
2
11
|
* Added Hound
|
|
3
12
|
* Documentation Updates
|
data/README.md
CHANGED
|
@@ -124,15 +124,15 @@ You can specify a port using the `ansible_ssh_port` in your hosts inventory file
|
|
|
124
124
|
**Test Rails**
|
|
125
125
|
|
|
126
126
|
2. `docker build -f test/rails/Dockerfile -t tapetest .`
|
|
127
|
-
3. `docker run -i -t $(docker images -q
|
|
127
|
+
3. `docker run -i -t $(docker images -q tapetest) /start_rails.sh | grep "Hello"`
|
|
128
128
|
|
|
129
129
|
If the last command resulted in a `<h1>Hello</h1>` then your Rails application deployed successfully!
|
|
130
130
|
|
|
131
131
|
## Development
|
|
132
132
|
|
|
133
133
|
```sh
|
|
134
|
-
git clone git@github.com:smashingboxes/
|
|
135
|
-
cd
|
|
134
|
+
git clone git@github.com:smashingboxes/taperole.git
|
|
135
|
+
cd taperole
|
|
136
136
|
ansible-galaxy install -r requirements.yml --force
|
|
137
137
|
```
|
|
138
138
|
|
|
@@ -156,7 +156,7 @@ gem 'taperole', '~>1.7'
|
|
|
156
156
|
|
|
157
157
|
```
|
|
158
158
|
|
|
159
|
-
Note: You can also `$ gem install taperole` and not put Taperole in your
|
|
159
|
+
Note: You can also `$ gem install taperole` and not put Taperole in your
|
|
160
160
|
Gemfile.
|
|
161
161
|
|
|
162
162
|
During your first deploy, your app will not have a `secrets.yml` file configured, and Tape will prompt you to provide one:
|
data/Vagrantfile
CHANGED
|
@@ -6,10 +6,10 @@ Vagrant.configure 2 do |config|
|
|
|
6
6
|
|
|
7
7
|
name = %x[basename `git rev-parse --show-toplevel`].chomp.gsub(/[^0-9a-z ]/i, '')
|
|
8
8
|
config.vm.define "#{name}_vagrant_box"
|
|
9
|
-
config.vm.hostname =
|
|
9
|
+
config.vm.hostname = name
|
|
10
10
|
|
|
11
11
|
private_ip = "192.168.13.37"
|
|
12
|
-
config.vm.network(:private_network, :
|
|
12
|
+
config.vm.network(:private_network, ip: private_ip)
|
|
13
13
|
|
|
14
14
|
config.vm.network 'forwarded_port', guest: 443, host: 8080
|
|
15
15
|
config.vm.network 'private_network', type: 'dhcp'
|
|
@@ -32,6 +32,10 @@ module Taperole
|
|
|
32
32
|
aliases: :r,
|
|
33
33
|
type: :string,
|
|
34
34
|
desc: 'Name of the role to operate on'
|
|
35
|
+
class_option :extras,
|
|
36
|
+
aliases: :e,
|
|
37
|
+
type: :string,
|
|
38
|
+
desc: 'Extra variables to be passed into ansible'
|
|
35
39
|
|
|
36
40
|
class_option :'ask-vault-pass', type: :boolean, desc: 'Ask for Ansible vault password'
|
|
37
41
|
|
|
@@ -49,7 +53,7 @@ module Taperole
|
|
|
49
53
|
desc 'deploy', 'Deploy the latest version of the app'
|
|
50
54
|
def deploy
|
|
51
55
|
Taperole::Notifier.register_notifiers(options)
|
|
52
|
-
ansible_deploy(
|
|
56
|
+
ansible_deploy(options: options)
|
|
53
57
|
end
|
|
54
58
|
end
|
|
55
59
|
end
|
|
@@ -47,7 +47,7 @@ module Taperole
|
|
|
47
47
|
enforce_roles_path!
|
|
48
48
|
cmd = "ANSIBLE_CONFIG=#{local_dir}/.tape/ansible.cfg ansible-playbook -i"
|
|
49
49
|
cmd += " #{inventory_file(options)} #{playbook} #{args} #{hosts_flag(options)}"
|
|
50
|
-
cmd += " -e
|
|
50
|
+
cmd += " -e \"#{extra_vars(options)}\""
|
|
51
51
|
cmd += ' --ask-vault-pass' if options['ask-vault-pass']
|
|
52
52
|
cmd += ' -vvvv' if options[:verbose]
|
|
53
53
|
cmd += " -t #{options[:tags]}" if options[:tags]
|
|
@@ -74,6 +74,17 @@ module Taperole
|
|
|
74
74
|
end
|
|
75
75
|
end
|
|
76
76
|
|
|
77
|
+
def extra_vars(options)
|
|
78
|
+
base_vars = "tape_dir=#{tape_dir}"
|
|
79
|
+
extra_vars = options[:extras]
|
|
80
|
+
|
|
81
|
+
if extra_vars
|
|
82
|
+
base_vars + " " + extra_vars
|
|
83
|
+
else
|
|
84
|
+
base_vars
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
|
|
77
88
|
def hosts_flag(options)
|
|
78
89
|
limit = options[:limit]
|
|
79
90
|
"-l #{limit}" if limit
|
data/lib/taperole/version.rb
CHANGED
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
- name: Check if path exists
|
|
2
2
|
stat: path={{ be_app_path }}
|
|
3
3
|
register: be_app_path_stat
|
|
4
|
-
tags: [be_deploy]
|
|
5
4
|
|
|
6
5
|
- name: Check if there are commited changes on {{ be_app_branch }}
|
|
7
6
|
remote_user: "{{ deployer_user.name }}"
|
|
@@ -10,12 +9,10 @@
|
|
|
10
9
|
chdir: "{{be_app_path}}"
|
|
11
10
|
register: changes_on_remote
|
|
12
11
|
when: be_app_path_stat.stat.exists
|
|
13
|
-
tags: [be_deploy]
|
|
14
12
|
|
|
15
13
|
- name: Inform User if there are no changes
|
|
16
14
|
debug: msg={{no_changes_found_error.split('\n')}}
|
|
17
15
|
when: be_app_path_stat.stat.exists and changes_on_remote.stdout_lines == []
|
|
18
|
-
tags: [be_deploy]
|
|
19
16
|
|
|
20
17
|
- name: Check out application
|
|
21
18
|
sudo: false
|
|
@@ -26,7 +23,6 @@
|
|
|
26
23
|
accept_hostkey=true
|
|
27
24
|
force=yes
|
|
28
25
|
register: app_checkout
|
|
29
|
-
tags: [be_deploy]
|
|
30
26
|
|
|
31
27
|
- name: check that secrets is ignored
|
|
32
28
|
shell: cat {{ be_app_path }}/.gitignore | grep {{ item }}
|
|
@@ -34,9 +30,7 @@
|
|
|
34
30
|
- config/secrets.yml
|
|
35
31
|
register: secrets_ignore_check
|
|
36
32
|
ignore_errors: true
|
|
37
|
-
tags: [be_deploy]
|
|
38
33
|
|
|
39
34
|
- name: ignore secrets
|
|
40
35
|
shell: /bin/bash -c 'echo "config/secrets.yml" > {{ be_app_path }}/.git/info/exclude'
|
|
41
36
|
when: secrets_ignore_check|failed
|
|
42
|
-
tags: [be_deploy]
|
|
@@ -8,17 +8,14 @@
|
|
|
8
8
|
command: chdir={{ be_app_path }}
|
|
9
9
|
bash -lc "RAILS_ENV={{be_app_env}} bundle install
|
|
10
10
|
--without test development --no-binstubs --deployment"
|
|
11
|
-
tags: [be_deploy, bundle]
|
|
12
11
|
|
|
13
12
|
- name: Ensure secrets.yml file present
|
|
14
13
|
stat: path={{ be_app_path }}/config/secrets.yml
|
|
15
14
|
register: secrets_file
|
|
16
|
-
tags: [be_deploy]
|
|
17
15
|
|
|
18
16
|
- name: Ask for secrets.yml
|
|
19
17
|
debug: msg="You've got to upload secrets.yml to {{be_app_path}}/config to continue"
|
|
20
18
|
when: secrets_file.stat.exists != true
|
|
21
|
-
tags: [be_deploy]
|
|
22
19
|
|
|
23
20
|
- name: Wait one day for secrets.yml to get put on the server
|
|
24
21
|
wait_for: path={{be_app_path}}/config/secrets.yml state=present timeout=86400
|
|
@@ -28,5 +25,4 @@
|
|
|
28
25
|
remote_user: "{{ deployer_user.name }}"
|
|
29
26
|
command: chdir={{ be_app_path }}
|
|
30
27
|
bash -lc "bundle exec rake assets:precompile RAILS_ENV={{be_app_env}}"
|
|
31
|
-
tags: [precompile_assets,be_deploy]
|
|
32
28
|
when: precompile_assets
|
|
@@ -3,13 +3,6 @@
|
|
|
3
3
|
dest=/etc/gemrc
|
|
4
4
|
mode=u=rw,g=r,o=r
|
|
5
5
|
|
|
6
|
-
- name: Install imagemagick
|
|
7
|
-
apt: name={{ item }} state=present
|
|
8
|
-
with_items:
|
|
9
|
-
- imagemagick
|
|
10
|
-
- libmagickcore-dev
|
|
11
|
-
- libmagickwand-dev
|
|
12
|
-
|
|
13
6
|
- name: Register monit memcached config files
|
|
14
7
|
template: src=memcached.j2
|
|
15
8
|
dest=/etc/monit/conf.d/memcached
|
|
@@ -1,14 +1,17 @@
|
|
|
1
|
-
- name:
|
|
2
|
-
|
|
1
|
+
- name: Confirm Reset
|
|
2
|
+
pause: prompt='About to destroy and reseed the database. Press any key to continue or Ctrl+c and then "a" to abort'
|
|
3
|
+
|
|
4
|
+
- name: Stop all Services
|
|
5
|
+
command: bash -lc "sudo monit stop all"
|
|
3
6
|
|
|
4
7
|
- name: Reset DB
|
|
5
8
|
command: chdir={{ be_app_path }}
|
|
6
|
-
bash -lc "bundle exec rake db:drop db:
|
|
9
|
+
bash -lc "bundle exec rake db:drop db:setup RAILS_ENV={{be_app_env}}"
|
|
7
10
|
register: db_reset
|
|
8
11
|
|
|
9
12
|
- name: DB Reset Failed
|
|
10
13
|
fail: msg="{{db_reset.stderr}}"
|
|
11
14
|
when: db_reset.stderr
|
|
12
15
|
|
|
13
|
-
- name:
|
|
14
|
-
command: bash -lc "monit start all"
|
|
16
|
+
- name: Restart Services
|
|
17
|
+
command: bash -lc "sudo monit start all"
|
|
@@ -1,12 +1,10 @@
|
|
|
1
1
|
- include: db_reset.yml
|
|
2
2
|
when: force_db_reset is defined and force_db_reset
|
|
3
|
-
tags: [db_reset]
|
|
4
3
|
|
|
5
4
|
- name: Migrate DB
|
|
6
5
|
remote_user: "{{ deployer_user.name }}"
|
|
7
6
|
command: chdir={{ be_app_path }}
|
|
8
7
|
bash -lc "bundle exec rake db:migrate RAILS_ENV={{be_app_env}}"
|
|
9
|
-
tags: [be_deploy,migrate,db_reset]
|
|
10
8
|
when: (app_checkout is defined and app_checkout.changed)
|
|
11
9
|
or rake.force_migrate
|
|
12
10
|
or (db_reset is defined and db_reset.changed)
|
|
@@ -1,9 +1,7 @@
|
|
|
1
1
|
- name: Stop Delayed Job
|
|
2
2
|
remote_user: "{{ deployer_user.name }}"
|
|
3
3
|
command: bash -lc "cd {{be_app_path}} && RAILS_ENV={{be_app_env}} bin/delayed_job stop -n {{dj_runners}}"
|
|
4
|
-
tags: [be_deploy]
|
|
5
4
|
|
|
6
5
|
- name: Start Delayed Job
|
|
7
6
|
remote_user: "{{ deployer_user.name }}"
|
|
8
7
|
command: bash -lc "cd {{be_app_path}} && RAILS_ENV={{be_app_env}} bin/delayed_job start -n {{dj_runners}}"
|
|
9
|
-
tags: [be_deploy]
|
|
@@ -14,10 +14,3 @@
|
|
|
14
14
|
owner={{ deployer_user.name }}
|
|
15
15
|
group=users
|
|
16
16
|
mode=600
|
|
17
|
-
|
|
18
|
-
- name: Ensure devs keys are present
|
|
19
|
-
authorized_key: key="{{ lookup('file', item) }}"
|
|
20
|
-
user={{ deployer_user.name }}
|
|
21
|
-
state=present
|
|
22
|
-
with_fileglob:
|
|
23
|
-
- "{{ playbook_dir }}/../dev_keys/*"
|
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
- name: Check if path exists
|
|
2
2
|
stat: path={{ fe_app_path }}
|
|
3
3
|
register: fe_app_path_stat
|
|
4
|
-
tags: [fe_deploy]
|
|
5
4
|
|
|
6
5
|
- name: Check if there are commited changes on {{ fe_app_branch }}
|
|
7
6
|
remote_user: "{{ deployer_user.name }}"
|
|
@@ -10,12 +9,10 @@
|
|
|
10
9
|
chdir: "{{fe_app_path}}"
|
|
11
10
|
register: changes_on_remote
|
|
12
11
|
when: fe_app_path_stat.stat.exists
|
|
13
|
-
tags: [fe_deploy]
|
|
14
12
|
|
|
15
13
|
- name: Inform User if there are no changes
|
|
16
14
|
debug: msg={{no_changes_found_error.split('\n')}}
|
|
17
15
|
when: fe_app_path_stat.stat.exists and changes_on_remote.stdout_lines == []
|
|
18
|
-
tags: [fe_deploy]
|
|
19
16
|
|
|
20
17
|
- name: clone the FE app
|
|
21
18
|
when: fe_app_repo is defined
|
|
@@ -25,39 +22,33 @@
|
|
|
25
22
|
version={{ fe_app_branch }}
|
|
26
23
|
accept_hostkey=true
|
|
27
24
|
force=yes
|
|
28
|
-
tags: [fe_deploy]
|
|
29
25
|
|
|
30
26
|
- name: Detect package.json
|
|
31
27
|
command: chdir={{ fe_app_path }}
|
|
32
28
|
bash -lc 'test -e package.json'
|
|
33
29
|
register: npm_result
|
|
34
30
|
ignore_errors: true
|
|
35
|
-
tags: [fe_deploy]
|
|
36
31
|
|
|
37
32
|
- name: NPM install
|
|
38
33
|
when: fe_app_repo is defined and npm_result|success
|
|
39
34
|
remote_user: "{{ deployer_user.name }}"
|
|
40
35
|
command: chdir={{ fe_app_path }}
|
|
41
36
|
bash -lc 'npm install'
|
|
42
|
-
tags: [fe_deploy]
|
|
43
37
|
|
|
44
38
|
- name: Detect bower.json
|
|
45
39
|
command: chdir={{ fe_app_path }}
|
|
46
40
|
bash -lc 'test -e bower.json'
|
|
47
41
|
register: bower_result
|
|
48
42
|
ignore_errors: true
|
|
49
|
-
tags: [fe_deploy]
|
|
50
43
|
|
|
51
44
|
- name: Bower install
|
|
52
45
|
when: fe_app_repo is defined and bower_result|success
|
|
53
46
|
remote_user: "{{ deployer_user.name }}"
|
|
54
47
|
command: chdir={{ fe_app_path }}
|
|
55
48
|
bash -lc 'bower install'
|
|
56
|
-
tags: [fe_deploy]
|
|
57
49
|
|
|
58
50
|
- name: Build FE
|
|
59
51
|
when: fe_app_repo is defined
|
|
60
52
|
remote_user: "{{ deployer_user.name }}"
|
|
61
53
|
command: chdir={{ fe_app_path }}
|
|
62
54
|
bash -lc '{{ fe_build_command }}'
|
|
63
|
-
tags: [fe_deploy]
|
|
@@ -1,16 +1,13 @@
|
|
|
1
1
|
- name: Ensure repo is defined
|
|
2
2
|
fail: msg="App Repo is not defined. Please define it in {{ tapefiles_dir }}/tape_vars.yml"
|
|
3
3
|
when: (be_app_repo is undefined or be_app_repo is none) and (fe_app_repo is undefined or fe_app_repo is none)
|
|
4
|
-
tags: [be_deploy]
|
|
5
4
|
|
|
6
5
|
- name: Ensure app name is defined
|
|
7
6
|
fail: msg="app_name is not defined. Please define it in {{ tapefiles_dir }}/tape_vars.yml"
|
|
8
7
|
when: app_name is undefined or app_name is none
|
|
9
|
-
tags: [be_deploy]
|
|
10
8
|
|
|
11
9
|
- name: apt-get update upgrade
|
|
12
10
|
apt: update_cache=yes upgrade=safe
|
|
13
|
-
tags: [update, upgrade]
|
|
14
11
|
|
|
15
12
|
- include: basic_packages.yml
|
|
16
13
|
- include: swapfile.yml
|
data/roles/nginx/tasks/main.yml
CHANGED
|
@@ -1,35 +1,29 @@
|
|
|
1
1
|
- name: Enable nginx PPA
|
|
2
2
|
apt_repository: repo=ppa:nginx/stable
|
|
3
|
-
tags: [nginx]
|
|
4
3
|
|
|
5
4
|
- name: Install nginx
|
|
6
5
|
apt: name=nginx state=present
|
|
7
|
-
tags: [nginx]
|
|
8
6
|
|
|
9
7
|
- name: Ditch default nginx site enabled
|
|
10
8
|
file: path=/etc/nginx/sites-enabled/default state=absent
|
|
11
|
-
tags: [nginx]
|
|
12
9
|
|
|
13
10
|
- name: Create /etc/nginx/ssl
|
|
14
11
|
file: path=/etc/nginx/ssl state=directory
|
|
15
|
-
tags: [nginx]
|
|
16
12
|
|
|
17
13
|
- name: Create self signed SSL cert/key
|
|
18
14
|
command: bash -lc "openssl req -x509 -sha256 -nodes -newkey rsa:2048 -keyout self-signed.key -out self-signed.crt -subj '/CN=localhost'"
|
|
19
15
|
args:
|
|
20
16
|
chdir: /etc/nginx/ssl
|
|
21
17
|
creates: /etc/nginx/ssl/self-signed.*
|
|
22
|
-
|
|
18
|
+
|
|
19
|
+
- stat: path=/etc/nginx/ssl/dhparam.pem
|
|
20
|
+
register: dhparam
|
|
23
21
|
|
|
24
22
|
- name: Create Diffie Hellman Ephemeral Parameters (this will take some time)
|
|
25
|
-
command: bash -lc "openssl dhparam -out dhparam.pem 2048" creates=/etc/nginx/ssl/dhparam.pem
|
|
26
|
-
args:
|
|
27
|
-
chdir: /etc/nginx/ssl
|
|
28
|
-
tags: [nginx]
|
|
23
|
+
command: bash -lc "openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048" creates=/etc/nginx/ssl/dhparam.pem
|
|
29
24
|
|
|
30
25
|
- name: Configure App nginx
|
|
31
26
|
template: src=nginx_unicorn.j2 dest=/etc/nginx/sites-enabled/{{ app_name }}
|
|
32
|
-
tags: [nginx]
|
|
33
27
|
|
|
34
28
|
- name: Install monit nginx config
|
|
35
29
|
file: src=/etc/monit/conf-available/nginx dest=/etc/monit/conf-enabled/nginx owner=root group=root state=link
|
|
@@ -41,9 +35,7 @@
|
|
|
41
35
|
|
|
42
36
|
- name: Stop nginx
|
|
43
37
|
service: name=nginx state=stopped
|
|
44
|
-
tags: [restart_nginx]
|
|
45
38
|
|
|
46
39
|
- name: Start nginx
|
|
47
40
|
remote_user: "{{ deployer_user.name }}"
|
|
48
41
|
command: bash -lc "sudo monit start nginx"
|
|
49
|
-
tags: [restart_nginx]
|
|
@@ -1,8 +1,6 @@
|
|
|
1
1
|
- name: update apt cache
|
|
2
2
|
apt: update_cache=yes
|
|
3
3
|
become: true
|
|
4
|
-
tags:
|
|
5
|
-
- rbenv
|
|
6
4
|
|
|
7
5
|
- name: install build depends
|
|
8
6
|
apt: pkg={{ item }} state=present install_recommends=no
|
|
@@ -17,5 +15,3 @@
|
|
|
17
15
|
- libxslt1-dev
|
|
18
16
|
- zlib1g-dev
|
|
19
17
|
become: true
|
|
20
|
-
tags:
|
|
21
|
-
- rbenv
|
data/roles/ruby/tasks/main.yml
CHANGED
|
@@ -17,15 +17,11 @@
|
|
|
17
17
|
accept_hostkey=yes
|
|
18
18
|
force=yes
|
|
19
19
|
when: rbenv.env == "system"
|
|
20
|
-
tags:
|
|
21
|
-
- rbenv
|
|
22
20
|
|
|
23
21
|
- name: create plugins directory for system
|
|
24
22
|
remote_user: '{{ rbenv_owner }}'
|
|
25
23
|
file: state=directory path={{ rbenv_root }}/plugins
|
|
26
24
|
when: rbenv.env == "system"
|
|
27
|
-
tags:
|
|
28
|
-
- rbenv
|
|
29
25
|
|
|
30
26
|
- name: install plugins for system
|
|
31
27
|
remote_user: '{{ rbenv_owner }}'
|
|
@@ -34,8 +30,6 @@
|
|
|
34
30
|
dest={{ rbenv_root }}/plugins/ruby-build
|
|
35
31
|
accept_hostkey=yes
|
|
36
32
|
force=yes
|
|
37
|
-
tags:
|
|
38
|
-
- rbenv
|
|
39
33
|
|
|
40
34
|
- name: Set group ownership of content under rbenv_root
|
|
41
35
|
shell:
|
|
@@ -50,8 +44,6 @@
|
|
|
50
44
|
- rbenv_group != None
|
|
51
45
|
register: rbenv_chgrp
|
|
52
46
|
changed_when: '"changed group" in rbenv_chgrp.stdout'
|
|
53
|
-
tags:
|
|
54
|
-
- rbenv
|
|
55
47
|
|
|
56
48
|
- name: Set group permissions of content under rbenv_root
|
|
57
49
|
shell:
|
|
@@ -65,15 +57,11 @@
|
|
|
65
57
|
- rbenv_group != None
|
|
66
58
|
register: rbenv_chmod
|
|
67
59
|
changed_when: '"changed from" in rbenv_chmod.stdout'
|
|
68
|
-
tags:
|
|
69
|
-
- rbenv
|
|
70
60
|
|
|
71
61
|
- name: add rbenv initialization to profile system-wide
|
|
72
62
|
template: src=rbenv.sh.j2 dest=/etc/profile.d/rbenv.sh owner=root group=root mode=0755
|
|
73
63
|
when:
|
|
74
64
|
- ansible_os_family != 'OpenBSD'
|
|
75
|
-
tags:
|
|
76
|
-
- rbenv
|
|
77
65
|
|
|
78
66
|
- name: check ruby {{ rbenv.ruby_version }} installed for system
|
|
79
67
|
shell: $SHELL -lc "rbenv versions | grep {{ rbenv.ruby_version }}"
|
|
@@ -82,16 +70,12 @@
|
|
|
82
70
|
ignore_errors: yes
|
|
83
71
|
always_run: yes
|
|
84
72
|
when: rbenv.env == "system"
|
|
85
|
-
tags:
|
|
86
|
-
- rbenv
|
|
87
73
|
|
|
88
74
|
- name: install ruby {{ rbenv.ruby_version }} for system
|
|
89
75
|
shell: bash -lc "rbenv install {{ rbenv.ruby_version }}"
|
|
90
76
|
when:
|
|
91
77
|
- rbenv.env == "system"
|
|
92
78
|
- ruby_installed.rc != 0
|
|
93
|
-
tags:
|
|
94
|
-
- rbenv
|
|
95
79
|
|
|
96
80
|
- name: check if current system ruby version is {{ rbenv.ruby_version }}
|
|
97
81
|
shell: $SHELL -lc "rbenv version | cut -d ' ' -f 1 | grep -Fx '{{ rbenv.ruby_version }}'"
|
|
@@ -100,13 +84,9 @@
|
|
|
100
84
|
ignore_errors: yes
|
|
101
85
|
always_run: yes
|
|
102
86
|
when: rbenv.env == "system"
|
|
103
|
-
tags:
|
|
104
|
-
- rbenv
|
|
105
87
|
|
|
106
88
|
- name: set ruby {{ rbenv.ruby_version }} for system
|
|
107
89
|
shell: bash -lc "rbenv global {{ rbenv.ruby_version }} && rbenv rehash"
|
|
108
90
|
when:
|
|
109
91
|
- rbenv.env == "system"
|
|
110
92
|
- ruby_selected.rc != 0
|
|
111
|
-
tags:
|
|
112
|
-
- rbenv
|
|
@@ -11,9 +11,7 @@
|
|
|
11
11
|
- name: Stop sidekiq
|
|
12
12
|
remote_user: "{{deployer_user.name}}"
|
|
13
13
|
command: bash -lc "sudo monit stop sidekiq"
|
|
14
|
-
tags: [be_deploy, unicorn_stop]
|
|
15
14
|
|
|
16
15
|
- name: Start sidekiq
|
|
17
16
|
remote_user: "{{deployer_user.name}}"
|
|
18
17
|
command: bash -lc "sudo monit start sidekiq"
|
|
19
|
-
tags: [be_deploy, unicorn_start]
|
|
@@ -2,19 +2,15 @@
|
|
|
2
2
|
remote_user: "{{ deployer_user.name }}"
|
|
3
3
|
command: bash -lc "sudo monit restart unicorn"
|
|
4
4
|
when: kill_unicorn
|
|
5
|
-
tags: [unicorn_stop]
|
|
6
5
|
|
|
7
6
|
- name: Force stop unicorn
|
|
8
7
|
remote_user: "{{ deployer_user.name }}"
|
|
9
8
|
command: bash -lc "service unicorn_{{ app_name }} stop"
|
|
10
9
|
when: kill_unicorn
|
|
11
|
-
tags: [unicorn_force_stop]
|
|
12
10
|
|
|
13
11
|
- name: Ensure tmp dir present for unicorn pids
|
|
14
12
|
file: state=directory path={{be_app_path}}/tmp/unicorn owner={{ deployer_user.name }}
|
|
15
|
-
tags: [be_deploy]
|
|
16
13
|
|
|
17
14
|
- name: Restart Unicorn
|
|
18
15
|
remote_user: "{{ deployer_user.name }}"
|
|
19
16
|
command: bash -lc "sudo monit restart unicorn"
|
|
20
|
-
tags: [unicorn_restart,be_deploy]
|
|
@@ -25,6 +25,7 @@
|
|
|
25
25
|
- general
|
|
26
26
|
- ufw
|
|
27
27
|
- deployer_user
|
|
28
|
+
- dev_keys
|
|
28
29
|
- monit_install
|
|
29
30
|
- postgres
|
|
30
31
|
- nginx
|
|
@@ -37,6 +38,8 @@
|
|
|
37
38
|
- unicorn_activate
|
|
38
39
|
- frontend_deploy
|
|
39
40
|
# - delayed_job
|
|
41
|
+
# - whenever
|
|
40
42
|
# - sidekiq
|
|
41
43
|
# - redis
|
|
44
|
+
# - imagemagick
|
|
42
45
|
- monit_activate # Run Last
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{install_date: '
|
|
1
|
+
{install_date: 'Thu Jan 5 14:34:14 2017', version: v1.6.2}
|
|
@@ -9,6 +9,6 @@
|
|
|
9
9
|
with_items:
|
|
10
10
|
- libgeos-c1
|
|
11
11
|
- "postgresql-{{postgresql_version}}-postgis-{{postgresql_ext_postgis_version}}"
|
|
12
|
-
- "postgresql-{{postgresql_version}}-postgis-
|
|
12
|
+
- "postgresql-{{postgresql_version}}-postgis-scripts"
|
|
13
13
|
notify:
|
|
14
14
|
- restart postgresql
|