Refine and test Ansible via Vagrant to ensure it has full parity with the previous deploy scripts.
This commit is contained in:
Buster Silver
parent
2536c73e50
commit
efbba6b3a0
|
|
@ -20,4 +20,5 @@ app/models/Proxy/*.php
|
|||
app/.env
|
||||
|
||||
# Composer-generated content
|
||||
/vendor/
|
||||
/vendor/
|
||||
ansible/
|
||||
|
|
|
|||
|
|
@ -45,7 +45,13 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
|
|||
config.vm.synced_folder ".", "/vagrant"
|
||||
|
||||
config.vm.provision "shell" do |s|
|
||||
s.path = "util/vagrant_deploy.sh"
|
||||
s.path = "util/ansible_setup.sh"
|
||||
end
|
||||
|
||||
config.vm.provision "ansible_local" do |ansible|
|
||||
ansible.provisioning_path = "/var/azuracast/www"
|
||||
ansible.tmp_path = "/vagrant/ansible/tmp"
|
||||
ansible.playbook = "util/ansible/deploy.yml"
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
|||
|
|
@ -1,21 +1,24 @@
|
|||
---
|
||||
- hosts: all
|
||||
sudo: true
|
||||
become: true
|
||||
vars:
|
||||
util_base: "{{ playbook_dir | dirname }}"
|
||||
www_base: "{{ util_base | dirname }}"
|
||||
app_base: "{{ www_base | dirname }}"
|
||||
tmp_base: "{{ app_base }}/www_tmp"
|
||||
app_env: "development"
|
||||
azuracast_user_password: "azuracast"
|
||||
mysql_root_password: "password"
|
||||
|
||||
dev_azuracast_user_password: "azuracast"
|
||||
dev_mysql_root_password: "password"
|
||||
|
||||
roles:
|
||||
- debug-dump
|
||||
- init
|
||||
- git
|
||||
- azuracast-radio
|
||||
- azuracast-user
|
||||
- azuracast-config
|
||||
- influxdb
|
||||
- nginx
|
||||
- php-phalcon
|
||||
- mariadb
|
||||
|
|
@ -23,5 +26,4 @@
|
|||
- azuracast-db
|
||||
- azuracast-cron
|
||||
- { role: azuracast-build, when: app_env == 'development' }
|
||||
- { role: curl, when: app_env == 'development' }
|
||||
- { role: vim, when: app_env == 'development' }
|
||||
|
|
@ -1,31 +1,32 @@
|
|||
---
|
||||
- name: Install Node
|
||||
sudo: yes
|
||||
apt: pkg={{ item }} state=latest
|
||||
become: true
|
||||
apt: pkg="{{ item }}" state=latest
|
||||
with_items:
|
||||
- nodejs
|
||||
- npm
|
||||
|
||||
- name: Symlink Nodejs Binary
|
||||
sudo: yes
|
||||
become: true
|
||||
file: src=/usr/bin/nodejs dest=/usr/bin/node state=link
|
||||
|
||||
- name: Create build directory
|
||||
file: path={{ app_base }}/build state=directory owner=azuracast group=www-data mode=0777
|
||||
file: path="{{ app_base }}/build" state=directory owner=azuracast group=www-data mode=0777
|
||||
|
||||
- name: Symlink Nodejs Binary
|
||||
sudo: yes
|
||||
file: src={{ www_base }}/web/static/{{ item }} dest={{app_base }}/build/{{ item }} state=link
|
||||
become: true
|
||||
file: src="{{ www_base }}/web/static/{{ item }}" dest="{{ app_base }}/build/{{ item }}" state=link
|
||||
with_items:
|
||||
- gruntfile.js
|
||||
- package.json
|
||||
|
||||
- name: Install Node packages
|
||||
shell: npm install --loglevel warn
|
||||
chdir: {{ app_base }}/build
|
||||
shell: "npm install --loglevel warn"
|
||||
args:
|
||||
chdir: "{{ app_base }}/build"
|
||||
|
||||
- name: Install Node global packages
|
||||
shell: npm install -g {{ item }} --loglevel warn
|
||||
shell: "npm install -g {{ item }} --loglevel warn"
|
||||
with_items:
|
||||
- bower
|
||||
- grunt
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: Use Default Configuration Files
|
||||
copy: src={{ www_base }}/app/configs/{{ item }}.conf.sample.php dest={{ www_base }}/app/configs/{{ item }}.conf.php
|
||||
copy: src="{{ www_base }}/app/config/{{ item }}.conf.sample.php" dest="{{ www_base }}/app/config/{{ item }}.conf.php"
|
||||
with_items:
|
||||
- apis
|
||||
- db
|
||||
|
|
@ -8,16 +8,16 @@
|
|||
- cache
|
||||
|
||||
- name: Write current environment to file.
|
||||
copy: content="{{ app_env }}" dest={{ www_base }}/app/.env
|
||||
copy: content="{{ app_env }}" dest="{{ www_base }}/app/.env"
|
||||
|
||||
- name: Touch .deploy_run file
|
||||
file: path={{ app_base }}/.deploy_run state=touch
|
||||
file: path="{{ app_base }}/.deploy_run" state=touch
|
||||
|
||||
- name: Create System Folders
|
||||
file: path={{ item }} state=directory owner=azuracast group=www-data mode=0777
|
||||
file: path="{{ item }}" state=directory owner=azuracast group=www-data mode=0777
|
||||
with_items:
|
||||
- {{ tmp_base }}
|
||||
- {{ tmp_base }}/cache
|
||||
- {{ tmp_base }}/sessions
|
||||
- {{ tmp_base }}/proxies
|
||||
- {{ app_base }}/stations
|
||||
- "{{ tmp_base }}"
|
||||
- "{{ tmp_base }}/cache"
|
||||
- "{{ tmp_base }}/sessions"
|
||||
- "{{ tmp_base }}/proxies"
|
||||
- "{{ app_base }}/stations"
|
||||
|
|
@ -1,11 +1,11 @@
|
|||
---
|
||||
- name: Install IceCast2
|
||||
sudo: yes
|
||||
become: true
|
||||
apt: deb=http://download.opensuse.org/repositories/multimedia:/xiph/xUbuntu_14.04/amd64/icecast2_2.4.2-2_amd64.deb
|
||||
|
||||
- name: Install LiquidSoap
|
||||
sudo: yes
|
||||
become: true
|
||||
apt: pkg=liquidsoap state=latest
|
||||
|
||||
- name: Link Fallback Error MP3
|
||||
file: src={{ www_base }}/resources/error.mp3 dest=/usr/share/icecast2/web/error.mp3 state=link
|
||||
file: src="{{ www_base }}/resources/error.mp3" dest="/usr/share/icecast2/web/error.mp3" state=link
|
||||
|
|
@ -1,24 +1,42 @@
|
|||
---
|
||||
- name: (Prod) Generate AzuraCast Password
|
||||
command: pwgen 8 -sn 1
|
||||
register: azuracast_user_password
|
||||
register: prod_azuracast_user_password
|
||||
when: app_env == "production"
|
||||
|
||||
- name: Assign User Password
|
||||
set_fact:
|
||||
azuracast_user_password: "{{ prod_azuracast_user_password if app_env == 'production' else dev_azuracast_user_password }}"
|
||||
|
||||
- name: Create AzuraCast User
|
||||
sudo: yes
|
||||
user: name=azuracast home={{ app_base }} comment="AzuraCast" shell=/bin/bash groups='sudo,admin,www-data,nobody' password={{ azuracast_user_password }}
|
||||
become: true
|
||||
user:
|
||||
name: azuracast
|
||||
home: "{{ app_base }}"
|
||||
comment: "AzuraCast"
|
||||
shell: /bin/bash
|
||||
groups: 'sudo,admin,www-data'
|
||||
password: "{{ azuracast_user_password|password_hash('sha512') }}"
|
||||
|
||||
- name: Create www-data group
|
||||
become: true
|
||||
group: name=www-data state=present
|
||||
|
||||
- name: Modify www-data User
|
||||
user: name=www-data groups='azuracast' append=yes
|
||||
become: true
|
||||
user: name=www-data groups="azuracast" append=yes
|
||||
|
||||
- name: (Dev) Modify vagrant User
|
||||
user: name=vagrant groups='www-data,nobody', append=yes
|
||||
become: true
|
||||
user: name=vagrant groups="www-data" append=yes
|
||||
when: app_env == "development"
|
||||
|
||||
- name: (Dev) Modify www-data User
|
||||
user: name=www-data groups='vagrant', append=yes
|
||||
become: true
|
||||
user: name=www-data groups="vagrant" append=yes
|
||||
when: app_env == "development"
|
||||
|
||||
- name: (Dev) Add azuracast User to vagrant Group
|
||||
user: name=azuracast groups='vagrant' append=yes
|
||||
become: true
|
||||
user: name=azuracast groups="vagrant" append=yes
|
||||
when: app_env == "development"
|
||||
|
|
@ -1,10 +1,10 @@
|
|||
---
|
||||
- name: Install Composer
|
||||
sudo: true
|
||||
become: true
|
||||
shell: curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer
|
||||
|
||||
- name: Run Composer in Local Directory
|
||||
chdir: {{ www_base }}
|
||||
become: true
|
||||
become_user: azuracast
|
||||
shell: composer install
|
||||
shell: composer install
|
||||
args:
|
||||
chdir: "{{ www_base }}"
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
- name: Dump all vars
|
||||
action: template src=dumpall.j2 dest=/vagrant/ansible/vars.txt
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
util_base: {{ util_base }}
|
||||
www_base: {{ www_base }}
|
||||
app_base: {{ app_base }}
|
||||
tmp_base: {{ tmp_base }}
|
||||
app_env: {{ app_env }}
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
---
|
||||
- name: Install Git
|
||||
sudo: yes
|
||||
become: true
|
||||
apt: pkg=git state=latest
|
||||
|
|
|
|||
|
|
@ -1,9 +1,17 @@
|
|||
---
|
||||
- name: Install InfluxDB 0.8.8
|
||||
sudo: yes
|
||||
become: true
|
||||
apt: deb=http://influxdb.s3.amazonaws.com/influxdb_0.8.8_amd64.deb
|
||||
notify: restart influxdb
|
||||
|
||||
- name: restart influxdb
|
||||
service: name=influxdb enabled=yes state=restarted
|
||||
|
||||
- pause: seconds=15 prompt="Wait for InfluxDB to initialize"
|
||||
|
||||
- name: Set up Initial InfluxDB Database
|
||||
shell: curl -s -X POST "http://localhost:8086/cluster/database_configs/stations?u=root&p=root" --data-binary @influx_stations.json
|
||||
chdir: {{ www_base }}/util
|
||||
uri:
|
||||
url: http://localhost:8086/cluster/database_configs/stations?u=root&p=root
|
||||
method: POST
|
||||
body: "{{ lookup('file', util_base+'/influx_stations.json') }}"
|
||||
body_format: json
|
||||
status_code: 201
|
||||
|
|
@ -1,14 +1,15 @@
|
|||
---
|
||||
- name: Update apt
|
||||
sudo: yes
|
||||
become: true
|
||||
apt: update_cache=yes
|
||||
|
||||
- name: Install system packages
|
||||
sudo: yes
|
||||
apt: pkg={{ item }} state=latest
|
||||
become: true
|
||||
apt: pkg="{{ item }}" state=latest
|
||||
with_items:
|
||||
- curl
|
||||
- wget
|
||||
- build-essential
|
||||
- python-software-properties
|
||||
- pwgen
|
||||
- pwgen
|
||||
- whois
|
||||
|
|
@ -1,9 +1,13 @@
|
|||
---
|
||||
- name: (Prod) Generate MySQL Root Password
|
||||
command: pwgen 8 -sn 1
|
||||
register: mysql_root_password
|
||||
register: prod_mysql_root_password
|
||||
when: app_env == "production"
|
||||
|
||||
- name: Assign User Password
|
||||
set_fact:
|
||||
mysql_root_password: "{{ prod_mysql_root_password if app_env == 'production' else dev_mysql_root_password }}"
|
||||
|
||||
- name: Add repo file
|
||||
template: src=mariadb_ubuntu.list.j2 dest=/etc/apt/sources.list.d/mariadb.list owner=root group=root mode=0644
|
||||
register: mariadb_list
|
||||
|
|
@ -21,7 +25,7 @@
|
|||
changed_when: false
|
||||
|
||||
- name: Install MariaDB
|
||||
apt: pkg={{ item }} state=present
|
||||
apt: pkg="{{ item }}" state=present
|
||||
with_items:
|
||||
- mariadb-server
|
||||
- mariadb-client
|
||||
|
|
@ -33,49 +37,53 @@
|
|||
- name: Start and enable service
|
||||
service: name=mysql state=started enabled=yes
|
||||
|
||||
#- name: Set root password
|
||||
# command: "mysqladmin -u root password {{ mysql_root_password }}"
|
||||
# notify: restart mysql
|
||||
|
||||
# MySQL Secure Installation
|
||||
- name: Set root Password
|
||||
mysql_user: name=root host={{ item }} password={{ mysql_root_password }} state=present
|
||||
with_items:
|
||||
- localhost
|
||||
- 127.0.0.1
|
||||
- ::1
|
||||
mysql_user: name=root host="localhost" password="{{ mysql_root_password }}" priv=*.*:ALL,GRANT state=present
|
||||
notify: restart mysql
|
||||
|
||||
- name: Reload privilege tables
|
||||
command: 'mysql -ne "{{ item }}"'
|
||||
with_items:
|
||||
- FLUSH PRIVILEGES
|
||||
changed_when: False
|
||||
#- name: Reload privilege tables
|
||||
# command: 'mysql -ne "{{ item }}"'
|
||||
# with_items:
|
||||
# - "FLUSH PRIVILEGES"
|
||||
# changed_when: False
|
||||
|
||||
- name: Add .my.cnf
|
||||
template: src=root_my.cnf.j2 dest=/root/.my.cnf owner=root group=root mode=0600
|
||||
|
||||
- name: Remove anonymous users
|
||||
command: 'mysql -ne "{{ item }}"'
|
||||
with_items:
|
||||
- DELETE FROM mysql.user WHERE User=''
|
||||
- "DELETE FROM mysql.user WHERE User=''"
|
||||
changed_when: False
|
||||
|
||||
- name: Disallow root login remotely
|
||||
command: 'mysql -ne "{{ item }}"'
|
||||
with_items:
|
||||
- DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')
|
||||
- "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')"
|
||||
changed_when: False
|
||||
|
||||
- name: Remove test database and access to it
|
||||
command: 'mysql -ne "{{ item }}"'
|
||||
with_items:
|
||||
- DROP DATABASE test
|
||||
- DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'
|
||||
- "DROP DATABASE test"
|
||||
- "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'"
|
||||
changed_when: False
|
||||
ignore_errors: True
|
||||
|
||||
- name: Reload privilege tables
|
||||
command: 'mysql -ne "{{ item }}"'
|
||||
with_items:
|
||||
- FLUSH PRIVILEGES
|
||||
- "FLUSH PRIVILEGES"
|
||||
changed_when: False
|
||||
|
||||
# Create Database
|
||||
- name: Create MySQL Database
|
||||
command: mysql -u root -e "CREATE DATABASE IF NOT EXISTS azuracast CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
|
||||
command: mysql -ne "CREATE DATABASE IF NOT EXISTS azuracast CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
|
||||
|
||||
- name: Set MySQL Password in Application
|
||||
replace: dest={{ www_base }}/app/config/db.conf.php regexp="'password'," replace="'{{ mysql_root_password }}',"
|
||||
replace: dest="{{ www_base }}/app/config/db.conf.php" regexp="'password'," replace="'{{ mysql_root_password }}',"
|
||||
|
|
@ -1,7 +0,0 @@
|
|||
# MariaDB CentOS {{ ansible_distribution_major_version|int }} repository list
|
||||
# http://mariadb.org/mariadb/repositories/
|
||||
[mariadb]
|
||||
name = MariaDB
|
||||
baseurl = http://yum.mariadb.org/{{ mariadb_version }}/centos{{ ansible_distribution_major_version|int }}-amd64
|
||||
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
|
||||
gpgcheck=1
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
# MariaDB Ubuntu {{ ansible_distribution_release | title }} repository list
|
||||
# http://mariadb.org/mariadb/repositories/
|
||||
deb http://ams2.mirrors.digitalocean.com/mariadb/repo/{{ mariadb_version }}/ubuntu {{ ansible_distribution_release | lower }} main
|
||||
deb-src http://ams2.mirrors.digitalocean.com/mariadb/repo/{{ mariadb_version }}/ubuntu {{ ansible_distribution_release | lower }} main
|
||||
deb http://ams2.mirrors.digitalocean.com/mariadb/repo/10.0/ubuntu {{ ansible_distribution_release | lower }} main
|
||||
deb-src http://ams2.mirrors.digitalocean.com/mariadb/repo/10.0/ubuntu {{ ansible_distribution_release | lower }} main
|
||||
|
|
|
|||
|
|
@ -1,7 +1,5 @@
|
|||
[client]
|
||||
default-character-set = utf8mb4
|
||||
user=root
|
||||
password={{ mysql_root_password }}
|
||||
|
||||
[mysql]
|
||||
default-character-set = utf8mb4
|
||||
|
|
|
|||
|
|
@ -0,0 +1,4 @@
|
|||
[client]
|
||||
default-character-set = utf8mb4
|
||||
user=root
|
||||
password={{ mysql_root_password }}
|
||||
|
|
@ -1,9 +1,9 @@
|
|||
---
|
||||
- name: Install nginx
|
||||
sudo: yes
|
||||
become: true
|
||||
apt: pkg=nginx state=latest
|
||||
|
||||
- name: Change default nginx site
|
||||
sudo: yes
|
||||
become: true
|
||||
template: src=default.j2 dest=/etc/nginx/sites-available/default
|
||||
notify: restart nginx
|
||||
|
|
@ -1,19 +1,19 @@
|
|||
---
|
||||
- name: Add PHP PPA repository
|
||||
sudo: yes
|
||||
become: true
|
||||
apt_repository: repo=ppa:ondrej/php5
|
||||
|
||||
- name: Add Phalcon PPA repository
|
||||
sudo: yes
|
||||
become: true
|
||||
apt_repository: repo=ppa:phalcon/stable
|
||||
|
||||
- name: Update apt again
|
||||
sudo: yes
|
||||
become: true
|
||||
apt: update_cache=yes
|
||||
|
||||
- name: Install PHP Libraries
|
||||
sudo: yes
|
||||
apt: package=php5-fpm state=latest
|
||||
become: true
|
||||
apt: package="{{ item }}" state=latest
|
||||
with_items:
|
||||
- php5-fpm
|
||||
- php5-cli
|
||||
|
|
@ -23,7 +23,7 @@
|
|||
- php5-phalcon
|
||||
|
||||
- name: Configure PHP FPM Pool
|
||||
copy: src=fpmpool.j2 dest=/etc/php5/fpm/pool.d/www.conf force=true
|
||||
template: src=fpmpool.j2 dest=/etc/php5/fpm/pool.d/www.conf force=true
|
||||
notify: restart php5-fpm
|
||||
|
||||
- name: Configure php5-fpm php.ini
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
---
|
||||
- name: Install vim
|
||||
sudo: yes
|
||||
become: true
|
||||
apt: pkg=vim state=latest
|
||||
|
|
|
|||
|
|
@ -0,0 +1,13 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
sudo apt-get update
|
||||
sudo apt-get install -q -y software-properties-common
|
||||
sudo apt-add-repository ppa:ansible/ansible
|
||||
sudo apt-get update
|
||||
sudo apt-get install -q -y ansible python-mysqldb
|
||||
|
||||
cat > /home/vagrant/.ansible.cfg <<EOF
|
||||
[defaults]
|
||||
remote_tmp = /vagrant/ansible/tmp
|
||||
log_path = /vagrant/ansible/ansible.log
|
||||
EOF
|
||||
Loading…
Reference in New Issue