-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathhxydra_play.yml
166 lines (141 loc) · 4.84 KB
/
hxydra_play.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
---
- import_playbook: common_play.yml
- hosts: '{{ target_hosts | default("tag_service_hxydra", true) }}'
remote_user: "{{ my_remote_user }}"
become: yes
vars:
postgres_version: 13
vars_files:
- vars/common_vars.yml
- vars/hxydra_vars.yml
handlers:
- include_tasks: handlers/main.yml
tasks:
- include_role:
name: external/geerlingguy.nodejs
vars:
nodejs_version: "16.x"
npm_config_unsafe_perm: "true"
- name: install redis
include_role:
name: external/geerlingguy.redis
- name: install pg client
include_tasks: roles/external/nmaekawa.postgres/tasks/pg_install_client.yml
- hosts: '{{ target_hosts | default("tag_service_hxydra", true) }}'
remote_user: "{{ my_remote_user }}"
become: yes
vars_files:
- vars/common_vars.yml
- vars/hxydra_vars.yml
handlers:
- include_tasks: handlers/main.yml
tasks:
- name: make sure .ssh exists for {{ service_user }}
file:
path: '/home/{{ service_user }}/.ssh'
owner: '{{ service_user }}'
group: '{{ service_group }}'
mode: 0750
state: directory
- name: install webapp
include_role:
name: webapp_install
- name: clone ui
become: yes
become_user: '{{ service_user }}'
git:
repo: 'https://github.com/lduarte1991/hxydra-ui.git'
accept_hostkey: yes
update: yes
clone: yes
force: yes
version: 'main'
dest: '{{ service_rootdir }}/hxydra-ui'
- name: add .env to VUE kondo
become_user: "{{ service_user }}"
template:
src: roles/webapp_install/templates/service_dotenv.j2
dest: '{{ service_rootdir }}/hxydra-ui/hxydra/.env'
owner: "{{ service_user }}"
group: "{{ service_group }}"
mode: 0640
backup: yes
vars:
service_environment: "{{ service_vue_environment }}"
- name: build ui dist
become_user: '{{ service_user }}'
shell: >
npm install && npm run build
args:
chdir: '{{ service_rootdir }}/hxydra-ui/hxydra'
- name: run migration and collectstatic
include_tasks: 'roles/webapp_install/tasks/django_manage.yml'
- name: create django admin user
include_tasks: 'roles/webapp_install/tasks/django_admin_user.yml'
- name: ensure kondo auth groups exist
become_user: '{{ service_user }}'
environment:
HXYDRA_DOTENV_PATH: '{{ service_dotenv_path}}'
shell: >
. {{ service_venv_dir}}/bin/activate &&
python ./manage.py setup_permissions
args:
chdir: '{{ service_install_dir }}'
- name: add django admin user to kondo-admin group
become_user: '{{ service_user }}'
environment:
HXYDRA_DOTENV_PATH: '{{ service_dotenv_path }}'
shell: >
. {{ service_venv_dir }}/bin/activate &&
python ./manage.py add_user_to_groups {{ service_admin_user }} 'kondo-admin'
args:
chdir: '{{ service_install_dir }}'
- name: create kondo users
become_user: '{{ service_user }}'
environment:
HXYDRA_DOTENV_PATH: '{{ service_dotenv_path }}'
shell: >
. {{ service_venv_dir }}/bin/activate &&
python ./manage.py create_user --username {{ ku.netid }} --password unusable_password {{ ku.is_admin }}
args:
chdir: '{{ service_install_dir }}'
loop: "{{ kondo_users }}"
loop_control:
loop_var: ku
- name: add kondo users to group kondo-auth-groups
become_user: '{{ service_user }}'
environment:
HXYDRA_DOTENV_PATH: '{{ service_dotenv_path }}'
shell: >
. {{ service_venv_dir }}/bin/activate &&
python ./manage.py add_user_to_groups {{ ku.netid }} {{ ku.groups | join(',') }}
args:
chdir: '{{ service_install_dir }}'
loop: '{{ kondo_users }}'
loop_control:
loop_var: ku
- name: add seed db
become_user: '{{ service_user }}'
environment:
HXYDRA_DOTENV_PATH: '{{ service_dotenv_path }}'
shell: >
. {{ service_venv_dir }}/bin/activate &&
python ./manage.py seed_db --input-json {{ service_install_dir }}/seed_db.json
args:
chdir: '{{ service_install_dir }}'
- name: config nginx
include_role:
name: nginx
- name: cronjob to clear sessions
cron:
name: 'clear django sessions'
user: '{{ service_user }}'
hour: '7'
minute: '0'
state: present
job: >
{{ service_name | upper }}_DOTENV_PATH={{ service_dotenv_path }} {{ service_venv_dir }}/bin/python3 {{ service_install_dir }}/manage.py clearsessions 2>&1 | logger -t '[clear django sessions]'
- import_playbook: rds_service_dbdump_play.yml
vars:
project_name: hxydra
- import_playbook: backup_play.yml