--- - hosts: webservers tasks: - name: Basic setup include_role: name=common - name: Install irker apt: name: irker state: present - name: Setup pydocteur.afpy.org include_role: name=nginx vars: nginx_owner: pydocteur-afpy-org nginx_domain: pydocteur.afpy.org nginx_certificates: [pydocteur.afpy.org] nginx_public_deploy_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDPqZ20aNdTDrePRQT0obzUF0yn/o3cWEFwaf/MtAOmVxpJZiTZzaikU58qLVaTxfZpULMf2yIB9a1v0FhUOHde30+FFyxuGCMmV9lHT7wA4TS3Ucqj2kqzV2Qby/3IjxI41MXpbIFBj7K7TaJKfCPb2ToAuxbyiSiLXDre+xpSfR8qNAz1nObJPR/NbrJRzHnLywml1b7j1kPbbGfUvh3jtMa9a9eN3xotxGsLM8Da+R86xagC6lChJqxzM2zlsqXMhwnf/ntNAIJC6CpVpwdKTF6S8VIVC2UyB9oMnP43B1ijAETuNYG/nm4nE5IkQ14SiiQyRqdfX7+y5Pt2BfOxwVEedvcdAHZIj3v0fDr+23lf2AXR2v9V2JWT0BVLSJ6s2DHrumXkbS+XQkJWjxSZUUN7zg+J/+sPRrYERo+wIzLxXGGycrRgmQKLH6OJIy2/n/L8KtZfvxm6u90WIHu6RYTU9rqvzoqtEImDegOtzPqDFsljm8simginlqQo5gk= pydocteur" nginx_conf: | server { listen [::]:80; listen 80; server_name pydocteur.afpy.org; return 301 https://$host$request_uri; } server { listen [::]:443 ssl http2; listen 443 ssl http2; server_name pydocteur.afpy.org; include snippets/letsencrypt-pydocteur.afpy.org.conf; location / { include proxy_params; proxy_pass http://unix:/home/pydocteur-afpy-org/wsgi.sock; } } - name: PyDocTeur have its own systemd user daemon started at boot command: cmd: loginctl enable-linger pydocteur-afpy-org creates: "/var/lib/systemd/linger/pydocteur-afpy-org" - name: Initial clone become: true become_user: pydocteur-afpy-org git: repo: https://github.com/AFPy/PyDocTeur/ dest: /home/pydocteur-afpy-org/src/ update: no - name: pip install requirements become: true become_user: pydocteur-afpy-org pip: requirements: /home/pydocteur-afpy-org/src/requirements.txt virtualenv_command: /usr/bin/python3 -m venv virtualenv: "/home/pydocteur-afpy-org/venv/" - name: pip install gunicorn and irker-handler become: true become_user: pydocteur-afpy-org pip: name: [gunicorn, irker-handler] virtualenv_command: /usr/bin/python3 -m venv virtualenv: "/home/pydocteur-afpy-org/venv/" - name: systemd user directory file: path: /home/pydocteur-afpy-org/.local/share/systemd/user/ state: directory - name: systemd pydocteur.afpy.org service copy: dest: /home/pydocteur-afpy-org/.local/share/systemd/user/pydocteur.service content: | [Unit] Description=PyDocTeur Github hook After=network.target [Service] PIDFile=/home/pydocteur-afpy-org/service.pid WorkingDirectory=/home/pydocteur-afpy-org/src/ ExecStart=/home/pydocteur-afpy-org/venv/bin/gunicorn \ --workers 1 \ --pid /home/pydocteur-afpy-org/service.pid \ --bind unix:/home/pydocteur-afpy-org/wsgi.sock \ wsgi ExecReload=/bin/kill -s HUP $MAINPID ExecStop=/bin/kill -s TERM $MAINPID PrivateTmp=true [Install] WantedBy=multi-user.target - name: Configure PyDocTeur copy: content: | {{ vault_pydocteur_env }} LOGGING=/home/pydocteur-afpy-org/logging.yml dest: /home/pydocteur-afpy-org/src/.env - name: Configure PyDocTeur logging notify: restart pydocteur copy: dest: /home/pydocteur-afpy-org/logging.yml content: | --- version: 1 disable_existing_loggers: false handlers: stderr: class: logging.StreamHandler stream: ext://sys.stderr level: DEBUG email: class: logging.handlers.SMTPHandler mailhost: 127.0.0.1 fromaddr: pydocteur@afpy.org toaddrs: [afpy-web@lists.afpy.org] subject: PyDocTeur Exception level: ERROR irc: class: irker_handler.IrkerHandler to: irc://irc.libera.chat/python-docs-fr level: WARNING loggers: gunicorn.error: level: INFO handlers: [stderr, email] pydocteur: level: DEBUG handlers: [irc, stderr, email] urllib3: level: INFO handlers: [stderr] reqests: level: INFO handlers: [stderr] github: level: INFO handlers: [stderr] - name: Start PyDocTeur become: true become_user: pydocteur-afpy-org systemd: daemon_reload: yes scope: user state: started name: pydocteur handlers: - name: restart pydocteur become: true become_user: pydocteur-afpy-org systemd: daemon_reload: yes scope: user state: restarted name: pydocteur - name: reload nginx service: name=nginx state=reloaded