mdk/eqy.fr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
83a532db5b
eqy.fr/deploy/roles/website/tasks/main.yml

216 lines
4.7 KiB
YAML
Raw Normal View History

Go to production
2023-12-20 11:27:36 +00:00
---
- name: Install dependencies
apt:
state: present
name:
- cron
- gettext
- git
- nginx
- postgresql
- postgresql-server-dev-all # To compile Python client.
- pgbadger
- python3
- python3-pip
- python3-psycopg2
- python3-venv
update_cache: true
tags: website
- name: Add unix user website
user:
name: website
shell: /bin/false
system: yes
home: /opt/website
tags: website
- name: install website.service (systemd)
copy:
src: systemd/website.service
dest: /etc/systemd/system/website.service
owner: root
group: root
mode: 0644
notify: restart website
tags: website
- name: add user website to pgsql
become: true
become_user: postgres
postgresql_user:
user: website
tags: website
- name: add database media
become: true
become_user: postgres
postgresql_db:
name: media
owner: website
tags: website
- name: Collect PostgreSQL version and extensions
become: yes
become_user: postgres
postgresql_info:
filter: ver*
register: db_info
- name: Configure psql
notify: reload psql
copy:
dest: "/etc/postgresql/{{ db_info.version.major }}/main/conf.d/media.conf"
owner: postgres
group: postgres
mode: 0644
content: |
log_min_duration_statement = 0
log_checkpoints = on
log_connections = on
log_disconnections = on
log_lock_waits = on
log_temp_files = 0
log_autovacuum_min_duration = 0
log_error_verbosity = default
lc_messages='en_US.UTF-8'
lc_messages='C'
- name: Synchronize source
ansible.posix.synchronize:
Avoid hardcoding path on my own laptop.
2023-12-20 13:04:36 +00:00
src: "{{ inventory_dir }}/../"
Go to production
2023-12-20 11:27:36 +00:00
dest: /opt/website/src/
Don't push venv to prod.
2023-12-20 14:24:32 +00:00
rsync_opts:
- "--exclude=.venv"
- "--exclude=venv"
Go to production
2023-12-20 11:27:36 +00:00
notify: restart website
- name: Creates a /opt/website/venv for virtual environments
file:
path: /opt/website/venv
state: directory
mode: 0755
tags: website
- name: Setup or upgrade venv
command: python3 -m venv --upgrade-deps /opt/website/venv
changed_when: false
- name: Creates a /opt/website/locale for translations
file:
path: /opt/website/locale
state: directory
mode: 0755
owner: root
group: root
tags: website
- name: Creates a /opt/website/media for medias
file:
path: /opt/website/media
state: directory
mode: 0755
owner: website
group: website
tags: website
- name: Creates a /opt/website/static for static
file:
path: /opt/website/locale
state: directory
mode: 0755
owner: root
group: root
tags: website
- name: pip installs requirements
pip:
chdir: /opt/website/src
requirements: requirements.txt
virtualenv: /opt/website/venv
virtualenv_command: /usr/bin/python3 -m venv
tags: website
- name: pip installs psycopg2
pip:
chdir: /opt/website/src
name: psycopg2
virtualenv: /opt/website/venv
virtualenv_command: /usr/bin/python3 -m venv
tags: website
- name: pip installs gunicorn
pip:
chdir: /opt/website/src
name: gunicorn
virtualenv: /opt/website/venv
virtualenv_command: /usr/bin/python3 -m venv
tags: website
- name: Install website configuration
template:
src: local_settings.py.j2
dest: /opt/website/src/local_settings.py
owner: root
group: website
mode: 0640
notify: restart website
tags: website
- name: Migrate db
command: "/opt/website/venv/bin/python manage.py migrate"
args:
chdir: "/opt/website/src"
register: migrate_result
changed_when: '" Applying " in migrate_result.stdout'
run_once: true
become: true
become_user: website
tags: [website, test]
- name: Collectstatic
command: "/opt/website/venv/bin/python manage.py collectstatic --noinput"
args:
chdir: "/opt/website/src"
register: collectstatic_result
changed_when: '"Copying " in collectstatic_result.stdout'
tags: [website, test]
- name: Compile gettext
command: "/opt/website/venv/bin/python manage.py compilemessages"
args:
chdir: "/opt/website/src"
notify: restart website
tags: [website, test]
- name: Ensure website is running
service: name=website state=started enabled=yes
tags: website
- name: Configure nginx host
template:
src: nginx-vhost
dest: "/etc/nginx/sites-available/{{ website_vhost }}"
owner: root
group: root
mode: 0644
notify: reload nginx
tags: website
- name: Create symlink for API nginx site
file:
src: "/etc/nginx/sites-available/{{ website_vhost }}"
dest: "/etc/nginx/sites-enabled/{{ website_vhost }}"
state: link
notify: reload nginx
tags: website
- name: Daily backup
cron:
user: website
name: "backup"
job: "/usr/bin/pg_dump --clean media > backup.sql"
hour: '2'
minute: '0'
Reference in New Issue Copy Permalink