mdk
/
eqy.fr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
eqy.fr/deploy/roles/website/tasks/main.yml

216 lines
4.7 KiB
YAML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
- name: Install dependencies
apt:
state: present
name:
- cron
- gettext
- git
- nginx
- postgresql
- postgresql-server-dev-all # To compile Python client.
- pgbadger
- python3
- python3-pip
- python3-psycopg2
- python3-venv
update_cache: true
tags: website
- name: Add unix user website
user:
name: website
shell: /bin/false
system: yes
home: /opt/website
tags: website
- name: install website.service (systemd)
copy:
src: systemd/website.service
dest: /etc/systemd/system/website.service
owner: root
group: root
mode: 0644
notify: restart website
tags: website
- name: add user website to pgsql
become: true
become_user: postgres
postgresql_user:
user: website
tags: website
- name: add database media
become: true
become_user: postgres
postgresql_db:
name: media
owner: website
tags: website
- name: Collect PostgreSQL version and extensions
become: yes
become_user: postgres
postgresql_info:
filter: ver*
register: db_info
- name: Configure psql
notify: reload psql
copy:
dest: "/etc/postgresql/{{ db_info.version.major }}/main/conf.d/media.conf"
owner: postgres
group: postgres
mode: 0644
content: |
log_min_duration_statement = 0
log_checkpoints = on
log_connections = on
log_disconnections = on
log_lock_waits = on
log_temp_files = 0
log_autovacuum_min_duration = 0
log_error_verbosity = default
lc_messages='en_US.UTF-8'
lc_messages='C'
- name: Synchronize source
ansible.posix.synchronize:
src: "{{ inventory_dir }}/../"
dest: /opt/website/src/
rsync_opts:
- "--exclude=.venv"
- "--exclude=venv"
notify: restart website
- name: Creates a /opt/website/venv for virtual environments
file:
path: /opt/website/venv
state: directory
mode: 0755
tags: website
- name: Setup or upgrade venv
command: python3 -m venv --upgrade-deps /opt/website/venv
changed_when: false
- name: Creates a /opt/website/locale for translations
file:
path: /opt/website/locale
state: directory
mode: 0755
owner: root
group: root
tags: website
- name: Creates a /opt/website/media for medias
file:
path: /opt/website/media
state: directory
mode: 0755
owner: website
group: website
tags: website
- name: Creates a /opt/website/static for static
file:
path: /opt/website/locale
state: directory
mode: 0755
owner: root
group: root
tags: website
- name: pip installs requirements
pip:
chdir: /opt/website/src
requirements: requirements.txt
virtualenv: /opt/website/venv
virtualenv_command: /usr/bin/python3 -m venv
tags: website
- name: pip installs psycopg2
pip:
chdir: /opt/website/src
name: psycopg2
virtualenv: /opt/website/venv
virtualenv_command: /usr/bin/python3 -m venv
tags: website
- name: pip installs gunicorn
pip:
chdir: /opt/website/src
name: gunicorn
virtualenv: /opt/website/venv
virtualenv_command: /usr/bin/python3 -m venv
tags: website
- name: Install website configuration
template:
src: local_settings.py.j2
dest: /opt/website/src/local_settings.py
owner: root
group: website
mode: 0640
notify: restart website
tags: website
- name: Migrate db
command: "/opt/website/venv/bin/python manage.py migrate"
args:
chdir: "/opt/website/src"
register: migrate_result
changed_when: '" Applying " in migrate_result.stdout'
run_once: true
become: true
become_user: website
tags: [website, test]
- name: Collectstatic
command: "/opt/website/venv/bin/python manage.py collectstatic --noinput"
args:
chdir: "/opt/website/src"
register: collectstatic_result
changed_when: '"Copying " in collectstatic_result.stdout'
tags: [website, test]
- name: Compile gettext
command: "/opt/website/venv/bin/python manage.py compilemessages"
args:
chdir: "/opt/website/src"
notify: restart website
tags: [website, test]
- name: Ensure website is running
service: name=website state=started enabled=yes
tags: website
- name: Configure nginx host
template:
src: nginx-vhost
dest: "/etc/nginx/sites-available/{{ website_vhost }}"
owner: root
group: root
mode: 0644
notify: reload nginx
tags: website
- name: Create symlink for API nginx site
file:
src: "/etc/nginx/sites-available/{{ website_vhost }}"
dest: "/etc/nginx/sites-enabled/{{ website_vhost }}"
state: link
notify: reload nginx
tags: website
- name: Daily backup
cron:
user: website
name: "backup"
job: "/usr/bin/pg_dump --clean media > backup.sql"
hour: '2'
minute: '0'
Reference in New Issue View Git Blame Copy Permalink