-
Hervé MENAGER authoredOn the kind advice of Thomas Menard. Former-commit-id: c0b58e722b07bbcfc7d05fb756e06580a1b5ec11
c5ba09a9
deploy.yaml 3.33 KiB
---
- hosts: all
become: yes
gather_facts: no
tasks:
#
# Install basic non-virtualenv requirements
#
- name: install git
yum: name=git state=present
become: true
- name: Add repository
become: true
yum_repository:
name: epel
description: EPEL YUM repo
gpgcheck: no
baseurl: https://download.fedoraproject.org/pub/epel/$releasever/$basearch/
- name: install python3
yum: name=python34 state=present update_cache=yes
become: true
- name: install python3 development package
yum: name=python34-devel state=present update_cache=yes
become: true
- name: install setuptools
yum: name=python34-setuptools state=present update_cache=yes
become: true
- name: install pip
shell: "easy_install-3.4 pip"
become: true
- name: install graphviz
yum: name=graphviz state=present update_cache=yes
become: true
- name: install httpd
yum: name=httpd state=present update_cache=yes
become: true
- name: install httpd-devel
yum: name=httpd-devel state=present update_cache=yes
become: true
- name: install mod_wsgi
pip: name=mod_wsgi extra_args=--upgrade executable=pip3
become: true
- name: install graphviz-devel
yum: name=graphviz-devel state=present update_cache=yes
become: true
- name: install the 'Development tools' package group
yum:
name: "@Development tools"
state: present
become: true
#
# Stop web server(s)
#
- name: stop "generic" httpd service if relevant
systemd: state=stopped name=httpd
- name: stop iPPIDB service if relevant
systemd: state=stopped name=ippidb-web
#
# Fetch/Update code and prep django app for publication
#
- name: pull branch master
become_user: "{{ deploy_user_name }}"
git:
repo=git@gitlab.pasteur.fr:odoppelt/iPPIDB.git
dest=/home/{{ deploy_user_name }}/iPPIDB
accept_hostkey=yes
- name: install python requirements
pip: requirements=/home/{{ deploy_user_name }}/iPPIDB/ippisite/requirements.txt extra_args=--upgrade executable=pip3
- name: collect static files
become_user: "{{ deploy_user_name }}" django_manage:
command: "collectstatic"
app_path: "/home/{{ deploy_user_name }}/iPPIDB/ippisite"
- name: create mod_wsgi configuration
django_manage:
command: "runmodwsgi --setup-only --port=80 --user ippidb --group wheel --server-root=/etc/ippidb-80"
app_path: "/home/{{ deploy_user_name }}/iPPIDB/ippisite"
# FIXME: this should obviously be removed before switching to prod. env.
- name: restrict access to the web server to specific IPs
lineinfile: dest=/etc/ippidb-80/httpd.conf
regexp=''
insertafter=EOF
line='<Location '/'>\nRequire all denied\nRequire ip 10.6.108.60\nRequire ip 157.99\n</Location>\n'
- name: copy systemd service file for IPPIDB-web
copy:
remote_src: true
src: /home/{{ deploy_user_name }}/iPPIDB/ansible/ippidb-web.service
dest: /lib/systemd/system/ippidb-web.service
owner: root
group: root
#
# Start web server
#
- name: start iPPIDB service if relevant
systemd: state=started name=ippidb-web enabled=true