Simple ansible template
This commit is contained in:
parent
f6acbc4c02
commit
76a15b4681
|
@ -1,2 +1,5 @@
|
|||
# peach-vps
|
||||
# simple-ansible-template
|
||||
|
||||
|
||||
# generate deploy key
|
||||
`ssh-keygen -t rsa -b 4096 -C "email@email.com"`
|
||||
|
|
|
@ -0,0 +1,64 @@
|
|||
---
|
||||
|
||||
- hosts: webservers
|
||||
user: ubuntu
|
||||
sudo: True
|
||||
|
||||
tasks:
|
||||
- include_vars: vars.yaml
|
||||
|
||||
- name: ensure log directory
|
||||
action: file dest={{log_dir}} state=directory
|
||||
|
||||
- name: deploy code from repository
|
||||
git: repo={{repo_url}} dest={{src_dir}} remote={{repo_remote}} version={{repo_branch}} accept_hostkey=yes
|
||||
notify:
|
||||
- restart nginx
|
||||
- restart webapp
|
||||
|
||||
- name: install python requirements
|
||||
action: pip requirements={{src_dir}}/requirements.txt state=present
|
||||
|
||||
- name: copy hellow_webapp.ini
|
||||
action: template src=templates/hello_webapp.ini dest={{src_dir}}/hello_webapp.ini
|
||||
|
||||
- name: create nginx site config
|
||||
action: template src=templates/nginx_site.conf dest=/etc/nginx/sites-available/{{app_name}}.conf
|
||||
notify:
|
||||
- restart nginx
|
||||
|
||||
- name: link nginx config
|
||||
action: file src=/etc/nginx/sites-available/{{app_name}}.conf dest=/etc/nginx/sites-enabled/{{app_name}}.conf state=link
|
||||
|
||||
- name: create upstart script for webapp
|
||||
action: template src=templates/hello_webapp.conf dest=/etc/init/hello_webapp.conf
|
||||
|
||||
- name: ensure secrets directory
|
||||
action: file dest={{src_dir}}/devops/secret_files state=directory
|
||||
|
||||
- name: Copy secret.json file
|
||||
copy: src=secret_files/secret.json dest={{src_dir}}/devops/secret_files/secret.json
|
||||
|
||||
- name: make src_dir writeable by webgroup
|
||||
action: file path={{src_dir}} mode=u=rwX,g=rwX,o=X recurse=yes group=webgroup
|
||||
|
||||
- name: make log_dir writeable by webgroup
|
||||
action: file path={{log_dir}} mode=u=rwX,g=rwX,o=X recurse=yes group=webgroup
|
||||
|
||||
# - name: crontab to check alerts
|
||||
# cron: name="check alerts" minute="*" job="curl {{prod_url}}/get_all_tix/"
|
||||
|
||||
- name: restart server and webapp
|
||||
command: /bin/true
|
||||
notify:
|
||||
- restart nginx
|
||||
- restart webapp
|
||||
|
||||
|
||||
handlers:
|
||||
|
||||
- name: restart nginx
|
||||
action: service name=nginx state=restarted
|
||||
|
||||
- name: restart webapp
|
||||
action: service name={{app_name}} state=restarted
|
|
@ -0,0 +1,85 @@
|
|||
---
|
||||
|
||||
- hosts: webservers
|
||||
user: ubuntu
|
||||
sudo: True
|
||||
|
||||
tasks:
|
||||
- include_vars: vars.yaml
|
||||
|
||||
- name: add nginx ppa
|
||||
action: apt_repository repo=ppa:nginx/stable state=present
|
||||
|
||||
- name: install common packages needed for python application development
|
||||
action: apt pkg=$item state=installed
|
||||
with_items:
|
||||
- libpq-dev
|
||||
- libmysqlclient-dev
|
||||
- libxml2-dev
|
||||
- libjpeg62
|
||||
- libjpeg62-dev
|
||||
- libfreetype6
|
||||
- libfreetype6-dev
|
||||
- zlib1g-dev
|
||||
- mysql-client
|
||||
- python-dev
|
||||
- python-setuptools
|
||||
- python-imaging
|
||||
- python-mysqldb
|
||||
- python-psycopg2
|
||||
- git-core
|
||||
- nginx
|
||||
|
||||
- name: install pip
|
||||
action: easy_install name=pip
|
||||
|
||||
- name: install virtualenv and uwsgi
|
||||
action: pip name={{item.name}} version={{item.version}}
|
||||
with_items:
|
||||
- { name: 'virtualenv', version: '14.0.6' }
|
||||
- { name: 'uwsgi', version: '2.0.12' }
|
||||
|
||||
- name: symlink imaging library files
|
||||
action: file src=/usr/lib/x86_64-linux-gnu/libfreetype.so dest=/usr/lib/libfreetype.so state=link
|
||||
|
||||
- name: symlink imaging library files
|
||||
action: file src=/usr/lib/x86_64-linux-gnu/libz.so dest=/usr/lib/libz.so state=link
|
||||
|
||||
- name: symlink imaging library files
|
||||
action: file src=/usr/lib/x86_64-linux-gnu/libjpeg.so.62 dest=/usr/lib/x86_64-linux-gnu/libjpeg.so state=link
|
||||
|
||||
- name: symlink imaging library files
|
||||
action: file src=/usr/lib/x86_64-linux-gnu/libjpeg.so dest=/usr/lib/libjpeg.so state=link
|
||||
|
||||
- name: remove default nginx site
|
||||
action: file path=/etc/nginx/sites-enabled/default state=absent
|
||||
|
||||
- name: write nginx.conf
|
||||
action: template src=templates/nginx.conf dest=/etc/nginx/nginx.conf
|
||||
|
||||
- name: create webgroup if it doesn't exist
|
||||
group: name=webgroup state=present
|
||||
tags:
|
||||
- debug
|
||||
|
||||
- name: ensure wsgi-user belongs to webgroup
|
||||
user: name=wsgi-user groups=webgroup append=yes
|
||||
tags:
|
||||
- debug
|
||||
|
||||
- name: ensure wsgi-user belongs to webgroup
|
||||
user: name=www-data groups=webgroup append=yes
|
||||
tags:
|
||||
- debug
|
||||
|
||||
- name: ensure ubuntu belongs to webgroup
|
||||
user: name=ubuntu groups=webgroup append=yes
|
||||
tags:
|
||||
- debug
|
||||
|
||||
- name: copy over ssh keys for deploy purposes
|
||||
action: copy src={{item.from}} dest={{item.to}} mode={{item.mode}}
|
||||
with_items:
|
||||
- { from: 'secret_files/deploy_rsa.pub', to: '/root/.ssh/id_rsa.pub', mode: '0644' }
|
||||
- { from: 'secret_files/deploy_rsa', to: '/root/.ssh/id_rsa', mode: '0600' }
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
description "uWSGI server instance configured to serve hello_webapp"
|
||||
|
||||
start on runlevel [2345]
|
||||
stop on runlevel [!2345]
|
||||
|
||||
setuid wsgi-user
|
||||
setgid webgroup
|
||||
|
||||
chdir {{src_dir}}
|
||||
exec uwsgi --ini hello_webapp.ini
|
|
@ -0,0 +1,31 @@
|
|||
user www-data webgroup;
|
||||
worker_processes 1;
|
||||
worker_rlimit_nofile 8192;
|
||||
|
||||
events {
|
||||
worker_connections 3000;
|
||||
}
|
||||
|
||||
error_log /var/log/nginx/error.log warn;
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
http {
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
sendfile on;
|
||||
#tcp_nopush on;
|
||||
|
||||
keepalive_timeout 65;
|
||||
|
||||
#gzip on;
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
include /etc/nginx/sites-enabled/*;
|
||||
}
|
|
@ -0,0 +1,10 @@
|
|||
server {
|
||||
listen 80;
|
||||
server_name ec2-52-90-110-188.compute-1.amazonaws.com;
|
||||
|
||||
location / {
|
||||
include uwsgi_params;
|
||||
uwsgi_pass unix:{{src_dir}}/{{app_name}}.sock;
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,12 @@
|
|||
app_name: hello_webapp
|
||||
repo_url: git@github.com:mhfowler/alembic_flask_ansible_ec2_template.git
|
||||
repo_remote: origin
|
||||
repo_branch: master
|
||||
src_dir: /srv/hello_webapp
|
||||
log_dir: /srv/log
|
||||
aws_key_name: maxhfowler_dec8
|
||||
aws_security_group: citigroup_apps
|
||||
aws_instance_name: aws_default
|
||||
aws_key_location: /Users/maxfowler/Desktop/cs/ec2/dec8/maxhfowler_dec8.pem
|
||||
aws_subnet: subnet-1b647733
|
||||
prod_url: http://52.91.169.141/
|
|
@ -0,0 +1,2 @@
|
|||
#!/usr/bin/env bash
|
||||
ansible-playbook -i ansible/hosts ansible/deploy.yml
|
Loading…
Reference in New Issue