.gitignore

@@ -0,0 +1,2 @@
+secret_files*
+secret*

README.md

@@ -1,5 +1,6 @@
 # simple-ansible-template
 
+tested with ansible-playbook 2.9.3
 
 # generate deploy key
 `ssh-keygen -t rsa -b 4096 -C "email@email.com"`

ansible/deploy.yml

@@ -1,64 +1,31 @@
----
-
-- hosts: webservers
-  user: ubuntu
-  sudo: True
-
+- hosts: vps
+  user: root
   tasks:
     - include_vars: vars.yaml
 
-    - name: ensure log directory
-      action: file dest={{log_dir}} state=directory
+    - name: deploy code from github
+      git: repo={{item.repo_url}} dest={{item.destination}} remote={{item.remote}} version={{item.branch}} accept_hostkey=yes
+      loop:
+        - { repo_url: 'https://github.com/peachcloud/peach-vps.git', remote: 'main', branch: 'main', destination: '{{src_dir}}/peach-vps' }
 
-    - name: deploy code from repository
-      git: repo={{repo_url}} dest={{src_dir}} remote={{repo_remote}} version={{repo_branch}} accept_hostkey=yes
-      notify:
-        - restart nginx
-        - restart webapp
-
-    - name: install python requirements
-      action: pip requirements={{src_dir}}/requirements.txt state=present
-
-    - name: copy hellow_webapp.ini
-      action: template src=templates/hello_webapp.ini dest={{src_dir}}/hello_webapp.ini
-
-    - name: create nginx site config
-      action: template src=templates/nginx_site.conf dest=/etc/nginx/sites-available/{{app_name}}.conf
+    - name: create nginx site configs
+      action: template src={{item.template}} dest=/etc/nginx/sites-enabled/{{item.name}}
+      loop:
+        - { template: 'templates/nginx_peach.conf', name: 'peach.conf' }
       notify:
         - restart nginx
 
-    - name: link nginx config
-      action: file src=/etc/nginx/sites-available/{{app_name}}.conf dest=/etc/nginx/sites-enabled/{{app_name}}.conf state=link
-
-    - name: create upstart script for webapp
-      action: template src=templates/hello_webapp.conf dest=/etc/init/hello_webapp.conf
-
-    - name: ensure secrets directory
-      action: file dest={{src_dir}}/devops/secret_files state=directory
-
-    - name: Copy secret.json file
-      copy: src=secret_files/secret.json dest={{src_dir}}/devops/secret_files/secret.json
-
-    - name: make src_dir writeable by webgroup
-      action: file path={{src_dir}} mode=u=rwX,g=rwX,o=X recurse=yes group=webgroup
-
-    - name: make log_dir writeable by webgroup
-      action: file path={{log_dir}} mode=u=rwX,g=rwX,o=X recurse=yes group=webgroup
-
-#    - name: crontab to check alerts
-#      cron: name="check alerts" minute="*" job="curl {{prod_url}}/get_all_tix/"
+    - name: copy index.html
+      action: template src=index.html dest=/srv/www/index.html
+      notify:
+        - restart nginx
 
     - name: restart server and webapp
       command: /bin/true
       notify:
         - restart nginx
-        - restart webapp
-
 
   handlers:
-
     - name: restart nginx
       action: service name=nginx state=restarted
 
-    - name: restart webapp
-      action: service name={{app_name}} state=restarted

ansible/hosts

@@ -0,0 +1,2 @@
+[vps]
+159.89.5.141 ansible_ssh_user=root ansible_ssh_private_key_file=ansible/secret_files/do_rsa

ansible/setup.yml

@@ -1,85 +1,43 @@
----
-
-- hosts: webservers
-  user: ubuntu
-  sudo: True
-
+- hosts: vps
+  user: root
   tasks:
     - include_vars: vars.yaml
 
-    - name: add nginx ppa
-      action: apt_repository repo=ppa:nginx/stable state=present
+    - name: Setup users and groups
+      block:
+      - name: Ensure groups exist
+        group:
+          name: peach
+          state: present
 
-    - name: install common packages needed for python application development
-      action: apt pkg=$item state=installed
-      with_items:
-        - libpq-dev
-        - libmysqlclient-dev
-        - libxml2-dev
-        - libjpeg62
-        - libjpeg62-dev
-        - libfreetype6
-        - libfreetype6-dev
-        - zlib1g-dev
-        - mysql-client
-        - python-dev
-        - python-setuptools
-        - python-imaging
-        - python-mysqldb
-        - python-psycopg2
-        - git-core
-        - nginx
-
-    - name: install pip
-      action: easy_install name=pip
-
-    - name: install virtualenv and uwsgi
-      action: pip name={{item.name}} version={{item.version}}
-      with_items:
-        - { name: 'virtualenv', version: '14.0.6' }
-        - { name: 'uwsgi', version: '2.0.12' }
-
-    - name: symlink imaging library files
-      action: file src=/usr/lib/x86_64-linux-gnu/libfreetype.so dest=/usr/lib/libfreetype.so state=link
-
-    - name: symlink imaging library files
-      action: file src=/usr/lib/x86_64-linux-gnu/libz.so dest=/usr/lib/libz.so state=link
-
-    - name: symlink imaging library files
-      action: file src=/usr/lib/x86_64-linux-gnu/libjpeg.so.62 dest=/usr/lib/x86_64-linux-gnu/libjpeg.so state=link
-
-    - name: symlink imaging library files
-      action: file src=/usr/lib/x86_64-linux-gnu/libjpeg.so dest=/usr/lib/libjpeg.so state=link
-
-    - name: remove default nginx site
-      action: file path=/etc/nginx/sites-enabled/default state=absent
-
-    - name: write nginx.conf
-      action: template src=templates/nginx.conf dest=/etc/nginx/nginx.conf
-
-    - name: create webgroup if it doesn't exist
-      group: name=webgroup state=present
-      tags:
-        - debug
-
-    - name: ensure wsgi-user belongs to webgroup
-      user: name=wsgi-user groups=webgroup append=yes
-      tags:
-        - debug
-
-    - name: ensure wsgi-user belongs to webgroup
-      user: name=www-data groups=webgroup append=yes
-      tags:
-        - debug
-
-    - name: ensure ubuntu belongs to webgroup
-      user: name=ubuntu groups=webgroup append=yes
-      tags:
-        - debug
+      - name: Ensure users exist
+        ansible.builtin.user:
+          name: "{{ item }}"
+          state: present
+          groups: "peach"
+        loop:
+          - notplants
+          - glyph
 
     - name: copy over ssh keys for deploy purposes
       action: copy src={{item.from}} dest={{item.to}} mode={{item.mode}}
-      with_items:
+      loop:
         - { from: 'secret_files/deploy_rsa.pub', to: '/root/.ssh/id_rsa.pub', mode: '0644' }
         - { from: 'secret_files/deploy_rsa', to: '/root/.ssh/id_rsa', mode: '0600' }
 
+    - name: ensure log directory
+      action: file dest={{log_dir}} state=directory
+
+    - name: ensure src directory
+      action: file dest={{src_dir}} state=directory
+
+    - name: ensure www directory
+      action: file dest=/srv/www state=directory
+
+    - name: install packages
+      apt:
+        pkg:
+          - git
+          - nginx
+
+

ansible/templates/index.html

@@ -0,0 +1 @@
+hello cat landing page

ansible/templates/nginx.conf

@@ -1,4 +1,4 @@
-user www-data webgroup;
+user www-data peach;
 worker_processes 1;
 worker_rlimit_nofile 8192;
 

ansible/templates/nginx_peach.conf

@@ -0,0 +1,10 @@
+server {
+    listen 80;
+    server_name 159.89.5.141;
+
+    location / {
+        root /srv/www/;
+        index index.html;
+        try_files $uri $uri/ /index.html;
+    }
+}

ansible/templates/nginx_site.conf

@@ -1,10 +0,0 @@
-server {
-    listen 80;
-    server_name ec2-52-90-110-188.compute-1.amazonaws.com;
-
-    location / {
-        include uwsgi_params;
-        uwsgi_pass unix:{{src_dir}}/{{app_name}}.sock;
-    }
-
-}

ansible/vars.yaml

@@ -1,12 +1,3 @@
-app_name: hello_webapp
-repo_url: git@github.com:mhfowler/alembic_flask_ansible_ec2_template.git
-repo_remote: origin
-repo_branch: master
-src_dir: /srv/hello_webapp
+app_name: peach-vps
 log_dir: /srv/log
-aws_key_name: maxhfowler_dec8
-aws_security_group: citigroup_apps
-aws_instance_name: aws_default
-aws_key_location: /Users/maxfowler/Desktop/cs/ec2/dec8/maxhfowler_dec8.pem
-aws_subnet: subnet-1b647733
-prod_url: http://52.91.169.141/
+src_dir: /srv/src

ssh.sh

@@ -0,0 +1 @@
+ssh -i ansible/secret_files/do_rsa root@159.89.5.141