2017-02-08 17:05:26 +01:00
|
|
|
---
|
2019-09-25 04:29:43 +02:00
|
|
|
- name: run maintenance mode
|
|
|
|
include_role:
|
|
|
|
name: maintenance
|
|
|
|
vars:
|
|
|
|
service_name: "patchwork"
|
|
|
|
service_domain: "{{ patchwork_domain }}"
|
|
|
|
service_alternate_domains: []
|
|
|
|
service_nginx_conf: "{{ patchwork_nginx_conf }}"
|
|
|
|
when: maintenance is defined
|
|
|
|
|
2017-06-09 23:17:43 +02:00
|
|
|
- name: install packages
|
2018-08-28 11:03:54 +02:00
|
|
|
pacman: name=gcc,git,python,python-psycopg2,sudo,uwsgi-plugin-python,python-pip state=present
|
2017-06-09 23:17:43 +02:00
|
|
|
|
2017-02-09 13:30:51 +01:00
|
|
|
- name: make patchwork user
|
2020-12-22 18:51:35 +01:00
|
|
|
user: name=patchwork shell=/bin/false home="{{ patchwork_dir }}" createhome=no
|
|
|
|
|
|
|
|
- name: fix home permissions
|
|
|
|
file: state=directory owner=patchwork group=patchwork mode=0755 path="{{ patchwork_dir }}"
|
2017-02-09 13:30:51 +01:00
|
|
|
|
2017-06-09 23:17:43 +02:00
|
|
|
- name: set patchwork groups
|
|
|
|
user: name=patchwork groups=uwsgi
|
2017-02-09 13:30:51 +01:00
|
|
|
|
2017-02-08 17:05:26 +01:00
|
|
|
- name: set up nginx
|
2019-09-25 04:29:43 +02:00
|
|
|
template: src=nginx.d.conf.j2 dest="{{ patchwork_nginx_conf }}" owner=root group=root mode=644
|
2017-02-08 17:05:26 +01:00
|
|
|
notify:
|
|
|
|
- reload nginx
|
2019-09-25 04:29:43 +02:00
|
|
|
when: maintenance is not defined
|
2018-02-19 21:41:14 +01:00
|
|
|
tags: ['nginx']
|
2017-02-08 17:05:26 +01:00
|
|
|
|
|
|
|
- name: make nginx log dir
|
2017-02-10 12:15:42 +01:00
|
|
|
file: path=/var/log/nginx/{{ patchwork_domain }} state=directory owner=root group=root mode=0755
|
2017-02-09 13:45:23 +01:00
|
|
|
|
2017-06-09 23:17:43 +02:00
|
|
|
- name: clone patchwork repo
|
|
|
|
git: repo=https://github.com/getpatchwork/patchwork.git dest="{{ patchwork_dir }}" version="{{ patchwork_version }}"
|
|
|
|
become: true
|
|
|
|
become_user: patchwork
|
|
|
|
register: release
|
|
|
|
|
|
|
|
- name: make virtualenv
|
|
|
|
command: python -m venv "{{ patchwork_dir }}"/env creates="{{ patchwork_dir }}/env/bin/python"
|
|
|
|
become: true
|
|
|
|
become_user: patchwork
|
|
|
|
|
|
|
|
- name: install from requirements into virtualenv
|
2017-09-10 13:18:54 +02:00
|
|
|
pip: requirements="{{ patchwork_dir }}/requirements-prod.txt" virtualenv="{{ patchwork_dir }}/env" extra_args="--no-binary :all:"
|
2017-06-09 23:17:43 +02:00
|
|
|
become: true
|
|
|
|
become_user: patchwork
|
|
|
|
register: virtualenv
|
|
|
|
|
|
|
|
- name: fix home permissions
|
2017-06-27 20:13:38 +02:00
|
|
|
file: state=directory owner=patchwork group=patchwork mode=0755 path="{{ patchwork_dir }}"
|
2017-06-27 15:44:09 +02:00
|
|
|
|
|
|
|
- name: configure patchwork
|
|
|
|
template: src=production.py.j2 dest="{{ patchwork_dir }}/patchwork/settings/production.py" owner=patchwork group=patchwork mode=0660
|
|
|
|
register: config
|
|
|
|
no_log: true
|
|
|
|
|
|
|
|
- name: create patchwork db users
|
2018-06-07 00:13:24 +02:00
|
|
|
postgresql_user: name={{ item.user }} password={{ item.password }} login_host="{{ patchwork_db_host }}" login_password="{{ vault_postgres_users.postgres }}" encrypted=yes
|
2017-06-27 15:44:09 +02:00
|
|
|
no_log: true
|
|
|
|
with_items:
|
2018-06-07 00:15:10 +02:00
|
|
|
- { user: "{{ patchwork_db_user }}", password: "{{ vault_patchwork_db_password }}" }
|
|
|
|
- { user: "{{ patchwork_db_backup_user }}", password: "{{ vault_patchwork_db_backup_password }}" }
|
2017-06-27 15:44:09 +02:00
|
|
|
|
|
|
|
- name: create patchwork db
|
2018-06-07 00:13:24 +02:00
|
|
|
postgresql_db: name="{{ patchwork_db }}" login_host="{{ patchwork_db_host }}" login_password="{{ vault_postgres_users.postgres }}" owner="{{ patchwork_db_user }}"
|
2017-06-27 15:44:09 +02:00
|
|
|
register: db_created
|
|
|
|
|
|
|
|
- name: django migrate
|
|
|
|
django_manage: app_path="{{ patchwork_dir }}" command=migrate virtualenv="{{ patchwork_dir }}/env"
|
|
|
|
become: true
|
|
|
|
become_user: patchwork
|
|
|
|
when: (db_created.changed or release.changed or config.changed or virtualenv.changed or patchwork_forced_deploy)
|
|
|
|
|
|
|
|
- name: db privileges for patchwork users
|
2018-06-07 00:15:10 +02:00
|
|
|
postgresql_privs: database="{{ patchwork_db }}" host="{{ patchwork_db_host }}" login="{{ patchwork_db_user }}" password="{{ vault_patchwork_db_password }}"
|
2017-06-27 15:44:09 +02:00
|
|
|
privs=CONNECT roles="{{ item }}" type=database
|
|
|
|
with_items:
|
|
|
|
- "{{ patchwork_db_backup_user }}"
|
|
|
|
|
|
|
|
- name: table privileges for patchwork users
|
2018-06-07 00:15:10 +02:00
|
|
|
postgresql_privs: database="{{ patchwork_db }}" host="{{ patchwork_db_host }}" login="{{ patchwork_db_user }}" password="{{ vault_patchwork_db_password }}"
|
2017-06-27 15:44:09 +02:00
|
|
|
privs=SELECT roles="{{ item.user }}" type=table objs="{{ item.objs }}"
|
|
|
|
with_items:
|
|
|
|
- { user: "{{ patchwork_db_backup_user }}", objs: "{{ patchwork_db_backup_table_objs }}" }
|
|
|
|
|
|
|
|
- name: sequence privileges for patchwork users
|
2018-06-07 00:15:10 +02:00
|
|
|
postgresql_privs: database="{{ patchwork_db }}" host="{{ patchwork_db_host }}" login="{{ patchwork_db_user }}" password="{{ vault_patchwork_db_password }}"
|
2017-06-27 15:44:09 +02:00
|
|
|
privs=SELECT roles="{{ item.user }}" type=sequence objs="{{ item.objs }}"
|
|
|
|
with_items:
|
|
|
|
- { user: "{{ patchwork_db_backup_user }}", objs: "{{ patchwork_db_backup_sequence_objs }}" }
|
|
|
|
|
|
|
|
- name: django collectstatic
|
|
|
|
django_manage: app_path="{{ patchwork_dir }}" command=collectstatic virtualenv="{{ patchwork_dir }}/env"
|
|
|
|
become: true
|
|
|
|
become_user: patchwork
|
|
|
|
when: (db_created.changed or release.changed or config.changed or virtualenv.changed or patchwork_forced_deploy)
|
|
|
|
|
2017-08-24 03:55:23 +02:00
|
|
|
- name: install patchwork parsemail script
|
|
|
|
template: src="patchwork-parsemail-wrapper.sh.j2" dest="/usr/local/bin/patchwork-parsemail-wrapper.sh" owner=root group=root mode=0755
|
|
|
|
|
2020-12-24 17:34:32 +01:00
|
|
|
- name: install sudoer rights for fetchmail to call patchwork
|
|
|
|
copy: src=fetchmail-patchwork dest=/etc/sudoers.d/fetchmail-patchwork owner=root group=root mode=0440
|
|
|
|
|
2017-07-15 23:32:52 +02:00
|
|
|
- name: install patchwork memcached service
|
|
|
|
template: src="patchwork-memcached.service.j2" dest="/etc/systemd/system/patchwork-memcached.service" owner=root group=root mode=0644
|
|
|
|
notify:
|
|
|
|
- daemon reload
|
|
|
|
|
2017-08-23 20:32:48 +02:00
|
|
|
- name: install patchwork notification service
|
|
|
|
template: src="patchwork-notification.service.j2" dest="/etc/systemd/system/patchwork-notification.service" owner=root group=root mode=0644
|
|
|
|
notify:
|
|
|
|
- daemon reload
|
|
|
|
|
|
|
|
- name: install patchwork notification timer
|
|
|
|
template: src="patchwork-notification.timer.j2" dest="/etc/systemd/system/patchwork-notification.timer" owner=root group=root mode=0644
|
|
|
|
notify:
|
|
|
|
- daemon reload
|
|
|
|
|
2017-06-27 15:44:09 +02:00
|
|
|
- name: deploy patchwork
|
|
|
|
template: src=patchwork.ini.j2 dest=/etc/uwsgi/vassals/patchwork.ini owner=patchwork group=http mode=0644
|
|
|
|
|
|
|
|
- name: deploy new release
|
2020-12-22 18:51:35 +01:00
|
|
|
file: path=/etc/uwsgi/vassals/patchwork.ini state=touch owner=patchwork group=http mode=0644
|
2017-06-27 15:44:09 +02:00
|
|
|
when: (release.changed or config.changed or virtualenv.changed or patchwork_forced_deploy)
|
2017-07-15 23:32:52 +02:00
|
|
|
|
2020-06-12 22:08:11 +02:00
|
|
|
- name: start and enable patchwork memcached service and notification timer
|
|
|
|
systemd:
|
|
|
|
name: "{{ item }}"
|
|
|
|
enabled: yes
|
|
|
|
state: started
|
|
|
|
daemon_reload: yes
|
|
|
|
with_items:
|
|
|
|
- patchwork-memcached.service
|
|
|
|
- patchwork-notification.timer
|