mirror/infrastructure
1
1
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2025-01-18 08:06:16 +01:00
Code Issues
disable-oom-alert-on-build-machines
infrastructure/roles/archmanweb/tasks/main.yml
Robin Candau 701c1d01ef Migrate 'with_X' to 'loop'
2024-12-23 17:43:01 +00:00

107 lines
3.5 KiB
YAML
Raw Permalink Blame History

- name: Create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ archmanweb_domain }}"]
when: 'archmanweb_domain is defined'
- name: Install required packages
pacman:
state: present
name:
- git
- mandoc
- pyalpm
- python-chardet
- python-django
- python-django-csp
- python-psycopg2
- python-requests
- python-xtarfile
- uwsgi-plugin-python
- make
- sassc
- name: Make archmanweb user
user: name=archmanweb shell=/bin/false home="{{ archmanweb_dir }}"
- name: Fix home permissions
file: state=directory owner=archmanweb group=archmanweb mode=0755 path="{{ archmanweb_dir }}"
- name: Set archmanweb groups
user: name=archmanweb groups=uwsgi
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="{{ archmanweb_nginx_conf }}" owner=root group=root mode=644
notify: Reload nginx
tags: ['nginx']
- name: Make nginx log dir
file: path=/var/log/nginx/{{ archmanweb_domain }} state=directory owner=root group=root mode=0755
- name: Clone archmanweb repo
git: >
repo={{ archmanweb_repository }}
dest="{{ archmanweb_dir }}/repo"
version={{ archmanweb_version }}
# TODO
# verify_commit=true
# gpg_whitelist={{ archmanweb_pgp_key }}
become: true
become_user: archmanweb
register: release
- name: Build archlinux-common-style # noqa no-changed-when
command:
cmd: make SASS=sassc
chdir: "{{ archmanweb_dir }}/repo/archlinux-common-style"
become: true
become_user: archmanweb
when: release.changed or archmanweb_forced_deploy
- name: Configure archmanweb
template: src=local_settings.py.j2 dest={{ archmanweb_dir }}/repo/local_settings.py owner=archmanweb group=archmanweb mode=0660
register: config
no_log: true
- name: Copy robots.txt
copy: src=robots.txt dest="{{ archmanweb_dir }}/repo/robots.txt" owner=root group=root mode=0644
- name: Create archmanweb db user
postgresql_user: name={{ archmanweb_db_user }} password={{ vault_archmanweb_db_password }} login_host="{{ archmanweb_db_host }}" login_password="{{ vault_postgres_users.postgres }}" encrypted=yes
no_log: true
- name: Create archmanweb db
postgresql_db: name="{{ archmanweb_db }}" login_host="{{ archmanweb_db_host }}" login_password="{{ vault_postgres_users.postgres }}" owner="{{ archmanweb_db_user }}"
register: db_created
- name: Add pg_trgm extension to the archmanweb db
postgresql_ext: name="pg_trgm" db="{{ archmanweb_db }}" login_host="{{ archmanweb_db_host }}" login_password="{{ vault_postgres_users.postgres }}"
when: db_created.changed or archmanweb_forced_deploy
- name: Run Django management tasks
django_manage: app_path="{{ archmanweb_dir }}/repo" command="{{ item }}"
loop:
- migrate
- collectstatic
- man_drop_cache
become: true
become_user: archmanweb
when: db_created.changed or release.changed or config.changed or archmanweb_forced_deploy
- name: Configure UWSGI for archmanweb
template: src=archmanweb.ini.j2 dest=/etc/uwsgi/vassals/archmanweb.ini owner=archmanweb group=http mode=0640
- name: Deploy new release
file: path=/etc/uwsgi/vassals/archmanweb.ini state=touch owner=archmanweb group=http mode=0640
when: release.changed or config.changed or archmanweb_forced_deploy
- name: Install systemd units
template: src="{{ item }}.j2" dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
loop:
- archmanweb_update.service
- archmanweb_update.timer
- name: Start and enable archmanweb update timer
systemd_service: name="archmanweb_update.timer" enabled=yes state=started daemon_reload=yes
View Git Blame Copy Permalink