[dopr] initial playbook for new service

inventory/inventory

@@ -907,6 +907,9 @@ copr-front-stg
 copr-back-stg
 copr-keygen-stg
 
+[dopr-stg]
+209.132.184.42
+
 [pagure]
 pagure01.fedoraproject.org
 

playbooks/hosts/dopr-dev.cloud.fedoraproject.org.yml

@@ -0,0 +1,13 @@
+- name: provision dopr dev instance
+  hosts: dopr-stg
+  user: root
+  gather_facts: True
+
+  vars_files:
+   - /srv/web/infra/ansible/vars/global.yml
+   - "/srv/private/ansible/vars.yml"
+   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+  roles:
+  - base
+  - dopr

roles/dopr/files/cdic_update_db.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/bash
+
+
+echo "befor"
+
+cd ../..
+if [ -e /home/cdic/init_done ]; then
+    echo "db schema upgrade "
+    alembic upgrade head
+else
+    echo "initiating db"
+    PYTHONPATH=.:$PYTHONPATH /usr/bin/python3 cdic/manage.py create_db -f alembic.ini
+    touch /home/cdic/init_done
+fi
+echo "after"
+cd -

roles/dopr/files/pg_hba.conf

@@ -0,0 +1,13 @@
+local cdicdb copr-fe md5
+host  cdicdb copr-fe 127.0.0.1/8 md5
+host  cdicdb copr-fe ::1/128 md5
+local cdicdb postgres  ident
+
+# TYPE  DATABASE        USER            ADDRESS                 METHOD
+
+# "local" is for Unix domain socket connections only
+local   all             all                                     peer
+# IPv4 local connections:
+host    all             all             127.0.0.1/32            ident
+# IPv6 local connections:
+host    all             all             ::1/128                 ident

roles/dopr/files/ssh_config

@@ -0,0 +1,3 @@
+Host *
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null

roles/dopr/files/systemd/cdic_async.service

@@ -0,0 +1,21 @@
+[Unit]
+Description=cdic async executor daemon
+# Requires=postgresql.service # uncomment after added
+# After=
+# Requires=cdic_gunicorn.socket
+After=network.target
+
+[Service]
+PIDFile=/run/cdic/pid_async
+User=cdic
+Group=cdic
+WorkingDirectory=/home/cdic/server/cdic/src/cdic
+Environment="PYTHONPATH=..:$PYTHONPATH"
+# ExecReload=/bin/kill -s HUP $MAINPID
+ExecStop=/bin/kill -s TERM $MAINPID
+ExecStartPre=/usr/local/bin/cdic_update_db.sh
+ExecStart=/usr/bin/python3 manage.py run_async_tasks
+PrivateTmp=true
+
+[Install]
+WantedBy=multi-user.target

roles/dopr/files/systemd/cdic_gunicorn.service

@@ -0,0 +1,21 @@
+[Unit]
+Description=gunicorn daemon
+# Requires=postgresql.service # uncomment after added
+# After=
+Requires=cdic_async.service
+After=cdic_async.service
+After=network.target
+
+[Service]
+PIDFile=/run/cdic/pid
+User=cdic
+Group=cdic
+WorkingDirectory=/home/cdic/server/cdic/src/cdic
+ExecReload=/bin/kill -s HUP $MAINPID
+ExecStop=/bin/kill -s TERM $MAINPID
+# ExecStartPre=/opt/cdic/_docker/first_run.sh
+ExecStart=/usr/bin/python3-gunicorn --pid /run/cdic/pid app:app -b 0.0.0.0:8000
+PrivateTmp=true
+
+[Install]
+WantedBy=multi-user.target

roles/dopr/files/tmpfiles.d/cdic_gunicorn.conf

@@ -0,0 +1 @@
+d /run/cdic 0755 cdic cdic -

roles/dopr/tasks/main.yml

@@ -0,0 +1,79 @@
+# NB: dopr was initially called cdic
+
+- name: enabled our copr
+  shell: "dnf enable -y msuchy/copr"
+
+- name: install basic packages
+  yum: state=present pkg={{ item }}
+  with_items:
+  - "tmux"
+  - "bash-completion"
+  tags:
+  - packages
+
+
+- name: install dopr specific packages
+  yum: state=present pkg={{ item }}
+  with_items:
+  - python3
+  - python3-pip
+  - python3-gunicorn
+  - git
+  - redis
+  - vim
+  - wget
+  - dnf-plugins-core
+  - python3-psycopg2
+  - phantomjs
+
+- name: create cdic user
+  user: name="cdic" group="cdic"
+
+- name: git clone casperjs
+  git: repo=git://github.com/n1k0/casperjs.git
+       dest=/opt/
+
+- name: install casperjs
+  file: src=/opt/casperjs/bin/casperjs dest=/usr/bin/casperjs state=link mode=0755
+
+- name: git clone cdic into the cdic home
+  git: repo=git://github.com/evilkost/cdic.git
+       dest=/home/cdic/server/
+
+- name: install python requirements
+  pip: requirements=/home/cdic/server/requirements.txt executable=/usr/bin/pip3
+
+- name: install systemd units
+  copy: src="systemd/{{ item }}" dest="/etc/systemd/system/"
+  with_items:
+  - "cdic_async.service"
+  - "cdic_gunicorn.service"
+
+- name: install systemd tmpfiles
+  copy: src="tmpfiles.d/cdic_gunicorn.conf" dest="/etc/tmpfiles.d/"
+
+#   name: create working dirs
+-  file: path=/var/log/cdic state=directory mode=0755 owner=cdic group=cdic
+-  file: path=/var/lib/cdic state=directory mode=0755 owner=cdic group=cdic
+-  file: path=/var/lib/cdic/openid state=directory mode=0755 owner=cdic group=cdic
+-  file: path=/var/lib/cdic/wp state=directory mode=0755 owner=cdic group=cdic
+
+- name: copy cdic config
+  template: src="cdic.py" dest="/home/cdic/.config/cdic.py"
+
+- copy: src="cdic_update_db.sh" dest="/usr/local/bin/" chmod=0755
+
+- name: copy ssh key for github
+  copy: src="{{private}}/files/dopr/github-testing" dest="/home/cdic/.ssh/id_rsa"
+
+- include: "psql_setup.yml"
+
+
+
+- name: enables services
+  service: state=running enabled=yes name={{ item }}
+  - redis
+  - cdic_async
+  - cdic_gunicorn
+
+

roles/dopr/tasks/psql_setup.yml

@@ -0,0 +1,46 @@
+- name: install postresql
+  action: yum state=present pkg={{ item }}
+  with_items:
+  - "postgresql-server"
+  - "postgresql-contrib"
+
+- name: mount up disk of postgres
+  mount: name=/srv/ src='LABEL=cdic-db' fstype=ext4 state=mounted
+
+- name: mount up bind mount for postgres
+  mount: src=/srv/pgsqldb name=/var/lib/pgsql fstype=auto opts=bind state=mounted
+
+- command: "ls -dZ /var/lib/pgsql"
+  register: pgsql_ls
+
+- name: update selinux context for postgress db dir if it's wrong
+  command: "restorecon -vvRF /var/lib/pgsql"
+  when: pgsql_ls.stdout is defined and 'postgresql_db_t' not in  pgsql_ls.stdout
+
+- name: See if postgreSQL is installed
+  stat: path=/var/lib/pgsql/initdb.log
+  register: pgsql_installed
+
+- name: init postgresql
+  shell: "postgresql-setup initdb"
+  when: not pgsql_installed.stat.exists
+
+- name: copy pg_hba.conf
+  copy: src="pg/pg_hba.conf" dest=/var/lib/pgsql/data/pg_hba.conf owner=postgres group=postgres mode=0600
+  notify:
+  - restart postgresql
+  tags:
+  - config
+
+- name: enable Pg service
+  service: state=running enabled=yes name=postgresql
+
+- name: Create db
+  postgresql_db: name="cdicdb" encoding='UTF-8'
+  sudo: yes
+  sudo_user: postgres
+
+- name: Create db user
+  postgresql_user: db="cdicdb" name="cdic" password="{{ dopr_db_passwd }}" role_attr_flags=SUPERUSER,NOCREATEDB,NOCREATEROLE
+  sudo: yes
+  sudo_user: postgres

roles/dopr/templates/cdic.py

@@ -0,0 +1,19 @@
+
+# coding: utf-8
+
+DOCKERHUB_URL = 'https://hub.docker.com'
+DOCKERREGISTRY_URL = 'https://registry.hub.docker.com'
+DOCKERHUB_USERNAME = '{{ dopr_testing_dockerhub_username }}'
+DOCKERHUB_PASSWORD = '{{ dopr_testing_dockerhub_password }}'
+HUB_PROJECT_URL_TEMPLATE = 'http://registry.hub.docker.com/u/cdictest/{repo_name}'
+
+GITHUB_TOKEN = '{{ dopr_testing_github_token }}'
+GITHUB_USER = '{{ dopr_testing_github_username }}'
+GITHUB_API_ROOT = 'https://api.github.com'
+
+SQLALCHEMY_DATABASE_URI = 'postgresql+psycopg2://cdic:{{ dopr_db_passwd }}@localhost/cdicdb'
+DATABASE_CONNECT_OPTIONS = {}
+
+VAR_ROOT = '/var/lib/cdic'
+OPENID_STORE = '/var/lib/cdic/openid'
+CDIC_WORKPLACE = '/var/lib/cdic/wp'