diff --git a/inventory/inventory b/inventory/inventory index 202fba3d20..5fe306a22b 100644 --- a/inventory/inventory +++ b/inventory/inventory @@ -907,6 +907,9 @@ copr-front-stg copr-back-stg copr-keygen-stg +[dopr-stg] +209.132.184.42 + [pagure] pagure01.fedoraproject.org diff --git a/playbooks/hosts/dopr-dev.cloud.fedoraproject.org.yml b/playbooks/hosts/dopr-dev.cloud.fedoraproject.org.yml new file mode 100644 index 0000000000..ef62139b32 --- /dev/null +++ b/playbooks/hosts/dopr-dev.cloud.fedoraproject.org.yml @@ -0,0 +1,13 @@ +- name: provision dopr dev instance + hosts: dopr-stg + user: root + gather_facts: True + + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + + roles: + - base + - dopr diff --git a/roles/dopr/files/cdic_update_db.sh b/roles/dopr/files/cdic_update_db.sh new file mode 100644 index 0000000000..aa15ea9ea0 --- /dev/null +++ b/roles/dopr/files/cdic_update_db.sh @@ -0,0 +1,16 @@ +#!/usr/bin/bash + + +echo "befor" + +cd ../.. +if [ -e /home/cdic/init_done ]; then + echo "db schema upgrade " + alembic upgrade head +else + echo "initiating db" + PYTHONPATH=.:$PYTHONPATH /usr/bin/python3 cdic/manage.py create_db -f alembic.ini + touch /home/cdic/init_done +fi +echo "after" +cd - diff --git a/roles/dopr/files/pg_hba.conf b/roles/dopr/files/pg_hba.conf new file mode 100644 index 0000000000..c24f73a4c5 --- /dev/null +++ b/roles/dopr/files/pg_hba.conf @@ -0,0 +1,13 @@ +local cdicdb copr-fe md5 +host cdicdb copr-fe 127.0.0.1/8 md5 +host cdicdb copr-fe ::1/128 md5 +local cdicdb postgres ident + +# TYPE DATABASE USER ADDRESS METHOD + +# "local" is for Unix domain socket connections only +local all all peer +# IPv4 local connections: +host all all 127.0.0.1/32 ident +# IPv6 local connections: +host all all ::1/128 ident diff --git a/roles/dopr/files/ssh_config b/roles/dopr/files/ssh_config new file mode 100644 index 0000000000..41dff51a6b --- /dev/null +++ b/roles/dopr/files/ssh_config @@ -0,0 +1,3 @@ +Host * + StrictHostKeyChecking no + UserKnownHostsFile /dev/null diff --git a/roles/dopr/files/systemd/cdic_async.service b/roles/dopr/files/systemd/cdic_async.service new file mode 100644 index 0000000000..f0af37de62 --- /dev/null +++ b/roles/dopr/files/systemd/cdic_async.service @@ -0,0 +1,21 @@ +[Unit] +Description=cdic async executor daemon +# Requires=postgresql.service # uncomment after added +# After= +# Requires=cdic_gunicorn.socket +After=network.target + +[Service] +PIDFile=/run/cdic/pid_async +User=cdic +Group=cdic +WorkingDirectory=/home/cdic/server/cdic/src/cdic +Environment="PYTHONPATH=..:$PYTHONPATH" +# ExecReload=/bin/kill -s HUP $MAINPID +ExecStop=/bin/kill -s TERM $MAINPID +ExecStartPre=/usr/local/bin/cdic_update_db.sh +ExecStart=/usr/bin/python3 manage.py run_async_tasks +PrivateTmp=true + +[Install] +WantedBy=multi-user.target diff --git a/roles/dopr/files/systemd/cdic_gunicorn.service b/roles/dopr/files/systemd/cdic_gunicorn.service new file mode 100644 index 0000000000..21fc943e30 --- /dev/null +++ b/roles/dopr/files/systemd/cdic_gunicorn.service @@ -0,0 +1,21 @@ +[Unit] +Description=gunicorn daemon +# Requires=postgresql.service # uncomment after added +# After= +Requires=cdic_async.service +After=cdic_async.service +After=network.target + +[Service] +PIDFile=/run/cdic/pid +User=cdic +Group=cdic +WorkingDirectory=/home/cdic/server/cdic/src/cdic +ExecReload=/bin/kill -s HUP $MAINPID +ExecStop=/bin/kill -s TERM $MAINPID +# ExecStartPre=/opt/cdic/_docker/first_run.sh +ExecStart=/usr/bin/python3-gunicorn --pid /run/cdic/pid app:app -b 0.0.0.0:8000 +PrivateTmp=true + +[Install] +WantedBy=multi-user.target diff --git a/roles/dopr/files/tmpfiles.d/cdic_gunicorn.conf b/roles/dopr/files/tmpfiles.d/cdic_gunicorn.conf new file mode 100644 index 0000000000..5d4f8d784c --- /dev/null +++ b/roles/dopr/files/tmpfiles.d/cdic_gunicorn.conf @@ -0,0 +1 @@ +d /run/cdic 0755 cdic cdic - diff --git a/roles/dopr/tasks/main.yml b/roles/dopr/tasks/main.yml new file mode 100644 index 0000000000..f6e74ba802 --- /dev/null +++ b/roles/dopr/tasks/main.yml @@ -0,0 +1,79 @@ +# NB: dopr was initially called cdic + +- name: enabled our copr + shell: "dnf enable -y msuchy/copr" + +- name: install basic packages + yum: state=present pkg={{ item }} + with_items: + - "tmux" + - "bash-completion" + tags: + - packages + + +- name: install dopr specific packages + yum: state=present pkg={{ item }} + with_items: + - python3 + - python3-pip + - python3-gunicorn + - git + - redis + - vim + - wget + - dnf-plugins-core + - python3-psycopg2 + - phantomjs + +- name: create cdic user + user: name="cdic" group="cdic" + +- name: git clone casperjs + git: repo=git://github.com/n1k0/casperjs.git + dest=/opt/ + +- name: install casperjs + file: src=/opt/casperjs/bin/casperjs dest=/usr/bin/casperjs state=link mode=0755 + +- name: git clone cdic into the cdic home + git: repo=git://github.com/evilkost/cdic.git + dest=/home/cdic/server/ + +- name: install python requirements + pip: requirements=/home/cdic/server/requirements.txt executable=/usr/bin/pip3 + +- name: install systemd units + copy: src="systemd/{{ item }}" dest="/etc/systemd/system/" + with_items: + - "cdic_async.service" + - "cdic_gunicorn.service" + +- name: install systemd tmpfiles + copy: src="tmpfiles.d/cdic_gunicorn.conf" dest="/etc/tmpfiles.d/" + +# name: create working dirs +- file: path=/var/log/cdic state=directory mode=0755 owner=cdic group=cdic +- file: path=/var/lib/cdic state=directory mode=0755 owner=cdic group=cdic +- file: path=/var/lib/cdic/openid state=directory mode=0755 owner=cdic group=cdic +- file: path=/var/lib/cdic/wp state=directory mode=0755 owner=cdic group=cdic + +- name: copy cdic config + template: src="cdic.py" dest="/home/cdic/.config/cdic.py" + +- copy: src="cdic_update_db.sh" dest="/usr/local/bin/" chmod=0755 + +- name: copy ssh key for github + copy: src="{{private}}/files/dopr/github-testing" dest="/home/cdic/.ssh/id_rsa" + +- include: "psql_setup.yml" + + + +- name: enables services + service: state=running enabled=yes name={{ item }} + - redis + - cdic_async + - cdic_gunicorn + + diff --git a/roles/dopr/tasks/psql_setup.yml b/roles/dopr/tasks/psql_setup.yml new file mode 100644 index 0000000000..436c613a6f --- /dev/null +++ b/roles/dopr/tasks/psql_setup.yml @@ -0,0 +1,46 @@ +- name: install postresql + action: yum state=present pkg={{ item }} + with_items: + - "postgresql-server" + - "postgresql-contrib" + +- name: mount up disk of postgres + mount: name=/srv/ src='LABEL=cdic-db' fstype=ext4 state=mounted + +- name: mount up bind mount for postgres + mount: src=/srv/pgsqldb name=/var/lib/pgsql fstype=auto opts=bind state=mounted + +- command: "ls -dZ /var/lib/pgsql" + register: pgsql_ls + +- name: update selinux context for postgress db dir if it's wrong + command: "restorecon -vvRF /var/lib/pgsql" + when: pgsql_ls.stdout is defined and 'postgresql_db_t' not in pgsql_ls.stdout + +- name: See if postgreSQL is installed + stat: path=/var/lib/pgsql/initdb.log + register: pgsql_installed + +- name: init postgresql + shell: "postgresql-setup initdb" + when: not pgsql_installed.stat.exists + +- name: copy pg_hba.conf + copy: src="pg/pg_hba.conf" dest=/var/lib/pgsql/data/pg_hba.conf owner=postgres group=postgres mode=0600 + notify: + - restart postgresql + tags: + - config + +- name: enable Pg service + service: state=running enabled=yes name=postgresql + +- name: Create db + postgresql_db: name="cdicdb" encoding='UTF-8' + sudo: yes + sudo_user: postgres + +- name: Create db user + postgresql_user: db="cdicdb" name="cdic" password="{{ dopr_db_passwd }}" role_attr_flags=SUPERUSER,NOCREATEDB,NOCREATEROLE + sudo: yes + sudo_user: postgres diff --git a/roles/dopr/templates/cdic.py b/roles/dopr/templates/cdic.py new file mode 100644 index 0000000000..3c609af205 --- /dev/null +++ b/roles/dopr/templates/cdic.py @@ -0,0 +1,19 @@ + +# coding: utf-8 + +DOCKERHUB_URL = 'https://hub.docker.com' +DOCKERREGISTRY_URL = 'https://registry.hub.docker.com' +DOCKERHUB_USERNAME = '{{ dopr_testing_dockerhub_username }}' +DOCKERHUB_PASSWORD = '{{ dopr_testing_dockerhub_password }}' +HUB_PROJECT_URL_TEMPLATE = 'http://registry.hub.docker.com/u/cdictest/{repo_name}' + +GITHUB_TOKEN = '{{ dopr_testing_github_token }}' +GITHUB_USER = '{{ dopr_testing_github_username }}' +GITHUB_API_ROOT = 'https://api.github.com' + +SQLALCHEMY_DATABASE_URI = 'postgresql+psycopg2://cdic:{{ dopr_db_passwd }}@localhost/cdicdb' +DATABASE_CONNECT_OPTIONS = {} + +VAR_ROOT = '/var/lib/cdic' +OPENID_STORE = '/var/lib/cdic/openid' +CDIC_WORKPLACE = '/var/lib/cdic/wp'