From 7843f7378ee6dd98b82d5f05ca1eefb9d4b579d2 Mon Sep 17 00:00:00 2001 From: Pierre-Yves Chibon Date: Tue, 8 Apr 2014 16:23:06 +0200 Subject: [PATCH] Add roles and hosts files for elections0{1,2,1.stg} --- .../elections01.phx2.fedoraproject.org-hosts | 7 +++ ...ections01.stg.phx2.fedoraproject.org-hosts | 11 ++++ .../elections02.phx2.fedoraproject.org-hosts | 7 +++ roles/elections/tasks/main.yml | 59 +++++++++++++++++++ .../elections/templates/fedora-elections.cfg | 29 +++++++++ .../elections/templates/fedora-elections.conf | 14 +++++ .../elections/templates/fedora-elections.wsgi | 16 +++++ 7 files changed, 143 insertions(+) create mode 100644 files/hosts/elections01.phx2.fedoraproject.org-hosts create mode 100644 files/hosts/elections01.stg.phx2.fedoraproject.org-hosts create mode 100644 files/hosts/elections02.phx2.fedoraproject.org-hosts create mode 100644 roles/elections/tasks/main.yml create mode 100644 roles/elections/templates/fedora-elections.cfg create mode 100644 roles/elections/templates/fedora-elections.conf create mode 100644 roles/elections/templates/fedora-elections.wsgi diff --git a/files/hosts/elections01.phx2.fedoraproject.org-hosts b/files/hosts/elections01.phx2.fedoraproject.org-hosts new file mode 100644 index 0000000000..cb6953b6cf --- /dev/null +++ b/files/hosts/elections01.phx2.fedoraproject.org-hosts @@ -0,0 +1,7 @@ +127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 +::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 + +10.5.126.52 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org +10.5.126.23 infrastructure.fedoraproject.org + +10.5.126.71 db-elections db-elections diff --git a/files/hosts/elections01.stg.phx2.fedoraproject.org-hosts b/files/hosts/elections01.stg.phx2.fedoraproject.org-hosts new file mode 100644 index 0000000000..53e03d68c9 --- /dev/null +++ b/files/hosts/elections01.stg.phx2.fedoraproject.org-hosts @@ -0,0 +1,11 @@ +127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 +::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 + +10.5.126.89 admin.fedoraproject.org +10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org +10.5.126.86 fas01.phx2.fedoraproject.org fas1 fas2 fas01 fas02 fas03 fas-all +10.5.126.23 infrastructure.fedoraproject.org + +10.5.126.81 memcached03 memcached03.stg app01 app01.stg + +10.5.126.85 db-elections db-elections diff --git a/files/hosts/elections02.phx2.fedoraproject.org-hosts b/files/hosts/elections02.phx2.fedoraproject.org-hosts new file mode 100644 index 0000000000..cb6953b6cf --- /dev/null +++ b/files/hosts/elections02.phx2.fedoraproject.org-hosts @@ -0,0 +1,7 @@ +127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 +::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 + +10.5.126.52 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org +10.5.126.23 infrastructure.fedoraproject.org + +10.5.126.71 db-elections db-elections diff --git a/roles/elections/tasks/main.yml b/roles/elections/tasks/main.yml new file mode 100644 index 0000000000..181ad9b602 --- /dev/null +++ b/roles/elections/tasks/main.yml @@ -0,0 +1,59 @@ +--- +# Configuration for the nuancier webapp + +- name: clean yum metadata + command: yum clean all + tags: + - packages + +- name: install needed packages + yum: pkg={{ item }} state=installed + with_items: + - fedora-elections + - python-psycopg2 + - python-openid-cla + - python-openid-teams + - python-memcached + - libsemanage-python + - python-alembic + tags: + - packages + +- name: replace the fedora-elections configuration file by the one with the normal user + template: src={{ item.file }} + dest="{{ item.location }}/{{ item.file }}" + owner=apache group=apache mode=0600 + with_items: + - { file: fedora-elections.cfg, location: /etc/fedora-elections } + - { file: fedora-elections.conf, location: /etc/httpd/conf.d } + - { file: fedora-elections.wsgi, location: /usr/share/fedora-elections } + tags: + - config + notify: + - restart apache + +- name: create the database scheme + command: /usr/bin/python2 /usr/share/fedora-elections/fedora-elections_createdb.py + environment: + FEDORA_ELECTIONS_CONFIG: /etc/fedora-elections/fedora-elections.cfg + tags: + - config + notify: + - restart apache + +- name: set sebooleans so fedora-elections can talk to the db + action: seboolean name=httpd_can_network_connect_db + state=true + persistent=true + +- name: apply selinux type to static files + file: > + dest=/usr/lib/python2.6/site-packages/fedora_elections/static/ + setype=httpd_sys_content_t + state=directory + recurse=yes + +- name: apply selinux type to the wsgi file + file: > + dest=/usr/share/fedora-elections/fedora-elections.wsgi + setype=httpd_sys_content_t diff --git a/roles/elections/templates/fedora-elections.cfg b/roles/elections/templates/fedora-elections.cfg new file mode 100644 index 0000000000..42556cc148 --- /dev/null +++ b/roles/elections/templates/fedora-elections.cfg @@ -0,0 +1,29 @@ +# Beware that the quotes around the values are mandatory + +import os + +### Secret key for the Flask application +SECRET_KEY='{{ elections_secret_key }}' + +### url to the database server: +DB_URL='postgresql://{{ elections_db_user }}:{{ elections_db_pass }}@{{ elections_db_host }}/{{ elections_db_name }}' + +## One ore more FAS group that will have admin rights over the whole +## application, including all elections past, present and future +FEDORA_ELECTIONS_ADMIN_GROUP = 'elections' + + +## Fedora-elections can integrate with FAS to retrieve information about the +## candidates, the following configuration keys are required for this +## integration. +## URL of the FAS server to use +{% if env == 'staging' %} +FAS_BASE_URL = 'https://admin.fedoraproject.org/accounts/' +{% else %} +FAS_BASE_URL = 'https://admin.stg.fedoraproject.org/accounts/' +{% endif %} +FAS_USERNAME = '{{ fedorathirdpartyUser }}' +FAS_PASSWORD = '{{ fedorathirdpartyPassword }}' +## This should be ``True`` but should be changed to ``False`` if the FAS server +## used does not have a valid SSL certificate. +FAS_CHECK_CERT = True diff --git a/roles/elections/templates/fedora-elections.conf b/roles/elections/templates/fedora-elections.conf new file mode 100644 index 0000000000..bb82e10c0b --- /dev/null +++ b/roles/elections/templates/fedora-elections.conf @@ -0,0 +1,14 @@ +Alias /voting/static /usr/lib/python2.6/site-packages/fedora_elections/static + +WSGIDaemonProcess elections maximum-requests=1000 display-name=elections processes=4 threads=4 +WSGISocketPrefix run/wsgi +WSGIRestrictStdout On +WSGIRestrictSignal Off +WSGIPythonOptimize 1 + +WSGIScriptAlias /voting /var/www/elections.wsgi + + + WSGIProcessGroup elections + + diff --git a/roles/elections/templates/fedora-elections.wsgi b/roles/elections/templates/fedora-elections.wsgi new file mode 100644 index 0000000000..d995290dd0 --- /dev/null +++ b/roles/elections/templates/fedora-elections.wsgi @@ -0,0 +1,16 @@ +#-*- coding: utf-8 -*- + +# The three lines below are required to run on EL6 as EL6 has +# two possible version of python-sqlalchemy and python-jinja2 +# These lines make sure the application uses the correct version. +import __main__ +__main__.__requires__ = ['SQLAlchemy >= 0.7', 'jinja2 >= 2.4'] +import pkg_resources + +import os +# Set the environment variable pointing to the configuration file +os.environ['FEDORA_ELECTIONS_CONFIG'] = '/etc/fedora-elections/fedora-elections.cfg' + +# The most import line to make the wsgi working +from fedora_elections import APP as application +application.debug = True