diff --git a/playbooks/groups/notifs-web.yml b/playbooks/groups/notifs-web.yml index 96b1e0f23a..b910a689a5 100644 --- a/playbooks/groups/notifs-web.yml +++ b/playbooks/groups/notifs-web.yml @@ -37,8 +37,8 @@ - /srv/web/infra/ansible/roles/denyhosts - /srv/web/infra/ansible/roles/nagios_client - /srv/web/infra/ansible/roles/fas_client - #- /srv/web/infra/ansible/roles/notifs-frontend - /srv/web/infra/ansible/roles/fedmsg_base + - /srv/web/infra/ansible/roles/notifs-frontend tasks: - include: $tasks/hosts.yml diff --git a/roles/notifs-frontend/files/fmn.web.conf b/roles/notifs-frontend/files/fmn.web.conf new file mode 100644 index 0000000000..8dec863ca6 --- /dev/null +++ b/roles/notifs-frontend/files/fmn.web.conf @@ -0,0 +1,14 @@ +Alias /static /usr/share/fmn.web/static + +WSGIDaemonProcess fmn user=apache group=apache maximum-requests=1000 display-name=fmn processes=4 threads=4 +WSGISocketPrefix run/wsgi +WSGIRestrictStdout On +WSGIRestrictSignal Off +WSGIPythonOptimize 1 + +WSGIScriptAlias / /usr/share/fmn.web/fmn.web.wsgi + + + WSGIProcessGroup fmn + + diff --git a/roles/notifs-frontend/tasks/main.yml b/roles/notifs-frontend/tasks/main.yml new file mode 100644 index 0000000000..506f3f6647 --- /dev/null +++ b/roles/notifs-frontend/tasks/main.yml @@ -0,0 +1,25 @@ +--- +# Configuration for the Fedora Notifications webapp + +- name: install needed packages + yum: pkg={{ item }} state=installed + with_items: + - python-fmn-web + +- name: copy fmn app configuration + template: > + src={{ item }} dest=/etc/fedmsg.d/{{ item }} + owner=apache group=apache mode=0600 + with_items: + - fmn.web.py + notify: + - restart apache + +- name: copy fmn httpd config + copy: > + src={{ item }} dest=/etc/httpd/conf.d/{{ item }} + owner=apache group=apache mode=0644 + with_items: + - fmn.web.conf + notify: + - restart apache diff --git a/roles/notifs-frontend/templates/fmn.web.py b/roles/notifs-frontend/templates/fmn.web.py new file mode 100644 index 0000000000..eea55012d0 --- /dev/null +++ b/roles/notifs-frontend/templates/fmn.web.py @@ -0,0 +1,3 @@ +config = { + "fmn.sqlalchemy.uri": "postgresql://${notifs_db_user}:${notifs_db_password}@db-notifs/notifs", +} diff --git a/roles/notifs-frontend/templates/tahrir.ini b/roles/notifs-frontend/templates/tahrir.ini new file mode 100644 index 0000000000..960b175804 --- /dev/null +++ b/roles/notifs-frontend/templates/tahrir.ini @@ -0,0 +1,135 @@ +[pipeline:main] +pipeline = + moksha + tw2 + tahrir + +[filter:proxy-prefix] +use = egg:PasteDeploy#prefix +prefix = / +scheme = https + +[filter:tw2] +use = egg:tw2.core#middleware +script_name = / + +[filter:moksha] +use = egg:moksha.wsgi#middleware + +[app:tahrir] + +use = egg:tahrir + +filter-with = proxy-prefix + +#pyramid.reload_templates = true +pyramid.default_locale_name = en +pyramid.includes = + pyramid_tm + +sqlalchemy.url = postgresql://${tahrirDBUser}:${tahrirDBPassword}@db-tahrir/tahrir + +mako.directories=tahrir:templates + +tahrir.admin = ralph@fedoraproject.org, oddshocks@fedoraproject.org, puiterwijk@fedoraproject.org +tahrir.pngs.uri = /usr/share/badges/pngs + +dogpile.cache.backend = dogpile.cache.memcached +dogpile.cache.expiration_time = 10000 +dogpile.cache.arguments.url = memcached03:11211 +dogpile.cache.arguments.distributed_lock = True + + +{% if env == 'staging' %} +tahrir.title = Fedora Badges (staging!) +tahrir.base_url = https://badges.stg.fedoraproject.org +tahrir.openid_identifier = http://id.stg.fedoraproject.org/ +tahrir.openid_realm = https://badges.stg.fedoraproject.org +tahrir.websocket.topic = org.fedoraproject.stg.fedbadges.badge.award +{% else %} +tahrir.title = Fedora Badges +tahrir.base_url = https://badges.fedoraproject.org +tahrir.openid_identifier = http://id.fedoraproject.org/ +tahrir.openid_realm = https://badges.fedoraproject.org +tahrir.websocket.topic = org.fedoraproject.prod.fedbadges.badge.award +{% endif %} +tahrir.secure_cookies = True +tahrir.allow_changenick = False + +# Only allow @fedoraproject.org emails +tahrir.use_openid_email = False + +# For auto-updating the frontpage. +tahrir.use_websockets = True + +# For emitting messages when users claim badge invitations. +tahrir.use_fedmsg = True + +tahrir.default_issuer = fedora-project +tahrir.sitedocs_dir = /usr/share/badges/sitedocs/ + +tahrir.social.twitter = True +tahrir.social.twitter_user_text = Check out all these #fedorabadges :trophy: +tahrir.social.twitter_user_hash = #fedora +tahrir.social.gplus = True + + +session.secret="${tahrirSessionSecret}" +authnsecret="${tahrirAuthnSecret}" + +moksha.domain = fedoraproject.org + +moksha.notifications = False +moksha.socket.notify = False + +moksha.livesocket = True +moksha.livesocket.backend = websocket +moksha.livesocket.reconnect_interval = 5000 +moksha.livesocket.websocket.scheme = wss +moksha.livesocket.websocket.port = 9939 +{% if env == 'staging' %} +moksha.livesocket.websocket.host = stg.fedoraproject.org +{% else %} +moksha.livesocket.websocket.host = hub.fedoraproject.org +{% endif %} + + + +# Begin logging configuration + +[loggers] +keys = root, tahrir, sqlalchemy + +[handlers] +keys = console + +[formatters] +keys = generic + +[logger_root] +level = INFO +handlers = console + +[logger_tahrir] +level = DEBUG +handlers = +qualname = tahrir + +[logger_sqlalchemy] +level = WARN +handlers = +qualname = sqlalchemy.engine +# "level = INFO" logs SQL queries. +# "level = DEBUG" logs SQL queries and results. +# "level = WARN" logs neither. (Recommended for production systems.) + +[handler_console] +class = StreamHandler +args = (sys.stderr,) +level = NOTSET +formatter = generic + +[formatter_generic] +format = %(asctime)s %(levelname)-5.5s [%(name)s][%(threadName)s] %(message)s + +# End logging configuration