diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..fb61b22 --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,30 @@ +# From: +# https://github.com/ansible/ansible/blob/devel/examples/ansible.cfg + +[defaults] + +#Default inventory path +inventory = ./inventory + +# (as of 1.8), Ansible can optionally warn when usage of the shell and +# command module appear to be simplified by using a default Ansible module +# instead. +# in case you want to use command anyway you can silent it for specific usage: +# - name: usage of git that could be replaced with the git module +# shell: git update foo +# warn: no +command_warnings = True + +# Do not check host keys +host_key_checking = False + +[ssh_connection] +# pipelining +# Improves performance of execution +# Must be False for compatibility with sudoers (user postgres on rhel7) - role remote db +# +# Ansible page: +# This can result in a very significant performance improvement when enabled, +# however when using “sudo:” operations you must first disable ‘requiretty’ in /etc/sudoers on all managed hosts. + +pipelining = False diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..408e3b9 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,18 @@ +--- +dnf_pkg: + - git-core + - make + - gcc + - python-devel + - python-pip + - python-psycopg2 + - openssl-devel + - libselinux-python + +pgsql_pkg: + - postgresql96 + - postgresql96-devel + - postgresql96-contrib + - postgresql96-server + +pgsql_dbname: pycon-prod diff --git a/db_backup.sh.py b/files/db_backup.sh similarity index 100% rename from db_backup.sh.py rename to files/db_backup.sh diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..98931b8 --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,4 @@ +- name: restart postgresql + service: + name: postgresql + state: restarted diff --git a/inventory b/inventory new file mode 100644 index 0000000..10b0645 --- /dev/null +++ b/inventory @@ -0,0 +1,2 @@ +[infranode] +localhost diff --git a/playbook.yml b/playbook.yml deleted file mode 100644 index bca3ecb..0000000 --- a/playbook.yml +++ /dev/null @@ -1,109 +0,0 @@ - -- hosts: localhost - tasks: - - - name: Install Fedora packages - dnf: name={{ item }} - with_items: - - git-core - - make - - gcc - - python-devel - - python-pip - - python-psycopg2 - - openssl-devel - - libselinux-python - - - name: Install postgresql - dnf: name={{ item }} - with_items: - - postgresql96 - - postgresql96-devel - - postgresql96-contrib - - postgresql96-server - - - name: Initiate database - command: service postgresql initdb - creates=/var/lib/pgsql/9.6/data/postgresql.conf - - - name: Start PostgreSQL and enable at boot - service: name=postgresql - enabled=yes - state=started - - - name: Ensure PostgreSQL is listening on all localhost - lineinfile: dest=/var/lib/pgsql/9.6/data/postgresql.conf - regexp='^#?listen_addresses\s*=' - line="listen_addresses = '127.0.0.1'" - state=present - notify: restart postgresql - - - lineinfile: dest=/var/lib/pgsql/9.6/data/pg_hba.conf - regexp='host\s+all\s+all\s+127.0.0.1/32\s+md5' - line='host all all 127.0.0.1/32 md5' - insertbefore=BOF - notify: restart postgresql - - - name: Give the vagrant user permission to database - postgresql_user: name=vagrant role_attr_flags=SUPERUSER - become: yes - become_user: postgres - - - name: Upgrade virtualenv to latest version - shell: '[ -x /usr/local/bin/virtualenv ] || pip install -U virtualenv' - - - name: Install app dependencies in a virtualenv - pip: - requirements=/vagrant/requirements.txt - virtualenv=/home/vagrant - become: yes - become_user: vagrant - - - name: Make "vagrant" shell auto-activate the virtual environment - lineinfile: - dest=/home/vagrant/.bashrc - line='source $HOME/bin/activate' - - - name: Create pycon-prod database role to avoid errors during prod import - become: yes - become_user: postgres - postgresql_user: db=template1 name=pycon-prod - - - name: Create application database "pycon" - become: yes - become_user: postgres - register: database_creation - postgresql_db: name=pycon - encoding=UTF8 - lc_collate=en_US.UTF-8 - lc_ctype=en_US.UTF-8 - template=template0 - - - name: Migrate the application database if we just created it - become: yes - become_user: vagrant - when: database_creation | changed - shell: /home/vagrant/bin/python manage.py migrate - chdir=/vagrant - - - name: Copy db backup script and make it executable - become: yes - become_user: vagrant - command: cp db_backup.sh /home/vagrant/db_backup.sh - chmod +x /home/vagrant/db_backup.sh - - - name: Add cron for db backup - become: yes - become_user: vagrant - cron: minute="0" - hour="5,2" - job="/home/vagrant/db_backup.sh" - - - name: Make bash history more sane - lineinfile: - dest: /home/vagrant/.bashrc - line: 'HISTCONTROL=erasedups; unset HISTFILE' - - handlers: - - name: restart postgresql - service: name=postgresql state=restarted diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..aa57e54 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,107 @@ +- name: Install Fedora packages + package: + name: "{{ item }}" + with_items: "{{ dnf_pkg }}" + +- name: Install postgresql + package: + name: "{{ item }}" + state: present + with_items: "{{ pgsql_pkg }}" + +- name: Initiate database + command: service postgresql initdb + creates=/var/lib/pgsql/9.6/data/postgresql.conf + +- name: enable pgsql service + service: + name: postgresql + enabled: yes + +- name: start pgsql service + service: + name: postgresql + state: started + +- name: Ensure PostgreSQL is listening on all localhost + lineinfile: dest=/var/lib/pgsql/9.6/data/postgresql.conf + regexp='^#?listen_addresses\s*=' + line="listen_addresses = '127.0.0.1'" + state=present + notify: restart postgresql + +- lineinfile: dest=/var/lib/pgsql/9.6/data/pg_hba.conf + regexp='host\s+all\s+all\s+127.0.0.1/32\s+md5' + line='host all all 127.0.0.1/32 md5' + insertbefore=BOF + notify: restart postgresql + +- name: Give the vagrant user permission to database + postgresql_user: name=vagrant role_attr_flags=SUPERUSER + become: yes + become_user: postgres + +- name: Upgrade virtualenv to latest version + shell: '[ -x /usr/local/bin/virtualenv ] || pip install -U virtualenv' + +- name: Install app dependencies in a virtualenv + pip: + requirements=/vagrant/requirements.txt + virtualenv=/home/vagrant + become: yes + become_user: vagrant + +- name: Make "vagrant" shell auto-activate the virtual environment + lineinfile: + dest=/home/vagrant/.bashrc + line='source $HOME/bin/activate' + +- name: Create pycon-prod database role to avoid errors during prod import + become: yes + become_user: postgres + postgresql_user: db=template1 name="{{ pgsql_dbname }}" + +- name: ensure database is created + become: yes + become_user: postgres + postgresql_db: + name: "{{ pgsql_dbname }}" + +- name: Create application database "pycon" + become: yes + become_user: postgres + register: database_creation + postgresql_db: name=pycon + encoding=UTF8 + lc_collate=en_US.UTF-8 + lc_ctype=en_US.UTF-8 + template=template0 + +- name: Migrate the application database if we just created it + become: yes + become_user: vagrant + when: database_creation | changed + shell: /home/vagrant/bin/python manage.py migrate + chdir=/vagrant + +- name: Copy db backup script and make it executable + become: yes + become_user: vagrant + copy: + src: db_backup.sh + dest: /home/vagrant/db_backup.sh + owner: vagrant + group: vagrant + mode: 0755 + +- name: Add cron for db backup + become: yes + become_user: vagrant + cron: minute="0" + hour="5,2" + job="/home/vagrant/db_backup.sh" + +- name: Make bash history more sane + lineinfile: + dest: /home/vagrant/.bashrc + line: 'HISTCONTROL=erasedups; unset HISTFILE'