+++ /dev/null
-# Set any ansible.cfg overrides in this file.
-# See: https://docs.ansible.com/ansible/intro_configuration.html#explanation-of-values-by-section
+++ /dev/null
-version: "2"
-defaults:
- database_name: mezzanine
- database_user: mezzanine
- database_password: mezzanine
- database_host: postgres
- database_port: 5432
-
-services:
- # nginx:
- # image: nginx:1.11
- mezzanine:
- image: ubuntu:xenial
- expose:
- - "80"
- ports:
- - "8000:80"
- # dev_overrides:
- # depends_on:
- # - postgres
- # memcached:
- # image: ubuntu:xenial
- # expose:
- # - "11211"
- # ports:
- # - "11211:11211"
- # command: [-m, "128"]
- # entrypoint: memcached
- # user: daemon
- # postgres:
- # image: postgres:9.6
- # expose:
- # - "{{ database_port }}"
- # ports:
- # - "{{ database_port }}:{{ database_port }}"
- # environment:
- # POSTGRES_USER: "{{ database_user }}"
- # POSTGRES_PASSWORD: "{{ database_password }}"
-
- # Add your containers here, specifying the base image you want to build from
- # For example:
- #
- # web:
- # image: ubuntu:trusty
- # ports:
- # - "80:80"
- # command: ['/usr/bin/dumb-init', '/usr/sbin/apache2ctl', '-D', 'FOREGROUND']
- # dev_overrides:
- # environment:
- # - "DEBUG=1"
- #
-registries: {}
- # Add optional registries used for deployment. For example:
- # google:
- # url: https://gcr.io
- # namespace: my-cool-project-xxxxxx
+++ /dev/null
-# This should be your Ansible playbooks to provision your containers.
-# An inventory will be automatically created using the names of the services
-# from your container.yml file.
-# Add any roles or other modules you'll need to this directory too.
-# For many examples of roles, check out Ansible Galaxy: https://galaxy.ansible.com/
-#
----
-- hosts: memcached
- gather_facts: false
- pre_tasks:
- - name: update apt cache
- raw: apt-get update
- - name: install python
- raw: apt-get -y install python
- roles:
- - memcached
-
-- hosts: mezzanine
- gather_facts: false
- pre_tasks:
- - name: update apt cache
- raw: apt-get update
- - name: install python
- raw: apt-get -y install python
- roles:
- - role: mezzanine
+++ /dev/null
-galaxy_info:
- author: Lorin Hochstein
- description: Example Mezzanine app
-
- # If the issue tracker for your role is not on GitHub, uncomment the
- # next line and provide a value
- # issue_tracker_url:
-
- # Some suggested licenses:
- # - BSD (default)
- # - MIT
- # - GPLv2
- # - GPLv3
- # - Apache
- # - CC-BY
- license: Apache
-
- min_ansible_container_version: 0.3.0-pre
-
- # Optionally specify the branch Galaxy will use when accessing the GitHub
- # repo for this role. During role install, if no tags are available,
- # Galaxy will use this branch. During import Galaxy will access files on
- # this branch. If travis integration is cofigured, only notification for this
- # branch will be accepted. Otherwise, in all cases, the repo's default branch
- # (usually master) will be used.
- #github_branch:
-
- tags: []
- # List tags for your app here, one per line. A tag is a keyword that describes and categorizes the app.
- # Users will find your app by searching for tags. Be sure to remove the '[]' above.
- #
- # NOTE: A tag is limited to a single word comprised of alphanumeric characters. Maximum 20 tags.
+++ /dev/null
-# These are the python requirements for your Ansible Container builder.
-# You do not need to include Ansible itself in this file.
-docker-py==1.10.6
\ No newline at end of file
+++ /dev/null
-# Install Ansible Roles
-# ---------------------
-# When the build process starts `ansible-galaxy install -r requirements.yml` is executed
-# using this file. Follow the instructions at http://docs.ansible.com/ansible/galaxy.html
-# to include any roles you want intalled prior to running main.yml.
\ No newline at end of file
+++ /dev/null
----
-- name: install memcached
- apt: name=memcached
+++ /dev/null
----
-tls_enabled: True
+++ /dev/null
----
-- name: restart supervisor
- supervisorctl: name=gunicorn_mezzanine state=restarted
-- name: restart nginx
- service: name=nginx state=restarted
+++ /dev/null
-- name: create a logs directory
- file: path="{{ mezzanine_root_dir }}/logs" state=directory
-- name: check out the repository on the host
- git: repo={{ mezzanine_repo_url }} dest={{ mezzanine_proj_path }} accept_hostkey=yes
-- name: install Python requirements globally via pip
- pip: name={{ item }} state=latest
- with_items:
- - pip
- - virtualenv
- - virtualenvwrapper
-- name: install required python packages
- pip: name={{ item }} virtualenv={{ mezzanine_venv_path }}
- with_items:
- - gunicorn
- - setproctitle
- - psycopg2
- - django-compressor
- - python-memcached
-- name: install requirements.txt
- pip: >
- requirements={{ mezzanine_proj_path }}/{{ mezzanine_reqs_path }}
- virtualenv={{ mezzanine_venv_path }}
-- name: generate the settings file
- template: src=local_settings.py.j2 dest={{ mezzanine_settings_path }}/local_settings.py
-- name: apply migrations to create the database, collect static content
- django_manage:
- command: "{{ item }}"
- app_path: "{{ mezzanine_proj_path }}"
- virtualenv: "{{ mezzanine_venv_path }}"
- with_items:
- - migrate
- - collectstatic
-- name: set the site id
- script: scripts/setsite.py
- environment:
- PATH: "{{ mezzanine_venv_path }}/bin"
- PROJECT_DIR: "{{ mezzanine_proj_path }}"
- PROJECT_APP: "{{ mezzanine_proj_app }}"
- WEBSITE_DOMAIN: "{{ live_hostname }}"
-- name: set the admin password
- script: scripts/setadmin.py
- environment:
- PATH: "{{ mezzanine_venv_path }}/bin"
- PROJECT_DIR: "{{ mezzanine_proj_path }}"
- PROJECT_APP: "{{ mezzanine_proj_app }}"
- ADMIN_PASSWORD: "{{ admin_pass }}"
-- name: set the gunicorn config file
- template: src=gunicorn.conf.py.j2 dest={{ mezzanine_proj_path }}/gunicorn.conf.py
-- name: set the supervisor config file
- template: src=supervisor.conf.j2 dest=/etc/supervisor/conf.d/mezzanine.conf
- notify: restart supervisor
-- name: ensure config path exists
- file: path={{ mezzanine_conf_path }} state=directory
- when: tls_enabled
-- name: install poll twitter cron job
- cron: >
- name="poll twitter" minute="*/5" user={{ mezzanine_user }}
- job="{{ mezzanine_manage }} poll_twitter"
+++ /dev/null
----
-- name: install apt packages
- apt: pkg={{ item }}
- with_items:
- - git
- - libjpeg-dev
- - libpq-dev
- - memcached
- - nginx
- - python-dev
- - python-pip
- - python-psycopg2
- - python-setuptools
- - python-virtualenv
- - supervisor
-- include: django.yml
-- include: nginx.yml
+++ /dev/null
-- name: set the nginx config file
- template: src=nginx.conf.j2 dest=/etc/nginx/sites-available/mezzanine.conf
- notify: restart nginx
-- name: enable the nginx config file
- file:
- src: /etc/nginx/sites-available/mezzanine.conf
- dest: /etc/nginx/sites-enabled/mezzanine.conf
- state: link
- notify: restart nginx
-- name: remove the default nginx config file
- file: path=/etc/nginx/sites-enabled/default state=absent
- notify: restart nginx
-- name: create ssl certificates
- command: >
- openssl req -new -x509 -nodes -out {{ mezzanine_proj_name }}.crt
- -keyout {{ mezzanine_proj_name }}.key -subj '/CN={{ domains[0] }}' -days 3650
- chdir={{ mezzanine_conf_path }}
- creates={{ mezzanine_conf_path }}/{{ mezzanine_proj_name }}.crt
- when: tls_enabled
- notify: restart nginx
+++ /dev/null
-from __future__ import unicode_literals
-import multiprocessing
-
-bind = "unix:{{ mezzanine_proj_path }}/gunicorn.sock"
-workers = {{ mezzanine_num_workers }}
-errorlog = "/home/{{ mezzanine_user }}/logs/{{ mezzanine_proj_name }}_error.log"
-loglevel = "error"
-proc_name = "{{ mezzanine_proj_name }}"
+++ /dev/null
-from __future__ import unicode_literals
-
-SECRET_KEY = "{{ secret_key }}"
-NEVERCACHE_KEY = "{{ nevercache_key }}"
-ALLOWED_HOSTS = [{{ domains|surround_by_quote|join(", ") }}]
-
-DATABASES = {
- "default": {
- # Ends with "postgresql_psycopg2", "mysql", "sqlite3" or "oracle".
- "ENGINE": "django.db.backends.postgresql_psycopg2",
- # DB name or path to database file if using sqlite3.
- "NAME": "{{ mezzanine_proj_name }}",
- # Not used with sqlite3.
- "USER": "{{ database_user }}",
- # Not used with sqlite3.
- "PASSWORD": "{{ db_pass }}",
- # Set to empty string for localhost. Not used with sqlite3.
- "HOST": "{{ database_host | default("localhost") }}",
- # Set to empty string for default. Not used with sqlite3.
- "PORT": "{{ database_port }}",
- }
-}
-
-SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTOCOL", "https")
-
-CACHE_MIDDLEWARE_SECONDS = 60
-
-CACHE_MIDDLEWARE_KEY_PREFIX = "{{ mezzanine_proj_name }}"
-
-CACHES = {
- "default": {
- "BACKEND": "django.core.cache.backends.memcached.MemcachedCache",
- "LOCATION": "127.0.0.1:11211",
- }
-}
-
-SESSION_ENGINE = "django.contrib.sessions.backends.cache"
-
-TWITTER_ACCESS_TOKEN_KEY = "{{ twitter_access_token_key }}"
-TWITTER_ACCESS_TOKEN_SECRET = "{{ twitter_access_token_secret }}"
-TWITTER_CONSUMER_KEY = "{{ twitter_consumer_key }}"
-TWITTER_CONSUMER_SECRET = "{{ twitter_consumer_secret }}"
-TWITTER_DEFAULT_QUERY = "from:ansiblebook"
+++ /dev/null
-from __future__ import unicode_literals
-
-SECRET_KEY = "{{ secret_key }}"
-NEVERCACHE_KEY = "{{ nevercache_key }}"
-ALLOWED_HOSTS = [{% for domain in domains %}"{{ domain }}",{% endfor %}]
-
-DATABASES = {
- "default": {
- # Ends with "postgresql_psycopg2", "mysql", "sqlite3" or "oracle".
- "ENGINE": "django.db.backends.postgresql_psycopg2",
- # DB name or path to database file if using sqlite3.
- "NAME": "{{ mezzanine_proj_name }}",
- # Not used with sqlite3.
- "USER": "{{ database_user }}",
- # Not used with sqlite3.
- "PASSWORD": "{{ db_pass }}",
- # Set to empty string for localhost. Not used with sqlite3.
- "HOST": "{{ database_host | default("localhost") }}",
- # Set to empty string for default. Not used with sqlite3.
- "PORT": "{{ database_port }}",
- }
-}
-
-SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTOCOL", "https")
-
-CACHE_MIDDLEWARE_SECONDS = 60
-
-CACHE_MIDDLEWARE_KEY_PREFIX = "{{ mezzanine_proj_name }}"
-
-CACHES = {
- "default": {
- "BACKEND": "django.core.cache.backends.memcached.MemcachedCache",
- "LOCATION": "127.0.0.1:11211",
- }
-}
-
-SESSION_ENGINE = "django.contrib.sessions.backends.cache"
-
-TWITTER_ACCESS_TOKEN_KEY = "{{ twitter_access_token_key }}"
-TWITTER_ACCESS_TOKEN_SECRET = "{{ twitter_access_token_secret }}"
-TWITTER_CONSUMER_KEY = "{{ twitter_consumer_key }}"
-TWITTER_CONSUMER_SECRET = "{{ twitter_consumer_secret }}"
-TWITTER_DEFAULT_QUERY = "from:ansiblebook"
+++ /dev/null
-upstream {{ mezzanine_proj_name }} {
- server unix:{{ mezzanine_proj_path }}/gunicorn.sock fail_timeout=0;
-}
-
-server {
-
- listen 80;
-
- {% if tls_enabled %}
- listen 443 ssl;
- {% endif %}
- server_name {{ domains|join(", ") }};
- client_max_body_size 10M;
- keepalive_timeout 15;
-
- {% if tls_enabled %}
- ssl_certificate conf/{{ mezzanine_proj_name }}.crt;
- ssl_certificate_key conf/{{ mezzanine_proj_name }}.key;
- ssl_session_cache shared:SSL:10m;
- ssl_session_timeout 10m;
- ssl_ciphers CDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
- ssl_prefer_server_ciphers on;
- {% endif %}
-
- location / {
- proxy_redirect off;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Protocol $scheme;
- proxy_pass http://{{ mezzanine_proj_name }};
- }
-
- location /static/ {
- root {{ mezzanine_proj_path }};
- access_log off;
- log_not_found off;
- }
-
- location /robots.txt {
- root {{ mezzanine_proj_path }}/static;
- access_log off;
- log_not_found off;
- }
-
- location /favicon.ico {
- root {{ mezzanine_proj_path }}/static/img;
- access_log off;
- log_not_found off;
- }
-}
+++ /dev/null
-[program:{{ mezzanine_gunicorn_procname }}]
-command={{ mezzanine_venv_path }}/bin/gunicorn -c gunicorn.conf.py -p gunicorn.pid {{ mezzanine_proj_app }}.wsgi:application
-directory={{ mezzanine_proj_path }}
-user={{ mezzanine_user }}
-autostart=true
-stdout_logfile=/home/{{ mezzanine_user }}/logs/{{ mezzanine_proj_name }}_supervisor
-autorestart=true
-redirect_stderr=true
-environment=LANG="{{ locale }}",LC_ALL="{{ locale }}",LC_LANG="{{ locale }}"
+++ /dev/null
----
-# vars file for mezzanine
-mezzanine_root_dir: /srv
-mezzanine_proj_app: mezzanine_example
-mezzanine_proj_name: "{{ mezzanine_proj_app }}"
-mezzanine_user: "{{ ansible_user }}"
-mezzanine_venv_home: "{{ mezzanine_root_dir }}/.virtualenvs"
-mezzanine_venv_path: "{{ mezzanine_venv_home }}/{{ mezzanine_proj_name }}"
-mezzanine_repo_url: https://github.com/ansiblebook/mezzanine_example.git
-mezzanine_proj_path: "{{ mezzanine_root_dir }}/mezzanine/{{ mezzanine_proj_name }}"
-mezzanine_settings_path: "{{ mezzanine_proj_path }}/{{ mezzanine_proj_name }}"
-mezzanine_reqs_path: requirements.txt
-mezzanine_conf_path: /etc/nginx/conf
-mezzanine_python: "{{ mezzanine_venv_path }}/bin/python"
-mezzanine_manage: "{{ mezzanine_python }} {{ mezzanine_proj_path }}/manage.py"
-mezzanine_num_workers: "multiprocessing.cpu_count() * 2 + 1"
-mezzanine_gunicorn_procname: gunicorn_mezzanine
-locale: en_US.UTF-8
-
-# Eventually, we will pass these as env vars
-database_name: mezzanine
-database_user: mezzanine
-database_port: 5432
-db_pass: mezzanine
-secret_key: b495a05c396843b6b47ac944a72c92ed
-nevercache_key: b5d87bb4e17c483093296fa321056bdc
-twitter_access_token_key: 80b557a3a8d14cb7a2b91d60398fb8ce
-twitter_access_token_secret: 1974cf8419114bdd9d4ea3db7a210d90
-twitter_consumer_key: 1f1c627530b34bb58701ac81ac3fad51
-twitter_consumer_secret: 36515c2b60ee4ffb9d33d972a7ec350a
-live_hostname: localhost
-domains:
- - localhost
- - 127.0.0.1
git://git.halfball.org / ansiblebook.git / commitdiff