From 7ccba5a4e3a4af3455bd1fc88af1e8c123d9d89b Mon Sep 17 00:00:00 2001 From: Valmik Jangla Date: Wed, 27 Jul 2016 13:10:52 +0530 Subject: [PATCH] Added support for Debian --- installer/playbooks/install_dependencies.yml | 99 ----------------- .../bash_screen_wall/files/screen_wall.sh | 8 -- .../roles/bash_screen_wall/tasks/main.yml | 3 - .../roles/dns_caching/handlers/main.yml | 3 - .../roles/dns_caching/tasks/main.yml | 7 -- installer/playbooks/roles/epel/README.md | 42 -------- .../playbooks/roles/epel/defaults/main.yml | 9 -- installer/playbooks/roles/epel/meta/main.yml | 18 ---- installer/playbooks/roles/epel/tasks/main.yml | 10 -- .../roles/fail2ban/defaults/main.yml | 2 - .../roles/fail2ban/handlers/main.yml | 3 - .../playbooks/roles/fail2ban/tasks/main.yml | 21 ---- .../templates/nginx-proxy-filter.conf.j2 | 10 -- .../templates/nginx-proxy-jail.conf.j2 | 8 -- .../frappe_selinux/files/frappe_selinux.te | 32 ------ .../roles/frappe_selinux/tasks/main.yml | 21 ---- .../playbooks/roles/locale/defaults/main.yml | 2 - .../playbooks/roles/locale/tasks/main.yml | 12 --- .../roles/logwatch/defaults/main.yml | 3 - .../playbooks/roles/logwatch/tasks/main.yml | 6 -- .../roles/logwatch/templates/logwatch.conf.j2 | 2 - installer/playbooks/roles/mariadb/README.md | 64 ----------- .../playbooks/roles/mariadb/defaults/main.yml | 8 -- .../playbooks/roles/mariadb/handlers/main.yml | 3 - .../playbooks/roles/mariadb/meta/main.yml | 19 ---- .../playbooks/roles/mariadb/tasks/centos.yml | 12 --- .../playbooks/roles/mariadb/tasks/main.yml | 18 ---- .../tasks/mysql_secure_installation.yml | 59 ---------- .../playbooks/roles/mariadb/tasks/ubuntu.yml | 23 ---- .../mariadb/templates/mariadb_centos.repo.j2 | 7 -- .../mariadb/templates/mariadb_ubuntu.list.j2 | 4 - .../roles/mariadb/templates/my.cnf.j2 | 3 - .../playbooks/roles/mariadb/vars/main.yml | 4 - installer/playbooks/roles/nginx/.travis.yml | 35 ------ installer/playbooks/roles/nginx/README.md | 82 -------------- .../playbooks/roles/nginx/defaults/main.yml | 47 -------- .../playbooks/roles/nginx/handlers/main.yml | 3 - installer/playbooks/roles/nginx/meta/main.yml | 23 ---- .../playbooks/roles/nginx/tasks/main.yml | 31 ------ .../roles/nginx/tasks/setup-Debian.yml | 6 -- .../roles/nginx/tasks/setup-RedHat.yml | 11 -- .../playbooks/roles/nginx/tasks/vhosts.yml | 22 ---- .../roles/nginx/templates/nginx.conf.j2 | 51 --------- .../roles/nginx/templates/nginx.repo.j2 | 5 - .../playbooks/roles/nginx/templates/vhosts.j2 | 24 ----- .../playbooks/roles/nginx/tests/inventory | 1 - .../playbooks/roles/nginx/tests/test.yml | 5 - .../playbooks/roles/nginx/vars/Debian.yml | 4 - .../playbooks/roles/nginx/vars/RedHat.yml | 4 - installer/playbooks/roles/ntpd/tasks/main.yml | 9 -- .../playbooks/roles/swap/defaults/main.yml | 1 - installer/playbooks/roles/swap/tasks/main.yml | 18 ---- .../roles/wkhtmltopdf/defaults/main.yml | 1 - .../roles/wkhtmltopdf/tasks/main.yml | 32 ------ .../playbooks/templates/mariadb_config.cnf | 60 ----------- installer/playbooks/templates/nginx.conf | 59 ---------- playbooks/develop/create_user.yml | 4 +- playbooks/develop/debian.yml | 101 ++++++++++++++++++ playbooks/develop/includes/mariadb_debian.yml | 27 +++++ playbooks/develop/includes/setup_mariadb.yml | 16 +-- playbooks/develop/install.yml | 3 + playbooks/develop/ubuntu.yml | 2 +- .../production/includes/setup_prod_env.yml | 22 +++- .../production/templates/default_nginx.j2 | 2 +- 64 files changed, 162 insertions(+), 1094 deletions(-) delete mode 100644 installer/playbooks/install_dependencies.yml delete mode 100644 installer/playbooks/roles/bash_screen_wall/files/screen_wall.sh delete mode 100644 installer/playbooks/roles/bash_screen_wall/tasks/main.yml delete mode 100644 installer/playbooks/roles/dns_caching/handlers/main.yml delete mode 100644 installer/playbooks/roles/dns_caching/tasks/main.yml delete mode 100644 installer/playbooks/roles/epel/README.md delete mode 100644 installer/playbooks/roles/epel/defaults/main.yml delete mode 100644 installer/playbooks/roles/epel/meta/main.yml delete mode 100644 installer/playbooks/roles/epel/tasks/main.yml delete mode 100644 installer/playbooks/roles/fail2ban/defaults/main.yml delete mode 100644 installer/playbooks/roles/fail2ban/handlers/main.yml delete mode 100644 installer/playbooks/roles/fail2ban/tasks/main.yml delete mode 100644 installer/playbooks/roles/fail2ban/templates/nginx-proxy-filter.conf.j2 delete mode 100644 installer/playbooks/roles/fail2ban/templates/nginx-proxy-jail.conf.j2 delete mode 100644 installer/playbooks/roles/frappe_selinux/files/frappe_selinux.te delete mode 100644 installer/playbooks/roles/frappe_selinux/tasks/main.yml delete mode 100644 installer/playbooks/roles/locale/defaults/main.yml delete mode 100644 installer/playbooks/roles/locale/tasks/main.yml delete mode 100644 installer/playbooks/roles/logwatch/defaults/main.yml delete mode 100644 installer/playbooks/roles/logwatch/tasks/main.yml delete mode 100644 installer/playbooks/roles/logwatch/templates/logwatch.conf.j2 delete mode 100644 installer/playbooks/roles/mariadb/README.md delete mode 100644 installer/playbooks/roles/mariadb/defaults/main.yml delete mode 100644 installer/playbooks/roles/mariadb/handlers/main.yml delete mode 100644 installer/playbooks/roles/mariadb/meta/main.yml delete mode 100644 installer/playbooks/roles/mariadb/tasks/centos.yml delete mode 100644 installer/playbooks/roles/mariadb/tasks/main.yml delete mode 100644 installer/playbooks/roles/mariadb/tasks/mysql_secure_installation.yml delete mode 100644 installer/playbooks/roles/mariadb/tasks/ubuntu.yml delete mode 100644 installer/playbooks/roles/mariadb/templates/mariadb_centos.repo.j2 delete mode 100644 installer/playbooks/roles/mariadb/templates/mariadb_ubuntu.list.j2 delete mode 100644 installer/playbooks/roles/mariadb/templates/my.cnf.j2 delete mode 100644 installer/playbooks/roles/mariadb/vars/main.yml delete mode 100644 installer/playbooks/roles/nginx/.travis.yml delete mode 100644 installer/playbooks/roles/nginx/README.md delete mode 100644 installer/playbooks/roles/nginx/defaults/main.yml delete mode 100644 installer/playbooks/roles/nginx/handlers/main.yml delete mode 100644 installer/playbooks/roles/nginx/meta/main.yml delete mode 100644 installer/playbooks/roles/nginx/tasks/main.yml delete mode 100644 installer/playbooks/roles/nginx/tasks/setup-Debian.yml delete mode 100644 installer/playbooks/roles/nginx/tasks/setup-RedHat.yml delete mode 100644 installer/playbooks/roles/nginx/tasks/vhosts.yml delete mode 100644 installer/playbooks/roles/nginx/templates/nginx.conf.j2 delete mode 100644 installer/playbooks/roles/nginx/templates/nginx.repo.j2 delete mode 100644 installer/playbooks/roles/nginx/templates/vhosts.j2 delete mode 100644 installer/playbooks/roles/nginx/tests/inventory delete mode 100644 installer/playbooks/roles/nginx/tests/test.yml delete mode 100644 installer/playbooks/roles/nginx/vars/Debian.yml delete mode 100644 installer/playbooks/roles/nginx/vars/RedHat.yml delete mode 100644 installer/playbooks/roles/ntpd/tasks/main.yml delete mode 100644 installer/playbooks/roles/swap/defaults/main.yml delete mode 100644 installer/playbooks/roles/swap/tasks/main.yml delete mode 100644 installer/playbooks/roles/wkhtmltopdf/defaults/main.yml delete mode 100644 installer/playbooks/roles/wkhtmltopdf/tasks/main.yml delete mode 100644 installer/playbooks/templates/mariadb_config.cnf delete mode 100644 installer/playbooks/templates/nginx.conf mode change 100644 => 100755 playbooks/develop/create_user.yml create mode 100644 playbooks/develop/debian.yml create mode 100644 playbooks/develop/includes/mariadb_debian.yml mode change 100644 => 100755 playbooks/develop/includes/setup_mariadb.yml diff --git a/installer/playbooks/install_dependencies.yml b/installer/playbooks/install_dependencies.yml deleted file mode 100644 index 990478bf..00000000 --- a/installer/playbooks/install_dependencies.yml +++ /dev/null @@ -1,99 +0,0 @@ ---- - - name: Install dependencies - hosts: localhost - become: yes - become_user: root - vars: - - mysql_conf_tpl: ../templates/mariadb_config.cnf - - nginx_conf_file: ../templates/nginx.conf - - mysql_secure_installation: True - roles: - - locale - - swap - - mariadb - - { role: epel, when: "ansible_os_family == 'RedHat'" } - - nginx - - logwatch - - fail2ban - - bash_screen_wall - - frappe_selinux - - dns_caching - - wkhtmltopdf - - ntpd - tasks: - - name: Set hostname - hostname: name='{{ hostname }}' - - name: Install the 'Development tools' package group (Redhat) - yum: name="@Development tools" state=present - when: ansible_os_family == 'RedHat' - - name: Install packages - yum: name={{ item }} state=present - with_items: - - bzip2-devel - - cronie - - freetype-devel - - git - - lcms2-devel - - libjpeg-devel - - libtiff-devel - - libwebp-devel - - libXext - - libXrender - - libzip-devel - - nodejs - - npm - - openssl-devel - - postfix - - python-devel - - python-pip - - redis - - screen - - sudo - - supervisor - - tcl-devel - - tk-devel - - vim - - which - - xorg-x11-fonts-75dpi - - xorg-x11-fonts-Type1 - - zlib-devel - when: ansible_os_family == 'RedHat' - - name: Install packages - apt: pkg={{ item }} state=present force=yes - with_items: - - build-essential - - fontconfig - - git - - htop - - libcrypto++-dev - - - libfreetype6-dev - - libjpeg8-dev - - liblcms2-dev - - libssl-dev - - libtiff5-dev - - libwebp-dev - - libxext6 - - libxrender1 - - libxslt1-dev - - libxslt1.1 - - tcl8.6-dev - - tk8.6-dev - - zlib1g-dev - - libopenjpeg-dev - - - nodejs - - npm - - ntp - - postfix - - python-dev - - python-pip - - python-tk - - redis-server - - screen - - supervisor - - vim - - xfonts-75dpi - - xfonts-base - - when: ansible_os_family == 'Debian' diff --git a/installer/playbooks/roles/bash_screen_wall/files/screen_wall.sh b/installer/playbooks/roles/bash_screen_wall/files/screen_wall.sh deleted file mode 100644 index dec411e2..00000000 --- a/installer/playbooks/roles/bash_screen_wall/files/screen_wall.sh +++ /dev/null @@ -1,8 +0,0 @@ -if [ $TERM != 'screen' ] -then - PS1='HEY! USE SCREEN '$PS1 -fi - -sw() { - screen -x $1 || screen -S $1 -} diff --git a/installer/playbooks/roles/bash_screen_wall/tasks/main.yml b/installer/playbooks/roles/bash_screen_wall/tasks/main.yml deleted file mode 100644 index 338b6fbc..00000000 --- a/installer/playbooks/roles/bash_screen_wall/tasks/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- name: Setup bash screen wall - copy: src=screen_wall.sh dest=/etc/profile.d/screen_wall.sh \ No newline at end of file diff --git a/installer/playbooks/roles/dns_caching/handlers/main.yml b/installer/playbooks/roles/dns_caching/handlers/main.yml deleted file mode 100644 index 8197a1c5..00000000 --- a/installer/playbooks/roles/dns_caching/handlers/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- name: restart network manager - service: name=NetworkManager state=restarted \ No newline at end of file diff --git a/installer/playbooks/roles/dns_caching/tasks/main.yml b/installer/playbooks/roles/dns_caching/tasks/main.yml deleted file mode 100644 index 26afaf9a..00000000 --- a/installer/playbooks/roles/dns_caching/tasks/main.yml +++ /dev/null @@ -1,7 +0,0 @@ -- name: add dnsmasq to network config - lineinfile: > - dest=/etc/NetworkManager/NetworkManager.conf - regexp="dns=" - line="dns=dnsmasq" - state=present - notify: restart network manager \ No newline at end of file diff --git a/installer/playbooks/roles/epel/README.md b/installer/playbooks/roles/epel/README.md deleted file mode 100644 index 059424bf..00000000 --- a/installer/playbooks/roles/epel/README.md +++ /dev/null @@ -1,42 +0,0 @@ -# Ansible Role: EPEL Repository - -Installs the EPEL repository (Extra Packages for Enterprise Linux) for RHEL/CentOS. - -## Requirements - -This role only is needed/runs on RHEL and its derivatives. - -## Role Variables - -Available variables are listed below, along with default values (see `defaults/main.yml`): - - epel_release: - "4": 10 - "5": 4 - "6": 8 - "7": 5 - -A mapping from RHEL major version to current EPEL release version. - - epel_repo_url: "http://download.fedoraproject.org/pub/epel/{{ ansible_distribution_major_version }}/{{ ansible_userspace_architecture }}{{ '/' if ansible_distribution_major_version < '7' else '/e/' }}epel-release-{{ ansible_distribution_major_version }}-{{ epel_release[ansible_distribution_major_version] }}.noarch.rpm" - epel_repo_gpg_key_url: "/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-{{ ansible_distribution_major_version }}" - -The EPEL repo URL and GPG key URL. Generally, these should not be changed, but if this role is out of date, or if you need a very specific version, these can both be overridden. - -## Dependencies - -None. - -## Example Playbook - - - hosts: servers - roles: - - { role: geerlingguy.repo-epel } - -## License - -MIT / BSD - -## Author Information - -This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). diff --git a/installer/playbooks/roles/epel/defaults/main.yml b/installer/playbooks/roles/epel/defaults/main.yml deleted file mode 100644 index b0c89be3..00000000 --- a/installer/playbooks/roles/epel/defaults/main.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -epel_release: - "4": 10 - "5": 4 - "6": 8 - "7": 5 - -epel_repo_url: "http://download.fedoraproject.org/pub/epel/{{ ansible_distribution_major_version }}/{{ ansible_userspace_architecture }}{{ '/' if ansible_distribution_major_version < '7' else '/e/' }}epel-release-{{ ansible_distribution_major_version }}-{{ epel_release[ansible_distribution_major_version] }}.noarch.rpm" -epel_repo_gpg_key_url: "/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-{{ ansible_distribution_major_version }}" diff --git a/installer/playbooks/roles/epel/meta/main.yml b/installer/playbooks/roles/epel/meta/main.yml deleted file mode 100644 index 3731f6fa..00000000 --- a/installer/playbooks/roles/epel/meta/main.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -dependencies: [] - -galaxy_info: - author: geerlingguy - description: EPEL repository for RHEL/CentOS. - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 1.4 - platforms: - - name: EL - versions: - - 4 - - 5 - - 6 - - 7 - categories: - - packaging diff --git a/installer/playbooks/roles/epel/tasks/main.yml b/installer/playbooks/roles/epel/tasks/main.yml deleted file mode 100644 index 8ac24a69..00000000 --- a/installer/playbooks/roles/epel/tasks/main.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -- name: Install EPEL repo. - yum: - name: "{{ epel_repo_url }}" - state: present - -- name: Import EPEL GPG key. - rpm_key: - key: "{{ epel_repo_gpg_key_url }}" - state: present diff --git a/installer/playbooks/roles/fail2ban/defaults/main.yml b/installer/playbooks/roles/fail2ban/defaults/main.yml deleted file mode 100644 index 3feadba7..00000000 --- a/installer/playbooks/roles/fail2ban/defaults/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -fail2ban_nginx_access_log: /var/log/nginx/access.log \ No newline at end of file diff --git a/installer/playbooks/roles/fail2ban/handlers/main.yml b/installer/playbooks/roles/fail2ban/handlers/main.yml deleted file mode 100644 index d675d4d5..00000000 --- a/installer/playbooks/roles/fail2ban/handlers/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- name: restart fail2ban - service: name=fail2ban state=restarted \ No newline at end of file diff --git a/installer/playbooks/roles/fail2ban/tasks/main.yml b/installer/playbooks/roles/fail2ban/tasks/main.yml deleted file mode 100644 index a76bda54..00000000 --- a/installer/playbooks/roles/fail2ban/tasks/main.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -- name: Install fail2ban - yum: name=fail2ban state=present - -- name: Enable fail2ban - service: name=fail2ban enabled=yes - -- name: Create jail.d - file: path=/etc/fail2ban/jail.d state=directory - -- name: Setup filters - template: src="{{item}}-filter.conf.j2" dest="/etc/fail2ban/filter.d/{{item}}.conf" - with_items: - - nginx-proxy - notify: restart fail2ban - -- name: setup jails - template: src="{{item}}-jail.conf.j2" dest="/etc/fail2ban/jail.d/{{item}}.conf" - with_items: - - nginx-proxy - notify: restart fail2ban diff --git a/installer/playbooks/roles/fail2ban/templates/nginx-proxy-filter.conf.j2 b/installer/playbooks/roles/fail2ban/templates/nginx-proxy-filter.conf.j2 deleted file mode 100644 index 27f74cd5..00000000 --- a/installer/playbooks/roles/fail2ban/templates/nginx-proxy-filter.conf.j2 +++ /dev/null @@ -1,10 +0,0 @@ -# Block IPs trying to use server as proxy. -[Definition] -failregex = .*\" 400 - .*"[A-Z]* /(cms|muieblackcat|db|cpcommerce|cgi-bin|wp-login|joomla|awstatstotals|wp-content|wp-includes|pma|phpmyadmin|myadmin|mysql|mysqladmin|sqladmin|mypma|admin|xampp|mysqldb|pmadb|phpmyadmin1|phpmyadmin2).*" 4[\d][\d] - .*".*supports_implicit_sdk_logging.*" 4[\d][\d] - .*".*activities?advertiser_tracking_enabled.*" 4[\d][\d] - .*".*/picture?type=normal.*" 4[\d][\d] - .*".*/announce.php?info_hash=.*" 4[\d][\d] - -ignoreregex = \ No newline at end of file diff --git a/installer/playbooks/roles/fail2ban/templates/nginx-proxy-jail.conf.j2 b/installer/playbooks/roles/fail2ban/templates/nginx-proxy-jail.conf.j2 deleted file mode 100644 index 23a1dfc7..00000000 --- a/installer/playbooks/roles/fail2ban/templates/nginx-proxy-jail.conf.j2 +++ /dev/null @@ -1,8 +0,0 @@ -## block hosts trying to abuse our server as a forward proxy -[nginx-proxy] -enabled = true -filter = nginx-proxy -logpath = {{ fail2ban_nginx_access_log }} -action = iptables-multiport[name=NoNginxProxy, port="http,https"] -maxretry = 2 -bantime = 86400 \ No newline at end of file diff --git a/installer/playbooks/roles/frappe_selinux/files/frappe_selinux.te b/installer/playbooks/roles/frappe_selinux/files/frappe_selinux.te deleted file mode 100644 index b8cd1f0f..00000000 --- a/installer/playbooks/roles/frappe_selinux/files/frappe_selinux.te +++ /dev/null @@ -1,32 +0,0 @@ -module frappe_selinux 1.0; - -require { - type user_home_dir_t; - type httpd_t; - type user_home_t; - type soundd_port_t; - class tcp_socket name_connect; - class lnk_file read; - class dir { getattr search }; - class file { read open }; -} - -#============= httpd_t ============== - -#!!!! This avc is allowed in the current policy -allow httpd_t soundd_port_t:tcp_socket name_connect; - -#!!!! This avc is allowed in the current policy -allow httpd_t user_home_dir_t:dir search; - -#!!!! This avc is allowed in the current policy -allow httpd_t user_home_t:dir { getattr search }; - -#!!!! This avc can be allowed using the boolean 'httpd_read_user_content' -allow httpd_t user_home_t:file open; - -#!!!! This avc is allowed in the current policy -allow httpd_t user_home_t:file read; - -#!!!! This avc is allowed in the current policy -allow httpd_t user_home_t:lnk_file read; \ No newline at end of file diff --git a/installer/playbooks/roles/frappe_selinux/tasks/main.yml b/installer/playbooks/roles/frappe_selinux/tasks/main.yml deleted file mode 100644 index 67ac1dd1..00000000 --- a/installer/playbooks/roles/frappe_selinux/tasks/main.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -- name: Install deps - yum: name="{{item}}" state=present - with_items: - - policycoreutils-python - - selinux-policy-devel - -- name: Check enabled SELinux modules - shell: semanage module -l - register: enabled_modules - -- name: Copy frappe_selinux policy - copy: src=frappe_selinux.te dest=/root/frappe_selinux.te - register: dest_frappe_selinux_te - -- name: Compile frappe_selinux policy - shell: "make -f /usr/share/selinux/devel/Makefile frappe_selinux.pp && semodule -i frappe_selinux.pp" - args: - chdir: /root/ - when: "enabled_modules.stdout.find('frappe_selinux') == -1 or dest_frappe_selinux_te.changed" - diff --git a/installer/playbooks/roles/locale/defaults/main.yml b/installer/playbooks/roles/locale/defaults/main.yml deleted file mode 100644 index 3b713b45..00000000 --- a/installer/playbooks/roles/locale/defaults/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -locale_keymap: us -locale_lang: en_US.utf8 \ No newline at end of file diff --git a/installer/playbooks/roles/locale/tasks/main.yml b/installer/playbooks/roles/locale/tasks/main.yml deleted file mode 100644 index 3c211eb5..00000000 --- a/installer/playbooks/roles/locale/tasks/main.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: Check current locale - shell: localectl - register: locale_test - -- name: Set Locale - command: "localectl set-locale LANG={{ locale_lang }}" - when: locale_test.stdout.find('LANG={{ locale_lang }}') == -1 - -- name: Set keymap - command: "localectl set-keymap {{ locale_keymap }}" - when: "locale_test.stdout.find('Keymap: {{locale_keymap}}') == -1" \ No newline at end of file diff --git a/installer/playbooks/roles/logwatch/defaults/main.yml b/installer/playbooks/roles/logwatch/defaults/main.yml deleted file mode 100644 index 7c82c654..00000000 --- a/installer/playbooks/roles/logwatch/defaults/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -logwatch_emails: "{{ admin_emails }}" -logwatch_detail: High diff --git a/installer/playbooks/roles/logwatch/tasks/main.yml b/installer/playbooks/roles/logwatch/tasks/main.yml deleted file mode 100644 index 6d129c69..00000000 --- a/installer/playbooks/roles/logwatch/tasks/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Install logwatch - yum: name=logwatch state=present - -- name: Copy logwatch config - template: src=logwatch.conf.j2 dest=/etc/logwatch/conf/logwatch.conf backup=yes \ No newline at end of file diff --git a/installer/playbooks/roles/logwatch/templates/logwatch.conf.j2 b/installer/playbooks/roles/logwatch/templates/logwatch.conf.j2 deleted file mode 100644 index a5c45cf8..00000000 --- a/installer/playbooks/roles/logwatch/templates/logwatch.conf.j2 +++ /dev/null @@ -1,2 +0,0 @@ -MailTo = {{ logwatch_emails }} -Detail = {{ logwatch_detail }} \ No newline at end of file diff --git a/installer/playbooks/roles/mariadb/README.md b/installer/playbooks/roles/mariadb/README.md deleted file mode 100644 index bc872db5..00000000 --- a/installer/playbooks/roles/mariadb/README.md +++ /dev/null @@ -1,64 +0,0 @@ -# Ansible Role: MariaDB - -Installs MariaDB - -## Supported platforms - -``` -CentOS 6 & 7 -Ubuntu 14.04 -``` - -## Post install - -Run `mysql_secure_installation` - -## Requirements - -None - -## Role Variables - -MariaDB version: - -``` -mariadb_version: 10.0 -``` - -Configuration template: - -``` -mysql_conf_tpl: change_me -``` - -Configuration filename: - -``` -mysql_conf_file: settings.cnf -``` - -### Experimental unattended mysql_secure_installation - -``` -ansible-playbook release.yml --extra-vars "mysql_secure_installation=true mysql_root_password=your_very_secret_password" -``` - -## Dependencies - -None - -## Example Playbook - -``` -- hosts: servers - roles: - - { role: pcextreme.mariadb } -``` - -## License - -MIT / BSD - -## Author Information - -Created by [Attila van der Velde](https://github.com/vdvm) diff --git a/installer/playbooks/roles/mariadb/defaults/main.yml b/installer/playbooks/roles/mariadb/defaults/main.yml deleted file mode 100644 index c091ab71..00000000 --- a/installer/playbooks/roles/mariadb/defaults/main.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -mariadb_version: 10.0 - -mysql_conf_tpl: change_me -mysql_conf_file: settings.cnf - -mysql_secure_installation: false -mysql_root_password: frappe diff --git a/installer/playbooks/roles/mariadb/handlers/main.yml b/installer/playbooks/roles/mariadb/handlers/main.yml deleted file mode 100644 index 3755d8ce..00000000 --- a/installer/playbooks/roles/mariadb/handlers/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- name: restart mysql - service: name=mysql state=restarted diff --git a/installer/playbooks/roles/mariadb/meta/main.yml b/installer/playbooks/roles/mariadb/meta/main.yml deleted file mode 100644 index b2beef2c..00000000 --- a/installer/playbooks/roles/mariadb/meta/main.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -galaxy_info: - author: "Attila van der Velde" - description: "Installs MariaDB" - company: "PCextreme B.V." - license: "license (MIT, BSD)" - min_ansible_version: 1.8 - platforms: - - name: EL - versions: - - 6 - - 7 - - name: Ubuntu - versions: - - trusty - categories: - - database:sql - -dependencies: [] diff --git a/installer/playbooks/roles/mariadb/tasks/centos.yml b/installer/playbooks/roles/mariadb/tasks/centos.yml deleted file mode 100644 index 84b49c55..00000000 --- a/installer/playbooks/roles/mariadb/tasks/centos.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: Add repo file - template: src=mariadb_centos.repo.j2 dest=/etc/yum.repos.d/mariadb.repo owner=root group=root mode=0644 - -- name: Install MariaDB - yum: name={{ item }} enablerepo=mariadb state=present - with_items: - - MariaDB-server - - MariaDB-client - - MySQL-python - - MariaDB-devel - diff --git a/installer/playbooks/roles/mariadb/tasks/main.yml b/installer/playbooks/roles/mariadb/tasks/main.yml deleted file mode 100644 index 2c185324..00000000 --- a/installer/playbooks/roles/mariadb/tasks/main.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- include: centos.yml - when: ansible_distribution == 'CentOS' and ansible_distribution_major_version|int >= 6 - -- include: ubuntu.yml - when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == '14.04' - -- name: Add configuration - template: src={{ mysql_conf_tpl }} dest={{ mysql_conf_dir[ansible_distribution] }}/{{ mysql_conf_file }} owner=root group=root mode=0644 - when: mysql_conf_tpl != 'change_me' - notify: restart mysql - -- name: Start and enable service - service: name=mysql state=started enabled=yes - -- include: mysql_secure_installation.yml -- debug: var=mysql_secure_installation - when: mysql_secure_installation and mysql_root_password is defined diff --git a/installer/playbooks/roles/mariadb/tasks/mysql_secure_installation.yml b/installer/playbooks/roles/mariadb/tasks/mysql_secure_installation.yml deleted file mode 100644 index 6d1d9996..00000000 --- a/installer/playbooks/roles/mariadb/tasks/mysql_secure_installation.yml +++ /dev/null @@ -1,59 +0,0 @@ ---- -# Set root password -# UPDATE mysql.user SET Password=PASSWORD('mysecret') WHERE User='root'; -# FLUSH PRIVILEGES; - - -- name: Set root Password - mysql_user: name=root host={{ item }} password={{ mysql_root_password }} state=present - with_items: - - localhost - -- name: Add .my.cnf - command: '/usr/bin/whoami' - register: current_user - template: src=my.cnf.j2 dest=/home/{{ current_user }}/.my.cnf owner=root group=root mode=0600 - -- name: Set root Password - mysql_user: name=root host={{ item }} password={{ mysql_root_password }} state=present - with_items: - - 127.0.0.1 - - ::1 - -- name: Reload privilege tables - command: 'mysql -ne "{{ item }}"' - with_items: - - FLUSH PRIVILEGES - changed_when: False - -- name: Reload privilege tables - command: 'mysql -ne "{{ item }}"' - with_items: - - FLUSH PRIVILEGES - changed_when: False - -- name: Remove anonymous users - command: 'mysql -ne "{{ item }}"' - with_items: - - DELETE FROM mysql.user WHERE User='' - changed_when: False - -- name: Disallow root login remotely - command: 'mysql -ne "{{ item }}"' - with_items: - - DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1') - changed_when: False - -- name: Remove test database and access to it - command: 'mysql -ne "{{ item }}"' - with_items: - - DROP DATABASE if exists test - - DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%' - changed_when: False - ignore_errors: True - -- name: Reload privilege tables - command: 'mysql -ne "{{ item }}"' - with_items: - - FLUSH PRIVILEGES - changed_when: False diff --git a/installer/playbooks/roles/mariadb/tasks/ubuntu.yml b/installer/playbooks/roles/mariadb/tasks/ubuntu.yml deleted file mode 100644 index ea5c1031..00000000 --- a/installer/playbooks/roles/mariadb/tasks/ubuntu.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -- name: Add repo file - template: src=mariadb_ubuntu.list.j2 dest=/etc/apt/sources.list.d/mariadb.list owner=root group=root mode=0644 - register: mariadb_list - -- name: Add repo key - apt_key: id=1BB943DB url=http://keyserver.ubuntu.com/pks/lookup?op=get&search=0xCBCB082A1BB943DB state=present - register: mariadb_key - -- name: Update apt cache - apt: update_cache=yes - when: mariadb_list.changed == True or mariadb_key.changed == True - -- name: Unattended package installation - shell: export DEBIAN_FRONTEND=noninteractive - changed_when: false - -- name: Install MariaDB - apt: pkg={{ item }} state=present - with_items: - - mariadb-server - - mariadb-client - - python-mysqldb diff --git a/installer/playbooks/roles/mariadb/templates/mariadb_centos.repo.j2 b/installer/playbooks/roles/mariadb/templates/mariadb_centos.repo.j2 deleted file mode 100644 index 64738cc1..00000000 --- a/installer/playbooks/roles/mariadb/templates/mariadb_centos.repo.j2 +++ /dev/null @@ -1,7 +0,0 @@ -# MariaDB CentOS {{ ansible_distribution_major_version|int }} repository list -# http://mariadb.org/mariadb/repositories/ -[mariadb] -name = MariaDB -baseurl = http://yum.mariadb.org/{{ mariadb_version }}/centos{{ ansible_distribution_major_version|int }}-amd64 -gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB -gpgcheck=1 diff --git a/installer/playbooks/roles/mariadb/templates/mariadb_ubuntu.list.j2 b/installer/playbooks/roles/mariadb/templates/mariadb_ubuntu.list.j2 deleted file mode 100644 index 981b4d6b..00000000 --- a/installer/playbooks/roles/mariadb/templates/mariadb_ubuntu.list.j2 +++ /dev/null @@ -1,4 +0,0 @@ -# MariaDB Ubuntu {{ ansible_distribution_release | title }} repository list -# http://mariadb.org/mariadb/repositories/ -deb http://ams2.mirrors.digitalocean.com/mariadb/repo/{{ mariadb_version }}/ubuntu {{ ansible_distribution_release | lower }} main -deb-src http://ams2.mirrors.digitalocean.com/mariadb/repo/{{ mariadb_version }}/ubuntu {{ ansible_distribution_release | lower }} main diff --git a/installer/playbooks/roles/mariadb/templates/my.cnf.j2 b/installer/playbooks/roles/mariadb/templates/my.cnf.j2 deleted file mode 100644 index b63b4e63..00000000 --- a/installer/playbooks/roles/mariadb/templates/my.cnf.j2 +++ /dev/null @@ -1,3 +0,0 @@ -[client] -user=root -password={{ mysql_root_password }} diff --git a/installer/playbooks/roles/mariadb/vars/main.yml b/installer/playbooks/roles/mariadb/vars/main.yml deleted file mode 100644 index 4248ca90..00000000 --- a/installer/playbooks/roles/mariadb/vars/main.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -mysql_conf_dir: - "CentOS": /etc/my.cnf.d - "Ubuntu": /etc/mysql/conf.d diff --git a/installer/playbooks/roles/nginx/.travis.yml b/installer/playbooks/roles/nginx/.travis.yml deleted file mode 100644 index 24648b13..00000000 --- a/installer/playbooks/roles/nginx/.travis.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -language: python -python: "2.7" - -env: - - SITE=test.yml - -before_install: - - sudo apt-get update -qq - - sudo apt-get install -y curl - -install: - # Install Ansible. - - pip install ansible - - # Add ansible.cfg to pick up roles path. - - "{ echo '[defaults]'; echo 'roles_path = ../'; } >> ansible.cfg" - -script: - # Check the role/playbook's syntax. - - "ansible-playbook -i tests/inventory tests/$SITE --syntax-check" - - # Run the role/playbook with ansible-playbook. - - "ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo" - - # Run the role/playbook again, checking to make sure it's idempotent. - - > - ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo - | grep -q 'changed=0.*failed=0' - && (echo 'Idempotence test: pass' && exit 0) - || (echo 'Idempotence test: fail' && exit 1) - - # TODO - get the test working. Probably need to add a virtual host. - # Request a page via Nginx, to make sure Nginx is running and responds. - # - "curl http://localhost/" diff --git a/installer/playbooks/roles/nginx/README.md b/installer/playbooks/roles/nginx/README.md deleted file mode 100644 index 00bfb8a2..00000000 --- a/installer/playbooks/roles/nginx/README.md +++ /dev/null @@ -1,82 +0,0 @@ -# Ansible Role: Nginx - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-nginx.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-nginx) - -Installs Nginx on RedHat/CentOS or Debian/Ubuntu linux servers. - -This role installs and configures the latest version of Nginx from the Nginx yum repository (on RedHat-based systems) or via apt (on Debian-based systems). You will likely need to do extra setup work after this role has installed Nginx, like adding your own [virtualhost].conf file inside `/etc/nginx/conf.d/`, describing the location and options to use for your particular website. - -## Requirements - -None. - -## Role Variables - -Available variables are listed below, along with default values (see `defaults/main.yml`): - - nginx_vhosts: [] - -A list of vhost definitions (server blocks) for Nginx virtual hosts. If left empty, you will need to supply your own virtual host configuration. See the commented example in `defaults/main.yml` for available server options. If you have a large number of customizations required for your server definition(s), you're likely better off managing the vhost configuration file yourself, leaving this variable set to `[]`. - - nginx_remove_default_vhost: false - -Whether to remove the 'default' virtualhost configuration supplied by Nginx. Useful if you want the base `/` URL to be directed at one of your own virtual hosts configured in a separate .conf file. - - nginx_upstreams: [] - -If you are configuring Nginx as a load balancer, you can define one or more upstream sets using this variable. In addition to defining at least one upstream, you would need to configure one of your server blocks to proxy requests through the defined upstream (e.g. `proxy_pass http://myapp1;`). See the commented example in `defaults/main.yml` for more information. - - nginx_user: "nginx" - -The user under which Nginx will run. Defaults to `nginx` for RedHat, and `www-data` for Debian. - - nginx_worker_processes: "1" - nginx_worker_connections: "1024" - -`nginx_worker_processes` should be set to the number of cores present on your machine. Connections (find this number with `grep processor /proc/cpuinfo | wc -l`). `nginx_worker_connections` is the number of connections per process. Set this higher to handle more simultaneous connections (and remember that a connection will be used for as long as the keepalive timeout duration for every client!). - - nginx_error_log: "/var/log/nginx/error.log warn" - nginx_access_log: "/var/log/nginx/access.log main buffer=16k" - -Configuration of the default error and access logs. Set to `off` to disable a log entirely. - - nginx_sendfile: "on" - nginx_tcp_nopush: "on" - nginx_tcp_nodelay: "on" - -TCP connection options. See [this blog post](https://t37.net/nginx-optimization-understanding-sendfile-tcp_nodelay-and-tcp_nopush.html) for more information on these directives. - - nginx_keepalive_timeout: "65" - nginx_keepalive_requests: "100" - -Nginx keepalive settings. Timeout should be set higher (10s+) if you have more polling-style traffic (AJAX-powered sites especially), or lower (<10s) if you have a site where most users visit a few pages and don't send any further requests. - - nginx_client_max_body_size: "64m" - -This value determines the largest file upload possible, as uploads are passed through Nginx before hitting a backend like `php-fpm`. If you get an error like `client intended to send too large body`, it means this value is set too low. - - nginx_proxy_cache_path: "" - -Set as the `proxy_cache_path` directive in the `nginx.conf` file. By default, this will not be configured (if left as an empty string), but if you wish to use Nginx as a reverse proxy, you can set this to a valid value (e.g. `"/var/cache/nginx keys_zone=cache:32m"`) to use Nginx's cache (further proxy configuration can be done in individual server configurations). - - nginx_default_release: "" - -(For Debian/Ubuntu only) Allows you to set a different repository for the installation of Nginx. As an example, if you are running Debian's wheezy release, and want to get a newer version of Nginx, you can install the `wheezy-backports` repository and set that value here, and Ansible will use that as the `-t` option while installing Nginx. - -## Dependencies - -None. - -## Example Playbook - - - hosts: server - roles: - - { role: geerlingguy.nginx } - -## License - -MIT / BSD - -## Author Information - -This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). diff --git a/installer/playbooks/roles/nginx/defaults/main.yml b/installer/playbooks/roles/nginx/defaults/main.yml deleted file mode 100644 index 8aacad8c..00000000 --- a/installer/playbooks/roles/nginx/defaults/main.yml +++ /dev/null @@ -1,47 +0,0 @@ ---- -# Used only for Debian/Ubuntu installation, as the -t option for apt. -nginx_default_release: "" - -nginx_worker_processes: "1" -nginx_worker_connections: "1024" - -nginx_error_log: "/var/log/nginx/error.log warn" -nginx_access_log: "/var/log/nginx/access.log main buffer=16k" - -nginx_sendfile: "on" -nginx_tcp_nopush: "on" -nginx_tcp_nodelay: "on" - -nginx_keepalive_timeout: "65" -nginx_keepalive_requests: "100" - -nginx_client_max_body_size: "64m" - -nginx_proxy_cache_path: "" - -nginx_remove_default_vhost: false -nginx_vhosts: [] -# Example vhost below, showing all available options: -# - { -# listen: "80 default_server", # default: "80 default_server" -# server_name: "example.com", # default: N/A -# root: "/var/www/example.com", # default: N/A -# index: "index.html index.htm", # default: "index.html index.htm" -# -# # Properties that are only added if defined: -# error_page: "", -# access_log: "", -# extra_config: "" # Can be used to add extra config blocks (multiline). -# } - -nginx_upstreams: [] -# - { -# name: myapp1, -# strategy: "ip_hash", # "least_conn", etc. -# servers: { -# "srv1.example.com", -# "srv2.example.com weight=3", -# "srv3.example.com" -# } -# } -nginx_conf_file: nginx.conf.j2 \ No newline at end of file diff --git a/installer/playbooks/roles/nginx/handlers/main.yml b/installer/playbooks/roles/nginx/handlers/main.yml deleted file mode 100644 index 92971d2c..00000000 --- a/installer/playbooks/roles/nginx/handlers/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- name: restart nginx - service: name=nginx state=restarted diff --git a/installer/playbooks/roles/nginx/meta/main.yml b/installer/playbooks/roles/nginx/meta/main.yml deleted file mode 100644 index efbe68f7..00000000 --- a/installer/playbooks/roles/nginx/meta/main.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -dependencies: [] - -galaxy_info: - author: geerlingguy - description: Nginx installation for Linux/UNIX. - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 1.4 - platforms: - - name: EL - versions: - - 6 - - 7 - - name: Debian - versions: - - all - - name: Ubuntu - versions: - - all - categories: - - development - - web diff --git a/installer/playbooks/roles/nginx/tasks/main.yml b/installer/playbooks/roles/nginx/tasks/main.yml deleted file mode 100644 index da4be94d..00000000 --- a/installer/playbooks/roles/nginx/tasks/main.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -# Variable setup. -- name: Include OS-specific variables. - include_vars: "{{ ansible_os_family }}.yml" - -- name: Define nginx_user. - set_fact: - nginx_user: "{{ __nginx_user }}" - when: nginx_user is not defined - -# Setup/install tasks. -- include: setup-RedHat.yml - when: ansible_os_family == 'RedHat' - -- include: setup-Debian.yml - when: ansible_os_family == 'Debian' - -# Nginx setup. -- name: Copy nginx configuration in place. - template: - src: "{{ nginx_conf_file }}" - dest: /etc/nginx/nginx.conf - owner: root - group: root - mode: 0644 - notify: restart nginx - -- name: Ensure nginx is started and enabled to start at boot. - service: name=nginx state=started enabled=yes - -- include: vhosts.yml diff --git a/installer/playbooks/roles/nginx/tasks/setup-Debian.yml b/installer/playbooks/roles/nginx/tasks/setup-Debian.yml deleted file mode 100644 index ced11b65..00000000 --- a/installer/playbooks/roles/nginx/tasks/setup-Debian.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Ensure nginx is installed. - apt: - pkg: nginx - state: installed - default_release: "{{ nginx_default_release }}" diff --git a/installer/playbooks/roles/nginx/tasks/setup-RedHat.yml b/installer/playbooks/roles/nginx/tasks/setup-RedHat.yml deleted file mode 100644 index 73f205e5..00000000 --- a/installer/playbooks/roles/nginx/tasks/setup-RedHat.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- name: Enable nginx repo. - template: - src: nginx.repo.j2 - dest: /etc/yum.repos.d/nginx.repo - owner: root - group: root - mode: 0644 - -- name: Ensure nginx is installed. - yum: pkg=nginx state=installed enablerepo=nginx diff --git a/installer/playbooks/roles/nginx/tasks/vhosts.yml b/installer/playbooks/roles/nginx/tasks/vhosts.yml deleted file mode 100644 index 5ee8ec22..00000000 --- a/installer/playbooks/roles/nginx/tasks/vhosts.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -- name: Remove default nginx vhost config file (if configured). - file: - path: "{{ nginx_default_vhost_path }}" - state: absent - when: nginx_remove_default_vhost - notify: restart nginx - -- name: Add managed vhost config file (if any vhosts are configured). - template: - src: vhosts.j2 - dest: "{{ nginx_vhost_path }}/vhosts.conf" - mode: 0644 - when: nginx_vhosts - notify: restart nginx - -- name: Remove managed vhost config file (if no vhosts are configured). - file: - path: "{{ nginx_vhost_path }}/vhosts.conf" - state: absent - when: not nginx_vhosts - notify: restart nginx diff --git a/installer/playbooks/roles/nginx/templates/nginx.conf.j2 b/installer/playbooks/roles/nginx/templates/nginx.conf.j2 deleted file mode 100644 index a43202ce..00000000 --- a/installer/playbooks/roles/nginx/templates/nginx.conf.j2 +++ /dev/null @@ -1,51 +0,0 @@ -user {{ nginx_user }}; - -error_log {{ nginx_error_log }}; -pid /var/run/nginx.pid; - -worker_processes {{ nginx_worker_processes }}; - -events { - worker_connections {{ nginx_worker_connections }}; -} - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - server_names_hash_bucket_size 64; - - client_max_body_size {{ nginx_client_max_body_size }}; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log {{ nginx_access_log }}; - - sendfile {{ nginx_sendfile }}; - tcp_nopush {{ nginx_tcp_nopush }}; - tcp_nodelay {{ nginx_tcp_nodelay }}; - - keepalive_timeout {{ nginx_keepalive_timeout }}; - keepalive_requests {{ nginx_keepalive_requests }}; - - #gzip on; - -{% if nginx_proxy_cache_path %} - proxy_cache_path {{ nginx_proxy_cache_path }}; -{% endif %} - -{% for upstream in nginx_upstreams %} - upstream {{ upstream.name }} { -{% if upstream.strategy is defined %} - {{ upstream.strategy }}; -{% endif %} -{% for server in upstream.servers %} - server {{ server }}; -{% endfor %} - } -{% endfor %} - - include {{ nginx_vhost_path }}/*; -} diff --git a/installer/playbooks/roles/nginx/templates/nginx.repo.j2 b/installer/playbooks/roles/nginx/templates/nginx.repo.j2 deleted file mode 100644 index 9a853b70..00000000 --- a/installer/playbooks/roles/nginx/templates/nginx.repo.j2 +++ /dev/null @@ -1,5 +0,0 @@ -[nginx] -name=nginx repo -baseurl=http://nginx.org/packages/centos/{{ ansible_distribution_major_version }}/$basearch/ -gpgcheck=0 -enabled=1 diff --git a/installer/playbooks/roles/nginx/templates/vhosts.j2 b/installer/playbooks/roles/nginx/templates/vhosts.j2 deleted file mode 100644 index 09bda352..00000000 --- a/installer/playbooks/roles/nginx/templates/vhosts.j2 +++ /dev/null @@ -1,24 +0,0 @@ -{% for vhost in nginx_vhosts %} -server { - listen {{ vhost.listen | default('80 default_server') }}; - server_name {{ vhost.server_name }}; - - root {{ vhost.root }}; - index {{ vhost.index | default('index.html index.htm') }}; - - {% if vhost.error_page is defined %} - error_page {{ vhost.error_page }}; - {% endif %} - {% if vhost.access_log is defined %} - access_log {{ vhost.access_log }}; - {% endif %} - - {% if vhost.return is defined %} - return {{ vhost.return }}; - {% endif %} - - {% if vhost.extra_parameters is defined %} - {{ vhost.extra_parameters }}; - {% endif %} -} -{% endfor %} diff --git a/installer/playbooks/roles/nginx/tests/inventory b/installer/playbooks/roles/nginx/tests/inventory deleted file mode 100644 index 2fbb50c4..00000000 --- a/installer/playbooks/roles/nginx/tests/inventory +++ /dev/null @@ -1 +0,0 @@ -localhost diff --git a/installer/playbooks/roles/nginx/tests/test.yml b/installer/playbooks/roles/nginx/tests/test.yml deleted file mode 100644 index 42bba2c0..00000000 --- a/installer/playbooks/roles/nginx/tests/test.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - ansible-role-nginx diff --git a/installer/playbooks/roles/nginx/vars/Debian.yml b/installer/playbooks/roles/nginx/vars/Debian.yml deleted file mode 100644 index b78b7c55..00000000 --- a/installer/playbooks/roles/nginx/vars/Debian.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -nginx_vhost_path: /etc/nginx/sites-enabled -nginx_default_vhost_path: /etc/nginx/sites-enabled/default -__nginx_user: "www-data" diff --git a/installer/playbooks/roles/nginx/vars/RedHat.yml b/installer/playbooks/roles/nginx/vars/RedHat.yml deleted file mode 100644 index 24123048..00000000 --- a/installer/playbooks/roles/nginx/vars/RedHat.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -nginx_vhost_path: /etc/nginx/conf.d -nginx_default_vhost_path: /etc/nginx/conf.d/default.conf -__nginx_user: "nginx" diff --git a/installer/playbooks/roles/ntpd/tasks/main.yml b/installer/playbooks/roles/ntpd/tasks/main.yml deleted file mode 100644 index 19881f82..00000000 --- a/installer/playbooks/roles/ntpd/tasks/main.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -- name: Install ntpd - yum: name="{{item}}" state=installed - with_items: - - ntp - - ntpdate - -- name: enable ntpd - service: name=ntpd enabled=yes state=started \ No newline at end of file diff --git a/installer/playbooks/roles/swap/defaults/main.yml b/installer/playbooks/roles/swap/defaults/main.yml deleted file mode 100644 index 3eac0ae0..00000000 --- a/installer/playbooks/roles/swap/defaults/main.yml +++ /dev/null @@ -1 +0,0 @@ -swap_size_mb: 1024 \ No newline at end of file diff --git a/installer/playbooks/roles/swap/tasks/main.yml b/installer/playbooks/roles/swap/tasks/main.yml deleted file mode 100644 index 1d61d2f4..00000000 --- a/installer/playbooks/roles/swap/tasks/main.yml +++ /dev/null @@ -1,18 +0,0 @@ -- name: Create swap space - command: dd if=/dev/zero of=/extraswap bs=1M count={{swap_size_mb}} - when: ansible_swaptotal_mb < 1 - -- name: Make swap - command: mkswap /extraswap - when: ansible_swaptotal_mb < 1 - -- name: Add to fstab - action: lineinfile dest=/etc/fstab regexp="extraswap" line="/extraswap none swap sw 0 0" state=present - when: ansible_swaptotal_mb < 1 - -- name: Turn swap on - command: swapon -a - when: ansible_swaptotal_mb < 1 - -- name: Set swapiness - shell: echo 1 | tee /proc/sys/vm/swappiness \ No newline at end of file diff --git a/installer/playbooks/roles/wkhtmltopdf/defaults/main.yml b/installer/playbooks/roles/wkhtmltopdf/defaults/main.yml deleted file mode 100644 index 76266ab0..00000000 --- a/installer/playbooks/roles/wkhtmltopdf/defaults/main.yml +++ /dev/null @@ -1 +0,0 @@ -wkhtmltopdf_version: 0.12.2.1 \ No newline at end of file diff --git a/installer/playbooks/roles/wkhtmltopdf/tasks/main.yml b/installer/playbooks/roles/wkhtmltopdf/tasks/main.yml deleted file mode 100644 index 7f246b39..00000000 --- a/installer/playbooks/roles/wkhtmltopdf/tasks/main.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -- name: install base fonts - yum: name={{ item }} state=present - with_items: - - libXrender - - libXext - - xorg-x11-fonts-75dpi - - xorg-x11-fonts-Type1 - when: ansible_os_family == 'RedHat' - -- name: Install wkhtmltopdf rpm - yum: name=http://download.gna.org/wkhtmltopdf/0.12/{{ wkhtmltopdf_version }}/wkhtmltox-{{ wkhtmltopdf_version }}_linux-centos{{ ansible_distribution_major_version }}-{{ "amd64" if ansible_architecture == "x86_64" else "i386"}}.rpm - when: ansible_os_family == 'RedHat' - -- name: install base fonts - apt: name={{ item }} state=present force=yes - with_items: - - libxrender1 - - libxext6 - - xfonts-75dpi - - xfonts-base - when: ansible_os_family == 'Debian' - -- name: Download wkhtmltopdf - get_url: - url=http://download.gna.org/wkhtmltopdf/0.12/{{ wkhtmltopdf_version }}/wkhtmltox-{{ wkhtmltopdf_version }}_linux-{{ ansible_distribution_release }}-{{ "amd64" if ansible_architecture == "x86_64" else "i386"}}.deb - dest="/tmp/" - when: ansible_os_family == 'Debian' - -- name: Install wkhtmltopdf deb - apt: deb=/tmp/wkhtmltox-{{ wkhtmltopdf_version }}_linux-{{ ansible_distribution_release }}-{{ "amd64" if ansible_architecture == "x86_64" else "i386"}}.deb - when: ansible_os_family == 'Debian' diff --git a/installer/playbooks/templates/mariadb_config.cnf b/installer/playbooks/templates/mariadb_config.cnf deleted file mode 100644 index 6d4bcf28..00000000 --- a/installer/playbooks/templates/mariadb_config.cnf +++ /dev/null @@ -1,60 +0,0 @@ -[mysqld] - -# GENERAL # -user = mysql -default-storage-engine = InnoDB -socket = /var/lib/mysql/mysql.sock -pid-file = /var/lib/mysql/mysql.pid - -# MyISAM # -key-buffer-size = 32M -myisam-recover = FORCE,BACKUP - -# SAFETY # -max-allowed-packet = 16M -max-connect-errors = 1000000 -innodb = FORCE - -# DATA STORAGE # -datadir = /var/lib/mysql/ - -# BINARY LOGGING # -log-bin = /var/lib/mysql/mysql-bin -expire-logs-days = 14 -sync-binlog = 1 - -# REPLICATION # -server-id = 1 - -# CACHES AND LIMITS # -tmp-table-size = 32M -max-heap-table-size = 32M -query-cache-type = 0 -query-cache-size = 0 -max-connections = 500 -thread-cache-size = 50 -open-files-limit = 65535 -table-definition-cache = 4096 -table-open-cache = 10240 - -# INNODB # -innodb-flush-method = O_DIRECT -innodb-log-files-in-group = 2 -innodb-log-file-size = 512M -innodb-flush-log-at-trx-commit = 1 -innodb-file-per-table = 1 -innodb-buffer-pool-size = {{ (ansible_memtotal_mb*0.685)|round|int }}M -innodb-file-format = barracuda -innodb-large-prefix = 1 -collation-server = utf8mb4_unicode_ci -character-set-server = utf8mb4 -character-set-client-handshake = FALSE - -# LOGGING # -log-error = /var/lib/mysql/mysql-error.log -log-queries-not-using-indexes = 0 -slow-query-log = 1 -slow-query-log-file = /var/lib/mysql/mysql-slow.log - -[mysql] -default-character-set = utf8mb4 diff --git a/installer/playbooks/templates/nginx.conf b/installer/playbooks/templates/nginx.conf deleted file mode 100644 index fa487e86..00000000 --- a/installer/playbooks/templates/nginx.conf +++ /dev/null @@ -1,59 +0,0 @@ -user nginx; -worker_processes 6; -worker_rlimit_nofile 65535; - -error_log /var/log/nginx/error.log warn; -pid /var/run/nginx.pid; - - -events { - worker_connections 2048; - multi_accept on; -} - - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - tcp_nopush on; - tcp_nodelay on; - server_tokens off; - #tcp_nopush on; - - keepalive_timeout 10; - keepalive_requests 10; - - gzip on; - gzip_disable "msie6"; - - gzip_vary on; - gzip_proxied any; - gzip_comp_level 6; - gzip_buffers 16 8k; - gzip_http_version 1.1; - gzip_types text/plain text/css application/json application/javascript image/svg+xml text/html "application/json; charset: utf-8" "text/html; charset: utf-8" application/font-woff; - - server_names_hash_max_size 4096; - #server_names_hash_bucket_size 64; - - open_file_cache max=65000 inactive=1m; - open_file_cache_valid 5s; - open_file_cache_min_uses 1; - open_file_cache_errors on; - - ssl_protocols SSLv3 TLSv1; - ssl_ciphers ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM; - ssl_prefer_server_ciphers on; - - proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=web-cache:8m max_size=1000m inactive=600m; - - include /etc/nginx/conf.d/*.conf; -} \ No newline at end of file diff --git a/playbooks/develop/create_user.yml b/playbooks/develop/create_user.yml old mode 100644 new mode 100755 index 8cc1d79a..306dabc1 --- a/playbooks/develop/create_user.yml +++ b/playbooks/develop/create_user.yml @@ -10,7 +10,7 @@ file: path: '/home/{{ frappe_user }}' mode: 'o+rx' - when: ansible_distribution == 'Ubuntu' or ansible_distribution == 'CentOS' + when: ansible_distribution == 'Ubuntu' or ansible_distribution == 'CentOS' or ansible_distribution == 'Debian' - name: Set home folder perms file: @@ -20,4 +20,4 @@ - name: Set /tmp/.bench folder perms command: 'chown -R {{ frappe_user }}:{{ frappe_user }} {{ repo_path }}' - when: ansible_distribution == 'Ubuntu' or ansible_distribution == 'CentOS' + when: ansible_distribution == 'Ubuntu' or ansible_distribution == 'CentOS' or ansible_distribution == 'Debian' \ No newline at end of file diff --git a/playbooks/develop/debian.yml b/playbooks/develop/debian.yml new file mode 100644 index 00000000..e858be0c --- /dev/null +++ b/playbooks/develop/debian.yml @@ -0,0 +1,101 @@ +--- +- hosts: localhost + vars: + bench_repo_path: "/home/{{ ansible_user_id }}/.bench" + bench_path: "/home/{{ ansible_user_id }}/frappe-bench" + mysql_config_template: "templates/simple_mariadb_config.cnf" + mysql_conf_dir: /etc/mysql/conf.d/ + wkhtmltopdf_version: 0.12.2.1 + + tasks: + + # install pre-requisites + - name: install prequisites + apt: pkg={{ item }} state=present + with_items: + # basic installs + - build-essential + - redis-server + + # for mariadb + - software-properties-common + + # for wkhtmltopdf + - libxrender1 + - libxext6 + - xfonts-75dpi + - xfonts-base + + # for Pillow + - zlib1g-dev + - libfreetype6-dev + - liblcms2-dev + - libwebp-dev + - python-tk + + become: yes + become_user: root + + - name: install pillow prerequisites for Debian < 8 + apt: pkg={{ item }} state=present + with_items: + - libjpeg8-dev + - libtiff4-dev + - tcl8.5-dev + - tk8.5-dev + when: ansible_distribution_version | version_compare('8', 'lt') + become: yes + become_user: root + + - name: install pillow prerequisites for Debian >= 8 + apt: pkg={{ item }} state=present + with_items: + - libjpeg62-turbo-dev + - libtiff5-dev + - tcl8.5-dev + - tk8.5-dev + when: ansible_distribution_version | version_compare('8', 'ge') + become: yes + become_user: root + + - name: Add nodejs v5 repo + get_url: + url: 'https://deb.nodesource.com/setup_5.x' + dest: '/tmp/setup_5.x' + mode: 0644 + become: yes + become_user: root + + - name: Install setup_5.x + command: /bin/bash /tmp/setup_5.x + become: yes + become_user: root + + - name: Update and Install Node v5 + apt: + name: nodejs + state: present + update_cache: yes + force: yes + become: yes + become_user: root + + # install MariaDB + - include: includes/mariadb_debian.yml + + # install WKHTMLtoPDF + - include: includes/wkhtmltopdf_ubuntu_debian.yml + + # setup MariaDB + - include: includes/setup_mariadb.yml + + - debug: + var: run_travis + + # setup frappe-bench + - include: includes/setup_bench.yml + when: not run_travis + + # setup development environment + - include: includes/setup_dev_env.yml + when: not production and not run_travis diff --git a/playbooks/develop/includes/mariadb_debian.yml b/playbooks/develop/includes/mariadb_debian.yml new file mode 100644 index 00000000..96e480a2 --- /dev/null +++ b/playbooks/develop/includes/mariadb_debian.yml @@ -0,0 +1,27 @@ +--- + + - name: Add apt key for mariadb for Debian <= 8 + apt_key: keyserver=hkp://keyserver.ubuntu.com:80 id=0xcbcb082a1bb943db state=present + become: yes + become_user: root + when: ansible_distribution_major_version | version_compare('8', 'le') + + - name: Add apt repository + apt_repository: + repo: 'deb [arch=amd64,i386] http://nyc2.mirrors.digitalocean.com/mariadb/repo/10.1/debian {{ ansible_distribution_release }} main' + state: present + become: yes + become_user: root + + - name: Unattended package installation + shell: export DEBIAN_FRONTEND=noninteractive + + - name: apt-get install + apt: pkg={{ item }} update_cache=yes state=present + with_items: + - mariadb-server + - mariadb-client + - mariadb-common + - libmariadbclient-dev + become: yes + become_user: root diff --git a/playbooks/develop/includes/setup_mariadb.yml b/playbooks/develop/includes/setup_mariadb.yml old mode 100644 new mode 100755 index 50b21498..38e1213f --- a/playbooks/develop/includes/setup_mariadb.yml +++ b/playbooks/develop/includes/setup_mariadb.yml @@ -4,21 +4,21 @@ become: yes become_user: root - - name: Set root Password for Ubuntu + - name: Set root Password mysql_user: name: root host: localhost password: '{{ mysql_root_password }}' state: present + with_items: + - localhost + - 127.0.0.1 + - ::1 become: yes become_user: root - when: ansible_distribution == 'Ubuntu' - - - name: Set root Password - command: mysqladmin -u root password {{ mysql_root_password }} - become: yes - become_user: root - when: mysql_root_password is defined and ansible_distribution != 'Ubuntu' + # when you have already defined mysql root password + ignore_errors: yes + when: mysql_root_password is defined - name: Add configuration template: src={{ mysql_config_template }} dest={{ mysql_conf_dir }}/frappe.cnf owner=root mode=0644 diff --git a/playbooks/develop/install.yml b/playbooks/develop/install.yml index 5c78c508..be793add 100644 --- a/playbooks/develop/install.yml +++ b/playbooks/develop/install.yml @@ -9,3 +9,6 @@ - include: centos.yml when: ansible_distribution == 'CentOS' + +- include: debian.yml + when: ansible_distribution == 'Debian' \ No newline at end of file diff --git a/playbooks/develop/ubuntu.yml b/playbooks/develop/ubuntu.yml index 6fa0b8d2..4379d1e4 100644 --- a/playbooks/develop/ubuntu.yml +++ b/playbooks/develop/ubuntu.yml @@ -53,7 +53,7 @@ - libtiff5-dev - tcl8.6-dev - tk8.6-dev - when: ansible_distribution_version >= 14.04 + when: ansible_distribution_version | version_compare('14.04', 'ge') become: yes become_user: root diff --git a/playbooks/production/includes/setup_prod_env.yml b/playbooks/production/includes/setup_prod_env.yml index 3f2d454b..4cc5b20c 100644 --- a/playbooks/production/includes/setup_prod_env.yml +++ b/playbooks/production/includes/setup_prod_env.yml @@ -3,6 +3,22 @@ tasks: + - name: Add nginx apt repository key for Debian < 8 + apt_key: + url: http://nginx.org/keys/nginx_signing.key + state: present + become: yes + become_user: root + when: ansible_distribution == 'Debian' and ansible_distribution_version | version_compare('8', 'lt') + + - name: Add nginx apt repository for Debian < 8 + apt_repository: + repo: 'deb [arch=amd64,i386] http://nginx.org/packages/debian/ {{ ansible_distribution_release }} nginx' + state: present + become: yes + become_user: root + when: ansible_distribution == 'Debian' and ansible_distribution_version | version_compare('8', 'lt') + ##################################### # Ubuntu Production Environment Setup - name: Install production pre-requisites @@ -17,7 +33,7 @@ - git - postfix - supervisor - when: ansible_distribution == 'Ubuntu' + when: ansible_distribution == 'Ubuntu' or ansible_distribution == 'Debian' ##################################### # CentOS Production Environment Setup @@ -88,7 +104,7 @@ enabled: yes become: yes become_user: root - when: ansible_distribution == 'Ubuntu' + when: ansible_distribution == 'Ubuntu' or ansible_distribution == 'Debian' - name: Check whether default supervisor.conf exists service: @@ -106,4 +122,4 @@ enabled: yes become: yes become_user: root - when: ansible_distribution == 'Ubuntu' + when: ansible_distribution == 'Ubuntu' or ansible_distribution == 'Debian' diff --git a/playbooks/production/templates/default_nginx.j2 b/playbooks/production/templates/default_nginx.j2 index f3cf614d..4170888d 100644 --- a/playbooks/production/templates/default_nginx.j2 +++ b/playbooks/production/templates/default_nginx.j2 @@ -2,7 +2,7 @@ # * Official English Documentation: http://nginx.org/en/docs/ # * Official Russian Documentation: http://nginx.org/ru/docs/ -{% if ansible_distribution == 'Ubuntu' %} +{% if ansible_distribution == 'Ubuntu' or ansible_distribution == 'Debian' %} {% set nginx_user = 'www-data'%} {% elif ansible_distribution == 'CentOS' %} {% set nginx_user = 'nginx '%}