Support remote installs; default to non-root user

author Bill Erickson <berickxx@gmail.com>

Mon, 24 Apr 2017 22:23:43 +0000 (18:23 -0400)

committer Bill Erickson <berickxx@gmail.com>

Mon, 24 Apr 2017 22:23:43 +0000 (18:23 -0400)
author Bill Erickson <berickxx@gmail.com>
Mon, 24 Apr 2017 22:23:43 +0000 (18:23 -0400)
committer Bill Erickson <berickxx@gmail.com>
Mon, 24 Apr 2017 22:23:43 +0000 (18:23 -0400)
diff --git a/evergreen/apache.yml b/evergreen/apache.yml

index bf30aea..97cdf36 100644 (file)
--- a/evergreen/apache.yml
+++ b/evergreen/apache.yml
@@ -5,16 +5,19 @@
  - name: Setup eg.conf
    become: true
    copy:
+    remote_src: true
      src: "{{repo_base}}/Evergreen/Open-ILS/examples/apache_24/eg_24.conf"
      dest: /etc/apache2/sites-available/eg.conf
  - name: Setup eg_vhost.conf
    become: true
    copy:
+    remote_src: true
      src: "{{repo_base}}/Evergreen/Open-ILS/examples/apache_24/eg_vhost_24.conf"
      dest: /etc/apache2/eg_vhost.conf 
  - name: Setup eg_startup
    become: true
    copy:
+    remote_src: true
      src: "{{repo_base}}/Evergreen/Open-ILS/examples/apache/eg_startup"
      dest: /etc/apache2/              
  - name: Create SSL Certs directory
@@ -38,22 +41,21 @@
  - name: Enable apache mod headers
    become: true
    shell: /usr/sbin/a2enmod headers
-  become: true
  - name: Enable apache mod expires
-  shell: /usr/sbin/a2enmod expires
    become: true
+  shell: /usr/sbin/a2enmod expires
  - name: Enable apache mod rewrite
-  shell: /usr/sbin/a2enmod rewrite
    become: true
+  shell: /usr/sbin/a2enmod rewrite
  - name: Disable default site for apache
-  shell: /usr/sbin/a2dissite 000-default
    become: true
+  shell: /usr/sbin/a2dissite 000-default
  - name: Enable eg.conf site for apache
-  shell: /usr/sbin/a2ensite eg.conf
    become: true
+  shell: /usr/sbin/a2ensite eg.conf
  - name: Change ownership of /var/lock/apache2 to opensrf
-  file: path=/var/lock/apache2 owner=opensrf group=opensrf
    become: true
+  file: path=/var/lock/apache2 owner=opensrf group=opensrf
  - name: Change run-user for apache to opensrf
    become: true
    replace: 
diff --git a/evergreen/database.yml b/evergreen/database.yml

index 1ea83ce..fb231a4 100644 (file)
--- a/evergreen/database.yml
+++ b/evergreen/database.yml
@@ -42,6 +42,10 @@
      password: "{{database_password}}" 
      role_attr_flags: SUPERUSER
  - name: Apply EG DB Schema
+  # eg_db_config modifies {{eg_install_path}}/conf/ files in 
+  # addition to building the schema
+  become: true
+  become_user: opensrf
    shell: >
      perl {{repo_base}}/Evergreen/Open-ILS/src/support-scripts/eg_db_config 
      {{load_sample_data}} 
diff --git a/evergreen/eg-build.yml b/evergreen/eg-build.yml

index 4f4491e..33b48fd 100644 (file)
--- a/evergreen/eg-build.yml
+++ b/evergreen/eg-build.yml
@@ -14,8 +14,6 @@
    become: true
    file: dest={{repo_base}} owner={{deploy_user}} group={{deploy_user}} recurse=yes
  - name: Build Evergreen
-  become: true
-  become_user: opensrf
    environment:
      PATH: "{{ansible_env.PATH}}:{{eg_install_path}}/bin"
    shell: >
@@ -23,6 +21,3 @@
      && autoreconf -i 
      && ./configure --prefix={{eg_install_path}} --sysconfdir={{eg_install_path}}/conf 
      && make
-- name: Set ownership of {{eg_install_path}} to opensrf
-  become: true
-  file: dest={{eg_install_path}} owner=opensrf group=opensrf recurse=yes
diff --git a/evergreen/eg-install.yml b/evergreen/eg-install.yml

index 4ec3ae1..093ad5e 100644 (file)
--- a/evergreen/eg-install.yml
+++ b/evergreen/eg-install.yml
@@ -7,29 +7,27 @@
      && make STAFF_CLIENT_STAMP_ID={{eg_stamp_id}} install
  - name: Create XUL Current Symlink
    become: true
-  become_user: opensrf
    file:
      state: link
      src: "{{eg_install_path}}/var/web/xul/{{eg_stamp_id}}"
      dest: "{{eg_install_path}}/var/web/xul/current"
  - name: Create XUL Server Symlink
    become: true
-  become_user: opensrf
    file:
      state: link
      src: "{{eg_install_path}}/var/web/xul/current/server"
      dest: "{{eg_install_path}}/var/web/xul/server"
  - name: Setup opensrf.xml config file
    become: true
-  become_user: opensrf
    copy:
+    remote_src: true
      src: "{{eg_install_path}}/conf/opensrf.xml.example"
      dest: "{{eg_install_path}}/conf/opensrf.xml"
      force: no
  - name: Setup opensrf_core.xml config file
    become: true
-  become_user: opensrf
    copy:
+    remote_src: true
      src: "{{eg_install_path}}/conf/opensrf_core.xml.example"
      dest: "{{eg_install_path}}/conf/opensrf_core.xml"
      force: no
@@ -41,15 +39,23 @@
      dest: /tmp/
  - name: Copy dojo source files into place
    become: true
-  become_user: opensrf
-  synchronize: src=/tmp/dojo-release-{{dojo_version}}/ dest={{eg_install_path}}/var/web/js/dojo/
+  # 'synchronize' is much faster than 'copy' for large directories
+  # delegate_to tells synchronize source files live on the remote machine.
+  delegate_to: "{{inventory_hostname}}"
+  synchronize: 
+    src: /tmp/dojo-release-{{dojo_version}}/
+    dest: "{{eg_install_path}}/var/web/js/dojo/"
  - name: Set ownership of {{eg_install_path}} to opensrf
    become: true
    file: dest={{eg_install_path}} owner=opensrf group=opensrf recurse=yes
  - name: Setup .srfsh.xml for opensrf user
    become: true
    become_user: opensrf
-  copy: src={{eg_install_path}}/conf/srfsh.xml.example dest=/home/opensrf/.srfsh.xml force=no
+  copy: 
+    remote_src: true
+    src: "{{eg_install_path}}/conf/srfsh.xml.example"
+    dest: /home/opensrf/.srfsh.xml 
+    force: no
  - name: Copy ldconfig
    become: true
    copy:
diff --git a/evergreen/eg-web.yml b/evergreen/eg-web.yml

index f9017ae..2054f4d 100644 (file)
--- a/evergreen/eg-web.yml
+++ b/evergreen/eg-web.yml
@@ -12,7 +12,6 @@
    npm: name=grunt-cli global=true
  - name: Node Build
    become: true
-  become_user: opensrf
    npm: path={{repo_base}}/Evergreen/Open-ILS/web/js/ui/default/staff
  - name: Grunt Build
    shell: >
diff --git a/extras/nginx.yml b/extras/nginx.yml

index 911ee87..55e4f2d 100644 (file)
--- a/extras/nginx.yml
+++ b/extras/nginx.yml
@@ -33,6 +33,7 @@
  - name: Install NGINX Configs
    become: true
    copy:
+    remote_src: true
      src: "{{repo_base}}/OpenSRF/examples/nginx/osrf-ws-http-proxy"
      dest: /etc/nginx/sites-available/osrf-ws-http-proxy
  - name: Link NGINX Configs
diff --git a/extras/rsyslog.yml b/extras/rsyslog.yml

index 9286a86..a928076 100644 (file)
--- a/extras/rsyslog.yml
+++ b/extras/rsyslog.yml
@@ -2,6 +2,7 @@
    become: true
    when: use_rsyslog
    copy:
+    remote_src: true
      src: "{{repo_base}}/Evergreen/Open-ILS/examples/evergreen-rsyslog.conf"
      dest: /etc/rsyslog.d/evergreen.conf
  - name: Restart Rsyslog
diff --git a/opensrf/websockets.yml b/opensrf/websockets.yml

index fa62dd7..dc9a094 100644 (file)
--- a/opensrf/websockets.yml
+++ b/opensrf/websockets.yml
@@ -24,6 +24,7 @@
    - name: Copy Example Websockets apache2.conf
      become: true
      copy:
+      remote_src: true
        src: "{{repo_base}}/OpenSRF/examples/apache_24/websockets/apache2.conf"
        dest: /etc/apache2-websockets/apache2.conf
    when: websocketsconf.stat.isdir is not defined
diff --git a/playbook.yml b/playbook.yml

index ee72ef3..0bc5fe6 100644 (file)
--- a/playbook.yml
+++ b/playbook.yml
@@ -2,8 +2,6 @@
  # Author: Bill Erickson <berickxx@gmail.com>
  
  - hosts: '{{hosts}}'
-  connection: local
-  # Every command not explicitly run by opensrf/postgres requires root.  
    remote_user: '{{deploy_user}}'
    become_method: sudo
    vars_files:
author	Bill Erickson <berickxx@gmail.com>
	Mon, 24 Apr 2017 22:23:43 +0000 (18:23 -0400)
committer	Bill Erickson <berickxx@gmail.com>
	Mon, 24 Apr 2017 22:23:43 +0000 (18:23 -0400)
evergreen/apache.yml		patch \| blob \| history
evergreen/database.yml		patch \| blob \| history
evergreen/eg-build.yml		patch \| blob \| history
evergreen/eg-install.yml		patch \| blob \| history
evergreen/eg-web.yml		patch \| blob \| history
extras/nginx.yml		patch \| blob \| history
extras/rsyslog.yml		patch \| blob \| history
opensrf/websockets.yml		patch \| blob \| history
playbook.yml		patch \| blob \| history