diff --git a/pyffservers.yml b/pyffservers.yml new file mode 100644 index 00000000..9a4ec290 --- /dev/null +++ b/pyffservers.yml @@ -0,0 +1,8 @@ +# file: pyffservers.yml +# +--- + +- hosts: pyff + roles: + - { role: git, tags: git } + - { role: pyff, tags: pyff } \ No newline at end of file diff --git a/roles/pyff/defaults/main.yml b/roles/pyff/defaults/main.yml index 84f18f7f..d9e90030 100644 --- a/roles/pyff/defaults/main.yml +++ b/roles/pyff/defaults/main.yml @@ -7,9 +7,13 @@ pyff_public_port: 8080 pyff_pipeline: 127.0.0.1 pyff_working_directory: pyff-service pyff_virtual_environment: "{{ pyff_working_directory }}/.venv" +pyff_update_frequency: 300 # OS pyff_version: 2.0.0 # SSL Key used to sign the metadata # pyff_ssl_cert: -# pyff_ssl_cert_key: \ No newline at end of file +# pyff_ssl_cert_key: + +metadata_urls: + - http://mds.edugain.org \ No newline at end of file diff --git a/roles/pyff/tasks/configure.yml b/roles/pyff/tasks/configure.yml index 36ea981b..4b6ef41e 100644 --- a/roles/pyff/tasks/configure.yml +++ b/roles/pyff/tasks/configure.yml @@ -16,7 +16,7 @@ mode: "0600" become: yes tags: - - configure + - certificates - name: Ensure files are copied copy: @@ -29,10 +29,36 @@ with_items: - debug.ini - warn.ini + become: yes + tags: + - files:copy + +- name: Deploy pipeline.yml template + template: + owner: "{{ pyff_default_user }}" + group: "{{ pyff_default_group }}" + mode: 0644 + src: "templates/{{ item }}.j2" + dest: "{{ pyff_working_directory }}/{{ item }}" + backup: yes + with_items: - pipeline.yml become: yes tags: - - configure + - files:templates + +- name: Ensure publish directory has a symbolik link under /var/www/html + file: + src: "{{ pyff_working_directory }}/publish" + dest: "/var/www/html/publish" + force: yes + state: link + owner: root + group: root + follow: false + become: yes + tags: + - metadata:publish - name: "Task block: Setup pyff as a service" block: @@ -43,15 +69,13 @@ mode: 0644 src: templates/pyff.service.j2 dest: /etc/systemd/system/pyff.service - become: yes + backup: yes + - name: Enable and start pyff.service + systemd: + name: pyff + state: started + enabled: yes + daemon_reload: yes + become: yes tags: - pyff_service - # TODO trigger systemctl daemon-reload when changed - -- name: Enable and start pyff.service - systemd: - name: pyff - state: started - enabled: yes - daemon_reload: yes - become: yes \ No newline at end of file diff --git a/roles/pyff/tasks/install-Debian.yml b/roles/pyff/tasks/install-Debian.yml index 58020be9..0097784d 100644 --- a/roles/pyff/tasks/install-Debian.yml +++ b/roles/pyff/tasks/install-Debian.yml @@ -23,7 +23,6 @@ mode: "0750" become: yes -# todo: Check if i can merge the following two in one task - name: Upgrade pip3 pip: name: pip diff --git a/roles/pyff/files/pipeline.yml b/roles/pyff/templates/pipeline.yml.j2 similarity index 79% rename from roles/pyff/files/pipeline.yml rename to roles/pyff/templates/pipeline.yml.j2 index f5ac3ef9..e4072d4b 100644 --- a/roles/pyff/files/pipeline.yml +++ b/roles/pyff/templates/pipeline.yml.j2 @@ -1,11 +1,13 @@ - when update: - load: - - http://mds.edugain.org +{% for url in metadata_urls %} + - {{ url }} +{% endfor %} - select - store: - directory: /tmp/edugain + directory: "{{ pyff_working_directory }}/store" - publish: - output: "/var/www/html/edugain.xml" + output: "{{ pyff_working_directory }}/publish/metadata.xml" update_store: true hash_link: true urlencode_filenames: true diff --git a/roles/pyff/templates/pyff.service.j2 b/roles/pyff/templates/pyff.service.j2 index 9da41134..a8add73c 100644 --- a/roles/pyff/templates/pyff.service.j2 +++ b/roles/pyff/templates/pyff.service.j2 @@ -4,7 +4,7 @@ After=network.target [Service] Environment=PYFF_PIPELINE={{ pyff_working_directory }}/pipeline.yml -Environment=PYFF_UPDATE_FREQUENCY=300 +Environment=PYFF_UPDATE_FREQUENCY={{ pyff_update_frequency }} Environment=PYFF_PUBLIC_URL=http://{{ pyff_public_url }}:{{ pyff_public_port }} Type=notify # the specific user that our service will run as @@ -15,6 +15,7 @@ WorkingDirectory={{ pyff_working_directory }} ExecStart={{ pyff_virtual_environment }}/bin/gunicorn \ --log-config debug.ini \ --workers=1 \ + --reload \ --preload \ --bind {{ pyff_bind_url }}:{{ pyff_bind_port }} \ --threads 4 \