[tbb-commits] [tor-browser-build/master] Bug 23738: add ansible scripts to deploy fpcentral
gk at torproject.org
gk at torproject.org
Mon Jan 29 07:38:32 UTC 2018
commit c9a600cc365993321a5e9fb9db71f5112b65d78c
Author: Nicolas Vigier <boklm at torproject.org>
Date: Mon Dec 4 19:52:55 2017 +0100
Bug 23738: add ansible scripts to deploy fpcentral
---
tools/ansible/Makefile | 3 +++
tools/ansible/README | 5 +++++
tools/ansible/ansible-fpcentral.cfg | 2 ++
tools/ansible/fpcentral.yml | 4 ++++
tools/ansible/inventory | 3 +++
tools/ansible/roles/fpcentral/defaults/main.yml | 5 +++++
tools/ansible/roles/fpcentral/tasks/main.yml | 18 ++++++++++++++++++
tools/ansible/roles/fpcentral/templates/fpcentral.wsgi | 14 ++++++++++++++
8 files changed, 54 insertions(+)
diff --git a/tools/ansible/Makefile b/tools/ansible/Makefile
index eae73b5..608f932 100644
--- a/tools/ansible/Makefile
+++ b/tools/ansible/Makefile
@@ -1,2 +1,5 @@
ansible-tbb-build:
ansible-playbook -i inventory tbb-build.yml
+
+fpcentral:
+ ANSIBLE_CONFIG='$(@D)/ansible-fpcentral.cfg' ansible-playbook -i inventory --ask-become-pass fpcentral.yml
diff --git a/tools/ansible/README b/tools/ansible/README
index f631b08..6b2e6a4 100644
--- a/tools/ansible/README
+++ b/tools/ansible/README
@@ -11,3 +11,8 @@ ansible-tbb-build:
Deploy changes to the machine used by Tor Browser team members to do
some Tor Browser builds.
+fpcentral:
+ Deploy fpcentral to forrestii.torproject.org. To be able to run this
+ you need to be in the fpcentral tpo ldap group. Your ldap password will
+ be asked, to sudo to the fpcentral user.
+
diff --git a/tools/ansible/ansible-fpcentral.cfg b/tools/ansible/ansible-fpcentral.cfg
new file mode 100644
index 0000000..2ee3fb4
--- /dev/null
+++ b/tools/ansible/ansible-fpcentral.cfg
@@ -0,0 +1,2 @@
+[defaults]
+allow_world_readable_tmpfiles=True
diff --git a/tools/ansible/fpcentral.yml b/tools/ansible/fpcentral.yml
new file mode 100644
index 0000000..80421a3
--- /dev/null
+++ b/tools/ansible/fpcentral.yml
@@ -0,0 +1,4 @@
+---
+- hosts: fpcentral
+ roles:
+ - role: fpcentral
diff --git a/tools/ansible/inventory b/tools/ansible/inventory
index e2597a0..32a5805 100644
--- a/tools/ansible/inventory
+++ b/tools/ansible/inventory
@@ -1,5 +1,8 @@
build-sunet-a ansible_ssh_user=root ansible_ssh_host=build-sunet-a.torproject.net
+fpcentral ansible_become=True ansible_become_method=sudo ansible_become_user=fpcentral ansible_ssh_host=forrestii.torproject.org allow_world_readable_tmpfiles=True
[tbb-build]
build-sunet-a
+[fpcentral]
+fpcentral
diff --git a/tools/ansible/roles/fpcentral/defaults/main.yml b/tools/ansible/roles/fpcentral/defaults/main.yml
new file mode 100644
index 0000000..e43b348
--- /dev/null
+++ b/tools/ansible/roles/fpcentral/defaults/main.yml
@@ -0,0 +1,5 @@
+---
+fpcentral_git_url: https://git.torproject.org/fpcentral.git
+fpcentral_git_commit: fc8fc9113e5ee2f84ce30f0b8051772dd9d75447
+fpcentral_rootdir: /srv/fpcentral.tbb.torproject.org
+fpcentral_virtualenv: "{{ fpcentral_rootdir }}/fpcentral-virtualenv"
diff --git a/tools/ansible/roles/fpcentral/tasks/main.yml b/tools/ansible/roles/fpcentral/tasks/main.yml
new file mode 100644
index 0000000..e5a4d2e
--- /dev/null
+++ b/tools/ansible/roles/fpcentral/tasks/main.yml
@@ -0,0 +1,18 @@
+---
+- name: clone fpcentral git repo
+ git: repo={{ fpcentral_git_url }} dest={{ fpcentral_rootdir }}/fpcentral
+ version={{ fpcentral_git_commit }}
+
+- name: create python3 virtual env
+ command: "python3 -mvirtualenv -p python3 {{ fpcentral_virtualenv }}"
+ args:
+ creates: "{{ fpcentral_virtualenv }}"
+
+- name: install required python modules
+ command: "{{ fpcentral_virtualenv }}/bin/pip3 install -r {{ fpcentral_rootdir }}/fpcentral/requirements.txt"
+
+- template:
+ src: fpcentral.wsgi
+ dest: "{{ fpcentral_rootdir }}/fpcentral/fpcentral.wsgi"
+ mode: 0755
+
diff --git a/tools/ansible/roles/fpcentral/templates/fpcentral.wsgi b/tools/ansible/roles/fpcentral/templates/fpcentral.wsgi
new file mode 100644
index 0000000..d4d7575
--- /dev/null
+++ b/tools/ansible/roles/fpcentral/templates/fpcentral.wsgi
@@ -0,0 +1,14 @@
+activate_this = '{{ fpcentral_virtualenv }}/bin/activate_this.py'
+with open(activate_this) as file_:
+ exec(file_.read(), dict(__file__=activate_this))
+
+import sys
+sys.path.insert(0, '{{ fpcentral_rootdir }}/fpcentral')
+import os
+os.chdir('{{ fpcentral_rootdir }}/fpcentral')
+from run import app as application
+
+# we include the fpcentral commit as a comment, to make sure the
+# fpcentral.wsgi file is modified when the commit is updated, causing
+# the process to be restarted:
+# {{ fpcentral_git_commit }}
More information about the tbb-commits
mailing list