commit c9a600cc365993321a5e9fb9db71f5112b65d78c Author: Nicolas Vigier boklm@torproject.org Date: Mon Dec 4 19:52:55 2017 +0100
Bug 23738: add ansible scripts to deploy fpcentral --- tools/ansible/Makefile | 3 +++ tools/ansible/README | 5 +++++ tools/ansible/ansible-fpcentral.cfg | 2 ++ tools/ansible/fpcentral.yml | 4 ++++ tools/ansible/inventory | 3 +++ tools/ansible/roles/fpcentral/defaults/main.yml | 5 +++++ tools/ansible/roles/fpcentral/tasks/main.yml | 18 ++++++++++++++++++ tools/ansible/roles/fpcentral/templates/fpcentral.wsgi | 14 ++++++++++++++ 8 files changed, 54 insertions(+)
diff --git a/tools/ansible/Makefile b/tools/ansible/Makefile index eae73b5..608f932 100644 --- a/tools/ansible/Makefile +++ b/tools/ansible/Makefile @@ -1,2 +1,5 @@ ansible-tbb-build: ansible-playbook -i inventory tbb-build.yml + +fpcentral: + ANSIBLE_CONFIG='$(@D)/ansible-fpcentral.cfg' ansible-playbook -i inventory --ask-become-pass fpcentral.yml diff --git a/tools/ansible/README b/tools/ansible/README index f631b08..6b2e6a4 100644 --- a/tools/ansible/README +++ b/tools/ansible/README @@ -11,3 +11,8 @@ ansible-tbb-build: Deploy changes to the machine used by Tor Browser team members to do some Tor Browser builds.
+fpcentral: + Deploy fpcentral to forrestii.torproject.org. To be able to run this + you need to be in the fpcentral tpo ldap group. Your ldap password will + be asked, to sudo to the fpcentral user. + diff --git a/tools/ansible/ansible-fpcentral.cfg b/tools/ansible/ansible-fpcentral.cfg new file mode 100644 index 0000000..2ee3fb4 --- /dev/null +++ b/tools/ansible/ansible-fpcentral.cfg @@ -0,0 +1,2 @@ +[defaults] +allow_world_readable_tmpfiles=True diff --git a/tools/ansible/fpcentral.yml b/tools/ansible/fpcentral.yml new file mode 100644 index 0000000..80421a3 --- /dev/null +++ b/tools/ansible/fpcentral.yml @@ -0,0 +1,4 @@ +--- +- hosts: fpcentral + roles: + - role: fpcentral diff --git a/tools/ansible/inventory b/tools/ansible/inventory index e2597a0..32a5805 100644 --- a/tools/ansible/inventory +++ b/tools/ansible/inventory @@ -1,5 +1,8 @@ build-sunet-a ansible_ssh_user=root ansible_ssh_host=build-sunet-a.torproject.net +fpcentral ansible_become=True ansible_become_method=sudo ansible_become_user=fpcentral ansible_ssh_host=forrestii.torproject.org allow_world_readable_tmpfiles=True
[tbb-build] build-sunet-a
+[fpcentral] +fpcentral diff --git a/tools/ansible/roles/fpcentral/defaults/main.yml b/tools/ansible/roles/fpcentral/defaults/main.yml new file mode 100644 index 0000000..e43b348 --- /dev/null +++ b/tools/ansible/roles/fpcentral/defaults/main.yml @@ -0,0 +1,5 @@ +--- +fpcentral_git_url: https://git.torproject.org/fpcentral.git +fpcentral_git_commit: fc8fc9113e5ee2f84ce30f0b8051772dd9d75447 +fpcentral_rootdir: /srv/fpcentral.tbb.torproject.org +fpcentral_virtualenv: "{{ fpcentral_rootdir }}/fpcentral-virtualenv" diff --git a/tools/ansible/roles/fpcentral/tasks/main.yml b/tools/ansible/roles/fpcentral/tasks/main.yml new file mode 100644 index 0000000..e5a4d2e --- /dev/null +++ b/tools/ansible/roles/fpcentral/tasks/main.yml @@ -0,0 +1,18 @@ +--- +- name: clone fpcentral git repo + git: repo={{ fpcentral_git_url }} dest={{ fpcentral_rootdir }}/fpcentral + version={{ fpcentral_git_commit }} + +- name: create python3 virtual env + command: "python3 -mvirtualenv -p python3 {{ fpcentral_virtualenv }}" + args: + creates: "{{ fpcentral_virtualenv }}" + +- name: install required python modules + command: "{{ fpcentral_virtualenv }}/bin/pip3 install -r {{ fpcentral_rootdir }}/fpcentral/requirements.txt" + +- template: + src: fpcentral.wsgi + dest: "{{ fpcentral_rootdir }}/fpcentral/fpcentral.wsgi" + mode: 0755 + diff --git a/tools/ansible/roles/fpcentral/templates/fpcentral.wsgi b/tools/ansible/roles/fpcentral/templates/fpcentral.wsgi new file mode 100644 index 0000000..d4d7575 --- /dev/null +++ b/tools/ansible/roles/fpcentral/templates/fpcentral.wsgi @@ -0,0 +1,14 @@ +activate_this = '{{ fpcentral_virtualenv }}/bin/activate_this.py' +with open(activate_this) as file_: + exec(file_.read(), dict(__file__=activate_this)) + +import sys +sys.path.insert(0, '{{ fpcentral_rootdir }}/fpcentral') +import os +os.chdir('{{ fpcentral_rootdir }}/fpcentral') +from run import app as application + +# we include the fpcentral commit as a comment, to make sure the +# fpcentral.wsgi file is modified when the commit is updated, causing +# the process to be restarted: +# {{ fpcentral_git_commit }}
tor-commits@lists.torproject.org