From cea2a3eea85ab544764caf6389a3ae18d0b79231 Mon Sep 17 00:00:00 2001 From: Naga Ravi Chaitanya Elluri Date: Fri, 17 Feb 2017 14:43:58 -0500 Subject: [PATCH] add apache+mod_wsgi support to ara Change-Id: Icb0ffa8b0a63ae33eda2c4fd76289b1c58858c39 --- README.md | 4 +- defaults/main.yml | 7 +- files/ansible.cfg | 7 ++ tasks/main.yml | 164 ++++++++++++++++++++++++++++-------------- templates/ara.conf.j2 | 18 +++++ vars/Debian.yml | 18 +++++ vars/RedHat.yml | 19 +++++ 7 files changed, 180 insertions(+), 57 deletions(-) create mode 100644 files/ansible.cfg create mode 100644 templates/ara.conf.j2 create mode 100644 vars/Debian.yml create mode 100644 vars/RedHat.yml diff --git a/README.md b/README.md index 1bf1bec..21b0490 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,10 @@ Ansible Role: ara ========= -Ansible role to install, configure ara on RHEL, Fedora, Centos and Ubuntu. +Ansible role to install, configure ara on RHEL, Fedora, Centos, Debian and Ubuntu systemd is configured to start ara on boot, failures -By default, it runs on localhost:9191 +By default embedded server is used to host ara on localhost, if you prefer mod_wsgi then you can set the mod_wsgi variable in defaults/main.yml Example Playbook ---------------- diff --git a/defaults/main.yml b/defaults/main.yml index 4757adf..b2049aa 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -2,4 +2,9 @@ ara_host: localhost ara_port: 9191 -config_path: ~/ansible.cfg +default_embedded_config_path: ~/ansible.cfg +default_wsgi_config_path: /var/www/ara/ansible.cfg +# set config_path +#config_path: +mod_wsgi: false +embedded_server: true diff --git a/files/ansible.cfg b/files/ansible.cfg new file mode 100644 index 0000000..30331d9 --- /dev/null +++ b/files/ansible.cfg @@ -0,0 +1,7 @@ +[defaults] +# This directory is required to store temporary files for Ansible and ARA +local_tmp = /var/www/ara/.ansible/tmp + +[ara] +# This will default the database and logs location to be inside that directory. +dir = /var/www/ara/.ara diff --git a/tasks/main.yml b/tasks/main.yml index d9d4449..4d4d703 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,56 +1,112 @@ --- -- name: Install dependencies via dnf - dnf: name={{ item }} state=latest - with_items: - - python-pip - - gcc - - ansible - - python-devel - - libffi-devel - - openssl-devel - - redhat-rpm-config - - python-setuptools - - tree - - libselinux-python - when: ansible_pkg_mgr == 'dnf' -- name: Install dependencies via yum - yum: name={{ item }} state=latest - with_items: - - gcc - - python-devel - - libffi-devel - - openssl-devel - - redhat-rpm-config - when: ansible_distribution == "CentOS" or ansible_distribution == "redhat" -- name: Install dependencies via apt - apt: name={{ item }} state=latest - with_items: - - gcc - - python-dev - - libffi-dev - - libssl-dev - - python-pip - - tree - when: ansible_pkg_mgr == 'apt' -- name: Install pip - easy_install: name=pip state=latest +- name: include OS family/distribution specific variables + include_vars: "{{ item }}" + with_first_found: + - "{{ ansible_distribution }}.yml" + - "{{ ansible_os_family }}.yml" + +- name: install required dependencies + package: + name: "{{ item }}" + state: "present" + with_items: "{{ required_packages }}" + +- name: install pip + easy_install: + name: pip + state: present when: ansible_pkg_mgr == 'yum' -- name: Install ara - pip: name={{ item }} - with_items: - - ara - - tox -- name: Enable ara plugin - lineinfile: dest={{ config_path }} - line={{ item.line }} - insertafter={{ item.insertafter }} - with_items: - - { line: "callback_plugins = /usr/lib/python2.7/site-packages/ara/callback:$VIRTUAL_ENV/lib/python2.7/site-packages/ara/callback:/usr/local/lib/python2.7/dist-packages/ara/callback", insertafter: "^#? some" } -- name: copy systemd service template - template: src=/etc/ansible/roles/chaitanyaenr.ara/templates/ara-service.conf.j2 dest=/etc/systemd/system/ara.service owner=root group=root mode=0644 -- name: daemon reload - shell: systemctl daemon-reload -- name: Enable service - service: name=ara enabled=yes -- name: start service - service: name=ara state=started + +- name: install ara + pip: + name: ara + +- name: set ara_config_path when using mod_wsgi + set_fact: + ara_config_path: "{{ config_path | default(default_wsgi_config_path) }}" + when: mod_wsgi | bool + +- name: set ara_config_path when using embedded_server + set_fact: + ara_config_path: "{{ config_path | default(default_embedded_config_path) }}" + when: embedded_server | bool + +- name: check if ara_config_path exists + stat: path="{{ ara_config_path }}" + register: file_status + +- name: create config file if it doesn't exist + copy: + src: files/ansible.cfg + dest: "{{ ara_config_path }}" + +- name: get ara install location + shell: python -c "import os,ara; print(os.path.dirname(ara.__file__))" + register: ara_location + +- name: enable ara callback plugin + ini_file: + dest: "{{ ara_config_path }}" + section: defaults + option: callback_plugins + value: "{{ ara_location.stdout }}/plugins/callbacks" + +- block: + - name: create directory for ansible and ara + file: + path: /var/www/ara + owner: apache + group: apache + state: directory + recurse: yes + + - name: copy ARA’s WSGI script to the web directory + shell: cp -p $(which ara-wsgi) /var/www/ara/ + + - name: get status of selinux + shell: getenforce + register: selinux_status + + - name: set selinux boolean to allow apache to manage the files + seboolean: + name: httpd_unified + state: yes + when: selinux_status.stdout == "Enforcing" and ansible_os_family == "RedHat" + + - name: apache configuration + template: + src: templates/ara.conf.j2 + dest: "{{ apache_config_path }}/ara.conf" + owner: root + group: root + mode: 0644 + + - name: ensure the configuration is enabled + shell: a2ensite ara + when: ansible_os_family == "Ubuntu" + + - name: Restart apache + service: + name: "{{ apache_service }}" + state: "restarted" + enabled: yes + when: mod_wsgi | bool + +- block: + - name: copy systemd service template + template: + src: templates/ara-service.conf.j2 + dest: /etc/systemd/system/ara.service + owner: root + group: root + mode: 0644 + + - name: daemon reload + shell: systemctl daemon-reload + + - name: start and enable service + service: + name: ara + state: started + enabled: yes + when: embedded_server | bool diff --git a/templates/ara.conf.j2 b/templates/ara.conf.j2 new file mode 100644 index 0000000..61f22c8 --- /dev/null +++ b/templates/ara.conf.j2 @@ -0,0 +1,18 @@ + + ServerName {{ ara_host }} + + ErrorLog {{ apache_log_path }}/ara-error.log + LogLevel warn + CustomLog {{ apache_log_path }}/ara-access.log combined + + WSGIDaemonProcess ara user={{ apache_user }} group={{ apache_group }} processes=1 threads=4 + WSGIScriptAlias / /var/www/ara/ara-wsgi + + SetEnv ANSIBLE_CONFIG {{ ara_config_path }} + + + WSGIProcessGroup ara + WSGIApplicationGroup %{GLOBAL} + Require all granted + + diff --git a/vars/Debian.yml b/vars/Debian.yml new file mode 100644 index 0000000..148ba49 --- /dev/null +++ b/vars/Debian.yml @@ -0,0 +1,18 @@ +--- +required_packages: + - gcc + - python-dev + - libffi-dev + - libssl-dev + - python-setuptools + - libxml2-devel + - libxslt-devel + - libselinux-python +required_wsgi_packages: + - apache2 + - libapache2-mod-wsgi +apache_service: apache2 +apache_user: www-data +apache_group: www-data +apache_log_path: /var/log/apache2 +apache_config_path: /etc/apache/sites-available diff --git a/vars/RedHat.yml b/vars/RedHat.yml new file mode 100644 index 0000000..17db240 --- /dev/null +++ b/vars/RedHat.yml @@ -0,0 +1,19 @@ +--- +required_packages: + - gcc + - python-devel + - python-setuptools + - libffi-devel + - openssl-devel + - redhat-rpm-config + - libxml2-devel + - libxslt-devel + - libselinux-python +required_wsgi_packages: + - httpd + - mod_wsgi +apache_service: httpd +apache_user: apache +apache_group: apache +apache_log_path: /var/log/httpd +apache_config_path: /etc/httpd/conf.d