From: Ismaƫl Bouya Date: Sat, 23 Mar 2019 02:42:59 +0000 (+0100) Subject: Move app to caldance X-Git-Url: https://git.immae.eu/?p=perso%2FImmae%2FProjets%2FPuppet.git;a=commitdiff_plain;h=d3948290aadf6050d4ad89b4fb1be99c7451f0c8 Move app to caldance --- diff --git a/modules/role/manifests/caldance.pp b/modules/role/manifests/caldance.pp index 1cda69c..df8b56f 100644 --- a/modules/role/manifests/caldance.pp +++ b/modules/role/manifests/caldance.pp @@ -26,6 +26,34 @@ class role::caldance ( ensure_packages(["python-pip", "python-virtualenv", "python-django"]) $caldance_app = "${home}/app" + $pg_password = generate_password(24, $password_seed, "postgres_caldance") + $secret_key = generate_password(24, $password_seed, "secret_key_caldance") + + $environment = { + "DB_NAME" => $pg_db, + "DB_USER" => $pg_user, + "DB_PASSWORD" => $pg_password, + "DB_HOST" => $pg_hostname, + "DB_PORT" => $pg_port, + "SECRET_KEY" => $secret_key, + "DEBUG" => "False", + "LOG_FILE" => "$home/caldev_django.log", + "FROM_EMAIL" => $mail_from, + "EMAIL_HOST" => $smtp_host, + "EMAIL_PORT" => $smtp_port, + } + $shell_env = $environment.map |$key, $value| { "$key=$value" } + $apache_env = $environment.map |$key, $value| { "CALDANCE_$key $value" } + + file { $home: + mode => "0755", + } + file { "${home}/caldev_django.log": + mode => "0664", + owner => $user, + group => "http", + content => "", + } file { $caldance_app: ensure => "directory", @@ -58,46 +86,33 @@ class role::caldance ( exec { "py-requirements": cwd => $caldance_app, user => $user, - environment => ["HOME=${home}"], - command => "${home}/virtualenv/bin/pip install -r requirements.txt", + environment => concat(["HOME=${home}"], $shell_env), + command => "/usr/bin/sed -i -e '/GDAL/d' requirements.txt && ${home}/virtualenv/bin/pip install -r requirements.txt", require => User["$user:"], refreshonly => true, } ~> exec { "py-migrate": cwd => $caldance_app, user => $user, - environment => ["HOME=${home}"], + environment => concat(["HOME=${home}"], $shell_env), command => "$caldance_app/manage.py migrate", - require => [User["$user:"], File["$caldance_app/manage.py"], File["$caldance_app/main_app/local_settings.py"]], + require => [User["$user:"], File["$caldance_app/manage.py"]], refreshonly => true, } ~> exec { "py-static": cwd => $caldance_app, user => $user, - environment => ["HOME=${home}"], + environment => concat(["HOME=${home}"], $shell_env), command => "$caldance_app/manage.py collectstatic --no-input", - require => [User["$user:"], File["$caldance_app/manage.py"], File["$caldance_app/main_app/local_settings.py"]], + require => [User["$user:"], File["$caldance_app/manage.py"]], refreshonly => true, } ~> exec { "reload httpd": command => "/usr/bin/systemctl reload httpd", - require => [User["$user:"], File["$caldance_app/manage.py"], File["$caldance_app/main_app/local_settings.py"]], + require => [User["$user:"], File["$caldance_app/manage.py"]], refreshonly => true, } - $pg_password = generate_password(24, $password_seed, "postgres_caldance") - $secret_key = generate_password(24, $password_seed, "secret_key_caldance") - file { "$caldance_app/main_app/local_settings.py": - owner => $user, - group => $group, - mode => "0644", - content => template("role/caldance/local_settings.py.erb"), - require => [ - User["$user:"], - Archive[ "${home}/caldance_${caldance_version}.tar.gz"], - ], - } - $python_path = "${home}/virtualenv/bin/python" file { "$caldance_app/manage.py": owner => $user, @@ -140,8 +155,8 @@ class role::caldance ( ensure_packages(["mod_wsgi"]) class { 'apache::mod::wsgi': - wsgi_python_home => "$web_home/caldev_virtualenv", - wsgi_python_path => "$web_home/caldev/www.cal-dance.com/", + wsgi_python_home => "${home}/virtualenv", + wsgi_python_path => $caldance_app, require => Package["mod_wsgi"], } class { 'apache::mod::authn_file': } @@ -160,11 +175,11 @@ class role::caldance ( require => Letsencrypt::Certonly[$web_host], directories => [ { - path => "$web_home/caldev/www.cal-dance.com/main_app", + path => "$caldance_app/main_app", require => "all granted", }, { - path => "$web_home/caldev/www.cal-dance.com/www/static", + path => "$caldance_app/www/static", require => "all granted", }, { @@ -179,10 +194,11 @@ class role::caldance ( aliases => [ { alias => "/static/", - path => "$web_home/caldev/www.cal-dance.com/www/static/", + path => "$caldance_app/www/static/", }, ], - wsgi_script_aliases => { "/" => "$web_home/caldev/www.cal-dance.com/main_app/wsgi.py" }; + setenv => $apache_env, + wsgi_script_aliases => { "/" => "$caldance_app/main_app/wsgi.py" }; default: * => $::profile::apache::apache_vhost_default; } } diff --git a/modules/role/templates/caldance/local_settings.py.erb b/modules/role/templates/caldance/local_settings.py.erb deleted file mode 100644 index 4da53f6..0000000 --- a/modules/role/templates/caldance/local_settings.py.erb +++ /dev/null @@ -1,25 +0,0 @@ -import os -DATABASES = { - 'default': { - 'ENGINE': 'django.contrib.gis.db.backends.postgis', - 'NAME': '<%= @pg_db %>', - 'USER': '<%= @pg_user %>', - 'PASSWORD': u'<%= @pg_password %>', - 'HOST': '<%= @pg_hostname %>', - 'PORT': '<%= @pg_port %>', - } -} - -# SECURITY WARNING: keep the secret key used in production secret! -SECRET_KEY = os.environ.get('SECRET_KEY', '<%= @secret_key %>') -DEBUG = False -SECURE_HSTS_PRELOAD = True # moved from local settings as local runserver don't do SSL -SECURE_HSTS_SECONDS = 1 -SECURE_SSL_REDIRECT = True -LOG_FILE = '<%= @home %>/caldev_django.log' - -DEFAULT_FROM_EMAIL = '<%= @mail_from %>' -EMAIL_USE_SSL = True -EMAIL_HOST = "<%= @smtp_host %>" -EMAIL_PORT = <%= @smtp_port %> -