aboutsummaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/role/manifests/caldance.pp68
-rw-r--r--modules/role/templates/caldance/local_settings.py.erb25
2 files changed, 42 insertions, 51 deletions
diff --git a/modules/role/manifests/caldance.pp b/modules/role/manifests/caldance.pp
index 1cda69c..df8b56f 100644
--- a/modules/role/manifests/caldance.pp
+++ b/modules/role/manifests/caldance.pp
@@ -26,6 +26,34 @@ class role::caldance (
26 ensure_packages(["python-pip", "python-virtualenv", "python-django"]) 26 ensure_packages(["python-pip", "python-virtualenv", "python-django"])
27 27
28 $caldance_app = "${home}/app" 28 $caldance_app = "${home}/app"
29 $pg_password = generate_password(24, $password_seed, "postgres_caldance")
30 $secret_key = generate_password(24, $password_seed, "secret_key_caldance")
31
32 $environment = {
33 "DB_NAME" => $pg_db,
34 "DB_USER" => $pg_user,
35 "DB_PASSWORD" => $pg_password,
36 "DB_HOST" => $pg_hostname,
37 "DB_PORT" => $pg_port,
38 "SECRET_KEY" => $secret_key,
39 "DEBUG" => "False",
40 "LOG_FILE" => "$home/caldev_django.log",
41 "FROM_EMAIL" => $mail_from,
42 "EMAIL_HOST" => $smtp_host,
43 "EMAIL_PORT" => $smtp_port,
44 }
45 $shell_env = $environment.map |$key, $value| { "$key=$value" }
46 $apache_env = $environment.map |$key, $value| { "CALDANCE_$key $value" }
47
48 file { $home:
49 mode => "0755",
50 }
51 file { "${home}/caldev_django.log":
52 mode => "0664",
53 owner => $user,
54 group => "http",
55 content => "",
56 }
29 57
30 file { $caldance_app: 58 file { $caldance_app:
31 ensure => "directory", 59 ensure => "directory",
@@ -58,46 +86,33 @@ class role::caldance (
58 exec { "py-requirements": 86 exec { "py-requirements":
59 cwd => $caldance_app, 87 cwd => $caldance_app,
60 user => $user, 88 user => $user,
61 environment => ["HOME=${home}"], 89 environment => concat(["HOME=${home}"], $shell_env),
62 command => "${home}/virtualenv/bin/pip install -r requirements.txt", 90 command => "/usr/bin/sed -i -e '/GDAL/d' requirements.txt && ${home}/virtualenv/bin/pip install -r requirements.txt",
63 require => User["$user:"], 91 require => User["$user:"],
64 refreshonly => true, 92 refreshonly => true,
65 } ~> 93 } ~>
66 exec { "py-migrate": 94 exec { "py-migrate":
67 cwd => $caldance_app, 95 cwd => $caldance_app,
68 user => $user, 96 user => $user,
69 environment => ["HOME=${home}"], 97 environment => concat(["HOME=${home}"], $shell_env),
70 command => "$caldance_app/manage.py migrate", 98 command => "$caldance_app/manage.py migrate",
71 require => [User["$user:"], File["$caldance_app/manage.py"], File["$caldance_app/main_app/local_settings.py"]], 99 require => [User["$user:"], File["$caldance_app/manage.py"]],
72 refreshonly => true, 100 refreshonly => true,
73 } ~> 101 } ~>
74 exec { "py-static": 102 exec { "py-static":
75 cwd => $caldance_app, 103 cwd => $caldance_app,
76 user => $user, 104 user => $user,
77 environment => ["HOME=${home}"], 105 environment => concat(["HOME=${home}"], $shell_env),
78 command => "$caldance_app/manage.py collectstatic --no-input", 106 command => "$caldance_app/manage.py collectstatic --no-input",
79 require => [User["$user:"], File["$caldance_app/manage.py"], File["$caldance_app/main_app/local_settings.py"]], 107 require => [User["$user:"], File["$caldance_app/manage.py"]],
80 refreshonly => true, 108 refreshonly => true,
81 } ~> 109 } ~>
82 exec { "reload httpd": 110 exec { "reload httpd":
83 command => "/usr/bin/systemctl reload httpd", 111 command => "/usr/bin/systemctl reload httpd",
84 require => [User["$user:"], File["$caldance_app/manage.py"], File["$caldance_app/main_app/local_settings.py"]], 112 require => [User["$user:"], File["$caldance_app/manage.py"]],
85 refreshonly => true, 113 refreshonly => true,
86 } 114 }
87 115
88 $pg_password = generate_password(24, $password_seed, "postgres_caldance")
89 $secret_key = generate_password(24, $password_seed, "secret_key_caldance")
90 file { "$caldance_app/main_app/local_settings.py":
91 owner => $user,
92 group => $group,
93 mode => "0644",
94 content => template("role/caldance/local_settings.py.erb"),
95 require => [
96 User["$user:"],
97 Archive[ "${home}/caldance_${caldance_version}.tar.gz"],
98 ],
99 }
100
101 $python_path = "${home}/virtualenv/bin/python" 116 $python_path = "${home}/virtualenv/bin/python"
102 file { "$caldance_app/manage.py": 117 file { "$caldance_app/manage.py":
103 owner => $user, 118 owner => $user,
@@ -140,8 +155,8 @@ class role::caldance (
140 155
141 ensure_packages(["mod_wsgi"]) 156 ensure_packages(["mod_wsgi"])
142 class { 'apache::mod::wsgi': 157 class { 'apache::mod::wsgi':
143 wsgi_python_home => "$web_home/caldev_virtualenv", 158 wsgi_python_home => "${home}/virtualenv",
144 wsgi_python_path => "$web_home/caldev/www.cal-dance.com/", 159 wsgi_python_path => $caldance_app,
145 require => Package["mod_wsgi"], 160 require => Package["mod_wsgi"],
146 } 161 }
147 class { 'apache::mod::authn_file': } 162 class { 'apache::mod::authn_file': }
@@ -160,11 +175,11 @@ class role::caldance (
160 require => Letsencrypt::Certonly[$web_host], 175 require => Letsencrypt::Certonly[$web_host],
161 directories => [ 176 directories => [
162 { 177 {
163 path => "$web_home/caldev/www.cal-dance.com/main_app", 178 path => "$caldance_app/main_app",
164 require => "all granted", 179 require => "all granted",
165 }, 180 },
166 { 181 {
167 path => "$web_home/caldev/www.cal-dance.com/www/static", 182 path => "$caldance_app/www/static",
168 require => "all granted", 183 require => "all granted",
169 }, 184 },
170 { 185 {
@@ -179,10 +194,11 @@ class role::caldance (
179 aliases => [ 194 aliases => [
180 { 195 {
181 alias => "/static/", 196 alias => "/static/",
182 path => "$web_home/caldev/www.cal-dance.com/www/static/", 197 path => "$caldance_app/www/static/",
183 }, 198 },
184 ], 199 ],
185 wsgi_script_aliases => { "/" => "$web_home/caldev/www.cal-dance.com/main_app/wsgi.py" }; 200 setenv => $apache_env,
201 wsgi_script_aliases => { "/" => "$caldance_app/main_app/wsgi.py" };
186 default: * => $::profile::apache::apache_vhost_default; 202 default: * => $::profile::apache::apache_vhost_default;
187 } 203 }
188} 204}
diff --git a/modules/role/templates/caldance/local_settings.py.erb b/modules/role/templates/caldance/local_settings.py.erb
deleted file mode 100644
index 4da53f6..0000000
--- a/modules/role/templates/caldance/local_settings.py.erb
+++ /dev/null
@@ -1,25 +0,0 @@
1import os
2DATABASES = {
3 'default': {
4 'ENGINE': 'django.contrib.gis.db.backends.postgis',
5 'NAME': '<%= @pg_db %>',
6 'USER': '<%= @pg_user %>',
7 'PASSWORD': u'<%= @pg_password %>',
8 'HOST': '<%= @pg_hostname %>',
9 'PORT': '<%= @pg_port %>',
10 }
11}
12
13# SECURITY WARNING: keep the secret key used in production secret!
14SECRET_KEY = os.environ.get('SECRET_KEY', '<%= @secret_key %>')
15DEBUG = False
16SECURE_HSTS_PRELOAD = True # moved from local settings as local runserver don't do SSL
17SECURE_HSTS_SECONDS = 1
18SECURE_SSL_REDIRECT = True
19LOG_FILE = '<%= @home %>/caldev_django.log'
20
21DEFAULT_FROM_EMAIL = '<%= @mail_from %>'
22EMAIL_USE_SSL = True
23EMAIL_HOST = "<%= @smtp_host %>"
24EMAIL_PORT = <%= @smtp_port %>
25