1
0
mirror of https://github.com/krislamo/vagrant-easyredmine synced 2024-12-16 07:20:36 +00:00

updates for Ansible 2.x

This commit is contained in:
Mark Heiges 2016-07-13 23:15:07 -04:00
parent 29e63763cd
commit 1093492b46
11 changed files with 76 additions and 60 deletions

View File

@ -54,6 +54,16 @@ redmine installer (if run).
`redmine_root_dir` does not exist or if there is a detected change in
the database (e.g. you drop it and let Ansible recreate it).
**Note:** The `run redmine installer` Ansible task can take a long time
and there is no stdout to the console to indicate progress. The
installer includes installing several Ruby gems and database migration
steps so the installer run time is affected by network speed and
database state. On the other hand the installer may prompt for input
that the expect script is not expecting. This causes the installer to
hang indefinitely waiting for input that the non-interactive script
cannot provide. The `~/install.log` captures the stdout of the process
and should be consulted to check for running state.
## Production Installation
See https://wiki.apidb.org/index.php/EasyRedmineVM for instructions for

View File

@ -1,6 +1,6 @@
---
- hosts: all
sudo: false
become: false
gather_facts: false
vars_files:
#- production_config.yml

View File

@ -1,12 +1,12 @@
---
- hosts: all
sudo: yes
become: yes
gather_facts: True
vars_files:
- config.yml
roles:
- { role: rvm_io.rvm1-ruby, tags: ruby, sudo: True }
- { role: easyredmine, sudo: no }
- { role: rvm_io.rvm1-ruby, tags: ruby, become: True }
- { role: easyredmine, become: no }
tasks:

View File

@ -4,13 +4,13 @@
- name: restart nginx
service: name=nginx
state=restarted
sudo: yes
become: yes
- name: restart firewalld
service: name=firewalld
state=restarted
sudo: yes
become: yes
- name: rebuild mail aliases
command: /usr/bin/newaliases
sudo: yes
become: yes

View File

@ -9,14 +9,14 @@
- file: path='{{ redmine_files_nfs_mount }}'
state=directory
sudo: yes
become: yes
- mount: name='{{ redmine_files_nfs_mount }}'
src='{{ redmine_files_nfs_source }}'
fstype=nfs
opts=rsize=32768,wsize=32768,tcp,hard,nointr
state=mounted
sudo: yes
become: yes
- name: set attachments_storage_path in configuration.yml
lineinfile: >

View File

@ -1,6 +1,6 @@
- name: install mysql, mariadb packages
yum: name='{{ item }}'
sudo: yes
become: yes
with_items:
- mysql-devel
- mariadb-server
@ -9,14 +9,14 @@
- service: name='{{ redmine_db_service_provider }}'
state=started
sudo: yes
become: yes
- mysql_db: name='{{ redmine_db_name }}'
state=present
encoding=utf8
login_user='{{ mysql_admin_login }}'
login_password='{{ mysql_admin_password }}'
sudo: yes
become: yes
register: redmine_db_created
# source database may not have same name as VM db.
@ -51,5 +51,5 @@
append_privs=yes
priv='{{ redmine_db_name }}.*:ALL'
state=present
sudo: yes
become: yes

View File

@ -2,18 +2,18 @@
- service: name=firewalld
state=started
enabled=yes
sudo: yes
become: yes
- firewalld: service=https
permanent=true
state=enabled
sudo: yes
become: yes
notify: restart firewalld
- firewalld: service=http
permanent=true
state=enabled
sudo: yes
become: yes
notify: restart firewalld
- firewalld: rich_rule='rule service name="ssh" family="ipv4" source address="{{ item }}" accept'
@ -24,32 +24,32 @@
- 192.168.0.0/16
- 172.16.0.0/16
- 128.91.49.0/24
sudo: yes
become: yes
notify: restart firewalld
when: is_production_vm == True
- firewalld: service=ssh
permanent=true
state=disabled
sudo: yes
become: yes
notify: restart firewalld
when: is_production_vm == True
- name: define new icmp types for timestamp responses
copy: dest='/etc/firewalld/icmptypes/{{ item }}.xml'
src='{{ item }}.xml'
sudo: yes
become: yes
with_items:
- timestamp-reply
- timestamp-request
- name: load new icmp types for timestamp responses
command: firewall-cmd --reload
sudo: yes
become: yes
- name: disable icmp timestamp responses
command: firewall-cmd --permanent --zone=public --add-icmp-block={{ item }}
sudo: yes
become: yes
with_items:
- timestamp-reply
- timestamp-request
@ -58,4 +58,4 @@
- name: restart firewalld
service: name=firewalld
state=restarted
sudo: yes
become: yes

View File

@ -1,15 +1,21 @@
---
- include: system.yml tags=system
- include: system.yml
tags: system
- include: firewall.yml tags=firewall
- include: firewall.yml
tags: firewall
- include: database.yml tags=database
- include: database.yml
tags: database
when: do_database_management == True
- include: redmine.yml tags=redmine
- include: redmine.yml
tags: redmine
- include: nginx.yml tags=nginx
- include: nginx.yml
tags: nginx
- include: attachments_storage.yml tags=attachments_storage
- include: attachments_storage.yml
tags: attachments_storage
when: is_production_vm == True

View File

@ -1,22 +1,22 @@
- get_url: url=https://oss-binaries.phusionpassenger.com/yum/definitions/el-passenger.repo
dest=/etc/yum.repos.d/passenger.repo
sudo: yes
become: yes
- rpm_key: key=https://packagecloud.io/gpg.key
sudo: yes
become: yes
# this makecache is mostly because I can not find any other way to fully
# import the GPG. key for the Passenger repo. 'rpm --import' is not
# sufficient.
- command: yum -q makecache -y --disablerepo='*' --enablerepo='passenger*'
sudo: yes
- command: /usr/bin/yum -q makecache -y --disablerepo='*' --enablerepo='passenger*'
become: yes
changed_when: False
- yum: name=epel-release
sudo: yes
become: yes
- name: install nginx, passenger
yum: name='{{ item }}'
sudo: yes
become: yes
with_items:
- nginx
- passenger
@ -27,31 +27,31 @@
# https://michael.lustfield.net/nginx/getting-a-perfect-ssl-labs-score
- name: generate new Diffie-Hellman group
command: 'openssl dhparam -out {{ dharam_pem_path }} 2048'
sudo: yes
become: yes
notify: restart nginx
when: dharam_pem.stat.exists == False
- template: dest='/etc/nginx/conf.d/easyredmine.conf'
src=easyredmine.conf.j2
sudo: yes
become: yes
notify: restart nginx
- template: dest='/etc/nginx/nginx.conf'
src=nginx.conf.j2
sudo: yes
become: yes
notify: restart nginx
- template: dest=/etc/nginx/conf.d/passenger.conf
src=passenger.conf.j2
sudo: yes
become: yes
notify: restart nginx
- copy: dest='/etc/pki/tls/certs/{{ ansible_fqdn }}.pem'
src='{{ nginx_pem }}'
sudo: yes
become: yes
notify: restart nginx
- service: name=nginx
state=started
enabled=yes
sudo: yes
become: yes

View File

@ -1,6 +1,6 @@
- name: install redmine package depdendencies
yum: name='{{ item }}'
sudo: yes
become: yes
with_items:
- mysql-devel
- unzip
@ -18,7 +18,7 @@
gem: name='{{ item }}'
user_install=no
executable=/usr/local/bin/gem # RVM's version
sudo: yes
become: yes
with_items:
- bundler
- redmine-installer
@ -26,7 +26,7 @@
- name: installer package is present?
stat: path='{{ installer_package_path }}'
register: has_installer_package
sudo: no
become: no
changed_when: false
- name: download installer
@ -35,37 +35,37 @@
mode=0640
force=no
when: has_installer_package.stat.exists == False
sudo: no
become: no
- name: add redmine installation wrapper script
template: dest='{{ _redmine_install_wrapper }}'
src=install_wrapper.j2
mode=750
sudo: no
become: no
- name: delete contents of redmine root directory
file: path='{{ redmine_root_dir }}'
state=absent
sudo: yes
when: redmine_db_created|changed
become: yes
when: redmine_db_created is defined and redmine_db_created|changed
- name: make installation directory
file: path='{{ redmine_root_dir }}'
state=directory
owner='{{ redmine_owner }}'
mode=755
sudo: yes
become: yes
register: mk_redmine_root_dir
- name: run redmine installer
shell: 'source ~/.bash_profile && {{ _redmine_install_wrapper }}'
shell: 'source ~/.bash_profile && {{ _redmine_install_wrapper }} > ~/install.log'
when: mk_redmine_root_dir|changed and do_redmine_installer == True
register: installer_run
sudo: no
become: no
- copy: dest='/opt/easyredmine/lib/tasks/ebrc_settings.rake'
src='ebrc_settings.rake'
sudo: yes
become: yes
- name: restrict config permissions
file: path='{{ redmine_root_dir }}/config'
@ -75,7 +75,7 @@
command: 'rake redmine:ebrc_settings RAILS_ENV=production'
args:
chdir: '{{ redmine_root_dir }}'
sudo: no
become: no
when: do_redmine_installer == True
- name: adding run_tasks crontab
@ -83,33 +83,33 @@
minute="*/15"
job='cd {{ redmine_root_dir }} && /usr/local/bin/bundle exec rake easyproject:scheduler:run_tasks RAILS_ENV=production > /dev/null'
user='{{ redmine_owner }}'
sudo: yes
become: yes
- name: add redmine IMAP fetch script
template: dest='{{ redmine_root_dir }}/script/redmine_receive_imap'
src=redmine_receive_imap.j2
mode=750
sudo: no
become: no
- name: add redmine repository fetch script
template: dest='{{ redmine_root_dir }}/script/redmine_fetch_changesets'
src=redmine_fetch_changesets.j2
mode=750
sudo: no
become: no
- name: adding redmine_receive_imap crontab
cron: name="fetch from imap"
minute="*/5"
job="({{ redmine_root_dir }}/script/redmine_receive_imap 2>&1 | sed '/install RDoc/d') >> {{ redmine_root_dir }}/log/redmine_receive_imap"
user='{{ redmine_owner }}'
sudo: yes
become: yes
- name: adding redmine_fetch_changesets crontab
cron: name="fetch from repository"
minute="*/5"
job="({{ redmine_root_dir }}/script/redmine_fetch_changesets 2>&1 | sed '/install RDoc/d') >> {{ redmine_root_dir }}/log/redmine_fetch_changesets"
user='{{ redmine_owner }}'
sudo: yes
become: yes
- name: set session cookie as secure
lineinfile: >

View File

@ -2,7 +2,7 @@
- name: install system tools
yum: name='{{ item }}'
sudo: yes
become: yes
with_items:
- rsync
- strace
@ -28,13 +28,13 @@
- service: name=sendmail
state=started
enabled=yes
sudo: yes
become: yes
- name: set up redmine user mail aliases
lineinfile: >
dest=/etc/aliases
regexp="\b{{ redmine_owner }}"
line="{{ redmine_owner }}: {{ redmine_mail_alias }}"
sudo: yes
become: yes
notify: rebuild mail aliases