setup Hitchwiki with ansible #164
Conversation
group_vars/vars
Outdated
| VAGRANT_WIKIDIR: "{{ VAGRANT_ROOTDIR }}/public/wiki" | ||
|
|
||
| # Hitchwiki | ||
| hw_owners: "{{ HW__general__webserver_user }}:{{ HW__general__webserver_group }}" |
There was a problem hiding this comment.
Note that HW__general__webserver_user were set with bash from settings.ini, but here they might need to be set just as strings? They could be taken out form settings.ini as this doesn't really need to be configurable. www-data:www-data is the default Apache2 user:group.
There was a problem hiding this comment.
edit: I merged them into group_vars/all.
as soon as i figure out, how to include them from a script, they will depend on _settings.sh, or if we decide to deprecate it, from settings.ini.
There was a problem hiding this comment.
I think there's a bunch of scripts now relying on settings.ini now, although those can probably all be migrated to Ansible.
settings.sh setting up env vars for Ansible could be one trick, although in general I always feel like they are a bit of a blackbox so I try to avoid them.
Bottom line is that there should be just one place for one type of configs. Install/runtime configs can be separate as long as they don't have same configuration multiple times; that's kinda how it is now with configs/vagrant.yml
roles/web/tasks/main.yml
Outdated
| sed -i "s/error_reporting = .*/error_reporting = E_ALL/" /etc/php/7.0/apache2/php.ini | ||
| sed -i "s/display_errors = .*/display_errors = On/" /etc/php/7.0/apache2/php.ini | ||
| notify: | ||
| - restart apache |
There was a problem hiding this comment.
This should be off by default (at least in prod) and we have a flag at config we use to control this.
There was a problem hiding this comment.
moved to dev as well now
There was a problem hiding this comment.
It should still be off by default, so that setting $hwDebug=false will hide them.
|
Just from .yml files
On Wed 18. Oct 2017 at 18:57, Mikael Korpela ***@***.***> wrote:
@guaka <https://github.com/guaka> or @omelnyk <https://github.com/omelnyk>
do you know how to read variables into Ansible from external config files
(yaml/ini/json/whatnot)?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#164 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AADVyENJw6zqUp8M6e-9szaPX7z313Qhks5sti3ygaJpZM4P8Pb6>
.
--
sent from my phone
|
|
Aight! @traumschule so I guess this line in Mediawiki config needs to use PHP YAML then. As for bash files, might be we won't have those left after Ansible but if they need access to settings, there's this: https://github.com/0k/shyaml |
|
Two other yaml readers for php that we can install via Composer: |
group_vars/all includes - configs/settings.yml (link/copy from settings-example.yml) - configs/vagrant.yaml This superseeds and removes the following files: - configs/settings-example.ini - scripts/_path_resolve.sh - scripts/_settings.sh The following files are replaced by ansible: - scripts/server_install.sh - scripts/install_funcs.sh - scripts/install_parsoid.sh - scripts/create_users.sh - scripts/install_local.sh - scripts/vendor/bash_ini_parser
First copy configs/settings-example.yml to settings.yml
This commit superseeds the following files:
- configs/settings-example.ini
- configs/vagrant-example.yaml
- configs/vagrant.yaml
- scripts/server_install.sh
install_local.sh still depends on:
- scripts/_path_resolve.sh
- scripts/_settings.sh
- scripts/vendor/bash_ini_parse
- scripts/install_funcs.sh
- scripts/install_parsoid.sh
- scripts/create_users.sh
composer.json references
- scripts/vagrant/install.sh
- scripts/install_local.sh
- scripts/clean.sh
Links
- group_vars/all -> group_vars/hitchwiki
- group_vars/hitchwiki -> configs/settigs.yml
- configs/vagrant-example.yaml -> configs/settings-example.yml
- configs/settings-example.ini -> configs/settings-example.yml
cert_selfsigned.sh is still needed for dev environment, because lets encrypt works only for domains which are publicly accessible. |
I think it's okay to let these read |
…pt.tar.xz if present
|
This week I put together some ansible code to deploy hitchwiki-private to a new server, it's almost done. |
|
it's unfortunate but I don't think this will be (re)used - but please step up if you do want to (re)use some of this work |
The ansible playbook (hitchwiki.yml) is a major step to make Hitchwiki v3 production ready. This branch aims for a stable and easy installation process. For future development see #172.
Test it!
For details see INSTALL.md and ansible/README.md.
Changelog
Nov 18 Install Mediawiki without errors
Run
ansible-playbook hitchwiki.ymluntil Import Mediawiki content, check debug output and fix the errors (Seemw_import.yml)LocalSettings.phpmust be absent, or Cannot modify header information - headers already sent is risen) how to find BOMs backtracemediawiki-1.29.2.tar.gz(November 2017)Nov 13 secure production setup (fixes #142)
Oct 28 deploy beta.hitchwiki.org with ansible
roles/mw/tasks/main.ymlconfigs/mediawiki.phpandpublic/robots.txt.php(alternatives: spyc and below)
whenclause)/var/www/public/.htaccess: Invalid command 'php_value'although mod_php is loaded => comment both lines and add them to /etc/php/7.0/cli/php.iniCould not reliably determine the server's fully qualified domain namealthough/etc/apache2/sites-enabled/hitchwiki.confdefines it => add ServerName outside of <VirtualHost$_SERVER['REMOTE_ADDR'] = 'YOUR IP ADDRESS';toLocal Settings.php$logDir = '/vagrant/logs'(./configs/mediawiki.php)