Skip to content
This repository has been archived by the owner on Apr 12, 2021. It is now read-only.
/ ansible-playbook-server-legacy Public archive

A custom ansible playbook to setup a Django/nginx/uWSGI/MySql server

License

MIT license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

desecho/ansible-playbook-server-legacy

BranchesTags

Repository files navigation

ansible-playbook-server

Setup and provision a server and a development machine with ansible effortlessly.

It sets up the following:

Along with:

It's meant to work in production and development environments (in the VM). It also provides a certain set of useful aliases.

It uses ansible-vault to manage secrets. It uses [Grive][Grive] and Google Drive for backup storage. It installs htop and iftop to monitor through CLI.

Warning: It suits my particular needs but might not be suitable for others. It is not perfect and it is not meant to be. It's also currently set up in a way that is not the most secure thing one might come up with. See [Drawbacks][#Drawbacks] for details.

It is currently used to provision the following projects:

Requirements

Details

It has an initial provisioning which is run before everything else which is responsible for the base of the server. Then it has separate provisioning for each project.

It installs ipdb, yarn, git, pip, tox, isort, npm and other packages globally. Ntp is enabled. Locale is set to en_US.UTF-8. The backups are being run every day. The logs are in /root/logs. Security packages are being updated constantly automatically and if restart is required it is done right after the backup script is finished.

Installation

Development

Vagrant / VirtualBox

Install Vagrant and VirtualBox.

mkdir vm
git clone git@github.com:desecho/ansible-playbook-server.git
cp ansible-playbook-server/Vagrantfile .
vagrant plugin install vagrant-vbguest
vagrant plugin install vagrant-disksize
vagrant up

Install ubuntu by using a CD-ROM.

ssh-copy-id -i ~/.ssh/id_rsa.pub vagrant@127.0.0.1 -p 2222
ssh-add ~/.ssh/id_rsa
cp /Users/desecho/.ssh/id_rsa /Users/desecho/.vagrant.d/insecure_private_key
vagrant ssh
sudo su
echo "vagrant ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
init 0
vagrant up
vagrant ssh
ssh-keygen -t rsa -C desecho@gmail.com -N ''
cat ~/.ssh/id_rsa.pub
sudo su
ssh-keygen -t rsa -C desecho@gmail.com -N ''
cat ~/.ssh/id_rsa.pub

Add keys on the github key settings page

cd /vagrant/ansible-playbook-server
./init/provision.sh
./bootstrap.sh
./init/init_password.sh password  # password for ansible-vault
./init/clone_dev.sh
./provision.sh init dev
exit
exit
vagrant ssh
provisionall
ssh-copy-id -i ~/.ssh/id_rsa.pub prod  # Set up connection with your production server
ssh-copy-id -i ~/.ssh/id_rsa.pub proxy  # Set up connection with your proxy server
exit
ssh-copy-id -i ~/.ssh/id_rsa.pub prod  # Set up connection with your production server
ssh-copy-id -i ~/.ssh/id_rsa.pub proxy  # Set up connection with your proxy server

Production

ssh-keygen -t rsa -C desecho@gmail.com -N ''
cat ~/.ssh/id_rsa.pub

Add a key on the github key settings page

git clone git@github.com:desecho/ansible-playbook-server.git
cd /root/ansible-playbook-server
apt-get update
./init/clone_prod.sh
./init/provision.sh
./bootstrap.sh
./init/init_password.sh password  # Password for ansible-vault
./provision.sh init prod  # You might need to run it twice in case of an error
exit

Reconnect to the server

provisionall

Install [Dropbox Uploader][Dropbox Uploader].

curl "https://raw.githubusercontent.com/andreafabrizi/Dropbox-Uploader/master/dropbox_uploader.sh" -o /usr/bin/dropbox_uploader.sh
chmod +x /usr/bin/dropbox_uploader.sh

Open https://www.dropbox.com/developers/apps Click "Create app" Select Dropbox API Select App folder Enter BackupDesecho as a name Generated access token Run dropbox_uploader.sh Enter access token

dropbox_uploader.sh mkdir Backups

Desktop

See Readme for Ubuntu Desktop

Usage

# Full provisioning of each service
provision init
provision movies
provision words
provision site
provision blog
provision ghcontrib

Provision all services at once

provisionall

How to add a new Django project

Commands

Here is a short list of available aliases. For the full list, run ?.

Django

Can be run only from the "home" directory: (it is in fact /root for root and /home/ubuntu for ubuntu but we make it really cozy inside /vagrant)

. workon movies
manage migrate

Aliases to be run from anywhere.

develop movies  # Start development server
deploy movies  # Light version of provisioning. (if there are no changes to the ansible playbook related to the project)
tox movies
makemessages movies

Blog

blogdeploy
blogpost
blogpreview

Site

sitedeploy

Playbooks used

Still not automated

  • Grive installation
  • It does not set up connection to your production server
  • It does not create the ssh key

Drawbacks

  • It only uses root user to simplify things. Note: there is still ubuntu user in the VM but it is currently there only because I didn't find a way to get rid of it
  • No real CI/CD
  • Deployment happens manualy. It is easy to do but you still have to connect directly to the server and run commands
  • Questionable backup solution
  • There are a few issues which have not been resolved for the moment
    • Ansible event statuses shows change in places it shouldn't do so sometimes
    • It restarts nginx multiple times while provisioning
    • It is not optimized.
    • It breaks the server for some time while provisioning.

About

A custom ansible playbook to setup a Django/nginx/uWSGI/MySql server

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages