-
Notifications
You must be signed in to change notification settings - Fork 3
/
mezzanine.yml
executable file
·146 lines (144 loc) · 4.74 KB
/
mezzanine.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
#!/usr/bin/env ansible-playbook
---
- name: Deploy mezzanine
hosts: web
vars:
user: "{{ ansible_ssh_user }}"
proj_name: mezzanine-example
venv_home: "{{ ansible_env.HOME }}"
venv_path: "{{ venv_home }}/{{ proj_name }}"
proj_dirname: project
proj_path: "{{ venv_path }}/{{ proj_dirname }}"
reqs_path: requirements.txt
manage: "{{ python }} {{ proj_path }}/manage.py"
live_hostname: 192.168.33.10.xip.io
domains:
- 192.168.33.10.xip.io
- www.192.168.33.10.xip.io
repo_url: https://github.com/lorin/mezzanine-example.git
gunicorn_port: 8000
locale: en_US.UTF-8
# Variables below don't appear in Mezannine's fabfile.py
# but I've added them for convenience
conf_path: /etc/nginx/conf
ssl_enabled: True
python: "{{ venv_path }}/bin/python"
database_name: "{{ proj_name }}"
database_user: "{{ proj_name }}"
database_host: localhost
database_port: 5432
gunicorn_proc_name: mezzanine
vars_files:
- secrets.yml
tasks:
- name: install apt packages
apt: pkg={{ item }} update_cache=yes cache_valid_time=3600
sudo: True
with_items:
- git
- libjpeg-dev
- libpq-dev
- memcached
- nginx
- postgresql
- python-dev
- python-pip
- python-psycopg2
- python-setuptools
- python-virtualenv
- supervisor
- name: check out the repository on the host
git: repo={{ repo_url }} dest={{ proj_path }} accept_hostkey=yes
- name: install required python packages
pip: name={{ item }} virtualenv={{ venv_path }}
with_items:
- gunicorn
- setproctitle
- south
- psycopg2
- django-compressor
- python-memcached
- name: install requirements.txt
pip: requirements={{ proj_path }}/{{ reqs_path }} virtualenv={{ venv_path }}
- name: create a user
postgresql_user:
name: "{{ database_user }}"
password: "{{ db_pass }}"
sudo: True
sudo_user: postgres
- name: create the database
postgresql_db:
name: "{{ database_name }}"
owner: "{{ database_user }}"
encoding: UTF8
lc_ctype: "{{ locale }}"
lc_collate: "{{ locale }}"
template: template0
sudo: True
sudo_user: postgres
- name: generate the settings file
template: src=templates/local_settings.py.j2 dest={{ proj_path }}/local_settings.py
- name: sync the database, apply migrations, collect static content
django_manage:
command: "{{ item }}"
app_path: "{{ proj_path }}"
virtualenv: "{{ venv_path }}"
with_items:
- syncdb
- migrate
- collectstatic
- name: set the site id
script: scripts/setsite.py
environment:
PATH: "{{ venv_path }}/bin"
PROJECT_DIR: "{{ proj_path }}"
WEBSITE_DOMAIN: "{{ live_hostname }}"
- name: set the admin password
script: scripts/setadmin.py
environment:
PATH: "{{ venv_path }}/bin"
PROJECT_DIR: "{{ proj_path }}"
ADMIN_PASSWORD: "{{ admin_pass }}"
- name: set the gunicorn config file
template: src=templates/gunicorn.conf.py.j2 dest={{ proj_path }}/gunicorn.conf.py
- name: set the supervisor config file
template: src=templates/supervisor.conf.j2 dest=/etc/supervisor/conf.d/mezzanine.conf
sudo: True
notify: restart supervisor
- name: set the nginx config file
template: src=templates/nginx.conf.j2 dest=/etc/nginx/sites-available/mezzanine.conf
notify: restart nginx
sudo: True
- name: enable the nginx config file
file:
src: /etc/nginx/sites-available/mezzanine.conf
dest: /etc/nginx/sites-enabled/mezzanine.conf
state: link
notify: restart nginx
sudo: True
- name: remove the default nginx config file
file: path=/etc/nginx/sites-enabled/default state=absent
notify: restart nginx
sudo: True
- name: ensure config path exists
file: path={{ conf_path }} state=directory
sudo: True
when: ssl_enabled
- name: create ssl certificates
command: >
openssl req -new -x509 -nodes -out {{ proj_name }}.crt
-keyout {{ proj_name }}.key -subj '/CN={{ domains[0] }}' -days 3650
chdir={{ conf_path }}
creates={{ conf_path }}/{{ proj_name }}.crt
sudo: True
when: ssl_enabled
notify: restart nginx
- name: install poll twitter cron job
cron: name="poll twitter" minute="*/5" user={{ user }} job="{{ manage }} poll_twitter"
handlers:
- name: restart supervisor
supervisorctl: name=gunicorn_mezzanine state=restarted
sudo: True
- name: restart nginx
service: name=nginx state=restarted
sudo: True