setup - updated system-config tasks

superstes · Jan 9, 2022 · 449dd44 · 449dd44
1 parent c117a9b
commit 449dd44
Show file tree

Hide file tree

Showing 8 changed files with 166 additions and 57 deletions.
diff --git a/code/web/base/ga/submodels/system.py b/code/web/base/ga/submodels/system.py
@@ -41,7 +41,7 @@ class SystemAgentModel(BaseModel):
     sql_service = models.CharField(max_length=50, default=config.SYS_DEFAULT_SQL_SVC)
     sql_config = models.CharField(max_length=255, default=config.SYS_DEFAULT_SQL_CONFIG)
 
-    log_level = models.PositiveSmallIntegerField(default=2, choices=LOG_LEVEL_CHOICES)
+    log_level = models.PositiveSmallIntegerField(default=5, choices=LOG_LEVEL_CHOICES)
     debug = models.BooleanField(choices=BOOLEAN_CHOICES, default=False)
 
     device_fail_count = models.PositiveSmallIntegerField(default=config.SYS_DEFAULT_FAIL_COUNT)
@@ -77,7 +77,7 @@ class SystemServerModel(BaseModel):
     sql_database = models.CharField(max_length=50, default=config.SYS_DEFAULT_SQL_DB)
     sql_service = models.CharField(max_length=50, default=config.SYS_DEFAULT_SQL_SVC)
 
-    log_level = models.PositiveSmallIntegerField(default=2, choices=LOG_LEVEL_CHOICES)
+    log_level = models.PositiveSmallIntegerField(default=5, choices=LOG_LEVEL_CHOICES)
     debug = models.BooleanField(choices=BOOLEAN_CHOICES, default=False)
     security = models.BooleanField(choices=BOOLEAN_CHOICES, default=False)
     timezone = models.CharField(max_length=50, choices=TIMEZONE_CHOICES, default=config.SYS_DEFAULT_TZ)

diff --git a/setup/roles/setup/files/tmp/update_core_config.py b/setup/roles/setup/files/tmp/update_core_config.py
@@ -4,11 +4,26 @@
 
 from sys import argv as sys_argv
 
-secret = sys_argv[1]
+setting = sys_argv[1]
+value = sys_argv[2]
+
+try:
+    action = sys_argv[3]
+
+except IndexError:
+    action = 'overwrite'
 
 from core.config.object.data.file import GaDataFile
 
 ConfigFile = GaDataFile()
 config = ConfigFile.get()
-config.update({'sql_secret': secret})
+
+if action == 'overwrite':
+    config.update({setting: value})
+
+else:
+    # only add the setting if not exists
+    if setting not in config:
+        config.update({setting: value})
+
 ConfigFile.reset(data=config)
diff --git a/setup/roles/setup/tasks/update_pwds.yml b/setup/roles/setup/tasks/update_pwds.yml
@@ -34,13 +34,13 @@
 
 - name: GA | Update PWDs | Copying core config-file updater script
   ansible.builtin.copy:
-    src: "files/tmp/update_core_config.py"
+    src: 'files/tmp/update_core_config.py'
     dest: '/tmp/update_core_config.py'
     mode: 0500
 
 - name: GA | Update PWDs | Updating core config-file
   ansible.builtin.shell: "source {{ ga_core_path_venv }}/bin/activate &&
-  {{ ga_core_path_venv }}/bin/python3 /tmp/update_core_config.py {{ ga_sql_pwd_core | quote }}"
+  {{ ga_core_path_venv }}/bin/python3 /tmp/update_core_config.py sql_secret {{ ga_sql_pwd_core | quote }}"
   args:
     executable: '/bin/bash'
   environment:

diff --git a/setup/roles/update/defaults/main.yml b/setup/roles/update/defaults/main.yml
@@ -5,3 +5,58 @@ ga_remove_web_venv: false
 ga_remove_core_venv: false
 ga_update_path_backup: "/var/backups/ga/update/{{ ansible_date_time.iso8601_basic_short }}"
 ga_update_cores: "{% if ansible_processor_cores - 1 > 0 %}{{ ansible_processor_cores - 1 }}{% else %}1{% endif %}"
+
+ga_settings:
+  server:
+    overwrite:
+      letsencrypt: "{% if ga_web_ssl_mode == 'letsencrypt' %}1{% else %}0{% endif %}"
+      version: "{{ ga_setup_release }}"
+      version_detail: "{{ ga_setup_commit }}"
+
+#    default:
+#      name: "{{ ga_core_controller_name }}"
+#      description: "Server created by setup at {{ ansible_date_time.iso8601_basic_short }}"
+#      path_core: "{{ ga_update_path_core }}"
+#      path_web: "{{ ga_update_path_web }}"
+#      path_web_static: "{{ ga_update_path_web_static }}"
+#      path_web_docs: "{{ ga_update_path_web_docs }}"
+#      path_home_core: "{{ ga_core_path_home }}"
+#      path_home_web: "{{ ga_web_path_home }}"
+#      path_log: "{{ ga_update_path_log }}"
+#      sql_server: "{{ ga_sql_server }}"
+#      sql_port: "{{ ga_sql_port }}"
+#      sql_user: "{{ ga_sql_user_web }}"
+#      sql_database: "{{ ga_sql_db }}"
+#      sql_service: "{{ ga_sql_service }}"
+#      log_level: "{{ ga_log_level }}"
+#      security: "{% if ga_security_mode %}1{% else %}0{% endif %}"
+#      timezone: "{{ ga_timezone }}"
+
+  agent:
+    overwrite:
+      version: "{{ ga_setup_release }}"
+      version_detail: "{{ ga_setup_commit }}"
+
+    default:
+      name: "{{ ga_core_controller_name }}"
+      description: "Agent created by setup at {{ ansible_date_time.iso8601_basic_short }}"
+      path_root: "{{ ga_update_path_core }}"
+      path_home: "{{ ga_core_path_home }}"
+      path_log: "{{ ga_update_path_log }}"
+      sql_server: "{{ ga_sql_server }}"
+      sql_port: "{{ ga_sql_port }}"
+      sql_user: "{{ ga_sql_user_core }}"
+      sql_database: "{{ ga_sql_db }}"
+      sql_socket: "{{ ga_sql_socket }}"
+      sql_service: "{{ ga_sql_service }}"
+      sql_config: "{{ ga_sql_config_file }}"
+      # needed for the core prestart:
+      debug: 0
+      log_level: "{{ ga_log_level }}"
+      svc_interval_status: 3600
+      svc_interval_reload: 21600
+      subprocess_timeout: 60
+      device_fail_count: 5
+      device_fail_sleep: 1800
+      device_log: 1
+
diff --git a/setup/roles/update/tasks/main.yml b/setup/roles/update/tasks/main.yml
@@ -19,35 +19,6 @@
   ansible.builtin.import_tasks: process/main.yml
   when: ga_update_process
 
-- name: GA | Update | Updating version number (local db)
-  community.mysql.mysql_query:
-    login_unix_socket: "{{ ga_sql_socket }}"
-    login_db: "{{ ga_sql_db }}"
-    config_file: "{{ ga_update_path_web }}/{{ ga_sql_config }}"
-    query: "{{ item }}"
-  loop:
-    - "update ga_systemagentmodel set version='{{ ga_update_release_new }}', version_detail='{{ ga_update_commit_new }}'"  # todo: once there is support for multiple agents we will need to target the update-cmd
-    - "update ga_systemservermodel set version='{{ ga_update_release_new }}', version_detail='{{ ga_update_commit_new }}'"
-  when:
-    - not ga_update_failed
-    - ga_update_process
-    - ga_sql_server == 'localhost'
-
-- name: GA | Update | Updating version number (remote db)
-  community.mysql.mysql_query:
-    login_host: "{{ ga_sql_server }}"
-    login_port: "{{ ga_sql_port }}"
-    login_db: "{{ ga_sql_db }}"
-    config_file: "{{ ga_update_path_web }}/{{ ga_sql_config }}"
-    query: "{{ item }}"
-  loop:
-    - "update ga_systemagentmodel set version='{{ ga_update_release_new }}', version_detail='{{ ga_update_commit_new }}'"  # todo: once there is support for multiple agents we will need to target the update-cmd
-    - "update ga_systemservermodel set version='{{ ga_update_release_new }}', version_detail='{{ ga_update_commit_new }}'"
-  when:
-    - not ga_update_failed
-    - ga_update_process
-    - ga_sql_server != 'localhost'
-
 - name: GA | Update | Restarting services
   ansible.builtin.systemd:
     name: "{{ item }}"

diff --git a/setup/roles/update/tasks/process/do.yml b/setup/roles/update/tasks/process/do.yml
@@ -119,13 +119,52 @@
     - update_code.failed is undefined or not update_code.failed
     - update_db_schema_build.failed is undefined or not update_db_schema_build.failed
 
-- name: GA | Update | Process | Do | Updating core config file
+- name: GA | Update | Process | Do | Copying core config-file updater script
   ansible.builtin.copy:
-    src: '{{ playbook_dir }}/roles/setup/files/tmp/update_core_config.py'
-    dest: "{{ ga_core_path }}/core/config/file/core.conf"
-    mode: 0600
-    owner: "{{ ga_core_service_user }}"
-    group: "{{ ga_service_group }}"
+    src: "{{ playbook_dir }}/roles/setup/files/tmp/update_core_config.py"
+    dest: '/tmp/update_core_config.py'
+    mode: 0500
+
+- name: GA | Update | Process | Do | Updating values in core config-file (1/2)
+  ansible.builtin.shell: "source {{ ga_core_path_venv }}/bin/activate &&
+  {{ ga_core_path_venv }}/bin/python3 /tmp/update_core_config.py {{ item.key | quote }} {{ item.value | quote }}"
+  args:
+    executable: '/bin/bash'
+  environment:
+    PYTHONPATH: "{{ ga_update_path_core }}"
+  with_dict: "{{ ga_settings.agent.overwrite }}"
+
+- name: GA | Update | Process | Do | Updating values in core config-file (2/2)
+  ansible.builtin.shell: "source {{ ga_core_path_venv }}/bin/activate &&
+  {{ ga_core_path_venv }}/bin/python3 /tmp/update_core_config.py {{ item.key | quote }} {{ item.value | quote }} default"
+  args:
+    executable: '/bin/bash'
+  environment:
+    PYTHONPATH: "{{ ga_update_path_core }}"
+  with_dict: "{{ ga_settings.agent.default }}"
+
+- name: GA | Update | Process | Do | Updating system-config in db (local db)
+  community.mysql.mysql_query:
+    login_unix_socket: "{{ ga_sql_socket }}"
+    login_db: "{{ ga_sql_db }}"
+    config_file: "{{ ga_update_path_web }}/{{ ga_sql_config }}"
+    query: "{{ item }}"
+  loop:
+    - "update ga_systemagentmodel {% for setting, value in ga_settings.agent.overwrite.items %}{{ setting }}='{{ value }}'{% if not loop.last %}, {% endif %}{% endfor %}"  # todo: once there is support for multiple agents we will need to target the update-cmd
+    - "update ga_systemservermodel {% for setting, value in ga_settings.server.overwrite.items %}{{ setting }}='{{ value }}'{% if not loop.last %}, {% endif %}{% endfor %}"
+  when: ga_sql_server == 'localhost'
+
+- name: GA | Update | Process | Do | Updating system-config in db (remote db)
+  community.mysql.mysql_query:
+    login_host: "{{ ga_sql_server }}"
+    login_port: "{{ ga_sql_port }}"
+    login_db: "{{ ga_sql_db }}"
+    config_file: "{{ ga_update_path_web }}/{{ ga_sql_config }}"
+    query: "{{ item }}"
+  loop:
+    - "update ga_systemagentmodel {% for setting, value in ga_settings.agent.overwrite.items %}{{ setting }}='{{ value }}'{% if not loop.last %}, {% endif %}{% endfor %}"  # todo: once there is support for multiple agents we will need to target the update-cmd
+    - "update ga_systemservermodel {% for setting, value in ga_settings.server.overwrite.items %}{{ setting }}='{{ value }}'{% if not loop.last %}, {% endif %}{% endfor %}"
+  when: ga_sql_server != 'localhost'
 
 - name: GA | Update | Process | Do | Stopping services about to be upgraded (if online)
   ansible.builtin.systemd:

diff --git a/setup/roles/web/defaults/main.yml b/setup/roles/web/defaults/main.yml
@@ -36,3 +36,44 @@ ga_django_groups:
   - 'ga_user'
   - 'ga_write'
   - 'ga_admin'
+
+ga_settings:
+  server:
+    name: "'{{ ga_core_controller_name }}'"
+    description: "'Server created by setup at {{ ansible_date_time.iso8601_basic_short }}'"
+    path_core: "'{{ ga_core_path }}'"
+    path_web: "'{{ ga_web_path }}'"
+    path_web_static: "'{{ ga_web_path_static }}'"
+    path_web_docs: "'{{ ga_web_path_docs }}'"
+    path_home_core: "'{{ ga_core_path_home }}'"
+    path_home_web: "'{{ ga_web_path_home }}'"
+    path_log: "'{{ ga_path_log }}'"
+    sql_server: "'{{ ga_sql_server }}'"
+    sql_port: "{{ ga_sql_port }}"
+    sql_user: "'{{ ga_sql_user_web }}'"
+    sql_database: "'{{ ga_sql_db }}'"
+    sql_service: "'{{ ga_sql_service }}'"
+    # sql_secret: "'{{ ga_sql_pwd_web }}'"  # to be encrypted
+    log_level: "{{ ga_log_level }}"
+    security: "{% if ga_security_mode %}1{% else %}0{% endif %}"
+    timezone: "'{{ ga_timezone }}'"
+    version: "'{{ ga_setup_release }}'"
+    version_detail: "'{{ ga_setup_commit }}'"
+    letsencrypt: "{% if ga_web_ssl_mode == 'letsencrypt' %}1{% else %}0{% endif %}"
+
+  agent:
+    name: "'{{ ga_core_controller_name }}'"
+    description: "'Agent created by setup at {{ ansible_date_time.iso8601_basic_short }}'"
+    path_root: "'{{ ga_core_path }}'"
+    path_home: "'{{ ga_core_path_home }}'"
+    path_log: "'{{ ga_path_log }}'"
+    sql_server: "'{{ ga_sql_server }}'"
+    sql_port: "{{ ga_sql_port }}"
+    sql_user: "'{{ ga_sql_user_core }}'"
+    sql_database: "'{{ ga_sql_db }}'"
+    sql_socket: "'{{ ga_sql_socket }}'"
+    sql_service: "'{{ ga_sql_service }}'"
+    sql_config: "'{{ ga_sql_config_file }}'"
+    # sql_secret: "'{{ ga_sql_pwd_core }}'"  # to be encrypted
+    version: "'{{ ga_setup_release }}'"
+    version_detail: "'{{ ga_setup_commit }}'"
diff --git a/setup/roles/web/tasks/init_db.yml b/setup/roles/web/tasks/init_db.yml
@@ -28,26 +28,14 @@
   ansible.builtin.set_fact:
     ga_db_init:  # This script is used to initialize the main configuration-objects - without those the core and web-interface won't work properly
       - "INSERT IGNORE INTO {{ ga_sql_db }}.ga_systemservermodel
-        (created, updated, name, description, path_core, path_web, 
-        path_web_static, path_home_core, path_home_web, path_log, sql_server, sql_port, sql_user, 
-        sql_secret, sql_database,
-        log_level, debug, security, timezone, web_cdn, web_warn, ga_cloud, 
-        ga_cloud_uuid, ga_cloud_token, ga_cloud_ddns, version, version_detail, sql_service, letsencrypt)
+        (created, updated, sql_secret, {% for setting in ga_settings.server.keys() %}{{ setting }}{% if not loop.last %}, {% endif %}{% endfor %})
         VALUES
-        (NOW(), NOW(), '{{ ga_core_controller_name }}', 'Server created by setup at {{ ansible_date_time.iso8601_basic_short }}', '{{ ga_core_path }}', '{{ ga_web_path }}', 
-        '{{ ga_web_path_static }}', '{{ ga_core_path_home }}', '{{ ga_web_path_home }}', '{{ ga_path_log }}', '{{ ga_sql_server }}', {{ ga_sql_port }}, '{{ ga_sql_user_web }}', 
-        '{{ ga_sql_pwd_web_encrypted.stdout }}', '{{ ga_sql_db }}', {{ ga_log_level }}, 0, {% if ga_security_mode %}1{% else %}0{% endif %}, '{{ ga_timezone }}', 0, 1, 0, 
-        NULL, NULL, 0, '{{ ga_setup_release }}', '{{ ga_setup_commit }}', '{{ ga_sql_service }}', {% if ga_web_ssl_mode == 'letsencrypt' %}1{% else %}0{% endif %})"
+        (NOW(), NOW(), '{{ ga_sql_pwd_web_encrypted.stdout }}', {% for value in ga_settings.server.values() %}'{{ value }}'{% if not loop.last %}, {% endif %}{% endfor %})"
 
       - "INSERT IGNORE INTO {{ ga_sql_db }}.ga_systemagentmodel
-        (created, updated, name, description, path_root, path_home, path_log, sql_server, 
-        sql_port, sql_user, sql_secret, sql_database, 
-        log_level, debug, device_fail_count, device_fail_sleep, device_log, svc_interval_status, svc_interval_reload, subprocess_timeout, 
-        version, version_detail, sql_socket, sql_service, sql_config)
+        (created, updated, sql_secret, {% for setting in ga_settings.agent.keys() %}{{ setting }}{% if not loop.last %}, {% endif %}{% endfor %})
         VALUES
-        (NOW(), NOW(), '{{ ga_core_controller_name }}', 'Agent created by setup', '{{ ga_core_path }}', '{{ ga_core_path_home }}', '{{ ga_path_log }}', '{{ ga_sql_server }}', 
-        {{ ga_sql_port }}, '{{ ga_sql_user_core }}', '{{ ga_sql_pwd_core_encrypted.stdout }}', '{{ ga_sql_db }}', {{ ga_log_level }}, 0, 3, 3600, 1, 3600, 21600, 60,
-        '{{ ga_setup_release }}', '{{ ga_setup_commit }}', '{{ ga_sql_socket }}', '{{ ga_sql_service }}', '{{ ga_sql_config_file }}')"
+        (NOW(), NOW(), '{{ ga_sql_pwd_core_encrypted.stdout }}', {% for value in ga_settings.agent.values() %}'{{ value }}'{% if not loop.last %}, {% endif %}{% endfor %})"
 
 - name: GA | Web | Init | Executing database initialization script (local db)
   community.mysql.mysql_query: