0001-deploy-and-delete-tenants-a-playbook-and-documentati.patch

Dernière version - Anonyme, 16 février 2018 11:15

Voir les différences: en ligne côte à côte

Subject: [PATCH] deploy and delete tenants : a playbook and documentation for
 hobo-manage related commands (#21695)

 README.rst                                         | 56 +++++++++++++++++-----
 delete-tenants.yml                                 | 25 ++++++++++
 deploy-tenants.yml                                 |  8 ++++
 install.yml                                        |  2 +-
 inventory.yml                                      |  8 +++-
 roles/deploy-tenants/tasks/main.yml                | 34 +++++++++++++
 roles/deploy-tenants/templates/config.json.j2      | 25 ++++++++++
 .../templates/hobo-manage-recipe-with-wcs.j2       | 33 +++++++++++++
 roles/deploy-tenants/templates/site-options.cfg.j2 |  4 ++
 roles/deploy-tenants/vars/main.yml                 |  7 +++
 10 files changed, 187 insertions(+), 15 deletions(-)
 create mode 100644 delete-tenants.yml
 create mode 100644 deploy-tenants.yml
 create mode 100644 roles/deploy-tenants/tasks/main.yml
 create mode 100644 roles/deploy-tenants/templates/config.json.j2
 create mode 100644 roles/deploy-tenants/templates/hobo-manage-recipe-with-wcs.j2
 create mode 100644 roles/deploy-tenants/templates/site-options.cfg.j2
 create mode 100644 roles/deploy-tenants/vars/main.yml

     Ansible playbook that install and setup a multitenant publik instance using sources.
     A complete version of this document is maintained here :
     https://dev.entrouvert.org/projects/publik-devinst/wiki/Installation_d'un_environnement_de_développement_local
     Setup
     =====
-...
     Install dependencies
     ++++++++++++++++++++
     .. code-block:: bash
         pip install --user -r requirements.txt
-...
     +++++++++++++++++++
     * postgresql server must be installed
     * the system user used to run ansible must be a sudoer
     * configure postgresql in order to have these configuration:
     * the system's user running the install.yml playbook must be a sudoer
     * configure postgresql in order to have this configuration:
       * the system user is used to run ansible and must to be able to connect to the postgresql server without authentication and must be authorized to create databases
       * the system user is used to run ansible and must to be able to connect to thepostgresql server without authentication and must be authorized to create databases
       * postgresql must have a postgres user authorized to connect and create a db.
       * please edit /etc/postgresql/[INSTALLED VERSION]/main/pg_hba.conf and add these lines:
       * please edit /etc/postgresql/[INSTALLED VERSION]/main/pg_hba.conf and add these lines (if not present):
     .. code-block:: configuration
       local   all     postgres    trust
       local   all     all         peer
     First line allows postgres user to have all privileges on locahost
     Second line allows to have the system's user mapped to postgresql username and its own database with the same name
     Configure local DNS
     -------------------
     To set your DNS to handle all the domains registered in the
     certificate {{ssl_certificate}} and in the Nginx configuration for publik :
     * edit /etc/hosts and ensure the a line with some localhost IP has all the sub-domains required
     .. code-block:: bash
 .0.42.1   dev-hobo.local.publik agents-combo.local.publik public-combo.local.publik demarches-wcs.local.publik connexion-authentic.local.publik
     * You can also configure dnsmasq to catch *.local.publik
     Description
     ===========
-...
      * create a nginx configuration for server-app
      * create a database and its schema
     Usage
     =====
     Install publik
     --------------
     Remember, you need to be sudoer.
     .. code-block:: bash
        ansible-playbook -i inventory.yml -K -e user=$(whoami) install.yml
         ansible-playbook -i inventory.yml -K -e user=$(whoami) install.yml
     Install publik and skip theme compilation
     -----------------------------------------
     .. code-block:: bash
        ansible-playbook -i inventory.yml -K -e user=$(whoami) -e compile_theme=false install.yml
         ansible-playbook -i inventory.yml -K -e user=$(whoami) -e compile_theme=false install.yml
     Send publik to the cemetery
     ---------------------------
     .. code-block:: bash
        ansible-playbook -i inventory.yml -K clean.yml
         ansible-playbook -i inventory.yml -K clean.yml
     Next
     ====
     Configure tenants
     ------------------
     .. code-block:: bash
         ansible-playbook -i inventory.yml -e user=$(whoami) deploy-tenants.yml
     Delete all tenants
     ------------------
     .. code-block:: bash
     Help yourself with your DNS settings and deploy some tenant applications using cook
         ansible-playbook -i inventory.yml -e user=$(whoami) delete-tenants.yml

     ---
     - name: delete all publik tenants
       hosts: local
       vars:
         venv_bin: "{{venv}}/bin"
       tasks:
         - name: "execute hobo-manage delete_tenant"
           command: "{{venv_bin}}/hobo-manage delete_tenant {{tenants_conf['dev-hobo']}}"
           ignore_errors: yes
         - name: "execute combo-manage delete_tenant"
           command: "{{venv_bin}}/combo-manage delete_tenant {{tenants_conf['user-combo']}}"
           ignore_errors: yes
         - name: "execute combo-manage delete_tenant"
           command: "{{venv_bin}}/combo-manage delete_tenant {{tenants_conf['agent-combo']}}"
           ignore_errors: yes
         - name: "execute authentic-multitenant-manage delete_tenant"
           command: "{{venv_bin}}/authentic-multitenant-manage delete_tenant {{tenants_conf['connexion-authentic']}}"
           ignore_errors: yes
         - name: "execute wcsctl.py delete_tenant"
           command: "{{venv_bin}}/wcsctl.py delete_tenant {{tenants_conf['demarches-wcs']}}"
           ignore_errors: yes

     ---
     - name: deploy publik tenants for local developement
       hosts: local
       roles:
         - deploy-tenants
       vars:
         venv_bin: "{{venv}}/bin"
         venv_conf: "{{venv}}/conf"

install.yml
1	1	---
2		- name: publik multitenant install
	2	- name: publik multitenants installation
3	3	hosts: local
4	4	roles:
5	5	- base

             nginx_host_pattern: '~^(.*)\-wcs\.local\.publik$'
             project_name: wcs
             server_port: 8032
         tenants_conf:
           connexion-authentic: "connexion-authentic.local.publik"
           agent-combo: "agent-combo.local.publik"
           user-combo: "user-combo.local.publik"
           dev-hobo: "dev-hobo.local.publik"
           demarches-wcs: "demarches-wcs.local.publik"

     - debug :
         msg: |
           "IF {{ tenants_conf['dev-hobo'] }} or any sub-domain from 'tenants_conf' vars is unreachable, this playbook will block and fail. Check the README.rst to set sub-domains first"
     - name : compile site-options.cfg
       template:
         src: templates/site-options.cfg.j2
         dest:  "/tmp/site-options.cfg"
     - name : compile config.json
       template:
         src: templates/config.json.j2
         dest:  "/tmp/config.json.cfg"
     - name: "Zips the {{wcs_skeleton_filename}} cook configuration bundle"
       archive:
         path:
             - /tmp/site-options.cfg
             - /tmp/config.json.cfg
         dest: /tmp/{{wcs_skeleton_filename}}
         format: zip
     - name : copies a wcs skeleton archive
       copy:
         src: "/tmp/{{wcs_skeleton_filename}}"
         dest:  "/var/lib/wcs/skeletons/{{wcs_skeleton_filename}}"
     - name: copies a cook json template
       template:
         src: templates/hobo-manage-recipe-with-wcs.j2
         dest: "{{wcs_dev_template_path}}"
     - name: Run command hobo-manage to initiate the development subdomains
       command: "{{venv_bin}}/hobo-manage cook {{wcs_dev_template_path}} --timeout=600"

+    {
         "branding": {
             "theme": "publik-base"
         },
         "debug": {
             "error_email": "{{wcs_error_email}}
         },
         "language": {
             "language": "{{wcs_language}}"
         },
         "misc": {
             "charset": "utf-8",
             "homepage-redirect-url": "[portal_url]"
         },
         "postgresql": {
             "createdb-connection-params": {
                 "database": "{{wcs_init_postgres_database}}",
                 "host": "{{wcs_init_postgres_host}}",
                 "user": "{{wcs_init_postgres_user}}"
             },
             "database-template-name": "wcs_%s",
             "host": "{{wcs_init_postgres_host}}",
             "user": "{{wcs_init_postgres_user}}"
+        }
+    }

+    {
       "steps": [
         {"create-hobo": {
           "url": "https://{{tenants_conf['dev-hobo']}}/"
         }},
         {"create-authentic": {
           "url": "https://{{tenants_conf['connexion-authentic']}}/",
           "title": "Connexion"
         }},
         {"set-idp": {
         }},
         {"create-combo": {
             "url": "https://{{tenants_conf['user-combo']}}/",
             "title": "Portail Citoyen",
             "template_name": "portal-user"
         }},
         {"create-combo": {
             "url": "https://{{tenants_conf['agent-combo']}}/",
             "title": "Portail Agent",
             "slug": "portal-agent",
             "template_name": "portal-agent"
         }},
         {"create-wcs": {
             "url": "https://{{tenants_conf['demarches-wcs']}}/",
             "template_name": "{{wcs_skeleton_filename}}",
             "slug": "services",
             "title": "Démarches"
         }},
         {"set-theme": {
           "theme": "publik"
         }}
+      ]
+    }

roles/deploy-tenants/templates/site-options.cfg.j2
	1	[options]
	2	postgresql = true
	3	default-to-global-view = true
	4	workflow-global-actions = true

     wcs_dev_template_path: /tmp/hobo-manage-recipe-with-wcs.json
     wcs_skeleton_filename: publik.zip
     wcs_error_email: ""
     wcs_language: "fr"
     wcs_init_postgres_user: ""
     wcs_init_postgres_host: ""
     wcs_init_postgres_database: "postgres"
+    -

Projet

Général

Profil

Produits Entr'ouvert » Publik Installation Développeur

0001-deploy-and-delete-tenants-a-playbook-and-documentati.patch