Improve salt setup
This commit improves the salt setup of the Vagrant box: - Salt output is reduced to log level warning - Hosts entries are created for the internal IPs of all planned gva component VMs - .bashrc and a .bash_functions sourced from it are now managed for the vagrant user - the VM name has been changed to gva.local - recent salt versions do not depend on m2crypto anymore, therefore it is now installed before x509certificate functions are called - the rabbitmq_vhost for gva is now setup before any users are created because the previous implementation was broken with recent salt versions - the gnuviechadmin-locale-data-compile step has been simplified because Django 1.9's compilemessages takes care of recursive .mo file compilation - pillar data has been separated by role (especially queue permissions and credentials) - salt configuration is now unified with gvaldap
This commit is contained in:
		
							parent
							
								
									f1f0e35ea1
								
							
						
					
					
						commit
						6147a90066
					
				
					 36 changed files with 523 additions and 188 deletions
				
			
		
							
								
								
									
										5
									
								
								Vagrantfile
									
										
									
									
										vendored
									
									
								
							
							
						
						
									
										5
									
								
								Vagrantfile
									
										
									
									
										vendored
									
									
								
							|  | @ -14,7 +14,7 @@ Vagrant.configure(2) do |config| | ||||||
|   # boxes at https://atlas.hashicorp.com/search. |   # boxes at https://atlas.hashicorp.com/search. | ||||||
|   config.vm.box = "debian/jessie64" |   config.vm.box = "debian/jessie64" | ||||||
| 
 | 
 | ||||||
|   config.vm.hostname = "gva-dev" |   config.vm.hostname = "gva.local" | ||||||
| 
 | 
 | ||||||
|   # Disable automatic box update checking. If you disable this, then |   # Disable automatic box update checking. If you disable this, then | ||||||
|   # boxes will only be checked for updates when the user runs |   # boxes will only be checked for updates when the user runs | ||||||
|  | @ -60,10 +60,11 @@ Vagrant.configure(2) do |config| | ||||||
| 
 | 
 | ||||||
|   config.vm.provision :salt do |salt| |   config.vm.provision :salt do |salt| | ||||||
|       salt.bootstrap_script = "salt/bootstrap.sh" |       salt.bootstrap_script = "salt/bootstrap.sh" | ||||||
|       salt.minion_id = "gvadev" |       salt.minion_id = "gva.local" | ||||||
|       salt.masterless = true |       salt.masterless = true | ||||||
|       salt.run_highstate = true |       salt.run_highstate = true | ||||||
|       salt.verbose = true |       salt.verbose = true | ||||||
|       salt.colorize = true |       salt.colorize = true | ||||||
|  |       salt.log_level = "warning" | ||||||
|   end |   end | ||||||
| end | end | ||||||
|  |  | ||||||
|  | @ -27,6 +27,7 @@ EOF | ||||||
| 
 | 
 | ||||||
| cat >/etc/salt/grains <<EOF | cat >/etc/salt/grains <<EOF | ||||||
| roles: | roles: | ||||||
|  |   - rabbitmq-server | ||||||
|   - gnuviechadmin.database |   - gnuviechadmin.database | ||||||
|   - gnuviechadmin.queues |   - gnuviechadmin.queues | ||||||
|   - gnuviechadmin.webinterface |   - gnuviechadmin.webinterface | ||||||
|  |  | ||||||
|  | @ -1,7 +1,8 @@ | ||||||
| include: | include: | ||||||
|   - gnuviechadmin.database.common |   - gnuviechadmin.database.common | ||||||
| 
 | 
 | ||||||
| gnuviechadmin-database: | gnuviechadmin: | ||||||
|   owner: |   database: | ||||||
|     user: gnuviechadmin |     owner: | ||||||
|     password: k4TG0oWeJ08urz697GVfavjK |       user: gnuviechadmin | ||||||
|  |       password: k4TG0oWeJ08urz697GVfavjK | ||||||
|  |  | ||||||
|  | @ -1,4 +1,5 @@ | ||||||
| gnuviechadmin-database: | gnuviechadmin: | ||||||
|   database: gnuviechadmin |   database: | ||||||
|   hostname: localhost |     name: gnuviechadmin | ||||||
|   port: 5432 |     host: localhost | ||||||
|  |     port: 5432 | ||||||
|  |  | ||||||
							
								
								
									
										8
									
								
								salt/pillar/gnuviechadmin/gvaldap.sls
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										8
									
								
								salt/pillar/gnuviechadmin/gvaldap.sls
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,8 @@ | ||||||
|  | include: | ||||||
|  |   - gnuviechadmin.queues.common | ||||||
|  |   - gnuviechadmin.queues.gvaldap | ||||||
|  | 
 | ||||||
|  | gnuviechadmin: | ||||||
|  |   component: | ||||||
|  |     name: gvaldap | ||||||
|  |     amqp_user: ldap | ||||||
|  | @ -1,21 +1,16 @@ | ||||||
| include: |  | ||||||
|   - gnuviechadmin.database |  | ||||||
|   - gnuviechadmin.queues |  | ||||||
| 
 |  | ||||||
| gnuviechadmin: | gnuviechadmin: | ||||||
|   deploymenttype: local |   deploymenttype: local | ||||||
|   mailfrom: admin@gnuviech-server.de |   mailfrom: admin@gnuviech-server.de | ||||||
|   adminemail: admin@gnuviech-server.de |   adminemail: admin@gnuviech-server.de | ||||||
|   sitename: Gnuviech Customer Self Service |   sitename: Gnuviech Customer Self Service | ||||||
|   domainname: localhost |   domainname: localhost | ||||||
|   virtualenv: /home/vagrant/gva-venv |  | ||||||
|   devinstance: True |   devinstance: True | ||||||
|   minosuid: 10000 |   minosuid: 10000 | ||||||
|   minosgid: 10000 |   minosgid: 10000 | ||||||
|   osuserprefix: usr |   osuserprefix: usr | ||||||
|   osuserhomedirbase: /home |   osuserhomedirbase: /home | ||||||
|   osuserdefaultshell: /usr/bin/rssh |   osuserdefaultshell: /usr/bin/rssh | ||||||
|   uploadserver: upload.example.com |   uploadserver: gvafile.local | ||||||
|   webmail_url: https://webmail.example.com/ |   webmail_url: https://webmail.example.com/ | ||||||
|   phpmyadmin_url: https://phpmyadmin.example.com/ |   phpmyadmin_url: https://phpmyadmin.example.com/ | ||||||
|   phppgadmin_url: https://phppgadmin.example.com/ |   phppgadmin_url: https://phppgadmin.example.com/ | ||||||
|  |  | ||||||
|  | @ -1,62 +1,77 @@ | ||||||
| gnuviechadmin-queues: | include: | ||||||
|   vhost: /gnuviechadmin |   - gnuviechadmin.queues.common | ||||||
|   owner: |   - gnuviechadmin.queues.gvaldap | ||||||
|     user: gnuviechadmin |   - gnuviechadmin.queues.gvafile | ||||||
|     password: WxyKeo7Xunhwv29C |   - gnuviechadmin.queues.cli | ||||||
|   users: |   - gnuviechadmin.queues.gva | ||||||
|     cli: |   - gnuviechadmin.queues.gvamysql | ||||||
|       password: bUQ4QEB8yQEfsB0i |   - gnuviechadmin.queues.gvapgsql | ||||||
|       perms: |   - gnuviechadmin.queues.gvaweb | ||||||
|           '/gnuviechadmin': | 
 | ||||||
|             - '.*' | gnuviechadmin: | ||||||
|             - '.*' |   queues: | ||||||
|             - '.*' |     users: | ||||||
|       tags: |       ldap: | ||||||
|     quotajob: |         perms: | ||||||
|       password: TaNoj2H3ZNDIz1rt |             '/gnuviechadmin': | ||||||
|       perms: |               - '.*' | ||||||
|           '/gnuviechadmin': |               - '.*' | ||||||
|             - '^quotatool$' |               - '.*' | ||||||
|             - '^quotatool$' |         tags: | ||||||
|             - '^quotatool|amq.default$' |       file: | ||||||
|       tags: |         perms: | ||||||
|     ldap: |             '/gnuviechadmin': | ||||||
|       password: tl0ALc4aQBAl0W2e |               - '.*' | ||||||
|       perms: |               - '.*' | ||||||
|           '/gnuviechadmin': |               - '.*' | ||||||
|             - '.*' |       gva: | ||||||
|             - '.*' |         perms: | ||||||
|             - '.*' |             '/gnuviechadmin': | ||||||
|       tags: |               - '.*' | ||||||
|     file: |               - '.*' | ||||||
|       password: StR6EgMjLyNGP1F8 |               - '.*' | ||||||
|       perms: |         tags: | ||||||
|           '/gnuviechadmin': |       mysql: | ||||||
|             - '.*' |         perms: | ||||||
|             - '.*' |             '/gnuviechadmin': | ||||||
|             - '.*' |               - '.*' | ||||||
|       tags: |               - '.*' | ||||||
|     mysql: |               - '.*' | ||||||
|       password: Bhruvz8Oe9rXxRc7 |         tags: | ||||||
|       perms: |       pgsql: | ||||||
|           '/gnuviechadmin': |         perms: | ||||||
|             - '.*' |             '/gnuviechadmin': | ||||||
|             - '.*' |               - '.*' | ||||||
|             - '.*' |               - '.*' | ||||||
|       tags: |               - '.*' | ||||||
|     pgsql: |         tags: | ||||||
|       password: rWOawAtb7MEmGZo3 |       web: | ||||||
|       perms: |         perms: | ||||||
|           '/gnuviechadmin': |             '/gnuviechadmin': | ||||||
|             - '.*' |               - '.*' | ||||||
|             - '.*' |               - '.*' | ||||||
|             - '.*' |               - '.*' | ||||||
|       tags: |         tags: | ||||||
|     web: |       cli: | ||||||
|       password: 1fBXqCu175rU7SWA |         perms: | ||||||
|       perms: |             '/gnuviechadmin': | ||||||
|           '/gnuviechadmin': |               - '.*' | ||||||
|             - '.*' |               - '.*' | ||||||
|             - '.*' |               - '.*' | ||||||
|             - '.*' |         tags: | ||||||
|       tags: |       quotajob: | ||||||
|  |         perms: | ||||||
|  |             '/gnuviechadmin': | ||||||
|  |               - '^quotatool$' | ||||||
|  |               - '^quotatool$' | ||||||
|  |               - '^quotatool|amq.default$' | ||||||
|  |         tags: | ||||||
|  |       admin: | ||||||
|  |         password: MmE3Iwylj8Sgy46Z | ||||||
|  |         perms: | ||||||
|  |             '/gnuviechadmin': | ||||||
|  |               - '.*' | ||||||
|  |               - '.*' | ||||||
|  |               - '.*' | ||||||
|  |         tags: | ||||||
|  |           - administrator | ||||||
|  |  | ||||||
							
								
								
									
										7
									
								
								salt/pillar/gnuviechadmin/queues/cli.sls
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										7
									
								
								salt/pillar/gnuviechadmin/queues/cli.sls
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,7 @@ | ||||||
|  | gnuviechadmin: | ||||||
|  |   queues: | ||||||
|  |     users: | ||||||
|  |       cli: | ||||||
|  |         password: bUQ4QEB8yQEfsB0i | ||||||
|  |       quotajob: | ||||||
|  |         password: TaNoj2H3ZNDIz1rt | ||||||
							
								
								
									
										3
									
								
								salt/pillar/gnuviechadmin/queues/common.sls
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								salt/pillar/gnuviechadmin/queues/common.sls
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | gnuviechadmin: | ||||||
|  |   queues: | ||||||
|  |     vhost: /gnuviechadmin | ||||||
							
								
								
									
										5
									
								
								salt/pillar/gnuviechadmin/queues/gva.sls
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										5
									
								
								salt/pillar/gnuviechadmin/queues/gva.sls
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,5 @@ | ||||||
|  | gnuviechadmin: | ||||||
|  |   queues: | ||||||
|  |     users: | ||||||
|  |       gva: | ||||||
|  |         password: Y5KmkIou7o8J9jV5 | ||||||
							
								
								
									
										5
									
								
								salt/pillar/gnuviechadmin/queues/gvafile.sls
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										5
									
								
								salt/pillar/gnuviechadmin/queues/gvafile.sls
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,5 @@ | ||||||
|  | gnuviechadmin: | ||||||
|  |   queues: | ||||||
|  |     users: | ||||||
|  |       file: | ||||||
|  |         password: StR6EgMjLyNGP1F8 | ||||||
							
								
								
									
										5
									
								
								salt/pillar/gnuviechadmin/queues/gvaldap.sls
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										5
									
								
								salt/pillar/gnuviechadmin/queues/gvaldap.sls
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,5 @@ | ||||||
|  | gnuviechadmin: | ||||||
|  |   queues: | ||||||
|  |     users: | ||||||
|  |       ldap: | ||||||
|  |         password: tl0ALc4aQBAl0W2e | ||||||
							
								
								
									
										5
									
								
								salt/pillar/gnuviechadmin/queues/gvamysql.sls
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										5
									
								
								salt/pillar/gnuviechadmin/queues/gvamysql.sls
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,5 @@ | ||||||
|  | gnuviechadmin: | ||||||
|  |   queues: | ||||||
|  |     users: | ||||||
|  |       mysql: | ||||||
|  |         password: Bhruvz8Oe9rXxRc7 | ||||||
							
								
								
									
										5
									
								
								salt/pillar/gnuviechadmin/queues/gvapgsql.sls
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										5
									
								
								salt/pillar/gnuviechadmin/queues/gvapgsql.sls
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,5 @@ | ||||||
|  | gnuviechadmin: | ||||||
|  |   queues: | ||||||
|  |     users: | ||||||
|  |       pgsql: | ||||||
|  |         password: rWOawAtb7MEmGZo3 | ||||||
							
								
								
									
										5
									
								
								salt/pillar/gnuviechadmin/queues/gvaweb.sls
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										5
									
								
								salt/pillar/gnuviechadmin/queues/gvaweb.sls
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,5 @@ | ||||||
|  | gnuviechadmin: | ||||||
|  |   queues: | ||||||
|  |     users: | ||||||
|  |       web: | ||||||
|  |         password: 1fBXqCu175rU7SWA | ||||||
							
								
								
									
										9
									
								
								salt/pillar/gnuviechadmin/webinterface.sls
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										9
									
								
								salt/pillar/gnuviechadmin/webinterface.sls
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,9 @@ | ||||||
|  | include: | ||||||
|  |   - gnuviechadmin.queues.common | ||||||
|  |   - gnuviechadmin.queues.gva | ||||||
|  | 
 | ||||||
|  | gnuviechadmin: | ||||||
|  |   component: | ||||||
|  |     name: gva | ||||||
|  |     amqp_user: gva | ||||||
|  |     python_module: gnuviechadmin | ||||||
|  | @ -1,3 +1,8 @@ | ||||||
| base: | base: | ||||||
|   '*': |   '*': | ||||||
|     - gnuviechadmin |     - gnuviechadmin | ||||||
|  | {% for role in ('database', 'queues', 'webinterface', 'gvaldap', 'gvafile', 'gvamysql', 'gvapgsql', 'gvaweb') %} | ||||||
|  |   'roles:gnuviechadmin.{{ role }}': | ||||||
|  |     - match: grain | ||||||
|  |     - gnuviechadmin.{{ role }} | ||||||
|  | {% endfor %} | ||||||
							
								
								
									
										25
									
								
								salt/roots/base/bash_functions
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										25
									
								
								salt/roots/base/bash_functions
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,25 @@ | ||||||
|  | #!/bin/bash | ||||||
|  | 
 | ||||||
|  | function devenv | ||||||
|  | { | ||||||
|  |     . $HOME/gvasettings.sh | ||||||
|  |     . {{ venv }}/bin/activate | ||||||
|  |     cd {{ appdir }} | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | function testenv | ||||||
|  | { | ||||||
|  |     devenv | ||||||
|  |     export DJANGO_SETTINGS_MODULE=${DJANGO_SETTINGS_MODULE%%.local}.test | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | function settitle | ||||||
|  | { | ||||||
|  |     if [ -n "$STY" ] ; then      # We are in a screen session | ||||||
|  |         echo "Setting screen titles to $@" | ||||||
|  |         printf "\033k%s\033\\" "$@" | ||||||
|  |         screen -X eval "at \\# title $@" "shelltitle $@" | ||||||
|  |     else | ||||||
|  |         printf "\033]0;%s\007" "$@" | ||||||
|  |     fi | ||||||
|  | } | ||||||
							
								
								
									
										117
									
								
								salt/roots/base/bashrc
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										117
									
								
								salt/roots/base/bashrc
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,117 @@ | ||||||
|  | # ~/.bashrc: executed by bash(1) for non-login shells. | ||||||
|  | # see /usr/share/doc/bash/examples/startup-files (in the package bash-doc) | ||||||
|  | # for examples | ||||||
|  | 
 | ||||||
|  | # If not running interactively, don't do anything | ||||||
|  | case $- in | ||||||
|  |     *i*) ;; | ||||||
|  |       *) return;; | ||||||
|  | esac | ||||||
|  | 
 | ||||||
|  | # don't put duplicate lines or lines starting with space in the history. | ||||||
|  | # See bash(1) for more options | ||||||
|  | HISTCONTROL=ignoreboth | ||||||
|  | 
 | ||||||
|  | # append to the history file, don't overwrite it | ||||||
|  | shopt -s histappend | ||||||
|  | 
 | ||||||
|  | # for setting history length see HISTSIZE and HISTFILESIZE in bash(1) | ||||||
|  | HISTSIZE=1000 | ||||||
|  | HISTFILESIZE=2000 | ||||||
|  | 
 | ||||||
|  | # check the window size after each command and, if necessary, | ||||||
|  | # update the values of LINES and COLUMNS. | ||||||
|  | shopt -s checkwinsize | ||||||
|  | 
 | ||||||
|  | # If set, the pattern "**" used in a pathname expansion context will | ||||||
|  | # match all files and zero or more directories and subdirectories. | ||||||
|  | #shopt -s globstar | ||||||
|  | 
 | ||||||
|  | # make less more friendly for non-text input files, see lesspipe(1) | ||||||
|  | #[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)" | ||||||
|  | 
 | ||||||
|  | # set variable identifying the chroot you work in (used in the prompt below) | ||||||
|  | if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then | ||||||
|  |     debian_chroot=$(cat /etc/debian_chroot) | ||||||
|  | fi | ||||||
|  | 
 | ||||||
|  | # set a fancy prompt (non-color, unless we know we "want" color) | ||||||
|  | case "$TERM" in | ||||||
|  |     xterm-color) color_prompt=yes;; | ||||||
|  | esac | ||||||
|  | 
 | ||||||
|  | # uncomment for a colored prompt, if the terminal has the capability; turned | ||||||
|  | # off by default to not distract the user: the focus in a terminal window | ||||||
|  | # should be on the output of commands, not on the prompt | ||||||
|  | #force_color_prompt=yes | ||||||
|  | 
 | ||||||
|  | if [ -n "$force_color_prompt" ]; then | ||||||
|  |     if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then | ||||||
|  | 	# We have color support; assume it's compliant with Ecma-48 | ||||||
|  | 	# (ISO/IEC-6429). (Lack of such support is extremely rare, and such | ||||||
|  | 	# a case would tend to support setf rather than setaf.) | ||||||
|  | 	color_prompt=yes | ||||||
|  |     else | ||||||
|  | 	color_prompt= | ||||||
|  |     fi | ||||||
|  | fi | ||||||
|  | 
 | ||||||
|  | if [ "$color_prompt" = yes ]; then | ||||||
|  |     PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' | ||||||
|  | else | ||||||
|  |     PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' | ||||||
|  | fi | ||||||
|  | unset color_prompt force_color_prompt | ||||||
|  | 
 | ||||||
|  | # If this is an xterm set the title to user@host:dir | ||||||
|  | case "$TERM" in | ||||||
|  | xterm*|rxvt*) | ||||||
|  |     PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1" | ||||||
|  |     ;; | ||||||
|  | *) | ||||||
|  |     ;; | ||||||
|  | esac | ||||||
|  | 
 | ||||||
|  | # enable color support of ls and also add handy aliases | ||||||
|  | if [ -x /usr/bin/dircolors ]; then | ||||||
|  |     test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)" | ||||||
|  |     alias ls='ls --color=auto' | ||||||
|  |     #alias dir='dir --color=auto' | ||||||
|  |     #alias vdir='vdir --color=auto' | ||||||
|  | 
 | ||||||
|  |     #alias grep='grep --color=auto' | ||||||
|  |     #alias fgrep='fgrep --color=auto' | ||||||
|  |     #alias egrep='egrep --color=auto' | ||||||
|  | fi | ||||||
|  | 
 | ||||||
|  | # colored GCC warnings and errors | ||||||
|  | #export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01' | ||||||
|  | 
 | ||||||
|  | # some more ls aliases | ||||||
|  | #alias ll='ls -l' | ||||||
|  | #alias la='ls -A' | ||||||
|  | #alias l='ls -CF' | ||||||
|  | 
 | ||||||
|  | # Alias definitions. | ||||||
|  | # You may want to put all your additions into a separate file like | ||||||
|  | # ~/.bash_aliases, instead of adding them here directly. | ||||||
|  | # See /usr/share/doc/bash-doc/examples in the bash-doc package. | ||||||
|  | 
 | ||||||
|  | if [ -f ~/.bash_aliases ]; then | ||||||
|  |     . ~/.bash_aliases | ||||||
|  | fi | ||||||
|  | 
 | ||||||
|  | # enable programmable completion features (you don't need to enable | ||||||
|  | # this, if it's already enabled in /etc/bash.bashrc and /etc/profile | ||||||
|  | # sources /etc/bash.bashrc). | ||||||
|  | if ! shopt -oq posix; then | ||||||
|  |   if [ -f /usr/share/bash-completion/bash_completion ]; then | ||||||
|  |     . /usr/share/bash-completion/bash_completion | ||||||
|  |   elif [ -f /etc/bash_completion ]; then | ||||||
|  |     . /etc/bash_completion | ||||||
|  |   fi | ||||||
|  | fi | ||||||
|  | 
 | ||||||
|  | if [ -f ~/.bash_functions ]; then | ||||||
|  |     . ~/.bash_functions | ||||||
|  | fi | ||||||
|  | @ -15,3 +15,16 @@ base-packages: | ||||||
| update-system: | update-system: | ||||||
|   pkg.uptodate: |   pkg.uptodate: | ||||||
|     - refresh: True |     - refresh: True | ||||||
|  | 
 | ||||||
|  | /home/vagrant/bin: | ||||||
|  |   file.directory: | ||||||
|  |     - user: vagrant | ||||||
|  |     - group: vagrant | ||||||
|  |     - mode: 0750 | ||||||
|  | 
 | ||||||
|  | /home/vagrant/.bashrc: | ||||||
|  |   file.managed: | ||||||
|  |     - user: vagrant | ||||||
|  |     - group: vagrant | ||||||
|  |     - mode: 0644 | ||||||
|  |     - source: salt://base/bashrc | ||||||
|  |  | ||||||
							
								
								
									
										98
									
								
								salt/roots/gnuviechadmin/base.sls
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										98
									
								
								salt/roots/gnuviechadmin/base.sls
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,98 @@ | ||||||
|  | {% from 'gnuviechadmin/vars.sls' import home, gva_component, gva_amqp_user, checkout, appdir, venv %} | ||||||
|  | 
 | ||||||
|  | gva.local: | ||||||
|  |   host.present: | ||||||
|  |     - ip: 172.16.3.2 | ||||||
|  |     - names: | ||||||
|  |       - mq | ||||||
|  |       - gva.local | ||||||
|  | 
 | ||||||
|  | gvaldap.local: | ||||||
|  |   host.present: | ||||||
|  |     - ip: 172.16.3.3 | ||||||
|  | 
 | ||||||
|  | gvafile.local: | ||||||
|  |   host.present: | ||||||
|  |     - ip: 172.16.3.4 | ||||||
|  | 
 | ||||||
|  | gvaweb.local: | ||||||
|  |   host.present: | ||||||
|  |     - ip: 172.16.3.5 | ||||||
|  | 
 | ||||||
|  | gvamysql.local: | ||||||
|  |   host.present: | ||||||
|  |     - ip: 172.16.3.6 | ||||||
|  | 
 | ||||||
|  | gvapgsql.local: | ||||||
|  |   host.present: | ||||||
|  |     - ip: 172.16.3.7 | ||||||
|  | 
 | ||||||
|  | gnuviechadmin-packages: | ||||||
|  |   pkg.installed: | ||||||
|  |     - pkgs: | ||||||
|  |       - libyaml-dev | ||||||
|  |       - python-virtualenv | ||||||
|  |       - python-dev | ||||||
|  |       - python-pip | ||||||
|  |       - gettext | ||||||
|  | 
 | ||||||
|  | {{ home }}/gvasettings.sh: | ||||||
|  |   file.managed: | ||||||
|  |     - user: vagrant | ||||||
|  |     - group: vagrant | ||||||
|  |     - mode: 0640 | ||||||
|  |     - source: salt://gnuviechadmin/{{ gva_component }}/settings.sh | ||||||
|  |     - template: jinja | ||||||
|  |     - context: | ||||||
|  |         broker_url: {{ 'amqp://%s:%s@mq/%s' % (gva_amqp_user, salt['pillar.get']('gnuviechadmin:queues:users:%s:password' % gva_amqp_user), salt['pillar.get']('gnuviechadmin:queues:vhost')) }} | ||||||
|  | 
 | ||||||
|  | gnuviechadmin-venv: | ||||||
|  |   cmd.run: | ||||||
|  |     - name: virtualenv {{ venv }} | ||||||
|  |     - user: vagrant | ||||||
|  |     - group: vagrant | ||||||
|  |     - unless: test -f {{ venv }}/bin/pip | ||||||
|  | 
 | ||||||
|  | gnuviechadmin-requires: | ||||||
|  |   cmd.run: | ||||||
|  |     - name: {{ venv }}/bin/pip install -U -r requirements/local.txt && touch {{ venv }}/lastinstall | ||||||
|  |     - user: vagrant | ||||||
|  |     - group: vagrant | ||||||
|  |     - cwd: {{ checkout }} | ||||||
|  |     - require: | ||||||
|  |       - cmd: gnuviechadmin-venv | ||||||
|  |       - pkg: gnuviechadmin-packages | ||||||
|  |     - unless: test -e {{ venv }}/lastinstall && test {{ checkout }}/requirements/local.txt -ot {{ venv }}/lastinstall && test {{ checkout }}/requirements/base.txt -ot {{ venv }}/lastinstall | ||||||
|  | 
 | ||||||
|  | gnuviechadmin-dbschema: | ||||||
|  |   cmd.wait: | ||||||
|  |     - name: . {{ home }}/gvasettings.sh ; unset LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME ; {{ venv }}/bin/python manage.py migrate --noinput | ||||||
|  |     - user: vagrant | ||||||
|  |     - group: vagrant | ||||||
|  |     - cwd: {{ appdir }} | ||||||
|  |     - watch: | ||||||
|  |       - cmd: gnuviechadmin-requires | ||||||
|  |       - file: {{ home }}/gvasettings.sh | ||||||
|  | 
 | ||||||
|  | gnuviechadmin-locale-data-compile: | ||||||
|  |   cmd.wait: | ||||||
|  |     - name: . {{ home }}/gvasettings.sh ; {{ venv }}/bin/python {{ appdir }}/manage.py compilemessages | ||||||
|  |     - user: vagrant | ||||||
|  |     - group: vagrant | ||||||
|  |     - cwd: {{ appdir }} | ||||||
|  |     - require: | ||||||
|  |       - pkg: gnuviechadmin-packages | ||||||
|  |       - file: {{ home }}/gvasettings.sh | ||||||
|  |       - cmd: gnuviechadmin-venv | ||||||
|  | 
 | ||||||
|  | /home/vagrant/.bash_functions: | ||||||
|  |   file.managed: | ||||||
|  |     - user: vagrant | ||||||
|  |     - group: vagrant | ||||||
|  |     - mode: 0644 | ||||||
|  |     - source: salt://base/bash_functions | ||||||
|  |     - template: jinja | ||||||
|  |     - context: | ||||||
|  |         home: {{ home }} | ||||||
|  |         venv: {{ venv }} | ||||||
|  |         appdir: {{ appdir }} | ||||||
							
								
								
									
										25
									
								
								salt/roots/gnuviechadmin/bash_functions
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										25
									
								
								salt/roots/gnuviechadmin/bash_functions
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,25 @@ | ||||||
|  | #!/bin/bash | ||||||
|  | 
 | ||||||
|  | function devenv | ||||||
|  | { | ||||||
|  |     . $HOME/gvasettings.sh | ||||||
|  |     . $HOME/gva-venv/bin/activate | ||||||
|  |     cd /vagrant/gnuviechadmin | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | function testenv | ||||||
|  | { | ||||||
|  |     devenv | ||||||
|  |     export DJANGO_SETTINGS_MODULE=${DJANGO_SETTINGS_MODULE%%.local}.test | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | function settitle | ||||||
|  | { | ||||||
|  |     if [ -n "$STY" ] ; then      # We are in a screen session | ||||||
|  |         echo "Setting screen titles to $@" | ||||||
|  |         printf "\033k%s\033\\" "$@" | ||||||
|  |         screen -X eval "at \\# title $@" "shelltitle $@" | ||||||
|  |     else | ||||||
|  |         printf "\033]0;%s\007" "$@" | ||||||
|  |     fi | ||||||
|  | } | ||||||
							
								
								
									
										13
									
								
								salt/roots/gnuviechadmin/celery.sls
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										13
									
								
								salt/roots/gnuviechadmin/celery.sls
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,13 @@ | ||||||
|  | {% from 'gnuviechadmin/vars.sls' import home, gva_component, venv, appdir %} | ||||||
|  | 
 | ||||||
|  | {{ home }}/bin/run_celery.sh: | ||||||
|  |   file.managed: | ||||||
|  |     - user: vagrant | ||||||
|  |     - group: vagrant | ||||||
|  |     - mode: 0750 | ||||||
|  |     - source: salt://gnuviechadmin/{{ gva_component }}/run_celery.sh | ||||||
|  |     - template: jinja | ||||||
|  |     - context: | ||||||
|  |         home: {{ home }} | ||||||
|  |         virtualenv: {{ venv }} | ||||||
|  |         appdir: {{ appdir }} | ||||||
|  | @ -3,9 +3,9 @@ include: | ||||||
| 
 | 
 | ||||||
| gnuviechadmin-database: | gnuviechadmin-database: | ||||||
|   postgres_user.present: |   postgres_user.present: | ||||||
|     - name: {{ salt['pillar.get']('gnuviechadmin-database:owner:user') }} |     - name: {{ salt['pillar.get']('gnuviechadmin:database:owner:user') }} | ||||||
|     - user: postgres |     - user: postgres | ||||||
|     - password: {{ salt['pillar.get']('gnuviechadmin-database:owner:password') }} |     - password: {{ salt['pillar.get']('gnuviechadmin:database:owner:password') }} | ||||||
|     - login: True |     - login: True | ||||||
|     - createdb: {% if salt['pillar.get']('gnuviechadmin:deploymenttype', 'production') == 'local' %}True |     - createdb: {% if salt['pillar.get']('gnuviechadmin:deploymenttype', 'production') == 'local' %}True | ||||||
| {%- else %}False | {%- else %}False | ||||||
|  | @ -13,20 +13,20 @@ gnuviechadmin-database: | ||||||
|     - require: |     - require: | ||||||
|       - service: postgresql |       - service: postgresql | ||||||
|   postgres_database.present: |   postgres_database.present: | ||||||
|     - name: {{ salt['pillar.get']('gnuviechadmin-database:database') }} |     - name: {{ salt['pillar.get']('gnuviechadmin:database:name') }} | ||||||
|     - user: postgres |     - user: postgres | ||||||
|     - owner: {{ salt['pillar.get']('gnuviechadmin-database:owner:user') }} |     - owner: {{ salt['pillar.get']('gnuviechadmin:database:owner:user') }} | ||||||
|     - encoding: UTF8 |     - encoding: UTF8 | ||||||
|     - template: template0 |     - template: template0 | ||||||
|     - require: |     - require: | ||||||
|       - service: postgresql |       - service: postgresql | ||||||
|       - postgres_user: {{ salt['pillar.get']('gnuviechadmin-database:owner:user') }} |       - postgres_user: {{ salt['pillar.get']('gnuviechadmin:database:owner:user') }} | ||||||
| 
 | 
 | ||||||
| {% for gnuviechadmin_db_role in salt['pillar.get']('gnuviechadmin-database:users') %} | {% for gnuviechadmin_db_role in salt['pillar.get']('gnuviechadmin:database:users') %} | ||||||
| gnuviechadmin-dbuser-{{ gnuviechadmin_db_role }}: | gnuviechadmin-dbuser-{{ gnuviechadmin_db_role }}: | ||||||
|   postgres_user.present: |   postgres_user.present: | ||||||
|     - name: {{ salt['pillar.get']('gnuviechadmin-database:users:' + gnuviechadmin_db_role + ':user') }} |     - name: {{ salt['pillar.get']('gnuviechadmin:database:users:%s:user' % gnuviechadmin_db_role) }} | ||||||
|     - password: {{ salt['pillar.get']('gnuviechadmin-database:users:' + gnuviechadmin_db_role + ':password') }} |     - password: {{ salt['pillar.get']('gnuviechadmin:database:users:%s:password' % gnuviechadmin_db_role) }} | ||||||
|     - login: True |     - login: True | ||||||
|     - require: |     - require: | ||||||
|       - service: postgresql |       - service: postgresql | ||||||
|  |  | ||||||
|  | @ -3,11 +3,11 @@ | ||||||
| export DJANGO_SETTINGS_MODULE="gnuviechadmin.settings.{{ salt['pillar.get']('gnuviechadmin:deploymenttype', 'production') }}" | export DJANGO_SETTINGS_MODULE="gnuviechadmin.settings.{{ salt['pillar.get']('gnuviechadmin:deploymenttype', 'production') }}" | ||||||
| export GVA_ADMIN_NAME="Jan Dittberner" | export GVA_ADMIN_NAME="Jan Dittberner" | ||||||
| export GVA_ADMIN_EMAIL="{{ salt['pillar.get']('gnuviechadmin:adminemail') }}" | export GVA_ADMIN_EMAIL="{{ salt['pillar.get']('gnuviechadmin:adminemail') }}" | ||||||
| export GVA_PGSQL_DATABASE="{{ salt['pillar.get']('gnuviechadmin-database:database') }}" | export GVA_PGSQL_DATABASE="{{ salt['pillar.get']('gnuviechadmin:database:name') }}" | ||||||
| export GVA_PGSQL_USER="{{ salt['pillar.get']('gnuviechadmin-database:owner:user') }}" | export GVA_PGSQL_USER="{{ salt['pillar.get']('gnuviechadmin:database:owner:user') }}" | ||||||
| export GVA_PGSQL_PASSWORD="{{ salt['pillar.get']('gnuviechadmin-database:owner:password') }}" | export GVA_PGSQL_PASSWORD="{{ salt['pillar.get']('gnuviechadmin:database:owner:password') }}" | ||||||
| export GVA_PGSQL_HOSTNAME="{{ salt['pillar.get']('gnuviechadmin-database:hostname') }}" | export GVA_PGSQL_HOSTNAME="{{ salt['pillar.get']('gnuviechadmin:database:host') }}" | ||||||
| export GVA_PGSQL_PORT={{ salt['pillar.get']('gnuviechadmin-database:port') }} | export GVA_PGSQL_PORT={{ salt['pillar.get']('gnuviechadmin:database:port') }} | ||||||
| export GVA_DOMAIN_NAME="{{ salt['pillar.get']('gnuviechadmin:domainname') }}" | export GVA_DOMAIN_NAME="{{ salt['pillar.get']('gnuviechadmin:domainname') }}" | ||||||
| export GVA_SITE_NAME="{{ salt['pillar.get']('gnuviechadmin:sitename') }}" | export GVA_SITE_NAME="{{ salt['pillar.get']('gnuviechadmin:sitename') }}" | ||||||
| export GVA_SITE_SECRET="{{ salt['grains.get_or_set_hash']('gnuviechadmin:SECRET_KEY', 50) }}" | export GVA_SITE_SECRET="{{ salt['grains.get_or_set_hash']('gnuviechadmin:SECRET_KEY', 50) }}" | ||||||
							
								
								
									
										11
									
								
								salt/roots/gnuviechadmin/gvaldap.sls
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										11
									
								
								salt/roots/gnuviechadmin/gvaldap.sls
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,11 @@ | ||||||
|  | include: | ||||||
|  |   - gnuviechadmin.base | ||||||
|  |   - gnuviechadmin.celery | ||||||
|  | 
 | ||||||
|  | gvaldap-packages: | ||||||
|  |   pkg.installed: | ||||||
|  |     - pkgs: | ||||||
|  |       - libldap2-dev | ||||||
|  |       - libsasl2-dev | ||||||
|  |     - require_in: | ||||||
|  |       - pkg: gnuviechadmin-packages | ||||||
							
								
								
									
										7
									
								
								salt/roots/gnuviechadmin/gvaldap/run_celery.sh
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										7
									
								
								salt/roots/gnuviechadmin/gvaldap/run_celery.sh
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,7 @@ | ||||||
|  | #!/bin/sh | ||||||
|  | 
 | ||||||
|  | set -ex | ||||||
|  | 
 | ||||||
|  | . {{ home }}/gvasettings.sh | ||||||
|  | cd {{ appdir }} | ||||||
|  | {{ virtualenv }}/bin/celery worker -A gvaldap -Q ldap --loglevel=INFO | ||||||
							
								
								
									
										14
									
								
								salt/roots/gnuviechadmin/gvaldap/settings.sh
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										14
									
								
								salt/roots/gnuviechadmin/gvaldap/settings.sh
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,14 @@ | ||||||
|  | #!/bin/sh | ||||||
|  | 
 | ||||||
|  | export DJANGO_SETTINGS_MODULE="gvaldap.settings.{{ salt['pillar.get']('gnuviechadmin:deploymenttype', 'production') }}" | ||||||
|  | export GVALDAP_ADMIN_NAME="Jan Dittberner" | ||||||
|  | export GVALDAP_ADMIN_EMAIL="{{ salt['pillar.get']('gnuviechadmin-gvaldap:admin_email') }}" | ||||||
|  | export GVALDAP_LDAP_URL="{{ salt['pillar.get']('gnuviechadmin-gvaldap:ldap_url') }}" | ||||||
|  | export GVALDAP_LDAP_USER="{{ salt['pillar.get']('gnuviechadmin-gvaldap:ldap_user') }}" | ||||||
|  | export GVALDAP_LDAP_PASSWORD="{{ salt['pillar.get']('gnuviechadmin-gvaldap:ldap_password' ) }}" | ||||||
|  | export GVALDAP_BASEDN_GROUP="{{ salt['pillar.get']('gnuviechadmin-gvaldap:basedn_group') }}" | ||||||
|  | export GVALDAP_BASEDN_USER="{{ salt['pillar.get']('gnuviechadmin-gvaldap:basedn_user') }}" | ||||||
|  | export GVALDAP_SECRETKEY="{{ salt['grains.get_or_set_hash']('gnuviechadmin-gvaldap:SECRET_KEY', 50) }}" | ||||||
|  | export GVALDAP_BROKER_URL="{{ broker_url }}" | ||||||
|  | export GVALDAP_ALLOWED_HOSTS="{{ salt['pillar.get']('gnuviechadmin-gvaldap:allowed_hosts') }}" | ||||||
|  | export GVALDAP_SERVER_EMAIL="{{ salt['pillar.get']('gnuviechadmin-gvaldap:server_email') }}" | ||||||
|  | @ -1,37 +1,30 @@ | ||||||
| include: | include: | ||||||
|   - rabbitmq-server |   - rabbitmq-server | ||||||
| 
 | 
 | ||||||
| gnuviechadmin-queues: | gnuviechadmin-queue-vhost: | ||||||
|   rabbitmq_user.present: |  | ||||||
|     - name: {{ salt['pillar.get']('gnuviechadmin-queues:owner:user') }} |  | ||||||
|     - password: {{ salt['pillar.get']('gnuviechadmin-queues:owner:password') }} |  | ||||||
|     - tags: |  | ||||||
|       - administrator |  | ||||||
|     - perms: |  | ||||||
|       - {{ salt['pillar.get']('gnuviechadmin-queues:vhost') }}: |  | ||||||
|         - '.*' |  | ||||||
|         - '.*' |  | ||||||
|         - '.*' |  | ||||||
|   rabbitmq_vhost.present: |   rabbitmq_vhost.present: | ||||||
|     - name: {{ salt['pillar.get']('gnuviechadmin-queues:vhost') }} |     - name: {{ salt['pillar.get']('gnuviechadmin:queues:vhost') }} | ||||||
|     - owner: {{ salt['pillar.get']('gnuviechadmin-queues:owner:user') }} |  | ||||||
|     - require: |  | ||||||
|       - rabbitmq_user: {{ salt['pillar.get']('gnuviechadmin-queues:owner:user') }} |  | ||||||
| 
 | 
 | ||||||
| {% for user in salt['pillar.get']('gnuviechadmin-queues:users') %} | {% for user in salt['pillar.get']('gnuviechadmin:queues:users') %} | ||||||
| gnuviechadmin-queue-user-{{ user }}: | gnuviechadmin-queue-user-{{ user }}: | ||||||
|   rabbitmq_user.present: |   rabbitmq_user.present: | ||||||
|     - name: {{ user }} |     - name: {{ user }} | ||||||
|     - password: {{ salt['pillar.get']('gnuviechadmin-queues:users:%s:password' % user) }} |     - password: {{ salt['pillar.get']('gnuviechadmin:queues:users:%s:password' % user) }} | ||||||
| {% if salt['pillar.get']('gnuviechadmin-queues:users:%s:perms' % user) %} | {% if salt['pillar.get']('gnuviechadmin:queues:users:%s:perms' % user) %} | ||||||
|     - perms: |     - perms: | ||||||
| {% for vhost, perms in salt['pillar.get']('gnuviechadmin-queues:users:%s:perms' % user).iteritems() %} | {% for vhost, perms in salt['pillar.get']('gnuviechadmin:queues:users:%s:perms' % user).iteritems() %} | ||||||
|       - {{ vhost }}: |       - {{ vhost }}: | ||||||
|         - {{ perms[0] }} |         - {{ perms[0] }} | ||||||
|         - {{ perms[1] }} |         - {{ perms[1] }} | ||||||
|         - {{ perms[2] }} |         - {{ perms[2] }} | ||||||
| {% endfor %} | {% endfor %} | ||||||
| {% endif %} | {% endif %} | ||||||
|     - require: | {% if salt['pillar.get']('gnuviechadmin:queues:users:%s:tags' % user) %} | ||||||
|       - rabbitmq_vhost: {{ salt['pillar.get']('gnuviechadmin-queues:vhost') }} |     - tags: | ||||||
|  | {% for tag in salt['pillar.get']('gnuviechadmin:queues:users:%s:tags' % user) %} | ||||||
|  |       - {{ tag }} | ||||||
|  | {% endfor %} | ||||||
|  | {% endif %} | ||||||
|  |     - require: | ||||||
|  |       - rabbitmq_vhost: {{ salt['pillar.get']('gnuviechadmin:queues:vhost') }} | ||||||
| {% endfor %} | {% endfor %} | ||||||
|  |  | ||||||
							
								
								
									
										7
									
								
								salt/roots/gnuviechadmin/vars.sls
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										7
									
								
								salt/roots/gnuviechadmin/vars.sls
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,7 @@ | ||||||
|  | {% set home = '/home/vagrant' %} | ||||||
|  | {% set venv = home + '/gva-venv' %} | ||||||
|  | {% set checkout = '/vagrant' %} | ||||||
|  | {% set gva_component = salt['pillar.get']('gnuviechadmin:component:name') %} | ||||||
|  | {% set gva_amqp_user = salt['pillar.get']('gnuviechadmin:component:amqp_user') %} | ||||||
|  | {% set python_module = salt['pillar.get']('gnuviechadmin:component:python_module', gva_component) %} | ||||||
|  | {% set appdir = checkout + '/' + python_module %} | ||||||
|  | @ -1,92 +1,27 @@ | ||||||
| include: | include: | ||||||
|  |   - gnuviechadmin.base | ||||||
|   - webserver |   - webserver | ||||||
| 
 | 
 | ||||||
| mq: | libpq-dev: | ||||||
|   host.present: |  | ||||||
|     - ip: 127.0.0.1 |  | ||||||
| 
 |  | ||||||
| gnuviechadmin-packages: |  | ||||||
|   pkg.installed: |   pkg.installed: | ||||||
|     - names: |     - require_in: | ||||||
|       - libpq-dev |       - pkg: gnuviechadmin-packages | ||||||
|       - libyaml-dev | 
 | ||||||
|       - python-virtualenv | python-m2crypto: | ||||||
|       - python-dev |   pkg.installed: | ||||||
|       - python-pip |     - reload_modules: true | ||||||
|       - gettext |  | ||||||
| 
 | 
 | ||||||
| {% import "webserver/sslcert.macros.sls" as sslcert %} | {% import "webserver/sslcert.macros.sls" as sslcert %} | ||||||
| 
 | 
 | ||||||
| {% set venv = salt['pillar.get']('gnuviechadmin:virtualenv') %} |  | ||||||
| {% set checkout = '/vagrant' %} |  | ||||||
| {% set home = '/home/vagrant' %} |  | ||||||
| {% set appdir = checkout + '/gnuviechadmin' %} |  | ||||||
| {% set domainname = salt['pillar.get']('gnuviechadmin:domainname') %} | {% set domainname = salt['pillar.get']('gnuviechadmin:domainname') %} | ||||||
| {{ sslcert.key_cert(domainname) }} | {{ sslcert.key_cert(domainname) }} | ||||||
| 
 | 
 | ||||||
| {{ venv }}: |  | ||||||
|   file.directory: |  | ||||||
|     - user: vagrant |  | ||||||
|     - group: vagrant |  | ||||||
|     - require: |  | ||||||
|       - cmd: gnuviechadmin-venv |  | ||||||
| 
 |  | ||||||
| {{ home }}/gvasettings.sh: |  | ||||||
|   file.managed: |  | ||||||
|     - user: vagrant |  | ||||||
|     - group: vagrant |  | ||||||
|     - mode: 0640 |  | ||||||
|     - source: salt://gnuviechadmin/gvasettings.sh |  | ||||||
|     - template: jinja |  | ||||||
|     - context: |  | ||||||
|         broker_url: amqp://{{ salt['pillar.get']('gnuviechadmin-queues:owner:user') }}:{{ salt['pillar.get']('gnuviechadmin-queues:owner:password') }}@mq/{{ salt['pillar.get']('gnuviechadmin-queues:vhost') }} |  | ||||||
| 
 |  | ||||||
| gnuviechadmin-venv: |  | ||||||
|   cmd.run: |  | ||||||
|     - name: virtualenv {{ venv }} |  | ||||||
|     - user: vagrant |  | ||||||
|     - group: vagrant |  | ||||||
|     - unless: test -f {{ venv }}/bin/pip |  | ||||||
| 
 |  | ||||||
| gnuviechadmin-requires: |  | ||||||
|   cmd.run: |  | ||||||
|     - name: {{ venv }}/bin/pip install -U -r requirements/local.txt && touch {{ venv }}/lastinstall |  | ||||||
|     - user: vagrant |  | ||||||
|     - group: vagrant |  | ||||||
|     - cwd: {{ checkout }} |  | ||||||
|     - require: |  | ||||||
|       - file: {{ venv }} |  | ||||||
|       - pkg: python-dev |  | ||||||
|       - pkg: libpq-dev |  | ||||||
|     - unless: test -e {{ venv }}/lastinstall && test {{ checkout }}/requirements/local.txt -ot {{ venv }}/lastinstall && test {{ checkout }}/requirements/base.txt -ot {{ venv }}/lastinstall |  | ||||||
| 
 |  | ||||||
| gnuviechadmin-dbschema: |  | ||||||
|   cmd.wait: |  | ||||||
|     - name: . {{ home }}/gvasettings.sh ; unset LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME ; {{ venv }}/bin/python manage.py migrate --noinput |  | ||||||
|     - user: vagrant |  | ||||||
|     - group: vagrant |  | ||||||
|     - cwd: {{ appdir }} |  | ||||||
|     - watch: |  | ||||||
|       - cmd: gnuviechadmin-requires |  | ||||||
|       - file: {{ home }}/gvasettings.sh |  | ||||||
| 
 |  | ||||||
| gnuviechadmin-locale-data-compile: |  | ||||||
|   cmd.wait: |  | ||||||
|     - name: . {{ home }}/gvasettings.sh ; find {{ appdir }} -type d -name 'locale' | while read dir; do cd $(dirname "$dir") ; {{ venv }}/bin/python {{ appdir }}/manage.py compilemessages ; done |  | ||||||
|     - user: vagrant |  | ||||||
|     - group: vagrant |  | ||||||
|     - cwd: {{ appdir }} |  | ||||||
|     - require: |  | ||||||
|       - pkg: gettext |  | ||||||
|       - file: {{ home }}/gvasettings.sh |  | ||||||
|       - file: {{ venv }} |  | ||||||
| 
 |  | ||||||
| /etc/nginx/sites-available/{{ domainname }}: | /etc/nginx/sites-available/{{ domainname }}: | ||||||
|   file.managed: |   file.managed: | ||||||
|     - user: root |     - user: root | ||||||
|     - group: root |     - group: root | ||||||
|     - mode: 0640 |     - mode: 0640 | ||||||
|     - source: salt://gnuviechadmin/gnuviechadmin.nginx |     - source: salt://gnuviechadmin/gva/gnuviechadmin.nginx | ||||||
|     - template: jinja |     - template: jinja | ||||||
|     - context: |     - context: | ||||||
|         domainname: {{ domainname }} |         domainname: {{ domainname }} | ||||||
|  |  | ||||||
|  | @ -11,7 +11,7 @@ nginx-common: | ||||||
| 
 | 
 | ||||||
| /etc/nginx/nginx.conf: | /etc/nginx/nginx.conf: | ||||||
|   file.managed: |   file.managed: | ||||||
|     - source: salt://base/nginx.conf |     - source: salt://nginx/nginx.conf | ||||||
|     - user: root |     - user: root | ||||||
|     - group: root |     - group: root | ||||||
|     - mode: 0644 |     - mode: 0644 | ||||||
|  | @ -1,5 +1,5 @@ | ||||||
| include: | include: | ||||||
|   - base.nginx |   - nginx | ||||||
| 
 | 
 | ||||||
| /etc/nginx/conf.d/logformat.conf: | /etc/nginx/conf.d/logformat.conf: | ||||||
|   file.managed: |   file.managed: | ||||||
|  |  | ||||||
|  | @ -23,6 +23,7 @@ | ||||||
|     - require: |     - require: | ||||||
|       - file: {{ nginx_ssl_certdir }} |       - file: {{ nginx_ssl_certdir }} | ||||||
|       - cmd: {{ certfile }} |       - cmd: {{ certfile }} | ||||||
|  |       - pkg: python-m2crypto | ||||||
|     - require_in: |     - require_in: | ||||||
|       - file: /etc/nginx/sites-available/{{ domain_name }} |       - file: /etc/nginx/sites-available/{{ domain_name }} | ||||||
|       - service: nginx |       - service: nginx | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue