finish vagrant configuration

- ignore collected assets - setup virtualenv and environment variables - import additional salt state modules
2015-10-04 23:02:04 +02:00 · 2015-10-04 23:02:04 +02:00 · 1ae6c1e855
commit 1ae6c1e855
parent f5945b9849
9 changed files with 357 additions and 4 deletions
--- a/roots/gnuviechadmin/gnuviechadmin.nginx
+++ b/roots/gnuviechadmin/gnuviechadmin.nginx
@ -0,0 +1,27 @@
+server {
+  server_name www.{{ domainname }};
+  listen 443 ssl;
+
+  ssl_certificate {{ ssl_certdir }}/{{ domainname }}.crt.pem;
+  ssl_certificate_key {{ ssl_keydir }}/{{ domainname }}.key.pem;
+
+  if ( $host != '{{ domainname }}') {
+    return 301 https://{{ domainname }}$request_uri;
+  }
+
+  client_max_body_size 1M;
+  gzip on;
+  gzip_types text/javascript application/x-javascript text/css;
+
+  location /media {
+    alias /vagrant/gnuviechadmin/media;
+  }
+
+  location /static {
+    alias /vagrant/gnuviechadmin/assets;
+  }
+
+  location / {
+    proxy_pass http://localhost:8000;
+  }
+}
--- a/roots/gnuviechadmin/gvasettings.sh
+++ b/roots/gnuviechadmin/gvasettings.sh
@ -0,0 +1,24 @@
+#!/bin/sh
+
+export DJANGO_SETTINGS_MODULE="gnuviechadmin.settings.production"
+export GVA_ADMIN_NAME="Jan Dittberner"
+export GVA_ADMIN_EMAIL="{{ salt['pillar.get']('gnuviechadmin:adminemail') }}"
+export GVA_PGSQL_DATABASE="{{ salt['pillar.get']('gnuviechadmin-database:database') }}"
+export GVA_PGSQL_USER="{{ salt['pillar.get']('gnuviechadmin-database:owner:user') }}"
+export GVA_PGSQL_PASSWORD="{{ salt['pillar.get']('gnuviechadmin-database:owner:password') }}"
+export GVA_PGSQL_HOSTNAME="{{ salt['pillar.get']('gnuviechadmin-database:hostname') }}"
+export GVA_PGSQL_PORT={{ salt['pillar.get']('gnuviechadmin-database:port') }}
+export GVA_DOMAIN_NAME="{{ salt['pillar.get']('gnuviechadmin:domainname') }}"
+export GVA_SITE_NAME="{{ salt['pillar.get']('gnuviechadmin:sitename') }}"
+export GVA_SITE_SECRET="{{ salt['grains.get_or_set_hash']('gnuviechadmin:SECRET_KEY', 50) }}"
+export GVA_SITE_ADMINMAIL="{{ salt['pillar.get']('gnuviechadmin:adminemail') }}"
+export GVA_MIN_OS_UID={{ salt['pillar.get']('gnuviechadmin:minosuid') }}
+export GVA_MIN_OS_GID={{ salt['pillar.get']('gnuviechadmin:minosgid') }}
+export GVA_OSUSER_PREFIX="{{ salt['pillar.get']('gnuviechadmin:osuserprefix') }}"
+export GVA_OSUSER_HOME_BASEPATH="{{ salt['pillar.get']('gnuviechadmin:osuserhomedirbase') }}"
+export GVA_OSUSER_DEFAULT_SHELL="{{ salt['pillar.get']('gnuviechadmin:osuserdefaultshell') }}"
+export GVA_BROKER_URL="{{ broker_url }}"
+export GVA_OSUSER_UPLOADSERVER="{{ salt['pillar.get']('gnuviechadmin:uploadserver') }}"
+export GVA_WEBMAIL_URL="{{ salt['pillar.get']('gnuviechadmin:webmail_url') }}"
+export GVA_PHPMYADMIN_URL="{{ salt['pillar.get']('gnuviechadmin:phpmyadmin_url') }}"
+export GVA_PHPPGADMIN_URL="{{ salt['pillar.get']('gnuviechadmin:phppgadmin_url') }}"
--- a/roots/gnuviechadmin/webinterface.sls
+++ b/roots/gnuviechadmin/webinterface.sls
@ -0,0 +1,97 @@
+include:
+  - webserver
+
+gnuviechadmin-packages:
+  pkg.installed:
+    - names:
+      - libpq-dev
+      - libyaml-dev
+      - python-virtualenv
+      - python-dev
+      - python-pip
+
+{% import "webserver/sslcert.macros.sls" as sslcert %}
+
+{% set venv = salt['pillar.get']('gnuviechadmin:virtualenv') %}
+{% set domainname = salt['pillar.get']('gnuviechadmin:domainname') %}
+{{ sslcert.key_cert(domainname) }}
+
+{{ venv }}:
+  file.directory:
+    - user: vagrant
+    - group: vagrant
+    - require:
+      - cmd: gnuviechadmin-venv
+
+/home/vagrant/gvasettings.sh:
+  file.managed:
+    - user: vagrant
+    - group: vagrant
+    - mode: 0640
+    - source: salt://gnuviechadmin/gvasettings.sh
+    - template: jinja
+    - context:
+        broker_url: amqp://{{ salt['pillar.get']('gnuviechadmin-queues:owner:user') }}:{{ salt['pillar.get']('gnuviechadmin-queues:owner:password') }}@mq/{{ salt['pillar.get']('gnuviechadmin-queues:vhost') }}
+
+gnuviechadmin-venv:
+  cmd.run:
+    - name: virtualenv {{ venv }}
+    - user: vagrant
+    - group: vagrant
+    - unless: test -f {{ venv }}/bin/pip
+
+gnuviechadmin-requires:
+  cmd.run:
+    - name: {{ venv }}/bin/pip install -U -r requirements/local.txt && touch {{ venv }}/lastinstall
+    - user: vagrant
+    - group: vagrant
+    - cwd: /vagrant
+    - require:
+      - file: {{ venv }}
+      - pkg: python-dev
+      - pkg: libpq-dev
+    - unless: test -e {{ venv }}/lastinstall && test /vagrant/requirements/local.txt -ot {{ venv }}/lastinstall && test /vagrant/requirements/base.txt -ot {{ venv }}/lastinstall
+
+gnuviechadmin-dbschema:
+  cmd.wait:
+    - name: . /home/vagrant/gvasettings.sh ; {{ venv }}/bin/python manage.py migrate --noinput
+    - user: vagrant
+    - group: vagrant
+    - cwd: /vagrant/gnuviechadmin
+    - watch:
+      - cmd: gnuviechadmin-requires
+      - file: /home/vagrant/gvasettings.sh
+
+gnuviechadmin-locale-data-compile:
+  cmd.wait:
+    - name: . /home/vagrant/gvasettings.sh ; find /vagrant/gnuviechadmin -type d -name 'locale' | while read dir; do cd $(dirname "$dir") ; {{ venv }}/bin/python /vagrant/gnuviechadmin/manage.py compilemessages ; done
+    - user: vagrant
+    - group: vagrant
+    - cwd: /vagrant/gnuviechadmin
+    - require:
+      - file: /home/vagrant/gvasettings.sh
+      - file: {{ venv }}
+
+/etc/nginx/sites-available/{{ domainname }}:
+  file.managed:
+    - user: root
+    - group: root
+    - mode: 0640
+    - source: salt://gnuviechadmin/gnuviechadmin.nginx
+    - template: jinja
+    - context:
+        domainname: {{ domainname }}
+        ssl_keydir: {{ salt['pillar.get']('nginx:sslkeydir', '/etc/nginx/ssl/private') }}
+        ssl_certdir: {{ salt['pillar.get']('nginx:sslcertdir', '/etc/nginx/ssl/certs') }}
+    - require:
+      - pkg: nginx
+    - watch_in:
+      - service: nginx
+
+/etc/nginx/sites-enabled/{{ domainname }}:
+  file.symlink:
+    - target: /etc/nginx/sites-available/{{ domainname }}
+    - require:
+      - file: /etc/nginx/sites-available/{{ domainname }}
+    - watch_in:
+      - service: nginx