diff options
author | Milo Casagrande <milo.casagrande@linaro.org> | 2014-02-11 11:52:29 +0100 |
---|---|---|
committer | Milo Casagrande <milo.casagrande@linaro.org> | 2014-02-11 11:52:29 +0100 |
commit | 31a151ffa97f32ac1aac8e8faf0b6412ed13815f (patch) | |
tree | 7bc7cfde985377ab2e72d6ed0ff3825ee0c9c166 | |
parent | 41fdb6c4868c2de223880a757031460a7f5f3e22 (diff) |
Added new update playbook to update the code remotely.
Change-Id: I16e1be6a3f0d041b732e078d1b406e550d652742
-rw-r--r-- | ansible/roles/status/templates/apache_website.conf | 15 | ||||
-rw-r--r-- | ansible/roles/update/tasks/main.yml | 35 | ||||
-rw-r--r-- | ansible/update.yml | 7 |
3 files changed, 56 insertions, 1 deletions
diff --git a/ansible/roles/status/templates/apache_website.conf b/ansible/roles/status/templates/apache_website.conf index 6e7f975..a691c20 100644 --- a/ansible/roles/status/templates/apache_website.conf +++ b/ansible/roles/status/templates/apache_website.conf @@ -15,7 +15,20 @@ WSGILazyInitialization On CustomLog ${APACHE_LOG_DIR}/{{ site_name }}-access.log combined ErrorLog ${APACHE_LOG_DIR}/{{ site_name }}-error.log - SSLEngine on + KeepAlive On + KeepAliveTimeout 9 + MaxKeepAliveRequests 150 + + SSLEngine On + SSLProtocol All -SSLv2 -SSLv3 + SSLCompression Off + SSLHonorCipherOrder On + SSLOptions +StdEnvVars + SSLCipherSuite "EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:\ + EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:\ + !aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:\ + CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA" + {% if role == 'staging' %} SSLCertificateFile /etc/ssl/certs/{{ site_name }}.pem SSLCertificateKeyFile /etc/ssl/certs/{{ site_name }}.key diff --git a/ansible/roles/update/tasks/main.yml b/ansible/roles/update/tasks/main.yml new file mode 100644 index 0000000..183fae3 --- /dev/null +++ b/ansible/roles/update/tasks/main.yml @@ -0,0 +1,35 @@ +# Perform an update of status/roadmap +- include: ../../common/handlers/stop-apache.yml + +- name: update-roadmap + git: name={{ roadmap_repo }} dest={{ install_base }}/{{ install_dir }} update=yes force=yes version={{ git_tag }} + +- name: fix-repo-owner + file: path={{ install_base}}/{{ install_dir }} recurse=yes owner={{ apache_user }} group={{ apache_user }} + +- name: roadmap-django-syncdb + django_manage: command=syncdb virtualenv={{ install_base }}/virtualenv/{{ install_dir }} app_path={{install_base }}/{{ install_dir }} + +- name: roadmap-django-migrate + django_manage: command=migrate virtualenv={{ install_base }}/virtualenv/{{ install_dir }} app_path={{install_base }}/{{ install_dir }} + +- name: roadmap-static-files + file: state=directory src={{ install_base }}/{{ install_dir }}/roadmap/static dest=/var/www/{{ install_dir }}/static/ + +- name: roadmap-django-collectstatic + django_manage: command=collectstatic virtualenv={{ install_base }}/virtualenv/{{ install_dir }} app_path={{install_base }}/{{ install_dir }} + +# Make sure everything can be accessed by the Apache user. +- name: fix-virtualenv-ownership + file: path={{ install_base }}/virtualenv recurse=yes owner={{ apache_user }} group={{ apache_user }} + +- name: fix-roadmap-install-ownership + file: path={{ install_base }}/{{ install_dir }} owner={{ apache_user }} group={{ apache_user }} recurse=yes + +- name: fix-roadmap-static-ownership + file: path=/var/www/{{ install_dir }} recurse=yes owner={{ apache_user }} group={{ apache_user }} + +- name: fix-roadmap-log-ownership + file: path=/var/log/roadmap recurse=yes owner={{ apache_user }} group={{ apache_user }} + +- include: ../../common/handlers/restart-apache.yml
\ No newline at end of file diff --git a/ansible/update.yml b/ansible/update.yml new file mode 100644 index 0000000..b894037 --- /dev/null +++ b/ansible/update.yml @@ -0,0 +1,7 @@ +# Update everything. + +- hosts: all + gather_facts: no + sudo: yes + roles: + - update |