From 565de095849cf6c63a255b28fd8003333ae16899 Mon Sep 17 00:00:00 2001 From: Alex Dehnert Date: Sat, 13 Jul 2024 13:58:22 -0400 Subject: [PATCH] ansible: Set up a test machine again --- ansible/inventory.yaml | 2 ++ ansible/roles/squaresdb/tasks/main.yaml | 25 +++++++++++++-- .../squaresdb/templates/django_local.py.j2 | 32 +++++++++++++++++++ ansible/roles/squaresdb/templates/vhost.conf | 5 +++ 4 files changed, 62 insertions(+), 2 deletions(-) diff --git a/ansible/inventory.yaml b/ansible/inventory.yaml index 04d2f68..75b09f8 100644 --- a/ansible/inventory.yaml +++ b/ansible/inventory.yaml @@ -10,6 +10,7 @@ all: vhost_aliases: - squaresdb-google.dehnerts.com dbtype: mysql + enable_logging: false test: hosts: @@ -18,3 +19,4 @@ all: extname: squaresdb.dehnerts.com vhost_aliases: [] dbtype: sqlite + enable_logging: true diff --git a/ansible/roles/squaresdb/tasks/main.yaml b/ansible/roles/squaresdb/tasks/main.yaml index 0132930..cdaebb9 100644 --- a/ansible/roles/squaresdb/tasks/main.yaml +++ b/ansible/roles/squaresdb/tasks/main.yaml @@ -7,10 +7,12 @@ # Python build-deps - gcc - python3-dev - - libxmlsec1-dev + # Anti-required due to https://github.com/xmlsec/python-xmlsec/issues/320 + #- libxmlsec1-dev - pkg-config - libmysqlclient-dev # Hosting + - apache2 - libapache2-mod-wsgi-py3 # JS local libraries - libjs-bootstrap4 @@ -32,9 +34,21 @@ password: '!' home: /home/squaresdb +- name: Set homedir perms + ansible.builtin.file: + path: /home/squaresdb + state: directory + mode: "0751" # Database +# sqlite tools when useful +- name: Install packages + ansible.builtin.package: + name: + - sqlite3 + when: dbtype == "sqlite" + # Assumes mysql is preinstalled, with the socket pluggable auth mechanism # setup -- see # https://dev.mysql.com/doc/refman/8.0/en/socket-pluggable-authentication.html @@ -279,10 +293,17 @@ notify: - Reload apache -- name: Enable Apache2 Machine vhost +- name: Enable Apache2 vhost ansible.builtin.file: state: link src: ../sites-available/squaresdb.conf dest: /etc/apache2/sites-enabled/squaresdb.conf notify: - Reload apache + +- name: Enable Apache2 HTTPS + ansible.builtin.command: + cmd: a2enmod ssl wsgi + creates: + - /etc/apache2/mods-enabled/ssl.load + - /etc/apache2/mods-enabled/wsgi.load diff --git a/ansible/roles/squaresdb/templates/django_local.py.j2 b/ansible/roles/squaresdb/templates/django_local.py.j2 index 93e6586..bfaadcd 100644 --- a/ansible/roles/squaresdb/templates/django_local.py.j2 +++ b/ansible/roles/squaresdb/templates/django_local.py.j2 @@ -1,4 +1,5 @@ import json +import os from pathlib import Path SETTINGS_DIR = Path(__file__).resolve().parent @@ -21,6 +22,37 @@ EMAIL_BACKEND = 'squaresdb.utils.email.AutoBccEmailBackend' STATIC_ROOT = '/var/www/squaresdb/static' +{% if enable_logging %} +LOGGING = { + 'version': 1, + 'disable_existing_loggers': False, + 'formatters': { + 'default': { + 'format': '%(asctime)s %(levelname)-8s %(name)-15s %(message)s', + 'datefmt': '%Y-%m-%d %H:%M:%S', + }, + }, + 'handlers': { + 'console': { + 'class': 'logging.StreamHandler', + 'formatter': 'default', + }, + }, + 'loggers': { + 'django': { + 'handlers': ['console'], + 'level': os.getenv('DJANGO_LOG_LEVEL', 'INFO'), + }, + 'squaresdb': { + 'handlers': ['console'], + 'level': os.getenv('SQUARESDB_LOG_LEVEL', 'INFO'), + }, + }, +} +{% else %} +# Custom logging not enabled +{% endif %} + {% if dbtype == "mysql" %} DATABASES = { 'default': { diff --git a/ansible/roles/squaresdb/templates/vhost.conf b/ansible/roles/squaresdb/templates/vhost.conf index 5735b72..0d5b323 100644 --- a/ansible/roles/squaresdb/templates/vhost.conf +++ b/ansible/roles/squaresdb/templates/vhost.conf @@ -1,3 +1,7 @@ +# Disable this vhost if we don't have a cert yet +# (Getting a cert uses the webroot authenticator, so there's an awkward +# manual bootstrap phase otherwise) +# ServerName {{extname}} @@ -32,5 +36,6 @@ +# # vim: syntax=apache ts=4 sw=4 sts=4 sr noet