blob: 73d4299327374babb94c9d4bff6c4af27677443b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
- name: ensure packages required for execdb are installed
action: yum name={{ item }} state=latest
when: deployment_type == 'prod' or deployment_type == 'local'
with_items:
- execdb
- mod_wsgi
- python-psycopg2
- libsemanage-python
- name: ensure packages required for execdb are installed (testing)
action: yum name={{ item }} state=latest enablerepo=infrastructure-testing
when: deployment_type == 'dev' or deployment_type == 'stg'
with_items:
- execdb
- mod_wsgi
- python-psycopg2
- libsemanage-python
- name: ensure database is created
delegate_to: "{{ execdb_db_host }}"
sudo_user: postgres
sudo: true
action: postgresql_db db={{ execdb_db_name }}
- name: ensure dev execdb db user has access to dev database
when: deployment_type == 'dev'
delegate_to: "{{ execdb_db_host }}"
sudo_user: postgres
sudo: true
action: postgresql_user db={{ execdb_db_name }} user={{ dev_execdb_db_user }} password={{ dev_execdb_db_password }} role_attr_flags=NOSUPERUSER
- name: ensure stg execdb db user has access to stg database
when: deployment_type == 'stg'
delegate_to: "{{ execdb_db_host }}"
sudo_user: postgres
sudo: true
action: postgresql_user db={{ execdb_db_name }} user={{ stg_execdb_db_user }} password={{ stg_execdb_db_password }} role_attr_flags=NOSUPERUSER
- name: ensure prod execdb db user has access to prod database
when: deployment_type == 'prod'
delegate_to: "{{ execdb_db_host }}"
sudo_user: postgres
sudo: true
action: postgresql_user db={{ execdb_db_name }} user={{ prod_execdb_db_user }} password={{ prod_execdb_db_password }} role_attr_flags=NOSUPERUSER
- name: ensure local execdb db user has access to prod database
when: deployment_type == 'local'
delegate_to: "{{ execdb_db_host }}"
sudo_user: postgres
sudo: true
action: postgresql_user db={{ execdb_db_name }} user={{ local_execdb_db_user }} password={{ local_execdb_db_password }} role_attr_flags=NOSUPERUSER
- name: ensure selinux lets httpd talk to postgres
seboolean: name=httpd_can_network_connect_db persistent=yes state=yes
- name: generate execdb config
template: src=settings.py.j2 dest=/etc/execdb/settings.py owner=root group=root mode=0644
notify:
- restart httpd
- name: generate execdb apache config
template: src=execdb.conf.j2 dest=/etc/httpd/conf.d/execdb.conf owner=root group=root mode=0644
notify:
- restart httpd
- name: initialize execdb database
shell: PROD='true' execdb init_db
|
