Ansible projects playbooks - JorgeFrancoIbanez/FlaskForm GitHub Wiki
Lets explain what happend in every playbook
deploy.yml
--- - name: Deploy server hosts: web user: ubuntu sudo: yes vars: App_name: FlaskForm MySQL_root_pass: root ubuntu_required_packages: - libpq-dev - libmysqlclient-dev - libxml2-dev - libjpeg62 - libjpeg62-dev - libfreetype6 - libfreetype6-dev - zlib1g-dev - mysql-client - python-dev - python-setuptools - python-imaging - python-mysqldb - python-psycopg2 - git-core - libapache2-mod-wsgi - php5 - libapache2-mod-php5 - php5-mcrypt - apache2 - ufw pip_requerid_libraries: - virtualenv - flask - flask-mysql
-
The key "- name:" define the name an operation that will be displayed in the terminal.
-
The key "hosts: web" define the host group.
-
The key "user: ubuntu" define the user of the server.
-
The key "sudo: yes" enable sudo commands as sudoer
-
The key "vars:" variable definitions
-
The variables "ubuntu_required_packages:" and "pip_requerid_libraries:" are arrays.
tasks:
- include: install.yml - include: ufw.yml
- The key "tasks:" define the tasks that ansible need to run on the specified server.
- The key "- include:" allow an external call of the keys of others playbook.
- name: Reboot server command: /sbin/reboot
- The key:value "command: /sbin/reboot" reboot the server (the key sudo: need to be true or yes)
- name: Wait for the server to finish rebooting sudo: no local_action: wait_for host="{{ inventory_hostname }}" search_regex=OpenSSH port=22 timeout=300
- Here our local system wait until a connection via ssh with the server are done.
install.yml
- name: Update server apt: update_cache=yes
+Update the server as if sudo apt-get update is called.
- name: Install common packages needed for python application development action: apt pkg={{ item }} state=installed with_items: - "{{ ubuntu_required_packages }}"
+Install an array of packages, "{{ item }}" with with_items: allow to call each item array
- name: Install libraries with pip action: pip name={{ item }} state=present with_items: - "{{ pip_requerid_libraries }}"
+The same here, the only diference is the key action: this one has pip as value.
apache.yml
- name: Apache enabled mod_rewrite apache2_module: name=rewrite state=present
- name: Apache enabled mod_wsgi apache2_module: name=wsgi state=present
- The apache2_modele enables mod_rewrite and mod_wsgi
- name: Apache wsgi Config copy: src=../conf/flask.wsgi dest=/var/www/html/FlaskForm/flaskform.wsgi
- name: Apache Set a Virtual Host copy: src=../conf/virthost.conf dest=/etc/apache2/sites-available/FlaskForm.conf
- The key copy made a copy of flask.wsgi and the configurations of our Virtual Host that is needed to deploy our Flask project
- name: Apache a2ensite FlaskForm command: a2ensite FlaskForm
- Activate our virtual host.
- name: Delete index.html by default file: state=absent path=/var/www/html/index.html
- Delete the index.html file if exist, because if this files is there our apache display index.html instead of our application home page.
- service: name: apache2 state: restarted
- Restart apache2 service.
#gitclone.yml
- name: Get updated files from git repository git: repo: https://github.com/JorgeFrancoIbanez/FlaskForm.git dest: /var/www/html/FlaskForm/
- clone the FlaskForm reppository in "/var/www/html/".
mysql.yml
--- - name: Set MySQL root password before installing debconf: name='mysql-server' question='mysql-server/root_password' value='{{MySQL_root_pass | quote }}' vtype='password'
- name: Confirm MySQL root password before installing debconf: name='mysql-server' question='mysql-server/root_password_again' value='{{MySQL_root_pass | quote}}' vtype='password'
- name: Install MySQL apt: package={{ item }} state=installed force=yes update_cache=yes cache_valid_time=3600 when: ansible_os_family == 'Debian' with_items: - mysql-server - mysql-client - python-mysqldb - name: Deletes anonymous MySQL server user for localhost mysql_user: user="" state="absent" login_password="{{ MySQL_root_pass }}" login_user=root
- install mysql and set a password for the root user
- name: Secures the MySQL root user mysql_user: user="root" password="{{ MySQL_root_pass }}" host="{{ item }}" login_password="{{MySQL_root_pass}}" login_user=root with_items: - 127.0.0.1 - localhost - ::1 - "{{ ansible_fqdn }}"
- name: Removes the MySQL test database mysql_db: db=form state=absent login_password="{{ MySQL_root_pass }}" login_user=root
- Clean configure mysql
- name: Copy Database from local copy: src=../conf/form.sql dest=/tmp/backup.sql
- name: Create Database on server mysql_db: name=form state=present login_user='root' login_password={{MySQL_root_pass}}
- name: Import Database for the proyect mysql_db: db=form state=import login_password="{{ MySQL_root_pass }}" login_user=root target=/tmp/backup.sql
- Create our database from the backup.
pip.yml
- block:
- name: download get-pip.py get_url: url=https://bootstrap.pypa.io/get-pip.py dest=/tmp
- name: install pip command: "python /tmp/get-pip.py"
- name: delete get-pip.py file: state=absent path=/tmp/get-pip.py
- Get, install and delete the lastest get-pip.py.
ufw.yml
- name: Setup ufw ufw: state=enabled policy=deny
- Enable UFW
- name: Allow ssh traffic ufw: rule=allow port=22 proto=tcp
- name: Allow web traffic ufw: rule: allow port: 80 proto: tcp
- this two allow the traffic in ports 22 and 80.
php.yml
--- - name: configure php copy: src=../conf/dir.conf dest=/etc/apache2/mods-enabled/dir.conf
- name: set index.php copy: src=../conf/php/index.php dest=/var/www/html/info.php
- just added php have the LAMP server. This two enable the visualizations php file and copy an info.php in root.