Commit fff56e87 authored by Nicholas Anderson's avatar Nicholas Anderson

Added Vagrantfile and dev ansible playbook

Whew, that was quite a lot. Where do I start?

To utilize Vagrant, you first need to install virtualbox and vagrant
itself. After those are installed, simply do "vagrant up" from the
project's root directory. That's it! It will install and set everything
up for you. Once the playbook has completed provisioning, simply go to
localhost:8000 in your browser. This directory is shared with the
virtual machine, so all changes made here will be reflected live!

Give it a shot!
parent aabf8dfa
# -*- mode: ruby -*-
# vi: set ft=ruby :
# Import securerandom for secret key generation
require 'securerandom'
# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure(2) do |config|
# The most common configuration options are documented and commented below.
# For a complete reference, please see the online documentation at
# https://docs.vagrantup.com.
# Every Vagrant development environment requires a box. You can search for
# boxes at https://atlas.hashicorp.com/search.
config.vm.box = "ubuntu/trusty64"
# Disable automatic box update checking. If you disable this, then
# boxes will only be checked for updates when the user runs
# `vagrant box outdated`. This is not recommended.
# config.vm.box_check_update = false
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine. In the example below,
# accessing "localhost:8080" will access port 80 on the guest machine.
config.vm.network "forwarded_port", guest: 8000, host: 8000
# Create a private network, which allows host-only access to the machine
# using a specific IP.
# config.vm.network "private_network", ip: "192.168.33.10"
# Create a public network, which generally matched to bridged network.
# Bridged networks make the machine appear as another physical device on
# your network.
# config.vm.network "public_network"
# Share an additional folder to the guest VM. The first argument is
# the path on the host to the actual folder. The second argument is
# the path on the guest to mount the folder. And the optional third
# argument is a set of non-required options.
# config.vm.synced_folder "../data", "/vagrant_data"
# Provider-specific configuration so you can fine-tune various
# backing providers for Vagrant. These expose provider-specific options.
# Example for VirtualBox:
#
# config.vm.provider "virtualbox" do |vb|
# # Display the VirtualBox GUI when booting the machine
# vb.gui = true
#
# # Customize the amount of memory on the VM:
# vb.memory = "1024"
# end
#
# View the documentation for the provider you are using for more
# information on available options.
# Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
# such as FTP and Heroku are also available. See the documentation at
# https://docs.vagrantup.com/v2/push/atlas.html for more information.
# config.push.define "atlas" do |push|
# push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
# end
# Enable provisioning with a shell script. Additional provisioners such as
# Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
# documentation for more information about their specific syntax and use.
# config.vm.provision "shell", inline: <<-SHELL
# sudo apt-get update
# sudo apt-get install -y apache2
# SHELL
config.vm.provision "ansible", run: "always" do |ansible|
ansible.playbook = "provisioning/playbook.yml"
ansible.sudo = true
ansible.extra_vars = {
nginx: {
port: 8000,
https: false
},
mysql: {
root_user: "root",
root_pass: "",
user: "go",
pass: "go",
db: "go"
},
django: {
secret_key: SecureRandom.base64,
host: "*",
debug: "True",
email_domain: "@masonlive.gmu.edu",
requirements_path: "/vagrant/requirements.txt",
venv_path: "/vagrant/venv",
cas_url: "https://nanderson.me/cas/",
app_path: "/vagrant/go",
settings_path: "/vagrant/go/settings",
superuser: "dhaynes3"
}
}
end
=begin
# Picks up from any failed runs
# Run this with: "vagrant provision --provision-with resume"
config.vm.provision "resume", type: "ansible" do |resume|
resume.playbook = "provisioning/playbook.yml"
resume.limit = "@provisioning/playbook.retry"
resume.sudo = true
resume.extra_vars = {
nginx: {
port: 8000,
https: false
},
mysql: {
root_user: "root",
root_pass: "",
user: "go",
pass: "go",
db: "go"
},
django: {
secret_key: SecureRandom.base64,
host: "*",
debug: "True",
email_domain: "@masonlive.gmu.edu",
requirements_path: "/vagrant/requirements.txt",
venv_path: "/vagrant/venv",
cas_url: "https://nanderson.me/cas",
app_path: "/vagrant/go",
settings_path: "/vagrant/go/settings",
superuser: "dhaynes3"
}
}
end
=end
end
---
# Ansible Playbook for Go
#
# Installs a production-like envrionment with:
# - MySQL
# - nginx
# - uwsgi + Emperor
# - Django
- hosts: all
tasks:
- name: install go packages
apt: name={{ item }} state=latest
with_items:
- python
- python-dev
- python-virtualenv
- python-pip
- git
- libldap2-dev
- mysql-server
- mysql-client
- libmysqlclient-dev
- python-mysqldb
- libsasl2-dev
- libjpeg-dev
- name: create mysql user
mysql_user: >
name={{ mysql['user'] }}
password={{ mysql['pass'] }}
login_password={{ mysql['root_pass'] }}
login_user={{ mysql['root_user'] }}
state=present
host=localhost
priv={{ mysql['db'] }}.*:ALL
- name: create mysql database
mysql_db: >
name={{ mysql['db'] }}
state=present
login_user={{ mysql['root_user'] }}
login_password={{ mysql['root_pass'] }}
- name: install site packages to virtual env
pip: >
requirements={{ django['requirements_path'] }}
virtualenv={{ django['venv_path'] }}
virtualenv_python=python2.7
- name: install django settings.py
template: >
src=templates/settings.py.j2
dest={{ django['settings_path'] }}/settings.py
backup=yes
- name: install django secret.py
template: >
src=templates/secret.py.j2
dest={{ django['settings_path'] }}/secret.py
- name: setup django database
django_manage: >
command={{ item }}
app_path={{ django['app_path'] }}
virtualenv={{ django['venv_path'] }}
with_items:
- flush
- makemigrations
- migrate
- name: create python superuser (defaults to dhaynes3)
django_manage: >
command="createsuperuser --noinput --username={{ django['superuser'] }} --email={{ django['superuser'] }}@masonlive.gmu.edu"
app_path={{ django['app_path'] }}
virtualenv={{ django['venv_path'] }}
- name: killing old screen sessions
shell: screen -ls | grep -q django && screen -X -S django quit
ignore_errors: true
- name: start django runserver (access via localhost:8000)
command: screen -dmS django bash -c "echo Starting on port {{ nginx['port'] }}; cd /vagrant/go; source ../venv/bin/activate; python manage.py runserver 0.0.0.0:8000;"
# Create a new file 'secret.py' and copy these contents into that file
# Please be sure to keep these variables secret in production
# You can generate a secret key from the following link: http://www.miniwebtool.com/django-secret-key-generator/
SECRET_KEY = "{{ django['secret_key'] }}"
# Use the values from the database configuration
DB_NAME = "{{ mysql['db'] }}"
DB_USER = "{{ mysql['user'] }}"
# Remember to use a strong password in production
DB_PASSWORD = "{{ mysql['pass'] }}"
# Often left blank
DB_HOST = ""
# Set piwik server site id (piwik can track multiple websites)
PIWIK_SITE_ID = ""
# Point to the piwik url
PIWIK_URL = ""
# Email configuration, if necessary
EMAIL_HOST = ""
EMAIL_PORT = ""
EMAIL_HOST_USER = ""
EMAIL_HOST_PASSWORD = ""
# Create a new file 'settings.py' and copy these contents into that file
import secret
import os
AUTH_MODE = "CAS"
BASE_DIR = os.path.dirname(os.path.dirname(__file__))
# DEBUG mode is used to view more details when errors occur
# Do not have set True in production
DEBUG = {{ django['debug'] }}
ADMINS = ()
MANAGERS = ADMINS
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': secret.DB_NAME,
'USER': secret.DB_USER,
'PASSWORD': secret.DB_PASSWORD,
'HOST': secret.DB_HOST,
'PORT': '',
}
}
# The domains this application will be deployed on
# e.g. Which domains this app should listen to requests from.
ALLOWED_HOSTS = ['{{ django['host'] }}']
# Peoplefinder API
PF_URL = "http://api.srct.gmu.edu/pf/v1/"
TIME_ZONE = 'America/New_York'
LANGUAGE_CODE = 'en-us'
SITE_ID = 1
USE_I18N = True
USE_L10N = True
USE_TZ = True
MEDIA_URL = '/media/'
MEDIA_ROOT = ''
MEDIAFILES_DIRS = (
os.path.join(BASE_DIR, 'media/'),
)
STATIC_URL = '/static/'
STATIC_ROOT = ''
STATICFILES_DIRS = (
os.path.join(BASE_DIR, 'static/'),
)
STATICFILES_FINDERS = (
'django.contrib.staticfiles.finders.FileSystemFinder',
'django.contrib.staticfiles.finders.AppDirectoriesFinder',
)
SECRET_KEY = secret.SECRET_KEY
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [
os.path.join(BASE_DIR, 'templates')
],
'OPTIONS': {
'context_processors': [
'django.contrib.auth.context_processors.auth',
'django.template.context_processors.request'
],
'loaders': [
'django.template.loaders.app_directories.Loader'
],
'debug': DEBUG
}
}
]
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
)
ROOT_URLCONF = 'settings.urls'
WSGI_APPLICATION = 'settings.wsgi.application'
INSTALLED_APPS = (
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.messages',
'django.contrib.staticfiles',
'go',
'piwik',
'django.contrib.admin',
'qrcode',
'crispy_forms',
)
SESSION_SERIALIZER = 'django.contrib.sessions.serializers.JSONSerializer'
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'filters': {
'require_debug_false': {
'()': 'django.utils.log.RequireDebugFalse'
}
},
'handlers': {
'mail_admins': {
'level': 'ERROR',
'filters': ['require_debug_false'],
'class': 'django.utils.log.AdminEmailHandler'
}
},
'loggers': {
'django.request': {
'handlers': ['mail_admins'],
'level': 'ERROR',
'propagate': True,
},
}
}
LOGIN_URL = '/login'
LOGOUT_URL = '/logout'
LOGIN_REDIRECT_URL = '/'
AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend',
)
if AUTH_MODE.lower() == 'ldap':
import ldap
AUTHENTICATION_BACKENDS += (
'django_auth_ldap.backend.LDAPBackend',
)
AUTH_LDAP_SERVER_URI = "ldaps://directory.gmu.edu:636" # server url
AUTH_LDAP_BIND_DN = "ou=people,o=gmu.edu" # bind DN
AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = True # use the user
AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=people,o=gmu.edu"
AUTH_LDAP_GLOBAL_OPTIONS = { # ignore UAC cert.
ldap.OPT_X_TLS: ldap.OPT_X_TLS_DEMAND,
ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER,
}
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
"last_name": "sn",
"email": "mail"
}
AUTH_LDAP_ALWAYS_UPDATE_USER = True
elif AUTH_MODE.lower() == 'cas':
CAS_SERVER_URL = "{{ django['cas_url'] }}"
CAS_LOGOUT_COMPLETELY = True
CAS_PROVIDE_URL_TO_LOGOUT = True
AUTHENTICATION_BACKENDS += (
'cas.backends.CASBackend',
)
CAS_RESPONSE_CALLBACKS = (
'go.cas_callbacks.create_user',
)
INSTALLED_APPS += (
'cas',
)
MIDDLEWARE_CLASSES += (
'cas.middleware.CASMiddleware',
)
PIWIK_SITE_ID = secret.PIWIK_SITE_ID
PIWIK_URL = secret.PIWIK_URL
CRISPY_TEMPLATE_PACK = 'bootstrap3'
# Mail settings
EMAIL_HOST = secret.EMAIL_HOST
EMAIL_PORT = secret.EMAIL_PORT
EMAIL_HOST_USER = secret.EMAIL_HOST_USER
EMAIL_HOST_PASSWORD = secret.EMAIL_HOST_PASSWORD
EMAIL_FROM = "example@example.com"
EMAIL_TO = "to@example.com"
# Domain used to email to users. See line 231 in views.py
# ie. in Mason's case '@masonlive.gmu.edu'
EMAIL_DOMAIN = "{{ django['email_domain'] }}"
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment