├── README.md ├── awx └── installer │ ├── build-local.yml │ ├── inventory │ └── local_build │ ├── files │ ├── Dockerfile.sdist │ ├── RPM-GPG-KEY-ansible-release │ ├── ansible.repo │ ├── launch_awx.sh │ ├── launch_awx_task.sh │ ├── nginx.conf │ ├── settings.py │ ├── supervisor.conf │ └── supervisor_task.conf │ ├── tasks │ └── main.yml │ └── templates │ ├── Dockerfile.j2 │ └── Dockerfile.task.j2 ├── build-scripts └── update-build.sh ├── install-guide-v2.md ├── installguide ├── installguide-old ├── installguide.md ├── migrations.md ├── nginx.conf ├── releases └── awx-1.0.1.234.tar.gz └── rpm ├── awx-task.service ├── awx-web.service ├── awx.conf ├── awx.spec ├── env.sh ├── launch_awx.sh ├── launch_awx_task.sh ├── settings.py ├── supervisor.conf ├── supervisor_task.conf └── uninstall-fix.patch /README.md: -------------------------------------------------------------------------------- 1 | # AWX Community Edition (RPM) 2 | 3 | Hi guys 4 | 5 | It's been some time.. And I know that there have been a lot of promises, and few of them have been kept.. 6 | 7 | The AWX-RPM project is back under my wings, and I hope push out new builds as fast as I can.. 8 | 9 | Recent work from the CentOS community and Red hat has made dependency building A LOT easier.. it's not perfect yet (and probably never will be), but it will make maintenance of the RPMS a lot less time consuming. 10 | 11 | Because of this I have decided to completely reignite the AWX-RPM project, scrap all the old work (but keep the know-how) and if you want to follow the progress, follow this new repo, which will also be where new issues can be reported in time.. 12 | 13 | https://lnkd.in/epXMaiAN 14 | 15 | Right now I'm trying to build something to handle dependency building and exceptions to the depbuilding process... this is about 80% of the work.. 16 | 17 | From there I'll create the AWX-RPM core and services files and at some point create an installer.. 18 | 19 | When the core and services files are done, I'll see the project as Beta and ready for testing.. I hope this will happen within february, but it all depends on work pressure and family, so have patience. 20 | 21 | However, when this is done, I'm really confident that automatic builds should be rolling out without needing much effort from my side. 22 | 23 | Thanks for all your patience, support and feedback. 24 | 25 | Talk to you all soon.. 26 | 27 | **Install guide, tools, utilities will be located at: https://awx.wiki in time.. they are outdated for now 28 | 29 | **LinkedIn group for Questions, support, talk and more: https://www.linkedin.com/groups/13694893/** 30 | 31 | -------------------------------------------------------------------------------- /awx/installer/build-local.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Build and deploy AWX 3 | hosts: all 4 | gather_facts: false 5 | roles: 6 | - { role: check_vars } 7 | - { role: image_build, when: "dockerhub_base is not defined and build_local is not defined" } 8 | - { role: local_build, when: "dockerhub_base is not defined and build_local is defined" } 9 | - { role: openshift, when: "openshift_host is defined" } 10 | #- { role: local_docker, when: "openshift_host is not defined" } 11 | 12 | -------------------------------------------------------------------------------- /awx/installer/inventory: -------------------------------------------------------------------------------- 1 | localhost ansible_connection=local ansible_python_interpreter="/usr/bin/env python" 2 | 3 | [all:vars] 4 | 5 | # Remove these lines if you want to run a local image build 6 | # Otherwise the setup playbook will install the official Ansible images. Versions may 7 | # be selected based on: latest, 1, 1.0, 1.0.0, 1.0.0.123 8 | # by default the base will be used to search for ansible/awx_web and ansible/awx_task 9 | #dockerhub_base=ansible 10 | #dockerhub_version=latest 11 | build_local=true 12 | #awx_version=1.0.1 13 | 14 | # This will create or update a default admin (superuser) account in AWX, if not provided 15 | # then these default values are used 16 | # default_admin_user=admin 17 | # default_admin_password=password 18 | 19 | # AWX Secret key 20 | # It's *very* important that this stay the same between upgrades or you will lose the ability to decrypt 21 | # your credentials 22 | awx_secret_key=awxsecret 23 | 24 | # Openshift Install 25 | # Will need to set -e openshift_password=developer -e docker_registry_password=$(oc whoami -t) 26 | # openshift_host=127.0.0.1:8443 27 | # awx_openshift_project=awx 28 | # openshift_user=developer 29 | # awx_node_port=30083 30 | 31 | # Standalone Docker Install 32 | postgres_data_dir=/tmp/pgdocker 33 | host_port=80 34 | 35 | # Required for Openshift when building the image on your own 36 | # Optional for Openshift if using Dockerhub or another prebuilt registry 37 | # Required for Standalone Docker Install if building the image on your own 38 | # Optional for Standalone Docker Install if using Dockerhub or another prebuilt registry 39 | # Define if you want the image pushed to a registry. The container definition will also use these images 40 | # docker_registry=172.30.1.1:5000 41 | # docker_registry_repository=awx 42 | # docker_registry_username=developer 43 | 44 | # Set pg_hostname if you have an external postgres server, otherwise 45 | # a new postgres service will be created 46 | # pg_hostname=postgresql 47 | pg_username=awx 48 | pg_password=awxpass 49 | pg_database=awx 50 | pg_port=5432 51 | 52 | # Use a local distribution build container image for building the AWX package 53 | # This is helpful if you don't want to bother installing the build-time dependencies as 54 | # it is taken care of already. 55 | # NOTE: IMPORTANT: If you are running a mininshift install, using this container might not work 56 | # if you are using certain drivers like KVM where the source tree can't be mapped 57 | # into the build container. 58 | # Thus this setting must be set to False which will trigger a local build. To view the 59 | # typical dependencies that you might need to install see: 60 | # installer/image_build/files/Dockerfile.sdist 61 | use_container_for_build=false 62 | 63 | # Build AWX with official logos 64 | # Requires cloning awx-logos repo into the project root. 65 | # Review the trademark guidelines at https://github.com/ansible/awx-logos/blob/master/TRADEMARKS.md 66 | # awx_official=false 67 | 68 | # Proxy 69 | #http_proxy=http://proxy:3128 70 | #https_proxy=http://proxy:3128 71 | #no_proxy=mycorp.org 72 | -------------------------------------------------------------------------------- /awx/installer/local_build/files/Dockerfile.sdist: -------------------------------------------------------------------------------- 1 | FROM centos:7 2 | 3 | RUN yum install -y epel-release 4 | 5 | RUN yum install -y bzip2 \ 6 | gcc-c++ \ 7 | gettext \ 8 | git \ 9 | make \ 10 | python \ 11 | python-pip 12 | 13 | RUN curl --silent --location https://rpm.nodesource.com/setup_6.x | bash - 14 | RUN yum install -y nodejs 15 | RUN npm set progress=false 16 | 17 | WORKDIR "/awx" 18 | 19 | ENTRYPOINT ["/bin/bash", "-c"] 20 | CMD ["make sdist"] 21 | -------------------------------------------------------------------------------- /awx/installer/local_build/files/RPM-GPG-KEY-ansible-release: -------------------------------------------------------------------------------- 1 | -----BEGIN PGP PUBLIC KEY BLOCK----- 2 | Version: GnuPG/MacGPG2 v2.0.19 (Darwin) 3 | 4 | mQINBFVfhqABEAC6EEEPv57spTUSQvtgqbVZI7d5ooCTMXEo5KJGVPVSfKtO8+BV 5 | ZTKPukUazbtplDlIe9csfbP7CBaaBn5CtDgIrbROzazxoWv7mIP6hjUaTQSd5tvv 6 | ONDQvnCDD5SKcy+XhqkmALSvREsN9tNtKETGXgNOLwJAlzxcpt8JLXnuiCCbefum 7 | gaDoPQsIkegFa/r6XhY6kLi2lpQOJ3v72IXNDpdau1vtp/xPHclfCI1iQ7gnfEdw 8 | rRJRGeOx1qikyqAVFgXXiI/NAQrsyIsO0ECGSBLQeDna/bGrqpCGKnrbJhfGAIWA 9 | aXUTRCQRemiansk0Whu4ATZz8iM9zJPi1R7CeMXgwe7VtD4KOd1y7UBHKwAhIWdu 10 | 4Q4lsOpm2tzYFQUrY6mQ/3BkywDHkdVqmQKTGCuwcNO9PMOBLSE99yCIjxXL04VM 11 | dPWIqMvh15TLjd6UahNFucowX3312z4JpWFHWA075MdkvVVcqfMxohViOLUCYt/C 12 | 74xFmT+uZUKnSQFYT/JaGqxFLjkYHmnFrb710fBjniDlaB4Ii3Tft/yXsgx8P9xb 13 | y2cWA/W6yFeRqXM49C3/KA6RhDWU90P55O/MWbYUSGiGu+eYT3rMAV2cI6r4+U7e 14 | YgQvntpc9GbAzab6co8ceJ3lpTHtSl+QZJUhSoPYg5VbSilf0AqZgUSUUQARAQAB 15 | tC5BbnNpYmxlLCBJbmMuIChyZWxlYXNlKSA8c2VjdXJpdHlAYW5zaWJsZS5jb20+ 16 | iQI4BBMBAgAiBQJVX4agAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRC4 17 | TjOcRCZnqfN+D/9LvJVLW/zMPcZ4qK+/KpNiD+MXducBpQiUfj2AoEqkR2LwL4/G 18 | v5N3GCpBHSrzK1PBp5uW1+6TcdotBO5ePtmvJlSjVMVxHkcTTBfuzqtErcw/zequ 19 | sNsagllPlCePT1Osi34onGm7zMdillh/uw30bojYRwtDpfXiXJAqPc3vqXrER8EE 20 | r+ZFj4MJcqDGWdIguWX8hnIFkzYZ7Gyvwo4ETWrdRhRfHoIdwyiAawnxkgpMVHxv 21 | 2+JlqDb+qqY2Wjffd5WC2uaxK88sCsScJF+aE+WlBIVRA4POu4gZneLfuGzzpg2e 22 | 9PSWmtDo5X7ECRnfTIMvAbbpt08x/zSZxwRUwLdQ+F9vN7RZ/ibaXE2rG1xrWOO/ 23 | wel8cfhDl7YgZhKw8R/RURliOB5FFJ336zGWm5HTHyhblbiNn+LcUAy8ipYp6y+C 24 | ATLnHzF6J5CtIRpG4Bs5Ar3xePNGUnEHXiLv3wYeq3uUkrFcRpmcMUSBrtk6QHbD 25 | fmJvWpdA4twmoBFBMyvvTJmBb52teNzoqBgeNflXl+SVAMT2eZSezqbvevuHQTOX 26 | uRw0GXsKCQ/hyR9f1fd0yGRMtPqNTRLwBb4lzpU70/rRmU9gHzY4Yhwg3E9Tv+rM 27 | a5Lj3YmlJRax5gUVQN02E1zlBDsiNrGqpmDG1Mxo7YPpbxgu0PFPqeqcFbkCDQRV 28 | X4agARAAwO4MA+7uIRV+oHmyMPLFWqiKp2nFy5McQByJxSQchn93/9qud4JYd1i6 29 | 8pIiKN6XJqtpt16UCTewcZHM5oOJQVNwAS8TP9imfg73TfUaoOoUbp0qfGKub/Q4 30 | 6Ktnwe940qEqYG1/QsPWNE/4G1O3b/O7m6qlozEEmxep8bRviRChz4/Mw75S1W6i 31 | jlKYI8yZOUco9oiFJcKqyYtaKkgEg18cNuY8uvAlvULezaZyCqVjoVbKGUUAPSVg 32 | CBixqLQ7UmBMA6xxptVuBvaRJAaF0VvvcyBZo4SzybtrHbUD1VWIzmWKKD/sDS2J 33 | MQbnQ0FnhRzTjhvQhAp2LVPeAQVbQNFdG7y+ROCHeE9mqutTZLOilut+CQ8HDWuQ 34 | /eCQU5yV7vh3FL/SVYS0ahZj+FdfTq8rbeIsDT42Z/MjDB54jxB5ajCHLomi4LhC 35 | 09zeb7HgwUc5wzoN7nU1OLmmn0AFwKJVD1R5UgySggv2xJym1H/mjJiR0MDweJDc 36 | xj3bf4qGRDLVFRkZcO3cmMDLhL9gb1MIU3zBVotOBt2dig/Je+K6CUFHAA237Vcg 37 | VKUrLIi6OdG3ecAdflGsaNKQ5XPv2mfhbieXu9N/S7HBvjeHIBD2xjWNz9UE1ymu 38 | QPwR6+zTxD4Nx1xIiink0MN1PaCkGJ03YBSsXnHoyiOhqAfceRcAEQEAAYkCHwQY 39 | AQIACQUCVV+GoAIbDAAKCRC4TjOcRCZnqSvGD/wP8y6fz2PsrgspHCraNuWTJaVA 40 | DesQgOxJS6uHskW/jnHkvAMTNzlVhov1hN7g+QjPMISQDCn+913kyqZ0lU3lYmvz 41 | nByPAbgzZvmAaTqb8v79zY6UH4NzbBuz4dhYN65dxhiMpNrXVvMRQjPFRXG0GG5d 42 | 7ypM1b9eoRTRlJNAwQ/ONoQxZdzVpmpXjcMOaifs75lkGAfNT0bcG/o/Qh/p4MRF 43 | t/VSmH8tM8jJuHbIPcs8FWP4J8xzum8uhF2ZlKEQsR2C9cBJSBrs5jdOjgMqwFv5 44 | 2qCg0PpEKKNQdu9MabapBprFMwJWIl+dOjUE3fdMrOSJBZZusQq9nwtDNAaaLcD7 45 | RwStw7AXi6CxYuB/uikKRviLqRCwASdj5Cdjtu6mohS8DdVkpEYbpuPjEdqc7UyW 46 | fAZQqYMkwIfaxE25/S+FxqISSCFIOCL3QNTk0Q9u2W6Fh+KUACZobtwUL/XytPBz 47 | 7Fn5wXeOCPoAbOXoiT7kPsFGvIsFHpF3K7Fy+cMrqr5dqhywGK5ckIKXRKmCAu8H 48 | iDeBqVjBn143WJPZ8uiu+7TiaGLuOqDdiDSchM24W4hs5DbD9zdVYy6IFi1OWSot 49 | HUQyZisiIgD1hSHhkn2LTYrJqIdvJ/q8buMKywB9Avs5fwP/CnsrSP9z+RWJ8HKP 50 | OwWvTVGXCPUZTxHiYg== 51 | =msBf 52 | -----END PGP PUBLIC KEY BLOCK----- 53 | -------------------------------------------------------------------------------- /awx/installer/local_build/files/ansible.repo: -------------------------------------------------------------------------------- 1 | [ansible] 2 | name=Ansible for Enterprise Linux 7 - $basearch 3 | baseurl=https://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ 4 | enabled=1 5 | gpgcheck=1 6 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ansible-release 7 | -------------------------------------------------------------------------------- /awx/installer/local_build/files/launch_awx.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | if [ `id -u` -ge 10000 ]; then 3 | echo "awx:x:`id -u`:`id -g`:,,,:/var/lib/awx:/bin/bash" >> /tmp/passwd 4 | cat /tmp/passwd > /etc/passwd 5 | rm /tmp/passwd 6 | fi 7 | awx-manage collectstatic --noinput --clear 8 | supervisord -c /etc/tower/supervisor.conf 9 | -------------------------------------------------------------------------------- /awx/installer/local_build/files/launch_awx_task.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | if [ `id -u` -ge 10000 ]; then 3 | echo "awx:x:`id -u`:`id -g`:,,,:/var/lib/awx:/bin/bash" >> /tmp/passwd 4 | cat /tmp/passwd > /etc/passwd 5 | rm /tmp/passwd 6 | fi 7 | ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -i "127.0.0.1," -c local -v -m postgresql_db -U $DATABASE_USER -a "name=$DATABASE_NAME owner=$DATABASE_USER login_user=$DATABASE_USER login_host=$DATABASE_HOST login_password=$DATABASE_PASSWORD" all 8 | awx-manage migrate --noinput --fake-initial 9 | if [ ! -z "$AWX_ADMIN_USER" ]&&[ ! -z "$AWX_ADMIN_PASSWORD" ]; then 10 | echo "from django.contrib.auth.models import User; User.objects.create_superuser('$AWX_ADMIN_USER', 'root@localhost', '$AWX_ADMIN_PASSWORD')" | awx-manage shell 11 | awx-manage create_preload_data 12 | else 13 | echo "from django.contrib.auth.models import User; User.objects.create_superuser('admin', 'root@localhost', 'password')" | awx-manage shell 14 | awx-manage create_preload_data 15 | fi 16 | awx-manage provision_instance --hostname=$(hostname) 17 | awx-manage register_queue --queuename=tower --hostnames=$(hostname) 18 | supervisord -c /etc/tower/supervisor_task.conf 19 | -------------------------------------------------------------------------------- /awx/installer/local_build/files/nginx.conf: -------------------------------------------------------------------------------- 1 | #user awx; 2 | 3 | worker_processes 1; 4 | 5 | error_log /dev/stdout warn; 6 | pid /tmp/nginx.pid; 7 | 8 | events { 9 | worker_connections 1024; 10 | } 11 | 12 | http { 13 | include /etc/nginx/mime.types; 14 | default_type application/octet-stream; 15 | 16 | log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 17 | '$status $body_bytes_sent "$http_referer" ' 18 | '"$http_user_agent" "$http_x_forwarded_for"'; 19 | 20 | access_log /dev/stdout main; 21 | 22 | map $http_upgrade $connection_upgrade { 23 | default upgrade; 24 | '' close; 25 | } 26 | 27 | sendfile on; 28 | #tcp_nopush on; 29 | #gzip on; 30 | 31 | upstream uwsgi { 32 | server localhost:8050; 33 | } 34 | 35 | upstream daphne { 36 | server localhost:8051; 37 | } 38 | 39 | server { 40 | listen 8052 default_server; 41 | 42 | # If you have a domain name, this is where to add it 43 | server_name _; 44 | keepalive_timeout 65; 45 | 46 | # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months) 47 | add_header Strict-Transport-Security max-age=15768000; 48 | 49 | location /static/ { 50 | alias /var/lib/awx/public/static/; 51 | } 52 | 53 | location /favicon.ico { alias /var/lib/awx/public/static/favicon.ico; } 54 | 55 | location /websocket { 56 | # Pass request to the upstream alias 57 | proxy_pass http://daphne; 58 | # Require http version 1.1 to allow for upgrade requests 59 | proxy_http_version 1.1; 60 | # We want proxy_buffering off for proxying to websockets. 61 | proxy_buffering off; 62 | # http://en.wikipedia.org/wiki/X-Forwarded-For 63 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 64 | # enable this if you use HTTPS: 65 | proxy_set_header X-Forwarded-Proto https; 66 | # pass the Host: header from the client for the sake of redirects 67 | proxy_set_header Host $http_host; 68 | # We've set the Host header, so we don't need Nginx to muddle 69 | # about with redirects 70 | proxy_redirect off; 71 | # Depending on the request value, set the Upgrade and 72 | # connection headers 73 | proxy_set_header Upgrade $http_upgrade; 74 | proxy_set_header Connection $connection_upgrade; 75 | } 76 | 77 | location / { 78 | # Add trailing / if missing 79 | rewrite ^(.*[^/])$ $1/ permanent; 80 | uwsgi_read_timeout 120s; 81 | uwsgi_pass uwsgi; 82 | include /etc/nginx/uwsgi_params; 83 | } 84 | } 85 | } 86 | -------------------------------------------------------------------------------- /awx/installer/local_build/files/settings.py: -------------------------------------------------------------------------------- 1 | # AWX settings file 2 | 3 | import os 4 | 5 | 6 | def get_secret(): 7 | if os.path.exists("/etc/tower/SECRET_KEY"): 8 | return file('/etc/tower/SECRET_KEY', 'rb').read().strip() 9 | return os.getenv("SECRET_KEY", "privateawx") 10 | 11 | 12 | ADMINS = () 13 | 14 | STATIC_ROOT = '/var/lib/awx/public/static' 15 | 16 | PROJECTS_ROOT = '/var/lib/awx/projects' 17 | 18 | JOBOUTPUT_ROOT = '/var/lib/awx/job_status' 19 | 20 | SECRET_KEY = get_secret() 21 | 22 | ALLOWED_HOSTS = ['*'] 23 | 24 | INTERNAL_API_URL = 'http://awxweb:8052' 25 | 26 | AWX_TASK_ENV['HOME'] = '/var/lib/awx' 27 | 28 | # Container environments don't like chroots 29 | AWX_PROOT_ENABLED = False 30 | 31 | 32 | CLUSTER_HOST_ID = "awx" 33 | SYSTEM_UUID = '00000000-0000-0000-0000-000000000000' 34 | CELERY_TASK_QUEUES += (Queue(CLUSTER_HOST_ID, Exchange(CLUSTER_HOST_ID), routing_key=CLUSTER_HOST_ID),) 35 | CELERY_TASK_ROUTES['awx.main.tasks.cluster_node_heartbeat'] = {'queue': CLUSTER_HOST_ID, 'routing_key': CLUSTER_HOST_ID} 36 | CELERY_TASK_ROUTES['awx.main.tasks.purge_old_stdout_files'] = {'queue': CLUSTER_HOST_ID, 'routing_key': CLUSTER_HOST_ID} 37 | 38 | 39 | ############################################################################### 40 | # EMAIL SETTINGS 41 | ############################################################################### 42 | 43 | SERVER_EMAIL = 'root@localhost' 44 | DEFAULT_FROM_EMAIL = 'webmaster@localhost' 45 | EMAIL_SUBJECT_PREFIX = '[AWX] ' 46 | 47 | EMAIL_HOST = 'localhost' 48 | EMAIL_PORT = 25 49 | EMAIL_HOST_USER = '' 50 | EMAIL_HOST_PASSWORD = '' 51 | EMAIL_USE_TLS = False 52 | 53 | LOGGING['handlers']['console'] = { 54 | '()': 'logging.StreamHandler', 55 | 'level': 'DEBUG', 56 | 'formatter': 'simple', 57 | } 58 | 59 | LOGGING['loggers']['django.request']['handlers'] = ['console'] 60 | LOGGING['loggers']['rest_framework.request']['handlers'] = ['console'] 61 | LOGGING['loggers']['awx']['handlers'] = ['console'] 62 | LOGGING['loggers']['awx.main.commands.run_callback_receiver']['handlers'] = ['console'] 63 | LOGGING['loggers']['awx.main.commands.inventory_import']['handlers'] = ['console'] 64 | LOGGING['loggers']['awx.main.tasks']['handlers'] = ['console'] 65 | LOGGING['loggers']['awx.main.scheduler']['handlers'] = ['console'] 66 | LOGGING['loggers']['django_auth_ldap']['handlers'] = ['console'] 67 | LOGGING['loggers']['social']['handlers'] = ['console'] 68 | LOGGING['loggers']['system_tracking_migrations']['handlers'] = ['console'] 69 | LOGGING['loggers']['rbac_migrations']['handlers'] = ['console'] 70 | LOGGING['loggers']['awx.isolated.manager.playbooks']['handlers'] = ['console'] 71 | LOGGING['handlers']['callback_receiver'] = {'class': 'logging.NullHandler'} 72 | LOGGING['handlers']['fact_receiver'] = {'class': 'logging.NullHandler'} 73 | LOGGING['handlers']['task_system'] = {'class': 'logging.NullHandler'} 74 | LOGGING['handlers']['tower_warnings'] = {'class': 'logging.NullHandler'} 75 | LOGGING['handlers']['rbac_migrations'] = {'class': 'logging.NullHandler'} 76 | LOGGING['handlers']['system_tracking_migrations'] = {'class': 'logging.NullHandler'} 77 | LOGGING['handlers']['management_playbooks'] = {'class': 'logging.NullHandler'} 78 | 79 | DATABASES = { 80 | 'default': { 81 | 'ATOMIC_REQUESTS': True, 82 | 'ENGINE': 'django.db.backends.postgresql', 83 | 'NAME': os.getenv("DATABASE_NAME", None), 84 | 'USER': os.getenv("DATABASE_USER", None), 85 | 'PASSWORD': os.getenv("DATABASE_PASSWORD", None), 86 | 'HOST': os.getenv("DATABASE_HOST", None), 87 | 'PORT': os.getenv("DATABASE_PORT", None), 88 | } 89 | } 90 | 91 | CELERY_BROKER_URL = 'amqp://{}:{}@{}:{}/{}'.format( 92 | os.getenv("RABBITMQ_USER", None), 93 | os.getenv("RABBITMQ_PASSWORD", None), 94 | os.getenv("RABBITMQ_HOST", None), 95 | os.getenv("RABBITMQ_PORT", "5672"), 96 | os.getenv("RABBITMQ_VHOST", "tower")) 97 | 98 | CHANNEL_LAYERS = { 99 | 'default': {'BACKEND': 'asgi_amqp.AMQPChannelLayer', 100 | 'ROUTING': 'awx.main.routing.channel_routing', 101 | 'CONFIG': {'url': CELERY_BROKER_URL}} 102 | } 103 | 104 | 105 | CACHES = { 106 | 'default': { 107 | 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', 108 | 'LOCATION': '{}:{}'.format(os.getenv("MEMCACHED_HOST", None), 109 | os.getenv("MEMCACHED_PORT", "11211")) 110 | }, 111 | 'ephemeral': { 112 | 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache', 113 | }, 114 | } 115 | -------------------------------------------------------------------------------- /awx/installer/local_build/files/supervisor.conf: -------------------------------------------------------------------------------- 1 | [supervisord] 2 | nodaemon = True 3 | umask = 022 4 | 5 | [program:nginx] 6 | command = nginx -g "daemon off;" 7 | autostart = true 8 | autorestart = true 9 | stopwaitsecs = 5 10 | stdout_logfile=/dev/stdout 11 | stdout_logfile_maxbytes=0 12 | stderr_logfile=/dev/stderr 13 | stderr_logfile_maxbytes=0 14 | 15 | [program:uwsgi] 16 | command = /var/lib/awx/venv/awx/bin/uwsgi --socket 127.0.0.1:8050 --module=awx.wsgi:application --vacuum --processes=5 --harakiri=120 --no-orphans --master --max-requests=1000 --master-fifo=/var/lib/awx/awxfifo --lazy-apps -b 32768 17 | directory = /var/lib/awx 18 | autostart = true 19 | autorestart = true 20 | stopwaitsecs = 15 21 | stopsignal = INT 22 | stdout_logfile=/dev/stdout 23 | stdout_logfile_maxbytes=0 24 | stderr_logfile=/dev/stderr 25 | stderr_logfile_maxbytes=0 26 | 27 | [program:daphne] 28 | command = /var/lib/awx/venv/awx/bin/daphne -b 127.0.0.1 -p 8051 awx.asgi:channel_layer 29 | directory = /var/lib/awx 30 | autostart = true 31 | autorestart = true 32 | stopwaitsecs = 5 33 | stdout_logfile=/dev/stdout 34 | stdout_logfile_maxbytes=0 35 | stderr_logfile=/dev/stderr 36 | stderr_logfile_maxbytes=0 37 | 38 | [group:tower-processes] 39 | programs=nginx,uwsgi,daphne 40 | priority=5 41 | 42 | # TODO: Exit Handler 43 | 44 | [unix_http_server] 45 | file=/tmp/supervisor.sock 46 | 47 | [supervisorctl] 48 | serverurl=unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket 49 | 50 | [rpcinterface:supervisor] 51 | supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface 52 | -------------------------------------------------------------------------------- /awx/installer/local_build/files/supervisor_task.conf: -------------------------------------------------------------------------------- 1 | [supervisord] 2 | nodaemon = True 3 | umask = 022 4 | 5 | [program:celery] 6 | # TODO: Needs to be reworked to dynamically use instance group queues 7 | command = /var/lib/awx/venv/awx/bin/celery worker -A awx -l debug --autoscale=4 -Ofair -Q tower_scheduler,tower_broadcast_all,tower,%(host_node_name)s -n celery@localhost 8 | directory = /var/lib/awx 9 | environment = LANGUAGE="en_US.UTF-8",LANG="en_US.UTF-8",LC_ALL="en_US.UTF-8",LC_CTYPE="en_US.UTF-8" 10 | #user = {{ aw_user }} 11 | autostart = true 12 | autorestart = true 13 | stopwaitsecs = 5 14 | stdout_logfile=/dev/stdout 15 | stdout_logfile_maxbytes=0 16 | stderr_logfile=/dev/stderr 17 | stderr_logfile_maxbytes=0 18 | 19 | [program:awx-celeryd-beat] 20 | command = /var/lib/awx/venv/awx/bin/celery beat -A awx -l debug --pidfile= -s /var/lib/awx/beat.db 21 | directory = /var/lib/awx 22 | autostart = true 23 | autorestart = true 24 | stopwaitsecs = 5 25 | redirect_stderr=true 26 | stdout_logfile = /dev/stdout 27 | stdout_logfile_maxbytes = 0 28 | stderr_logfile = /dev/stderr 29 | stderr_logfile_maxbytes = 0 30 | 31 | [program:callback-receiver] 32 | command = awx-manage run_callback_receiver 33 | directory = /var/lib/awx 34 | autostart = true 35 | autorestart = true 36 | stopwaitsecs = 5 37 | stdout_logfile=/dev/stdout 38 | stdout_logfile_maxbytes=0 39 | stderr_logfile=/dev/stderr 40 | stderr_logfile_maxbytes=0 41 | 42 | [program:channels-worker] 43 | command = awx-manage runworker --only-channels websocket.* 44 | directory = /var/lib/awx 45 | autostart = true 46 | autorestart = true 47 | stopwaitsecs = 5 48 | stdout_logfile=/dev/stdout 49 | stdout_logfile_maxbytes=0 50 | stderr_logfile=/dev/stderr 51 | stderr_logfile_maxbytes=0 52 | 53 | [group:tower-processes] 54 | programs=celery,callback-receiver,channels-worker 55 | priority=5 56 | 57 | # TODO: Exit Handler 58 | 59 | [unix_http_server] 60 | file=/tmp/supervisor.sock 61 | 62 | [supervisorctl] 63 | serverurl=unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket 64 | 65 | [rpcinterface:supervisor] 66 | supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface 67 | -------------------------------------------------------------------------------- /awx/installer/local_build/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install dependecies 3 | yum: state=present name={{ item }} 4 | with_items: 5 | - epel-release 6 | - npm 7 | - vim 8 | - gcc 9 | - gcc-c++ 10 | - bzip2 11 | 12 | - name: Get Version from checkout if not provided 13 | shell: "git describe --long | sed 's/\\-g.*//' | sed 's/\\-/\\./'" 14 | delegate_to: localhost 15 | register: awx_version_command 16 | when: awx_version is not defined 17 | 18 | - name: Set global version if not provided 19 | set_fact: 20 | awx_version: "{{ awx_version_command.stdout }}" 21 | when: awx_version is not defined 22 | 23 | - name: Verify awx-logos directory exists for official install 24 | stat: 25 | path: "../../awx-logos" 26 | delegate_to: localhost 27 | register: logosdir 28 | failed_when: logosdir.stat.isdir is not defined or not logosdir.stat.isdir 29 | when: awx_official|default(false)|bool 30 | 31 | - name: Copy logos for inclusion in sdist 32 | copy: 33 | src: "../../awx-logos/awx/ui/client/assets" 34 | dest: "../awx/ui/client/" 35 | delegate_to: localhost 36 | when: awx_official|default(false)|bool 37 | 38 | - name: Set sdist file name 39 | set_fact: 40 | awx_sdist_file: "awx-{{ awx_version }}.tar.gz" 41 | 42 | - name: AWX Distribution 43 | debug: 44 | msg: "{{ awx_sdist_file }}" 45 | 46 | - name: Stat distribution file 47 | stat: 48 | path: "../dist/{{ awx_sdist_file }}" 49 | delegate_to: localhost 50 | register: sdist 51 | 52 | - name: Clean distribution 53 | shell: make clean 54 | args: 55 | chdir: .. 56 | ignore_errors: yes 57 | when: not sdist.stat.exists 58 | delegate_to: localhost 59 | 60 | - name: Build AWX distribution locally 61 | shell: make sdist 62 | args: 63 | chdir: .. 64 | delegate_to: localhost 65 | when: not use_container_for_build|default(true)|bool 66 | 67 | - name: Set docker build base path 68 | set_fact: 69 | docker_base_path: "{{ awx_local_base_config_path|default('/tmp') }}/docker-image" 70 | 71 | - name: Set awx_web image name 72 | set_fact: 73 | awx_web_image: "{{ awx_web_image|default('awx_web') }}" 74 | 75 | - name: Set awx_task image name 76 | set_fact: 77 | awx_task_image: "{{ awx_task_image|default('awx_task') }}" 78 | 79 | - name: Ensure directory exists 80 | file: 81 | path: "{{ docker_base_path }}" 82 | state: directory 83 | delegate_to: localhost 84 | 85 | - name: Stage sdist 86 | copy: 87 | src: "../dist/{{ awx_sdist_file }}" 88 | dest: "{{ docker_base_path }}/{{ awx_sdist_file }}" 89 | delegate_to: localhost 90 | 91 | - name: Template web Dockerfile 92 | template: 93 | src: Dockerfile.j2 94 | dest: "{{ docker_base_path }}/Dockerfile" 95 | delegate_to: localhost 96 | 97 | - name: Template task Dockerfile 98 | template: 99 | src: Dockerfile.task.j2 100 | dest: "{{ docker_base_path }}/Dockerfile.task" 101 | delegate_to: localhost 102 | 103 | - name: Stage launch_awx 104 | copy: 105 | src: launch_awx.sh 106 | dest: "{{ docker_base_path }}/launch_awx.sh" 107 | mode: '0700' 108 | delegate_to: localhost 109 | 110 | - name: Stage launch_awx_task 111 | copy: 112 | src: launch_awx_task.sh 113 | dest: "{{ docker_base_path }}/launch_awx_task.sh" 114 | mode: '0700' 115 | delegate_to: localhost 116 | 117 | - name: Stage nginx.conf 118 | copy: 119 | src: nginx.conf 120 | dest: "{{ docker_base_path }}/nginx.conf" 121 | delegate_to: localhost 122 | 123 | - name: Stage supervisor.conf 124 | copy: 125 | src: supervisor.conf 126 | dest: "{{ docker_base_path }}/supervisor.conf" 127 | delegate_to: localhost 128 | 129 | - name: Stage supervisor_task.conf 130 | copy: 131 | src: supervisor_task.conf 132 | dest: "{{ docker_base_path }}/supervisor_task.conf" 133 | delegate_to: localhost 134 | 135 | - name: Stage settings.py 136 | copy: 137 | src: settings.py 138 | dest: "{{ docker_base_path }}/settings.py" 139 | delegate_to: localhost 140 | 141 | - name: Stage requirements 142 | copy: 143 | src: ../requirements/ 144 | dest: "{{ docker_base_path }}/requirements" 145 | delegate_to: localhost 146 | 147 | - name: Stage Makefile 148 | copy: 149 | src: ../Makefile 150 | dest: "{{ docker_base_path }}/Makefile" 151 | delegate_to: localhost 152 | 153 | - name: State ansible repo 154 | copy: 155 | src: 'ansible.repo' 156 | dest: '{{ docker_base_path }}/ansible.repo' 157 | delegate_to: localhost 158 | 159 | - name: State ansible repo key 160 | copy: 161 | src: 'RPM-GPG-KEY-ansible-release' 162 | dest: '{{ docker_base_path }}/RPM-GPG-KEY-ansible-release' 163 | delegate_to: localhost 164 | 165 | #- name: Build base web image 166 | # docker_image: 167 | # buildargs: 168 | # http_proxy: "{{ http_proxy | default('') }}" 169 | # https_proxy: "{{ https_proxy | default('') }}" 170 | # no_proxy: "{{ no_proxy | default('') }}" 171 | # path: "{{ docker_base_path }}" 172 | # dockerfile: Dockerfile 173 | # name: "{{ awx_web_image }}" 174 | # tag: "{{ awx_version }}" 175 | # delegate_to: localhost 176 | 177 | #- name: Build base task image 178 | # docker_image: 179 | # buildargs: 180 | # http_proxy: "{{ http_proxy | default('') }}" 181 | # https_proxy: "{{ https_proxy | default('') }}" 182 | # no_proxy: "{{ no_proxy | default('') }}" 183 | # path: "{{ docker_base_path }}" 184 | # dockerfile: Dockerfile.task 185 | # name: "{{ awx_task_image }}" 186 | # tag: "{{ awx_version }}" 187 | # pull: no 188 | # delegate_to: localhost 189 | 190 | #- name: Clean docker base directory 191 | # file: 192 | # path: "{{ docker_base_path }}" 193 | # state: absent 194 | # when: cleanup_docker_base|default(True) 195 | # delegate_to: localhost 196 | -------------------------------------------------------------------------------- /awx/installer/local_build/templates/Dockerfile.j2: -------------------------------------------------------------------------------- 1 | FROM centos:7 2 | 3 | # Do we need this? 4 | #RUN locale-gen en_US.UTF-8 5 | #ENV LANG en_US.UTF-8 6 | #ENV LANGUAGE en_US:en 7 | #ENV LC_ALL en_US.UTF-8 8 | 9 | USER root 10 | 11 | # Init System 12 | ADD https://github.com/krallin/tini/releases/download/v0.14.0/tini /tini 13 | RUN chmod +x /tini 14 | 15 | ADD Makefile /tmp/Makefile 16 | RUN mkdir /tmp/requirements 17 | ADD requirements/requirements_ansible.txt \ 18 | requirements/requirements_ansible_uninstall.txt \ 19 | requirements/requirements_ansible_git.txt \ 20 | requirements/requirements.txt \ 21 | requirements/requirements_tower_uninstall.txt \ 22 | requirements/requirements_git.txt \ 23 | /tmp/requirements/ 24 | ADD ansible.repo /etc/yum.repos.d/ansible.repo 25 | ADD RPM-GPG-KEY-ansible-release /etc/pki/rpm-gpg/RPM-GPG-KEY-ansible-release 26 | # OS Dependencies 27 | WORKDIR /tmp 28 | RUN mkdir -p /var/lib/awx/public/static 29 | RUN chgrp -Rf root /var/lib/awx && chmod -Rf g+w /var/lib/awx 30 | RUN yum -y install epel-release && \ 31 | yum -y localinstall http://download.postgresql.org/pub/repos/yum/9.6/redhat/rhel-7-x86_64/pgdg-centos96-9.6-3.noarch.rpm && \ 32 | yum -y update && \ 33 | yum -y install ansible git mercurial subversion curl python-psycopg2 python-pip python-setuptools libselinux-python setools-libs yum-utils sudo acl make postgresql-devel nginx python-psutil libxml2-devel libxslt-devel libstdc++.so.6 gcc cyrus-sasl-devel cyrus-sasl openldap-devel libffi-devel python-pip xmlsec1-devel swig krb5-devel xmlsec1-openssl xmlsec1 xmlsec1-openssl-devel libtool-ltdl-devel bubblewrap gcc-c++ python-devel krb5-workstation krb5-libs && \ 34 | pip install virtualenv supervisor && \ 35 | VENV_BASE=/var/lib/awx/venv make requirements_ansible && \ 36 | VENV_BASE=/var/lib/awx/venv make requirements_awx && \ 37 | yum -y remove gcc postgresql-devel libxml2-devel libxslt-devel cyrus-sasl-devel openldap-devel xmlsec1-devel krb5-devel xmlsec1-openssl-devel libtool-ltdl-devel gcc-c++ python-devel && \ 38 | yum -y clean all && \ 39 | rm -rf /root/.cache 40 | 41 | RUN mkdir -p /var/log/tower 42 | RUN mkdir -p /etc/tower 43 | COPY {{ awx_sdist_file }} /tmp/{{ awx_sdist_file }} 44 | RUN OFFICIAL=yes pip install /tmp/{{ awx_sdist_file }} 45 | 46 | RUN echo "{{ awx_version }}" > /var/lib/awx/.tower_version 47 | ADD nginx.conf /etc/nginx/nginx.conf 48 | ADD supervisor.conf /supervisor.conf 49 | ADD supervisor_task.conf /supervisor_task.conf 50 | ADD launch_awx.sh /usr/bin/launch_awx.sh 51 | ADD launch_awx_task.sh /usr/bin/launch_awx_task.sh 52 | RUN chmod +rx /usr/bin/launch_awx.sh && chmod +rx /usr/bin/launch_awx_task.sh 53 | ADD settings.py /etc/tower/settings.py 54 | RUN chmod g+w /etc/passwd 55 | RUN chmod -R 777 /var/log/nginx && chmod -R 777 /var/lib/nginx 56 | USER 1000 57 | EXPOSE 8052 58 | WORKDIR /var/lib/awx 59 | ENTRYPOINT ["/tini", "--"] 60 | CMD /usr/bin/launch_awx.sh 61 | -------------------------------------------------------------------------------- /awx/installer/local_build/templates/Dockerfile.task.j2: -------------------------------------------------------------------------------- 1 | FROM {{ awx_web_image }}:{{ awx_version }} 2 | USER 0 3 | RUN sudo yum -y remove nginx 4 | USER 1000 5 | EXPOSE 8052 6 | CMD /usr/bin/launch_awx_task.sh 7 | -------------------------------------------------------------------------------- /build-scripts/update-build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd /home/build/awx-rpm-build/awx 4 | 5 | git pull --quiet 6 | 7 | RELEASE=`git describe --long --first-parent |cut -f1-2 -d- |sed 's/-/./'` 8 | 9 | if [[ ! -f /home/build/awx-rpm-build/awx/dist/awx-$RELEASE.tar.gz ]] ; then 10 | echo "Building new release: $RELEASE" 11 | 12 | docker run -v `pwd`:/awx --rm -i centos:7 /bin/bash <"` 25 | CHANGE="\* $TIMESTAMP $RELEASE\n- New Git version build\n" 26 | echo $CHANGE 27 | 28 | sed -i 's/.*%changelog.*/&\n'"$CHANGE"'/' awx-rpm/awx.spec 29 | sed 's/¤VERSION¤/'$RELEASE'/g' awx-rpm/awx.spec > awx-rpm/awx-build.spec 30 | sed -i 's/¤SOURCE¤/awx-'$RELEASE'.tar.gz/g' awx-rpm/awx-build.spec 31 | 32 | cd /home/build/awx-rpm-build/awx-rpm 33 | 34 | cp /home/build/awx-rpm-build/awx/dist/awx-$RELEASE.tar.gz /home/build/awx-rpm-build/awx-rpm 35 | 36 | ./build.sh centos-7 37 | 38 | cd /home/build/awx-rpm-build/ 39 | 40 | if [[ ! -f /home/build/awx-rpm-build/awx-rpm/result/awx-$RELEASE-1.el7.centos.src.rpm ]]; then 41 | 42 | mail -s "AWX RPM Auto Build FAILED!! Version $RELEASE" "m@rtinjuhl.dk" < /etc/yum.repos.d/rabbitmq-erlang.repo 73 | 74 | yum -y install https://dl.bintray.com/rabbitmq/all/rabbitmq-server/3.7.5/rabbitmq-server-3.7.5-1.el7.noarch.rpm 75 | ``` 76 | 77 | * Install PostgreSQL and memcached 78 | ```bash 79 | yum install -y rh-postgresql96 memcached 80 | ``` 81 | 82 | * Install AWX: 83 | ```bash 84 | yum install -y awx 85 | ``` 86 | 87 | ### Configure Pre-Req Applications 88 | 89 | * Initialize DB 90 | ```bash 91 | scl enable rh-postgresql96 "postgresql-setup initdb" 92 | ``` 93 | 94 | * Start services: RabbitMQ 95 | ```bash 96 | systemctl enable rabbitmq-server 97 | systemctl start rabbitmq-server 98 | ``` 99 | 100 | * Start services: Postgresql Database 101 | ```bash 102 | systemctl start rh-postgresql96-postgresql.service 103 | systemctl enable rh-postgresql96-postgresql.service 104 | ``` 105 | 106 | * Start services: Memcached 107 | ```bash 108 | systemctl enable memcached 109 | systemctl start memcached 110 | ``` 111 | 112 | * Create Postgres user and DB: 113 | ```bash 114 | scl enable rh-postgresql96 "su postgres -c \"createuser -S awx\"" 115 | scl enable rh-postgresql96 "su postgres -c \"createdb -O awx awx\"" 116 | ``` 117 | 118 | ### Configure AWX 119 | 120 | * Import Database data: 121 | ```bash 122 | sudo -u awx /opt/awx/bin/awx-manage migrate 123 | ``` 124 | 125 | * Initial configuration of AWX 126 | ```bash 127 | echo "from django.contrib.auth.models import User; User.objects.create_superuser('admin', 'root@localhost', 'password')" | sudo -u awx /opt/awx/bin/awx-manage shell 128 | sudo -u awx /opt/awx/bin/awx-manage create_preload_data 129 | sudo -u awx /opt/awx/bin/awx-manage provision_instance --hostname=$(hostname) 130 | sudo -u awx /opt/awx/bin/awx-manage register_queue --queuename=tower --hostnames=$(hostname) 131 | ``` 132 | 133 | ### Install and Configure Web Server Proxy 134 | 135 | * Install NGINX as proxy: 136 | ```bash 137 | yum -y install nginx 138 | wget -O /etc/nginx/nginx.conf https://raw.githubusercontent.com/MrMEEE/awx-build/master/nginx.conf 139 | systemctl enable nginx 140 | systemctl start nginx 141 | ``` 142 | 143 | ### Start and Enable AWX 144 | 145 | * Start Services 146 | ```bash 147 | systemctl start awx-cbreceiver 148 | systemctl start awx-dispatcher 149 | systemctl start awx-channels-worker 150 | systemctl start awx-daphne 151 | systemctl start awx-web 152 | ``` 153 | 154 | * Enable Services 155 | ```bash 156 | systemctl enable awx-cbreceiver 157 | systemctl enable awx-dispatcher 158 | systemctl enable awx-channels-worker 159 | systemctl enable awx-daphne 160 | systemctl enable awx-web 161 | ``` 162 | 163 | --- 164 | 165 | # Upgrade AWX Community Edition (RPM) 166 | 167 | ## Working Upgrade Paths 168 | 169 | Confirmed working upgrade paths: 170 | * 1.0.5.0 -> 1.0.5.31 (have tried almost every minor between) 171 | * 1.0.5.32 -> 1.0.6.0 172 | * 1.0.6.0 -> 1.0.6.1 173 | * 1.0.6.1 -> 1.0.6.3 174 | * 1.0.6.3 -> 1.0.6.7 175 | * 1.0.6.7 -> 1.0.6.8 [1](#workaround) 176 | * 1.0.6.8 -> 1.0.6.11 177 | * 1.0.6.11 -> 1.0.6.14 178 | * 1.0.6.14 -> 1.0.6.16 179 | * 1.0.6.16 -> 1.0.6.23 180 | * 1.0.6.23 -> 1.0.6.28 181 | * 1.0.6.28 -> 1.0.6.47 182 | * 1.0.6.47 -> 1.0.7.3 [1](#workaround) 183 | * 1.0.7.3 -> 1.0.7.4 184 | * 1.0.7.4 -> 1.0.7.9 [2](#merge) 185 | * 1.0.7.9 -> 1.0.8.14 186 | * 1.0.8.14 -> 2.0.0 187 | * 2.0.0 -> 2.1.0.74 [1](#workaround)[2](#merge) 188 | * 2.1.0.74 -> 2.1.0.119 189 | * 2.1.0.119 -> 2.1.0.155 190 | * 2.1.0.155 -> 2.1.0.194 191 | * 2.1.0.194 -> 2.1.0.272 [2](#merge) 192 | * 2.1.0.272 -> 2.1.1.27-2 [2](#merge) 193 | * 2.1.1.27-2 -> 2.1.1.36 194 | * 2.1.1.36 -> 2.1.2.1 195 | * 2.1.2.1 -> 2.1.2.32-3 196 | * 2.1.2.32 -> 2.1.2.36 197 | * 2.1.2.36 -> 2.1.2.44 198 | 199 | 1: [Small workarounds needed](migrations.md) 200 | 201 | 2: "awx-manage makemigrations" needs to be run with "--merge" 202 | 203 | Upgrading to newest version (not guaranteed to work) 204 | ```bash 205 | yum update 206 | sudo -u awx /opt/awx/bin/awx-manage makemigrations 207 | sudo -u awx /opt/awx/bin/awx-manage migrate 208 | ``` 209 | 210 | ## Broken Upgrade Paths 211 | 212 | Confirmed Breaking Upgrade paths: 213 | * 1.0.5.31 -> 1.0.5.32 214 | 215 | Here you need to get creative. 216 | 217 | Got an answer from the AWX Team: 218 | > "Upgrades between AWX versions are not expected to work. However, we have recently added an import/export capability to tower-cli/awx-cli, which allows you to export your job templates and other objects (not including credential secrets) to a JSON file, which you can then re-import to a freshly installed 1.0.6." 219 | 220 | They are referring to the awx-cli tool from their separate repo.. also, the awx-manage tool have a dumpdata/loaddata tool... 221 | 222 | I'm going to see if I can do a workaround for upgrades. 223 | 224 | 225 | ### Upgrade Method Using Export/Import Utility 226 | 227 | For the guys that really want to push their luck :)... Something like this will probably work. 228 | 229 | You have to install awx-cli in advance, available in the repo: 230 | ```bash 231 | yum install ansible-tower-cli 232 | ``` 233 | 234 | As far as I can see.. this is missing when using the awx-cli export/import: 235 | * Users (export is blank), and therefore user permissions isn't set 236 | * Log/History is not exported (not high priority in the short run) 237 | * Inventory Groups (custom created groups fails for me, going from 1.0.5.31->1.0.6.1 238 | * Credential passwords (there should be an option to include them) 239 | * LDAP/Auth config (is just not included) 240 | 241 | Create a backup of AWX data 242 | ```bash 243 | awx-cli receive --organization all --team all --credential_type all --credential all --notification_template all --user all --inventory_script all --inventory all --project all --job_template all --workflow all > alldata 244 | ``` 245 | 246 | Stop all services, re-create the database 247 | ```bash 248 | systemctl stop awx-celery-worker awx-cbreceiver awx-celery-beat awx-channels-worker awx-daphne awx-web 249 | su - postgres -c "dropdb awx" 250 | su - postgres -c "createdb -O awx awx" 251 | ``` 252 | 253 | Migrate AWX data into the new database 254 | ```bash 255 | sudo -u awx /opt/awx/bin/awx-manage migrate 256 | ``` 257 | 258 | Re-create the admin user, provision the instance and queues 259 | ```bash 260 | echo "from django.contrib.auth.models import User; User.objects.create_superuser('admin', 'root@localhost', 'test')" | sudo -u awx /opt/awx/bin/awx-manage shell 261 | sudo -u awx /opt/awx/bin/awx-manage provision_instance --hostname=$(hostname) 262 | sudo -u awx /opt/awx/bin/awx-manage register_queue --queuename=tower --hostnames=$(hostname) 263 | ``` 264 | 265 | Restore AWX data from the file (alldata) 266 | ```bash 267 | awx-cli send alldata 268 | ``` 269 | 270 | ### High availability setup 271 | Has been reported to work [here](https://github.com/MrMEEE/awx-build/issues/26) 272 | 273 | Steps: 274 | rabbitmq clustering 275 | disable celery-beat service 276 | modify the celery-worker execstart command 277 | 278 | 279 | 280 | -------------------------------------------------------------------------------- /installguide: -------------------------------------------------------------------------------- 1 | Instructions are now located here: https://github.com/MrMEEE/awx-build/blob/master/installguide.md 2 | -------------------------------------------------------------------------------- /installguide-old: -------------------------------------------------------------------------------- 1 | yum install epel-release 2 | yum -y localinstall http://download.postgresql.org/pub/repos/yum/9.6/redhat/rhel-7-x86_64/pgdg-centos96-9.6-3.noarch.rpm 3 | yum -y install postgresql96-server.x86_64 4 | /usr/pgsql-9.6/bin/postgresql96-setup initdb 5 | systemctl start postgresql-9.6.service 6 | systemctl enable postgresql-9.6.service 7 | 8 | yum -y install rabbitmq-server memcached 9 | systemctl start rabbitmq-server 10 | systemctl enable rabbitmq-server 11 | systemctl start memcached 12 | systemctl enable memcached 13 | 14 | ----- 15 | su - postgres 16 | psql 17 | create database awx; 18 | ---- 19 | 20 | /var/lib/pgsql/9.6/data/pg_hba.conf: 21 | 22 | -- 23 | local all all trust 24 | # IPv4 local connections: 25 | host all all 127.0.0.1/32 trust 26 | host all all localhost trust 27 | # IPv6 local connections: 28 | host all all ::1/128 ident 29 | -- 30 | 31 | yum -y install wget 32 | 33 | wget -O /etc/yum.repos.d/awx.repo https://copr.fedorainfracloud.org/coprs/mrmeee/awx/repo/epel-7/mrmeee-awx-epel-7.repo 34 | 35 | yum -y install awx 36 | 37 | set your machines hostname in /etc/tower/settings.py: 38 | CLUSTER_HOST_ID = "" 39 | 40 | systemctl enable awx-web 41 | systemctl start awx-web 42 | systemctl enable awx-task 43 | systemctl start awx-task 44 | 45 | Webinterface will be available at http://:8052 46 | -------------------------------------------------------------------------------- /installguide.md: -------------------------------------------------------------------------------- 1 | ### DEPRECATED ### 2 | 3 | All new information will be at: https://awx.wiki 4 | 5 | Issues will still be posted here... 6 | 7 | 8 | 9 | # Install AWX Community Edition (RPM) 10 | 11 | **Now updated to the newest release of AWX (python3 and PostgreSQL 10), please be adviced that this has not been firmly tested, yet..** 12 | 13 | **LinkedIn group for Questions, support, talk and more: https://www.linkedin.com/groups/13694893/** 14 | 15 | **Follow updates and other info at: https://twitter.com/martinjuhl and https://www.linkedin.com/in/martin-juhl-9b71b25/** 16 | 17 | **Caveats/TODO List** 18 | * Firewall rules has still not been created, so you'll have to make your own or disable the firewall... 19 | * Backup/Restore scripts 20 | * Fix Migrations/upgrades so that they will work everytime.. see bottom for more description.. 21 | 22 | Please submit issues here: https://github.com/MrMEEE/awx-build/issues 23 | 24 | ## PreReqs 25 | ### Disk requirements 26 | 27 | AWX is primarily resident in /opt/awx and /opt/rh/rh-python36, where it takes up around 500MB... 28 | 29 | It's works is done in tmp and /var/lib/awx.. but shouldn't take up much space... 30 | 31 | I would say that a server with 10GB of space should be more than enough to start with.. Of course this depends on your playbooks.. 32 | 33 | ## Installation Steps 34 | 35 | ### SELinux 36 | 37 | ``` 38 | yum -y install policycoreutils-python 39 | semanage port -a -t http_port_t -p tcp 8050 40 | semanage port -a -t http_port_t -p tcp 8051 41 | semanage port -a -t http_port_t -p tcp 8052 42 | setsebool -P httpd_can_network_connect 1 43 | ``` 44 | 45 | ### Repos 46 | 47 | * Activate EPEL 48 | * CentOS 49 | ```bash 50 | yum -y install epel-release 51 | ``` 52 | * RHEL 53 | ```bash 54 | yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm 55 | ``` 56 | 57 | * Activate PostgreSQL 10 and Python 3.6 58 | * CentOS x86_64 59 | ```bash 60 | yum -y install centos-release-scl centos-release-scl-rh # Software Collections 61 | ``` 62 | * CentOS ppc64le 63 | ```bash 64 | yum -y install centos-release-scl centos-release-scl-rh # Software Collections 65 | wget -O /etc/yum.repos.d/mrmeee-rh-postgresql10-epel-7.repo https://copr.fedorainfracloud.org/coprs/mrmeee/rh-postgresql10/repo/epel-7/mrmeee-rh-postgresql10-epel-7.repo 66 | ``` 67 | * RHEL x86_64 68 | ``` 69 | rpm -ivh http://mirror.centos.org/centos/7/extras/x86_64/Packages/centos-release-scl-rh-2-2.el7.centos.noarch.rpm 70 | subscription-manager repos --enable=rhel-server-rhscl-7-rpms 71 | ``` 72 | * RHEL ppc64le 73 | ``` 74 | rpm -ivh http://mirrors.dotsrc.org/centos-altarch/7/extras/ppc64le/Packages/centos-release-scl-rh-2-3.el7.centos.noarch.rpm 75 | subscription-manager repos --enable rhel-7-server-for-power-le-rhscl-rpms --enable=rhel-7-for-power-le-optional-rpms 76 | ``` 77 | * AWX Repo 78 | 79 | For all builds: 80 | ```bash 81 | yum install -y wget 82 | wget -O /etc/yum.repos.d/ansible-awx.repo https://copr.fedorainfracloud.org/coprs/mrmeee/ansible-awx/repo/epel-7/mrmeee-ansible-awx-epel-7.repo 83 | ``` 84 | 85 | ### Install Pre-Reqs for AWX 86 | 87 | * Install RabbitMQ 88 | * x86_64 89 | ``` 90 | echo "[bintraybintray-rabbitmq-rpm] 91 | name=bintray-rabbitmq-rpm 92 | baseurl=https://dl.bintray.com/rabbitmq/rpm/rabbitmq-server/v3.7.x/el/7/ 93 | gpgcheck=0 94 | repo_gpgcheck=0 95 | enabled=1 96 | 97 | [bintraybintray-rabbitmq-erlang-rpm] 98 | name=bintray-rabbitmq-erlang-rpm 99 | baseurl=https://dl.bintray.com/rabbitmq-erlang/rpm/erlang/21/el/7/ 100 | gpgcheck=0 101 | repo_gpgcheck=0 102 | enabled=1" > /etc/yum.repos.d/rabbitmq-erlang.repo 103 | 104 | yum -y install rabbitmq-server 105 | ``` 106 | * ppc64le 107 | ``` 108 | [bintraybintray-rabbitmq-rpm] 109 | name=bintray-rabbitmq-rpm 110 | baseurl=https://dl.bintray.com/rabbitmq/rpm/rabbitmq-server/v3.7.x/el/7/ 111 | gpgcheck=0 112 | repo_gpgcheck=0 113 | enabled=1" > /etc/yum.repos.d/rabbitmq-erlang.repo 114 | 115 | yum -y install rabbitmq-server 116 | ``` 117 | * Install PostgreSQL and memcached 118 | ```bash 119 | yum install -y rh-postgresql10 memcached 120 | ``` 121 | 122 | * Install Python dependecies (needs cleaning, probably too much) 123 | * CentOS 124 | ```bash 125 | yum -y install rh-python36 126 | yum -y install --disablerepo='*' --enablerepo='mrmeee-ansible-awx, base' -x *-debuginfo rh-python36* 127 | ``` 128 | * RHEL x86_64 129 | ```bash 130 | yum -y install rh-python36 131 | yum -y install --disablerepo='*' --enablerepo='mrmeee-ansible-awx, rhel-7-server-rpms' -x *-debuginfo rh-python36* 132 | ``` 133 | * RHEL ppc64le 134 | ``` 135 | yum -y install httpd24-httpd rh-python36 136 | yum -y install --disablerepo='*' --enablerepo='mrmeee-ansible-awx, rhel-7-for-power-le-rpms, rhel-7-for-power-le-optional-rpms' -x *-debuginfo,*-sphinx-*,rh-python36-python-test rh-python36* 137 | ``` 138 | * Install AWX: 139 | ```bash 140 | yum install -y ansible-awx 141 | ``` 142 | 143 | ### Configure Pre-Req Applications 144 | 145 | * Initialize DB 146 | ```bash 147 | scl enable rh-postgresql10 "postgresql-setup initdb" 148 | ``` 149 | 150 | * Start services: RabbitMQ 151 | ```bash 152 | systemctl enable rabbitmq-server 153 | systemctl start rabbitmq-server 154 | ``` 155 | 156 | * Start services: Postgresql Database 157 | ```bash 158 | systemctl start rh-postgresql10-postgresql.service 159 | systemctl enable rh-postgresql10-postgresql.service 160 | ``` 161 | 162 | * Start services: Memcached 163 | ```bash 164 | systemctl enable memcached 165 | systemctl start memcached 166 | ``` 167 | 168 | * Create Postgres user and DB: 169 | ```bash 170 | scl enable rh-postgresql10 "su postgres -c \"createuser -S awx\"" 171 | scl enable rh-postgresql10 "su postgres -c \"createdb -O awx awx\"" 172 | ``` 173 | 174 | ### Configure AWX 175 | 176 | * Import Database data: 177 | ```bash 178 | sudo -u awx scl enable rh-python36 rh-postgresql10 "awx-manage migrate" 179 | ``` 180 | 181 | * Initial configuration of AWX 182 | ```bash 183 | echo "from django.contrib.auth.models import User; User.objects.create_superuser('admin', 'root@localhost', 'password')" | sudo -u awx scl enable rh-python36 rh-postgresql10 "awx-manage shell" 184 | 185 | sudo -u awx scl enable rh-python36 rh-postgresql10 "awx-manage create_preload_data" 186 | sudo -u awx scl enable rh-python36 rh-postgresql10 "awx-manage provision_instance --hostname=$(hostname)" 187 | sudo -u awx scl enable rh-python36 rh-postgresql10 "awx-manage register_queue --queuename=tower --hostnames=$(hostname)" 188 | ``` 189 | 190 | ### Install and Configure Web Server Proxy 191 | 192 | * Install NGINX as proxy: 193 | ```bash 194 | yum -y install nginx 195 | wget -O /etc/nginx/nginx.conf https://raw.githubusercontent.com/MrMEEE/awx-build/master/nginx.conf 196 | systemctl enable nginx 197 | systemctl start nginx 198 | ``` 199 | 200 | ### Start and Enable AWX 201 | 202 | * Start Services 203 | ```bash 204 | systemctl start awx-cbreceiver 205 | systemctl start awx-dispatcher 206 | systemctl start awx-channels-worker 207 | systemctl start awx-daphne 208 | systemctl start awx-web 209 | ``` 210 | 211 | * Enable Services 212 | ```bash 213 | systemctl enable awx-cbreceiver 214 | systemctl enable awx-dispatcher 215 | systemctl enable awx-channels-worker 216 | systemctl enable awx-daphne 217 | systemctl enable awx-web 218 | ``` 219 | 220 | --- 221 | 222 | # Create Virtualenv for Ansible 223 | AWX runs Ansible inside Virtualenvs, to be able to utilize several version simultaneously. You should create one now, with your preferred Ansible version: 224 | 225 | ``` 226 | yum -y install gcc 227 | 228 | awx-create-venv [-options] venvname 229 | 230 | Create a Virtual Enviroment for use with AWX-RPM, containing Ansible 231 | 232 | Note: GCC is needed to setup the Virtual Environments, install gcc with "yum -y install gcc", if it's not installed.. 233 | 234 | options: 235 | -p, --pythonversion pythonversion to use (2 or 3), defaults to 3 236 | -a, --ansibleversion ansible version to install in venv, defaults to latest 237 | -n, --venvname name of venv, defaults to "{pythonversion}-{ansibleversion}-{date}" 238 | -e, --venvpath path where the venv will be created, defaults to /var/lib/awx/venv/ 239 | ``` 240 | 241 | Now this version can be selected for each play or organization default. (if you can't see it there, try to create another, there is a bug upstream, that means that the dropdown will first appear, when there are 3 or more venvs) 242 | 243 | 244 | # Upgrade AWX Community Edition (RPM) 245 | 246 | ## Working Upgrade Paths 247 | 248 | Confirmed working upgrade paths: 249 | * 1.0.5.0 -> 1.0.5.31 (have tried almost every minor between) 250 | * 1.0.5.32 -> 1.0.6.0 251 | * 1.0.6.0 -> 1.0.6.1 252 | * 1.0.6.1 -> 1.0.6.3 253 | * 1.0.6.3 -> 1.0.6.7 254 | * 1.0.6.7 -> 1.0.6.8 [1](#workaround) 255 | * 1.0.6.8 -> 1.0.6.11 256 | * 1.0.6.11 -> 1.0.6.14 257 | * 1.0.6.14 -> 1.0.6.16 258 | * 1.0.6.16 -> 1.0.6.23 259 | * 1.0.6.23 -> 1.0.6.28 260 | * 1.0.6.28 -> 1.0.6.47 261 | * 1.0.6.47 -> 1.0.7.3 [1](#workaround) 262 | * 1.0.7.3 -> 1.0.7.4 263 | * 1.0.7.4 -> 1.0.7.9 [2](#merge) 264 | * 1.0.7.9 -> 1.0.8.14 265 | * 1.0.8.14 -> 2.0.0 266 | * 2.0.0 -> 2.1.0.74 [1](#workaround)[2](#merge) 267 | * 2.1.0.74 -> 2.1.0.119 268 | * 2.1.0.119 -> 2.1.0.155 269 | * 2.1.0.155 -> 2.1.0.194 270 | * 2.1.0.194 -> 2.1.0.272 [2](#merge) 271 | * 2.1.0.272 -> 2.1.1.27-2 [2](#merge) 272 | * 2.1.1.27-2 -> 2.1.1.36 273 | * 2.1.1.36 -> 2.1.2.1 274 | * 2.1.2.1 -> 2.1.2.32-3 275 | * 2.1.2.32 -> 2.1.2.36 276 | * 2.1.2.36 -> 2.1.2.44 277 | * 2.1.2.44 -> 3.0.0.0 [1](#workaround) 278 | * 3.0.0.0 -> 3.0.0.59 279 | * 3.0.0.59 -> 3.0.0.124 280 | * 3.0.0.124 -> 3.0.1.12 281 | * 3.0.1.12 -> 3.0.1.35 282 | * 3.0.1.35 -> 3.0.1.219 283 | * 3.0.1.219 -> 3.0.1.223 284 | * 3.0.1.223 -> 3.0.1.305 285 | * 3.0.1.305 -> 3.0.1.340-2 286 | * 3.0.1.340-2 -> 4.0.0.4 287 | * 4.0.0.4 -> 4.0.0.6 288 | * 4.0.0.6 -> 4.0.0.15 289 | * 4.0.0.15 -> 4.0.0.43 290 | * 4.0.0.43 -> 4.0.0.144 291 | * 4.0.0.144 -> 4.0.0.227 [1](#workaround) 292 | * 4.0.0.227 -> 4.0.0.299 293 | * 4.0.0.299 -> 4.0.0.347 [1](#workaround) 294 | * 4.0.0.347 -> 4.0.0.354 295 | * 4.0.0.347 -> 4.0.0.376 296 | * 4.0.0.376 -> 4.0.0.541 297 | * 4.0.0.541 -> 4.0.0.616 298 | 299 | 1: [Small workarounds needed](migrations.md) 300 | 301 | 2: "awx-manage makemigrations" needs to be run with "--merge" 302 | 303 | Upgrading to newest version (not guaranteed to work) 304 | ```bash 305 | yum update 306 | yum install --disablerepo='*' --enablerepo='mrmeee-ansible-awx, base' -x *-debuginfo rh-python36* 307 | sudo -u awx scl enable rh-postgresql10 rh-python36 "awx-manage makemigrations" 308 | sudo -u awx scl enable rh-postgresql10 rh-python36 "awx-manage migrate" 309 | ``` 310 | 311 | ## Broken Upgrade Paths 312 | 313 | Confirmed Breaking Upgrade paths: 314 | * 1.0.5.31 -> 1.0.5.32 315 | 316 | Here you need to get creative. 317 | 318 | Got an answer from the AWX Team: 319 | > "Upgrades between AWX versions are not expected to work. However, we have recently added an import/export capability to tower-cli/awx-cli, which allows you to export your job templates and other objects (not including credential secrets) to a JSON file, which you can then re-import to a freshly installed 1.0.6." 320 | 321 | They are referring to the awx-cli tool from their separate repo.. also, the awx-manage tool have a dumpdata/loaddata tool... 322 | 323 | I'm going to see if I can do a workaround for upgrades. 324 | 325 | 326 | ### Upgrade Method Using Export/Import Utility 327 | 328 | For the guys that really want to push their luck :)... Something like this will probably work. 329 | 330 | You have to install awx-cli in advance, available in the repo: 331 | ```bash 332 | yum install ansible-tower-cli 333 | ``` 334 | 335 | As far as I can see.. this is missing when using the awx-cli export/import: 336 | * Users (export is blank), and therefore user permissions isn't set 337 | * Log/History is not exported (not high priority in the short run) 338 | * Inventory Groups (custom created groups fails for me, going from 1.0.5.31->1.0.6.1 339 | * Credential passwords (there should be an option to include them) 340 | * LDAP/Auth config (is just not included) 341 | 342 | Create a backup of AWX data 343 | ```bash 344 | awx-cli receive --organization all --team all --credential_type all --credential all --notification_template all --user all --inventory_script all --inventory all --project all --job_template all --workflow all > alldata 345 | ``` 346 | 347 | Stop all services, re-create the database 348 | ```bash 349 | systemctl stop awx-celery-worker awx-cbreceiver awx-celery-beat awx-channels-worker awx-daphne awx-web 350 | su - postgres -c "dropdb awx" 351 | su - postgres -c "createdb -O awx awx" 352 | ``` 353 | 354 | Migrate AWX data into the new database 355 | ```bash 356 | sudo -u awx /opt/awx/bin/awx-manage migrate 357 | ``` 358 | 359 | Re-create the admin user, provision the instance and queues 360 | ```bash 361 | echo "from django.contrib.auth.models import User; User.objects.create_superuser('admin', 'root@localhost', 'test')" | sudo -u awx /opt/awx/bin/awx-manage shell 362 | sudo -u awx /opt/awx/bin/awx-manage provision_instance --hostname=$(hostname) 363 | sudo -u awx /opt/awx/bin/awx-manage register_queue --queuename=tower --hostnames=$(hostname) 364 | ``` 365 | 366 | Restore AWX data from the file (alldata) 367 | ```bash 368 | awx-cli send alldata 369 | ``` 370 | 371 | ### High availability setup 372 | Has been reported to work [here](https://github.com/MrMEEE/awx-build/issues/26) 373 | 374 | Steps: 375 | rabbitmq clustering 376 | disable celery-beat service 377 | modify the celery-worker execstart command 378 | 379 | 380 | ### Interesting Links 381 | [https://github.com/sujiar37/AWX-HA-InstanceGroup] Ansible playbook Repository for HA for the Docker version 382 | 383 | -------------------------------------------------------------------------------- /migrations.md: -------------------------------------------------------------------------------- 1 | # Migration issues: 2 | * 4.0.0.299 -> 4.0.0.347 3 | ``` 4 | yum -y install ansible-awx 5 | yum -y install rh-python36-ansible-tower-cli 6 | yum install --disablerepo='*' --enablerepo='mrmeee-ansible-awx, base' -x *-debuginfo rh-python36* 7 | sudo -u awx scl enable rh-postgresql10 rh-python36 "awx-manage makemigrations" 8 | sudo -u awx scl enable rh-postgresql10 rh-python36 "awx-manage migrate" 9 | ``` 10 | If you have made custom settings to /etc/tower/settings.py, set: 11 | ``` 12 | AWX_PROOT_ENABLED = True 13 | ``` 14 | Setup Tower CLI: 15 | ``` 16 | scl enable rh-python36 "tower-cli config host http://:8052" 17 | scl enable rh-python36 "tower-cli config username " 18 | scl enable rh-python36 "tower-cli config password " 19 | ``` 20 | Change Tower server to Isolated mode: 21 | ``` 22 | scl enable rh-python36 "tower-cli setting modify AWX_PROOT_ENABLED true" 23 | ``` 24 | Restart services 25 | ``` 26 | systemctl restart awx-cbreceiver.service awx-channels-worker.service awx-daphne.service awx-dispatcher.service awx-web.service 27 | ``` 28 | 29 | * 4.0.0.144 -> 4.0.0.227 30 | ``` 31 | yum -y remove rh-python36-python-wheel 32 | yum -y install ansible-awx 33 | yum install --disablerepo='*' --enablerepo='mrmeee-ansible-awx, base' -x *-debuginfo rh-python36* 34 | sudo -u awx scl enable rh-postgresql10 rh-python36 "awx-manage makemigrations" 35 | sudo -u awx scl enable rh-postgresql10 rh-python36 "awx-manage migrate" 36 | ``` 37 | Restart services 38 | ``` 39 | systemctl restart awx-cbreceiver.service awx-channels-worker.service awx-daphne.service awx-dispatcher.service awx-web.service 40 | ``` 41 | 42 | * 2.1.2.44 -> 3.0.0.0 43 | 44 | ```bash 45 | yum install -y rh-postgresql10 rh-postgresql10-postgresql-devel 46 | 47 | scl enable rh-postgresql10 "postgresql-setup initdb" 48 | 49 | wget -O /etc/yum.repos.d/ansible-awx.repo https://copr.fedorainfracloud.org/coprs/mrmeee/ansible-awx/repo/epel-7/mrmeee-ansible-awx-epel-7.repo 50 | 51 | rm -f /etc/yum.repos.d/awx-rpm.repo 52 | ``` 53 | CentOS: 54 | ``` 55 | yum -y install centos-release-scl-rh 56 | ``` 57 | RHEL: 58 | ``` 59 | rpm -ivh http://mirror.centos.org/centos/7/extras/x86_64/Packages/centos-release-scl-rh-2-2.el7.centos.noarch.rpm 60 | ``` 61 | 62 | Install Dependencies and stop services: 63 | ``` 64 | yum -y install --disablerepo='*' --enablerepo='mrmeee-ansible-awx, base' -x rh-python36-azure* rh-python36* 65 | 66 | systemctl stop awx-cbreceiver awx-channels-worker awx-daphne awx-dispatcher awx-web 67 | ``` 68 | If postgresql-9.6 is installed WITH software collections: 69 | ```bash 70 | systemctl stop rh-postgresql96-postgresql 71 | scl enable rh-postgresql10 "pg_upgrade -b /opt/rh/rh-postgresql96/root/usr/bin/ -B /opt/rh/rh-postgresql10/root/usr/bin/ -d /var/opt/rh/rh-postgresql96/lib/pgsql/data -D /var/opt/rh/rh-postgresql10/lib/pgsql/data" 72 | 73 | ``` 74 | If postgresql-9.6 is installed WITHOUT software collections: 75 | ```bash 76 | systemctl stop postgresql-9.6 77 | sudo -u postgres scl enable rh-postgresql10 "pg_upgrade -b /usr/pgsql-9.6/bin/ -B /opt/rh/rh-postgresql10/root/usr/bin/ -d /var/lib/pgsql/9.6/data/ -D /var/opt/rh/rh-postgresql10/lib/pgsql/data" 78 | 79 | ``` 80 | Upgrade to the new AWX-RPM: 81 | ```bash 82 | yum -y install ansible-awx 83 | ``` 84 | Cleanup: 85 | ```bash 86 | yum -y remove rh-postgresql96* postgresql96* awx 87 | ``` 88 | Start Services and upgrade db: 89 | ```bash 90 | systemctl start rh-postgresql10-postgresql.service 91 | systemctl enable rh-postgresql10-postgresql.service 92 | 93 | sudo -u awx scl enable rh-postgresql10 rh-python36 "awx-manage makemigrations" 94 | sudo -u awx scl enable rh-postgresql10 rh-python36 "awx-manage migrate" 95 | 96 | systemctl start awx-cbreceiver awx-channels-worker awx-daphne awx-dispatcher awx-web 97 | ``` 98 | 99 | * 2.0.0 -> 2.1.0.74 100 | 101 | ``` 102 | systemctl enable awx-dispatcher.service 103 | systemctl start awx-dispatcher.service 104 | ``` 105 | 106 | * 1.0.6.47 -> 1.0.7.3 107 | 108 | sudo -u awx /opt/awx/bin/awx-manage makemigrations --merge 109 | 110 | /opt/awx/embedded/lib/python2.7/site-packages/awx/main/migrations/0043_v330_oauth2accesstoken_modified.py 111 | 112 | ``` 113 | # -*- coding: utf-8 -*- 114 | # Generated by Django 1.11.11 on 2018-07-10 14:02 115 | from __future__ import unicode_literals 116 | 117 | from django.db import migrations, models 118 | 119 | 120 | class Migration(migrations.Migration): 121 | 122 | dependencies = [ 123 | ('main', '0042_v330_org_member_role_deparent'), 124 | ] 125 | 126 | operations = [ 127 | migrations.AddField( 128 | model_name='oauth2accesstoken', 129 | name='modified', 130 | field=models.DateTimeField(editable=False,null=True), 131 | ), 132 | ] 133 | 134 | ``` 135 | 136 | Inserted "null=True" 137 | 138 | sudo -u awx /opt/awx/bin/awx-manage migrate 139 | 140 | su - postgres 141 | \c awx 142 | ALTER TABLE main_organization ADD COLUMN job_template_admin_role_id integer; 143 | ALTER TABLE main_organization ADD FOREIGN KEY (job_template_admin_role_id) REFERENCES main_rbac_roles(id) DEFERRABLE INITIALLY DEFERRED; 144 | 145 | There is an issue with awx-celery-worker, which will be fixed with the next build, but for 1.0.7.3 change: 146 | 147 | ExecStart=/opt/awx/bin/celery worker -A awx -B -l info --autoscale=50,4 -Ofair -s /var/lib/awx/beat.db -n celery@%(ENV_HOSTNAME)s 148 | to 149 | ExecStart=/opt/awx/bin/celery worker -A awx -B -l info --autoscale=50,4 -Ofair -s /var/lib/awx/beat.db -n celery@%H 150 | 151 | in: 152 | 153 | /usr/lib/systemd/system/awx-celery-worker.service 154 | 155 | systemctl daemon-reload 156 | 157 | systemctl restart awx-celery-worker awx-cbreceiver awx-celery-beat awx-channels-worker awx-daphne awx-web 158 | 159 | REF: https://github.com/ansible/awx/issues/2173 160 | 161 | 162 | * 1.0.6.7 -> 1.0.6.8 163 | 164 | Something in rabbitmq changed.. so we need to upgrade to newer RabbitMQ: 165 | ``` 166 | 167 | systemctl stop rabbitmq-server 168 | yum -y remove erlang-erts-R16B-03.18.el7.x86_64 169 | echo "[rabbitmq-erlang] 170 | name=rabbitmq-erlang 171 | baseurl=https://dl.bintray.com/rabbitmq/rpm/erlang/20/el/7 172 | gpgcheck=1 173 | gpgkey=https://dl.bintray.com/rabbitmq/Keys/rabbitmq-release-signing-key.asc 174 | repo_gpgcheck=0 175 | enabled=1" > /etc/yum.repos.d/rabbitmq-erlang.repo 176 | 177 | yum -y install https://dl.bintray.com/rabbitmq/all/rabbitmq-server/3.7.5/rabbitmq-server-3.7.5-1.el7.noarch.rpm 178 | 179 | rm -rf /var/lib/rabbitmq/mnesia/ 180 | 181 | systemctl start rabbitmq-server 182 | 183 | rabbitmqctl stop_app 184 | rabbitmqctl reset 185 | rabbitmqctl start_app 186 | 187 | systemctl restart awx-celery-worker awx-cbreceiver awx-celery-beat awx-channels-worker awx-daphne awx-web 188 | ``` 189 | comment out these two lines in /etc/awx/settings.py: (will be fixed from version 1.0.6.9) 190 | ``` 191 | CELERY_ROUTES['awx.main.tasks.cluster_node_heartbeat'] = {'queue': CLUSTER_HOST_ID, 'routing_key': CLUSTER_HOST_ID} 192 | CELERY_ROUTES['awx.main.tasks.purge_old_stdout_files'] = {'queue': CLUSTER_HOST_ID, 'routing_key': CLUSTER_HOST_ID} 193 | ``` 194 | 195 | and change a line in this file: (will be fixed from version 1.0.6.9) 196 | /usr/lib/systemd/system/awx-celery-worker.service 197 | ``` 198 | ExecStart=/opt/awx/bin/celery worker -A awx -l info --autoscale=4 -Ofair -Q tower_scheduler,tower_broadcast_all,tower,%H -n celery@%H 199 | 200 | to 201 | 202 | ExecStart=/opt/awx/bin/celery worker -A awx -B -l info --autoscale=50,4 -Ofair -s /var/lib/awx/beat.db -n celery@%(ENV_HOSTNAME)s 203 | 204 | ``` 205 | -------------------------------------------------------------------------------- /nginx.conf: -------------------------------------------------------------------------------- 1 | #user awx; 2 | 3 | worker_processes 1; 4 | 5 | error_log /var/log/nginx/error_log warn; 6 | pid /var/run/nginx.pid; 7 | 8 | events { 9 | worker_connections 1024; 10 | } 11 | 12 | http { 13 | include /etc/nginx/mime.types; 14 | default_type application/octet-stream; 15 | 16 | log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 17 | '$status $body_bytes_sent "$http_referer" ' 18 | '"$http_user_agent" "$http_x_forwarded_for"'; 19 | 20 | access_log /var/log/nginx/access_log main; 21 | 22 | map $http_upgrade $connection_upgrade { 23 | default upgrade; 24 | '' close; 25 | } 26 | 27 | sendfile on; 28 | #tcp_nopush on; 29 | #gzip on; 30 | 31 | upstream uwsgi { 32 | server 127.0.0.1:8050; 33 | } 34 | 35 | upstream daphne { 36 | server 127.0.0.1:8051; 37 | } 38 | 39 | server { 40 | listen 8052 default_server; 41 | 42 | # If you have a domain name, this is where to add it 43 | server_name _; 44 | keepalive_timeout 65; 45 | 46 | # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months) 47 | add_header Strict-Transport-Security max-age=15768000; 48 | 49 | location /static/ { 50 | alias /opt/awx/static/; 51 | } 52 | 53 | location /favicon.ico { alias /opt/awx/static/favicon.ico; } 54 | 55 | location /websocket { 56 | # Pass request to the upstream alias 57 | proxy_pass http://daphne; 58 | # Require http version 1.1 to allow for upgrade requests 59 | proxy_http_version 1.1; 60 | # We want proxy_buffering off for proxying to websockets. 61 | proxy_buffering off; 62 | # http://en.wikipedia.org/wiki/X-Forwarded-For 63 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 64 | # enable this if you use HTTPS: 65 | proxy_set_header X-Forwarded-Proto https; 66 | # pass the Host: header from the client for the sake of redirects 67 | proxy_set_header Host $http_host; 68 | # We've set the Host header, so we don't need Nginx to muddle 69 | # about with redirects 70 | proxy_redirect off; 71 | # Depending on the request value, set the Upgrade and 72 | # connection headers 73 | proxy_set_header Upgrade $http_upgrade; 74 | proxy_set_header Connection $connection_upgrade; 75 | } 76 | 77 | location / { 78 | # Add trailing / if missing 79 | rewrite ^(.*)$http_host(.*[^/])$ $1$http_host$2/ permanent; 80 | uwsgi_read_timeout 120s; 81 | uwsgi_pass uwsgi; 82 | include /etc/nginx/uwsgi_params; 83 | proxy_set_header X-Forwarded-Port 443; 84 | } 85 | } 86 | } 87 | -------------------------------------------------------------------------------- /releases/awx-1.0.1.234.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MrMEEE/awx-build/f66b9c65f1384fe2d68c9f17ac539730906c4255/releases/awx-1.0.1.234.tar.gz -------------------------------------------------------------------------------- /rpm/awx-task.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=AWX Task Service 3 | Wants=network.target 4 | After=network.target 5 | 6 | [Service] 7 | Type=simple 8 | User=awx 9 | Group=awx 10 | ExecStart=/bin/bash -c 'source /etc/tower/env.sh && /usr/bin/launch_awx_task.sh' 11 | 12 | [Install] 13 | WantedBy=multi-user.target 14 | -------------------------------------------------------------------------------- /rpm/awx-web.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=AWX Web Service 3 | Wants=network.target 4 | After=network.target 5 | 6 | [Service] 7 | Type=simple 8 | User=root 9 | Group=root 10 | ExecStart=/bin/bash -c 'source /etc/tower/env.sh && /usr/bin/launch_awx.sh' 11 | 12 | [Install] 13 | WantedBy=multi-user.target 14 | -------------------------------------------------------------------------------- /rpm/awx.conf: -------------------------------------------------------------------------------- 1 | map $http_upgrade $connection_upgrade { 2 | default upgrade; 3 | '' close; 4 | } 5 | 6 | #tcp_nopush on; 7 | #gzip on; 8 | 9 | upstream uwsgi { 10 | server localhost:8050; 11 | } 12 | 13 | upstream daphne { 14 | server localhost:8051; 15 | } 16 | 17 | server { 18 | listen 8052 default_server; 19 | 20 | # If you have a domain name, this is where to add it 21 | server_name _; 22 | keepalive_timeout 65; 23 | 24 | # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months) 25 | add_header Strict-Transport-Security max-age=15768000; 26 | 27 | location /static/ { 28 | alias /var/lib/awx/public/static/; 29 | } 30 | 31 | location /favicon.ico { alias /var/lib/awx/public/static/favicon.ico; } 32 | 33 | location /websocket { 34 | # Pass request to the upstream alias 35 | proxy_pass http://daphne; 36 | # Require http version 1.1 to allow for upgrade requests 37 | proxy_http_version 1.1; 38 | # We want proxy_buffering off for proxying to websockets. 39 | proxy_buffering off; 40 | # http://en.wikipedia.org/wiki/X-Forwarded-For 41 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 42 | # enable this if you use HTTPS: 43 | proxy_set_header X-Forwarded-Proto https; 44 | # pass the Host: header from the client for the sake of redirects 45 | proxy_set_header Host $http_host; 46 | # We've set the Host header, so we don't need Nginx to muddle 47 | # about with redirects 48 | proxy_redirect off; 49 | # Depending on the request value, set the Upgrade and 50 | # connection headers 51 | proxy_set_header Upgrade $http_upgrade; 52 | proxy_set_header Connection $connection_upgrade; 53 | } 54 | 55 | location / { 56 | # Add trailing / if missing 57 | rewrite ^(.*[^/])$ $1/ permanent; 58 | uwsgi_read_timeout 120s; 59 | uwsgi_pass uwsgi; 60 | include /etc/nginx/uwsgi_params; 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /rpm/awx.spec: -------------------------------------------------------------------------------- 1 | %global __os_install_post %(echo '%{__os_install_post}' | sed -e 's!/usr/lib[^[:space:]]*/brp-python-bytecompile[[:space:]].*$!!g') 2 | %global __arch_install_post %{nil} 3 | 4 | Name: awx 5 | Version: 1.0.1.234 6 | Release: 1%{?dist} 7 | Summary: Package source version control system 8 | 9 | Group: Utilities/Management 10 | 11 | License: MIT and GPLv1 and GPLv2+ 12 | #URL: https://github.com/release-engineering/dist-git 13 | Source0: %{name}-%{version}.tar.gz 14 | Source1: awx.conf 15 | Source2: supervisor.conf 16 | Source3: supervisor_task.conf 17 | Source4: launch_awx.sh 18 | Source5: launch_awx_task.sh 19 | Source6: settings.py 20 | Source7: env.sh 21 | Source8: awx-web.service 22 | Source9: awx-task.service 23 | Patch1: uninstall-fix.patch 24 | 25 | AutoReqProv: 0 26 | 27 | BuildRequires: git libffi-devel python-pip gcc postgresql-devel libxml2-devel libxslt-devel cyrus-sasl-devel openldap-devel xmlsec1-devel krb5-devel xmlsec1-openssl-devel libtool-ltdl-devel gcc-c++ python-devel python-virtualenv 28 | Requires: ansible git mercurial subversion curl python-psycopg2 python-pip python-setuptools libselinux-python setools-libs yum-utils sudo acl make nginx python-psutil libstdc++.so.6 cyrus-sasl libffi-devel python-pip swig xmlsec1-openssl xmlsec1 bubblewrap krb5-workstation krb5-libs supervisor memcached 29 | 30 | %description 31 | AWX is the Community version of Ansible Tower 32 | 33 | %prep 34 | %setup -q 35 | %patch1 -p0 36 | 37 | %install 38 | mkdir -p %{buildroot}/var/lib/awx/public/static 39 | #pip install virtualenv supervisor 40 | #virtualenv --system-site-packages "%{buildroot}/var/lib/awx/venv" 41 | #PIP_OPTIONS="$PIP_OPTIONS --root \"%{buildroot}\"" make requirements_ansible 42 | #PIP_OPTIONS="$PIP_OPTIONS --root \"%{buildroot}\"" make requirements_awx 43 | #VENV_BASE=%{buildroot}/var/lib/awx/venv PIP_OPTIONS="$PIP_OPTIONS --root \"%{buildroot}\"" make requirements_ansible 44 | #VENV_BASE=%{buildroot}/var/lib/awx/venv PIP_OPTIONS="$PIP_OPTIONS --root \"%{buildroot}\"" make requirements_awx 45 | VENV_BASE=%{buildroot}/var/lib/awx/venv make requirements_ansible 46 | VENV_BASE=%{buildroot}/var/lib/awx/venv make requirements_awx 47 | 48 | 49 | mkdir -p %{buildroot}/var/log/tower 50 | mkdir -p %{buildroot}/etc/tower 51 | #OFFICIAL=yes pip install --target=%{buildroot}/var/lib/awx/venv/awx/lib/python2.7/site-packages/ %{SOURCE0} 52 | #VENV_BASE=%{buildroot}/var/lib/awx/venv OFFICIAL=yes pip install --root "%{buildroot}" %{SOURCE0} 53 | VENV_BASE=%{buildroot}/var/lib/awx/venv OFFICIAL=yes pip install --root %{buildroot} %{SOURCE0} 54 | 55 | virtualenv --relocatable "%{buildroot}/var/lib/awx/venv/awx" 56 | virtualenv --relocatable "%{buildroot}/var/lib/awx/venv/ansible" 57 | 58 | echo "%{version}" > %{buildroot}/var/lib/awx/.tower_version 59 | mkdir -p %{buildroot}/etc/nginx/conf.d 60 | mkdir -p %{buildroot}/usr/bin/ 61 | cp %{SOURCE1} %{buildroot}/etc/nginx/conf.d/awx.conf 62 | cp %{SOURCE2} %{buildroot}/etc/tower/supervisor.conf 63 | cp %{SOURCE3} %{buildroot}/etc/tower/supervisor_task.conf 64 | cp %{SOURCE4} %{buildroot}/usr/bin/launch_awx.sh 65 | cp %{SOURCE5} %{buildroot}/usr/bin/launch_awx_task.sh 66 | chmod +rx %{buildroot}/usr/bin/launch_awx.sh && chmod +rx %{buildroot}/usr/bin/launch_awx_task.sh 67 | cp %{SOURCE6} %{buildroot}/etc/tower/settings.py 68 | cp %{SOURCE7} %{buildroot}/etc/tower/env.sh 69 | mkdir -p %{buildroot}/etc/systemd/system/ 70 | cp %{SOURCE8} %{buildroot}/etc/systemd/system/awx-web.service 71 | cp %{SOURCE9} %{buildroot}/etc/systemd/system/awx-task.service 72 | SAVEIFS=$IFS 73 | IFS=$(echo -en "\n\b") 74 | for i in `find %{buildroot}/var/lib/awx/venv/awx/bin -type f`;do 75 | sed -i "s&%{buildroot}&&g" "$i" 76 | done 77 | for i in `find %{buildroot}/var/lib/awx/venv/ansible/bin -type f`;do 78 | sed -i "s&%{buildroot}&&g" "$i" 79 | done 80 | IFS=$SAVEIFS 81 | 82 | %pre 83 | /usr/bin/getent group awx > /dev/null || /usr/sbin/groupadd -r awx 84 | /usr/bin/getent passwd awx > /dev/null || /usr/sbin/useradd -r -d /var/lib/awx -s /sbin/nologin -g awx awx 85 | 86 | %postun 87 | /usr/sbin/userdel awx 88 | /usr/sbin/groupdel awx 89 | 90 | 91 | %files 92 | %defattr(-,awx,awx,0755) 93 | /var/lib/awx 94 | /var/log/tower 95 | %config /etc/nginx/conf.d/awx.conf 96 | %config /etc/tower/supervisor.conf 97 | %config /etc/tower/supervisor_task.conf 98 | %config /etc/tower/env.sh 99 | %config /etc/tower/settings.py 100 | /usr/bin/launch_awx.sh 101 | /usr/bin/launch_awx_task.sh 102 | /usr/bin/ansible-tower-service 103 | /usr/bin/awx-manage 104 | /usr/bin/awx-python 105 | /usr/bin/failure-event-handler 106 | /usr/lib/python2.7/site-packages/awx* 107 | /usr/share/awx 108 | /usr/share/doc/awx 109 | /etc/systemd/system/awx-task.service 110 | /etc/systemd/system/awx-web.service 111 | /usr/share/sosreport/sos/plugins/tower.py 112 | 113 | 114 | %changelog 115 | * Fri Dec 01 2017 Martin Juhl 1.0.1.234 116 | - Initial Release (mj@casalogic.dk) 117 | 118 | 119 | -------------------------------------------------------------------------------- /rpm/env.sh: -------------------------------------------------------------------------------- 1 | export SECRET_KEY="awxsecret" 2 | export DATABASE_NAME="awx" 3 | export DATABASE_USER="postgres" 4 | export DATABASE_PASSWORD="postgres" 5 | export DATABASE_PORT="5432" 6 | export DATABASE_HOST="localhost" 7 | export RABBITMQ_USER="guest" 8 | export RABBITMQ_PASSWORD="guest" 9 | export RABBITMQ_HOST="localhost" 10 | export RABBITMQ_PORT="5672" 11 | export RABBITMQ_VHOST="/" 12 | export MEMCACHED_HOST="localhost" 13 | export MEMCACHED_PORT="11211" 14 | export AWX_ADMIN_USER="admin" 15 | export AWX_ADMIN_PASSWORD="password" 16 | -------------------------------------------------------------------------------- /rpm/launch_awx.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | if [ `id -u` -ge 10000 ]; then 3 | echo "awx:x:`id -u`:`id -g`:,,,:/var/lib/awx:/bin/bash" >> /tmp/passwd 4 | cat /tmp/passwd > /etc/passwd 5 | rm /tmp/passwd 6 | fi 7 | awx-manage collectstatic --noinput --clear 8 | supervisord -c /etc/tower/supervisor.conf 9 | -------------------------------------------------------------------------------- /rpm/launch_awx_task.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | if [ `id -u` -ge 10000 ]; then 3 | echo "awx:x:`id -u`:`id -g`:,,,:/var/lib/awx:/bin/bash" >> /tmp/passwd 4 | cat /tmp/passwd > /etc/passwd 5 | rm /tmp/passwd 6 | fi 7 | ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -i "127.0.0.1," -c local -v -m postgresql_db -U $DATABASE_USER -a "name=$DATABASE_NAME owner=$DATABASE_USER login_user=$DATABASE_USER login_host=$DATABASE_HOST login_password=$DATABASE_PASSWORD" all 8 | awx-manage migrate --noinput --fake-initial 9 | if [ ! -z "$AWX_ADMIN_USER" ]&&[ ! -z "$AWX_ADMIN_PASSWORD" ]; then 10 | echo "from django.contrib.auth.models import User; User.objects.create_superuser('$AWX_ADMIN_USER', 'root@localhost', '$AWX_ADMIN_PASSWORD')" | awx-manage shell 11 | awx-manage create_preload_data 12 | else 13 | echo "from django.contrib.auth.models import User; User.objects.create_superuser('admin', 'root@localhost', 'password')" | awx-manage shell 14 | awx-manage create_preload_data 15 | fi 16 | awx-manage provision_instance --hostname=$(hostname) 17 | awx-manage register_queue --queuename=tower --hostnames=$(hostname) 18 | supervisord -c /etc/tower/supervisor_task.conf 19 | -------------------------------------------------------------------------------- /rpm/settings.py: -------------------------------------------------------------------------------- 1 | # AWX settings file 2 | 3 | import os 4 | 5 | 6 | def get_secret(): 7 | if os.path.exists("/etc/tower/SECRET_KEY"): 8 | return file('/etc/tower/SECRET_KEY', 'rb').read().strip() 9 | return os.getenv("SECRET_KEY", "privateawx") 10 | 11 | 12 | ADMINS = () 13 | 14 | STATIC_ROOT = '/var/lib/awx/public/static' 15 | 16 | PROJECTS_ROOT = '/var/lib/awx/projects' 17 | 18 | JOBOUTPUT_ROOT = '/var/lib/awx/job_status' 19 | 20 | SECRET_KEY = get_secret() 21 | 22 | ALLOWED_HOSTS = ['*'] 23 | 24 | INTERNAL_API_URL = 'http://awxweb:8052' 25 | 26 | AWX_TASK_ENV['HOME'] = '/var/lib/awx' 27 | 28 | # Container environments don't like chroots 29 | AWX_PROOT_ENABLED = False 30 | 31 | 32 | CLUSTER_HOST_ID = "awx" 33 | SYSTEM_UUID = '00000000-0000-0000-0000-000000000000' 34 | CELERY_QUEUES += (Queue(CLUSTER_HOST_ID, Exchange(CLUSTER_HOST_ID), routing_key=CLUSTER_HOST_ID),) 35 | CELERY_ROUTES['awx.main.tasks.cluster_node_heartbeat'] = {'queue': CLUSTER_HOST_ID, 'routing_key': CLUSTER_HOST_ID} 36 | CELERY_ROUTES['awx.main.tasks.purge_old_stdout_files'] = {'queue': CLUSTER_HOST_ID, 'routing_key': CLUSTER_HOST_ID} 37 | 38 | 39 | ############################################################################### 40 | # EMAIL SETTINGS 41 | ############################################################################### 42 | 43 | SERVER_EMAIL = 'root@localhost' 44 | DEFAULT_FROM_EMAIL = 'webmaster@localhost' 45 | EMAIL_SUBJECT_PREFIX = '[AWX] ' 46 | 47 | EMAIL_HOST = 'localhost' 48 | EMAIL_PORT = 25 49 | EMAIL_HOST_USER = '' 50 | EMAIL_HOST_PASSWORD = '' 51 | EMAIL_USE_TLS = False 52 | 53 | LOGGING['handlers']['console'] = { 54 | '()': 'logging.StreamHandler', 55 | 'level': 'DEBUG', 56 | 'formatter': 'simple', 57 | } 58 | 59 | LOGGING['loggers']['django.request']['handlers'] = ['console'] 60 | LOGGING['loggers']['rest_framework.request']['handlers'] = ['console'] 61 | LOGGING['loggers']['awx']['handlers'] = ['console'] 62 | LOGGING['loggers']['awx.main.commands.run_callback_receiver']['handlers'] = ['console'] 63 | LOGGING['loggers']['awx.main.commands.inventory_import']['handlers'] = ['console'] 64 | LOGGING['loggers']['awx.main.tasks']['handlers'] = ['console'] 65 | LOGGING['loggers']['awx.main.scheduler']['handlers'] = ['console'] 66 | LOGGING['loggers']['django_auth_ldap']['handlers'] = ['console'] 67 | LOGGING['loggers']['social']['handlers'] = ['console'] 68 | LOGGING['loggers']['system_tracking_migrations']['handlers'] = ['console'] 69 | LOGGING['loggers']['rbac_migrations']['handlers'] = ['console'] 70 | LOGGING['loggers']['awx.isolated.manager.playbooks']['handlers'] = ['console'] 71 | LOGGING['handlers']['callback_receiver'] = {'class': 'logging.NullHandler'} 72 | LOGGING['handlers']['fact_receiver'] = {'class': 'logging.NullHandler'} 73 | LOGGING['handlers']['task_system'] = {'class': 'logging.NullHandler'} 74 | LOGGING['handlers']['tower_warnings'] = {'class': 'logging.NullHandler'} 75 | LOGGING['handlers']['rbac_migrations'] = {'class': 'logging.NullHandler'} 76 | LOGGING['handlers']['system_tracking_migrations'] = {'class': 'logging.NullHandler'} 77 | LOGGING['handlers']['management_playbooks'] = {'class': 'logging.NullHandler'} 78 | 79 | DATABASES = { 80 | 'default': { 81 | 'ATOMIC_REQUESTS': True, 82 | 'ENGINE': 'django.db.backends.postgresql', 83 | 'NAME': os.getenv("DATABASE_NAME", None), 84 | 'USER': os.getenv("DATABASE_USER", None), 85 | 'PASSWORD': os.getenv("DATABASE_PASSWORD", None), 86 | 'HOST': os.getenv("DATABASE_HOST", None), 87 | 'PORT': os.getenv("DATABASE_PORT", None), 88 | } 89 | } 90 | 91 | CELERY_BROKER_URL = 'amqp://{}:{}@{}:{}/{}'.format( 92 | os.getenv("RABBITMQ_USER", None), 93 | os.getenv("RABBITMQ_PASSWORD", None), 94 | os.getenv("RABBITMQ_HOST", None), 95 | os.getenv("RABBITMQ_PORT", "5672"), 96 | os.getenv("RABBITMQ_VHOST", "tower")) 97 | 98 | CHANNEL_LAYERS = { 99 | 'default': {'BACKEND': 'asgi_amqp.AMQPChannelLayer', 100 | 'ROUTING': 'awx.main.routing.channel_routing', 101 | 'CONFIG': {'url': CELERY_BROKER_URL}} 102 | } 103 | 104 | 105 | CACHES = { 106 | 'default': { 107 | 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', 108 | 'LOCATION': '{}:{}'.format(os.getenv("MEMCACHED_HOST", None), 109 | os.getenv("MEMCACHED_PORT", "11211")) 110 | }, 111 | 'ephemeral': { 112 | 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache', 113 | }, 114 | } 115 | -------------------------------------------------------------------------------- /rpm/supervisor.conf: -------------------------------------------------------------------------------- 1 | [supervisord] 2 | nodaemon = True 3 | umask = 022 4 | logfile = /var/log/tower/awx-web.log 5 | 6 | [program:nginx] 7 | command = nginx -g "daemon off;" 8 | autostart = true 9 | autorestart = true 10 | stopwaitsecs = 5 11 | stdout_logfile=/var/log/tower/awx-web.log 12 | stdout_logfile_maxbytes=0 13 | stderr_logfile=/var/log/tower/awx-web.log 14 | stderr_logfile_maxbytes=0 15 | 16 | [program:uwsgi] 17 | command = /var/lib/awx/venv/awx/bin/uwsgi --socket 127.0.0.1:8050 --module=awx.wsgi:application --vacuum --processes=5 --harakiri=120 --no-orphans --master --max-requests=1000 --master-fifo=/var/lib/awx/awxfifo --lazy-apps -b 32768 18 | directory = /var/lib/awx 19 | autostart = true 20 | autorestart = true 21 | stopwaitsecs = 15 22 | stopsignal = INT 23 | stdout_logfile=/var/log/tower/awx-web.log 24 | stdout_logfile_maxbytes=0 25 | stderr_logfile=/var/log/tower/awx-web.log 26 | stderr_logfile_maxbytes=0 27 | 28 | [program:daphne] 29 | command = /var/lib/awx/venv/awx/bin/daphne -b 127.0.0.1 -p 8051 awx.asgi:channel_layer 30 | directory = /var/lib/awx 31 | autostart = true 32 | autorestart = true 33 | stopwaitsecs = 5 34 | stdout_logfile=/var/log/tower/awx-web.log 35 | stdout_logfile_maxbytes=0 36 | stderr_logfile=/var/log/tower/awx-web.log 37 | stderr_logfile_maxbytes=0 38 | 39 | [group:tower-processes] 40 | programs=nginx,uwsgi,daphne 41 | priority=5 42 | 43 | # TODO: Exit Handler 44 | 45 | [unix_http_server] 46 | file=/tmp/supervisor-web.sock 47 | 48 | [supervisorctl] 49 | serverurl=unix:///tmp/supervisor-web.sock ; use a unix:// URL for a unix socket 50 | 51 | [rpcinterface:supervisor] 52 | supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface 53 | -------------------------------------------------------------------------------- /rpm/supervisor_task.conf: -------------------------------------------------------------------------------- 1 | [supervisord] 2 | nodaemon = True 3 | umask = 022 4 | logfile = /var/log/tower/awx-task.log 5 | 6 | [program:celery] 7 | # TODO: Needs to be reworked to dynamically use instance group queues 8 | command = /var/lib/awx/venv/awx/bin/celery worker -A awx -l debug --autoscale=4 -Ofair -Q tower_scheduler,tower_broadcast_all,tower,%(host_node_name)s -n celery@localhost 9 | directory = /var/lib/awx 10 | environment = LANGUAGE="en_US.UTF-8",LANG="en_US.UTF-8",LC_ALL="en_US.UTF-8",LC_CTYPE="en_US.UTF-8" 11 | #user = {{ aw_user }} 12 | autostart = true 13 | autorestart = true 14 | stopwaitsecs = 5 15 | stdout_logfile=/var/log/tower/awx-task.log 16 | stdout_logfile_maxbytes=0 17 | stderr_logfile=/var/log/tower/awx-task.log 18 | stderr_logfile_maxbytes=0 19 | 20 | [program:awx-celeryd-beat] 21 | command = /var/lib/awx/venv/awx/bin/celery beat -A awx -l debug --pidfile= -s /var/lib/awx/beat.db 22 | directory = /var/lib/awx 23 | autostart = true 24 | autorestart = true 25 | stopwaitsecs = 5 26 | redirect_stderr=true 27 | stdout_logfile = /var/log/tower/awx-task.log 28 | stdout_logfile_maxbytes = 0 29 | stderr_logfile = /var/log/tower/awx-task.log 30 | stderr_logfile_maxbytes = 0 31 | 32 | [program:callback-receiver] 33 | command = awx-manage run_callback_receiver 34 | directory = /var/lib/awx 35 | autostart = true 36 | autorestart = true 37 | stopwaitsecs = 5 38 | stdout_logfile=/var/log/tower/awx-task.log 39 | stdout_logfile_maxbytes=0 40 | stderr_logfile=/var/log/tower/awx-task.log 41 | stderr_logfile_maxbytes=0 42 | 43 | [program:channels-worker] 44 | command = awx-manage runworker --only-channels websocket.* 45 | directory = /var/lib/awx 46 | autostart = true 47 | autorestart = true 48 | stopwaitsecs = 5 49 | stdout_logfile=/var/log/tower/awx-task.log 50 | stdout_logfile_maxbytes=0 51 | stderr_logfile=/var/log/tower/awx-task.log 52 | stderr_logfile_maxbytes=0 53 | 54 | [group:tower-processes] 55 | programs=celery,callback-receiver,channels-worker 56 | priority=5 57 | 58 | # TODO: Exit Handler 59 | 60 | [unix_http_server] 61 | file=/tmp/supervisor-task.sock 62 | 63 | [supervisorctl] 64 | serverurl=unix:///tmp/supervisor-task.sock ; use a unix:// URL for a unix socket 65 | 66 | [rpcinterface:supervisor] 67 | supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface 68 | -------------------------------------------------------------------------------- /rpm/uninstall-fix.patch: -------------------------------------------------------------------------------- 1 | --- Makefile.old 2017-11-28 17:18:00.000000000 +0100 2 | +++ Makefile 2017-11-29 05:28:25.073553455 +0100 3 | @@ -157,7 +157,7 @@ 4 | else \ 5 | cat requirements/requirements_ansible.txt requirements/requirements_ansible_git.txt | $(VENV_BASE)/ansible/bin/pip install $(PIP_OPTIONS) --no-binary $(SRC_ONLY_PKGS) --ignore-installed -r /dev/stdin ; \ 6 | fi 7 | - $(VENV_BASE)/ansible/bin/pip uninstall --yes -r requirements/requirements_ansible_uninstall.txt 8 | + #$(VENV_BASE)/ansible/bin/pip uninstall $(PIP_OPTIONS) --yes -r requirements/requirements_ansible_uninstall.txt 9 | 10 | requirements_ansible_dev: 11 | if [ "$(VENV_BASE)" ]; then \ 12 | @@ -180,7 +180,7 @@ 13 | else \ 14 | cat requirements/requirements.txt requirements/requirements_git.txt | $(VENV_BASE)/awx/bin/pip install $(PIP_OPTIONS) --no-binary $(SRC_ONLY_PKGS) --ignore-installed -r /dev/stdin ; \ 15 | fi 16 | - $(VENV_BASE)/awx/bin/pip uninstall --yes -r requirements/requirements_tower_uninstall.txt 17 | + #$(VENV_BASE)/awx/bin/pip uninstall $(PIP_OPTIONS) --yes -r requirements/requirements_tower_uninstall.txt 18 | 19 | requirements_awx_dev: 20 | $(VENV_BASE)/awx/bin/pip install -r requirements/requirements_dev.txt 21 | --------------------------------------------------------------------------------