├── .editorconfig ├── .github ├── ISSUE_TEMPLATE └── PULL_REQUEST_TEMPLATE ├── .gitignore ├── .gitmodules ├── CHANGELOG.md ├── CONTRIBUTING.md ├── LICENSE ├── README.md ├── Vagrantfile ├── Vagrantfile.dist ├── ansible-plugins ├── .gitignore └── callback_plugins │ └── human_log.py ├── ansible.cfg.dist ├── ci ├── README.md ├── ssh-agent.sh ├── start.sh ├── test-footer.sh └── test-header.sh ├── docs ├── Makefile ├── boxes.rst ├── conf.py ├── contributing.rst ├── customization.rst ├── images │ └── logo.png ├── index.rst ├── migrations.rst ├── requirements.rst ├── roadmap.rst ├── roles │ ├── browsers.rst │ ├── databases.rst │ ├── gulp.rst │ ├── java.rst │ ├── others.rst │ ├── php.rst │ ├── python.rst │ ├── ruby.rst │ ├── system.rst │ ├── webpack.rst │ └── webservers.rst ├── testing.rst ├── tips │ ├── ci.rst │ └── php.rst └── usage.rst ├── install.sh ├── parameters.yml.dist ├── playground ├── .gitignore ├── Vagrantfile ├── ansible.cfg ├── parameters.yml └── playbook.yml ├── provisioning ├── handlers │ └── handlers.yml ├── playbook.yml.dist └── roles │ ├── apache │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── templates │ │ └── default-site.j2 │ ├── base │ ├── defaults │ │ └── main.yml │ ├── files │ │ ├── ackrc │ │ ├── agignore │ │ ├── aliases │ │ ├── bashrc │ │ ├── liquidpromptrc │ │ ├── passwordless-sudo │ │ ├── vimrc │ │ └── zshrc │ ├── handlers │ │ └── main.yml │ └── tasks │ │ └── main.yml │ ├── chrome │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml │ ├── composer │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml │ ├── django │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── templates │ │ └── allowed_hosts.j2 │ ├── elasticsearch │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml │ ├── firefox │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── vars │ │ └── main.yml │ ├── git │ ├── defaults │ │ └── main.yml │ ├── files │ │ ├── gitconfig │ │ ├── gitglobalattributes │ │ └── gitglobalignore │ └── tasks │ │ ├── fancy-diff.yml │ │ └── main.yml │ ├── gitlabci │ ├── defaults │ │ └── main.yml │ ├── files │ │ └── run_tests.sh │ ├── tasks │ │ └── main.yml │ └── templates │ │ ├── gitlab-ci.yml │ │ └── gitlabci.sh │ ├── gulp │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── templates │ │ ├── Gulpfile.js │ │ ├── gulp.config.js │ │ └── webpack.config.js │ ├── java │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml │ ├── jdk │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml │ ├── logstash │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml │ ├── maven │ └── tasks │ │ └── main.yml │ ├── memcached │ └── tasks │ │ └── main.yml │ ├── mysql │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── templates │ │ └── my.cnf.j2 │ ├── nginx │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── templates │ │ ├── _php_fpm.conf │ │ ├── default-site.j2 │ │ ├── django-site.j2 │ │ ├── drupal6-site.j2 │ │ ├── drupal7-site.j2 │ │ ├── drupal8-site.j2 │ │ ├── php-site.j2 │ │ ├── rails-site.j2 │ │ ├── silex-site.j2 │ │ ├── symfony2-site.j2 │ │ └── symfony4-site.j2 │ └── vars │ │ ├── Ubuntu-php-5.6.yml │ │ ├── default-php-7.x.yml │ │ ├── default-php.yml │ │ └── main.yml │ ├── nodejs │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── templates │ │ ├── package.json.gulp.j2 │ │ ├── package.json.j2 │ │ └── package.json.webpack.j2 │ ├── openldap │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml │ ├── phantomjs │ ├── defaults │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── vars │ │ └── main.yml │ ├── phive │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml │ ├── php-apache │ ├── meta │ │ └── main.yml │ └── tasks │ │ ├── main.yml │ │ ├── php5.yml │ │ └── php7.yml │ ├── php-fpm │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── vars │ │ ├── Ubuntu-5.6.yml │ │ ├── default-7.x.yml │ │ └── default.yml │ ├── php-memcached │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── vars │ │ ├── Debian-5.x.yml │ │ ├── Debian.yml │ │ ├── Ubuntu-5.5.yml │ │ ├── Ubuntu.yml │ │ └── default.yml │ ├── php-redis │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── vars │ │ ├── Debian-7.x.yml │ │ ├── Debian.yml │ │ ├── Ubuntu-5.5.yml │ │ └── Ubuntu.yml │ ├── php-xdebug │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ ├── main.yml │ │ └── not-debian-7.0.yml │ ├── templates │ │ └── xdebug.ini.j2 │ └── vars │ │ ├── Debian-5.4.yml │ │ ├── Debian-7.x.yml │ │ ├── Debian.yml │ │ ├── Ubuntu-5.5.yml │ │ ├── Ubuntu.yml │ │ └── default.yml │ ├── php │ ├── defaults │ │ └── main.yml │ ├── files │ │ └── install_xdebug.sh │ ├── tasks │ │ ├── debian-repo.yml │ │ ├── main.yml │ │ ├── not-debian-7.0.yml │ │ └── ubuntu-repo.yml │ ├── templates │ │ └── php.ini.j2 │ └── vars │ │ ├── Debian-buster-php7.x.yml │ │ ├── Debian-default.yml │ │ ├── Debian-jessie-php7.x.yml │ │ ├── Debian-stretch-php7.x.yml │ │ ├── Ubuntu-php5.6.yml │ │ ├── Ubuntu-php7.x.yml │ │ └── default.yml │ ├── pipenv │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml │ ├── postgis │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── vars │ │ ├── Debian-10.yml │ │ ├── Debian-8.yml │ │ ├── Debian-9.yml │ │ ├── Ubuntu-14.yml │ │ └── Ubuntu-16.yml │ ├── postgresql │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ └── tasks │ │ └── main.yml │ ├── python │ ├── defaults │ │ └── main.yml │ └── tasks │ │ ├── install-from-source.yml │ │ └── main.yml │ ├── rabbitmq │ └── tasks │ │ └── main.yml │ ├── redis │ └── tasks │ │ └── main.yml │ ├── rmt │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml │ ├── ruby │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml │ ├── solr │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml │ ├── ssh │ └── tasks │ │ └── main.yml │ ├── ssl │ ├── defaults │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── templates │ │ ├── ca.cnf │ │ ├── vagrant.cnf │ │ └── vagrant.ext │ ├── supervisor │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── templates │ │ └── service.conf │ ├── tmpfs │ └── tasks │ │ └── main.yml │ ├── virtualenv │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml │ ├── webpack │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── templates │ │ ├── babel.config.js │ │ └── webpack.config.js │ └── xvfb │ └── tasks │ └── main.yml └── tests ├── conftest.py ├── data ├── ansible.cfg ├── parameters.yml └── playbook.yml ├── roles └── test_mysql.py ├── test_base.py └── test_php.py /.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*] 4 | charset = utf-8 5 | 6 | indent_style = space 7 | indent_size = 4 8 | 9 | end_of_line = lf 10 | trim_trailing_whitespace = true 11 | insert_final_newline = true 12 | 13 | [{*.yml,*.js}] 14 | indent_size = 2 15 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE: -------------------------------------------------------------------------------- 1 | :arrow_up: Ensure you have put a meaningful title in the box up there. :arrow_up: 2 | 3 | [Short description of problem here] 4 | 5 | **Reproduction Steps:** 6 | 7 | 1. [First Step] 8 | 2. [Second Step] 9 | 3. [Other Steps...] 10 | 11 | **Expected behavior:** 12 | 13 | [Describe expected behavior here] 14 | 15 | **Observed behavior:** 16 | 17 | [Describe observed behavior here] 18 | 19 | **Drifter version:** [Enter Drifter version here] 20 | **Vagrant version:** [Enter Vagrant version here] 21 | **OS and version:** [Enter OS name and version here] 22 | 23 | **Configuration files:** 24 | 25 | Put the content or a link to your `virtualization/playbook.yml` and `virtualization/parameters.yml`. 26 | Also include your `Vagrantfile` if it was modified compared since Drifter installation. 27 | 28 | **Additional information:** 29 | 30 | * Problem started happening recently, didn't happen in an older version of Drifter: [Yes/No] 31 | * Problem can be reliably reproduced, doesn't happen randomly: [Yes/No] 32 | * Problem happens to my colleagues aswell or only me: [Yes/No] 33 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE: -------------------------------------------------------------------------------- 1 | :arrow_up: Ensure you have put a meaningful title in the box up there. :arrow_up: 2 | 3 | [Quick description of your PR and motivation.] 4 | 5 | * This PR is a : [Bugfix/New feature/Improvement] 6 | * Link to the related issue if relevant 7 | 8 | - [ ] Documentation is written 9 | - [ ] `parameters.yml.dist` is updated 10 | - [ ] `playbook.yml.dist` is updated 11 | - [ ] [Changelog](https://github.com/liip/drifter/blob/master/CHANGELOG.md) was updated 12 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | hosts.ini 2 | /docs/_build 3 | __pycache__ 4 | -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/liip/drifter/8395ab20597638a1e7501da3295d01defe1c0107/.gitmodules -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing to Drifter 2 | 3 | :+1::tada: First off, thanks for taking the time to contribute! :tada::+1: 4 | 5 | The following is a set of guidelines for contributing to Drifter, which is hosted on GitHub : https://github.com/liip/drifter. 6 | These are just guidelines, not rules, use your best judgment and feel free to propose changes to this document in a pull request. 7 | 8 | ## How Can I Contribute? 9 | 10 | ### Reporting Bugs 11 | 12 | * Provide a list of steps to reproduce the issue 13 | * Which version of Drifter are you using ? 14 | * What is your OS ? Vagrant version ? 15 | * If possible, a link to your project 16 | * Post the content of your `playbook.yml` and `paramters.yml` files 17 | * Check the existing issues / PR to see if your issue is already being worked on 18 | * Check the [Changelog](https://github.com/liip/drifter/blob/master/CHANGELOG.md) to see if a fix is awaiting a release 19 | 20 | ### Suggesting Enhancements 21 | 22 | * Check the https://github.com/liip/drifter/tree/master/provisioning/roles directory, not all roles are listing in `playbook.yml` 23 | * Does the feature will be useful for multiple people or just your project ? 24 | * Check the existing issues / PR to see if something similar is already being proposed. 25 | * Check the [Changelog](https://github.com/liip/drifter/blob/master/CHANGELOG.md) to see if it's not already implemented 26 | 27 | ### Pull Requests 28 | 29 | * Try to make your commits atomic. 30 | * One feature per PR. 31 | 32 | ## Coding Style 33 | 34 | * Respect the indentation style. 35 | * End files with a newline. 36 | * Too much comments are better than not enough. 37 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE 2 | Version 2, December 2004 3 | 4 | Copyright (C) 2004 Sam Hocevar 5 | 6 | Everyone is permitted to copy and distribute verbatim or modified 7 | copies of this license document, and changing it is allowed as long 8 | as the name is changed. 9 | 10 | DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE 11 | TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 12 | 13 | 0. You just DO WHAT THE FUCK YOU WANT TO. 14 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 |

2 | drifter logo 3 |

4 | 5 | Drifter 6 | ======= 7 | 8 | Drifter is a framework to help provision developer boxes using Ansible and Vagrant. 9 | 10 | 11 | Installation 12 | ------------ 13 | 14 | Make sure your system meets the [requirements](https://liip-drifter.readthedocs.io/en/stable/requirements.html) and 15 | run the following command from inside your project directory: 16 | 17 | ``` 18 | curl -sS https://raw.githubusercontent.com/liip/drifter/master/install.sh | /bin/bash 19 | ``` 20 | 21 | This will install Drifter in the `virtualization/drifter` directory. You can then customize the roles you want to use 22 | and the project configuration by editing the `virtualization/playbook.yml` and `virtualization/parameters.yml` files. 23 | Then run `vagrant up` to get your box up and running. 24 | 25 | Documentation 26 | ------------- 27 | 28 | Detailed installation instructions and roles documentation are available in 29 | [the documentation](https://liip-drifter.readthedocs.io/en/latest/#usage). 30 | -------------------------------------------------------------------------------- /Vagrantfile.dist: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | # This Vagrantfile contains some configuration option that you can 5 | # tweak for your project. 6 | # It then loads the "main" Vagrantfile from the submodule. 7 | 8 | require 'yaml' 9 | 10 | class CustomConfig 11 | # Those accessors will be used by the Vagrantfile 12 | # 13 | # A value of 'nil' indicates that the default value can be found in 14 | # Drifter's Vagrantfile. This is usually the case for values that 15 | # are common for most projects. 16 | # 17 | # If you need to have some additional logic to define some values 18 | # you can delete the 'attr_accessor' and provide your own method 19 | # to return the values. 20 | 21 | attr_accessor :box_name # url of the lxc box 22 | attr_accessor :box_url # name of the lxc box 23 | 24 | attr_accessor :project_name # project name (currently unused by the Vagrant file) 25 | attr_accessor :hostname # main hostname of the box 26 | attr_accessor :hostnames # alternative hostnames (array) 27 | attr_accessor :box_ip # IP of the box 28 | 29 | attr_accessor :ansible_local # use 'ansible_local' provisionner ? 30 | attr_accessor :ansible_version # the ansible version to use 31 | attr_accessor :playbook # path to the playbook 32 | attr_accessor :extra_vars # extra variables to pass to Ansible 33 | 34 | attr_accessor :forwarded_ports # Port that need to be forwarded 35 | attr_accessor :synced_folder_type # Type of synced folder to use 36 | 37 | attr_accessor :cpus # Virtual machine CPU's count use 38 | attr_accessor :memory # Virtual machine memory size use (in MB) 39 | 40 | # Retrieve the values of 'virtualization/parameters.yml' so that 41 | # they can be used by Vagrant. If you need to change those values 42 | # prefer editing the parameters.yml file instead. 43 | def initialize 44 | parameters_file = ENV.fetch('VIRTUALIZATION_PARAMETERS_FILE', 'virtualization/parameters.yml') 45 | config = YAML::load(File.open(parameters_file)) 46 | 47 | @box_name = config['box_name'] || nil 48 | @box_url = config['box_url'] || nil 49 | 50 | @project_name = config['project_name'] || "example" 51 | @hostname = config['hostname'] || "#{@project_name}.lo" 52 | @hostnames = config['hostnames'] || nil 53 | @box_ip = config['box_ip'] || nil 54 | 55 | @ansible_local = true 56 | @ansible_version = config['ansible_version'] || nil 57 | 58 | @playbook = config['playbook'] || nil 59 | @extra_vars = {} 60 | 61 | @forwarded_ports = config['forwarded_ports'] || nil 62 | @synced_folder_type = config['synced_folder_type'] || "nfs" 63 | 64 | @memory = config['memory'] || nil 65 | @cpus = config['cpus'] || nil 66 | end 67 | 68 | # Getter that first check if the accessor exists on the class and if 69 | # the value is not null before returning it. 70 | # Otherwise fallback to the default if given or raise an error. 71 | def get(name, default = nil) 72 | if self.respond_to?(name) && ! self.send(name).nil? 73 | self.send(name) 74 | elsif default.nil? 75 | raise "[CONFIG ERROR] '#{name}' cannot be found and no default provided." 76 | else 77 | default 78 | end 79 | end 80 | end 81 | 82 | Dir.chdir File.expand_path(File.dirname(__FILE__)) 83 | load 'virtualization/drifter/Vagrantfile' 84 | -------------------------------------------------------------------------------- /ansible-plugins/.gitignore: -------------------------------------------------------------------------------- 1 | # build byproducts 2 | *.py[co] 3 | -------------------------------------------------------------------------------- /ansible.cfg.dist: -------------------------------------------------------------------------------- 1 | [defaults] 2 | roles_path = virtualization/drifter/provisioning/roles 3 | display_skipped_hosts = False 4 | allow_world_readable_tmpfiles = True 5 | 6 | # if you want a more human readable output of ansible commands (for debugging purposes), uncomment the following line 7 | # callback_plugins = virtualization/drifter/ansible-plugins/callback_plugins 8 | -------------------------------------------------------------------------------- /ci/README.md: -------------------------------------------------------------------------------- 1 | See https://liip-drifter.readthedocs.io/en/latest/tips/ci/ 2 | -------------------------------------------------------------------------------- /ci/ssh-agent.sh: -------------------------------------------------------------------------------- 1 | 2 | SSH_ENV="$HOME/.ssh/environment" 3 | 4 | function start_agent { 5 | echo "Initialising new SSH agent..." 6 | /usr/bin/ssh-agent | sed 's/^echo/#echo/' > "${SSH_ENV}" 7 | echo succeeded 8 | chmod 600 "${SSH_ENV}" 9 | . "${SSH_ENV}" > /dev/null 10 | /usr/bin/ssh-add; 11 | } 12 | 13 | # Source SSH settings, if applicable 14 | 15 | if [ -f "${SSH_ENV}" ]; then 16 | . "${SSH_ENV}" > /dev/null 17 | #ps ${SSH_AGENT_PID} doesn't work under cywgin 18 | ps -ef | grep ${SSH_AGENT_PID} | grep ssh-agent$ > /dev/null || { 19 | start_agent; 20 | } 21 | else 22 | start_agent; 23 | fi 24 | -------------------------------------------------------------------------------- /ci/start.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | echo -e "\nStarting the build ..." 6 | echo -e " Running in directory: $PWD" 7 | 8 | function finish() { 9 | echo -e "\033[31mBuild failed, cleanup\e[0m\n- Stop vagrant" 10 | cleanup 11 | echo -e "\n\033[31mBuild NOT successfull\e[0m" 12 | exit $1 13 | } 14 | 15 | function cleanup() { 16 | vagrant halt $VIRTUALBOX_NAME 17 | } 18 | 19 | trap finish EXIT SIGHUP SIGINT SIGTERM 20 | 21 | if [[ $DO_GLOBAL_PROJECTS_CACHE && $GITLAB_CI ]]; 22 | then 23 | echo -e "- Create projects cache dir" 24 | mkdir -p /home/gitlab-runner/projects_cache/ 25 | fi 26 | 27 | echo -e "- Start ssh-agent" 28 | . ./virtualization/drifter/ci/ssh-agent.sh 29 | 30 | 31 | echo -e "- Start vagrant" 32 | 33 | if [ -f ./virtualization/provisionbuild.dat ] 34 | then 35 | vagrant up $VIRTUALBOX_NAME --provider lxc --no-provision 36 | echo -e "- Check if provisioning is needed" 37 | vagrant ssh -c "if [ -f /home/vagrant/provisionbuild.last ]; then cp /home/vagrant/provisionbuild.last /vagrant/virtualization/provisionbuild.last; fi" $VIRTUALBOX_NAME 38 | LASTPROVISION=$(if [ -f ./virtualization/provisionbuild.last ]; then cat ./virtualization/provisionbuild.last; else date; fi) # date == make sure provisioning is run, when that file doesn't exist 39 | THISPROVISION=$(if [ -f ./virtualization/provisionbuild.dat ]; then cat ./virtualization/provisionbuild.dat; else echo ""; fi) 40 | if [ "$LASTPROVISION" != "$THISPROVISION" ] 41 | then 42 | vagrant provision $VIRTUALBOX_NAME 43 | vagrant ssh -c "echo $THISPROVISION > /home/vagrant/provisionbuild.last" $VIRTUALBOX_NAME 44 | fi 45 | else 46 | vagrant up $VIRTUALBOX_NAME --provider lxc --provision 47 | fi 48 | 49 | if [ -f $CI_TEST_SCRIPT ]; 50 | then 51 | echo -e "- Run $CI_TEST_SCRIPT" 52 | vagrant ssh $VIRTUALBOX_NAME -- -t "cd /vagrant && $CI_TEST_SCRIPT" 53 | else 54 | echo -e "\033[31mNo test script found ($CI_TEST_SCRIPT) \e[0m" 55 | exit 1 56 | fi 57 | 58 | trap - EXIT SIGHUP SIGINT SIGTERM 59 | 60 | cleanup 61 | 62 | if [[ -z $GITLAB_CI ]]; then 63 | echo -e "\n\e[32mBuild successful\e[0m" 64 | fi 65 | -------------------------------------------------------------------------------- /ci/test-footer.sh: -------------------------------------------------------------------------------- 1 | trap - EXIT SIGHUP SIGINT SIGTERM -------------------------------------------------------------------------------- /ci/test-header.sh: -------------------------------------------------------------------------------- 1 | set -e 2 | 3 | finish () { 4 | exit $1 5 | } 6 | 7 | if [[ -z $PROJECTS_CACHE_DIR_BASE && $(whoami) == 'vagrant' ]]; then 8 | PROJECTS_CACHE_DIR_BASE="/home/vagrant/.projects_cache" 9 | fi 10 | 11 | if [[ -z $PROJECTS_CACHE_DIR ]]; then 12 | PROJECTS_CACHE_DIR=${PROJECTS_CACHE_DIR_BASE}/$(id -u) 13 | fi 14 | 15 | trap finish EXIT SIGHUP SIGINT SIGTERM 16 | -------------------------------------------------------------------------------- /docs/Makefile: -------------------------------------------------------------------------------- 1 | # Minimal makefile for Sphinx documentation 2 | # 3 | 4 | # You can set these variables from the command line. 5 | SPHINXOPTS = 6 | SPHINXBUILD = sphinx-build 7 | SPHINXPROJ = Drifter 8 | SOURCEDIR = . 9 | BUILDDIR = _build 10 | 11 | # Put it first so that "make" without argument is like "make help". 12 | help: 13 | @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) 14 | 15 | .PHONY: help Makefile 16 | 17 | # Catch-all target: route all unknown targets to Sphinx using the new 18 | # "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS). 19 | %: Makefile 20 | @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) -------------------------------------------------------------------------------- /docs/boxes.rst: -------------------------------------------------------------------------------- 1 | ************ 2 | Create boxes 3 | ************ 4 | 5 | Current way 6 | =========== 7 | 8 | Used for the current boxes available on 9 | https://vagrantbox-public.liip.ch/ 10 | 11 | See https://gitlab.liip.ch/liip/drifter-base-boxes 12 | 13 | Ansible 14 | ~~~~~~~ 15 | 16 | If you plan on using the ``ansible_local`` provisioner, ``ansible`` must 17 | be installed in the box with at least a version of 1.9.0 otherwise the 18 | roles won't work. 19 | 20 | Other way (older, may still work) 21 | ================================= 22 | 23 | LXC 24 | ~~~ 25 | 26 | :: 27 | 28 | git clone https://github.com/team-rawbot/vagrant-lxc-base-boxes 29 | cd vagrant-lxc-base-boxes 30 | make jessie 31 | 32 | If you're getting errors when trying to install the base packages, check 33 | your default LXC config (``/etc/lxc/default.conf``) and adapt it to your 34 | setup: 35 | 36 | :: 37 | 38 | lxc.network.type = veth 39 | lxc.network.link = lxcbr0 40 | lxc.network.flags = up 41 | 42 | VirtualBox 43 | ~~~~~~~~~~ 44 | 45 | Install `veewee `__ and then: 46 | 47 | :: 48 | 49 | git clone https://github.com/team-rawbot/veewee-definitions definitions 50 | veewee vbox build liip-jessie64 51 | veewee vbox export liip-jessie64 52 | -------------------------------------------------------------------------------- /docs/contributing.rst: -------------------------------------------------------------------------------- 1 | ************ 2 | Contributing 3 | ************ 4 | 5 | Before publishing your contributions please test your roles with the 6 | playground. To do so, go to the ``playground`` directory, enable any 7 | role you need in ``playbook.yml`` and set any parameter you want in 8 | ``parameters.yml`` and then run ``vagrant up``. The box will use the 9 | roles of your working copy. 10 | 11 | Please don't commit any change to the playground, unless you're fixing 12 | something in the playground. 13 | -------------------------------------------------------------------------------- /docs/customization.rst: -------------------------------------------------------------------------------- 1 | ************* 2 | Customization 3 | ************* 4 | 5 | You can customize what seems to us to be the most important options 6 | through two files: 7 | 8 | - ``virtualization/parameters.yml`` for all project related parameters. 9 | Any value in this file will be passed to Ansible as a variable. You 10 | can override any role default values through this file. You can find 11 | details about possible parameters and values later in this 12 | documentation. 13 | 14 | - ``virtualization/playbook.yml`` for provisioning. You can control 15 | which roles are used to build your box. This allows you to control 16 | what is installed in your box. 17 | 18 | If those two mechanisms are not enough for you, you can also modify the 19 | ``Vagrantfile``, but be aware that the risk of botching things up is far 20 | greater. 21 | 22 | Currently you do not have a lot of control, but we will glad to add 23 | anything making sense to this file. Feel free to ask and we will comply 24 | ;) 25 | -------------------------------------------------------------------------------- /docs/images/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/liip/drifter/8395ab20597638a1e7501da3295d01defe1c0107/docs/images/logo.png -------------------------------------------------------------------------------- /docs/index.rst: -------------------------------------------------------------------------------- 1 | ******* 2 | Drifter 3 | ******* 4 | 5 | Drifter is a framework to help provision developer boxes using Ansible 6 | and Vagrant. 7 | 8 | 9 | Goals 10 | ===== 11 | 12 | - Streamline our project setups 13 | - Ease the "entry cost" for a new squad member 14 | - Easy to use 15 | - Lean: small codebase, easy to maintain and extend, focus only on 16 | Debian and Ubuntu 17 | - Be adopted by Liip as a whole 18 | 19 | The idea behind the framework 20 | ============================= 21 | 22 | The idea is to have a common ground for each project that can be 23 | improved over time, each project benefiting from the improvements. 24 | 25 | This repository aims to contain multiples Ansible roles to manage the 26 | various part of the development stack needed to work on the various 27 | projects of Liip. If a someone need new roles, it is highly recommended 28 | that they are added to the common pool if they are deemed reusable. 29 | 30 | Each squad can tailor its box to its need by modifying the Ansible 31 | playbook which should ultimately only contain role inclusion to maximize 32 | reuse. 33 | 34 | When installed, Drifter creates a parameters file to hold various 35 | information about your project, a playbook file where you can choose 36 | what to install and finally a Vagrantfile where you can modify some 37 | Vagrant related parameters before the "main" Vagrantfile is included. 38 | This should offer enough flexibility for every project. 39 | 40 | What this framework is not ? 41 | ============================ 42 | 43 | This framework does not aim to provide a way to deploy staging and 44 | production servers for your project. The roles are written with a 45 | development box in mind and are thus not fit for server provisioning. 46 | There are absolutely no security issues taken into consideration. 47 | 48 | However, if your server is using a Debian based OS based on the stable 49 | release, both configurations should be close enough so that you won't 50 | run into issues. 51 | 52 | Intended Public 53 | =============== 54 | 55 | This project was first and foremost created to be used inside of Liip, 56 | but you are more than welcome to use it for personal projects or 57 | anywhere else you'd like to. 58 | 59 | 60 | 61 | .. toctree:: 62 | :caption: Getting Started 63 | :maxdepth: 2 64 | 65 | requirements 66 | usage 67 | customization 68 | contributing 69 | 70 | .. toctree:: 71 | :caption: Roles 72 | :maxdepth: 2 73 | 74 | 75 | roles/system 76 | roles/webservers 77 | roles/databases 78 | roles/php 79 | roles/python 80 | roles/ruby 81 | roles/java 82 | roles/webpack 83 | roles/gulp 84 | roles/browsers 85 | roles/others 86 | 87 | .. toctree:: 88 | :caption: Tips & Tricks 89 | :maxdepth: 1 90 | 91 | tips/php 92 | tips/ci 93 | 94 | 95 | .. toctree:: 96 | :caption: Other Info 97 | :maxdepth: 2 98 | 99 | testing 100 | roadmap 101 | boxes 102 | migrations 103 | -------------------------------------------------------------------------------- /docs/requirements.rst: -------------------------------------------------------------------------------- 1 | ************ 2 | Requirements 3 | ************ 4 | 5 | - Vagrant >= 1.8.4 6 | - Git >= 1.0 7 | 8 | You also need a virtualization solution, either one of these: 9 | 10 | - Virtualbox >= 4.3 11 | - LXC >= 1.0 & vagrant-lxc >= 1.0.0.alpha.2 12 | 13 | Optional dependencies: 14 | 15 | - `vagrant-hostmanager `__ 16 | A Vagrant plugin that manages /etc/hosts files. (will be 17 | automatically used if installed, make sure it's at least 1.5.0 if you 18 | have it) 19 | 20 | Install Requirements 21 | ==================== 22 | 23 | Debian Stretch (testing) and Ubuntu Xenial 16.04 24 | ------------------------------------------------ 25 | 26 | Open a terminal and run:: 27 | 28 | sudo apt-get install vagrant vagrant-lxc 29 | vagrant plugin install vagrant-hostmanager 30 | 31 | Older Debian and Ubuntu versions 32 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 33 | 34 | Go to https://www.vagrantup.com/downloads.html to download and install 35 | the latest Vagrant version. Then open a terminal and run:: 36 | 37 | sudo apt-get install lxc redir # this is needed for LXC provider 38 | vagrant plugin install vagrant-lxc vagrant-hostmanager 39 | 40 | Mac OS X 41 | -------- 42 | 43 | Download and install 44 | `https://www.vagrantup.com/downloads.html `__. 45 | 46 | Download and install 47 | `https://www.virtualbox.org/wiki/Downloads `__. 48 | 49 | Then open a terminal and run:: 50 | 51 | vagrant plugin install vagrant-hostmanager 52 | 53 | You can also use ``cask`` to help with the installation::: 54 | 55 | brew cask install vagrant virtualbox 56 | 57 | Windows 58 | ------- 59 | 60 | Install Virtualbox and Vagrant (>= 1.8.4) using the binaries available 61 | on their respective websites. 62 | 63 | Also make sure that ``core.autocrlf`` is set to ``input`` (recommended) 64 | or at least ``true`` so that you don't get issues with Windows 65 | line-endings in the files that are in your box. You can set it by 66 | running the following command: 67 | 68 | ``git config --global core.autocrlf input`` 69 | 70 | For example if you get the following error when trying to provision the 71 | box:: 72 | 73 | TASK [base : ensure base packages are installed] ******************************* 74 | 75 | failed: [default] (item=[u'locales', u'procps', u'command-not-found', u'bash-completion', u'zsh', u'bzip2', u'unzip', u'vim', u'ack-grep', u'highlight', u'libxml2-utils', u'build-essential', u'wget', u'openssh-server', u'sudo', u'imagemagick', u'iputils-ping', u'ncurses-term', u'python-pycurl']) => {"failed": true, "item": ["locales", "procps", "command-not-found", "bash-completion", "zsh", "bzip2", "unzip", "vim", "ack-grep", "highlight", "libxml2-utils", "build-essential", "wget", "openssh-server", "sudo", "imagemagick", "iputils-ping", "ncurses-term", "python-pycurl"], "module_stderr": ">>> /etc/sudoers.d/sudo-passwordless: syntax error near line 1 <<<\nsudo: parse error in /etc/sudoers.d/sudo-passwordless near line 1\nsudo: no valid sudoers sources found, quitting\nsudo: unable to initialize policy plugin\n", "module_stdout": "", "msg": "MODULE FAILURE", "parsed": false} 76 | 77 | That's because the sudoers file that gets copied in the box has the 78 | wrong format. Enabling ``core.autocrlf`` will fix the issue. 79 | 80 | -------------------------------------------------------------------------------- /docs/roadmap.rst: -------------------------------------------------------------------------------- 1 | ************ 2 | The future ? 3 | ************ 4 | 5 | The framework will evolve as we use it on more projects. It is not the 6 | goal to refrain you from doing anything. It will be improved as we need 7 | it, the goal is to serve Liip teams ! 8 | 9 | What could be done if the need arise : 10 | 11 | - Better installer with questions to automatically create the config 12 | files instead of manual editing 13 | -------------------------------------------------------------------------------- /docs/roles/browsers.rst: -------------------------------------------------------------------------------- 1 | ************* 2 | Browser Roles 3 | ************* 4 | 5 | Browser roles are available for frontend testing. They all depend on 6 | the role xvfb, which is a headless X server, except for Phantomjs. 7 | 8 | Firefox 9 | ======= 10 | 11 | Install Firefox with Geckodriver to be used with selenium. 12 | 13 | Parameters 14 | ---------- 15 | 16 | - **firefox_version**: The version of Firefox to be installed, defaults to *latest*. Should be greater than 47.0. The 17 | full list of supported versions can be found on the `Firefox releases page 18 | `_. 19 | 20 | Chrome 21 | ====== 22 | 23 | Install Chrome with Chromedriver to be used with selenium. 24 | 25 | There are no parameters available for this one, as they don't really provide 26 | older versions. Therefore, always the newest Chrome browser will be installed. 27 | 28 | PhantomJS 29 | ========= 30 | 31 | Install PhantomJS. 32 | 33 | Parameters 34 | ---------- 35 | 36 | - **phantomjs_version**: The version of PhantomJS to be installed, defaults to *2.1.1*. The full list of supported 37 | versions can be found on the `PhantomJS releases page `_. 38 | 39 | Example usage with pytest and splinter 40 | ====================================== 41 | 42 | This is the recommended way to use those browser for testing in python with 43 | *pytest*. *pytest-splinter* is a pytest plugin that provides easy access to 44 | several webdrivers. 45 | 46 | First, you have to install some packages via pip 47 | (see :ref:`virtualenv-reference-label` for instruction on how to properly do 48 | this): 49 | 50 | - pytest 51 | - pytest-splinter 52 | - pytest-xvfb (When you want to use firefox or chrome) 53 | 54 | In order to run your tests, you can simply invoke pytest. By default the 55 | Firefox webdriver will be used, but it's possible to change this with the 56 | option --splinter-webdriver=chrome. More info available 57 | `on the pytest-splinter project page `_. 58 | -------------------------------------------------------------------------------- /docs/roles/databases.rst: -------------------------------------------------------------------------------- 1 | ************** 2 | Database Roles 3 | ************** 4 | 5 | MySQL 6 | ===== 7 | 8 | Install and set up a MySQL server and then create the configured user 9 | and database. 10 | 11 | The database administrative user is "root" with the "root" password. 12 | 13 | This role must be included before the Django or PHP one if both are 14 | present so that the correct extension and configuration could be made. 15 | 16 | Parameters 17 | ---------- 18 | 19 | - **database\_name** : the name of the database to create, set in 20 | parameters.yml 21 | - **database\_user**: the name of the user, defaults to the database 22 | name 23 | - **database\_password**: the password of the user, defaults to the 24 | database name 25 | - **mysql\_version**: the MySQL version to install, defaults to 5.6 and 26 | supports 5.6, 5.7 and 8.0 (more info on 27 | http://dev.mysql.com/downloads/repo/apt/) 28 | - **mysql\_character\_set**: the database character set, defaults to "latin1" 29 | - **mysql\_collation**: the database collation, defaults to "latin1_swedish_ci" 30 | 31 | PostgreSQL 32 | ========== 33 | 34 | Install and set up a PostgreSQL server and then create the configured 35 | user and database. 36 | 37 | This role must be included before the Django or PHP one if both are 38 | present so that the correct extension and configuration could be made. 39 | 40 | Parameters 41 | ---------- 42 | 43 | - **database\_name** : the name of the database to create, set in 44 | parameters.yml 45 | - **database\_user**: the name of the user, defaults to the database 46 | name 47 | - **database\_password**: the password of the user, defaults to the 48 | database name 49 | - **database\_template**: the template to use, defaults to "template0" 50 | - **database\_encoding**: character encoding, defaults to UTF-8 51 | - **database\_lc\_collate**: database collation, defaults to 52 | en\_US.UTF-8 53 | - **database\_lc\_ctype**: database ctype, defaults to en\_US.UTF-8 54 | 55 | PostGIS 56 | ======= 57 | Install and set up a PostgreSQL server with the PostGIS extension enabled. 58 | 59 | The `postgres` role is declared as a dependency and does not need to be activated explicitly in `playbook.yml`. 60 | 61 | For each of the supported OS, this role installs the recommended PostgreSQL/PostGIS combination package: 62 | - **Debian 8 (Jessie)**: postgresql-9.4-postgis-2.1 63 | - **Debian 9 (Stretch)**: postgresql-9.6-postgis-2.3 64 | - **Debian 10 (Buster)**: postgresql-11-postgis-2.5 65 | - **Ubuntu 14 (trusty)**: postgresql-9.3-postgis-2.1 66 | - **Ubuntu 16 (xenial)**: postgresql-9.5-postgis-2.2 67 | 68 | MemCached 69 | ========= 70 | 71 | To be completed. 72 | -------------------------------------------------------------------------------- /docs/roles/gulp.rst: -------------------------------------------------------------------------------- 1 | ********* 2 | Gulp Role 3 | ********* 4 | 5 | *Existing configuration files (Gulpfile.js, gulp.config.js, 6 | webpack.config.js, package.json) will not be overridden.* 7 | 8 | - Install ``gulp`` globally in the Vagrant box 9 | - Create a prefilled ``Gulpfile.js`` with useful tasks 10 | 11 | - Watch & live reload with BrowserSync 12 | - Compile Sass with Autoprefixer & source-maps 13 | - Bundle JavaScript with Webpack, preconfigured with Babel 14 | (optional) 15 | - Lossless images optimization with ImageMin 16 | 17 | - Create associated ``gulp.config.js`` and ``webpack.config.js`` 18 | - Add the necessary dependencies to ``package.json`` (only if the file doesn't exist yet) 19 | 20 | After the first provisioning, you should edit the ``gulp.config.js`` and 21 | ``webpack.config.js`` to match your project structure. 22 | 23 | Parameters 24 | ---------- 25 | 26 | - **gulp\_directory**: where should the gulpfile be created, defaults 27 | to ``/`` 28 | - **gulp\_create\_config**: Create the gulp.config.js used by the default Gulpefile.js, defaults to 29 | ``true`` 30 | - **gulp\_use\_webpack**: Setup Webpack alongside Gulp, defaults to 31 | ``true`` 32 | - **gulp\_use\_purescript**: Add PureScript support to Webpack, 33 | defaults to ``false`` 34 | - **gulp\_browserslist**: Define 35 | `Browserslist `__ in 36 | ``package.json``, defaults to: 37 | 38 | :: 39 | 40 | - Last 2 versions 41 | - IE 11 42 | 43 | Default tasks 44 | ------------- 45 | 46 | Watch & live reload proxy 47 | ~~~~~~~~~~~~~~~~~~~~~~~~~ 48 | 49 | Run BrowserSync, watch for changes in files, compile and reload browser 50 | afterwards with: 51 | 52 | :: 53 | 54 | npm start 55 | 56 | Build for production 57 | ~~~~~~~~~~~~~~~~~~~~ 58 | 59 | :: 60 | 61 | npm run build 62 | 63 | Optimize images 64 | ~~~~~~~~~~~~~~~ 65 | 66 | *For performance reason, this task is not included in the watch/build 67 | tasks. You should run it manually according to your needs.* 68 | 69 | Optimize jp(e)g, png, gif & svg files with: 70 | 71 | :: 72 | 73 | gulp images 74 | -------------------------------------------------------------------------------- /docs/roles/java.rst: -------------------------------------------------------------------------------- 1 | ********** 2 | Java Roles 3 | ********** 4 | 5 | Java 6 | ==== 7 | 8 | Installs a Java Runtime Environment using the OpenJDK Debian package. 9 | 10 | Parameters 11 | ---------- 12 | 13 | - **java_jre_version**: JRE version to install, defaults to 7. Set 14 | your version according to your needs and your Linux distribution. 15 | - **java_jre_package**: default is ``openjdk-{{ java_jre_version }}-jre``. 16 | 17 | JDK 18 | === 19 | 20 | Installs a Java Development Kit using the OpenJDK Debian package. 21 | 22 | Parameters 23 | ---------- 24 | 25 | - **java_jdk_version**: JDK version to install, defaults to 7. Set 26 | your version according to your needs and your Linux distribution. 27 | - **java_jdk_package**: default is ``openjdk-{{ java_jdk_version }}-jdk``. 28 | 29 | Maven 30 | ===== 31 | 32 | Installs Maven via ``apt-get``. 33 | 34 | Solr 35 | ==== 36 | 37 | Install ``solr`` via the tarballs available on the Apache repository. 38 | 39 | A specific user is created and ``solr`` is automatically started at boot 40 | using ``supervisor``. 41 | 42 | You can choose any ``solr`` version (compatible with Java7) via download. 43 | However the provided start command might need some adjustment. 44 | 45 | To create a Solr core, use both the ``solr_core_name`` and ``solr_core_conf`` 46 | parameter. 47 | 48 | Parameters 49 | ---------- 50 | 51 | Those parameters controls base feature for ``solr``. There's also a list 52 | below of "internal" parameters that you'll might need to tweak if you 53 | want to use a version different than 4.X or 5.X 54 | 55 | - **solr_version**: Solr version to install, defaults to 5.3.1. You 56 | should be able to use all 5.X and 4.X version, but some tuning might 57 | be needed. 58 | - **solr_base_dir**: Solr base directory, this is not directly used 59 | by the role, defaults to `/opt/solr`. 60 | - **solr_install_dir**: Solr installation directory, defaults to ``{{ solr_base_dir }}``. 61 | - **solr_config_dir**: Solr configuration directory, defaults to 62 | `/opt/solr/server/solr`. 63 | - **solr_port**: defaults to 8984. 64 | - **solr_core_name**: Create a new Solr core/index with such name; by 65 | default no indexes are created. If this parameter is defined, ``solr_core_conf`` 66 | must be defined as well. 67 | - **solr_core_conf**: Specifies the Solr core/index configuration folder 68 | to use for the index, it will be symlinked to the `conf` folder of the index. 69 | Refer to `the documentation `_ for the file structure 70 | required by Solr. Example: ``solr_core_conf=/vagrant/solr/conf``. 71 | 72 | ElasticSearch 73 | ============= 74 | 75 | To be completed 76 | -------------------------------------------------------------------------------- /docs/roles/others.rst: -------------------------------------------------------------------------------- 1 | *********** 2 | Other Roles 3 | *********** 4 | 5 | Ruby 6 | ==== 7 | 8 | Install Ruby, Gem integration for Debian and dev dependencies. 9 | 10 | Any Debian ruby package should then be also recognized as a Gem. You can 11 | however continue to install Gems using the ``gem`` utility if you need a 12 | specific version or an unavailable package. 13 | 14 | NodeJS 15 | ====== 16 | 17 | Install NodeJS and NPM. 18 | 19 | Parameters 20 | ---------- 21 | 22 | - **nodejs\_version** : The version to install, currently supports 13.x, 12.x, 11.x, 10.x, 9.x, 8.x, 23 | 7.x, 6.x, 5.x, 4.x, 0.12 and 0.10, default being 12.x. 24 | - **nodejs\_distro** : Is automatically set to either 'jessie', 'stretch', etc 25 | based on available information, you can also put an Ubuntu codename here. 26 | - **nodejs_create_package_json**: create a ``package.json`` file based on the 27 | settings below during provisioning. Defaults to ``true``. 28 | - **nodejs_package_json_template**: template to use for the creation of the initial ``package.json`` file. Defaults to 29 | ``package.json.j2``, or ``package.json.gulp.j2`` if you're using the gulp role. See the 30 | ``provisioning/roles/nodejs/templates`` directory for the list of available templates. 31 | - **nodejs_package_json_path**: where should the package.json file be 32 | created, defaults to ``/package.json`` 33 | - **nodejs_package_json_author**: Author that should be put in the 34 | package.json file, defaults to ``Liip AG`` 35 | - **nodejs_install_package_json**: Run ``npm install`` on each provisioning. Defaults to ``true``. 36 | 37 | OpenLDAP 38 | ======== 39 | 40 | Install an OpenLDAP (slapd) server. 41 | 42 | It will open the standard LDAP ports (389 for ``ldap://``, 636 for 43 | ``ldaps://``), and the ``ldap-utils`` (shipping ``ldapsearch`` is also 44 | installed. 45 | 46 | Parameters 47 | ---------- 48 | 49 | - **ldap\_organization** : Fulltext organization name, defaults to 50 | 'EvilCorp Ltd' 51 | - **ldap\_organization\_domain** : Organization domain name, defaults 52 | to ``evilcorp.example.com`` 53 | - **ldap\_admin\_password** : Password of the original 54 | cn=admin,dc=evilcorp,dc=example,dc=com user, defaults to 'admin' 55 | 56 | RMT - Release Management Tool 57 | ============================= 58 | 59 | Install RMT in the box. Once done you must run `php /home/vagrant/.config/composer/vendor/liip/rmt/RMT` to init it for your project. Then for the next steps go to https://github.com/liip/RMT#usage 60 | 61 | Redis 62 | ===== 63 | 64 | To be completed. 65 | 66 | Gitlab CI 67 | ========= 68 | 69 | See :doc:`../tips/ci`. 70 | -------------------------------------------------------------------------------- /docs/roles/php.rst: -------------------------------------------------------------------------------- 1 | ********* 2 | PHP Roles 3 | ********* 4 | 5 | PHP 6 | === 7 | 8 | Install PHP and various extensions : curl, intl, gd, imagemagick, ... 9 | 10 | The version can be changed and defaults to 5.6. All version are however 11 | not available on all OS versions, an error message will be displayed by 12 | Ansible if you chose an impossible combination. 13 | 14 | Available versions are: 15 | 16 | - **Debian Stretch & Jessie**: 5.6, 7.0, 7.1 and 7.2 17 | - **Ubuntu Trusty**: 5.5, 5.6, 7.0, 7.1 and 7.2. 18 | 19 | Development specific configuration options are also put into place, for 20 | example to activate error outputting. 21 | 22 | A database driver is also installed if one of the MySQL or PostgreSQL 23 | roles was included before. 24 | 25 | If you want to install xdebug, you'll need to also add the specific role 26 | : ``php-xdebug``. 27 | 28 | There are also roles for some more specific extension that could be 29 | found below. 30 | 31 | This role is automatically included by roles PHP-Apache and PHP-FPM, so 32 | you should not include it yourself. 33 | 34 | Parameters 35 | ---------- 36 | 37 | - **php_sury_apt_key_id**: if you're installing PHP on Debian >= jessie, this 38 | parameter allows you to change the APT key id of the Sury repository. 39 | Defaults to B188E2B695BD4743 40 | - **php\_version** : version to install, defaults to 5.6 41 | - **php\_error\_reporting** : php error reporting, defaults to "E\_ALL 42 | \| E\_STRICT" 43 | - **php\_assert\_exceptions** : php assert exceptions for 7.0 and above, 44 | defaults to false 45 | - **php\_max\_execution** \_time\*\* : script max exectution time, 46 | defaults to "3600" 47 | - **php\_memory\_limit** : memory limit, defaults to "4G" 48 | - **php\_upload\_max\_filesize** : maximal size of uploaded file, 49 | defaults to "128M" 50 | - **php\_date\_timezone** : timezone, defaults to "Europe/Zurich" 51 | - **php\_default\_charset** : default charset, defaults to "UTF-8" 52 | - **php\_default\_socket\_timeout** : socket timeout, defaults to 120 53 | 54 | PHP-Apache 55 | ========== 56 | 57 | Install the PHP mod for Apache along with Apache and PHP. You only need 58 | to install this role, PHP and Apache will be automatically added as 59 | dependencies. For details about PHP config, see above. 60 | 61 | The default vhost template from the Apache role is used. 62 | 63 | PHP-FPM 64 | ======= 65 | 66 | Install PHP-FPM so that you can use NGinx. You only need to install this 67 | role, PHP and NGinx will be automatically added as dependencies. For 68 | details about PHP config, see above. 69 | 70 | You can change the site template used using the parameter defined below. 71 | The templates can be found in the NGinx role. 72 | 73 | Parameters 74 | ---------- 75 | 76 | - **nginx\_site\_template**: template to use for site configuration, 77 | defaults to "php-site.j2" 78 | - **nginx\_index**: index in nginx configuration, defaults to 79 | "index.php" 80 | 81 | PHP-XDebug 82 | ========== 83 | 84 | Installs the XDebug extension for PHP. 85 | 86 | You can modify the config file ``/etc/php5/conf.d/20-xdebug.ini`` to 87 | change the configuration and restart your Apache or PHP-FPM. XDebug is 88 | also configured to trigger debugging and profiling in response to the 89 | related query string or cookie, so you should be able to install a 90 | browser extension to make it work this way. 91 | 92 | Parameters 93 | ---------- 94 | 95 | - **xdebug_idekey**: value of the ``xdebug.idekey`` setting, defaults to `XDEBUG-DRIFTER`. 96 | 97 | PHP-Redis 98 | ========= 99 | 100 | Installs the Redis extension for PHP. Redis and PHP are installed as a 101 | dependency. 102 | 103 | Concerning Redis itself, the documentation is in the "System" section of 104 | the documentation. 105 | 106 | PHP-MemCached 107 | ============= 108 | 109 | Installs the MemCached extension for PHP. MemCached and PHP are 110 | installed as a dependency. 111 | 112 | Concerning MemCached itself, the documentation is in the "System" 113 | section of the documentation. 114 | 115 | Composer 116 | ======== 117 | 118 | Installs Composer, the PHP package manager. The PHP role is defined as a 119 | dependency. You can set the install dir, a link in ``/usr/local/bin`` 120 | will be set up whichever the install dir is so that composer can be 121 | accessed globally. 122 | 123 | If composer is already installed, this role will update it instead. 124 | 125 | Parameters 126 | ---------- 127 | 128 | - **composer.dir** : where to install the binary, default 129 | "opt/composer" 130 | 131 | PhiVE 132 | ===== 133 | 134 | Installs PhIVE support (Phar Installation and Verification Environment (PHIVE). 135 | A link in ``/usr/local/bin`` will be set up so that ``phive`` can be accessed globally. 136 | 137 | If PhIVE is already installed, this role will update it instead. 138 | 139 | Parameters 140 | ---------- 141 | 142 | - **phive.dir** : where to install the binary and the downloaded phar(s), 143 | default to "opt/phive" 144 | -------------------------------------------------------------------------------- /docs/roles/python.rst: -------------------------------------------------------------------------------- 1 | ************ 2 | Python Roles 3 | ************ 4 | 5 | Python 6 | ====== 7 | 8 | Install Pip and Virtualenv along with dev dependencies. Dependencies to 9 | build the Pillow package are also installed. 10 | 11 | Both Python 2 and Python 3 are always installed, for example to facilitate 12 | tests on multiple python version, the parameter below only change the 13 | behavior of python related roles. 14 | 15 | Parameters 16 | ---------- 17 | 18 | - **python_version**: version of Python to use. Can be 2 or 3, defaults to "3" 19 | - **pip_version** : the version of pip to install in the virtual environment. Defaults to 9.0.1. 20 | - **setuptools_version** : the version of setuptools to install in the virtual environment. Defaults to 28.8.0. 21 | - **python3_install_from_source**: whether to install Python from source (true) or use the distribution version (false). Defaults to false 22 | - **python3_source_version**: Python version like 3.5.5, defaults to "3.6.5" 23 | 24 | .. _virtualenv-reference-label: 25 | 26 | Virtualenv 27 | ========== 28 | 29 | Create a python virtual environment and install application requirements 30 | via pip. The environment will also get `pip-tools `_ installed. 31 | 32 | The virtual environment is automatically activated upon box login. 33 | 34 | - **pip\_requirements** : filename of the requirements file, defaults to 35 | "requirements/dev.txt" 36 | - **env\_root** : directory where the virtual environment must be 37 | created, defaults to "~/ENV" 38 | - **pip\_requirements\_dir** : name of the requirements directory that contain the `.in` files. If set, Drifter will 39 | run ``pip-compile`` on these files upon provisioning. 40 | - **pip_tools\_version** : the version of pip-tools to install in the virtual environment. Defaults to 1.8.2. 41 | 42 | Django 43 | ====== 44 | 45 | Uses the ``virtualenv`` or the ``pipenv`` role (depending on the 46 | ``django_use_pipenv`` parameter) to create and install a virtual 47 | environment for Django. 48 | 49 | Configure database access via environment variable and then run 50 | migrations. 51 | 52 | You need to include either to ``mysql`` or ``postgresql`` roles before 53 | this one. 54 | 55 | This role depends on the Virtualenv and NGinx roles. The NGinx role is 56 | configured to use the "django-site.js" site template on the port "8000". 57 | 58 | Parameters 59 | ---------- 60 | 61 | - **django_root** : root directory of the Django project, default to 62 | the "root_directory" variable defined in parameters.yml 63 | - **django_use_pipenv**: whether to use Pipenv to install requirements. Defaults to false. 64 | - **django_use_virtualenv**: whether to use Virtualenv to install requirements. Defaults to the opposite of 65 | **django_use_pipenv**. If both **django_use_pipenv** and **django_use_virtualenv** are false, you're responsible for 66 | installing your project requirements. 67 | -------------------------------------------------------------------------------- /docs/roles/ruby.rst: -------------------------------------------------------------------------------- 1 | ********** 2 | Ruby Roles 3 | ********** 4 | 5 | Ruby 6 | ==== 7 | 8 | Install ``rbenv`` along with ``Bundler``. Complete the installation with 9 | the ``bundle install`` command if a Gemfile is found in the project root 10 | directory. 11 | 12 | Parameters 13 | ---------- 14 | 15 | - **ruby\_version**: this should be the exact version name (such as 16 | 2.3.3). Find a list of accepted version with ``rbenv install -l``. 17 | Default is 2.4.1. 18 | - **ruby_build_version**: version of ruby-build to use. Default is v20190423. 19 | 20 | Rails 21 | ===== 22 | 23 | Simply add roles ``nodejs`` and ``ruby`` in your playbook.yml. Note that 24 | rails will not be installed unless specified in your Gemfile. 25 | 26 | Using mysql or postgres? then include ``mysql`` or ``postgresql`` role 27 | before ``ruby``. 28 | 29 | Run server 30 | ---------- 31 | 32 | You have two options. First, in the box, run ``rails server`` or ``puma``, then open your browser on 33 | ``http://{hostname}:3000`` 34 | 35 | Second option is to add the nginx role with the rails template:: 36 | 37 | - { role: nginx, web_directory: "/vagrant/public", site_template: "rails-site.j2", proxy_port: 3000 } 38 | 39 | Then you can just open ``http://{hostname}``. 40 | -------------------------------------------------------------------------------- /docs/roles/system.rst: -------------------------------------------------------------------------------- 1 | ************ 2 | System Roles 3 | ************ 4 | 5 | Base 6 | ==== 7 | 8 | This roles installs various useful software like vim, ack-grep, etc. It 9 | also put some configuration files of the vagrant user home directory. 10 | 11 | It should always be included to have a common environment in all vagrant 12 | boxes. 13 | 14 | Git 15 | === 16 | 17 | Install Git and some sane configuration and sync the username and e-mail 18 | from the host. 19 | 20 | `Fancy-diff `__ is also 21 | installed by default and you can opt-in to sync your git configuration 22 | on each ``vagrant up``. 23 | 24 | Parameters 25 | ---------- 26 | 27 | - **fancy\_diff** : install fancy-diff 28 | - **sync\_git\_with\_host** : sync your host git config on each 29 | ``vagrant up`` 30 | 31 | Supervisor 32 | ========== 33 | 34 | Install Supervisor so that you can manage long lived processes inside 35 | the box. A config file based on the parameters is also created for your 36 | service. 37 | 38 | The service are automatically started on boot and restarted if they 39 | fail. 40 | 41 | If you need multiple services, just include the role multiple times with 42 | the various parameters. 43 | 44 | Parameters 45 | ---------- 46 | 47 | - **service\_name** : name of the service 48 | - **user** : user to use to launch the service 49 | - **command** : the command to launch 50 | - **root\_directory** : the base directory for the service 51 | - **environment\_vars** : environment vars you want to set 52 | 53 | tmpfs 54 | ===== 55 | 56 | Configure a path to be mounted as a tmpfs (ie : in memory filesystem). 57 | 58 | This can be used to speed up application, for example by putting their 59 | log directory in memory thus avoiding costly network transfers for 60 | shared directories. 61 | 62 | Parameters 63 | ---------- 64 | 65 | - **mount\_path** : the path to replace with a tmpfs 66 | 67 | SSL 68 | === 69 | 70 | If you set the ``ssl`` parameter to true in your ``parameters.yml`` 71 | file, ansible will create a Certification Authority (CA) and then create 72 | and sign SSL certificates for all hosts configured for your project. 73 | 74 | The CA certificate will then be copied to your project 75 | ``root_directory``. If you add this certificate to your trust store, you 76 | should be able to access your websites with HTTPS without any error 77 | messages from most browsers. 78 | 79 | If the role is activated, both Apache and NGinx will be configured to 80 | use the created certificates. 81 | 82 | WARNING: if the certificate is regenerated because you did a 83 | ``vagrant destroy`` or the hostname changed, you will need to re import 84 | the CA certificate into your trust store and in the meantime you might 85 | get errors from your browser. Chrome for example produce a pretty 86 | confusing error message about an attacker trying to steal your 87 | credentials. 88 | 89 | SSH 90 | === 91 | 92 | Disable SSH strict host key checking if ``ssh_no_stricthostkeychecking`` 93 | is set to true in the parameters. 94 | 95 | Also add the github and gitlab.liip.ch host key to the ``known_hosts`` 96 | file. 97 | 98 | Parameters 99 | ---------- 100 | 101 | - **ssh\_no\_stricthostkeychecking** : if set to true, disable SSH 102 | strict host key checking 103 | 104 | Redis 105 | ===== 106 | 107 | To be completed. 108 | 109 | RabbitMQ 110 | ======== 111 | 112 | To be completed. 113 | 114 | LogStash 115 | ======== 116 | 117 | Currently only installs LogStach without any kind of configuration or 118 | nothing. This role is not usable as is. 119 | 120 | Parameters 121 | ---------- 122 | 123 | - **logstash\_version**: version to install, defaults to 2.3 124 | -------------------------------------------------------------------------------- /docs/roles/webpack.rst: -------------------------------------------------------------------------------- 1 | ******* 2 | Webpack 3 | ******* 4 | 5 | **Current Webpack version: 4.5.0** 6 | 7 | This role provides a pretty simple setup to handle assets (javascripts, stylesheets, images, fonts and SVG icons) through `Webpack `_ in your project. 8 | 9 | It creates a `webpack.config.js` that is preconfigured to handle: 10 | 11 | - `Sass `_ files to create stylesheets. Stylesheets are processed through `Autoprefixer `_ for browser compatibility and `CSSNano `_ for optimisations. 12 | - JavaScript files through `Babel `_ with babel-preset-env to use next generation JavaScript today 13 | - SVG icons through `svg-sprite-loader `_ and make a single sprite file out of it 14 | - Images (svg, png, jp(e)g, gif, webp) 15 | - Fonts (woff, woff2, eot, ttf, otf) 16 | 17 | 18 | Installation 19 | ------------ 20 | 21 | Once enabled, this role will create a ``webpack.config.js``, a ``babel.config.js`` and a ``package.json`` that includes all the required dependencies by default. 22 | 23 | **Existing files (webpack.config.js, babel.config.js and package.json) will not be overridden. If those files already exist, the installation will be incomplete and might not work as expected.** 24 | 25 | Parameters 26 | ~~~~~~~~~~ 27 | 28 | - **webpack_directory**: where should the webpack.config.js be created, defaults to ``{{ root_directory }}/`` 29 | - **webpack_create_config**: Create the webpack.config.js & babel.config.js, defaults to ``true`` 30 | - **webpack_browserslist**: Define `Browserslist `__ in ``package.json``, defaults to: 31 | 32 | .. code-block:: yaml 33 | 34 | - "> 0.5%" 35 | - "not op_mini all" 36 | - "not dead" 37 | 38 | Post-install 39 | ~~~~~~~~~~~~ 40 | 41 | The default configuration expects a couple of things: 42 | 43 | - The main JavaScript file to live at ``assets/scripts/common.js`` (not created by the role) 44 | - All the assets to live in ``assets/…`` or in ``node_modules`` 45 | - The SVG icons to be included in the sprite to live in ``assets/icons/`` 46 | 47 | Other defaults: 48 | 49 | - Built files are bundled into the ``dist/`` folder 50 | - Generated icons sprite is named ``icons.svg`` 51 | 52 | You can change all these default values by editing the ``webpack.config.js`` file. If you need help, you should check out the `Webpack config documentation `_. 53 | 54 | 55 | Default tasks 56 | ------------- 57 | 58 | Development 59 | ~~~~~~~~~~~ 60 | 61 | :: 62 | 63 | npm start 64 | 65 | Starts ``webpack-dev-server`` at `example.lo:3000 `_, compile on-the-fly and reload the browser automatically. All requests not handled by webpack will be proxified to example.lo. 66 | 67 | *Replace example.lo by the "hostname" you set in the "parameters.yml".* 68 | 69 | Notice that webpack-dev-server does not write the files to the disk. To debug which files are being served, go to `example.lo:3000/webpack-dev-server `_. 70 | 71 | Production 72 | ~~~~~~~~~~ 73 | 74 | :: 75 | 76 | npm run build 77 | 78 | Will bundle all the assets, optimized for production, in the ``dist`` folder by default. 79 | 80 | 81 | Loading assets 82 | -------------- 83 | 84 | The default public path for bundled assets is ``/``. 85 | 86 | To load the main JavaScript file, use: 87 | 88 | .. code-block:: html 89 | 90 | 91 | 92 | CSS styles are extracted to a separate file. For example, all the CSS required by the ``common`` bundle, would be extracted as ``common.css`` and should be loaded like this: 93 | 94 | .. code-block:: html 95 | 96 | 97 | 98 | If you need help to import files such as CSS, images or fonts, take a look to the `Webpack asset management guide `_. 99 | -------------------------------------------------------------------------------- /docs/roles/webservers.rst: -------------------------------------------------------------------------------- 1 | *************** 2 | Webserver Roles 3 | *************** 4 | 5 | Apache 6 | ====== 7 | 8 | This roles installs Apache and the required virtual host configuration 9 | for your project. 10 | 11 | Except for a static website, it should not be used directly because it 12 | is automatically included by other roles, for example PHP-Apache. 13 | 14 | Parameters 15 | ---------- 16 | 17 | - **web_directory** : Root directory for the virtual host, defaults to 18 | `root_directory`. 19 | - **ssl** : Whether to activate HTTPS vhost, defaults to `false`. If enabled, 20 | the generated CA will be copied to the project directory. 21 | 22 | NGinx 23 | ===== 24 | 25 | Install the NGinx web server and configure a virtual host based on the 26 | given site template. Except if you need to serve only static files, you 27 | should not have to include this role yourself, the Django or PHP-FPM 28 | roles do it automatically with the correct parameters. 29 | 30 | The server logs are stored in 31 | ``/var/log/nginx/.(error|access).log``. 32 | 33 | You can have your own site template in your project directory, 34 | for example `virtualization/templates/nginx.j2` and extend one of the 35 | default templates provided: 36 | 37 | .. code-block:: jinja 38 | 39 | {% extends "default-site.j2" %} 40 | 41 | {% block extra %} 42 | {{ super() }} 43 | 44 | # Here goes your custom Nginx rules 45 | {% endblock %} 46 | 47 | Then set the ``site_template`` parameter to ``nginx.j2`` when including the nginx role (or any other that depend 48 | on the nginx role): 49 | 50 | .. code-block:: yaml 51 | 52 | roles: 53 | - { role: nginx, site_template: nginx.j2 } 54 | 55 | 56 | If you want to use roles that include nginx, such as php-fpm, make sure you use the right parameter name (check the 57 | docs): 58 | 59 | .. code-block:: yaml 60 | 61 | roles: 62 | - { role: php-fpm, nginx_site_template: nginx.j2 } 63 | 64 | 65 | Parameters 66 | ---------- 67 | 68 | - **site_template** : The virtual host template to use, defaults to 69 | "default-site.j2" for static websites only, possible values are: 70 | 71 | - ``default-site.j2`` 72 | - ``django-site.j2`` Site template for Django 73 | - ``drupal6-site.j2`` Site template for Drupal6 74 | - ``drupal7-site.j2`` Site template for Drupal7 75 | - ``drupal8-site.j2`` Site template for Drupal8 76 | - ``php-site.j2`` Site template for generic PHP 77 | - ``silex-site.j2`` Site template for Silex 78 | - ``symfony2-site.j2`` Site template for Symfony2 79 | - ``symfony4-site.j2`` Site template for Symfony4 80 | 81 | - **index** : what file do we use as an index ? defaults to 'false' 82 | - **static_host** : Which static host to use for Django projects ? 83 | defaults to "false". 84 | - **static_dir** : Which static URL dir to use for Django projects ? 85 | defaults to "false". 86 | - **static_fs_dir** : Which static filesystem dir to use for Django 87 | projects ? defaults to "". 88 | - **expire_time** : Expiration time of static files, defaults to "6h". 89 | - **web_directory** : Root directory for the virtual host, defaults to `root_directory`. 90 | - **ssl** : Whether to activate HTTPS vhost, defaults to `false`. If enabled, the generated CA will be copied to the 91 | project directory. 92 | -------------------------------------------------------------------------------- /docs/testing.rst: -------------------------------------------------------------------------------- 1 | ************************* 2 | Running and writing tests 3 | ************************* 4 | 5 | The ``box`` pytest fixture allows you to get a full fledged Vagrant box (powered by LXC). Start by provisioning it, and then run commands in the box using the ``execute`` method:: 6 | 7 | def test_mysql_role_installs_mysql(box): 8 | box.provision(roles=['mysql'], parameters={'mysql_version': '5.7'}) 9 | assert '5.7' in box.execute('mysql --version') 10 | 11 | By default boxes use a specific Debian image (refer to ``tests/conftest.py`` for the exact distribution). You can specify the OS to use by passing the ``os`` argument to the ``provision`` method:: 12 | 13 | def test_mysql_role_installs_mysql_on_ubuntu(box): 14 | box.provision(roles=['mysql'], parameters={'mysql_version': '5.7'}, os='drifter/trusty64-base') 15 | assert '5.7' in box.execute('mysql --version') 16 | 17 | 18 | To run the tests, start by installing the requirements:: 19 | 20 | pip3 install pytest pyyaml 21 | 22 | And then execute the ``pytest`` command to run the tests. Test boxes are automatically discarded when the test run is over so you don't have to clean anything. 23 | 24 | Running a specific test / debugging 25 | =================================== 26 | 27 | When a test fails, you can either re-run only the failing tests by passing the ``--lf`` option to pytest, or by using the ``-k`` option, followed by a part of the name of the test (for example ``pytest -k mysql_role_installs``). 28 | 29 | If you want to break at a failing test (for example to spawn a shell into the box and check what's going on), add the ``--pdb`` option to pytest and, once you're into pdb, retrieve the box id:: 30 | 31 | (Pdb) p box.box.get_lxc_id() 32 | drifter-base-boxes_default_1519465979666_71466 33 | 34 | Then run ``lxc-attach -n drifter-base-boxes_default_1519465979666_71466`` to get a shell to the box. Once you're done, use the ``q`` command to exit the debugger and destroy the box. 35 | 36 | Passwordless tests running 37 | ========================== 38 | 39 | To run the tests without any password (useful for CI integration), add the following to your sudoers (replace `johndoe` by your user name):: 40 | 41 | johndoe ALL=(ALL) NOPASSWD: /usr/binlxc-info -iH -n *, /usr/bin/lxc-start -n *, /usr/bin/lxc-stop -k -n *, /usr/bin/lxc-attach -n * -- *, /usr/bin/lxc-copy -s -B overlayfs -n * -N *, /usr/bin/lxc-stop -k -n *, /usr/bin/lxc-destroy -n * 42 | -------------------------------------------------------------------------------- /docs/tips/ci.rst: -------------------------------------------------------------------------------- 1 | ** 2 | CI 3 | ** 4 | 5 | Integrating with Gitlab CI 6 | ========================== 7 | 8 | (These instructions are specifically for the Liip Gitlab CI, but may be 9 | used on other Gitlab CI's as well) 10 | 11 | To make it easy to run tests on the Gitlab CI runners, this packages 12 | provides some general purpose scripts, so you don't have to reinvent the 13 | wheel all the time. 14 | 15 | Setup 16 | ----- 17 | 18 | Using the gitlabci role 19 | ~~~~~~~~~~~~~~~~~~~~~~~ 20 | 21 | The automatic way. Just uncomment/add the folloing line in your 22 | ``playbook.yml`` and the needed files will be created automatically on 23 | the next provsioning (if they don't exist already) 24 | 25 | :: 26 | 27 | - { role: gitlabci } 28 | 29 | It installs the following files (which should be added to git 30 | afterwards) 31 | 32 | .gitlab-ci.yml 33 | ^^^^^^^^^^^^^^ 34 | 35 | The config file for Gitlab CI, it tells the CI what exactly to run 36 | 37 | scripts/gitlabci.sh 38 | ^^^^^^^^^^^^^^^^^^^ 39 | 40 | The script called first by the gitlab runner. It updates the submodules 41 | and then calls ``./virtualization/drifter/ci/start.sh``, which does 42 | start vagrant, provisions it and calls your actual test script. 43 | 44 | scripts/run\_tests.sh 45 | ^^^^^^^^^^^^^^^^^^^^^ 46 | 47 | This is where your actually test calls go. This is run within your 48 | vagrant box. 49 | 50 | virtualization/provisionbuild.dat 51 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 52 | 53 | To prevent provisioning on the ci runners all the time and save lots of 54 | time, provisioning is only run, when this file changes. Therefore if you 55 | change something in your provisioning scripts, also changes this file to 56 | a different value (doesn't matter which one, as long as it's different, 57 | but some kind of timestamp assures that it's different) 58 | 59 | If you don't add this file to your project, then provisioning will be 60 | run every time a ci build is started. 61 | 62 | Be aware, that the CI deletes all files before each run, which are not 63 | in your git repository. This eg. means that your vendor (if you use 64 | composer) or node\_modules folders are gone and not recreated, if 65 | provisioning doesn't go through. To still keep your important 66 | directories, add this to .gitlab-ci.yml (see also 67 | https://docs.gitlab.com/ce/ci/yaml/#cache for more details) 68 | 69 | :: 70 | 71 | cache: 72 | paths: 73 | - bin/ 74 | - vendor/ 75 | key: sharedcache 76 | 77 | Using a different folder than scripts/ 78 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 79 | 80 | If you prefer to install those files in a different folder than scripts/ 81 | you can add the following line in your ``parameters.yml``, eg: 82 | 83 | :: 84 | 85 | ci_scripts_folder: bin/ 86 | 87 | You can also adjust the files afterwards and uncomment the gitlabci role 88 | in ``playbook.yml`` again (otherwise the files will be created again 89 | after each provisioning) 90 | 91 | Installing it manually 92 | ~~~~~~~~~~~~~~~~~~~~~~ 93 | 94 | Copy the following files to some location (we have a /scripts/ folder, 95 | but you can choose any directory) 96 | 97 | :: 98 | 99 | SCRIPTS_FOLDER=./scripts/ 100 | cp virtualization/drifter/provisioning/roles/gitlabci/templates/gitlab-ci.yml .gitlab-ci.yml 101 | cp virtualization/drifter/provisioning/roles/gitlabci/templates/gitlabci.sh $SCRIPTS_FOLDER/gitlabci.sh 102 | cp virtualization/drifter/provisioning/roles/gitlabci/files/run_tests.sh $SCRIPTS_FOLDER/run_tests.sh 103 | date +%Y%m%d%H%M%S > virtualization/provisionbuild.dat 104 | 105 | And adjust ``.gitlab-ci.yml`` and ``$SCRIPTS_FOLDER/gitlabci.sh`` with 106 | the corrects paths. 107 | 108 | Add your tests 109 | -------------- 110 | 111 | Put your test scripts into ``$SCRIPTS_FOLDER/run_tests.sh`` and they 112 | should be run the next time you push something to gitlab (also make sure 113 | you enable one of the go-based gitlab runners for your project, the ones 114 | labeled with "go", "shell", and "lxc") 115 | 116 | You can also use any other file, but then adjust the env variable 117 | ``CI_TEST_SCRIPT`` in $SCRIPTS\_FOLDER/gitlabci.sh 118 | 119 | Customization 120 | ------------- 121 | 122 | Global project cache 123 | ~~~~~~~~~~~~~~~~~~~~ 124 | 125 | On each runner, there's a global project cache (shared with all 126 | projects), which can be mounted, uncomment 127 | ``export DO_GLOBAL_PROJECTS_CACHE=true`` in 128 | ``$SCRIPTS_FOLDER/gitlabci.sh`` and that will be mounted into 129 | ``/home/vagrant/.projects_cache``. We for example add the php composer 130 | cache dir there into ``/home/vagrant/.projects_cache/composer_cache``, 131 | so that not every project has to download the same project all over 132 | again. 133 | 134 | NPM would maybe be another canditate. 135 | 136 | As this is shared with all projects, be careful where to put things 137 | there. 138 | -------------------------------------------------------------------------------- /docs/tips/php.rst: -------------------------------------------------------------------------------- 1 | *** 2 | PHP 3 | *** 4 | 5 | PHP Debugging with Drifter & PHPStorm 6 | ===================================== 7 | 8 | As said earlier, the PHP role installs php-xdebug which is configured to 9 | try to connect to any listener on the host. 10 | 11 | If you are using Chrome and PHPStorm, debugging a script can be done by following these steps: 12 | 13 | #. Install the `Xdebug helper chrome extension 14 | `_ 15 | #. In your browser address bar, click on the little bug and select "Debug" 16 | #. In PHPStorm, open the "Run" menu and select "Start Listen for PHP Debug 17 | connection" 18 | #. Reload the page in your browser 19 | #. A dialog should open in PHPStorm to ask you which file you want to debug, 20 | choose the entry point of your application 21 | -------------------------------------------------------------------------------- /docs/usage.rst: -------------------------------------------------------------------------------- 1 | ***** 2 | Usage 3 | ***** 4 | 5 | Drifter is going to be installed into your project as a git submodule. 6 | So if your project is not using Git as VCS, start by creating a git 7 | repo:: 8 | 9 | cd my-project && git init 10 | 11 | Then to install Drifter, simply run the following command:: 12 | 13 | curl -sS https://raw.githubusercontent.com/liip/drifter/master/install.sh | /bin/bash 14 | 15 | This will create a ``Vagrantfile`` in your root and a ``virtualization`` 16 | folder containing configuration files. You now have to follow those two 17 | steps: 18 | 19 | - edit ``virtualization/parameters.yml`` to set parameters related to 20 | your project 21 | - edit ``virtualization/playbook.yml`` to configure what to install in 22 | your box 23 | 24 | You now just have to launch your Vagrant box and start hacking!:: 25 | 26 | vagrant up 27 | 28 | -------------------------------------------------------------------------------- /install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # this script is used to install the virtualization capabilities in a new project 4 | # Modify with care as the README tells users to run the latest version of the script 5 | # but we checkout the latest tag, so you might run in issues when you try to copy 6 | # or use files that are not yet tagged. 7 | 8 | BASE=$(pwd) 9 | VIRTDIR="virtualization" 10 | REPODIR="drifter" 11 | 12 | RED='\033[0;31m' 13 | GREEN='\033[0;32m' 14 | NC='\033[0m' # No Color 15 | 16 | rollback() 17 | { 18 | echo -e "${RED}An error occurred. Aborting.${NC}" 19 | if [ -d $VIRTDIR ]; then 20 | rm -rf $VIRTDIR 21 | fi 22 | } 23 | 24 | echo_abort() 25 | { 26 | echo -e "${RED}Aborting.${NC}" 27 | } 28 | 29 | git_status=$(git status --porcelain 2>/dev/null) 30 | git_status_exit_code=$? 31 | 32 | # exit on first error 33 | set -e 34 | 35 | if [ $git_status_exit_code -eq 128 ]; then 36 | echo "The current directory $(pwd) doesn't seem to be a git repository." 37 | while true; do 38 | read -p "Do you want to run 'git init'? [Yn] " git_init 39 | case $git_init in 40 | Y|y|"" ) git init; break;; 41 | N|n ) echo_abort; exit 1;; 42 | * ) echo "Please answer yes or no.";; 43 | esac 44 | done 45 | echo 46 | else 47 | if [ "$git_status" != "" ] && echo "$git_status" | grep -q -v '^??'; then 48 | echo -e "${RED}Your directory contains staged modifications. Please unstage them or stash them.${NC}" 49 | exit 1 50 | fi 51 | fi 52 | 53 | if [ -e $VIRTDIR ]; then 54 | echo "A directory named 'virtualization' already exists." 55 | while true; do 56 | read -p "Do you want to wipe it out and reinstall Drifter? [yN] " wipe 57 | case $wipe in 58 | Y|y ) rm -rf $VIRTDIR; break;; 59 | N|n|"" ) echo_abort; exit 1;; 60 | * ) echo "Please answer yes or no.";; 61 | esac 62 | done 63 | echo 64 | fi 65 | 66 | if ! grep -q .vagrant .gitignore 1> /dev/null 2>&1; then 67 | echo /.vagrant/ >> .gitignore 68 | git add .gitignore 69 | fi 70 | 71 | trap 'rollback' 0 72 | 73 | mkdir "$VIRTDIR" 74 | 75 | echo -n -e "Cloning Drifter into $VIRTDIR/$REPODIR : ${RED}" 76 | git submodule add -q https://github.com/liip/drifter.git "$VIRTDIR/$REPODIR" > /dev/null 77 | echo -e "${GREEN}OK${NC}." 78 | 79 | cd "$VIRTDIR/$REPODIR" 80 | LATEST=$(git tag | tail -n1) 81 | LATEST_COMMIT=$(git show-ref -s $LATEST) 82 | echo -n -e "Using version $LATEST : ${RED}" 83 | git checkout -q $LATEST > /dev/null 84 | echo -e "${GREEN}OK${NC}." 85 | 86 | cd "$BASE" 87 | 88 | echo -n -e "Copying default configuration inside the project : ${RED}" 89 | cp "$VIRTDIR/$REPODIR/provisioning/playbook.yml.dist" "$VIRTDIR/playbook.yml" 90 | cp "$VIRTDIR/$REPODIR/parameters.yml.dist" "$VIRTDIR/parameters.yml" 91 | cp "$VIRTDIR/$REPODIR/ansible.cfg.dist" "ansible.cfg" 92 | cp "$VIRTDIR/$REPODIR/Vagrantfile.dist" "Vagrantfile" 93 | echo -e "${GREEN}OK${NC}." 94 | 95 | echo -n -e "Adding new files to git : ${RED}" 96 | git add -f ansible.cfg Vagrantfile virtualization/parameters.yml virtualization/playbook.yml virtualization/drifter 97 | echo -e "${GREEN}OK${NC}." 98 | echo -n -e "Committing : ${RED}" 99 | git commit -m "Install Drifter" > /dev/null 100 | echo -e "${GREEN}OK${NC}." 101 | 102 | echo 103 | echo -e "You can now configure Drifter by modifying the following files : " 104 | echo -e "\t * ${VIRTDIR}/playbook.yml : to configure what needs to be installed inside the box" 105 | echo -e "\t * ${VIRTDIR}/parameters.yml : for project parameters" 106 | 107 | # remove error handler 108 | trap : 0 109 | -------------------------------------------------------------------------------- /parameters.yml.dist: -------------------------------------------------------------------------------- 1 | --- 2 | # Name of your project, will also be the vagrant box name 3 | project_name: "example" 4 | 5 | # Main hostname through which the vagrant box will be accessible 6 | hostname: "example.lo" 7 | # Alternative hostnames through which you want to access the vagrant box 8 | hostnames: [] 9 | 10 | # Ports you want forwared to your host. See https://www.vagrantup.com/docs/networking/forwarded_ports.html 11 | # for details. 12 | forwarded_ports: { 13 | "80": "8080", # HTTP 14 | "443": "8443", # HTTPS 15 | "3000": "3000", # BrowserSync default port 16 | } 17 | 18 | # Backingstore used by LXC. Defaults to dir. Uncomment and change this 19 | # value to suit your needs. 20 | # Note: only used with vagrant-lxc provider. 21 | # backingstore: dir 22 | 23 | # Virtual machine memory size use in MB. Defaults to 4096. Uncomment and change 24 | # this value to suit your needs. 25 | # Note: only used with VirtualBox provider. 26 | # memory: 1024 27 | 28 | # Virtual machine CPU's count use. Defaults to 2. Uncomment and change this 29 | # value to suit your needs. 30 | # Note: only used with VirtualBox provider. 31 | # cpus: 1 32 | 33 | # By default Vagrant managed different IPs for all boxes. But you can force it 34 | # here if you want. WARNING, this parameter will not guarantee that your box 35 | # will be accessible at this IP depending on your network configuration or 36 | # provider choice. 37 | # box_ip: "10.10.10.10" 38 | 39 | # Name of the database to create for your project if you include the 40 | # MySQL or PostgreSQL role 41 | database_name: "example" 42 | 43 | # Root directory of your project for the webserver and other purposes 44 | root_directory: "/vagrant/" 45 | 46 | # Synced folder type to use. Only "nfs" and "virtualbox" are supported by 47 | # drifter. Defaults to "nfs". Uncomment the following line to use the 48 | # Virtualbox shared folder implementation. 49 | # synced_folder_type: "virtualbox" 50 | 51 | # Do we activate SSL ? The CA will be copied to your project dir, you can then 52 | # add it to your computer keychain 53 | # ssl: yes 54 | 55 | # For a PHP project, you might want to set the following 56 | 57 | # Default reporting level of PHP errors 58 | # php_error_reporting: "E_ALL & ~E_NOTICE" 59 | 60 | # To pick a specific PHP version, change this value 61 | # php_version: "7.3" 62 | 63 | # For a Django or Flask project, you might want to set the following 64 | # pip_requirements: "requirements/dev.txt" 65 | 66 | # if you want to disable ssh StrictHostKeyChecking (needs the ssh role) 67 | # this has security issues, you better add your ssh host keys in the ssh role 68 | # ssh_no_stricthostkeychecking: true 69 | 70 | # For the gitlabci roles, it installs its scripts into /scripts/ 71 | # If you want another folder for that, adjust it here 72 | # ci_scripts_folder: scripts/ 73 | 74 | # If you need to add custom hosts into /etc/hosts, add them here 75 | # hosts: 76 | # - host: someotherhost 77 | # ip: 192.168.12.34 78 | 79 | # If you want to use any other box, change these 80 | box_name: "drifter/stretch64-base" 81 | box_url: "https://vagrantbox-public.liip.ch/drifter-stretch64-base.json" 82 | 83 | # For using Ubuntu 18.04 LTS, Bionic Beaver use these values 84 | # box_name: "drifter/bionic64-base" 85 | # box_url: "https://vagrantbox-public.liip.ch/drifter-bionic64-base.json" 86 | 87 | # Default Java version is 7. If you need another java version, uncomment 88 | # the matching line and set the correct value. 89 | # Set your version according to your needs and your Linux distribution. 90 | # java_jre_version: "7" 91 | # java_jdk_version: "7" 92 | 93 | # Ansible version to use. If you need another version, you can define that here 94 | # and it will be installed during provisioining. 95 | # ansible_version: "2.7.0" 96 | -------------------------------------------------------------------------------- /playground/.gitignore: -------------------------------------------------------------------------------- 1 | /.vagrant 2 | -------------------------------------------------------------------------------- /playground/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | # This Vagrantfile contains some configuration option that you can 5 | # tweak for your project. 6 | # It then loads the "main" Vagrantfile from the submodule. 7 | 8 | require 'yaml' 9 | 10 | class CustomConfig 11 | # Those accessors will be used by the Vagrantfile 12 | # 13 | # A value of 'nil' indicates that the default value can be found in 14 | # Drifter's Vagrantfile. This is usually the case for values that 15 | # are common for most projects. 16 | # 17 | # If you need to have some additional logic to define some values 18 | # you can delete the 'attr_accessor' and provide your own method 19 | # to return the values. 20 | 21 | attr_accessor :box_name # url of the lxc box 22 | attr_accessor :box_url # name of the lxc box 23 | 24 | attr_accessor :project_name # project name (currently unused by the Vagrant file) 25 | attr_accessor :hostname # main hostname of the box 26 | attr_accessor :hostnames # alternative hostnames (array) 27 | attr_accessor :box_ip # IP of the box 28 | 29 | attr_accessor :ansible_local # use 'ansible_local' provisionner ? 30 | attr_accessor :ansible_version # the ansible version to use 31 | attr_accessor :playbook # path to the playbook 32 | attr_accessor :extra_vars # extra variables to pass to Ansible 33 | 34 | attr_accessor :forwarded_ports # Port that need to be forwarded 35 | attr_accessor :synced_folder_type # Type of synced folder to use 36 | 37 | # Retrieve the values of 'virtualization/parameters.yml' so that 38 | # they can be used by Vagrant. If you need to change those values 39 | # prefer editing the parameters.yml file instead. 40 | def initialize 41 | parameters_file = ENV.fetch('VIRTUALIZATION_PARAMETERS_FILE', 'parameters.yml') 42 | config = YAML::load(File.open(parameters_file)) 43 | 44 | @box_name = config['box_name'] || nil 45 | @box_url = config['box_url'] || nil 46 | 47 | @project_name = config['project_name'] || "example" 48 | @hostname = config['hostname'] || "#{@project_name}.lo" 49 | @hostnames = config['hostnames'] || nil 50 | @box_ip = config['box_ip'] || nil 51 | 52 | @ansible_local = true 53 | @ansible_version = config['ansible_version'] || "2.7.0" 54 | 55 | @playbook = config['playbook'] || nil 56 | @extra_vars = {} 57 | 58 | @forwarded_ports = config['forwarded_ports'] || nil 59 | @synced_folder_type = config['synced_folder_type'] || "nfs" 60 | end 61 | 62 | # Getter that first check if the accessor exists on the class and if 63 | # the value is not null before returning it. 64 | # Otherwise fallback to the default if given or raise an error. 65 | def get(name, default = nil) 66 | if self.respond_to?(name) && ! self.send(name).nil? 67 | self.send(name) 68 | elsif default.nil? 69 | raise "[CONFIG ERROR] '#{name}' cannot be found and no default provided." 70 | else 71 | default 72 | end 73 | end 74 | end 75 | 76 | Dir.chdir File.expand_path(File.dirname(__FILE__)) 77 | load '../Vagrantfile' 78 | 79 | Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| 80 | synced_folder_type = CustomConfig.new.get('synced_folder_type', 'nfs') 81 | config.vm.synced_folder "../provisioning", "/drifter", type: synced_folder_type 82 | config.vm.synced_folder "../ansible-plugins", "/drifter_plugins", type: synced_folder_type 83 | end 84 | -------------------------------------------------------------------------------- /playground/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | roles_path = /drifter/roles 3 | display_skipped_hosts = False 4 | callback_plugins = /drifter_plugins/callback_plugins 5 | -------------------------------------------------------------------------------- /playground/parameters.yml: -------------------------------------------------------------------------------- 1 | --- 2 | playbook: "playbook.yml" 3 | # Name of your project, will also be the vagrant box name 4 | project_name: "example" 5 | 6 | # Main hostname through which the vagrant box will be accessible 7 | hostname: "example.lo" 8 | # Alternative hostnames through which you want to access the vagrant box 9 | hostnames: [] 10 | 11 | # Ports you want forwared to your host. See https://www.vagrantup.com/docs/networking/forwarded_ports.html 12 | # for details. 13 | forwarded_ports: { 14 | "80": "8080", # HTTP 15 | "443": "8443", # HTTPS 16 | "3000": "3000", # BrowserSync default port 17 | } 18 | 19 | # By default Vagrant managed different IPs for all boxes. But you can force it 20 | # here if you want. WARNING, this parameter will not guarantee that your box 21 | # will be accessible at this IP depending on your network configuration or 22 | # provider choice. 23 | # box_ip: "10.10.10.10" 24 | 25 | # Name of the database to create for your project if you include the 26 | # MySQL or PostgreSQL role 27 | database_name: "example" 28 | 29 | # Root directory of your project for the webserver and other purposes 30 | root_directory: "/vagrant/" 31 | 32 | # Do we activate SSL ? The CA will be copied to your project dir, you can then 33 | # add it to your computer keychain 34 | # ssl: yes 35 | 36 | # For a PHP project, you might want to set the following 37 | # Default reporting level of PHP errors 38 | # php_error_reporting: "E_ALL & ~E_NOTICE" 39 | 40 | # For a Django or Flask project, you might want to set the following 41 | # pip_requirements: "requirements/dev.txt" 42 | 43 | # if you want to dissable ssh StrictHostKeyChecking (needs the ssh role) 44 | # this has security issues, you better add your ssh host keys in the ssh role 45 | # ssh_no_stricthostkeychecking: true 46 | 47 | # For the gitlabci roles, it installs its scripts into /scripts/ 48 | # If you want another folder for that, adjust it here 49 | # ci_scripts_folder: scripts/ 50 | 51 | # If you need to add custom hosts into /etc/hosts, add them here 52 | # hosts: 53 | # - host: someotherhost 54 | # ip: 192.168.12.34 55 | 56 | # If you want to use ubuntu instead of debian (or any other box), 57 | # uncomment this. You can also replace "base" with "php7", if you need 58 | # php7 (with fpm and nginx) anyway. 59 | box_name: "drifter/stretch64-base" 60 | box_url: "https://vagrantbox-public.liip.ch/drifter-stretch64-base.json" 61 | -------------------------------------------------------------------------------- /playground/playbook.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is the file used by Ansible to provision your project 3 | # You can decide what you want to install in your box by choosing 4 | # various provided roles or add tasks to this file. If you need 5 | # more explanation, please refer to the drifter README 6 | 7 | # For some part, multiple roles are proposed, just uncomment the ones 8 | # you need. 9 | 10 | - hosts: all 11 | vars_files: 12 | - parameters.yml 13 | become: no 14 | 15 | roles: 16 | ## Install some base packages and configuration files, this should be ok for all projects 17 | - { role: base } 18 | - { role: git } 19 | 20 | ## Database, choose either mysql or postgres, some subsequent roles will be configured 21 | ## depending on your choice here. 22 | # - { role: mysql } 23 | # - { role: postgresql } 24 | 25 | ## Scripting / Language support 26 | # - { role: php-fpm } # PHP using Nginx and PHP-FPM 27 | # - { role: php-apache } # PHP using Apache and mod-php 28 | # - { role: django } # Django framework 29 | 30 | ## Webserver, choose one of those only if you have not chosen a scripting language 31 | ## above 32 | # - { role: nginx } # Nginx for basic HTML website 33 | # - { role: apache } # Apache for basic HTML website 34 | 35 | ## Install Webpack in the box 36 | # - { role: webpack } 37 | 38 | ## Install Solr in the box 39 | # - { role: solr } 40 | 41 | ## Install Elasticsearch in the box 42 | # - { role: elasticsearch } 43 | 44 | ## Install Composer in the box 45 | # - { role: composer } 46 | 47 | ## Install OpenLDAP's slapd in the box 48 | # - { role: openldap } 49 | 50 | # If you want php xdebug in your local boxes, uncomment this 51 | # The when clause prevents it to be installed on the CI_SERVER 52 | # - { role: php-xdebug, when: "'{{ lookup('env','CI_SERVER') }}' != 'yes'" } 53 | 54 | ## Install the ssh rule, installs gitlab.liip.ch and github.com host key 55 | # - { role: ssh } 56 | 57 | ## Install some Gitlab CI scripts and .gitlab-ci.yml. 58 | ## See https://github.com/liip/drifter/blob/master/ci/README.md for details 59 | # - { role: gitlabci } 60 | 61 | # Install Browsers for end-to-end tests 62 | # - { role: firefox } 63 | # - { role: chrome } 64 | # - { role: phantomjs } 65 | 66 | ## You can also creates your own role, just add a directory under the 'virtualization' 67 | ## folder and refer to it like for other roles : 68 | # - { role: my_own_role } 69 | 70 | # If needed, you can specify your own tasks, here is an example : 71 | # tasks: 72 | # - name: install project dev tools 73 | # shell: cd {{ root_directory }} && composer.phar --quiet install 74 | # - name: Copy application config file 75 | # shell: cp -f {{ root_directory }}/config/server_config.php.vagrant {{ root_directory }}/config/server_config.php 76 | # - name: Provision the database 77 | # shell: cd {{ root_directory }} && ./console mysql:reset 78 | -------------------------------------------------------------------------------- /provisioning/handlers/handlers.yml: -------------------------------------------------------------------------------- 1 | - name: restart ssh 2 | action: service name=ssh state=restarted 3 | become: yes 4 | -------------------------------------------------------------------------------- /provisioning/playbook.yml.dist: -------------------------------------------------------------------------------- 1 | --- 2 | # This is the file used by Ansible to provision your project 3 | # You can decide what you want to install in your box by choosing 4 | # various provided roles or add tasks to this file. If you need 5 | # more explanation, please refer to the drifter README 6 | 7 | # For some part, multiple roles are proposed, just uncomment the ones 8 | # you need. 9 | 10 | - hosts: all 11 | vars_files: 12 | - parameters.yml 13 | become: no 14 | 15 | roles: 16 | ## Install some base packages and configuration files, this should be ok for all projects 17 | - { role: base } 18 | - { role: git } 19 | 20 | ## Database, choose either mysql or postgres, some subsequent roles will be configured 21 | ## depending on your choice here. 22 | # - { role: mysql } 23 | # - { role: postgresql } 24 | 25 | ## Scripting / Language support 26 | # - { role: php-fpm } # PHP using Nginx and PHP-FPM 27 | # - { role: php-apache } # PHP using Apache and mod-php 28 | # - { role: django } # Django framework 29 | 30 | ## Webserver, choose one of those only if you have not chosen a scripting language 31 | ## above 32 | # - { role: nginx } # Nginx for basic HTML website 33 | # - { role: apache } # Apache for basic HTML website 34 | 35 | ## Install Webpack in the box 36 | # - { role: webpack } 37 | 38 | ## Install Solr in the box 39 | # - { role: solr } 40 | 41 | ## Install Elasticsearch in the box 42 | # - { role: elasticsearch } 43 | 44 | ## Install Composer in the box 45 | # - { role: composer } 46 | 47 | ## Install OpenLDAP's slapd in the box 48 | # - { role: openldap } 49 | 50 | # If you want php xdebug in your local boxes, uncomment this 51 | # The when clause prevents it to be installed on the CI_SERVER 52 | # - { role: php-xdebug, when: "lookup('env','CI_SERVER') != 'yes'" } 53 | 54 | ## Install the ssh rule, installs gitlab.liip.ch and github.com host key 55 | # - { role: ssh } 56 | 57 | ## Install some Gitlab CI scripts and .gitlab-ci.yml. 58 | ## See https://github.com/liip/drifter/blob/master/ci/README.md for details 59 | # - { role: gitlabci } 60 | 61 | # Install Browsers for end-to-end tests 62 | # - { role: firefox } 63 | # - { role: chrome } 64 | # - { role: phantomjs } 65 | 66 | ## You can also creates your own role, just add a directory under the 'virtualization' 67 | ## folder and refer to it like for other roles : 68 | # - { role: my_own_role } 69 | 70 | # If needed, you can specify your own tasks, here is an example : 71 | # tasks: 72 | # - name: install project dev tools 73 | # shell: cd {{ root_directory }} && composer.phar --quiet install 74 | # - name: Copy application config file 75 | # shell: cp -f {{ root_directory }}/config/server_config.php.vagrant {{ root_directory }}/config/server_config.php 76 | # - name: Provision the database 77 | # shell: cd {{ root_directory }} && ./console mysql:reset 78 | -------------------------------------------------------------------------------- /provisioning/roles/apache/defaults/main.yml: -------------------------------------------------------------------------------- 1 | # template to use 2 | site_template: default-site.j2 3 | # activate SSL ? 4 | ssl: false 5 | web_directory: "{{ root_directory }}" 6 | -------------------------------------------------------------------------------- /provisioning/roles/apache/handlers/main.yml: -------------------------------------------------------------------------------- 1 | - name: restart apache 2 | service: name=apache2 state=restarted 3 | become: yes 4 | 5 | - name: restart webserver 6 | service: name=apache2 state=restarted 7 | become: yes 8 | 9 | - name: reload apache 10 | service: name=apache2 state=reloaded 11 | become: yes 12 | -------------------------------------------------------------------------------- /provisioning/roles/apache/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: ssl, when: ssl } 4 | -------------------------------------------------------------------------------- /provisioning/roles/apache/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: install apache 2 | apt: pkg=apache2 state=latest 3 | become: yes 4 | 5 | - name: disable default vhost 6 | file: name=/etc/apache2/sites-enabled/000-default state=absent 7 | become: yes 8 | when: ansible_lsb.major_release|int < 8 9 | notify: reload apache 10 | 11 | - name: disable default vhost 12 | file: name=/etc/apache2/sites-enabled/000-default.conf state=absent 13 | become: yes 14 | when: ansible_lsb.major_release|int >= 8 15 | notify: reload apache 16 | 17 | - name: enable apache modules 18 | apache2_module: state=present name={{ item }} 19 | become: yes 20 | with_items: 21 | - rewrite 22 | - vhost_alias 23 | - mime 24 | - deflate 25 | - headers 26 | notify: restart apache 27 | 28 | - name: enable Apache SSL module 29 | apache2_module: state=present name=ssl 30 | become: yes 31 | when: ssl 32 | notify: restart apache 33 | 34 | - name: create vhost config 35 | template: src={{ site_template }} dest=/etc/apache2/sites-available/{{ hostname }}.conf 36 | become: yes 37 | 38 | - name: enable vhost 39 | file: src=/etc/apache2/sites-available/{{ hostname }}.conf dest=/etc/apache2/sites-enabled/0001-{{ hostname }}.conf state=link 40 | become: yes 41 | notify: reload apache 42 | 43 | - meta: flush_handlers 44 | -------------------------------------------------------------------------------- /provisioning/roles/apache/templates/default-site.j2: -------------------------------------------------------------------------------- 1 | 2 | ServerName {{ hostname }} 3 | 4 | {% for h in hostnames %} 5 | ServerAlias {{ h }} 6 | {% endfor %} 7 | 8 | 9 | Options All 10 | AllowOverride All 11 | {% if ansible_lsb.major_release|int >= 8 %} 12 | Require all granted 13 | {% else %} 14 | Allow from all 15 | {% endif %} 16 | 17 | 18 | DocumentRoot "{{ web_directory }}" 19 | 20 | 21 | {% if ssl %} 22 | 23 | ServerName {{ ssl_hostname | default(hostname) }} 24 | 25 | {% for h in ssl_hostnames | default(hostnames) %} 26 | ServerAlias {{ h }} 27 | {% endfor %} 28 | 29 | 30 | Options All 31 | AllowOverride All 32 | {% if ansible_lsb.major_release|int >= 8 %} 33 | Require all granted 34 | {% else %} 35 | Allow from all 36 | {% endif %} 37 | 38 | 39 | DocumentRoot "{{ web_directory }}" 40 | 41 | SSLEngine on 42 | SSLCertificateKeyFile {{ ssl_key_file }} 43 | SSLCertificateFile {{ ssl_cert_file }} 44 | 45 | {% endif %} 46 | -------------------------------------------------------------------------------- /provisioning/roles/base/defaults/main.yml: -------------------------------------------------------------------------------- 1 | hosts: [] 2 | -------------------------------------------------------------------------------- /provisioning/roles/base/files/ackrc: -------------------------------------------------------------------------------- 1 | # always use colors 2 | --color 3 | 4 | # case insensitive only when no upper case 5 | --smart-case 6 | 7 | # ignore sf2 cache 8 | --ignore-dir=app/cache 9 | 10 | # ignore Intellij related files 11 | --ignore-dir=.idea 12 | 13 | # sort files 14 | --sort-files 15 | 16 | # add some file types 17 | --type-set=mustache=.mustache 18 | --type-set=compass=.scss 19 | --type-set=twig=.twig 20 | --type-set=haml=.haml 21 | --type-set=rst=.rst 22 | -------------------------------------------------------------------------------- /provisioning/roles/base/files/agignore: -------------------------------------------------------------------------------- 1 | app/cache 2 | .idea 3 | -------------------------------------------------------------------------------- /provisioning/roles/base/files/aliases: -------------------------------------------------------------------------------- 1 | eval "$(dircolors -b)" 2 | 3 | alias ls='ls --color=auto -h' 4 | alias ll='ls -l' 5 | alias la='ls -a' 6 | 7 | alias dir='dir --color=auto' 8 | alias vdir='vdir --color=auto' 9 | 10 | alias ..='cd ..' 11 | alias ...='cd ../..' 12 | alias ....='cd ../../..' 13 | alias .....='cd ../../../..' 14 | alias ......='cd ../../../../..' 15 | alias .......='cd ../../../../../..' 16 | alias ........='cd ../../../../../../..' 17 | alias .........='cd ../../../../../../../..' 18 | alias ..........='cd ../../../../../../../../..' 19 | 20 | alias grep='grep --color=auto' 21 | alias fgrep='fgrep --color=auto' 22 | alias egrep='egrep --color=auto' 23 | 24 | alias rm='rm -i' 25 | alias cp='cp -i' 26 | alias mv='mv -i' 27 | 28 | alias df="df -h" 29 | alias du="du -h" 30 | 31 | alias ack="ack-grep" 32 | 33 | alias hl='highlight --out-format xterm256 --style rdark --line-numbers --syntax ' 34 | alias lintxml='xmllint --format -' 35 | alias lintjson='python -m json.tool' 36 | -------------------------------------------------------------------------------- /provisioning/roles/base/files/bashrc: -------------------------------------------------------------------------------- 1 | # append history file 2 | shopt -s histappend 3 | 4 | # correct spelling mistakes when doing a cd 5 | shopt -s cdspell 6 | 7 | # Enable some Bash 4 features when possible: 8 | # * `autocd`, e.g. `**/qux` will enter `./foo/bar/baz/qux` 9 | # * Recursive globbing, e.g. `echo **/*.txt` 10 | for option in autocd globstar; do 11 | shopt -s "$option" 2> /dev/null 12 | done 13 | 14 | # add user bin directory 15 | PATH=./:$PATH 16 | if [ -d ~/bin ]; then 17 | PATH=~/bin:$PATH 18 | fi 19 | 20 | # set a fancy prompt (non-color, overwrite the one in /etc/profile) 21 | if [ -f ~/.ps1 ]; then 22 | source ~/.ps1 23 | fi 24 | 25 | # source aliases 26 | if [ -f ~/.aliases ]; then 27 | source ~/.aliases 28 | fi 29 | 30 | -------------------------------------------------------------------------------- /provisioning/roles/base/files/liquidpromptrc: -------------------------------------------------------------------------------- 1 | 2 | #################################### 3 | # LIQUID PROMPT CONFIGURATION FILE # 4 | #################################### 5 | 6 | # If you want to use different themes and features, 7 | # you can load the corresponding files here: 8 | #source ~/code/liquidprompt/nojhan.theme 9 | #LP_PS1_FILE="~/code/liquidprompt/nojhan.ps1" 10 | 11 | ############# 12 | # BEHAVIOUR # 13 | ############# 14 | 15 | # Maximal value under which the battery level is displayed 16 | # Recommended value is 75 17 | LP_BATTERY_THRESHOLD=75 18 | 19 | # Minimal value after which the load average is displayed 20 | # Recommended value is 60 21 | LP_LOAD_THRESHOLD=60 22 | 23 | # Minimal value after which the temperature is displayed (in celsius degrees) 24 | # Recommended value is 60 25 | LP_TEMP_THRESHOLD=60 26 | 27 | # The maximum percentage of the screen width used to display the path 28 | # Recommended value is 35 29 | LP_PATH_LENGTH=35 30 | 31 | # How many directories to keep at the beginning of a shortened path 32 | # Recommended value is 2 33 | LP_PATH_KEEP=2 34 | 35 | # Do you want to display the hostname, even if not connected through network? 36 | # Defaults to 0 (do not display hostname when localy connected) 37 | # set to 1 if you want to always see the hostname 38 | LP_HOSTNAME_ALWAYS=1 39 | 40 | # Do you want to display the user, even if he is the same than the logged one? 41 | # Defaults to 1 (always display the user) 42 | # set to 0 if you want to hide the logged user (it will always display different users) 43 | LP_USER_ALWAYS=0 44 | 45 | # Do you want to display the percentages of load/batteries along with their 46 | # corresponding marks? Set to 0 to only print the colored marks. 47 | # Defaults to 1 (display percentages) 48 | LP_PERCENTS_ALWAYS=1 49 | 50 | # Do you want to use the permissions feature ? 51 | # Recommended value is 1 52 | LP_ENABLE_PERM=1 53 | 54 | # Do you want to use the shorten path feature ? 55 | # Recommended value is 1 56 | LP_ENABLE_SHORTEN_PATH=1 57 | 58 | # Do you want to use the proxy detection feature ? 59 | # Recommended value is 1 60 | LP_ENABLE_PROXY=1 61 | 62 | # Do you want to use the jobs feature ? 63 | # Recommended value is 1 64 | LP_ENABLE_JOBS=1 65 | 66 | # Do you want to use the load feature ? 67 | # Recommended value is 1 68 | LP_ENABLE_LOAD=1 69 | 70 | # Do you want to use the batt feature ? 71 | # Recommended value is 1 72 | LP_ENABLE_BATT=1 73 | 74 | # Do you want to use vcs features with root account 75 | # Recommended value is 0 76 | LP_ENABLE_VCS_ROOT=0 77 | 78 | # Do you want to use the git special features ? 79 | # Recommended value is 1 80 | LP_ENABLE_GIT=0 81 | 82 | # Do you want to use the svn special features ? 83 | # Recommended value is 1 84 | LP_ENABLE_SVN=0 85 | 86 | # Do you want to use the mercurial special features ? 87 | # Recommended value is 1 88 | LP_ENABLE_HG=0 89 | 90 | # Do you want to use the fossil special features ? 91 | # Recommended value is 1 92 | LP_ENABLE_FOSSIL=0 93 | 94 | # Do you want to use the bzr special features ? 95 | # Recommanded value is 1 96 | LP_ENABLE_BZR=0 97 | 98 | # Show time of the last prompt display 99 | # Recommended value is 0 100 | LP_ENABLE_TIME=0 101 | 102 | # Show runtime of the last command if over LP_RUNTIME_THRESHOLD 103 | # Recommended value is 0 104 | LP_ENABLE_RUNTIME=0 105 | 106 | # Minimal runtime to be displayed 107 | # Recommended value is 2 108 | LP_RUNTIME_THRESHOLD=2 109 | 110 | # Display the virtualenv that is currently activated, if any 111 | # Recommended value is 1 112 | LP_ENABLE_VIRTUALENV=1 113 | 114 | # Show average system temperature 115 | LP_ENABLE_TEMP=1 116 | 117 | # When showing time, use an analog clock instead of numeric values. 118 | # The analog clock is "accurate" to the nearest half hour. 119 | # You must have a unicode-capable terminal and a font with the "CLOCK" 120 | # characters. 121 | # Recommended value is 0 122 | LP_TIME_ANALOG=0 123 | 124 | # Use the liquid prompt as the title of the terminal window 125 | # The content is not customizable, the implementation is very basic, 126 | # and this may not work properly on exotic terminals, thus the 127 | # recommended value is 0 128 | # See LP_TITLE_OPEN and LP_TITLE_CLOSE to change escape characters to adapt this 129 | # feature to your specific terminal. 130 | LP_ENABLE_TITLE=0 131 | 132 | # Enable Title for screen and byobu 133 | LP_ENABLE_SCREEN_TITLE=0 134 | 135 | # Use differents colors for differents hosts you SSH in 136 | LP_ENABLE_SSH_COLORS=1 137 | 138 | # Specify a list of complete and colon (":") separated paths in which, all vcs 139 | # will be disabled 140 | LP_DISABLED_VCS_PATH="" 141 | 142 | # vim: set et sts=4 sw=4 tw=120 ft=sh: 143 | -------------------------------------------------------------------------------- /provisioning/roles/base/files/passwordless-sudo: -------------------------------------------------------------------------------- 1 | %sudo ALL=(ALL) NOPASSWD:ALL 2 | -------------------------------------------------------------------------------- /provisioning/roles/base/files/vimrc: -------------------------------------------------------------------------------- 1 | " activate syntax highlighting and set colors 2 | syntax on 3 | set background=dark 4 | 5 | " jump to the last position when reopening a file 6 | if has("autocmd") 7 | au BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g'\"" | endif 8 | endif 9 | 10 | " load indentation rules and plugins according to the detected filetype. 11 | if has("autocmd") 12 | filetype plugin indent on 13 | endif 14 | 15 | set showcmd " Show (partial) command in status line. 16 | set showmatch " Show matching brackets. 17 | set smartcase " Do smart case matching 18 | set incsearch " Incremental search 19 | set autowrite " Automatically save before commands like :next and :make 20 | set autoread " auto read when file are changed outside 21 | set number " show line numbers 22 | set cursorline " highlight the current line 23 | set autoindent " keep indentation on new line 24 | set nocompatible " break VI compatibility 25 | set ttyfast " smoother redrawing 26 | set scrolloff=3 " keep at least 3 line of context when scrolling 27 | set ruler " show line / column position 28 | 29 | " show more option on completion 30 | set wildmenu wildmode=longest:full,full 31 | 32 | " tab configuration 33 | set expandtab " spaces instead of tabs 34 | set shiftwidth=4 " number of space for indentation 35 | set tabstop=4 " size of a tab 36 | set softtabstop=4 " size of a soft tab 37 | 38 | " command to save the current file as root 39 | :command Wroot %!sudo tee % 40 | -------------------------------------------------------------------------------- /provisioning/roles/base/files/zshrc: -------------------------------------------------------------------------------- 1 | # behold the dragon ! 2 | -------------------------------------------------------------------------------- /provisioning/roles/base/handlers/main.yml: -------------------------------------------------------------------------------- 1 | - name: restart ssh 2 | service: name=ssh state=restarted 3 | become: yes 4 | -------------------------------------------------------------------------------- /provisioning/roles/chrome/defaults/main.yml: -------------------------------------------------------------------------------- 1 | # currently only the latest version is supported 2 | chrome_download_url: https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb 3 | 4 | # The list of supported versions can be found at https://sites.google.com/a/chromium.org/chromedriver/downloads 5 | chromedriver_download_url: https://chromedriver.storage.googleapis.com/2.31/chromedriver_linux64.zip 6 | -------------------------------------------------------------------------------- /provisioning/roles/chrome/meta/main.yml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - { role: xvfb } 3 | -------------------------------------------------------------------------------- /provisioning/roles/chrome/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Install Chrome 2 | apt: deb={{ chrome_download_url }} state=present 3 | become: yes 4 | 5 | - name: Download Chromedriver 6 | get_url: url={{ chromedriver_download_url }} dest=/opt/chromedriver.zip 7 | become: yes 8 | 9 | - name: Create directory for chromedriver 10 | file: path=/opt/chromedriver state=directory 11 | become: yes 12 | 13 | - name: Unzip Chromedriver 14 | unarchive: src=/opt/chromedriver.zip dest=/opt/chromedriver/ creates=/opt/chromedriver/chromedriver 15 | become: yes 16 | 17 | - name: Symlink Chrome 18 | file: state=link src=/opt/chromedriver/chromedriver path=/usr/local/bin/chromedriver 19 | become: yes 20 | -------------------------------------------------------------------------------- /provisioning/roles/composer/defaults/main.yml: -------------------------------------------------------------------------------- 1 | composer: 2 | dir: "/opt/composer" 3 | -------------------------------------------------------------------------------- /provisioning/roles/composer/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: php } 4 | -------------------------------------------------------------------------------- /provisioning/roles/composer/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: create directory for composer 2 | become: yes 3 | file: name={{ composer.dir }} state=directory 4 | 5 | - command: test -f {{ composer.dir }}/composer.phar 6 | register: composer_installed 7 | ignore_errors: yes 8 | 9 | - name: install composer 10 | become: yes 11 | shell: "cd {{ composer.dir }} && curl -sS https://getcomposer.org/installer | php" 12 | when: composer_installed is failed 13 | 14 | - name: upgrade composer 15 | become: yes 16 | shell: "cd {{ composer.dir }} && ./composer.phar self-update" 17 | when: composer_installed is success 18 | 19 | - name: symlink composer in /usr/local/bin 20 | file: src="{{ composer.dir }}/composer.phar" dest=/usr/local/bin/{{ item }} state=link 21 | become: yes 22 | with_items: 23 | - composer 24 | - composer.phar 25 | 26 | - name: add composer binary dir to path 27 | lineinfile: dest=~/.bashrc line='PATH=~/.composer/vendor/bin:$PATH' 28 | -------------------------------------------------------------------------------- /provisioning/roles/django/defaults/main.yml: -------------------------------------------------------------------------------- 1 | django_root: "{{ root_directory }}" 2 | django_use_pipenv: false 3 | django_use_virtualenv: "not {{ django_use_pipenv }}" 4 | -------------------------------------------------------------------------------- /provisioning/roles/django/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: virtualenv, when: django_use_virtualenv } 4 | - { role: pipenv, when: django_use_pipenv } 5 | - { role: nginx, web_directory: "{{ django_root }}", site_template: "django-site.j2", proxy_port: 8000, when: "no_nginx is not defined" } 6 | -------------------------------------------------------------------------------- /provisioning/roles/django/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Actual installation is done in the 'virtualenv' role 3 | 4 | # This role requires either the postgresql or mysql roles to be enabled 5 | # Please note that Python 3 compatibility is only supported since jessie 6 | 7 | # Gettext is used by Django's compilemessages 8 | - name: ensure gettext is installed 9 | apt: pkg=gettext state=latest 10 | become: yes 11 | 12 | - name: create the local environement directory 13 | file: path={{ django_root }}/envdir state=directory 14 | 15 | - name: fill in DATABASE_URL setting 16 | copy: "dest={{ django_root }}/envdir/DATABASE_URL content={{ database_type }}://{{ database_user }}:{{ database_user }}@localhost/{{ database_name }}" 17 | when: database_type is defined 18 | 19 | - name: fill in ALLOWED_HOSTS setting 20 | template: 21 | src: allowed_hosts.j2 22 | dest: "{{ django_root }}/envdir/ALLOWED_HOSTS" 23 | 24 | - name: migrate 25 | command: "{{ env_root }}/bin/python {{ django_root }}/manage.py migrate --noinput" 26 | when: database_type is defined and django_use_virtualenv 27 | 28 | - name: migrate 29 | command: "pipenv run {{ django_root }}/manage.py migrate --noinput" 30 | when: database_type is defined and django_use_pipenv 31 | 32 | - name: download Django bash completion file 33 | get_url: 34 | url: https://raw.githubusercontent.com/django/django/master/extras/django_bash_completion 35 | dest: ~/.django_bash_completion 36 | 37 | - name: enable Django bash completion 38 | lineinfile: dest=~/.bashrc line='. ~/.django_bash_completion' 39 | -------------------------------------------------------------------------------- /provisioning/roles/django/templates/allowed_hosts.j2: -------------------------------------------------------------------------------- 1 | {{ hostname }} 2 | {% for host in hostnames %} 3 | {{ host }} 4 | {% endfor %} 5 | -------------------------------------------------------------------------------- /provisioning/roles/elasticsearch/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: java } 4 | -------------------------------------------------------------------------------- /provisioning/roles/elasticsearch/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Install Elasticsearch APT key 2 | apt_key: url=https://packages.elastic.co/GPG-KEY-elasticsearch 3 | become: yes 4 | 5 | - name: Install Elasticsearch APT repository 6 | apt_repository: repo='deb http://packages.elastic.co/elasticsearch/2.x/debian stable main' state=present update_cache=yes 7 | become: yes 8 | 9 | - name: Install elasticsearch 10 | apt: pkg=elasticsearch state=present 11 | become: yes 12 | 13 | - name: Set elasticsearch to be bound to network interface 0.0.0.0 14 | lineinfile: "dest=/etc/elasticsearch/elasticsearch.yml regexp=^network.host:(.)+$ line='network.host: 0.0.0.0' state=present" 15 | become: yes 16 | 17 | - name: Enable elasticsearch service 18 | service: name=elasticsearch state=started enabled=yes 19 | become: yes 20 | 21 | - name: Install elasticsearch-head plugin 22 | command: /usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head creates=/usr/share/elasticsearch/plugins/head 23 | become: yes -------------------------------------------------------------------------------- /provisioning/roles/firefox/defaults/main.yml: -------------------------------------------------------------------------------- 1 | # default version 2 | firefox_version: latest 3 | -------------------------------------------------------------------------------- /provisioning/roles/firefox/meta/main.yml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - { role: xvfb } 3 | -------------------------------------------------------------------------------- /provisioning/roles/firefox/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Install Firefox dependencies 2 | apt: 3 | pkg: "{{ firefox_dependencies }}" 4 | state: present 5 | become: yes 6 | 7 | - name: Download latest Firefox 8 | get_url: url={{ firefox_latest_url }} dest=/opt/firefox.tar.bz2 9 | become: yes 10 | when: firefox_version == 'latest' 11 | 12 | - name: Download Firefox {{ firefox_version }} 13 | get_url: url={{ firefox_download_url }} dest=/opt/firefox.tar.bz2 14 | become: yes 15 | when: firefox_version != 'latest' 16 | 17 | - name: Unpack Firefox 18 | unarchive: src=/opt/firefox.tar.bz2 dest=/opt/ copy=no creates=/opt/firefox/ 19 | become: yes 20 | 21 | - name: Create Firefox Symlinks 22 | file: state=link src=/opt/firefox/firefox path=/usr/local/bin/firefox 23 | become: yes 24 | 25 | - name: Download geckodriver {{ geckodriver_version }} 26 | get_url: url={{ geckodriver_download_url }} dest=/opt/geckodriver-{{ geckodriver_version }}.tar.gz 27 | become: yes 28 | 29 | - name: Make directory for geckodriver 30 | file: path=/opt/geckodriver-{{ geckodriver_version }} state=directory 31 | become: yes 32 | 33 | - name: Unpack Geckodriver 34 | unarchive: src=/opt/geckodriver-{{ geckodriver_version }}.tar.gz dest=/opt/geckodriver-{{ geckodriver_version }}/ copy=no 35 | become: yes 36 | 37 | - name: Create Geckodriver Symlinks 38 | file: state=link src=/opt/geckodriver-{{ geckodriver_version }}/geckodriver path=/usr/local/bin/geckodriver 39 | become: yes 40 | -------------------------------------------------------------------------------- /provisioning/roles/firefox/vars/main.yml: -------------------------------------------------------------------------------- 1 | firefox_dependencies: 2 | - libgtk-3-0 3 | - libdbus-glib-1-2 4 | 5 | # This URL downloads the latest version 6 | firefox_latest_url: https://download.mozilla.org/?product=firefox-latest&os=linux64&lang=en-US 7 | 8 | # This URL is used for a specific version download 9 | firefox_download_url: https://ftp.mozilla.org/pub/firefox/releases/{{ firefox_version }}/linux-x86_64/en-US/firefox-{{ firefox_version }}.tar.bz2 10 | 11 | geckodriver_version: 0.18.0 12 | 13 | geckodriver_download_url: https://github.com/mozilla/geckodriver/releases/download/v{{ geckodriver_version }}/geckodriver-v{{ geckodriver_version }}-linux64.tar.gz 14 | 15 | -------------------------------------------------------------------------------- /provisioning/roles/git/defaults/main.yml: -------------------------------------------------------------------------------- 1 | fancy_diff: true 2 | sync_git_with_host: false 3 | -------------------------------------------------------------------------------- /provisioning/roles/git/files/gitconfig: -------------------------------------------------------------------------------- 1 | [core] 2 | excludesfile = ~/.gitglobalignore 3 | attributesFile = ~/.gitglobalattributes 4 | pager = diff-highlight | less 5 | 6 | [credential] 7 | helper = cache 8 | 9 | [help] 10 | autocorrect = 1 11 | 12 | [diff] 13 | noprefix = true 14 | 15 | [rebase] 16 | autosquash = true 17 | 18 | [color] 19 | ui = true 20 | [color "diff"] 21 | meta = yellow 22 | frag = magenta 23 | commit = cyan bold 24 | [color "status"] 25 | added = green 26 | changed = yellow 27 | untracked = red 28 | [color "diff-highlight"] 29 | oldNormal = "red bold" 30 | oldHighlight = "red bold 52" 31 | newNormal = "green bold" 32 | newHighlight = "green bold 22" 33 | 34 | [alias] 35 | graph = log --graph --oneline --decorate --date-order --color --boundary --all # graph of the history 36 | releases = log --decorate --oneline --simplify-by-decoration --all # list all releases on the branch 37 | 38 | update = merge --ff-only @{u} # perform a ff-only-merge 39 | up = "!git update" # short for update 40 | 41 | out = log @{u}.. # outgoing changes 42 | 43 | st = status -s # short for status 44 | 45 | fix = commit --fixup HEAD # fixup the last commmit 46 | fixup = commit --fixup # fixup a commit in the history (need a revision) 47 | squash = commit --squash # squash a commit in the history (need a revision) 48 | ri = rebase --interactive # interactive rebase 49 | pushf = push --force-with-lease 50 | 51 | addnw = !sh -c 'git diff -w --no-color "$@" | git apply --cached --ignore-whitespace' - # add non whitespace changed to the index 52 | 53 | show-merged = !sh -c 'git branch -r --merged | grep -v $(git rev-parse --abbrev-ref HEAD) | sed "s/origin.//"' - 54 | delete-merged = !sh -c 'git branch -r --merged | grep -v $(git rev-parse --abbrev-ref HEAD) | sed "s/origin.//" | xargs -n 1 git push --delete origin' - 55 | 56 | [branch] 57 | autosetupmerge = always 58 | [merge] 59 | defaultToUpstream = true 60 | [fetch] 61 | prune = true 62 | 63 | [diff "exif"] 64 | binary = true 65 | textconv = exiftool 66 | [diff "css"] 67 | xfuncname = "^([a-zA-Z#.@][^\\}]*)$" 68 | [diff "javascript"] 69 | xfuncname = "^\\s*(.*?\\bfunction\\b.*?\\(.*?\\))" 70 | -------------------------------------------------------------------------------- /provisioning/roles/git/files/gitglobalattributes: -------------------------------------------------------------------------------- 1 | *.tex diff=tex 2 | *.bib diff=bibtex 3 | 4 | *.c diff=cpp 5 | *.h diff=cpp 6 | *.c++ diff=cpp 7 | *.h++ diff=cpp 8 | *.cpp diff=cpp 9 | *.hpp diff=cpp 10 | *.cc diff=cpp 11 | *.hh diff=cpp 12 | *.m diff=matlab 13 | *.py diff=python 14 | *.rb diff=ruby 15 | *.php diff=php 16 | *.pl diff=perl 17 | *.html diff=html 18 | *.xhtml diff=html 19 | *.f diff=fortran 20 | *.js diff=javascript 21 | 22 | *.png diff=exif 23 | *.jpg diff=exif 24 | *.jpeg diff=exif 25 | *.gif diff=exif 26 | -------------------------------------------------------------------------------- /provisioning/roles/git/files/gitglobalignore: -------------------------------------------------------------------------------- 1 | .vagrant 2 | 3 | .idea 4 | .phpstorm_helpers 5 | .pycharm_helpers 6 | phpunit.xml 7 | atlassian-ide-plugin.xml 8 | 9 | nohup.out 10 | 11 | *.iml 12 | *.sqlite 13 | *.swp 14 | *.swo 15 | -------------------------------------------------------------------------------- /provisioning/roles/git/tasks/fancy-diff.yml: -------------------------------------------------------------------------------- 1 | - name: clone diff-so-fancy 2 | git: repo=https://github.com/so-fancy/diff-so-fancy.git dest=/tmp/fancy-diff version=v0.11.1 3 | 4 | - name: copy files to /usr/local/bin 5 | command: cp -rf /tmp/fancy-diff/{{ item }} /usr/local/bin/ 6 | with_items: 7 | - third_party/diff-highlight/diff-highlight 8 | - libexec 9 | - diff-so-fancy 10 | become: yes 11 | 12 | - name: make sure files are executable 13 | command: chmod a+x /usr/local/bin/{{ item }} 14 | with_items: 15 | - diff-highlight 16 | - diff-so-fancy 17 | become: yes 18 | 19 | - name: activate fancy-diff 20 | command: git config --system pager.{{ item }} "diff-so-fancy | less --tabs=4 -RFX" 21 | with_items: 22 | - diff 23 | - show 24 | become: yes 25 | -------------------------------------------------------------------------------- /provisioning/roles/git/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: install git and utilities 2 | apt: 3 | state: latest 4 | pkg: 5 | - git 6 | - libimage-exiftool-perl 7 | become: yes 8 | 9 | - name: install default git config system wide 10 | copy: 11 | src: gitconfig 12 | dest: /etc/gitconfig 13 | become: yes 14 | 15 | - name: install global ignore and attributes file 16 | copy: 17 | src: "{{ item }}" 18 | dest: "~/.{{ item }}" 19 | loop: 20 | - gitglobalignore 21 | - gitglobalattributes 22 | 23 | - name: get git username from synced config 24 | shell: git config --file ~/.gitconfig-host user.name 25 | register: git_username 26 | ignore_errors: yes 27 | 28 | - name: get git email from synced config 29 | shell: git config --file ~/.gitconfig-host user.email 30 | register: git_email 31 | ignore_errors: yes 32 | 33 | - name: set box git username 34 | git_config: 35 | name: user.name 36 | value: "{{ git_username.stdout }}" 37 | scope: system 38 | become: yes 39 | 40 | - name: set box git email 41 | git_config: 42 | name: user.email 43 | value: "{{ git_email.stdout }}" 44 | scope: system 45 | become: yes 46 | 47 | - stat: path=/usr/local/bin/diff-so-fancy 48 | register: fancy_diff_file 49 | 50 | - include: fancy-diff.yml 51 | when: fancy_diff and not (fancy_diff_file.stat.exists is defined and fancy_diff_file.stat.exists) 52 | 53 | - name: install synced git config 54 | file: 55 | src: ~/.gitconfig-host 56 | dest: ~/.gitconfig 57 | state: link 58 | force: yes 59 | when: sync_git_with_host 60 | -------------------------------------------------------------------------------- /provisioning/roles/gitlabci/defaults/main.yml: -------------------------------------------------------------------------------- 1 | ci_scripts_folder: scripts/ -------------------------------------------------------------------------------- /provisioning/roles/gitlabci/files/run_tests.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # don't delete this line, or copy that content and adjust it 4 | . ./virtualization/drifter/ci/test-header.sh 5 | 6 | # write here your test scripts and initialization stuff 7 | 8 | echo "No tests configured yet! Please adjust $0" 9 | 10 | 11 | # eg for PHP/composer 12 | 13 | ## export COMPOSER_CACHE_DIR=${PROJECTS_CACHE_DIR}/composer_cache 14 | 15 | ## echo "- Install dependencies" 16 | ## composer.phar install --no-interaction; 17 | ## echo "- Run phpunit" 18 | ## bin/phpunit -c app ; 19 | 20 | # end custom scripts 21 | 22 | # don't delete this line, or copy that content and adjust it 23 | . ./virtualization/drifter/ci/test-footer.sh 24 | 25 | -------------------------------------------------------------------------------- /provisioning/roles/gitlabci/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: install gitlab-ci.yml 2 | template: src=gitlab-ci.yml dest=/vagrant/.gitlab-ci.yml force=no 3 | 4 | - name: create ci scripts directory 5 | file: path=/vagrant/{{ ci_scripts_folder }} state=directory mode=0755 6 | 7 | - name: install run_tests.sh 8 | copy: src=run_tests.sh dest=/vagrant/{{ ci_scripts_folder }}run_tests.sh force=no mode=0755 9 | 10 | - name: install gitlabci.sh 11 | template: src=gitlabci.sh dest=/vagrant/{{ ci_scripts_folder }}gitlabci.sh force=no mode=0755 12 | 13 | - name: install provisionbuild.dat 14 | shell: date +%Y%m%d%H%M%S > virtualization/provisionbuild.dat 15 | args: 16 | chdir: /vagrant/ 17 | creates: virtualization/provisionbuild.dat 18 | 19 | -------------------------------------------------------------------------------- /provisioning/roles/gitlabci/templates/gitlab-ci.yml: -------------------------------------------------------------------------------- 1 | before_script: 2 | - mkdir -p ../${PWD##*/}.vagrant 3 | - ln -s ../${PWD##*/}.vagrant .vagrant 4 | 5 | variables: 6 | VAGRANT_DEFAULT_PROVIDER: lxc 7 | 8 | # uncomment this, if you want to cache some stuff between runs 9 | # cache: 10 | # paths: 11 | # - vendor/ 12 | # - bin/ 13 | # key: sharedcache 14 | 15 | tests: 16 | tags: 17 | - shell 18 | - lxc 19 | script: "bash {{ ci_scripts_folder }}gitlabci.sh" 20 | -------------------------------------------------------------------------------- /provisioning/roles/gitlabci/templates/gitlabci.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | export CI_TEST_SCRIPT={{ ci_scripts_folder }}run_tests.sh 4 | 5 | # if you don't want to use a global cache dir which is used 6 | # across all projects (even not your own), disable .this 7 | # can for example be used with php composer cache 8 | 9 | export DO_GLOBAL_PROJECTS_CACHE=true 10 | 11 | echo "- Update submodules" 12 | git submodule update --init 13 | 14 | export VIRTUALBOX_NAME=$1 15 | 16 | ./virtualization/drifter/ci/start.sh 17 | -------------------------------------------------------------------------------- /provisioning/roles/gulp/defaults/main.yml: -------------------------------------------------------------------------------- 1 | gulp_directory: "{{ root_directory }}" 2 | gulp_create_config: true 3 | gulp_use_webpack: true 4 | gulp_use_purescript: false 5 | gulp_browserslist: 6 | - Last 2 versions 7 | - IE 11 8 | -------------------------------------------------------------------------------- /provisioning/roles/gulp/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: nodejs, nodejs_package_json_template: package.json.gulp.j2 } 4 | -------------------------------------------------------------------------------- /provisioning/roles/gulp/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Create Gulpfile.js if non-existent 2 | template: src=Gulpfile.js dest={{ gulp_directory }}/Gulpfile.js force=no 3 | 4 | - name: Create Gulp config file 5 | template: src=gulp.config.js dest={{ gulp_directory }}/gulp.config.js force=no 6 | when: gulp_create_config 7 | 8 | - name: Create webpack.config.js 9 | template: src=webpack.config.js dest={{ gulp_directory }}/webpack.config.js force=no 10 | when: gulp_use_webpack 11 | 12 | - name: Install Gulp globally 13 | npm: name=gulp global=yes 14 | become: yes 15 | 16 | - name: Install PureScript globally 17 | npm: name=purescript global=yes 18 | become: yes 19 | when: gulp_use_purescript 20 | -------------------------------------------------------------------------------- /provisioning/roles/gulp/templates/Gulpfile.js: -------------------------------------------------------------------------------- 1 | /* eslint-env node */ 2 | /*----------------------------------------*\ 3 | DRIFTER GULPFILE 4 | Version 1.1.0 5 | \*----------------------------------------*/ 6 | 7 | const config = require('./gulp.config.js'); 8 | const gulp = require('gulp'); 9 | const $ = require('gulp-load-plugins')(); 10 | const browserSync = require('browser-sync').create(); 11 | const reload = browserSync.reload; 12 | {% if gulp_use_webpack %} 13 | const webpackConfig = require('./webpack.config.js'); 14 | const webpack = require('webpack')(webpackConfig); 15 | const stripAnsi = require('strip-ansi'); 16 | {% endif %} 17 | 18 | /*----------------------------------------*\ 19 | TASKS 20 | \*----------------------------------------*/ 21 | 22 | /** 23 | * Watching files for changes 24 | */ 25 | gulp.task('watch', ['build'], () => { 26 | browserSync.init(config.browserSync); 27 | 28 | gulp.watch(config.src.sass, ['sass']); 29 | gulp.watch(config.src.templates, reload); 30 | {% if gulp_use_webpack %} 31 | gulp.watch(config.src.javascripts, ['webpack']); 32 | {% endif %} 33 | }); 34 | 35 | /** 36 | * Compile Sass to CSS 37 | * Add vendor prefixes with Autoprefixer 38 | * Write sourcemaps in dev mode 39 | */ 40 | gulp.task('sass', () => { 41 | return gulp.src(config.src.sass) 42 | .pipe($.if(!config.optimize, $.sourcemaps.init())) 43 | .pipe( 44 | $.sass(config.sass) 45 | .on('error', error => { 46 | browserSync.sockets.emit('fullscreen:message', { 47 | title: 'Sass compilation error', 48 | body: error.message, 49 | }); 50 | $.sass.logError.apply(this, arguments); 51 | }) 52 | .on('data', () => { 53 | browserSync.sockets.emit('fullscreen:message:clear'); 54 | }) 55 | ) 56 | .pipe($.autoprefixer(config.autoprefixer)) 57 | .pipe($.if(!config.optimize, $.sourcemaps.write('.'))) 58 | .pipe(gulp.dest(config.dest.css)) 59 | .pipe(browserSync.stream({ match: '**/*.css' })); 60 | }); 61 | 62 | {% if gulp_use_webpack %} 63 | /** 64 | * Bundle JavaScript modules 65 | */ 66 | gulp.task('webpack', done => { 67 | webpack.run((error, stats) => { 68 | if (stats.hasErrors() || stats.hasWarnings()) { 69 | browserSync.sockets.emit('fullscreen:message', { 70 | title: 'WebPack compilation error', 71 | body: stripAnsi(stats.toString()), 72 | timeout: 100000, 73 | }); 74 | $.util.log('[webpack]', stats.toString()); 75 | } else { 76 | browserSync.sockets.emit('fullscreen:message:clear'); 77 | reload(); 78 | } 79 | done(); 80 | }); 81 | }); 82 | {% endif %} 83 | 84 | /** 85 | * Optimize images 86 | */ 87 | gulp.task('images', () => { 88 | return gulp.src(config.src.images) 89 | .pipe($.imagemin({ 90 | progressive: true, 91 | svgoPlugins: [{ 92 | removeViewBox: false, 93 | }], 94 | })) 95 | .pipe(gulp.dest(config.dest.images)); 96 | }); 97 | 98 | gulp.task('build', [{% if gulp_use_webpack %}'webpack', {% endif %}'sass']); 99 | gulp.task('default', ['watch']); 100 | -------------------------------------------------------------------------------- /provisioning/roles/gulp/templates/gulp.config.js: -------------------------------------------------------------------------------- 1 | /* eslint-env node */ 2 | const argv = require('yargs').argv; 3 | 4 | module.exports = { 5 | optimize: argv.production, 6 | src: { 7 | sass: 'static/sass/**/*.scss', 8 | images: 'static/images/**/*.{gif,jpg,jpeg,png,svg}', 9 | javascripts: 'static/javascripts/**/*.js', 10 | templates: '**/*.html', 11 | }, 12 | dest: { 13 | css: 'static/stylesheets', 14 | images: 'static/images', 15 | }, 16 | browserSync: { 17 | proxy: '{{ hostname }}', 18 | {% if ssl|default(false) and ssl_key_file is defined and ssl_cert_file is defined %} 19 | https: { 20 | key: '{{ ssl_key_file }}', 21 | cert: '{{ ssl_cert_file }}', 22 | }, 23 | {% endif %} 24 | open: false, 25 | notify: false, 26 | plugins: ['bs-pretty-message'], 27 | }, 28 | sass: { 29 | outputStyle: 'compressed', 30 | }, 31 | autoprefixer: { 32 | cascade: false, 33 | }, 34 | }; 35 | -------------------------------------------------------------------------------- /provisioning/roles/gulp/templates/webpack.config.js: -------------------------------------------------------------------------------- 1 | /* eslint-env node */ 2 | const path = require('path'); 3 | const webpack = require('webpack'); 4 | const config = require('./gulp.config.js'); 5 | 6 | const webpackConfig = { 7 | resolve: { 8 | modules: [ 9 | path.resolve(__dirname, 'static/javascripts'), 10 | 'node_modules' 11 | ], 12 | extensions: ['.js'{% if gulp_use_purescript %}, '.purs'{% endif %}] 13 | }, 14 | entry: './static/javascripts/index.js', 15 | output: { 16 | path: path.resolve(__dirname, 'static/javascripts'), 17 | filename: 'bundle.js', 18 | }, 19 | module: { 20 | rules: [ 21 | {% if gulp_use_purescript %} 22 | { 23 | test: /\.purs$/, 24 | exclude: /node_modules/, 25 | loader: 'purs-loader', 26 | options: { 27 | psc: 'psa', 28 | pscArgs: { sourceMaps: true }, 29 | pscIde: true, 30 | src: ['bower_components/purescript-*/src/**/*.purs', 'src/**/*.purs'], 31 | }, 32 | }, 33 | {% endif %} 34 | { 35 | test: /\.js$/, 36 | exclude: /node_modules/, 37 | loader: 'babel-loader', 38 | options: { 39 | presets: [ 40 | ['env', { 41 | targets: { 42 | browsers: {{ gulp_browserslist | to_json }}, 43 | }, 44 | }], 45 | ], 46 | }, 47 | }, 48 | ], 49 | }, 50 | }; 51 | 52 | if (config.optimize) { 53 | webpackConfig.plugins = [ 54 | new webpack.DefinePlugin({ 55 | 'process.env': { 56 | NODE_ENV: JSON.stringify('production'), 57 | }, 58 | }), 59 | new webpack.optimize.UglifyJsPlugin({ 60 | comments: false, 61 | }), 62 | ]; 63 | } else { 64 | webpackConfig.devtool = 'cheap-module-source-map'; 65 | } 66 | 67 | module.exports = webpackConfig; 68 | -------------------------------------------------------------------------------- /provisioning/roles/java/defaults/main.yml: -------------------------------------------------------------------------------- 1 | java_jre_version: "7" 2 | java_jre_package: "openjdk-{{ java_jre_version }}-jre" 3 | -------------------------------------------------------------------------------- /provisioning/roles/java/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: ensure Java Runtime Environment is installed 2 | apt: pkg={{ java_jre_package }} state=present 3 | become: yes 4 | -------------------------------------------------------------------------------- /provisioning/roles/jdk/defaults/main.yml: -------------------------------------------------------------------------------- 1 | java_jdk_version: "7" 2 | java_jdk_package: "openjdk-{{ java_jdk_version }}-jdk" 3 | -------------------------------------------------------------------------------- /provisioning/roles/jdk/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: ensure Java Development Kit (with JRE) is installed 2 | apt: pkg={{ java_jdk_package }} state=present 3 | become: yes 4 | -------------------------------------------------------------------------------- /provisioning/roles/logstash/defaults/main.yml: -------------------------------------------------------------------------------- 1 | logstash_version: 2.3 2 | -------------------------------------------------------------------------------- /provisioning/roles/logstash/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: java } 4 | -------------------------------------------------------------------------------- /provisioning/roles/logstash/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Install logstash APT key 2 | apt_key: url=https://packages.elastic.co/GPG-KEY-elasticsearch 3 | become: yes 4 | 5 | - name: Install logstash APT repository 6 | apt_repository: repo='deb http://packages.elastic.co/logstash/{{ logstash_version}}/debian stable main' state=present update_cache=yes 7 | become: yes 8 | 9 | - name: Install logstash 10 | apt: pkg=logstash state=present 11 | become: yes 12 | 13 | - name: Enable logstash service 14 | service: name=logstash state=started enabled=yes 15 | become: yes 16 | -------------------------------------------------------------------------------- /provisioning/roles/maven/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: ensure Maven is installed 2 | apt: pkg=maven state=present 3 | become: yes 4 | -------------------------------------------------------------------------------- /provisioning/roles/memcached/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: ensure memcached is installed 2 | apt: pkg=memcached state=present 3 | become: yes 4 | 5 | -------------------------------------------------------------------------------- /provisioning/roles/mysql/defaults/main.yml: -------------------------------------------------------------------------------- 1 | database_user: "{{ database_name }}" 2 | database_password: "{{ database_name }}" 3 | mysql_version: 5.7 4 | mysql_apt_config_version: 0.8.12-1 5 | mysql_character_set: latin1 6 | mysql_collation: latin1_swedish_ci 7 | -------------------------------------------------------------------------------- /provisioning/roles/mysql/handlers/main.yml: -------------------------------------------------------------------------------- 1 | - name: restart mysql 2 | service: 3 | name: mysql 4 | state: restarted 5 | become: yes 6 | -------------------------------------------------------------------------------- /provisioning/roles/mysql/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - set_fact: 2 | database_type: mysql 3 | when: database_type is not defined 4 | 5 | - name: get installed mysql version 6 | shell: "mysqld --version 2>/dev/null | grep -o 'Ver [0-9]\\.[0-9]' | cut -d' ' -f2" 7 | register: mysql_installed_version 8 | failed_when: false 9 | changed_when: false 10 | become: yes 11 | 12 | - name: ensure old packages are uninstalled 13 | apt: 14 | pkg: 15 | - mysql-common 16 | - mysql-client 17 | - mysql-server 18 | - mysql-community-client 19 | - mysql-community-server 20 | - python-mysqldb 21 | - libmysqlclient-dev 22 | state: absent 23 | register: mysql_package_uninstallation 24 | when: mysql_installed_version.stdout_lines[0] | default(0) != mysql_version 25 | become: yes 26 | 27 | - name: ensure mysql upstream repository package is configured 28 | debconf: 29 | name: mysql-apt-config 30 | question: "mysql-apt-config/{{ item.question }}" 31 | value: "{{ item.value }}" 32 | vtype: "{{ item.vtype | default ('select') }}" 33 | with_items: 34 | - question: repo-distro 35 | value: "{{ ansible_distribution | lower }}" 36 | - question: repo-codename 37 | value: "{{ ansible_distribution_release }}" 38 | - question: select-server 39 | value: "mysql-{{ mysql_version }}" 40 | become: yes 41 | 42 | - name: ensure mysql-server package is configured 43 | debconf: 44 | name: mysql-community-server 45 | question: "mysql-community-server/{{ item.question }}" 46 | value: "{{ item.value }}" 47 | vtype: "{{ item.vtype | default ('password') }}" 48 | with_items: 49 | - question: root-pass 50 | value: root 51 | - question: re-root-pass 52 | value: root 53 | become: yes 54 | 55 | - name: check if mysql upstream repository is already installed 56 | command: dpkg-query -f '${Version}' -W mysql-apt-config 57 | register: mysql_apt_config_check_deb 58 | failed_when: mysql_apt_config_check_deb.rc > 1 59 | changed_when: mysql_apt_config_check_deb.rc == 1 or mysql_apt_config_version is version_compare(mysql_apt_config_check_deb.stdout, '>') 60 | become: yes 61 | 62 | - name: ensure mysql upstream repository package is downloaded 63 | get_url: 64 | url: http://dev.mysql.com/get/mysql-apt-config_{{mysql_apt_config_version}}_all.deb 65 | dest: /root/mysql-apt-config.deb 66 | when: mysql_apt_config_check_deb is changed 67 | become: yes 68 | 69 | - name: ensure mysql upstream repository is installed 70 | apt: 71 | deb: /root/mysql-apt-config.deb 72 | environment: 73 | DEBIAN_FRONTEND: noninteractive 74 | register: mysql_upstream_repository_installation 75 | when: mysql_apt_config_check_deb is changed 76 | become: yes 77 | 78 | - name: ensure mysql upstream repository package is removed 79 | file: 80 | path: /root/mysql-apt-config.deb 81 | state: absent 82 | when: mysql_apt_config_check_deb is changed 83 | become: yes 84 | 85 | - name: ensure mysql repository package is re-configured 86 | shell: "DEBIAN_FRONTEND=noninteractive dpkg-reconfigure --frontend noninteractive mysql-apt-config" 87 | when: mysql_package_uninstallation is defined and mysql_package_uninstallation is changed 88 | become: yes 89 | 90 | - name: ensure apt cache is updated 91 | apt: 92 | update_cache: yes 93 | changed_when: false 94 | when: (mysql_upstream_repository_installation is defined and mysql_upstream_repository_installation is changed) or (mysql_package_uninstallation is defined and mysql_package_uninstallation is changed) 95 | become: yes 96 | 97 | - name: ensure packages are installed 98 | apt: 99 | pkg: 100 | - mysql-client 101 | - mysql-server 102 | - python-mysqldb 103 | - libmysqlclient-dev 104 | become: yes 105 | 106 | - name: create my.cnf config for root 107 | template: 108 | src: my.cnf.j2 109 | dest: /root/.my.cnf 110 | become: yes 111 | 112 | - name: create my.cnf config for user 113 | template: 114 | src: my.cnf.j2 115 | dest: ~/.my.cnf 116 | 117 | - name: ensure mysql is started 118 | service: 119 | name: mysql 120 | state: started 121 | enabled: yes 122 | become: yes 123 | 124 | - name: ensure mysql data is upgraded 125 | command: mysql_upgrade 126 | register: mysql_upgrade 127 | failed_when: mysql_upgrade.rc != 0 and mysql_upgrade.stdout.find('already upgraded') == -1 128 | changed_when: mysql_upgrade.stdout.find('already upgraded') == -1 129 | become: yes 130 | 131 | - name: create database user 132 | mysql_user: 133 | name: "{{ database_user }}" 134 | password: "{{ database_password }}" 135 | priv: "*.*:ALL,GRANT" 136 | become: yes 137 | 138 | - name: create database 139 | mysql_db: 140 | name: "{{ database_name }}" 141 | encoding: "{{ mysql_character_set }}" 142 | collation: "{{ mysql_collation }}" 143 | become: yes 144 | -------------------------------------------------------------------------------- /provisioning/roles/mysql/templates/my.cnf.j2: -------------------------------------------------------------------------------- 1 | [client] 2 | user=root 3 | password=root 4 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/defaults/main.yml: -------------------------------------------------------------------------------- 1 | # vhost name 2 | vhost: "{{ hostname }}" 3 | # template to use 4 | site_template: default-site.j2 5 | # activate SSL ? 6 | ssl: false 7 | 8 | # index file 9 | index: false 10 | # web directory 11 | web_directory: "{{ root_directory }}" 12 | # port on which nginx is listening 13 | port: 80 14 | 15 | # django related config 16 | static_host: false 17 | static_dir: false 18 | static_fs_dir: "" 19 | expire_time: 6h # expire time of static files 20 | 21 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/handlers/main.yml: -------------------------------------------------------------------------------- 1 | - name: restart nginx 2 | service: name=nginx state=restarted 3 | become: yes 4 | 5 | - name: reload nginx 6 | service: name=nginx state=reloaded 7 | become: yes 8 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: ssl, when: ssl } 4 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - set_fact: vhost_counter={{ vhost_counter | int + 1 }} 2 | 3 | - name: install nginx 4 | apt: pkg=nginx state=latest 5 | become: yes 6 | 7 | - name: create partials directory 8 | file: name=/etc/nginx/conf.d/partials state=directory 9 | become: yes 10 | 11 | - include_vars: "{{ item }}" 12 | with_first_found: 13 | - "{{ ansible_distribution }}-php-{{ php_version_installed }}.yml" 14 | - "default-php-{{ php_version_installed | int }}.x.yml" 15 | - "default-php.yml" 16 | when: "php_version_installed is defined" 17 | 18 | - name: install partials for php 19 | template: src=_php_fpm.conf dest=/etc/nginx/conf.d/partials/_php_fpm.conf 20 | become: yes 21 | when: "php_version_installed is defined" 22 | 23 | - name: remove default vhost 24 | file: name=/etc/nginx/sites-{{ item }}/default state=absent 25 | become: yes 26 | with_items: 27 | - enabled 28 | - available 29 | notify: reload nginx 30 | 31 | - name: create vhost config 32 | template: src={{ site_template }} dest=/etc/nginx/sites-available/{{ vhost }} 33 | become: yes 34 | 35 | - name: enable vhost 36 | file: src=/etc/nginx/sites-available/{{ vhost }} dest=/etc/nginx/sites-enabled/{{ '%04d'|format(vhost_counter|int) }}-{{ vhost }} state=link 37 | become: yes 38 | notify: reload nginx 39 | 40 | - name: make sure nginx starts at boot 41 | service: name=nginx enabled=yes 42 | become: yes 43 | notify: restart nginx 44 | 45 | - meta: flush_handlers 46 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/templates/_php_fpm.conf: -------------------------------------------------------------------------------- 1 | fastcgi_index index.php; 2 | fastcgi_pass unix:{{ fpm_socket }}; 3 | include fastcgi_params; 4 | 5 | fastcgi_split_path_info ^((?U).+\.php)(/?.+)$; 6 | 7 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 8 | fastcgi_param PATH_INFO $fastcgi_path_info; 9 | fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; 10 | fastcgi_param SCRIPT_NAME $fastcgi_script_name; 11 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/templates/default-site.j2: -------------------------------------------------------------------------------- 1 | {% block extra_server_top %} 2 | {% endblock %} 3 | 4 | server { 5 | listen {{ port }}; 6 | server_name {{ hostname }} {% for hostname in hostnames %}{{ hostname }} {% endfor %}; 7 | 8 | access_log /var/log/nginx/{{ vhost }}.access.log; 9 | error_log /var/log/nginx/{{ vhost }}.error.log; 10 | 11 | client_max_body_size 0; 12 | 13 | root {{ web_directory }}; 14 | {% block index %} 15 | {% if index %} 16 | index {{ index }}; 17 | {% endif %} 18 | {% endblock %} 19 | 20 | {% block extra %} 21 | {% endblock %} 22 | } 23 | 24 | {% if ssl %} 25 | server { 26 | listen 443; 27 | 28 | ssl on; 29 | ssl_certificate_key {{ ssl_key_file }}; 30 | ssl_certificate {{ ssl_cert_file }}; 31 | 32 | server_name {{ hostname }} {% for hostname in hostnames %}{{ hostname }} {% endfor %}; 33 | 34 | access_log /var/log/nginx/{{ hostname }}.access.log; 35 | error_log /var/log/nginx/{{ hostname }}.error.log; 36 | 37 | root {{ web_directory }}; 38 | {% if index %} 39 | index {{ self.index() }} 40 | {% endif %} 41 | 42 | {{ self.extra() }} 43 | } 44 | {% endif %} 45 | 46 | {% block extra_server %} 47 | {% endblock %} 48 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/templates/django-site.j2: -------------------------------------------------------------------------------- 1 | {% extends "default-site.j2" %} 2 | 3 | {% block extra %} 4 | {{ super() }} 5 | 6 | location / { 7 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 8 | proxy_set_header Host $http_host; 9 | proxy_redirect off; 10 | proxy_pass http://localhost:{{ proxy_port | default(8000) }}; 11 | } 12 | 13 | {% if static_dir %} 14 | location {{ static_dir }} { 15 | root {{ static_fs_dir }} 16 | expires {{ expire_time }}; 17 | } 18 | {% endif %} 19 | {% endblock %} 20 | 21 | {% block extra_server %} 22 | {% if static_host %} 23 | server { 24 | server_name {{ static_host }}; 25 | root {{ static_fs_dir }}; 26 | } 27 | 28 | {% if ssl %} 29 | server { 30 | listen 443; 31 | 32 | ssl on; 33 | ssl_certificate_key {{ ssl_key_file }}; 34 | ssl_certificate {{ ssl_cert_file }}; 35 | 36 | server_name {{ static_host }}; 37 | root {{ static_fs_dir }}; 38 | } 39 | {% endif %} 40 | {% endif %} 41 | {% endblock %} 42 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/templates/drupal6-site.j2: -------------------------------------------------------------------------------- 1 | {% extends "php-site.j2" %} 2 | 3 | {% block extra %} 4 | {{ super() }} 5 | 6 | # Inspired from https://www.nginx.com/resources/wiki/start/topics/recipes/drupal/ 7 | location ~ \..*/.*\.php$ { 8 | return 403; 9 | } 10 | 11 | location ~ ^/sites/.*/private/ { 12 | return 403; 13 | } 14 | 15 | # Allow "Well-Known URIs" as per RFC 5785 16 | location ~* ^/.well-known/ { 17 | allow all; 18 | } 19 | 20 | # Block access to "hidden" files and directories whose names begin with a 21 | # period. This includes directories used by version control systems such 22 | # as Subversion or Git to store control files. 23 | location ~ (^|/)\. { 24 | return 403; 25 | } 26 | 27 | location / { 28 | try_files $uri @rewrite; 29 | } 30 | 31 | # Don't allow direct access to PHP files in the vendor directory. 32 | location ~ /vendor/.*\.php$ { 33 | deny all; 34 | return 404; 35 | } 36 | 37 | # Handle image-styles 38 | location ~ ^/sites/.*/files/imagecache/ { 39 | try_files $uri @rewrite; 40 | } 41 | 42 | location @rewrite { 43 | rewrite ^/(.*)$ /index.php?q=$1; 44 | } 45 | {% endblock %} 46 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/templates/drupal7-site.j2: -------------------------------------------------------------------------------- 1 | {% extends "php-site.j2" %} 2 | 3 | {% block extra %} 4 | {{ super() }} 5 | 6 | # Inspired from https://www.nginx.com/resources/wiki/start/topics/recipes/drupal/ 7 | location ~ \..*/.*\.php$ { 8 | return 403; 9 | } 10 | 11 | location ~ ^/sites/.*/private/ { 12 | return 403; 13 | } 14 | 15 | # Allow "Well-Known URIs" as per RFC 5785 16 | location ~* ^/.well-known/ { 17 | allow all; 18 | } 19 | 20 | # Block access to "hidden" files and directories whose names begin with a 21 | # period. This includes directories used by version control systems such 22 | # as Subversion or Git to store control files. 23 | location ~ (^|/)\. { 24 | return 403; 25 | } 26 | 27 | location / { 28 | try_files $uri /index.php?$query_string; 29 | } 30 | 31 | # Don't allow direct access to PHP files in the vendor directory. 32 | location ~ /vendor/.*\.php$ { 33 | deny all; 34 | return 404; 35 | } 36 | 37 | # Handle image-styles 38 | location ~ ^/sites/.*/files/styles/ { 39 | try_files $uri @rewrite; 40 | } 41 | 42 | # Handle private files through Drupal. Private file's path can come 43 | # with a language prefix. 44 | location ~ ^(/[a-z\-]+)?/system/files/ { 45 | try_files $uri /index.php?$query_string; 46 | } 47 | 48 | location @rewrite { 49 | rewrite ^/(.*)$ /index.php?q=$1; 50 | } 51 | {% endblock %} 52 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/templates/drupal8-site.j2: -------------------------------------------------------------------------------- 1 | {% extends "default-site.j2" %} 2 | 3 | {% block extra %} 4 | {{ super() }} 5 | 6 | # Inspired from https://www.nginx.com/resources/wiki/start/topics/recipes/drupal/ 7 | location ~ \..*/.*\.php$ { 8 | return 403; 9 | } 10 | 11 | location ~ ^/sites/.*/private/ { 12 | return 403; 13 | } 14 | 15 | # Allow "Well-Known URIs" as per RFC 5785 16 | location ~* ^/.well-known/ { 17 | allow all; 18 | } 19 | 20 | # Block access to "hidden" files and directories whose names begin with a 21 | # period. This includes directories used by version control systems such 22 | # as Subversion or Git to store control files. 23 | location ~ (^|/)\. { 24 | return 403; 25 | } 26 | 27 | location / { 28 | try_files $uri /index.php?$query_string; 29 | } 30 | 31 | # Don't allow direct access to PHP files in the vendor directory. 32 | location ~ /vendor/.*\.php$ { 33 | deny all; 34 | return 404; 35 | } 36 | 37 | # Handle image-styles 38 | location ~ ^/sites/.*/files/styles/ { 39 | try_files $uri @rewrite; 40 | } 41 | 42 | # Handle private files through Drupal. Private file's path can come 43 | # with a language prefix. 44 | location ~ ^(/[a-z\-]+)?/system/files/ { 45 | try_files $uri /index.php?$query_string; 46 | } 47 | 48 | location @rewrite { 49 | rewrite ^/(.*)$ /index.php?q=$1; 50 | } 51 | 52 | # In Drupal 8, we must also match new paths where the '.php' appears in 53 | # the middle, such as update.php/selection. The rule we use is strict, 54 | # and only allows this pattern with the update.php front controller. 55 | # This allows legacy path aliases in the form of 56 | # blog/index.php/legacy-path to continue to route to Drupal nodes. If 57 | # you do not have any paths like that, then you might prefer to use a 58 | # laxer rule, such as: 59 | # location ~ \.php(/|$) { 60 | # The laxer rule will continue to work if Drupal uses this new URL 61 | # pattern with front controllers other than update.php in a future 62 | # release. 63 | location ~ '\.php$|^/update.php' { 64 | include conf.d/partials/_php_fpm.conf; 65 | } 66 | {% endblock %} 67 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/templates/php-site.j2: -------------------------------------------------------------------------------- 1 | {% extends "default-site.j2" %} 2 | 3 | {% block extra %} 4 | {{ super() }} 5 | 6 | location ~ \.php$ { 7 | include conf.d/partials/_php_fpm.conf; 8 | } 9 | {% endblock %} 10 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/templates/rails-site.j2: -------------------------------------------------------------------------------- 1 | {% extends "default-site.j2" %} 2 | 3 | {% block extra %} 4 | {{ super() }} 5 | 6 | location / { 7 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 8 | proxy_set_header X-Forwarded-Proto $scheme; 9 | proxy_set_header Host $http_host; 10 | proxy_redirect off; 11 | proxy_pass http://localhost:{{ proxy_port | default(3000) }}; 12 | } 13 | {% endblock %} 14 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/templates/silex-site.j2: -------------------------------------------------------------------------------- 1 | {% extends "default-site.j2" %} 2 | 3 | {% block extra %} 4 | {{ super() }} 5 | 6 | location / { 7 | # try to serve file directly, fallback to front controller 8 | try_files $uri /index.php$is_args$args; 9 | } 10 | 11 | # If you have 2 front controllers for dev|prod use the following line instead 12 | # location ~ ^/(index|index_dev)\.php(/|$) { 13 | location ~ ^/index\.php(/|$) { 14 | fastcgi_pass unix:{{ fpm_socket }}; 15 | fastcgi_split_path_info ^(.+\.php)(/.*)$; 16 | include fastcgi_params; 17 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 18 | fastcgi_param HTTPS off; 19 | 20 | # Prevents URIs that include the front controller. This will 404: 21 | # http://domain.tld/index.php/some-path 22 | # Enable the internal directive to disable URIs like this 23 | # internal; 24 | } 25 | 26 | #return 404 for all php files as we do have a front controller 27 | location ~ \.php$ { 28 | return 404; 29 | } 30 | {% endblock %} 31 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/templates/symfony2-site.j2: -------------------------------------------------------------------------------- 1 | {% extends "default-site.j2" %} 2 | 3 | {% block extra %} 4 | {{ super() }} 5 | 6 | # Inspired from http://symfony.com/doc/current/cookbook/configuration/web_server_configuration.html#web-server-nginx 7 | location / { 8 | # try to serve file directly, fallback to app.php 9 | try_files $uri /app.php$is_args$args; 10 | } 11 | 12 | # DEV 13 | # This rule should only be placed on your development environment 14 | # In production, don't include this and don't deploy app_dev.php or config.php 15 | location ~ ^/(app_dev|config)\.php(/|$) { 16 | fastcgi_pass unix:{{ fpm_socket }}; 17 | fastcgi_split_path_info ^(.+\.php)(/.*)$; 18 | include fastcgi_params; 19 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 20 | } 21 | 22 | # PROD 23 | location ~ ^/app\.php(/|$) { 24 | fastcgi_pass unix:{{ fpm_socket }}; 25 | fastcgi_split_path_info ^(.+\.php)(/.*)$; 26 | include fastcgi_params; 27 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 28 | # Prevents URIs that include the front controller. This will 404: 29 | # http://domain.tld/app.php/some-path 30 | # Remove the internal directive to allow URIs like this 31 | internal; 32 | } 33 | 34 | {% endblock %} 35 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/templates/symfony4-site.j2: -------------------------------------------------------------------------------- 1 | {% extends "default-site.j2" %} 2 | 3 | {% block extra %} 4 | {{ super() }} 5 | # Inspired from http://symfony.com/doc/current/setup/web_server_configuration.html#nginx 6 | location / { 7 | # try to serve file directly, fallback to index.php 8 | try_files $uri /index.php$is_args$args; 9 | } 10 | location ~ ^/index\.php(/|$) { 11 | fastcgi_pass unix:{{ fpm_socket }}; 12 | fastcgi_split_path_info ^(.+\.php)(/.*)$; 13 | include fastcgi_params; 14 | # When you are using symlinks to link the document root to the 15 | # current version of your application, you should pass the real 16 | # application path instead of the path to the symlink to PHP 17 | # FPM. 18 | # Otherwise, PHP's OPcache may not properly detect changes to 19 | # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126 20 | # for more information). 21 | fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; 22 | fastcgi_param DOCUMENT_ROOT $realpath_root; 23 | # Prevents URIs that include the front controller. This will 404: 24 | # http://domain.tld/index.php/some-path 25 | # Remove the internal directive to allow URIs like this 26 | internal; 27 | } 28 | # return 404 for all other php files not matching the front controller 29 | # this prevents access to other php files you don't want to be accessible. 30 | location ~ \.php$ { 31 | return 404; 32 | } 33 | {% endblock %} 34 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/vars/Ubuntu-php-5.6.yml: -------------------------------------------------------------------------------- 1 | fpm_socket: /run/php/php5.6-fpm.sock -------------------------------------------------------------------------------- /provisioning/roles/nginx/vars/default-php-7.x.yml: -------------------------------------------------------------------------------- 1 | fpm_socket: /run/php/php{{ php_version_installed }}-fpm.sock -------------------------------------------------------------------------------- /provisioning/roles/nginx/vars/default-php.yml: -------------------------------------------------------------------------------- 1 | fpm_socket: /var/run/php5-fpm.sock 2 | -------------------------------------------------------------------------------- /provisioning/roles/nginx/vars/main.yml: -------------------------------------------------------------------------------- 1 | vhost_counter: 0 2 | -------------------------------------------------------------------------------- /provisioning/roles/nodejs/defaults/main.yml: -------------------------------------------------------------------------------- 1 | nodejs_distro: "{{ 2 | 'precise' if (ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'precise') else 3 | 'trusty' if (ansible_distribution == 'Ubuntu') else 4 | 'jessie' if (ansible_lsb.major_release|int == 8) else 5 | 'stretch' if (ansible_lsb.major_release|int == 9) else 6 | 'buster' if (ansible_lsb.major_release|int == 10) 7 | }}" 8 | nodejs_acceptable_distros: ["jessie", "stretch", "buster", "sid", "precise", "trusty"] 9 | nodejs_version: "12.x" 10 | nodejs_acceptable_versions: ["13.x", "12.x", "11.x", "10.x", "9.x", "8.x", "7.x", "6.x", "5.x", "4.x", "0.12", "0.10"] 11 | nodejs_with_yarn: false 12 | nodejs_package_json_template: package.json.j2 13 | nodejs_package_json_path: "{{ root_directory }}/package.json" 14 | nodejs_package_json_author: Liip AG 15 | nodejs_create_package_json: true 16 | nodejs_install_package_json: true 17 | -------------------------------------------------------------------------------- /provisioning/roles/nodejs/handlers/main.yml: -------------------------------------------------------------------------------- 1 | - name: install package.json 2 | npm: path="{{ nodejs_package_json_path|dirname }}" 3 | -------------------------------------------------------------------------------- /provisioning/roles/nodejs/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - fail: msg="'{{ nodejs_version }}' is an invalid version. Please choose between {{nodejs_acceptable_versions|join(', ')}}" 3 | when: "nodejs_version not in nodejs_acceptable_versions" 4 | 5 | - fail: msg="'{{ nodejs_distro }}' is an invalid distro. Please choose between {{nodejs_acceptable_distros|join(', ')}}" 6 | when: "nodejs_distro not in nodejs_acceptable_distros" 7 | 8 | - name: Make sure APT supports HTTPS sources 9 | apt: pkg=apt-transport-https state=present 10 | become: yes 11 | - name: Add nodesource.com apt key 12 | apt_key: id=68576280 url=https://keyserver.ubuntu.com/pks/lookup?op=get&fingerprint=on&search=0x1655A0AB68576280 state=present 13 | become: yes 14 | - name: Add nodesource.com apt repo 15 | apt_repository: repo='deb https://deb.nodesource.com/node_{{ nodejs_version }} {{ nodejs_distro}} main' state=present update_cache=yes 16 | become: yes 17 | - name: Install nodejs 18 | apt: 19 | pkg: nodejs 20 | state: present 21 | become: yes 22 | 23 | - name: Add Yarn apt key 24 | apt_key: url=https://dl.yarnpkg.com/debian/pubkey.gpg 25 | become: yes 26 | when: nodejs_with_yarn 27 | 28 | - name: Add Yarn apt repo 29 | apt_repository: repo='deb https://dl.yarnpkg.com/debian/ stable main' 30 | become: yes 31 | when: nodejs_with_yarn 32 | 33 | - name: Install yarn 34 | apt: pkg=yarn state=latest 35 | become: yes 36 | when: nodejs_with_yarn 37 | 38 | - name: Create default package.json 39 | template: src={{ nodejs_package_json_template }} dest={{ nodejs_package_json_path }} force=no 40 | when: nodejs_create_package_json 41 | 42 | - name: Install npm packages 43 | command: /bin/true 44 | notify: install package.json 45 | when: nodejs_install_package_json 46 | 47 | - meta: flush_handlers 48 | -------------------------------------------------------------------------------- /provisioning/roles/nodejs/templates/package.json.gulp.j2: -------------------------------------------------------------------------------- 1 | { 2 | "name": "{{ project_name }}", 3 | "version": "1.0.0", 4 | "author": "{{ nodejs_package_json_author }}", 5 | "license": "private", 6 | "private": true, 7 | "scripts": { 8 | "start": "gulp", 9 | "build": "gulp build --production" 10 | }, 11 | "devDependencies": { 12 | "browser-sync": "^2.12.7", 13 | "bs-pretty-message": "^1.0.8", 14 | "gulp": "^3.9.1", 15 | "gulp-autoprefixer": "^3.1.0", 16 | "gulp-if": "^2.0.1", 17 | "gulp-imagemin": "^3.0.1", 18 | "gulp-load-plugins": "^1.2.2", 19 | "gulp-sass": "^3.1.0", 20 | "gulp-sourcemaps": "^2.4.0", 21 | {% if gulp_use_webpack %} 22 | "webpack": "^2.2.1", 23 | "babel-core": "^6.11.4", 24 | "babel-loader": "^6.2.4", 25 | "babel-preset-env": "^1.1.8", 26 | "gulp-util": "^3.0.7", 27 | {% if gulp_use_purescript %} 28 | "purescript": "^0.10.5", 29 | "purs-loader": "^2.2.0", 30 | {% endif %} 31 | "strip-ansi": "^3.0.1", 32 | {% endif %} 33 | "yargs": "^6.6.0" 34 | }, 35 | "browserslist": {{ gulp_browserslist | to_json }} 36 | } 37 | -------------------------------------------------------------------------------- /provisioning/roles/nodejs/templates/package.json.j2: -------------------------------------------------------------------------------- 1 | { 2 | "name": "{{ project_name }}", 3 | "version": "1.0.0", 4 | "author": "{{ nodejs_package_json_author }}", 5 | "license": "private", 6 | "private": true 7 | } 8 | -------------------------------------------------------------------------------- /provisioning/roles/nodejs/templates/package.json.webpack.j2: -------------------------------------------------------------------------------- 1 | { 2 | "name": "{{ project_name }}", 3 | "version": "1.0.0", 4 | "author": "{{ nodejs_package_json_author }}", 5 | "license": "private", 6 | "private": true, 7 | "scripts": { 8 | "start": "NODE_ENV=development webpack-dev-server --hot", 9 | "build": "NODE_ENV=production webpack" 10 | }, 11 | "devDependencies": { 12 | "@babel/core": "^7.4.5", 13 | "@babel/preset-env": "^7.4.5", 14 | "autoprefixer": "^9.6.0", 15 | "babel-loader": "^8.0.6", 16 | "css-loader": "^2.1.1", 17 | "cssnano": "^4.1.10", 18 | "file-loader": "^4.0.0", 19 | "mini-css-extract-plugin": "^0.7.0", 20 | "node-sass": "^4.12.0", 21 | "postcss": "^7.0.17", 22 | "postcss-cli": "^6.1.2", 23 | "postcss-loader": "^3.0.0", 24 | "sass-loader": "^7.1.0", 25 | "svg-sprite-loader": "^4.1.6", 26 | "svgo": "^1.2.2", 27 | "svgo-loader": "^2.2.0", 28 | "webpack": "^4.5.0", 29 | "webpack-cli": "^3.3.2", 30 | "webpack-dev-server": "^3.6.0" 31 | }, 32 | "browserslist": {{ webpack_browserslist | to_json }} 33 | } 34 | -------------------------------------------------------------------------------- /provisioning/roles/openldap/defaults/main.yml: -------------------------------------------------------------------------------- 1 | ldap_organization: Evil Corp Ltd 2 | ldap_organization_domain: evilcorp.example.com 3 | ldap_admin_password: admin 4 | -------------------------------------------------------------------------------- /provisioning/roles/openldap/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Preseed slapd configuration options through debconf 2 | debconf: name=slapd question={{ item.question }} value={{ item.value }} vtype={{ item.type }} 3 | with_items: 4 | - { question: slapd/internal/adminpw, value: "{{ ldap_admin_password }}", type: password } 5 | - { question: slapd/password1, value: "{{ ldap_admin_password }}", type: password } 6 | - { question: slapd/password2, value: "{{ ldap_admin_password }}", type: password } 7 | - { question: shared/organization, value: "{{ ldap_organization }}", type: string } 8 | - { question: slapd/domain, value: "{{ ldap_organization_domain }}", type: string } 9 | - { question: slapd/backend, value: HDB, type: string } 10 | become: yes 11 | 12 | - name: Install slapd and ldap-utils 13 | apt: 14 | pkg: 15 | - 'slapd' 16 | - 'ldap-utils' 17 | state: present 18 | become: yes 19 | -------------------------------------------------------------------------------- /provisioning/roles/phantomjs/defaults/main.yml: -------------------------------------------------------------------------------- 1 | phantomjs_version: 2.1.1 2 | -------------------------------------------------------------------------------- /provisioning/roles/phantomjs/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Download phantomjs 2 | get_url: url={{ phantomjs_url }} dest=/opt/phantomjs.tar.bz2 3 | become: yes 4 | 5 | - name: Unpack phantomjs 6 | unarchive: src=/opt/phantomjs.tar.bz2 dest=/opt/ copy=no creates=/opt/{{ phantomjs_name }}/ 7 | become: yes 8 | 9 | - name: Create phantomjs Symlink 10 | file: state=link src=/opt/{{ phantomjs_name }}/bin/phantomjs path=/usr/local/bin/phantomjs 11 | become: yes 12 | -------------------------------------------------------------------------------- /provisioning/roles/phantomjs/vars/main.yml: -------------------------------------------------------------------------------- 1 | phantomjs_name: phantomjs-{{ phantomjs_version }}-linux-x86_64 2 | 3 | phantomjs_filename: "{{ phantomjs_name }}.tar.bz2" 4 | 5 | phantomjs_url: https://bitbucket.org/ariya/phantomjs/downloads/{{ phantomjs_filename }} 6 | -------------------------------------------------------------------------------- /provisioning/roles/phive/defaults/main.yml: -------------------------------------------------------------------------------- 1 | phive: 2 | dir: "/opt/phive" 3 | -------------------------------------------------------------------------------- /provisioning/roles/phive/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: php } 4 | -------------------------------------------------------------------------------- /provisioning/roles/phive/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: create directory for phive 2 | become: yes 3 | file: 4 | name: "{{ phive.dir }}" 5 | state: directory 6 | 7 | - command: test -f {{ phive.dir }}/phive.phar 8 | register: phive_installed 9 | ignore_errors: yes 10 | 11 | - name: install phive 12 | become: yes 13 | shell: "cd {{ phive.dir }} && curl --location --silent --show-error --output phive.phar https://phar.io/releases/phive.phar && chmod ugo+x phive.phar" 14 | when: phive_installed is failed 15 | 16 | - name: upgrade phive 17 | become: yes 18 | shell: "cd {{ phive.dir }} && ./phive.phar self-update" 19 | when: phive_installed is success 20 | 21 | - name: symlink phive in /usr/local/bin 22 | become: yes 23 | file: 24 | src: "{{ phive.dir }}/phive.phar" 25 | dest: "/usr/local/bin/{{ item }}" 26 | state: link 27 | with_items: 28 | - phive 29 | - phive.phar 30 | -------------------------------------------------------------------------------- /provisioning/roles/php-apache/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: php } 4 | - { role: apache } 5 | -------------------------------------------------------------------------------- /provisioning/roles/php-apache/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - include: php7.yml 2 | when: php_version_installed is version_compare('7.0', '>=') 3 | 4 | - include: php5.yml 5 | when: php_version_installed is version_compare('7.0', '<') 6 | 7 | -------------------------------------------------------------------------------- /provisioning/roles/php-apache/tasks/php5.yml: -------------------------------------------------------------------------------- 1 | - name: install libapache2-mod-php5 2 | apt: pkg=libapache2-mod-php5 state=latest 3 | become: yes 4 | 5 | - apache2_module: state=present name=php5 6 | notify: restart apache 7 | become: yes 8 | 9 | - name: Configure mod-php 10 | command: php5enmod {{ item }} 11 | with_items: 12 | - php-dev 13 | - xdebug 14 | notify: restart apache 15 | become: yes 16 | 17 | - meta: flush_handlers 18 | -------------------------------------------------------------------------------- /provisioning/roles/php-apache/tasks/php7.yml: -------------------------------------------------------------------------------- 1 | - name: install libapache2-mod-php{{ php_version_installed }} 2 | apt: pkg=libapache2-mod-php{{ php_version_installed }} state=latest 3 | become: yes 4 | 5 | - apache2_module: state=present name=php{{ php_version_installed }} 6 | notify: restart apache 7 | become: yes 8 | 9 | #- name: Configure mod-php 10 | # command: php5enmod {{ item }} 11 | # with_items: 12 | # - php-dev 13 | # - xdebug 14 | # notify: restart apache 15 | # become: yes 16 | 17 | - meta: flush_handlers 18 | -------------------------------------------------------------------------------- /provisioning/roles/php-fpm/defaults/main.yml: -------------------------------------------------------------------------------- 1 | nginx_site_template: "php-site.j2" 2 | nginx_index: "index.php" 3 | -------------------------------------------------------------------------------- /provisioning/roles/php-fpm/handlers/main.yml: -------------------------------------------------------------------------------- 1 | - name: restart php-fpm 2 | service: 3 | name: "{{ php_fpm_package }}" 4 | state: restarted 5 | become: yes 6 | 7 | - name: restart webserver 8 | service: 9 | name: "{{ php_fpm_package }}" 10 | state: restarted 11 | become: yes 12 | -------------------------------------------------------------------------------- /provisioning/roles/php-fpm/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: php } 4 | - { role: nginx, site_template: "{{ nginx_site_template }}", index: "{{ nginx_index }}" } 5 | -------------------------------------------------------------------------------- /provisioning/roles/php-fpm/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - set_fact: phpfpm_installed=true 2 | 3 | - include_vars: "{{ item }}" 4 | with_first_found: 5 | - "{{ ansible_distribution }}-{{ php_version_installed }}.yml" 6 | # - "default-{{ php_version_installed }}.yml" 7 | - "default-{{ php_version_installed | int }}.x.yml" 8 | - "default.yml" 9 | 10 | 11 | - name: install php-fpm 12 | apt: pkg={{ php_fpm_package }} state=latest 13 | become: yes 14 | 15 | - name: run php-fpm as vagrant user 16 | replace: dest={{ php_fpm_pool_conf }} regexp="^user = www-data" replace="user = vagrant" 17 | notify: restart php-fpm 18 | become: yes 19 | 20 | - name: Activate PHP configuration files 21 | command: "{{php_phpenmod}} {{ item }}" 22 | with_items: 23 | - php-dev 24 | become: yes 25 | 26 | - meta: flush_handlers 27 | -------------------------------------------------------------------------------- /provisioning/roles/php-fpm/vars/Ubuntu-5.6.yml: -------------------------------------------------------------------------------- 1 | php_fpm_package: php5.6-fpm 2 | 3 | php_fpm_pool_conf: /etc/php/5.6/fpm/pool.d/www.conf 4 | -------------------------------------------------------------------------------- /provisioning/roles/php-fpm/vars/default-7.x.yml: -------------------------------------------------------------------------------- 1 | php_fpm_package: php{{ php_version_installed }}-fpm 2 | 3 | 4 | php_fpm_pool_conf: /etc/php/{{ php_version_installed }}/fpm/pool.d/www.conf 5 | -------------------------------------------------------------------------------- /provisioning/roles/php-fpm/vars/default.yml: -------------------------------------------------------------------------------- 1 | php_fpm_package: php5-fpm 2 | 3 | php_fpm_pool_conf: /etc/php5/fpm/pool.d/www.conf 4 | 5 | -------------------------------------------------------------------------------- /provisioning/roles/php-memcached/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: memcached } 4 | - { role: php } 5 | -------------------------------------------------------------------------------- /provisioning/roles/php-memcached/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - include_vars: "{{ item }}" 2 | with_first_found: 3 | - "{{ ansible_distribution }}-{{ php_version_installed }}.yml" 4 | - "{{ ansible_distribution }}-{{ php_version_installed | int }}.x.yml" 5 | - "{{ ansible_distribution }}.yml" 6 | - "default.yml" 7 | 8 | - name: install PHP {{ php_version_installed }} memcached extension 9 | apt: pkg={{ php_memcached_package }} state=latest 10 | become: yes 11 | notify: 12 | - restart webserver 13 | -------------------------------------------------------------------------------- /provisioning/roles/php-memcached/vars/Debian-5.x.yml: -------------------------------------------------------------------------------- 1 | php_memcached_package: php5-memcached 2 | -------------------------------------------------------------------------------- /provisioning/roles/php-memcached/vars/Debian.yml: -------------------------------------------------------------------------------- 1 | php_memcached_package: php-memcached 2 | -------------------------------------------------------------------------------- /provisioning/roles/php-memcached/vars/Ubuntu-5.5.yml: -------------------------------------------------------------------------------- 1 | # On ubuntu the packages are called the same 2 | php_memcached_package: php5-memcached 3 | -------------------------------------------------------------------------------- /provisioning/roles/php-memcached/vars/Ubuntu.yml: -------------------------------------------------------------------------------- 1 | # On ubuntu the packages are called the same 2 | php_memcached_package: php-memcached 3 | -------------------------------------------------------------------------------- /provisioning/roles/php-memcached/vars/default.yml: -------------------------------------------------------------------------------- 1 | # Debian package name. Default b/c debian is default 2 | php_memcached_package: php5-memcached 3 | -------------------------------------------------------------------------------- /provisioning/roles/php-redis/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: redis } 4 | - { role: php } 5 | -------------------------------------------------------------------------------- /provisioning/roles/php-redis/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - include_vars: "{{ item }}" 2 | with_first_found: 3 | - "{{ ansible_distribution }}-{{ php_version_installed }}.yml" 4 | - "{{ ansible_distribution }}-{{ php_version_installed | int }}.x.yml" 5 | - "{{ ansible_distribution }}.yml" 6 | when: "php_version_installed is defined" 7 | 8 | - name: install PHP redis extension 9 | apt: pkg={{ php_redis_package }} state=latest 10 | become: yes 11 | notify: 12 | - restart webserver 13 | 14 | -------------------------------------------------------------------------------- /provisioning/roles/php-redis/vars/Debian-7.x.yml: -------------------------------------------------------------------------------- 1 | php_redis_package: php-redis 2 | 3 | -------------------------------------------------------------------------------- /provisioning/roles/php-redis/vars/Debian.yml: -------------------------------------------------------------------------------- 1 | php_redis_package: php5-redis 2 | 3 | -------------------------------------------------------------------------------- /provisioning/roles/php-redis/vars/Ubuntu-5.5.yml: -------------------------------------------------------------------------------- 1 | php_redis_package: php5-redis 2 | -------------------------------------------------------------------------------- /provisioning/roles/php-redis/vars/Ubuntu.yml: -------------------------------------------------------------------------------- 1 | php_redis_package: php-redis 2 | -------------------------------------------------------------------------------- /provisioning/roles/php-xdebug/defaults/main.yml: -------------------------------------------------------------------------------- 1 | xdebug_idekey: XDEBUG-DRIFTER 2 | -------------------------------------------------------------------------------- /provisioning/roles/php-xdebug/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: php } 4 | -------------------------------------------------------------------------------- /provisioning/roles/php-xdebug/tasks/main.yml: -------------------------------------------------------------------------------- 1 | # we do include_vars twice so that we can have default values 2 | # and just have to override any changes in the specific versions 3 | - include_vars: "default.yml" 4 | 5 | - include_vars: "{{ item }}" 6 | with_first_found: 7 | - "{{ ansible_distribution }}-{{ php_version_installed }}.yml" 8 | - "{{ ansible_distribution }}-{{ php_version_installed | int }}.x.yml" 9 | - "{{ ansible_distribution }}.yml" 10 | - "default.yml" 11 | 12 | - name: install PHP packages 13 | apt: pkg={{ php_packages }} state=latest 14 | become: yes 15 | 16 | - include: not-debian-7.0.yml 17 | when: not (php_version_installed == 7.0 and ansible_distribution == 'Debian') 18 | -------------------------------------------------------------------------------- /provisioning/roles/php-xdebug/tasks/not-debian-7.0.yml: -------------------------------------------------------------------------------- 1 | - name: Place PHP configuration files in place. 2 | template: src={{ item.src }} dest={{ item.dest }} owner=root group=root mode=644 3 | become: yes 4 | with_items: 5 | - { src: xdebug.ini.j2, dest: "{{ etc_php_path }}/mods-available/xdebug.ini" } 6 | 7 | - name: Activate PHP configuration files 8 | command: "{{ php_phpenmod }} {{ item }}" 9 | with_items: 10 | - xdebug 11 | become: yes 12 | -------------------------------------------------------------------------------- /provisioning/roles/php-xdebug/templates/xdebug.ini.j2: -------------------------------------------------------------------------------- 1 | zend_extension={{ xdebug_path }} 2 | 3 | xdebug.max_nesting_level=1000 4 | 5 | ; activate colors in CLI 6 | xdebug.cli_color=1 7 | 8 | ; disable coverage for speedup 9 | xdebug.coverage_enable=0 10 | 11 | ; PHPStorm 8 link format to open files 12 | xdebug.file_link_format="phpstorm://open?file=%f&line=%l" 13 | 14 | ; config to run the profiler 15 | xdebug.profiler_enable=0 16 | xdebug.profiler_output_dir={{ root_directory }}/profiling/ 17 | 18 | ; config to run the tracer 19 | xdebug.trace_enable=0 20 | xdebug.trace_output_dir={{ root_directory }}/tracing/ 21 | 22 | ; config to run the remote debugger 23 | xdebug.remote_enable=1 24 | xdebug.remote_connect_back=1 25 | xdebug.idekey="{{ xdebug_idekey }}" 26 | 27 | ; allows to start xdebug features via query string / cookie / plugin 28 | xdebug.profiler_enable_trigger=1 29 | xdebug.trace_enable_trigger=1 30 | 31 | -------------------------------------------------------------------------------- /provisioning/roles/php-xdebug/vars/Debian-5.4.yml: -------------------------------------------------------------------------------- 1 | xdebug_path: /usr/lib/php5/20100525/xdebug.so 2 | -------------------------------------------------------------------------------- /provisioning/roles/php-xdebug/vars/Debian-7.x.yml: -------------------------------------------------------------------------------- 1 | php_xdebug_package: php-xdebug 2 | 3 | php_packages: 4 | - "{{ php_xdebug_package }}" 5 | 6 | etc_php_path: /etc/php/{{ php_version_installed }}/ 7 | 8 | -------------------------------------------------------------------------------- /provisioning/roles/php-xdebug/vars/Debian.yml: -------------------------------------------------------------------------------- 1 | php_xdebug_package: php5-xdebug 2 | 3 | php_packages: 4 | - "{{ php_xdebug_package }}" 5 | 6 | etc_php_path: /etc/php5/ 7 | 8 | phpenmod: php5enmod 9 | -------------------------------------------------------------------------------- /provisioning/roles/php-xdebug/vars/Ubuntu-5.5.yml: -------------------------------------------------------------------------------- 1 | php_xdebug_package: php5-xdebug 2 | 3 | php_packages: 4 | - "{{ php_xdebug_package }}" 5 | 6 | etc_php_path: /etc/php5/ 7 | 8 | #php5enmod auf debian 9 | phpenmod: phpenmod 10 | 11 | -------------------------------------------------------------------------------- /provisioning/roles/php-xdebug/vars/Ubuntu.yml: -------------------------------------------------------------------------------- 1 | php_xdebug_package: php-xdebug 2 | 3 | php_packages: 4 | - "{{ php_xdebug_package }}" 5 | 6 | etc_php_path: /etc/php/{{ php_version_installed }}/ 7 | 8 | #php5enmod auf debian 9 | phpenmod: phpenmod 10 | -------------------------------------------------------------------------------- /provisioning/roles/php-xdebug/vars/default.yml: -------------------------------------------------------------------------------- 1 | php_xdebug_package: php5-xdebug 2 | 3 | php_packages: 4 | - "{{ php_xdebug_package }}" 5 | 6 | phpenmod: php5enmod 7 | 8 | xdebug_path: xdebug.so 9 | -------------------------------------------------------------------------------- /provisioning/roles/php/defaults/main.yml: -------------------------------------------------------------------------------- 1 | php_sury_apt_key_id: "B188E2B695BD4743" 2 | php_version: "7.2" 3 | 4 | php_error_reporting: "E_ALL | E_STRICT" 5 | php_assert_exceptions: false 6 | 7 | php_max_execution_time: "3600" 8 | php_memory_limit: "4G" 9 | php_upload_max_filesize: "128M" 10 | php_date_timezone: "Europe/Zurich" 11 | 12 | php_default_charset: "UTF-8" 13 | 14 | php_default_socket_timeout: "120" 15 | -------------------------------------------------------------------------------- /provisioning/roles/php/files/install_xdebug.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | wget https://pecl.php.net/get/xdebug-2.4.0RC3.tgz 6 | tar -xzf xdebug-2.4.0RC3.tgz 7 | cd xdebug-2.4.0RC3 8 | 9 | phpize 10 | ./configure 11 | make 12 | sudo make install 13 | 14 | 15 | sudo sh -c "echo zend_extension=xdebug.so > /etc/php/7.0/mods-available/xdebug.ini" 16 | 17 | cd /etc/php/7.0/cli/conf.d 18 | 19 | sudo ln -s ../../mods-available/xdebug.ini 20 | 21 | if [[ -d /etc/php/7.0/fpm/conf.d ]] 22 | then 23 | cd /etc/php/7.0/fpm/conf.d 24 | sudo ln -s ../../mods-available/xdebug.ini 25 | fi 26 | 27 | -------------------------------------------------------------------------------- /provisioning/roles/php/tasks/debian-repo.yml: -------------------------------------------------------------------------------- 1 | - name: debian-repo | error when trying to use something less than PHP 5.6 on jessie 2 | fail: msg="Jessie only supports version 5.6." 3 | when: ansible_lsb.major_release is version_compare('8', '>=') and php_version_installed is version_compare('5.6', '<') 4 | 5 | - name: debian-repo | error when trying to use something less than PHP 7 on stretch 6 | fail: msg="Stretch and beyond don't support PHP < 7.0" 7 | when: ansible_lsb.major_release is version_compare('9', '>=') and php_version_installed is version_compare('7.0', '<') 8 | 9 | - name: debian-repo | Make sure APT supports HTTPS sources 10 | apt: pkg=apt-transport-https state=present 11 | become: yes 12 | 13 | # https://www.dotdeb.org/instructions/ 14 | - name: debian-repo | Install DotDeb repository key on squeeze 15 | apt_key: url=https://www.dotdeb.org/dotdeb.gpg 16 | become: yes 17 | when: ansible_lsb.major_release is version_compare('8', '<') and php_version_installed is version_compare('5.4', '>') 18 | 19 | - name: debian-repo | Add DotDeb repository on squeeze 20 | apt_repository: repo='deb http://packages.dotdeb.org {{ ansible_distribution_release }} all' update_cache=yes 21 | become: yes 22 | when: ansible_lsb.major_release is version_compare('8', '<') and php_version_installed is version_compare('5.4', '>') 23 | 24 | - name: debian-repo | Add packages.sury.org key on jessie/stretch 25 | apt_key: url=https://packages.sury.org/php/apt.gpg 26 | when: ansible_lsb.major_release is version_compare('8', '>=') 27 | become: yes 28 | 29 | # https://github.com/oerdnj/deb.sury.org/wiki/Frequently-Asked-Questions 30 | - name: debian-repo | Install packages.sury.org repository key on jessie and beyond 31 | apt_key: 32 | id: "{{ php_sury_apt_key_id }}" 33 | url: https://packages.sury.org/php/apt.gpg 34 | state: present 35 | when: ansible_lsb.major_release is version_compare('8', '>=') 36 | become: yes 37 | 38 | - name: debian-repo | Add packages.sury.org repository on jessie and beyond 39 | apt_repository: repo='deb https://packages.sury.org/php {{ ansible_distribution_release }} main' update_cache=yes 40 | become: yes 41 | when: ansible_lsb.major_release is version_compare('8', '>=') 42 | -------------------------------------------------------------------------------- /provisioning/roles/php/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - set_fact: php_version_installed={{ php_version | float }} 2 | 3 | - fail: msg="PHP7.0 is only available from Debian Jessie (8) on" 4 | when: "ansible_lsb.major_release|int < 8 and php_version_installed is version_compare('7.0', '>=')" 5 | 6 | - include: ubuntu-repo.yml 7 | when: ansible_distribution == 'Ubuntu' 8 | 9 | - include: debian-repo.yml 10 | when: ansible_distribution == 'Debian' and php_version_installed is version_compare('5.5', '>') 11 | 12 | # we do include_vars twice so that we can have default values 13 | # and just have to override any changes in the specific versions 14 | - include_vars: "default.yml" 15 | 16 | - name: Include subconfiguration for php based on the distribution used 17 | include_vars: "{{ item }}" 18 | with_first_found: 19 | - "{{ ansible_distribution }}-{{ ansible_distribution_release }}-php.yml" 20 | - "{{ ansible_distribution }}-{{ ansible_distribution_release }}-php{{ php_version_installed }}.yml" 21 | - "{{ ansible_distribution }}-{{ ansible_distribution_release }}-php{{ php_version_installed | int }}.x.yml" 22 | - "{{ ansible_distribution }}-php{{ php_version_installed }}.yml" 23 | - "{{ ansible_distribution }}-php{{ php_version_installed | int }}.x.yml" 24 | - "{{ ansible_distribution }}-default.yml" 25 | - "default.yml" 26 | 27 | - set_fact: php_phpenmod={{ phpenmod }} 28 | 29 | - name: install PHP packages 30 | apt: pkg={{ php_packages }} state=latest 31 | become: yes 32 | 33 | - name: install mysql database driver 34 | apt: pkg={{ php_mysql_packages }} state=latest 35 | become: yes 36 | when: database_type|default(false) == 'mysql' 37 | 38 | - name: install postgresql database driver 39 | apt: pkg={{ php_pgsql_package }} state=latest 40 | become: yes 41 | when: database_type|default(false) == 'postgresql' 42 | 43 | - include: not-debian-7.0.yml 44 | when: not (php_version_installed is version_compare('7.0', '>=') and ansible_distribution == 'Debian') 45 | 46 | - name: set php alternative to the correct path 47 | alternatives: name=php path={{ alternatives_php_path }} 48 | become: yes 49 | -------------------------------------------------------------------------------- /provisioning/roles/php/tasks/not-debian-7.0.yml: -------------------------------------------------------------------------------- 1 | - name: Place PHP configuration files in place. 2 | template: src={{ item.src }} dest={{ item.dest }} owner=root group=root mode=644 3 | become: yes 4 | with_items: 5 | - { src: php.ini.j2, dest: "{{ etc_php_path }}/mods-available/php-dev.ini" } 6 | 7 | - name: Activate PHP configuration files 8 | command: "{{phpenmod}} {{ item }}" 9 | with_items: 10 | - php-dev 11 | - imagick 12 | become: yes 13 | -------------------------------------------------------------------------------- /provisioning/roles/php/tasks/ubuntu-repo.yml: -------------------------------------------------------------------------------- 1 | - name: Add ppa:ondrej/php for Ubuntu 2 | apt_repository: repo='ppa:ondrej/php' 3 | become: yes 4 | when: php_version_installed is version_compare('5.5', '>') 5 | -------------------------------------------------------------------------------- /provisioning/roles/php/templates/php.ini.j2: -------------------------------------------------------------------------------- 1 | [PHP] 2 | 3 | display_startup_errors = On 4 | display_errors = On 5 | error_reporting = {{ php_error_reporting }} 6 | {% if php_assert_exceptions %} 7 | zend.assertions = 1 8 | assert.exception = 1 9 | {% endif %} 10 | 11 | max_execution_time = {{ php_max_execution_time }} 12 | memory_limit = {{ php_memory_limit }} 13 | upload_max_filesize = {{ php_upload_max_filesize }} 14 | post_max_size = {{ php_upload_max_filesize }} 15 | date.timezone = "{{ php_date_timezone }}" 16 | 17 | default_charset = "{{ php_default_charset }}" 18 | 19 | default_socket_timeout = "{{ php_default_socket_timeout }}" 20 | 21 | short_open_tag = Off 22 | 23 | always_populate_raw_post_data = -1 24 | -------------------------------------------------------------------------------- /provisioning/roles/php/vars/Debian-buster-php7.x.yml: -------------------------------------------------------------------------------- 1 | # debian 10 released on 2019-09-07 2 | php_packages: 3 | - php{{ php_version_installed }}-common 4 | - php{{ php_version_installed }}-cli 5 | - php{{ php_version_installed }}-curl 6 | - php{{ php_version_installed }}-intl 7 | - php{{ php_version_installed }}-gd 8 | - php{{ php_version_installed }}-sqlite3 9 | - php{{ php_version_installed }}-dev 10 | - php{{ php_version_installed }}-readline 11 | - php-imagick 12 | - libmagickwand-6.q16-dev 13 | - pkg-config 14 | 15 | php_mysql_packages: 16 | - php{{ php_version_installed }}-mysql 17 | 18 | php_pgsql_package: php{{ php_version_installed }}-pgsql 19 | 20 | etc_php_path: /etc/php/{{ php_version_installed }}/ 21 | 22 | alternatives_php_path: /usr/bin/php{{ php_version_installed }} 23 | 24 | phpenmod: phpenmod 25 | -------------------------------------------------------------------------------- /provisioning/roles/php/vars/Debian-default.yml: -------------------------------------------------------------------------------- 1 | php_packages: 2 | - php5-common 3 | - php5-cli 4 | - php5-curl 5 | - php5-intl 6 | - php5-gd 7 | - php5-sqlite 8 | - php5-imagick 9 | 10 | php_mysql_packages: 11 | - php5-mysqlnd 12 | 13 | php_pgsql_package: php5-pgsql 14 | 15 | etc_php_path: /etc/php5/ 16 | 17 | phpenmod: php5enmod 18 | 19 | alternatives_php_path: /usr/bin/php5 20 | -------------------------------------------------------------------------------- /provisioning/roles/php/vars/Debian-jessie-php7.x.yml: -------------------------------------------------------------------------------- 1 | # debian 8 released on 2015-04-26 2 | php_packages: 3 | - php{{ php_version_installed }}-common 4 | - php{{ php_version_installed }}-cli 5 | - php{{ php_version_installed }}-curl 6 | - php{{ php_version_installed }}-intl 7 | - php{{ php_version_installed }}-gd 8 | - php{{ php_version_installed }}-sqlite3 9 | - php{{ php_version_installed }}-dev 10 | - php{{ php_version_installed }}-readline 11 | - php-imagick 12 | - libmagickwand-6.q16-dev 13 | - pkg-config 14 | 15 | php_mysql_packages: 16 | - php{{ php_version_installed }}-mysql 17 | 18 | php_pgsql_package: php{{ php_version_installed }}-pgsql 19 | 20 | etc_php_path: /etc/php/{{ php_version_installed }}/ 21 | 22 | alternatives_php_path: /usr/bin/php{{ php_version_installed }} 23 | 24 | phpenmod: phpenmod -------------------------------------------------------------------------------- /provisioning/roles/php/vars/Debian-stretch-php7.x.yml: -------------------------------------------------------------------------------- 1 | # debian 9 released on 2017-06-17 2 | php_packages: 3 | - php{{ php_version_installed }}-common 4 | - php{{ php_version_installed }}-cli 5 | - php{{ php_version_installed }}-curl 6 | - php{{ php_version_installed }}-intl 7 | - php{{ php_version_installed }}-gd 8 | - php{{ php_version_installed }}-sqlite3 9 | - php{{ php_version_installed }}-dev 10 | - php{{ php_version_installed }}-readline 11 | - php-imagick 12 | - libmagickwand-6.q16-dev 13 | - pkg-config 14 | 15 | php_mysql_packages: 16 | - php{{ php_version_installed }}-mysql 17 | 18 | php_pgsql_package: php{{ php_version_installed }}-pgsql 19 | 20 | etc_php_path: /etc/php/{{ php_version_installed }}/ 21 | 22 | alternatives_php_path: /usr/bin/php{{ php_version_installed }} 23 | 24 | phpenmod: phpenmod 25 | -------------------------------------------------------------------------------- /provisioning/roles/php/vars/Ubuntu-php5.6.yml: -------------------------------------------------------------------------------- 1 | 2 | php_packages: 3 | - php5.6-common 4 | - php5.6-cli 5 | - php5.6-curl 6 | - php5.6-intl 7 | - php5.6-gd 8 | - php5.6-sqlite3 9 | - php5.6-readline 10 | - php-imagick 11 | - php5.6-json 12 | - php5.6-xml 13 | - php5.6-soap 14 | - php5.6-mbstring 15 | - php5.6-bcmath 16 | - php5.6-zip 17 | 18 | php_mysql_packages: 19 | - php5.6-mysql 20 | 21 | php_pgsql_package: php5.6-pgsql 22 | 23 | etc_php_path: /etc/php/5.6/ 24 | 25 | phpenmod: phpenmod 26 | 27 | alternatives_php_path: /usr/bin/php5.6 28 | -------------------------------------------------------------------------------- /provisioning/roles/php/vars/Ubuntu-php7.x.yml: -------------------------------------------------------------------------------- 1 | 2 | php_packages: 3 | - php{{ php_version_installed }}-common 4 | - php{{ php_version_installed }}-cli 5 | - php{{ php_version_installed }}-curl 6 | - php{{ php_version_installed }}-intl 7 | - php{{ php_version_installed }}-gd 8 | - php{{ php_version_installed }}-sqlite3 9 | - php{{ php_version_installed }}-readline 10 | - php{{ php_version_installed }}-xml 11 | - php-imagick 12 | - php{{ php_version_installed }}-json 13 | - php{{ php_version_installed }}-soap 14 | - php{{ php_version_installed }}-mbstring 15 | - php{{ php_version_installed }}-bcmath 16 | - php{{ php_version_installed }}-zip 17 | 18 | php_mysql_packages: 19 | - php{{ php_version_installed }}-mysql 20 | 21 | php_pgsql_package: php{{ php_version_installed }}-pgsql 22 | 23 | #/etc/php5 auf debian 24 | etc_php_path: /etc/php/{{ php_version_installed }}/ 25 | 26 | #php5enmod auf debian 27 | phpenmod: phpenmod 28 | 29 | alternatives_php_path: /usr/bin/php{{ php_version_installed }} 30 | -------------------------------------------------------------------------------- /provisioning/roles/php/vars/default.yml: -------------------------------------------------------------------------------- 1 | php_packages: 2 | - php5-common 3 | - php5-cli 4 | - php5-curl 5 | - php5-intl 6 | - php5-gd 7 | - php5-sqlite 8 | - php5-imagick 9 | 10 | php_mysql_packages: 11 | - php5-mysqlnd 12 | 13 | php_pgsql_package: php5-pgsql 14 | 15 | etc_php_path: /etc/php5/ 16 | 17 | phpenmod: php5enmod 18 | 19 | alternatives_php_path: /usr/bin/php5 20 | -------------------------------------------------------------------------------- /provisioning/roles/pipenv/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: python } 4 | -------------------------------------------------------------------------------- /provisioning/roles/pipenv/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Install pipenv 2 | pip: 3 | name: pipenv 4 | executable: "{{ 'pip' if (python_version|int == 2) else 'pip3' }}" 5 | become: yes 6 | 7 | # We need to ensure that pipenv uses up-to-date versions of setuptools and pip 8 | - name: Make sure pipenv uses correct versions of pip and setuptools 9 | command: pipenv run -- pip install pip=={{ pip_version }} setuptools=={{ setuptools_version }} 10 | 11 | - name: Run pipenv install 12 | command: pipenv install --dev 13 | 14 | # Ensure that a previous install that would have added the activate script to the bashrc is not active 15 | - name: Don't activate virtualenv when sshing into the box 16 | lineinfile: 17 | dest: ~/.bashrc 18 | regexp: '^\. .*/bin/activate$' 19 | state: absent 20 | -------------------------------------------------------------------------------- /provisioning/roles/postgis/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: postgresql } 4 | -------------------------------------------------------------------------------- /provisioning/roles/postgis/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - set_fact: database_type=postgis 2 | - name: set specific variables for distributions 3 | include_vars: "{{ item }}" 4 | with_first_found: 5 | - "{{ ansible_distribution }}-{{ ansible_distribution_major_version}}.yml" 6 | 7 | - name: ensure geo packages are installed 8 | apt: 9 | pkg: 10 | - binutils 11 | - libproj-dev 12 | - gdal-bin 13 | - "{{ postgis_package_name }}" 14 | become: yes 15 | 16 | - name: enable database spatially 17 | command: psql -d {{ database_name }} -c "CREATE EXTENSION IF NOT EXISTS postgis; CREATE EXTENSION IF NOT EXISTS postgis_topology;" 18 | become_user: postgres 19 | become: yes 20 | -------------------------------------------------------------------------------- /provisioning/roles/postgis/vars/Debian-10.yml: -------------------------------------------------------------------------------- 1 | postgis_package_name: "postgresql-11-postgis-2.5" 2 | -------------------------------------------------------------------------------- /provisioning/roles/postgis/vars/Debian-8.yml: -------------------------------------------------------------------------------- 1 | postgis_package_name: "postgresql-9.4-postgis-2.1" 2 | -------------------------------------------------------------------------------- /provisioning/roles/postgis/vars/Debian-9.yml: -------------------------------------------------------------------------------- 1 | postgis_package_name: "postgresql-9.6-postgis-2.3" 2 | -------------------------------------------------------------------------------- /provisioning/roles/postgis/vars/Ubuntu-14.yml: -------------------------------------------------------------------------------- 1 | postgis_package_name: "postgresql-9.3-postgis-2.1" 2 | -------------------------------------------------------------------------------- /provisioning/roles/postgis/vars/Ubuntu-16.yml: -------------------------------------------------------------------------------- 1 | postgis_package_name: "postgresql-9.5-postgis-2.2" 2 | -------------------------------------------------------------------------------- /provisioning/roles/postgresql/defaults/main.yml: -------------------------------------------------------------------------------- 1 | database_user: "{{ database_name }}" 2 | database_password: "{{ database_name }}" 3 | database_template: "template0" 4 | database_encoding: "UTF-8" 5 | database_lc_collate: "en_US.UTF-8" 6 | database_lc_ctype: "en_US.UTF-8" 7 | -------------------------------------------------------------------------------- /provisioning/roles/postgresql/handlers/main.yml: -------------------------------------------------------------------------------- 1 | - name: restart postgresql 2 | service: name=postgresql state=restarted 3 | become: yes 4 | -------------------------------------------------------------------------------- /provisioning/roles/postgresql/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - set_fact: database_type=postgresql 2 | when: database_type is not defined 3 | 4 | - name: install postgresql 9.1 5 | apt: pkg=postgresql-9.1 state=latest 6 | become: yes 7 | when: ansible_lsb.major_release|int == 7 8 | 9 | - name: install postgresql 10 | apt: pkg=postgresql state=latest 11 | become: yes 12 | when: ansible_lsb.major_release|int >= 8 13 | 14 | - name: install python-psycopg2 (for ansible) 15 | apt: pkg=python-psycopg2 state=latest 16 | become: yes 17 | 18 | - name: install postgresql dev libraries 19 | apt: pkg=libpq-dev state=latest 20 | become: yes 21 | 22 | - name: install postgresql extensions 23 | apt: pkg=postgresql-contrib state=latest 24 | become: yes 25 | 26 | - name: ensure postgresql is started 27 | action: service name=postgresql state=started 28 | become: yes 29 | 30 | - name: create database user 31 | postgresql_user: name={{ database_user }} password={{ database_password }} state=present role_attr_flags=SUPERUSER 32 | become_user: postgres 33 | become: yes 34 | 35 | - name: create database 36 | postgresql_db: name={{ database_name }} 37 | owner={{ database_user }} 38 | template={{ database_template }} 39 | encoding={{ database_encoding }} 40 | lc_collate={{ database_lc_collate }} 41 | lc_ctype={{ database_lc_ctype }} 42 | state=present 43 | become_user: postgres 44 | become: yes 45 | -------------------------------------------------------------------------------- /provisioning/roles/python/defaults/main.yml: -------------------------------------------------------------------------------- 1 | python_version: "3" 2 | pip_version: 19.0.2 3 | setuptools_version: 40.8.0 4 | python3_install_from_source: false 5 | python3_source_version: "3.7.2" 6 | -------------------------------------------------------------------------------- /provisioning/roles/python/tasks/install-from-source.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Download Python 3 | get_url: 4 | url: "https://www.python.org/ftp/python/{{ python3_source_version }}/Python-{{ python3_source_version }}.tgz" 5 | dest: "/tmp/Python-{{ python3_source_version }}.tgz" 6 | 7 | - name: Expand Python archive 8 | unarchive: 9 | src: "/tmp/Python-{{ python3_source_version }}.tgz" 10 | dest: "/tmp" 11 | creates: "/tmp/Python-{{ python3_source_version }}/README.rst" 12 | copy: no 13 | 14 | - name: Configure Python build 15 | command: > 16 | ./configure --with-ensurepip=install --prefix=/usr 17 | chdir=/tmp/Python-{{ python3_source_version }} 18 | 19 | - name: Build Python 20 | command: > 21 | make {{ item }} 22 | chdir=/tmp/Python-{{ python3_source_version }} 23 | with_items: 24 | - all 25 | - install 26 | become: yes 27 | -------------------------------------------------------------------------------- /provisioning/roles/python/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # We always try to install Python 2 + Python 3 packages in case 3 | # we want to use tools like tox 4 | - name: install python 2 packages 5 | apt: 6 | pkg: 7 | - python-virtualenv 8 | - python-pip 9 | - python-all-dev 10 | state: latest 11 | become: yes 12 | 13 | - name: install python 3 packages 14 | apt: 15 | pkg: 16 | - python3-pip 17 | - python3-all-dev 18 | state: latest 19 | become: yes 20 | with_items: 21 | - python3-pip 22 | - python3-all-dev 23 | when: ansible_lsb.major_release|int >= 8 and not python3_install_from_source 24 | 25 | # The Python 3 virtualenv package is named "python3.4-venv" on Ubuntu before 26 | # Xenial 27 | - name: install python 3 virtualenv package 28 | apt: 29 | pkg: "{{ 'python3.4-venv' if ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int < 16 else 'python3-venv' }}" 30 | state: latest 31 | become: yes 32 | when: ansible_lsb.major_release|int >= 8 33 | 34 | - name: install pillow dependencies 35 | apt: 36 | pkg: 37 | - libfreetype6-dev 38 | - zlib1g-dev 39 | - libwebp-dev 40 | - liblcms2-dev 41 | - libtiff5-dev 42 | state: latest 43 | become: yes 44 | 45 | - name: install libjpeg-dev 46 | apt: 47 | pkg: "{{ 'libjpeg8-dev' if (ansible_lsb.major_release|int == 7) else 'libjpeg-dev' }}" 48 | state: latest 49 | become: yes 50 | 51 | # Install python from source when python_install_from_source is true. 52 | - include: install-from-source.yml 53 | when: python3_install_from_source and python3_source_version|version_compare('3', '>=') 54 | -------------------------------------------------------------------------------- /provisioning/roles/rabbitmq/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: ensure rabbitmq is installed 2 | apt: pkg=rabbitmq-server state=present 3 | become: yes 4 | 5 | - name: activate rabbitmq_management plugin 6 | shell: "/usr/sbin/rabbitmq-plugins enable rabbitmq_management" 7 | become: yes 8 | 9 | - name: restart rabbitmq 10 | service: name=rabbitmq-server state=restarted 11 | become: yes 12 | 13 | - name: get rabbitmqadmin script 14 | get_url: url=http://localhost:15672/cli/rabbitmqadmin dest=/usr/local/bin/rabbitmqadmin mode=755 15 | become: yes 16 | -------------------------------------------------------------------------------- /provisioning/roles/redis/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: ensure Redis is installed 2 | apt: pkg=redis-server state=present 3 | become: yes 4 | 5 | -------------------------------------------------------------------------------- /provisioning/roles/rmt/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: composer } 4 | -------------------------------------------------------------------------------- /provisioning/roles/rmt/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Install RMT via [composer] 2 | shell: composer global require "liip/rmt" 3 | -------------------------------------------------------------------------------- /provisioning/roles/ruby/defaults/main.yml: -------------------------------------------------------------------------------- 1 | ruby_version: 2.6.3 2 | ruby_build_version: v20190423 3 | -------------------------------------------------------------------------------- /provisioning/roles/ruby/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: make sure dev dependencies are installed 3 | apt: 4 | pkg: 5 | - libreadline-dev 6 | - libsqlite3-dev 7 | - zlib1g-dev 8 | state: latest 9 | become: yes 10 | 11 | - name: install rbenv 12 | git: 13 | repo: https://github.com/rbenv/rbenv.git 14 | dest: ~/.rbenv 15 | version: v1.1.2 16 | 17 | - name: try to compile dynamic bash extension to speed up rbenv 18 | command: src/configure && make -C src 19 | ignore_errors: yes 20 | args: 21 | chdir: ~/.rbenv/ 22 | creates: ~/.rbenv/libexec/rbenv-realpath.dylib 23 | 24 | - name: install ruby-build plugin 25 | git: 26 | repo: https://github.com/rbenv/ruby-build.git 27 | dest: ~/.rbenv/plugins/ruby-build 28 | version: "{{ ruby_build_version }}" 29 | 30 | - name: ensure rbenv is accessible 31 | lineinfile: 32 | dest: ~/.bashrc 33 | line: export PATH="$HOME/.rbenv/bin:$PATH" 34 | 35 | - name: init rbenv 36 | lineinfile: 37 | dest: ~/.bashrc 38 | line: eval "$(rbenv init -)" 39 | 40 | - stat: 41 | path: ~/.rbenv/versions/{{ ruby_version }}/bin/ruby 42 | register: ruby_path_rules 43 | 44 | - name: Install ruby {{ ruby_version }} 45 | command: ~/.rbenv/bin/rbenv install {{ ruby_version }} 46 | when: ruby_path_rules.stat.exists|bool == False 47 | 48 | - name: Set ruby {{ ruby_version }} globally 49 | command: ~/.rbenv/bin/rbenv global {{ ruby_version }} 50 | 51 | - name: Disable gem docs 52 | copy: 53 | dest: ~/.gemrc 54 | content: | 55 | install: --no-document 56 | 57 | - name: Install bundler 58 | command: ~/.rbenv/shims/gem install bundler 59 | 60 | - name: Install Gems from Gemfile if any 61 | command: ~/.rbenv/shims/bundle install 62 | args: 63 | removes: /vagrant/Gemfile 64 | -------------------------------------------------------------------------------- /provisioning/roles/solr/defaults/main.yml: -------------------------------------------------------------------------------- 1 | solr_base_dir: "/opt/solr" 2 | solr_version: "5.3.1" 3 | 4 | solr_base_url_filename: "{{ 'apache-' if (solr_version is version_compare('4.1.0', '<')) else '' }}" 5 | solr_base_config_dir: "{{ 'example' if (solr_version is version_compare('5.0.0', '<')) else 'server' }}" 6 | 7 | solr_url: "http://archive.apache.org/dist/lucene/solr/{{ solr_version }}/{{ solr_base_url_filename }}solr-{{ solr_version }}.tgz" 8 | 9 | solr_install_dir: "{{ solr_base_dir }}" 10 | 11 | solr_config_dir: "{{ solr_base_dir }}/{{ solr_base_config_dir }}/solr" 12 | 13 | solr_port: "8984" 14 | solr_command: "{{ 'java -jar ' + solr_install_dir + '/example/start.jar -Djetty.home=' + solr_install_dir + '/example -Dsolr.solr.home=' + solr_config_dir + ' -Djetty.port=' + solr_port 15 | if solr_version is version_compare('4.10.0', '<') 16 | else solr_install_dir + '/bin/solr start -f -p ' + solr_port + ' -s ' + solr_config_dir }}" 17 | -------------------------------------------------------------------------------- /provisioning/roles/solr/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: supervisor, service_name: "solr", user: "solr", command: "{{ solr_command }}", supervisor_start_directory: "{{ solr_install_dir }}" } 4 | - { role: java } 5 | -------------------------------------------------------------------------------- /provisioning/roles/solr/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Create SOLR group 2 | group: name=solr state=present 3 | become: yes 4 | 5 | - name: Create SOLR user 6 | user: name=solr group=solr groups="www-data" comment="Solr Daemon" home="{{ solr_install_dir }}" 7 | become: yes 8 | 9 | - name: Download SOLR v{{ solr_version }} 10 | get_url: 11 | url: "{{ solr_url }}" 12 | dest: "{{ solr_install_dir }}/solr-{{ solr_version }}.tgz" 13 | become_user: solr 14 | become: yes 15 | 16 | - name: Extract SOLR 17 | command: tar xzf {{ solr_install_dir }}/solr-{{ solr_version }}.tgz --strip 1 -C {{ solr_install_dir }}/ warn=False 18 | become_user: solr 19 | become: yes 20 | 21 | - name: Add Core directory 22 | when: solr_core_name is defined and solr_core_conf is defined 23 | file: 24 | path: "{{ solr_config_dir}}/{{ solr_core_name}}" 25 | state: directory 26 | become_user: solr 27 | become: yes 28 | 29 | - name: Symlink Core conf 30 | when: solr_core_name is defined and solr_core_conf is defined 31 | file: 32 | src: "{{ solr_core_conf }}" 33 | dest: "{{ solr_config_dir}}/{{ solr_core_name}}/conf" 34 | state: link 35 | become_user: solr 36 | become: yes 37 | 38 | - name: Setup Core properties file 39 | when: solr_core_name is defined and solr_core_conf is defined 40 | copy: 41 | content: "name={{ solr_core_name}}" 42 | dest: "{{ solr_config_dir}}/{{ solr_core_name}}/core.properties" 43 | become_user: solr 44 | become: yes 45 | 46 | - name: SOLR config directory permission 47 | file: dest="{{ solr_config_dir }}" state=directory group=solr mode="g+rwX" recurse=yes 48 | become: yes 49 | 50 | - name: SOLR install directory permission 51 | file: dest="{{ solr_install_dir }}" state=directory owner=solr group=www-data recurse=yes 52 | become: yes 53 | notify: restart supervisor 54 | 55 | - meta: flush_handlers 56 | -------------------------------------------------------------------------------- /provisioning/roles/ssh/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: disable strict host checking 2 | lineinfile: dest=~/.ssh/config owner=vagrant mode=0600 line="StrictHostKeyChecking no" create="yes" 3 | when: ssh_no_stricthostkeychecking|default(false) == true 4 | 5 | - name: add gitlab.liip.ch ssh host key 6 | lineinfile: dest=~/.ssh/known_hosts owner=vagrant mode=0600 create="yes" line="|1|kpxP5RUzhsD0D+Orj+cIyYVnMng=|svlMzQRFnzhsXteU7cS8W8ymPl4= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICQDU/qcjvPfFV/wdl/s0IJQgRl9LVnGONMLVsn6m780" 7 | 8 | - name: add gitlab.liip.ch ssh host key line 2 9 | lineinfile: dest=~/.ssh/known_hosts owner=vagrant mode=0600 create="yes" line="|1|jkSRq0bFi+OikrNAmZJ+cvSyK+Y=|TCifULANLTMa8LnJesE+DCnpwaQ= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICQDU/qcjvPfFV/wdl/s0IJQgRl9LVnGONMLVsn6m780" 10 | 11 | - name: add github.com ssh host key 12 | lineinfile: dest=~/.ssh/known_hosts owner=vagrant mode=0600 create="yes" line="|1|QZNAYtd7C+pZl2VXmAsDp6Pm0/c=|pTECnHRaAZ+kqep4FKry9MhYiu8= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==" 13 | -------------------------------------------------------------------------------- /provisioning/roles/ssl/defaults/main.yml: -------------------------------------------------------------------------------- 1 | ssl_root_dir: /etc/ssl/vagrant 2 | 3 | # do not change those, the openssl config expect the files 4 | # in certain directories, see ca.cnf in templates 5 | ssl_ca_conf_file: "{{ ssl_root_dir }}/config/ca.cnf" 6 | ssl_ca_key_file: "{{ ssl_root_dir }}/private/ca.key" 7 | ssl_ca_csr_file: "{{ ssl_root_dir }}/private/ca.csr" 8 | ssl_ca_cert_file: "{{ ssl_root_dir }}/ca.crt" 9 | 10 | # those you can change 11 | ssl_conf_file: "{{ ssl_root_dir }}/config/vagrant.cnf" 12 | ssl_ext_file: "{{ ssl_root_dir }}/config/vagrant.ext" 13 | ssl_key_file: "{{ ssl_root_dir }}/private/vagrant.key" 14 | ssl_csr_file: "{{ ssl_root_dir }}/private/vagrant.csr" 15 | ssl_cert_file: "{{ ssl_root_dir }}/certs/vagrant.pem" 16 | 17 | 18 | -------------------------------------------------------------------------------- /provisioning/roles/ssl/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: create CA directories 2 | file: dest={{ ssl_root_dir }}/{{ item }} state=directory 3 | with_items: [ certs, db, private, config ] 4 | become: yes 5 | 6 | - name: create database index 7 | file: dest={{ ssl_root_dir }}/db/index state=touch 8 | become: yes 9 | 10 | - name: create crlnumber 11 | shell: echo 1001 > {{ ssl_root_dir }}/db/crlnumber creates="{{ ssl_root_dir }}/db/crlnumber" 12 | become: yes 13 | 14 | - name: create serial 15 | shell: openssl rand -hex 16 > {{ ssl_root_dir }}/db/serial creates="{{ ssl_root_dir }}/db/serial" 16 | become: yes 17 | 18 | 19 | - name: create the CA config file 20 | template: src=ca.cnf dest={{ ssl_ca_conf_file }} 21 | register: ca_config 22 | become: yes 23 | 24 | - name: create the config file 25 | template: src=vagrant.cnf dest={{ ssl_conf_file }} 26 | register: cert_config 27 | become: yes 28 | 29 | - name: create the EXT config file 30 | template: src=vagrant.ext dest={{ ssl_ext_file }} 31 | register: ext_config 32 | become: yes 33 | 34 | - name: cleanup files upon CA change 35 | file: dest={{ item }} state=absent 36 | with_items: 37 | - "{{ ssl_ca_csr_file }}" 38 | - "{{ ssl_ca_cert_file }}" 39 | when: ca_config.changed 40 | become: yes 41 | 42 | - name: cleanup files upon config change 43 | file: dest={{ item }} state=absent 44 | with_items: 45 | - "{{ ssl_key_file }}" 46 | - "{{ ssl_csr_file }}" 47 | - "{{ ssl_cert_file }}" 48 | when: ca_config.changed or cert_config.changed or ext_config.changed 49 | become: yes 50 | 51 | - name: create CA key file 52 | shell: openssl req -new -config {{ ssl_ca_conf_file }} -out {{ ssl_ca_csr_file }} -keyout {{ ssl_ca_key_file }} creates="{{ ssl_ca_csr_file }}" 53 | become: yes 54 | 55 | - name: create CA cert 56 | shell: openssl ca -batch -selfsign -config {{ ssl_ca_conf_file }} -in {{ ssl_ca_csr_file }} -out {{ ssl_ca_cert_file }} -extensions ca_ext creates="{{ ssl_ca_cert_file }}" 57 | become: yes 58 | 59 | 60 | - name: create key file 61 | shell: openssl genrsa -3 -out {{ ssl_key_file }} 2048 creates="{{ ssl_key_file }}" 62 | become: yes 63 | 64 | - name: create the csr 65 | shell: openssl req -new -config {{ ssl_conf_file }} -key {{ ssl_key_file }} -out {{ ssl_csr_file }} creates="{{ ssl_csr_file }}" 66 | become: yes 67 | 68 | - name: create the certificate 69 | shell: openssl ca -batch -config {{ ssl_ca_conf_file }} -in {{ ssl_csr_file }} -out {{ ssl_cert_file }} -extensions csr_ext creates="{{ ssl_cert_file }}" 70 | become: yes 71 | 72 | - name: copy CA to project dir 73 | shell: cp -f {{ ssl_ca_cert_file }} {{ root_directory }} 74 | become: yes 75 | -------------------------------------------------------------------------------- /provisioning/roles/ssl/templates/ca.cnf: -------------------------------------------------------------------------------- 1 | [default] 2 | name = ca 3 | default_ca = ca_default 4 | 5 | [ca_dn] 6 | countryName = "CH" 7 | organizationName = "Liip SA" 8 | commonName = "{{ hostname }} CA" 9 | 10 | [ca_default] 11 | home = {{ ssl_root_dir }} 12 | database = $home/db/index 13 | serial = $home/db/serial 14 | crlnumber = $home/db/crlnumber 15 | certificate = $home/$name.crt 16 | private_key = $home/private/$name.key 17 | RANDFILE = $home/private/random 18 | new_certs_dir = $home/certs 19 | unique_subject = no 20 | copy_extensions = copy 21 | default_days = 3650 22 | default_crl_days = 365 23 | default_md = sha256 24 | policy = policy_match 25 | 26 | [policy_match] 27 | countryName = supplied 28 | stateOrProvinceName = optional 29 | organizationName = supplied 30 | organizationalUnitName = optional 31 | commonName = supplied 32 | emailAddress = optional 33 | 34 | [req] 35 | default_bits = 2048 36 | encrypt_key = no 37 | default_md = sha256 38 | utf8 = yes 39 | string_mask = utf8only 40 | prompt = no 41 | distinguished_name = ca_dn 42 | req_extensions = ca_ext 43 | 44 | [ca_ext] 45 | basicConstraints = critical,CA:true,pathlen:0 46 | keyUsage = critical,keyCertSign,cRLSign 47 | subjectKeyIdentifier = hash 48 | nameConstraints = critical,@name_constraints 49 | extendedKeyUsage = serverAuth 50 | 51 | [csr_ext] 52 | 53 | 54 | [name_constraints] 55 | permitted;DNS.0={{ hostname }} 56 | {% for h in hostnames %} 57 | permitted;DNS.{{ loop.index }}={{ h }} 58 | {% endfor %} 59 | permitted;IP.0=10.0.0.0.0/255.0.0.0 60 | permitted;IP.1=172.16.0.0.0/255.128.0.0 61 | permitted;IP.2=192.168.0.0.0/255.255.0.0 62 | 63 | -------------------------------------------------------------------------------- /provisioning/roles/ssl/templates/vagrant.cnf: -------------------------------------------------------------------------------- 1 | [req] 2 | prompt = no 3 | distinguished_name = dn 4 | req_extensions = ext 5 | 6 | [dn] 7 | CN = {{ hostname }} 8 | emailAddress = webmaster@{{ hostname }} 9 | O = Liip SA 10 | L = Switzerland 11 | C = CH 12 | 13 | [ext] 14 | subjectAltName = DNS:{{ hostname }}{% if hostnames %},DNS:{{ hostnames|join(", DNS:") }}{% endif %} 15 | -------------------------------------------------------------------------------- /provisioning/roles/ssl/templates/vagrant.ext: -------------------------------------------------------------------------------- 1 | subjectAltName = DNS:{{ hostname }}{% if hostnames %},DNS:{{ hostnames|join(", DNS:") }}{% endif %} 2 | -------------------------------------------------------------------------------- /provisioning/roles/supervisor/defaults/main.yml: -------------------------------------------------------------------------------- 1 | supervisor_start_directory: "{{ root_directory }}" 2 | -------------------------------------------------------------------------------- /provisioning/roles/supervisor/handlers/main.yml: -------------------------------------------------------------------------------- 1 | - name: restart supervisor 2 | shell: /etc/init.d/supervisor stop; /etc/init.d/supervisor start; exit 0 3 | become: yes 4 | 5 | - name: start supervisor 6 | service: name=supervisor state=started 7 | become: yes 8 | 9 | - name: stop supervisor 10 | service: name=supervisor state=stopped 11 | become: yes 12 | 13 | - name: enable supervisor 14 | service: name=supervisor enabled=yes 15 | become: yes 16 | 17 | - name: restart supervisor service 18 | command: supervisorctl restart {{ name }} 19 | become: yes 20 | -------------------------------------------------------------------------------- /provisioning/roles/supervisor/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: install supervisor 2 | apt: 3 | pkg: supervisor 4 | state: latest 5 | become: yes 6 | notify: enable supervisor 7 | when: ansible_lsb.major_release|int >= 8 8 | 9 | - name: create service config 10 | template: src=service.conf dest=/etc/supervisor/conf.d/{{ service_name }}.conf 11 | become: yes 12 | notify: restart supervisor 13 | -------------------------------------------------------------------------------- /provisioning/roles/supervisor/templates/service.conf: -------------------------------------------------------------------------------- 1 | [program:{{ service_name }}] 2 | user={{ user }} 3 | command={{ command }} 4 | directory={{ supervisor_start_directory }} 5 | autostart=true 6 | autorestart=true 7 | redirect_stderr=true 8 | stopasgroup=true 9 | {% if environment_vars is defined %} 10 | environment={{ environment_vars }} 11 | {% endif %} 12 | -------------------------------------------------------------------------------- /provisioning/roles/tmpfs/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: add tmpfs mount in fstab 2 | mount: name={{ mount_path }} src=tmpfs fstype=tmpfs opts="nodev,nosuid,noatime,size=500m" state=mounted 3 | become: yes 4 | -------------------------------------------------------------------------------- /provisioning/roles/virtualenv/defaults/main.yml: -------------------------------------------------------------------------------- 1 | pip_requirements: requirements/dev.txt 2 | pip_tools_version: 2.0.1 3 | env_root: "~/ENV" 4 | -------------------------------------------------------------------------------- /provisioning/roles/virtualenv/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: python } 4 | -------------------------------------------------------------------------------- /provisioning/roles/virtualenv/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: list uncompiled requirements files 3 | # Pipe everything to cat to avoid error in case of empty return 4 | shell: | 5 | for f in {{ root_directory }}/{{ pip_requirements_dir }}/*.in; do 6 | [ ! -e "${f%in}txt" ] && echo $f 7 | done | cat 8 | register: pip_requirements_files 9 | when: pip_requirements_dir is defined 10 | 11 | - name: create venv 12 | pip: 13 | name: 14 | - "pip=={{ pip_version }}" 15 | - "setuptools=={{ setuptools_version }}" 16 | - "pip-tools=={{ pip_tools_version }}" 17 | virtualenv: "{{ env_root }}" 18 | virtualenv_command: "{{ 'virtualenv' if (python_version|int == 2) else 'pyvenv' }}" 19 | 20 | - name: compile requirements files 21 | command: "{{ env_root }}/bin/pip-compile {{ item }}" 22 | loop: "{{ pip_requirements_files.stdout_lines }}" 23 | when: pip_requirements_dir is defined 24 | 25 | - name: install requirements 26 | pip: 27 | requirements: "{{ root_directory }}/{{ pip_requirements }}" 28 | virtualenv: "{{ env_root }}" 29 | 30 | - name: activate virtualenv when sshing into the box 31 | lineinfile: 32 | dest: ~/.bashrc 33 | line: '. {{ env_root }}/bin/activate' 34 | -------------------------------------------------------------------------------- /provisioning/roles/webpack/defaults/main.yml: -------------------------------------------------------------------------------- 1 | webpack_directory: "{{ root_directory }}" 2 | webpack_create_config: true 3 | webpack_browserslist: 4 | - "> 0.5%" 5 | - "not op_mini all" 6 | - "not dead" 7 | -------------------------------------------------------------------------------- /provisioning/roles/webpack/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: nodejs, nodejs_package_json_template: package.json.webpack.j2 } 4 | -------------------------------------------------------------------------------- /provisioning/roles/webpack/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Create webpack.config.js file if non-existent 2 | template: src=webpack.config.js dest={{ webpack_directory }}/webpack.config.js force=no 3 | when: webpack_create_config 4 | 5 | - name: Create babel.config.js file if non-existent 6 | template: src=babel.config.js dest={{ webpack_directory }}/babel.config.js force=no 7 | when: webpack_create_config 8 | -------------------------------------------------------------------------------- /provisioning/roles/webpack/templates/babel.config.js: -------------------------------------------------------------------------------- 1 | module.exports = function(api) { 2 | api.cache(true) 3 | 4 | return { 5 | presets: [ 6 | '@babel/preset-env' 7 | ] 8 | }; 9 | } -------------------------------------------------------------------------------- /provisioning/roles/webpack/templates/webpack.config.js: -------------------------------------------------------------------------------- 1 | /* eslint-env node */ 2 | const path = require('path'); 3 | const MiniCssExtractPlugin = require('mini-css-extract-plugin'); 4 | const SpriteLoaderPlugin = require('svg-sprite-loader/plugin'); 5 | 6 | module.exports = { 7 | mode: process.env.NODE_ENV, 8 | resolve: { 9 | modules: [ 10 | path.resolve(__dirname, 'assets/scripts'), 11 | path.resolve(__dirname, 'assets'), 12 | 'node_modules', 13 | ], 14 | extensions: ['.js'], 15 | }, 16 | entry: { 17 | common: path.resolve(__dirname, 'assets/scripts/common.js'), 18 | }, 19 | output: { 20 | path: path.resolve(__dirname, 'dist'), 21 | filename: '[name].js', 22 | }, 23 | module: { 24 | rules: [ 25 | { 26 | test: /\.js$/, 27 | exclude: /node_modules/, 28 | loader: 'babel-loader' 29 | }, 30 | { 31 | test: /\.scss$/, 32 | use: [ 33 | { 34 | loader: MiniCssExtractPlugin.loader, 35 | options: { 36 | hmr: process.env.NODE_ENV === 'development', 37 | }, 38 | }, 39 | 'css-loader', 40 | { 41 | loader: 'postcss-loader', 42 | options: { 43 | plugins: [ 44 | require('autoprefixer')(), 45 | require('cssnano')(), 46 | ], 47 | }, 48 | }, 49 | 'sass-loader', 50 | ], 51 | }, 52 | { 53 | test: /\.(svg|png|jpe?g|gif|webp|woff|woff2|eot|ttf|otf)$/, 54 | exclude: path.resolve('./assets/icons'), 55 | use: [ 56 | { 57 | loader: 'file-loader', 58 | options: { 59 | name: '[name].[ext]', 60 | outputPath: 'assets/', 61 | }, 62 | }, 63 | ], 64 | }, 65 | { 66 | test: /\.svg$/, 67 | include: path.resolve('./assets/icons'), 68 | use: [ 69 | { 70 | loader: 'svg-sprite-loader', 71 | options: { 72 | extract: true, 73 | spriteFilename: 'icons.svg', 74 | esModule: false, 75 | }, 76 | }, 77 | 'svgo-loader', 78 | ], 79 | }, 80 | ], 81 | }, 82 | plugins: [ 83 | new MiniCssExtractPlugin({ 84 | filename: '[name].css', 85 | }), 86 | new SpriteLoaderPlugin(), 87 | ], 88 | devServer: { 89 | proxy: { 90 | '**': 'http://{{ hostname }}', 91 | }, 92 | public: '{{ hostname }}:3000', 93 | host: '0.0.0.0', 94 | port: 3000, 95 | compress: true, 96 | // Polling is required inside Vagrant boxes 97 | watchOptions: { 98 | poll: true, 99 | }, 100 | overlay: true, 101 | // Here you can specify folders that contain your views 102 | // So they’ll trigger a page reload when you change them 103 | // contentBase: ['./app/views'], 104 | // watchContentBase: true, 105 | }, 106 | optimization: { 107 | splitChunks: { 108 | cacheGroups: { 109 | styles: { 110 | name: 'styles', 111 | test: /\.css$/, 112 | chunks: 'all', 113 | enforce: true, 114 | }, 115 | }, 116 | }, 117 | }, 118 | }; 119 | -------------------------------------------------------------------------------- /provisioning/roles/xvfb/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Install xvfb 2 | apt: 3 | pkg: xvfb 4 | state: present 5 | become: yes 6 | -------------------------------------------------------------------------------- /tests/data/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | roles_path = $roles_path 3 | display_skipped_hosts = False 4 | 5 | -------------------------------------------------------------------------------- /tests/data/parameters.yml: -------------------------------------------------------------------------------- 1 | playbook: playbook.yml 2 | -------------------------------------------------------------------------------- /tests/data/playbook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/liip/drifter/8395ab20597638a1e7501da3295d01defe1c0107/tests/data/playbook.yml -------------------------------------------------------------------------------- /tests/roles/test_mysql.py: -------------------------------------------------------------------------------- 1 | def test_mysql_role_installs_mysql(box): 2 | box.provision(roles=['mysql'], parameters={'mysql_version': '5.7'}) 3 | 4 | assert '5.7' in box.execute('mysql --version') 5 | -------------------------------------------------------------------------------- /tests/test_base.py: -------------------------------------------------------------------------------- 1 | def test_base_box_has_git(box): 2 | box.provision(roles=[], parameters={}) 3 | 4 | assert 'git version ' in box.execute('git --version') 5 | -------------------------------------------------------------------------------- /tests/test_php.py: -------------------------------------------------------------------------------- 1 | import pytest 2 | 3 | 4 | @pytest.mark.parametrize('os', [ 5 | 'drifter/jessie64-base', 'drifter/stretch64-base', 'drifter/bionic64-base', 'drifter/trusty64-base' 6 | ]) 7 | @pytest.mark.parametrize('php_version', ['7.0', '7.1', '7.2']) 8 | def test_php_install(box, php_version, os): 9 | box.provision(roles=['php-fpm'], parameters={'php_version': php_version}, os=os) 10 | 11 | assert php_version in box.execute('php --version') 12 | --------------------------------------------------------------------------------