├── Vagrantfile ├── app.py ├── devops ├── dbserver.yml ├── deploy.sh ├── deploy.yml ├── hosts ├── templates │ ├── nginx.conf │ ├── nginx_site.conf │ ├── pg_hba.conf │ ├── postgresql.conf │ ├── sudoers │ ├── supervisor.ini │ ├── supervisord.conf │ └── supervisord.sh └── webserver.yml ├── requirements.txt └── templates └── index.html /Vagrantfile: -------------------------------------------------------------------------------- 1 | require 'vagrant-ansible' 2 | 3 | Vagrant::Config.run do |config| 4 | 5 | config.vm.define :web do |web_config| 6 | web_config.vm.box = "oneiric32_base" 7 | web_config.vm.box_url = "http://files.travis-ci.org/boxes/bases/oneiric32_base.box" 8 | web_config.vm.forward_port 80, 8080 9 | web_config.vm.network :bridged 10 | web_config.vm.network :hostonly, "192.168.100.10" 11 | 12 | web_config.vm.provision :ansible do |ansible| 13 | ansible.playbook = "devops/webserver.yml" 14 | ansible.hosts = "webservers" 15 | end 16 | end 17 | 18 | config.vm.define :db do |db_config| 19 | db_config.vm.box = "oneiric32_base" 20 | db_config.vm.box_url = "http://files.travis-ci.org/boxes/bases/oneiric32_base.box" 21 | db_config.vm.forward_port 5432, 54322 22 | db_config.vm.network :bridged 23 | db_config.vm.network :hostonly, "192.168.100.20" 24 | 25 | db_config.vm.provision :ansible do |ansible| 26 | ansible.playbook = "devops/dbserver.yml" 27 | ansible.hosts = "dbservers" 28 | end 29 | end 30 | 31 | end -------------------------------------------------------------------------------- /app.py: -------------------------------------------------------------------------------- 1 | from flask import Flask, render_template 2 | from flask.ext.sqlalchemy import SQLAlchemy 3 | 4 | app = Flask(__name__) 5 | app.config['DEBUG'] = True 6 | app.config['SQLALCHEMY_DATABASE_URI'] = \ 7 | 'postgres://vagrant:password@192.168.100.20/vagrant_ansible_tutorial' 8 | 9 | db = SQLAlchemy(app) 10 | 11 | class AppUser(db.Model): 12 | id = db.Column(db.Integer, primary_key=True) 13 | username = db.Column(db.String(80), unique=True) 14 | email = db.Column(db.String(120), unique=True) 15 | 16 | def __init__(self, username, email): 17 | self.username = username 18 | self.email = email 19 | 20 | @app.route('/') 21 | def index(): 22 | return render_template('index.html', users=AppUser.query.all()) 23 | 24 | 25 | @app.before_first_request 26 | def invalidate_data(): 27 | db.drop_all() 28 | db.create_all() 29 | for u, e in [('matt', 'matt@nobien.net'), 30 | ('marc', 'marc@nobien.net')]: 31 | db.session.add(AppUser(u, e)) 32 | db.session.commit() 33 | -------------------------------------------------------------------------------- /devops/dbserver.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - hosts: dbservers 4 | sudo: True 5 | user: vagrant 6 | 7 | tasks: 8 | - name: update apt 9 | action: command /usr/bin/apt-get update 10 | 11 | # This is necessary due to the box that is being used having an odd sudoers file 12 | - name: update sudoers 13 | action: copy src=templates/sudoers dest=/etc/sudoers 14 | 15 | - name: install db server packages 16 | action: apt pkg=$item state=present 17 | with_items: 18 | - postgresql 19 | - postgresql-contrib 20 | - libpq-dev 21 | - python-dev 22 | - python-setuptools 23 | 24 | - name: install python libraries 25 | action: easy_install name=psycopg2==2.4.5 26 | 27 | - name: add postgres user to admin group 28 | action: user name=postgres groups=admin append=yes 29 | 30 | - name: update postgres db configuration 31 | action: copy src=templates/postgresql.conf dest=/etc/postgresql/9.1/main/postgresql.conf 32 | notify: 33 | - restart postgresql 34 | 35 | - name: update postgres client configuration 36 | action: copy src=templates/pg_hba.conf dest=/etc/postgresql/9.1/main/pg_hba.conf 37 | notify: 38 | - restart postgresql 39 | 40 | handlers: 41 | - name: restart postgresql 42 | action: service name=postgresql state=restarted 43 | 44 | - hosts: dbservers 45 | sudo: True 46 | user: vagrant 47 | sudo_user: postgres 48 | 49 | tasks: 50 | - name: create a test database user 51 | action: postgresql_user user=vagrant password=password 52 | 53 | - name: create test database 54 | action: postgresql_db name=vagrant_ansible_tutorial owner=vagrant 55 | -------------------------------------------------------------------------------- /devops/deploy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | ansible-playbook devops/deploy.yml -i devops/hosts --private-key=$HOME/.vagrant.d/insecure_private_key 4 | -------------------------------------------------------------------------------- /devops/deploy.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - hosts: webservers 4 | user: vagrant 5 | sudo: True 6 | 7 | vars: 8 | app_name: hello_flask 9 | repo_url: https://github.com/mattupstate/vagrant-ansible-tutorial.git 10 | repo_remote: origin 11 | repo_version: master 12 | webapps_dir: /srv/webapps 13 | wsgi_file: app.py 14 | wsgi_callable: app 15 | 16 | tasks: 17 | - name: ensure log directory 18 | action: file dest=${webapps_dir}/${app_name}/log state=directory 19 | 20 | - name: deploy code from repository 21 | action: git repo=$repo_url dest=${webapps_dir}/${app_name}/src remote=$repo_remote version=$repo_version 22 | notify: 23 | - restart app 24 | 25 | - name: install dependencies into virtualenv 26 | action: pip requirements=${webapps_dir}/${app_name}/src/requirements.txt virtualenv=${webapps_dir}/${app_name}/venv state=present 27 | 28 | - name: create supervisor program config 29 | action: template src=templates/supervisor.ini dest=/etc/supervisor/${app_name}.ini 30 | notify: 31 | - restart app 32 | 33 | - name: create nginx site config 34 | action: template src=templates/nginx_site.conf dest=/etc/nginx/sites-available/${app_name}.conf 35 | notify: 36 | - restart nginx 37 | 38 | - name: link nginx config 39 | action: file src=/etc/nginx/sites-available/${app_name}.conf dest=/etc/nginx/sites-enabled/${app_name}.conf state=link 40 | 41 | - name: add app to supervisor 42 | action: supervisorctl name=${app_name} state=present 43 | 44 | handlers: 45 | - name: restart app 46 | action: supervisorctl name=${app_name} state=restarted 47 | 48 | - name: restart nginx 49 | action: service name=nginx state=restarted -------------------------------------------------------------------------------- /devops/hosts: -------------------------------------------------------------------------------- 1 | [webservers] 2 | 192.168.100.10 3 | 4 | [dbservers] 5 | 192.168.100.20 -------------------------------------------------------------------------------- /devops/templates/nginx.conf: -------------------------------------------------------------------------------- 1 | worker_processes 1; 2 | worker_rlimit_nofile 8192; 3 | 4 | events { 5 | worker_connections 3000; 6 | } 7 | 8 | error_log /var/log/nginx/error.log warn; 9 | pid /var/run/nginx.pid; 10 | 11 | http { 12 | include /etc/nginx/mime.types; 13 | default_type application/octet-stream; 14 | 15 | log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 16 | '$status $body_bytes_sent "$http_referer" ' 17 | '"$http_user_agent" "$http_x_forwarded_for"'; 18 | 19 | access_log /var/log/nginx/access.log main; 20 | 21 | sendfile on; 22 | #tcp_nopush on; 23 | 24 | keepalive_timeout 65; 25 | 26 | #gzip on; 27 | 28 | include /etc/nginx/conf.d/*.conf; 29 | include /etc/nginx/sites-enabled/*; 30 | } -------------------------------------------------------------------------------- /devops/templates/nginx_site.conf: -------------------------------------------------------------------------------- 1 | server { 2 | listen 80; 3 | server_name localhost; 4 | 5 | access_log {{ webapps_dir }}/{{ app_name }}/log/nginx-access.log; 6 | error_log {{ webapps_dir }}/{{ app_name }}/log/nginx-error.log; 7 | 8 | location / { 9 | include uwsgi_params; 10 | uwsgi_pass unix:/tmp/{{ app_name }}.sock; 11 | } 12 | 13 | location /static { 14 | alias {{ webapps_dir }}/{{ app_name }}/src/{{ app_name }}/static; 15 | expires 1y; 16 | add_header Cache-Control "public"; 17 | } 18 | 19 | location /favicon.ico { 20 | alias {{ webapps_dir }}/{{ app_name }}/src/{{ app_name }}/static/favicon.ico; 21 | expires 1y; 22 | add_header Cache-Control "public"; 23 | } 24 | 25 | } -------------------------------------------------------------------------------- /devops/templates/pg_hba.conf: -------------------------------------------------------------------------------- 1 | # PostgreSQL Client Authentication Configuration File 2 | # =================================================== 3 | # 4 | # Refer to the "Client Authentication" section in the PostgreSQL 5 | # documentation for a complete description of this file. A short 6 | # synopsis follows. 7 | # 8 | # This file controls: which hosts are allowed to connect, how clients 9 | # are authenticated, which PostgreSQL user names they can use, which 10 | # databases they can access. Records take one of these forms: 11 | # 12 | # local DATABASE USER METHOD [OPTIONS] 13 | # host DATABASE USER ADDRESS METHOD [OPTIONS] 14 | # hostssl DATABASE USER ADDRESS METHOD [OPTIONS] 15 | # hostnossl DATABASE USER ADDRESS METHOD [OPTIONS] 16 | # 17 | # (The uppercase items must be replaced by actual values.) 18 | # 19 | # The first field is the connection type: "local" is a Unix-domain 20 | # socket, "host" is either a plain or SSL-encrypted TCP/IP socket, 21 | # "hostssl" is an SSL-encrypted TCP/IP socket, and "hostnossl" is a 22 | # plain TCP/IP socket. 23 | # 24 | # DATABASE can be "all", "sameuser", "samerole", "replication", a 25 | # database name, or a comma-separated list thereof. The "all" 26 | # keyword does not match "replication". Access to replication 27 | # must be enabled in a separate record (see example below). 28 | # 29 | # USER can be "all", a user name, a group name prefixed with "+", or a 30 | # comma-separated list thereof. In both the DATABASE and USER fields 31 | # you can also write a file name prefixed with "@" to include names 32 | # from a separate file. 33 | # 34 | # ADDRESS specifies the set of hosts the record matches. It can be a 35 | # host name, or it is made up of an IP address and a CIDR mask that is 36 | # an integer (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that 37 | # specifies the number of significant bits in the mask. A host name 38 | # that starts with a dot (.) matches a suffix of the actual host name. 39 | # Alternatively, you can write an IP address and netmask in separate 40 | # columns to specify the set of hosts. Instead of a CIDR-address, you 41 | # can write "samehost" to match any of the server's own IP addresses, 42 | # or "samenet" to match any address in any subnet that the server is 43 | # directly connected to. 44 | # 45 | # METHOD can be "trust", "reject", "md5", "password", "gss", "sspi", 46 | # "krb5", "ident", "peer", "pam", "ldap", "radius" or "cert". Note that 47 | # "password" sends passwords in clear text; "md5" is preferred since 48 | # it sends encrypted passwords. 49 | # 50 | # OPTIONS are a set of options for the authentication in the format 51 | # NAME=VALUE. The available options depend on the different 52 | # authentication methods -- refer to the "Client Authentication" 53 | # section in the documentation for a list of which options are 54 | # available for which authentication methods. 55 | # 56 | # Database and user names containing spaces, commas, quotes and other 57 | # special characters must be quoted. Quoting one of the keywords 58 | # "all", "sameuser", "samerole" or "replication" makes the name lose 59 | # its special character, and just match a database or username with 60 | # that name. 61 | # 62 | # This file is read on server startup and when the postmaster receives 63 | # a SIGHUP signal. If you edit the file on a running system, you have 64 | # to SIGHUP the postmaster for the changes to take effect. You can 65 | # use "pg_ctl reload" to do that. 66 | 67 | # Put your actual configuration here 68 | # ---------------------------------- 69 | # 70 | # If you want to allow non-local connections, you need to add more 71 | # "host" records. In that case you will also need to make PostgreSQL 72 | # listen on a non-local interface via the listen_addresses 73 | # configuration parameter, or via the -i or -h command line switches. 74 | 75 | 76 | 77 | 78 | # DO NOT DISABLE! 79 | # If you change this first entry you will need to make sure that the 80 | # database superuser can access the database using some other method. 81 | # Noninteractive access to all databases is required during automatic 82 | # maintenance (custom daily cronjobs, replication, and similar tasks). 83 | # 84 | # Database administrative login by Unix domain socket 85 | local all postgres peer 86 | 87 | # TYPE DATABASE USER ADDRESS METHOD 88 | 89 | # "local" is for Unix domain socket connections only 90 | local all all peer 91 | # IPv4 local connections: 92 | host all all 127.0.0.1/32 md5 93 | # IPv6 local connections: 94 | host all all ::1/128 md5 95 | # Allow replication connections from localhost, by a user with the 96 | # replication privilege. 97 | #local replication postgres peer 98 | #host replication postgres 127.0.0.1/32 md5 99 | #host replication postgres ::1/128 md5 100 | 101 | # Trust the Vagrant web VM 102 | host all all 192.168.100.10/32 trust -------------------------------------------------------------------------------- /devops/templates/postgresql.conf: -------------------------------------------------------------------------------- 1 | # ----------------------------- 2 | # PostgreSQL configuration file 3 | # ----------------------------- 4 | # 5 | # This file consists of lines of the form: 6 | # 7 | # name = value 8 | # 9 | # (The "=" is optional.) Whitespace may be used. Comments are introduced with 10 | # "#" anywhere on a line. The complete list of parameter names and allowed 11 | # values can be found in the PostgreSQL documentation. 12 | # 13 | # The commented-out settings shown in this file represent the default values. 14 | # Re-commenting a setting is NOT sufficient to revert it to the default value; 15 | # you need to reload the server. 16 | # 17 | # This file is read on server startup and when the server receives a SIGHUP 18 | # signal. If you edit the file on a running system, you have to SIGHUP the 19 | # server for the changes to take effect, or use "pg_ctl reload". Some 20 | # parameters, which are marked below, require a server shutdown and restart to 21 | # take effect. 22 | # 23 | # Any parameter can also be given as a command-line option to the server, e.g., 24 | # "postgres -c log_connections=on". Some parameters can be changed at run time 25 | # with the "SET" SQL command. 26 | # 27 | # Memory units: kB = kilobytes Time units: ms = milliseconds 28 | # MB = megabytes s = seconds 29 | # GB = gigabytes min = minutes 30 | # h = hours 31 | # d = days 32 | 33 | 34 | #------------------------------------------------------------------------------ 35 | # FILE LOCATIONS 36 | #------------------------------------------------------------------------------ 37 | 38 | # The default values of these variables are driven from the -D command-line 39 | # option or PGDATA environment variable, represented here as ConfigDir. 40 | 41 | data_directory = '/var/lib/postgresql/9.1/main' # use data in another directory 42 | # (change requires restart) 43 | hba_file = '/etc/postgresql/9.1/main/pg_hba.conf' # host-based authentication file 44 | # (change requires restart) 45 | ident_file = '/etc/postgresql/9.1/main/pg_ident.conf' # ident configuration file 46 | # (change requires restart) 47 | 48 | # If external_pid_file is not explicitly set, no extra PID file is written. 49 | external_pid_file = '/var/run/postgresql/9.1-main.pid' # write an extra PID file 50 | # (change requires restart) 51 | 52 | 53 | #------------------------------------------------------------------------------ 54 | # CONNECTIONS AND AUTHENTICATION 55 | #------------------------------------------------------------------------------ 56 | 57 | # - Connection Settings - 58 | 59 | listen_addresses = '*' # what IP address(es) to listen on; 60 | # comma-separated list of addresses; 61 | # defaults to 'localhost', '*' = all 62 | # (change requires restart) 63 | port = 5432 # (change requires restart) 64 | max_connections = 100 # (change requires restart) 65 | # Note: Increasing max_connections costs ~400 bytes of shared memory per 66 | # connection slot, plus lock space (see max_locks_per_transaction). 67 | #superuser_reserved_connections = 3 # (change requires restart) 68 | unix_socket_directory = '/var/run/postgresql' # (change requires restart) 69 | #unix_socket_group = '' # (change requires restart) 70 | #unix_socket_permissions = 0777 # begin with 0 to use octal notation 71 | # (change requires restart) 72 | #bonjour = off # advertise server via Bonjour 73 | # (change requires restart) 74 | #bonjour_name = '' # defaults to the computer name 75 | # (change requires restart) 76 | 77 | # - Security and Authentication - 78 | 79 | #authentication_timeout = 1min # 1s-600s 80 | ssl = true # (change requires restart) 81 | #ssl_ciphers = 'ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH' # allowed SSL ciphers 82 | # (change requires restart) 83 | #ssl_renegotiation_limit = 512MB # amount of data between renegotiations 84 | #password_encryption = on 85 | #db_user_namespace = off 86 | 87 | # Kerberos and GSSAPI 88 | #krb_server_keyfile = '' 89 | #krb_srvname = 'postgres' # (Kerberos only) 90 | #krb_caseins_users = off 91 | 92 | # - TCP Keepalives - 93 | # see "man 7 tcp" for details 94 | 95 | #tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds; 96 | # 0 selects the system default 97 | #tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; 98 | # 0 selects the system default 99 | #tcp_keepalives_count = 0 # TCP_KEEPCNT; 100 | # 0 selects the system default 101 | 102 | 103 | #------------------------------------------------------------------------------ 104 | # RESOURCE USAGE (except WAL) 105 | #------------------------------------------------------------------------------ 106 | 107 | # - Memory - 108 | 109 | shared_buffers = 24MB # min 128kB 110 | # (change requires restart) 111 | #temp_buffers = 8MB # min 800kB 112 | #max_prepared_transactions = 0 # zero disables the feature 113 | # (change requires restart) 114 | # Note: Increasing max_prepared_transactions costs ~600 bytes of shared memory 115 | # per transaction slot, plus lock space (see max_locks_per_transaction). 116 | # It is not advisable to set max_prepared_transactions nonzero unless you 117 | # actively intend to use prepared transactions. 118 | #work_mem = 1MB # min 64kB 119 | #maintenance_work_mem = 16MB # min 1MB 120 | #max_stack_depth = 2MB # min 100kB 121 | 122 | # - Kernel Resource Usage - 123 | 124 | #max_files_per_process = 1000 # min 25 125 | # (change requires restart) 126 | #shared_preload_libraries = '' # (change requires restart) 127 | 128 | # - Cost-Based Vacuum Delay - 129 | 130 | #vacuum_cost_delay = 0ms # 0-100 milliseconds 131 | #vacuum_cost_page_hit = 1 # 0-10000 credits 132 | #vacuum_cost_page_miss = 10 # 0-10000 credits 133 | #vacuum_cost_page_dirty = 20 # 0-10000 credits 134 | #vacuum_cost_limit = 200 # 1-10000 credits 135 | 136 | # - Background Writer - 137 | 138 | #bgwriter_delay = 200ms # 10-10000ms between rounds 139 | #bgwriter_lru_maxpages = 100 # 0-1000 max buffers written/round 140 | #bgwriter_lru_multiplier = 2.0 # 0-10.0 multipler on buffers scanned/round 141 | 142 | # - Asynchronous Behavior - 143 | 144 | #effective_io_concurrency = 1 # 1-1000. 0 disables prefetching 145 | 146 | 147 | #------------------------------------------------------------------------------ 148 | # WRITE AHEAD LOG 149 | #------------------------------------------------------------------------------ 150 | 151 | # - Settings - 152 | 153 | #wal_level = minimal # minimal, archive, or hot_standby 154 | # (change requires restart) 155 | #fsync = on # turns forced synchronization on or off 156 | #synchronous_commit = on # synchronization level; on, off, or local 157 | #wal_sync_method = fsync # the default is the first option 158 | # supported by the operating system: 159 | # open_datasync 160 | # fdatasync (default on Linux) 161 | # fsync 162 | # fsync_writethrough 163 | # open_sync 164 | #full_page_writes = on # recover from partial page writes 165 | #wal_buffers = -1 # min 32kB, -1 sets based on shared_buffers 166 | # (change requires restart) 167 | #wal_writer_delay = 200ms # 1-10000 milliseconds 168 | 169 | #commit_delay = 0 # range 0-100000, in microseconds 170 | #commit_siblings = 5 # range 1-1000 171 | 172 | # - Checkpoints - 173 | 174 | #checkpoint_segments = 3 # in logfile segments, min 1, 16MB each 175 | #checkpoint_timeout = 5min # range 30s-1h 176 | #checkpoint_completion_target = 0.5 # checkpoint target duration, 0.0 - 1.0 177 | #checkpoint_warning = 30s # 0 disables 178 | 179 | # - Archiving - 180 | 181 | #archive_mode = off # allows archiving to be done 182 | # (change requires restart) 183 | #archive_command = '' # command to use to archive a logfile segment 184 | #archive_timeout = 0 # force a logfile segment switch after this 185 | # number of seconds; 0 disables 186 | 187 | 188 | #------------------------------------------------------------------------------ 189 | # REPLICATION 190 | #------------------------------------------------------------------------------ 191 | 192 | # - Master Server - 193 | 194 | # These settings are ignored on a standby server 195 | 196 | #max_wal_senders = 0 # max number of walsender processes 197 | # (change requires restart) 198 | #wal_sender_delay = 1s # walsender cycle time, 1-10000 milliseconds 199 | #wal_keep_segments = 0 # in logfile segments, 16MB each; 0 disables 200 | #vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed 201 | #replication_timeout = 60s # in milliseconds; 0 disables 202 | #synchronous_standby_names = '' # standby servers that provide sync rep 203 | # comma-separated list of application_name 204 | # from standby(s); '*' = all 205 | 206 | # - Standby Servers - 207 | 208 | # These settings are ignored on a master server 209 | 210 | #hot_standby = off # "on" allows queries during recovery 211 | # (change requires restart) 212 | #max_standby_archive_delay = 30s # max delay before canceling queries 213 | # when reading WAL from archive; 214 | # -1 allows indefinite delay 215 | #max_standby_streaming_delay = 30s # max delay before canceling queries 216 | # when reading streaming WAL; 217 | # -1 allows indefinite delay 218 | #wal_receiver_status_interval = 10s # send replies at least this often 219 | # 0 disables 220 | #hot_standby_feedback = off # send info from standby to prevent 221 | # query conflicts 222 | 223 | 224 | #------------------------------------------------------------------------------ 225 | # QUERY TUNING 226 | #------------------------------------------------------------------------------ 227 | 228 | # - Planner Method Configuration - 229 | 230 | #enable_bitmapscan = on 231 | #enable_hashagg = on 232 | #enable_hashjoin = on 233 | #enable_indexscan = on 234 | #enable_material = on 235 | #enable_mergejoin = on 236 | #enable_nestloop = on 237 | #enable_seqscan = on 238 | #enable_sort = on 239 | #enable_tidscan = on 240 | 241 | # - Planner Cost Constants - 242 | 243 | #seq_page_cost = 1.0 # measured on an arbitrary scale 244 | #random_page_cost = 4.0 # same scale as above 245 | #cpu_tuple_cost = 0.01 # same scale as above 246 | #cpu_index_tuple_cost = 0.005 # same scale as above 247 | #cpu_operator_cost = 0.0025 # same scale as above 248 | #effective_cache_size = 128MB 249 | 250 | # - Genetic Query Optimizer - 251 | 252 | #geqo = on 253 | #geqo_threshold = 12 254 | #geqo_effort = 5 # range 1-10 255 | #geqo_pool_size = 0 # selects default based on effort 256 | #geqo_generations = 0 # selects default based on effort 257 | #geqo_selection_bias = 2.0 # range 1.5-2.0 258 | #geqo_seed = 0.0 # range 0.0-1.0 259 | 260 | # - Other Planner Options - 261 | 262 | #default_statistics_target = 100 # range 1-10000 263 | #constraint_exclusion = partition # on, off, or partition 264 | #cursor_tuple_fraction = 0.1 # range 0.0-1.0 265 | #from_collapse_limit = 8 266 | #join_collapse_limit = 8 # 1 disables collapsing of explicit 267 | # JOIN clauses 268 | 269 | 270 | #------------------------------------------------------------------------------ 271 | # ERROR REPORTING AND LOGGING 272 | #------------------------------------------------------------------------------ 273 | 274 | # - Where to Log - 275 | 276 | #log_destination = 'stderr' # Valid values are combinations of 277 | # stderr, csvlog, syslog, and eventlog, 278 | # depending on platform. csvlog 279 | # requires logging_collector to be on. 280 | 281 | # This is used when logging to stderr: 282 | #logging_collector = off # Enable capturing of stderr and csvlog 283 | # into log files. Required to be on for 284 | # csvlogs. 285 | # (change requires restart) 286 | 287 | # These are only used if logging_collector is on: 288 | #log_directory = 'pg_log' # directory where log files are written, 289 | # can be absolute or relative to PGDATA 290 | #log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' # log file name pattern, 291 | # can include strftime() escapes 292 | #log_file_mode = 0600 # creation mode for log files, 293 | # begin with 0 to use octal notation 294 | #log_truncate_on_rotation = off # If on, an existing log file with the 295 | # same name as the new log file will be 296 | # truncated rather than appended to. 297 | # But such truncation only occurs on 298 | # time-driven rotation, not on restarts 299 | # or size-driven rotation. Default is 300 | # off, meaning append to existing files 301 | # in all cases. 302 | #log_rotation_age = 1d # Automatic rotation of logfiles will 303 | # happen after that time. 0 disables. 304 | #log_rotation_size = 10MB # Automatic rotation of logfiles will 305 | # happen after that much log output. 306 | # 0 disables. 307 | 308 | # These are relevant when logging to syslog: 309 | #syslog_facility = 'LOCAL0' 310 | #syslog_ident = 'postgres' 311 | 312 | #silent_mode = off # Run server silently. 313 | # DO NOT USE without syslog or 314 | # logging_collector 315 | # (change requires restart) 316 | 317 | 318 | # - When to Log - 319 | 320 | #client_min_messages = notice # values in order of decreasing detail: 321 | # debug5 322 | # debug4 323 | # debug3 324 | # debug2 325 | # debug1 326 | # log 327 | # notice 328 | # warning 329 | # error 330 | 331 | #log_min_messages = warning # values in order of decreasing detail: 332 | # debug5 333 | # debug4 334 | # debug3 335 | # debug2 336 | # debug1 337 | # info 338 | # notice 339 | # warning 340 | # error 341 | # log 342 | # fatal 343 | # panic 344 | 345 | #log_min_error_statement = error # values in order of decreasing detail: 346 | # debug5 347 | # debug4 348 | # debug3 349 | # debug2 350 | # debug1 351 | # info 352 | # notice 353 | # warning 354 | # error 355 | # log 356 | # fatal 357 | # panic (effectively off) 358 | 359 | #log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements 360 | # and their durations, > 0 logs only 361 | # statements running at least this number 362 | # of milliseconds 363 | 364 | 365 | # - What to Log - 366 | 367 | #debug_print_parse = off 368 | #debug_print_rewritten = off 369 | #debug_print_plan = off 370 | #debug_pretty_print = on 371 | #log_checkpoints = off 372 | #log_connections = off 373 | #log_disconnections = off 374 | #log_duration = off 375 | #log_error_verbosity = default # terse, default, or verbose messages 376 | #log_hostname = off 377 | log_line_prefix = '%t ' # special values: 378 | # %a = application name 379 | # %u = user name 380 | # %d = database name 381 | # %r = remote host and port 382 | # %h = remote host 383 | # %p = process ID 384 | # %t = timestamp without milliseconds 385 | # %m = timestamp with milliseconds 386 | # %i = command tag 387 | # %e = SQL state 388 | # %c = session ID 389 | # %l = session line number 390 | # %s = session start timestamp 391 | # %v = virtual transaction ID 392 | # %x = transaction ID (0 if none) 393 | # %q = stop here in non-session 394 | # processes 395 | # %% = '%' 396 | # e.g. '<%u%%%d> ' 397 | #log_lock_waits = off # log lock waits >= deadlock_timeout 398 | #log_statement = 'none' # none, ddl, mod, all 399 | #log_temp_files = -1 # log temporary files equal or larger 400 | # than the specified size in kilobytes; 401 | # -1 disables, 0 logs all temp files 402 | #log_timezone = '(defaults to server environment setting)' 403 | 404 | 405 | #------------------------------------------------------------------------------ 406 | # RUNTIME STATISTICS 407 | #------------------------------------------------------------------------------ 408 | 409 | # - Query/Index Statistics Collector - 410 | 411 | #track_activities = on 412 | #track_counts = on 413 | #track_functions = none # none, pl, all 414 | #track_activity_query_size = 1024 # (change requires restart) 415 | #update_process_title = on 416 | #stats_temp_directory = 'pg_stat_tmp' 417 | 418 | 419 | # - Statistics Monitoring - 420 | 421 | #log_parser_stats = off 422 | #log_planner_stats = off 423 | #log_executor_stats = off 424 | #log_statement_stats = off 425 | 426 | 427 | #------------------------------------------------------------------------------ 428 | # AUTOVACUUM PARAMETERS 429 | #------------------------------------------------------------------------------ 430 | 431 | #autovacuum = on # Enable autovacuum subprocess? 'on' 432 | # requires track_counts to also be on. 433 | #log_autovacuum_min_duration = -1 # -1 disables, 0 logs all actions and 434 | # their durations, > 0 logs only 435 | # actions running at least this number 436 | # of milliseconds. 437 | #autovacuum_max_workers = 3 # max number of autovacuum subprocesses 438 | # (change requires restart) 439 | #autovacuum_naptime = 1min # time between autovacuum runs 440 | #autovacuum_vacuum_threshold = 50 # min number of row updates before 441 | # vacuum 442 | #autovacuum_analyze_threshold = 50 # min number of row updates before 443 | # analyze 444 | #autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum 445 | #autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze 446 | #autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum 447 | # (change requires restart) 448 | #autovacuum_vacuum_cost_delay = 20ms # default vacuum cost delay for 449 | # autovacuum, in milliseconds; 450 | # -1 means use vacuum_cost_delay 451 | #autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for 452 | # autovacuum, -1 means use 453 | # vacuum_cost_limit 454 | 455 | 456 | #------------------------------------------------------------------------------ 457 | # CLIENT CONNECTION DEFAULTS 458 | #------------------------------------------------------------------------------ 459 | 460 | # - Statement Behavior - 461 | 462 | #search_path = '"$user",public' # schema names 463 | #default_tablespace = '' # a tablespace name, '' uses the default 464 | #temp_tablespaces = '' # a list of tablespace names, '' uses 465 | # only default tablespace 466 | #check_function_bodies = on 467 | #default_transaction_isolation = 'read committed' 468 | #default_transaction_read_only = off 469 | #default_transaction_deferrable = off 470 | #session_replication_role = 'origin' 471 | #statement_timeout = 0 # in milliseconds, 0 is disabled 472 | #vacuum_freeze_min_age = 50000000 473 | #vacuum_freeze_table_age = 150000000 474 | #bytea_output = 'hex' # hex, escape 475 | #xmlbinary = 'base64' 476 | #xmloption = 'content' 477 | 478 | # - Locale and Formatting - 479 | 480 | datestyle = 'iso, mdy' 481 | #intervalstyle = 'postgres' 482 | #timezone = '(defaults to server environment setting)' 483 | #timezone_abbreviations = 'Default' # Select the set of available time zone 484 | # abbreviations. Currently, there are 485 | # Default 486 | # Australia 487 | # India 488 | # You can create your own file in 489 | # share/timezonesets/. 490 | #extra_float_digits = 0 # min -15, max 3 491 | #client_encoding = sql_ascii # actually, defaults to database 492 | # encoding 493 | 494 | # These settings are initialized by initdb, but they can be changed. 495 | lc_messages = 'en_US.utf8' # locale for system error message 496 | # strings 497 | lc_monetary = 'en_US.utf8' # locale for monetary formatting 498 | lc_numeric = 'en_US.utf8' # locale for number formatting 499 | lc_time = 'en_US.utf8' # locale for time formatting 500 | 501 | # default configuration for text search 502 | default_text_search_config = 'pg_catalog.english' 503 | 504 | # - Other Defaults - 505 | 506 | #dynamic_library_path = '$libdir' 507 | #local_preload_libraries = '' 508 | 509 | 510 | #------------------------------------------------------------------------------ 511 | # LOCK MANAGEMENT 512 | #------------------------------------------------------------------------------ 513 | 514 | #deadlock_timeout = 1s 515 | #max_locks_per_transaction = 64 # min 10 516 | # (change requires restart) 517 | # Note: Each lock table slot uses ~270 bytes of shared memory, and there are 518 | # max_locks_per_transaction * (max_connections + max_prepared_transactions) 519 | # lock table slots. 520 | #max_pred_locks_per_transaction = 64 # min 10 521 | # (change requires restart) 522 | 523 | #------------------------------------------------------------------------------ 524 | # VERSION/PLATFORM COMPATIBILITY 525 | #------------------------------------------------------------------------------ 526 | 527 | # - Previous PostgreSQL Versions - 528 | 529 | #array_nulls = on 530 | #backslash_quote = safe_encoding # on, off, or safe_encoding 531 | #default_with_oids = off 532 | #escape_string_warning = on 533 | #lo_compat_privileges = off 534 | #quote_all_identifiers = off 535 | #sql_inheritance = on 536 | #standard_conforming_strings = on 537 | #synchronize_seqscans = on 538 | 539 | # - Other Platforms and Clients - 540 | 541 | #transform_null_equals = off 542 | 543 | 544 | #------------------------------------------------------------------------------ 545 | # ERROR HANDLING 546 | #------------------------------------------------------------------------------ 547 | 548 | #exit_on_error = off # terminate session on any error? 549 | #restart_after_crash = on # reinitialize after backend crash? 550 | 551 | 552 | #------------------------------------------------------------------------------ 553 | # CUSTOMIZED OPTIONS 554 | #------------------------------------------------------------------------------ 555 | 556 | #custom_variable_classes = '' # list of custom variable class names -------------------------------------------------------------------------------- /devops/templates/sudoers: -------------------------------------------------------------------------------- 1 | 2 | # 3 | # This file MUST be edited with the 'visudo' command as root. 4 | # 5 | # Please consider adding local content in /etc/sudoers.d/ instead of 6 | # directly modifying this file. 7 | # 8 | # See the man page for details on how to write a sudoers file. 9 | # 10 | Defaults env_reset 11 | Defaults exempt_group=admin 12 | 13 | # Host alias specification 14 | 15 | # User alias specification 16 | 17 | # Cmnd alias specification 18 | 19 | # User privilege specification 20 | root ALL=(ALL:ALL) ALL 21 | 22 | # Members of the admin group may gain root privileges 23 | %admin ALL=(ALL) NOPASSWD:ALL 24 | 25 | # Allow members of group sudo to execute any command 26 | %sudo ALL=(ALL:ALL) ALL 27 | 28 | #includedir /etc/sudoers.d 29 | -------------------------------------------------------------------------------- /devops/templates/supervisor.ini: -------------------------------------------------------------------------------- 1 | [program:{{ app_name }}] 2 | command=/usr/local/bin/uwsgi 3 | --socket /tmp/{{ app_name }}.sock 4 | --logto {{ webapps_dir }}/{{ app_name }}/log/application.log 5 | --home {{ webapps_dir }}/{{ app_name }}/venv 6 | --pythonpath {{ webapps_dir }}/{{ app_name }}/src 7 | --wsgi-file {{ webapps_dir }}/{{ app_name }}/src/{{ wsgi_file }} 8 | --callable {{ wsgi_callable }} 9 | --max-requests 1000 10 | --master 11 | --processes 1 12 | --chmod 13 | directory={{ webapps_dir }}/{{ app_name }}/src 14 | autostart=true 15 | autorestart=true -------------------------------------------------------------------------------- /devops/templates/supervisord.conf: -------------------------------------------------------------------------------- 1 | ; Sample supervisor config file. 2 | 3 | [unix_http_server] 4 | file=/tmp/supervisor.sock ; (the path to the socket file) 5 | ;chmod=0700 ; socket file mode (default 0700) 6 | ;chown=nobody:nogroup ; socket file uid:gid owner 7 | ;username=user ; (default is no username (open server)) 8 | ;password=123 ; (default is no password (open server)) 9 | 10 | ;[inet_http_server] ; inet (TCP) server disabled by default 11 | ;port=127.0.0.1:9001 ; (ip_address:port specifier, *:port for all iface) 12 | ;username=user ; (default is no username (open server)) 13 | ;password=123 ; (default is no password (open server)) 14 | 15 | [supervisord] 16 | logfile=/var/log/supervisord.log ; (main log file;default $CWD/supervisord.log) 17 | logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB) 18 | logfile_backups=10 ; (num of main logfile rotation backups;default 10) 19 | loglevel=info ; (log level;default info; others: debug,warn,trace) 20 | pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) 21 | nodaemon=false ; (start in foreground if true;default false) 22 | minfds=1024 ; (min. avail startup file descriptors;default 1024) 23 | minprocs=200 ; (min. avail process descriptors;default 200) 24 | ;umask=022 ; (process file creation umask;default 022) 25 | ;user=chrism ; (default is current user, required if root) 26 | ;identifier=supervisor ; (supervisord identifier, default is 'supervisor') 27 | ;directory=/tmp ; (default is not to cd during start) 28 | ;nocleanup=true ; (don't clean up tempfiles at start;default false) 29 | ;childlogdir=/tmp ; ('AUTO' child log dir, default $TEMP) 30 | ;environment=KEY=value ; (key value pairs to add to environment) 31 | ;strip_ansi=false ; (strip ansi escape codes in logs; def. false) 32 | 33 | ; the below section must remain in the config file for RPC 34 | ; (supervisorctl/web interface) to work, additional interfaces may be 35 | ; added by defining them in separate rpcinterface: sections 36 | [rpcinterface:supervisor] 37 | supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface 38 | 39 | [supervisorctl] 40 | serverurl=unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket 41 | ;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket 42 | ;username=chris ; should be same as http_username if set 43 | ;password=123 ; should be same as http_password if set 44 | ;prompt=mysupervisor ; cmd line prompt (default "supervisor") 45 | ;history_file=~/.sc_history ; use readline history if available 46 | 47 | ; The below sample program section shows all possible program subsection values, 48 | ; create one or more 'real' program: sections to be able to control them under 49 | ; supervisor. 50 | 51 | ;[program:theprogramname] 52 | ;command=/bin/cat ; the program (relative uses PATH, can take args) 53 | ;process_name=%(program_name)s ; process_name expr (default %(program_name)s) 54 | ;numprocs=1 ; number of processes copies to start (def 1) 55 | ;directory=/tmp ; directory to cwd to before exec (def no cwd) 56 | ;umask=022 ; umask for process (default None) 57 | ;priority=999 ; the relative start priority (default 999) 58 | ;autostart=true ; start at supervisord start (default: true) 59 | ;autorestart=true ; retstart at unexpected quit (default: true) 60 | ;startsecs=10 ; number of secs prog must stay running (def. 1) 61 | ;startretries=3 ; max # of serial start failures (default 3) 62 | ;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2) 63 | ;stopsignal=QUIT ; signal used to kill process (default TERM) 64 | ;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10) 65 | ;user=chrism ; setuid to this UNIX account to run the program 66 | ;redirect_stderr=true ; redirect proc stderr to stdout (default false) 67 | ;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO 68 | ;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) 69 | ;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10) 70 | ;stdout_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0) 71 | ;stdout_events_enabled=false ; emit events on stdout writes (default false) 72 | ;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO 73 | ;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) 74 | ;stderr_logfile_backups=10 ; # of stderr logfile backups (default 10) 75 | ;stderr_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0) 76 | ;stderr_events_enabled=false ; emit events on stderr writes (default false) 77 | ;environment=A=1,B=2 ; process environment additions (def no adds) 78 | ;serverurl=AUTO ; override serverurl computation (childutils) 79 | 80 | ; The below sample eventlistener section shows all possible 81 | ; eventlistener subsection values, create one or more 'real' 82 | ; eventlistener: sections to be able to handle event notifications 83 | ; sent by supervisor. 84 | 85 | ;[eventlistener:theeventlistenername] 86 | ;command=/bin/eventlistener ; the program (relative uses PATH, can take args) 87 | ;process_name=%(program_name)s ; process_name expr (default %(program_name)s) 88 | ;numprocs=1 ; number of processes copies to start (def 1) 89 | ;events=EVENT ; event notif. types to subscribe to (req'd) 90 | ;buffer_size=10 ; event buffer queue size (default 10) 91 | ;directory=/tmp ; directory to cwd to before exec (def no cwd) 92 | ;umask=022 ; umask for process (default None) 93 | ;priority=-1 ; the relative start priority (default -1) 94 | ;autostart=true ; start at supervisord start (default: true) 95 | ;autorestart=unexpected ; restart at unexpected quit (default: unexpected) 96 | ;startsecs=10 ; number of secs prog must stay running (def. 1) 97 | ;startretries=3 ; max # of serial start failures (default 3) 98 | ;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2) 99 | ;stopsignal=QUIT ; signal used to kill process (default TERM) 100 | ;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10) 101 | ;user=chrism ; setuid to this UNIX account to run the program 102 | ;redirect_stderr=true ; redirect proc stderr to stdout (default false) 103 | ;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO 104 | ;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) 105 | ;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10) 106 | ;stdout_events_enabled=false ; emit events on stdout writes (default false) 107 | ;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO 108 | ;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) 109 | ;stderr_logfile_backups ; # of stderr logfile backups (default 10) 110 | ;stderr_events_enabled=false ; emit events on stderr writes (default false) 111 | ;environment=A=1,B=2 ; process environment additions 112 | ;serverurl=AUTO ; override serverurl computation (childutils) 113 | 114 | ; The below sample group section shows all possible group values, 115 | ; create one or more 'real' group: sections to create "heterogeneous" 116 | ; process groups. 117 | 118 | ;[group:thegroupname] 119 | ;programs=progname1,progname2 ; each refers to 'x' in [program:x] definitions 120 | ;priority=999 ; the relative start priority (default 999) 121 | 122 | ; The [include] section can just contain the "files" setting. This 123 | ; setting can list multiple files (separated by whitespace or 124 | ; newlines). It can also contain wildcards. The filenames are 125 | ; interpreted as relative to this file. Included files *cannot* 126 | ; include files themselves. 127 | 128 | [include] 129 | files = /etc/supervisor/* -------------------------------------------------------------------------------- /devops/templates/supervisord.sh: -------------------------------------------------------------------------------- 1 | # Supervisord auto-start 2 | # 3 | # description: Auto-starts supervisord 4 | # processname: supervisord 5 | # pidfile: /var/run/supervisord.pid 6 | 7 | PATH=/sbin:/usr/sbin:/bin:/usr/bin 8 | NAME=supervisord 9 | DESC="supervisod is a system for controlling process state" 10 | SUPERVISORD=/usr/local/bin/supervisord 11 | SUPERVISORCTL=/usr/local/bin/supervisorctl 12 | SCRIPTNAME=/etc/init.d/$NAME 13 | 14 | 15 | # Read configuration variable file if it is present 16 | [ -r /etc/default/$NAME ] && . /etc/default/$NAME 17 | 18 | # Load the VERBOSE setting and other rcS variables 19 | . /lib/init/vars.sh 20 | 21 | # Define LSB log_* functions. 22 | # Depend on lsb-base (>= 3.2-14) to ensure that this file is present 23 | # and status_of_proc is working. 24 | . /lib/lsb/init-functions 25 | 26 | 27 | do_start() 28 | { 29 | # Return 30 | # 0 if daemon has been started 31 | # 1 if daemon was already running 32 | # 2 if daemon could not be started 33 | 34 | if $SUPERVISORCTL status | grep -q "unix:///tmp/supervisor.sock no such file"; then 35 | $SUPERVISORD 36 | echo "supervisord started successfully" 37 | return 0 38 | fi 39 | 40 | if $SUPERVISORCTL status | grep -qv "unix:///tmp/supervisor.sock no such file"; then 41 | echo "supervisord is already running" 42 | return 1 43 | fi 44 | 45 | echo "could not start supervisord" 46 | return 2 47 | } 48 | 49 | do_stop() { 50 | # Return 51 | # 0 if daemon has been stopped 52 | # 1 if daemon was already stopped 53 | # 2 if daemon could not be stopped 54 | # other if a failure occurred 55 | if $SUPERVISORCTL status | grep -q "unix:///tmp/supervisor.sock no such file"; then 56 | echo "supervisord already stopped" 57 | return 1 58 | else 59 | if $SUPERVISORCTL shutdown | grep -q "Shut down"; then 60 | while $SUPERVISORCTL shutdown | grep -q "already shutting down" 61 | do 62 | sleep 1 63 | done 64 | echo 'supervisor shutdown successfully' 65 | return 0 66 | else 67 | echo "could not stop supervisord" 68 | return 2 69 | fi 70 | fi 71 | } 72 | 73 | do_status() { 74 | if $SUPERVISORCTL status; then 75 | $SUPERVISORCTL status 76 | echo 77 | return 3 78 | fi 79 | } 80 | 81 | case "$1" in 82 | start) 83 | [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" 84 | do_start 85 | case "$?" in 86 | 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; 87 | 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; 88 | esac 89 | ;; 90 | stop) 91 | [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" 92 | do_stop 93 | case "$?" in 94 | 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; 95 | 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; 96 | esac 97 | ;; 98 | status) 99 | do_status 100 | exit $? 101 | ;; 102 | restart|force-reload) 103 | # 104 | # If the "reload" option is implemented then remove the 105 | # 'force-reload' alias 106 | # 107 | log_daemon_msg "Restarting $NAME" 108 | do_stop 109 | case "$?" in 110 | 0|1) 111 | do_start 112 | case "$?" in 113 | 0) log_end_msg 0 ;; 114 | 1) log_end_msg 1 ;; # Old process is still running 115 | *) log_end_msg 1 ;; # Failed to start 116 | esac 117 | ;; 118 | *) 119 | # Failed to stop 120 | log_end_msg 1 121 | ;; 122 | esac 123 | ;; 124 | *) 125 | echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2 126 | exit 3 127 | ;; 128 | esac 129 | 130 | : -------------------------------------------------------------------------------- /devops/webserver.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - hosts: webservers 4 | user: vagrant 5 | sudo: True 6 | 7 | tasks: 8 | - name: update apt 9 | action: command /usr/bin/apt-get update 10 | 11 | - name: install python-software-properties 12 | action: apt pkg=python-software-properties state=present 13 | 14 | - name: add nginx ppa 15 | action: apt_repository repo=ppa:nginx/stable state=present 16 | 17 | - name: install web server packages 18 | action: apt pkg=$item state=installed 19 | with_items: 20 | - build-essential 21 | - python2.6-dev 22 | - libpq-dev 23 | - libmysqlclient-dev 24 | - libxml2-dev 25 | - libjpeg62 26 | - libjpeg62-dev 27 | - libfreetype6 28 | - libfreetype6-dev 29 | - zlib1g-dev 30 | - mysql-client 31 | - python-dev 32 | - python-setuptools 33 | - python-imaging 34 | - python-mysqldb 35 | - python-psycopg2 36 | - git 37 | - nginx 38 | 39 | - name: install pip 40 | action: easy_install name=pip 41 | 42 | - name: install various libraries with pip 43 | action: pip name=$item state=present 44 | with_items: 45 | - virtualenv 46 | - supervisor 47 | - uwsgi 48 | 49 | - name: remove default nginx site 50 | action: file path=/etc/nginx/sites-enabled/default state=absent 51 | 52 | - name: write nginx.conf 53 | action: template src=templates/nginx.conf dest=/etc/nginx/nginx.conf 54 | 55 | - name: create supervisord config folder 56 | action: file dest=/etc/supervisor state=directory owner=root 57 | 58 | - name: create supervisord config 59 | action: template src=templates/supervisord.conf dest=/etc/supervisord.conf 60 | 61 | - name: create supervisord init script 62 | action: template src=templates/supervisord.sh dest=/etc/init.d/supervisord mode=0755 63 | 64 | - name: start supervisord service and have it run during system startup 65 | action: service name=supervisord state=started enabled=yes 66 | 67 | - name: create webapps directory 68 | action: file dest=/srv/webapps state=directory -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | Flask==0.9 2 | Flask-SQLAlchemy==0.16 3 | psycopg2==2.4.5 -------------------------------------------------------------------------------- /templates/index.html: -------------------------------------------------------------------------------- 1 |

Users

2 | --------------------------------------------------------------------------------