`
250 |
251 | Drupsible will then present proper credentials to the Git server when the codebase needs to be cloned or checked out.
252 |
--------------------------------------------------------------------------------
/Vagrantfile.default:
--------------------------------------------------------------------------------
1 | # -*- mode: ruby -*-
2 | # vi: set ft=ruby :
3 |
4 | #
5 | # Drupsible Vagrantfile
6 | #
7 | require 'yaml'
8 |
9 | # Vagrantfile API/syntax version.
10 | VAGRANTFILE_API_VERSION = "2"
11 |
12 | # Minimum Vagrant version required
13 | Vagrant.require_version ">= 1.8.1"
14 |
15 | def fail_with_message(msg)
16 | fail Vagrant::Errors::VagrantError.new, msg
17 | end
18 |
19 | def key_has_passphrase(private_key_filename)
20 | return File.open(private_key_filename).grep(/ENCRYPTED/)
21 | end
22 |
23 | # Load settings from YAML files
24 | if File.exists?"vagrant.yml"
25 | settings = YAML.load_file 'vagrant.yml'
26 | else
27 | fail_with_message "vagrant.yml is not found. Please copy vagrant.\
28 | .yml.default to vagrant.yml, and customize it for your needs."
29 | end
30 |
31 | HOSTS = settings['hosts']
32 | APPS = settings['apps']
33 |
34 | # Proactive fix of http://stackoverflow.com/a/40521433
35 | if Vagrant::VERSION == "1.8.7"
36 | if File.exists? "/opt/vagrant/embedded/bin/curl"
37 | if system "vagrant box list | grep -v " + HOSTS['box'] + " > /dev/null 2>&1"
38 | puts "There is a knwon bug that may affect your Vagrant setup \
39 | (http://stackoverflow.com/a/40521433)."
40 | puts "If the " + HOSTS['box'] + " box cannot be downloaded, you may want to \
41 | remove the curl version shipped with Vagrant:"
42 | puts "You can do this by typing sudo rm /opt/vagrant/embedded/bin/curl"
43 | end
44 | end
45 | end
46 |
47 | key_home_dir = "/home/vagrant"
48 | # Default SSH private key file (on the host)
49 | private_key_file = Dir.home + "/.ssh/id_rsa"
50 |
51 | HOSTS.each do |host|
52 | huplugin = {}
53 |
54 | # Decide the Fully Qualified Domain Name for the host
55 | if APPS.length < 2
56 | host['fqdn'] = host['name'] + '.' + host['domain']
57 | else
58 | host['fqdn'] = 'drupsible.multi.app'
59 | end
60 |
61 | # Prepare vagrant-hostsupdater with a legend containing the FQDN
62 | unless host['ip_addr'].to_s.empty?
63 | huplugin = { :name => "vagrant-hostsupdater", :version => ">= 1.0.2", :legend => host['ip_addr'] + ' ' + host['fqdn'] }
64 | end
65 |
66 | # Install vagrant-hostsupdater if any IP is static
67 | unless ARGV[0] == "destroy" or ARGV[0] == "halt" or ARGV[0] == "suspend"
68 | unless huplugin.empty? or Vagrant.has_plugin?(huplugin[:name], huplugin[:version])
69 | system "echo The hostsupdater plugin enables Drupsible to update /etc/hosts with ie.,"
70 | system "echo \"#{huplugin[:legend]}\""
71 | system "echo This makes your website in the guest VM accessible from your host's browser."
72 | system "echo Drupsible will now proceed to its installation (one-time only)."
73 | system "vagrant plugin install --plugin-version '#{huplugin[:version]}' #{huplugin[:name]}"
74 | end
75 | end
76 | end
77 |
78 | # Windows-only SMB mount credentials
79 | if Vagrant::Util::Platform.windows?
80 | if ARGV[0].eql?'up'
81 | username=ENV['USERNAME']
82 | if not defined? ENV['SMB_PASSWORD']
83 | puts "In order to sync folders on Windows, Vagrant requires your real \
84 | Windows credentials upon vagrant up."
85 | print "Enter username (Hit enter for " + username + "): "
86 | STDOUT.flush
87 | username_entered = STDIN.gets.chomp
88 | if username_entered != ""
89 | username=username_entered
90 | end
91 | # 8m is the control code to hide characters
92 | print "Enter password (hidden): \e[0;8m"
93 | STDOUT.flush
94 | password = STDIN.gets.chomp
95 | # 0m is the control code to reset formatting attributes
96 | puts "\e[0m"
97 | STDOUT.flush
98 | else
99 | password=ENV['SMB_PASSWORD']
100 | end
101 | end
102 | end
103 |
104 | #
105 | # Vagrant configuration main
106 | #
107 | Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
108 |
109 | if Vagrant::Util::Platform.windows?
110 | config.vm.synced_folder '', '/vagrant',
111 | type: 'smb',
112 | owner: 'vagrant',
113 | group: 'vagrant',
114 | mount_options: ["mfsymlinks,dir_mode=0775,file_mode=0664"],
115 | smb_username: username,
116 | smb_password: password
117 | end
118 |
119 | HOSTS.each do |host|
120 |
121 | config.vm.define host['name'] do |machine|
122 | machine.vm.box = host['box']
123 | machine.vm.box_url = host['box_url']
124 | machine.vm.guest = host['guest_distro']
125 |
126 | # Virtualbox
127 | machine.vm.provider "virtualbox" do |vb|
128 | vb.gui = host['gui']
129 | vb.memory = host['ram']
130 | # Configure misc settings
131 | vb.customize ['modifyvm', :id,
132 | '--rtcuseutc', 'on',
133 | '--natdnshostresolver1', 'on',
134 | '--nictype1', 'virtio',
135 | '--nictype2', 'virtio']
136 | vb.customize ["modifyvm", :id, "--pae", host['pae']]
137 | vb.customize ["modifyvm", :id, "--acpi", host['acpi']]
138 | vb.customize ["modifyvm", :id, "--ioapic", host['ioapic']]
139 | vb.customize ["modifyvm", :id, "--chipset", host['chipset']]
140 | end
141 |
142 | # VMWare
143 | machine.vm.provider "vmware_fusion" do |vmw, o|
144 | o.vm.box = host['box']
145 | o.vm.guest = host['guest_distro']
146 | vmw.gui = host['gui']
147 | vmw.vmx["memsize"] = host['ram']
148 | end
149 |
150 | # Parallels
151 | machine.vm.provider "parallels" do |p, o|
152 | o.vm.box = host['box']
153 | o.vm.guest = host['guest_distro']
154 | p.memory = host['ram']
155 | p.update_guest_tools = true
156 | end
157 |
158 | if host['ip_addr'].to_s.empty?
159 | machine.vm.network 'public_network', type: 'dhcp'
160 | else
161 | machine.vm.network 'private_network', ip: host['ip_addr'], netmask: host['netmask']
162 | end
163 |
164 | machine.vm.hostname = host['fqdn']
165 |
166 | # Prevent annoying "stdin: not a tty" errors
167 | config.ssh.shell = "bash -c 'BASH_ENV=/etc/profile exec bash'"
168 |
169 | # SSH setup
170 | # Vagrant >= 1.7.0 defaults to using a randomly generated RSA key.
171 | # We need to disable this in order to pass the correct identity from host to guest.
172 | config.ssh.insert_key = false
173 |
174 | # Allow identities to be passed from host to guest.
175 | # ssh-agent must be running on the host, the private keys loaded with ssh-add
176 | config.ssh.forward_agent = true
177 |
178 | # This allows SSH agent forwarding to work with sudo, if needed.
179 | # (allows root user to know vagrant user SSH agent socket).
180 | machine.vm.provision "sudoers",
181 | :type => "shell",
182 | :inline => <<-SH_SD.gsub(/^\s+/, '')
183 | echo "# Added by Drupsible Vagrantfile, to forward the SSH agent to the root user" >> /etc/sudoers
184 | echo "Defaults env_keep+=SSH_AUTH_SOCK" >> /etc/sudoers
185 | SH_SD
186 |
187 | # Copy the unencrypted private key file to the guest.
188 | # Note that the dest path names need to have those names (only the
189 | # source private key file may be configurable).
190 | if ARGV[0].eql?'up' or ARGV[0].eql?'provision'
191 | if defined? host['sshkey']
192 | private_key_file = File.expand_path(host['sshkey'])
193 | end
194 | end
195 | unless File.exists?(private_key_file) or
196 | key_has_passphrase(private_key_file)
197 | machine.vm.provision "provision-private-key",
198 | :type => "file",
199 | :source => "#{private_key_file}",
200 | :destination => "/#{key_home_dir}/.ssh/id_rsa"
201 |
202 | machine.vm.provision "provision-public-key",
203 | :type => "file",
204 | :source => "#{private_key_file}.pub",
205 | :destination => "/#{key_home_dir}/.ssh/id_rsa.pub"
206 |
207 | # Fixing permissions.
208 | machine.vm.provision "chmod-key",
209 | :type => "shell",
210 | :privileged => false,
211 | :inline => "chmod 600 /#{key_home_dir}/.ssh/id_rsa"
212 | end
213 |
214 | # Run Ansible playbooks only from the controller machine
215 | if host['is_controller']
216 |
217 | machine.vm.provision "drupsible", type: "shell" do |sh|
218 | sh.path = "scripts/drupsible-provision.sh"
219 | end
220 |
221 | machine.vm.provision "shortcuts", type: "shell",
222 | inline: 'cat /vagrant/scripts/shortcuts.sh >> /home/vagrant/.profile'
223 |
224 | # Config-deploy each of the apps
225 | APPS.each do |app|
226 | machine.vm.provision "alias", type: "shell",
227 | inline: 'sed "s|pitiribi|' + app['name'] + '|g" /vagrant/scripts/app-aliases.sh >> /home/vagrant/.profile'
228 |
229 | # Run config-deploy.yml playbook
230 | machine.vm.provision "playbooks", type: "shell" do |sh|
231 | sh.path = "scripts/drupsible-deploy.sh"
232 | sh.args = [ app['name'], "local", ENV['DEPLOY_ARGS'].to_s, ENV['TAGS'].to_s, ENV['SKIP_TAGS'].to_s, host['fqdn'], host['ip_addr'].to_s ]
233 | sh.privileged = false
234 | sh.keep_color = true
235 | end
236 | end # APPS-each
237 | end # if controller
238 | end # config machine
239 | end # HOSTS-each
240 | end
241 |
--------------------------------------------------------------------------------
/ansible.cfg.default:
--------------------------------------------------------------------------------
1 | [defaults]
2 | log_path=./drupsible.log
3 |
4 | [ssh_connection]
5 | # Enable this to authenticate against external services (like Github).
6 | # Remember to SSH the controller also with ForwardAgent=yes.
7 | ssh_args = -o ForwardAgent=yes -o ControlMaster=auto -o ControlPersist=30m
8 | pipelining=True
9 |
--------------------------------------------------------------------------------
/ansible/inventory/app_name-local:
--------------------------------------------------------------------------------
1 | #
2 | # Local
3 | #
4 | localhost ansible_connection=local
5 |
6 | [app_name:children]
7 | app_name-local
8 |
9 | [app_name-local:children]
10 | app_name-local_mysql
11 | app_name-local_deploy
12 | app_name-local_varnish
13 |
14 | [app_name-local_varnish]
15 | localhost
16 |
17 | [app_name-local_deploy]
18 | localhost
19 |
20 | [app_name-local_mysql]
21 | localhost
22 |
23 | [app_name:vars]
24 | app_target=local
25 | app_webhost=local
26 | app_webdomain=example.com
27 |
--------------------------------------------------------------------------------
/ansible/inventory/group_vars.default/app_name-local/all.yml:
--------------------------------------------------------------------------------
1 | ---
2 | #
3 | # Configuration file for ALL servers of the LOCAL environment.
4 | #
5 | app_aliases: []
6 | app_user: 'vagrant'
7 |
8 | # Add Vagrant to the default groups defined in debops.sshd
9 | sshd__allow_groups: [ 'vagrant' , 'root', 'admins', 'sshusers', 'sftponly' ]
10 | # Allow Vagrant subnet to connect
11 | sshd__whitelist: [ '10.0.2.0/24' ]
12 |
13 | # Disabled ferm (firewall) in local, to speed up provisioning
14 | app_ferm_enabled: no
15 | # Disabled tcpwrappers (/etc/hosts.deny|allow) in local, to speed up provisioning
16 | app_tcpwrappers_enabled: no
17 |
--------------------------------------------------------------------------------
/ansible/inventory/group_vars.default/app_name-local/deploy.yml:
--------------------------------------------------------------------------------
1 | ---
2 | #
3 | # Configuration file for the deploy/webserver group of the LOCAL environment.
4 | #
5 |
6 | # Reset admin password in local
7 | deploy_reset_admin_pass: yes
8 |
9 | # Always devel enabled
10 | deploy_modules_present_env: [ 'devel' ]
11 | # Always cdn disabled
12 | deploy_modules_absent_env: [ 'cdn' ]
13 | # Xdebug extension enabled
14 | deploy_xdebug_enabled: yes
15 |
16 | # PHP development settings, YAY!
17 | php5_max_execution_time: '0'
18 | php5_max_input_time: '-1'
19 |
20 | # SQLite added in local for Drupal Console
21 | php__packages:
22 | # Add xml in Xenial if you need PECL (like when downgrading to PHP 5.6)
23 | #- xml
24 | - php-pear
25 | - php-soap
26 | - gmp
27 | - mysqlnd
28 | - sqlite
29 |
30 | # No New Relic in local
31 | apache2_mod_php5_packages_ontop:
32 | - php-pear
33 | - php-soap
34 | - php5-curl
35 | - php5-gd
36 | - php5-gmp
37 | - php5-mcrypt
38 | - php5-memcache
39 | - php5-mysqlnd
40 | - imagemagick
41 |
42 | # Default to NOT update translations in local
43 | deploy_update_translations_enabled: False
44 |
--------------------------------------------------------------------------------
/ansible/inventory/group_vars.default/app_name-local/ops-features.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
--------------------------------------------------------------------------------
/ansible/inventory/group_vars.default/app_name-local/varnish.yml:
--------------------------------------------------------------------------------
1 | ---
2 | #
3 | # Configuration file for the Varnish group of the LOCAL environment.
4 | #
5 |
6 | # Backend default parameters
7 | varnish_be_connect_timeout: 10s
8 | varnish_be_first_byte_timeout: 60s
9 | varnish_be_between_bytes_timeout: 10s
10 | # Probe default parameters
11 | varnish_be_probe_interval: 60s
12 | varnish_be_probe_threshold: 2
13 | varnish_be_probe_initial: 1
14 |
15 | varnish_development_enabled: yes
16 | varnish_cache_static_files_enabled: no
17 |
--------------------------------------------------------------------------------
/ansible/inventory/group_vars.default/app_name/all.yml:
--------------------------------------------------------------------------------
1 | ---
2 | #
3 | # Configuration file for ALL servers in ALL the environments.
4 | #
5 | # The web application name, used as identifier in many contexts
6 | # Set by configure.sh
7 | app_name: example-project
8 | # Drupal major version, 7 or 8
9 | # Set by configure.sh
10 | app_drupal_version: '8'
11 |
12 | # String to identify the build based on today's date like 20201224_1824
13 | app_build_id: "{{ ansible_date_time['year'] }}{{ ansible_date_time['month'] }}{{ ansible_date_time['day'] }}_{{ ansible_date_time['hour'] }}{{ ansible_date_time['minute'] }}"
14 |
15 | # OS username
16 | # Set by configure.sh
17 | app_user: example-project
18 | # OS group. This group needs to match apache2 group
19 | app_group: www-data
20 | # Add the website's other internet domains, as needed
21 | app_server_aliases:
22 | - "{{ app_webdomain }}"
23 | # Listen socket for PHP-FPM to communicate with Apache2
24 | app_fpm_listen_uds: '/var/run/php-fpm-{{ app_name }}.sock'
25 | # Listen port for PHP-FPM to communicate with Apache2. Socket is faster, but
26 | # only available on Apache 2.4.10+
27 | app_fpm_listen: '127.0.0.1:9000'
28 | # Website administrator's email
29 | app_admin_email: "admin@{{ app_webdomain }}"
30 | # DB name
31 | app_db_name: "{{ app_name }}"
32 | # DU username. MySQL limits this value to 16 chars.
33 | app_db_user: "{{ app_name|truncate(16) }}"
34 | # Should Drupsible create a new DB for the build DB
35 | app_db_create_for_build_enabled: False
36 | # Should Drupsible setup and configure memcached?
37 | app_memcache_storage_enabled: "{{ 'memcache_storage' in (deploy_modules_present_app + deploy_modules_present_env + deploy_drupal7_projects_base|d([]) + deploy_drupal7_projects|d([]) + deploy_drupal8_projects_base|d([]) + deploy_drupal8_projects|d([]) ) }}"
38 | app_memcache_enabled: "{{ 'memcache' in (deploy_modules_present_app + deploy_modules_present_env + deploy_drupal7_projects_base|d([]) + deploy_drupal7_projects|d([]) + deploy_drupal8_projects_base|d([]) + deploy_drupal8_projects|d([]) ) }}"
39 | app_memcached_enabled: "{{ app_memcache_storage_enabled or app_memcache_enabled }}"
40 | # Should Drupsible setup everything for the website to be accessed with https?
41 | app_https_enabled: no
42 | # Should Drupsible setup everything for the website to have a Varnish front-end?
43 | app_varnish_enabled: yes
44 | # Alternative http port, used by Apache2 when Varnish is enabled
45 | app_apache2_alt_port: 8080
46 | # Default path name under /var/www/app for index.php (by default placed in /var/www/app_name/public_html)
47 | app_public_html_folder: public_html
48 |
49 | # Is your app multilingual?
50 | # Set by configure.sh
51 | app_i18n_enabled: False
52 | # Please place default language first in this list
53 | # Set by configure.sh
54 | app_languages: []
55 |
56 | # Default timezone
57 | app_timezone: 'Europe/Madrid'
58 |
59 | # Switch to yes if in a cloud environment where the IPs of the servers
60 | # are dynamic (not static/fixed at provision/config time)
61 | app_in_cloud: no
62 |
63 | # Ferm (firewall) enabled
64 | app_ferm_enabled: "{{ (app_in_cloud|bool) | ternary(False, True) }}"
65 | # tcpwrappers (/etc/hosts.deny|allow) enabled
66 | app_tcpwrappers_enabled: "{{ (app_in_cloud|bool) | ternary(False, True) }}"
67 |
68 | #
69 | # Postfix defaults
70 | #
71 |
72 | # Credentials are global
73 | postfix_smtp_sasl_password_map_per_host: False
74 |
75 | #
76 | # Debops sshd defaults
77 | #
78 |
79 | sshd__custom_options: |
80 | # Drupsible - disable DNS lookups and negotiation of slow GSSAPI
81 | UseDNS no
82 | GSSAPIAuthentication no
83 |
84 | #
85 | # Debops console configuration.
86 | #
87 |
88 | # Do NOT manage root account for now.
89 | console_root: False
90 |
91 | # Copy .nanorc from Ansible Controller to remote hosts.
92 | console_custom_files:
93 | - src: 'files/filedotnanorc'
94 | dest: '/home/{{ app_user }}/.nanorc'
95 | owner: '{{ app_user }}'
96 | group: '{{ app_group }}'
97 |
98 | # Make nano the preferred editor.
99 | console_preferred_editors:
100 | - '/bin/nano'
101 | - '/usr/bin/vim.basic'
102 | - '/usr/bin/emacs24'
103 | - '/usr/bin/vim.tiny'
104 | - '/bin/ed'
105 |
106 | # Drupal 8 cache tags header
107 | app_cache_tag_header_request: Cache-Tags
108 |
--------------------------------------------------------------------------------
/ansible/inventory/group_vars.default/app_name/deploy.yml:
--------------------------------------------------------------------------------
1 | ---
2 | #
3 | # Configuration file for the deploy/webserver group of ALL the environments.
4 | #
5 |
6 | #
7 | # drupsible.deploy defaults
8 | #
9 | # Set by configure.sh
10 | deploy_files_sync_enabled: False
11 |
12 | # Set by configure.sh
13 | deploy_install_profile_enabled: False
14 | deploy_d_o_install_profile: ''
15 | deploy_custom_install_profile: ''
16 |
17 | # Set by configure.sh
18 | deploy_drush_make_enabled: False
19 | deploy_drush_makefile: ''
20 | deploy_composer_enabled: ''
21 |
22 | # Set by configure.sh
23 | deploy_codebase_tarball_filename: ''
24 | deploy_codebase_import_enabled: no
25 |
26 | # Set by configure.sh
27 | deploy_site_install_enabled: False
28 |
29 | # Do not touch module's on/off
30 | deploy_modules_present_env: []
31 | # devel module should always be disabled in PROD
32 | deploy_modules_absent_env: [ 'devel' ]
33 | deploy_modules_present_app: []
34 | deploy_modules_absent_app: []
35 |
36 | #
37 | # Upstream host to sync db/files with
38 | #
39 | # Set by configure.sh
40 | deploy_db_sync_enabled: False
41 | deploy_upstream_remote_host: ""
42 | deploy_upstream_remote_port: ""
43 | deploy_upstream_remote_user: ""
44 | deploy_upstream_docroot: ""
45 | deploy_upstream_files_path: "sites/default/files"
46 | # Advanced upstream host configuration
47 | # Set by configure.sh
48 | deploy_upstream_proxy_port: ""
49 | deploy_upstream_proxy_credentials: ""
50 | deploy_upstream_ssh_options: ""
51 |
52 | #
53 | # Drupal settings
54 | #
55 | # Set by configure.sh
56 | deploy_db_dump_filename: ''
57 | deploy_db_import_enabled:
58 |
59 | # Set by configure.sh
60 | deploy_files_tarball_filename:
61 | deploy_files_import_enabled:
62 |
63 | # Set by configure.sh
64 | deploy_git_repo_protocol: ''
65 | deploy_git_repo_server: ''
66 | deploy_git_repo_user: ''
67 | deploy_git_repo_path: ''
68 | deploy_git_repo_version: ''
69 | # The root folder needs to be prefixed with a slash, like '/www'
70 | deploy_codebase_root_folder: ''
71 |
72 | #
73 | # drupsible.apache2 defaults
74 | #
75 |
76 | apache2_modules:
77 | - alias
78 | - auth_basic
79 | - authn_file
80 | - authz_host
81 | - authz_user
82 | - autoindex
83 | - deflate
84 | - dir
85 | - env
86 | - expires
87 | - mime
88 | - negotiation
89 | - reqtimeout
90 | - rewrite
91 | - setenvif
92 | - status
93 |
94 | apache2_mod_php5_packages_ontop:
95 | - php-pear
96 | - php-soap
97 | - php5-curl
98 | - php5-gd
99 | - php5-gmp
100 | - php5-mcrypt
101 | - php5-memcache
102 | - php5-mysqlnd
103 | - newrelic-php5
104 |
105 | apache2_mod_php_post_max_size: "32M"
106 | apache2_mod_php_upload_max_filesize: "32M"
107 | apache2_mod_php_timezone: "Europe/Madrid"
108 | apache2_mod_php_memory_limit: "256M"
109 |
110 | # This setting in None totally voids .htaccess effects
111 | apache2_allow_override_htaccess: None
112 |
113 | #
114 | # PHP defaults
115 | #
116 |
117 | php__packages:
118 | # Add xml in Xenial if you need PECL (like when downgrading to PHP 5.6)
119 | #- xml
120 | - php-pear
121 | - php-soap
122 | - gmp
123 | - mysqlnd
124 |
125 | php__post_max_size: '32M'
126 |
127 | php__default_pm_status: True
128 | php__default_pm_status_path: "{{ app_fpm_status_path | default('/fpm-status')}}"
129 | php__default_ping_path: "{{ app_fpm_ping_path | default('/ping') }}"
130 | php__production: "{{ (app_target|default('prod') == 'prod')|ternary(True, False) }}"
131 |
132 | php__values:
133 | memory_limit: 192M
134 | newrelic.appname: "{{ app_name|quote }}"
135 | newrelic.license: "{{ newrelic_license_key|default(False)|ternary(newrelic_license_key, 'NO_NEWRELIC_LICENSE_KEY')|quote }}"
136 | max_input_vars: 2000
137 | # The following settings for PHP 5.5+ are based on https://goo.gl/AsDmgt
138 | opcache.memory_consumption: 64
139 | opcache.max_accelerated_files: 6000
140 | opcache.max_wasted_percentage: 10
141 |
142 | php__flags:
143 | cgi.fix_path_info: 1
144 | # The following settings for PHP 5.5+ are based on https://goo.gl/AsDmgt
145 | opcache.validate_timestamps: "{{ (app_target|default('prod') != 'prod') | ternary('True', 'False') }}"
146 | opcache.fast_shutdown: 1
147 |
148 | #
149 | # Blackfire.io defaults
150 | #
151 | # By default, blackfire in prod is disabled
152 | deploy_blackfire_enabled: False
153 |
154 | blackfire_user: "{{ app_user }}"
155 | blackfire_group: "{{ app_group }}"
156 |
157 | # Sets the server id used to authenticate with Blackfire API
158 | # Set this value in ansible/playbooks/group_vars/{app_name}/deploy.yml
159 | #blackfire_server_id: __CHANGE_THIS_VALUE__
160 |
161 | # Sets the server token used to authenticate with Blackfire API. It is unsafe to set this from the command line
162 | # Set this value in ansible/playbooks/group_vars/{app_name}/deploy.yml
163 | #blackfire_server_token: __CHANGE_THIS_VALUE__
164 |
165 | # Sets the client id used by the CLI tool to authenticate with Blackfire API
166 | # Set this value in ansible/playbooks/group_vars/{app_name}/deploy.yml
167 | #blackfire_client_id: __CHANGE_THIS_VALUE__
168 |
169 | # Sets the client token used by the CLI tool to authenticate with Blackfire API
170 | # Set this value in ansible/playbooks/group_vars/{app_name}/deploy.yml
171 | #blackfire_client_token: __CHANGE_THIS_VALUE__
172 |
173 | # Log verbosity level (4: debug, 3: info, 2: warning, 1: error)
174 | blackfire_log_level: 1
175 |
176 | # Sets the socket the agent should read traces from.
177 | # Possible value can be a unix socket or a TCP address. ie: unix:///var/run/blackfire/agent.sock or tcp://127.0.0.1:8307
178 | blackfire_socket: "unix:///var/run/blackfire/agent.sock"
179 |
180 | # Sets the URL of Blackfire's data collector
181 | blackfire_collector: https://blackfire.io
182 |
183 | # Restart apache after the activation of blackfire php extension
184 | blackfire_apache_enable: false
185 |
186 | # Restart php fpm after the activation of blackfire php extension
187 | blackfire_php_fpm_enable: false
188 |
189 | #
190 | # External Gmail SMTP server configuration
191 | #
192 | smtp_server: ''
193 | smtp_port: ''
194 | smtp_user: ''
195 |
--------------------------------------------------------------------------------
/ansible/inventory/group_vars.default/app_name/mysql.yml:
--------------------------------------------------------------------------------
1 | ---
2 | #
3 | # Configuration file for the mysql group of ALL the environments.
4 | #
5 | mysql_mysqld_bind_address: '0.0.0.0'
6 |
7 | # ---- MySQL server configuration ----
8 | # Use this hash variable to set additional mysqld options
9 | mysql_mysqld_options: {
10 | # https://www.drupal.org/project/apdqc. REPEATABLE-READ req for ACID, SERIALIZABLE req XA
11 | transaction-isolation: READ-COMMITTED,
12 | binlog_format: ROW,
13 | # INNODB
14 | # https://www.drupal.org/project/apdqc. Default is 50 seconds
15 | innodb_lock_wait_timeout: 20,
16 | key_buffer_size: 16M,
17 | innodb_buffer_pool_size: 64M,
18 | # In order to change this, you have to first shutdown,
19 | # then move away the log files (ib_logfile0, ib_logfile1, and so on),
20 | # then restart mysql.
21 | #'innodb_log_file_size = 32M
22 | innodb_file_per_table: 1,
23 | innodb_flush_method: O_DIRECT,
24 | # OTHER
25 | tmp_table_size: 8M,
26 | max_heap_table_size: 32M,
27 | query_cache_type: 0,
28 | query_cache_size: 00,
29 | max_connections: 50,
30 | thread_cache_size: 10,
31 | table_open_cache: 80,
32 | open_files_limit: 65535,
33 | }
34 |
--------------------------------------------------------------------------------
/ansible/inventory/group_vars.default/app_name/ops-features.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # Ops features provided by default in Drupal 8
3 | deploy_drupal8_projects_base:
4 | #- purge
5 | #- purge_purger_http
6 | - memcache_storage
7 |
8 | # To be overridden by the user
9 | deploy_drupal8_projects: []
10 |
11 | # Ops features provided by default in Drupal 7
12 | deploy_drupal7_projects_base:
13 | - memcache_storage
14 | #- securepages
15 | #- varnish
16 |
17 | # To be overridden by the user
18 | deploy_drupal7_projects: []
19 |
--------------------------------------------------------------------------------
/ansible/inventory/group_vars.default/app_name/ops-features/memcache.yml:
--------------------------------------------------------------------------------
1 | ---
2 | memcache_drupal8_modules_enabled:
3 | - memcache
4 |
5 | memcache_drupal7_modules_enabled:
6 | - memcache
7 |
--------------------------------------------------------------------------------
/ansible/inventory/group_vars.default/app_name/ops-features/memcache_storage.yml:
--------------------------------------------------------------------------------
1 | ---
2 | memcache_storage_drupal8_modules_enabled:
3 | - memcache_storage
4 |
5 | memcache_storage_drupal7_modules_enabled:
6 | - memcache_storage
7 |
--------------------------------------------------------------------------------
/ansible/inventory/group_vars.default/app_name/ops-features/purge.yml:
--------------------------------------------------------------------------------
1 | ---
2 | purge_drupal8_modules_enabled:
3 | - purge
4 | - purge_ui
5 | - purge_drush
6 | - purge_queuer_coretags
7 | - purge_processor_cron
8 | - purge_tokens
9 | - purge_processor_lateruntime
10 |
11 | purge_config_sets:
12 | purge.plugins:
13 | purgers.0.order_index: '1'
14 | purgers.0.instance_id: db413bd5ce
15 | purgers.0.plugin_id: http
16 | system.performance:
17 | cache.page.max_age: "{{ deploy_page_cache_max_age|d('600') }}"
18 |
--------------------------------------------------------------------------------
/ansible/inventory/group_vars.default/app_name/ops-features/purge_http_purger.yml:
--------------------------------------------------------------------------------
1 | ---
2 | purge_purger_http_drupal8_modules_enabled:
3 | - purge_purger_http
4 |
5 | purge_purger_http_config_sets:
6 | purge_purger_http.settings.db413bd5ce:
7 | uuid: a499996a-f2a5-4ca1-bd8e-1e17925947ae
8 | status: 'true'
9 | id: db413bd5ce
10 | name: 'Drupsible-Varnish-HTTP-purger'
11 | invalidationtype: tag
12 | hostname: "{{ groups[ app_name + '-' + app_target + '_' + 'varnish'][0] }}.{{ app_webdomain }}"
13 | port: '80'
14 | path: /
15 | request_method: PURGE
16 |
--------------------------------------------------------------------------------
/ansible/inventory/group_vars.default/app_name/ops-features/securepages.yml:
--------------------------------------------------------------------------------
1 | securepages_drupal7_modules_enabled:
2 | - securepages
3 |
4 | securepages_core_drupal7_patches:
5 | - 'ops-features/corepatches/drupal-https-only-961508-23-32.patch'
6 | - 'ops-features/corepatches/471970_0.patch'
7 |
8 | securepages_variables:
9 | securepages_enable: '1'
10 |
--------------------------------------------------------------------------------
/ansible/inventory/group_vars.default/app_name/ops-features/varnish.yml:
--------------------------------------------------------------------------------
1 | ---
2 | varnish_drupal7_modules_enabled:
3 | - varnish
4 |
5 | varnish_variables:
6 | varnish_enable: '1'
7 | page_cache_maximum_age: "{{ deploy_page_cache_max_age|d('600') }}"
8 | cache_lifetime: "{{ deploy_page_cache_max_age|d('600') }}"
9 | varnish_version: '4'
10 | varnish_control_terminal: "localhost:{{ deploy_varnish_mgmt_port|default('6082') }}"
11 | varnish_control_key: "{{ deploy_varnish_control_key__|default('') }}"
12 |
--------------------------------------------------------------------------------
/ansible/playbooks/bootstrap-deploy.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - include: bootstrap.yml
3 | - include: config-deploy.yml
4 |
--------------------------------------------------------------------------------
/ansible/playbooks/bootstrap.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - include: core.yml
3 |
4 | - name: Bootstrap hosts for Drupsible
5 | hosts: [ '{{ app_name }}:!localhost' ]
6 | gather_facts: True
7 |
8 | roles:
9 | - role: debops.bootstrap
10 | become: yes
11 | bootstrap_raw: False
12 | bootstrap_domain: "{{ app_webdomain }}"
13 | bootstrap_admin_name: "{{ app_user }}"
14 | bootstrap_admin_comment: "{{ app_name }}/Drupsible administrator"
15 | bootstrap_admin_system: False
16 | tags: [ bootstrap ]
17 |
--------------------------------------------------------------------------------
/ansible/playbooks/codebase-tarballs/README.txt:
--------------------------------------------------------------------------------
1 | Copy your codebase tarballs in this folder.
2 |
--------------------------------------------------------------------------------
/ansible/playbooks/config-deploy.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - include: core.yml
3 | - include: config-no-core.yml
4 | - include: deploy-no-core.yml
5 |
--------------------------------------------------------------------------------
/ansible/playbooks/config-no-core.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Common configuration (DebOps) for all hosts
3 | hosts: [ '{{ app_name }}' ]
4 | become: True
5 |
6 | roles:
7 | # Common tasks for all servers
8 | - role: debops.secret
9 | tags: [ secret, secret-all, sshd, mysql, varnish ]
10 | - role: debops.etc_services
11 | tags: [ etc_services ]
12 |
13 | # Basic configuration of the SSH daemon for all servers
14 | - role: debops.ferm
15 | tags: [ ferm, sshd, ferm-all, deployment ]
16 | ferm__dependent_rules: '{{ sshd__ferm__dependent_rules }}'
17 | when: app_ferm_enabled|default(True)|bool
18 | - role: debops.tcpwrappers
19 | tags: [ tcpwrappers, deployment ]
20 | tcpwrappers_dependent_allow: '{{ sshd__tcpwrappers__dependent_allow }}'
21 | when: app_tcpwrappers_enabled|default(True)|bool
22 | - role: debops.console
23 | tags: [ 'console' ]
24 | - role: debops.sshkeys
25 | tags: [ sshkeys, sshd, sshkeys-all ]
26 | - role: debops.sshd
27 | when: not packer|default(False)|bool
28 | tags: [ sshd ]
29 |
30 | # Timezone configuration for all servers
31 | tasks:
32 | - name: Get current time zone
33 | shell: '/usr/bin/timedatectl status | grep "Time zone" | sed "s|.*Time zone: \(.*/.*\) (.*)$|\1|g"'
34 | register: current_timezone
35 | changed_when: False
36 | tags: [ tz ]
37 | - name: Set time zone in /etc/localtime
38 | command: "/usr/bin/timedatectl set-timezone {{ app_timezone|default('Europe/Madrid') }}"
39 | tags: [ tz ]
40 | when: current_timezone.stdout != app_timezone|default('Europe/Madrid')
41 | # Ignoring errors until https://github.com/ansible/ansible/pull/19367
42 | ignore_errors: yes
43 | - name: Get current ntp status
44 | shell: '/usr/bin/timedatectl status | grep -e "NTP enabled" -e "Network time on" | sed "s/.*[NTP enabled|Network time on]: \(.*\)$/\1/g"'
45 | register: current_ntp_status
46 | changed_when: False
47 | tags: [ tz ]
48 | - name: Set NTP enabled
49 | command: /usr/bin/timedatectl set-ntp true
50 | when: current_ntp_status.stdout|bool != True
51 | tags: [ tz ]
52 | # Ignoring errors until https://github.com/ansible/ansible/pull/19367
53 | ignore_errors: yes
54 |
55 | - name: MySQL inventory group
56 | hosts: [ '{{ app_name }}-{{ app_target }}_mysql' ]
57 | become: True
58 |
59 | roles:
60 | - role: debops.secret
61 | tags: [ secret, mysql, secret-mysql ]
62 | - role: drupsible.mysql
63 | tags: [ mysql ]
64 | mysql_mysqld_allow_group: "{{ app_name + '-' + app_target + '_deploy' }}"
65 | mysql_in_cloud: "{{ app_in_cloud }}"
66 | mysql_databases:
67 | - name: "{{ app_name }}"
68 | state: 'present'
69 | - name: "{{ app_name }}_{{ app_build_id }}"
70 | state: "{{ app_db_create_for_build_enabled|default(False)|bool|ternary('present', 'absent') }}"
71 | mysql_users:
72 | - name: "{{ app_db_user }}"
73 | host: "%"
74 | state: 'present'
75 | password: '{{ app_db_password | default(lookup("password", secret + "/credentials/" + app_name + "/mysql/" + app_db_user + "/password chars=ascii_letters,digits,hexdigits length=" + mysql_password_length)) }}'
76 | priv: '{{ app_db_name }}%.*:ALL'
77 | - name: "{{ app_db_user }}"
78 | host: localhost
79 | state: 'present'
80 | password: '{{ app_db_password | default(lookup("password", secret + "/credentials/" + app_name + "/mysql/" + app_db_user + "/password chars=ascii_letters,digits,hexdigits length=" + mysql_password_length)) }}'
81 | priv: '{{ app_db_name }}%.*:ALL'
82 | - name: "{{ app_db_user }}"
83 | host: "{{ ansible_hostname|default(inventory_hostname) }}"
84 | state: 'present'
85 | password: '{{ app_db_password | default(lookup("password", secret + "/credentials/" + app_name + "/mysql/" + app_db_user + "/password chars=ascii_letters,digits,hexdigits length=" + mysql_password_length)) }}'
86 | priv: '{{ app_db_name }}%.*:ALL'
87 | - name: "{{ app_db_user }}"
88 | host: "10.0.2.2"
89 | state: 'present'
90 | password: '{{ app_db_password | default(lookup("password", secret + "/credentials/" + app_name + "/mysql/" + app_db_user + "/password chars=ascii_letters,digits,hexdigits length=" + mysql_password_length)) }}'
91 | priv: '{{ app_db_name }}%.*:ALL'
92 | - role: debops.ferm
93 | tags: [ ferm, mysql, ferm-mysql, deployment ]
94 | ferm__dependent_rules: '{{ mysql_ferm_dependent_rules_exported|default([]) }}'
95 | when: app_ferm_enabled|default(True)|bool
96 | - role: debops.tcpwrappers
97 | tags: [ tcpwrappers, mysql, tcpwrappers-mysql, deployment ]
98 | tcpwrappers_dependent_allow: '{{ mysql_tcpwrappers_dependent_allow_exported|default([]) }}'
99 | when: app_tcpwrappers_enabled|default(True)|bool
100 |
101 | - name: Deploy inventory group
102 | hosts: [ '{{ app_name }}-{{ app_target }}_deploy' ]
103 | become: yes
104 |
105 | roles:
106 | - role: debops.secret
107 | tags: [ secret ]
108 | when: app_https_enabled|default(False)|bool or
109 | (smtp_server|d("") != "" and
110 | smtp_port|d("") != "" and
111 | smtp_user|d("") != "")
112 | - role: debops.postfix
113 | tags: [ postfix, postfix-deploy ]
114 | postfix_dependencies: "{{ app_ferm_enabled|default(True)|bool }}"
115 | postfix: [ 'client', 'auth' ]
116 | postfix_relayhost: "[{{ smtp_server }}]:{{ smtp_port }}"
117 | postfix_smtp_sasl_password_map: "{ '[{{ smtp_server }}]:{{ smtp_port }}': '{{ smtp_user }}' }"
118 | when: smtp_server|d("") != "" and smtp_port|d("") != "" and smtp_user|d("") != ""
119 | - role: debops.users
120 | when: not packer|default(False)|bool
121 | users_enabled: True
122 | users_list:
123 | - name: "{{ app_user }}"
124 | forward: "{{ app_admin_email }}"
125 | shell: '/bin/bash'
126 | state: 'present'
127 | users_admins: [ "{{ app_user }}" ]
128 | tags: [ users, users-deploy, deployment ]
129 | - role: drupsible.apache2
130 | tags: [ apache2, php, apache2-deploy ]
131 | apache2_site_name: "{{ app_name }}"
132 | apache2_webdomain: "{{ app_webdomain }}"
133 | apache2_public_html_folder: "{{ app_public_html_folder | d('public_html') }}"
134 | apache2_pki_cert: "{{ deploy_pki_cert|default('/etc/ssl/certs/' + app_name + '.cert') }}"
135 | apache2_pki_key: "{{ deploy_pki_key|default('/etc/ssl/certs/' + app_name + '.key') }}"
136 | apache2_port: "{{ app_varnish_enabled|default(False)|bool|ternary(app_apache2_alt_port|default('8080'), '80') }}"
137 | apache2_fpm_server_status_path: "{{ app_fpm_status_path | default('/fpm-status') }}"
138 | apache2_fpm_ping_path: "{{ app_fpm_ping_path | default('/ping') }}"
139 | apache2_webhost: "{{ app_webhost }}"
140 | apache2_fpm_listen: "{{ app_fpm_listen }}"
141 | apache2_fpm_listen_uds: "{{ app_fpm_listen_uds }}"
142 | apache2_https_enabled: "{{ app_https_enabled|default(False)|bool }}"
143 | apache2_varnish_enabled: "{{ app_varnish_enabled }}"
144 | apache2_ping_group: "{{ app_name + '-' + app_target + '_varnish' }}"
145 | apache2_in_cloud: "{{ app_in_cloud }}"
146 | - role: drupsible.php
147 | tags: [ php, php-deploy, newrelic, uploadprogress, xdebug, composer, drupal-console, memcached, twigc, blackfire ]
148 | deploy_php_app_pool:
149 | enabled: True
150 | name: "{{ app_name }}"
151 | listen: "{{ ansible_local.apache2.uds_available|default(True)|bool|ternary(app_fpm_listen_uds, app_fpm_listen) }}"
152 | user: "{{ app_user }}"
153 | group: "{{ app_group }}"
154 | php__values:
155 | newrelic.appname: "{{ app_name|quote }}"
156 | newrelic.license: "{{ newrelic_license_key|d(False)|ternary(newrelic_license_key, 'NO_NEWRELIC_LICENSE_KEY')|quote }}"
157 | php__admin_values:
158 | memory_limit: '{{ php__memory_limit }}'
159 | sendmail_path: "/usr/sbin/sendmail -t -i"
160 | max_input_vars: '2000'
161 | # The following settings for PHP 5.5+ are based on https://goo.gl/AsDmgt
162 | opcache.memory_consumption: '64'
163 | opcache.max_accelerated_files: '6000'
164 | opcache.max_wasted_percentage: '10'
165 | php__flags:
166 | cgi.fix_path_info: '1'
167 | # The following settings for PHP 5.5+ are based on https://goo.gl/AsDmgt
168 | opcache.validate_timestamps: "{{ (app_target|default('prod') != 'prod') | ternary('True', 'False') }}"
169 | opcache.fast_shutdown: '1'
170 | php__pools: [ '{{ deploy_php_app_pool }}' ]
171 | - role: drupsible.newrelic
172 | tags: [ newrelic, newrelic-deploy ]
173 | when: provision_new_relic|default(False)|bool and 'newrelic-php5' in apache2_php5_packages_ontop|default([]) and ansible_local.apache2.mpm == 'prefork'
174 | - role: drupsible.uploadprogress
175 | tags: [ uploadprogress, uploadprogress-deploy ]
176 | when: ansible_distribution_release != 'xenial'
177 | - role: drupsible.xdebug
178 | tags: [ xdebug, xdebug-deploy ]
179 | xdebug_cli_enabled: "{{ deploy_xdebug_cli_enabled|default(False)|bool }}"
180 | when: deploy_xdebug_enabled|default(False)|bool
181 | - role: drupsible.composer
182 | tags: [ composer, composer-deploy, drupal-console, drush, provision ]
183 | - role: drupsible.memcached
184 | tags: [ memcached, memcached-deploy ]
185 | when: app_memcached_enabled|default(True)|bool
186 | - role: drupsible.drupal-console
187 | drupal_console_user: "{{ app_user }}"
188 | drupal_console_group: "{{ app_group }}"
189 | tags: [ drupal-console, drupal-console-deploy, provision ]
190 | when: deploy_drupal_console_enabled|d(False)|bool and app_drupal_version|d('8')|version_compare('8', '==')
191 | - role: drupsible.newrelic
192 | tags: [ newrelic, newrelic-deploy ]
193 | when: provision_new_relic|default(False)|bool
194 | - role: drupsible.drush
195 | tags: [ drush, drush-deploy, provision ]
196 | drush_drupal_version: "{{ app_drupal_version|default('8') }}"
197 | drush_app_user: "{{ app_user }}"
198 | - role: drupsible.samba
199 | tags: [ samba, samba-deploy ]
200 | samba_webdomain: "{{ app_webdomain }}"
201 | samba_webhost: "{{ app_webhost }}"
202 | when: app_target == 'local'
203 | - role: drupsible.twigc
204 | tags: [ twigc, twigc-deploy ]
205 | when: app_drupal_version|default('8')|version_compare('8', '==') and ansible_distribution_release != 'xenial'
206 | twigc_composer_working_dir: "/home/{{ app_user }}/{{ app_name }}"
207 | - role: debops.ferm
208 | tags: [ ferm, ferm-deploy, postfix, apache2, samba, deployment ]
209 | apache2_port: "{{ app_varnish_enabled|default(False)|bool|ternary(app_apache2_alt_port|default('8080'), '80') }}"
210 | ferm__dependent_rules: '{{ postfix_ferm_dependent_rules|default([]) + apache2_ferm_dependent_rules + samba_ferm_dependent_rules|default([]) }}'
211 | when: app_ferm_enabled|default(True)|bool
212 | - role: drupsible.blackfire
213 | tags: [ blackfire, blackfire-deploy ]
214 | when: deploy_blackfire_enabled|default(False)|bool
215 |
216 | - name: Varnish inventory group
217 | hosts: [ '{{ app_name }}-{{ app_target }}_varnish' ]
218 | become: True
219 |
220 | roles:
221 | - role: debops.secret
222 | tags: [ secret, varnish, secret-varnish ]
223 | - role: drupsible.varnish
224 | tags: [ varnish, varnish-varnish ]
225 | varnish_webdomain: "{{ app_webdomain }}"
226 | varnish_trusted_hosts: "{{ app_server_aliases }}"
227 | varnish_pipe_timeout: 600
228 | varnish_apache2_port: "{{ app_apache2_alt_port|default('8080') }}"
229 | varnish_management_console_listen_on: "{{ app_varnish_mgmt_port|default('6082') }}"
230 | varnish_fpm_ping_path: "{{ app_fpm_ping_path | default('/ping') }}"
231 | varnish_webhost: "{{ app_webhost }}"
232 | varnish_app_name: "{{ app_name }}"
233 | varnish_deploy_group: "{{ app_name + '-' + app_target + '_deploy' }}"
234 | varnish_in_cloud: "{{ app_in_cloud }}"
235 | varnish_cache_tag_header_request: "{{ app_cache_tag_header_request|default('Cache-Tags') }}"
236 | when: app_varnish_enabled|bool
237 | - role: debops.ferm
238 | tags: [ ferm, varnish, ferm-varnish, deployment ]
239 | ferm__dependent_rules: "{{ varnish_ferm_dependent_rules_exported|default([]) }}"
240 | when: app_ferm_enabled|default(True)|bool
241 |
--------------------------------------------------------------------------------
/ansible/playbooks/config.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - include: core.yml
3 | - include: config-no-core.yml
4 |
--------------------------------------------------------------------------------
/ansible/playbooks/core.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Prepare DebOps core environment
3 | hosts: [ '{{ app_name }}' ]
4 | become: False
5 | roles:
6 | - role: debops.core
7 | tags: [ 'core' ]
8 | become: True
9 |
--------------------------------------------------------------------------------
/ansible/playbooks/dbdumps/README.txt:
--------------------------------------------------------------------------------
1 | Copy your database dumps in this folder.
2 |
--------------------------------------------------------------------------------
/ansible/playbooks/deploy-no-core.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Deploy
3 | hosts: [ '{{ app_name }}-{{ app_target }}_deploy' ]
4 | gather_facts: True
5 |
6 | pre_tasks:
7 | - name: Gather facts of Varnish servers
8 | setup:
9 | delegate_to: "{{ item }}"
10 | delegate_facts: True
11 | with_items: "{{ groups[app_name + '-' + app_target + '_varnish'] }}"
12 |
13 | - name: Lookup control key secret and set the fact to avoid lookups lazy evaluation
14 | set_fact:
15 | deploy_varnish_control_key__: "{{ lookup('password', secret + '/credentials/' + inventory_hostname + '/varnish/secret chars=ascii_letters,digits,hexdigits') }}"
16 | no_log: True
17 |
18 | roles:
19 | - role: debops.secret
20 | tags: [ secret, deploy, secret-deploy ]
21 | - role: drupsible.deploy
22 | tags: [ deploy, deploy-deploy ]
23 | deploy_build_id: "{{ app_build_id }}"
24 | deploy_public_html_folder: "{{ app_public_html_folder | d('public_html') }}"
25 | deploy_varnish_enabled: "{{ app_varnish_enabled }}"
26 | deploy_varnish_mgmt_port: "{{ app_varnish_mgmt_port|default('6082') }}"
27 | deploy_target: "{{ app_target }}"
28 | deploy_webhost: "{{ app_webhost }}"
29 | deploy_trusted_host_patterns: [ "(?i)^.+\\.{{ app_webdomain|regex_replace('[.]', '\\.') }}$" ]
30 | deploy_varnish_servers: "{{ groups[ app_name + '-' + app_target + '_varnish' ] }}"
31 | deploy_mysql_host: "{{ app_mysql_host|d(groups[ app_name + '-' + app_target + '_mysql' ][0]) }}"
32 | deploy_db_name: "{{ app_db_name }}"
33 | deploy_db_user: "{{ app_db_user }}"
34 | deploy_db_password: '{{ app_db_password|default(lookup("password", secret + "/credentials/" + app_name + "/mysql/" + app_db_user + "/password chars=ascii_letters,digits,hexdigits")) }}'
35 |
--------------------------------------------------------------------------------
/ansible/playbooks/deploy.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - include: core.yml
3 | - include: deploy-no-core.yml
4 |
--------------------------------------------------------------------------------
/ansible/playbooks/files-tarballs/README.txt:
--------------------------------------------------------------------------------
1 | Copy your files tarballs/archives in this folder.
2 |
--------------------------------------------------------------------------------
/ansible/playbooks/files/filedotnanorc:
--------------------------------------------------------------------------------
1 | ## Drupsible configuration for nano editor
2 | ##
3 | ## Use this syntax when editing PHP files in Drupal (.php, .module, .install, .inc)
4 | syntax "php" "(\.php[2345s~]?|\.module|\.install|\.inc)$"
5 | header "^(//|/\*).*[Pp][Hh][Pp]|<\?php\>"
6 |
7 | ## php markings
8 | color brightgreen "(<\?(php)?|\?>)"
9 |
10 | ## functions
11 | color white "\<[a-z_]*\("
12 |
13 | ## types
14 | color green "\<(var|float|global|double|bool|char|int|enum|const)\>"
15 |
16 | ## structure
17 | color brightyellow "\<(class|new|private|public|function|for|foreach|if|while|do|else|elseif|case|default|switch)\>"
18 |
19 | ## control flow
20 | color magenta "\<(goto|continue|break|return)\>"
21 |
22 | ## strings
23 | color brightyellow "<[^= ]*>" ""(\.|[^"])*""
24 |
25 | ## comments
26 | color brightblue "//.*"
27 | color brightblue start="/\*" end="\*/"
28 | #color blue start="<" end=">"
29 | #color red "&[^;[[:space:]]]*;"
30 |
31 | ## Trailing whitespace
32 | color ,green "[[:space:]]+$"
33 |
--------------------------------------------------------------------------------
/ansible/playbooks/files/ops-features/corepatches/471970_0.patch:
--------------------------------------------------------------------------------
1 | diff --git a/modules/simpletest/drupal_web_test_case.php b/modules/simpletest/drupal_web_test_case.php
2 | index a0cd114..1686d7c 100644
3 | --- a/modules/simpletest/drupal_web_test_case.php
4 | +++ b/modules/simpletest/drupal_web_test_case.php
5 | @@ -1827,7 +1827,7 @@ class DrupalWebTestCase extends DrupalTestCase {
6 | $submit_matches = $this->handleForm($post, $edit, $upload, $ajax ? NULL : $submit, $form);
7 | $action = isset($form['action']) ? $this->getAbsoluteUrl((string) $form['action']) : $this->getUrl();
8 | if ($ajax) {
9 | - $action = $this->getAbsoluteUrl(!empty($submit['path']) ? $submit['path'] : 'system/ajax');
10 | + $action = $this->getAbsoluteUrl(!empty($submit['path']) ? $submit['path'] : url('system/ajax'));
11 | // Ajax callbacks verify the triggering element if necessary, so while
12 | // we may eventually want extra code that verifies it in the
13 | // handleForm() function, it's not currently a requirement.
14 | @@ -2465,7 +2465,8 @@ class DrupalWebTestCase extends DrupalTestCase {
15 | * @param $path
16 | * A path from the internal browser content.
17 | * @return
18 | - * The $path with $base_url prepended, if necessary.
19 | + * The $path with the internal browser's base URL or $base_url prepended, if
20 | + * necessary.
21 | */
22 | protected function getAbsoluteUrl($path) {
23 | global $base_url, $base_path;
24 | @@ -2474,6 +2475,20 @@ class DrupalWebTestCase extends DrupalTestCase {
25 | if (empty($parts['host'])) {
26 | // Ensure that we have a string (and no xpath object).
27 | $path = (string) $path;
28 | + // Return an absolute URL based on the internal browser's current URL if
29 | + // it is not using the internal: scheme.
30 | + $parts = parse_url($this->getUrl());
31 | + if ($parts['scheme'] != 'internal') {
32 | + $port = isset($parts['port']) ? ':' . $parts['port'] : '';
33 | + $url = $parts['scheme'] . '://' . $parts['host'] . $port;
34 | + if ($path[0] === '/') {
35 | + $url .= $path;
36 | + }
37 | + else {
38 | + $url .= preg_replace('@(.*/)([^/]*)@', '$1' . $path, $parts['path']);
39 | + }
40 | + return $url;
41 | + }
42 | // Strip $base_path, if existent.
43 | $length = strlen($base_path);
44 | if (substr($path, 0, $length) === $base_path) {
45 | diff --git a/modules/simpletest/tests/ajax.test b/modules/simpletest/tests/ajax.test
46 | index 9579792..0442523 100644
47 | --- a/modules/simpletest/tests/ajax.test
48 | +++ b/modules/simpletest/tests/ajax.test
49 | @@ -388,7 +388,7 @@ class AJAXMultiFormTestCase extends AJAXTestCase {
50 | // page update, ensure the same as above.
51 | foreach ($field_xpaths as $form_html_id => $field_xpath) {
52 | for ($i = 0; $i < 2; $i++) {
53 | - $this->drupalPostAJAX(NULL, array(), array($button_name => $button_value), 'system/ajax', array(), array(), $form_html_id);
54 | + $this->drupalPostAJAX(NULL, array(), array($button_name => $button_value), url('system/ajax'), array(), array(), $form_html_id);
55 | $this->assert(count($this->xpath($field_xpath . $field_items_xpath_suffix)) == $i+2, t('Found the correct number of field items after an AJAX submission.'));
56 | $this->assertFieldByXPath($field_xpath . $button_xpath_suffix, NULL, t('Found the "add more" button after an AJAX submission.'));
57 | $this->assertNoDuplicateIds(t('Updated page contains unique IDs'), 'Other');
58 |
--------------------------------------------------------------------------------
/ansible/playbooks/files/ops-features/corepatches/drupal-https-only-961508-23-32.patch:
--------------------------------------------------------------------------------
1 | diff --git a/includes/common.inc b/includes/common.inc
2 | index efb7926..b419a93 100644
3 | --- a/includes/common.inc
4 | +++ b/includes/common.inc
5 | @@ -4971,7 +4971,14 @@ function drupal_get_private_key() {
6 | * An additional value to base the token on.
7 | */
8 | function drupal_get_token($value = '') {
9 | - return drupal_hmac_base64($value, session_id() . drupal_get_private_key() . drupal_get_hash_salt());
10 | + // For mixed HTTP(S) sessions, use a constant identifier so that tokens can be shared between protocols.
11 | + if (variable_get('https', FALSE) && $GLOBALS['is_https'] && isset($_COOKIE[substr(session_name(), 1)])) {
12 | + $session_id = $_COOKIE[substr(session_name(), 1)];
13 | + }
14 | + else {
15 | + $session_id = session_id();
16 | + }
17 | + return drupal_hmac_base64($value, $session_id . drupal_get_private_key() . drupal_get_hash_salt());
18 | }
19 |
20 | /**
21 | diff --git a/includes/form.inc b/includes/form.inc
22 | index cc7a2c0..1c1ec12 100644
23 | --- a/includes/form.inc
24 | +++ b/includes/form.inc
25 | @@ -1130,6 +1130,11 @@ function drupal_validate_form($form_id, &$form, &$form_state) {
26 | }
27 | }
28 |
29 | + // Ensure the correct protocol when #https is set.
30 | + if (!empty($form['#https']) && !$GLOBALS['is_https']) {
31 | + form_set_error('', t('This form requires HTTPS. Contact the site administrator if the problem persists.'));
32 | + }
33 | +
34 | _form_validate($form, $form_state, $form_id);
35 | $validated_forms[$form_id] = TRUE;
36 |
37 | diff --git a/modules/simpletest/drupal_web_test_case.php b/modules/simpletest/drupal_web_test_case.php
38 | index b7a5f1a..6201229 100644
39 | --- a/modules/simpletest/drupal_web_test_case.php
40 | +++ b/modules/simpletest/drupal_web_test_case.php
41 | @@ -3592,6 +3592,34 @@ class DrupalWebTestCase extends DrupalTestCase {
42 | $this->verbose(t('Email:') . '' . print_r($mail, TRUE) . '
');
43 | }
44 | }
45 | +
46 | + /**
47 | + * Builds a URL for submitting a mock HTTPS request to HTTP test environments.
48 | + *
49 | + * @param $url
50 | + * A Drupal path such as 'user'.
51 | + *
52 | + * @return
53 | + * An absolute URL.
54 | + */
55 | + protected function httpsUrl($url) {
56 | + global $base_url;
57 | + return $base_url . '/modules/simpletest/tests/https.php?q=' . $url;
58 | + }
59 | +
60 | + /**
61 | + * Builds a URL for submitting a mock HTTP request to HTTPS test environments.
62 | + *
63 | + * @param $url
64 | + * A Drupal path such as 'user'.
65 | + *
66 | + * @return
67 | + * An absolute URL.
68 | + */
69 | + protected function httpUrl($url) {
70 | + global $base_url;
71 | + return $base_url . '/modules/simpletest/tests/http.php?q=' . $url;
72 | + }
73 | }
74 |
75 | /**
76 | diff --git a/modules/simpletest/tests/form.test b/modules/simpletest/tests/form.test
77 | index 985abe3..6e5bf369 100644
78 | --- a/modules/simpletest/tests/form.test
79 | +++ b/modules/simpletest/tests/form.test
80 | @@ -1675,3 +1675,39 @@ class FormCheckboxTestCase extends DrupalWebTestCase {
81 | }
82 | }
83 | }
84 | +
85 | +/**
86 | + * Tests #https property.
87 | + */
88 | +class FormHttpsOnlyTestCase extends DrupalWebTestCase {
89 | +
90 | + public static function getInfo() {
91 | + return array(
92 | + 'name' => 'Form HTTPS only',
93 | + 'description' => 'Tests form API handling of #https.',
94 | + 'group' => 'Form API',
95 | + );
96 | + }
97 | +
98 | + function setUp() {
99 | + parent::setUp('form_test');
100 | + }
101 | +
102 | + function testHttpsOnly() {
103 | + $path = 'form-test/https-only';
104 | + $edit = array('textfield' => '123');
105 | + $submit = t('Submit');
106 | +
107 | + $this->drupalGet($path);
108 | + $form = $this->xpath('//form[@id="form-test-https-only"]');
109 | + $form[0]['action'] = $this->httpsUrl($path);
110 | + $this->drupalPost(NULL, $edit, $submit);
111 | + $this->assertText(t('The form has been successfully submitted.', t('Form submission succeeded over HTTPS.')));
112 | +
113 | + $this->drupalGet($path);
114 | + $form = $this->xpath('//form[@id="form-test-https-only"]');
115 | + $form[0]['action'] = $this->httpUrl($path);
116 | + $this->drupalPost(NULL, $edit, $submit);
117 | + $this->assertText(t('This form requires HTTPS. Contact the site administrator if the problem persists.'), t('Form submission failed over HTTP.'));
118 | + }
119 | +}
120 | diff --git a/modules/simpletest/tests/form_test.module b/modules/simpletest/tests/form_test.module
121 | index e4ac77b..ecfcfb7 100644
122 | --- a/modules/simpletest/tests/form_test.module
123 | +++ b/modules/simpletest/tests/form_test.module
124 | @@ -210,6 +210,13 @@ function form_test_menu() {
125 | 'access callback' => TRUE,
126 | 'type' => MENU_CALLBACK,
127 | );
128 | + $items['form-test/https-only'] = array(
129 | + 'title' => 'FAPI test for mixed-mode sessions',
130 | + 'page callback' => 'drupal_get_form',
131 | + 'page arguments' => array('form_test_https_only'),
132 | + 'access callback' => TRUE,
133 | + 'type' => MENU_CALLBACK,
134 | + );
135 |
136 | return $items;
137 | }
138 | @@ -1742,3 +1749,21 @@ function form_test_checkboxes_zero($form, &$form_state, $json = TRUE) {
139 | function _form_test_checkboxes_zero_no_redirect($form, &$form_state) {
140 | $form_state['redirect'] = FALSE;
141 | }
142 | +
143 | +function form_test_https_only($form, &$form_state) {
144 | + $form['textfield'] = array(
145 | + '#type' => 'textfield',
146 | + '#title' => t('Textfield'),
147 | + );
148 | + $form['submit'] = array(
149 | + '#type' => 'submit',
150 | + '#value' => t('Submit'),
151 | + );
152 | + $form['#https'] = TRUE;
153 | + return $form;
154 | +}
155 | +
156 | +function form_test_https_only_submit($form, &$form_state) {
157 | + drupal_set_message('The form has been successfully submitted.');
158 | + $form_state['redirect'] = FALSE;
159 | +}
160 | diff --git a/modules/simpletest/tests/session.test b/modules/simpletest/tests/session.test
161 | index e5ceb75..f9da29e 100644
162 | --- a/modules/simpletest/tests/session.test
163 | +++ b/modules/simpletest/tests/session.test
164 | @@ -500,32 +500,5 @@ class SessionHttpsTestCase extends DrupalWebTestCase {
165 | return $this->assertTrue(db_query('SELECT timestamp FROM {sessions} WHERE sid = :sid AND ssid = :ssid', $args)->fetchField(), $assertion_text);
166 | }
167 |
168 | - /**
169 | - * Builds a URL for submitting a mock HTTPS request to HTTP test environments.
170 | - *
171 | - * @param $url
172 | - * A Drupal path such as 'user'.
173 | - *
174 | - * @return
175 | - * An absolute URL.
176 | - */
177 | - protected function httpsUrl($url) {
178 | - global $base_url;
179 | - return $base_url . '/modules/simpletest/tests/https.php?q=' . $url;
180 | - }
181 | -
182 | - /**
183 | - * Builds a URL for submitting a mock HTTP request to HTTPS test environments.
184 | - *
185 | - * @param $url
186 | - * A Drupal path such as 'user'.
187 | - *
188 | - * @return
189 | - * An absolute URL.
190 | - */
191 | - protected function httpUrl($url) {
192 | - global $base_url;
193 | - return $base_url . '/modules/simpletest/tests/http.php?q=' . $url;
194 | - }
195 | }
196 |
197 |
--------------------------------------------------------------------------------
/ansible/playbooks/lookup_plugins/task_src.py:
--------------------------------------------------------------------------------
1 | # (c) 2015, Robert Chady
2 | # Based on `runner/lookup_plugins/file.py` for Ansible
3 | # (c) 2012, Michael DeHaan
4 | #
5 | # This file is part of Debops.
6 | # This file is NOT part of Ansible yet.
7 | #
8 | # Debops is free software: you can redistribute it and/or modify
9 | # it under the terms of the GNU General Public License as published by
10 | # the Free Software Foundation, either version 3 of the License, or
11 | # (at your option) any later version.
12 | #
13 | # Ansible is distributed in the hope that it will be useful,
14 | # but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | # GNU General Public License for more details.
17 | #
18 | # You should have received a copy of the GNU General Public License
19 | # along with Debops. If not, see .
20 |
21 | '''
22 |
23 | This file implements the `task_src` lookup filter for Ansible. In difference
24 | to the `file` filter, this searches values based on the `task-paths`
25 | variable (colon separated) as configured in DebOps.
26 |
27 | NOTE: This means this filter relies on DebOps.
28 |
29 | '''
30 |
31 | import os
32 |
33 | from debops import *
34 | from debops.cmds import *
35 |
36 | __author__ = "Robert Chady "
37 | __copyright__ = "Copyright 2015 by Robert Chady "
38 | __license__ = "GNU General Public LIcense version 3 (GPL v3) or later"
39 |
40 | try:
41 | from ansible.plugins.lookup import LookupBase
42 | except ImportError:
43 | LookupBase = object
44 |
45 | conf_template_paths = 'task-paths'
46 |
47 | from distutils.version import LooseVersion
48 | from ansible import __version__ as __ansible_version__
49 | class LookupModule(LookupBase):
50 | def __new__(class_name, *args, **kwargs):
51 | if LooseVersion(__ansible_version__) < LooseVersion("2.0"):
52 | from ansible import utils, errors
53 | class LookupModuleV1(object):
54 | def __init__(self, basedir, *args, **kwargs):
55 | self.basedir = basedir
56 |
57 | def run(self, terms, inject=None, **kwargs):
58 |
59 | terms = utils.listify_lookup_plugin_terms(terms, self.basedir, inject)
60 | ret = []
61 |
62 | # this can happen if the variable contains a string, strictly not desired for lookup
63 | # plugins, but users may try it, so make it work.
64 | if not isinstance(terms, list):
65 | terms = [ terms ]
66 |
67 | project_root = find_debops_project(required=False)
68 | config = read_config(project_root)
69 | places = []
70 |
71 | if 'paths' in config and conf_template_paths in config['paths']:
72 | custom_places = config['paths'][conf_template_paths].split(':')
73 | for custom_path in custom_places:
74 | if os.path.isabs(custom_path):
75 | places.append(custom_path)
76 | else:
77 | places.append(os.path.join(project_root, custom_path))
78 |
79 | for term in terms:
80 | if '_original_file' in inject:
81 | relative_path = utils.path_dwim_relative(inject['_original_file'], 'tasks', '', self.basedir, check=False)
82 | places.append(relative_path)
83 | for path in places:
84 | template = os.path.join(path, term)
85 | if template and os.path.exists(template):
86 | ret.append(template)
87 | break
88 | else:
89 | raise errors.AnsibleError("could not locate file in lookup: %s" % term)
90 |
91 | return ret
92 |
93 | return LookupModuleV1(*args, **kwargs)
94 |
95 | else:
96 | from ansible.errors import AnsibleError
97 | from ansible.plugins.lookup import LookupBase
98 | class LookupModuleV2(LookupBase):
99 |
100 | def run(self, terms, variables=None, **kwargs):
101 | ret = []
102 |
103 | # this can happen if the variable contains a string, strictly not desired for lookup
104 | # plugins, but users may try it, so make it work.
105 | if not isinstance(terms, list):
106 | terms = [ terms ]
107 |
108 | project_root = find_debops_project(required=False)
109 | config = read_config(project_root)
110 | places = []
111 |
112 | if 'paths' in config and conf_template_paths in config['paths']:
113 | custom_places = config['paths'][conf_template_paths].split(':')
114 | for custom_path in custom_places:
115 | if os.path.isabs(custom_path):
116 | places.append(custom_path)
117 | else:
118 | places.append(os.path.join(project_root, custom_path))
119 |
120 | for term in terms:
121 | if 'role_path' in variables:
122 | relative_path = self._loader.path_dwim_relative(variables['role_path'], 'tasks', '')
123 | places.append(relative_path)
124 | for path in places:
125 | template = os.path.join(path, term)
126 | if template and os.path.exists(template):
127 | ret.append(template)
128 | break
129 | else:
130 | raise AnsibleError("could not locate file in lookup: %s" % term)
131 |
132 | return ret
133 |
134 | return LookupModuleV2(*args, **kwargs)
135 |
136 |
--------------------------------------------------------------------------------
/ansible/playbooks/lookup_plugins/template_src.py:
--------------------------------------------------------------------------------
1 | # (c) 2015, Robert Chady
2 | # Based on `runner/lookup_plugins/file.py` for Ansible
3 | # (c) 2012, Michael DeHaan
4 | #
5 | # This file is part of Debops.
6 | # This file is NOT part of Ansible yet.
7 | #
8 | # Debops is free software: you can redistribute it and/or modify
9 | # it under the terms of the GNU General Public License as published by
10 | # the Free Software Foundation, either version 3 of the License, or
11 | # (at your option) any later version.
12 | #
13 | # Ansible is distributed in the hope that it will be useful,
14 | # but WITHOUT ANY WARRANTY; without even the implied warranty of
15 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 | # GNU General Public License for more details.
17 | #
18 | # You should have received a copy of the GNU General Public License
19 | # along with Debops. If not, see .
20 |
21 | '''
22 |
23 | This file implements the `template_src` lookup filter for Ansible. In difference
24 | to the `template` filter, this searches values based on the `template-paths`
25 | variable (colon separated) as configured in DebOps.
26 |
27 | NOTE: This means this filter relies on DebOps.
28 |
29 | '''
30 |
31 | import os
32 |
33 | from debops import *
34 | from debops.cmds import *
35 |
36 | __author__ = "Robert Chady "
37 | __copyright__ = "Copyright 2015 by Robert Chady "
38 | __license__ = "GNU General Public LIcense version 3 (GPL v3) or later"
39 |
40 | try:
41 | from ansible.plugins.lookup import LookupBase
42 | except ImportError:
43 | LookupBase = object
44 |
45 | conf_template_paths = 'template-paths'
46 |
47 | from distutils.version import LooseVersion
48 | from ansible import __version__ as __ansible_version__
49 | class LookupModule(LookupBase):
50 | def __new__(class_name, *args, **kwargs):
51 | if LooseVersion(__ansible_version__) < LooseVersion("2.0"):
52 | from ansible import utils, errors
53 | class LookupModuleV1(object):
54 | def __init__(self, basedir, *args, **kwargs):
55 | self.basedir = basedir
56 |
57 | def run(self, terms, inject=None, **kwargs):
58 |
59 | terms = utils.listify_lookup_plugin_terms(terms, self.basedir, inject)
60 | ret = []
61 |
62 | # this can happen if the variable contains a string, strictly not desired for lookup
63 | # plugins, but users may try it, so make it work.
64 | if not isinstance(terms, list):
65 | terms = [ terms ]
66 |
67 | project_root = find_debops_project(required=False)
68 | config = read_config(project_root)
69 | places = []
70 |
71 | if 'paths' in config and conf_template_paths in config['paths']:
72 | custom_places = config['paths'][conf_template_paths].split(':')
73 | for custom_path in custom_places:
74 | if os.path.isabs(custom_path):
75 | places.append(custom_path)
76 | else:
77 | places.append(os.path.join(project_root, custom_path))
78 |
79 | for term in terms:
80 | if '_original_file' in inject:
81 | relative_path = utils.path_dwim_relative(inject['_original_file'], 'templates', '', self.basedir, check=False)
82 | places.append(relative_path)
83 | for path in places:
84 | template = os.path.join(path, term)
85 | if template and os.path.exists(template):
86 | ret.append(template)
87 | break
88 | else:
89 | raise errors.AnsibleError("could not locate file in lookup: %s" % term)
90 |
91 | return ret
92 |
93 | return LookupModuleV1(*args, **kwargs)
94 |
95 | else:
96 | from ansible.errors import AnsibleError
97 | from ansible.plugins.lookup import LookupBase
98 | class LookupModuleV2(LookupBase):
99 |
100 | def run(self, terms, variables=None, **kwargs):
101 | ret = []
102 |
103 | # this can happen if the variable contains a string, strictly not desired for lookup
104 | # plugins, but users may try it, so make it work.
105 | if not isinstance(terms, list):
106 | terms = [ terms ]
107 |
108 | project_root = find_debops_project(required=False)
109 | config = read_config(project_root)
110 | places = []
111 |
112 | if 'paths' in config and conf_template_paths in config['paths']:
113 | custom_places = config['paths'][conf_template_paths].split(':')
114 | for custom_path in custom_places:
115 | if os.path.isabs(custom_path):
116 | places.append(custom_path)
117 | else:
118 | places.append(os.path.join(project_root, custom_path))
119 |
120 | for term in terms:
121 | if 'role_path' in variables:
122 | relative_path = self._loader.path_dwim_relative(variables['role_path'], 'templates', '')
123 | places.append(relative_path)
124 | for path in places:
125 | template = os.path.join(path, term)
126 | if template and os.path.exists(template):
127 | ret.append(template)
128 | break
129 | else:
130 | raise AnsibleError("could not locate file in lookup: %s" % term)
131 |
132 | return ret
133 |
134 | return LookupModuleV2(*args, **kwargs)
135 |
136 |
--------------------------------------------------------------------------------
/ansible/requirements.default.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - src: https://github.com/mbarcia/ansible-console
3 | version: 890086fe8cc22ee96098ca4fc82c96d90b4d2e34
4 | name: debops.console
5 | - src: https://github.com/debops/ansible-secret
6 | version: v0.2.3
7 | name: debops.secret
8 | - src: https://github.com/debops/ansible-ferm
9 | version: v0.2.1
10 | name: debops.ferm
11 | - src: https://github.com/debops/ansible-bootstrap
12 | version: v0.1.2
13 | name: debops.bootstrap
14 | - src: https://github.com/debops/ansible-tcpwrappers
15 | version: v0.1.0
16 | name: debops.tcpwrappers
17 | - src: https://github.com/mbarcia/ansible-core.git
18 | version: 03f566bb00c3bf7e5e5c0d2275f89b2077ac3dfa
19 | name: debops.core
20 | - src: https://github.com/mbarcia/ansible-users
21 | version: v0.1.6
22 | name: debops.users
23 | - src: https://github.com/mbarcia/ansible-postfix
24 | version: master
25 | name: debops.postfix
26 | - src: https://github.com/debops/ansible-sshkeys
27 | version: 52e8497a37c764b79efd97ee31a38974620a27f1
28 | name: debops.sshkeys
29 | - src: https://github.com/debops/ansible-sshd
30 | version: v0.2.3
31 | name: debops.sshd
32 | - src: https://github.com/mbarcia/ansible-php
33 | version: master
34 | name: drupsible.php
35 | - src: https://github.com/debops/ansible-etc_services
36 | version: v0.3.0
37 | name: debops.etc_services
38 | - src: https://github.com/mbarcia/drupsible-apache
39 | version: master
40 | name: drupsible.apache2
41 | - src: https://github.com/mbarcia/drupsible-memcached
42 | version: master
43 | name: drupsible.memcached
44 | - src: https://github.com/mbarcia/drupsible-newrelic
45 | version: master
46 | name: drupsible.newrelic
47 | - src: https://github.com/mbarcia/drupsible-composer
48 | version: master
49 | name: drupsible.composer
50 | - src: https://github.com/mbarcia/drupsible-drush
51 | version: master
52 | name: drupsible.drush
53 | - src: https://github.com/mbarcia/drupsible-samba
54 | version: master
55 | name: drupsible.samba
56 | - src: https://github.com/mbarcia/drupsible-mysql
57 | version: master
58 | name: drupsible.mysql
59 | - src: https://github.com/mbarcia/drupsible-deploy
60 | version: master
61 | name: drupsible.deploy
62 | - src: https://github.com/mbarcia/drupsible-varnish
63 | version: master
64 | name: drupsible.varnish
65 | - src: https://github.com/mbarcia/drupsible-uploadprogress
66 | version: master
67 | name: drupsible.uploadprogress
68 | - src: https://github.com/mbarcia/drupsible-xdebug
69 | version: master
70 | name: drupsible.xdebug
71 | - src: https://github.com/mbarcia/drupsible-twigc
72 | version: master
73 | name: drupsible.twigc
74 | - src: https://github.com/mbarcia/drupsible-drupal-console
75 | version: master
76 | name: drupsible.drupal-console
77 | - src: https://github.com/mbarcia/ansible-role-blackfire
78 | version: master
79 | name: drupsible.blackfire
80 |
--------------------------------------------------------------------------------
/bin/backup.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | #
3 | # Make backup of the current configuration
4 | #
5 | BACKUP_DIR_RAW="$HOME/drupsible-backups"
6 | BACKUP_DIR=${BACKUP_DIR_RAW/#\~/$HOME}
7 | DATE=$(date +%Y%m%d_%H%M%S)
8 | BACKUP_FILENAME="$1-$DATE.tar.gz"
9 | if [ ! -d "${BACKUP_DIR}" ]; then
10 | mkdir "${BACKUP_DIR}"
11 | fi
12 | tar czvf "$BACKUP_DIR/$BACKUP_FILENAME" --exclude "*.default" --exclude "*default.profile" --exclude "*/.git" --exclude "*.gz" --exclude "*.zip" --exclude "lookup_plugins" --exclude "README.*" "ansible" >/dev/null
13 | if [ "$?" == 0 ]; then
14 | echo "Backup of your current config files stored in $BACKUP_DIR/$BACKUP_FILENAME"
15 | else
16 | echo "Backup FAILED."
17 | fi
18 |
--------------------------------------------------------------------------------
/bin/configure.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | enter_password ()
4 | {
5 | local __resultvarname=$1
6 | local password_input=''
7 | while IFS= read -r -s -n1 char; do
8 | [[ -z $char ]] && { printf '\n'; break; } # ENTER pressed; output \n and break.
9 | if [[ $char == $'\x7f' ]]; then # backspace was pressed
10 | # Remove last char from output variable.
11 | [[ -n $password_input ]] && password_input=${password_input%?}
12 | # Erase '*' to the left.
13 | printf '\b \b'
14 | else
15 | # Add typed char to output variable.
16 | password_input+=$char
17 | # Print '*' in its stead.
18 | printf '*'
19 | fi
20 | done
21 | unset IFS
22 |
23 | eval $__resultvarname="'${password_input}'"
24 | }
25 |
26 | start_over ()
27 | {
28 | # Create APP_NAME.profile.tmp from the empty project template
29 | cp default.profile "${APP_NAME}.profile.tmp"
30 | # Write APP_NAME
31 | sed -i.bak "s/APP_NAME=.*/APP_NAME=\"${APP_NAME}\"/g" "${APP_NAME}.profile.tmp"
32 | }
33 |
34 | askyesno ()
35 | {
36 | while read -r -n 1 -s answer; do
37 | if [[ $answer = [YyNn] ]]; then
38 | [[ $answer = [Yy] ]] && retval=0
39 | [[ $answer = [Nn] ]] && retval=1
40 | break
41 | fi
42 | done
43 | return ${retval}
44 | }
45 |
46 | function clean_up {
47 | echo "-------------------------------------------------------------------------------"
48 | echo "Configuration script terminated."
49 | # Perform program exit housekeeping
50 | if [ ! -f "${APP_NAME}.profile.tmp" ]; then
51 | rm "${APP_NAME}.profile.tmp"
52 | fi
53 | echo "Run bin/configure.sh to start over."
54 | echo "-------------------------------------------------------------------------------"
55 | exit
56 | }
57 |
58 | trap clean_up SIGHUP SIGINT SIGTERM
59 |
60 | echo "-------------------------------------------------------------------------------"
61 | echo "Welcome to the Drupsible wizard"
62 | echo "==============================="
63 | echo
64 | echo "Take this brief questionnaire and you will be up and running in no time!"
65 | echo
66 | echo "You can start a new project from core profiles (minimal, standard), contributed"
67 | echo "distributions (bear, thunder), or import any existing project."
68 | echo "You can import a project from tarballs, from a live site, from a Git repo, or"
69 | echo "from a combination."
70 | echo
71 | echo "Available options are prompted between parenthesis, like (y|n)."
72 | echo "Default values (so you just hit Enter) are showed between brackets []."
73 | echo
74 | echo "You can Ctrl-C any time to start over."
75 | echo "-------------------------------------------------------------------------------"
76 |
77 | #
78 | # Chdir to top-level folder if needed.
79 | #
80 | if [ -f "../default.profile" ]; then
81 | echo
82 | echo "Changed current dir to the project's top level folder, for your convenience."
83 | cd .. || return 2
84 | fi
85 | #
86 | # Set APP_NAME.
87 | #
88 | if [ "$1" == "" ]; then
89 | # Take the folder name as app name, if app-name param has not been given.
90 | DIR_NAME=${PWD##*/}
91 | # But remove suffix -drupsible if any.
92 | PROJ_NAME=${DIR_NAME%-drupsible}
93 | echo
94 | echo "Application name?"
95 | echo "Your application/project name must be a good ID, as it will be used"
96 | echo "by Drupsible for things like naming config files, or MySQL users."
97 | echo "Type your application name, or just press Enter for $PROJ_NAME:"
98 | read -r APP_NAME
99 | if [ "${APP_NAME}" == "" ]; then
100 | APP_NAME="${PROJ_NAME}"
101 | echo "Application name set to ${PROJ_NAME}"
102 | fi
103 | else
104 | APP_NAME="$1"
105 | fi
106 |
107 | if [ ! -f "${APP_NAME}.profile" ]; then
108 | start_over
109 | else
110 | echo "${APP_NAME}.profile already exists. Do you want to start over? (y|n)"
111 | if ! askyesno; then
112 | echo "Do you want to re-generate ${APP_NAME}'s configuration? (y|n)"
113 | if askyesno; then
114 | ./bin/generate.sh "${APP_NAME}.profile"
115 | else
116 | echo "Done (nothing changed)."
117 | fi
118 | return
119 | else
120 | start_over
121 | fi
122 | fi
123 | #
124 | # Start interactive questionnaire
125 | #
126 | echo
127 | echo "What is the primary internet domain of your web application?"
128 | echo "This is not 'something.localhost' but the real domain, like wikipedia.org."
129 | echo "Type the domain of your web application:"
130 | read -r DOMAIN
131 | # Write DOMAIN
132 | sed -i.bak "s/DOMAIN=.*$/DOMAIN=\"${DOMAIN}\"/g" "${APP_NAME}.profile.tmp"
133 | echo
134 | echo "Hostname for your local environment? Default is local, so you can use"
135 | echo "http://local.${DOMAIN} for developing in your local workstation."
136 | echo "Press Enter for 'local' or type a hostname:"
137 | read -r HOSTNAME
138 | if [ "$HOSTNAME" == "" ]; then
139 | # Set hostname to default: local
140 | HOSTNAME="local"
141 | echo "FQDN set to local.${DOMAIN}"
142 | fi
143 | # Write HOSTNAME
144 | sed -i.bak "s/HOSTNAME=.*$/HOSTNAME=\"${HOSTNAME}\"/g" "${APP_NAME}.profile.tmp"
145 | echo
146 | echo "What Drupal version are you using?"
147 | echo "8 (or 7) will get you the latest stable, but you can also specify any"
148 | echo "particular Drupal core version, like 8.0.5 (or 7.43)"
149 | echo "Say the Drupal core version, or type Enter for Drupal 8:"
150 | read -r DRUPAL_VERSION
151 | if [ "$DRUPAL_VERSION" == "" ]; then
152 | DRUPAL_VERSION="8"
153 | echo "Drupal version set to 8 (latest stable)"
154 | fi
155 | # Write DRUPAL_VERSION
156 | sed -i.bak "s|DRUPAL_VERSION=.*$|DRUPAL_VERSION=\"${DRUPAL_VERSION}\"|g" "${APP_NAME}.profile.tmp"
157 | echo
158 | echo "Are you setting up a multilingual or non-english website? (y|n)"
159 | if askyesno; then
160 | MULTILINGUAL='yes'
161 | else
162 | MULTILINGUAL='no'
163 | fi
164 | # Write MULTILINGUAL
165 | sed -i.bak "s|MULTILINGUAL=.*$|MULTILINGUAL=\"${MULTILINGUAL}\"|g" "${APP_NAME}.profile.tmp"
166 | if [ "$MULTILINGUAL" == "yes" ]; then
167 | echo "Enumerate the languages, comma-separated, starting with the default language:"
168 | echo "For example, you could type es,en"
169 | read -r LANGUAGES
170 | LANGUAGES_NO_WHITESPACE="$(echo -e "${LANGUAGES}" | tr -d '[[:space:]]')"
171 | # Write LANGUAGES
172 | sed -i.bak "s|LANGUAGES=.*$|LANGUAGES=\"${LANGUAGES_NO_WHITESPACE}\"|g" "${APP_NAME}.profile.tmp"
173 | fi
174 | echo
175 | echo "Using a distribution or install profile? (y|n)"
176 | if askyesno; then
177 | USE_INSTALL_PROFILE='yes'
178 | else
179 | USE_INSTALL_PROFILE='no'
180 | fi
181 | # Write USE_INSTALL_PROFILE
182 | sed -i.bak "s|USE_INSTALL_PROFILE=.*$|USE_INSTALL_PROFILE=\"${USE_INSTALL_PROFILE}\"|g" "${APP_NAME}.profile.tmp"
183 | if [ "$USE_INSTALL_PROFILE" == "yes" ] && [ "$D_O_INSTALL_PROFILE" == "" ]; then
184 | echo "Name of contrib distribution, or core profile?"
185 | echo "If you are using a custom profile, leave this empty now."
186 | echo "For example, here you could type 'bear', or 'minimal'"
187 | read -r D_O_INSTALL_PROFILE
188 | # Write D_O_INSTALL_PROFILE
189 | sed -i.bak "s|D_O_INSTALL_PROFILE=.*$|D_O_INSTALL_PROFILE=\"${D_O_INSTALL_PROFILE}\"|g" "${APP_NAME}.profile.tmp"
190 | fi
191 | if [ "$USE_INSTALL_PROFILE" == "yes" ] && [ "$D_O_INSTALL_PROFILE" == "" ] && [ "$CUSTOM_INSTALL_PROFILE" == "" ]; then
192 | echo "Custom profile name?"
193 | echo "You will be able to configure the Git-related information in a moment."
194 | read -r CUSTOM_INSTALL_PROFILE
195 | # Write CUSTOM_INSTALL_PROFILE
196 | sed -i.bak "s|CUSTOM_INSTALL_PROFILE=.*$|CUSTOM_INSTALL_PROFILE=\"${CUSTOM_INSTALL_PROFILE}\"|g" "${APP_NAME}.profile.tmp"
197 | fi
198 | if [ "$USE_INSTALL_PROFILE" == "yes" ] && [ "$D_O_INSTALL_PROFILE" == "" ] && [ "$CUSTOM_INSTALL_PROFILE" == "" ]; then
199 | echo "WARNING: You have not specified a profile name. The core standard profile will be used."
200 | echo "======="
201 | fi
202 | echo
203 | if [ "$USE_INSTALL_PROFILE" == "yes" ]; then
204 | if [ "$CUSTOM_INSTALL_PROFILE" != "" ] || ([ "$D_O_INSTALL_PROFILE" != "" ] && [ "$D_O_INSTALL_PROFILE" != "standard" ] && [ "$D_O_INSTALL_PROFILE" != "minimal" ] && [ "$D_O_INSTALL_PROFILE" != "testing" ]); then
205 | echo "Are you using drush make? (y|n)"
206 | if [ "$D_O_INSTALL_PROFILE" != "" ]; then
207 | echo "Hint: a Drupal.org distribution usually does, so if in doubt, press 'y'"
208 | fi
209 | if askyesno; then
210 | USE_DRUSH_MAKE='yes'
211 | else
212 | USE_DRUSH_MAKE='no'
213 | fi
214 | # Write USE_DRUSH_MAKE
215 | sed -i.bak "s|USE_DRUSH_MAKE=.*$|USE_DRUSH_MAKE=\"${USE_DRUSH_MAKE}\"|g" "${APP_NAME}.profile.tmp"
216 | if [ "$USE_DRUSH_MAKE" == "yes" ]; then
217 | if [ "$D_O_INSTALL_PROFILE" != "" ]; then
218 | echo "Makefile? [build-${D_O_INSTALL_PROFILE}.make]"
219 | echo "Hint: hit Enter if in doubt"
220 | elif [ "$CUSTOM_INSTALL_PROFILE" != "" ]; then
221 | echo "Makefile? [build-${CUSTOM_INSTALL_PROFILE}.make]"
222 | echo "Hint: hit Enter if in doubt"
223 | fi
224 | read -r DRUSH_MAKEFILE
225 | if [ "$DRUSH_MAKEFILE" == "" ]; then
226 | if [ "$D_O_INSTALL_PROFILE" != "" ]; then
227 | DRUSH_MAKEFILE="build-${D_O_INSTALL_PROFILE}.make"
228 | elif [ "$CUSTOM_INSTALL_PROFILE" != "" ]; then
229 | DRUSH_MAKEFILE="build-${CUSTOM_INSTALL_PROFILE}.make"
230 | fi
231 | echo "Makefile set to ${DRUSH_MAKEFILE}"
232 | fi
233 | # Write DRUSH_MAKEFILE
234 | sed -i.bak "s|DRUSH_MAKEFILE=.*$|DRUSH_MAKEFILE=\"${DRUSH_MAKEFILE}\"|g" "${APP_NAME}.profile.tmp"
235 | else
236 | echo "Are you using composer? (y|n)"
237 | echo "Warning: support for composer is experimental"
238 | if askyesno; then
239 | USE_COMPOSER='yes'
240 | else
241 | USE_COMPOSER='no'
242 | fi
243 | # Write USE_COMPOSER
244 | sed -i.bak "s|USE_COMPOSER=.*$|USE_COMPOSER=\"${USE_COMPOSER}\"|g" "${APP_NAME}.profile.tmp"
245 | fi
246 | fi
247 | fi
248 | echo
249 | if [ "$USE_INSTALL_PROFILE" == "yes" ]; then
250 | echo "Are you using drush site-install? (y|n)"
251 | echo "Hint: an install profile usually needs this so, if in doubt, press 'y'"
252 | if askyesno; then
253 | USE_SITE_INSTALL='yes'
254 | else
255 | USE_SITE_INSTALL='no'
256 | fi
257 | # Write USE_SITE_INSTALL
258 | sed -i.bak "s|USE_SITE_INSTALL=.*$|USE_SITE_INSTALL=\"${USE_SITE_INSTALL}\"|g" "${APP_NAME}.profile.tmp"
259 | fi
260 | echo
261 | if [ "$USE_SITE_INSTALL" == "" ] || [ "$USE_SITE_INSTALL" == "no" ]; then
262 | echo "Are you importing the content from another Drupal site? (y|n)"
263 | echo "You will need to inform its remote host, user, and base path."
264 | if askyesno; then
265 | USE_UPSTREAM_SITE='yes'
266 | else
267 | USE_UPSTREAM_SITE='no'
268 | fi
269 | # Write USE_UPSTREAM_SITE
270 | sed -i.bak "s|USE_UPSTREAM_SITE=.*$|USE_UPSTREAM_SITE=\"${USE_UPSTREAM_SITE}\"|g" "${APP_NAME}.profile.tmp"
271 | if [ "$USE_UPSTREAM_SITE" == "yes" ]; then
272 | #
273 | echo "Remote upstream host?"
274 | read -r REMOTE_UPSTREAM_HOST
275 | # Write REMOTE_UPSTREAM_HOST
276 | sed -i.bak "s|REMOTE_UPSTREAM_HOST=.*$|REMOTE_UPSTREAM_HOST=\"${REMOTE_UPSTREAM_HOST}\"|g" "${APP_NAME}.profile.tmp"
277 | #
278 | echo "Remote upstream port to SSH to (if not 22)? []"
279 | read -r REMOTE_UPSTREAM_PORT
280 | # Write REMOTE_UPSTREAM_PORT
281 | sed -i.bak "s|REMOTE_UPSTREAM_PORT=.*$|REMOTE_UPSTREAM_PORT=\"${REMOTE_UPSTREAM_PORT}\"|g" "${APP_NAME}.profile.tmp"
282 | #
283 | echo "Username to SSH into that remote host? []"
284 | read -r REMOTE_UPSTREAM_USER
285 | # Write REMOTE_UPSTREAM_USER
286 | sed -i.bak "s|REMOTE_UPSTREAM_USER=.*$|REMOTE_UPSTREAM_USER=\"${REMOTE_UPSTREAM_USER}\"|g" "${APP_NAME}.profile.tmp"
287 | #
288 | echo "Full site path in the remote host (docroot)?"
289 | read -r REMOTE_UPSTREAM_DOCROOT
290 | # Write REMOTE_UPSTREAM_DOCROOT
291 | sed -i.bak "s|REMOTE_UPSTREAM_DOCROOT=.*$|REMOTE_UPSTREAM_DOCROOT=\"${REMOTE_UPSTREAM_DOCROOT}\"|g" "${APP_NAME}.profile.tmp"
292 | #
293 | echo "If using a bastion host (as in ProxyCommand ssh), enter its credentials: []"
294 | read -r REMOTE_UPSTREAM_PROXY_CREDENTIALS
295 | # Write REMOTE_UPSTREAM_PROXY_CREDENTIALS
296 | sed -i.bak "s|REMOTE_UPSTREAM_PROXY_CREDENTIALS=.*$|REMOTE_UPSTREAM_PROXY_CREDENTIALS=\"${REMOTE_UPSTREAM_PROXY_CREDENTIALS}\"|g" "${APP_NAME}.profile.tmp"
297 | #
298 | echo "Bastion host port to SSH to (if not 22)? []"
299 | read -r REMOTE_UPSTREAM_PROXY_PORT
300 | # Write REMOTE_UPSTREAM_PROXY_PORT
301 | sed -i.bak "s|REMOTE_UPSTREAM_PROXY_PORT=.*$|REMOTE_UPSTREAM_PROXY_PORT=\"${REMOTE_UPSTREAM_PROXY_PORT}\"|g" "${APP_NAME}.profile.tmp"
302 | #
303 | echo "Enter any other SSH options needed: []"
304 | read -r REMOTE_UPSTREAM_SSH_OPTIONS
305 | # Write REMOTE_UPSTREAM_SSH_OPTIONS
306 | sed -i.bak "s|REMOTE_UPSTREAM_SSH_OPTIONS=.*$|REMOTE_UPSTREAM_SSH_OPTIONS=\"${REMOTE_UPSTREAM_SSH_OPTIONS}\"|g" "${APP_NAME}.profile.tmp"
307 | #
308 | echo "Are you rsync'ing files from this Drupal site? (y|n)"
309 | if askyesno; then
310 | SYNC_FILES='yes'
311 | else
312 | SYNC_FILES='no'
313 | fi
314 | # Write SYNC_FILES
315 | sed -i.bak "s|SYNC_FILES=.*$|SYNC_FILES=\"${SYNC_FILES}\"|g" "${APP_NAME}.profile.tmp"
316 | if [ "$SYNC_FILES" == "yes" ]; then
317 | echo "Files path relative to the docroot? [sites/default/files]"
318 | read -r REMOTE_UPSTREAM_FILES_PATH
319 | if [ "$REMOTE_UPSTREAM_FILES_PATH" == "" ]; then
320 | REMOTE_UPSTREAM_FILES_PATH='sites/default/files'
321 | echo "Path set to ${REMOTE_UPSTREAM_FILES_PATH}"
322 | fi
323 | # Write REMOTE_UPSTREAM_FILES_PATH
324 | sed -i.bak "s|REMOTE_UPSTREAM_FILES_PATH=.*$|REMOTE_UPSTREAM_FILES_PATH=\"${REMOTE_UPSTREAM_FILES_PATH}\"|g" "${APP_NAME}.profile.tmp"
325 | fi
326 | #
327 | echo "Are you sql-sync'ing the DB from this other Drupal site? (y|n)"
328 | if askyesno; then
329 | SYNC_DB='yes'
330 | else
331 | SYNC_DB='no'
332 | fi
333 | # Write SYNC_DB
334 | sed -i.bak "s|SYNC_DB=.*$|SYNC_DB=\"${SYNC_DB}\"|g" "${APP_NAME}.profile.tmp"
335 | fi
336 | if [ "$SYNC_DB" == "" ] || [ "$SYNC_DB" == "no" ]; then
337 | echo "The DB dump is a SQL file, in plain text (.sql) or gzipped (.sql.gz), and must be present in ansible/playbooks/dbdumps."
338 | echo "Make sure the SQL statements do NOT start with a CREATE DATABASE."
339 | echo "DB dump filename?"
340 | read -r DBDUMP
341 | # Write DBDUMP
342 | sed -i.bak "s|DBDUMP=.*$|DBDUMP=\"${DBDUMP}\"|g" "${APP_NAME}.profile.tmp"
343 | fi
344 | if [ "$SYNC_FILES" == "" ] || [ "$SYNC_FILES" == "no" ]; then
345 | echo "The files archive can be a tar (.tar), a gzip (.tar.gz), a bzip2 or a xz archive, and must be present in ansible/playbooks/files-tarballs."
346 | echo "Make sure the archive you provide produces a 'files' folder when decompressed."
347 | echo "Files tarball filename?"
348 | read -r FILES_TARBALL
349 | # Write FILES_TARBALL
350 | sed -i.bak "s|FILES_TARBALL=.*$|FILES_TARBALL=\"${FILES_TARBALL}\"|g" "${APP_NAME}.profile.tmp"
351 | fi
352 | fi
353 | echo
354 | if ([ "$USE_INSTALL_PROFILE" == "" ] || [ "$USE_INSTALL_PROFILE" == "no" ]) || ([ "$USE_INSTALL_PROFILE" == "yes" ] && [ "$CUSTOM_INSTALL_PROFILE" != "" ]); then
355 | echo "Using a codebase tarball? (y|n)"
356 | if askyesno; then
357 | USE_CODEBASE_TARBALL='yes'
358 | else
359 | USE_CODEBASE_TARBALL='no'
360 | fi
361 | if [ "$USE_CODEBASE_TARBALL" == "yes" ]; then
362 | echo "The codebase archive can be a tar (.tar), a gzip (.tar.gz), a bzip2 or a xz archive, and must be present in ansible/playbooks/codebase-tarballs."
363 | echo "Make sure the archive you provide produces index.php at the top-most level when decompressed (a.k.a. 'tarbomb') and does not include sites/default/files."
364 | echo "Codebase tarball filename?"
365 | read -r CODEBASE_TARBALL
366 | # Write CODEBASE_TARBALL
367 | sed -i.bak "s|CODEBASE_TARBALL=.*$|CODEBASE_TARBALL=\"${CODEBASE_TARBALL}\"|g" "${APP_NAME}.profile.tmp"
368 | else
369 | # GIT config values
370 | echo "Protocol to access your Git clone URL? (ssh|https|git|http)"
371 | read -r GIT_PROTOCOL
372 | # Write GIT_PROTOCOL
373 | sed -i.bak "s/GIT_PROTOCOL=.*$/GIT_PROTOCOL=\"${GIT_PROTOCOL}\"/g" "${APP_NAME}.profile.tmp"
374 | echo "Git server name?"
375 | echo "For example, bitbucket.org"
376 | read -r GIT_SERVER
377 | # Write GIT_SERVER
378 | sed -i.bak "s/GIT_SERVER=.*$/GIT_SERVER=\"${GIT_SERVER}\"/g" "${APP_NAME}.profile.tmp"
379 | echo "Git username who will be cloning the Drupal repository? (github and bitbucket user is 'git')"
380 | read -r GIT_USER
381 | # Write GIT_USER
382 | sed -i.bak "s/GIT_USER=.*$/GIT_USER=\"${GIT_USER}\"/g" "${APP_NAME}.profile.tmp"
383 | echo "Git path of your Drupal repository?"
384 | echo "For example, /mbarcia/drupsible-project.git. In the case of a bitbucket repository, prepend the path with a colon instead of a forward slash."
385 | read -r GIT_PATH
386 | # Write GIT_PATH
387 | sed -i.bak "s|GIT_PATH=.*$|GIT_PATH=\"${GIT_PATH}\"|g" "${APP_NAME}.profile.tmp"
388 | if [ ! ${GIT_PATH:0:1} == "/" ] && [ ! ${GIT_PATH:0:1} == ":" ]; then
389 | GIT_PATH="$GIT_PATH/"; :
390 | echo "(mind that the Git path provided has been prepended a slash: ${GIT_PATH})"
391 | fi
392 | echo "Git password?"
393 | echo "(leave this empty if you use SSH deployment keys)"
394 | enter_password "GIT_PASS"
395 | # Write GIT_PASS
396 | if [ ! "$GIT_PASS" == "" ]; then
397 | mkdir -p "./ansible/secret/credentials/${APP_NAME}/git"
398 | touch "./ansible/secret/credentials/${APP_NAME}/git/${GIT_USER}"
399 | echo "${GIT_PASS}" > "./ansible/secret/credentials/${APP_NAME}/git/${GIT_USER}"
400 | else
401 | echo "Your clone URL must be (according to the parts you informed, and excluding any password):"
402 | echo "${GIT_PROTOCOL}://${GIT_USER}@${GIT_SERVER}${GIT_PATH}"
403 | fi
404 | echo "Branch/version of your codebase? [master]"
405 | read -r GIT_BRANCH
406 | if [ "$GIT_BRANCH" == "" ]; then
407 | GIT_BRANCH='master'
408 | echo "Branch/version set to master"
409 | fi
410 | # Write GIT_BRANCH
411 | sed -i.bak "s|GIT_BRANCH=.*$|GIT_BRANCH=\"${GIT_BRANCH}\"|g" "${APP_NAME}.profile.tmp"
412 | fi
413 | fi
414 | echo
415 | # Gather input about VM IP mode (static or dynamic)
416 | IP_OPTION1='Static IP (set by Drupsible recommended)'
417 | IP_OPTION2='Static IP (set by yourself)'
418 | IP_OPTION3='Dynamic IP (DHCP)'
419 | echo "${IP_OPTION1} means Drupsible will generate and use a valid static IP."
420 | echo "${IP_OPTION2} means you can type your own specific IP."
421 | echo "${IP_OPTION3} means Drupsible will use DHCP to get an IP from "
422 | echo "the DHCP server in your workstation's network."
423 | echo
424 | echo "Choose the first option if you are not sure what this means."
425 | PS3="Your choice: "
426 | optionstring="${IP_OPTION1},${IP_OPTION2},${IP_OPTION3}"
427 | # Save the current IFS (Internal Field Separator)
428 | OIFS=$IFS
429 | # New IFS
430 | IFS=','
431 | options=( $optionstring )
432 | # Restore the IFS
433 | IFS=${OIFS}
434 | IP_ADDR_RANDOM_BIT=$(dd if=/dev/urandom bs=2 count=1 2>/dev/null | od -An -tu1 | sed -e 's/^ *//' -e 's/ */./g' -e 's/^\(.*\)\.$/\1/g')
435 | IP_ADDR_RANDOM="192.168.${IP_ADDR_RANDOM_BIT}"
436 | IP_ADDR=""
437 | select opt in "${options[@]}"
438 | do
439 | case $opt in
440 | "${IP_OPTION1}")
441 | IP_ADDR="${IP_ADDR_RANDOM}"
442 | echo "Static IP ${IP_ADDR} has been assigned to your VM."
443 | break
444 | ;;
445 | "${IP_OPTION2}")
446 | echo "IP address? [${IP_ADDR_RANDOM}]"
447 | read -r IP_ADDR_CUSTOM
448 | if [ "$IP_ADDR_CUSTOM" == "" ]; then
449 | IP_ADDR_CUSTOM="${IP_ADDR_RANDOM}"
450 | fi
451 | IP_ADDR="${IP_ADDR_CUSTOM}"
452 | echo "Static IP ${IP_ADDR_CUSTOM} has been assigned to your VM."
453 | break
454 | ;;
455 | "${IP_OPTION3}")
456 | echo "${IP_OPTION3} makes it possible to access your local website from other workstations in your network."
457 | echo "With ${IP_OPTION3}, the VM will be provisioned but afterwards, in order to "
458 | echo "access your website, you will need to manually add the IP your /etc/hosts "
459 | echo "file (in Windows systems, this file can be found at "
460 | echo "C:\Windows\System32\drivers\etc\hosts)."
461 | echo
462 | echo "After your VM has been provisioned, run 'vagrant ssh' and type"
463 | echo "sudo ifconfig -a"
464 | echo "Take note of the inet address of your eth1 and add this line to /etc/hosts."
465 | echo " ${HOSTNAME}.${DOMAIN}"
466 | echo
467 | echo "Add the same line to the etc/hosts of every workstation that needs access to your website."
468 | echo "Warning: the docroot and home folders of your VM will be shared with other machines within your network."
469 | break
470 | ;;
471 | *) echo "Invalid option"
472 | ;;
473 | esac
474 | done
475 | # Write IP_ADDR
476 | sed -i.bak "s|IP_ADDR=.*$|IP_ADDR=\"${IP_ADDR}\"|g" "${APP_NAME}.profile.tmp"
477 |
478 | echo
479 | # Gather input about https enabled
480 | # HTTPS is currently available only on D7, so don't bother asking in D8
481 | echo "Want your website deployed as HTTPS://, instead of just http://? (y|n)"
482 | if [ "${DRUPAL_VERSION}" == '7' ]; then
483 | echo "Drupsible will install and configure securepages and patch D7's core, as instructed by securepages."
484 | fi
485 | if askyesno; then
486 | APP_HTTPS_ENABLED='yes'
487 | else
488 | APP_HTTPS_ENABLED='no'
489 | fi
490 | # Write APP_HTTPS_ENABLED
491 | sed -i.bak "s|APP_HTTPS_ENABLED=.*$|APP_HTTPS_ENABLED=\"${APP_HTTPS_ENABLED}\"|g" "${APP_NAME}.profile.tmp"
492 | echo
493 | # Gather input about SMTP enabled
494 | echo "Want to make use of a SMTP service? (y|n)"
495 | echo "(you will next be asked for server, port, username and password)"
496 | echo "Defaults are provided for using a free Gmail account."
497 | if askyesno; then
498 | if [ "$APP_POSTFIX_CLIENT_ENABLED" != "yes" ]; then
499 | echo "SMTP server? [smtp.gmail.com]"
500 | read -r SMTP_SERVER
501 | if [ "$SMTP_SERVER" == "" ]; then
502 | SMTP_SERVER='smtp.gmail.com'
503 | echo "SMTP server set to smtp.gmail.com"
504 | fi
505 | if [ "$SMTP_SERVER" == "smtp.gmail.com" ]; then
506 | echo
507 | echo "IMPORTANT: now change your Gmail's security as in https://support.google.com/accounts/answer/6010255"
508 | echo
509 | fi
510 | # Write SMTP_SERVER
511 | sed -i.bak "s/SMTP_SERVER=.*$/SMTP_SERVER=\"${SMTP_SERVER}\"/g" "${APP_NAME}.profile.tmp"
512 | echo "SMTP port? [587]"
513 | read -r SMTP_PORT
514 | if [ "$SMTP_PORT" == "" ]; then
515 | SMTP_PORT='587'
516 | echo "SMTP port set to 587"
517 | fi
518 | # Write SMTP_PORT
519 | sed -i.bak "s/SMTP_PORT=.*$/SMTP_PORT=\"${SMTP_PORT}\"/g" "${APP_NAME}.profile.tmp"
520 | echo "SMTP username?"
521 | echo "For example, ${APP_NAME}@gmail.com"
522 | read -r SMTP_USER
523 | # Write SMTP_USER
524 | sed -i.bak "s/SMTP_USER=.*$/SMTP_USER=\"${SMTP_USER}\"/g" "${APP_NAME}.profile.tmp"
525 | echo "SMTP password?"
526 | enter_password "SMTP_PASS"
527 | # Write SMTP_PASS to the secret dir
528 | if [ ! "${SMTP_PASS}" == "" ]; then
529 | mkdir -p "./ansible/secret/credentials/postfix/smtp_sasl_password_map/[${SMTP_SERVER}]:${SMTP_PORT}"
530 | touch "./ansible/secret/credentials/postfix/smtp_sasl_password_map/[${SMTP_SERVER}]:${SMTP_PORT}/${SMTP_USER}"
531 | echo "${SMTP_PASS}" > "./ansible/secret/credentials/postfix/smtp_sasl_password_map/[${SMTP_SERVER}]:${SMTP_PORT}/${SMTP_USER}"
532 | fi
533 | fi
534 | fi
535 | echo
536 | # Gather input about varnish enabled
537 | # Varnish does not perform SSL termination, so don't ask if HTTPS is enabled
538 | if [ "$APP_HTTPS_ENABLED" != "yes" ]; then
539 | echo "Want your website deployed behind Varnish? (y|n)"
540 | echo "The provided configuration is production-ready and also 'safe for development' (your browser will get fresh content with Ctrl-F5)."
541 | if askyesno; then
542 | APP_VARNISH_ENABLED='yes'
543 | else
544 | APP_VARNISH_ENABLED='no'
545 | fi
546 | # Write APP_VARNISH_ENABLED
547 | sed -i.bak "s|APP_VARNISH_ENABLED=.*$|APP_VARNISH_ENABLED=\"${APP_VARNISH_ENABLED}\"|g" "${APP_NAME}.profile.tmp"
548 | fi
549 | echo
550 | #
551 | # Connect to a new or existing ssh-agent
552 | #
553 | if ([ "$GIT_PASS" == "" ] && ([ "$USE_INSTALL_PROFILE" != "yes" ] || ([ "$USE_INSTALL_PROFILE" == "yes" ] && [ "$CUSTOM_INSTALL_PROFILE" != "" ])) && [ "$USE_CODEBASE_TARBALL" != "yes" ]) || [ "$USE_UPSTREAM_SITE" == "yes" ]; then
554 | echo "SSH key filename (to git clone, and/or sync with the upstream host)? [$HOME/.ssh/id_rsa]"
555 | read -r KEY_FILENAME
556 | if [ "$KEY_FILENAME" == "" ]; then
557 | # Set key to default: ~/.ssh/id_rsa
558 | KEY_FILENAME="$HOME/.ssh/id_rsa"
559 | # Detect whether the key is encrypted with a passphrase
560 | if grep "ENCRYPTED" ${KEY_FILENAME}; then
561 | # Invoke ssh-agent script, applying bash expansion to the tilde
562 | echo "Using key ${KEY_FILENAME} and, as it's encrypted, launching ssh-agent helper..."
563 | ./bin/ssh-agent.sh "${KEY_FILENAME/#\~/$HOME}"
564 | echo "Done."
565 | else
566 | echo "Using key ${KEY_FILENAME}."
567 | fi
568 | fi
569 | # Write KEY_FILENAME
570 | sed -i.bak "s|KEY_FILENAME=.*$|KEY_FILENAME=\"${KEY_FILENAME}\"|g" "${APP_NAME}.profile.tmp"
571 | fi
572 | #
573 | # Timezone configuration
574 | #
575 | # Try to detect current timezone in Mac, Cygwin and Linux
576 | echo "Detecting the Time Zone..."
577 | if hash systemsetup 2>/dev/null; then
578 | echo "Please enter your local password for sudo..."
579 | CURRENT_TZ=$(sudo systemsetup -gettimezone | sed "s|.*Time Zone: \(.*/.*\)$|\1|g")
580 | elif hash tzset 2>/dev/null; then
581 | CURRENT_TZ=$(tzset)
582 | elif hash timedatectl 2>/dev/null; then
583 | CURRENT_TZ=$(timedatectl | grep "Time zone" | sed "s|.*Time zone: \(.*/.*\) (.*)$|\1|g")
584 | else
585 | CURRENT_TZ=""
586 | fi
587 | if [ ! "${CURRENT_TZ}" == "" ]; then
588 | echo "Time Zone detected as ${CURRENT_TZ}."
589 | echo
590 | echo "Time Zone? [${CURRENT_TZ}]"
591 | else
592 | echo "Time Zone?"
593 | fi
594 | read -r DRUPSIBLE_TZ
595 | if [ "${DRUPSIBLE_TZ}" == "" ] && [ ! "${CURRENT_TZ}" == "" ]; then
596 | DRUPSIBLE_TZ=${CURRENT_TZ}
597 | echo "Time zone set to ${DRUPSIBLE_TZ}."
598 | fi
599 | echo
600 | # Write TIME_ZONE
601 | sed -i.bak "s|APP_TIMEZONE=.*$|APP_TIMEZONE=\"${DRUPSIBLE_TZ}\"|g" "${APP_NAME}.profile.tmp"
602 | #
603 | # Append last-mod
604 | #
605 | DATE_LEGEND=$(date +"%c %Z")
606 | PHRASE="Last reconfigured on"
607 | sed -i.bak "s/${PHRASE}:.*$/${PHRASE}: ${DATE_LEGEND}/g" "${APP_NAME}.profile.tmp"
608 | #
609 | # Save the result of .profile.tmp in .profile
610 | #
611 | cp "${APP_NAME}.profile.tmp" "${APP_NAME}.profile"
612 | # Remove temporary profile
613 | rm "${APP_NAME}.profile.tmp"
614 | rm "${APP_NAME}.profile.tmp.bak"
615 | #
616 | # Generate Drupsible configuration
617 | #
618 | ./bin/generate.sh "${APP_NAME}.profile"
619 |
--------------------------------------------------------------------------------
/bin/generate.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | #
3 | # Configures Vagrant and Ansible from the Drupsible profile provided.
4 | #
5 |
6 | if [ "$1" = "" ] || [ ! -f "$1" ]; then
7 | echo
8 | echo "Please provide a Drupsible profile, previously generated by bin/configure.sh."
9 | exit 1
10 | else
11 | source "$1"
12 | fi
13 |
14 | # First perform a backup
15 | ./bin/backup.sh "${APP_NAME}"
16 |
17 | #
18 | # Validate tarballs are found, if not, issue a warning message.
19 | #
20 | if [ "$CODEBASE_TARBALL" != "" ] && [ ! -f "ansible/playbooks/codebase-tarballs/$CODEBASE_TARBALL" ]; then
21 | echo
22 | echo "WARNING: Copy $CODEBASE_TARBALL to ansible/playbooks/codebase-tarballs/"
23 | echo "======="
24 | echo "Make sure the archive you provide produces index.php at the top-most level when decompressed (a.k.a. 'tarbomb') and does not include sites/default/files."
25 | fi
26 | if [ "$FILES_TARBALL" != "" ] && [ ! -f "ansible/playbooks/files-tarballs/$FILES_TARBALL" ]; then
27 | echo
28 | echo "WARNING: Copy $FILES_TARBALL to ansible/playbooks/files-tarballs/"
29 | echo "======="
30 | echo "Make sure the archive you provide produces a files folder when decompressed."
31 | fi
32 | if [ "$DBDUMP" != "" ] && [ ! -f "ansible/playbooks/dbdumps/$DBDUMP" ]; then
33 | echo
34 | echo "WARNING: Please copy $DBDUMP to ansible/playbooks/dbdumps/"
35 | echo "======="
36 | echo "Make sure the SQL statements do NOT start with a CREATE DATABASE."
37 | fi
38 | FILES_LIST=""
39 | for file in ".gitignore" "ansible.cfg" "Vagrantfile" "vagrant.yml"
40 | do
41 | if [ ! -f "${file}" ]; then
42 | cp "${file}".default "${file}"
43 | if [ "${FILES_LIST}" != "" ]; then
44 | FILES_LIST="${FILES_LIST}, ${file}"
45 | else
46 | FILES_LIST="${file}"
47 | fi
48 | fi
49 | done
50 | if [ "${FILES_LIST}" != "" ]; then
51 | echo
52 | echo "${FILES_LIST} have been created locally for your convenience."
53 | fi
54 | sed -i.bak "s/ip_addr:.*/ip_addr: '${IP_ADDR}'/g" vagrant.yml
55 | sed -i.bak "s/domain:.*/domain: '${DOMAIN}'/g" vagrant.yml
56 | sed -i.bak "s|sshkey:.*|sshkey: '${KEY_FILENAME}'|g" vagrant.yml
57 | # Remove any possible app duplicates
58 | sed -i.bak "s|^- name\: '${APP_NAME}'$||g" vagrant.yml
59 | # Add app name to the list
60 | sed -i.bak "/apps\:/a\\
61 | - name: '${APP_NAME}'\\
62 | " vagrant.yml
63 | # Remove empty lines
64 | sed -i.bak '/^$/d' vagrant.yml
65 | #
66 | # ansible/requirements.yml
67 | #
68 | if [ ! -f ansible/requirements.yml ]; then
69 | cp ansible/requirements.default.yml ansible/requirements.yml
70 | echo
71 | echo "ansible/requirements.yml has been created locally for your convenience.."
72 | fi
73 | #
74 | # Create the inventory file for the local environment
75 | #
76 | for ENV in "-local"
77 | do
78 | #
79 | # Inventory file
80 | #
81 | if [ ! -f "ansible/inventory/${APP_NAME}${ENV}" ]; then
82 | cp "ansible/inventory/app_name${ENV}" "ansible/inventory/${APP_NAME}${ENV}"
83 | # Assign web domain
84 | sed -i.bak "s/app_webdomain=.*/app_webdomain=${DOMAIN}/g" "ansible/inventory/${APP_NAME}${ENV}"
85 | # Replace app_name by the actual app name
86 | sed -i.bak "s/app_name/${APP_NAME}/g" "ansible/inventory/${APP_NAME}${ENV}"
87 | # Assign hostname
88 | sed -i.bak "s/app_webhost=.*/app_webhost=${HOSTNAME}/g" "ansible/inventory/${APP_NAME}${ENV}"
89 | else
90 | echo
91 | echo "ansible/inventory/${APP_NAME}${ENV} already exists and has not been re-generated: if you have edited this file, double-check its content before proceeding."
92 | fi
93 | done
94 | #
95 | # Create env directories under playbooks/group_vars
96 | #
97 | for ENV in "" "-local" "-ci" "-qa" "-uat" "-prod"
98 | do
99 | # Copy/create the group vars directory under playbooks
100 | mkdir -p "ansible/playbooks/group_vars/${APP_NAME}${ENV}/"
101 | done
102 | #
103 | # Loop through the local + the default, creating the default group vars
104 | #
105 | for ENV in "" "-local"
106 | do
107 | #
108 | # Group vars
109 | #
110 | # Copy/create the group vars directory with the final config files in it
111 | mkdir -p "ansible/inventory/group_vars/${APP_NAME}${ENV}/"
112 | cp -pr "ansible/inventory/group_vars.default/app_name${ENV}/." "ansible/inventory/group_vars/${APP_NAME}${ENV}/"
113 | cd "ansible/inventory/group_vars/${APP_NAME}${ENV}" || exit 2
114 | # Perform the regexp replacements in the final config files
115 | sed -i.bak "s/app_name:.*/app_name: '${APP_NAME}'/g" all.yml
116 | if [ "$ENV" != "-local" ]; then
117 | sed -i.bak "s/app_user:.*/app_user: ${APP_NAME}/g" all.yml
118 | else
119 | sed -i.bak "s/app_user:.*/app_user: vagrant/g" all.yml
120 | fi
121 | sed -i.bak "s/app_drupal_version:.*/app_drupal_version: '${DRUPAL_VERSION}'/g" all.yml
122 | if [ "$MULTILINGUAL" == "yes" ]; then
123 | sed -i.bak "s|app_i18n_enabled:.*$|app_i18n_enabled: yes|g" all.yml
124 | if [ "$LANGUAGES" != "" ]; then
125 | sed -i.bak "s|app_languages:.*$|app_languages: [ ${LANGUAGES} ]|g" all.yml
126 | fi
127 | else
128 | sed -i.bak "s|app_i18n_enabled:.*$|app_i18n_enabled: no|g" all.yml
129 | fi
130 | if [ "$APP_HTTPS_ENABLED" == "yes" ]; then
131 | sed -i.bak "s|app_https_enabled:.*$|app_https_enabled: yes|g" all.yml
132 | sed -i.bak "s|^#- securepages$|- securepages|g" ops-features.yml
133 | # Varnish can only be enabled in http (not https)
134 | sed -i.bak "s|app_varnish_enabled:.*$|app_varnish_enabled: no|g" all.yml
135 | else
136 | sed -i.bak "s|^- securepages$|#- securepages|g" ops-features.yml
137 | if [ "$APP_VARNISH_ENABLED" == "yes" ]; then
138 | sed -i.bak "s|app_varnish_enabled:.*$|app_varnish_enabled: yes|g" all.yml
139 | sed -i.bak "s|^#- purge$|- purge|g" ops-features.yml
140 | sed -i.bak "s|^#- purge_purger_http$|- purge_purger_http|g" ops-features.yml
141 | sed -i.bak "s|^#- varnish$|- varnish|g" ops-features.yml
142 | else
143 | sed -i.bak "s|app_varnish_enabled:.*$|app_varnish_enabled: no|g" all.yml
144 | sed -i.bak "s|^- purge$|-# purge|g" ops-features.yml
145 | sed -i.bak "s|^- purge_purger_http$|-# purge_purger_http|g" ops-features.yml
146 | sed -i.bak "s|^- varnish$|-# varnish|g" ops-features.yml
147 | fi
148 | fi
149 | sed -i.bak "s|app_timezone:.*$|app_timezone: '${APP_TIMEZONE}'|g" all.yml
150 | if [ "$USE_INSTALL_PROFILE" == "yes" ]; then
151 | sed -i.bak "s/deploy_install_profile_enabled:.*$/deploy_install_profile_enabled: 'yes'/g" deploy.yml
152 | if [ "$D_O_INSTALL_PROFILE" != "" ]; then
153 | sed -i.bak "s/deploy_d_o_install_profile:.*$/deploy_d_o_install_profile: '${D_O_INSTALL_PROFILE}'/g" deploy.yml
154 | sed -i.bak "s/deploy_custom_install_profile:.*$/deploy_custom_install_profile: ''/g" deploy.yml
155 | elif [ "$CUSTOM_INSTALL_PROFILE" != "" ]; then
156 | sed -i.bak "s/deploy_custom_install_profile:.*$/deploy_custom_install_profile: '${CUSTOM_INSTALL_PROFILE}'/g" deploy.yml
157 | sed -i.bak "s/deploy_d_o_install_profile:.*$/deploy_d_o_install_profile: ''/g" deploy.yml
158 | else
159 | sed -i.bak "s/deploy_d_o_install_profile:.*$/deploy_d_o_install_profile: standard/g" deploy.yml
160 | fi
161 | if [ "$USE_DRUSH_MAKE" == "yes" ]; then
162 | sed -i.bak "s|deploy_drush_make_enabled:.*$|deploy_drush_make_enabled: 'yes'|g" deploy.yml
163 | sed -i.bak "s|deploy_composer_enabled:.*$|deploy_composer_enabled: 'no'|g" deploy.yml
164 | if [ "$DRUSH_MAKEFILE" != "" ]; then
165 | sed -i.bak "s|deploy_drush_makefile:.*$|deploy_drush_makefile: '${DRUSH_MAKEFILE}'|g" deploy.yml
166 | fi
167 | elif [ "$USE_COMPOSER" == "yes" ]; then
168 | sed -i.bak "s|deploy_composer_enabled:.*$|deploy_composer_enabled: 'yes'|g" deploy.yml
169 | sed -i.bak "s|deploy_drush_make_enabled:.*$|deploy_drush_make_enabled: 'no'|g" deploy.yml
170 | else
171 | sed -i.bak "s|deploy_drush_make_enabled:.*$|deploy_drush_make_enabled: 'no'|g" deploy.yml
172 | sed -i.bak "s|deploy_composer_enabled:.*$|deploy_composer_enabled: 'no'|g" deploy.yml
173 | fi
174 | else
175 | if [ ! "$CODEBASE_TARBALL" == "" ]; then
176 | sed -i.bak "s|deploy_codebase_tarball_filename:.*$|deploy_codebase_tarball_filename: '${CODEBASE_TARBALL}'|g" deploy.yml
177 | sed -i.bak "s|deploy_codebase_import_enabled:.*$|deploy_codebase_import_enabled: yes|g" deploy.yml
178 | else
179 | sed -i.bak "s|deploy_codebase_import_enabled:.*$|deploy_codebase_import_enabled: no|g" deploy.yml
180 | fi
181 | sed -i.bak "s/deploy_install_profile_enabled:.*$/deploy_install_profile_enabled: 'no'/g" deploy.yml
182 | fi
183 | if [ "$USE_UPSTREAM_SITE" == "yes" ]; then
184 | sed -i.bak "s|deploy_db_sync_enabled:.*$|deploy_db_sync_enabled: '${SYNC_DB}'|g" deploy.yml
185 | sed -i.bak "s|deploy_files_sync_enabled:.*$|deploy_files_sync_enabled: '${SYNC_FILES}'|g" deploy.yml
186 | sed -i.bak "s|deploy_upstream_remote_host:.*$|deploy_upstream_remote_host: '${REMOTE_UPSTREAM_HOST}'|g" deploy.yml
187 | sed -i.bak "s|deploy_upstream_remote_port:.*$|deploy_upstream_remote_port: '${REMOTE_UPSTREAM_PORT}'|g" deploy.yml
188 | sed -i.bak "s|deploy_upstream_remote_user:.*$|deploy_upstream_remote_user: '${REMOTE_UPSTREAM_USER}'|g" deploy.yml
189 | sed -i.bak "s|deploy_upstream_docroot:.*$|deploy_upstream_docroot: '${REMOTE_UPSTREAM_DOCROOT}'|g" deploy.yml
190 | sed -i.bak "s|deploy_upstream_files_path:.*$|deploy_upstream_files_path: '${REMOTE_UPSTREAM_FILES_PATH}'|g" deploy.yml
191 | sed -i.bak "s|deploy_upstream_proxy_credentials:.*$|deploy_upstream_proxy_credentials: '${REMOTE_UPSTREAM_PROXY_CREDENTIALS}'|g" deploy.yml
192 | sed -i.bak "s|deploy_upstream_proxy_port:.*$|deploy_upstream_proxy_port: '${REMOTE_UPSTREAM_PROXY_PORT}'|g" deploy.yml
193 | sed -i.bak "s|deploy_upstream_ssh_options:.*$|deploy_upstream_ssh_options: '${REMOTE_UPSTREAM_SSH_OPTIONS}'|g" deploy.yml
194 | fi
195 | if [ "$USE_SITE_INSTALL" == "yes" ]; then
196 | sed -i.bak "s|deploy_site_install_enabled:.*$|deploy_site_install_enabled: yes|g" deploy.yml
197 | else
198 | if [ ! "$DBDUMP" == "" ]; then
199 | sed -i.bak "s|deploy_db_dump_filename:.*$|deploy_db_dump_filename: '${DBDUMP}'|g" deploy.yml
200 | sed -i.bak "s|deploy_db_import_enabled:.*$|deploy_db_import_enabled: yes|g" deploy.yml
201 | else
202 | sed -i.bak "s|deploy_db_import_enabled:.*$|deploy_db_import_enabled: no|g" deploy.yml
203 | fi
204 | if [ ! "$FILES_TARBALL" == "" ]; then
205 | sed -i.bak "s|deploy_files_tarball_filename:.*$|deploy_files_tarball_filename: '${FILES_TARBALL}'|g" deploy.yml
206 | sed -i.bak "s|deploy_files_import_enabled:.*$|deploy_files_import_enabled: yes|g" deploy.yml
207 | else
208 | sed -i.bak "s|deploy_files_import_enabled:.*$|deploy_files_import_enabled: no|g" deploy.yml
209 | fi
210 | fi
211 | # Git config
212 | sed -i.bak "s/deploy_git_repo_protocol:.*$/deploy_git_repo_protocol: \"${GIT_PROTOCOL}\"/g" deploy.yml
213 | sed -i.bak "s/deploy_git_repo_server:.*$/deploy_git_repo_server: \"${GIT_SERVER}\"/g" deploy.yml
214 | sed -i.bak "s/deploy_git_repo_user:.*$/deploy_git_repo_user: \"${GIT_USER}\"/g" deploy.yml
215 | sed -i.bak "s|deploy_git_repo_path:.*$|deploy_git_repo_path: \"${GIT_PATH}\"|g" deploy.yml
216 | sed -i.bak "s|deploy_git_repo_version:.*$|deploy_git_repo_version: \"${GIT_BRANCH}\"|g" deploy.yml
217 | # SMTP config
218 | sed -i.bak "s/smtp_server:.*$/smtp_server: \"${SMTP_SERVER}\"/g" deploy.yml
219 | sed -i.bak "s/smtp_port:.*$/smtp_port: \"${SMTP_PORT}\"/g" deploy.yml
220 | sed -i.bak "s/smtp_user:.*$/smtp_user: \"${SMTP_USER}\"/g" deploy.yml
221 | # Change directory out of group vars
222 | cd - > /dev/null || exit 2
223 | done
224 | find . -name "*.bak" -type f -delete
225 | # Finish execution with a final message
226 | echo
227 | echo "-------------------------------------------------------------------------------"
228 | echo "Thank you, all of the Drupsible defaults have been properly generated."
229 | echo "You may override them by creating YAML files under "
230 | echo "ansible/playbooks/group_vars."
231 | echo
232 | echo "If this is your Ansible controller, refer to the docs to properly run "
233 | echo "ansible-playbook. You may need to run the bootstrap playbook for each host."
234 | echo "If so, have the root password at hand and run:"
235 | echo
236 | echo "ansible-playbook -l -u root -k ansible/playbooks/bootstrap.yml"
237 | echo "-------------------------------------------------------------------------------"
238 | echo "Or, if this is your local environment, just run vagrant up."
239 | echo " =========="
240 | echo "Vagrant will run the drupsible VM by default. You can edit vagrant.yml to change"
241 | echo "the VM box and other configuration values like the amount of RAM."
242 | echo "In case vagrant hangs, make sure VT-x/AMD-V is enabled in your BIOS settings."
243 | echo "-------------------------------------------------------------------------------"
244 |
--------------------------------------------------------------------------------
/bin/ssh-agent.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | #
3 | # Make sure the specified SSH key file exists
4 | #
5 | ID_FILE="${1}"
6 | if [ "${ID_FILE}" == "" ]; then
7 | ID_FILE="$HOME/.ssh/id_rsa"
8 | fi
9 | if [ ! -f "${ID_FILE}" ]; then
10 | echo
11 | echo "Error: SSH key file not found!"
12 | echo "=============================="
13 | echo "Please run bin/ssh-agent.sh "
14 | exit 2
15 | fi
16 |
17 | #
18 | # Make sure there is connection to an SSH agent
19 | #
20 | SSH_AGENT_DATA="$HOME/.ssh-agent"
21 | echo "Checking connection to SSH agent..."
22 | # Only try with ssh-add if SSH_AUTH_SOCK is non-null and non-zero
23 | if [ -n "$SSH_AUTH_SOCK" ]; then
24 | SSH_ADD_STATUS=$(ssh-add -l)
25 | FIRST="$?"
26 | fi
27 |
28 | if ([ -n "$SSH_AUTH_SOCK" ] && [ "$FIRST" -eq 2 ]) || [ -z "$SSH_AUTH_SOCK" ]; then
29 | # ssh-add exit status is 0 on success, 1 if the specified command fails,
30 | # and 2 if ssh-add is unable to contact the authentication agent.
31 | echo "SSH agent not in current session: trying stored connection..."
32 | test -r "$SSH_AGENT_DATA" && eval "$(<${SSH_AGENT_DATA/#\~/$HOME})" >/dev/null
33 | ssh-add -l &>/dev/null
34 | SECOND="$?"
35 | if [ "$SECOND" -ne 0 ]; then
36 | echo "Stored connection details not found or bogus: launching a new SSH agent..."
37 | (umask 066; ssh-agent > "${SSH_AGENT_DATA/#\~/$HOME}")
38 | echo "SSH agent launched, new connection details stored. Now connecting to it..."
39 | eval "$(<${SSH_AGENT_DATA/#\~/$HOME})" >/dev/null
40 | SSH_ADD_STATUS=$(ssh-add -l)
41 | THIRD="$?"
42 | if [ "$THIRD" -eq 2 ]; then
43 | echo "ERROR: Connection FAILED. Check your environment."
44 | echo "================================================="
45 | exit 1
46 | elif [ "$THIRD" -eq 0 ]; then
47 | echo "Connection successful."
48 | fi
49 | else
50 | echo "Connected to existing SSH agent (from stored connection details)"
51 | echo "Adding the SSH key..."
52 | fi
53 | elif [ -n "$SSH_AUTH_SOCK" ] && [ "$FIRST" -eq 0 ]; then
54 | echo "Connection successful."
55 | fi
56 | #
57 | # Add specified SSH key, if not already present
58 | #
59 | if [ -z "${SSH_ADD_STATUS##*$ID_FILE*}" ]; then
60 | echo "SSH key already present. You may proceed with the Drupsible playbooks."
61 | else
62 | ssh-add "$ID_FILE"
63 | FOURTH="$?"
64 | if [ "$FOURTH" -eq 0 ]; then
65 | echo "SSH key was added. You may proceed with the Drupsible playbooks."
66 | elif [ "$FOURTH" -eq 2 ]; then
67 | echo "ERROR: Connection FAILED. Check your environment."
68 | echo "================================================="
69 | exit 1
70 | fi
71 | fi
72 |
--------------------------------------------------------------------------------
/d8-packer.profile:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | #
3 | # Drupsible app profile.
4 | #
5 | # Contains the basic config values for your Drupal application.
6 | #
7 | APP_NAME="d8"
8 |
9 | # This is your primary web domain, like 'drupal.org'
10 | DOMAIN="drupsible.org"
11 | # This is your _local_ hostname, without the domain, so the Ansible inventory
12 | # can be generated automatically.
13 | # In all the other upper environments, inventories need to be created manually
14 | # by the user.
15 | HOSTNAME="local"
16 | #
17 | DRUPAL_VERSION="8"
18 | #
19 | MULTILINGUAL="no"
20 | # Enumerate the languages after commas, starting with the default language
21 | # Ie. es,en
22 | LANGUAGES=""
23 | #
24 | USE_INSTALL_PROFILE="yes"
25 | # This can be a core profile (ie. standard, or minimal) or a contrib profile (ie. bear, or thunder)
26 | D_O_INSTALL_PROFILE="standard"
27 | CUSTOM_INSTALL_PROFILE=""
28 | #
29 | USE_DRUSH_MAKE=""
30 | # Ie. build-bear.make
31 | DRUSH_MAKEFILE=""
32 | USE_COMPOSER=""
33 | #
34 | USE_SITE_INSTALL="yes"
35 | #
36 | USE_UPSTREAM_SITE=""
37 | REMOTE_UPSTREAM_HOST=""
38 | REMOTE_UPSTREAM_PORT=""
39 | REMOTE_UPSTREAM_USER=""
40 | REMOTE_UPSTREAM_DOCROOT=""
41 | SYNC_FILES=""
42 | REMOTE_UPSTREAM_FILES_PATH="sites/default/files"
43 | REMOTE_UPSTREAM_PROXY_CREDENTIALS=""
44 | REMOTE_UPSTREAM_PROXY_PORT=""
45 | REMOTE_UPSTREAM_SSH_OPTIONS=""
46 | SYNC_DB=""
47 | #
48 | # This tarball should contain the codebase of your drupal site.
49 | # It can be a tar, a gzip, a bzip2 or a xz.
50 | CODEBASE_TARBALL=""
51 | #
52 | # This is the DB dump of your drupal site to import into your local.
53 | # It is a SQL file, and can be in plain text format, or gzipped
54 | DBDUMP=""
55 | #
56 | # This is the sites/default/files tarball of your drupal site to
57 | # import into your local.
58 | # It can be a tar, a gzip, a bzip2 or a xz.
59 | FILES_TARBALL=""
60 | #
61 | KEY_FILENAME="~/.ssh/id_rsa"
62 | #
63 | # This is usually ssh
64 | GIT_PROTOCOL=""
65 | #
66 | # Ie. bitbucket.org
67 | GIT_SERVER=""
68 | #
69 | # Ie. git
70 | GIT_USER=""
71 | #
72 | GIT_PATH=""
73 | #
74 | GIT_BRANCH="master"
75 | #
76 | SMTP_SERVER="smtp.gmail.com"
77 | SMTP_PORT="587"
78 | SMTP_USER="mariano.barcia"
79 | #
80 | APP_HTTPS_ENABLED="yes"
81 | APP_VARNISH_ENABLED=""
82 | #
83 | APP_TIMEZONE="Europe/London"
84 | #
85 | IP_ADDR="192.168.57.171"
86 | # Last reconfigured on: Wed 15 Feb 04:10:24 2017 GMT
87 |
--------------------------------------------------------------------------------
/default.profile:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | #
3 | # Drupsible app profile.
4 | #
5 | # Contains the basic config values for your Drupal application.
6 | #
7 | APP_NAME=""
8 |
9 | # This is your primary web domain, like 'drupal.org'
10 | DOMAIN=""
11 | # This is your _local_ hostname, without the domain, so the Ansible inventory
12 | # can be generated automatically.
13 | # In all the other upper environments, inventories need to be created manually
14 | # by the user.
15 | HOSTNAME="local"
16 | #
17 | DRUPAL_VERSION="8"
18 | #
19 | MULTILINGUAL=""
20 | # Enumerate the languages after commas, starting with the default language
21 | # Ie. es,en
22 | LANGUAGES=""
23 | #
24 | USE_INSTALL_PROFILE=""
25 | # This can be a core profile (ie. standard, or minimal) or a contrib profile (ie. bear, or thunder)
26 | D_O_INSTALL_PROFILE=""
27 | CUSTOM_INSTALL_PROFILE=""
28 | #
29 | USE_DRUSH_MAKE=""
30 | # Ie. build-bear.make
31 | DRUSH_MAKEFILE=""
32 | USE_COMPOSER=""
33 | #
34 | USE_SITE_INSTALL=""
35 | #
36 | USE_UPSTREAM_SITE=""
37 | REMOTE_UPSTREAM_HOST=""
38 | REMOTE_UPSTREAM_PORT=""
39 | REMOTE_UPSTREAM_USER=""
40 | REMOTE_UPSTREAM_DOCROOT=""
41 | SYNC_FILES=""
42 | REMOTE_UPSTREAM_FILES_PATH="sites/default/files"
43 | REMOTE_UPSTREAM_PROXY_CREDENTIALS=""
44 | REMOTE_UPSTREAM_PROXY_PORT=""
45 | REMOTE_UPSTREAM_SSH_OPTIONS=""
46 | SYNC_DB=""
47 | #
48 | # This tarball should contain the codebase of your drupal site.
49 | # It can be a tar, a gzip, a bzip2 or a xz.
50 | CODEBASE_TARBALL=""
51 | #
52 | # This is the DB dump of your drupal site to import into your local.
53 | # It is a SQL file, and can be in plain text format, or gzipped
54 | DBDUMP=""
55 | #
56 | # This is the sites/default/files tarball of your drupal site to
57 | # import into your local.
58 | # It can be a tar, a gzip, a bzip2 or a xz.
59 | FILES_TARBALL=""
60 | #
61 | KEY_FILENAME="~/.ssh/id_rsa"
62 | #
63 | # This is usually ssh
64 | GIT_PROTOCOL=""
65 | #
66 | # Ie. bitbucket.org
67 | GIT_SERVER=""
68 | #
69 | # Ie. git
70 | GIT_USER=""
71 | #
72 | GIT_PATH=""
73 | #
74 | GIT_BRANCH="master"
75 | #
76 | SMTP_SERVER=
77 | SMTP_PORT=
78 | SMTP_USER=
79 | #
80 | APP_HTTPS_ENABLED=""
81 | APP_VARNISH_ENABLED=""
82 | #
83 | APP_TIMEZONE=""
84 | #
85 | IP_ADDR=""
86 | # Last reconfigured on:
87 |
--------------------------------------------------------------------------------
/scripts/app-aliases.sh:
--------------------------------------------------------------------------------
1 | #
2 | # Section added by Drupsible
3 | #
4 | # drupsible aliases
5 | alias pitiribi-deploy='ansible-playbook -i /vagrant/ansible/inventory/pitiribi-local /vagrant/ansible/playbooks/deploy.yml -e "app_name=pitiribi app_target=local"'
6 | alias pitiribi-config='ansible-playbook -i /vagrant/ansible/inventory/pitiribi-local /vagrant/ansible/playbooks/config.yml -e "app_name=pitiribi app_target=local"'
7 | alias pitiribi-config-deploy='ansible-playbook -i /vagrant/ansible/inventory/pitiribi-local /vagrant/ansible/playbooks/config-deploy.yml -e "app_name=pitiribi app_target=local"'
8 | #
9 | # End of section by Drupsible
10 | #
11 |
--------------------------------------------------------------------------------
/scripts/drupsible-deploy.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | export PYTHONUNBUFFERED=1
4 | export ANSIBLE_FORCE_COLOR=true
5 |
6 | APP_NAME="$1"
7 | APP_TARGET="$2"
8 | DEPLOY_ARGS="$3"
9 | TAGS="$4"
10 | SKIP_TAGS="$5"
11 | APP_FQDN="$6"
12 | HOST_IP_ADDR="$7"
13 |
14 | ANSIBLE_PLAYBOOK="/vagrant/ansible/playbooks/config-deploy.yml"
15 | ANSIBLE_INVENTORY="/vagrant/ansible/inventory/${APP_NAME}-${APP_TARGET}"
16 | EXTRA_VARS="${DEPLOY_ARGS} app_name=${APP_NAME} app_target=${APP_TARGET}"
17 |
18 | if [ ! -f $ANSIBLE_PLAYBOOK ]; then
19 | echo "Cannot find Ansible playbook at $ANSIBLE_PLAYBOOK."
20 | exit 1
21 | fi
22 |
23 | if [ ! -f $ANSIBLE_INVENTORY ]; then
24 | echo "Cannot find Ansible inventory at $ANSIBLE_INVENTORY."
25 | exit 1
26 | fi
27 |
28 | if [ -z "$TAGS" ]; then
29 | TAGS="all"
30 | fi
31 |
32 | echo "Running Drupsible configure and deploy playbook..."
33 | echo "Inventory file: $ANSIBLE_INVENTORY"
34 |
35 | if [ -z "$EXTRA_VARS" ]; then
36 | if [ -z "$SKIP_TAGS" ]; then
37 | ansible-playbook -i $ANSIBLE_INVENTORY $ANSIBLE_PLAYBOOK --tags "$TAGS"
38 | else
39 | ansible-playbook -i $ANSIBLE_INVENTORY $ANSIBLE_PLAYBOOK --tags "$TAGS" --skip-tags "$SKIP_TAGS"
40 | fi
41 | else
42 | if [ -z "$SKIP_TAGS" ]; then
43 | ansible-playbook -i $ANSIBLE_INVENTORY $ANSIBLE_PLAYBOOK --extra-vars "$EXTRA_VARS" --tags "$TAGS"
44 | else
45 | ansible-playbook -i $ANSIBLE_INVENTORY $ANSIBLE_PLAYBOOK --extra-vars "$EXTRA_VARS" --tags "$TAGS" --skip-tags "$SKIP_TAGS"
46 | fi
47 | fi
48 |
49 | if [ $? -eq 0 ]; then
50 | echo "Drupsible box has been provisioned and configured, YAY!"
51 | echo "======================================================="
52 | if [ "${HOST_IP_ADDR}" == "" ]; then
53 | echo "Make sure /etc/hosts (C:\Windows\System32\Drivers\etc\hosts)"
54 | echo "is able to resolve the IP properly, by following these steps:"
55 | echo " 1. Log into your VM with 'vagrant ssh'"
56 | echo " 2. Run 'sudo ifconfig -a', and take note of the eth1 IPv4"
57 | echo " address, and the MAC address (HWaddr) reported"
58 | echo " 3. Edit your /etc/hosts and add this line:"
59 | echo " ${APP_FQDN}"
60 | echo " 4. Try to fix/reserve IP to the MAC address in your LAN"
61 | echo " DHCP server, so you don't have to change it later on."
62 | else
63 | echo "Verify that /etc/hosts (C:\Windows\System32\Drivers\etc\hosts)"
64 | echo "contains this line:"
65 | echo "${HOST_IP_ADDR} ${APP_FQDN} # VAGRANT ..."
66 | fi
67 | echo
68 | echo "On Finder, Go->Connect to Server and type smb://Guest:@${APP_FQDN} (at least mount the 'app' volume)."
69 | echo "On Explorer, find a \\\\LOCAL server under Network."
70 | echo
71 | echo "On your browser, go to http://${APP_FQDN} for your Drupal website."
72 | echo
73 | echo "Happy development!"
74 | echo
75 | else
76 | echo "WARNING: Drupsible box has NOT been provisioned or configured"
77 | echo "============================================================="
78 | exit 1
79 | fi
80 |
--------------------------------------------------------------------------------
/scripts/drupsible-provision.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | export PYTHONUNBUFFERED=1
3 |
4 | ANSIBLE_VERSION="2.3.3.0"
5 | ANSIBLE_UPGRADE=""
6 |
7 | echo "Adding virtual memory capacity (swap space)..."
8 | dd if=/dev/zero of=/addswap bs=1024k count=2048
9 | mkswap /addswap
10 | chmod 0600 /addswap
11 | swapon /addswap
12 | echo "/addswap addswap swap defaults 0 0" >> /etc/fstab
13 | echo "2G of virtual memory have been added."
14 |
15 | apt-get update
16 |
17 | # Install Ansible and its dependencies if it's not installed already.
18 | if [ -f /usr/bin/ansible ] || [ -f /usr/local/bin/ansible ]; then
19 | ANSIBLE_VERSION_PACKED=$(ansible --version | grep "ansible 2" | sed 's/^ansible \(.*$\)/\1/g')
20 | if [ "$ANSIBLE_VERSION" == "$ANSIBLE_VERSION_PACKED" ]; then
21 | echo "Ansible is installed ($ANSIBLE_VERSION_PACKED)"
22 | python -m pip install --upgrade pip
23 | ANSIBLE_UPGRADE="no"
24 | else
25 | ANSIBLE_UPGRADE="yes"
26 | fi
27 | fi
28 |
29 | if [ "$ANSIBLE_UPGRADE" != "no" ]; then
30 | echo "Installing Ansible dependencies..."
31 | export DEBIAN_FRONTEND=noninteractive
32 | apt-get install -y zlib1g-dev libssl-dev libreadline-gplv2-dev libffi-dev
33 | apt-get install -y curl unzip
34 | apt-get install -y git python python-dev python-setuptools python-pip python-netaddr
35 | # Upgrade criptography before pyOpenSSL
36 | python -m pip install --upgrade 'cryptography>2.1.4'
37 | # Install pyOpenSSL before pip
38 | python -m easy_install --upgrade pyOpenSSL
39 | python -m pip install --upgrade pip
40 | # Make sure setuptools are installed correctly.
41 | python -m pip install --upgrade setuptools setupext-pip
42 | python -m pip install --upgrade --no-cache-dir paramiko PyYAML Jinja2 httplib2 six markupsafe
43 | # Jinja2 2.9 to 2.9.6 breaks Ansible 2.3.0.0
44 | # See https://github.com/ansible/ansible/issues/20063
45 | # Ansible version next to 2.3.0.0 will fix this
46 | if [ "$ANSIBLE_VERSION" == "2.3.0.0" ]; then
47 | python -m pip install -U 'jinja2<2.9'
48 | fi
49 | echo "Installing Ansible $ANSIBLE_VERSION..."
50 | python -m pip install ansible=="${ANSIBLE_VERSION}"
51 | fi
52 |
53 | echo "Installing Debops support..."
54 | apt-get install -y libsasl2-dev libldap2-dev
55 | python -m pip install debops
56 | # Download Drupsible roles
57 | echo "Installing Drupsible roles and its dependencies..."
58 | if [ -f /vagrant/ansible/requirements.yml ]; then
59 | ansible-galaxy install -r /vagrant/ansible/requirements.yml
60 | elif [ -f /etc/ansible/requirements.yml ]; then
61 | ansible-galaxy install -r /etc/ansible/requirements.yml
62 | else
63 | echo "Drupsible requirements not found"
64 | exit -1
65 | fi
66 |
--------------------------------------------------------------------------------
/scripts/shortcuts.sh:
--------------------------------------------------------------------------------
1 |
2 | #
3 | # Section added by Drupsible
4 | #
5 | # history search with arrow up-down, fx type "cd" and press arrow up
6 | bind '"\e[A": history-search-backward'
7 | bind '"\e[B": history-search-forward'
8 |
9 | # better dir colours
10 | LS_COLORS='di=0;32' ; export LS_COLORS
11 |
12 | # for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
13 | HISTSIZE=50001
14 | HISTFILESIZE=500001
15 |
16 | # check the window size after each command and, if necessary,
17 | # update the values of LINES and COLUMNS.
18 | shopt -s checkwinsize
19 |
20 | # ls aliases
21 | alias ll='ls -alF'
22 | alias la='ls -A'
23 | alias l='ls -CF'
24 |
25 | ## get rid of command not found ##
26 | alias cd..='cd ..'
27 |
28 | ## a quick way to get out of current directory ##
29 | alias ..='cd ..'
30 | alias ...='cd ../../../'
31 | #
32 | # End of section by Drupsible
33 | #
34 |
--------------------------------------------------------------------------------
/vagrant.yml.default:
--------------------------------------------------------------------------------
1 | apps:
2 |
3 | hosts:
4 | # name set by configure.sh
5 | - name: local
6 | # domain set by configure.sh
7 | domain: 'example.com'
8 | is_controller: yes
9 | # Drupsible will retrieve an IP from DHCP if ip_addr is left empty
10 | # ip_addr set by configure.sh
11 | ip_addr: ''
12 | netmask: '255.255.255.0'
13 | # Amount of memory assigned to the VM in Megs
14 | ram: 2048
15 | gui: false
16 | # mbarcia/drupsible is a Debian Jessie box with 6GB of disk space and Ansible 2 pre-installed
17 | box: 'mbarcia/drupsible'
18 | box_url: 'https://atlas.hashicorp.com/mbarcia/boxes/drupsible'
19 | # set by configure.sh
20 | sshkey: '~/.ssh/id_rsa'
21 | #
22 | # Other boxes you can use
23 | #
24 | # Identical to drupsible box only with 30G of disk space
25 | # box: 'mbarcia/drupsible-large'
26 | # box_url: 'https://atlas.hashicorp.com/mbarcia/boxes/drupsible-large'
27 | #
28 | # Ubuntu Trusty64 (default is 10G of disk space)
29 | # box: 'ubuntu/trusty64'
30 | # box_url: 'https://atlas.hashicorp.com/ubuntu/boxes/trusty64'
31 | #
32 | # Ubuntu Xenial64 (default is 10G of disk space)
33 | # box: 'ubuntu/xenial64'
34 | # box_url: 'https://vagrantcloud.com/ubuntu/boxes/xenial64'
35 | #
36 | # Switch to 'ubuntu' if using any Ubuntu box
37 | guest_distro: 'debian'
38 | # Following settings only applicable to Virtualbox
39 | pae: 'on'
40 | acpi: 'on'
41 | ioapic: 'on'
42 | chipset: 'ich9'
43 |
--------------------------------------------------------------------------------