recordsansible
/
ara-infra
Code Issues Proposed changes
ara-infra/roles/ara_server/tasks/config.yaml

105 lines
3.9 KiB
YAML
Raw Blame History

---
# Copyright (c) 2019 Red Hat, Inc.
#
# This file is part of ARA Records Ansible.
#
# ARA Records Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# ARA Records Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with ARA Records Ansible. If not, see <http://www.gnu.org/licenses/>.
- become: yes
become_user: "{{ ara_server_user }}"
block:
- name: Verify if a configuration file exists
stat:
path: "{{ ara_server_settings }}"
register: settings_stat
# If no secret key has been provided and this isn't the first time we are
# running, recover the secret key from the existing configuration file.
- when:
- ara_server_secret_key is none
- settings_stat.stat.exists
block:
- name: Read the configuration file
command: cat "{{ ara_server_settings }}"
changed_when: false
no_log: yes
register: settings_contents
- name: Recover existing secret key
vars:
config: "{{ settings_contents.stdout | from_yaml }}"
set_fact:
ara_server_secret_key: "{{ config[ara_server_env]['SECRET_KEY'] }}"
no_log: yes
# If no secret key has been provided and this is the first time we are
# running, generate a new random secret key that will be persisted in the
# configuration file.
- when:
- ara_server_secret_key is none
- not settings_stat.stat.exists
block:
- name: Generate a random secret key
environment:
PATH: "{{ path_with_virtualenv | default(omit) }}"
command: python3 -c "from django.utils.crypto import get_random_string; print(get_random_string(length=50))"
no_log: yes
register: generated_key
- name: Set ara_server_secret_key
set_fact:
ara_server_secret_key: "{{ generated_key.stdout }}"
no_log: yes
- name: Reconcile configuration
vars:
reconciled_configuration:
ALLOWED_HOSTS: "{{ ara_server_allowed_hosts }}"
BASE_DIR: "{{ ara_server_base_dir }}"
CORS_ORIGIN_ALLOW_ALL: "{{ ara_server_cors_origin_allow_all }}"
CORS_ORIGIN_WHITELIST: "{{ ara_server_cors_origin_whitelist }}"
DATABASES:
default:
ENGINE: "{{ ara_server_database_engine }}"
NAME: "{{ ara_server_database_name }}"
USER: "{{ ara_server_database_user }}"
PASSWORD: "{{ ara_server_database_password }}"
HOST: "{{ ara_server_database_host }}"
PORT: "{{ ara_server_database_port }}"
DEBUG: "{{ ara_server_debug }}"
LOGGING: "{{ ara_server_logging }}"
LOG_LEVEL: "{{ ara_server_log_level }}"
MEDIA_ROOT: "{{ ara_server_media_root }}"
MEDIA_URL: "{{ ara_server_media_url }}"
STATIC_ROOT: "{{ ara_server_static_root }}"
STATIC_URL: "{{ ara_server_static_url }}"
SECRET_KEY: "{{ ara_server_secret_key }}"
set_fact:
ara_server_configuration: "{'{{ ara_server_env }}': {{ reconciled_configuration }} }"
- name: Configure ara-server
become: yes
copy:
content: |
---
# Managed by the ara_server Ansible role
{{ ara_server_configuration | to_nice_yaml(indent=2) }}
dest: "{{ ara_server_settings }}"
owner: "{{ ara_server_user }}"
group: "{{ ara_server_group }}"
mode: 0750
notify:
- restart ara-server
no_log: yes
View Git Blame Copy Permalink