recordsansible
/
ara
Code Issues Proposed changes
ara/roles/ara_api/tasks/config.yaml

111 lines
4.0 KiB
YAML
Raw Blame History

---
# Copyright (c) 2019 Red Hat, Inc.
#
# This file is part of ARA Records Ansible.
#
# ARA Records Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# ARA Records Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with ARA Records Ansible. If not, see <http://www.gnu.org/licenses/>.
- name: Verify if a configuration file exists
stat:
path: "{{ ara_api_settings }}"
register: settings_stat
# If no secret key has been provided and this isn't the first time we are
# running, recover the secret key from the existing configuration file.
- when:
- ara_api_secret_key is none
- settings_stat.stat.exists
block:
- name: Read the existing configuration file
command: cat "{{ ara_api_settings }}"
changed_when: false
no_log: yes
register: settings_contents
- name: Recover existing secret key
vars:
config: "{{ settings_contents.stdout | from_yaml }}"
set_fact:
ara_api_secret_key: "{{ config[ara_api_env]['SECRET_KEY'] }}"
no_log: yes
# If no secret key has been provided and this is the first time we are
# running, generate a new random secret key that will be persisted in the
# configuration file.
- when:
- ara_api_secret_key is none
- not settings_stat.stat.exists
block:
- name: Generate a random secret key
environment:
PATH: "{{ path_with_virtualenv | default(omit) }}"
command: python3 -c "from django.utils.crypto import get_random_string; print(get_random_string(length=50))"
no_log: yes
register: generated_key
- name: Set ara_api_secret_key
set_fact:
ara_api_secret_key: "{{ generated_key.stdout }}"
no_log: yes
- name: Validate distributed sqlite configuration
assert:
that:
- "ara_api_database_engine == 'ara.server.db.backends.distributed_sqlite'"
msg: |
The database engine should be 'ara.server.db.backends.distributed_sqlite'
when 'ara_api_distributed_sqlite' is true.
when: ara_api_distributed_sqlite
# Put configuration in a format we can write to a file
- name: Reconcile configuration
vars:
reconciled_configuration:
ALLOWED_HOSTS: "{{ ara_api_allowed_hosts }}"
BASE_DIR: "{{ ara_api_base_dir }}"
CORS_ORIGIN_ALLOW_ALL: "{{ ara_api_cors_origin_allow_all }}"
CORS_ORIGIN_WHITELIST: "{{ ara_api_cors_origin_whitelist }}"
DATABASE_ENGINE: "{{ ara_api_database_engine }}"
DATABASE_NAME: "{{ ara_api_database_name }}"
DATABASE_USER: "{{ ara_api_database_user }}"
DATABASE_PASSWORD: "{{ ara_api_database_password }}"
DATABASE_HOST: "{{ ara_api_database_host }}"
DATABASE_PORT: "{{ ara_api_database_port }}"
DATABASE_CONN_MAX_AGE: "{{ ara_api_database_conn_max_age }}"
DEBUG: "{{ ara_api_debug }}"
DISTRIBUTED_SQLITE: "{{ ara_api_distributed_sqlite }}"
DISTRIBUTED_SQLITE_PREFIX: "{{ ara_api_distributed_sqlite_prefix }}"
DISTRIBUTED_SQLITE_ROOT: "{{ ara_api_distributed_sqlite_root }}"
LOGGING: "{{ ara_api_logging }}"
LOG_LEVEL: "{{ ara_api_log_level }}"
SECRET_KEY: "{{ ara_api_secret_key }}"
READ_LOGIN_REQUIRED: "{{ ara_api_read_login_required }}"
WRITE_LOGIN_REQUIRED: "{{ ara_api_write_login_required }}"
PAGE_SIZE: "{{ ara_api_page_size }}"
set_fact:
ara_api_configuration: "{'{{ ara_api_env }}': {{ reconciled_configuration }} }"
no_log: yes
- name: Set up the ARA API configuration file
copy:
content: |
---
# Managed by the ara Ansible role
{{ ara_api_configuration | to_nice_yaml(indent=2) }}
dest: "{{ ara_api_settings }}"
mode: 0750
notify:
- restart ara-api
no_log: yes
View Git Blame Copy Permalink