-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 54a1ca0
Showing
44 changed files
with
1,256 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
# Ansible | ||
*.key | ||
*-unencrypted.yml | ||
|
||
# Intellij | ||
.idea | ||
*.iml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
Ansible Tower Deployment | ||
======================== | ||
|
||
This collection of files provides a complete set of playbooks for deploying | ||
the Ansible Tower software to a single-server installation. | ||
|
||
Please read http://releases.ansible.com/ansible-tower/docs/tower_user_guide-latest.pdf for | ||
full documentation and installation/upgrade instructions. | ||
|
||
Be sure to edit group_vars/all prior to installation to change your choice | ||
of database password. | ||
|
||
To upgrade, set group_vars/all to the existing values prior to running | ||
the setup script again. Be sure you have the latest setup tarball | ||
prior to attempting an upgrade (e.g, don't try to upgrade to Tower 1.4.8 | ||
using the setup tarball you downloaded when running Tower 1.4.5). | ||
|
||
> *WARNING*: The playbook will overwrite the content | ||
> of `pg_hba.conf` and strip all comments from `supervisord.conf`. Run this | ||
> only on a clean virtual machine if you are not ok with this behavior. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
[defaults] | ||
|
||
# CentOS 6.5 gives several warnings when installing gmp, which | ||
# we don't want to see on a Tower install. | ||
# | ||
# Therefore, suppress system warnings for the setup playbook. | ||
system_warnings = no |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
--- | ||
# Variables applicable to all hosts | ||
|
||
# ***** CHANGES TO THESE PARAMETERS ARE ABSOLUTELY REQUIRED ***** | ||
|
||
pg_password: AWsecret | ||
admin_password: password | ||
munin_password: password | ||
rabbitmq_password: "AWXbunnies" | ||
|
||
# ***** OPTIONAL, NOT REQUIRED TO CHANGE **** | ||
|
||
# Optional variables defined in 'setup/roles/awx_install/defaults/main.yml' | ||
# ========================================================================= | ||
|
||
# aw_repo_url: "http://releases.ansible.com/ansible-tower" | ||
|
||
# Unprivileged User Account (for now, don't change this username) | ||
# aw_user: awx | ||
# aw_group: awx | ||
# aw_home: /var/lib/awx | ||
|
||
# Specify the awx package name | ||
# awx_package_name: ansible-tower | ||
|
||
# Django Options | ||
# admin_username: admin | ||
# admin_email: admin@example.com | ||
|
||
# Logging Options (for Django requests). Level should be ERROR to only log 500 | ||
# errors, WARNING to also log 4xx responses. | ||
# syslog_facility: local0 | ||
# syslog_level: ERROR | ||
|
||
# Apache Options | ||
# these addresses should match the external name of your server as you | ||
# are going to access them from other machines | ||
|
||
# httpd_server_name: localhost | ||
# httpd_server_aliases: | ||
# - localhost | ||
# - 127.0.0.1 | ||
|
||
# Optional variables defined in 'setup/roles/postgres/defaults/main.yml' | ||
# ====================================================================== | ||
|
||
# pg_username: awx | ||
# pg_database: awx | ||
|
||
# Optional variables defined in 'setup/roles/rabbitmq/defaults/main.yml' | ||
# ====================================================================== | ||
|
||
# rabbitmq_hostname: "localhost" | ||
# rabbitmq_port: 5672 | ||
# rabbitmq_vhost: "awx" | ||
# rabbitmq_username: "awx" | ||
|
||
# Optional variables defined in 'setup/roles/supervisor/defaults/main.yml' | ||
# ======================================================================== | ||
|
||
# Celery Settings | ||
# This takes the form of: max,min | ||
# celery_autoscale: 50,4 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
[all] | ||
127.0.0.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
--- | ||
# AnsibleWorks repository location. This should be the | ||
# root of the repo, and does not include the /deb or /rpm path | ||
aw_repo_url: "http://releases.ansible.com/ansible-tower" | ||
|
||
# Unprivileged User Account (for now, don't change this username) | ||
aw_user: awx | ||
aw_group: awx | ||
aw_home: /var/lib/awx | ||
|
||
# Specify the awx package name | ||
awx_package_name: ansible-tower | ||
|
||
# Django Options | ||
admin_username: admin | ||
admin_email: admin@example.com | ||
# defined in 'group_vars/all' | ||
# admin_password: FIXME | ||
|
||
# Logging Options (for Django requests). Level should be ERROR to only log 500 | ||
# errors, WARNING to also log 4xx responses. | ||
syslog_facility: local0 | ||
syslog_level: ERROR | ||
|
||
# Apache Options | ||
# these addresses should match the external name of your server as you | ||
# are going to access them from other machines | ||
|
||
httpd_server_name: localhost | ||
httpd_server_aliases: | ||
- localhost | ||
- 127.0.0.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,97 @@ | ||
--- | ||
# Tasks for installing and configuring AWX application. | ||
|
||
|
||
- include_vars: '{{ item }}' | ||
with_first_found: | ||
- files: | ||
- '{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml' # CentOS-6.5 | ||
- '{{ ansible_os_family }}-{{ ansible_distribution_version }}.yml' # RedHat-6.5 | ||
- '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml' # CentOS-6 | ||
- '{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml' # RedHat-6 | ||
- '{{ ansible_distribution }}.yml' # CentOS | ||
- '{{ ansible_os_family }}.yml' # RedHat | ||
- 'default.yml' | ||
paths: '../../supervisor/vars' | ||
|
||
- name: configure awx settings directory | ||
file: path=/etc/awx state=directory owner={{aw_user}} group={{aw_user}} mode=0770 | ||
|
||
- name: configure awx user home directory | ||
file: path={{aw_home}} state=directory owner={{aw_user}} group={{aw_user}} mode=0755 | ||
|
||
- name: configure awx .ssh directory | ||
file: path={{aw_home}}/.ssh state=directory owner={{aw_user}} group={{aw_user}} mode=0700 | ||
|
||
- name: configure awx projects directory | ||
file: path={{aw_home}}/projects state=directory owner={{aw_user}} group={{aw_user}} mode=0750 | ||
|
||
- name: configure awx job output directory | ||
file: path={{aw_home}}/job_status state=directory owner={{aw_user}} group={{aw_user}} mode=0750 | ||
|
||
- name: configure awx static directory | ||
file: path={{aw_home}}/public/static state=directory owner={{aw_user}} group={{aw_user}} mode=0755 recurse=yes | ||
|
||
- name: configure awx conf.d directory | ||
file: path=/etc/awx/conf.d state=directory owner={{aw_user}} group={{aw_group}} mode=0750 | ||
|
||
- name: configure tower log directory | ||
file: path=/var/log/awx state=directory owner={{aw_user}} group={{aw_user}} mode=0755 | ||
|
||
- name: configure tower warning log file | ||
file: path=/var/log/awx/tower_warnings.log owner={{aw_user}} group={{aw_group}} mode=0640 state=touch | ||
|
||
- name: configure awx celeryd settings | ||
template: src=celeryd.py.j2 dest=/etc/awx/conf.d/celeryd.py force=no | ||
notify: | ||
- restart httpd | ||
- restart apache2 | ||
- restart supervisor | ||
|
||
- name: configure file permissions on awx celeryd settings | ||
file: path=/etc/awx/conf.d/celeryd.py owner={{aw_user}} group={{aw_group}} mode=0640 | ||
|
||
- name: configure awx settings | ||
template: src=settings.py.j2 dest=/etc/awx/settings.py force=no | ||
notify: | ||
- restart httpd | ||
- restart apache2 | ||
- restart munin | ||
|
||
- name: configure file permissions on awx settings | ||
file: path=/etc/awx/settings.py owner={{aw_user}} group={{aw_group}} mode=0640 | ||
|
||
- name: stop supervisor if it is running | ||
service: name={{sup_init_name}} state=stopped | ||
|
||
- name: create awx database schema | ||
command: awx-manage syncdb --noinput | ||
sudo_user: awx | ||
register: awx_syncdb | ||
changed_when: "'Creating table ' in awx_syncdb.stdout" | ||
|
||
- name: migrate awx database schema (may take awhile when upgrading) | ||
command: awx-manage migrate --noinput | ||
sudo_user: awx | ||
register: awx_migrate | ||
changed_when: "'Migrating forwards to' in awx_migrate.stdout" | ||
|
||
- name: collect awx static files | ||
command: awx-manage collectstatic --noinput --clear | ||
sudo_user: awx | ||
sudo: True | ||
register: awx_collectstatic | ||
changed_when: "not awx_collectstatic.stdout_lines[-1].startswith('0 static files')" | ||
|
||
# NOTE: The following command works except for checking if the user already | ||
# exists and setting the password: | ||
# awx-manage createsuperuser --username={{admin_username}} --email={{admin_email}} --noinput | ||
# So instead use a variation of the example from: | ||
# http://source.mihelac.org/2009/10/23/django-avoiding-typing-password-for-superuser/ | ||
|
||
- name: create django super user | ||
shell: echo "from django.contrib.auth.models import User; User.objects.filter(username='{{admin_username}}').count() or User.objects.create_superuser('{{admin_username}}', '{{admin_email}}', '{{admin_password}}')" | awx-manage shell | ||
sudo_user: awx | ||
|
||
- name: enable ansible-tower init | ||
service: name=ansible-tower enabled=yes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
# AWX settings for celeryd (new in 1.4.5). | ||
|
||
BROKER_URL = 'amqp://{{rabbitmq_username}}:{{rabbitmq_password}}@{{rabbitmq_hostname}}:{{rabbitmq_port}}/{{rabbitmq_vhost}}' |
Oops, something went wrong.