From 9b30452b7c2496a133772e43633877bc5b2453e8 Mon Sep 17 00:00:00 2001 From: MarkS Date: Wed, 18 Dec 2024 12:29:40 -0700 Subject: [PATCH 1/9] dev: clean up workstation ansible files --- .gitmodules | 8 - deploy/ansible.cfg | 489 +----------------------------- deploy/dependencies.yml | 8 - deploy/dev.yml | 29 -- deploy/hosts | 3 - deploy/mongodb_reset.yml | 21 +- deploy/playbook_buildagent.yml | 8 - deploy/playbook_focal.yml | 4 +- deploy/roles/apache_config | 1 - deploy/roles_common | 1 - deploy/vars/Linux Mint-17.yml | 3 - deploy/vars/Linux Mint-18.yml | 3 - deploy/vars/Linux Mint-19.yml | 3 - deploy/vars/config_buildagent.yml | 4 - deploy/vars/config_palaso.yml | 5 - 15 files changed, 13 insertions(+), 577 deletions(-) delete mode 100644 deploy/dev.yml delete mode 100644 deploy/playbook_buildagent.yml delete mode 160000 deploy/roles/apache_config delete mode 160000 deploy/roles_common delete mode 100644 deploy/vars/Linux Mint-17.yml delete mode 100644 deploy/vars/Linux Mint-18.yml delete mode 100644 deploy/vars/Linux Mint-19.yml delete mode 100644 deploy/vars/config_buildagent.yml delete mode 100644 deploy/vars/config_palaso.yml diff --git a/.gitmodules b/.gitmodules index 7160127d64..e69de29bb2 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,8 +0,0 @@ -[submodule "deploy/roles_common"] - path = deploy/roles_common - url = https://github.com/sillsdev/ops-ansible-common-roles - branch = master -[submodule "deploy/roles/apache_config"] - path = deploy/roles/apache_config - url = https://github.com/saygoweb/ansible-role-apache.git - branch = master-our diff --git a/deploy/ansible.cfg b/deploy/ansible.cfg index 827d7f28d3..9f2f866787 100644 --- a/deploy/ansible.cfg +++ b/deploy/ansible.cfg @@ -1,491 +1,4 @@ -# config file for ansible -- https://ansible.com/ -# =============================================== - -# nearly all parameters can be overridden in ansible-playbook -# or with command line flags. ansible will read ANSIBLE_CONFIG, -# ansible.cfg in the current working directory, .ansible.cfg in -# the home directory or /etc/ansible/ansible.cfg, whichever it -# finds first - [defaults] - -# some basic default values... - -#inventory = /etc/ansible/hosts -#library = /usr/share/my_modules/ -#module_utils = /usr/share/my_module_utils/ -#remote_tmp = ~/.ansible/tmp -#local_tmp = ~/.ansible/tmp -#plugin_filters_cfg = /etc/ansible/plugin_filters.yml -#forks = 5 -#poll_interval = 15 -#sudo_user = root -#ask_sudo_pass = True -#ask_pass = True -#transport = smart -#remote_port = 22 -#module_lang = C -#module_set_locale = False - -# plays will gather facts by default, which contain information about -# the remote system. -# -# smart - gather by default, but don't regather if already gathered -# implicit - gather by default, turn off with gather_facts: False -# explicit - do not gather by default, must say gather_facts: True -#gathering = implicit - -# This only affects the gathering done by a play's gather_facts directive, -# by default gathering retrieves all facts subsets -# all - gather all subsets -# network - gather min and network facts -# hardware - gather hardware facts (longest facts to retrieve) -# virtual - gather min and virtual facts -# facter - import facts from facter -# ohai - import facts from ohai -# You can combine them using comma (ex: network,virtual) -# You can negate them using ! (ex: !hardware,!facter,!ohai) -# A minimal set of facts is always gathered. -#gather_subset = all - -# some hardware related facts are collected -# with a maximum timeout of 10 seconds. This -# option lets you increase or decrease that -# timeout to something more suitable for the -# environment. -# gather_timeout = 10 - -# Ansible facts are available inside the ansible_facts.* dictionary -# namespace. This setting maintains the behaviour which was the default prior -# to 2.5, duplicating these variables into the main namespace, each with a -# prefix of 'ansible_'. -# This variable is set to True by default for backwards compatibility. It -# will be changed to a default of 'False' in a future release. -# ansible_facts. -# inject_facts_as_vars = True - -# additional paths to search for roles in, colon separated -roles_path = /etc/ansible/roles:./roles_common:./roles - -# uncomment this to disable SSH key host checking -#host_key_checking = False - -# change the default callback, you can only have one 'stdout' type enabled at a time. -#stdout_callback = skippy -stderr_callback = debug # actually prints out new lines instead of escaping them to \n - - -## Ansible ships with some plugins that require whitelisting, -## this is done to avoid running all of a type by default. -## These setting lists those that you want enabled for your system. -## Custom plugins should not need this unless plugin author specifies it. - -# enable callback plugins, they can output to stdout but cannot be 'stdout' type. -#callback_whitelist = timer, mail - -# Determine whether includes in tasks and handlers are "static" by -# default. As of 2.0, includes are dynamic by default. Setting these -# values to True will make includes behave more like they did in the -# 1.x versions. -#task_includes_static = False -#handler_includes_static = False - -# Controls if a missing handler for a notification event is an error or a warning -#error_on_missing_handler = True - -# change this for alternative sudo implementations -#sudo_exe = sudo - -# What flags to pass to sudo -# WARNING: leaving out the defaults might create unexpected behaviours -#sudo_flags = -H -S -n - -# SSH timeout -#timeout = 10 - -# default user to use for playbooks if user is not specified -# (/usr/bin/ansible will use current user as default) -#remote_user = root - -# logging is off by default unless this path is defined -# if so defined, consider logrotate -#log_path = /var/log/ansible.log - -# default module name for /usr/bin/ansible -#module_name = command - -# use this shell for commands executed under sudo -# you may need to change this to bin/bash in rare instances -# if sudo is constrained -#executable = /bin/sh - -# if inventory variables overlap, does the higher precedence one win -# or are hash values merged together? The default is 'replace' but -# this can also be set to 'merge'. -#hash_behaviour = replace - -# by default, variables from roles will be visible in the global variable -# scope. To prevent this, the following option can be enabled, and only -# tasks and handlers within the role will see the variables there -#private_role_vars = yes - -# list any Jinja2 extensions to enable here: -#jinja2_extensions = jinja2.ext.do,jinja2.ext.i18n - -# if set, always use this private key file for authentication, same as -# if passing --private-key to ansible or ansible-playbook -#private_key_file = /path/to/file - -# If set, configures the path to the Vault password file as an alternative to -# specifying --vault-password-file on the command line. -#vault_password_file = /path/to/vault_password_file - -# format of string {{ ansible_managed }} available within Jinja2 -# templates indicates to users editing templates files will be replaced. -# replacing {file}, {host} and {uid} and strftime codes with proper values. -#ansible_managed = Ansible managed: {file} modified on %Y-%m-%d %H:%M:%S by {uid} on {host} -# {file}, {host}, {uid}, and the timestamp can all interfere with idempotence -# in some situations so the default is a static string: -#ansible_managed = Ansible managed - -# by default, ansible-playbook will display "Skipping [host]" if it determines a task -# should not be run on a host. Set this to "False" if you don't want to see these "Skipping" -# messages. NOTE: the task header will still be shown regardless of whether or not the -# task is skipped. -#display_skipped_hosts = True - -# by default, if a task in a playbook does not include a name: field then -# ansible-playbook will construct a header that includes the task's action but -# not the task's args. This is a security feature because ansible cannot know -# if the *module* considers an argument to be no_log at the time that the -# header is printed. If your environment doesn't have a problem securing -# stdout from ansible-playbook (or you have manually specified no_log in your -# playbook on all of the tasks where you have secret information) then you can -# safely set this to True to get more informative messages. -#display_args_to_stdout = False - -# by default (as of 1.3), Ansible will raise errors when attempting to dereference -# Jinja2 variables that are not set in templates or action lines. Uncomment this line -# to revert the behavior to pre-1.3. -#error_on_undefined_vars = False - -# by default (as of 1.6), Ansible may display warnings based on the configuration of the -# system running ansible itself. This may include warnings about 3rd party packages or -# other conditions that should be resolved if possible. -# to disable these warnings, set the following value to False: -#system_warnings = True - -# by default (as of 1.4), Ansible may display deprecation warnings for language -# features that should no longer be used and will be removed in future versions. -# to disable these warnings, set the following value to False: -#deprecation_warnings = True - -# (as of 1.8), Ansible can optionally warn when usage of the shell and -# command module appear to be simplified by using a default Ansible module -# instead. These warnings can be silenced by adjusting the following -# setting or adding warn=yes or warn=no to the end of the command line -# parameter string. This will for example suggest using the git module -# instead of shelling out to the git command. -# command_warnings = False - - -# set plugin path directories here, separate with colons -#action_plugins = /usr/share/ansible/plugins/action -#become_plugins = /usr/share/ansible/plugins/become -#cache_plugins = /usr/share/ansible/plugins/cache -#callback_plugins = /usr/share/ansible/plugins/callback -#connection_plugins = /usr/share/ansible/plugins/connection -#lookup_plugins = /usr/share/ansible/plugins/lookup -#inventory_plugins = /usr/share/ansible/plugins/inventory -#vars_plugins = /usr/share/ansible/plugins/vars -#filter_plugins = /usr/share/ansible/plugins/filter -#test_plugins = /usr/share/ansible/plugins/test -#terminal_plugins = /usr/share/ansible/plugins/terminal -#strategy_plugins = /usr/share/ansible/plugins/strategy - - -# by default, ansible will use the 'linear' strategy but you may want to try -# another one -#strategy = free - -# by default callbacks are not loaded for /bin/ansible, enable this if you -# want, for example, a notification or logging callback to also apply to -# /bin/ansible runs -#bin_ansible_callbacks = False - - -# don't like cows? that's unfortunate. -# set to 1 if you don't want cowsay support or export ANSIBLE_NOCOWS=1 +stderr_callback = debug nocows = 1 - -# set which cowsay stencil you'd like to use by default. When set to 'random', -# a random stencil will be selected for each task. The selection will be filtered -# against the `cow_whitelist` option below. -#cow_selection = default -#cow_selection = random - -# when using the 'random' option for cowsay, stencils will be restricted to this list. -# it should be formatted as a comma-separated list with no spaces between names. -# NOTE: line continuations here are for formatting purposes only, as the INI parser -# in python does not support them. -#cow_whitelist=bud-frogs,bunny,cheese,daemon,default,dragon,elephant-in-snake,elephant,eyes,\ -# hellokitty,kitty,luke-koala,meow,milk,moofasa,moose,ren,sheep,small,stegosaurus,\ -# stimpy,supermilker,three-eyes,turkey,turtle,tux,udder,vader-koala,vader,www - -# don't like colors either? -# set to 1 if you don't want colors, or export ANSIBLE_NOCOLOR=1 -#nocolor = 1 - -# if set to a persistent type (not 'memory', for example 'redis') fact values -# from previous runs in Ansible will be stored. This may be useful when -# wanting to use, for example, IP information from one group of servers -# without having to talk to them in the same playbook run to get their -# current IP information. -#fact_caching = memory - -#This option tells Ansible where to cache facts. The value is plugin dependent. -#For the jsonfile plugin, it should be a path to a local directory. -#For the redis plugin, the value is a host:port:database triplet: fact_caching_connection = localhost:6379:0 - -#fact_caching_connection=/tmp - - - -# retry files -# When a playbook fails a .retry file can be created that will be placed in ~/ -# You can enable this feature by setting retry_files_enabled to True -# and you can change the location of the files by setting retry_files_save_path - -#retry_files_enabled = False -#retry_files_save_path = ~/.ansible-retry - -# squash actions -# Ansible can optimise actions that call modules with list parameters -# when looping. Instead of calling the module once per with_ item, the -# module is called once with all items at once. Currently this only works -# under limited circumstances, and only with parameters named 'name'. -#squash_actions = apk,apt,dnf,homebrew,pacman,pkgng,yum,zypper - -# prevents logging of task data, off by default -#no_log = False - -# prevents logging of tasks, but only on the targets, data is still logged on the master/controller -#no_target_syslog = False - -# controls whether Ansible will raise an error or warning if a task has no -# choice but to create world readable temporary files to execute a module on -# the remote machine. This option is False by default for security. Users may -# turn this on to have behaviour more like Ansible prior to 2.1.x. See -# https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user -# for more secure ways to fix this than enabling this option. -#allow_world_readable_tmpfiles = False - -# controls the compression level of variables sent to -# worker processes. At the default of 0, no compression -# is used. This value must be an integer from 0 to 9. -#var_compression_level = 9 - -# controls what compression method is used for new-style ansible modules when -# they are sent to the remote system. The compression types depend on having -# support compiled into both the controller's python and the client's python. -# The names should match with the python Zipfile compression types: -# * ZIP_STORED (no compression. available everywhere) -# * ZIP_DEFLATED (uses zlib, the default) -# These values may be set per host via the ansible_module_compression inventory -# variable -#module_compression = 'ZIP_DEFLATED' - -# This controls the cutoff point (in bytes) on --diff for files -# set to 0 for unlimited (RAM may suffer!). -#max_diff_size = 1048576 - -# This controls how ansible handles multiple --tags and --skip-tags arguments -# on the CLI. If this is True then multiple arguments are merged together. If -# it is False, then the last specified argument is used and the others are ignored. -# This option will be removed in 2.8. -#merge_multiple_cli_flags = True - -# Controls showing custom stats at the end, off by default -#show_custom_stats = True - -# Controls which files to ignore when using a directory as inventory with -# possibly multiple sources (both static and dynamic) inventory = hosts - -# This family of modules use an alternative execution path optimized for network appliances -# only update this setting if you know how this works, otherwise it can break module execution -#network_group_modules=eos, nxos, ios, iosxr, junos, vyos - -# When enabled, this option allows lookups (via variables like {{lookup('foo')}} or when used as -# a loop with `with_foo`) to return data that is not marked "unsafe". This means the data may contain -# jinja2 templating language which will be run through the templating engine. -# ENABLING THIS COULD BE A SECURITY RISK -#allow_unsafe_lookups = False - -# set default errors for all plays -#any_errors_fatal = False - -[inventory] -# enable inventory plugins, default: 'host_list', 'script', 'auto', 'yaml', 'ini', 'toml' -#enable_plugins = host_list, virtualbox, yaml, constructed - -# ignore these extensions when parsing a directory as inventory source -#ignore_extensions = .pyc, .pyo, .swp, .bak, ~, .rpm, .md, .txt, ~, .orig, .ini, .cfg, .retry - -# ignore files matching these patterns when parsing a directory as inventory source -#ignore_patterns= - -# If 'true' unparsed inventory sources become fatal errors, they are warnings otherwise. -#unparsed_is_failed=False - -[privilege_escalation] -#become=True -#become_method=sudo -#become_user=root -#become_ask_pass=False - -[paramiko_connection] - -# uncomment this line to cause the paramiko connection plugin to not record new host -# keys encountered. Increases performance on new host additions. Setting works independently of the -# host key checking setting above. -#record_host_keys=False - -# by default, Ansible requests a pseudo-terminal for commands executed under sudo. Uncomment this -# line to disable this behaviour. -#pty=False - -# paramiko will default to looking for SSH keys initially when trying to -# authenticate to remote devices. This is a problem for some network devices -# that close the connection after a key failure. Uncomment this line to -# disable the Paramiko look for keys function -#look_for_keys = False - -# When using persistent connections with Paramiko, the connection runs in a -# background process. If the host doesn't already have a valid SSH key, by -# default Ansible will prompt to add the host key. This will cause connections -# running in background processes to fail. Uncomment this line to have -# Paramiko automatically add host keys. -#host_key_auto_add = True - -[ssh_connection] - -# ssh arguments to use -# Leaving off ControlPersist will result in poor performance, so use -# paramiko on older platforms rather than removing it, -C controls compression use -ssh_args = -o ControlMaster=auto -o ControlPersist=600s - -# The base directory for the ControlPath sockets. -# This is the "%(directory)s" in the control_path option -# -# Example: -# control_path_dir = /tmp/.ansible/cp -#control_path_dir = ~/.ansible/cp - -# The path to use for the ControlPath sockets. This defaults to a hashed string of the hostname, -# port and username (empty string in the config). The hash mitigates a common problem users -# found with long hostnames and the conventional %(directory)s/ansible-ssh-%%h-%%p-%%r format. -# In those cases, a "too long for Unix domain socket" ssh error would occur. -# -# Example: -# control_path = %(directory)s/%%h-%%r -#control_path = - -# Enabling pipelining reduces the number of SSH operations required to -# execute a module on the remote server. This can result in a significant -# performance improvement when enabled, however when using "sudo:" you must -# first disable 'requiretty' in /etc/sudoers -# -# By default, this option is disabled to preserve compatibility with -# sudoers configurations that have requiretty (the default on many distros). -# -pipelining = true - -# Control the mechanism for transferring files (old) -# * smart = try sftp and then try scp [default] -# * True = use scp only -# * False = use sftp only -#scp_if_ssh = smart - -# Control the mechanism for transferring files (new) -# If set, this will override the scp_if_ssh option -# * sftp = use sftp to transfer files -# * scp = use scp to transfer files -# * piped = use 'dd' over SSH to transfer files -# * smart = try sftp, scp, and piped, in that order [default] -#transfer_method = smart - -# if False, sftp will not use batch mode to transfer files. This may cause some -# types of file transfer failures impossible to catch however, and should -# only be disabled if your sftp version has problems with batch mode -#sftp_batch_mode = False - -# The -tt argument is passed to ssh when pipelining is not enabled because sudo -# requires a tty by default. -#usetty = True - -# Number of times to retry an SSH connection to a host, in case of UNREACHABLE. -# For each retry attempt, there is an exponential backoff, -# so after the first attempt there is 1s wait, then 2s, 4s etc. up to 30s (max). -#retries = 3 - -[persistent_connection] - -# Configures the persistent connection timeout value in seconds. This value is -# how long the persistent connection will remain idle before it is destroyed. -# If the connection doesn't receive a request before the timeout value -# expires, the connection is shutdown. The default value is 30 seconds. -#connect_timeout = 30 - -# The command timeout value defines the amount of time to wait for a command -# or RPC call before timing out. The value for the command timeout must -# be less than the value of the persistent connection idle timeout (connect_timeout) -# The default value is 30 second. -#command_timeout = 30 - -[accelerate] -#accelerate_port = 5099 -#accelerate_timeout = 30 -#accelerate_connect_timeout = 5.0 - -# The daemon timeout is measured in minutes. This time is measured -# from the last activity to the accelerate daemon. -#accelerate_daemon_timeout = 30 - -# If set to yes, accelerate_multi_key will allow multiple -# private keys to be uploaded to it, though each user must -# have access to the system via SSH to add a new key. The default -# is "no". -#accelerate_multi_key = yes - -[selinux] -# file systems that require special treatment when dealing with security context -# the default behaviour that copies the existing context or uses the user default -# needs to be changed to use the file system dependent context. -#special_context_filesystems=nfs,vboxsf,fuse,ramfs,9p - -# Set this to yes to allow libvirt_lxc connections to work without SELinux. -#libvirt_lxc_noseclabel = yes - -[colors] -#highlight = white -#verbose = blue -#warn = bright purple -#error = red -#debug = dark gray -#deprecate = purple -#skip = cyan -#unreachable = red -#ok = green -#changed = yellow -#diff_add = green -#diff_remove = red -#diff_lines = cyan - - -[diff] -# Always print diff when running ( same as always running with -D/--diff ) -# always = no - -# Set how many context lines to show in diff -# context = 3 diff --git a/deploy/dependencies.yml b/deploy/dependencies.yml index dac50c3277..3418489bff 100644 --- a/deploy/dependencies.yml +++ b/deploy/dependencies.yml @@ -3,7 +3,6 @@ hosts: all become: yes vars_files: - - "vars/config_{{config}}.yml" # conditional import - - "vars/{{ansible_distribution}}-{{ansible_distribution_major_version | int}}.yml" - "vars/{{ansible_distribution}}.yml" @@ -87,13 +86,6 @@ - mercurial when: ansible_distribution_major_version|int >= 20 - - name: update the mongo config file - lineinfile: - path: /etc/mongod.conf - regexp: '^(\s*dbPath: ).*$' - line: '\1{{mongo_path}}' - backrefs: yes - notify: restart mongod - name: ensure mongod service is running (and enable it at boot) # Note that the mongodb-org packages install a service named "mongod", not "mongodb" service: diff --git a/deploy/dev.yml b/deploy/dev.yml deleted file mode 100644 index 78ff1c137a..0000000000 --- a/deploy/dev.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- - -- name: "Install Dev Tools" - hosts: all - become: no - gather_facts: no - tasks: - - name: "Dev: Install packages" - apt: name="{{item}}" state=present - become: yes - with_items: - - chromium-browser - - - name: "Dev VSCode: Check if already installed" - command: dpkg-query -W code - register: dev_vscode - failed_when: dev_vscode.rc > 1 - changed_when: dev_vscode.rc == 1 - - - name: "Dev VSCode: Download" - get_url: - url: http://downloads.sil.org/vagrant/packages/code_1.7.2-1479766213_amd64.deb - dest: /home/vagrant/ - when: dev_vscode.rc == 1 - - - name: "Dev VSCode: Install" - apt: deb="/home/vagrant/code_1.7.2-1479766213_amd64.deb" - become: yes - when: dev_vscode.rc == 1 diff --git a/deploy/hosts b/deploy/hosts index 95909a694a..df8b5f69de 100644 --- a/deploy/hosts +++ b/deploy/hosts @@ -1,5 +1,2 @@ [all] localhost ansible_connection=local - -[build_agents] -ba_xenial_web_s2_138 ansible_ssh_host=lf-dev diff --git a/deploy/mongodb_reset.yml b/deploy/mongodb_reset.yml index 6d03ac0890..abce4c50c9 100644 --- a/deploy/mongodb_reset.yml +++ b/deploy/mongodb_reset.yml @@ -1,19 +1,20 @@ --- -- name: Reset mongodb to empty with admin user in development environment for xForge v2 +- name: Reset mongodb to empty with admin user in development environment hosts: all become: true vars: - db_name: "xforge" - db_collection_user: "users" - - db_user_admin: '{ - "name": "Admin", - "active": true, - "email": "admin@example.com", - "canonicalEmail": "admin@example.com", - "role": "system_admin", - "username": "admin", - "password": "$2y$07$4x9EkhgIzZL2W5p8H5kBm.FKIln.LfHW1Go6P30tpgqlFfl3mg3sG" - }' + - db_user_admin: | + { + "name": "Admin", + "active": true, + "email": "admin@example.com", + "canonicalEmail": "admin@example.com", + "role": "system_admin", + "username": "admin", + "password": "$2y$07$4x9EkhgIzZL2W5p8H5kBm.FKIln.LfHW1Go6P30tpgqlFfl3mg3sG" + } tasks: - name: Drop DB shell: "mongo {{db_name}} --eval 'db.dropDatabase();'" diff --git a/deploy/playbook_buildagent.yml b/deploy/playbook_buildagent.yml deleted file mode 100644 index adc499d25c..0000000000 --- a/deploy/playbook_buildagent.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Linux Build Agent - hosts: build_agents - become: yes - -- import_playbook: dependencies.yml - vars: - config: buildagent diff --git a/deploy/playbook_focal.yml b/deploy/playbook_focal.yml index 8174d31cec..7a39d0a89a 100644 --- a/deploy/playbook_focal.yml +++ b/deploy/playbook_focal.yml @@ -1,9 +1,7 @@ --- -- name: Scripture Forge local server for development and testing, for Ubuntu 16.04 thru 20.04 (focal) +- name: Scripture Forge local server for development and testing hosts: all become: yes tasks: [] - import_playbook: dependencies.yml - vars: - config: palaso diff --git a/deploy/roles/apache_config b/deploy/roles/apache_config deleted file mode 160000 index 00a872d9de..0000000000 --- a/deploy/roles/apache_config +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 00a872d9de05bd529663e111ee23851c84ceae7e diff --git a/deploy/roles_common b/deploy/roles_common deleted file mode 160000 index 306fa9e30f..0000000000 --- a/deploy/roles_common +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 306fa9e30f7c2182433f7b7ee39739fd90db7a89 diff --git a/deploy/vars/Linux Mint-17.yml b/deploy/vars/Linux Mint-17.yml deleted file mode 100644 index 6c086f6ede..0000000000 --- a/deploy/vars/Linux Mint-17.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -base_distribution: ubuntu -base_distribution_release: trusty diff --git a/deploy/vars/Linux Mint-18.yml b/deploy/vars/Linux Mint-18.yml deleted file mode 100644 index 0d2f55d314..0000000000 --- a/deploy/vars/Linux Mint-18.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -base_distribution: ubuntu -base_distribution_release: xenial diff --git a/deploy/vars/Linux Mint-19.yml b/deploy/vars/Linux Mint-19.yml deleted file mode 100644 index 8f52f90a12..0000000000 --- a/deploy/vars/Linux Mint-19.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -base_distribution: ubuntu -base_distribution_release: bionic diff --git a/deploy/vars/config_buildagent.yml b/deploy/vars/config_buildagent.yml deleted file mode 100644 index 0affc3031f..0000000000 --- a/deploy/vars/config_buildagent.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -# vars/config_buildagent - -mongo_path: /var/lib/mongodb diff --git a/deploy/vars/config_palaso.yml b/deploy/vars/config_palaso.yml deleted file mode 100644 index 3cdde4e4ee..0000000000 --- a/deploy/vars/config_palaso.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -# vars/config_palaso - -# mongo_path: /hddlinux/mongodb -mongo_path: /var/lib/mongodb From 1a4eb1149ec429026fcbf471664b379e18fe70e9 Mon Sep 17 00:00:00 2001 From: MarkS Date: Wed, 18 Dec 2024 12:32:42 -0700 Subject: [PATCH 2/9] dev: improve dev server ansible playbook file naming --- deploy/{playbook_focal.yml => dev-server.playbook.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename deploy/{playbook_focal.yml => dev-server.playbook.yml} (100%) diff --git a/deploy/playbook_focal.yml b/deploy/dev-server.playbook.yml similarity index 100% rename from deploy/playbook_focal.yml rename to deploy/dev-server.playbook.yml From 6e93a9788d35c1e5190e09e1daa7f3c2af80d619 Mon Sep 17 00:00:00 2001 From: MarkS Date: Wed, 18 Dec 2024 13:12:47 -0700 Subject: [PATCH 3/9] dev: delint ansible --- deploy/dependencies.yml | 48 ++++++++++++++++++------------------- deploy/vars/os_defaults.yml | 4 ++-- 2 files changed, 26 insertions(+), 26 deletions(-) diff --git a/deploy/dependencies.yml b/deploy/dependencies.yml index 3418489bff..c6419a6939 100644 --- a/deploy/dependencies.yml +++ b/deploy/dependencies.yml @@ -4,14 +4,14 @@ become: yes vars_files: # conditional import - - - "vars/{{ansible_distribution}}-{{ansible_distribution_major_version | int}}.yml" - - "vars/{{ansible_distribution}}.yml" - - "vars/{{ansible_os_family}}.yml" - - "vars/os_defaults.yml" + - "vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version | int }}.yml" + - "vars/{{ ansible_distribution }}.yml" + - "vars/{{ ansible_os_family }}.yml" + - "vars/os_defaults.yml" vars: node_version: 18.20.2 mongodb_version: 7.0 - repo_path: "{{playbook_dir}}/.." + repo_path: "{{ playbook_dir }}/.." pre_tasks: - name: "Add .NET Core | add key" get_url: @@ -20,15 +20,15 @@ dest: /etc/apt/trusted.gpg.d/microsoft.asc - name: "Add .NET Core | add source" apt_repository: - repo: "deb [arch=amd64] https://packages.microsoft.com/repos/microsoft-{{base_distribution_release}}-{{base_distribution_release}}-prod {{base_distribution_release}} main" + repo: "deb [arch=amd64] https://packages.microsoft.com/repos/microsoft-{{ base_distribution_release }}-{{ base_distribution_release }}-prod {{ base_distribution_release }} main" state: present - - name: add mongodb-server-{{mongodb_version}} apt key + - name: add mongodb-server-{{ mongodb_version }} apt key get_url: - url: https://pgp.mongodb.com/server-{{mongodb_version}}.asc - dest: /etc/apt/trusted.gpg.d/mongodb-server-{{mongodb_version}}.asc - - name: add Mongo {{mongodb_version}} repository + url: https://pgp.mongodb.com/server-{{ mongodb_version }}.asc + dest: /etc/apt/trusted.gpg.d/mongodb-server-{{ mongodb_version }}.asc + - name: add Mongo {{ mongodb_version }} repository apt_repository: - repo: "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/mongodb-server-{{mongodb_version}}.asc] https://repo.mongodb.org/apt/{{base_distribution_release}} {{base_distribution_release}}/mongodb-org/{{mongodb_version}} {{ 'multiverse' if base_distribution == 'ubuntu' else 'main' }}" + repo: "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/mongodb-server-{{ mongodb_version }}.asc] https://repo.mongodb.org/apt/{{ base_distribution_release }} {{ base_distribution_release }}/mongodb-org/{{ mongodb_version }} {{ 'multiverse' if base_distribution == 'ubuntu' else 'main' }}" filename: mongodb-org update_cache: yes tasks: @@ -55,7 +55,7 @@ - name: install n npm: name: n - path: "{{repo_path}}/src/SIL.XForge.Scripture/ClientApp" + path: "{{ repo_path }}/src/SIL.XForge.Scripture/ClientApp" state: latest global: yes @@ -65,7 +65,7 @@ changed_when: False - name: set node version - command: "n {{node_version}}" + command: "n {{ node_version }}" when: "node_version_installed.stdout != 'v' + node_version" # Install mercurial 4.7+ from system or pip @@ -74,17 +74,17 @@ name: - python-pip - python2.7 - when: ansible_distribution_major_version|int < 20 + when: ansible_distribution_major_version | int < 20 - name: install pip mercurial pip: name: mercurial version: 4.8.2 - when: ansible_distribution_major_version|int < 20 + when: ansible_distribution_major_version | int < 20 - name: install system package mercurial apt: name: - mercurial - when: ansible_distribution_major_version|int >= 20 + when: ansible_distribution_major_version | int >= 20 - name: ensure mongod service is running (and enable it at boot) # Note that the mongodb-org packages install a service named "mongod", not "mongodb" @@ -95,9 +95,9 @@ - name: Add folders file: - path: "{{item}}" + path: "{{ item }}" state: directory - owner: "{{lookup('env','USER')}}" + owner: "{{ lookup('env','USER') }}" mode: "u=rwX,g=rX,o=rX" with_items: - "/var/lib/scriptureforge" @@ -106,12 +106,12 @@ - "/var/lib/scriptureforge/training-data" - "/var/lib/xforge" - "/var/lib/xforge/avatars" - - "{{lookup('env','HOME')}}/.local/share/SIL/WritingSystemRepository/3" + - "{{ lookup('env','HOME') }}/.local/share/SIL/WritingSystemRepository/3" - name: add localhost to dnsmasq lineinfile: path: /etc/NetworkManager/dnsmasq.d/localhost-domain - line: "{{item}}" + line: "{{ item }}" state: present create: yes mode: "u=rw,g=r,o=r" @@ -125,14 +125,14 @@ - name: Enable convenient access to ng from commandline | bin dir become: no file: - path: "{{lookup('env','HOME')}}/bin" + path: "{{ lookup('env','HOME') }}/bin" state: directory when: inventory_hostname == "localhost" - name: Enable convenient access to ng from commandline | symlink become: no file: - src: "{{repo_path}}/src/SIL.XForge.Scripture/ClientApp/node_modules/.bin/ng" - path: "{{lookup('env','HOME')}}/bin/ng" + src: "{{ repo_path }}/src/SIL.XForge.Scripture/ClientApp/node_modules/.bin/ng" + path: "{{ lookup('env','HOME') }}/bin/ng" state: link force: yes follow: no @@ -141,7 +141,7 @@ - name: Use chromium for unit tests become: no lineinfile: - path: "{{lookup('env','HOME')}}/.pam_environment" + path: "{{ lookup('env','HOME') }}/.pam_environment" line: "CHROME_BIN=chromium-browser" create: yes diff --git a/deploy/vars/os_defaults.yml b/deploy/vars/os_defaults.yml index 708cebd63f..b82b2c9b6d 100644 --- a/deploy/vars/os_defaults.yml +++ b/deploy/vars/os_defaults.yml @@ -1,3 +1,3 @@ --- -base_distribution: "{{ansible_distribution | lower}}" -base_distribution_release: "{{ansible_distribution_release}}" +base_distribution: "{{ ansible_distribution | lower }}" +base_distribution_release: "{{ ansible_distribution_release }}" From 868f59ed6d71ef30e5694d23faa3befd94ccfcfc Mon Sep 17 00:00:00 2001 From: MarkS Date: Wed, 18 Dec 2024 13:35:18 -0700 Subject: [PATCH 4/9] dev: remove more ansible lint --- deploy/dependencies.yml | 142 ++++++++++++++++++--------------- deploy/dev-server.playbook.yml | 5 +- 2 files changed, 82 insertions(+), 65 deletions(-) diff --git a/deploy/dependencies.yml b/deploy/dependencies.yml index c6419a6939..2f02d3b2f2 100644 --- a/deploy/dependencies.yml +++ b/deploy/dependencies.yml @@ -1,7 +1,7 @@ --- - name: Deploy development environment for scriptureforge.org hosts: all - become: yes + become: true vars_files: # conditional import - "vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version | int }}.yml" @@ -14,90 +14,99 @@ repo_path: "{{ playbook_dir }}/.." pre_tasks: - name: "Add .NET Core | add key" - get_url: + ansible.builtin.get_url: # key id BC528686B50D79E339D3721CEB3E94ADBE1229CF url: https://packages.microsoft.com/keys/microsoft.asc dest: /etc/apt/trusted.gpg.d/microsoft.asc + mode: "0644" - name: "Add .NET Core | add source" - apt_repository: - repo: "deb [arch=amd64] https://packages.microsoft.com/repos/microsoft-{{ base_distribution_release }}-{{ base_distribution_release }}-prod {{ base_distribution_release }} main" + ansible.builtin.apt_repository: + repo: > + deb [arch=amd64] + https://packages.microsoft.com/repos/microsoft-{{ base_distribution_release }}-{{ base_distribution_release }}-prod + {{ base_distribution_release }} main state: present - - name: add mongodb-server-{{ mongodb_version }} apt key - get_url: + - name: Add apt key for mongodb server version {{ mongodb_version }} + ansible.builtin.get_url: url: https://pgp.mongodb.com/server-{{ mongodb_version }}.asc dest: /etc/apt/trusted.gpg.d/mongodb-server-{{ mongodb_version }}.asc - - name: add Mongo {{ mongodb_version }} repository - apt_repository: - repo: "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/mongodb-server-{{ mongodb_version }}.asc] https://repo.mongodb.org/apt/{{ base_distribution_release }} {{ base_distribution_release }}/mongodb-org/{{ mongodb_version }} {{ 'multiverse' if base_distribution == 'ubuntu' else 'main' }}" + mode: "0644" + - name: Add Mongo repository for version {{ mongodb_version }} + ansible.builtin.apt_repository: + repo: > + deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/mongodb-server-{{ mongodb_version }}.asc] + https://repo.mongodb.org/apt/{{ base_distribution_release }} + {{ base_distribution_release }}/mongodb-org/{{ mongodb_version }} + {{ 'multiverse' if base_distribution == 'ubuntu' else 'main' }} filename: mongodb-org - update_cache: yes + update_cache: true tasks: - - name: install packages - apt: + - name: Install packages + ansible.builtin.apt: name: - "dotnet-sdk-8.0" - ffmpeg - "mongodb-org" - nodejs - npm - update_cache: yes + update_cache: true tags: ["packages"] - name: Get npm prefix - command: "npm config get prefix" + ansible.builtin.command: "npm config get prefix" register: npm_prefix - changed_when: False + changed_when: false - name: Set npm prefix - command: "npm config set prefix /usr/local" + ansible.builtin.command: "npm config set prefix /usr/local" when: npm_prefix.stdout != "/usr/local" - - name: install n - npm: + - name: Install n + community.general.npm: name: n path: "{{ repo_path }}/src/SIL.XForge.Scripture/ClientApp" state: latest - global: yes + global: true - - name: check current node version - shell: node --version || echo error + - name: Check current node version + ansible.builtin.shell: node --version || echo error register: node_version_installed - changed_when: False + changed_when: false - - name: set node version - command: "n {{ node_version }}" + - name: Set node version + ansible.builtin.command: "n {{ node_version }}" when: "node_version_installed.stdout != 'v' + node_version" # Install mercurial 4.7+ from system or pip - - name: install pip mercurial dependencies - apt: + - name: Install pip mercurial dependencies + ansible.builtin.apt: name: - python-pip - python2.7 when: ansible_distribution_major_version | int < 20 - - name: install pip mercurial - pip: + - name: Install pip mercurial + ansible.builtin.pip: name: mercurial version: 4.8.2 when: ansible_distribution_major_version | int < 20 - - name: install system package mercurial - apt: + - name: Install system package mercurial + ansible.builtin.apt: name: - mercurial when: ansible_distribution_major_version | int >= 20 - - name: ensure mongod service is running (and enable it at boot) + - name: Ensure mongod service is running (and enable it at boot) # Note that the mongodb-org packages install a service named "mongod", not "mongodb" - service: + ansible.builtin.service: name: mongod state: started - enabled: yes + enabled: true - name: Add folders - file: + ansible.builtin.file: path: "{{ item }}" state: directory - owner: "{{ lookup('env','USER') }}" + owner: "{{ lookup('env', 'USER') }}" mode: "u=rwX,g=rX,o=rX" with_items: - "/var/lib/scriptureforge" @@ -106,14 +115,14 @@ - "/var/lib/scriptureforge/training-data" - "/var/lib/xforge" - "/var/lib/xforge/avatars" - - "{{ lookup('env','HOME') }}/.local/share/SIL/WritingSystemRepository/3" + - "{{ lookup('env', 'HOME') }}/.local/share/SIL/WritingSystemRepository/3" - - name: add localhost to dnsmasq - lineinfile: + - name: Add localhost to dnsmasq + ansible.builtin.lineinfile: path: /etc/NetworkManager/dnsmasq.d/localhost-domain line: "{{ item }}" state: present - create: yes + create: true mode: "u=rw,g=r,o=r" with_items: - "address=/localhost/127.0.0.1" @@ -123,45 +132,52 @@ tags: ["network"] - name: Enable convenient access to ng from commandline | bin dir - become: no - file: - path: "{{ lookup('env','HOME') }}/bin" + become: false + ansible.builtin.file: + path: "{{ lookup('env', 'HOME') }}/bin" state: directory + mode: "0755" when: inventory_hostname == "localhost" - name: Enable convenient access to ng from commandline | symlink - become: no - file: + become: false + ansible.builtin.file: src: "{{ repo_path }}/src/SIL.XForge.Scripture/ClientApp/node_modules/.bin/ng" - path: "{{ lookup('env','HOME') }}/bin/ng" + path: "{{ lookup('env', 'HOME') }}/bin/ng" state: link - force: yes - follow: no + force: true + follow: false when: inventory_hostname == "localhost" - name: Use chromium for unit tests - become: no - lineinfile: - path: "{{ lookup('env','HOME') }}/.pam_environment" + become: false + ansible.builtin.lineinfile: + path: "{{ lookup('env', 'HOME') }}/.pam_environment" line: "CHROME_BIN=chromium-browser" - create: yes + create: true + mode: "0644" - - name: Install reportgenerator - become: no - shell: dotnet tool update --global dotnet-reportgenerator-globaltool + - name: Install or update reportgenerator + become: false + ansible.builtin.command: dotnet tool update --global dotnet-reportgenerator-globaltool - - name: Install csharpier - become: no - shell: dotnet tool update csharpier + - name: Install or update csharpier + become: false + ansible.builtin.command: dotnet tool update csharpier - name: Set initial PT connection settings - become: no - copy: + become: false + ansible.builtin.copy: src: InternetSettings.xml dest: ~/.local/share/Paratext95/ + mode: "0644" handlers: - - name: restart mongod - service: name=mongod state=restarted + - name: Restart mongod + ansible.builtin.service: + name: mongod + state: restarted - - name: restart network - service: name=network-manager state=restarted + - name: Restart network + ansible.builtin.service: + name: network-manager + state: restarted diff --git a/deploy/dev-server.playbook.yml b/deploy/dev-server.playbook.yml index 7a39d0a89a..b610c65f2f 100644 --- a/deploy/dev-server.playbook.yml +++ b/deploy/dev-server.playbook.yml @@ -1,7 +1,8 @@ --- - name: Scripture Forge local server for development and testing hosts: all - become: yes + become: true tasks: [] -- import_playbook: dependencies.yml +- name: Import dependencies playbook + import_playbook: dependencies.yml From bce423b88952681991853323c47fd6b8f0d75508 Mon Sep 17 00:00:00 2001 From: MarkS Date: Wed, 18 Dec 2024 13:39:58 -0700 Subject: [PATCH 5/9] dev: incorporate dep ansible into dev-server playbook --- deploy/dependencies.yml | 183 --------------------------------- deploy/dev-server.playbook.yml | 181 +++++++++++++++++++++++++++++++- 2 files changed, 178 insertions(+), 186 deletions(-) delete mode 100644 deploy/dependencies.yml diff --git a/deploy/dependencies.yml b/deploy/dependencies.yml deleted file mode 100644 index 2f02d3b2f2..0000000000 --- a/deploy/dependencies.yml +++ /dev/null @@ -1,183 +0,0 @@ ---- -- name: Deploy development environment for scriptureforge.org - hosts: all - become: true - vars_files: - # conditional import - - "vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version | int }}.yml" - - "vars/{{ ansible_distribution }}.yml" - - "vars/{{ ansible_os_family }}.yml" - - "vars/os_defaults.yml" - vars: - node_version: 18.20.2 - mongodb_version: 7.0 - repo_path: "{{ playbook_dir }}/.." - pre_tasks: - - name: "Add .NET Core | add key" - ansible.builtin.get_url: - # key id BC528686B50D79E339D3721CEB3E94ADBE1229CF - url: https://packages.microsoft.com/keys/microsoft.asc - dest: /etc/apt/trusted.gpg.d/microsoft.asc - mode: "0644" - - name: "Add .NET Core | add source" - ansible.builtin.apt_repository: - repo: > - deb [arch=amd64] - https://packages.microsoft.com/repos/microsoft-{{ base_distribution_release }}-{{ base_distribution_release }}-prod - {{ base_distribution_release }} main - state: present - - name: Add apt key for mongodb server version {{ mongodb_version }} - ansible.builtin.get_url: - url: https://pgp.mongodb.com/server-{{ mongodb_version }}.asc - dest: /etc/apt/trusted.gpg.d/mongodb-server-{{ mongodb_version }}.asc - mode: "0644" - - name: Add Mongo repository for version {{ mongodb_version }} - ansible.builtin.apt_repository: - repo: > - deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/mongodb-server-{{ mongodb_version }}.asc] - https://repo.mongodb.org/apt/{{ base_distribution_release }} - {{ base_distribution_release }}/mongodb-org/{{ mongodb_version }} - {{ 'multiverse' if base_distribution == 'ubuntu' else 'main' }} - filename: mongodb-org - update_cache: true - tasks: - - name: Install packages - ansible.builtin.apt: - name: - - "dotnet-sdk-8.0" - - ffmpeg - - "mongodb-org" - - nodejs - - npm - update_cache: true - tags: ["packages"] - - - name: Get npm prefix - ansible.builtin.command: "npm config get prefix" - register: npm_prefix - changed_when: false - - - name: Set npm prefix - ansible.builtin.command: "npm config set prefix /usr/local" - when: npm_prefix.stdout != "/usr/local" - - - name: Install n - community.general.npm: - name: n - path: "{{ repo_path }}/src/SIL.XForge.Scripture/ClientApp" - state: latest - global: true - - - name: Check current node version - ansible.builtin.shell: node --version || echo error - register: node_version_installed - changed_when: false - - - name: Set node version - ansible.builtin.command: "n {{ node_version }}" - when: "node_version_installed.stdout != 'v' + node_version" - - # Install mercurial 4.7+ from system or pip - - name: Install pip mercurial dependencies - ansible.builtin.apt: - name: - - python-pip - - python2.7 - when: ansible_distribution_major_version | int < 20 - - name: Install pip mercurial - ansible.builtin.pip: - name: mercurial - version: 4.8.2 - when: ansible_distribution_major_version | int < 20 - - name: Install system package mercurial - ansible.builtin.apt: - name: - - mercurial - when: ansible_distribution_major_version | int >= 20 - - - name: Ensure mongod service is running (and enable it at boot) - # Note that the mongodb-org packages install a service named "mongod", not "mongodb" - ansible.builtin.service: - name: mongod - state: started - enabled: true - - - name: Add folders - ansible.builtin.file: - path: "{{ item }}" - state: directory - owner: "{{ lookup('env', 'USER') }}" - mode: "u=rwX,g=rX,o=rX" - with_items: - - "/var/lib/scriptureforge" - - "/var/lib/scriptureforge/sync" - - "/var/lib/scriptureforge/audio" - - "/var/lib/scriptureforge/training-data" - - "/var/lib/xforge" - - "/var/lib/xforge/avatars" - - "{{ lookup('env', 'HOME') }}/.local/share/SIL/WritingSystemRepository/3" - - - name: Add localhost to dnsmasq - ansible.builtin.lineinfile: - path: /etc/NetworkManager/dnsmasq.d/localhost-domain - line: "{{ item }}" - state: present - create: true - mode: "u=rw,g=r,o=r" - with_items: - - "address=/localhost/127.0.0.1" - - "address=/localhost/::1" - when: inventory_hostname == "localhost" and base_distribution_release == 'xenial' - notify: restart network - tags: ["network"] - - - name: Enable convenient access to ng from commandline | bin dir - become: false - ansible.builtin.file: - path: "{{ lookup('env', 'HOME') }}/bin" - state: directory - mode: "0755" - when: inventory_hostname == "localhost" - - name: Enable convenient access to ng from commandline | symlink - become: false - ansible.builtin.file: - src: "{{ repo_path }}/src/SIL.XForge.Scripture/ClientApp/node_modules/.bin/ng" - path: "{{ lookup('env', 'HOME') }}/bin/ng" - state: link - force: true - follow: false - when: inventory_hostname == "localhost" - - - name: Use chromium for unit tests - become: false - ansible.builtin.lineinfile: - path: "{{ lookup('env', 'HOME') }}/.pam_environment" - line: "CHROME_BIN=chromium-browser" - create: true - mode: "0644" - - - name: Install or update reportgenerator - become: false - ansible.builtin.command: dotnet tool update --global dotnet-reportgenerator-globaltool - - - name: Install or update csharpier - become: false - ansible.builtin.command: dotnet tool update csharpier - - - name: Set initial PT connection settings - become: false - ansible.builtin.copy: - src: InternetSettings.xml - dest: ~/.local/share/Paratext95/ - mode: "0644" - - handlers: - - name: Restart mongod - ansible.builtin.service: - name: mongod - state: restarted - - - name: Restart network - ansible.builtin.service: - name: network-manager - state: restarted diff --git a/deploy/dev-server.playbook.yml b/deploy/dev-server.playbook.yml index b610c65f2f..cd3b6824c1 100644 --- a/deploy/dev-server.playbook.yml +++ b/deploy/dev-server.playbook.yml @@ -2,7 +2,182 @@ - name: Scripture Forge local server for development and testing hosts: all become: true - tasks: [] + vars_files: + # conditional import + - "vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version | int }}.yml" + - "vars/{{ ansible_distribution }}.yml" + - "vars/{{ ansible_os_family }}.yml" + - "vars/os_defaults.yml" + vars: + node_version: 18.20.2 + mongodb_version: 7.0 + repo_path: "{{ playbook_dir }}/.." + pre_tasks: + - name: "Add .NET Core | add key" + ansible.builtin.get_url: + # key id BC528686B50D79E339D3721CEB3E94ADBE1229CF + url: https://packages.microsoft.com/keys/microsoft.asc + dest: /etc/apt/trusted.gpg.d/microsoft.asc + mode: "0644" + - name: "Add .NET Core | add source" + ansible.builtin.apt_repository: + repo: > + deb [arch=amd64] + https://packages.microsoft.com/repos/microsoft-{{ base_distribution_release }}-{{ base_distribution_release }}-prod + {{ base_distribution_release }} main + state: present + - name: Add apt key for mongodb server version {{ mongodb_version }} + ansible.builtin.get_url: + url: https://pgp.mongodb.com/server-{{ mongodb_version }}.asc + dest: /etc/apt/trusted.gpg.d/mongodb-server-{{ mongodb_version }}.asc + mode: "0644" + - name: Add Mongo repository for version {{ mongodb_version }} + ansible.builtin.apt_repository: + repo: > + deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/mongodb-server-{{ mongodb_version }}.asc] + https://repo.mongodb.org/apt/{{ base_distribution_release }} + {{ base_distribution_release }}/mongodb-org/{{ mongodb_version }} + {{ 'multiverse' if base_distribution == 'ubuntu' else 'main' }} + filename: mongodb-org + update_cache: true + tasks: + - name: Install packages + ansible.builtin.apt: + name: + - "dotnet-sdk-8.0" + - ffmpeg + - "mongodb-org" + - nodejs + - npm + update_cache: true + tags: ["packages"] -- name: Import dependencies playbook - import_playbook: dependencies.yml + - name: Get npm prefix + ansible.builtin.command: "npm config get prefix" + register: npm_prefix + changed_when: false + + - name: Set npm prefix + ansible.builtin.command: "npm config set prefix /usr/local" + when: npm_prefix.stdout != "/usr/local" + + - name: Install n + community.general.npm: + name: n + path: "{{ repo_path }}/src/SIL.XForge.Scripture/ClientApp" + state: latest + global: true + + - name: Check current node version + ansible.builtin.shell: node --version || echo error + register: node_version_installed + changed_when: false + + - name: Set node version + ansible.builtin.command: "n {{ node_version }}" + when: "node_version_installed.stdout != 'v' + node_version" + + # Install mercurial 4.7+ from system or pip + - name: Install pip mercurial dependencies + ansible.builtin.apt: + name: + - python-pip + - python2.7 + when: ansible_distribution_major_version | int < 20 + - name: Install pip mercurial + ansible.builtin.pip: + name: mercurial + version: 4.8.2 + when: ansible_distribution_major_version | int < 20 + - name: Install system package mercurial + ansible.builtin.apt: + name: + - mercurial + when: ansible_distribution_major_version | int >= 20 + + - name: Ensure mongod service is running (and enable it at boot) + # Note that the mongodb-org packages install a service named "mongod", not "mongodb" + ansible.builtin.service: + name: mongod + state: started + enabled: true + + - name: Add folders + ansible.builtin.file: + path: "{{ item }}" + state: directory + owner: "{{ lookup('env', 'USER') }}" + mode: "u=rwX,g=rX,o=rX" + with_items: + - "/var/lib/scriptureforge" + - "/var/lib/scriptureforge/sync" + - "/var/lib/scriptureforge/audio" + - "/var/lib/scriptureforge/training-data" + - "/var/lib/xforge" + - "/var/lib/xforge/avatars" + - "{{ lookup('env', 'HOME') }}/.local/share/SIL/WritingSystemRepository/3" + + - name: Add localhost to dnsmasq + ansible.builtin.lineinfile: + path: /etc/NetworkManager/dnsmasq.d/localhost-domain + line: "{{ item }}" + state: present + create: true + mode: "u=rw,g=r,o=r" + with_items: + - "address=/localhost/127.0.0.1" + - "address=/localhost/::1" + when: inventory_hostname == "localhost" and base_distribution_release == 'xenial' + notify: restart network + tags: ["network"] + + - name: Enable convenient access to ng from commandline | bin dir + become: false + ansible.builtin.file: + path: "{{ lookup('env', 'HOME') }}/bin" + state: directory + mode: "0755" + when: inventory_hostname == "localhost" + - name: Enable convenient access to ng from commandline | symlink + become: false + ansible.builtin.file: + src: "{{ repo_path }}/src/SIL.XForge.Scripture/ClientApp/node_modules/.bin/ng" + path: "{{ lookup('env', 'HOME') }}/bin/ng" + state: link + force: true + follow: false + when: inventory_hostname == "localhost" + + - name: Use chromium for unit tests + become: false + ansible.builtin.lineinfile: + path: "{{ lookup('env', 'HOME') }}/.pam_environment" + line: "CHROME_BIN=chromium-browser" + create: true + mode: "0644" + + - name: Install or update reportgenerator + become: false + ansible.builtin.command: dotnet tool update --global dotnet-reportgenerator-globaltool + + - name: Install or update csharpier + become: false + ansible.builtin.command: dotnet tool update csharpier + + - name: Set initial PT connection settings + become: false + ansible.builtin.copy: + src: InternetSettings.xml + dest: ~/.local/share/Paratext95/ + mode: "0644" + + handlers: + - name: Restart mongod + ansible.builtin.service: + name: mongod + state: restarted + + - name: Restart network + ansible.builtin.service: + name: network-manager + state: restarted From 4b9aaf33bc2fada418d3eb4e5f406462f9a0f131 Mon Sep 17 00:00:00 2001 From: MarkS Date: Wed, 18 Dec 2024 13:43:42 -0700 Subject: [PATCH 6/9] dev: omit dotnet pkg repo key and source dotnet packages for Ubuntu 22.04+ are now maintained in the official Ubuntu repositories. --- deploy/dev-server.playbook.yml | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/deploy/dev-server.playbook.yml b/deploy/dev-server.playbook.yml index cd3b6824c1..d902a74614 100644 --- a/deploy/dev-server.playbook.yml +++ b/deploy/dev-server.playbook.yml @@ -13,19 +13,6 @@ mongodb_version: 7.0 repo_path: "{{ playbook_dir }}/.." pre_tasks: - - name: "Add .NET Core | add key" - ansible.builtin.get_url: - # key id BC528686B50D79E339D3721CEB3E94ADBE1229CF - url: https://packages.microsoft.com/keys/microsoft.asc - dest: /etc/apt/trusted.gpg.d/microsoft.asc - mode: "0644" - - name: "Add .NET Core | add source" - ansible.builtin.apt_repository: - repo: > - deb [arch=amd64] - https://packages.microsoft.com/repos/microsoft-{{ base_distribution_release }}-{{ base_distribution_release }}-prod - {{ base_distribution_release }} main - state: present - name: Add apt key for mongodb server version {{ mongodb_version }} ansible.builtin.get_url: url: https://pgp.mongodb.com/server-{{ mongodb_version }}.asc From 7974f78c2a6e8e39a192cdc764780f5383389088 Mon Sep 17 00:00:00 2001 From: MarkS Date: Wed, 18 Dec 2024 14:01:53 -0700 Subject: [PATCH 7/9] dev: update mongodb ansible --- deploy/dev-server.playbook.yml | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/deploy/dev-server.playbook.yml b/deploy/dev-server.playbook.yml index d902a74614..dfa07e4b6f 100644 --- a/deploy/dev-server.playbook.yml +++ b/deploy/dev-server.playbook.yml @@ -15,18 +15,21 @@ pre_tasks: - name: Add apt key for mongodb server version {{ mongodb_version }} ansible.builtin.get_url: - url: https://pgp.mongodb.com/server-{{ mongodb_version }}.asc - dest: /etc/apt/trusted.gpg.d/mongodb-server-{{ mongodb_version }}.asc + url: https://www.mongodb.org/static/pgp/server-{{ mongodb_version }}.asc + dest: /usr/share/keyrings/mongodb-server-{{ mongodb_version }}.asc mode: "0644" - name: Add Mongo repository for version {{ mongodb_version }} - ansible.builtin.apt_repository: - repo: > - deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/mongodb-server-{{ mongodb_version }}.asc] - https://repo.mongodb.org/apt/{{ base_distribution_release }} - {{ base_distribution_release }}/mongodb-org/{{ mongodb_version }} - {{ 'multiverse' if base_distribution == 'ubuntu' else 'main' }} - filename: mongodb-org - update_cache: true + ansible.builtin.copy: + dest: /etc/apt/sources.list.d/mongodb-org.sources + mode: "0644" + content: | + Enabled: yes + Types: deb + URIs: https://repo.mongodb.org/apt/{{ base_distribution }} + Suites: {{ base_distribution_release }}/mongodb-org/{{ mongodb_version }} + Components: {{ 'multiverse' if base_distribution == 'ubuntu' else 'main' }} + Architectures: amd64 + Signed-By: /usr/share/keyrings/mongodb-server-{{ mongodb_version }}.asc tasks: - name: Install packages ansible.builtin.apt: From 8f233f717eb13ee38b205b15d04bd1926d69a7a0 Mon Sep 17 00:00:00 2001 From: MarkS Date: Wed, 18 Dec 2024 14:31:10 -0700 Subject: [PATCH 8/9] dev: ansible: upgrade mongo from 7 to 8 --- deploy/dev-server.playbook.yml | 45 +++++++++++++++++++++------------- 1 file changed, 28 insertions(+), 17 deletions(-) diff --git a/deploy/dev-server.playbook.yml b/deploy/dev-server.playbook.yml index dfa07e4b6f..5307acbc35 100644 --- a/deploy/dev-server.playbook.yml +++ b/deploy/dev-server.playbook.yml @@ -9,8 +9,8 @@ - "vars/{{ ansible_os_family }}.yml" - "vars/os_defaults.yml" vars: - node_version: 18.20.2 - mongodb_version: 7.0 + node_version: "18.20.2" + mongodb_version: "8.0" repo_path: "{{ playbook_dir }}/.." pre_tasks: - name: Add apt key for mongodb server version {{ mongodb_version }} @@ -33,14 +33,38 @@ tasks: - name: Install packages ansible.builtin.apt: + update_cache: true + # Using 'latest' so we upgrade mongo. + state: latest name: - "dotnet-sdk-8.0" - ffmpeg - "mongodb-org" - nodejs - npm - update_cache: true - tags: ["packages"] + + - name: Restart and enable mongod service + # Note that the mongodb-org packages install a service named "mongod", not "mongodb" + ansible.builtin.service: + name: mongod + state: restarted + enabled: true + + - name: Wait for mongod to start + # We don't want to try to connect using mongosh until the service is running. + ansible.builtin.wait_for: + port: 27017 + delay: 1 + timeout: 300 + + - name: Get current mongod feature compatibility version + ansible.builtin.command: "mongosh --eval 'db.adminCommand( { getParameter: 1, featureCompatibilityVersion: 1 } )'" + register: current_fcv + changed_when: false + + - name: Set mongod feature compatibility version + ansible.builtin.command: 'mongosh --eval ''db.adminCommand( { setFeatureCompatibilityVersion: "{{ mongodb_version }}", confirm: true } )''' + when: mongodb_version not in current_fcv.stdout - name: Get npm prefix ansible.builtin.command: "npm config get prefix" @@ -85,13 +109,6 @@ - mercurial when: ansible_distribution_major_version | int >= 20 - - name: Ensure mongod service is running (and enable it at boot) - # Note that the mongodb-org packages install a service named "mongod", not "mongodb" - ansible.builtin.service: - name: mongod - state: started - enabled: true - - name: Add folders ansible.builtin.file: path: "{{ item }}" @@ -119,7 +136,6 @@ - "address=/localhost/::1" when: inventory_hostname == "localhost" and base_distribution_release == 'xenial' notify: restart network - tags: ["network"] - name: Enable convenient access to ng from commandline | bin dir become: false @@ -162,11 +178,6 @@ mode: "0644" handlers: - - name: Restart mongod - ansible.builtin.service: - name: mongod - state: restarted - - name: Restart network ansible.builtin.service: name: network-manager From b631edd76d2da2fad872c5342be3de3040417cb7 Mon Sep 17 00:00:00 2001 From: MarkS Date: Fri, 20 Dec 2024 13:06:44 -0700 Subject: [PATCH 9/9] rm empty .gitmodules --- .gitmodules | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 .gitmodules diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index e69de29bb2..0000000000