You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2019/08/12 20:57:17 UTC

[airavata] branch staging updated: Ansible role for setting up letsencrypt

This is an automated email from the ASF dual-hosted git repository.

machristie pushed a commit to branch staging
in repository https://gitbox.apache.org/repos/asf/airavata.git


The following commit(s) were added to refs/heads/staging by this push:
     new 6e7a77a  Ansible role for setting up letsencrypt
6e7a77a is described below

commit 6e7a77ab106bd1df94ff8aed364b63caa9f5935c
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Mon Aug 12 16:56:19 2019 -0400

    Ansible role for setting up letsencrypt
---
 dev-tools/ansible/django.yml                       |  1 +
 dev-tools/ansible/pga-single-vhost.yml             |  1 +
 dev-tools/ansible/pga.yml                          |  1 +
 .../letsencrypt/tasks/main.yml}                    | 38 +++++++++++++---------
 4 files changed, 25 insertions(+), 16 deletions(-)

diff --git a/dev-tools/ansible/django.yml b/dev-tools/ansible/django.yml
index 96d39f3..8871a6b 100644
--- a/dev-tools/ansible/django.yml
+++ b/dev-tools/ansible/django.yml
@@ -27,6 +27,7 @@
     # Oracle JDK is needed by Django apps that call Java code (e.g., SimCCS Maptool)
     - java
     - httpd
+    - letsencrypt
 
 # Create a django virtual host
 - hosts: django
diff --git a/dev-tools/ansible/pga-single-vhost.yml b/dev-tools/ansible/pga-single-vhost.yml
index eae17e2..cb0d2c1 100644
--- a/dev-tools/ansible/pga-single-vhost.yml
+++ b/dev-tools/ansible/pga-single-vhost.yml
@@ -32,6 +32,7 @@
     - "{{ vars_dir }}/vault.yml"
   roles:
     - env_setup
+    - letsencrypt
     - pga
 
 ...
diff --git a/dev-tools/ansible/pga.yml b/dev-tools/ansible/pga.yml
index efc0696..d86f82e 100644
--- a/dev-tools/ansible/pga.yml
+++ b/dev-tools/ansible/pga.yml
@@ -23,6 +23,7 @@
   tags: pga
   roles:
     - env_setup
+    - letsencrypt
     - pga
 
 ...
diff --git a/dev-tools/ansible/django.yml b/dev-tools/ansible/roles/letsencrypt/tasks/main.yml
similarity index 59%
copy from dev-tools/ansible/django.yml
copy to dev-tools/ansible/roles/letsencrypt/tasks/main.yml
index 96d39f3..42dbda9 100644
--- a/dev-tools/ansible/django.yml
+++ b/dev-tools/ansible/roles/letsencrypt/tasks/main.yml
@@ -19,21 +19,27 @@
 #
 
 ---
-# Run the following setup once
-- hosts: django[0]
-  name: webserver setup
-  roles:
-    - env_setup
-    # Oracle JDK is needed by Django apps that call Java code (e.g., SimCCS Maptool)
-    - java
-    - httpd
 
-# Create a django virtual host
-- hosts: django
-  # Limit to deploying to only 1 host at once. This is to lighten the load during the JavaScript build step.
-  serial: 2
-  name: Create/update Django portal for gateway
-  roles:
-    - django
+- name: install certbot and dependencies
+  yum: name={{ item }} state=installed update_cache=yes
+  with_items:
+    - certbot-0.34.2-3.el7
+    - python2-acme-0.34.2-1.el7
+    - python2-certbot-apache-0.34.2-1.el7
+  become_user: root
 
-...
+- name: enable certbot (letsencrypt) renewal
+  systemd:
+    state: started
+    enabled: true
+    name: certbot-renew
+  become: true
+  become_user: root
+
+- name: enable certbot (letsencrypt) renewal timer
+  systemd:
+    state: started
+    enabled: true
+    name: certbot-renew.timer
+  become: true
+  become_user: root