diff options
Diffstat (limited to 'baserock_openid_provider/image-config.yml')
-rw-r--r-- | baserock_openid_provider/image-config.yml | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/baserock_openid_provider/image-config.yml b/baserock_openid_provider/image-config.yml new file mode 100644 index 00000000..4aa939f8 --- /dev/null +++ b/baserock_openid_provider/image-config.yml @@ -0,0 +1,77 @@ +# Image configuration for Baserock OpenID provider. +--- +- hosts: openid + gather_facts: False + sudo: yes + tasks: + # See: https://fedoramagazine.org/getting-ansible-working-fedora-23/ + - name: install Python2 and required deps for Ansible modules + raw: dnf install -y python2 python2-dnf libselinux-python + + - name: enable persistant journal + shell: mkdir /var/log/journal + args: + creates: /var/log/journal + + - name: ensure system up to date + dnf: name=* state=latest + + - name: install Cherokee web server + dnf: name=cherokee state=latest + + - name: install Sendmail mail transfer agent + dnf: name=sendmail state=latest + + - name: install uWSGI application container server and Python plugin + dnf: name=uwsgi-plugin-python state=latest + + - name: install PyYAML + dnf: name=PyYAML state=latest + + # Authentication in Gerrit fails if OpenID clock is not set correctly + - name: Install ntp + dnf: name=ntp + + # All this stuff is installed with Pip, which isn't really necessary except + # for django-registration-redux. Fedora packages django-registration but not + # the better django-registration-redux (I think). + # + - name: install Django + pip: name=django executable=pip2.7 + + - name: install South (Django migrations tool) + pip: name=South executable=pip2.7 + + # This is a fork of django-registration which supports Django 1.7. + # Source: https://github.com/macropin/django-registration + # The original django-registration (which seems to be abandoned) lives at: + # https://bitbucket.org/ubernostrum/django-registration/ + - name: install django-registration-redux + pip: name=django-registration-redux executable=pip2.7 + + - name: install python-openid + pip: name=python-openid executable=pip2.7 + + # Install the MySQL-python package from DNF, because if it's installed from + # PyPI you need to have the mariadb-devel package installed to build the C + # code and that's an extra 21MB of dependencies or so. Note that this driver + # doesn't support Python 3, but there is a fork available which does, see: + # https://docs.djangoproject.com/en/dev/ref/databases/#mysql-db-api-drivers + - name: install MySQL-python + dnf: name=MySQL-python state=latest + + - name: install Cherokee configuration + file: src=/srv/baserock_openid_provider/cherokee.conf dest=/etc/cherokee/cherokee.conf state=link force=yes + + - name: create log directory for baserock_openid_provider + file: path=/var/log/baserock_openid_provider owner=cherokee group=cherokee state=directory + + - name: upload application + copy: src=. dest=/srv owner=fedora group=fedora + + # Yes, SELinux prevents Cherokee from working. + - name: disable SELinux on subsequent boots + selinux: state=disabled + + - name: disable SELinux on current boot + command: setenforce 0 |