1 files changed, 36 insertions, 14 deletions

diff --git a/baserock_openid_provider/image-config.yml b/baserock_openid_provider/image-config.yml
index 3c0d8bb5..92ba0951 100644
--- a/baserock_openid_provider/image-config.yml
+++ b/baserock_openid_provider/image-config.yml
@@ -2,46 +2,61 @@
 #
 # This playbook is run at image-creation time by Packer.
 ---
-- hosts: localhost
+- hosts: openid
   gather_facts: False
+  sudo: yes
   tasks:
+  # See: https://fedoramagazine.org/getting-ansible-working-fedora-23/
+  - name: install Python2 and required deps for Ansible modules
+    raw: dnf install -y python2 python2-dnf libselinux-python
+
   - name: enable persistant journal
     shell: mkdir /var/log/journal
     args:
       creates: /var/log/journal
 
-  - name: install Cherokee web server
-    yum: name=cherokee state=latest
+  - name: ensure system up to date
+    dnf: name=* state=latest
 
-  - name: install PIP package manager
-    yum: name=python-pip state=latest
+  - name: install Cherokee web server
+    dnf: name=cherokee state=latest
 
   - name: install Sendmail mail transfer agent
-    yum: name=sendmail state=latest
+    dnf: name=sendmail state=latest
 
   - name: install uWSGI application container server and Python plugin
-    yum: name=uwsgi-plugin-python state=latest
+    dnf: name=uwsgi-plugin-python state=latest
+
+  - name: install PyYAML
+    dnf: name=PyYAML state=latest
 
+  # All this stuff is installed with Pip, which isn't really necessary except
+  # for django-registration-redux. Fedora packages django-registration but not
+  # the better django-registration-redux (I think).
+  #
   - name: install Django
-    pip: name=django
+    pip: name=django executable=pip2.7
+
+  - name: install South (Django migrations tool)
+    pip: name=South executable=pip2.7
 
   # This is a fork of django-registration which supports Django 1.7.
   # Source: https://github.com/macropin/django-registration
   # The original django-registration (which seems to be abandoned) lives at:
   # https://bitbucket.org/ubernostrum/django-registration/
   - name: install django-registration-redux
-    pip: name=django-registration-redux
+    pip: name=django-registration-redux executable=pip2.7
 
   - name: install python-openid
-    pip: name=python-openid
+    pip: name=python-openid executable=pip2.7
 
-  # Install the MySQL-python package from Yum, because if it's installed from
+  # Install the MySQL-python package from DNF, because if it's installed from
   # PyPI you need to have the mariadb-devel package installed to build the C
   # code and that's an extra 21MB of dependencies or so. Note that this driver
   # doesn't support Python 3, but there is a fork available which does, see:
   # https://docs.djangoproject.com/en/dev/ref/databases/#mysql-db-api-drivers
   - name: install MySQL-python
-    yum: name=MySQL-python state=latest
+    dnf: name=MySQL-python state=latest
 
   - name: install Cherokee configuration
     file: src=/srv/baserock_openid_provider/cherokee.conf dest=/etc/cherokee/cherokee.conf state=link force=yes
@@ -49,5 +64,12 @@
   - name: create log directory for baserock_openid_provider
     file: path=/var/log/baserock_openid_provider owner=cherokee group=cherokee state=directory
 
-  - name: create directory for static content
-    file: path=/var/www/static owner=cherokee group=cherokee state=directory
+  - name: upload application
+    copy: src=. dest=/srv owner=fedora group=fedora
+
+  # Yes, SELinux prevents Cherokee from working.
+  - name: disable SELinux on subsequent boots
+    selinux: state=disabled
+
+  - name: disable SELinux on current boot
+    command: setenforce 0