diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml index 153fef682..b8f4d030f 100644 --- a/roles/lokole/defaults/main.yml +++ b/roles/lokole/defaults/main.yml @@ -20,14 +20,17 @@ lokole_admin_password: changeme lokole_install_path: "{{ content_base }}/lokole" # /library/lokole lokole_venv: "{{ lokole_install_path }}/venv" # /library/lokole/venv +lokole_confd: /etc/supervisor/conf.d # Info needed to run Lokole: lokole_user: lokole lokole_url: /lokole lokole_uid: "2000" -lokole_run_directory: /home/{{ lokole_user }}/state -lokole_log_directory: /home/{{ lokole_user }}/log -lokole_domain_socket: "{{ lokole_run_directory }}/lokole_gunicorn.sock" +lokole_home_dir: /home/{{ lokole_user }} +lokole_run_dir: "{{ lokole_home_dir }}/state" +lokole_log_dir: "{{ lokole_home_dir }}/logs" +lokole_settings: "{{ lokole_run_dir }}/settings.env" +lokole_domain_socket: "{{ lokole_run_dir }}/lokole_gunicorn.sock" lokole_sim_type: LocalOnly lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}{{ lokole_url }}" # http://box.lan/lokole diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index b5aec38ff..083152c9f 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -25,6 +25,13 @@ - libjpeg-dev - libssl-dev - libopenjp2-7 # 2020-02-01: To solve bug #2221 + - supervisor + - usb-modeswitch + - usb-modeswitch-data + - mobile-broadband-provider-info + - ppp + - wvdial + state: present # For development purposes -- To install Lokole from a given commit, add the @@ -75,52 +82,63 @@ ansible.builtin.user: state: present name: "{{ lokole_user }}" + #group: "{{ lokole_user }}" + groups: dialout, dip system: yes - uid: "{{ lokole_uid }}" - home: /home/{{ lokole_user }} + #uid: "{{ lokole_uid }}" + home: "{{ lokole_home_dir }}" -- name: mkdir {{ lokole_run_directory }} +- name: mkdir {{ lokole_run_dir }} file: state: directory - path: "{{ lokole_run_directory }}" + path: "{{ lokole_run_dir }}/lokole_restarter" group: "{{ lokole_user }}" owner: "{{ lokole_user }}" mode: g+rw -- name: mkdir /{{ lokole_user }}/log +- name: mkdir {{ lokole_log_dir }} file: state: directory - path: "{{ lokole_log_directory }}" + path: "{{ lokole_log_dir }}" group: "{{ lokole_user }}" owner: "{{ lokole_user }}" mode: g+rw -- name: Install {{ lokole_run_directory }}/settings.env +- name: Generate key and salt + set_fact: + lokole_key: "{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32') }}" + lokole_salt: "{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16') }}" + +- name: Install {{ lokole_settings }} template: src: settings.env.j2 - dest: "{{ lokole_run_directory }}/settings.env" + dest: "{{ lokole_settings }}" group: "{{ lokole_user }}" owner: "{{ lokole_user }}" - mode: a+rw + mode: g+rw -- name: Install {{ lokole_run_directory }}/webapp_secrets.sh from template, to configure Lokole - template: - src: webapp_secrets.sh.j2 - dest: "{{ lokole_run_directory }}/webapp_secrets.sh" - mode: a+x +#- name: Fixup supervisorctl +# file: +# path: /usr/bin/supervisorctl +# owner: root +# group: "{{ lokole_user }}" +# mode: u=rw+s,g=rx,o=rx -- name: Install {{ lokole_run_directory }}/webapp.sh from template, to configure Gunicorn +- name: Install {{ lokole_confd }} templates to configure Lokole template: - src: webapp.sh.j2 - dest: "{{ lokole_run_directory }}/webapp.sh" + src: "{{ item.src }}" + dest: "{{ lokole_confd }}" group: "{{ lokole_user }}" owner: "{{ lokole_user }}" - mode: a+x + mode: 0644 + with_items: + - { src: 'lokole_gunicorn.conf' } + - { src: 'lokole_celery_beat.conf' } + - { src: 'lokole_celery_worker.conf' } + - { src: 'lokole_restarter.conf' } - name: Create Lokole admin user with password, for http://box{{ lokole_url }} # http://box/lokole - shell: | - . {{ lokole_run_directory }}/webapp_secrets.sh - {{ lokole_venv }}/bin/manage.py createadmin --name='{{ lokole_admin_user }}' --password='{{ lokole_admin_password }}' + include_tasks: setup.yml - name: Install /etc/{{ apache_conf_dir }}/lokole.conf from template, for http://box{{ lokole_url }} via Apache # http://box/lokole template: @@ -129,24 +147,12 @@ mode: 0644 when: apache_install -- name: Install unit files {lokole.service, celery.service, celerybeat.service, lokole_restarter.service} into /etc/systemd/system, from template - template: - src: "{{ item.src }}" - dest: "{{ item.dest}}" - mode: 0644 - with_items: - - { src: 'lokole.service.j2', dest: '/etc/systemd/system/lokole.service' } - - { src: 'celery.service.j2', dest: '/etc/systemd/system/celery.service' } - - { src: 'celerybeat.service.j2', dest: '/etc/systemd/system/celerybeat.service' } - - { src: 'lokole_restarter.service.j2', dest: '/etc/systemd/system/lokole_restarter.service' } - - -# RECORD Lokole AS INSTALLED - - name: "Set 'lokole_installed: True'" set_fact: lokole_installed: True +# RECORD Lokole AS INSTALLED + - name: "Add 'lokole_installed: True' to {{ iiab_state_file }}" lineinfile: path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/lokole/tasks/main.yml b/roles/lokole/tasks/main.yml index 9f186a60e..cc9fc170d 100644 --- a/roles/lokole/tasks/main.yml +++ b/roles/lokole/tasks/main.yml @@ -24,36 +24,25 @@ when: lokole_installed is undefined -- name: Do a 'systemctl daemon-reload' if lokole_enabled +- name: Do a 'systemctl daemon-reload' systemd: daemon_reload: yes when: lokole_enabled -- name: Enable & Restart {lokole, celery, celerybeat, lokole_restarter} systemd services, if lokole_enabled +- name: Enable & Restart supervisor systemd service, if lokole_enabled systemd: - name: "{{ item }}" + name: supervisor enabled: yes state: restarted when: lokole_enabled - with_items: - - lokole - - celery - - celerybeat - - lokole_restarter -- name: Disable & Stop all 4 (above) systemd services, if not lokole_enabled +- name: Disable & Stop supervisor systemd service, if not lokole_enabled systemd: - name: "{{ item }}" + name: supervisor enabled: no state: stopped when: not lokole_enabled - with_items: # @jvonau prefers reverse starting order, if stopping these 4 - - lokole_restarter - - celerybeat - - celery - - lokole -#- name: SHIM FOR NOW SO ALWAYS DO THE...Enable/Disable/Restart Apache - name: Enable/Disable/Restart Apache if primary include_tasks: apache.yml when: not nginx_enabled @@ -79,8 +68,8 @@ value: "{{ lokole_install }}" - option: lokole_enabled value: "{{ lokole_enabled }}" - - option: lokole_run_directory - value: "{{ lokole_run_directory }}" + - option: lokole_settings + value: "{{ lokole_settings }}" - option: lokole_url value: "{{ lokole_url }}" - option: lokole_full_url diff --git a/roles/lokole/tasks/setup.yml b/roles/lokole/tasks/setup.yml new file mode 100644 index 000000000..1f49661c6 --- /dev/null +++ b/roles/lokole/tasks/setup.yml @@ -0,0 +1,20 @@ +- name: start supervisor + systemd: + name: supervisor + state: started + +- name: Create Lokole admin user with password, for http://box{{ lokole_url }} # http://box/lokole + shell: | + while read envvar; do export "$envvar"; done < {{ lokole_run_dir }}/settings.env + {{ lokole_venv }}/bin/manage.py createadmin --name='{{ lokole_admin_user }}' --password='{{ lokole_admin_password }}' + +- name: Change owner of dbfiles + file: + path: "{{ item.path }}" + state: file + owner: "{{ lokole_user }}" + group: "{{ lokole_user }}" + mode: u=rw + loop: + - { path: "{{ lokole_run_dir }}/users.sqlite3" } +# - { path: "{{ lokole_run_dir }}/celery.sqlite3" } diff --git a/roles/lokole/templates/celery.service.j2 b/roles/lokole/templates/celery.service.unused similarity index 100% rename from roles/lokole/templates/celery.service.j2 rename to roles/lokole/templates/celery.service.unused diff --git a/roles/lokole/templates/celerybeat.service.j2 b/roles/lokole/templates/celerybeat.service.unused similarity index 100% rename from roles/lokole/templates/celerybeat.service.j2 rename to roles/lokole/templates/celerybeat.service.unused diff --git a/roles/lokole/templates/lokole.service.j2 b/roles/lokole/templates/lokole.service.unused similarity index 100% rename from roles/lokole/templates/lokole.service.j2 rename to roles/lokole/templates/lokole.service.unused diff --git a/roles/lokole/templates/lokole_celery_beat.conf b/roles/lokole/templates/lokole_celery_beat.conf new file mode 100644 index 000000000..b751b3453 --- /dev/null +++ b/roles/lokole/templates/lokole_celery_beat.conf @@ -0,0 +1,10 @@ +[program:lokole_celery_beat] +command={{ lokole_venv }}/bin/celery --app=opwen_email_client.webapp.tasks beat --pidfile={{ lokole_run_dir }}/lokole_celery_beat.pid --loglevel=error +autostart=true +autorestart=true +startretries=3 +stopasgroup=true +stderr_logfile={{ lokole_log_dir }}/lokole_celery_beat.stderr.log +stdout_logfile={{ lokole_log_dir }}/lokole_celery_beat.stdout.log +user={{ lokole_user }} +environment=OPWEN_SETTINGS={{ lokole_settings }} diff --git a/roles/lokole/templates/lokole_celery_worker.conf b/roles/lokole/templates/lokole_celery_worker.conf new file mode 100644 index 000000000..5f25258fd --- /dev/null +++ b/roles/lokole/templates/lokole_celery_worker.conf @@ -0,0 +1,10 @@ +[program:lokole_celery_worker] +command={{ lokole_venv }}/bin/celery --app=opwen_email_client.webapp.tasks worker --loglevel=error --concurrency=2 +autostart=true +autorestart=true +startretries=3 +stopasgroup=true +stderr_logfile={{ lokole_log_dir }}/lokole_celery_worker.stderr.log +stdout_logfile={{ lokole_log_dir }}/lokole_celery_worker.stdout.log +user={{ lokole_user }} +environment=OPWEN_SETTINGS={{ lokole_settings }} diff --git a/roles/lokole/templates/lokole_gunicorn.conf b/roles/lokole/templates/lokole_gunicorn.conf new file mode 100644 index 000000000..a2a940ed4 --- /dev/null +++ b/roles/lokole/templates/lokole_gunicorn.conf @@ -0,0 +1,10 @@ +[program:lokole_gunicorn] +command={{ lokole_venv }}/bin/gunicorn --bind=unix:{{ lokole_run_dir }}/lokole_gunicorn.sock --timeout=300 --workers=3 --log-level=error opwen_email_client.webapp:app +autostart=true +autorestart=true +startretries=3 +stopasgroup=true +stderr_logfile={{ lokole_log_dir }}/lokole_gunicorn.stderr.log +stdout_logfile={{ lokole_log_dir }}/lokole_gunicorn.stdout.log +user={{ lokole_user }} +environment=OPWEN_SETTINGS={{ lokole_settings }} diff --git a/roles/lokole/templates/lokole_restarter.conf b/roles/lokole/templates/lokole_restarter.conf new file mode 100644 index 000000000..94f580e9c --- /dev/null +++ b/roles/lokole/templates/lokole_restarter.conf @@ -0,0 +1,10 @@ +[program:lokole_restarter] +command={{ lokole_venv }}/bin/manage.py restarter --directory={{ lokole_run_dir }}/lokole_restarter +autostart=true +autorestart=true +startretries=3 +stopasgroup=true +stderr_logfile={{ lokole_log_dir }}/lokole_restarter.stderr.log +stdout_logfile={{ lokole_log_dir }}/lokole_restarter.stdout.log +user=root +environment=OPWEN_SETTINGS={{ lokole_settings }} diff --git a/roles/lokole/templates/lokole_restarter.service.j2 b/roles/lokole/templates/lokole_restarter.service.unused similarity index 100% rename from roles/lokole/templates/lokole_restarter.service.j2 rename to roles/lokole/templates/lokole_restarter.service.unused diff --git a/roles/lokole/templates/settings.env.j2 b/roles/lokole/templates/settings.env.j2 index e1d15bdfc..6f87ad277 100644 --- a/roles/lokole/templates/settings.env.j2 +++ b/roles/lokole/templates/settings.env.j2 @@ -1,8 +1,11 @@ -OPWEN_SETTINGS='{{ lokole_run_directory }}/settings.env' -OPWEN_STATE_DIRECTORY='{{ lokole_run_directory }}' -OPWEN_APP_ROOT='{{ lokole_url }}/' +OPWEN_SETTINGS={{ lokole_run_dir }}/settings.env +OPWEN_STATE_DIRECTORY={{ lokole_run_dir }} +OPWEN_APP_ROOT={{ lokole_url }}/ OPWEN_MAX_UPLOAD_SIZE_MB=10 -OPWEN_SYNC_SCHEDULE='1,16,31,46 * * * *' -OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32') }}' -OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16') }}' -OPWEN_SIM_TYPE='{{ lokole_sim_type }}' +OPWEN_SYNC_SCHEDULE="1,16,31,46 * * * *" +OPWEN_RESTART_PATH={{ lokole_run_dir }}/lokole_restarter/lokole_gunicorn=HUP,{{ lokole_run_dir }}/lokole_restarter/lokole_celery_worker=,{{ lokole_run_dir }}/lokole_restarter/lokole_celery_beat= +OPWEN_SESSION_KEY={{ lokole_key }} +OPWEN_SECRET_KEY={{ lokole_key }} +OPWEN_PASSWORD_SALT={{ lokole_salt }} +OPWEN_SIM_TYPE={{ lokole_sim_type }} +OPWEN_CLIENT_NAME={{ lokole_client_id }} diff --git a/roles/lokole/templates/webapp.sh.j2 b/roles/lokole/templates/webapp.sh.unused similarity index 100% rename from roles/lokole/templates/webapp.sh.j2 rename to roles/lokole/templates/webapp.sh.unused diff --git a/roles/lokole/templates/webapp_secrets.sh.j2 b/roles/lokole/templates/webapp_secrets.sh.unused similarity index 100% rename from roles/lokole/templates/webapp_secrets.sh.j2 rename to roles/lokole/templates/webapp_secrets.sh.unused diff --git a/vars/default_vars.yml b/vars/default_vars.yml index fb47adcd0..80bd136f5 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -393,6 +393,7 @@ lokole_enabled: False # lokole_sim_type can be: 'hologram', 'Ethernet', 'LocalOnly', or 'mkwvconf' # Details: https://github.com/ascoderu/lokole/blob/master/install.py#L35 lokole_sim_type: LocalOnly +lokole_client_id: None mediawiki_install: False mediawiki_enabled: False diff --git a/vars/local_vars_big.yml b/vars/local_vars_big.yml index 8e304f80c..e7113a35a 100644 --- a/vars/local_vars_big.yml +++ b/vars/local_vars_big.yml @@ -261,9 +261,6 @@ jupyterhub_enabled: True # Lokole (email for rural communities) from https://ascoderu.ca lokole_install: True lokole_enabled: True -# lokole_sim_type can be: 'hologram', 'Ethernet', 'LocalOnly', or 'mkwvconf' -# Details: https://github.com/ascoderu/lokole/blob/master/install.py#L35 -lokole_sim_type: LocalOnly mediawiki_install: True mediawiki_enabled: True diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index 160be65e1..79a4eed23 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -261,9 +261,6 @@ jupyterhub_enabled: False # Lokole (email for rural communities) from https://ascoderu.ca lokole_install: False lokole_enabled: False -# lokole_sim_type can be: 'hologram', 'Ethernet', 'LocalOnly', or 'mkwvconf' -# Details: https://github.com/ascoderu/lokole/blob/master/install.py#L35 -lokole_sim_type: LocalOnly mediawiki_install: False mediawiki_enabled: False diff --git a/vars/local_vars_min.yml b/vars/local_vars_min.yml index 2c2a499da..086991c73 100644 --- a/vars/local_vars_min.yml +++ b/vars/local_vars_min.yml @@ -261,9 +261,6 @@ jupyterhub_enabled: False # Lokole (email for rural communities) from https://ascoderu.ca lokole_install: False lokole_enabled: False -# lokole_sim_type can be: 'hologram', 'Ethernet', 'LocalOnly', or 'mkwvconf' -# Details: https://github.com/ascoderu/lokole/blob/master/install.py#L35 -lokole_sim_type: LocalOnly mediawiki_install: False mediawiki_enabled: False