Merge pull request #2802 from jvonau/lok-merge

Lok merge

roles/lokole/defaults/main.yml

@@ -20,14 +20,17 @@ lokole_admin_password: changeme
 
 lokole_install_path: "{{ content_base }}/lokole"    # /library/lokole
 lokole_venv: "{{ lokole_install_path }}/venv"       # /library/lokole/venv
+lokole_confd: /etc/supervisor/conf.d
 
 # Info needed to run Lokole:
 lokole_user: lokole
 lokole_url: /lokole
 lokole_uid: "2000"
-lokole_run_directory: /home/{{ lokole_user }}/state
-lokole_log_directory: /home/{{ lokole_user }}/log
-lokole_domain_socket: "{{ lokole_run_directory }}/lokole_gunicorn.sock"
+lokole_home_dir: /home/{{ lokole_user }}
+lokole_run_dir: "{{ lokole_home_dir }}/state"
+lokole_log_dir: "{{ lokole_home_dir }}/logs"
+lokole_settings: "{{ lokole_run_dir }}/settings.env"
+lokole_domain_socket: "{{ lokole_run_dir }}/lokole_gunicorn.sock"
 lokole_sim_type: LocalOnly
 
 lokole_full_url: "http://{{ iiab_hostname }}.{{ iiab_domain }}{{ lokole_url }}"    # http://box.lan/lokole

roles/lokole/tasks/install.yml

@@ -25,6 +25,13 @@
       - libjpeg-dev
       - libssl-dev
       - libopenjp2-7    # 2020-02-01: To solve bug #2221
+      - supervisor
+      - usb-modeswitch
+      - usb-modeswitch-data
+      - mobile-broadband-provider-info
+      - ppp
+      - wvdial
+
     state: present
 
 # For development purposes -- To install Lokole from a given commit, add the
@@ -75,52 +82,63 @@
   ansible.builtin.user:
     state: present
     name: "{{ lokole_user }}"
+    #group: "{{ lokole_user }}"
+    groups: dialout, dip
     system: yes
-    uid: "{{ lokole_uid }}"
-    home: /home/{{ lokole_user }}
+    #uid: "{{ lokole_uid }}"
+    home: "{{ lokole_home_dir }}"
 
-- name: mkdir {{ lokole_run_directory }}
+- name: mkdir {{ lokole_run_dir }}
   file:
     state: directory
-    path: "{{ lokole_run_directory }}"
+    path: "{{ lokole_run_dir }}/lokole_restarter"
     group: "{{ lokole_user }}"
     owner: "{{ lokole_user }}"
     mode: g+rw
 
-- name: mkdir /{{ lokole_user }}/log
+- name: mkdir {{ lokole_log_dir }}
   file:
     state: directory
-    path: "{{ lokole_log_directory }}"
+    path: "{{ lokole_log_dir }}"
     group: "{{ lokole_user }}"
     owner: "{{ lokole_user }}"
     mode: g+rw
 
-- name: Install {{ lokole_run_directory }}/settings.env
+- name: Generate key and salt
+  set_fact:
+    lokole_key: "{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32') }}"
+    lokole_salt: "{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16') }}"
+
+- name: Install {{ lokole_settings }}
   template:
     src: settings.env.j2
-    dest: "{{ lokole_run_directory }}/settings.env"
+    dest: "{{ lokole_settings }}"
     group: "{{ lokole_user }}"
     owner: "{{ lokole_user }}"
-    mode: a+rw
+    mode: g+rw
 
-- name: Install {{ lokole_run_directory }}/webapp_secrets.sh from template, to configure Lokole
-  template:
-    src: webapp_secrets.sh.j2
-    dest: "{{ lokole_run_directory }}/webapp_secrets.sh"
-    mode: a+x
+#- name: Fixup supervisorctl
+#  file:
+#    path: /usr/bin/supervisorctl
+#    owner: root
+#    group: "{{ lokole_user }}"
+#    mode: u=rw+s,g=rx,o=rx
 
-- name: Install {{ lokole_run_directory }}/webapp.sh from template, to configure Gunicorn
+- name: Install {{ lokole_confd }} templates to configure Lokole
   template:
-    src: webapp.sh.j2
-    dest: "{{ lokole_run_directory }}/webapp.sh"
+    src: "{{ item.src }}"
+    dest: "{{ lokole_confd }}"
     group: "{{ lokole_user }}"
     owner: "{{ lokole_user }}"
-    mode: a+x
+    mode: 0644
+  with_items:
+    - { src: 'lokole_gunicorn.conf' }
+    - { src: 'lokole_celery_beat.conf' }
+    - { src: 'lokole_celery_worker.conf' }
+    - { src: 'lokole_restarter.conf' }
 
 - name: Create Lokole admin user with password, for http://box{{ lokole_url }}    # http://box/lokole
-  shell: |
-    . {{ lokole_run_directory }}/webapp_secrets.sh
-    {{ lokole_venv }}/bin/manage.py createadmin --name='{{ lokole_admin_user }}' --password='{{ lokole_admin_password }}'
+  include_tasks: setup.yml
 
 - name: Install /etc/{{ apache_conf_dir }}/lokole.conf from template, for http://box{{ lokole_url }} via Apache    # http://box/lokole
   template:
@@ -129,24 +147,12 @@
     mode: 0644
   when: apache_install
 
-- name: Install unit files {lokole.service, celery.service, celerybeat.service, lokole_restarter.service} into /etc/systemd/system, from template
-  template:
-    src: "{{ item.src }}"
-    dest: "{{ item.dest}}"
-    mode: 0644
-  with_items:
-    - { src: 'lokole.service.j2', dest: '/etc/systemd/system/lokole.service' }
-    - { src: 'celery.service.j2', dest: '/etc/systemd/system/celery.service' }
-    - { src: 'celerybeat.service.j2', dest: '/etc/systemd/system/celerybeat.service' }
-    - { src: 'lokole_restarter.service.j2', dest: '/etc/systemd/system/lokole_restarter.service' }
-
-
-# RECORD Lokole AS INSTALLED
-
 - name: "Set 'lokole_installed: True'"
   set_fact:
     lokole_installed: True
 
+# RECORD Lokole AS INSTALLED
+
 - name: "Add 'lokole_installed: True' to {{ iiab_state_file }}"
   lineinfile:
     path: "{{ iiab_state_file }}"    # /etc/iiab/iiab_state.yml

roles/lokole/tasks/main.yml

@@ -24,36 +24,25 @@
   when: lokole_installed is undefined
 
 
-- name: Do a 'systemctl daemon-reload' if lokole_enabled
+- name: Do a 'systemctl daemon-reload'
   systemd:
     daemon_reload: yes
   when: lokole_enabled
 
-- name: Enable & Restart {lokole, celery, celerybeat, lokole_restarter} systemd services, if lokole_enabled
+- name: Enable & Restart supervisor systemd service, if lokole_enabled
   systemd:
-    name: "{{ item }}"
+    name: supervisor
     enabled: yes
     state: restarted
   when: lokole_enabled
-  with_items:
-    - lokole
-    - celery
-    - celerybeat
-    - lokole_restarter
 
-- name: Disable & Stop all 4 (above) systemd services, if not lokole_enabled
+- name: Disable & Stop supervisor systemd service, if not lokole_enabled
   systemd:
-    name: "{{ item }}"
+    name: supervisor
     enabled: no
     state: stopped
   when: not lokole_enabled
-  with_items:    # @jvonau prefers reverse starting order, if stopping these 4
-    - lokole_restarter
-    - celerybeat
-    - celery
-    - lokole
 
-#- name: SHIM FOR NOW SO ALWAYS DO THE...Enable/Disable/Restart Apache
 - name: Enable/Disable/Restart Apache if primary
   include_tasks: apache.yml
   when: not nginx_enabled
@@ -79,8 +68,8 @@
       value: "{{ lokole_install }}"
     - option: lokole_enabled
       value: "{{ lokole_enabled }}"
-    - option: lokole_run_directory
-      value: "{{ lokole_run_directory }}"
+    - option: lokole_settings
+      value: "{{ lokole_settings }}"
     - option: lokole_url
       value: "{{ lokole_url }}"
     - option: lokole_full_url

roles/lokole/tasks/setup.yml

@@ -0,0 +1,20 @@
+- name: start supervisor
+  systemd:
+    name: supervisor
+    state: started
+
+- name: Create Lokole admin user with password, for http://box{{ lokole_url }}    # http://box/lokole
+  shell: |
+    while read envvar; do export "$envvar"; done < {{ lokole_run_dir }}/settings.env
+    {{ lokole_venv }}/bin/manage.py createadmin --name='{{ lokole_admin_user }}' --password='{{ lokole_admin_password }}'
+
+- name: Change owner of dbfiles
+  file:
+    path: "{{ item.path }}"
+    state: file
+    owner: "{{ lokole_user }}"
+    group: "{{ lokole_user }}"
+    mode: u=rw
+  loop:
+    - { path: "{{ lokole_run_dir }}/users.sqlite3" }
+#    - { path: "{{ lokole_run_dir }}/celery.sqlite3" }

roles/lokole/templates/lokole_celery_beat.conf

@@ -0,0 +1,10 @@
+[program:lokole_celery_beat]
+command={{ lokole_venv }}/bin/celery --app=opwen_email_client.webapp.tasks beat --pidfile={{ lokole_run_dir }}/lokole_celery_beat.pid --loglevel=error
+autostart=true
+autorestart=true
+startretries=3
+stopasgroup=true
+stderr_logfile={{ lokole_log_dir }}/lokole_celery_beat.stderr.log
+stdout_logfile={{ lokole_log_dir }}/lokole_celery_beat.stdout.log
+user={{ lokole_user }}
+environment=OPWEN_SETTINGS={{ lokole_settings }}

roles/lokole/templates/lokole_celery_worker.conf

@@ -0,0 +1,10 @@
+[program:lokole_celery_worker]
+command={{ lokole_venv }}/bin/celery --app=opwen_email_client.webapp.tasks worker --loglevel=error --concurrency=2
+autostart=true
+autorestart=true
+startretries=3
+stopasgroup=true
+stderr_logfile={{ lokole_log_dir }}/lokole_celery_worker.stderr.log
+stdout_logfile={{ lokole_log_dir }}/lokole_celery_worker.stdout.log
+user={{ lokole_user }}
+environment=OPWEN_SETTINGS={{ lokole_settings }}

roles/lokole/templates/lokole_gunicorn.conf

@@ -0,0 +1,10 @@
+[program:lokole_gunicorn]
+command={{ lokole_venv }}/bin/gunicorn --bind=unix:{{ lokole_run_dir }}/lokole_gunicorn.sock --timeout=300 --workers=3 --log-level=error opwen_email_client.webapp:app
+autostart=true
+autorestart=true
+startretries=3
+stopasgroup=true
+stderr_logfile={{ lokole_log_dir }}/lokole_gunicorn.stderr.log
+stdout_logfile={{ lokole_log_dir }}/lokole_gunicorn.stdout.log
+user={{ lokole_user }}
+environment=OPWEN_SETTINGS={{ lokole_settings }}

roles/lokole/templates/lokole_restarter.conf

@@ -0,0 +1,10 @@
+[program:lokole_restarter]
+command={{ lokole_venv }}/bin/manage.py restarter --directory={{ lokole_run_dir }}/lokole_restarter
+autostart=true
+autorestart=true
+startretries=3
+stopasgroup=true
+stderr_logfile={{ lokole_log_dir }}/lokole_restarter.stderr.log
+stdout_logfile={{ lokole_log_dir }}/lokole_restarter.stdout.log
+user=root
+environment=OPWEN_SETTINGS={{ lokole_settings }}

roles/lokole/templates/settings.env.j2

@@ -1,8 +1,11 @@
-OPWEN_SETTINGS='{{ lokole_run_directory }}/settings.env'
-OPWEN_STATE_DIRECTORY='{{ lokole_run_directory }}'
-OPWEN_APP_ROOT='{{ lokole_url }}/'
+OPWEN_SETTINGS={{ lokole_run_dir }}/settings.env
+OPWEN_STATE_DIRECTORY={{ lokole_run_dir }}
+OPWEN_APP_ROOT={{ lokole_url }}/
 OPWEN_MAX_UPLOAD_SIZE_MB=10
-OPWEN_SYNC_SCHEDULE='1,16,31,46 * * * *'
-OPWEN_SESSION_KEY='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=32') }}'
-OPWEN_PASSWORD_SALT='{{ lookup('password', '/dev/null chars=ascii_letters,digits,_ length=16') }}'
-OPWEN_SIM_TYPE='{{ lokole_sim_type }}'
+OPWEN_SYNC_SCHEDULE="1,16,31,46 * * * *"
+OPWEN_RESTART_PATH={{ lokole_run_dir }}/lokole_restarter/lokole_gunicorn=HUP,{{ lokole_run_dir }}/lokole_restarter/lokole_celery_worker=,{{ lokole_run_dir }}/lokole_restarter/lokole_celery_beat=
+OPWEN_SESSION_KEY={{ lokole_key }}
+OPWEN_SECRET_KEY={{ lokole_key }}
+OPWEN_PASSWORD_SALT={{ lokole_salt }}
+OPWEN_SIM_TYPE={{ lokole_sim_type }}
+OPWEN_CLIENT_NAME={{ lokole_client_id }}

vars/default_vars.yml

@@ -393,6 +393,7 @@ lokole_enabled: False
 # lokole_sim_type can be: 'hologram', 'Ethernet', 'LocalOnly', or 'mkwvconf'
 # Details: https://github.com/ascoderu/lokole/blob/master/install.py#L35
 lokole_sim_type: LocalOnly
+lokole_client_id: None
 
 mediawiki_install: False
 mediawiki_enabled: False

vars/local_vars_big.yml

@@ -261,9 +261,6 @@ jupyterhub_enabled: True
 # Lokole (email for rural communities) from https://ascoderu.ca
 lokole_install: True
 lokole_enabled: True
-# lokole_sim_type can be: 'hologram', 'Ethernet', 'LocalOnly', or 'mkwvconf'
-# Details: https://github.com/ascoderu/lokole/blob/master/install.py#L35
-lokole_sim_type: LocalOnly
 
 mediawiki_install: True
 mediawiki_enabled: True

vars/local_vars_medium.yml

@@ -261,9 +261,6 @@ jupyterhub_enabled: False
 # Lokole (email for rural communities) from https://ascoderu.ca
 lokole_install: False
 lokole_enabled: False
-# lokole_sim_type can be: 'hologram', 'Ethernet', 'LocalOnly', or 'mkwvconf'
-# Details: https://github.com/ascoderu/lokole/blob/master/install.py#L35
-lokole_sim_type: LocalOnly
 
 mediawiki_install: False
 mediawiki_enabled: False

vars/local_vars_min.yml

@@ -261,9 +261,6 @@ jupyterhub_enabled: False
 # Lokole (email for rural communities) from https://ascoderu.ca
 lokole_install: False
 lokole_enabled: False
-# lokole_sim_type can be: 'hologram', 'Ethernet', 'LocalOnly', or 'mkwvconf'
-# Details: https://github.com/ascoderu/lokole/blob/master/install.py#L35
-lokole_sim_type: LocalOnly
 
 mediawiki_install: False
 mediawiki_enabled: False