-`acmetool`, manages let's encrypt certificates via acmetool
-`debian-repository`, installs the software reprepro (very basic)
-`lehrpreis`, teaching award nomination web app
-`meckerkasten`, mimimi web app
-`mediawiki`, setups mediawiki with php-fpm
-`php-fpm`, setups php-fpm pools
-`protokollsystem`, protocols, meetings, and everything management web app (TM)
-`schildergenerator`, sign generator web app
-`sentry`, error collection api and web app
-`sso`, single signon web app
-`shibboleth`, configures a shibboleth-authenticated nginx resource
-`uwsgi-php`, deprecated
-`uwsgi-python`, unified web app deployment role for python-based web apps
-`wahlhelfer`, setups wahlhelfer registration and scheduling web app
-`wahlsystem`, setups an election management system
-`webserver`, configures nginx
-`wordpress`, setups wordpresses via an overlayfs technology
*Note:* Some roles are still undocumented.
*Note:* Some roles are still undocumented. Some previously available roles have been merged into `uwsgi-python`.
## uwsgi-python
The idea of the role is to have only one role for all the python-based web apps. Instead of a role (and group) for every single app.
The idea of this role is to have only one role for all the python-based web apps. Instead of a role (and group) for every single app.
We distinguish between apps and instances. An app is the actual program, which can be instaciated more than once, which we call the instance.
The role iterates over the list `webapps` (in the host vars) and import app and instance specific variable files.
An app specific task snippet is imported if it configured in the variable files (see below).
The role iterates over the list `webapps` (in the host vars) and imports app and instance specific variable files.
An app specific task snippet is imported if it is configured in the variable files (see below).
We place the instance specific variable file under <inventory_dir>/vars/<instance>.yml. The app specific variable file is <role_dir>/vars/<app>.yml.
We place the instance specific variable file under `<inventory_dir>/vars/<instance>.yml`. The app specific variable file is `<role_dir>/vars/<app>.yml`.
In the latter file there should be sensible defaults for _every_ variable used within the role.
Before the app specific variable file the file `<role_dir>/vars/default.yml` is included.
This role needs the patch from this [pull-request](https://github.com/ansible/ansible/pull/39762) or ansible 2.6 or later.
...
...
@@ -54,38 +49,41 @@ This role needs the patch from this [pull-request](https://github.com/ansible/an
-`app_additional_software`: list of software, which is additionally needed by the app e.g. LaTeX. If no additional software is needed it is `[]`
-`app_deploy_key`: path to a ssh-key which is needed to get the software usaally, "{{ inventory_dir }}/files/deploy-keys/<app_name>"
-`app_deploy_key`: path to a ssh-key which is needed to get the software usually, `{{ inventory_dir }}/files/deploy-keys/<app_name>`.
-`app_secret_config`: it might be useful to have the cookie's key in seperate config (true|false)
*Note:* Due to the heterogenous nature of our supported web apps, there are additional variables available for fine tuning. See `<role_dir>/vars/default.yml` for details.
### How to create a new app
Create the following files
*`uwsgi-python/vars/<app_name>.yml`
Define the variable in it from above and the variables, you need for you config file. We recommend to define them as defaults (and as documentation)
*`uwsgi-python/templates/apps/<app_name>.j2`
That's your config template.
*`uwsgi-python/tasks/apps/<app_name>.j2`
If you need some additional tasks, you can define them in this file
Create `<role_dir>/vars/<app_name>.yml`. Define the variables from above in it and the variables that you need for you config file.
We recommend to define them as defaults (and as documentation).
If you have done this, you can create an instance of the app. Note, you have to define for every app an instance altough you only want to deploy it once.
Next, if you need to deploy a config file, create `<role_dir>/templates/apps/<app_name>.j2`. Note, that you can enable `app_secret_config` and import generated secrets from there.
If you need some additional tasks, you can define them in `uwsgi-python/tasks/apps/<app_name>.j2`.
### How to create a new app's instance
If you have done this, you can create an instance of the app. Note, that you have to define an instance for every app you use, even if you only want to deploy it once.
Create for every instance <inventory_dir>/vars/<instance_name>.yml a variable in which you can override the defaults from uwsgi-python/vars/<app_name>.yml
### How to create a new app's instance
Define in your host_vars/<host> the dictionary `webapps`
Create for every instance `<inventory_dir>/vars/<instance_name>.yml`, in which you can override the defaults from `uwsgi-python/vars/<app_name>.yml`.
Define in your `<host_vars>/<host>` the dictionary `webapps` as follows:
```
webapps:
- instance: <instancen_name>
- instance: <instance_name>
app: <app_name>
app_vars: "<instance_name>.yml" <-- path to variable file from above
app_vars: <instance_name>.yml
```
! Note, it very important, to add the handler
It is very important to add an handler to `<role_dir>/handlers/main.yml` to allow the role to restart the uwsgi instance.
