From d2360fde25ff9a736a52496c1b3d1fb897bfcc59 Mon Sep 17 00:00:00 2001 From: shmyga Date: Thu, 29 Mar 2018 17:13:31 +0300 Subject: [PATCH] [ansible] update tasks --- ansible/ansible.cfg | 2 ++ ansible/roles/deploy/tasks/clean.yml | 13 +++++++++++++ ansible/roles/deploy/tasks/main.yml | 10 ++++++---- ansible/roles/setup/tasks/service.yml | 14 ++++++++++++-- ansible/roles/setup/vars/main.yml | 1 + 5 files changed, 34 insertions(+), 6 deletions(-) create mode 100644 ansible/roles/deploy/tasks/clean.yml diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg index c446be2..7f98775 100644 --- a/ansible/ansible.cfg +++ b/ansible/ansible.cfg @@ -1,6 +1,8 @@ [defaults] hash_behaviour = merge host_key_checking = False +callback_whitelist = profile_tasks [ssh_connection] +pipelining = True ssh_args = -o ForwardAgent=yes \ No newline at end of file diff --git a/ansible/roles/deploy/tasks/clean.yml b/ansible/roles/deploy/tasks/clean.yml new file mode 100644 index 0000000..5f2a8e1 --- /dev/null +++ b/ansible/roles/deploy/tasks/clean.yml @@ -0,0 +1,13 @@ + +- name: Find old releases + find: + paths: "{{ project_dir }}/releases" + recurse: no + file_type: directory + register: releases + +- name: Delete old releases + file: + path: "{{ item.path }}" + state: absent + with_items: "{{ (releases.files | sort(attribute='path'))[0:-5] }}" diff --git a/ansible/roles/deploy/tasks/main.yml b/ansible/roles/deploy/tasks/main.yml index 77fa9d7..9936877 100644 --- a/ansible/roles/deploy/tasks/main.yml +++ b/ansible/roles/deploy/tasks/main.yml @@ -18,7 +18,9 @@ dest: "{{ project_dir }}/current" state: link -#- name: "restart {{ project_name }} service" -# systemd: -# state: restarted -# name: "{{ project_name }}" +- name: Restart {{ project_name }} service + command: "sudo /bin/systemctl restart tankz" + args: + warn: no + +- import_tasks: clean.yml \ No newline at end of file diff --git a/ansible/roles/setup/tasks/service.yml b/ansible/roles/setup/tasks/service.yml index 3a62b2c..e32686f 100644 --- a/ansible/roles/setup/tasks/service.yml +++ b/ansible/roles/setup/tasks/service.yml @@ -1,10 +1,20 @@ -- name: "install {{ service_name }} systemd unit file" +- name: "Install {{ service_name }} systemd unit file" template: src: "template/service.j2" dest: "/etc/systemd/system/{{ service_name }}.service" -- name: "start {{ service_name }} service" +- name: "Start {{ service_name }} service" systemd: + enabled: yes state: started name: "{{ service_name }}" daemon_reload: yes + +- name: "Add sudoers record for {{ service_name }} service" + lineinfile: + path: /etc/sudoers.d/{{ service_name }} + state: present + create: yes + regexp: "^{{ service_control_user }} ALL=" + line: "{{ service_control_user }} ALL= NOPASSWD: /bin/systemctl * {{ service_name }}" + validate: "/usr/sbin/visudo -cf %s" diff --git a/ansible/roles/setup/vars/main.yml b/ansible/roles/setup/vars/main.yml index a0cf180..abe317c 100644 --- a/ansible/roles/setup/vars/main.yml +++ b/ansible/roles/setup/vars/main.yml @@ -7,3 +7,4 @@ service_description: "{{ project_smartname }} server" service_work_dir: "{{ project_dir }}/current/target" service_command: "/usr/bin/neko {{ project_dir }}/current/target/{{ project_name }}.n {{ service_host }}" service_user: www-data +service_control_user: holop \ No newline at end of file