Skip to content
Snippets Groups Projects
Commit 43f7bfe9 authored by McConahy, Renee Margaret's avatar McConahy, Renee Margaret
Browse files

Add materials for production deployment.

parent 6aa80675
No related branches found
No related tags found
No related merge requests found
/.vagrant/
/production_secrets.yml
[defaults]
interpreter_python = auto
inventory = hosts.yml
any_errors_fatal = true
nocows = 1
stdout_callback = yaml
#!/usr/bin/env bash
#<
# Usage:
# generate-production-secrets [-f]
#
# Options:
# -f Overwrite.
#>
genkey() {
local s=$(tr -dc a-z </dev/urandom | head -c 14)
[[ $s =~ ^[a-z]{14}$ ]] && printf "%s\\n" "$s"
}
fail() {
printf "%s\\n" "$1" >&2
exit 1
}
set -u
target=$(dirname -- "$0")/../production_secrets.yml
force=0
while getopts fh opt; do
case $opt in
f) force=1 ;;
h|*)
sed -ne '/^#</,/^#>/ { /^#\(<\|>\)/d; s/^# \?//; p; }' -- "$0"
[[ $opt == "?" ]] && exit 1
exit 0 ;;
esac
done
shift $((OPTIND - 1))
(($#)) && exit 1
[[ -e $target && $force -eq 0 ]] && fail "Refusing to overwrite."
for i in 0 1; do
keys[$i]=$(genkey) || fail "Error generating keys."
done
sed 's/^ \{4\}//' <<YML >"$target"
---
lockss_db_password: ${keys[0]}
lockss_ui_password: ${keys[1]}
YML
---
lockss:
hosts:
lockssmich19:
/__pycache__/
# Source: <https://stackoverflow.com/a/32324513/3716479> with modifications.
import ansible.errors as errors
from ansible.plugins.lookup import LookupBase
import socket
class LookupModule(LookupBase):
def run(self, terms, variables=None, **kwargs):
if len(terms) != 1 or not isinstance(terms[0], str):
raise errors.AnsibleError("bad invocation")
return [socket.gethostbyname(terms[0])]
---
- hosts: lockss
become: true
vars:
lockss_data_dir: /var/lib/lockss
lockss_uid: 995
lockss_gid: 995
external_ip: "{{ lookup('ip', ansible_host) }}"
lockss_hostname: "{{ ansible_host }}"
lockss_ipaddr: "{{ external_ip }}"
lockss_external_ipaddr: "{{ external_ip }}"
lockss_network_ips:
- 35.8.220.0/22
lockss_admin_ips:
- 35.8.220.0/22
lockss_admin_email: nepeta@msu.edu
lockss_props_url: "http://lib-lockss-con-pilot.library.wmich.edu:8001\
/locksscon/lockss.xml"
vars_files:
- production_secrets.yml
roles:
- lockss
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment