Skip to content

le-phare/ansible-deploy

Repository files navigation

lephare.ansible-deploy

Common deploy tasks for projects made at Le Phare.

Dependencies

Support matrix

  • lephare/ansible:2.0.0 - Ansible 2.17 - Python 3.7 - 3.12 (Target node)
  • lephare/ansible:1.12.3 - Ansible 2.15.4 - Python 2.7 or Python 3.5 - 3.11 (Target node)

See Ansible core support matrix

Documentation

Role Variables

The defaults vars declared in this module:

lephare_default_git_branch: master

lephare_document_root_path: "{{ ansistrano_deploy_to }}/current/web"

lephare_assets_publish: true
lephare_assets_publish_rsync_opts: []
lephare_assets_build_path: "../web/compiled/"
lephare_assets_web_path: "compiled/"

lephare_cachetool_adapter: web
lephare_cachetool_fastcgi: '127.0.0.1:9000'
lephare_cachetool_enable: true
lephare_cachetool_path: "{{ ansistrano_deploy_to }}/cachetool.phar"
lephare_cachetool_self_update: true
lephare_cachetool_stat_clear: true
lephare_cachetool_opcache_reset: true
lephare_cachetool_apcu_clear: true
lephare_cachetool_scheme: https

lephare_composer_home: '~/.config/composer'

lephare_gitlab_token: ""

lephare_packagist_com_token: ""

lephare_rollbar_notify: true
lephare_rollbar_environment: production

lephare_sentry_notify: false
lephare_sentry_organization: le-phare
lephare_sentry_environment: production

lephare_slack_notify: false
lephare_slack_notify_username: Hubert
lephare_slack_notify_channel: "#general"

lephare_crontab_install: false
lephare_crontab_uninstall: false
lephare_crontab_path: "{{ ansistrano_release_path.stdout }}/app/Resources/crontab"

lephare_prevent_robots_indexation: false

lephare_http_basic_secure: false
lephare_http_basic_whitelist_referer: []
lephare_http_basic_whitelist_ip: []

lephare_run_assetic_dump: false
lephare_run_assets_install: true
lephare_run_cache_clear_and_warmup: true
lephare_run_doctrine_migrations: true
lephare_console_path: bin/console

lephare_cloudfront_invalidate: false
lephare_cloudfront_path: [ '/*' ]

lephare_install_adminer: false
lephare_install_adminer_filename: "adminer.php"
lephare_install_adminer_path: "{{ lephare_document_root_path }}"

lephare_permission_set: false
lephare_permission_paths: [ "{{ ansistrano_release_path.stdout }}/var/cache", "{{ ansistrano_shared_path }}/var/logs" ]
lephare_permission_users: [ "www-data", "{{ ansible_user }}" ]

lephare_remove_files: false
lephare_remove_files_paths: []

Additionally, this module change some defaults vars from cbrunnkvist.ansistrano-symfony-deploy and ansistrano.deploy

ansistrano_after_symlink_tasks_file: "../../lephare.ansible-deploy/config/after_symlink.yml"
ansistrano_before_symlink_tasks_file: "../../lephare.ansible-deploy/config/before_symlink.yml"
ansistrano_git_branch: "{{ lookup('env','CI_BUILD_REF') | default(lephare_default_git_branch, true) }}"
ansistrano_deploy_via: git
ansistrano_allow_anonymous_stats: no
ansistrano_keep_releases: 3

symfony_run_assetic_dump: "{{ lephare_run_assetic_dump }}"
symfony_run_assets_install: "{{ lephare_run_assets_install }}"
symfony_run_cache_clear_and_warmup: "{{ lephare_run_cache_clear_and_warmup }}"
symfony_run_doctrine_migrations: "{{ lephare_run_doctrine_migrations }}"
symfony_console_path: "{{ lephare_console_path }}"

Example Playbook

---
- name: Deploy app
  hosts: app
  roles:
    - lephare.ansible-deploy
  vars:
    lephare_rollbar_token: <token>
    ansistrano_git_repo: [email protected]:foo/bar.git
    ansistrano_shared_paths:
      - var/logs
      - var/sessions
      - var/http_cache
    ansistrano_shared_files:
      - app/config/parameters.yml

Optional tasks

Dump database before composer

NB: Only works with postgres installed on the app node

Backup la base de données de la version courante lors du déploiement. Un fichier portant le nom de la base de données est placer dans la release courante.

Enable task:

lephare_dump_database: true

Set vars:

app_database_name: "{{ db_pull_remote_database_name }}" # required
app_database_login_host:  "locahost" # optional
app_database_user: "{{ db_pull_remote_database_user }}" # required
app_database_password: "{{ db_pull_remote_database_password }}" # required
app_database_login_port: 5432 # optional, default 5432

Use with docker

We use a docker image lephare/ansible to deploy our projects.

docker run -it --rm \
    -v $(shell pwd):/app
    -v $(SSH_AUTH_SOCK):/ssh-agent \
    -v $(HOME)/.ssh:/home/ansible/.ssh:ro \
    -e SSH_AUTH_SOCK=/ssh-agent \
    lephare/ansible \
    ansible-playbook \
    -i ansible/production/hosts \
    ansible/deploy.yml

Contribute

Clone or fork the repository and make your change in a branch (below is an example for a "fastcgi" branch).

You can test your modification by building your own docker image:

$ cd docker
$ docker build -f Dockerfile.dev .. -t lephare/ansible:fastcgi --no-cache

License

MIT