82b1f5a5e6
Enough code to install skyline-apiserver and make a non functional dashboard viewable in a browser. Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/841154 NOTE: Only works in an AIO Only works with LXC deployment Manually copy files/skyline_env_d.yml and files/skyline_conf.d to the proper directories in /etc/openstack_deploy to add skyline to the inventory. Boostrap / create containers, run whole openstack deployment. Copy files/os-skyline-install.yml to /opt/openstack-ansible/playbooks Run openstack-ansible playbooks/os-skyline-install.yml Manually adjust haproxy config so that the skyline container is the backend for the dashboard, just hack horizon-back config, reload haproxy config with systemctl. The apache config this ansible role installs is not working. Attach to the skyline container, then: * Stop the apache service * Install nginx with apt * Copy files/nginx.conf to /etc/nginx/nginx.conf * Restart nginx Should be possible to visit the dashboard now. TODO: Figure out a working apache reverse proxy config or better.... Figure out how to do the same reverse proxying at haproxy Work out what all the skyline.conf fields are about (where are the docs?) Figure out why the nginx config generator binary in the skyline venv has broken python imports (markupsafe/jinja2) - Do we need a newer version of pip to install this all properly? Why are certain parts of the dashboard broken with "not authorised to..." Make the npm install parts idempotent, check we are using native ansible modules where possible.
83 lines
2.5 KiB
YAML
83 lines
2.5 KiB
YAML
---
|
|
# Copyright 2022, BBC R&D
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Enable apache2 modules
|
|
apache2_module:
|
|
name: "{{ item.name }}"
|
|
state: "{{ item.state }}"
|
|
identifier: "{{ item.identifier | default(omit) }}"
|
|
ignore_configcheck: yes
|
|
with_items:
|
|
- "{{ skyline_apache_modules }}"
|
|
when:
|
|
- ansible_facts['pkg_mgr'] == 'apt'
|
|
notify: Restart apache2
|
|
|
|
- name: Drop apache2 configs
|
|
template:
|
|
src: "{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
owner: "{{ item.owner | default(skyline_system_user_name) }}"
|
|
group: "{{ item.group | default(skyline_system_group_name) }}"
|
|
with_items: "{{ skyline_apache_configs }}"
|
|
notify: Restart apache2
|
|
|
|
- name: Disable default apache site
|
|
file:
|
|
path: "{{ item }}"
|
|
state: "absent"
|
|
with_items: "{{ skyline_apache_default_sites }}"
|
|
notify: Restart apache2
|
|
|
|
- name: Enable Horizon Site
|
|
file:
|
|
src: "{{ skyline_apache_site_available }}"
|
|
dest: "{{ skyline_apache_site_enabled }}"
|
|
state: "link"
|
|
when:
|
|
- skyline_apache_site_available is defined
|
|
- skyline_apache_site_enabled is defined
|
|
notify: Restart apache2
|
|
|
|
- name: Ensure Apache ServerName
|
|
lineinfile:
|
|
dest: "{{ skyline_apache_conf }}"
|
|
line: "ServerName {{ skyline_server_name }}"
|
|
notify: Restart apache2
|
|
|
|
- name: Ensure Apache ServerTokens
|
|
lineinfile:
|
|
dest: "{{ skyline_apache_security_conf }}"
|
|
regexp: '^ServerTokens'
|
|
line: "ServerTokens {{ skyline_apache_servertokens }}"
|
|
notify: Restart apache2
|
|
|
|
- name: Ensure Apache ServerSignature
|
|
lineinfile:
|
|
dest: "{{ skyline_apache_security_conf }}"
|
|
regexp: '^ServerSignature'
|
|
line: "ServerSignature {{ skyline_apache_serversignature }}"
|
|
notify: Restart apache2
|
|
|
|
# Removing the Listen (or listen.conf inclusion) from apache config to prevent
|
|
# conflicts with ports.conf on CentOS and openSUSE
|
|
- name: Remove Listen from Apache config
|
|
lineinfile:
|
|
dest: "{{ skyline_apache_security_conf }}"
|
|
regexp: '^(Listen.*)'
|
|
backrefs: yes
|
|
line: '#\1'
|
|
notify: Restart apache2
|