From 1a6e9e7a3575439f0dc59948c4cbd69323eb9aa4 Mon Sep 17 00:00:00 2001 From: CalvinHuynh Date: Thu, 30 May 2019 14:36:58 +0200 Subject: [PATCH] ansible now sets the file upload limit for the databaseand api --- .gitignore | 4 +++- docs/configuration_file.md | 1 + roles/db/templates/my.cnf.j2 | 1 + roles/local/tasks/check-variables.yml | 7 +++++++ roles/local/tasks/set-default-values.yml | 15 ++++++++++++++- roles/web/templates/proxy.conf.j2 | 3 ++- 6 files changed, 28 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index ffb0540..8e35c23 100644 --- a/.gitignore +++ b/.gitignore @@ -8,4 +8,6 @@ ci/variables.yml /group_vars/* /host_vars/* .vault_* -ansible.config.yml \ No newline at end of file +ansible.config.yml +ansible.cfg +hosts diff --git a/docs/configuration_file.md b/docs/configuration_file.md index d8c45d7..40b26ca 100644 --- a/docs/configuration_file.md +++ b/docs/configuration_file.md @@ -103,6 +103,7 @@ Name | Explanation | possible values/ examples jiskefet_user | sets the name of the remote user to create, default is `'jiskefet'` | remote_privileged_user | set the remote privileged user to use, default is `'root'` | deploy_environment | sets the deployment environment of PM2 | value: `'dev'`, `'staging'` or `'prod'` +file_upload_limit | sets the file upload limit for the database and API, default is `5` MB| number in MB's, e.g. `1, 2, 3, ...` use_hostname_as_remote_address | boolean to tell ansible to use the hostname, default is set to `false`. If set to `true`, ansible will overwrite the value at `ansible_remote_address` | value: `true` or `false`. **Note: if set to `true`, this variable takes precedence over `custom_ansible_remote_address`** custom_ansible_remote_address | field to set the url of the remote, default value is the result of ansible command `ansible_default_ipv4.address` and it will overwrite the value at `ansible_remote_address`| ansible_remote_address | this field is used by ansible to deploy to the remotes. The value of this fields is set by either the variable `custom_ansible_remote_address` or `use_hostname_as_remote_address`| **Note: Do not assign anything to this variable, since it will be overwritten.** diff --git a/roles/db/templates/my.cnf.j2 b/roles/db/templates/my.cnf.j2 index 5145311..60e1c08 100644 --- a/roles/db/templates/my.cnf.j2 +++ b/roles/db/templates/my.cnf.j2 @@ -3,5 +3,6 @@ [client-server] [mysqld] +max-allowed-packet = {{ database_packet_limit }} character-set-client-handshake = FALSE character-set-server = utf8mb4 \ No newline at end of file diff --git a/roles/local/tasks/check-variables.yml b/roles/local/tasks/check-variables.yml index 3e84c2d..92dfd76 100644 --- a/roles/local/tasks/check-variables.yml +++ b/roles/local/tasks/check-variables.yml @@ -19,6 +19,13 @@ that: "ansible_version.full is version_compare('2.5', '>=')" msg: "You must update Ansible to at least 2.5 to use this playbook." +- name: Checking if values are of type integer + fail: + msg: "Variable {{ item.key }} is not an integer" + with_items: + - { key: file_upload_limit, value: "{{ file_upload_limit }}"} + when: ( item.value | int) <= 0 + - name: Checking jiskefet_api_general_settings fail: msg: "Variable {{ item.key }} has not been filled in" diff --git a/roles/local/tasks/set-default-values.yml b/roles/local/tasks/set-default-values.yml index e04cb31..8c33528 100644 --- a/roles/local/tasks/set-default-values.yml +++ b/roles/local/tasks/set-default-values.yml @@ -30,6 +30,7 @@ jiskefet_user: "{{ jiskefet_user if ((jiskefet_user is defined) and (jiskefet_user | trim != '')) else 'jiskefet'}}" remote_privileged_user: "{{ remote_privileged_user if ((remote_privileged_user is defined) and (remote_privileged_user | trim != '')) else 'root'}}" deploy_environment: "{{ deploy_environment if ((deploy_environment is defined) and (deploy_environment | trim != '')) else 'prod'}}" + file_upload_limit: "{{ file_upload_limit if ((file_upload_limit is defined) and (file_upload_limit | trim != '')) else 5}}" remote_repository_url: JISKEFET_API: "{{ remote_repository_url.JISKEFET_API if ((remote_repository_url is defined) and (remote_repository_url.JISKEFET_API is defined) and (remote_repository_url.JISKEFET_API | trim != '')) else 'https://github.com/SoftwareForScience/jiskefet-api.git'}}" JISKEFET_UI: "{{ remote_repository_url.JISKEFET_UI if ((remote_repository_url is defined) and (remote_repository_url.JISKEFET_UI is defined) and (remote_repository_url.JISKEFET_UI | trim != '')) else 'https://github.com/SoftwareForScience/jiskefet-ui.git'}}" @@ -60,4 +61,16 @@ - "{{ groups.all }}" - localhost delegate_facts: true - \ No newline at end of file + + # The database_packet_limit variable is 1.5 times the size of the file_upload_limit. + # This is a work around for the 'packet too large' error when uploading packets smaller than "{{ file_upload_limit }}". +- name: Set database upload limit + set_fact: + database_packet_limit: "{{ ( file_upload_limit | int ) * 1024 * 1024 * 1.5 }}" + jiskefet_api_general_settings: + FILE_UPLOAD_LIMIT: "{{ ( file_upload_limit | int ) * 1024 * 1024 }}" + delegate_to: "{{ item }}" + with_items: + - "{{ groups.all }}" + - localhost + delegate_facts: true diff --git a/roles/web/templates/proxy.conf.j2 b/roles/web/templates/proxy.conf.j2 index 55fa1b0..39257a1 100644 --- a/roles/web/templates/proxy.conf.j2 +++ b/roles/web/templates/proxy.conf.j2 @@ -35,7 +35,7 @@ server { add_header Content-Security-Policy {{ allow_csp_payload }}; } - ## reverse proxy + ## reverse proxy location /api/ { proxy_pass http://localhost:{{ jiskefet_api_general_settings.PORT }}/; proxy_http_version 1.1; @@ -43,6 +43,7 @@ server { proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; + client_max_body_size {{ file_upload_limit }}; # Setting the file upload limit for the API } ## Media: images, icons, video, audio, HTC