From 510238a65b610fd43e00310641c1e4046b898364 Mon Sep 17 00:00:00 2001 From: Christophe Benz Date: Wed, 27 Oct 2021 15:09:56 +0200 Subject: [PATCH 01/11] Allow using any country package --- ops/ansible/roles/legislation_explorer/defaults/main.yml | 5 +++-- ops/ansible/roles/legislation_explorer/tasks/main.yml | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/ops/ansible/roles/legislation_explorer/defaults/main.yml b/ops/ansible/roles/legislation_explorer/defaults/main.yml index 190c5dee..4f653256 100644 --- a/ops/ansible/roles/legislation_explorer/defaults/main.yml +++ b/ops/ansible/roles/legislation_explorer/defaults/main.yml @@ -3,6 +3,7 @@ app_host: 127.0.0.1 app_port: 8001 base_path: / changelog_url: https://github.com/openfisca/openfisca-france/blob/master/CHANGELOG.md +country_code: demo host_name: localhost ui_strings: | { @@ -26,7 +27,7 @@ matomo_url: null matomo_site_id: null # Fully managed by Ansible, you should not need to edit this unless you have a naming collision -source_dir: "/home/{{ unix_user_name }}/legislation-explorer" -systemd_service_file: /etc/systemd/system/legislation-explorer.service +source_dir: "/home/{{ unix_user_name }}/legislation-explorer-{{ country_code }}" +systemd_service_file: /etc/systemd/system/legislation-explorer-{{ country_code }}.service unix_group_name: openfisca unix_user_name: legislation-explorer diff --git a/ops/ansible/roles/legislation_explorer/tasks/main.yml b/ops/ansible/roles/legislation_explorer/tasks/main.yml index b10b48ae..20ce75d4 100644 --- a/ops/ansible/roles/legislation_explorer/tasks/main.yml +++ b/ops/ansible/roles/legislation_explorer/tasks/main.yml @@ -68,7 +68,7 @@ daemon_reload: yes enabled: yes state: restarted - name: legislation-explorer + name: "{{ systemd_service_file | basename }}" - name: Check that Legislation Explorer is actually started ansible.builtin.uri: From 295b4873edde5742d4e3176fd20d57898a66b7a1 Mon Sep 17 00:00:00 2001 From: Christophe Benz Date: Wed, 27 Oct 2021 15:10:07 +0200 Subject: [PATCH 02/11] Update default UI strings --- ops/ansible/roles/legislation_explorer/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ops/ansible/roles/legislation_explorer/defaults/main.yml b/ops/ansible/roles/legislation_explorer/defaults/main.yml index 4f653256..326e52cf 100644 --- a/ops/ansible/roles/legislation_explorer/defaults/main.yml +++ b/ops/ansible/roles/legislation_explorer/defaults/main.yml @@ -8,9 +8,9 @@ host_name: localhost ui_strings: | { "en": - { "countryName": "France", "search_placeholder": "smic, salaire net" }, + { "countryName": "Demo", "search_placeholder": "salary, disposable income" }, "fr": - { "countryName": "France", "search_placeholder": "smic, salaire net" } + { "countryName": "Demo", "search_placeholder": "salary, disposable income" } } repo_url: https://github.com/openfisca/legislation-explorer.git From 037907bf0fec0d2d3cf757b28f2c19dd64845bb9 Mon Sep 17 00:00:00 2001 From: Christophe Benz Date: Wed, 27 Oct 2021 15:10:20 +0200 Subject: [PATCH 03/11] Add variables related to the country to France inventory --- ops/ansible/inventories/legislation.fr.openfisca.org.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/ops/ansible/inventories/legislation.fr.openfisca.org.yml b/ops/ansible/inventories/legislation.fr.openfisca.org.yml index dad62c77..4c95471f 100644 --- a/ops/ansible/inventories/legislation.fr.openfisca.org.yml +++ b/ops/ansible/inventories/legislation.fr.openfisca.org.yml @@ -7,6 +7,14 @@ all: app_port: 8100 api_url: https://api.fr.openfisca.org/latest + country_code: fr + ui_strings: | + { + "en": + { "countryName": "France", "search_placeholder": "smic, salaire net" }, + "fr": + { "countryName": "France", "search_placeholder": "smic, salaire net" } + } letsencrypt_email: contact@openfisca.org letsencrypt_environment: production From 5bcd3cdfd2e5ca5ec40be88c90d11550efb8980b Mon Sep 17 00:00:00 2001 From: Christophe Benz Date: Wed, 27 Oct 2021 15:10:27 +0200 Subject: [PATCH 04/11] Add inventory for demo instance --- .../legislation.demo.openfisca.org.yml | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 ops/ansible/inventories/legislation.demo.openfisca.org.yml diff --git a/ops/ansible/inventories/legislation.demo.openfisca.org.yml b/ops/ansible/inventories/legislation.demo.openfisca.org.yml new file mode 100644 index 00000000..b5050809 --- /dev/null +++ b/ops/ansible/inventories/legislation.demo.openfisca.org.yml @@ -0,0 +1,23 @@ +all: + hosts: + vps-60ea1664.openfisca.org: + ansible_user: root + + host_name: legislation.demo.openfisca.org + port: 8101 + + api_url: https://api.demo.openfisca.org/latest + country_code: demo + ui_strings: | + { + "en": + { "countryName": "Demo", "search_placeholder": "salary, disposable income" }, + "fr": + { "countryName": "Demo", "search_placeholder": "salary, disposable income" } + } + + letsencrypt_email: contact@openfisca.org + letsencrypt_environment: production + + matomo_url: https://stats.data.gouv.fr/piwik.php + matomo_site_id: 4 From 8c329181f00e56b33c9cad55ff0d95bc67acf7cf Mon Sep 17 00:00:00 2001 From: Christophe Benz Date: Fri, 29 Oct 2021 01:06:24 +0200 Subject: [PATCH 05/11] Simplify task: do not use debug --- .../roles/legislation_explorer/tasks/main.yml | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/ops/ansible/roles/legislation_explorer/tasks/main.yml b/ops/ansible/roles/legislation_explorer/tasks/main.yml index 20ce75d4..821114dc 100644 --- a/ops/ansible/roles/legislation_explorer/tasks/main.yml +++ b/ops/ansible/roles/legislation_explorer/tasks/main.yml @@ -105,16 +105,10 @@ state: present update_cache: no - - name: Handle staging environment + - name: Use Let's Encrypt staging environment when: letsencrypt_environment == "staging" - block: - - name: Display message when staging environment is used - ansible.builtin.debug: - msg: Let's Encrypt staging environment will be used - - - name: Define certbot --staging option - ansible.builtin.set_fact: - certbot_staging_option: "--staging" + ansible.builtin.set_fact: + certbot_staging_option: "--staging" - name: Reinstall or renew an SSL certificate from Let's Encrypt using the certbot client ansible.builtin.command: > From fcffc950959c4925e8fcfb1dadf3a0a5a0e03884 Mon Sep 17 00:00:00 2001 From: Christophe Benz Date: Fri, 29 Oct 2021 15:51:16 +0200 Subject: [PATCH 06/11] Rename `port` to `app_port` --- ops/ansible/inventories/legislation.demo.openfisca.org.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/ops/ansible/inventories/legislation.demo.openfisca.org.yml b/ops/ansible/inventories/legislation.demo.openfisca.org.yml index b5050809..08a1c758 100644 --- a/ops/ansible/inventories/legislation.demo.openfisca.org.yml +++ b/ops/ansible/inventories/legislation.demo.openfisca.org.yml @@ -4,9 +4,8 @@ all: ansible_user: root host_name: legislation.demo.openfisca.org - port: 8101 - api_url: https://api.demo.openfisca.org/latest + app_port: 8101 country_code: demo ui_strings: | { From 7db9156efc60a494a9c88f91f783e06054e07d3a Mon Sep 17 00:00:00 2001 From: Christophe Benz Date: Fri, 29 Oct 2021 15:51:39 +0200 Subject: [PATCH 07/11] Reorder variables --- .../inventories/legislation.demo.openfisca.org.yml | 12 ++++++++---- .../inventories/legislation.fr.openfisca.org.yml | 13 ++++++++----- .../roles/legislation_explorer/defaults/main.yml | 7 ++++--- 3 files changed, 20 insertions(+), 12 deletions(-) diff --git a/ops/ansible/inventories/legislation.demo.openfisca.org.yml b/ops/ansible/inventories/legislation.demo.openfisca.org.yml index 08a1c758..bde4e1c9 100644 --- a/ops/ansible/inventories/legislation.demo.openfisca.org.yml +++ b/ops/ansible/inventories/legislation.demo.openfisca.org.yml @@ -3,9 +3,9 @@ all: vps-60ea1664.openfisca.org: ansible_user: root - host_name: legislation.demo.openfisca.org api_url: https://api.demo.openfisca.org/latest app_port: 8101 + country_code: demo ui_strings: | { @@ -15,8 +15,12 @@ all: { "countryName": "Demo", "search_placeholder": "salary, disposable income" } } - letsencrypt_email: contact@openfisca.org - letsencrypt_environment: production - matomo_url: https://stats.data.gouv.fr/piwik.php matomo_site_id: 4 + + # Reverse proxy + + host_name: legislation.demo.openfisca.org + + letsencrypt_email: contact@openfisca.org + letsencrypt_environment: production diff --git a/ops/ansible/inventories/legislation.fr.openfisca.org.yml b/ops/ansible/inventories/legislation.fr.openfisca.org.yml index 4c95471f..28060788 100644 --- a/ops/ansible/inventories/legislation.fr.openfisca.org.yml +++ b/ops/ansible/inventories/legislation.fr.openfisca.org.yml @@ -3,10 +3,9 @@ all: vps-60ea1664.openfisca.org: ansible_user: root - host_name: legislation.fr.openfisca.org + api_url: https://api.fr.openfisca.org/latest app_port: 8100 - api_url: https://api.fr.openfisca.org/latest country_code: fr ui_strings: | { @@ -16,8 +15,12 @@ all: { "countryName": "France", "search_placeholder": "smic, salaire net" } } - letsencrypt_email: contact@openfisca.org - letsencrypt_environment: production - matomo_url: https://stats.data.gouv.fr/piwik.php matomo_site_id: 4 + + # Reverse proxy + + host_name: legislation.fr.openfisca.org + + letsencrypt_email: contact@openfisca.org + letsencrypt_environment: production diff --git a/ops/ansible/roles/legislation_explorer/defaults/main.yml b/ops/ansible/roles/legislation_explorer/defaults/main.yml index 326e52cf..bbc537e0 100644 --- a/ops/ansible/roles/legislation_explorer/defaults/main.yml +++ b/ops/ansible/roles/legislation_explorer/defaults/main.yml @@ -1,10 +1,7 @@ api_url: http://localhost:8000 app_host: 127.0.0.1 app_port: 8001 -base_path: / changelog_url: https://github.com/openfisca/openfisca-france/blob/master/CHANGELOG.md -country_code: demo -host_name: localhost ui_strings: | { "en": @@ -16,6 +13,10 @@ ui_strings: | repo_url: https://github.com/openfisca/legislation-explorer.git branch: master +# Reverse proxy +host_name: localhost +base_path: / + # Optional: SSL certificate # An SSL certificate is issued from Let's Encrypt if `letsencrypt_email` is defined. letsencrypt_email: null From f852151b3a7a32c9145712994cb4bfc6529fd502 Mon Sep 17 00:00:00 2001 From: Christophe Benz Date: Fri, 29 Oct 2021 15:52:03 +0200 Subject: [PATCH 08/11] Simplify variables customization --- .../roles/legislation_explorer/defaults/main.yml | 4 ++-- .../roles/legislation_explorer/tasks/main.yml | 16 ++++++++++------ .../systemd/legislation-explorer.service.j2 | 2 +- 3 files changed, 13 insertions(+), 9 deletions(-) diff --git a/ops/ansible/roles/legislation_explorer/defaults/main.yml b/ops/ansible/roles/legislation_explorer/defaults/main.yml index bbc537e0..8a731e69 100644 --- a/ops/ansible/roles/legislation_explorer/defaults/main.yml +++ b/ops/ansible/roles/legislation_explorer/defaults/main.yml @@ -28,7 +28,7 @@ matomo_url: null matomo_site_id: null # Fully managed by Ansible, you should not need to edit this unless you have a naming collision -source_dir: "/home/{{ unix_user_name }}/legislation-explorer-{{ country_code }}" -systemd_service_file: /etc/systemd/system/legislation-explorer-{{ country_code }}.service +source_dir: "legislation-explorer" # relative to the home directory +systemd_service_file_name: legislation-explorer.service unix_group_name: openfisca unix_user_name: legislation-explorer diff --git a/ops/ansible/roles/legislation_explorer/tasks/main.yml b/ops/ansible/roles/legislation_explorer/tasks/main.yml index 821114dc..633c1647 100644 --- a/ops/ansible/roles/legislation_explorer/tasks/main.yml +++ b/ops/ansible/roles/legislation_explorer/tasks/main.yml @@ -30,45 +30,49 @@ shell: /bin/bash register: unix_user +- name: Define the path of the source directory + ansible.builtin.set_fact: + source_dir_path: "{{ unix_user.home }}/{{ source_dir }}" + - name: Clone the Git repository of Legislation Explorer ansible.builtin.git: # Discard any local changes otherwise the task will fail. # Sometimes the package-lock.json is modified due to changes in its structure. force: yes repo: "{{ repo_url }}" - dest: "{{ source_dir }}" + dest: "{{ source_dir_path }}" version: "{{ branch }}" become_user: "{{ unix_user_name }}" - name: Install npm dependencies ansible.builtin.npm: - path: "{{ source_dir }}" + path: "{{ source_dir_path }}" production: yes state: present - name: Copy the environment file for Legislation Explorer ansible.builtin.template: src: systemd/legislation-explorer.env.j2 - dest: "{{ source_dir }}/.env" + dest: "{{ source_dir_path }}/.env" - name: Build the application ansible.builtin.command: npm run build args: - chdir: "{{ source_dir }}" + chdir: "{{ source_dir_path }}" - name: Set up the systemd service block: - name: Copy the systemd service file ansible.builtin.template: src: systemd/legislation-explorer.service.j2 - dest: "{{ systemd_service_file }}" + dest: "/etc/systemd/system/{{ systemd_service_file_name }}" - name: Enable and start the systemd service ansible.builtin.systemd: daemon_reload: yes enabled: yes state: restarted - name: "{{ systemd_service_file | basename }}" + name: "{{ systemd_service_file_name }}" - name: Check that Legislation Explorer is actually started ansible.builtin.uri: diff --git a/ops/ansible/roles/legislation_explorer/templates/systemd/legislation-explorer.service.j2 b/ops/ansible/roles/legislation_explorer/templates/systemd/legislation-explorer.service.j2 index 67004995..80d695ad 100644 --- a/ops/ansible/roles/legislation_explorer/templates/systemd/legislation-explorer.service.j2 +++ b/ops/ansible/roles/legislation_explorer/templates/systemd/legislation-explorer.service.j2 @@ -3,7 +3,7 @@ Description=OpenFisca Legislation Explorer [Service] ExecStart=/usr/bin/npm start -WorkingDirectory={{ source_dir | quote }} +WorkingDirectory={{ source_dir_path | quote }} User={{ unix_user_name }} Group={{ unix_group_name }} From eaf72ce1c8935c323a0da9815f1d5738e7ccd1b8 Mon Sep 17 00:00:00 2001 From: Christophe Benz Date: Fri, 29 Oct 2021 17:51:28 +0200 Subject: [PATCH 09/11] Remove unnecessary quotes --- ops/ansible/roles/legislation_explorer/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ops/ansible/roles/legislation_explorer/defaults/main.yml b/ops/ansible/roles/legislation_explorer/defaults/main.yml index 8a731e69..f23d5eae 100644 --- a/ops/ansible/roles/legislation_explorer/defaults/main.yml +++ b/ops/ansible/roles/legislation_explorer/defaults/main.yml @@ -28,7 +28,7 @@ matomo_url: null matomo_site_id: null # Fully managed by Ansible, you should not need to edit this unless you have a naming collision -source_dir: "legislation-explorer" # relative to the home directory +source_dir: legislation-explorer # relative to the home directory systemd_service_file_name: legislation-explorer.service unix_group_name: openfisca unix_user_name: legislation-explorer From 8291612418019e137de4b06280bcb6a8b9c1a50b Mon Sep 17 00:00:00 2001 From: Christophe Benz Date: Fri, 29 Oct 2021 17:51:35 +0200 Subject: [PATCH 10/11] Remove unused variable --- ops/ansible/inventories/legislation.demo.openfisca.org.yml | 1 - ops/ansible/inventories/legislation.fr.openfisca.org.yml | 1 - 2 files changed, 2 deletions(-) diff --git a/ops/ansible/inventories/legislation.demo.openfisca.org.yml b/ops/ansible/inventories/legislation.demo.openfisca.org.yml index bde4e1c9..2bb6d639 100644 --- a/ops/ansible/inventories/legislation.demo.openfisca.org.yml +++ b/ops/ansible/inventories/legislation.demo.openfisca.org.yml @@ -6,7 +6,6 @@ all: api_url: https://api.demo.openfisca.org/latest app_port: 8101 - country_code: demo ui_strings: | { "en": diff --git a/ops/ansible/inventories/legislation.fr.openfisca.org.yml b/ops/ansible/inventories/legislation.fr.openfisca.org.yml index 28060788..06a8dab1 100644 --- a/ops/ansible/inventories/legislation.fr.openfisca.org.yml +++ b/ops/ansible/inventories/legislation.fr.openfisca.org.yml @@ -6,7 +6,6 @@ all: api_url: https://api.fr.openfisca.org/latest app_port: 8100 - country_code: fr ui_strings: | { "en": From 4adb62e8dc9042229aabe4e842cb9c4abe59ef3a Mon Sep 17 00:00:00 2001 From: Christophe Benz Date: Fri, 29 Oct 2021 17:52:05 +0200 Subject: [PATCH 11/11] Allow many instances to co-exist on a server --- ops/ansible/inventories/legislation.demo.openfisca.org.yml | 3 +++ ops/ansible/inventories/legislation.fr.openfisca.org.yml | 3 +++ 2 files changed, 6 insertions(+) diff --git a/ops/ansible/inventories/legislation.demo.openfisca.org.yml b/ops/ansible/inventories/legislation.demo.openfisca.org.yml index 2bb6d639..3d036da2 100644 --- a/ops/ansible/inventories/legislation.demo.openfisca.org.yml +++ b/ops/ansible/inventories/legislation.demo.openfisca.org.yml @@ -17,6 +17,9 @@ all: matomo_url: https://stats.data.gouv.fr/piwik.php matomo_site_id: 4 + source_dir: legislation-explorer-demo # relative to the home directory + systemd_service_file_name: legislation-explorer-demo.service + # Reverse proxy host_name: legislation.demo.openfisca.org diff --git a/ops/ansible/inventories/legislation.fr.openfisca.org.yml b/ops/ansible/inventories/legislation.fr.openfisca.org.yml index 06a8dab1..02f81f64 100644 --- a/ops/ansible/inventories/legislation.fr.openfisca.org.yml +++ b/ops/ansible/inventories/legislation.fr.openfisca.org.yml @@ -17,6 +17,9 @@ all: matomo_url: https://stats.data.gouv.fr/piwik.php matomo_site_id: 4 + source_dir: legislation-explorer-fr # relative to the home directory + systemd_service_file_name: legislation-explorer-fr.service + # Reverse proxy host_name: legislation.fr.openfisca.org