source: darkpeak-services/README.md

Last change on this file was 9cef76ed, checked in by Caolan McMahon <caolan.mcmahon@…>, 16 months ago

Upgrade to Debian 10 "Buster"

  • Property mode set to 100644
File size: 4.0 KB
Line 
1# Dark Peak Services Repo
2
3Before proceeding, make sure you've cloned this repo and initialised its submodules:
4
5    git clone --recurse-submodules https://git.darkpeak.org/darkpeak/darkpeak-services.git
6    cd darkpeak-services
7
8If you didn't use `--recurse-submodules`, then you still need to initialise the git submodules:
9
10    git submodule init
11    git submodule update
12
13If you have push access to the repo then you should instead clone from `ssh://darkpeak@git.darkpeak.org/darkpeak-services.git`
14
15## Install Ansible 2.4+
16
17The geerlingguy playbooks for postgresql and mysql (in `roles/community`) use features like `include_tasks` which were introduced in Ansible 2.4. You should make sure your ansible version is >= 2.4.
18
19### Installing a newer ansible on Debian Stretch
20
21Add the following to `sources.list` (or add a new file with the
22`.list` extension to `/etc/apt/sources.list.d/`):
23
24    deb http://ftp.uk.debian.org/debian stretch-backports main
25
26Then run:
27
28    sudo apt-get update
29    sudo apt-get install -t stretch-backports ansible
30
31## Create Your Development Playbook
32
33Make a copy of the template playbook and edit it to include only those services on which you want to work:
34
35    cp dev-playbook-template.yml dev-playbook.yml
36
37Make sure the "development_mode" variable is set to "true" and the "domain_name" variable is set to the development domain "darkpeak.localhost" and you are ready to go.
38
39For some services you may also need to set "first_run" to "true", then immediately set it back to "false" after you've first provisioned the vm.
40
41## Developing With Vagrant
42
43Run the playbook:
44
45    vagrant up
46
47If using the libvirt provider, you can avoid being prompted for your password everytime by adding yourself to the appropriate group:
48
49    sudo usermod -aG libvirt $USER
50
51If you have issues with the self-signed TLS cert see the instructions in roles/tls/files/ssl/README for how to set up a new file.
52
53## Developing Without Vagrant
54
55For those that are unable to use Virtual Box due to it requiring you to disable Secure Boot, and if you cannot use libvirt as a Vagrant back-end, you can run the playbook directly at a pre-existing VM, but it needs some preparation first.
56
57Create and install a Debian VM using libvirt (at least 1Gb memory is needed):
58
59    virt-install --connect=qemu:///system --name darkpeak --arch x86_64 --vcpus 2 --memory 4096 --disk size=20 \
60      --location http://ftp.us.debian.org/debian/dists/buster/main/installer-amd64/
61
62Copy your SSH public key into the machine:
63
64    ssh darkpeak.vm mkdir .ssh
65    scp ~/.ssh/id_vms.pub darkpeak.vm:~/.ssh/authorized_keys
66    ssh darkpeak.vm chmod 600 .ssh/authorized_keys
67
68On the VM, install sudo:
69
70    apt install sudo
71
72On the VM, add your user to the sudo group:
73
74    usermod -aG sudo $USER
75
76On the VM, grant sudoers permission to run commands unprompted by a password by adding the following line to the sudoers file:
77
78    %sudo   ALL=(ALL:ALL) NOPASSWD: ALL
79
80Run the playbook:
81
82    ansible-playbook -i darkpeak.vm, dev-playbook.yml
83
84## Testing
85
86In order to test, you will need to add hostnames to your hosts file. The TLD has to match that which you used earlier when you edited your development playbook. If you set the domain name variable to "darkpeak.localhost" then add the following to your /etc/hosts file substituting your VM's IP:
87
88    192.168.33.10 darkpeak.localhost wiki.darkpeak.localhost irc.darkpeak.localhost issues.darkpeak.localhost idp.darkpeak.localhost git.darkpeak.localhost reader.darkpeak.localhost dav.darkpeak.localhost pages.darkpeak.localhost social.darkpeak.localhost
89
90## Deploying to production
91
92This ansible file will disable password-based authentication, so make
93sure you add your SSH public keys to /root/.ssh/authorized_keys before
94doing the first deployment.
95
96After the first deployment you must make sure that you set `first_run`
97to `false` in `prod-playbook.yml`.
98
99Create a `hosts` file which includes the hostname(s) to deploy to, one
100per line.
101
102You will need the vault password and an authorized SSH key in order to
103deploy.
104
105
106    ansible-playbook -i hosts --ask-vault-pass --user root prod-playbook.yml
Note: See TracBrowser for help on using the repository browser.