Opened 3 years ago

Last modified 11 months ago

#17 new enhancement

General ansible script organisation issues

Reported by: mbooth Owned by: somebody
Priority: major Milestone: Ansible Migration Leftovers
Component: infrastructure Keywords: hackday
Cc:

Description

These points are taken from TODO file in the repo -- if they are still valid, we should consider fixing them or if needed, breaking them out into their own tickets:

  • Create users and groups as part of each web service's role rather than having php-fpm role create them indirectly.
  • Shorten the merry dance of simlinks involved in the location of mediawiki's LocalSettings?.php file (which involves allowing the execution of php code in several directories that might otherwise be sensible to keep out of php-fpm's path, like /etc/mediawiki)
  • Have each role create its own webroot directory, or at least pass owner, group and mode as variables to the nginx role's "configure-nginx-website.yml" playbook. This would avoid having to fix webroot permissions for roles that use php-fpm(e.g. ttrss, mediawiki).
    • Some roles that require nginx (git/znc/ipsilon) require no webroot directory because they simply use nginx to proxy requests to other processes, so it may be better to have the roles that need one create them

Change History (5)

comment:1 Changed 2 years ago by mbooth

Component: miscinfrastructure

comment:2 Changed 2 years ago by mbooth

Obviously, we since switched to apache from nginx due to superior SSO support using mod_mellon, so s/nginx/apache/ in the above.

comment:3 Changed 2 years ago by ejs

Milestone: The Hand Wavy FutureModernisation

comment:4 Changed 2 years ago by ejs

Milestone: ModernisationAnsible Migration Leftovers

comment:5 Changed 11 months ago by mbooth

Keywords: hackday added
Note: See TracTickets for help on using tickets.