Let your project's plumbing up to date.
See Installation
See Contributing
manala / manala-recipes Goto Github PK
View Code? Open in Web Editor NEWManala recipes
Home Page: https://manala.github.io/manala-recipes
manala-recipes's Introduction
manala-recipes's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
manala-recipes's Issues
[Elao - App] Better ansible cache plugin handling
Use json
- By user or global in docker ?
- On
/tmpon vagrant ?
[Elao - App] Issue with Redis server configuration
Hey :)
Since manala/ansible-roles#548 I'm trying your new skeleton (manala and manala-recipes) but I'm facing an issue when installing or configuring Redis.
I selected redis: * when running the recipe, and this is what happens when running VERBOSE=true DIFF=true make setup (full logs here):
TASK [manala.roles.redis : install > Packages] *********************************
task path: /home/vagrant/.ansible/collections/ansible_collections/manala/roles/roles/redis/tasks/install.yml:3
ok: [development] => {
"cache_update_time": 1616832579,
"cache_updated": false,
"changed": false,
"invocation": {
"module_args": {
"allow_unauthenticated": false,
"autoclean": false,
"autoremove": false,
"cache_valid_time": 3600,
"deb": null,
"default_release": null,
"dpkg_options": "force-confdef,force-confold",
"force": false,
"force_apt_get": false,
"install_recommends": false,
"name": [
"redis-server"
],
"only_upgrade": false,
"package": [
"redis-server"
],
"policy_rc_d": null,
"purge": false,
"state": "present",
"update_cache": true,
"upgrade": null
}
}
}
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/commands/command.py
Pipelining is enabled.
<development> ESTABLISH LOCAL CONNECTION FOR USER: vagrant
<development> EXEC /bin/sh -c 'sudo -H -S -n -u root /bin/sh -c '"'"'echo BECOME-SUCCESS-rhvcjwuaqajrpnnkvkoszccxfvlfbsxj ; /usr/bin/python3'"'"' && sleep 0'
TASK [manala.roles.redis : install > Version] **********************************
task path: /home/vagrant/.ansible/collections/ansible_collections/manala/roles/roles/redis/tasks/install.yml:11
ok: [development] => {
"changed": false,
"cmd": [
"redis-server",
"--version"
],
"delta": "0:00:00.003139",
"end": "2021-03-27 08:19:40.213918",
"invocation": {
"module_args": {
"_raw_params": "redis-server --version",
"_uses_shell": false,
"argv": null,
"chdir": null,
"creates": null,
"executable": null,
"removes": null,
"stdin": null,
"stdin_add_newline": true,
"strip_empty_ends": true,
"warn": true
}
},
"rc": 0,
"start": "2021-03-27 08:19:40.210779",
"stderr": "",
"stderr_lines": [],
"stdout": "Redis server v=5.0.3 sha=00000000:0 malloc=jemalloc-5.1.0 bits=64 build=1b271fe49834c463",
"stdout_lines": [
"Redis server v=5.0.3 sha=00000000:0 malloc=jemalloc-5.1.0 bits=64 build=1b271fe49834c463"
]
}
TASK [manala.roles.redis : install > Version] **********************************
task path: /home/vagrant/.ansible/collections/ansible_collections/manala/roles/roles/redis/tasks/install.yml:15
ok: [development] => {
"ansible_facts": {
"manala_redis_version": "5.0"
},
"changed": false
}
<development> ESTABLISH LOCAL CONNECTION FOR USER: vagrant
<development> EXEC /bin/sh -c 'echo ~vagrant && sleep 0'
<development> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/vagrant/.ansible/tmp `"&& mkdir "` echo /home/vagrant/.ansible/tmp/ansible-tmp-1616833180.28-370-1236859768861 `" && echo ansible-tmp-1616833180.28-370-1236859768861="` echo /home/vagrant/.ansible/tmp/ansible-tmp-1616833180.28-370-1236859768861 `" ) && sleep 0'
<development> EXEC /bin/sh -c 'rm -f -r /home/vagrant/.ansible/tmp/ansible-tmp-1616833180.28-370-1236859768861/ > /dev/null 2>&1 && sleep 0'
TASK [manala.roles.redis : config > Server - Template] *************************
task path: /home/vagrant/.ansible/collections/ansible_collections/manala/roles/roles/redis/tasks/config.yml:3
fatal: [development]: FAILED! => {
"changed": false,
"msg": "AnsibleError: Unexpected templating type error occurred on ({#- Deprecated -#}\n\n{%- set template_env = 'dev' -%}\n{%- include '_base.j2' -%}\n): 'NoneType' object is not iterable"
}
PLAY RECAP *********************************************************************
development : ok=84 changed=1 unreachable=0 failed=1 skipped=73 rescued=0 ignored=0
Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.
make: *** [.manala/Makefile:32 : setup] Erreur 1
My configuration files:
.manala.yml:
####################################################################
# !!! REMINDER !!! #
# Don't forget to run `manala up` each time you update this file ! #
####################################################################
manala:
recipe: elao.app
##########
# System #
##########
system:
version: 10
hostname: localhost.symfony-app-template.fr
nginx:
configs:
# Php fpm
- file: app_php_fpm
template: configs/app_php_fpm.dev.j2
# Gzip
- file: app_gzip
template: configs/app_gzip.dev.j2
# App
- file: app.conf
config:
- server:
- listen: 443 ssl
- listen: 4430 ssl
- listen: 4431 ssl
- server_name: ~.
- root: /srv/app/public
- access_log: /srv/log/nginx.access.log
- error_log: /srv/log/nginx.error.log
- ssl_certificate: /srv/app/var/localhost.symfony-app-template.fr+1.pem
- ssl_certificate_key: /srv/app/var/localhost.symfony-app-template.fr+1-key.pem
- include: conf.d/app_gzip
- location /:
- try_files: $uri /index.php$is_args$args
- location ~ ^/index\.php(/|$):
- include: conf.d/app_php_fpm
- set: $APP_ENV dev
- if ( $server_port = 4430 ):
- set: $APP_ENV test
- if ( $server_port = 4431 ):
- set: $APP_ENV prod
- fastcgi_param: APP_ENV $APP_ENV
- internal;
php:
version: 7.4
extensions:
# Symfony
- intl
- curl
- mbstring
- xml
# App
- mysql
- pgsql
configs:
- file: app_opcache.ini
template: configs/app_opcache.dev.j2
- file: app.ini
template: configs/app.dev.j2
config:
- date.timezone: UTC
nodejs:
version: 12
mariadb:
version: 10.5
redis:
version: '*'
files:
# Single symfony app
# ------------------
- path: /srv/app/var/log
src: /srv/log
state: link_directory
force: true
- path: /srv/app/var/cache
src: /srv/cache
state: link_directory
force: true
# ssh:
# client:
# config:
# - Host *.elao.run:
# - User: app
# - ForwardAgent: true
.manala/ansible/inventories/system.yml:
system:
hosts:
###############
# Development #
###############
development:
# Ansible
ansible_connection: local
ansible_python_interpreter: /usr/bin/python3
# Accounts
manala_accounts_enabled: true
# Motd
manala_motd_enabled: true
# Timezone
manala_timezone_enabled: true
# Locales
manala_locales_enabled: true
# Zsh
manala_zsh_enabled: true
# Environment
manala_environment_enabled: true
# Apt
manala_apt_enabled: true
manala_apt_packages:
- xz-utils
- rsync
- wget
- curl
- make
- less
- ssl-cert
- htop
- pv # for real-time progress on streams (e.g mysql import)
# Ssh
manala_ssh_enabled: true
manala_ssh_client_config_template: config/client/default.dev.j2
# Git
manala_git_enabled: true
# Oh my zsh
manala_ohmyzsh_enabled: true
# Vim
manala_vim_enabled: true
# Alternatives
manala_alternatives_enabled: true
# Files
manala_files_enabled: true
# NodeJS
manala_nodejs_enabled: true
# Npm
manala_npm_enabled: false
# Php
manala_php_enabled: true
# Nginx
manala_nginx_enabled: true
# Supervisor
manala_supervisor_enabled: false
# Ngrok
manala_ngrok_enabled: true
# Java
manala_java_enabled: false
# Cron
manala_cron_enabled: false
# MySQL / MariaDB
manala_mysql_enabled: true
# Redis
manala_redis_enabled: true
# Elasticsearch
manala_elasticsearch_enabled: false
# InfluxDB
manala_influxdb_enabled: false
# Docker
manala_docker_enabled: false # TODO: to fix
# Gomplate
manala_gomplate_enabled: true
###############
# Integration #
###############
integration:
# Ansible
ansible_connection: local
ansible_python_interpreter: /usr/bin/python3
# Apt
manala_apt_enabled: true
manala_apt_packages:
- xz-utils
- rsync
- wget
- curl
- make
- less
- ssl-cert
- procps
- vim-tiny
# Ssh
manala_ssh_enabled: true
manala_ssh_server: false
manala_ssh_client_config_template: config/client/default.test.j2
# Git
manala_git_enabled: true
# NodeJS
manala_nodejs_enabled: true
# Npm
manala_npm_enabled: false
# Php
manala_php_enabled: true
manala_php_sapis:
- cli
vars:
#######
# All #
#######
# Accounts
manala_accounts_groups:
- group: docker
system: true
manala_accounts_users:
- user: vagrant
group: vagrant
groups: ['docker']
# Motd
manala_motd_scripts_exclusive: true
manala_motd_scripts:
- file: 10-motd
template: motd/elao.j2
message:
- A curl vaillant, rien d'impossible !
- --force et owner !
- Il n'y pas de question cron, juste des réponses mal timé ! — Cronfucius
# Timezone
manala_timezone_default: Etc/UTC
# Locales
manala_locales_codes_default: C.UTF-8
# Environment
manala_environment_files:
- zsh
manala_environment_variables:
COMPOSER_MEMORY_LIMIT: -1
# Apt
manala_apt:
update: true
manala_apt_configs:
- file: archive
template: configs/check_valid_until_false.j2
state: "{{ (ansible_distribution_release in ['jessie']) | ternary('present', 'absent') }}"
manala_apt_repositories_exclusive: true
manala_apt_preferences_exclusive: true
manala_apt_preferences:
- ansible@ansible
- preference: python-backports.ssl-match-hostname@manala
state: "{{ (ansible_distribution_release in ['jessie']) | ternary('present', 'absent') }}"
- preference: python-docker@manala
state: "{{ (ansible_distribution_release in ['jessie']) | ternary('present', 'absent') }}"
- preference: python-httplib2@manala
state: "{{ (ansible_distribution_release in ['jessie']) | ternary('present', 'absent') }}"
- preference: python-ipaddress@manala
state: "{{ (ansible_distribution_release in ['jessie']) | ternary('present', 'absent') }}"
- preference: python-jinja2@manala
state: "{{ (ansible_distribution_release in ['jessie']) | ternary('present', 'absent') }}"
- preference: python-websocket@manala
state: "{{ (ansible_distribution_release in ['jessie']) | ternary('present', 'absent') }}"
- preference: htop@backports
state: "{{ (ansible_distribution_release in ['jessie']) | ternary('present', 'absent') }}"
- preference: docker@docker
state: "{{ (manala_docker_enabled) | ternary('present', 'absent') }}"
- preference: git@backports
state: "{{ (manala_git_enabled and (ansible_distribution_release in ['jessie', 'stretch'])) | ternary('present', 'absent') }}"
- preference: supervisor@{{ (ansible_distribution_release in ['jessie']) | ternary('manala', 'backports') }}
state: "{{ (manala_supervisor_enabled and (ansible_distribution_release in ['jessie', 'stretch'])) | ternary('present', 'absent') }}"
- preference: php@sury_php
state: "{{ (manala_php_enabled) | ternary('present', 'absent') }}"
- preference: nginx@nginx
state: "{{ (manala_nginx_enabled) | ternary('present', 'absent') }}"
- preference: nodejs@nodesource_12
state: "{{ (manala_nodejs_enabled) | ternary('present', 'absent') }}"
- preference: yarn@yarn
state: "{{ (manala_yarn_enabled) | ternary('present', 'absent') }}"
- preference: mysql@default
state: absent
- preference: mariadb@mariadb_10_5
state: present
- preference: redis@{{ (ansible_distribution_release in ['stretch']) | ternary('backports', 'default') }}
state: "{{ (manala_redis_enabled and (ansible_distribution_release in ['stretch'])) | ternary('present', 'absent') }}"
- preference: elasticsearch@default
state: "{{ (manala_elasticsearch_enabled) | ternary('present', 'absent') }}"
- preference: influxdb@default
state: "{{ (manala_influxdb_enabled) | ternary('present', 'absent') }}"
# Ssh
manala_ssh_server_config_template: config/server/default.dev.j2
manala_ssh_server_config:
- AcceptEnv: WORKDIR
manala_ssh_known_hosts:
- github.com
- git.elao.com
# Git
manala_git_config_template: config/default.dev.j2
# Oh my zsh
manala_ohmyzsh_users:
- user: vagrant
group: vagrant
template: users/php.dev.j2
config:
- "[ -d ${WORKDIR:-/srv/app} ] && cd ${WORKDIR:-/srv/app}"
# Vim
manala_vim_config_template: config/default.dev.j2
# Alternatives
manala_alternatives_selections:
- selection: editor
path: /usr/bin/vim.basic
# Files
manala_files_attributes_defaults:
- parents: true
force: true
- path: "^/srv/log"
user: vagrant
group: vagrant
- path: "^/srv/cache"
user: vagrant
group: vagrant
- path: "^/srv/sessions"
user: vagrant
group: vagrant
manala_files_attributes:
- path: /srv/log
state: directory
- path: /srv/cache
state: directory
- path: /srv/sessions
state: directory
- path: /usr/share/nginx/html/404.html
template: nginx/html/404.html.j2
mode: "0644"
# App
- force: true
path: /srv/app/var/log
src: /srv/log
state: link_directory
- force: true
path: /srv/app/var/cache
src: /srv/cache
state: link_directory
# Yarn
manala_yarn_enabled: "{{ manala_nodejs_enabled }}"
# Php
manala_php_version: 7.4
manala_php_sapis_exclusive: true
manala_php_fpm_pools_exclusive: true
manala_php_fpm_pools:
- file: app.conf
template: fpm_pools/app.dev.j2
config:
- app:
- user: vagrant
- group: vagrant
- php_admin_value[error_log]: /srv/log/php.error.log
manala_php_extensions_exclusive: true
manala_php_extensions:
- opcache
- readline
- extension: json
state: "{{ 'present' if (manala_php_version and manala_php_version|string is version('8.0', '<')) else 'ignore' }}"
- extension: xdebug
enabled: false
# App
- intl
- curl
- mbstring
- xml
- mysql
- pgsql
manala_php_configs_exclusive: true
manala_php_configs:
- file: 50-xdebug.ini
template: configs/xdebug.dev.j2
# App
- file: app_opcache.ini
template: configs/app_opcache.dev.j2
- config:
- date.timezone: UTC
file: app.ini
template: configs/app.dev.j2
# Composer
manala_composer_enabled: "{{ manala_php_enabled }}"
# Symfony Cli
manala_symfony_cli_enabled: "{{ manala_php_enabled }}"
# Nginx
manala_nginx_config_template: config/http.dev.j2
manala_nginx_configs_exclusive: true
manala_nginx_configs:
- file: default.conf
config:
- server:
- listen: '* default_server'
- error_page: '404 /404.html'
- location /404.html:
- root: /usr/share/nginx/html
- internal;
# App
- file: app_php_fpm
template: configs/app_php_fpm.dev.j2
- file: app_gzip
template: configs/app_gzip.dev.j2
- config:
- server:
- listen: 443 ssl
- listen: 4430 ssl
- listen: 4431 ssl
- server_name: ~.
- root: /srv/app/public
- access_log: /srv/log/nginx.access.log
- error_log: /srv/log/nginx.error.log
- ssl_certificate: /srv/app/var/localhost.symfony-app-template.fr+1.pem
- ssl_certificate_key: /srv/app/var/localhost.symfony-app-template.fr+1-key.pem
- include: conf.d/app_gzip
- location /:
- try_files: $uri /index.php$is_args$args
- location ~ ^/index\.php(/|$):
- include: conf.d/app_php_fpm
- set: $APP_ENV dev
- if ( $server_port = 4430 ):
- set: $APP_ENV test
- if ( $server_port = 4431 ):
- set: $APP_ENV prod
- fastcgi_param: APP_ENV $APP_ENV
- internal;
file: app.conf
# Supervisor
manala_supervisor_config_template: config/debian/supervisord.conf.j2
manala_supervisor_configs_exclusive: true
manala_supervisor_configs_defaults:
template: supervisor/app.conf.j2
manala_supervisor_configs:
- template: configs/inet_http_server.conf.j2
config:
port: "*:9001"
# Ngrok
manala_ngrok_configs_exclusive: true
manala_ngrok_configs:
- file: config.yml
template: configs/default.dev.j2
# Java
manala_java_version: "{{
{
'jessie': '8',
'stretch': '8',
'buster': '11',
}[ansible_distribution_release]
}}"
# Cron
manala_cron_files_defaults:
user: vagrant
# MySQL / MariaDB
manala_mysql_configs_dir: /etc/mysql/mariadb.conf.d
manala_mysql_configs:
- template: mysql/zz-mysqld.cnf.j2
manala_mysql_users:
# Create a password-less/any-host root user...
- name: root
password: ~
host: "%"
priv: "*.*:ALL,GRANT"
# ...then remove anonymous localhost user (MySQL 5.6)
- name: ''
host: localhost
state: absent
# ...then remove root localhost user (socket based authentication on MySQL 5.7+/MariaDB)
- name: root
host: localhost
state: absent
manala_mysql_install_packages:
- mariadb-server
- mariadb-client
# Redis
manala_redis_config_template: config/default.dev.j2
# Elasticsearch
# Docker
manala_docker_containers:
- name: mailhog
image: mailhog/mailhog:v1.0.1
state: started
restart_policy: unless-stopped
ports:
- 25:1025
- 8025:8025
- name: phpmyadmin
image: phpmyadmin/phpmyadmin
state: started
restart_policy: unless-stopped
env:
PMA_USER: root
# Default docker host ip
PMA_HOST: 172.17.0.1
UPLOAD_LIMIT: 64M
ports:
- 1979:80
- name: phpredisadmin
image: erikdubbelboer/phpredisadmin
state: started
restart_policy: unless-stopped
env:
# Default docker host ip
REDIS_1_HOST: 172.17.0.1
ports:
- 1981:80This is surely related to manala/ansible-roles#515 but I don't really know what to do.
Do you know what happens? Thanks!
[Elao - App - Docker] Add certificate in the container
If you try to access the app through http within the container with your-app.ela.ooo it works, but only with http. With https the certificate is invalid (or unknown/untrusted ?).
Fixed by executing this inside the container :
sudo cp ./.manala/certificates/ca.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates
[Elao - App] mysqldump in CI
I tried to use a mysql fixtures cache that dump the database and reload it between each tests in order to speed up fixtures loading. This cache use mysqldump to dump the database, which is available in the VM but not in the CI.
[Lazy - None]
Y'aurais moyen d'avoir un Lazy.None : qui contient juste un debian par defaut ? Pas de nginx, rien.
Cas d'usage : ça me permet de simuler une fresh install de debian sur laquelle j'éxécute mon provisionning ansible custom pour mon serveur dédié.
[Elao - App] Automatic makefile help sections
Use - to generate automatic Makefile sections
Before
Makefile
---------
## Do foo stuff
foo:
...
## Do bar stuff
bar:
...
$ make help
------------
App:
foo: Do foo stuff
bar: Do bar stuff
After
Makefile
---------
## Foo - Do stuff
foo:
...
## Bar - Do stuff
bar:
...
$ make help
------------
App - Foo:
foo: Do stuff
App - Bar:
bar: Do stuff
[Lazy - Symfony] make setup
Un make setup qui pop le container et make install/build serait de la plus grand aide :)
[Elao - App] show progress while building image
When performing a make release@staging for instance, if it's the first time since a while, the docker container will be entirely built, which can take some times.
Improving this time is another issue, but having no feedback on the process is frustrating and can let the user think it will hanging on forever.
[Elao - App] Issue with locales (and perl?)
Hey :)
I've finally be able to provison my VM by disabling Redis and Docker, but I faced an issue when running make ssh (and every command in SSH):
➜ symfony-app-template git:(upgrade-manala-skeleton) ✗ make ssh
llllllll
llllllll @
llllllll
eeeeeee llllllll aaaaaaaa aaaaaa
eeeeeeeeeeee llllllll aaaaaaaaaaaaaaaaaa @
eeeeeeeeeeeeeee llllllll aaaaaaaaaaaaaaaaaaa @
eeeee eeeee llllllll aaaaaaa aaaaaaa o oooooo
eeeeeeeeeeeeeeeee llllllll aaaaaa aaaaaa oo oooooooooooo
eeeeeeeeeeeeeeeee llllllll aaaaaa aaaaaa oooooooooooo oooo
eeeee llllllll aaaaaaa aaaaaaa oooooooooooooooooo
eeeee eeeeee llllllll aaaaaaaaaaaaaaaaaaa oo oooooooooooo
eeeeeeeeeeeeeee llllllll aaaaaaaaaaaaaaaaaa o oooooo
eeeeeeeeeee llllllll aaaaaaaa aaaaaa ///////////
Gloup gloup
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = "fr_FR.UTF-8",
LC_ADDRESS = "fr_FR.UTF-8",
LC_NAME = "fr_FR.UTF-8",
LC_MONETARY = "fr_FR.UTF-8",
LC_PAPER = "fr_FR.UTF-8",
LC_IDENTIFICATION = "fr_FR.UTF-8",
LC_TELEPHONE = "fr_FR.UTF-8",
LC_MEASUREMENT = "fr_FR.UTF-8",
LC_TIME = "fr_FR.UTF-8",
LC_NUMERIC = "fr_FR.UTF-8",
LANG = "C.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("C.UTF-8").
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = "fr_FR.UTF-8",
LC_ADDRESS = "fr_FR.UTF-8",
LC_NAME = "fr_FR.UTF-8",
LC_MONETARY = "fr_FR.UTF-8",
LC_PAPER = "fr_FR.UTF-8",
LC_IDENTIFICATION = "fr_FR.UTF-8",
LC_TELEPHONE = "fr_FR.UTF-8",
LC_MEASUREMENT = "fr_FR.UTF-8",
LC_TIME = "fr_FR.UTF-8",
LC_NUMERIC = "fr_FR.UTF-8",
LANG = "C.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("C.UTF-8").
‣ SHOW PUBLIC IP
manala_ip
‣ ENABLE/DISABLE PHP XDEBUG
manala_php_xdebug [on|off]
‣ ENABLE/DISABLE NGINX TIMEOUT
manala_nginx_timeout [on|off]
‣ START NGROK HTTP
manala_ngrok_http
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = "fr_FR.UTF-8",
LC_ADDRESS = "fr_FR.UTF-8",
LC_NAME = "fr_FR.UTF-8",
LC_MONETARY = "fr_FR.UTF-8",
LC_PAPER = "fr_FR.UTF-8",
LC_IDENTIFICATION = "fr_FR.UTF-8",
LC_TELEPHONE = "fr_FR.UTF-8",
LC_MEASUREMENT = "fr_FR.UTF-8",
LC_TIME = "fr_FR.UTF-8",
LC_NUMERIC = "fr_FR.UTF-8",
LANG = "C.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("C.UTF-8").
Do you know what can happens?
Thanks!
[Elao - App] Automatic security/audit make targets
make security.foo (or make audit.foo) automatically generated, based on presence of:
composer.lockfor symfonyyarn.lockfor yarnpackage-lock.jsonfor npm
No more such targets in project makefiles :)
[Elao - App - Docker] Désinstaller les plugins Elasticsearch non présent dans la liste
Dans docker-compose.yaml.tmpl on boucle sur les plugins ES définit dans la config pour générer une commande d'install pour chacun d'entre eux. Il faudrait faire également une command d'uninstall si un plugin est installé mais non présent dans la config.
- Faire la diff entre
$.Vars.system.elasticsearch.pluginsetelasticsearch-plugin list - Générer
elasticsearch-plugin remove {{ $plugin }}pour chaque plugin absent de la config
[Elao - App] Auto certificates for SSL and HTTPS support
- générer un CA dans un repertoire .manala/certificate s(c’est celui la qu’on va mettre dans les navigateurs) un petit fichier NOTES.md ou je ne sais quoi pour expliquer comment on a fait et surtout que c’est QUE pour du dev
- utiliser le module ansible openssl-certificate-module dans le playbook de provisionning, option “ownca", on lui fait manger le CA : il crache un certif avec comme domaines ceux de la vm
*.prout.vmETprout.vm- on rajoute l’offloading par défaut dans nginx
- Une bafouille dans le README :)
- Ajouter le CA à osX
[Elao - App - Docker] Add a make target to copy Github workflows
Since we're not able to sync files out of the .manala directory on manala up and since it might not be expected to systematically update the Github workflows (i might be tweaked for the project specificities), we could perhaps imagine a make manala.workflows target that'll copy Github workflows from the .manala/github directory to the .github/workflows one, on-demand.
The the developer can simply check the diff and choose what to commit.
We may encounter some issues with the current structure:
- As of today, workflows' content is exposed in a
README.mdfile, not inside a dedicatedyamlfile representing the workflow. - We may have multiple workflows sampled in a single
README.md. Some likerelease.yamlanddeploy.yamlcould be split. But some like integration workflows are dynamically generated (one perintegration.github.jobsentry)
Is there a way to dynamically generate the workflows into dedicated files so we can simply copy them on-demand?
[Elao - App - Docker] Serviceless & containerless integrations tasks
For more perfs whenever:
- no service is needed (release & deployments)
- no container is required (lint tasks, security, …)
Instead, setup the deps (PHP, Node) directly on the Github Runner.
[Elao - App] Set ansible python interpreter
ANSIBLE_PYTHON_INTERPRETER="/usr/bin/python"
- Botha docker & vagrant
- Avoid related warnings in vagrant
- Understand why no warnings are thrown in docker...
[Elao - App] Fix motd templates quote issues
Use the same cat method (introduced here #88) in all existing templates.
To test it, just launch the resulting script in both linux AND osx.
[Elao - App] Wrong original commit URL
When creating a release from Github actions with Manala CI, the original commit URL is not correct and has a duplicated https://.
[Elao - App - Docker] Expose host project path to the app container
Expose the project path on the host to the app container as an env var,
so we can exploit this to leverage the Symfony IDE config with directory mapping.
+ forward the SYMFONY_IDE env var from the host for a standard usage on every projects (https://symfony.com/blog/new-in-symfony-6-1-profiler-improvements-part-2#better-code-editor-selection) ?
[Elao - App - Docker] Remove Ngrok
It's been a while since I'm not using Ngrok anymore, since it's now too much limited using the free plan.
Instead a simple:
## Run HTTP proxy to expose a public URL for the API
proxy.api: SHELL := $(or $(DOCKER_SHELL),$(SHELL))
proxy.api:
npx localtunnel --local-host=my-app.ela.ooo --port 80is enough
[Elao - App - Docker] Reference release repository commit on original repository
Currently, the release task creates a commit message referencing the original repo, so you can retrieve which is the last commit from the original repo that was included in the release.
But there is nothing the other way around: on the original repo, there is no easy way to know which release repo commit was linked to the history.
Given we often create release, then deploy and then create a Github Release,
having an empty commit with a message linking to the release repository commit (or giving the hash),
would allow me to easily know from a Github Release which is the corresponding commit on the repo release
(hence allowing to easily revert to a previous version for instance).
As an alternative, we could call a dedicated Github Worklow when creating a Github Release,
that would push the same tag to the release repository.
But that would only work for prod workflows, since we don't create Github Release for staging ones.
Also, it does not account for mono-repo with multiples apps with different versions inside.
So both could be good to have in a same flow.
[Elao - App] `make ssh` should ensure vm is up
Aka. 'make up`
[Elao - App] Keep jenkins container running
What about a jenkins parameter to manually trigger a build AND don't kill the container ?
We could find a way to easily log into this container for debug purposes.
A ttl (2 hours ?) should also be set into the container to let it kill itself.
An idea of @hyvs
[Lazy - Ansible] Features
[Elao - App] MongoDB support
Docker containers
- name: mongo-express
image: mongo-express
state: absent
restart_policy: unless-stopped
#env:
# Default docker host ip
# host.docker.internal ?
# gateway.docker.internal ?
# REDIS_1_HOST: 172.17.0.1
ports:
- 1981:80
[Elao - App] Integration / JenkinsFile : Allow task to fail
It would be great if we can configure the task of the integration to fail without stopping the pipeline
For exemple, we can check phpstan but not breaking the build even if the phpstan task fail
Something like this:
tasks:
- shell: make install@integration
allowFailure: true[Elao - App - Docker] Message de warning quand on sh sur un container
make docker exec elasticsearch sh
.manala/Makefile:77: warning: overriding commands for target `sh’
.manala/Makefile:64: warning: ignoring old commands for target `sh’
[Elao - App] Issue with PHP-FPM, socket is not present until we restart the service
When accessing my web application, I'm facing a 502 bad gateway.
This is the logs:
⇒ sudo cat /srv/log/nginx.error.log
2021/04/01 19:30:42 [crit] 25261#25261: *1 connect() to unix:/run/php-fpm.app.sock failed (2: No such file or directory) while connecting to upstream, client: 172.28.128.1, server: ~., request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php-fpm.app.sock:", host: "localhost.symfony-app-template.fr:4430", referrer: "https://github.com/"
2021/04/01 19:30:46 [crit] 25261#25261: *3 connect() to unix:/run/php-fpm.app.sock failed (2: No such file or directory) while connecting to upstream, client: 172.28.128.1, server: ~., request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php-fpm.app.sock:", host: "localhost.symfony-app-template.fr:4431", referrer: "https://github.com/"
2021/04/01 19:30:46 [crit] 25261#25261: *4 connect() to unix:/run/php-fpm.app.sock failed (2: No such file or directory) while connecting to upstream, client: 172.28.128.1, server: ~., request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php-fpm.app.sock:", host: "localhost.symfony-app-template.fr", referrer: "https://github.com/"
2021/04/01 19:30:46 [crit] 25261#25261: *1 connect() to unix:/run/php-fpm.app.sock failed (2: No such file or directory) while connecting to upstream, client: 172.28.128.1, server: ~., request: "GET /favicon.ico HTTP/1.1", upstream: "fastcgi://unix:/run/php-fpm.app.sock:", host: "localhost.symfony-app-template.fr:4430", referrer: "https://localhost.symfony-app-template.fr:4430/"
2021/04/01 19:30:46 [crit] 25261#25261: *3 connect() to unix:/run/php-fpm.app.sock failed (2: No such file or directory) while connecting to upstream, client: 172.28.128.1, server: ~., request: "GET /favicon.ico HTTP/1.1", upstream: "fastcgi://unix:/run/php-fpm.app.sock:", host: "localhost.symfony-app-template.fr:4431", referrer: "https://localhost.symfony-app-template.fr:4431/"
2021/04/01 19:30:46 [crit] 25261#25261: *4 connect() to unix:/run/php-fpm.app.sock failed (2: No such file or directory) while connecting to upstream, client: 172.28.128.1, server: ~., request: "GET /favicon.ico HTTP/1.1", upstream: "fastcgi://unix:/run/php-fpm.app.sock:", host: "localhost.symfony-app-template.fr", referrer: "https://localhost.symfony-app-template.fr/"
But for me, the PHP-FPM pool configuration is correct:
The problem is there is no file /run/php-fpm.app.sock. :(
If I run systemctl status php7.4-fpm.service, everything looks fine:
❱Development❰ vagrant@localhost:/srv/app|upgrade-manala-skeleton⚡
⇒
● php7.4-fpm.service - The PHP 7.4 FastCGI Process Manager
Loaded: loaded (/lib/systemd/system/php7.4-fpm.service; enabled; vendor pres
Active: active (running) since Thu 2021-04-01 19:07:40 UTC; 24min ago
Docs: man:php-fpm7.4(8)
Main PID: 24172 (php-fpm7.4)
Status: "Processes active: 0, idle: 2, Requests: 0, slow: 0, Traffic: 0req/s
Tasks: 3 (limit: 3592)
Memory: 15.3M
CGroup: /system.slice/php7.4-fpm.service
├─24172 php-fpm: master process (/etc/php/7.4/fpm/php-fpm.conf)
├─24173 php-fpm: pool www
└─24174 php-fpm: pool www
I restarted php7.4-fpm-service and the file /run/php-fpm.app.sock is now present, no more 502 Bad Gateway.
Did you know what happens?
Thanks!
[Elao - App] Vagrant box update
Maintenant que le Vagrantfile est dans .manala, vagrant box update n'est plus possible à la racine du projet et il ne me
semble pas avoir de proxy dans le makefile manala. La seule solution que j'ai trouvé c'est d'exécuter vagrant box update depuis le répertoire .manala.
[Elao - App] Docker HISTFILE should be set per user
In osx, no file permissions issues, but what about on linux when both root & docker user will access to the same file ?
[Elao - App] Switch to pip for ansible installation
[Elao - App] Switch from ansible "skippy" stdout callback to hide skipped hosts
ANSIBLE_STDOUT_CALLBACK="skippy" -> ANSIBLE_DISPLAY_SKIPPED_HOSTS="0"
- Both docker & vagrant part
- Skippy stdout callback is deprecated (see: https://docs.ansible.com/ansible/latest/plugins/callback/skippy.html)
- Check for displaying issues, especially during release/deploy, with custom stdout callback
[Elao - App - Docker] Todo
- Mutagen compose
- Some commands (like
exec) needs project name be passed by environment variableCOMPOSE_PROJECT_NAMEinstead of parameter--project-name. Fill upstream issue.
- Some commands (like
- Jenkins
- Update
Jenkinsfilepath in jenkins config (two step move, this is the second one :) ) - Change
XDG_CACHE_HOMEdefault value from/srv/.cache/to/srv/cachein jenkins cloud config
- Update
- Ports range
- Explain in README.md
- Allow cd'ing in the same directory app on the docker container that we were on the host when we
make sh - Check mailhog docker image availability on arm64 (other alternatives if needed: mailcatcher, maildrop, maillocal, smtp4dev)
- Elasticsearch as an official docker image instead of debian packages, just like on Jenkins
- Other services as a official docker images instead of debian packages ? redis ? ... ?
- Generic
make docker [PARAMS]command- Add a little bafouille on the
make docker logs -f->make docker logs -- -ftrick
- Add a little bafouille on the
- Release / Deploy
- ansible stdout/stderr output
- double
https://in url commit description on github action
-
Replacezsh/oh-my-zshto nativebashand starship - Some ports (10080, ...) are blocked by firefox. A little bafouille on it
- Remove manala.roles related requirements once they are set upstream
- Symfony cli as debian package (see: #188)
- Split ansible repository into system/release/deploy, so that provisionning could be made during the docker build with only the related system stuff, avoiding build cache invalidation fo every little change in release/deploy
- Ansible
-
Use cache for facts
-
- Apt
-
N: Skipping acquire of configured file 'mysql-5.7/binary-arm64/Packages' as repository 'http://repo.mysql.com/apt/debian stretch InRelease' doesn't support architecture 'arm64'(see: 4bee100) -
N: Skipping acquire of configured file 'nginx/binary-arm64/Packages' as repository 'http://nginx.org/packages/debian stretch InRelease' doesn't support architecture 'arm64'(see: 4fd94fc)
-
- MySQL docker container still not ready to accept connections when app scripts occurs during setup (see: 53c5dd5)
- Github actions
- Docker Compose v2 +
up --wait
- Docker Compose v2 +
[Elao - App] Use hirak/prestissimo to speed up composer install
Broken setup with elao.app
development: Errors were encountered while processing:
development: grub-pc
development: E
development: :
development: Sub-process /usr/bin/dpkg returned an error code (1)
The SSH command responded with a non-zero exit status. Vagrant
assumes that this means the command failed. The output for this command
should be in the log above. Please read the output to determine what
went wrong.
[Elao - App] XDG_CACHE_HOME set by user
- Same permission issues than HISTFILE
- Docker image should provide a default XDG_CACHE_HOME
- Will composer/yarn/npm support a embedded $(USER) variable ???
[Elao - App] Allow release to other environnements
Actuellement on ne peut configurer de release que pour deux environnement "staging" et "production".
Je voudrais configurer une release vers un 3ème environnement "beta" (par exemple), j'aurais donc :
- make release@staging deploy@staging
- make release@beta deploy@beta
- make release@production deploy@production
Mais il ne me laisse pas faire car les seuls options acceptées sont "staging" et "production", ça semble être en dur.
Techniquement ce serait possible ou c'est chiant ?
Merci :)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.