add cockroachdb support

This commit is contained in:
Geno 2020-11-13 20:38:26 +01:00
parent d4ec5ff29f
commit 3d8b505235
3 changed files with 65 additions and 9 deletions

View File

@ -4,9 +4,16 @@ osp_git_commit: '0.7.9'
osp_worker_start_port: 5000 osp_worker_start_port: 5000
osp_worker_count: "{{ ansible_processor_nproc }}" osp_worker_count: "{{ ansible_processor_nproc }}"
osp_http_user: "http"
osp_http_group: "http"
osp_http_path: "/srv/http" osp_http_path: "/srv/http"
osp_db_name: osp
osp_db_user: osp
osp_db_location: 'sqlite:///db/database.db' osp_db_location: 'sqlite:///db/database.db'
osp_db_type: "sqlite"
#osp_db_type: "cockroachdb"
osp_db_location_cockroachdb: "postgresql://{{ osp_db_user }}@localhost:26257/{{ osp_db_name }}?sslmode=require&sslrootcert=/etc/cockroach/ca.crt&sslcert=/etc/cockroach/client.{{ osp_db_user }}.crt&sslkey=/etc/cockroach/client.{{ osp_db_user }}.key"
osp_secret_key: "{{ lookup('password', 'credentials/'+inventory_hostname+'/osp_secret_key length=8 chars=digits') }}" osp_secret_key: "{{ lookup('password', 'credentials/'+inventory_hostname+'/osp_secret_key length=8 chars=digits') }}"
osp_password_salt: "{{ lookup('password', 'credentials/'+inventory_hostname+'/osp_password_salt length=8 chars=digits') }}" osp_password_salt: "{{ lookup('password', 'credentials/'+inventory_hostname+'/osp_password_salt length=8 chars=digits') }}"
osp_allow_registration: yes osp_allow_registration: yes

46
tasks/db_cockroachdb.yml Normal file
View File

@ -0,0 +1,46 @@
- name: Install dependencies
package:
name: postgresql-libs
- name: Install python cockroach requirements
pip:
virtualenv: /opt/osp-venv
name:
- sqlalchemy-cockroachdb
- name: Create user
become: yes
command:
argv:
- cockroach
- sql
- --certs-dir=/etc/cockroach
- -e
- "CREATE DATABASE IF NOT EXISTS {{ osp_db_name }}; CREATE USER IF NOT EXISTS {{ osp_db_user}}; GRANT ALL ON DATABASE {{osp_db_name}} TO {{ osp_db_user }};"
- name: Create client certs
become: yes
command:
argv:
- cockroach
- cert
- create-client
- "{{ osp_db_user }}"
- --certs-dir=/etc/cockroach
- --ca-key=/etc/cockroach/ca.key
creates: "/etc/cockroach/client.{{ osp_db_user }}.key"
- name: check permission of certs
become: yes
file:
path: "/etc/cockroach/client.{{ osp_db_user }}.{{ item }}"
mode: "u=rwx,g=,o="
owner: "{{ osp_http_user }}"
loop:
- key
- crt
- name: Set DB location
when: osp_db_location != "///db/database.db"
set_fact:
osp_db_location: "{{ osp_db_location_cockroachdb }}"

View File

@ -95,8 +95,8 @@
- name: Create www directory - name: Create www directory
file: file:
path: "{{osp_http_path }}/{{item}}" path: "{{osp_http_path }}/{{item}}"
owner: http owner: "{{ osp_http_user }}"
group: http group: "{{ osp_http_group }}"
state: directory state: directory
loop: loop:
- . - .
@ -113,6 +113,9 @@
state: started state: started
enabled: yes enabled: yes
- name: Database
include_tasks: db_cockroachdb.yml
when: osp_db_type == "cockroachdb"
- name: Clone OSP repository - name: Clone OSP repository
git: git:
@ -128,15 +131,15 @@
- name: Create cache directory - name: Create cache directory
file: file:
path: /var/cache/osp path: /var/cache/osp
owner: http owner: "{{ osp_http_user }}"
group: http group: "{{ osp_http_group }}"
state: directory state: directory
- name: Create logging directory - name: Create logging directory
file: file:
path: /var/log/osp path: /var/log/osp
owner: http owner: "{{ osp_http_user }}"
group: http group: "{{ osp_http_group }}"
state: directory state: directory
- name: Configure osp - name: Configure osp
@ -155,8 +158,8 @@
- name: Permissions for database - name: Permissions for database
file: file:
path: "/opt/osp/{{ item }}" path: "/opt/osp/{{ item }}"
owner: http owner: "{{ osp_http_user }}"
group: http group: "{{ osp_http_group }}"
recurse: yes recurse: yes
loop: loop:
- db - db