diff --git a/docs/_Sidebar.md b/docs/_Sidebar.md index efa27c64..16139d8f 100644 --- a/docs/_Sidebar.md +++ b/docs/_Sidebar.md @@ -3,6 +3,7 @@ - [Install](/install) - [Usage](/scripts) - [Roles](roles) + - [API call](/roles/api_call) - [Config](/roles/cache_clear) - [Drupal 7](/roles/cache_clear/cache_clear-drupal7) - [Drupal 8](/roles/cache_clear/cache_clear-drupal8) @@ -37,6 +38,7 @@ - [Drupal 8](/roles/_meta/deploy-drupal8) - [Matomo](/roles/_meta/deploy-matomo) - [Mautic](/roles/_meta/deploy-mautic) + - [SimpleSAMLphp](/roles/_meta/deploy-simplesamlphp) - [NPM](/roles/npm) - [Sync roles](/roles/sync) - [Database sync](/roles/sync/database_sync) diff --git a/docs/roles/_init.md b/docs/roles/_init.md index f733d1a3..b0fdd6a7 100644 --- a/docs/roles/_init.md +++ b/docs/roles/_init.md @@ -10,14 +10,16 @@ These variables **must** be set in the `deploy/common.yml` file, at least. --- # Common defaults. Given the "_init" role is mandatory, # this will ensure defaults to other roles too. +# If you are using ce-provision to deploy infrastructure this must match the `user_deploy.username` variable deploy_user: "deploy" +_mysqldump_params: "--max-allowed-packet=128M --single-transaction --skip-opt -e --quick --skip-disable-keys --skip-add-locks -C -a --add-drop-table" drupal: sites: - folder: "default" public_files: "sites/default/files" # Drupal 8 variables config_sync_directory: "config/sync" - config_import_command: "" # i.e. "cim" + config_import_command: "" # i.e. "cim" - set this to "deploy" and cache rebuild and db updates will be skipped # End Drupal 8 variables # Drupal 7 variables revert_features_command: "" # i.e. "fra" diff --git a/docs/roles/_meta/deploy-simplesamlphp.md b/docs/roles/_meta/deploy-simplesamlphp.md new file mode 100644 index 00000000..3d82e671 --- /dev/null +++ b/docs/roles/_meta/deploy-simplesamlphp.md @@ -0,0 +1,9 @@ +# SimpleSAMLphp +Role for deploying single SimpleSAMLphp instances. Do not use if you are deploying SimpleSAMLphp with another application like Drupal via composer. + +This role currently assumes all config is in the repository alongside composer.json and the special `SIMPLESAMLPHP_CONFIG_DIR` variable is passed in via the web server vhost to tell SimpleSAMLphp where the config is on the server. For vhost configuration in Nginx see ce-provision: + +* https://github.com/codeenigma/ce-provision/blob/1.x/roles/nginx + + + diff --git a/docs/roles/api_call.md b/docs/roles/api_call.md new file mode 100644 index 00000000..15ea2788 --- /dev/null +++ b/docs/roles/api_call.md @@ -0,0 +1,26 @@ +# API call + +Making RESTful API calls to other platforms. + + + + + +## Default variables +```yaml +--- +api_call: + type: gitlab + base_url: https://gitlab.example.com/api/v4/ + path: projects # see documentation - https://docs.gitlab.com/ee/api/ + method: GET + token: "" # empty means anonymous action + token_type: trigger # options are 'trigger' or 'personal' + variables: [] + status_codes: + - 200 + - 201 + - 202 +``` + + diff --git a/docs/roles/cli/cachetool.md b/docs/roles/cli/cachetool.md index 833eb8fc..9cba4a32 100644 --- a/docs/roles/cli/cachetool.md +++ b/docs/roles/cli/cachetool.md @@ -5,7 +5,7 @@ Installs the `drush` command-line tool for the deploy user. ```yaml --- cachetool: - version: 8.2.2 + version: latest # # enter three-digit version number, e.g. "7.0.0", to install a specific version ``` diff --git a/docs/roles/cli/drush.md b/docs/roles/cli/drush.md index 30f02549..ca7301c0 100644 --- a/docs/roles/cli/drush.md +++ b/docs/roles/cli/drush.md @@ -1,13 +1,14 @@ # Drush -Installs the `drush` command-line tool for the deploy user. +Installs the `drush` command-line tool for the deploy user. Note, support for `drush` version 8 and below will be withdrawn with [Drupal 7 EOL](https://www.drupal.org/psa-2022-02-23). + ## Default variables ```yaml --- drush: # Note: This is the "default" version, - # but projects should define theirs in composer.json. - version: 8.2.2 + # but projects should define theirs in composer.json or in their ce-deploy variables files. + version: 11.4.0 use_vendor: false ``` diff --git a/docs/roles/cron/cron_database_backup/cron_database_backup-mysql.md b/docs/roles/cron/cron_database_backup/cron_database_backup-mysql.md index ee71e2bf..4d5bdab5 100644 --- a/docs/roles/cron/cron_database_backup/cron_database_backup-mysql.md +++ b/docs/roles/cron/cron_database_backup/cron_database_backup-mysql.md @@ -7,6 +7,7 @@ Ensure regular local backups of MySQL databases. cron_mysql_backup: dumps_directory: "/home/{{ deploy_user }}/shared/{{ project_name }}_{{ build_type }}/db_backups/mysql/regular" keep: 10 + mysqldump_params: "{{ _mysqldump_params }}" # set in _init but you can override here ``` diff --git a/docs/roles/cron/cron_drupal7.md b/docs/roles/cron/cron_drupal7.md index 8222ddaf..14356d15 100644 --- a/docs/roles/cron/cron_drupal7.md +++ b/docs/roles/cron/cron_drupal7.md @@ -14,12 +14,16 @@ drupal: cron: # These are the relevant parts for cron. - minute: "*/{{ 10 | random(start=1) }}" # hour: 2 + # day: + # weekday: + # month: job: cron + # disabled: true # If the sites are being deployed to an ASG, setting defer to true will create the crontab entry on the deploy server rather than all of the app servers. defer: false # If defer is set to true, the Ansible target must be declared with defer_target. If using a group, include the index. For example, _ce_www_dev[0] defer_target: "" - + drush_location: "{{ drush_bin }}" # you might specify another location, e.g. "{{ deploy_path }}/vendor/bin/drush" ``` diff --git a/docs/roles/cron/cron_drupal8.md b/docs/roles/cron/cron_drupal8.md index ae25adc4..bafd49b0 100644 --- a/docs/roles/cron/cron_drupal8.md +++ b/docs/roles/cron/cron_drupal8.md @@ -14,13 +14,16 @@ drupal: cron: # These are the relevant parts for cron. - minute: "*/{{ 10 | random(start=1) }}" # hour: 2 + # day: + # weekday: + # month: job: cron + # disabled: true # If the sites are being deployed to an ASG, setting defer to true will create the crontab entry on the deploy server rather than all of the app servers. defer: false # If defer is set to true, the Ansible target must be declared with defer_target. If using a group, include the index. For example, _ce_www_dev[0] defer_target: "" - # Drush location when installed with Composer - drush_location: "vendor/drush/drush/drush" + drush_location: "{{ drush_bin }}" # you might specify another location, e.g. "{{ deploy_path }}/vendor/bin/drush" ``` diff --git a/docs/roles/database_backup.md b/docs/roles/database_backup.md index 947c8053..772efa70 100644 --- a/docs/roles/database_backup.md +++ b/docs/roles/database_backup.md @@ -7,7 +7,7 @@ Generate backups for each build. database_backup: engines: - mysql - + revert: true ``` diff --git a/docs/roles/database_backup/database_backup-mysql.md b/docs/roles/database_backup/database_backup-mysql.md index 5b0d7289..b52413bf 100644 --- a/docs/roles/database_backup/database_backup-mysql.md +++ b/docs/roles/database_backup/database_backup-mysql.md @@ -7,6 +7,7 @@ Generate MySQL backups for each build. mysql_backup: handling: rolling dumps_directory: "/home/{{ deploy_user }}/shared/{{ project_name }}_{{ build_type }}/db_backups/mysql/build" + mysqldump_params: "{{ _mysqldump_params }}" # set in _init but you can override here # Number of dumps/db to keep. Note this is independant from the build codebases. keep: 10 # This can be one of the following: diff --git a/docs/roles/deploy_code.md b/docs/roles/deploy_code.md index bad0040f..4e371f28 100644 --- a/docs/roles/deploy_code.md +++ b/docs/roles/deploy_code.md @@ -11,7 +11,7 @@ deploy_code: # Specify any additional symlink to create, with src (target) and dest (link). # src: can be either absolute or relative to the dest (eg. '/var/my_data', '/home/deploy/simplesaml', '../../../myconfig') # dest: can only be relative to the root of your repository (eg. 'www/themes/myassets', 'var/cache') - # create: wether to create the target if it does not exists. + # create: whether to create the target if it does not exists. # - src: '/home/{{ deploy_user }}//{{ project_name }}_{{ build_type }}/simplesaml' # dest: 'vendor/simplesamlphp/simplesamlphp/config' # - src: '/var/simplesaml/etc' @@ -23,12 +23,45 @@ deploy_code: templates: [] # Number of builds to keep. Note this is independant of databases/dump. keep: 10 - # Wether to sync the local deploy base to a shared destination, after successful build. + # Whether to sync the local deploy base to a shared destination, after successful build. mount_sync: "" # mount_sync: "/home/{{ deploy_user }}/shared/{{ project_name }}_{{ build_type }}/deploy" + # Type of file to use for sync - 'squashfs' or 'tarball' + # @see the _init role for SquashFS build dir paths + # @see the squashfs role in ce-provision which installs the special conditions required by the deploy user to use this behaviour + mount_type: "tarball" # Path that you want to make sure has 755 permissions. Make sure to include the webroot WITHOUT the slash. perms_fix_path: "" # perms_fix_path: "www/sites/default" + # List of services to manipulate to free the loop device for 'squashfs' builds, post lazy umount. + # @see the squashfs role in ce-provision where special permissions for deploy user to manipulate services get granted. + services: [] + # services: + # - php8.0-fpm + # What action to take against the services, 'reload' or 'stop'. + # Busy websites will require a hard stop of services to achieve the umount command. + service_action: reload + # Trigger an API call to rebuild infra after a deploy, e.g. if you need to repack an AMI. + rebuild_infra: false + # Details of API call to trigger. See api_call role. + api_call: + type: gitlab + base_url: https://gitlab.example.com/api/v4/ + path: projects/1/ref/main/trigger/pipeline + method: POST + token: asdf-1234 + token_type: trigger + variables: [] + # example build parameters + # - "[ENV]=dev" + # - "[PLAY]=myserver.yml" + # - "[RESOURCE]=myserver-example-com" + # - "[REGION]=eu-west-1" + # - "[EXTRA_PARAMS]=--force" + status_codes: + - 200 + - 201 + - 202 ``` diff --git a/docs/roles/sync/database_sync/database_sync-mysql.md b/docs/roles/sync/database_sync/database_sync-mysql.md index bcb9c6ad..cf7e5311 100644 --- a/docs/roles/sync/database_sync/database_sync-mysql.md +++ b/docs/roles/sync/database_sync/database_sync-mysql.md @@ -5,6 +5,7 @@ Sync MySQL databases between environments. ```yaml --- mysql_sync: + mysqldump_params: "{{ _mysqldump_params }}" # set in _init but you can override here databases: - source: # Name of the database to take a dump from. @@ -20,6 +21,13 @@ mysql_sync: type: fixed # For "rolling builds", so we can compute the database name. build_id: mybuildprod + # Whether or not use to create a fresh database backup or use a nightly one. + fresh_db: true + # Location where nightly backups are kept. This must match the value set for cron_mysql_backup.dumps_directory. Below is the default. + # This var is only used when fresh_db is set to "false". + dumps_directory: "/home/{{ deploy_user }}/shared/{{ project_name }}_{{ build_type }}/db_backups/mysql/regular" + # If the source is on an ASG, provide the ASG name here. Otherwise, leave empty. + asg: "" target: database: "{{ project_name }}_dev" credentials_file: "/home/{{ deploy_user }}/.mysql.creds" @@ -30,6 +38,8 @@ mysql_sync: type: fixed # For "rolling builds", so we can compute the database name. build_id: mybuilddev + # If the target is on an ASG, provide the ASG name here. Otherwise, leave empty. + asg: "" ``` diff --git a/roles/_init/README.md b/roles/_init/README.md index f733d1a3..b0fdd6a7 100644 --- a/roles/_init/README.md +++ b/roles/_init/README.md @@ -10,14 +10,16 @@ These variables **must** be set in the `deploy/common.yml` file, at least. --- # Common defaults. Given the "_init" role is mandatory, # this will ensure defaults to other roles too. +# If you are using ce-provision to deploy infrastructure this must match the `user_deploy.username` variable deploy_user: "deploy" +_mysqldump_params: "--max-allowed-packet=128M --single-transaction --skip-opt -e --quick --skip-disable-keys --skip-add-locks -C -a --add-drop-table" drupal: sites: - folder: "default" public_files: "sites/default/files" # Drupal 8 variables config_sync_directory: "config/sync" - config_import_command: "" # i.e. "cim" + config_import_command: "" # i.e. "cim" - set this to "deploy" and cache rebuild and db updates will be skipped # End Drupal 8 variables # Drupal 7 variables revert_features_command: "" # i.e. "fra" diff --git a/roles/_init/tasks/drupal7.yml b/roles/_init/tasks/drupal7.yml index 6487564c..719c1ecb 100644 --- a/roles/_init/tasks/drupal7.yml +++ b/roles/_init/tasks/drupal7.yml @@ -1,7 +1,7 @@ --- - name: Define Drush path. set_fact: - drush_bin: "{{ drush_bin | default('/home/{{ deploy_user }}/.bin/drush.phar') }}" + drush_bin: "{{ drush_bin | default('/home/{{ deploy_user }}/.bin/drush') }}" - name: Ensure we have Drush binary. import_role: diff --git a/roles/_init/tasks/drupal8.yml b/roles/_init/tasks/drupal8.yml index 6487564c..719c1ecb 100644 --- a/roles/_init/tasks/drupal8.yml +++ b/roles/_init/tasks/drupal8.yml @@ -1,7 +1,7 @@ --- - name: Define Drush path. set_fact: - drush_bin: "{{ drush_bin | default('/home/{{ deploy_user }}/.bin/drush.phar') }}" + drush_bin: "{{ drush_bin | default('/home/{{ deploy_user }}/.bin/drush') }}" - name: Ensure we have Drush binary. import_role: diff --git a/roles/api_call/README.md b/roles/api_call/README.md index 83d1ab28..15ea2788 100644 --- a/roles/api_call/README.md +++ b/roles/api_call/README.md @@ -6,4 +6,21 @@ Making RESTful API calls to other platforms. +## Default variables +```yaml +--- +api_call: + type: gitlab + base_url: https://gitlab.example.com/api/v4/ + path: projects # see documentation - https://docs.gitlab.com/ee/api/ + method: GET + token: "" # empty means anonymous action + token_type: trigger # options are 'trigger' or 'personal' + variables: [] + status_codes: + - 200 + - 201 + - 202 +``` + diff --git a/roles/cli/cachetool/README.md b/roles/cli/cachetool/README.md index 833eb8fc..9cba4a32 100644 --- a/roles/cli/cachetool/README.md +++ b/roles/cli/cachetool/README.md @@ -5,7 +5,7 @@ Installs the `drush` command-line tool for the deploy user. ```yaml --- cachetool: - version: 8.2.2 + version: latest # # enter three-digit version number, e.g. "7.0.0", to install a specific version ``` diff --git a/roles/cli/drush/README.md b/roles/cli/drush/README.md index 30f02549..ca7301c0 100644 --- a/roles/cli/drush/README.md +++ b/roles/cli/drush/README.md @@ -1,13 +1,14 @@ # Drush -Installs the `drush` command-line tool for the deploy user. +Installs the `drush` command-line tool for the deploy user. Note, support for `drush` version 8 and below will be withdrawn with [Drupal 7 EOL](https://www.drupal.org/psa-2022-02-23). + ## Default variables ```yaml --- drush: # Note: This is the "default" version, - # but projects should define theirs in composer.json. - version: 8.2.2 + # but projects should define theirs in composer.json or in their ce-deploy variables files. + version: 11.4.0 use_vendor: false ``` diff --git a/roles/cli/drush/defaults/main.yml b/roles/cli/drush/defaults/main.yml index 68ff2c66..58da2a79 100644 --- a/roles/cli/drush/defaults/main.yml +++ b/roles/cli/drush/defaults/main.yml @@ -1,6 +1,6 @@ --- drush: # Note: This is the "default" version, - # but projects should define theirs in composer.json. - version: 8.2.2 + # but projects should define theirs in composer.json or in their ce-deploy variables files. + version: 11.4.0 use_vendor: false \ No newline at end of file diff --git a/roles/cli/drush/tasks/main.yml b/roles/cli/drush/tasks/main.yml index da5cdaac..92c7eb26 100644 --- a/roles/cli/drush/tasks/main.yml +++ b/roles/cli/drush/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Check if we already have a global Drush. - stat: + ansible.builtin.stat: path: "{{ drush_bin }}" register: drush_global when: @@ -16,22 +16,48 @@ register: drush_global_directory - name: Check if installed Drush version match. - shell: "{{ drush_bin }} --version | grep -o '[0-9]\\.[0-9]\\.[0-9]'" + ansible.builtin.shell: "{{ drush_bin }} --version | grep -o '[0-9]\\.[0-9]\\.[0-9]'" register: drush_global_version when: - deploy_operation == 'deploy' - drush_global.stat.exists - not drush.use_vendor -- name: Download Drush installer. - get_url: +# @TODO - we can remove this when Drupal 7 reaches EOL. +- name: Download Drush installer for Drupal 7. + ansible.builtin.get_url: url: "https://github.com/drush-ops/drush/releases/download/{{ drush.version }}/drush.phar" dest: "{{ drush_bin }}" mode: 0755 + force: true when: - deploy_operation == 'deploy' - not drush.use_vendor - not drush_global.stat.exists or not drush_global_version.stdout == drush.version + - drush.version < 9 + +- name: Download Drush archive. + ansible.builtin.get_url: + url: "https://github.com/drush-ops/drush/archive/refs/tags/{{ drush.version }}.tar.gz" + dest: /tmp/drush.tar.gz + mode: 0755 + force: true + when: + - deploy_operation == 'deploy' + - not drush.use_vendor + - not drush_global.stat.exists or not drush_global_version.stdout == drush.version + - drush.version >= 9 + +- name: "Extract drush.tar.gz into {{ drush_bin | dirname }}" + ansible.builtin.unarchive: + src: /tmp/drush.tar.gz + dest: "{{ drush_bin | dirname }}" + mode: 0755 + when: + - deploy_operation == 'deploy' + - not drush.use_vendor + - not drush_global.stat.exists or not drush_global_version.stdout == drush.version + - drush.version >= 9 - name: Create .bashrc file if it does not exist ansible.builtin.file: @@ -49,7 +75,7 @@ - deploy_operation == 'deploy' - name: Trigger Drush init tasks. - command: "{{ drush_bin }} init -y" + ansible.builtin.command: "{{ drush_bin }} init -y" when: - deploy_operation == 'deploy' - not drush.use_vendor diff --git a/roles/config_generate/config_generate-drupal7/tasks/drush.yml b/roles/config_generate/config_generate-drupal7/tasks/drush.yml deleted file mode 100644 index 9c85eb9d..00000000 --- a/roles/config_generate/config_generate-drupal7/tasks/drush.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- - -- name: Generates drush.yml file. - template: - src: '{{ item }}' - dest: "{{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}/drush.yml" - with_first_found: - - "{{ playbook_dir }}/{{ webroot }}/sites/{{ site.folder }}/{{ build_type }}.drush.yml.j2" - - "{{ _ce_deploy_build_dir }}/{{ webroot }}/sites/{{ site.folder }}/{{ build_type }}.drush.yml" - - "drush.yml.j2" \ No newline at end of file diff --git a/roles/config_generate/config_generate-drupal7/tasks/main.yml b/roles/config_generate/config_generate-drupal7/tasks/main.yml index b984fd58..23781ded 100644 --- a/roles/config_generate/config_generate-drupal7/tasks/main.yml +++ b/roles/config_generate/config_generate-drupal7/tasks/main.yml @@ -1,14 +1,6 @@ --- - name: Generates settings file. - include_tasks: settings.yml + ansible.builtin.include_tasks: settings.yml with_items: "{{ drupal.sites }}" loop_control: loop_var: site - -#- name: Generates Drush settings file. -# include_tasks: drush.yml -# when: -# - site.base_url is defined -# with_items: "{{ drupal.sites }}" -# loop_control: -# loop_var: site diff --git a/roles/config_generate/config_generate-drupal8/tasks/drush.yml b/roles/config_generate/config_generate-drupal8/tasks/drush.yml index 9c85eb9d..f4b7ae7a 100644 --- a/roles/config_generate/config_generate-drupal8/tasks/drush.yml +++ b/roles/config_generate/config_generate-drupal8/tasks/drush.yml @@ -1,7 +1,6 @@ --- - - name: Generates drush.yml file. - template: + ansible.builtin.template: src: '{{ item }}' dest: "{{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}/drush.yml" with_first_found: diff --git a/roles/config_generate/config_generate-drupal8/tasks/main.yml b/roles/config_generate/config_generate-drupal8/tasks/main.yml index cd3c19fd..3db5bf60 100644 --- a/roles/config_generate/config_generate-drupal8/tasks/main.yml +++ b/roles/config_generate/config_generate-drupal8/tasks/main.yml @@ -1,12 +1,12 @@ --- - name: Generates settings file. - include_tasks: settings.yml + ansible.builtin.include_tasks: settings.yml with_items: "{{ drupal.sites }}" loop_control: loop_var: site - name: Generates Drush settings file. - include_tasks: drush.yml + ansible.builtin.include_tasks: drush.yml when: - site.base_url is defined with_items: "{{ drupal.sites }}" diff --git a/roles/config_generate/config_generate-matomo/tasks/main.yml b/roles/config_generate/config_generate-matomo/tasks/main.yml index 505ff3ce..e5482e65 100644 --- a/roles/config_generate/config_generate-matomo/tasks/main.yml +++ b/roles/config_generate/config_generate-matomo/tasks/main.yml @@ -1,7 +1,6 @@ --- - - name: Generates config file. - template: + ansible.builtin.template: src: '{{ item }}' dest: "{{ deploy_path }}/{{ webroot }}/config/config.ini.php" with_first_found: diff --git a/roles/config_generate/config_generate-mautic/tasks/main.yml b/roles/config_generate/config_generate-mautic/tasks/main.yml index d1da20c5..2a9d63d0 100644 --- a/roles/config_generate/config_generate-mautic/tasks/main.yml +++ b/roles/config_generate/config_generate-mautic/tasks/main.yml @@ -1,15 +1,14 @@ --- - -- name: set public files path. - set_fact: +- name: Set public files path. + ansible.builtin.set_fact: build_image_path: "{{ mautic.image_path }}" -- name: set private files path. - set_fact: +- name: Set private files path. + ansible.builtin.set_fact: build_upload_dir: "{{ deploy_assets_base_path }}/{{ project_name }}_{{ build_type }}_private_files" - name: Generates local.php file. - template: + ansible.builtin.template: src: '{{ item }}' dest: "{{ deploy_path }}/{{ webroot }}/app/config/local.php" with_first_found: diff --git a/roles/config_generate/tasks/main.yml b/roles/config_generate/tasks/main.yml index 3bce314b..2af08e87 100644 --- a/roles/config_generate/tasks/main.yml +++ b/roles/config_generate/tasks/main.yml @@ -1,12 +1,11 @@ --- - - name: Generate project specific configuration. - include_role: + ansible.builtin.include_role: name: "config_generate/config_generate-{{ project_type }}" when: deploy_operation == 'deploy' - name: Generate additional templates. - template: + ansible.builtin.template: src: "{{ template.src }}" dest: "{{ deploy_path }}/{{ template.dest }}" with_items: "{{ config_generate.templates }}" @@ -17,7 +16,7 @@ - deploy_operation == 'deploy' - name: Create additional symlinks. - file: + ansible.builtin.file: src: "{{ link.src }}" dest: "{{ deploy_path }}/{{ link.dest }}" state: link diff --git a/roles/cron/cron_database_backup/cron_database_backup-mysql/README.md b/roles/cron/cron_database_backup/cron_database_backup-mysql/README.md index ee71e2bf..4d5bdab5 100644 --- a/roles/cron/cron_database_backup/cron_database_backup-mysql/README.md +++ b/roles/cron/cron_database_backup/cron_database_backup-mysql/README.md @@ -7,6 +7,7 @@ Ensure regular local backups of MySQL databases. cron_mysql_backup: dumps_directory: "/home/{{ deploy_user }}/shared/{{ project_name }}_{{ build_type }}/db_backups/mysql/regular" keep: 10 + mysqldump_params: "{{ _mysqldump_params }}" # set in _init but you can override here ``` diff --git a/roles/cron/cron_drupal7/README.md b/roles/cron/cron_drupal7/README.md index 8222ddaf..14356d15 100644 --- a/roles/cron/cron_drupal7/README.md +++ b/roles/cron/cron_drupal7/README.md @@ -14,12 +14,16 @@ drupal: cron: # These are the relevant parts for cron. - minute: "*/{{ 10 | random(start=1) }}" # hour: 2 + # day: + # weekday: + # month: job: cron + # disabled: true # If the sites are being deployed to an ASG, setting defer to true will create the crontab entry on the deploy server rather than all of the app servers. defer: false # If defer is set to true, the Ansible target must be declared with defer_target. If using a group, include the index. For example, _ce_www_dev[0] defer_target: "" - + drush_location: "{{ drush_bin }}" # you might specify another location, e.g. "{{ deploy_path }}/vendor/bin/drush" ``` diff --git a/roles/cron/cron_drupal7/defaults/main.yml b/roles/cron/cron_drupal7/defaults/main.yml index ef3ab79f..419e9c4b 100644 --- a/roles/cron/cron_drupal7/defaults/main.yml +++ b/roles/cron/cron_drupal7/defaults/main.yml @@ -16,3 +16,4 @@ drupal: defer: false # If defer is set to true, the Ansible target must be declared with defer_target. If using a group, include the index. For example, _ce_www_dev[0] defer_target: "" + drush_location: "{{ drush_bin }}" # you might specify another location, e.g. "{{ deploy_path }}/vendor/bin/drush" \ No newline at end of file diff --git a/roles/cron/cron_drupal7/tasks/job.yml b/roles/cron/cron_drupal7/tasks/job.yml index dd18979c..eb88ddad 100644 --- a/roles/cron/cron_drupal7/tasks/job.yml +++ b/roles/cron/cron_drupal7/tasks/job.yml @@ -1,7 +1,7 @@ --- - name: Define cron job command. ansible.builtin.set_fact: - _cron_job_command: "cd {{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }} && {{ drush_bin }} {{ entry.job }}" + _cron_job_command: "cd {{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }} && {{ drush_location }} {{ entry.job }}" - name: Define cron job command if deferred (ASG). ansible.builtin.set_fact: diff --git a/roles/cron/cron_drupal8/README.md b/roles/cron/cron_drupal8/README.md index ae25adc4..bafd49b0 100644 --- a/roles/cron/cron_drupal8/README.md +++ b/roles/cron/cron_drupal8/README.md @@ -14,13 +14,16 @@ drupal: cron: # These are the relevant parts for cron. - minute: "*/{{ 10 | random(start=1) }}" # hour: 2 + # day: + # weekday: + # month: job: cron + # disabled: true # If the sites are being deployed to an ASG, setting defer to true will create the crontab entry on the deploy server rather than all of the app servers. defer: false # If defer is set to true, the Ansible target must be declared with defer_target. If using a group, include the index. For example, _ce_www_dev[0] defer_target: "" - # Drush location when installed with Composer - drush_location: "vendor/drush/drush/drush" + drush_location: "{{ drush_bin }}" # you might specify another location, e.g. "{{ deploy_path }}/vendor/bin/drush" ``` diff --git a/roles/cron/cron_drupal8/defaults/main.yml b/roles/cron/cron_drupal8/defaults/main.yml index 913eb530..9d4b90f6 100644 --- a/roles/cron/cron_drupal8/defaults/main.yml +++ b/roles/cron/cron_drupal8/defaults/main.yml @@ -16,5 +16,4 @@ drupal: defer: false # If defer is set to true, the Ansible target must be declared with defer_target. If using a group, include the index. For example, _ce_www_dev[0] defer_target: "" - # Drush location when installed with Composer - drush_location: "vendor/drush/drush/drush" + drush_location: "{{ drush_bin }}" # you might specify another location, e.g. "{{ deploy_path }}/vendor/bin/drush" diff --git a/roles/cron/cron_drupal8/tasks/job.yml b/roles/cron/cron_drupal8/tasks/job.yml index 908abff6..eb88ddad 100644 --- a/roles/cron/cron_drupal8/tasks/job.yml +++ b/roles/cron/cron_drupal8/tasks/job.yml @@ -1,7 +1,7 @@ --- - name: Define cron job command. ansible.builtin.set_fact: - _cron_job_command: "cd {{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }} && {{ deploy_path }}/{{ drupal.drush_location }} {{ entry.job }}" + _cron_job_command: "cd {{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }} && {{ drush_location }} {{ entry.job }}" - name: Define cron job command if deferred (ASG). ansible.builtin.set_fact: diff --git a/roles/database_backup/README.md b/roles/database_backup/README.md index 947c8053..772efa70 100644 --- a/roles/database_backup/README.md +++ b/roles/database_backup/README.md @@ -7,7 +7,7 @@ Generate backups for each build. database_backup: engines: - mysql - + revert: true ``` diff --git a/roles/database_backup/database_backup-mysql/README.md b/roles/database_backup/database_backup-mysql/README.md index 5b0d7289..b52413bf 100644 --- a/roles/database_backup/database_backup-mysql/README.md +++ b/roles/database_backup/database_backup-mysql/README.md @@ -7,6 +7,7 @@ Generate MySQL backups for each build. mysql_backup: handling: rolling dumps_directory: "/home/{{ deploy_user }}/shared/{{ project_name }}_{{ build_type }}/db_backups/mysql/build" + mysqldump_params: "{{ _mysqldump_params }}" # set in _init but you can override here # Number of dumps/db to keep. Note this is independant from the build codebases. keep: 10 # This can be one of the following: diff --git a/roles/deploy_code/README.md b/roles/deploy_code/README.md index bad0040f..4e371f28 100644 --- a/roles/deploy_code/README.md +++ b/roles/deploy_code/README.md @@ -11,7 +11,7 @@ deploy_code: # Specify any additional symlink to create, with src (target) and dest (link). # src: can be either absolute or relative to the dest (eg. '/var/my_data', '/home/deploy/simplesaml', '../../../myconfig') # dest: can only be relative to the root of your repository (eg. 'www/themes/myassets', 'var/cache') - # create: wether to create the target if it does not exists. + # create: whether to create the target if it does not exists. # - src: '/home/{{ deploy_user }}//{{ project_name }}_{{ build_type }}/simplesaml' # dest: 'vendor/simplesamlphp/simplesamlphp/config' # - src: '/var/simplesaml/etc' @@ -23,12 +23,45 @@ deploy_code: templates: [] # Number of builds to keep. Note this is independant of databases/dump. keep: 10 - # Wether to sync the local deploy base to a shared destination, after successful build. + # Whether to sync the local deploy base to a shared destination, after successful build. mount_sync: "" # mount_sync: "/home/{{ deploy_user }}/shared/{{ project_name }}_{{ build_type }}/deploy" + # Type of file to use for sync - 'squashfs' or 'tarball' + # @see the _init role for SquashFS build dir paths + # @see the squashfs role in ce-provision which installs the special conditions required by the deploy user to use this behaviour + mount_type: "tarball" # Path that you want to make sure has 755 permissions. Make sure to include the webroot WITHOUT the slash. perms_fix_path: "" # perms_fix_path: "www/sites/default" + # List of services to manipulate to free the loop device for 'squashfs' builds, post lazy umount. + # @see the squashfs role in ce-provision where special permissions for deploy user to manipulate services get granted. + services: [] + # services: + # - php8.0-fpm + # What action to take against the services, 'reload' or 'stop'. + # Busy websites will require a hard stop of services to achieve the umount command. + service_action: reload + # Trigger an API call to rebuild infra after a deploy, e.g. if you need to repack an AMI. + rebuild_infra: false + # Details of API call to trigger. See api_call role. + api_call: + type: gitlab + base_url: https://gitlab.example.com/api/v4/ + path: projects/1/ref/main/trigger/pipeline + method: POST + token: asdf-1234 + token_type: trigger + variables: [] + # example build parameters + # - "[ENV]=dev" + # - "[PLAY]=myserver.yml" + # - "[RESOURCE]=myserver-example-com" + # - "[REGION]=eu-west-1" + # - "[EXTRA_PARAMS]=--force" + status_codes: + - 200 + - 201 + - 202 ``` diff --git a/roles/sync/database_sync/database_sync-mysql/README.md b/roles/sync/database_sync/database_sync-mysql/README.md index bcb9c6ad..cf7e5311 100644 --- a/roles/sync/database_sync/database_sync-mysql/README.md +++ b/roles/sync/database_sync/database_sync-mysql/README.md @@ -5,6 +5,7 @@ Sync MySQL databases between environments. ```yaml --- mysql_sync: + mysqldump_params: "{{ _mysqldump_params }}" # set in _init but you can override here databases: - source: # Name of the database to take a dump from. @@ -20,6 +21,13 @@ mysql_sync: type: fixed # For "rolling builds", so we can compute the database name. build_id: mybuildprod + # Whether or not use to create a fresh database backup or use a nightly one. + fresh_db: true + # Location where nightly backups are kept. This must match the value set for cron_mysql_backup.dumps_directory. Below is the default. + # This var is only used when fresh_db is set to "false". + dumps_directory: "/home/{{ deploy_user }}/shared/{{ project_name }}_{{ build_type }}/db_backups/mysql/regular" + # If the source is on an ASG, provide the ASG name here. Otherwise, leave empty. + asg: "" target: database: "{{ project_name }}_dev" credentials_file: "/home/{{ deploy_user }}/.mysql.creds" @@ -30,6 +38,8 @@ mysql_sync: type: fixed # For "rolling builds", so we can compute the database name. build_id: mybuilddev + # If the target is on an ASG, provide the ASG name here. Otherwise, leave empty. + asg: "" ```