diff --git a/defaults/main.yml b/defaults/main.yml index 82e1d92..3e3145d 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,5 +1,5 @@ --- -pgadmin_as_package: True +pgadmin_via_pip: True pgadmin_deb_repo_key: 'https://www.pgadmin.org/static/packages_pgadmin_org.pub' pgadmin_deb_repo: 'deb https://ftp.postgresql.org/pub/pgadmin/pgadmin4/apt/{{ ansible_distribution_release }} pgadmin4 main' pgadmin_el_repo: 'https://ftp.postgresql.org/pub/pgadmin/pgadmin4/yum/pgadmin4-redhat-repo-1-1.noarch.rpm' @@ -7,26 +7,46 @@ pgadmin_el_repo: 'https://ftp.postgresql.org/pub/pgadmin/pgadmin4/yum/pgadmin4-r pgadmin_pkg_name: 'pgadmin4-web' pgadmin_setup_script: '/usr/pgadmin4/bin/setup-web.sh' - +pgadmin_server_port: 5050 # When not using the package pgadmin_user: pgadmin pgadmin_home: /opt/pgadmin +pgadmin_writeable_dirs: + - data + - storage + - db + - lib/sessions -pgadmin_workdir: /usr/local/lib/python2.7/dist-packages/pgadmin4 +pgadmin_venv_name: pgadmin_web +pgadmin_venv_bindir: '{{ pgadmin_home }}/{{ pgadmin_venv_name }}/bin' -py3_env_pip_pkgs: - - flask - - flask_babelex - - flask_login - - flask_mail - - flask_paranoid - - flask_security - - flask_sqlalchemy - - simplejson - - python-dateutil - - flask_migrate - - flask_gravatar - - psutil - - sqlparse - - flask_htmlmin +pgadmin_wheel_pkg_version: '4.23' +pgadmin_wheel_pkg: 'pgadmin4-{{ pgadmin_wheel_pkg_version }}-py3-none-any.whl' +pgadmin_wheel_url: 'https://ftp.postgresql.org/pub/pgadmin/pgadmin4/v{{ pgadmin_wheel_pkg_version }}/pip/{{ pgadmin_wheel_pkg }}' + +pgadmin_workdir: '{{ pgadmin_home }}/{{ pgadmin_venv_name }}/lib/python3.6/site-packages/pgadmin4' + +pgadmin_pip_pkgs: + - { pkg: 'flask' } + - { pkg: 'flask_babelex' } + - { pkg: 'flask_login' } + - { pkg: 'flask_mail' } + - { pkg: 'flask_paranoid' } + - { pkg: 'flask_security' } + - { pkg: 'flask_sqlalchemy' } + - { pkg: 'simplejson' } + - { pkg: 'python-dateutil' } + - { pkg: 'flask_migrate' } + - { pkg: 'flask_gravatar' } + - { pkg: 'psutil' } + - { pkg: 'sqlparse' } + - { pkg: 'flask_htmlmin' } + - { pkg: 'pgadmin4' } + +pgadmin_email_sender: 'pgadmin@example.com' + +pgadmin_nginx_virtualhost_name: '{{ ansible_fqdn }}' +pgadmin_nginx_servername: '{{ pgadmin_nginx_virtualhost_name }}' +pgadmin_nginx_http_port: '80' +nginx_virthosts: '{{ pgadmin_nginx_virthost }}' diff --git a/meta/main.yml b/meta/main.yml index cf9bb69..b5bb6e9 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -29,6 +29,13 @@ dependencies: version: master name: python3-environment state: latest - when: not pgadmin_as_package + when: pgadmin_via_pip + - src: git+https://gitea-s2i2s.isti.cnr.it/ISTI-ansible-roles/ansible-role-nginx.git + version: master + name: nginx + state: latest + when: pgadmin_via_pip + + diff --git a/tasks/main.yml b/tasks/main.yml index 6848f74..b2a3b22 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,7 +1,11 @@ --- - import_tasks: pgadmin_deb.yml - when: ansible_distribution_file_variety == "Debian" + when: + - not pgadmin_via_pip + - ansible_distribution_file_variety == "Debian" - import_tasks: pgadmin_el.yml - when: ansible_distribution_file_variety == "RedHat" -- import_tasks: pgadmin_wheel.yml - when: not pgadmin_as_package + when: + - not pgadmin_via_pip + - ansible_distribution_file_variety == "RedHat" +- import_tasks: pgadmin_pip.yml + when: pgadmin_via_pip diff --git a/tasks/pgadmin_pip.yml b/tasks/pgadmin_pip.yml new file mode 100644 index 0000000..9666036 --- /dev/null +++ b/tasks/pgadmin_pip.yml @@ -0,0 +1,55 @@ +--- +- block: + - name: Create a user that will be the owner of the pgadmin files + user: name={{ pgadmin_user }} home={{ pgadmin_home }} createhome=no shell=/usr/sbin/nologin system=yes + + - name: Create the pgadmin installation directory + file: dest={{ pgadmin_home }} state=directory + + - name: Create the pgadmin log directory + file: dest=/var/log/pgadmin state=directory owner={{ pgadmin_user }} group={{ pgadmin_user }} + + - name: Create the directories that must be writeable by pgadmin + file: dest={{ pgadmin_home }}/{{ item }} state=directory owner={{ pgadmin_user }} group={{ pgadmin_user }} + with_items: '{{ pgadmin_writeable_dirs }}' + + - name: Create the mailman virtualenv. Manually, because python 3.6 + shell: cd '{{ pgadmin_home }}' && python3 -m venv '{{ pgadmin_venv_name }}' + args: + creates: '{{ pgadmin_venv_bindir }}/activate' + + - name: Install the required packages in the pgadmin virtualenv + pip: + executable: '{{ pgadmin_venv_bindir }}/pip3' + #virtualenv_command: 'virtualenv-3' + virtualenv_site_packages: no + name: '{{ item.pkg }}' + extra_args: "{{ item.extra_args | default('') }}" + version: "{{ item.version | default('') }}" + editable: no + with_items: '{{ pgadmin_pip_pkgs }}' + + - name: Install the pgadmin configuration file + template: src=config_local.py.j2 dest={{ pgadmin_workdir }}/config_local.py owner=root group=root + + - name: run the pgadmin setup if we just installed the pip modules + become: True + become_user: '{{ pgadmin_user }}' + shell: cd {{ pgadmin_workdir }} && {{ pgadmin_venv_bindir }}/python3 setup.py + args: + creates: '{{ pgadmin_home }}/db/pgadmin.db' + + - name: Install the pgAdmin systemd unit + template: src=pgadmin.service.systemd.j2 dest=/etc/systemd/system/pgadmin.service + register: systemd_reload + + - name: systemd reload + command: systemctl daemon-reload + when: systemd_reload is changed + + - name: Ensure that the pgAdmin service is enabled and running + service: name=pgadmin state=started enabled=yes + + when: pgadmin_via_pip + tags: [ 'pgadmin' ] + diff --git a/tasks/pgadmin_wheel.yml b/tasks/pgadmin_wheel.yml deleted file mode 100644 index cd35e22..0000000 --- a/tasks/pgadmin_wheel.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -- block: - - name: Create a user that will be the owner of the pgadmin files - user: name={{ pgadmin_user }} home={{ pgadmin_home }} createhome=no shell=/usr/sbin/nologin system=yes - - - name: Download the pgadmin python installer - get_url: url=https://ftp.postgresql.org/pub/pgadmin/pgadmin4/v4.1/pip/pgadmin4-4.1-py2.py3-none-any.whl dest={{ pgadmin_home }} - - - name: Install the pgadmin pip modules - shell: python3 -m wheel install {{ pgadmin_home }}/pgadmin4-4.1-py2.py3-none-any.whl - args: - creates: '/usr/local/lib/python3.6/dist-packages/pgadmin4' - register: pgadmin_install - - - name: Install the pgadmin configuration file - template: src=config_local.py.j2 dest=/usr/local/lib/python3.6/dist-packages/pgadmin4/config_local.py owner=root group=root - - - name: run the pgadmin setup if we just installed the pip modules - shell: cd /usr/local/lib/python3.6/dist-packages/pgadmin4 ; python3 setup.py - when: pgadmin_install is changed - - - name: Install the pgAdmin systemd unit - template: src=pgadmin.service.systemd.j2 dest=/etc/systemd/system/pgadmin.service - register: systemd_reload - - - name: systemd reload - command: systemctl daemon-reload - when: systemd_reload is changed - - - name: Ensure that the pgAdmin service is enabled and running - service: name=pgadmin state=started enabled=yes - - when: not pgadmin_as_package - tags: [ 'pgadmin' ] - diff --git a/templates/config_local.py.j2 b/templates/config_local.py.j2 index df816d4..cdb13fe 100644 --- a/templates/config_local.py.j2 +++ b/templates/config_local.py.j2 @@ -35,7 +35,7 @@ DEFAULT_SERVER = '127.0.0.1' # The default port on which the app server will listen if not set in the # environment by the runtime -DEFAULT_SERVER_PORT = 5050 +DEFAULT_SERVER_PORT = {{ pgadmin_server_port }} # Hashing algorithm used for password storage SECURITY_PASSWORD_HASH = 'pbkdf2_sha512' @@ -49,7 +49,7 @@ SECURITY_PASSWORD_HASH = 'pbkdf2_sha512' # has no effect on <= Python 2.7. MINIFY_PAGE = True -DATA_DIR = '/opt/pgadmin/data' +DATA_DIR = '{{ pgadmin_home }}/data' ########################################################################## # Log settings @@ -58,7 +58,7 @@ DATA_DIR = '/opt/pgadmin/data' # Debug mode? DEBUG = False -LOG_FILE = '/opt/pgadmin/logs/pgadmin4.log' +LOG_FILE = '/var/log/pgadmin/pgadmin4.log' ########################################################################## # User account and settings storage @@ -67,26 +67,26 @@ LOG_FILE = '/opt/pgadmin/logs/pgadmin4.log' # The default path to the SQLite database used to store user accounts and # settings. This default places the file in the same directory as this # config file, but generates an absolute path for use througout the app. -SQLITE_PATH = '/opt/pgadmin/db/pgadmin.db' +SQLITE_PATH = '{{ pgadmin_home }}/db/pgadmin.db' # Allow database connection passwords to be saved if the user chooses. # Set to False to disable password saving. ALLOW_SAVE_PASSWORD = True ########################################################################## -SESSION_DB_PATH = '/opt/pgadmin/sessions' +SESSION_DB_PATH = '{{ pgadmin_home }}/lib/sessions' SESSION_COOKIE_NAME = 'pga4_session' # Flask-Security overrides Flask-Mail's MAIL_DEFAULT_SENDER setting, so # that should be set as such: -SECURITY_EMAIL_SENDER = 'no-reply@d4science.org' +SECURITY_EMAIL_SENDER = '{{ pgadmin_email_sender }}' # Check for new versions of the application? UPGRADE_CHECK_ENABLED = False -STORAGE_DIR = '/opt/pgadmin/storage' +STORAGE_DIR = '{{ pgadmin_home }}/storage' ########################################################################## # Default locations for binary utilities (pg_dump, pg_restore etc) diff --git a/templates/pgadmin.service.systemd.j2 b/templates/pgadmin.service.systemd.j2 index 3f21158..8656f75 100644 --- a/templates/pgadmin.service.systemd.j2 +++ b/templates/pgadmin.service.systemd.j2 @@ -7,9 +7,9 @@ Type=simple Restart=on-failure User={{ pgadmin_user }} Group={{ pgadmin_user }} -WorkingDirectory=/usr/local/lib/python2.7/dist-packages/pgadmin4 +WorkingDirectory={{ pgadmin_workdir }} -ExecStart=/usr/bin/python2 pgAdmin4.py +ExecStart={{ pgadmin_venv_bindir }}/python3 pgAdmin4.py [Install] WantedBy=multi-user.target diff --git a/vars/main.yml b/vars/main.yml index 3808477..a56e071 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -1,2 +1,18 @@ --- -# vars file for ansible-role-template \ No newline at end of file +py3_env_install: '{{ pgadmin_via_pip }}' + +pgadmin_nginx_virthost: + - virthost_name: '{{ pgadmin_nginx_virtualhost_name }}' + listen: '{{ pgadmin_nginx_http_port }}' + server_name: '{{ pgadmin_nginx_servername }}' + ssl_enabled: True + ssl_only: True + ssl_letsencrypt_certs: '{{ nginx_letsencrypt_managed }}' + root: /usr/share/nginx/html/ + server_tokens: 'off' + proxy_standard_setup: True + locations: + - location: / + target: http://127.0.0.1:{{ pgadmin_server_port }} + other_opts: + - 'proxy_redirect http://127.0.0.1:{{ pgadmin_server_port }}/ https://$host/'