Acasă Explorează Ajutor
Înregistrare Autentificare
iapt-platform
/
mint
oglindă de https://github.com/iapt-platform/mint.git
2
0
Bifurcare 0
Fisiere Probleme 0 Wiki
Răsfoiți Sursa

Merge branch 'iapt-platform:laravel' into laravel

visuddhinanda 4 ani în urmă
părinte
63efaeb1b5 7e5aea803b
comite
090fb5641d
19 a modificat fișierele cu 185 adăugiri și 31 ștergeri
Vizualizare divizată Arată Statisticile Diff
  1. 1 0
      .gitignore
  2. 10 0
      deploy/mint.yml
  3. 1 1
      deploy/roles/certbot-nginx/tasks/main.yml
  4. 14 16
      deploy/roles/mint-clone/tasks/main.yml
  5. 2 2
      deploy/roles/mint-clone/templates/config-v1.js.j2
  6. 3 3
      deploy/roles/mint-clone/templates/config-v1.php.j2
  7. 6 3
      deploy/roles/mint-clone/templates/env-v2.j2
  8. 27 0
      deploy/roles/mint-main/tasks/main.yml
  9. 8 0
      deploy/roles/mint-main/templates/index.html.j2
  10. 14 0
      deploy/roles/mint-main/templates/nginx.conf.j2
  11. 1 1
      deploy/roles/mint-www/templates/nginx.conf.j2
  12. 8 0
      deploy/roles/mint-zone/tasks/main.yml
  13. 24 0
      deploy/roles/mint-zone/templates/nginx.conf.j2
  14. 0 1
      deploy/roles/os/tasks/main.yml
  15. 0 0
      deploy/roles/ubuntu/tasks/init.yml
  16. 27 4
      deploy/roles/ubuntu/tasks/main.yml
  17. 6 0
      deploy/roles/ubuntu/tasks/zsh.yml
  18. 13 0
      deploy/scripts/sim_sent.sh
  19. 20 0
      deploy/scripts/sqlite_fix.sh

+ 1 - 0
.gitignore
Vizualizați fișierul 

@@ -17,3 +17,4 @@ yarn-error.log
 
 /package-lock.json
 
 /yarn.lock
 
 /composer.lock
 
+*.swp

+ 10 - 0
deploy/mint.yml
Vizualizați fișierul 

@@ -19,3 +19,13 @@
 
 - hosts: db
 
   roles:
 
     - mint-db
 
+
 
+- hosts: zone
 
+  roles:
 
+    - mint-zone
 
+    - certbot-nginx
 
+
 
+- hosts: main
 
+  roles:
 
+    - mint-main
 
+    - certbot-nginx

+ 1 - 1
deploy/roles/certbot-nginx/tasks/main.yml
Vizualizați fișierul 

@@ -7,7 +7,7 @@
 
 - name: add Let's Encrypt support
 
   become: true
 
   ansible.builtin.shell:
 
-    cmd: certbot --nginx --non-interactive --agree-tos -m {{ app_master_email }} --domains {{ inventory_hostname }}
 
+    cmd: certbot --nginx --non-interactive --agree-tos -m {{ app_master_email }} --domains {{ inventory_hostname }} "{{ '--redirect' if app_nginx_force_https else '' }}"
 
 
 - name: restart nginx
 
   become: true

+ 14 - 16
deploy/roles/mint-clone/tasks/main.yml
Vizualizați fișierul 

@@ -26,15 +26,14 @@
 
   args:
 
     chdir: "{{ app_deploy_target }}"
 
 
-# - name: Install v2 nodejs dependencies
 
-#   ansible.builtin.shell: npm install
 
-#   args:
 
-#     chdir: "{{ app_deploy_target }}"
 
 - name: Install v2 nodejs dependencies
 
-  ansible.builtin.file:
 
-    src: "/var/www/{{ inventory_hostname }}/node_modules/v2"
 
-    dest: "{{ app_deploy_target }}/node_modules"
 
-    state: link
 
+  # ansible.builtin.file:
 
+  #   src: "/var/www/{{ inventory_hostname }}/node_modules/v2"
 
+  #   dest: "{{ app_deploy_target }}/node_modules"
 
+  #   state: link
 
+  ansible.builtin.shell: npm install
 
+  args:
 
+    chdir: "{{ app_deploy_target }}"
 
 
 # TODO will remove in future
 
 - name: Install v1 php dependencies
 
@@ -43,15 +42,14 @@
 
     chdir: "{{ app_deploy_target }}/public"
 
 
 # TODO will remove in future
 
-# - name: Install v1 nodejs dependencies
 
-#   ansible.builtin.shell: npm install
 
-#   args:
 
-#     chdir: "{{ app_deploy_target }}/public"
 
 - name: Install v1 nodejs dependencies
 
-  ansible.builtin.file:
 
-    src: "/var/www/{{ inventory_hostname }}/node_modules/v1"
 
-    dest: "{{ app_deploy_target }}/public/node_modules"
 
-    state: link
 
+  # ansible.builtin.file:
 
+  #   src: "/var/www/{{ inventory_hostname }}/node_modules/v1"
 
+  #   dest: "{{ app_deploy_target }}/public/node_modules"
 
+  #   state: link
 
+  ansible.builtin.shell: npm install
 
+  args:
 
+    chdir: "{{ app_deploy_target }}/public"
 
 
 # TODO will remove in future
 
 - name: Install v1 tmp

+ 2 - 2
deploy/roles/mint-clone/templates/config-v1.js.j2
Vizualizați fișierul 

@@ -1,4 +1,4 @@
 
-var RPC_SERVER="https://rpc.wikipali.org";
 
+var RPC_SERVER="https://{{ app_rpc_host }}";
 
 
 /*
 
   |---------------
 
@@ -11,4 +11,4 @@ var RPC_SERVER="https://rpc.wikipali.org";
 
   |------------------------
 
 */
 
 
-var ASSETS_SERVER = "https://assets-{{ app_cluster_id }}.wikipali.org"
 
+var ASSETS_SERVER = "https://assets-{{ app_cluster_domain }}"

+ 3 - 3
deploy/roles/mint-clone/templates/config-v1.php.j2
Vizualizați fișierul 

@@ -1,8 +1,8 @@
 
 <?php
 
 
 #域名设置
 
-define("RPC_SERVER","https://rpc.wikipali.org");
 
-define("ASSETS_SERVER","https://assets-{{ app_cluster_id }}.wikipali.org");
 
+define("RPC_SERVER","https://{{ app_rpc_host }}");
 
+define("ASSETS_SERVER","https://assets-{{ app_cluster_domain }}");
 
 /*
 
 电子邮件设置
 
 PHPMailer
 
@@ -38,7 +38,7 @@ define("Redis",[
 
 	"host" => "{{ app_redis_host }}",
 
 	"port" => 6379,
 
 	"password" => "",
 
-	"prefix"=>"mint://"
 
+	"namespace" => "{{ app_redis_namespace }}"
 
 ]);
 
 
 # 雪花id

+ 6 - 3
deploy/roles/mint-clone/templates/env-v2.j2
Vizualizați fișierul 

@@ -12,7 +12,7 @@ LOG_CHANNEL=stack
 
 LOG_DEPRECATIONS_CHANNEL=null
 
 LOG_LEVEL=info
 
 
-DB_CONNECTION=postgresql
 
+DB_CONNECTION=pgsql
 
 DB_HOST={{ app_postgresql_host }}
 
 DB_PORT={{ app_postgresql_port }}
 
 DB_DATABASE={{ app_postgresql_name }}
 
@@ -31,6 +31,7 @@ MEMCACHED_HOST=127.0.0.1
 
 REDIS_HOST={{ app_redis_host }}
 
 REDIS_PASSWORD=null
 
 REDIS_PORT=6379
 
+REDIS_NAMESPACE="{{ app_redis_namespace }}"
 
 
 MAIL_MAILER=smtp
 
 MAIL_HOST=smtp.gmail.com
 
@@ -55,5 +56,7 @@ PUSHER_APP_CLUSTER=mt1
 
 MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
 
 MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
 
 
-ASSETS_SERVER="https://assets-{{ app_cluster_id }}.wikipali.org"
 
-RPC_SERVER="https://rpc.wikipali.org"
 
+ASSETS_SERVER="https://assets-{{ app_cluster_domain }}"
 
+RPC_SERVER="https://{{ app_rpc_host }}"
 
+SNOWFLAKE_DATA_CENTER_ID=1
 
+SNOWFLAKE_WORKER_ID=1

+ 27 - 0
deploy/roles/mint-main/tasks/main.yml
Vizualizați fișierul 

@@ -0,0 +1,27 @@
 
+- name: Creates deploy directory
 
+  become: true
 
+  file:
 
+    path: "{{ app_deploy_target }}"
 
+    state: directory
 
+    owner: "{{ ansible_user }}"
 
+
 
+- name: upload index.html
 
+  ansible.builtin.template:
 
+    src: index.html.j2
 
+    dest: "{{ app_deploy_target }}/index.html"
 
+    mode: '0444'
 
+
 
+- name: Create a current link
 
+  ansible.builtin.file:
 
+    src: "{{ app_deploy_target }}"
 
+    dest: /var/www/{{ inventory_hostname }}/current
 
+    state: link
 
+
 
+- name: upload nginx.conf
 
+  become: true
 
+  ansible.builtin.template:
 
+    src: nginx.conf.j2
 
+    dest: "/etc/nginx/sites-enabled/{{ inventory_hostname }}.conf"
 
+    owner: www-data
 
+    group: www-data
 
+    mode: '0400'

+ 8 - 0
deploy/roles/mint-main/templates/index.html.j2
Vizualizați fișierul 

@@ -0,0 +1,8 @@
 
+<!DOCTYPE html>
 
+<html>
 
+  <head>
 
+    <meta http-equiv="refresh" content="0; url='https://www-{{ app_cluster_domain }}'" />
 
+  </head>
 
+  <body>
 
+  </body>
 
+</html>

+ 14 - 0
deploy/roles/mint-main/templates/nginx.conf.j2
Vizualizați fișierul 

@@ -0,0 +1,14 @@
 
+server {
 
+    listen 80;
 
+    listen [::]:80;
 
+
 
+    gzip on;
 
+    server_name {{ inventory_hostname }};
 
+    root {{ app_deploy_target }};
 
+    client_max_body_size 16M;
 
+    index index.html;
 
+    charset utf-8;
 
+
 
+    access_log off;
 
+    error_log /var/log/nginx/{{ inventory_hostname }}.error.log warn;
 
+}

+ 1 - 1
deploy/roles/mint-www/templates/nginx.conf.j2
Vizualizați fișierul 

@@ -8,7 +8,7 @@ server {
 
     add_header X-Content-Type-Options "nosniff";
 
 
     gzip on;
 
-    server_name {{ inventory_hostname }};
 
+    server_name {{ inventory_hostname }} {% for it in groups['zone'] %} {{ it }} {% endfor %};
 
     root {{ app_deploy_target }}/public;
 
     client_max_body_size 16M;
 
     index index.php;

+ 8 - 0
deploy/roles/mint-zone/tasks/main.yml
Vizualizați fișierul 

@@ -0,0 +1,8 @@
 
+- name: upload nginx.conf
 
+  become: true
 
+  ansible.builtin.template:
 
+    src: nginx.conf.j2
 
+    dest: "/etc/nginx/sites-enabled/{{ inventory_hostname }}.conf"
 
+    owner: www-data
 
+    group: www-data
 
+    mode: '0400'

+ 24 - 0
deploy/roles/mint-zone/templates/nginx.conf.j2
Vizualizați fișierul 

@@ -0,0 +1,24 @@
 
+upstream {{ app_cluster_domain }} {
 
+{% for it in groups['www'] %}
 
+    server {{ it }};
 
+{% endfor %}
 
+    fair;
 
+}
 
+
 
+server {
 
+    listen 80;
 
+    listen [::]:80;
 
+
 
+    gzip on;
 
+    server_name {{ inventory_hostname }};
 
+    client_max_body_size 16M;
 
+    charset utf-8;
 
+
 
+    access_log off;
 
+    error_log /var/log/nginx/{{ inventory_hostname }}.error.log warn;
 
+
 
+    location / {
 
+        proxy_set_header Host $host;
 
+        proxy_pass http://{{ app_cluster_domain }};
 
+    }
 
+}

+ 0 - 1
deploy/roles/os/tasks/main.yml
Vizualizați fișierul 

@@ -1,4 +1,3 @@
 
-- import_tasks: init.yml
 
 - import_tasks: sshd.yml
 
 - import_tasks: ulimits.yml

+ 0 - 0
deploy/roles/os/tasks/init.yml → deploy/roles/ubuntu/tasks/init.yml
Vizualizați fișierul


+ 27 - 4
deploy/roles/ubuntu/tasks/main.yml
Vizualizați fișierul 

@@ -19,6 +19,20 @@
 
 #     state: absent
 
 #     path: /etc/apt/sources.list.d
 
 
+- import_tasks: init.yml
 
+
 
+# https://github.com/nodesource/distributions#deb
 
+# - name: Download nodejs-ppa installer
 
+#   get_url:
 
+#     url: https://deb.nodesource.com/setup_lts.x
 
+#     dest: "{{ app_downloads }}/setup_node_lts.sh"
 
+#     mode: '0755'
 
+
 
+# - name: Install nodejs ppa
 
+#   become: true
 
+#   ansible.builtin.shell: "{{ app_downloads }}/setup_node_lts.sh"
 
+
 
+
 
 - name: add PPA for Ubuntu Toolchain
 
   become: true
 
   ansible.builtin.apt_repository:
 
@@ -78,26 +92,35 @@
 
       - zip
 
       - unzip
 
       - nginx
 
+      - libnginx-mod-http-upstream-fair
 
       - certbot
 
       - python3-certbot-nginx
 
       - openvpn
 
       - snmpd
 
+      - mutt
 
       - systemd-cron
 
-      - systemd-timesyncd
 
       - screen
 
       - tmux
 
       - hugo
 
+      - nodejs
 
       - python3
 
       - python3-pip
 
       - python3-distutils
 
       - python3-dev
 
-      - nodejs
 
-      - npm
 
-      - yarnpkg
 
       - libssl-dev
 
       - libpq-dev
 
       - libmysqlclient-dev
 
 
+- name: Install dependicy packages(>bionic)
 
+  become: true
 
+  apt:
 
+    pkg:
 
+      - systemd-timesyncd
 
+      - yarnpkg
 
+  # ansible_facts['distribution'] == "Ubuntu"
 
+  when: ansible_facts['distribution_major_version'] | int >= 20
 
+
 
+
 
 
 - import_tasks: locales.yml

+ 6 - 0
deploy/roles/ubuntu/tasks/zsh.yml
Vizualizați fișierul 

@@ -26,6 +26,12 @@
 
     path: "{{ansible_env.HOME}}/.zshrc"
 
     line: 'export PATH=$HOME/.local/bin:$PATH'
 
 
+
 
+- name: Setup EDITOR
 
+  ansible.builtin.lineinfile:
 
+    path: "{{ansible_env.HOME}}/.zshrc"
 
+    line: 'export EDITOR=vim'
 
+
 
 - name: Use zsh
 
   become: true
 
   shell: chsh -s /bin/zsh {{ansible_user}}

+ 13 - 0
deploy/scripts/sim_sent.sh
Vizualizați fișierul 

@@ -0,0 +1,13 @@
 
+#!/bin/sh
 
+
 
+set -e
 
+
 
+export SIM=$(pgrep -f "php sim_sent")
 
+
 
+echo "find pid $SIM"
 
+renice +19 $SIM
 
+ionice -c 2 -n 7 -p $SIM
 
+
 
+echo "done."
 
+
 
+exit 0

+ 20 - 0
deploy/scripts/sqlite_fix.sh
Vizualizați fișierul 

@@ -0,0 +1,20 @@
 
+#!/bin/sh
 
+
 
+set -e
 
+if [ $# -ne 1 ]
 
+then
 
+	echo "Usage: $0 DB"
 
+	exit 1
 
+fi
 
+
 
+if [ ! -f $1 ]
 
+then
 
+	echo "$1 not exists"
 
+	exit 1
 
+fi
 
+
 
+echo '.dump'|sqlite3 $1|sqlite3 $1_repaired
 
+mv -v $1 $1_corrupt
 
+mv -v $1_repaired $1
 
+
 
+exit 0