diff --git a/README.md b/README.md index 5a5b4ff8..5a4569a8 100644 --- a/README.md +++ b/README.md @@ -53,27 +53,26 @@ If you're looking for a development environment, using our Vagrant deployment is If you want to provision an all-in-one remote Ubuntu environment, like a production server: -1. SSH into your remote server and add an `ubuntu` [user with sudo privileges](https://www.digitalocean.com/community/tutorials/how-to-create-a-sudo-user-on-ubuntu-quickstart) -1. Clone the repository onto your local machine -1. Create an inventory for your new environment ('production' in this example): `cp -r inventory/vagrant inventory/production` -1. Edit `inventory/produciont/hosts` to point to your new environment by changing 'default' line to: +1. SSH into your remote server and add an [user with password-less sudo privileges](https://www.digitalocean.com/community/tutorials/how-to-create-a-sudo-user-on-ubuntu-quickstart), and make sure you can log in as that user. Its easiest if you use SSH keys for login, so that you an log in to the server without a password. Another option if you are no comfortable with password-less sudo is to set the `ansible_become_pass` variable in your inventory as outlined [here](http://docs.ansible.com/ansible/latest/become.html). +1. Clone the repository onto your local machine. +1. Create an inventory for your new environment ('production' in this example): `cp -r inventory/vagrant inventory/production`. +1. Edit `inventory/production/hosts` to point to your new environment by changing 'default' line to: ``` -default ansible_ssh_host=my_ip_or_domain_name ansible_ssh_user=root ansible_ssh_pass=my_super_secret_password +default ansible_ssh_host=my_ip_or_domain_name ``` -1. Change all the passwords from "islandora" to something else. You can get a full list of them by grepping your new inventory: -```bash -$ grep -rn pass inventory/production -inventory/production/group_vars/webserver/drupal.yml:21:drupal_db_password: islandora -inventory/production/group_vars/webserver/drupal.yml:29:drupal_account_pass: islandora -inventory/production/group_vars/database.yml:2:mysql_root_password: islandora -inventory/production/group_vars/database.yml:6: password: islandora -inventory/production/group_vars/tomcat.yml:5: password: islandora -inventory/production/group_vars/tomcat.yml:46:cantaloupe_admin_password: islandora +Optionally if you need to specify a username, password or port to connect to the server you can specify those in the inventory file as well: +``` +default ansible_ssh_host=my_ip_or_domain_name ansible_ssh_user=my_user ansible_ssh_pass=my_super_secret_password ansible_ssh_port=my_port ``` -1. Change the `drupal_trusted_host` configuration in `inventory/production/group_vars/webserver/drupal.yml` to reflect your IP or domain name -1. Change the Apache's port to 80 in `inventory/production/group_vars/webserver/apache.yml` +More information about inventories can be found in the [ansible documentation](http://docs.ansible.com/ansible/latest/intro_inventory.html). +1. Update the inventory variables as you see fit to customize your Islandora installation. + 1. You should modify `group_vars\all\passwords.yml` to use more secure passwords. These passwords can be encrypted using [Ansible Vault](https://docs.ansible.com/ansible/latest/vault.html) if you wish to keep your inventory secure. + 1. Change the `drupal_trusted_host` configuration in `inventory/production/group_vars/webserver/drupal.yml` to reflect your IP or domain name + 1. Change the Apache's port to 80 in `inventory/production/group_vars/webserver/apache.yml` + 1. Any other variable changes you wish. 1. Install the roles using `ansible-galaxy`: `$ ansible-galaxy install -r requirements.yml` -1. Provision the server with `$ ansible-playbook -i inventory/production -e "islandora_distro=ubuntu/xenial64"` +1. Provision the server with `$ ansible-playbook -i inventory/production` + - If the host you are provisioning is a Ubuntu 16.04 machine, you may wish to have the playbook install Python for you. This is a requirement to run the playbook. You can do this by passing an additional variable on the command line like this. `$ ansible-playbook -i inventory/production -e "islandora_distro=ubuntu/xenial64"` ## Connect diff --git a/bootstrap.yml b/bootstrap.yml index 3a045539..73c23d13 100644 --- a/bootstrap.yml +++ b/bootstrap.yml @@ -14,7 +14,7 @@ changed_when: - output.stdout != "" - output.stdout != "\r\n" - when: islandora_distro == "ubuntu/xenial64" + when: islandora_distro|default('') == "ubuntu/xenial64" # Manually gather facts once python is installed - name: gather facts diff --git a/inventory/vagrant/group_vars/all.yml b/inventory/vagrant/group_vars/all/main.yml similarity index 100% rename from inventory/vagrant/group_vars/all.yml rename to inventory/vagrant/group_vars/all/main.yml diff --git a/inventory/vagrant/group_vars/all/passwords.yml b/inventory/vagrant/group_vars/all/passwords.yml new file mode 100644 index 00000000..3752d364 --- /dev/null +++ b/inventory/vagrant/group_vars/all/passwords.yml @@ -0,0 +1,17 @@ +--- + +# Drupal +drupal_db_password: islandora +drupal_account_pass: islandora + +# MySQL/Postgres +islandora_db_root_password: islandora + +# Tomcat +islandora_tomcat_password: islandora + +# Syn +islandora_syn_token: islandora + +# Cantaloupe +cantaloupe_admin_password: islandora diff --git a/inventory/vagrant/group_vars/database.yml b/inventory/vagrant/group_vars/database.yml index abc973f5..437791b3 100644 --- a/inventory/vagrant/group_vars/database.yml +++ b/inventory/vagrant/group_vars/database.yml @@ -1,9 +1,9 @@ mysql_root_username: root -mysql_root_password: islandora +mysql_root_password: "{{ islandora_db_root_password }}" postgresql_users: - name: root - password: islandora + password: "{{ islandora_db_root_password }}" db: "{{ drupal_db_name }}" postgresql_databases: diff --git a/inventory/vagrant/group_vars/tomcat.yml b/inventory/vagrant/group_vars/tomcat.yml index 2937a45a..86c41058 100644 --- a/inventory/vagrant/group_vars/tomcat.yml +++ b/inventory/vagrant/group_vars/tomcat.yml @@ -2,7 +2,7 @@ tomcat8_users: - username: islandora - password: islandora + password: "{{ islandora_tomcat_password }}" roles: - manager-gui @@ -36,14 +36,13 @@ fcrepo_syn_tokens: - user: admin roles: - admin - token: islandora + token: "{{ islandora_syn_token }}" cantaloupe_deploy_war: yes cantaloupe_deploy_war_path: "{{ tomcat8_home }}/webapps" cantaloupe_user: tomcat8 cantaloupe_group: tomcat8 cantaloupe_admin_enabled: "true" -cantaloupe_admin_password: islandora cantaloupe_OpenJpegProcessor_path_to_binaries: /usr/local/bin cantaloupe_log_application_ConsoleAppender_enabled: "false" cantaloupe_log_application_FileAppender_enabled: "true" diff --git a/inventory/vagrant/group_vars/webserver/drupal.yml b/inventory/vagrant/group_vars/webserver/drupal.yml index 955607bc..74fe4ec0 100644 --- a/inventory/vagrant/group_vars/webserver/drupal.yml +++ b/inventory/vagrant/group_vars/webserver/drupal.yml @@ -2,7 +2,7 @@ drupal_build_composer_project: true drupal_composer_install_dir: /var/www/html/drupal -drupal_core_owner: "{{ ansible_user }}" +drupal_core_owner: "{{ ansible_user_id }}" drupal_composer_dependencies: - "drupal/console:~1.0" - "drupal/devel:^1.0@beta" @@ -18,7 +18,6 @@ drupal_composer_project_package: "drupal-composer/drupal-project:8.x-dev" drupal_composer_project_options: "--prefer-dist --stability dev --no-interaction" drupal_core_path: "{{ drupal_composer_install_dir }}/web" drupal_db_user: root -drupal_db_password: islandora drupal_db_name: drupal8 drupal_db_backend: "{{ claw_db }}" drupal_db_host: "127.0.0.1" @@ -26,7 +25,6 @@ drupal_domain: "claw.dev" drupal_site_name: "Islandora-CLAW" drupal_install_profile: standard drupal_account_name: admin -drupal_account_pass: islandora drupal_enable_modules: - rdf - responsive_image