Merge pull request #60 from mataroa-blog/ansible

Setup ansible for deployment
mataroa-blog · Jul 14, 2024 · f769502 · f769502
2 parents a01b650 + caf2ec5
commit f769502
Show file tree

Hide file tree

Showing 40 changed files with 548 additions and 453 deletions.
diff --git a/.envrc.example b/.envrc.example
@@ -1,5 +1,24 @@
+# Exceptions and tracebacks on errors
+# 1: show
+# 0: don't show
 export DEBUG=1
+
+# Stop real emails and turn https off
+# 1: stop and off
+# 0: do not stop and on
+export LOCALDEV=1
+
+# Session cookies secret
 export SECRET_KEY=some-secret-key
-export DATABASE_URL=postgres://mataroa:db-password@db:5432/mataroa
-export EMAIL_HOST_USER=smtp-user
-export EMAIL_HOST_PASSWORD=smtp-password
+
+# Database connection
+export DATABASE_URL=postgres://mataroa:xxx@localhost:5432/mataroa
+
+# SMTP credentials
+export EMAIL_HOST_USER=
+export EMAIL_HOST_PASSWORD=
+
+# Stripe payments details
+export STRIPE_API_KEY=
+export STRIPE_PUBLIC_KEY=
+export STRIPE_PRICE_ID=
diff --git a/.github/workflows/django-build.yml b/.github/workflows/django-build.yml
@@ -25,10 +25,10 @@ jobs:
 
     steps:
     - uses: actions/checkout@v4
-    - name: Set up Python 3.10
+    - name: Set up Python
       uses: actions/setup-python@v4
       with:
-        python-version: '3.10'
+        python-version: '3.11'
     - name: Install Dependencies
       run: |
         python -m pip install --upgrade pip
@@ -43,6 +43,6 @@ jobs:
     - name: Lint
       run: |
         touch .envrc
-        pip install -r requirements_dev.txt
+        pip install -r requirements.dev.txt
         pip install -r requirements.txt
-        make lint
+        ruff check .
diff --git a/.gitignore b/.gitignore
@@ -13,11 +13,6 @@ postgres-data/
 .coverage
 htmlcov/
 
-# uwsgi
-uwsgi.ini
-uwsgi-log.txt
-mataroa.pid
-
 # docker
 docker-postgres-data/
 docker-compose.override.yml

diff --git a/Dockerfile b/Dockerfile
@@ -12,8 +12,8 @@ RUN apt-get update && \
     && rm -rf /var/lib/apt/lists/*
 
 COPY requirements.txt /code/
-COPY requirements_dev.txt /code/
-RUN pip install -U pip && pip install -Ur /code/requirements.txt && pip install -Ur /code/requirements_dev.txt
+COPY requirements.dev.txt /code/
+RUN pip install -U pip && pip install -Ur /code/requirements.txt && pip install -Ur /code/requirements.dev.txt
 
 WORKDIR /code
 COPY . /code/

diff --git a/Makefile b/Makefile
diff --git a/README.md b/README.md
@@ -95,7 +95,7 @@ volume, located in the root of the project.
 ```
 python3 -m venv .venv
 source .venv/bin/activate
-pip install -r requirements_dev.txt
+pip install -r requirements.dev.txt
 pip install -r requirements.txt
 ```
 
@@ -197,44 +197,48 @@ python manage.py test
 For coverage, run:
 
 ```sh
-make cov
+coverage run --source='.' --omit '.venv/*' manage.py test
+coverage report -m
 ```
 
 ## Code linting & formatting
 
-The following tools are used for code linting and formatting:
+We use [ruff](https://github.com/astral-sh/ruff) for Python code formatting and linting.
 
-* [black](https://github.com/psf/black) for code formatting
-* [isort](https://github.com/pycqa/isort) for imports order consistency
-* [flake8](https://gitlab.com/pycqa/flake8) for code linting
-* [shellcheck](https://github.com/koalaman/shellcheck) for shell scripts
+To format:
 
-To use:
+```sh
+ruff format
+```
+
+To lint:
 
 ```sh
-make format
-make lint
+ruff check
+ruff check --fix
+```
+
+## Python dependencies
+
+We use [pip-tools](https://github.com/jazzband/pip-tools) to manage our Python dependencies:
+
+```sh
+pip-compile -U requirements.in
+pip install --upgrade pip
+pip install -r requirements.txt
 ```
 
 ## Deployment
 
 See the [Deployment](./docs/deployment.md) document for an overview on steps
 required to deploy a mataroa instance.
 
-See the [Server Playbook](./docs/server-playbook.md) document for a detailed
-run through of setting up a mataroa instance on an Ubuntu 22.04 LTS system
-using [uWSGI](https://uwsgi.readthedocs.io/en/latest/) and
-[Caddy](https://caddyserver.com/).
-
-See the [Server Migration](./docs/server-migration.md) document for a guide on
-how to migrate servers.
-
 ### Useful Commands
 
-To reload the uWSGI process:
+To reload the gunicorn process:
 
 ```sh
-sudo systemctl reload mataroa.uwsgi
+sudo systemctl reload mataroa
 ```
 
 To reload Caddy:
@@ -243,10 +247,10 @@ To reload Caddy:
 systemctl restart caddy  # root only
 ```
 
-uWSGI logs:
+gunicorn logs:
 
 ```sh
-journalctl -fb -u mataroa.uwsgi
+journalctl -fb -u mataroa
 ```
 
 Caddy logs:
@@ -259,7 +263,7 @@ Get an overview with systemd status:
 
 ```sh
 systemctl status caddy
-systemctl status mataroa.uwsgi
+systemctl status mataroa
 ```
 
 ## Backup

diff --git a/ansible/.envrc.example b/ansible/.envrc.example
@@ -0,0 +1,39 @@
+# inventory.yaml
+
+# Server IP and user with ssh access
+export ANSIBLE_HOST=
+export ANSIBLE_USER=root
+
+
+# vars.yaml
+
+# Domain name and email for Caddy
+export DOMAIN=mataroa.blog
+export EMAIL=admin@mataroa.blog
+
+# Show exceptions and tracebacks on errors
+# 1: show
+# 0: don't show
+export DEBUG=1
+
+# Stop real emails and turn https off
+# 1: stop and off
+# 0: do not stop and on
+export LOCALDEV=1
+
+# Session cookies secret
+export SECRET_KEY=some-secret-key
+
+# Database connection
+export DATABASE_URL=postgres://mataroa:xxx@localhost:5432/mataroa
+export POSTGRES_USERNAME=mataroa
+export POSTGRES_PASSWORD=xxx
+
+# SMTP credentials
+export EMAIL_HOST_USER=
+export EMAIL_HOST_PASSWORD=
+
+# Stripe payments details
+export STRIPE_API_KEY=
+export STRIPE_PUBLIC_KEY=
+export STRIPE_PRICE_ID=
diff --git a/ansible/Caddyfile.j2 b/ansible/Caddyfile.j2
@@ -0,0 +1,14 @@
+{{ domain }} {
+    route {
+        file_server /static/* {
+            root /var/www/mataroa
+        }
+        reverse_proxy 127.0.0.1:5000
+    }
+
+    tls {{ email }} {
+        on_demand
+    }
+
+    encode zstd gzip
+}
diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
@@ -0,0 +1,3 @@
+[defaults]
+inventory = inventory.yaml
+pipelining = True
diff --git a/ansible/inventory.yaml b/ansible/inventory.yaml
@@ -0,0 +1,5 @@
+virtualmachines:
+  hosts:
+    main:
+      ansible_host: "{{ lookup('env', 'ANSIBLE_HOST') }}"
+      ansible_user: "{{ lookup('env', 'ANSIBLE_USER') }}"
diff --git a/ansible/mataroa.service.j2 b/ansible/mataroa.service.j2
@@ -0,0 +1,27 @@
+[Unit]
+Description=mataroa
+After=network.target
+
+[Service]
+Type=simple
+User=deploy
+Group=www-data
+WorkingDirectory=/var/www/mataroa
+ExecStart=/var/www/mataroa/.venv/bin/gunicorn -b 127.0.0.1:5000 -w 4 mataroa.wsgi
+ExecReload=/bin/kill -HUP $MAINPID
+Environment="DOMAIN={{ domain }}"
+Environment="EMAIL={{ email }}"
+Environment="DEBUG={{ debug }}"
+Environment="LOCALDEV={{ localdev }}"
+Environment="SECRET_KEY={{ secret_key }}"
+Environment="DATABASE_URL={{ database_url }}"
+Environment="EMAIL_HOST_USER={{ email_host_user }}"
+Environment="EMAIL_HOST_PASSWORD={{ email_host_password }}"
+Environment="STRIPE_API_KEY={{ stripe_api_key }}"
+Environment="STRIPE_PUBLIC_KEY={{ stripe_public_key }}"
+Environment="STRIPE_PRICE_ID={{ stripe_price_id }}"
+TimeoutSec=15
+Restart=always
+
+[Install]
+WantedBy=multi-user.target