debops-contrib.foodsoft default variables
Sections
System packages
- foodsoft__base_packages
List of base packages required by Foodsoft.
foodsoft__base_packages:
- '{{ ["ruby2.0", "ruby2.0-dev"] if (ansible_distribution == "Ubuntu" and ansible_distribution_release in ["trusty"]) else [] }}'
- 'libcurl3-dev'
- 'libxml2-dev'
- 'libxslt-dev'
- 'libffi-dev'
- 'libreadline-dev'
## charlock_holmes
- 'g++'
## https://stackoverflow.com/questions/15553792/error-installing-charlock-holmes-error-installing-gitlab/15556110#15556110
- 'libicu-dev'
## RMagick
- 'pkg-config'
- 'libmagickwand-dev'
- 'ruby-magic'
- 'libmagic-dev'
## sqlite3
- '{{ ["libsqlite3-dev"] if (foodsoft__database in ["sqlite"]) else [] }}'
## mysql2
- '{{ ["libmysqlclient-dev", "libmariadbd-dev"] if (foodsoft__database in ["mariadb"]) else [] }}'
## Install via gem
# - 'ruby-charlock-holmes'
# - 'ruby-rmagick'
- foodsoft__deploy_state
What is the desired state which this role should achieve? Possible options:
present
Default. Ensure that Foodsoft is installed and configured as requested.
absent
Ensure that Foodsoft is uninstalled and it's configuration is removed.
purged
Same as
absent
but additionally also ensures that the database and other persistent data is removed.
foodsoft__deploy_state: 'present'
FQDN and DNS addresses
- foodsoft__fqdn
The Fully Qualified Domain Name of the Foodsoft instance. This address is used to configure the webserver frontend.
foodsoft__fqdn: 'foodsoft.{{ foodsoft__domain }}'
- foodsoft__domain
Domain that will be configured for the Foodsoft instance.
foodsoft__domain: '{{ ansible_domain }}'
Database configuration
- foodsoft__database
Autodetected variable containing the database management system which should be used.
The supported and tested option is mariadb
.
Refer to Getting started for details.
foodsoft__database: '{{ ansible_local.foodsoft.database
if (ansible_local.foodsoft.database | d())
else ("mariadb"
if (ansible_local | d() and ansible_local.mariadb is defined)
else ("postgresql"
if (ansible_local | d() and ansible_local.postgresql is defined)
else "no-database-detected")) }}'
- foodsoft__database_server
FQDN of the database server. It will be configured by the debops.mariadb or debops.postgresql role.
foodsoft__database_server: '{{ ansible_local[foodsoft__database].server }}'
- foodsoft__database_port
Port database is listening on.
foodsoft__database_port: '{{ ansible_local[foodsoft__database].port }}'
- foodsoft__database_name
Name of the database to use for Foodsoft.
foodsoft__database_name: 'foodsoft'
- foodsoft__database_user
Database user to use for Foodsoft.
foodsoft__database_user: 'foodsoft'
- foodsoft__database_password_path
Path to database password file.
foodsoft__database_password_path: '{{ secret + "/" + foodsoft__database + "/"
+ ansible_local[foodsoft__database].delegate_to
+ (("/" + ansible_local[foodsoft__database].port)
if (foodsoft__database == "postgresql")
else "")
+ "/credentials/" + foodsoft__database_user + "/password" }}'
- foodsoft__database_password
Database password for Foodsoft.
foodsoft__database_password: '{{ lookup("password", foodsoft__database_password_path + " length=48 chars=ascii_letters,digits,.:-_") }}'
- foodsoft__database_name_map
Database name mapping from the names as used in DebOps to Ruby database adapter names.
foodsoft__database_name_map:
'mariadb': 'mysql2'
'sqlite': 'sqlite3'
# Legacy:
'mysql': 'mysql2'
- foodsoft__database_config
Database configuration for Foodsoft. Written to config/database.yml
.
foodsoft__database_config:
production:
adapter: '{{ foodsoft__database_name_map[foodsoft__database] }}'
# socket: '/tmp/mysql.sock'
host: '{{ foodsoft__database_server }}'
reconnect: False
pool: 5
username: '{{ foodsoft__database_user }}'
password: '{{ foodsoft__database_password }}'
database: '{{ foodsoft__database_name }}'
encoding: 'utf8'
Webserver configuration
- foodsoft__webserver
Autodetected variable containing the webserver which should be used. Currently only Nginx is supported.
foodsoft__webserver: '{{ ansible_local.foodsoft.webserver
if (ansible_local.foodsoft.webserver | d())
else ("nginx"
if (ansible_local.nginx.enabled | d() | bool)
else ("apache"
if (ansible_local.apache.enabled | d() | bool)
else "no-webserver-detected")) }}'
- foodsoft__webserver_user
Name of the webserver user account which will be granted read only access to the Foodsoft application directory.
foodsoft__webserver_user: '{{ ansible_local.nginx.user | d("www-data") }}'
Directory paths
- foodsoft__home_path
The Foodsoft system account home directory.
foodsoft__home_path: '{{ ansible_local.nginx.www | d("/srv/www") + "/" + foodsoft__user }}'
- foodsoft__www_path
Base web root directory for Foodsoft.
foodsoft__www_path: '{{ foodsoft__git_dest + "/public" }}'
System user and group
- foodsoft__user
System UNIX account used by the Foodsoft.
foodsoft__user: 'foodsoft'
- foodsoft__group
System UNIX group used by the Foodsoft.
foodsoft__group: 'foodsoft'
- foodsoft__gecos
Contents of the GECOS field set for the Foodsoft account.
foodsoft__gecos: 'Foodsoft'
- foodsoft__shell
The default shell set on the foodsoft account.
foodsoft__shell: '/usr/sbin/nologin'
Foodsoft sources and deployment
- foodsoft__git_repo
The URI of the Foodsoft git source repository. There is also https://github.com/foodcoop-adam/foodsoft.git which you can choose alternatively.
foodsoft__git_repo: 'https://github.com/foodcoops/foodsoft.git'
- foodsoft__git_version
The git branch or tag which will be installed. Defaults to the commit hash of latest release (4.5.1). This is done because Foodsoft development is not cryptographically signed and this role wants to comply with the DebOps Software Source Policy.
foodsoft__git_version: 'a7b6b0c803ca4a79ddab7cea92545b8cc188f952'
- foodsoft__git_dest
Path where the Foodsoft sources will be checked out (installation path).
foodsoft__git_dest: '{{ foodsoft__home_path + "/foodcoops-foodsoft" }}'
- foodsoft__git_update
Should new revisions be retrieved from the origin repository?
foodsoft__git_update: True
- foodsoft__bundler_exclude_groups
Don’t install the Gems in the listed groups.
foodsoft__bundler_exclude_groups:
- 'test'
## Contains SQLite gem.
- 'development'
Foodsoft configuration
- foodsoft__name
Name of this Foodsoft instance.
foodsoft__name: 'Foodcoop'
- foodsoft__contact
Foodcoop contact information (used for FAX messages).
foodsoft__contact:
street: 'Grüne Straße 23'
zip_code: '12323'
city: 'Berlin'
country: 'Deutschland'
email: '{{ foodsoft__email_sender }}'
phone: '030 323 232323'
- foodsoft__default_scope
If foodsoft__multi_coop_install
is true you have to use a coop name, which
you you wanna be selected by default.
foodsoft__default_scope: 'f'
- foodsoft__homepage
Homepage URL.
foodsoft__homepage: 'https://{{ foodsoft__fqdn }}/{{ foodsoft__default_scope }}'
Page footer (html allowed). Default is a Foodsoft footer. Set to the word "blank" for no footer. If unchanged, the default footer of Foodsoft will be used.
foodsoft__page_footer: '<a href="{{ foodsoft__homepage }}/">{{ foodsoft__name }}</a>, setup by <a href="https://debops.org/">DebOps</a>.'
- foodsoft__email_sender
Email address to be used as sender.
foodsoft__email_sender: 'foodsoft@{{ foodsoft__domain }}'
- foodsoft__error_recipients
Email address to be used as sender.
foodsoft__error_recipients:
- 'admin@{{ foodsoft__domain }}'
- foodsoft__multi_coop_install
If you wanna serve more than one Foodcoop with one installation. Don't forget to setup databases for each Foodcoop. See also MULTI_COOP_INSTALL.
foodsoft__multi_coop_install: False
- foodsoft__upstream_config
Configuration as defined by upstream Foodcoop in
config/app_config.yml.SAMPLE
.
foodsoft__upstream_config: '{{ lookup("file", "vars/sample_app_config.yml") | from_yaml }}'
- foodsoft__role_config
This dict is managed by the role itself, controlled by other default variables.
foodsoft__role_config:
multi_coop_install: '{{ foodsoft__multi_coop_install | bool }}'
default_scope: '{{ foodsoft__default_scope }}'
name: '{{ foodsoft__name }}'
contact: '{{ foodsoft__contact }}'
homepage: '{{ foodsoft__homepage }}'
# Default timezone, e. g. UTC, Amsterdam, Berlin, etc.
# FIXME: Foodsoft/Ruby seem to expect a different format than what debops.core returns.
# Potentially splitting at "/" and returning the second half of the string
# would do the job but that would need testing.
# Change manually if needed.
# time_zone: '{{ ansible_local.tzdata.timezone | d("Etc/UTC") }}'
# Page footer (html allowed). Default is a Foodsoft footer. Set to `blank` for no footer.
page_footer: '{{ foodsoft__page_footer }}'
email_sender: '{{ foodsoft__email_sender }}'
# Config for the exception_notification plugin.
notification:
error_recipients: '{{ foodsoft__error_recipients }}'
sender_address: '"Foodsoft Error" <{{ foodsoft__email_sender }}>'
email_prefix: "[Foodsoft]"
- foodsoft__config
This dict is intended to be used in Ansible’s global inventory as needed.
foodsoft__config: {}
- foodsoft__group_config
This dict is intended to be used in a host inventory group of Ansible (only one host group is supported) as needed.
foodsoft__group_config: {}
- foodsoft__host_config
This dict is intended to be used in the inventory of hosts as needed.
foodsoft__host_config: {}
- foodsoft__combined_config
The configuration written to config/app_config.yml
.
foodsoft__combined_config: '{{ foodsoft__upstream_config.default
| combine(foodsoft__role_config)
| combine(foodsoft__config)
| combine(foodsoft__group_config)
| combine(foodsoft__host_config) }}'
Configuration for other Ansible roles
- foodsoft__mariadb__dependent_databases
Configuration of the foodsoft database managed by the debops.mariadb role.
foodsoft__mariadb__dependent_databases:
- database: '{{ foodsoft__database_name }}'
state: '{{ "present" if (foodsoft__deploy_state != "purged") else "absent" }}'
- foodsoft__mariadb__dependent_users
Configuration of the foodsoft database user managed by the debops.mariadb role.
foodsoft__mariadb__dependent_users:
- database: '{{ foodsoft__database_name }}'
state: '{{ "present" if (foodsoft__deploy_state == "present") else "absent" }}'
user: '{{ foodsoft__database_user }}'
password: '{{ foodsoft__database_password }}'
- foodsoft__nginx__dependent_servers
Configuration of the foodsoft nginx server, used by the debops.nginx Ansible role.
foodsoft__nginx__dependent_servers:
- name: '{{ foodsoft__fqdn }}'
filename: 'debops.foodsoft'
by_role: 'debops-contrib.foodsoft'
enabled: True
type: 'rails'
root: '{{ foodsoft__www_path }}'
webroot_create: False
# Foodsoft manages this by itself by default.
# TODO: Should probably be disabled in Foodsoft so that DebOps can manage it.
hsts_enabled: False
frame_options: False
content_type_options: False
xss_protection: '{{ omit }}'
# Phusion Passenger options
passenger_user: '{{ foodsoft__user }}'
passenger_group: '{{ foodsoft__group }}'