hello folks I am unable to set env variables, so that app_user is able to
run app as a linux service. can someone help ?
---
# tasks file for dvmt {{ app_name }}
- name: include per-app variables
include_vars:
file: ../../../vars/{{ ENV }}-{{platform_type}}.yml
- name: create app user {{ app_user }}
user:
name: "{{ app_user }}"
state: present
- name: install packages
yum:
name: "{{ item }}"
state: present
with_items:
- "python36u"
- "python36u-pip"
- "{{ packages }}"
- include_tasks: replace-freetds.yml
when: use_isrg_freetds or use_isrg_freetds_force
- name: create directories
file:
path: "{{ item }}"
state: directory
owner: "{{ app_user }}"
group: "{{ app_user }}"
mode: 0755
with_items:
- "{{ directories }}"
- name: copy extra packages
unarchive:
src: "{{ item.name }}"
dest: "{{ item.dest }}"
with_items:
- "{{ extra_packages }}"
when: extra_packages|length > 0
- name: remove existing virtual environment
file:
path: /opt/intuitive/{{ app_name }}/{{ app_version }}
state: absent
when: remove_first is defined and remove_first
notify: restart {{ servicename }}
- debug:
msg: "**************** pip_server {{ pip_server }} ****************
pip_serverport {{ pip_serverport }} "
- name: install pip packages
pip:
name: "{{item.name}}"
version: "{{item.version}}"
extra_args: "--index-url=http://{{ pip_server }}:{{ pip_serverport }}
--trusted-host {{ pip_server }}"
virtualenv: /opt/intuitive/{{ app_name }}/{{ app_version }}
virtualenv_command: "{{ virtualenv_cmd }}"
with_items:
- "{{ pip_packages }}"
- name: set current symlink to this version
file:
src: /opt/intuitive/{{ app_name }}/{{ app_version }}
dest: /opt/intuitive/{{ app_name }}/current
state: link
notify: restart {{ servicename }}
- name: configure the config file
template:
src: templates/{{ app_config_template }}
dest: /etc/intuitive/{{ app_name }}/{{ app_config_name }}
owner: "{{ app_user }}"
mode: 0600
notify: restart {{ servicename }}
- name: setup certificate file
copy:
content: "{{trusted_certs}}"
dest: "{{cert_file}}"
when: trusted_certs is defined and cert_file is defined
notify: restart {{ servicename }}
- name: copy service file
template:
src: templates/{{ service_config_template }}
dest: /etc/systemd/system/{{ servicename }}
notify: restart {{ servicename }}
- name: enforce directory permissions
file:
dest: "{{ item }}"
owner: "{{ app_user }}"
group: "{{ app_user }}"
recurse: yes
with_items:
- "{{ directories }}"
- name: "enforce write permissions on /var/tmp/intuitive/dvmt-file-manager
to file-sender"
command: "setfacl -R -m g:app-user:rwx
/var/tmp/intuitive/dvmt-file-manager/ & setfacl -R -d -m g:app-user:rwX
/var/tmp/intuitive/dvmt-file-manager/"
when: (app_user == "app-user")
- name: setup environment variable
environment:
db_url:
"mssql+pymssql://{{app_db_user}}:{{app_db_password}}@{{app_db_server}}:{{app_db_port}}/{{app_db_name}}"
pki_client_cacert_password: "{{pki_client_cacert_password}}"
- name: daemon-reload {{ servicename }}
systemd:
name: "{{ servicename }}"
daemon-reload: yes
- name: enable service
service:
name: "{{ servicename }}"
enabled: yes
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/15f25da7-58a2-4351-b75b-451dc370d32fn%40googlegroups.com.
