Vagrant & Ansible with Python

README.md

@@ -1 +1,47 @@
-# BrexLex
+# BrexLex
+
+---
+
+## Contains
+
+* MySQL
+* Apache
+* Python
+
+## Dependencies
+
+* Vagrant
+
+---
+
+## Usage
+
+1. Clone repo `git clone [email protected]:HackBrexit/BrexLex.git`
+2. Vagrant up (use `--debug` for more verbose output from **vagrant**)
+3. Access **web** on `http://192.168.50.99/` (dont forget to add a host entry)
+4. Access **mysql** on `192.168.50.99:3306`
+
+Files **mounted** on `/vagrant` & **apache** serves `/vagrant`
+
+### Vagrant commands
+
+* create or turn on VM `vagrant up`
+* ssh on to VM `vagrant ssh`
+* turn off VM `vagrant halt`
+* status of VM `vagrant status`
+* destroy VM `vagrant destroy`
+
+---
+
+## Customisation
+
+
+### System wide **apt** packages
+
+Edit `ansible/vars/all.yml` and add to collect on line 4, looks like `packages: [vim, htop, iotop]`
+
+*Or variables, mysql passwords etc*
+
+### What **ansible** installs (eg. apache)
+
+Edit `ansible/playbook.yml` *comment/uncomment* **roles** collection.

Vagrantfile

@@ -1,34 +1,59 @@
-# -*- mode: ruby -*-
-# vi: set ft=ruby :
-
-Vagrant::Config.run do |config|
-	# Base box to build off, and download URL for when it doesn't exist on the user's system already
-	config.vm.box = "ubuntu/trusty32"
-	config.vm.box_url = "https://cloud-images.ubuntu.com/vagrant/trusty/current/trusty-server-cloudimg-i386-vagrant-disk1.box"
-
-	# As an alternative to precise32, VMs can be built from the 'django-base' box as defined at
-	# https://github.com/torchbox/vagrant-django-base , which has more of the necessary server config
-	# baked in and thus takes less time to initialise. To go down this route, you will need to build
-	# and host django-base.box yourself, and substitute your own URL below.
-	#config.vm.box = "django-base-v2.2"
-	#config.vm.box_url = "http://vmimages.torchbox.com/django-base-v2.2.box"  # Torchbox-internal URL to django-base.box
-
-	# Boot with a GUI so you can see the screen. (Default is headless)
-	# config.vm.boot_mode = :gui
-
-	# Assign this VM to a host only network IP, allowing you to access it
-	# via the IP.
-	# config.vm.network "33.33.33.10"
-
-	# Forward a port from the guest to the host, which allows for outside
-	# computers to access the VM, whereas host only networking does not.
-	config.vm.forward_port 8000, 8000
-
-	# Share an additional folder to the guest VM. The first argument is
-	# an identifier, the second is the path on the guest to mount the
-	# folder, and the third is the path on the host to the actual folder.
-	config.vm.share_folder "project", "/home/vagrant/brexlex", "."
-
-	# Enable provisioning with a shell script.
-	config.vm.provision :shell, :path => "etc/install/install.sh", :args => "brexlex"
+##################################################
+# Generated by phansible.com
+##################################################
+
+#If your Vagrant version is lower than 1.5, you can still use this provisioning
+#by commenting or removing the line below and providing the config.vm.box_url parameter,
+#if it's not already defined in this Vagrantfile. Keep in mind that you won't be able
+#to use the Vagrant Cloud and other newer Vagrant features.
+Vagrant.require_version ">= 1.5"
+
+# Check to determine whether we're on a windows or linux/os-x host,
+# later on we use this to launch ansible in the supported way
+# source: https://stackoverflow.com/questions/2108727/which-in-ruby-checking-if-program-exists-in-path-from-ruby
+def which(cmd)
+    exts = ENV['PATHEXT'] ? ENV['PATHEXT'].split(';') : ['']
+    ENV['PATH'].split(File::PATH_SEPARATOR).each do |path|
+        exts.each { |ext|
+            exe = File.join(path, "#{cmd}#{ext}")
+            return exe if File.executable? exe
+        }
+    end
+    return nil
 end
+Vagrant.configure("2") do |config|
+
+    config.vm.provider :virtualbox do |v|
+        v.name = "brexlex"
+        v.customize [
+            "modifyvm", :id,
+            "--name", "brexlex",
+            "--memory", 1024,
+            "--natdnshostresolver1", "on",
+            "--cpus", 2,
+        ]
+    end
+
+    config.vm.box = "ubuntu/trusty64"
+
+    config.vm.network :private_network, ip: "192.168.50.99"
+    config.ssh.forward_agent = true
+
+    #############################################################
+    # Ansible provisioning (you need to have ansible installed)
+    #############################################################
+
+    if which('ansible-playbook')
+        config.vm.provision "ansible" do |ansible|
+            ansible.playbook = "ansible/playbook.yml"
+            ansible.inventory_path = "ansible/inventories/dev"
+            ansible.limit = 'all'
+        end
+    else
+        config.vm.provision :shell, path: "ansible/windows.sh", args: ["default"]
+    end
+
+
+    config.vm.synced_folder "./", "/vagrant", type: "nfs"
+end
+

ansible/inventories/dev

@@ -0,0 +1,2 @@
+[phansible-web]
+192.168.50.99

ansible/playbook.yml

@@ -0,0 +1,12 @@
+---
+- hosts: all
+  sudo: true
+  vars_files:
+    - vars/all.yml
+  roles:
+    - server
+    - vagrant_local
+    - apache
+    - mysql
+    - app
+    - python

ansible/roles/apache/handlers/main.yml

@@ -0,0 +1,3 @@
+---
+- name: restart apache
+  service: name=apache2 enabled=yes state=restarted

ansible/roles/apache/tasks/main.yml

@@ -0,0 +1,29 @@
+---
+- name: Install Apache
+  sudo: yes
+  apt: pkg=apache2 state=latest
+
+- name: Install Apache Modules
+  apache2_module: state=present name={{ item }}
+  notify: restart apache
+  with_items:
+    - rewrite
+    - vhost_alias
+    - headers
+    - expires
+    - filter
+
+- shell: apache2 -v
+  register: apache_version
+
+- name: Change default apache2.4 site
+  sudo: yes
+  template: src=vhost24.conf.tpl dest=/etc/apache2/sites-available/000-default.conf
+  notify: restart apache
+  when: apache_version.stdout.find('Apache/2.4.') != -1
+
+- name: Change default apache2.2 site
+  sudo: yes
+  template: src=vhost22.conf.tpl dest=/etc/apache2/sites-available/default
+  notify: restart apache
+  when: apache_version.stdout.find('Apache/2.2.') != -1

ansible/roles/apache/templates/vhost22.conf.tpl

@@ -0,0 +1,14 @@
+# Default Apache virtualhost template
+
+<VirtualHost *:80>
+    ServerAdmin webmaster@localhost
+    DocumentRoot {{ apache.docroot }}
+    ServerName {{ apache.servername }}
+
+    <Directory {{ apache.docroot }}>
+        AllowOverride All
+        Options -Indexes FollowSymLinks
+        Order allow,deny
+        Allow from all
+    </Directory>
+</VirtualHost>

ansible/roles/apache/templates/vhost24.conf.tpl

@@ -0,0 +1,13 @@
+# Default Apache virtualhost template
+
+<VirtualHost *:80>
+    ServerAdmin webmaster@localhost
+    DocumentRoot {{ apache.docroot }}
+    ServerName {{ apache.servername }}
+
+    <Directory {{ apache.docroot }}>
+        AllowOverride All
+        Options -Indexes +FollowSymLinks
+        Require all granted
+    </Directory>
+</VirtualHost>

ansible/roles/app/tasks/main.yml

@@ -0,0 +1,5 @@
+---
+# application tasks to be customized and to run after the main provision
+- name: update file db
+  sudo: yes
+  shell: updatedb

ansible/roles/mysql/handlers/main.yml

@@ -0,0 +1,3 @@
+---
+- name: restart mysql
+  service: name=mysql enabled=yes state=restarted

ansible/roles/mysql/tasks/main.yml

@@ -0,0 +1,43 @@
+---
+# Retrieve the current hostname, because {{ ansible_hostname }} still contains the old name
+- shell: hostname
+  register: current_hostname
+
+- name: mysql | Install MySQL Packages
+  sudo: yes
+  apt: pkg={{ item }} state=latest
+  with_items:
+    - mysql-server
+    - mysql-client
+    - python-mysqldb
+
+- name: mysql | Update root password for all root accounts
+  mysql_user: name=root host={{ item }} check_implicit_admin=yes password={{ mysql.root_password }} login_user=root login_password={{ mysql.root_password }}
+  with_items:
+    - "{{ current_hostname.stdout | lower }}"
+    - 127.0.0.1
+    - ::1
+    - localhost
+    - 192.168.33.1
+
+- name: mysql | Create databases
+  mysql_db: name={{ mysql.database }} state=present login_user=root login_password={{ mysql.root_password }}
+
+- name: mysql | Import dump
+  mysql_db: name={{ mysql.database }} state=import login_user=root login_password={{ mysql.root_password }} target=/vagrant/{{ mysql.dump }}
+  when: mysql.dump
+
+- name: mysql | Ensure anonymous users are not in the database
+  mysql_user: name='' host={{ item }} state=absent login_user=root login_password={{ mysql.root_password }}
+  with_items:
+    - localhost
+    - "{{ current_hostname.stdout | lower }}"
+
+- name: mysql | Create users
+  mysql_user: name={{ mysql.user }} password={{ mysql.password }} priv=*.*:ALL state=present login_user=root login_password={{ mysql.root_password }}
+
+- name: do not bind to localhost
+  lineinfile: dest=/etc/mysql/my.cnf
+              regexp='bind-address'
+              line='bind-address = 0.0.0.0'
+  notify: restart mysql

ansible/roles/python/tasks/main.yml

@@ -0,0 +1,6 @@
+- name: python | Install Python Packages
+  sudo: yes
+  apt: pkg={{ item }} state=latest
+  with_items:
+    - python-dev
+    - python-pip

ansible/roles/server/tasks/main.yml

@@ -0,0 +1,31 @@
+---
+- name: Update apt
+  sudo: yes
+  apt: update_cache=yes
+
+- name: Install System Packages
+  sudo: yes
+  apt: pkg={{ item }} state=latest
+  with_items:
+    - curl
+    - wget
+    - python-software-properties
+
+- name: Install Extra Packages
+  sudo: yes
+  apt: pkg={{ item }} state=latest
+  with_items: server.packages
+  when: server.packages is defined
+
+- name: Configure the timezone
+  sudo: yes
+  template: src=timezone.tpl dest=/etc/timezone
+
+- name: More Configure the timezone
+  sudo: yes
+  file: src=/usr/share/zoneinfo/{{server.timezone}} dest=/etc/localtime state=link force=yes backup=yes
+
+- name: Set default system language pack
+  shell: locale-gen {{server.locale}}
+  sudo: yes
+

ansible/roles/server/templates/timezone.tpl

@@ -0,0 +1 @@
+{{server.timezone}}

ansible/roles/vagrant_local/tasks/main.yml

@@ -0,0 +1,11 @@
+---
+- name: Set the hostname in /etc/hostname
+  shell: echo {{ vagrant_local.vm.hostname }} > /etc/hostname
+  when: vagrant_local.vm.hostname is defined
+
+- name: Set the hostname
+  shell: hostname {{ vagrant_local.vm.hostname }}
+  when: vagrant_local.vm.hostname is defined
+
+- name: Update /etc/hosts
+  lineinfile: dest=/etc/hosts regexp='^127\.0\.0\.1' line='127.0.0.1 localhost {{ vagrant_local.vm.hostname }}' owner=root group=root mode=0644

ansible/vars/all.yml

@@ -0,0 +1,20 @@
+---
+server:
+    install: '1'
+    packages: [vim, htop, iotop]
+    timezone: UTC
+    locale: en_US.UTF-8
+vagrant_local:
+    install: '1'
+    vm: { base_box: trusty64, hostname: brexlex, ip: 192.168.50.99, memory: '1024', sharedfolder: ./, enableWindows: '1', useVagrantCloud: '1', syncType: nfs }
+apache:
+    install: '1'
+    docroot: /vagrant
+    servername: myApp.vb
+mysql:
+    install: '1'
+    root_password: password
+    database: db
+    user: user
+    password: password
+    dump: ''

ansible/windows.sh

@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+
+# Update Repositories
+sudo apt-get update
+
+# Determine Ubuntu Version
+. /etc/lsb-release
+
+# Decide on package to install for `add-apt-repository` command
+#
+# USE_COMMON=1 when using a distribution over 12.04
+# USE_COMMON=0 when using a distribution at 12.04 or older
+USE_COMMON=$(echo "$DISTRIB_RELEASE > 12.04" | bc)
+
+if [ "$USE_COMMON" -eq "1" ];
+then
+    sudo apt-get install -y software-properties-common
+else
+    sudo apt-get install -y python-software-properties
+fi
+
+# Add Ansible Repository & Install Ansible
+sudo add-apt-repository -y ppa:ansible/ansible
+sudo apt-get update
+sudo apt-get install -y ansible
+
+# Setup Ansible for Local Use and Run
+cp /vagrant/ansible/inventories/dev /etc/ansible/hosts -f
+chmod 666 /etc/ansible/hosts
+cat /vagrant/ansible/files/authorized_keys >> /home/vagrant/.ssh/authorized_keys
+sudo ansible-playbook /vagrant/ansible/playbook.yml -e hostname=$1 --connection=local