Haufinyane tjena ke ne ke hloka ho ngola libuka tse 'maloa tsa Ansible ho lokisa seva bakeng sa ho kenya kopo ea Rails. 'Me, ho makatsang ke hore ha kea fumana buka e bonolo ea mohato ka mohato. Ke ne ke sa batle ho kopitsa buka ea ho bapala ea motho e mong ntle le ho utloisisa se etsahalang, 'me qetellong ke ne ke tlameha ho bala litokomane, ke bokella ntho e' ngoe le e 'ngoe ka' na. Mohlomong nka thusa motho e mong ho potlakisa ts'ebetso ena ka thuso ea sehlooho sena.
Ntho ea pele eo u lokelang ho e utloisisa ke hore ansible e u fa sebopeho se bonolo sa ho etsa lethathamo le boletsoeng esale pele la liketso ho li-server tse hole ka SSH. Ha ho na boselamose mona, o ke ke oa kenya plugin mme oa fumana ts'ebetso ea ts'ebetso ea ts'ebetso ea hau ka docker, leihlo le lintho tse ling tse ntle ka ntle ho lebokose. E le hore u ngole buka ea ho bapala, u tlameha ho tseba hore na u batla ho etsa eng hantle le hore na u ka e etsa joang. Ke ka lebaka leo ke sa khotsofaleng ke libuka tsa ho bapala tse seng li entsoe ho tsoa ho GitHub, kapa lingoliloeng tse kang: "Kopitsa 'me u tsamaise, e tla sebetsa."
Re hloka eng?
Joalokaha ke se ke boletse, e le hore u ngole buka ea ho bapala u lokela ho tseba hore na u batla ho etsa eng le hore na u ka e etsa joang. Ha re etse qeto ea hore na re hloka eng. Bakeng sa ts'ebeliso ea Rails re tla hloka liphutheloana tse 'maloa tsa sistimi: nginx, postgresql (redis, joalo-joalo). Ho phaella moo, re hloka mofuta o itseng oa ruby. Ho molemo ho e kenya ka rbenv (rvm, asdf...). Ho tsamaisa tsena tsohle e le mosebelisi oa motso kamehla ke mohopolo o mobe, kahoo o hloka ho theha mosebelisi ea arohaneng le ho lokisa litokelo tsa hae. Kamora sena, o hloka ho kenya khoutu ea rona ho seva, kopitsa li-configs tsa nginx, postgres, joalo-joalo, 'me u qale lits'ebeletso tsena kaofela.
Ka lebaka leo, tatellano ea liketso e tjena:
- Kena joalo ka motso
- kenya liphutheloana tsa tsamaiso
- theha mosebelisi e mocha, lokisa litokelo, senotlolo sa ssh
- lokisa liphutheloana tsa sistimi (nginx joalo-joalo) 'me u li tsamaise
- Re theha mosebelisi ho database (o ka etsa database hanghang)
- Kena joalo ka mosebelisi e mocha
- Kenya rbenv le ruby
- Ho kenya bundler
- Ho kenya khoutu ea ts'ebeliso
- Ho qala seva ea Puma
Ho feta moo, methati ea ho qetela e ka etsoa ho sebelisoa capistrano, bonyane ka ntle ho lebokose e ka kopitsa khoutu ho li-directory tsa tokollo, fetola tokollo ka symlink ha e tsamaisoa ka katleho, kopi ea li-configs ho tsoa bukeng e arolelanoang, qala puma, joalo-joalo. Sena sohle se ka etsoa ho sebelisoa Ansible, empa hobaneng?
Sebopeho sa faele
Ansible e na le thata bakeng sa lifaele tsohle tsa hau, kahoo ho molemo ho li boloka kaofela bukeng e arohaneng. Ho feta moo, ha ho bohlokoa hakaalo hore na e tla ba ka rails kopo ka boeona, kapa ka thoko. U ka boloka lifaele sebakeng se arohaneng sa git. Ka bonna, ke fumane ho le bonolo haholo ho theha bukana e utloahalang ho / config directory ea kopo ea rails le ho boloka ntho e 'ngoe le e' ngoe sebakeng se le seng sa polokelo.
Buka ea ho bapala e bonolo
Playbook ke faele ea yml eo, ka ho sebelisa syntax e khethehileng, e hlalosang seo Ansible a lokelang ho se etsa le joang. Ha re theheng buka ea pele ea ho bapala e sa etse letho:
---
- name: Simple playbook
hosts: allMona re mpa re re buka ea rona ea lipapali e bitsoa Simple Playbook le hore likahare tsa eona li lokela ho phethisoa bakeng sa mabotho ohle. Re ka e boloka ka har'a / directory e sebetsang ka lebitso playbook.yml ebe o leka ho matha:
ansible-playbook ./playbook.yml
PLAY [Simple Playbook] ************************************************************************************************************************************
skipping: no hosts matchedAnsible o re ha e tsebe baamoheli ba lumellanang le lenane lohle. Li tlameha ho thathamisoa ho tse khethehileng .
Ha re e etsetse bukeng e tšoanang e utloahalang:
123.123.123.123Ke ka tsela ena re hlalosang moamoheli (haholo-holo moamoheli oa VPS ea rona bakeng sa tlhahlobo, kapa o ka ngolisa localhost) mme o e boloke tlasa lebitso. inventory.
U ka leka ho sebetsa hantle ka faele ea invetory:
ansible-playbook ./playbook.yml -i inventory
PLAY [Simple Playbook] ************************************************************************************************************************************
TASK [Gathering Facts] ************************************************************************************************************************************
PLAY RECAP ************************************************************************************************************************************Haeba u na le phihlello ea ssh ho moamoheli ea boletsoeng, joale ansible e tla hokela le ho bokella tlhahisoleseling mabapi le sistimi e hole. (TASK ea kamehla [Ho Bokella Lintlha]) ka mor'a moo e tla fana ka tlaleho e khutšoanyane mabapi le ts'ebetso (PLAY RECAP).
Ka ho sa feleng, khokahano e sebelisa lebitso la mosebelisi leo u kentsoeng ka har'a sistimi. Ho ka etsahala hore e se be ho moamoheli. Faeleng ea buka ea ho bapala, u ka hlakisa hore na u sebelise mosebelisi ofe ho hokahanya u sebelisa taelo ea remote_user. Hape, tlhahisoleseling e mabapi le sistimi e hole hangata e ka 'na ea se ke ea hlokahala ho uena' me ha ua lokela ho senya nako ho e bokella. Mosebetsi ona o ka boela oa emisoa:
---
- name: Simple playbook
hosts: all
remote_user: root
become: true
gather_facts: noLeka ho sebelisa buka ea ho bapala hape 'me u netefatse hore khokahano ea sebetsa. (Haeba u hlalositse motso oa mosebelisi, hape u hloka ho hlakisa ho ba: taelo ea 'nete e le hore u fumane litokelo tse phahameng. Joalo ka ha ho ngotsoe litokomaneng: become set to ‘true’/’yes’ to activate privilege escalation. leha ho sa hlake ka botlalo hore na hobaneng).
Mohlomong u tla fumana phoso e bakiloeng ke taba ea hore ansible e ke ke ea tseba mofetoleli oa Python, joale o ka e hlalosa ka letsoho:
ansible_python_interpreter: /usr/bin/python3 U ka fumana moo u nang le python ka taelo whereis python.
Ho kenya liphutheloana tsa sistimi
Kabo e tloaelehileng ea Ansible e kenyelletsa li-module tse ngata bakeng sa ho sebetsa le liphutheloana tse fapaneng tsa sistimi, ka hona ha rea tlameha ho ngola mangolo a bash ka lebaka lefe kapa lefe. Hona joale re hloka e 'ngoe ea li-module tsena ho ntlafatsa tsamaiso le ho kenya liphutheloana tsa tsamaiso. Ke na le Ubuntu Linux ho VPS ea ka, kahoo ho kenya liphutheloana tseo ke li sebelisang apt-get и . Haeba u sebelisa mokhoa o fapaneng oa ho sebetsa, joale u ka 'na ua hloka mojule o fapaneng (hopola, ke boletse qalong hore re hloka ho tseba esale pele hore na re tla etsa eng le hore na re tla etsa joang). Leha ho le joalo, ho ka etsahala hore syntax e tla tšoana.
Ha re kenyelle buka ea rona ea ho bapala ka mesebetsi ea pele:
---
- name: Simple playbook
hosts: all
remote_user: root
become: true
gather_facts: no
tasks:
- name: Update system
apt: update_cache=yes
- name: Install system dependencies
apt:
name: git,nginx,redis,postgresql,postgresql-contrib
state: presentMosebetsi ke hantle mosebetsi oo Ansible a tla o etsa ho li-server tse hole. Re reha mosebetsi oo lebitso e le hore re tsebe ho latela ts'ebetso ea ona ho log. 'Me re hlalosa, re sebelisa syntax ea mojule o itseng, seo e hlokang ho se etsa. Boemong bona apt: update_cache=yes - e re ho ntlafatsa liphutheloana tsa sistimi ho sebelisa module ea apt. Taelo ea bobeli e batla e rarahane haholoanyane. Re fetisetsa lethathamo la liphutheloana ho module ea apt mme re re li joalo state e lokela ho ba present, ke hore, re re kenya liphutheloana tsena. Ka tsela e tšoanang, re ka ba bolella hore ba li hlakole, kapa ba li nchafatse ka ho fetola feela state. Ka kopo elelloa hore hore liporo li sebetse le postgresql re hloka sephutheloana sa postgresql-contrib, seo re se kenyang hona joale. Hape, o hloka ho tseba le ho etsa sena; boikemelo ka bo bona bo ke ke ba etsa sena.
Leka ho sebelisa buka ea ho bapala hape 'me u hlahlobe hore na liphutheloana li kentsoe.
Ho theha basebelisi ba bacha.
Ho sebetsa le basebelisi, Ansible e boetse e na le mojule - mosebelisi. Ha re kenyeng mosebetsi o mong hape (ke patile likarolo tse seng li ntse li tsejoa tsa buka ea ho bapala ka mor'a maikutlo e le hore ke se ke ka e kopitsa ka ho feletseng nako le nako):
---
- name: Simple playbook
# ...
tasks:
# ...
- name: Add a new user
user:
name: my_user
shell: /bin/bash
password: "{{ 123qweasd | password_hash('sha512') }}"Re theha mosebelisi e mocha, re beha schell le password bakeng sa eona. 'Me joale re thulana le mathata a mangata. Ho thoe'ng haeba mabitso a basebelisi a hloka ho fapana bakeng sa baamoheli ba fapaneng? Le ho boloka phasewete ka mongolo o hlakileng bukeng ea ho bapala ke mohopolo o mobe haholo. Ho qala, ha re kenye lebitso la mosebelisi le phasewete ka mefuta e fapaneng, 'me ho elella qetellong ea sengoloa ke tla bonts'a mokhoa oa ho patala phasewete.
---
- name: Simple playbook
# ...
tasks:
# ...
- name: Add a new user
user:
name: "{{ user }}"
shell: /bin/bash
password: "{{ user_password | password_hash('sha512') }}"Lintho tse feto-fetohang li behiloe libukeng tsa ho bapala ho sebelisoa lithapo tse kobehileng habeli.
Re tla bonts'a boleng ba mefuta e fapaneng faeleng ea inventory:
123.123.123.123
[all:vars]
user=my_user
user_password=123qweasdKa kopo hlokomela taelo [all:vars] - e re karolo e latelang ea mongolo ke mefuta e fapaneng (vars) mme e sebetsa ho bohle ba amohelang mangolo (kaofela).
Moqapi o boetse oa thahasellisa "{{ user_password | password_hash('sha512') }}". Taba ke hore ansible ha e kenye mosebelisi ka user_add joalo ka ha u ka e etsa ka letsoho. 'Me e boloka lintlha tsohle ka ho toba, ke ka lebaka leo re tlamehang hape ho fetola phasewete hore e be hash esale pele, e leng seo taelo ena e se etsang.
Ha re kenyelle mosebelisi oa rona sehlopheng sa sudo. Leha ho le joalo, pele ho sena re hloka ho etsa bonnete ba hore sehlopha se joalo se teng hobane ha ho motho ea tla re etsetsa sena:
---
- name: Simple playbook
# ...
tasks:
# ...
- name: Ensure a 'sudo' group
group:
name: sudo
state: present
- name: Add a new user
user:
name: "{{ user }}"
shell: /bin/bash
password: "{{ user_password | password_hash('sha512') }}"
groups: "sudo"Ntho e ngoe le e ngoe e bonolo, re boetse re na le mojule oa sehlopha bakeng sa ho theha lihlopha, ka syntax e ts'oanang haholo le apt. Joale ho lekane ho ngolisa sehlopha sena ho mosebelisi (groups: "sudo").
Ho bohlokoa hape ho kenyelletsa senotlolo sa ssh ho mosebelisi enoa e le hore re ka kena ho se sebelisa ntle le password:
---
- name: Simple playbook
# ...
tasks:
# ...
- name: Ensure a 'sudo' group
group:
name: sudo
state: present
- name: Add a new user
user:
name: "{{ user }}"
shell: /bin/bash
password: "{{ user_password | password_hash('sha512') }}"
groups: "sudo"
- name: Deploy SSH Key
authorized_key:
user: "{{ user }}"
key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
state: presentTabeng ena, moqapi o thahasellisa "{{ lookup('file', '~/.ssh/id_rsa.pub') }}" - e kopitsa litaba tsa faele ea id_rsa.pub (lebitso la hau le ka fapana), ke hore, karolo ea sechaba ea senotlolo sa ssh ebe e e kenya lethathamong la linotlolo tse lumelletsoeng bakeng sa mosebelisi ho seva.
Mesebetsi
Mesebetsi eohle e meraro ea ho theha ts'ebeliso e ka aroloa habonolo ho sehlopha se le seng sa mesebetsi, 'me e ka ba mohopolo o motle ho boloka sehlopha sena ka thoko ho buka ea mantlha ea ho bapala e le hore se se ke sa hola haholo. Bakeng sa morero ona, Ansible o na le .
Ho ea ka sebopeho sa faele se bontšitsoeng qalong, likarolo li tlameha ho beoa bukeng ea likarolo tse fapaneng, bakeng sa karolo e 'ngoe le e' ngoe ho na le bukana e arohaneng e nang le lebitso le le leng, kahare ho mesebetsi, lifaele, litempele, joalo-joalo.
Ha re theheng sebopeho sa faele: ./ansible/roles/user/tasks/main.yml (ka sehloohong ke faele e kholo e tla kenngoa le ho etsoa ha karolo e hokahanngoa le buka ea ho bapala; lifaele tse ling tsa karolo li ka hokeloa ho eona). Joale o ka fetisetsa mesebetsi eohle e amanang le mosebelisi faeleng ena:
# Create user and add him to groups
- name: Ensure a 'sudo' group
group:
name: sudo
state: present
- name: Add a new user
user:
name: "{{ user }}"
shell: /bin/bash
password: "{{ user_password | password_hash('sha512') }}"
groups: "sudo"
- name: Deploy SSH Key
authorized_key:
user: "{{ user }}"
key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
state: presentBukeng ea mantlha ea ho bapala, o tlameha ho totobatsa ho sebelisa karolo ea mosebelisi:
---
- name: Simple playbook
hosts: all
remote_user: root
gather_facts: no
tasks:
- name: Update system
apt: update_cache=yes
- name: Install system dependencies
apt:
name: git,nginx,redis,postgresql,postgresql-contrib
state: present
roles:
- userHape, ho ka utloahala ho nchafatsa sistimi pele ho mesebetsi e meng kaofela; ho etsa sena, o ka reha block tasks tseo li hlalosoang ka tsona pre_tasks.
Ho theha nginx
Re tlameha ho se re e kentse Nginx; re hloka ho e hlophisa le ho e tsamaisa. Ha re e etse hang-hang karolong eo. Ha re theheng sebopeho sa faele:
- ansible
- roles
- nginx
- files
- tasks
- main.yml
- templatesHona joale re hloka lifaele le li-template. Phapang pakeng tsa bona ke hore ansible e kopitsa lifaele ka kotloloho, joalo ka. 'Me litempele li tlameha ho ba le j2 katoloso' me li ka sebelisa boleng bo fapaneng li sebelisa li-braces tse tšoanang tse habeli.
Ha re lumelle nginx ho kena main.yml faele. Bakeng sa sena re na le moduled ea systemd:
# Copy nginx configs and start it
- name: enable service nginx and start
systemd:
name: nginx
state: started
enabled: yesMona ha re re feela nginx e tlameha ho qalisoa (ke hore, rea e qala), empa hang-hang re re e tlameha ho etsoa.
Joale a re kopitseng lifaele tsa tlhophiso:
# Copy nginx configs and start it
- name: enable service nginx and start
systemd:
name: nginx
state: started
enabled: yes
- name: Copy the nginx.conf
copy:
src: nginx.conf
dest: /etc/nginx/nginx.conf
owner: root
group: root
mode: '0644'
backup: yes
- name: Copy template my_app.conf
template:
src: my_app_conf.j2
dest: /etc/nginx/sites-available/my_app.conf
owner: root
group: root
mode: '0644'Re theha file ea mantlha ea nginx (o ka e nka ka kotloloho ho tsoa ho seva, kapa oa e ngola u le mong). Hape le faele ea tlhophiso bakeng sa ts'ebeliso ea rona bukeng ea libaka_e fumanehang (sena ha se hlokahale empa se na le thuso). Boemong ba pele, re sebelisa module ea kopi ho kopitsa lifaele (faele e tlameha ho ba ho /ansible/roles/nginx/files/nginx.conf). Ea bobeli, re kopitsa template, re nkela litekanyetso tsa mefuta-futa. Template e lokela ho ba teng /ansible/roles/nginx/templates/my_app.j2). 'Me e ka shebahala tjena:
upstream {{ app_name }} {
server unix:{{ app_path }}/shared/tmp/sockets/puma.sock;
}
server {
listen 80;
server_name {{ server_name }} {{ inventory_hostname }};
root {{ app_path }}/current/public;
try_files $uri/index.html $uri.html $uri @{{ app_name }};
....
}Ela hloko ho kenya {{ app_name }}, {{ app_path }}, {{ server_name }}, {{ inventory_hostname }} - tsena ke mefuta eohle eo boleng ba eona bo Ansible bo tla nkeloa sebaka ke template pele e kopitsoa. Sena se na le thuso haeba u sebelisa buka ea ho bapala bakeng sa lihlopha tse fapaneng tsa baamoheli. Ka mohlala, re ka eketsa faele ea rona ea thepa:
[production]
123.123.123.123
[staging]
231.231.231.231
[all:vars]
user=my_user
user_password=123qweasd
[production:vars]
server_name=production
app_path=/home/www/my_app
app_name=my_app
[staging:vars]
server_name=staging
app_path=/home/www/my_stage
app_name=my_stage_appHaeba joale re qala buka ea rona ea ho bapala, e tla etsa mesebetsi e boletsoeng bakeng sa baamoheli ka bobeli. Empa ka nako e ts'oanang, bakeng sa moamoheli oa sethala, mefuta e fapaneng e tla fapana le ea tlhahiso, mme eseng feela ka mesebetsi le libuka tsa ho bapala, empa hape le ho nginx configs. {{ inventory_hostname }} ha ho hlokahale hore e bolelloe faeleng ea thepa - sena mme moamoheli eo buka ea ho bapala e ntseng e sebetsa bakeng sa hae hajoale e bolokiloe moo.
Haeba u batla ho ba le faele ea thepa bakeng sa mabotho a mangata, empa u mathela sehlopha se le seng feela, sena se ka etsoa ka taelo e latelang:
ansible-playbook -i inventory ./playbook.yml -l "staging"Kgetho e 'ngoe ke ho ba le lifaele tse arohaneng tsa lethathamo la lihlopha tse fapaneng. Kapa o ka kopanya mekhoa e 'meli haeba u na le mabotho a mangata a fapaneng.
Ha re khutleleng ho seta nginx. Ka mor'a ho kopitsa lifaele tsa tlhophiso, re hloka ho theha symlink ho sitest_enabled to my_app.conf ho tsoa ho libaka_tse fumanehang. Ebe o qala hape nginx.
... # old code in mail.yml
- name: Create symlink to sites-enabled
file:
src: /etc/nginx/sites-available/my_app.conf
dest: /etc/nginx/sites-enabled/my_app.conf
state: link
- name: restart nginx
service:
name: nginx
state: restartedNtho e 'ngoe le e' ngoe e bonolo mona - hape li-module tse utloahalang tse nang le syntax e tloaelehileng. Empa ho na le ntlha e le 'ngoe. Ha ho na thuso ea ho qala nginx nako le nako. Na u hlokometse hore ha re ngole litaelo tse kang: "etsa tjena", poleloana e shebahala joaloka "sena se lokela ho ba le boemo bona". 'Me hangata sena ke tsela eo bohlale bo sebetsang ka eona. Haeba sehlopha se se se ntse se le teng, kapa sephutheloana sa sistimi se se se kentsoe, joale ansible e tla hlahloba sena ebe e tlola mosebetsi. Hape, lifaele li ke ke tsa kopitsoa haeba li lumellana ka ho feletseng le se seng se le ho seva. Re ka nka monyetla ka sena mme ra qala hape nginx ha feela lifaele tsa tlhophiso li fetotsoe. Ho na le taelo ea register bakeng sa sena:
# Copy nginx configs and start it
- name: enable service nginx and start
systemd:
name: nginx
state: started
enabled: yes
- name: Copy the nginx.conf
copy:
src: nginx.conf
dest: /etc/nginx/nginx.conf
owner: root
group: root
mode: '0644'
backup: yes
register: restart_nginx
- name: Copy template my_app.conf
template:
src: my_app_conf.j2
dest: /etc/nginx/sites-available/my_app.conf
owner: root
group: root
mode: '0644'
register: restart_nginx
- name: Create symlink to sites-enabled
file:
src: /etc/nginx/sites-available/my_app.conf
dest: /etc/nginx/sites-enabled/my_app.conf
state: link
- name: restart nginx
service:
name: nginx
state: restarted
when: restart_nginx.changedHaeba e 'ngoe ea lifaele tsa tlhophiso e fetoha, kopi e tla etsoa' me e feto-fetohang e ngolisoe restart_nginx. 'Me feela haeba phapang ena e ngolisitsoe moo tšebeletso e tla tsosolosoa.
Mme, ehlile, o hloka ho kenyelletsa karolo ea nginx bukeng ea mantlha ea ho bapala.
Ho theha postgresql
Re hloka ho nolofalletsa postgresql ho sebelisa systemd ka tsela e tšoanang le eo re entseng ka nginx, hape re thehe mosebelisi eo re tla mo sebelisa ho fihlella database le database ka boeona.
Ha re theheng karolo /ansible/roles/postgresql/tasks/main.yml:
# Create user in postgresql
- name: enable postgresql and start
systemd:
name: postgresql
state: started
enabled: yes
- name: Create database user
become_user: postgres
postgresql_user:
name: "{{ db_user }}"
password: "{{ db_password }}"
role_attr_flags: SUPERUSER
- name: Create database
become_user: postgres
postgresql_db:
name: "{{ db_name }}"
encoding: UTF-8
owner: "{{ db_user }}"Nke ke ka hlalosa mokhoa oa ho eketsa mefuta-futa ho thepa, sena se se se entsoe ka makhetlo a mangata, hammoho le syntax ea postgresql_db le postgresql_user modules. Lintlha tse ling li ka fumanoa litokomaneng. Taelo e khahlisang haholo mona ke become_user: postgres. Taba ke hore ka ho sa feleng, ke mosebelisi oa postgres feela ea nang le phihlello ho database ea postgresql le sebakeng sa heno feela. Taelo ena e re lumella ho phethahatsa litaelo molemong oa mosebelisi enoa (haeba re na le phihlello, ehlile).
Hape, o kanna oa tlameha ho kenya mohala ho pg_hba.conf ho lumella mosebelisi e mocha phihlello ho database. Sena se ka etsoa ka tsela e ts'oanang le ha re fetotse nginx config.
Ehlile, o hloka ho kenyelletsa karolo ea postgresql bukeng ea mantlha ea ho bapala.
Ho kenya ruby ka rbenv
Ansible ha e na li-module tsa ho sebetsa le rbenv, empa e kentsoe ka ho kopanya polokelo ea git. Ka hona, bothata bona bo fetoha bo sa tloaelehang ka ho fetisisa. Ha re mo etsetseng karolo /ansible/roles/ruby_rbenv/main.yml mme ha re qaleng ho e tlatsa:
# Install rbenv and ruby
- name: Install rbenv
become_user: "{{ user }}"
git: repo=https://github.com/rbenv/rbenv.git dest=~/.rbenvRe boetse re sebelisa become_user directive ho sebetsa tlas'a mosebedisi eo re mo etselitseng merero ena. Kaha rbenv e kentsoe bukeng ea eona ea lapeng, eseng lefatšeng ka bophara. Hape re sebelisa git module ho kopanya polokelo, ho totobatsa repo le dest.
Ka mor'a moo, re hloka ho ngolisa rbenv init ho bashrc ebe re eketsa rbenv ho PATH moo. Bakeng sa sena re na le module ea lineinfile:
- name: Add rbenv to PATH
become_user: "{{ user }}"
lineinfile:
path: ~/.bashrc
state: present
line: 'export PATH="${HOME}/.rbenv/bin:${PATH}"'
- name: Add rbenv init to bashrc
become_user: "{{ user }}"
lineinfile:
path: ~/.bashrc
state: present
line: 'eval "$(rbenv init -)"'Ebe o hloka ho kenya ruby_build:
- name: Install ruby-build
become_user: "{{ user }}"
git: repo=https://github.com/rbenv/ruby-build.git dest=~/.rbenv/plugins/ruby-build'Me qetellong kenya ruby. Sena se etsoa ka rbenv, ke hore, feela ka taelo ea bash:
- name: Install ruby
become_user: "{{ user }}"
shell: |
export PATH="${HOME}/.rbenv/bin:${PATH}"
eval "$(rbenv init -)"
rbenv install {{ ruby_version }}
args:
executable: /bin/bashRe bolela hore na ke taelo efe e lokelang ho etsoa le ka eng. Leha ho le joalo, mona re kopana le taba ea hore ansible ha e tsamaise khoutu e teng ho bashrc pele e tsamaisa litaelo. Sena se bolela hore rbenv e tla tlameha ho hlalosoa ka kotloloho ka har'a mongolo o le mong.
Bothata bo latelang bo bakoa ke taba ea hore taelo ea khetla ha e na boemo ho tloha ka pono e utloahalang. Ka mantsoe a mang, ho ke ke ha e-ba le tlhahlobo e ikemetseng hore na mofuta ona oa ruby o kentsoe kapa che. Re ka etsa sena ka borona:
- name: Install ruby
become_user: "{{ user }}"
shell: |
export PATH="${HOME}/.rbenv/bin:${PATH}"
eval "$(rbenv init -)"
if ! rbenv versions | grep -q {{ ruby_version }}
then rbenv install {{ ruby_version }} && rbenv global {{ ruby_version }}
fi
args:
executable: /bin/bashHo setseng ke ho kenya bundler:
- name: Install bundler
become_user: "{{ user }}"
shell: |
export PATH="${HOME}/.rbenv/bin:${PATH}"
eval "$(rbenv init -)"
gem install bundlerHape, eketsa karolo ea rona ruby_rbenv bukeng ea sehlooho ea ho bapala.
Lifaele tse arolelanoeng.
Ka kakaretso, ho seta ho ka phethoa mona. Ka mor'a moo, se setseng ke ho tsamaisa capistrano 'me e tla kopitsa khoutu ka boeona, e thehe litsamaiso tse hlokahalang le ho qala kopo (haeba ntho e' ngoe le e 'ngoe e hlophisitsoe ka nepo). Leha ho le joalo, hangata capistrano e hloka lifaele tse ling tsa tlhophiso, joalo ka database.yml kapa .env Li ka kopitsoa joalo ka lifaele le litempele tsa nginx. Ho na le bolotsana bo le bong feela. Pele o kopitsa lifaele, o hloka ho ba etsetsa sebopeho sa li-directory, ntho e kang ena:
# Copy shared files for deploy
- name: Ensure shared dir
become_user: "{{ user }}"
file:
path: "{{ app_path }}/shared/config"
state: directoryre hlakisa buka e le 'ngoe feela mme e utloahalang e tla iketsetsa ea motsoali ha ho hlokahala.
Ansible Vault
Re se re fumane taba ea hore mefuta e fapaneng e ka ba le data ea lekunutu joalo ka password ea mosebelisi. Haeba u entse .env faele bakeng sa kopo, le database.yml joale ho tlameha hore ho be le data ea bohlokoa le ho feta joalo. Ho ka ba molemo ho li pata mahlong a phunya. Bakeng sa morero ona e sebelisoa .
Ha re theheng faele bakeng sa mefuta e fapaneng /ansible/vars/all.yml (mona o ka etsa lifaele tse fapaneng bakeng sa lihlopha tse fapaneng tsa mabotho, joalo ka faele ea inventory: production.yml, staging.yml, joalo-joalo).
Liphetoho tsohle tse tlamehang ho ngolisoa li tlameha ho fetisetsoa faeleng ena ho sebelisoa syntax e tloaelehileng ea yml:
# System vars
user_password: 123qweasd
db_password: 123qweasd
# ENV vars
aws_access_key_id: xxxxx
aws_secret_access_key: xxxxxx
aws_bucket: bucket_name
rails_secret_key_base: very_secret_key_baseKa mor'a moo faele ena e ka ngolisoa ka taelo e latelang:
ansible-vault encrypt ./vars/all.ymlKa tlhaho, ha u etsa encryption, u tla hloka ho beha phasewete bakeng sa decryption. U ka bona se tla ba ka har'a faele ka mor'a ho bitsa taelo ena.
Ka thuso ea ansible-vault decrypt faele e ka hlakoloa, ea fetoloa ebe e ngotsoe hape.
Ha ho hlokahale hore u hlakole faele ho sebetsa. U e boloka e patiloe 'me u tsamaisa buka ea ho bapala ka khang --ask-vault-pass. Ansible e tla botsa phasewete, e fumane mefuta e fapaneng, 'me e phethe mesebetsi. Lintlha tsohle li tla lula li patiloe.
Taelo e felletseng bakeng sa lihlopha tse 'maloa tsa mabotho le vault e loketseng e tla shebahala tjena:
ansible-playbook -i inventory ./playbook.yml -l "staging" --ask-vault-passEmpa nke ke ka u fa mongolo o felletseng oa libuka tsa ho bapala le likarolo, li ngole uena. Hobane ansible e joalo - haeba u sa utloisise se lokelang ho etsoa, e ke ke ea u etsetsa eona.
Source: www.habr.com