Closed Zenchreal closed 4 years ago
zorbathut
commented
4 years ago In general, this looks great! I want to run it on an actual server but that's going to take some prep time, I'll probably end up merging it in soon.
The one issue I see is production.ini.example; I think /production.ini.example was copied from /tildes/production.ini, and the copies are already diverging. I'm not sure what the best way to solve this is but it definitely needs to be solved - suggestions?
Zenchreal
commented
4 years ago We could have the Ansible playbook take production.ini directly from the tildes folder. I only copied it here because it was in the root, and it's easier to see which files you have to manually change to do a deployment if they're all in one folder.
I think it would be pretty nifty to have a Python script that took care of filling in these .example files for you, given one unified configuration file (or even a series of prompts). It would directly run Ansible, too. That gets us a lot closer to the ease of use of Discourse which you linked a few days ago.
zorbathut
commented
4 years ago I'm sort of interested in the idea of the unified-config-file thing, but I also feel like the config files we have already are the unified config files, in a lot of ways. I don't think we should be adding a second layer on top of them, we should either be using them or replacing them (and from an upstreamability standpoint, just using them.)
I think pulling production.ini directly from tildes makes the most sense; it's not an ideal long-term solution but it'll work well for now, without much opportunity for confusion, and it'll upstream well.
Zenchreal
commented
4 years ago Yeah, I can see how it would add more confusion. I'm going to update this pull request to keep the config files at their original location.
Also, I'm going to add another playbook which handles code/database updates to the server.
zorbathut
commented
4 years ago Alright, this all looks pretty good!
A few notes on my experiences:
I totally screwed up and installed it on 20.04 first. This did not work. It's my fault that I used the wrong OS, but it'd be kind of nice if there was validation on that :V
I also used the minimal image to start with, and that didn't work either, due to missing ufw (fixed by deleting that section) and missing rsync (fixed by adding an rsync install section) and like six errors in salt (fixed by giving up and using the non-minimal image). In theory it'd be nice if it worked on the minimal image . . . but I'm not really calling that a big deal.
I was successfully able to get it up and running, so I'm gonna go ahead and check this in.
Zenchreal
commented
4 years ago Great, I'm glad you got it to work. I wonder how difficult it would be to get everything running on 20.04 as well (I should test it sometime). Also, it should be easy enough to get working on the minimal image; we would just need to carefully parse the salt log messages to see what assumed packages are missing and install them in the playbook.
Next I'm going to take a look at some of the other open issues, hopefully in the next few weeks.
zorbathut
commented
4 years ago For Minimal, ufw was missing (and also unnecessary because it was running on Google Compute and they have their own firewall), as was rsync (easy to install before being needed).
For 20.04, the Certbot PPA was no longer needed, certbot is part of the Ubuntu package system as of 20.04 and can just be installed via apt.
I did not attempt to decipher the massive salt error message though, it's pretty unreadable after it's been passed through ansible :)
Make deployment easier by automating setup with Ansible. The new deployment steps would be something like:
ansible-playbook provision.yml -i inventory -u root(instead of root you can use any superuser account that you can ssh into)@toadworrier this pull request would remove your provision.sh script and move that functionality directly into the playbook. Can you take a look? Thanks