Merge branch 'cas' into 'newinfra'

Migrate CAS to new infra See merge request nounous/ansible!156
2021-01-02 09:35:42 +01:00 · 2021-01-02 09:35:42 +01:00 · 834f8e34bd
parent cc649bcc78 585d947b6f
commit 834f8e34bd
5 changed files with 17 additions and 15 deletions
--- a/group_vars/reverseproxy.yml
+++ b/group_vars/reverseproxy.yml
@ -19,19 +19,16 @@ nginx:

  reverseproxy_sites:
    # Services web Crans
-    #    - {from: lutim.crans.org, to: 10.231.136.69}
-    #    - {from: ftps.crans.org, to: 10.231.136.98}
    #    - {from: re2o.crans.org, to: 10.231.136.9}
    #    - {from: intranet.crans.org, to: 10.231.136.9}
    #    - {from: grafana.crans.org, to: "10.231.136.102:3000"}
+    - {from: ftps.crans.org, to: 172.16.10.30}
    - {from: webmail.crans.org, to: 172.16.10.108}
    - {from: webirc.crans.org, to: "172.16.10.31:9000"}
    - {from: horde.crans.org, to: 172.16.10.108}
    - {from: framadate.crans.org, to: 172.16.10.109}
    - {from: stream.crans.org, to: 172.16.10.118}
    - {from: cas.crans.org, to: 172.16.10.120}
-    - {from: auth.crans.org, to: 172.16.10.120}
-    - {from: login.crans.org, to: 172.16.10.120}
    - {from: phabricator.crans.org, to: 172.16.10.116}
    - {from: trackerusercontent.crans.org, to: 172.16.10.116}
    - {from: wiki.crans.org, to: 172.16.10.161}
--- a/2
+++ b/2
@ -129,7 +129,7 @@ virtu
 #belenios.adm.crans.org
 bigbluebutton.adm.crans.org
 #boeing.adm.crans.org
-#casouley.adm.crans.org
+cas.adm.crans.org
 codichotomie.adm.crans.org
 #ethercalc-srv.adm.crans.org
 fluxx.adm.crans.org
--- a/plays/cas.yml
+++ b/plays/cas.yml
@ -2,8 +2,9 @@
 ---
 # Django CAS server

- hosts: casouley.adm.crans.org
+- hosts: cas.adm.crans.org
  vars:
    cas_secret_key: "{{ vault_cas_secret_key }}"
    cas_ldap_password: "{{ vault_cas_ldap_password }}"
+    cas_database_password: "{{ vault_cas_database_password }}"
  roles: ["django-cas"]
--- a/roles/django-cas/tasks/main.yml
+++ b/roles/django-cas/tasks/main.yml
@ -9,19 +9,11 @@
      - python3-django
      - python3-django-cas-server
      - python3-psycopg2
+      - python3-ldap3
  register: apt_result
  retries: 3
  until: apt_result is succeeded

- name: Upgrade to Bullseye Django CAS
-  apt:
-    deb: http://mirror.adm.crans.org/debian/pool/main/d/django-cas-server/python3-django-cas-server_1.1.0-2_all.deb
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
-  when:
-    - ansible_lsb.codename == 'buster'
-
 - name: Clone Django CAS project repository
  git:
    repo: http://gitlab.adm.crans.org/nounous/django-cas.git
@ -34,6 +26,7 @@
    src: cas/settings_local.py.j2
    dest: /var/local/django-cas/cas/settings_local.py
    mode: 0600
+    owner: www-data
  notify: Restart uwsgi

 - name: Configure NGINX site
--- a/roles/django-cas/templates/cas/settings_local.py.j2
+++ b/roles/django-cas/templates/cas/settings_local.py.j2
@ -7,3 +7,14 @@ CAS_LDAP_SERVER = "172.16.10.90"
 CAS_LDAP_USER = "cn=cas,ou=service-users,dc=crans,dc=org"
 CAS_LDAP_PASSWORD = "{{ cas_ldap_password }}"
 CAS_LDAP_BASE_DN = "cn=Utilisateurs,dc=crans,dc=org"
+
+# Database
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.postgresql_psycopg2',
+        'NAME': 'cas',
+        'HOST': 'pgsql.adm.crans.org',
+        'USER': 'cas',
+        'PASSWORD': '{{ cas_database_password }}',
+    }
+}