This repository has been archived by the owner on Jun 4, 2021. It is now read-only.
Allow customizing Streisand services at install time. #936
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit updates Streisand to allow enabling/disabling the core services at install time, or by customizing a site specific config file before running Streisand. Ansible's prompt functionality is unfortunately crippled with respect to templating and `when` conditions. This makes it tricky to accomplish the customization we want where you are only prompted for each service if you want to customize the overall installation. To allowing changing services on a per-site basis & remembering the decision the wrapper script now creates a `$HOME/.streisand` directory with a `$HOME/.streisand/site.yml` site specific config file. By default it is populated with the `global_vars/default-site.yml` file from the Streisand repository. The `streisand` wrapper conditionally invokes a separate playbook (`playbooks/customize.yml`) for customization that rewrites the `$HOME/.streisand/site.yml` vars file based on what the user specifies. It's a little bit ugly but It Works(!). Further refinement welcome! This methodology also supports customizing the installed services non-interactively by editing `$HOME/.streisand/site.yml` ahead of running `./streisand` and skipping the customization step. This is useful if (for example) you only ever want to install Wireguard on your Streisand instances. You can create a `$HOME/.streisand/site.yml` that only enables Wireguard and all of your Streisand instances will be provisioned accordingly. The validation role is run after customization to ensure that the choices are valid and don't result in (for e.g.) no services enabled. Presently both Travis and the Vagrant `streisand-host` ignore the `$HOME/.streisand.yml` and use the `global_vars/default-site.yml` vars resulting in a provision with all services enabled.
cpu
requested review from
jlund,
alimakki,
nopdotcom,
CorbanR and
nickolasclarke
|
👍 |
This was referenced Sep 16, 2017
jlund
suggested changes
Sep 18, 2017
playbooks/customize.yml
Outdated
| default: "yes" | ||
| private: no | ||
| - name: streisand_wireguard_enabled | ||
| prompt: "Enable Wireguard? Press enter for default " |
streisand
Outdated
| # runs the validation role to validate global_vars/vars.yml | ||
| function validate() { | ||
| echo; echo; ansible-playbook playbooks/validate.yml | ||
| run_genesis existing-server.yml inventories/intenvory-existing |
There was a problem hiding this comment.
After fixing the inventory filename, I'm also seeing the following error when choosing Option 8 and running against an existing server:
fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "msg": "AnsibleUndefinedVariable: 'streisand_genesis_role' is undefined"}
There was a problem hiding this comment.
That second error was unrelated to this commit and is also happening on master. I just submitted PR #955 as a proposed fix.
streisand
Outdated
| } | ||
|
|
||
| # customize prompts the user to decide if they want to customize the Streisand | ||
| # installation. If the user chooses to the playbooks/customize.yml role is used to |
There was a problem hiding this comment.
I think there should be a comma after "If the user chooses to".
|
@jlund Feedback addressed. Thanks! |
|
How does one customize the streisand services? For example I only want to install OpenVPN + stunnel... does this commit make it possible? |
|
@describe19, you can do this now; before running the streisand script you can edit this file, and set the services you don’t want to ‘no’ |
|
A feature for different PR: |
14 tasks
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This commit updates Streisand to allow enabling/disabling the core
services at install time, or by customizing a site specific config file
before running Streisand.
Ansible's prompt functionality is unfortunately crippled with respect to
templating and
whenconditions. This makes it tricky to accomplish thecustomization we want where you are only prompted for each service if
you want to customize the overall installation.
To allowing changing services on a per-site basis & remembering the
decision the wrapper script now creates a
$HOME/.streisanddirectorywith a
$HOME/.streisand/site.ymlsite specific config file. Bydefault it is populated with the
global_vars/default-site.ymlfilefrom the Streisand repository.
The
streisandwrapper conditionally invokes a separate playbook(
playbooks/customize.yml) for customization that rewrites the$HOME/.streisand/site.ymlvars file based on what the user specifies.It's a little bit ugly but It Works(!). Further refinement welcome!
This methodology also supports customizing the installed services
non-interactively by editing
$HOME/.streisand/site.ymlahead ofrunning
./streisandand skipping the customization step. This isuseful if (for example) you only ever want to install Wireguard on your
Streisand instances. You can create a
$HOME/.streisand/site.ymlthatonly enables Wireguard and all of your Streisand instances will be
provisioned accordingly.
The validation role is run after customization to ensure that the
choices are valid and don't result in (for e.g.) no services enabled.
Presently both Travis and the Vagrant
streisand-hostignore the$HOME/.streisand.ymland use theglobal_vars/default-site.ymlvarsresulting in a provision with all services enabled.
Updates #746