Setup sc_pack with ansible
When you execute this ansible recipe, step by step, at the end you will have installed and configured sc_pack, haproxy and they will be demonized1. You can find the ansible recipes in this repository.
Note that if you are already using Ansible, you probably have already found your way around step 1 and step 2 below.
- First, you will provision access without requiring a password for each login, this facilitates automated,
passwordless logins and single sign-on using the SSH protocol.
To do this, generate a ssh key and copy it to the server; use the commands
ssh-copy-id(see more at https://www.ssh.com/ssh/copy-id)
- Second, you need to have installed: python3, python3-dev, virtualenv and git on the server. You can install them by executing2:
$ sudo apt-get update` $ sudo apt-get upgrade` $ sudo apt-get install python3 python3-dev virtualenv git
- If you are cloning this repository, make sure you have installed
git-lfsinstalled in the place where you are cloning it, as we have included some binaries directly here. Use this guide for instructions.
setupvariables.yml, and adjust the latter file with the necessary variables to configure the deployment. With these we establish the place where the files to be installed will be uploaded, where they will be installed, and which domains, ports and credentials will be able to use the accelerator's cloud service. An example can be seen below.
domains: [www.domain1.com, domain2.com] deployment_tags: <a command separated string e.g "shimmercat,test"> api_access_token: <your_authentication_token> deployments: instance_1: deployment_name: deployment_A install_dir: /srv/deployment_A http_port: 8030 https_port: 4040 humanity_validator_port: 8060 dht_bind_port: 48101 enable_bots_blocking: False enable_images_optimization: False google_recaptcha_site_key: <your_google_recaptcha_site_key> google_recaptcha_site_secret: <your_google_recaptcha_site_secret> transit_encryption_key: <your_transit_encryption_key> instance_2: deployment_name: deployment_B install_dir: /srv/deployment_B http_port: 8033 https_port: 4045 humanity_validator_port: 8061 dht_bind_port: 48102 enable_bots_blocking: False enable_images_optimization: False google_recaptcha_site_key: <your_google_recaptcha_site_key> google_recaptcha_site_secret: <your_google_recaptcha_site_secret> transit_encryption_key: <your_transit_encryption_key> sc_pack_version: sc_pack-0.1.647-py3-none-any.whl installers_dir: /srv/installers
- domains: is a list with all the domains that you wish to serve with the current deploy, example:
domains = [domain1.com, domain2.com, www.domain3.com]
- sc_pack_version: is the version we have in files/installers. It does not need to be the latest version, during the installation process we update it.
- installers_dir: where the files to be installed will be uploaded.
deployments.<instance>.deployment_name: is an identifier, it must be unique.
deployments.<instance>.install_dir: where sc_pack will be installed, it must be unique.
For more details you can refer to our Getting Started tutorial.
Update the ansible inventory, by copying the file
hostsat the root of this project and placing the ip (
your-remote-ip) of your server in the variable
ansible_host. The variable
ansible_useris related to step 1, it must be the
Run the playbook. We have three recipes, the first (
0-requirements.yml that must be executed only once), is responsible, among other tasks, for creating the shimmercat user, uploading the sc_pack files, and haproxy, and the necessary folders are created. The second (
1-install.yml, can be executed as many times as necessary). Remember that for each domain you can have multiple instances of sc_pack, you just have to take into account other values of ports, credentials and installation folder (install_dir). To avoid conflicts prior to installation, a check is made on the remote machine and if something fails, the process stops and an error message is displayed.
$ ansible-playbook -i hosts 0-requirements.yml
$ ansible-playbook -i hosts 1-install.yml
If the variable
ansible_user is not root, then you must call the recipes by passing the password of
ansible_user in the remote server:
$ ansible-playbook -i hosts 0-requirements.yml --extra-vars "ansible_sudo_pass=xxxxxxxxxxxx"
- Configure your local
/etc/hostsor equivalent, adding
- Open your browser and check
- If the website does not appear in your browser, please login to your remote server and restart the services.
Normally, the sc_pack service will be called with variable
deployment_name followed by
For example: if deployment_name is
deployment_A, the service will be called
To restart it, run in the terminal:
$ systemctl restart deployment_A.service
[^1]: Meaning that they will be running under SystemD
[^2]: Perhaps these requirements can be addressed during provisioning