Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found
Select Git revision
  • master
1 result

Target

Select target project
  • salt/deploy-formula
1 result
Select Git revision
  • master
1 result
Show changes
Commits on Source (2)
Show whitespace changes
Inline Side-by-side
README.md
View file @ 8d384383
......@@ -78,17 +78,18 @@ deploy:
This part of the pillar provides overall configuration data for the deployments.
It usually should not differ between deployments and might be assigned to many minions.
* `deploy.config.key` **no default value**
- `deploy.config.key` **no default value**
A private key that is able to access repositories.
* `deploy.config.deploy_directory` *default: `/srv/repo`*
**Deprecated** Use [gitlab deploy tokens](https://doc.it.hs-hannover.de/books/sysadmin/page/gitlab-deploy-with-token-and-without-ssh) instead:
- `deploy.config.deploy_directory` _default: `/srv/repo`_
The directory in which git clones are located.
* `deploy.config.venv_directory` *default: `/srv/venv`*
- `deploy.config.venv_directory` _default: `/srv/venv`_
The directory in which virtualenvs are located.
* `deploy.config.cert_directory` *default: `/etc/hsh-certs`*
- `deploy.config.cert_directory` _default: `/etc/hsh-certs`_
The directory in which certificates are located.
* `deploy.config.static_directory` *default: `/srv/static`*
- `deploy.config.static_directory` _default: `/srv/static`_
Static files related settings that are magically set by the `deploy.django` state.
* `deploy.config.static_url` *default: `https://static.it.hs-hannover.de`*
- `deploy.config.static_url` _default: `https://static.it.hs-hannover.de`_
Static files related settings that are magically set by the `deploy.django` state.
### `deploy.projects`
......@@ -114,9 +115,9 @@ Only describing e.g. `cert` for a project without applying the corresponding sta
#### `deploy.projects.[...].gitlab`
* `url` **no default**
- `url` **no default**
The URL to clone from.
* `rev` **no default**
- `rev` **no default**
The branch, tag or commit that should be deployed
The `path` to the target directory is created by using `deploy.config.deploy_directory` + `/` + `project_name`.
......@@ -126,7 +127,7 @@ The `path` to the target directory is created by using `deploy.config.deploy_dir
You may specify `venv: True`, which leads in default values.
Instead of True `venv` can also be an object.
* `requirements` *default: `project_path/requirements.txt`*
- `requirements` _default: `project_path/requirements.txt`_
The URL to clone from.
The python version is fixed to the servers python3 version.
......@@ -134,13 +135,13 @@ The environment creation runs in the context of the project user.
#### `deploy.projects.[...].django`
* `collectstatic` *default: `False`*
- `collectstatic` _default: `False`_
If true the deployment runs `./manage.py collectstatic`
* `migrate` *default: `False`*
- `migrate` _default: `False`_
If true the deployment runs `./manage.py migrate`
* `settings_path` *default: `project_path/project_name/settings/prod.py`*
- `settings_path` _default: `project_path/project_name/settings/prod.py`_
The path where to write the django settings to.
* `settings` **no default**
- `settings` **no default**
Specify django settings in yaml - they are written into a file in the project.
This fits our django settings approach.
......@@ -156,27 +157,27 @@ If your run user needs to read a cert, you might add him into the corresponding
Each cert may have the following fields:
* `pem` **required**
- `pem` **required**
The X.509 certificate.
* `key` **required**
- `key` **required**
The key for the certificate.
* `chain`
- `chain`
The certificate chain - usually without the root certificate.
* `cacert`
- `cacert`
The root certificate - this is usually not necessary, except you roll out your own PKI.
* `dhparam`
- `dhparam`
The diffie hellman parameter.
The states will create a bunch of files in the `deploy.config.cert_directory`.
* `certname.pem`
* `certname.key`
* `certname.chain.pem`
* `certname.cacert.pem`
* `certname.dhparam.pem`
* `certname.fullchain.pem`
- `certname.pem`
- `certname.key`
- `certname.chain.pem`
- `certname.cacert.pem`
- `certname.dhparam.pem`
- `certname.fullchain.pem`
`pem` + `chain`
* `certname.fullchain.dhparam.pem`
- `certname.fullchain.dhparam.pem`
`pem` + `chain` + `dhparam`
There is group created for each certificate based on the name and prefixed with `cert-`.
......
deploy/user.sls
View file @ 8d384383
......@@ -4,6 +4,7 @@ deployer:
user.absent: []
group.absent: []
{% if salt.pillar.get('deploy:config:key:', None) is not None %}
deploy_user_ssh_known_hosts_file_present:
file.managed:
......@@ -50,6 +51,8 @@ deploy_key:
- group: root
- makedirs: True
{% endif %}
{% for project_name, project_config in deploy.projects.items() %}
{% set config_user_groups = project_config.get('user_groups', []) %}
......