I have two ansible tasks that download an archive (the latest wordpress version, for example) and extract that archive.
- name: Download WordPress
tags:
- wordpress
- wordpress:install
get_url: "url=http://wordpress.org/wordpress-{{ wordpress_version }}.tar.gz dest={{ www_docroot }}/wordpress-{{ wordpress_version }}.tar.gz"
- name: Extract archive
tags:
- wordpress
- wordpress:install
unarchive:
src: "{{ www_docroot }}/wordpress-{{ wordpress_version }}.tar.gz"
dest: "{{ www_docroot }}"
remote_src: True
I'm new to learning ansible and I'm trying to figure out: How can I make this idempotent so that it -
Does not download a file if file of the same name already exists or
Does not extract / expand the gzip archive if the specified target folder already exists
Thanks!
consider the force option for the first query( get_url ) .
consider the creates option for the second query( unarchive ) .
Sample code, you need something like this?
- name: Download WordPress
tags:
- wordpress
- wordpress:install
get_url:
url : "http://wordpress.org/wordpress-{{ wordpress_version }}.tar.gz dest={{ www_docroot }}/wordpress-{{ wordpress_version }}.tar.gz"
dest: "{{ wordpress_version }}/wordpress-{{ wordpress_version }}.tar.gz"
force : no
- name: Extract archive
tags:
- wordpress
- wordpress:install
unarchive:
src: "{{ www_docroot }}/wordpress-{{ wordpress_version }}.tar.gz"
dest: "{{ www_docroot }}"
creates : "{{ www_docroot }}/wordpress"
remote_src: True
get_url module already behaves in the way you want.
You might consider completely skipping the second step if nothing is downloaded on the first step. To achieve that you register return value of the first task and check if it is changed in the second with when. In your example it will be:
- name: Download WordPress
tags:
- wordpress
- wordpress:install
get_url: "url=http://wordpress.org/wordpress-{{ wordpress_version }}.tar.gz dest={{ www_docroot }}/wordpress-{{ wordpress_version }}.tar.gz"
register: download_wordpress
- name: Extract archive
tags:
- wordpress
- wordpress:install
unarchive:
src: "{{ www_docroot }}/wordpress-{{ wordpress_version }}.tar.gz"
dest: "{{ www_docroot }}"
remote_src: True
when: download_wordpress.changed
Related
I install a configuration for rails that looks like this (simplified):
production:
secret_key_base: 800afb35d5086b2c60ebd35c01b2bd2b522c2492
db_username: ...
db_password: ...
and so it gets installed from a template file
{{ role }}:
secret_key_base: {{ secret_key }}
db_username: {{ db_user }}
db_password: {{ db_pass }}
And the role and db user/pass get pulled from pillar and installed in that file. The secret_key it would make sense to generate randomly, e.g., {{ salt['random.get_str'](length=80) }}. But I want to generate it once, not every time the template is rendered. (Changing the secret key invalidates cookies, not something to do on each salt run.)
The only solution I've found is two-phase: I have a template.in file
{{ role }}:
secret_key_base: ||secret_key_base||
db_username: {{ db_user }}
db_password: {{ db_pass }}
that I sed into my template file on any given minion:
/srv/salt/rails/secrets.yml:
cmd.run:
# Fill in the secret key base (used for cookies). We can't use
# jinja2 for this, since jinja would complain about the other
# variables that it doesn't know how to replace. We want our
# output to be a jinja template.
- name: |
cat /srv/salt/rails/secrets.yml.in | \
sed -e 's/||secret_key_base||/{{ salt['random.get_str'](length=80) }}/;' | \
cat > /srv/salt/rails/secrets.yml
chmod 400 /srv/salt/rails/secrets.yml
- creates: /srv/salt/rails/secrets.yml
- runas: root
/var/railroad/{{host_role}}/shared/config/secrets.yml:
file.managed:
- source: salt://rails/secrets.yml
- mode: 400
- user: railroad-{{host_role}}
- group: railroad-{{host_role}}
- template: jinja
- defaults:
role: host_role
db_username: m_u
db_password: m_p
This works but has the disadvantage that a change to secrets.yml.in would not be propagated on to secrets.yml. (Suppose we add another key to the secrets file.) It also feels clunkier than necessary.
Is there a better way?
A better way
As noted in the comments, a better way is to just generate the secret by hand (after all, it's only done at host setup) and store it in pillar, where we anyway have to say a few things about each host.
Here is what the working code eventually looked like, unsimplified for those who might want to see something more complex. Much of the complexity is my host_credentials pillar data, which tries to characterise all that we need to know about each host.
{% set fqdn = grains.get('fqdn', 'unknown-host-fqdn') %}
{% set host_role = pillar['host_credentials']
[grains.get('fqdn')]
['role'] %}
{% set examplecom_web_app = pillar['host_credentials']
[grains.get('fqdn')]
['examplecom-web-app'] %}
{% set mysql_server_host = examplecom_web_app.mysql.host %}
{% set mysql_server_database = examplecom_web_app.mysql.database %}
{% set mysql_server_role = examplecom_web_app.mysql.role %}
{% set mysql_server_spec = pillar['host_credentials']
[mysql_server_host]
['mysql'] %}
{% set mongodb_server_host = examplecom_web_app.mongodb.host %}
{% set mongodb_server_spec = pillar['host_credentials']
[mongodb_server_host]
['mongodb'] %}
/var/examplecom/railroad/{{host_role}}/shared/config/secrets.yml:
file.managed:
- source: salt://rails/secrets.yml
- mode: 400
- user: railroad-{{host_role}}
- group: railroad-{{host_role}}
- template: jinja
- defaults:
role: {{ host_role }}
secret_key_base: {{ examplecom_web_app.secret_key_base }}
mysql_hostname: {{ mysql_server_host }}
mysql_username: {{ mysql_server_spec[mysql_server_database]
[mysql_server_role]
['username'] }}
mysql_password: {{ mysql_server_spec[mysql_server_database]
[mysql_server_role]
['password'] }}
mongodb_hostname: {{ mongodb_server_host }}
mongodb_username: {{ mongodb_server_spec.username }}
mongodb_password: {{ mongodb_server_spec.password }}
As an aside, I was happy to discover that jinja2 is white-space agnostic, which helps enormously with readability on such lookups.
I recommend putting the secret in a pillar and generate the value once (manually) on the master. That way you can avoid doing the stateful on-the-fly-magic in your SLS file.
jma updated his question to include an example solution.
Do I understand you correctly:
- this is salt-masterless run?
- you generate some template file on masterless node (to have some static parts generated once)
- you apply file.managed state to previously generated file?
Assuming my understandings:
First of all it will be propagated to another states if you set proper watch/require statements but in your case this would be harder to achieve as you've used cmd.run for template parsing (you must add stateful argument to express that there is some potential state changes underlying)
Remarks:
- did you see file.blockreplace? it seems that you can use this to replace first cmd.run and get file change detection "for free"
- as for one time password generation, there is nice trick to do this simply by using grains.get_or_set_hash
As the generated password is not changing for given minion (you master-less node in your case) the file.blockreplace won't report any changes unless you add changes to the template
Having said this, I think we can go further and your state actually can be as simple as this (template changes will be propagated always, key will be generated once):
/var/railroad/{{host_role}}/shared/config/secrets.yml:
file.managed:
- source: salt://rails/secrets.yml
- mode: 400
- user: railroad-{{host_role}}
- group: railroad-{{host_role}}
- template: jinja
- defaults:
role: host_role
db_username: m_u
db_password: {{ salt['grains.get_or_set_hash']('some:place:secret_key_base') }}
I have a problem with the imagine_filter that works in one page and not in the others even if I use it exactly the same way with the same photo.
In the first page, where my filter works, I have this src:
http://myserver.com/media/cache/shooting/photo_preview/75/55cb71cc8ba26-00001.jpg
However, on the page where the filter doesn't work, I have this src:
:///media/cache/shooting/photo_preview/75/55cb71cc8ba26-00001.jpg
Has anybody already have a problem like that?
Moreover, the first src only works on app.php and not on app_dev.php.
On my application, I'm using Gaufrette to upload photos to S3 and then Liip to apply the filters. The cache is on my server. This is my configuration:
"liip/imagine-bundle": "1.3.*#dev",
"knplabs/gaufrette": "0.1.*",
"knplabs/knp-gaufrette-bundle": "0.1.*#dev",
"aws/aws-sdk-php": "2.8.*#dev",
<--- The services --->
services:
mycompany.aws_s3.client:
class: Aws\S3\S3Client
factory_class: Aws\S3\S3Client
factory_method: 'factory'
arguments:
-
key: %amazon_aws_key%
secret: %amazon_aws_secret_key%
region: %amazon_aws_region%
mycompany.liip_imagine.binary.loader.stream.shooting:
class: '%liip_imagine.binary.loader.stream.class%'
arguments:
- 'gaufrette://shooting/'
tags:
- { name: 'liip_imagine.binary.loader', loader: 'stream.shooting' }
<--- Gaufrette --->
knp_gaufrette:
adapters:
shooting:
aws_s3:
service_id: mycompany.aws_s3.client
bucket_name: %amazon_s3_bucket%
options:
directory: shooting
filesystems:
shooting:
adapter: shooting
alias: shooting_filesystem
stream_wrapper: ~
<--- Liip --->
liip_imagine:
resolvers:
default:
web_path: ~
shooting:
web_path:
cache_prefix: /media/cache/shooting
controller:
filter_action: mycompany_imagine.controller:filterAction
filter_sets:
photo_preview:
data_loader: stream.shooting
cache: shooting
quality: 50
filters:
upscale: { min: [690, 690] }
thumbnail: { size: [690, 690], mode: outbound}
<--- Twig --->
<img src="{{ photo.imagepath | imagine_filter('photo_preview') }}" alt="">
I got an answer on Github. I just needed to change my resolver:
https://github.com/liip/LiipImagineBundle/issues/203
I think there is a bug in the bundle LiipImagineBundle. I explain:
Here is my new config of the bundle:
liip_imagine:
resolvers:
default:
web_path:
web_root: %kernel.root_dir%/../web/img
# %kernel.root_dir%/../web/img is the folder where filtered images will be created!
cache_prefix: media/cache
# media/cache the prefix of folder where the cached images will be created
filter_sets:
cache: ~
my_thumb:
quality: 75
filters:
thumbnail: { size: [120, 90], mode: outbound }
This is the twig part for displaying the image:
{# This way the filtered image will not be created!#}
<img src="{{ 'img/test.jpg' | imagine_filter('my_thumb') }}" />
{# That way, the filted images will be created. asset() must be used. #}
<img src="{{ asset('img/test.jpg' | imagine_filter('my_thumb')) }}" />
The generated link of the image is not correct! In fact, the obtained link is:
http://localhost/media/cache/my_thumb/img/test.jpg
The expected correct link is:
http://localhost/tuto/web/img/media/cache/my_thumb/img/test.jpg
There is a missing part in the url: tuto/web/img . Is this a bug?
To avoid that problem, I did this:
<img src="{{ asset('img/test.jpg' | imagine_filter('my_thumb'))|replace({'media':'tuto/web/img/media'}) }}" />
I guess that playing with twig is not a good solution.
It is a bug in LiipImagineBundle? If not, please give the correct config for that bundle!
Thanks!
I found finally the solution on github.
I am just trying to get working LiipImagineBundle.
Ok, all I got so far:
Installed using composer
$ php composer.phar require "liip/imagine-bundle:dev-master"
Enabled bundle in AppKernel.php
new Liip\ImagineBundle\LiipImagineBundle(),
Added to routing.yml
_imagine path
Added liip_imagine filter in config.yml
Checked using php app/console router:debug and path _imagine_my_thumb exist.
But after using:
<img src="{{ '/relative/path/to/image.jpg' | imagine_filter('my_thumb') }}" />
image is not rendered, path is simply not found error.
prod.log says that Route _imagine_my_thumb does not exist, although it exist, because it's displayed using router:debug for both environments.
You know that you should replace '/relative/path/to/image.jpg' with your image path?
Make sure your file exists.
A working example
config:
liip_imagine:
driver: gd
web_root: %kernel.root_dir%/../web
data_root: %kernel.root_dir%/../app
cache_mkdir_mode: 0777
cache_prefix: /media/cache
cache: web_path
cache_clearer: true
data_loader: filesystem
controller_action: liip_imagine.controller:filterAction
formats: []
filter_sets:
avatar:
filters:
thumbnail: { size: [40, 40], mode: outbound }
profile:
filters:
relative_resize: { widen: 500 }
html:
<img src="{{ 'uploads/images/filename.jpg' | imagine_filter('avatar') }}" alt="image">
enter code here
routing.yml:
_imagine:
resource: .
type: imagine
Remark: My source folder is in the app folder (see: data_root)
I had similar problem and after enable of php_fileinfo extension in php.ini render start to work.
I'm using Symfony 2.1 dev and looking for easiest way to get parameter from app/config/parameters.yml (ini).
Simple example:
I have record in parameters.yml
parameters:
url: "http://domain.com"
Then i want to use it somehow in static js file
var url = "{{ app.url }}"; // trying to avoid hardcode
This token should be replaced by actual value from coonfig after
app/console assetic:dump
So final js will have
var url = "http://domain.com";
Currently i'm thinking about writing my own console command but firstly i want to ensure there is no any standard way of doing such things in Symfony2 or maybe some bundle that can halp me?
UPDATE: i'd like to do this with AsseticBundle, like YUI and LESS
assetic:
debug: %kernel.debug%
use_controller: false
write_to: %kernel.root_dir%/../web
filters:
cssrewrite: ~
lessphp: ~
yui_js:
jar: "%kernel.root_dir%/Resources/java/yuicompressor-2.4.6.jar"
yui_css:
jar: %kernel.root_dir%/Resources/java/yuicompressor-2.4.6.jar
to add another one filter which will replace token {{ app.url }} in js file to actual "http://domain.com"
A simple solution would be to reference your parameters in the twig globals:
parameters:
url: "http://domain.com"
an_array:
twig: "is cool"
and: "symfony2 to"
twig:
globals:
app_parameters:
url: %url%
an_array: %an_array%
Then in your template:
<script>
window.parameters = {{ app_parameters|json_encode|raw }};
</script>
would render something like:
<script>
window.parameters = {"url":"http://domain.com","an_array":{"twig":"is cool","and":"symfony2 to"}};
</script>