From 66ec80ffa2bc67b05cdc1033149a93ec838657af Mon Sep 17 00:00:00 2001
From: Janzert <janzert@janzert.com>
Date: Thu, 8 Dec 2016 19:23:58 -0500
Subject: [PATCH 1/3] Initial ansible playbook.

---
 .gitignore                                    |  4 +
 ansible/ansible.cfg                           |  3 +
 ansible/primary.yml                           | 17 +++++
 ansible/readme.md                             | 36 +++++++++
 ansible/roles/common/tasks/main.yml           |  7 ++
 ansible/roles/dbserver/tasks/main.yml         | 39 ++++++++++
 ansible/roles/dbserver/templates/my.cnf.j2    |  3 +
 ansible/roles/webserver/handlers/main.yml     |  6 ++
 ansible/roles/webserver/tasks/main.yml        | 74 +++++++++++++++++++
 .../roles/webserver/templates/apache.conf.j2  | 14 ++++
 .../roles/webserver/templates/halite.ini.j2   |  6 ++
 ansible/settings_example.yml                  | 17 +++++
 12 files changed, 226 insertions(+)
 create mode 100644 ansible/ansible.cfg
 create mode 100644 ansible/primary.yml
 create mode 100644 ansible/readme.md
 create mode 100644 ansible/roles/common/tasks/main.yml
 create mode 100644 ansible/roles/dbserver/tasks/main.yml
 create mode 100644 ansible/roles/dbserver/templates/my.cnf.j2
 create mode 100644 ansible/roles/webserver/handlers/main.yml
 create mode 100644 ansible/roles/webserver/tasks/main.yml
 create mode 100644 ansible/roles/webserver/templates/apache.conf.j2
 create mode 100644 ansible/roles/webserver/templates/halite.ini.j2
 create mode 100644 ansible/settings_example.yml

diff --git a/.gitignore b/.gitignore
index 51e6d0ca5..c8e28f197 100644
--- a/.gitignore
+++ b/.gitignore
@@ -404,6 +404,10 @@ workingPath/
 *.ini
 !travisTests.ini
 
+ansible/inventory
+ansible/settings.yml
+ansible/*.retry
+
 *.swp
 *.gch
 *.exe
diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
new file mode 100644
index 000000000..03a7705f5
--- /dev/null
+++ b/ansible/ansible.cfg
@@ -0,0 +1,3 @@
+[defaults]
+module_lang = en_US.UTF-8
+
diff --git a/ansible/primary.yml b/ansible/primary.yml
new file mode 100644
index 000000000..f747a1ab9
--- /dev/null
+++ b/ansible/primary.yml
@@ -0,0 +1,17 @@
+---
+- name: Get halite code on server
+  hosts: all
+  vars_files:
+    - settings.yml
+  roles:
+    - common
+
+- name: Setup combined website and database server
+  hosts: all
+  become: yes
+  vars_files:
+    - settings.yml
+  roles:
+    - webserver
+    - dbserver
+
diff --git a/ansible/readme.md b/ansible/readme.md
new file mode 100644
index 000000000..07f240752
--- /dev/null
+++ b/ansible/readme.md
@@ -0,0 +1,36 @@
+# Introduction
+
+This defines an [Ansible](http://www.ansible.com/) that will deploy the Halite
+website and database onto a single server. The playbook assumes a basically
+fresh Ubuntu 16.04 OS install and that it will be the single use for the server.
+
+WARNING: Do not deploy this to a server you are using for other purposes. This
+will probably interfere with whatever you are already doing on the server.
+
+# Prerequisites
+
+On the server you need a user that the Halite code will live under, can be
+accessed with SSH and has sudo permissions. Python must also be installed, `sudo apt install python` will do that.
+
+Locally you need ansible installed, `pip install ansible`.
+
+An `inventory` file in this directory with the line:
+    MY.SERVER.HOSTNAME remote_user="USERNAME"
+
+Where MY.SERVER.HOSTNAME is either the domain or ip address to your server and
+USERNAME is the user on the server for the Halite code.
+
+Also a `settings.yml` file filled in with the settings shown in
+`settings_example.yml`.
+
+If you will be using ssh password authentication instead of key based
+authentication, you also need `sshpass` installed locally, `sudo apt install
+sshpass`.
+
+# Running the playbook
+
+After getting the prerequisites setup above, to deploy to the server simply run:
+    ansible-playbook -i inventory primary.yml
+
+If you need to specify an ssh password, use the -k option. Similarly if a sudo password is need use -K. For example if you need both ssh and sudo passwords it would look something like:
+    ansible-playbook -i inventory primary.yml -k -K
diff --git a/ansible/roles/common/tasks/main.yml b/ansible/roles/common/tasks/main.yml
new file mode 100644
index 000000000..ac16d41eb
--- /dev/null
+++ b/ansible/roles/common/tasks/main.yml
@@ -0,0 +1,7 @@
+---
+- name: Get halite code
+  git:
+    repo: "{{ halite_src }}"
+    version: "{{ halite_version }}"
+    dest: "{{ halite_dest }}"
+
diff --git a/ansible/roles/dbserver/tasks/main.yml b/ansible/roles/dbserver/tasks/main.yml
new file mode 100644
index 000000000..2fe1f32d1
--- /dev/null
+++ b/ansible/roles/dbserver/tasks/main.yml
@@ -0,0 +1,39 @@
+---
+- name: Install apt packages
+  apt: name={{ item }} update_cache=yes cache_valid_time=7200
+  with_items:
+    - mysql-server
+    - python-mysqldb
+
+- name: Check mysql using password
+  command: mysql -u root -e "SELECT * FROM mysql.user WHERE User='root' AND plugin!='mysql_native_password';"
+  register: mysql_use_password
+  changed_when: mysql_use_password.stdout != ""
+
+- name: Use password for mysql root auth
+  when: mysql_use_password.stdout != ""
+  command: mysql -u root -e "UPDATE mysql.user SET plugin = 'mysql_native_password' WHERE User='root'; FLUSH PRIVILEGES;"
+
+- name: Set mysql root password
+  mysql_user:
+    name: root
+    password: "{{ mysql_root_pw }}"
+
+- name: Set .my.cnf file
+  template: src=my.cnf.j2 dest={{ item.dst }} owner={{ item.owner }} mode=0640
+  with_items:
+    - { dst: "/home/{{ remote_user }}/.my.cnf", owner: "{{ remote_user }}" }
+    - { dst: /root/.my.cnf, owner: root }
+
+- name: Check halite database exists
+  command: mysql -e 'use Halite'
+  register: database_check
+  changed_when: database_check.rc != 0
+  failed_when: database_check.rc != 0 and not database_check.stderr.startswith("ERROR 1049")
+
+- name: Create halite database
+  when: database_check.rc != 0
+  mysql_db:
+    name: Halite
+    state: import
+    target: /home/{{ remote_user }}/Halite/website/sql/schema.sql
diff --git a/ansible/roles/dbserver/templates/my.cnf.j2 b/ansible/roles/dbserver/templates/my.cnf.j2
new file mode 100644
index 000000000..8693e4299
--- /dev/null
+++ b/ansible/roles/dbserver/templates/my.cnf.j2
@@ -0,0 +1,3 @@
+[client]
+user=root
+password={{ mysql_root_pw }}
diff --git a/ansible/roles/webserver/handlers/main.yml b/ansible/roles/webserver/handlers/main.yml
new file mode 100644
index 000000000..f8bb9e667
--- /dev/null
+++ b/ansible/roles/webserver/handlers/main.yml
@@ -0,0 +1,6 @@
+---
+- name: reload apache2
+  service: name=apache2 state=reloaded
+
+- name: restart apache2
+  service: name=apache2 state=restarted
diff --git a/ansible/roles/webserver/tasks/main.yml b/ansible/roles/webserver/tasks/main.yml
new file mode 100644
index 000000000..759fc2b84
--- /dev/null
+++ b/ansible/roles/webserver/tasks/main.yml
@@ -0,0 +1,74 @@
+---
+- name: Add apt repository
+  apt_repository: repo="ppa:ondrej/php"
+
+- name: Install apt packages
+  apt: name={{item}} update_cache=yes cache_valid_time=7200
+  with_items:
+    - apache2
+    - libssl-dev
+    - php5.6
+    - php5.6-mysql
+    - python3
+    - python3-pip
+    - zip
+
+- name: Install pip packages
+  pip: name={{item}} executable=pip3
+  with_items:
+    - trueskill
+    - boto
+    - paramiko
+    - pymysql
+
+- name: Install composer
+  shell: curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
+  args:
+    creates: /usr/local/bin/composer
+
+- name: Install php packages
+  become: true
+  become_user: "{{ remote_user }}"
+  shell: composer install
+  args:
+    chdir: "{{ halite_dest }}/website/"
+    creates: "{{ halite_dest }}/website/vendor/"
+
+- name: Symlink to webserver directory
+  file:
+    src: "{{ halite_dest }}"
+    dest: /var/www/Halite
+    state: link
+
+- name: Configure apache
+  template: src=apache.conf.j2 dest=/etc/apache2/sites-enabled/000-default.conf
+  notify: reload apache2
+
+- name: Enable apache modules
+  apache2_module: name={{ item }} state=present
+  with_items:
+    - rewrite
+    - expires
+  notify: restart apache2
+
+- name: Set php max upload size
+  lineinfile:
+    dest: /etc/php/5.6/apache2/php.ini
+    line: upload_max_filesize = 150M
+    regexp: "^upload_max_filesize ="
+    state: present
+  notify: restart apache2
+
+- name: Set php max post size
+  lineinfile:
+    dest: /etc/php/5.6/apache2/php.ini
+    line: post_max_size = 151M
+    regexp: "^post_max_size ="
+    state: present
+  notify: restart apache2
+
+- name: Set halite.ini
+  template:
+    src: halite.ini.j2
+    dest: "{{ halite_dest }}/halite.ini"
+    owner: "{{ remote_user }}"
diff --git a/ansible/roles/webserver/templates/apache.conf.j2 b/ansible/roles/webserver/templates/apache.conf.j2
new file mode 100644
index 000000000..e3dfc8f3e
--- /dev/null
+++ b/ansible/roles/webserver/templates/apache.conf.j2
@@ -0,0 +1,14 @@
+<VirtualHost *:80>
+    ServerName {{ webdomain }}
+
+    ServerAdmin webmaster@{{ webdomain }}
+    DocumentRoot /var/www/Halite/website
+
+    ErrorLog ${APACHE_LOG_DIR}/error.log
+    CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+    <Directory "/var/www/Halite/website">
+        Options FollowSymLinks
+        AllowOverride All
+    </Directory>
+</VirtualHost>
diff --git a/ansible/roles/webserver/templates/halite.ini.j2 b/ansible/roles/webserver/templates/halite.ini.j2
new file mode 100644
index 000000000..d7df62c0a
--- /dev/null
+++ b/ansible/roles/webserver/templates/halite.ini.j2
@@ -0,0 +1,6 @@
+[database]
+hostname = localhost
+username = root
+password = {{ mysql_root_pw }}
+name = Halite
+
diff --git a/ansible/settings_example.yml b/ansible/settings_example.yml
new file mode 100644
index 000000000..b2ad8f274
--- /dev/null
+++ b/ansible/settings_example.yml
@@ -0,0 +1,17 @@
+---
+# Halite code repository to use. Change as appropriate if you want to install
+# something other than the public source.
+halite_src: https://github.com/HaliteChallenge/Halite.git
+
+# The branch or revision to use from the above repository.
+halite_version: HEAD
+
+# Where to put the code
+halite_dest: /home/{{ remote_user }}/Halite
+
+# domain name to use for the website
+webdomain: halite.MYDOMAIN
+
+# password to use for the mysql root user.
+mysql_root_pw: MAKEMESECRET
+

From 09b4715d689ced349b66072b494a5a4243258b67 Mon Sep 17 00:00:00 2001
From: Janzert <janzert@janzert.com>
Date: Thu, 8 Dec 2016 19:34:04 -0500
Subject: [PATCH 2/3] Add missing word, wrap text.

---
 ansible/readme.md | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/ansible/readme.md b/ansible/readme.md
index 07f240752..d39f35060 100644
--- a/ansible/readme.md
+++ b/ansible/readme.md
@@ -1,8 +1,9 @@
 # Introduction
 
-This defines an [Ansible](http://www.ansible.com/) that will deploy the Halite
-website and database onto a single server. The playbook assumes a basically
-fresh Ubuntu 16.04 OS install and that it will be the single use for the server.
+This defines an [Ansible](http://www.ansible.com/) playbook that will deploy
+the Halite website and database onto a single server. The playbook assumes
+a basically fresh Ubuntu 16.04 OS install and that it will be the single use
+for the server.
 
 WARNING: Do not deploy this to a server you are using for other purposes. This
 will probably interfere with whatever you are already doing on the server.
@@ -10,7 +11,8 @@ will probably interfere with whatever you are already doing on the server.
 # Prerequisites
 
 On the server you need a user that the Halite code will live under, can be
-accessed with SSH and has sudo permissions. Python must also be installed, `sudo apt install python` will do that.
+accessed with SSH and has sudo permissions. Python must also be installed,
+`sudo apt install python` will do that.
 
 Locally you need ansible installed, `pip install ansible`.
 
@@ -32,5 +34,7 @@ sshpass`.
 After getting the prerequisites setup above, to deploy to the server simply run:
     ansible-playbook -i inventory primary.yml
 
-If you need to specify an ssh password, use the -k option. Similarly if a sudo password is need use -K. For example if you need both ssh and sudo passwords it would look something like:
+If you need to specify an ssh password, use the -k option. Similarly if a sudo
+password is need use -K. For example if you need both ssh and sudo passwords it
+would look something like:
     ansible-playbook -i inventory primary.yml -k -K

From 0dac660aff0386536ced301a8780aaa81a5e46fb Mon Sep 17 00:00:00 2001
From: Janzert <janzert@janzert.com>
Date: Thu, 8 Dec 2016 19:36:27 -0500
Subject: [PATCH 3/3] Fix readme command formatting.

---
 ansible/readme.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ansible/readme.md b/ansible/readme.md
index d39f35060..555eadd1c 100644
--- a/ansible/readme.md
+++ b/ansible/readme.md
@@ -32,9 +32,11 @@ sshpass`.
 # Running the playbook
 
 After getting the prerequisites setup above, to deploy to the server simply run:
+
     ansible-playbook -i inventory primary.yml
 
 If you need to specify an ssh password, use the -k option. Similarly if a sudo
 password is need use -K. For example if you need both ssh and sudo passwords it
 would look something like:
+
     ansible-playbook -i inventory primary.yml -k -K