- git
- python3 (>3.7)
- pip
- virtualenv
sudo apt install git python3 python3-pip python3-venv
brew install git python
python3 -m ensurepip --upgrade
pip3 install virtualenv
sudo apt install git python3 python3-pip python3-venv
Clone the repository:
git clone [email protected]:openfoodfacts/openfoodfacts-ops.git
cd openfoodfacts-ops
Create and activate virtual environment:
python3 -m venv ./venv
source venv/bin/activate
Install dependencies
python3 -m pip install -r requirements.pip
ansible-galaxy install -r requirements.yml
ansible all -m ping
ansible-playbook jobs/configure.yml
ansible-playbook sites/monitoring.openfoodfacts.org.yml
- Edit
group_vars/all/sshd.yml
to add user tosshd_github_authorized_users
- Run:
ansible-playbook jobs/configure.yml
- Remove user from
sshd_github_authorized_users
- Add to
sshd_github_revoked_users
- Run:
ansible-playbook jobs/configure.yml
├── docs # Documentation in Markdown
│ ├── index.md
│ ├── *.md
│ └── ...
├── group_vars # Configuration per group
│ ├── all # Common configuration
│ │ ├── base.yml
│ │ └── sshd.yml
│ ├── group-1
│ │ ├── config.yml # Configuration of group in plain text
│ │ └── secret.yml # Configuration of group encrypted
│ └── group-X.yml # Configuration of group in a single file
├── host_vars # Configuration per host
│ ├── server-XX.yml
│ └── server-YY.yml
├── jobs # Maintenance tasks as playbooks
│ ├── configure.yml
│ └── ...
├── keys # SSH keys
│ ├── default.pub # default public key
│ └── ...
├── plugins # Ansible plugins
│ ├── filters
│ ├── lookup
│ └── ...
├── roles # Ansible roles
│ ├── role-X
│ └── ...
├── sites # Ansible playbooks to deploy sites
│ ├── public.url.yml
│ └── ...
├── .gitattributes # Specifies (among others) the files to encrypt
├── .gitignore # Files ignored by git
├── ansible.cfg # Ansible configuration for this repository
├── inventory.production.ini # Ansible inventory: all servers are there
├── requirements.pip # Python dependencies
└── requirements.yml # Ansible dependencies
## Contributing
Please use ansible-lint before submitting a PR.