aboutsummaryrefslogtreecommitdiff
path: root/gerboweb/ansible
diff options
context:
space:
mode:
Diffstat (limited to 'gerboweb/ansible')
-rw-r--r--gerboweb/ansible/gerboweb-job-processor.service.j29
-rw-r--r--gerboweb/ansible/gerboweb.cfg.j24
-rw-r--r--gerboweb/ansible/gerboweb.yml86
-rwxr-xr-xgerboweb/ansible/render.sh.j217
-rw-r--r--gerboweb/ansible/tmpfiles-gerboweb.conf.j21
-rw-r--r--gerboweb/ansible/uwsgi-gerboweb.ini10
-rwxr-xr-xgerboweb/ansible/vector.sh.j218
7 files changed, 145 insertions, 0 deletions
diff --git a/gerboweb/ansible/gerboweb-job-processor.service.j2 b/gerboweb/ansible/gerboweb-job-processor.service.j2
new file mode 100644
index 0000000..517d8b8
--- /dev/null
+++ b/gerboweb/ansible/gerboweb-job-processor.service.j2
@@ -0,0 +1,9 @@
+[Unit]
+Description=Gerboweb gerber job processor
+
+[Service]
+WorkingDirectory=/var/lib/gerboweb
+ExecStart=/usr/bin/python3 job_processor.py {{gerboweb_cache}}/job_queue.sqlite3
+
+[Install]
+WantedBy=uwsgi-app@gerboweb.service
diff --git a/gerboweb/ansible/gerboweb.cfg.j2 b/gerboweb/ansible/gerboweb.cfg.j2
new file mode 100644
index 0000000..eec4dcb
--- /dev/null
+++ b/gerboweb/ansible/gerboweb.cfg.j2
@@ -0,0 +1,4 @@
+MAX_CONTENT_LENGTH=50000000
+SECRET_KEY="{{lookup('password', 'gerboweb_flask_secret.txt length=32')}}"
+UPLOAD_PATH="{{gerboweb_cache}}/upload"
+JOB_QUEUE_DB="{{gerboweb_cache}}/job_queue.sqlite3"
diff --git a/gerboweb/ansible/gerboweb.yml b/gerboweb/ansible/gerboweb.yml
new file mode 100644
index 0000000..590d01b
--- /dev/null
+++ b/gerboweb/ansible/gerboweb.yml
@@ -0,0 +1,86 @@
+---
+- name: Setup gerboweb
+ hosts: all
+ tasks:
+ - name: Set local facts
+ set_fact:
+ gerboweb_cache: /var/cache/gerboweb
+
+ - name: Install packages into gerbolyze container
+ pacman:
+ name: python3,python-numpy,python-pip,imagemagick,pugixml,git,python,make,clang,rustup,cargo
+ state: present
+
+ - name: Setup usvg
+ shell: cargo install usvg resvg
+ args:
+ creates: /usr/bin/usvg
+
+ - name: Copy webapp sources
+ git:
+ repo: ../..
+ dest: /var/lib/gerboweb
+
+ - name: Create uwsgi worker user and group
+ user:
+ name: uwsgi-gerboweb
+ create_home: no
+ group: uwsgi
+ password: '!'
+ shell: /sbin/nologin
+ system: yes
+
+ - name: Template webapp config
+ template:
+ src: gerboweb.cfg.j2
+ dest: /var/lib/gerboweb/gerboweb_prod.cfg
+ owner: uwsgi-gerboweb
+ group: root
+ mode: 0660
+
+ - name: Copy uwsgi config
+ copy:
+ src: uwsgi-gerboweb.ini
+ dest: /etc/uwsgi.d/gerboweb.ini
+ owner: uwsgi-gerboweb
+ group: uwsgi
+ mode: 0440
+
+ - name: Copy job processor systemd service config
+ template:
+ src: gerboweb-job-processor.service.j2
+ dest: /etc/systemd/system/gerboweb-job-processor.service
+
+ - name: Enable uwsgi systemd socket
+ systemd:
+ daemon-reload: yes
+ name: uwsgi-app@gerboweb.socket
+ enabled: yes
+
+ - name: Copy gerboweb cache dir tmpfiles.d config
+ template:
+ src: tmpfiles-gerboweb.conf.j2
+ dest: /etc/tmpfiles.d/gerboweb.conf
+ owner: root
+ group: root
+ mode: 0644
+ register: tmpfiles_config
+
+ - name: Kick systemd tmpfiles service to create cache dir
+ command: systemd-tmpfiles --create
+ when: tmpfiles_config is changed
+
+ - name: Create job queue db
+ file:
+ path: "{{gerboweb_cache}}/job_queue.sqlite3"
+ owner: root
+ group: uwsgi
+ mode: 0660
+ state: touch
+
+ - name: Enable and launch job processor
+ systemd:
+ name: gerboweb-job-processor.service
+ enabled: yes
+ state: restarted
+
diff --git a/gerboweb/ansible/render.sh.j2 b/gerboweb/ansible/render.sh.j2
new file mode 100755
index 0000000..beed8f1
--- /dev/null
+++ b/gerboweb/ansible/render.sh.j2
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+[ $# != 1 ] && exit 1
+ID=$1
+egrep -x -q '^[-0-9A-Za-z]{36}$'<<<"$ID" || exit 2
+
+systemd-nspawn \
+ -D {{gerboweb_root}} \
+ -x --bind={{gerboweb_cache}}/upload/$ID:/mnt \
+ /bin/sh -c "set -euo pipefail
+unzip -j -d /tmp/gerber /mnt/gerber.zip
+rm -f /mnt/template_top.svg /mnt/template_bottom.svg /mnt/template_top.preview.png /mnt/template_bottom.preview.png
+date; echo 'Rendering'
+gerbolyze template --top /mnt/template_top.svg --bottom /mnt/template_bottom.svg /tmp/gerber
+date; echo 'Scaling down'
+convert /mnt/template_top.svg -resize 500x500 -negate -brightness-contrast 30x30 -colorspace gray /mnt/template_top.preview.png
+convert /mnt/template_bottom.svg -resize 500x500 -negate -brightness-contrast 30x30 -colorspace gray /mnt/template_bottom.preview.png
diff --git a/gerboweb/ansible/tmpfiles-gerboweb.conf.j2 b/gerboweb/ansible/tmpfiles-gerboweb.conf.j2
new file mode 100644
index 0000000..18469b7
--- /dev/null
+++ b/gerboweb/ansible/tmpfiles-gerboweb.conf.j2
@@ -0,0 +1 @@
+d {{gerboweb_cache}} 770 uwsgi-gerboweb uwsgi 2d
diff --git a/gerboweb/ansible/uwsgi-gerboweb.ini b/gerboweb/ansible/uwsgi-gerboweb.ini
new file mode 100644
index 0000000..155d01a
--- /dev/null
+++ b/gerboweb/ansible/uwsgi-gerboweb.ini
@@ -0,0 +1,10 @@
+[uwsgi]
+master = True
+cheap = True
+die-on-idle = False
+manage-script-name = True
+plugins = python3
+chdir = /var/lib/gerboweb
+mount = /=gerboweb:app
+env = GERBOWEB_SETTINGS=gerboweb_prod.cfg
+
diff --git a/gerboweb/ansible/vector.sh.j2 b/gerboweb/ansible/vector.sh.j2
new file mode 100755
index 0000000..b007967
--- /dev/null
+++ b/gerboweb/ansible/vector.sh.j2
@@ -0,0 +1,18 @@
+#!/bin/sh
+
+[ $# != 2 ] && exit 1
+ID=$1
+egrep -x -q '^[-0-9A-Za-z]{36}$'<<<"$ID" || exit 2
+LAYER=$2
+egrep -x -q '^(top|bottom)$'<<<"$LAYER" || exit 2
+
+systemd-nspawn \
+ -D {{gerboweb_root}} \
+ -x --bind={{gerboweb_cache}}/upload/$ID:/mnt \
+ /bin/sh -c "set -euo pipefail
+cd /tmp
+unzip -j -d gerber_in /mnt/gerber.zip
+gerbolyze paste "--"$LAYER /mnt/overlay.svg gerber_in gerber
+rm -f /mnt/gerber_out.zip
+zip -r /mnt/gerber_out.zip gerber"
+