Dolibarr auto-install fix, working with persistent data

Various readme changes
DrumSlayers · Jun 30, 2023 · 085232b · 085232b
1 parent eb57040
commit 085232b
Show file tree

Hide file tree

Showing 5 changed files with 59 additions and 21 deletions.
diff --git a/README.md b/README.md
@@ -1,16 +1,23 @@
 # Projet Annuel 2023
 #### Table of contents
-1. [Introduction](#introduction)
-    * [Membres du projet](#membres-du-projet)
-    * [Topo](#topo)
-2. [Requirements](#requirements)
-    * [Installation of requirements](#installation-of-requirements)
-3. [Déploiement](#déploiement)
-4. [AWS Academy Credentials scrapper](#aws-academy-credentials-scrapper)
-5. [Usage](#usage)
-6. [Backend remote tfstate](#backend-remote-tfstate)
-7. [A faire](#a-faire)
-8. [Documentation](#documentation)
+- [Projet Annuel 2023](#projet-annuel-2023)
+      - [Table of contents](#table-of-contents)
+  - [Introduction](#introduction)
+    - [Membres du projet](#membres-du-projet)
+    - [Topo](#topo)
+  - [Requirements](#requirements)
+    - [Installation of requirements](#installation-of-requirements)
+      - [Terraform](#terraform)
+        - [Backend remote tfstate](#backend-remote-tfstate)
+        - [Multiple platform lock dependencies](#multiple-platform-lock-dependencies)
+  - [Déploiement](#déploiement)
+    - [Infrastructure Provisioning](#infrastructure-provisioning)
+    - [Infrastructure Configuration](#infrastructure-configuration)
+  - [AWS Academy Credentials scrapper](#aws-academy-credentials-scrapper)
+    - [Usage](#usage)
+  - [Documentation \& explainations](#documentation--explainations)
+    - [For each module](#for-each-module)
+    - [References](#references)
 
 ## Introduction
 ### Membres du projet
@@ -77,11 +84,12 @@ terraform providers lock \
 ## Déploiement
 ### Infrastructure Provisioning
 1. Fetch the AWS credentials using [AWS Academy Credentials scrapper](#aws-academy-credentials-scrapper) script
-2. `terraform init -backend-config=backend.conf`
-3. `terraform plan / deploy`
+2. Copy `terraform.tfvars.exemple` to `terraform.tfvars` and edit the values with your AWS Academy credentials
+3. Use `terraform plan` to preview changes
+4. Use `terraform apply` to apply changes
 
 ### Infrastructure Configuration
-1. In `Ansible/` folder, copy each .example files to .yml files and edit the values with the required credentials (AWS & Remote database)
+1. In `Ansible/` folder, copy each .example files to .yml files and edit the values with the required credentials (AWS, Remote database and various services configuration)
 2. Run Ansible Playbook to configure each instance you want to configure.
    Playbooks are configured to match the right EC2 tags, so it automatically configure the targeted service.
    For exemple: 
@@ -101,6 +109,11 @@ We are using Selenium with Chromium webdriver & BeautifulSoup python module for
 1. Copy `.env.exemple` to `.env` and edit the values with your AWS Academy credentials	
 2. Run ```python3 scrape_aws_credentials.py```
 
-## Documentation
+## Documentation & explainations
+### For each module
+You will find each module documentation in the /docs folder.
+Direct links :
+
+### References
 - Ansible x Terraform x AWS 1 https://blog.stephane-robert.info/post/terraform-gitlab-aws-ansible/
 - Ansible x Terraform x AWS 2 https://dev.to/mariehposa/how-to-deploy-an-application-to-aws-ec2-instance-using-terraform-and-ansible-3e78
diff --git a/ansible/dolibarr-playbook.yml b/ansible/dolibarr-playbook.yml
@@ -36,6 +36,20 @@
         - nginx
         - php8.1-fpm
 
+    - name: Increase PHP timeouts # Without it, dolibarr install script will fail
+      block:
+        - name: Increase php-fpm script execution timeout
+          ansible.builtin.replace:
+            path: /etc/php/8.1/fpm/php.ini
+            regexp: 'max_execution_time = 30'
+            replace: 'max_execution_time = 600' # 10 minutes
+        - name: Increase php-fpm www.conf request_terminate_timeout
+          ansible.builtin.replace:
+            path: /etc/php/8.1/fpm/pool.d/www.conf
+            regexp: ';request_terminate_timeout = 0'
+            replace: 'request_terminate_timeout = 600' # 10 minutes
+          notify: Restart php8.1-fpm
+
     - name: Ensure Dolibarr directory exists
       ansible.builtin.file:
         path: "{{ dolibarr_install_dir }}"
@@ -84,10 +98,15 @@
             owner: root
             group: root
             mode: '0755'
+        - name: Register status of dummy ssl certificate
+          ansible.builtin.stat:
+            path: /etc/nginx/ssl/dummy.cer
+          register: dummy_ssl_cert_path
         - name: Create dummy ssl certificate to have a valid nginx configuration
+          when: not dummy_ssl_cert_path.stat.exists
           ansible.builtin.command: >
             openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/dummy.key
-             -out /etc/nginx/ssl/dummy.cer -subj "/C=FR/ST=France/L=Paris/O=transexpress/OU=sys/CN={{ domain_name }}"
+             -out /etc/nginx/ssl/dummy.cer -subj "/C=FR/ST=France/L=Paris/O=TransExpress/OU=PLACEHOLDER - TEMPORAIRE/CN={{ domain_name }}"
           args:
             creates:
               /etc/nginx/ssl/dummy.cer
@@ -116,7 +135,7 @@
           changed_when: command_output.rc != 0
         - name: Generate Let's Encrypt certificate for domain
           ansible.builtin.command:
-            cmd: '{{ acme_install_dir }}/acme.sh --issue --nginx -d {{ domain_name }} --server letsencrypt'
+            cmd: '{{ acme_install_dir }}/acme.sh --issue --nginx -d {{ domain_name }} --server letsencrypt --staging'
             chdir: '{{ acme_install_dir }}'
           register: command_output
           changed_when: command_output.rc != 0
@@ -145,3 +164,7 @@
       ansible.builtin.service:
         name: nginx
         state: restarted
+    - name: Restart php8.1-fpm
+      ansible.builtin.service:
+        name: php8.1-fpm
+        state: restarted
diff --git a/ansible/dolibarr/install.forced.php.j2 b/ansible/dolibarr/install.forced.php.j2
@@ -25,7 +25,7 @@ $force_install_noedit = 2;
 $force_install_message = 'Welcome to your Dolibarr install';
 
 /** @var string	$force_install_main_data_root 		Data root absolute path (documents folder) */
-$force_install_main_data_root = null;
+$force_install_main_data_root = '{{ dolibarr_install_dir }}/dolibarr-17.0.2/htdocs';
 
 /** @var boolean	$force_install_mainforcehttps	Force HTTPS */
 $force_install_mainforcehttps = true;
@@ -71,4 +71,4 @@ $force_install_dolibarrlogin = 'admin';
 $force_install_lockinstall = true;
 
 /** @var string $force_install_module				Enable module(s) (Comma separated class names list) */
-$force_install_module = 'modSociete,modFournisseur,modFacture';
+$force_install_module = 'modSociete'; //,modFournisseur,modFacture
diff --git a/ansible/dolibarr/nginx_dolibarr.conf.j2 b/ansible/dolibarr/nginx_dolibarr.conf.j2
@@ -28,6 +28,8 @@ server {
     location ~ \.php$ {
         include snippets/fastcgi-php.conf;
         fastcgi_pass unix:/run/php/php8.1-fpm.sock;
+        fastcgi_read_timeout 600; 
+        # 10 minutes, without it, dolibarr install will timeout 
     }
 
     location ~ /\.ht {

diff --git a/terraform.tfvars.example b/terraform.tfvars.example
@@ -61,7 +61,6 @@ s3_region = "fr-par"
 trusted_domain = "hosting.transexpress.ovh"
 trusted_proxy = "172.19.0.254"
 
-
 ## INFORMATION
 ec2-config = {
   "vm-dolibarr" = {
@@ -124,4 +123,5 @@ ec2-config = {
 
 project_eks = "TransexpressWebsite"
 vpc_cidr_eks         = "10.0.0.0/16"
-subnet_cidr_bits_eks = 8
+subnet_cidr_bits_eks = 8
+github_token = "github_pat_xxxxxxxxxxxxxxxxxxxxxx"