From c8aa8a8bd943cce6091a869d5137de37139cfffc Mon Sep 17 00:00:00 2001 From: mjanez <96422458+mjanez@users.noreply.github.com> Date: Thu, 14 Nov 2024 14:11:08 +0100 Subject: [PATCH 1/4] Remove prompts and conditions for updating ckan-pycsw; always force update to the specified version --- .../ckan_pycsw/tasks/ckan_pycsw_install.yml | 25 +------------------ 1 file changed, 1 insertion(+), 24 deletions(-) diff --git a/playbook/roles/ckan_pycsw/tasks/ckan_pycsw_install.yml b/playbook/roles/ckan_pycsw/tasks/ckan_pycsw_install.yml index 21fa58f..6c03095 100644 --- a/playbook/roles/ckan_pycsw/tasks/ckan_pycsw_install.yml +++ b/playbook/roles/ckan_pycsw/tasks/ckan_pycsw_install.yml @@ -3,13 +3,6 @@ path: "{{ pycsw_app_dir }}/.git" register: repo -- name: Get current ckan-pycsw version - become: true - become_user: "{{ ckan_user }}" - shell: "git -C {{ pycsw_app_dir }} describe --tags" - register: current_version - when: repo.stat.exists - - name: Pull ckan-pycsw:{{ ckan_pycsw_version }} from GitHub become: true become_user: "{{ ckan_user }}" @@ -17,23 +10,7 @@ repo: https://github.com/mjanez/ckan-pycsw dest: "{{ pycsw_app_dir }}" version: "{{ ckan_pycsw_version }}" - when: not repo.stat.exists or (repo.stat.exists and ckan_pycsw_version is version(current_version.stdout, 'gt')) - -- name: Confirm update - pause: - prompt: "Do you want to update ckan-pycsw to version {{ ckan_pycsw_version }}? (y/n)" - echo: yes - register: confirm_update - when: repo.stat.exists and ckan_pycsw_version is version(current_version.stdout, 'gt') - -- name: "Update ckan-pycsw to version: {{ ckan_pycsw_version }}" - become: true - become_user: "{{ ckan_user }}" - git: - repo: https://github.com/mjanez/ckan-pycsw - dest: "{{ pycsw_app_dir }}" - version: "{{ ckan_pycsw_version }}" - when: confirm_update is defined and confirm_update.user_input is defined and confirm_update.user_input | lower == 'y' + force: yes - name: Install PDM shell: curl -sSL https://pdm-project.org/install-pdm.py | python3 - From e5ea0e19e089d1f9e643bff81bd6695549944a32 Mon Sep 17 00:00:00 2001 From: mjanez <96422458+mjanez@users.noreply.github.com> Date: Thu, 14 Nov 2024 16:40:16 +0100 Subject: [PATCH 2/4] Add SSL unverified mode configuration for pycsw Avoid errors when using autohosted certificate like [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129) Not using in production environments --- playbook/inventories/development/host_vars/development_01.yml | 1 + playbook/inventories/production/host_vars/production_01.yml | 1 + playbook/inventories/staging/host_vars/staging_01.yml | 1 + playbook/roles/supervisor/templates/workers/ckan_pycsw.conf.j2 | 1 + 4 files changed, 4 insertions(+) diff --git a/playbook/inventories/development/host_vars/development_01.yml b/playbook/inventories/development/host_vars/development_01.yml index 9e1cd88..297c4f8 100644 --- a/playbook/inventories/development/host_vars/development_01.yml +++ b/playbook/inventories/development/host_vars/development_01.yml @@ -332,6 +332,7 @@ pycsw_output_schema: iso19139_inspire pycsw_cron_days_interval: 2 pycsw_cron_hour_start: 4 pycsw_app_dir: "{{ ckan_src_dir }}/ckan-pycsw" +pycsw_local_ssl_unverified: false #### pycsw conf pycsw_identification_title: Sample Geospatial Catalogue pycsw_identification_abstract: OGC CSW server powered by pycsw diff --git a/playbook/inventories/production/host_vars/production_01.yml b/playbook/inventories/production/host_vars/production_01.yml index 6008411..50b3261 100644 --- a/playbook/inventories/production/host_vars/production_01.yml +++ b/playbook/inventories/production/host_vars/production_01.yml @@ -331,6 +331,7 @@ pycsw_output_schema: iso19139_inspire pycsw_cron_days_interval: 2 pycsw_cron_hour_start: 4 pycsw_app_dir: "{{ ckan_src_dir }}/ckan-pycsw" +pycsw_local_ssl_unverified: false #### pycsw conf pycsw_identification_title: Sample Geospatial Catalogue pycsw_identification_abstract: OGC CSW server powered by pycsw diff --git a/playbook/inventories/staging/host_vars/staging_01.yml b/playbook/inventories/staging/host_vars/staging_01.yml index bf1c067..522797e 100644 --- a/playbook/inventories/staging/host_vars/staging_01.yml +++ b/playbook/inventories/staging/host_vars/staging_01.yml @@ -331,6 +331,7 @@ pycsw_output_schema: iso19139_inspire pycsw_cron_days_interval: 2 pycsw_cron_hour_start: 4 pycsw_app_dir: "{{ ckan_src_dir }}/ckan-pycsw" +pycsw_local_ssl_unverified: false #### pycsw conf pycsw_identification_title: Sample Geospatial Catalogue pycsw_identification_abstract: OGC CSW server powered by pycsw diff --git a/playbook/roles/supervisor/templates/workers/ckan_pycsw.conf.j2 b/playbook/roles/supervisor/templates/workers/ckan_pycsw.conf.j2 index 970a3dc..2c66cd2 100644 --- a/playbook/roles/supervisor/templates/workers/ckan_pycsw.conf.j2 +++ b/playbook/roles/supervisor/templates/workers/ckan_pycsw.conf.j2 @@ -12,6 +12,7 @@ environment= APP_DIR={{ pycsw_app_dir }}, PYCSW_CKAN_SCHEMA={{ pycsw_ckan_schema }}, PYCSW_OUPUT_SCHEMA={{ pycsw_output_schema}}, + SSL_UNVERIFIED_MODE={{ pycsw_local_ssl_unverified }}, user={{ ckan_user }} numprocs=1 stdout_logfile={{ ckan_log_dir }}/ckan_pycsw.log From 97c320f16635ff534f245f3cf5008579fe1b26dc Mon Sep 17 00:00:00 2001 From: mjanez <96422458+mjanez@users.noreply.github.com> Date: Thu, 21 Nov 2024 12:08:03 +0100 Subject: [PATCH 3/4] Add internal use warning for proxy_local_services_url in environment configuration --- playbook/inventories/development/host_vars/development_01.yml | 2 ++ playbook/inventories/production/host_vars/production_01.yml | 2 ++ playbook/inventories/staging/host_vars/staging_01.yml | 2 ++ 3 files changed, 6 insertions(+) diff --git a/playbook/inventories/development/host_vars/development_01.yml b/playbook/inventories/development/host_vars/development_01.yml index 297c4f8..39d33c6 100644 --- a/playbook/inventories/development/host_vars/development_01.yml +++ b/playbook/inventories/development/host_vars/development_01.yml @@ -18,6 +18,8 @@ deployment_version_name: Development ### Webserver ######################################### proxy_server_name: localhost proxy_server_url: http://{{ proxy_server_name }} +# WARNING: This variable is for internal use only if using NGINX in the CKAN-Ansible deployment. +# It is not necessary to modify it. proxy_local_services_url: http://localhost proxy_ckan_location: /catalog proxy_pycsw_location: /csw diff --git a/playbook/inventories/production/host_vars/production_01.yml b/playbook/inventories/production/host_vars/production_01.yml index 50b3261..55b5ce7 100644 --- a/playbook/inventories/production/host_vars/production_01.yml +++ b/playbook/inventories/production/host_vars/production_01.yml @@ -17,6 +17,8 @@ deployment_version_name: Production ### Webserver ######################################### proxy_server_name: localhost proxy_server_url: http://{{ proxy_server_name }} +# WARNING: This variable is for internal use only if using NGINX in the CKAN-Ansible deployment. +# It is not necessary to modify it. proxy_local_services_url: http://localhost proxy_ckan_location: /catalog proxy_pycsw_location: /csw diff --git a/playbook/inventories/staging/host_vars/staging_01.yml b/playbook/inventories/staging/host_vars/staging_01.yml index 522797e..177d966 100644 --- a/playbook/inventories/staging/host_vars/staging_01.yml +++ b/playbook/inventories/staging/host_vars/staging_01.yml @@ -17,6 +17,8 @@ deployment_version_name: Staging ### Webserver ######################################### proxy_server_name: localhost proxy_server_url: http://{{ proxy_server_name }} +# WARNING: This variable is for internal use only if using NGINX in the CKAN-Ansible deployment. +# It is not necessary to modify it. proxy_local_services_url: http://localhost proxy_ckan_location: /catalog proxy_pycsw_location: /csw From 8c846a51f7f4e90253883ef4416a2adb002764da Mon Sep 17 00:00:00 2001 From: mjanez <96422458+mjanez@users.noreply.github.com> Date: Thu, 5 Dec 2024 14:57:47 +0100 Subject: [PATCH 4/4] Add maximum content length configuration for xloader in environment files --- playbook/inventories/development/host_vars/development_01.yml | 2 ++ playbook/inventories/production/host_vars/production_01.yml | 2 ++ playbook/inventories/staging/host_vars/staging_01.yml | 2 ++ playbook/roles/ckan/templates/ckan.ini.j2 | 3 ++- 4 files changed, 8 insertions(+), 1 deletion(-) diff --git a/playbook/inventories/development/host_vars/development_01.yml b/playbook/inventories/development/host_vars/development_01.yml index 39d33c6..2756a75 100644 --- a/playbook/inventories/development/host_vars/development_01.yml +++ b/playbook/inventories/development/host_vars/development_01.yml @@ -197,6 +197,8 @@ ckanext__spatial__common_map__attribution: "Map tiles by