diff --git a/README.md b/README.md index 3ea8b6af..87f5380d 100644 --- a/README.md +++ b/README.md @@ -21,33 +21,19 @@ The overall structure of this repository can be broken down as follows: - Python virtual environment. - See `.python-version` for the recommended version of Python. - If you use `env` or `venv`, the `.gitignore` will exclude it. + - Install python dependencies: `pip install -r requiremetns.txt` - - Install required Ansible galaxy collections: + - Install required Ansible galaxy collections and roles: - `ansible-galaxy install -r requirements.yml` - - The CDH Ansible vault key. This can be referenced on the command line, but it is - recommende to set it as an environment variable; e.g., for BASH - `export ANSIBLE_VAULT_PASSWORD_FILE=/path/to/.passwd` + - The CDH Ansible vault keys are stored in LastPass. You need to be added to the appropriate LastPass share and install [lastpass-cli](https://github.com/lastpass/lastpass-cli). There are two command-line scripts in the `bin/` directory to call `lpass` to retrieve the vault keys, and the default configuration is set in `ansible.cfg`. See below for more details on the vault setup. - A GitHub [personal access token](https://help.github.com/articles/creating-a-personal-access-token-for-the-command-line/) for any playbook that uses the `create_deployment` and `close_deployment` tasks. You can set this as an environment variable as `ANSIBLE_GITHUB_TOKEN` or pass it on the command line as `-e github_token=` - - The CDH deploy bot key. This can be added to ssh-agent or in `~/.ssh/config`. All production deploys must be on the campus network (including VPN) and proxy through the QA server to production, with an ssh config stanza that looks something like: - ``` - Host derridas-margins.princeton.edu - User deploy - Proxycommand ssh deploy@QASERVERHOST -W %h:%p - Identityfile ~/.ssh/key_for_qa_server - ``` - - And for deploying to the QA server: - ``` - Host test-*.cdh.princeton.edu - User deploy - Identityfile ~/.ssh/key_for_qa_server - ``` + ### Precommit hook -If you plan to contribute to this repository, you should install the configured pre-commit hooks: +If you plan to contribute to this repository, you should install the configured pre-commit hooks. (If you installed python dependencies, pre-commit should already be installed) ```{bash} pre-commit install @@ -167,12 +153,12 @@ ansible-playbook playbooks/replicate.yml --limit=geniza_qa ``` Currently replication consists of: -- dumping the production database, restoring it to qa, and running +- dumping the production database, restoring it to qa, and running django migrations in the current deploy - update django sites in the database to match the qa environment - backing up and restoring any user-uploaded media files and setting correct ownership and permissions -Replication does not yet include restoring Solr indexing or support replication to dev environments. +Replication does not yet include restoring Solr indexing or support replication to dev environments. ### Setting up replication for a new project @@ -216,4 +202,3 @@ GENIZA_DEPLOY_ONLY=1 ``` Note that you will not be able to run setup tasks or decrypt setup vault secrets. -