Package (as much as possible) configuration files in the .deb #3214
Comments
|
This would also allow us to solve #1261 |
|
As for rollout, this should probably be done as part of the Xenial release. |
|
the only dynamic bits come in when a user has uploaded/enabled https certificates over the source onion address. yeah i agree with where you are going here though. I'd like to take away more of the logic from ansible and include in the installation media (#1532 ) and stuff it into the packages. |
|
My suggestion was something like this: We have a playbook called For example, this means we can silently (without admin intervention or knowledge) swap out Apache + config for nginx + config. |
|
So this issue isn't just about the apache config, but might include other important bits we need now or in the future. |
|
I'm reading through all of the templates now. We might be able to get away with 100% static configuration. |
oooooooo similar to this ticket proposal #3136 ? |
ghost
added
As part of thinking about the update to nginx (#2414) as well as removing mod_wsgi (#1389), @heartsucker and I realized there is a problem where most configuration files are statically configured by Ansible at install-time.
This is a problem, because things like the Apache configurations are now effectively immutable, making any thing that changes Apache configuration a manual upgrade (or sketchy postinstall script), instead of a simple file managed by dpkg.
The big question is whether or not any of the production configuration files contain site-specific configuration. If that is the case, we'll either need to split the configuration files or do some kind of dynamic configuration rendering.
At first glance, this is not the case: template substitutions seem to be for development vs. production (e.g. listening on 127.0.0.1 vs 0.0.0.0). I need to do an exhaustive inventory to make the call.
The text was updated successfully, but these errors were encountered: