ilia/POTE
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
POTE/ansible/roles/pote/defaults/main.yml
ilia d2ae095fcf
Some checks failed
CI / lint-and-test (push) Failing after 1m7s
Details
CI / security-scan (push) Failing after 1m5s
Details
CI / dependency-scan (push) Successful in 6m39s
Details
CI / docker-build-test (push) Failing after 1m13s
Details
CI / workflow-summary (push) Successful in 1m5s
Details
Add complete Ansible integration configuration 
NEW: Complete Ansible role for automated POTE deployment

Files Added:
============
📁 ansible/
├── README.md - Overview and usage
├── roles/pote/defaults/main.yml -  200+ variables defined
├── group_vars/
│   ├── all.yml - Common variables
│   ├── development.yml - Dev environment (branch: dev)
│   ├── staging.yml - QA environment (branch: qa)
│   └── production.yml - Prod environment (branch: main)
├── inventory.example.yml - Example inventory
└── vault.example.yml - Example secrets

📄 ANSIBLE_INTEGRATION.md - Complete integration guide

What Ansible Needs to Know:
============================
 Git repository & branch (per environment)
 Application user & paths
 Python & system dependencies
 Database configuration (per environment)
 Email/SMTP settings
 Monitoring configuration
 Cron/automation schedules
 Deployment options
 Security settings
 Feature flags
 Environment-specific overrides

Variable Categories (11):
==========================
1. Project basics (5 vars)
2. User & paths (7 vars)
3. Python & dependencies (3 lists)
4. Database (8 vars)
5. Email/SMTP (6 vars)
6. Monitoring (2 vars)
7. Logging (2 vars)
8. Cron/automation (7 vars)
9. Deployment (6 vars)
10. Security (4 vars)
11. Feature flags (4 vars)

Integration:
============
 Compatible with base_os role
 Multi-environment support (dev/qa/prod)
 Branch-based deployment (dev→qa→main)
 Ansible Vault for secrets
 Sensible defaults for everything
 Minimal required config (3 vars!)

Usage:
======
ansible-playbook deploy-pote.yml --limit development
ansible-playbook deploy-pote.yml --limit staging
ansible-playbook deploy-pote.yml --limit production

Ready for your Ansible auto-configure system!
2025-12-24 22:04:36 -05:00

290 lines
11 KiB
YAML
Raw Blame History

---
# =============================================================================
# POTE (Public Officials Trading Explorer) - Ansible Role Defaults
# =============================================================================
# Purpose: Complete configuration for automated POTE deployment
# Compatible with: base_os role and multi-environment deployments
# =============================================================================
# -----------------------------------------------------------------------------
# PROJECT BASICS
# -----------------------------------------------------------------------------
pote_project_name: "pote"
pote_app_description: "Public Officials Trading Explorer - Congressional stock trading tracker"
pote_version: "1.0.0"
# -----------------------------------------------------------------------------
# GIT REPOSITORY
# -----------------------------------------------------------------------------
pote_git_repo: "gitea@10.0.30.169:ilia/POTE.git"
pote_git_branch: "{{ git_branch | default('main') }}" # Override per environment
pote_git_version: "{{ git_branch | default('main') }}"
# SSH key for git clone (if using SSH)
pote_git_ssh_key: "{{ git_ssh_key | default('') }}"
# Alternative: HTTPS with credentials
pote_git_https_url: "https://git.levkin.ca/ilia/POTE.git"
pote_git_username: "{{ git_username | default('') }}"
pote_git_password: "{{ git_password | default('') }}"
# -----------------------------------------------------------------------------
# APPLICATION USER & PATHS
# -----------------------------------------------------------------------------
pote_user: "{{ appuser_name | default('poteapp') }}"
pote_group: "{{ appuser_name | default('poteapp') }}"
pote_user_home: "/home/{{ pote_user }}"
pote_app_dir: "{{ pote_user_home }}/pote"
pote_venv_dir: "{{ pote_app_dir }}/venv"
pote_logs_dir: "{{ pote_user_home }}/logs"
# User configuration (if not using base_os role)
pote_create_user: true
pote_user_shell: "/bin/bash"
pote_user_groups: []
pote_user_ssh_public_key: "{{ appuser_ssh_public_key | default('') }}"
# -----------------------------------------------------------------------------
# PYTHON & DEPENDENCIES
# -----------------------------------------------------------------------------
pote_python_version: "3.11"
pote_python_packages:
- python3
- python3-pip
- python3-venv
- python3-dev
- build-essential
# System dependencies
pote_system_packages:
- git
- curl
- ca-certificates
- postgresql-client
- libpq-dev
- gcc
- make
# -----------------------------------------------------------------------------
# DATABASE CONFIGURATION
# -----------------------------------------------------------------------------
# PostgreSQL settings
pote_db_type: "postgresql"
pote_db_host: "{{ db_host | default('localhost') }}"
pote_db_port: "{{ db_port | default(5432) }}"
pote_db_name: "{{ db_name | default('potedb') }}"
pote_db_user: "{{ db_user | default('poteuser') }}"
pote_db_password: "{{ db_password | default('changeme123') }}"
# Database URL (constructed)
pote_database_url: "postgresql://{{ pote_db_user }}:{{ pote_db_password }}@{{ pote_db_host }}:{{ pote_db_port }}/{{ pote_db_name }}"
# Alternative: SQLite for dev
pote_use_sqlite: false
pote_sqlite_path: "{{ pote_app_dir }}/pote.db"
# Database creation (if PostgreSQL is local)
pote_create_database: true
pote_run_migrations: true
# -----------------------------------------------------------------------------
# EMAIL / SMTP CONFIGURATION
# -----------------------------------------------------------------------------
pote_smtp_host: "{{ smtp_host | default('mail.levkin.ca') }}"
pote_smtp_port: "{{ smtp_port | default(587) }}"
pote_smtp_user: "{{ smtp_user | default('test@levkin.ca') }}"
pote_smtp_password: "{{ smtp_password | default('') }}"
pote_from_email: "{{ from_email | default('test@levkin.ca') }}"
pote_report_recipients: "{{ report_recipients | default('test@levkin.ca') }}"
# -----------------------------------------------------------------------------
# MONITORING CONFIGURATION
# -----------------------------------------------------------------------------
# Tickers to monitor (comma-separated)
pote_market_monitor_tickers: "{{ market_tickers | default('NVDA,TSLA,AAPL,MSFT,GOOGL,META,AMZN,AMD,INTC,NFLX') }}"
pote_alert_min_severity: "{{ alert_severity | default(5) }}"
# -----------------------------------------------------------------------------
# LOGGING
# -----------------------------------------------------------------------------
pote_log_level: "{{ log_level | default('INFO') }}"
pote_log_file: "{{ pote_logs_dir }}/pote.log"
# -----------------------------------------------------------------------------
# CRON / AUTOMATION
# -----------------------------------------------------------------------------
# Enable automated daily/weekly reports
pote_enable_cron: true
# Daily report time (cron format: minute hour)
pote_daily_report_time: "0 6" # 6:00 AM
pote_daily_report_enabled: true
# Weekly report time (cron format: minute hour day_of_week)
pote_weekly_report_time: "0 8 0" # Sunday 8:00 AM
pote_weekly_report_enabled: true
# Health check frequency (every 6 hours)
pote_health_check_enabled: true
pote_health_check_time: "0 */6"
# -----------------------------------------------------------------------------
# FIREWALL / PORTS
# -----------------------------------------------------------------------------
# POTE doesn't expose HTTP ports by default (CLI/cron only)
# But if you add FastAPI later:
pote_backend_port: "{{ app_backend_port | default(8000) }}"
pote_enable_backend: false # No web backend yet
pote_enable_frontend: false # No frontend yet
# Allow SSH for deployment
pote_allow_ssh_port: 22
# -----------------------------------------------------------------------------
# ENVIRONMENT-SPECIFIC OVERRIDES
# -----------------------------------------------------------------------------
# These are typically set in group_vars/development.yml, staging.yml, production.yml
pote_environment: "{{ environment | default('production') }}"
# Environment-specific database names
pote_env_db_suffix:
development: "_dev"
staging: "_qa"
production: ""
# -----------------------------------------------------------------------------
# DEPLOYMENT OPTIONS
# -----------------------------------------------------------------------------
# Deployment strategy
pote_deployment_strategy: "git_pull" # or "docker", "package"
# Backup before deployment
pote_backup_before_deploy: true
pote_backup_dir: "{{ pote_user_home }}/backups"
pote_backup_retention_days: 30
# Rollback on failure
pote_rollback_on_failure: true
# Health check after deployment
pote_health_check_after_deploy: true
pote_health_check_timeout: 300 # seconds
# -----------------------------------------------------------------------------
# DOCKER OPTIONS (if using Docker deployment)
# -----------------------------------------------------------------------------
pote_use_docker: false
pote_docker_image: "pote:latest"
pote_docker_registry: ""
pote_docker_compose_file: "{{ pote_app_dir }}/docker-compose.yml"
# -----------------------------------------------------------------------------
# SECURITY
# -----------------------------------------------------------------------------
# File permissions
pote_env_file_mode: "0600"
pote_app_dir_mode: "0755"
pote_logs_dir_mode: "0755"
# SSL/TLS (for future FastAPI backend)
pote_enable_ssl: false
pote_ssl_cert_path: ""
pote_ssl_key_path: ""
# Secrets management
pote_use_vault: false
pote_vault_path: "secret/pote/{{ pote_environment }}"
# -----------------------------------------------------------------------------
# TESTING & VALIDATION
# -----------------------------------------------------------------------------
# Run tests after deployment
pote_run_tests: false
pote_test_command: "pytest tests/ -v"
# Smoke tests
pote_run_smoke_tests: true
pote_smoke_test_commands:
- "python scripts/health_check.py"
- "python -c 'import pote; print(\"Import successful\")'"
# -----------------------------------------------------------------------------
# NOTIFICATIONS
# -----------------------------------------------------------------------------
# Deployment notifications
pote_notify_on_deploy: false
pote_notification_webhook: ""
pote_notification_email: "{{ pote_report_recipients }}"
# -----------------------------------------------------------------------------
# PERFORMANCE TUNING
# -----------------------------------------------------------------------------
# Python workers (for future FastAPI)
pote_workers: "{{ ansible_processor_vcpus | default(2) }}"
pote_worker_class: "uvicorn.workers.UvicornWorker"
# Database connection pool
pote_db_pool_size: 5
pote_db_max_overflow: 10
# -----------------------------------------------------------------------------
# DATA SOURCES (API Keys - typically in vault/secrets)
# -----------------------------------------------------------------------------
# Optional API keys for additional data sources
pote_quiverquant_api_key: "{{ quiverquant_key | default('') }}"
pote_fmp_api_key: "{{ fmp_key | default('') }}"
# -----------------------------------------------------------------------------
# FEATURE FLAGS
# -----------------------------------------------------------------------------
# Enable/disable features per environment
pote_feature_email_reports: true
pote_feature_market_monitoring: true
pote_feature_disclosure_correlation: true
pote_feature_pattern_detection: true
# -----------------------------------------------------------------------------
# MAINTENANCE
# -----------------------------------------------------------------------------
# Maintenance mode
pote_maintenance_mode: false
pote_maintenance_message: "POTE is currently under maintenance"
# Log rotation
pote_logrotate_enabled: true
pote_logrotate_days: 30
pote_logrotate_size: "100M"
# Database vacuum/maintenance
pote_db_maintenance_enabled: true
pote_db_maintenance_schedule: "0 2 * * 0" # Weekly, Sunday 2 AM
# -----------------------------------------------------------------------------
# MONITORING & OBSERVABILITY
# -----------------------------------------------------------------------------
# Metrics collection (for future)
pote_enable_metrics: false
pote_metrics_port: 9090
# Healthcheck endpoint (for future FastAPI)
pote_healthcheck_path: "/health"
# -----------------------------------------------------------------------------
# BACKWARDS COMPATIBILITY
# -----------------------------------------------------------------------------
# Support for base_os role variables
base_os_user: "{{ pote_user }}"
base_os_backend_port: "{{ pote_backend_port }}"
base_os_enable_backend: "{{ pote_enable_backend }}"
base_os_enable_frontend: "{{ pote_enable_frontend }}"
# -----------------------------------------------------------------------------
# COMPUTED VARIABLES (DO NOT OVERRIDE)
# -----------------------------------------------------------------------------
# These are computed from above variables
pote_db_name_full: "{{ pote_db_name }}{{ pote_env_db_suffix[pote_environment] }}"
pote_env_file: "{{ pote_app_dir }}/.env"
pote_requirements_file: "{{ pote_app_dir }}/requirements.txt"
pote_alembic_ini: "{{ pote_app_dir }}/alembic.ini"
Reference in New Issue View Git Blame Copy Permalink