[fifteen5] Fix SAML and add syncthing

ansible/roles/fifteen5/files/stignore

@@ -0,0 +1,23 @@
+node_modules/**
+collected-static/**
+collected-static
+*copy
+__pycache__
+media/**
+*.pyc
+*.o
+*.a
+*.so
+*.exe
+*.prof
+*.swp
+.bundle
+.vagrant
+.envrc
+index.html
+junitresults.xml
+generatedJUnitFiles/**
+.mypy_cache/**
+.git/*
+collected-static/**
+ff/static/dist/**

ansible/roles/fifteen5/files/tmux.conf

@@ -0,0 +1,86 @@
+bind j select-pane -D
+bind k select-pane -U
+bind h select-pane -L
+bind l select-pane -R
+
+bind | split-window -h
+bind - split-window -v
+
+bind -r J resize-pane -D 10
+bind -r K resize-pane -U 10
+bind -r H resize-pane -L 10
+bind -r L resize-pane -R 10
+
+set -g pane-border-fg white
+set -g pane-active-border-fg cyan
+set -g pane-active-border-bg cyan
+set -g status-left "session: #S | window: #I | pane: #P"
+
+set -g prefix C-a 
+bind-key C-a last-window
+set -g default-terminal "screen-256color"
+new-session -n $HOST
+
+# Colors {{{
+
+set -g pane-border-fg colour8
+set -g pane-active-border-fg colour7
+
+set -g status-bg default
+set -g status-fg colour7
+set -g window-status-current-fg colour15
+
+set -g message-bg default
+set -g message-fg colour15
+
+# }}}
+# Statusline {{{
+
+set -g base-index 1
+set -g pane-base-index 1
+set -g renumber-windows on
+
+set -g status-left ''
+set -g status-right '#{?client_prefix,#[fg=colour15 reverse],} #(echo $USER)@#H '
+
+set -g status-justify right
+set -g window-status-current-format '#I:#W '
+
+# }}}
+
+#### COLOUR (Solarized 256)
+
+# default statusbar colors
+set-option -g status-bg colour235 #base02
+set-option -g status-fg colour136 #yellow
+set-option -g status-attr default
+
+# default window title colors
+set-window-option -g window-status-fg colour244 #base0
+set-window-option -g window-status-bg default
+#set-window-option -g window-status-attr dim
+
+# active window title colors
+set-window-option -g window-status-current-fg colour166 #orange
+set-window-option -g window-status-current-bg default
+#set-window-option -g window-status-current-attr bright
+
+# pane border
+set-option -g pane-border-fg colour235 #base02
+set-option -g pane-active-border-fg colour240 #base01
+
+# message text
+set-option -g message-bg colour235 #base02
+set-option -g message-fg colour166 #orange
+
+# pane number display
+set-option -g display-panes-active-colour colour33 #blue
+set-option -g display-panes-colour colour166 #orange
+
+# clock
+set-window-option -g clock-mode-colour colour64 #green
+
+# bell
+set-window-option -g window-status-bell-style fg=colour235,bg=colour160 #base02, red
+
+set -s escape-time 0

ansible/roles/fifteen5/tasks/main.yml

@@ -1,6 +1,6 @@
 ---
 - name: Dependencies installed
-  # We install xmlsec and cairocffi using pkg because python-Levenshtein can't be installed on FreeBSD
+  # We install xmlsec and cairocffi using pkg because python-Levenshtein is tricky to install on FreeBSD
   community.general.pkgng:
     name: git,py37-pip,vim-console,tmux,fish,direnv,jpeg-turbo,tiff,webp,lcms2,freetype2,syncthing,yarn-node14,redis,cairo,pango,gmake,libxml2,libxslt,postgresql12-client,py37-xmlsec,py37-cairocffi
     state: latest
@@ -9,7 +9,16 @@
   shell: sysrc redis_enable="YES"
 
 - name: Redis started
-  shell: service redis restart
+  service: name=redis state=started
+
+- name: Root shell is fish
+  ansible.builtin.user: name=root shell=/usr/local/bin/fish
+
+- name: Tmux config installed
+  copy:
+    src: tmux.conf
+    dest: /root/.tmux.conf
+    mode: 0644
 
 - name: Github SSH key installed
   template:
@@ -23,6 +32,7 @@
     dest: /usr/local/etc/nginx/key.pem
     owner: root
     mode: 0644
+  notify: Nginx restarted
 
 - name: Nginx cert file installed
   copy:
@@ -30,6 +40,7 @@
     dest: /usr/local/etc/nginx/cert.pem
     owner: root
     mode: 0644
+  notify: Nginx restarted
 
 - name: Nginx site file installed
   template:
@@ -48,7 +59,6 @@
 - name: Source folder exists
   file:
     path: /usr/local/src
-    owner: root
     mode: 0755
     state: directory
 
@@ -65,13 +75,22 @@
     dest: /usr/local/src/fifteen5
     accept_hostkey: yes
     update: yes
+  tags:
+    - deploy
+
+- name: Syncthing ignore file installed
+  copy:
+    src: stignore
+    dest: /usr/local/src/fifteen5/.stignore
+    mode: 0775
 
 - name: Environment file installed
   template:
     src: envrc.j2
     dest: /usr/local/src/fifteen5/.envrc
-    owner: root
-    mode: 0644
+    mode: 0600
+  tags:
+    - deploy
 
 - name: Allow environment file
   shell:
@@ -82,6 +101,8 @@
   pip:
     requirements: /usr/local/src/fifteen5/requirements/test.pip
     executable: pip
+  tags:
+    - deploy
 
 - name: 15Five personal reqs up to date
   pip:
@@ -94,6 +115,8 @@
       - ipython
       - git+git://github.com/sureapp/sqlformatter
     executable: pip
+  tags:
+    - deploy
   notify: Redis restarted
 
 - name: 15Five migrations up to date
@@ -109,17 +132,14 @@
     mode: 0644
   notify: Supervisor restarted
 
-- name: 15Five frontend files generated
-  command: bash -lc "direnv exec /usr/local/src/fifteen5 /usr/local/bin/yarn && direnv exec /usr/local/bin/yarn build && direnv exec /usr/local/bin/python3.7 manage.py collectstatic --no-input"
+- name: 15Five frontend files generated and copied
+  command: bash -lc "direnv exec /usr/local/src/fifteen5 /usr/local/bin/yarn && direnv exec /usr/local/src/fifteen5 /usr/local/bin/yarn build && direnv exec /usr/local/src/fifteen5 /usr/local/bin/python3.7 manage.py collectstatic --no-input"
   args:
     chdir: "/usr/local/src/fifteen5"
-  ignore_errors: true
   tags:
     - deploy
 
-- name: Static files collected
-  command: bash -lc "direnv exec /usr/local/bin/python3.7 /usr/local/src/fifteen5/manage.py collectstatic --noinput"
-  args:
-    chdir: "/usr/local/src/fifteen5"
+- name: 15Five reset database
+  command: bash -lc "RESET_DB=True direnv exec /usr/local/src/fifteen5 /usr/local/bin/python3.7 /usr/local/src/fifteen5/manage.py run_local_scripts && direnv exec /usr/local/src/fifteen5 /usr/local/bin/python3.7 /usr/local/src/fifteen5/manage.py clearsessions"
   tags:
-    - deploy
+    - db-refresh

ansible/roles/fifteen5/templates/envrc.j2

@@ -28,7 +28,7 @@ export FF_AWS_STORAGE_BUCKET_NAME_PRIVATE=local
 export FF_OKTA_LOCAL_DEV_API_KEY={{fifteenfive_okta_key}}
 export FF_OKTA_LOCAL_DEV_CERT={{fifteenfive_okta_cert}}
 export FF_OKTA_LOCAL_DEV_ID='exkvakjehhLMVGzDY4x6'
-export FF_OKTA_LOCAL_DEV_APP_NAME='unblinkdev331277_testingapp_1'
+export FF_OKTA_LOCAL_DEV_APP_NAME='unblinkdev331277_unblinksaml_1'
 export FF_OKTA_LOCAL_DEV_SUBDOMAIN='dev-331277'
 
 export FF_AZURE_LOCAL_DEV_ID='92956dba-b937-4f12-aaa9-18263b3de204'