blender-studio/playbooks/vars_common.yaml

domain: studio.blender.org
project_name: Blender Studio
project_slug: blender-studio
service_name: "{{ project_slug }}-{{ env }}"
background_service_name: '{{ service_name }}-background'
django_settings_module: studio.settings

client_max_body_size: 5500M
python_version: "3.10"
delete_venv: false  # set to true if venv has to be re-created from scratch

# Set to true if ingress == application:
# meaning that SSL is terminated by and Django app is run on the same host.
single_host: false

dir:
  source: "/opt/{{ service_name }}"
  static: "/var/www/{{ service_name }}/static"
  media: "/var/www/{{ service_name }}/media"
  errors: "/var/www/{{ service_name }}/html/errors"
  pipeline_docs: "/var/www/blender-studio-pipeline-{{ env }}"

env_file: "{{ dir.source }}/.env"
uwsgi_pid: "{{ dir.source }}/{{ service_name }}.pid"
uwsgi_module: studio.wsgi
uwsgi_processes: 8
uwsgi_socket: "{{ dir.source }}/uwsgi.sock"
host: web-studio.internal

nginx:
  user: www-data
  group: www-data
nginx_conf_dir: /etc/nginx
# Studio workflows include heavy uploads, so client temp path must have plenty of disk space
nginx_temp_path: /data/nginx/tmp
user: "studio-{{ env }}"
group: "{{ nginx.group }}"
rate_limit:
  name: 'hundred_per_minute'
  size: '10m'
  rate: '100r/m'
  burst: 50
  delay: 10
keepalive_timeout: "600s"

aliases: null # This project doesn't use cron
certbot:
  email: root@blender.org

source_url: https://projects.blender.org/studio/{{ project_slug }}.git
branch: production

ssl_only: false
ca_certificate: /usr/local/share/ca-certificates/cloud-init-ca-cert-1.crt

meilisearch_version: 0.25.2
meilisearch_user: meilisearch
meilisearch_group: "{{ group }}"
meilisearch_download_url: https://github.com/meilisearch/meilisearch/releases/download/v{{ meilisearch_version }}/meilisearch-linux-amd64
meilisearch_host: 127.0.0.1:7700
meilisearch_endpoint: /s/
meilisearch_home: /opt/meilisearch
meilisearch_database: "{{ meilisearch_home }}/data.ms"
meilisearch_bin: meilisearch-{{ meilisearch_version }}
meilisearch_bin_path: /usr/bin/{{ meilisearch_bin }}

maxmind_license_key: 'SET-IN-VAULT'
maxmind:
  edition: GeoLite2-Country
  url: https://download.maxmind.com/app/geoip_download
  path: /opt/maxmind
  download_path: /tmp/maxmind
  license_key: "{{ maxmind_license_key }}"

media_url: /media/
static_url: /static/

db_user: "studio_{{ env }}"
db_name: "studio_{{ env }}"

allowed_hosts: "{{ domain }},cloudbalance.blender.org,cloud.blender.org"

# The following variables should be encrypted with Ansible Vault
# and stored in environments/<env>/group_vars/all/99_vault.yaml.
# These should only be needed during first time use of `install.yaml`.

# sentry_dsn:
# meili_master_key:

include_common_services:
  - background
  - background-restart
  - clearsessions
  - delete-completed-tasks
  - notify-email@

# Override required packages list
packages_common:
  - git
  - libjpeg-dev
  - libpq-dev
  - libxml2-dev
  - libxslt-dev
  - nginx
  - postgresql-client
  - python3-pip
  - python{{ python_version }}
  - python{{ python_version }}-dev
  - python{{ python_version }}-distutils
  - python{{ python_version }}-venv
  - vim
  - zlib1g
  - zlib1g-dev