Ansible playbook now works with Appsmith fat image (#9509)

2021-12-11 09:31:56 +07:00 · 2021-12-11 09:31:56 +07:00 · 192f5acf0b
commit 192f5acf0b
parent b31d390054
25 changed files with 162 additions and 2177 deletions
--- a/.gitignore
+++ b/.gitignore
@ -12,3 +12,4 @@ package-lock.json
 # test coverage
 coverage-summary.json
 app/client/cypress/locators/Widgets.json
 deploy/ansible/appsmith_playbook/inventory
--- a/deploy/ansible/README.MD
+++ b/deploy/ansible/README.MD
@ -1,92 +1,93 @@
 # Introduction
 This document will explain, to those unfamiliar with Ansible, how they can get an Ansible environment set-up quickly, with the end goal of deploying Appsmith.
 It is a quick, dirty HowTo format, not intended to teach you Ansible's full capabilities. Ansible is an incredible tool, with great documentation, a welcoming community, and it's all very easy to pick up - not to mention extremely powerful and suited for just about any situation.
 # Operational Overview
 Ansible works on a "push to clients" basis. You have your control node, which pushes all the configuration/ad-hoc tasks out to your systems via SSH, with no client running on the systems you're deploying to! This model means it's very fast, efficient, secure, scalable, and extremely portable.
 So, to control remote systems, you only need to install Ansible on your control node - your own desktop would make a great control node to deploy from
 # Getting Ansible
 It's recommended that you check out Ansible's official documentation on installing (it's really easy!), but here's a quick rundown of installation methods:
 ## Package manager
 If you're running a UNIX-like system, like Linux or BSD, Ansible is likely available in your official package repositories. Use your package manager to see if it's available, and if so, install it! Ansible's installation documentation has a section on this - just scroll down until you see your OS.
 ## Via Pip
 Ansible is written in Python, so, it's only natural that it be available for install via pip. If you have pip installed, it's as easy as:
 ```
 $ sudo pip install ansible
 ```
 If not, check to see if you can install pip via your system's package manager (you want the Python 2.7 version!).
 Or, if you're on Mac OS X, and you're not using Homebrew or pkgsrc, you should be able to install pip using easy_install, like so:
 ```
 $ sudo easy_install pip
 ```
 then
 ```
 $ sudo pip install ansible
 ```
 # Simple Deployment Environment for Appsmith
 So, now you've got Ansible installed, you can get ready to deploy Appsmith!
 ## Prerequisites
 - You must have SSH access to the system you want to deploy to as the root user.
 ## Inventory set-up
 First you will need to clone the appsmith repository to your machine & move to the ansible playbook folder
 ```
 $ git clone https://github.com/appsmithorg/appsmith.git
-$ cd ./appsmith/ansible/appsmith_playbook
+$ cd ./appsmith/deploy/ansible/appsmith_playbook
 ```
 Make the inventory file `inventory`, for simplicity's sake:
 ```
 $ touch inventory
 ```
 Now, with your editor, open the file and add the hostname or FQDN of the server(s) you want to deploy Appsmith to with the following pattern:
 ```
 appsmith ansible_host={{ SERVER_HOST }} ansible_port={{ SERVER_PORT }} ansible_user={{ SERVER_USER }}
 ```
 If you are using SSH keypairs for authenticating your SSH connections to your server. You can tell Ansible your ssh private key file in the `inventory` file
 using `ansible_ssh_private_key_file`
 ```
 appsmith ansible_host={{ SERVER_HOST }} ansible_port={{ SERVER_PORT }} ansible_user={{ SERVER_USER }} ansible_ssh_private_key_file={{ SSH_PRIVATE_KEY_FILE }}
 ```
 After you completed the above step then we're pretty much done with the inventory
 ## Setup your configuration vars for Appsmith
 The next step is to setup necessary configuration for your app to run such as environment variable, domain name, etc.
 First you need to open `appsmith-vars.yml` file with your editor.  
 There are some variables that will need input from you to get the application start correctly
- `install_dir`: The absolute path of your app's installation folder on the server (required) 
+- `install_dir`: The absolute path of your app's installation folder on the server (required). Default: `~/appsmith`
 - `mongo_host`: Your mongo hostname. By default it will be `mongo` (required) 
 - `mongo_root_user`: Your mongo root user (required) 
 - `mongo_root_password`: Your mongo root password (required) 
 - `mongo_database`: Your mongo database name. By default, it will be `appsmith` (required) 
 - `user_encryption_password`: Encryption password to encrypt all credentials in the database (required) 
 - `user_encryption_salt`: Encryption salt used to encrypt all credentials in the database (required)
 - `custom_domain`: Your custom domain for your app. Make sure that you have custom domain record map to your app's server (optional)
 Once you complete setup config vars for your app then we are ready to deploy our app on your server.
 ## Setup SSL (Optional)
 This section will help you setup SSL for your custom domain of your app 
 ### Prerequisites
 - You need to have a custom domain record map to your app's server
 Before running your playbook, open `appsmith-vars.yml` with your editor & edit the variables below:
 - `ssl_enable`: Set this variable to `true` 
 - `letsencrypt_email`: Provide your email if you want to receive expiry notices when your certificate is coming up for renewal
 - `is_ssl_staging`: Set this variable to `true` if you want to use certificate provided by let's encrypt staging environment
 ## Run the Ansible playbook
 After complete the above step. Now the only remain step we need to do is run the ansible playbook.
 You can run the ansible playbook with the following command
@ -99,15 +100,3 @@ The command above will use the host information from the `inventory` file & feed
 When it's all done, provided all went well and no parameters were changed, you should be able to visit your app on browser using your `custom_domain` or by your `SERVER_HOST` (if you didn't provide value for `custom_domain` variable )
 **Note**: You can put your `inventory` file in other folder and then specify its path with the `-i` flag, for detail, check [Ansible Inventory documentation](https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html)
--- a/deploy/ansible/appsmith_playbook/appsmith-playbook.yml
+++ b/deploy/ansible/appsmith_playbook/appsmith-playbook.yml
@ -0,0 +1,5 @@
 ---
 - name: Configure the self-hosted server
  hosts: appsmith
  roles:
    - setup-appsmith
--- a/deploy/ansible/appsmith_playbook/appsmith-vars.yml
+++ b/deploy/ansible/appsmith_playbook/appsmith-vars.yml
@ -1,45 +1,2 @@
 ---
-user_email: 'youremail@gmail.com'
+install_dir: '~/appsmith'
 install_dir: ''
 mongo_host: 'mongo'
 mongo_root_user: ''
 mongo_root_password: ''
 mongo_database: 'appsmith'
 user_encryption_password: ''
 user_encryption_salt: ''
 custom_domain: ''
 ssl_enable: 'false'
 letsencrypt_email: 'youremail@gmail.com'
 is_ssl_staging: 'false'
 disable_telemetry: 'true'
 mail_enabled: 'false'
 mail_from: ''
 mail_to: ''
 mail_host: ''
 mail_port: '' 
 mail_ssl_enabled: 'false'
 mail_username: ''
 mail_password: ''
 mail_auth: ''
 google_client_id: ''
 google_secret_id: ''
 github_client_id: ''
 github_secret_id: ''
 google_maps_api_key: ''
 sentry_dns: ''
 smart_look_id: ''
 marketplace_enabled: 'false'
 segment_key: ''
 optimizely_key: ''
 algolia_api_id: ''
 algolia_search_index_name: ''
 algolia_api_key: ''
 client_log_level: ''
 tnc_pp: ''
 version_id: ''
 version_release_date: ''
 intercom_app_id: ''
 google_recaptcha_site_key: ''
 google_recaptcha_secret_key: ''
 google_recaptcha_enabled: 'false'
 disable_intercom: 'false'
--- a/deploy/ansible/appsmith_playbook/main.yml
+++ b/deploy/ansible/appsmith_playbook/main.yml
@ -1,61 +0,0 @@
 ---
  - name: Configure the self-hosted server
    hosts: appsmith
    any_errors_fatal: true
    vars:
        analytics_webhook_uri: https://hook.integromat.com/dkwb6i52am93pi30ojeboktvj32iw0fa
        ipify_url: https://api64.ipify.org
    tasks:
        - name: Deploy appsmith on host
          block:
            - name: Get OS
              shell: |
                cat /etc/*-release | awk -F= '$1 == "NAME" { gsub(/"/, ""); print $2; exit }' | tr '[:upper:]' '[:lower:]'
              register: os
            - name: Get app installation id
              uri:
                url: "{{ ipify_url }}"
                return_content: yes
              register: app_installation_id
            - name: Push installation started event to integromat
              uri:
                url: "{{ analytics_webhook_uri }}"
                method: POST
                body: "{\"userId\":\"{{ app_installation_id.content }}\",\"event\":\"Installation Started\",\"data\":{\"os\":\"{{ os.stdout }}\", \"platform\": \"ansible\"}}"
                body_format: json
                return_content: yes
            - name: Setup dependencies
              import_role:
                name: base
            - name: Generate config template
              import_role:
                name: generate_template
            - name: Run App
              import_role:
                name: start_app
            - name: Config SSL
              import_role:
                name: domain_ssl
            - name: Push installation success event to integromat
              uri:
                url: "{{ analytics_webhook_uri }}"
                method: POST
                body: "{\"userId\":\"{{ app_installation_id.content }}\",\"event\":\"Installation Success\",\"data\":{\"os\":\"{{ os.stdout }}\", \"platform\": \"ansible\"}}"
                body_format: json
                return_content: yes
          rescue:
            - name: Push installation failed event to integromat
              uri:
                url: "{{ analytics_webhook_uri }}"
                method: POST
                body: "{\"userId\":\"{{ app_installation_id.content }}\",\"event\":\"Installation Support\",\"data\":{\"os\":\"{{ os.stdout }}\", \"platform\": \"ansible\", \"email\": \"{{ user_email }}\"}}"
                body_format: json
                return_content: yes
--- a/deploy/ansible/appsmith_playbook/roles/base/tasks/main.yml
+++ b/deploy/ansible/appsmith_playbook/roles/base/tasks/main.yml
@ -1,27 +0,0 @@
 ---
  - name: Upgrade all packages to the latest version
    apt: 
      name: "*" 
      state: latest
    become: yes
  - name: Install required system packages
    apt:
        update_cache: yes
        name: 
            - apt-transport-https
            - ca-certificates
            - curl
            - software-properties-common
            - python3-pip
            - virtualenv
            - python3-setuptools
        state: latest
    become: yes
    tags: 
      - always
  - include_tasks: setup-ubuntu.yml
    when: ansible_os_family == 'Debian'
  - include_tasks: install-docker.yml
--- a/deploy/ansible/appsmith_playbook/roles/base/tasks/setup-ubuntu.yml
+++ b/deploy/ansible/appsmith_playbook/roles/base/tasks/setup-ubuntu.yml
@ -1,31 +0,0 @@
 ---
 - name: Ensure old versions of Docker are not installed.
  package:
    name:
      - docker
      - docker-engine
    state: absent
 - name: Ensure dependencies are installed.
  apt:
    name:
      - apt-transport-https
      - ca-certificates
      - gnupg2
      - curl
    state: present
  become: yes
 - name: Add Docker apt key
  shell: >
    curl -sSL {{ docker_apt_gpg_key }} | sudo apt-key add -
  args:
    warn: false
  become: yes
 - name: Add Docker repository.
  apt_repository:
    repo: "{{ docker_apt_repository }}"
    state: present
    update_cache: true
  become: yes
--- a/deploy/ansible/appsmith_playbook/roles/domain_ssl/handlers/main.yml
+++ b/deploy/ansible/appsmith_playbook/roles/domain_ssl/handlers/main.yml
@ -1,9 +0,0 @@
 ---
    - name: Send request to integromat webhook after configure ssl successfully
      uri:
        url: "{{ analytics_webhook_uri }}"
        method: POST
        body: "{\"userId\":\"{{ app_installation_id.content }}\",\"event\":\"Configure SSL Successfully\",\"data\":{\"os\":\"{{ os.stdout }}\", \"platform\": \"ansible\"}}"
        body_format: json
        return_content: yes
      listen: "Configure SSL"
--- a/deploy/ansible/appsmith_playbook/roles/domain_ssl/tasks/main.yml
+++ b/deploy/ansible/appsmith_playbook/roles/domain_ssl/tasks/main.yml
@ -1,16 +0,0 @@
 ---
 - name: Copy init_letsencrypt template
  template: 
    src="init_letsencrypt.sh.j2" 
    dest="{{ install_dir }}/init_letsencrypt.sh"
    mode="0755"
  when: ssl_enable | bool
  become: yes
 - name: Run init-letsencrypt
  shell: "{{ install_dir}}/init_letsencrypt.sh"
  when: ssl_enable | bool
  become: yes
  notify: "Configure SSL"
--- a/deploy/ansible/appsmith_playbook/roles/domain_ssl/templates/init_letsencrypt.sh.j2
+++ b/deploy/ansible/appsmith_playbook/roles/domain_ssl/templates/init_letsencrypt.sh.j2
@ -1,80 +0,0 @@
 #!/bin/bash
 certbot_cmd() {
    sudo docker-compose run --rm --entrypoint "$1" certbot
 }
 install_dir="{{ install_dir }}"
 domain="{{ custom_domain }}"
 email="{{ letsencrypt_email }}"
 is_ssl_staging="{{ is_ssl_staging }}"
 echo "Creating certificate for '$domain'."
 rsa_key_size=4096
 data_path="$install_dir/data/certbot"
 sudo chown -R ubuntu:ubuntu "$data_path"
 mkdir -p "$data_path"/{conf,www}
 if ! [[ -e "$data_path/conf/options-ssl-nginx.conf" && -e "$data_path/conf/ssl-dhparams.pem" ]]; then
    echo "### Downloading recommended TLS parameters..."
    curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf > "$data_path/conf/options-ssl-nginx.conf"
    curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot/certbot/ssl-dhparams.pem > "$data_path/conf/ssl-dhparams.pem"
    echo
 fi
 echo "### Requesting Let's Encrypt certificate for '$domain'..."
 if [[ -z $email ]]; then
    email_arg="--register-unsafely-without-email"
 else
    email_arg="--email $email --no-eff-email"
 fi
 if [[ $is_ssl_staging == "true" ]]; then
    staging_arg="--staging"
 else
    staging_arg=""
 fi
 echo "### Generating OpenSSL key for '$domain'..."
 live_path="/etc/letsencrypt/live/$domain"
 cd "$install_dir"
 certbot_cmd \
    "sh -c \"mkdir -p '$live_path' && openssl req -x509 -nodes -newkey rsa:1024 -days 1 \
        -keyout '$live_path/privkey.pem' \
        -out '$live_path/fullchain.pem' \
        -subj '/CN=localhost' \
        \""
 echo
 echo "### Starting nginx..."
 sudo docker-compose up --force-recreate --detach nginx
 echo
 echo "### Removing key now that validation is done for $domain..."
 certbot_cmd \
    "rm -Rfv /etc/letsencrypt/live/$domain /etc/letsencrypt/archive/$domain /etc/letsencrypt/renewal/$domain.conf"
 echo
 # The following command exits with a non-zero status code even if the certificate was generated, but some checks failed.
 # So we explicitly ignore such failure with a `|| true` in the end, to avoid bash quitting on us because this looks like
 # a failed command.
 certbot_cmd "certbot certonly --webroot --webroot-path=/var/www/certbot \
        $staging_arg \
        $email_arg \
        --domains $domain \
        --rsa-key-size $rsa_key_size \
        --agree-tos \
        --force-renewal" \
    || true
 echo
 echo "### Reloading nginx..."
 sudo docker-compose exec nginx nginx -s reload
--- a/deploy/ansible/appsmith_playbook/roles/generate_template/defaults/main.yml
+++ b/deploy/ansible/appsmith_playbook/roles/generate_template/defaults/main.yml
@ -1,3 +0,0 @@
 ---
 # Default installation dir
 install_dir: /home/ubuntu/appsmith
--- a/deploy/ansible/appsmith_playbook/roles/generate_template/tasks/main.yml
+++ b/deploy/ansible/appsmith_playbook/roles/generate_template/tasks/main.yml
@ -1,40 +0,0 @@
 ---
 - name: Create installation folder
  file: 
    path: "{{ install_dir }}"
    state: directory
 - name: reate mongo and nginx folder if they don't exist
  file:
    path: "{{ install_dir }}/data/{{ item }}"
    state: directory
  loop: ["nginx", "mongo"]
 - name: Check for encryption.env
  stat: 
    path: "{{ install_dir }}/encryption.env"
  register: encryption_exists
 - name: Copy template file
  template: src={{ item.src }} dest={{ item.dest }}
  loop:
    - { src: 'docker-compose.j2', dest: '{{ install_dir }}/docker-compose.yml'}
    - { src: 'mongo-init.js.j2', dest: '{{ install_dir }}/data/mongo/init.js'}
    - { src: 'docker.env.j2', dest: '{{ install_dir }}/docker.env'}
  become: yes
 - name: Copy encryption template file
  template: src="encryption.env.j2" dest="{{ install_dir }}/encryption.env"
  when: not encryption_exists.stat.exists
 - set_fact:
    ssl_cmt: "{% if ssl_enable == 'false' %}#{% endif %}"
 - name: Copy nginx template file
  template: src="nginx-app.conf.j2" dest="{{ install_dir }}/data/nginx/app.conf.template"
  become: yes
--- a/deploy/ansible/appsmith_playbook/roles/generate_template/templates/docker-compose.j2
+++ b/deploy/ansible/appsmith_playbook/roles/generate_template/templates/docker-compose.j2
@ -1,80 +0,0 @@
 version: "3.7"
 services:
  nginx:
    image: appsmith/appsmith-editor
    env_file: ./docker.env
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./data/nginx/app.conf.template:/nginx.conf.template
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot
    command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & /start-nginx.sh'"
    depends_on:
      - appsmith-internal-server
    labels:
      com.centurylinklabs.watchtower.enable: "true"
    networks:
      - appsmith
  certbot:
    image: certbot/certbot
    volumes:
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot
    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
    networks:
      - appsmith
  appsmith-internal-server:
    image: appsmith/appsmith-server:latest
    env_file:
      - ./docker.env
      - ./encryption.env
    expose:
      - "8080"
    links:
      - mongo
    depends_on:
      - mongo
      - redis
    labels:
      com.centurylinklabs.watchtower.enable: "true"
    networks:
      - appsmith
  mongo:
    image: mongo:4.4.6
    expose:
      - "27017"
    environment:
      - MONGO_INITDB_DATABASE={{ mongo_database }}
      - MONGO_INITDB_ROOT_USERNAME={{ mongo_root_user }}
      - MONGO_INITDB_ROOT_PASSWORD={{ mongo_root_password }}
    volumes:
      - ./data/mongo/db:/data/db
      - ./data/mongo/init.js:/docker-entrypoint-initdb.d/init.js:ro
    networks:
      - appsmith
  redis:
    image: redis
    expose:
      - "6379"
    networks:
      - appsmith
  watchtower:
    image: containrrr/watchtower
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    # Update check interval in seconds.
    command: --interval 300 --label-enable --cleanup
    networks:
      - appsmith
 networks:
  appsmith:
    driver: bridge
--- a/deploy/ansible/appsmith_playbook/roles/generate_template/templates/docker.env.j2
+++ b/deploy/ansible/appsmith_playbook/roles/generate_template/templates/docker.env.j2
@ -1,57 +0,0 @@
 # Read our documentation on how to configure these features
 # https://docs.appsmith.com/v/v1.2.1/setup/docker#enabling-services-for-self-hosting
 # ***** Email **********
 APPSMITH_MAIL_ENABLED={{ mail_enabled }}
 APPSMITH_MAIL_FROM={{ mail_from }}
 APPSMITH_REPLY_TO= {{ mail_to }}
 APPSMITH_MAIL_HOST= {{ mail_host }}
 APPSMITH_MAIL_PORT= {{ mail_port }}
 # ***** Set to true if providing a TLS port ******
 APPSMITH_MAIL_SMTP_TLS_ENABLED={{ mail_ssl_enabled}}
 APPSMITH_MAIL_USERNAME= {{ mail_username }}
 APPSMITH_MAIL_PASSWORD= {{ mail_password }}
 APPSMITH_MAIL_SMTP_AUTH= {{ mail_auth }}
 # ******************************
 # ******** Google OAuth ********
 {% if not google_client_id or not google_secret_id %} 
 #APPSMITH_OAUTH2_GOOGLE_CLIENT_ID=
 #APPSMITH_OAUTH2_GOOGLE_CLIENT_SECRET=
 {% else %}
 APPSMITH_OAUTH2_GOOGLE_CLIENT_ID={{ google_client_id }}
 APPSMITH_OAUTH2_GOOGLE_CLIENT_SECRET={{ google_secret_id }}
 {% endif %}
 # ******************************
 # ********* Github OAUth **********
 {% if not google_client_id or not google_secret_id %} 
 #APPSMITH_OAUTH2_GITHUB_CLIENT_ID=
 #APPSMITH_OAUTH2_GITHUB_CLIENT_SECRET=
 {% else %}
 APPSMITH_OAUTH2_GITHUB_CLIENT_ID={{ github_client_id }}
 APPSMITH_OAUTH2_GITHUB_CLIENT_SECRET={{ github_client_secret }}
 {% endif %}
 # *********************************
 # ******** Google Maps ***********
 APPSMITH_GOOGLE_MAPS_API_KEY= {{ google_maps_api_key}}
 # ********************************
 # ******** Database *************
 APPSMITH_REDIS_URL=redis://redis:6379
 APPSMITH_MONGODB_URI=mongodb://{{ mongo_root_user }}:{{ mongo_root_password }}@{{ mongo_host }}/{{ mongo_database }}?retryWrites=true
 # *******************************
 APPSMITH_DISABLE_TELEMETRY={{ disable_telemetry }}
 # ******** Google Recaptcha Keys ***********
 APPSMITH_RECAPTCHA_SITE_KEY= {{ google_recaptcha_site_key }}
 APPSMITH_RECAPTCHA_SECRET_KEY= {{ google_recaptcha_secrete_key }}
 APPSMITH_RECAPTCHA_ENABLED= {{ google_recaptcha_enabled }}
 # ********************************
 # ******** Intercom **************
 APPSMITH_DISABLE_INTERCOM= {{ disable_intercom }}
 # ********************************
--- a/deploy/ansible/appsmith_playbook/roles/generate_template/templates/encryption.env.j2
+++ b/deploy/ansible/appsmith_playbook/roles/generate_template/templates/encryption.env.j2
@ -1,2 +0,0 @@
 APPSMITH_ENCRYPTION_PASSWORD={{ user_encryption_password }}
 APPSMITH_ENCRYPTION_SALT= {{ user_encryption_salt }}
--- a/deploy/ansible/appsmith_playbook/roles/generate_template/templates/mongo-init.js.j2
+++ b/deploy/ansible/appsmith_playbook/roles/generate_template/templates/mongo-init.js.j2
--- a/deploy/ansible/appsmith_playbook/roles/generate_template/templates/nginx-app.conf.j2
+++ b/deploy/ansible/appsmith_playbook/roles/generate_template/templates/nginx-app.conf.j2
@ -1,126 +0,0 @@
 map $http_x_forwarded_proto $origin_scheme {
    default $http_x_forwarded_proto;
    '' $scheme;
 }
 server {
    listen 80;
    server_name {{ custom_domain }};
    client_max_body_size 100m;
    gzip on;
    root /var/www/appsmith;
    index index.html index.htm;
    location /.well-known/acme-challenge/ {
        root /var/www/certbot;
    }
    proxy_set_header X-Forwarded-Proto $origin_scheme;
    proxy_set_header X-Forwarded-Host $host;
    location / {
        try_files $uri /index.html =404;
        sub_filter __APPSMITH_SENTRY_DSN__ '{{ sentry_dns }}';
        sub_filter __APPSMITH_SMART_LOOK_ID__ '{{ smart_look_id }}';
        sub_filter __APPSMITH_OAUTH2_GOOGLE_CLIENT_ID__ '{{ google_client_id }}';
        sub_filter __APPSMITH_OAUTH2_GITHUB_CLIENT_ID__ '{{ github_client_id }}';
        sub_filter __APPSMITH_DISABLE_TELEMETRY__ '{{ disable_telemetry }}';
        sub_filter __APPSMITH_MARKETPLACE_ENABLED__ '{{ marketplace_enabled }}';
        sub_filter __APPSMITH_SEGMENT_KEY__ '{{ segment_key }}';
        sub_filter __APPSMITH_OPTIMIZELY_KEY__ '{{ segment_key }}';
        sub_filter __APPSMITH_ALGOLIA_API_ID__ '{{ algolia_api_id }}';
        sub_filter __APPSMITH_ALGOLIA_SEARCH_INDEX_NAME__ '{{ algolia_search_index_name }}';
        sub_filter __APPSMITH_ALGOLIA_API_KEY__ '{{ algolia_api_key }}';
        sub_filter __APPSMITH_CLIENT_LOG_LEVEL__ '{{ client_log_level }}';
        sub_filter __APPSMITH_GOOGLE_MAPS_API_KEY__ '{{ google_maps_api_key }}';
        sub_filter __APPSMITH_TNC_PP__ '{{ tnc_pp }}';
        sub_filter __APPSMITH_VERSION_ID__ '{{ version_id }}';
        sub_filter __APPSMITH_VERSION_RELEASE_DATE__ '{{ version_release_date }}';
        sub_filter __APPSMITH_INTERCOM_APP_ID__ '{{ intercom_app_id }}';
        sub_filter __APPSMITH_MAIL_ENABLED__ '{{ mail_enabled }}';
        sub_filter __APPSMITH_RECAPTCHA_SITE_KEY__ '{{ google_recaptcha_site_key }}';
        sub_filter __APPSMITH_RECAPTCHA_SECRET_KEY__ '{{ google_recaptcha_secrete_key }}';
        sub_filter __APPSMITH_RECAPTCHA_ENABLED__ '{{ google_recaptcha_enabled }}';
        sub_filter __APPSMITH_DISABLE_INTERCOM__ '{{ disable_intercom }}';
    }
    location /f {
       proxy_pass https://cdn.optimizely.com/;
    }
    location /api {
        proxy_pass http://appsmith-internal-server:8080;
    }
    location /oauth2 {
        proxy_pass http://appsmith-internal-server:8080;
    }
    location /login {
        proxy_pass http://appsmith-internal-server:8080;
    }
 }
 {{ ssl_cmt }} server {
 {{ ssl_cmt }}    listen 443 ssl;
 {{ ssl_cmt }}    server_name {{ custom_domain }};
 {{ ssl_cmt }}    ssl_certificate /etc/letsencrypt/live/{{ custom_domain }}/fullchain.pem;
 {{ ssl_cmt }}    ssl_certificate_key /etc/letsencrypt/live/{{ custom_domain }}/privkey.pem;
 {{ ssl_cmt }}    include /etc/letsencrypt/options-ssl-nginx.conf;
 {{ ssl_cmt }}    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 {{ ssl_cmt }}    proxy_set_header X-Forwarded-Proto $origin_scheme;
 {{ ssl_cmt }}    proxy_set_header X-Forwarded-Host $host;
 {{ ssl_cmt }}    root /var/www/appsmith;
 {{ ssl_cmt }}    index index.html index.htm;
 {{ ssl_cmt }}    location / {
 {{ ssl_cmt }}        try_files $uri /index.html =404;
 {{ ssl_cmt }}        sub_filter __APPSMITH_SENTRY_DSN__ '{{ sentry_dns }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_SMART_LOOK_ID__ '{{ smart_look_id }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_OAUTH2_GOOGLE_CLIENT_ID__ '{{ google_client_id }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_OAUTH2_GITHUB_CLIENT_ID__ '{{ github_client_id }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_DISABLE_TELEMETRY__ '{{ disable_telemetry }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_MARKETPLACE_ENABLED__ '{{ marketplace_enabled }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_SEGMENT_KEY__ '{{ segment_key }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_OPTIMIZELY_KEY__ '{{ segment_key }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_ALGOLIA_API_ID__ '{{ algolia_api_id }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_ALGOLIA_SEARCH_INDEX_NAME__ '{{ algolia_search_index_name }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_ALGOLIA_API_KEY__ '{{ algolia_api_key }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_CLIENT_LOG_LEVEL__ '{{ client_log_level }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_GOOGLE_MAPS_API_KEY__ '{{ google_maps_api_key }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_TNC_PP__ '{{ tnc_pp }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_VERSION_ID__ '{{ version_id }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_VERSION_RELEASE_DATE__ '{{ version_release_date }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_INTERCOM_APP_ID__ '{{ intercom_app_id }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_MAIL_ENABLED__ '{{ mail_enabled }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_RECAPTCHA_SITE_KEY__ '{{ google_recaptcha_site_key }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_RECAPTCHA_SECRET_KEY__ '{{ google_recaptcha_secrete_key }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_RECAPTCHA_ENABLED__ '{{ google_recaptcha_enabled }}';
 {{ ssl_cmt }}        sub_filter __APPSMITH_DISABLE_INTERCOM__ '{{ disable_intercom }}';
 {{ ssl_cmt }}    }
 {{ ssl_cmt }}    location /f {
 {{ ssl_cmt }}       proxy_pass https://cdn.optimizely.com/;
 {{ ssl_cmt }}    }
 {{ ssl_cmt }}    location /api {
 {{ ssl_cmt }}        proxy_pass http://appsmith-internal-server:8080;
 {{ ssl_cmt }}    }
 {{ ssl_cmt }}    location /oauth2 {
 {{ ssl_cmt }}        proxy_pass http://appsmith-internal-server:8080;
 {{ ssl_cmt }}    }
 {{ ssl_cmt }}    location /login {
 {{ ssl_cmt }}        proxy_pass http://appsmith-internal-server:8080;
 {{ ssl_cmt }}    }
 {{ ssl_cmt }} }
--- a/deploy/ansible/appsmith_playbook/roles/setup-appsmith/defaults/main.yml
+++ b/deploy/ansible/appsmith_playbook/roles/setup-appsmith/defaults/main.yml
@ -1,7 +1,7 @@
 ---
 # Edition can be one of: 'ce' (Community Edition) or 'ee' (Enterprise Edition).
 docker_edition: 'ce'
-docker_package: "docker-{{ docker_edition }}"
+docker_package: 'docker-{{ docker_edition }}'
 docker_package_state: present
 # Service options.
@ -11,13 +11,13 @@ docker_restart_handler_state: restarted
 # Docker Compose options.
 docker_install_compose: true
-docker_compose_version: "1.27.0"
+docker_compose_version: 'v2.1.1'
 docker_compose_path: /usr/local/bin/docker-compose
 # Used only for Debian/Ubuntu. Switch 'stable' to 'edge' if needed.
 docker_apt_release_channel: stable
 docker_apt_arch: amd64
-docker_apt_repository: "deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
+docker_apt_repository: 'deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}'
 docker_apt_ignore_key_error: true
 docker_apt_gpg_key: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
--- a/deploy/ansible/appsmith_playbook/roles/setup-appsmith/tasks/main.yml
+++ b/deploy/ansible/appsmith_playbook/roles/setup-appsmith/tasks/main.yml
@ -0,0 +1,8 @@
 ---
 - include_tasks: preflight.yml
 - include_tasks: setup-ubuntu.yml
 - include_tasks: setup-docker.yml
 - include_tasks: setup-appsmith.yml
--- a/deploy/ansible/appsmith_playbook/roles/setup-appsmith/tasks/preflight.yml
+++ b/deploy/ansible/appsmith_playbook/roles/setup-appsmith/tasks/preflight.yml
@ -0,0 +1,35 @@
 ---
 - name: Check folder installation exist and empty
  find:
    paths: '{{ install_dir }}'
  register: filesFound
 - fail:
    msg: 'The {{ install_dir }} folder is existed and not empty'
  when: filesFound.matched > 0
 - name: Check port 80 is listening
  wait_for:
    port: 80
    delay: 2
    timeout: 5
    msg: 'Timeout waiting for 80 to respond'
  register: port_80
  ignore_errors: yes
 - fail:
    msg: 'Port 80 is running'
  when: port_80.failed == false
 - name: Check port 443 is listening
  wait_for:
    port: 443
    delay: 2
    timeout: 5
    msg: 'Timeout waiting for 443 to respond'
  register: port_443
  ignore_errors: yes
 - fail:
    msg: 'Port 443 is running'
  when: port_443.failed == false
--- a/deploy/ansible/appsmith_playbook/roles/setup-appsmith/tasks/setup-appsmith.yml
+++ b/deploy/ansible/appsmith_playbook/roles/setup-appsmith/tasks/setup-appsmith.yml
@ -0,0 +1,16 @@
 ---
 - name: Create installation folder
  file:
    path: '{{ install_dir }}'
    state: directory
 - name: Download docker-compose.yml
  get_url:
    url: https://raw.githubusercontent.com/appsmithorg/appsmith/release/deploy/aws_ami/docker-compose.yml
    dest: '{{ install_dir }}'
    mode: 0440
 - name: Start Appsmith
  shell: docker-compose up -d
  args:
    chdir: '{{ install_dir }}'
--- a/deploy/ansible/appsmith_playbook/roles/setup-appsmith/tasks/setup-docker.yml
+++ b/deploy/ansible/appsmith_playbook/roles/setup-appsmith/tasks/setup-docker.yml
@ -1,25 +1,22 @@
 ---
- include_tasks: setup-ubuntu.yml
+- name: Install Docker
  when: ansible_os_family == 'Debian'
 - name: Install Docker.
  package:
-    name: "{{ docker_package }}"
+    name: '{{ docker_package }}'
-    state: "{{ docker_package_state }}"
+    state: '{{ docker_package_state }}'
  become: yes
- name: Ensure Docker is started and enabled at boot.
+- name: Ensure Docker is started and enabled at boot
  service:
    name: docker
-    state: "{{ docker_service_state }}"
+    state: '{{ docker_service_state }}'
-    enabled: "{{ docker_service_enabled }}"
+    enabled: '{{ docker_service_enabled }}'
- name: Ensure handlers are notified now to avoid firewall conflicts.
+- name: Ensure handlers are notified now to avoid firewall conflicts
  meta: flush_handlers
- name: Ensure docker users are added to the docker group.
+- name: Ensure docker users are added to the docker group
  user:
-    name: "{{ ansible_user }}"
+    name: '{{ ansible_user }}'
    groups: docker
    append: true
  become: yes
@ -27,15 +24,15 @@
 - name: reset ssh connection to allow user changes to affect 'current login user'
  meta: reset_connection
- name: Check current docker-compose version.
+- name: Check current docker-compose version
  command: docker-compose --version
  register: docker_compose_current_version
  changed_when: false
  failed_when: false
- name: Delete existing docker-compose version if it's different.
+- name: Delete existing docker-compose version if it's different
  file:
-    path: "{{ docker_compose_path }}"
+    path: '{{ docker_compose_path }}'
    state: absent
  when: >
    docker_compose_current_version.stdout is defined
@ -45,6 +42,6 @@
 - name: Install Docker-compose
  get_url:
    url: https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64
-    dest: "{{ docker_compose_path }}"
+    dest: '{{ docker_compose_path }}'
    mode: 0755
  become: yes
--- a/deploy/ansible/appsmith_playbook/roles/setup-appsmith/tasks/setup-ubuntu.yml
+++ b/deploy/ansible/appsmith_playbook/roles/setup-appsmith/tasks/setup-ubuntu.yml
@ -0,0 +1,53 @@
 ---
 - name: Upgrade all packages to the latest version
  apt:
    name: '*'
    state: latest
  become: yes
 - name: Install required system packages
  apt:
    update_cache: yes
    name:
      - apt-transport-https
      - ca-certificates
      - curl
      - software-properties-common
      - python3-pip
      - virtualenv
      - python3-setuptools
    state: latest
  become: yes
  tags:
    - always
 - name: Ensure old versions of Docker are not installed
  package:
    name:
      - docker
      - docker-engine
    state: absent
 - name: Ensure dependencies are installed
  apt:
    name:
      - apt-transport-https
      - ca-certificates
      - gnupg2
      - curl
    state: present
  become: yes
 - name: Add Docker apt key
  shell: >
    curl -sSL {{ docker_apt_gpg_key }} | sudo apt-key add -
  args:
    warn: false
  become: yes
 - name: Add Docker repository
  apt_repository:
    repo: '{{ docker_apt_repository }}'
    state: present
    update_cache: true
  become: yes
--- a/deploy/ansible/appsmith_playbook/roles/start_app/handlers/main.yml
+++ b/deploy/ansible/appsmith_playbook/roles/start_app/handlers/main.yml
@ -1,9 +0,0 @@
 ---
    - name: Send request to integromat when start app with docker
      uri:
        url: "{{ analytics_webhook_uri }}"
        method: POST
        body: "{\"userId\":\"{{ app_installation_id.content }}\",\"event\":\"Start app\",\"data\":{\"os\":\"{{ os.stdout }}\", \"platform\": \"ansible\"}}"
        body_format: json
        return_content: yes
      listen: "Start Appsmith with docker-compose"
--- a/deploy/ansible/appsmith_playbook/roles/start_app/tasks/main.yml
+++ b/deploy/ansible/appsmith_playbook/roles/start_app/tasks/main.yml
@ -1,6 +0,0 @@
 ---
    - name: Start Appsmith
      shell: docker-compose up --build -d
      args:
        chdir: "{{ install_dir}}/"
      notify: "Start Appsmith with docker-compose"
		`@ -1,2 +0,0 @@`
			`APPSMITH_ENCRYPTION_PASSWORD={{ user_encryption_password }}`
			`APPSMITH_ENCRYPTION_SALT= {{ user_encryption_salt }}`