Add a systemd unit.
This commit is contained in:
parent
99b8ca35d6
commit
8a8375f80f
GPG Key ID:
147ABE6CEB9E20FF
|
|
@ -47,7 +47,7 @@
|
|||
state: directory
|
||||
with_nested:
|
||||
- '{{ tomcat_m_instances }}'
|
||||
- ['common/classes', 'conf/Catalina/localhost', 'conf/policy.d', 'lib', 'server/classes', 'shared/classes', 'webapps']
|
||||
- ['common/classes', 'conf/Catalina/localhost', 'conf/policy.d', 'lib', 'server/classes', 'shared/classes', 'webapps', policy]
|
||||
register: tomcat_first_install
|
||||
|
||||
- name: Create the tomcat logs base directory
|
||||
|
|
@ -237,7 +237,7 @@
|
|||
notify: tomcat multiple-instances restart
|
||||
tags: ['tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_host_manager', 'tomcat_manager']
|
||||
|
||||
- name: Install the instances startup scripts
|
||||
- name: Install the instances SYSV startup scripts
|
||||
ansible.builtin.template:
|
||||
src: tomcat-instance.init.j2
|
||||
dest: "/etc/init.d/tomcat-instance-{{ item.http_port }}"
|
||||
|
|
@ -245,9 +245,43 @@
|
|||
owner: root
|
||||
group: root
|
||||
loop: '{{ tomcat_m_instances }}'
|
||||
when: not tomcat_use_systemd_unit
|
||||
register: reload_systemd
|
||||
tags: ['tomcat', 'tomcat_instances', 'tomcat_init']
|
||||
|
||||
- name: Remove the instances SYSV startup scripts when we prefer the systemd unit
|
||||
ansible.builtin.file:
|
||||
dest: "/etc/init.d/tomcat-instance-{{ item.http_port }}"
|
||||
state: absent
|
||||
loop: '{{ tomcat_m_instances }}'
|
||||
when: tomcat_use_systemd_unit
|
||||
tags: ['tomcat', 'tomcat_instances', 'tomcat_init']
|
||||
|
||||
- name: Install the instances systemd unit
|
||||
ansible.builtin.template:
|
||||
src: tomcat-service.j2
|
||||
dest: "/etc/systemd/system//tomcat-instance-{{ item.http_port }}"
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
loop: '{{ tomcat_m_instances }}'
|
||||
when: tomcat_use_systemd_unit
|
||||
register: reload_systemd
|
||||
notify: tomcat multiple-instances restart
|
||||
tags: ['tomcat', 'tomcat_instances', 'tomcat_init']
|
||||
|
||||
- name: Install the helper script used by the systemd unit
|
||||
ansible.builtin.template:
|
||||
src: tomcat-start.sh.j2
|
||||
dest: "/usr/libexec/tomcat{{ tomcat_version }}/tomcat-instance-{{ item.http_port }}-start.sh"
|
||||
mode: "0755"
|
||||
owner: root
|
||||
group: root
|
||||
loop: '{{ tomcat_m_instances }}'
|
||||
when: tomcat_use_systemd_unit
|
||||
notify: tomcat multiple-instances restart
|
||||
tags: ['tomcat', 'tomcat_instances', 'tomcat_init']
|
||||
|
||||
- name: Install the tomcat instances default file
|
||||
ansible.builtin.template:
|
||||
src: tomcat-default.j2
|
||||
|
|
@ -264,7 +298,7 @@
|
|||
daemon-reload: true
|
||||
when:
|
||||
- ansible_service_mgr == 'systemd'
|
||||
- reload_systemd | bool
|
||||
- tomcat_use_systemd_unit
|
||||
|
||||
- name: Install a custom context.xml file
|
||||
ansible.builtin.template:
|
||||
|
|
|
|||
|
|
@ -0,0 +1,51 @@
|
|||
#
|
||||
# Systemd unit file for Apache Tomcat
|
||||
#
|
||||
|
||||
[Unit]
|
||||
Description=Apache Tomcat {{ tomcat_version}} Web Application Server
|
||||
After=syslog.target network.target
|
||||
StartLimitIntervalSec=500
|
||||
StartLimitBurst=5
|
||||
RequiresMountsFor={{ tomcat_m_instances_logdir_base }}/{{ item.http_port }} /var/lib/tomcat{{ tomcat_version }}
|
||||
|
||||
[Service]
|
||||
Environment="CATALINA_HOME=/usr/share/tomcat{{ tomcat_version }}"
|
||||
Environment="CATALINA_BASE={{ item.instance_path }}"
|
||||
Environment="CATALINA_TMPDIR={{ item.catalina_tmp_directory }}"
|
||||
Type=simple
|
||||
ExecStartPre=+/usr/libexec/tomcat{{ tomcat_version}}/tomcat-update-policy.sh
|
||||
ExecStart=/bin/sh /usr/libexec/tomcat{{ tomcat_version }}/tomcat-instance-{{ item.http_port }}-start.sh
|
||||
SuccessExitStatus=143
|
||||
RestartSec=10
|
||||
Restart=on-failure on-abort
|
||||
# Logging
|
||||
SyslogIdentifier=tomcat{{ tomcat_version }}
|
||||
|
||||
User={{ item.user }}
|
||||
Group={{ item.user }}
|
||||
{% if tomcat_systemd_security %}
|
||||
PrivateTmp=yes
|
||||
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||
NoNewPrivileges=true
|
||||
CacheDirectory={{ tomcat_m_cache_base }}/{{ item.http_port }}
|
||||
CacheDirectoryMode=750
|
||||
ProtectSystem=strict
|
||||
ReadWritePaths={{ item.instance_path }}/conf/Catalina/
|
||||
ReadWritePaths={{ item.instance_path }}/webapps
|
||||
ReadWritePaths={{ tomcat_m_instances_logdir_base }}/{{ item.http_port }}
|
||||
{% endif %}
|
||||
{% if tomcat_systemd_security_enhanced %}
|
||||
ProtectSystem=strict
|
||||
ProtectHome=yes
|
||||
PrivateDevices=yes
|
||||
PrivateUsers=yes
|
||||
ProtectKernelTunables=yes
|
||||
ProtectKernelLogs=yes
|
||||
RestrictAddressFamilies=AF_INET6 AF_INET
|
||||
SystemCallArchitectures=native
|
||||
SystemCallFilter=@system-service
|
||||
{% endif %}
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
@ -0,0 +1,25 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# Startup script for Apache Tomcat with systemd
|
||||
#
|
||||
|
||||
set -e
|
||||
|
||||
# Load the service settings
|
||||
. /etc/default/tomcat-instance-{{ item.http_port }}
|
||||
|
||||
# Find the Java runtime and set JAVA_HOME
|
||||
. /usr/libexec/tomcat{{ tomcat_version }}/tomcat-locate-java.sh
|
||||
|
||||
# Set the JSP compiler if configured in the /etc/default/tomcat10 file
|
||||
[ -n "$JSP_COMPILER" ] && JAVA_OPTS="$JAVA_OPTS -Dbuild.compiler=\"$JSP_COMPILER\""
|
||||
|
||||
export JAVA_OPTS
|
||||
|
||||
# Enable the Java security manager?
|
||||
SECURITY=""
|
||||
[ "$SECURITY_MANAGER" = "true" ] && SECURITY="-security"
|
||||
|
||||
|
||||
# Start Tomcat
|
||||
cd $CATALINA_BASE && exec $CATALINA_HOME/bin/catalina.sh run $SECURITY
|
||||
Loading…
Reference in New Issue