Add some tasks that add a systemd unit when it's not part of the package.
This commit is contained in:
parent
5251a37035
commit
39f3a8b96e
|
@ -5,6 +5,10 @@
|
|||
# tomcat_fixed_version: 9
|
||||
tomcat_pkg_state: present
|
||||
tomcat_service_enabled: true
|
||||
tomcat_use_systemd_unit: "{% if ansible_distribution_major_version is version_compare('18.04', '>=') %}true{{ tomcat_version }}{% else %}false{% endif %}"
|
||||
tomcat_systemd_security_enhanced: false
|
||||
tomcat_systemd_security: "{% if tomcat_systemd_security_enhanced %}true{% else %}false{% endif %}"
|
||||
|
||||
tomcat_pkgs:
|
||||
- 'tomcat{{ tomcat_version }}'
|
||||
- 'libtomcat{{ tomcat_version }}-java'
|
||||
|
@ -60,6 +64,7 @@ tomcat_catalina_base_dir: '/var/lib/tomcat{{ tomcat_version }}'
|
|||
tomcat_conf_dir: '/etc/tomcat{{ tomcat_version }}'
|
||||
tomcat_webapps_dir: '{{ tomcat_catalina_base_dir }}/webapps'
|
||||
tomcat_common_dir: '{{ tomcat_catalina_base_dir }}/common/'
|
||||
tomcat_work_dir: '{{ tomcat_catalina_base_dir }}/work'
|
||||
tomcat_common_classes_dir: '{{ tomcat_catalina_base_dir }}/common/classes'
|
||||
tomcat_tmp_dir: '{{ tomcat_catalina_base_dir }}/tmp/tomcat'
|
||||
tomcat_enable_catalina_shared_loader: true
|
||||
|
|
|
@ -1,93 +1,166 @@
|
|||
---
|
||||
- name: Set the tomcat version for ubuntu Trusy
|
||||
set_fact:
|
||||
- name: tomcat-pkgs | Set the tomcat version for ubuntu Trusy
|
||||
ansible.builtin.set_fact:
|
||||
tomcat_version: 7
|
||||
when:
|
||||
- ansible_distribution_major_version is version_compare('16.04', '<')
|
||||
- tomcat_fixed_version is not defined
|
||||
tags: [ 'tomcat', 'tomcat_ver', 'tomcat_conf', 'tomcat_javamelody' ]
|
||||
tags: ['tomcat', 'tomcat_ver', 'tomcat_conf', 'tomcat_javamelody']
|
||||
|
||||
- name: Set the tomcat version for Ubuntu bionic
|
||||
set_fact:
|
||||
- name: tomcat-pkgs | Set the tomcat version for Ubuntu bionic
|
||||
ansible.builtin.set_fact:
|
||||
tomcat_version: 8
|
||||
when:
|
||||
- ansible_distribution_major_version is version_compare('18.04', '==')
|
||||
- tomcat_fixed_version is not defined
|
||||
tags: [ 'tomcat', 'tomcat_ver', 'tomcat_conf', 'tomcat_javamelody' ]
|
||||
tags: ['tomcat', 'tomcat_ver', 'tomcat_conf', 'tomcat_javamelody']
|
||||
|
||||
- name: Set the tomcat version for Ubuntu bionic
|
||||
set_fact:
|
||||
- name: tomcat-pkgs | Set the tomcat version for Ubuntu bionic
|
||||
ansible.builtin.set_fact:
|
||||
tomcat_version: 10
|
||||
when:
|
||||
- ansible_distribution_major_version is version_compare('24.04', '==')
|
||||
- tomcat_fixed_version is not defined
|
||||
tags: [ 'tomcat', 'tomcat_ver', 'tomcat_conf', 'tomcat_javamelody' ]
|
||||
tags: ['tomcat', 'tomcat_ver', 'tomcat_conf', 'tomcat_javamelody']
|
||||
|
||||
- name: Impose a tomcat version
|
||||
set_fact:
|
||||
- name: tomcat-pkgs | Impose a tomcat version
|
||||
ansible.builtin.set_fact:
|
||||
tomcat_version: '{{ tomcat_fixed_version }}'
|
||||
when: tomcat_fixed_version is defined
|
||||
tags: [ 'tomcat', 'tomcat_ver', 'tomcat_conf', 'tomcat_javamelody' ]
|
||||
tags: ['tomcat', 'tomcat_ver', 'tomcat_conf', 'tomcat_javamelody']
|
||||
|
||||
- name: Print the Tomcat version
|
||||
debug:
|
||||
msg: "The Tomcat version we are going to install is {{ tomcat_version }}"
|
||||
tags: [ 'tomcat', 'tomcat_ver', 'tomcat_conf', 'tomcat_javamelody' ]
|
||||
- name: tomcat-pkgs | Print the Tomcat version
|
||||
ansible.builtin.debug:
|
||||
msg: "The Tomcat version we are going to install is {{ tomcat_version }}"
|
||||
tags: ['tomcat', 'tomcat_ver', 'tomcat_conf', 'tomcat_javamelody']
|
||||
|
||||
- name: Install the tomcat packages
|
||||
apt: pkg={{ tomcat_pkgs }} state={{ tomcat_pkg_state }} cache_valid_time=1800
|
||||
- name: tomcat-pkgs | Install the tomcat packages
|
||||
ansible.builtin.apt:
|
||||
pkg: "{{ tomcat_pkgs }}"
|
||||
state: "{{ tomcat_pkg_state }}"
|
||||
cache_valid_time: 1800
|
||||
tags: tomcat
|
||||
|
||||
- name: Install additional packages needed by tomcat 8+
|
||||
apt: pkg={{ tomcat8_additional_pkgs }} state={{ tomcat_pkg_state }} cache_valid_time=1800
|
||||
- name: tomcat-pkgs | Install additional packages needed by tomcat 8+
|
||||
ansible.builtin.apt:
|
||||
pkg: "{{ tomcat8_additional_pkgs }}"
|
||||
state: "{{ tomcat_pkg_state }}"
|
||||
cache_valid_time: 1800
|
||||
when: tomcat_version is version_compare('8', '>=')
|
||||
tags: [ 'tomcat', 'tomcat_javamelody', 'tomcat_conf', 'tomcat_javamelody' ]
|
||||
tags: ['tomcat', 'tomcat_javamelody', 'tomcat_conf', 'tomcat_javamelody']
|
||||
|
||||
- name: Create the tomcat tmp directory
|
||||
file: dest={{ tomcat_tmp_dir }} state=directory owner={{ tomcat_user }} group={{ tomcat_user }}
|
||||
- name: tomcat-pkgs | Create the tomcat tmp directory
|
||||
ansible.builtin.file:
|
||||
dest: "{{ tomcat_tmp_dir }}"
|
||||
state: directory
|
||||
owner: "{{ tomcat_user }}"
|
||||
group: "{{ tomcat_user }}"
|
||||
mode: "0750"
|
||||
notify: tomcat restart
|
||||
tags: tomcat
|
||||
|
||||
- name: Create the catalina temp directory, if different from the default
|
||||
file: dest={{ catalina_tmp_directory }} state=directory owner={{ tomcat_user }} group={{ tomcat_user }}
|
||||
|
||||
- name: tomcat-pkgs | Create the catalina temp directory, if different from the default
|
||||
ansible.builtin.file:
|
||||
dest: "{{ catalina_tmp_directory }}"
|
||||
state: directory
|
||||
owner: "{{ tomcat_user }}"
|
||||
group: "{{ tomcat_user }}"
|
||||
mode: "0750"
|
||||
when: catalina_tmp_directory is defined
|
||||
notify: tomcat restart
|
||||
notify: tomcat restart
|
||||
tags: tomcat
|
||||
|
||||
- name: Configure tomcat defaults
|
||||
template: src=tomcat-default.j2 dest=/etc/default/tomcat{{ tomcat_version }}
|
||||
|
||||
- name: tomcat-pkgs | Configure tomcat defaults
|
||||
ansible.builtin.template:
|
||||
src: tomcat-default.j2
|
||||
dest: "/etc/default/tomcat{{ tomcat_version }}"
|
||||
owner: root
|
||||
group: "{{ tomcat_user }}"
|
||||
mode: "0640"
|
||||
when: tomcat_install_default_conf | bool
|
||||
notify: tomcat restart
|
||||
tags: [ 'tomcat', 'tomcat_default', 'tomcat_conf' ]
|
||||
tags: ['tomcat', 'tomcat_default', 'tomcat_conf']
|
||||
|
||||
- name: Configure tomcat server.xml
|
||||
template: src=tomcat-server.xml.j2 dest={{ tomcat_conf_dir }}/server.xml
|
||||
- name: tomcat-pkgs | Configure tomcat server.xml
|
||||
ansible.builtin.template:
|
||||
src: tomcat-server.xml.j2
|
||||
dest: "{{ tomcat_conf_dir }}/server.xml"
|
||||
owner: root
|
||||
group: "{{ tomcat_user }}"
|
||||
mode: "0640"
|
||||
when: tomcat_install_server_xml | bool
|
||||
notify: tomcat restart
|
||||
tags: [ 'tomcat', 'tomcat_serverxml', 'tomcat_conf' ]
|
||||
tags: ['tomcat', 'tomcat_serverxml', 'tomcat_conf']
|
||||
|
||||
- name: Configure tomcat web.xml
|
||||
template: src=tomcat-web.xml.j2 dest={{ tomcat_conf_dir }}/web.xml
|
||||
- name: tomcat-pkgs | Configure tomcat web.xml
|
||||
ansible.builtin.template:
|
||||
src: tomcat-web.xml.j2
|
||||
dest: "{{ tomcat_conf_dir }}/web.xml"
|
||||
owner: root
|
||||
group: "{{ tomcat_user }}"
|
||||
mode: "0640"
|
||||
notify: tomcat restart
|
||||
tags: [ 'tomcat', 'tomcat_serverxml', 'tomcat_conf' ]
|
||||
tags: ['tomcat', 'tomcat_serverxml', 'tomcat_conf']
|
||||
|
||||
- name: Install a slightly modified catalina.properties
|
||||
template: src=catalina.properties.j2 dest={{ tomcat_conf_dir }}/catalina.properties owner=root group={{ tomcat_user }} mode=0644
|
||||
- name: tomcat-pkgs | Install the startup script used by the systemd unit
|
||||
ansible.builtin.template:
|
||||
src: tomcat-start.sh.j2
|
||||
dest: "/usr/libexec/tomcat{{ tomcat_version }}/tomcat-start.sh"
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0755"
|
||||
notify: tomcat restart
|
||||
when:
|
||||
- tomcat_use_systemd_unit
|
||||
- ansible_distribution_major_version is version_compare('24.04', '<')
|
||||
tags: ['tomcat', 'tomcat_serverxml', 'tomcat_conf']
|
||||
|
||||
- name: tomcat-pkgs | Install the systemd unit
|
||||
ansible.builtin.template:
|
||||
src: tomcat-service.j2
|
||||
dest: "/etc/systemd/system/tomcat{{ tomcat_version }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
notify: tomcat restart
|
||||
when:
|
||||
- tomcat_use_systemd_unit
|
||||
- ansible_distribution_major_version is version_compare('24.04', '<')
|
||||
tags: ['tomcat', 'tomcat_serverxml', 'tomcat_conf']
|
||||
|
||||
- name: tomcat-pkgs | Install a slightly modified catalina.properties
|
||||
ansible.builtin.template:
|
||||
src: catalina.properties.j2
|
||||
dest: "{{ tomcat_conf_dir }}/catalina.properties"
|
||||
owner: root
|
||||
group: "{{ tomcat_user }}"
|
||||
mode: "0644"
|
||||
when: tomcat_install_default_conf | bool
|
||||
notify: tomcat restart
|
||||
tags: [ 'tomcat', 'tomcat_catalinaprops' ]
|
||||
tags: ['tomcat', 'tomcat_catalinaprops']
|
||||
|
||||
- name: Create some directories that the package do not creates itself
|
||||
file: dest={{ tomcat_catalina_home_dir }}/{{ item }} state=directory owner={{ tomcat_user }} group={{ tomcat_user }} mode=0755
|
||||
- name: tomcat-pkgs | Create some directories that the package do not creates itself
|
||||
ansible.builtin.file:
|
||||
dest: "{{ tomcat_catalina_home_dir }}/{{ item }}"
|
||||
state: directory
|
||||
owner: "{{ tomcat_user }}"
|
||||
group: "{{ tomcat_user }}"
|
||||
mode: "0755"
|
||||
with_items:
|
||||
- common/classes
|
||||
- server/classes
|
||||
- shared/classes
|
||||
tags: tomcat
|
||||
|
||||
- name: On tomcat8, create a link to commons-daemon.jar to avoid exceptions at startup
|
||||
file: src=/usr/share/java/{{ item }} dest={{ tomcat_catalina_home_dir }}/bin/{{ item }} state=link owner=root group=root mode=0644
|
||||
- name: tomcat-pkgs | On tomcat8, create a link to commons-daemon.jar to avoid exceptions at startup
|
||||
ansible.builtin.file:
|
||||
src: "/usr/share/java/{{ item }}"
|
||||
dest: "{{ tomcat_catalina_home_dir }}/bin/{{ item }}"
|
||||
state: link
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
with_items:
|
||||
- commons-daemon.jar
|
||||
when: tomcat_version is version_compare('8', '>=')
|
||||
tags: [ 'tomcat', 'tomcat_conf' ]
|
||||
tags: ['tomcat', 'tomcat_conf']
|
||||
|
|
|
@ -0,0 +1,55 @@
|
|||
#
|
||||
# Systemd unit file for Apache Tomcat
|
||||
#
|
||||
|
||||
[Unit]
|
||||
Description=Apache Tomcat {{ tomcat_version}} Web Application Server
|
||||
After=syslog.target network.target
|
||||
StartLimitIntervalSec=500
|
||||
StartLimitBurst=5
|
||||
RequiresMountsFor=/var/log/tomcat{{ tomcat_version }} /var/lib/tomcat{{ tomcat_version }}
|
||||
|
||||
[Service]
|
||||
Environment="CATALINA_HOME=/usr/share/tomcat{{ tomcat_version }}"
|
||||
Environment="CATALINA_BASE=/var/lib/tomcat{{ tomcat_version }}"
|
||||
Environment="CATALINA_TMPDIR={{ tomcat_tmp_dir }}"
|
||||
Environment="JAVA_OPTS=-Djava.awt.headless=true"
|
||||
|
||||
Type=simple
|
||||
ExecStartPre=+/usr/libexec/tomcat{{ tomcat_version}}/tomcat-update-policy.sh
|
||||
ExecStart=/bin/sh /usr/libexec/tomcat{{ tomcat_version }}/tomcat-start.sh
|
||||
SuccessExitStatus=143
|
||||
RestartSec=10
|
||||
Restart=on-failure on-abort
|
||||
# Logging
|
||||
SyslogIdentifier=tomcat{{ tomcat_version }}
|
||||
|
||||
User={{ tomcat_user }}
|
||||
Group={{ tomcat_user }}
|
||||
{% if tomcat_systemd_security %}
|
||||
PrivateTmp=yes
|
||||
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||
NoNewPrivileges=true
|
||||
CacheDirectory=tomcat{{ tomcat_version }}
|
||||
CacheDirectoryMode=750
|
||||
ProtectSystem=strict
|
||||
ReadWritePaths=/etc/tomcat{{ tomcat_version }}/Catalina/
|
||||
ReadWritePaths={{ tomcat_webapps_dir }}
|
||||
ReadWritePaths={{ tomcat_logdir }}
|
||||
{% endif %}
|
||||
{% if tomcat_systemd_security_enhanced %}
|
||||
ProtectSystem=strict
|
||||
ProtectHome=yes
|
||||
PrivateDevices=yes
|
||||
PrivateUsers=yes
|
||||
ProtectKernelTunables=yes
|
||||
ProtectKernelLogs=yes
|
||||
ReadWritePaths={{ tomcat_work_dir }}
|
||||
ReadWritePaths={{ tomcat_tmp_dir }}
|
||||
RestrictAddressFamilies=AF_INET6 AF_INET
|
||||
SystemCallArchitectures=native
|
||||
SystemCallFilter=@system-service
|
||||
{% endif %}
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -0,0 +1,25 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# Startup script for Apache Tomcat with systemd
|
||||
#
|
||||
|
||||
set -e
|
||||
|
||||
# Load the service settings
|
||||
. /etc/default/tomcat{{ tomcat_version}}
|
||||
|
||||
# Find the Java runtime and set JAVA_HOME
|
||||
. /usr/libexec/tomcat{{ tomcat_version }}/tomcat-locate-java.sh
|
||||
|
||||
# Set the JSP compiler if configured in the /etc/default/tomcat10 file
|
||||
[ -n "$JSP_COMPILER" ] && JAVA_OPTS="$JAVA_OPTS -Dbuild.compiler=\"$JSP_COMPILER\""
|
||||
|
||||
export JAVA_OPTS
|
||||
|
||||
# Enable the Java security manager?
|
||||
SECURITY=""
|
||||
[ "$SECURITY_MANAGER" = "true" ] && SECURITY="-security"
|
||||
|
||||
|
||||
# Start Tomcat
|
||||
cd $CATALINA_BASE && exec $CATALINA_HOME/bin/catalina.sh run $SECURITY
|
Loading…
Reference in New Issue