144 lines
5.6 KiB
YAML
144 lines
5.6 KiB
YAML
---
|
|
# The tomcat version is set at runtime. It changes from one distribution to the other.
|
|
# tomcat_version: 7
|
|
# To force a tomcat version set the following variable:
|
|
# tomcat_fixed_version: 9
|
|
tomcat_pkg_state: present
|
|
tomcat_service_enabled: true
|
|
tomcat_use_systemd_unit_test: "{% if ansible_distribution_version is version_compare('18.04', '>=') %}true{% else %}false{% endif %}"
|
|
tomcat_use_systemd_unit: '{{ tomcat_use_systemd_unit_test | bool }}'
|
|
tomcat_systemd_security_enhanced: false
|
|
tomcat_systemd_security_test: '{% if tomcat_systemd_security_enhanced %}true{% else %}false{% endif %}'
|
|
tomcat_systemd_security: '{{ tomcat_systemd_security_test | bool }}'
|
|
|
|
tomcat_pkgs:
|
|
- 'tomcat{{ tomcat_version }}'
|
|
- 'libtomcat{{ tomcat_version }}-java'
|
|
- 'tomcat{{ tomcat_version }}-common'
|
|
- libapr1
|
|
|
|
tomcat8_additional_pkgs:
|
|
- jsvc
|
|
- libcommons-daemon-java
|
|
|
|
tomcat_user: "{% if tomcat_version is version_compare('10', '<') %}tomcat{{ tomcat_version }}{% else %}tomcat{% endif %}"
|
|
tomcat_max_threads: 200
|
|
|
|
tomcat_min_heap_size: 2048m
|
|
tomcat_permgen_defined: true
|
|
tomcat_heap_size: '{{ tomcat_min_heap_size }}'
|
|
tomcat_permgen_size: 512m
|
|
tomcat_file_encoding: 'UTF-8'
|
|
tomcat_java_opts: "-Xms{{ tomcat_min_heap_size }} -Xmx{{ tomcat_heap_size }}"
|
|
tomcat_additional_java_8_opts: "-XX:+CrashOnOutOfMemoryError"
|
|
tomcat_java_gc_opts: "{% if openjdk_default is version_compare('11', '<=') %}-XX:+UseConcMarkSweepGC{% else %}{% endif %}"
|
|
tomcat_proxy_enabled: false
|
|
tomcat_proxy_http_host: 'localhost'
|
|
tomcat_proxy_http_port: '3128'
|
|
tomcat_proxy_https_host: '{{ tomcat_proxy_http_host }}'
|
|
tomcat_proxy_https_port: '{{ tomcat_proxy_http_port }}'
|
|
tomcat_proxy_opts: "-DproxySet=true -Dhttp.proxyHost={{ tomcat_proxy_http_host }} -Dhttp.proxyPort={{ tomcat_proxy_http_port }} -Dhttps.proxyHost={{ tomcat_proxy_https_host }} -Dhttps.proxyPort={{ tomcat_proxy_https_port }}"
|
|
tomcat_other_java_opts: ""
|
|
tomcat_install_server_xml: true
|
|
tomcat_install_default_conf: true
|
|
tomcat_load_additional_default_conf: true
|
|
tomcat_http_enabled: true
|
|
tomcat_http_port: 8080
|
|
tomcat_http_address: 0.0.0.0
|
|
tomcat_webapps_autodeploy: false
|
|
tomcat_webapps_unpack: false
|
|
tomcat_ajp_enabled: false
|
|
tomcat_ajp_port: 8009
|
|
tomcat_ajp_address: 127.0.0.1
|
|
tomcat_direct_access: false
|
|
tomcat_reverse_proxy_name_enabled: false
|
|
tomcat_reverse_proxy_name: '{{ ansible_fqdn }}'
|
|
tomcat_reverse_proxy_port: '{{ http_port | default(80) }}'
|
|
# There is a bug that kills tomcat after 50 days if the shutdown port is enabled
|
|
# Disable the shutdown port by default
|
|
# tomcat_shutdown_port: 8005
|
|
tomcat_shutdown_port: -1
|
|
tomcat_shutdown_pwd: "{{ lookup('password', '/tmp/passwordfile chars=ascii_letters,digits') }}"
|
|
tomcat_restart_timeout: 300
|
|
tomcat_max_post_size: 1000000
|
|
tomcat_catalina_home_dir: '/usr/share/tomcat{{ tomcat_version }}'
|
|
tomcat_catalina_base_dir: '/var/lib/tomcat{{ tomcat_version }}'
|
|
tomcat_conf_dir: '/etc/tomcat{{ tomcat_version }}'
|
|
tomcat_webapps_dir: '{{ tomcat_catalina_base_dir }}/webapps'
|
|
tomcat_common_dir: '{{ tomcat_catalina_base_dir }}/common/'
|
|
tomcat_work_dir: '{{ tomcat_catalina_base_dir }}/work'
|
|
tomcat_common_classes_dir: '{{ tomcat_catalina_base_dir }}/common/classes'
|
|
tomcat_tmp_dir: '{{ tomcat_catalina_base_dir }}/tmp/tomcat'
|
|
tomcat_enable_catalina_shared_loader: true
|
|
tomcat_catalina_shared_loader_path: '${catalina.home}/shared/classes,${catalina.home}/shared/*.jar,${catalina.base}/shared/classes,${catalina.base}/shared/*.jar'
|
|
|
|
|
|
# JMX and debugging
|
|
tomcat_enable_remote_debugging: false
|
|
tomcat_remote_debugging_host: '0.0.0.0'
|
|
tomcat_remote_debugging_port: ':8100'
|
|
tomcat_remote_debugging_uri: '{{ tomcat_remote_debugging_host }}:{{ tomcat_remote_debugging_port }}'
|
|
#
|
|
tomcat_jmx_enabled: false
|
|
tomcat_jmx_auth_enabled: false
|
|
tomcat_jmx_port: 8082
|
|
tomcat_jmx_auth_dir: '{{ tomcat_conf_dir }}'
|
|
tomcat_jmx_use_ssl: false
|
|
# The following work with jdk >= 7.0.25 only
|
|
tomcat_jmx_disable_additional_ports: true
|
|
tomcat_jmx_localhost_only: false
|
|
# tomcat_jmx_monitorpass: define_in_a_vault_file
|
|
# tomcat_jmx_controlpass: define_in_a_vault_file
|
|
|
|
# Metrics monitoring via javamelody
|
|
tomcat_javamelody: false
|
|
# tomcat_javamelody_version: latest
|
|
tomcat_javamelody_version: 1.82.0
|
|
|
|
# tomcat logging
|
|
tomcat_logdir: '/var/log/tomcat{{ tomcat_version }}'
|
|
tomcat_use_log4j: true
|
|
tomcat_install_the_log4j_properties: true
|
|
tomcat_retain_old_logs: 30
|
|
tomcat_log_rotation_threshold: "ALL"
|
|
tomcat_log_max_file_size: "100MB"
|
|
tomcat_log_level: INFO
|
|
tomcat_log_logger: CATALINA
|
|
tomcat_access_log_enabled: true
|
|
tomcat_access_log_rotation_freq: "daily"
|
|
#
|
|
# Define them if you want to send all the logs to an ELK installation
|
|
tomcat_send_to_logstash: false
|
|
tomcat_logstash_collector_host: logstash
|
|
tomcat_logstash_collector_socketappender_port: 4560
|
|
tomcat_logstash_collector_socketappender_reconndelay: 10000
|
|
# Set to LOGSTASH only if you do not want local logs
|
|
tomcat_logstash_logger: CATALINA, LOGSTASH
|
|
|
|
|
|
# tomcat_access_log_file_name: localhost_access.log
|
|
#
|
|
# Administrative interface
|
|
tomcat_install_admin: false
|
|
tomcat_manager_gui_user_enabled: true
|
|
tomcat_manager_gui_user: guiadmin
|
|
tomcat_manager_gui_r: "manager-gui"
|
|
# tomcat_manager_gui_pwd: *See the vault file*
|
|
tomcat_manager_script_user_enabled: false
|
|
tomcat_manager_script_user: scriptadmin
|
|
tomcat_manager_script_r: "manager-script"
|
|
# tomcat_manager_script_pwd: *See the vault file*
|
|
tomcat_manager_jmx_user_enabled: false
|
|
tomcat_manager_jmx_user: jmxadmin
|
|
tomcat_manager_jmx_r: "manager-jmx"
|
|
# tomcat_manager_jmx_pwd: *See the vault file*
|
|
tomcat_manager_status_user_enabled: false
|
|
tomcat_manager_status_user: statusadmin
|
|
tomcat_manager_status_r: "manager-status"
|
|
# tomcat_manager_status_pwd: *See the vault file*
|
|
#
|
|
tomcat_install_jdbc: false
|
|
tomcat_install_pg_jdbc: '{{ tomcat_install_jdbc }}'
|
|
# Not used yet
|
|
tomcat_install_mysql_jdbc: false
|