ansible-role-tomcat/defaults/main.yml

138 lines
5.2 KiB
YAML

---
# The tomcat version is set at runtime. It changes from one distribution to the other.
# tomcat_version: 7
# To force a tomcat version set the following variable:
# tomcat_fixed_version: 9
tomcat_pkg_state: present
tomcat_service_enabled: true
tomcat_pkgs:
- 'tomcat{{ tomcat_version }}'
- 'libtomcat{{ tomcat_version }}-java'
- 'tomcat{{ tomcat_version }}-common'
- libapr1
tomcat8_additional_pkgs:
- jsvc
- libcommons-daemon-java
tomcat_user: "{% if tomcat_version is version_compare('10', '<') %}tomcat{{ tomcat_version }}{% else %}tomcat{% endif %}"
tomcat_max_threads: 200
tomcat_min_heap_size: 2048m
tomcat_permgen_defined: true
tomcat_heap_size: '{{ tomcat_min_heap_size }}'
tomcat_permgen_size: 512m
tomcat_file_encoding: 'UTF-8'
tomcat_java_opts: "-Xms{{ tomcat_min_heap_size }} -Xmx{{ tomcat_heap_size }}"
tomcat_additional_java_8_opts: "-XX:+CrashOnOutOfMemoryError"
tomcat_java_gc_opts: "-XX:+UseConcMarkSweepGC"
# tomcat_other_java_opts: "-Djsse.enableSNIExtension=false"
tomcat_proxy_enabled: false
tomcat_proxy_http_host: 'localhost'
tomcat_proxy_http_port: '3128'
tomcat_proxy_https_host: '{{ tomcat_proxy_http_host }}'
tomcat_proxy_https_port: '{{ tomcat_proxy_http_port }}'
tomcat_proxy_opts: "-DproxySet=true -Dhttp.proxyHost={{ tomcat_proxy_http_host }} -Dhttp.proxyPort={{ tomcat_proxy_http_port }} -Dhttps.proxyHost={{ tomcat_proxy_https_host }} -Dhttps.proxyPort={{ tomcat_proxy_https_port }}"
tomcat_other_java_opts: ""
tomcat_install_server_xml: true
tomcat_install_default_conf: true
tomcat_load_additional_default_conf: true
tomcat_http_enabled: true
tomcat_http_port: 8080
tomcat_http_address: 0.0.0.0
tomcat_webapps_autodeploy: false
tomcat_webapps_unpack: false
tomcat_ajp_enabled: false
tomcat_ajp_port: 8009
tomcat_ajp_address: 127.0.0.1
tomcat_direct_access: false
tomcat_reverse_proxy_name_enabled: false
tomcat_reverse_proxy_name: '{{ ansible_fqdn }}'
tomcat_reverse_proxy_port: '{{ http_port | default(80) }}'
# There is a bug that kills tomcat after 50 days if the shutdown port is enabled
# Disable the shutdown port by default
# tomcat_shutdown_port: 8005
tomcat_shutdown_port: -1
tomcat_shutdown_pwd: "{{ lookup('password', '/tmp/passwordfile chars=ascii_letters,digits') }}"
tomcat_restart_timeout: 300
tomcat_max_post_size: 1000000
tomcat_catalina_home_dir: '/usr/share/tomcat{{ tomcat_version }}'
tomcat_catalina_base_dir: '/var/lib/tomcat{{ tomcat_version }}'
tomcat_conf_dir: '/etc/tomcat{{ tomcat_version }}'
tomcat_webapps_dir: '{{ tomcat_catalina_base_dir }}/webapps'
tomcat_common_dir: '{{ tomcat_catalina_base_dir }}/common/'
tomcat_common_classes_dir: '{{ tomcat_catalina_base_dir }}/common/classes'
tomcat_tmp_dir: '{{ tomcat_catalina_base_dir }}/tmp/tomcat'
tomcat_enable_catalina_shared_loader: true
tomcat_catalina_shared_loader_path: '${catalina.home}/shared/classes,${catalina.home}/shared/*.jar,${catalina.base}/shared/classes,${catalina.base}/shared/*.jar'
# JMX and debugging
tomcat_enable_remote_debugging: false
tomcat_remote_debugging_host: '0.0.0.0'
tomcat_remote_debugging_port: ':8100'
tomcat_remote_debugging_uri: '{{ tomcat_remote_debugging_host }}:{{ tomcat_remote_debugging_port }}'
#
tomcat_jmx_enabled: false
tomcat_jmx_auth_enabled: false
tomcat_jmx_port: 8082
tomcat_jmx_auth_dir: '{{ tomcat_conf_dir }}'
tomcat_jmx_use_ssl: false
# The following work with jdk >= 7.0.25 only
tomcat_jmx_disable_additional_ports: true
tomcat_jmx_localhost_only: false
# tomcat_jmx_monitorpass: define_in_a_vault_file
# tomcat_jmx_controlpass: define_in_a_vault_file
# Metrics monitoring via javamelody
tomcat_javamelody: false
# tomcat_javamelody_version: latest
tomcat_javamelody_version: 1.82.0
# tomcat logging
tomcat_logdir: '/var/log/tomcat{{ tomcat_version }}'
tomcat_use_log4j: true
tomcat_install_the_log4j_properties: true
tomcat_retain_old_logs: 30
tomcat_log_rotation_threshold: "ALL"
tomcat_log_max_file_size: "100MB"
tomcat_log_level: INFO
tomcat_log_logger: CATALINA
tomcat_access_log_enabled: true
tomcat_access_log_rotation_freq: "daily"
#
# Define them if you want to send all the logs to an ELK installation
tomcat_send_to_logstash: false
tomcat_logstash_collector_host: logstash
tomcat_logstash_collector_socketappender_port: 4560
tomcat_logstash_collector_socketappender_reconndelay: 10000
# Set to LOGSTASH only if you do not want local logs
tomcat_logstash_logger: CATALINA, LOGSTASH
# tomcat_access_log_file_name: localhost_access.log
#
# Administrative interface
tomcat_install_admin: false
tomcat_manager_gui_user_enabled: true
tomcat_manager_gui_user: guiadmin
tomcat_manager_gui_r: "manager-gui"
# tomcat_manager_gui_pwd: *See the vault file*
tomcat_manager_script_user_enabled: false
tomcat_manager_script_user: scriptadmin
tomcat_manager_script_r: "manager-script"
# tomcat_manager_script_pwd: *See the vault file*
tomcat_manager_jmx_user_enabled: false
tomcat_manager_jmx_user: jmxadmin
tomcat_manager_jmx_r: "manager-jmx"
# tomcat_manager_jmx_pwd: *See the vault file*
tomcat_manager_status_user_enabled: false
tomcat_manager_status_user: statusadmin
tomcat_manager_status_r: "manager-status"
# tomcat_manager_status_pwd: *See the vault file*
#
tomcat_install_jdbc: false
tomcat_install_pg_jdbc: '{{ tomcat_install_jdbc }}'
# Not used yet
tomcat_install_mysql_jdbc: false