diff --git a/library/roles/apache/defaults/main.yml b/library/roles/apache/defaults/main.yml
deleted file mode 100644
index 4da45fe..0000000
--- a/library/roles/apache/defaults/main.yml
+++ /dev/null
@@ -1,95 +0,0 @@
-apache_service_enabled: True
-apache_user: www-data
-apache_pkg_state: latest
-apache_group: '{{ apache_user }}'
-apache_from_ppa: False
-apache_ppa_repo: 'ppa:ondrej/apache2'
- - 80
- - '{{ apache_ssl_port }}'
-# Possible choices: event, prefork (the old ones), worker (the threaded version), itm
-apache_mpm_mode: worker
- - apache2
- - apache2-utils
- - libapache2-mod-xsendfile
- - unzip
- - zip
- - 'apache2-mpm-{{ apache_mpm_mode }}'
-# Only one can be present at the same time. It needs to be listed as the last one
-# - { name: 'mpm_itm', state: 'absent' }
- - { name: 'mpm_event', state: 'absent' }
- - { name: 'mpm_prefork', state: 'absent' }
- - { name: 'mpm_{{ apache_mpm_mode }}', state: 'present' }
-# apache RPAF is needed to obtain the real client addresses when behind a reverse proxy
-apache_rpaf_install: False
- - headers
- - rewrite
- - expires
- - xsendfile
-apache_ssl_modules_enabled: True
-apache_ssl_port: 443
- - ssl
- - socache_shmcb
-apache_http_proxy_modules_enabled: False
- - proxy
- - proxy_ajp
- - proxy_http
-apache_status_module: True
-apache_status_location: '/server-status'
- -
-apache_info_module: True
-apache_info_location: '/server-info'
- -
-apache_basic_auth: False
-apache_basic_auth_single_file: True
-apache_basic_auth_dir: /etc/apache2/auth
-apache_basic_auth_file: '{{ apache_basic_auth_dir }}/htpasswd'
- - auth_basic
- - authn_file
- - authz_user
-# Put them in a vault file. auth_file is optional. Not used when apache_basic_auth_single_file is true
-# apache_basic_users:
-# - { username:'', password:'', state:'present,absent', auth_file:'path_to_file' }
-apache_additional_packages: False
-# - libapache2-mod-uwsgi
-# - ...
-# Set this variable to load the modules you need
-apache_additional_modules: False
-apache_additional_modules_list: []
-# -
-# -
-apache_letsencrypt_managed: True
- - proxy
- - proxy_http
- - letsencrypt-proxy.conf
diff --git a/library/roles/apache/files/apache-letsencrypt-acme.sh b/library/roles/apache/files/apache-letsencrypt-acme.sh
deleted file mode 100644
index 5d10a4e..0000000
--- a/library/roles/apache/files/apache-letsencrypt-acme.sh
+++ /dev/null
@@ -1,25 +0,0 @@
-DATE=$( date )
-[ ! -d $LE_LOG_DIR ] && mkdir $LE_LOG_DIR
-echo "$DATE" >> $LE_LOG_DIR/apache.log
-if [ -f /etc/default/letsencrypt ] ; then
- . /etc/default/letsencrypt
- echo "No letsencrypt default file" >> $LE_LOG_DIR/apache.log
-echo "Reload the apache service" >> $LE_LOG_DIR/apache.log
-if [ -x /bin/systemctl ] ; then
- systemctl reload apache2 >> $LE_LOG_DIR/apache.log 2>&1
- service apache2 reload >> $LE_LOG_DIR/apache.log 2>&1
-echo "Done." >> $LE_LOG_DIR/apache.log
-exit 0
diff --git a/library/roles/apache/handlers/main.yml b/library/roles/apache/handlers/main.yml
deleted file mode 100644
index a4fd00a..0000000
--- a/library/roles/apache/handlers/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-- name: apache2 reload
- service: name=apache2 state=reloaded
-- name: apache2 restart
- service: name=apache2 state=restarted
diff --git a/library/roles/apache/tasks/apache-basic-auth.yml b/library/roles/apache/tasks/apache-basic-auth.yml
deleted file mode 100644
index c0ae1c3..0000000
--- a/library/roles/apache/tasks/apache-basic-auth.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-- name: Load the basic auth modules
- apache2_module: name={{ item }} state=present
- with_items: '{{ apache_basic_auth_modules }}'
- notify: apache2 reload
- tags:
- - apache
- - apache_basic_auth
-- name: Create the authentication directory
- file: path={{ apache_basic_auth_dir }} mode=0750 owner=root group={{ apache_group }} state=directory
- tags:
- - apache
- - apache_basic_auth
-- name: Install the python-passlib library
- apt: pkg=python-passlib state=present
- tags:
- - apache
- - apache_basic_auth
-- name: Create the basic auth file when it is unique to all the virtualhosts
- htpasswd: path={{ apache_basic_auth_file }} name={{ item.username }} password={{ item.password }} create=yes state={{ item.state }} owner=root group={{ apache_group }} mode=0640
- when: apache_basic_users is defined and apache_basic_auth_single_file
- with_items: '{{ apache_basic_users }}'
- tags:
- - apache
- - apache_basic_auth
-- name: Create the basic auth files
- htpasswd: path={{ item.auth_file }} name={{ item.username }} password={{ item.password }} create=yes state={{ item.state }} owner=root group={{ apache_group }} mode=0640
- with_items: '{{ apache_basic_users | default([]) }}'
- when: apache_basic_users is defined and not apache_basic_auth_single_file
- tags:
- - apache
- - apache_basic_auth
diff --git a/library/roles/apache/tasks/apache-letsencrypt.yml b/library/roles/apache/tasks/apache-letsencrypt.yml
deleted file mode 100644
index 86928be..0000000
--- a/library/roles/apache/tasks/apache-letsencrypt.yml
+++ /dev/null
@@ -1,43 +0,0 @@
-- block:
- - name: Enable the proxy modules needed by letsencrypt
- apache2_module: name={{ item }} state=present
- with_items: '{{ apache_letsencrypt_proxy_modules }}'
- ignore_errors: True
- notify: apache2 reload
- - name: Install the apache letsencrypt directives on trusty
- template: src={{ item }}.j2 dest=/etc/apache2/conf-available/{{ item }} owner=root group=root mode=0644
- with_items: '{{ apache_letsencrypt_proxy_conf }}'
- ignore_errors: True
- notify: apache2 reload
- - name: Enable the apache letsencrypt directives on trusty
- file: src=/etc/apache2/conf-available/{{ item }} dest=/etc/apache2/conf-enabled/{{ item }} state=link
- with_items: '{{ apache_letsencrypt_proxy_conf }}'
- ignore_errors: True
- notify: apache2 reload
- - name: Create the acme hooks directory if it does not yet exist
- file: dest={{ letsencrypt_acme_services_scripts_dir }} state=directory owner=root group=root
- - name: Install a letsencrypt hook for apache
- copy: src=apache-letsencrypt-acme.sh dest={{ letsencrypt_acme_services_scripts_dir }}/apache2 owner=root group=root mode=4555
- when:
- - letsencrypt_acme_install is defined and letsencrypt_acme_install | bool
- - apache_letsencrypt_managed | bool
- tags: [ 'apache', 'letsencrypt' ]
-- block:
- - name: Disable the letsencrypt conf
- file: dest=/etc/apache2/conf-enabled/letsencrypt-proxy.conf state=absent
- ignore_errors: True
- notify: apache2 reload
- - name: Remove the letsencrypt hook for apache
- file: path={{ letsencrypt_acme_services_scripts_dir }}/apache2 state=absent
- when: not apache_letsencrypt_managed | bool
- tags: [ 'apache', 'letsencrypt' ]
diff --git a/library/roles/apache/tasks/apache-modules.yml b/library/roles/apache/tasks/apache-modules.yml
deleted file mode 100644
index cfe9423..0000000
--- a/library/roles/apache/tasks/apache-modules.yml
+++ /dev/null
@@ -1,74 +0,0 @@
-- name: Load the required modules
- apache2_module: name={{ item }} state=present force=yes
- with_items: '{{ apache_default_modules }}'
- notify: apache2 reload
- ignore_errors: True
- tags: [ 'apache', 'apache_modules' ]
-- name: Install the libapache2-mod-rpaf module
- apt: pkg=libapache2-mod-rpaf state=present
- when: apache_rpaf_install | bool
- tags: [ 'apache', 'apache_mods', 'apache_rpaf' ]
-- name: Enable the apache rpaf module
- apache2_module: name=rpaf state=present
- when: apache_rpaf_install | bool
- notify: apache2 reload
- tags: [ 'apache', 'apache_mods', 'apache_rpaf' ]
-- name: Load the apache ssl modules
- apache2_module: name={{ item }} state=present
- with_items: '{{ apache_ssl_modules }}'
- when: apache_ssl_modules_enabled | bool
- notify: apache2 reload
- tags: [ 'apache', 'apache_mods' ]
-- name: Load some apache proxy modules
- apache2_module: name={{ item }} state=present
- with_items: '{{ apache_http_proxy_modules }}'
- when: apache_http_proxy_modules_enabled | bool
- notify: apache2 reload
- tags: [ 'apache', 'apache_mods' ]
-- name: Load additional apache modules if any
- apache2_module: name={{ item }} state=present
- with_items: '{{ apache_additional_modules_list | default ([]) }}'
- when: apache_additional_modules | bool
- notify: apache2 reload
- tags: [ 'apache', 'apache_mods' ]
-- name: Disable apache modules if any
- apache2_module: name={{ item }} state=absent
- with_items: '{{ apache_modules_to_be_removed | default ([]) }}'
- notify: apache2 reload
- tags: [ 'apache', 'apache_mods' ]
-- name: Load the apache status module
- apache2_module: name={{ item }} state=present
- with_items: status
- when: apache_status_module | bool
- notify: apache2 reload
- tags: [ 'apache', 'apache_mods', 'apache_status' ]
-- name: Configure the apache status module
- template: src={{ item }}.j2 dest=/etc/apache2/mods-available/{{ item }} owner=root group=root mode=0644
- with_items: status.conf
- when: apache_status_module | bool
- notify: apache2 reload
- tags: [ 'apache', 'apache_mods', 'apache_status' ]
-- name: Load the apache info module
- apache2_module: name={{ item }} state=present
- with_items: info
- when: apache_info_module | bool
- notify: apache2 reload
- tags: [ 'apache', 'apache_mods', 'apache_info' ]
-- name: Configure the apache info module
- template: src={{ item }}.j2 dest=/etc/apache2/mods-available/{{ item }} owner=root group=root mode=0644
- with_items: info.conf
- when: apache_info_module | bool
- notify: apache2 reload
- tags: [ 'apache', 'apache_mods', 'apache_info' ]
diff --git a/library/roles/apache/tasks/apache-ppa.yml b/library/roles/apache/tasks/apache-ppa.yml
deleted file mode 100644
index 33a1099..0000000
--- a/library/roles/apache/tasks/apache-ppa.yml
+++ /dev/null
@@ -1,14 +0,0 @@
-- block:
- - name: Install the Ubuntu apache PPA
- apt_repository: repo='{{ apache_ppa_repo }}' update_cache=yes
- when: apache_from_ppa
- tags: [ 'apache', 'apache_ppa' ]
-- block:
- - name: Remove the Ubuntu apache PPA
- apt_repository: repo='{{ apache_ppa_repo }}' update_cache=yes state=absent
- when: not apache_from_ppa
- tags: [ 'apache', 'apache_ppa' ]
diff --git a/library/roles/apache/tasks/apache.yml b/library/roles/apache/tasks/apache.yml
deleted file mode 100644
index 9b80938..0000000
--- a/library/roles/apache/tasks/apache.yml
+++ /dev/null
@@ -1,44 +0,0 @@
-- name: Install the apache packages
- apt: pkg={{ item }} state={{ apache_pkg_state }} update_cache=yes cache_valid_time=3600
- with_items: '{{ apache_packages }}'
- tags: [ 'apache', 'apache_main_packages' ]
-- name: Install the apache modules packages
- apt: pkg={{ item }} state={{ apache_pkg_state }} update_cache=yes cache_valid_time=3600
- with_items: '{{ apache_modules_packages }}'
- when:
- - not apache_from_ppa
- - is_trusty
- tags: [ 'apache', 'apache_additional_packages' ]
-- name: Install the apache additional packages, if any
- apt: pkg={{ item }} state={{ apache_pkg_state }} update_cache=yes cache_valid_time=3600
- with_items: '{{ apache_additional_packages_list }}'
- when: apache_additional_packages
- tags: [ 'apache', 'apache_additional_packages' ]
-- name: Instal the ports conf file
- template: src=ports.conf dest=/etc/apache2/ports.conf
- notify: apache2 reload
- tags: [ 'apache', 'apache_conf' ]
-- name: Remove the default virtualhost file
- file: dest=/etc/apache2/sites-enabled/{{ item }} state=absent
- with_items:
- - 000-default
- - 000-default.conf
- notify: apache2 reload
- tags: apache
-- name: Ensure that the apache service is enabled and started
- service: name=apache2 state=started enabled=yes
- when: apache_service_enabled
- ignore_errors: True
- tags: apache
-- name: Ensure that the apache service is disabled and stopped if we do not want it running
- service: name=apache2 state=stopped enabled=no
- when: not apache_service_enabled
- ignore_errors: True
- tags: apache
diff --git a/library/roles/apache/tasks/main.yml b/library/roles/apache/tasks/main.yml
deleted file mode 100644
index 2370761..0000000
--- a/library/roles/apache/tasks/main.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-- import_tasks: apache-ppa.yml
-- import_tasks: apache.yml
-- import_tasks: apache-modules.yml
-- import_tasks: apache-basic-auth.yml
- when: apache_basic_auth
-- import_tasks: apache-letsencrypt.yml
- when: letsencrypt_acme_install is defined and letsencrypt_acme_install
diff --git a/library/roles/apache/templates/info.conf.j2 b/library/roles/apache/templates/info.conf.j2
deleted file mode 100644
index 413dfc2..0000000
--- a/library/roles/apache/templates/info.conf.j2
+++ /dev/null
@@ -1,20 +0,0 @@
- # Allow remote server configuration reports, with the URL of
- # http://servername/server-info (requires that mod_info.c be loaded).
- # Uncomment and change the "" to allow access from other hosts.
- #
- SetHandler server-info
- Require local
- {% if nagios_monitoring_server_ip is defined %}
- {% for addr in nagios_monitoring_server_ip %}
- Require ip {{ addr }}
- {% endfor %}
- {% endif %}
- {% for addr in apache_info_allowed_hosts %}
- Require ip {{ addr }}
- {% endfor %}
diff --git a/library/roles/apache/templates/letsencrypt-proxy.conf.j2 b/library/roles/apache/templates/letsencrypt-proxy.conf.j2
deleted file mode 100644
index 4dddd47..0000000
--- a/library/roles/apache/templates/letsencrypt-proxy.conf.j2
+++ /dev/null
@@ -1 +0,0 @@
-ProxyPass "/.well-known/acme-challenge" "{{ letsencrypt_acme_standalone_port}}/.well-known/acme-challenge"
diff --git a/library/roles/apache/templates/ports.conf b/library/roles/apache/templates/ports.conf
deleted file mode 100644
index bc9e42f..0000000
--- a/library/roles/apache/templates/ports.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-{% for port in apache_listen_ports %}
-Listen {{ port }}
-{% endfor %}
diff --git a/library/roles/apache/templates/status.conf.j2 b/library/roles/apache/templates/status.conf.j2
deleted file mode 100644
index 28d37ed..0000000
--- a/library/roles/apache/templates/status.conf.j2
+++ /dev/null
@@ -1,32 +0,0 @@
- # Allow server status reports generated by mod_status,
- # with the URL of http://servername/server-status
- # Uncomment and change the "" to allow access from other hosts.
- SetHandler server-status
- Require local
- {% if nagios_monitoring_server_ip is defined %}
- {% for addr in nagios_monitoring_server_ip %}
- Require ip {{ addr }}
- {% endfor %}
- {% endif %}
- {% for addr in apache_status_allowed_hosts %}
- Require ip {{ addr }}
- {% endfor %}
- # Keep track of extended status information for each request
- ExtendedStatus On
- # Determine if mod_status displays the first 63 characters of a request or
- # the last 63, assuming the request itself is greater than 63 chars.
- # Default: Off
- #SeeRequestTail On
- # Show Proxy LoadBalancer status in mod_status
- ProxyStatus On
\ No newline at end of file
diff --git a/library/roles/ldap-client-config/defaults/main.yml b/library/roles/ldap-client-config/defaults/main.yml
deleted file mode 100644
index 8ed5907..0000000
--- a/library/roles/ldap-client-config/defaults/main.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-ldap_uri: "ldap://ldap.sub.research-infrastructures.eu"
-ldap_base_dn: "dc=research-infrastructures,dc=eu"
-ldap_tls_cacert: /etc/ssl/certs/ca-certificates.crt
diff --git a/library/roles/ldap-client-config/tasks/main.yml b/library/roles/ldap-client-config/tasks/main.yml
deleted file mode 100644
index c4b4e76..0000000
--- a/library/roles/ldap-client-config/tasks/main.yml
+++ /dev/null
@@ -1,33 +0,0 @@
-- name: Install the ldap utilities
- apt: pkg={{ item }} state={{ pkg_state }}
- with_items:
- - ldapscripts
- - libpam-ldap
- tags: ldap-client
-- name: Write the ldap client configuration file
- template: src=ldap.conf-old.j2 dest=/etc/ldap.conf mode=444 owner=root group=root
- when: is_ubuntu_less_than_trusty
- tags: ldap-client
-- name: Write the ldap client configuration file
- template: src=ldap.conf.j2 dest=/etc/ldap/ldap.conf mode=444 owner=root group=root
- when: is_trusty
- tags: ldap-client
-- name: set the ldapscripts.conf uri
- action: configfile path=/etc/ldapscripts/ldapscripts.conf key=SERVER value='{{ ldap_uri }}' syntax=shell
- when: is_trusty
- tags: ldap-client
-- name: set the ldapscripts.conf bind dn
- action: configfile path=/etc/ldapscripts/ldapscripts.conf key=BINDDN value='cn=admin,{{ ldap_base_dn }}' syntax=shell
- when: is_trusty
- tags: ldap-client
-- name: set the ldapscripts.conf dn suffix
- action: configfile path=/etc/ldapscripts/ldapscripts.conf key=SUFFIX value='{{ ldap_base_dn }}' syntax=shell
- when: is_trusty
- tags: ldap-client
diff --git a/library/roles/ldap-client-config/templates/ldap.conf-old.j2 b/library/roles/ldap-client-config/templates/ldap.conf-old.j2
deleted file mode 100644
index 3875447..0000000
--- a/library/roles/ldap-client-config/templates/ldap.conf-old.j2
+++ /dev/null
@@ -1,11 +0,0 @@
-# The distinguished name of the search base.
-BASE {{ ldap_base_dn }}
-# Another way to specify your LDAP server is to provide an
-URI {{ ldap_uri }}
-# The LDAP version to use (defaults to 3
-# if supported by client library)
-ldap_version 3
-nss_initgroups_ignoreusers avahi,backup,bin,daemon,games,gnats,irc,libuuid,list,lp,mail,man,messagebus,munin,news,nslcd,proxy,root,rstudio-server,sshd,sync,sys,syslog,uucp,www-data
diff --git a/library/roles/ldap-client-config/templates/ldap.conf.j2 b/library/roles/ldap-client-config/templates/ldap.conf.j2
deleted file mode 100644
index ae1526d..0000000
--- a/library/roles/ldap-client-config/templates/ldap.conf.j2
+++ /dev/null
@@ -1,14 +0,0 @@
-# The distinguished name of the search base.
-BASE {{ ldap_base_dn }}
-# Another way to specify your LDAP server is to provide an
-URI {{ ldap_uri }}
-# The LDAP version to use (defaults to 3
-# if supported by client library)
-ldap_version 3
-nss_initgroups_ignoreusers avahi,backup,bin,daemon,games,gnats,irc,libuuid,list,lp,mail,man,messagebus,munin,news,nslcd,proxy,root,rstudio-server,sshd,sync,sys,syslog,uucp,www-data
-# TLS certificates (needed for GnuTLS)
-TLS_CACERT {{ ldap_tls_cacert }}
diff --git a/library/roles/letsencrypt-acmetool-client/defaults/main.yml b/library/roles/letsencrypt-acmetool-client/defaults/main.yml
deleted file mode 100644
index 0ebd556..0000000
--- a/library/roles/letsencrypt-acmetool-client/defaults/main.yml
+++ /dev/null
@@ -1,47 +0,0 @@
-letsencrypt_acme_install: False
-# Set to false if a binary installation is needed (unsupported distributions)
-letsencrypt_pkg_install: True
-letsencrypt_acme_pkg_state: latest
- - acmetool
- - libcap2-bin
-letsencrypt_acme_ppa_repo: 'ppa:hlandau/rhea'
-letsencrypt_acme_debian_repo: 'deb http://ppa.launchpad.net/hlandau/rhea/ubuntu xenial main'
-letsencrypt_acme_debian_repo_key: '9862409EF124EC763B84972FF5AC9651EDB58DFA'
-letsencrypt_acme_user: acme
-letsencrypt_acme_user_home: /var/lib/acme
-letsencrypt_acme_log_dir: /var/log/acme
-letsencrypt_acme_command: acmetool
-letsencrypt_acme_command_opts: '--hooks={{ letsencrypt_acme_services_scripts_dir }} --batch --xlog.syslog --xlog.syslogseverity=INFO --xlog.file="{{ letsencrypt_acme_log_dir }}/certrequest.log" --xlog.fileseverity=TRACE'
-letsencrypt_acme_config_dir: '{{ letsencrypt_acme_user_home }}/conf'
-letsencrypt_acme_certsconf_dir: '{{ letsencrypt_acme_user_home }}/desired'
-letsencrypt_acme_dest_dir: '{{ ansible_fqdn }}'
-letsencrypt_acme_certs_dir: '{{ letsencrypt_acme_user_home }}/live/{{ letsencrypt_acme_dest_dir }}'
-# The various services maintainers need to put the reconfigure/restart scripts there
-letsencrypt_acme_services_scripts_dir: /usr/lib/acme/hooks
-# responses parameters
-letsencrypt_tos_url: 'https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
-letsencrypt_acme_agree_tos: true
-letsencrypt_acme_rsa_key_size: 4096
-letsencrypt_ocsp_must_staple: False
-# rsa|ecdsa
-letsencrypt_acme_key_type: ecdsa
-letsencrypt_acme_ecdsa_curve: nistp256
-letsencrypt_acme_email: sysadmin@example.com
-letsencrypt_specify_key_id: False
-letsencrypt_key_id: 'some random string'
-# We 'listener' or 'proxy'. Use 'listener' if we need a certificate for a non web service or before the web service has been configured.
-# Need to set cap_net_bind_service=+ep for the acmetool binary so that it is able to bind port 80 in that case.
-letsencrypt_acme_authenticator: listener
-letsencrypt_acme_cron_day_of_month: '*'
-letsencrypt_acme_cron_hour: '{{ range(1, 4) | random }}'
-letsencrypt_acme_cron_minute: '{{ range(0, 59) | random }}'
-# desired parameters
- - '{{ ansible_fqdn }}'
-letsencrypt_acme_standalone_port: 4402
diff --git a/library/roles/letsencrypt-acmetool-client/handlers/main.yml b/library/roles/letsencrypt-acmetool-client/handlers/main.yml
deleted file mode 100644
index 9d1c6a9..0000000
--- a/library/roles/letsencrypt-acmetool-client/handlers/main.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-- name: Initialize letsencrypt acmetool
- become: True
- become_user: '{{ letsencrypt_acme_user }}'
- command: '/usr/local/bin/acme-cert-request > {{ letsencrypt_acme_log_dir }}/acme-cron.log 2>&1'
- when: letsencrypt_acme_install
- ignore_errors: True
diff --git a/library/roles/letsencrypt-acmetool-client/tasks/main.yml b/library/roles/letsencrypt-acmetool-client/tasks/main.yml
deleted file mode 100644
index 040b2dd..0000000
--- a/library/roles/letsencrypt-acmetool-client/tasks/main.yml
+++ /dev/null
@@ -1,143 +0,0 @@
-- name: Install the letsencrypt acmetool repo on ubuntu
- apt_repository: repo={{ letsencrypt_acme_ppa_repo }} state=present update_cache=yes
- when:
- - letsencrypt_acme_install
- - is_trusty
- - letsencrypt_pkg_install
- notify: Initialize letsencrypt acmetool
- tags: letsencrypt
-- name: Install the letsencrypt acmetool repo key on debian
- apt_key: keyserver=keyserver.ubuntu.com id={{ letsencrypt_acme_debian_repo_key }}
- when:
- - letsencrypt_acme_install
- - is_debian
- - letsencrypt_pkg_install
- tags: letsencrypt
-- name: Install the letsencrypt acmetool repo on debian
- apt_repository: repo={{ letsencrypt_acme_debian_repo }} state=present update_cache=yes
- when:
- - letsencrypt_acme_install
- - is_debian
- - letsencrypt_pkg_install
- notify: Initialize letsencrypt acmetool
- tags: letsencrypt
-- name: Create the letsencrypt acme user
- user: name={{ letsencrypt_acme_user }} home={{ letsencrypt_acme_user_home }} createhome=no shell=/usr/sbin/nologin system=yes
- when: letsencrypt_acme_install
- tags: [ 'letsencrypt', 'letsencrypt_user' ]
-- name: Create the letsencrypt acme home, if it does not exist already. In a separate step because it could be already there.
- file: dest={{ letsencrypt_acme_user_home }} owner={{ letsencrypt_acme_user }} group={{ letsencrypt_acme_user }} state=directory recurse=yes
- when: letsencrypt_acme_install
- tags: letsencrypt
-- name: Install the letsencrypt acmetool package and some deps
- apt: pkg={{ letsencrypt_acme_pkgs }} state={{ letsencrypt_acme_pkg_state }} update_cache=yes cache_valid_time=3600
- when:
- - letsencrypt_acme_install
- - letsencrypt_pkg_install
- tags: letsencrypt
-- name: Create the letsencrypt acme config directory
- become: True
- become_user: '{{ letsencrypt_acme_user }}'
- file: dest={{ letsencrypt_acme_config_dir }} state=directory mode=0755
- when: letsencrypt_acme_install
- tags: letsencrypt
-- name: Create the letsencrypt acme desired domains directory
- become: True
- become_user: '{{ letsencrypt_acme_user }}'
- file: dest={{ letsencrypt_acme_certsconf_dir }} state=directory mode=0755
- when: letsencrypt_acme_install
- tags: letsencrypt
-- name: Create the letsencrypt acme hooks directory
- file: dest={{ letsencrypt_acme_services_scripts_dir }} state=directory owner=root group=root mode=0755
- when: letsencrypt_acme_install
- tags: letsencrypt
-- name: Install a default file that shell scripts can include
- template: src=letsencrypt-default.j2 dest=/etc/default/letsencrypt owner=root group=root mode=0644
- when: letsencrypt_acme_install
- tags: letsencrypt
-- name: Install the letsencrypt acme responses file
- become: True
- become_user: '{{ letsencrypt_acme_user }}'
- template: src=responses.j2 dest={{ letsencrypt_acme_config_dir }}/responses mode=0644
- when: letsencrypt_acme_install
- tags: [ 'letsencrypt', 'letsencrypt_responses' ]
-- name: Install the letsencrypt acme certs config file
- become: True
- become_user: '{{ letsencrypt_acme_user }}'
- template: src=cert-requirements.j2 dest={{ letsencrypt_acme_certsconf_dir }}/{{ ansible_fqdn }} mode=0644
- when: letsencrypt_acme_install
- register: letsencrypt_new_desired_file
- tags: letsencrypt
-- name: Set the cap_net_bind_service capability to the acmetool binary when we use it in listener mode
- capabilities: path=/usr/bin/acmetool capability=cap_net_bind_service+ep state=present
- when:
- - letsencrypt_acme_install
- - letsencrypt_acme_authenticator == 'listener'
- tags: letsencrypt
-- name: Remove the cap_net_bind_service capability to the acmetool binary if not needed
- capabilities: path=/usr/bin/acmetool capability=cap_net_bind_service+ep state=absent
- when:
- - letsencrypt_acme_install
- - letsencrypt_acme_authenticator != 'listener'
- ignore_errors: True
- tags: letsencrypt
-- name: Install the sudoers config needed to run the acmetool hooks
- template: src=acme-sudoers.j2 dest=/etc/sudoers.d/letsencrypt-acme owner=root group=root mode=0440
- when: letsencrypt_acme_install
- tags: letsencrypt
-- name: Create a directory where to put the cron job and hooks logs
- file: dest={{ letsencrypt_acme_log_dir }} state=directory owner={{ letsencrypt_acme_user }} group={{ letsencrypt_acme_user }} mode=0750
- when: letsencrypt_acme_install
- tags: letsencrypt
-- name: Install a script that requests the certificates and manage the self signed certificate
- template: src=acme-cert-request.sh.j2 dest=/usr/local/bin/acme-cert-request owner=root group=root mode=0755
- when: letsencrypt_acme_install
- tags: [ 'letsencrypt', 'letsencrypt_cron', 'letsencrypt_hook' ]
-- name: Set certificates as to be revoked
- become: True
- become_user: '{{ letsencrypt_acme_user }}'
- file: dest={{ letsencrypt_acme_user_home }}certs/{{ item.cert_name }}/revoke
- with_items: '{{ letsencrypt_certs_revoke_list }}'
- when:
- - letsencrypt_acme_install
- - letsencrypt_certs_revoke_list is defined
- tags: letsencrypt
-- name: Remove the old cron script
- file: dest=/usr/local/bin/cron-acme-cert-request state=absent
- when: letsencrypt_acme_install
- tags: [ 'letsencrypt', 'letsencrypt_cron' ]
-- name: Install a daily cron job to renew the certificates when needed
- become: True
- become_user: '{{ letsencrypt_acme_user }}'
- cron: name="Letsencrypt certificate renewal" day={{ letsencrypt_acme_cron_day_of_month }} hour={{ letsencrypt_acme_cron_hour }} minute={{ letsencrypt_acme_cron_minute }} job="/usr/local/bin/acme-cert-request > {{ letsencrypt_acme_log_dir }}/acme-cron.log 2>&1"
- when: letsencrypt_acme_install
- tags: [ 'letsencrypt', 'letsencrypt_cron' ]
-- name: letsencrypt acmetool request the first certificate
- become: True
- become_user: '{{ letsencrypt_acme_user }}'
- command: '/usr/local/bin/acme-cert-request'
- when: letsencrypt_new_desired_file is changed
- ignore_errors: True
- tags: letsencrypt
diff --git a/library/roles/letsencrypt-acmetool-client/templates/acme-cert-request.sh.j2 b/library/roles/letsencrypt-acmetool-client/templates/acme-cert-request.sh.j2
deleted file mode 100644
index d595c1c..0000000
--- a/library/roles/letsencrypt-acmetool-client/templates/acme-cert-request.sh.j2
+++ /dev/null
@@ -1,28 +0,0 @@
-if [ -d $BASE_DIR/keys/fakeselfsignedcert -a -d $BASE_DIR/certs/fakeselfsignedcert ] ; then
- mkdir -p $TMP_DIR/{keys,certs}
- mv $BASE_DIR/keys/fakeselfsignedcert $TMP_DIR/keys
- mv $BASE_DIR/certs/fakeselfsignedcert $TMP_DIR/certs
- /bin/rm $BASE_DIR/live/{{ ansible_fqdn }}
- {{ letsencrypt_acme_command }} {{ letsencrypt_acme_command_opts }} quickstart
-{{ letsencrypt_acme_command }} {{ letsencrypt_acme_command_opts }} reconcile
-if [ -d $TMP_DIR ] ; then
- if [ $RETVAL -ne 0 ] ; then
- mv $TMP_DIR/keys/fakeselfsignedcert $BASE_DIR/keys
- mv $TMP_DIR/certs/fakeselfsignedcert $BASE_DIR/certs
- cd $BASE_DIR/live
- ln -s ../certs/fakeselfsignedcert {{ ansible_fqdn }}
- fi
- rm -fr $TMP_DIR
-exit $RETVAL
diff --git a/library/roles/letsencrypt-acmetool-client/templates/acme-sudoers.j2 b/library/roles/letsencrypt-acmetool-client/templates/acme-sudoers.j2
deleted file mode 100644
index 17cfd21..0000000
--- a/library/roles/letsencrypt-acmetool-client/templates/acme-sudoers.j2
+++ /dev/null
@@ -1,2 +0,0 @@
-{{ letsencrypt_acme_user }} ALL=(root) NOPASSWD: {{ letsencrypt_acme_services_scripts_dir }}/
diff --git a/library/roles/letsencrypt-acmetool-client/templates/cert-requirements.j2 b/library/roles/letsencrypt-acmetool-client/templates/cert-requirements.j2
deleted file mode 100644
index 7c01b05..0000000
--- a/library/roles/letsencrypt-acmetool-client/templates/cert-requirements.j2
+++ /dev/null
@@ -1,25 +0,0 @@
- names:
-{% for d in letsencrypt_acme_domains %}
- - {{ d }}
-{% endfor %}
-{% if letsencrypt_ocsp_must_staple %}
- ocsp-must-staple: true
-{% endif %}
- challenge:
- http-ports:
- - {{ letsencrypt_acme_standalone_port }}
- type: {{ letsencrypt_acme_key_type }}
-{% if letsencrypt_acme_key_type == 'rsa' %}
- rsa-size: {{ letsencrypt_acme_rsa_key_size }}
-{% else %}
- ecdsa-curve: {{ letsencrypt_acme_ecdsa_curve }}
-{% endif %}
-{% if letsencrypt_specify_key_id %}
- id: {{ letsencrypt_key_id }}
-{% endif %}
diff --git a/library/roles/letsencrypt-acmetool-client/templates/letsencrypt-default.j2 b/library/roles/letsencrypt-acmetool-client/templates/letsencrypt-default.j2
deleted file mode 100644
index b8ba756..0000000
--- a/library/roles/letsencrypt-acmetool-client/templates/letsencrypt-default.j2
+++ /dev/null
@@ -1,4 +0,0 @@
-LE_EMAIL={{ letsencrypt_acme_email }}
-LE_SERVICES_SCRIPT_DIR={{ letsencrypt_acme_services_scripts_dir }}
-LE_CERTS_DIR={{ letsencrypt_acme_certs_dir }}
-LE_LOG_DIR={{ letsencrypt_acme_log_dir }}
diff --git a/library/roles/letsencrypt-acmetool-client/templates/responses.j2 b/library/roles/letsencrypt-acmetool-client/templates/responses.j2
deleted file mode 100644
index 8e36163..0000000
--- a/library/roles/letsencrypt-acmetool-client/templates/responses.j2
+++ /dev/null
@@ -1,13 +0,0 @@
-"acme-enter-email": "{{ letsencrypt_acme_email }}"
-"acme-agreement:{{ letsencrypt_tos_url }}": {{ letsencrypt_acme_agree_tos }}
-# https://acme-staging.api.letsencrypt.org/directory is the staging site.
-# This is the production site
-"acmetool-quickstart-choose-server": https://acme-v01.api.letsencrypt.org/directory
-"acmetool-quickstart-choose-method": {{ letsencrypt_acme_authenticator }}
-"acmetool-quickstart-complete": true
-"acmetool-quickstart-install-cronjob": false
-"acmetool-quickstart-install-haproxy-script": false
-"acmetool-quickstart-install-redirector-systemd": false
-"acmetool-quickstart-key-type": {{ letsencrypt_acme_key_type }}
-"acmetool-quickstart-rsa-key-size": {{ letsencrypt_acme_rsa_key_size }}
-"acmetool-quickstart-ecdsa-curve": {{ letsencrypt_acme_ecdsa_curve }}
diff --git a/library/roles/nginx/defaults/main.yml b/library/roles/nginx/defaults/main.yml
deleted file mode 100644
index cf21aa9..0000000
--- a/library/roles/nginx/defaults/main.yml
+++ /dev/null
@@ -1,125 +0,0 @@
-nginx_enabled: True
-nginx_use_ppa: False
-nginx_ppa_repo: ppa:nginx/stable
-nginx_package_state: present
-# See https://mozilla.github.io/server-side-tls/ssl-config-generator/
-nginx_ssl_level: intermediate
-nginx_snippets_dir: /etc/nginx/snippets
- - nginx-compression.conf
- - nginx-websockets.conf
- - nginx-browser-cache.conf
- - letsencrypt-proxy.conf
- - nginx-proxy-params.conf
- - nginx-server-ssl.conf
- - nginx-cors.conf
- - compression.conf
-nginx_workers: 4
-nginx_worker_connections: 1024
-nginx_multi_accept: 'off'
-nginx_worker_rlimit_nofile: 2048
-nginx_server_tokens: 'off'
-nginx_large_client_header_buffers: 4 8k
-nginx_enable_compression: True
-nginx_gzip_vary: "on"
-nginx_gzip_proxied: any
-nginx_gzip_comp_level: 6
-nginx_gzip_buffers: 16 8k
-nginx_gzip_http_version: 1.1
-nginx_gzip_types: "text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript"
-nginx_enable_browser_cache: True
-nginx_cache_control: public
-nginx_html_cache_expire: -1
-nginx_feed_cache_expire_enabled: False
-nginx_feed_cache_expire: 1h
-nginx_media_cache_expire: 1M
-nginx_css_js_cache_expire: -1
-nginx_reverse_proxy: False
-nginx_define_x_real_ip: False
-nginx_set_original_uri: True
-nginx_proxy_buffering: "on"
-nginx_proxy_redirect: "off"
-nginx_proxy_buffer_size: 128k
-nginx_proxy_buffers: '4 {{ nginx_proxy_buffer_size }}'
-nginx_proxy_busy_buffers_size: 256k
-nginx_proxy_connect_timeout: 30s
-nginx_proxy_read_timeout: 480s
-nginx_proxy_send_timeout: 120s
-nginx_proxy_temp_file_write_size: '{{ nginx_proxy_buffer_size }}'
-nginx_client_max_body_size: 100M
-nginx_client_body_timeout: 240s
-nginx_cors_enabled: False
-nginx_cors_global: True
-nginx_cors_limit_origin: True
-nginx_cors_extended_rules: False
-nginx_cors_acl_origin: 'http?://(localhost)'
-# Possible methods:
-nginx_cors_allowed_methods: 'GET, POST, OPTIONS'
-# Possible headers:
-# 'Accept, Accept-CH, Accept-Charset, Accept-Datetime, Accept-Encoding, Accept-Ext, Accept-Features, Accept-Language, Accept-Params, Accept-Ranges, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age, Access-Control-Request-Headers, Access-Control-Request-Method, Age, Allow, Alternates, Authentication-Info, Authorization, C-Ext, C-Man, C-Opt, C-PEP, C-PEP-Info, CONNECT, Cache-Control, Compliance, Connection, Content-Base, Content-Disposition, Content-Encoding, Content-ID, Content-Language, Content-Length, Content-Location, Content-MD5, Content-Range, Content-Script-Type, Content-Security-Policy, Content-Style-Type, Content-Transfer-Encoding, Content-Type, Content-Version, Cookie, Cost, DAV, DELETE, DNT, DPR, Date, Default-Style, Delta-Base, Depth, Derived-From, Destination, Differential-ID, Digest, ETag, Expect, Expires, Ext, From, GET, GetProfile, HEAD, HTTP-date, Host, IM, If, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Keep-Alive, Label, Last-Event-ID, Last-Modified, Link, Location, Lock-Token, MIME-Version, Man, Max-Forwards, Media-Range, Message-ID, Meter, Negotiate, Non-Compliance, OPTION, OPTIONS, OWS, Opt, Optional, Ordering-Type, Origin, Overwrite, P3P, PEP, PICS-Label, POST, PUT, Pep-Info, Permanent, Position, Pragma, ProfileObject, Protocol, Protocol-Query, Protocol-Request, Proxy-Authenticate, Proxy-Authentication-Info, Proxy-Authorization, Proxy-Features, Proxy-Instruction, Public, RWS, Range, Referer, Refresh, Resolution-Hint, Resolver-Location, Retry-After, Safe, Sec-Websocket-Extensions, Sec-Websocket-Key, Sec-Websocket-Origin, Sec-Websocket-Protocol, Sec-Websocket-Version, Security-Scheme, Server, Set-Cookie, Set-Cookie2, SetProfile, SoapAction, Status, Status-URI, Strict-Transport-Security, SubOK, Subst, Surrogate-Capability, Surrogate-Control, TCN, TE, TRACE, Timeout, Title, Trailer, Transfer-Encoding, UA-Color, UA-Media, UA-Pixels, UA-Resolution, UA-Windowpixels, URI, Upgrade, User-Agent, Variant-Vary, Vary, Version, Via, Viewport-Width, WWW-Authenticate, Want-Digest, Warning, Width, X-Content-Duration, X-Content-Security-Policy, X-Content-Type-Options, X-CustomHeader, X-DNSPrefetch-Control, X-Forwarded-For, X-Forwarded-Port, X-Forwarded-Proto, X-Frame-Options, X-Modified, X-OTHER, X-PING, X-PINGOTHER, X-Powered-By, X-Requested-With, Observe'
-nginx_cors_allowed_headers: 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Accept-Language,X-CustomHeader,Content-Range,Range,Observe'
-# Find a set of acceptable defaults for the cache setup
-nginx_cache_enabled: False
-nginx_use_ldap_pam_auth: False
-nginx_pam_svc_name: nginx
-nginx_ldap_uri: "ldap://ldap.example.org"
-nginx_ldap_base_dn: "dc=example,dc=org"
-nginx_basic_auth: False
- - { name: 'test', pwd: 'hide inside a vault file', file: '/etc/nginx/htpasswd' }
-# nginx_ldap_login_attribute: uid
-# nginx_ldap_pam_groupdn:
-nginx_webroot: /usr/share/nginx/html
-nginx_letsencrypt_managed: True
-nginx_websockets_support: False
-nginx_use_common_virthost: False
-# Set it to 'ssl http2' if the nginx version supports it
-nginx_ssl_type: ssl
-# When we do not use letsencrypt:
-# nginx_ssl_cert_file: '{{ pki_dir }}/certs/nginx.crt'
-# nginx_ssl_cert_key: '{{ pki_dir }}/keys/nginx.key'
-nginx_block_dotfiles: True
-# Virtualhost example
-# nginx_virthosts:
-# - virthost_name: '{{ ansible_fqdn }}'
-# listen: '{{ http_port }}'
-# server_name: '{{ ansible_fqdn }}'
-# server_aliases: ''
-# index: index.html
-# error_page: /path_to_error_page.html
-# ssl_enabled: False
-# ssl_only: False
-# ssl_letsencrypt_certs: '{{ nginx_letsencrypt_managed }}'
-# root: {{ nginx_webroot }}
-# server_tokens: 'off'
-# proxy_standard_setup: True
-# proxy_additional_options:
-# - 'proxy_cache_path /tmp/nginx_cache levels=1:2 keys_zone=cache:30m max_size=250m;'
-# locations:
-# - location: /
-# target: http://localhost:{{ local_http_port }}
-# extra_parameters: |
-# location ~ \.php$ {
-# fastcgi_split_path_info ^(.+\.php)(/.+)$;
-# fastcgi_pass unix:/var/run/php5-fpm.sock;
-# fastcgi_index index.php;
-# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-# include fastcgi_params;
-# }
diff --git a/library/roles/nginx/files/nginx-letsencrypt-acme.sh b/library/roles/nginx/files/nginx-letsencrypt-acme.sh
deleted file mode 100644
index d18314b..0000000
--- a/library/roles/nginx/files/nginx-letsencrypt-acme.sh
+++ /dev/null
@@ -1,25 +0,0 @@
-DATE=$( date )
-[ ! -d $LE_LOG_DIR ] && mkdir $LE_LOG_DIR
-echo "$DATE" >> $LE_LOG_DIR/nginx.log
-if [ -f /etc/default/letsencrypt ] ; then
- . /etc/default/letsencrypt
- echo "No letsencrypt default file" >> $LE_LOG_DIR/nginx.log
-echo "Reload the nginx service" >> $LE_LOG_DIR/nginx.log
-if [ -x /bin/systemctl ] ; then
- systemctl reload nginx >> $LE_LOG_DIR/nginx.log 2>&1
- service nginx reload >> $LE_LOG_DIR/nginx.log 2>&1
-echo "Done." >> $LE_LOG_DIR/nginx.log
-exit 0
diff --git a/library/roles/nginx/files/nginx.pam b/library/roles/nginx/files/nginx.pam
deleted file mode 100644
index f94005a..0000000
--- a/library/roles/nginx/files/nginx.pam
+++ /dev/null
@@ -1,26 +0,0 @@
-auth [success=2 default=ignore] pam_unix.so nullok_secure
-auth [success=1 default=ignore] pam_ldap.so
-auth requisite pam_deny.so
-auth required pam_permit.so
-account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so
-account [success=1 default=ignore] pam_ldap.so
-account requisite pam_deny.so
-account required pam_permit.so
-password [success=1 default=ignore] pam_unix.so obscure sha512
-password [success=1 user_unknown=ignore default=die] pam_ldap.so use_authtok try_first_pass
-password requisite pam_deny.so
-password required pam_permit.so
-session [default=1] pam_permit.so
-session requisite pam_deny.so
-session required pam_permit.so
-session optional pam_umask.so
-session required pam_unix.so
-session optional pam_ldap.so
diff --git a/library/roles/nginx/handlers/main.yml b/library/roles/nginx/handlers/main.yml
deleted file mode 100644
index 04c7fb2..0000000
--- a/library/roles/nginx/handlers/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-- name: Reload nginx
- service: name=nginx state=reloaded
-- name: Restart nginx
- service: name=nginx state=restarted
diff --git a/library/roles/nginx/meta/main.yml b/library/roles/nginx/meta/main.yml
deleted file mode 100644
index b20d9ba..0000000
--- a/library/roles/nginx/meta/main.yml
+++ /dev/null
@@ -1,4 +0,0 @@
- - role: '../../library/roles/ldap-client-config'
- when: nginx_use_ldap_pam_auth
diff --git a/library/roles/nginx/tasks/basic-auth.yml b/library/roles/nginx/tasks/basic-auth.yml
deleted file mode 100644
index 1357909..0000000
--- a/library/roles/nginx/tasks/basic-auth.yml
+++ /dev/null
@@ -1,17 +0,0 @@
-- block:
- - name: Install the python passlib library on deb based distributions
- apt: pkg=python-passlib state=present cache_valid_time=3600
- when: ansible_distribution_file_variety == "Debian"
- - name: Install the python passlib library on RH based distributions
- yum: pkg=python-passlib state=present
- when: ansible_distribution_file_variety == "RedHat"
- - name: Create the htpasswd file needed by the basic auth
- htpasswd: path={{ item.file | default ('/etc/nginx/htpasswd') }} name={{ item.name }} password={{ item.pwd }} state={{ item.state | default('present') }} crypt_scheme={{ item.crypt | default('sha256_crypt') }}
- with_items: '{{ nginx_basic_auth_users }}'
- when: nginx_basic_auth
- tags: nginx
diff --git a/library/roles/nginx/tasks/main.yml b/library/roles/nginx/tasks/main.yml
deleted file mode 100644
index b0ed614..0000000
--- a/library/roles/nginx/tasks/main.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- import_tasks: nginx-deb.yml
- when: ansible_distribution_file_variety == "Debian"
-- import_tasks: nginx-rh.yml
- when: ansible_distribution_file_variety == "RedHat"
-- import_tasks: nginx-config.yml
-- import_tasks: nginx-virtualhosts.yml
- when: nginx_use_common_virthost | bool
-- import_tasks: nginx-letsencrypt.yml
- when: letsencrypt_acme_install is defined and letsencrypt_acme_install
-- import_tasks: basic-auth.yml
-- import_tasks: pam-ldap.yml
-- name: Ensure that the webserver is running and enabled at boot time
- service: name=nginx state=started enabled=yes
- when: nginx_enabled
- ignore_errors: True
- tags: nginx
-- name: Ensure that the webserver is stopped and disabled
- service: name=nginx state=stopped enabled=no
- when: not nginx_enabled
- ignore_errors: True
- tags: nginx
diff --git a/library/roles/nginx/tasks/nginx-config.yml b/library/roles/nginx/tasks/nginx-config.yml
deleted file mode 100644
index 1f3b45e..0000000
--- a/library/roles/nginx/tasks/nginx-config.yml
+++ /dev/null
@@ -1,45 +0,0 @@
-- block:
- - name: Create the snippets directory
- file: dest={{ nginx_snippets_dir }} state=directory
- - name: Create the pki directory
- file: dest={{ pki_dir }}/nginx state=directory
- - name: Create the client body tmp directory, if needed
- file: dest={{ nginx_client_body_temp_dir }}/nginx state=directory owner=www-data group=www-data mode=0700
- when: nginx_client_body_temp_dir is defined
- - name: Create a dhparams file 2048 bits long
- shell: openssl dhparam -out {{ pki_dir }}/nginx/dhparams.pem 2048
- args:
- creates: '{{ pki_dir }}/nginx/dhparams.pem'
- when: nginx_ssl_level == 'intermediate'
- notify: Reload nginx
- - name: Install the supported configuration snippets
- template: src={{ item }}.j2 dest=/etc/nginx/snippets/{{ item }} owner=root group=root mode=0444
- with_items: '{{ nginx_conf_snippets }}'
- notify: Reload nginx
- - name: Install the main nginx.conf
- template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf mode=444
- notify: Reload nginx
- - name: Remove the old configuration snippets
- file: dest=/etc/nginx/conf.d/{{ item }} state=absent
- with_items: '{{ nginx_old_snippets }}'
- notify: Reload nginx
- when: nginx_enabled | bool
- tags: [ 'nginx', 'nginx_conf', 'nginx_virtualhost' ]
-- block:
- - name: remove nginx default virtualhost
- file: dest=/etc/nginx/sites-enabled/default state=absent
- notify: Reload nginx
- when:
- - nginx_enabled | bool
- - ansible_distribution_file_variety == "Debian"
- tags: [ 'nginx', 'nginx_conf', 'nginx_virtualhost' ]
diff --git a/library/roles/nginx/tasks/nginx-deb.yml b/library/roles/nginx/tasks/nginx-deb.yml
deleted file mode 100644
index 5ddc9b7..0000000
--- a/library/roles/nginx/tasks/nginx-deb.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-- block:
- - name: Install the Ubuntu PPA for nginx
- apt_repository: repo='{{ nginx_ppa_repo }}' update_cache=yes
- when:
- - nginx_use_ppa
- - "'{{ ansible_distribution }}' == 'Ubuntu'"
- tags: [ 'nginx', 'nginx_ppa' ]
- - name: Install the nginx web server
- apt: pkg=nginx-full state={{ nginx_package_state }} cache_valid_time=1800
- when:
- - not nginx_use_ldap_pam_auth
- - ansible_distribution_major_version <= '14'
- - name: Install the nginx web server if we need ldap auth via pam
- apt: pkg=nginx-extras state={{ nginx_package_state }} cache_valid_time=1800
- when:
- - nginx_use_ldap_pam_auth
- - ansible_distribution_major_version <= '14'
- - name: Install the nginx web server on Ubuntu >= 16.04
- apt: pkg=nginx state={{ nginx_package_state }} cache_valid_time=1800
- when: ansible_distribution_major_version >= '16'
- when: ansible_distribution_file_variety == "Debian"
- tags: nginx
\ No newline at end of file
diff --git a/library/roles/nginx/tasks/nginx-letsencrypt.yml b/library/roles/nginx/tasks/nginx-letsencrypt.yml
deleted file mode 100644
index 2c57d94..0000000
--- a/library/roles/nginx/tasks/nginx-letsencrypt.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- block:
- - name: Create the acme hooks directory if it does not yet exist
- file: dest={{ letsencrypt_acme_services_scripts_dir }} state=directory owner=root group=root
- - name: Install a letsencrypt hook for nginx
- copy: src=nginx-letsencrypt-acme.sh dest={{ letsencrypt_acme_services_scripts_dir }}/nginx owner=root group=root mode=4555
- when:
- - letsencrypt_acme_install is defined and letsencrypt_acme_install
- - nginx_letsencrypt_managed
- tags: [ 'nginx', 'letsencrypt' ]
-- block:
- - name: Remove the letsencrypt hook for nginx
- file: path={{ letsencrypt_acme_services_scripts_dir }}/nginx state=absent
- when: not nginx_letsencrypt_managed
- tags: [ 'nginx', 'letsencrypt' ]
diff --git a/library/roles/nginx/tasks/nginx-rh.yml b/library/roles/nginx/tasks/nginx-rh.yml
deleted file mode 100644
index 57211c2..0000000
--- a/library/roles/nginx/tasks/nginx-rh.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-- block:
- - name: Install the nginx web server
- yum: pkg=nginx state={{ nginx_package_state }}
- when: ansible_distribution_file_variety == "RedHat"
- tags: nginx
diff --git a/library/roles/nginx/tasks/nginx-virtualhosts.yml b/library/roles/nginx/tasks/nginx-virtualhosts.yml
deleted file mode 100644
index 1615c60..0000000
--- a/library/roles/nginx/tasks/nginx-virtualhosts.yml
+++ /dev/null
@@ -1,32 +0,0 @@
-- block:
- - name: Create the nginx webroot if different from the default
- file: dest={{ nginx_webroot }} state=directory mode=0755
- when: nginx_webroot != '/usr/share/nginx/html'
- tags: [ 'nginx', 'virtualhost' ]
-- name: Install and enable the nginx virtualhost files on Deb based systems
- block:
- - name: Install the nginx virtualhost files
- template: src=nginx-virthost.j2 dest=/etc/nginx/sites-available/{{ item.virthost_name }} owner=root group=root mode=0444
- with_items: '{{ nginx_virthosts | default(omit) }}'
- notify: Reload nginx
- - name: Enable the nginx virtualhosts
- file: src=/etc/nginx/sites-available/{{ item.virthost_name }} dest=/etc/nginx/sites-enabled/{{ item.virthost_name }} state=link
- with_items: '{{ nginx_virthosts | default(omit) }}'
- notify: Reload nginx
- when: ansible_distribution_file_variety == "Debian"
- tags: [ 'nginx', 'virtualhost' ]
-- name: Install and enable the nginx virtualhost files on RH based systems
- block:
- - name: Install the nginx virtualhost files
- template: src=nginx-virthost.j2 dest=/etc/nginx/conf.d/{{ item.virthost_name }}.conf owner=root group=root mode=0444
- with_items: '{{ nginx_virthosts | default(omit) }}'
- notify: Reload nginx
- when: ansible_distribution_file_variety == "RedHat"
- tags: [ 'nginx', 'virtualhost' ]
diff --git a/library/roles/nginx/tasks/pam-ldap.yml b/library/roles/nginx/tasks/pam-ldap.yml
deleted file mode 100644
index ae25351..0000000
--- a/library/roles/nginx/tasks/pam-ldap.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-- name: Install pam service for nginx
- copy: src=nginx.pam dest=/etc/pam.d/{{ nginx_pam_svc_name }}
- notify: Reload nginx
- when: nginx_use_ldap_pam_auth
- tags: nginx
diff --git a/library/roles/nginx/templates/ldap.conf.j2 b/library/roles/nginx/templates/ldap.conf.j2
deleted file mode 100644
index b748f41..0000000
--- a/library/roles/nginx/templates/ldap.conf.j2
+++ /dev/null
@@ -1,16 +0,0 @@
-# The distinguished name of the search base.
-base {{ nginx_ldap_base_dn }}
-# Another way to specify your LDAP server is to provide an
-uri {{ nginx_ldap_uri }}
-if {% nginx_ldap_login_attribute is defined %}
-pam_login_attribute {{ nginx_ldap_login_attribute }}
-{% endif %}
-if {% nginx_ldap_pam_groupdn is defined %}
-{% endif %}
-# The LDAP version to use (defaults to 3
-# if supported by client library)
-ldap_version 3
-nss_initgroups_ignoreusers avahi,backup,bin,daemon,games,gnats,irc,libuuid,list,lp,mail,man,messagebus,munin,news,nslcd,proxy,root,rstudio-server,sshd,sync,sys,syslog,uucp,www-data
diff --git a/library/roles/nginx/templates/letsencrypt-proxy.conf.j2 b/library/roles/nginx/templates/letsencrypt-proxy.conf.j2
deleted file mode 100644
index d385cf1..0000000
--- a/library/roles/nginx/templates/letsencrypt-proxy.conf.j2
+++ /dev/null
@@ -1,9 +0,0 @@
-# Include this one inside a "server" directive listening on port 80, this way:
-# include /etc/nginx/snippets/letsencrypt-proxy.conf;
- location ^~ /.well-known/acme-challenge {
- proxy_pass{{ letsencrypt_acme_standalone_port | default('4402') }}/.well-known/acme-challenge;
- access_log /var/log/nginx/letsencrypt_acmetool_access.log;
- error_log /var/log/nginx/letsencrypt_acmetool_error.log;
- }
diff --git a/library/roles/nginx/templates/nginx-browser-cache.conf.j2 b/library/roles/nginx/templates/nginx-browser-cache.conf.j2
deleted file mode 100644
index ade0132..0000000
--- a/library/roles/nginx/templates/nginx-browser-cache.conf.j2
+++ /dev/null
@@ -1,27 +0,0 @@
-# include inside a 'server' directive
-location ~* \.(?:manifest|appcache|html?|xml|json)$ {
- expires {{ nginx_html_cache_expire }};
-{% if nginx_feed_cache_expire_enabled %}
-location ~* \.(?:rss|atom)$ {
- expires {{ nginx_feed_cache_expire }};
- add_header Cache-Control "{{ nginx_cache_control }}";
-{% endif %}
-location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
- expires {{ nginx_media_cache_expire }};
- access_log off;
- add_header Cache-Control "{{ nginx_cache_control }}";
-location ~* \.(?:css|js)$ {
- expires {{ nginx_css_js_cache_expire }};
- access_log off;
- add_header Cache-Control "{{ nginx_cache_control }}";
diff --git a/library/roles/nginx/templates/nginx-compression.conf.j2 b/library/roles/nginx/templates/nginx-compression.conf.j2
deleted file mode 100644
index 4a06955..0000000
--- a/library/roles/nginx/templates/nginx-compression.conf.j2
+++ /dev/null
@@ -1,6 +0,0 @@
-gzip_vary {{ nginx_gzip_vary }};
-gzip_proxied {{ nginx_gzip_proxied }};
-gzip_comp_level {{ nginx_gzip_comp_level }};
-gzip_buffers {{ nginx_gzip_buffers }};
-gzip_http_version {{ nginx_gzip_http_version }};
-gzip_types {{ nginx_gzip_types }};
diff --git a/library/roles/nginx/templates/nginx-cors.conf.j2 b/library/roles/nginx/templates/nginx-cors.conf.j2
deleted file mode 100644
index 1f3af86..0000000
--- a/library/roles/nginx/templates/nginx-cors.conf.j2
+++ /dev/null
@@ -1,58 +0,0 @@
-{% if nginx_cors_extended_rules %}
-if ($request_method = 'OPTIONS') {
-{% if nginx_cors_limit_origin %}
- add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
-{% else %}
- add_header 'Access-Control-Allow-Origin' '*';
-{% endif %}
- add_header 'Access-Control-Allow-Credentials' 'true';
- add_header 'Access-Control-Allow-Methods' '{{ nginx_cors_allowed_methods }}';
- #
- # Custom headers and headers various browsers *should* be OK with but aren't
- #
- add_header 'Access-Control-Allow-Headers' '{{ nginx_cors_allowed_headers }}';
- #
- # Tell client that this pre-flight info is valid for 20 days
- #
- add_header 'Access-Control-Max-Age' 1728000;
- add_header 'Content-Type' 'text/plain charset=UTF-8';
- add_header 'Content-Length' 0;
- return 204;
-if ($request_method = 'POST') {
-{% if nginx_cors_limit_origin %}
- add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
-{% else %}
- add_header 'Access-Control-Allow-Origin' '*';
-{% endif %}
- add_header 'Access-Control-Allow-Credentials' 'true';
- add_header 'Access-Control-Allow-Methods' '{{ nginx_cors_allowed_methods }}';
- add_header 'Access-Control-Allow-Headers' '{{ nginx_cors_allowed_headers }}';
- add_header 'Access-Control-Expose-Headers' '{{ nginx_cors_allowed_headers }}';
-if ($request_method = 'GET') {
-{% if nginx_cors_limit_origin %}
- add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
-{% else %}
- add_header 'Access-Control-Allow-Origin' '*';
-{% endif %}
- add_header 'Access-Control-Allow-Credentials' 'true';
- add_header 'Access-Control-Allow-Methods' '{{ nginx_cors_allowed_methods }}';
- add_header 'Access-Control-Allow-Headers' '{{ nginx_cors_allowed_headers }}';
- add_header 'Access-Control-Expose-Headers' '{{ nginx_cors_allowed_headers }}';
-{% else %}
-{% if nginx_cors_limit_origin %}
-add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
-{% else %}
-add_header 'Access-Control-Allow-Origin' '*';
-{% endif %}
-if ($request_method = OPTIONS ) {
- return 204;
-add_header 'Access-Control-Allow-Credentials' 'true';
-add_header 'Access-Control-Allow-Methods' '{{ nginx_cors_allowed_methods }}';
-add_header 'Access-Control-Allow-Headers' '{{ nginx_cors_allowed_headers }}';
-add_header 'Access-Control-Expose-Headers' '{{ nginx_cors_allowed_headers }}';
-{% endif %}
diff --git a/library/roles/nginx/templates/nginx-proxy-params.conf.j2 b/library/roles/nginx/templates/nginx-proxy-params.conf.j2
deleted file mode 100644
index 2d834a4..0000000
--- a/library/roles/nginx/templates/nginx-proxy-params.conf.j2
+++ /dev/null
@@ -1,29 +0,0 @@
-# Proxy stuff
-# include /etc/nginx/snippets/nginx-proxy-params.conf;
-proxy_http_version 1.1;
-proxy_set_header Connection "";
-{% if haproxy_ips is defined %}
-proxy_set_header Host $http_host;
-proxy_set_header X-Real-IP $remote_addr;
-proxy_set_header X-Forwarded-Host $remote_addr;
-proxy_set_header X-Forwarded-Server $host;
-{% else %}
-proxy_set_header Host $host;
-{% if nginx_define_x_real_ip %}
-proxy_set_header X-Real-IP $remote_addr;
-{% endif %}
-{% endif %}
-{% if nginx_set_original_uri %}
-proxy_set_header nginx-request-uri $request_uri;
-{% endif %}
-proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-proxy_set_header X-Forwarded-Proto $scheme;
-proxy_buffering {{ nginx_proxy_buffering }};
-proxy_buffer_size {{ nginx_proxy_buffer_size }};
-proxy_buffers {{ nginx_proxy_buffers }};
-proxy_busy_buffers_size {{ nginx_proxy_busy_buffers_size }};
-proxy_temp_file_write_size {{ nginx_proxy_temp_file_write_size }};
-proxy_redirect {{ nginx_proxy_redirect }};
-proxy_connect_timeout {{ nginx_proxy_connect_timeout }};
-proxy_read_timeout {{ nginx_proxy_read_timeout }};
-proxy_send_timeout {{ nginx_proxy_send_timeout }};
diff --git a/library/roles/nginx/templates/nginx-server-ssl.conf.j2 b/library/roles/nginx/templates/nginx-server-ssl.conf.j2
deleted file mode 100644
index f09f52e..0000000
--- a/library/roles/nginx/templates/nginx-server-ssl.conf.j2
+++ /dev/null
@@ -1,49 +0,0 @@
-{% if letsencrypt_acme_install is defined and letsencrypt_acme_install %}
-ssl_certificate {{ letsencrypt_acme_certs_dir }}/fullchain;
-ssl_certificate_key {{ letsencrypt_acme_certs_dir }}/privkey;
-{% else %}
-ssl_certificate {{ nginx_ssl_cert_file | default('/etc/nginx/ssl/server.crt') }};
-ssl_certificate_key {{ nginx_ssl_cert_key | default ('/etc/nginx/ssl/server.key') }};
-{% endif %}
-ssl_session_cache shared:SSL:10m;
-ssl_session_timeout 1d;
-ssl_dhparam {{ pki_dir }}/nginx/dhparams.pem;
-{% if nginx_ssl_level == 'old' %}
-{% if ansible_distribution_version is version_compare('18.04', '>=') %}
-ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
-{% else %}
-ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-{% endif %}
-ssl_prefer_server_ciphers on;
-{% endif %}
-{% if nginx_ssl_level == 'intermediate' %}
-{% if ansible_distribution_version is version_compare('18.04', '>=') %}
-ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
-{% else %}
-ssl_protocols TLSv1.1 TLSv1.2;
-{% endif %}
-ssl_prefer_server_ciphers off;
-{% endif %}
-{% if nginx_ssl_level == 'modern' %}
-ssl_session_tickets off;
-# modern configuration. tweak to your needs.
-{% if ansible_distribution_version is version_compare('18.04', '>=') %}
-ssl_protocols TLSv1.2 TLSv1.3;
-{% else %}
-ssl_protocols TLSv1.2;
-{% endif %}
-ssl_prefer_server_ciphers off;
-{% endif %}
-{% if ansible_distribution_version is version_compare('14.04', '>=') %}
-ssl_stapling on;
-ssl_stapling_verify on;
-{% if letsencrypt_acme_install is defined and letsencrypt_acme_install %}
-ssl_trusted_certificate {{ letsencrypt_acme_certs_dir }}/fullchain;
-{% else %}
-ssl_trusted_certificate {{ nginx_ssl_fullchain_file | default('/etc/nginx/ssl/cacert.crt') }};
-{% endif %}
-add_header Strict-Transport-Security max-age=15768000;
-{% endif %}
diff --git a/library/roles/nginx/templates/nginx-virthost.j2 b/library/roles/nginx/templates/nginx-virthost.j2
deleted file mode 100644
index d5f52b9..0000000
--- a/library/roles/nginx/templates/nginx-virthost.j2
+++ /dev/null
@@ -1,353 +0,0 @@
-{% if nginx_websockets_support is defined and nginx_websockets_support %}
-include /etc/nginx/snippets/nginx-websockets.conf;
-{% else %}
-{% if item.websockets is defined and item.websockets %}
-include /etc/nginx/snippets/nginx-websockets.conf;
-{% endif %}
-{% endif %}
-server {
- listen {{ item.http_port | default ('80') }};
- server_name {{ item.server_name }} {% if item.serveraliases is defined %}{{ item.serveraliases }}{% endif %};
-{% if nginx_block_dotfiles %}
- location ~ /\.(?!well-known).* {
- deny all;
- access_log off;
- log_not_found off;
- return 404;
- }
-{% endif %}
-{% if letsencrypt_acme_install %}
- include /etc/nginx/snippets/letsencrypt-proxy.conf;
-{% endif %}
- {% if item.access_log is defined %}
- access_log {{ item.access_log }};
- {% else %}
- access_log /var/log/nginx/{{ item.server_name }}_access.log;
- {% endif %}
- {% if item.error_log is defined %}
- error_log {{ item.error_log }};
- {% else %}
- error_log /var/log/nginx/{{ item.server_name }}_error.log;
- {% endif %}
- server_tokens {{ item.server_tokens | default('off') }};
-{% if item.ssl_enabled and item.ssl_only %}
- location / {
- return 301 https://{{ item.server_name }}$request_uri;
- }
-{% else %}
- root {{ item.root | default('/usr/share/nginx/html/') }};
- index {{ item.index | default('index.html index.htm') }};
- error_page 500 502 503 504 {{ item.error_page | default('/50x.html') }};
- location = /50x.html {
- root {{ item.error_path | default('/usr/share/nginx/html') }};
- }
- location = /favicon.ico {
- log_not_found off;
- access_log off;
- }
- location = /robots.txt {
- allow all;
- log_not_found off;
- access_log off;
- }
-{% if nginx_block_dotfiles %}
- location ~ /\. {
- deny all;
- access_log off;
- log_not_found off;
- return 404;
- }
-{% endif %}
- {% if haproxy_ips is defined %}
- # We are behind haproxy
- {% for ip in haproxy_ips %}
- set_real_ip_from {{ ip }};
- {% endfor %}
- real_ip_header X-Forwarded-For;
- {% endif %}
- {% if item.max_body is defined %}
- client_max_body_size {{ item.max_body }};
- {% else %}
- client_max_body_size {{ nginx_client_max_body_size }};
- {% endif %}
- {% if item.body_timeout is defined %}
- client_body_timeout {{ item.body_timeout }};
- {% else %}
- client_body_timeout {{ nginx_client_body_timeout }};
- {% endif %}
- {% if nginx_cors_enabled %}
- {% if nginx_cors_global %}
- include /etc/nginx/snippets/nginx-cors.conf;
- {% endif %}
- {% endif %}
- {% if item.additional_options is defined %}
- {% for add_opt in item.additional_options %}
- {{ add_opt }};
- {% endfor %}
- {% endif %}
- {% if item.http_acls is defined %}
- {% for acl in item.http_acls %}
- {{ acl }};
- {% endfor %}
- {% endif %}
- {% if nginx_websockets_support is defined and nginx_websockets_support %}
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection $connection_upgrade;
- {% else %}
- {% if item.websockets is defined and item.websockets %}
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection $connection_upgrade;
- {% endif %}
- {% endif %}
- {% if item.proxy_standard_setup is defined and item.proxy_standard_setup %}
- # Proxy stuff
- {% if item.include_global_proxy_conf is defined and not item.include_global_proxy_conf %}
- {% else %}
- include /etc/nginx/snippets/nginx-proxy-params.conf;
- {% endif %}
- {% if item.proxy_additional_options is defined %}
- {% for popt in item.proxy_additional_options %}
- {{ popt }};
- {% endfor %}
- {% endif %}
- {% if item.locations is defined %}
- {% for location in item.locations -%}
- location {{ location.location }} {
- {% if nginx_cors_enabled %}
- {% if not nginx_cors_global %}
- {% if location.cors is defined and location.cors %}
- include /etc/nginx/snippets/nginx-cors.conf;
- {% endif %}
- {% endif %}
- {% endif %}
- {% if location.target is defined %}
- proxy_pass {{ location.target }};
- {% elif location.php_target is defined %}
- try_files $uri =404;
- fastcgi_split_path_info ^(.+\.php)(/.+)$;
- fastcgi_pass {{ location.php_target }};
- fastcgi_index index.php;
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- fastcgi_param REMOTE_ADDR $http_x_forwarded_for;
- #fastcgi_param REMOTE_ADDR $remote_addr;
- include fastcgi_params;
- {% endif %}
- {% if location.websockets is defined and location.websockets %}
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "Upgrade";
- {% endif %}
- {% if location.extra_conf is defined %}
- {{ location.extra_conf }}
- {% endif %}
- {% if location.acls is defined %}
- {% for acl in location.acls %}
- {{ acl }};
- {% endfor %}
- {% endif %}
- {% if location.other_opts is defined %}
- {% for opt in location.other_opts %}
- {{ opt }};
- {% endfor %}
- {% endif %}
- }
- {% endfor %}
- {% endif %}
- {% endif %}
- {% if item.extra_parameters is defined %}
- {{ item.extra_parameters }}
- {% endif %}
-{% endif %}
-{% if item.ssl_enabled %}
-server {
- {% if item.https_port is defined %}
- listen {{ item.https_port }} {{ nginx_ssl_type }};
- {% else %}
- listen {{ https_port | default('443') }} {{ nginx_ssl_type }};
- {% endif %}
- server_name {{ item.server_name }} {% if item.serveraliases is defined %}{{ item.serveraliases }}{% endif %};
- {% if item.access_log is defined %}
- access_log {{ item.access_log }};
- {% else %}
- access_log /var/log/nginx/{{ item.server_name }}_ssl_access.log;
- {% endif %}
- {% if item.error_log is defined %}
- error_log {{ item.error_log }};
- {% else %}
- error_log /var/log/nginx/{{ item.server_name }}_ssl_error.log;
- {% endif %}
- root {{ item.root | default('/usr/share/nginx/html/') }};
- index {{ item.index | default('index.html index.htm') }};
- error_page 500 502 503 504 {{ item.error_page | default('/50x.html') }};
- location = /50x.html {
- root {{ item.error_path | default('/usr/share/nginx/html') }};
- }
- location = /favicon.ico {
- log_not_found off;
- access_log off;
- }
- location = /robots.txt {
- allow all;
- log_not_found off;
- access_log off;
- }
-{% if nginx_block_dotfiles %}
- location ~ /\. {
- deny all;
- access_log off;
- log_not_found off;
- return 404;
- }
-{% endif %}
- {% if haproxy_ips is defined %}
- # We are behind haproxy
- {% for ip in haproxy_ips %}
- set_real_ip_from {{ ip }};
- {% endfor %}
- real_ip_header X-Forwarded-For;
- {% endif %}
- {% if item.max_body is defined %}
- client_max_body_size {{ item.max_body }};
- {% else %}
- client_max_body_size {{ nginx_client_max_body_size }};
- {% endif %}
- {% if item.body_timeout is defined %}
- client_body_timeout {{ item.body_timeout }};
- {% else %}
- client_body_timeout {{ nginx_client_body_timeout }};
- {% endif %}
- include /etc/nginx/snippets/nginx-server-ssl.conf;
- server_tokens {{ item.server_tokens | default('off') }};
- {% if nginx_cors_enabled %}
- {% if nginx_cors_global %}
- include /etc/nginx/snippets/nginx-cors.conf;
- {% endif %}
- {% endif %}
- {% if nginx_websockets_support is defined and nginx_websockets_support %}
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection $connection_upgrade;
- {% else %}
- {% if item.websockets is defined and item.websockets %}
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection $connection_upgrade;
- {% endif %}
- {% endif %}
- {% if item.additional_options is defined %}
- {% for add_opt in item.additional_options %}
- {{ add_opt }};
- {% endfor %}
- {% endif %}
- {% if item.https_acls is defined %}
- {% for acl in item.https_acls %}
- {{ acl }};
- {% endfor %}
- {% endif %}
- {% if item.proxy_standard_setup is defined and item.proxy_standard_setup %}
- # Proxy stuff
- {% if item.include_global_proxy_conf is defined and not item.include_global_proxy_conf %}
- {% else %}
- include /etc/nginx/snippets/nginx-proxy-params.conf;
- {% endif %}
- {% if item.proxy_additional_options is defined %}
- {% for popt in item.proxy_additional_options %}
- {{ popt }}
- {% endfor %}
- {% endif %}
- {% if item.locations is defined %}
- {% for location in item.locations -%}
- location {{ location.location }} {
- {% if nginx_cors_enabled %}
- {% if not nginx_cors_global %}
- {% if location.cors is defined and location.cors %}
- include /etc/nginx/snippets/nginx-cors.conf;
- {% endif %}
- {% endif %}
- {% endif %}
- {% if location.target is defined %}
- proxy_pass {{ location.target }};
- {% elif location.php_target is defined %}
- try_files $uri =404;
- fastcgi_split_path_info ^(.+\.php)(/.+)$;
- fastcgi_pass {{ location.php_target }};
- fastcgi_index index.php;
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- fastcgi_param REMOTE_ADDR $http_x_forwarded_for;
- #fastcgi_param REMOTE_ADDR $remote_addr;
- include fastcgi_params;
- {% endif %}
- {% if location.websockets is defined and location.websockets %}
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "Upgrade";
- {% endif %}
- {% if location.extra_conf is defined %}
- {{ location.extra_conf }}
- {% endif %}
- {% if location.acls is defined %}
- {% for acl in location.acls %}
- {{ acl }};
- {% endfor %}
- {% endif %}
- {% if location.other_opts is defined %}
- {% for opt in location.other_opts %}
- {{ opt }};
- {% endfor %}
- {% endif %}
- }
- {% endfor %}
- {% endif %}
- {% endif %}
- {% if item.extra_parameters is defined %}
- {{ item.extra_parameters }}
- {% endif %}
-{% endif %}
diff --git a/library/roles/nginx/templates/nginx-websockets.conf.j2 b/library/roles/nginx/templates/nginx-websockets.conf.j2
deleted file mode 100644
index 32af4c3..0000000
--- a/library/roles/nginx/templates/nginx-websockets.conf.j2
+++ /dev/null
@@ -1,4 +0,0 @@
-map $http_upgrade $connection_upgrade {
- default upgrade;
- '' close;
diff --git a/library/roles/nginx/templates/nginx.conf.j2 b/library/roles/nginx/templates/nginx.conf.j2
deleted file mode 100644
index 9dc5392..0000000
--- a/library/roles/nginx/templates/nginx.conf.j2
+++ /dev/null
@@ -1,63 +0,0 @@
-pid /run/nginx.pid;
-{% if ansible_distribution_file_variety == "Debian" %}
-user www-data;
-{% if nginx_use_ppa or ansible_distribution_major_version >= '16' %}
-worker_processes auto;
-include /etc/nginx/modules-enabled/*.conf;
-{% else %}
-worker_processes {{ nginx_workers }};
-{% endif %}
-{% endif %}
-{% if ansible_distribution_file_variety == "RedHat" %}
-user nginx;
-worker_processes auto;
-# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
-include /usr/share/nginx/modules/*.conf;
-{% endif %}
-events {
- worker_connections {{ nginx_worker_connections }};
- multi_accept {{ nginx_multi_accept }};
-worker_rlimit_nofile {{ nginx_worker_rlimit_nofile }};
-http {
- log_format main '$remote_addr - $remote_user [$time_local] "$request" '
- '$status $body_bytes_sent "$http_referer" '
- '"$http_user_agent" "$http_x_forwarded_for"';
- sendfile on;
- tcp_nopush on;
- tcp_nodelay on;
- keepalive_timeout 65;
- types_hash_max_size 2048;
- server_tokens {{ nginx_server_tokens }};
- # server_names_hash_bucket_size 64;
- # server_name_in_redirect off;
- include /etc/nginx/mime.types;
- default_type application/octet-stream;
- large_client_header_buffers {{ nginx_large_client_header_buffers }};
- ##
- # Logging Settings
- ##
- access_log /var/log/nginx/access.log;
- error_log /var/log/nginx/error.log;
-{% if nginx_enable_compression %}
- include /etc/nginx/snippets/nginx-compression.conf;
-{% endif %}
-{% if nginx_websockets_support %}
- include /etc/nginx/snippets/nginx-websockets.conf;
-{% endif %}
- include /etc/nginx/conf.d/*.conf;
-{% if ansible_distribution_file_variety == "RedHat" %}
- # Load configuration files for the default server block.
- include /etc/nginx/default.d/*.conf;
-{% endif %}
-{% if ansible_distribution_file_variety == "Debian" %}
- include /etc/nginx/sites-enabled/*;
-{% endif %}
diff --git a/library/roles/openjdk/defaults/main.yml b/library/roles/openjdk/defaults/main.yml
deleted file mode 100644
index 58ac3b7..0000000
--- a/library/roles/openjdk/defaults/main.yml
+++ /dev/null
@@ -1,32 +0,0 @@
-openjdk_default: 8
-jdk_default: '{{ openjdk_default }}'
-openjdk_pkg_state: present
- - '{{ openjdk_default }}'
-dismissed_openjdk_ppa: 'ppa:openjdk-r/ppa'
-openjdk_zulu_repo_install: False
-openjdk_zulu_repo_key_id: '0xB1998361219BD9C9'
-openjdk_zulu_repository: 'deb http://repos.azulsystems.com/{{ ansible_distribution | lower }} stable main'
-openjdk_java_home: '/usr/lib/jvm/java-{{ openjdk_default }}-openjdk-amd64'
-openjdk_zulu_java_home: '/usr/lib/jvm/zulu-{{ openjdk_default }}-amd64'
-openjdk_zulu_package_name: zulu
- - jre-headless
- - jdk-headless
-# - jre
-# - jdk
-oracle_jdk_ubuntu_ppa: 'ppa:webupd8team/java'
- - oracle-java7-installer
- - oracle-java7-set-default
- - oracle-java7-unlimited-jce-policy
- - oracle-java8-installer
- - oracle-java8-set-default
- - oracle-java8-unlimited-jce-policy
diff --git a/library/roles/openjdk/tasks/main.yml b/library/roles/openjdk/tasks/main.yml
deleted file mode 100644
index 5c6c097..0000000
--- a/library/roles/openjdk/tasks/main.yml
+++ /dev/null
@@ -1,80 +0,0 @@
-- block:
- - name: Remove the openjdk-r ppa. It is not maintained anymore
- apt_repository: repo='{{ dismissed_openjdk_ppa }}' update_cache=yes state=absent
- - name: Remove the Oracle JDK PPA
- apt_repository: repo='{{ oracle_jdk_ubuntu_ppa }}' state=absent update_cache=yes
- - name: Check if we must use the Zulu repository
- set_fact:
- openjdk_zulu_repo_install: True
- when: ansible_distribution_major_version <= '16'
- tags: [ 'jdk', 'openjdk' ]
-- block:
- - name: Install the Zulu repository key
- apt_key: keyserver='hkp://keyserver.ubuntu.com' id={{ openjdk_zulu_repo_key_id }}
- - name: Install the proper Zulu repository
- apt_repository: repo='{{ openjdk_zulu_repository }}' update_cache=yes
- - name: Install the Zulu OpenJDK
- apt: pkg={{ openjdk_zulu_package_name }}-{{ item }} state={{ openjdk_pkg_state }} update_cache=yes cache_valid_time=3600
- with_items: '{{ openjdk_version }}'
- register: openjdk_installed
- - name: Set the default OpenJDK as Zulu
- shell: update-java-alternatives -s /usr/lib/jvm/zulu-{{ openjdk_default }}-amd64
- when: openjdk_installed is changed
- - name: Set the correct value for jdk_java_home when we are installing Zulu
- set_fact:
- jdk_java_home: '{{ openjdk_zulu_java_home }}'
- when: openjdk_zulu_repo_install
- tags: [ 'jdk', 'openjdk' ]
-- block:
- - name: Remove the Zulu repository if it is present
- apt_repository: repo='{{ openjdk_zulu_repository }}' update_cache=yes state=absent
- - name: Install the OpenJDK that comes with the distribution
- apt: pkg=openjdk-{{ item.0 }}-{{ item[1] }} state={{ openjdk_pkg_state }} update_cache=yes cache_valid_time=3600
- with_nested:
- - '{{ openjdk_version }}'
- - '{{ openjdk_pkgs }}'
- register: openjdk_installed
- - name: Set the default OpenJDK
- shell: update-java-alternatives -s java-1.{{ openjdk_default }}.0-openjdk-amd64
- when: openjdk_installed is changed
- - name: Set the correct value for jdk_java_home when we are installing the distribution OpenJDK
- set_fact:
- jdk_java_home: '{{ openjdk_java_home }}'
- when: not openjdk_zulu_repo_install
- tags: [ 'jdk', 'openjdk' ]
-- block:
- - name: Rebuild the Ubuntu keystore
- command: update-ca-certificates --fresh
- when: openjdk_installed is changed
- tags: [ 'jdk', 'openjdk' ]
-- block:
- - name: Remove the Oracle JDK packages
- apt: pkg={{ openjdk_oracle_jdk_pkgs }} state=absent cache_valid_time=3600
- - name: Remove the OpenJDK packages fthat come with the distribution when we use the Zulu repository
- apt: pkg=openjdk-{{ item.0 }}-{{ item[1] }} state=absent update_cache=yes cache_valid_time=3600
- with_nested:
- - '{{ openjdk_version }}'
- - '{{ openjdk_pkgs }}'
- when: openjdk_zulu_repo_install
- tags: [ 'jdk', 'openjdk' ]
diff --git a/library/roles/tomcat-multiple-instances/defaults/main.yml b/library/roles/tomcat-multiple-instances/defaults/main.yml
deleted file mode 100644
index ff7aeae..0000000
--- a/library/roles/tomcat-multiple-instances/defaults/main.yml
+++ /dev/null
@@ -1,98 +0,0 @@
-tomcat_version: 7
-#tomcat_catalina_home_dir: '/usr/share/tomcat{{ tomcat_version }}'
-# Disable the main tomcat instance
-tomcat_service_enabled: False
-tomcat_m_instances_install: True
-tomcat_m_host_manager_install: False
-tomcat_m_manager_install: False
-# Users and roles for the manager
-tomcat_m_manager_gui_user_enabled: False
-tomcat_m_manager_gui_user: guiadmin
-tomcat_m_manager_gui_r: "manager-gui"
-#tomcat_m_manager_gui_pwd: *Use a vault file*
-tomcat_m_manager_script_user_enabled: True
-tomcat_m_manager_script_user: scriptadmin
-tomcat_m_manager_script_r: "manager-script"
-#tomcat_m_manager_script_pwd: *Use a vault file*
-tomcat_m_manager_jmx_user_enabled: False
-tomcat_m_manager_jmx_user: jmxadmin
-tomcat_m_manager_jmx_r: "manager-jmx"
-#tomcat_m_manager_jmx_pwd: *Use a vault file*
-tomcat_m_manager_status_user_enabled: False
-tomcat_m_manager_status_user: statusadmin
-tomcat_m_manager_status_r: "manager-status"
-#tomcat_m_manager_status_pwd: *Use a vault file*
-# - { role: '', user: '', password: '', user_roles: '' }
-tomcat_m_instances_base_path: '/var/lib/tomcat_instances'
-tomcat_m_instances_logdir_base: '/var/log/tomcat_instances'
-tomcat_m_cache_base: '/var/cache/tomcat-instances'
-tomcat_m_default_user: 'tomcat{{ tomcat_version }}'
-tomcat_m_use_default_user: True
-tomcat_m_user_home: False
-tomcat_m_default_user_shell: /bin/false
-# Workaround for the '50 days shutdown' bug, until a fixed package will be available
-tomcat_m_shutdown_port: -1
-tomcat_m_shutdown_pwd: "{{ lookup('password', '/tmp/passwordfile chars=ascii_letters,digits,hexdigits,punctuation') }}"
-tomcat_m_max_threads: 200
-tomcat_m_min_heap_size: 2048m
-tomcat_m_heap_size: '{{ tomcat_m_min_heap_size }}'
-tomcat_m_permgen_size: 512m
-tomcat_m_file_encoding: 'UTF-8'
-tomcat_m_restart_timeout: 300
-# -server -Djava.awt.headless=true are always used. No need to specify them
-tomcat_m_java_opts_heap: "-Xms{{ tomcat_m_min_heap_size }} -Xmx{{ tomcat_m_heap_size }}"
-tomcat_m_java_opts_permgen: "-XX:MaxPermSize={{ tomcat_m_permgen_size }}"
-tomcat_m_additional_java_8_opts: "-XX:+CrashOnOutOfMemoryError"
-tomcat_m_java_opts: ""
-tomcat_m_java_gc_opts: "-XX:+UseConcMarkSweepGC"
-# Use "-XX:+UseConcMarkSweepGC" to enable the CMS garbage collector (improved
-# response time). If you use that option and you run Tomcat on a machine with
-# exactly one CPU chip that contains one or two cores, you should also add
-# the "-XX:+CMSIncrementalMode" option.
-#tomcat_m_other_java_opts: "-Djsse.enableSNIExtension=false"
-tomcat_m_reverse_proxy_name_enabled: False
-tomcat_m_reverse_proxy_name: '{{ ansible_fqdn }}'
-tomcat_m_reverse_proxy_port: '{{ http_port | default(80) }}'
-tomcat_m_proxy_enabled: False
-tomcat_m_proxy_http_host: 'localhost'
-tomcat_m_proxy_http_port: '3128'
-tomcat_m_proxy_https_host: '{{ tomcat_m_proxy_http_host }}'
-tomcat_m_proxy_https_port: '{{ tomcat_m_proxy_http_port }}'
-tomcat_m_proxy_opts: "-DproxySet=true -Dhttp.proxyHost={{ tomcat_m_proxy_http_host }} -Dhttp.proxyPort={{ tomcat_m_proxy_http_port }} -Dhttps.proxyHost={{ tomcat_m_proxy_https_host }} -Dhttps.proxyPort={{ tomcat_m_proxy_https_port }}"
-tomcat_m_other_java_opts: ""
-tomcat_m_webapps_autodeploy: False
-tomcat_m_webapps_unpack: False
-tomcat_m_start_instances: True
-tomcat_m_enable_instances: True
-tomcat_m_jndi_pool: False
-tomcat_m_direct_access: False
-# JMX and debugging
-tomcat_m_enable_remote_debugging: False
-tomcat_m_remote_debugging_host: ''
-tomcat_m_remote_debugging_port: '8100'
-tomcat_m_remote_debugging_uri: '{{ tomcat_m_remote_debugging_host }}:{{ tomcat_m_remote_debugging_port }}'
-tomcat_m_jmx_enabled: False
-tomcat_m_jmx_auth_enabled: False
-tomcat_m_jmx_use_ssl: False
-tomcat_m_jmx_port: 8186
-# The following works with jdk >= 7.0.25 only
-tomcat_m_jmx_disable_additional_ports: True
-tomcat_m_jmx_localhost_only: False
-tomcat_m_jmx_ip_address: '{{ ansible_default_ipv4.address }}'
-#tomcat_m_jmx_auth_dir: '{{ tomcat_m_instances_base_path }}'
-# tomcat_m_jmx_monitorpass: define_in_a_vault_file
-# tomcat_m_jmx_controlpass: define_in_a_vault_file
-# This is only an example. Insert a line for each tomcat instance. 'app_contexts' can be used to automatically configure apache or nginx virtualhost http/ajp proxy
-# - { http_enabled: True, http_port: '8180', http_address: '', ajp_enabled: False, ajp_port: '8109', ajp_address: '', restart_timeout: '{{ tomcat_m_restart_timeout }}', shutdown_port: '8105', java_home: '{{ jdk_java_home }}', user: '{{ tomcat_m_default_user }}', user_home: '{{ tomcat_m_instances_base_path }}', user_shell: '{{ tomcat_m_default_user_shell }}', instance_path: '{{ tomcat_m_instances_base_path }}/8180', max_threads: '{{ tomcat_m_max_threads }}', autodeploy: '{{ tomcat_m_webapps_autodeploy }}', unpack: '{{ tomcat_m_webapps_unpack }}', install_server_xml: True, default_conf: True, java_opts: '{{ tomcat_m_java_opts }}', java_gc_opts: '{{ tomcat_m_java_gc_opts }}', proxy_enabled: '{{ tomcat_m_proxy_enabled }}', other_java_opts: '{{ tomcat_m_other_java_opts }}', jmx_enabled: '{{ tomcat_m_jmx_enabled }}', jmx_disable_additional_ports: '{{ tomcat_m_jmx_disable_additional_ports }}', jmx_auth_enabled: '{{ tomcat_m_jmx_auth_enabled }}', jmx_auth_dir: '{{ tomcat_m_instances_base_path }}/8180/conf', jmx_port: '{{ tomcat_m_jmx_port }}', jmx_monitorpass: '{{ set_in_a_vault_file }}', jmx_controlpass: '{{ set_in_a_vault_file }}', remote_debugging: '{{ tomcat_m_enable_remote_debugging }}', remote_debugging_uri: '{{ tomcat_m_remote_debugging_uri }}', access_log_enabled: True, log_rotation_freq: daily, log_retain: 30, allowed_hosts: [ 'xxx.xxx.xxx.xxx/32', 'yyy.yyy.yyy.yyy/32' ], app_contexts: [ 'app1', 'app2' ] }
diff --git a/library/roles/tomcat-multiple-instances/files/context.xml b/library/roles/tomcat-multiple-instances/files/context.xml
deleted file mode 100644
index 745bf95..0000000
--- a/library/roles/tomcat-multiple-instances/files/context.xml
+++ /dev/null
@@ -1,35 +0,0 @@
- WEB-INF/web.xml
\ No newline at end of file
diff --git a/library/roles/tomcat-multiple-instances/files/jmxremote.access b/library/roles/tomcat-multiple-instances/files/jmxremote.access
deleted file mode 100644
index c5aab07..0000000
--- a/library/roles/tomcat-multiple-instances/files/jmxremote.access
+++ /dev/null
@@ -1,2 +0,0 @@
-monitorRole readonly
-controlRole readwrite
diff --git a/library/roles/tomcat-multiple-instances/files/logging.properties b/library/roles/tomcat-multiple-instances/files/logging.properties
deleted file mode 100644
index 6eeb181..0000000
--- a/library/roles/tomcat-multiple-instances/files/logging.properties
+++ /dev/null
@@ -1,49 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.apache.org/licenses/LICENSE-2.0
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# See the License for the specific language governing permissions and
-# limitations under the License.
-handlers = 1catalina.org.apache.juli.FileHandler, 2localhost.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler
-.handlers = 1catalina.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler
-# Handler specific properties.
-# Describes specific configuration info for Handlers.
-1catalina.org.apache.juli.FileHandler.level = FINE
-1catalina.org.apache.juli.FileHandler.directory = ${catalina.base}/logs
-1catalina.org.apache.juli.FileHandler.prefix = catalina.
-2localhost.org.apache.juli.FileHandler.level = FINE
-2localhost.org.apache.juli.FileHandler.directory = ${catalina.base}/logs
-2localhost.org.apache.juli.FileHandler.prefix = localhost.
-java.util.logging.ConsoleHandler.level = FINE
-java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
-# Facility specific properties.
-# Provides extra control for each logger.
-org.apache.catalina.core.ContainerBase.[Catalina].[localhost].level = INFO
-org.apache.catalina.core.ContainerBase.[Catalina].[localhost].handlers = 2localhost.org.apache.juli.FileHandler
-# For example, set the com.xyz.foo logger to only log SEVERE
-# messages:
-#org.apache.catalina.startup.ContextConfig.level = FINE
-#org.apache.catalina.startup.HostConfig.level = FINE
-#org.apache.catalina.session.ManagerBase.level = FINE
diff --git a/library/roles/tomcat-multiple-instances/files/policy.d/01system.policy b/library/roles/tomcat-multiple-instances/files/policy.d/01system.policy
deleted file mode 100644
index 8e02c82..0000000
--- a/library/roles/tomcat-multiple-instances/files/policy.d/01system.policy
+++ /dev/null
@@ -1,52 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one or more
-// contributor license agreements. See the NOTICE file distributed with
-// this work for additional information regarding copyright ownership.
-// The ASF licenses this file to You under the Apache License, Version 2.0
-// (the "License"); you may not use this file except in compliance with
-// the License. You may obtain a copy of the License at
-// http://www.apache.org/licenses/LICENSE-2.0
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-// ============================================================================
-// catalina.corepolicy - Security Policy Permissions for Tomcat 6
-// This file contains a default set of security policies to be enforced (by the
-// JVM) when Catalina is executed with the "-security" option. In addition
-// to the permissions granted here, the following additional permissions are
-// granted to the codebase specific to each web application:
-// * Read access to the document root directory
-// $Id: catalina.policy 609294 2008-01-06 11:43:46Z markt $
-// ============================================================================
-// ========== SYSTEM CODE PERMISSIONS =========================================
-// These permissions apply to javac
-grant codeBase "file:${java.home}/lib/-" {
- permission java.security.AllPermission;
-// These permissions apply to all shared system extensions
-grant codeBase "file:${java.home}/jre/lib/ext/-" {
- permission java.security.AllPermission;
-// These permissions apply to javac when ${java.home] points at $JAVA_HOME/jre
-grant codeBase "file:${java.home}/../lib/-" {
- permission java.security.AllPermission;
-// These permissions apply to all shared system extensions when
-// ${java.home} points at $JAVA_HOME/jre
-grant codeBase "file:${java.home}/lib/ext/-" {
- permission java.security.AllPermission;
diff --git a/library/roles/tomcat-multiple-instances/files/policy.d/02debian.policy b/library/roles/tomcat-multiple-instances/files/policy.d/02debian.policy
deleted file mode 100644
index 582c47c..0000000
--- a/library/roles/tomcat-multiple-instances/files/policy.d/02debian.policy
+++ /dev/null
@@ -1,10 +0,0 @@
-// These permissions apply to all JARs from Debian packages
-grant codeBase "file:/usr/share/java/-" {
- permission java.security.AllPermission;
-grant codeBase "file:/usr/share/maven-repo/-" {
- permission java.security.AllPermission;
-grant codeBase "file:/usr/share/ant/lib/-" {
- permission java.security.AllPermission;
diff --git a/library/roles/tomcat-multiple-instances/files/policy.d/03catalina.policy b/library/roles/tomcat-multiple-instances/files/policy.d/03catalina.policy
deleted file mode 100644
index 2de1518..0000000
--- a/library/roles/tomcat-multiple-instances/files/policy.d/03catalina.policy
+++ /dev/null
@@ -1,32 +0,0 @@
-// ========== CATALINA CODE PERMISSIONS =======================================
-// These permissions apply to the logging API
-grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
- permission java.util.PropertyPermission "java.util.logging.config.class", "read";
- permission java.util.PropertyPermission "java.util.logging.config.file", "read";
- permission java.lang.RuntimePermission "shutdownHooks";
- permission java.io.FilePermission "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read";
- permission java.util.PropertyPermission "catalina.base", "read";
- permission java.util.logging.LoggingPermission "control";
- permission java.io.FilePermission "${catalina.base}${file.separator}logs", "read, write";
- permission java.io.FilePermission "${catalina.base}${file.separator}logs${file.separator}*", "read, write";
- permission java.lang.RuntimePermission "getClassLoader";
- permission java.lang.RuntimePermission "setContextClassLoader";
- // To enable per context logging configuration, permit read access to the appropriate file.
- // Be sure that the logging configuration is secure before enabling such access
- // eg for the examples web application:
- // permission java.io.FilePermission "${catalina.base}${file.separator}webapps${file.separator}examples${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties", "read";
-// These permissions apply to the server startup code
-grant codeBase "file:${catalina.home}/bin/bootstrap.jar" {
- permission java.security.AllPermission;
-// These permissions apply to the servlet API classes
-// and those that are shared across all class loaders
-// located in the "lib" directory
-grant codeBase "file:${catalina.home}/lib/-" {
- permission java.security.AllPermission;
diff --git a/library/roles/tomcat-multiple-instances/files/policy.d/04webapps.policy b/library/roles/tomcat-multiple-instances/files/policy.d/04webapps.policy
deleted file mode 100644
index 74af20d..0000000
--- a/library/roles/tomcat-multiple-instances/files/policy.d/04webapps.policy
+++ /dev/null
@@ -1,59 +0,0 @@
-// ========== WEB APPLICATION PERMISSIONS =====================================
-// These permissions are granted by default to all web applications
-// In addition, a web application will be given a read FilePermission
-// and JndiPermission for all files and directories in its document root.
-grant {
- // Required for JNDI lookup of named JDBC DataSource's and
- // javamail named MimePart DataSource used to send mail
- permission java.util.PropertyPermission "java.home", "read";
- permission java.util.PropertyPermission "java.naming.*", "read";
- permission java.util.PropertyPermission "javax.sql.*", "read";
- // OS Specific properties to allow read access
- permission java.util.PropertyPermission "os.name", "read";
- permission java.util.PropertyPermission "os.version", "read";
- permission java.util.PropertyPermission "os.arch", "read";
- permission java.util.PropertyPermission "file.separator", "read";
- permission java.util.PropertyPermission "path.separator", "read";
- permission java.util.PropertyPermission "line.separator", "read";
- // JVM properties to allow read access
- permission java.util.PropertyPermission "java.version", "read";
- permission java.util.PropertyPermission "java.vendor", "read";
- permission java.util.PropertyPermission "java.vendor.url", "read";
- permission java.util.PropertyPermission "java.class.version", "read";
- permission java.util.PropertyPermission "java.specification.version", "read";
- permission java.util.PropertyPermission "java.specification.vendor", "read";
- permission java.util.PropertyPermission "java.specification.name", "read";
- permission java.util.PropertyPermission "java.vm.specification.version", "read";
- permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
- permission java.util.PropertyPermission "java.vm.specification.name", "read";
- permission java.util.PropertyPermission "java.vm.version", "read";
- permission java.util.PropertyPermission "java.vm.vendor", "read";
- permission java.util.PropertyPermission "java.vm.name", "read";
- // Required for OpenJMX
- permission java.lang.RuntimePermission "getAttribute";
- // Allow read of JAXP compliant XML parser debug
- permission java.util.PropertyPermission "jaxp.debug", "read";
- // Precompiled JSPs need access to this package.
- permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime";
- permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime.*";
- // Example JSPs need those to work properly
- permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.el";
- permission java.lang.RuntimePermission "accessDeclaredMembers";
- // Precompiled JSPs need access to this system property.
- permission java.util.PropertyPermission "org.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER", "read";
- // java.io.tmpdir should be usable as a temporary file directory
- permission java.util.PropertyPermission "java.io.tmpdir", "read";
- permission java.io.FilePermission "${java.io.tmpdir}/-", "read,write,delete";
diff --git a/library/roles/tomcat-multiple-instances/files/policy.d/50local.policy b/library/roles/tomcat-multiple-instances/files/policy.d/50local.policy
deleted file mode 100644
index 3f15a8d..0000000
--- a/library/roles/tomcat-multiple-instances/files/policy.d/50local.policy
+++ /dev/null
@@ -1,32 +0,0 @@
-// You can assign additional permissions to particular web applications by
-// adding additional "grant" entries here, based on the code base for that
-// application, /WEB-INF/classes/, or /WEB-INF/lib/ jar files.
-// Different permissions can be granted to JSP pages, classes loaded from
-// the /WEB-INF/classes/ directory, all jar files in the /WEB-INF/lib/
-// directory, or even to individual jar files in the /WEB-INF/lib/ directory.
-// For instance, assume that the standard "examples" application
-// included a JDBC driver that needed to establish a network connection to the
-// corresponding database and used the scrape taglib to get the weather from
-// the NOAA web server. You might create a "grant" entries like this:
-// The permissions granted to the context root directory apply to JSP pages.
-// grant codeBase "file:${catalina.base}/webapps/examples/-" {
-// permission java.net.SocketPermission "dbhost.mycompany.com:5432", "connect";
-// permission java.net.SocketPermission "*.noaa.gov:80", "connect";
-// };
-// The permissions granted to the context WEB-INF/classes directory
-// grant codeBase "file:${catalina.base}/webapps/examples/WEB-INF/classes/-" {
-// };
-// The permission granted to your JDBC driver
-// grant codeBase "jar:file:${catalina.base}/webapps/examples/WEB-INF/lib/driver.jar!/-" {
-// permission java.net.SocketPermission "dbhost.mycompany.com:5432", "connect";
-// };
-// The permission granted to the scrape taglib
-// grant codeBase "jar:file:${catalina.base}/webapps/examples/WEB-INF/lib/scrape.jar!/-" {
-// permission java.net.SocketPermission "*.noaa.gov:80", "connect";
-// };
diff --git a/library/roles/tomcat-multiple-instances/files/web.xml b/library/roles/tomcat-multiple-instances/files/web.xml
deleted file mode 100644
index cc8383c..0000000
--- a/library/roles/tomcat-multiple-instances/files/web.xml
+++ /dev/null
@@ -1,4283 +0,0 @@
- default
- org.apache.catalina.servlets.DefaultServlet
- debug
- 0
- listings
- false
- 1
- jsp
- org.apache.jasper.servlet.JspServlet
- fork
- false
- xpoweredBy
- false
- 3
- default
- /
- jsp
- *.jsp
- *.jspx
- 30
- 123
- application/vnd.lotus-1-2-3
- 3dml
- text/vnd.in3d.3dml
- 3g2
- video/3gpp2
- 3gp
- video/3gpp
- 7z
- application/x-7z-compressed
- aab
- application/x-authorware-bin
- aac
- audio/x-aac
- aam
- application/x-authorware-map
- aas
- application/x-authorware-seg
- abs
- audio/x-mpeg
- abw
- application/x-abiword
- ac
- application/pkix-attr-cert
- acc
- application/vnd.americandynamics.acc
- ace
- application/x-ace-compressed
- acu
- application/vnd.acucobol
- acutc
- application/vnd.acucorp
- adp
- audio/adpcm
- aep
- application/vnd.audiograph
- afm
- application/x-font-type1
- afp
- application/vnd.ibm.modcap
- ahead
- application/vnd.ahead.space
- ai
- application/postscript
- aif
- audio/x-aiff
- aifc
- audio/x-aiff
- aiff
- audio/x-aiff
- aim
- application/x-aim
- air
- application/vnd.adobe.air-application-installer-package+zip
- ait
- application/vnd.dvb.ait
- ami
- application/vnd.amiga.ami
- anx
- application/annodex
- apk
- application/vnd.android.package-archive
- application
- application/x-ms-application
- apr
- application/vnd.lotus-approach
- art
- image/x-jg
- asc
- application/pgp-signature
- asf
- video/x-ms-asf
- asm
- text/x-asm
- aso
- application/vnd.accpac.simply.aso
- asx
- video/x-ms-asf
- atc
- application/vnd.acucorp
- atom
- application/atom+xml
- atomcat
- application/atomcat+xml
- atomsvc
- application/atomsvc+xml
- atx
- application/vnd.antix.game-component
- au
- audio/basic
- avi
- video/x-msvideo
- avx
- video/x-rad-screenplay
- aw
- application/applixware
- axa
- audio/annodex
- axv
- video/annodex
- azf
- application/vnd.airzip.filesecure.azf
- azs
- application/vnd.airzip.filesecure.azs
- azw
- application/vnd.amazon.ebook
- bat
- application/x-msdownload
- bcpio
- application/x-bcpio
- bdf
- application/x-font-bdf
- bdm
- application/vnd.syncml.dm+wbxml
- bed
- application/vnd.realvnc.bed
- bh2
- application/vnd.fujitsu.oasysprs
- bin
- application/octet-stream
- bmi
- application/vnd.bmi
- bmp
- image/bmp
- body
- text/html
- book
- application/vnd.framemaker
- box
- application/vnd.previewsystems.box
- boz
- application/x-bzip2
- bpk
- application/octet-stream
- btif
- image/prs.btif
- bz
- application/x-bzip
- bz2
- application/x-bzip2
- c
- text/x-c
- c11amc
- application/vnd.cluetrust.cartomobile-config
- c11amz
- application/vnd.cluetrust.cartomobile-config-pkg
- c4d
- application/vnd.clonk.c4group
- c4f
- application/vnd.clonk.c4group
- c4g
- application/vnd.clonk.c4group
- c4p
- application/vnd.clonk.c4group
- c4u
- application/vnd.clonk.c4group
- cab
- application/vnd.ms-cab-compressed
- cap
- application/vnd.tcpdump.pcap
- car
- application/vnd.curl.car
- cat
- application/vnd.ms-pki.seccat
- cc
- text/x-c
- cct
- application/x-director
- ccxml
- application/ccxml+xml
- cdbcmsg
- application/vnd.contact.cmsg
- cdf
- application/x-cdf
- cdkey
- application/vnd.mediastation.cdkey
- cdmia
- application/cdmi-capability
- cdmic
- application/cdmi-container
- cdmid
- application/cdmi-domain
- cdmio
- application/cdmi-object
- cdmiq
- application/cdmi-queue
- cdx
- chemical/x-cdx
- cdxml
- application/vnd.chemdraw+xml
- cdy
- application/vnd.cinderella
- cer
- application/pkix-cert
- cgm
- image/cgm
- chat
- application/x-chat
- chm
- application/vnd.ms-htmlhelp
- chrt
- application/vnd.kde.kchart
- cif
- chemical/x-cif
- cii
- application/vnd.anser-web-certificate-issue-initiation
- cil
- application/vnd.ms-artgalry
- cla
- application/vnd.claymore
- class
- application/java
- clkk
- application/vnd.crick.clicker.keyboard
- clkp
- application/vnd.crick.clicker.palette
- clkt
- application/vnd.crick.clicker.template
- clkw
- application/vnd.crick.clicker.wordbank
- clkx
- application/vnd.crick.clicker
- clp
- application/x-msclip
- cmc
- application/vnd.cosmocaller
- cmdf
- chemical/x-cmdf
- cml
- chemical/x-cml
- cmp
- application/vnd.yellowriver-custom-menu
- cmx
- image/x-cmx
- cod
- application/vnd.rim.cod
- com
- application/x-msdownload
- conf
- text/plain
- cpio
- application/x-cpio
- cpp
- text/x-c
- cpt
- application/mac-compactpro
- crd
- application/x-mscardfile
- crl
- application/pkix-crl
- crt
- application/x-x509-ca-cert
- cryptonote
- application/vnd.rig.cryptonote
- csh
- application/x-csh
- csml
- chemical/x-csml
- csp
- application/vnd.commonspace
- css
- text/css
- cst
- application/x-director
- csv
- text/csv
- cu
- application/cu-seeme
- curl
- text/vnd.curl
- cww
- application/prs.cww
- cxt
- application/x-director
- cxx
- text/x-c
- dae
- model/vnd.collada+xml
- daf
- application/vnd.mobius.daf
- dataless
- application/vnd.fdsn.seed
- davmount
- application/davmount+xml
- dcr
- application/x-director
- dcurl
- text/vnd.curl.dcurl
- dd2
- application/vnd.oma.dd2+xml
- ddd
- application/vnd.fujixerox.ddd
- deb
- application/x-debian-package
- def
- text/plain
- deploy
- application/octet-stream
- der
- application/x-x509-ca-cert
- dfac
- application/vnd.dreamfactory
- dib
- image/bmp
- dic
- text/x-c
- dir
- application/x-director
- dis
- application/vnd.mobius.dis
- dist
- application/octet-stream
- distz
- application/octet-stream
- djv
- image/vnd.djvu
- djvu
- image/vnd.djvu
- dll
- application/x-msdownload
- dmg
- application/octet-stream
- dmp
- application/vnd.tcpdump.pcap
- dms
- application/octet-stream
- dna
- application/vnd.dna
- doc
- application/msword
- docm
- application/vnd.ms-word.document.macroenabled.12
- docx
- application/vnd.openxmlformats-officedocument.wordprocessingml.document
- dot
- application/msword
- dotm
- application/vnd.ms-word.template.macroenabled.12
- dotx
- application/vnd.openxmlformats-officedocument.wordprocessingml.template
- dp
- application/vnd.osgi.dp
- dpg
- application/vnd.dpgraph
- dra
- audio/vnd.dra
- dsc
- text/prs.lines.tag
- dssc
- application/dssc+der
- dtb
- application/x-dtbook+xml
- dtd
- application/xml-dtd
- dts
- audio/vnd.dts
- dtshd
- audio/vnd.dts.hd
- dump
- application/octet-stream
- dv
- video/x-dv
- dvb
- video/vnd.dvb.file
- dvi
- application/x-dvi
- dwf
- model/vnd.dwf
- dwg
- image/vnd.dwg
- dxf
- image/vnd.dxf
- dxp
- application/vnd.spotfire.dxp
- dxr
- application/x-director
- ecelp4800
- audio/vnd.nuera.ecelp4800
- ecelp7470
- audio/vnd.nuera.ecelp7470
- ecelp9600
- audio/vnd.nuera.ecelp9600
- ecma
- application/ecmascript
- edm
- application/vnd.novadigm.edm
- edx
- application/vnd.novadigm.edx
- efif
- application/vnd.picsel
- ei6
- application/vnd.pg.osasli
- elc
- application/octet-stream
- eml
- message/rfc822
- emma
- application/emma+xml
- eol
- audio/vnd.digital-winds
- eot
- application/vnd.ms-fontobject
- eps
- application/postscript
- epub
- application/epub+zip
- es3
- application/vnd.eszigno3+xml
- esf
- application/vnd.epson.esf
- et3
- application/vnd.eszigno3+xml
- etx
- text/x-setext
- exe
- application/octet-stream
- exi
- application/exi
- ext
- application/vnd.novadigm.ext
- ez
- application/andrew-inset
- ez2
- application/vnd.ezpix-album
- ez3
- application/vnd.ezpix-package
- f
- text/x-fortran
- f4v
- video/x-f4v
- f77
- text/x-fortran
- f90
- text/x-fortran
- fbs
- image/vnd.fastbidsheet
- fcs
- application/vnd.isac.fcs
- fdf
- application/vnd.fdf
- fe_launch
- application/vnd.denovo.fcselayout-link
- fg5
- application/vnd.fujitsu.oasysgp
- fgd
- application/x-director
- fh
- image/x-freehand
- fh4
- image/x-freehand
- fh5
- image/x-freehand
- fh7
- image/x-freehand
- fhc
- image/x-freehand
- fig
- application/x-xfig
- flac
- audio/flac
- fli
- video/x-fli
- flo
- application/vnd.micrografx.flo
- flv
- video/x-flv
- flw
- application/vnd.kde.kivio
- flx
- text/vnd.fmi.flexstor
- fly
- text/vnd.fly
- fm
- application/vnd.framemaker
- fnc
- application/vnd.frogans.fnc
- for
- text/x-fortran
- fpx
- image/vnd.fpx
- frame
- application/vnd.framemaker
- fsc
- application/vnd.fsc.weblaunch
- fst
- image/vnd.fst
- ftc
- application/vnd.fluxtime.clip
- fti
- application/vnd.anser-web-funds-transfer-initiation
- fvt
- video/vnd.fvt
- fxp
- application/vnd.adobe.fxp
- fxpl
- application/vnd.adobe.fxp
- fzs
- application/vnd.fuzzysheet
- g2w
- application/vnd.geoplan
- g3
- image/g3fax
- g3w
- application/vnd.geospace
- gac
- application/vnd.groove-account
- gbr
- application/rpki-ghostbusters
- gdl
- model/vnd.gdl
- geo
- application/vnd.dynageo
- gex
- application/vnd.geometry-explorer
- ggb
- application/vnd.geogebra.file
- ggt
- application/vnd.geogebra.tool
- ghf
- application/vnd.groove-help
- gif
- image/gif
- gim
- application/vnd.groove-identity-message
- gmx
- application/vnd.gmx
- gnumeric
- application/x-gnumeric
- gph
- application/vnd.flographit
- gqf
- application/vnd.grafeq
- gqs
- application/vnd.grafeq
- gram
- application/srgs
- gre
- application/vnd.geometry-explorer
- grv
- application/vnd.groove-injector
- grxml
- application/srgs+xml
- gsf
- application/x-font-ghostscript
- gtar
- application/x-gtar
- gtm
- application/vnd.groove-tool-message
- gtw
- model/vnd.gtw
- gv
- text/vnd.graphviz
- gxt
- application/vnd.geonext
- gz
- application/x-gzip
- h
- text/x-c
- h261
- video/h261
- h263
- video/h263
- h264
- video/h264
- hal
- application/vnd.hal+xml
- hbci
- application/vnd.hbci
- hdf
- application/x-hdf
- hh
- text/x-c
- hlp
- application/winhlp
- hpgl
- application/vnd.hp-hpgl
- hpid
- application/vnd.hp-hpid
- hps
- application/vnd.hp-hps
- hqx
- application/mac-binhex40
- htc
- text/x-component
- htke
- application/vnd.kenameaapp
- htm
- text/html
- html
- text/html
- hvd
- application/vnd.yamaha.hv-dic
- hvp
- application/vnd.yamaha.hv-voice
- hvs
- application/vnd.yamaha.hv-script
- i2g
- application/vnd.intergeo
- icc
- application/vnd.iccprofile
- ice
- x-conference/x-cooltalk
- icm
- application/vnd.iccprofile
- ico
- image/x-icon
- ics
- text/calendar
- ief
- image/ief
- ifb
- text/calendar
- ifm
- application/vnd.shana.informed.formdata
- iges
- model/iges
- igl
- application/vnd.igloader
- igm
- application/vnd.insors.igm
- igs
- model/iges
- igx
- application/vnd.micrografx.igx
- iif
- application/vnd.shana.informed.interchange
- imp
- application/vnd.accpac.simply.imp
- ims
- application/vnd.ms-ims
- in
- text/plain
- ink
- application/inkml+xml
- inkml
- application/inkml+xml
- iota
- application/vnd.astraea-software.iota
- ipfix
- application/ipfix
- ipk
- application/vnd.shana.informed.package
- irm
- application/vnd.ibm.rights-management
- irp
- application/vnd.irepository.package+xml
- iso
- application/octet-stream
- itp
- application/vnd.shana.informed.formtemplate
- ivp
- application/vnd.immervision-ivp
- ivu
- application/vnd.immervision-ivu
- jad
- text/vnd.sun.j2me.app-descriptor
- jam
- application/vnd.jam
- jar
- application/java-archive
- java
- text/x-java-source
- jisp
- application/vnd.jisp
- jlt
- application/vnd.hp-jlyt
- jnlp
- application/x-java-jnlp-file
- joda
- application/vnd.joost.joda-archive
- jpe
- image/jpeg
- jpeg
- image/jpeg
- jpg
- image/jpeg
- jpgm
- video/jpm
- jpgv
- video/jpeg
- jpm
- video/jpm
- js
- application/javascript
- jsf
- text/plain
- json
- application/json
- jspf
- text/plain
- kar
- audio/midi
- karbon
- application/vnd.kde.karbon
- kfo
- application/vnd.kde.kformula
- kia
- application/vnd.kidspiration
- kml
- application/vnd.google-earth.kml+xml
- kmz
- application/vnd.google-earth.kmz
- kne
- application/vnd.kinar
- knp
- application/vnd.kinar
- kon
- application/vnd.kde.kontour
- kpr
- application/vnd.kde.kpresenter
- kpt
- application/vnd.kde.kpresenter
- ksp
- application/vnd.kde.kspread
- ktr
- application/vnd.kahootz
- ktx
- image/ktx
- ktz
- application/vnd.kahootz
- kwd
- application/vnd.kde.kword
- kwt
- application/vnd.kde.kword
- lasxml
- application/vnd.las.las+xml
- latex
- application/x-latex
- lbd
- application/vnd.llamagraphics.life-balance.desktop
- lbe
- application/vnd.llamagraphics.life-balance.exchange+xml
- les
- application/vnd.hhe.lesson-player
- lha
- application/octet-stream
- link66
- application/vnd.route66.link66+xml
- list
- text/plain
- list3820
- application/vnd.ibm.modcap
- listafp
- application/vnd.ibm.modcap
- log
- text/plain
- lostxml
- application/lost+xml
- lrf
- application/octet-stream
- lrm
- application/vnd.ms-lrm
- ltf
- application/vnd.frogans.ltf
- lvp
- audio/vnd.lucent.voice
- lwp
- application/vnd.lotus-wordpro
- lzh
- application/octet-stream
- m13
- application/x-msmediaview
- m14
- application/x-msmediaview
- m1v
- video/mpeg
- m21
- application/mp21
- m2a
- audio/mpeg
- m2v
- video/mpeg
- m3a
- audio/mpeg
- m3u
- audio/x-mpegurl
- m3u8
- application/vnd.apple.mpegurl
- m4a
- audio/mp4
- m4b
- audio/mp4
- m4r
- audio/mp4
- m4u
- video/vnd.mpegurl
- m4v
- video/mp4
- ma
- application/mathematica
- mac
- image/x-macpaint
- mads
- application/mads+xml
- mag
- application/vnd.ecowin.chart
- maker
- application/vnd.framemaker
- man
- text/troff
- mathml
- application/mathml+xml
- mb
- application/mathematica
- mbk
- application/vnd.mobius.mbk
- mbox
- application/mbox
- mc1
- application/vnd.medcalcdata
- mcd
- application/vnd.mcd
- mcurl
- text/vnd.curl.mcurl
- mdb
- application/x-msaccess
- mdi
- image/vnd.ms-modi
- me
- text/troff
- mesh
- model/mesh
- meta4
- application/metalink4+xml
- mets
- application/mets+xml
- mfm
- application/vnd.mfmp
- mft
- application/rpki-manifest
- mgp
- application/vnd.osgeo.mapguide.package
- mgz
- application/vnd.proteus.magazine
- mid
- audio/midi
- midi
- audio/midi
- mif
- application/x-mif
- mime
- message/rfc822
- mj2
- video/mj2
- mjp2
- video/mj2
- mlp
- application/vnd.dolby.mlp
- mmd
- application/vnd.chipnuts.karaoke-mmd
- mmf
- application/vnd.smaf
- mmr
- image/vnd.fujixerox.edmics-mmr
- mny
- application/x-msmoney
- mobi
- application/x-mobipocket-ebook
- mods
- application/mods+xml
- mov
- video/quicktime
- movie
- video/x-sgi-movie
- mp1
- audio/mpeg
- mp2
- audio/mpeg
- mp21
- application/mp21
- mp2a
- audio/mpeg
- mp3
- audio/mpeg
- mp4
- video/mp4
- mp4a
- audio/mp4
- mp4s
- application/mp4
- mp4v
- video/mp4
- mpa
- audio/mpeg
- mpc
- application/vnd.mophun.certificate
- mpe
- video/mpeg
- mpeg
- video/mpeg
- mpega
- audio/x-mpeg
- mpg
- video/mpeg
- mpg4
- video/mp4
- mpga
- audio/mpeg
- mpkg
- application/vnd.apple.installer+xml
- mpm
- application/vnd.blueice.multipass
- mpn
- application/vnd.mophun.application
- mpp
- application/vnd.ms-project
- mpt
- application/vnd.ms-project
- mpv2
- video/mpeg2
- mpy
- application/vnd.ibm.minipay
- mqy
- application/vnd.mobius.mqy
- mrc
- application/marc
- mrcx
- application/marcxml+xml
- ms
- text/troff
- mscml
- application/mediaservercontrol+xml
- mseed
- application/vnd.fdsn.mseed
- mseq
- application/vnd.mseq
- msf
- application/vnd.epson.msf
- msh
- model/mesh
- msi
- application/x-msdownload
- msl
- application/vnd.mobius.msl
- msty
- application/vnd.muvee.style
- mts
- model/vnd.mts
- mus
- application/vnd.musician
- musicxml
- application/vnd.recordare.musicxml+xml
- mvb
- application/x-msmediaview
- mwf
- application/vnd.mfer
- mxf
- application/mxf
- mxl
- application/vnd.recordare.musicxml
- mxml
- application/xv+xml
- mxs
- application/vnd.triscape.mxs
- mxu
- video/vnd.mpegurl
- n-gage
- application/vnd.nokia.n-gage.symbian.install
- n3
- text/n3
- nb
- application/mathematica
- nbp
- application/vnd.wolfram.player
- nc
- application/x-netcdf
- ncx
- application/x-dtbncx+xml
- ngdat
- application/vnd.nokia.n-gage.data
- nlu
- application/vnd.neurolanguage.nlu
- nml
- application/vnd.enliven
- nnd
- application/vnd.noblenet-directory
- nns
- application/vnd.noblenet-sealer
- nnw
- application/vnd.noblenet-web
- npx
- image/vnd.net-fpx
- nsf
- application/vnd.lotus-notes
- oa2
- application/vnd.fujitsu.oasys2
- oa3
- application/vnd.fujitsu.oasys3
- oas
- application/vnd.fujitsu.oasys
- obd
- application/x-msbinder
- oda
- application/oda
- odb
- application/vnd.oasis.opendocument.database
- odc
- application/vnd.oasis.opendocument.chart
- odf
- application/vnd.oasis.opendocument.formula
- odft
- application/vnd.oasis.opendocument.formula-template
- odg
- application/vnd.oasis.opendocument.graphics
- odi
- application/vnd.oasis.opendocument.image
- odm
- application/vnd.oasis.opendocument.text-master
- odp
- application/vnd.oasis.opendocument.presentation
- ods
- application/vnd.oasis.opendocument.spreadsheet
- odt
- application/vnd.oasis.opendocument.text
- oga
- audio/ogg
- ogg
- audio/ogg
- ogv
- video/ogg
- ogx
- application/ogg
- onepkg
- application/onenote
- onetmp
- application/onenote
- onetoc
- application/onenote
- onetoc2
- application/onenote
- opf
- application/oebps-package+xml
- oprc
- application/vnd.palm
- org
- application/vnd.lotus-organizer
- osf
- application/vnd.yamaha.openscoreformat
- osfpvg
- application/vnd.yamaha.openscoreformat.osfpvg+xml
- otc
- application/vnd.oasis.opendocument.chart-template
- otf
- application/x-font-otf
- otg
- application/vnd.oasis.opendocument.graphics-template
- oth
- application/vnd.oasis.opendocument.text-web
- oti
- application/vnd.oasis.opendocument.image-template
- otp
- application/vnd.oasis.opendocument.presentation-template
- ots
- application/vnd.oasis.opendocument.spreadsheet-template
- ott
- application/vnd.oasis.opendocument.text-template
- oxps
- application/oxps
- oxt
- application/vnd.openofficeorg.extension
- p
- text/x-pascal
- p10
- application/pkcs10
- p12
- application/x-pkcs12
- p7b
- application/x-pkcs7-certificates
- p7c
- application/pkcs7-mime
- p7m
- application/pkcs7-mime
- p7r
- application/x-pkcs7-certreqresp
- p7s
- application/pkcs7-signature
- p8
- application/pkcs8
- pas
- text/x-pascal
- paw
- application/vnd.pawaafile
- pbd
- application/vnd.powerbuilder6
- pbm
- image/x-portable-bitmap
- pcap
- application/vnd.tcpdump.pcap
- pcf
- application/x-font-pcf
- pcl
- application/vnd.hp-pcl
- pclxl
- application/vnd.hp-pclxl
- pct
- image/pict
- pcurl
- application/vnd.curl.pcurl
- pcx
- image/x-pcx
- pdb
- application/vnd.palm
- pdf
- application/pdf
- pfa
- application/x-font-type1
- pfb
- application/x-font-type1
- pfm
- application/x-font-type1
- pfr
- application/font-tdpfr
- pfx
- application/x-pkcs12
- pgm
- image/x-portable-graymap
- pgn
- application/x-chess-pgn
- pgp
- application/pgp-encrypted
- pic
- image/pict
- pict
- image/pict
- pkg
- application/octet-stream
- pki
- application/pkixcmp
- pkipath
- application/pkix-pkipath
- plb
- application/vnd.3gpp.pic-bw-large
- plc
- application/vnd.mobius.plc
- plf
- application/vnd.pocketlearn
- pls
- audio/x-scpls
- pml
- application/vnd.ctc-posml
- png
- image/png
- pnm
- image/x-portable-anymap
- pnt
- image/x-macpaint
- portpkg
- application/vnd.macports.portpkg
- pot
- application/vnd.ms-powerpoint
- potm
- application/vnd.ms-powerpoint.template.macroenabled.12
- potx
- application/vnd.openxmlformats-officedocument.presentationml.template
- ppam
- application/vnd.ms-powerpoint.addin.macroenabled.12
- ppd
- application/vnd.cups-ppd
- ppm
- image/x-portable-pixmap
- pps
- application/vnd.ms-powerpoint
- ppsm
- application/vnd.ms-powerpoint.slideshow.macroenabled.12
- ppsx
- application/vnd.openxmlformats-officedocument.presentationml.slideshow
- ppt
- application/vnd.ms-powerpoint
- pptm
- application/vnd.ms-powerpoint.presentation.macroenabled.12
- pptx
- application/vnd.openxmlformats-officedocument.presentationml.presentation
- pqa
- application/vnd.palm
- prc
- application/x-mobipocket-ebook
- pre
- application/vnd.lotus-freelance
- prf
- application/pics-rules
- ps
- application/postscript
- psb
- application/vnd.3gpp.pic-bw-small
- psd
- image/vnd.adobe.photoshop
- psf
- application/x-font-linux-psf
- pskcxml
- application/pskc+xml
- ptid
- application/vnd.pvi.ptid1
- pub
- application/x-mspublisher
- pvb
- application/vnd.3gpp.pic-bw-var
- pwn
- application/vnd.3m.post-it-notes
- pya
- audio/vnd.ms-playready.media.pya
- pyv
- video/vnd.ms-playready.media.pyv
- qam
- application/vnd.epson.quickanime
- qbo
- application/vnd.intu.qbo
- qfx
- application/vnd.intu.qfx
- qps
- application/vnd.publishare-delta-tree
- qt
- video/quicktime
- qti
- image/x-quicktime
- qtif
- image/x-quicktime
- qwd
- application/vnd.quark.quarkxpress
- qwt
- application/vnd.quark.quarkxpress
- qxb
- application/vnd.quark.quarkxpress
- qxd
- application/vnd.quark.quarkxpress
- qxl
- application/vnd.quark.quarkxpress
- qxt
- application/vnd.quark.quarkxpress
- ra
- audio/x-pn-realaudio
- ram
- audio/x-pn-realaudio
- rar
- application/x-rar-compressed
- ras
- image/x-cmu-raster
- rcprofile
- application/vnd.ipunplugged.rcprofile
- rdf
- application/rdf+xml
- rdz
- application/vnd.data-vision.rdz
- rep
- application/vnd.businessobjects
- res
- application/x-dtbresource+xml
- rgb
- image/x-rgb
- rif
- application/reginfo+xml
- rip
- audio/vnd.rip
- rl
- application/resource-lists+xml
- rlc
- image/vnd.fujixerox.edmics-rlc
- rld
- application/resource-lists-diff+xml
- rm
- application/vnd.rn-realmedia
- rmi
- audio/midi
- rmp
- audio/x-pn-realaudio-plugin
- rms
- application/vnd.jcp.javame.midlet-rms
- rnc
- application/relax-ng-compact-syntax
- roa
- application/rpki-roa
- roff
- text/troff
- rp9
- application/vnd.cloanto.rp9
- rpss
- application/vnd.nokia.radio-presets
- rpst
- application/vnd.nokia.radio-preset
- rq
- application/sparql-query
- rs
- application/rls-services+xml
- rsd
- application/rsd+xml
- rss
- application/rss+xml
- rtf
- application/rtf
- rtx
- text/richtext
- s
- text/x-asm
- saf
- application/vnd.yamaha.smaf-audio
- sbml
- application/sbml+xml
- sc
- application/vnd.ibm.secure-container
- scd
- application/x-msschedule
- scm
- application/vnd.lotus-screencam
- scq
- application/scvp-cv-request
- scs
- application/scvp-cv-response
- scurl
- text/vnd.curl.scurl
- sda
- application/vnd.stardivision.draw
- sdc
- application/vnd.stardivision.calc
- sdd
- application/vnd.stardivision.impress
- sdkd
- application/vnd.solent.sdkm+xml
- sdkm
- application/vnd.solent.sdkm+xml
- sdp
- application/sdp
- sdw
- application/vnd.stardivision.writer
- see
- application/vnd.seemail
- seed
- application/vnd.fdsn.seed
- sema
- application/vnd.sema
- semd
- application/vnd.semd
- semf
- application/vnd.semf
- ser
- application/java-serialized-object
- setpay
- application/set-payment-initiation
- setreg
- application/set-registration-initiation
- sfd-hdstx
- application/vnd.hydrostatix.sof-data
- sfs
- application/vnd.spotfire.sfs
- sgl
- application/vnd.stardivision.writer-global
- sgm
- text/sgml
- sgml
- text/sgml
- sh
- application/x-sh
- shar
- application/x-shar
- shf
- application/shf+xml
- sig
- application/pgp-signature
- silo
- model/mesh
- sis
- application/vnd.symbian.install
- sisx
- application/vnd.symbian.install
- sit
- application/x-stuffit
- sitx
- application/x-stuffitx
- skd
- application/vnd.koan
- skm
- application/vnd.koan
- skp
- application/vnd.koan
- skt
- application/vnd.koan
- sldm
- application/vnd.ms-powerpoint.slide.macroenabled.12
- sldx
- application/vnd.openxmlformats-officedocument.presentationml.slide
- slt
- application/vnd.epson.salt
- sm
- application/vnd.stepmania.stepchart
- smf
- application/vnd.stardivision.math
- smi
- application/smil+xml
- smil
- application/smil+xml
- smzip
- application/vnd.stepmania.package
- snd
- audio/basic
- snf
- application/x-font-snf
- so
- application/octet-stream
- spc
- application/x-pkcs7-certificates
- spf
- application/vnd.yamaha.smaf-phrase
- spl
- application/x-futuresplash
- spot
- text/vnd.in3d.spot
- spp
- application/scvp-vp-response
- spq
- application/scvp-vp-request
- spx
- audio/ogg
- src
- application/x-wais-source
- sru
- application/sru+xml
- srx
- application/sparql-results+xml
- sse
- application/vnd.kodak-descriptor
- ssf
- application/vnd.epson.ssf
- ssml
- application/ssml+xml
- st
- application/vnd.sailingtracker.track
- stc
- application/vnd.sun.xml.calc.template
- std
- application/vnd.sun.xml.draw.template
- stf
- application/vnd.wt.stf
- sti
- application/vnd.sun.xml.impress.template
- stk
- application/hyperstudio
- stl
- application/vnd.ms-pki.stl
- str
- application/vnd.pg.format
- stw
- application/vnd.sun.xml.writer.template
- sub
- text/vnd.dvb.subtitle
- sus
- application/vnd.sus-calendar
- susp
- application/vnd.sus-calendar
- sv4cpio
- application/x-sv4cpio
- sv4crc
- application/x-sv4crc
- svc
- application/vnd.dvb.service
- svd
- application/vnd.svd
- svg
- image/svg+xml
- svgz
- image/svg+xml
- swa
- application/x-director
- swf
- application/x-shockwave-flash
- swi
- application/vnd.aristanetworks.swi
- sxc
- application/vnd.sun.xml.calc
- sxd
- application/vnd.sun.xml.draw
- sxg
- application/vnd.sun.xml.writer.global
- sxi
- application/vnd.sun.xml.impress
- sxm
- application/vnd.sun.xml.math
- sxw
- application/vnd.sun.xml.writer
- t
- text/troff
- taglet
- application/vnd.mynfc
- tao
- application/vnd.tao.intent-module-archive
- tar
- application/x-tar
- tcap
- application/vnd.3gpp2.tcap
- tcl
- application/x-tcl
- teacher
- application/vnd.smart.teacher
- tei
- application/tei+xml
- teicorpus
- application/tei+xml
- tex
- application/x-tex
- texi
- application/x-texinfo
- texinfo
- application/x-texinfo
- text
- text/plain
- tfi
- application/thraud+xml
- tfm
- application/x-tex-tfm
- thmx
- application/vnd.ms-officetheme
- tif
- image/tiff
- tiff
- image/tiff
- tmo
- application/vnd.tmobile-livetv
- torrent
- application/x-bittorrent
- tpl
- application/vnd.groove-tool-template
- tpt
- application/vnd.trid.tpt
- tr
- text/troff
- tra
- application/vnd.trueapp
- trm
- application/x-msterminal
- tsd
- application/timestamped-data
- tsv
- text/tab-separated-values
- ttc
- application/x-font-ttf
- ttf
- application/x-font-ttf
- ttl
- text/turtle
- twd
- application/vnd.simtech-mindmapper
- twds
- application/vnd.simtech-mindmapper
- txd
- application/vnd.genomatix.tuxedo
- txf
- application/vnd.mobius.txf
- txt
- text/plain
- u32
- application/x-authorware-bin
- udeb
- application/x-debian-package
- ufd
- application/vnd.ufdl
- ufdl
- application/vnd.ufdl
- ulw
- audio/basic
- umj
- application/vnd.umajin
- unityweb
- application/vnd.unity
- uoml
- application/vnd.uoml+xml
- uri
- text/uri-list
- uris
- text/uri-list
- urls
- text/uri-list
- ustar
- application/x-ustar
- utz
- application/vnd.uiq.theme
- uu
- text/x-uuencode
- uva
- audio/vnd.dece.audio
- uvd
- application/vnd.dece.data
- uvf
- application/vnd.dece.data
- uvg
- image/vnd.dece.graphic
- uvh
- video/vnd.dece.hd
- uvi
- image/vnd.dece.graphic
- uvm
- video/vnd.dece.mobile
- uvp
- video/vnd.dece.pd
- uvs
- video/vnd.dece.sd
- uvt
- application/vnd.dece.ttml+xml
- uvu
- video/vnd.uvvu.mp4
- uvv
- video/vnd.dece.video
- uvva
- audio/vnd.dece.audio
- uvvd
- application/vnd.dece.data
- uvvf
- application/vnd.dece.data
- uvvg
- image/vnd.dece.graphic
- uvvh
- video/vnd.dece.hd
- uvvi
- image/vnd.dece.graphic
- uvvm
- video/vnd.dece.mobile
- uvvp
- video/vnd.dece.pd
- uvvs
- video/vnd.dece.sd
- uvvt
- application/vnd.dece.ttml+xml
- uvvu
- video/vnd.uvvu.mp4
- uvvv
- video/vnd.dece.video
- uvvx
- application/vnd.dece.unspecified
- uvvz
- application/vnd.dece.zip
- uvx
- application/vnd.dece.unspecified
- uvz
- application/vnd.dece.zip
- vcard
- text/vcard
- vcd
- application/x-cdlink
- vcf
- text/x-vcard
- vcg
- application/vnd.groove-vcard
- vcs
- text/x-vcalendar
- vcx
- application/vnd.vcx
- vis
- application/vnd.visionary
- viv
- video/vnd.vivo
- vor
- application/vnd.stardivision.writer
- vox
- application/x-authorware-bin
- vrml
- model/vrml
- vsd
- application/vnd.visio
- vsf
- application/vnd.vsf
- vss
- application/vnd.visio
- vst
- application/vnd.visio
- vsw
- application/vnd.visio
- vtu
- model/vnd.vtu
- vxml
- application/voicexml+xml
- w3d
- application/x-director
- wad
- application/x-doom
- wav
- audio/x-wav
- wax
- audio/x-ms-wax
- wbmp
- image/vnd.wap.wbmp
- wbs
- application/vnd.criticaltools.wbs+xml
- wbxml
- application/vnd.wap.wbxml
- wcm
- application/vnd.ms-works
- wdb
- application/vnd.ms-works
- weba
- audio/webm
- webm
- video/webm
- webp
- image/webp
- wg
- application/vnd.pmi.widget
- wgt
- application/widget
- wks
- application/vnd.ms-works
- wm
- video/x-ms-wm
- wma
- audio/x-ms-wma
- wmd
- application/x-ms-wmd
- wmf
- application/x-msmetafile
- wml
- text/vnd.wap.wml
- wmlc
- application/vnd.wap.wmlc
- wmls
- text/vnd.wap.wmlscript
- wmlsc
- application/vnd.wap.wmlscriptc
- wmv
- video/x-ms-wmv
- wmx
- video/x-ms-wmx
- wmz
- application/x-ms-wmz
- woff
- application/x-font-woff
- wpd
- application/vnd.wordperfect
- wpl
- application/vnd.ms-wpl
- wps
- application/vnd.ms-works
- wqd
- application/vnd.wqd
- wri
- application/x-mswrite
- wrl
- model/vrml
- wsdl
- application/wsdl+xml
- wspolicy
- application/wspolicy+xml
- wtb
- application/vnd.webturbo
- wvx
- video/x-ms-wvx
- x32
- application/x-authorware-bin
- x3d
- application/vnd.hzn-3d-crossword
- xap
- application/x-silverlight-app
- xar
- application/vnd.xara
- xbap
- application/x-ms-xbap
- xbd
- application/vnd.fujixerox.docuworks.binder
- xbm
- image/x-xbitmap
- xdf
- application/xcap-diff+xml
- xdm
- application/vnd.syncml.dm+xml
- xdp
- application/vnd.adobe.xdp+xml
- xdssc
- application/dssc+xml
- xdw
- application/vnd.fujixerox.docuworks
- xenc
- application/xenc+xml
- xer
- application/patch-ops-error+xml
- xfdf
- application/vnd.adobe.xfdf
- xfdl
- application/vnd.xfdl
- xht
- application/xhtml+xml
- xhtml
- application/xhtml+xml
- xhvml
- application/xv+xml
- xif
- image/vnd.xiff
- xla
- application/vnd.ms-excel
- xlam
- application/vnd.ms-excel.addin.macroenabled.12
- xlc
- application/vnd.ms-excel
- xlm
- application/vnd.ms-excel
- xls
- application/vnd.ms-excel
- xlsb
- application/vnd.ms-excel.sheet.binary.macroenabled.12
- xlsm
- application/vnd.ms-excel.sheet.macroenabled.12
- xlsx
- application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
- xlt
- application/vnd.ms-excel
- xltm
- application/vnd.ms-excel.template.macroenabled.12
- xltx
- application/vnd.openxmlformats-officedocument.spreadsheetml.template
- xlw
- application/vnd.ms-excel
- xml
- application/xml
- xo
- application/vnd.olpc-sugar
- xop
- application/xop+xml
- xpi
- application/x-xpinstall
- xpm
- image/x-xpixmap
- xpr
- application/vnd.is-xpr
- xps
- application/vnd.ms-xpsdocument
- xpw
- application/vnd.intercon.formnet
- xpx
- application/vnd.intercon.formnet
- xsl
- application/xml
- xslt
- application/xslt+xml
- xsm
- application/vnd.syncml+xml
- xspf
- application/xspf+xml
- xul
- application/vnd.mozilla.xul+xml
- xvm
- application/xv+xml
- xvml
- application/xv+xml
- xwd
- image/x-xwindowdump
- xyz
- chemical/x-xyz
- yang
- application/yang
- yin
- application/yin+xml
- z
- application/x-compress
- Z
- application/x-compress
- zaz
- application/vnd.zzazz.deck+xml
- zip
- application/zip
- zir
- application/vnd.zul
- zirz
- application/vnd.zul
- zmm
- application/vnd.handheld-entertainment+xml
- index.html
- index.htm
- index.jsp
diff --git a/library/roles/tomcat-multiple-instances/handlers/main.yml b/library/roles/tomcat-multiple-instances/handlers/main.yml
deleted file mode 100644
index 35d8704..0000000
--- a/library/roles/tomcat-multiple-instances/handlers/main.yml
+++ /dev/null
@@ -1,28 +0,0 @@
-- name: tomcat restart instances with changed configs
- service: name='tomcat-instance-{{ item.item.http_port }}' state=restarted sleep=20
- with_items: '{{ restart_needed.results }}'
- when: item is changed
- ignore_errors: True
-- name: tomcat restart instances with changed jmx config
- service: name='tomcat-instance-{{ item.item.http_port }}' state=restarted sleep=20
- with_items: '{{ jmx_restart_needed.results }}'
- when: item is changed
- ignore_errors: True
-- name: tomcat instances restart
- service: name='tomcat-instance-{{ item.http_port }}' state=restarted sleep=20
- with_items: '{{ tomcat_m_instances }}'
- ignore_errors: True
-- name: enable tomcat instances
- service: name='tomcat-instance-{{ item.http_port }}' state=started enabled=yes sleep=20
- with_items: '{{ tomcat_m_instances }}'
- ignore_errors: True
-- name: disable tomcat instances
- service: name='tomcat-instance-{{ item.http_port }}' state=stopped enabled=no sleep=20
- with_items: '{{ tomcat_m_instances }}'
- ignore_errors: True
diff --git a/library/roles/tomcat-multiple-instances/meta/main.yml b/library/roles/tomcat-multiple-instances/meta/main.yml
deleted file mode 100644
index f7cc2f2..0000000
--- a/library/roles/tomcat-multiple-instances/meta/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
- - role: '../../library/roles/tomcat'
diff --git a/library/roles/tomcat-multiple-instances/tasks/main.yml b/library/roles/tomcat-multiple-instances/tasks/main.yml
deleted file mode 100644
index 710c1c2..0000000
--- a/library/roles/tomcat-multiple-instances/tasks/main.yml
+++ /dev/null
@@ -1,214 +0,0 @@
-# Note: the library role 'tomcat' is a dependency
-- name: disable the tomcat main instance
- service: name='tomcat{{ tomcat_version }}' state=stopped enabled=no
- when: not tomcat_service_enabled
- tags: [ 'tomcat', 'tomcat_instances' ]
-- name: Create a tomcat user for each instance if needed
- user: name={{ item.user }} home={{ item.user_home }} createhome=false shell={{ item.user_shell | default('/bin/false') }}
- with_items: '{{ tomcat_m_instances }}'
- when:
- - not tomcat_m_use_default_user | bool
- - item.user != "tomcat{{ tomcat_version }}"
- register: tomcat_first_install
- tags: [ 'tomcat', 'tomcat_instances' ]
-- name: Create a tomcat user if needed
- user: name={{ tomcat_m_default_user }} home={{ tomcat_m_instances_base_path }} createhome=false shell={{ tomcat_m_default_user_shell }}
- when:
- - tomcat_m_use_default_user | bool
- - tomcat_m_default_user != "tomcat{{ tomcat_version }}"
- register: tomcat_first_install
- tags: [ 'tomcat', 'tomcat_instances' ]
-- name: Create the instances directory trees
- file: dest={{ item.0.instance_path }}/{{ item[1] }} owner={{ item.0.user }} group={{ item.0.user }} mode=0755 state=directory
- with_nested:
- - '{{ tomcat_m_instances }}'
- - [ 'common/classes', 'conf/Catalina/localhost', 'conf/policy.d', 'lib', 'server/classes', 'shared/classes', 'webapps' ]
- register: tomcat_first_install
- tags: [ 'tomcat', 'tomcat_instances' ]
-- name: Create the instances log dirs
- file: dest={{ tomcat_m_instances_logdir_base }}/{{ item.http_port }} owner={{ item.user }} group={{ item.user }} mode=0755 state=directory
- with_items: '{{ tomcat_m_instances }}'
- register: tomcat_first_install
- tags: [ 'tomcat', 'tomcat_instances' ]
-- name: Create the instances work dirs
- file: dest={{ tomcat_m_cache_base }}/{{ item.http_port }} owner={{ item.user }} group={{ item.user }} mode=0755 state=directory
- with_items: '{{ tomcat_m_instances }}'
- register: tomcat_first_install
- tags: [ 'tomcat', 'tomcat_instances' ]
-- name: Create links to work dir inside the instances directory tree
- file: src={{ tomcat_m_cache_base }}/{{ item.http_port }} dest={{ item.instance_path }}/work state=link
- with_items: '{{ tomcat_m_instances }}'
- register: tomcat_first_install
- tags: [ 'tomcat', 'tomcat_instances' ]
-- name: Create links to log dir inside the instances directory tree
- file: src={{ tomcat_m_instances_logdir_base }}/{{ item.http_port }} dest={{ item.instance_path }}/logs state=link
- with_items: '{{ tomcat_m_instances }}'
- register: tomcat_first_install
- tags: [ 'tomcat', 'tomcat_instances' ]
-- name: Create the catalina tmp directory
- file: dest={{ item.catalina_tmp_directory }} state=directory owner={{ item.user }} group={{ item.user }} mode=0700
- with_items: '{{ tomcat_m_instances }}'
- when: item.catalina_tmp_directory is defined
- tags: [ 'tomcat', 'tomcat_instances' ]
-- name: Populate the instances conf directory
- copy: src={{ item[1] }} dest={{ item.0.instance_path }}/conf/{{ item[1] }} owner={{ item.0.user }} group={{ item.0.user }} mode=0640
- with_nested:
- - '{{ tomcat_m_instances }}'
- - [ 'context.xml' ]
- register: restart_needed
- notify: tomcat restart instances with changed configs
- tags: [ 'tomcat', 'tomcat_instances' ]
-- name: Install catalina.properties
- template: src={{ item[1] }}.j2 dest={{ item.0.instance_path }}/conf/{{ item[1] }} owner={{ item.0.user }} group={{ item.0.user }} mode=0640
- with_nested:
- - '{{ tomcat_m_instances }}'
- - [ 'catalina.properties' ]
- register: restart_needed
- notify: tomcat restart instances with changed configs
- tags: [ 'tomcat', 'tomcat_instances', 'tomcat_catalina_properties' ]
-- name: Populate the instances conf/policy.d directory
- copy: src=policy.d/{{ item[1] }} dest={{ item.0.instance_path }}/conf/policy.d/{{ item[1] }} owner={{ item.0.user }} group={{ item.0.user }} mode=0640
- with_nested:
- - '{{ tomcat_m_instances }}'
- - [ '01system.policy', '02debian.policy', '03catalina.policy', '04webapps.policy', '50local.policy' ]
- register: restart_needed
- notify: tomcat restart instances with changed configs
- tags: [ 'tomcat', 'tomcat_instances' ]
-- name: Install logging.properties if we do not use log4j for the tomcat logging
- copy: src={{ item[1] }} dest={{ item.0.instance_path }}/conf/{{ item[1] }} owner={{ item.0.user }} group={{ item.0.user }} mode=0640
- with_nested:
- - '{{ tomcat_m_instances }}'
- - [ 'logging.properties' ]
- when:
- - tomcat_use_log4j is defined
- - not tomcat_use_log4j | bool
- register: restart_needed
- notify: tomcat restart instances with changed configs
- tags: [ 'tomcat', 'tomcat_instances' ]
-- name: Install the server.xml conf file
- template: src=tomcat-server.xml.j2 dest={{ item.instance_path }}/conf/server.xml owner={{ item.user }} group={{ item.user }} mode=0640
- with_items: '{{ tomcat_m_instances }}'
- register: restart_needed
- notify: tomcat restart instances with changed configs
- tags: [ 'tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_serverxml' ]
-- name: Install the web.xml file
- template: src=tomcat-web.xml.j2 dest={{ item.instance_path }}/conf/web.xml owner={{ item.user }} group={{ item.user }} mode=0640
- with_items: '{{ tomcat_m_instances }}'
- register: restart_needed
- notify: tomcat restart instances with changed configs
- tags: [ 'tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_serverxml' ]
-- name: Install the tomcat-admin package if the host-manager or manager apps are required
- apt: pkg=tomcat{{ tomcat_version }}-admin state={{ tomcat_pkg_state }} cache_valid_time=1800 update_cache=yes
- when: tomcat_m_host_manager_install | bool or tomcat_m_manager_install | bool
- tags: [ 'tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_host_manager', 'tomcat_manager' ]
-- name: Install the catalina configuration for the tomcat manager
- template: src=tomcat-manager.xml.j2 dest={{ item.instance_path }}/conf/Catalina/localhost/manager.xml owner={{ item.user }} group={{ item.user }} mode=0640
- with_items: '{{ tomcat_m_instances }}'
- register: restart_needed
- when: tomcat_m_manager_install | bool
- notify: tomcat restart instances with changed configs
- tags: [ 'tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_manager' ]
-- name: Install the catalina configuration for the tomcat host manager
- template: src=tomcat-host-manager.xml.j2 dest={{ item.instance_path }}/conf/Catalina/localhost/host-manager.xml owner={{ item.user }} group={{ item.user }} mode=0640
- with_items: '{{ tomcat_m_instances }}'
- register: restart_needed
- when: tomcat_m_host_manager_install | bool
- notify: tomcat restart instances with changed configs
- tags: [ 'tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_host_manager' ]
-- name: Install the catalina configuration for the tomcat manager
- template: src=tomcat-users.xml.j2 dest={{ item.instance_path }}/conf/tomcat-users.xml owner={{ item.user }} group={{ item.user }} mode=0640
- with_items: '{{ tomcat_m_instances }}'
- register: restart_needed
- notify: tomcat restart instances with changed configs
- tags: [ 'tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_host_manager', 'tomcat_manager' ]
-- name: Install the instances startup scripts
- template: src=tomcat-instance.init.j2 dest=/etc/init.d/tomcat-instance-{{ item.http_port }} mode=0755 owner=root group=root
- with_items: '{{ tomcat_m_instances }}'
- register: reload_systemd
- tags: [ 'tomcat', 'tomcat_instances', 'tomcat_init' ]
-- name: Install the tomcat instances default file
- template: src=tomcat-default.j2 dest=/etc/default/tomcat-instance-{{ item.http_port }} mode=0640 owner=root group={{ item.user }}
- with_items: '{{ tomcat_m_instances }}'
- notify: tomcat instances restart
- tags: [ 'tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_default', 'jdk' ]
-- name: Reload the systemd daemon if we are running on a systemd-backed server
- command: systemctl daemon-reload
- when:
- - ansible_service_mgr == 'systemd'
- - reload_systemd | bool
-- name: Install a custom context.xml file
- template: src=tomcat-context.xml.j2 dest={{ item.instance_path }}/conf/context.xml owner={{ item.user }} group={{ item.user }} mode=0640
- with_items: '{{ tomcat_m_instances }}'
- register: restart_needed
- notify: tomcat restart instances with changed configs
- when: tomcat_m_jndi_pool | bool
- tags: [ 'tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_contextxml', 'jdk' ]
-- name: Install a logrotate entry for the access log file
- template: src=tomcat.logrotate.j2 dest=/etc/logrotate.d/tomcat_instance-{{ item.http_port }} owner=root group=root mode=0644
- with_items: '{{ tomcat_m_instances }}'
- tags: [ 'tomcat', 'tomcat_instances', 'tomcat_conf' ]
-- name: Install the jmx authorization file
- template: src=jmxremote.passwd.j2 dest={{ item.instance_path }}/conf/jmxremote.passwd owner={{ item.user }} group={{ item.user }} mode=0600
- with_items: '{{ tomcat_m_instances }}'
- when:
- - item.jmx_enabled is defined
- - item.jmx_auth_enabled is defined
- - item.jmx_enabled | bool
- - item.jmx_auth_enabled | bool
- register: jmx_restart_needed
- notify: tomcat restart instances with changed jmx config
- tags: [ 'tomcat', 'tomcat_instances', 'tomcat_jmx' ]
-- name: Install the jmx role file
- copy: src=jmxremote.access dest={{ item.instance_path }}/conf/jmxremote.access owner={{ item.user }} group={{ item.user }} mode=0644
- with_items: '{{ tomcat_m_instances }}'
- when:
- - item.jmx_enabled is defined
- - item.jmx_auth_enabled is defined
- - item.jmx_enabled | bool
- - item.jmx_auth_enabled | bool
- register: jmx_restart_needed
- notify: tomcat restart instances with changed jmx config
- tags: [ 'tomcat', 'tomcat_instances', 'tomcat_jmx' ]
-- name: Start all the tomcat instances
- service: name='tomcat-instance-{{ item.http_port }}' state=started sleep=20
- with_items: '{{ tomcat_m_instances }}'
- when:
- - tomcat_first_install.changed | bool
- - tomcat_m_start_instances | bool
- tags: [ 'tomcat', 'tomcat_instances']
- ignore_errors: True
-- name: Enable all the tomcat instances
- service: name='tomcat-instance-{{ item.http_port }}' enabled=yes
- with_items: '{{ tomcat_m_instances }}'
- when: tomcat_m_enable_instances | bool
- tags: [ 'tomcat', 'tomcat_instances']
diff --git a/library/roles/tomcat-multiple-instances/templates/catalina.properties.j2 b/library/roles/tomcat-multiple-instances/templates/catalina.properties.j2
deleted file mode 100644
index bc1d204..0000000
--- a/library/roles/tomcat-multiple-instances/templates/catalina.properties.j2
+++ /dev/null
@@ -1,135 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.apache.org/licenses/LICENSE-2.0
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# List of comma-separated packages that start with or equal this string
-# will cause a security exception to be thrown when
-# passed to checkPackageAccess unless the
-# corresponding RuntimePermission ("accessClassInPackage."+package) has
-# been granted.
-# List of comma-separated packages that start with or equal this string
-# will cause a security exception to be thrown when
-# passed to checkPackageDefinition unless the
-# corresponding RuntimePermission ("defineClassInPackage."+package) has
-# been granted.
-# by default, no packages are restricted for definition, and none of
-# the class loaders supplied with the JDK call checkPackageDefinition.
-# List of comma-separated paths defining the contents of the "common"
-# classloader. Prefixes should be used to define what is the repository type.
-# Path may be relative to the CATALINA_HOME or CATALINA_BASE path or absolute.
-# If left as blank,the JVM system loader will be used as Catalina's "common"
-# loader.
-# Examples:
-# "foo": Add this folder as a class repository
-# "foo/*.jar": Add all the JARs of the specified folder as class
-# repositories
-# "foo/bar.jar": Add bar.jar as a class repository
-# List of comma-separated paths defining the contents of the "server"
-# classloader. Prefixes should be used to define what is the repository type.
-# Path may be relative to the CATALINA_HOME or CATALINA_BASE path or absolute.
-# If left as blank, the "common" loader will be used as Catalina's "server"
-# loader.
-# Examples:
-# "foo": Add this folder as a class repository
-# "foo/*.jar": Add all the JARs of the specified folder as class
-# repositories
-# "foo/bar.jar": Add bar.jar as a class repository
-# List of comma-separated paths defining the contents of the "shared"
-# classloader. Prefixes should be used to define what is the repository type.
-# Path may be relative to the CATALINA_BASE path or absolute. If left as blank,
-# the "common" loader will be used as Catalina's "shared" loader.
-# Examples:
-# "foo": Add this folder as a class repository
-# "foo/*.jar": Add all the JARs of the specified folder as class
-# repositories
-# "foo/bar.jar": Add bar.jar as a class repository
-# Please note that for single jars, e.g. bar.jar, you need the URL form
-# starting with file:.
-# List of JAR files that should not be scanned for configuration information
-# such as web fragments, TLD files etc. It must be a comma separated list of
-# JAR file names.
-# The JARs listed below include:
-# - Tomcat Bootstrap JARs
-# - Tomcat API JARs
-# - Catalina JARs
-# - Jasper JARs
-# - Tomcat JARs
-# - Common non-Tomcat JARs
-# - Sun JDK JARs
-# - Apple JDK JARs
-# Additional JARs (over and above the default JARs listed above) to skip when
-# scanning for Servlet 3.0 pluggability features. These features include web
-# fragments, annotations, SCIs and classes that match @HandlesTypes. The list
-# must be a comma separated list of JAR file names.
-# Additional JARs (over and above the default JARs listed above) to skip when
-# scanning for TLDs. The list must be a comma separated list of JAR file names.
-# String cache configuration.
-{% if tomcat_m_catalina_opts is defined %}
-# Custom configurations
-{% for opt in tomcat_m_catalina_opts %}
-{{ opt }}
-{% endfor %}
-{% endif %}
diff --git a/library/roles/tomcat-multiple-instances/templates/jmxremote.passwd.j2 b/library/roles/tomcat-multiple-instances/templates/jmxremote.passwd.j2
deleted file mode 100644
index c064d4d..0000000
--- a/library/roles/tomcat-multiple-instances/templates/jmxremote.passwd.j2
+++ /dev/null
@@ -1,2 +0,0 @@
-monitorRole {{ item.jmx_monitorpass }}
-controlRole {{ item.jmx_controlpass }}
diff --git a/library/roles/tomcat-multiple-instances/templates/tomcat-context.xml.j2 b/library/roles/tomcat-multiple-instances/templates/tomcat-context.xml.j2
deleted file mode 100644
index ba40c06..0000000
--- a/library/roles/tomcat-multiple-instances/templates/tomcat-context.xml.j2
+++ /dev/null
@@ -1,79 +0,0 @@
- WEB-INF/web.xml
-{% if tomcat_m_jndi_pool %}
-{% if tomcat_jndi_pool_databases is defined %}
-{% for pool in tomcat_jndi_pool_databases %}
-{% endfor %}
-{% else %}
-{% endif %}
-{% endif %}
diff --git a/library/roles/tomcat-multiple-instances/templates/tomcat-default.j2 b/library/roles/tomcat-multiple-instances/templates/tomcat-default.j2
deleted file mode 100644
index 54afff1..0000000
--- a/library/roles/tomcat-multiple-instances/templates/tomcat-default.j2
+++ /dev/null
@@ -1,80 +0,0 @@
-{% if limits_nofile_value is defined %}
-ulimit -Hn {{ limits_nofile_value }}
-ulimit -Sn {{ limits_nofile_value }}
-{% endif %}
-TOMCAT_USER={{ item.user }}
-TOMCAT_GROUP={{ item.user }}
-JAVA_HOME={{ item.java_home }}
-JAVA_OPTS="-server -Djava.awt.headless=true -Dfile.encoding={{ tomcat_m_file_encoding }}"
-{% if jdk_default >= 8 %}
-JAVA_OPTS="{{ tomcat_m_additional_java_8_opts }} $JAVA_OPTS"
-{% endif %}
-{% if item.java_heap is defined %}
-JAVA_HEAP="{{ item.java_heap }}"
-{% else %}
-JAVA_HEAP="{{ tomcat_m_java_opts_heap }}"
-{% endif %}
-{% if jdk_default <= 7 %}
-{% if item.java_permgen_size is defined %}
-JAVA_PERMGEN="-XX:MaxPermSize={{ item.java_permgen_size }}"
-{% else %}
-JAVA_PERMGEN="-XX:MaxPermSize={{ tomcat_m_permgen_size }}"
-{% endif %}
-{% endif %}
-{% if item.java_opts is defined %}
-{% endif %}
-{% if item.java_gc_opts is defined %}
-JAVA_OPTS="{{ item.java_gc_opts }} $JAVA_OPTS"
-{% endif %}
-{% if item.proxy_enabled is defined and item.proxy_enabled %}
-{% if item.proxy_opts is defined %}
-JAVA_OPTS="${JAVA_OPTS} {{ item.proxy_opts }}"
-{% else %}
-JAVA_OPTS="${JAVA_OPTS} {{ tomcat_m_proxy_opts }}"
-{% endif %}
-{% endif %}
-{% if item.other_java_opts is defined %}
-JAVA_OPTS="${JAVA_OPTS} {{ item.other_java_opts }}"
-{% endif %}
-{% if item.jmx_enabled is defined and item.jmx_enabled %}
-# JMX settings
-JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port={{ item.jmx_port | default('8186') }}"
-{% if item.jmx_use_ssl is defined and item.jmx_use_ssl %}
-JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.ssl=true"
-{% else %}
-JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.ssl=false"
-{% endif %}
-{% if item.jmx_localhost_only is defined and item.jmx_localhost_only %}
-JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.local.only=true -Djava.rmi.server.hostname="
-{% else %}
-JAVA_OPTS="${JAVA_OPTS} -Djava.rmi.server.hostname={{ tomcat_m_jmx_ip_address }}"
-{% endif %}
-{% if item.jmx_auth_enabled is defined and item.jmx_auth_enabled %}
-JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.password.file={{ item.jmx_auth_dir }}/jmxremote.password -Dcom.sun.management.jmxremote.access.file={{ item.jmx_auth_dir }}/jmxremote.access"
-{% else %}
-JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.authenticate=false"
-{% endif %}
-{% if item.jmx_disable_additional_ports is defined and item.jmx_disable_additional_ports %}
-JAVA_OPTS="${JAVA_OPTS} -XX:+DisableAttachMechanism -Dcom.sun.management.jmxremote.rmi.port={{ item.jmx_port }}"
-{% endif %}
-{% endif %}
-{% if item.remote_debugging is defined and item.remote_debugging %}
-# You will be able to use a java debugger on port {{ item.remote_debugging_uri }}.
-JAVA_OPTS="${JAVA_OPTS} -agentlib:jdwp=transport=dt_socket,address={{ item.remote_debugging_uri }},server=y,suspend=n"
-{% endif %}
-# WARNING: This directory will be destroyed and recreated at every startup !
-{% if item.catalina_tmp_directory is defined %}
-JVM_TMP={{ item.catalina_tmp_directory }}/jvm_tmp
-{% else %}
-JVM_TMP={{ item.instance_path }}/tmp/jvm_tmp
-{% endif %}
-{% if item.catalina_tmp_directory is defined %}
-export CATALINA_TMPDIR={{ item.catalina_tmp_directory }}
-{% endif %}
-# Additional options not managed by the provisioning tools
-if [ -f /etc/default/tomcat-instance-{{ item.http_port }}.local ] ; then
- . /etc/default/tomcat-instance-{{ item.http_port }}.local
diff --git a/library/roles/tomcat-multiple-instances/templates/tomcat-host-manager.xml.j2 b/library/roles/tomcat-multiple-instances/templates/tomcat-host-manager.xml.j2
deleted file mode 100644
index 73081d0..0000000
--- a/library/roles/tomcat-multiple-instances/templates/tomcat-host-manager.xml.j2
+++ /dev/null
@@ -1,3 +0,0 @@
diff --git a/library/roles/tomcat-multiple-instances/templates/tomcat-instance.init.j2 b/library/roles/tomcat-multiple-instances/templates/tomcat-instance.init.j2
deleted file mode 100755
index d13361c..0000000
--- a/library/roles/tomcat-multiple-instances/templates/tomcat-instance.init.j2
+++ /dev/null
@@ -1,310 +0,0 @@
-# /etc/init.d/tomcat-instance-{{ item.http_port }} -- startup script for the Tomcat {{ tomcat_version }} {{ item.user }} servlet engine on port {{ item.http_port }}
-# Written by Miquel van Smoorenburg .
-# Modified for Debian GNU/Linux by Ian Murdock .
-# Modified for Tomcat by Stefan Gybas .
-# Modified for Tomcat6 by Thierry Carrez .
-# Modified for Tomcat7 by Ernesto Hernandez-Novich .
-# Additional improvements by Jason Brittain .
-# Provides: tomcat-instance-{{ item.http_port }}
-# Required-Start: $local_fs $remote_fs $network
-# Required-Stop: $local_fs $remote_fs $network
-# Should-Start: $named
-# Should-Stop: $named
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-# Short-Description: Start Tomcat.
-# Description: Start the Tomcat servlet engine.
-set -e
-NAME=tomcat-instance-{{ item.http_port }}
-DESC="Tomcat servlet engine"
-if [ `id -u` -ne 0 ]; then
- echo "You need root privileges to run this script"
- exit 1
-# Make sure tomcat is started with system locale
-if [ -r /etc/default/locale ]; then
- . /etc/default/locale
- export LANG
-. /lib/lsb/init-functions
-if [ -r /etc/default/rcS ]; then
- . /etc/default/rcS
-# The following variables can be overwritten in $DEFAULT
-# Run Tomcat {{ tomcat_version }} as this user ID and group ID
-TOMCAT{{ tomcat_version }}_USER={{ item.user }}
-TOMCAT{{ tomcat_version }}_GROUP={{ item.user }}
-# this is a work-around until there is a suitable runtime replacement
-# for dpkg-architecture for arch:all packages
-# this function sets the variable OPENJDKS
- for jvmdir in /usr/lib/jvm/java-11-openjdk-*
- do
- if [ -d "${jvmdir}" -a "${jvmdir}" != "/usr/lib/jvm/java-11-openjdk-common" ]
- then
- OPENJDKS=$jvmdir
- fi
- done
- for jvmdir in /usr/lib/jvm/java-8-openjdk-*
- do
- if [ -d "${jvmdir}" -a "${jvmdir}" != "/usr/lib/jvm/java-8-openjdk-common" ]
- then
- OPENJDKS=$jvmdir
- fi
- done
- for jvmdir in /usr/lib/jvm/java-7-openjdk-*
- do
- if [ -d "${jvmdir}" -a "${jvmdir}" != "/usr/lib/jvm/java-7-openjdk-common" ]
- then
- OPENJDKS=$jvmdir
- fi
- done
- for jvmdir in /usr/lib/jvm/java-6-openjdk-*
- do
- if [ -d "${jvmdir}" -a "${jvmdir}" != "/usr/lib/jvm/java-6-openjdk-common" ]
- then
- OPENJDKS="${OPENJDKS} ${jvmdir}"
- fi
- done
-# The first existing directory is used for JAVA_HOME (if JAVA_HOME is not
-# defined in $DEFAULT)
-JDK_DIRS="/usr/lib/jvm/default-java ${OPENJDKS} /usr/lib/jvm/java-6-openjdk /usr/lib/jvm/java-6-sun"
-# Look for the right JVM to use
-for jdir in $JDK_DIRS; do
- if [ -r "$jdir/bin/java" -a -z "${JAVA_HOME}" ]; then
- JAVA_HOME="$jdir"
- fi
-export JAVA_HOME
-# Directory where the Tomcat binary distribution resides
-CATALINA_HOME=/usr/share/tomcat{{ tomcat_version }}
-# Directory for per-instance configuration files and webapps
-CATALINA_BASE={{ item.instance_path }}
-# Use the Java security manager? (yes/no)
-TOMCAT{{ tomcat_version }}_SECURITY=no
-# Default Java options
-# Set java.awt.headless=true if JAVA_OPTS is not set so the
-# Xalan XSL transformer can work without X11 display on JDK 1.4+
-# It also looks like the default heap size of 64M is not enough for most cases
-# so the maximum heap size is set to 128M
-if [ -z "$JAVA_OPTS" ]; then
- JAVA_OPTS="-Djava.awt.headless=true -Xmx512M"
-# End of variables that can be overwritten in $DEFAULT
-# overwrite settings from default file
-if [ -f "$DEFAULT" ]; then
- . "$DEFAULT"
-if [ ! -f "$CATALINA_HOME/bin/bootstrap.jar" ]; then
- log_failure_msg "$NAME is not installed"
- exit 1
-if [ -z "$CATALINA_TMPDIR" ]; then
-# Set the JSP compiler if set in the ${ NAME }.default file
-if [ -n "$JSP_COMPILER" ]; then
- JAVA_OPTS="$JAVA_OPTS -Dbuild.compiler=\"$JSP_COMPILER\""
-if [ "$TOMCAT{{ tomcat_version }}_SECURITY" = "yes" ]; then
- SECURITY="-security"
-# Define other required variables
-# Look for Java Secure Sockets Extension (JSSE) JARs
-if [ -z "${JSSE_HOME}" -a -r "${JAVA_HOME}/jre/lib/jsse.jar" ]; then
-catalina_sh() {
- # Escape any double quotes in the value of JAVA_OPTS
- JAVA_OPTS="$(echo $JAVA_OPTS | sed 's/\"/\\\"/g')"
- if [ "$AUTHBIND" = "yes" -a "$1" = "start" ]; then
- JAVA_OPTS="$JAVA_OPTS -Djava.net.preferIPv4Stack=true"
- AUTHBIND_COMMAND="/usr/bin/authbind --deep /bin/bash -c "
- fi
- # Define the command to run Tomcat's catalina.sh as a daemon
- # set -a tells sh to export assigned variables to spawned shells.
- TOMCAT_SH="set -a; JAVA_HOME=\"$JAVA_HOME\"; source \"$DEFAULT\"; \
- cd \"$CATALINA_BASE\"; \
- \"$CATALINA_SH\" $@"
- if [ "$AUTHBIND" = "yes" -a "$1" = "start" ]; then
- fi
- # Run the catalina.sh script as a daemon
- set +e
- touch "$CATALINA_PID" "$CATALINA_BASE"/logs/catalina.out
- chown $TOMCAT{{ tomcat_version }}_USER "$CATALINA_PID" "$CATALINA_BASE"/logs/catalina.out
- start-stop-daemon --start -b -u "$TOMCAT{{ tomcat_version }}_USER" -g "$TOMCAT{{ tomcat_version }}_GROUP" \
- -c "$TOMCAT{{ tomcat_version }}_USER" -d "$CATALINA_TMPDIR" -p "$CATALINA_PID" \
- -x /bin/bash -- -c "$AUTHBIND_COMMAND $TOMCAT_SH"
- status="$?"
- set +a -e
- return $status
-case "$1" in
- start)
- if [ -z "$JAVA_HOME" ]; then
- log_failure_msg "no JDK found - please set JAVA_HOME"
- exit 1
- fi
- if [ ! -d "$CATALINA_BASE/conf" ]; then
- log_failure_msg "invalid CATALINA_BASE: $CATALINA_BASE"
- exit 1
- fi
- log_daemon_msg "Starting $DESC" "$NAME"
- if start-stop-daemon --test --start --pidfile "$CATALINA_PID" \
- --user $TOMCAT{{ tomcat_version }}_USER --exec "$JAVA_HOME/bin/java" \
- >/dev/null; then
- # Regenerate POLICY_CACHE file
- umask 022
- echo "// AUTO-GENERATED FILE from {{ item.instance_path }}/conf/policy.d/" \
- echo "" >> "$POLICY_CACHE"
- cat $CATALINA_BASE/conf/policy.d/*.policy \
- # Remove / recreate JVM_TMP directory
- rm -rf "$JVM_TMP"
- mkdir -p "$JVM_TMP" || {
- log_failure_msg "could not create JVM temporary directory"
- exit 1
- }
- chown $TOMCAT{{ tomcat_version }}_USER "$JVM_TMP"
- catalina_sh start $SECURITY
- sleep 5
- if start-stop-daemon --test --start --pidfile "$CATALINA_PID" \
- --user $TOMCAT{{ tomcat_version }}_USER --exec "$JAVA_HOME/bin/java" \
- >/dev/null; then
- if [ -f "$CATALINA_PID" ]; then
- rm -f "$CATALINA_PID"
- fi
- log_end_msg 1
- else
- log_end_msg 0
- fi
- else
- log_progress_msg "(already running)"
- log_end_msg 0
- fi
- ;;
- stop)
- log_daemon_msg "Stopping $DESC" "$NAME"
- set +e
- if [ -f "$CATALINA_PID" ]; then
- start-stop-daemon --stop --pidfile "$CATALINA_PID" \
- --user "$TOMCAT{{ tomcat_version }}_USER" \
- --retry=TERM/20/KILL/5 >/dev/null
- if [ $? -eq 1 ]; then
- log_progress_msg "$DESC is not running but pid file exists, cleaning up"
- elif [ $? -eq 3 ]; then
- log_failure_msg "Failed to stop $NAME (pid $PID)"
- exit 1
- fi
- rm -f "$CATALINA_PID"
- rm -rf "$JVM_TMP"
- else
- log_progress_msg "(not running)"
- fi
- log_end_msg 0
- set -e
- ;;
- status)
- set +e
- start-stop-daemon --test --start --pidfile "$CATALINA_PID" \
- --user $TOMCAT{{ tomcat_version }}_USER --exec "$JAVA_HOME/bin/java" \
- >/dev/null 2>&1
- if [ "$?" = "0" ]; then
- if [ -f "$CATALINA_PID" ]; then
- log_success_msg "$DESC is not running, but pid file exists."
- exit 1
- else
- log_success_msg "$DESC is not running."
- exit 3
- fi
- else
- log_success_msg "$DESC is running with pid `cat $CATALINA_PID`"
- fi
- set -e
- ;;
- restart|force-reload)
- if [ -f "$CATALINA_PID" ]; then
- $0 stop
- sleep 1
- fi
- $0 start
- ;;
- try-restart)
- if start-stop-daemon --test --start --pidfile "$CATALINA_PID" \
- --user $TOMCAT{{ tomcat_version }}_USER --exec "$JAVA_HOME/bin/java" \
- >/dev/null; then
- $0 start
- fi
- ;;
- *)
- log_success_msg "Usage: $0 {start|stop|restart|try-restart|force-reload|status}"
- exit 1
- ;;
-exit 0
diff --git a/library/roles/tomcat-multiple-instances/templates/tomcat-manager.xml.j2 b/library/roles/tomcat-multiple-instances/templates/tomcat-manager.xml.j2
deleted file mode 100644
index 13ca522..0000000
--- a/library/roles/tomcat-multiple-instances/templates/tomcat-manager.xml.j2
+++ /dev/null
@@ -1,3 +0,0 @@
diff --git a/library/roles/tomcat-multiple-instances/templates/tomcat-server.xml.j2 b/library/roles/tomcat-multiple-instances/templates/tomcat-server.xml.j2
deleted file mode 100644
index 3a7863a..0000000
--- a/library/roles/tomcat-multiple-instances/templates/tomcat-server.xml.j2
+++ /dev/null
@@ -1,146 +0,0 @@
-{% if item.shutdown_port == '-1' %}
-{% else %}
- {% endif %}
-{% if tomcat_version <= 7 %}
-{% endif %}
-{% if item.http_enabled %}
-{% endif %}
-{% if item.http_enabled %}
-{% endif %}
-{% if item.ajp_enabled %}
-{% endif %}
-{% if item.access_log_enabled %}
-{% endif %}
diff --git a/library/roles/tomcat-multiple-instances/templates/tomcat-users.xml.j2 b/library/roles/tomcat-multiple-instances/templates/tomcat-users.xml.j2
deleted file mode 100644
index 8eaf5da..0000000
--- a/library/roles/tomcat-multiple-instances/templates/tomcat-users.xml.j2
+++ /dev/null
@@ -1,49 +0,0 @@
-{% if tomcat_m_host_manager_install or tomcat_m_manager_install %}
-{% if tomcat_m_manager_gui_user_enabled %}
-{% endif %}
-{% if tomcat_m_manager_script_user_enabled %}
-{% endif %}
-{% if tomcat_m_manager_jmx_user_enabled %}
-{% endif %}
-{% if tomcat_m_manager_status_user_enabled %}
-{% endif %}
-{% if tomcat_m_manager_other_roles is defined %}
-{% for t_adm in tomcat_m_manager_other_roles %}
-{% endfor %}
-{% endif %}
-{% endif %}
diff --git a/library/roles/tomcat-multiple-instances/templates/tomcat-web.xml.j2 b/library/roles/tomcat-multiple-instances/templates/tomcat-web.xml.j2
deleted file mode 100644
index d27fdfb..0000000
--- a/library/roles/tomcat-multiple-instances/templates/tomcat-web.xml.j2
+++ /dev/null
@@ -1,4344 +0,0 @@
- default
- org.apache.catalina.servlets.DefaultServlet
- debug
- 0
- listings
- false
- 1
- jsp
- org.apache.jasper.servlet.JspServlet
- fork
- false
- xpoweredBy
- false
- 3
- default
- /
- jsp
- *.jsp
- *.jspx
-{% if tomcat_javamelody %}
- javamelody
- net.bull.javamelody.MonitoringFilter
- log
- true
- javamelody
- /*
- net.bull.javamelody.SessionListener
-{% endif %}
- 30
- 123
- application/vnd.lotus-1-2-3
- 3dml
- text/vnd.in3d.3dml
- 3g2
- video/3gpp2
- 3gp
- video/3gpp
- 7z
- application/x-7z-compressed
- aab
- application/x-authorware-bin
- aac
- audio/x-aac
- aam
- application/x-authorware-map
- aas
- application/x-authorware-seg
- abs
- audio/x-mpeg
- abw
- application/x-abiword
- ac
- application/pkix-attr-cert
- acc
- application/vnd.americandynamics.acc
- ace
- application/x-ace-compressed
- acu
- application/vnd.acucobol
- acutc
- application/vnd.acucorp
- adp
- audio/adpcm
- aep
- application/vnd.audiograph
- afm
- application/x-font-type1
- afp
- application/vnd.ibm.modcap
- ahead
- application/vnd.ahead.space
- ai
- application/postscript
- aif
- audio/x-aiff
- aifc
- audio/x-aiff
- aiff
- audio/x-aiff
- aim
- application/x-aim
- air
- application/vnd.adobe.air-application-installer-package+zip
- ait
- application/vnd.dvb.ait
- ami
- application/vnd.amiga.ami
- anx
- application/annodex
- apk
- application/vnd.android.package-archive
- application
- application/x-ms-application
- apr
- application/vnd.lotus-approach
- art
- image/x-jg
- asc
- application/pgp-signature
- asf
- video/x-ms-asf
- asm
- text/x-asm
- aso
- application/vnd.accpac.simply.aso
- asx
- video/x-ms-asf
- atc
- application/vnd.acucorp
- atom
- application/atom+xml
- atomcat
- application/atomcat+xml
- atomsvc
- application/atomsvc+xml
- atx
- application/vnd.antix.game-component
- au
- audio/basic
- avi
- video/x-msvideo
- avx
- video/x-rad-screenplay
- aw
- application/applixware
- axa
- audio/annodex
- axv
- video/annodex
- azf
- application/vnd.airzip.filesecure.azf
- azs
- application/vnd.airzip.filesecure.azs
- azw
- application/vnd.amazon.ebook
- bat
- application/x-msdownload
- bcpio
- application/x-bcpio
- bdf
- application/x-font-bdf
- bdm
- application/vnd.syncml.dm+wbxml
- bed
- application/vnd.realvnc.bed
- bh2
- application/vnd.fujitsu.oasysprs
- bin
- application/octet-stream
- bmi
- application/vnd.bmi
- bmp
- image/bmp
- body
- text/html
- book
- application/vnd.framemaker
- box
- application/vnd.previewsystems.box
- boz
- application/x-bzip2
- bpk
- application/octet-stream
- btif
- image/prs.btif
- bz
- application/x-bzip
- bz2
- application/x-bzip2
- c
- text/x-c
- c11amc
- application/vnd.cluetrust.cartomobile-config
- c11amz
- application/vnd.cluetrust.cartomobile-config-pkg
- c4d
- application/vnd.clonk.c4group
- c4f
- application/vnd.clonk.c4group
- c4g
- application/vnd.clonk.c4group
- c4p
- application/vnd.clonk.c4group
- c4u
- application/vnd.clonk.c4group
- cab
- application/vnd.ms-cab-compressed
- cap
- application/vnd.tcpdump.pcap
- car
- application/vnd.curl.car
- cat
- application/vnd.ms-pki.seccat
- cc
- text/x-c
- cct
- application/x-director
- ccxml
- application/ccxml+xml
- cdbcmsg
- application/vnd.contact.cmsg
- cdf
- application/x-cdf
- cdkey
- application/vnd.mediastation.cdkey
- cdmia
- application/cdmi-capability
- cdmic
- application/cdmi-container
- cdmid
- application/cdmi-domain
- cdmio
- application/cdmi-object
- cdmiq
- application/cdmi-queue
- cdx
- chemical/x-cdx
- cdxml
- application/vnd.chemdraw+xml
- cdy
- application/vnd.cinderella
- cer
- application/pkix-cert
- cgm
- image/cgm
- chat
- application/x-chat
- chm
- application/vnd.ms-htmlhelp
- chrt
- application/vnd.kde.kchart
- cif
- chemical/x-cif
- cii
- application/vnd.anser-web-certificate-issue-initiation
- cil
- application/vnd.ms-artgalry
- cla
- application/vnd.claymore
- class
- application/java
- clkk
- application/vnd.crick.clicker.keyboard
- clkp
- application/vnd.crick.clicker.palette
- clkt
- application/vnd.crick.clicker.template
- clkw
- application/vnd.crick.clicker.wordbank
- clkx
- application/vnd.crick.clicker
- clp
- application/x-msclip
- cmc
- application/vnd.cosmocaller
- cmdf
- chemical/x-cmdf
- cml
- chemical/x-cml
- cmp
- application/vnd.yellowriver-custom-menu
- cmx
- image/x-cmx
- cod
- application/vnd.rim.cod
- com
- application/x-msdownload
- conf
- text/plain
- cpio
- application/x-cpio
- cpp
- text/x-c
- cpt
- application/mac-compactpro
- crd
- application/x-mscardfile
- crl
- application/pkix-crl
- crt
- application/x-x509-ca-cert
- cryptonote
- application/vnd.rig.cryptonote
- csh
- application/x-csh
- csml
- chemical/x-csml
- csp
- application/vnd.commonspace
- css
- text/css
- cst
- application/x-director
- csv
- text/csv
- cu
- application/cu-seeme
- curl
- text/vnd.curl
- cww
- application/prs.cww
- cxt
- application/x-director
- cxx
- text/x-c
- dae
- model/vnd.collada+xml
- daf
- application/vnd.mobius.daf
- dataless
- application/vnd.fdsn.seed
- davmount
- application/davmount+xml
- dcr
- application/x-director
- dcurl
- text/vnd.curl.dcurl
- dd2
- application/vnd.oma.dd2+xml
- ddd
- application/vnd.fujixerox.ddd
- deb
- application/x-debian-package
- def
- text/plain
- deploy
- application/octet-stream
- der
- application/x-x509-ca-cert
- dfac
- application/vnd.dreamfactory
- dib
- image/bmp
- dic
- text/x-c
- dir
- application/x-director
- dis
- application/vnd.mobius.dis
- dist
- application/octet-stream
- distz
- application/octet-stream
- djv
- image/vnd.djvu
- djvu
- image/vnd.djvu
- dll
- application/x-msdownload
- dmg
- application/octet-stream
- dmp
- application/vnd.tcpdump.pcap
- dms
- application/octet-stream
- dna
- application/vnd.dna
- doc
- application/msword
- docm
- application/vnd.ms-word.document.macroenabled.12
- docx
- application/vnd.openxmlformats-officedocument.wordprocessingml.document
- dot
- application/msword
- dotm
- application/vnd.ms-word.template.macroenabled.12
- dotx
- application/vnd.openxmlformats-officedocument.wordprocessingml.template
- dp
- application/vnd.osgi.dp
- dpg
- application/vnd.dpgraph
- dra
- audio/vnd.dra
- dsc
- text/prs.lines.tag
- dssc
- application/dssc+der
- dtb
- application/x-dtbook+xml
- dtd
- application/xml-dtd
- dts
- audio/vnd.dts
- dtshd
- audio/vnd.dts.hd
- dump
- application/octet-stream
- dv
- video/x-dv
- dvb
- video/vnd.dvb.file
- dvi
- application/x-dvi
- dwf
- model/vnd.dwf
- dwg
- image/vnd.dwg
- dxf
- image/vnd.dxf
- dxp
- application/vnd.spotfire.dxp
- dxr
- application/x-director
- ecelp4800
- audio/vnd.nuera.ecelp4800
- ecelp7470
- audio/vnd.nuera.ecelp7470
- ecelp9600
- audio/vnd.nuera.ecelp9600
- ecma
- application/ecmascript
- edm
- application/vnd.novadigm.edm
- edx
- application/vnd.novadigm.edx
- efif
- application/vnd.picsel
- ei6
- application/vnd.pg.osasli
- elc
- application/octet-stream
- eml
- message/rfc822
- emma
- application/emma+xml
- eol
- audio/vnd.digital-winds
- eot
- application/vnd.ms-fontobject
- eps
- application/postscript
- epub
- application/epub+zip
- es3
- application/vnd.eszigno3+xml
- esf
- application/vnd.epson.esf
- et3
- application/vnd.eszigno3+xml
- etx
- text/x-setext
- exe
- application/octet-stream
- exi
- application/exi
- ext
- application/vnd.novadigm.ext
- ez
- application/andrew-inset
- ez2
- application/vnd.ezpix-album
- ez3
- application/vnd.ezpix-package
- f
- text/x-fortran
- f4v
- video/x-f4v
- f77
- text/x-fortran
- f90
- text/x-fortran
- fbs
- image/vnd.fastbidsheet
- fcs
- application/vnd.isac.fcs
- fdf
- application/vnd.fdf
- fe_launch
- application/vnd.denovo.fcselayout-link
- fg5
- application/vnd.fujitsu.oasysgp
- fgd
- application/x-director
- fh
- image/x-freehand
- fh4
- image/x-freehand
- fh5
- image/x-freehand
- fh7
- image/x-freehand
- fhc
- image/x-freehand
- fig
- application/x-xfig
- flac
- audio/flac
- fli
- video/x-fli
- flo
- application/vnd.micrografx.flo
- flv
- video/x-flv
- flw
- application/vnd.kde.kivio
- flx
- text/vnd.fmi.flexstor
- fly
- text/vnd.fly
- fm
- application/vnd.framemaker
- fnc
- application/vnd.frogans.fnc
- for
- text/x-fortran
- fpx
- image/vnd.fpx
- frame
- application/vnd.framemaker
- fsc
- application/vnd.fsc.weblaunch
- fst
- image/vnd.fst
- ftc
- application/vnd.fluxtime.clip
- fti
- application/vnd.anser-web-funds-transfer-initiation
- fvt
- video/vnd.fvt
- fxp
- application/vnd.adobe.fxp
- fxpl
- application/vnd.adobe.fxp
- fzs
- application/vnd.fuzzysheet
- g2w
- application/vnd.geoplan
- g3
- image/g3fax
- g3w
- application/vnd.geospace
- gac
- application/vnd.groove-account
- gbr
- application/rpki-ghostbusters
- gdl
- model/vnd.gdl
- geo
- application/vnd.dynageo
- gex
- application/vnd.geometry-explorer
- ggb
- application/vnd.geogebra.file
- ggt
- application/vnd.geogebra.tool
- ghf
- application/vnd.groove-help
- gif
- image/gif
- gim
- application/vnd.groove-identity-message
- gmx
- application/vnd.gmx
- gnumeric
- application/x-gnumeric
- gph
- application/vnd.flographit
- gqf
- application/vnd.grafeq
- gqs
- application/vnd.grafeq
- gram
- application/srgs
- gre
- application/vnd.geometry-explorer
- grv
- application/vnd.groove-injector
- grxml
- application/srgs+xml
- gsf
- application/x-font-ghostscript
- gtar
- application/x-gtar
- gtm
- application/vnd.groove-tool-message
- gtw
- model/vnd.gtw
- gv
- text/vnd.graphviz
- gxt
- application/vnd.geonext
- gz
- application/x-gzip
- h
- text/x-c
- h261
- video/h261
- h263
- video/h263
- h264
- video/h264
- hal
- application/vnd.hal+xml
- hbci
- application/vnd.hbci
- hdf
- application/x-hdf
- hh
- text/x-c
- hlp
- application/winhlp
- hpgl
- application/vnd.hp-hpgl
- hpid
- application/vnd.hp-hpid
- hps
- application/vnd.hp-hps
- hqx
- application/mac-binhex40
- htc
- text/x-component
- htke
- application/vnd.kenameaapp
- htm
- text/html
- html
- text/html
- hvd
- application/vnd.yamaha.hv-dic
- hvp
- application/vnd.yamaha.hv-voice
- hvs
- application/vnd.yamaha.hv-script
- i2g
- application/vnd.intergeo
- icc
- application/vnd.iccprofile
- ice
- x-conference/x-cooltalk
- icm
- application/vnd.iccprofile
- ico
- image/x-icon
- ics
- text/calendar
- ief
- image/ief
- ifb
- text/calendar
- ifm
- application/vnd.shana.informed.formdata
- iges
- model/iges
- igl
- application/vnd.igloader
- igm
- application/vnd.insors.igm
- igs
- model/iges
- igx
- application/vnd.micrografx.igx
- iif
- application/vnd.shana.informed.interchange
- imp
- application/vnd.accpac.simply.imp
- ims
- application/vnd.ms-ims
- in
- text/plain
- ink
- application/inkml+xml
- inkml
- application/inkml+xml
- iota
- application/vnd.astraea-software.iota
- ipfix
- application/ipfix
- ipk
- application/vnd.shana.informed.package
- irm
- application/vnd.ibm.rights-management
- irp
- application/vnd.irepository.package+xml
- iso
- application/octet-stream
- itp
- application/vnd.shana.informed.formtemplate
- ivp
- application/vnd.immervision-ivp
- ivu
- application/vnd.immervision-ivu
- jad
- text/vnd.sun.j2me.app-descriptor
- jam
- application/vnd.jam
- jar
- application/java-archive
- java
- text/x-java-source
- jisp
- application/vnd.jisp
- jlt
- application/vnd.hp-jlyt
- jnlp
- application/x-java-jnlp-file
- joda
- application/vnd.joost.joda-archive
- jpe
- image/jpeg
- jpeg
- image/jpeg
- jpg
- image/jpeg
- jpgm
- video/jpm
- jpgv
- video/jpeg
- jpm
- video/jpm
- js
- application/javascript
- jsf
- text/plain
- json
- application/json
- jspf
- text/plain
- kar
- audio/midi
- karbon
- application/vnd.kde.karbon
- kfo
- application/vnd.kde.kformula
- kia
- application/vnd.kidspiration
- kml
- application/vnd.google-earth.kml+xml
- kmz
- application/vnd.google-earth.kmz
- kne
- application/vnd.kinar
- knp
- application/vnd.kinar
- kon
- application/vnd.kde.kontour
- kpr
- application/vnd.kde.kpresenter
- kpt
- application/vnd.kde.kpresenter
- ksp
- application/vnd.kde.kspread
- ktr
- application/vnd.kahootz
- ktx
- image/ktx
- ktz
- application/vnd.kahootz
- kwd
- application/vnd.kde.kword
- kwt
- application/vnd.kde.kword
- lasxml
- application/vnd.las.las+xml
- latex
- application/x-latex
- lbd
- application/vnd.llamagraphics.life-balance.desktop
- lbe
- application/vnd.llamagraphics.life-balance.exchange+xml
- les
- application/vnd.hhe.lesson-player
- lha
- application/octet-stream
- link66
- application/vnd.route66.link66+xml
- list
- text/plain
- list3820
- application/vnd.ibm.modcap
- listafp
- application/vnd.ibm.modcap
- log
- text/plain
- lostxml
- application/lost+xml
- lrf
- application/octet-stream
- lrm
- application/vnd.ms-lrm
- ltf
- application/vnd.frogans.ltf
- lvp
- audio/vnd.lucent.voice
- lwp
- application/vnd.lotus-wordpro
- lzh
- application/octet-stream
- m13
- application/x-msmediaview
- m14
- application/x-msmediaview
- m1v
- video/mpeg
- m21
- application/mp21
- m2a
- audio/mpeg
- m2v
- video/mpeg
- m3a
- audio/mpeg
- m3u
- audio/x-mpegurl
- m3u8
- application/vnd.apple.mpegurl
- m4a
- audio/mp4
- m4b
- audio/mp4
- m4r
- audio/mp4
- m4u
- video/vnd.mpegurl
- m4v
- video/mp4
- ma
- application/mathematica
- mac
- image/x-macpaint
- mads
- application/mads+xml
- mag
- application/vnd.ecowin.chart
- maker
- application/vnd.framemaker
- man
- text/troff
- mathml
- application/mathml+xml
- mb
- application/mathematica
- mbk
- application/vnd.mobius.mbk
- mbox
- application/mbox
- mc1
- application/vnd.medcalcdata
- mcd
- application/vnd.mcd
- mcurl
- text/vnd.curl.mcurl
- mdb
- application/x-msaccess
- mdi
- image/vnd.ms-modi
- me
- text/troff
- mesh
- model/mesh
- meta4
- application/metalink4+xml
- mets
- application/mets+xml
- mfm
- application/vnd.mfmp
- mft
- application/rpki-manifest
- mgp
- application/vnd.osgeo.mapguide.package
- mgz
- application/vnd.proteus.magazine
- mid
- audio/midi
- midi
- audio/midi
- mif
- application/x-mif
- mime
- message/rfc822
- mj2
- video/mj2
- mjp2
- video/mj2
- mlp
- application/vnd.dolby.mlp
- mmd
- application/vnd.chipnuts.karaoke-mmd
- mmf
- application/vnd.smaf
- mmr
- image/vnd.fujixerox.edmics-mmr
- mny
- application/x-msmoney
- mobi
- application/x-mobipocket-ebook
- mods
- application/mods+xml
- mov
- video/quicktime
- movie
- video/x-sgi-movie
- mp1
- audio/mpeg
- mp2
- audio/mpeg
- mp21
- application/mp21
- mp2a
- audio/mpeg
- mp3
- audio/mpeg
- mp4
- video/mp4
- mp4a
- audio/mp4
- mp4s
- application/mp4
- mp4v
- video/mp4
- mpa
- audio/mpeg
- mpc
- application/vnd.mophun.certificate
- mpe
- video/mpeg
- mpeg
- video/mpeg
- mpega
- audio/x-mpeg
- mpg
- video/mpeg
- mpg4
- video/mp4
- mpga
- audio/mpeg
- mpkg
- application/vnd.apple.installer+xml
- mpm
- application/vnd.blueice.multipass
- mpn
- application/vnd.mophun.application
- mpp
- application/vnd.ms-project
- mpt
- application/vnd.ms-project
- mpv2
- video/mpeg2
- mpy
- application/vnd.ibm.minipay
- mqy
- application/vnd.mobius.mqy
- mrc
- application/marc
- mrcx
- application/marcxml+xml
- ms
- text/troff
- mscml
- application/mediaservercontrol+xml
- mseed
- application/vnd.fdsn.mseed
- mseq
- application/vnd.mseq
- msf
- application/vnd.epson.msf
- msh
- model/mesh
- msi
- application/x-msdownload
- msl
- application/vnd.mobius.msl
- msty
- application/vnd.muvee.style
- mts
- model/vnd.mts
- mus
- application/vnd.musician
- musicxml
- application/vnd.recordare.musicxml+xml
- mvb
- application/x-msmediaview
- mwf
- application/vnd.mfer
- mxf
- application/mxf
- mxl
- application/vnd.recordare.musicxml
- mxml
- application/xv+xml
- mxs
- application/vnd.triscape.mxs
- mxu
- video/vnd.mpegurl
- n-gage
- application/vnd.nokia.n-gage.symbian.install
- n3
- text/n3
- nb
- application/mathematica
- nbp
- application/vnd.wolfram.player
- nc
- application/x-netcdf
- ncx
- application/x-dtbncx+xml
- ngdat
- application/vnd.nokia.n-gage.data
- nlu
- application/vnd.neurolanguage.nlu
- nml
- application/vnd.enliven
- nnd
- application/vnd.noblenet-directory
- nns
- application/vnd.noblenet-sealer
- nnw
- application/vnd.noblenet-web
- npx
- image/vnd.net-fpx
- nsf
- application/vnd.lotus-notes
- oa2
- application/vnd.fujitsu.oasys2
- oa3
- application/vnd.fujitsu.oasys3
- oas
- application/vnd.fujitsu.oasys
- obd
- application/x-msbinder
- oda
- application/oda
- odb
- application/vnd.oasis.opendocument.database
- odc
- application/vnd.oasis.opendocument.chart
- odf
- application/vnd.oasis.opendocument.formula
- odft
- application/vnd.oasis.opendocument.formula-template
- odg
- application/vnd.oasis.opendocument.graphics
- odi
- application/vnd.oasis.opendocument.image
- odm
- application/vnd.oasis.opendocument.text-master
- odp
- application/vnd.oasis.opendocument.presentation
- ods
- application/vnd.oasis.opendocument.spreadsheet
- odt
- application/vnd.oasis.opendocument.text
- oga
- audio/ogg
- ogg
- audio/ogg
- ogv
- video/ogg
- ogx
- application/ogg
- onepkg
- application/onenote
- onetmp
- application/onenote
- onetoc
- application/onenote
- onetoc2
- application/onenote
- opf
- application/oebps-package+xml
- oprc
- application/vnd.palm
- org
- application/vnd.lotus-organizer
- osf
- application/vnd.yamaha.openscoreformat
- osfpvg
- application/vnd.yamaha.openscoreformat.osfpvg+xml
- otc
- application/vnd.oasis.opendocument.chart-template
- otf
- application/x-font-otf
- otg
- application/vnd.oasis.opendocument.graphics-template
- oth
- application/vnd.oasis.opendocument.text-web
- oti
- application/vnd.oasis.opendocument.image-template
- otp
- application/vnd.oasis.opendocument.presentation-template
- ots
- application/vnd.oasis.opendocument.spreadsheet-template
- ott
- application/vnd.oasis.opendocument.text-template
- oxps
- application/oxps
- oxt
- application/vnd.openofficeorg.extension
- p
- text/x-pascal
- p10
- application/pkcs10
- p12
- application/x-pkcs12
- p7b
- application/x-pkcs7-certificates
- p7c
- application/pkcs7-mime
- p7m
- application/pkcs7-mime
- p7r
- application/x-pkcs7-certreqresp
- p7s
- application/pkcs7-signature
- p8
- application/pkcs8
- pas
- text/x-pascal
- paw
- application/vnd.pawaafile
- pbd
- application/vnd.powerbuilder6
- pbm
- image/x-portable-bitmap
- pcap
- application/vnd.tcpdump.pcap
- pcf
- application/x-font-pcf
- pcl
- application/vnd.hp-pcl
- pclxl
- application/vnd.hp-pclxl
- pct
- image/pict
- pcurl
- application/vnd.curl.pcurl
- pcx
- image/x-pcx
- pdb
- application/vnd.palm
- pdf
- application/pdf
- pfa
- application/x-font-type1
- pfb
- application/x-font-type1
- pfm
- application/x-font-type1
- pfr
- application/font-tdpfr
- pfx
- application/x-pkcs12
- pgm
- image/x-portable-graymap
- pgn
- application/x-chess-pgn
- pgp
- application/pgp-encrypted
- pic
- image/pict
- pict
- image/pict
- pkg
- application/octet-stream
- pki
- application/pkixcmp
- pkipath
- application/pkix-pkipath
- plb
- application/vnd.3gpp.pic-bw-large
- plc
- application/vnd.mobius.plc
- plf
- application/vnd.pocketlearn
- pls
- audio/x-scpls
- pml
- application/vnd.ctc-posml
- png
- image/png
- pnm
- image/x-portable-anymap
- pnt
- image/x-macpaint
- portpkg
- application/vnd.macports.portpkg
- pot
- application/vnd.ms-powerpoint
- potm
- application/vnd.ms-powerpoint.template.macroenabled.12
- potx
- application/vnd.openxmlformats-officedocument.presentationml.template
- ppam
- application/vnd.ms-powerpoint.addin.macroenabled.12
- ppd
- application/vnd.cups-ppd
- ppm
- image/x-portable-pixmap
- pps
- application/vnd.ms-powerpoint
- ppsm
- application/vnd.ms-powerpoint.slideshow.macroenabled.12
- ppsx
- application/vnd.openxmlformats-officedocument.presentationml.slideshow
- ppt
- application/vnd.ms-powerpoint
- pptm
- application/vnd.ms-powerpoint.presentation.macroenabled.12
- pptx
- application/vnd.openxmlformats-officedocument.presentationml.presentation
- pqa
- application/vnd.palm
- prc
- application/x-mobipocket-ebook
- pre
- application/vnd.lotus-freelance
- prf
- application/pics-rules
- ps
- application/postscript
- psb
- application/vnd.3gpp.pic-bw-small
- psd
- image/vnd.adobe.photoshop
- psf
- application/x-font-linux-psf
- pskcxml
- application/pskc+xml
- ptid
- application/vnd.pvi.ptid1
- pub
- application/x-mspublisher
- pvb
- application/vnd.3gpp.pic-bw-var
- pwn
- application/vnd.3m.post-it-notes
- pya
- audio/vnd.ms-playready.media.pya
- pyv
- video/vnd.ms-playready.media.pyv
- qam
- application/vnd.epson.quickanime
- qbo
- application/vnd.intu.qbo
- qfx
- application/vnd.intu.qfx
- qps
- application/vnd.publishare-delta-tree
- qt
- video/quicktime
- qti
- image/x-quicktime
- qtif
- image/x-quicktime
- qwd
- application/vnd.quark.quarkxpress
- qwt
- application/vnd.quark.quarkxpress
- qxb
- application/vnd.quark.quarkxpress
- qxd
- application/vnd.quark.quarkxpress
- qxl
- application/vnd.quark.quarkxpress
- qxt
- application/vnd.quark.quarkxpress
- ra
- audio/x-pn-realaudio
- ram
- audio/x-pn-realaudio
- rar
- application/x-rar-compressed
- ras
- image/x-cmu-raster
- rcprofile
- application/vnd.ipunplugged.rcprofile
- rdf
- application/rdf+xml
- rdz
- application/vnd.data-vision.rdz
- rep
- application/vnd.businessobjects
- res
- application/x-dtbresource+xml
- rgb
- image/x-rgb
- rif
- application/reginfo+xml
- rip
- audio/vnd.rip
- rl
- application/resource-lists+xml
- rlc
- image/vnd.fujixerox.edmics-rlc
- rld
- application/resource-lists-diff+xml
- rm
- application/vnd.rn-realmedia
- rmi
- audio/midi
- rmp
- audio/x-pn-realaudio-plugin
- rms
- application/vnd.jcp.javame.midlet-rms
- rnc
- application/relax-ng-compact-syntax
- roa
- application/rpki-roa
- roff
- text/troff
- rp9
- application/vnd.cloanto.rp9
- rpss
- application/vnd.nokia.radio-presets
- rpst
- application/vnd.nokia.radio-preset
- rq
- application/sparql-query
- rs
- application/rls-services+xml
- rsd
- application/rsd+xml
- rss
- application/rss+xml
- rtf
- application/rtf
- rtx
- text/richtext
- s
- text/x-asm
- saf
- application/vnd.yamaha.smaf-audio
- sbml
- application/sbml+xml
- sc
- application/vnd.ibm.secure-container
- scd
- application/x-msschedule
- scm
- application/vnd.lotus-screencam
- scq
- application/scvp-cv-request
- scs
- application/scvp-cv-response
- scurl
- text/vnd.curl.scurl
- sda
- application/vnd.stardivision.draw
- sdc
- application/vnd.stardivision.calc
- sdd
- application/vnd.stardivision.impress
- sdkd
- application/vnd.solent.sdkm+xml
- sdkm
- application/vnd.solent.sdkm+xml
- sdp
- application/sdp
- sdw
- application/vnd.stardivision.writer
- see
- application/vnd.seemail
- seed
- application/vnd.fdsn.seed
- sema
- application/vnd.sema
- semd
- application/vnd.semd
- semf
- application/vnd.semf
- ser
- application/java-serialized-object
- setpay
- application/set-payment-initiation
- setreg
- application/set-registration-initiation
- sfd-hdstx
- application/vnd.hydrostatix.sof-data
- sfs
- application/vnd.spotfire.sfs
- sgl
- application/vnd.stardivision.writer-global
- sgm
- text/sgml
- sgml
- text/sgml
- sh
- application/x-sh
- shar
- application/x-shar
- shf
- application/shf+xml
- sig
- application/pgp-signature
- silo
- model/mesh
- sis
- application/vnd.symbian.install
- sisx
- application/vnd.symbian.install
- sit
- application/x-stuffit
- sitx
- application/x-stuffitx
- skd
- application/vnd.koan
- skm
- application/vnd.koan
- skp
- application/vnd.koan
- skt
- application/vnd.koan
- sldm
- application/vnd.ms-powerpoint.slide.macroenabled.12
- sldx
- application/vnd.openxmlformats-officedocument.presentationml.slide
- slt
- application/vnd.epson.salt
- sm
- application/vnd.stepmania.stepchart
- smf
- application/vnd.stardivision.math
- smi
- application/smil+xml
- smil
- application/smil+xml
- smzip
- application/vnd.stepmania.package
- snd
- audio/basic
- snf
- application/x-font-snf
- so
- application/octet-stream
- spc
- application/x-pkcs7-certificates
- spf
- application/vnd.yamaha.smaf-phrase
- spl
- application/x-futuresplash
- spot
- text/vnd.in3d.spot
- spp
- application/scvp-vp-response
- spq
- application/scvp-vp-request
- spx
- audio/ogg
- src
- application/x-wais-source
- sru
- application/sru+xml
- srx
- application/sparql-results+xml
- sse
- application/vnd.kodak-descriptor
- ssf
- application/vnd.epson.ssf
- ssml
- application/ssml+xml
- st
- application/vnd.sailingtracker.track
- stc
- application/vnd.sun.xml.calc.template
- std
- application/vnd.sun.xml.draw.template
- stf
- application/vnd.wt.stf
- sti
- application/vnd.sun.xml.impress.template
- stk
- application/hyperstudio
- stl
- application/vnd.ms-pki.stl
- str
- application/vnd.pg.format
- stw
- application/vnd.sun.xml.writer.template
- sub
- text/vnd.dvb.subtitle
- sus
- application/vnd.sus-calendar
- susp
- application/vnd.sus-calendar
- sv4cpio
- application/x-sv4cpio
- sv4crc
- application/x-sv4crc
- svc
- application/vnd.dvb.service
- svd
- application/vnd.svd
- svg
- image/svg+xml
- svgz
- image/svg+xml
- swa
- application/x-director
- swf
- application/x-shockwave-flash
- swi
- application/vnd.aristanetworks.swi
- sxc
- application/vnd.sun.xml.calc
- sxd
- application/vnd.sun.xml.draw
- sxg
- application/vnd.sun.xml.writer.global
- sxi
- application/vnd.sun.xml.impress
- sxm
- application/vnd.sun.xml.math
- sxw
- application/vnd.sun.xml.writer
- t
- text/troff
- taglet
- application/vnd.mynfc
- tao
- application/vnd.tao.intent-module-archive
- tar
- application/x-tar
- tcap
- application/vnd.3gpp2.tcap
- tcl
- application/x-tcl
- teacher
- application/vnd.smart.teacher
- tei
- application/tei+xml
- teicorpus
- application/tei+xml
- tex
- application/x-tex
- texi
- application/x-texinfo
- texinfo
- application/x-texinfo
- text
- text/plain
- tfi
- application/thraud+xml
- tfm
- application/x-tex-tfm
- thmx
- application/vnd.ms-officetheme
- tif
- image/tiff
- tiff
- image/tiff
- tmo
- application/vnd.tmobile-livetv
- torrent
- application/x-bittorrent
- tpl
- application/vnd.groove-tool-template
- tpt
- application/vnd.trid.tpt
- tr
- text/troff
- tra
- application/vnd.trueapp
- trm
- application/x-msterminal
- tsd
- application/timestamped-data
- tsv
- text/tab-separated-values
- ttc
- application/x-font-ttf
- ttf
- application/x-font-ttf
- ttl
- text/turtle
- twd
- application/vnd.simtech-mindmapper
- twds
- application/vnd.simtech-mindmapper
- txd
- application/vnd.genomatix.tuxedo
- txf
- application/vnd.mobius.txf
- txt
- text/plain
- u32
- application/x-authorware-bin
- udeb
- application/x-debian-package
- ufd
- application/vnd.ufdl
- ufdl
- application/vnd.ufdl
- ulw
- audio/basic
- umj
- application/vnd.umajin
- unityweb
- application/vnd.unity
- uoml
- application/vnd.uoml+xml
- uri
- text/uri-list
- uris
- text/uri-list
- urls
- text/uri-list
- ustar
- application/x-ustar
- utz
- application/vnd.uiq.theme
- uu
- text/x-uuencode
- uva
- audio/vnd.dece.audio
- uvd
- application/vnd.dece.data
- uvf
- application/vnd.dece.data
- uvg
- image/vnd.dece.graphic
- uvh
- video/vnd.dece.hd
- uvi
- image/vnd.dece.graphic
- uvm
- video/vnd.dece.mobile
- uvp
- video/vnd.dece.pd
- uvs
- video/vnd.dece.sd
- uvt
- application/vnd.dece.ttml+xml
- uvu
- video/vnd.uvvu.mp4
- uvv
- video/vnd.dece.video
- uvva
- audio/vnd.dece.audio
- uvvd
- application/vnd.dece.data
- uvvf
- application/vnd.dece.data
- uvvg
- image/vnd.dece.graphic
- uvvh
- video/vnd.dece.hd
- uvvi
- image/vnd.dece.graphic
- uvvm
- video/vnd.dece.mobile
- uvvp
- video/vnd.dece.pd
- uvvs
- video/vnd.dece.sd
- uvvt
- application/vnd.dece.ttml+xml
- uvvu
- video/vnd.uvvu.mp4
- uvvv
- video/vnd.dece.video
- uvvx
- application/vnd.dece.unspecified
- uvvz
- application/vnd.dece.zip
- uvx
- application/vnd.dece.unspecified
- uvz
- application/vnd.dece.zip
- vcard
- text/vcard
- vcd
- application/x-cdlink
- vcf
- text/x-vcard
- vcg
- application/vnd.groove-vcard
- vcs
- text/x-vcalendar
- vcx
- application/vnd.vcx
- vis
- application/vnd.visionary
- viv
- video/vnd.vivo
- vor
- application/vnd.stardivision.writer
- vox
- application/x-authorware-bin
- vrml
- model/vrml
- vsd
- application/vnd.visio
- vsf
- application/vnd.vsf
- vss
- application/vnd.visio
- vst
- application/vnd.visio
- vsw
- application/vnd.visio
- vtu
- model/vnd.vtu
- vxml
- application/voicexml+xml
- w3d
- application/x-director
- wad
- application/x-doom
- wav
- audio/x-wav
- wax
- audio/x-ms-wax
- wbmp
- image/vnd.wap.wbmp
- wbs
- application/vnd.criticaltools.wbs+xml
- wbxml
- application/vnd.wap.wbxml
- wcm
- application/vnd.ms-works
- wdb
- application/vnd.ms-works
- weba
- audio/webm
- webm
- video/webm
- webp
- image/webp
- wg
- application/vnd.pmi.widget
- wgt
- application/widget
- wks
- application/vnd.ms-works
- wm
- video/x-ms-wm
- wma
- audio/x-ms-wma
- wmd
- application/x-ms-wmd
- wmf
- application/x-msmetafile
- wml
- text/vnd.wap.wml
- wmlc
- application/vnd.wap.wmlc
- wmls
- text/vnd.wap.wmlscript
- wmlsc
- application/vnd.wap.wmlscriptc
- wmv
- video/x-ms-wmv
- wmx
- video/x-ms-wmx
- wmz
- application/x-ms-wmz
- woff
- application/x-font-woff
- wpd
- application/vnd.wordperfect
- wpl
- application/vnd.ms-wpl
- wps
- application/vnd.ms-works
- wqd
- application/vnd.wqd
- wri
- application/x-mswrite
- wrl
- model/vrml
- wsdl
- application/wsdl+xml
- wspolicy
- application/wspolicy+xml
- wtb
- application/vnd.webturbo
- wvx
- video/x-ms-wvx
- x32
- application/x-authorware-bin
- x3d
- application/vnd.hzn-3d-crossword
- xap
- application/x-silverlight-app
- xar
- application/vnd.xara
- xbap
- application/x-ms-xbap
- xbd
- application/vnd.fujixerox.docuworks.binder
- xbm
- image/x-xbitmap
- xdf
- application/xcap-diff+xml
- xdm
- application/vnd.syncml.dm+xml
- xdp
- application/vnd.adobe.xdp+xml
- xdssc
- application/dssc+xml
- xdw
- application/vnd.fujixerox.docuworks
- xenc
- application/xenc+xml
- xer
- application/patch-ops-error+xml
- xfdf
- application/vnd.adobe.xfdf
- xfdl
- application/vnd.xfdl
- xht
- application/xhtml+xml
- xhtml
- application/xhtml+xml
- xhvml
- application/xv+xml
- xif
- image/vnd.xiff
- xla
- application/vnd.ms-excel
- xlam
- application/vnd.ms-excel.addin.macroenabled.12
- xlc
- application/vnd.ms-excel
- xlm
- application/vnd.ms-excel
- xls
- application/vnd.ms-excel
- xlsb
- application/vnd.ms-excel.sheet.binary.macroenabled.12
- xlsm
- application/vnd.ms-excel.sheet.macroenabled.12
- xlsx
- application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
- xlt
- application/vnd.ms-excel
- xltm
- application/vnd.ms-excel.template.macroenabled.12
- xltx
- application/vnd.openxmlformats-officedocument.spreadsheetml.template
- xlw
- application/vnd.ms-excel
- xml
- application/xml
- xo
- application/vnd.olpc-sugar
- xop
- application/xop+xml
- xpi
- application/x-xpinstall
- xpm
- image/x-xpixmap
- xpr
- application/vnd.is-xpr
- xps
- application/vnd.ms-xpsdocument
- xpw
- application/vnd.intercon.formnet
- xpx
- application/vnd.intercon.formnet
- xsl
- application/xml
- xslt
- application/xslt+xml
- xsm
- application/vnd.syncml+xml
- xspf
- application/xspf+xml
- xul
- application/vnd.mozilla.xul+xml
- xvm
- application/xv+xml
- xvml
- application/xv+xml
- xwd
- image/x-xwindowdump
- xyz
- chemical/x-xyz
- yang
- application/yang
- yin
- application/yin+xml
- z
- application/x-compress
- Z
- application/x-compress
- zaz
- application/vnd.zzazz.deck+xml
- zip
- application/zip
- zir
- application/vnd.zul
- zirz
- application/vnd.zul
- zmm
- application/vnd.handheld-entertainment+xml
- index.html
- index.htm
- index.jsp
diff --git a/library/roles/tomcat-multiple-instances/templates/tomcat.logrotate.j2 b/library/roles/tomcat-multiple-instances/templates/tomcat.logrotate.j2
deleted file mode 100644
index 64877de..0000000
--- a/library/roles/tomcat-multiple-instances/templates/tomcat.logrotate.j2
+++ /dev/null
@@ -1,17 +0,0 @@
-{{ tomcat_m_instances_logdir_base }}/{{ item.http_port }}/catalina.out {
- copytruncate
- {{ item.log_rotation_freq }}
- rotate {{ item.log_retain }}
- compress
- missingok
- create 640 {{ item.user }} adm
-{{ tomcat_m_instances_logdir_base }}/{{ item.http_port }}/localhost_access.log {
- copytruncate
- {{ item.log_rotation_freq }}
- rotate {{ item.log_retain }}
- compress
- missingok
- create 640 {{ item.user }} adm
diff --git a/library/roles/tomcat/defaults/main.yml b/library/roles/tomcat/defaults/main.yml
deleted file mode 100644
index 39ffa85..0000000
--- a/library/roles/tomcat/defaults/main.yml
+++ /dev/null
@@ -1,135 +0,0 @@
-# The tomcat version is set at runtime. It changes from one distribution to the other.
-#tomcat_version: 7
-# To force a tomcat version set the following variable:
-# tomcat_fixed_version: 9
-tomcat_pkg_state: present
-tomcat_service_enabled: True
- - 'tomcat{{ tomcat_version }}'
- - 'libtomcat{{ tomcat_version }}-java'
- - 'tomcat{{ tomcat_version }}-common'
- - libapr1
- - jsvc
- - libcommons-daemon-java
-tomcat_user: 'tomcat{{ tomcat_version }}'
-tomcat_max_threads: 200
-tomcat_min_heap_size: 2048m
-tomcat_permgen_defined: True
-tomcat_heap_size: '{{ tomcat_min_heap_size }}'
-tomcat_permgen_size: 512m
-tomcat_file_encoding: 'UTF-8'
-tomcat_java_opts: "-Xms{{ tomcat_min_heap_size }} -Xmx{{ tomcat_heap_size }}"
-tomcat_additional_java_8_opts: "-XX:+CrashOnOutOfMemoryError"
-tomcat_java_gc_opts: "-XX:+UseConcMarkSweepGC"
-#tomcat_other_java_opts: "-Djsse.enableSNIExtension=false"
-tomcat_proxy_enabled: False
-tomcat_proxy_http_host: 'localhost'
-tomcat_proxy_http_port: '3128'
-tomcat_proxy_https_host: '{{ tomcat_proxy_http_host }}'
-tomcat_proxy_https_port: '{{ tomcat_proxy_http_port }}'
-tomcat_proxy_opts: "-DproxySet=true -Dhttp.proxyHost={{ tomcat_proxy_http_host }} -Dhttp.proxyPort={{ tomcat_proxy_http_port }} -Dhttps.proxyHost={{ tomcat_proxy_https_host }} -Dhttps.proxyPort={{ tomcat_proxy_https_port }}"
-tomcat_other_java_opts: ""
-tomcat_install_server_xml: True
-tomcat_install_default_conf: True
-tomcat_load_additional_default_conf: True
-tomcat_http_enabled: True
-tomcat_http_port: 8080
-tomcat_webapps_autodeploy: False
-tomcat_webapps_unpack: False
-tomcat_ajp_enabled: False
-tomcat_ajp_port: 8009
-tomcat_direct_access: False
-tomcat_reverse_proxy_name_enabled: False
-tomcat_reverse_proxy_name: '{{ ansible_fqdn }}'
-tomcat_reverse_proxy_port: '{{ http_port | default(80) }}'
-# There is a bug that kills tomcat after 50 days if the shutdown port is enabled
-# Disable the shutdown port by default
-#tomcat_shutdown_port: 8005
-tomcat_shutdown_port: -1
-tomcat_shutdown_pwd: "{{ lookup('password', '/tmp/passwordfile chars=ascii_letters,digits') }}"
-tomcat_restart_timeout: 300
-tomcat_max_post_size: 1000000
-tomcat_catalina_home_dir: '/usr/share/tomcat{{ tomcat_version }}'
-tomcat_catalina_base_dir: '/var/lib/tomcat{{ tomcat_version }}'
-tomcat_conf_dir: '/etc/tomcat{{ tomcat_version }}'
-tomcat_webapps_dir: '{{ tomcat_catalina_base_dir }}/webapps'
-tomcat_common_dir: '{{ tomcat_catalina_base_dir }}/common/'
-tomcat_common_classes_dir: '{{ tomcat_catalina_base_dir }}/common/classes'
-tomcat_tmp_dir: '{{ tomcat_catalina_base_dir }}/tmp/tomcat'
-# JMX and debugging
-tomcat_enable_remote_debugging: False
-tomcat_remote_debugging_host: ''
-tomcat_remote_debugging_port: ':8100'
-tomcat_remote_debugging_uri: '{{ tomcat_remote_debugging_host }}:{{ tomcat_remote_debugging_port }}'
-tomcat_jmx_enabled: False
-tomcat_jmx_auth_enabled: False
-tomcat_jmx_port: 8082
-tomcat_jmx_auth_dir: '{{ tomcat_conf_dir }}'
-tomcat_jmx_use_ssl: False
-# The following work with jdk >= 7.0.25 only
-tomcat_jmx_disable_additional_ports: True
-tomcat_jmx_localhost_only: False
-# tomcat_jmx_monitorpass: define_in_a_vault_file
-# tomcat_jmx_controlpass: define_in_a_vault_file
-# Metrics monitoring via javamelody
-tomcat_javamelody: True
-#tomcat_javamelody_version: latest
-tomcat_javamelody_version: 1.79.0
-# tomcat logging
-tomcat_logdir: '/var/log/tomcat{{ tomcat_version }}'
-tomcat_use_log4j: True
-tomcat_install_the_log4j_properties: True
-tomcat_retain_old_logs: 30
-tomcat_log_rotation_threshold: "ALL"
-tomcat_log_max_file_size: "100MB"
-tomcat_log_level: INFO
-tomcat_log_logger: CATALINA
-tomcat_access_log_enabled: True
-tomcat_access_log_rotation_freq: "daily"
-# Define them if you want to send all the logs to an ELK installation
-tomcat_send_to_logstash: False
-tomcat_logstash_collector_host: logstash
-tomcat_logstash_collector_socketappender_port: 4560
-tomcat_logstash_collector_socketappender_reconndelay: 10000
-# Set to LOGSTASH only if you do not want local logs
-tomcat_logstash_logger: CATALINA, LOGSTASH
-#tomcat_access_log_file_name: localhost_access.log
-# Administrative interface
-tomcat_install_admin: False
-tomcat_manager_gui_user_enabled: True
-tomcat_manager_gui_user: guiadmin
-tomcat_manager_gui_r: "manager-gui"
-#tomcat_manager_gui_pwd: *See the vault file*
-tomcat_manager_script_user_enabled: False
-tomcat_manager_script_user: scriptadmin
-tomcat_manager_script_r: "manager-script"
-#tomcat_manager_script_pwd: *See the vault file*
-tomcat_manager_jmx_user_enabled: False
-tomcat_manager_jmx_user: jmxadmin
-tomcat_manager_jmx_r: "manager-jmx"
-#tomcat_manager_jmx_pwd: *See the vault file*
-tomcat_manager_status_user_enabled: False
-tomcat_manager_status_user: statusadmin
-tomcat_manager_status_r: "manager-status"
-#tomcat_manager_status_pwd: *See the vault file*
-tomcat_install_jdbc: False
-tomcat_install_pg_jdbc: '{{ tomcat_install_jdbc }}'
-# Not used yet
-tomcat_install_mysql_jdbc: False
diff --git a/library/roles/tomcat/files/catalina.properties b/library/roles/tomcat/files/catalina.properties
deleted file mode 100644
index c57b4e8..0000000
--- a/library/roles/tomcat/files/catalina.properties
+++ /dev/null
@@ -1,131 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.apache.org/licenses/LICENSE-2.0
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# List of comma-separated packages that start with or equal this string
-# will cause a security exception to be thrown when
-# passed to checkPackageAccess unless the
-# corresponding RuntimePermission ("accessClassInPackage."+package) has
-# been granted.
-# List of comma-separated packages that start with or equal this string
-# will cause a security exception to be thrown when
-# passed to checkPackageDefinition unless the
-# corresponding RuntimePermission ("defineClassInPackage."+package) has
-# been granted.
-# by default, no packages are restricted for definition, and none of
-# the class loaders supplied with the JDK call checkPackageDefinition.
-# List of comma-separated paths defining the contents of the "common"
-# classloader. Prefixes should be used to define what is the repository type.
-# Path may be relative to the CATALINA_HOME or CATALINA_BASE path or absolute.
-# If left as blank,the JVM system loader will be used as Catalina's "common"
-# loader.
-# Examples:
-# "foo": Add this folder as a class repository
-# "foo/*.jar": Add all the JARs of the specified folder as class
-# repositories
-# "foo/bar.jar": Add bar.jar as a class repository
-# List of comma-separated paths defining the contents of the "server"
-# classloader. Prefixes should be used to define what is the repository type.
-# Path may be relative to the CATALINA_HOME or CATALINA_BASE path or absolute.
-# If left as blank, the "common" loader will be used as Catalina's "server"
-# loader.
-# Examples:
-# "foo": Add this folder as a class repository
-# "foo/*.jar": Add all the JARs of the specified folder as class
-# repositories
-# "foo/bar.jar": Add bar.jar as a class repository
-# List of comma-separated paths defining the contents of the "shared"
-# classloader. Prefixes should be used to define what is the repository type.
-# Path may be relative to the CATALINA_BASE path or absolute. If left as blank,
-# the "common" loader will be used as Catalina's "shared" loader.
-# Examples:
-# "foo": Add this folder as a class repository
-# "foo/*.jar": Add all the JARs of the specified folder as class
-# repositories
-# "foo/bar.jar": Add bar.jar as a class repository
-# Please note that for single jars, e.g. bar.jar, you need the URL form
-# starting with file:.
-# List of JAR files that should not be scanned using the JarScanner
-# functionality. This is typically used to scan JARs for configuration
-# information. JARs that do not contain such information may be excluded from
-# the scan to speed up the scanning process. This is the default list. JARs on
-# this list are excluded from all scans. Scan specific lists (to exclude JARs
-# from individual scans) follow this. The list must be a comma separated list of
-# JAR file names.
-# The JARs listed below include:
-# - Tomcat Bootstrap JARs
-# - Tomcat API JARs
-# - Catalina JARs
-# - Jasper JARs
-# - Tomcat JARs
-# - Common non-Tomcat JARs
-# - Test JARs (JUnit, Cobertura and dependencies)
-# Additional JARs (over and above the default JARs listed above) to skip when
-# scanning for Servlet 3.0 pluggability features. These features include web
-# fragments, annotations, SCIs and classes that match @HandlesTypes. The list
-# must be a comma separated list of JAR file names.
-# Additional JARs (over and above the default JARs listed above) to skip when
-# scanning for TLDs. The list must be a comma separated list of JAR file names.
-# String cache configuration.
diff --git a/library/roles/tomcat/files/jmxremote.access b/library/roles/tomcat/files/jmxremote.access
deleted file mode 100644
index c5aab07..0000000
--- a/library/roles/tomcat/files/jmxremote.access
+++ /dev/null
@@ -1,2 +0,0 @@
-monitorRole readonly
-controlRole readwrite
diff --git a/library/roles/tomcat/files/logging.properties b/library/roles/tomcat/files/logging.properties
deleted file mode 100644
index 6eeb181..0000000
--- a/library/roles/tomcat/files/logging.properties
+++ /dev/null
@@ -1,49 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.apache.org/licenses/LICENSE-2.0
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# See the License for the specific language governing permissions and
-# limitations under the License.
-handlers = 1catalina.org.apache.juli.FileHandler, 2localhost.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler
-.handlers = 1catalina.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler
-# Handler specific properties.
-# Describes specific configuration info for Handlers.
-1catalina.org.apache.juli.FileHandler.level = FINE
-1catalina.org.apache.juli.FileHandler.directory = ${catalina.base}/logs
-1catalina.org.apache.juli.FileHandler.prefix = catalina.
-2localhost.org.apache.juli.FileHandler.level = FINE
-2localhost.org.apache.juli.FileHandler.directory = ${catalina.base}/logs
-2localhost.org.apache.juli.FileHandler.prefix = localhost.
-java.util.logging.ConsoleHandler.level = FINE
-java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
-# Facility specific properties.
-# Provides extra control for each logger.
-org.apache.catalina.core.ContainerBase.[Catalina].[localhost].level = INFO
-org.apache.catalina.core.ContainerBase.[Catalina].[localhost].handlers = 2localhost.org.apache.juli.FileHandler
-# For example, set the com.xyz.foo logger to only log SEVERE
-# messages:
-#org.apache.catalina.startup.ContextConfig.level = FINE
-#org.apache.catalina.startup.HostConfig.level = FINE
-#org.apache.catalina.session.ManagerBase.level = FINE
diff --git a/library/roles/tomcat/files/tomcat6-juli-adapters.jar b/library/roles/tomcat/files/tomcat6-juli-adapters.jar
deleted file mode 100644
index 8b75f23..0000000
Binary files a/library/roles/tomcat/files/tomcat6-juli-adapters.jar and /dev/null differ
diff --git a/library/roles/tomcat/files/tomcat6-juli-log4j.jar b/library/roles/tomcat/files/tomcat6-juli-log4j.jar
deleted file mode 100644
index a8c8b4f..0000000
Binary files a/library/roles/tomcat/files/tomcat6-juli-log4j.jar and /dev/null differ
diff --git a/library/roles/tomcat/files/tomcat7-juli-adapters.jar b/library/roles/tomcat/files/tomcat7-juli-adapters.jar
deleted file mode 100644
index 1eedbfc..0000000
Binary files a/library/roles/tomcat/files/tomcat7-juli-adapters.jar and /dev/null differ
diff --git a/library/roles/tomcat/files/tomcat7-juli-log4j.jar b/library/roles/tomcat/files/tomcat7-juli-log4j.jar
deleted file mode 100644
index b09bf78..0000000
Binary files a/library/roles/tomcat/files/tomcat7-juli-log4j.jar and /dev/null differ
diff --git a/library/roles/tomcat/handlers/main.yml b/library/roles/tomcat/handlers/main.yml
deleted file mode 100644
index d6efc31..0000000
--- a/library/roles/tomcat/handlers/main.yml
+++ /dev/null
@@ -1,12 +0,0 @@
-- name: tomcat restart
- service: name='tomcat{{ tomcat_version }}' state=restarted sleep=20
- when: tomcat_service_enabled
-- name: enable tomcat
- service: name='tomcat{{ tomcat_version }}' state=started enabled=yes
- when: tomcat_service_enabled
-- name: disable tomcat
- service: name='tomcat{{ tomcat_version }}' state=started enabled=no
- when: not tomcat_service_enabled
diff --git a/library/roles/tomcat/meta/main.yml b/library/roles/tomcat/meta/main.yml
deleted file mode 100644
index 755ffdc..0000000
--- a/library/roles/tomcat/meta/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
- - { role: '../../library/roles/openjdk' }
diff --git a/library/roles/tomcat/tasks/access_log.yml b/library/roles/tomcat/tasks/access_log.yml
deleted file mode 100644
index 72d960a..0000000
--- a/library/roles/tomcat/tasks/access_log.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-- name: Install a logrotate entry for the access log file
- template: src=tomcat_access.logrotate.j2 dest=/etc/logrotate.d/tomcat_access owner=root group=root mode=0644
- when: tomcat_access_log_enabled
- tags: tomcat
diff --git a/library/roles/tomcat/tasks/main.yml b/library/roles/tomcat/tasks/main.yml
deleted file mode 100644
index 96f5209..0000000
--- a/library/roles/tomcat/tasks/main.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- import_tasks: tomcat-pkgs.yml
-- import_tasks: tomcat-admin.yml
- when: tomcat_install_admin
-- import_tasks: tomcat-jmx.yml
- when:
- - tomcat_jmx_enabled
- - tomcat_jmx_auth_enabled
- tags: [ 'tomcat', 'jmx' ]
-- import_tasks: tomcat-log4j-logging.yml
- when:
- - tomcat_use_log4j
- - tomcat_version <= 7
- tags: [ 'tomcat', 'tomcat_log4j' ]
-- import_tasks: tomcat-logger-logging.yml
- when: not tomcat_use_log4j or tomcat_version > 7
-- import_tasks: access_log.yml
- when: tomcat_access_log_enabled
-- import_tasks: pgsql_jdbc.yml
- when: tomcat_install_pg_jdbc
-- import_tasks: not_pgsql_jdbc.yml
- when: not tomcat_install_pg_jdbc
diff --git a/library/roles/tomcat/tasks/not_pgsql_jdbc.yml b/library/roles/tomcat/tasks/not_pgsql_jdbc.yml
deleted file mode 100644
index b029a4c..0000000
--- a/library/roles/tomcat/tasks/not_pgsql_jdbc.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-- name: Do not load the postgresql jdbc driver on tomcat if not needed
- file: dest={{ tomcat_catalina_home_dir }}/lib/{{ item }} state=absent
- with_items:
- - postgresql-jdbc4.jar
- when: not tomcat_install_pg_jdbc
- notify: tomcat restart
- tags: tomcat
diff --git a/library/roles/tomcat/tasks/pgsql_jdbc.yml b/library/roles/tomcat/tasks/pgsql_jdbc.yml
deleted file mode 100644
index 1456dd1..0000000
--- a/library/roles/tomcat/tasks/pgsql_jdbc.yml
+++ /dev/null
@@ -1,16 +0,0 @@
-# Postgresql JDBC
-- name: Install the jdbc package if needed
- apt: pkg=libpostgresql-jdbc-java state=present
- when: tomcat_install_pg_jdbc
- tags: [ 'tomcat', 'tomcat_jdbc' ]
-- name: Configure tomcat to use the global postgresql jdbc driver
- file: src=/usr/share/java/{{ item }} dest=/usr/share/tomcat{{ tomcat_version }}/lib/{{ item }} state=link
- with_items:
- - postgresql-jdbc4.jar
- when: tomcat_install_pg_jdbc
- notify:
- tomcat restart
- tags: [ 'tomcat', 'tomcat_jdbc' ]
diff --git a/library/roles/tomcat/tasks/tomcat-admin.yml b/library/roles/tomcat/tasks/tomcat-admin.yml
deleted file mode 100644
index d1e0849..0000000
--- a/library/roles/tomcat/tasks/tomcat-admin.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- name: Install the tomcat console management package
- apt: pkg=tomcat{{ tomcat_version }}-admin state={{ tomcat_pkg_state }}
- tags: tomcat
-- name: Install the tomcat users file
- template: src=tomcat-users.xml.j2 dest={{ tomcat_conf_dir }}/tomcat-users.xml owner=root group={{ tomcat_user }} mode=0640
- notify: tomcat restart
- tags: tomcat
diff --git a/library/roles/tomcat/tasks/tomcat-jmx.yml b/library/roles/tomcat/tasks/tomcat-jmx.yml
deleted file mode 100644
index 5d9d20e..0000000
--- a/library/roles/tomcat/tasks/tomcat-jmx.yml
+++ /dev/null
@@ -1,16 +0,0 @@
-- name: Distribute the jmx authorization file
- template: src=jmxremote.passwd.j2 dest={{ tomcat_jmx_auth_dir }}/jmxremote.passwd owner={{ tomcat_user }} mode=0600
- when:
- - tomcat_jmx_enabled
- - tomcat_jmx_auth_enabled
- notify: tomcat restart
- tags: [ 'tomcat', 'jmx' ]
-- name: Distribute the jmx role file
- copy: src=jmxremote.access dest={{ tomcat_jmx_auth_dir }}/jmxremote.access owner=root mode=0644
- when:
- - tomcat_jmx_enabled
- - tomcat_jmx_auth_enabled
- notify: tomcat restart
- tags: [ 'tomcat', 'jmx' ]
diff --git a/library/roles/tomcat/tasks/tomcat-log4j-logging.yml b/library/roles/tomcat/tasks/tomcat-log4j-logging.yml
deleted file mode 100644
index cc11deb..0000000
--- a/library/roles/tomcat/tasks/tomcat-log4j-logging.yml
+++ /dev/null
@@ -1,41 +0,0 @@
-# Manage tomcat internal logs with log4j
-- name: Install log4j
- apt: pkg=liblog4j1.2-java state={{ tomcat_pkg_state }}
- notify: tomcat restart
- tags: [ 'tomcat', 'tomcat_log4j' ]
-- name: Install tomcat-juli-adapters
- copy: src=tomcat{{ tomcat_version }}-juli-adapters.jar dest=/usr/share/java/tomcat-juli-adapters.jar
- tags: [ 'tomcat', 'tomcat_log4j' ]
-- name: Install tomcat-juli
- copy: src=tomcat{{ tomcat_version }}-juli-log4j.jar dest=/usr/share/java/tomcat-juli-log4j.jar
- tags: [ 'tomcat', 'tomcat_log4j' ]
-- name: Configure tomcat to use the log4j system library
- file: src=/usr/share/java/{{ item }} dest={{ tomcat_catalina_home_dir }}/lib/{{ item }} state=link
- with_items:
- - log4j-1.2.jar
- - tomcat-juli-adapters.jar
- notify: tomcat restart
- tags: [ 'tomcat', 'tomcat_log4j' ]
-- name: Configure tomcat to use the log4j version of the juli library
- file: src=/usr/share/java/{{ item }} dest={{ tomcat_catalina_home_dir }}/bin/tomcat-juli.jar state=link
- with_items:
- - tomcat-juli-log4j.jar
- notify: tomcat restart
- tags: [ 'tomcat', 'tomcat_log4j' ]
-- name: Install log4j.properties
- template: src=log4j.properties.j2 dest={{ tomcat_catalina_home_dir }}/lib/log4j.properties mode=0644 owner=root group=root
- when: tomcat_install_the_log4j_properties
- notify: tomcat restart
- tags: [ 'tomcat', 'tomcat_log4j' ]
-- name: Remove logging.properties
- file: dest=/etc/tomcat{{ tomcat_version }}/logging.properties state=absent
- notify: tomcat restart
- tags: [ 'tomcat', 'tomcat_log4j' ]
diff --git a/library/roles/tomcat/tasks/tomcat-logger-logging.yml b/library/roles/tomcat/tasks/tomcat-logger-logging.yml
deleted file mode 100644
index cae8c9b..0000000
--- a/library/roles/tomcat/tasks/tomcat-logger-logging.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-- name: Remove the system log4j library from the tomcat libdir
- file: dest={{ tomcat_catalina_home_dir }}/lib/{{ item }} state=absent
- with_items:
- - log4j-1.2.jar
- - tomcat-juli-adapters.jar
- notify: tomcat restart
- tags: tomcat
-- name: Configure tomcat to use the standard version of the juli library
- file: src=/usr/share/java/{{ item }} dest={{ tomcat_catalina_home_dir }}/bin/{{ item }} state=link
- with_items:
- - 'tomcat{{ tomcat_version }}-juli.jar'
- notify: tomcat restart
- tags: tomcat
-- name: Remove the system log4j.properties
- file: dest={{ tomcat_catalina_home_dir }}/lib/log4j.properties state=absent
- notify: tomcat restart
- tags: tomcat
-- name: Install logging.properties
- copy: src=logging.properties dest=/etc/tomcat{{ tomcat_version }}/logging.properties owner=root group=root mode=0644
- notify: tomcat restart
- tags: tomcat
diff --git a/library/roles/tomcat/tasks/tomcat-pkgs.yml b/library/roles/tomcat/tasks/tomcat-pkgs.yml
deleted file mode 100644
index 2015317..0000000
--- a/library/roles/tomcat/tasks/tomcat-pkgs.yml
+++ /dev/null
@@ -1,111 +0,0 @@
-- name: Set the tomcat version for ubuntu Trusy
- set_fact:
- tomcat_version: 7
- when:
- - ansible_distribution_major_version <= '16'
- - tomcat_fixed_version is not defined
- tags: [ 'tomcat', 'tomcat_ver', 'tomcat_conf', 'tomcat_javamelody' ]
-- name: Set the tomcat version for Ubuntu bionic
- set_fact:
- tomcat_version: 8
- when:
- - ansible_distribution_major_version == '18'
- - tomcat_fixed_version is not defined
- tags: [ 'tomcat', 'tomcat_ver', 'tomcat_conf', 'tomcat_javamelody' ]
-- name: Impose a tomcat version
- set_fact:
- tomcat_version: '{{ tomcat_fixed_version }}'
- when: tomcat_fixed_version is defined
- tags: [ 'tomcat', 'tomcat_ver', 'tomcat_conf', 'tomcat_javamelody' ]
-- name: Print the Tomcat version
- debug:
- msg: "The Tomcat version we are going to install is {{ tomcat_version }}"
- tags: [ 'tomcat', 'tomcat_ver', 'tomcat_conf', 'tomcat_javamelody' ]
-- name: Install the tomcat packages
- apt: pkg={{ tomcat_pkgs }} state={{ tomcat_pkg_state }} cache_valid_time=1800
- tags: tomcat
-- name: Install additional packages needed by tomcat 8+
- apt: pkg={{ tomcat8_additional_pkgs }} state={{ tomcat_pkg_state }} cache_valid_time=1800
- when: tomcat_version >= 8
- tags: [ 'tomcat', 'tomcat_javamelody', 'tomcat_conf', 'tomcat_javamelody' ]
-- name: Create the tomcat tmp directory
- file: dest={{ tomcat_tmp_dir }} state=directory owner={{ tomcat_user }} group={{ tomcat_user }}
- notify: tomcat restart
- tags: tomcat
-- name: Create the catalina temp directory, if different from the default
- file: dest={{ catalina_tmp_directory }} state=directory owner={{ tomcat_user }} group={{ tomcat_user }}
- when: catalina_tmp_directory is defined
- notify: tomcat restart
- tags: tomcat
-- name: Configure tomcat defaults
- template: src=tomcat-default.j2 dest=/etc/default/tomcat{{ tomcat_version }}
- when: tomcat_install_default_conf | bool
- notify: tomcat restart
- tags: [ 'tomcat', 'tomcat_default' ]
-- name: Configure tomcat server.xml
- template: src=tomcat-server.xml.j2 dest={{ tomcat_conf_dir }}/server.xml
- when: tomcat_install_server_xml | bool
- notify: tomcat restart
- tags: [ 'tomcat', 'tomcat_serverxml' ]
-- name: Configure tomcat web.xml
- template: src=tomcat-web.xml.j2 dest={{ tomcat_conf_dir }}/web.xml
- notify: tomcat restart
- tags: [ 'tomcat', 'tomcat_serverxml' ]
-- name: Install a slightly modified catalina.properties
- copy: src=catalina.properties dest={{ tomcat_conf_dir }}/catalina.properties owner=root group={{ tomcat_user }} mode=0644
- when: tomcat_install_default_conf | bool
- notify: tomcat restart
- tags: [ 'tomcat', 'tomcat_catalinaprops' ]
-- name: Create some directories that the package do not creates itself
- file: dest={{ tomcat_catalina_home_dir }}/{{ item }} state=directory owner={{ tomcat_user }} group={{ tomcat_user }} mode=0755
- with_items:
- - common/classes
- - server/classes
- - shared/classes
- tags: tomcat
-- name: On tomcat8, create a link to commons-daemon.jar to avoid exceptions at startup
- file: src=/usr/share/java/{{ item }} dest={{ tomcat_catalina_home_dir }}/bin/{{ item }} state=link owner=root group=root mode=0644
- with_items:
- - commons-daemon.jar
- when: tomcat_version >= 8
- tags: [ 'tomcat', 'tomcat_conf' ]
-- name: Install the javamelody dependency jar into the Java shared libs directory
- maven_artifact: artifact_id=jrobin version=latest group_id=org.jrobin extension=jar dest=/usr/share/java/jrobin.jar verify_checksum=always mode=0644 owner=root group=root repository_url=https://repo1.maven.org/maven2
- when: tomcat_javamelody | bool
- tags: [ 'tomcat', 'tomcat_javamelody', 'tomcat_conf' ]
-- name: Install the javamelody-core jar into the Java shared libs directory
- maven_artifact: artifact_id=javamelody-core version={{ tomcat_javamelody_version }} group_id=net.bull.javamelody extension=jar dest=/usr/share/java/javamelody-core.jar verify_checksum=always mode=0644 owner=root group=root repository_url=https://repo1.maven.org/maven2
- when: tomcat_javamelody | bool
- tags: [ 'tomcat', 'tomcat_javamelody', 'tomcat_conf' ]
-- name: Create a link to the the javamelody jar and its dependencies if the javamelody support is enabled
- file: src=../../java/{{ item }} dest={{ tomcat_catalina_home_dir }}/lib/{{ item }} state=link owner=root group=root mode=0644
- with_items:
- - javamelody-core.jar
- - jrobin.jar
- when: tomcat_javamelody | bool
- tags: [ 'tomcat', 'tomcat_javamelody', 'tomcat_conf' ]
-- name: Remove the javamelody jar and its dependencies if the javamelody support is disabled
- file: dest={{ tomcat_catalina_home_dir }}/lib/{{ item }} state=absent
- with_items:
- - javamelody-core.jar
- - jrobin.jar
- when: not tomcat_javamelody | bool
- tags: [ 'tomcat', 'tomcat_javamelody', 'tomcat_conf' ]
diff --git a/library/roles/tomcat/templates/jmxremote.passwd.j2 b/library/roles/tomcat/templates/jmxremote.passwd.j2
deleted file mode 100644
index cfca21c..0000000
--- a/library/roles/tomcat/templates/jmxremote.passwd.j2
+++ /dev/null
@@ -1,2 +0,0 @@
-monitorRole {{ tomcat_jmx_monitorpass }}
-controlRole {{ tomcat_jmx_controlpass }}
diff --git a/library/roles/tomcat/templates/log4j.properties.j2 b/library/roles/tomcat/templates/log4j.properties.j2
deleted file mode 100644
index 12dfa95..0000000
--- a/library/roles/tomcat/templates/log4j.properties.j2
+++ /dev/null
@@ -1,68 +0,0 @@
-{% if tomcat_send_to_logstash %}
-log4j.rootLogger = {{ tomcat_log_level }}, {{ tomcat_logstash_logger }}
-{% else %}
-log4j.rootLogger = {{ tomcat_log_level }}, {{ tomcat_log_logger }}
-{% endif %}
-# Define all the appenders
-log4j.appender.CATALINA = org.apache.log4j.RollingFileAppender
-log4j.appender.CATALINA.File = ${catalina.base}/logs/catalina.log
-log4j.appender.CATALINA.Append = true
-log4j.appender.CATALINA.Encoding = UTF-8
-log4j.appender.CATALINA.Threshold = {{ tomcat_log_rotation_threshold }}
-log4j.appender.CATALINA.MaxFileSize = {{ tomcat_log_max_file_size }}
-log4j.appender.CATALINA.MaxBackupIndex = {{ tomcat_retain_old_logs }}
-log4j.appender.CATALINA.layout = org.apache.log4j.PatternLayout
-log4j.appender.CATALINA.layout.ConversionPattern = %d [%t] %-5p %c- %m%n
-log4j.appender.LOCALHOST = org.apache.log4j.RollingFileAppender
-log4j.appender.LOCALHOST.File = ${catalina.base}/logs/localhost.log
-log4j.appender.LOCALHOST.Append = true
-log4j.appender.LOCALHOST.Encoding = UTF-8
-log4j.appender.LOCALHOST.Threshold = {{ tomcat_log_rotation_threshold }}
-log4j.appender.LOCALHOST.MaxFileSize = {{ tomcat_log_max_file_size }}
-log4j.appender.LOCALHOST.MaxBackupIndex = {{ tomcat_retain_old_logs }}
-log4j.appender.LOCALHOST.layout = org.apache.log4j.PatternLayout
-log4j.appender.LOCALHOST.layout.ConversionPattern = %d [%t] %-5p %c- %m%n
-log4j.appender.MANAGER = org.apache.log4j.RollingFileAppender
-log4j.appender.MANAGER.File = ${catalina.base}/logs/manager.log
-log4j.appender.MANAGER.Append = true
-log4j.appender.MANAGER.Encoding = UTF-8
-log4j.appender.MANAGER.Threshold = {{ tomcat_log_rotation_threshold }}
-log4j.appender.MANAGER.MaxFileSize = {{ tomcat_log_max_file_size }}
-log4j.appender.MANAGER.MaxBackupIndex = {{ tomcat_retain_old_logs }}
-log4j.appender.MANAGER.layout = org.apache.log4j.PatternLayout
-log4j.appender.MANAGER.layout.ConversionPattern = %d [%t] %-5p %c- %m%n
-log4j.appender.HOST-MANAGER = org.apache.log4j.RollingFileAppender
-log4j.appender.HOST-MANAGER.File = ${catalina.base}/logs/host-manager.log
-log4j.appender.HOST-MANAGER.Append = true
-log4j.appender.HOST-MANAGER.Encoding = UTF-8
-log4j.appender.HOST-MANAGER.Threshold = {{ tomcat_log_rotation_threshold }}
-log4j.appender.HOST-MANAGER.MaxFileSize = {{ tomcat_log_max_file_size }}
-log4j.appender.HOST-MANAGER.MaxBackupIndex = {{ tomcat_retain_old_logs }}
-log4j.appender.HOST-MANAGER.layout = org.apache.log4j.PatternLayout
-log4j.appender.HOST-MANAGER.layout.ConversionPattern = %d [%t] %-5p %c- %m%n
-{% if tomcat_send_to_logstash %}
-log4j.appender.LOGSTASH.remoteHost={{ tomcat_logstash_collector_host }}
-log4j.appender.LOGSTASH.port={{ tomcat_logstash_collector_socketappender_port }}
-log4j.appender.LOGSTASH.ReconnectionDelay={{ tomcat_logstash_collector_socketappender_reconndelay }}
-log4j.appender.LOGSTASH.layout = org.apache.log4j.PatternLayout
-log4j.appender.LOGSTASH.layout.ConversionPattern = %d [%t] %-5p %c- %m%n
-{% endif %}
-log4j.appender.CONSOLE = org.apache.log4j.ConsoleAppender
-log4j.appender.CONSOLE.Encoding = UTF-8
-log4j.appender.CONSOLE.layout = org.apache.log4j.PatternLayout
-log4j.appender.CONSOLE.layout.ConversionPattern = %d [%t] %-5p %c- %m%n
-# Configure which loggers log to which appenders
-log4j.logger.org.apache.catalina.core.ContainerBase.[Catalina].[localhost] = {{ tomcat_log_level }}, LOCALHOST
-log4j.logger.org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager] =\
- {{ tomcat_log_level }}, MANAGER
-log4j.logger.org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager] =\
- {{ tomcat_log_level }}, HOST-MANAGER
diff --git a/library/roles/tomcat/templates/tomcat-default.j2 b/library/roles/tomcat/templates/tomcat-default.j2
deleted file mode 100644
index 698f436..0000000
--- a/library/roles/tomcat/templates/tomcat-default.j2
+++ /dev/null
@@ -1,71 +0,0 @@
-{% if limits_nofile_value is defined %}
-ulimit -Hn {{ limits_nofile_value }}
-ulimit -Sn {{ limits_nofile_value }}
-{% endif %}
-# Run Tomcat as this user ID. Not setting this or leaving it blank will use the
-# default of tomcat{{ tomcat_version}}.
-TOMCAT{{ tomcat_version}}_USER={{ tomcat_user }}
-# Run Tomcat as this group ID. Not setting this or leaving it blank will use
-# the default of tomcat{{ tomcat_version}}.
-TOMCAT{{ tomcat_version}}_GROUP={{ tomcat_user }}
-# The home directory of the Java development kit (JDK). You need at least
-# JDK version 1.5. If JAVA_HOME is not set, some common directories for
-# OpenJDK, the Sun JDK, and various J2SE 1.5 versions are tried.
-{% if jdk_java_home is defined %}
-JAVA_HOME={{ jdk_java_home }}
-{% endif %}
-JAVA_OPTS="-server -Djava.awt.headless=true -Dfile.encoding={{ tomcat_file_encoding }}"
-{% if jdk_default <= 7 %}
-{% if tomcat_permgen_defined %}
-{% if tomcat_permgen_size is defined %}
-JAVA_OPTS="-XX:MaxPermSize={{ tomcat_permgen_size }} $JAVA_OPTS"
-{% endif %}
-{% endif %}
-{% endif %}
-{% if jdk_default >= 8 %}
-JAVA_OPTS="{{ tomcat_additional_java_8_opts }} $JAVA_OPTS"
-{% endif %}
-{% if tomcat_java_opts is defined %}
-JAVA_OPTS="{{ tomcat_java_opts }} $JAVA_OPTS"
-{% endif %}
-{% if tomcat_java_gc_opts is defined %}
-JAVA_OPTS="${JAVA_OPTS} {{ tomcat_java_gc_opts }}"
-{% endif %}
-{% if tomcat_proxy_enabled %}
-JAVA_OPTS="${JAVA_OPTS} {{ tomcat_proxy_opts }}"
-{% endif %}
-{% if tomcat_other_java_opts is defined %}
-JAVA_OPTS="${JAVA_OPTS} {{ tomcat_other_java_opts }}"
-{% endif %}
-{% if tomcat_jmx_enabled %}
-JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port={{ tomcat_jmx_port }} -Dcom.sun.management.jmxremote.ssl={{ tomcat_jmx_use_ssl }} -Dcom.sun.management.jmxremote.local.only={{ tomcat_jmx_localhost_only }}"
-{% if tomcat_jmx_auth_enabled %}
-JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.password.file={{ tomcat_jmx_auth_dir }}/jmxremote.password -Dcom.sun.management.jmxremote.access.file={{ tomcat_jmx_auth_dir }}/jmxremote.access"
-{% else %}
-JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.authenticate=false"
-{% endif %}
-{% if tomcat_jmx_disable_additional_ports %}
-JAVA_OPTS="${JAVA_OPTS} -XX:+DisableAttachMechanism -Dcom.sun.management.jmxremote.rmi.port={{ tomcat_jmx_port }}"
-{% endif %}
-{% endif %}
-{% if tomcat_enable_remote_debugging %}
-# You will be able to use a java debugger on URI {{ tomcat_remote_debugging_uri }}.
-JAVA_OPTS="${JAVA_OPTS} -agentlib:jdwp=transport=dt_socket,address={{ tomcat_remote_debugging_uri }},server=y,suspend=n"
-# Obsolete
-#JAVA_OPTS="${JAVA_OPTS} -Xdebug -Xrunjdwp:transport=dt_socket,address={{ tomcat_remote_debugging_uri }},server=y,suspend=n"
-{% endif %}
-# Location of the JVM temporary directory
-# WARNING: This directory will be destroyed and recreated at every startup !
-JVM_TMP={{ tomcat_tmp_dir }}
-{% if catalina_tmp_directory is defined %}
-export CATALINA_TMPDIR={{ catalina_tmp_directory }}
-{% endif %}
-{% if tomcat_load_additional_default_conf %}
-if [ -f /etc/default/tomcat.local ] ; then
- . /etc/default/tomcat.local
-{% endif %}
diff --git a/library/roles/tomcat/templates/tomcat-server.xml.j2 b/library/roles/tomcat/templates/tomcat-server.xml.j2
deleted file mode 100644
index 9dc83aa..0000000
--- a/library/roles/tomcat/templates/tomcat-server.xml.j2
+++ /dev/null
@@ -1,176 +0,0 @@
-{% if tomcat_shutdown_port == -1 %}
-{% else %}
- {% endif %}
-{% if tomcat_http_enabled %}
-{% endif %}
-{% if tomcat_http_enabled %}
-{% endif %}
-{% if tomcat_ajp_enabled %}
-{% endif %}
-{% if tomcat_access_log_enabled %}
-{% endif %}
diff --git a/library/roles/tomcat/templates/tomcat-users.xml.j2 b/library/roles/tomcat/templates/tomcat-users.xml.j2
deleted file mode 100644
index f2563e4..0000000
--- a/library/roles/tomcat/templates/tomcat-users.xml.j2
+++ /dev/null
@@ -1,40 +0,0 @@
-{% if tomcat_manager_gui_user_enabled %}
-{% endif %}
-{% if tomcat_manager_script_user_enabled %}
-{% endif %}
-{% if tomcat_manager_jmx_user_enabled %}
-{% endif %}
-{% if tomcat_manager_status_user_enabled %}
-{% endif %}
diff --git a/library/roles/tomcat/templates/tomcat-web.xml.j2 b/library/roles/tomcat/templates/tomcat-web.xml.j2
deleted file mode 100644
index d27fdfb..0000000
--- a/library/roles/tomcat/templates/tomcat-web.xml.j2
+++ /dev/null
@@ -1,4344 +0,0 @@
- default
- org.apache.catalina.servlets.DefaultServlet
- debug
- 0
- listings
- false
- 1
- jsp
- org.apache.jasper.servlet.JspServlet
- fork
- false
- xpoweredBy
- false
- 3
- default
- /
- jsp
- *.jsp
- *.jspx
-{% if tomcat_javamelody %}
- javamelody
- net.bull.javamelody.MonitoringFilter
- log
- true
- javamelody
- /*
- net.bull.javamelody.SessionListener
-{% endif %}
- 30
- 123
- application/vnd.lotus-1-2-3
- 3dml
- text/vnd.in3d.3dml
- 3g2
- video/3gpp2
- 3gp
- video/3gpp
- 7z
- application/x-7z-compressed
- aab
- application/x-authorware-bin
- aac
- audio/x-aac
- aam
- application/x-authorware-map
- aas
- application/x-authorware-seg
- abs
- audio/x-mpeg
- abw
- application/x-abiword
- ac
- application/pkix-attr-cert
- acc
- application/vnd.americandynamics.acc
- ace
- application/x-ace-compressed
- acu
- application/vnd.acucobol
- acutc
- application/vnd.acucorp
- adp
- audio/adpcm
- aep
- application/vnd.audiograph
- afm
- application/x-font-type1
- afp
- application/vnd.ibm.modcap
- ahead
- application/vnd.ahead.space
- ai
- application/postscript
- aif
- audio/x-aiff
- aifc
- audio/x-aiff
- aiff
- audio/x-aiff
- aim
- application/x-aim
- air
- application/vnd.adobe.air-application-installer-package+zip
- ait
- application/vnd.dvb.ait
- ami
- application/vnd.amiga.ami
- anx
- application/annodex
- apk
- application/vnd.android.package-archive
- application
- application/x-ms-application
- apr
- application/vnd.lotus-approach
- art
- image/x-jg
- asc
- application/pgp-signature
- asf
- video/x-ms-asf
- asm
- text/x-asm
- aso
- application/vnd.accpac.simply.aso
- asx
- video/x-ms-asf
- atc
- application/vnd.acucorp
- atom
- application/atom+xml
- atomcat
- application/atomcat+xml
- atomsvc
- application/atomsvc+xml
- atx
- application/vnd.antix.game-component
- au
- audio/basic
- avi
- video/x-msvideo
- avx
- video/x-rad-screenplay
- aw
- application/applixware
- axa
- audio/annodex
- axv
- video/annodex
- azf
- application/vnd.airzip.filesecure.azf
- azs
- application/vnd.airzip.filesecure.azs
- azw
- application/vnd.amazon.ebook
- bat
- application/x-msdownload
- bcpio
- application/x-bcpio
- bdf
- application/x-font-bdf
- bdm
- application/vnd.syncml.dm+wbxml
- bed
- application/vnd.realvnc.bed
- bh2
- application/vnd.fujitsu.oasysprs
- bin
- application/octet-stream
- bmi
- application/vnd.bmi
- bmp
- image/bmp
- body
- text/html
- book
- application/vnd.framemaker
- box
- application/vnd.previewsystems.box
- boz
- application/x-bzip2
- bpk
- application/octet-stream
- btif
- image/prs.btif
- bz
- application/x-bzip
- bz2
- application/x-bzip2
- c
- text/x-c
- c11amc
- application/vnd.cluetrust.cartomobile-config
- c11amz
- application/vnd.cluetrust.cartomobile-config-pkg
- c4d
- application/vnd.clonk.c4group
- c4f
- application/vnd.clonk.c4group
- c4g
- application/vnd.clonk.c4group
- c4p
- application/vnd.clonk.c4group
- c4u
- application/vnd.clonk.c4group
- cab
- application/vnd.ms-cab-compressed
- cap
- application/vnd.tcpdump.pcap
- car
- application/vnd.curl.car
- cat
- application/vnd.ms-pki.seccat
- cc
- text/x-c
- cct
- application/x-director
- ccxml
- application/ccxml+xml
- cdbcmsg
- application/vnd.contact.cmsg
- cdf
- application/x-cdf
- cdkey
- application/vnd.mediastation.cdkey
- cdmia
- application/cdmi-capability
- cdmic
- application/cdmi-container
- cdmid
- application/cdmi-domain
- cdmio
- application/cdmi-object
- cdmiq
- application/cdmi-queue
- cdx
- chemical/x-cdx
- cdxml
- application/vnd.chemdraw+xml
- cdy
- application/vnd.cinderella
- cer
- application/pkix-cert
- cgm
- image/cgm
- chat
- application/x-chat
- chm
- application/vnd.ms-htmlhelp
- chrt
- application/vnd.kde.kchart
- cif
- chemical/x-cif
- cii
- application/vnd.anser-web-certificate-issue-initiation
- cil
- application/vnd.ms-artgalry
- cla
- application/vnd.claymore
- class
- application/java
- clkk
- application/vnd.crick.clicker.keyboard
- clkp
- application/vnd.crick.clicker.palette
- clkt
- application/vnd.crick.clicker.template
- clkw
- application/vnd.crick.clicker.wordbank
- clkx
- application/vnd.crick.clicker
- clp
- application/x-msclip
- cmc
- application/vnd.cosmocaller
- cmdf
- chemical/x-cmdf
- cml
- chemical/x-cml
- cmp
- application/vnd.yellowriver-custom-menu
- cmx
- image/x-cmx
- cod
- application/vnd.rim.cod
- com
- application/x-msdownload
- conf
- text/plain
- cpio
- application/x-cpio
- cpp
- text/x-c
- cpt
- application/mac-compactpro
- crd
- application/x-mscardfile
- crl
- application/pkix-crl
- crt
- application/x-x509-ca-cert
- cryptonote
- application/vnd.rig.cryptonote
- csh
- application/x-csh
- csml
- chemical/x-csml
- csp
- application/vnd.commonspace
- css
- text/css
- cst
- application/x-director
- csv
- text/csv
- cu
- application/cu-seeme
- curl
- text/vnd.curl
- cww
- application/prs.cww
- cxt
- application/x-director
- cxx
- text/x-c
- dae
- model/vnd.collada+xml
- daf
- application/vnd.mobius.daf
- dataless
- application/vnd.fdsn.seed
- davmount
- application/davmount+xml
- dcr
- application/x-director
- dcurl
- text/vnd.curl.dcurl
- dd2
- application/vnd.oma.dd2+xml
- ddd
- application/vnd.fujixerox.ddd
- deb
- application/x-debian-package
- def
- text/plain
- deploy
- application/octet-stream
- der
- application/x-x509-ca-cert
- dfac
- application/vnd.dreamfactory
- dib
- image/bmp
- dic
- text/x-c
- dir
- application/x-director
- dis
- application/vnd.mobius.dis
- dist
- application/octet-stream
- distz
- application/octet-stream
- djv
- image/vnd.djvu
- djvu
- image/vnd.djvu
- dll
- application/x-msdownload
- dmg
- application/octet-stream
- dmp
- application/vnd.tcpdump.pcap
- dms
- application/octet-stream
- dna
- application/vnd.dna
- doc
- application/msword
- docm
- application/vnd.ms-word.document.macroenabled.12
- docx
- application/vnd.openxmlformats-officedocument.wordprocessingml.document
- dot
- application/msword
- dotm
- application/vnd.ms-word.template.macroenabled.12
- dotx
- application/vnd.openxmlformats-officedocument.wordprocessingml.template
- dp
- application/vnd.osgi.dp
- dpg
- application/vnd.dpgraph
- dra
- audio/vnd.dra
- dsc
- text/prs.lines.tag
- dssc
- application/dssc+der
- dtb
- application/x-dtbook+xml
- dtd
- application/xml-dtd
- dts
- audio/vnd.dts
- dtshd
- audio/vnd.dts.hd
- dump
- application/octet-stream
- dv
- video/x-dv
- dvb
- video/vnd.dvb.file
- dvi
- application/x-dvi
- dwf
- model/vnd.dwf
- dwg
- image/vnd.dwg
- dxf
- image/vnd.dxf
- dxp
- application/vnd.spotfire.dxp
- dxr
- application/x-director
- ecelp4800
- audio/vnd.nuera.ecelp4800
- ecelp7470
- audio/vnd.nuera.ecelp7470
- ecelp9600
- audio/vnd.nuera.ecelp9600
- ecma
- application/ecmascript
- edm
- application/vnd.novadigm.edm
- edx
- application/vnd.novadigm.edx
- efif
- application/vnd.picsel
- ei6
- application/vnd.pg.osasli
- elc
- application/octet-stream
- eml
- message/rfc822
- emma
- application/emma+xml
- eol
- audio/vnd.digital-winds
- eot
- application/vnd.ms-fontobject
- eps
- application/postscript
- epub
- application/epub+zip
- es3
- application/vnd.eszigno3+xml
- esf
- application/vnd.epson.esf
- et3
- application/vnd.eszigno3+xml
- etx
- text/x-setext
- exe
- application/octet-stream
- exi
- application/exi
- ext
- application/vnd.novadigm.ext
- ez
- application/andrew-inset
- ez2
- application/vnd.ezpix-album
- ez3
- application/vnd.ezpix-package
- f
- text/x-fortran
- f4v
- video/x-f4v
- f77
- text/x-fortran
- f90
- text/x-fortran
- fbs
- image/vnd.fastbidsheet
- fcs
- application/vnd.isac.fcs
- fdf
- application/vnd.fdf
- fe_launch
- application/vnd.denovo.fcselayout-link
- fg5
- application/vnd.fujitsu.oasysgp
- fgd
- application/x-director
- fh
- image/x-freehand
- fh4
- image/x-freehand
- fh5
- image/x-freehand
- fh7
- image/x-freehand
- fhc
- image/x-freehand
- fig
- application/x-xfig
- flac
- audio/flac
- fli
- video/x-fli
- flo
- application/vnd.micrografx.flo
- flv
- video/x-flv
- flw
- application/vnd.kde.kivio
- flx
- text/vnd.fmi.flexstor
- fly
- text/vnd.fly
- fm
- application/vnd.framemaker
- fnc
- application/vnd.frogans.fnc
- for
- text/x-fortran
- fpx
- image/vnd.fpx
- frame
- application/vnd.framemaker
- fsc
- application/vnd.fsc.weblaunch
- fst
- image/vnd.fst
- ftc
- application/vnd.fluxtime.clip
- fti
- application/vnd.anser-web-funds-transfer-initiation
- fvt
- video/vnd.fvt
- fxp
- application/vnd.adobe.fxp
- fxpl
- application/vnd.adobe.fxp
- fzs
- application/vnd.fuzzysheet
- g2w
- application/vnd.geoplan
- g3
- image/g3fax
- g3w
- application/vnd.geospace
- gac
- application/vnd.groove-account
- gbr
- application/rpki-ghostbusters
- gdl
- model/vnd.gdl
- geo
- application/vnd.dynageo
- gex
- application/vnd.geometry-explorer
- ggb
- application/vnd.geogebra.file
- ggt
- application/vnd.geogebra.tool
- ghf
- application/vnd.groove-help
- gif
- image/gif
- gim
- application/vnd.groove-identity-message
- gmx
- application/vnd.gmx
- gnumeric
- application/x-gnumeric
- gph
- application/vnd.flographit
- gqf
- application/vnd.grafeq
- gqs
- application/vnd.grafeq
- gram
- application/srgs
- gre
- application/vnd.geometry-explorer
- grv
- application/vnd.groove-injector
- grxml
- application/srgs+xml
- gsf
- application/x-font-ghostscript
- gtar
- application/x-gtar
- gtm
- application/vnd.groove-tool-message
- gtw
- model/vnd.gtw
- gv
- text/vnd.graphviz
- gxt
- application/vnd.geonext
- gz
- application/x-gzip
- h
- text/x-c
- h261
- video/h261
- h263
- video/h263
- h264
- video/h264
- hal
- application/vnd.hal+xml
- hbci
- application/vnd.hbci
- hdf
- application/x-hdf
- hh
- text/x-c
- hlp
- application/winhlp
- hpgl
- application/vnd.hp-hpgl
- hpid
- application/vnd.hp-hpid
- hps
- application/vnd.hp-hps
- hqx
- application/mac-binhex40
- htc
- text/x-component
- htke
- application/vnd.kenameaapp
- htm
- text/html
- html
- text/html
- hvd
- application/vnd.yamaha.hv-dic
- hvp
- application/vnd.yamaha.hv-voice
- hvs
- application/vnd.yamaha.hv-script
- i2g
- application/vnd.intergeo
- icc
- application/vnd.iccprofile
- ice
- x-conference/x-cooltalk
- icm
- application/vnd.iccprofile
- ico
- image/x-icon
- ics
- text/calendar
- ief
- image/ief
- ifb
- text/calendar
- ifm
- application/vnd.shana.informed.formdata
- iges
- model/iges
- igl
- application/vnd.igloader
- igm
- application/vnd.insors.igm
- igs
- model/iges
- igx
- application/vnd.micrografx.igx
- iif
- application/vnd.shana.informed.interchange
- imp
- application/vnd.accpac.simply.imp
- ims
- application/vnd.ms-ims
- in
- text/plain
- ink
- application/inkml+xml
- inkml
- application/inkml+xml
- iota
- application/vnd.astraea-software.iota
- ipfix
- application/ipfix
- ipk
- application/vnd.shana.informed.package
- irm
- application/vnd.ibm.rights-management
- irp
- application/vnd.irepository.package+xml
- iso
- application/octet-stream
- itp
- application/vnd.shana.informed.formtemplate
- ivp
- application/vnd.immervision-ivp
- ivu
- application/vnd.immervision-ivu
- jad
- text/vnd.sun.j2me.app-descriptor
- jam
- application/vnd.jam
- jar
- application/java-archive
- java
- text/x-java-source
- jisp
- application/vnd.jisp
- jlt
- application/vnd.hp-jlyt
- jnlp
- application/x-java-jnlp-file
- joda
- application/vnd.joost.joda-archive
- jpe
- image/jpeg
- jpeg
- image/jpeg
- jpg
- image/jpeg
- jpgm
- video/jpm
- jpgv
- video/jpeg
- jpm
- video/jpm
- js
- application/javascript
- jsf
- text/plain
- json
- application/json
- jspf
- text/plain
- kar
- audio/midi
- karbon
- application/vnd.kde.karbon
- kfo
- application/vnd.kde.kformula
- kia
- application/vnd.kidspiration
- kml
- application/vnd.google-earth.kml+xml
- kmz
- application/vnd.google-earth.kmz
- kne
- application/vnd.kinar
- knp
- application/vnd.kinar
- kon
- application/vnd.kde.kontour
- kpr
- application/vnd.kde.kpresenter
- kpt
- application/vnd.kde.kpresenter
- ksp
- application/vnd.kde.kspread
- ktr
- application/vnd.kahootz
- ktx
- image/ktx
- ktz
- application/vnd.kahootz
- kwd
- application/vnd.kde.kword
- kwt
- application/vnd.kde.kword
- lasxml
- application/vnd.las.las+xml
- latex
- application/x-latex
- lbd
- application/vnd.llamagraphics.life-balance.desktop
- lbe
- application/vnd.llamagraphics.life-balance.exchange+xml
- les
- application/vnd.hhe.lesson-player
- lha
- application/octet-stream
- link66
- application/vnd.route66.link66+xml
- list
- text/plain
- list3820
- application/vnd.ibm.modcap
- listafp
- application/vnd.ibm.modcap
- log
- text/plain
- lostxml
- application/lost+xml
- lrf
- application/octet-stream
- lrm
- application/vnd.ms-lrm
- ltf
- application/vnd.frogans.ltf
- lvp
- audio/vnd.lucent.voice
- lwp
- application/vnd.lotus-wordpro
- lzh
- application/octet-stream
- m13
- application/x-msmediaview
- m14
- application/x-msmediaview
- m1v
- video/mpeg
- m21
- application/mp21
- m2a
- audio/mpeg
- m2v
- video/mpeg
- m3a
- audio/mpeg
- m3u
- audio/x-mpegurl
- m3u8
- application/vnd.apple.mpegurl
- m4a
- audio/mp4
- m4b
- audio/mp4
- m4r
- audio/mp4
- m4u
- video/vnd.mpegurl
- m4v
- video/mp4
- ma
- application/mathematica
- mac
- image/x-macpaint
- mads
- application/mads+xml
- mag
- application/vnd.ecowin.chart
- maker
- application/vnd.framemaker
- man
- text/troff
- mathml
- application/mathml+xml
- mb
- application/mathematica
- mbk
- application/vnd.mobius.mbk
- mbox
- application/mbox
- mc1
- application/vnd.medcalcdata
- mcd
- application/vnd.mcd
- mcurl
- text/vnd.curl.mcurl
- mdb
- application/x-msaccess
- mdi
- image/vnd.ms-modi
- me
- text/troff
- mesh
- model/mesh
- meta4
- application/metalink4+xml
- mets
- application/mets+xml
- mfm
- application/vnd.mfmp
- mft
- application/rpki-manifest
- mgp
- application/vnd.osgeo.mapguide.package
- mgz
- application/vnd.proteus.magazine
- mid
- audio/midi
- midi
- audio/midi
- mif
- application/x-mif
- mime
- message/rfc822
- mj2
- video/mj2
- mjp2
- video/mj2
- mlp
- application/vnd.dolby.mlp
- mmd
- application/vnd.chipnuts.karaoke-mmd
- mmf
- application/vnd.smaf
- mmr
- image/vnd.fujixerox.edmics-mmr
- mny
- application/x-msmoney
- mobi
- application/x-mobipocket-ebook
- mods
- application/mods+xml
- mov
- video/quicktime
- movie
- video/x-sgi-movie
- mp1
- audio/mpeg
- mp2
- audio/mpeg
- mp21
- application/mp21
- mp2a
- audio/mpeg
- mp3
- audio/mpeg
- mp4
- video/mp4
- mp4a
- audio/mp4
- mp4s
- application/mp4
- mp4v
- video/mp4
- mpa
- audio/mpeg
- mpc
- application/vnd.mophun.certificate
- mpe
- video/mpeg
- mpeg
- video/mpeg
- mpega
- audio/x-mpeg
- mpg
- video/mpeg
- mpg4
- video/mp4
- mpga
- audio/mpeg
- mpkg
- application/vnd.apple.installer+xml
- mpm
- application/vnd.blueice.multipass
- mpn
- application/vnd.mophun.application
- mpp
- application/vnd.ms-project
- mpt
- application/vnd.ms-project
- mpv2
- video/mpeg2
- mpy
- application/vnd.ibm.minipay
- mqy
- application/vnd.mobius.mqy
- mrc
- application/marc
- mrcx
- application/marcxml+xml
- ms
- text/troff
- mscml
- application/mediaservercontrol+xml
- mseed
- application/vnd.fdsn.mseed
- mseq
- application/vnd.mseq
- msf
- application/vnd.epson.msf
- msh
- model/mesh
- msi
- application/x-msdownload
- msl
- application/vnd.mobius.msl
- msty
- application/vnd.muvee.style
- mts
- model/vnd.mts
- mus
- application/vnd.musician
- musicxml
- application/vnd.recordare.musicxml+xml
- mvb
- application/x-msmediaview
- mwf
- application/vnd.mfer
- mxf
- application/mxf
- mxl
- application/vnd.recordare.musicxml
- mxml
- application/xv+xml
- mxs
- application/vnd.triscape.mxs
- mxu
- video/vnd.mpegurl
- n-gage
- application/vnd.nokia.n-gage.symbian.install
- n3
- text/n3
- nb
- application/mathematica
- nbp
- application/vnd.wolfram.player
- nc
- application/x-netcdf
- ncx
- application/x-dtbncx+xml
- ngdat
- application/vnd.nokia.n-gage.data
- nlu
- application/vnd.neurolanguage.nlu
- nml
- application/vnd.enliven
- nnd
- application/vnd.noblenet-directory
- nns
- application/vnd.noblenet-sealer
- nnw
- application/vnd.noblenet-web
- npx
- image/vnd.net-fpx
- nsf
- application/vnd.lotus-notes
- oa2
- application/vnd.fujitsu.oasys2
- oa3
- application/vnd.fujitsu.oasys3
- oas
- application/vnd.fujitsu.oasys
- obd
- application/x-msbinder
- oda
- application/oda
- odb
- application/vnd.oasis.opendocument.database
- odc
- application/vnd.oasis.opendocument.chart
- odf
- application/vnd.oasis.opendocument.formula
- odft
- application/vnd.oasis.opendocument.formula-template
- odg
- application/vnd.oasis.opendocument.graphics
- odi
- application/vnd.oasis.opendocument.image
- odm
- application/vnd.oasis.opendocument.text-master
- odp
- application/vnd.oasis.opendocument.presentation
- ods
- application/vnd.oasis.opendocument.spreadsheet
- odt
- application/vnd.oasis.opendocument.text
- oga
- audio/ogg
- ogg
- audio/ogg
- ogv
- video/ogg
- ogx
- application/ogg
- onepkg
- application/onenote
- onetmp
- application/onenote
- onetoc
- application/onenote
- onetoc2
- application/onenote
- opf
- application/oebps-package+xml
- oprc
- application/vnd.palm
- org
- application/vnd.lotus-organizer
- osf
- application/vnd.yamaha.openscoreformat
- osfpvg
- application/vnd.yamaha.openscoreformat.osfpvg+xml
- otc
- application/vnd.oasis.opendocument.chart-template
- otf
- application/x-font-otf
- otg
- application/vnd.oasis.opendocument.graphics-template
- oth
- application/vnd.oasis.opendocument.text-web
- oti
- application/vnd.oasis.opendocument.image-template
- otp
- application/vnd.oasis.opendocument.presentation-template
- ots
- application/vnd.oasis.opendocument.spreadsheet-template
- ott
- application/vnd.oasis.opendocument.text-template
- oxps
- application/oxps
- oxt
- application/vnd.openofficeorg.extension
- p
- text/x-pascal
- p10
- application/pkcs10
- p12
- application/x-pkcs12
- p7b
- application/x-pkcs7-certificates
- p7c
- application/pkcs7-mime
- p7m
- application/pkcs7-mime
- p7r
- application/x-pkcs7-certreqresp
- p7s
- application/pkcs7-signature
- p8
- application/pkcs8
- pas
- text/x-pascal
- paw
- application/vnd.pawaafile
- pbd
- application/vnd.powerbuilder6
- pbm
- image/x-portable-bitmap
- pcap
- application/vnd.tcpdump.pcap
- pcf
- application/x-font-pcf
- pcl
- application/vnd.hp-pcl
- pclxl
- application/vnd.hp-pclxl
- pct
- image/pict
- pcurl
- application/vnd.curl.pcurl
- pcx
- image/x-pcx
- pdb
- application/vnd.palm
- pdf
- application/pdf
- pfa
- application/x-font-type1
- pfb
- application/x-font-type1
- pfm
- application/x-font-type1
- pfr
- application/font-tdpfr
- pfx
- application/x-pkcs12
- pgm
- image/x-portable-graymap
- pgn
- application/x-chess-pgn
- pgp
- application/pgp-encrypted
- pic
- image/pict
- pict
- image/pict
- pkg
- application/octet-stream
- pki
- application/pkixcmp
- pkipath
- application/pkix-pkipath
- plb
- application/vnd.3gpp.pic-bw-large
- plc
- application/vnd.mobius.plc
- plf
- application/vnd.pocketlearn
- pls
- audio/x-scpls
- pml
- application/vnd.ctc-posml
- png
- image/png
- pnm
- image/x-portable-anymap
- pnt
- image/x-macpaint
- portpkg
- application/vnd.macports.portpkg
- pot
- application/vnd.ms-powerpoint
- potm
- application/vnd.ms-powerpoint.template.macroenabled.12
- potx
- application/vnd.openxmlformats-officedocument.presentationml.template
- ppam
- application/vnd.ms-powerpoint.addin.macroenabled.12
- ppd
- application/vnd.cups-ppd
- ppm
- image/x-portable-pixmap
- pps
- application/vnd.ms-powerpoint
- ppsm
- application/vnd.ms-powerpoint.slideshow.macroenabled.12
- ppsx
- application/vnd.openxmlformats-officedocument.presentationml.slideshow
- ppt
- application/vnd.ms-powerpoint
- pptm
- application/vnd.ms-powerpoint.presentation.macroenabled.12
- pptx
- application/vnd.openxmlformats-officedocument.presentationml.presentation
- pqa
- application/vnd.palm
- prc
- application/x-mobipocket-ebook
- pre
- application/vnd.lotus-freelance
- prf
- application/pics-rules
- ps
- application/postscript
- psb
- application/vnd.3gpp.pic-bw-small
- psd
- image/vnd.adobe.photoshop
- psf
- application/x-font-linux-psf
- pskcxml
- application/pskc+xml
- ptid
- application/vnd.pvi.ptid1
- pub
- application/x-mspublisher
- pvb
- application/vnd.3gpp.pic-bw-var
- pwn
- application/vnd.3m.post-it-notes
- pya
- audio/vnd.ms-playready.media.pya
- pyv
- video/vnd.ms-playready.media.pyv
- qam
- application/vnd.epson.quickanime
- qbo
- application/vnd.intu.qbo
- qfx
- application/vnd.intu.qfx
- qps
- application/vnd.publishare-delta-tree
- qt
- video/quicktime
- qti
- image/x-quicktime
- qtif
- image/x-quicktime
- qwd
- application/vnd.quark.quarkxpress
- qwt
- application/vnd.quark.quarkxpress
- qxb
- application/vnd.quark.quarkxpress
- qxd
- application/vnd.quark.quarkxpress
- qxl
- application/vnd.quark.quarkxpress
- qxt
- application/vnd.quark.quarkxpress
- ra
- audio/x-pn-realaudio
- ram
- audio/x-pn-realaudio
- rar
- application/x-rar-compressed
- ras
- image/x-cmu-raster
- rcprofile
- application/vnd.ipunplugged.rcprofile
- rdf
- application/rdf+xml
- rdz
- application/vnd.data-vision.rdz
- rep
- application/vnd.businessobjects
- res
- application/x-dtbresource+xml
- rgb
- image/x-rgb
- rif
- application/reginfo+xml
- rip
- audio/vnd.rip
- rl
- application/resource-lists+xml
- rlc
- image/vnd.fujixerox.edmics-rlc
- rld
- application/resource-lists-diff+xml
- rm
- application/vnd.rn-realmedia
- rmi
- audio/midi
- rmp
- audio/x-pn-realaudio-plugin
- rms
- application/vnd.jcp.javame.midlet-rms
- rnc
- application/relax-ng-compact-syntax
- roa
- application/rpki-roa
- roff
- text/troff
- rp9
- application/vnd.cloanto.rp9
- rpss
- application/vnd.nokia.radio-presets
- rpst
- application/vnd.nokia.radio-preset
- rq
- application/sparql-query
- rs
- application/rls-services+xml
- rsd
- application/rsd+xml
- rss
- application/rss+xml
- rtf
- application/rtf
- rtx
- text/richtext
- s
- text/x-asm
- saf
- application/vnd.yamaha.smaf-audio
- sbml
- application/sbml+xml
- sc
- application/vnd.ibm.secure-container
- scd
- application/x-msschedule
- scm
- application/vnd.lotus-screencam
- scq
- application/scvp-cv-request
- scs
- application/scvp-cv-response
- scurl
- text/vnd.curl.scurl
- sda
- application/vnd.stardivision.draw
- sdc
- application/vnd.stardivision.calc
- sdd
- application/vnd.stardivision.impress
- sdkd
- application/vnd.solent.sdkm+xml
- sdkm
- application/vnd.solent.sdkm+xml
- sdp
- application/sdp
- sdw
- application/vnd.stardivision.writer
- see
- application/vnd.seemail
- seed
- application/vnd.fdsn.seed
- sema
- application/vnd.sema
- semd
- application/vnd.semd
- semf
- application/vnd.semf
- ser
- application/java-serialized-object
- setpay
- application/set-payment-initiation
- setreg
- application/set-registration-initiation
- sfd-hdstx
- application/vnd.hydrostatix.sof-data
- sfs
- application/vnd.spotfire.sfs
- sgl
- application/vnd.stardivision.writer-global
- sgm
- text/sgml
- sgml
- text/sgml
- sh
- application/x-sh
- shar
- application/x-shar
- shf
- application/shf+xml
- sig
- application/pgp-signature
- silo
- model/mesh
- sis
- application/vnd.symbian.install
- sisx
- application/vnd.symbian.install
- sit
- application/x-stuffit
- sitx
- application/x-stuffitx
- skd
- application/vnd.koan
- skm
- application/vnd.koan
- skp
- application/vnd.koan
- skt
- application/vnd.koan
- sldm
- application/vnd.ms-powerpoint.slide.macroenabled.12
- sldx
- application/vnd.openxmlformats-officedocument.presentationml.slide
- slt
- application/vnd.epson.salt
- sm
- application/vnd.stepmania.stepchart
- smf
- application/vnd.stardivision.math
- smi
- application/smil+xml
- smil
- application/smil+xml
- smzip
- application/vnd.stepmania.package
- snd
- audio/basic
- snf
- application/x-font-snf
- so
- application/octet-stream
- spc
- application/x-pkcs7-certificates
- spf
- application/vnd.yamaha.smaf-phrase
- spl
- application/x-futuresplash
- spot
- text/vnd.in3d.spot
- spp
- application/scvp-vp-response
- spq
- application/scvp-vp-request
- spx
- audio/ogg
- src
- application/x-wais-source
- sru
- application/sru+xml
- srx
- application/sparql-results+xml
- sse
- application/vnd.kodak-descriptor
- ssf
- application/vnd.epson.ssf
- ssml
- application/ssml+xml
- st
- application/vnd.sailingtracker.track
- stc
- application/vnd.sun.xml.calc.template
- std
- application/vnd.sun.xml.draw.template
- stf
- application/vnd.wt.stf
- sti
- application/vnd.sun.xml.impress.template
- stk
- application/hyperstudio
- stl
- application/vnd.ms-pki.stl
- str
- application/vnd.pg.format
- stw
- application/vnd.sun.xml.writer.template
- sub
- text/vnd.dvb.subtitle
- sus
- application/vnd.sus-calendar
- susp
- application/vnd.sus-calendar
- sv4cpio
- application/x-sv4cpio
- sv4crc
- application/x-sv4crc
- svc
- application/vnd.dvb.service
- svd
- application/vnd.svd
- svg
- image/svg+xml
- svgz
- image/svg+xml
- swa
- application/x-director
- swf
- application/x-shockwave-flash
- swi
- application/vnd.aristanetworks.swi
- sxc
- application/vnd.sun.xml.calc
- sxd
- application/vnd.sun.xml.draw
- sxg
- application/vnd.sun.xml.writer.global
- sxi
- application/vnd.sun.xml.impress
- sxm
- application/vnd.sun.xml.math
- sxw
- application/vnd.sun.xml.writer
- t
- text/troff
- taglet
- application/vnd.mynfc
- tao
- application/vnd.tao.intent-module-archive
- tar
- application/x-tar
- tcap
- application/vnd.3gpp2.tcap
- tcl
- application/x-tcl
- teacher
- application/vnd.smart.teacher
- tei
- application/tei+xml
- teicorpus
- application/tei+xml
- tex
- application/x-tex
- texi
- application/x-texinfo
- texinfo
- application/x-texinfo
- text
- text/plain
- tfi
- application/thraud+xml
- tfm
- application/x-tex-tfm
- thmx
- application/vnd.ms-officetheme
- tif
- image/tiff
- tiff
- image/tiff
- tmo
- application/vnd.tmobile-livetv
- torrent
- application/x-bittorrent
- tpl
- application/vnd.groove-tool-template
- tpt
- application/vnd.trid.tpt
- tr
- text/troff
- tra
- application/vnd.trueapp
- trm
- application/x-msterminal
- tsd
- application/timestamped-data
- tsv
- text/tab-separated-values
- ttc
- application/x-font-ttf
- ttf
- application/x-font-ttf
- ttl
- text/turtle
- twd
- application/vnd.simtech-mindmapper
- twds
- application/vnd.simtech-mindmapper
- txd
- application/vnd.genomatix.tuxedo
- txf
- application/vnd.mobius.txf
- txt
- text/plain
- u32
- application/x-authorware-bin
- udeb
- application/x-debian-package
- ufd
- application/vnd.ufdl
- ufdl
- application/vnd.ufdl
- ulw
- audio/basic
- umj
- application/vnd.umajin
- unityweb
- application/vnd.unity
- uoml
- application/vnd.uoml+xml
- uri
- text/uri-list
- uris
- text/uri-list
- urls
- text/uri-list
- ustar
- application/x-ustar
- utz
- application/vnd.uiq.theme
- uu
- text/x-uuencode
- uva
- audio/vnd.dece.audio
- uvd
- application/vnd.dece.data
- uvf
- application/vnd.dece.data
- uvg
- image/vnd.dece.graphic
- uvh
- video/vnd.dece.hd
- uvi
- image/vnd.dece.graphic
- uvm
- video/vnd.dece.mobile
- uvp
- video/vnd.dece.pd
- uvs
- video/vnd.dece.sd
- uvt
- application/vnd.dece.ttml+xml
- uvu
- video/vnd.uvvu.mp4
- uvv
- video/vnd.dece.video
- uvva
- audio/vnd.dece.audio
- uvvd
- application/vnd.dece.data
- uvvf
- application/vnd.dece.data
- uvvg
- image/vnd.dece.graphic
- uvvh
- video/vnd.dece.hd
- uvvi
- image/vnd.dece.graphic
- uvvm
- video/vnd.dece.mobile
- uvvp
- video/vnd.dece.pd
- uvvs
- video/vnd.dece.sd
- uvvt
- application/vnd.dece.ttml+xml
- uvvu
- video/vnd.uvvu.mp4
- uvvv
- video/vnd.dece.video
- uvvx
- application/vnd.dece.unspecified
- uvvz
- application/vnd.dece.zip
- uvx
- application/vnd.dece.unspecified
- uvz
- application/vnd.dece.zip
- vcard
- text/vcard
- vcd
- application/x-cdlink
- vcf
- text/x-vcard
- vcg
- application/vnd.groove-vcard
- vcs
- text/x-vcalendar
- vcx
- application/vnd.vcx
- vis
- application/vnd.visionary
- viv
- video/vnd.vivo
- vor
- application/vnd.stardivision.writer
- vox
- application/x-authorware-bin
- vrml
- model/vrml
- vsd
- application/vnd.visio
- vsf
- application/vnd.vsf
- vss
- application/vnd.visio
- vst
- application/vnd.visio
- vsw
- application/vnd.visio
- vtu
- model/vnd.vtu
- vxml
- application/voicexml+xml
- w3d
- application/x-director
- wad
- application/x-doom
- wav
- audio/x-wav
- wax
- audio/x-ms-wax
- wbmp
- image/vnd.wap.wbmp
- wbs
- application/vnd.criticaltools.wbs+xml
- wbxml
- application/vnd.wap.wbxml
- wcm
- application/vnd.ms-works
- wdb
- application/vnd.ms-works
- weba
- audio/webm
- webm
- video/webm
- webp
- image/webp
- wg
- application/vnd.pmi.widget
- wgt
- application/widget
- wks
- application/vnd.ms-works
- wm
- video/x-ms-wm
- wma
- audio/x-ms-wma
- wmd
- application/x-ms-wmd
- wmf
- application/x-msmetafile
- wml
- text/vnd.wap.wml
- wmlc
- application/vnd.wap.wmlc
- wmls
- text/vnd.wap.wmlscript
- wmlsc
- application/vnd.wap.wmlscriptc
- wmv
- video/x-ms-wmv
- wmx
- video/x-ms-wmx
- wmz
- application/x-ms-wmz
- woff
- application/x-font-woff
- wpd
- application/vnd.wordperfect
- wpl
- application/vnd.ms-wpl
- wps
- application/vnd.ms-works
- wqd
- application/vnd.wqd
- wri
- application/x-mswrite
- wrl
- model/vrml
- wsdl
- application/wsdl+xml
- wspolicy
- application/wspolicy+xml
- wtb
- application/vnd.webturbo
- wvx
- video/x-ms-wvx
- x32
- application/x-authorware-bin
- x3d
- application/vnd.hzn-3d-crossword
- xap
- application/x-silverlight-app
- xar
- application/vnd.xara
- xbap
- application/x-ms-xbap
- xbd
- application/vnd.fujixerox.docuworks.binder
- xbm
- image/x-xbitmap
- xdf
- application/xcap-diff+xml
- xdm
- application/vnd.syncml.dm+xml
- xdp
- application/vnd.adobe.xdp+xml
- xdssc
- application/dssc+xml
- xdw
- application/vnd.fujixerox.docuworks
- xenc
- application/xenc+xml
- xer
- application/patch-ops-error+xml
- xfdf
- application/vnd.adobe.xfdf
- xfdl
- application/vnd.xfdl
- xht
- application/xhtml+xml
- xhtml
- application/xhtml+xml
- xhvml
- application/xv+xml
- xif
- image/vnd.xiff
- xla
- application/vnd.ms-excel
- xlam
- application/vnd.ms-excel.addin.macroenabled.12
- xlc
- application/vnd.ms-excel
- xlm
- application/vnd.ms-excel
- xls
- application/vnd.ms-excel
- xlsb
- application/vnd.ms-excel.sheet.binary.macroenabled.12
- xlsm
- application/vnd.ms-excel.sheet.macroenabled.12
- xlsx
- application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
- xlt
- application/vnd.ms-excel
- xltm
- application/vnd.ms-excel.template.macroenabled.12
- xltx
- application/vnd.openxmlformats-officedocument.spreadsheetml.template
- xlw
- application/vnd.ms-excel
- xml
- application/xml
- xo
- application/vnd.olpc-sugar
- xop
- application/xop+xml
- xpi
- application/x-xpinstall
- xpm
- image/x-xpixmap
- xpr
- application/vnd.is-xpr
- xps
- application/vnd.ms-xpsdocument
- xpw
- application/vnd.intercon.formnet
- xpx
- application/vnd.intercon.formnet
- xsl
- application/xml
- xslt
- application/xslt+xml
- xsm
- application/vnd.syncml+xml
- xspf
- application/xspf+xml
- xul
- application/vnd.mozilla.xul+xml
- xvm
- application/xv+xml
- xvml
- application/xv+xml
- xwd
- image/x-xwindowdump
- xyz
- chemical/x-xyz
- yang
- application/yang
- yin
- application/yin+xml
- z
- application/x-compress
- Z
- application/x-compress
- zaz
- application/vnd.zzazz.deck+xml
- zip
- application/zip
- zir
- application/vnd.zul
- zirz
- application/vnd.zul
- zmm
- application/vnd.handheld-entertainment+xml
- index.html
- index.htm
- index.jsp
diff --git a/library/roles/tomcat/templates/tomcat_access.logrotate.j2 b/library/roles/tomcat/templates/tomcat_access.logrotate.j2
deleted file mode 100644
index a4082fd..0000000
--- a/library/roles/tomcat/templates/tomcat_access.logrotate.j2
+++ /dev/null
@@ -1,8 +0,0 @@
-{{ tomcat_logdir }}/localhost_access.log {
- copytruncate
- {{ tomcat_access_log_rotation_freq }}
- rotate {{ tomcat_retain_old_logs }}
- compress
- missingok
- create 640 {{ tomcat_user }} adm
diff --git a/library/roles/user_services_perms/defaults/main.yml b/library/roles/user_services_perms/defaults/main.yml
deleted file mode 100644
index 7a69660..0000000
--- a/library/roles/user_services_perms/defaults/main.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-service_sudoers_group: adminsu
-common_users_group: service_g
-# Define the following if you want some directories readable and writable by the common group but outside the default app data dirs
-# - { name: '/data/1', perms: 0755, create: True, owner: 'root', group: '{{ common_users_group }}', aclperms: 'rwX' }
-# - { name: '/data/2', create: False, perms: 0755, owner: 'root', group: '{{ common_users_group }}', aclperms: 'rwX' }
-# - { name: '/data/bah', create: False, perms: 0644, aclperms: 'rw' }
-# Use additional_data_directories_adjunct to list more directories in addition to the ones specified into additional_data_directories
-# Define the following array when you want to add commands to the sudoers file
-# - /etc/init.d/virtuoso-opensource-7
-# - /sbin/reboot
-# Use service_sudo_commands_adjunct to list more commands in addition to the ones specified into services_sudo_commands
diff --git a/library/roles/user_services_perms/meta/main.yml b/library/roles/user_services_perms/meta/main.yml
deleted file mode 100644
index df990e0..0000000
--- a/library/roles/user_services_perms/meta/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
- - '../../library/roles/users'
diff --git a/library/roles/user_services_perms/tasks/common-users-data-dirs.yml b/library/roles/user_services_perms/tasks/common-users-data-dirs.yml
deleted file mode 100644
index 4d13f9a..0000000
--- a/library/roles/user_services_perms/tasks/common-users-data-dirs.yml
+++ /dev/null
@@ -1,67 +0,0 @@
-- block:
- - name: Create the common group used to setup acls
- group: name={{ common_users_group }} state=present system=yes
- when: additional_data_directories is defined
- tags: [ 'users', 'users_acl' ]
-- block:
- - name: Add selected users to the commong group
- user: name={{ item.login }} groups={{ common_users_group }} append=yes
- with_items: '{{ users_system_users }}'
- when: users_system_users is defined
- tags: [ 'users', 'users_acl' ]
-- block:
- - name: Add additional users to the commong group
- user: name={{ item.login }} groups={{ common_users_group }} append=yes
- with_items: '{{ users_system_users_adjunct }}'
- when: users_system_users_adjunct is defined
- tags: [ 'users', 'users_acl' ]
-- block:
- - name: Create the users additional data dirs
- file: name={{ item.name }} state=directory owner={{ item.owner }} group={{ item.group }} mode={{ item.perms }}
- with_items: '{{ additional_data_directories }}'
- when: item.create and not item.file
- when: additional_data_directories is defined
- tags: [ 'users', 'users_acl' ]
-- block:
- - name: Create more additional data dirs
- file: name={{ item.name }} state=directory owner={{ item.owner }} group={{ item.group }} mode={{ item.perms }}
- with_items: '{{ additional_data_directories_adjunct }}'
- when: item.create and not item.file
- when: additional_data_directories_adjunct is defined
- tags: [ 'users', 'users_acl' ]
-- block:
- - name: Set the read/write/access permissions on the users additional data dirs
- acl: name={{ item.name }} entity={{ common_users_group }} etype=group permissions={{ item.aclperms | default('rwX') }} state=present recursive=yes
- with_items: '{{ additional_data_directories | default([]) }}'
- - name: Set the default read/write/access permissions on the users additional data dirs
- acl: name={{ item.name }} entity={{ common_users_group }} etype=group permissions={{ item.aclperms | default('rwX') }} state=present default=yes recursive=yes
- with_items: '{{ additional_data_directories | default([]) }}'
- when: additional_data_directories is defined
- tags: [ 'users_acl' ]
-- block:
- - name: Set the read/write/access permissions on the additional data dirs
- acl: name={{ item.name }} entity={{ common_users_group }} etype=group permissions={{ item.aclperms | default('rwX') }} state=present recursive=yes
- with_items: '{{ additional_data_directories_adjunct }}'
- - name: Set the default read/write/access permissions on the additional data dirs
- acl: name={{ item.name }} entity={{ common_users_group }} etype=group permissions={{ item.aclperms | default('rwX') }} state=present default=yes recursive=yes
- with_items: '{{ additional_data_directories_adjunct }}'
- when: additional_data_directories_adjunct is defined
- tags: [ 'users_acl' ]
diff --git a/library/roles/user_services_perms/tasks/main.yml b/library/roles/user_services_perms/tasks/main.yml
deleted file mode 100644
index be1cc6f..0000000
--- a/library/roles/user_services_perms/tasks/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-- import_tasks: sudoers-groups.yml
-- import_tasks: sudo-config.yml
-- import_tasks: common-users-data-dirs.yml
- when: additional_data_directories is defined
diff --git a/library/roles/user_services_perms/tasks/sudo-config.yml b/library/roles/user_services_perms/tasks/sudo-config.yml
deleted file mode 100644
index 852a4d6..0000000
--- a/library/roles/user_services_perms/tasks/sudo-config.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-- name: Install the sudoers config that allows users to execute some privileged commands
- template: src=service-sudoers.j2 dest=/etc/sudoers.d/service-group owner=root group=root mode=0440
- tags: [ 'service', 'sudo', 'users' ]
diff --git a/library/roles/user_services_perms/tasks/sudoers-groups.yml b/library/roles/user_services_perms/tasks/sudoers-groups.yml
deleted file mode 100644
index c7b0eb3..0000000
--- a/library/roles/user_services_perms/tasks/sudoers-groups.yml
+++ /dev/null
@@ -1,40 +0,0 @@
-- block:
- - name: Add the additional service groups
- group: name={{ item }} state=present
- with_items: '{{ service_sudoers_group }}'
- when: users_system_users is defined
- tags: [ 'services', 'users' ]
-- block:
- - name: Add selected users to the limited sudoers group
- user: name={{ item.login }} groups={{ service_sudoers_group }} append=yes
- with_items: '{{ users_system_users | default([]) }}'
- when: item.limited_sudoers_user
- - name: Remove selected users to the limited sudoers group
- user: name={{ item.login }} groups={{ service_sudoers_group }} append=yes
- with_items: '{{ users_system_users | default([]) }}'
- when: not item.limited_sudoers_user
- when:
- - users_system_users is defined
- - item.limited_sudoers_user is defined
- tags: [ 'services', 'users' ]
-- block:
- - name: Add additional users to the limited sudoers group
- user: name={{ item.login }} groups={{ service_sudoers_group }} append=yes
- with_items: '{{ users_system_users_adjunct }}'
- when: item.limited_sudoers_user
- - name: Remove additional users to the limited sudoers group
- user: name={{ item.login }} groups={{ service_sudoers_group }} append=yes
- with_items: '{{ users_system_users_adjunct }}'
- when: not item.limited_sudoers_user
- when:
- - users_system_users_adjunct is defined
- - item.limited_sudoers_user is defined
- tags: [ 'services', 'users' ]
diff --git a/library/roles/user_services_perms/templates/service-sudoers.j2 b/library/roles/user_services_perms/templates/service-sudoers.j2
deleted file mode 100644
index 7226749..0000000
--- a/library/roles/user_services_perms/templates/service-sudoers.j2
+++ /dev/null
@@ -1,3 +0,0 @@
-{% if service_sudo_commands is defined %}
-%{{ service_sudoers_group }} ALL=(ALL) NOPASSWD: {% for cmd in service_sudo_commands %}{{ cmd }}{% if not loop.last %}, {% endif %}{% endfor %} {% if service_sudo_commands_adjunct is defined %}, {% for cmd in service_sudo_commands_adjunct %}{{ cmd }}{% if not loop.last %}, {% endif %}{% endfor %}{% endif %}
-{% endif %}
diff --git a/library/roles/users/defaults/main.yml b/library/roles/users/defaults/main.yml
deleted file mode 100644
index f7cc9b4..0000000
--- a/library/roles/users/defaults/main.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-# This role adds users to a system
-# The users can access if their ssh key is provided
-# Users can have sudo privileges if the 'admin' property is 'true'
-# admin users can also directly log as root when 'user_admin_can_log_as_root' is set to 'true'
-deb_users_sudoers_group: sudo
-rh_users_sudoers_group: wheel
-users_sudoers_group: '{{ deb_users_sudoers_group }}'
-users_sudoers_create_group: False
-users_sudoers_create_sudo_conf: False
-users_home_dir: /home
-users_default_password: '*'
-users_update_password: 'on_create'
-# - { login: 'foo', name: "Foo Bar", home: '{{ users_home_dir }}', createhome: 'yes', ssh_key: '{{ foo_ssh_key }}', shell: '/bin/bash', admin: False, log_as_root: False }
-#users_system_users_adjunct: same as above, can be used to add more users to the original list
-# - { group: 'foo' }
diff --git a/library/roles/users/tasks/main.yml b/library/roles/users/tasks/main.yml
deleted file mode 100644
index f648dce..0000000
--- a/library/roles/users/tasks/main.yml
+++ /dev/null
@@ -1,126 +0,0 @@
-- block:
- - name: Create the sudoers group if needed
- group: name={{ users_sudoers_group }} state=present
- when: users_sudoers_create_group
- - name: Add a sudo additional configuration for the new sudoers group
- template: src=sudoers.j2 dest=/etc/sudoers.d/{{ users_sudoers_group }}
- when: users_sudoers_create_sudo_conf
- tags: users
-- block:
- - name: Manage additional groups
- group: name={{ item.group }} state={{ item.state | default('present') }}
- with_items: '{{ users_additional_groups }}'
- when: users_additional_groups is defined
- tags: users
-- block:
- - name: Create users
- user: name={{ item.login }} group={{ item.group | default(omit) }} comment="{{ item.name }}" home={{ item.home }}/{{ item.login }} createhome={{ item.createhome }} shell={{ item.shell }} password={{ item.password | default('*') }} update_password={{ item.update_password | default('on_create') }}
- with_items: '{{ users_system_users | default([]) }}'
- - name: ensure that the users can login with their ssh keys
- authorized_key: user="{{ item.login }}" key="{{ item.ssh_key }}" state=present
- with_items: '{{ users_system_users | default([]) }}'
- when: item.ssh_key is defined
- - name: Add the admin users to the sudoers group on debian based systems
- user: name={{ item.login }} groups={{ deb_users_sudoers_group }} append=yes
- with_items: '{{ users_system_users | default([]) }}'
- when:
- - item.admin
- - ansible_distribution_file_variety == "Debian"
- - name: Add the admin users to the sudoers group on rh/centos systems
- user: name={{ item.login }} groups={{ rh_users_sudoers_group }} append=yes
- with_items: '{{ users_system_users }}'
- when:
- - item.admin
- - ansible_distribution_file_variety == "RedHat"
- - name: ensure that the users can login with their ssh keys as root if we want ensure direct access
- authorized_key: user=root key="{{ item.ssh_key }}" state=present
- with_items: '{{ users_system_users }}'
- when:
- - item.ssh_key is defined
- - item.log_as_root is defined
- - item.log_as_root
- - name: ensure that the users can not login with their ssh keys as root
- authorized_key: user=root key="{{ item.ssh_key }}" state=absent
- with_items: '{{ users_system_users }}'
- when:
- - item.ssh_key is defined
- - item.log_as_root is defined
- - not item.log_as_root
- when: users_system_users is defined
- tags: users
-- block:
- - name: Create additional users
- user: name={{ item.login }} group={{ item.group | default(omit) }} comment="{{ item.name }}" home={{ item.home }}/{{ item.login }} createhome={{ item.createhome }} shell={{ item.shell }} password={{ item.password | default('*') }} update_password={{ item.update_password | default('on_create') }}
- with_items: '{{ users_system_users_adjunct }}'
- - name: ensure that the additional users can login with their ssh keys
- authorized_key: user="{{ item.login }}" key="{{ item.ssh_key }}" state=present
- with_items: '{{ users_system_users_adjunct }}'
- when: item.ssh_key is defined
- - name: Add the additional admin users to the sudoers group on debian based systems
- user: name={{ item.login }} groups={{ deb_users_sudoers_group }} append=yes
- with_items: '{{ users_system_users_adjunct }}'
- when:
- - item.admin
- - ansible_distribution_file_variety == "Debian"
- - name: Add the additional admin users to the sudoers group on rh/centos systems
- user: name={{ item.login }} groups={{ rh_users_sudoers_group }} append=yes
- with_items: '{{ users_system_users_adjunct }}'
- when:
- - item.admin
- - ansible_distribution_file_variety == "RedHat"
- - name: ensure that the additional users can login with their ssh keys as root if we want ensure direct access
- authorized_key: user=root key="{{ item.ssh_key }}" state=present
- with_items: '{{ users_system_users_adjunct }}'
- when:
- - item.ssh_key is defined
- - item.log_as_root is defined
- - item.log_as_root
- - name: ensure that the additional users cannot login with their ssh keys as root
- authorized_key: user=root key="{{ item.ssh_key }}" state=absent
- with_items: '{{ users_system_users_adjunct }}'
- when:
- - item.ssh_key is defined
- - item.log_as_root is defined
- - not item.log_as_root
- when: users_system_users_adjunct is defined
- tags: users
-- block:
- - name: Permit sudo without password on Deb based systems
- lineinfile:
- path: /etc/sudoers
- state: present
- regexp: '^%{{ deb_users_sudoers_group }}\s'
- line: '%{{ deb_users_sudoers_group }} ALL=(ALL) NOPASSWD: ALL'
- when: ansible_distribution_file_variety == "Debian"
- - name: Change the sudo configuration to permit sudo without password on RH/CentOS systems
- lineinfile:
- path: /etc/sudoers
- state: present
- regexp: '^%{{ rh_users_sudoers_group }}\s'
- line: '%{{ rh_users_sudoers_group }} ALL=(ALL) NOPASSWD: ALL'
- when: ansible_distribution_file_variety == "RedHat"
- tags: [ 'users', 'sudo_wheel' ]
diff --git a/library/roles/users/templates/sudoers.j2 b/library/roles/users/templates/sudoers.j2
deleted file mode 100644
index 0bef21c..0000000
--- a/library/roles/users/templates/sudoers.j2
+++ /dev/null
@@ -1 +0,0 @@
-%{{ users_sudoers_group }} ALL=(ALL) ALL