diff --git a/nginx/tasks/nginx-config.yml b/nginx/tasks/nginx-config.yml index 6edd9d53..5e7c5efc 100644 --- a/nginx/tasks/nginx-config.yml +++ b/nginx/tasks/nginx-config.yml @@ -6,6 +6,10 @@ - name: Create the pki directory file: dest={{ pki_dir }}/nginx state=directory + - name: Create the client body tmp directory, if needed + file: dest={{ nginx_client_body_temp_dir }}/nginx state=directory owner=www-data group=www-data mode=0700 + when: nginx_client_body_temp_dir is defined + - name: Create a dhparams file 2048 bits long shell: openssl dhparam -out {{ pki_dir }}/nginx/dhparams.pem 2048 args: diff --git a/shinyproxy/defaults/main.yml b/shinyproxy/defaults/main.yml index 83173539..4d0105f3 100644 --- a/shinyproxy/defaults/main.yml +++ b/shinyproxy/defaults/main.yml @@ -1,6 +1,6 @@ --- shinyproxy_install: False -shinyproxy_version: 0.9.3 +shinyproxy_version: 1.0.0 shinyproxy_file_name: 'shinyproxy-{{ shinyproxy_version }}.jar' shinyproxy_url: 'https://www.shinyproxy.io/downloads/{{ shinyproxy_file_name }}' shinyproxy_app_name: shinyproxy.jar @@ -10,8 +10,10 @@ shinyproxy_http_port: 8080 # For logrotate. In days shinyproxy_log_retention: 10 shinyproxy_default_apps: True -shinyproxy_docker_url: 'http://localhost:2375/' +shinyproxy_docker_url: 'http://localhost:2375' shinyproxy_docker_port_range_start: 20000 +shinyproxy_container_wait_time: 60000 +shinyproxy_hide_navbar: 'false' shinyproxy_app_title: 'Open Analytics Shiny Proxy' shinyproxy_logo_url: 'http://www.openanalytics.eu/sites/www.openanalytics.eu/themes/oa/logo.png' diff --git a/shinyproxy/tasks/main.yml b/shinyproxy/tasks/main.yml index 596ac193..28e5ddd5 100644 --- a/shinyproxy/tasks/main.yml +++ b/shinyproxy/tasks/main.yml @@ -20,7 +20,7 @@ - name: Install the shinyproxy configuration file template: src=shinyproxy-conf.yml.j2 dest={{ shinyproxy_install_dir }}/application.yml owner=root group={{ shinyproxy_user }} mode=0640 notify: Restart shinyproxy - tags: [ 'shinyproxy', 'shinyproxy_conf' ] + tags: [ 'shinyproxy', 'shinyproxy_conf', 'shinyproxy_images' ] - name: Install the shinyproxy logrotate configuration template: src=shinyproxy-logrotate.j2 dest=/etc/logrotate.d/shinyproxy owner=root group=root mode=0444 @@ -29,6 +29,12 @@ - name: Ensure that the shinyproxy service is enabled and running service: name=shinyproxy state=started enabled=yes + - name: Pull the Docker images of shiny apps + docker_image: name={{ item.docker_image }} pull=yes state={{ item.image_state | default('present') }} force=yes + with_items: '{{ shinyproxy_apps }}' + when: shinyproxy_apps is defined + tags: [ 'shinyproxy', 'shinyproxy_images' ] + when: shinyproxy_install tags: shinyproxy diff --git a/shinyproxy/templates/shinyproxy-conf.yml.j2 b/shinyproxy/templates/shinyproxy-conf.yml.j2 index b75b1c50..482c2fc1 100644 --- a/shinyproxy/templates/shinyproxy-conf.yml.j2 +++ b/shinyproxy/templates/shinyproxy-conf.yml.j2 @@ -5,7 +5,9 @@ shiny: landing-page: / heartbeat-rate: 10000 heartbeat-timeout: 60000 + container-wait-time: {{ shinyproxy_container_wait_time }} port: {{ shinyproxy_http_port }} + hide-navbar: {{ shinyproxy_hide_navbar }} authentication: {{ shinyproxy_authentication }} admin-groups: {{ shinyproxy_admin_group }} {% if shinyproxy_ldap_enabled %} @@ -49,9 +51,11 @@ shiny: description: {{ app.description }} docker-cmd: ["R", "-e {{ app.cmd }}"] docker-image: {{ app.docker_image }} + docker-memory: {{ app.docker_memory | default('2g') }} {% if app.groups is defined %} groups: {{ app.groups }} {% endif %} + {% endfor %} {% endif %} diff --git a/smartgears/ckan_connector/templates/ckan-connector-fixer.sh.j2 b/smartgears/ckan_connector/templates/ckan-connector-fixer.sh.j2 index 992e2e82..028f791a 100644 --- a/smartgears/ckan_connector/templates/ckan-connector-fixer.sh.j2 +++ b/smartgears/ckan_connector/templates/ckan-connector-fixer.sh.j2 @@ -47,8 +47,8 @@ cd /usr/lib/ckan/default/src/ckan if [ "$CKAN_CREATE_USER" == "True" ] ; then # Create the admin user paster sysadmin add $CK_ADMIN -c $CK_INI << EOF - y + $CK_ADMIN_PWD $CK_ADMIN_PWD diff --git a/smartgears/dataminer_app/templates/algorithms-updater.j2 b/smartgears/dataminer_app/templates/algorithms-updater.j2 index 879bae02..b82a1451 100644 --- a/smartgears/dataminer_app/templates/algorithms-updater.j2 +++ b/smartgears/dataminer_app/templates/algorithms-updater.j2 @@ -87,40 +87,13 @@ function algorithms_updater() { ALGO_NAME=$( echo "$algo" | awk -F \| '{ print $1 }' ) ALGO_BODY=$( echo "$algo" | awk -F \| '{ print $2 }' ) ALGO_DATE=$( echo "$algo" | awk -F \| '{ print $3 }' ) - ALGO_TIMESTAMP=$( date +%s -d "$ALGO_DATE" ) + ALGO_TIMESTAMP=$( date +%s -d "$ALGO_DATE" 2>/dev/null ) if [ $? -ne 0 ] ; then echo "the date for algorithm $ALGO_NAME is wrong" - fi - ALGO_LINE=$( egrep ^"$ALGO_NAME" $ALGORITHMS_INSTALLED_FILE ) - ALGO_PRESENT=$? - if [ $ALGO_PRESENT -ne 0 ] ; then - echo "logger 'algorithms-updater: running the add command of algorithm $ALGO_NAME'" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo "logger 'algorithms-updater: the add command string is $ALGO_BODY'" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo "RETVAL=" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo "echo ''" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo "echo '-------------------------------------------'" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo "echo ''" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo "echo 'Adding algorithm $ALGO_NAME'" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo "echo 'With command $ALGO_BODY'" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo "echo ''" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo "$ALGO_BODY" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo 'RETVAL=$?' >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo "echo 'Done.'" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo "echo ''" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo 'if [ $RETVAL -ne 0 ] ; then' >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo " logger 'algorithms-updater: the adding of algorithm $ALGO_NAME failed'" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo "else" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo " echo '$ALGO_NAME | $ALGO_DATE' >> $ALGORITHMS_INSTALLED_FILE" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo " logger 'algorithms-updater: the adding of algorithm $ALGO_NAME succeeded'" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo "fi" >> $ALGORITHMS_TEMP_SCRIPT.body_ else - ALGO_LOCAL_TIMESTAMP=0 - ALGO_LOCAL_DATE=$( egrep ^"$ALGO_NAME" $ALGORITHMS_INSTALLED_FILE | awk -F \| '{ print $2 }' | grep -v \' ) - ALGO_LOCAL_TIMESTAMP=$( date +%s -d "$ALGO_LOCAL_DATE" ) - if [ $? -ne 0 ] ; then - echo "the locally saved date for algorithm $ALGO_NAME is wrong" - fi - if [ $ALGO_LOCAL_TIMESTAMP -ne $ALGO_TIMESTAMP ] ; then + ALGO_LINE=$( egrep ^"$ALGO_NAME " $ALGORITHMS_INSTALLED_FILE ) + ALGO_PRESENT=$? + if [ $ALGO_PRESENT -ne 0 ] ; then echo "logger 'algorithms-updater: running the add command of algorithm $ALGO_NAME'" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo "logger 'algorithms-updater: the add command string is $ALGO_BODY'" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo "RETVAL=" >> $ALGORITHMS_TEMP_SCRIPT.body_ @@ -137,11 +110,38 @@ function algorithms_updater() { echo 'if [ $RETVAL -ne 0 ] ; then' >> $ALGORITHMS_TEMP_SCRIPT.body_ echo " logger 'algorithms-updater: the adding of algorithm $ALGO_NAME failed'" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo "else" >> $ALGORITHMS_TEMP_SCRIPT.body_ - echo " echo 'grep -v $ALGO_NAME $ALGORITHMS_INSTALLED_FILE > ${ALGORITHMS_INSTALLED_FILE}_ " >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo " echo 'egrep -v ^"$ALGO_NAME " $ALGORITHMS_INSTALLED_FILE > ${ALGORITHMS_INSTALLED_FILE}_ " >> $ALGORITHMS_TEMP_SCRIPT.body_ echo " echo 'mv ${ALGORITHMS_INSTALLED_FILE}_ $ALGORITHMS_INSTALLED_FILE" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo " echo '$ALGO_NAME | $ALGO_DATE' >> $ALGORITHMS_INSTALLED_FILE" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo " logger 'algorithms-updater: the adding of algorithm $ALGO_NAME succeeded'" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo "fi" >> $ALGORITHMS_TEMP_SCRIPT.body_ + else + ALGO_LOCAL_TIMESTAMP=0 + ALGO_LOCAL_DATE=$( egrep ^"$ALGO_NAME " $ALGORITHMS_INSTALLED_FILE | tail -1 | awk -F \| '{ print $2 }' | grep -v \' ) + ALGO_LOCAL_TIMESTAMP=$( date +%s -d "$ALGO_LOCAL_DATE" 2>/dev/null ) + if [ $? -ne 0 ] || [ $ALGO_LOCAL_TIMESTAMP -ne $ALGO_TIMESTAMP ]; then + echo "logger 'algorithms-updater: running the add command of algorithm $ALGO_NAME'" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo "logger 'algorithms-updater: the add command string is $ALGO_BODY'" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo "RETVAL=" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo "echo ''" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo "echo '-------------------------------------------'" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo "echo ''" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo "echo 'Adding algorithm $ALGO_NAME'" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo "echo 'With command $ALGO_BODY'" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo "echo ''" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo "$ALGO_BODY" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo 'RETVAL=$?' >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo "echo 'Done.'" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo "echo ''" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo 'if [ $RETVAL -ne 0 ] ; then' >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo " logger 'algorithms-updater: the adding of algorithm $ALGO_NAME failed'" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo "else" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo " echo 'egrep -v "^$ALGO_NAME " $ALGORITHMS_INSTALLED_FILE > ${ALGORITHMS_INSTALLED_FILE}_ " >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo " echo 'mv ${ALGORITHMS_INSTALLED_FILE}_ $ALGORITHMS_INSTALLED_FILE" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo " echo '$ALGO_NAME | $ALGO_DATE' >> $ALGORITHMS_INSTALLED_FILE" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo " logger 'algorithms-updater: the adding of algorithm $ALGO_NAME succeeded'" >> $ALGORITHMS_TEMP_SCRIPT.body_ + echo "fi" >> $ALGORITHMS_TEMP_SCRIPT.body_ + fi fi fi done < ${ALGORITHMS_TEMP_SCRIPT}.algorithmslist diff --git a/smartgears/smartgears/defaults/main.yml b/smartgears/smartgears/defaults/main.yml index a9fa8b46..27822ec0 100644 --- a/smartgears/smartgears/defaults/main.yml +++ b/smartgears/smartgears/defaults/main.yml @@ -55,6 +55,7 @@ smartgears_log_max_history: 30 smartgears_log_max_file_size: 10MB smartgears_log_total_file_cap: 2GB smartgears_log_dir: '{{ smartgears_user_home }}/tomcat/logs' +smartgears_tomcat_tmp_dir: '{{ smartgears_user_home }}/tomcat/tmp' smartgears_logback_template: True smartgears_tomcat_contexts: [ '' ] @@ -65,7 +66,7 @@ http_port: '{{ smartgears_http_port }}' tomcat_m_webapps_unpack: True tomcat_m_instances: - - { http_enabled: True, http_port: '{{ smartgears_http_port }}', http_address: '{{ smartgears_tomcat_listen_address }}', ajp_enabled: False, ajp_port: '8109', ajp_address: '127.0.0.1', restart_timeout: '{{ tomcat_m_restart_timeout }}', shutdown_port: '-1', java_home: '{{ jdk_java_home }}', user: '{{ smartgears_user }}', user_home: '{{ smartgears_user_home }}', user_shell: '{{ tomcat_m_default_user_shell }}', instance_path: '{{ smartgears_instance_path }}', max_threads: '{{ tomcat_m_max_threads }}', autodeploy: '{{ tomcat_m_webapps_autodeploy }}', unpack: '{{ tomcat_m_webapps_unpack }}', default_conf: True, java_opts: '{{ tomcat_m_java_opts }}', java_gc_opts: '{{ tomcat_m_java_gc_opts }}', other_java_opts: '{{ tomcat_m_other_java_opts }}', jmx_enabled: '{{ tomcat_m_jmx_enabled }}', jmx_disable_additional_ports: '{{ tomcat_m_jmx_disable_additional_ports }}', jmx_port: '{{ tomcat_m_jmx_port }}', jmx_use_ssl: '{{ tomcat_m_jmx_use_ssl }}', jmx_auth_enabled: '{{ tomcat_m_jmx_auth_enabled }}', jmx_auth_dir: '{{ tomcat_m_instances_base_path }}/{{ smartgears_http_port }}/conf', jmx_monitorpass: '{{ tomcat_m_jmx_monitorpass | default(omit) }}', jmx_controlpass: '{{ tomcat_m_jmx_controlpass | default(omit) }}', remote_debugging: '{{ tomcat_m_enable_remote_debugging }}', remote_debugging_port: '{{ smartgears_debugging_port }}' , access_log_enabled: True, log_rotation_freq: daily, log_retain: 30, allowed_hosts: [ '0.0.0.0/0' ], app_contexts: '{{ smartgears_tomcat_contexts }}', skip_smartgears: False,smartgears_id: 1, servername: '{{ ansible_fqdn }}' } + - { http_enabled: True, http_port: '{{ smartgears_http_port }}', http_address: '{{ smartgears_tomcat_listen_address }}', ajp_enabled: False, ajp_port: '8109', ajp_address: '127.0.0.1', restart_timeout: '{{ tomcat_m_restart_timeout }}', shutdown_port: '-1', java_home: '{{ jdk_java_home }}', user: '{{ smartgears_user }}', user_home: '{{ smartgears_user_home }}', user_shell: '{{ tomcat_m_default_user_shell }}', instance_path: '{{ smartgears_instance_path }}', max_threads: '{{ tomcat_m_max_threads }}', autodeploy: '{{ tomcat_m_webapps_autodeploy }}', unpack: '{{ tomcat_m_webapps_unpack }}', default_conf: True, java_opts: '{{ tomcat_m_java_opts }}', java_gc_opts: '{{ tomcat_m_java_gc_opts }}', other_java_opts: '{{ tomcat_m_other_java_opts }}', jmx_enabled: '{{ tomcat_m_jmx_enabled }}', jmx_disable_additional_ports: '{{ tomcat_m_jmx_disable_additional_ports }}', jmx_port: '{{ tomcat_m_jmx_port }}', jmx_use_ssl: '{{ tomcat_m_jmx_use_ssl }}', jmx_auth_enabled: '{{ tomcat_m_jmx_auth_enabled }}', jmx_auth_dir: '{{ tomcat_m_instances_base_path }}/{{ smartgears_http_port }}/conf', jmx_monitorpass: '{{ tomcat_m_jmx_monitorpass | default(omit) }}', jmx_controlpass: '{{ tomcat_m_jmx_controlpass | default(omit) }}', catalina_tmp_directory: '{{ smartgears_tomcat_tmp_dir }}', remote_debugging: '{{ tomcat_m_enable_remote_debugging }}', remote_debugging_port: '{{ smartgears_debugging_port }}', access_log_enabled: True, log_rotation_freq: daily, log_retain: 30, allowed_hosts: [ '0.0.0.0/0' ], app_contexts: '{{ smartgears_tomcat_contexts }}', skip_smartgears: False,smartgears_id: 1, servername: '{{ ansible_fqdn }}' } # To enable debugging: # - Set diff --git a/tomcat-multiple-instances/tasks/main.yml b/tomcat-multiple-instances/tasks/main.yml index ee42680e..792556af 100644 --- a/tomcat-multiple-instances/tasks/main.yml +++ b/tomcat-multiple-instances/tasks/main.yml @@ -56,6 +56,12 @@ register: tomcat_first_install tags: [ 'tomcat', 'tomcat_instances' ] +- name: Create the catalina tmp directory + file: dest={{ item.catalina_tmp_directory }} state=directory owner={{ item.user }} group={{ item.user }} mode=0700 + with_items: '{{ tomcat_m_instances }}' + when: item.catalina_tmp_directory is defined + tags: [ 'tomcat', 'tomcat_instances' ] + - name: Populate the instances conf directory copy: src={{ item[1] }} dest={{ item.0.instance_path }}/conf/{{ item[1] }} owner={{ item.0.user }} group={{ item.0.user }} mode=0640 with_nested: @@ -76,7 +82,6 @@ - tomcat restart instances with changed configs tags: [ 'tomcat', 'tomcat_instances', 'tomcat_catalina_properties' ] - - name: Populate the instances conf/policy.d directory copy: src=policy.d/{{ item[1] }} dest={{ item.0.instance_path }}/conf/policy.d/{{ item[1] }} owner={{ item.0.user }} group={{ item.0.user }} mode=0640 with_nested: diff --git a/tomcat-multiple-instances/templates/tomcat-default.j2 b/tomcat-multiple-instances/templates/tomcat-default.j2 index 74ac9143..8e165adc 100644 --- a/tomcat-multiple-instances/templates/tomcat-default.j2 +++ b/tomcat-multiple-instances/templates/tomcat-default.j2 @@ -50,6 +50,9 @@ JAVA_OPTS="${JAVA_OPTS} -Xdebug -Xrunjdwp:transport=dt_socket,address={{ item.re {% endif %} # WARNING: This directory will be destroyed and recreated at every startup ! JVM_TMP={{ item.instance_path }}/tmp +{% if item.catalina_tmp_directory is defined %} +export CATALINA_TMPDIR={{ item.catalina_tmp_directory }} +{% endif %} # Additional options not managed by the provisioning tools if [ -f /etc/default/tomcat-instance-{{ item.http_port }}.local ] ; then . /etc/default/tomcat-instance-{{ item.http_port }}.local diff --git a/tomcat/tasks/tomcat-pkgs.yml b/tomcat/tasks/tomcat-pkgs.yml index 184f8adc..e5487d96 100644 --- a/tomcat/tasks/tomcat-pkgs.yml +++ b/tomcat/tasks/tomcat-pkgs.yml @@ -9,6 +9,12 @@ notify: tomcat restart tags: tomcat +- name: Create the catalina temp directory, if different from the default + file: dest={{ catalina_tmp_directory }} state=directory owner={{ tomcat_user }} group={{ tomcat_user }} + when: catalina_tmp_directory is defined + notify: tomcat restart + tags: tomcat + - name: Configure tomcat defaults template: src=tomcat-default.j2 dest=/etc/default/tomcat{{ tomcat_version }} when: tomcat_install_default_conf diff --git a/tomcat/templates/tomcat-default.j2 b/tomcat/templates/tomcat-default.j2 index 02ad6977..8d8862f1 100644 --- a/tomcat/templates/tomcat-default.j2 +++ b/tomcat/templates/tomcat-default.j2 @@ -48,7 +48,9 @@ JAVA_OPTS="${JAVA_OPTS} -Xdebug -Xrunjdwp:transport=dt_socket,address={{ tomcat_ # Location of the JVM temporary directory # WARNING: This directory will be destroyed and recreated at every startup ! JVM_TMP={{ tomcat_tmp_dir }} - +{% if catalina_tmp_directory is defined %} +export CATALINA_TMPDIR={{ catalina_tmp_directory }} +{% endif %} {% if tomcat_load_additional_default_conf %} if [ -f /etc/default/tomcat.local ] ; then . /etc/default/tomcat.local