tpiccioli
/
ansible-roles
forked from ISTI-ansible-roles/ansible-roles
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Change the default listen host for tomcat to 127.0.0.1. 

Change the virtualhost filename to a fixed one plus a numeric ID. So if the hostname changes, we do not duplicate files.
This commit is contained in:
Andrea Dell'Amico 2017-09-12 15:32:53 +02:00
parent d617ada1ec
commit 7ea507790f
4 changed files with 38 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
smartgears/smartgears-nginx-frontend/tasks/main.yml
View File

@ -1,13 +1,13 @@
---
# Install the nginx virtualhosts
- name: Install the nginx virtualhosts
- name: Install the nginx virtualhost, if a specific one has been defined
template: src={{ item.servername }}-virtualhost.j2 dest=/etc/nginx/sites-available/{{ item.servername }} owner=root group=root mode=0444
with_items: '{{ tomcat_m_instances }}'
when: not smartgears_install_generic_virthost
notify: Reload nginx
tags: [ 'nginx', 'virtualhost' ]
- name: Install the nginx smartexecutor virtualhost
- name: Install the nginx generic virtualhost
template: src=generic-smartgears-virtualhost.j2 dest=/etc/nginx/sites-available/{{ item.servername }} owner=root group=root mode=0444
with_items: '{{ tomcat_m_instances }}'
when: smartgears_install_generic_virthost
@ -15,7 +15,19 @@
tags: [ 'nginx', 'virtualhost' ]
- name: Enable the nginx virtualhosts
file: src=/etc/nginx/sites-available/{{ item.servername }} dest=/etc/nginx/sites-enabled/{{ item.servername }}.conf state=link
file: src=/etc/nginx/sites-available/{{ item.servername }} dest=/etc/nginx/sites-enabled/smartgears_{{ item.smartgears_id }}.conf state=link
with_items: '{{ tomcat_m_instances }}'
notify: Reload nginx
tags: [ 'nginx', 'virtualhost' ]
- name: Remove the old hostname based virtualhost filename
file: dest=/etc/nginx/sites-enabled/{{ item.servername }}.conf state=absent
with_items: '{{ tomcat_m_instances }}'
notify: Reload nginx
tags: [ 'nginx', 'virtualhost' ]
- name: Remove the old ubuntu.conf virtualhost filename
file: dest=/etc/nginx/sites-enabled/ubuntu.conf state=absent
with_items: '{{ tomcat_m_instances }}'
notify: Reload nginx
tags: [ 'nginx', 'virtualhost' ]

32
smartgears/smartgears-nginx-frontend/templates/generic-smartgears-virtualhost.j2
View File

@ -3,7 +3,9 @@ server {
client_max_body_size {{ nginx_client_max_body_size | default('100M') }};
{% if egi_image is defined and egi_image %}
# No servername into the EGI images
{% else %}
{% elif hostname is defined %}
servername _;
{% else %}
server_name {{ item.servername }} {% if smartgears_nginx_serveraliases is defined %}{% for vh in smartgears_nginx_serveraliases %} {{ vh }}{% endfor %}{% endif %};
{% endif %}
{% if letsencrypt_acme_install %}
@ -55,7 +57,7 @@ server {
}
{% endif %}
location /whn-manager {
proxy_pass http://localhost:{{ item.http_port }}/whn-manager;
proxy_pass http://127.0.0.1:{{ item.http_port }}/whn-manager;
}
{% if not http_redirect_to_https %}
{% for instance in tomcat_m_instances %}
@ -66,12 +68,12 @@ server {
{% if smartgears_nginx_cors_enabled %}
include /etc/nginx/snippets/nginx-cors.conf;
{% if nginx_cors_extended_rules %}
proxy_pass http://localhost:{{ item.http_port }};
proxy_pass http://127.0.0.1:{{ item.http_port }};
{% else %}
proxy_pass http://localhost:{{ item.http_port }}/{{ context }};
proxy_pass http://127.0.0.1:{{ item.http_port }}/{{ context }};
{% endif %}
{% else %}
proxy_pass http://localhost:{{ item.http_port }}/{{ context }};
proxy_pass http://127.0.0.1:{{ item.http_port }}/{{ context }};
{% endif %}
}
{% endif %}
@ -80,12 +82,12 @@ server {
{% endfor %}
{% if smart_executor_install is defined and smart_executor_install %}
location {{ smart_executor_context }} {
proxy_pass http://localhost:{{ smartgears_http_port }}{{ smart_executor_context }};
proxy_pass http://127.0.0.1:{{ smartgears_http_port }}{{ smart_executor_context }};
}
{% endif %}
{% if data_transfer_service_install %}
location /data-transfer-service {
proxy_pass http://localhost:{{ smartgears_http_port }}/data-transfer-service;
proxy_pass http://127.0.0.1:{{ smartgears_http_port }}/data-transfer-service;
}
{% endif %}
{% if rstudio_install_server is defined and rstudio_install_server %}
@ -93,7 +95,7 @@ server {
{% if smartgears_nginx_cors_enabled %}
include /etc/nginx/snippets/nginx-cors.conf;
{% endif %}
proxy_pass http://localhost:8787/;
proxy_pass http://127.0.0.1:8787/;
}
{% endif %}
@ -172,7 +174,7 @@ server {
}
{% endif %}
location /whn-manager {
proxy_pass http://localhost:{{ item.http_port }}/whn-manager;
proxy_pass http://127.0.0.1:{{ item.http_port }}/whn-manager;
}
{% for instance in tomcat_m_instances %}
{% for context in instance.app_contexts %}
@ -182,12 +184,12 @@ server {
{% if smartgears_nginx_cors_enabled %}
include /etc/nginx/snippets/nginx-cors.conf;
{% if nginx_cors_extended_rules %}
proxy_pass http://localhost:{{ item.http_port }};
proxy_pass http://127.0.0.1:{{ item.http_port }};
{% else %}
proxy_pass http://localhost:{{ item.http_port }}/{{ context }};
proxy_pass http://127.0.0.1:{{ item.http_port }}/{{ context }};
{% endif %}
{% else %}
proxy_pass http://localhost:{{ item.http_port }}/{{ context }};
proxy_pass http://127.0.0.1:{{ item.http_port }}/{{ context }};
{% endif %}
}
{% endif %}
@ -196,12 +198,12 @@ server {
{% endfor %}
{% if smart_executor_install is defined and smart_executor_install %}
location {{ smart_executor_context }} {
proxy_pass http://localhost:{{ smartgears_http_port }}{{ smart_executor_context }};
proxy_pass http://127.0.0.1:{{ smartgears_http_port }}{{ smart_executor_context }};
}
{% endif %}
{% if data_transfer_service_install %}
location /data-transfer-service {
proxy_pass http://localhost:{{ smartgears_http_port }}/data-transfer-service;
proxy_pass http://127.0.0.1:{{ smartgears_http_port }}/data-transfer-service;
}
{% endif %}
{% if rstudio_install_server is defined and rstudio_install_server %}
@ -209,7 +211,7 @@ server {
{% if smartgears_nginx_cors_enabled %}
include /etc/nginx/snippets/nginx-cors.conf;
{% endif %}
proxy_pass http://localhost:8787/;
proxy_pass http://127.0.0.1:8787/;
}
{% endif %}

4
smartgears/smartgears/defaults/main.yml
View File

@ -57,14 +57,14 @@ smartgears_log_dir: '{{ smartgears_user_home }}/tomcat/logs'
smartgears_logback_template: True
smartgears_tomcat_contexts: [ '' ]
smartgears_tomcat_listen_address: '127.0.0.1'
# The iptables rules use this
http_port: '{{ smartgears_http_port }}'
tomcat_m_webapps_unpack: True
tomcat_m_instances:
- { http_enabled: True, http_port: '{{ smartgears_http_port }}', http_address: '0.0.0.0', ajp_enabled: False, ajp_port: '8109', ajp_address: '127.0.0.1', restart_timeout: '{{ tomcat_m_restart_timeout }}', shutdown_port: '-1', java_home: '{{ jdk_java_home }}', user: '{{ smartgears_user }}', user_home: '{{ smartgears_user_home }}', user_shell: '{{ tomcat_m_default_user_shell }}', instance_path: '{{ smartgears_instance_path }}', max_threads: '{{ tomcat_m_max_threads }}', autodeploy: '{{ tomcat_m_webapps_autodeploy }}', unpack: '{{ tomcat_m_webapps_unpack }}', default_conf: True, java_opts: '{{ tomcat_m_java_opts }}', java_gc_opts: '{{ tomcat_m_java_gc_opts }}', other_java_opts: '{{ tomcat_m_other_java_opts }}', jmx_enabled: '{{ tomcat_m_jmx_enabled }}', jmx_disable_additional_ports: '{{ tomcat_m_jmx_disable_additional_ports }}', jmx_port: '{{ tomcat_m_jmx_port }}', jmx_use_ssl: '{{ tomcat_m_jmx_use_ssl }}', jmx_auth_enabled: '{{ tomcat_m_jmx_auth_enabled }}', jmx_auth_dir: '{{ tomcat_m_instances_base_path }}/{{ smartgears_http_port }}/conf', jmx_monitorpass: '{{ tomcat_m_jmx_monitorpass | default(omit) }}', jmx_controlpass: '{{ tomcat_m_jmx_controlpass | default(omit) }}', remote_debugging: '{{ tomcat_m_enable_remote_debugging }}', remote_debugging_port: '{{ smartgears_debugging_port }}' , access_log_enabled: True, log_rotation_freq: daily, log_retain: 30, allowed_hosts: [ '0.0.0.0/0' ], app_contexts: '{{ smartgears_tomcat_contexts }}', skip_smartgears: False, servername: '{{ ansible_fqdn }}' }
- { http_enabled: True, http_port: '{{ smartgears_http_port }}', http_address: '{{ smartgears_tomcat_address }}', ajp_enabled: False, ajp_port: '8109', ajp_address: '127.0.0.1', restart_timeout: '{{ tomcat_m_restart_timeout }}', shutdown_port: '-1', java_home: '{{ jdk_java_home }}', user: '{{ smartgears_user }}', user_home: '{{ smartgears_user_home }}', user_shell: '{{ tomcat_m_default_user_shell }}', instance_path: '{{ smartgears_instance_path }}', max_threads: '{{ tomcat_m_max_threads }}', autodeploy: '{{ tomcat_m_webapps_autodeploy }}', unpack: '{{ tomcat_m_webapps_unpack }}', default_conf: True, java_opts: '{{ tomcat_m_java_opts }}', java_gc_opts: '{{ tomcat_m_java_gc_opts }}', other_java_opts: '{{ tomcat_m_other_java_opts }}', jmx_enabled: '{{ tomcat_m_jmx_enabled }}', jmx_disable_additional_ports: '{{ tomcat_m_jmx_disable_additional_ports }}', jmx_port: '{{ tomcat_m_jmx_port }}', jmx_use_ssl: '{{ tomcat_m_jmx_use_ssl }}', jmx_auth_enabled: '{{ tomcat_m_jmx_auth_enabled }}', jmx_auth_dir: '{{ tomcat_m_instances_base_path }}/{{ smartgears_http_port }}/conf', jmx_monitorpass: '{{ tomcat_m_jmx_monitorpass | default(omit) }}', jmx_controlpass: '{{ tomcat_m_jmx_controlpass | default(omit) }}', remote_debugging: '{{ tomcat_m_enable_remote_debugging }}', remote_debugging_port: '{{ smartgears_debugging_port }}' , access_log_enabled: True, log_rotation_freq: daily, log_retain: 30, allowed_hosts: [ '0.0.0.0/0' ], app_contexts: '{{ smartgears_tomcat_contexts }}', skip_smartgears: False,smartgears_id: 1, servername: '{{ ansible_fqdn }}' }
# To enable debugging:
# - Set

4
smartgears/smartgears/templates/container.xml.j2
View File

@ -1,6 +1,10 @@
<container mode='{{ smartgears_mode }}'>
{% if hostname is defined %}
<hostname>{{ hostname }}</hostname>
{% else %}
<hostname>{{ smartgears_hostname }}</hostname>
{% endif %}
{% if setup_nginx %}
<port>{{ http_port }}</port>
{% else %}