Merge branch 'master' of gitorious.research-infrastructures.eu:infrastructure-management/ansible-playbooks

This commit is contained in:
Roberto Cirillo 2017-09-18 12:03:43 +02:00
commit d225d7704c
11 changed files with 72 additions and 39 deletions

View File

@ -6,6 +6,10 @@
- name: Create the pki directory - name: Create the pki directory
file: dest={{ pki_dir }}/nginx state=directory file: dest={{ pki_dir }}/nginx state=directory
- name: Create the client body tmp directory, if needed
file: dest={{ nginx_client_body_temp_dir }}/nginx state=directory owner=www-data group=www-data mode=0700
when: nginx_client_body_temp_dir is defined
- name: Create a dhparams file 2048 bits long - name: Create a dhparams file 2048 bits long
shell: openssl dhparam -out {{ pki_dir }}/nginx/dhparams.pem 2048 shell: openssl dhparam -out {{ pki_dir }}/nginx/dhparams.pem 2048
args: args:

View File

@ -1,6 +1,6 @@
--- ---
shinyproxy_install: False shinyproxy_install: False
shinyproxy_version: 0.9.3 shinyproxy_version: 1.0.0
shinyproxy_file_name: 'shinyproxy-{{ shinyproxy_version }}.jar' shinyproxy_file_name: 'shinyproxy-{{ shinyproxy_version }}.jar'
shinyproxy_url: 'https://www.shinyproxy.io/downloads/{{ shinyproxy_file_name }}' shinyproxy_url: 'https://www.shinyproxy.io/downloads/{{ shinyproxy_file_name }}'
shinyproxy_app_name: shinyproxy.jar shinyproxy_app_name: shinyproxy.jar
@ -10,8 +10,10 @@ shinyproxy_http_port: 8080
# For logrotate. In days # For logrotate. In days
shinyproxy_log_retention: 10 shinyproxy_log_retention: 10
shinyproxy_default_apps: True shinyproxy_default_apps: True
shinyproxy_docker_url: 'http://localhost:2375/' shinyproxy_docker_url: 'http://localhost:2375'
shinyproxy_docker_port_range_start: 20000 shinyproxy_docker_port_range_start: 20000
shinyproxy_container_wait_time: 60000
shinyproxy_hide_navbar: 'false'
shinyproxy_app_title: 'Open Analytics Shiny Proxy' shinyproxy_app_title: 'Open Analytics Shiny Proxy'
shinyproxy_logo_url: 'http://www.openanalytics.eu/sites/www.openanalytics.eu/themes/oa/logo.png' shinyproxy_logo_url: 'http://www.openanalytics.eu/sites/www.openanalytics.eu/themes/oa/logo.png'

View File

@ -20,7 +20,7 @@
- name: Install the shinyproxy configuration file - name: Install the shinyproxy configuration file
template: src=shinyproxy-conf.yml.j2 dest={{ shinyproxy_install_dir }}/application.yml owner=root group={{ shinyproxy_user }} mode=0640 template: src=shinyproxy-conf.yml.j2 dest={{ shinyproxy_install_dir }}/application.yml owner=root group={{ shinyproxy_user }} mode=0640
notify: Restart shinyproxy notify: Restart shinyproxy
tags: [ 'shinyproxy', 'shinyproxy_conf' ] tags: [ 'shinyproxy', 'shinyproxy_conf', 'shinyproxy_images' ]
- name: Install the shinyproxy logrotate configuration - name: Install the shinyproxy logrotate configuration
template: src=shinyproxy-logrotate.j2 dest=/etc/logrotate.d/shinyproxy owner=root group=root mode=0444 template: src=shinyproxy-logrotate.j2 dest=/etc/logrotate.d/shinyproxy owner=root group=root mode=0444
@ -29,6 +29,12 @@
- name: Ensure that the shinyproxy service is enabled and running - name: Ensure that the shinyproxy service is enabled and running
service: name=shinyproxy state=started enabled=yes service: name=shinyproxy state=started enabled=yes
- name: Pull the Docker images of shiny apps
docker_image: name={{ item.docker_image }} pull=yes state={{ item.image_state | default('present') }} force=yes
with_items: '{{ shinyproxy_apps }}'
when: shinyproxy_apps is defined
tags: [ 'shinyproxy', 'shinyproxy_images' ]
when: shinyproxy_install when: shinyproxy_install
tags: shinyproxy tags: shinyproxy

View File

@ -5,7 +5,9 @@ shiny:
landing-page: / landing-page: /
heartbeat-rate: 10000 heartbeat-rate: 10000
heartbeat-timeout: 60000 heartbeat-timeout: 60000
container-wait-time: {{ shinyproxy_container_wait_time }}
port: {{ shinyproxy_http_port }} port: {{ shinyproxy_http_port }}
hide-navbar: {{ shinyproxy_hide_navbar }}
authentication: {{ shinyproxy_authentication }} authentication: {{ shinyproxy_authentication }}
admin-groups: {{ shinyproxy_admin_group }} admin-groups: {{ shinyproxy_admin_group }}
{% if shinyproxy_ldap_enabled %} {% if shinyproxy_ldap_enabled %}
@ -49,9 +51,11 @@ shiny:
description: {{ app.description }} description: {{ app.description }}
docker-cmd: ["R", "-e {{ app.cmd }}"] docker-cmd: ["R", "-e {{ app.cmd }}"]
docker-image: {{ app.docker_image }} docker-image: {{ app.docker_image }}
docker-memory: {{ app.docker_memory | default('2g') }}
{% if app.groups is defined %} {% if app.groups is defined %}
groups: {{ app.groups }} groups: {{ app.groups }}
{% endif %} {% endif %}
{% endfor %} {% endfor %}
{% endif %} {% endif %}

View File

@ -47,8 +47,8 @@ cd /usr/lib/ckan/default/src/ckan
if [ "$CKAN_CREATE_USER" == "True" ] ; then if [ "$CKAN_CREATE_USER" == "True" ] ; then
# Create the admin user # Create the admin user
paster sysadmin add $CK_ADMIN -c $CK_INI << EOF paster sysadmin add $CK_ADMIN -c $CK_INI << EOF
y y
$CK_ADMIN_PWD $CK_ADMIN_PWD
$CK_ADMIN_PWD $CK_ADMIN_PWD

View File

@ -87,10 +87,10 @@ function algorithms_updater() {
ALGO_NAME=$( echo "$algo" | awk -F \| '{ print $1 }' ) ALGO_NAME=$( echo "$algo" | awk -F \| '{ print $1 }' )
ALGO_BODY=$( echo "$algo" | awk -F \| '{ print $2 }' ) ALGO_BODY=$( echo "$algo" | awk -F \| '{ print $2 }' )
ALGO_DATE=$( echo "$algo" | awk -F \| '{ print $3 }' ) ALGO_DATE=$( echo "$algo" | awk -F \| '{ print $3 }' )
ALGO_TIMESTAMP=$( date +%s -d "$ALGO_DATE" ) ALGO_TIMESTAMP=$( date +%s -d "$ALGO_DATE" 2>/dev/null )
if [ $? -ne 0 ] ; then if [ $? -ne 0 ] ; then
echo "the date for algorithm $ALGO_NAME is wrong" echo "the date for algorithm $ALGO_NAME is wrong"
fi else
ALGO_LINE=$( egrep ^"$ALGO_NAME " $ALGORITHMS_INSTALLED_FILE ) ALGO_LINE=$( egrep ^"$ALGO_NAME " $ALGORITHMS_INSTALLED_FILE )
ALGO_PRESENT=$? ALGO_PRESENT=$?
if [ $ALGO_PRESENT -ne 0 ] ; then if [ $ALGO_PRESENT -ne 0 ] ; then
@ -110,17 +110,16 @@ function algorithms_updater() {
echo 'if [ $RETVAL -ne 0 ] ; then' >> $ALGORITHMS_TEMP_SCRIPT.body_ echo 'if [ $RETVAL -ne 0 ] ; then' >> $ALGORITHMS_TEMP_SCRIPT.body_
echo " logger 'algorithms-updater: the adding of algorithm $ALGO_NAME failed'" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo " logger 'algorithms-updater: the adding of algorithm $ALGO_NAME failed'" >> $ALGORITHMS_TEMP_SCRIPT.body_
echo "else" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo "else" >> $ALGORITHMS_TEMP_SCRIPT.body_
echo " echo 'egrep -v ^"$ALGO_NAME " $ALGORITHMS_INSTALLED_FILE > ${ALGORITHMS_INSTALLED_FILE}_ " >> $ALGORITHMS_TEMP_SCRIPT.body_
echo " echo 'mv ${ALGORITHMS_INSTALLED_FILE}_ $ALGORITHMS_INSTALLED_FILE" >> $ALGORITHMS_TEMP_SCRIPT.body_
echo " echo '$ALGO_NAME | $ALGO_DATE' >> $ALGORITHMS_INSTALLED_FILE" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo " echo '$ALGO_NAME | $ALGO_DATE' >> $ALGORITHMS_INSTALLED_FILE" >> $ALGORITHMS_TEMP_SCRIPT.body_
echo " logger 'algorithms-updater: the adding of algorithm $ALGO_NAME succeeded'" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo " logger 'algorithms-updater: the adding of algorithm $ALGO_NAME succeeded'" >> $ALGORITHMS_TEMP_SCRIPT.body_
echo "fi" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo "fi" >> $ALGORITHMS_TEMP_SCRIPT.body_
else else
ALGO_LOCAL_TIMESTAMP=0 ALGO_LOCAL_TIMESTAMP=0
ALGO_LOCAL_DATE=$( egrep ^"$ALGO_NAME" $ALGORITHMS_INSTALLED_FILE | awk -F \| '{ print $2 }' | grep -v \' ) ALGO_LOCAL_DATE=$( egrep ^"$ALGO_NAME " $ALGORITHMS_INSTALLED_FILE | tail -1 | awk -F \| '{ print $2 }' | grep -v \' )
ALGO_LOCAL_TIMESTAMP=$( date +%s -d "$ALGO_LOCAL_DATE" ) ALGO_LOCAL_TIMESTAMP=$( date +%s -d "$ALGO_LOCAL_DATE" 2>/dev/null )
if [ $? -ne 0 ] ; then if [ $? -ne 0 ] || [ $ALGO_LOCAL_TIMESTAMP -ne $ALGO_TIMESTAMP ]; then
echo "the locally saved date for algorithm $ALGO_NAME is wrong"
fi
if [ $ALGO_LOCAL_TIMESTAMP -ne $ALGO_TIMESTAMP ] ; then
echo "logger 'algorithms-updater: running the add command of algorithm $ALGO_NAME'" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo "logger 'algorithms-updater: running the add command of algorithm $ALGO_NAME'" >> $ALGORITHMS_TEMP_SCRIPT.body_
echo "logger 'algorithms-updater: the add command string is $ALGO_BODY'" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo "logger 'algorithms-updater: the add command string is $ALGO_BODY'" >> $ALGORITHMS_TEMP_SCRIPT.body_
echo "RETVAL=" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo "RETVAL=" >> $ALGORITHMS_TEMP_SCRIPT.body_
@ -137,13 +136,14 @@ function algorithms_updater() {
echo 'if [ $RETVAL -ne 0 ] ; then' >> $ALGORITHMS_TEMP_SCRIPT.body_ echo 'if [ $RETVAL -ne 0 ] ; then' >> $ALGORITHMS_TEMP_SCRIPT.body_
echo " logger 'algorithms-updater: the adding of algorithm $ALGO_NAME failed'" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo " logger 'algorithms-updater: the adding of algorithm $ALGO_NAME failed'" >> $ALGORITHMS_TEMP_SCRIPT.body_
echo "else" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo "else" >> $ALGORITHMS_TEMP_SCRIPT.body_
echo " echo 'grep -v $ALGO_NAME $ALGORITHMS_INSTALLED_FILE > ${ALGORITHMS_INSTALLED_FILE}_ " >> $ALGORITHMS_TEMP_SCRIPT.body_ echo " echo 'egrep -v "^$ALGO_NAME " $ALGORITHMS_INSTALLED_FILE > ${ALGORITHMS_INSTALLED_FILE}_ " >> $ALGORITHMS_TEMP_SCRIPT.body_
echo " echo 'mv ${ALGORITHMS_INSTALLED_FILE}_ $ALGORITHMS_INSTALLED_FILE" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo " echo 'mv ${ALGORITHMS_INSTALLED_FILE}_ $ALGORITHMS_INSTALLED_FILE" >> $ALGORITHMS_TEMP_SCRIPT.body_
echo " echo '$ALGO_NAME | $ALGO_DATE' >> $ALGORITHMS_INSTALLED_FILE" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo " echo '$ALGO_NAME | $ALGO_DATE' >> $ALGORITHMS_INSTALLED_FILE" >> $ALGORITHMS_TEMP_SCRIPT.body_
echo " logger 'algorithms-updater: the adding of algorithm $ALGO_NAME succeeded'" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo " logger 'algorithms-updater: the adding of algorithm $ALGO_NAME succeeded'" >> $ALGORITHMS_TEMP_SCRIPT.body_
echo "fi" >> $ALGORITHMS_TEMP_SCRIPT.body_ echo "fi" >> $ALGORITHMS_TEMP_SCRIPT.body_
fi fi
fi fi
fi
done < ${ALGORITHMS_TEMP_SCRIPT}.algorithmslist done < ${ALGORITHMS_TEMP_SCRIPT}.algorithmslist
set -o pipefail set -o pipefail
set -e set -e

View File

@ -55,6 +55,7 @@ smartgears_log_max_history: 30
smartgears_log_max_file_size: 10MB smartgears_log_max_file_size: 10MB
smartgears_log_total_file_cap: 2GB smartgears_log_total_file_cap: 2GB
smartgears_log_dir: '{{ smartgears_user_home }}/tomcat/logs' smartgears_log_dir: '{{ smartgears_user_home }}/tomcat/logs'
smartgears_tomcat_tmp_dir: '{{ smartgears_user_home }}/tomcat/tmp'
smartgears_logback_template: True smartgears_logback_template: True
smartgears_tomcat_contexts: [ '' ] smartgears_tomcat_contexts: [ '' ]
@ -65,7 +66,7 @@ http_port: '{{ smartgears_http_port }}'
tomcat_m_webapps_unpack: True tomcat_m_webapps_unpack: True
tomcat_m_instances: tomcat_m_instances:
- { http_enabled: True, http_port: '{{ smartgears_http_port }}', http_address: '{{ smartgears_tomcat_listen_address }}', ajp_enabled: False, ajp_port: '8109', ajp_address: '127.0.0.1', restart_timeout: '{{ tomcat_m_restart_timeout }}', shutdown_port: '-1', java_home: '{{ jdk_java_home }}', user: '{{ smartgears_user }}', user_home: '{{ smartgears_user_home }}', user_shell: '{{ tomcat_m_default_user_shell }}', instance_path: '{{ smartgears_instance_path }}', max_threads: '{{ tomcat_m_max_threads }}', autodeploy: '{{ tomcat_m_webapps_autodeploy }}', unpack: '{{ tomcat_m_webapps_unpack }}', default_conf: True, java_opts: '{{ tomcat_m_java_opts }}', java_gc_opts: '{{ tomcat_m_java_gc_opts }}', other_java_opts: '{{ tomcat_m_other_java_opts }}', jmx_enabled: '{{ tomcat_m_jmx_enabled }}', jmx_disable_additional_ports: '{{ tomcat_m_jmx_disable_additional_ports }}', jmx_port: '{{ tomcat_m_jmx_port }}', jmx_use_ssl: '{{ tomcat_m_jmx_use_ssl }}', jmx_auth_enabled: '{{ tomcat_m_jmx_auth_enabled }}', jmx_auth_dir: '{{ tomcat_m_instances_base_path }}/{{ smartgears_http_port }}/conf', jmx_monitorpass: '{{ tomcat_m_jmx_monitorpass | default(omit) }}', jmx_controlpass: '{{ tomcat_m_jmx_controlpass | default(omit) }}', remote_debugging: '{{ tomcat_m_enable_remote_debugging }}', remote_debugging_port: '{{ smartgears_debugging_port }}' , access_log_enabled: True, log_rotation_freq: daily, log_retain: 30, allowed_hosts: [ '0.0.0.0/0' ], app_contexts: '{{ smartgears_tomcat_contexts }}', skip_smartgears: False,smartgears_id: 1, servername: '{{ ansible_fqdn }}' } - { http_enabled: True, http_port: '{{ smartgears_http_port }}', http_address: '{{ smartgears_tomcat_listen_address }}', ajp_enabled: False, ajp_port: '8109', ajp_address: '127.0.0.1', restart_timeout: '{{ tomcat_m_restart_timeout }}', shutdown_port: '-1', java_home: '{{ jdk_java_home }}', user: '{{ smartgears_user }}', user_home: '{{ smartgears_user_home }}', user_shell: '{{ tomcat_m_default_user_shell }}', instance_path: '{{ smartgears_instance_path }}', max_threads: '{{ tomcat_m_max_threads }}', autodeploy: '{{ tomcat_m_webapps_autodeploy }}', unpack: '{{ tomcat_m_webapps_unpack }}', default_conf: True, java_opts: '{{ tomcat_m_java_opts }}', java_gc_opts: '{{ tomcat_m_java_gc_opts }}', other_java_opts: '{{ tomcat_m_other_java_opts }}', jmx_enabled: '{{ tomcat_m_jmx_enabled }}', jmx_disable_additional_ports: '{{ tomcat_m_jmx_disable_additional_ports }}', jmx_port: '{{ tomcat_m_jmx_port }}', jmx_use_ssl: '{{ tomcat_m_jmx_use_ssl }}', jmx_auth_enabled: '{{ tomcat_m_jmx_auth_enabled }}', jmx_auth_dir: '{{ tomcat_m_instances_base_path }}/{{ smartgears_http_port }}/conf', jmx_monitorpass: '{{ tomcat_m_jmx_monitorpass | default(omit) }}', jmx_controlpass: '{{ tomcat_m_jmx_controlpass | default(omit) }}', catalina_tmp_directory: '{{ smartgears_tomcat_tmp_dir }}', remote_debugging: '{{ tomcat_m_enable_remote_debugging }}', remote_debugging_port: '{{ smartgears_debugging_port }}', access_log_enabled: True, log_rotation_freq: daily, log_retain: 30, allowed_hosts: [ '0.0.0.0/0' ], app_contexts: '{{ smartgears_tomcat_contexts }}', skip_smartgears: False,smartgears_id: 1, servername: '{{ ansible_fqdn }}' }
# To enable debugging: # To enable debugging:
# - Set # - Set

View File

@ -56,6 +56,12 @@
register: tomcat_first_install register: tomcat_first_install
tags: [ 'tomcat', 'tomcat_instances' ] tags: [ 'tomcat', 'tomcat_instances' ]
- name: Create the catalina tmp directory
file: dest={{ item.catalina_tmp_directory }} state=directory owner={{ item.user }} group={{ item.user }} mode=0700
with_items: '{{ tomcat_m_instances }}'
when: item.catalina_tmp_directory is defined
tags: [ 'tomcat', 'tomcat_instances' ]
- name: Populate the instances conf directory - name: Populate the instances conf directory
copy: src={{ item[1] }} dest={{ item.0.instance_path }}/conf/{{ item[1] }} owner={{ item.0.user }} group={{ item.0.user }} mode=0640 copy: src={{ item[1] }} dest={{ item.0.instance_path }}/conf/{{ item[1] }} owner={{ item.0.user }} group={{ item.0.user }} mode=0640
with_nested: with_nested:
@ -76,7 +82,6 @@
- tomcat restart instances with changed configs - tomcat restart instances with changed configs
tags: [ 'tomcat', 'tomcat_instances', 'tomcat_catalina_properties' ] tags: [ 'tomcat', 'tomcat_instances', 'tomcat_catalina_properties' ]
- name: Populate the instances conf/policy.d directory - name: Populate the instances conf/policy.d directory
copy: src=policy.d/{{ item[1] }} dest={{ item.0.instance_path }}/conf/policy.d/{{ item[1] }} owner={{ item.0.user }} group={{ item.0.user }} mode=0640 copy: src=policy.d/{{ item[1] }} dest={{ item.0.instance_path }}/conf/policy.d/{{ item[1] }} owner={{ item.0.user }} group={{ item.0.user }} mode=0640
with_nested: with_nested:

View File

@ -50,6 +50,9 @@ JAVA_OPTS="${JAVA_OPTS} -Xdebug -Xrunjdwp:transport=dt_socket,address={{ item.re
{% endif %} {% endif %}
# WARNING: This directory will be destroyed and recreated at every startup ! # WARNING: This directory will be destroyed and recreated at every startup !
JVM_TMP={{ item.instance_path }}/tmp JVM_TMP={{ item.instance_path }}/tmp
{% if item.catalina_tmp_directory is defined %}
export CATALINA_TMPDIR={{ item.catalina_tmp_directory }}
{% endif %}
# Additional options not managed by the provisioning tools # Additional options not managed by the provisioning tools
if [ -f /etc/default/tomcat-instance-{{ item.http_port }}.local ] ; then if [ -f /etc/default/tomcat-instance-{{ item.http_port }}.local ] ; then
. /etc/default/tomcat-instance-{{ item.http_port }}.local . /etc/default/tomcat-instance-{{ item.http_port }}.local

View File

@ -9,6 +9,12 @@
notify: tomcat restart notify: tomcat restart
tags: tomcat tags: tomcat
- name: Create the catalina temp directory, if different from the default
file: dest={{ catalina_tmp_directory }} state=directory owner={{ tomcat_user }} group={{ tomcat_user }}
when: catalina_tmp_directory is defined
notify: tomcat restart
tags: tomcat
- name: Configure tomcat defaults - name: Configure tomcat defaults
template: src=tomcat-default.j2 dest=/etc/default/tomcat{{ tomcat_version }} template: src=tomcat-default.j2 dest=/etc/default/tomcat{{ tomcat_version }}
when: tomcat_install_default_conf when: tomcat_install_default_conf

View File

@ -48,7 +48,9 @@ JAVA_OPTS="${JAVA_OPTS} -Xdebug -Xrunjdwp:transport=dt_socket,address={{ tomcat_
# Location of the JVM temporary directory # Location of the JVM temporary directory
# WARNING: This directory will be destroyed and recreated at every startup ! # WARNING: This directory will be destroyed and recreated at every startup !
JVM_TMP={{ tomcat_tmp_dir }} JVM_TMP={{ tomcat_tmp_dir }}
{% if catalina_tmp_directory is defined %}
export CATALINA_TMPDIR={{ catalina_tmp_directory }}
{% endif %}
{% if tomcat_load_additional_default_conf %} {% if tomcat_load_additional_default_conf %}
if [ -f /etc/default/tomcat.local ] ; then if [ -f /etc/default/tomcat.local ] ; then
. /etc/default/tomcat.local . /etc/default/tomcat.local