# Apache
- name: Stop apache2
+ become: true
service: name=apache2 state=stopped
- name: Setup eg.conf
+ become: true
copy:
src: "{{repo_base}}/Evergreen/Open-ILS/examples/apache_24/eg_24.conf"
dest: /etc/apache2/sites-available/eg.conf
- name: Setup eg_vhost.conf
+ become: true
copy:
src: "{{repo_base}}/Evergreen/Open-ILS/examples/apache_24/eg_vhost_24.conf"
dest: /etc/apache2/eg_vhost.conf
- name: Setup eg_startup
+ become: true
copy:
src: "{{repo_base}}/Evergreen/Open-ILS/examples/apache/eg_startup"
dest: /etc/apache2/
- name: Create SSL Certs directory
+ become: true
file: path=/etc/apache2/ssl state=directory
- name: Setup SSL Certs
+ become: true
shell: >
cd /etc/apache2/ssl
&& openssl req -new -x509 -days 365 -nodes -out server.crt
-keyout server.key -subj "/C=XX/ST=XX/L=XX/O=XX/OU=XX/CN={{domain_name}}"
- name: Disable mpm_event
+ become: true
shell: /usr/sbin/a2dismod mpm_event
- name: Enable mpm_prefork
+ become: true
shell: /usr/sbin/a2enmod mpm_prefork
- name: Enable apache mod deflate
+ become: true
shell: /usr/sbin/a2enmod deflate
- name: Enable apache mod headers
+ become: true
shell: /usr/sbin/a2enmod headers
+ become: true
- name: Enable apache mod expires
shell: /usr/sbin/a2enmod expires
+ become: true
- name: Enable apache mod rewrite
shell: /usr/sbin/a2enmod rewrite
+ become: true
- name: Disable default site for apache
shell: /usr/sbin/a2dissite 000-default
+ become: true
- name: Enable eg.conf site for apache
shell: /usr/sbin/a2ensite eg.conf
+ become: true
- name: Change ownership of /var/lock/apache2 to opensrf
file: path=/var/lock/apache2 owner=opensrf group=opensrf
+ become: true
- name: Change run-user for apache to opensrf
+ become: true
replace:
dest: /etc/apache2/envvars
regexp: 'www-data'
replace: 'opensrf'
- name: Set KeepAliveTimeout value
+ become: true
replace:
dest: /etc/apache2/apache2.conf
regexp: 'KeepAliveTimeout .*'
replace: 'KeepAliveTimeout 1'
- name: Restarting Apache
+ become: true
service: name=apache2 state=started
- name: Restarting Websockets
+ become: true
# service name=apache2ctl-websockets state=restarted FAILS
shell: apache2ctl-websockets restart
- name: Install Postgres Prereqs
+ become: true
apt: name={{item}} state=present
with_items:
- python-psycopg2 # required by postgresql_user
- name: Install Postgres Dependencies
+ become: true
shell: >
cd {{repo_base}}/Evergreen
&& PERL_MM_USE_DEFAULT=1 make -f
# equivalent of the postgres-server-{{os_build_target}} steps.
- block:
- name: Add Postgresql 9.6 Apt Repository
+ become: true
shell: add-apt-repository "deb http://apt.postgresql.org/pub/repos/apt/ xenial-pgdg main"
- name: Add Postgresql 9.6 Apt Repository Key
+ become: true
shell: wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -
- name: Install Postgresql 9.6 Server
+ become: true
apt:
update_cache: yes
name: "{{item}}"
- postgresql-server-dev-9.6
when: use_pg_96
- name: Start Postgres
+ become: true
service: name=postgresql state=started
- name: Create DB User
become: true
when: create_schema
- block:
- name: Install PGTAP
+ become: true
apt: name=pgtap state=present
- name: Create PGTAP Extension
become: true
cd {{repo_base}}/Evergreen
&& PERL_MM_USE_DEFAULT=1 make -f
Open-ILS/src/extras/Makefile.install {{os_build_target}}
-- name: Set ownership of {{repo_base}} to opensrf
- file: dest="{{repo_base}}" owner=opensrf group=opensrf recurse=yes
+- name: Set ownership of {{repo_base}} to {{deploy_user}}
+ become: true
+ file: dest={{repo_base}} owner={{deploy_user}} group={{deploy_user}} recurse=yes
- name: Build Evergreen
become: true
become_user: opensrf
&& ./configure --prefix={{eg_install_path}} --sysconfdir={{eg_install_path}}/conf
&& make
- name: Set ownership of {{eg_install_path}} to opensrf
- file: dest="{{eg_install_path}}" owner=opensrf group=opensrf recurse=yes
+ become: true
+ file: dest={{eg_install_path}} owner=opensrf group=opensrf recurse=yes
cd {{repo_base}}/Evergreen
&& make STAFF_CLIENT_STAMP_ID={{eg_stamp_id}} install
- name: Create XUL Current Symlink
+ become: true
+ become_user: opensrf
file:
state: link
src: "{{eg_install_path}}/var/web/xul/{{eg_stamp_id}}"
dest: "{{eg_install_path}}/var/web/xul/current"
- name: Create XUL Server Symlink
+ become: true
+ become_user: opensrf
file:
state: link
src: "{{eg_install_path}}/var/web/xul/current/server"
dest: "{{eg_install_path}}/var/web/xul/server"
- name: Setup opensrf.xml config file
+ become: true
+ become_user: opensrf
copy:
src: "{{eg_install_path}}/conf/opensrf.xml.example"
dest: "{{eg_install_path}}/conf/opensrf.xml"
force: no
- name: Setup opensrf_core.xml config file
+ become: true
+ become_user: opensrf
copy:
src: "{{eg_install_path}}/conf/opensrf_core.xml.example"
dest: "{{eg_install_path}}/conf/opensrf_core.xml"
src: /tmp/dojo-release-{{dojo_version}}.tar.gz
dest: /tmp/
- name: Copy dojo source files into place
+ become: true
+ become_user: opensrf
synchronize: src=/tmp/dojo-release-{{dojo_version}}/ dest={{eg_install_path}}/var/web/js/dojo/
- name: Set ownership of {{eg_install_path}} to opensrf
+ become: true
file: dest={{eg_install_path}} owner=opensrf group=opensrf recurse=yes
- name: Setup .srfsh.xml for opensrf user
+ become: true
+ become_user: opensrf
copy: src={{eg_install_path}}/conf/srfsh.xml.example dest=/home/opensrf/.srfsh.xml force=no
-- name: Set ownership of .srfsh.xml to opensrf
- file: dest=/home/opensrf/.srfsh.xml owner=opensrf group=opensrf
- name: Copy ldconfig
+ become: true
copy:
src: "{{playbook_dir}}/evergreen/evergreen.ld.conf"
dest: /etc/ld.so.conf.d/evergreen.ld.conf
- name: Run ldconfig
+ become: true
shell: ldconfig
- name: Install Evergreen Translator Prereqs
+ become: true
shell: >
cd {{repo_base}}/Evergreen
&& PERL_MM_USE_DEFAULT=1 make -f
Open-ILS/src/extras/Makefile.install {{os_build_target}}-translator
-- name: Set ownership of {{repo_base}} to opensrf
- file: dest="{{repo_base}}" owner=opensrf group=opensrf recurse=yes
+- name: Set ownership of {{repo_base}} to {{deploy_user}}
+ become: true
+ file: dest={{repo_base}} owner={{deploy_user}} group={{deploy_user}} recurse=yes
- name: Install specified "{{ locale }}" locale(s)
become: true
- become_user: opensrf
shell: >
- cd {{repo_base}}/Evergreen/build/i18n
+ cd {{repo_base}}/Evergreen/build/i18n
&& make LOCALE="{{ item }}" install
with_items: "{{ locale }}"
+- name: Set ownership of {{repo_base}} to {{deploy_user}}
+ become: true
+ file: dest={{repo_base}} owner={{deploy_user}} group={{deploy_user}} recurse=yes
+- name: Set ownership of {{eg_install_path}} to opensrf
+ become: true
+ file: dest={{eg_install_path}} owner=opensrf group=opensrf recurse=yes
- name: Install Evergreen Web Prereqs
+ become: true
shell: >
cd {{repo_base}}/Evergreen
&& PERL_MM_USE_DEFAULT=1 make -f
Open-ILS/src/extras/Makefile.install {{os_build_target}}-developer
-- name: Set ownership of {{repo_base}} to opensrf
- file: dest="{{repo_base}}" owner=opensrf group=opensrf recurse=yes
+- name: Set ownership of {{repo_base}} to {{deploy_user}}
+ become: true
+ file: dest="{{repo_base}}" owner={{deploy_user}} group={{deploy_user}} recurse=yes
- name: Install Grunt
+ become: true
npm: name=grunt-cli global=true
- name: Node Build
become: true
become_user: opensrf
npm: path={{repo_base}}/Evergreen/Open-ILS/web/js/ui/default/staff
- name: Grunt Build
- become: true
- become_user: opensrf
shell: >
cd {{repo_base}}/Evergreen/Open-ILS/web/js/ui/default/staff
&& grunt build
- name: Grunt Test
- become: true
- become_user: opensrf
shell: >
cd {{repo_base}}/Evergreen/Open-ILS/web/js/ui/default/staff
&& grunt test
# Apache translations
- name: Assign variable for locale(s) for TPAC
+ become: true
vars:
eg_locale: "{{ item | lower | regex_replace('(\\w{2})-(\\w{2})', '\\1_\\2') }}"
blockinfile:
with_items: "{{ locale }}"
when: locale is defined
- name: Setup locale(s) for web staff client
+ become: true
vars:
staff_eg_locale: "{{ item | lower | regex_replace('(\\w{2})-(\\w{2})', '\\1_\\2') }}"
blockinfile:
# Apache must be reconfigured before NGINX is installed
# or the NGINX install will fail on conflicting ports
- name: Change Apache ports.conf to listen 7080
+ become: true
replace:
dest: /etc/apache2/ports.conf
regexp: 'Listen 80'
replace: 'Listen 7080'
- name: Change Apache ports.conf to listen 7443
+ become: true
replace:
dest: /etc/apache2/ports.conf
regexp: 'Listen 443'
replace: 'Listen 7443'
- name: Change Evergreen eg.conf to listen 7080
+ become: true
replace:
dest: /etc/apache2/sites-available/eg.conf
regexp: ':80'
replace: ':7080'
- name: Change Evergreen eg.conf to listen 7443
+ become: true
replace:
dest: /etc/apache2/sites-available/eg.conf
regexp: ':443'
replace: ':7443'
- name: Restart Apache With New Ports
+ become: true
service: name=apache2 state=restarted
- name: Install Nginx Prereqs
+ become: true
apt: name=nginx state=present
- name: Install NGINX Configs
+ become: true
copy:
src: "{{repo_base}}/OpenSRF/examples/nginx/osrf-ws-http-proxy"
dest: /etc/nginx/sites-available/osrf-ws-http-proxy
- name: Link NGINX Configs
+ become: true
file:
state: link
src: /etc/nginx/sites-available/osrf-ws-http-proxy
dest: /etc/nginx/sites-enabled/osrf-ws-http-proxy
- name: Remove Default NGINX Site
+ become: true
file:
state: absent
dest: /etc/nginx/sites-available/default
- name: Restart NGINX With New Config
+ become: true
service: name=nginx state=restarted
- name: Update OpenSRF WS JS Port
+ become: true
+ become_user: opensrf
lineinfile:
- dest: /openils/lib/javascript/opensrf_ws.js
+ dest: "{{eg_install_path}}/lib/javascript/opensrf_ws.js"
regexp: '^var WEBSOCKET_PORT_SSL = 7682;'
line: 'var WEBSOCKET_PORT_SSL = 443;'
- name: Update OpenSRF WS JS Port (Shared)
# This file is not currently used, but may be later.
+ become: true
+ become_user: opensrf
lineinfile:
- dest: /openils/lib/javascript/opensrf_ws_shared.js
+ dest: "{{eg_install_path}}/lib/javascript/opensrf_ws_shared.js"
regexp: '^var WEBSOCKET_PORT_SSL = 7682;'
line: 'var WEBSOCKET_PORT_SSL = 443;'
- name: Configure Rsyslog
+ become: true
when: use_rsyslog
copy:
src: "{{repo_base}}/Evergreen/Open-ILS/examples/evergreen-rsyslog.conf"
dest: /etc/rsyslog.d/evergreen.conf
- name: Restart Rsyslog
+ become: true
when: use_rsyslog
service: name=rsyslog state=restarted
- name: Update opensrf_core.xml for rsyslog
+ become: true
+ become_user: opensrf
replace:
dest: "{{eg_install_path}}/conf/opensrf_core.xml"
regexp: '<logfile>\/(.*)\n.*<!--'
replace: '<!--<logfile>/\1-->'
- name: Update opensrf_core.xml for rsyslog
+ become: true
+ become_user: opensrf
replace:
dest: "{{eg_install_path}}/conf/opensrf_core.xml"
regexp: '-->.*\n(.*)<loglevel>'
replace: '<loglevel>'
- name: Update opensrf_core.xml for rsyslog
+ become: true
+ become_user: opensrf
replace:
dest: "{{eg_install_path}}/conf/opensrf_core.xml"
regexp: '-->.*\n(.*)</gateway>'
environment:
PATH: "{{ansible_env.PATH}}:{{eg_install_path}}/bin"
shell: autogen.sh
-- name: Reloading Apache
+- name: Reloading Apache
+ become: true
service: name=apache2 state=reloaded
- name: Copying Ejabberd Config
+ become: true
copy:
src: "{{playbook_dir}}/opensrf/ejabberd-config.yml"
dest: /etc/ejabberd/ejabberd.yml
mode: 0600
- name: Restarting Ejabberd
+ become: true
service: name=ejabberd state=restarted
- name: Wait a moment for Ejabberd
pause: seconds=5
cd {{repo_base}}/OpenSRF
&& PERL_MM_USE_DEFAULT=1 make -f
src/extras/Makefile.install {{os_build_target}}
-- name: Set ownership of {{repo_base}} to opensrf
- file: dest="{{repo_base}}" owner=opensrf group=opensrf recurse=yes
-- name: Build OpenSRF
+- name: Set ownership of {{repo_base}} to {{deploy_user}}
become: true
- become_user: opensrf
+ file: dest="{{repo_base}}" owner={{deploy_user}} group={{deploy_user}} recurse=yes
+- name: Build OpenSRF
environment:
PATH: "{{ansible_env.PATH}}:{{eg_install_path}}/bin"
shell: >
&& ./configure --prefix={{eg_install_path}} --sysconfdir={{eg_install_path}}/conf
&& make
- name: Install OpenSRF Files
+ become: true
environment:
PATH: "{{ansible_env.PATH}}:{{eg_install_path}}/bin"
shell: cd {{repo_base}}/OpenSRF && make install
- name: Set ownership of {{eg_install_path}} to opensrf
+ become: true
file: dest="{{eg_install_path}}" owner=opensrf group=opensrf recurse=yes
- name: Install OpenSRF Pre-Prereqs
+ become: true
apt: name=make state=present
with_items:
- make
- git
- name: Create opensrf user
+ become: true
user:
name: opensrf
shell: /bin/bash
# Environment changes added to ~/.bash_profile to ensure they are
# loaded regardless of whether opensrf is used interactively.
- name: Check export PATH for opensrf user profile
+ become: true
+ become_user: opensrf
lineinfile:
dest: /home/opensrf/.bash_profile
create: yes
regexp: '^export PATH='
line: 'export PATH="{{eg_install_path}}/bin:$PATH"'
- name: Check LD_LIBRARY_PATH for opensrf user profile
+ become: true
+ become_user: opensrf
lineinfile:
dest: /home/opensrf/.bash_profile
regexp: '^export LD_LIBRARY_PATH='
line: 'export LD_LIBRARY_PATH="{{eg_install_path}}/lib:/usr/local/lib:/usr/local/lib/dbd:$LD_LIBRARY_PATH"'
- name: Check /etc/hosts file for public.{{domain_name}}
+ become: true
lineinfile:
dest: /etc/hosts
regexp: '^127.0.1.2'
line: '127.0.1.2 public.{{domain_name}}'
- name: Check /etc/hosts file for private.{{domain_name}}
+ become: true
lineinfile:
dest: /etc/hosts
regexp: '^127.0.1.3'
repo: "{{websockets_repository}}"
dest: "/tmp/apache-websocket"
- name: Install Websockets
+ become: true
shell: cd /tmp/apache-websocket && apxs2 -i -a -c mod_websocket.c
- name: register variable websocketsconf
stat: path=/etc/apache2-websockets
register: websocketsconf
- block:
- name: Create Websockets Instance
+ become: true
shell: >
sh /usr/share/doc/apache2/examples/setup-instance websockets
&& a2dismod websocket
- name: Confirm websockets run user is opensrf
+ become: true
lineinfile:
state: present
dest: /etc/apache2-websockets/envvars
regexp: 'APACHE_RUN_USER'
line: 'export APACHE_RUN_USER=opensrf'
- name: Copy Example Websockets apache2.conf
+ become: true
copy:
src: "{{repo_base}}/OpenSRF/examples/apache_24/websockets/apache2.conf"
dest: /etc/apache2-websockets/apache2.conf
when: websocketsconf.stat.isdir is not defined
-# NOTE: restarting websockets here fails because the SSL cert is not yet in place
+# NOTE: restarting websockets here fails because the SSL cert is not yet in place
- hosts: '{{hosts}}'
connection: local
# Every command not explicitly run by opensrf/postgres requires root.
- remote_user: root
+ remote_user: '{{deploy_user}}'
become_method: sudo
vars_files:
- settings.yml
---
hosts: '127.0.0.1'
+deploy_user: opensrf
repo_base: /home/opensrf
os_build_target: ubuntu-xenial
osrf_git_repository: git://git.evergreen-ils.org/OpenSRF.git
projects / working / random.git / commitdiff