/[pdpsoft]/trunk/eu.rcauth.pilot-ica/DS/ansible/roles/delegserver/tasks/dep-tomcat.yml
ViewVC logotype

Diff of /trunk/eu.rcauth.pilot-ica/DS/ansible/roles/delegserver/tasks/dep-tomcat.yml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 2981 by tamasb, Tue Mar 15 11:48:53 2016 UTC revision 2982 by tamasb, Mon Apr 4 13:54:32 2016 UTC
# Line 17  Line 17 
17      regexp: "^export CATALINA_HOME=.*"      regexp: "^export CATALINA_HOME=.*"
18      insertafter: EOF      insertafter: EOF
19    
20  - name: clean up webapps directory  #- name: clean up webapps directory
21    command: /bin/rm -rf "{{ catalina_home }}/webapps/*"  #  command: /bin/rm -rf "{{ catalina_home }}/webapps/*"
22    when: tomcat_install.changed  #  when: tomcat_install.changed
23    
24  # Install jglobus-jsse and globus-ssl-proxies (this is only needed for limited proxies!)  # Install jglobus-jsse and globus-ssl-proxies (this is only needed for limited proxies!)
25    
# Line 38  Line 38 
38  #    owner: root  #    owner: root
39  #    group: root  #    group: root
40  #    state: link  #    state: link
41  #  with_items: extra_libs.stdout_lines  #  with_items: "{{ extra_libs.stdout_lines }}"
42    
43  # configurations  # configurations
44    
45  # close unused ports?    # close unused ports?  
46    
47  # set tomcatAuthentication="false" so REMOTE_USER will be taken over from apache  # set tomcatAuthentication="false" so REMOTE_USER will be taken over from apache
48    # and only listen on localhost
49    
50  - name: check if tomcat authnetication is disabled (ignore errors)  - name: check if tomcat authnetication is disabled (ignore errors)
51    command: grep 'Connector.*port="8009".*tomcatAuthentication="false"' "{{ catalina_home }}/conf/server.xml"    command: grep 'Connector.*port="8009".*address="127.0.0.1" tomcatAuthentication="false"' "{{ catalina_home }}/conf/server.xml"
52    ignore_errors: True    ignore_errors: True
53    changed_when: False    changed_when: False
54    register: tomcat_auth    register: tomcat_auth
# Line 56  Line 57 
57    lineinfile:    lineinfile:
58       dest: "{{ catalina_home }}/conf/server.xml"       dest: "{{ catalina_home }}/conf/server.xml"
59       regexp: '^(.*)<Connector port="8009"(.*)$'       regexp: '^(.*)<Connector port="8009"(.*)$'
60       line: '\1<Connector port="8009" tomcatAuthentication="false"\2'       line: '\1<Connector port="8009" address="127.0.0.1" tomcatAuthentication="false"\2'
61       backrefs: yes       backrefs: yes
62       owner: "{{ tomcat_user }}"       owner: "{{ tomcat_user }}"
63       group: "{{ tomcat_user }}"       group: "{{ tomcat_user }}"
# Line 64  Line 65 
65    when: tomcat_auth.rc != 0    when: tomcat_auth.rc != 0
66    notify: restart tomcat    notify: restart tomcat
67    
68    # only listen on localhost on 8080
69    
70    - name: check if listening address
71      command: grep 'Connector.*port="8080".*address="127.0.0.1"' "{{ catalina_home }}/conf/server.xml"
72      ignore_errors: True
73      changed_when: False
74      register: tomcat_local_listen
75    
76    - name: disable tomcat authnetication
77      lineinfile:
78         dest: "{{ catalina_home }}/conf/server.xml"
79         regexp: '^(.*)<Connector port="8080"(.*)$'
80         line: '\1<Connector port="8080" address="127.0.0.1" \2'
81         backrefs: yes
82         owner: "{{ tomcat_user }}"
83         group: "{{ tomcat_user }}"
84         mode: 0664
85      when: tomcat_local_listen.rc != 0
86      notify: restart tomcat
87    
88  # add oa4mp configuration parameters  # add oa4mp configuration parameters
89    
90  - name: add oa4mp config parameters to web.xml  - name: add oa4mp config parameters to web.xml

Legend:
Removed from v.2981  
changed lines
  Added in v.2982

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28