/[pdpsoft]/trunk/novalocal-test-delegserver/DS/roles/delegserver/tasks/dep-tomcat.yml
ViewVC logotype

Annotation of /trunk/novalocal-test-delegserver/DS/roles/delegserver/tasks/dep-tomcat.yml

Parent Directory Parent Directory | Revision Log Revision Log


Revision 3086 - (hide annotations) (download) (as text)
Mon Aug 15 14:24:28 2016 UTC (5 years, 9 months ago) by tamasb
File MIME type: text/x-yaml
File size: 4360 byte(s)
make backups of tomcate config files 

and change ownership of oa2-cli to root

1 msalle 3079 ---
2    
3     # Install tomcat
4    
5     - name: install tomcat
6     yum:
7     name: "{{ item }}"
8     state: present
9     with_items: "{{ tomcat_packages }}"
10     register: tomcat_install
11    
12     - name: add CATALINA_HOME to bashrc
13     lineinfile:
14     dest: /etc/bashrc
15     state: present
16     line: "export CATALINA_HOME={{ catalina_home }}"
17     regexp: "^export CATALINA_HOME=.*"
18     insertafter: EOF
19 tamasb 3086 backup: yes
20 msalle 3079
21     #- name: clean up webapps directory
22     # command: /bin/rm -rf "{{ catalina_home }}/webapps/*"
23     # when: tomcat_install.changed
24    
25     # Install jglobus-jsse and globus-ssl-proxies (this is only needed for limited proxies!)
26    
27     #- name: install jglobus
28     # yum: name={{ item }} state=present
29     # with_items: "{{ tomcat_extra_packages }}"
30    
31     #- name: find extra jar libraries for linking
32     # command: find "{{ tomcat_extra_libs }}" -maxdepth 1 -type f -name '*.jar' -exec basename {} \;
33     # register: extra_libs
34    
35     #- name: make a link to the jglobus jars
36     # file:
37     # src: "{{ tomcat_extra_libs }}/{{ item }}"
38     # dest: "{{ catalina_home }}/lib/{{ item }}"
39     # owner: root
40     # group: root
41     # state: link
42     # with_items: "{{ extra_libs.stdout_lines }}"
43    
44     # configurations
45    
46     # close unused ports?
47    
48     # set tomcatAuthentication="false" so REMOTE_USER will be taken over from apache
49     # and only listen on localhost
50    
51     - name: check if tomcat authnetication is disabled (ignore errors)
52     command: grep 'Connector.*port="8009".*address="127.0.0.1" tomcatAuthentication="false"' "{{ catalina_home }}/conf/server.xml"
53     ignore_errors: True
54     changed_when: False
55     register: tomcat_auth
56    
57     - name: disable tomcat authnetication
58     lineinfile:
59     dest: "{{ catalina_home }}/conf/server.xml"
60     regexp: '^(.*)<Connector port="8009"(.*)$'
61     line: '\1<Connector port="8009" address="127.0.0.1" tomcatAuthentication="false"\2'
62     backrefs: yes
63     owner: "{{ tomcat_user }}"
64     group: "{{ tomcat_user }}"
65     mode: 0664
66 tamasb 3086 backup: yes
67 msalle 3079 when: tomcat_auth.rc != 0
68     notify: restart tomcat
69    
70     # only listen on localhost on 8080
71    
72     - name: check if listening address
73     command: grep 'Connector.*port="8080".*address="127.0.0.1"' "{{ catalina_home }}/conf/server.xml"
74     ignore_errors: True
75     changed_when: False
76     register: tomcat_local_listen
77    
78     - name: disable tomcat authnetication
79     lineinfile:
80     dest: "{{ catalina_home }}/conf/server.xml"
81     regexp: '^(.*)<Connector port="8080"(.*)$'
82     line: '\1<Connector port="8080" address="127.0.0.1" \2'
83     backrefs: yes
84     owner: "{{ tomcat_user }}"
85     group: "{{ tomcat_user }}"
86     mode: 0664
87 tamasb 3086 backup: yes
88 msalle 3079 when: tomcat_local_listen.rc != 0
89     notify: restart tomcat
90    
91     # add oa4mp configuration parameters
92    
93     - name: add oa4mp config parameters to web.xml
94     blockinfile:
95     dest: "{{ catalina_home }}/conf/web.xml"
96     marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->"
97     insertbefore: "</web-app>"
98     owner: "{{ tomcat_user }}"
99     group: "{{ tomcat_user }}"
100     mode: 0664
101     block: |
102     <context-param>
103     <param-name>oa4mp:oauth2.server.config.file</param-name>
104     <param-value>{{ oa4mp_server_conf_file }}</param-value>
105     </context-param>
106     <context-param>
107     <param-name>oa4mp:oauth2.server.config.name</param-name>
108     <param-value>default</param-value>
109     </context-param>
110     notify: restart tomcat
111    
112     # add javax.mail jar
113    
114     - name: download javax.mail jar
115     get_url:
116     url: "{{ javax_mail_url }}"
117     dest: "{{ catalina_home }}/lib/javax.mail.jar"
118     - name: set permission on javax.mail
119     file:
120     path: "{{ catalina_home }}/lib/javax.mail.jar"
121     owner: root
122     group: root
123     mode: 0644
124    
125     # add mail resource to context.xml
126    
127     - name: add mail resource to context.xml
128     lineinfile:
129     dest: "{{ catalina_home }}/conf/context.xml"
130     state: present
131     line: "<Resource name=\"mail/Session\" type=\"javax.mail.Session\" auth=\"Container\"></Resource>"
132     insertbefore: "</Context>"
133     mode: 0664
134     owner: "{{ tomcat_user }}"
135     group: "{{ tomcat_user }}"
136 tamasb 3086 backup: yes
137 msalle 3079 notify: restart tomcat
138    
139     # configure the private X509_CERT_DIR as an environmental variable
140    
141     - name: set private X509_CERT_DIR variable
142     lineinfile:
143     dest: "{{ catalina_home }}/conf/tomcat.conf"
144     state: present
145     line: "X509_CERT_DIR=\"{{ oa4mp_server_certificates_dir }}\""
146     mode: 0664
147     owner: "{{ tomcat_user }}"
148     group: "{{ tomcat_user }}"
149 tamasb 3086 backup: yes
150 msalle 3079 notify: restart tomcat
151    

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28