/[pdpsoft]/trunk/novalocal-test-delegserver/DS/roles/delegserver/tasks/dep-tomcat.yml
ViewVC logotype

Contents of /trunk/novalocal-test-delegserver/DS/roles/delegserver/tasks/dep-tomcat.yml

Parent Directory Parent Directory | Revision Log Revision Log


Revision 3086 - (show annotations) (download) (as text)
Mon Aug 15 14:24:28 2016 UTC (5 years, 9 months ago) by tamasb
File MIME type: text/x-yaml
File size: 4360 byte(s)
make backups of tomcate config files 

and change ownership of oa2-cli to root

1 ---
2
3 # Install tomcat
4
5 - name: install tomcat
6 yum:
7 name: "{{ item }}"
8 state: present
9 with_items: "{{ tomcat_packages }}"
10 register: tomcat_install
11
12 - name: add CATALINA_HOME to bashrc
13 lineinfile:
14 dest: /etc/bashrc
15 state: present
16 line: "export CATALINA_HOME={{ catalina_home }}"
17 regexp: "^export CATALINA_HOME=.*"
18 insertafter: EOF
19 backup: yes
20
21 #- name: clean up webapps directory
22 # command: /bin/rm -rf "{{ catalina_home }}/webapps/*"
23 # when: tomcat_install.changed
24
25 # Install jglobus-jsse and globus-ssl-proxies (this is only needed for limited proxies!)
26
27 #- name: install jglobus
28 # yum: name={{ item }} state=present
29 # with_items: "{{ tomcat_extra_packages }}"
30
31 #- name: find extra jar libraries for linking
32 # command: find "{{ tomcat_extra_libs }}" -maxdepth 1 -type f -name '*.jar' -exec basename {} \;
33 # register: extra_libs
34
35 #- name: make a link to the jglobus jars
36 # file:
37 # src: "{{ tomcat_extra_libs }}/{{ item }}"
38 # dest: "{{ catalina_home }}/lib/{{ item }}"
39 # owner: root
40 # group: root
41 # state: link
42 # with_items: "{{ extra_libs.stdout_lines }}"
43
44 # configurations
45
46 # close unused ports?
47
48 # set tomcatAuthentication="false" so REMOTE_USER will be taken over from apache
49 # and only listen on localhost
50
51 - name: check if tomcat authnetication is disabled (ignore errors)
52 command: grep 'Connector.*port="8009".*address="127.0.0.1" tomcatAuthentication="false"' "{{ catalina_home }}/conf/server.xml"
53 ignore_errors: True
54 changed_when: False
55 register: tomcat_auth
56
57 - name: disable tomcat authnetication
58 lineinfile:
59 dest: "{{ catalina_home }}/conf/server.xml"
60 regexp: '^(.*)<Connector port="8009"(.*)$'
61 line: '\1<Connector port="8009" address="127.0.0.1" tomcatAuthentication="false"\2'
62 backrefs: yes
63 owner: "{{ tomcat_user }}"
64 group: "{{ tomcat_user }}"
65 mode: 0664
66 backup: yes
67 when: tomcat_auth.rc != 0
68 notify: restart tomcat
69
70 # only listen on localhost on 8080
71
72 - name: check if listening address
73 command: grep 'Connector.*port="8080".*address="127.0.0.1"' "{{ catalina_home }}/conf/server.xml"
74 ignore_errors: True
75 changed_when: False
76 register: tomcat_local_listen
77
78 - name: disable tomcat authnetication
79 lineinfile:
80 dest: "{{ catalina_home }}/conf/server.xml"
81 regexp: '^(.*)<Connector port="8080"(.*)$'
82 line: '\1<Connector port="8080" address="127.0.0.1" \2'
83 backrefs: yes
84 owner: "{{ tomcat_user }}"
85 group: "{{ tomcat_user }}"
86 mode: 0664
87 backup: yes
88 when: tomcat_local_listen.rc != 0
89 notify: restart tomcat
90
91 # add oa4mp configuration parameters
92
93 - name: add oa4mp config parameters to web.xml
94 blockinfile:
95 dest: "{{ catalina_home }}/conf/web.xml"
96 marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->"
97 insertbefore: "</web-app>"
98 owner: "{{ tomcat_user }}"
99 group: "{{ tomcat_user }}"
100 mode: 0664
101 block: |
102 <context-param>
103 <param-name>oa4mp:oauth2.server.config.file</param-name>
104 <param-value>{{ oa4mp_server_conf_file }}</param-value>
105 </context-param>
106 <context-param>
107 <param-name>oa4mp:oauth2.server.config.name</param-name>
108 <param-value>default</param-value>
109 </context-param>
110 notify: restart tomcat
111
112 # add javax.mail jar
113
114 - name: download javax.mail jar
115 get_url:
116 url: "{{ javax_mail_url }}"
117 dest: "{{ catalina_home }}/lib/javax.mail.jar"
118 - name: set permission on javax.mail
119 file:
120 path: "{{ catalina_home }}/lib/javax.mail.jar"
121 owner: root
122 group: root
123 mode: 0644
124
125 # add mail resource to context.xml
126
127 - name: add mail resource to context.xml
128 lineinfile:
129 dest: "{{ catalina_home }}/conf/context.xml"
130 state: present
131 line: "<Resource name=\"mail/Session\" type=\"javax.mail.Session\" auth=\"Container\"></Resource>"
132 insertbefore: "</Context>"
133 mode: 0664
134 owner: "{{ tomcat_user }}"
135 group: "{{ tomcat_user }}"
136 backup: yes
137 notify: restart tomcat
138
139 # configure the private X509_CERT_DIR as an environmental variable
140
141 - name: set private X509_CERT_DIR variable
142 lineinfile:
143 dest: "{{ catalina_home }}/conf/tomcat.conf"
144 state: present
145 line: "X509_CERT_DIR=\"{{ oa4mp_server_certificates_dir }}\""
146 mode: 0664
147 owner: "{{ tomcat_user }}"
148 group: "{{ tomcat_user }}"
149 backup: yes
150 notify: restart tomcat
151

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28