--- # Install tomcat - name: install tomcat yum: name: "{{ item }}" state: present with_items: "{{ tomcat_packages }}" register: tomcat_install - name: add CATALINA_HOME to bashrc lineinfile: dest: /etc/bashrc state: present line: "export CATALINA_HOME={{ catalina_home }}" regexp: "^export CATALINA_HOME=.*" insertafter: EOF backup: yes #- name: install javamail (for javax.mail) # yum: name={{ item }} state=present # with_items: "{{ tomcat_extra_packages }}" #- name: clean up webapps directory # command: /bin/rm -rf "{{ catalina_home }}/webapps/*" # when: tomcat_install.changed # Install jglobus-jsse and globus-ssl-proxies (this is only needed for limited proxies!) #- name: install jglobus # yum: name={{ item }} state=present # with_items: "{{ tomcat_jglobus_packages }}" #- name: find extra jar libraries for linking # command: find "{{ tomcat_extra_libs }}" -maxdepth 1 -type f -name '*.jar' -exec basename {} \; # register: extra_libs #- name: make a link to the jglobus jars # file: # src: "{{ tomcat_extra_libs }}/{{ item }}" # dest: "{{ catalina_home }}/lib/{{ item }}" # owner: root # group: root # state: link # with_items: "{{ extra_libs.stdout_lines }}" # configurations # close unused ports? # set tomcatAuthentication="false" so REMOTE_USER will be taken over from apache # and only listen on localhost - name: check if tomcat authentication is disabled (ignore errors) command: grep 'Connector.*port="8009".*address="127.0.0.1" tomcatAuthentication="false"' "{{ catalina_home }}/conf/server.xml" ignore_errors: True changed_when: False register: tomcat_auth - name: disable tomcat authnetication lineinfile: dest: "{{ catalina_home }}/conf/server.xml" regexp: '^(.*)" insertbefore: "" owner: "{{ tomcat_user }}" group: "{{ tomcat_user }}" mode: 0664 block: | oa4mp:oauth2.server.config.file {{ oa4mp_server_conf_file }} oa4mp:oauth2.server.config.name default notify: restart tomcat # add javax.mail jar # Note: we could use the RPM for javamail, but is ancient and only for CentOS7 - name: download javax.mail jar get_url: url: "{{ javax_mail_url }}" dest: "{{ catalina_home }}/lib/javax.mail.jar" - name: set permission on javax.mail file: path: "{{ catalina_home }}/lib/javax.mail.jar" owner: root group: root mode: 0644 # add mail resource to context.xml - name: add mail resource to context.xml lineinfile: dest: "{{ catalina_home }}/conf/context.xml" state: present line: "" insertbefore: "" mode: 0664 owner: "{{ tomcat_user }}" group: "{{ tomcat_user }}" backup: yes notify: restart tomcat # configure the private X509_CERT_DIR as an environmental variable - name: set private X509_CERT_DIR variable lineinfile: dest: "{{ catalina_home }}/conf/tomcat.conf" state: present line: "X509_CERT_DIR=\"{{ oa4mp_server_certificates_dir }}\"" mode: 0664 owner: "{{ tomcat_user }}" group: "{{ tomcat_user }}" backup: yes notify: restart tomcat