Added Ansible for Artifactory 7

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/.travis.yml

@@ -0,0 +1,29 @@
+---
+language: python
+python: "2.7"
+
+# Use the new container infrastructure
+sudo: false
+
+# Install ansible
+addons:
+  apt:
+    packages:
+    - python-pip
+
+install:
+  # Install ansible
+  - pip install ansible
+
+  # Check ansible version
+  - ansible --version
+
+  # Create ansible.cfg with correct roles_path
+  - printf '[defaults]\nroles_path=../' >ansible.cfg
+
+script:
+  # Basic role syntax check
+  - ansible-playbook tests/test.yml -i tests/inventory --syntax-check
+
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/defaults/main.yml

@@ -0,0 +1,29 @@
+---
+# defaults file for artifactory
+# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
+ansible_marketplace: standalone
+
+# The version of Artifactory to install
+artifactory_version: 7.4.1
+
+# whether to enable HA
+artifactory_ha_enabled: true
+
+# value for whether a host is primary. this should be set in host vars
+artifactory_is_primary: false
+
+# The location where Artifactory should install.
+artifactory_download_directory: /opt/jfrog
+
+# The location where Artifactory should store data.
+artifactory_file_store_dir: /data
+
+# Pick the Artifactory flavour to install, can be also cpp-ce, jcr, pro.
+# note that for "pro" version, the artifactory_zip URL would need to be overridden to e.g.:
+# https://dl.bintray.com/jfrog/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/{{ artifactory_version }}/jfrog-artifactory-pro-{{ artifactory_version }}.zip
+# https://dl.bintray.com/jfrog/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/{{ artifactory_version }}/jfrog-artifactory-pro-{{ artifactory_version }}-linux.tar.gz
+artifactory_flavour: pro
+
+java_version: java-1.8.0
+
+extra_java_opts: -server -Xms2g -Xmx14g -Xss256k -XX:+UseG1GC

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/files/nginx.conf

@@ -0,0 +1,37 @@
+#user  nobody;
+worker_processes  1;
+error_log  /var/log/nginx/error.log  info;
+#pid        logs/nginx.pid;
+events {
+    worker_connections  1024;
+}
+http {
+    include       mime.types;
+    variables_hash_max_size 1024;
+    variables_hash_bucket_size 64;
+    server_names_hash_max_size 4096;
+    server_names_hash_bucket_size 128;
+    types_hash_max_size 2048;
+    types_hash_bucket_size 64;
+    proxy_read_timeout 2400s;
+    client_header_timeout 2400s;
+    client_body_timeout 2400s;
+    proxy_connect_timeout 75s;
+    proxy_send_timeout 2400s;
+    proxy_buffer_size 32k;
+    proxy_buffers 40 32k;
+    proxy_busy_buffers_size 64k;
+    proxy_temp_file_write_size 250m;
+    proxy_http_version 1.1;
+    client_body_buffer_size 128k;
+    include    /etc/nginx/conf.d/*.conf;
+    default_type  application/octet-stream;
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+'$status $body_bytes_sent "$http_referer" '
+'"$http_user_agent" "$http_x_forwarded_for"';
+    access_log  /var/log/nginx/access.log  main;
+    sendfile        on;
+    #tcp_nopush     on;
+   #keepalive_timeout  0;
+    keepalive_timeout  65;
+}

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/handlers/main.yml

@@ -0,0 +1,10 @@
+---
+# handlers file for artifactory
+- name: systemctl daemon-reload
+  systemd:
+    daemon_reload: yes
+
+- name: restart artifactory
+  service:
+    name: artifactory
+    state: restarted

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/exception.yml

@@ -0,0 +1,6 @@
+---
+exceptions:
+  - variation: Alpine
+    reason: Artifactory start/stop scripts don't properly work.
+  - variation: amazonlinux:1
+    reason: "Shutting down artifactory: /usr/bin/java\nfinding\nUsing the default catalina management port (8015) to test shutdown\nArtifactory Tomcat already stopped"

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/main.yml

@@ -0,0 +1,35 @@
+---
+galaxy_info:
+  author: Robert de Bock
+  role_name: artifactory
+  description: Install and configure artifactory on your system.
+  license: Apache-2.0
+  company: none
+  min_ansible_version: 2.8
+
+  platforms:
+    - name: Debian
+      versions:
+        - all
+    - name: EL
+      versions:
+        - 7
+        - 8
+    - name: Fedora
+      versions:
+        - all
+    - name: OpenSUSE
+      versions:
+        - all
+    - name: Ubuntu
+      versions:
+        - bionic
+
+  galaxy_tags:
+    - artifactory
+    - centos
+    - redhat
+    - server
+    - system
+
+dependencies: []

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/preferences.yml

@@ -0,0 +1,2 @@
+---
+tox_parallel: yes

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/meta/version.yml

@@ -0,0 +1,6 @@
+---
+project_name: JFrog
+reference: "https://github.com/robertdebock/ansible-role-artifactory/blob/master/defaults/main.yml"
+versions:
+  - name: Artifactory
+    url: "https://dl.bintray.com/jfrog/artifactory/"

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/tasks/main.yml

@@ -0,0 +1,184 @@
+---
+# tasks file for artifactory
+- name: install java
+  include_role:
+    name: artifactory-java
+
+#- name: install nginx
+#  package:
+#    name: nginx
+#    state: present
+#  become: true
+#
+#- name: configure main nginx conf file.
+#  copy:
+#    src: nginx.conf
+#    dest: /etc/nginx/nginx.conf
+#    owner: root
+#    group: root
+#    mode: '0755'
+#  become: true
+#
+#- name: configure the artifactory nginx conf
+#  template:
+#    src: artifactory.conf.j2
+#    dest: /etc/nginx/conf.d/artifactory.conf
+#    owner: root
+#    group: root
+#    mode: '0755'
+#  become: true
+#
+#- name: ensure nginx dir exists
+#  file:
+#    path: "/var/opt/jfrog/nginx/ssl"
+#    state: directory
+#  become: true
+#
+#- name: configure certificate
+#  template:
+#    src: certificate.pem.j2
+#    dest: "/var/opt/jfrog/nginx/ssl/cert.pem"
+#  become: true
+#
+#- name: ensure pki exists
+#  file:
+#    path: "/etc/pki/tls"
+#    state: directory
+#  become: true
+#
+#- name: configure key
+#  template:
+#    src: certificate.key.j2
+#    dest: "/etc/pki/tls/cert.key"
+#  become: true
+#
+#- name: restart nginx
+#  service:
+#    name: nginx
+#    state: started
+#    enabled: yes
+#  become: true
+
+- name: create group for artifactory
+  group:
+    name: "{{ artifactory_group }}"
+    state: present
+  become: true
+
+- name: create user for artifactory
+  user:
+    name: "{{ artifactory_user }}"
+    group: "{{ artifactory_group }}"
+    system: yes
+  become: true
+
+- name: ensure artifactory_download_directory exists
+  file:
+    path: "{{ artifactory_download_directory }}"
+    state: directory
+  become: true
+
+- name: download artifactory
+  unarchive:
+    src: "{{ artifactory_tar }}"
+    dest: "{{ artifactory_download_directory }}"
+    remote_src: yes
+    owner: "{{ artifactory_user }}"
+    group: "{{ artifactory_group }}"
+    creates: "{{ artifactory_home }}"
+  become: true
+  register: downloadartifactory
+  until: downloadartifactory is succeeded
+  retries: 3
+
+- name: ensure artifactory_file_store_dir exists
+  file:
+    path: "{{ artifactory_file_store_dir }}"
+    state: directory
+    owner: "{{ artifactory_user }}"
+    group: "{{ artifactory_group }}"
+  become: true
+
+- name: ensure etc exists
+  file:
+    path: "{{ artifactory_home }}/etc"
+    state: directory
+    owner: "{{ artifactory_user }}"
+    group: "{{ artifactory_group }}"
+  become: true
+
+- name: configure system yaml
+  template:
+    src: system.yaml.j2
+    dest: "{{ artifactory_home }}/var/etc/system.yaml"
+  become: true
+
+- name: configure master key
+  template:
+    src: master.key.j2
+    dest: "{{ artifactory_home }}/var/etc/security/master.key"
+  become: true
+
+- name: configure join key
+  template:
+    src: join.key.j2
+    dest: "{{ artifactory_home }}/var/etc/security/join.key"
+  become: true
+
+- name: ensure {{ artifactory_home }}/var/etc/info/ exists
+  file:
+    path: "{{ artifactory_home }}/var/etc/info/"
+    state: directory
+    owner: "{{ artifactory_user }}"
+    group: "{{ artifactory_group }}"
+  become: true
+
+- name: configure installer info
+  template:
+    src: installer-info.json.j2
+    dest: "{{ artifactory_home }}/var/etc/info/installer-info.json"
+  become: true
+
+- name: configure binary store
+  template:
+    src: binarystore.xml.j2
+    dest: "{{ artifactory_home }}/var/etc/binarystore.xml"
+  become: true
+
+- name: configure cluster license
+  template:
+    src: artifactory.cluster.license.j2
+    dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.cluster.license"
+  become: true
+  when: artifactory_is_primary == true
+
+- name: download database driver
+  get_url:
+    url: "{{ db_download_url }}"
+    dest: "{{ artifactory_home }}/var/bootstrap/artifactory/tomcat/lib"
+    owner: "{{ artifactory_user }}"
+    group: "{{ artifactory_group }}"
+  become: true
+
+- name: create artifactory service
+  shell: "{{ artifactory_home }}/app/bin/installService.sh"
+  become: true
+
+- name: start and enable the primary node
+  service:
+    name: artifactory
+    state: started
+  become: true
+  when: artifactory_is_primary == true
+
+- name: random wait before restarting to prevent secondary nodes from hitting DB first
+  pause:
+    seconds: "{{ 120 | random + 10}}"
+  when: artifactory_is_primary == false
+
+- name: start and enable the secondary nodes
+  service:
+    name: artifactory
+    state: started
+  become: true
+  when: artifactory_is_primary == false

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/artifactory.cluster.license.j2

@@ -0,0 +1,26 @@
+{% if artifactory_license1 %}
+{% if artifactory_license1|length %}
+{{ artifactory_license1 }}
+{% endif %}
+{% endif %}
+{% if artifactory_license2 %}
+
+
+{% if artifactory_license2|length %}
+{{ artifactory_license2 }}
+{% endif %}
+{% endif %}
+{% if artifactory_license3 %}
+
+
+{% if artifactory_license3|length %}
+{{ artifactory_license3 }}
+{% endif %}
+{% endif %}
+{% if artifactory_license4 %}
+
+
+{% if artifactory_license4|length %}
+{{ artifactory_license4 }}
+{% endif %}
+{% endif %}

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/artifactory.conf.j2

@@ -0,0 +1,49 @@
+###########################################################
+## this configuration was generated by JFrog Artifactory ##
+  ###########################################################
+
+  ## add HA entries when ha is configure
+  upstream artifactory {
+  server 127.0.0.1:8082;
+}
+  upstream artifactory-direct {
+  server 127.0.0.1:8081;
+}
+  ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
+  ssl_certificate      /var/opt/jfrog/nginx/ssl/cert.pem;
+  ssl_certificate_key  /etc/pki/tls/cert.key;
+  ssl_session_cache shared:SSL:1m;
+  ssl_prefer_server_ciphers   on;
+  ## server configuration
+  server {
+  listen 443 ssl;
+  listen 80 ;
+  server_name {{ server_name }};
+  if ($http_x_forwarded_proto = '') {
+  set $http_x_forwarded_proto  $scheme;
+  }
+  ## Application specific logs
+  ## access_log /var/log/nginx/artifactory-access.log timing;
+  ## error_log /var/log/nginx/artifactory-error.log;
+  rewrite ^/$ /ui/ redirect;
+  rewrite ^/ui$ /ui/ redirect;
+  chunked_transfer_encoding on;
+  client_max_body_size 0;
+  location / {
+  proxy_read_timeout  2400s;
+  proxy_pass_header   Server;
+  proxy_cookie_path   ~*^/.* /;
+  proxy_pass          http://artifactory;
+  proxy_next_upstream error timeout non_idempotent;
+  proxy_next_upstream_tries    1;
+  proxy_set_header    X-JFrog-Override-Base-Url $http_x_forwarded_proto://$host:$server_port;
+  proxy_set_header    X-Forwarded-Port  $server_port;
+  proxy_set_header    X-Forwarded-Proto $http_x_forwarded_proto;
+  proxy_set_header    Host              $http_host;
+  proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
+
+  location ~ ^/artifactory/ {
+    proxy_pass    http://artifactory-direct;
+    }
+  }
+}

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/binarystore.xml.j2

@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<config version="2">
+    <chain template="cluster-file-system"/>
+</config>

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/certificate.key.j2

@@ -0,0 +1,4 @@
+{% set cert = certificate_key.split('|') %}
+{% for line in cert %}
+{{ line }}
+{% endfor %}

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/certificate.pem.j2

@@ -0,0 +1,4 @@
+{% set cert = certificate.split('|') %}
+{% for line in cert %}
+{{ line }}
+{% endfor %}

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/installer-info.json.j2

@@ -0,0 +1,8 @@
+{
+  "productId": "Ansible_{{ ansible_marketplace }}_artifactory-pro-{{artifactory_version}}/1.0.0",
+  "features": [
+  {
+    "featureId": "Partner/ACC-006973"
+  }
+  ]
+}

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/join.key.j2

@@ -0,0 +1 @@
+{{ join_key }}

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/master.key.j2

@@ -0,0 +1 @@
+{{ master_key }}

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/templates/system.yaml.j2

@@ -0,0 +1,38 @@
+## @formatter:off
+## JFROG ARTIFACTORY SYSTEM CONFIGURATION FILE
+## HOW TO USE: comment-out any field and keep the correct yaml indentation by deleting only the leading '#' character.
+configVersion: 1
+
+## NOTE: JFROG_HOME is a place holder for the JFrog root directory containing the deployed product, the home directory for all JFrog products.
+## Replace JFROG_HOME with the real path! For example, in RPM install, JFROG_HOME=/opt/jfrog
+
+## NOTE: Sensitive information such as passwords and join key are encrypted on first read.
+## NOTE: The provided commented key and value is the default.
+
+## SHARED CONFIGURATIONS
+## A shared section for keys across all services in this config
+shared:
+
+  ## Node Settings
+  node:
+    ## A unique id to identify this node.
+    ## Default: auto generated at startup.
+    id: {{ ansible_machine_id }}
+
+    ## Sets this node as primary in HA installation
+    primary: {{ artifactory_is_primary }}
+
+    ## Sets this node as part of HA installation
+    haEnabled: {{ true }}
+
+  ## Database Configuration
+  database:
+    ## One of: mysql, oracle, mssql, postgresql, mariadb
+    ## Default: Embedded derby
+
+    ## Example for mysql/postgresql
+    type: "{{ db_type }}"
+    driver: "{{ db_driver }}"
+    url: "{{ db_url }}"
+    username: "{{ db_user }}"
+    password: "{{ db_password }}"

Ansible/artifactory7/jfrog/rt7ansible/roles/artifactory/vars/main.yml

@@ -0,0 +1,17 @@
+---
+artifactory_tar: https://dl.bintray.com/jfrog/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/{{ artifactory_version }}/jfrog-artifactory-pro-{{ artifactory_version }}-linux.tar.gz
+artifactory_home: "{{ artifactory_download_directory }}/artifactory-{{ artifactory_flavour }}-{{ artifactory_version }}"
+
+artifactory_user: artifactory
+artifactory_group: artifactory
+
+# Set the parameters required for the service.
+service_list:
+  - name: artifactory
+    description: Start script for Artifactory
+    start_command: "{{ artifactory_home }}/bin/artifactory.sh start"
+    stop_command: "{{ artifactory_home }}/bin/artifactory.sh stop"
+    type: forking
+    status_pattern: artifactory
+    user_name: "{{ artifactory_user }}"
+    group_name: "{{ artifactory_group }}"