mirror of
https://github.com/ZwareBear/JFrog-Cloud-Installers.git
synced 2026-01-21 00:06:55 -06:00
[ansible] JFrog Platform 7.19.4 (#124)
This commit is contained in:
Ram Mohan Rao Chukka
committed by
GitHub
GitHub
parent
c5478f8840
commit
5b9899995b
@@ -1,9 +1,14 @@
|
||||
# JFrog Platform Ansible Collection Changelog
|
||||
All changes to this collection will be documented in this file.
|
||||
|
||||
## [7.9.4] - May 31, 2021
|
||||
* Moved product versions from `groups_vars/all/package_version.yml` to roles/<product>/defaults
|
||||
* Added variable to configure postgres apt key (`postgres_apt_key_url`) and id (`postgres_apt_key_id`)
|
||||
* Squashed bugs from previous release
|
||||
|
||||
## [7.8.6] - May 10, 2021
|
||||
* Fixed broken URLs in ansible galaxy - [108](https://github.com/jfrog/JFrog-Cloud-Installers/issues/108)
|
||||
* Added option to configure system.yaml (using `<product>_systemyaml` variable) and binarystore.xml (using `artifactory_binarystore` variable)
|
||||
* Added variable to configure system.yaml (using `<product>_systemyaml`) and binarystore.xml (using `artifactory_binarystore`)
|
||||
|
||||
## [7.8.5] - May 3, 2021
|
||||
* Added new `jfrog.platform` collection with Artifactory, Distribution, Missioncontrol and Xray roles
|
||||
|
||||
@@ -2,8 +2,8 @@
|
||||
|
||||
This Ansible directory consists of the following directories that support the JFrog Platform collection.
|
||||
|
||||
* [ansible_collections directory](ansible_collections) - This directory contains the Ansible collection package that has the Ansible roles for Artifactory, Distribution, Missioncontrol and Xray. See the roles README for details on the product roles and variables.
|
||||
* [examples directory](examples) - This directory contains example playbooks for various architectures.
|
||||
* ansible_collections directory - This directory contains the Ansible collection package that has the Ansible roles for Artifactory, Distribution, Missioncontrol and Xray. See the roles README for details on the product roles and variables.
|
||||
* examples directory - This directory contains example playbooks for various architectures.
|
||||
|
||||
|
||||
## Getting Started
|
||||
@@ -28,9 +28,9 @@ This Ansible directory consists of the following directories that support the JF
|
||||
|
||||
2. Ansible uses SSH to connect to hosts. Ensure that your SSH private key is on your client and the public keys are installed on your Ansible hosts.
|
||||
|
||||
3. Create your inventory file. Use one of the examples from the [examples directory](examples) to construct an inventory file (hosts.ini) with the host addresses
|
||||
3. Create your inventory file. Use one of the examples from the examples directory to construct an inventory file (hosts.ini) with the host addresses
|
||||
|
||||
4. Create your playbook. Use one of the examples from the [examples directory](examples) to construct a playbook using the JFrog Ansible roles. These roles will be applied to your inventory and provision software.
|
||||
4. Create your playbook. Use one of the examples from the examples directory to construct a playbook using the JFrog Ansible roles. These roles will be applied to your inventory and provision software.
|
||||
|
||||
5. Then execute with the following command to provision the JFrog Platform with Ansible.
|
||||
|
||||
@@ -89,7 +89,7 @@ All JFrog product roles support software updates. To use a role to perform a sof
|
||||
```
|
||||
|
||||
## Building the Collection Archive
|
||||
1. Go to the [ansible_collections/jfrog/platform directory](ansible_collections/jfrog/platform).
|
||||
1. Go to the ansible_collections/jfrog/platform directory.
|
||||
2. Update the galaxy.yml meta file as needed. Update the version.
|
||||
3. Build the archive. (Requires Ansible 2.9+)
|
||||
```
|
||||
|
||||
@@ -9,7 +9,7 @@ namespace: "jfrog"
|
||||
name: "platform"
|
||||
|
||||
# The version of the collection. Must be compatible with semantic versioning
|
||||
version: "7.18.6"
|
||||
version: "7.19.4"
|
||||
|
||||
# The path to the Markdown (.md) readme file. This path is relative to the root of the collection
|
||||
readme: "README.md"
|
||||
@@ -23,7 +23,7 @@ authors:
|
||||
### OPTIONAL but strongly recommended
|
||||
|
||||
# A short summary description of the collection
|
||||
description: "This collection provides roles for installing JFrog Platform which includes Artifactory, Distribution, Mission-control and Xray. Additionally, it provides optional SSL and Postgresql roles if these are needed for your deployment."
|
||||
description: "This collection provides roles for installing JFrog Platform which includes Artifactory, Distribution, Missioncontrol and Xray. Additionally, it provides optional SSL and Postgresql roles if these are needed for your deployment."
|
||||
|
||||
# Either a single license or a list of licenses for content inside of a collection. Ansible Galaxy currently only
|
||||
# accepts L(SPDX,https://spdx.org/licenses/) licenses. This key is mutually exclusive with 'license_file'
|
||||
|
||||
@@ -1,8 +0,0 @@
|
||||
# The version of products to install
|
||||
artifactory_version: 7.18.6
|
||||
xray_version: 3.24.2
|
||||
distribution_version: 2.7.1
|
||||
missioncontrol_version: 4.7.3
|
||||
|
||||
# platform collection version
|
||||
platform_collection_version: 7.18.6
|
||||
Binary file not shown.
Binary file not shown.
@@ -1,7 +1,8 @@
|
||||
---
|
||||
# defaults file for artifactory
|
||||
# indicates where this collection was downloaded from (galaxy, automation_hub, standalone)
|
||||
ansible_marketplace: standalone
|
||||
|
||||
# The version of artifactory to install
|
||||
artifactory_version: 7.19.4
|
||||
|
||||
# Set this to true when SSL is enabled (to use artifactory_nginx_ssl role), default to false (implies artifactory uses artifactory_nginx role )
|
||||
artifactory_nginx_ssl_enabled: false
|
||||
@@ -30,9 +31,6 @@ artifactory_taskAffinity: any
|
||||
# The location where Artifactory should install.
|
||||
jfrog_home_directory: /opt/jfrog
|
||||
|
||||
# The location where Artifactory should store data.
|
||||
artifactory_file_store_dir: /data
|
||||
|
||||
# Pick the Artifactory flavour to install, can be also cpp-ce, jcr, pro.
|
||||
artifactory_flavour: pro
|
||||
|
||||
@@ -42,7 +40,8 @@ artifactory_tar: https://releases.jfrog.io/artifactory/artifactory-pro/org/artif
|
||||
artifactory_home: "{{ jfrog_home_directory }}/artifactory"
|
||||
artifactory_untar_home: "{{ jfrog_home_directory }}/artifactory-{{ artifactory_flavour }}-{{ artifactory_version }}"
|
||||
|
||||
postgres_driver_download_url: https://repo1.maven.org/maven2/org/postgresql/postgresql/42.2.20/postgresql-42.2.20.jar
|
||||
postgres_driver_version: 42.2.20
|
||||
postgres_driver_download_url: https://repo1.maven.org/maven2/org/postgresql/postgresql/{{ postgres_driver_version }}/postgresql-{{ postgres_driver_version }}.jar
|
||||
|
||||
artifactory_user: artifactory
|
||||
artifactory_group: artifactory
|
||||
@@ -59,6 +58,7 @@ artifactory_upgrade_only: false
|
||||
artifactory_admin_username: admin
|
||||
artifactory_admin_password: password
|
||||
|
||||
artifactory_service_file : /lib/systemd/system/artifactory.service
|
||||
|
||||
# Provide binarystore XML content below with 2-space indentation
|
||||
artifactory_binarystore: |-
|
||||
@@ -71,6 +71,8 @@ artifactory_binarystore: |-
|
||||
artifactory_systemyaml: |-
|
||||
configVersion: 1
|
||||
shared:
|
||||
security:
|
||||
joinKey: "{{ join_key }}"
|
||||
extraJavaOpts: "{{ artifactory_extra_java_opts }}"
|
||||
node:
|
||||
id: {{ ansible_hostname }}
|
||||
@@ -86,3 +88,6 @@ artifactory_systemyaml: |-
|
||||
router:
|
||||
entrypoints:
|
||||
internalPort: 8046
|
||||
|
||||
# Note: artifactory_systemyaml_override is by default false, if you want to change default artifactory_systemyaml
|
||||
artifactory_systemyaml_override: false
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
galaxy_info:
|
||||
author: "JFrog Maintainers Team <installers@jfrog.com>"
|
||||
description: "The artifactory role installs the Artifactory Pro software onto the host. Per the Vars below, it will configure a node as primary or secondary. This role uses secondary roles artifactory_nginx to install nginx."
|
||||
description: "The artifactory role installs the Artifactory Pro software onto the host."
|
||||
company: JFrog
|
||||
|
||||
issue_tracker_url: "https://github.com/jfrog/JFrog-Cloud-Installers/issues"
|
||||
|
||||
@@ -5,12 +5,16 @@
|
||||
- name: install nginx
|
||||
include_role:
|
||||
name: artifactory_nginx
|
||||
when: artifactory_nginx_enabled == true
|
||||
when:
|
||||
- artifactory_nginx_enabled | bool
|
||||
- not artifactory_nginx_ssl_enabled | bool
|
||||
|
||||
- name: install nginx with SSL
|
||||
include_role:
|
||||
name: artifactory_nginx_ssl
|
||||
when: artifactory_nginx_ssl_enabled == true
|
||||
when:
|
||||
- not artifactory_nginx_enabled | bool
|
||||
- artifactory_nginx_ssl_enabled | bool
|
||||
|
||||
- name: Ensure group artifactory exist
|
||||
become: yes
|
||||
@@ -64,40 +68,37 @@
|
||||
owner: "{{ artifactory_user }}"
|
||||
group: "{{ artifactory_group }}"
|
||||
loop:
|
||||
- "{{ artifactory_file_store_dir }}"
|
||||
- "{{ artifactory_home }}/var/data"
|
||||
- "{{ artifactory_home }}/var/etc"
|
||||
- "{{ artifactory_home }}/var/etc/security/"
|
||||
- "{{ artifactory_home }}/var/etc/artifactory/info/"
|
||||
|
||||
- name: Check if systemyaml exists
|
||||
become: yes
|
||||
stat:
|
||||
path: "{{ artifactory_home }}/var/etc/system.yaml"
|
||||
register: systemyaml
|
||||
|
||||
- name: Configure systemyaml
|
||||
become: yes
|
||||
template:
|
||||
src: "{{ artifactory_system_yaml_template }}"
|
||||
dest: "{{ artifactory_home }}/var/etc/system.yaml"
|
||||
when:
|
||||
- artifactory_systemyaml is defined
|
||||
- artifactory_systemyaml|length > 0
|
||||
- artifactory_systemyaml_override or (not systemyaml.stat.exists)
|
||||
notify: restart artifactory
|
||||
|
||||
- name: Configure master key
|
||||
become: yes
|
||||
copy:
|
||||
dest: "{{ artifactory_home }}/var/etc/security/master.key"
|
||||
content: |
|
||||
{{ master_key }}
|
||||
content: "{{ master_key }}"
|
||||
owner: "{{ artifactory_user }}"
|
||||
group: "{{ artifactory_group }}"
|
||||
mode: 0640
|
||||
|
||||
- name: Configure join key
|
||||
become: yes
|
||||
copy:
|
||||
dest: "{{ artifactory_home }}/var/etc/security/join.key"
|
||||
content: |
|
||||
{{ join_key }}
|
||||
owner: "{{ artifactory_user }}"
|
||||
group: "{{ artifactory_group }}"
|
||||
mode: 0640
|
||||
notify: restart artifactory
|
||||
|
||||
- name: Configure installer info
|
||||
become: yes
|
||||
template:
|
||||
@@ -110,6 +111,9 @@
|
||||
template:
|
||||
src: binarystore.xml.j2
|
||||
dest: "{{ artifactory_home }}/var/etc/artifactory/binarystore.xml"
|
||||
when:
|
||||
- artifactory_binarystore is defined
|
||||
- artifactory_binarystore|length > 0
|
||||
notify: restart artifactory
|
||||
|
||||
- name: Configure single license
|
||||
@@ -117,7 +121,9 @@
|
||||
template:
|
||||
src: artifactory.lic.j2
|
||||
dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.lic"
|
||||
when: artifactory_single_license is defined
|
||||
when:
|
||||
- artifactory_single_license is defined
|
||||
- artifactory_single_license|length > 0
|
||||
notify: restart artifactory
|
||||
|
||||
- name: Configure HA licenses
|
||||
@@ -125,9 +131,17 @@
|
||||
template:
|
||||
src: artifactory.cluster.license.j2
|
||||
dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.cluster.license"
|
||||
when: artifactory_licenses is defined
|
||||
when:
|
||||
- artifactory_licenses is defined
|
||||
- artifactory_licenses|length > 0
|
||||
notify: restart artifactory
|
||||
|
||||
- name: Check if database driver exists
|
||||
become: yes
|
||||
stat:
|
||||
path: "{{ artifactory_home }}/app/artifactory/tomcat/lib/jf_postgresql-{{ postgres_driver_version }}.jar"
|
||||
register: database_driver
|
||||
|
||||
- name: Download database driver
|
||||
become: yes
|
||||
get_url:
|
||||
@@ -135,12 +149,16 @@
|
||||
dest: "{{ artifactory_home }}/var/bootstrap/artifactory/tomcat/lib"
|
||||
owner: "{{ artifactory_user }}"
|
||||
group: "{{ artifactory_group }}"
|
||||
when: postgres_driver_download_url is defined
|
||||
when:
|
||||
- postgres_driver_download_url is defined
|
||||
- not database_driver.stat.exists
|
||||
notify: restart artifactory
|
||||
|
||||
- name: Create artifactory service
|
||||
become: yes
|
||||
shell: "{{ artifactory_home }}/app/bin/installService.sh"
|
||||
args:
|
||||
creates: "{{ artifactory_service_file }}"
|
||||
|
||||
- name: Ensure permissions are correct
|
||||
become: yes
|
||||
@@ -159,3 +177,4 @@
|
||||
until: result.status == 200
|
||||
retries: 25
|
||||
delay: 5
|
||||
when: not ansible_check_mode
|
||||
|
||||
@@ -2,18 +2,6 @@
|
||||
- debug:
|
||||
msg: "Performing upgrade of Artifactory version to : {{ artifactory_version }} "
|
||||
|
||||
- name: Stop artifactory
|
||||
become: yes
|
||||
systemd:
|
||||
name: "{{ artifactory_daemon }}"
|
||||
state: stopped
|
||||
|
||||
- name: Ensure jfrog_home_directory exists
|
||||
become: yes
|
||||
file:
|
||||
path: "{{ jfrog_home_directory }}"
|
||||
state: directory
|
||||
|
||||
- name: Download artifactory for upgrade
|
||||
become: yes
|
||||
unarchive:
|
||||
@@ -28,33 +16,39 @@
|
||||
until: downloadartifactory is succeeded
|
||||
retries: 3
|
||||
|
||||
- name: Stop artifactory
|
||||
become: yes
|
||||
systemd:
|
||||
name: "{{ artifactory_daemon }}"
|
||||
state: stopped
|
||||
when: downloadartifactory.changed
|
||||
|
||||
- name: Ensure jfrog_home_directory exists
|
||||
become: yes
|
||||
file:
|
||||
path: "{{ jfrog_home_directory }}"
|
||||
state: directory
|
||||
|
||||
- name: Delete artifactory app directory
|
||||
become: yes
|
||||
file:
|
||||
path: "{{ artifactory_home }}/app"
|
||||
state: absent
|
||||
when: downloadartifactory.changed
|
||||
|
||||
- name: Copy new app to artifactory app
|
||||
become: yes
|
||||
command: "cp -r {{ artifactory_untar_home }}/app/. {{ artifactory_home }}/app"
|
||||
|
||||
- name: Configure join key
|
||||
become: yes
|
||||
copy:
|
||||
dest: "{{ artifactory_home }}/var/etc/security/join.key"
|
||||
content: |
|
||||
{{ join_key }}
|
||||
owner: "{{ artifactory_user }}"
|
||||
group: "{{ artifactory_group }}"
|
||||
mode: 0640
|
||||
notify: restart artifactory
|
||||
when: downloadartifactory.changed
|
||||
|
||||
- name: Configure single license
|
||||
become: yes
|
||||
template:
|
||||
src: artifactory.lic.j2
|
||||
dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.lic"
|
||||
when: artifactory_single_license is defined
|
||||
when:
|
||||
- artifactory_single_license is defined
|
||||
- artifactory_single_license|length > 0
|
||||
notify: restart artifactory
|
||||
|
||||
- name: Configure HA licenses
|
||||
@@ -62,7 +56,27 @@
|
||||
template:
|
||||
src: artifactory.cluster.license.j2
|
||||
dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.cluster.license"
|
||||
when: artifactory_licenses is defined
|
||||
when:
|
||||
- artifactory_licenses is defined
|
||||
- artifactory_licenses|length > 0
|
||||
notify: restart artifactory
|
||||
|
||||
- name: Check if database driver exists
|
||||
become: yes
|
||||
stat:
|
||||
path: "{{ artifactory_home }}/app/artifactory/tomcat/lib/jf_postgresql-{{ postgres_driver_version }}.jar"
|
||||
register: database_driver
|
||||
|
||||
- name: Download database driver
|
||||
become: yes
|
||||
get_url:
|
||||
url: "{{ postgres_driver_download_url }}"
|
||||
dest: "{{ artifactory_home }}/var/bootstrap/artifactory/tomcat/lib"
|
||||
owner: "{{ artifactory_user }}"
|
||||
group: "{{ artifactory_group }}"
|
||||
when:
|
||||
- postgres_driver_download_url is defined
|
||||
- not database_driver.stat.exists
|
||||
notify: restart artifactory
|
||||
|
||||
- name: Configure installer info
|
||||
@@ -77,13 +91,26 @@
|
||||
template:
|
||||
src: binarystore.xml.j2
|
||||
dest: "{{ artifactory_home }}/var/etc/artifactory/binarystore.xml"
|
||||
when:
|
||||
- artifactory_binarystore is defined
|
||||
- artifactory_binarystore|length > 0
|
||||
notify: restart artifactory
|
||||
|
||||
- name: Check if systemyaml exists
|
||||
become: yes
|
||||
stat:
|
||||
path: "{{ artifactory_home }}/var/etc/system.yaml"
|
||||
register: systemyaml
|
||||
|
||||
- name: Configure systemyaml
|
||||
become: yes
|
||||
template:
|
||||
src: "{{ artifactory_system_yaml_template }}"
|
||||
dest: "{{ artifactory_home }}/var/etc/system.yaml"
|
||||
when:
|
||||
- artifactory_systemyaml is defined
|
||||
- artifactory_systemyaml|length > 0
|
||||
- artifactory_systemyaml_override or (not systemyaml.stat.exists)
|
||||
notify: restart artifactory
|
||||
|
||||
- name: Ensure permissions are correct
|
||||
@@ -103,3 +130,4 @@
|
||||
until: result.status == 200
|
||||
retries: 25
|
||||
delay: 5
|
||||
when: not ansible_check_mode
|
||||
|
||||
@@ -1,3 +1 @@
|
||||
{% if (artifactory_licenses) and (artifactory_licenses|length > 0) %}
|
||||
{{ artifactory_licenses }}
|
||||
{% endif %}
|
||||
|
||||
@@ -1,3 +1 @@
|
||||
{% if (artifactory_single_license) and (artifactory_single_license|length > 0) %}
|
||||
{{ artifactory_single_license }}
|
||||
{% endif %}
|
||||
|
||||
@@ -1,3 +1 @@
|
||||
{% if (artifactory_binarystore) and (artifactory_binarystore|length > 0) %}
|
||||
{{ artifactory_binarystore }}
|
||||
{% endif %}
|
||||
@@ -1,3 +1 @@
|
||||
{% if (artifactory_systemyaml) and (artifactory_systemyaml|length > 0) %}
|
||||
{{ artifactory_systemyaml }}
|
||||
{% endif %}
|
||||
@@ -0,0 +1,6 @@
|
||||
---
|
||||
# platform collection version
|
||||
platform_collection_version: 7.19.4
|
||||
|
||||
# indicates where this collection was downloaded from (galaxy, automation_hub, standalone)
|
||||
ansible_marketplace: galaxy
|
||||
@@ -1,7 +1,8 @@
|
||||
---
|
||||
# defaults file for distribution
|
||||
# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
|
||||
ansible_marketplace: standalone
|
||||
|
||||
# The version of distribution to install
|
||||
distribution_version: 2.7.1
|
||||
|
||||
# whether to enable HA
|
||||
distribution_ha_enabled: false
|
||||
@@ -21,6 +22,7 @@ distribution_home: "{{ jfrog_home_directory }}/distribution"
|
||||
distribution_install_script_path: "{{ distribution_home }}/app/bin"
|
||||
distribution_thirdparty_path: "{{ distribution_home }}/app/third-party"
|
||||
distribution_archive_service_cmd: "{{ distribution_install_script_path }}/installService.sh"
|
||||
distribution_service_file: /lib/systemd/system/distribution.service
|
||||
|
||||
#distribution users and groups
|
||||
distribution_user: distribution
|
||||
@@ -64,3 +66,6 @@ distribution_systemyaml: |-
|
||||
router:
|
||||
entrypoints:
|
||||
internalPort: 8046
|
||||
|
||||
# Note: distribution_systemyaml_override is by default false, if you want to change default distribution_systemyaml
|
||||
distribution_systemyaml_override: false
|
||||
|
||||
@@ -17,7 +17,7 @@
|
||||
become: yes
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- name: Ensure group jfdistribution exist
|
||||
- name: Ensure group distribution exist
|
||||
become: yes
|
||||
group:
|
||||
name: "{{ distribution_group }}"
|
||||
@@ -77,8 +77,7 @@
|
||||
become: yes
|
||||
copy:
|
||||
dest: "{{ distribution_home }}/var/etc/security/master.key"
|
||||
content: |
|
||||
{{ master_key }}
|
||||
content: "{{ master_key }}"
|
||||
owner: "{{ distribution_user }}"
|
||||
group: "{{ distribution_group }}"
|
||||
mode: 0640
|
||||
@@ -111,11 +110,21 @@
|
||||
dest: "{{ distribution_home }}/var/etc/redis/redis.conf"
|
||||
notify: restart distribution
|
||||
|
||||
- name: Check if systemyaml exists
|
||||
become: yes
|
||||
stat:
|
||||
path: "{{ distribution_home }}/var/etc/system.yaml"
|
||||
register: systemyaml
|
||||
|
||||
- name: Configure systemyaml
|
||||
become: yes
|
||||
template:
|
||||
src: "{{ distribution_system_yaml_template }}"
|
||||
dest: "{{ distribution_home }}/var/etc/system.yaml"
|
||||
when:
|
||||
- distribution_systemyaml is defined
|
||||
- distribution_systemyaml|length > 0
|
||||
- distribution_systemyaml_override or (not systemyaml.stat.exists)
|
||||
notify: restart distribution
|
||||
|
||||
- name: Configure installer info
|
||||
@@ -133,7 +142,6 @@
|
||||
recurse: yes
|
||||
owner: "{{ distribution_user }}"
|
||||
group: "{{ distribution_group }}"
|
||||
mode: '0755'
|
||||
|
||||
- name: Install Distribution as a service
|
||||
become: yes
|
||||
@@ -141,8 +149,17 @@
|
||||
{{ distribution_archive_service_cmd }}
|
||||
args:
|
||||
chdir: "{{ distribution_install_script_path }}"
|
||||
creates: "{{ distribution_service_file }}"
|
||||
register: check_service_status_result
|
||||
ignore_errors: yes
|
||||
|
||||
- name: Update distribution permissions
|
||||
become: yes
|
||||
file:
|
||||
path: "{{ distribution_home }}"
|
||||
state: directory
|
||||
recurse: yes
|
||||
owner: "{{ distribution_user }}"
|
||||
group: "{{ distribution_group }}"
|
||||
|
||||
- name: Restart distribution
|
||||
meta: flush_handlers
|
||||
@@ -153,3 +170,4 @@
|
||||
until: result.status == 200
|
||||
retries: 25
|
||||
delay: 5
|
||||
when: not ansible_check_mode
|
||||
|
||||
@@ -2,12 +2,6 @@
|
||||
- debug:
|
||||
msg: "Performing upgrade of Distribution version to {{ distribution_version }} "
|
||||
|
||||
- name: Stop distribution
|
||||
become: yes
|
||||
systemd:
|
||||
name: "{{ distribution_daemon }}"
|
||||
state: stopped
|
||||
|
||||
- name: Download distribution for upgrade
|
||||
become: yes
|
||||
unarchive:
|
||||
@@ -21,21 +15,31 @@
|
||||
until: downloaddistribution is succeeded
|
||||
retries: 3
|
||||
|
||||
- name: Stop distribution
|
||||
become: yes
|
||||
systemd:
|
||||
name: "{{ distribution_daemon }}"
|
||||
state: stopped
|
||||
when: downloaddistribution.changed
|
||||
|
||||
- name: Delete distribution app
|
||||
become: yes
|
||||
file:
|
||||
path: "{{ distribution_home }}/app"
|
||||
state: absent
|
||||
when: downloaddistribution.changed
|
||||
|
||||
- name: Copy new app to distribution app
|
||||
become: yes
|
||||
command: "cp -r {{ distribution_untar_home }}/app/. {{ distribution_home }}/app"
|
||||
when: downloaddistribution.changed
|
||||
|
||||
- name: Check if install.sh wrapper script exist
|
||||
become: yes
|
||||
stat:
|
||||
path: "{{ distribution_install_script_path }}/install.sh"
|
||||
register: install_wrapper_script
|
||||
when: downloaddistribution.changed
|
||||
|
||||
- name: Include interactive installer scripts
|
||||
include_vars: script/archive.yml
|
||||
@@ -50,7 +54,9 @@
|
||||
apply:
|
||||
environment:
|
||||
YQ_PATH: "{{ distribution_thirdparty_path }}/yq"
|
||||
when: install_wrapper_script.stat.exists
|
||||
when:
|
||||
- install_wrapper_script.stat.exists
|
||||
- downloaddistribution.changed
|
||||
|
||||
- name: Ensure {{ distribution_home }}/var/etc/redis exists
|
||||
become: yes
|
||||
@@ -74,14 +80,24 @@
|
||||
dest: "{{ distribution_home }}/var/etc/info/installer-info.json"
|
||||
notify: restart distribution
|
||||
|
||||
- name: Check if systemyaml exists
|
||||
become: yes
|
||||
stat:
|
||||
path: "{{ distribution_home }}/var/etc/system.yaml"
|
||||
register: systemyaml
|
||||
|
||||
- name: Configure systemyaml
|
||||
become: yes
|
||||
template:
|
||||
src: "{{ distribution_system_yaml_template }}"
|
||||
dest: "{{ distribution_home }}/var/etc/system.yaml"
|
||||
when:
|
||||
- distribution_systemyaml is defined
|
||||
- distribution_systemyaml|length > 0
|
||||
- distribution_systemyaml_override or (not systemyaml.stat.exists)
|
||||
notify: restart distribution
|
||||
|
||||
- name: Update Distribution base dir owner and group
|
||||
- name: Update distribution permissions
|
||||
become: yes
|
||||
file:
|
||||
path: "{{ distribution_home }}"
|
||||
@@ -89,16 +105,6 @@
|
||||
recurse: yes
|
||||
owner: "{{ distribution_user }}"
|
||||
group: "{{ distribution_group }}"
|
||||
mode: '0755'
|
||||
|
||||
- name: Install Distribution as a service
|
||||
become: yes
|
||||
shell: |
|
||||
{{ distribution_archive_service_cmd }}
|
||||
args:
|
||||
chdir: "{{ distribution_install_script_path }}"
|
||||
register: check_service_status_result
|
||||
ignore_errors: yes
|
||||
|
||||
- name: Restart distribution
|
||||
meta: flush_handlers
|
||||
@@ -109,3 +115,4 @@
|
||||
until: result.status == 200
|
||||
retries: 25
|
||||
delay: 5
|
||||
when: not ansible_check_mode
|
||||
|
||||
@@ -1,3 +1 @@
|
||||
{% if (distribution_systemyaml) and (distribution_systemyaml|length > 0) %}
|
||||
{{ distribution_systemyaml }}
|
||||
{% endif %}
|
||||
@@ -1,2 +1,6 @@
|
||||
---
|
||||
# platform collection version
|
||||
platform_collection_version: 7.19.4
|
||||
|
||||
# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
|
||||
ansible_marketplace: galaxy
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
---
|
||||
# defaults file for mc
|
||||
# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
|
||||
ansible_marketplace: standalone
|
||||
|
||||
# The version of missioncontrol to install
|
||||
missioncontrol_version: 4.7.4
|
||||
|
||||
# whether to enable HA
|
||||
mc_ha_enabled: false
|
||||
@@ -12,16 +13,16 @@ mc_ha_node_type : master
|
||||
jfrog_home_directory: /opt/jfrog
|
||||
|
||||
# The remote mc download file
|
||||
mc_tar: https://releases.jfrog.io/artifactory/jfrog-mc/linux/{{ missionControl_version }}/jfrog-mc-{{ missionControl_version }}-linux.tar.gz
|
||||
|
||||
mc_tar: https://releases.jfrog.io/artifactory/jfrog-mc/linux/{{ missioncontrol_version }}/jfrog-mc-{{ missioncontrol_version }}-linux.tar.gz
|
||||
|
||||
#The mc install directory
|
||||
mc_untar_home: "{{ jfrog_home_directory }}/jfrog-mc-{{ missionControl_version }}-linux"
|
||||
mc_untar_home: "{{ jfrog_home_directory }}/jfrog-mc-{{ missioncontrol_version }}-linux"
|
||||
mc_home: "{{ jfrog_home_directory }}/mc"
|
||||
|
||||
mc_install_script_path: "{{ mc_home }}/app/bin"
|
||||
mc_thirdparty_path: "{{ mc_home }}/app/third-party"
|
||||
mc_archive_service_cmd: "{{ mc_install_script_path }}/installService.sh"
|
||||
mc_service_file : /lib/systemd/system/mc.service
|
||||
|
||||
#mc users and groups
|
||||
mc_user: jfmc
|
||||
@@ -94,3 +95,6 @@ mc_systemyaml: |-
|
||||
router:
|
||||
entrypoints:
|
||||
internalPort: 8046
|
||||
|
||||
# Note: mc_systemyaml_override is by default false, if you want to change default mc_systemyaml
|
||||
mc_systemyaml_override: false
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
galaxy_info:
|
||||
author: "JFrog Maintainers Team <installers@jfrog.com>"
|
||||
description: "The missionControl role will install missionControl software onto the host. An Artifactory server and Postgress database is required."
|
||||
description: "The missioncontrol role will install missioncontrol software onto the host. An Artifactory server and Postgress database is required."
|
||||
company: JFrog
|
||||
|
||||
issue_tracker_url: "https://github.com/jfrog/JFrog-Cloud-Installers/issues"
|
||||
@@ -10,7 +10,7 @@ galaxy_info:
|
||||
min_ansible_version: 2.9
|
||||
|
||||
galaxy_tags:
|
||||
- missionControl
|
||||
- missioncontrol
|
||||
- jfrog
|
||||
|
||||
dependencies: []
|
||||
@@ -76,8 +76,7 @@
|
||||
become: yes
|
||||
copy:
|
||||
dest: "{{ mc_home }}/var/etc/security/master.key"
|
||||
content: |
|
||||
{{ master_key }}
|
||||
content: "{{ master_key }}"
|
||||
owner: "{{ mc_user }}"
|
||||
group: "{{ mc_group }}"
|
||||
mode: 0640
|
||||
@@ -113,11 +112,21 @@
|
||||
dest: "{{ mc_home }}/var/etc/info/installer-info.json"
|
||||
notify: restart missioncontrol
|
||||
|
||||
- name: Check if systemyaml exists
|
||||
become: yes
|
||||
stat:
|
||||
path: "{{ mc_home }}/var/etc/system.yaml"
|
||||
register: systemyaml
|
||||
|
||||
- name: Configure systemyaml
|
||||
become: yes
|
||||
template:
|
||||
src: "{{ mc_system_yaml_template }}"
|
||||
dest: "{{ mc_home }}/var/etc/system.yaml"
|
||||
when:
|
||||
- mc_systemyaml is defined
|
||||
- mc_systemyaml|length > 0
|
||||
- mc_systemyaml_override or (not systemyaml.stat.exists)
|
||||
notify: restart missioncontrol
|
||||
|
||||
- name: Update correct permissions
|
||||
@@ -128,7 +137,6 @@
|
||||
recurse: yes
|
||||
owner: "{{ mc_user }}"
|
||||
group: "{{ mc_group }}"
|
||||
mode: '0755'
|
||||
|
||||
- name: Install mc as a service
|
||||
become: yes
|
||||
@@ -136,8 +144,8 @@
|
||||
{{ mc_archive_service_cmd }}
|
||||
args:
|
||||
chdir: "{{ mc_install_script_path }}"
|
||||
creates: "{{ mc_service_file }}"
|
||||
register: check_service_status_result
|
||||
ignore_errors: yes
|
||||
|
||||
- name: Restart missioncontrol
|
||||
meta: flush_handlers
|
||||
@@ -148,3 +156,4 @@
|
||||
until: result.status == 200
|
||||
retries: 25
|
||||
delay: 5
|
||||
when: not ansible_check_mode
|
||||
|
||||
@@ -69,16 +69,15 @@
|
||||
when: check_elasticsearch_package_result.matched > 0
|
||||
|
||||
- name: Ensure /usr/share/elasticsearch exists
|
||||
become: yes
|
||||
file:
|
||||
path: "{{ mc_es_home }}"
|
||||
state: directory
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
become: yes
|
||||
|
||||
- name: Extract elasticsearch package
|
||||
become: yes
|
||||
become_user: elasticsearch
|
||||
ignore_errors: yes
|
||||
unarchive:
|
||||
src: "{{ mc_elasticsearch_package }}"
|
||||
@@ -88,18 +87,21 @@
|
||||
- --strip-components=1
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
creates: "{{ mc_es_java_home }}"
|
||||
register: unarchive_result
|
||||
when: check_elasticsearch_package_result.matched > 0
|
||||
|
||||
- name: Copy elasticsearch config files to ES_PATH_CONF dir
|
||||
become: yes
|
||||
command: "cp -r {{ mc_es_home }}/config/. {{ mc_es_conf_base }}/"
|
||||
when: unarchive_result.changed
|
||||
|
||||
- name: Remove elasticsearch config dir
|
||||
become: yes
|
||||
file:
|
||||
path: "{{ mc_es_home }}/config"
|
||||
state: absent
|
||||
when: unarchive_result.changed
|
||||
|
||||
- name: Generate HA elasticsearch.yml template file
|
||||
become: yes
|
||||
|
||||
@@ -1,31 +1,18 @@
|
||||
- name: Copy elasticsearch certificate
|
||||
- name: Copy elasticsearch cert files
|
||||
become: yes
|
||||
copy:
|
||||
mode: 0600
|
||||
src: files/searchguard/localhost.pem
|
||||
dest: "{{ mc_es_conf_base }}/localhost.pem"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
|
||||
- name: Copy elasticsearch private key
|
||||
become: yes
|
||||
copy:
|
||||
mode: 0600
|
||||
src: files/searchguard/localhost.key
|
||||
dest: "{{ mc_es_conf_base }}/localhost.key"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
|
||||
- name: Copy searchguard root ca
|
||||
become: yes
|
||||
copy:
|
||||
mode: 0600
|
||||
src: files/searchguard/root-ca.pem
|
||||
dest: "{{ mc_es_conf_base }}/root-ca.pem"
|
||||
src: "files/searchguard/{{ item }}"
|
||||
dest: "{{ mc_es_conf_base }}/{{ item }}"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
loop:
|
||||
- "localhost.pem"
|
||||
- "localhost.key"
|
||||
- "root-ca.pem"
|
||||
|
||||
- name: Find searchguard bundle
|
||||
become: yes
|
||||
find:
|
||||
paths: "{{ mc_home }}/app/third-party/elasticsearch/"
|
||||
patterns: "^search-guard-.+\\.zip$"
|
||||
@@ -46,50 +33,30 @@
|
||||
register: install_searchguard_result
|
||||
when: check_searchguard_bundle_result.matched == 1
|
||||
|
||||
- name: Copy searchguard admin certificate
|
||||
- name: Copy searchguard certificate files
|
||||
become: yes
|
||||
copy:
|
||||
mode: 0600
|
||||
src: files/searchguard/sgadmin.pem
|
||||
dest: "{{ mc_es_searchgaurd_home }}/tools/sgadmin.pem"
|
||||
src: "files/searchguard/{{ item }}"
|
||||
dest: "{{ mc_es_searchgaurd_home }}/tools/{{ item }}"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
loop:
|
||||
- "sgadmin.pem"
|
||||
- "sgadmin.key"
|
||||
- "root-ca.pem"
|
||||
|
||||
- name: Copy searchguard admin private key
|
||||
- name: Copy SG roles files
|
||||
become: yes
|
||||
copy:
|
||||
mode: 0600
|
||||
src: files/searchguard/sgadmin.key
|
||||
dest: "{{ mc_es_searchgaurd_home }}/tools/sgadmin.key"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
|
||||
- name: Copy searchguard root ca
|
||||
become: yes
|
||||
copy:
|
||||
mode: 0600
|
||||
src: files/searchguard/root-ca.pem
|
||||
dest: "{{ mc_es_searchgaurd_home }}/tools/root-ca.pem"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
|
||||
- name: Copy roles template
|
||||
become: yes
|
||||
copy:
|
||||
mode: 0600
|
||||
src: files/searchguard/sg_roles.yml
|
||||
dest: "{{ mc_es_searchgaurd_home }}/sgconfig/sg_roles.yml"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
|
||||
- name: Copy roles template
|
||||
become: yes
|
||||
copy:
|
||||
mode: 0600
|
||||
src: files/searchguard/sg_roles_mapping.yml
|
||||
dest: "{{ mc_es_searchgaurd_home }}/sgconfig/sg_roles_mapping.yml"
|
||||
src: "files/searchguard/{{ item }}"
|
||||
dest: "{{ mc_es_searchgaurd_home }}/sgconfig/{{ item }}"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
loop:
|
||||
- "sg_roles.yml"
|
||||
- "sg_roles_mapping.yml"
|
||||
|
||||
- name: Check execution bit
|
||||
become: yes
|
||||
|
||||
@@ -65,7 +65,6 @@
|
||||
|
||||
- name: Extract elasticsearch package
|
||||
become: yes
|
||||
become_user: elasticsearch
|
||||
ignore_errors: yes
|
||||
unarchive:
|
||||
src: "{{ mc_elasticsearch_package }}"
|
||||
|
||||
@@ -1,58 +1,27 @@
|
||||
- name: Create elasticsearch config path folder
|
||||
become: yes
|
||||
file:
|
||||
path: "{{ mc_es_conf_base }}/searchguard"
|
||||
path: "{{ mc_es_conf_base }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
|
||||
- name: Copy elasticsearch certificate
|
||||
- name: Copy elasticsearch cert files
|
||||
become: yes
|
||||
copy:
|
||||
mode: 0600
|
||||
src: files/searchguard/localhost.pem
|
||||
dest: "{{ mc_es_conf_base }}/localhost.pem"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
|
||||
- name: Copy elasticsearch private key
|
||||
become: yes
|
||||
copy:
|
||||
mode: 0600
|
||||
src: files/searchguard/localhost.key
|
||||
dest: "{{ mc_es_conf_base }}/localhost.key"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
|
||||
- name: Copy searchguard admin certificate
|
||||
become: yes
|
||||
copy:
|
||||
mode: 0600
|
||||
src: files/searchguard/sgadmin.pem
|
||||
dest: "{{ mc_es_conf_base }}/searchguard/sgadmin.pem"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
|
||||
- name: Copy searchguard admin private key
|
||||
become: yes
|
||||
copy:
|
||||
mode: 0600
|
||||
src: files/searchguard/sgadmin.key
|
||||
dest: "{{ mc_es_conf_base }}/searchguard/sgadmin.key"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
|
||||
- name: Copy searchguard root ca
|
||||
become: yes
|
||||
copy:
|
||||
mode: 0600
|
||||
src: files/searchguard/root-ca.pem
|
||||
dest: "{{ mc_es_conf_base }}/root-ca.pem"
|
||||
src: "files/searchguard/{{ item }}"
|
||||
dest: "{{ mc_es_conf_base }}/{{ item }}"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
loop:
|
||||
- "localhost.pem"
|
||||
- "localhost.key"
|
||||
- "root-ca.pem"
|
||||
|
||||
- name: Find searchguard bundle
|
||||
become: yes
|
||||
find:
|
||||
paths: "{{ mc_home }}/app/third-party/elasticsearch/"
|
||||
patterns: "^search-guard-.+\\.zip$"
|
||||
@@ -73,28 +42,35 @@
|
||||
register: install_searchguard_result
|
||||
when: check_searchguard_bundle_result.matched == 1
|
||||
|
||||
- name: Copy roles template
|
||||
- name: Copy searchguard cert files
|
||||
become: yes
|
||||
copy:
|
||||
mode: 0600
|
||||
src: files/searchguard/sg_roles.yml
|
||||
dest: "{{ mc_es_home }}/plugins/search-guard-7/sgconfig/sg_roles.yml"
|
||||
src: "files/searchguard/{{ item }}"
|
||||
dest: "{{ mc_es_searchgaurd_home }}/tools/{{ item }}"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
loop:
|
||||
- "sgadmin.pem"
|
||||
- "sgadmin.key"
|
||||
- "root-ca.pem"
|
||||
|
||||
- name: Copy roles template
|
||||
- name: Copy SG roles files
|
||||
become: yes
|
||||
copy:
|
||||
mode: 0600
|
||||
src: files/searchguard/sg_roles_mapping.yml
|
||||
dest: "{{ mc_es_home }}/plugins/search-guard-7/sgconfig/sg_roles_mapping.yml"
|
||||
src: "files/searchguard/{{ item }}"
|
||||
dest: "{{ mc_es_searchgaurd_home }}/sgconfig/{{ item }}"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
loop:
|
||||
- "sg_roles.yml"
|
||||
- "sg_roles_mapping.yml"
|
||||
|
||||
- name: Check execution bit
|
||||
become: yes
|
||||
file:
|
||||
path: "{{ mc_es_home }}/plugins/search-guard-7/tools/sgadmin.sh"
|
||||
path: "{{ mc_es_searchgaurd_home }}/tools/sgadmin.sh"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
mode: 0700
|
||||
|
||||
@@ -2,12 +2,6 @@
|
||||
- debug:
|
||||
msg: "Performing Upgrade of missionControl version - {{ missioncontrol_version }}"
|
||||
|
||||
- name: Stop mc service
|
||||
become: yes
|
||||
systemd:
|
||||
name: "{{ mc_daemon }}"
|
||||
state: stopped
|
||||
|
||||
- name: Download mc for upgrade
|
||||
unarchive:
|
||||
src: "{{ mc_tar }}"
|
||||
@@ -21,30 +15,42 @@
|
||||
until: downloadmc is succeeded
|
||||
retries: 3
|
||||
|
||||
- name: Stop mc service
|
||||
become: yes
|
||||
systemd:
|
||||
name: "{{ mc_daemon }}"
|
||||
state: stopped
|
||||
when: downloadmc.changed
|
||||
|
||||
- name: Delete current app folder
|
||||
become: yes
|
||||
file:
|
||||
path: "{{ mc_home }}/app"
|
||||
state: absent
|
||||
when: downloadmc.changed
|
||||
|
||||
- name: Copy new app to mc app
|
||||
command: "cp -r {{ mc_untar_home }}/app/. {{ mc_home }}/app"
|
||||
become: yes
|
||||
when: downloadmc.changed
|
||||
|
||||
- name: Delete untar directory
|
||||
file:
|
||||
path: "{{ mc_untar_home }}"
|
||||
state: absent
|
||||
become: yes
|
||||
when: downloadmc.changed
|
||||
|
||||
- name: Upgrade elasticsearch
|
||||
import_tasks: upgrade-elasticsearch.yml
|
||||
when: downloadmc.changed
|
||||
|
||||
- name: Check if install.sh wrapper script exist
|
||||
become: yes
|
||||
stat:
|
||||
path: "{{ mc_install_script_path }}/install.sh"
|
||||
register: upgrade_wrapper_script
|
||||
when: downloadmc.changed
|
||||
|
||||
- name: Include interactive installer scripts
|
||||
include_vars: script/archive.yml
|
||||
@@ -59,7 +65,9 @@
|
||||
apply:
|
||||
environment:
|
||||
YQ_PATH: "{{ mc_thirdparty_path }}/yq"
|
||||
when: upgrade_wrapper_script.stat.exists
|
||||
when:
|
||||
- upgrade_wrapper_script.stat.exists
|
||||
- downloadmc.changed
|
||||
|
||||
- name: Configure installer info
|
||||
become: yes
|
||||
@@ -68,11 +76,21 @@
|
||||
dest: "{{ mc_home }}/var/etc/info/installer-info.json"
|
||||
notify: restart missioncontrol
|
||||
|
||||
- name: Check if systemyaml exists
|
||||
become: yes
|
||||
stat:
|
||||
path: "{{ mc_home }}/var/etc/system.yaml"
|
||||
register: systemyaml
|
||||
|
||||
- name: Configure systemyaml
|
||||
become: yes
|
||||
template:
|
||||
src: "{{ mc_system_yaml_template }}"
|
||||
dest: "{{ mc_home }}/var/etc/system.yaml"
|
||||
become: yes
|
||||
when:
|
||||
- mc_systemyaml is defined
|
||||
- mc_systemyaml|length > 0
|
||||
- mc_systemyaml_override or (not systemyaml.stat.exists)
|
||||
notify: restart missioncontrol
|
||||
|
||||
- name: Update correct permissions
|
||||
@@ -83,7 +101,6 @@
|
||||
recurse: yes
|
||||
owner: "{{ mc_user }}"
|
||||
group: "{{ mc_group }}"
|
||||
mode: '0755'
|
||||
|
||||
- name: Restart missioncontrol
|
||||
meta: flush_handlers
|
||||
@@ -94,3 +111,4 @@
|
||||
until: result.status == 200
|
||||
retries: 25
|
||||
delay: 5
|
||||
when: not ansible_check_mode
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
{{ ansible_managed | comment }}
|
||||
{
|
||||
"productId": "Ansible_MissionControl/{{ platform_collection_version }}-{{ missionControl_version }}",
|
||||
"productId": "Ansible_Missioncontrol/{{ platform_collection_version }}-{{ missioncontrol_version }}",
|
||||
"features": [
|
||||
{
|
||||
"featureId": "Channel/{{ ansible_marketplace }}"
|
||||
|
||||
@@ -1,3 +1 @@
|
||||
{% if (mc_systemyaml) and (mc_systemyaml|length > 0) %}
|
||||
{{ mc_systemyaml }}
|
||||
{% endif %}
|
||||
@@ -1 +1,6 @@
|
||||
---
|
||||
# platform collection version
|
||||
platform_collection_version: 7.19.4
|
||||
|
||||
# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
|
||||
ansible_marketplace: galaxy
|
||||
@@ -12,15 +12,15 @@
|
||||
- name: add postgres apt key
|
||||
become: yes
|
||||
apt_key:
|
||||
url: https://www.postgresql.org/media/keys/ACCC4CF8.asc
|
||||
id: "0x7FCC7D46ACCC4CF8"
|
||||
url: "{{ postgres_apt_key_url }}"
|
||||
id: "{{ postgres_apt_key_id }}"
|
||||
validate_certs: no
|
||||
state: present
|
||||
|
||||
- name: register APT repository
|
||||
become: yes
|
||||
apt_repository:
|
||||
repo: deb http://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main
|
||||
repo: "{{ postgres_apt_repository_repo }}"
|
||||
state: present
|
||||
filename: pgdg
|
||||
|
||||
|
||||
@@ -96,7 +96,7 @@
|
||||
become: yes
|
||||
become_user: postgres
|
||||
postgresql_privs:
|
||||
database: "{{ mc_db_name}}"
|
||||
database: "{{ mc_db_name }}"
|
||||
privs: ALL
|
||||
type: schema
|
||||
roles: "{{ mc_db_user }}"
|
||||
|
||||
@@ -4,3 +4,6 @@ postgresql_bin_path: "/usr/lib/postgresql/{{ postgres_version }}/bin"
|
||||
postgresql_config_path: "/etc/postgresql/{{ postgres_version }}/main"
|
||||
postgresql_daemon: postgresql@{{ postgres_version}}-main
|
||||
postgresql_external_pid_file: "/var/run/postgresql/{{ postgres_version }}-main.pid"
|
||||
postgres_apt_key_url: "https://www.postgresql.org/media/keys/ACCC4CF8.asc"
|
||||
postgres_apt_key_id: "0x7FCC7D46ACCC4CF8"
|
||||
postgres_apt_repository_repo: "deb http://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main"
|
||||
@@ -1,7 +1,8 @@
|
||||
---
|
||||
# defaults file for xray
|
||||
# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
|
||||
ansible_marketplace: standalone
|
||||
|
||||
# The version of xray to install
|
||||
xray_version: 3.25.1
|
||||
|
||||
# whether to enable HA
|
||||
xray_ha_enabled: false
|
||||
@@ -21,6 +22,7 @@ xray_home: "{{ jfrog_home_directory }}/xray"
|
||||
xray_install_script_path: "{{ xray_home }}/app/bin"
|
||||
xray_thirdparty_path: "{{ xray_home }}/app/third-party"
|
||||
xray_archive_service_cmd: "{{ xray_install_script_path }}/installService.sh"
|
||||
xray_service_file : /lib/systemd/system/xray.service
|
||||
|
||||
#xray users and groups
|
||||
xray_user: xray
|
||||
@@ -102,3 +104,6 @@ xray_systemyaml: |-
|
||||
router:
|
||||
entrypoints:
|
||||
internalPort: 8046
|
||||
|
||||
# Note: xray_systemyaml_override is by default false, if you want to change default xray_systemyaml
|
||||
xray_systemyaml_override: false
|
||||
|
||||
@@ -79,8 +79,7 @@
|
||||
become: yes
|
||||
copy:
|
||||
dest: "{{ xray_home }}/var/etc/security/master.key"
|
||||
content: |
|
||||
{{ master_key }}
|
||||
content: "{{ master_key }}"
|
||||
owner: "{{ xray_user }}"
|
||||
group: "{{ xray_group }}"
|
||||
mode: 0640
|
||||
@@ -113,7 +112,6 @@
|
||||
environment:
|
||||
YQ_PATH: "{{ xray_thirdparty_path }}/yq"
|
||||
when: install_wrapper_script.stat.exists
|
||||
ignore_errors: yes
|
||||
|
||||
- name: Configure rabbitmq config
|
||||
become: yes
|
||||
@@ -122,11 +120,21 @@
|
||||
dest: "{{ xray_home }}/app/bin/rabbitmq/rabbitmq.conf"
|
||||
notify: restart xray
|
||||
|
||||
- name: Check if systemyaml exists
|
||||
become: yes
|
||||
stat:
|
||||
path: "{{ xray_home }}/var/etc/system.yaml"
|
||||
register: systemyaml
|
||||
|
||||
- name: Configure systemyaml
|
||||
become: yes
|
||||
template:
|
||||
src: "{{ xray_system_yaml_template }}"
|
||||
dest: "{{ xray_home }}/var/etc/system.yaml"
|
||||
when:
|
||||
- xray_systemyaml is defined
|
||||
- xray_systemyaml|length > 0
|
||||
- xray_systemyaml_override or (not systemyaml.stat.exists)
|
||||
notify: restart xray
|
||||
|
||||
- name: Configure installer info
|
||||
@@ -151,8 +159,8 @@
|
||||
{{ xray_archive_service_cmd }}
|
||||
args:
|
||||
chdir: "{{ xray_install_script_path }}"
|
||||
creates: "{{ xray_service_file }}"
|
||||
register: check_service_status_result
|
||||
ignore_errors: yes
|
||||
|
||||
- name: Restart xray
|
||||
meta: flush_handlers
|
||||
@@ -163,3 +171,4 @@
|
||||
until: result.status == 200
|
||||
retries: 25
|
||||
delay: 5
|
||||
when: not ansible_check_mode
|
||||
|
||||
@@ -2,12 +2,6 @@
|
||||
- debug:
|
||||
msg: "Performing upgrade of Xray version to {{ xray_version }}..."
|
||||
|
||||
- name: stop xray
|
||||
become: yes
|
||||
systemd:
|
||||
name: "{{ xray_daemon }}"
|
||||
state: stopped
|
||||
|
||||
- name: download xray for upgrade
|
||||
become: yes
|
||||
unarchive:
|
||||
@@ -17,28 +11,40 @@
|
||||
owner: "{{ xray_user }}"
|
||||
group: "{{ xray_group }}"
|
||||
creates: "{{ xray_untar_home }}"
|
||||
|
||||
register: downloadxray
|
||||
until: downloadxray is succeeded
|
||||
retries: 3
|
||||
|
||||
- name: stop xray
|
||||
become: yes
|
||||
systemd:
|
||||
name: "{{ xray_daemon }}"
|
||||
state: stopped
|
||||
when: downloadxray.changed
|
||||
|
||||
- name: Delete xray app
|
||||
become: yes
|
||||
file:
|
||||
path: "{{ xray_home }}/app"
|
||||
state: absent
|
||||
when: downloadxray.changed
|
||||
|
||||
- name: Copy new app to xray app
|
||||
become: yes
|
||||
command: "cp -r {{ xray_untar_home }}/app/. {{ xray_home }}/app"
|
||||
when: downloadxray.changed
|
||||
|
||||
- name: Upgrade rabbitmq
|
||||
import_tasks: rabbitmq/upgrade/RedHat.yml
|
||||
when: ansible_os_family == 'RedHat'
|
||||
when:
|
||||
- ansible_os_family == 'RedHat'
|
||||
- downloadxray.changed
|
||||
|
||||
- name: Upgrade rabbitmq
|
||||
import_tasks: rabbitmq/upgrade/Debian.yml
|
||||
when: ansible_os_family == 'Debian'
|
||||
when:
|
||||
- ansible_os_family == 'Debian'
|
||||
- downloadxray.changed
|
||||
|
||||
- name: Check if install.sh wrapper script exist
|
||||
become: yes
|
||||
@@ -59,21 +65,34 @@
|
||||
apply:
|
||||
environment:
|
||||
YQ_PATH: "{{ xray_thirdparty_path }}/yq"
|
||||
when: install_wrapper_script.stat.exists
|
||||
ignore_errors: yes
|
||||
when:
|
||||
- install_wrapper_script.stat.exists
|
||||
- downloadxray.changed
|
||||
|
||||
- name: Configure rabbitmq config
|
||||
become: yes
|
||||
template:
|
||||
src: "rabbitmq.conf.j2"
|
||||
dest: "{{ xray_home }}/app/bin/rabbitmq/rabbitmq.conf"
|
||||
when:
|
||||
- downloadxray.changed
|
||||
notify: restart xray
|
||||
|
||||
- name: Check if systemyaml exists
|
||||
become: yes
|
||||
stat:
|
||||
path: "{{ xray_home }}/var/etc/system.yaml"
|
||||
register: systemyaml
|
||||
|
||||
- name: Configure systemyaml
|
||||
become: yes
|
||||
template:
|
||||
src: "{{ xray_system_yaml_template }}"
|
||||
dest: "{{ xray_home }}/var/etc/system.yaml"
|
||||
when:
|
||||
- xray_systemyaml is defined
|
||||
- xray_systemyaml|length > 0
|
||||
- xray_systemyaml_override or (not systemyaml.stat.exists)
|
||||
notify: restart xray
|
||||
|
||||
- name: configure installer info
|
||||
@@ -92,15 +111,6 @@
|
||||
group: "{{ xray_group }}"
|
||||
recurse: yes
|
||||
|
||||
- name: Install xray as a service
|
||||
become: yes
|
||||
shell: |
|
||||
{{ xray_archive_service_cmd }}
|
||||
args:
|
||||
chdir: "{{ xray_install_script_path }}"
|
||||
register: check_service_status_result
|
||||
ignore_errors: yes
|
||||
|
||||
- name: Restart xray
|
||||
meta: flush_handlers
|
||||
|
||||
@@ -110,3 +120,4 @@
|
||||
until: result.status == 200
|
||||
retries: 25
|
||||
delay: 5
|
||||
when: not ansible_check_mode
|
||||
|
||||
@@ -1,2 +1,6 @@
|
||||
---
|
||||
# vars file for xray
|
||||
# platform collection version
|
||||
platform_collection_version: 7.19.4
|
||||
|
||||
# indicates were this collection was downlaoded from (galaxy, automation_hub, standalone)
|
||||
ansible_marketplace: galaxy
|
||||
Reference in New Issue
Block a user