parent
a44375fa3a
commit
91de91bd71
20 changed files with 235 additions and 5 deletions
@ -0,0 +1,17 @@ |
||||
--- |
||||
|
||||
# Veresion of diagrams to deploy |
||||
diagrams_version: 13.8.8 |
||||
# URL of the WAR file to deploy |
||||
diagrams_war_url: https://github.com/jgraph/drawio/releases/download/v{{ diagrams_version }}/draw.war |
||||
# Expected sha1 of the WAR file |
||||
diagrams_war_sha1: 99bf8957ab3a4ea11a33387ccd824183007c3ddc |
||||
# root directory of the installation |
||||
diagrams_root_dir: /opt/diagrams |
||||
# Should ansible manage upgrades, or just initial install ? |
||||
diagrams_manage_upgrade: True |
||||
# Port on which the tomcat instance will listen. |
||||
# Note that it'll also use this port +1 for shutdown requests, but only on 127.0.0.1 |
||||
diagrams_port: 8182 |
||||
# List of IP addresses (or CIDR) allowed to access tomcat port |
||||
diagrams_src_ip: [] |
@ -0,0 +1,4 @@ |
||||
--- |
||||
|
||||
- name: restart diagrams |
||||
service: name=tomcat@diagrams state=restarted |
@ -0,0 +1,2 @@ |
||||
--- |
||||
|
@ -0,0 +1,14 @@ |
||||
--- |
||||
|
||||
- name: Compress previous version |
||||
command: tar cf {{ diagrams_root_dir }}/archives/{{ diagrams_current_version }}.tar.zst --use-compress-program=zstd ./ |
||||
environment: |
||||
ZST_CLEVEL: 10 |
||||
args: |
||||
chdir: "{{ diagrams_root_dir }}/archives/{{ diagrams_current_version }}" |
||||
warn: False |
||||
tags: diagrams |
||||
|
||||
- name: Remove the arachive directory |
||||
file: path={{ diagrams_root_dir }}/archives/{{ diagrams_current_version }} state=absent |
||||
tags: diagrams |
@ -0,0 +1,9 @@ |
||||
--- |
||||
|
||||
- name: Create the archive dir |
||||
file: path={{ diagrams_root_dir }}/archives/{{ diagrams_current_version }} state=directory |
||||
tags: diagrams |
||||
|
||||
- name: Copy the war archive |
||||
copy: src={{ diagrams_root_dir }}/tomcat/webapps/draw.war dest={{ diagrams_root_dir }}/archives/{{ diagrams_current_version }} remote_src=True |
||||
tags: diagrams |
@ -0,0 +1,7 @@ |
||||
--- |
||||
|
||||
- name: Remove tmp and obsolete files |
||||
file: path={{ item }} state=absent |
||||
loop: |
||||
- "{{ diagrams_root_dir }}/tmp/draw.war" |
||||
tags: diagrams |
@ -0,0 +1,21 @@ |
||||
--- |
||||
|
||||
- name: Deploy sysconfig |
||||
template: src=sysconfig.j2 dest=/etc/sysconfig/tomcat@diagrams |
||||
notify: restart diagrams |
||||
tags: diagrams |
||||
|
||||
- name: Deploy tomcat configuration |
||||
template: src={{ item }}.j2 dest={{ diagrams_root_dir }}/conf/{{ item }} group=tomcat mode=640 |
||||
loop: |
||||
- server.xml |
||||
notify: restart diagrams |
||||
tags: diagrams |
||||
|
||||
- name: Link configuration files |
||||
file: state=link src=/etc/tomcat/{{ item }} dest={{ diagrams_root_dir }}/conf/{{ item }} |
||||
loop: |
||||
- web.xml |
||||
- logging.properties |
||||
notify: restart diagrams |
||||
tags: diagrams |
@ -0,0 +1,38 @@ |
||||
--- |
||||
|
||||
- name: Create directories |
||||
file: path={{ item.dir }} state=directory owner={{ item.owner | default(omit) }} group={{ item.group | default(omit) }} mode={{ item.mode | default(omit) }} |
||||
loop: |
||||
- dir: "{{ diagrams_root_dir }}/" |
||||
group: tomcat |
||||
- dir: "{{ diagrams_root_dir }}/webapps" |
||||
group: tomcat |
||||
mode: 770 |
||||
- dir: "{{ diagrams_root_dir }}/conf" |
||||
group: tomcat |
||||
- dir: "{{ diagrams_root_dir }}/conf/Catalina" |
||||
owner: tomcat |
||||
mode: 700 |
||||
- dir: "{{ diagrams_root_dir }}/tmp" |
||||
group: tomcat |
||||
mode: 770 |
||||
- dir: "{{ diagrams_root_dir }}/logs" |
||||
owner: tomcat |
||||
mode: 700 |
||||
- dir: "{{ diagrams_root_dir }}/work" |
||||
owner: tomcat |
||||
mode: 700 |
||||
- dir: "{{ diagrams_root_dir }}/meta" |
||||
mode: 700 |
||||
- dir: "{{ diagrams_root_dir }}/archives" |
||||
mode: 700 |
||||
tags: diagrams |
||||
|
||||
- name: Create symlinks |
||||
file: state=link src={{ item.src }} dest={{ item.dest }} |
||||
loop: |
||||
- src: /usr/share/tomcat/bin/ |
||||
dest: "{{ diagrams_root_dir }}/bin" |
||||
- src: /usr/share/java/tomcat |
||||
dest: "{{ diagrams_root_dir }}/lib" |
||||
tags: diagrams |
@ -0,0 +1,12 @@ |
||||
--- |
||||
|
||||
- import_tasks: ../includes/webapps_set_install_mode.yml |
||||
vars: |
||||
- root_dir: "{{ diagrams_root_dir }}" |
||||
- version: "{{ diagrams_version }}" |
||||
tags: diagrams |
||||
|
||||
- block: |
||||
- set_fact: diagrams_install_mode={{ (install_mode == 'upgrade' and not diagrams_manage_upgrade) | ternary('none',install_mode) }} |
||||
- set_fact: diagrams_current_version={{ current_version | default('') }} |
||||
tags: diagrams |
@ -0,0 +1,14 @@ |
||||
--- |
||||
|
||||
- when: diagrams_install_mode != 'none' |
||||
block: |
||||
- name: Download diagrams WAR |
||||
get_url: |
||||
url: "{{ diagrams_war_url }}" |
||||
dest: "{{ diagrams_root_dir }}/tmp/draw.war" |
||||
checksum: sha1:{{ diagrams_war_sha1 }} |
||||
|
||||
- name: Move WAR to the webapp dir |
||||
copy: src={{ diagrams_root_dir }}/tmp/draw.war dest={{ diagrams_root_dir }}/webapps/draw.war remote_src=True |
||||
|
||||
tags: diagrams |
@ -0,0 +1,9 @@ |
||||
--- |
||||
|
||||
- name: Handle diagrams port in the firewall |
||||
iptables_raw: |
||||
name: diagrams_port |
||||
state: "{{ (diagrams_src_ip | length > 0) | ternary('present','absent') }}" |
||||
rules: "-A INPUT -m state --state NEW -p tcp --dport {{ diagrams_port }} -s {{ diagrams_src_ip | join(',') }} -j ACCEPT" |
||||
tags: firewall,diagrams |
||||
|
@ -0,0 +1,23 @@ |
||||
--- |
||||
|
||||
- name: Install tomcat |
||||
yum: |
||||
name: |
||||
- tomcat |
||||
tags: diagrams |
||||
|
||||
- include: directories.yml |
||||
- include: facts.yml |
||||
- include: archive_pre.yml |
||||
when: diagrams_install_mode == 'upgrade' |
||||
- include: install.yml |
||||
- include: conf.yml |
||||
- include: selinux.yml |
||||
when: ansible_selinux.status == 'enabled' |
||||
- include: iptables.yml |
||||
when: iptables_manage | default(True) |
||||
- include: services.yml |
||||
- include: write_version.yml |
||||
- include: archive_post.yml |
||||
when: diagrams_install_mode == 'upgrade' |
||||
- include: cleanup.yml |
@ -0,0 +1,25 @@ |
||||
--- |
||||
|
||||
- name: Allow tomcat to bind on diagrams' port |
||||
seport: ports={{ diagrams_port }},{{ diagrams_port + 1 }} proto=tcp setype=http_port_t state=present |
||||
tags: diagrams |
||||
|
||||
- name: Set SELinux context |
||||
sefcontext: |
||||
target: "{{ item.target }}" |
||||
setype: "{{ item.type }}" |
||||
state: present |
||||
loop: |
||||
- target: "{{ diagrams_root_dir }}/webapps(/.*)?" |
||||
type: tomcat_var_lib_t |
||||
- target: "{{ diagrams_root_dir }}/(work|tmp)(/.*)?" |
||||
type: tomcat_cache_t |
||||
- target: "{{ diagrams_root_dir }}/logs(/.*)?" |
||||
type: tomcat_log_t |
||||
register: diagrams_sefcontext |
||||
tags: diagrams |
||||
|
||||
- name: Restore file contexts |
||||
command: restorecon -R {{ diagrams_root_dir }} |
||||
when: diagrams_sefcontext.results | selectattr('changed','equalto',True) | list | length > 0 |
||||
tags: diagrams |
@ -0,0 +1,5 @@ |
||||
--- |
||||
|
||||
- name: start and enable diagrams |
||||
service: name=tomcat@diagrams state=started enabled=True |
||||
tags: diagrams |
@ -0,0 +1,5 @@ |
||||
--- |
||||
|
||||
- name: Write installed version |
||||
copy: content={{ diagrams_version }} dest={{ diagrams_root_dir }}/meta/ansible_version |
||||
tags: diagrams |
@ -0,0 +1,22 @@ |
||||
<?xml version='1.0' encoding='utf-8'?> |
||||
<Server port="{{ diagrams_port | int + 1 }}" shutdown="SHUTDOWN"> |
||||
<Listener className="org.apache.catalina.startup.VersionLoggerListener" /> |
||||
<Listener className="org.apache.catalina.core.JasperListener" /> |
||||
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" /> |
||||
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> |
||||
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" /> |
||||
|
||||
<Service name="Catalina"> |
||||
<Connector port="{{ diagrams_port }}" protocol="HTTP/1.1" |
||||
connectionTimeout="20000" /> |
||||
<Engine name="Catalina" defaultHost="diagrams"> |
||||
<Host name="diagrams" appBase="webapps" |
||||
unpackWARs="true" autoDeploy="true"> |
||||
<Context path="" docBase="draw"></Context> |
||||
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" |
||||
prefix="diagrams_access_log." suffix=".txt" |
||||
pattern="%h %l %u %t "%r" %s %b" /> |
||||
</Host> |
||||
</Engine> |
||||
</Service> |
||||
</Server> |
@ -0,0 +1,3 @@ |
||||
CATALINA_BASE="{{ diagrams_root_dir }}" |
||||
CATALINA_HOME="{{ diagrams_root_dir }}" |
||||
CATALINA_TMPDIR="{{ diagrams_root_dir }}/tmp" |
Loading…
Reference in new issue