From 0640f677d4b637cb82151f0dedbda9bb1e766f3c Mon Sep 17 00:00:00 2001 From: Andrei Darashenka Date: Thu, 17 Aug 2017 15:21:00 +0200 Subject: [PATCH 1/9] fatal syntax typo --- tasks/8.5-acls.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/8.5-acls.yml b/tasks/8.5-acls.yml index 9126237..bdf3540 100644 --- a/tasks/8.5-acls.yml +++ b/tasks/8.5-acls.yml @@ -28,7 +28,7 @@ - name: Update installation executables access controls tags: tomcat become: true - when: ((((ansible_local|default([])).util|default([])).init|default([])).system|default('')) != "systemd" }}' + when: ((((ansible_local|default([])).util|default([])).init|default([])).system|default('')) != "systemd" with_items: - catalina.sh - setclasspath.sh From 8b5e2a198bda6815fc9db0fdaf0f523111ea9c78 Mon Sep 17 00:00:00 2001 From: Andrei Darashenka Date: Thu, 17 Aug 2017 22:33:39 +0200 Subject: [PATCH 2/9] use specified path instead of auto-generated --- VERSION | 2 +- tasks/main.yml | 13 +++++++------ templates/facts.j2 | 2 +- templates/service_systemd.j2 | 24 ++++++++++++------------ templates/service_systemd_envfile.j2 | 2 +- templates/service_sysvinit.j2 | 4 ++-- templates/service_upstart.j2 | 4 ++-- 7 files changed, 26 insertions(+), 25 deletions(-) diff --git a/VERSION b/VERSION index f06fa6c..bfd03ab 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -241 +242 diff --git a/tasks/main.yml b/tasks/main.yml index 2e5cb14..88494ad 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -144,7 +144,7 @@ - "{{ tomcat_instance_dirs }}" file: state: directory - dest: "{{ item.0.path|default(tomcat_default_instance_path) }}/catalina/{{ item.0.name }}/{{ item.1 }}" + dest: "{{ item.0.path|default(tomcat_default_instance_path) }}/{{ item.1 }}" owner: "{{ item.0.user|default(tomcat_default_user_name) }}" group: "{{ item.0.group|default(tomcat_default_user_group) }}" mode: 0755 @@ -161,6 +161,7 @@ -1 --ignore=web.xml --ignore=server.xml + --ignore=tomcat-users.xml {{ tomcat_env_catalina_home }}/conf - name: Install static/unmanaged conf files @@ -175,9 +176,9 @@ --group {{ item.0.group|default(tomcat_default_user_group) }} --mode 0640 {{ tomcat_env_catalina_home }}/conf/{{ item.1 }} - {{ item.0.path|default(tomcat_default_instance_path) }}/catalina/{{ item.0.name }}/conf/{{ item.1 }} + {{ item.0.path|default(tomcat_default_instance_path) }}/conf/{{ item.1 }} args: - creates: "{{ item.0.path|default(tomcat_default_instance_path) }}/catalina/{{ item.0.name }}/conf/{{ item.1 }}" + creates: "{{ item.0.path|default(tomcat_default_instance_path) }}/conf/{{ item.1 }}" - name: Install instance server.xml @@ -187,7 +188,7 @@ register: tomcat_registered_install_server_xml template: src: "{{ item.server_xml_template|default(tomcat_default_server_xml_template) }}" - dest: "{{ item.path|default(tomcat_default_instance_path) }}/catalina/{{ item.name }}/conf/server.xml" + dest: "{{ item.path|default(tomcat_default_instance_path) }}/conf/server.xml" owner: "{{ item.user|default(tomcat_default_user_name) }}" group: "{{ item.group|default(tomcat_default_user_group) }}" mode: 0640 @@ -199,7 +200,7 @@ register: tomcat_registered_install_web_xml template: src: "{{ item.web_xml_template|default(tomcat_default_web_xml_template) }}" - dest: "{{ item.path|default(tomcat_default_instance_path) }}/catalina/{{ item.name }}/conf/web.xml" + dest: "{{ item.path|default(tomcat_default_instance_path) }}/conf/web.xml" owner: "{{ item.user|default(tomcat_default_user_name) }}" group: "{{ item.group|default(tomcat_default_user_group) }}" mode: 0640 @@ -215,7 +216,7 @@ register: tomcat_registered_install_instance_environment_files template: src: service_systemd_envfile.j2 - dest: "{{ item.path|default(tomcat_default_instance_path) }}/catalina/{{ item.name }}/.systemd.conf" + dest: "{{ item.path|default(tomcat_default_instance_path) }}/.systemd.conf" owner: "{{ item.user|default(tomcat_default_user_name) }}" group: "{{ item.group|default(tomcat_default_user_group) }}" mode: 0644 diff --git a/templates/facts.j2 b/templates/facts.j2 index 25e8c1a..13b56b7 100644 --- a/templates/facts.j2 +++ b/templates/facts.j2 @@ -11,7 +11,7 @@ "instances": { {% for instance in tomcat_instances %} "{{ instance.name }}": { - "catalina_base": "{{ instance.path|default(tomcat_default_instance_path) }}/catalina/{{ instance.name }}", + "catalina_base": "{{ instance.path|default(tomcat_default_instance_path) }}", "port": { "shutdown": {{ instance.port_shutdown|default(tomcat_default_port_shutdown) }}, "connector": {{ instance.port_connector|default(tomcat_default_port_connector) }}, diff --git a/templates/service_systemd.j2 b/templates/service_systemd.j2 index 3433620..72ab6bb 100644 --- a/templates/service_systemd.j2 +++ b/templates/service_systemd.j2 @@ -16,14 +16,14 @@ Environment=CATALINA_HOME={{ tomcat_env_catalina_home }} {% if item.service_name|default(tomcat_default_service_name)|search('@') %} EnvironmentFile=-{{ item.path|default(tomcat_default_instance_path) }}/catalina/%i/.systemd.conf {% else %} -EnvironmentFile=-{{ item.path|default(tomcat_default_instance_path) }}/catalina/{{ item.name }}/.systemd.conf +EnvironmentFile=-{{ item.path|default(tomcat_default_instance_path) }}/.systemd.conf {% endif %} ExecStart={{ ansible_local.java.general.java_home }}/bin/java \ {% if item.service_name|default(tomcat_default_service_name)|search('@') %} -Djava.util.logging.config.file={{ item.path|default(tomcat_default_instance_path) }}/catalina/%i/conf/logging.properties \ {% else %} - -Djava.util.logging.config.file={{ item.path|default(tomcat_default_instance_path) }}/catalina/{{ item.name }}/conf/logging.properties \ + -Djava.util.logging.config.file={{ item.path|default(tomcat_default_instance_path) }}/conf/logging.properties \ {% endif %} -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager \ {% if item.prefer_urandom|default(tomcat_default_prefer_urandom) %} @@ -32,14 +32,14 @@ ExecStart={{ ansible_local.java.general.java_home }}/bin/java \ -Djava.endorsed.dirs={{ tomcat_env_catalina_home }}/endorsed \ -Dcatalina.home={{ tomcat_env_catalina_home }} \ {% if item.service_name|default(tomcat_default_service_name)|search('@') %} - -Dcatalina.base={{ item.path|default(tomcat_default_instance_path) }}/catalina/%i \ + -Dcatalina.base={{ item.path|default(tomcat_default_instance_path) }} \ {% else %} - -Dcatalina.base={{ item.path|default(tomcat_default_instance_path) }}/catalina/{{ item.name }} \ + -Dcatalina.base={{ item.path|default(tomcat_default_instance_path) }} \ {% endif %} {% if item.service_name|default(tomcat_default_service_name)|search('@') %} - -Djava.io.tmpdir={{ item.path|default(tomcat_default_instance_path) }}/catalina/%i/temp \ + -Djava.io.tmpdir={{ item.path|default(tomcat_default_instance_path) }}/temp \ {% else %} - -Djava.io.tmpdir={{ item.path|default(tomcat_default_instance_path) }}/catalina/{{ item.name }}/temp \ + -Djava.io.tmpdir={{ item.path|default(tomcat_default_instance_path) }}/temp \ {% endif %} {% if item.prefer_ipv4|default(tomcat_default_prefer_ipv4) %} -Djava.net.preferIPv4Stack=true \ @@ -52,9 +52,9 @@ ExecStart={{ ansible_local.java.general.java_home }}/bin/java \ ExecStop={{ ansible_local.java.general.java_home }}/bin/java \ {% if item.service_name|default(tomcat_default_service_name)|search('@') %} - -Djava.util.logging.config.file={{ item.path|default(tomcat_default_instance_path) }}/catalina/%i/conf/logging.properties \ + -Djava.util.logging.config.file={{ item.path|default(tomcat_default_instance_path) }}/conf/logging.properties \ {% else %} - -Djava.util.logging.config.file={{ item.path|default(tomcat_default_instance_path) }}/catalina/{{ item.name }}/conf/logging.properties \ + -Djava.util.logging.config.file={{ item.path|default(tomcat_default_instance_path) }}/conf/logging.properties \ {% endif %} -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager \ {% if item.prefer_urandom|default(tomcat_default_prefer_urandom) %} @@ -63,14 +63,14 @@ ExecStop={{ ansible_local.java.general.java_home }}/bin/java \ -Djava.endorsed.dirs={{ tomcat_env_catalina_home }}/endorsed \ -Dcatalina.home={{ tomcat_env_catalina_home }} \ {% if item.service_name|default(tomcat_default_service_name)|search('@') %} - -Dcatalina.base={{ item.path|default(tomcat_default_instance_path) }}/catalina/%i \ + -Dcatalina.base={{ item.path|default(tomcat_default_instance_path) }} \ {% else %} - -Dcatalina.base={{ item.path|default(tomcat_default_instance_path) }}/catalina/{{ item.name }} \ + -Dcatalina.base={{ item.path|default(tomcat_default_instance_path) }} \ {% endif %} {% if item.service_name|default(tomcat_default_service_name)|search('@') %} - -Djava.io.tmpdir={{ item.path|default(tomcat_default_instance_path) }}/catalina/%i/temp \ + -Djava.io.tmpdir={{ item.path|default(tomcat_default_instance_path) }}/temp \ {% else %} - -Djava.io.tmpdir={{ item.path|default(tomcat_default_instance_path) }}/catalina/{{ item.name }}/temp \ + -Djava.io.tmpdir={{ item.path|default(tomcat_default_instance_path) }}/temp \ {% endif %} {% if item.prefer_ipv4|default(tomcat_default_prefer_ipv4) %} -Djava.net.preferIPv4Stack=true \ diff --git a/templates/service_systemd_envfile.j2 b/templates/service_systemd_envfile.j2 index 433ce58..5f14c7d 100644 --- a/templates/service_systemd_envfile.j2 +++ b/templates/service_systemd_envfile.j2 @@ -1,2 +1,2 @@ -CATALINA_BASE={{ item.path|default(tomcat_default_instance_path) }}/catalina/{{ item.name }} +CATALINA_BASE={{ item.path|default(tomcat_default_instance_path) }} CATALINA_OPTS={{ item.catalina_opts|default(tomcat_default_catalina_opts) }} diff --git a/templates/service_sysvinit.j2 b/templates/service_sysvinit.j2 index 65b9ce8..a1213d8 100644 --- a/templates/service_sysvinit.j2 +++ b/templates/service_sysvinit.j2 @@ -13,8 +13,8 @@ export TOMCAT_GROUP={{ item.group|default(tomcat_default_user_group ) }} export JAVA_HOME={{ ansible_local.java.general.java_home }} export PATH=${PATH}:${JAVA_HOME}/bin export CATALINA_HOME={{ tomcat_env_catalina_home }} -export CATALINA_BASE={{ item.path|default(tomcat_default_instance_path) }}/catalina/{{ item.name }} -export CATALINA_PID={{ item.path|default(tomcat_default_instance_path) }}/catalina/{{ item.name }}/{{ item.name }}.pid +export CATALINA_BASE={{ item.path|default(tomcat_default_instance_path) }} +export CATALINA_PID={{ item.path|default(tomcat_default_instance_path) }}/{{ item.name }}.pid export CATALINA_OPTS="{{ item.catalina_opts|default(tomcat_default_catalina_opts) }}" {% if item.prefer_ipv4|default(tomcat_default_prefer_ipv4) %} export CATALINA_OPTS="${CATALINA_OPTS} -Djava.net.preferIPv4Stack=true" diff --git a/templates/service_upstart.j2 b/templates/service_upstart.j2 index faf4a12..cd20b5e 100644 --- a/templates/service_upstart.j2 +++ b/templates/service_upstart.j2 @@ -10,7 +10,7 @@ setgid {{ item.group|default(tomcat_default_user_group) }} env JAVA_HOME={{ ansible_local.java.general.java_home }} env CATALINA_HOME={{ tomcat_env_catalina_home }} -env CATALINA_BASE={{ item.path|default(tomcat_default_instance_path) }}/catalina/{{ item.name }} +env CATALINA_BASE={{ item.path|default(tomcat_default_instance_path) }} {% if item.prefer_ipv4|default(tomcat_default_prefer_ipv4) %} env CATALINA_OPTS="{{ item.catalina_opts|default(tomcat_default_catalina_opts) }} -Djava.net.preferIPv4Stack=true" {% else %} @@ -25,5 +25,5 @@ script end script post-stop script - rm -rf {{ item.path|default(tomcat_default_instance_path) }}/catalina/{{ item.name }}/temp/* + rm -rf {{ item.path|default(tomcat_default_instance_path) }}/temp/* end script From 393c44ef2bfd4ea7e38c63931206e8957e7d5560 Mon Sep 17 00:00:00 2001 From: Andrei Darashenka Date: Fri, 18 Aug 2017 09:08:01 +0200 Subject: [PATCH 3/9] generate tomcat-users.xml as well --- README.md | 12 +++++++++++- defaults/main.yml | 2 ++ tasks/main.yml | 11 +++++++++++ templates/tomcat-users.xml.j2 | 9 +++++++++ 4 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 templates/tomcat-users.xml.j2 diff --git a/README.md b/README.md index f156af5..83d89e1 100644 --- a/README.md +++ b/README.md @@ -104,7 +104,17 @@ instance. The following variables are legit to configure per instance. * ``service_file``: Init system configuration file per instance, e.g. tomcat.conf for Upstart (string, default: ``{{ tomcat_default_service_file }}`` (see ``vars/service/*.yml``)) * ``service_name``: Init system service name per instance, e.g. tomcat@foo.service for Systemd (string, default: ``{{ tomcat_default_service_name }}`` (see ``vars/service/*.yml``)) * ``umask``: Allow to configure umask for Tomcat instance (oct, default: ``|default('')``) -* ``systemd_default_instance``: Allow to configure default instance for Systemd templated service (string, default: ``None`` }} +* ``systemd_default_instance``: Allow to configure default instance for Systemd templated service (string, default: ``None`` +* ``auth_roles``: which roles should be created in tomcat-users.xml (list of strings, default: []) +* ``auth_users``: which users should be created in tomcat-users.xml (list of auth_users, see below. default: []) + +### auth_users + +Users to be configured in tomcat_users.xml + +* ``name``: username +* ``password``: password in plaintext +* ``roles``: which roles should be configured Configuring more than one instance requires to configure some of the variables documented above per instance. Please see example playbooks diff --git a/defaults/main.yml b/defaults/main.yml index 1b4f8a1..0d3a50e 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -27,6 +27,8 @@ tomcat_default_user_system: false # Tomcat configuration # Default template for configuration file server.xml tomcat_default_server_xml_template: server.xml.j2 +# Default template for configuration file tomcat-users.xml +tomcat_default_tomcatusers_xml_template: tomcat-users.xml.j2 # Default template for configuration file web.xml tomcat_default_web_xml_template: web.xml.j2 # Default shutdown port (per instance name: item.port_shutdown) diff --git a/tasks/main.yml b/tasks/main.yml index 88494ad..7f7536f 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -180,6 +180,17 @@ args: creates: "{{ item.0.path|default(tomcat_default_instance_path) }}/conf/{{ item.1 }}" +- name: Install instance tomcat-users.xml + tags: tomcat + become: true + with_items: "{{ tomcat_instances }}" + register: tomcat_registered_install_tomcatusers_xml + template: + src: "{{ item.tomcatusers_xml_template|default(tomcat_default_tomcatusers_xml_template) }}" + dest: "{{ item.path|default(tomcat_default_instance_path) }}/conf/tomcat-users.xml" + owner: "{{ item.user|default(tomcat_default_user_name) }}" + group: "{{ item.group|default(tomcat_default_user_group) }}" + mode: 0640 - name: Install instance server.xml tags: tomcat diff --git a/templates/tomcat-users.xml.j2 b/templates/tomcat-users.xml.j2 new file mode 100644 index 0000000..6407612 --- /dev/null +++ b/templates/tomcat-users.xml.j2 @@ -0,0 +1,9 @@ + + +{% for role in item.auth_roles|default([]) %} + +{% endfor %} +{% for user in item.auth_users|default([]) %} + +{% endfor %} + From beace786a1ee473de8cd8bea1b8dc333a26608f8 Mon Sep 17 00:00:00 2001 From: Andrei Darashenka Date: Fri, 18 Aug 2017 12:05:49 +0200 Subject: [PATCH 4/9] fix start/stop service for systemd (missed java_opts and catalina_opts). Add Real-IP valve --- README.md | 5 +++++ templates/server.xml.j2 | 15 ++++++++++----- templates/service_systemd.j2 | 29 ++++------------------------- 3 files changed, 19 insertions(+), 30 deletions(-) diff --git a/README.md b/README.md index 83d89e1..6c56cab 100644 --- a/README.md +++ b/README.md @@ -105,6 +105,11 @@ instance. The following variables are legit to configure per instance. * ``service_name``: Init system service name per instance, e.g. tomcat@foo.service for Systemd (string, default: ``{{ tomcat_default_service_name }}`` (see ``vars/service/*.yml``)) * ``umask``: Allow to configure umask for Tomcat instance (oct, default: ``|default('')``) * ``systemd_default_instance``: Allow to configure default instance for Systemd templated service (string, default: ``None`` +* ``proxy_header``: header from proxy to determine real-ip (string, default ``x-forwared-for``) +* ``proxy_ip_internal_regex``: java-regexp which proxies are internal to evaluate real-ip (string. default ``10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}`` ) +* ``proxy_protocol_header``: header from proxy to determine HTTP/HTTPS connction (string, default ``x-forwarded-proto``) +* ``proxy_protocol_https_value``: value for the header if conection is secure (string, default: ``https``) +* ``server_xml_add1``: additional text to put in server.xml, e.g. Valves configs (string, default empty) * ``auth_roles``: which roles should be created in tomcat-users.xml (list of strings, default: []) * ``auth_users``: which users should be created in tomcat-users.xml (list of auth_users, see below. default: []) diff --git a/templates/server.xml.j2 b/templates/server.xml.j2 index 8ee968e..61cc107 100644 --- a/templates/server.xml.j2 +++ b/templates/server.xml.j2 @@ -61,12 +61,17 @@ + requestAttributesEnabled="true" + prefix="access_log." suffix=".log" + pattern="%h %l %u %t "%r" %s %B %T %D %F %X %I" /> + + {{ item.server_xml_add1|default('') }} - - - diff --git a/templates/service_systemd.j2 b/templates/service_systemd.j2 index 72ab6bb..7f2a167 100644 --- a/templates/service_systemd.j2 +++ b/templates/service_systemd.j2 @@ -1,9 +1,10 @@ [Unit] -Description=Tomcat servlet container +Description=Tomcat servlet container {{ item.name|default('') }} After=network.target [Service] User={{ item.user|default(tomcat_default_user_name) }} +Group={{ item.group|default(tomcat_default_user_group) }} {% if item.umask is defined %} UMask={{ item.umask }} {% endif %} @@ -20,30 +21,19 @@ EnvironmentFile=-{{ item.path|default(tomcat_default_instance_path) }}/.systemd. {% endif %} ExecStart={{ ansible_local.java.general.java_home }}/bin/java \ -{% if item.service_name|default(tomcat_default_service_name)|search('@') %} - -Djava.util.logging.config.file={{ item.path|default(tomcat_default_instance_path) }}/catalina/%i/conf/logging.properties \ -{% else %} -Djava.util.logging.config.file={{ item.path|default(tomcat_default_instance_path) }}/conf/logging.properties \ -{% endif %} -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager \ {% if item.prefer_urandom|default(tomcat_default_prefer_urandom) %} -Djava.security.egd=file:/dev/./urandom \ {% endif %} -Djava.endorsed.dirs={{ tomcat_env_catalina_home }}/endorsed \ -Dcatalina.home={{ tomcat_env_catalina_home }} \ -{% if item.service_name|default(tomcat_default_service_name)|search('@') %} - -Dcatalina.base={{ item.path|default(tomcat_default_instance_path) }} \ -{% else %} -Dcatalina.base={{ item.path|default(tomcat_default_instance_path) }} \ -{% endif %} -{% if item.service_name|default(tomcat_default_service_name)|search('@') %} - -Djava.io.tmpdir={{ item.path|default(tomcat_default_instance_path) }}/temp \ -{% else %} -Djava.io.tmpdir={{ item.path|default(tomcat_default_instance_path) }}/temp \ -{% endif %} {% if item.prefer_ipv4|default(tomcat_default_prefer_ipv4) %} -Djava.net.preferIPv4Stack=true \ {% endif %} + $JAVA_OPTS $CATALINA_OPTS \ {% if tomcat_version|version_compare('8.5', '>=') %} -Djava.protocol.handler.pkgs=org.apache.catalina.webresources \ {% endif %} @@ -51,30 +41,19 @@ ExecStart={{ ansible_local.java.general.java_home }}/bin/java \ org.apache.catalina.startup.Bootstrap start ExecStop={{ ansible_local.java.general.java_home }}/bin/java \ -{% if item.service_name|default(tomcat_default_service_name)|search('@') %} -Djava.util.logging.config.file={{ item.path|default(tomcat_default_instance_path) }}/conf/logging.properties \ -{% else %} - -Djava.util.logging.config.file={{ item.path|default(tomcat_default_instance_path) }}/conf/logging.properties \ -{% endif %} -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager \ {% if item.prefer_urandom|default(tomcat_default_prefer_urandom) %} -Djava.security.egd=file:/dev/./urandom \ {% endif %} -Djava.endorsed.dirs={{ tomcat_env_catalina_home }}/endorsed \ -Dcatalina.home={{ tomcat_env_catalina_home }} \ -{% if item.service_name|default(tomcat_default_service_name)|search('@') %} - -Dcatalina.base={{ item.path|default(tomcat_default_instance_path) }} \ -{% else %} -Dcatalina.base={{ item.path|default(tomcat_default_instance_path) }} \ -{% endif %} -{% if item.service_name|default(tomcat_default_service_name)|search('@') %} -Djava.io.tmpdir={{ item.path|default(tomcat_default_instance_path) }}/temp \ -{% else %} - -Djava.io.tmpdir={{ item.path|default(tomcat_default_instance_path) }}/temp \ -{% endif %} {% if item.prefer_ipv4|default(tomcat_default_prefer_ipv4) %} -Djava.net.preferIPv4Stack=true \ {% endif %} + $JAVA_OPTS \ {% if tomcat_version|version_compare('8.5', '>=') %} -Djava.protocol.handler.pkgs=org.apache.catalina.webresources \ {% endif %} From eb7b33ce5ca31e5f2243eee817c1a0ef26660e27 Mon Sep 17 00:00:00 2001 From: Andrei Darashenka Date: Tue, 22 Aug 2017 07:31:52 +0200 Subject: [PATCH 5/9] fix too strict version definition --- defaults/main.yml | 7 ++++++- vars/main.yml | 6 ------ 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 0d3a50e..08b8b59 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -3,6 +3,12 @@ tomcat_default_version: '8.0.37' tomcat_version: "{{ ansible_local['tomcat']['general']['version'] if ansible_local['tomcat'] is defined else tomcat_default_version }}" +# abstract Tomcat major version +tomcat_version_major: "{{ tomcat_version|truncate(1, True, '') }}" + +# filename of Tomcat redistributable package +tomcat_redis_filename: apache-tomcat-{{ tomcat_version }}.tar.gz + # Mirror where to dowload Tomcat redistributable package from tomcat_mirror: http://archive.apache.org/dist/tomcat # Allow to override where to download Tomcat from @@ -62,7 +68,6 @@ tomcat_server_sysvinit_template: service_sysvinit.j2 # template for systemd tomcat_server_systemd_template: service_systemd.j2 - # Whether to allow or deny restarting Tomcat instances automatically tomcat_service_allow_restart: true diff --git a/vars/main.yml b/vars/main.yml index 9a40fbc..c06d9cb 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -11,12 +11,6 @@ tomcat_supported_distributions: - RedHat - OracleLinux -# filename of Tomcat redistributable package -tomcat_redis_filename: apache-tomcat-{{ tomcat_version }}.tar.gz - -# abstract Tomcat major version -tomcat_version_major: "{{ tomcat_version|truncate(1, True, '') }}" - # instances base directory tomcat_instance_dirs: - conf From f260adc5ae9f727ae6764869d4ad0def51bf7eda Mon Sep 17 00:00:00 2001 From: Andrei Darashenka Date: Fri, 19 Jan 2018 17:14:35 +0100 Subject: [PATCH 6/9] Allow increasing nofile limits --- templates/service_systemd.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/templates/service_systemd.j2 b/templates/service_systemd.j2 index 7f2a167..a002c89 100644 --- a/templates/service_systemd.j2 +++ b/templates/service_systemd.j2 @@ -8,6 +8,7 @@ Group={{ item.group|default(tomcat_default_user_group) }} {% if item.umask is defined %} UMask={{ item.umask }} {% endif %} +LimitNOFILE={{ item.LimitNOFILE|default(1040000) }} {% if item.systemd_default_instance is defined %} DefaultInstance={{ item.systemd_default_instance }} {% endif %} From 45dcc757cdb4e496fc5941ca18a85d4577c650e4 Mon Sep 17 00:00:00 2001 From: Andrei Darashenka Date: Sat, 20 Jan 2018 17:46:46 +0100 Subject: [PATCH 7/9] remove double dots in access.log --- templates/server.xml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/server.xml.j2 b/templates/server.xml.j2 index 61cc107..4c1d5b2 100644 --- a/templates/server.xml.j2 +++ b/templates/server.xml.j2 @@ -62,7 +62,7 @@ unpackWARs="true" autoDeploy="true"> Date: Sat, 20 Jan 2018 18:18:09 +0100 Subject: [PATCH 8/9] possibility to specify access.log dir --- README.md | 1 + templates/server.xml.j2 | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 6c56cab..06ce348 100644 --- a/README.md +++ b/README.md @@ -112,6 +112,7 @@ instance. The following variables are legit to configure per instance. * ``server_xml_add1``: additional text to put in server.xml, e.g. Valves configs (string, default empty) * ``auth_roles``: which roles should be created in tomcat-users.xml (list of strings, default: []) * ``auth_users``: which users should be created in tomcat-users.xml (list of auth_users, see below. default: []) +* ``log_dir``: directory to put acces logs to ### auth_users diff --git a/templates/server.xml.j2 b/templates/server.xml.j2 index 4c1d5b2..cb7887f 100644 --- a/templates/server.xml.j2 +++ b/templates/server.xml.j2 @@ -60,7 +60,7 @@ - From a646c68fcfacc8e3d4d9650a6df0836b70af548d Mon Sep 17 00:00:00 2001 From: Andrei Darashenka Date: Tue, 8 Jan 2019 15:04:35 +0100 Subject: [PATCH 9/9] fix always_run error: https://github.com/silpion/ansible-tomcat/issues/39 --- tasks/8.5-acls.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/8.5-acls.yml b/tasks/8.5-acls.yml index bdf3540..6c221e8 100644 --- a/tasks/8.5-acls.yml +++ b/tasks/8.5-acls.yml @@ -3,7 +3,7 @@ tags: tomcat become: true register: tomcat_registered_files - always_run: true + check_mode: no changed_when: false when: tomcat_fact_is_not_initial_check_mode shell: ls -1 {{ acl_dir }}/*.jar