Skip to content

Commit

Permalink
OPSEXP-567: Errors appear in alfresco.log (#27)
Browse files Browse the repository at this point in the history
Moved postgres auth config parts from the repository role to the postgres role.
decoupled some roles, as they were pretty tightly coupled and caused problems when starting/restarting serices
Minor refactoring
  • Loading branch information
nilsSure authored Oct 9, 2020
1 parent 60b715d commit 5db983c
Show file tree
Hide file tree
Showing 16 changed files with 183 additions and 73 deletions.
6 changes: 5 additions & 1 deletion .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,11 @@ jobs:
- stage: Verification
name: Search Role Verification
script:
- cd roles/search/ && molecule test
- cd roles/search/
- molecule converge
- sleep 1m
- molecule verify
- molecule destroy
- stage: Verification
name: Common Role Verification
script:
Expand Down
50 changes: 50 additions & 0 deletions molecule/default/molecule.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
---
dependency:
name: galaxy
driver:
name: docker
platforms:
- name: instance
image: centos/systemd:latest
privileged: true
volume_mounts:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
exposed_ports:
- 80/tcp
- 443/tcp
- 5432/tcp
- 8161/tcp
- 8080/tcp
- 8082/tcp
- 8083/tcp
- 8090/tcp
- 8099/tcp
- 8983/tcp
- 9090/tcp
published_ports:
- 0.0.0.0:80:80/tcp
- 0.0.0.0:443:443/tcp
- 0.0.0.0:5432:5432/tcp
- 0.0.0.0:8161:8161/tcp
- 0.0.0.0:8080:8080/tcp
- 0.0.0.0:8082:8082/tcp
- 0.0.0.0:8083:8083/tcp
- 0.0.0.0:8090:8090/tcp
- 0.0.0.0:8099:8099/tcp
- 0.0.0.0:8983:8983/tcp
- 0.0.0.0:9090:9090/tcp
provisioner:
name: ansible
playbooks:
converge: ../../playbooks/acs.yml
verifier:
name: testinfra
directory: tests
env:
ANSIBLE_TIMEOUT: "30"
ANSIBLE_SSH_RETRIES: "15"
PYTHONWARNINGS: "ignore:.*U.*mode is deprecated:DeprecationWarning"
options:
v: 1
s: true
8 changes: 6 additions & 2 deletions playbooks/acs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,14 @@
hosts: all
become: true
become_method: sudo
# roles:
# - role: '../roles/nginx'
# - role: '../roles/adw'
# - role: '../roles/search'
# - role: '../roles/transformers'
roles:
- role: '../roles/repository'
- role: '../roles/nginx'
- role: '../roles/adw'
- role: '../roles/search'
- role: '../roles/transformers'
tags:
- search
10 changes: 10 additions & 0 deletions roles/postgres/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,16 @@
with_items: "{{ postgres_config }}"
notify: Restart postgresql

- name: Configure postgresql client auth
lineinfile:
path: "{{ postgresql_conf_path[postgres_major_version] }}/pg_hba.conf"
insertbefore: BOF
# regexp: ^{{ item['type'] }}\s+{{ item['database'] }}\s+{{ item['user'] }}\s+{{ item['address'] }}\s+{{ item['method'] }}
line: "{{ item['type'] }}\t{{ item['database'] }}\t{{ item['user'] }}\t{{ item['address'] }}\t{{ item['method'] }}"
state: "{{ item['state'] | default(omit) }}"
backup: true
with_items: "{{ postgres_client_auth }}"

- name: Ensure postgresql service is started and enabled on boot
systemd:
name: "{{ postgresql_service[postgres_major_version] }}"
Expand Down
12 changes: 12 additions & 0 deletions roles/postgres/vars/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
---
postgres_client_auth:
- type: local
database: "alfresco"
user: "alfresco"
address:
method: password
- type: host
database: all
user: all
address: 127.0.0.1/32
method: md5
4 changes: 3 additions & 1 deletion roles/repository/meta/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@ galaxy_info:
galaxy_tags: []
allow_duplicates: false
dependencies:
- postgres
- activemq
- tomcat
- postgres
- transformers
- search
10 changes: 0 additions & 10 deletions roles/repository/tasks/postgres.yml
Original file line number Diff line number Diff line change
@@ -1,14 +1,4 @@
---
- name: Configure postgresql client auth
lineinfile:
path: "{{ postgresql_conf_path[postgres_major_version] }}/pg_hba.conf"
insertbefore: BOF
# regexp: ^{{ item['type'] }}\s+{{ item['database'] }}\s+{{ item['user'] }}\s+{{ item['address'] }}\s+{{ item['method'] }}
line: "{{ item['type'] }}\t{{ item['database'] }}\t{{ item['user'] }}\t{{ item['address'] }}\t{{ item['method'] }}"
state: "{{ item['state'] | default(omit) }}"
backup: true
with_items: "{{ postgres_client_auth }}"
notify: Restart postgresql
- name: Create a new database with name "alfresco"
become: true
become_user: postgres
Expand Down
9 changes: 9 additions & 0 deletions roles/repository/templates/alfresco-global.properties
Original file line number Diff line number Diff line change
Expand Up @@ -20,5 +20,14 @@ dir.root={{ content_data_folder }}/content
dir.keystore={{ content_data_folder }}/keystore
dir.license.external={{ settings_folder }}/licenses

local.transform.service.enabled=true
localTransform.core-aio.url=http://{{ ats_tengine_aio_host }}:8090
legacy.transform.service.enabled=true
alfresco-pdf-renderer.url=${localTransform.core-aio.url}
jodconverter.url=${localTransform.core-aio.url}
img.url=${localTransform.core-aio.url}
tika.url=${localTransform.core-aio.url}
transform.misc.url=${localTransform.core-aio.url}

messaging.broker.url=failover:(tcp://localhost:61616)?timeout=3000
dsync.service.uris=https://localhost:9090/alfresco
11 changes: 0 additions & 11 deletions roles/repository/vars/postgres.yml
Original file line number Diff line number Diff line change
@@ -1,15 +1,4 @@
---
postgres_client_auth:
- type: local
database: "alfresco"
user: "alfresco"
address:
method: password
- type: host
database: all
user: all
address: 127.0.0.1/32
method: md5
postgres_client_config:
- database: "alfresco"
user: "alfresco"
Expand Down
3 changes: 2 additions & 1 deletion roles/search/meta/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,4 +12,5 @@ galaxy_info:

allow_duplicates: false
dependencies:
- repository
- common
- java
15 changes: 5 additions & 10 deletions roles/search/molecule/default/tests/test_search.py
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
"""Solr Tests"""
import time
import pytest
from hamcrest import contains_string, assert_that

Expand Down Expand Up @@ -32,12 +31,8 @@ def test_solr_service_running_and_enabled(host, svc):
assert_that(solr.is_enabled)

def test_solr_stats_is_accesible(host, get_ansible_vars):
"""Check solrstats service"""
timeout = time.time() + 360
output = None
command = False
while not command or time.time() < timeout:
run_command = host.run("curl -v -k --connect-timeout 5 --user admin:admin http://{}:8080/alfresco/s/api/solrstats".format(get_ansible_vars["repo_host"]))
command = run_command.succeeded
output = run_command.stdout
assert_that(output,contains_string("queryInfo"))
"""Check that SOLR creates the alfresco and archive cores"""
alfresco_core_command = host.run("curl -iL http://{}:8983/solr/#/~cores/alfresco".format(get_ansible_vars["solr_host"]))
archive_core_command = host.run("curl -iL http://{}:8983/solr/#/~cores/archive".format(get_ansible_vars["solr_host"]))
assert_that(alfresco_core_command.stdout, contains_string("HTTP/1.1 200"))
assert_that(archive_core_command.stdout, contains_string("HTTP/1.1 200"))
6 changes: 5 additions & 1 deletion roles/tomcat/molecule/default/converge.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,8 @@
tasks:
- name: "Include tomcat"
include_role:
name: "tomcat"
name: "tomcat"
- name: Ensure tomcat service is started and enabled on boot
systemd:
name: tomcat.service
state: started
3 changes: 1 addition & 2 deletions roles/tomcat/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -202,11 +202,10 @@
dest: /etc/systemd/system/tomcat.service
owner: root
group: root
notify: tomcat-restart
# notify: tomcat-restart
when: install_check.rc != 0 or tomcat_version not in install_check.stderr

- name: Ensure tomcat service is started and enabled on boot
systemd:
name: tomcat.service
state: started
enabled: true
3 changes: 2 additions & 1 deletion roles/transformers/meta/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,4 +13,5 @@ galaxy_info:

allow_duplicates: false
dependencies:
- repository
- common
- java
3 changes: 3 additions & 0 deletions roles/transformers/molecule/default/converge.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,9 @@
- name: Converge
hosts: all
tasks:
- name: "Include tomcat role"
include_role:
name: "tomcat"
- name: "Include transformers"
include_role:
name: "transformers"
103 changes: 70 additions & 33 deletions roles/transformers/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,14 @@
until: download_img_libs_dist is succeeded
when: magick_exists.rc != 0

# - name: Download ImageMagick-license.txt
# get_url:
# url: "{{ IMAGEMAGICK_LICENSE_FILE }}"
# dest: "{{ temp_dir }}/ImageMagick-license.txt"
# mode: 0444
# timeout: 600
# when: magick_exists.rc != 0

- name: Download imagemagick-epel-dep.rpm
get_url:
url: "{{ IMAGEMAGICK_DEP_RPM_URL }}"
Expand Down Expand Up @@ -92,6 +100,14 @@
until: libreoffice_download is succeeded
when: loffice_exists.rc != 0

# - name: Download libreoffice.txt
# get_url:
# url: "{{ LIBREOFFICE_LICENSE_FILE }}"
# dest: "{{ temp_dir }}/libreoffice.txt"
# mode: 0444
# timeout: 600
# when: loffice_exists.rc != 0

- name: Extract libreoffice-dist-linux.gz
become: yes
unarchive:
Expand All @@ -111,39 +127,53 @@
block:
- name: Check if alfresco-pdf-renderer exists
stat:
path: "{{ content_folder }}/alfresco-pdf-renderer/alfresco-pdf-renderer"
path: "{{ binaries_folder }}/content-services-{{ alfresco.version }}/alfresco-pdf-renderer/alfresco-pdf-renderer"
register: alfresco_pdf_renderer_exists
- name: Check if alfresco-pdf-renderer archive exists
stat:
path: "{{ content_folder }}/alfresco-pdf-renderer/alfresco-pdf-renderer-{{ PDF_RENDERER_VERSION }}-linux.tgz"
path: "{{ binaries_folder }}/content-services-{{ alfresco.version }}/alfresco-pdf-renderer/alfresco-pdf-renderer-{{ PDF_RENDERER_VERSION }}-linux.tgz"
register: alfresco_pdf_renderer_tgz_exists

- name: Download alfresco-pdf-renderer-linux.tgz
become: true
become_user: "{{ username }}"
get_url:
url: "{{ ALFRESCO_PDF_RENDERER_LIB_RPM_URL }}"
dest: "{{ content_folder }}/alfresco-pdf-renderer/alfresco-pdf-renderer-{{ PDF_RENDERER_VERSION }}-linux.tgz"
url_username: "{{ nexus_user }}"
url_password: "{{ nexus_password }}"
mode: 'u=rwx,g=rwx,o=rx'
timeout: 600
register: download_pdf_renderer
until: download_pdf_renderer is succeeded
when: not alfresco_pdf_renderer_tgz_exists.stat.exists and not alfresco_pdf_renderer_exists.stat.exists
block:
- name: Check if alfresco-pdf-renderer folder exists
stat:
path: "{{ binaries_folder }}/content-services-{{ alfresco.version }}/alfresco-pdf-renderer/"
register: pdf_renderer_folder
- name: Create alfresco-pdf-renderer folder
file:
path: "{{ binaries_folder }}/content-services-{{ alfresco.version }}/alfresco-pdf-renderer/"
state: directory
mode: 'u=rwx,g=rwx,o=rx'
become: true
become_user: "{{ username }}"
when: not pdf_renderer_folder.stat.exists
- name: Download alfresco-pdf-renderer-linux.tgz
become: true
become_user: "{{ username }}"
get_url:
url: "{{ ALFRESCO_PDF_RENDERER_LIB_RPM_URL }}"
dest: "{{ binaries_folder }}/content-services-{{ alfresco.version }}/alfresco-pdf-renderer/alfresco-pdf-renderer-{{ PDF_RENDERER_VERSION }}-linux.tgz"
url_username: "{{ nexus_user }}"
url_password: "{{ nexus_password }}"
mode: 'u=rwx,g=rwx,o=rx'
timeout: 600
register: download_pdf_renderer
until: download_pdf_renderer is succeeded
when: not alfresco_pdf_renderer_tgz_exists.stat.exists and not alfresco_pdf_renderer_exists.stat.exists

- name: Extract alfresco-pdf-renderer-linux.tgz
become: true
become_user: "{{ username }}"
unarchive:
src: "{{ content_folder }}/alfresco-pdf-renderer/alfresco-pdf-renderer-{{ PDF_RENDERER_VERSION }}-linux.tgz"
dest: "{{ content_folder }}/alfresco-pdf-renderer/"
src: "{{ binaries_folder }}/content-services-{{ alfresco.version }}/alfresco-pdf-renderer/alfresco-pdf-renderer-{{ PDF_RENDERER_VERSION }}-linux.tgz"
dest: "{{ binaries_folder }}/content-services-{{ alfresco.version }}/alfresco-pdf-renderer/"
remote_src: yes
when: not alfresco_pdf_renderer_exists.stat.exists

- name: Remove alfresco-pdf-renderer-linux.tgz
file:
path: "{{ content_folder }}/alfresco-pdf-renderer/alfresco-pdf-renderer-{{ PDF_RENDERER_VERSION }}-linux.tgz"
path: "{{ binaries_folder }}/content-services-{{ alfresco.version }}/alfresco-pdf-renderer/alfresco-pdf-renderer-{{ PDF_RENDERER_VERSION }}-linux.tgz"
state: absent

- name: Download alfresco-transform-core-aio-boot-{{ transform.version }}.jar
Expand Down Expand Up @@ -199,21 +229,28 @@
insertafter: EOF
line: "export CATALINA_OPTS=\"${CATALINA_OPTS} -Dats-tengine-aio.host=${ATS_TENGINE_AIO_HOST}\""

- name: Add properties to alfresco-global
become: true
become_user: "{{ username }}"
blockinfile:
path: "{{ settings_folder }}/classpath/alfresco-global.properties"
marker: "# {mark} ATS global properties"
block: |
local.transform.service.enabled=true
localTransform.core-aio.url=http://{{ ats_tengine_aio_host }}:8090
legacy.transform.service.enabled=true
alfresco-pdf-renderer.url=${localTransform.core-aio.url}
jodconverter.url=${localTransform.core-aio.url}
img.url=${localTransform.core-aio.url}
tika.url=${localTransform.core-aio.url}
transform.misc.url=${localTransform.core-aio.url}
# - name: Add properties to alfresco-global
# block:
# - name: Check if alfresco-global.properties exists
# stat:
# path: "{{ settings_folder }}/classpath/alfresco-global.properties"
# register: alfresco_global
# - name: Add properties
# become: true
# become_user: "{{ username }}"
# blockinfile:
# path: "{{ settings_folder }}/classpath/alfresco-global.properties"
# marker: "# {mark} ATS global properties"
# block: |
# local.transform.service.enabled=true
# localTransform.core-aio.url=http://{{ ats_tengine_aio_host }}:8090
# legacy.transform.service.enabled=true
# alfresco-pdf-renderer.url=${localTransform.core-aio.url}
# jodconverter.url=${localTransform.core-aio.url}
# img.url=${localTransform.core-aio.url}
# tika.url=${localTransform.core-aio.url}
# transform.misc.url=${localTransform.core-aio.url}
# when: not alfresco_global.stat.exists

- name: Check if AIO script exists
stat:
Expand Down Expand Up @@ -284,4 +321,4 @@
name: alfresco-transform.service
state: started
enabled: true
notify: alfresco-content-restart
# notify: alfresco-content-restart

0 comments on commit 5db983c

Please sign in to comment.