install tomcat8 from Apache binaries for centos (#3)

* install tomcat8 from source on centos

* tidy up config and install scripts

* tomcat-defaults.j2 is a Debian task, not a RH one

Fixing a mistake made while mashing the Debian and RedHat config tasks together.

* Changed tomcat version

Changed EOL version 8.0.x to latest 8.5.x

* Add CI Tests (#5)

* Add CI testing.

* Update readme

* Make sure tomcat is started. (#6)

* allow group_vars and revised defaults to overridde OS-specific variables

* spacing nit-pick

* Account for os-specific variables not set

* corrected default variables and README

Overridding the OS-specific variables is done by setting the usual variable name (NOT the one prefixed by underscores).

* more stable binary url

The www-eu URL only keeps the most recent binary, breaking the link with each new version. Using the archive URL so it doesn't keep breaking.
Also updated the minor version.

* install tomcat8 on centos using binaries

tidy up config and install scripts

tomcat-defaults.j2 is a Debian task, not a RH one

Fixing a mistake made while mashing the Debian and RedHat config tasks together.

Changed tomcat version

Changed EOL version 8.0.x to latest 8.5.x

allow group_vars and revised defaults to overridde OS-specific variables

spacing nit-pick

Account for os-specific variables not set

corrected default variables and README

Overridding the OS-specific variables is done by setting the usual variable name (NOT the one prefixed by underscores).

more stable binary url

The www-eu URL only keeps the most recent binary, breaking the link with each new version. Using the archive URL so it doesn't keep breaking.
Also updated the minor version.

README.md

@@ -47,10 +47,22 @@ tomcat8_server_user: tomcat8
 tomcat8_server_group: tomcat8
 ```
 
+Some OS-specific variables are set in vars/* but can be overridden
+```
+tomcat8_home: /opt/tomcat
+```
+
+Including these only used by CentOS/RH
+```
+tomcat8_version: 8.5.27
+tomcat_binary_url:  "http://www-eu.apache.org/dist/tomcat/tomcat-8/v{{ tomcat8_version }}/bin/apache-tomcat-{{ tomcat8_version }}.tar.gz"
+tomcat_target_dir:  "/opt/apache-tomcat-{{ tomcat8_version }}"
+```
+
 ## Dependencies
 
   None
-  
+
 ## Example Playbook
 
     - hosts: webservers

defaults/main.yml

@@ -3,7 +3,7 @@ tomcat8_packages:
 tomcat8_admin_packages:
   - tomcat8-admin
 
-tomcat8_home: /var/lib/tomcat8
+tomcat_service_name:   tomcat8
 
 tomcat8_admin_install: yes
 
@@ -12,6 +12,7 @@ tomcat8_users: []
 
 tomcat8_server_user: tomcat8
 tomcat8_server_group: tomcat8
+tomcat8_user_home: /home/tomcat8
 
 # The home directory of the Java development kit (JDK). You need at least
 # JDK version 7. If JAVA_HOME is not set, some common directories for
@@ -46,3 +47,11 @@ tomcat8_java_opts:
 # do not need authbind.  It is used for binding Tomcat to lower port numbers.
 # (yes/no, default: no)
 #tomcat8_authbind: no
+
+# Some OS-specific variables are set in vars/* but can be overridden here:
+# tomcat8_home: /opt/tomcat
+#
+# Tomcat binary to dl and related path (For installing binaries on CentOS/RH)
+# tomcat8_version: 8.5.27
+# tomcat_binary_url:  "http://www-eu.apache.org/dist/tomcat/tomcat-8/v{{ tomcat8_version }}/bin/apache-tomcat-{{ tomcat8_version }}.tar.gz"
+# tomcat_target_dir:  "/opt/apache-tomcat-{{ tomcat8_version }}"

tasks/config.yml

@@ -1,16 +1,38 @@
 ---
 
+- name: template /etc/default/tomcat8
+  template:
+    src: tomcat-defaults.j2
+    dest: /etc/default/tomcat8
+  notify: restart tomcat8
+  when: ansible_os_family == 'Debian'
+
+- name: template {{tomcat8_home}}/bin/setenv.sh
+  template:
+    src: setenv.sh.j2
+    dest: "{{tomcat8_home}}/bin/setenv.sh"
+  notify: restart tomcat8
+  when: ansible_os_family == 'RedHat'
+
+- name: server configuration
+  template:
+    src: server.xml.j2
+    dest: "{{tomcat8_home}}/conf/server.xml"
+  notify: restart tomcat8
+  sudo: True
+
 - name: template tomcat-users.xml
   template:
     src: tomcat-users.xml.j2
-    dest: /etc/tomcat8/tomcat-users.xml
-    owner: "root"
+    dest: "{{tomcat8_home}}/conf/tomcat-users.xml"
+    owner: "{{ tomcat8_server_user }}"
     group: "{{ tomcat8_server_group }}"
     mode: "640"
   notify: restart tomcat8
 
-- name: template /etc/default/tomcat8
-  template:
-    src: tomcat-defaults.j2
-    dest: /etc/default/tomcat8
-  notify: restart tomcat8
+- name: start tomcat
+  service:
+    name: "{{tomcat_service_name}}"
+    state: started
+    enabled: yes
+  sudo: True

tasks/install-RedHat.yml

@@ -0,0 +1,43 @@
+---
+
+- name: group add
+  group:
+    name: "{{ tomcat8_server_group }}"
+  sudo: True
+
+
+- name: user add
+  user:
+    name: "{{ tomcat8_server_user }}"
+    group: "{{ tomcat8_server_group }}"
+    home: "{{ tomcat8_user_home }}"
+    createhome: no
+  sudo: True
+
+- name: download and extract
+  unarchive:
+    src: "{{ tomcat_binary_url }}"
+    dest: "/opt/"
+    remote_src: yes
+  sudo: True
+
+- name: symlink install directory
+  file:
+    src: "{{ tomcat_target_dir }}"
+    path: "{{ tomcat8_home }}"
+    state: link
+  sudo: True
+
+- name: change ownership of target installation
+  file:
+    path: "{{ tomcat_target_dir }}"
+    owner: "{{ tomcat8_server_user }}"
+    group: "{{ tomcat8_server_group }}"
+    state: directory
+    recurse: yes
+  sudo: True
+
+- name: systemd
+  template: src=tomcat.service.j2 dest=/etc/systemd/system/tomcat8.service
+  notify: restart tomcat8
+  sudo: True

tasks/main.yml

@@ -1,11 +1,42 @@
 ---
 
-- include: install.yml
+# Include variables and define needed variables.
+- name: Include OS-specific variables.
+  include_vars: "{{ ansible_os_family }}.yml"
+
+- name: Define tomcat8_home
+  set_fact:
+    tomcat8_home: "{{ __tomcat8_home }}"
+  when: tomcat8_home is not defined
+
+- name: Define tomcat8_version
+  set_fact:
+    tomcat8_version: "{{ __tomcat8_version }}"
+  when:
+    - tomcat8_version is not defined
+    - __tomcat8_version is defined
+
+- name: Define tomcat_binary_url
+  set_fact:
+    tomcat_binary_url: "{{ __tomcat_binary_url }}"
+  when:
+    - tomcat_binary_url is not defined
+    - __tomcat_binary_url is defined
+
+- name: Define tomcat_target_dir
+  set_fact:
+    tomcat_target_dir: "{{ __tomcat_target_dir }}"
+  when:
+    - tomcat_target_dir is not defined
+    - __tomcat_target_dir is defined
+
+- include: "install-{{ ansible_os_family }}.yml"
   tags:
     - tomcat8
     - tomcat8-install
 
 - include: config.yml
+  static: no
   tags:
     - tomcat8
     - tomcat8-config

templates/server.xml.j2

@@ -0,0 +1,142 @@
+<?xml version='1.0' encoding='utf-8'?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<!-- Note:  A "Server" is not itself a "Container", so you may not
+     define subcomponents such as "Valves" at this level.
+     Documentation at /docs/config/server.html
+ -->
+<Server port="8005" shutdown="SHUTDOWN">
+  <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
+  <!-- Security listener. Documentation at /docs/config/listeners.html
+  <Listener className="org.apache.catalina.security.SecurityListener" />
+  -->
+  <!--APR library loader. Documentation at /docs/apr.html -->
+  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+  <!-- Prevent memory leaks due to use of particular java/javax APIs-->
+  <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
+  <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
+  <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
+
+  <!-- Global JNDI resources
+       Documentation at /docs/jndi-resources-howto.html
+  -->
+  <GlobalNamingResources>
+    <!-- Editable user database that can also be used by
+         UserDatabaseRealm to authenticate users
+    -->
+    <Resource name="UserDatabase" auth="Container"
+              type="org.apache.catalina.UserDatabase"
+              description="User database that can be updated and saved"
+              factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
+              pathname="conf/tomcat-users.xml" />
+  </GlobalNamingResources>
+
+  <!-- A "Service" is a collection of one or more "Connectors" that share
+       a single "Container" Note:  A "Service" is not itself a "Container",
+       so you may not define subcomponents such as "Valves" at this level.
+       Documentation at /docs/config/service.html
+   -->
+  <Service name="Catalina">
+
+    <!--The connectors can use a shared executor, you can define one or more named thread pools-->
+    <!--
+    <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
+        maxThreads="150" minSpareThreads="4"/>
+    -->
+
+
+    <!-- A "Connector" represents an endpoint by which requests are received
+         and responses are returned. Documentation at :
+         Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
+         Java AJP  Connector: /docs/config/ajp.html
+         APR (HTTP/AJP) Connector: /docs/apr.html
+         Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
+    -->
+    <Connector port="8080" protocol="HTTP/1.1"
+               connectionTimeout="20000"
+               redirectPort="8443" />
+    <!-- A "Connector" using the shared thread pool-->
+    <!--
+    <Connector executor="tomcatThreadPool"
+               port="8080" protocol="HTTP/1.1"
+               connectionTimeout="20000"
+               redirectPort="8443" />
+    -->
+    <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
+         This connector uses the NIO implementation that requires the JSSE
+         style configuration. When using the APR/native implementation, the
+         OpenSSL style configuration is required as described in the APR/native
+         documentation -->
+    <!--
+    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
+               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
+               clientAuth="false" sslProtocol="TLS" />
+    -->
+
+    <!-- Define an AJP 1.3 Connector on port 8009 -->
+    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
+
+
+    <!-- An Engine represents the entry point (within Catalina) that processes
+         every request.  The Engine implementation for Tomcat stand alone
+         analyzes the HTTP headers included with the request, and passes them
+         on to the appropriate Host (virtual host).
+         Documentation at /docs/config/engine.html -->
+
+    <!-- You should set jvmRoute to support load-balancing via AJP ie :
+    <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
+    -->
+    <Engine name="Catalina" defaultHost="localhost">
+
+      <!--For clustering, please take a look at documentation at:
+          /docs/cluster-howto.html  (simple how to)
+          /docs/config/cluster.html (reference documentation) -->
+      <!--
+      <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
+      -->
+
+      <!-- Use the LockOutRealm to prevent attempts to guess user passwords
+           via a brute-force attack -->
+      <Realm className="org.apache.catalina.realm.LockOutRealm">
+        <!-- This Realm uses the UserDatabase configured in the global JNDI
+             resources under the key "UserDatabase".  Any edits
+             that are performed against this UserDatabase are immediately
+             available for use by the Realm.  -->
+        <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
+               resourceName="UserDatabase"/>
+      </Realm>
+
+      <Host name="localhost"  appBase="webapps"
+            unpackWARs="true" autoDeploy="true">
+
+        <!-- SingleSignOn valve, share authentication between web applications
+             Documentation at: /docs/config/valve.html -->
+        <!--
+        <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
+        -->
+
+        <!-- Access log processes all example.
+             Documentation at: /docs/config/valve.html
+             Note: The pattern used is equivalent to using pattern="common" -->
+        <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
+               prefix="localhost_access_log" suffix=".txt"
+               pattern="%h %l %u %t &quot;%r&quot; %s %b" />
+
+      </Host>
+    </Engine>
+  </Service>
+</Server>

templates/setenv.sh.j2

@@ -0,0 +1,3 @@
+#!/bin/sh
+
+export JAVA_OPTS="$JAVA_OPTS {{ tomcat8_java_opts|join(' ') }}"

templates/tomcat.service.j2

@@ -0,0 +1,21 @@
+[Unit]
+Description={{ tomcat_service_name }}
+After=network.target
+
+[Service]
+Type=forking
+User={{ tomcat8_server_user }}
+Group={{ tomcat8_server_group }}
+
+Environment=CATALINA_PID={{ tomcat8_home }}/{{ tomcat_service_name }}.pid
+Environment=TOMCAT_JAVA_HOME=/usr/java/default
+Environment=CATALINA_HOME={{ tomcat8_home }}
+Environment=CATALINA_BASE={{ tomcat8_home }}
+Environment=CATALINA_OPTS=
+Environment="JAVA_OPTS=-Dfile.encoding=UTF-8 -Dnet.sf.ehcache.skipUpdateCheck=true -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:MaxPermSize=128m -Xms512m -Xmx512m"
+
+ExecStart={{ tomcat8_home }}/bin/startup.sh
+ExecStop=/bin/kill -15 $MAINPID
+
+[Install]
+WantedBy=multi-user.target

vars/Debian.yml

@@ -0,0 +1 @@
+__tomcat8_home: /var/lib/tomcat8

vars/RedHat.yml

@@ -0,0 +1,6 @@
+__tomcat8_home: /opt/tomcat
+
+# Tomcat binary to dl and related path
+__tomcat8_version: 8.5.28
+__tomcat_binary_url:  "https://archive.apache.org/dist/tomcat/tomcat-8/v{{ tomcat8_version }}/bin/apache-tomcat-{{ tomcat8_version }}.tar.gz"
+__tomcat_target_dir:  "/opt/apache-tomcat-{{ tomcat8_version }}"