Skip to content
This repository has been archived by the owner on Oct 10, 2021. It is now read-only.

install tomcat8 from Apache binaries for centos #3

Merged
merged 13 commits into from
Feb 23, 2018
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
tests/test.sh
*.retry
14 changes: 14 additions & 0 deletions .travis.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
---
services: docker

env:
# - distro: centos7
- distro: ubuntu1604

script:
# Download test shim.
- wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/
- chmod +x ${PWD}/tests/test.sh

# Run tests.
- ${PWD}/tests/test.sh
18 changes: 15 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Ansible Role: Tomcat 8
# Ansible Role: Tomcat 8 [![Build Status](https://travis-ci.org/Islandora-Devops/ansible-role-tomcat8.svg?branch=master)](https://travis-ci.org/Islandora-Devops/ansible-role-tomcat8)

An Ansible role that installs Tomcat 8 on:

Expand Down Expand Up @@ -47,10 +47,22 @@ tomcat8_server_user: tomcat8
tomcat8_server_group: tomcat8
```

Some OS-specific variables are set in vars/* but can be overridden
```
tomcat8_home: /opt/tomcat
```

Including these only used by CentOS/RH
```
tomcat8_version: 8.5.27
tomcat_binary_url: "http://www-eu.apache.org/dist/tomcat/tomcat-8/v{{ tomcat8_version }}/bin/apache-tomcat-{{ tomcat8_version }}.tar.gz"
tomcat_target_dir: "/opt/apache-tomcat-{{ tomcat8_version }}"
```

## Dependencies

None

## Example Playbook

- hosts: webservers
Expand All @@ -59,4 +71,4 @@ tomcat8_server_group: tomcat8

## License

MIT
MIT
11 changes: 10 additions & 1 deletion defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ tomcat8_packages:
tomcat8_admin_packages:
- tomcat8-admin

tomcat8_home: /var/lib/tomcat8
tomcat_service_name: tomcat8

tomcat8_admin_install: yes

Expand All @@ -12,6 +12,7 @@ tomcat8_users: []

tomcat8_server_user: tomcat8
tomcat8_server_group: tomcat8
tomcat8_user_home: /home/tomcat8

# The home directory of the Java development kit (JDK). You need at least
# JDK version 7. If JAVA_HOME is not set, some common directories for
Expand Down Expand Up @@ -46,3 +47,11 @@ tomcat8_java_opts:
# do not need authbind. It is used for binding Tomcat to lower port numbers.
# (yes/no, default: no)
#tomcat8_authbind: no

# Some OS-specific variables are set in vars/* but can be overridden here:
# tomcat8_home: /opt/tomcat
#
# Tomcat binary to dl and related path (For installing binaries on CentOS/RH)
# tomcat8_version: 8.5.27
# tomcat_binary_url: "http://www-eu.apache.org/dist/tomcat/tomcat-8/v{{ tomcat8_version }}/bin/apache-tomcat-{{ tomcat8_version }}.tar.gz"
# tomcat_target_dir: "/opt/apache-tomcat-{{ tomcat8_version }}"
36 changes: 29 additions & 7 deletions tasks/config.yml
Original file line number Diff line number Diff line change
@@ -1,16 +1,38 @@
---

- name: template /etc/default/tomcat8
template:
src: tomcat-defaults.j2
dest: /etc/default/tomcat8
notify: restart tomcat8
when: ansible_os_family == 'Debian'

- name: template {{tomcat8_home}}/bin/setenv.sh
template:
src: setenv.sh.j2
dest: "{{tomcat8_home}}/bin/setenv.sh"
notify: restart tomcat8
when: ansible_os_family == 'RedHat'

- name: server configuration
template:
src: server.xml.j2
dest: "{{tomcat8_home}}/conf/server.xml"
notify: restart tomcat8
sudo: True

- name: template tomcat-users.xml
template:
src: tomcat-users.xml.j2
dest: /etc/tomcat8/tomcat-users.xml
owner: "root"
dest: "{{tomcat8_home}}/conf/tomcat-users.xml"
owner: "{{ tomcat8_server_user }}"
group: "{{ tomcat8_server_group }}"
mode: "640"
notify: restart tomcat8

- name: template /etc/default/tomcat8
template:
src: tomcat-defaults.j2
dest: /etc/default/tomcat8
notify: restart tomcat8
- name: start tomcat
service:
name: "{{tomcat_service_name}}"
state: started
enabled: yes
sudo: True
5 changes: 5 additions & 0 deletions tasks/install.yml → tasks/install-Debian.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,3 +14,8 @@
cache_valid_time: 3600
with_items: "{{ tomcat8_admin_packages }}"
when: tomcat8_admin_install

- name: start tomcat8
service:
name: tomcat8
state: started
43 changes: 43 additions & 0 deletions tasks/install-RedHat.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
---

- name: group add
group:
name: "{{ tomcat8_server_group }}"
sudo: True


- name: user add
user:
name: "{{ tomcat8_server_user }}"
group: "{{ tomcat8_server_group }}"
home: "{{ tomcat8_user_home }}"
createhome: no
sudo: True

- name: download and extract
unarchive:
src: "{{ tomcat_binary_url }}"
dest: "/opt/"
remote_src: yes
sudo: True

- name: symlink install directory
file:
src: "{{ tomcat_target_dir }}"
path: "{{ tomcat8_home }}"
state: link
sudo: True

- name: change ownership of target installation
file:
path: "{{ tomcat_target_dir }}"
owner: "{{ tomcat8_server_user }}"
group: "{{ tomcat8_server_group }}"
state: directory
recurse: yes
sudo: True

- name: systemd
template: src=tomcat.service.j2 dest=/etc/systemd/system/tomcat8.service
notify: restart tomcat8
sudo: True
33 changes: 32 additions & 1 deletion tasks/main.yml
Original file line number Diff line number Diff line change
@@ -1,11 +1,42 @@
---

- include: install.yml
# Include variables and define needed variables.
- name: Include OS-specific variables.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should probably conditionally set the variables here, as we did in Karaf, so they can be overridden.

Maybe some comments in the defaults as well...

I know the Karaf stuff just went in this afternoon, just wanted to make a note here so it doesn't get forgotten.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

include_vars: "{{ ansible_os_family }}.yml"

- name: Define tomcat8_home
set_fact:
tomcat8_home: "{{ __tomcat8_home }}"
when: tomcat8_home is not defined

- name: Define tomcat8_version
set_fact:
tomcat8_version: "{{ __tomcat8_version }}"
when:
- tomcat8_version is not defined
- __tomcat8_version is defined

- name: Define tomcat_binary_url
set_fact:
tomcat_binary_url: "{{ __tomcat_binary_url }}"
when:
- tomcat_binary_url is not defined
- __tomcat_binary_url is defined

- name: Define tomcat_target_dir
set_fact:
tomcat_target_dir: "{{ __tomcat_target_dir }}"
when:
- tomcat_target_dir is not defined
- __tomcat_target_dir is defined

- include: "install-{{ ansible_os_family }}.yml"
tags:
- tomcat8
- tomcat8-install

- include: config.yml
static: no
tags:
- tomcat8
- tomcat8-config
142 changes: 142 additions & 0 deletions templates/server.xml.j2
Original file line number Diff line number Diff line change
@@ -0,0 +1,142 @@
<?xml version='1.0' encoding='utf-8'?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!-- Note: A "Server" is not itself a "Container", so you may not
define subcomponents such as "Valves" at this level.
Documentation at /docs/config/server.html
-->
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
<!-- Security listener. Documentation at /docs/config/listeners.html
<Listener className="org.apache.catalina.security.SecurityListener" />
-->
<!--APR library loader. Documentation at /docs/apr.html -->
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />

<!-- Global JNDI resources
Documentation at /docs/jndi-resources-howto.html
-->
<GlobalNamingResources>
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
-->
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>

<!-- A "Service" is a collection of one or more "Connectors" that share
a single "Container" Note: A "Service" is not itself a "Container",
so you may not define subcomponents such as "Valves" at this level.
Documentation at /docs/config/service.html
-->
<Service name="Catalina">

<!--The connectors can use a shared executor, you can define one or more named thread pools-->
<!--
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
maxThreads="150" minSpareThreads="4"/>
-->


<!-- A "Connector" represents an endpoint by which requests are received
and responses are returned. Documentation at :
Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
Java AJP Connector: /docs/config/ajp.html
APR (HTTP/AJP) Connector: /docs/apr.html
Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
-->
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<!-- A "Connector" using the shared thread pool-->
<!--
<Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
-->
<!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
This connector uses the NIO implementation that requires the JSSE
style configuration. When using the APR/native implementation, the
OpenSSL style configuration is required as described in the APR/native
documentation -->
<!--
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->

<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />


<!-- An Engine represents the entry point (within Catalina) that processes
every request. The Engine implementation for Tomcat stand alone
analyzes the HTTP headers included with the request, and passes them
on to the appropriate Host (virtual host).
Documentation at /docs/config/engine.html -->

<!-- You should set jvmRoute to support load-balancing via AJP ie :
<Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
-->
<Engine name="Catalina" defaultHost="localhost">

<!--For clustering, please take a look at documentation at:
/docs/cluster-howto.html (simple how to)
/docs/config/cluster.html (reference documentation) -->
<!--
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
-->

<!-- Use the LockOutRealm to prevent attempts to guess user passwords
via a brute-force attack -->
<Realm className="org.apache.catalina.realm.LockOutRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>

<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">

<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->

<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t &quot;%r&quot; %s %b" />

</Host>
</Engine>
</Service>
</Server>
3 changes: 3 additions & 0 deletions templates/setenv.sh.j2
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
#!/bin/sh

export JAVA_OPTS="$JAVA_OPTS {{ tomcat8_java_opts|join(' ') }}"
21 changes: 21 additions & 0 deletions templates/tomcat.service.j2
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
[Unit]
Description={{ tomcat_service_name }}
After=network.target

[Service]
Type=forking
User={{ tomcat8_server_user }}
Group={{ tomcat8_server_group }}

Environment=CATALINA_PID={{ tomcat8_home }}/{{ tomcat_service_name }}.pid
Environment=TOMCAT_JAVA_HOME=/usr/java/default
Environment=CATALINA_HOME={{ tomcat8_home }}
Environment=CATALINA_BASE={{ tomcat8_home }}
Environment=CATALINA_OPTS=
Environment="JAVA_OPTS=-Dfile.encoding=UTF-8 -Dnet.sf.ehcache.skipUpdateCheck=true -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:MaxPermSize=128m -Xms512m -Xmx512m"

ExecStart={{ tomcat8_home }}/bin/startup.sh
ExecStop=/bin/kill -15 $MAINPID

[Install]
WantedBy=multi-user.target
Loading