From bf3c4d6b7592fe4fa9b66718f25a111db8600588 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Santiago=20Rodr=C3=ADguez?= Date: Wed, 14 Feb 2018 16:52:40 +0100 Subject: [PATCH 1/6] Update playbooks for stable/1.7.x --- .../archivematica-centos7/requirements.yml | 5 ++- .../archivematica-centos7/singlenode.yml | 3 +- .../archivematica-centos7/vars-singlenode.yml | 4 +-- .../archivematica-xenial/requirements.yml | 2 +- playbooks/archivematica-xenial/singlenode.yml | 3 +- .../vars-singlenode-1.7.yml | 33 ++++++++++++++++++ playbooks/archivematica/requirements.yml | 2 +- playbooks/archivematica/singlenode.yml | 3 +- .../archivematica/vars-singlenode-1.7.yml | 34 +++++++++++++++++++ 9 files changed, 79 insertions(+), 10 deletions(-) create mode 100644 playbooks/archivematica-xenial/vars-singlenode-1.7.yml create mode 100644 playbooks/archivematica/vars-singlenode-1.7.yml diff --git a/playbooks/archivematica-centos7/requirements.yml b/playbooks/archivematica-centos7/requirements.yml index 568cf15f..2526d7a1 100644 --- a/playbooks/archivematica-centos7/requirements.yml +++ b/playbooks/archivematica-centos7/requirements.yml @@ -12,7 +12,6 @@ version: "master" name: "artefactual.clamav" -- src: "https://github.com/artefactual-labs/ansible-role-archivematica-src" - version: "stable/1.6.x" +- src: "https://github.com/artefactual-labs/ansible-archivematica-src" + version: "qa/1.7.x" name: "artefactual.archivematica-src" - diff --git a/playbooks/archivematica-centos7/singlenode.yml b/playbooks/archivematica-centos7/singlenode.yml index f3394d9a..2274aaae 100644 --- a/playbooks/archivematica-centos7/singlenode.yml +++ b/playbooks/archivematica-centos7/singlenode.yml @@ -55,7 +55,8 @@ bootstrap.mlockall: true, discovery.zen.ping.multicast.enabled: false, http.max_content_length: 1024mb - } + }, + when: "archivematica_src_search_enabled|bool", } - { role: "artefactual.clamav", tags: ["clamav"], become: "yes" } - { role: "jdauphant.nginx", tags: ["nginx"], become: "yes" } diff --git a/playbooks/archivematica-centos7/vars-singlenode.yml b/playbooks/archivematica-centos7/vars-singlenode.yml index 16d71530..506f098c 100644 --- a/playbooks/archivematica-centos7/vars-singlenode.yml +++ b/playbooks/archivematica-centos7/vars-singlenode.yml @@ -3,8 +3,8 @@ # archivematica-src role archivematica_src_install_devtools: "no" -archivematica_src_am_version: "stable/1.6.x" -archivematica_src_ss_version: "stable/0.10.x" +archivematica_src_am_version: "stable/1.7.x" +archivematica_src_ss_version: "stable/0.11.x" archivematica_src_ss_gunicorn: "true" archivematica_src_am_dashboard_gunicorn: "true" archivematica_src_am_multi_venvs: "yes" diff --git a/playbooks/archivematica-xenial/requirements.yml b/playbooks/archivematica-xenial/requirements.yml index 2472de08..40f9dd37 100644 --- a/playbooks/archivematica-xenial/requirements.yml +++ b/playbooks/archivematica-xenial/requirements.yml @@ -17,7 +17,7 @@ name: "artefactual.nginx" - src: "https://github.com/artefactual-labs/ansible-archivematica-src" - version: "stable/1.6.x" + version: "qa/1.7.x" name: "artefactual.archivematica-src" - src: "https://github.com/artefactual-labs/ansible-clamav" diff --git a/playbooks/archivematica-xenial/singlenode.yml b/playbooks/archivematica-xenial/singlenode.yml index 353832f5..a871559f 100644 --- a/playbooks/archivematica-xenial/singlenode.yml +++ b/playbooks/archivematica-xenial/singlenode.yml @@ -3,7 +3,7 @@ pre_tasks: - - include_vars: "vars-singlenode-1.6.yml" + - include_vars: "vars-singlenode-1.7.yml" tags: - "always" @@ -21,6 +21,7 @@ become: "yes" tags: - "elasticsearch" + when: "archivematica_src_search_enabled|bool" - role: "artefactual.percona" become: "yes" diff --git a/playbooks/archivematica-xenial/vars-singlenode-1.7.yml b/playbooks/archivematica-xenial/vars-singlenode-1.7.yml new file mode 100644 index 00000000..4db6fee3 --- /dev/null +++ b/playbooks/archivematica-xenial/vars-singlenode-1.7.yml @@ -0,0 +1,33 @@ +--- + +# archivematica-src role + +archivematica_src_install_devtools: "yes" +archivematica_src_am_version: "stable/1.7.x" +archivematica_src_ss_version: "stable/0.11.x" +archivematica_src_ss_gunicorn: "true" +archivematica_src_am_dashboard_gunicorn: "true" +archivematica_src_am_multi_venvs: "true" +archivematica_src_dir: "/opt/archivematica" + +# elasticsearch role + +elasticsearch_version: "1.7.6" +elasticsearch_apt_java_package: "openjdk-8-jre-headless" +elasticsearch_apt_repos: [] +elasticsearch_apt_dependencies: [] +elasticsearch_java_home: "/usr/lib/jvm/java-8-openjdk-amd64" +elasticsearch_heap_size: "640m" +elasticsearch_max_open_files: "65535" +elasticsearch_node_max_local_storage_nodes: "1" +elasticsearch_index_mapper_dynamic: "true" +elasticsearch_memory_bootstrap_mlockall: "true" +elasticsearch_install_java: "true" +elasticsearch_thread_pools: + - "threadpool.bulk.type: fixed" + - "threadpool.bulk.size: 50" + - "threadpool.bulk.queue_size: 1000" + +# percona role + +mysql_root_password: "ChangeMe!" diff --git a/playbooks/archivematica/requirements.yml b/playbooks/archivematica/requirements.yml index f7cd1587..5c4ad858 100644 --- a/playbooks/archivematica/requirements.yml +++ b/playbooks/archivematica/requirements.yml @@ -17,7 +17,7 @@ name: "artefactual.nginx" - src: "https://github.com/artefactual-labs/ansible-archivematica-src" - version: "stable/1.6.x" + version: "qa/1.7.x" name: "artefactual.archivematica-src" - src: "https://github.com/artefactual-labs/ansible-clamav" diff --git a/playbooks/archivematica/singlenode.yml b/playbooks/archivematica/singlenode.yml index 353832f5..a871559f 100644 --- a/playbooks/archivematica/singlenode.yml +++ b/playbooks/archivematica/singlenode.yml @@ -3,7 +3,7 @@ pre_tasks: - - include_vars: "vars-singlenode-1.6.yml" + - include_vars: "vars-singlenode-1.7.yml" tags: - "always" @@ -21,6 +21,7 @@ become: "yes" tags: - "elasticsearch" + when: "archivematica_src_search_enabled|bool" - role: "artefactual.percona" become: "yes" diff --git a/playbooks/archivematica/vars-singlenode-1.7.yml b/playbooks/archivematica/vars-singlenode-1.7.yml new file mode 100644 index 00000000..294d8f05 --- /dev/null +++ b/playbooks/archivematica/vars-singlenode-1.7.yml @@ -0,0 +1,34 @@ +--- + +# archivematica-src role + +archivematica_src_install_devtools: "yes" +archivematica_src_am_version: "stable/1.7.x" +archivematica_src_ss_version: "stable/0.11.x" +archivematica_src_ss_gunicorn: "true" +archivematica_src_am_dashboard_gunicorn: "true" +archivematica_src_am_multi_venvs: "true" +archivematica_src_dir: "/opt/archivematica" +archivematica_src_search_enabled: "yes" + +# elasticsearch role + +elasticsearch_version: "1.7.6" +elasticsearch_apt_java_package: "openjdk-7-jre-headless" +elasticsearch_apt_repos: [] +elasticsearch_apt_dependencies: [] +elasticsearch_java_home: "/usr/lib/jvm/java-7-openjdk-amd64" +elasticsearch_heap_size: "640m" +elasticsearch_max_open_files: "65535" +elasticsearch_node_max_local_storage_nodes: "1" +elasticsearch_index_mapper_dynamic: "true" +elasticsearch_memory_bootstrap_mlockall: "true" +elasticsearch_install_java: "true" +elasticsearch_thread_pools: + - "threadpool.bulk.type: fixed" + - "threadpool.bulk.size: 50" + - "threadpool.bulk.queue_size: 1000" + +# percona role + +mysql_root_password: "ChangeMe!" From d8221eb06fc3837d983bbd15e16e729ddeae22ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Santiago=20Rodr=C3=ADguez?= Date: Wed, 14 Feb 2018 16:53:35 +0100 Subject: [PATCH 2/6] Update centos base box and use official one --- playbooks/archivematica-centos7/Vagrantfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/archivematica-centos7/Vagrantfile b/playbooks/archivematica-centos7/Vagrantfile index ec362ce8..6e4b6b75 100644 --- a/playbooks/archivematica-centos7/Vagrantfile +++ b/playbooks/archivematica-centos7/Vagrantfile @@ -8,7 +8,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| # note the official centos box doesn't have guest additions # using geerlingguy box instead ( to have synced folders ) - config.vm.box = ENV.fetch("VAGRANT_BOX", "geerlingguy/centos7") + config.vm.box = ENV.fetch("VAGRANT_BOX", "centos/7") { "am-local-centos7" => { From 1480be0f58b950100eabe596715051b2a6d186e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Santiago=20Rodr=C3=ADguez?= Date: Wed, 14 Feb 2018 16:38:40 +0100 Subject: [PATCH 3/6] Improve SELinux support --- .../archivematica-centos7/singlenode.yml | 39 ++++++++++++++++--- 1 file changed, 34 insertions(+), 5 deletions(-) diff --git a/playbooks/archivematica-centos7/singlenode.yml b/playbooks/archivematica-centos7/singlenode.yml index 2274aaae..84fc14b0 100644 --- a/playbooks/archivematica-centos7/singlenode.yml +++ b/playbooks/archivematica-centos7/singlenode.yml @@ -7,12 +7,41 @@ tags: - "always" - - name: "Set SELinux to Permissive" - command: "setenforce Permissive" - become: "yes" + - name: "SELinux: Allow nginx connections to Gunicorn" + become: "yes" + seboolean: + name: "httpd_can_network_connect" + state: "yes" + persistent: "yes" + when: ansible_selinux.status == "enabled" - - name: "Enable epel repository" - yum: + - name: "SELinux: Allow nginx to connect to MySQL" + become: "yes" + seboolean: + name: "httpd_can_network_connect_db" + state: "yes" + persistent: "yes" + when: ansible_selinux.status == "enabled" + + - name: "SELinux: Allow nginx to change system limits" + become: "yes" + seboolean: + name: "httpd_setrlimit" + state: "yes" + persistent: "yes" + when: ansible_selinux.status == "enabled" + + - name: "SELinux: Allow nginx to use ports 8000 and 8001" + become: "yes" + seport: + ports: "8000,8001" + proto: "tcp" + setype: "http_port_t" + state: "present" + when: ansible_selinux.status == "enabled" + + - name: "Enable epel repository" + yum: name: "epel-release" state: "latest" become: "yes" From cadb91f407fbb4fdc9bba56775a6881452d54634 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Santiago=20Rodr=C3=ADguez?= Date: Wed, 31 Jan 2018 03:38:50 +0100 Subject: [PATCH 4/6] Add tip regarding shared folders issues --- playbooks/archivematica-centos7/README.md | 7 +++++++ playbooks/archivematica-xenial/README.md | 7 +++++++ playbooks/archivematica/README.md | 5 +++++ 3 files changed, 19 insertions(+) diff --git a/playbooks/archivematica-centos7/README.md b/playbooks/archivematica-centos7/README.md index abba0f03..969c5153 100644 --- a/playbooks/archivematica-centos7/README.md +++ b/playbooks/archivematica-centos7/README.md @@ -57,5 +57,12 @@ Deploy](docs/digital-ocean-install-example.rst) document. 6. The ansible playbook `singlenode.yml` specified in the Vagrantfile will provision using the branches of archivematica specfied in the file `vars-singlenode.yml`. Edit this file if need to deploy other branches. +7. If you get errors regarding the Vagrant shared folders, they are usually due +to different versions of VirtualBox. One way to fix it is using a Vagrant +plugin that installs the host's VirtualBox Guest Additions on the guest system: + ``` + $ vagrant plugin install vagrant-vbguest + $ vagrant vbguest + ``` For more archivematica development information, see: https://wiki.archivematica.org/Getting_started diff --git a/playbooks/archivematica-xenial/README.md b/playbooks/archivematica-xenial/README.md index fee59e61..aaf262ab 100644 --- a/playbooks/archivematica-xenial/README.md +++ b/playbooks/archivematica-xenial/README.md @@ -54,5 +54,12 @@ machine. 6. The ansible playbook `singlenode.yml` specified in the Vagrantfile will provision using qa branches of archivematica. To provision using the stable 1.5.x/0.8.x branches, replace "vars-singlenode-qa.yml" with "vars-singlenode-1.5.yml" in `singlenode.yml`. You can also modify create a custom vars file and pass it instead (to modify role variables to deploy custom branches, etc.) +7. If you get errors regarding the Vagrant shared folders, they are usually due +to different versions of VirtualBox. One way to fix it is using a vagrant +plugin that installs the host's VirtualBox Guest Additions on the guest system: + ``` + $ vagrant plugin install vagrant-vbguest + $ vagrant vbguest + ``` For more archivematica development information, see: https://wiki.archivematica.org/Getting_started diff --git a/playbooks/archivematica/README.md b/playbooks/archivematica/README.md index 6a0bebb8..c5a110ab 100644 --- a/playbooks/archivematica/README.md +++ b/playbooks/archivematica/README.md @@ -55,5 +55,10 @@ Deploy](docs/digital-ocean-install-example.rst) document. 6. The ansible playbook `singlenode.yml` specified in the Vagrantfile will provision using stable branches of archivematica. To provision using the qa 1.x/0.x branches, replace "vars-singlenode-1.6.yml" with "vars-singlenode-qa.yml" in `singlenode.yml`. You can also modify create a custom vars file and pass it instead (to modify role variables to deploy custom branches, etc.) +7. If you get errors regarding the Vagrant shared folders, they are usually due to different versions of VirtualBox. One way to fix it is using a Vagrant plugin that installs the host's VirtualBox Guest Additions on the guest system: + ``` + $ vagrant plugin install vagrant-vbguest + $ vagrant vbguest + ``` For more archivematica development information, see: https://wiki.archivematica.org/Getting_started From 60f11415e499193c6c9d2401fefe107047548bc5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Santiago=20Rodr=C3=ADguez?= Date: Thu, 15 Feb 2018 16:06:02 +0100 Subject: [PATCH 5/6] Change owner of shared folder to archivematica uid This fixes the problems when building npm modules --- playbooks/archivematica-centos7/Vagrantfile | 2 +- playbooks/archivematica-xenial/Vagrantfile | 2 +- playbooks/archivematica/Vagrantfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/playbooks/archivematica-centos7/Vagrantfile b/playbooks/archivematica-centos7/Vagrantfile index 6e4b6b75..25088f56 100644 --- a/playbooks/archivematica-centos7/Vagrantfile +++ b/playbooks/archivematica-centos7/Vagrantfile @@ -32,7 +32,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| end # Make the project root available to the guest VM - config.vm.synced_folder '.', '/vagrant' + config.vm.synced_folder '.', '/vagrant', mount_options: ["uid=333", "gid=333"] # Ansible provisioning config.vm.provision :ansible do |ansible| diff --git a/playbooks/archivematica-xenial/Vagrantfile b/playbooks/archivematica-xenial/Vagrantfile index 215ce441..5a1e536e 100644 --- a/playbooks/archivematica-xenial/Vagrantfile +++ b/playbooks/archivematica-xenial/Vagrantfile @@ -31,7 +31,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| end # Make the project root available to the guest VM - config.vm.synced_folder '.', '/vagrant' + config.vm.synced_folder '.', '/vagrant', mount_options: ["uid=333", "gid=333"] # Ansible provisioning config.vm.provision "shell", inline: "sudo apt-get install -y python" diff --git a/playbooks/archivematica/Vagrantfile b/playbooks/archivematica/Vagrantfile index 1a79780c..af41fe1b 100644 --- a/playbooks/archivematica/Vagrantfile +++ b/playbooks/archivematica/Vagrantfile @@ -31,7 +31,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| end # Make the project root available to the guest VM - config.vm.synced_folder '.', '/vagrant' + config.vm.synced_folder '.', '/vagrant', mount_options: ["uid=333", "gid=333"] # Ansible provisioning config.vm.provision :ansible do |ansible| From 86d70f47d025ec9480915a667ab902fc8083f963 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Santiago=20Rodr=C3=ADguez?= Date: Thu, 15 Feb 2018 18:48:43 +0100 Subject: [PATCH 6/6] Fix typo with Extra Packages for Enterprise Linux --- playbooks/archivematica-centos7/singlenode.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/archivematica-centos7/singlenode.yml b/playbooks/archivematica-centos7/singlenode.yml index 84fc14b0..5ee40708 100644 --- a/playbooks/archivematica-centos7/singlenode.yml +++ b/playbooks/archivematica-centos7/singlenode.yml @@ -40,7 +40,7 @@ state: "present" when: ansible_selinux.status == "enabled" - - name: "Enable epel repository" + - name: "Enable EPEL repository" yum: name: "epel-release" state: "latest"