From 22315f80b6bb65afd003232f83de22b053084879 Mon Sep 17 00:00:00 2001 From: Matthew Green Date: Sat, 11 Feb 2017 10:51:36 +0000 Subject: [PATCH] ensuring rundeck installs across various versions and OSs, includes fixes for #23 and #14 --- .gitignore | 4 ++++ tasks/install_debian.yml | 31 ++++++++++++++--------------- tasks/install_redhat.yml | 4 ++-- tasks/users.yml | 17 +++++++++++----- tests/default_test.yml | 8 +------- tests/vagrant-centos65/Vagrantfile | 7 +++---- tests/vagrant-centos70/Vagrantfile | 5 ++--- tests/vagrant-precise64/Vagrantfile | 6 +++--- tests/vagrant-trusty64/Vagrantfile | 5 ++--- tests/vagrant-xenial64/Vagrantfile | 21 +++++++++++-------- vars/main.yml | 1 - 11 files changed, 57 insertions(+), 52 deletions(-) diff --git a/.gitignore b/.gitignore index 2524c0d..feb4cc5 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,7 @@ # Vagrant generated files and folders .vagrant +*.log + +# Ansible files +*.retry diff --git a/tasks/install_debian.yml b/tasks/install_debian.yml index c8baa75..7851885 100644 --- a/tasks/install_debian.yml +++ b/tasks/install_debian.yml @@ -1,14 +1,15 @@ --- # Debian based OS -- name: Rundeck | Install supporting packages +- name: Debian | Install supporting packages apt: name: "{{ item }}" state: present become: yes with_items: - python-pip + - python-setuptools -- name: Rundeck | Install supporting python packages +- name: Debian | Install supporting python packages pip: name: "{{ item }}" state: present @@ -16,7 +17,7 @@ with_items: - httplib2 -- name: Rundeck | Add Bintray GPG key for rundeck repo +- name: Debian | Add Bintray GPG key for rundeck repo apt_key: id: 379CE192D401AB61 url: https://bintray.com/user/downloadSubjectPublicKey?username=bintray @@ -25,7 +26,7 @@ - install - packages -- name: Rundeck | Add Rundeck Build GPG key +- name: Debian | Add Debian Build GPG key apt_key: id: 85E9DBC74FCB329EDEDADD2E90770E1BE2D1065B url: http://rundeck.org/keys/BUILD-GPG-KEY-Rundeck.org.key @@ -34,20 +35,18 @@ - install - packages -- name: Rundeck | Add Rundeck APT repository on Bintray +- name: Debian | Add Debian APT repository on Bintray apt_repository: repo: 'deb http://dl.bintray.com/rundeck/rundeck-deb /' - filename: rundeck tags: - rundeck - install - packages -- name: Rundeck | install from APT repository +- name: Debian | install from APT repository apt: name: rundeck state: present - allow_unauthenticated: yes #FIXME: https://github.com/rundeck/rundeck/issues/93 notify: - systemd daemon-reload - restart rundeck @@ -56,7 +55,7 @@ - install - packages -- name: Rundeck | check upstart configuration exists +- name: Debian | check upstart configuration exists register: upstart_config stat: path: /etc/init/rundeckd.conf @@ -67,7 +66,7 @@ - install - packages -- name: Rundeck | remove System V init.d script if upstart config exists +- name: Debian | remove System V init.d script if upstart config exists file: path: /etc/init.d/rundeckd state: absent @@ -77,7 +76,7 @@ - install - packages -- name: Rundeck | add systemd service helper +- name: Debian | add systemd service helper copy: src: systemd/rundeck-start dest: /usr/bin/rundeck-start @@ -90,7 +89,7 @@ - install - packages -- name: Rundeck | add systemd service unit +- name: Debian | add systemd service unit copy: src: systemd/rundeckd.service dest: /etc/systemd/system/rundeckd.service @@ -105,7 +104,7 @@ - install - packages -- name: Rundeck | ensure service log directory has correct ownership +- name: Debian | ensure service log directory has correct ownership file: path: /var/log/rundeck owner: rundeck @@ -115,7 +114,7 @@ - install - packages -- name: Rundeck | See if there are more log files +- name: Debian | See if there are more log files find: paths: /var/log/rundeck file_type: file @@ -126,13 +125,13 @@ - install - packages -- name: Rundeck | ensure service log files have correct ownership +- name: Debian | ensure service log files have correct ownership file: path: "{{ item.path }}" owner: rundeck state: file with_items: - "{{ rundeck_logfiles.files }}" + "{{ rundeck_logfiles.files|default([]) }}" tags: - rundeck - install diff --git a/tasks/install_redhat.yml b/tasks/install_redhat.yml index 62b7403..85c4aaf 100644 --- a/tasks/install_redhat.yml +++ b/tasks/install_redhat.yml @@ -1,6 +1,6 @@ --- # Redhat based OS -- name: Rundeck | get rundeck rpm +- name: Redhat | get rundeck rpm yum: name: http://repo.rundeck.org/latest.rpm state: present @@ -10,7 +10,7 @@ - install - packages -- name: Rundeck | get rundeck rpm +- name: Redhat | get rundeck rpm yum: name: rundeck state: present diff --git a/tasks/users.yml b/tasks/users.yml index e33e604..1e0a11d 100644 --- a/tasks/users.yml +++ b/tasks/users.yml @@ -1,17 +1,24 @@ # Should ideally create user passwords dynamically like the following but failing: -- name: Rundeck | encode users password - shell: "java -cp {{ rundeck_jetty_jar }} org.eclipse.jetty.util.security.Password {{ item.name }} {{ item.password }} 2>&1 | grep MD5" +- name: Users | determine jetty jar + find: + paths: "/var/lib/rundeck/bootstrap/" + patterns: "^jetty-all-.*.jar$" + use_regex: True + register: rundeck_jetty_jar + +- name: Users | encode users password + shell: "java -cp {{ rundeck_jetty_jar.files[0].path }} org.eclipse.jetty.util.security.Password {{ item.name }} {{ item.password }} 2>&1 | grep MD5" become: True register: rundeck_encoded_users - when: rundeck_users|length > 0 + when: rundeck_jetty_jar|success and rundeck_users|length > 0 with_items: "{{ rundeck_users }}" -- name: Rundeck | update basic security to have users +- name: Users | update basic security to have users template: src: realm.properties.j2 dest: /etc/rundeck/realm.properties owner: rundeck - group: rundeck + group: rundeck when: rundeck_users|length > 0 and rundeck_encoded_users|success notify: - restart rundeck diff --git a/tests/default_test.yml b/tests/default_test.yml index 9cef661..f5d949d 100644 --- a/tests/default_test.yml +++ b/tests/default_test.yml @@ -2,16 +2,10 @@ - name: Bootstrap python hosts: rundeck-servers become: yes - gather_facts: no - tasks: - - name: Setup | Are we on Debian? - raw: 'lsb_release -si' - register: lsb_release - - name: Setup | Bootstrap on Debian raw: 'apt-get update && apt-get --no-install-recommends -yq install python python-apt' - when: lsb_release.stdout == "Ubuntu\r\n" or lsb_release.stdout == "Debian\r\n" + when: ansible_os_family == "Ubuntu" or ansible_os_family == "Debian" - name: test default values deployment hosts: rundeck-servers diff --git a/tests/vagrant-centos65/Vagrantfile b/tests/vagrant-centos65/Vagrantfile index c7f18a8..7029d29 100644 --- a/tests/vagrant-centos65/Vagrantfile +++ b/tests/vagrant-centos65/Vagrantfile @@ -1,7 +1,7 @@ # -*- mode: ruby -*- # vi: set ft=ruby : -IP_ADDRESS = "33.33.33.65" +IP_ADDRESS = "172.16.0.16" HTTP_PORT = 8065 HTTPS_PORT = 8465 @@ -29,8 +29,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| ## Provision via ansible using the defaults: config.vm.provision "ansible" do |ansible| ansible.extra_vars = { - environment: "vagrant", - rundeck_domain: "localhost:8065", + rundeck_domain: "localhost:#{HTTP_PORT}", java_packages: [ "java-1.7.0-openjdk" ] } ansible.groups = { @@ -38,7 +37,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| } ansible.playbook = "../#{PLAYBOOK}" ansible.host_key_checking = false - ansible.verbose = "v" + ansible.verbose = "vv" # use ANSIBLE_KEEP_REMOTE_FILES=1 to debug execution end end diff --git a/tests/vagrant-centos70/Vagrantfile b/tests/vagrant-centos70/Vagrantfile index 9f2d8d7..a2606bc 100644 --- a/tests/vagrant-centos70/Vagrantfile +++ b/tests/vagrant-centos70/Vagrantfile @@ -1,7 +1,7 @@ # -*- mode: ruby -*- # vi: set ft=ruby : -IP_ADDRESS = "33.33.33.66" +IP_ADDRESS = "172.16.0.17" HTTP_PORT = 8066 HTTPS_PORT = 8466 @@ -30,8 +30,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| ## Provision via ansible using the defaults: config.vm.provision "ansible" do |ansible| ansible.extra_vars = { - environment: "vagrant", - rundeck_domain: "localhost:8066", + rundeck_domain: "localhost:#{HTTP_PORT}", java_packages: [ "java-1.7.0-openjdk" ] } ansible.groups = { diff --git a/tests/vagrant-precise64/Vagrantfile b/tests/vagrant-precise64/Vagrantfile index 0610899..23d9ecf 100644 --- a/tests/vagrant-precise64/Vagrantfile +++ b/tests/vagrant-precise64/Vagrantfile @@ -1,7 +1,7 @@ # -*- mode: ruby -*- # vi: set ft=ruby : -IP_ADDRESS = "33.33.33.67" +IP_ADDRESS = "172.16.0.18" HTTP_PORT = 8067 HTTPS_PORT = 8467 @@ -29,7 +29,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| ## Provision via ansible using the defaults: config.vm.provision "ansible" do |ansible| ansible.extra_vars = { - rundeck_domain: "localhost:8067", + rundeck_domain: "localhost:#{HTTP_PORT}", java_packages: [ "openjdk-7-jre-headless" ] } ansible.groups = { @@ -37,7 +37,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| } ansible.playbook = "../#{PLAYBOOK}" ansible.host_key_checking = false - ansible.verbose = "vvvv" + ansible.verbose = "v" # use ANSIBLE_KEEP_REMOTE_FILES=1 to debug execution end end diff --git a/tests/vagrant-trusty64/Vagrantfile b/tests/vagrant-trusty64/Vagrantfile index 0d95dfb..91015cb 100644 --- a/tests/vagrant-trusty64/Vagrantfile +++ b/tests/vagrant-trusty64/Vagrantfile @@ -1,7 +1,7 @@ # -*- mode: ruby -*- # vi: set ft=ruby : -IP_ADDRESS = "33.33.33.68" +IP_ADDRESS = "172.16.0.19" HTTP_PORT = 8068 HTTPS_PORT = 8468 @@ -29,8 +29,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| ## Provision via ansible using the defaults: config.vm.provision "ansible" do |ansible| ansible.extra_vars = { - environment: "vagrant", - rundeck_domain: "localhost:8068", + rundeck_domain: "localhost:#{HTTP_PORT}", java_packages: [ "openjdk-7-jre-headless" ] } ansible.groups = { diff --git a/tests/vagrant-xenial64/Vagrantfile b/tests/vagrant-xenial64/Vagrantfile index a97454b..f6868f5 100644 --- a/tests/vagrant-xenial64/Vagrantfile +++ b/tests/vagrant-xenial64/Vagrantfile @@ -1,9 +1,13 @@ # -*- mode: ruby -*- # vi: set ft=ruby : -IP_ADDRESS = "33.33.33.68" -HTTP_PORT = 8068 -HTTPS_PORT = 8468 +# Install the following if boxes fails to boot: +# vagrant plugin install vagrant-vbguest + + +IP_ADDRESS = "172.16.0.20" +HTTP_PORT = 8069 +HTTPS_PORT = 8469 PLAYBOOK = ENV['PLAYBOOK'] || 'default_test.yml' @@ -13,24 +17,25 @@ VAGRANTFILE_API_VERSION = "2" Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| # Every Vagrant virtual environment requires a box to build off of. - config.vm.box = "ubuntu/xenial64" + config.vm.box = "bento/ubuntu-16.04" # "boxcutter/ubuntu1604" # "ubuntu/xenial64" # ## identifier config.vm.hostname = "vagrant-ansible-rundeck-xenial64" ## Network - config.vm.network "private_network", ip: IP_ADDRESS + config.vm.network "private_network", ip: IP_ADDRESS, auto_config: false config.vm.network "forwarded_port", guest: 4440, host: HTTP_PORT # Web server config.vm.network "forwarded_port", guest: 443, host: HTTPS_PORT # Secure web server ## virtual box specification config.vm.provider "virtualbox" do |v| v.customize ["modifyvm", :id, "--cpuexecutioncap", "50"] - v.customize ["modifyvm", :id, "--memory", 1024] + v.customize ["modifyvm", :id, "--memory", 2048] + v.customize ["modifyvm", :id, "--cableconnected1", "on"] + v.customize ["modifyvm", :id, "--nictype1", "virtio"] end ## Provision via ansible using the defaults: config.vm.provision "ansible" do |ansible| ansible.extra_vars = { - environment: "vagrant", - rundeck_domain: "localhost:8068", + rundeck_domain: "localhost:#{HTTP_PORT}", java_packages: [ "openjdk-8-jre-headless" ] } ansible.groups = { diff --git a/vars/main.yml b/vars/main.yml index b149710..39ff98b 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -1,6 +1,5 @@ --- # The following may be stable or change overtime - TBD -rundeck_jetty_jar: /var/lib/rundeck/bootstrap/jetty-all-7.6.0.v20120127.jar rundeck_home_dir: /var/lib/rundeck rundeck_conf_dir: /etc/rundeck rundeck_user: rundeck