Permalink
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
299 lines (256 sloc) 8.49 KB
---
- name: Download nexus_package
get_url:
url: "http://download.sonatype.com/nexus/3/{{ nexus_package }}"
dest: "{{ nexus_download_dir }}/{{ nexus_package }}"
force: no
- name: Ensure Nexus o/s group exists
group:
name: "{{ nexus_os_group }}"
state: present
- name: Ensure Nexus o/s user exists
user:
name: "{{ nexus_os_user }}"
group: "{{ nexus_os_group }}"
shell: "/bin/bash"
state: present
- name: Ensure Nexus installation directory exists
file:
path: "{{ nexus_installation_dir }}"
state: "directory"
- name: Unpack Nexus download
unarchive:
src: "{{ nexus_download_dir }}/{{ nexus_package }}"
dest: "{{ nexus_installation_dir }}"
creates: "{{ nexus_installation_dir }}/nexus-{{ nexus_version }}"
force: no
copy: false
- name: Check if SystemD service is installed
stat:
path: /etc/systemd/system/nexus.service
register: nexus_systemd_service_file
- name: Stop systemd service
shell: 'systemctl stop nexus.service'
when: nexus_systemd_service_file.stat.exists
- name: Update symlink nexus-latest
file:
path: "{{ nexus_installation_dir }}/nexus-latest"
src: "{{ nexus_installation_dir }}/nexus-{{ nexus_version }}"
owner: "{{ nexus_os_user }}"
group: "{{ nexus_os_group }}"
state: link
register: nexus_latest_version
- name: Delete unpacked data directory
file:
path: "{{ nexus_installation_dir }}/nexus-latest/data"
state: absent
- name: Get path to default settings
set_fact:
nexus_default_settings_file: "{{ nexus_installation_dir }}/nexus-latest/etc/org.sonatype.nexus.cfg"
when: nexus_version < '3.1.0'
- name: Get path to default settings
set_fact:
nexus_default_settings_file: "{{ nexus_installation_dir }}/nexus-latest/etc/nexus-default.properties"
when: nexus_version >= '3.1.0'
- name: Get application settings directories
set_fact:
nexus_app_dir_settings_dirs:
- "{{ nexus_installation_dir }}/nexus-latest/etc"
when: nexus_version < '3.1.0'
- name: Get application settings directories
set_fact:
nexus_app_dir_settings_dirs:
- "{{ nexus_installation_dir }}/nexus-latest/etc"
- "{{ nexus_installation_dir }}/nexus-latest/etc/karaf"
- "{{ nexus_installation_dir }}/nexus-latest/etc/jetty"
- "{{ nexus_installation_dir }}/nexus-latest/etc/fabric"
- "{{ nexus_installation_dir }}/nexus-latest/etc/logback"
- "{{ nexus_installation_dir }}/nexus-latest/etc/scripts"
when: nexus_version >= '3.1.0'
- name: Allow nexus to create first-time install configuration files in {{ nexus_installation_dir }}/nexus-latest/etc
file:
path: "{{ item }}"
state: "directory"
owner: "{{ nexus_os_user }}"
group: "{{ nexus_os_group }}"
mode: "0755"
recurse: false
with_items: "{{ nexus_app_dir_settings_dirs }}"
- name: Create Nexus data directory
file:
path: "{{ nexus_data_dir }}"
state: "directory"
owner: "{{ nexus_os_user }}"
group: "{{ nexus_os_group }}"
- name: Setup Nexus data directory
lineinfile:
dest: "{{ nexus_installation_dir }}/nexus-latest/bin/nexus.vmoptions"
regexp: "^-Dkaraf.data=.*"
line: "-Dkaraf.data={{ nexus_data_dir }}"
- name: Setup JVM logfile directory
lineinfile:
dest: "{{ nexus_installation_dir }}/nexus-latest/bin/nexus.vmoptions"
regexp: "^-XX:LogFile=.*"
line: "-XX:LogFile={{ nexus_data_dir }}/log/jvm.log"
- name: Setup Nexus default timezone
lineinfile:
dest: "{{ nexus_installation_dir }}/nexus-latest/bin/nexus.vmoptions"
regexp: "^-Duser.timezone=.*"
line: "-Duser.timezone={{ nexus_timezone }}"
- name: Create Nexus tmp/backup directory
file:
path: "{{ item }}"
state: "directory"
owner: "{{ nexus_os_user }}"
group: "{{ nexus_os_group }}"
with_items:
- "{{ nexus_tmp_dir }}"
- "{{ nexus_backup_dir }}"
- name: Setup Nexus tmp directory
lineinfile:
dest: "{{ nexus_installation_dir }}/nexus-latest/bin/nexus.vmoptions"
regexp: "^-Djava.io.tmpdir=.*"
line: "-Djava.io.tmpdir={{ nexus_tmp_dir }}"
- name: Set NEXUS_HOME for the service user
lineinfile:
dest: "/home/{{ nexus_os_user }}/.bashrc"
regexp: "^export NEXUS_HOME=.*"
line: "export NEXUS_HOME={{ nexus_installation_dir }}/nexus-latest"
- name: Set nexus user
lineinfile:
dest: "{{ nexus_installation_dir }}/nexus-latest/bin/nexus.rc"
regexp: ".*run_as_user=.*"
line: "run_as_user=\"{{ nexus_os_user }}\""
- name: Set nexus port
lineinfile:
dest: "{{ nexus_default_settings_file }}"
regexp: "^application-port=.*"
line: "application-port={{ nexus_default_port }}"
- name: Set nexus context path
lineinfile:
dest: "{{ nexus_default_settings_file }}"
regexp: "^nexus-context-path=.*"
line: "nexus-context-path={{ nexus_default_context_path }}"
- name: Bind nexus service to 127.0.0.1 only
lineinfile:
dest: "{{ nexus_default_settings_file }}"
regexp: "^application-host=.*"
line: "application-host=127.0.0.1"
when: httpd_setup_enable
- name: Create systemd service configuration
template:
src: "nexus.service"
dest: "/etc/systemd/system"
# systemd available from ansible 2.2 only
# - name: Enable nexus service
# systemd: name=nexus daemon_reload=yes enabled=yes state=started
- name: "Register scripts to be deployed"
set_fact:
nexus_deployed_scripts:
- nexus-blob-backup.sh
- nexus-blob-restore.sh
- name: "Deploy scripts"
template:
src: "{{ item }}.j2"
dest: "{{ nexus_script_dir }}/{{ item }}"
mode: 0755
with_items: "{{ nexus_deployed_scripts }}"
- name: "Symlink scripts to /sbin"
file:
src: "{{ nexus_script_dir }}/{{ item }}"
dest: "/sbin/{{ item }}"
state: link
with_items: "{{ nexus_deployed_scripts }}"
- name: 'Check if data directory is empty (first-time install)'
command: "ls {{ nexus_data_dir }}"
register: nexus_data_dir_contents
- name: Clean cache for upgrade process
file:
path: "{{ nexus_data_dir }}/clean_cache"
state: touch
when: nexus_latest_version.changed and nexus_data_dir_contents.stdout != ""
- name: Reload systemd service configuration
shell: 'systemctl daemon-reload'
- name: Enable systemd service
shell: 'systemctl enable nexus.service'
- name: Restart systemd service
shell: 'systemctl restart nexus.service'
- name: Waiting for Nexus service to be ready...
wait_for:
path: "{{ nexus_data_dir }}/log/nexus.log"
search_regex: "Started Sonatype Nexus OSS .*"
timeout: 1800
- name: Waiting for nexus to be ready...
wait_for:
port: "{{ nexus_default_port }}"
delay: 5
- name: Chown configuration files from {{ nexus_installation_dir }}/nexus-latest/etc back to root
file:
path: "{{ nexus_installation_dir }}/nexus-latest/etc"
owner: "root"
group: "root"
mode: "0644"
recurse: true
- name: Prevent nexus to create any new configuration files in {{ nexus_installation_dir }}/nexus-latest/etc
file:
path: "{{ item }}"
state: "directory"
owner: "root"
group: "root"
mode: "0755"
recurse: false
with_items: "{{ nexus_app_dir_settings_dirs }}"
- name: First-time install admin password
set_fact:
current_nexus_admin_password: 'admin123'
when: nexus_data_dir_contents.stdout == ""
- name: Subsequent re-provision admin password
set_fact:
current_nexus_admin_password: "{{ nexus_admin_password }}"
when: nexus_data_dir_contents.stdout != ""
no_log: true
- include: declare_script_each.yml
with_items:
- update_admin_password
- setup_ldap
- setup_anonymous_access
- setup_base_url
- setup_capability
- setup_http_proxy
- setup_role
- setup_privilege
- setup_user
- delete_repo
- delete_blobstore
- create_blobstore
- create_repo_maven_proxy
- create_repo_maven_group
- create_repo_maven_hosted
- create_repo_docker_hosted
- create_repo_docker_proxy
- create_repo_docker_group
- create_repo_pypi_hosted
- create_repo_pypi_proxy
- create_repo_pypi_group
- create_repo_raw_hosted
- create_repo_raw_proxy
- create_repo_raw_group
- create_repo_rubygems_hosted
- create_repo_rubygems_proxy
- create_repo_rubygems_group
- create_repo_bower_hosted
- create_repo_bower_proxy
- create_repo_bower_group
- create_repo_npm_hosted
- create_repo_npm_proxy
- create_repo_npm_group
- create_repo_gitlfs_hosted
- create_task
- name: "Config nexus-backup shell cron"
cron:
name: "Backup nexus Blobstore"
minute: "1"
hour: "21"
job: "/sbin/nexus-blob-backup.sh 2>&1 | tee {{ nexus_backup_log }}"
state: present
user: "root"