Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
---
- name: Add the lockss group.
group:
name: lockss
state: present
- name: Add the lockss user.
user:
name: lockss
state: present
group: lockss
comment: LOCKSS
- name: Add the lockss user to the docker group.
user:
name: lockss
state: present
groups: docker
append: true
- name: Check the storage driver used by Docker.
command:
cmd: docker info -f {% raw %}'{{.Driver}}'{% endraw %}
check_mode: false
changed_when: false
register: r
- name: Ensure Docker is using the OverlayFS storage driver.
assert:
that: r.stdout == "overlay2"
quiet: true
- name: Init a new swarm with default parameters.
docker_swarm:
state: present
advertise_addr: lo
- name: Install pystache (Ubuntu).
package:
name: python3-pystache=0.5.*
state: present
when: ansible_distribution == "Ubuntu"
- name: Create symlink for pystache (Ubuntu).
file:
src: /usr/bin/pystache3
dest: /usr/local/bin/pystache
owner: root
state: link
when: ansible_distribution == "Ubuntu"
- name: Install pystache (CentOS).
vars:
ansible_python_interpreter: python3
pip:
name:
- pystache>=0.5,<1.0
state: present
when: ansible_distribution == "CentOS"
- name: Install python-pkg-resources (Ubuntu).
package:
name:
- python3-pkg-resources
state: present
when: ansible_distribution == "Ubuntu"
- name: Install git.
package:
name: git
state: present
- name: Create LOCKSS source directory.
file:
path: /usr/src/lockss
state: directory
owner: lockss
mode: 0755
- name: Pull LOCKSS repository.
git:
repo: https://github.com/lockss/lockss-installer
dest: /usr/src/lockss
version: "{{ lockss_git_version }}"
depth: 1
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
become_user: lockss
- name: Install ifconfig.
package:
name: net-tools
state: present
- name: Install LOCKSS configuration.
copy:
dest: /usr/src/lockss/config/config.info
owner: lockss
mode: 0644
content: |
LOCKSS_CONFIG_VERSION=2
LOCKSS_USER=lockss
LOCKSS_HOSTNAME={{ lockss_hostname }}
LOCKSS_IPADDR={{ lockss_ipaddr }}
LOCKSS_EXTERNAL_IPADDR={{ lockss_external_ipaddr | default }}
LOCKSS_V3_PORT=9729
LOCKSS_ACCESS_SUBNET={{ lockss_access_subnet }}
LOCKSS_MAILHUB={{ lockss_mailhub_user | default("localhost") }}
LOCKSS_MAILHUB_USER={{ lockss_mailhub_user | default }}
LOCKSS_MAILHUB_PASSWORD={{ lockss_mailhub_user | default }}
LOCKSS_EMAIL={{ lockss_admin_email }}
LOCKSS_PROPS_URL=http://props.lockss.org:8001/demo/lockss.xml
LOCKSS_PROPS_PROXY=NONE
LOCKSS_PROPS_SERVER_AUTHENTICATE_KEYSTORE=
LOCKSS_TEST_GROUP=demo
LOCKSS_DATA_DIR=/var/lib/lockss
LOCKSS_LOGS_DIR=/var/log/lockss
LOCKSS_ADMIN_USER={{ lockss_ui_user }}
LOCKSS_ADMIN_PASSWD=SHA-256:{{ lockss_ui_password | hash('sha256') }}
LOCKSS_DB_PASSWD=SHA-256:{{ lockss_db_password | hash('sha256') }}
LOCKSS_PROXY_PORT=24670
LOCKSS_TMPDIR=/var/lib/lockss/tmp
LOCKSS_CLEAR_TMPDIR=yes
- name: Add Docker secret for UI password.
vars:
ansible_python_interpreter: python3
docker_secret:
name: lockss_ui_pass
state: present
data: "{{ lockss_ui_password }}"
- name: Add Docker secret for database password.
vars:
ansible_python_interpreter: python3
docker_secret:
name: lockss-postgres-pass
state: present
data: "{{ lockss_db_password }}"
- name: Create LOCKSS data directories.
file:
path: "{{ item }}"
state: directory
owner: lockss
mode: 0700
loop:
- /var/lib/lockss
- /var/lib/lockss/tmp
- name: Create LOCKSS log directory.
file:
path: /var/log/lockss
state: directory
owner: lockss
group: adm
mode: 02770
# FIXME: These are not idempotent.
# FIXME: This could probably be a handler.
- name: Build LOCKSS configuration.
command:
cmd: scripts/generate-lockss
chdir: /usr/src/lockss
become_user: lockss
# FIXME: LOCKSS's scripts are yucky. Should we care?
- name: Stop running LOCKSS containers.
command:
cmd: scripts/shutdown-lockss
chdir: /usr/src/lockss
become_user: lockss
- name: Assemble LOCKSS containers.
command:
cmd: scripts/assemble-lockss
chdir: /usr/src/lockss
become_user: lockss
- name: Deploy LOCKSS containers.
command:
cmd: scripts/deploy-lockss
chdir: /usr/src/lockss