From a7d1172e9325c2cb8d17192865fe7455135bbeef Mon Sep 17 00:00:00 2001 From: Jeff Ohrstrom Date: Wed, 4 Dec 2024 14:04:46 -0500 Subject: [PATCH 1/3] remove build_from_src option --- defaults/main/build.yml | 54 ------------------------- tasks/build.yml | 26 ------------ tasks/deps.yml | 78 ------------------------------------ tasks/install-src.yml | 82 -------------------------------------- tasks/main.yml | 18 --------- templates/locations.ini.j2 | 14 ------- templates/nginx.conf.j2 | 73 --------------------------------- templates/ood-sudoers.j2 | 6 --- 8 files changed, 351 deletions(-) delete mode 100644 defaults/main/build.yml delete mode 100644 tasks/build.yml delete mode 100644 tasks/deps.yml delete mode 100644 tasks/install-src.yml delete mode 100644 templates/locations.ini.j2 delete mode 100644 templates/nginx.conf.j2 delete mode 100644 templates/ood-sudoers.j2 diff --git a/defaults/main/build.yml b/defaults/main/build.yml deleted file mode 100644 index 0c4cd81..0000000 --- a/defaults/main/build.yml +++ /dev/null @@ -1,54 +0,0 @@ -# This file holds defaults when you're building from the source on Debian platforms. - -# flip this flag to instead install from source -install_from_src: false - -ood_source_repo: "https://github.com/OSC/ondemand.git" -ood_source_version: "v2.0.23" -ood_build_dir: "/tmp/ood-build" -ood_source_dir: "{{ ood_build_dir }}/ondemand" -ood_base_apache_dir: "/var/www/ood" -ood_base_dir: "/opt/ood" - -ood_core_libs: -- mod_ood_proxy -- nginx_stage -- ood-portal-generator -- ood_auth_map - -ood_base_apps: -- activejobs -- bc_desktop -- dashboard -- file-editor -- files -- myjobs -- shell - -ruby_lib_dir: "/usr/lib64/ruby/" - -passenger_version: "6.0.7" -nginx_version: "1.18.0" -passenger_tar: "passenger-{{ passenger_version }}.tar.gz" -nginx_tar: "nginx-{{ nginx_version }}-x86_64-linux.tar.gz" -agent_tar: "agent-x86_64-linux.tar.gz" - -passenger_base_url: "https://github.com/phusion/passenger/releases/download" -passenger_release_url: "{{ passenger_base_url }}/release-{{ passenger_version }}" - -passenger_url: "{{ passenger_release_url }}/{{ passenger_tar }}" -passenger_nginx_url: "{{ passenger_release_url }}/{{ nginx_tar }}" -passenger_agent_url: "{{ passenger_release_url }}/{{ agent_tar }}" - -# override when you've built/packaged your own -passenger_remote_dl: true -passenger_src_dir: "{{ ood_build_dir }}/passenger-src" -passenger_lib_dir: "{{ ood_base_dir }}/passenger-lib" -passenger_support_binaries_dir: "{{ passenger_lib_dir }}/support-binaries" -passenger_base_dir: "{{ ood_base_dir }}/passenger" - -g_plus_plus: g++ -sqlite_devel_package: sqlite-devel -ruby_devel_package: ruby-devel -ffi_devel_package: libffi-devel -libz_devel_package: zlib-devel diff --git a/tasks/build.yml b/tasks/build.yml deleted file mode 100644 index 34d8ffc..0000000 --- a/tasks/build.yml +++ /dev/null @@ -1,26 +0,0 @@ -- name: Make a tmp staging directory - ansible.builtin.file: - path: "{{ ood_source_dir }}" - state: directory - mode: 'u=rwx,g=rx,o=rx' - -- name: Get the source code - ansible.builtin.git: - repo: "{{ ood_source_repo }}" - dest: "{{ ood_source_dir }}" - version: "{{ ood_source_version }}" - force: yes - -- name: Clean up to ensure proper build - ansible.builtin.command: rake clean - args: - chdir: "{{ ood_source_dir }}" - changed_when: true - -- name: Build the project (this will take some time) - ansible.builtin.command: "rake build -mj$(nproc) > build.out 2>&1" - args: - chdir: "{{ ood_source_dir }}" - poll: 30 - async: 1200 - changed_when: true diff --git a/tasks/deps.yml b/tasks/deps.yml deleted file mode 100644 index 101939d..0000000 --- a/tasks/deps.yml +++ /dev/null @@ -1,78 +0,0 @@ -- name: Install the os dependencies - ansible.builtin.package: - name: "{{ item }}" - state: present - loop: - - "{{ os_dependencies }}" - when: os_dependencies is defined - -- name: Add Nodesource apt key. - ansible.builtin.apt_key: - url: https://keyserver.ubuntu.com/pks/lookup?op=get&fingerprint=on&search=0x1655A0AB68576280 - id: "68576280" - state: present - when: ansible_os_family == 'Debian' - -- name: Add NodeSource repositories for Node.js. - ansible.builtin.apt_repository: - repo: "{{ item }}" - state: present - with_items: - - "deb https://deb.nodesource.com/node_{{ nodejs_version }}.x {{ ansible_distribution_release }} main" - - "deb-src https://deb.nodesource.com/node_{{ nodejs_version }}.x {{ ansible_distribution_release }} main" - register: node_repo - when: ansible_os_family == 'Debian' - -- name: Fresh debians need to update - ansible.builtin.apt: - update_cache: yes - when: ansible_os_family == 'Debian' - -- name: Install the dependencies - ansible.builtin.package: - name: "{{ item }}" - state: present - loop: - - git - - ruby - - nodejs - - curl - - make - - gcc - - "{{ g_plus_plus }}" - - "{{ ffi_devel_package }}" - - "{{ libz_devel_package }}" - - "{{ apache_package_name }}" - - "{{ sqlite_devel_package }}" - - "{{ ruby_devel_package }}" - -- name: Install the npm on non-Debian - ansible.builtin.package: - name: "{{ item }}" - state: present - loop: - - npm - when: ansible_os_family != 'Debian' - -- name: Install all the gems we need - community.general.gem: - name: "{{ item.name }}" - version: "{{ item.version }}" - state: present - user_install: no - loop: - - { name: 'bundler', version: '2.1.4' } - - { name: 'rake', version: '13.0.3' } - - { name: 'bcrypt', version: '3.1.17' } - -- name: Install apache openidc mod - ansible.builtin.package: - name: "{{ apache_oidc_mod_package }}" - state: present - when: oidc_uri is defined or - oidc_discover_uri is defined or - oidc_discover_root is defined - -- name: Include passenger - ansible.builtin.import_tasks: passenger.yml - become: true diff --git a/tasks/install-src.yml b/tasks/install-src.yml deleted file mode 100644 index 28c39d0..0000000 --- a/tasks/install-src.yml +++ /dev/null @@ -1,82 +0,0 @@ -- name: Make sure base directories exist - ansible.builtin.file: - path: "{{ item }}" - state: directory - owner: root - group: root - mode: 'u=rwx,g=rx,o=rx' - loop: - - "{{ ood_base_apache_dir }}" - - "{{ ood_app_dir }}" - - "{{ ood_sys_app_dir }}" - - "{{ ood_dev_app_dir }}" - - "{{ ood_usr_app_dir }}" - - "{{ ood_base_dir }}" - - "{{ ood_base_apache_dir }}/public" - - "{{ ood_base_apache_dir }}/discover" - - "{{ ood_base_conf_dir }}" - -- name: Make os directories when required - ansible.builtin.file: - path: "{{ item }}" - state: directory - mode: 'u=rwx,g=rx,o=rx' - loop: "{{ os_directories }}" - when: os_directories is defined - -# Have to remove these test directories because they don't copy well. They have -# recursive symlinks that throw OSError: [Errno 40] Too many levels of symbolic links -- name: Rm findit2 test directory - ansible.builtin.file: - path: "{{ ood_source_dir }}/apps/files/{{ item }}" - state: absent - loop: - - "node_modules/findit/test" - - "lib/findit2/test" - -- name: Move apps to their directories - ansible.builtin.copy: - src: "{{ ood_source_dir }}/apps/{{ item }}" - dest: "{{ ood_sys_app_dir }}" - owner: root - group: root - mode: 'u=rwX,g=rX,o=rX' - remote_src: yes - loop: "{{ ood_base_apps }}" - -- name: Move core libs to their directories - ansible.builtin.copy: - src: "{{ ood_source_dir }}/{{ item }}" - dest: "{{ ood_base_dir }}" - owner: root - group: root - mode: 'u=rwX,g=rX,o=rX' - remote_src: yes - loop: "{{ ood_core_libs }}" - -- name: Make nginx config files for core sys apps - ansible.builtin.file: - path: "{{ nginx_apps_dir }}/sys/{{ item }}.conf" - state: touch - owner: root - group: root - mode: 'u=rw,g=r,o=r' - loop: "{{ ood_base_apps }}" - -- name: Make version file - ansible.builtin.copy: - content: "{{ ood_source_version }}" - dest: "{{ ood_base_dir }}/VERSION" - mode: 'u=rw,g=r,o=r' - -- name: Cleanup build logfiles - ansible.builtin.file: - path: "{{ ood_sys_app_dir }}/log/production.log" - state: absent - loop: "{{ ood_base_apps }}" - -- name: Give the apache user rights to nginx_stage - ansible.builtin.template: - src: ood-sudoers.j2 - dest: /etc/sudoers.d/ood - mode: 'u=rw,g=,o=' diff --git a/tasks/main.yml b/tasks/main.yml index 43ae3af..5c0953f 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -11,28 +11,10 @@ ansible.builtin.fail: msg: "unable to find anything in vars/ for this operating system! {{ ansible_distribution }}" -- name: Include dependencies when building from source - ansible.builtin.import_tasks: deps.yml - become: true - tags: [ 'deps' ] - when: install_from_src - -- name: Include built tasks when building from source - ansible.builtin.import_tasks: build.yml - tags: [ 'build' ] - when: install_from_src - -- name: Include install tasks when building from source - ansible.builtin.import_tasks: install-src.yml - become: true - tags: [ 'install' ] - when: install_from_src - - name: Include install tasks when installing package ansible.builtin.import_tasks: install-package.yml become: true tags: [ 'install' ] - when: not install_from_src - name: Include configure tasks when configuring ansible.builtin.import_tasks: configure.yml diff --git a/templates/locations.ini.j2 b/templates/locations.ini.j2 deleted file mode 100644 index b6bfdc5..0000000 --- a/templates/locations.ini.j2 +++ /dev/null @@ -1,14 +0,0 @@ -[locations] -packaging_method=tar -bin_dir={{ passenger_base_dir }}/bin -support_binaries_dir={{ passenger_support_binaries_dir }} -lib_dir={{ passenger_lib_dir }} -helper_scripts_dir={{ passenger_base_dir }}/src/helper-scripts -resources_dir={{ passenger_base_dir }}/resources -include_dir={{ passenger_support_binaries_dir }}/include -doc_dir={{ passenger_base_dir }}/doc -ruby_libdir={{ passenger_base_dir }}/src/ruby_supportlib -node_libdir={{ passenger_base_dir }}/src/nodejs_supportlib -apache2_module_path=/opt/rh/httpd24/root/usr/lib64/httpd/modules/mod_passenger.so -ruby_extension_source_dir={{ passenger_base_dir }}/src/ruby_native_extension/ -nginx_module_source_dir={{ passenger_base_dir }}/src/nginx_module/ diff --git a/templates/nginx.conf.j2 b/templates/nginx.conf.j2 deleted file mode 100644 index cb9afc8..0000000 --- a/templates/nginx.conf.j2 +++ /dev/null @@ -1,73 +0,0 @@ -# {{ ansible_managed }} -# For more information on configuration, see: -# * Official English Documentation: http://nginx.org/en/docs/ -# * Official Russian Documentation: http://nginx.org/ru/docs/ - -user nginx; -worker_processes 1; - -error_log /var/log/ondemand-nginx/error.log; -#error_log /var/log/ondemand-nginx/error.log notice; -#error_log /var/log/ondemand-nginx/error.log info; - -pid /run/ondemand-nginx.pid; - - -events { - worker_connections 1024; -} - - -http { - include /opt/ood/ondemand/root/etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/ondemand-nginx/access.log main; - - sendfile on; - #tcp_nopush on; - - #keepalive_timeout 0; - keepalive_timeout 65; - - #gzip on; - - index index.html index.htm; - - # Load modular configuration files from the /opt/ood/ondemand/root/etc/nginx/conf.d directory. - # See http://nginx.org/en/docs/ngx_core_module.html#include - # for more information. - include /opt/ood/ondemand/root/etc/nginx/conf.d/*.conf; - - server { - listen 80 default_server; - server_name localhost; - root /opt/ood/ondemand/root/usr/share/nginx/html; - - #charset koi8-r; - - #access_log /var/log/ondemand-nginx/host.access.log main; - - # Load configuration files for the default server block. - include /opt/ood/ondemand/root/etc/nginx/default.d/*.conf; - - location / { - } - - # redirect server error pages to the static page /40x.html - # - error_page 404 /404.html; - location = /40x.html { - } - - # redirect server error pages to the static page /50x.html - # - error_page 500 502 503 504 /50x.html; - location = /50x.html { - } - } -} diff --git a/templates/ood-sudoers.j2 b/templates/ood-sudoers.j2 deleted file mode 100644 index abb936e..0000000 --- a/templates/ood-sudoers.j2 +++ /dev/null @@ -1,6 +0,0 @@ -# {{ ansible_managed }} -Defaults:{{ apache_user }} !requiretty, !authenticate -Defaults:{{ apache_user }} env_keep += "NGINX_STAGE_* OOD_*" -{{ apache_user }} ALL=(ALL) NOPASSWD: {{ ood_base_dir }}/nginx_stage/sbin/nginx_stage -Cmnd_Alias KUBECTL = /usr/local/bin/kubectl, /usr/bin/kubectl, /bin/kubectl -Defaults!KUBECTL !syslog From 7c872bc8c342245d6d3c21f924953902c91b9457 Mon Sep 17 00:00:00 2001 From: Jeff Ohrstrom Date: Wed, 4 Dec 2024 14:27:39 -0500 Subject: [PATCH 2/3] rm unused task --- tasks/configure.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/tasks/configure.yml b/tasks/configure.yml index 277b4b1..0f8102d 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -1,10 +1,3 @@ -- name: Template passenger locations ini file - ansible.builtin.template: - src: "locations.ini.j2" - dest: "{{ passenger_lib_dir }}/locations.ini" - mode: 'u=rw,g=r,o=r' - when: install_from_src - - name: Template apache file ansible.builtin.template: src: "{{ item.src }}" From d201b05839293f200a29f798f86e31e780a74895 Mon Sep 17 00:00:00 2001 From: Jeff Ohrstrom Date: Wed, 4 Dec 2024 14:51:31 -0500 Subject: [PATCH 3/3] keep these variables --- defaults/main/install.yml | 2 ++ defaults/main/ood_portal.yml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/defaults/main/install.yml b/defaults/main/install.yml index 5411b9a..938e734 100644 --- a/defaults/main/install.yml +++ b/defaults/main/install.yml @@ -44,3 +44,5 @@ ondemand_dex_package: ondemand-dex # behaviour as for ondemand_package disable_htcacheclean: false nodejs_version: 18 ruby_version: 3.1 + +ood_base_apache_dir: "/var/www/ood" diff --git a/defaults/main/ood_portal.yml b/defaults/main/ood_portal.yml index 8f89d9e..f1d9f94 100644 --- a/defaults/main/ood_portal.yml +++ b/defaults/main/ood_portal.yml @@ -45,6 +45,8 @@ httpd_auth: - RequestHeader unset Authorization - Require valid-user +ood_base_dir: '/opt/ood' + lua_root: "{{ ood_base_dir }}/mod_ood_proxy/lib" lua_log_level: info