Commit b8c3f99d authored by BENJAMIN ERIC HOMAN's avatar BENJAMIN ERIC HOMAN Committed by Stephen Seltzer

roles for windows 10

parent c6571c57
# -*- mode: ruby -*-
# vi: set ft=ruby :
# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
# All Vagrant configuration is done here. The most common configuration
# options are documented and commented below. For a complete reference,
# please see the online documentation at vagrantup.com.
# Every Vagrant virtual environment requires a box to build off of.
config.vm.box = "centos-6.4-32"
# Disable automatic box update checking. If you disable this, then
# boxes will only be checked for updates when the user runs
# `vagrant box outdated`. This is not recommended.
# config.vm.box_check_update = false
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine. In the example below,
# accessing "localhost:8080" will access port 80 on the guest machine.
config.vm.network "forwarded_port", guest: 8080, host: 8080
config.vm.network "forwarded_port", guest: 8787, host: 8787
config.vm.network "forwarded_port", guest: 9990, host: 9990
config.vm.network "forwarded_port", guest: 9999, host: 9999
# Create a private network, which allows host-only access to the machine
# using a specific IP.
config.vm.network "private_network", ip: "192.168.33.101"
# Create a public network, which generally matched to bridged network.
# Bridged networks make the machine appear as another physical device on
# your network.
# config.vm.network "public_network"
# If true, then any SSH connections made will enable agent forwarding.
# Default value: false
# config.ssh.forward_agent = true
# Share an additional folder to the guest VM. The first argument is
# the path on the host to the actual folder. The second argument is
# the path on the guest to mount the folder. And the optional third
# argument is a set of non-required options.
# config.vm.synced_folder "../data", "/vagrant_data"
# Provider-specific configuration so you can fine-tune various
# backing providers for Vagrant. These expose provider-specific options.
# Example for VirtualBox:
#
# config.vm.provider "virtualbox" do |vb|
# # Don't boot with headless mode
# vb.gui = true
#
# # Use VBoxManage to customize the VM. For example to change memory:
# vb.customize ["modifyvm", :id, "--memory", "1024"]
# end
#
# View the documentation for the provider you're using for more
# information on available options.
config.vm.provider :virtualbox do |vb|
vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
end
# Configure VM Ram usage
config.vm.provider :virtualbox do |vb|
vb.customize ["modifyvm", :id, "--memory", "1024"]
end
# Enable provisioning with a Shell script
# config.vm.provision :shell, path: "bootstrap.sh"
# Enable provisioning with Ansible
config.vm.provision :ansible do |ansible|
ansible.playbook = "playbook.yml"
ansible.groups = {
"vagrant" => ["default"],
}
end
# Enable provisioning with CFEngine. CFEngine Community packages are
# automatically installed. For example, configure the host as a
# policy server and optionally a policy file to run:
#
# config.vm.provision "cfengine" do |cf|
# cf.am_policy_hub = true
# # cf.run_file = "motd.cf"
# end
#
# You can also configure and bootstrap a client to an existing
# policy server:
#
# config.vm.provision "cfengine" do |cf|
# cf.policy_server_address = "10.0.2.15"
# end
# Enable provisioning with Puppet stand alone. Puppet manifests
# are contained in a directory path relative to this Vagrantfile.
# You will need to create the manifests directory and a manifest in
# the file default.pp in the manifests_path directory.
#
# config.vm.provision "puppet" do |puppet|
# puppet.manifests_path = "manifests"
# puppet.manifest_file = "default.pp"
# end
# Enable provisioning with chef solo, specifying a cookbooks path, roles
# path, and data_bags path (all relative to this Vagrantfile), and adding
# some recipes and/or roles.
#
# config.vm.provision "chef_solo" do |chef|
# chef.cookbooks_path = "../my-recipes/cookbooks"
# chef.roles_path = "../my-recipes/roles"
# chef.data_bags_path = "../my-recipes/data_bags"
# chef.add_recipe "mysql"
# chef.add_role "web"
#
# # You may also specify custom JSON attributes:
# chef.json = { mysql_password: "foo" }
# end
# Enable provisioning with chef server, specifying the chef server URL,
# and the path to the validation key (relative to this Vagrantfile).
#
# The Opscode Platform uses HTTPS. Substitute your organization for
# ORGNAME in the URL and validation key.
#
# If you have your own Chef Server, use the appropriate URL, which may be
# HTTP instead of HTTPS depending on your configuration. Also change the
# validation key to validation.pem.
#
# config.vm.provision "chef_client" do |chef|
# chef.chef_server_url = "https://api.opscode.com/organizations/ORGNAME"
# chef.validation_key_path = "ORGNAME-validator.pem"
# end
#
# If you're using the Opscode platform, your validator client is
# ORGNAME-validator, replacing ORGNAME with your organization name.
#
# If you have your own Chef Server, the default validation client name is
# chef-validator, unless you changed the configuration.
#
# chef.validation_client_name = "ORGNAME-validator"
end
[defaults]
roles_path = ../../roles
---
# file: security_service.yml
- hosts: vagrant
sudo: yes
roles:
- { role: base }
- { role: java8 }
- { role: wildfly10 }
---
# file: roles/wildfly10/defaults/main.yml
wildfly_user_home: no
connect
if (outcome == failed) of /subsystem=security/security-domain=psu-jaspi-security-domain:read-resource
/subsystem=security/security-domain=psu-jaspi-security-domain:add(cache-type=default)
end-if
if (outcome == failed) of /subsystem=security/security-domain=psu-jaspi-security-domain/authentication=jaspi:read-resource
/subsystem=security/security-domain=psu-jaspi-security-domain/authentication=jaspi:add( \
auth-modules=[ \
{"code"=>"Dummy", "login-module-stack-ref"=>"psu-lm-stack", "flag"=>"required"} \
] \
)
/subsystem=security/security-domain=psu-jaspi-security-domain/authentication=jaspi/login-module-stack=psu-lm-stack:add( \
login-modules=[ { \
"code"=>"edu.psu.javaee.security.login.DummyLoginModule", \
"flag"=>"optional" \
} ], \
operation-headers={"allow-resource-service-restart"=>"true"} \
)
end-if
connect
/subsystem=ejb3:write-attribute(name=default-slsb-instance-pool,value=slsb-strict-max-pool)
connect
deploy --force /usr/share/java/postgresql92-jdbc.jar
connect
/interface=management:undefine-attribute(name=inet-address)
/interface=management:write-attribute(name=any-address,value=true)
/interface=public:undefine-attribute(name=inet-address)
/interface=public:write-attribute(name=any-address,value=true)
/interface=unsecure:undefine-attribute(name=inet-address)
/interface=unsecure:write-attribute(name=any-address,value=true)
reload
\ No newline at end of file
connect
try
/subsystem=logging/logger=edu.psu:add(category=edu.psu,level=DEBUG)
catch
/subsystem=logging/logger=edu.psu:remove
/subsystem=logging/logger=edu.psu:add(category=edu.psu,level=DEBUG)
finally
/subsystem=logging/console-handler=CONSOLE:change-log-level(level=DEBUG)
end-try
---
# file: roles/wildfly10/handlers/main.yml
- name: restart wildfly
service: name={{ wildfly_service_name }} state=restarted
---
# File: roles/wildfly10/tasks/main.yml
- name: download the wildfly archive file
get_url: url="{{ wildfly_archive_url }}"
dest="~/{{ wildfly_archive_name }}"
- name: unzip the Wildfly archive file
shell: unzip -u ~/{{ wildfly_archive_name }} -d {{ wildfly_inst_directory }}
creates={{ wildfly_inst_directory }}/{{ wildfly_name }}
notify:
- restart wildfly
- name: create the wildfly group
group: name="{{ wildfly_group }}" state=present
- name: create the wildfly user
user: name="{{ wildfly_user }}" group="{{ wildfly_group }}" password="{{ wildfly_password }}" createhome={{ wildfly_user_home }} state=present
- name: make the wildfly user the owner of the wildfly files
file: path="{{ wildfly_inst_directory }}/{{ wildfly_name }}"
owner="{{ wildfly_user }}" group="{{ wildfly_group }}"
recurse=yes state=directory
- name: make a pretty symlink for wildfly
file: src="{{ wildfly_inst_directory }}/{{ wildfly_name }}"
path="{{ wildfly_inst_directory }}/{{ wildfly_service_name }}"
owner="{{ wildfly_user }}" group="{{ wildfly_group }}" state=link
- name: create the directories for wildfly's PID and log files
file: path="{{ item }}" state=directory
owner="{{ wildfly_user }}" group="{{ wildfly_group }}"
with_items:
- "{{ wildfly_log_directory }}"
- "{{ wildfly_pid_directory }}"
- name: set the JBOSS_USER environment variable in the startup script configuration file
lineinfile: dest="{{ wildfly_home_directory }}/docs/contrib/scripts/init.d/wildfly.conf"
regexp="^JBOSS_USER" insertafter="^# JBOSS_USER" line="JBOSS_USER={{ wildfly_user }}"
notify:
- restart wildfly
- name: create a symlink for the startup script configuration file
file: src="{{ wildfly_home_directory }}/docs/contrib/scripts/init.d/wildfly.conf"
path="/etc/default/{{ wildfly_service_name }}.conf"
state=link
- name: create a symlink for the startup script
file: src="{{ wildfly_home_directory }}/docs/contrib/scripts/init.d/wildfly-init-redhat.sh"
path="/etc/init.d/{{ wildfly_service_name }}"
state=link
- name: register the wildfly startup script with chkconfig
shell: chkconfig --add wildfly creates=/etc/rc0.d/K20wildfly
- name: configure chkconfig to run the wildfly startup script at the correct run-levels
shell: chkconfig --level 2345 wildfly on creates=/etc/rc2.d/S80wildfly
#- name: make sure wildfly is stopped
# service: name="{{ wildfly_service_name }}" state="stopped"
- name: save a copy of the wildfly distribution's standalone.xml
shell: mv standalone.xml standalone.xml.dist
chdir="{{ wildfly_conf_directory }}" creates=standalone.xml.dist
- name: copy the selected standalone wildfly profile to standalone.xml
shell: cp {{ wildfly_profile }}.xml standalone.xml
chdir="{{ wildfly_conf_directory }}" creates=standalone.xml
- name: copy the wildfly scripts to the remote host's deployment directory
copy: src="{{ item }}" dest=~
with_items:
- wildfly_set_interface_addresses.cli
- wildfly_set_logging_level.cli
- psu-security-domain.cli
- wildfly-slsb-pool.cli
- name: make sure wildfly is started
service: name="{{ wildfly_service_name }}" state="started"
- name: run some wildfly configuration scripts
shell: chdir=~ {{ wildfly_prog_directory }}/jboss-cli.sh --file="{{ item }}"
with_items:
- wildfly_set_interface_addresses.cli
- wildfly_set_logging_level.cli
- wildfly-slsb-pool.cli
- psu-security-domain.cli
#- name: make the jboss-as interfaces listen on all addresses
# lineinfile: dest={{ wildfly_conf_directory }}/standalone.xml
# regexp="{{ item }}" line=" <any-address />"
# with_items:
# - "<inet-address value=.*jboss.bind.address.management:|any-address"
# - "<inet-address value=.*jboss.bind.address:|any-address"
# - "<inet-address value=.*jboss.bind.address.unsecure:|any-address"
# notify:
# - restart wildfly
- name: add an admin user for wildfly's web console
lineinfile: dest="{{ wildfly_conf_directory }}/mgmt-users.properties"
regexp="^vadmin=" insertafter="^#admin=" line="vadmin=d745a3c00ee100da10ad80d86e6f2dec"
- name: deploy the postgresql jdbc driver
jboss: src=/usr/share/java/postgresql92-jdbc.jar state=present
deploy_path={{ wildfly_deploy_directory }} deployment=postgresql92-jdbc.jar
when: db_postgresql_installed is defined and db_postgresql_installed == true
---
# file: roles/wildfly10/vars/main.yml
wildfly_download_url: "http://download.jboss.org/wildfly"
wildfly_version: "10.1.0.Final"
wildfly_name: "wildfly-{{ wildfly_version }}"
wildfly_archive_name: "{{ wildfly_name }}.zip"
wildfly_archive_url: "{{ wildfly_download_url }}/{{ wildfly_version }}/{{ wildfly_archive_name }}"
wildfly_user: "wildfly"
wildfly_group: "wildfly"
wildfly_password: "$1$salty$SzJsU4qDcXp536Acnlp6I."
wildfly_service_name: "wildfly"
wildfly_profile: standalone-full
wildfly_inst_directory: "/opt"
wildfly_home_directory: "{{ wildfly_inst_directory }}/wildfly"
wildfly_conf_directory: "{{ wildfly_home_directory }}/standalone/configuration"
wildfly_deploy_directory: "{{ wildfly_home_directory }}/standalone/deployments"
wildfly_prog_directory: "{{ wildfly_home_directory }}/bin"
wildfly_work_directory: "/var/lib/jboss-as/standalone"
wildfly_log_directory: "/var/log/{{ wildfly_service_name }}"
wildfly_pid_directory: "/var/run/{{ wildfly_service_name }}"
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment