agaric/agaric-coop
10
1
Fork 0
Code Issues 102 Pull requests Projects Releases Packages Wiki Activity

Add all files needed to bring up VM and run agaric.com locally

Browse source
This commit is contained in:
benjamin melançon 2018-08-20 10:45:20 -04:00
parent 52c8b60bac
commit 4d2bc0ee24
742 changed files with 24037 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

24
box/provisioning/roles/arknoll.selenium/.gitignore vendored Normal file
View file

@ -0,0 +1,24 @@
# OS generated files #
######################
.DS_Store
.DS_Store?
._*
.Spotlight-V100
.Trashes
Icon?
ehthumbs.db
Thumbs.db
# IDE files #
#################
/.settings
/.buildpath
/.project
/nbproject
*.komodoproject
*.kpf
/.idea
# Other files #
###############
!empty

22
box/provisioning/roles/arknoll.selenium/.travis.yml Normal file
View file

@ -0,0 +1,22 @@
---
services: docker
env:
- distro: centos7
- distro: centos6
- distro: ubuntu1604
- distro: debian8
- distro: ubuntu1404
- distro: ubuntu1204
script:
# Download test shim.
- wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/
- chmod +x ${PWD}/tests/test.sh
# Run tests.
- ${PWD}/tests/test.sh
notifications:
email: false
webhooks: https://galaxy.ansible.com/api/v1/notifications/

13
box/provisioning/roles/arknoll.selenium/LICENSE.txt Normal file
View file

@ -0,0 +1,13 @@
Copyright (c) Alex Knoll
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

79
box/provisioning/roles/arknoll.selenium/README.md Normal file
View file

@ -0,0 +1,79 @@
## selenium [![Build Status](https://travis-ci.org/arknoll/ansible-role-selenium.svg?branch=master)](https://travis-ci.org/arknoll/ansible-role-selenium)
Set up selenium and Firefox for running selenium tests.
#### Requirements
* `java`
#### Variables
* `selenium_install_dir`: [default: `/opt`] Install directory
* `selenium_version`: [default: `2.53.0`] Install version
* `selenium_install_firefox`: [default: `no`] Whether to install FireFox
* `selenium_install_chrome`: [default: `yes`] Whether to install Google Chrome
## Dependencies
None
#### Example
```yaml
---
- hosts: all
roles:
- selenium
```
#### Start/Stop/Restart Selenium
```
$ service selenium start
$ service selenium stop
$ service selenium restart
```
#### Known issue with Firefox
For some OS combinations the package manager version of Firefox
doesn't work appropriately with Selenium. In these circumstances
you may see an error like:
```
WebDriver\Exception\UnknownError: Unable to connect to host 127.0.0.1 on port 7055 after 45000 ms. Firefox console output:
```
Chrome and chromedriver don't appear to have this issue. If
possible, use Chrome. If you still want to use firefox, then
I suggest using https://galaxy.ansible.com/arknoll/firefox/
to install an older version of firefox. (38.0 worked for me
on Ubuntu 16.04).
#### License and Author
Author:: Alex Knoll (arknoll@gmail.com)
Copyright:: 2015, Alex Knoll
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
#### Contributing
We welcome contributed improvements and bug fixes via the usual workflow:
1. Fork this repository
2. Create your feature branch (`git checkout -b my-new-feature`)
3. Commit your changes (`git commit -am 'Add some feature'`)
4. Push to the branch (`git push origin my-new-feature`)
5. Create a new pull request

9
box/provisioning/roles/arknoll.selenium/defaults/main.yml Normal file
View file

@ -0,0 +1,9 @@
---
# defaults file for selenium
selenium_install_dir: /opt
selenium_version: "2.53.0"
selenium_install_firefox: no
selenium_install_chrome: yes
selenium_display_id: "1"
selenium_port: 4444
selenium_xvfb_args: "--server-args='-screen 0, 1920x1080x24'"

4
box/provisioning/roles/arknoll.selenium/handlers/main.yml Normal file
View file

@ -0,0 +1,4 @@
---
# handlers file for selenium
- name: restart selenium
service: name=selenium state=restarted

21
box/provisioning/roles/arknoll.selenium/meta/main.yml Normal file
View file

@ -0,0 +1,21 @@
---
# meta file for selenium
galaxy_info:
author: Alex Knoll
description: Set up selenium and Firefox for running selenium tests.
license: Apache V2
min_ansible_version: 2.0
platforms:
- name: EL
versions:
- 6
- 7
- name: Ubuntu
versions:
- all
- name: Debian
versions:
- all
categories:
- web
dependencies: []

106
box/provisioning/roles/arknoll.selenium/tasks/main.yml Normal file
View file

@ -0,0 +1,106 @@
---
# Tasks file for selenium
- name: Include OS-Specific variables
include_vars: "{{ ansible_os_family }}.yml"
tags: [configuration, selenium]
- name: Install dependencies
package: name=unzip
tags: [configuration, selenium]
- name: create directory
file: "path={{ selenium_install_dir }}/selenium state=directory recurse=yes"
tags: [configuration, selenium, selenium-create-directory]
- name: Download Selenium
get_url:
url: "http://selenium-release.storage.googleapis.com/{{ selenium_version | regex_replace('\\.[0-9]+$', '') }}/selenium-server-standalone-{{ selenium_version }}.jar"
dest: "{{ selenium_install_dir }}/selenium/selenium-server-standalone-{{ selenium_version }}.jar"
tags: [configuration, selenium, selenium-download]
- name: Install FireFox (if configured)
package: name=firefox state=present
when: selenium_install_firefox
tags: [configuration, selenium, selenium-firefox]
- name: Add Chrome key (if configured, Debian)
apt_key:
url: "https://dl-ssl.google.com/linux/linux_signing_key.pub"
state: present
when: ansible_os_family == 'Debian' and selenium_install_chrome
tags: [configuration, selenium, selenium-chrome]
- name: Add Chrome repo (if configured, Debian)
apt_repository:
repo: "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main"
state: present
update_cache: yes
when: ansible_os_family == 'Debian' and selenium_install_chrome
tags: [configuration, selenium, selenium-chrome]
- name: Install Chrome (if configured, Debian)
apt:
name: google-chrome-stable
state: present
when: ansible_os_family == 'Debian' and selenium_install_chrome
tags: [configuration, selenium, selenium-chrome]
- name: Install Chrome (if configured, RedHat)
yum:
name: https://dl.google.com/linux/direct/google-chrome-stable_current_x86_64.rpm
state: present
when: ansible_os_family == 'RedHat' and selenium_install_chrome
tags: [configuration, selenium, selenium-chrome]
- name: Get the latest release for chromedriver
uri:
url: http://chromedriver.storage.googleapis.com/LATEST_RELEASE
return_content: yes
register: chromedriver_latest
when: selenium_install_chrome
tags: [configuration, selenium, selenium-chrome]
- name: Install chromedriver
unarchive:
src: "http://chromedriver.storage.googleapis.com/{{ chromedriver_latest.content | trim }}/chromedriver_linux64.zip"
dest: /usr/bin
mode: 0755
copy: no
when: selenium_install_chrome
tags: [configuration, selenium, selenium-chrome]
- name: Install xvfb
package: name={{ selenium_xvfb_package }}
tags: [configuration, selenium, selenium-xvfb]
- name: Install init script
template:
src: "selenium-init-{{ ansible_os_family }}.j2"
dest: /etc/init.d/selenium
owner: root
group: root
mode: 0755
when: "ansible_service_mgr != 'systemd'"
tags: [configuration, selenium, selenium-install]
- name: Install systemd unit file (for systemd systems)
template:
src: "selenium-unit.j2"
dest: /etc/systemd/system/selenium.service
owner: root
group: root
mode: 0755
when: "ansible_service_mgr == 'systemd'"
tags: [configuration, selenium, selenium-install]
- name: Register systemd service status (for systemd systems)
shell: 'systemctl status selenium | grep "active (running)"'
when: "ansible_service_mgr == 'systemd'"
register: selenium_running
ignore_errors: yes
changed_when: false
- name: Ensure selenium is running
service: name=selenium state=started enabled=yes
tags: [configuration, selenium, selenium-run]
when: selenium_running.failed is defined and selenium_running.failed == true

74
box/provisioning/roles/arknoll.selenium/templates/selenium-init-Debian.j2 Normal file
View file

@ -0,0 +1,74 @@
#!/bin/bash
### BEGIN INIT INFO
# Provides: selenium
# Required-Start: $local_fs $network
# Required-Stop: $local_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: selenium
# Description: selenium test framework
### END INIT INFO
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DISPLAY_ID="{{ selenium_display_id }}"
RUN_AS=root
JAVA_BIN=/usr/bin/java
XVFB_BIN=/usr/bin/xvfb-run
SELENIUM_DIR={{ selenium_install_dir }}/selenium
SELENIUM_JAR_FILE="$SELENIUM_DIR/selenium-server-standalone-{{ selenium_version }}.jar"
DAEMON_PID_FILE="$SELENIUM_DIR/selenium.pid"
SELENIUM_LOG_FILE="$SELENIUM_DIR/selenium.log"
SELENIUM_DAEMON_OPTS=" -client -jar $SELENIUM_JAR_FILE -log $SELENIUM_LOG_FILE -port {{ selenium_port }}"
export DISPLAY="$DISPLAY_ID"
set -e
. /lib/lsb/init-functions
case "$1" in
start)
if status_of_proc -p $DAEMON_PID_FILE "$SELENIUM_JAR_FILE" $SELENIUM_JAR_FILE > /dev/null; then
log_progress_msg "Service already running"
else
log_daemon_msg "Starting Selenium server"
log_progress_msg "selenium"
start-stop-daemon -c $RUN_AS --start --quiet --background --pidfile $DAEMON_PID_FILE --make-pidfile --exec $XVFB_BIN {{ selenium_xvfb_args }} $JAVA_BIN -- $SELENIUM_DAEMON_OPTS
fi
;;
stop)
if status_of_proc -p $DAEMON_PID_FILE "$SELENIUM_JAR_FILE" $SELENIUM_JAR_FILE > /dev/null; then
log_daemon_msg "Stopping Selenium server"
log_progress_msg "selenium"
DAEMON_PID=$(cat $DAEMON_PID_FILE)
DAEMON_CHILDREN=$(pstree -l -p $DAEMON_PID |grep "([[:digit:]]*)" -o |tr -d '()')
# Stop daemon itself.
start-stop-daemon --stop --pidfile $DAEMON_PID_FILE
# Stop all child processes.
sudo kill $DAEMON_CHILDREN
else
log_progress_msg "Service not running"
fi
;;
restart|force-reload)
$0 stop
sleep 1
$0 start
;;
status)
status_of_proc -p $DAEMON_PID_FILE "$SELENIUM_JAR_FILE" $SELENIUM_JAR_FILE && exit 0 || exit $?
;;
*)
N=/etc/init.d/selenium
echo "Usage: $N {start|stop|restart|force-reload|status}" >&2
exit 1
;;
esac

80
box/provisioning/roles/arknoll.selenium/templates/selenium-init-RedHat.j2 Normal file
View file

@ -0,0 +1,80 @@
#!/bin/bash
#
# Selenium
#
# chkconfig: 345 90 25
# description: Selenium service
# Source function library.
. /etc/init.d/functions
java_bin=/usr/bin/java
xvfb_bin=/usr/bin/xvfb-run
selenium_dir={{ selenium_install_dir }}/selenium
selenium_jar_file="$selenium_dir/selenium-server-standalone-{{ selenium_version }}.jar"
user=root
display="{{ selenium_display_id }}"
exec="$xvfb_bin {{ selenium_xvfb_args }} --server-num=$display $java_bin"
args=" -client -jar $selenium_jar_file -p {{ selenium_port }}"
lockfile="/var/lock/subsys/selenium"
pidfile="$selenium_dir/selenium.pid"
logfile="$selenium_dir/selenium.log"
prog="selenium"
RETVAL=0
start() {
echo -n $"Starting $prog: "
touch $pidfile
chown $user $pidfile
touch $logfile
chown $user $logfile
/bin/su - $user -c "DISPLAY=\":$display\" $exec $args >> $logfile 2>&1 & echo \$! > $pidfile"
sleep 2
pgrep -fl $prog
RETVAL=$?
[ $RETVAL -eq 0 ] && echo_success || echo_failure
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc -p $pidfile $prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f $lockfile $pidfile
return $RETVAL
}
restart() {
stop
sleep 2
start
}
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status -p ${pidfile} ${prog}
RETVAL=$?
;;
restart)
restart
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
esac

11
box/provisioning/roles/arknoll.selenium/templates/selenium-unit.j2 Normal file
View file

@ -0,0 +1,11 @@
[Unit]
Description=selenium test framework
After=syslog.target network.target
[Service]
ExecStart=/usr/bin/xvfb-run {{ selenium_xvfb_args }} /usr/bin/java -client -jar {{ selenium_install_dir }}/selenium/selenium-server-standalone-{{ selenium_version }}.jar
Restart=on-failure
RestartSec=20s
[Install]
WantedBy=multi-user.target

11
box/provisioning/roles/arknoll.selenium/tests/README.md Normal file
View file

@ -0,0 +1,11 @@
# Ansible Role tests
To run the test playbook(s) in this directory:
1. Install and start Docker.
1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`:
- `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/`
1. Make the test shim executable: `chmod +x tests/test.sh`.
1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh`
If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)`

2
box/provisioning/roles/arknoll.selenium/tests/requirements.yml Normal file
View file

@ -0,0 +1,2 @@
---
- src: geerlingguy.java

20
box/provisioning/roles/arknoll.selenium/tests/test.yml Normal file
View file

@ -0,0 +1,20 @@
---
# Test file for selenium
- hosts: all
pre_tasks:
- name: Update apt cache.
apt: update_cache=yes cache_valid_time=3600
when: ansible_os_family == 'Debian'
- name: Don't install Chrome on old OSes.
set_fact:
selenium_install_firefox: yes
selenium_install_chrome: no
when: >
(ansible_distribution == 'Ubuntu' and ansible_distribution_version == '12.04')
or (ansible_os_family == 'RedHat' and ansible_distribution_version.split('.')[0] == '6')
roles:
- geerlingguy.java
- role_under_test

2
box/provisioning/roles/arknoll.selenium/vars/Debian.yml Normal file
View file

@ -0,0 +1,2 @@
---
selenium_xvfb_package: xvfb

2
box/provisioning/roles/arknoll.selenium/vars/RedHat.yml Normal file
View file

@ -0,0 +1,2 @@
---
selenium_xvfb_package: xorg-x11-server-Xvfb

47
box/provisioning/roles/drupalvm.hostname/README.md Normal file
View file

@ -0,0 +1,47 @@
# Drupal VM hostname Role
This role is a shim to set the hostname and FQDN of Drupal VM.
## Requirements
This role is meant to be run in Drupal VM. Use outside of Drupal VM will likely result in weird things happening.
## Role Variables
Available variables are listed below:
```yaml
hostname_fqdn: "{{ inventory_hostname }}"
```
The fully qualified domain name. If left blank, the `hostname` command will not be run (this can be useful if running the role within a Docker container).
```yaml
hostname_short: "{{ hostname_fqdn|regex_replace('^([^.]+).*$', '\\1') }}"
```
The shortname defaulting to the part up to the first period of the FQDN, without the rest of the domain.
```yaml
hostname_unsafe_writes: "{{ (ansible_virtualization_type == 'docker')|ternary('yes', 'no')|bool }}"
```
Whether to use unsafe writes or atomic operations when updating system files. Defaults to atomic operations on all systems except for docker where mounted files cannot be updated atomically and can only be done in an unsafe manner.
## Dependencies
None.
## Example Playbook
- hosts: drupalvm
roles:
- drupalvm.hostname
## License
MIT / BSD
## Author Information
This role was created in 2017 by [Oskar Schöldström](http://oxy.fi) and [Jeff Geerling](https://www.jeffgeerling.com/) (author of [Ansible for DevOps](https://www.ansiblefordevops.com/)).

5
box/provisioning/roles/drupalvm.hostname/defaults/main.yml Normal file
View file

@ -0,0 +1,5 @@
---
hostname_fqdn: "{{ inventory_hostname }}"
hostname_short: "{{ hostname_fqdn|regex_replace('^([^.]+).*$', '\\1') }}"
hostname_unsafe_writes: "{{ (ansible_virtualization_type == 'docker')|ternary('yes', 'no')|bool }}"

28
box/provisioning/roles/drupalvm.hostname/meta/main.yml Normal file
View file

@ -0,0 +1,28 @@
---
galaxy_info:
author: Jeff Geerling
description: A role to set the hostname and FQDN on Drupal VM.
company: Midwestern Mac, LLC
issue_tracker_url: https://github.com/geerlingguy/drupal-vm/issues
license: MIT
min_ansible_version: 2.2
platforms:
- name: EL
versions:
- all
- name: Debian
versions:
- all
- name: Ubuntu
versions:
- precise
- raring
- saucy
- trusty
- xenial
galaxy_tags:
- drupal
- vm
- hostname

25
box/provisioning/roles/drupalvm.hostname/tasks/main.yml Normal file
View file

@ -0,0 +1,25 @@
---
- name: Configure /etc/mailname (Debian).
copy:
content: "{{ hostname_fqdn }}\n"
dest: /etc/mailname
when: ansible_os_family == 'Debian'
- name: Add hostname to /etc/hosts.
lineinfile:
dest: /etc/hosts
regexp: '.*\t{{ hostname_short }}$'
line: "127.0.0.1\t{{ hostname_fqdn }}\t{{ hostname_short }}"
state: present
unsafe_writes: "{{ hostname_unsafe_writes }}"
- name: Configure hostname.
copy:
content: "{{ (ansible_os_family == 'Debian') | ternary(hostname_short, hostname_fqdn) }}\n"
dest: /etc/hostname
unsafe_writes: "{{ hostname_unsafe_writes }}"
register: set_hostname
- name: Set the hostname for current session.
shell: hostname --file /etc/hostname
when: set_hostname.changed

31
box/provisioning/roles/drupalvm.www/README.md Normal file
View file

@ -0,0 +1,31 @@
# Drupal VM www Role
This role is a shim to configure miscellaneous settings prior to installing a Drupal site inside Drupal VM.
## Requirements
This role is meant to be run in Drupal VM. Use outside of Drupal VM will likely result in weird things happening.
## Role Variables
There are a few defaults defined, but you shouldn't really need to worry about this role's variables. It's a really simple role.
## Dependencies
- geerlingguy.nginx if `drupalvm_webserver` is set to `nginx`.
## Example Playbook
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: drupalvm
roles:
- drupalvm.www
## License
MIT / BSD
## Author Information
This role was created in 2017 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/).

3
box/provisioning/roles/drupalvm.www/defaults/main.yml Normal file
View file

@ -0,0 +1,3 @@
---
drupalvm_webserver: apache
vagrant_user: vagrant

31
box/provisioning/roles/drupalvm.www/meta/main.yml Normal file
View file

@ -0,0 +1,31 @@
galaxy_info:
author: Jeff Geerling
description: A role to configure various odds and ends in Drupal VM prior to installing Drupal.
company: Midwestern Mac, LLC
issue_tracker_url: https://github.com/geerlingguy/drupal-vm/issues
license: MIT
min_ansible_version: 2.2
platforms:
- name: EL
versions:
- all
- name: Debian
versions:
- all
- name: Ubuntu
versions:
- precise
- raring
- saucy
- trusty
- xenial
galaxy_tags:
- nginx
- drupal
- vm
- vagrant
dependencies:
- { role: geerlingguy.nginx, when: drupalvm_webserver == 'nginx' }

87
box/provisioning/roles/drupalvm.www/tasks/main.yml Normal file
View file

@ -0,0 +1,87 @@
---
- name: Define drupalvm_webserver_user (Debian).
set_fact:
drupalvm_webserver_user: www-data
when: ansible_os_family == 'Debian' and drupalvm_webserver_user is undefined
- name: Define drupalvm_webserver_user (RedHat).
set_fact:
drupalvm_webserver_user: "{{ (drupalvm_webserver == 'apache') | ternary('httpd', 'nginx') }}"
when: ansible_os_family == 'RedHat' and drupalvm_webserver_user is undefined
- name: Register information about the /vagrant directory.
stat:
path: /vagrant
register: vagrant_directory
# When using NFS the group id of a folder will be identical to that of the host
# machine, but the groupname will differ or not exist. For the latter case
# we create a group called `vagrant_group`.
#
# In Ansible 2.3+ the gr_name will be set if the GID is mapped to an existing
# group. If the GID doesn't exist, gr_name will be undefined.
- name: Ensure a group with the same GID as used to sync directories exist (Ansible 2.3+).
group:
gid: "{{ vagrant_directory.stat.gid }}"
name: vagrant_group
state: present
when: >
ansible_version.full | version_compare('2.3', '>=') and
vagrant_directory.stat.exists and
vagrant_directory.stat.gr_name is undefined
- name: Ensure the webserver user is in the same group as the owner of synced directories (Ansible 2.3+).
user:
name: "{{ drupalvm_webserver_user }}"
append: yes
groups: "{{ vagrant_directory.stat.gr_name|default('vagrant_group') }}"
when: >
ansible_version.full | version_compare('2.3', '>=') and
vagrant_directory.stat.exists and
not (vagrant_directory.stat.gr_name is defined and vagrant_directory.stat.gr_name == 'root')
# With Ansible 2.2 or lower, the existance of gr_name is dependant on the
# existance of UID as well, therefore we cannot rely on it.
# TODO: Remove the version compares and the 2.2 tasks once we require Ansible
# 2.3+
- name: Detect if group used to sync directories already exist (Ansible 2.2).
shell: "getent group {{ vagrant_directory.stat.gid }} | cut -d':' -f1"
register: vagrant_directory_groupname
changed_when: false
when: >
ansible_version.full | version_compare('2.3', '<') and
vagrant_directory.stat.exists
- name: Ensure a group with the same GID as used to sync directories exist (Ansible 2.2).
group:
gid: "{{ vagrant_directory.stat.gid }}"
name: vagrant_group
state: present
when: >
ansible_version.full | version_compare('2.3', '<') and
vagrant_directory.stat.exists and
vagrant_directory_groupname.stdout == ''
- name: Ensure the webserver user is in the same group as the owner of synced directories (Ansible 2.2).
user:
name: "{{ drupalvm_webserver_user }}"
append: yes
groups: "{{ vagrant_directory_groupname.stdout|default('vagrant_group') }}"
when: >
ansible_version.full | version_compare('2.3', '<') and
vagrant_directory.stat.exists and
vagrant_directory_groupname.stdout != 'root'
- name: Ensure admin group exist.
group: "name=admin state=present"
- name: Ensure vagrant user is in admin group.
user: "name={{ vagrant_user }} append=yes groups=admin"
- name: Set nicer permissions on Apache log directory.
file:
path: "/var/log/{{ apache_daemon }}"
state: directory
mode: 0755
recurse: true
when: drupalvm_webserver == 'apache'

4
box/provisioning/roles/franklinkim.newrelic/.clog.toml Normal file
View file

@ -0,0 +1,4 @@
[clog]
changelog = "CHANGELOG.md"
repository = "https://github.com/weareinteractive/ansible-newrelic"
from-latest-tag = true

16
box/provisioning/roles/franklinkim.newrelic/.editorconfig Normal file
View file

@ -0,0 +1,16 @@
# EditorConfig helps developers define and maintain consistent
# coding styles between different editors and IDEs
# editorconfig.org
root = true
[*]
# Change these settings to your own preference
indent_size = 2
indent_style = space
# We recommend you to keep these unchanged
charset = utf-8
end_of_line = lf
insert_final_newline = true
trim_trailing_whitespace = true

6
box/provisioning/roles/franklinkim.newrelic/.gitignore vendored Normal file
View file

@ -0,0 +1,6 @@
.*
*~
!.git*
!.clog.toml
!.travis.yml
!.editorconfig

10
box/provisioning/roles/franklinkim.newrelic/.travis.yml Normal file
View file

@ -0,0 +1,10 @@
---
language: ruby
sudo: required
services:
- docker
install:
- docker pull franklinkim/ansible:ubuntu-trusty
script:
- docker run -v $(pwd):/opt/ansible franklinkim/ansible:ubuntu-trusty tests/run.sh

92
box/provisioning/roles/franklinkim.newrelic/CHANGELOG.md Normal file
View file

@ -0,0 +1,92 @@
<a name="1.6.0"></a>
## 1.6.0 (2016-11-11)
#### Features
* add `cgroup_style` option to config ([fd806272](https://github.com/weareinteractive/ansible-newrelic/commit/fd80627235dca4c6dad2b4edaa13e3d5ab64174d))
<a name="1.5.0"></a>
## 1.5.0 (2016-11-10)
#### Features
* add proxy options ([d8c80eaa](https://github.com/weareinteractive/ansible-newrelic/commit/d8c80eaac222078c918be6ff80ce94f4d444510b))
<a name="1.4.3"></a>
### 1.4.3 (2016-11-03)
#### Bug Fixes
* fix readme badge url ([a143bf3e](https://github.com/weareinteractive/ansible-newrelic/commit/a143bf3ee48ee07fa3657186763d857d00083b56))
<a name="1.4.2"></a>
### 1.4.2 (2016-09-30)
<a name="1.4.1"></a>
### 1.4.1 (2016-09-20)
#### Bug Fixes
* remove duplicate newrelic_license_key ([036d2777](https://github.com/weareinteractive/ansible-newrelic/commit/036d27779b7db47b9fb06b9a983d759d2ad196bf))
<a name="1.4.0"></a>
## 1.4.0 (2016-08-05)
#### Features
* add label settings ([169d3867](https://github.com/weareinteractive/ansible-newrelic/commit/169d386710aba0d7d1397cb68ef7f8426d1fac80))
<a name="1.3.0"></a>
## 1.3.0 (2016-07-04)
<a name="1.2.1"></a>
### 1.2.1 (2016-04-10)
#### Bug Fixes
* default groups breaks install when docker monitoring is enabled ([3e507b30](https://github.com/weareinteractive/ansible-newrelic/commit/3e507b3080fa8040a3659577f1bdc25c3d97508a))
<a name="1.2.0"></a>
## 1.2.0 (2016-02-13)
#### Breaking Changes
* add configurable `newrelic_group` and `newrelic_groups` ([b06cf9f4](https://github.com/weareinteractive/ansible-newrelic/commit/b06cf9f4bbaeb6edd3bae8b600d351a27dbd28d5), breaks [#](https://github.com/weareinteractive/ansible-newrelic/issues/))
#### Bug Fixes
* make docker container monitoring work ([89986c76](https://github.com/weareinteractive/ansible-newrelic/commit/89986c7649e3bc3d9f08d1d2027596b9e089b6c5))
#### Features
* add configurable `newrelic_group` and `newrelic_groups` ([b06cf9f4](https://github.com/weareinteractive/ansible-newrelic/commit/b06cf9f4bbaeb6edd3bae8b600d351a27dbd28d5), breaks [#](https://github.com/weareinteractive/ansible-newrelic/issues/))
* use ansible-role docgen for README generation ([23b5e65f](https://github.com/weareinteractive/ansible-newrelic/commit/23b5e65fb9fe82851ec450f99d80b7db42663e58))
* add CHANGELOG ([86830e8f](https://github.com/weareinteractive/ansible-newrelic/commit/86830e8f5d84195c2b3c11a8d3b1235a74cb136f))

22
box/provisioning/roles/franklinkim.newrelic/LICENSE Normal file
View file

@ -0,0 +1,22 @@
Copyright (c) We Are Interactive
Permission is hereby granted, free of charge, to any person
obtaining a copy of this software and associated documentation
files (the "Software"), to deal in the Software without
restriction, including without limitation the rights to use,
copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the
Software is furnished to do so, subject to the following
conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
OTHER DEALINGS IN THE SOFTWARE.

135
box/provisioning/roles/franklinkim.newrelic/README.md Normal file
View file

@ -0,0 +1,135 @@
# Ansible franklinkim.newrelic role
[![Build Status](https://img.shields.io/travis/weareinteractive/ansible-newrelic.svg)](https://travis-ci.org/weareinteractive/ansible-newrelic)
[![Galaxy](http://img.shields.io/badge/galaxy-franklinkim.newrelic-blue.svg)](https://galaxy.ansible.com/franklinkim/newrelic/)
[![GitHub Tags](https://img.shields.io/github/tag/weareinteractive/ansible-newrelic.svg)](https://github.com/weareinteractive/ansible-newrelic)
[![GitHub Stars](https://img.shields.io/github/stars/weareinteractive/ansible-newrelic.svg)](https://github.com/weareinteractive/ansible-newrelic)
> `franklinkim.newrelic` is an [Ansible](http://www.ansible.com) role which:
>
> * installs newrelic
> * configures newrelic
> * configures service
## Installation
Using `ansible-galaxy`:
```shell
$ ansible-galaxy install franklinkim.newrelic
```
Using `requirements.yml`:
```yaml
- src: franklinkim.newrelic
```
Using `git`:
```shell
$ git clone https://github.com/weareinteractive/ansible-newrelic.git franklinkim.newrelic
```
## Dependencies
* Ansible >= 2.0
## Variables
Here is a list of all the default variables for this role, which are also available in `defaults/main.yml`.
```yaml
---
#
# newrelic_license_key: yourkey
# User name
newrelic_user: newrelic
# User group
newrelic_group: newrelic
# User groups to append to user
newrelic_groups: []
# Name of the file where the server monitor will store it's log messages.
newrelic_logfile: /var/log/newrelic/nrsysmond.log
# Level of detail you want in the log file
newrelic_loglevel: info
# Set to true to disable NFS client statistics gathering.
newrelic_disable_nfs: yes
# Set to true to disable Docker container statistics gathering.
newrelic_disable_docker: yes
# start on boot
newrelic_service_enabled: yes
# current state: started, stopped
newrelic_service_state: started
# use default hostname, set a value to override the default hostname
newrelic_override_hostname: ~
# A series of label_type/label_value pairings: label_type:label_value
newrelic_labels:
# proxy server to use (i.e. proxy-host:8080)
newrelic_proxy:
# Option to fix Docker memory (see: https://discuss.newrelic.com/t/wrong-path-to-cpu-and-memoy-data/36177)
newrelic_cgroup_style:
```
## Handlers
These are the handlers that are defined in `handlers/main.yml`.
```yaml
---
- name: restart newrelic
service:
name: newrelic-sysmond
state: restarted
when: newrelic_service_state != 'stopped'
```
## Usage
This is an example playbook:
```yaml
---
- hosts: all
become: yes
roles:
- franklinkim.newrelic
vars:
newrelic_service_state: started
newrelic_license_key: ab2fa361cd4d0d373833cad619d7bcc424d27c16
```
## Testing
```shell
$ git clone https://github.com/weareinteractive/ansible-newrelic.git
$ cd ansible-newrelic
$ make test
```
## Contributing
In lieu of a formal style guide, take care to maintain the existing coding style. Add unit tests and examples for any new or changed functionality.
1. Fork it
2. Create your feature branch (`git checkout -b my-new-feature`)
3. Commit your changes (`git commit -am 'Add some feature'`)
4. Push to the branch (`git push origin my-new-feature`)
5. Create new Pull Request
*Note: To update the `README.md` file please install and run `ansible-role`:*
```shell
$ gem install ansible-role
$ ansible-role docgen
```
## License
Copyright (c) We Are Interactive under the MIT license.

23
box/provisioning/roles/franklinkim.newrelic/Vagrantfile vendored Normal file
View file

@ -0,0 +1,23 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vbguest.no_remote = true
config.vbguest.auto_update = false
config.vm.define 'trusty' do |instance|
instance.vm.box = 'ubuntu/trusty64'
end
config.vm.define 'centos7' do |instance|
instance.vm.box = 'geerlingguy/centos7'
end
# View the documentation for the provider you're using for more
# information on available options.
config.vm.provision "ansible" do |ansible|
ansible.playbook = "tests/main.yml"
ansible.verbose = 'vv'
ansible.sudo = true
end
end

30
box/provisioning/roles/franklinkim.newrelic/defaults/main.yml Normal file
View file

@ -0,0 +1,30 @@
---
#
# newrelic_license_key: yourkey
# User name
newrelic_user: newrelic
# User group
newrelic_group: newrelic
# User groups to append to user
newrelic_groups: []
# Name of the file where the server monitor will store it's log messages.
newrelic_logfile: /var/log/newrelic/nrsysmond.log
# Level of detail you want in the log file
newrelic_loglevel: info
# Set to true to disable NFS client statistics gathering.
newrelic_disable_nfs: yes
# Set to true to disable Docker container statistics gathering.
newrelic_disable_docker: yes
# start on boot
newrelic_service_enabled: yes
# current state: started, stopped
newrelic_service_state: started
# use default hostname, set a value to override the default hostname
newrelic_override_hostname: ~
# A series of label_type/label_value pairings: label_type:label_value
newrelic_labels:
# proxy server to use (i.e. proxy-host:8080)
newrelic_proxy:
# Option to fix Docker memory (see: https://discuss.newrelic.com/t/wrong-path-to-cpu-and-memoy-data/36177)
newrelic_cgroup_style:

7
box/provisioning/roles/franklinkim.newrelic/handlers/main.yml Normal file
View file

@ -0,0 +1,7 @@
---
- name: restart newrelic
service:
name: newrelic-sysmond
state: restarted
when: newrelic_service_state != 'stopped'

142
box/provisioning/roles/franklinkim.newrelic/meta/main.yml Normal file
View file

@ -0,0 +1,142 @@
---
galaxy_info:
author: franklin
company: We Are Interactive
description: Installs and configure newrelic
min_ansible_version: 2.0
license: MIT
# Optionally specify the branch Galaxy will use when accessing the GitHub
# repo for this role. During role install, if no tags are available,
# Galaxy will use this branch. During import Galaxy will access files on
# this branch. If travis integration is cofigured, only notification for this
# branch will be accepted. Otherwise, in all cases, the repo's default branch
# (usually master) will be used.
github_branch: master
#
# Below are all platforms currently available. Just uncomment
# the ones that apply to your role. If you don't see your
# platform on this list, let us know and we'll get it added!
#
platforms:
- name: EL
versions:
- all
# - 5
# - 6
# - 7
#- name: GenericUNIX
# versions:
# - all
# - any
#- name: Solaris
# versions:
# - all
# - 10
# - 11.0
# - 11.1
# - 11.2
# - 11.3
#- name: Fedora
# versions:
# - all
# - 16
# - 17
# - 18
# - 19
# - 20
# - 21
# - 22
# - 23
#- name: Windows
# versions:
# - all
# - 2012R2
#- name: SmartOS
# versions:
# - all
# - any
#- name: opensuse
# versions:
# - all
# - 12.1
# - 12.2
# - 12.3
# - 13.1
# - 13.2
#- name: Amazon
# versions:
# - all
# - 2013.03
# - 2013.09
#- name: GenericBSD
# versions:
# - all
# - any
#- name: FreeBSD
# versions:
# - all
# - 10.0
# - 10.1
# - 10.2
# - 8.0
# - 8.1
# - 8.2
# - 8.3
# - 8.4
# - 9.0
# - 9.1
# - 9.1
# - 9.2
# - 9.3
- name: Ubuntu
versions:
- all
# - lucid
# - maverick
# - natty
# - oneiric
# - precise
# - quantal
# - raring
# - saucy
# - trusty
# - utopic
# - vivid
# - wily
#- name: SLES
# versions:
# - all
# - 10SP3
# - 10SP4
# - 11
# - 11SP1
# - 11SP2
# - 11SP3
#- name: GenericLinux
# versions:
# - all
# - any
- name: Debian
versions:
- all
# - etch
# - jessie
# - lenny
# - squeeze
# - wheezy categories:
#
# List tags for your role here, one per line. A tag is
# a keyword that describes and categorizes the role.
# Users find roles by searching for tags. Be sure to
# remove the '[]' above if you add tags to this list.
#
# NOTE: A tag is limited to a single word comprised of
# alphanumeric characters. Maximum 20 tags per role.
galaxy_tags:
- monitoring
- newrelic
# List your role dependencies here, one per line. Only
# dependencies available via galaxy should be listed here.
# Be sure to remove the '[]' above if you add dependencies
# to this list.
dependencies: []

14
box/provisioning/roles/franklinkim.newrelic/meta/readme.yml Normal file
View file

@ -0,0 +1,14 @@
---
galaxy_name: franklinkim.newrelic
github_user: weareinteractive
github_name: ansible-newrelic
badges: |
[![Build Status](https://img.shields.io/travis/weareinteractive/ansible-newrelic.svg)](https://travis-ci.org/weareinteractive/ansible-newrelic)
[![Galaxy](http://img.shields.io/badge/galaxy-franklinkim.newrelic-blue.svg)](https://galaxy.ansible.com/franklinkim/newrelic/)
[![GitHub Tags](https://img.shields.io/github/tag/weareinteractive/ansible-newrelic.svg)](https://github.com/weareinteractive/ansible-newrelic)
[![GitHub Stars](https://img.shields.io/github/stars/weareinteractive/ansible-newrelic.svg)](https://github.com/weareinteractive/ansible-newrelic)
description: |
> * installs newrelic
> * configures newrelic
> * configures service

19
box/provisioning/roles/franklinkim.newrelic/tasks/config.yml Normal file
View file

@ -0,0 +1,19 @@
---
- name: Configuring module
template:
src: "{{ item }}.j2"
dest: "/{{ item }}"
owner: "{{ newrelic_user }}"
group: "{{ newrelic_group }}"
mode: "0640"
notify: restart newrelic
with_items:
- "etc/newrelic/nrsysmond.cfg"
- name: Configuring user groups
user:
name: "{{ newrelic_user }}"
groups: "{{ newrelic_groups|join(',') }}"
append: yes
when: not newrelic_disable_docker

7
box/provisioning/roles/franklinkim.newrelic/tasks/install.yml Normal file
View file

@ -0,0 +1,7 @@
---
- include: install_debian.yml
when: ansible_os_family == 'Debian'
- include: install_redhat.yml
when: ansible_os_family == 'RedHat'

23
box/provisioning/roles/franklinkim.newrelic/tasks/install_debian.yml Normal file
View file

@ -0,0 +1,23 @@
---
- name: Installing dependencies
apt:
pkg: apt-transport-https
state: present
- name: Adding APT key
apt_key:
id: 548C16BF
url: https://download.newrelic.com/548C16BF.gpg
- name: Add APT repository
apt_repository:
repo: "deb http://apt.newrelic.com/debian/ newrelic non-free"
update_cache: yes
- name: Installing packages
apt:
pkg: "{{ item }}"
state: present
with_items:
- newrelic-sysmond

13
box/provisioning/roles/franklinkim.newrelic/tasks/install_redhat.yml Normal file
View file

@ -0,0 +1,13 @@
---
- name: Installing dependencies
yum:
name: http://download.newrelic.com/pub/newrelic/el5/i386/newrelic-repo-5-3.noarch.rpm
state: present
- name: Installing packages
yum:
name: "{{ item }}"
state: present
with_items:
- newrelic-sysmond

28
box/provisioning/roles/franklinkim.newrelic/tasks/main.yml Normal file
View file

@ -0,0 +1,28 @@
---
- name: Checking for key
fail:
msg: "newrelic_license_key has not been defined"
when: newrelic_license_key|default(False) == False
- include: install.yml
tags:
- monitoring
- newrelic
- install
- newrelic-install
- include: config.yml
tags:
- monitoring
- newrelic
- config
- newrelic-config
- include: service.yml
tags:
- monitoring
- newrelic
- service
- newrelic-service

7
box/provisioning/roles/franklinkim.newrelic/tasks/service.yml Normal file
View file

@ -0,0 +1,7 @@
---
- name: Configuring service
service:
name: newrelic-sysmond
state: "{{ newrelic_service_state }}"
enabled: "{{ newrelic_service_enabled }}"

235
box/provisioning/roles/franklinkim.newrelic/templates/etc/newrelic/nrsysmond.cfg.j2 Normal file
View file

@ -0,0 +1,235 @@
# {{ ansible_managed }}
#
# New Relic Server Monitor configuration file.
#
# Lines that begin with a # are comment lines and are ignored by the server
# monitor. For those options that have command line equivalents, if the
# option is specified on the command line it will over-ride any value set
# in this file.
#
#
# Option : cgroup_style
# Value : 0
# Note : Setting `cgroup_style=0` fixes issue with docker memory reporting
# Workaround for an issue where new relic cannot get container memory stats.
# http://stackoverflow.com/questions/36788770/newrelic-does-not-display-cpu-memory-usage-for-dockers-container
# Default: none
#
#cgroup_style=
{% if newrelic_cgroup_style|default(None) != None %}
cgroup_style={{ newrelic_cgroup_style }}
{% endif %}
#
# Option : license_key
# Value : 40-character hexadecimal string provided by New Relic. This is
# required in order for the server monitor to start.
# Default: none
#
license_key={{ newrelic_license_key }}
#
# Option : loglevel
# Value : Level of detail you want in the log file (as defined by the logfile
# setting below. Valid values are (in increasing levels of verbosity):
# error - show errors only
# warning - show errors and warnings
# info - show minimal additional information messages
# verbose - show more detailed information messages
# debug - show debug messages
# verbosedebug - show very detailed debug messages
# Default: error
# Note : Can also be set with the -d command line option.
#
loglevel={{ newrelic_loglevel }}
#
# Option : logfile
# Value : Name of the file where the server monitor will store it's log
# messages. The amount of detail stored in this file is controlled
# by the loglevel option (above).
# Default: none. However it is highly recommended you set a value for this.
# Note : Can also be set with the -l command line option.
#
logfile={{ newrelic_logfile }}
#
# Option : proxy
# Value : The name and optional login credentials of the proxy server to use
# for all communication with the New Relic collector. In its simplest
# form this setting is just a hostname[:port] setting. The default
# port if none is specified is 1080. If your proxy requires a user
# name, use the syntax user@host[:port]. If it also requires a
# password use the format user:password@host[:port]. For example:
# fred:secret@proxy.mydomain.com:8181
# Default: none (use a direct connection)
#
#proxy=
{% if newrelic_proxy|default(None) != None %}
proxy={{ newrelic_proxy }}
{% endif %}
#
# Setting: ssl
# Type : boolean
# Purpose: If you prefer the daemon to use the secure HTTP (https) protocol
# when communicating with the New Relic collector servers, set this
# to true.
# Default: true (as of version 1.4)
#
#ssl=true
#
# Setting: docker_connection
# Type : string
# Purpose: Determine how to communicate with the Docker API on the local host.
# Valid values are:
#
# uds:///path/to/socket
# unix:///path/to/socket
# /path/to/socket
# These three forms are all equivalent and are used to point to the
# UNIX-domain socket (UDS). The socket path must be absolute and the
# socket must be writeable.
#
# tcp://localhost:port
# http://localhost:port
# Use an unencrypted connection to the local host on the specified
# port. If the :port portion is missing it defaults to 2376. The
# host name MUST be localhost or 127.0.0.1. No other host name is
# valid.
#
# https://localhost:port
# Use an encrypted connection to the local host om the specified
# port. If the :port portion is missing it defaults to 2376. The
# host name MUST be localhost or 127.0.0.1. No other host name is
# valid. In order to use TLS authentication you may need to set
# the various key and certificate options below.
#
# If no value is set, attempt to use the default (/var/run/docker.sock)
# if it exists and is writable. If that fails, attempt to use the value
# of the environment variable DOCKER_HOST.
#
# You may need to add the user that you run LSM as to the docker
# group. Please consult the Docker web site for details and security
# implications.
# Default: empty
#docker_connection=
#
# Setting: docker_cert_path
# Type : string
# Purpose: Set the default location to look for the certificate, key and CA
# certificate for using TLS. If no value is set and the directory
# $HOME/.docker exists, that is used as the default value. LSM will
# look in this directory for the cert.pem, key.pem and cacert.pem
# files, and use them if present. If set, the environment variable
# $DOCKER_CERT_PATH will be used as the default value if no value
# is explicitly set here.
# Default: empty
#docker_cert_path=
#
# Setting: docker_cert
# docker_key
# docker_cacert
# Type : string
# Purpose: Set the name of the certificate, key and CA certificate files to
# use for TLS. If these are not absolute paths they are searched for
# in the directory determined by docker_cert_path above.
# Default: empty
#docker_cert=
#docker_key=
#docker_cacert=
#
# Setting: ssl_ca_bundle
# Type : string
# Purpose: Sets the location of a file containing CA certificates in PEM
# format. When set, the certificates in this file will be used
# to authenticate the New Relic collector servers. If ssl_ca_path
# is also set (see below), the certificates in this file will be
# searched first, followed by the certificates contained in the
# ssl_ca_path directory. This setting has no effect when ssl
# is set to false.
# Default: none
# Note : Can also be set with the -b command line option.
#
#ssl_ca_bundle=
#
# Setting: ssl_ca_path
# Type : string
# Purpose: Sets the location of a directory containing trusted CA certificates
# in PEM format. When set, the certificates in this directory will be
# used to authenticate the New Relic collector servers. If
# ssl_ca_bundle is also set (see above), it will be searched first
# followed by the certificates contained in ssl_ca_path. This
# setting has no effect when ssl is set to false.
# Default: none
# Note : Can also be set with the -S command line option.
#
#ssl_ca_path=
#
# Option : pidfile
# Value : Name of a file where the server monitoring daemon will store it's
# process ID (PID). This is used by the startup and shutdown script
# to determine if the monitor is already running, and to start it up
# or shut it down.
# Default: /tmp/nrsysmond.pid
# Note : Can also be set with the -p command line option.
#
#pidfile=/var/run/newrelic/nrsysmond.pid
# Option : collector_host
# Value : The name of the New Relic collector to connect to. This should only
# ever be changed on advise from a New Relic support staff member.
# The format is host[:port]. Using a port number of 0 means the default
# port, which is 80 (if not using the ssl option - see below) or 443
# if SSL is enabled. If the port is omitted the default value is used.
# Default: collector.newrelic.com
#
#collector_host=collector.newrelic.com
#
# Option : labels
# Value : A series of label_type/label_value pairings
# Each item in the pair is separated by a colon
# Each pair is separated by a semicolon
# e.g.
# labels = Environment:Production;DataCenter:EastUS;
# Default: none
#
#labels=label_type:label_value
{% if newrelic_labels|default(None) != None %}
labels={{ newrelic_labels }}
{% endif %}
#
# Option : disable_nfs
# Type : boolean
# Value : Set to true to disable NFS client statistics gathering.
# Default: false
#
disable_nfs={{ newrelic_disable_nfs | to_nice_json }}
#
# Option : disable_docker
# Type : boolean
# Value : Set to true to disable Docker container statistics gathering.
# Default: false
#
disable_docker={{ newrelic_disable_docker | to_nice_json }}
#
# Option : override_hostname
# Type : string
# Value : Set to a non-empty value to use as the hostname that will be reported to New Relic
# Default: none
#
#hostname=newrelic.com
{% if newrelic_override_hostname|default(None) != None %}
hostname={{ newrelic_override_hostname }}
{% endif %}

9
box/provisioning/roles/franklinkim.newrelic/tests/main.yml Normal file
View file

@ -0,0 +1,9 @@
---
- hosts: all
become: yes
roles:
- franklinkim.newrelic
vars:
newrelic_service_state: started
newrelic_license_key: ab2fa361cd4d0d373833cad619d7bcc424d27c16

17
box/provisioning/roles/franklinkim.newrelic/tests/run.sh Executable file
View file

@ -0,0 +1,17 @@
#!/bin/bash
# define variables
ROLE_NAME=franklinkim.newrelic
# install dependencies
# echo '* installing dependencies'
# ansible-galaxy install franklinkim.openssl
# create role symlink
echo '* creating symlink'
ln -s $(pwd) /usr/share/ansible/roles/$ROLE_NAME
# run tests
echo 'running playbook'
ansible-playbook --syntax-check -i 'localhost,' -c local $(pwd)/tests/main.yml
ansible-playbook -vvvv -i 'localhost,' -c local $(pwd)/tests/main.yml

2
box/provisioning/roles/geerlingguy.adminer/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
*.retry
tests/test.sh

27
box/provisioning/roles/geerlingguy.adminer/.travis.yml Normal file
View file

@ -0,0 +1,27 @@
---
services: docker
env:
- distro: centos7
playbook: test-apache.yml
- distro: centos6
playbook: test-apache.yml
- distro: ubuntu1604
playbook: test-apache.yml
- distro: ubuntu1404
playbook: test-apache.yml
- distro: debian8
playbook: test-apache.yml
- distro: ubuntu1604
playbook: test-standalone.yml
script:
# Download test shim.
- wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/
- chmod +x ${PWD}/tests/test.sh
# Run tests.
- ${PWD}/tests/test.sh
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

20
box/provisioning/roles/geerlingguy.adminer/LICENSE Normal file
View file

@ -0,0 +1,20 @@
The MIT License (MIT)
Copyright (c) 2017 Jeff Geerling
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

47
box/provisioning/roles/geerlingguy.adminer/README.md Normal file
View file

@ -0,0 +1,47 @@
# Ansible Role: Adminer
[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-adminer.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-adminer)
An Ansible Role that installs [Adminer](http://www.adminer.org/) on almost any computer.
## Requirements
You need to have PHP and MySQL for Adminer to do anything useful. If you have Apache installed, Adminer will add in configuration to make Adminer accessible on any virtualhost at `/adminer`; set `adminer_add_apache_config` to `false` to disable this behavior.
## Role Variables
Available variables are listed below, along with default values (see `defaults/main.yml`):
adminer_install_dir: /opt/adminer
The directory in which Adminer will be downloaded/installed.
adminer_install_filename: adminer.php
The filename for the downloaded Adminer application. If you're managing virtualhosts or server directives manually, it might be simpler to set the document root to your configured `adminer_install_dir`, and the filename to `index.php`, so you don't have to enter `/adminer.php` in the URL to access Adminer.
adminer_symlink_dirs: []
Directories inside which you would like `adminer.php` symlinked. Can be useful if you just want to toss the script into a docroot and access it at `sitename/adminer.php`.
adminer_add_apache_config: false
Set this to `true` to tell Adminer to add a config file to Apache so you can access it at `hostname/adminer` on any configured virtualhost, using an Apache `Alias` directive. The role will also restart Apache so this configuration takes effect immediately.
## Dependencies
None. If `adminer_add_apache_config` is set to `true`, it will use some variables and handlers defined by the `geerlingguy.apache` role, so there's a soft dependency on that role.
## Example Playbook
- hosts: servers
roles:
- { role: geerlingguy.adminer }
## License
MIT / BSD
## Author Information
This role was created in 2015 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/). It is originally a fork of [Oefenweb/ansible-adminer](https://github.com/Oefenweb/ansible-adminer).

5
box/provisioning/roles/geerlingguy.adminer/defaults/main.yml Normal file
View file

@ -0,0 +1,5 @@
---
adminer_install_dir: /opt/adminer
adminer_install_filename: adminer.php
adminer_symlink_dirs: []
adminer_add_apache_config: false

44
box/provisioning/roles/geerlingguy.adminer/meta/main.yml Normal file
View file

@ -0,0 +1,44 @@
---
dependencies: []
galaxy_info:
author: geerlingguy
description: Installs Adminer for Database management.
company: "Midwestern Mac, LLC"
license: "license (BSD, MIT)"
min_ansible_version: 1.9
platforms:
- name: EL
versions:
- all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags:
- system
- database
- development

41
box/provisioning/roles/geerlingguy.adminer/tasks/main.yml Normal file
View file

@ -0,0 +1,41 @@
---
# Install Adminer.
- name: Ensure Adminer directory exists.
file:
path: "{{ adminer_install_dir }}"
state: directory
recurse: yes
- name: Download Adminer to configured directory.
get_url:
url: https://www.adminer.org/latest.php
dest: "{{ adminer_install_dir }}/{{ adminer_install_filename }}"
mode: 0644
timeout: 60
- name: Symlink Adminer into configured directories.
file:
src: "{{ adminer_install_dir }}/adminer.php"
dest: "{{ item }}/adminer.php"
state: link
with_items: "{{ adminer_symlink_dirs }}"
# Add Apache configuration (if configured).
- name: Set the proper Apache configuration directory (Debian).
set_fact:
apache_extra_conf_dir: "{{ 'conf-enabled' if apache_vhosts_version == '2.4' else 'conf.d' }}"
when: adminer_add_apache_config and ansible_os_family == 'Debian'
- name: Add Apache configuration file for Adminer (Debian).
template:
src: adminer.conf.j2
dest: "{{ apache_conf_path }}/{{ apache_extra_conf_dir }}/adminer.conf"
when: adminer_add_apache_config and ansible_os_family == 'Debian'
notify: restart apache
- name: Add Apache configuration file for Adminer (RedHat).
template:
src: adminer.conf.j2
dest: "{{ apache_conf_path }}/adminer.conf"
when: adminer_add_apache_config and ansible_os_family == 'RedHat'
notify: restart apache

9
box/provisioning/roles/geerlingguy.adminer/templates/adminer.conf.j2 Normal file
View file

@ -0,0 +1,9 @@
Alias /adminer "{{ adminer_install_dir }}/adminer.php"
<Directory "{{ adminer_install_dir }}">
{% if apache_vhosts_version == "2.2" %}
Order allow,deny
Allow from all
{% else %}
Require all granted
{% endif %}
</Directory>

11
box/provisioning/roles/geerlingguy.adminer/tests/README.md Normal file
View file

@ -0,0 +1,11 @@
# Ansible Role tests
To run the test playbook(s) in this directory:
1. Install and start Docker.
1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`:
- `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/`
1. Make the test shim executable: `chmod +x tests/test.sh`.
1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh`
If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)`

2
box/provisioning/roles/geerlingguy.adminer/tests/requirements.yml Normal file
View file

@ -0,0 +1,2 @@
---
- src: geerlingguy.apache

8
box/provisioning/roles/geerlingguy.adminer/tests/test-apache.yml Normal file
View file

@ -0,0 +1,8 @@
- hosts: all
vars:
adminer_add_apache_config: true
roles:
- geerlingguy.apache
- role_under_test

8
box/provisioning/roles/geerlingguy.adminer/tests/test-standalone.yml Normal file
View file

@ -0,0 +1,8 @@
- hosts: all
vars:
adminer_install_dir: /opt/adminer
adminer_add_apache_config: false
roles:
- role_under_test

53
box/provisioning/roles/geerlingguy.apache-php-fpm/.travis.yml Normal file
View file

@ -0,0 +1,53 @@
---
sudo: required
env:
- distribution: centos
version: 7
init: /usr/lib/systemd/systemd
run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
- distribution: ubuntu
version: 14.04
init: /sbin/init
run_opts: ""
- distribution: ubuntu
version: 12.04
init: /sbin/init
run_opts: ""
services:
- docker
before_install:
# Pull container
- 'sudo docker pull ${distribution}:${version}'
# Customize container
- 'sudo docker build --rm=true --file=tests/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests'
script:
- container_id=$(mktemp)
# Run container in detached state.
- 'sudo docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} ${distribution}-${version}:ansible "${init}" > "${container_id}"'
# Install required Galaxy roles.
- 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-galaxy install geerlingguy.repo-remi geerlingguy.apache geerlingguy.php'
# Ansible syntax check.
- 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml --syntax-check'
# Test role.
- 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml'
- 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml'
# Test role idempotence.
- >
sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml
| grep -q 'changed=0.*failed=0'
&& (echo 'Idempotence test: pass' && exit 0)
|| (echo 'Idempotence test: fail' && exit 1)
# Clean up
- 'sudo docker stop "$(cat ${container_id})"'
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

57
box/provisioning/roles/geerlingguy.apache-php-fpm/README.md Normal file
View file

@ -0,0 +1,57 @@
# Ansible Role: Apache PHP-FPM
[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-apache-php-fpm.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-apache-php-fpm)
An Ansible Role that configures Apache for PHP-FPM usage on RHEL/CentOS and Debian/Ubuntu.
## Requirements
This role is dependent upon `geerlingguy.apache`, and also requires you have PHP running with PHP-FPM somewhere on the server or elsewhere (I usually configure PHP with the `geerlingguy.php` role).
Additionally, this role will only work correctly if you have Apache 2.4.9+ installed; on older versions of Debian/Ubuntu Linux (e.g. 12.04), you can add `ppa:ondrej/apache2` prior to Apache installation to install Apache 2.4, for example:
- name: Add repository for Apache 2.4 on Ubuntu 12.04.
apt_repository: repo='ppa:ondrej/apache2'
when: ansible_distribution_version == "12.04"
When configuring your Apache virtual hosts, you can add the following line to any vhost definition to enable passthrough to PHP-FPM:
# If using a TCP port:
ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://127.0.0.1:9000/var/www/example"
# If using a Unix socket:
ProxyPassMatch ^/(.*\.php(/.*)?)$ "unix:/var/run/php5-fpm.sock|fcgi://localhost/var/www/example"
For a full usage example with the `geerlingguy.apache` role, see the Example Playbook later in this README.
## Role Variables
None.
## Dependencies
None.
## Example Playbook
- hosts: webservers
vars:
apache_vhosts:
- servername: "www.example.com"
documentroot: "/var/www/example"
extra_parameters: |
ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://127.0.0.1:9000/var/www/example"
roles:
- { role: geerlingguy.apache }
- { role: geerlingguy.php }
- { role: geerlingguy.apache-fastcgi-php }
## License
MIT / BSD
## Author Information
This role was created in 2016 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://www.ansiblefordevops.com/).

26
box/provisioning/roles/geerlingguy.apache-php-fpm/meta/main.yml Normal file
View file

@ -0,0 +1,26 @@
---
dependencies:
- geerlingguy.apache
galaxy_info:
author: geerlingguy
description: Apache 2.4+ PHP-FPM support for Linux.
company: "Midwestern Mac, LLC"
license: "license (BSD, MIT)"
min_ansible_version: 1.4
platforms:
- name: EL
versions:
- 6
- 7
- name: Debian
versions:
- wheezy
- jessie
- name: Ubuntu
versions:
- precise
- trusty
- xenial
galaxy_tags:
- web

10
box/provisioning/roles/geerlingguy.apache-php-fpm/tasks/configure-Debian.yml Normal file
View file

@ -0,0 +1,10 @@
---
- name: Enable mod_proxy_fcgi.
file:
src: "{{ apache_server_root }}/mods-available/{{ item }}"
dest: "{{ apache_server_root }}/mods-enabled/{{ item }}"
state: link
with_items:
- proxy.load
- proxy_fcgi.load
notify: restart apache

7
box/provisioning/roles/geerlingguy.apache-php-fpm/tasks/configure-RedHat.yml Normal file
View file

@ -0,0 +1,7 @@
---
# RHEL/CentOS 7 automatically installs and enables mod_proxy_fcgi by default.
# RHEL/CentOS 6 installs Apache 2.2... and is much harder to get configured with
# FastCGI, but here are two guides:
# - Apache 2.2 + mod_fastcgi: http://stackoverflow.com/a/21409702/100134
# - Apache 2.4 + mod_proxy_fcgi: http://unix.stackexchange.com/a/138903/16194

7
box/provisioning/roles/geerlingguy.apache-php-fpm/tasks/main.yml Normal file
View file

@ -0,0 +1,7 @@
---
# Configuration tasks.
- include: configure-Debian.yml
when: ansible_os_family == 'Debian'
- include: configure-RedHat.yml
when: ansible_os_family == 'RedHat'

27
box/provisioning/roles/geerlingguy.apache-php-fpm/tests/Dockerfile.centos-7 Normal file
View file

@ -0,0 +1,27 @@
FROM centos:7
# Install systemd -- See https://hub.docker.com/_/centos/
RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs
RUN yum -y update; yum clean all; \
(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
rm -f /lib/systemd/system/multi-user.target.wants/*; \
rm -f /etc/systemd/system/*.wants/*; \
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.target.wants/*; \
rm -f /lib/systemd/system/anaconda.target.wants/*;
# Install Ansible
RUN yum -y install epel-release
RUN yum -y install git ansible sudo
RUN yum clean all
# Disable requiretty
RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers
# Install Ansible inventory file
RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts
VOLUME ["/sys/fs/cgroup"]
CMD ["/usr/sbin/init"]

11
box/provisioning/roles/geerlingguy.apache-php-fpm/tests/Dockerfile.ubuntu-12.04 Normal file
View file

@ -0,0 +1,11 @@
FROM ubuntu:12.04
RUN apt-get update
# Install Ansible
RUN apt-get install -y software-properties-common python-software-properties git
RUN apt-add-repository -y ppa:ansible/ansible
RUN apt-get update
RUN apt-get install -y ansible
# Install Ansible inventory file
RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts

11
box/provisioning/roles/geerlingguy.apache-php-fpm/tests/Dockerfile.ubuntu-14.04 Normal file
View file

@ -0,0 +1,11 @@
FROM ubuntu:14.04
RUN apt-get update
# Install Ansible
RUN apt-get install -y software-properties-common git
RUN apt-add-repository -y ppa:ansible/ansible
RUN apt-get update
RUN apt-get install -y ansible
# Install Ansible inventory file
RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts

27
box/provisioning/roles/geerlingguy.apache-php-fpm/tests/test.yml Normal file
View file

@ -0,0 +1,27 @@
---
- hosts: all
vars:
php_enablerepo: "remi,remi-php56"
apache_listen_port_ssl: 443
apache_create_vhosts: true
apache_vhosts_filename: "vhosts.conf"
apache_vhosts:
- servername: "example.com"
documentroot: "/var/www/vhosts/example_com"
pre_tasks:
- name: Add repository for PHP 5.5 + Apache 2.4 on Ubuntu 12.04.
apt_repository: repo='ppa:ondrej/php5'
when: ansible_distribution_version == "12.04"
- name: Update apt cache on Ubuntu 12.04.
apt: update_cache=yes
when: ansible_distribution_version == "12.04"
roles:
- role: geerlingguy.repo-remi
when: ansible_os_family == 'RedHat'
- role: geerlingguy.apache
- role: geerlingguy.php
- role: role_under_test

2
box/provisioning/roles/geerlingguy.apache/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
*.retry
tests/test.sh

21
box/provisioning/roles/geerlingguy.apache/.travis.yml Normal file
View file

@ -0,0 +1,21 @@
---
services: docker
env:
- distro: centos7
- distro: centos6
- distro: ubuntu1604
- distro: ubuntu1404
- distro: ubuntu1204
- distro: debian8
script:
# Download test shim.
- wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/
- chmod +x ${PWD}/tests/test.sh
# Run tests.
- ${PWD}/tests/test.sh
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

20
box/provisioning/roles/geerlingguy.apache/LICENSE Normal file
View file

@ -0,0 +1,20 @@
The MIT License (MIT)
Copyright (c) 2017 Jeff Geerling
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

155
box/provisioning/roles/geerlingguy.apache/README.md Normal file
View file

@ -0,0 +1,155 @@
# Ansible Role: Apache 2.x
[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-apache.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-apache)
An Ansible Role that installs Apache 2.x on RHEL/CentOS, Debian/Ubuntu, SLES and Solaris.
## Requirements
If you are using SSL/TLS, you will need to provide your own certificate and key files. You can generate a self-signed certificate with a command like `openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout example.key -out example.crt`.
If you are using Apache with PHP, I recommend using the `geerlingguy.php` role to install PHP, and you can either use mod_php (by adding the proper package, e.g. `libapache2-mod-php5` for Ubuntu, to `php_packages`), or by also using `geerlingguy.apache-php-fpm` to connect Apache to PHP via FPM. See that role's README for more info.
## Role Variables
Available variables are listed below, along with default values (see `defaults/main.yml`):
apache_enablerepo: ""
The repository to use when installing Apache (only used on RHEL/CentOS systems). If you'd like later versions of Apache than are available in the OS's core repositories, use a repository like EPEL (which can be installed with the `geerlingguy.repo-epel` role).
apache_listen_ip: "*"
apache_listen_port: 80
apache_listen_port_ssl: 443
The IP address and ports on which apache should be listening. Useful if you have another service (like a reverse proxy) listening on port 80 or 443 and need to change the defaults.
apache_create_vhosts: true
apache_vhosts_filename: "vhosts.conf"
apache_vhosts_template: "vhosts.conf.j2"
If set to true, a vhosts file, managed by this role's variables (see below), will be created and placed in the Apache configuration folder. If set to false, you can place your own vhosts file into Apache's configuration folder and skip the convenient (but more basic) one added by this role. You can also override the template used and set a path to your own template, if you need to further customize the layout of your VirtualHosts.
apache_remove_default_vhost: false
On Debian/Ubuntu, a default virtualhost is included in Apache's configuration. Set this to `true` to remove that default virtualhost configuration file.
apache_global_vhost_settings: |
DirectoryIndex index.php index.html
# Add other global settings on subsequent lines.
You can add or override global Apache configuration settings in the role-provided vhosts file (assuming `apache_create_vhosts` is true) using this variable. By default it only sets the DirectoryIndex configuration.
apache_vhosts:
# Additional optional properties: 'serveradmin, serveralias, extra_parameters'.
- servername: "local.dev"
documentroot: "/var/www/html"
Add a set of properties per virtualhost, including `servername` (required), `documentroot` (required), `allow_override` (optional: defaults to the value of `apache_allow_override`), `options` (optional: defaults to the value of `apache_options`), `serveradmin` (optional), `serveralias` (optional) and `extra_parameters` (optional: you can add whatever additional configuration lines you'd like in here).
Here's an example using `extra_parameters` to add a RewriteRule to redirect all requests to the `www.` site:
- servername: "www.local.dev"
serveralias: "local.dev"
documentroot: "/var/www/html"
extra_parameters: |
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
The `|` denotes a multiline scalar block in YAML, so newlines are preserved in the resulting configuration file output.
apache_vhosts_ssl: []
No SSL vhosts are configured by default, but you can add them using the same pattern as `apache_vhosts`, with a few additional directives, like the following example:
apache_vhosts_ssl:
- {
servername: "local.dev",
documentroot: "/var/www/html",
certificate_file: "/home/vagrant/example.crt",
certificate_key_file: "/home/vagrant/example.key",
certificate_chain_file: "/path/to/certificate_chain.crt"
}
Other SSL directives can be managed with other SSL-related role variables.
apache_ssl_protocol: "All -SSLv2 -SSLv3"
apache_ssl_cipher_suite: "AES256+EECDH:AES256+EDH"
The SSL protocols and cipher suites that are used/allowed when clients make secure connections to your server. These are secure/sane defaults, but for maximum security, performand, and/or compatibility, you may need to adjust these settings.
apache_allow_override: "All"
apache_options: "-Indexes +FollowSymLinks"
The default values for the `AllowOverride` and `Options` directives for the `documentroot` directory of each vhost. A vhost can overwrite these values by specifying `allow_override` or `options`.
apache_mods_enabled:
- rewrite.load
- ssl.load
apache_mods_disabled: []
(Debian/Ubuntu ONLY) Which Apache mods to enable or disable (these will be symlinked into the appropriate location). See the `mods-available` directory inside the apache configuration directory (`/etc/apache2/mods-available` by default) for all the available mods.
apache_packages:
- [platform-specific]
The list of packages to be installed. This defaults to a set of platform-specific packages for RedHat or Debian-based systems (see `vars/RedHat.yml` and `vars/Debian.yml` for the default values).
apache_state: started
Set initial Apache daemon state to be enforced when this role is run. This should generally remain `started`, but you can set it to `stopped` if you need to fix the Apache config during a playbook run or otherwise would not like Apache started at the time this role is run.
apache_packages_state: installed
If you have enabled any additional repositories such as _ondrej/apache2_, [geerlingguy.repo-epel](https://github.com/geerlingguy/ansible-role-repo-epel), or [geerlingguy.repo-remi](https://github.com/geerlingguy/ansible-role-repo-remi), you may want an easy way to upgrade versions. You can set this to `latest` (combined with `apache_enablerepo` on RHEL) and can directly upgrade to a different Apache version from a different repo (instead of uninstalling and reinstalling Apache).
apache_ignore_missing_ssl_certificate: true
If you would like to only create SSL vhosts when the vhost certificate is present (e.g. when using Lets Encrypt), set `apache_ignore_missing_ssl_certificate` to `false`. When doing this, you might need to run your playbook more than once so all the vhosts are configured (if another part of the playbook generates the SSL certificates).
## .htaccess-based Basic Authorization
If you require Basic Auth support, you can add it either through a custom template, or by adding `extra_parameters` to a VirtualHost configuration, like so:
extra_parameters: |
<Directory "/var/www/password-protected-directory">
Require valid-user
AuthType Basic
AuthName "Please authenticate"
AuthUserFile /var/www/password-protected-directory/.htpasswd
</Directory>
To password protect everything within a VirtualHost directive, use the `Location` block instead of `Directory`:
<Location "/">
Require valid-user
....
</Location>
You would need to generate/upload your own `.htpasswd` file in your own playbook. There may be other roles that support this functionality in a more integrated way.
## Dependencies
None.
## Example Playbook
- hosts: webservers
vars_files:
- vars/main.yml
roles:
- { role: geerlingguy.apache }
*Inside `vars/main.yml`*:
apache_listen_port: 8080
apache_vhosts:
- {servername: "example.com", documentroot: "/var/www/vhosts/example_com"}
## License
MIT / BSD
## Author Information
This role was created in 2014 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/).

58
box/provisioning/roles/geerlingguy.apache/defaults/main.yml Normal file
View file

@ -0,0 +1,58 @@
---
apache_enablerepo: ""
apache_listen_ip: "*"
apache_listen_port: 80
apache_listen_port_ssl: 443
apache_create_vhosts: true
apache_vhosts_filename: "vhosts.conf"
apache_vhosts_template: "vhosts.conf.j2"
# On Debian/Ubuntu, a default virtualhost is included in Apache's configuration.
# Set this to `true` to remove that default.
apache_remove_default_vhost: false
apache_global_vhost_settings: |
DirectoryIndex index.php index.html
apache_vhosts:
# Additional properties:
# 'serveradmin, serveralias, allow_override, options, extra_parameters'.
- servername: "local.dev"
documentroot: "/var/www/html"
apache_allow_override: "All"
apache_options: "-Indexes +FollowSymLinks"
apache_vhosts_ssl: []
# Additional properties:
# 'serveradmin, serveralias, allow_override, options, extra_parameters'.
# - servername: "local.dev",
# documentroot: "/var/www/html",
# certificate_file: "/path/to/certificate.crt",
# certificate_key_file: "/path/to/certificate.key",
# # Optional.
# certificate_chain_file: "/path/to/certificate_chain.crt"
apache_ignore_missing_ssl_certificate: true
apache_ssl_protocol: "All -SSLv2 -SSLv3"
apache_ssl_cipher_suite: "AES256+EECDH:AES256+EDH"
# Only used on Debian/Ubuntu.
apache_mods_enabled:
- rewrite.load
- ssl.load
apache_mods_disabled: []
# Set initial apache state. Recommended values: `started` or `stopped`
apache_state: started
# Set apache state when configuration changes are made. Recommended values:
# `restarted` or `reloaded`
apache_restart_state: restarted
# Apache package state; use `installed` to make sure it's installed, or `latest` if
# you want to upgrade or switch versions using a new repo.
apache_packages_state: installed

5
box/provisioning/roles/geerlingguy.apache/handlers/main.yml Normal file
View file

@ -0,0 +1,5 @@
---
- name: restart apache
service:
name: "{{ apache_service }}"
state: "{{ apache_restart_state }}"

39
box/provisioning/roles/geerlingguy.apache/meta/main.yml Normal file
View file

@ -0,0 +1,39 @@
---
dependencies: []
galaxy_info:
author: geerlingguy
description: Apache 2.x for Linux.
company: "Midwestern Mac, LLC"
license: "license (BSD, MIT)"
min_ansible_version: 2.2
platforms:
- name: EL
versions:
- all
- name: Amazon
versions:
- all
- name: Debian
versions:
- all
- name: Ubuntu
versions:
- precise
- raring
- saucy
- trusty
- xenial
- name: Suse
versions:
- all
- name: Solaris
versions:
- 11.3
galaxy_tags:
- web
- apache
- webserver
- html
allow_duplicates: yes

54
box/provisioning/roles/geerlingguy.apache/tasks/configure-Debian.yml Normal file
View file

@ -0,0 +1,54 @@
---
- name: Configure Apache.
lineinfile:
dest: "{{ apache_server_root }}/ports.conf"
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
state: present
with_items: "{{ apache_ports_configuration_items }}"
notify: restart apache
- name: Enable Apache mods.
file:
src: "{{ apache_server_root }}/mods-available/{{ item }}"
dest: "{{ apache_server_root }}/mods-enabled/{{ item }}"
state: link
with_items: "{{ apache_mods_enabled }}"
notify: restart apache
- name: Disable Apache mods.
file:
path: "{{ apache_server_root }}/mods-enabled/{{ item }}"
state: absent
with_items: "{{ apache_mods_disabled }}"
notify: restart apache
- name: Check whether certificates defined in vhosts exist.
stat: "path={{ item.certificate_file }}"
register: apache_ssl_certificates
with_items: "{{ apache_vhosts_ssl }}"
- name: Add apache vhosts configuration.
template:
src: "{{ apache_vhosts_template }}"
dest: "{{ apache_conf_path }}/sites-available/{{ apache_vhosts_filename }}"
owner: root
group: root
mode: 0644
notify: restart apache
when: apache_create_vhosts
- name: Add vhost symlink in sites-enabled.
file:
src: "{{ apache_conf_path }}/sites-available/{{ apache_vhosts_filename }}"
dest: "{{ apache_conf_path }}/sites-enabled/{{ apache_vhosts_filename }}"
state: link
notify: restart apache
when: apache_create_vhosts
- name: Remove default vhost in sites-enabled.
file:
path: "{{ apache_conf_path }}/sites-enabled/{{ apache_default_vhost_filename }}"
state: absent
notify: restart apache
when: apache_remove_default_vhost

24
box/provisioning/roles/geerlingguy.apache/tasks/configure-RedHat.yml Normal file
View file

@ -0,0 +1,24 @@
---
- name: Configure Apache.
lineinfile:
dest: "{{ apache_server_root }}/conf/{{ apache_daemon }}.conf"
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
state: present
with_items: "{{ apache_ports_configuration_items }}"
notify: restart apache
- name: Check whether certificates defined in vhosts exist.
stat: path={{ item.certificate_file }}
register: apache_ssl_certificates
with_items: "{{ apache_vhosts_ssl }}"
- name: Add apache vhosts configuration.
template:
src: "{{ apache_vhosts_template }}"
dest: "{{ apache_conf_path }}/{{ apache_vhosts_filename }}"
owner: root
group: root
mode: 0644
notify: restart apache
when: apache_create_vhosts

19
box/provisioning/roles/geerlingguy.apache/tasks/configure-Solaris.yml Normal file
View file

@ -0,0 +1,19 @@
---
- name: Configure Apache.
lineinfile:
dest: "{{ apache_server_root }}/{{ apache_daemon }}.conf"
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
state: present
with_items: "{{ apache_ports_configuration_items }}"
notify: restart apache
- name: Add apache vhosts configuration.
template:
src: "{{ apache_vhosts_template }}"
dest: "{{ apache_conf_path }}/{{ apache_vhosts_filename }}"
owner: root
group: root
mode: 0644
notify: restart apache
when: apache_create_vhosts

24
box/provisioning/roles/geerlingguy.apache/tasks/configure-Suse.yml Normal file
View file

@ -0,0 +1,24 @@
---
- name: Configure Apache.
lineinfile:
dest: "{{ apache_server_root }}/listen.conf"
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
state: present
with_items: "{{ apache_ports_configuration_items }}"
notify: restart apache
- name: Check whether certificates defined in vhosts exist.
stat: path={{ item.certificate_file }}
register: apache_ssl_certificates
with_items: "{{ apache_vhosts_ssl }}"
- name: Add apache vhosts configuration.
template:
src: "{{ apache_vhosts_template }}"
dest: "{{ apache_conf_path }}/{{ apache_vhosts_filename }}"
owner: root
group: root
mode: 0644
notify: restart apache
when: apache_create_vhosts

44
box/provisioning/roles/geerlingguy.apache/tasks/main.yml Normal file
View file

@ -0,0 +1,44 @@
---
# Include variables and define needed variables.
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
- name: Include variables for Amazon Linux.
include_vars: "AmazonLinux.yml"
when: ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
- name: Define apache_packages.
set_fact:
apache_packages: "{{ __apache_packages | list }}"
when: apache_packages is not defined
# Setup/install tasks.
- include: "setup-{{ ansible_os_family }}.yml"
static: no
# Figure out what version of Apache is installed.
- name: Get installed version of Apache.
shell: "{{ apache_daemon_path }}{{ apache_daemon }} -v"
changed_when: false
check_mode: no
register: _apache_version
- name: Create apache_version variable.
set_fact:
apache_version: "{{ _apache_version.stdout.split()[2].split('/')[1] }}"
- include_vars: apache-22.yml
when: "apache_version.split('.')[1] == '2'"
- include_vars: apache-24.yml
when: "apache_version.split('.')[1] == '4'"
# Configure Apache.
- include: "configure-{{ ansible_os_family }}.yml"
static: no
- name: Ensure Apache has selected state and enabled on boot.
service:
name: "{{ apache_service }}"
state: "{{ apache_state }}"
enabled: yes

7
box/provisioning/roles/geerlingguy.apache/tasks/setup-Debian.yml Normal file
View file

@ -0,0 +1,7 @@
---
- name: Update apt cache.
apt: update_cache=yes cache_valid_time=3600
- name: Ensure Apache is installed on Debian.
apt: "name={{ item }} state={{ apache_packages_state }}"
with_items: "{{ apache_packages }}"

7
box/provisioning/roles/geerlingguy.apache/tasks/setup-RedHat.yml Normal file
View file

@ -0,0 +1,7 @@
---
- name: Ensure Apache is installed on RHEL.
yum:
name: "{{ item }}"
state: "{{ apache_packages_state }}"
enablerepo: "{{ apache_enablerepo }}"
with_items: "{{ apache_packages }}"

6
box/provisioning/roles/geerlingguy.apache/tasks/setup-Solaris.yml Normal file
View file

@ -0,0 +1,6 @@
---
- name: Ensure Apache is installed on Solaris.
pkg5:
name: "{{ item }}"
state: "{{ apache_packages_state }}"
with_items: "{{ apache_packages }}"

6
box/provisioning/roles/geerlingguy.apache/tasks/setup-Suse.yml Normal file
View file

@ -0,0 +1,6 @@
---
- name: Ensure Apache is installed on Suse.
zypper:
name: "{{ item }}"
state: "{{ apache_packages_state }}"
with_items: "{{ apache_packages }}"

82
box/provisioning/roles/geerlingguy.apache/templates/vhosts.conf.j2 Normal file
View file

@ -0,0 +1,82 @@
{{ apache_global_vhost_settings }}
{# Set up VirtualHosts #}
{% for vhost in apache_vhosts %}
<VirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}>
ServerName {{ vhost.servername }}
{% if vhost.serveralias is defined %}
ServerAlias {{ vhost.serveralias }}
{% endif %}
{% if vhost.documentroot is defined %}
DocumentRoot "{{ vhost.documentroot }}"
{% endif %}
{% if vhost.serveradmin is defined %}
ServerAdmin {{ vhost.serveradmin }}
{% endif %}
{% if vhost.documentroot is defined %}
<Directory "{{ vhost.documentroot }}">
AllowOverride {{ vhost.allow_override | default(apache_allow_override) }}
Options {{ vhost.options | default(apache_options) }}
{% if apache_vhosts_version == "2.2" %}
Order allow,deny
Allow from all
{% else %}
Require all granted
{% endif %}
</Directory>
{% endif %}
{% if vhost.extra_parameters is defined %}
{{ vhost.extra_parameters }}
{% endif %}
</VirtualHost>
{% endfor %}
{# Set up SSL VirtualHosts #}
{% for vhost in apache_vhosts_ssl %}
{% if apache_ignore_missing_ssl_certificate or apache_ssl_certificates.results[loop.index0].stat.exists %}
<VirtualHost {{ apache_listen_ip }}:{{ apache_listen_port_ssl }}>
ServerName {{ vhost.servername }}
{% if vhost.serveralias is defined %}
ServerAlias {{ vhost.serveralias }}
{% endif %}
{% if vhost.documentroot is defined %}
DocumentRoot "{{ vhost.documentroot }}"
{% endif %}
SSLEngine on
SSLCipherSuite {{ apache_ssl_cipher_suite }}
SSLProtocol {{ apache_ssl_protocol }}
SSLHonorCipherOrder On
{% if apache_vhosts_version == "2.4" %}
SSLCompression off
{% endif %}
SSLCertificateFile {{ vhost.certificate_file }}
SSLCertificateKeyFile {{ vhost.certificate_key_file }}
{% if vhost.certificate_chain_file is defined %}
SSLCertificateChainFile {{ vhost.certificate_chain_file }}
{% endif %}
{% if vhost.serveradmin is defined %}
ServerAdmin {{ vhost.serveradmin }}
{% endif %}
{% if vhost.documentroot is defined %}
<Directory "{{ vhost.documentroot }}">
AllowOverride {{ vhost.allow_override | default(apache_allow_override) }}
Options {{ vhost.options | default(apache_options) }}
{% if apache_vhosts_version == "2.2" %}
Order allow,deny
Allow from all
{% else %}
Require all granted
{% endif %}
</Directory>
{% endif %}
{% if vhost.extra_parameters is defined %}
{{ vhost.extra_parameters }}
{% endif %}
</VirtualHost>
{% endif %}
{% endfor %}

11
box/provisioning/roles/geerlingguy.apache/tests/README.md Normal file
View file

@ -0,0 +1,11 @@
# Ansible Role tests
To run the test playbook(s) in this directory:
1. Install and start Docker.
1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`:
- `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/`
1. Make the test shim executable: `chmod +x tests/test.sh`.
1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh`
If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)`

13
box/provisioning/roles/geerlingguy.apache/tests/test.yml Normal file
View file

@ -0,0 +1,13 @@
---
- hosts: all
vars:
apache_listen_port_ssl: 443
apache_create_vhosts: true
apache_vhosts_filename: "vhosts.conf"
apache_vhosts:
- servername: "example.com"
documentroot: "/var/www/vhosts/example_com"
roles:
- role_under_test

18
box/provisioning/roles/geerlingguy.apache/vars/AmazonLinux.yml Normal file
View file

@ -0,0 +1,18 @@
---
apache_service: httpd
apache_daemon: httpd
apache_daemon_path: /usr/sbin/
apache_server_root: /etc/httpd
apache_conf_path: /etc/httpd/conf.d
apache_vhosts_version: "2.4"
__apache_packages:
- httpd24
- httpd24-devel
- mod24_ssl
- openssh
apache_ports_configuration_items:
- regexp: "^Listen "
line: "Listen {{ apache_listen_port }}"

14
box/provisioning/roles/geerlingguy.apache/vars/Debian.yml Normal file
View file

@ -0,0 +1,14 @@
---
apache_service: apache2
apache_daemon: apache2
apache_daemon_path: /usr/sbin/
apache_server_root: /etc/apache2
apache_conf_path: /etc/apache2
__apache_packages:
- apache2
- apache2-utils
apache_ports_configuration_items:
- regexp: "^Listen "
line: "Listen {{ apache_listen_port }}"

20
box/provisioning/roles/geerlingguy.apache/vars/RedHat.yml Normal file
View file

@ -0,0 +1,20 @@
---
apache_service: httpd
apache_daemon: httpd
apache_daemon_path: /usr/sbin/
apache_server_root: /etc/httpd
apache_conf_path: /etc/httpd/conf.d
apache_vhosts_version: "2.2"
__apache_packages:
- httpd
- httpd-devel
- mod_ssl
- openssh
apache_ports_configuration_items:
- regexp: "^Listen "
line: "Listen {{ apache_listen_port }}"
- regexp: "^#?NameVirtualHost "
line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}"

19
box/provisioning/roles/geerlingguy.apache/vars/Solaris.yml Normal file
View file

@ -0,0 +1,19 @@
---
apache_service: apache24
apache_daemon: httpd
apache_daemon_path: /usr/apache2/2.4/bin/
apache_server_root: /etc/apache2/2.4/
apache_conf_path: /etc/apache2/2.4/conf.d
apache_vhosts_version: "2.2"
__apache_packages:
- web/server/apache-24
- web/server/apache-24/module/apache-ssl
- web/server/apache-24/module/apache-security
apache_ports_configuration_items:
- regexp: "^Listen "
line: "Listen {{ apache_listen_port }}"
- regexp: "^#?NameVirtualHost "
line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}"

18
box/provisioning/roles/geerlingguy.apache/vars/Suse.yml Normal file
View file

@ -0,0 +1,18 @@
---
apache_service: apache2
apache_daemon: httpd2
apache_daemon_path: /usr/sbin/
apache_server_root: /etc/apache2
apache_conf_path: /etc/apache2/conf.d
apache_vhosts_version: "2.2"
__apache_packages:
- apache2
- openssh
apache_ports_configuration_items:
- regexp: "^Listen "
line: "Listen {{ apache_listen_port }}"
- regexp: "^#?NameVirtualHost "
line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}"

12
box/provisioning/roles/geerlingguy.apache/vars/apache-22.yml Normal file
View file

@ -0,0 +1,12 @@
---
apache_vhosts_version: "2.2"
apache_default_vhost_filename: 000-default
apache_ports_configuration_items:
- {
regexp: "^Listen ",
line: "Listen {{ apache_listen_port }}"
}
- {
regexp: "^#?NameVirtualHost ",
line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}"
}

8
box/provisioning/roles/geerlingguy.apache/vars/apache-24.yml Normal file
View file

@ -0,0 +1,8 @@
---
apache_vhosts_version: "2.4"
apache_default_vhost_filename: 000-default.conf
apache_ports_configuration_items:
- {
regexp: "^Listen ",
line: "Listen {{ apache_listen_port }}"
}

55
box/provisioning/roles/geerlingguy.blackfire/.travis.yml Normal file
View file

@ -0,0 +1,55 @@
---
sudo: required
env:
- distribution: centos
version: 7
init: /usr/lib/systemd/systemd
run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
- distribution: ubuntu
version: 14.04
init: /sbin/init
run_opts: ""
- distribution: ubuntu
version: 12.04
init: /sbin/init
run_opts: ""
services:
- docker
before_install:
# Pull container
- 'sudo docker pull ${distribution}:${version}'
# Customize container
- 'sudo docker build --rm=true --file=tests/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests'
script:
- container_id=$(mktemp)
# Run container in detached state
- 'sudo docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} ${distribution}-${version}:ansible "${init}" > "${container_id}"'
# Install dependencies.
- 'sudo docker exec "$(cat ${container_id})" ansible-galaxy install geerlingguy.php'
# Ansible syntax check.
- 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml --syntax-check'
# Test role.
- 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml'
# Test role idempotence.
- >
sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml
| grep -q 'changed=0.*failed=0'
&& (echo 'Idempotence test: pass' && exit 0)
|| (echo 'Idempotence test: fail' && exit 1)
# Ensure Blackfire is installed.
#- 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm TODO'
# Clean up
- 'sudo docker stop "$(cat ${container_id})"'
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

41
box/provisioning/roles/geerlingguy.blackfire/README.md Normal file
View file

@ -0,0 +1,41 @@
# Ansible Role: Blackfire
[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-blackfire.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-blackfire)
Installs [Blackfire](https://blackfire.io/) on RHEL/CentOS or Debian/Ubuntu.
## Requirements
After installation, you need to complete Blackfire setup manually before profiling:
1. Register the Blackfire agent: `sudo blackfire-agent -register`
2. Configure Blackfire: `blackfire config`
## Role Variables
Available variables are listed below, along with default values (see `defaults/main.yml`):
blackfire_packages:
- blackfire-agent
- blackfire-php
The Blackfire packages this role will install on the server. Note that `blackfire-php` may not work well with XHProf and/or XDebug.
## Dependencies
Requires the `geerlingguy.php` role.
## Example Playbook
- hosts: webserver
roles:
- geerlingguy.php
- geerlingguy.blackfire
## License
MIT / BSD
## Author Information
This role was created in 2016 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/).

6
box/provisioning/roles/geerlingguy.blackfire/defaults/main.yml Normal file
View file

@ -0,0 +1,6 @@
---
blackfire_gpg_key_url: https://packagecloud.io/gpg.key
blackfire_packages:
- blackfire-agent
- blackfire-php

28
box/provisioning/roles/geerlingguy.blackfire/meta/main.yml Normal file
View file

@ -0,0 +1,28 @@
---
dependencies:
- geerlingguy.php
galaxy_info:
author: geerlingguy
description: Blackfire installation for Linux
company: "Midwestern Mac, LLC"
license: "license (BSD, MIT)"
min_ansible_version: 2.0
platforms:
- name: EL
versions:
- 6
- 7
- name: Debian
versions:
- all
- name: Ubuntu
versions:
- precise
- raring
- saucy
- trusty
- xenial
galaxy_tags:
- development
- web

14
box/provisioning/roles/geerlingguy.blackfire/tasks/main.yml Normal file
View file

@ -0,0 +1,14 @@
---
- include: setup-RedHat.yml
when: ansible_os_family == 'RedHat'
- include: setup-Debian.yml
when: ansible_os_family == 'Debian'
- name: Ensure Blackfire packages are installed.
package:
name: "{{ blackfire_packages }}"
state: present
notify:
- restart webserver
- restart php-fpm

17
box/provisioning/roles/geerlingguy.blackfire/tasks/setup-Debian.yml Normal file
View file

@ -0,0 +1,17 @@
---
- name: Add packagecloud apt key.
apt_key:
url: "{{ blackfire_gpg_key_url }}"
state: present
- name: Add packagecloud repository.
apt_repository:
repo: "{{ item }}"
state: present
register: packagecloud_repos
with_items:
- "deb http://packages.blackfire.io/debian any main"
- name: Update apt caches after repo is added.
apt: update_cache=yes
when: packagecloud_repos.changed

18
box/provisioning/roles/geerlingguy.blackfire/tasks/setup-RedHat.yml Normal file
View file

@ -0,0 +1,18 @@
---
- name: Add packagecloud GPG key.
rpm_key:
key: "{{ blackfire_gpg_key_url }}"
state: present
- name: Add Blackfire repository.
get_url:
url: http://packages.blackfire.io/fedora/blackfire.repo
dest: /etc/yum.repos.d/blackfire.repo
mode: 0644
- name: Disable gpg_repocheck for non-bleeding-edge CentOS.
lineinfile: >
dest=/etc/yum.repos.d/blackfire.repo
regexp="^repo_gpgcheck="
line="repo_gpgcheck=0"
state=present

Some files were not shown because too many files have changed in this diff Show more