CHANGELOG.md

@@ -25,6 +25,8 @@ The **patch** part changes is incremented if multiple releases happen the same m
 * mongodb: Deny the install on Debian 11 « Bullseye » when the version is unsupported
 * mongodb: Support version 5.0 (for buster)
 * mongodb: Allow to specify a mongodb version for buster & bullseye
+* tomcat: Use a system service for tomcat instances instead of user services.
+* tomcat-instance: Changes to use the system service instead of user services.
 
 ### Fixed
 

tomcat-instance/tasks/main.yml

@@ -1,6 +1,5 @@
 ---
 - include: check.yml
 - include: user.yml
-- include: systemd.yml
 - include: alias.yml
 - include: bootstrap.yml

tomcat-instance/tasks/systemd.yml

@@ -1,14 +0,0 @@
----
-- name: Enable systemd user mode
-  command: "loginctl enable-linger {{ tomcat_instance_name }}"
-  changed_when: false
-
-- name: Set systemd conf var
-  lineinfile:
-    dest: "{{ tomcat_instance_root }}/{{ tomcat_instance_name }}/.profile"
-    state: present
-    owner: "{{ tomcat_instance_name }}"
-    group: "{{ tomcat_instance_name }}"
-    mode: "0640"
-    create: yes
-    line: 'export XDG_RUNTIME_DIR=/run/user/$UID'

tomcat-instance/tasks/user.yml

@@ -77,3 +77,36 @@
     line: "{{ tomcat_instance_deploy_user }} ALL = ({{ tomcat_instance_name }}) NOPASSWD: SETENV: ALL"
     validate: 'visudo -cf %s'
   when: tomcat_instance_deploy_user is defined
+
+- name: Enable sudo right for service management
+  lineinfile:
+    dest: '/etc/sudoers.d/tomcat'
+    state: present
+    mode: "0440"
+    create: yes
+    line: "%{{ tomcat_instance_name }} ALL = (root) NOPASSWD: {{ item }}"
+    validate: 'visudo -cf %s'
+  loop:
+    - "/bin/systemctl start tomcat@{{ tomcat_instance_name }}.service"
+    - "/bin/systemctl stop tomcat@{{ tomcat_instance_name }}.service"
+    - "/bin/systemctl status tomcat@{{ tomcat_instance_name }}.service"
+    - "/bin/systemctl status -l tomcat@{{ tomcat_instance_name }}.service"
+    - "/bin/systemctl enable tomcat@{{ tomcat_instance_name }}.service"
+    - "/bin/systemctl disable tomcat@{{ tomcat_instance_name }}.service"
+
+- name: Enable sudo right for deploy user for service management
+  lineinfile:
+    dest: '/etc/sudoers.d/tomcat'
+    state: present
+    mode: "0440"
+    create: yes
+    line: "{{ tomcat_instance_deploy_user }} ALL = (root) NOPASSWD: {{ item }}"
+    validate: 'visudo -cf %s'
+  when: tomcat_instance_deploy_user is defined
+  loop:
+    - "/bin/systemctl start tomcat@{{ tomcat_instance_name }}.service"
+    - "/bin/systemctl stop tomcat@{{ tomcat_instance_name }}.service"
+    - "/bin/systemctl status tomcat@{{ tomcat_instance_name }}.service"
+    - "/bin/systemctl status -l tomcat@{{ tomcat_instance_name }}.service"
+    - "/bin/systemctl enable tomcat@{{ tomcat_instance_name }}.service"
+    - "/bin/systemctl disable tomcat@{{ tomcat_instance_name }}.service"

tomcat-instance/templates/bin/disable.sh

@@ -1,4 +1,4 @@
 #!/bin/sh
 # alias for compatibility
 
-sudo -iu {{ tomcat_instance_name }} systemctl --user disable tomcat
+sudo systemctl disable tomcat@{{ tomcat_instance_name }}.service

tomcat-instance/templates/bin/enable.sh

@@ -1,4 +1,4 @@
 #!/bin/sh
 # alias for compatibility
 
-sudo -iu {{ tomcat_instance_name }} systemctl --user enable tomcat
+sudo systemctl enable tomcat@{{ tomcat_instance_name }}.service

tomcat-instance/templates/bin/shutdown.sh

@@ -1,7 +1,7 @@
 #!/bin/sh
 # alias for compatibility
 
-sudo -iu {{ tomcat_instance_name }} systemctl --user stop tomcat
+sudo systemctl stop tomcat@{{ tomcat_instance_name }}.service
 {% if tomcat_instance_mail is defined %}
 /bin/sh -c date | /usr/bin/mail -s "{{ inventory_hostname }}/{{ tomcat_instance_name }} : Shutdown instance" {{ tomcat_instance_mail }}
 {% endif %}

tomcat-instance/templates/bin/startup.sh

@@ -1,4 +1,4 @@
 #!/bin/sh
 # alias for compatibility
 
-sudo -iu {{ tomcat_instance_name }} systemctl --user start tomcat
+sudo systemctl start tomcat@{{ tomcat_instance_name }}.service

tomcat-instance/templates/bin/status.sh

@@ -1,4 +1,4 @@
 #!/bin/sh
 # alias for compatibility
 
-sudo -iu {{ tomcat_instance_name }} systemctl --user status -l tomcat
+sudo systemctl status -l tomcat@{{ tomcat_instance_name }}.service

tomcat/tasks/packages.yml

@@ -46,8 +46,8 @@
 
 - name: Copy systemd unit
   template:
-    src: 'tomcat.service.j2'
-    dest: "/etc/systemd/user/tomcat.service"
+    src: 'tomcat@.service.j2'
+    dest: "/etc/systemd/system/tomcat@.service"
     mode: "0755"
 
 - name: Disable default tomcat service

tomcat/templates/check_tomcat_instance.sh.j2

@@ -14,7 +14,7 @@ output=""
 instances=$(ls "${TOMCAT_ROOT}")
 for instance in ${instances}; do
     port=$(id -u "${instance}")
-    if [ -h "${TOMCAT_ROOT}/${instance}/.config/systemd/user/default.target.wants/tomcat.service" ]; then
+    if [ -h "/etc/systemd/system/multi-user.target.wants/tomcat@${instance}.service" ] ||  [ -h "${TOMCAT_ROOT}/${instance}/.config/systemd/user/default.target.wants/tomcat.service" ]; then
         /usr/lib/nagios/plugins/check_tcp -p "${port}" >/dev/null 2>&1
         ret="${?}"
         if [ "${ret}" -ge 2 ]; then

tomcat/templates/tomcat.service.j2

@@ -1,15 +0,0 @@
-[Unit]
-Description=Tomcat %u.
-After=network.target
-
-[Service]
-WorkingDirectory=%h
-Environment="CATALINA_BASE=%h"
-EnvironmentFile=%h/conf/env
-UMask=0002
-ExecStart=/usr/share/tomcat{{ tomcat_version }}/bin/startup.sh
-ExecStop=/usr/share/tomcat{{ tomcat_version }}/bin/shutdown.sh
-Type=forking
-
-[Install]
-WantedBy=default.target

tomcat/templates/tomcat@.service.j2

@@ -0,0 +1,19 @@
+[Unit]
+Description=Tomcat %i.
+After=network.target
+
+[Service]
+User=%i
+Group=%i
+WorkingDirectory={{ tomcat_instance_root }}/%i
+Environment="CATALINA_BASE={{ tomcat_instance_root }}/%i"
+EnvironmentFile={{ tomcat_instance_root }}/%i/conf/env
+UMask=0002
+ExecStart=/usr/share/tomcat{{ tomcat_version }}/bin/catalina.sh run
+
+SyslogIdentifier=tomcat-%i
+
+Restart=always
+
+[Install]
+WantedBy=multi-user.target