forked from evolix/ansible-roles
tomcat: Use system units instead of user units
This massively reduce the output of `systemctl status` (which is usefull when checking what is running on a server), remove the need of enable-linger (which is always good when possible) and allows to check the status of the service much more easily. (It also enable more sandboxing options if wanted but we don't enable any in this commit.)
This commit is contained in:
parent
53cd3ba342
commit
e49379ebd0
|
@ -25,6 +25,8 @@ The **patch** part changes is incremented if multiple releases happen the same m
|
|||
* mongodb: Deny the install on Debian 11 « Bullseye » when the version is unsupported
|
||||
* mongodb: Support version 5.0 (for buster)
|
||||
* mongodb: Allow to specify a mongodb version for buster & bullseye
|
||||
* tomcat: Use a system service for tomcat instances instead of user services.
|
||||
* tomcat-instance: Changes to use the system service instead of user services.
|
||||
|
||||
### Fixed
|
||||
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
---
|
||||
- include: check.yml
|
||||
- include: user.yml
|
||||
- include: systemd.yml
|
||||
- include: alias.yml
|
||||
- include: bootstrap.yml
|
||||
|
|
|
@ -1,14 +0,0 @@
|
|||
---
|
||||
- name: Enable systemd user mode
|
||||
command: "loginctl enable-linger {{ tomcat_instance_name }}"
|
||||
changed_when: false
|
||||
|
||||
- name: Set systemd conf var
|
||||
lineinfile:
|
||||
dest: "{{ tomcat_instance_root }}/{{ tomcat_instance_name }}/.profile"
|
||||
state: present
|
||||
owner: "{{ tomcat_instance_name }}"
|
||||
group: "{{ tomcat_instance_name }}"
|
||||
mode: "0640"
|
||||
create: yes
|
||||
line: 'export XDG_RUNTIME_DIR=/run/user/$UID'
|
|
@ -77,3 +77,36 @@
|
|||
line: "{{ tomcat_instance_deploy_user }} ALL = ({{ tomcat_instance_name }}) NOPASSWD: SETENV: ALL"
|
||||
validate: 'visudo -cf %s'
|
||||
when: tomcat_instance_deploy_user is defined
|
||||
|
||||
- name: Enable sudo right for service management
|
||||
lineinfile:
|
||||
dest: '/etc/sudoers.d/tomcat'
|
||||
state: present
|
||||
mode: "0440"
|
||||
create: yes
|
||||
line: "%{{ tomcat_instance_name }} ALL = (root) NOPASSWD: {{ item }}"
|
||||
validate: 'visudo -cf %s'
|
||||
loop:
|
||||
- "/bin/systemctl start tomcat@{{ tomcat_instance_name }}.service"
|
||||
- "/bin/systemctl stop tomcat@{{ tomcat_instance_name }}.service"
|
||||
- "/bin/systemctl status tomcat@{{ tomcat_instance_name }}.service"
|
||||
- "/bin/systemctl status -l tomcat@{{ tomcat_instance_name }}.service"
|
||||
- "/bin/systemctl enable tomcat@{{ tomcat_instance_name }}.service"
|
||||
- "/bin/systemctl disable tomcat@{{ tomcat_instance_name }}.service"
|
||||
|
||||
- name: Enable sudo right for deploy user for service management
|
||||
lineinfile:
|
||||
dest: '/etc/sudoers.d/tomcat'
|
||||
state: present
|
||||
mode: "0440"
|
||||
create: yes
|
||||
line: "{{ tomcat_instance_deploy_user }} ALL = (root) NOPASSWD: {{ item }}"
|
||||
validate: 'visudo -cf %s'
|
||||
when: tomcat_instance_deploy_user is defined
|
||||
loop:
|
||||
- "/bin/systemctl start tomcat@{{ tomcat_instance_name }}.service"
|
||||
- "/bin/systemctl stop tomcat@{{ tomcat_instance_name }}.service"
|
||||
- "/bin/systemctl status tomcat@{{ tomcat_instance_name }}.service"
|
||||
- "/bin/systemctl status -l tomcat@{{ tomcat_instance_name }}.service"
|
||||
- "/bin/systemctl enable tomcat@{{ tomcat_instance_name }}.service"
|
||||
- "/bin/systemctl disable tomcat@{{ tomcat_instance_name }}.service"
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
#!/bin/sh
|
||||
# alias for compatibility
|
||||
|
||||
sudo -iu {{ tomcat_instance_name }} systemctl --user disable tomcat
|
||||
sudo systemctl disable tomcat@{{ tomcat_instance_name }}.service
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
#!/bin/sh
|
||||
# alias for compatibility
|
||||
|
||||
sudo -iu {{ tomcat_instance_name }} systemctl --user enable tomcat
|
||||
sudo systemctl enable tomcat@{{ tomcat_instance_name }}.service
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/sh
|
||||
# alias for compatibility
|
||||
|
||||
sudo -iu {{ tomcat_instance_name }} systemctl --user stop tomcat
|
||||
sudo systemctl stop tomcat@{{ tomcat_instance_name }}.service
|
||||
{% if tomcat_instance_mail is defined %}
|
||||
/bin/sh -c date | /usr/bin/mail -s "{{ inventory_hostname }}/{{ tomcat_instance_name }} : Shutdown instance" {{ tomcat_instance_mail }}
|
||||
{% endif %}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
#!/bin/sh
|
||||
# alias for compatibility
|
||||
|
||||
sudo -iu {{ tomcat_instance_name }} systemctl --user start tomcat
|
||||
sudo systemctl start tomcat@{{ tomcat_instance_name }}.service
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
#!/bin/sh
|
||||
# alias for compatibility
|
||||
|
||||
sudo -iu {{ tomcat_instance_name }} systemctl --user status -l tomcat
|
||||
sudo systemctl status -l tomcat@{{ tomcat_instance_name }}.service
|
||||
|
|
|
@ -46,8 +46,8 @@
|
|||
|
||||
- name: Copy systemd unit
|
||||
template:
|
||||
src: 'tomcat.service.j2'
|
||||
dest: "/etc/systemd/user/tomcat.service"
|
||||
src: 'tomcat@.service.j2'
|
||||
dest: "/etc/systemd/system/tomcat@.service"
|
||||
mode: "0755"
|
||||
|
||||
- name: Disable default tomcat service
|
||||
|
|
|
@ -14,7 +14,7 @@ output=""
|
|||
instances=$(ls "${TOMCAT_ROOT}")
|
||||
for instance in ${instances}; do
|
||||
port=$(id -u "${instance}")
|
||||
if [ -h "${TOMCAT_ROOT}/${instance}/.config/systemd/user/default.target.wants/tomcat.service" ]; then
|
||||
if [ -h "/etc/systemd/system/multi-user.target.wants/tomcat@${instance}.service" ] || [ -h "${TOMCAT_ROOT}/${instance}/.config/systemd/user/default.target.wants/tomcat.service" ]; then
|
||||
/usr/lib/nagios/plugins/check_tcp -p "${port}" >/dev/null 2>&1
|
||||
ret="${?}"
|
||||
if [ "${ret}" -ge 2 ]; then
|
||||
|
|
|
@ -1,15 +0,0 @@
|
|||
[Unit]
|
||||
Description=Tomcat %u.
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
WorkingDirectory=%h
|
||||
Environment="CATALINA_BASE=%h"
|
||||
EnvironmentFile=%h/conf/env
|
||||
UMask=0002
|
||||
ExecStart=/usr/share/tomcat{{ tomcat_version }}/bin/startup.sh
|
||||
ExecStop=/usr/share/tomcat{{ tomcat_version }}/bin/shutdown.sh
|
||||
Type=forking
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
19
tomcat/templates/tomcat@.service.j2
Normal file
19
tomcat/templates/tomcat@.service.j2
Normal file
|
@ -0,0 +1,19 @@
|
|||
[Unit]
|
||||
Description=Tomcat %i.
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
User=%i
|
||||
Group=%i
|
||||
WorkingDirectory={{ tomcat_instance_root }}/%i
|
||||
Environment="CATALINA_BASE={{ tomcat_instance_root }}/%i"
|
||||
EnvironmentFile={{ tomcat_instance_root }}/%i/conf/env
|
||||
UMask=0002
|
||||
ExecStart=/usr/share/tomcat{{ tomcat_version }}/bin/catalina.sh run
|
||||
|
||||
SyslogIdentifier=tomcat-%i
|
||||
|
||||
Restart=always
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
Loading…
Reference in a new issue