diff --git a/defaults/main.yml b/defaults/main.yml index 09851aa..83a32cf 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -41,6 +41,8 @@ letsencrypt: email: user: certbot +dataverse_misc_files_dir: '/opt/dv' + dataverse: adminpass: admin1 allow_signups: true @@ -78,7 +80,7 @@ dataverse: language_packs: source: https://github.com/GlobalDataverseCommunityConsortium/dataverse-language-packs.git version: develop - lang_directory: /opt/dv/lang + lang_directory: "{{ dataverse_misc_files_dir }}/lang" licenses: enabled: false user: dataverseAdmin @@ -165,7 +167,7 @@ dataverse: handlenet: independenthandleservice: 'false' # handleauthhandle: YOUR:HANDLE/USERNAME - admcredfile: /opt/dv/admpriv.bin + admcredfile: "{{ dataverse_misc_files_dir }}/admpriv.bin" admcredfile_source: files/handlenet/admcredfile # admprivphrase: # index: 300 @@ -244,20 +246,22 @@ dataverse: service_email: noreply@dataverse.yourinstitution.edu smtp: localhost # or the FQDN of your organization's SMTP relay solr: - download_url: https://dlcdn.apache.org/solr/solr/9.3.0/solr-9.3.0.tgz + download_url: https://archive.apache.org/dist/solr/solr/9.3.0/solr-9.3.0.tgz group: solr root: /usr/local/solr user: solr version: 9.3.0 listen: 127.0.0.1 checksum: sha256:2a924a776d7c06dea561f12bdb17291dbaecc9e9a06f363d4599acb7fb7bfa71 - srcdir: /tmp/dataverse + srcdir: /opt/dataverse/dataverse thumbnails: false unittests: enabled: false argument: '-DcompilerArgument=-Xlint:unchecked test -P all-unit-tests' usermgmtkey: burrito - version: '6.0' + deployment: + upgrade_only: false + version: '6.1' # robots_txt_url: https://guides.dataverse.org/en/latest/_downloads/3a5cd7a283eecd5e93289e30af713554/robots.txt build_guides: false @@ -294,29 +298,76 @@ db: plain: 'no' use_rds: false +docker: + cidr: 10.0.0.99/24 + repo: https://download.docker.com/linux/centos/docker-ce.repo + grafana: grafana_user: 'admin' grafana_password: 'adm1n' java: version: 17 - home: /usr/lib/jvm/java-{{ java.version}} + # this breaks templating. + #home: /usr/lib/jvm/java-{{ java.version}} localstack: enabled: false - docker: - cidr: - repo: https://download.docker.com/linux/centos/docker-ce.repo - container: 's3-test' + container_name: dev_localstack # set to /tmp/localstack/data to enable persistence - data_dir: + data_dir: /tmp/localstack/data debug: true - hostname_external: + hostname_external: localstack + port: 4566 web_ui: 8888 + buckets: + - label: LocalStack + id: localstack1 + bucket_name: mybucket + enabled: false + access_key: 4cc355_k3y + secret_access_key: s3cr3t_4cc355_k3y + # for non-amazon services. + custom_endpoint_url: "http://localhost:4566" + # note: direct upload and download require CORS on the bucket + download_redirect: true + upload_redirect: true + files_type: s3 + ingestsizelimit: 2000000000 + # for localstack this must be true + path_style_access: true + region: us-east-2 + url_expiration_minutes: 60 + payload_signing: false + chunked_encoding: true maven: version: 3.8.8 +minio: + enabled: false + docker: + version: "latest" + service_name: "minio" + network: + name: "minio" + external: false + project_location: "/home/dataverse/minio" + timezone: "America/New_York" + user: dataverse + group: dataverse + server_port: 9000 + console_port: 9001 + root_user: "4cc355_k3y" + root_password: "s3cr3t_4cc355_k3y" + default_bucket: "mybucket" + label: MinIO + custom_endpoint_url: "http://localhost:9000" + custom_endpoint_region: us-east-1 + path-style-access: true + access_key: 4cc355_k3y + secret_key: s3cr3t_4cc355_k3y + munin: install: false admin: diff --git a/ec2/ec2-create-instance.sh b/ec2/ec2-create-instance.sh index 5a7efaa..0edfb67 100755 --- a/ec2/ec2-create-instance.sh +++ b/ec2/ec2-create-instance.sh @@ -208,7 +208,7 @@ fi echo "Creating EC2 instance" # TODO: Add some error checking for "ec2 run-instances". -INSTANCE_ID=$(aws $PROFILE ec2 run-instances --image-id $AMI_ID --security-groups $AWS_SG $TAGARG --count 1 --instance-type $SIZE --key-name $KEY_NAME --query 'Instances[0].InstanceId' --block-device-mappings '[ { "DeviceName": "/dev/sda1", "Ebs": { "DeleteOnTermination": true } } ]' | tr -d \") +INSTANCE_ID=$(aws $PROFILE ec2 run-instances --image-id $AMI_ID --security-groups $AWS_SG $TAGARG --count 1 --instance-type $SIZE --key-name $KEY_NAME --query 'Instances[0].InstanceId' --block-device-mappings '[ { "DeviceName": "/dev/sda1", "Ebs": { "DeleteOnTermination": true, "VolumeSize": 20 } } ]' | tr -d \") echo "Instance ID: "$INSTANCE_ID DESTROY_CMD="aws $PROFILE ec2 terminate-instances --instance-ids $INSTANCE_ID" @@ -236,7 +236,7 @@ fi # TODO: Add some error checking for this ssh command. ssh -T -i $PEM_FILE -o 'StrictHostKeyChecking no' -o 'UserKnownHostsFile=/dev/null' -o 'ConnectTimeout=300' $USER_AT_HOST < mvn.out" args: chdir: "{{ dataverse.srcdir }}" when: dataverse.unittests.enabled == false and maven.version != 'default' + become: true + become_user: '{{ dataverse.payara.user }}' - name: build warfile with specified tests. tail /tmp/dataverse/mvn.out for gory details. shell: "mvn {{ dataverse.unittests.argument }} {{ jacoco_arg }} -T 2C clean package > mvn.out" @@ -46,13 +50,17 @@ chdir: "{{ dataverse.srcdir }}" when: dataverse.unittests.enabled == true and maven.version == 'default' + become: true + become_user: '{{ dataverse.payara.user }}' -- name: build warfile with specified tests using custom maven. tail /tmp/dataverse/mvn.out for gory details. +- name: build warfile with specified tests using custom maven. tail /home/dataverse/dataverse/mvn.out for gory details. shell: "source /etc/profile.d/maven.sh && mvn {{ dataverse.unittests.argument }} {{ jacoco_arg }} -T 2C clean package > mvn.out" args: chdir: "{{ dataverse.srcdir }}" when: dataverse.unittests.enabled == true and maven.version != 'default' + become: true + become_user: '{{ dataverse.payara.user }}' - name: copy warfile over release copy: diff --git a/tasks/dataverse-install.yml b/tasks/dataverse-install.yml index fbf3104..d3ec653 100644 --- a/tasks/dataverse-install.yml +++ b/tasks/dataverse-install.yml @@ -10,6 +10,14 @@ debug: msg: '##### DATAVERSE INSTALLER #####' +# this is necessary for the installer. dataverse-storage.yml does the real work later. +- name: filesdir must pre-exist + ansible.builtin.file: + path: '{{ dataverse.filesdirs[0].path }}' + state: directory + owner: '{{ dataverse.payara.user }}' + group: '{{ dataverse.payara.group }}' + - ansible.builtin.import_tasks: dataverse-build.yml when: dataverse_branch != "release" @@ -143,12 +151,20 @@ become_user: '{{ dataverse.payara.user }}' args: chdir: /tmp/dvinstall + when: not dataverse.deployment.upgrade_only + +- name: upgrade only -- deploy dataverse war + shell: '{{ payara_dir }}/bin/asadmin redeploy --name dataverse /tmp/dvinstall/dataverse.war' + become: yes + become_user: '{{ dataverse.payara.user }}' + when: dataverse.deployment.upgrade_only - name: stop payara manually (systemd gums up the works) become: yes become_user: "{{ dataverse.payara.user }}" shell: '{{ payara_dir }}/bin/asadmin stop-domain {{ dataverse.payara.domain }}' ignore_errors: yes + when: not dataverse.deployment.upgrade_only - name: now start payara with systemd service: diff --git a/tasks/dataverse-languages.yml b/tasks/dataverse-languages.yml index 155de39..e970d8a 100644 --- a/tasks/dataverse-languages.yml +++ b/tasks/dataverse-languages.yml @@ -4,6 +4,9 @@ debug: msg: '##### DATAVERSE LANGUAGES #####' +- set_fact: + lang_git_dir: /usr/local/src/dataverse_language_packs + - name: get dataverse language file path shell: "{{ payara_dir }}/bin/asadmin list-jvm-options | grep dataverse.lang.directory | sed 's/.*=//'" register: dataverse_lang_directory @@ -16,46 +19,46 @@ owner: '{{ dataverse.payara.user }}' when: (dataverse_lang_directory.stdout | trim) == '' -- name: set dataverse language file path if not set - shell: "{{ payara_dir }}/bin/asadmin create-jvm-options -Ddataverse.lang.directory={{ dataverse.language.lang_directory }}" - when: (dataverse_lang_directory.stdout | trim) == '' - -- name: clone dataverse language packs - local_action: - module: git - repo: "{{ dataverse.language.language_packs.source }}" - dest: "/tmp/dataverse_language_packs" - version: "{{ dataverse.language.language_packs.version }}" - run_once: true - - name: copy default bundle to the language directory if it was just created copy: - src: /tmp/dataverse_language_packs/en_US/Bundle.properties + src: "{{ lang_git_dir }}/en_US/Bundle.properties" dest: "{{ dataverse.language.lang_directory }}" owner: '{{ dataverse.payara.user }}' + remote_src: yes + when: (dataverse_lang_directory.stdout | trim) == '' + +- name: set dataverse language file path if not set + shell: "{{ payara_dir }}/bin/asadmin create-jvm-options -Ddataverse.lang.directory={{ dataverse.language.lang_directory }}" when: (dataverse_lang_directory.stdout | trim) == '' - name: restart payara after setting language directory service: name=payara state=restarted when: (dataverse_lang_directory.stdout | trim) == '' +- name: clone dataverse language packs + git: + repo: "{{ dataverse.language.language_packs.source }}" + dest: "{{ lang_git_dir }}" + version: "{{ dataverse.language.language_packs.version }}" + run_once: true + - name: prepare language file temporary directory - local_action: shell cd /tmp/dataverse_language_packs ; rm -rf tmp.bak ; [ -d tmp ] && mv tmp tmp.bak && rm tmp.bak/*.zip ; mkdir tmp + shell: cd {{ lang_git_dir }} ; rm -rf tmp.bak ; [ -d tmp ] && mv tmp tmp.bak && rm tmp.bak/*.zip ; mkdir tmp changed_when: false - name: copy language files to temporary directory - local_action: shell cd /tmp/dataverse_language_packs ; cp -R {{ item.locale }}*/*.properties tmp/ + shell: cd {{ lang_git_dir }} ; cp -R {{ item.locale }}*/*.properties tmp/ changed_when: false with_items: "{{ dataverse.language.languages }}" - name: check if there was a change in the temporary directory - local_action: shell cd /tmp/dataverse_language_packs ; diff -r tmp tmp.bak + shell: cd {{ lang_git_dir }} ; diff -r tmp tmp.bak register: diff changed_when: diff.rc != 0 failed_when: diff.rc > 2 - name: create language pack - local_action: shell cd /tmp/dataverse_language_packs/tmp ; zip languages.zip *.properties + shell: cd {{ lang_git_dir }}/tmp ; zip languages.zip *.properties when: diff.changed - name: upload language pack @@ -64,11 +67,13 @@ method: POST headers: Content-type: "application/zip" - Accept: application/json - src: /tmp/dataverse_language_packs/tmp/languages.zip +# Accept: application/json + src: "{{ lang_git_dir }}/tmp/languages.zip" + remote_src: yes status_code: 200 body_format: raw when: diff.changed + notify: enable and restart payara - name: configure available languages uri: diff --git a/tasks/dataverse-licenses.yml b/tasks/dataverse-licenses.yml index 8a82e67..2499dc0 100644 --- a/tasks/dataverse-licenses.yml +++ b/tasks/dataverse-licenses.yml @@ -11,7 +11,7 @@ login_user: "{{ db.postgres.user }}" login_password: "{{ db.postgres.pass }}" login_host: "{{ db.postgres.host }}" - query: SELECT tokenstring FROM apitoken a JOIN authenticateduser u ON a.authenticateduser_id=u.id WHERE useridentifier='{{ dataverse.licenses.user }}' + query: SELECT tokenstring FROM apitoken a JOIN authenticateduser u ON a.authenticateduser_id=u.id WHERE useridentifier='{{ dataverse.licenses.user }}' AND superuser changed_when: false register: token_result failed_when: token_result.rowcount != 1 diff --git a/tasks/dataverse-postinstall.yml b/tasks/dataverse-postinstall.yml index aaab598..93961ce 100644 --- a/tasks/dataverse-postinstall.yml +++ b/tasks/dataverse-postinstall.yml @@ -98,3 +98,4 @@ ansible.builtin.get_url: url: http://localhost:8080/api/admin/index dest: /tmp/index_status.out + when: not dataverse.deployment.upgrade_only diff --git a/tasks/dataverse-prereqs.yml b/tasks/dataverse-prereqs.yml index f41ff44..e3c8518 100644 --- a/tasks/dataverse-prereqs.yml +++ b/tasks/dataverse-prereqs.yml @@ -92,3 +92,13 @@ name: curl when: - ansible_os_family == "Debian" + +- name: Payara service account must exist + import_tasks: payara_service_account.yml + +- name: create dataverse misc files directory for language and handle and other similar auxilliary files + file: + path: "{{ dataverse_misc_files_dir }}" + state: directory + owner: "{{ dataverse.payara.user }}" + group: "{{ dataverse.payara.group }}" diff --git a/tasks/dataverse-storage.yml b/tasks/dataverse-storage.yml index 7a268c0..0dbe683 100644 --- a/tasks/dataverse-storage.yml +++ b/tasks/dataverse-storage.yml @@ -12,17 +12,10 @@ register: dataverse_filestores_storage_driver_id changed_when: false -# default storage-driver-id is a group_var now -#- name: calculate default storage-driver-id -# set_fact: -# default_storage_driver_id: "{{ ((dataverse_filestores_storage_driver_id.stdout | trim) == '') | -# ternary(dataverse.filesdirs[0].label,dataverse_filestores_storage_driver_id.stdout) }}" -# to_delete_config_lines: [] - -# don't delete other storage drivers, as dataverse supports multiple now. -#- name: set to_delete_config_lines -# set_fact: -# to_delete_config_lines: [] +- name: calculate default storage-driver-id + set_fact: + default_storage_driver_id: "{{ ((dataverse_filestores_storage_driver_id.stdout | trim) == '') | + ternary(dataverse.filesdirs[0].label,dataverse_filestores_storage_driver_id.stdout) }}" - name: register default storage-driver-id set_fact: @@ -45,13 +38,6 @@ - default_dataverse_filestores_type.stdout != '' - default_dataverse_filestores_type.stdout != 'file' -# don't delete storage drivers, as dataverse supports multiple now. -#- name: calculate whether to delete storage-driver-id -# set_fact: -# to_delete_config_lines: "{{ (default_storage_driver_id != dataverse.filesdirs[0].label) | -# ternary(to_delete_config_lines+[ '-Ddataverse.files.storage-driver-id=' + default_storage_driver_id ], -# to_delete_config_lines ) }}" - - name: remove previous storage-driver-id if necessary command: "{{ payara_dir }}/bin/asadmin delete-jvm-options \"-Ddataverse.files.storage-driver-id={{ dataverse.filesdirs[0].label }}\"" when: default_storage_driver_id != dataverse_filestores_storage_driver_id.stdout @@ -59,21 +45,12 @@ - name: set default storage-driver-id if not set or changed command: "{{ payara_dir }}/bin/asadmin create-jvm-options \"-Ddataverse.files.storage-driver-id={{ dataverse.default.storage_id }}\"" when: default_storage_driver_id != dataverse_filestores_storage_driver_id.stdout - #when: dataverse_filestores_storage_driver_id.stdout != dataverse.filesdirs[0].label - name: get default dataverse storage directory shell: "{{ payara_dir }}/bin/asadmin list-jvm-options | grep dataverse.files.directory | sed 's/.*=//'" register: default_dataverse_filestores_directory changed_when: false -#- name: calculate whether to delete default dataverse storage directory -# set_fact: -# to_delete_config_lines: "{{ -# ( (default_dataverse_filestores_directory.stdout | trim) != '' and -# default_dataverse_filestores_directory.stdout != dataverse.filesdirs[0].path) | -# ternary(to_delete_config_lines+[ ('-Ddataverse.files.directory=' + (default_dataverse_filestores_directory.stdout)) ], -# to_delete_config_lines) }}" - - name: set default dataverse storage directory if not set or changed command: "{{ payara_dir }}/bin/asadmin create-jvm-options \"-Ddataverse.files.directory={{ dataverse.filesdirs[0].path }}\"" when: default_dataverse_filestores_directory.stdout != dataverse.filesdirs[0].path @@ -140,30 +117,6 @@ dataverse_filestores_labels_to_delete: "{{ dataverse_filestores_labels.stdout_lines | difference(dataverse_defined_filestores_labels_list) }}" dataverse_filestores_labels_to_create: "{{ dataverse_defined_filestores_labels_list | difference(dataverse_filestores_labels.stdout_lines) }}" -# don't delete other configs -#- name: calculate config lines to delete for filestores -# set_fact: -# to_delete_config_lines: "{{ to_delete_config_lines + -# [ '-Ddataverse.files.'+item.label+'.directory='+item.path ] }}" -# with_items: "{{ dataverse_filestores_to_delete }}" - -#- name: calculate config lines to delete for labels -# set_fact: -# to_delete_config_lines: "{{ to_delete_config_lines + -# [ '-Ddataverse.files.'+item+'.label='+item ] }}" -# with_items: "{{ dataverse_filestores_labels_to_delete }}" - -# don't delete filestores. dataverse supports multiple now. -#- name: calculate required changes to dataverse_filestore type entries -# set_fact: -# to_delete_config_lines: "{{ (dataverse_filestores_types_onserver[item]=='file' and -# dataverse_defined_filestores_labels_dict[item] is not defined) | -# ternary(to_delete_config_lines + -# [ '-Ddataverse.files.' + item + '.type=' + dataverse_filestores_types_onserver[item] ], -# to_delete_config_lines ) -# }}" -# with_items: "{{ dataverse_filestores_typelabels_onserver }}" - - name: calculate required changes to dataverse_filestore type entries set_fact: dataverse_filestores_type_to_create: "{{ (dataverse_filestores_types_onserver[item] is defined) | @@ -177,17 +130,6 @@ vars: dataverse_filestores_type_to_create: [] -#- name: delete storage config options -# command: '{{ payara_dir }}/bin/asadmin delete-jvm-options "{{ item }}"' -# with_items: "{{ to_delete_config_lines }}" - -#- name: delete all settings in domain.xml as may create double entries on restart -# lineinfile: -# path: '{{ payara_dir }}/payara/domains/{{ dataverse.payara.domain }}/config/domain.xml' -# regexp: '{{ item }}' -# state: absent -# with_items: "{{ to_delete_config_lines }}" - - name: payara should own dataverse.filesdirs file: path={{ item.path }} state=directory owner={{ dataverse.payara.user }} group={{ dataverse.payara.group }} diff --git a/tasks/docker.yml b/tasks/docker.yml new file mode 100644 index 0000000..cbe4c79 --- /dev/null +++ b/tasks/docker.yml @@ -0,0 +1,71 @@ +--- + +- name: install docker-ce repo + ansible.builtin.get_url: + url: '{{ docker.repo }}' + dest: /etc/yum.repos.d/docker-ce.repo + mode: '0644' + +- name: install docker-ce + ansible.builtin.dnf: + name: ['docker-ce', 'docker-compose-plugin'] + state: latest + +- name: Ansible docker module requires python-docker + ansible.builtin.package: + name: 'python3-docker' + state: latest + +- name: pip must update itself + ansible.builtin.pip: + name: pip + executable: pip3 + state: latest + +- name: and docker-compose python package + ansible.builtin.pip: + name: docker-compose + +- name: ensure /etc/docker exists + ansible.builtin.file: + path: /etc/docker + state: directory + owner: root + group: root + mode: 0755 + +- name: configure cidr range + ansible.builtin.template: + src: daemon.json.j2 + dest: /etc/docker/daemon.json + owner: root + group: root + mode: 0644 + when: docker.cidr is undefined + +- name: infer become_user + ansible.builtin.command: whoami + register: whoami_output + +- name: register docker_user + ansible.builtin.set_fact: + docker_user: "{{ whoami_output.stdout }}" + +- name: add ansible_ssh_user to docker group + ansible.builtin.user: + name: '{{ docker_user }}' + groups: docker + append: yes + +- name: add dataverse user to docker group + ansible.builtin.user: + name: '{{ dataverse.payara.user }}' + groups: docker + append: yes + +- name: reload systemd, enable docker, start + ansible.builtin.systemd: + name: docker + enabled: yes + daemon_reload: yes + state: started diff --git a/tasks/jacoco-generate_report.yml b/tasks/jacoco-generate_report.yml index 694fbd2..1fe0513 100644 --- a/tasks/jacoco-generate_report.yml +++ b/tasks/jacoco-generate_report.yml @@ -16,7 +16,7 @@ mode: '0755' - name: merge jacoco exec files - shell: 'java -jar {{ dataverse.jacoco.home }}/lib/jacococli.jar merge {{ payara_dir }}/glassfish/domains/{{ dataverse.payara.domain }}/config/jacoco.exec {{ dataverse.srcdir }}/target/jacoco.exec --destfile {{ dataverse.srcdir }}/target/jacoco_merged.exec' + shell: 'java -jar {{ dataverse.jacoco.home }}/lib/jacococli.jar merge {{ payara_dir }}/glassfish/domains/{{ dataverse.payara.domain }}/config/jacoco.exec {{ dataverse.srcdir }}/target/coverage-reports/jacoco-unit.exec --destfile {{ dataverse.srcdir }}/target/jacoco_merged.exec' args: chdir: '{{ dataverse.jacoco.home }}' diff --git a/tasks/localstack.yml b/tasks/localstack.yml index 5306e10..01e8118 100644 --- a/tasks/localstack.yml +++ b/tasks/localstack.yml @@ -1,61 +1,35 @@ --- -- name: we need yum-utils - yum: - name: yum-utils - state: latest +- ansible.builtin.import_tasks: docker.yml -- name: to install the docker-ce repo - shell: 'yum-config-manager --add-repo {{ localstack.docker.repo }}' +- ansible.builtin.import_tasks: aws_cli.yml -- name: install docker-ce - yum: - name: ['docker-ce','docker-ce-cli','containerd.io','docker-compose','python-docker-py'] - -- name: ensure /etc/docker exists - file: - path: /etc/docker - state: directory - owner: root - group: root - mode: 0755 - -- name: configure cidr range - template: - src: daemon.json.j2 - dest: /etc/docker/daemon.json - owner: root - group: root - mode: 0644 - when: localstack.docker.cidr is undefined - -- name: add ansible_user to docker group - user: - name: '{{ ansible_user }}' - groups: docker - append: yes - -- name: reload systemd, enable docker, start - systemd: - name: docker - enabled: yes - daemon_reload: yes - state: started +- ansible.builtin.import_tasks: aws_config.yml # so we can run localstack task stand-alone - ansible.builtin.import_tasks: dataverse-fqdn.yml - name: is hostname_external set - set_fact: + ansible.builtin.set_fact: hostname_external: '{{ public_fqdn }}' when: localstack.hostname_external is undefined - name: place docker-compose.yml template - template: + ansible.builtin.template: src: localstack-compose.yml.j2 - dest: '{{ ansible_env.HOME }}/localstack-compose.yml' + dest: '~{{ dataverse.payara.user }}/localstack-compose.yml' + +- name: ensure DATA_DIR exists + ansible.builtin.file: + path: '{{ localstack.data_dir }}' + state: directory + owner: '{{ dataverse.payara.user }}' + group: '{{ dataverse.payara.group }}' + mode: 0755 - name: start s3-test container - shell: 'docker-compose -f localstack-compose.yml up -d' + ansible.builtin.shell: 'docker compose -f localstack-compose.yml up -d' + become: true + become_user: '{{ dataverse.payara.user }}' args: - chdir: '{{ ansible_env.HOME }}' + chdir: '~{{ dataverse.payara.user }}' diff --git a/tasks/localstack_create.yml b/tasks/localstack_create.yml index a2421d1..a1dc600 100644 --- a/tasks/localstack_create.yml +++ b/tasks/localstack_create.yml @@ -1,27 +1,21 @@ --- -- name: ensure dot dir exists - file: - path: '~/.aws' - state: directory - mode: '0700' - -- name: place aws credentials - template: - src: aws_credentials.j2 - dest: '~/.aws/credentials' - mode: '0600' +- name: flush handlers to restart Payara if needed + meta: flush_handlers -- name: place aws config - template: - src: aws_config.j2 - dest: '~/.aws/config' - mode: '0600' +- name: build list from json + ansible.builtin.set_fact: + s3_bucketlist: "{{ localstack.buckets }}" -- name: escape custom endpoint url colons - set_fact: "custom_endpoint_escaped={{ s3.custom_endpoint_url | regex_replace (':','\\:') }}" - when: s3.custom_endpoint_url | length > 0 +- name: debug list + ansible.builtin.debug: + msg: "{{ item }}" + loop: "{{ s3_bucketlist }}" -- name: create localstack bucket for testing - shell: 'aws --endpoint={{ custom_endpoint_escaped }} s3 mb s3://{{ s3.bucket_name }}' - when: s3.custom_endpoint_url | length > 0 +- name: create buckets and set options + block: + - name: create bucket and set options + ansible.builtin.include_tasks: localstack_create_bucket.yml + vars: + bucket_options: "{{ item }}" + with_items: "{{ s3_bucketlist }}" diff --git a/tasks/localstack_create_bucket.yml b/tasks/localstack_create_bucket.yml new file mode 100644 index 0000000..b2ed39e --- /dev/null +++ b/tasks/localstack_create_bucket.yml @@ -0,0 +1,59 @@ +--- + +- name: escape custom endpoint url colons + ansible.builtin.set_fact: "custom_endpoint_escaped={{ bucket_options.custom_endpoint_url | regex_replace (':','\\:') }}" + when: bucket_options.custom_endpoint_url | length > 0 + +- name: create localstack bucket for testing + ansible.builtin.shell: "aws --endpoint={{ custom_endpoint_escaped }} s3 mb s3://{{ bucket_options.bucket_name }}" + become: yes + become_user: "{{ dataverse.payara.user }}" + when: bucket_options.custom_endpoint_url | length > 0 + +- name: place CORS.json + ansible.builtin.copy: + src: cors.json + dest: /tmp/cors.json + owner: root + group: root + mode: '0644' + +- name: set CORS on bucket when upload_redirect is true + ansible.builtin.shell: 'aws --endpoint={{ custom_endpoint_escaped }} s3api put-bucket-cors --bucket {{ bucket_options.bucket_name }} --cors-configuration file:///tmp/cors.json' + become: yes + become_user: "{{ dataverse.payara.user }}" + when: bucket_options.upload_redirect == true + +- name: debug + ansible.builtin.debug: + msg: '{{ bucket_options }}' + +- name: create jvm_options dictionary + set_fact: + jvm_options: "{{ jvm_options | default({}) | combine ({ inner.key : inner.value }) }}" + loop_control: + loop_var: inner + with_items: + - { 'key' : 'type' , 'value' : 's3' } + - { 'key' : 'id' , 'value' : '{{ bucket_options.id }}' } + - { 'key' : 'label' , 'value' : '{{ bucket_options.label }}' } + - { 'key' : 'bucket-name' , 'value' : '{{ bucket_options.bucket_name }}' } + - { 'key' : 'custom-endpoint-url' , 'value' : '{{ custom_endpoint_escaped }}' } + - { 'key' : 'custom-endpoint-region' , 'value' : '{{ bucket_options.region }}' } + - { 'key' : 'path-style-access' , 'value' : '{{ bucket_options.path_style_access }}' } + - { 'key' : 'upload-redirect' , 'value' : '{{ bucket_options.upload_redirect }}' } + - { 'key' : 'download-redirect' , 'value' : '{{ bucket_options.download_redirect }}' } + - { 'key' : 'access-key' , 'value' : '{{ bucket_options.access_key }}' } + - { 'key' : 'secret-access-key' , 'value' : '{{ bucket_options.secret_access_key }}' } + +- name: debug + ansible.builtin.debug: + msg: '{{ jvm_options }}' + +- name: set Payara JVM options + become: yes + become_user: '{{ dataverse.payara.user }}' + ansible.builtin.shell: '{{ payara_dir }}/bin/asadmin create-jvm-options "\-Ddataverse.files.{{ bucket_options.id }}.{{ inner.key }}={{ inner.value }}"' + loop: "{{ lookup('dict', jvm_options) }}" + loop_control: + loop_var: inner diff --git a/tasks/main.yml b/tasks/main.yml index f616e7b..b162e9b 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -90,6 +90,11 @@ tags: - localstack +- ansible.builtin.import_tasks: minio.yml + when: minio.enabled == true + tags: + - minio + - ansible.builtin.import_tasks: dataverse-install.yml tags: - dataverse diff --git a/tasks/minio.yml b/tasks/minio.yml new file mode 100644 index 0000000..1c1b99a --- /dev/null +++ b/tasks/minio.yml @@ -0,0 +1,86 @@ +--- + +- ansible.builtin.import_tasks: docker.yml + +- name: STORAGE | Import assert.yml + ansible.builtin.import_tasks: minio_assert.yml + run_once: true + delegate_to: localhost + +- name: STORAGE | Initialized MINIO project directory. + block: + - name: STORAGE | Check MinIO initial directory + ansible.builtin.stat: + path: "{{ minio.docker.project_location }}" + register: minio_init_dir + + - name: STORAGE | Create minio project directory + ansible.builtin.file: + path: "{{ minio.docker.project_location }}" + state: directory + mode: "0755" + recurse: true + when: not minio_init_dir.stat.exists + +- name: STORAGE | Setup MINIO project. + block: + - name: STORAGE | Check MinIO initial directory + ansible.builtin.stat: + path: "{{ minio.docker.project_location }}" + register: minio_dir + + - name: STORAGE | Create minio persistent data directory. + ansible.builtin.file: + path: "{{ minio.docker.project_location }}/data" + state: directory + owner: '{{ dataverse.payara.user }}' + group: '{{ dataverse.payara.group }}' + mode: "0755" + recurse: true + when: + - minio_dir.stat.exists + - minio_dir.stat.isdir + + - name: STORAGE | Copy MinIO docker compose variables + ansible.builtin.template: + src: minio_compose.j2 + dest: "{{ minio.docker.project_location }}/minio_compose.yml" + owner: '{{ dataverse.payara.user }}' + group: '{{ dataverse.payara.group }}' + mode: "0644" + lstrip_blocks: true + force: true + register: copy_compose + when: + - minio_dir.stat.exists + - minio_dir.stat.isdir + + - name: STORAGE | Get infos on container + community.docker.docker_container_info: + name: "{{ minio.docker.service_name }}" + register: minio_container + + - name: STORAGE | Check docker compose file + ansible.builtin.stat: + path: "{{ minio.docker.project_location }}/minio_compose.yml" + register: compose_file + + - name: STORAGE | Stop `docker-compose down` MinIO + community.docker.docker_compose: + project_src: "{{ minio.docker.project_location }}" + state: absent + remove_orphans: true + become: true + register: continer_stop + when: + - minio_container.exists + - copy_compose.changed + + - name: STORAGE | Run `docker-compose up` MinIO + community.docker.docker_compose: + project_src: "{{ minio.docker.project_location }}" + build: true + files: minio_compose.yml + when: (not minio_container.exists and minio_dir.stat.isdir and compose_file.stat.exists) or continer_stop.changed + +- ansible.builtin.import_tasks: minio_jvm_options.yml diff --git a/tasks/minio_assert.yml b/tasks/minio_assert.yml new file mode 100644 index 0000000..33b04e0 --- /dev/null +++ b/tasks/minio_assert.yml @@ -0,0 +1,16 @@ +--- +- name: STORAGE | Test if minio_docker_root_user is set correctly + ansible.builtin.assert: + that: + - minio.docker.root_user is defined + - minio.docker.root_user is string + - minio.docker.root_user | length > 0 + quiet: true + +- name: STORAGE | Test if minio.docker.root.password is set correctly + ansible.builtin.assert: + that: + - minio.docker.root_password is defined + - minio.docker.root_password is string + - minio.docker.root_password | length > 0 + quiet: true diff --git a/tasks/minio_jvm_options.yml b/tasks/minio_jvm_options.yml new file mode 100644 index 0000000..90f45ba --- /dev/null +++ b/tasks/minio_jvm_options.yml @@ -0,0 +1,32 @@ +--- + +- name: flush handlers to restart Payara if needed + meta: flush_handlers + +- name: escape custom endpoint url colons + ansible.builtin.set_fact: "custom_endpoint_escaped={{ minio.docker.custom_endpoint_url | regex_replace (':','\\:') }}" + +- name: build minio dict + ansible.builtin.set_fact: + minio_dict: "{{ minio_dict | default({}) | combine ({ item.key : item.value }) }}" + with_items: + - { 'key' : 'type' , 'value' : 's3' } + - { 'key' : 'label' , 'value' : '{{ minio.docker.label }}' } + - { 'key' : 'custom-endpoint-url' , 'value' : '{{ custom_endpoint_escaped }}' } + - { 'key' : 'custom-endpoint-region' , 'value' : '{{ minio.docker.custom_endpoint_region }}' } + - { 'key' : 'bucket-name' , 'value' : '{{ minio.docker.default_bucket }}' } + - { 'key' : 'path-style-access' , 'value' : 'true' } + - { 'key' : 'upload-redirect' , 'value' : 'false' } + - { 'key' : 'download-redirect' , 'value' : 'false' } + - { 'key' : 'access-key' , 'value' : '{{ minio.docker.access_key }}' } + - { 'key' : 'secret-access-key' , 'value' : '{{ minio.docker.secret_key }}' } + +- name: debug + ansible.builtin.debug: + msg: '{{ minio_dict }}' + +- name: set Payara MinIO JVM-options + become: yes + become_user: '{{ dataverse.payara.user }}' + ansible.builtin.shell: '{{ payara_dir }}/bin/asadmin create-jvm-options "\-Ddataverse.files.minio1.{{ item.key }}={{ item.value }}"' + loop: "{{ lookup('dict', minio_dict) }}" diff --git a/tasks/payara.yml b/tasks/payara.yml index 65dae6b..00081e5 100644 --- a/tasks/payara.yml +++ b/tasks/payara.yml @@ -35,11 +35,8 @@ when: payara_zip_download.changed notify: enable and restart payara -- name: create payara service group - group: name={{ dataverse.payara.group }} state=present - -- name: create payara service account - user: name={{ dataverse.payara.user }} group={{ dataverse.payara.group }} +- name: ensure service account and group exist + ansible.builtin.import_tasks: payara_service_account.yml - name: payara service account should own {{ dataverse.payara.domain }} file: path={{ payara_dir }}/glassfish/domains/{{ dataverse.payara.domain }} owner={{ dataverse.payara.user }} @@ -145,7 +142,7 @@ - 'JAVA_TOOL_OPTIONS="-Djdk.util.zip.disableZip64ExtraFieldValidation=true --add-opens=java.base/java.io=ALL-UNNAMED"' when: dataverse.payara.zipurl is match(".*payara-6.*") -- name: workaround for FISH-7665 +- name: so installations can still install payara5 if they want template: src: payara6.service.j2 dest: /usr/lib/systemd/system/payara.service diff --git a/tasks/payara_service_account.yml b/tasks/payara_service_account.yml new file mode 100644 index 0000000..4b05d61 --- /dev/null +++ b/tasks/payara_service_account.yml @@ -0,0 +1,11 @@ +--- + +- name: ensure payara service group exists + ansible.builtin.group: + name: '{{ dataverse.payara.group }}' + state: present + +- name: ensure payara service account exists + ansible.builtin.user: + name: '{{ dataverse.payara.user }}' + group: '{{ dataverse.payara.group }}' diff --git a/tasks/s3.yml b/tasks/s3.yml index d017e71..4d0094e 100644 --- a/tasks/s3.yml +++ b/tasks/s3.yml @@ -1,18 +1,6 @@ --- -- name: we need awscli on 7 - yum: - name: awscli - state: latest - when: ansible_os_family == "RedHat" and - ansible_distribution_major_version == "7" - -- name: we need awscli on 8 - pip: - name: awscli - executable: pip3 - when: ansible_os_family == "RedHat" and - ansible_distribution_major_version == "8" +- ansible.builtin.import_tasks: aws_cli.yml - name: ensure dot dir exists file: @@ -38,8 +26,9 @@ group: '{{ dataverse.payara.group }}' mode: '0600' -- name: set storage-driver-id to s3 - shell: '{{ payara_dir}}/bin/asadmin create-jvm-options "-Ddataverse.files.storage-driver-id={{ s3.storage_driver_id }}"' +# this assumes only one S3 datastore. not completely viable any more. +#- name: set storage-driver-id to s3 +# shell: '{{ payara_dir}}/bin/asadmin create-jvm-options "-Ddataverse.files.storage-driver-id={{ s3.storage_driver_id }}"' - name: set s3 type to s3 shell: '{{ payara_dir}}/bin/asadmin create-jvm-options "-Ddataverse.files.s3.type={{ s3.files_type }}"' diff --git a/templates/localstack-compose.yml.j2 b/templates/localstack-compose.yml.j2 index 43189f0..62f1265 100644 --- a/templates/localstack-compose.yml.j2 +++ b/templates/localstack-compose.yml.j2 @@ -2,19 +2,21 @@ version: '2.1' services: localstack: - container_name: "{{ localstack.container }}" + container_name: "{{ localstack.container_name }}" image: localstack/localstack ports: - - "4567-4599:4567-4599" - - "{{ localstack.web_ui }}-{{ localstack.web_ui }}:{{ localstack.web_ui }}-{{ localstack.web_ui }}" + - "127.0.0.1:4566:4566" + #- "4567-4599:4567-4599" + #- "{{ localstack.web_ui }}-{{ localstack.web_ui }}:{{ localstack.web_ui }}-{{ localstack.web_ui }}" environment: - SERVICES=s3 - DEBUG={{ localstack.debug }} - - DATA_DIR={{ localstack.data_dir }} - - PORT_WEB_UI={{ localstack.web_ui }} + #- DATA_DIR={{ localstack.data_dir }} + #- PORT_WEB_UI={{ localstack.web_ui }} - LOCALSTACK_HOSTNAME={{ localstack.hostname_external }} - - LAMBDA_EXECUTOR=local + #- LAMBDA_EXECUTOR=local - DOCKER_HOST=unix:///var/run/docker.sock volumes: - - "/tmp/localstack:/tmp/localstack" - "/var/run/docker.sock:/var/run/docker.sock" + tmpfs: + - /localstack:mode=770,size=128M,uid=1000,gid=1000 diff --git a/templates/minio_compose.j2 b/templates/minio_compose.j2 new file mode 100644 index 0000000..9178f7c --- /dev/null +++ b/templates/minio_compose.j2 @@ -0,0 +1,42 @@ +version: "3" + +#networks: +# {{ minio.docker.network.name }}: +# driver: bridge +# external: {{ minio.docker.network.external }} + +services: + {{ minio.docker.service_name }}: + container_name: {{ minio.docker.service_name }} + image: quay.io/minio/minio:{{ minio.docker.version }} + environment: + TZ: {{ minio.docker.timezone }} + MINIO_ROOT_USER: {{ minio.docker.root_user }} + MINIO_ROOT_PASSWORD: {{ minio.docker.root_password }} + MINIO_ACCESS_KEY: {{ minio.docker.access_key }} + MINIO_SECRET_KEY: {{ minio.docker.secret_key }} + ports: + - {{ minio.docker.server_port }}:{{ minio.docker.server_port }} + - {{ minio.docker.console_port }}:{{ minio.docker.console_port }} + #networks: + # - {{ minio.docker.network.name }} + volumes: + - {{ minio.docker.project_location }}/data:/data:rw + entrypoint: ["/bin/sh","-c"] + command: + - | + mkdir -p /data/{{ minio.docker.default_bucket }} + minio server --address ":{{ minio.docker.server_port }}" --console-address ":{{ minio.docker.console_port }}" /data + healthcheck: + #disable: true + test: ["CMD", "curl", "-f", "http://localhost:{{ minio.docker.server_port }}/minio/health/live"] + interval: 30s + timeout: 20s + retries: 3 + restart: always + deploy: + restart_policy: + condition: on-failure + delay: 5s + max_attempts: 3 + window: 120s diff --git a/tests/group_vars/java17.yml b/tests/group_vars/java17.yml index 1369af3..295b72e 100644 --- a/tests/group_vars/java17.yml +++ b/tests/group_vars/java17.yml @@ -32,6 +32,8 @@ letsencrypt: email: user: certbot +dataverse_misc_files_dir: '/opt/dv' + dataverse: adminpass: admin1 allow_signups: true diff --git a/tests/group_vars/jenkins.yml b/tests/group_vars/jenkins.yml index 0929cb4..22215e0 100644 --- a/tests/group_vars/jenkins.yml +++ b/tests/group_vars/jenkins.yml @@ -32,6 +32,8 @@ letsencrypt: email: user: certbot +dataverse_misc_files_dir: '/opt/dv' + dataverse: adminpass: admin1 allow_signups: true @@ -99,7 +101,7 @@ dataverse: handlenet: independenthandleservice: 'false' # handleauthhandle: YOUR:HANDLE/USERNAME - admcredfile: /opt/dv/admpriv.bin + admcredfile: "{{ dataverse_misc_files_dir }}/admpriv.bin" admcredfile_source: files/handlenet/admcredfile # admprivphrase: # index: 300 @@ -117,6 +119,7 @@ dataverse: ## Also, changing the default storage takes effect immediately for temp files, but ## only after restart for publishing (i.e. without restart the temp files will be moved to the old default data store at publish time). filesdirs: + #storage_driver_id: file - label: file path: /usr/local/dvn/data # - label: label @@ -143,7 +146,8 @@ dataverse: siteurl: root: /usr/local dir: payara6 - zipurl: https://nexus.payara.fish/repository/payara-community/fish/payara/distributions/payara/6.2023.8/payara-6.2023.8.zip + #zipurl: https://nexus.payara.fish/repository/payara-community/fish/payara/distributions/payara/6.2023.8/payara-6.2023.8.zip + zipurl: https://mirrors.ibiblio.org/payara/payara-6.2023.8.zip zipchecksum: sha256:108ed0fa7f97bb3833ff00610a4951dd41389e2647dffe28132ad54231af694a google_analytics_key: jacoco: @@ -161,7 +165,7 @@ dataverse: language_packs: source: https://github.com/GlobalDataverseCommunityConsortium/dataverse-language-packs.git version: develop - lang_directory: /opt/dv/lang + lang_directory: "{{ dataverse_misc_files_dir }}/lang" licenses: enabled: false user: dataverseAdmin @@ -242,13 +246,15 @@ dataverse: version: 9.3.0 listen: 127.0.0.1 checksum: sha256:2a924a776d7c06dea561f12bdb17291dbaecc9e9a06f363d4599acb7fb7bfa71 - srcdir: /tmp/dataverse + srcdir: /opt/dataverse/dataverse thumbnails: false unittests: enabled: true argument: '-DcompilerArgument=-Xlint:unchecked test -P all-unit-tests' usermgmtkey: burrito - version: '6.0' + deployment: + upgrade_only: false + version: '6.1' build_guides: false @@ -284,6 +290,10 @@ db: plain: 'no' use_rds: false +docker: + cidr: 10.0.0.99/24 + repo: https://download.docker.com/linux/centos/docker-ce.repo + grafana: grafana_user: 'admin' grafana_password: 'adm1n' @@ -292,19 +302,61 @@ java: version: 17 localstack: - enabled: false - docker: - cidr: - repo: https://download.docker.com/linux/centos/docker-ce.repo - container: 's3-test' + enabled: true + container_name: dev_localstack # set to /tmp/localstack/data to enable persistence - data_dir: + data_dir: /tmp/localstack/data debug: true - hostname_external: + hostname_external: localstack + port: 4566 web_ui: 8888 + buckets: + - label: LocalStack + id: localstack1 + bucket_name: mybucket + enabled: false + access_key: 4cc355_k3y + secret_access_key: s3cr3t_4cc355_k3y + # for non-amazon services. + custom_endpoint_url: "http://localhost:4566" + # note: direct upload and download require CORS on the bucket + download_redirect: true + upload_redirect: true + files_type: s3 + ingestsizelimit: 2000000000 + # for localstack this must be true + path_style_access: true + region: us-east-2 + url_expiration_minutes: 60 + payload_signing: false + chunked_encoding: true maven: - version: 3.8.8 + version: 3.9.5 + +minio: + enabled: true + docker: + version: "latest" + service_name: "minio" + network: + name: "minio" + external: false + project_location: "/home/dataverse/minio" + timezone: "America/New_York" + user: dataverse + group: dataverse + server_port: 9000 + console_port: 9001 + root_user: "4cc355_k3y" + root_password: "s3cr3t_4cc355_k3y" + default_bucket: "mybucket" + label: MinIO + custom_endpoint_url: "http://localhost:9000" + custom_endpoint_region: us-east-1 + path-style-access: true + access_key: 4cc355_k3y + secret_key: s3cr3t_4cc355_k3y munin: install: false diff --git a/tests/group_vars/memorytests.yml b/tests/group_vars/memorytests.yml index 12f105c..7e20523 100644 --- a/tests/group_vars/memorytests.yml +++ b/tests/group_vars/memorytests.yml @@ -37,6 +37,8 @@ letsencrypt: email: user: certbot +dataverse_misc_files_dir: '/opt/dv' + dataverse: adminpass: admin1 allow_signups: true @@ -102,7 +104,7 @@ dataverse: handlenet: independenthandleservice: 'false' # handleauthhandle: YOUR:HANDLE/USERNAME - admcredfile: /opt/dv/admpriv.bin + admcredfile: "{{ dataverse_misc_files_dir }}/admpriv.bin" admcredfile_source: files/handlenet/admcredfile # admprivphrase: # index: 300 @@ -164,7 +166,7 @@ dataverse: language_packs: source: https://github.com/GlobalDataverseCommunityConsortium/dataverse-language-packs.git version: develop - lang_directory: /opt/dv/lang + lang_directory: "{{ dataverse_misc_files_dir }}/lang" licenses: enabled: false user: dataverseAdmin @@ -250,6 +252,8 @@ dataverse: enabled: false argument: '-DcompilerArgument=-Xlint:unchecked test -P all-unit-tests' usermgmtkey: burrito + deployment: + upgrade_only: false version: '5.14' build_guides: false diff --git a/tests/group_vars/solr9.yml b/tests/group_vars/solr9.yml index 65116e0..0eec5f3 100644 --- a/tests/group_vars/solr9.yml +++ b/tests/group_vars/solr9.yml @@ -32,6 +32,8 @@ letsencrypt: email: user: certbot +dataverse_misc_files_dir: '/opt/dv' + dataverse: adminpass: admin1 allow_signups: true diff --git a/tests/group_vars/vagrant.yml b/tests/group_vars/vagrant.yml index 489d234..25b1b84 100644 --- a/tests/group_vars/vagrant.yml +++ b/tests/group_vars/vagrant.yml @@ -37,6 +37,8 @@ letsencrypt: email: user: certbot +dataverse_misc_files_dir: '/opt/dv' + dataverse: adminpass: admin1 allow_signups: true @@ -104,7 +106,7 @@ dataverse: handlenet: independenthandleservice: 'false' # handleauthhandle: YOUR:HANDLE/USERNAME - admcredfile: /opt/dv/admpriv.bin + admcredfile: "{{ dataverse_misc_files_dir }}/admpriv.bin" admcredfile_source: files/handlenet/admcredfile # admprivphrase: # index: 300 @@ -166,7 +168,7 @@ dataverse: language_packs: source: https://github.com/GlobalDataverseCommunityConsortium/dataverse-language-packs.git version: develop - lang_directory: /opt/dv/lang + lang_directory: "{{ dataverse_misc_files_dir }}/lang" licenses: enabled: false user: dataverseAdmin @@ -240,20 +242,22 @@ dataverse: service_email: noreply@dataverse.yourinstitution.edu smtp: localhost solr: - download_url: https://dlcdn.apache.org/solr/solr/9.3.0/solr-9.3.0.tgz + download_url: https://archive.apache.org/dist/solr/solr/9.3.0/solr-9.3.0.tgz group: solr root: /usr/local/solr user: solr version: 9.3.0 listen: 127.0.0.1 checksum: sha256:2a924a776d7c06dea561f12bdb17291dbaecc9e9a06f363d4599acb7fb7bfa71 - srcdir: /tmp/dataverse + srcdir: /opt/dataverse/dataverse thumbnails: false unittests: enabled: true argument: '-DcompilerArgument=-Xlint:unchecked test -P all-unit-tests' usermgmtkey: burrito - version: '6.0' + deployment: + upgrade_only: false + version: '6.1' build_guides: false @@ -289,6 +293,10 @@ db: plain: 'no' use_rds: false +docker: + cidr: 10.0.0.99/24 + repo: https://download.docker.com/linux/centos/docker-ce.repo + grafana: grafana_user: 'admin' grafana_password: 'admin' @@ -301,9 +309,63 @@ harvest: java: version: 17 +localstack: + enabled: false + container_name: dev_localstack + # set to /tmp/localstack/data to enable persistence + data_dir: /tmp/localstack/data + debug: true + hostname_external: localstack + port: 4566 + web_ui: 8888 + buckets: + - label: LocalStack + id: localstack1 + bucket_name: mybucket + enabled: false + access_key: 4cc355_k3y + secret_access_key: s3cr3t_4cc355_k3y + # for non-amazon services. + custom_endpoint_url: "http://localhost:4566" + # note: direct upload and download require CORS on the bucket + download_redirect: true + upload_redirect: true + files_type: s3 + ingestsizelimit: 2000000000 + # for localstack this must be true + path_style_access: true + region: us-east-2 + url_expiration_minutes: 60 + payload_signing: false + chunked_encoding: true + maven: version: 3.8.8 +minio: + enabled: false + docker: + version: "latest" + service_name: "minio" + network: + name: "minio" + external: false + project_location: "/home/dataverse/minio" + timezone: "America/New_York" + user: dataverse + group: dataverse + server_port: 9000 + console_port: 9001 + root_user: "4cc355_k3y" + root_password: "s3cr3t_4cc355_k3y" + default_bucket: "mybucket" + label: MinIO + custom_endpoint_url: "http://localhost:9000" + custom_endpoint_region: us-east-1 + path-style-access: true + access_key: 4cc355_k3y + secret_key: s3cr3t_4cc355_k3y + munin: install: false admin: