Merge pull request #95 from dominikl/rocky9_v2

Rocky9

README.md

@@ -3,7 +3,7 @@ OMERO.web installation scripts
 
 [![Actions Status](https://github.com/ome/omeroweb-install/workflows/Build/badge.svg)](https://github.com/ome/omeroweb-install/actions)
 
-Example of OMERO.web installation scripts for Linux: CentOS7, CentOS8, Ubuntu 18.04, 20.04, Debian 9 and 10.
+Example of OMERO.web installation scripts for Linux: CentOS7, CentOS8, Rocky 9, Ubuntu 18.04, 20.04, Debian 9 and 10.
 These scripts are provided to help new users with installing OMERO.web for the
 first time on a clean system, and can be used as the basis for more advanced
 configurations.
@@ -26,21 +26,21 @@ Prerequisites
 Building
 --------
 
-    ansible-playbook ./ansible/omeroweb-install.yml -i ./ansible/hosts/centos7-ice3.6
+    ansible-playbook ./ansible/omeroweb-install.yml -i ./ansible/hosts/rockylinux9-ice3.6
 
 to clean up existing scripts:
 
-    ansible-playbook ./ansible/omeroweb-install.yml -i ./ansible/hosts/centos7-ice3.6 --extra-vars "clean=True"
+    ansible-playbook ./ansible/omeroweb-install.yml -i ./ansible/hosts/rockylinux9-ice3.6 --extra-vars "clean=True"
 
 Scripts are autogenerated using ansible, that means they can build directly on the remote host.
-Create your own copy of inventory, e.g. `ansible/hosts/centos7-ice3.6`  and define a list of hosts
+Create your own copy of inventory, e.g. `ansible/hosts/rockylinux9-ice3.6`  and define a list of hosts
 
-    cat << EOF > /path/to/hosts/centos7-ice3.6
-    [centos7-ice3.6]
+    cat << EOF > /path/to/hosts/rockylinux9-ice3.6
+    [rockylinux9-ice3.6]
     omeroweb1.example.com ansible_port=22 ansible_host=omeroweb1.example.com ansible_user=username ansible_ssh_pass=secret
     EOF
 
-    ansible-playbook ./ansible/omeroweb-install.yml -i /path/to/hosts/centos7-ice3.6
+    ansible-playbook ./ansible/omeroweb-install.yml -i /path/to/hosts/rockylinux9-ice3.6
 
 
 Extra vars arguments:
@@ -55,7 +55,7 @@ Extra vars arguments:
 
 example usage:
 
-    ansible-playbook ./ansible/omeroweb-install.yml -i ./hosts/centos7-ice3.6 --extra-vars "web_prefix=/omero web_server_name=IP_GOES_HERE web_port=80"
+    ansible-playbook ./ansible/omeroweb-install.yml -i ./hosts/rockylinux9-ice3.6 --extra-vars "web_prefix=/omero web_server_name=IP_GOES_HERE web_port=80"
 
 Running
 -------
@@ -72,30 +72,28 @@ Environment variables:
 
 and run for example
 
-on Ubuntu 18.04:
+on Rocky 9:
 
-    ./ansible/omeroweb-install-ubuntu1804-ice3.6
-    ./ansible/ubuntu1804-ice3.6/run
-
-on CentOS 7:
-
-    ./ansibleomeroweb-install-centos7-ice3.6
+    ./omeroweb-install-rockylinux9-ice3.6
 
 To run installation scripts on a remote host:
 
+    $ # copy over installation scripts from the ansible directory
+    $ scp -r ansible/omeroweb-install-rockylinux9-ice3.6 ansible/rockylinux9-ice3.6 bob@hostname:/tmp/ 
     $ ssh bob@hostname
-    $ mv centos7-ice3.6 omeroweb-install-centos7-ice3.6 /tmp/
-    $ sudo /tmp/omeroweb-install-centos7-ice3.6  ## absolute path is required
+    $ sudo su # switch to root user
+    $ chmod -R a+r /tmp/rockylinux9-ice3.6  # omero-web user will need read access
+    $ bash /tmp/omeroweb-install-rockylinux9-ice3.6
 
 
 Testing in DOCKER
 -----------------
 
 These tests are only for CentOS, Ubuntu, and Debian deployments. Unfortunately there is no docker container for Mac OS X installation scripts
 
-    OS=centos7 ICEVER=3.6 WEBPREFIX=/omero .travis/before_install.sh
-    OS=centos7 ICEVER=3.6 WEBPREFIX=/omero DOCKER=true TRAVIS_OS_NAME=linux .travis/install.sh
-    OS=centos7 ICEVER=3.6 WEBPREFIX=/omero DOCKER=true TRAVIS_OS_NAME=linux .travis/script.sh 
+    OS=rockylinux9 ICEVER=3.6 WEBPREFIX=/omero .travis/before_install.sh
+    OS=rockylinux9 ICEVER=3.6 WEBPREFIX=/omero DOCKER=true TRAVIS_OS_NAME=linux .travis/install.sh
+    OS=rockylinux9 ICEVER=3.6 WEBPREFIX=/omero DOCKER=true TRAVIS_OS_NAME=linux .travis/script.sh 
 
 To test remote build set `ANSIBLE=true`
 Note: make sure you always set `DOCKER=true` when running local test. Otherwise it will attempt to install OMERO.web on you local machine

ansible/omeroweb-install.yml

@@ -107,6 +107,12 @@
         mode: a+x
       when: daemon
 
+    - name: Copy nginx.repo (rocky)
+      template:
+        src: "{{ os }}/nginx.repo"
+        dest: "{{ path }}/{{ prefix }}/nginx.repo"
+      when: (os | regex_findall("rocky"))
+
     - name: Generate omero-web-systemd.service.sh (centos)
       template:
         src: "{{ os }}/omero-web-systemd.service.j2"

ansible/templates/common/arg_vars.j2

@@ -19,6 +19,7 @@ OMERODIR={{ omero_user_web_dir }}
 
 WEBSESSION=${WEBSESSION:-{{ web_session }}}
 
+WEBSERVER_CONF=${WEBSERVER_CONF:-nginx}
 WEBPREFIX=${WEBPREFIX:-{{ default.web_prefix }}}
 WEBPORT=${WEBPORT:-{{ default.web_port }}}
 WEBSERVER_NAME=${WEBSERVER_NAME:-{{ default.web_server_name }}}

ansible/templates/omeroweb-install.sh.j2

@@ -21,22 +21,23 @@ bash $path/deps_ice{{ ice_version }}.sh
 # install OMERO.web
 bash $path/install.sh
 
-su - {{ omero_user }}  -c "OMERODIR=$OMERODIR WEBPORT=$WEBPORT WEBPREFIX=$WEBPREFIX WEBSERVER_CONF=$WEBSERVER_CONF WEBSERVER_NAME=$WEBSERVER_NAME bash $path/omeroweb_configure.sh"
+webconfpath=`realpath $path`
+su - {{ omero_user }}  -c "OMERODIR=$OMERODIR WEBPORT=$WEBPORT WEBPREFIX=$WEBPREFIX WEBSERVER_CONF=$WEBSERVER_CONF WEBSERVER_NAME=$WEBSERVER_NAME bash $webconfpath/omeroweb_configure.sh"
 
 if [[ $WEBSESSION = *[!\ ]* ]]; then
     bash $path/deps_web_session.sh
     bash $path/install_web_session.sh
-    su - {{ omero_user }}  -c "OMERODIR=$OMERODIR bash $path/web_session_configure.sh"
+    su - {{ omero_user }}  -c "OMERODIR=$OMERODIR bash $webconfpath/web_session_configure.sh"
 fi
 
 bash $path/install_cors.sh
 
-su - {{ omero_user }}  -c "OMERODIR=$OMERODIR bash $path/cors_configuration.sh"
+su - {{ omero_user }}  -c "OMERODIR=$OMERODIR bash $webconfpath/cors_configuration.sh"
 
 
 bash $path/install_whitenoise.sh
 
-su - {{ omero_user }}  -c "OMERODIR=$OMERODIR bash $path/whitenoise_configuration.sh"
+su - {{ omero_user }}  -c "OMERODIR=$OMERODIR bash $webconfpath/whitenoise_configuration.sh"
 
 bash $path/nginx.sh
 

ansible/templates/rockylinux9/deps.sh.j2

@@ -6,10 +6,14 @@ Install dependencies::
 set -e -u -x
 {% endif %}
 
-yum -y install epel-release
+{% if doc %}
+    cp nginx.repo /etc/yum.repos.d/
+{% else %}
+    cp `dirname $0`/nginx.repo /etc/yum.repos.d/
+{% endif %}
 
-yum -y install unzip
+dnf -y install unzip
 
-yum -y install python3
+dnf -y install python3
 
-yum -y install nginx
+dnf -y install nginx

ansible/templates/rockylinux9/deps_web_session.sh.j2

@@ -6,7 +6,7 @@
 set -e -u -x
 {% endif %}
 
-yum -y install redis
+dnf -y install redis
 
 systemctl enable redis.service
 

ansible/templates/rockylinux9/nginx.repo

@@ -0,0 +1,7 @@
+[nginx-stable]
+name=nginx stable repo
+baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
+gpgcheck=1
+enabled=1
+gpgkey=https://nginx.org/keys/nginx_signing.key
+module_hotfixes=true

ansible/templates/rockylinux9/nginx.sh.j2

@@ -6,10 +6,15 @@ Copy the generated configuration file into the NGINX configuration directory, di
 set -e -u -x
 {% endif %}
 
-sed -i.bak -re 's/( default_server.*)/; #\1/' /etc/nginx/nginx.conf
+# Disable default server config
+# Newer nginx versions:
 if [ -f /etc/nginx/conf.d/default.conf ]; then
     mv /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.disabled
 fi
+# Older nginx versions:
+sed -i.bak -re 's/( default_server.*)/; #\1/' /etc/nginx/nginx.conf
+sed -i "/^\s\s\s\sserver/, /^\s\s\s\s}/ s|^|#|" /etc/nginx/nginx.conf
+
 cp {{ omero_user_web_dir }}/nginx.conf.tmp /etc/nginx/conf.d/omeroweb.conf
 
 systemctl enable nginx

ansible/templates/rockylinux9/selinux.sh.j2

@@ -7,10 +7,10 @@ set -e -u -x
 {% endif %}
 
 if [ $(getenforce) != Disabled ]; then
-
-    yum -y install policycoreutils-python
+    dnf -y install policycoreutils-python-utils
     setsebool -P httpd_read_user_content 1
     setsebool -P httpd_enable_homedirs 1
     semanage port -a -t http_port_t -p tcp 4080
-
+    firewall-cmd --zone=public --add-port=4080/tcp --permanent
+    firewall-cmd --reload
 fi

test/Dockerfile_rockylinux9

@@ -7,7 +7,8 @@ LABEL author="ome-devel@lists.openmicroscopy.org.uk"
 RUN touch /.dockerenv
 
 ADD ./omeroweb-install-test.zip /tmp
-RUN yum -y install initscripts unzip
+RUN dnf clean all
+RUN dnf -y install initscripts unzip
 RUN unzip /tmp/omeroweb-install-test.zip -d /tmp
 
 # This is so that scripts can detect whether they're in docker