roberto.cirillo
/
ansible-role-orientdb
forked from InfraScience/ansible-role-orientdb
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Import the orientdb role. Add a systemd unit file.

This commit is contained in:
Andrea Dell'Amico 2020-07-06 14:57:59 +02:00
parent 7768bdf413
commit 805c1c2669
16 changed files with 674 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
README.md
View File

@ -1,31 +1,20 @@
Role Name
=========
A brief description of the role goes here.
Requirements
------------
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
A role that installs the community version of OrientDB <https://www.orientdb.org>
Role Variables
--------------
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
The most important variables are listed below:
``` yaml
```
Dependencies
------------
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
Example Playbook
----------------
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
roles:
- { role: username.rolename, x: 42 }
* openjdk
License
-------
@ -35,4 +24,4 @@ EUPL-1.2
Author Information
------------------
An optional section for the role authors to include contact information, or a website (HTML is not allowed).
Andrea Dell'Amico, <andrea.dellamico@isti.cnr.it>

81
defaults/main.yml
View File

@ -1,2 +1,81 @@
---
# defaults file for ansible-role-template
orientdb_install: False
orientdb_enabled: True
orientdb_version: 3.0.31
orientdb_archive_commpression: tar.gz
orientdb_dir: 'orientdb'
orientdb_tar_filename: '{{ orientdb_dir }}-{{ orientdb_version }}'
orientdb_tar_file: '{{ orientdb_tar_filename }}.{{ orientdb_archive_commpression }}'
orientdb_binary_distribution_url: 'https://s3.us-east-2.amazonaws.com/orientdb3/releases/{{ orientdb_version }}/{{ orientdb_tar_file }}'
orientdb_user: orientdb
orientdb_log_dir: /var/log/orientdb
orientdb_log_level: INFO
orientdb_home_prefix: /home
orientdb_base_dir: '{{ orientdb_home_prefix }}/{{ orientdb_user }}'
orientdb_install_dir: '{{ orientdb_base_dir }}/{{ orientdb_dir }}'
orientdb_data_dir: '{{ orientdb_home_prefix }}/{{ orientdb_user }}/databases'
orientdb_pid_dir: '{{ orientdb_home_prefix }}/{{ orientdb_user }}/pid'
orientdb_configuration_files:
- orientdb-server-log.properties
- orientdb-server-config.xml
- default-distributed-db-config.json
- hazelcast.xml
- automatic-backup.json
orientdb_ssl_enabled: False
orientdb_letsencrypt_ssl_enabled: False
orientdb_ssl_client_auth_enabled: False
orientdb_hooks_classes:
- { name: 'org.gcube.informationsystem.orientdb.hooks.HeaderHook', position: 'REGULAR' }
- { name: 'org.gcube.informationsystem.orientdb.hooks.ConsistsOfHook', position: 'REGULAR' }
- { name: 'org.gcube.informationsystem.orientdb.hooks.IsRelatedToHook', position: 'REGULAR' }
#orientdb_hooks_jars:
# - 'http://maven.research-infrastructures.eu/nexus/service/local/artifact/maven/redirect?r=gcube-snapshots&g=org.gcube.information-system&a=resource-registry-orientdb-hooks&v=1.3.0-SNAPSHOT&e=jar&c=jar-with-dependencies'
#orientdb_hooks_to_be_removed:
# - hook*.jar
orientdb_binary_protocol_lower_port: 2424
orientdb_binary_protocol_higher_port: 2430
orientdb_ssl_protocol_lower_port: 2434
orientdb_ssl_protocol_higher_port: 2440
orientdb_http_protocol_lower_port: 2480
orientdb_http_protocol_higher_port: 2490
orientdb_java_heap: '-Xms1024m -Xmx2048m'
orientdb_default_settings: ''
orientdb_distributed: False
orientdb_distributed_autodeploy: 'true'
orientdb_distributed_writequorum: 'majority'
#orientdb_distributed_writequorum: 'all'
orientdb_distributed_readquorum: 1
orientdb_distributed_readyourwrites: 'true'
orientdb_distributed_executionmode: 'undefined'
orientdb_new_node_strategy: 'dynamic'
orientbd_graph_server_enabled: False
orientdb_hazelcast_group_name: orientdb
orientdb_hazelcast_group_password: orientdb
orientbd_hazelcast_encryption: False
orientdb_hazelcast_port_min: 2434
orientdb_hazelcast_port_max: 2454
orientdb_hazelcast_multicast_enabled: False
orientdb_hazelcast_multicast_group: 235.1.1.1
orientdb_hazelcast_unicast_members:
- { member: 'localhost', port: '{{ orientdb_hazelcast_port_min }}' }
# For Reference see http://orientdb.com/docs/3.0.x/plugins/Automatic-Backup.html
orientdb_automatic_backup: True
orientdb_automatic_backup_mode: 'EXPORT'
orientdb_automatic_backup_export_options: ''
orientdb_automatic_backup_delay: 24h
orientdb_automatic_backup_first_time: '23:00:00'
orientdb_automatic_backup_directory: '{{ orientdb_home_prefix }}/{{ orientdb_user }}/backups'
orientdb_automatic_backup_target_file_name: '${DBNAME}-${DATE:yyyyMMddHHmmss}.zip'
orientdb_automatic_backup_compression_level: 9
orientdb_automatic_backup_buffer_size: 1048576
orientdb_automatic_backup_retention_days: '7'

4
handlers/main.yml
View File

@ -1,2 +1,4 @@
---
# handlers file for ansible-role-template
- name: Restart orientdb
service: name=orientdb state=restarted sleep=30
when: orientdb_enabled

54
meta/main.yml
View File

@ -1,46 +1,32 @@
galaxy_info:
author: your name
description: your description
company: your company (optional)
author: Andrea Dell'Amico
description: Systems Architect
company: ISTI-CNR
# If the issue tracker for your role is not on github, uncomment the
# next line and provide a value
issue_tracker_url: https://support.d4science.org/projects/automatic-provisioning/issues
issue_tracker_url: https://redmine-s2i2s.isti.cnr.it/projects/provisioning
license: EUPL-1.2
license: EUPL 1.2+
min_ansible_version: 2.8
# If this a Container Enabled role, provide the minimum Ansible Container version.
# min_ansible_container_version:
# Optionally specify the branch Galaxy will use when accessing the GitHub
# repo for this role. During role install, if no tags are available,
# Galaxy will use this branch. During import Galaxy will access files on
# this branch. If Travis integration is configured, only notifications for this
# branch will be accepted. Otherwise, in all cases, the repo's default branch
# (usually master) will be used.
#github_branch:
#
# Provide a list of supported platforms, and for each platform a list of versions.
# If you don't wish to enumerate all versions for a particular platform, use 'all'.
# To view available platforms and versions (or releases), visit:
# https://galaxy.ansible.com/api/v1/platforms/
#
platforms:
- name: Ubuntu
versions:
- bionic
- name: Ubuntu
versions:
- Trusty
- bionic
- name: EL
versions:
- 7
galaxy_tags: []
# List tags for your role here, one per line. A tag is a keyword that describes
# and categorizes the role. Users find roles by searching for tags. Be sure to
# remove the '[]' above, if you add tags to this list.
#
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
# Maximum 20 tags per role.
galaxy_tags:
- orientdb
dependencies:
- src: git+https://gitea-s2i2s.isti.cnr.it/ISTI-ansible-roles/ansible-role-openjdk.git
version: master
name: openjdk
state: latest
dependencies: []
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
# if you add dependencies to this list.

162
tasks/main.yml
View File

@ -1,2 +1,162 @@
---
# tasks file for ansible-role-template
- block:
- name: Create the orientdb user
user: name={{ orientdb_user }} home={{ orientdb_base_dir }} createhome=yes shell=/bin/bash
- name: Get the orientdb distribution
get_url: url={{ orientdb_binary_distribution_url }} dest={{ orientdb_base_dir }}/{{ orientdb_tar_file }} validate_certs=no
- name: Unpack the orientdb distribution
unarchive: src={{ orientdb_base_dir }}/{{ orientdb_tar_file }} dest={{ orientdb_base_dir }} copy=no
args:
creates: '{{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}-{{ orientdb_version }}'
- name: Link to the latest version
become: True
become_user: '{{ orientdb_user }}'
file: src={{ orientdb_tar_filename }} dest={{ orientdb_install_dir }} state=link
- name: Create a orientdb log directory out of the distribution directory
file: dest={{ orientdb_log_dir }} state=directory owner={{ orientdb_user }} group={{ orientdb_user }} mode=0755
- name: Link the log directory inside the orientdb user home
become: True
become_user: '{{ orientdb_user }}'
file: dest={{ orientdb_home_prefix }}/{{ orientdb_user }}/logs src={{ orientdb_log_dir }} state=link
- name: Create the needed directory inside the orientdb user home
become: True
become_user: '{{ orientdb_user }}'
file: dest={{ item }} state=directory mode=0750
with_items:
- '{{ orientdb_data_dir }}'
- '{{ orientdb_pid_dir }}'
- '{{ orientdb_automatic_backup_directory }}'
- name: Remove the old hook jars
shell: rm -f {{ orientdb_install_dir }}/lib/{{ item }}
with_items: '{{ orientdb_hooks_to_be_removed | default([]) }}'
tags: [ 'orientdb', 'orientdb_hooks' ]
- name: Fetch and install the hook jars
get_url: url='{{ item }}' dest={{ orientdb_install_dir }}/lib
with_items: '{{ orientdb_hooks_jars | default([]) }}'
notify: Restart orientdb
tags: [ 'orientdb', 'orientdb_hooks' ]
- name: Install the orientdb default settings
template: src=orientdb.default.j2 dest=/etc/default/orientdb owner=root group=root mode=0444
notify: Restart orientdb
- name: Fix the pid file path inside the start and shutdown scripts
lineinfile: dest={{ orientdb_install_dir }}/bin/{{ item }} regexp="^ORIENTDB_PID=.*$" line="ORIENTDB_PID={{ orientdb_pid_dir }}/orientdb.pid" insertafter="^PRG=.*$" firstmatch=yes
with_items:
- server.sh
- shutdown.sh
tags: [ 'orientdb', 'orientdb_pid' ]
- name: Install the orientdb configuration files
template: src={{ item }}.j2 dest={{ orientdb_install_dir }}/config/{{ item }} owner={{ orientdb_user }} group={{ orientdb_user }} mode=0640
with_items: '{{ orientdb_configuration_files }}'
notify: Restart orientdb
tags: [ 'orientdb', 'orientdb_config' ]
- name: Install the nagios nrpe configuration
template: src=orientdb-nrpe.cfg.j2 dest={{ nrpe_include_dir }}/orientdb-nrpe.cfg owner=root group=root mode=0444
notify: Reload NRPE server
when:
- nrpe_include_dir is defined
- nagios_enabled is defined and nagios_enabled
tags: [ 'orientdb', 'orientdb_nagios' ]
- name: Install the orientdb SYSV startup script
template: src=orientdb.init.j2 dest=/etc/init.d/orientdb owner=root group=root mode=0755
tags: [ 'orientdb', 'orientdb_init' ]
when: ansible_service_mgr != 'systemd'
- name: Install the orientdb systemd unit
template: src=orientdb.service.j2 dest=/usr/lib/systemd/system/orientdb.service owner=root group=root mode=0644
tags: [ 'orientdb', 'orientdb_init' ]
when: ansible_service_mgr == 'systemd'
register: reload_systemd
- name: Reload the systemd service
systemd:
daemon_reload: yes
when: reload_systemd is changed
- name: Ensure that the service is enabled and running
service: name=orientdb state=started enabled=yes
when: orientdb_enabled
- name: Ensure that the service is stopped and disabled
service: name=orientdb state=stopped enabled=no
when: not orientdb_enabled
tags: orientdb
when: orientdb_install
- block:
- name: Install a script that removes the old orientdb backups
template: src=backup-cleaner.sh.j2 dest=/usr/local/bin/orientdb-backup-cleaner owner=root group=root mode=555
- name: Add a cron job that removes the old backups
cron:
cron_file: 'orientdb-backup-cleaner'
disabled: no
job: "/usr/local/bin/orientdb-backup-cleaner >/dev/null 2>&1"
special_time: daily
user: '{{ orientdb_user }}'
name: "Remove old orientdb backups"
state: present
tags: [ 'orientdb', 'orientdb_backup' ]
when: orientdb_install
- block:
- name: Create the acme hooks directory if it does not yet exist
file: dest={{ letsencrypt_acme_services_scripts_dir }} state=directory owner=root group=root
- name: Install a letsencrypt hook to update the orientdb certificate
template: src=orientdb-letsencrypt-acme.sh.j2 dest={{ letsencrypt_acme_services_scripts_dir }}/orientdb owner=root group=root mode=4555
tags: [ 'orientdb', 'letsencrypt', 'orientdb_letsencrypt' ]
when:
- orientdb_install
- orientdb_letsencrypt_ssl_enabled
- block:
- name: Ensure that the service is disabled and stopped
service: name=orientdb state=stopped enabled=no
- name: Remove the orientdb SysV startup file
file: dest=/etc/init.d/orientdb state=absent
when: ansible_service_mgr != 'systemd'
- name: Remove the orientdb systemd unit
file: dest=/usr/lib/systemd/system/orientdb.service state=absent
when: ansible_service_mgr == 'systemd'
- name: Remove the link to the orientdb distribution
file: dest={{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }} state=absent
- name: Remove the default options file
file: dest=/etc/default/orientdb state=absent
- name: Remove the backup cleaner script
file: dest=/usr/local/bin/orientdb-backup-cleaner state=absent
- name: Remove the backup cleaner cron job
cron:
cron_file: 'orientdb-backup-cleaner'
disabled: no
job: "/usr/local/bin/orientdb-backup-cleaner >/dev/null 2>&1"
special_time: daily
user: '{{ orientdb_user }}'
name: "Remove old orientdb backups"
state: absent
tags: orientdb
when: not orientdb_install

11
templates/automatic-backup.json.j2 Normal file
View File

@ -0,0 +1,11 @@
{
"enabled": {{ orientdb_automatic_backup | ternary('true','false') }},
"mode": "{{ orientdb_automatic_backup_mode }}",
"exportOptions": "{{ orientdb_automatic_backup_export_options }}",
"delay": "{{ orientdb_automatic_backup_delay }}",
"firstTime": "{{ orientdb_automatic_backup_first_time }}",
"targetDirectory": "{{ orientdb_automatic_backup_directory }}",
"targetFileName": "{{ orientdb_automatic_backup_target_file_name }}",
"compressionLevel": {{orientdb_automatic_backup_compression_level }},
"bufferSize": {{ orientdb_automatic_backup_buffer_size }}
}

8
templates/backup-cleaner.sh.j2 Normal file
View File

@ -0,0 +1,8 @@
#!/bin/bash
BACKUP_RETENTION_DAYS="{{ orientdb_automatic_backup_retention_days }}"
BACKUP_DIRECTORY="{{ orientdb_automatic_backup_directory }}"
find ${BACKUP_DIRECTORY} -atime +${BACKUP_RETENTION_DAYS} -type f -exec rm -f {} \;
exit 0

18
templates/default-distributed-db-config.json.j2 Normal file
View File

@ -0,0 +1,18 @@
{
"autoDeploy": {{ orientdb_distributed_autodeploy }},
"readQuorum": {{ orientdb_distributed_readquorum }},
"writeQuorum": "{{ orientdb_distributed_writequorum }}",
"executionMode": "{{ orientdb_distributed_executionmode }}",
"readYourWrites": {{ orientdb_distributed_readyourwrites }},
"newNodeStrategy": "{{ orientdb_new_node_strategy }}",
"servers": {
"*": "master"
},
"clusters": {
"internal": {
},
"*": {
"servers": ["<NEW_NODE>"]
}
}
}

45
templates/hazelcast.xml.j2 Normal file
View File

@ -0,0 +1,45 @@
<?xml version="1.0" encoding="UTF-8"?>
<!-- ~ Copyright (c) 2008-2012, Hazel Bilisim Ltd. All Rights Reserved. ~
~ Licensed under the Apache License, Version 2.0 (the "License"); ~ you may
not use this file except in compliance with the License. ~ You may obtain
a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 ~
~ Unless required by applicable law or agreed to in writing, software ~ distributed
under the License is distributed on an "AS IS" BASIS, ~ WITHOUT WARRANTIES
OR CONDITIONS OF ANY KIND, either express or implied. ~ See the License for
the specific language governing permissions and ~ limitations under the License. -->
<hazelcast
xsi:schemaLocation="http://www.hazelcast.com/schema/config hazelcast-config-3.3.xsd"
xmlns="http://www.hazelcast.com/schema/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<group>
<name>{{ orientdb_hazelcast_group_name }}</name>
<password>{{ orientdb_hazelcast_group_password }}</password>
</group>
<network>
<port auto-increment="true">{{ orientdb_hazelcast_port_min }}</port>
<join>
<multicast enabled="{{ orientdb_hazelcast_multicast_enabled | ternary('true','false') }}">
<multicast-group>{{ orientdb_hazelcast_multicast_group }}</multicast-group>
<multicast-port>{{ orientdb_hazelcast_port_min }}</multicast-port>
</multicast>
{% if not orientdb_hazelcast_multicast_enabled %}
<tcp-ip enabled="true">
{% for node in orientdb_hazelcast_unicast_members %}
<member>{{ node.member }}:{{ node.port | default(orientdb_hazelcast_port_min) }}</member>
{% endfor %}
</tcp-ip>
{% endif %}
</join>
{% if orientbd_hazelcast_encryption %}
<symmetric-encryption enabled="true">
<algorithm>Blowfish</algorithm>
<salt>{{ orientdb_hazelcast_salt }}</salt>
<password>{{ orientdb_hazelcast_pwd }}</password>
<iteration-count>19</iteration-count>
</symmetric-encryption>
{% endif %}
</network>
<executor-service>
<pool-size>16</pool-size>
</executor-service>
</hazelcast>

42
templates/orientdb-letsencrypt-acme.sh.j2 Normal file
View File

@ -0,0 +1,42 @@
#!/bin/bash
ORIENTDB_ENABLED="{{ orientdb_enabled }}"
RETVAL=0
# Add the CA certificate if it's not already present
keytool -list -keystore {{ java_keyring_file }} -storepass {{ java_keyring_pwd }} -noprompt | grep {{ java_keyring_letsencrypt_trusted_ca }}
RETVAL=$?
if [ $RETVAL -ne 0 ] ; then
keytool -trustcacerts -keystore "{{ java_keyring_file }}" -storepass {{ java_keyring_pwd }} -noprompt -importcert -alias "{{ java_keyring_letsencrypt_trusted_ca }}" -dname "CN={{ ansible_fqdn }}" -file "{{ letsencrypt_acme_certs_dir }}/fullchain"
fi
# Remove the old certificate
keytool -storepass {{ java_keyring_pwd }} -keystore "{{ java_keyring_file }}" -delete -alias "{{ ansible_fqdn }}"
# Check if the old certificate is still present. If so, we have a problem. Otherwise, import the new one
keytool -list -keystore {{ java_keyring_file }} -storepass {{ java_keyring_pwd }} -noprompt | grep {{ ansible_fqdn }}
RETVAL=$?
if [ $RETVAL -ne 0 ] ; then
openssl pkcs12 -export -in {{ letsencrypt_acme_certs_dir }}/cert -inkey {{ letsencrypt_acme_certs_dir }}/privkey -CAfile {{ letsencrypt_acme_certs_dir }}/fullchain -name "{{ ansible_fqdn }}" -out /var/tmp/{{ ansible_fqdn }}.p12 -password pass:{{ java_keyring_pwd }}
keytool -importkeystore -srcstorepass {{ java_keyring_pwd }} -deststorepass {{ java_keyring_pwd }} -destkeystore {{ java_keyring_file }} -srckeystore /var/tmp/{{ ansible_fqdn }}.p12 -srcstoretype PKCS12
rm -f /var/tmp/{{ ansible_fqdn }}.p12
else
logger "orientdb letsencrypt hook: the old certificate is still present inside the keystore, aborting."
exit 1
fi
chmod 440 "{{ java_keyring_file }}"
chgrp {{ orientdb_user }} "{{ java_keyring_file }}"
if [ "$ORIENTDB_ENABLED" == "True" ] ; then
logger "orientdb letsencrypt hook: shut down orientdb."
/etc/init.d/orientdb stop
sleep 30
/etc/init.d/orientdb start
logger "orientdb letsencrypt hook: start orientdb."
else
logger "orientdb letsencrypt hook: the service is disabled, we do not restart it."
fi
logger "orientdb letsencrypt hook: the keystore has been updated with the renewed certificate."
exit $RETVAL

3
templates/orientdb-nrpe.cfg.j2 Normal file
View File

@ -0,0 +1,3 @@
# Restart orientdb (via handler)
command[global_restart_orientdb]=/usr/bin/sudo /etc/init.d/orientdb start

118
templates/orientdb-server-config.xml.j2 Normal file
View File

@ -0,0 +1,118 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<orient-server>
<handlers>
{% if orientbd_graph_server_enabled %}
<handler class="com.orientechnologies.tinkerpop.handler.OGraphServerHandler">
<parameters>
<parameter name="enabled" value="true"/>
<parameter name="graph.pool.max" value="50"/>
</parameters>
</handler>
{% endif %}
<handler class="com.orientechnologies.orient.server.hazelcast.OHazelcastPlugin">
<parameters>
<parameter value="{{ orientdb_distributed | ternary('true','false') }}" name="enabled"/>
<parameter value="{{ ansible_hostname }}" name="nodeName"/>
<parameter value="${ORIENTDB_HOME}/config/default-distributed-db-config.json" name="configuration.db.default"/>
<parameter value="${ORIENTDB_HOME}/config/hazelcast.xml" name="configuration.hazelcast"/>
</parameters>
</handler>
<handler class="com.orientechnologies.orient.server.handler.OJMXPlugin">
<parameters>
<parameter value="false" name="enabled"/>
<parameter value="true" name="profilerManaged"/>
</parameters>
</handler>
<handler class="com.orientechnologies.orient.server.handler.OAutomaticBackup">
<parameters>
<parameter value="true" name="enabled"/>
<parameter value="${ORIENTDB_HOME}/config/automatic-backup.json" name="config"/>
</parameters>
</handler>
<handler class="com.orientechnologies.orient.server.handler.OServerSideScriptInterpreter">
<parameters>
<parameter value="true" name="enabled"/>
<parameter value="SQL" name="allowedLanguages"/>
</parameters>
</handler>
<handler class="com.orientechnologies.orient.server.handler.OCustomSQLFunctionPlugin">
<parameters>
<parameter value="${ORIENTDB_HOME}/config/custom-sql-functions.json" name="config"/>
</parameters>
</handler>
</handlers>
<network>
<sockets>
<socket implementation="com.orientechnologies.orient.server.network.OServerTLSSocketFactory" name="ssl">
<parameters>
{% if orientdb_ssl_client_auth_enabled %}
<parameter value="true" name="network.ssl.clientAuth"/>
{% else %}
<parameter value="false" name="network.ssl.clientAuth"/>
{% endif %}
<parameter value="{{ java_keyring_file }}" name="network.ssl.keyStore"/>
<parameter value="{{ java_keyring_pwd }}" name="network.ssl.keyStorePassword"/>
<parameter value="{{ java_keyring_file }}" name="network.ssl.trustStore"/>
<parameter value="{{ java_keyring_pwd }}" name="network.ssl.trustStorePassword"/>
</parameters>
</socket>
<socket implementation="com.orientechnologies.orient.server.network.OServerTLSSocketFactory" name="https">
<parameters>
{% if orientdb_ssl_client_auth_enabled %}
<parameter value="true" name="network.ssl.clientAuth"/>
{% else %}
<parameter value="false" name="network.ssl.clientAuth"/>
{% endif %}
<parameter value="{{ java_keyring_file }}" name="network.ssl.keyStore"/>
<parameter value="{{ java_keyring_pwd }}" name="network.ssl.keyStorePassword"/>
<parameter value="{{ java_keyring_file }}" name="network.ssl.trustStore"/>
<parameter value="{{ java_keyring_pwd }}" name="network.ssl.trustStorePassword"/>
</parameters>
</socket>
</sockets>
<protocols>
<protocol implementation="com.orientechnologies.orient.server.network.protocol.binary.ONetworkProtocolBinary" name="binary"/>
<protocol implementation="com.orientechnologies.orient.server.network.protocol.http.ONetworkProtocolHttpDb" name="http"/>
</protocols>
<listeners>
<listener protocol="binary" socket="default" port-range="{{ orientdb_binary_protocol_lower_port }}-{{ orientdb_binary_protocol_higher_port }}" ip-address="0.0.0.0"/>
{% if orientdb_ssl_enabled %}
<listener protocol="binary" socket="ssl" port-range="{{ orientdb_ssl_protocol_lower_port }}-{{ orientdb_ssl_protocol_higher_port }}" ip-address="0.0.0.0"/>
{% endif %}
<listener protocol="http" socket="default" port-range="{{ orientdb_http_protocol_lower_port }}-{{ orientdb_http_protocol_higher_port }}" ip-address="0.0.0.0">
<commands>
<command implementation="com.orientechnologies.orient.server.network.protocol.http.command.get.OServerCommandGetStaticContent" pattern="GET|www GET|studio/ GET| GET|*.htm GET|*.html GET|*.xml GET|*.jpeg GET|*.jpg GET|*.png GET|*.gif GET|*.js GET|*.css GET|*.swf GET|*.ico GET|*.txt GET|*.otf GET|*.pjs GET|*.svg GET|*.json GET|*.woff GET|*.woff2 GET|*.ttf GET|*.svgz" stateful="false">
<parameters>
<entry value="Cache-Control: no-cache, no-store, max-age=0, must-revalidate\r\nPragma: no-cache" name="http.cache:*.htm *.html"/>
<entry value="Cache-Control: max-age=120" name="http.cache:default"/>
</parameters>
</command>
<command implementation="com.orientechnologies.orient.server.network.protocol.http.command.get.OServerCommandGetGephi" pattern="GET|gephi/*" stateful="false"/>
</commands>
<parameters>
<parameter value="utf-8" name="network.http.charset"/>
<parameter value="true" name="network.http.jsonResponseError"/>
</parameters>
</listener>
</listeners>
</network>
<storages/>
<users>
<user resources="*" password="{{ orientdb_root_pwd }}" name="{{ orientdb_root_username }}"/>
</users>
<properties>
<entry value="1" name="db.pool.min"/>
<entry value="50" name="db.pool.max"/>
<entry value="50" name="script.pool.maxSize"/>
<!-- Profile is available in enterprise edition only http://orientdb.com/docs/3.0.x/tuning/Profiler.html -->
<entry value="false" name="profiler.enabled"/>
<entry value="0" name="distributed.autoRemoveOfflineServers"/>
<entry value="{{ orientdb_data_dir }}" name="server.database.path" />
</properties>
<hooks>
{% for class in orientdb_hooks_classes %}
<hook class="{{ class.name }}" position="{{ class.position }}"/>
{% endfor %}
</hooks>
<isAfterFirstTime>true</isAfterFirstTime>
</orient-server>

46
templates/orientdb-server-log.properties.j2 Normal file
View File

@ -0,0 +1,46 @@
#
# /*
# * Copyright 2014 Orient Technologies LTD (info(at)orientechnologies.com)
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
# * you may not use this file except in compliance with the License.
# * You may obtain a copy of the License at
# *
# * http://www.apache.org/licenses/LICENSE-2.0
# *
# * Unless required by applicable law or agreed to in writing, software
# * distributed under the License is distributed on an "AS IS" BASIS,
# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# * See the License for the specific language governing permissions and
# * limitations under the License.
# *
# * For more information: http://www.orientechnologies.com
# */
#
# Specify the handlers to create in the root logger
# (all loggers are children of the root logger)
# The following creates two handlers
handlers = java.util.logging.ConsoleHandler, java.util.logging.FileHandler
# Set the default logging level for the root logger
.level = {{ orientdb_log_level }}
com.orientechnologies.level = {{ orientdb_log_level }}
com.orientechnologies.orient.server.distributed.level = {{ orientdb_log_level }}
# Set the default logging level for new ConsoleHandler instances
java.util.logging.ConsoleHandler.level = {{ orientdb_log_level }}
# Set the default formatter for new ConsoleHandler instances
java.util.logging.ConsoleHandler.formatter = com.orientechnologies.common.log.OAnsiLogFormatter
# Set the default logging level for new FileHandler instances
java.util.logging.FileHandler.level = {{ orientdb_log_level }}
# Naming style for the output file
java.util.logging.FileHandler.pattern={{ orientdb_log_dir }}/orient-server.log
# Set the default formatter for new FileHandler instances
java.util.logging.FileHandler.formatter = com.orientechnologies.common.log.OLogFormatter
# Limiting size of output file in bytes:
java.util.logging.FileHandler.limit=10000000
# Number of output files to cycle through, by appending an
# integer to the base file name:
java.util.logging.FileHandler.count=10

8
templates/orientdb.default.j2 Normal file
View File

@ -0,0 +1,8 @@
export ORIENTDB_DIR="{{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}"
export ORIENTDB_USER="{{ orientdb_user }}"
export ORIENTDB_OPTS_MEMORY="{{ orientdb_java_heap }}"
export ORIENTDB_SETTINGS="{{ orientdb_default_settings }}"
ORIENTDB_SERVER_OPTS=
{% if orientdb_distributed %}
ORIENTDB_SERVER_OPTS="-Ddistributed=true"
{% endif %}

83
templates/orientdb.init.j2 Executable file
View File

@ -0,0 +1,83 @@
#!/bin/bash
# OrientDB service script
#
# Copyright (c) Orient Technologies LTD (http://www.orientechnologies.com)
# chkconfig: 2345 20 80
# description: OrientDb init script
# processname: orientdb.sh
# You have to SET the OrientDB installation directory here
if [ -f /etc/default/orientdb ] ; then
. /etc/default/orientdb
else
ORIENTDB_DIR="{{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}"
ORIENTDB_USER="{{ orientdb_user }}"
fi
usage() {
echo "Usage: `basename $0`: <start|stop|status>"
exit 1
}
start() {
status
if [ $PID -gt 0 ]
then
echo "OrientDB server daemon was already started. PID: $PID"
return $PID
fi
echo "Starting OrientDB server daemon..."
cd "$ORIENTDB_DIR/bin"
su $ORIENTDB_USER -c "cd \"$ORIENTDB_DIR/bin\"; /usr/bin/nohup ./server.sh $ORIENTDB_SERVER_OPTS >> {{ orientdb_log_dir }}/orientdb.log 2>&1 &"
}
stop() {
status
if [ $PID -eq 0 ]
then
echo "OrientDB server daemon is already not running"
return 0
fi
echo "Stopping OrientDB server daemon..."
cd "$ORIENTDB_DIR/bin"
su $ORIENTDB_USER -c "cd \"$ORIENTDB_DIR/bin\"; /usr/bin/nohup ./shutdown.sh >> {{ orientdb_log_dir }}/orientdb.log 2>&1"
}
status() {
PID=` ps auxw | grep 'orientdb.www.path' | grep java | grep -v grep | awk '{print $2}'`
if [ "x$PID" = "x" ]
then
PID=0
fi
# if PID is greater than 0 then OrientDB is running, else it is not
return $PID
}
if [ "x$1" = "xstart" ]
then
start
exit 0
fi
if [ "x$1" = "xstop" ]
then
stop
exit 0
fi
if [ "x$1" = "xstatus" ]
then
status
if [ $PID -gt 0 ]
then
echo "OrientDB server daemon is running with PID: $PID"
exit 0
else
echo "OrientDB server daemon is NOT running"
exit 3
fi
fi
usage

21
templates/orientdb.service.j2 Normal file
View File

@ -0,0 +1,21 @@
[Unit]
Description=OrientDB Server
After=network.target
After=syslog.target
[Install]
WantedBy=multi-user.target
[Service]
Type=simple
User={{ orientdb_user }}
Group={{ orientdb_user }}
Restart=always
RestartSec=10
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=orientdb
ExecStart={{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}/bin/server.sh
ExecStop={{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}/bin/shutdown.sh
ExecStatus={{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}/bin/orientdb.sh status
ExecReload=/bin/kill -HUP $MAINPID