Import the orientdb role. Add a systemd unit file.
parent
7768bdf413
commit
805c1c2669
@ -1,2 +1,81 @@
|
||||
---
|
||||
# defaults file for ansible-role-template
|
||||
orientdb_install: False
|
||||
orientdb_enabled: True
|
||||
orientdb_version: 3.0.31
|
||||
orientdb_archive_commpression: tar.gz
|
||||
orientdb_dir: 'orientdb'
|
||||
orientdb_tar_filename: '{{ orientdb_dir }}-{{ orientdb_version }}'
|
||||
orientdb_tar_file: '{{ orientdb_tar_filename }}.{{ orientdb_archive_commpression }}'
|
||||
orientdb_binary_distribution_url: 'https://s3.us-east-2.amazonaws.com/orientdb3/releases/{{ orientdb_version }}/{{ orientdb_tar_file }}'
|
||||
orientdb_user: orientdb
|
||||
orientdb_log_dir: /var/log/orientdb
|
||||
orientdb_log_level: INFO
|
||||
orientdb_home_prefix: /home
|
||||
orientdb_base_dir: '{{ orientdb_home_prefix }}/{{ orientdb_user }}'
|
||||
orientdb_install_dir: '{{ orientdb_base_dir }}/{{ orientdb_dir }}'
|
||||
orientdb_data_dir: '{{ orientdb_home_prefix }}/{{ orientdb_user }}/databases'
|
||||
orientdb_pid_dir: '{{ orientdb_home_prefix }}/{{ orientdb_user }}/pid'
|
||||
orientdb_configuration_files:
|
||||
- orientdb-server-log.properties
|
||||
- orientdb-server-config.xml
|
||||
- default-distributed-db-config.json
|
||||
- hazelcast.xml
|
||||
- automatic-backup.json
|
||||
|
||||
orientdb_ssl_enabled: False
|
||||
orientdb_letsencrypt_ssl_enabled: False
|
||||
orientdb_ssl_client_auth_enabled: False
|
||||
|
||||
orientdb_hooks_classes:
|
||||
- { name: 'org.gcube.informationsystem.orientdb.hooks.HeaderHook', position: 'REGULAR' }
|
||||
- { name: 'org.gcube.informationsystem.orientdb.hooks.ConsistsOfHook', position: 'REGULAR' }
|
||||
- { name: 'org.gcube.informationsystem.orientdb.hooks.IsRelatedToHook', position: 'REGULAR' }
|
||||
|
||||
#orientdb_hooks_jars:
|
||||
# - 'http://maven.research-infrastructures.eu/nexus/service/local/artifact/maven/redirect?r=gcube-snapshots&g=org.gcube.information-system&a=resource-registry-orientdb-hooks&v=1.3.0-SNAPSHOT&e=jar&c=jar-with-dependencies'
|
||||
#orientdb_hooks_to_be_removed:
|
||||
# - hook*.jar
|
||||
|
||||
orientdb_binary_protocol_lower_port: 2424
|
||||
orientdb_binary_protocol_higher_port: 2430
|
||||
orientdb_ssl_protocol_lower_port: 2434
|
||||
orientdb_ssl_protocol_higher_port: 2440
|
||||
orientdb_http_protocol_lower_port: 2480
|
||||
orientdb_http_protocol_higher_port: 2490
|
||||
|
||||
orientdb_java_heap: '-Xms1024m -Xmx2048m'
|
||||
orientdb_default_settings: ''
|
||||
|
||||
orientdb_distributed: False
|
||||
orientdb_distributed_autodeploy: 'true'
|
||||
orientdb_distributed_writequorum: 'majority'
|
||||
#orientdb_distributed_writequorum: 'all'
|
||||
orientdb_distributed_readquorum: 1
|
||||
orientdb_distributed_readyourwrites: 'true'
|
||||
orientdb_distributed_executionmode: 'undefined'
|
||||
orientdb_new_node_strategy: 'dynamic'
|
||||
|
||||
orientbd_graph_server_enabled: False
|
||||
|
||||
orientdb_hazelcast_group_name: orientdb
|
||||
orientdb_hazelcast_group_password: orientdb
|
||||
orientbd_hazelcast_encryption: False
|
||||
orientdb_hazelcast_port_min: 2434
|
||||
orientdb_hazelcast_port_max: 2454
|
||||
orientdb_hazelcast_multicast_enabled: False
|
||||
orientdb_hazelcast_multicast_group: 235.1.1.1
|
||||
orientdb_hazelcast_unicast_members:
|
||||
- { member: 'localhost', port: '{{ orientdb_hazelcast_port_min }}' }
|
||||
|
||||
|
||||
# For Reference see http://orientdb.com/docs/3.0.x/plugins/Automatic-Backup.html
|
||||
orientdb_automatic_backup: True
|
||||
orientdb_automatic_backup_mode: 'EXPORT'
|
||||
orientdb_automatic_backup_export_options: ''
|
||||
orientdb_automatic_backup_delay: 24h
|
||||
orientdb_automatic_backup_first_time: '23:00:00'
|
||||
orientdb_automatic_backup_directory: '{{ orientdb_home_prefix }}/{{ orientdb_user }}/backups'
|
||||
orientdb_automatic_backup_target_file_name: '${DBNAME}-${DATE:yyyyMMddHHmmss}.zip'
|
||||
orientdb_automatic_backup_compression_level: 9
|
||||
orientdb_automatic_backup_buffer_size: 1048576
|
||||
orientdb_automatic_backup_retention_days: '7'
|
||||
|
@ -1,2 +1,4 @@
|
||||
---
|
||||
# handlers file for ansible-role-template
|
||||
- name: Restart orientdb
|
||||
service: name=orientdb state=restarted sleep=30
|
||||
when: orientdb_enabled
|
||||
|
@ -1,46 +1,32 @@
|
||||
galaxy_info:
|
||||
author: your name
|
||||
description: your description
|
||||
company: your company (optional)
|
||||
author: Andrea Dell'Amico
|
||||
description: Systems Architect
|
||||
company: ISTI-CNR
|
||||
|
||||
# If the issue tracker for your role is not on github, uncomment the
|
||||
# next line and provide a value
|
||||
issue_tracker_url: https://support.d4science.org/projects/automatic-provisioning/issues
|
||||
issue_tracker_url: https://redmine-s2i2s.isti.cnr.it/projects/provisioning
|
||||
|
||||
license: EUPL-1.2
|
||||
license: EUPL 1.2+
|
||||
|
||||
min_ansible_version: 2.8
|
||||
|
||||
# If this a Container Enabled role, provide the minimum Ansible Container version.
|
||||
# min_ansible_container_version:
|
||||
|
||||
# Optionally specify the branch Galaxy will use when accessing the GitHub
|
||||
# repo for this role. During role install, if no tags are available,
|
||||
# Galaxy will use this branch. During import Galaxy will access files on
|
||||
# this branch. If Travis integration is configured, only notifications for this
|
||||
# branch will be accepted. Otherwise, in all cases, the repo's default branch
|
||||
# (usually master) will be used.
|
||||
#github_branch:
|
||||
|
||||
#
|
||||
# Provide a list of supported platforms, and for each platform a list of versions.
|
||||
# If you don't wish to enumerate all versions for a particular platform, use 'all'.
|
||||
# To view available platforms and versions (or releases), visit:
|
||||
# https://galaxy.ansible.com/api/v1/platforms/
|
||||
#
|
||||
platforms:
|
||||
- name: Ubuntu
|
||||
versions:
|
||||
- bionic
|
||||
|
||||
galaxy_tags: []
|
||||
# List tags for your role here, one per line. A tag is a keyword that describes
|
||||
# and categorizes the role. Users find roles by searching for tags. Be sure to
|
||||
# remove the '[]' above, if you add tags to this list.
|
||||
#
|
||||
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
|
||||
# Maximum 20 tags per role.
|
||||
- name: Ubuntu
|
||||
versions:
|
||||
- Trusty
|
||||
- bionic
|
||||
- name: EL
|
||||
versions:
|
||||
- 7
|
||||
|
||||
galaxy_tags:
|
||||
- orientdb
|
||||
|
||||
dependencies:
|
||||
- src: git+https://gitea-s2i2s.isti.cnr.it/ISTI-ansible-roles/ansible-role-openjdk.git
|
||||
version: master
|
||||
name: openjdk
|
||||
state: latest
|
||||
|
||||
dependencies: []
|
||||
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
|
||||
# if you add dependencies to this list.
|
@ -1,2 +1,162 @@
|
||||
---
|
||||
# tasks file for ansible-role-template
|
||||
- block:
|
||||
- name: Create the orientdb user
|
||||
user: name={{ orientdb_user }} home={{ orientdb_base_dir }} createhome=yes shell=/bin/bash
|
||||
|
||||
- name: Get the orientdb distribution
|
||||
get_url: url={{ orientdb_binary_distribution_url }} dest={{ orientdb_base_dir }}/{{ orientdb_tar_file }} validate_certs=no
|
||||
|
||||
- name: Unpack the orientdb distribution
|
||||
unarchive: src={{ orientdb_base_dir }}/{{ orientdb_tar_file }} dest={{ orientdb_base_dir }} copy=no
|
||||
args:
|
||||
creates: '{{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}-{{ orientdb_version }}'
|
||||
|
||||
- name: Link to the latest version
|
||||
become: True
|
||||
become_user: '{{ orientdb_user }}'
|
||||
file: src={{ orientdb_tar_filename }} dest={{ orientdb_install_dir }} state=link
|
||||
|
||||
- name: Create a orientdb log directory out of the distribution directory
|
||||
file: dest={{ orientdb_log_dir }} state=directory owner={{ orientdb_user }} group={{ orientdb_user }} mode=0755
|
||||
|
||||
- name: Link the log directory inside the orientdb user home
|
||||
become: True
|
||||
become_user: '{{ orientdb_user }}'
|
||||
file: dest={{ orientdb_home_prefix }}/{{ orientdb_user }}/logs src={{ orientdb_log_dir }} state=link
|
||||
|
||||
- name: Create the needed directory inside the orientdb user home
|
||||
become: True
|
||||
become_user: '{{ orientdb_user }}'
|
||||
file: dest={{ item }} state=directory mode=0750
|
||||
with_items:
|
||||
- '{{ orientdb_data_dir }}'
|
||||
- '{{ orientdb_pid_dir }}'
|
||||
- '{{ orientdb_automatic_backup_directory }}'
|
||||
|
||||
- name: Remove the old hook jars
|
||||
shell: rm -f {{ orientdb_install_dir }}/lib/{{ item }}
|
||||
with_items: '{{ orientdb_hooks_to_be_removed | default([]) }}'
|
||||
tags: [ 'orientdb', 'orientdb_hooks' ]
|
||||
|
||||
- name: Fetch and install the hook jars
|
||||
get_url: url='{{ item }}' dest={{ orientdb_install_dir }}/lib
|
||||
with_items: '{{ orientdb_hooks_jars | default([]) }}'
|
||||
notify: Restart orientdb
|
||||
tags: [ 'orientdb', 'orientdb_hooks' ]
|
||||
|
||||
- name: Install the orientdb default settings
|
||||
template: src=orientdb.default.j2 dest=/etc/default/orientdb owner=root group=root mode=0444
|
||||
notify: Restart orientdb
|
||||
|
||||
- name: Fix the pid file path inside the start and shutdown scripts
|
||||
lineinfile: dest={{ orientdb_install_dir }}/bin/{{ item }} regexp="^ORIENTDB_PID=.*$" line="ORIENTDB_PID={{ orientdb_pid_dir }}/orientdb.pid" insertafter="^PRG=.*$" firstmatch=yes
|
||||
with_items:
|
||||
- server.sh
|
||||
- shutdown.sh
|
||||
tags: [ 'orientdb', 'orientdb_pid' ]
|
||||
|
||||
- name: Install the orientdb configuration files
|
||||
template: src={{ item }}.j2 dest={{ orientdb_install_dir }}/config/{{ item }} owner={{ orientdb_user }} group={{ orientdb_user }} mode=0640
|
||||
with_items: '{{ orientdb_configuration_files }}'
|
||||
notify: Restart orientdb
|
||||
tags: [ 'orientdb', 'orientdb_config' ]
|
||||
|
||||
- name: Install the nagios nrpe configuration
|
||||
template: src=orientdb-nrpe.cfg.j2 dest={{ nrpe_include_dir }}/orientdb-nrpe.cfg owner=root group=root mode=0444
|
||||
notify: Reload NRPE server
|
||||
when:
|
||||
- nrpe_include_dir is defined
|
||||
- nagios_enabled is defined and nagios_enabled
|
||||
tags: [ 'orientdb', 'orientdb_nagios' ]
|
||||
|
||||
- name: Install the orientdb SYSV startup script
|
||||
template: src=orientdb.init.j2 dest=/etc/init.d/orientdb owner=root group=root mode=0755
|
||||
tags: [ 'orientdb', 'orientdb_init' ]
|
||||
when: ansible_service_mgr != 'systemd'
|
||||
|
||||
- name: Install the orientdb systemd unit
|
||||
template: src=orientdb.service.j2 dest=/usr/lib/systemd/system/orientdb.service owner=root group=root mode=0644
|
||||
tags: [ 'orientdb', 'orientdb_init' ]
|
||||
when: ansible_service_mgr == 'systemd'
|
||||
register: reload_systemd
|
||||
|
||||
- name: Reload the systemd service
|
||||
systemd:
|
||||
daemon_reload: yes
|
||||
when: reload_systemd is changed
|
||||
|
||||
- name: Ensure that the service is enabled and running
|
||||
service: name=orientdb state=started enabled=yes
|
||||
when: orientdb_enabled
|
||||
|
||||
- name: Ensure that the service is stopped and disabled
|
||||
service: name=orientdb state=stopped enabled=no
|
||||
when: not orientdb_enabled
|
||||
|
||||
tags: orientdb
|
||||
when: orientdb_install
|
||||
|
||||
- block:
|
||||
- name: Install a script that removes the old orientdb backups
|
||||
template: src=backup-cleaner.sh.j2 dest=/usr/local/bin/orientdb-backup-cleaner owner=root group=root mode=555
|
||||
|
||||
- name: Add a cron job that removes the old backups
|
||||
cron:
|
||||
cron_file: 'orientdb-backup-cleaner'
|
||||
disabled: no
|
||||
job: "/usr/local/bin/orientdb-backup-cleaner >/dev/null 2>&1"
|
||||
special_time: daily
|
||||
user: '{{ orientdb_user }}'
|
||||
name: "Remove old orientdb backups"
|
||||
state: present
|
||||
|
||||
tags: [ 'orientdb', 'orientdb_backup' ]
|
||||
when: orientdb_install
|
||||
|
||||
|
||||
- block:
|
||||
- name: Create the acme hooks directory if it does not yet exist
|
||||
file: dest={{ letsencrypt_acme_services_scripts_dir }} state=directory owner=root group=root
|
||||
|
||||
- name: Install a letsencrypt hook to update the orientdb certificate
|
||||
template: src=orientdb-letsencrypt-acme.sh.j2 dest={{ letsencrypt_acme_services_scripts_dir }}/orientdb owner=root group=root mode=4555
|
||||
|
||||
tags: [ 'orientdb', 'letsencrypt', 'orientdb_letsencrypt' ]
|
||||
when:
|
||||
- orientdb_install
|
||||
- orientdb_letsencrypt_ssl_enabled
|
||||
|
||||
- block:
|
||||
- name: Ensure that the service is disabled and stopped
|
||||
service: name=orientdb state=stopped enabled=no
|
||||
|
||||
- name: Remove the orientdb SysV startup file
|
||||
file: dest=/etc/init.d/orientdb state=absent
|
||||
when: ansible_service_mgr != 'systemd'
|
||||
|
||||
- name: Remove the orientdb systemd unit
|
||||
file: dest=/usr/lib/systemd/system/orientdb.service state=absent
|
||||
when: ansible_service_mgr == 'systemd'
|
||||
|
||||
- name: Remove the link to the orientdb distribution
|
||||
file: dest={{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }} state=absent
|
||||
|
||||
- name: Remove the default options file
|
||||
file: dest=/etc/default/orientdb state=absent
|
||||
|
||||
- name: Remove the backup cleaner script
|
||||
file: dest=/usr/local/bin/orientdb-backup-cleaner state=absent
|
||||
|
||||
- name: Remove the backup cleaner cron job
|
||||
cron:
|
||||
cron_file: 'orientdb-backup-cleaner'
|
||||
disabled: no
|
||||
job: "/usr/local/bin/orientdb-backup-cleaner >/dev/null 2>&1"
|
||||
special_time: daily
|
||||
user: '{{ orientdb_user }}'
|
||||
name: "Remove old orientdb backups"
|
||||
state: absent
|
||||
|
||||
tags: orientdb
|
||||
when: not orientdb_install
|
||||
|
||||
|
@ -0,0 +1,11 @@
|
||||
{
|
||||
"enabled": {{ orientdb_automatic_backup | ternary('true','false') }},
|
||||
"mode": "{{ orientdb_automatic_backup_mode }}",
|
||||
"exportOptions": "{{ orientdb_automatic_backup_export_options }}",
|
||||
"delay": "{{ orientdb_automatic_backup_delay }}",
|
||||
"firstTime": "{{ orientdb_automatic_backup_first_time }}",
|
||||
"targetDirectory": "{{ orientdb_automatic_backup_directory }}",
|
||||
"targetFileName": "{{ orientdb_automatic_backup_target_file_name }}",
|
||||
"compressionLevel": {{orientdb_automatic_backup_compression_level }},
|
||||
"bufferSize": {{ orientdb_automatic_backup_buffer_size }}
|
||||
}
|
@ -0,0 +1,8 @@
|
||||
#!/bin/bash
|
||||
|
||||
BACKUP_RETENTION_DAYS="{{ orientdb_automatic_backup_retention_days }}"
|
||||
BACKUP_DIRECTORY="{{ orientdb_automatic_backup_directory }}"
|
||||
|
||||
find ${BACKUP_DIRECTORY} -atime +${BACKUP_RETENTION_DAYS} -type f -exec rm -f {} \;
|
||||
|
||||
exit 0
|
@ -0,0 +1,18 @@
|
||||
{
|
||||
"autoDeploy": {{ orientdb_distributed_autodeploy }},
|
||||
"readQuorum": {{ orientdb_distributed_readquorum }},
|
||||
"writeQuorum": "{{ orientdb_distributed_writequorum }}",
|
||||
"executionMode": "{{ orientdb_distributed_executionmode }}",
|
||||
"readYourWrites": {{ orientdb_distributed_readyourwrites }},
|
||||
"newNodeStrategy": "{{ orientdb_new_node_strategy }}",
|
||||
"servers": {
|
||||
"*": "master"
|
||||
},
|
||||
"clusters": {
|
||||
"internal": {
|
||||
},
|
||||
"*": {
|
||||
"servers": ["<NEW_NODE>"]
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,45 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!-- ~ Copyright (c) 2008-2012, Hazel Bilisim Ltd. All Rights Reserved. ~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License"); ~ you may
|
||||
not use this file except in compliance with the License. ~ You may obtain
|
||||
a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 ~
|
||||
~ Unless required by applicable law or agreed to in writing, software ~ distributed
|
||||
under the License is distributed on an "AS IS" BASIS, ~ WITHOUT WARRANTIES
|
||||
OR CONDITIONS OF ANY KIND, either express or implied. ~ See the License for
|
||||
the specific language governing permissions and ~ limitations under the License. -->
|
||||
|
||||
<hazelcast
|
||||
xsi:schemaLocation="http://www.hazelcast.com/schema/config hazelcast-config-3.3.xsd"
|
||||
xmlns="http://www.hazelcast.com/schema/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||
<group>
|
||||
<name>{{ orientdb_hazelcast_group_name }}</name>
|
||||
<password>{{ orientdb_hazelcast_group_password }}</password>
|
||||
</group>
|
||||
<network>
|
||||
<port auto-increment="true">{{ orientdb_hazelcast_port_min }}</port>
|
||||
<join>
|
||||
<multicast enabled="{{ orientdb_hazelcast_multicast_enabled | ternary('true','false') }}">
|
||||
<multicast-group>{{ orientdb_hazelcast_multicast_group }}</multicast-group>
|
||||
<multicast-port>{{ orientdb_hazelcast_port_min }}</multicast-port>
|
||||
</multicast>
|
||||
{% if not orientdb_hazelcast_multicast_enabled %}
|
||||
<tcp-ip enabled="true">
|
||||
{% for node in orientdb_hazelcast_unicast_members %}
|
||||
<member>{{ node.member }}:{{ node.port | default(orientdb_hazelcast_port_min) }}</member>
|
||||
{% endfor %}
|
||||
</tcp-ip>
|
||||
{% endif %}
|
||||
</join>
|
||||
{% if orientbd_hazelcast_encryption %}
|
||||
<symmetric-encryption enabled="true">
|
||||
<algorithm>Blowfish</algorithm>
|
||||
<salt>{{ orientdb_hazelcast_salt }}</salt>
|
||||
<password>{{ orientdb_hazelcast_pwd }}</password>
|
||||
<iteration-count>19</iteration-count>
|
||||
</symmetric-encryption>
|
||||
{% endif %}
|
||||
</network>
|
||||
<executor-service>
|
||||
<pool-size>16</pool-size>
|
||||
</executor-service>
|
||||
</hazelcast>
|
@ -0,0 +1,42 @@
|
||||
#!/bin/bash
|
||||
|
||||
ORIENTDB_ENABLED="{{ orientdb_enabled }}"
|
||||
RETVAL=0
|
||||
|
||||
# Add the CA certificate if it's not already present
|
||||
keytool -list -keystore {{ java_keyring_file }} -storepass {{ java_keyring_pwd }} -noprompt | grep {{ java_keyring_letsencrypt_trusted_ca }}
|
||||
RETVAL=$?
|
||||
|
||||
if [ $RETVAL -ne 0 ] ; then
|
||||
keytool -trustcacerts -keystore "{{ java_keyring_file }}" -storepass {{ java_keyring_pwd }} -noprompt -importcert -alias "{{ java_keyring_letsencrypt_trusted_ca }}" -dname "CN={{ ansible_fqdn }}" -file "{{ letsencrypt_acme_certs_dir }}/fullchain"
|
||||
fi
|
||||
# Remove the old certificate
|
||||
keytool -storepass {{ java_keyring_pwd }} -keystore "{{ java_keyring_file }}" -delete -alias "{{ ansible_fqdn }}"
|
||||
|
||||
# Check if the old certificate is still present. If so, we have a problem. Otherwise, import the new one
|
||||
keytool -list -keystore {{ java_keyring_file }} -storepass {{ java_keyring_pwd }} -noprompt | grep {{ ansible_fqdn }}
|
||||
RETVAL=$?
|
||||
if [ $RETVAL -ne 0 ] ; then
|
||||
openssl pkcs12 -export -in {{ letsencrypt_acme_certs_dir }}/cert -inkey {{ letsencrypt_acme_certs_dir }}/privkey -CAfile {{ letsencrypt_acme_certs_dir }}/fullchain -name "{{ ansible_fqdn }}" -out /var/tmp/{{ ansible_fqdn }}.p12 -password pass:{{ java_keyring_pwd }}
|
||||
keytool -importkeystore -srcstorepass {{ java_keyring_pwd }} -deststorepass {{ java_keyring_pwd }} -destkeystore {{ java_keyring_file }} -srckeystore /var/tmp/{{ ansible_fqdn }}.p12 -srcstoretype PKCS12
|
||||
rm -f /var/tmp/{{ ansible_fqdn }}.p12
|
||||
else
|
||||
logger "orientdb letsencrypt hook: the old certificate is still present inside the keystore, aborting."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
chmod 440 "{{ java_keyring_file }}"
|
||||
chgrp {{ orientdb_user }} "{{ java_keyring_file }}"
|
||||
|
||||
if [ "$ORIENTDB_ENABLED" == "True" ] ; then
|
||||
logger "orientdb letsencrypt hook: shut down orientdb."
|
||||
/etc/init.d/orientdb stop
|
||||
sleep 30
|
||||
/etc/init.d/orientdb start
|
||||
logger "orientdb letsencrypt hook: start orientdb."
|
||||
else
|
||||
logger "orientdb letsencrypt hook: the service is disabled, we do not restart it."
|
||||
fi
|
||||
logger "orientdb letsencrypt hook: the keystore has been updated with the renewed certificate."
|
||||
|
||||
exit $RETVAL
|
@ -0,0 +1,3 @@
|
||||
|
||||
# Restart orientdb (via handler)
|
||||
command[global_restart_orientdb]=/usr/bin/sudo /etc/init.d/orientdb start
|
@ -0,0 +1,118 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
|
||||
<orient-server>
|
||||
<handlers>
|
||||
{% if orientbd_graph_server_enabled %}
|
||||
<handler class="com.orientechnologies.tinkerpop.handler.OGraphServerHandler">
|
||||
<parameters>
|
||||
<parameter name="enabled" value="true"/>
|
||||
<parameter name="graph.pool.max" value="50"/>
|
||||
</parameters>
|
||||
</handler>
|
||||
{% endif %}
|
||||
<handler class="com.orientechnologies.orient.server.hazelcast.OHazelcastPlugin">
|
||||
<parameters>
|
||||
<parameter value="{{ orientdb_distributed | ternary('true','false') }}" name="enabled"/>
|
||||
<parameter value="{{ ansible_hostname }}" name="nodeName"/>
|
||||
<parameter value="${ORIENTDB_HOME}/config/default-distributed-db-config.json" name="configuration.db.default"/>
|
||||
<parameter value="${ORIENTDB_HOME}/config/hazelcast.xml" name="configuration.hazelcast"/>
|
||||
</parameters>
|
||||
</handler>
|
||||
<handler class="com.orientechnologies.orient.server.handler.OJMXPlugin">
|
||||
<parameters>
|
||||
<parameter value="false" name="enabled"/>
|
||||
<parameter value="true" name="profilerManaged"/>
|
||||
</parameters>
|
||||
</handler>
|
||||
<handler class="com.orientechnologies.orient.server.handler.OAutomaticBackup">
|
||||
<parameters>
|
||||
<parameter value="true" name="enabled"/>
|
||||
<parameter value="${ORIENTDB_HOME}/config/automatic-backup.json" name="config"/>
|
||||
</parameters>
|
||||
</handler>
|
||||
<handler class="com.orientechnologies.orient.server.handler.OServerSideScriptInterpreter">
|
||||
<parameters>
|
||||
<parameter value="true" name="enabled"/>
|
||||
<parameter value="SQL" name="allowedLanguages"/>
|
||||
</parameters>
|
||||
</handler>
|
||||
<handler class="com.orientechnologies.orient.server.handler.OCustomSQLFunctionPlugin">
|
||||
<parameters>
|
||||
<parameter value="${ORIENTDB_HOME}/config/custom-sql-functions.json" name="config"/>
|
||||
</parameters>
|
||||
</handler>
|
||||
</handlers>
|
||||
<network>
|
||||
<sockets>
|
||||
<socket implementation="com.orientechnologies.orient.server.network.OServerTLSSocketFactory" name="ssl">
|
||||
<parameters>
|
||||
{% if orientdb_ssl_client_auth_enabled %}
|
||||
<parameter value="true" name="network.ssl.clientAuth"/>
|
||||
{% else %}
|
||||
<parameter value="false" name="network.ssl.clientAuth"/>
|
||||
{% endif %}
|
||||
<parameter value="{{ java_keyring_file }}" name="network.ssl.keyStore"/>
|
||||
<parameter value="{{ java_keyring_pwd }}" name="network.ssl.keyStorePassword"/>
|
||||
<parameter value="{{ java_keyring_file }}" name="network.ssl.trustStore"/>
|
||||
<parameter value="{{ java_keyring_pwd }}" name="network.ssl.trustStorePassword"/>
|
||||
</parameters>
|
||||
</socket>
|
||||
<socket implementation="com.orientechnologies.orient.server.network.OServerTLSSocketFactory" name="https">
|
||||
<parameters>
|
||||
{% if orientdb_ssl_client_auth_enabled %}
|
||||
<parameter value="true" name="network.ssl.clientAuth"/>
|
||||
{% else %}
|
||||
<parameter value="false" name="network.ssl.clientAuth"/>
|
||||
{% endif %}
|
||||
<parameter value="{{ java_keyring_file }}" name="network.ssl.keyStore"/>
|
||||
<parameter value="{{ java_keyring_pwd }}" name="network.ssl.keyStorePassword"/>
|
||||
<parameter value="{{ java_keyring_file }}" name="network.ssl.trustStore"/>
|
||||
<parameter value="{{ java_keyring_pwd }}" name="network.ssl.trustStorePassword"/>
|
||||
</parameters>
|
||||
</socket>
|
||||
</sockets>
|
||||
<protocols>
|
||||
<protocol implementation="com.orientechnologies.orient.server.network.protocol.binary.ONetworkProtocolBinary" name="binary"/>
|
||||
<protocol implementation="com.orientechnologies.orient.server.network.protocol.http.ONetworkProtocolHttpDb" name="http"/>
|
||||
</protocols>
|
||||
<listeners>
|
||||
<listener protocol="binary" socket="default" port-range="{{ orientdb_binary_protocol_lower_port }}-{{ orientdb_binary_protocol_higher_port }}" ip-address="0.0.0.0"/>
|
||||
{% if orientdb_ssl_enabled %}
|
||||
<listener protocol="binary" socket="ssl" port-range="{{ orientdb_ssl_protocol_lower_port }}-{{ orientdb_ssl_protocol_higher_port }}" ip-address="0.0.0.0"/>
|
||||
{% endif %}
|
||||
<listener protocol="http" socket="default" port-range="{{ orientdb_http_protocol_lower_port }}-{{ orientdb_http_protocol_higher_port }}" ip-address="0.0.0.0">
|
||||
<commands>
|
||||
<command implementation="com.orientechnologies.orient.server.network.protocol.http.command.get.OServerCommandGetStaticContent" pattern="GET|www GET|studio/ GET| GET|*.htm GET|*.html GET|*.xml GET|*.jpeg GET|*.jpg GET|*.png GET|*.gif GET|*.js GET|*.css GET|*.swf GET|*.ico GET|*.txt GET|*.otf GET|*.pjs GET|*.svg GET|*.json GET|*.woff GET|*.woff2 GET|*.ttf GET|*.svgz" stateful="false">
|
||||
<parameters>
|
||||
<entry value="Cache-Control: no-cache, no-store, max-age=0, must-revalidate\r\nPragma: no-cache" name="http.cache:*.htm *.html"/>
|
||||
<entry value="Cache-Control: max-age=120" name="http.cache:default"/>
|
||||
</parameters>
|
||||
</command>
|
||||
<command implementation="com.orientechnologies.orient.server.network.protocol.http.command.get.OServerCommandGetGephi" pattern="GET|gephi/*" stateful="false"/>
|
||||
</commands>
|
||||
<parameters>
|
||||
<parameter value="utf-8" name="network.http.charset"/>
|
||||
<parameter value="true" name="network.http.jsonResponseError"/>
|
||||
</parameters>
|
||||
</listener>
|
||||
</listeners>
|
||||
</network>
|
||||
<storages/>
|
||||
<users>
|
||||
<user resources="*" password="{{ orientdb_root_pwd }}" name="{{ orientdb_root_username }}"/>
|
||||
</users>
|
||||
<properties>
|
||||
<entry value="1" name="db.pool.min"/>
|
||||
<entry value="50" name="db.pool.max"/>
|
||||
<entry value="50" name="script.pool.maxSize"/>
|
||||
<!-- Profile is available in enterprise edition only http://orientdb.com/docs/3.0.x/tuning/Profiler.html -->
|
||||
<entry value="false" name="profiler.enabled"/>
|
||||
<entry value="0" name="distributed.autoRemoveOfflineServers"/>
|
||||
<entry value="{{ orientdb_data_dir }}" name="server.database.path" />
|
||||
</properties>
|
||||
<hooks>
|
||||
{% for class in orientdb_hooks_classes %}
|
||||
<hook class="{{ class.name }}" position="{{ class.position }}"/>
|
||||
{% endfor %}
|
||||
</hooks>
|
||||
<isAfterFirstTime>true</isAfterFirstTime>
|
||||
</orient-server>
|
@ -0,0 +1,46 @@
|
||||
#
|
||||
# /*
|
||||
# * Copyright 2014 Orient Technologies LTD (info(at)orientechnologies.com)
|
||||
# *
|
||||
# * Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# * you may not use this file except in compliance with the License.
|
||||
# * You may obtain a copy of the License at
|
||||
# *
|
||||
# * http://www.apache.org/licenses/LICENSE-2.0
|
||||
# *
|
||||
# * Unless required by applicable law or agreed to in writing, software
|
||||
# * distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# * See the License for the specific language governing permissions and
|
||||
# * limitations under the License.
|
||||
# *
|
||||
# * For more information: http://www.orientechnologies.com
|
||||
# */
|
||||
#
|
||||
|
||||
# Specify the handlers to create in the root logger
|
||||
# (all loggers are children of the root logger)
|
||||
# The following creates two handlers
|
||||
handlers = java.util.logging.ConsoleHandler, java.util.logging.FileHandler
|
||||
|
||||
# Set the default logging level for the root logger
|
||||
.level = {{ orientdb_log_level }}
|
||||
com.orientechnologies.level = {{ orientdb_log_level }}
|
||||
com.orientechnologies.orient.server.distributed.level = {{ orientdb_log_level }}
|
||||
|
||||
# Set the default logging level for new ConsoleHandler instances
|
||||
java.util.logging.ConsoleHandler.level = {{ orientdb_log_level }}
|
||||
# Set the default formatter for new ConsoleHandler instances
|
||||
java.util.logging.ConsoleHandler.formatter = com.orientechnologies.common.log.OAnsiLogFormatter
|
||||
|
||||
# Set the default logging level for new FileHandler instances
|
||||
java.util.logging.FileHandler.level = {{ orientdb_log_level }}
|
||||
# Naming style for the output file
|
||||
java.util.logging.FileHandler.pattern={{ orientdb_log_dir }}/orient-server.log
|
||||
# Set the default formatter for new FileHandler instances
|
||||
java.util.logging.FileHandler.formatter = com.orientechnologies.common.log.OLogFormatter
|
||||
# Limiting size of output file in bytes:
|
||||
java.util.logging.FileHandler.limit=10000000
|
||||
# Number of output files to cycle through, by appending an
|
||||
# integer to the base file name:
|
||||
java.util.logging.FileHandler.count=10
|
@ -0,0 +1,8 @@
|
||||
export ORIENTDB_DIR="{{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}"
|
||||
export ORIENTDB_USER="{{ orientdb_user }}"
|
||||
export ORIENTDB_OPTS_MEMORY="{{ orientdb_java_heap }}"
|
||||
export ORIENTDB_SETTINGS="{{ orientdb_default_settings }}"
|
||||
ORIENTDB_SERVER_OPTS=
|
||||
{% if orientdb_distributed %}
|
||||
ORIENTDB_SERVER_OPTS="-Ddistributed=true"
|
||||
{% endif %}
|
@ -0,0 +1,83 @@
|
||||
#!/bin/bash
|
||||
# OrientDB service script
|
||||
#
|
||||
# Copyright (c) Orient Technologies LTD (http://www.orientechnologies.com)
|
||||
|
||||
# chkconfig: 2345 20 80
|
||||
# description: OrientDb init script
|
||||
# processname: orientdb.sh
|
||||
|
||||
# You have to SET the OrientDB installation directory here
|
||||
if [ -f /etc/default/orientdb ] ; then
|
||||
. /etc/default/orientdb
|
||||
else
|
||||
ORIENTDB_DIR="{{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}"
|
||||
ORIENTDB_USER="{{ orientdb_user }}"
|
||||
fi
|
||||
|
||||
usage() {
|
||||
echo "Usage: `basename $0`: <start|stop|status>"
|
||||
exit 1
|
||||
}
|
||||
|
||||
start() {
|
||||
status
|
||||
if [ $PID -gt 0 ]
|
||||
then
|
||||
echo "OrientDB server daemon was already started. PID: $PID"
|
||||
return $PID
|
||||
fi
|
||||
echo "Starting OrientDB server daemon..."
|
||||
cd "$ORIENTDB_DIR/bin"
|
||||
su $ORIENTDB_USER -c "cd \"$ORIENTDB_DIR/bin\"; /usr/bin/nohup ./server.sh $ORIENTDB_SERVER_OPTS >> {{ orientdb_log_dir }}/orientdb.log 2>&1 &"
|
||||
}
|
||||
|
||||
stop() {
|
||||
status
|
||||
if [ $PID -eq 0 ]
|
||||
then
|
||||
echo "OrientDB server daemon is already not running"
|
||||
return 0
|
||||
fi
|
||||
echo "Stopping OrientDB server daemon..."
|
||||
cd "$ORIENTDB_DIR/bin"
|
||||
su $ORIENTDB_USER -c "cd \"$ORIENTDB_DIR/bin\"; /usr/bin/nohup ./shutdown.sh >> {{ orientdb_log_dir }}/orientdb.log 2>&1"
|
||||
}
|
||||
|
||||
status() {
|
||||
PID=` ps auxw | grep 'orientdb.www.path' | grep java | grep -v grep | awk '{print $2}'`
|
||||
if [ "x$PID" = "x" ]
|
||||
then
|
||||
PID=0
|
||||
fi
|
||||
|
||||
# if PID is greater than 0 then OrientDB is running, else it is not
|
||||
return $PID
|
||||
}
|
||||
|
||||
if [ "x$1" = "xstart" ]
|
||||
then
|
||||
start
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [ "x$1" = "xstop" ]
|
||||
then
|
||||
stop
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [ "x$1" = "xstatus" ]
|
||||
then
|
||||
status
|
||||
if [ $PID -gt 0 ]
|
||||
then
|
||||
echo "OrientDB server daemon is running with PID: $PID"
|
||||
exit 0
|
||||
else
|
||||
echo "OrientDB server daemon is NOT running"
|
||||
exit 3
|
||||
fi
|
||||
fi
|
||||
|
||||
usage
|
@ -0,0 +1,21 @@
|
||||
[Unit]
|
||||
Description=OrientDB Server
|
||||
After=network.target
|
||||
After=syslog.target
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User={{ orientdb_user }}
|
||||
Group={{ orientdb_user }}
|
||||
Restart=always
|
||||
RestartSec=10
|
||||
StandardOutput=syslog
|
||||
StandardError=syslog
|
||||
SyslogIdentifier=orientdb
|
||||
ExecStart={{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}/bin/server.sh
|
||||
ExecStop={{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}/bin/shutdown.sh
|
||||
ExecStatus={{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}/bin/orientdb.sh status
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
Loading…
Reference in New Issue