diff --git a/omero/ome-demoserver.yml b/omero/ome-demoserver.yml index 99fc6085..6b727b3f 100644 --- a/omero/ome-demoserver.yml +++ b/omero/ome-demoserver.yml @@ -8,106 +8,105 @@ pre_tasks: - name: Install open-vm-tools if system is a VMware vm become: true - ansible.builtin.yum: + ansible.builtin.dnf: name: open-vm-tools state: installed when: > ((ansible_virtualization_type is defined) and (ansible_virtualization_type == "VMware")) - # Perhaps alter the role at - # https://github.com/openmicroscopy/ansible-role-lvm-partition/ - # to make some of the variables non-required. - - name: Resize root FS without altering mount options - tags: lvm - become: true - lvol: - lv: root - vg: VolGroup00 - size: "{{ provision_root_lvsize }}" - shrink: false - - - name: Install Make Movie script Prerequisite | MEncoder - Repo - become: true - ansible.builtin.yum: - name: "http://li.nux.ro/download/nux/dextop/el7\ - /x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm" - state: present - - - name: Install Make Movie script Prerequisite | MEncoder - Package - become: true - ansible.builtin.yum: - name: mencoder - state: present - - - name: Server-side script prerequisites - become: true - ansible.builtin.yum: - name: "{{ item }}" - state: present - with_items: - - mencoder # For the 'make movie' script + # # Perhaps alter the role at + # # https://github.com/openmicroscopy/ansible-role-lvm-partition/ + # # to make some of the variables non-required. + # - name: Resize root FS without altering mount options + # tags: lvm + # become: true + # lvol: + # lv: root + # vg: VolGroup00 + # size: "{{ provision_root_lvsize }}" + # shrink: false + + # - name: Install Make Movie script Prerequisite | MEncoder - Repo + # become: true + # ansible.builtin.yum: + # name: "http://li.nux.ro/download/nux/dextop/el7\ + # /x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm" + # state: present + + # - name: Install Make Movie script Prerequisite | MEncoder - Package + # become: true + # ansible.builtin.yum: + # name: mencoder + # state: present + + # - name: Server-side script prerequisites + # become: true + # ansible.builtin.yum: + # name: "{{ item }}" + # state: present + # with_items: + # - mencoder # For the 'make movie' script roles: # Now OME are using RHEL without Spacewalk, the current best-method of # checking `is server deployed in Dundee/SLS` is # checking for the SLS nameservers. - - role: ome.system_monitor_agent - tags: monitoring - when: "'10.1.255.216' in ansible_dns.nameservers" + # - role: ome.system_monitor_agent + # tags: monitoring + # when: "'10.1.255.216' in ansible_dns.nameservers" # Disk Layout - PostgreSQL | data dir on separate VG (SSD) - - role: ome.lvm_partition - tags: lvm - lvm_lvname: pgdata - lvm_vgname: "{{ provision_postgres_vgname }}" - lvm_lvmount: /var/lib/pgsql - lvm_lvsize: "{{ provision_postgres_lvsize }}" - lvm_lvfilesystem: "{{ filesystem }}" - lvm_shrink: false - - # Disk Layout - OMERO | VG and LV (separate disk) for Binary Repository - - role: ome.lvm_partition - tags: lvm - lvm_lvname: datadir - lvm_vgname: "{{ provision_omero_server_datadir_vgname }}" - lvm_lvmount: "{{ omero_server_datadir }}" - lvm_lvsize: "{{ provision_omero_server_datadir_lvsize }}" - lvm_lvfilesystem: "{{ filesystem }}" - lvm_shrink: false - - # Disk Layout - OMERO.server | LV for dist & logs - - role: ome.lvm_partition - tags: lvm - lvm_lvname: omero_server_basedir - lvm_vgname: VolGroup00 - lvm_lvmount: "{{ omero_server_basedir }}" - lvm_lvsize: "{{ provision_omero_server_basedir_lvsize }}" - lvm_lvfilesystem: "{{ filesystem }}" - lvm_shrink: false - - # Disk Layout - OMERO.web | LV for dist & logs - - role: ome.lvm_partition - tags: lvm - lvm_lvname: omero_web_basedir - lvm_vgname: VolGroup00 - lvm_lvmount: "{{ omero_web_basedir }}" - lvm_lvsize: "{{ provision_omero_web_basedir_lvsize }}" - lvm_lvfilesystem: "{{ filesystem }}" - lvm_shrink: false - - - role: ome.nginx - nginx_version: 1.16.1 + # - role: ome.lvm_partition + # tags: lvm + # lvm_lvname: pgdata + # lvm_vgname: "{{ provision_postgres_vgname }}" + # lvm_lvmount: /var/lib/pgsql + # lvm_lvsize: "{{ provision_postgres_lvsize }}" + # lvm_lvfilesystem: "{{ filesystem }}" + # lvm_shrink: false + + # # Disk Layout - OMERO | VG and LV (separate disk) for Binary Repository + # - role: ome.lvm_partition + # tags: lvm + # lvm_lvname: datadir + # lvm_vgname: "{{ provision_omero_server_datadir_vgname }}" + # lvm_lvmount: "{{ omero_server_datadir }}" + # lvm_lvsize: "{{ provision_omero_server_datadir_lvsize }}" + # lvm_lvfilesystem: "{{ filesystem }}" + # lvm_shrink: false + + # # Disk Layout - OMERO.server | LV for dist & logs + # - role: ome.lvm_partition + # tags: lvm + # lvm_lvname: omero_server_basedir + # lvm_vgname: VolGroup00 + # lvm_lvmount: "{{ omero_server_basedir }}" + # lvm_lvsize: "{{ provision_omero_server_basedir_lvsize }}" + # lvm_lvfilesystem: "{{ filesystem }}" + # lvm_shrink: false + + # # Disk Layout - OMERO.web | LV for dist & logs + # - role: ome.lvm_partition + # tags: lvm + # lvm_lvname: omero_web_basedir + # lvm_vgname: VolGroup00 + # lvm_lvmount: "{{ omero_web_basedir }}" + # lvm_lvsize: "{{ provision_omero_web_basedir_lvsize }}" + # lvm_lvfilesystem: "{{ filesystem }}" + # lvm_shrink: false + + # nginx_version: 1.16.1 - role: ome.postgresql # no_log: true postgresql_databases: - - name: omero + - name: omero + owner: demo postgresql_users: - - user: "{{ omero_server_dbuser | default('omero') }}" - password: "{{ omero_server_dbpassword | default('omero') }}" - databases: - - omero + - user: "{{ omero_server_dbuser | default('omero') }}" + password: "{{ omero_server_dbpassword | default('omero') }}" + databases: [] - role: ome.omero_server # Defaults overridden in private configuration @@ -117,15 +116,17 @@ omero_server_dbname: omero omero_server_systemd_limit_nofile: 16384 + - role: ome.nginx + - role: ome.omero_web # Defaults overridden in private configuration omero_web_systemd_limit_nofile: 16384 omero_web_python_addons: - "omero-figure=={{ omero_figure_release }}" - "omero-fpbioimage=={{ omero_fpbioimage_release }}" - - "omero-webtagging-autotag=={{ omero_webtagging_autotag_release }}" - - "omero-webtagging-tagsearch==\ - {{ omero_webtagging_tagsearch_release }}" + - "omero-autotag=={{ omero_autotag_release }}" + - "omero-tagsearch==\ + {{ omero_tagsearch_release }}" - "omero-iviewer=={{ omero_iviewer_release }}" - "omero-parade=={{ omero_parade_release }}" - "omero-signup=={{ omero_signup_release }}" @@ -156,7 +157,6 @@ postgresql_backup_compress: true postgresql_backup_dir: /OMERO/pgbackup postgresql_backup_filename_format: "nightly-omero-%a.pgdump.gz" - postgresql_backup_minimum_expected_size: 100000000 handlers: - name: Reload web server @@ -168,6 +168,10 @@ post_tasks: + - name: Allow nginx to connect to omero-web + become: yes + command: setsebool -P httpd_can_network_connect on + - name: NGINX - Performance tuning - worker processes become: true ansible.builtin.replace: @@ -256,50 +260,50 @@ - restart omero-web no_log: true - - name: Check_MK postgres plugin | check for plugin existence - tags: monitoring - ansible.builtin.stat: - path: "{{ check_mk_agent_plugin_path }}/mk_postgres" - register: check_mk_postgres_plugin_st - - - name: Check_MK postgres plugin | activate the plugin - tags: monitoring - become: true - command: > - cp "{{ check_mk_agent_plugin_path }}/mk_postgres" - /usr/share/check-mk-agent/plugins/ - creates=/usr/share/check-mk-agent/plugins/mk_postgres - when: check_mk_postgres_plugin_st.stat.exists - - - name: Check_MK logwatch plugin | check for plugin existence - tags: monitoring - ansible.builtin.stat: - path: "{{ check_mk_agent_plugin_path }}/mk_logwatch" - register: check_mk_logwatch_plugin_st - - - name: Check_MK logwatch plugin | activate the plugin - tags: monitoring - become: true - command: > - cp "{{ check_mk_agent_plugin_path }}/mk_logwatch" - /usr/share/check-mk-agent/plugins/ - creates=/usr/share/check-mk-agent/plugins/mk_logwatch - when: check_mk_logwatch_plugin_st.stat.exists - - - name: Check_MK logwatch plugin | check for default config file - tags: monitoring - ansible.builtin.stat: - path: "{{ check_mk_agent_config_example_path }}/logwatch.cfg" - register: check_mk_logwatch_plugin_conf_st - - - name: Check_MK logwatch plugin | copy the default config - tags: monitoring - become: true - command: > - cp "{{ check_mk_agent_config_example_path }}/logwatch.cfg" - "{{ check_mk_agent_config_path }}/logwatch.cfg" - creates="{{ check_mk_agent_config_path }}/logwatch.cfg" - when: check_mk_logwatch_plugin_conf_st.stat.exists + # - name: Check_MK postgres plugin | check for plugin existence + # tags: monitoring + # ansible.builtin.stat: + # path: "{{ check_mk_agent_plugin_path }}/mk_postgres" + # register: check_mk_postgres_plugin_st + + # - name: Check_MK postgres plugin | activate the plugin + # tags: monitoring + # become: true + # command: > + # cp "{{ check_mk_agent_plugin_path }}/mk_postgres" + # /usr/share/check-mk-agent/plugins/ + # creates=/usr/share/check-mk-agent/plugins/mk_postgres + # when: check_mk_postgres_plugin_st.stat.exists + + # - name: Check_MK logwatch plugin | check for plugin existence + # tags: monitoring + # ansible.builtin.stat: + # path: "{{ check_mk_agent_plugin_path }}/mk_logwatch" + # register: check_mk_logwatch_plugin_st + + # - name: Check_MK logwatch plugin | activate the plugin + # tags: monitoring + # become: true + # command: > + # cp "{{ check_mk_agent_plugin_path }}/mk_logwatch" + # /usr/share/check-mk-agent/plugins/ + # creates=/usr/share/check-mk-agent/plugins/mk_logwatch + # when: check_mk_logwatch_plugin_st.stat.exists + + # - name: Check_MK logwatch plugin | check for default config file + # tags: monitoring + # ansible.builtin.stat: + # path: "{{ check_mk_agent_config_example_path }}/logwatch.cfg" + # register: check_mk_logwatch_plugin_conf_st + + # - name: Check_MK logwatch plugin | copy the default config + # tags: monitoring + # become: true + # command: > + # cp "{{ check_mk_agent_config_example_path }}/logwatch.cfg" + # "{{ check_mk_agent_config_path }}/logwatch.cfg" + # creates="{{ check_mk_agent_config_path }}/logwatch.cfg" + # when: check_mk_logwatch_plugin_conf_st.stat.exists - name: PostgreSQL Nightly Backups | Remove old cron job become: true @@ -332,26 +336,26 @@ vars: omero_figure_release: >- - {{ omero_figure_release_override | default('6.0.1') }} + {{ omero_figure_release_override | default('6.2.2') }} omero_figure_script_release: >- - {{ omero_figure_script_release_override | default('v6.0.1') }} + {{ omero_figure_script_release_override | default('v6.2.2') }} omero_fpbioimage_release: >- {{ omero_fpbioimage_release_override | default('0.4.1') }} omero_iviewer_release: >- - {{ omero_iviewer_release_override | default('0.13.0') }} + {{ omero_iviewer_release_override | default('0.14.0') }} omero_parade_release: >- {{ omero_parade_release_override | default('0.2.4') }} - omero_webtagging_autotag_release: >- - {{ omero_webtagging_autotag_release_override | default('3.2.0') }} - omero_webtagging_tagsearch_release: >- - {{ omero_webtagging_tagsearch_release_override | default('3.2.0') }} + omero_autotag_release: >- + {{ omero_autotag_release_override | default('4.0.1') }} + omero_tagsearch_release: >- + {{ omero_tagsearch_release_override | default('4.1.1') }} omero_signup_release: >- - {{ omero_signup_release_override | default('0.3.2') }} + {{ omero_signup_release_override | default('0.3.3') }} omero_server_release: >- - {{ omero_server_release_override | default('5.6.8') }} - omero_web_release: "{{ omero_web_release_override | default('5.22.1') }}" - omero_py_release: "{{ omero_py_release_override | default('5.15.0') }}" + {{ omero_server_release_override | default('5.6.11') }} + omero_web_release: "{{ omero_web_release_override | default('5.26.0') }}" + omero_py_release: "{{ omero_py_release_override | default('5.19.2') }}" # For https://github.com/openmicroscopy/ansible-role-java, # which is a dependency. java_jdk_install: true @@ -388,7 +392,7 @@ [1] In your browser, go to omero-guides.readthedocs.io/en/latest and click on OMERO walkthrough example under Getting started.' - postgresql_version: "11" + postgresql_version: "16" filesystem: "xfs" omero_server_config_set: @@ -445,7 +449,7 @@ omero.web.wsgi_workers: >- {{ (2 * (ansible_processor_count * ansible_processor_cores)) + 1 }} - omero.web.admins: "{{ omero_web_admins }}" + # omero.web.admins: "{{ omero_web_admins }}" # https://pypi.org/project/omero-iviewer/ - set iviewer to default viewer omero.web.viewer.view: omero_iviewer.views.index omero.web.nginx_server_extra_config: diff --git a/omero/requirements.yml b/omero/requirements.yml new file mode 100644 index 00000000..87f05f80 --- /dev/null +++ b/omero/requirements.yml @@ -0,0 +1,27 @@ +--- +- role: ome.omero_common +- role: ome.basedeps +- role: ome.java +- role: ome.python3_virtualenv +- role: ome.ice +- role: ome.postgresql +- role: ome.postgresql_client +- role: ome.deploy_archive +- role: ome.omero_server +- role: ome.omero_web +- role: ome.nginx +- role: ome.redis +- role: ome.selinux_utils +- role: ome.versioncontrol_utils +- role: ome.ssl_certificate +- name: nfs_mount + src: https://github.com/ome/ansible-role-nfs-mount/ +- name: nfs_share + src: https://github.com/ome/ansible-role-nfs-share/ +- name: iptables_raw + src: https://github.com/pwalczysko/ansible-role-iptables-raw/ + version: rocky9 +- role: ome.cli_utils +- role: ome.docker +- role: ome.postgresql_backup +- role: ome.omero_user diff --git a/requirements.yml b/requirements.yml deleted file mode 100644 index a1759a69..00000000 --- a/requirements.yml +++ /dev/null @@ -1,107 +0,0 @@ ---- - -- name: ome.certbot - src: https://github.com/ome/ansible-role-certbot/archive/0.1.0.tar.gz - version: 0.1.0 - -- src: ome.cli_utils - version: 1.1.1 - -- src: ome.deploy_archive - version: 0.1.4 - -- src: ome.docker - version: 3.1.1 - -- src: ome.ice - version: 4.3.0 - -- src: ome.java - version: 2.1.0 - -- name: ome.iptables_raw - version: 0.3.1 - -- src: ome.lvm_partition - version: 1.1.1 - -- name: ome.network - version: 1.1.4 - -- src: ome.nginx - version: 2.1.1 - -- name: ome.nginx_proxy - version: 1.15.2 - -- src: ome.nfs_mount - version: 1.3.0 - -- src: ome.omero_common - version: 0.3.4 - -- src: ome.basedeps - version: 1.2.0 - -- name: ome.omero_prometheus_exporter - version: 0.3.6 - -- name: ome.omero_server - version: 4.0.2 - -- src: ome.omero_user - version: 0.3.0 - -- name: ome.omero_web - version: 4.0.1 - -- src: ome.python3_virtualenv - version: 0.1.2 - -- src: ome.omero_web_django_prometheus - version: 0.3.0 - -- src: ome.postgresql - version: 5.2.0 - -- src: ome.postgresql_backup - version: 0.2.1 - -- src: ome.postgresql_client - version: 0.2.0 - -- src: ome.prometheus - version: 0.5.1 - -- src: ome.prometheus_jmx - version: 0.2.2 - -- src: ome.prometheus_node - version: 0.2.2 - -- src: ome.prometheus_postgres - version: 0.4.2 - -- src: ome.redis - version: 1.1.1 - -- name: ome.selinux_utils - version: 1.0.3 - -- src: ome.ssl_certificate - version: 0.4.0 - -- src: ome.sudoers - version: 1.0.4 - -- src: ome.system_monitor_agent - version: 0.1.1 - -- src: ome.upgrade_distpackages - version: 1.1.3 - -- src: ome.versioncontrol_utils - version: 1.0.2 - -- src: idr.redmine_tracker - version: 0.1.0