diff --git a/molecule/ome-demoserver/ome-demoserver.yml b/molecule/ome-demoserver/ome-demoserver.yml deleted file mode 100644 index 6b727b3f..00000000 --- a/molecule/ome-demoserver/ome-demoserver.yml +++ /dev/null @@ -1,456 +0,0 @@ -# Install OMERO.server, OMERO.web and prepare the OME (UoD/SLS) prerequisites - -# To allow the OMERO.web plugins to upgrade -# also pass `--extra-vars upgrade_webapps=True` - -- name: Demo server playbook - hosts: ome-demoservers - pre_tasks: - - name: Install open-vm-tools if system is a VMware vm - become: true - ansible.builtin.dnf: - name: open-vm-tools - state: installed - when: > - ((ansible_virtualization_type is defined) - and (ansible_virtualization_type == "VMware")) - - # # Perhaps alter the role at - # # https://github.com/openmicroscopy/ansible-role-lvm-partition/ - # # to make some of the variables non-required. - # - name: Resize root FS without altering mount options - # tags: lvm - # become: true - # lvol: - # lv: root - # vg: VolGroup00 - # size: "{{ provision_root_lvsize }}" - # shrink: false - - # - name: Install Make Movie script Prerequisite | MEncoder - Repo - # become: true - # ansible.builtin.yum: - # name: "http://li.nux.ro/download/nux/dextop/el7\ - # /x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm" - # state: present - - # - name: Install Make Movie script Prerequisite | MEncoder - Package - # become: true - # ansible.builtin.yum: - # name: mencoder - # state: present - - # - name: Server-side script prerequisites - # become: true - # ansible.builtin.yum: - # name: "{{ item }}" - # state: present - # with_items: - # - mencoder # For the 'make movie' script - - roles: - # Now OME are using RHEL without Spacewalk, the current best-method of - # checking `is server deployed in Dundee/SLS` is - # checking for the SLS nameservers. - # - role: ome.system_monitor_agent - # tags: monitoring - # when: "'10.1.255.216' in ansible_dns.nameservers" - - # Disk Layout - PostgreSQL | data dir on separate VG (SSD) - # - role: ome.lvm_partition - # tags: lvm - # lvm_lvname: pgdata - # lvm_vgname: "{{ provision_postgres_vgname }}" - # lvm_lvmount: /var/lib/pgsql - # lvm_lvsize: "{{ provision_postgres_lvsize }}" - # lvm_lvfilesystem: "{{ filesystem }}" - # lvm_shrink: false - - # # Disk Layout - OMERO | VG and LV (separate disk) for Binary Repository - # - role: ome.lvm_partition - # tags: lvm - # lvm_lvname: datadir - # lvm_vgname: "{{ provision_omero_server_datadir_vgname }}" - # lvm_lvmount: "{{ omero_server_datadir }}" - # lvm_lvsize: "{{ provision_omero_server_datadir_lvsize }}" - # lvm_lvfilesystem: "{{ filesystem }}" - # lvm_shrink: false - - # # Disk Layout - OMERO.server | LV for dist & logs - # - role: ome.lvm_partition - # tags: lvm - # lvm_lvname: omero_server_basedir - # lvm_vgname: VolGroup00 - # lvm_lvmount: "{{ omero_server_basedir }}" - # lvm_lvsize: "{{ provision_omero_server_basedir_lvsize }}" - # lvm_lvfilesystem: "{{ filesystem }}" - # lvm_shrink: false - - # # Disk Layout - OMERO.web | LV for dist & logs - # - role: ome.lvm_partition - # tags: lvm - # lvm_lvname: omero_web_basedir - # lvm_vgname: VolGroup00 - # lvm_lvmount: "{{ omero_web_basedir }}" - # lvm_lvsize: "{{ provision_omero_web_basedir_lvsize }}" - # lvm_lvfilesystem: "{{ filesystem }}" - # lvm_shrink: false - - # nginx_version: 1.16.1 - - - role: ome.postgresql - # no_log: true - postgresql_databases: - - name: omero - owner: demo - postgresql_users: - - user: "{{ omero_server_dbuser | default('omero') }}" - password: "{{ omero_server_dbpassword | default('omero') }}" - databases: [] - - - role: ome.omero_server - # Defaults overridden in private configuration - # omero_server_dbuser: - # omero_server_dbpassword: - # omero_server_rootpassword: - omero_server_dbname: omero - omero_server_systemd_limit_nofile: 16384 - - - role: ome.nginx - - - role: ome.omero_web - # Defaults overridden in private configuration - omero_web_systemd_limit_nofile: 16384 - omero_web_python_addons: - - "omero-figure=={{ omero_figure_release }}" - - "omero-fpbioimage=={{ omero_fpbioimage_release }}" - - "omero-autotag=={{ omero_autotag_release }}" - - "omero-tagsearch==\ - {{ omero_tagsearch_release }}" - - "omero-iviewer=={{ omero_iviewer_release }}" - - "omero-parade=={{ omero_parade_release }}" - - "omero-signup=={{ omero_signup_release }}" - - "omero-py>={{ omero_py_release }}" - - - role: ome.omero_user - no_log: true - omero_user_system: omero-server - omero_user_admin_user: root - omero_user_admin_pass: "{{ omero_server_rootpassword }}" - omero_group_create: - - name: public - type: read-only - - name: "My Data" - type: private - omero_user_create: - - login: "{{ secret_omero_web_public_user | default('public') }}" - firstname: Public - lastname: User - password: >- - {{ secret_omero_web_public_password | default('public') }} - groups: "--group-name public" - - - role: ome.ssl_certificate - tags: ssl - - - role: ome.postgresql_backup - postgresql_backup_compress: true - postgresql_backup_dir: /OMERO/pgbackup - postgresql_backup_filename_format: "nightly-omero-%a.pgdump.gz" - - handlers: - - name: Reload web server - listen: ssl certificate changed - become: true - ansible.builtin.service: - name: nginx - state: reloaded - - post_tasks: - - - name: Allow nginx to connect to omero-web - become: yes - command: setsebool -P httpd_can_network_connect on - - - name: NGINX - Performance tuning - worker processes - become: true - ansible.builtin.replace: - path: "/etc/nginx/nginx.conf" - regexp: '^worker_processes\s+\d+;' - replace: >- - worker_processes {{ ((ansible_processor_count * - ansible_processor_cores) / 2) | round | int }}; - - # cf https://www.digitalocean.com/community/tutorials/ - # how-to-optimize-nginx-configuration - - name: NGINX - Performance tuning - worker connections - become: true - ansible.builtin.replace: - path: "/etc/nginx/nginx.conf" - regexp: 'worker_connections\s+\d+;' - replace: "worker_connections 65000;" - - - name: NGINX - create nested includes directory - become: true - ansible.builtin.file: - path: /etc/nginx/conf.d-nested-includes - state: directory - mode: 0755 - - - name: NGINX - SSL Configuration - become: true - template: - src: templates/nginx-confdnestedincludes-ssl-conf.j2 - dest: /etc/nginx/conf.d-nested-includes/ssl.conf - mode: 0644 - notify: - - restart nginx - - - name: NGINX - OMERO websockets - become: true - template: - src: templates/nginx-confdnestedincludes-omerows-conf.j2 - dest: /etc/nginx/conf.d-nested-includes/omerows.conf - mode: 0644 - notify: - - restart nginx - - - name: NGINX - websocket proxy support - become: true - template: - src: templates/nginx-confd-websockets-conf.j2 - dest: /etc/nginx/conf.d/websockets.conf - mode: 0644 - notify: - - restart nginx - - - name: Config for OMERO.web plugins - become: true - template: - src: templates/omero-web-config-for-webapps.j2 - dest: >- - {{ omero_web_basedir }}/config/omero-web-config-for-webapps.omero - owner: "root" - group: "root" - mode: "u=rw,go=r" - notify: - - restart omero-web - - - name: OMERO.web config for CORS - become: true - template: - src: templates/omero-web-config-for-cors.j2 - dest: "{{ omero_web_basedir }}/config/omero-web-config-for-cors.omero" - owner: "root" - group: "root" - mode: "u=rw,go=r" - notify: - - restart omero-web - - - name: OMERO.web config for signup app - become: true - template: - src: templates/omero-web-config-signup.j2 - dest: "{{ omero_web_basedir }}/config/omero-web-config-signup.omero" - # Contains sensitive info - owner: "root" - group: "omero-web" - mode: "0640" - notify: - - restart omero-web - no_log: true - - # - name: Check_MK postgres plugin | check for plugin existence - # tags: monitoring - # ansible.builtin.stat: - # path: "{{ check_mk_agent_plugin_path }}/mk_postgres" - # register: check_mk_postgres_plugin_st - - # - name: Check_MK postgres plugin | activate the plugin - # tags: monitoring - # become: true - # command: > - # cp "{{ check_mk_agent_plugin_path }}/mk_postgres" - # /usr/share/check-mk-agent/plugins/ - # creates=/usr/share/check-mk-agent/plugins/mk_postgres - # when: check_mk_postgres_plugin_st.stat.exists - - # - name: Check_MK logwatch plugin | check for plugin existence - # tags: monitoring - # ansible.builtin.stat: - # path: "{{ check_mk_agent_plugin_path }}/mk_logwatch" - # register: check_mk_logwatch_plugin_st - - # - name: Check_MK logwatch plugin | activate the plugin - # tags: monitoring - # become: true - # command: > - # cp "{{ check_mk_agent_plugin_path }}/mk_logwatch" - # /usr/share/check-mk-agent/plugins/ - # creates=/usr/share/check-mk-agent/plugins/mk_logwatch - # when: check_mk_logwatch_plugin_st.stat.exists - - # - name: Check_MK logwatch plugin | check for default config file - # tags: monitoring - # ansible.builtin.stat: - # path: "{{ check_mk_agent_config_example_path }}/logwatch.cfg" - # register: check_mk_logwatch_plugin_conf_st - - # - name: Check_MK logwatch plugin | copy the default config - # tags: monitoring - # become: true - # command: > - # cp "{{ check_mk_agent_config_example_path }}/logwatch.cfg" - # "{{ check_mk_agent_config_path }}/logwatch.cfg" - # creates="{{ check_mk_agent_config_path }}/logwatch.cfg" - # when: check_mk_logwatch_plugin_conf_st.stat.exists - - - name: PostgreSQL Nightly Backups | Remove old cron job - become: true - ansible.builtin.file: - path: /etc/cron.daily/nightly-pg_dump-omero.sh - state: absent - - - name: Create a figure scripts directory - become: true - ansible.builtin.file: - path: "{{ omero_server_basedir }}/OMERO.server/lib/\ - scripts/omero/figure_scripts" - state: directory - mode: 0755 - recurse: true - owner: root - - - name: Download the Figure_To_Pdf.py script - become: true - ansible.builtin.get_url: - url: "https://raw.githubusercontent.com/ome/omero-figure/\ - {{ omero_figure_script_release }}/omero_figure/scripts/omero/\ - figure_scripts/Figure_To_Pdf.py" - dest: "{{ omero_server_basedir }}/OMERO.server/lib/\ - scripts/omero/figure_scripts/Figure_To_Pdf.py" - mode: 0755 - owner: "omero-server" - group: "omero-server" - force: true - - vars: - omero_figure_release: >- - {{ omero_figure_release_override | default('6.2.2') }} - omero_figure_script_release: >- - {{ omero_figure_script_release_override | default('v6.2.2') }} - omero_fpbioimage_release: >- - {{ omero_fpbioimage_release_override | default('0.4.1') }} - omero_iviewer_release: >- - {{ omero_iviewer_release_override | default('0.14.0') }} - omero_parade_release: >- - {{ omero_parade_release_override | default('0.2.4') }} - omero_autotag_release: >- - {{ omero_autotag_release_override | default('4.0.1') }} - omero_tagsearch_release: >- - {{ omero_tagsearch_release_override | default('4.1.1') }} - omero_signup_release: >- - {{ omero_signup_release_override | default('0.3.3') }} - - omero_server_release: >- - {{ omero_server_release_override | default('5.6.11') }} - omero_web_release: "{{ omero_web_release_override | default('5.26.0') }}" - omero_py_release: "{{ omero_py_release_override | default('5.19.2') }}" - # For https://github.com/openmicroscopy/ansible-role-java, - # which is a dependency. - java_jdk_install: true - - # Check_MK (system monitoring) paths - check_mk_agent_plugin_path: /usr/share/check-mk-agent/available-plugins - check_mk_agent_config_example_path: /usr/share/check_mk/agents/cfg_examples - check_mk_agent_config_path: /etc/check-mk-agent - - # Pip versions - omero_cli_duplicate_release: >- - {{ omero_cli_duplicate_release_override | default('0.4.0') }} - omero_cli_render_release: >- - {{ omero_cli_render_release_override | default('0.8.0') }} - omero_metadata_release: >- - {{ omero_cli_metadata_release_override | default('0.10.0') }} - - # Signup - omero_signup_email_body: >- - 'Thank you for creating an account on demo.openmicroscopy.org server.\n - Your login details are \n\n - username: {username}\n - password: {password}\n\n - Use these login details as follows\n - 1. In your browser, go to demo.openmicroscopy.org and log in.\n - 2. Download the OMERO.insight [1] desktop application to import\n - your first data into OMERO.\n - 3. Once OMERO.insight is started, following the steps in the\n omero-guide [1], change the server address to\n - demo.openmicroscopy.org\n - and connect using the login details as above to import your data.\n - 4. Use the walkthrough example [1] to get further ideas about how - to start using OMERO.\n - OME Team\n\n - [1] In your browser, go to omero-guides.readthedocs.io/en/latest - and click on OMERO walkthrough example under Getting started.' - - postgresql_version: "16" - filesystem: "xfs" - - omero_server_config_set: - omero.certificates.owner: "/C=UK/ST=Scotland/L=Dundee/O=OME" - omero.client.icetransports: ssl,wss,tcp - omero.db.poolsize: 60 - omero.glacier2.IceSSL.Ciphers: "ADH:HIGH" - omero.glacier2.IceSSL.DefaultDir: "{{ omero_server_basedir }}/selfsigned" - omero.glacier2.IceSSL.CAs: server.pem - omero.glacier2.IceSSL.CertFile: server.p12 - # This password doesn't need to be secret - omero.glacier2.IceSSL.Password: secret - omero.jvmcfg.percent.blitz: 50 - omero.jvmcfg.percent.indexer: 20 - omero.jvmcfg.percent.pixeldata: 20 - omero.jvmcfg.system_memory: 30000 - omero.mail.config: true - omero.mail.from: "{{ omero_server_mail_from }}" - omero.mail.host: "{{ omero_server_mail_host }}" - omero.new_user_group: "My Data" - omero.server.nodedescriptors: >- - master:Blitz-0,Indexer-0,Processor-0,Storm,Tables-0 - omero.search.batch: 100 - omero.throttling.method_time.error: 60000 - - omero_server_python_addons: - - "omero-cli-duplicate=={{ omero_cli_duplicate_release }}" - - "omero-cli-render=={{ omero_cli_render_release }}" - - "omero-metadata=={{ omero_metadata_release }}" - - "omero-demo-cleanup==0.2.1" - # For OMERO.figure script - - "reportlab<3.6" - - markdown - - "omero-py>={{ omero_py_release }}" - - omero_server_selfsigned_certificates: true - - omero_web_config_set: - omero.mail.config: true - omero.mail.from: "{{ omero_server_mail_from }}" - omero.mail.host: "{{ omero_server_mail_host }}" - # https://www.openmicroscopy.org/site/support - # /omero5.3/sysadmins/public.html - omero.web.public.user: >- - {{ secret_omero_web_public_user | default('public') }} - omero.web.public.password: >- - {{ secret_omero_web_public_password | default('public') }} - omero.web.public.enabled: true - omero.web.public.server_id: 1 - omero.web.public.url_filter: "^/(webgateway/(?!(archived_files|down\ - load_as))|webclient/annotation/([0-9]+)/)" - omero.web.server_list: [["localhost", 4064, "omero"]] - # Advice is (2*cores + 1) from OME docs. - omero.web.wsgi_workers: >- - {{ (2 * (ansible_processor_count * - ansible_processor_cores)) + 1 }} - # omero.web.admins: "{{ omero_web_admins }}" - # https://pypi.org/project/omero-iviewer/ - set iviewer to default viewer - omero.web.viewer.view: omero_iviewer.views.index - omero.web.nginx_server_extra_config: - - 'include /etc/nginx/conf.d-nested-includes/*.conf;' diff --git a/molecule/resources/requirements.yml b/molecule/resources/requirements.yml deleted file mode 100644 index 248a7e23..00000000 --- a/molecule/resources/requirements.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -- src: ome.omero_common -- src: ome.basedeps -- src: ome.java -- src: ome.python3_virtualenv -- src: ome.ice -- src: ome.postgresql -- src: ome.postgresql_client -- src: ome.deploy_archive -- src: ome.omero_server -- src: ome.omero_web -- src: ome.nginx -- src: ome.redis -- src: ome.selinux_utils -- src: ome.versioncontrol_utils -- src: ome.ssl_certificate -- src: nfs_mount -- src: nfs_share -- src: iptables_raw -- src: ome.cli_utils -- src: ome.docker -- src: ome.postgresql_backup -- src: ome.omero_user -- src: ome.lvm_partition diff --git a/omero/requirements.yml b/omero/requirements.yml deleted file mode 100644 index 248a7e23..00000000 --- a/omero/requirements.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -- src: ome.omero_common -- src: ome.basedeps -- src: ome.java -- src: ome.python3_virtualenv -- src: ome.ice -- src: ome.postgresql -- src: ome.postgresql_client -- src: ome.deploy_archive -- src: ome.omero_server -- src: ome.omero_web -- src: ome.nginx -- src: ome.redis -- src: ome.selinux_utils -- src: ome.versioncontrol_utils -- src: ome.ssl_certificate -- src: nfs_mount -- src: nfs_share -- src: iptables_raw -- src: ome.cli_utils -- src: ome.docker -- src: ome.postgresql_backup -- src: ome.omero_user -- src: ome.lvm_partition