nightshade-webclients.yml

# Install OMERO.web with a public user on localhost

- hosts: ns-webclients

  roles:

    # Root LV Size
    - role: openmicroscopy.lvm-partition
      tags: lvm
      lvm_lvname: "{{ provision_root_lvname }}"
      lvm_vgname: "{{ provision_root_vgname }}"
      lvm_lvmount: /
      lvm_lvsize: "{{ provision_rootsize }}"
      lvm_lvfilesystem: "{{ provision_root_filesystem }}"

    - role: openmicroscopy.ssl-certificate
      # Configuration for this role in `vars`

    - role: openmicroscopy.nginx

    # OMERO.web configuration in host_vars in different repository
    - role: openmicroscopy.omero-web
      omero_web_release: "{{ omero_web_release_version }}"
      omero_web_systemd_limit_nofile: 16384

    # Now OME are using RHEL without Spacewalk, the current best-method of
    # checking `is server deployed in Dundee/SLS` is checking for the SLS nameservers.
    - role: openmicroscopy.system-monitor-agent
      when: "'10.1.255.216' in ansible_dns.nameservers"

  post_tasks:

    - name: Omero.web plugins | plugin install via pip & pypi
      become: yes
      pip:
        name:
        - "omero-figure=={{ omero_figure_release }}"
        - "omero-fpbioimage=={{ omero_fpbioimage_release }}"
        - "omero-iviewer=={{ omero_iviewer_release }}"
        - "omero-parade=={{ omero_parade_release }}"
        - "omero-webtagging-autotag=={{ omero_webtagging_autotag_release }}"
        - "omero-webtagging-tagsearch=={{ omero_webtagging_tagsearch_release }}"
        editable: False
        state: present
        # variable comes from role openmicroscopy.omero-web
        virtualenv: "{{ omero_web_basedir }}/venv"
        virtualenv_site_packages: yes
      notify:
        - restart omero-web

    - name: Install open-vm-tools if system is a VMware vm
      become: yes
      yum:
        name: open-vm-tools
        state: present
      when: >
           ((ansible_virtualization_type is defined)
           and (ansible_virtualization_type == "VMware"))

    # (Total cores / 2), leaving some for WSGI
    # post 2.3 'dest' should be renamed 'path'
    - name: NGINX - Performance tuning - worker processes
      become: yes
      replace:
        dest: "/etc/nginx/nginx.conf"
        regexp: '^worker_processes\s+\d+;'
        replace: "worker_processes {{ ((ansible_processor_count * ansible_processor_cores) / 2) |round|int }};"

    # post 2.3 'dest' should be renamed 'path'
    # cf https://www.digitalocean.com/community/tutorials/how-to-optimize-nginx-configuration
    - name: NGINX - Performance tuning - worker connections
      become: yes
      replace:
        dest: "/etc/nginx/nginx.conf"
        regexp: 'worker_connections\s+\d+;'
        replace: "worker_connections 65000;"

    - name: NGINX - create nested includes directory
      become: yes
      file:
        path: /etc/nginx/conf.d-nested-includes
        state: directory

    - name: NGINX - omero-web.conf nested includes
      become: yes
      lineinfile:
        destfile: /etc/nginx/conf.d/omero-web.conf
        insertafter: 'server {'
        line: '    include /etc/nginx/conf.d-nested-includes/*.conf;'
      notify:
        - restart nginx

    - name: NGINX - SSL Configuration
      become: yes
      template:
        src: templates/nginx-confdnestedincludes-ssl-conf.j2
        dest: /etc/nginx/conf.d-nested-includes/ssl.conf
      notify:
        - restart nginx

    - name: NGINX - Custom Paper Redirect
      become: yes
      template:
        src: templates/nginx-confdnestedincludes-ns-pub-redirects-conf.j2
        dest: /etc/nginx/conf.d-nested-includes/ns-pub-redirects.conf
      notify:
        - restart nginx

    - name: Config for OMERO.web plugins
      become: yes
      template:
        src: templates/omero-web-config-for-webapps.j2
        dest: "{{ omero_web_basedir }}/config/omero-web-config-for-webapps.omero"
        owner: "root"
        group: "root"
        mode: "u=rw,go=r"
      notify:
        - restart omero-web

  vars:
    omero_web_config_set: "{{ omero_web_config_set_for_group | combine(omero_web_config_set_for_host) }}"
    omero_figure_release: "{{ omero_figure_release_override | default('4.0.2') }}"
    omero_fpbioimage_release: "{{ omero_fpbioimage_release_override | default('0.3.0') }}"
    omero_iviewer_release: "{{ omero_iviewer_release_override | default('0.7.0') }}"
    omero_parade_release: "{{ omero_parade_release_override | default('0.1.2') }}"
    omero_webtagging_autotag_release: "{{ omero_webtagging_autotag_release_override | default('3.0.2') }}"
    omero_webtagging_tagsearch_release: "{{ omero_webtagging_tagsearch_release_override | default('3.0.3') }}"
    omero_web_release_version: "{{ omero_web_release_version_override | default('5.5.0') }}"
    nginx_version: 1.14.2
    # Disable SSL combined certificate and key
    ssl_certificate_combined_path: ''


- include: omero/omero-web-patch-settings.yml