# install redmine
- hosts: redmine_servers
become: true
become_method: su
environment: "{{ proxy_env }}"
vars:
redmine_path: /srv/redmine
tasks:
- name: check facts
fail:
msg: "Not compatible with [{{ ansible_os_family }}] {{ ansible_distribution }} {{ ansible_distribution_major_version }}."
when: ansible_os_family != 'RedHat' or ansible_distribution_major_version|int != 7
- name: install RPMs
yum:
name:
- yum-utils
- httpd
state: latest
- name: install docker
shell: yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
changed_when: False
- yum: name=docker-ce state=latest
notify:
- restart Docker
- name: set proxy for docker
file: path=/etc/systemd/system/docker.service.d state=directory
when: proxy_env.http_proxy is defined
- copy:
dest: /etc/systemd/system/docker.service.d/http-proxy.conf
force: no
content: "[Service]\nEnvironment = \"http_proxy={{ proxy_env.http_proxy }}\" \"https_proxy={{ proxy_env.https_proxy }}\"\n"
when: proxy_env.http_proxy is defined
- meta: flush_handlers
- name: install docker-compose
stat: path=/usr/local/bin/docker-compose
register: result01
- shell: |
curl --location --output /usr/local/bin/docker-compose \
$(curl --silent --show-error \
https://api.github.com/repos/docker/compose/releases/latest \
| grep 'Linux-x86_64"' \
| grep url \
| cut --delimiter='"' --fields=4 \
)
chmod +x /usr/local/bin/docker-compose
args:
warn: false
when: result01.stat.exists == false
- name: "create {{ redmine_path }}"
file: path={{ redmine_path }} state=directory
register: result02
- shell: |
/usr/sbin/matchpathcon {{ redmine_path }}
/usr/sbin/semanage fcontext --add --type container_file_t {{ redmine_path }}
/usr/sbin/restorecon -v {{ redmine_path }}
/usr/sbin/matchpathcon {{ redmine_path }}
args:
warn: false
when: result02.changed == true
- name: create config files
file: path={{ redmine_path }}/config state=directory
- copy:
src: configuration.yml
dest: "{{ redmine_path }}/config/configuration.yml"
force: no
- copy:
dest: "{{ redmine_path }}/config/additional_environment.rb"
force: no
content: |
config.cache_store = :mem_cache_store, "memcached"
config.logger = Logger.new("#{Rails.root}/log/#{ENV['RAILS_ENV']}.log", 50, 1000000)
config.logger.level = Logger::INFO
- copy:
dest: "{{ redmine_path }}/Gemfile.local"
force: no
content: "gem 'dalli'\n"
- file: path={{ redmine_path }}/../mysql/conf.d state=directory
- copy:
dest: "{{ redmine_path }}/../mysql/conf.d/redmine.cnf"
force: no
content: |
[mysqld]
innodb_buffer_pool_size = 536870912
innodb_log_file_size = 201326592
- name: create a parent dir of git-repos
file:
path: /var/lib/git
owner: nobody
group: users
state: directory
mode: 02775
register: result03
- shell: |
/usr/sbin/semanage fcontext -a -t httpd_git_content_t "/var/lib/git(/.*)?"
/usr/sbin/restorecon -Rv /var/lib/git
args:
warn: false
when: result03.changed == true
- name: docker-compose up
template:
src: docker-compose.yml
dest: "{{ redmine_path }}/docker-compose.yml"
force: no
- template:
src: docker-env
dest: "{{ redmine_path }}/.env"
force: no
mode: 0400
- shell: docker-compose --project-directory {{ redmine_path }} up --detach
args:
chdir: "{{ redmine_path }}"
register: result04
changed_when: '" is up-to-date" not in result04.stderr'
- name: wait for Completed 200 OK
shell: docker container logs redmine 2>/dev/null | tail -15
register: result05
changed_when: false
until: '"Completed 200 OK " in result05.stdout'
retries: 100
delay: 5
- name: set db password file
slurp:
src: "{{ redmine_path }}/.env"
register: result06
- copy:
dest: ~/.my.cnf.org
force: no
content: "[client]\nuser = redmine\npassword = {{ result06['content'] | b64decode | regex_findall('REDMINE_DB_PASSWORD=(.+)\\n') | first }}\nhost = localhost\n"
register: result07
- shell: docker cp ~/.my.cnf.org mysql:root/.my.cnf
when: result07.changed
- name: load default data
shell: docker exec {% if proxy_env.http_proxy is defined -%}
-e HTTP_PROXY={{ proxy_env.http_proxy }} -e HTTPS_PROXY={{ proxy_env.https_proxy }} {% endif -%}
redmine bundle exec rake redmine:load_default_data RAILS_ENV=production REDMINE_LANG=ja
register: result08
changed_when: '" is already loaded." not in result08.stdout'
- name: update roles
shell: |
cat << '_EOQ_' | docker exec -i mysql mysql redmine
UPDATE `roles` SET `permissions` = NULL WHERE `id` = '1' OR `id` = '2';
_EOQ_
changed_when: false
- name: insert settings
shell: |
cat << '_EOQ_' | docker exec -i mysql mysql redmine
SELECT count(*) FROM `settings`
_EOQ_
changed_when: false
register: result09
- shell: |
cat settings.sql | docker exec --interactive mysql mysql redmine && \
docker exec redmine passenger-config restart-app /usr/src/redmine
when: result09.stdout_lines[1] == "0"
- name: clear rails cache
shell: docker exec {% if proxy_env.http_proxy is defined -%}
-e HTTP_PROXY={{ proxy_env.http_proxy }} -e HTTPS_PROXY={{ proxy_env.https_proxy }} {% endif -%}
redmine bundle exec rails runner 'Rails.cache.clear'
changed_when: false
- name: bundle install
shell: docker exec {% if proxy_env.http_proxy is defined -%}
-e HTTP_PROXY={{ proxy_env.http_proxy }} -e HTTPS_PROXY={{ proxy_env.https_proxy }} {% endif -%}
redmine bundle install
changed_when: false
- name: restart passenger
shell: docker exec {% if proxy_env.http_proxy is defined -%}
-e HTTP_PROXY={{ proxy_env.http_proxy }} -e HTTPS_PROXY={{ proxy_env.https_proxy }} {% endif -%}
redmine passenger-config restart-app /usr/src/redmine
changed_when: false
- name: modify httpd.conf for redmine
copy:
dest: /etc/httpd/conf.d/proxy-redmine.conf
force: no
mode: 0644
content: |
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
ProxyPassMatch /git.* !
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
register: result10
- shell: /usr/sbin/setsebool -P httpd_can_network_connect 1
when: result10.changed == true
notify:
- restart Apache
- name: open ports
firewalld:
service: "{{ item }}"
permanent: true
state: enabled
immediate: yes
loop:
- http
- https
handlers:
- name: restart Docker
systemd:
name: docker
state: restarted
daemon_reload: yes
enabled: yes
- name: restart Apache
systemd:
name: httpd
state: restarted
daemon_reload: yes
enabled: yes