diff --git a/bin/install-ansible b/bin/install-ansible
index 12561c6..7b994b8 100755
--- a/bin/install-ansible
+++ b/bin/install-ansible
@@ -8,7 +8,10 @@ if [[ $ID = "amzn" ]]; then
python3-devel \
python3-pip \
python2-boto3 \
- python2-botocore
+ python2-botocore \
+ python-pip
+
+ python -m pip install lxml
else
# FIXME: Currently assumes Debian-based
diff --git a/group_vars/all.yml b/group_vars/all.yml
index be198a3..a1f64d8 100644
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -9,7 +9,7 @@
#
# https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html
-java_version: "8"
+java_major_version: "8"
postgres_version: "9.6"
git_version: "2.14.4"
atl_shared_mountpoint: "/media/atl"
diff --git a/roles/confluence_config/defaults/main.yml b/roles/confluence_config/defaults/main.yml
index 4bd4d10..d39d683 100644
--- a/roles/confluence_config/defaults/main.yml
+++ b/roles/confluence_config/defaults/main.yml
@@ -2,9 +2,7 @@
atl_jvm_heap: "2048m"
atl_fonts_fallback_dirs:
- - "{{ atl_java_home }}/lib/fonts/fallback/"
- - "{{ atl_jre_home }}/lib/fonts/fallback/"
-
+ - "{{ atl_java_home }}/lib/fonts/fallback/"
atl_autologin_cookie_age: "{{ lookup('env', 'ATL_AUTOLOGIN_COOKIE_AGE') }}"
diff --git a/roles/confluence_config/molecule/default/tests/test_default.py b/roles/confluence_config/molecule/default/tests/test_default.py
index d3ff80e..337240b 100644
--- a/roles/confluence_config/molecule/default/tests/test_default.py
+++ b/roles/confluence_config/molecule/default/tests/test_default.py
@@ -81,8 +81,7 @@ def test_confluence_config_file(host):
assert f.contains('select 1;')
@pytest.mark.parametrize('font', [
-# '/usr/lib/jvm/java/lib/fonts/fallback/NotoSansJavanese-Regular.ttf',
-# '/usr/lib/jvm/jre/lib/fonts/fallback/NotoSansJavanese-Regular.ttf'
+# '/usr/lib/jvm/java/lib/fonts/fallback/NotoSansJavanese-Regular.ttf'
'/opt/atlassian/confluence/current/jre/lib/fonts/fallback/NotoSansJavanese-Regular.ttf'
])
def test_fonts_installed_and_linked(host, font):
diff --git a/roles/confluence_config/molecule/system_jdk/tests/test_default.py b/roles/confluence_config/molecule/system_jdk/tests/test_default.py
index 7cb395e..600b059 100644
--- a/roles/confluence_config/molecule/system_jdk/tests/test_default.py
+++ b/roles/confluence_config/molecule/system_jdk/tests/test_default.py
@@ -12,8 +12,7 @@ def test_seraph_file(host):
assert f.contains('COOKIEAGE')
@pytest.mark.parametrize('font', [
- '/usr/lib/jvm/java/lib/fonts/fallback/NotoSansJavanese-Regular.ttf',
- '/usr/lib/jvm/jre/lib/fonts/fallback/NotoSansJavanese-Regular.ttf'
+ '/usr/lib/jvm/java/lib/fonts/fallback/NotoSansJavanese-Regular.ttf'
])
def test_fonts_installed_and_linked(host, font):
f = host.file(font)
diff --git a/roles/confluence_config/tasks/amazon_fonts.yml b/roles/confluence_config/tasks/amazon_fonts.yml
index 4fc5302..8fa2bda 100644
--- a/roles/confluence_config/tasks/amazon_fonts.yml
+++ b/roles/confluence_config/tasks/amazon_fonts.yml
@@ -5,8 +5,8 @@
name:
- "google-noto-*"
-- name: Link the language fonts into the JDK/JRE
- # Not idiomatic, but cleaner that messing with nested lookups...
+- name: Link the language fonts into the JDK
+ # Not idiomatic, but cleaner than messing with nested lookups...
shell:
cmd: "ln -sf /usr/share/fonts/google-noto*/* {{ item }}/"
creates: "{{ item }}/NotoSansJavanese-Regular.ttf"
diff --git a/roles/confluence_config/tasks/main.yml b/roles/confluence_config/tasks/main.yml
index 07b202c..ea807bb 100644
--- a/roles/confluence_config/tasks/main.yml
+++ b/roles/confluence_config/tasks/main.yml
@@ -52,7 +52,6 @@
insertafter: "EOF"
line: 'export CATALINA_OPTS="${CATALINA_OPTS} {{ atl_catalina_opts }} {{ atl_catalina_opts_extra }}"'
-
- name: Configure login properties
template:
src: seraph-config.xml.j2
diff --git a/roles/confluence_config/tasks/ubuntu_fonts.yml b/roles/confluence_config/tasks/ubuntu_fonts.yml
index 084aa3f..20fcbb1 100644
--- a/roles/confluence_config/tasks/ubuntu_fonts.yml
+++ b/roles/confluence_config/tasks/ubuntu_fonts.yml
@@ -5,8 +5,8 @@
name:
- "fonts-noto"
-- name: Link the language fonts into the JDK/JRE
- # Not idiomatic, but cleaner that messing with nested lookups...
+- name: Link the language fonts into the JDK
+ # Not idiomatic, but cleaner than messing with nested lookups...
shell:
cmd: "ln -sf /usr/share/fonts/truetype/noto/* {{ item }}/"
creates: "{{ item }}/NotoSansJavanese-Regular.ttf"
diff --git a/roles/jira_config/tasks/main.yml b/roles/jira_config/tasks/main.yml
index 11cf442..9f03d5b 100644
--- a/roles/jira_config/tasks/main.yml
+++ b/roles/jira_config/tasks/main.yml
@@ -28,6 +28,9 @@
remote_src: true
src: "{{ atl_product_home_shared }}/jira-config.properties"
dest: "{{ atl_product_home }}/jira-config.properties"
+ owner: "{{ atl_product_user }}"
+ group: "{{ atl_product_user }}"
+ mode: 0644
when: jira_config_properties.stat.exists
- name: Override JVM memory settings.
diff --git a/roles/product_common/defaults/main.yml b/roles/product_common/defaults/main.yml
index 4e9f728..f8a46fd 100644
--- a/roles/product_common/defaults/main.yml
+++ b/roles/product_common/defaults/main.yml
@@ -5,3 +5,11 @@ postgres_version: "9.6"
# Disable these when using the product installer, otherwise we end up
# fighting with it.
atl_use_system_jdk: false
+
+# Ubuntu and Ansible use different architecture nomenclature; provide
+# an easy method for translating between them
+debian_architecture_translations:
+ x86_64: amd64
+ aarch64: arm64
+
+debian_architecture: "{{ debian_architecture_translations[ansible_architecture] | default(ansible_architecture) }}"
diff --git a/roles/product_common/molecule/system_jdk/tests/test_default.py b/roles/product_common/molecule/system_jdk/tests/test_default.py
index e615c9f..39a5436 100644
--- a/roles/product_common/molecule/system_jdk/tests/test_default.py
+++ b/roles/product_common/molecule/system_jdk/tests/test_default.py
@@ -15,8 +15,7 @@ def test_user_created(host):
@pytest.mark.parametrize('exe', [
'/usr/bin/git',
'/usr/bin/javac',
- '/usr/lib/jvm/java/bin/java',
- '/usr/lib/jvm/java/jre/bin/java'
+ '/usr/lib/jvm/java/bin/java'
])
def test_package_exes(host, exe):
assert host.file(exe).exists
diff --git a/roles/product_common/tasks/amazon.yml b/roles/product_common/tasks/amazon.yml
index 4d33f79..fad01a6 100644
--- a/roles/product_common/tasks/amazon.yml
+++ b/roles/product_common/tasks/amazon.yml
@@ -1,10 +1,33 @@
---
-- name: Install JDK if necessary on Amazon Linux
- yum:
- name:
- - java-1.{{ java_major_version }}.0-openjdk-devel
+- name: Add AdoptOpenJDK repo and install if necessary on Amazon Linux
+ block:
+
+ - name: Add AdoptOpenJDK yum repository
+ yum_repository:
+ name: AdoptOpenJDK
+ file: adoptopenjdk
+ description: AdoptOpenJDK Repo
+ baseurl: "https://adoptopenjdk.jfrog.io/adoptopenjdk/rpm/amazonlinux/{{ ansible_distribution_version }}/{{ ansible_architecture }}/"
+ gpgkey: https://adoptopenjdk.jfrog.io/adoptopenjdk/api/gpg/key/public
+ gpgcheck: yes
+ state: present
+
+ - name: Install AdoptOpenJDK
+ yum:
+ name: "adoptopenjdk-{{ java_major_version }}-hotspot"
+ state: present
+
+ - name: Ensure common JDK symlink exists
+ alternatives:
+ link: "/usr/lib/jvm/java"
+ name: "java_sdk"
+ path: "/usr/lib/jvm/adoptopenjdk-{{ java_major_version }}-hotspot"
+ priority: 99
+
when: atl_use_system_jdk
+ tags:
+ - runtime_pkg
- name: Install other base packages on Amazon Linux
yum:
diff --git a/roles/product_common/tasks/ubuntu.yml b/roles/product_common/tasks/ubuntu.yml
index 0b033c5..c90b6bc 100644
--- a/roles/product_common/tasks/ubuntu.yml
+++ b/roles/product_common/tasks/ubuntu.yml
@@ -1,25 +1,35 @@
---
-- name: Install JDK if necessary on Ubuntu
+- name: Add AdoptOpenJDK repo and install if necessary on Ubuntu
block:
- - name: Install JDK package
- package:
- name:
- - openjdk-{{ java_major_version }}-jdk-headless
+ - name: Install gnupg
+ apt:
+ name: gnupg
+ state: present
+
+ - name: Add AdoptOpenJDK debian repo public key
+ apt_key:
+ url: https://adoptopenjdk.jfrog.io/adoptopenjdk/api/gpg/key/public
+ state: present
+
+ - name: Add AdoptOpenJDK debian repository
+ apt_repository:
+ repo: "deb https://adoptopenjdk.jfrog.io/adoptopenjdk/deb {{ ansible_distribution_release }} main"
+ state: present
+ filename: adoptopenjdk
+
+ - name: Install AdoptOpenJDK
+ apt:
+ name: "adoptopenjdk-{{ java_major_version }}-hotspot"
+ update_cache: yes
+ state: present
- name: Ensure common JDK symlink exists
alternatives:
link: "/usr/lib/jvm/java"
name: "java_sdk"
- path: "/usr/lib/jvm/java-8-openjdk-amd64"
- priority: 99
-
- - name: Ensure common JRE symlink exists
- alternatives:
- link: "/usr/lib/jvm/jre"
- name: "jre"
- path: "/usr/lib/jvm/java-8-openjdk-amd64/jre"
+ path: "/usr/lib/jvm/adoptopenjdk-{{ java_major_version }}-hotspot-{{ debian_architecture }}"
priority: 99
when: atl_use_system_jdk
diff --git a/roles/product_startup/defaults/main.yml b/roles/product_startup/defaults/main.yml
index 45d6f8a..70b7708 100644
--- a/roles/product_startup/defaults/main.yml
+++ b/roles/product_startup/defaults/main.yml
@@ -14,6 +14,11 @@ atl_startup_exec_path: "{{ atl_product_installation_current }}/{{ atl_startup_sc
atl_startup_exec_options: ["-fg"]
atl_startup_systemd_params: []
+atl_systemd_service_dir_map:
+ amazon: "/usr/lib/systemd/system"
+ ubuntu: "/lib/systemd/system"
+atl_systemd_service_dir: "{{ atl_systemd_service_dir_map[ansible_distribution|lower] }}"
+
atl_systemd_service_name: "{{ atl_product_edition }}.service"
atl_systemd_service_target: "multi-user.target"
diff --git a/roles/product_startup/molecule/bitbucket/playbook.yml b/roles/product_startup/molecule/bitbucket/playbook.yml
index bc50920..dffb8ea 100644
--- a/roles/product_startup/molecule/bitbucket/playbook.yml
+++ b/roles/product_startup/molecule/bitbucket/playbook.yml
@@ -29,8 +29,11 @@
pre_tasks:
- name: Create systemd dir if necessary
file:
- path: '/usr/lib/systemd/system/'
+ path: "{{ item }}"
state: directory
+ with_items:
+ - '/usr/lib/systemd/system/'
+ - '/lib/systemd/system/'
roles:
- role: product_startup
diff --git a/roles/product_startup/molecule/bitbucket/tests/test_default.py b/roles/product_startup/molecule/bitbucket/tests/test_default.py
index 066728b..c895f75 100644
--- a/roles/product_startup/molecule/bitbucket/tests/test_default.py
+++ b/roles/product_startup/molecule/bitbucket/tests/test_default.py
@@ -7,7 +7,8 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
def test_service_file(host):
- f = host.file('/lib/systemd/system/bitbucket.service')
+ systemd_prefix = "/lib" if host.system_info.distribution == "ubuntu" else "/usr/lib"
+ f = host.file(systemd_prefix+'/systemd/system/bitbucket.service')
assert f.contains("^ExecStart=/opt/atlassian/bitbucket/current/bin/start-bitbucket.sh -fg --no-search$")
assert f.contains("^UMask=0027$")
assert f.contains("^LimitNOFILE=4096$")
diff --git a/roles/product_startup/molecule/default/playbook.yml b/roles/product_startup/molecule/default/playbook.yml
index 71e2f53..5cff089 100644
--- a/roles/product_startup/molecule/default/playbook.yml
+++ b/roles/product_startup/molecule/default/playbook.yml
@@ -12,8 +12,11 @@
pre_tasks:
- name: Create systemd dir if necessary
file:
- path: '/usr/lib/systemd/system/'
+ path: "{{ item }}"
state: directory
+ with_items:
+ - '/usr/lib/systemd/system/'
+ - '/lib/systemd/system/'
roles:
- role: product_startup
diff --git a/roles/product_startup/molecule/default/tests/test_default.py b/roles/product_startup/molecule/default/tests/test_default.py
index 2675e00..d3b1994 100644
--- a/roles/product_startup/molecule/default/tests/test_default.py
+++ b/roles/product_startup/molecule/default/tests/test_default.py
@@ -7,7 +7,8 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
def test_service_file(host):
- f = host.file('/lib/systemd/system/jira-software.service')
+ systemd_prefix = "/lib" if host.system_info.distribution == "ubuntu" else "/usr/lib"
+ f = host.file(systemd_prefix+'/systemd/system/jira-software.service')
assert f.contains("^ExecStart=/opt/atlassian/jira-software/current/bin/start-jira.sh -fg$")
assert f.user == 'root'
assert f.group == 'root'
diff --git a/roles/product_startup/molecule/synchrony/playbook.yml b/roles/product_startup/molecule/synchrony/playbook.yml
index 0ee7b71..b4fa14b 100644
--- a/roles/product_startup/molecule/synchrony/playbook.yml
+++ b/roles/product_startup/molecule/synchrony/playbook.yml
@@ -20,8 +20,11 @@
pre_tasks:
- name: Create systemd dir if necessary
file:
- path: '/usr/lib/systemd/system/'
+ path: "{{ item }}"
state: directory
+ with_items:
+ - '/usr/lib/systemd/system/'
+ - '/lib/systemd/system/'
roles:
- role: product_startup
diff --git a/roles/product_startup/molecule/synchrony/tests/test_default.py b/roles/product_startup/molecule/synchrony/tests/test_default.py
index 5e21f1f..0e748f5 100644
--- a/roles/product_startup/molecule/synchrony/tests/test_default.py
+++ b/roles/product_startup/molecule/synchrony/tests/test_default.py
@@ -7,7 +7,8 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
def test_service_file(host):
- f = host.file('/lib/systemd/system/synchrony.service')
+ systemd_prefix = "/lib" if host.system_info.distribution == "ubuntu" else "/usr/lib"
+ f = host.file(systemd_prefix+'/systemd/system/synchrony.service')
assert f.contains("^ExecStart=/opt/atlassian/bin/start-synchrony$")
assert f.contains("^EnvironmentFile=/etc/atl$")
assert f.contains("^EnvironmentFile=/etc/atl.synchrony$")
diff --git a/roles/product_startup/tasks/main.yml b/roles/product_startup/tasks/main.yml
index 5dbd7e9..99a40e4 100644
--- a/roles/product_startup/tasks/main.yml
+++ b/roles/product_startup/tasks/main.yml
@@ -1,17 +1,9 @@
---
-- name: "Set the systemd_dir"
- set_fact:
- systemd_dir: "{% if ansible_distribution|lower=='ubuntu' %}/lib/systemd/system{% else %}/usr/lib/systemd/system{% endif %}"
-
-- name: "systemd_dir debug"
- debug:
- msg: "systemd_dir {{ systemd_dir }}"
-
- name: "Install systemd service file"
template:
src: "product.service.j2"
- dest: "{{ systemd_dir }}/{{ atl_systemd_service_name }}"
+ dest: "{{ atl_systemd_service_dir }}/{{ atl_systemd_service_name }}"
owner: root
group: root
mode: 0640