crowd

aws_crowd_dc_node.yml

@@ -0,0 +1,19 @@
+---
+- hosts: aws_node_local
+  become: true
+
+  vars:
+    # See group_vars/aws_node_local.yml, which pull vars from the environment.
+    atl_product_family: "crowd"
+    atl_product_user: "crowd"
+    atl_product_edition: "crowd"
+
+  roles:
+    - role: linux_common
+    - role: aws_common
+    - role: aws_efs_config
+    - role: product_common
+    - role: product_install
+    - role: database_init
+    - role: crowd_config
+    - role: product_startup

group_vars/aws_node_local.yml

@@ -24,6 +24,7 @@ atl_product_shared_home_map:
   confluence: "confluence/shared-home"
   jira: "jira/shared"
   stash: "bitbucket/shared"
+  crowd: "crowd/shared"
 atl_product_home_shared: "{{ atl_shared_mountpoint }}/{{ atl_product_shared_home_map[atl_product_family] }}"
 atl_product_shared_plugins: "{{ atl_product_home_shared }}/plugins/installed-plugins"
 

roles/aws_common/tasks/main.yml

@@ -11,4 +11,4 @@
 - name: Use EC2 instance ID for cluster node ID
   set_fact:
     atl_cluster_node_id: "{{ ansible_ec2_instance_id }}"
-    atl_local_ipv4: "{{ ansible_ec2_local_ipv4 | default(ansible_default_ipv4.address) }}"
+    atl_local_ipv4: "{{ ansible_ec2_local_ipv4 | default(ansible_default_ipv4) }}"

roles/aws_efs_config/tasks/main.yml

@@ -5,6 +5,7 @@
     state: directory
     path: "{{ atl_shared_mountpoint }}"
     mode: 0755
+  when: atl_product_edition!= "crowd"
 
 - name: Enable mountpoint in fstab
   mount:
@@ -13,3 +14,4 @@
     fstype: efs
     opts: "defaults,_netdev"
     state: mounted
+  when: atl_product_edition!= "crowd"

roles/crowd_config/defaults/main.yml

@@ -0,0 +1,38 @@
+---
+
+atl_jvm_heap: "2048m"
+
+atl_catalina_opts: ""
+atl_catalina_opts_extra: >-
+  -XX:+UseG1GC
+  -XX:+PrintAdaptiveSizePolicy
+  -XX:+UseGCLogFileRotation
+  -XX:+PrintTenuringDistribution
+  -Dfile.encoding=UTF-8
+
+atl_tomcat_mgmt_port: "8020"
+atl_tomcat_acceptcount: "10"
+atl_tomcat_connectiontimeout: "20000"
+atl_tomcat_enablelookups: "false"
+atl_tomcat_maxthreads: "200"
+atl_tomcat_minsparethreads: "10"
+atl_tomcat_port: "8080"
+atl_tomcat_redirectport: "8443"
+atl_tomcat_secure: "true"
+atl_tomcat_scheme: "https"
+atl_proxy_port: "443"
+atl_tomcat_protocol: "HTTP/1.1"
+atl_tomcat_contextpath: ""
+
+atl_db_poolminsize: '20'
+atl_db_poolmaxsize: '100'
+atl_db_minidle: '10'
+atl_db_maxidle: '20'
+
+atl_db_maxwaitmillis: '30000'
+atl_db_timebetweenevictionrunsmillis: '30000'
+atl_db_minevictableidletimemillis: '5000'
+atl_db_removeabandoned: 'true'
+atl_db_removeabandonedtimeout: '300'
+atl_db_testwhileidle: 'true'
+atl_db_testonborrow: 'false'

roles/crowd_config/tasks/main.yml

@@ -0,0 +1,83 @@
+---
+
+
+- name: Create database config
+  template:
+    src: dbconfig.xml.j2
+    dest: "{{ atl_product_home }}/dbconfig.xml"
+    owner: "{{ atl_product_user }}"
+
+- name: Create cluster config
+  template:
+    src: cluster.properties.j2
+    dest: "{{ atl_product_home }}/cluster.properties"
+    owner: "{{ atl_product_user }}"
+
+- name: Create server config
+  template:
+    src: server.xml.j2
+    dest: "{{ atl_product_installation_versioned }}/atlassian-crowd-{{atl_product_version}}/apache-tomcat/conf/server.xml"
+
+- name: Override JVM memory settings.
+  # Ugly but necessary as the product installs this file so we need to make the change here.
+  lineinfile:
+    path: "{{ atl_product_installation_versioned }}/atlassian-crowd-{{atl_product_version}}/apache-tomcat/bin/setenv.sh"
+    backrefs: true
+    regexp: "^{{ item }}="
+    line: "{{ item }}=\"{{ atl_jvm_heap }}\""
+  with_items:
+    - 'JVM_MINIMUM_MEMORY'
+    - 'JVM_MAXIMUM_MEMORY'
+
+- name: Set Crowd home directory
+  lineinfile:
+    path: "{{ atl_product_installation_versioned }}/atlassian-crowd-{{atl_product_version}}/apache-tomcat/bin/setenv.sh"
+    regexp: "CROWD_HOME="
+    line: 'CROWD_HOME="{{ atl_product_home }}"'
+
+- name: Set the Tomcat environment
+  lineinfile:
+    path: "{{ atl_product_installation_versioned }}/atlassian-crowd-{{atl_product_version}}/apache-tomcat/bin/setenv.sh"
+    insertafter: "EOF"
+    line: 'export CATALINA_OPTS="${CATALINA_OPTS} {{ atl_catalina_opts }} {{ atl_catalina_opts_extra }}"'
+
+- name: Create application directories
+  file:
+    path: "{{ item }}"
+    state: directory
+    mode: 0750
+    owner: "{{ atl_product_user }}"
+    group: "{{ atl_product_user }}"
+  with_items:
+    - "{{ atl_product_home }}"
+    - "{{ atl_product_home_shared }}"
+    - "{{ atl_product_shared_plugins }}"
+  changed_when: false  # For Molecule idempotence check
+
+
+- name: Limit permissions on the installation directory
+  file:
+    path: "{{ atl_product_installation_versioned }}"
+    owner: "root"
+    group: "root"
+    mode: "u=rwX,g=rX,o=rX"
+    recurse: true
+  with_items:
+    - "{{ atl_installer_temp }}"
+    - "{{ atl_product_installation_versioned }}"
+    - "{{ atl_product_version_cache_dir }}"
+  changed_when: false  # For Molecule idempotence check
+
+- name: Grant access to the product working directories
+  file:
+    path: "{{ item }}"
+    state: directory
+    mode: "u=rwX,g=rX,o-rwx"
+    owner: "{{ atl_product_user }}"
+    group: "{{ atl_product_user }}"
+    recurse: true
+  with_items:
+    - "{{ atl_product_installation_versioned }}/logs"
+    - "{{ atl_product_installation_versioned }}/temp"
+    - "{{ atl_product_installation_versioned }}/work"
+  changed_when: false  # For Molecule idempotence check

roles/crowd_config/templates/cluster.properties.j2

@@ -0,0 +1,2 @@
+crowd.node.id = {{ atl_cluster_node_id }}
+crowd.shared.home = {{ atl_product_home_shared }}

roles/crowd_config/templates/dbconfig.xml.j2

@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<jira-database-config>
+  <name>defaultDS</name>
+  <delegator-name>default</delegator-name>
+  <database-type>postgres72</database-type>
+  <schema-name>public</schema-name>
+  <jdbc-datasource>
+    <url>{{ atl_jdbc_url }}</url>
+    <username>{{ atl_jdbc_user }}</username>
+    <password>{{ atl_jdbc_password }}</password>
+    <driver-class>{{ atl_db_driver }}</driver-class>
+
+    <pool-min-size>{{ atl_db_poolminsize }}</pool-min-size>
+    <pool-max-size>{{ atl_db_poolmaxsize }}</pool-max-size>
+    <pool-min-idle>{{ atl_db_minidle }}</pool-min-idle>
+    <pool-max-idle>{{ atl_db_maxidle }}</pool-max-idle>
+
+    <pool-max-wait>{{ atl_db_maxwaitmillis }}</pool-max-wait>
+    <validation-query>select 1</validation-query>
+    <time-between-eviction-runs-millis>{{ atl_db_timebetweenevictionrunsmillis }}</time-between-eviction-runs-millis>
+    <min-evictable-idle-time-millis>{{ atl_db_minevictableidletimemillis }}</min-evictable-idle-time-millis>
+    <pool-remove-abandoned>{{ atl_db_removeabandoned }}</pool-remove-abandoned>
+    <pool-remove-abandoned-timeout>{{ atl_db_removeabandonedtimeout }}</pool-remove-abandoned-timeout>
+    <pool-test-while-idle>{{ atl_db_testwhileidle }}</pool-test-while-idle>
+    <pool-test-on-borrow>{{ atl_db_testonborrow }}</pool-test-on-borrow>
+  </jdbc-datasource>
+</jira-database-config>

roles/crowd_config/templates/server.xml.j2

@@ -0,0 +1,28 @@
+<Server port="{{ atl_tomcat_mgmt_port }}" shutdown="SHUTDOWN">
+
+    <Service name="Catalina">
+
+        <Connector acceptCount="{{ atl_tomcat_acceptcount }}" connectionTimeout="{{ atl_tomcat_connectiontimeout }}" disableUploadTimeout="true" enableLookups="{{ atl_tomcat_enablelookups }}" maxHttpHeaderSize="8192" maxThreads="{{ atl_tomcat_maxthreads }}" minSpareThreads="{{ atl_tomcat_minsparethreads }}" port="{{ atl_tomcat_port }}" redirectPort="{{ atl_tomcat_redirectport }}" useBodyEncodingForURI="true" URIEncoding="UTF-8" compression="on" sendReasonPhrase="true" compressableMimeType="text/html,text/xml,application/xml,text/plain,text/css,application/json,application/javascript,application/x-javascript" secure="{{ atl_tomcat_secure }}" scheme="{{ atl_tomcat_scheme }}" proxyName="{{ atl_proxy_name }}" proxyPort="{{ atl_proxy_port }}" protocol="{{ atl_tomcat_protocol }}"></Connector>
+
+        <Engine defaultHost="localhost" name="Catalina">
+            <Host appBase="webapps" autoDeploy="true" name="localhost" unpackWARs="true"><Context path="{{ atl_tomcat_contextpath }}" docBase="${catalina.home}/atlassian-crowd" debug="0"><Manager pathname=""></Manager></Context></Host>
+        </Engine>
+
+        <!-- To connect to an external web server (typically Apache) -->
+        <!-- Define an AJP 1.3 Connector on port 8009 -->
+        <!--
+            <Connector port="8009" enableLookups="{{ atl_tomcat_enablelookups }}" redirectPort="{{ atl_tomcat_redirectport }}" protocol=""AJP/1.3"" />
+        -->
+    <Connector port="{{ atl_tomcat_redirectport }}" protocol="{{ atl_tomcat_protocol }}" relaxedPathChars="[]|" relaxedQueryChars='[]|{}^\`"&lt;&gt;' maxHttpHeaderSize="65536" URIEncoding="UTF-8" connectionTimeout="{{ atl_tomcat_connectiontimeout }}" useBodyEncodingForURI="true" compression="on" compressableMimeType="text/html,text/xml,text/plain,text/css,application/json,application/javascript,application/x-javascript"></Connector></Service>
+
+    <!-- Security listener. Documentation at /docs/config/listeners.html
+    <Listener className="org.apache.catalina.security.SecurityListener" />
+    -->
+    <!--APR library loader. Documentation at /docs/apr.html -->
+    <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on"></Listener>
+    <!-- Prevent memory leaks due to use of particular java/javax APIs-->
+    <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"></Listener>
+    <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"></Listener>
+    <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"></Listener>
+
+</Server>

roles/nfs_mount/tasks/main.yml

@@ -7,6 +7,7 @@
     mode: 0755
     owner: "{{ atl_product_user }}"
     group: "{{ atl_product_user }}"
+  when: atl_product_edition!= "crowd"
 
 - name: Enable mountpoint in fstab
   mount:
@@ -15,3 +16,4 @@
     fstype: nfs
     opts: "rw,nfsvers=4.1,lookupcache=pos,noatime,intr,rsize=32768,wsize=32768,_netdev"
     state: mounted
+  when: atl_product_edition!= "crowd"

roles/product_install/defaults/main.yml

@@ -10,10 +10,13 @@ atl_product_version_cache: "{{ atl_product_home_shared }}/{{ atl_product_edition
 
 atl_release_base_url: "https://product-downloads.atlassian.com/software"
 atl_product_base_url: "{{ atl_release_base_url }}/{{ atl_product_family }}/downloads"
-atl_product_download_url: "{{ atl_product_base_url }}/atlassian-{{ atl_download_edition | default(atl_product_edition) }}-{{ atl_product_version }}-x64.bin"
+atl_product_download_url: "{{ atl_product_base_url }}/atlassian-{{ atl_download_edition | default(atl_product_edition) }}-{{ atl_product_version }}-x64.bin "
+atl_crowd_download_url: "{{ atl_product_base_url }}/atlassian-{{ atl_download_edition | default(atl_product_edition) }}-{{ atl_product_version }}.tar.gz"
+atl_crowd_latest_url: "https://www.atlassian.com/software/crowd/downloads/binary/crowd-standalone-distribution-{{atl_latest_version}}.tar.gz"
 
 atl_product_download_filename: "{{ atl_download_edition | default(atl_product_edition) }}.{{ atl_product_version }}.bin"
 atl_product_download: "{{ atl_installer_temp }}/{{ atl_product_download_filename }}"
+atl_crowd_download: "{{ atl_installer_temp }}"
 atl_product_varfile: "{{ atl_installer_temp }}/{{ atl_product_family }}.varfile"
 
 atl_marketplace_base: "https://marketplace.atlassian.com"

roles/product_install/tasks/crowd_extra_tasks.yml

@@ -0,0 +1 @@
+no_op.yml

roles/product_install/tasks/crowd_install.yml

@@ -0,0 +1,44 @@
+- debug:
+    msg: "atl_latest_version - {{atl_latest_version}}"
+
+- name: Fetch crowd installer
+  get_url:
+    url: "{{atl_crowd_download_url}}"
+    dest: "{{atl_crowd_download}}"
+    mode: 0755
+    force: false
+  when: not atl_latest_version
+
+- name: Fetch latest crowd installer
+  get_url:
+    url: "{{ atl_crowd_latest_url }}"
+    dest: "{{atl_crowd_download}}"
+    mode: 0755
+    force: false
+  when: atl_latest_version != ""
+
+
+- name: locate installer
+  find: paths="{{ atl_crowd_download }}" patterns="*crowd*.tar.gz"
+  register: find_result
+
+- debug: msg = " {{find_result }}"
+
+- name: unarchive
+  become: true
+  unarchive:
+    src: "{{ item.path }}"
+    dest: "{{atl_product_installation_versioned}}"
+#    remote_src: yes
+  with_items: "{{ find_result.files }}"
+
+#- name: unpack crowd
+#  shell: tar -xvzf {{atl_crowd_download}}/*crowd*{{atl_product_version}}.tar.gz .
+
+- name: Symlink the installed version to current
+  file:
+    src: "{{ atl_product_installation_versioned }}/atlassian-crowd-{{atl_product_version}}"
+    dest: "{{ atl_product_installation_current }}"
+    state: link
+    force: true
+

roles/product_install/tasks/crowd_version_latest.yml

@@ -0,0 +1,13 @@
+---
+
+# This is the process for most products (except ServiceDesk
+# basically). Symlink this to <edition>_version_latest.yml for each
+# product that supports the standard marketplace API.
+
+- name: Fetch the latest version from URL
+  set_fact:
+    atl_product_version_json: "{{ lookup('url', '{{ atl_product_latest_version_url }}') }}"
+
+- name: Set the local var to retrieved version
+  set_fact:
+    atl_latest_version: "{{ atl_product_version_json.version }}"

roles/product_install/tasks/main.yml

@@ -1,5 +1,3 @@
----
-
 - name: Check for existing version cache file
   stat:
     path: "{{ atl_product_version_cache }}"
@@ -97,11 +95,18 @@
   set_fact:
     atl_product_version: "{{ atl_download_version }}"
 
+#- set_fact:
+#    atl_product_version: '3.4.4'
+
 ######################################################################
 
+#- debug:
+#    msg: "{{ atl_product_edition }}_extra_tasks.yml"
 
 - name: Perform any additional per-edition version setup
   include_tasks: "{{ atl_product_edition }}_extra_tasks.yml"
+  when: atl_product_edition!= "crowd"
+  
 
 
 - name: Create installation directories
@@ -118,6 +123,8 @@
     - "{{ atl_product_version_cache_dir }}"
   changed_when: false  # For Molecule idempotence check
 
+- debug:
+    msg: "atl_installer_temp - {{atl_installer_temp}} atl_product_home - {{atl_product_home}} atl_product_installation_versioned- {{atl_product_installation_versioned}} atl_product_version_cache_dir- {{atl_product_version_cache_dir}}"
 
 # At this point atl_product_version should be set, cache if necessary.
 - name: Write override cached version when specified
@@ -136,12 +143,14 @@
     dest: "{{ atl_product_download }}"
     mode: 0755
     force: false
+  when: atl_product_edition!= "crowd"
 
 - name: Create installer varfile
   template:
     src: "{{ atl_product_family }}.varfile.j2"
     dest: "{{ atl_product_varfile }}"
     mode: 0755
+  when: atl_product_edition!= "crowd"
 
 # NOTE: We run the installer as the user rather than root to limit its
 # actions. For example, if root and the 'jira' user exists then it
@@ -153,6 +162,11 @@
     creates: "{{ atl_product_installation_versioned }}/.install4j/"
   become: true
   become_user: "{{ atl_product_user }}"
+  when: atl_product_edition!= "crowd"
+
+
+- import_tasks: crowd_install.yml
+  when: atl_product_edition == "crowd"
 
 - name: Symlink the installed version to current
   file:
@@ -160,3 +174,4 @@
     dest: "{{ atl_product_installation_current }}"
     state: link
     force: true
+  when: atl_product_edition != "crowd"

roles/product_install/templates/crowd.varfile.j2

@@ -0,0 +1,13 @@
+launch.application$Boolean=false
+rmiPort$Long={{ atl_tomcat_mgmt_port | default('8020') }}
+app.jiraHome={{ atl_product_home }}
+app.install.service$Boolean=false
+app.service.account={{ atl_product_user }}
+existingInstallationDir={{ atl_product_installation_versioned }}
+sys.confirmedUpdateInstallationString=false
+sys.languageId=en
+sys.installationDir={{ atl_product_installation_versioned }}
+executeLauncherAction$Boolean=true
+httpPort$Long={{ atl_tomcat_port | default('8080') }}
+portChoice=default
+executeLauncherAction$Boolean=false

roles/product_startup/defaults/main.yml

@@ -8,7 +8,9 @@ atl_startup_script_map:
   jira: "start-jira.sh"
   confluence: "start-confluence.sh"
   stash: "start-bitbucket.sh"
+  crowd: "start_crowd.sh"
 
+crowd_startup_exec_path: "{{ atl_product_installation_current }}/{{ atl_startup_script_map[atl_product_family] }}"
 atl_startup_exec_path: "{{ atl_product_installation_current }}/bin/{{ atl_startup_script_map[atl_product_family] }}"
 atl_startup_exec_options: ["-fg"]
 atl_startup_systemd_params: []

roles/product_startup/tasks/main.yml

@@ -4,6 +4,16 @@
   template:
     src: "product.service.j2"
     dest: "/etc/systemd/system/{{ atl_systemd_service_name }}"
+  when: atl_product_edition != "crowd"
+  notify:
+    - Enable Product
+    - Restart Product
+
+- name: "Install systemd service file for crowd"
+  template:
+    src: "crowd.service.j2"
+    dest: "/etc/systemd/system/{{ atl_systemd_service_name }}"
+  when: atl_product_edition == "crowd"
   notify:
     - Enable Product
     - Restart Product

roles/product_startup/templates/crowd.service.j2

@@ -0,0 +1,19 @@
+[Unit]
+Description=Atlassian {{ atl_product_edition }}
+After=network-online.target
+
+[Service]
+User={{ atl_product_user }}
+Group={{ atl_product_user }}
+
+{% for p in atl_startup_systemd_params -%}
+  {{ p }}
+{% endfor %}
+
+ExecStart={{ crowd_startup_exec_path }}{% for c in atl_startup_exec_options %} {{ c }}{% endfor %}
+
+Restart=on-failure
+
+[Install]
+WantedBy=multi-target.target
+