diff --git a/files/usr/local/bin/move_old_logs.sh b/files/usr/local/bin/move_old_logs.sh
index ee6eb55e308aea77207a511dd8c4ac70e3c7ade1..ddce6b17e14abda3db40d378f5e48e6f9d8d7622 100644
--- a/files/usr/local/bin/move_old_logs.sh
+++ b/files/usr/local/bin/move_old_logs.sh
@@ -8,21 +8,33 @@ START_YEAR="2015"
CURRENT_YEAR="$( date +%Y )"
PREVIOUS_YEAR="$(( CURRENT_YEAR - 1 ))"
-for APP in disapp subapp subapp_ws; do
- cd "/var/log/$APP/" || exit 1
+[[ -n ${1} ]] && APP=${1}
+[[ (! ${APP} =~ "disapp") && (! ${APP} =~ "subapp") && (! ${APP} =~ "subapp_webservice") ]] && \
+ echo 'ERROR: $1 needs to be one of "disapp", "subapp" or "subapp_webservice"'
- # create directories for old logfiles
- for YEAR in $( seq ${START_YEAR} ${PREVIOUS_YEAR} ); do
- mkdir -p "old/${YEAR}"
- done
+cd "/var/log/$APP/" || exit 1
- # move all old logfiles
- for YEAR in $( seq ${START_YEAR} ${PREVIOUS_YEAR} ); do
+# create directories for old logfiles
+for YEAR in $( seq ${START_YEAR} ${PREVIOUS_YEAR} ); do
+ mkdir -p "old/${YEAR}"
+done
+
+# move all old logfiles
+for YEAR in $( seq ${START_YEAR} ${PREVIOUS_YEAR} ); do
+ if [[ "${APP}" == "disapp" ]]; then
+ if [[ -n $( find ./ -maxdepth 1 -name "disapp.log.${YEAR}-*.lz" ) ]]; then mv disapp.log.${YEAR}-*.lz "old/${YEAR}/"; fi
+ fi
+
+ if [[ "${APP}" == "subapp" ]]; then
if [[ -n $( find ./ -maxdepth 1 -name "Protokoll_SLUBArchiv_Erfolgreich-${YEAR}*.log" ) ]]; then mv Protokoll_SLUBArchiv_Erfolgreich-${YEAR}*.log "old/${YEAR}/"; fi
if [[ -n $( find ./ -maxdepth 1 -name "Protokoll_SLUBArchiv_FEHLER-${YEAR}*.log" ) ]]; then mv Protokoll_SLUBArchiv_FEHLER-${YEAR}*.log "old/${YEAR}/"; fi
if [[ -n $( find ./ -maxdepth 1 -name "sips.log.${YEAR}-*.lz" ) ]]; then mv sips.log.${YEAR}-*.lz "old/${YEAR}/"; fi
- if [[ -n $( find ./ -maxdepth 1 -name "disapp.log.${YEAR}-*.lz" ) ]]; then mv disapp.log.${YEAR}-*.lz "old/${YEAR}/"; fi
if [[ -n $( find ./ -maxdepth 1 -name "subapp.log.${YEAR}-*.lz" ) ]]; then mv subapp.log.${YEAR}-*.lz "old/${YEAR}/"; fi
+ if [[ -n $( find ./ -maxdepth 1 -name "producer_mails.log.${YEAR}-*.lz" ) ]]; then mv producer_mails.log.${YEAR}-*.lz "old/${YEAR}/"; fi
+ if [[ -n $( find ./ -maxdepth 1 -name "staff_mails.log.${YEAR}-*.lz" ) ]]; then mv staff_mails.log.${YEAR}-*.lz "old/${YEAR}/"; fi
+ fi
+
+ if [[ "${APP}" == "subapp_webservice" ]]; then
if [[ -n $( find ./ -maxdepth 1 -name "webservice.log.${YEAR}-*.lz" ) ]]; then mv webservice.log.${YEAR}-*.lz "old/${YEAR}/"; fi
- done
+ fi
done
diff --git a/files/etc/systemd/user/move_old_logs.timer b/files/usr/local/lib/systemd/system/move_old_logs.timer
similarity index 63%
rename from files/etc/systemd/user/move_old_logs.timer
rename to files/usr/local/lib/systemd/system/move_old_logs.timer
index 653982216f37bda17ef0200ae4fdd3fc0544a920..7969f7e06007047fece0e9feabdaaa257866c8df 100644
--- a/files/etc/systemd/user/move_old_logs.timer
+++ b/files/usr/local/lib/systemd/system/move_old_logs.timer
@@ -1,10 +1,10 @@
[Unit]
-Description=timer for move_old_logs.service
+Description=timer for move_old_logs_@.service
[Timer]
# run once a year, on the 1st of January at 05:00:00am.
OnCalendar=*-1-1 05:00:00
-Unit=move_old_logs.service
+Unit=move_old_logs_@.service
[Install]
WantedBy=default.target
diff --git a/tasks/install_move_logs.yml b/tasks/install_move_logs.yml
index 524dbb375b5dc4ae636db84131838947c60f647e..f74c50852b48dde5884fce0b31364a4ef9cce03a 100644
--- a/tasks/install_move_logs.yml
+++ b/tasks/install_move_logs.yml
@@ -1,4 +1,30 @@
---
+- name: disable legacy SystemD units
+ ansible.builtin.systemd:
+ unit: "{{ item }}"
+ state: stopped
+ enabled: false
+ loop:
+ - "move_old_logs.service"
+ - "move_old_logs.timer"
+ ignore_errors: true
+- name: remove legacy timer/service/script
+ ansible.builtin.file:
+ path: "{{ item }}"
+ state: absent
+ loop:
+ - "/etc/systemd/user/move_old_logs.timer"
+ - "/etc/systemd/user/move_old_logs.service"
+ - "/usr/local/bin/move_old_logs.sh"
+
+####################################################################################################################
+
+- name: create SystemD unit directory
+ ansible.builtin.file:
+ path: "/usr/local/lib/systemd/system/"
+ state: directory
+ mode: "0755"
+
- name: install timer and script for moving old logs to archive
ansible.builtin.copy:
src: "{{ item.path }}"
@@ -7,7 +33,7 @@
owner: "{{ item.owner | default('root') }}"
group: "{{ item.group | default('root') }}"
loop:
- - path: "etc/systemd/user/move_old_logs.timer"
+ - path: "usr/local/lib/systemd/system/move_old_logs.timer"
mode: "0644"
- path: "usr/local/bin/move_old_logs.sh"
mode: "0755"
@@ -15,37 +41,49 @@
- name: install service for moving old logs to archive
ansible.builtin.template:
- src: "etc/systemd/user/move_old_logs.service.j2"
- dest: "/etc/systemd/user/move_old_logs.service"
+ src: "usr/local/lib/systemd/system/move_old_logs_@.service.j2"
+ dest: "/usr/local/lib/systemd/system/move_old_logs_@.service"
mode: "0755"
owner: "root"
group: "root"
+ notify: daemon-reload
-- name: find move_old_logs systemd units so we don't have to hardcode their names in the loops
- ansible.builtin.find:
- path: "/etc/systemd/user/"
- pattern: "move_old_logs.*"
- register: move_old_logs_units
-
-- name: check if move_old_logs units are already enabled
- ansible.builtin.command: "systemctl is-enabled {{ item.path | basename }}"
- loop: "{{ move_old_logs_units.files }}"
- register: move_old_logs_enabled
- changed_when: false
- failed_when:
- - move_old_logs_enabled.stdout != "enabled"
- - move_old_logs_enabled.stdout != "disabled"
- - '"No such file or directory" not in move_old_logs_enabled.stderr'
-
-- name: manually enable move_old_logs.service, because it cannot be found by the ansible.builtin.systemd module when the timer is located below "/etc/systemd/user/"
- ansible.builtin.command: "systemctl enable {{ item.item.path }}"
- loop: "{{ move_old_logs_enabled.results }}"
- when:
- - item.stdout != "enabled"
- register: move_old_logs_enablecmd
- changed_when: move_old_logs_enablecmd.stdout in "Created symlink"
+- name: enable move_old_logs services
+ ansible.builtin.systemd:
+ name: "move_old_logs_@{{ item }}.service"
+ daemon_reload: true
+ enabled: true
+ loop:
+ - "disapp"
+ - "subapp"
+ - "subapp_webservice"
- name: start timer for moving old logs to archive (the service is triggered by the timer and doesn't need to be started separately)
ansible.builtin.systemd:
name: "move_old_logs.timer"
+ enabled: true
state: started
+
+#- name: find move_old_logs systemd units so we don't have to hardcode their names in the loops
+# ansible.builtin.find:
+# path: "/usr/local/lib/systemd/system/"
+# pattern: "move_old_logs.*"
+# register: move_old_logs_units
+#
+#- name: check if move_old_logs units are already enabled
+# ansible.builtin.command: "systemctl is-enabled {{ item.path | basename }}"
+# loop: "{{ move_old_logs_units.files }}"
+# register: move_old_logs_enabled
+# changed_when: false
+# failed_when:
+# - move_old_logs_enabled.stdout != "enabled"
+# - move_old_logs_enabled.stdout != "disabled"
+# - '"No such file or directory" not in move_old_logs_enabled.stderr'
+#
+#- name: manually enable move_old_logs.service, because it cannot be found by the ansible.builtin.systemd module when the timer is located below "/etc/systemd/user/"
+# ansible.builtin.command: "systemctl enable {{ item.item.path }}"
+# loop: "{{ move_old_logs_enabled.results }}"
+# when:
+# - item.stdout != "enabled"
+# register: move_old_logs_enablecmd
+# changed_when: move_old_logs_enablecmd.stdout in "Created symlink"
diff --git a/tasks/install_subapp.yml b/tasks/install_subapp.yml
index 16553000d383c96bb4af915e75bcc90dcdbc17a0..814114f3835e3a554b0e02669efb5f6a1b7baf1d 100644
--- a/tasks/install_subapp.yml
+++ b/tasks/install_subapp.yml
@@ -254,11 +254,13 @@
- "/etc/systemd/user/stichprobe-daily-report.timer"
- "/etc/systemd/user/stichprobe-daily-report.service"
- "/home/{{ vault_subapp_user }}/.subapp/stichprobe.ini"
+ - "/etc/systemd/user/check_ie_sample.timer"
+ - "/etc/systemd/user/check_ie_sample.service"
-- name: check_ie_sample Timer
+- name: deploy check_ie_sample Service
ansible.builtin.template:
- src: "check_ie_sample.timer.j2"
- dest: "/etc/systemd/user/check_ie_sample.timer"
+ src: "usr/local/lib/systemd/system/check_ie_sample.service.j2"
+ dest: "/usr/local/lib/systemd/system/check_ie_sample.service"
owner: "root"
group: "root"
mode: "0644"
@@ -266,10 +268,10 @@
when: ansible_hostname == item.key
no_log: true
-- name: check_ie_sample Service
+- name: deploy check_ie_sample Timer
ansible.builtin.template:
- src: "check_ie_sample.service.j2"
- dest: "/etc/systemd/user/check_ie_sample.service"
+ src: "usr/local/lib/systemd/system/check_ie_sample.timer.j2"
+ dest: "/usr/local/lib/systemd/system/check_ie_sample.timer"
owner: "root"
group: "root"
mode: "0644"
@@ -277,22 +279,21 @@
when: ansible_hostname == item.key
no_log: true
-# - name: enable check_ie_sample Service
-# ansible.builtin.command: "systemctl enable /etc/systemd/user/check_ie_sample.service"
-# loop: "{{ lookup('dict', vault_stichprobe_hosts) }}"
-# when: ansible_hostname == item.key
-# no_log: true
-#
-# - name: enable check_ie_sample Timers
-# ansible.builtin.command: "systemctl enable /etc/systemd/user/check_ie_sample.timer"
-# loop: "{{ lookup('dict', vault_stichprobe_hosts) }}"
-# when: ansible_hostname == item.key
-# no_log: true
-#
-# - name: restart check_ie_sample Timers
-# ansible.builtin.systemd:
-# name: "check_ie_sample.timer"
-# state: restarted
-# loop: "{{ lookup('dict', vault_stichprobe_hosts) }}"
-# when: ansible_hostname == item.key
-# ignore_errors: true
+- name: enable check_ie_sample Service
+ ansible.builtin.systemd:
+ unit: "check_ie_sample.service"
+ enabled: true
+ daemon_reload: true
+ loop: "{{ lookup('dict', vault_check_ie_sample_hosts) }}"
+ when: ansible_hostname == item.key
+ no_log: true
+
+- name: enable & start check_ie_sample Timer
+ ansible.builtin.systemd:
+ unit: "check_ie_sample.timer"
+ enabled: true
+ state: restarted
+ daemon_reload: true
+ loop: "{{ lookup('dict', vault_check_ie_sample_hosts) }}"
+ when: ansible_hostname == item.key
+ no_log: true
diff --git a/templates/check_ie_sample.service.j2 b/templates/usr/local/lib/systemd/system/check_ie_sample.service.j2
similarity index 62%
rename from templates/check_ie_sample.service.j2
rename to templates/usr/local/lib/systemd/system/check_ie_sample.service.j2
index c5d795ab80b980cdf6ed0c183a411a79cb02321b..9a66b10dc3588f272c636abffb51a8dd66bcc482 100644
--- a/templates/check_ie_sample.service.j2
+++ b/templates/usr/local/lib/systemd/system/check_ie_sample.service.j2
@@ -1,11 +1,12 @@
[Unit]
-Description=service: daily report from stichprobe, institute {{ item.value.institute_name }}
+Description=service: daily report for sampling {{ item.value.institute_name }} workflows
Documentation=perldoc /usr/local/bin/check_ie_sample.pl
[Service]
Type=oneshot
Restart=no
-ExecStart=/usr/bin/perl -I /usr/local/perl /usr/local/bin/check_ie_sample.pl --institute {{ item.value.institute_name }} --email langzeitarchiv@slub-dresden.de --host {{ item.value.rosetta_host }} --user {{ item.value.user }} --password {{ item.value.password }} --sampling_factor 0.001
+ExecStart=/usr/bin/perl -I /usr/local/perl /usr/local/bin/check_ie_sample.pl --institute {{ item.value.institute_name }} --email langzeitarchiv@slub-dresden.de --host {{ item.value.rosetta_host }}.slub-dresden.de --user {{ item.value.user }} --password {{ item.value.password }} --sampling_factor 0.0000274
+# Sampling factor = 1/100/365
User={{ vault_subapp_user }}
Group={{ vault_subapp_group }}
diff --git a/templates/check_ie_sample.timer.j2 b/templates/usr/local/lib/systemd/system/check_ie_sample.timer.j2
similarity index 72%
rename from templates/check_ie_sample.timer.j2
rename to templates/usr/local/lib/systemd/system/check_ie_sample.timer.j2
index 94372a6f7320a7ce134f0683972789db1c28a4e8..0a42a5580bcc13f11ccd4c1a62543370654657e0 100644
--- a/templates/check_ie_sample.timer.j2
+++ b/templates/usr/local/lib/systemd/system/check_ie_sample.timer.j2
@@ -1,18 +1,16 @@
[Unit]
-Description=timer: daily report for stichprobe {{ item.value.institute_name }} workflows
+Description=timer: daily report for sampling {{ item.value.institute_name }} workflows
Documentation=perldoc /usr/local/bin/check_ie_sample.pl
[Timer]
-OnCalendar=monthly
+OnCalendar=daily
#RandomizedDelaySec=14400
-# run every x minutes/hours/days
-#OnUnitActiveSec={{ item.value.timer_interval }}
#Wake system from suspend mode
WakeSystem=true
#When activated, it triggers the service immediately if it missed the last start time, for example due to the system being powered off
Persistent=true
#Unit to activate when the timer elapses. (default is set to the same name as the timer unit, except for the suffix)
-Unit=stichprobe-daily-report.service
+Unit=check_ie_sample.service
[Install]
#is requires to activate the timer permanently
diff --git a/templates/etc/systemd/user/move_old_logs.service.j2 b/templates/usr/local/lib/systemd/system/move_old_logs_@.service.j2
similarity index 81%
rename from templates/etc/systemd/user/move_old_logs.service.j2
rename to templates/usr/local/lib/systemd/system/move_old_logs_@.service.j2
index 86f890db576852f0f0bdc38c772265bbe2f6cccb..532c25d03858e0400f97babf5280759ad32e0ccc 100644
--- a/templates/etc/systemd/user/move_old_logs.service.j2
+++ b/templates/usr/local/lib/systemd/system/move_old_logs_@.service.j2
@@ -1,12 +1,12 @@
[Unit]
-Description=move_old_logs.sh
+Description=Daemon to move old logfiles from previous year to archive (%i)
After=remote-fs.target
[Service]
Type=simple
-ExecStart=/usr/local/bin/move_old_logs.sh
-User={{ vault_subapp_user }}
-Group={{ vault_subapp_group }}
+ExecStart=/usr/local/bin/move_old_logs.sh %i
+User=root
+Group=root
### Security features
# documented at https://www.freedesktop.org/software/systemd/man/systemd.exec.html
diff --git a/vars/stichprobe.vault.example b/vars/stichprobe.vault.example
index e9876faaa8aed63925c9f9b4895912cfe369b89b..1503a33d6b531cf8aac47beddc06ea8038e5dc47 100644
--- a/vars/stichprobe.vault.example
+++ b/vars/stichprobe.vault.example
@@ -13,16 +13,10 @@ vault_stichprobe_hosts:
# <name-of-subapp-server>:
# host: "<Rosetta-Webservice-API-Hostname>"
# user: "<Rosetta-Submission-Agent-Username>"
-# password: !vault |
-# $ANSIBLE_VAULT;1.1;AES256
-# 11111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111
+# password: "Sw0rdF!5h"
# email: "recipients@example.com"
# institute_name: "<name-of-institution-as-given-in-Rosetta>"
# institute_code: "<code-of-institution-as-given-in-Rosetta>"
# institute_dead_ref_process_id: "<Rosetta-Process-ID-for Dead-Reference-Identification-Job>"
# institute_fixity_check_process_id: "<Rosetta-Process-ID-for-Fixity-Check-Job>"
# institute_department: "<space-separated-list-of-Rosetta-Departments-like-CONSORTIUM.INS.DEPT>"
-# timer_interval: "<timer-interval-in-systemd-time-syntax>"
-# # timer_interval: "{{ ( (24 * 60 * 60) / (<Number_of-IEs> / 36500) ) + 1 | round(0,'floor') | int }} seconds"
-# # timer_interval: "{{ ( (24h * 60min * 60sec) / (<Number-of-IEs> / (365days / 100)) ) + 1 | round(0,'floor') | int }} seconds" # Timer Interval explained
-# # documented at https://www.freedesktop.org/software/systemd/man/systemd.time.html