diff --git a/tasks/configure-postgresql.yml b/tasks/configure-postgresql.yml deleted file mode 100644 index 3ba0e31c3da95df1ff485ad6368a0b9ff5bd7036..0000000000000000000000000000000000000000 --- a/tasks/configure-postgresql.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -### AUTHENTIFIZIERUNG FÜR POSTGRES-USER ANPASSEN ### -- name: Authentifizierung für Postgres-User anpassen (Postgres-Config) - lineinfile: - dest: "/etc/postgresql/11/main/pg_hba.conf" - create: "no" - state: present - line: "local all postgres trust" - notify: - - restart postgres - tags: [postgres] - -- name: Authentifizierung für Postgres-User anpassen (Sudoers-Config) - lineinfile: - dest: "/etc/sudoers" - create: "no" - state: present - line: 'root ALL=(postgres) NOPASSWD: /bin/bash' - tags: [postgres] diff --git a/tasks/configure_ssh_keys.yml b/tasks/configure_ssh_keys.yml new file mode 100644 index 0000000000000000000000000000000000000000..77827a1281c467b3c47f657badab6573d5bfd168 --- /dev/null +++ b/tasks/configure_ssh_keys.yml @@ -0,0 +1,7 @@ +--- +- name: deploy SSH key for management user + authorized_key: + user: "{{ vault_ssh_access.user }}" + state: present + key: "{{ vault_ssh_access.ssh_key }}" + comment: "{{ vault_ssh_access.ssh_comment }}" diff --git a/tasks/deploy_update_checks.yml b/tasks/deploy_update_checks.yml deleted file mode 100644 index a04d98676e742e61bfeebea4ffbaaee55f969d6f..0000000000000000000000000000000000000000 --- a/tasks/deploy_update_checks.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: deploy SSH key for management user - authorized_key: - user: "{{ vault_ssh_access.user }}" - state: present - key: "{{ vault_ssh_access.ssh_key }}" - comment: "{{ vault_ssh_access.ssh_comment }}" - tags: [udatechecks] - -- name: deploy rosetta_update_checks from Git - git: - dest: "/usr/local/bin/rosetta_update_test/" - repo: "{{ vault_git_repo_url_updatechecks }}" - version: "0427ea94" - force: "yes" - accept_hostkey: "yes" - tags: [udatechecks] diff --git a/tasks/install-packages.yml b/tasks/install-packages.yml index 3917a8e48e5d6b62cc6db9601b59a72918c1c0d4..568925ce4a0c3f16666fcb84aab7ab00d654828e 100644 --- a/tasks/install-packages.yml +++ b/tasks/install-packages.yml @@ -10,24 +10,21 @@ 'perl', 'perl-base', 'perl-modules', - 'postgresql', 'rsync', 'tar', - 'unzip' + 'unzip', ] update_cache: "yes" tags: [apt] -- name: Install/Update Perl-Pakete +- name: Install/Update Perl-Pakages for Exit apt: state: present name: [ 'libnet-openssh-perl', 'libpath-tiny-perl', 'libtime-progress-perl', - 'libxml-xpath-perl', - 'libxml-parser-perl', - 'libxml-libxml-perl' + 'libxml-libxml-perl', ] tags: [apt] @@ -35,4 +32,14 @@ cpanm: name: "{{ item }}" loop: + # these are part of the "perl-base" Debian 10 package, so we get them for free: + # - "Carp" + # - "Cwd" + # - "File::Basename" + # - "Getopt::Long" + # - "IO::Handle" + # and these are not, so they must be installed using cpanm: + - "File::Find" - "File::Sort" + - "Path::Tiny" + - "XML::LibXML::XPathContext" diff --git a/tasks/install-test-scripts.yml b/tasks/install-test-scripts.yml index c1f7ffba66cb98abbde03041293ccf7df168d446..4eed63843925461948729d38a483b8cecec62d7b 100644 --- a/tasks/install-test-scripts.yml +++ b/tasks/install-test-scripts.yml @@ -1,16 +1,30 @@ --- ### INSTALL TEST SCRIPTS ### -- name: Testscripte einspielen +- name: deploy wrapper script for exit strategy template: src: "{{ item }}.j2" dest: "/usr/local/bin/{{ item }}" owner: "root" group: "lza" mode: "0755" - with_items: + loop: - "test_exit_strategy.sh" - - "test_exit_insert_into_DB.sh" - tags: [testscripts] -# TODO: uncomment as soon as Git over Ansible becomes available -# - name: deploy update checks -# import_tasks: ./deploy_update_checks.yml + +- name: deploy test scripts from Git + git: + dest: "/usr/local/bin/{{ item.dest }}" + repo: "{{ item.repo }}" + version: "{{ item.version | default(omit) }}" + force: "{{ item.force | default(true) }}" + accept_hostkey: "{{ item.accept_hostkey | default(true) }}" + single_branch: "{{ item.single_branch | default(true) }}" + recursive: "{{ item.recursive | default(false) }}" + loop: + # runs all the pre-/post-upgrade tests on Rosetta and SubApp servers + - dest: "rosetta_update_test/" + repo: "{{ vault_slub_git_repo_url }}slub-digitalpreservation/rosetta_update_test.git" + version: "42896a70" + # runs the Exit Strategy script to build an emergency database + - dest: "rosettaExitStrategy/" + repo: "{{ vault_slub_git_repo_url }}slub-digitalpreservation/rosettaExitStrategy.git" + version: "63e18fa0" diff --git a/tasks/main.yml b/tasks/main.yml index 2194f47328e25e75210c818c42c4984cd949828c..7fd53084a1f60b96411b3ad3a7c650dc75acf0e1 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -5,27 +5,22 @@ - "sanitytest.vault" tags: [always] -### PAKETINSTALLATIONEN ### - name: install packages import_tasks: install-packages.yml - tags: [always, postgres] + tags: [apt, packages] -### USER ANLEGEN ### - name: create users and groups import_tasks: create-users-groups.yml tags: [users] -### MOUNTPOINTS ANLEGEN, EINTRAGEN & MOUNTEN ### +- name: configure SSH keys + import_tasks: "configure_ssh_keys.yml" + tags: [ssh] + - name: configure nfs mounts import_tasks: configure-nfs-mounts.yml tags: [nfs] -### INSTALL TEST SCRIPTS ### - name: install test scripts import_tasks: install-test-scripts.yml tags: [testscripts] - -### AUTHENTIFIZIERUNG FÜR POSTGRES-USER ANPASSEN ### -- name: configure PostgreSQL - import_tasks: configure-postgresql.yml - tags: [postgres] diff --git a/templates/test_exit_insert_into_DB.sh.j2 b/templates/test_exit_insert_into_DB.sh.j2 deleted file mode 100644 index f23cb2cf63f092508a19e282c03dc331a6bf7058..0000000000000000000000000000000000000000 --- a/templates/test_exit_insert_into_DB.sh.j2 +++ /dev/null @@ -1,34 +0,0 @@ -#!/usr/bin/env bash -set -e - -# This script exists only to be called from "test_exit_strategy.sh". - -# invocation: ./test_exit_insert_into_DB.sh $SQLFILE $LOGFILE -SQLFILE="$1" -LOGFILE="$2" - -### IMPORT SQL FILE INTO POSTGRES DB ### -# cleanup database -psql --username {{ vault_db_user }} --command "DROP DATABASE IF EXISTS exit_strategy;" -# create empty database -psql --username {{ vault_db_user }} --command "CREATE DATABASE exit_strategy WITH ENCODING 'UTF8';" -# import exit data -psql --username {{ vault_db_user }} --dbname exit_strategy --file "${SQLFILE}" --log-file "${LOGFILE}" 2>> "${LOGFILE}" - -### CHECK RESULTS ### -# count number of entries to import -NUMBER_TO_IMPORT=$( /bin/grep '^EXECUTE aip' "${SQLFILE}" | /usr/bin/wc -l ) -# count imported lines -NUMBER_IMPORTED=$( /usr/bin/psql --username {{ vault_db_user }} --dbname=exit_strategy --command 'SELECT COUNT(aip_id) FROM metadatafile;' | head -n3 | tail -n1 | egrep -o '[0-9]*' ) - -### WRITE SUMMARY ### -echo -e "\n### SUMMARY ###\n" >> "${LOGFILE}" -echo "NUMBER TO IMPORT: '$NUMBER_TO_IMPORT'" | tee -a "${LOGFILE}" -echo "NUMBER IMPORTED : '$NUMBER_IMPORTED'" | tee -a "${LOGFILE}" -# compare to_import vs. imported -if [ "${NUMBER_TO_IMPORT}" -ne "${NUMBER_IMPORTED}" ]; then - echo "ERROR: number of entries to import (${NUMBER_TO_IMPORT}) doesn't match number of actually imported entries ($NUMBER_IMPORTED)." | tee -a "${LOGFILE}"; - exit 100; -fi - -echo "${NUMBER_TO_IMPORT} entries successfully imported into Postgres DB." | tee -a "${LOGFILE}"