-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathmain.yml
169 lines (136 loc) · 7.87 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
---
# defaults file for atom-replication-role
# Servers (Ansible host field in Ansible inventory)
atom_replication_edit_atom_host: "localhost"
atom_replication_ro_atom_host: "localhost"
atom_replication_edit_mysql_host: "localhost"
atom_replication_ro_mysql_host: "localhost"
atom_replication_edit_es_host: "localhost"
atom_replication_ro_es_host: "localhost"
# Ansible ssh usernames (Ansible ssh host in Ansible inventory)
atom_replication_edit_atom_ansible_user: "artefactual"
atom_replication_ro_atom_ansible_user: "{{ atom_replication_edit_atom_ansible_user }}"
atom_replication_ro_es_ansible_user: "{{ atom_replication_edit_atom_ansible_user }}"
atom_replication_edit_es_ansible_user: "{{ atom_replication_edit_atom_ansible_user }}"
atom_replication_ro_mysql_ansible_user: "{{ atom_replication_edit_atom_ansible_user }}"
atom_replication_edit_mysql_ansible_user: "{{ atom_replication_edit_atom_ansible_user }}"
# Ansible ssh addresses/hostnames (Ansible ssh user in Ansible inventory)
atom_replication_edit_atom_ansible_host: "localhost"
atom_replication_ro_atom_ansible_host: "{{ atom_replication_edit_atom_ansible_host }}"
atom_replication_ro_es_ansible_host: "{{ atom_replication_edit_atom_ansible_host }}"
atom_replication_edit_es_ansible_host: "{{ atom_replication_edit_atom_ansible_host }}"
atom_replication_ro_mysql_ansible_host: "{{ atom_replication_edit_atom_ansible_host }}"
atom_replication_edit_mysql_ansible_host: "{{ atom_replication_edit_atom_ansible_host }}"
# Ansible settings for ansible.cfg file in ansible-run-server
atom_replication_ansible_cfg_timeout: 60
# Needed to rsync uploads and downloads from AtoM edit host to AtoM read-only host
atom_replication_edit_ssh_pubkey_file: "/home/{{ atom_replication_edit_atom_ansible_user }}/.ssh/id_ed25519"
# Temporary Directories, Users and Groups
atom_replication_edit_mysql_snapshots_dir: "/var/artefactual/replication-snapshots"
atom_replication_ro_mysql_snapshots_dir: "/var/artefactual/replication-snapshots"
atom_replication_edit_es_snapshots_dir: "/var/artefactual/replication-snapshots"
atom_replication_ro_es_snapshots_dir: "/var/artefactual/replication-snapshots"
atom_replication_ansible_host_snapshots_dir: "{{ atom_replication_ansible_remote_path }}/replication"
atom_replication_snapshot_mysql_user: "mysql"
atom_replication_snapshot_mysql_group: "mysql"
atom_replication_snapshot_es_user: "elasticsearch"
atom_replication_snapshot_es_group: "elasticsearch"
# Install role in remote server (Optional).
# Use "install-replication" tag to deploy the replication script in the remote server
atom_replication_ansible_remote_server: "{{ atom_replication_edit_atom_host }}"
atom_replication_ansible_remote_user: "artefactual"
atom_replication_ansible_remote_path: "/home/artefactual/atom-replication"
atom_replication_ansible_remote_cron_enabled: False
atom_replication_ansible_remote_cron_minute: "0"
atom_replication_ansible_remote_cron_hour: "7"
atom_replication_ansible_remote_cron_day: "*"
atom_replication_ansible_remote_cron_month: "*"
atom_replication_ansible_remote_cron_weekday: "0"
atom_replication_ansible_remote_cron_name: "AtoM site replication"
atom_replication_ansible_remote_cron_user: "{{ atom_replication_ansible_remote_user }}"
atom_replication_ansible_remote_cron_file: "replicate-atom"
atom_replication_ansible_remote_cron_job: "{{ atom_replication_ansible_remote_path }}/site-replication.sh"
atom_replication_ansible_remote_cron_mailto: ""
# Elasticsearch settings:
# Assuming all ES servers are going to use the same port
atom_replication_es_port: "9200"
atom_replication_edit_es_base_url_schema: "http"
atom_replication_edit_es_base_url_host: "127.0.0.1"
atom_replication_ro_es_base_url_schema: "http"
atom_replication_ro_es_base_url_host: "127.0.0.1"
atom_replication_edit_es_base_url: "{{ atom_replication_edit_es_base_url_schema }}://{{ atom_replication_edit_es_base_url_host }}"
atom_replication_ro_es_base_url: "{{ atom_replication_ro_es_base_url_schema }}://{{ atom_replication_ro_es_base_url_host }}"
atom_replication_edit_es_index: "atom-edit"
atom_replication_ro_es_index: "atom-ro"
atom_replication_es_repo_name: "backup-repo"
atom_replication_es_snapshot_name: "backup-repo"
atom_replication_es_backup_repo_path: "/var/lib/elasticsearch/backup-repo"
# MySQL settings
atom_replication_edit_db_name: "atom-edit"
atom_replication_ro_db_name: "atom-ro"
# mysql_db and mysql_query are failing on Ubuntu 20 when using /root/.my.cnf config file
# Both modules work fine using the `login_unix_socket`
atom_replication_edit_mysql_unix_socket: "{{ '/var/lib/mysql/mysql.sock' if ansible_os_family == 'RedHat' else '/var/run/mysqld/mysqld.sock' }}"
atom_replication_ro_mysql_unix_socket: "{{ '/var/lib/mysql/mysql.sock' if ansible_os_family == 'RedHat' else '/var/run/mysqld/mysqld.sock' }}"
atom_replication_ro_backup_tables: []
# atom_replication_ro_backup_tables:
# - access_log
# - user
# - clipboard_save
# - clipboard_save_item
# AtoM source paths
atom_replication_edit_path: "/usr/share/nginx/atom-edit"
atom_replication_ro_path: "/usr/share/nginx/atom-ro"
# AtoM downloads and uploads paths
# NOTE: Ensure all paths ends in "/"
atom_replication_edit_downloads_path: "{{ atom_replication_edit_path }}/downloads/"
atom_replication_ro_downloads_path: "{{ atom_replication_ro_path }}/downloads/"
atom_replication_edit_uploads_path: "{{ atom_replication_edit_path }}/uploads/"
atom_replication_ro_uploads_path: "{{ atom_replication_ro_path }}/uploads/"
# AtoM synchronize uploads and downloads directories with rsync (Optional)
atom_replication_synchronize_uploads_dir: False
atom_replication_synchronize_downloads_dir: False
# Nginx users
atom_replication_ro_nginx_user: "{% if ansible_os_family == 'RedHat' %}nginx{% elif ansible_os_family == 'Debian' %}www-data{% endif %}"
# Restore Site Title in read-only AtoM (Optional)
# Check running: "select * from setting_i18n where id=189;" in both databases
atom_replication_restore_sitetitle: False
atom_replication_ro_sitetitle: "Read Only Site"
# Synchronize baseurl (Optional)
# Check running: "select value from setting_i18n where id='124';" in both databases
atom_replication_synchronize_baseurl: False
atom_replication_edit_dnsname: "http://edit.accesstomemory.org/"
atom_replication_ro_dnsname: "http://ro.accesstomemory.org/"
# Delete read-only db clipboard save items that reference slugs which no longer exist (Optional)
atom_replication_clipboard_delete_obsolete_items: False
# Synchronize edit site clipboard on read-only site (Optional)
# As the user identificators can be different in both databases
# some steps are needed.
atom_replication_synchronize_clipboard: False
# Services to be restarted on AtoM read-only host after replication
atom_replication_ro_nginx_restart_services:
- "memcached"
# - "php7.2-fpm"
# - "varnish"
# - "atom-worker-ro"
# Symfony commands to run on AtoM read-only host after replication
# as nginx user and {{ atom_replication_ro_path }} path
atom_replication_ro_nginx_symfony_commands:
- "cc"
# - "tools:expire-data --older-than=$(date +'%Y-%m-%d' -d '-15 days') clipboard,job -f"
# Email notification variables. The following variables are not used on crontab notifications.
# See https://docs.ansible.com/ansible/latest/collections/community/general/mail_module.html for variables
atom_replication_email_notification_enabled: False
atom_replication_email_notification_host: "localhost"
atom_replication_email_notification_port: 25
atom_replication_email_notification_subject: "Ansible replication playbook log"
atom_replication_email_notification_body: "Find the replication playbook log in the attached file"
atom_replication_email_notification_secure: "try"
atom_replication_email_notification_sender: "root"
atom_replication_email_notification_to:
- "test@example.com"
# atom_replication_email_notification_cc:
# - "test2@example.com"
atom_replication_email_notification_subtype: "plain"
# atom_replication_email_notification_username: "artefactual"
# atom_replication_email_notification_password: "password"