feat: added first parts of emx2 ansible roles

.gitignore

@@ -1,2 +1,3 @@
 *.tar.gz
 **/.vagrant
+.idea

emx2/README.md

@@ -0,0 +1,20 @@
+# Ansible Collection - molgenis.emx2
+
+This ansible script
+* installs postgresql13 including molgenis database setup
+* downloads molgenis-emx2-x.y.z.jar file & configures start/stop as a service on port 8080
+
+## Usage
+You can use Vagrant to boot up the image. Please execute (from the `emx2` directory):
+
+`vagrant up`
+
+When updating the playbook
+`vagrant up --provision`
+
+On Mac M1 install Parallels Desktop, then install ubuntu and therein run vagrant (lol)
+
+`vagrant plugin install vagrant-parallels`
+
+
+Access the instance from `http://localhost` in the browser.

emx2/Vagrantfile

@@ -0,0 +1,15 @@
+Vagrant.configure("2") do |config|
+  config.vm.box = "centos/8"
+  config.vm.box_version = "2011.0"
+  config.vm.network "forwarded_port", guest: 80, host: 80
+  config.vm.provider "virtualbox" do |vb|
+    vb.gui = false
+    vb.customize ['modifyvm', :id, '--graphicscontroller', 'none']
+    vb.customize ['modifyvm', :id, '--audio', 'none']
+  end
+  config.vm.provision "ansible" do |ansible|
+    ansible.limit = "all"
+    ansible.playbook = "playbook.yml"
+    ansible.verbose = false
+  end
+end

emx2/galaxy.yml

@@ -0,0 +1,59 @@
+### REQUIRED
+
+# The namespace of the collection. This can be a company/brand/organization or product namespace under which all
+# content lives. May only contain alphanumeric characters and underscores. Additionally namespaces cannot start with
+# underscores or numbers and cannot contain consecutive underscores
+namespace: molgenis
+
+# The name of the collection. Has the same character restrictions as 'namespace'
+name: emx2
+
+# The version of the collection. Must be compatible with semantic versioning
+version: 1.0.0
+
+# The path to the Markdown (.md) readme file. This path is relative to the root of the collection
+readme: README.md
+
+# A list of the collection's content authors. Can be just the name or in the format 'Full Name <email> (url)
+# @nicks:irc/im.site#channel'
+authors:
+- Morris Swertz <[email protected]>
+- Erik Schaberg <[email protected]>
+- Molgenis operations team <[email protected]>
+
+
+### OPTIONAL but strongly recommended
+
+# A short summary description of the collection
+description: this collection contains roles and playbooks to roll-out and update a MOLGENIS EMX2 instance in your own infrastructure (see https://www.molgenis.org)
+
+# Either a single license or a list of licenses for content inside of a collection. Ansible Galaxy currently only
+# accepts L(SPDX,https://spdx.org/licenses/) licenses. This key is mutually exclusive with 'license_file'
+license:
+- LGPL-3.0-or-later
+
+# The path to the license file for the collection. This path is relative to the root of the collection. This key is
+# mutually exclusive with 'license'
+license_file: ''
+
+# A list of tags you want to associate with the collection for indexing/searching. A tag name has the same character
+# requirements as 'namespace' and 'name'
+tags: [molgenis]
+
+# Collections that this collection requires to be installed for it to be usable. The key of the dict is the
+# collection label 'namespace.name'. The value is a version range
+# L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version
+# range specifiers can be set and are separated by ','
+dependencies: {}
+
+# The URL of the originating SCM repository
+repository: https://github.com/molgenis/molgenis-emx2
+
+# The URL to any online docs
+documentation: https://github.com/molgenis/molgenis-emx2
+
+# The URL to the homepage of the collection/project
+homepage: https://molgenis.org
+
+# The URL to the collection issue tracker
+issues: https://github.com/molgenis/molgenis-emx2/issues

emx2/playbook.yml

@@ -0,0 +1,31 @@
+---
+- name: Deployment for MOLGENIS - operational development
+  hosts: "{{ host_group }}"
+  gather_facts: true
+  become: true
+  vars:
+    host_group: "all"
+    experimental: false
+    ci: false
+    molgenis:
+      setup: true
+      version: 5.23.1
+      ssh: true
+
+  roles:
+    # system configuration
+    - role: molgenis.molgenis8.swap_centos8
+      when: ansible_distribution == "CentOS" and ansible_distribution_major_version == '8'
+    - role: molgenis.molgenis8.preinstall_centos8
+      when: ansible_distribution == "CentOS" and ansible_distribution_major_version == '8'
+    # application configuration
+    - role: molgenis.molgenis8.java_centos8
+      vars:
+        version: 13
+      when: ansible_distribution == "CentOS" and ansible_distribution_major_version == '8'
+    - role: postgres_13_centos8
+      when: ansible_distribution == "CentOS" and ansible_distribution_major_version == '8'
+    - role: emx2_centos8
+      when: ansible_distribution == "CentOS" and ansible_distribution_major_version == '8'
+
+    - role: postinstall

emx2/requirements.yml

@@ -0,0 +1,3 @@
+collections:
+  - name: molgenis.molgenis8
+    version: 1.1.1

emx2/roles/emx2_centos8/README.md

@@ -0,0 +1 @@
+The molgenis role installs and configures our Molgenis WAR.

emx2/roles/emx2_centos8/files/molgenis

@@ -0,0 +1,20 @@
+%gcc            ALL=(ALL) NOPASSWD:/bin/su - molgenis
+molgenis        ALL=(ALL) NOPASSWD:/usr/bin/systemctl status httpd
+molgenis        ALL=(ALL) NOPASSWD:/usr/bin/systemctl start httpd
+molgenis        ALL=(ALL) NOPASSWD:/usr/bin/systemctl stop httpd
+molgenis        ALL=(ALL) NOPASSWD:/usr/bin/systemctl restart httpd
+molgenis        ALL=(ALL) NOPASSWD:/usr/bin/systemctl reload httpd
+molgenis        ALL=(ALL) NOPASSWD:/usr/bin/systemctl enable httpd
+molgenis        ALL=(ALL) NOPASSWD:/usr/bin/systemctl disable httpd
+molgenis        ALL=(ALL) NOPASSWD:/usr/bin/systemctl status postgresql-13
+molgenis        ALL=(ALL) NOPASSWD:/usr/bin/systemctl start postgresql-13
+molgenis        ALL=(ALL) NOPASSWD:/usr/bin/systemctl stop postgresql-13
+molgenis        ALL=(ALL) NOPASSWD:/usr/bin/systemctl restart postgresql-13
+molgenis        ALL=(ALL) NOPASSWD:/usr/bin/systemctl enable postgresql-13
+molgenis        ALL=(ALL) NOPASSWD:/usr/bin/systemctl disable postgresql-13
+molgenis        ALL=(ALL) NOPASSWD:/bin/cat /var/log/httpd/error_log
+molgenis        ALL=(ALL) NOPASSWD:/bin/cat /var/log/httpd/ssl_error_log
+molgenis        ALL=(postgres) NOPASSWD:/usr/bin/pg_dump
+molgenis        ALL=(ALL) NOPASSWD:/usr/local/share/molgenis/tools/molgenis_cleanup.bash
+molgenis        ALL=(ALL) NOPASSWD:/usr/local/share/molgenis/tools/molgenis_chown_data.bash
+molgenis        ALL=(ALL) NOPASSWD:/usr/local/share/molgenis/tools/molgenis_crossrestore_cleanup.bash

emx2/roles/emx2_centos8/files/molgenis_chown_data.bash

@@ -0,0 +1,2 @@
+#!/bin/bash
+/bin/chown -R tomcat:molgenis /usr/local/share/molgenis/data

emx2/roles/emx2_centos8/files/molgenis_cleanup.bash

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+# This bash script will do the following:
+# - Drop and recreate all the tables inside the molgenis schema
+MOLGENIS_OPS_TOOLS=/usr/local/share/molgenis/tools/
+
+MOLGENIS_HOME="/usr/local/share/molgenis/"
+
+BASE_DIR=$(pwd)
+LOG_FILE="cleanup.log"
+
+. ${MOLGENIS_OPS_TOOLS}/utils.bash
+
+log 3 "Dropping molgenis schema tables and triggers"
+if [[ $(whoami) = "root"* ]]; then
+  RUN_PSQL="sudo -i -u postgres psql -U postgres -q"
+else
+  RUN_PSQL="psql -U postgres -q"
+fi
+
+${RUN_PSQL} <<SQL
+DROP DATABASE molgenis;
+CREATE DATABASE molgenis OWNER = molgenis;
+SQL
+
+log 3 "--------------------------------------------------------------------------------"
+log 3 "Cleanup is done"
+log 3 "################################################################################"

emx2/roles/emx2_centos8/files/molgenis_crossrestore_cleanup.bash

@@ -0,0 +1,5 @@
+#!/bin/bash
+/bin/rm -f /tmp/import*.log
+/bin/rm -f /tmp/filestore_backup_*.tgz
+/bin/rm -f /tmp/postgresql*.sql
+/bin/rm -rf /usr/local/share/molgenis/data_old

emx2/roles/emx2_centos8/files/molgenis_restore_database.bash

@@ -0,0 +1,30 @@
+#!/bin/bash
+
+MOLGENIS_OPS_TOOLS=/usr/local/share/molgenis/tools
+
+. ${MOLGENIS_OPS_TOOLS}/utils.bash
+
+RESTORE_FILE=${1}
+DATABASE_SCHEME=${2}
+LOG_FILE="restore_database.log"
+
+#TODO: add usage
+
+log 3 "################################################################################"
+log 3 "Start restoring database"
+log 3 "--------------------------------------------------------------------------------"
+if [[ -z ${DATABASE_SCHEME} ]]; then
+  log 2 "Using default database-scheme: [ molgenis ]"
+  DATABASE_SCHEME=molgenis
+fi
+
+if [[ -z ${RESTORE_FILE} ]]; then
+  log 1 "No restore-file is specified"
+  exit 1
+fi
+
+log 3 "Restoring database"
+psql ${DATABASE_SCHEME} < ${RESTORE_FILE}
+log 3 "--------------------------------------------------------------------------------"
+log 3 "Database is restored"
+log 3 "################################################################################"

emx2/roles/emx2_centos8/files/utils.bash

@@ -0,0 +1,56 @@
+#!/bin/bash
+
+SET_LOG_LEVEL=3
+LOG_DIR=/var/log/molgenis-ops-tools
+
+if [[ -z ${LOG_FILE} ]]
+then
+  LOG_FILE="stdout.log"
+fi
+
+function log() {
+  LOG_LEVEL=${1}
+  LOG_MESSAGE=${2}
+  if [[ ! -z ${3} ]]; then
+    LOG_DIR=${3}
+  fi
+  LOG_PREFIX="[INFO]"
+  DATE_FORMAT="+%d-%m-%Y"
+  TIME_FORMAT="+%T"
+  DATE=$(date ${DATE_FORMAT})
+  TIME=$(date ${TIME_FORMAT})
+  if [[ -z ${LOG_LEVEL} ]]
+  then
+    LOG_LEVEL=3
+  elif [[ ${LOG_LEVEL} == 1 ]]
+  then
+    LOG_PREFIX="[ERROR]"
+  elif [[ ${LOG_LEVEL} == 2 ]]
+  then
+    LOG_PREFIX="[WARN]"
+  elif [[ ${LOG_LEVEL} == 4 ]]
+  then
+    LOG_PREFIX="[DEBUG]"
+  elif [[ ${LOG_LEVEL} == 5 ]]
+  then
+    LOG_PREFIX="[TRACE]"
+  fi
+  if [[ ${LOG_LEVEL} -le 3 ]]
+  then
+    if [[ "${EUID}" -ne 0 ]]
+    then
+      echo "${LOG_PREFIX} | ${DATE} ${TIME} | ${LOG_MESSAGE}" >> "${LOG_DIR}/${DATE}_${LOG_FILE}"
+    else
+      runuser -l molgenis -c "echo \"${LOG_PREFIX} | ${DATE} ${TIME} | ${LOG_MESSAGE}\" >> \"${LOG_DIR}/${DATE}_${LOG_FILE}\""
+    fi
+  fi
+  if [[ ${SET_LOG_LEVEL} -ge ${LOG_LEVEL} ]]
+  then
+    if [[ "${EUID}" -ne 0 ]]
+    then
+      echo "${LOG_PREFIX} | ${DATE} ${TIME} | ${LOG_MESSAGE}"
+    else
+      runuser -l molgenis -c "echo \"${LOG_PREFIX} | ${DATE} ${TIME} | ${LOG_MESSAGE}\""
+    fi
+  fi
+}

emx2/roles/emx2_centos8/handlers/main.yml

@@ -0,0 +1,6 @@
+---
+- name: restart molgenis
+  systemd:
+    name: molgenis
+    state: restarted
+  listen: "restart molgenis-emx2 service"

emx2/roles/emx2_centos8/meta/main.yml

@@ -0,0 +1,21 @@
+galaxy_info:
+  role_name: emx2_centos8
+  author: Morris Swertz
+  description: this role is part of the Molgenis installation of CentOS
+  company: UMCG/RUG
+
+  license: license (LGPLv3)
+
+  min_ansible_version: 2.7.9
+
+  platforms:
+  - name: CentOS
+    versions:
+    - 8
+  - name: RHEL
+    versions:
+    - 8
+
+  galaxy_tags: [molgenis]
+
+dependencies: []

emx2/roles/emx2_centos8/tasks/main.yml

@@ -0,0 +1,47 @@
+---
+- name: Create molgenis uid
+  user:
+    name: molgenis
+    group: molgenis
+
+- name: setup molgenis folders
+  file:
+    path: /usr/local/share/molgenis/
+    state: directory
+    mode: u=rwx,g=rwx,o=rx
+    owner: molgenis
+    group: molgenis
+
+- name: install jar MOLGENIS EMX2
+  get_url:
+    url: https://github.com/molgenis/molgenis-emx2/releases/download/v{{ molgenis.version }}/molgenis-emx2-{{ molgenis.version }}-all.jar
+    mode: '0660'
+    owner: molgenis
+    group: molgenis
+    dest: /usr/local/share/molgenis/molgenis.jar
+
+- name: Install extra molgenis crossrestore tools
+  copy:
+    src:  "{{ item }}"
+    dest: /usr/local/share/molgenis/tools/
+    owner: root
+    group: root
+    mode: '0700'
+  with_items:
+    - molgenis_crossrestore_cleanup.bash
+    - molgenis_chown_data.bash
+    - utils.bash
+    - molgenis_cleanup.bash
+
+- name: Install molgenis sudoers file
+  copy:
+    src: molgenis
+    dest: /etc/sudoers.d/
+    mode: '0440'
+
+- name: start and enable MOLGENIS EMX2 (at boot time)
+  systemd:
+    name: molgenis
+    enabled: yes
+    state: started
+

emx2/roles/emx2_centos8/templates/emx2.j2

@@ -0,0 +1,14 @@
+[Unit]
+Description=MOLGENIS EMX2 data platform
+After=syslog.target
+
+[Service]
+User=molgenis
+WorkingDirectory=/usr/share/molgenis
+ExecStart=/bin/java -DMOLGENIS_HTTP_PORT=80 -jar -Xmx{{ memory.xmx }} -Xms{{ memory.xms }} /usr/share/molgenis/molgenis.jar --logging.file.name=/var/log/molgenis/molgenis.log
+SuccessExitStatus=143
+Restart=always
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target

emx2/roles/postgres_13_centos8/README.md

@@ -0,0 +1 @@
+The postgresql_13 role installs and configures postgresql 13 component for use in Molgenis