Merge pull request #255 from kennethgillen/ns-web-vm

Ns web vm deployment

ansible/server-state-playbooks/nightshade-web/.gitignore

@@ -0,0 +1 @@
+roles

ansible/server-state-playbooks/nightshade-web/README.txt

@@ -0,0 +1,14 @@
+### Taken from manics/ansible-public-omero-example.git
+### at bc730e580e7c9ed0752a68cd4aa42397e4e58a2a
+### and stripped of server components, leaving just web.
+
+### ansible playbooks & requirements for installing basic OMERO web
+
+
+- playbooks set up to run from localhost rather than remotely
+
+- after installing ansible and ansible-galaxy,
+    ansible-galaxy install -r requirements.yml -p roles
+
+- install OMERO.web server
+    ansible-playbook playbook.yml

ansible/server-state-playbooks/nightshade-web/Vagrantfile

@@ -0,0 +1,14 @@
+Vagrant.configure("2") do |config|
+  config.vm.box = "centos/7"
+  config.vm.provider "virtualbox" do |vb|
+  config.vm.network "forwarded_port", guest: 80, host: 8080
+  config.vm.network "forwarded_port", guest: 4064, host: 4064
+  config.vm.network "forwarded_port", guest: 4063, host: 4063
+    vb.customize ["modifyvm", :id, "--memory", "2048"]
+  end
+
+  config.vm.provision "ansible" do |ansible|
+    ansible.playbook = "playbook.yml"
+    ansible.galaxy_role_file = "requirements.yml"
+  end
+end

ansible/server-state-playbooks/nightshade-web/playbook.yml

@@ -0,0 +1,192 @@
+# Install OMERO.web with a public user on localhost
+
+- hosts: all
+
+  pre_tasks: 
+
+    # For OMERO.web apps
+    # Pythonpath must exist before omero.web.config is provisioned
+    # or OMERO.web won't start.
+    # create systemd file addition for PYTHONPATH
+    - name: OMERO.web apps | (pre_task) configure systemd for pythonpath - create config folder 
+      become: yes
+      file:
+        dest: "/etc/systemd/system/omero-web.service.d"
+        state: directory
+        mode: "u=rwx,go=rx" 
+        owner: "root" 
+        group: "root" 
+
+    # systemd web-apps folder to pythonpath to env
+    - name: OMERO.web apps | (pre_task) configure systemd for pythonpath 
+      become: yes
+      blockinfile:
+        create: yes
+        destfile: /etc/systemd/system/omero-web.service.d/pythonpath.conf
+        owner: "root" 
+        group: "root" 
+        block: |2+
+          [Service]
+          Environment="PYTHONPATH=$PYTHONPATH:/opt/omero/web/web-extensions"
+      notify:
+        - reload systemd
+
+  roles:
+
+    # Root LV Size 
+    - role: openmicroscopy.lvm-partition
+      lvm_lvname: "{{ provision_root_lvname }}"
+      lvm_vgname: "{{ provision_root_vgname }}"
+      lvm_lvmount: /
+      lvm_lvsize: "{{ provision_rootsize }}"
+      lvm_lvfilesystem: "{{ provision_root_filesystem }}"
+
+    # OMERO.web configuration in host_vars in different repository
+    - role: openmicroscopy.omero-web
+      omero_web_release: 5.2.8
+      no_log: true
+
+    - role: openmicroscopy.system-monitor-agent
+      when: >
+            ((ansible_env.COBBLER_SERVER is defined)
+            and (ansible_env.COBBLER_SERVER == "spacewalk.lifesci.dundee.ac.uk"))
+
+  post_tasks:
+    - name: Install open-vm-tools if system is a VMware vm
+      become: yes
+      yum:
+        name: open-vm-tools
+        state: latest
+      when: >
+           ((ansible_virtualization_type is defined)
+           and (ansible_virtualization_type == "VMware"))
+
+    # cf https://www.digitalocean.com/community/tutorials/how-to-optimize-nginx-configuration
+    # post 2.3 'dest' should be renamed 'path'
+    - name: NGINX - Performance tuning - worker processes
+      become: yes
+      replace:
+        dest: "/etc/nginx/nginx.conf"
+        regexp: '^worker_processes\s+\d+;'
+        replace: "worker_processes {{ ansible_processor_count * ansible_processor_cores }};"
+
+    # post 2.3 'dest' should be renamed 'path'
+    # cf https://www.digitalocean.com/community/tutorials/how-to-optimize-nginx-configuration
+    - name: NGINX - Performance tuning - worker connections
+      become: yes
+      replace:
+        dest: "/etc/nginx/nginx.conf"
+        regexp: 'worker_connections\s+\d+;'
+        replace: "worker_connections 65000;"
+
+    - name: NGINX - SSL File Deployment - prepare directory
+      become: yes
+      file:
+        path: "{{ nginx_ssl_files_path }}"
+        state: directory
+        owner: root
+        group: root
+        mode: "u=r,go=" 
+
+    - name: NGINX - SSL File Deployment
+      become: yes
+      copy:
+        dest="{{ item.key }}"
+        content="{{ item.value.content }}"
+        owner="{{ item.value.owner }}"
+        group="{{ item.value.group }}"
+        mode="{{ item.value.mode }}"
+      with_dict: "{{ nginx_ssl_cert_files }}"
+      no_log: true
+
+    # post 2.3 'destfile' should be renamed 'path'
+    - name: NGINX - SSL Configuration - Additional listen port
+      become: yes
+      lineinfile:
+        destfile: /etc/nginx/conf.d/omero-web.conf
+        insertafter: '    listen 80;'
+        line: '    listen 443 ssl;'
+
+    # post 2.3 'destfile' should be renamed 'path'
+    - name: NGINX - SSL Configuration - Rest of SSL section to omero-web.conf
+      become: yes
+      blockinfile:
+        destfile: /etc/nginx/conf.d/omero-web.conf
+        insertbefore: '.*sendfile.*'
+        block: |2+
+
+              ssl_certificate {{ nginx_ssl_files_path }}/{{ nginx_ssl_cert_filename }};
+              ssl_certificate_key {{ nginx_ssl_files_path }}/{{ nginx_ssl_key_filename }};
+              ssl_protocols  {{ nginx_ssl_protocols }}
+            
+              if ($ssl_protocol = "") {
+                  rewrite ^/(.*) https://$host/$1 permanent;
+              }
+      notify:
+        - restart nginx
+
+    # 'manual' install of omero.web.apps for Nightshade feature parity
+
+    # note: system user var defined in openmicroscopy.omero-web as a default
+    - name: OMERO.web apps | top-level folder
+      become: yes
+      file:
+        path: "{{ omero_web_extensionsdir }}"
+        state: directory
+        owner: "root" 
+        group: "root" 
+        mode: "u=rwx,go=rx" 
+
+    # download figure
+    - name: OMERO.web apps | download latest figure
+      become: yes
+      unarchive:
+        src: https://downloads.openmicroscopy.org/latest/figure.zip
+        owner: "root" 
+        group: "root" 
+        mode: "u=rwx,go=rx" 
+        dest: "{{ omero_web_extensionsdir }}"
+        remote_src: True
+        creates: "{{ omero_web_extensionsdir }}/figure-{{omero_web_extensions_figure_ver}}" 
+
+    # download tagging
+    - name: OMERO.web apps | download latest tagging
+      become: yes
+      unarchive:
+        src: "http://downloads.openmicroscopy.org/webtagging/{{ omero_web_extensions_tagging_ver }}/webtagging-{{ omero_web_extensions_tagging_ver }}.zip"
+        owner: "root" 
+        group: "root" 
+        mode: "u=rwx,go=rx" 
+        dest: "{{ omero_web_extensionsdir }}"
+        remote_src: True
+        creates: "{{ omero_web_extensionsdir }}/webtagging-{{omero_web_extensions_tagging_ver}}" 
+
+    # create symlinks
+    - name: OMERO.web apps | app-name symlinks
+      become: yes
+      file:
+        src: '{{ omero_web_extensionsdir }}/{{ item.src }}'
+        dest: '{{ omero_web_extensionsdir }}/{{ item.dest }}'
+        state: link
+        owner: "root" 
+        group: "root" 
+      with_items:
+       - { src: 'webtagging-{{ omero_web_extensions_tagging_ver }}/autotag/', dest: 'autotag' }
+       - { src: 'webtagging-{{ omero_web_extensions_tagging_ver }}/tagsearch/', dest: 'tagsearch' }
+       - { src: 'figure-{{ omero_web_extensions_figure_ver }}', dest: 'figure' }
+
+      # put the OMERO.web config for webapps here, and then restart web.
+      # i.e. take it out the initial set of omero.web config
+      # to go into {{ omero_web_basedir }}/config/*.omero
+      # which should then be turned into OMERO.web config by the
+      # omero.web systemd-based restart.
+    - name: 
+      become: yes
+      template:
+        src: templates/omero-web-config-for-webapps.j2
+        dest: "{{ omero_web_basedir }}/config/omero-web-config-for-webapps.omero"
+        owner: "root" 
+        group: "root" 
+        mode: "u=rw,go=r"
+      notify:
+        - restart omero-web 

ansible/server-state-playbooks/nightshade-web/requirements.yml

@@ -0,0 +1,18 @@
+---
+
+- name: openmicroscopy.omero-common
+  src:  https://github.com/openmicroscopy/ansible-role-omero-common.git
+
+- name: openmicroscopy.omego
+  src:  https://github.com/openmicroscopy/ansible-role-omego.git
+
+- name: openmicroscopy.omero-web
+  src:  https://github.com/openmicroscopy/ansible-role-omero-web.git
+
+- name: openmicroscopy.lvm-partition
+  src: https://github.com/openmicroscopy/ansible-role-lvm-partition.git
+
+- name: openmicroscopy.system-monitor-agent
+  src: https://github.com/openmicroscopy/ansible-role-system-monitor-agent.git
+
+

ansible/server-state-playbooks/nightshade-web/templates/omero-web-config-for-webapps.j2

@@ -0,0 +1,9 @@
+# {{ ansible_managed }}
+# Add web-extension OMERO.web configuration
+# after web already installed and running via role
+
+config set -- omero.web.apps '["autotag", "tagsearch", "figure"]'
+config set -- omero.web.ui.center_plugins '[["Auto Tag", "autotag/auto_tag_init.js.html", "auto_tag_panel"]]'
+config set -- omero.web.ui.top_links '[["Data", "webindex", {"title": "Browse Data via Projects, Tags etc"}], ["History", "history", {"title": "History"}], ["Help", "http://help.openmicroscopy.org/", {"target": "new", "title": "Open OMERO user guide in a new tab"}], ["Figure", "figure_index", {"target": "new", "title": "Open OMERO.Figure in a new tab"}], ["Tag Search", "tagsearch"]]'
+
+