wcm_io_devops.conga_ansible_controlhost
wcm_io_devops.conga_ansible_controlhost
This role sets up a server as a control host for the wcm.io DevOps Ansible Automation for AEM.
It installs the following tools:
- JDK
- Maven
- Ansible (including necessary pip packages like cffi, jmespath, boto, etc.)
- Terraform
If you provide it, the role will also set up your AWS credentials and the
.vault_pass file.
Additionally, it allows you to configure your environment in your .bashrc file, if needed:
- EDITOR
- ANSIBLE_VAULT_PASSWORD_FILE
It also supports creating settings.yml and the optional
settings-security.xml for Maven.
Along with the essential OS packages for these tools, it installs the following packages to help with monitoring and debugging:
- nano
- iftop
- htop
- iotop
Requirements
This role requires Ansible version 2.7 or higher.
Role Variables
Here is a list of available variables and their default values:
controlhost_dependency_maven: true
Enables or disables the Maven role dependency.
controlhost_dependency_java: true
Enables or disables the Java role dependency.
controlhost_dependency_epel: true
Enables or disables the EPEL role dependency.
controlhost_dependency_terraform: true
Enables or disables the Terraform role dependency.
controlhost_user: "{{ ansible_env.SUDO_USER | default(ansible_env.USER) }}"
The user on the control host.
controlhost_group: "{{ controlhost_user }}"
The user’s group on the control host.
controlhost_user_home: "/home/{{ controlhost_user }}"
The home directory of the user.
controlhost_maven_path: "{{ controlhost_user_home }}/.m2"
The path to the Maven directory.
controlhost_maven_settings_path: "{{ controlhost_maven_path }}/settings.xml"
Path to Maven settings.xml.
controlhost_maven_settings_security_path: "{{ controlhost_maven_path }}/settings-security.xml"
Path to Maven settings-security.xml.
controlhost_maven_artifact_threads: 5
The number of threads Maven will use when downloading artifacts. Increasing this can speed up downloads.
#controlhost_maven_master_password:
When set, a Maven settings-security.xml will be created with the encrypted master password, and the controlhost_maven_repositories will have their credentials encrypted using this master password.
controlhost_nodejs_npmrc_path: "{{ controlhost_user_home }}/.npmrc"
Path to the .npmrc file.
controlhost_nodejs_npmrc_always_auth: true
Controls the "always-auth" parameter in .npmrc.
# controlhost_nodejs_npmrc_registries:
#- registry:
# username:
# password:
When registries are configured, the .npmrc will be set up. Currently, only one registry can be defined, and both username and password must be provided in plain text. The role will create the auth token.
#controlhost_vault_pass_path: "{{ controlhost_user_home }}/.ansible/.vault_pass"
When set, the ANSIBLE_VAULT_PASSWORD_FILE environment variable in the .bashrc is configured.
#controlhost_vault_pass_src:
When set, the specified file will be copied to the control host at controlhost_vault_pass_path.
controlhost_aws_credentials_path: "{{ controlhost_user_home }}/.aws/credentials"
The path of the AWS credentials file. Works with: controlhost_aws_credentials_src.
#controlhost_aws_credentials_src:
When set, the specified file will be copied to the control host at controlhost_aws_credentials_path.
#controlhost_default_editor: "nano"
When set, the bashrc will export EDITOR with this value.
controlhost_bashrc: "{{ controlhost_user_home }}/.bashrc"
Path to the bash/shell run commands file for setting ANSIBLE_VAULT_PASSWORD_FILE and EDITOR.
controlhost_maven_repositories:
- id: central
url: https://repo.maven.apache.org/maven2/
- id: adobe-public-releases
url: https://repo.adobe.com/nexus/content/groups/public
releases:
enabled: "true"
updatePolicy: "never"
snapshots:
enabled: "false"
A list of Maven repositories to be configured in Maven settings.xml. By default, Maven Central and Adobe's public release repository are configured here.
- id: [REPO-ID]
url: [REPO-URL]
username: [USERNAME] # optional
password: [PASSWORD] # optional
releases: # (optional)
[KEY]:[VALUE] # will be converted to <key>value</key>
snapshots: # (optional)
[KEY]:[VALUE] # will be converted to <key>value</key>
A list of configuration options for a Maven repository.
controlhost_maven_mirrors: []
A list of mirror configurations. See https://maven.apache.org/guides/mini/guide-mirror-settings.html for configuration details.
# Mirror configuration
# - id: [REPO-ID]
# url: [REPO-URL]
# mirrorOf: *
Example of a mirror configuration.
# controlhost_maven_settings_custom:
When set, this part is directly placed into the
#controlhost_ansible_version: 2.5.6
When set, the specified version of Ansible will be installed on the control host.
controlhost_python_version: 3
Determines whether Python3 or Python2 will be installed. The exact version depends on the host's OS.
controlhost_packages_pip_upgrade: true
Controls whether pip will be executed with the --upgrade option.
controlhost_packages_pip_enabled: true
Enables or disables pip package installation.
controlhost_packages_pip:
- markupsafe
- jmespath
- cffi
- cryptography
- boto
- lxml
- boto3
- rsa
- colorama
- botocore
- s3transfer
- awscli
List of pip packages to install. Starting with Ansible version 2.7+, you can also specify versions as documented here: https://docs.ansible.com/ansible/latest/modules/pip_module.html.
# controlhost_packages_os: []
List of OS packages to install on the control host. OS specific, see variable definition in the vars folder.
controlhost_packages_os_enabled: true
Enables or disables OS package installation.
Dependencies
This role depends on the following roles:
- geerlingguy.repo-epel (RedHat OS only)
- srsp.oracle-java
- gantsign.maven
- andrewrothstein.terraform
Example
Set up the localhost as a control host with the default editor as NANO,
an ANSIBLE_VAULT_PASSWORD_FILE in the .ansible/.vault_pass, and
'masterpassword' as the Maven master password.
- hosts: localhost
vars:
controlhost_default_editor: nano
controlhost_vault_pass_path: "{{ controlhost_user_home }}/.ansible/.vault_pass"
controlhost_maven_master_password: masterpassword
roles:
- wcm_io_devops.conga_ansible_controlhost
License
Apache 2.0
ansible-galaxy install wcm_io_devops.conga_ansible_controlhost