From 98b5999f0196418d7f3af20cd0fc9f6ba397e77c Mon Sep 17 00:00:00 2001 From: Tim Dennis Date: Fri, 19 Jul 2024 11:19:35 -0700 Subject: [PATCH 01/28] adding copyright main.yml --- defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 315ee724..279dd4e6 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -8,7 +8,7 @@ dataverse_repo: https://github.com/IQSS/dataverse.git # dataverse_installer_url: https://example.com/path/to/dvinstall.zip # set this to true for troubleshooting -any_errors_fatal: false +any_errors_fatal: true apache: enabled: true @@ -127,7 +127,7 @@ dataverse: iconUrl: https://licensebuttons.net/l/by-sa/4.0/88x31.png active: true sortOrder: 7 - copyright: "Your Institution" + copyright: "UC Regents" counter: enabled: false #geoipdir: maxmind_geoip From d0148d796f0e1b8a445e88f0397aa10932e6e048 Mon Sep 17 00:00:00 2001 From: jmjamison Date: Fri, 26 Jul 2024 15:02:27 -0700 Subject: [PATCH 02/28] update default settings --- .gitignore | 1 + defaults/main.yml | 5 +++-- tasks/s3.yml | 15 ++++++++------- 3 files changed, 12 insertions(+), 9 deletions(-) diff --git a/.gitignore b/.gitignore index 6bb015b2..51f99447 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ venv .vagrant/ /.idea /*.iml +inventory_ec2 \ No newline at end of file diff --git a/defaults/main.yml b/defaults/main.yml index 279dd4e6..732153b3 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -393,7 +393,7 @@ rserve: workdir: /tmp/Rserv s3: - enabled: false + enabled: true access_key: 4cc355_k3y secret_access_key: s3cr3t_4cc355_k3y bucket_name: s3-test @@ -410,7 +410,8 @@ s3: label: s3-test # for localstack this must be true path_style_access: true - region: us-east-1 + region: us-west-2 + location_constraint: us-west-2 storage_driver_id: s3 url_expiration_minutes: 60 payload_signing: false diff --git a/tasks/s3.yml b/tasks/s3.yml index 99d3cb82..496e50f8 100644 --- a/tasks/s3.yml +++ b/tasks/s3.yml @@ -27,12 +27,12 @@ mode: '0600' - name: set s3 settings in dataverse + environment: + PATH: "{{ lookup('env', 'PATH') }}:/usr/local/bin" shell: 'asadmin-create-or-replace-option.sh "{{ item.key }}" "{{ item.value }}"' register: output changed_when: "'Command create-jvm-options executed successfully.' in output.stdout" - when: - - item.value is defined - - item.value != '' + with_items: - key: dataverse.files.storage-driver-id value: "{{ s3.storage_driver_id }}" @@ -52,9 +52,8 @@ value: "{{ s3.payload_signing }}" - key: dataverse.files.s3.chunked-encoding value: "{{ s3.chunked_encoding }}" - - key: dataverse.files.s3.custom-endpoint-region - value: "{{ s3.custom_endpoint_region }}" - + - key: dataverse.files.s3.path-style-access + value: "{{ s3.path_style_access }}" # optional s3 settings - name: expose custom_endpoint_url as variable @@ -66,7 +65,7 @@ - name: create S3 bucket shell: - 'aws s3api create-bucket --bucket {{ s3.bucket_name }}' + 'aws s3api create-bucket --bucket {{ s3.bucket_name }} --create-bucket-configuration LocationConstraint={{ s3.location_constraint }} --region {{ s3.region }}' args: executable: /bin/bash become_user: '{{ dataverse.payara.user }}' @@ -98,6 +97,8 @@ and custom_endpoint_url | length == 0 and s3.cors_already_set == false - name: set s3 direct download + environment: + PATH: "{{ lookup('env', 'PATH') }}:/usr/local/bin" shell: 'asadmin-create-or-replace-option.sh "dataverse.files.s3.download-redirect" "{{ s3.download_redirect }}"' register: output changed_when: "'Command create-jvm-options executed successfully.' in output.stdout" From 3c91efb81d99bd2368bbd2040c43a5cf66f58bf3 Mon Sep 17 00:00:00 2001 From: Tim Dennis Date: Thu, 12 Sep 2024 16:19:48 -0700 Subject: [PATCH 03/28] updating url --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 67a35092..ecf2e59a 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ The role installs Apache, PostgreSQL, GlassFish/Payara and other prerequisites, Running the following commands as root should install the latest released version of Dataverse. - $ git clone https://github.com/GlobalDataverseCommunityConsortium/dataverse-ansible.git dataverse + $ git clone https://github.com/ucla-data-science-center/dataverse-ansible.git dataverse $ ansible-playbook --connection=local -v -i dataverse/inventory dataverse/dataverse.pb -e "@dataverse/defaults/main.yml" Recent, specific versions of Dataverse (namely, 4.20 and 5.0) may be installed using branches tagged with that version. @@ -89,7 +89,7 @@ It is possible to run certain portions of the playbook to avoid running the enti **Note:** While Ansible in general strives to achieve role idempotence, the dataverse-ansible role is merely a wrapper for the Dataverse installer, which itself is not idempotent. If you strongly desire that the role be idempotent and would like achieve this via semaphores, pull requests are welcome! ### To test using Vagrant: - $ git clone https://github.com/GlobalDataverseCommunityConsortium/dataverse-ansible + $ git clone https://github.com/ucla-data-science-center/dataverse-ansible.git $ cd dataverse-ansible $ vagrant up From 3002398b8f922c7b995d3a2c3c54da2184774c92 Mon Sep 17 00:00:00 2001 From: Tim Dennis Date: Thu, 12 Sep 2024 16:22:19 -0700 Subject: [PATCH 04/28] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index ecf2e59a..405fd69e 100644 --- a/README.md +++ b/README.md @@ -89,8 +89,8 @@ It is possible to run certain portions of the playbook to avoid running the enti **Note:** While Ansible in general strives to achieve role idempotence, the dataverse-ansible role is merely a wrapper for the Dataverse installer, which itself is not idempotent. If you strongly desire that the role be idempotent and would like achieve this via semaphores, pull requests are welcome! ### To test using Vagrant: - $ git clone https://github.com/ucla-data-science-center/dataverse-ansible.git - $ cd dataverse-ansible + $ git clone https://github.com/ucla-data-science-center/dataverse-ansible.git ucla-dataverse + $ cd ucla-dataverse $ vagrant up On successful completion of the Vagrant run, you should be able to log in to your test Dataverse as dataverseAdmin using the dataverse_adminpass from tests/group_vars/vagrant.yml using the address: From f147d245b0628d3e0bad869780d4328d9111759e Mon Sep 17 00:00:00 2001 From: Tim Dennis Date: Thu, 24 Oct 2024 13:55:15 -0700 Subject: [PATCH 05/28] adding rocky9 molecule scenario --- molecule/rocky9/Dockerfile.j2 | 3 +++ molecule/rocky9/converge.yml | 8 ++++++++ molecule/rocky9/molecule.yml | 30 ++++++++++++++++++++++++++++++ 3 files changed, 41 insertions(+) create mode 100644 molecule/rocky9/Dockerfile.j2 create mode 100644 molecule/rocky9/converge.yml create mode 100644 molecule/rocky9/molecule.yml diff --git a/molecule/rocky9/Dockerfile.j2 b/molecule/rocky9/Dockerfile.j2 new file mode 100644 index 00000000..b9120bbe --- /dev/null +++ b/molecule/rocky9/Dockerfile.j2 @@ -0,0 +1,3 @@ +FROM rockylinux:9 +RUN yum install -y sudo systemd systemd-sysv postfix +CMD ["/usr/sbin/init"] \ No newline at end of file diff --git a/molecule/rocky9/converge.yml b/molecule/rocky9/converge.yml new file mode 100644 index 00000000..e6007562 --- /dev/null +++ b/molecule/rocky9/converge.yml @@ -0,0 +1,8 @@ +--- +- name: Converge + hosts: all + gather_facts: false + tasks: + - name: Replace this task with one that validates your content + ansible.builtin.debug: + msg: "This is the effective test" diff --git a/molecule/rocky9/molecule.yml b/molecule/rocky9/molecule.yml new file mode 100644 index 00000000..29bae9c4 --- /dev/null +++ b/molecule/rocky9/molecule.yml @@ -0,0 +1,30 @@ +--- +dependency: + name: galaxy +driver: + name: docker +platforms: + - name: rocky9 + image: eniocarboni/docker-rockylinux-systemd:latest + pre_build_image: true + privileged: true + command: /usr/sbin/init + groups: + - dataverse + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + - /var/lib/containerd + cgroupns_mode: host + published_ports: + - "8080:8080" +# gpt lies! +# ports: +# - "8080:8080" +provisioner: + name: ansible + roles_path: + - .. + playbooks: + converge: ../../site.yml +verifier: + name: testinfra From 4d00478c889c606ac209ec877708c7130a9d0c0c Mon Sep 17 00:00:00 2001 From: Tim Dennis Date: Wed, 6 Nov 2024 13:57:59 -0800 Subject: [PATCH 06/28] moelecule and task changes --- .gitignore | 3 +- Vagrantfile | 22 +++-- defaults/main.yml | 30 +++---- files/branding/custom-header.html | 35 ++++++++ files/branding/dataverseUCLA_logo.png | Bin 0 -> 2967 bytes files/branding/dataverseUCLA_logo2.png | Bin 0 -> 4435 bytes inventory | 2 +- meta/main.yml | 2 + molecule/rocky9/molecule.yml | 4 + site.yml | 26 ++++-- tasks/bak_dataverse-prereqs.yml | 104 +++++++++++++++++++++++ tasks/dataverse-counter.yml | 20 +++-- tasks/dataverse-gui.yml | 66 ++++++++++----- tasks/dataverse-languages.yml | 80 ++++++++++++------ tasks/dataverse-licenses.yml | 38 +++++---- tasks/dataverse-optional-settings.yml | 16 +++- tasks/dataverse-prereqs.yml | 110 ++++++++++++------------- tasks/payara.yml | 3 +- tasks/postfix.yml | 3 + tasks/postgres_redhat.yml | 18 ++-- tasks/selinux.yml | 18 ++-- tasks/solr.yml | 1 + 22 files changed, 427 insertions(+), 174 deletions(-) create mode 100644 files/branding/custom-header.html create mode 100644 files/branding/dataverseUCLA_logo.png create mode 100644 files/branding/dataverseUCLA_logo2.png create mode 100644 tasks/bak_dataverse-prereqs.yml diff --git a/.gitignore b/.gitignore index 51f99447..2dae4508 100644 --- a/.gitignore +++ b/.gitignore @@ -2,4 +2,5 @@ venv .vagrant/ /.idea /*.iml -inventory_ec2 \ No newline at end of file +inventory_ec2 +.DS_Store \ No newline at end of file diff --git a/Vagrantfile b/Vagrantfile index e7ea6530..3ecf9879 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -4,8 +4,9 @@ VAGRANTFILE_API_VERSION = "2" Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| - config.vm.box = "bento/rockylinux-9" - + #config.vm.box = "bento/rockylinux-9" + config.vm.box = "bento/rockylinux-9-arm64" + config.vm.synced_folder ".", "/vagrant" config.vm.synced_folder ".", "/etc/ansible/roles/dataverse" @@ -20,7 +21,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| config.vm.network :forwarded_port, guest: 9090, host: 9090, auto_correct: true # Prometheus config.vm.provision :ansible_local do |ansible| - ansible.playbook = "tests/site.yml" + ansible.playbook = "site.yml" ansible.groups = { "dataverse" => %(default), "db" => %(default), @@ -34,8 +35,15 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| ansible.verbose = true end - config.vm.provider "virtualbox" do |vbox| - vbox.cpus = 4 - vbox.memory = 8192 + config.vm.provider "vmware_desktop" do |vmware| + vmware.vmx["tools.upgrade.policy"] = "manual" + vmware.gui = false + vmware.ssh_info_public = true + vmware.allowlist_verified = true + vmware.linked_clone = false + vmware.vmx["ethernet0.virtualdev"] = "vmxnet3" + vmware.vmx["ethernet1.virtualdev"] = "vmxnet3" + vmware.vmx["memsize"] = "8192" + vmware.vmx["numvcpus"] = "4" end -end +end \ No newline at end of file diff --git a/defaults/main.yml b/defaults/main.yml index 2addf7c5..b75d6738 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -8,7 +8,7 @@ dataverse_repo: https://github.com/IQSS/dataverse.git # dataverse_installer_url: https://example.com/path/to/dvinstall.zip # set this to true for troubleshooting -any_errors_fatal: true +#any_errors_fatal: true apache: enabled: true @@ -47,9 +47,9 @@ dataverse: adminpass: admin1 allow_signups: true api: - allow_lookup: false - blocked_endpoints: "admin,builtin-users,test" - blocked_policy: "localhost-only" + allow_lookup: true + blocked_endpoints: "builtin-users,test" + blocked_policy: "" location: "http://localhost:8080/api" test_suite: false # possible test values from https://github.com/IQSS/dataverse/blob/develop/conf/docker-aio/run-test-suite.sh#L11 @@ -57,7 +57,7 @@ dataverse: #tests: "DataversesIT,DatasetsIT,AdminIT" tests: default branding: - enabled: false + enabled: true directory: "{{ playbook_dir }}/files/branding" favicons_directory: "{{ playbook_dir }}/files/favicons" fileSettings: @@ -66,23 +66,23 @@ dataverse: - setting: StyleCustomizationFile file: custom-stylesheet.css - setting: LogoCustomizationFile - file: topbanner001w425_darkbg.png' + file: dataverseUCLA_logo.png otherSettings: - setting: FooterCopyright - value: Your institute name here + value: " UC Regents" language: - enabled: false # setting this to true allows the language task to run + enabled: true # setting this to true allows the language task to run languages: - locale: en_US title: English - - locale: de_DE - title: Deutsch + - locale: de_ES + title: Spanish language_packs: source: https://github.com/GlobalDataverseCommunityConsortium/dataverse-language-packs.git version: develop lang_directory: "{{ dataverse_misc_files_dir }}/lang" licenses: - enabled: false + enabled: true user: dataverseAdmin licenses: - name: CC0 1.0 @@ -129,7 +129,7 @@ dataverse: sortOrder: 7 copyright: "UC Regents" counter: - enabled: false + enabled: true #geoipdir: maxmind_geoip #geoipfile: GeoLite2-Country.mmdb hub_api_token: set_me_in_secrets @@ -145,7 +145,7 @@ dataverse: user: counter year_month: "2018-05" custom_metadata_blocks: - enabled: false + enabled: true urls: - https://github.com/IQSS/dataverse/files/3744336/codemeta.tsv.txt default: @@ -322,7 +322,7 @@ localstack: web_ui: 8888 buckets: - label: LocalStack - id: localstack1 + id: loalstack1 bucket_name: mybucket enabled: false access_key: 4cc355_k3y @@ -394,7 +394,7 @@ rserve: workdir: /tmp/Rserv s3: - enabled: true + enabled: false access_key: 4cc355_k3y secret_access_key: s3cr3t_4cc355_k3y bucket_name: s3-test diff --git a/files/branding/custom-header.html b/files/branding/custom-header.html new file mode 100644 index 00000000..c4bdd3c3 --- /dev/null +++ b/files/branding/custom-header.html @@ -0,0 +1,35 @@ + +
+
+

+ SAMPLE IMAGE + SAMPLE HEADER LINK +

+
+
diff --git a/files/branding/dataverseUCLA_logo.png b/files/branding/dataverseUCLA_logo.png new file mode 100644 index 0000000000000000000000000000000000000000..a24c8e3f2e9a7951e33ebcac88b79ea77f73e1fd GIT binary patch literal 2967 zcmai0_d6SE8&1^-t-V?tqm3TbAfK95VoTI6%29i7RXembLN!)sX^q;|5Fb1dEGX4FOA3QzTr=y`TPTk1I{9!wxyWn&&)98rj|ti4GDGUW*MKCUO8pvH1biN+xp zCCboiFn%B##lX;8@q#N;bLFx&j3Jg2D8b68A)Wx@I{lwPjY-OU>^?CK^*(Whp>;Q> zxY&ua27=l;{c%-|#h{CJ=>^V9Zm8rDH(Q7V-!}%puBb?{#V@8jL{gg4Uw>3_3j{h2 zA8lRlIv-B&n&XX*KD|}e)V{W;O<7bM_|(rntAT2+bp?|b%nJ939N?v{G|U%`0FgKn zF@9KW(RtDO>nu>GSF}w3+#K^BC=oMsDnM4136Pr`Jka-P6x%^9iz||sCskZOJ48dz z%Xco)o~!#tm&nqQH~>JVHVEJD(cp)bwNii8sjm~`&|EsqoP%B4Q{D&R0ZKBKwRPj^ zbu|JmUES9|r8ufJ8}|+;%W3<}G}Ng`ZdyxF+7%OKyq*)NHyY);^;>AiTr}!TkfYrY zcl7CL_Dx$=jbDX3=kcP>lQxZlv@X$*Iz(dM-x_Roa;mjFY$2qxMImjeNu)hz`kEqC z4!Z>Wh)jRjA9G4;c(hqBb9#EH2cvX1BXX>@D=1^<220()WN0f(P?bJMl9-52kKr*R zvN{F}MIh;%MeLw27brJ2MBVILhnWGl?hfQk20%cHl%&_ywj-;BLi-JoSbD}?PGu3j zfq516emcK?`<)+ZQ}t?<)S=4x9o$+8;e~(tU)@_&*Zzir&cw(aS6o`~MWw%AtxhuT zTbRB(F;V=niHn z-_7eZP3Dwtyoq`~75r#fUFF^^OQXv81fhY{KPt?RKWQx)nSs^qX-nr2Y7TsJ6CcYa zMQd>CnG+SWy>np|(`Huu2TPr5In}28jtT2lDnTVn?@O@^o!cx# z5Lvy0TR15Nf3PDasV>Jnx^5r5T>=6)GC>mWjPQO?p5z{dK?8j2=j@m={r!_iV28LL zPsR%7qK7#r0U^cWMF?=gTh<32t z+%&7ep8KKLQd%q9{aT_kVGs-blZSPoPu`ffvQm3mp(EmmfzF}`hmMuiJq}@?nwlDm z_J)Rr#b^r*pXUPPst*Ez$P;)t*P8nQzUg+283eCHjJMV3%!cxz^!x$?pRUn4Fmd|e zJ+*9JY_?KUEK_WMr#Q<_tiq)?(#!oBYWkwfx;(0nU-R!jzPDh|C>dl!>vYzirhpj% zpsg9sCM7X`0CA}aX?*4>f1T)YE33E`Q)wuOEs>IXV<^SPmQh9y1KLIa zmL2knO_0n}NtD-;`JP$R{#bo@>d8U}`OLJ|Pt=FD^74*fnLbNh8*X;SW^V{`6$}Pz z&W8RAs1~JBSm7+lI_hSd2quhd1UEic%G=nz{fc2)0astI?KmA;aN_Kb>~|LO_)3k0 zWir~&dgr;x!v*n`l_ABlVDRJov)=yK3lbd3&(-rF9%(I3~_TL zp$Qu;!pSu|Gwp*e|KVd}x~BwK4_1xJ5^wdgOHep5pw;OI!j?dY}+jBK6oj9^4a!|GK$} zHmPXUYw74PTK4P|I4S}_Adnv9Yi!WiMtyb1ghMHq05Rsx1obKy3)R!#Gg6--tQ-)e z%;%EDg&J%rOr9JSiQ%`Pe07Rh47N z=;NUiJs5rD;2)Bg?>Lf)gXql!tV5p=zS{qO#l%l8=6H3fvVT%o{vqT1!@|PDoIEas zJi1@48hWy9lKxT^9av(_?=Zhhp8)L;30!z+eG3ekVh^qd>tvQC4)l~%O6OE$)UgIF zK{%57VYjjroaJ%|A);92`VuKNX6D@r`;kRqEpxtmVK|%hA?Bq`Z%~Tso*i=3fwNao zf*_l4u2AWQAos|%dh|i*<5+w;)Zota<=X(B0+YG!D?GQmOQgpx0osZk&U% z9RscUqVx2d_q6-Qpn>U*^;#H58iX3uPd%&>tQO&{v@{jzGIbCcnz7 zw9mtp6i3C>1W*!%6VrIVx0xmtXc&kqSy$!2eOzr$Pc(g)eh+^Zo6$KmEa48cJNoC8 zlH<;ka=LWd3FDpU+I|E5(qBh8Yc%53$f&hAR}tREoH#LY`6KJAXw#Z^jqX(${__Sm z(&be4Ds1K#)pVu*5u1oFpc|sMkIy{&Sv1p4Ck|JR0tf~#Z1RIkNvWIc$4wd@&$$aX z#o;^@gtOp6Umt^DTgLYwy4YQbPmp6&dhV>wdfWN3qN(ovo9#L4e5*K=WoB7hlFt<+ z13v(FV9686xWg=cyO0-qQa=wC5D;iN!M?<{&Xjjw{OUfq_&u9LH%dlnjQ;M2H7lNOonM(n&}V`{_T~kPkTDYl>$Dq0eetI+Lw9MlpfaENdnPF)nQ$V6-L>E`E4P v0uw3{W_3%}?;Re9d+u{S+~=P0{Lb&3L<=*0W=1|n006*jXrOZ+0045G-IXqa z&dxmgU*t0Zay8c10i6C@MQ!C7XBvh81G^vq;1c-X1_JU6c+Qmc!G@-~^wdktmw9-9 zv~>;v0BrMyI+~W4sjUJhFM;v4p7!?1d!_Vtqp?LX@95(r<# zO^&X=rL@_!Pa zScmrOU1tbhe%EV(9qk;>pqx|W=PuGia^FVvxYxETF+KRaocYHfy0Mdr$Q*Y6XqW!+ zW1j8j6G&65!4o*Kg!vgAK@iExtT7{oPxJ^*N#Ge4YN2NR?O zAjjI=?Y&cDo%Wf-fUT=Pt;|)$sbIP>l6^flR0R;M=<*IhwdiB-QR5Di_T5kKv~?J7k>?@C|l7&2>MD|IWyLAOG(`;i3O0FwRN%keLGRg z*VQ?s5*V3^(81mi{yv1e2}vJ|^- z^7`oXs?+8N-EUYrN6!SXl1?1=;{;MII^Q_lm30$8q^$DV7!@Q{cz)*|{H3unN2zxg zRLl&IV8C36+N`~Cgl`WfQ-ShmLO`)=2#z{;MWZy@=qL1y00yrzB zB}0C{FS}>xt|xS%C2! zev@NCR4VwKmxnV5&+kjs%Iqjq5o!KUyX6N(e?3G^yV!rSBD9gCG<46M1e)s^yoYh* zkFrxNW1@4yv)GOo_aS!rsI=rK{E;83>SpbCi){TH<-#fKy9?e(%fIjj`TR)dT`s!I zh$3;B9_Df4q|yGhvB=5Uu-sN37&M%qxWadE&vPBhRKP<N@0aZwzji!#qu;>qb58IwfWimC8)_${GlQzB_0Q5zgbB4Puq zZnIHZGb@cP6yUh#O|0we#(h0pHItL*+3`&TN~qiY;##zVc zua0ETiDCfN0jdEO#2f`83DyA1wH9I3cu_PSvjW$mgylUV_S~tnVboxGmd{4~`79%< z7H(Hmhc+1TqM8G4UWt6fAou(n+O8Q3j;xw`f=4ZhfuISoMl%SY0Pr&?!1C=lzCkA^ zYiPwzO5oWK^Ehusbsf!&R(2&^TnSqF@q6Uejs8_o2-jtnah&1{{?&Gorc&uVYeH|{ zFl4R+1}K2{yAm36bD_qdQ#8N%#Mqa`G=tcH%qZ;uTG-^$k9yq}1U0o!_DCSghK_YU zWRVhQe!w2Znw8jAfSstr1(pRh zwv;|S{*E6@i2cc8Zx)OuEo%0G7UZ_6b9R(dA4PwftID04;d)<^j`oMg(fTFlXH!5= z;(_X)U+s&Wog!Vthj4BNtM)Zsj&OAfD?s4(zRV6ss_fwHIzNW@2vk4(rn)w@vvdrIkcb%fYsK-D*?y9$uh4U#aeCpL5U)9`@V#05trD9y>8aws7P<)Bk6k5&TEWofg3#Zd=+XAOb5D8G0k_j2{FDE^ekh+DLic1ZYd^neW`4m0O*zU^$bWeNVK$<%|)#M zTidLcUO>fl)EUE~HEjdVYsg_j#bOw8p@HISIPQ&gnui`?fQ~ruUDVV75O*64Wk4)) zDtM`7VeVd50ABkwN!_bNHJv$UKhxJMh4OdFEMR!;iT|wqhFxV$4{3&d;UgCd@F@bO zc%2^y_#JJjXF}|uJQSL>YGuFCL?d=Ij@7Y^$wSazm@h$n`W5zSKe>km26k;pI$LhJ zyrfCQY&HMLmjavX#vw2D;xX^CZ&I|hX2?j}#T8?EzH68I&pz~4c5QzHh;@A5DIqXS z*In)qfhT}hKXNc;r5VF)(o=Z4`T|o4XK5r6mHHQ?%E~fxS|EV_6BqgC=0jYxAJXP( z4#BKcsklwz8B|qWMMGH$L0$8MsXC^*cjIV}_4&DMB2utEjZgnrhJ^3FqC+cu?X=wf zf|2(~a^rLu81nIo`jlc+U6BF$c!#$pO*QFHY*`4qf#=Z;j^(%n+@>|558RwA5U@R2hq!D|NRWAoYpY7 z``_;=Y8-+Zxh{Dmlksb@xYpS(A3CmW623nj@>rUTFNVjjo~8O=^Y zYRB`9R9vMqTX7xvP9`c;K44C+BAp&Tqt?vfMd6(RuVyTl0+2r=<=}_x_V29eqP=(O zu-qV=3H&aT)~7x-g4pr;ljUx$`{PG*Vp8Oc;5hq2>)-vJY0G&uyuc$qg)(K;`zrs) zD4!mv(B5Olg*|l1F&EjvPm87M46JO|MxVHzm^l_I{$xIu$($~1l(%P~Ky8;K?+BCx zU}XJ!o3}@d%BqyIS>&|VQ(lYv9V-0pNBt_2S1|$m128HcN%TGpJ^c_TWxAZgTeVOM zUiohDT4gJ9tn)V8iv=Xj3OW4J*+Dee1A^Frlc%g&>Uvn$r~!m#;IMqVLN4H zIU3F=T2wLb)LUBha@0NrHd&8zPKZJje=R&?N$ix(Z)b%Yg!vB0$CjCXCZVia`_dau zBn2T(W=U60)G0XDi?6_xP*4g-U=6^671%PmZ~;V=4Y54Ky=&3`vF&|xm^#!ARWrki zmD8QST9g*rsu6EEEg81vMmGlS`*8Yzh0HL)z8CYZL-`awnqx8a$Wz1Xg4>7b2qvb~ z@+x@U_@D_wY?&y*eb~ql-_@|nx%`($=*>W)w3zS<8;O)8HZuCmJj}9~RIh}u)zVp0$iK=(w1V2~A(I80AjuYJyv+HN6^+k$E zB!*;l*Qx%YKfEi>yF*#OaQ-5B zv-$cnGzc;#Z+(!0IY`6=I$U|^3hZE?>l!RBypc^XIX+f|!l!Q^7QHhrQPmk+1j68O`S7o0S(^=YMHkjqm&!PHlz zO9RSti;ZZb3$Y20*bpnTy7$rGAA6rK_buX7_moMvR?Kk`oU$s~t*tl&5{4#3_v?o1 zZ@u$*_#jdkrgLJQtZ~-(Lb}akLtZyJoBWB}$m&M*aiKK1lmO1&>>ui{`t&d4zR8I8 zJjjjze2Xh*6UV^8XkO{O=(G1MSqLUC3_l`?BNN P_yb_5Yo=4J 2 -- name: create language pack - shell: cd {{ lang_git_dir }}/tmp ; zip languages.zip *.properties +- name: Create language pack + shell: "cd {{ lang_git_dir }}/tmp && zip languages.zip *.properties" when: diff.changed -- name: upload language pack +- name: Upload language pack uri: url: "{{ dataverse.api.location }}/admin/datasetfield/loadpropertyfiles" method: POST headers: Content-type: "application/zip" -# Accept: application/json src: "{{ lang_git_dir }}/tmp/languages.zip" remote_src: yes status_code: 200 @@ -75,7 +108,7 @@ when: diff.changed notify: enable and restart payara -- name: configure available languages +- name: Configure available languages uri: url: "{{ dataverse.api.location }}/admin/settings/:Languages" method: PUT @@ -84,12 +117,11 @@ status_code: 200 when: diff.changed -- name: configure available languages +- name: Configure metadata languages uri: url: "{{ dataverse.api.location }}/admin/settings/:MetadataLanguages" method: PUT body: '{{ dataverse.language.languages }}' body_format: json status_code: 200 - when: diff.changed - + when: diff.changed \ No newline at end of file diff --git a/tasks/dataverse-licenses.yml b/tasks/dataverse-licenses.yml index 2499dc07..69247d7f 100644 --- a/tasks/dataverse-licenses.yml +++ b/tasks/dataverse-licenses.yml @@ -1,11 +1,11 @@ --- -- name: install and configure dataverse languages +- name: Install and configure Dataverse licenses debug: msg: '##### DATAVERSE LICENSES #####' -#### you need community.postgresql from ansible galaxy for this -- name: get api key for dataverseAdmin from the database +#### Requires community.postgresql from Ansible Galaxy +- name: Get API key for dataverseAdmin from the database community.postgresql.postgresql_query: db: "{{ db.postgres.name }}" login_user: "{{ db.postgres.user }}" @@ -16,21 +16,28 @@ register: token_result failed_when: token_result.rowcount != 1 -- name: calculate api_token +- name: Calculate API token set_fact: api_token: '{{ token_result.query_result[0].tokenstring }}' -#- name: get installed licenses -- this is needed for true idempotence, but not used currently -# uri: -# url: "{{ dataverse.api.location }}/licenses" -# method: GET -# status_code: 200 -# register: current_licenses +- name: Get existing licenses from Dataverse + uri: + url: "{{ dataverse.api.location }}/licenses" + method: GET + headers: + X-Dataverse-key: '{{ api_token }}' + Content-Type: 'application/json' + status_code: 200 + register: current_licenses -#- debug: -# msg: '{{ current_licenses }}' -- name: configure available licenses +# Filter desired licenses to add only if not already present +- name: Filter licenses to add + set_fact: + licenses_to_add: "{{ dataverse.licenses.licenses | rejectattr('name', 'in', current_licenses.json.data | map(attribute='name')) | list }}" + +# Add licenses conditionally +- name: Configure available licenses uri: url: "{{ dataverse.api.location }}/licenses" method: POST @@ -41,5 +48,6 @@ status_code: 201,409 register: license_update changed_when: license_update.status != 409 - with_items: '{{ dataverse.licenses.licenses }}' - + loop: "{{ licenses_to_add }}" + loop_control: + label: "{{ item.name }}" diff --git a/tasks/dataverse-optional-settings.yml b/tasks/dataverse-optional-settings.yml index 627af429..4b663992 100644 --- a/tasks/dataverse-optional-settings.yml +++ b/tasks/dataverse-optional-settings.yml @@ -16,9 +16,19 @@ shell: 'curl -X PUT -d {{ dataverse.options.provcollectionenabled }} {{ dataverse.api.location }}/admin/settings/:ProvCollectionEnabled' when: dataverse.options.provcollectionenabled -- name: set SystemEmail as a jvm-option now - shell: '{{ payara_dir}}/bin/asadmin create-jvm-options "-Ddataverse.mail.system-email={{ dataverse.service_email }}"' - when: dataverse.service_email is defined +- name: Check if system email JVM option already exists + shell: "{{ payara_dir}}/bin/asadmin list-jvm-options | grep -q \"-Ddataverse.mail.system-email\"" + ignore_errors: yes + register: check_jvm_option + +- name: Set SystemEmail as a JVM option if it doesn't already exist + shell: "{{ payara_dir}}/bin/asadmin create-jvm-options \"-Ddataverse.mail.system-email=noreply@dataverse.yourinstitution.edu\"" + when: check_jvm_option.rc != 0 + become: yes + +#- name: set SystemEmail as a jvm-option now +# shell: '{{ payara_dir}}/bin/asadmin create-jvm-options "-Ddataverse.mail.system-email={{ dataverse.service_email }}"' +# when: dataverse.service_email is defined - name: set TabularIngestSizeLimit when provided shell: 'curl -X PUT -d {{ dataverse.options.tabularingestsizelimit }} {{ dataverse.api.location }}/admin/settings/:TabularIngestSizeLimit' diff --git a/tasks/dataverse-prereqs.yml b/tasks/dataverse-prereqs.yml index 14ff1973..cf1fe961 100644 --- a/tasks/dataverse-prereqs.yml +++ b/tasks/dataverse-prereqs.yml @@ -1,104 +1,96 @@ --- # dataverse/tasks/dataverse-prereqs.yml -- name: install prerequisite packages +- name: Install prerequisite packages debug: - msg: '##### INSTALL PREREQUISITE PACKAGES #####' + msg: '##### INSTALLING PREREQUISITE PACKAGES #####' -- name: yum clean all - shell: 'yum clean all' +# Ensure the package manager cache is cleaned +- name: Clean all yum/dnf caches + shell: 'dnf clean all' when: ansible_os_family == "RedHat" -- name: let's use the closest mirror - file: - path: /var/cache/yum/x86_64/7/timedhosts.txt - state: absent - when: ansible_os_family == "RedHat" and - ansible_distribution_major_version == "7" - -- name: let's use the fastest mirror +# Ensure the fastest mirror is used for Rocky 8 and Rocky 9 +- name: Use the fastest mirror on Rocky lineinfile: path: /etc/dnf/dnf.conf line: 'fastestmirror=1' insertafter: '^gpgcheck' when: ansible_os_family == "RedHat" and - ansible_distribution_major_version == "8" + ansible_distribution_major_version in ["8", "9"] -- name: makecache on RedHat - yum: - update_cache: yes - when: ansible_os_family == "RedHat" and - ansible_distribution_major_version == "7" - -- name: makecache - apt: +# Make sure the package manager cache is updated +- name: Refresh dnf cache on RedHat/Rocky + dnf: update_cache: yes - when: ansible_os_family == "Debian" + when: ansible_os_family == "RedHat" -- name: ensure EPEL repository for RedHat/Rocky - yum: +# Ensure EPEL repository is installed for RedHat/Rocky +- name: Ensure EPEL repository for RedHat/Rocky + dnf: name: epel-release state: latest when: ansible_os_family == "RedHat" -- name: install some necessary packages - ansible.builtin.package: - name: ['bash-completion', 'git', 'jq', 'mlocate', 'net-tools', 'sudo', 'unzip', 'python3-psycopg2', 'zip', 'tar'] +# Install general system utilities and Python dependencies +- name: Install necessary packages + dnf: + name: ['bash-completion', 'git', 'jq', 'mlocate', 'net-tools', 'sudo', 'unzip', 'python3', 'zip', 'tar'] state: latest + when: ansible_os_family == "RedHat" -- name: "RHEL/Rocky 8.6-packaged Ansible wants Python-3.8" - ansible.builtin.package: - name: ['python38-psycopg2'] - state: latest +# Ensure pip is installed for Python 3.9 +- name: Ensure pip is installed for Python 3.9 + dnf: + name: python3-pip + state: present when: ansible_os_family == "RedHat" and - ansible_distribution_major_version == "8" + ansible_distribution_major_version == "9" -- name: "RHEL/Rocky 9 provides Python-3.9" - ansible.builtin.package: - name: python3-psycopg2 +# Find the path to pip3 for Rocky 9 +- name: Find path to pip3 + command: "which pip3" + register: pip_path + +# Install psycopg2 via pip for Rocky 9 if not available via package manager +- name: Install psycopg2 via pip + pip: + name: psycopg2-binary state: latest + executable: "{{ pip_path.stdout }}" when: ansible_os_family == "RedHat" and ansible_distribution_major_version == "9" -- name: install java-nnn-openjdk and other packages for RedHat/Rocky - yum: +# Install OpenJDK and other Java packages +- name: Install Java (OpenJDK) and other packages for Rocky + dnf: name: ['java-{{ java.version }}-openjdk-devel', 'tzdata-java', 'vim-enhanced'] state: latest when: ansible_os_family == "RedHat" -- name: install java-nnn-openjdk and other packages for Debian/Ubuntu. - package: - name: ['acl', 'openjdk-{{ java.version }}-jdk-headless', 'python3', 'vim'] - when: ansible_os_family == "Debian" - -# it is strongly recommended to check for open CVEs before enabling this. -- name: install GraphicsMagic on RHEL/Rocky for thumbnail generation +# Install GraphicsMagick for thumbnail generation on Rocky +- name: Install GraphicsMagick for thumbnail generation dnf: name: GraphicsMagick + state: latest when: - ansible_os_family == "RedHat" - - ansible_distribution_major_version == "8" or ansible_distribution_major_version == "9" - - dataverse.thumbnails - -- name: install GraphicsMagic on Debian/Ubuntu for thumbnail generation - package: - name: graphicsmagick - when: - - ansible_os_family == "Debian" + - ansible_distribution_major_version in ["8", "9"] - dataverse.thumbnails -- name: install curl on Debian/Ubuntu - package: - name: curl - when: - - ansible_os_family == "Debian" - +# Ensure the Payara service account exists - name: Payara service account must exist import_tasks: payara_service_account.yml -- name: create dataverse misc files directory for language and handle and other similar auxilliary files +# Create directory for miscellaneous Dataverse files +- name: Create Dataverse misc files directory file: path: "{{ dataverse_misc_files_dir }}" state: directory owner: "{{ dataverse.payara.user }}" group: "{{ dataverse.payara.group }}" + +- name: Install required system utilities + package: + name: procps + state: present \ No newline at end of file diff --git a/tasks/payara.yml b/tasks/payara.yml index 00081e52..d65fc191 100644 --- a/tasks/payara.yml +++ b/tasks/payara.yml @@ -25,7 +25,8 @@ - name: download payara zip get_url: - url: '{{ dataverse.payara.zipurl }}' +# url: '{{ dataverse.payara.zipurl }}' + url: 'https://nexus.payara.fish/repository/payara-community/fish/payara/distributions/payara/6.2023.8/payara-6.2023.8.zip' checksum: '{{ dataverse.payara.zipchecksum }}' dest: /tmp/payara.zip register: payara_zip_download diff --git a/tasks/postfix.yml b/tasks/postfix.yml index 35991dc3..ec5fd1ef 100644 --- a/tasks/postfix.yml +++ b/tasks/postfix.yml @@ -16,6 +16,9 @@ - ansible_os_family == "RedHat" - ansible_distribution_major_version == "8" +#- name: start postfix without systemctl +# command: /usr/sbin/postfix start + - name: enable and start postfix systemd: name: postfix diff --git a/tasks/postgres_redhat.yml b/tasks/postgres_redhat.yml index 8a4a0ec3..81b1c421 100644 --- a/tasks/postgres_redhat.yml +++ b/tasks/postgres_redhat.yml @@ -1,17 +1,25 @@ --- -- name: import RPM-GPG-KEY-PGDG - rpm_key: +- name: import PGDG-RPM-GPG-KEY-RHEL + ansible.builtin.rpm_key: state: present key: https://download.postgresql.org/pub/repos/yum/keys/PGDG-RPM-GPG-KEY-RHEL + become: yes - name: install postgres repo RPM - ansible.builtin.package: - name: 'https://download.postgresql.org/pub/repos/yum/reporpms/EL-{{ ansible_distribution_major_version }}-x86_64/pgdg-redhat-repo-latest.noarch.rpm' + ansible.builtin.yum: + name: 'https://download.postgresql.org/pub/repos/yum/reporpms/EL-{{ ansible_distribution_major_version }}-aarch64/pgdg-redhat-repo-latest.noarch.rpm' state: present + disable_gpg_check: true + become: yes - name: "RHEL/Rocky: disable PostgreSQL proper in the OS" - shell: 'dnf -qy module disable postgresql' + shell: | + dnf -qy module disable postgresql + args: + executable: /bin/bash + ignore_errors: yes + become: yes - name: get postgres config directory set_fact: diff --git a/tasks/selinux.yml b/tasks/selinux.yml index 95ae828b..5e03fd19 100644 --- a/tasks/selinux.yml +++ b/tasks/selinux.yml @@ -8,9 +8,8 @@ - setools - setools-console - policycoreutils - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' and ansible_selinux.status == "enabled" -# Ansible seboolean works on Rocky 9, 8.6 handled below. - name: set httpd_can_network_connect on and keep it persistent across reboots seboolean: name: httpd_can_network_connect @@ -19,15 +18,15 @@ when: - ansible_os_family == 'RedHat' - ansible_distribution_major_version == "9" + - ansible_selinux.status == "enabled" -# Ansible seboolean module is broken on RHEL/Rocky 8.6, use shell cmd instead. -- name: allow apache to make outbound connections +- name: allow apache to make outbound connections (for Rocky 8.6) shell: '/usr/sbin/setsebool -P httpd_can_network_connect 1' when: - ansible_os_family == "RedHat" - ansible_distribution_major_version == "8" + - ansible_selinux.status == "enabled" -# Ansible seboolean works on Rocky 9, 8.6 handled below. - name: allow apache to read user content by default seboolean: name: httpd_read_user_content @@ -36,20 +35,23 @@ when: - ansible_os_family == "RedHat" - ansible_distribution_major_version == "9" + - ansible_selinux.status == "enabled" -# Ansible seboolean module is broken on RHEL/Rocky 8.6. dls 20220602 -- name: allow apache to read user content by default +- name: allow apache to read user content by default (for Rocky 8.6) shell: 'setsebool -P httpd_read_user_content 1' when: - ansible_os_family == "RedHat" - ansible_distribution_major_version == "8" + - ansible_selinux.status == "enabled" -- name: "both redhat and ubuntu default to /var/www/html" +- name: "both RedHat and Ubuntu default to /var/www/html" shell: 'semanage fcontext -a -t httpd_sys_content_t "/var/www/html(/.*)?" || semanage fcontext -m -t httpd_sys_content_t "/var/www/html(/.*)?"' when: - ansible_os_family == "RedHat" + - ansible_selinux.status == "enabled" - name: "allow apache read-only access to /var/www/html" shell: 'restorecon -R -v /var/www/html' when: - ansible_os_family == "RedHat" + - ansible_selinux.status == "enabled" \ No newline at end of file diff --git a/tasks/solr.yml b/tasks/solr.yml index b4eae0cd..64cfe762 100644 --- a/tasks/solr.yml +++ b/tasks/solr.yml @@ -39,6 +39,7 @@ url: "{{ solr_download_url }}" checksum: "{{ dataverse.solr.checksum }}" dest: /tmp/solr-{{ dataverse.solr.version }}.tgz + timeout: 600 register: solr_installer_download - name: untar solr From e637fe69bf85a6acd4a8f71d2f96d241c6298894 Mon Sep 17 00:00:00 2001 From: Tim Dennis Date: Wed, 20 Nov 2024 09:56:26 -0600 Subject: [PATCH 07/28] Create ucla_readme.md --- ucla_readme.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 ucla_readme.md diff --git a/ucla_readme.md b/ucla_readme.md new file mode 100644 index 00000000..c4daf727 --- /dev/null +++ b/ucla_readme.md @@ -0,0 +1,22 @@ +## Running with molecule and docker + +The scenario rocky9 uses docker as a provisioner. It uses an image that sets up systemd, so we can use sudo in docker (by default docker doesn't need sudo b/c it runs as root). +This makes us not have to change much of the ansible role to accomodate for that (e.g. when the role switches to sudo to do things). + +To run the build for the first time: + +`molecule converge --scenario-name rocky9` + +If you run it successfully, you should access dataverse at http://localhost:8080. + +To teardown the build, run: + +`molecule reset --scenario-name rocky9` + +This will stop and delete the docker container. Since the ansible roles isn't idempotent, we typically need to destroy the container and rebuild when we make changes. + +To get a sense of what molecule provides run it without a command and it will list the help menu. For instance, + +`molecule login --scenario-name rocky9` + +Will ssh into the container. The ansible molecule documentation can be found here: https://ansible.readthedocs.io/projects/molecule/ From 1c5fe06ca5616790aee4cbe513e3ed176750069e Mon Sep 17 00:00:00 2001 From: jmjamison Date: Thu, 19 Dec 2024 13:56:10 -0800 Subject: [PATCH 08/28] community.docker.docker_compose to community.docker.docker_compose_v2 on lines 68, 79 (minio.yml) --- tasks/minio.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tasks/minio.yml b/tasks/minio.yml index 1c1b99a9..f8a25f98 100644 --- a/tasks/minio.yml +++ b/tasks/minio.yml @@ -66,7 +66,7 @@ register: compose_file - name: STORAGE | Stop `docker-compose down` MinIO - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ minio.docker.project_location }}" state: absent remove_orphans: true @@ -77,7 +77,7 @@ - copy_compose.changed - name: STORAGE | Run `docker-compose up` MinIO - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ minio.docker.project_location }}" build: true files: minio_compose.yml From 4bb1c74664c46119c476336a68619062ee480df1 Mon Sep 17 00:00:00 2001 From: jamie jamison Date: Thu, 9 Jan 2025 11:53:15 -0800 Subject: [PATCH 09/28] Update ucla_readme.md Documented the changes made for Windows/WSL2 on local branch windows_wsl2_jmj --- ucla_readme.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/ucla_readme.md b/ucla_readme.md index c4daf727..844b52e9 100644 --- a/ucla_readme.md +++ b/ucla_readme.md @@ -20,3 +20,15 @@ To get a sense of what molecule provides run it without a command and it will li `molecule login --scenario-name rocky9` Will ssh into the container. The ansible molecule documentation can be found here: https://ansible.readthedocs.io/projects/molecule/ + +## Windows/WSL2 Linux specific changes +Running on WSL2, Debian Linux +Created a local branch: windows_wsl2_jmj + +- **minio.yml**, lines 68, 79 community.docker.docker_compose to community.docker.docker_compose_v2 +- **/tasks/postgres_redhat.yml**, line 11 from -aarch64to ansible_distribution_major_version }}-x86_64 + + + + + From c308eb54a4a565775694cc4a13afb7a09e691cd7 Mon Sep 17 00:00:00 2001 From: jt14den Date: Sun, 27 Jul 2025 09:11:24 -0700 Subject: [PATCH 10/28] Add conditional GUI branding tasks and API settings for Dataverse --- tasks/dataverse-gui.yml | 101 ++++++++++++++++++++++------------------ 1 file changed, 55 insertions(+), 46 deletions(-) diff --git a/tasks/dataverse-gui.yml b/tasks/dataverse-gui.yml index cdd443ee..8ade89a3 100644 --- a/tasks/dataverse-gui.yml +++ b/tasks/dataverse-gui.yml @@ -1,72 +1,81 @@ --- # dataverse/tasks/dataverse-gui.yml -# install gui modifications (branding and favicons), if defined +# Install GUI branding modifications if branding files exist -- name: calculate destination directories +- name: Set key GUI paths set_fact: gui_file_path: '{{ payara_dir }}/glassfish/domains/{{ dataverse.payara.domain }}/applications/dataverse' - favicon_file_path: '{{ payara_dir }}/glassfish/domains/{{ dataverse.payara.domain }}/applications/dataverse/resources/images/fav/' - navbar_logo_path: '{{ payara_dir }}/glassfish/domains/{{ dataverse.payara.domain }}/docroot/logos/navbar/' + branding_dir: '{{ gui_file_path }}/branding' + navbar_logo_dir: '{{ payara_dir }}/glassfish/domains/{{ dataverse.payara.domain }}/docroot/logos/navbar' -# Apply GUI design -- name: Applying GUI design - debug: - msg: '##### Applying GUI design #####' +- name: Ensure branding and logo directories exist + file: + path: "{{ item }}" + state: directory + owner: '{{ dataverse.payara.user }}' + group: '{{ dataverse.payara.group }}' + mode: '0755' + loop: + - "{{ branding_dir }}" + - "{{ navbar_logo_dir }}" + +# --- Copy and register individual files if they exist --- -# Copy navbar logo if exists -- name: Copy navbar logo if exists +- name: Copy navbar logo if present copy: - src: '{{ dataverse.branding.directory }}/{{ dataverse.branding.fileSettings[2].file }}' - dest: '{{ gui_file_path }}/branding/' + src: "{{ dataverse.branding.directory }}/{{ dataverse.branding.fileSettings[2].file }}" + dest: "{{ navbar_logo_dir }}/{{ dataverse.branding.fileSettings[2].file }}" mode: '0644' owner: '{{ dataverse.payara.user }}' group: '{{ dataverse.payara.group }}' - when: - - lookup('file', '{{ dataverse.branding.directory }}/{{ dataverse.branding.fileSettings[2].file }}', errors='ignore') + register: navbar_logo_result + when: lookup('file', dataverse.branding.directory + '/' + dataverse.branding.fileSettings[2].file, errors='ignore') != "" -# Update logo setting in Dataverse if logo exists -- name: Set logo for navbar in Dataverse if logo exists - uri: - url: http://localhost:8080/api/admin/settings/:LogoCustomizationFile - method: PUT - body: '{{ navbar_logo_path }}' - status_code: 200 - when: - - lookup('file', '{{ dataverse.branding.directory }}/{{ dataverse.branding.fileSettings[2].file }}', errors='ignore') - -# Optionally copy header and stylesheet files only if they exist -- name: Copy custom header if exists +- name: Copy custom-header.html if present copy: - src: '{{ dataverse.branding.directory }}/custom-header.html' - dest: '{{ gui_file_path }}/branding/custom-header.html' + src: "{{ dataverse.branding.directory }}/custom-header.html" + dest: "{{ branding_dir }}/custom-header.html" mode: '0644' owner: '{{ dataverse.payara.user }}' group: '{{ dataverse.payara.group }}' - when: - - lookup('file', '{{ dataverse.branding.directory }}/custom-header.html', errors='ignore') + register: header_result + when: lookup('file', dataverse.branding.directory + '/custom-header.html', errors='ignore') != "" -- name: Copy custom stylesheet if exists +- name: Copy custom-stylesheet.css if present copy: - src: '{{ dataverse.branding.directory }}/custom-stylesheet.css' - dest: '{{ gui_file_path }}/branding/custom-stylesheet.css' + src: "{{ dataverse.branding.directory }}/custom-stylesheet.css" + dest: "{{ branding_dir }}/custom-stylesheet.css" mode: '0644' owner: '{{ dataverse.payara.user }}' group: '{{ dataverse.payara.group }}' - when: - - lookup('file', '{{ dataverse.branding.directory }}/custom-stylesheet.css', errors='ignore') + register: css_result + when: lookup('file', dataverse.branding.directory + '/custom-stylesheet.css', errors='ignore') != "" -# Update branding file settings on server (this includes the logo customization) -- name: Set branding file path - set_fact: - branding_file_path: "{{ lookup('file', dataverse.branding.directory + '/' + item.file, errors='ignore') }}" - with_items: "{{ dataverse.branding.fileSettings }}" - register: branding_files +# --- Apply GUI settings via API --- -- name: Update branding file settings on server +- name: Apply LogoCustomizationFile setting uri: - url: "http://localhost:8080/api/admin/settings/:{{ item.item.setting }}" + url: "http://localhost:8080/api/admin/settings/:LogoCustomizationFile" method: PUT - body: "{{ gui_file_path }}/branding/{{ item.item.file }}" + body: "/logos/navbar/{{ dataverse.branding.fileSettings[2].file }}" status_code: 200 - with_items: "{{ branding_files.results }}" - when: item.branding_file_path is defined and item.branding_file_path != "" + when: navbar_logo_result.changed + +- name: Apply HeaderCustomizationFile setting + uri: + url: "http://localhost:8080/api/admin/settings/:HeaderCustomizationFile" + method: PUT + body: "/branding/custom-header.html" + status_code: 200 + when: header_result.changed + +- name: Apply StyleCustomizationFile setting + uri: + url: "http://localhost:8080/api/admin/settings/:StyleCustomizationFile" + method: PUT + body: "/branding/custom-stylesheet.css" + status_code: 200 + when: css_result.changed + +- name: Restart Payara to apply GUI changes + meta: flush_handlers \ No newline at end of file From 26d1fb575f76296f8451b99293820803a6604774 Mon Sep 17 00:00:00 2001 From: jt14den Date: Sun, 27 Jul 2025 09:13:11 -0700 Subject: [PATCH 11/28] Switch Payara ZIP URL and checksum to use vars from group_vars --- tasks/payara.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tasks/payara.yml b/tasks/payara.yml index d65fc191..54dd62db 100644 --- a/tasks/payara.yml +++ b/tasks/payara.yml @@ -25,8 +25,8 @@ - name: download payara zip get_url: -# url: '{{ dataverse.payara.zipurl }}' - url: 'https://nexus.payara.fish/repository/payara-community/fish/payara/distributions/payara/6.2023.8/payara-6.2023.8.zip' + url: '{{ dataverse.payara.zipurl }}' + #url: 'https://nexus.payara.fish/repository/payara-community/fish/payara/distributions/payara/6.2023.8/payara-6.2023.8.zip' checksum: '{{ dataverse.payara.zipchecksum }}' dest: /tmp/payara.zip register: payara_zip_download From 38eaa6443f93bbb6efd13cff672d319098076098 Mon Sep 17 00:00:00 2001 From: jt14den Date: Sun, 27 Jul 2025 09:13:59 -0700 Subject: [PATCH 12/28] Revise README with improved local setup and Molecule instructions --- ucla_readme.md | 118 ++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 101 insertions(+), 17 deletions(-) diff --git a/ucla_readme.md b/ucla_readme.md index 844b52e9..ecbaf007 100644 --- a/ucla_readme.md +++ b/ucla_readme.md @@ -1,34 +1,118 @@ -## Running with molecule and docker +## Local setup (recommended) -The scenario rocky9 uses docker as a provisioner. It uses an image that sets up systemd, so we can use sudo in docker (by default docker doesn't need sudo b/c it runs as root). -This makes us not have to change much of the ansible role to accomodate for that (e.g. when the role switches to sudo to do things). +These instructions assume: +- You have already cloned this repository locally: + ``` + git clone https://github.com/ucla-data-science-center/dataverse-ansible.git + cd dataverse-ansible + ``` +- You have [Conda](https://docs.conda.io/en/latest/miniconda.html) installed (e.g. via Miniforge or Miniconda). +- Docker is installed and running on your system. -To run the build for the first time: +--- -`molecule converge --scenario-name rocky9` +### Create the Conda environment -If you run it successfully, you should access dataverse at http://localhost:8080. +To create a consistent development environment, use the provided `environment.yml` file: -To teardown the build, run: +``` +conda env create -f environment.yml +conda activate dataverse-ansible +``` -`molecule reset --scenario-name rocky9` +This will install Python 3.11, Ansible, Molecule, and Docker bindings. -This will stop and delete the docker container. Since the ansible roles isn't idempotent, we typically need to destroy the container and rebuild when we make changes. +--- -To get a sense of what molecule provides run it without a command and it will list the help menu. For instance, +### Alternative: Manual environment creation -`molecule login --scenario-name rocky9` +If you prefer not to use `environment.yml`, you can create the environment manually: -Will ssh into the container. The ansible molecule documentation can be found here: https://ansible.readthedocs.io/projects/molecule/ +``` +conda create -n dataverse-ansible python=3.11 -y +conda activate dataverse-ansible +conda install -c conda-forge ansible molecule docker-py +``` -## Windows/WSL2 Linux specific changes -Running on WSL2, Debian Linux -Created a local branch: windows_wsl2_jmj +If you plan to use Vagrant with Molecule instead of Docker, install the vagrant plugin: + +``` +pip install 'molecule[vagrant]' +``` + +--- + +## Running with Molecule and Docker + +The `rocky9` Molecule scenario uses Docker as a provisioner. It relies on a custom image with `systemd` support, allowing `sudo` commands to run inside the container. This avoids modifying the Ansible role's privilege escalation behavior. + +From the root of the cloned repository, run: + +``` +molecule converge --scenario-name rocky9 +``` + +This will build a Docker container, install Dataverse, and configure services. + +Once complete, you should be able to access Dataverse at: + +``` +http://localhost:8080 +``` + +Default admin login: +- **Username**: `dataverseAdmin` +- **Password**: defined in `tests/group_vars/vagrant.yml` (look for `dataverse_adminpass`) + +To verify the server is responding: + +``` +curl -I http://localhost:8080 +``` + +--- -- **minio.yml**, lines 68, 79 community.docker.docker_compose to community.docker.docker_compose_v2 -- **/tasks/postgres_redhat.yml**, line 11 from -aarch64to ansible_distribution_major_version }}-x86_64 +## Teardown and Rebuild +Because the Dataverse installer is not idempotent, it’s recommended to fully reset the container between changes. +To stop and delete the container: + +``` +molecule reset --scenario-name rocky9 +``` + +Then rebuild with `molecule converge`. + +To open a shell inside the running container: + +``` +molecule login --scenario-name rocky9 +``` + +To see additional Molecule commands: + +``` +molecule --help +``` + +More documentation: https://ansible.readthedocs.io/projects/molecule/ + +--- + +## Notes + +- If port `8080` is already in use on your machine, update the port mapping in `molecule/rocky9/molecule.yml`. +- Ensure Docker Desktop or your Linux Docker daemon is running before launching `molecule converge`. + +--- + +## Windows/WSL2 Linux specific changes +If you're using WSL2 with Debian Linux, make the following adjustments (branch: `windows_wsl2_jmj`): +- In `minio.yml`, lines 68 and 79: + Change `community.docker.docker_compose` to `community.docker.docker_compose_v2` +- In `tasks/postgres_redhat.yml`, line 11: + Change `-aarch64` to `{{ ansible_distribution_major_version }}-x86_64` From 495ac19d812668e59946d32cde42d6132a733646 Mon Sep 17 00:00:00 2001 From: jt14den Date: Sun, 27 Jul 2025 09:15:37 -0700 Subject: [PATCH 13/28] Add Conda environment file for local development --- environment.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 environment.yml diff --git a/environment.yml b/environment.yml new file mode 100644 index 00000000..c6a5f0f3 --- /dev/null +++ b/environment.yml @@ -0,0 +1,11 @@ +name: dataverse-ansible +channels: + - conda-forge +dependencies: + - python=3.11 + - ansible + - molecule + - docker-py + - pip + - pip: + - molecule-docker From b90e2f0b879c90f2f8e047d784344a8bd786457c Mon Sep 17 00:00:00 2001 From: Tim Dennis Date: Mon, 28 Jul 2025 11:16:26 -0700 Subject: [PATCH 14/28] Update ucla_readme.md --- ucla_readme.md | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/ucla_readme.md b/ucla_readme.md index ecbaf007..34f51dd4 100644 --- a/ucla_readme.md +++ b/ucla_readme.md @@ -37,7 +37,7 @@ conda install -c conda-forge ansible molecule docker-py If you plan to use Vagrant with Molecule instead of Docker, install the vagrant plugin: ``` -pip install 'molecule[vagrant]' +pip install 'molecule[docker]' ``` --- @@ -82,6 +82,23 @@ To stop and delete the container: molecule reset --scenario-name rocky9 ``` +``` +HTTP/1.1 302 Found +Server: Payara Server 6.2025.2 #badassfish +X-Powered-By: Servlet/6.0 JSP/3.1 (Payara Server 6.2025.2 #badassfish Java/Red Hat, Inc./17) +Access-Control-Allow-Origin: * +Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS +Access-Control-Allow-Headers: Accept, Content-Type, X-Dataverse-key, Range +Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Encoding +Set-Cookie: JSESSIONID=23f7765f06c1f42ad21f492b85a6; Path=/;SameSite=Lax;SameSite=Lax +Set-Cookie: csfcfc=6Ped8fcWqtJm0q1f2%2BUzSThNbg%2F8; Path=/; HttpOnly;SameSite=Lax +Location: http://localhost:8080/loginpage.xhtml;jsessionid=23f7765f06c1f42ad21f492b85a6?redirectPage=%2Fdataverse.xhtml +Content-Length: 267 +Content-Language: en +Content-Type: text/html;charset=UTF-8 +X-Frame-Options: SAMEORIGIN +``` + Then rebuild with `molecule converge`. To open a shell inside the running container: From b9e1d4b0b97a91eec1f04495b7eef15aab482ecb Mon Sep 17 00:00:00 2001 From: Tim Dennis Date: Mon, 28 Jul 2025 11:17:32 -0700 Subject: [PATCH 15/28] Update ucla_readme.md --- ucla_readme.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/ucla_readme.md b/ucla_readme.md index 34f51dd4..2a436b55 100644 --- a/ucla_readme.md +++ b/ucla_readme.md @@ -70,18 +70,6 @@ To verify the server is responding: curl -I http://localhost:8080 ``` ---- - -## Teardown and Rebuild - -Because the Dataverse installer is not idempotent, it’s recommended to fully reset the container between changes. - -To stop and delete the container: - -``` -molecule reset --scenario-name rocky9 -``` - ``` HTTP/1.1 302 Found Server: Payara Server 6.2025.2 #badassfish @@ -99,6 +87,18 @@ Content-Type: text/html;charset=UTF-8 X-Frame-Options: SAMEORIGIN ``` +--- + +## Teardown and Rebuild + +Because the Dataverse installer is not idempotent, it’s recommended to fully reset the container between changes. + +To stop and delete the container: + +``` +molecule reset --scenario-name rocky9 +``` + Then rebuild with `molecule converge`. To open a shell inside the running container: From cae5bed2bf01189f9d1d69966f2ef8a9aaf965ba Mon Sep 17 00:00:00 2001 From: Tim Dennis Date: Mon, 28 Jul 2025 11:18:25 -0700 Subject: [PATCH 16/28] Update ucla_readme.md --- ucla_readme.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/ucla_readme.md b/ucla_readme.md index 2a436b55..5c7d84f8 100644 --- a/ucla_readme.md +++ b/ucla_readme.md @@ -117,13 +117,6 @@ More documentation: https://ansible.readthedocs.io/projects/molecule/ --- -## Notes - -- If port `8080` is already in use on your machine, update the port mapping in `molecule/rocky9/molecule.yml`. -- Ensure Docker Desktop or your Linux Docker daemon is running before launching `molecule converge`. - ---- - ## Windows/WSL2 Linux specific changes If you're using WSL2 with Debian Linux, make the following adjustments (branch: `windows_wsl2_jmj`): @@ -133,3 +126,11 @@ If you're using WSL2 with Debian Linux, make the following adjustments (branch: - In `tasks/postgres_redhat.yml`, line 11: Change `-aarch64` to `{{ ansible_distribution_major_version }}-x86_64` + +--- + +## Notes + +- If port `8080` is already in use on your machine, update the port mapping in `molecule/rocky9/molecule.yml`. +- Ensure Docker Desktop or your Linux Docker daemon is running before launching `molecule converge`. + From c46c5772a7e253043efd75521e284a8ac610186d Mon Sep 17 00:00:00 2001 From: jt14den Date: Tue, 29 Jul 2025 13:50:13 -0700 Subject: [PATCH 17/28] Use for GUI branding paths --- tasks/dataverse-gui.yml | 77 +++++++++++------------------------------ 1 file changed, 21 insertions(+), 56 deletions(-) diff --git a/tasks/dataverse-gui.yml b/tasks/dataverse-gui.yml index 8ade89a3..889604cd 100644 --- a/tasks/dataverse-gui.yml +++ b/tasks/dataverse-gui.yml @@ -1,81 +1,46 @@ --- # dataverse/tasks/dataverse-gui.yml -# Install GUI branding modifications if branding files exist +# install gui modifications (branding and favicons), if defined -- name: Set key GUI paths +- name: Calculate destination directories set_fact: gui_file_path: '{{ payara_dir }}/glassfish/domains/{{ dataverse.payara.domain }}/applications/dataverse' - branding_dir: '{{ gui_file_path }}/branding' - navbar_logo_dir: '{{ payara_dir }}/glassfish/domains/{{ dataverse.payara.domain }}/docroot/logos/navbar' + favicon_file_path: '{{ payara_dir }}/glassfish/domains/{{ dataverse.payara.domain }}/applications/dataverse/resources/images/fav/' -- name: Ensure branding and logo directories exist - file: - path: "{{ item }}" - state: directory - owner: '{{ dataverse.payara.user }}' - group: '{{ dataverse.payara.group }}' - mode: '0755' - loop: - - "{{ branding_dir }}" - - "{{ navbar_logo_dir }}" +- name: Applying GUI design + debug: + msg: '##### Applying GUI design #####' -# --- Copy and register individual files if they exist --- - -- name: Copy navbar logo if present +- name: Copy favicons copy: - src: "{{ dataverse.branding.directory }}/{{ dataverse.branding.fileSettings[2].file }}" - dest: "{{ navbar_logo_dir }}/{{ dataverse.branding.fileSettings[2].file }}" + src: '{{ item }}' + dest: '{{ favicon_file_path }}' mode: '0644' owner: '{{ dataverse.payara.user }}' group: '{{ dataverse.payara.group }}' - register: navbar_logo_result - when: lookup('file', dataverse.branding.directory + '/' + dataverse.branding.fileSettings[2].file, errors='ignore') != "" + with_fileglob: '{{ dataverse.branding.favicons_directory }}/*.ico' -- name: Copy custom-header.html if present +- name: Copy branding files copy: - src: "{{ dataverse.branding.directory }}/custom-header.html" - dest: "{{ branding_dir }}/custom-header.html" - mode: '0644' + src: '{{ dataverse.branding.directory }}' + dest: '{{ gui_file_path }}' owner: '{{ dataverse.payara.user }}' group: '{{ dataverse.payara.group }}' - register: header_result - when: lookup('file', dataverse.branding.directory + '/custom-header.html', errors='ignore') != "" - -- name: Copy custom-stylesheet.css if present - copy: - src: "{{ dataverse.branding.directory }}/custom-stylesheet.css" - dest: "{{ branding_dir }}/custom-stylesheet.css" mode: '0644' - owner: '{{ dataverse.payara.user }}' - group: '{{ dataverse.payara.group }}' - register: css_result - when: lookup('file', dataverse.branding.directory + '/custom-stylesheet.css', errors='ignore') != "" - -# --- Apply GUI settings via API --- -- name: Apply LogoCustomizationFile setting +- name: Update branding file settings on server uri: - url: "http://localhost:8080/api/admin/settings/:LogoCustomizationFile" + url: http://localhost:8080/api/admin/settings/:{{ item.setting }} method: PUT - body: "/logos/navbar/{{ dataverse.branding.fileSettings[2].file }}" + body: '/branding/{{ item.file }}' status_code: 200 - when: navbar_logo_result.changed + with_items: '{{ dataverse.branding.fileSettings }}' -- name: Apply HeaderCustomizationFile setting - uri: - url: "http://localhost:8080/api/admin/settings/:HeaderCustomizationFile" - method: PUT - body: "/branding/custom-header.html" - status_code: 200 - when: header_result.changed -- name: Apply StyleCustomizationFile setting +- name: Update other branding settings on server uri: - url: "http://localhost:8080/api/admin/settings/:StyleCustomizationFile" + url: http://localhost:8080/api/admin/settings/:{{ item.setting }} method: PUT - body: "/branding/custom-stylesheet.css" + body: "{{ item.value }}" status_code: 200 - when: css_result.changed - -- name: Restart Payara to apply GUI changes - meta: flush_handlers \ No newline at end of file + with_items: '{{ dataverse.branding.otherSettings }}' From 9982b2dfdc867dc702355e3760e2f9c284c37e58 Mon Sep 17 00:00:00 2001 From: Jamie Jamison Date: Tue, 29 Jul 2025 17:14:11 -0700 Subject: [PATCH 18/28] changed -AARCH64 to x86 in postgres_redhat.yml, section install postgres repo RPM, around lines 9 or 10 --- tasks/postgres_redhat.yml | 2 +- {changed: | 0 2 files changed, 1 insertion(+), 1 deletion(-) create mode 100644 {changed: diff --git a/tasks/postgres_redhat.yml b/tasks/postgres_redhat.yml index 81b1c421..f0b9d468 100644 --- a/tasks/postgres_redhat.yml +++ b/tasks/postgres_redhat.yml @@ -8,7 +8,7 @@ - name: install postgres repo RPM ansible.builtin.yum: - name: 'https://download.postgresql.org/pub/repos/yum/reporpms/EL-{{ ansible_distribution_major_version }}-aarch64/pgdg-redhat-repo-latest.noarch.rpm' + name: 'https://download.postgresql.org/pub/repos/yum/reporpms/EL-{{ ansible_distribution_major_version }}-x86_64/pgdg-redhat-repo-latest.noarch.rpm' state: present disable_gpg_check: true become: yes diff --git a/{changed: b/{changed: new file mode 100644 index 00000000..e69de29b From 2da72afef28054488826183d8279da9b4976a569 Mon Sep 17 00:00:00 2001 From: Jamie Jamison Date: Tue, 29 Jul 2025 18:33:31 -0700 Subject: [PATCH 19/28] change postgres_redhat.yml, around line 11, change -aarch64 to {{ ansible_architecture }} --- tasks/postgres_redhat.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/postgres_redhat.yml b/tasks/postgres_redhat.yml index f0b9d468..1d353125 100644 --- a/tasks/postgres_redhat.yml +++ b/tasks/postgres_redhat.yml @@ -8,7 +8,7 @@ - name: install postgres repo RPM ansible.builtin.yum: - name: 'https://download.postgresql.org/pub/repos/yum/reporpms/EL-{{ ansible_distribution_major_version }}-x86_64/pgdg-redhat-repo-latest.noarch.rpm' + name: 'https://download.postgresql.org/pub/repos/yum/reporpms/EL-{{ ansible_distribution_major_version }}-{{ ansible_architecture }}/pgdg-redhat-repo-latest.noarch.rpm' state: present disable_gpg_check: true become: yes From aa279b8cbd0c5160f4a1df2f571526073a909d19 Mon Sep 17 00:00:00 2001 From: Jamie Jamison Date: Wed, 30 Jul 2025 13:21:43 -0700 Subject: [PATCH 20/28] Revert "change postgres_redhat.yml, around line 11, change -aarch64 to {{ ansible_architecture }}" This reverts commit 2da72afef28054488826183d8279da9b4976a569. --- tasks/postgres_redhat.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/postgres_redhat.yml b/tasks/postgres_redhat.yml index 1d353125..f0b9d468 100644 --- a/tasks/postgres_redhat.yml +++ b/tasks/postgres_redhat.yml @@ -8,7 +8,7 @@ - name: install postgres repo RPM ansible.builtin.yum: - name: 'https://download.postgresql.org/pub/repos/yum/reporpms/EL-{{ ansible_distribution_major_version }}-{{ ansible_architecture }}/pgdg-redhat-repo-latest.noarch.rpm' + name: 'https://download.postgresql.org/pub/repos/yum/reporpms/EL-{{ ansible_distribution_major_version }}-x86_64/pgdg-redhat-repo-latest.noarch.rpm' state: present disable_gpg_check: true become: yes From 1f6e074b53b6b7bddb385c8adc56dca5e476ad4f Mon Sep 17 00:00:00 2001 From: Jamie Jamison Date: Wed, 30 Jul 2025 13:33:22 -0700 Subject: [PATCH 21/28] change hardcoded system architecture - postgres_redhat.yml, around line 11, change -aarch64 to {{ ansible_architecture }}" --- tasks/postgres_redhat.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/postgres_redhat.yml b/tasks/postgres_redhat.yml index f0b9d468..1d353125 100644 --- a/tasks/postgres_redhat.yml +++ b/tasks/postgres_redhat.yml @@ -8,7 +8,7 @@ - name: install postgres repo RPM ansible.builtin.yum: - name: 'https://download.postgresql.org/pub/repos/yum/reporpms/EL-{{ ansible_distribution_major_version }}-x86_64/pgdg-redhat-repo-latest.noarch.rpm' + name: 'https://download.postgresql.org/pub/repos/yum/reporpms/EL-{{ ansible_distribution_major_version }}-{{ ansible_architecture }}/pgdg-redhat-repo-latest.noarch.rpm' state: present disable_gpg_check: true become: yes From da6db90c07bbf71c06589f6c5221e066101661cd Mon Sep 17 00:00:00 2001 From: jt14den Date: Sat, 2 Aug 2025 12:41:08 -0700 Subject: [PATCH 22/28] WIP: local edits before pip-tools setup --- defaults/main.yml | 2 +- ucla_readme.md | 125 +++++++++++++++++++++++++++------------------- 2 files changed, 75 insertions(+), 52 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 01f923db..2696f331 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -247,7 +247,7 @@ dataverse: custom_sampledataverses: "{{ playbook_dir }}/custom_sampledata/dataverses" custom_sampleusers: "{{ playbook_dir }}/custom_sampledata/users" custom_samplefiles: "{{ playbook_dir }}/custom_sampledata/files" - service_email: noreply@dataverse.yourinstitution.edu + service_email: noreply@dataverse.ucla.edu smtp: localhost # or the FQDN of your organization's SMTP relay solr: download_url: https://archive.apache.org/dist/solr/solr/9.8.0/solr-9.8.0.tgz diff --git a/ucla_readme.md b/ucla_readme.md index ecbaf007..176008e4 100644 --- a/ucla_readme.md +++ b/ucla_readme.md @@ -1,44 +1,64 @@ -## Local setup (recommended) +## Local Setup (Recommended) These instructions assume: + - You have already cloned this repository locally: - ``` - git clone https://github.com/ucla-data-science-center/dataverse-ansible.git - cd dataverse-ansible - ``` -- You have [Conda](https://docs.conda.io/en/latest/miniconda.html) installed (e.g. via Miniforge or Miniconda). + + ```bash + git clone https://github.com/ucla-data-science-center/dataverse-ansible.git + cd dataverse-ansible + ``` + +- You have [Conda](https://docs.conda.io/en/latest/miniconda.html) installed (e.g. via [Miniforge](https://github.com/conda-forge/miniforge)). - Docker is installed and running on your system. --- -### Create the Conda environment +### 1. Create the Conda Environment -To create a consistent development environment, use the provided `environment.yml` file: +To create a consistent development environment using `pip-tools`: -``` -conda env create -f environment.yml -conda activate dataverse-ansible -``` + ```bash + conda env create -f environment.yml + conda activate dataverse-ansible + ``` -This will install Python 3.11, Ansible, Molecule, and Docker bindings. +This will install: + +- Python 3.11 +- `pip-tools` (to manage Python packages via lockfiles) --- -### Alternative: Manual environment creation +### 2. Compile and Install Python Dependencies + +This project uses [`pip-tools`](https://pip-tools.readthedocs.io/) for dependency management. After activating the environment: + + ```bash + pip-compile requirements.in + pip-sync + ``` -If you prefer not to use `environment.yml`, you can create the environment manually: +This will install: -``` -conda create -n dataverse-ansible python=3.11 -y -conda activate dataverse-ansible -conda install -c conda-forge ansible molecule docker-py -``` +- `ansible-core` +- `molecule` +- `molecule-docker` +- `docker` (Python SDK) -If you plan to use Vagrant with Molecule instead of Docker, install the vagrant plugin: +> You only need to run `pip-compile` again if `requirements.in` changes. Use `pip-sync` to reinstall the locked dependencies. -``` -pip install 'molecule[vagrant]' -``` +--- + +### Optional: Manual Environment Creation + +If you prefer not to use `environment.yml` or `pip-tools`, you can manually create and install dependencies: + + ```bash + conda create -n dataverse-ansible python=3.11 -y + conda activate dataverse-ansible + pip install ansible-core molecule molecule-docker docker + ``` --- @@ -48,27 +68,26 @@ The `rocky9` Molecule scenario uses Docker as a provisioner. It relies on a cust From the root of the cloned repository, run: -``` -molecule converge --scenario-name rocky9 -``` + ```bash + molecule converge --scenario-name rocky9 + ``` This will build a Docker container, install Dataverse, and configure services. Once complete, you should be able to access Dataverse at: -``` -http://localhost:8080 -``` + http://localhost:8080 + +**Default admin login:** -Default admin login: - **Username**: `dataverseAdmin` -- **Password**: defined in `tests/group_vars/vagrant.yml` (look for `dataverse_adminpass`) +- **Password**: defined in `tests/group_vars/vagrant.yml` (see `dataverse_adminpass`) To verify the server is responding: -``` -curl -I http://localhost:8080 -``` + ```bash + curl -I http://localhost:8080 + ``` --- @@ -78,41 +97,45 @@ Because the Dataverse installer is not idempotent, it’s recommended to fully r To stop and delete the container: -``` -molecule reset --scenario-name rocky9 -``` + ```bash + molecule reset --scenario-name rocky9 + ``` + +Then rebuild with: -Then rebuild with `molecule converge`. + ```bash + molecule converge --scenario-name rocky9 + ``` To open a shell inside the running container: -``` -molecule login --scenario-name rocky9 -``` + ```bash + molecule login --scenario-name rocky9 + ``` To see additional Molecule commands: -``` -molecule --help -``` + ```bash + molecule --help + ``` -More documentation: https://ansible.readthedocs.io/projects/molecule/ +More documentation: [https://ansible.readthedocs.io/projects/molecule/](https://ansible.readthedocs.io/projects/molecule/) --- ## Notes - If port `8080` is already in use on your machine, update the port mapping in `molecule/rocky9/molecule.yml`. -- Ensure Docker Desktop or your Linux Docker daemon is running before launching `molecule converge`. +- Ensure Docker Desktop (macOS) or the Docker daemon (Linux/WSL2) is running before launching `molecule converge`. --- -## Windows/WSL2 Linux specific changes +## Windows/WSL2 Linux Specific Changes -If you're using WSL2 with Debian Linux, make the following adjustments (branch: `windows_wsl2_jmj`): +If you're using WSL2 with Debian Linux, make the following adjustments (see branch: `windows_wsl2_jmj`): - In `minio.yml`, lines 68 and 79: - Change `community.docker.docker_compose` to `community.docker.docker_compose_v2` + Change `community.docker.docker_compose` → `community.docker.docker_compose_v2` - In `tasks/postgres_redhat.yml`, line 11: - Change `-aarch64` to `{{ ansible_distribution_major_version }}-x86_64` + Change `-aarch64` → `{{ ansible_distribution_major_version }}-x86_64` \ No newline at end of file From d06aa93661dd04d2bca9b68445457c33a6c1eae5 Mon Sep 17 00:00:00 2001 From: jt14den Date: Sat, 2 Aug 2025 13:01:20 -0700 Subject: [PATCH 23/28] Add pip-tools setup and update environment.yml --- .gitignore | 34 ++++++++++++++- environment.yml | 6 +-- requirements.in | 4 ++ requirements.txt | 107 +++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 145 insertions(+), 6 deletions(-) create mode 100644 requirements.in create mode 100644 requirements.txt diff --git a/.gitignore b/.gitignore index 2dae4508..7a7c9d43 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,36 @@ venv /.idea /*.iml inventory_ec2 -.DS_Store \ No newline at end of file +.DS_Store + + +### ucla local + +# Conda environment artifacts +.env/ +.venv/ +conda-meta/ +*.conda +*.egg-info/ + +# Python bytecode +__pycache__/ +*.py[cod] +*.pyo + +# Pip-tools generated lockfile (optional to ignore) +# If you want reproducibility, keep this file checked in. +# If you want to force all devs to recompile, uncomment below: +# requirements.txt + +# pip-sync temporary install log +pip-log.txt + +# Molecule test artifacts +.molecule/ +*.retry +*.log + +# VSCode & Editor configs +.vscode/ +.idea/ \ No newline at end of file diff --git a/environment.yml b/environment.yml index c6a5f0f3..29f6bd68 100644 --- a/environment.yml +++ b/environment.yml @@ -3,9 +3,5 @@ channels: - conda-forge dependencies: - python=3.11 - - ansible - - molecule - - docker-py - pip - - pip: - - molecule-docker + - pip-tools \ No newline at end of file diff --git a/requirements.in b/requirements.in new file mode 100644 index 00000000..d17ba25d --- /dev/null +++ b/requirements.in @@ -0,0 +1,4 @@ +ansible-core +molecule +molecule-docker +docker diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 00000000..b992eb06 --- /dev/null +++ b/requirements.txt @@ -0,0 +1,107 @@ +# +# This file is autogenerated by pip-compile with Python 3.11 +# by the following command: +# +# pip-compile requirements.in +# +ansible-compat==25.6.0 + # via molecule +ansible-core==2.19.0 + # via + # -r requirements.in + # ansible-compat + # molecule +attrs==25.3.0 + # via + # jsonschema + # referencing +bracex==2.6 + # via wcmatch +certifi==2025.7.14 + # via requests +cffi==1.17.1 + # via cryptography +charset-normalizer==3.4.2 + # via requests +click==8.2.2 + # via + # click-help-colors + # molecule +click-help-colors==0.9.4 + # via molecule +cryptography==45.0.5 + # via ansible-core +docker==7.1.0 + # via + # -r requirements.in + # molecule-docker +enrich==1.2.7 + # via molecule +idna==3.10 + # via requests +jinja2==3.1.6 + # via + # ansible-core + # molecule +jsonschema==4.25.0 + # via + # ansible-compat + # molecule +jsonschema-specifications==2025.4.1 + # via jsonschema +markdown-it-py==3.0.0 + # via rich +markupsafe==3.0.2 + # via jinja2 +mdurl==0.1.2 + # via markdown-it-py +molecule==25.7.0 + # via + # -r requirements.in + # molecule-docker +molecule-docker==2.1.0 + # via -r requirements.in +packaging==25.0 + # via + # ansible-compat + # ansible-core + # molecule +pluggy==1.6.0 + # via molecule +pycparser==2.22 + # via cffi +pygments==2.19.2 + # via rich +pyyaml==6.0.2 + # via + # ansible-compat + # ansible-core + # molecule +referencing==0.36.2 + # via + # jsonschema + # jsonschema-specifications +requests==2.32.4 + # via + # docker + # molecule-docker +resolvelib==1.2.0 + # via ansible-core +rich==14.1.0 + # via + # enrich + # molecule +rpds-py==0.26.0 + # via + # jsonschema + # referencing +subprocess-tee==0.4.2 + # via ansible-compat +typing-extensions==4.14.1 + # via referencing +urllib3==2.5.0 + # via + # docker + # requests +wcmatch==10.1 + # via molecule From aae1659fb31c236b0b6acb0f6a349fc596f39e01 Mon Sep 17 00:00:00 2001 From: jt14den Date: Sat, 2 Aug 2025 12:41:08 -0700 Subject: [PATCH 24/28] WIP: local edits before pip-tools setup --- defaults/main.yml | 2 +- ucla_readme.md | 153 ++++++++++++++++++++++++---------------------- 2 files changed, 80 insertions(+), 75 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 945eee42..da09072e 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -247,7 +247,7 @@ dataverse: custom_sampledataverses: "{{ playbook_dir }}/custom_sampledata/dataverses" custom_sampleusers: "{{ playbook_dir }}/custom_sampledata/users" custom_samplefiles: "{{ playbook_dir }}/custom_sampledata/files" - service_email: noreply@dataverse.yourinstitution.edu + service_email: noreply@dataverse.ucla.edu smtp: localhost # or the FQDN of your organization's SMTP relay solr: download_url: https://archive.apache.org/dist/solr/solr/9.8.0/solr-9.8.0.tgz diff --git a/ucla_readme.md b/ucla_readme.md index 5c7d84f8..176008e4 100644 --- a/ucla_readme.md +++ b/ucla_readme.md @@ -1,44 +1,64 @@ -## Local setup (recommended) +## Local Setup (Recommended) These instructions assume: + - You have already cloned this repository locally: - ``` - git clone https://github.com/ucla-data-science-center/dataverse-ansible.git - cd dataverse-ansible - ``` -- You have [Conda](https://docs.conda.io/en/latest/miniconda.html) installed (e.g. via Miniforge or Miniconda). + + ```bash + git clone https://github.com/ucla-data-science-center/dataverse-ansible.git + cd dataverse-ansible + ``` + +- You have [Conda](https://docs.conda.io/en/latest/miniconda.html) installed (e.g. via [Miniforge](https://github.com/conda-forge/miniforge)). - Docker is installed and running on your system. --- -### Create the Conda environment +### 1. Create the Conda Environment -To create a consistent development environment, use the provided `environment.yml` file: +To create a consistent development environment using `pip-tools`: -``` -conda env create -f environment.yml -conda activate dataverse-ansible -``` + ```bash + conda env create -f environment.yml + conda activate dataverse-ansible + ``` -This will install Python 3.11, Ansible, Molecule, and Docker bindings. +This will install: + +- Python 3.11 +- `pip-tools` (to manage Python packages via lockfiles) --- -### Alternative: Manual environment creation +### 2. Compile and Install Python Dependencies + +This project uses [`pip-tools`](https://pip-tools.readthedocs.io/) for dependency management. After activating the environment: + + ```bash + pip-compile requirements.in + pip-sync + ``` -If you prefer not to use `environment.yml`, you can create the environment manually: +This will install: -``` -conda create -n dataverse-ansible python=3.11 -y -conda activate dataverse-ansible -conda install -c conda-forge ansible molecule docker-py -``` +- `ansible-core` +- `molecule` +- `molecule-docker` +- `docker` (Python SDK) -If you plan to use Vagrant with Molecule instead of Docker, install the vagrant plugin: +> You only need to run `pip-compile` again if `requirements.in` changes. Use `pip-sync` to reinstall the locked dependencies. -``` -pip install 'molecule[docker]' -``` +--- + +### Optional: Manual Environment Creation + +If you prefer not to use `environment.yml` or `pip-tools`, you can manually create and install dependencies: + + ```bash + conda create -n dataverse-ansible python=3.11 -y + conda activate dataverse-ansible + pip install ansible-core molecule molecule-docker docker + ``` --- @@ -48,44 +68,26 @@ The `rocky9` Molecule scenario uses Docker as a provisioner. It relies on a cust From the root of the cloned repository, run: -``` -molecule converge --scenario-name rocky9 -``` + ```bash + molecule converge --scenario-name rocky9 + ``` This will build a Docker container, install Dataverse, and configure services. Once complete, you should be able to access Dataverse at: -``` -http://localhost:8080 -``` + http://localhost:8080 + +**Default admin login:** -Default admin login: - **Username**: `dataverseAdmin` -- **Password**: defined in `tests/group_vars/vagrant.yml` (look for `dataverse_adminpass`) +- **Password**: defined in `tests/group_vars/vagrant.yml` (see `dataverse_adminpass`) To verify the server is responding: -``` -curl -I http://localhost:8080 -``` - -``` -HTTP/1.1 302 Found -Server: Payara Server 6.2025.2 #badassfish -X-Powered-By: Servlet/6.0 JSP/3.1 (Payara Server 6.2025.2 #badassfish Java/Red Hat, Inc./17) -Access-Control-Allow-Origin: * -Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS -Access-Control-Allow-Headers: Accept, Content-Type, X-Dataverse-key, Range -Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Encoding -Set-Cookie: JSESSIONID=23f7765f06c1f42ad21f492b85a6; Path=/;SameSite=Lax;SameSite=Lax -Set-Cookie: csfcfc=6Ped8fcWqtJm0q1f2%2BUzSThNbg%2F8; Path=/; HttpOnly;SameSite=Lax -Location: http://localhost:8080/loginpage.xhtml;jsessionid=23f7765f06c1f42ad21f492b85a6?redirectPage=%2Fdataverse.xhtml -Content-Length: 267 -Content-Language: en -Content-Type: text/html;charset=UTF-8 -X-Frame-Options: SAMEORIGIN -``` + ```bash + curl -I http://localhost:8080 + ``` --- @@ -95,42 +97,45 @@ Because the Dataverse installer is not idempotent, it’s recommended to fully r To stop and delete the container: -``` -molecule reset --scenario-name rocky9 -``` + ```bash + molecule reset --scenario-name rocky9 + ``` + +Then rebuild with: -Then rebuild with `molecule converge`. + ```bash + molecule converge --scenario-name rocky9 + ``` To open a shell inside the running container: -``` -molecule login --scenario-name rocky9 -``` + ```bash + molecule login --scenario-name rocky9 + ``` To see additional Molecule commands: -``` -molecule --help -``` + ```bash + molecule --help + ``` -More documentation: https://ansible.readthedocs.io/projects/molecule/ +More documentation: [https://ansible.readthedocs.io/projects/molecule/](https://ansible.readthedocs.io/projects/molecule/) --- -## Windows/WSL2 Linux specific changes - -If you're using WSL2 with Debian Linux, make the following adjustments (branch: `windows_wsl2_jmj`): - -- In `minio.yml`, lines 68 and 79: - Change `community.docker.docker_compose` to `community.docker.docker_compose_v2` +## Notes -- In `tasks/postgres_redhat.yml`, line 11: - Change `-aarch64` to `{{ ansible_distribution_major_version }}-x86_64` +- If port `8080` is already in use on your machine, update the port mapping in `molecule/rocky9/molecule.yml`. +- Ensure Docker Desktop (macOS) or the Docker daemon (Linux/WSL2) is running before launching `molecule converge`. --- -## Notes +## Windows/WSL2 Linux Specific Changes -- If port `8080` is already in use on your machine, update the port mapping in `molecule/rocky9/molecule.yml`. -- Ensure Docker Desktop or your Linux Docker daemon is running before launching `molecule converge`. +If you're using WSL2 with Debian Linux, make the following adjustments (see branch: `windows_wsl2_jmj`): +- In `minio.yml`, lines 68 and 79: + Change `community.docker.docker_compose` → `community.docker.docker_compose_v2` + +- In `tasks/postgres_redhat.yml`, line 11: + Change `-aarch64` → `{{ ansible_distribution_major_version }}-x86_64` \ No newline at end of file From 1825541ac37bdc2495a48fae0775a52d9a60c2cb Mon Sep 17 00:00:00 2001 From: jamie jamison Date: Mon, 4 Aug 2025 15:09:37 -0700 Subject: [PATCH 25/28] remove weird file {changed: accidently created this file, needed to remove it --- {changed: | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 {changed: diff --git a/{changed: b/{changed: deleted file mode 100644 index e69de29b..00000000 From f5c23cc4b0ca0b5351ead41adecc907d2e614fd7 Mon Sep 17 00:00:00 2001 From: Jamie Jamison Date: Wed, 6 Aug 2025 11:59:38 -0700 Subject: [PATCH 26/28] Remove ucla_readme note about WIndows WSL2 variables. --- ucla_readme.md | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/ucla_readme.md b/ucla_readme.md index 176008e4..7dc60bf8 100644 --- a/ucla_readme.md +++ b/ucla_readme.md @@ -129,13 +129,3 @@ More documentation: [https://ansible.readthedocs.io/projects/molecule/](https:// - Ensure Docker Desktop (macOS) or the Docker daemon (Linux/WSL2) is running before launching `molecule converge`. --- - -## Windows/WSL2 Linux Specific Changes - -If you're using WSL2 with Debian Linux, make the following adjustments (see branch: `windows_wsl2_jmj`): - -- In `minio.yml`, lines 68 and 79: - Change `community.docker.docker_compose` → `community.docker.docker_compose_v2` - -- In `tasks/postgres_redhat.yml`, line 11: - Change `-aarch64` → `{{ ansible_distribution_major_version }}-x86_64` \ No newline at end of file From b448ea09a38a0b28c84de8db870d17972e4f8e71 Mon Sep 17 00:00:00 2001 From: Jamie Jamison Date: Wed, 6 Aug 2025 13:51:41 -0700 Subject: [PATCH 27/28] attempt to fix jvm email variable problem, tasks/dataverse-settings.yml --- tasks/dataverse-optional-settings.yml | 30 ++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/tasks/dataverse-optional-settings.yml b/tasks/dataverse-optional-settings.yml index 4b663992..58160e72 100644 --- a/tasks/dataverse-optional-settings.yml +++ b/tasks/dataverse-optional-settings.yml @@ -16,15 +16,31 @@ shell: 'curl -X PUT -d {{ dataverse.options.provcollectionenabled }} {{ dataverse.api.location }}/admin/settings/:ProvCollectionEnabled' when: dataverse.options.provcollectionenabled -- name: Check if system email JVM option already exists - shell: "{{ payara_dir}}/bin/asadmin list-jvm-options | grep -q \"-Ddataverse.mail.system-email\"" - ignore_errors: yes - register: check_jvm_option +- name: Get JVM options + command: /usr/local/payara6/bin/asadmin list-jvm-options + register: jvm_options + changed_when: false + +- name: Check if system email JVM option exists + set_fact: + has_system_email: "{{ '-Ddataverse.mail.system-email' in jvm_options.stdout }}" - name: Set SystemEmail as a JVM option if it doesn't already exist - shell: "{{ payara_dir}}/bin/asadmin create-jvm-options \"-Ddataverse.mail.system-email=noreply@dataverse.yourinstitution.edu\"" - when: check_jvm_option.rc != 0 - become: yes + command: > + /usr/local/payara6/bin/asadmin create-jvm-options "-Ddataverse.mail.system-email={{ dataverse_system_email }}" + when: not has_system_email + + + +#- name: Check if system email JVM option already exists +# shell: "{{ payara_dir}}/bin/asadmin list-jvm-options | grep -q \"-Ddataverse.mail.system-email\"" +# ignore_errors: yes +# register: check_jvm_option + +# name: Set SystemEmail as a JVM option if it doesn't already exist +# shell: "{{ payara_dir}}/bin/asadmin create-jvm-options \"-Ddataverse.mail.system-email=noreply@dataverse.yourinstitution.edu\"" +# when: check_jvm_option.rc != 0 +# become: yes #- name: set SystemEmail as a jvm-option now # shell: '{{ payara_dir}}/bin/asadmin create-jvm-options "-Ddataverse.mail.system-email={{ dataverse.service_email }}"' From 2b765563d549f486d227ff78ce81185d328080fd Mon Sep 17 00:00:00 2001 From: Jamie Jamison Date: Wed, 13 Aug 2025 13:11:53 -0700 Subject: [PATCH 28/28] fix jvm-email error by adding group_vars/all.yml --- group_vars/all.yml | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 group_vars/all.yml diff --git a/group_vars/all.yml b/group_vars/all.yml new file mode 100644 index 00000000..19144333 --- /dev/null +++ b/group_vars/all.yml @@ -0,0 +1,2 @@ +dataverse_system_email: "admin@example.org" +