From 4e35ea435c31dbb8fe0c41e414cf45aed72082e9 Mon Sep 17 00:00:00 2001
From: gsaudade99 <gabri.saudade@gmail.com>
Date: Thu, 26 Mar 2026 11:33:12 +0100
Subject: [PATCH 1/3] fix roles

---
 roles/hxr.admin-tools/defaults/main.yml |  2 +-
 roles/hxr.apollo/defaults/main.yml      |  2 +-
 roles/hxr.apollo/tasks/main.yml         | 23 ++++++++++++++++++-----
 roles/hxr.remap-user/tasks/main.yml     |  4 ++--
 4 files changed, 22 insertions(+), 9 deletions(-)

diff --git a/roles/hxr.admin-tools/defaults/main.yml b/roles/hxr.admin-tools/defaults/main.yml
index 17f8c9644..91f351194 100644
--- a/roles/hxr.admin-tools/defaults/main.yml
+++ b/roles/hxr.admin-tools/defaults/main.yml
@@ -15,7 +15,7 @@ admin_packages:
   - net-tools
   - unzip
   - mutt
-  - byobu
+  #- byobu
   - tmpwatch
   - rclone
   # centos specific
diff --git a/roles/hxr.apollo/defaults/main.yml b/roles/hxr.apollo/defaults/main.yml
index 034a5b121..e62d37ecb 100644
--- a/roles/hxr.apollo/defaults/main.yml
+++ b/roles/hxr.apollo/defaults/main.yml
@@ -1,4 +1,4 @@
-apollo_version: 2.4.1
+apollo_version: 2.8.1
 apollo_tmp_file: "/tmp/apollo-{{ apollo_version }}.zip"
 # do NOT end this with a /
 tomcat_apollo_webapp_dir: /usr/share/tomcat/webapps/apollo
diff --git a/roles/hxr.apollo/tasks/main.yml b/roles/hxr.apollo/tasks/main.yml
index 2c765b099..1be51ae9c 100644
--- a/roles/hxr.apollo/tasks/main.yml
+++ b/roles/hxr.apollo/tasks/main.yml
@@ -8,19 +8,32 @@
     dest: "{{ apollo_tmp_file }}"
   register: download
 
+- name: Check if old apollo exists
+  stat:
+    path: "{{ tomcat_apollo_webapp_dir }}"
+  register: apollo_webapp_stat
+
+
+- name: Check if Apollo classes directory exists
+  stat:
+    path: "{{ tomcat_apollo_webapp_dir }}/WEB-INF/classes"
+  register: apollo_classes_stat
+
 - name: Backup old apollo
   copy:
     src: "{{ tomcat_apollo_webapp_dir }}"
     dest: "/tmp/apollo-backup-{{ ansible_date_time.epoch }}"
     remote_src: true
-  when: download.changed
+  when:
+    - apollo_webapp_stat.stat.exists
+    - (download.changed or not apollo_classes_stat.stat.exists)
   notify: 'restart tomcat'
 
 - name: Wipe out old apollo
   file:
     path: "{{ tomcat_apollo_webapp_dir }}"
     state: absent
-  when: download.changed
+  when: download.changed or not apollo_classes_stat.stat.exists
   notify: 'restart tomcat'
 
 - name: Make new root webapp
@@ -29,7 +42,7 @@
     state: directory
     owner: tomcat
     group: tomcat
-  when: download.changed
+  when: download.changed or not apollo_classes_stat.stat.exists
   notify: 'restart tomcat'
 
 - name: Extract new apollo into root webapp.
@@ -37,12 +50,12 @@
     src: "{{ apollo_tmp_file }}"
     dest: "{{ tomcat_apollo_webapp_dir }}"
     remote_src: true
-  when: download.changed
+  when: download.changed or not apollo_classes_stat.stat.exists
   notify: 'restart tomcat'
 
 - name: Fix perms
   command: "chown tomcat:tomcat -R /usr/share/tomcat/webapps/apollo/"
-  when: download.changed
+  when: download.changed or not apollo_classes_stat.stat.exists
   notify: 'restart tomcat'
 
 - name: Deploy config file
diff --git a/roles/hxr.remap-user/tasks/main.yml b/roles/hxr.remap-user/tasks/main.yml
index afeee5667..7b9f498ec 100644
--- a/roles/hxr.remap-user/tasks/main.yml
+++ b/roles/hxr.remap-user/tasks/main.yml
@@ -25,7 +25,7 @@
     line: 'input:x:500:'
   when: check_input.rc == 0
 
-- command: "find / -gid 999 -exec chgrp 500 '{}' +"
+- command: "find / ( -path /proc -o -path /sys -o -path /dev -o -path /run ) -prune -o -gid 999 -exec chgrp 500 '{}' +"
   ignore_errors: yes
   when: check_input.rc == 0
 
@@ -41,6 +41,6 @@
     line: 'polkitd:x:500:998:User for polkitd:/:/sbin/nologin'
   when: check_polkitd.rc == 0
 
-- command: "find / -uid 999 -exec chown 500 '{}' +"
+- command: "find / ( -path /proc -o -path /sys -o -path /dev -o -path /run ) -prune -o -uid 999 -exec chown 500 '{}' +"
   ignore_errors: yes
   when: check_polkitd.rc == 0

From 9753855d548804d73958d9276a0737674fb8f625 Mon Sep 17 00:00:00 2001
From: gsaudade99 <gabri.saudade@gmail.com>
Date: Thu, 26 Mar 2026 13:45:15 +0100
Subject: [PATCH 2/3] more small patches

---
 apollo.yml                             | 7 ++++---
 group_vars/apollo.yml                  | 2 +-
 roles/hxr.apollo/tasks/main.yml        | 4 ++--
 roles/hxr.monitor-email/tasks/main.yml | 4 ++--
 4 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/apollo.yml b/apollo.yml
index 11b20de9a..b5f32c166 100644
--- a/apollo.yml
+++ b/apollo.yml
@@ -32,17 +32,18 @@
     - hxr.admin-tools
     - influxdata.chrony
     - hxr.monitor-email
-    - linuxhq.yum_cron
+    #- linuxhq.yum_cron # Deprecated
     - galaxyproject.nginx
     - hxr.autofs
     # BEGIN custom
     - hxr.remap-user
     # Now add custom tomcat user with hardcoded ID. The user info is in group_vars/apollo.yml
-    - hxr.replace-galaxy-user
+    # Tomcat had already ID 999
+    #- hxr.replace-galaxy-user
     - devops.tomcat7
     # - hxr.gx-cookie-proxy # Currently PANICs, the old version deployed is fine tho
     - hxr.apollo
     # END custom
-    - dj-wasabi.telegraf
+#    - dj-wasabi.telegraf # this role needs to be fixed
     # - dev-sec.os-hardening
     # - dev-sec.ssh-hardening
diff --git a/group_vars/apollo.yml b/group_vars/apollo.yml
index 0018c204f..97920e284 100644
--- a/group_vars/apollo.yml
+++ b/group_vars/apollo.yml
@@ -39,7 +39,7 @@ apollo_config_jbrowse: |
     jbrowse {
         git {
             url= "https://github.com/GMOD/jbrowse"
-            tag = "1.16.10-release"
+            tag = "1.16.12-release"
             alwaysPull = true
             alwaysRecheck = true
         }
diff --git a/roles/hxr.apollo/tasks/main.yml b/roles/hxr.apollo/tasks/main.yml
index 1be51ae9c..ba6a7faca 100644
--- a/roles/hxr.apollo/tasks/main.yml
+++ b/roles/hxr.apollo/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
-#- name: "Fix weird tomcat bug"
-  #command: "yum reinstall -y tomcat-lib"
+- name: "Fix weird tomcat bug"
+  command: "yum reinstall -y tomcat-lib"
 
 - name: Download apollo
   get_url:
diff --git a/roles/hxr.monitor-email/tasks/main.yml b/roles/hxr.monitor-email/tasks/main.yml
index b60c1426d..ed6bddca3 100644
--- a/roles/hxr.monitor-email/tasks/main.yml
+++ b/roles/hxr.monitor-email/tasks/main.yml
@@ -26,5 +26,5 @@
           - data_format = "influx"
           - interval = "1h"
 
-- set_fact:
-    telegraf_plugins_extra: "{{ telegraf_plugins_extra | combine(plugin_config) }}"
+#- set_fact:
+#    telegraf_plugins_extra: "{{ telegraf_plugins_extra | combine(plugin_config) }}"

From c89ab7cf2e16c4898c4a0704f9c0208061c714ac Mon Sep 17 00:00:00 2001
From: gsaudade99 <gabri.saudade@gmail.com>
Date: Thu, 26 Mar 2026 14:13:05 +0100
Subject: [PATCH 3/3] add gx-cookie

---
 apollo.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/apollo.yml b/apollo.yml
index b5f32c166..9dd99847d 100644
--- a/apollo.yml
+++ b/apollo.yml
@@ -41,9 +41,10 @@
     # Tomcat had already ID 999
     #- hxr.replace-galaxy-user
     - devops.tomcat7
-    # - hxr.gx-cookie-proxy # Currently PANICs, the old version deployed is fine tho
+    - hxr.gx-cookie-proxy # Currently PANICs, the old version deployed is fine tho
+    -                     # It started fine for now
     - hxr.apollo
     # END custom
-#    - dj-wasabi.telegraf # this role needs to be fixed
+    #- dj-wasabi.telegraf # this role needs to be fixed
     # - dev-sec.os-hardening
     # - dev-sec.ssh-hardening