From a12f9e2baffbbccfe7c1b3a8589f56803acf7a1e Mon Sep 17 00:00:00 2001 From: Romain Pelisse Date: Sun, 15 Jun 2025 10:42:36 +0200 Subject: [PATCH] Backport generic systemd integration from amq_streams collection into common --- galaxy.yml | 2 +- roles/common/defaults/main.yml | 3 + roles/common/tasks/systemd.yml | 98 +++++++++++++++++++++++ roles/common/templates/service_systemd.j2 | 28 +++++++ 4 files changed, 130 insertions(+), 1 deletion(-) create mode 100644 roles/common/defaults/main.yml create mode 100644 roles/common/tasks/systemd.yml create mode 100644 roles/common/templates/service_systemd.j2 diff --git a/galaxy.yml b/galaxy.yml index 2da9acc..325dcbf 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,7 +1,7 @@ --- namespace: middleware_automation name: common -version: "1.2.3" +version: "1.2.4" readme: README.md authors: - Andrew Block diff --git a/roles/common/defaults/main.yml b/roles/common/defaults/main.yml new file mode 100644 index 0000000..9a7fefe --- /dev/null +++ b/roles/common/defaults/main.yml @@ -0,0 +1,3 @@ +--- +common_systemd_home: '/usr/lib/systemd/system' +common_systemd_default_unit_template: 'templates/service_systemd.j2' diff --git a/roles/common/tasks/systemd.yml b/roles/common/tasks/systemd.yml new file mode 100644 index 0000000..cc7bc23 --- /dev/null +++ b/roles/common/tasks/systemd.yml @@ -0,0 +1,98 @@ +--- +- name: "Ensure that required parameter(s) are provided." + ansible.builtin.assert: + that: + - server_name is defined and server_name | length > 0 + - server_restart_handler_name is defined and server_restart_handler_name | length > 0 + quiet: true + +- name: "Switch to root" + become: "{{ common_escalade_privileges | default(True) }}" + block: + - name: "Ensure {{ server_name }} configuration is deployed ({{ server_config_template }} -> {{ server_config }}." + ansible.builtin.template: + src: "{{ server_config_template }}" + dest: "{{ server_config }}" + owner: root + group: root + mode: 0644 + when: + - server_config_template is defined and server_config is defined + - server_config_template | length > 0 and server_config | length > 0 + notify: + - "{{ server_restart_handler_name }}" + + - name: "Ensure log dir belongs to the appropriate user and group - if all provided" + ansible.builtin.file: + path: "{{ server_log_dir }}" + owner: "{{ server_user }}" + group: "{{ server_group }}" + state: directory + mode: 0755 + when: + - server_log_dir is defined + - server_user is defined + - server_group is defined + + - name: "Deploy server configuration - if provided." + ansible.builtin.template: + src: "{{ service_systemd_env_file_template | default('templates/service.conf.j2') }}" + dest: "{{ service_systemd_env_file }}" + owner: root + group: root + mode: 0644 + selevel: "{{ server_envfile_selevel | default('s0') }}" + serole: "{{ server_envfile_serole | default('object_r') }}" + setype: "{{ server_envfile_setype | default('etc_t') }}" + seuser: "{{ server_envfile_seuser | default('system_u') }}" + register: daemon_reload_env + when: + - service_systemd_env_file is defined + + - name: "Compute default path for systemd unit file (if needed)." + ansible.builtin.set_fact: + server_systemd_path_to_unit: "{{ server_systemd_home | default(common_systemd_home) }}/{{ server_systemd_name | default(server_name + '.service') }}" + when: + - not server_systemd_name is defined + + - name: "Deploy Systemd descriptor for service: {{ server_name }}" + ansible.builtin.template: + src: "{{ server_service_config_file_template | default(common_systemd_default_unit_template) }}" + dest: "{{ server_systemd_path_to_unit }}" + group: root + owner: root + mode: 0644 + selevel: "{{ server_systemd_unit_selevel | default('s0') }}" + serole: "{{ server_systemd_unit_serole | default('object_r') }}" + setype: "{{ server_systemd_unit_setype | default('systemd_unit_file_t') }}" + seuser: "{{ server_systemd_unit_seuser | default('system_u') }}" + vars: + service_description: "{{ server_description | default(server_name) }}" + service_user: "{{ server_user | default('root') }}" + service_group: "{{ server_group | default('root') }}" + service_pidfile: "{{ server_pidfile | default(omit) }}" + service_start_sleep: "{{ server_start_sleep | default(0) }}" + register: daemon_reload + + - name: "Perform daemon-reload to ensure the changes are picked up" + ansible.builtin.systemd: + daemon_reload: yes + when: + - daemon_reload is defined + - daemon_reload.changed + + - name: "Ensure {{ server_name }} is enabled and running." + ansible.builtin.service: + name: "{{ server_name }}" + enabled: yes + state: started + when: + - not server_skip_start is defined or not server_skip_start + + - name: "Wait for service port {{ server_port }} to be available - (if provided)" + ansible.builtin.wait_for: + port: "{{ server_port }}" + delay: "{{ delay_before_server_port_check | default(omit) }}" + when: + - skip_wait_for_server_port is defined and not skip_wait_for_server_port + - server_port is defined and server_port != '' diff --git a/roles/common/templates/service_systemd.j2 b/roles/common/templates/service_systemd.j2 new file mode 100644 index 0000000..5a7d4bb --- /dev/null +++ b/roles/common/templates/service_systemd.j2 @@ -0,0 +1,28 @@ +# {{ ansible_managed }} + +[Unit] +Description={{ service_description }} +After=syslog.target network.target + +[Service] +{% if service_systemd_workdir is defined %}WorkingDirectory={{ service_systemd_workdir }} +{% endif %} +{% if service_systemd_env_file is defined %}EnvironmentFile=-{{ service_systemd_env_file }} +{% endif %} +{% if service_user is defined %}User={{ service_user }} +{% endif %} +{% if service_group is defined %}Group={{ service_group }} +{% endif %} +# +# +ExecStart={{ server_start }} {% if server_config is defined %}{{ server_config }}{% endif %} {% if server_extra_args is defined %}{{ server_extra_args }}{% endif %} + +{% if service_start_sleep | int > 0 %} +ExecStartPre=/bin/sleep {{ service_start_sleep | int / 1000 }} +{% endif %} +{% if server_stop is defined %} +ExecStop={{ server_stop }} +{% endif %} + +[Install] +WantedBy=multi-user.target