Merge branch 'master' into dtreechanges

.dependabot/config.yml

@@ -0,0 +1,8 @@
+version: 1
+update_configs:
+  - package_manager: "submodules"
+    directory: "/"
+    update_schedule: "daily"
+    default_reviewers:
+      - "jasonrogena"
+      - "manutarus"

README.md

@@ -1,4 +1,4 @@
-# Ansible Playbooks [![Build Status](https://travis-ci.org/OpenSRP/playbooks.svg?branch=master)](https://travis-ci.org/OpenSRP/playbooks)
+# Ansible Playbooks [![Build Status](https://travis-ci.com/OpenSRP/playbooks.svg?branch=master)](https://travis-ci.com/OpenSRP/playbooks)
 
 A collection of [Ansible][1] scripts and templates used to deploy systems used by OpenSRP.
 We use Ansible's recommended [alternative directory layout][4].

deploy-openmrs.yml

@@ -6,7 +6,6 @@
       setup:
   roles:
     - common
-  always_run: true
 
 - hosts: openmrs-mysql-servers
   roles:

deploy-opensrp.yml

@@ -6,7 +6,6 @@
       setup:
   roles:
     - common
-  always_run: true
 
 - hosts: opensrp-couchdb-servers
   serial: 1 # Runs playbook one server at at time (to achieve a rolling update)

requirements.txt

@@ -1,18 +1,18 @@
-ansible==2.4.1.0
+ansible==2.6.0
 ansible-lint==4.1.0
-asn1crypto==0.23.0
-bcrypt==3.1.4
+asn1crypto==0.24.0
+bcrypt==3.1.7
 boto==2.48.0
-cffi==1.11.2
-cryptography==2.1.2
+cffi==1.12.3
+cryptography==2.7
 enum34==1.1.6
 idna==2.6
-ipaddress==1.0.18
-Jinja2==2.9.6
-MarkupSafe==1.0
-paramiko==2.3.2
+ipaddress==1.0.22
+Jinja2==2.10.1
+MarkupSafe==1.1.1
+paramiko==2.6.0
 pyasn1==0.3.7
-pycparser==2.18
-PyNaCl==1.2.0
-PyYAML==3.12
-six==1.11.0
+pycparser==2.19
+PyNaCl==1.3.0
+PyYAML==5.1.1
+six==1.12.0

roles/couchdb/tasks/main.yml

@@ -28,6 +28,12 @@
     enabled: true
     state: restarted
 
+- name: Wait for CouchDB to be available
+  wait_for:
+    host: 127.0.0.1
+    port: "{{ couchdb_port }}"
+    delay: 10
+
 - name: Add CouchDB admin user
   uri:
     url: "http://127.0.0.1:{{ couchdb_port }}/_config/admins/{{ couchdb_admin_user }}"

roles/dhis2/defaults/main.yml

@@ -23,7 +23,11 @@ dhis_tomcat_fsize_threshold: "10485760"
 dhis_postgresql_user: dhis
 dhis_postgresql_database: dhis2
 dhis_postgresql_password: ""
-dhis_postgresql_connection_url: "jdbc:postgresql:{{ dhis_postgresql_database }}"
+dhis_postgresql_host: localhost
+dhis_postgresql_port: 5432
+dhis_postgresql_connection_url: "jdbc:postgresql://{{ dhis_postgresql_host }}:{{ dhis_postgresql_port }}/{{ dhis_postgresql_database }}"
+dhis_postgresql_login_user: root
+dhis_postgres_login_password:
 
 # Certbot
 dhis_certbot_create_certs: true

roles/dhis2/tasks/main.yml

@@ -25,7 +25,7 @@
     owner: "{{ dhis_system_user }}"
     group: "{{ dhis_system_group }}"
     state: directory
-    mode: 0644
+    mode: 0750
 
 - name: Copy DHIS Config
   become: yes
@@ -37,6 +37,37 @@
     group: "{{ dhis_system_group }}"
     mode: 0600
 
+- name: Install PostgreSQL prerequisites
+  become: yes
+  become_user: "root"
+  apt:
+    name: "{{ item }}"
+    state: present
+  with_items:
+    - libpq-dev
+    - python-psycopg2
+
+- name: Make sure the DHIS database exists
+  postgresql_db:
+    name: "{{ dhis_postgresql_database }}"
+    login_host: "{{ dhis_postgresql_host }}"
+    port: "{{ dhis_postgresql_port }}"
+    login_user: "{{ dhis_postgresql_login_user }}"
+    login_password: "{{ dhis_postgres_login_password }}"
+    encoding: UTF-8
+
+- name: Ensure DHIS psql user has the right access level to the database
+  postgresql_user:
+    db: "{{ dhis_postgresql_database }}"
+    login_host: "{{ dhis_postgresql_host }}"
+    port: "{{ dhis_postgresql_port }}"
+    login_user: "{{ dhis_postgresql_login_user }}"
+    login_password: "{{ dhis_postgres_login_password }}"
+    name: "{{ dhis_postgresql_user }}"
+    password: "{{ dhis_postgresql_password }}"
+    encrypted: yes
+    priv: ALL
+
 - name: Download The DHIS2 War
   become: yes
   become_user: "root"

roles/openmrs/defaults/main.yml

@@ -42,6 +42,23 @@ openmrs_allow_web_admin: "true"
 openmrs_encryption_vector:
 openmrs_encryption_key:
 openmrs_require_encryption: true
+openmrs_binary_download_directory: "/tmp/openmrs_binary"
+openmrs_binary_file_path: "{{ openmrs_binary_download_directory }}/{{ openmrs_install_name }}.war"
+openmrs_log_level: "ERROR"
+
+#OpenMRS modules
+openmrs_modules:
+  - "idgen-4.5.0"
+  - "uiframework-3.13.0"
+  - "registrationcore-1.8.0"
+  - "providermanagement-2.10.0"
+  - "teammodule-2.0.0B"
+  - "uicommons-2.6.0"
+  - "webservices.rest-2.24.0"
+  - "legacyui-1.4.0"
+  - "uilibrary-2.0.6"
+  - "dhislocation-1.2.0"
+  - "event-2.6.0"
 
 # Hibernate
 openmrs_hibernate_c3p0_min_size: 5

roles/openmrs/meta/main.yml

@@ -13,7 +13,7 @@ dependencies: # noqa 701
   tomcat_system_group: "{{ tomcat_group }}"
   tomcat_user_home: "{{ openmrs_tomcat_user_home }}"
   tomcat_instance: "{{ openmrs_tomcat_instance }}"
-  tomcat_working_directory: "{{ tomcat_user_home }}/.OpenMRS"
+  tomcat_working_directory: "{{ tomcat_user_home }}/{{ tomcat_instance }}"
   tomcat_http_port: "{{ openmrs_tomcat_http_port }}"
   tomcat_shutdown_port: "{{ openmrs_tomcat_shutdown_port }}"
   tomcat_max_filesize: "{{ openmrs_tomcat_max_filesize }}"

roles/openmrs/tasks/main.yml

@@ -49,16 +49,19 @@
     state: link
     mode: 0777
 
-- name: Set OpenMRS facts based on version
-  set_fact:
-    openmrs_modules: "{{ openmrs_modules_v1 if (openmrs_version < 2) else openmrs_modules_v2 }}"
-    template:
-      "templates/conditionals/openmrs_version_template.j2"
-
 - include_tasks: modules.yml
   when: openmrs_modules|length > 0
 
-- name: Make sure the OpenMRS directory is absent in Tomcat's app directory
+- name: Make sure the OpenMRS Binary Download directory dir exists
+  become: yes
+  become_user: "root"
+  file:
+    path: "{{ openmrs_binary_download_directory }}"
+    state: "directory"
+    owner: "{{ ansible_ssh_user }}"
+    mode: "0755"
+
+- name: Make sure the OpenMRS directories are absent
   become: yes
   become_user: root
   file:
@@ -67,18 +70,30 @@
   with_items:
     - "{{ openmrs_tomcat_user_home }}/{{ openmrs_tomcat_instance }}/webapps/{{ openmrs_install_name }}.war"
     - "{{ openmrs_tomcat_user_home }}/{{ openmrs_tomcat_instance }}/webapps/{{ openmrs_install_name }}"
+    - "{{ openmrs_binary_file_path }}"
 
-- name: Install the OpenMRS Binary
+- name: Download the OpenMRS Binary
   become: yes
   become_user: root
   get_url:
     url: "https://downloads.sourceforge.net/project/openmrs/releases/OpenMRS_Platform_{{ openmrs_version }}/openmrs.war"
-    dest: "{{ openmrs_tomcat_user_home }}/{{ openmrs_tomcat_instance }}/webapps/{{ openmrs_install_name }}.war"
+    dest: "{{ openmrs_binary_file_path }}"
     owner: "{{ openmrs_system_user }}"
     group: "{{ openmrs_system_group }}"
+    timeout: 60
   retries: 3
   delay: 10
 
+- name: Install the OpenMRS Binary
+  become: yes
+  become_user: root
+  copy:
+    src: "{{ openmrs_binary_file_path }}"
+    dest: "{{ openmrs_tomcat_user_home }}/{{ openmrs_tomcat_instance }}/webapps/{{ openmrs_install_name }}.war"
+    owner: "{{ openmrs_system_user }}"
+    group: "{{ openmrs_system_group }}"
+    remote_src: yes
+
 - name: Check if the properties file is already on the server
   become: yes
   become_user: root
@@ -125,13 +140,23 @@
     become: yes
     become_user: root
     template:
-      src: "templates/usr/share/tomcat7/.OpenMRS/openmrs-runtime.properties.j2"
+      src: "templates/openmrs_home_directory/openmrs-runtime.properties.j2"
       dest: "{{ openmrs_home_directory }}/openmrs-runtime.properties"
       owner: "{{ openmrs_system_user }}"
       group: "{{ openmrs_system_group }}"
       mode: 0640
   when: openmrs_properties_file_status.stat.exists
 
+- name: Copy the OpenMRS Runtime Template
+  become: yes
+  become_user: root
+  template:
+    src: "templates/openmrs_tomcat_user_home/openmrs_tomcat_instance/conf/logging.properties.j2"
+    dest: "{{ openmrs_tomcat_user_home }}/{{ openmrs_tomcat_instance }}/conf/logging.properties"
+    owner: "{{ openmrs_system_user }}"
+    group: "{{ openmrs_system_group }}"
+    mode: 0640
+
 - name: Restart the Tomcat7 Service
   become: yes
   become_user: root

roles/openmrs/templates/usr/share/tomcat7/.OpenMRS/openmrs-runtime.properties.j2 → roles/openmrs/templates/openmrs_home_directory/openmrs-runtime.properties.j2

@@ -4,7 +4,7 @@ connection.url={{ openmrs_mysql_connection_url }}
 module.allow_web_admin={{ openmrs_allow_web_admin }}
 auto_update_database={{ openmrs_auto_update_database }}
 sync.mandatory=false
-{% if openmrs_encryption_vector|length > 0 and openmrs_encryption_key|length > 0 %}
+{% if openmrs_encryption_vector and openmrs_encryption_vector|length > 0 and openmrs_encryption_key and openmrs_encryption_key|length > 0 %}
 encryption.vector={{ openmrs_encryption_vector }}
 encryption.key={{ openmrs_encryption_key }}
 {% endif %}

roles/openmrs/templates/openmrs_tomcat_user_home/openmrs_tomcat_instance/conf/logging.properties.j2

@@ -0,0 +1,42 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+handlers = 1catalina.org.apache.juli.FileHandler, 2localhost.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler
+
+.handlers = 1catalina.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler
+
+############################################################
+# Handler specific properties.
+# Describes specific configuration info for Handlers.
+############################################################
+
+1catalina.org.apache.juli.FileHandler.level = {{ openmrs_log_level }}
+1catalina.org.apache.juli.FileHandler.directory = ${catalina.base}/logs
+1catalina.org.apache.juli.FileHandler.prefix = catalina.
+
+2localhost.org.apache.juli.FileHandler.level = {{ openmrs_log_level }}
+2localhost.org.apache.juli.FileHandler.directory = ${catalina.base}/logs
+2localhost.org.apache.juli.FileHandler.prefix = localhost.
+
+java.util.logging.ConsoleHandler.level = {{ openmrs_log_level }}
+java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
+
+############################################################
+# Facility specific properties.
+# Provides extra control for each logger.
+############################################################
+
+org.apache.catalina.core.ContainerBase.[Catalina].[localhost].level = {{ openmrs_log_level }}
+org.apache.catalina.core.ContainerBase.[Catalina].[localhost].handlers = 2localhost.org.apache.juli.FileHandler

roles/opensrp/defaults/main.yml

@@ -13,7 +13,7 @@ opensrp_mysql_password: "opensrp"
 opensrp_openmrs_url: "https://{{ openmrs_site_name }}/{{ openmrs_install_name }}/"
 opensrp_install_name: "opensrp"
 opensrp_resource_dir: "/var/lib/OpenSRP"
-opensrp_version: "zeir-1.1.2"
+opensrp_version: "v1.2.18-SNAPSHOT"
 opensrp_openmrs_user: "admin"
 opensrp_openmrs_password: "admin"
 opensrp_openmrs_tomcat_user_home: "/home/openmrs"
@@ -59,8 +59,13 @@ opensrp_system_user: "opensrp"
 opensrp_tomcat_instance: "tomcat-opensrp"
 opensrp_user_home: "/home/{{ opensrp_system_user }}"
 opensrp_psql_as_primary_database: true
-opensrp_psql_table_space_dir: "/opt/postgres"
+opensrp_core_tablespace: "pg_default"
+opensrp_error_tablespace: "pg_default"
+opensrp_schedule_tablespace: "pg_default"
+opensrp_feed_tablespace: "pg_default"
+opensrp_form_tablespace: "pg_default"
 opensrp_postgresql_user: "opensrp_admin"
+opensrp_postgresql_password:
 opensrp_postgresql_database: "opensrp"
 opensrp_redis_host: "localhost"
 opensrp_redis_port: 6379
@@ -71,13 +76,14 @@ opensrp_mysql_root_user: "root"
 opensrp_mysql_root_password: ""
 opensrp_postgres_superuser: "postgres"
 opensrp_postgres_superuser_password: ""
-opensrp_postgresql_user_role_attr_flags: "SUPERUSER"
+opensrp_postgresql_user_role_attr_flags: "LOGIN"
 opensrp_mybatis_version: "3.3.1"
 opensrp_mybatis_install_dir: "/opt/mybatis"
-opensrp_mybatis_env: "development"
+opensrp_mybatis_env: "deployment"
 opensrp_mybatis_migration_extra_args: ""
 opensrp_java_packages:
   - openjdk-8-jre
+opensrp_multimedia_parent_directory: "{{ opensrp_openmrs_tomcat_user_home }}/.OpenMRS"
 
 # List of profiles to be activated. Only the specified profiles will
 # be made active. Read more on OpenSRP Server profiles here:

roles/opensrp/tasks/main.yml

@@ -49,10 +49,10 @@
     owner: "{{ opensrp_system_user }}"
     group: "{{ tomcat_group }}"
 
-- include_tasks: psql_table_spaces.yml
+- include_tasks: postgresql.yml
   when: opensrp_psql_as_primary_database
   tags:
-  - psql-table-space
+  - postgresql
 
 - name: Restart OpenSRP Tomcat Instance
   become: yes