Closes #5: Final fixes & adjustments to support EL6/7 (#96)

.travis.yml

@@ -3,18 +3,16 @@ sudo: required
 dist: trusty
 services: docker
 
+branches:
+  only:
+    - master
+
 env:
   - DISTRO=ubuntu-14
   - DISTRO=ubuntu-16
   - DISTRO=centos-6
   - DISTRO=centos-7
 
-matrix:
-  fast_finish: true
-  allow_failures:
-    - env: DISTRO=centos-6
-    - env: DISTRO=centos-7
-
 script:
   # run kitchen tests (destroy, create, converge, setup, verify and destroy)
   - kitchen test ${DISTRO}

README.md

@@ -11,11 +11,13 @@ Aka IFTTT orchestration for Ops.
 ## Supported platforms
 * Ubuntu Trusty (14.04)
 * Ubuntu Xenial (16.04)
+* RHEL6 / CentOS6
+* RHEL7 / CentOS7
 
 > If you're using the provided Vagrantfile, note that it uses Xenial by default. Due to some of the changes there, Vagrant 1.9.1 or better is required.
 
 ## Requirements
-At least 2GB of memory and 3.5GB of disk space is required, since StackStorm is shipped with RabbitMQ, PostgreSQL, Mongo and OpenStack Mistral.
+At least 2GB of memory and 3.5GB of disk space is required, since StackStorm is shipped with RabbitMQ, PostgreSQL, Mongo, nginx and OpenStack Mistral.
 
 ## Installation
 ```sh
@@ -59,17 +61,6 @@ Install specific numeric version of st2 with pinned revision number as well:
 ansible-playbook stackstorm.yml --extra-vars='st2_version=2.1.1 st2_revision=8'
 ```
 
-## Other Installers
-You might be interested in other methods to deploy StackStorm engine:
-* Configuration Management
-  * [Chef Cookbook](https://github.com/StackStorm/chef-stackstorm/)
-  * [Puppet Module](https://github.com/stackstorm/puppet-st2)
-
-* Manual Instructions
-  * [Ubuntu 14.04/16.04](https://docs.stackstorm.com/install/deb.html)
-  * [RHEL7/CentOS7](https://docs.stackstorm.com/install/rhel7.html)
-  * [RHEL6/CentOS6](https://docs.stackstorm.com/install/rhel6.html)
-
 ## Developing
 
 There are a few requirements when developing on `ansible-st2`:
@@ -82,7 +73,18 @@ These are the platforms we must support (must pass end-to-end testing):
 - RHEL6 (via AWS)
 - RHEL7 (via AWS)
 
-Must also support Ansible Idempotence (Eg. Ansible-playbook re-run should end with the following results: changed=0.*failed=0)
+Must also support Ansible Idempotence (Eg. Ansible-playbook re-run should end with the following results: `changed=0.*failed=0`)
+
+## Other Installers
+You might be interested in other methods to deploy StackStorm engine:
+* Configuration Management
+  * [Chef Cookbook](https://github.com/StackStorm/chef-stackstorm/)
+  * [Puppet Module](https://github.com/stackstorm/puppet-st2)
+
+* Manual Instructions
+  * [Ubuntu 14.04/16.04](https://docs.stackstorm.com/install/deb.html)
+  * [RHEL7/CentOS7](https://docs.stackstorm.com/install/rhel7.html)
+  * [RHEL6/CentOS6](https://docs.stackstorm.com/install/rhel6.html)
 
 ## Help
 If you're in stuck, our community always ready to help, feel free to:

meta/main.yml

@@ -14,6 +14,10 @@ galaxy_info:
       versions:
         - trusty
         - xenial
+    - name: EL
+      versions:
+        - 6
+        - 7
   categories:
     - ops
     - devops

roles/epel/meta/main.yml

@@ -3,13 +3,9 @@ galaxy_info:
   description: Install EPEL repository
   author: mierdin
   company: StackStorm
-  license: Apache
+  license: Apache 2.0
   min_ansible_version: 1.9
   platforms:
-    - name: Ubuntu
-      versions:
-        - trusty
-        - precise
     - name: EL
       versions:
         - 6

roles/epel/tasks/main.yml

@@ -4,10 +4,12 @@
     path: /etc/yum.repos.d/epel.repo
   register: epel_installed
   when: ansible_os_family == "RedHat"
+  tags: epel
 
 - name: Install EPEL repo
   become: yes
   yum:
     name: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_distribution_major_version }}.noarch.rpm"
     state: present
   when: ansible_os_family == "RedHat" and not epel_installed.stat.exists
+  tags: epel

roles/mongodb/meta/main.yml

@@ -17,4 +17,5 @@ galaxy_info:
   categories:
     - system
 dependencies:
-  - { role: 'epel', when: ansible_os_family == 'RedHat' }
+  - role: epel
+    when: ansible_os_family == 'RedHat'

roles/nginx/handlers/main.yml

@@ -0,0 +1,12 @@
+---
+- name: restart nginx
+  become: yes
+  service:
+    name: nginx
+    state: restarted
+
+- name: reload nginx
+  become: yes
+  service:
+    name: nginx
+    state: reloaded

roles/nginx/tasks/nginx_yum.yml

@@ -29,6 +29,14 @@
   yum:
     name: libsemanage-python, libselinux-python
     state: present
+  register: nginx_selinux_dependencies
+  tags: nginx
+
+- name: Update SELinux facts after installing dependencies
+  become: yes
+  setup:
+    filter: ansible_selinux
+  when: nginx_selinux_dependencies.changed
   tags: nginx
 
 - name: Adjust SELinux to allow network access for nginx

roles/st2/handlers/main.yml

@@ -1,13 +1,22 @@
 - name: restart st2
-  become: true
-  command: "{{ item }}"
-  with_items:
-    - st2ctl reload --register-all
-    - st2ctl restart
+  become: yes
+  service:
+    name: "{{ item }}"
+    state: restarted
+  with_items: "{{ st2_services }}"
 
-- name: restart st2api/st2stream
-  become: true
-  command: "st2ctl restart-component {{ item }}"
-  with_items:
-    - st2api
-    - st2stream
+- name: reload st2
+  become: yes
+  command: st2ctl reload --register-all
+
+- name: restart st2api
+  become: yes
+  service:
+    name: st2api
+    state: restarted
+
+- name: restart st2stream
+  become: yes
+  service:
+    name: st2stream
+    state: restarted

roles/st2/meta/main.yml

@@ -3,15 +3,24 @@ galaxy_info:
   description: Install StackStorm and all its components
   author: armab
   company: StackStorm
-  license: Apache
-  min_ansible_version: 1.9
+  license: Apache 2.0
+  min_ansible_version: 2.2
   platforms:
     - name: Ubuntu
       versions:
         - trusty
-        - precise
+        - xenial
+    - name: EL
+      versions:
+        - 6
+        - 7
   categories:
-    - system
+    - stackstorm
+    - st2
+    - automation
+    - remediation
+    - devops
 dependencies:
-  - { role: 'epel', when: ansible_os_family == 'RedHat' }
+  - role: epel
+    when: ansible_os_family == 'RedHat'
   - role: st2repos

roles/st2/tasks/config_auth.yml → roles/st2/tasks/auth.yml

@@ -1,4 +1,4 @@
-- name: Install auth pre-reqs (Debian)
+- name: auth | Install auth pre-reqs (Debian)
   become: yes
   apt:
     name: "{{ item }}"
@@ -8,7 +8,7 @@
     - apache2-utils
   when: ansible_os_family == 'Debian'
 
-- name: Install auth pre-reqs (RedHat)
+- name: auth | Install auth pre-reqs (RedHat)
   become: yes
   yum:
     name: "{{ item }}"
@@ -18,16 +18,17 @@
     - httpd-tools
   when: ansible_os_family == 'RedHat'
 
-- name: Create htpasswd file
+- name: auth | Create htpasswd file
   become: true
   htpasswd:
     path: /etc/st2/htpasswd
     name: "{{ st2_auth_username }}"
     password: "{{ st2_auth_password }}"
   notify:
-    - restart st2api/st2stream
+    - restart st2api
+    - restart st2stream
 
-- name: Enable authentication
+- name: auth | Enable authentication
   become: yes
   ini_file:
     dest: /etc/st2/st2.conf
@@ -36,4 +37,5 @@
     value: True
     backup: yes
   notify:
-    - restart st2api/st2stream
+    - restart st2api
+    - restart st2stream

roles/st2/tasks/main.yml

@@ -5,6 +5,7 @@
     name: http://rpmfind.net/linux/centos/6/os/x86_64/Packages/libffi-devel-3.0.5-3.2.el6.x86_64.rpm
     state: present
   when: ansible_os_family == "RedHat" and ansible_distribution_major_version == "6"
+  tags: st2
 
 - name: Install latest st2 package
   become: yes
@@ -14,7 +15,8 @@
   when: st2_version == "latest"
   notify:
     - restart st2
-  tags: skip_ansible_lint
+    - reload st2
+  tags: st2, skip_ansible_lint
 
 - name: Install pinned st2 package
   become: yes
@@ -24,13 +26,17 @@
   when: st2_version != "latest"
   notify:
     - restart st2
+    - reload st2
+  tags: st2
 
 - name: Create and configure StackStorm system user
   include: user.yml
+  tags: st2, user
 
 - name: Configure StackStorm authentication
-  include: config_auth.yml
+  include: auth.yml
   when: st2_auth_enable
+  tags: st2, auth
 
 - name: Ensure StackStorm services are enabled and running
   become: yes
@@ -39,3 +45,4 @@
     enabled: yes
     state: started
   with_items: "{{ st2_services }}"
+  tags: st2

roles/st2/tasks/user.yml

@@ -10,7 +10,6 @@
     ssh_key_file: "{{ st2_ssh_key_file }}"
     state: present
   register: _user
-  tags: [st2, user]
 
 - name: user | Authorize key-based access for system user
   become: yes
@@ -19,7 +18,6 @@
     user: "{{ st2_system_user }}"
     key: "{{ _user.ssh_public_key }}"
     state: present
-  tags: [st2, user]
 
 - name: user | Add system user to sudoers
   become: yes
@@ -31,18 +29,16 @@
     line: "{{ st2_system_user }} ALL=(ALL) NOPASSWD: SETENV: ALL"
     state: "{{ 'present' if st2_system_user_in_sudoers else 'absent' }}"
     validate: 'visudo -cf %s'
-  tags: [st2, user]
 
-- name: Disable requiretty
+- name: user | Disable requiretty
   become: yes
   replace:
     dest: "/etc/sudoers"
     regexp: '^Defaults\s+\+?requiretty'
     replace: '# Defaults requiretty'
   when: st2_system_user_in_sudoers
-  tags: [st2, user]
 
-- name: Configure system user in /etc/st2/st2.conf
+- name: user | Configure system user in /etc/st2/st2.conf
   become: yes
   ini_file:
     dest: /etc/st2/st2.conf
@@ -51,7 +47,7 @@
     value: "{{ st2_system_user }}"
     backup: yes
 
-- name: Configure system user ssh key in /etc/st2/st2.conf
+- name: user | Configure system user ssh key in /etc/st2/st2.conf
   become: yes
   ini_file:
     dest: /etc/st2/st2.conf

roles/st2/vars/main.yml

@@ -4,11 +4,11 @@
 # https://github.com/StackStorm/st2/blob/master/st2common/bin/st2ctl#L5
 st2_services:
   - st2actionrunner
-  - st2api
-  - st2stream
-  - st2auth
   - st2garbagecollector
   - st2notifier
   - st2resultstracker
   - st2rulesengine
   - st2sensorcontainer
+  - st2api
+  - st2stream
+  - st2auth

roles/st2repos/defaults/main.yml

@@ -1,2 +1,3 @@
 ---
-# defaults file for st2repos
+# StackStorm PackageCloud repository to install: stable, unstable, staging-stable, staging-unstable.
+st2_pkg_repo: stable

roles/st2repos/meta/main.yml

@@ -0,0 +1,20 @@
+---
+galaxy_info:
+  description: Install StackStorm PackageCloud repository
+  author: armab
+  company: StackStorm
+  license: Apache 2.0
+  min_ansible_version: 2.2
+  platforms:
+    - name: Ubuntu
+      versions:
+        - trusty
+        - xenial
+    - name: EL
+      versions:
+        - 6
+        - 7
+  categories:
+    - stackstorm
+    - repositories
+    - packagecloud

roles/st2repos/tasks/main.yml

@@ -1,4 +1,4 @@
 ---
-# tasks file for st2repos
-
-- include: "{{ ansible_os_family|lower }}.yml"
+- name: Add st2repos on {{ ansible_distribution }}
+  include: st2repos_{{ ansible_pkg_mgr }}.yml
+  tags: st2repos