Merge pull request #1 from companieshouse/initial-implementation

Initial middleware collection implementation

README.md

@@ -1 +1,7 @@
-# ansible-collection-middleware
+# Ansible Collection - companieshouse.middleware
+
+An [Ansible Galaxy](https://galaxy.ansible.com/) collection comprising Ansible roles and playbooks for use in [Companies House](https://github.com/companieshouse) heritage middleware projects.
+
+## License
+
+This project is subject to the terms of the [MIT License](/LICENSE).

meta/runtime.yml

@@ -0,0 +1,3 @@
+---
+
+requires_ansible: '>=2.15.6'

roles/informix_db/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Crown Copyright (Companies House)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

roles/informix_db/defaults/main.yml

@@ -0,0 +1,10 @@
+---
+
+informix_db_chunk_store_path: /data/informix/chunks
+informix_db_dbdate: DMY4
+informix_db_install_path: /opt/informix/14.10
+informix_db_logs_path: /var/log/informix
+informix_db_role_lock_file_prefix: /etc/ansible-role-informix-db-provisioned
+informix_db_service_group: informix
+informix_db_service_user: informix
+informix_db_tape_device_path: /db_dump

roles/informix_db/meta/main.yml

@@ -0,0 +1,9 @@
+galaxy_info:
+  role_name: informix_db
+  author: Companies House
+  description: Provision Informix DB server
+  license: MIT
+  min_ansible_version: 2.15.6
+  galaxy_tags:
+    - informix
+  standalone: false

roles/informix_db/tasks/chunk.yml

@@ -0,0 +1,35 @@
+---
+
+- name: "Resolve path of chunk : {{ dbspace.key }}"
+  ansible.builtin.command: "realpath {{ chunk.path }}"
+  register: chunk_path
+  changed_when: false
+
+- name: "Check state of chunk : {{ dbspace.key }}"
+  ansible.builtin.stat:
+    path: "{{ chunk_path.stdout }}"
+  register: chunk_state
+
+- name: "Create cooked file dbspace chunk : {{ dbspace.key }}"
+  ansible.builtin.file:
+    path: "{{ chunk.path }}"
+    owner: informix
+    group: informix
+    mode: "660"
+    state: touch
+  when: chunk_state.stat.ischr is not defined or not chunk_state.stat.ischr
+
+- name: "Add chunk to dbspace : {{ dbspace.key }}"
+  become: true
+  become_user: "{{ informix_db_server_name }}"
+  ansible.builtin.shell: |
+    set -e
+    source {{ informix_env_file_path }}
+    onspaces \
+        -a {{ dbspace.key }} \
+        -p {{ chunk.path }} \
+        -o {{ chunk.offset_in_kb }} \
+        -s {{ chunk.size_in_kb }}
+  args:
+    executable: /bin/bash
+  changed_when: true

roles/informix_db/tasks/dbspace.yml

@@ -0,0 +1,48 @@
+---
+
+- name: "Check initial chunk configuration is present : {{ dbspace.key }}"
+  ansible.builtin.assert:
+    that:
+      - dbspace.value.initial_chunk is defined
+    msg: "Configuration for dbspace '{{ dbspace.key }}' must include 'initial_chunk' configuration"
+
+- name: "Resolve path of initial dbspace chunk : {{ dbspace.key }}"
+  ansible.builtin.command: "realpath {{ dbspace.value.initial_chunk.path }}"
+  register: initial_chunk_path
+  changed_when: false
+
+- name: "Check state of initial dbspace chunk : {{ dbspace.key }}"
+  ansible.builtin.stat:
+    path: "{{ initial_chunk_path.stdout }}"
+  register: initial_chunk_state
+
+- name: "Create cooked disk initial dbspace chunk : {{ dbspace.key }}"
+  ansible.builtin.file:
+    path: "{{ dbspace.value.initial_chunk.path }}"
+    owner: informix
+    group: informix
+    mode: "660"
+    state: touch
+  when: initial_chunk_state.stat.ischr is not defined or not initial_chunk_state.stat.ischr
+
+- name: "Create dbspace and initial chunk : {{ dbspace.key }}"
+  become: true
+  become_user: "{{ informix_db_server_name }}"
+  ansible.builtin.shell: |
+    set -e
+    source {{ informix_env_file_path }}
+    onspaces -c \
+        -d {{ dbspace.key }} \
+        -p {{ dbspace.value.initial_chunk.path }} \
+        -o {{ dbspace.value.initial_chunk.offset_in_kb }} \
+        -s {{ dbspace.value.initial_chunk.size_in_kb }}"
+  args:
+    executable: /bin/bash
+  changed_when: true
+
+- name: "Provision additional dbspace chunks : {{ dbspace.key }}"
+  ansible.builtin.include_tasks: chunk.yml
+  loop: "{{ dbspace.value.additional_chunks }}"
+  loop_control:
+    loop_var: chunk
+  when: dbspace.value.additional_chunks is defined and dbspace.value.additional_chunks | length > 0

roles/informix_db/tasks/main.yml

@@ -0,0 +1,48 @@
+---
+
+- name: Check required variables are set
+  ansible.builtin.assert:
+    that:
+      - informix_db_config is defined and informix_db_config | length > 0
+      - informix_db_config_templates_path is defined and informix_db_config_templates_path | trim | length > 0
+      - informix_db_logs_path is defined and informix_db_logs_path | trim | length > 0
+      - informix_db_server_name is defined and informix_db_server_name | trim | length > 0
+      - informix_db_vault_path is defined and informix_db_vault_path | trim | length > 0
+    msg: "Required variable(s) empty or undefined"
+
+- name: Create Informix logs directory
+  ansible.builtin.file:
+    path: "{{ informix_db_logs_path }}"
+    owner: "{{ informix_db_service_user }}"
+    group: "{{ informix_db_service_group }}"
+    mode: "755"
+    state: directory
+
+- name: Create Informix tape device directory
+  ansible.builtin.file:
+    path: "{{ informix_db_tape_device_path }}"
+    owner: "{{ informix_db_service_user }}"
+    group: "{{ informix_db_service_group }}"
+    mode: "755"
+    state: directory
+
+- name: Create rhosts config file
+  ansible.builtin.template:
+    src: rhosts.j2
+    dest: "/home/{{ informix_db_service_user }}/.rhosts"
+    owner: "{{ informix_db_service_user }}"
+    group: "{{ informix_db_service_group }}"
+    mode: "600"
+
+- name: Configure user groups
+  ansible.builtin.user:
+    name: "{{ informix_db_service_user }}"
+    group: "{{ informix_db_service_group }}"
+    groups: ""
+
+- name: Retrieve Informix configuration from Hashicorp Vault
+  ansible.builtin.set_fact:
+    informix_vault_config: "{{ lookup('community.hashi_vault.hashi_vault', informix_db_vault_path) | default('') }}"
+
+- name: Provision server instance
+  ansible.builtin.include_tasks: server.yml

roles/informix_db/tasks/root_dbspace.yml

@@ -0,0 +1,52 @@
+---
+
+- name: "Check initial chunk configuration for root dbspace is present : {{ dbspace.key }}"
+  ansible.builtin.assert:
+    that:
+      - dbspace.value.initial_chunk is defined
+    msg: "Configuration for dbspace '{{ dbspace.key }}' must include 'initial_chunk' configuration"
+
+- name: "Resolve path of root dbspace initial chunk : {{ dbspace.key }}"
+  ansible.builtin.command: "realpath {{ dbspace.value.initial_chunk.path }}"
+  register: initial_chunk_path
+  changed_when: false
+
+- name: "Check state of root dbspace initial chunk : {{ dbspace.key }}"
+  ansible.builtin.stat:
+    path: "{{ initial_chunk_path.stdout }}"
+  register: root_chunk_state
+
+- name: "Create cooked file root dbspace initial chunk : {{ dbspace.key }}"
+  ansible.builtin.file:
+    path: "{{ dbspace.value.initial_chunk.path }}"
+    owner: informix
+    group: informix
+    mode: "660"
+    state: touch
+  when: root_chunk_state.stat.ischr is not defined or not root_chunk_state.stat.ischr
+
+- name: "Enable disk initialisation for dbspace provisioning : {{ dbspace.key }}"
+  ansible.builtin.lineinfile:
+    path: "{{ informix_db_install_path }}/etc/onconfig.{{ informix_db_server_name }}"
+    state: present
+    regexp: '^(FULL_DISK_INIT).*'
+    line: '\1 1'
+    backrefs: true
+
+- name: "Initialise root dbspace : {{ dbspace.key }}"
+  become: true
+  become_user: "{{ informix_db_server_name }}"
+  ansible.builtin.shell: |
+    set -e
+    source {{ informix_env_file_path }}
+    oninit -i -y
+  args:
+    executable: /bin/bash
+  changed_when: true
+
+- name: "Provision additional root dbspace chunks : {{ dbspace.key }}"
+  ansible.builtin.include_tasks: chunk.yml
+  loop: "{{ dbspace.value.additional_chunks }}"
+  loop_control:
+    loop_var: chunk
+  when: dbspace.value.additional_chunks is defined and dbspace.value.additional_chunks | length > 0