Merge branch 'development'

UtrechtUniversity · Mar 28, 2024 · 58b4163 · 58b4163
2 parents 741443f + e1a8dc4
commit 58b4163
Show file tree

Hide file tree

Showing 9 changed files with 90 additions and 4 deletions.
diff --git a/environments/development/host_vars/epos-msl b/environments/development/host_vars/epos-msl
@@ -7,6 +7,7 @@
 ansible_host: 192.168.60.10                       # EPOS-MSL host
 ansible_user: vagrant                             # Administrative user on instance for Ansible
 ansible_ssh_private_key_file: vagrant/ssh/vagrant # Path to private key file of administrative user
+commons_use_google_dns: true
 
 #########################
 # EPOS-MSL configuration

diff --git a/roles/ckan/tasks/main.yml b/roles/ckan/tasks/main.yml
@@ -263,7 +263,7 @@
   become: true
   become_user: postgres
   ansible.builtin.command: 'psql -d ckan_default -c "select * from public.user"'
-  ignore_errors: true
+  failed_when: "userlist.rc != 0 and 'ERROR:  relation \"public.user\" does not exist' not in userlist.stderr"
   register: userlist
   changed_when: false
   vars:
@@ -277,13 +277,13 @@
   vars:
     # Pipelininig is needed for internal temporary files
     ansible_ssh_pipelining: true
-  when: 'userlist.rc !=0 or "default" not in userlist.stdout'
+  when: 'userlist.rc != 0 or "default" not in userlist.stdout'
 
 # Reload supervisorctl as task, because there is no way to enforce ordering in
 # Ansible handlers, and we need to reload before we can start tasks.
 - name: Reload supervisorctl  # noqa command-instead-of-module
   ansible.builtin.command: supervisorctl reload
-  when: 'userlist.rc !=0 or "default" not in userlist.stdout'
+  when: 'userlist.rc != 0 or "default" not in userlist.stdout'
 
 - name: Check if CKAN admin user exists
   become_user: root

diff --git a/roles/common/defaults/main.yml b/roles/common/defaults/main.yml
@@ -0,0 +1,4 @@
+---
+# copyright Utrecht University
+
+commons_use_google_dns: false
diff --git a/roles/common/files/resolved.conf b/roles/common/files/resolved.conf
@@ -0,0 +1,24 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+#
+# Entries in this file show the compile time defaults.
+# You can change settings by editing this file.
+# Defaults can be restored by simply deleting this file.
+#
+# See resolved.conf(5) for details
+
+[Resolve]
+DNS=8.8.8.8
+FallbackDNS=8.8.4.4
+#Domains=
+#LLMNR=no
+#MulticastDNS=no
+#DNSSEC=no
+#DNSOverTLS=no
+#Cache=no-negative
+#DNSStubListener=yes
+#ReadEtcHosts=yes
diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml
@@ -5,3 +5,9 @@
   ansible.builtin.service:
     name: firewalld
     state: restarted
+
+
+- name: Restart systemd-resolved
+  ansible.builtin.service:
+    name: systemd-resolved
+    state: restarted
diff --git a/roles/common/tasks/google_dns.yml b/roles/common/tasks/google_dns.yml
@@ -0,0 +1,15 @@
+---
+# copyright Utrecht University
+
+- name: Update systemd-resolved config to use Google DNS servers
+  ansible.builtin.copy:
+    src: files/resolved.conf
+    dest: /etc/systemd/resolved.conf
+    owner: root
+    group: root
+    mode: "0644"
+  notify: Restart systemd-resolved
+
+
+- name: Flush handlers for immediate effect of changing DNS configuration
+  ansible.builtin.meta: flush_handlers
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
@@ -1,6 +1,9 @@
 ---
 # copyright Utrecht University
 
+- name: Update local DNS settings
+  ansible.builtin.import_tasks: google_dns.yml
+  when: commons_use_google_dns
 - name: Run apt update
   ansible.builtin.import_tasks: apt_update.yml
 - name: Configure firewall

diff --git a/roles/msl_api/handlers/main.yml b/roles/msl_api/handlers/main.yml
@@ -10,7 +10,7 @@
 # Call command, rather than module, because module doesn't work
 # right on Ubuntu 20.04
 - name: Restart Laravel Worker Process # noqa command-instead-of-module
-  ansible.builtin.command: supervisorctl restart laravel-worker:laravel-worker_00
+  ansible.builtin.shell: sleep 6 && supervisorctl stop laravel-worker:laravel-worker_00 && sleep 6 && supervisorctl start laravel-worker:laravel-worker_00
 
 - name: Reload MSL-API configuration
   ansible.builtin.command: /usr/bin/php8.0 artisan config:cache

diff --git a/vagrant/provision_controller.sh b/vagrant/provision_controller.sh
@@ -4,6 +4,39 @@
 set -e
 set -x
 
+# Configure VM to use Google DNS servers - the default configuration
+# does not work reliably on Windows.
+
+cat << RESOLVEDCONF > resolved.conf
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+#
+# Entries in this file show the compile time defaults.
+# You can change settings by editing this file.
+# Defaults can be restored by simply deleting this file.
+#
+# See resolved.conf(5) for details
+
+[Resolve]
+DNS=8.8.8.8
+FallbackDNS=8.8.4.4
+#Domains=
+#LLMNR=no
+#MulticastDNS=no
+#DNSSEC=no
+#DNSOverTLS=no
+#Cache=no-negative
+#DNSStubListener=yes
+#ReadEtcHosts=yes
+RESOLVEDCONF
+
+sudo cp resolved.conf /etc/systemd
+sudo systemctl restart systemd-resolved
+
 sudo apt update
 
 # Install Git if not present.