homework 9.5: complete all tasks

src/homework/09-ci/9.5/infrastructure/.gitignore

@@ -0,0 +1,3 @@
+files/*.pub
+inventory/hosts.yml
+roles/*

src/homework/09-ci/9.5/infrastructure/inventory/group_vars/nexus.yml

@@ -0,0 +1,22 @@
+---
+nexus_user_group: nexus
+nexus_user_name: nexus
+nexus_directory_data: "/home/{{ nexus_user_name }}/sonatype-work/nexus3"
+nexus_directory_home: "/home/{{ nexus_user_name }}/nexus"
+nexus_directory_log: "/home/{{ nexus_user_name }}/log"
+nexus_directory_package: "/home/{{ nexus_user_name }}/pkg"
+nexus_directory_tmp: "/home/{{ nexus_user_name }}/tmp"
+nexus_version: 3.14.0-04
+nexus_download_url: https://download.sonatype.com/nexus/3
+nexus_service_enabled: true
+nexus_ulimit: 65536
+nexus_context_path: /
+nexus_host: 0.0.0.0
+nexus_port: 8081
+nexus_port_check_timeout: 600
+nexus_edition: nexus-oss-edition
+nexus_features: nexus-oss-feature
+nexus_java_heap_size: 1200M
+nexus_java_max_direct_memory: 2G
+nexus_service_start_on_boot: true
+nexus_configuration_disk_free_space_limit: ~

src/homework/09-ci/9.5/infrastructure/inventory/hosts.yml.example

@@ -0,0 +1,12 @@
+---
+all:
+  hosts:
+    nexus-01:
+      ansible_host: <nexushost>
+  children:
+    nexus:
+      hosts:
+        nexus-01:
+  vars:
+    ansible_connection_type: paramiko
+    ansible_user: <user>

src/homework/09-ci/9.5/infrastructure/site.yml

@@ -0,0 +1,158 @@
+---
+- name: Get Nexus installed
+  hosts: nexus
+  pre_tasks:
+    - name: Create Nexus group
+      become: true
+      group:
+        name: "{{ nexus_user_group }}"
+        state: present
+    - name: Create Nexus user
+      become: true
+      user:
+        name: "{{ nexus_user_name }}"
+    - name: Install JDK
+      become: true
+      package:
+        name: [java-1.8.0-openjdk, java-1.8.0-openjdk-devel]
+        state: present
+  tasks:
+    - name: Create Nexus directories
+      become: true
+      file:
+        group: "{{ nexus_user_group }}"
+        owner: "{{ nexus_user_name }}"
+        path: "{{ item }}"
+        state: directory
+      with_items:
+        - "{{ nexus_directory_log }}"
+        - "{{ nexus_directory_data }}"
+        - "{{ nexus_directory_data }}/etc"
+        - "{{ nexus_directory_package }}"
+        - "{{ nexus_directory_tmp }}"
+
+    - name: Download Nexus
+      become: true
+      become_user: "{{ nexus_user_name }}"
+      get_url:
+        dest: "{{ nexus_directory_package }}/nexus-{{ nexus_version }}.tar.gz"
+        url: "{{ nexus_download_url }}/nexus-{{ nexus_version }}-unix.tar.gz"
+
+    - name: Unpack Nexus
+      become: true
+      become_user: "{{ nexus_user_name }}"
+      unarchive:
+        copy: no
+        creates: "{{ nexus_directory_package }}/nexus-{{ nexus_version }}"
+        dest: "{{ nexus_directory_package }}"
+        src: "{{ nexus_directory_package }}/nexus-{{ nexus_version }}.tar.gz"
+
+    - name: Link to Nexus Directory
+      become: true
+      become_user: "{{ nexus_user_name }}"
+      file:
+        dest: "{{ nexus_directory_home }}"
+        src: "{{ nexus_directory_package }}/nexus-{{ nexus_version }}"
+        state: link
+
+    - name: Add NEXUS_HOME for Nexus user
+      become: true
+      become_user: "{{ nexus_user_name }}"
+      lineinfile:
+        create: yes
+        dest: "/home/{{ nexus_user_name }}/.bashrc"
+        insertafter: EOF
+        line: "export NEXUS_HOME={{ nexus_directory_home }}"
+
+    - name: Add run_as_user to Nexus.rc
+      become: true
+      become_user: "{{ nexus_user_name }}"
+      lineinfile:
+        create: yes
+        dest: "{{ nexus_directory_home }}/bin/nexus.rc"
+        insertafter: EOF
+        line: "run_as_user=\"{{ nexus_user_name }}\""
+        regexp: "^run_as_user"
+
+    - name: Raise nofile limit for Nexus user
+      become: true
+      pam_limits:
+        domain: "{{ nexus_user_name }}"
+        limit_type: "-"
+        limit_item: nofile
+        value: "{{ nexus_ulimit }}"
+
+    - name: Create Nexus service for SystemD
+      become: true
+      template:
+        dest: /lib/systemd/system/nexus.service
+        mode: 0644
+        src: nexus.systemd.j2
+
+    - name: Ensure Nexus service is enabled for SystemD
+      become: true
+      systemd:
+        daemon_reload: yes
+        enabled: yes
+        name: nexus
+      when:
+        - nexus_service_enabled
+
+    - name: Create Nexus vmoptions
+      become: true
+      become_user: "{{ nexus_user_name }}"
+      template:
+        dest: "{{ nexus_directory_home }}/bin/nexus.vmoptions"
+        src: nexus.vmoptions.j2
+      register: nexus_config_changed
+
+    - name: Create Nexus properties
+      become: true
+      become_user: "{{ nexus_user_name }}"
+      template:
+        dest: "{{ nexus_directory_data }}/etc/nexus.properties"
+        src: nexus.properties.j2
+      register: nexus_config_changed
+
+    - name: Lower Nexus disk space threshold
+      become: true
+      become_user: "{{ nexus_user_name }}"
+      lineinfile:
+        backrefs: yes
+        dest: "{{ nexus_directory_home }}/etc/karaf/system.properties"
+        insertafter: EOF
+        line: "storage.diskCache.diskFreeSpaceLimit={{ nexus_configuration_disk_free_space_limit }}"
+        regexp: ^storage\.diskCache\.diskFreeSpaceLimit
+      when: nexus_configuration_disk_free_space_limit is not none
+      register: nexus_config_changed
+
+    - name: Start Nexus service if enabled
+      become: true
+      service:
+        enabled: yes
+        name: nexus
+        state: started
+      when:
+        - nexus_service_start_on_boot
+        - not nexus_config_changed.changed
+      tags:
+        - skip_ansible_lint
+
+    - name: Ensure Nexus service is restarted
+      become: true
+      service:
+        name: nexus
+        state: restarted
+      when:
+        - nexus_service_start_on_boot
+        - nexus_config_changed.changed
+      tags:
+        - skip_ansible_lint
+
+    - name: Wait for Nexus port if started
+      wait_for:
+        port: "{{ nexus_port }}"
+        state: started
+        timeout: "{{ nexus_port_check_timeout }}"
+      when:
+        - nexus_service_start_on_boot

src/homework/09-ci/9.5/infrastructure/templates/nexus.properties.j2

@@ -0,0 +1,12 @@
+#
+#
+
+# Jetty section
+application-host={{ nexus_host }}
+application-port={{ nexus_port }}
+nexus-context-path={{ nexus_context_path }}
+
+# Nexus section
+nexus-edition={{ nexus_edition }}
+nexus-features=\
+  {{ nexus_features }}

src/homework/09-ci/9.5/infrastructure/templates/nexus.systemd.j2

@@ -0,0 +1,15 @@
+[Unit]
+Description=nexus service
+After=network.target
+
+[Service]
+Type=forking
+User={{ nexus_user_name }}
+Group={{ nexus_user_group }}
+LimitNOFILE={{ nexus_ulimit }}
+ExecStart={{ nexus_directory_home }}/bin/nexus start
+ExecStop={{ nexus_directory_home }}/bin/nexus stop
+Restart=on-abort
+
+[Install]
+WantedBy=multi-user.target

src/homework/09-ci/9.5/infrastructure/templates/nexus.vmoptions.j2

@@ -0,0 +1,16 @@
+-Xms{{ nexus_java_heap_size }}
+-Xmx{{ nexus_java_heap_size }}
+-XX:MaxDirectMemorySize={{ nexus_java_max_direct_memory }}
+-XX:+UnlockDiagnosticVMOptions
+-XX:+UnsyncloadClass
+-XX:+LogVMOutput
+-XX:LogFile={{ nexus_directory_log }}/jvm.log
+-XX:-OmitStackTraceInFastThrow
+-Djava.net.preferIPv4Stack=true
+-Dkaraf.home=.
+-Dkaraf.base=.
+-Dkaraf.etc=etc/karaf
+-Djava.util.logging.config.file=etc/karaf/java.util.logging.properties
+-Dkaraf.data={{ nexus_directory_data }}
+-Djava.io.tmpdir={{ nexus_directory_tmp }}
+-Dkaraf.startLocalConsole=false