-
Notifications
You must be signed in to change notification settings - Fork 53
/
solr.yml
119 lines (104 loc) · 3.52 KB
/
solr.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
---
- hosts: solr
become: yes
any_errors_fatal: true
roles:
- role: geerlingguy.java
when: "ansible_os_family == 'Debian' and islandora_build_base_box|bool == True"
java_packages:
- openjdk-8-jdk
- role: geerlingguy.java
when: "ansible_os_family == 'RedHat' and islandora_build_base_box|bool == True"
java_packages:
- java-11-openjdk
#- java-1.8.0-openjdk
- role: geerlingguy.solr
when: islandora_build_base_box|bool == True
tasks:
- name: Make tmp dir for solr config
file:
path: /tmp/solr_config
state: directory
tags: solr
- name: Unarchive solr config
unarchive:
src: http://{{ hostvars[groups['webserver'][0]].ansible_host }}:{{ apache_listen_port }}/solr_config.zip
dest: /tmp/solr_config
remote_src: yes
tags: solr
when: islandora_build_base_box|bool == False
- name: Get solr config files to copy
command: "find /tmp/solr_config -type f"
register: files_to_copy
changed_when: false
until: files_to_copy is not failed
retries: 5
tags: solr
when: islandora_build_base_box|bool == False
- name: Copy solr config files
copy:
src: "{{ item }}"
dest: "{{ solr_instance_conf_path }}"
owner: "{{ solr_user }}"
group: "{{ solr_user }}"
remote_src: True
with_items:
- "{{ files_to_copy.stdout_lines }}"
tags: solr
when: islandora_build_base_box|bool == False
# https://www.drupal.org/project/search_api_solr/issues/3015993
- name: Set solr_install_path in solrcore.properties
lineinfile:
path: "{{ solr_instance_conf_path }}/solrcore.properties"
regexp: '^solr\.install\.dir=.*$'
line: solr.install.dir={{ solr_install_path }}
state: present
notify: restart solr
tags: solr
when: islandora_build_base_box|bool == False
- name: Fetch a Solr query to warm up the application
uri:
url: http://{{ hostvars[groups['solr'][0]].ansible_host }}:8983/solr/{{ solr_cores[0] }}/select?q=warm
method: GET
return_content: yes
status_code: [200,412]
register: solr_webpage
until: solr_webpage.status == 200
retries: 20
delay: 3
tags: solr
# Log4j December 2021 vulnurability fix.
- name: Install zip command Debian
apt:
name: "zip"
state: present
cache_valid_time: 3600
when: "islandora_build_base_box|bool == True and ansible_os_family == 'Debian'"
- name: Install zip command RedHat
yum:
name: "zip"
state: present
when: "islandora_build_base_box|bool == True and ansible_os_family == 'RedHat'"
- name: Find any instances of vulnurable Log4J core JAR file
command: "find / -name log4j-core-2.1[0,1,2,3,4,5].?.jar"
register: log4j_jars
changed_when: false
until: files_to_copy is not failed
retries: 5
ignore_errors: yes
tags: solr
when: islandora_build_base_box|bool == True
- name: Delete Log4J JNDI class from JARs
command: "zip -q -d {{ item }} org/apache/logging/log4j/core/lookup/JndiLookup.class"
with_items:
- "{{ log4j_jars.stdout_lines }}"
ignore_errors: yes
tags: solr
when: islandora_build_base_box|bool == True
- name: Restart SOLR to make config take effect.
service:
name: "solr"
state: restarted
- name: Sleep for 5 seconds after SOLR restarted.
wait_for:
timeout: 5