Commit 9e01eaef authored by Alex Feigenson's avatar Alex Feigenson
Browse files

Seeding repo

parents
The MIT License (MIT)
Copyright (c) 2017 Alex Feigenson
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Ansible Role: Guacamole
=========
This Ansible role will configure Apache's Guacamole on Ubuntu 16.04 (Xenial)
complete with MariaDB.
It is *strongly* advised that you run `mysql_secure_installation` after this is run. This role does *not* create a MariaDB root password.
Requirements
------------
Works with Ansible 2.4.
Requires `become` or running as the `root` user. You can use `--ask-become-pass` when running.
Role Variables
--------------
The following variables are set in `defaults/main`:
| Variable | Description | Default |
|--------------------------|------------------------------|-------------------------------
|guacamole_version | Guacamole version to install | `currently 0.9.13-incubating`|
|guacamole_db_user | Guacamole MariaDB username, | `guacamole` |
|guacamole_db_password | Guacamole MariaDB password, | `foo1234!` |
|guacamole_db_name | Guacamole MariaDB database | `guacamole_db` |
|mysql_java_client_version | MySQL Java Client version | `5.1.44` |
|guacamole_apt_install | Apt packages to install | Lots! |
*Note:* For earlier versions of Ubuntu than 16.04, some packages will be different,
specifically `libjpeg` and `tomcat`. You can override the versions in your own variables file.
Example Playbook
----------------
```
- hosts: guacamole-host
become: yes
roles: alexfeig.ansible-role-guacamole
```
Information
------------------
This role was created by [Alex Feigenson](https://github.com/alexfeig)
To Do List
------------------
* Maybe add in an nginx proxy
* Optional MariaDB install
* Add travis integration (need to account for 16.04)
---
### Guacamole Settings
guacamole_version: 0.9.13-incubating
guacamole_db_user: guacamole
guacamole_db_password: 'foo'
guacamole_db_name: guacamole_db
### Mysql settings (mysql java client)
mysql_java_client_version: 5.1.44
### Packages to install
guacamole_apt_install:
- tomcat8
- libcairo2-dev
- libjpeg-turbo8-dev
- libpng12-dev
- libossp-uuid-dev
- libavcodec-dev
- libavutil-dev
- libswscale-dev
- libfreerdp-dev
- libpango1.0-dev
- libssh2-1-dev
- libtelnet-dev
- libvncserver-dev
- libpulse-dev
- libssl-dev
- libvorbis-dev
- libwebp-dev
- gcc
- git
- mariadb-server
- python-mysqldb
galaxy_info:
author: Alex Feigenson (alexfeig)
description: Ansible role for installing Apache Guacamole on Ubuntu 16.04 with MariaDB for authentication
license: MIT
min_ansible_version: 2.4
platforms:
- name: Ubuntu
versions:
- xenial
galaxy_tags:
- guacamole
- tomcat
- rdp
- vnc
- telnet
- ssh
- mariadb
dependencies: []
---
- name: Checking if database {{ guacamole_db_name }} exists
shell: mysql -e 'SHOW DATABASES;' | grep {{ guacamole_db_name }}
register: database_status
become: true
changed_when: false
failed_when: false
- name: Creating guacamole database
mysql_db:
name: "{{ guacamole_db_name }}"
state: present
become: true
when: database_status.stdout == ""
- name: Creating mysql user {{ guacamole_db_user }}
mysql_user:
name: "{{ guacamole_db_user }}"
password: "{{ guacamole_db_password }}"
priv: '{{ guacamole_db_name }}.*:SELECT,INSERT,UPDATE,DELETE'
host: localhost
state: present
become: true
- name: Importing guacamole schema
mysql_db:
state: import
name: "{{ guacamole_db_name }}"
target: /tmp/guacamole-auth-jdbc-{{ guacamole_version }}/mysql/schema/001-create-schema.sql
become: true
when: database_status.stdout == ""
- name: Importing guacamole user 'guacadmin'
mysql_db:
state: import
name: "{{ guacamole_db_name }}"
target: /tmp/guacamole-auth-jdbc-{{ guacamole_version }}/mysql/schema/002-create-admin-user.sql
become: true
when: database_status.stdout == ""
- name: Creating guacamole.properties file
template:
src: guacamole.properties.j2
dest: /etc/guacamole/guacamole.properties
become: true
- name: Enabling guacd service
systemd:
name: guacd
enabled: yes
state: started
become: true
- name: Restarting tomcat8
systemd:
name: tomcat8
state: restarted
enabled: true
become: true
changed_when: false
- name: Enabling Guacamole service
systemd:
name: guacd
state: started
enabled: yes
become: true
---
- name: Retrieving guacamole-{{ guacamole_version }}.war
get_url:
url: http://apache.org/dyn/closer.cgi?action=download&filename=incubator/guacamole/{{ guacamole_version }}/binary/guacamole-{{ guacamole_version }}.war
dest: /var/lib/tomcat8/webapps/guacamole.war
become: true
---
- name: Creating guacamole configuration directory
file:
path: /etc/guacamole
state: directory
become: true
- name: Symlinking guacamole configuration directory
file:
src: /etc/guacamole
dest: /usr/share/tomcat8/.guacamole
state: link
become: true
- name: Creating guacamole lib directory
file:
path: /etc/guacamole/lib
state: directory
become: true
- name: Retrieving mysql-connector-java-{{ mysql_java_client_version }}.tar.gz
get_url:
url: https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-{{ mysql_java_client_version }}.tar.gz
dest: /tmp/
become: true
- name: Unarchiving mysql-connector-java-{{ mysql_java_client_version }}.tar.gz
unarchive:
src: /tmp/mysql-connector-java-{{ mysql_java_client_version }}.tar.gz
dest: /tmp/
copy: no
- name: Creating guacamole extensions directory
file:
path: /etc/guacamole/extensions
state: directory
become: true
- name: Copying mysql-connector-java-{{ mysql_java_client_version }}-bin.jar
copy:
src: /tmp/mysql-connector-java-{{ mysql_java_client_version }}/mysql-connector-java-{{ mysql_java_client_version }}-bin.jar
dest: /etc/guacamole/lib/
remote_src: yes
become: true
- name: Retrieving guacamole-auth-jdbc-{{ guacamole_version }}
get_url:
url: http://apache.org/dyn/closer.cgi?action=download&filename=incubator/guacamole/{{ guacamole_version }}/binary/guacamole-auth-jdbc-{{ guacamole_version }}.tar.gz
dest: /tmp/
- name: Unarchiving guacamole-auth-jdbc-{{ guacamole_version }}
unarchive:
src: /tmp/guacamole-auth-jdbc-{{ guacamole_version }}.tar.gz
dest: /tmp/
copy: no
- name: Copying guacamole-auth-jdbc-mysql-{{ guacamole_version }}.jar
copy:
src: /tmp/guacamole-auth-jdbc-{{ guacamole_version }}/mysql/guacamole-auth-jdbc-mysql-{{ guacamole_version }}.jar
dest: /etc/guacamole/extensions/
remote_src: yes
become: true
---
- name: Retrieving guacamole-server-{{ guacamole_version }}.tar.gz
get_url:
url: http://apache.org/dyn/closer.cgi?action=download&filename=incubator/guacamole/{{ guacamole_version }}/source/guacamole-server-{{ guacamole_version }}.tar.gz
dest: /tmp/
- name: Unarchiving guacamole-server-{{ guacamole_version }}.tar.gz
unarchive:
src: /tmp/guacamole-server-{{ guacamole_version }}.tar.gz
dest: /tmp/
copy: no
- name: Running guacamole configure script
shell: ./configure --with-init-dir=/etc/init.d
args:
chdir: /tmp/guacamole-server-{{ guacamole_version }}
become: true
changed_when: false
- name: Making guacamole-server (This will take some time)
make:
chdir: /tmp/guacamole-server-{{ guacamole_version }}/
become: true
changed_when: false
- name: Make install guacamole-server
make:
chdir: /tmp/guacamole-server-{{ guacamole_version }}/
target: install
become: true
changed_when: false
- name: Running ldconfig
shell: ldconfig
become: true
changed_when: false
---
- name: Upgrading aptitude version
apt:
name: aptitude
become: 'true'
- name: Updating apt repos
apt:
update_cache: 'yes'
become: 'true'
changed_when: false
- name: Installing required packages
action: apt pkg={{ item }} state=present
with_items: "{{ guacamole_apt_install }}"
become: 'true'
---
- import_tasks: install_packages.yml
- import_tasks: install_guacamole_server.yml
- import_tasks: install_guacamole_client.yml
- import_tasks: install_guacamole_mysql_authentication.yml
- import_tasks: configure_guacamole.yml
mysql-hostname: localhost
mysql-port: 3306
mysql-database: {{ guacamole_db_name }}
mysql-username: {{ guacamole_db_user }}
mysql-password: {{ guacamole_db_password }}
---
- hosts: all
gather_facts: no
roles:
- ../../ansible-role-guacamole
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment