Meza/Commands
Help
editOnce installed, if you run the meza
command all by itself, it will display help like the following:
Mediawiki EZ Admin Usage: meza COMMAND [directives] To setup a multi-server environment, do: $ meza setup env # Setup the environment, following prompts # Edit config as required: $ sudo vi /opt/conf-meza/secret/<env-name>/hosts $ sudo vi /opt/conf-meza/secret/<env-name>/secret.yml $ sudo meza deploy <env-name> Commands Directives Description --------------------------------------------------------------- install dev-networking Setup networking on VM monolith Install server on this machine docker Install Docker (CentOS only) deploy <environment name> Deploy your server setup env Setup an environment dev Setup dev features (Git, FTP) create wiki Create a wiki wiki-promptless Create a wiki without prompts backup <environment name> Create a backup of an env docker run (experimental) Start container exec Execute command on container Every command has directives. If you run any command without directives it will provide help for that command.
meza deploy
is the meat and potatoes of Meza. It is the command you use most frequently. It executes a lot of tasks.
Visual Overview of Deploy
editFor a visual graph of the site.yml playbook, see https://github.com/freephile/meza/issues/63#issuecomment-2020500463 and https://github.com/freephile/meza/issues/63#issuecomment-2020525222
Pass-through
editMeza is written in Python, and is a logic wrapper to Ansible underneath. Meza ultimately passes through command-line options and arguments to Ansible's ansible-playbook
command. You can see this when you issue a meza command, as the first thing it outputs is the underlying ansible command being executed. For example:
sudo meza deploy <environment> --list-tags
(where <environment>
is your environment name, which is likely monolith
or vagrant
)
Shows this:
sudo -u meza-ansible ansible-playbook /opt/meza/src/playbooks/site.yml -i /opt/conf-meza/secret/monolith/hosts --vault-password-file /opt/conf-meza/users/meza-ansible/.vault-pass-monolith.txt --extra-vars '{"env": "monolith"}' --list-tags
So, if there are ansible-playbook
options that you wish to use, you can do so. Particularly useful for getting to know Meza are the --list-tags
, and --list-tasks
options to ansible-playbook. These options cause Ansible to go into a 'dry-run
' mode for the playbook, telling you more about it without executing any actions.
Meanwhile, the --tags
and --skip-tags
options control Ansible's selection of what specific tasks to run, according to the tags associated with tasks in the playbook. These come in handly when you want to target a specific aspect of your deployment.
Tags
editFollowed by the number of plays, and the tags associated with each:
sudo meza deploy monolith --list-tags
(Example only. Real output will change as development is ongoing.) playbook: /opt/meza/src/playbooks/site.yml play #1 (localhost): localhost TAGS: [] TASK TAGS: [] play #2 (app-servers): app-servers TAGS: [] TASK TAGS: [] play #3 (all:!exclude-all:!load-balancers-unmanaged): all:!exclude-all:!load-balancers-unmanaged TAGS: [base] TASK TAGS: [base, latest] play #4 (load-balancers): load-balancers TAGS: [load-balancer] TASK TAGS: [load-balancer] play #5 (app-servers): app-servers TAGS: [apache-php] TASK TAGS: [apache-php, latest] play #6 (app-servers): app-servers TAGS: [gluster] TASK TAGS: [gluster] play #7 (memcached-servers): memcached-servers TAGS: [memcached] TASK TAGS: [latest, memcached] play #8 (db-master): db-master TAGS: [database] TASK TAGS: [database] play #9 (db-slaves): db-slaves TAGS: [database] TASK TAGS: [database] play #10 (elastic-servers): elastic-servers TAGS: [elasticsearch] TASK TAGS: [elasticsearch] play #11 (app-servers): app-servers TAGS: [mediawiki] TASK TAGS: [composer-extensions, git-core-extensions, git-extensions, git-local-extensions, git-submodules, latest, mediawiki, search-index, smw-data, update.php, verify-wiki] play #12 (parsoid-servers): parsoid-servers TAGS: [parsoid] TASK TAGS: [latest, parsoid, parsoid-deps] play #13 (logging-servers): logging-servers TAGS: [logging] TASK TAGS: [logging] play #14 (all:!exclude-all:!load-balancers-unmanaged): all:!exclude-all:!load-balancers-unmanaged TAGS: [cron] TASK TAGS: [cron]
Tasks
editThere is a lot of detail in the list-tasks output.
In the task list, you can see tags that are associated at the task level. Again, this command will not execute a deploy. It will show you the tasks that would be run.
sudo meza deploy monolith --list-tasks
(Example only. Real output will change as development is ongoing.)
meza deploy monolith --list-tasks Create deploy lock file at /opt/data-meza/env-monolith-deploy.lock su meza-ansible -c "ansible-playbook /opt/meza/src/playbooks/site.yml -i /opt/conf-meza/secret/monolith/hosts --vault-password-file /opt/conf-meza/vault/vault-pass-monolith.txt --extra-vars '{\"env\": \"monolith\"}' --list-tasks" playbook: /opt/meza/src/playbooks/site.yml play #1 (localhost): localhost TAGS: [] tasks: Get Meza install path TAGS: [] set_fact TAGS: [] Ensure no password on meza-ansible user on controller TAGS: [] Ensure controller has user alt-meza-ansible TAGS: [] Ensure user alt-meza-ansible .ssh dir configured TAGS: [] Copy meza-ansible keys to alt-meza-ansible TAGS: [] Copy meza-ansible known_hosts to alt-meza-ansible TAGS: [] Ensure secret.yml owned by meza-ansible TAGS: [] Ensure {{ m_conf_dir }} owned by meza-ansible TAGS: [] play #2 (all:!exclude-all:!load_balancers_nonmeza:!load_balancers_nonmeza_external:!load_balancers_nonmeza_internal): all:!exclude-all:!load_balancers_nonmeza:!load_balancers_nonmeza_external:!load_balancers_nonmeza_internal TAGS: [] tasks: umask-set : Set umask for duration of deploy TAGS: [] play #3 (localhost): localhost TAGS: [autodeployer,controller] tasks: set-vars : Get Meza install path TAGS: [autodeployer, controller] set_fact TAGS: [autodeployer, controller] set-vars : Set OS-family specific variables TAGS: [autodeployer, controller] set-vars : Set meza-core path variables TAGS: [autodeployer, controller] set-vars : Set meza-core default variables TAGS: [autodeployer, controller] set-vars : If using gluster (app_servers > 1), override m_uploads_dir TAGS: [autodeployer, controller] set-vars : Set meza local public variables TAGS: [autodeployer, controller] set-vars : Get individual wikis dirs from localhost TAGS: [autodeployer, controller] set_fact TAGS: [autodeployer, controller] set-vars : Set meza environment-specific public variables for env={{ env }} TAGS: [autodeployer, controller] set-vars : Set meza local secret variables TAGS: [autodeployer, controller] init-controller-config : Does controller have local config TAGS: [autodeployer, controller] init-controller-config : Get local config repo if set TAGS: [autodeployer, controller] init-controller-config : Does controller have local config TAGS: [autodeployer, controller] init-controller-config : Ensure m_local_public configured on controller TAGS: [autodeployer, controller, file-perms] init-controller-config : Ensure m_local_public/wikis exists TAGS: [autodeployer, controller] init-controller-config : Ensure pre/post/saml settings directories exists in config TAGS: [autodeployer, controller] init-controller-config : Ensure base files present, do NOT overwrite TAGS: [autodeployer, controller] init-controller-config : Ensure {{ m_meza }} properly owned TAGS: [autodeployer, controller, file-perms] init-controller-config : Ensure {{ m_local_secret }} directories properly owned/moded TAGS: [autodeployer, controller, file-perms] init-controller-config : Ensure {{ m_local_secret }} files properly owned/moded TAGS: [autodeployer, controller, file-perms] set_fact TAGS: [autodeployer, controller] set_fact TAGS: [autodeployer, controller] Ensure autodeployer cron in place TAGS: [autodeployer, controller] enforce-meza-version : Ensure proper Meza version TAGS: [autodeployer, controller] play #4 (localhost): localhost TAGS: [] tasks: set-vars : Get Meza install path TAGS: [] set_fact TAGS: [] set-vars : Set OS-family specific variables TAGS: [] set-vars : Set meza-core path variables TAGS: [] set-vars : Set meza-core default variables TAGS: [] set-vars : If using gluster (app_servers > 1), override m_uploads_dir TAGS: [] set-vars : Set meza local public variables TAGS: [] set-vars : Get individual wikis dirs from localhost TAGS: [] set_fact TAGS: [] set-vars : Set meza environment-specific public variables for env={{ env }} TAGS: [] set-vars : Set meza local secret variables TAGS: [] set_fact TAGS: [] set_fact TAGS: [] Ensure autodeployer cron in place TAGS: [] play #5 (all:!exclude-all:!load_balancers_nonmeza:!load_balancers_nonmeza_external:!load_balancers_nonmeza_internal): all:!exclude-all:!load_balancers_nonmeza:!load_balancers_nonmeza_external:!load_balancers_nonmeza_internal TAGS: [base] tasks: set-vars : Get Meza install path TAGS: [base] set_fact TAGS: [base] set-vars : Set OS-family specific variables TAGS: [base] set-vars : Set meza-core path variables TAGS: [base] set-vars : Set meza-core default variables TAGS: [base] set-vars : If using gluster (app_servers > 1), override m_uploads_dir TAGS: [base] set-vars : Set meza local public variables TAGS: [base] set-vars : Get individual wikis dirs from localhost TAGS: [base] set_fact TAGS: [base] set-vars : Set meza environment-specific public variables for env={{ env }} TAGS: [base] set-vars : Set meza local secret variables TAGS: [base] base : Ensure user's meza-ansible and alt-meza-ansible in group "wheel" TAGS: [base] base : Ensure user alt-meza-ansible .ssh dir configured TAGS: [base] base : Copy meza-ansible authorized_keys to alt-meza-ansible TAGS: [base] base : Ensure user meza-ansible and alt-meza-ansible authorized_keys configured TAGS: [base] base : Set authorized key for alt-meza-ansible TAGS: [base] base : Ensure no password on alt-meza-ansible user TAGS: [base] base : Ensure /etc/sudoers.d/meza-ansible in place TAGS: [base] base : Ensure PackageKit is removed TAGS: [base] base : ensure deltarpm is installed and latest TAGS: [base, latest] base : Ensure apt cache updated (Debian only) TAGS: [base] base : Ensure aptitude installed to use Ansible 'package' (Debian only) TAGS: [base] base : Upgrade all packages TAGS: [base, latest, upgrade-packages] base : Ensure EPEL installed via epel-release package (CentOS and Rocky Linux) TAGS: [base, latest] base : Check if EPEL repo is already configured (RedHat only) TAGS: [base, latest] base : Ensure EPEL installed via URL (RedHat only) TAGS: [base, latest] base : Import EPEL GPG key (RedHat only) TAGS: [base, latest] base : Ensure optional repos enabled (RedHat Only) TAGS: [base, latest] base : ensure libselinux-python installed prior to SELinux (RedHat/CentOS only) TAGS: [base, latest] base : Ensure python3-selinux installed for Rocky/RHEL8 TAGS: [base, latest] base : Ensure dnf versionlock is installed TAGS: [base] base : Pin packages for Ansible and Python TAGS: [base] Ensure base packages installed CentOS7/RHEL7/Debian TAGS: [base, latest] Install Rocky/RHEL8 base packages TAGS: [base, latest] base : Ensure selinux-policy installed (RedHat/CentOS only) TAGS: [base, latest] base : put SELinux in permissive mode (RedHat/CentOS only) TAGS: [base] base : Ensure firewalld is running and enable it at boot (RedHat/CentOS only) TAGS: [base] base : Ensure UFW is enabled and denying access by default (Debian only) TAGS: [base] ufw TAGS: [base] base : Ensure sshd is running and enabled TAGS: [base] base : Ensure SSH client and SSH Daemon configs in place TAGS: [base] base : Ensure SSH client and SSH Daemon configs in place TAGS: [base] base : Ensure NTP is running and enabled as configured. TAGS: [base] base : Enable chrony for Rocky/RHEL8 TAGS: [base] base : Copy the ntp.conf template file TAGS: [base] base : Ensure install directory configured TAGS: [base] base : Ensure data directory configured TAGS: [base] base : Ensure deploy directory in place TAGS: [base] base : Ensure {{ m_tmp }} exists TAGS: [base] base : Ensure {{ m_logs }} exists TAGS: [base] base : Ensure {{ m_logs }} sub directories exist TAGS: [base] base : Ensure crontab empty for meza-ansible when overwriting wikis TAGS: [base] base : Ensure CA package installed TAGS: [base] base : Copy any custom PEM-format CA certs into place TAGS: [base] base : Copy any custom OpenSSL extended-format CA certs into place TAGS: [base] base : Update CA trust if certs changed TAGS: [base] base : Ensure meza-ansible has .gitconfig TAGS: [base] base : Check if obsolete Node.JS version of Parsoid exists on this server TAGS: [base] base : Do Parsoid cleanup if {{ m_parsoid_service_path }} exists TAGS: [base] base-config-scripts : Ensure config variables available in PHP and shell files TAGS: [base] play #6 (load_balancers,load_balancers_meza_internal,load_balancers_meza_external): load_balancers,load_balancers_meza_internal,load_balancers_meza_external TAGS: [haproxy,load_balancers,load-balancer] tasks: set-vars : Get Meza install path TAGS: [haproxy, load-balancer, load_balancers] set_fact TAGS: [haproxy, load-balancer, load_balancers] set-vars : Set OS-family specific variables TAGS: [haproxy, load-balancer, load_balancers] set-vars : Set meza-core path variables TAGS: [haproxy, load-balancer, load_balancers] set-vars : Set meza-core default variables TAGS: [haproxy, load-balancer, load_balancers] set-vars : If using gluster (app_servers > 1), override m_uploads_dir TAGS: [haproxy, load-balancer, load_balancers] set-vars : Set meza local public variables TAGS: [haproxy, load-balancer, load_balancers] set-vars : Get individual wikis dirs from localhost TAGS: [haproxy, load-balancer, load_balancers] set_fact TAGS: [haproxy, load-balancer, load_balancers] set-vars : Set meza environment-specific public variables for env={{ env }} TAGS: [haproxy, load-balancer, load_balancers] set-vars : Set meza local secret variables TAGS: [haproxy, load-balancer, load_balancers] set_fact TAGS: [haproxy, load-balancer, load_balancers] set_fact TAGS: [haproxy, load-balancer, load_balancers] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only) TAGS: [haproxy, load-balancer, load_balancers] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only) TAGS: [haproxy, load-balancer, load_balancers] Ensure UFW port {{ firewall_port }} open for list of servers (Debian only) TAGS: [haproxy, load-balancer, load_balancers] Ensure UFW port {{ firewall_port }} open from all sources (Debian only) TAGS: [haproxy, load-balancer, load_balancers] haproxy : Set fact if this load balancer will handle external connections (80/443) TAGS: [haproxy, load-balancer, load_balancers] haproxy : Set fact if this load balancer will NOT handle external connections TAGS: [haproxy, load-balancer, load_balancers] haproxy : Set fact if this load balancer will handle internal connections TAGS: [haproxy, load-balancer, load_balancers] haproxy : Set fact if this load balancer will NOT handle internal connections TAGS: [haproxy, load-balancer, load_balancers] Install haproxy packages TAGS: [haproxy, load-balancer, load_balancers] Ensure haproxy certs directory exists TAGS: [haproxy, load-balancer, load_balancers] haproxy : Check if secret config on CONTROLLER has SSL keys TAGS: [haproxy, load-balancer, load_balancers] haproxy : Ensure config SSL directory exists TAGS: [haproxy, load-balancer, load_balancers] haproxy : If not exists, create self-signed SSL cert on CONTROLLER TAGS: [haproxy, load-balancer, load_balancers] haproxy : Ensure SSL cert and key are encrypted TAGS: [haproxy, load-balancer, load_balancers] haproxy : Read SSL key into variable TAGS: [haproxy, load-balancer, load_balancers] haproxy : Read SSL cert into variable TAGS: [haproxy, load-balancer, load_balancers] haproxy : Ensure SSL cert on load balancers TAGS: [haproxy, load-balancer, load_balancers] haproxy : Ensure SSL key on load balancers TAGS: [haproxy, load-balancer, load_balancers] haproxy : Ensure cert and key assembled into into pem file TAGS: [haproxy, load-balancer, load_balancers] Ensure haproxy certs have secure permissions TAGS: [haproxy, load-balancer, load_balancers] write the haproxy config file TAGS: [haproxy, load-balancer, load_balancers] haproxy : Ensure error files directory in place TAGS: [haproxy, load-balancer, load_balancers] haproxy : Ensure error pages in place TAGS: [haproxy, load-balancer, load_balancers] Ensure firewalld haproxy service files in place TAGS: [haproxy, load-balancer, load_balancers] Ensure SELinux context for firewalld haproxy service files TAGS: [haproxy, load-balancer, load_balancers] haproxy : Create list of ports to open to the world TAGS: [haproxy, load-balancer, load_balancers] Ensure port {{ fully_open_ports | join(', ') }} open to the world for haproxy TAGS: [haproxy, load-balancer, load_balancers] Ensure firewall port 1936 OPEN when haproxy stats ENABLED TAGS: [haproxy, load-balancer, load_balancers] Ensure firewall port 1936 CLOSED when haproxy stats DISABLED TAGS: [haproxy, load-balancer, load_balancers] Ensure firewall port 8088 OPEN when PHP profiling ENABLED TAGS: [haproxy, load-balancer, load_balancers] Ensure firewall port 8088 CLOSED when PHP profiling DISABLED TAGS: [haproxy, load-balancer, load_balancers] haproxy : Uncomment '$ModLoad imudp' in /etc/rsyslog.conf TAGS: [haproxy, load-balancer, load_balancers] haproxy : Uncomment '$UDPServerRun 514' in /etc/rsyslog.conf TAGS: [haproxy, load-balancer, load_balancers] Ensure /etc/rsyslog.d/haproxy.conf configured TAGS: [haproxy, load-balancer, load_balancers] ensure haproxy is running (and enable it at boot) TAGS: [haproxy, load-balancer, load_balancers] play #7 (app_servers): app_servers TAGS: [apache-php] tasks: set-vars : Get Meza install path TAGS: [apache-php] set_fact TAGS: [apache-php] set-vars : Set OS-family specific variables TAGS: [apache-php] set-vars : Set meza-core path variables TAGS: [apache-php] set-vars : Set meza-core default variables TAGS: [apache-php] set-vars : If using gluster (app_servers > 1), override m_uploads_dir TAGS: [apache-php] set-vars : Set meza local public variables TAGS: [apache-php] set-vars : Get individual wikis dirs from localhost TAGS: [apache-php] set_fact TAGS: [apache-php] set-vars : Set meza environment-specific public variables for env={{ env }} TAGS: [apache-php] set-vars : Set meza local secret variables TAGS: [apache-php] set_fact TAGS: [apache-php] set_fact TAGS: [apache-php] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only) TAGS: [apache-php] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only) TAGS: [apache-php] Ensure UFW port {{ firewall_port }} open for list of servers (Debian only) TAGS: [apache-php] Ensure UFW port {{ firewall_port }} open from all sources (Debian only) TAGS: [apache-php] Install Cent/RHEL7 base-extras packages TAGS: [apache-php] Install Rocky/RHEL8+ base-extras packages TAGS: [apache-php] imagemagick : Ensure old ImageMagick installed from Meza RPM is removed (RedHat/CentOS only) TAGS: [apache-php] imagemagick : Ensure Imagemagick and ghostscript installed TAGS: [apache-php, latest] imagemagick : Copy xpdf bin64 files to /usr/local/bin TAGS: [apache-php] apache-php : Ensure Apache webserver installed TAGS: [apache-php] apache-php : Make apache own htdocs directory TAGS: [apache-php] apache-php : Ensure mw-temp directory configured TAGS: [apache-php] apache-php : Ensure user meza-ansible and alt-meza-ansible in group "apache" TAGS: [apache-php] apache-php : write the apache config file for Cent/RHEL7 TAGS: [apache-php] apache-php : Write apache config for Rocky/RHEL8 using php-fpm TAGS: [apache-php] apache-php : Ensure Apache environment variables set properly TAGS: [apache-php] apache-php : Install Cent/RHEL7 php dependency packages TAGS: [apache-php] apache-php : Install Rocky/RHEL8 php dependency packages TAGS: [apache-php] apache-php : Install PHP (RedHat/CentOS only) TAGS: [apache-php] apache-php : Install PHP (RedHat/Rocky 8+ only) TAGS: [apache-php] apache-php : Install PHP (Debian only) TAGS: [apache-php] apache-php : Install MS SQL driver for PHP (FIXME RedHat only for now) TAGS: [apache-php] apache-php : Write php.ini file TAGS: [apache-php] apache-php : Write php.d ini files TAGS: [apache-php] apache-php : Write freetds.conf file TAGS: [apache-php] apache-php : Ensure Apache modules installed (RedHat/CentOS only) TAGS: [apache-php] apache-php : Ensure Apache modules installed (Debian only) TAGS: [apache-php] apache-php : Ensure Apache modules enabled (Debian only) TAGS: [apache-php] Ensure Composer configured TAGS: [apache-php] apache-php : Check if MongoDB service exists TAGS: [apache-php] apache-php : Stop MongoDB service if profiling is disabled TAGS: [apache-php] apache-php : Setup php-rpm for Rocky/RHEL8 TAGS: [apache-php] apache-php : Proper php.conf for Rocky/RHEL8 httpd TAGS: [apache-php] apache-php : Enable and start php-from for Rocky/RHEL8+ TAGS: [apache-php] apache-php : ensure apache is running (and enable it at boot) TAGS: [apache-php] netdata : Check if Netdata is present TAGS: [apache-php] ansible.builtin.debug TAGS: [apache-php] ansible.builtin.debug TAGS: [apache-php] netdata : Install Intel/AMD 64bit static build of Netdata TAGS: [apache-php] set_fact TAGS: [apache-php] set_fact TAGS: [apache-php] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only) TAGS: [apache-php] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only) TAGS: [apache-php] Ensure UFW port {{ firewall_port }} open for list of servers (Debian only) TAGS: [apache-php] Ensure UFW port {{ firewall_port }} open from all sources (Debian only) TAGS: [apache-php] play #8 (app_servers): app_servers TAGS: [gluster] tasks: set-vars : Get Meza install path TAGS: [gluster] set_fact TAGS: [gluster] set-vars : Set OS-family specific variables TAGS: [gluster] set-vars : Set meza-core path variables TAGS: [gluster] set-vars : Set meza-core default variables TAGS: [gluster] set-vars : If using gluster (app_servers > 1), override m_uploads_dir TAGS: [gluster] set-vars : Set meza local public variables TAGS: [gluster] set-vars : Get individual wikis dirs from localhost TAGS: [gluster] set_fact TAGS: [gluster] set-vars : Set meza environment-specific public variables for env={{ env }} TAGS: [gluster] set-vars : Set meza local secret variables TAGS: [gluster] set_fact TAGS: [gluster] set_fact TAGS: [gluster] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only) TAGS: [gluster] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only) TAGS: [gluster] Ensure UFW port {{ firewall_port }} open for list of servers (Debian only) TAGS: [gluster] Ensure UFW port {{ firewall_port }} open from all sources (Debian only) TAGS: [gluster] set_fact TAGS: [gluster] set_fact TAGS: [gluster] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only) TAGS: [gluster] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only) TAGS: [gluster] Ensure UFW port {{ firewall_port }} open for list of servers (Debian only) TAGS: [gluster] Ensure UFW port {{ firewall_port }} open from all sources (Debian only) TAGS: [gluster] set_fact TAGS: [gluster] set_fact TAGS: [gluster] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only) TAGS: [gluster] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only) TAGS: [gluster] Ensure UFW port {{ firewall_port }} open for list of servers (Debian only) TAGS: [gluster] Ensure UFW port {{ firewall_port }} open from all sources (Debian only) TAGS: [gluster] set_fact TAGS: [gluster] set_fact TAGS: [gluster] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only) TAGS: [gluster] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only) TAGS: [gluster] Ensure UFW port {{ firewall_port }} open for list of servers (Debian only) TAGS: [gluster] Ensure UFW port {{ firewall_port }} open from all sources (Debian only) TAGS: [gluster] set_fact TAGS: [gluster] set_fact TAGS: [gluster] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only) TAGS: [gluster] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only) TAGS: [gluster] Ensure UFW port {{ firewall_port }} open for list of servers (Debian only) TAGS: [gluster] Ensure UFW port {{ firewall_port }} open from all sources (Debian only) TAGS: [gluster] set_fact TAGS: [gluster] set_fact TAGS: [gluster] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only) TAGS: [gluster] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only) TAGS: [gluster] Ensure UFW port {{ firewall_port }} open for list of servers (Debian only) TAGS: [gluster] Ensure UFW port {{ firewall_port }} open from all sources (Debian only) TAGS: [gluster] set_fact TAGS: [gluster] set_fact TAGS: [gluster] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only) TAGS: [gluster] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only) TAGS: [gluster] Ensure UFW port {{ firewall_port }} open for list of servers (Debian only) TAGS: [gluster] Ensure UFW port {{ firewall_port }} open from all sources (Debian only) TAGS: [gluster] set_fact TAGS: [gluster] set_fact TAGS: [gluster] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only) TAGS: [gluster] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only) TAGS: [gluster] Ensure UFW port {{ firewall_port }} open for list of servers (Debian only) TAGS: [gluster] Ensure UFW port {{ firewall_port }} open from all sources (Debian only) TAGS: [gluster] gluster : Include OS-specific variables. TAGS: [gluster] Ensure gluster repo in place for RHEL7 TAGS: [gluster] Ensure CentOS gluster prerequisites in place TAGS: [gluster] Install gluster Packages TAGS: [gluster] gluster : Add PPA for GlusterFS. TAGS: [gluster] gluster : Ensure GlusterFS will reinstall if the PPA was just added. TAGS: [gluster] gluster : Ensure GlusterFS is installed. TAGS: [gluster] gluster : Ensure GlusterFS is started and enabled at boot. TAGS: [gluster] gluster : Ensure Gluster brick and mount directories exist. TAGS: [gluster] gluster : Configure Gluster volume. TAGS: [gluster] gluster : Ensure Gluster volume is mounted. TAGS: [gluster] play #9 (memcached_servers): memcached_servers TAGS: [memcached] tasks: set-vars : Get Meza install path TAGS: [memcached] set_fact TAGS: [memcached] set-vars : Set OS-family specific variables TAGS: [memcached] set-vars : Set meza-core path variables TAGS: [memcached] set-vars : Set meza-core default variables TAGS: [memcached] set-vars : If using gluster (app_servers > 1), override m_uploads_dir TAGS: [memcached] set-vars : Set meza local public variables TAGS: [memcached] set-vars : Get individual wikis dirs from localhost TAGS: [memcached] set_fact TAGS: [memcached] set-vars : Set meza environment-specific public variables for env={{ env }} TAGS: [memcached] set-vars : Set meza local secret variables TAGS: [memcached] set_fact TAGS: [memcached] set_fact TAGS: [memcached] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only) TAGS: [memcached] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only) TAGS: [memcached] Ensure UFW port {{ firewall_port }} open for list of servers (Debian only) TAGS: [memcached] Ensure UFW port {{ firewall_port }} open from all sources (Debian only) TAGS: [memcached] Ensure memcached and netcat packages latest TAGS: [latest, memcached] Write the memcached config file TAGS: [memcached] Ensure memcached is running (and enable it at boot) TAGS: [memcached] play #10 (db_master): db_master TAGS: [database] tasks: set-vars : Get Meza install path TAGS: [database] set_fact TAGS: [database] set-vars : Set OS-family specific variables TAGS: [database] set-vars : Set meza-core path variables TAGS: [database] set-vars : Set meza-core default variables TAGS: [database] set-vars : If using gluster (app_servers > 1), override m_uploads_dir TAGS: [database] set-vars : Set meza local public variables TAGS: [database] set-vars : Get individual wikis dirs from localhost TAGS: [database] set_fact TAGS: [database] set-vars : Set meza environment-specific public variables for env={{ env }} TAGS: [database] set-vars : Set meza local secret variables TAGS: [database] Ensure firewalld service {{ firewall_service }} allowed for list of servers (RedHat/CentOS only) TAGS: [database] Ensure UFW service {{ firewall_service }} (port {{ ufw_service_ports['{{ firewall_service }}'] }}) allowed for list of servers (Debian only) TAGS: [database] Ensure firewalld service {{ firewall_service }} allowed for list of servers (RedHat/CentOS only) TAGS: [database] Ensure UFW service {{ firewall_service }} (port {{ ufw_service_ports['{{ firewall_service }}'] }}) allowed for list of servers (Debian only) TAGS: [database] database : Include OS-specific variables. TAGS: [database] database : Include OS-specific variables (RedHat). TAGS: [database] database : Define mysql_packages. TAGS: [database] database : Define mysql_daemon. TAGS: [database] database : Define mysql_slow_query_log_file. TAGS: [database] database : Define mysql_log_error. TAGS: [database] database : Define mysql_syslog_tag. TAGS: [database] database : Define mysql_pid_file. TAGS: [database] database : Define mysql_config_file. TAGS: [database] database : Define mysql_config_include_dir. TAGS: [database] database : Define mysql_socket. TAGS: [database] database : Define mysql_supports_innodb_large_prefix. TAGS: [database] include_tasks TAGS: [database] include_tasks TAGS: [database] database : Check if MySQL packages were installed. TAGS: [database] database : Copy my.cnf global MySQL configuration. TAGS: [database] database : Verify mysql include directory exists. TAGS: [database] database : Copy my.cnf override files into include directory. TAGS: [database] database : Create slow query log file (if configured). TAGS: [database] database : Create datadir if it does not exist TAGS: [database] database : Set ownership on slow query log file (if configured). TAGS: [database] database : Create error log file (if configured). TAGS: [database] database : Set ownership on error log file (if configured). TAGS: [database] database : Rotate MariaDB log TAGS: [database] database : Create datadir if it does not exist TAGS: [database] database : Ensure MySQL is started and enabled on boot. TAGS: [database] database : Get MySQL version. TAGS: [database] database : Ensure default user is present. TAGS: [database] database : Copy user-my.cnf file with password credentials. TAGS: [database] database : Disallow root login remotely TAGS: [database] database : Get list of hosts for the root user. TAGS: [database] database : Update MySQL root password for localhost root account (5.7.x). TAGS: [database] database : Update MySQL root password for localhost root account (< 5.7.x). TAGS: [database] database : Copy .my.cnf file with root password credentials TAGS: [database] database : Copy .my.cnf file with root password credentials TAGS: [database] database : Get list of hosts for the anonymous user. TAGS: [database] database : Remove anonymous MySQL users. TAGS: [database] Remove MySQL test database. TAGS: [database] Ensure MySQL databases are present. TAGS: [database] database : Ensure meza application MySQL users are present TAGS: [database] database : If this DB-server is an app server, include localhost as a valid host for application user TAGS: [database] database : Ensure additional MySQL users are present. TAGS: [database] database : Check if valid slave TAGS: [database] set_fact TAGS: [database] database : Check if valid master TAGS: [database] set_fact TAGS: [database] database : Ensure replication user exists on master. TAGS: [database] database : Check slave replication status. TAGS: [database] ansible.builtin.debug TAGS: [database] database : Check if slave needs configuration TAGS: [database] ansible.builtin.debug TAGS: [database] database : Check master replication status. TAGS: [database] ansible.builtin.debug TAGS: [database] database : fetch list of wikis on master TAGS: [database] database : export dump file on master TAGS: [database] database : fetch dump file TAGS: [database] database : put dump file TAGS: [database] database : Import dump on slave(s) TAGS: [database] mysql_replication TAGS: [database] database : Configure replication on the slave. TAGS: [database] database : Start replication. TAGS: [database] play #11 (db_slaves): db_slaves TAGS: [database] tasks: set-vars : Get Meza install path TAGS: [database] set_fact TAGS: [database] set-vars : Set OS-family specific variables TAGS: [database] set-vars : Set meza-core path variables TAGS: [database] set-vars : Set meza-core default variables TAGS: [database] set-vars : If using gluster (app_servers > 1), override m_uploads_dir TAGS: [database] set-vars : Set meza local public variables TAGS: [database] set-vars : Get individual wikis dirs from localhost TAGS: [database] set_fact TAGS: [database] set-vars : Set meza environment-specific public variables for env={{ env }} TAGS: [database] set-vars : Set meza local secret variables TAGS: [database] Ensure firewalld service {{ firewall_service }} allowed for list of servers (RedHat/CentOS only) TAGS: [database] Ensure UFW service {{ firewall_service }} (port {{ ufw_service_ports['{{ firewall_service }}'] }}) allowed for list of servers (Debian only) TAGS: [database] database : Include OS-specific variables. TAGS: [database] database : Include OS-specific variables (RedHat). TAGS: [database] database : Define mysql_packages. TAGS: [database] database : Define mysql_daemon. TAGS: [database] database : Define mysql_slow_query_log_file. TAGS: [database] database : Define mysql_log_error. TAGS: [database] database : Define mysql_syslog_tag. TAGS: [database] database : Define mysql_pid_file. TAGS: [database] database : Define mysql_config_file. TAGS: [database] database : Define mysql_config_include_dir. TAGS: [database] database : Define mysql_socket. TAGS: [database] database : Define mysql_supports_innodb_large_prefix. TAGS: [database] include_tasks TAGS: [database] include_tasks TAGS: [database] database : Check if MySQL packages were installed. TAGS: [database] database : Copy my.cnf global MySQL configuration. TAGS: [database] database : Verify mysql include directory exists. TAGS: [database] database : Copy my.cnf override files into include directory. TAGS: [database] database : Create slow query log file (if configured). TAGS: [database] database : Create datadir if it does not exist TAGS: [database] database : Set ownership on slow query log file (if configured). TAGS: [database] database : Create error log file (if configured). TAGS: [database] database : Set ownership on error log file (if configured). TAGS: [database] database : Rotate MariaDB log TAGS: [database] database : Create datadir if it does not exist TAGS: [database] database : Ensure MySQL is started and enabled on boot. TAGS: [database] database : Get MySQL version. TAGS: [database] database : Ensure default user is present. TAGS: [database] database : Copy user-my.cnf file with password credentials. TAGS: [database] database : Disallow root login remotely TAGS: [database] database : Get list of hosts for the root user. TAGS: [database] database : Update MySQL root password for localhost root account (5.7.x). TAGS: [database] database : Update MySQL root password for localhost root account (< 5.7.x). TAGS: [database] database : Copy .my.cnf file with root password credentials TAGS: [database] database : Copy .my.cnf file with root password credentials TAGS: [database] database : Get list of hosts for the anonymous user. TAGS: [database] database : Remove anonymous MySQL users. TAGS: [database] Remove MySQL test database. TAGS: [database] Ensure MySQL databases are present. TAGS: [database] database : Ensure meza application MySQL users are present TAGS: [database] database : If this DB-server is an app server, include localhost as a valid host for application user TAGS: [database] database : Ensure additional MySQL users are present. TAGS: [database] database : Check if valid slave TAGS: [database] set_fact TAGS: [database] database : Check if valid master TAGS: [database] set_fact TAGS: [database] database : Ensure replication user exists on master. TAGS: [database] database : Check slave replication status. TAGS: [database] ansible.builtin.debug TAGS: [database] database : Check if slave needs configuration TAGS: [database] ansible.builtin.debug TAGS: [database] database : Check master replication status. TAGS: [database] ansible.builtin.debug TAGS: [database] database : fetch list of wikis on master TAGS: [database] database : export dump file on master TAGS: [database] database : fetch dump file TAGS: [database] database : put dump file TAGS: [database] database : Import dump on slave(s) TAGS: [database] mysql_replication TAGS: [database] database : Configure replication on the slave. TAGS: [database] database : Start replication. TAGS: [database] play #12 (backup_servers): backup_servers TAGS: [backup_servers] tasks: set-vars : Get Meza install path TAGS: [backup_servers] set_fact TAGS: [backup_servers] set-vars : Set OS-family specific variables TAGS: [backup_servers] set-vars : Set meza-core path variables TAGS: [backup_servers] set-vars : Set meza-core default variables TAGS: [backup_servers] set-vars : If using gluster (app_servers > 1), override m_uploads_dir TAGS: [backup_servers] set-vars : Set meza local public variables TAGS: [backup_servers] set-vars : Get individual wikis dirs from localhost TAGS: [backup_servers] set_fact TAGS: [backup_servers] set-vars : Set meza environment-specific public variables for env={{ env }} TAGS: [backup_servers] set-vars : Set meza local secret variables TAGS: [backup_servers] backup-config : Ensure MariaDB client installed on backup servers TAGS: [backup_servers, latest] backup-config : Ensure meza-backups group exists TAGS: [backup_servers] backup-config : Ensure backups directory exists TAGS: [backup_servers] backup-config : Ensure backups directory exists for environment TAGS: [backup_servers] backup-config : Get individual wikis from controller config TAGS: [backup_servers] backup-config : Ensure backups directory exists for each wiki TAGS: [backup_servers] backup-config : Ensure backups uploads directory exists for each wiki TAGS: [backup_servers] play #13 (elastic_servers): elastic_servers TAGS: [elasticsearch] tasks: set-vars : Get Meza install path TAGS: [elasticsearch] set_fact TAGS: [elasticsearch] set-vars : Set OS-family specific variables TAGS: [elasticsearch] set-vars : Set meza-core path variables TAGS: [elasticsearch] set-vars : Set meza-core default variables TAGS: [elasticsearch] set-vars : If using gluster (app_servers > 1), override m_uploads_dir TAGS: [elasticsearch] set-vars : Set meza local public variables TAGS: [elasticsearch] set-vars : Get individual wikis dirs from localhost TAGS: [elasticsearch] set_fact TAGS: [elasticsearch] set-vars : Set meza environment-specific public variables for env={{ env }} TAGS: [elasticsearch] set-vars : Set meza local secret variables TAGS: [elasticsearch] set_fact TAGS: [elasticsearch] set_fact TAGS: [elasticsearch] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only) TAGS: [elasticsearch] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only) TAGS: [elasticsearch] Ensure UFW port {{ firewall_port }} open for list of servers (Debian only) TAGS: [elasticsearch] Ensure UFW port {{ firewall_port }} open from all sources (Debian only) TAGS: [elasticsearch] set_fact TAGS: [elasticsearch] set_fact TAGS: [elasticsearch] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only) TAGS: [elasticsearch] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only) TAGS: [elasticsearch] Ensure UFW port {{ firewall_port }} open for list of servers (Debian only) TAGS: [elasticsearch] Ensure UFW port {{ firewall_port }} open from all sources (Debian only) TAGS: [elasticsearch] set_fact TAGS: [elasticsearch] set_fact TAGS: [elasticsearch] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only) TAGS: [elasticsearch] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only) TAGS: [elasticsearch] Ensure UFW port {{ firewall_port }} open for list of servers (Debian only) TAGS: [elasticsearch] Ensure UFW port {{ firewall_port }} open from all sources (Debian only) TAGS: [elasticsearch] set_fact TAGS: [elasticsearch] set_fact TAGS: [elasticsearch] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only) TAGS: [elasticsearch] Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only) TAGS: [elasticsearch] Ensure UFW port {{ firewall_port }} open for list of servers (Debian only) TAGS: [elasticsearch] Ensure UFW port {{ firewall_port }} open from all sources (Debian only) TAGS: [elasticsearch] elasticsearch : Ensure Java 1.7.0 OpenJDK is absent TAGS: [elasticsearch] elasticsearch : Ensure Java 1.8.0 OpenJDK is installed TAGS: [elasticsearch] elasticsearch : Set JAVA_HOME if configured. TAGS: [elasticsearch] elasticsearch : Add Elasticsearch GPG key. TAGS: [elasticsearch] elasticsearch : Add Elasticsearch repository. TAGS: [elasticsearch] Ensure elasticsearch installed TAGS: [elasticsearch] elasticsearch : Check whether /etc/hosts contains "127.0.0.1" TAGS: [elasticsearch] elasticsearch : Add localhost to /etc/hosts if needed TAGS: [elasticsearch] Ensure dirs from elasticsearch.yml exist and set ownership TAGS: [elasticsearch] Copy extracted java cacerts to /etc/elasticsearch TAGS: [elasticsearch] elasticsearch : Configure and Restart Elasticsearch TAGS: [elasticsearch] elasticsearch : Start Elasticsearch. TAGS: [elasticsearch] elasticsearch : Make sure Elasticsearch is running before proceeding. TAGS: [elasticsearch] elasticsearch : Check current Elasticsearch version TAGS: [elasticsearch] elasticsearch : Display current Elasticsearch full version number TAGS: [elasticsearch] elasticsearch : Display desired Elasticsearch version TAGS: [elasticsearch] elasticsearch : Set the Elasticsearch major version found TAGS: [elasticsearch] elasticsearch : Docker image building only: set found version to desired version TAGS: [elasticsearch] elasticsearch : Set the Elasticsearch major version desired TAGS: [elasticsearch] Set do_elasticsearch_upgrade to FALSE TAGS: [elasticsearch] Set do_elasticsearch_upgrade to TRUE TAGS: [elasticsearch] Ensure elasticsearch plugins removed TAGS: [elasticsearch] elasticsearch : Disable shard allocation for the cluster TAGS: [elasticsearch] elasticsearch : Perform synced flush TAGS: [elasticsearch] Shutdown elasticsearch node TAGS: [elasticsearch] elasticsearch : Ensure Elasticsearch is latest version TAGS: [elasticsearch] Start elasticsearch TAGS: [elasticsearch] Wait for elasticsearch node to come back up TAGS: [elasticsearch] elasticsearch : Wait for cluster health to return to yellow or green TAGS: [elasticsearch] elasticsearch : Enable shard allocation for the cluster TAGS: [elasticsearch] elasticsearch : Check current Elasticsearch version TAGS: [elasticsearch] elasticsearch : Re-display current Elasticsearch full version number after upgrade TAGS: [elasticsearch] play #14 (app_servers): app_servers TAGS: [mediawiki] tasks: set-vars : Get Meza install path TAGS: [mediawiki] set_fact TAGS: [mediawiki] set-vars : Set OS-family specific variables TAGS: [mediawiki] set-vars : Set meza-core path variables TAGS: [mediawiki] set-vars : Set meza-core default variables TAGS: [mediawiki] set-vars : If using gluster (app_servers > 1), override m_uploads_dir TAGS: [mediawiki] set-vars : Set meza local public variables TAGS: [mediawiki] set-vars : Get individual wikis dirs from localhost TAGS: [mediawiki] set_fact TAGS: [mediawiki] set-vars : Set meza environment-specific public variables for env={{ env }} TAGS: [mediawiki] set-vars : Set meza local secret variables TAGS: [mediawiki] htdocs : Ensure ServerPerformance configured TAGS: [mediawiki] htdocs : Ensure BackupDownload configured TAGS: [mediawiki] htdocs : Ensure BackupDownload NOT configured TAGS: [mediawiki] htdocs : Ensure files configured TAGS: [mediawiki] install lua packages TAGS: [mediawiki] check out luasandbox from git TAGS: [mediawiki] compile and install luasandbox TAGS: [mediawiki] copy luasandbox initialization file TAGS: [mediawiki] Sync configuration between controller and app servers TAGS: [mediawiki] mediawiki : Ensure user meza-ansible .ssh dir configured TAGS: [mediawiki] mediawiki : Copy meza-ansible keys to app servers TAGS: [mediawiki] mediawiki : Copy meza-ansible known_hosts to app_servers TAGS: [mediawiki] mediawiki : Ensure MediaWiki core ignores submodules TAGS: [mediawiki, mediawiki-core] mediawiki : Ensure MediaWiki core owned by meza-ansible TAGS: [mediawiki, mediawiki-core] mediawiki : Ensure proper MediaWiki git version installed TAGS: [latest, mediawiki, mediawiki-core] mediawiki : Ensure MediaWiki core ignores submodules TAGS: [mediawiki, mediawiki-core] mediawiki : Create symlink to core, to enable short urls TAGS: [latest, mediawiki] mediawiki : Set variable holding list of core skins TAGS: [mediawiki, skins] mediawiki : Set variable holding list of local skins TAGS: [mediawiki, skins] mediawiki : Set variable holding list of core extensions TAGS: [always, mediawiki] mediawiki : Ensure core meza extensions installed (non-Composer) TAGS: [extensions, git-core-extensions, git-extensions, latest, mediawiki] mediawiki : Set variable holding list of local extensions TAGS: [always, mediawiki] mediawiki : Ensure core meza skins installed (non-Composer) TAGS: [core-skins, extensions, mediawiki, skins] mediawiki : Ensure local meza extensions installed (non-Composer) TAGS: [extensions, git-extensions, git-local-extensions, latest, mediawiki] mediawiki : Ensure local meza skins installed (non-Composer) TAGS: [local-skins, mediawiki, skins] mediawiki : Ensure Extensions.php in place TAGS: [mediawiki] mediawiki : Ensure composer.local.json in place to load composer-based extensions TAGS: [mediawiki] mediawiki : Run composer update on MediaWiki for dependencies TAGS: [composer-extensions, latest, mediawiki, skins] mediawiki : Remove SMW IdeAliases TAGS: [mediawiki] mediawiki : Run composer update on MediaWiki for extensions TAGS: [composer-extensions, extensions, latest, mediawiki, skins] mediawiki : Ensure Git submodule requirements met for core meza extensions TAGS: [extensions, git-submodules, latest, mediawiki] mediawiki : Ensure Git submodule requirements met for local meza extensions TAGS: [extensions, git-submodules, latest, mediawiki] mediawiki : Ensure Git submodule requirements met for core meza skins TAGS: [extensions, git-submodules, latest, mediawiki, skins] mediawiki : Ensure Git submodule requirements met for local meza skins TAGS: [extensions, git-submodules, latest, local-skins, mediawiki, skins] mediawiki : Ensure LocalSettings.php in place TAGS: [mediawiki] mediawiki : Ensure MediaWiki still properly owned TAGS: [file-perms, mediawiki, mediawiki-core] mediawiki : Check if the compiled_templates directory exists TAGS: [mediawiki] mediawiki : Ensure compiled templates folder for widget extension is ownwed by apache TAGS: [mediawiki] mediawiki : Ensure WikiBlender installed TAGS: [mediawiki] mediawiki : Ensure BlenderSettings.php in place TAGS: [mediawiki] mediawiki : Ensure WikiBlender properly owned TAGS: [mediawiki] Include SAML role if SAML configured TAGS: [mediawiki] mediawiki : Ensure localization cache root directory exists (each wiki with sub-directory) TAGS: [mediawiki] mediawiki : Ensure root uploads dir configured TAGS: [mediawiki] mediawiki : Check if any wikis exist TAGS: [mediawiki] Add Demo Wiki to config if no wikis exist TAGS: [mediawiki] Re-sync configuration between controller and app servers if Demo just configured TAGS: [mediawiki] mediawiki : Get individual wikis dirs from localhost TAGS: [mediawiki] mediawiki : Set fact - list of wikis TAGS: [mediawiki] mediawiki : Set fact - list of wikis ordered with primary wiki first (if primary_wiki_id set) TAGS: [mediawiki] mediawiki : Check list of wikis TAGS: [mediawiki] mediawiki : Set fact - initiate empty list of wikis to rebuild smw and search data TAGS: [mediawiki] mediawiki : List_of_wikis -> loop TAGS: [mediawiki] Ensure defined wikis exist TAGS: [mediawiki, verify-wiki] ansible.builtin.debug TAGS: [mediawiki] mediawiki : Ensure data rebuilding scripts in place on app servers TAGS: [mediawiki] mediawiki : Ensure data rebuilding logs directories exist TAGS: [mediawiki] mediawiki : Verify metastore index upgraded TAGS: [mediawiki] mediawiki : (Re-)build search index for: {{ wikis_to_rebuild_data | join(', ') }} TAGS: [mediawiki, search-index] include_role TAGS: [mediawiki, update.php] mediawiki : Reload (not restart) httpd to pick up changes to opcached php files TAGS: [httpd-reload, mediawiki] mediawiki : Restart php-fpm to pick up changes to opcached php files TAGS: [httpd-reload, mediawiki] mediawiki : Ensure Python3 present on RedHat7 variant TAGS: [latest, mediawiki] mediawiki : Ensure Python3 present on Rocky/RHEL8 TAGS: [latest, mediawiki] play #15 (logging_servers): logging_servers TAGS: [logging] tasks: set-vars : Get Meza install path TAGS: [logging] set_fact TAGS: [logging] set-vars : Set OS-family specific variables TAGS: [logging] set-vars : Set meza-core path variables TAGS: [logging] set-vars : Set meza-core default variables TAGS: [logging] set-vars : If using gluster (app_servers > 1), override m_uploads_dir TAGS: [logging] set-vars : Set meza local public variables TAGS: [logging] set-vars : Get individual wikis dirs from localhost TAGS: [logging] set_fact TAGS: [logging] set-vars : Set meza environment-specific public variables for env={{ env }} TAGS: [logging] set-vars : Set meza local secret variables TAGS: [logging] meza-log : Check if server log database exists TAGS: [logging] meza-log : Set fact if server log database DOES exist TAGS: [logging] meza-log : Set fact if server log database DOES NOT exist TAGS: [logging] meza-log : Copy meza_server_log.sql to remote database hosts TAGS: [logging] meza-log : Import server log database structure TAGS: [logging] meza-log : Check if disk_space table exists TAGS: [logging] meza-log : Set fact if disk_space table DOES exist TAGS: [logging] meza-log : Set fact if disk_space table DOES NOT exist TAGS: [logging] meza-log : Copy table_disk_space.sql to remote database hosts TAGS: [logging] meza-log : Create table disk_space if not exists TAGS: [logging] meza-log : Ensure logging scripts in place TAGS: [logging] play #16 (backup_servers): backup_servers TAGS: [backup-cleanup] tasks: set-vars : Get Meza install path TAGS: [backup-cleanup] set_fact TAGS: [backup-cleanup] set-vars : Set OS-family specific variables TAGS: [backup-cleanup] set-vars : Set meza-core path variables TAGS: [backup-cleanup] set-vars : Set meza-core default variables TAGS: [backup-cleanup] set-vars : If using gluster (app_servers > 1), override m_uploads_dir TAGS: [backup-cleanup] set-vars : Set meza local public variables TAGS: [backup-cleanup] set-vars : Get individual wikis dirs from localhost TAGS: [backup-cleanup] set_fact TAGS: [backup-cleanup] set-vars : Set meza environment-specific public variables for env={{ env }} TAGS: [backup-cleanup] set-vars : Set meza local secret variables TAGS: [backup-cleanup] backups-cleanup : Ensure backups cleanup script in place TAGS: [backup-cleanup] backups-cleanup : Ensure backups cleanup cron in place TAGS: [backup-cleanup] play #17 (all:!exclude-all:!load_balancers_nonmeza:!load_balancers_nonmeza_external:!load_balancers_nonmeza_internal): all:!exclude-all:!load_balancers_nonmeza:!load_balancers_nonmeza_external:!load_balancers_nonmeza_internal TAGS: [always,cron] tasks: set-vars : Get Meza install path TAGS: [always, cron] set_fact TAGS: [always, cron] set-vars : Set OS-family specific variables TAGS: [always, cron] set-vars : Set meza-core path variables TAGS: [always, cron] set-vars : Set meza-core default variables TAGS: [always, cron] set-vars : If using gluster (app_servers > 1), override m_uploads_dir TAGS: [always, cron] set-vars : Set meza local public variables TAGS: [always, cron] set-vars : Get individual wikis dirs from localhost TAGS: [always, cron] set_fact TAGS: [always, cron] set-vars : Set meza environment-specific public variables for env={{ env }} TAGS: [always, cron] set-vars : Set meza local secret variables TAGS: [always, cron] Ensure cron is running (and enable it at boot) TAGS: [always, cron] Ensure crontab file up-to-date TAGS: [always, cron] cron : Ensure runAllJobs.php in place TAGS: [always, cron] lineinfile TAGS: [always, cron] lineinfile TAGS: [always, cron] Ensure crontab up-to-date from file TAGS: [always, cron] umask-unset : Unset umask at end of deploy TAGS: [always, cron]
As we saw earlier, at the very start of output, it shows you the underlying Ansible command:
sudo -u meza-ansible ansible-playbook /opt/meza/src/playbooks/site.yml -i /opt/conf-meza/secret/monolith/hosts --vault-password-file /opt/conf-meza/users/meza-ansible/.vault-pass-monolith.txt --extra-vars '{"env": "monolith"}' --list-tasks
Task Reference
editTo make an HTML page for reference, you could do the following (using aha, the ANSI HTML Adapter)
sudo meza deploy production --list-tasks | sudo tee > >(aha --black --title "Production Deploy Tasks" > /tmp/deploy.tasks.html)
Using Tags and Skipping Tags
editTo be written. In our next update, we'll show you how to use and skip tags. You can even combine listing and skipping.
sudo meza deploy monolith --list-tasks --skip-tags cron
Will show you all the tasks that would be executed if you skipped the cron tasks.
After making configuration changes to a meza wiki server, it will be common to run deploy with options such as this example:
sudo meza deploy monolith --tags mediawiki,parsoid
(one or both) and/or --skip-tags latest,update.php,verify-wiki,smw-data,search-index
(one or more)
Tags we recommend typically specifying:
mediawiki
specifies all mediawiki setup steps, including config changes
parsoid
is rarely necessary to specify, but it comes after mediawiki so if you're repeatedly running things starting at mediawiki it can be handy to run to the end by also specifying parsoid
Tags that are often a good idea to skip:
latest
gets the latest versions of software, including git-fetch of mediawiki core and extensions. This can take a long time (but may be necessary to include if you add an extension).- TO-DO: There are also ways to specify just git extensions or just composer extensions, or just meza core extensions versus local config extensions.
update.php
updates the MediaWiki database. This is not required if you're not changing MediaWiki version or extensions that make database changes. This takes a long time on large/plentiful wikis.verify-wiki
basically makes sure a bunch of stuff is present for each wiki, but it does not do specific config for each wiki. So if you make a wiki config change you still can skip this.smw-data
rebuilds SMW data. This takes ~24 hours on large wikis. This won't run unless a new wiki is created/imported, but you can still specify to skip it just to be sure.search-index
rebuilds the Elasticsearch data. This takes several hours on large wikis.mediawiki-core
git clone core Mediawiki, verifies ownership of directory structure in Mediawiki core
MediaWiki Maintenance
editMeza is wiki farm enabled by default. This mean that the LocalSettings.php file is conditioned to look for a wiki id in every request. There's a variable $mezaWikiEnvVarName='WIKI';
that is used to control the collaboration between the web server, command-line scripts, and file-system based identifiers. So, always pass a value for this SHELL variable for any command-line scripts:
WIKI=demo php /opt/htdocs/mediawiki/maintenance/update.php --quick
Note: this example is just that. It's an example of how to run MediaWiki php scripts in the maintenance directory. Normally you wouldn't need to run update.php
outside of Meza because you can use the Ansible 'tag' update.php
as described in the section "Using Tags" ie. meza deploy <env> --tags update.php
Without any tags specified, all deploys will run update.php if necessary.
Also note: In LocalSettings.php (and other PHP code generated by Meza), the wiki identifier variable name is $wikiId
. In CLI scripts and the shell environment, the variable default name is WIKI
. In YAML files or Ansible commands, the variable name is wiki_id
. Why are there three different names for the same thing? This difference no doubt causes some confusion, while respecting traditional naming conventions in PHP, BASH and YAML. Convention could be ignored to use a consistent variable name e.g. WIKI_ID
or SITE_ID
throughout.
Undocumented Commands
editThere are undocumented commands (see https://github.com/enterprisemediawiki/meza/issues/825) such as meza maint rebuild <env>
and meza maint runJobs <env>
. The latter command is known to be broken and incomplete. See https://github.com/enterprisemediawiki/meza/issues/711