Meza/Commands

Help

edit

Once installed, if you run the meza command all by itself, it will display help like the following:

Mediawiki EZ Admin

Usage: meza COMMAND [directives]

To setup a multi-server environment, do:

$ meza setup env # Setup the environment, following prompts
# Edit config as required:
$ sudo vi /opt/conf-meza/secret/<env-name>/hosts
$ sudo vi /opt/conf-meza/secret/<env-name>/secret.yml
$ sudo meza deploy <env-name>

Commands    Directives           Description
---------------------------------------------------------------
install     dev-networking       Setup networking on VM
            monolith             Install server on this machine
            docker               Install Docker (CentOS only)
deploy      <environment name>   Deploy your server
setup       env                  Setup an environment
            dev                  Setup dev features (Git, FTP)
create      wiki                 Create a wiki
            wiki-promptless      Create a wiki without prompts
backup      <environment name>   Create a backup of an env
docker      run                  (experimental) Start container
            exec                 Execute command on container

Every command has directives. If you run any command without
directives it will provide help for that command.

meza deploy is the meat and potatoes of Meza. It is the command you use most frequently. It executes a lot of tasks.

Visual Overview of Deploy

edit

For a visual graph of the site.yml playbook, see https://github.com/freephile/meza/issues/63#issuecomment-2020500463 and https://github.com/freephile/meza/issues/63#issuecomment-2020525222

Pass-through

edit

Meza is written in Python, and is a logic wrapper to Ansible underneath. Meza ultimately passes through command-line options and arguments to Ansible's ansible-playbook command. You can see this when you issue a meza command, as the first thing it outputs is the underlying ansible command being executed. For example:

sudo meza deploy <environment> --list-tags (where <environment> is your environment name, which is likely monolith or vagrant)

Shows this:

sudo -u meza-ansible ansible-playbook /opt/meza/src/playbooks/site.yml -i /opt/conf-meza/secret/monolith/hosts --vault-password-file /opt/conf-meza/users/meza-ansible/.vault-pass-monolith.txt --extra-vars '{"env": "monolith"}' --list-tags

So, if there are ansible-playbook options that you wish to use, you can do so. Particularly useful for getting to know Meza are the --list-tags, and --list-tasks options to ansible-playbook. These options cause Ansible to go into a 'dry-run' mode for the playbook, telling you more about it without executing any actions.

Meanwhile, the --tags and --skip-tags options control Ansible's selection of what specific tasks to run, according to the tags associated with tasks in the playbook. These come in handly when you want to target a specific aspect of your deployment.

Tags

edit

Followed by the number of plays, and the tags associated with each:

sudo meza deploy monolith --list-tags

(Example only. Real output will change as development is ongoing.)

playbook: /opt/meza/src/playbooks/site.yml

  play #1 (localhost): localhost        TAGS: []
      TASK TAGS: []

  play #2 (app-servers): app-servers    TAGS: []
      TASK TAGS: []

  play #3 (all:!exclude-all:!load-balancers-unmanaged): all:!exclude-all:!load-balancers-unmanaged      TAGS: [base]
      TASK TAGS: [base, latest]

  play #4 (load-balancers): load-balancers      TAGS: [load-balancer]
      TASK TAGS: [load-balancer]

  play #5 (app-servers): app-servers    TAGS: [apache-php]
      TASK TAGS: [apache-php, latest]

  play #6 (app-servers): app-servers    TAGS: [gluster]
      TASK TAGS: [gluster]

  play #7 (memcached-servers): memcached-servers        TAGS: [memcached]
      TASK TAGS: [latest, memcached]

  play #8 (db-master): db-master        TAGS: [database]
      TASK TAGS: [database]

  play #9 (db-slaves): db-slaves        TAGS: [database]
      TASK TAGS: [database]

  play #10 (elastic-servers): elastic-servers   TAGS: [elasticsearch]
      TASK TAGS: [elasticsearch]

  play #11 (app-servers): app-servers   TAGS: [mediawiki]
      TASK TAGS: [composer-extensions, git-core-extensions, git-extensions, git-local-extensions, git-submodules, latest, mediawiki, search-index, smw-data, update.php, verify-wiki]

  play #12 (parsoid-servers): parsoid-servers   TAGS: [parsoid]
      TASK TAGS: [latest, parsoid, parsoid-deps]

  play #13 (logging-servers): logging-servers   TAGS: [logging]
      TASK TAGS: [logging]

  play #14 (all:!exclude-all:!load-balancers-unmanaged): all:!exclude-all:!load-balancers-unmanaged     TAGS: [cron]
      TASK TAGS: [cron]

Tasks

edit

There is a lot of detail in the list-tasks output.

In the task list, you can see tags that are associated at the task level. Again, this command will not execute a deploy. It will show you the tasks that would be run.

sudo meza deploy monolith --list-tasks

(Example only. Real output will change as development is ongoing.)

meza deploy monolith --list-tasks
Create deploy lock file at /opt/data-meza/env-monolith-deploy.lock
su meza-ansible -c "ansible-playbook /opt/meza/src/playbooks/site.yml -i /opt/conf-meza/secret/monolith/hosts --vault-password-file /opt/conf-meza/vault/vault-pass-monolith.txt --extra-vars '{\"env\": \"monolith\"}' --list-tasks"

playbook: /opt/meza/src/playbooks/site.yml

  play #1 (localhost): localhost        TAGS: []
    tasks:
      Get Meza install path     TAGS: []
      set_fact  TAGS: []
      Ensure no password on meza-ansible user on controller     TAGS: []
      Ensure controller has user alt-meza-ansible       TAGS: []
      Ensure user alt-meza-ansible .ssh dir configured  TAGS: []
      Copy meza-ansible keys to alt-meza-ansible        TAGS: []
      Copy meza-ansible known_hosts to alt-meza-ansible TAGS: []
      Ensure secret.yml owned by meza-ansible   TAGS: []
      Ensure {{ m_conf_dir }} owned by meza-ansible     TAGS: []

  play #2 (all:!exclude-all:!load_balancers_nonmeza:!load_balancers_nonmeza_external:!load_balancers_nonmeza_internal): all:!exclude-all:!load_balancers_nonmeza:!load_balancers_nonmeza_external:!load_balancers_nonmeza_internal     TAGS: []
    tasks:
      umask-set : Set umask for duration of deploy      TAGS: []

  play #3 (localhost): localhost        TAGS: [autodeployer,controller]
    tasks:
      set-vars : Get Meza install path  TAGS: [autodeployer, controller]
      set_fact  TAGS: [autodeployer, controller]
      set-vars : Set OS-family specific variables       TAGS: [autodeployer, controller]
      set-vars : Set meza-core path variables   TAGS: [autodeployer, controller]
      set-vars : Set meza-core default variables        TAGS: [autodeployer, controller]
      set-vars : If using gluster (app_servers > 1), override m_uploads_dir     TAGS: [autodeployer, controller]
      set-vars : Set meza local public variables        TAGS: [autodeployer, controller]
      set-vars : Get individual wikis dirs from localhost       TAGS: [autodeployer, controller]
      set_fact  TAGS: [autodeployer, controller]
      set-vars : Set meza environment-specific public variables for env={{ env }}       TAGS: [autodeployer, controller]
      set-vars : Set meza local secret variables        TAGS: [autodeployer, controller]
      init-controller-config : Does controller have local config        TAGS: [autodeployer, controller]
      init-controller-config : Get local config repo if set     TAGS: [autodeployer, controller]
      init-controller-config : Does controller have local config        TAGS: [autodeployer, controller]
      init-controller-config : Ensure m_local_public configured on controller   TAGS: [autodeployer, controller, file-perms]
      init-controller-config : Ensure m_local_public/wikis exists       TAGS: [autodeployer, controller]
      init-controller-config : Ensure pre/post/saml settings directories exists in config       TAGS: [autodeployer, controller]
      init-controller-config : Ensure base files present, do NOT overwrite      TAGS: [autodeployer, controller]
      init-controller-config : Ensure {{ m_meza }} properly owned       TAGS: [autodeployer, controller, file-perms]
      init-controller-config : Ensure {{ m_local_secret }} directories properly owned/moded     TAGS: [autodeployer, controller, file-perms]
      init-controller-config : Ensure {{ m_local_secret }} files properly owned/moded   TAGS: [autodeployer, controller, file-perms]
      set_fact  TAGS: [autodeployer, controller]
      set_fact  TAGS: [autodeployer, controller]
      Ensure autodeployer cron in place TAGS: [autodeployer, controller]
      enforce-meza-version : Ensure proper Meza version TAGS: [autodeployer, controller]

  play #4 (localhost): localhost        TAGS: []
    tasks:
      set-vars : Get Meza install path  TAGS: []
      set_fact  TAGS: []
      set-vars : Set OS-family specific variables       TAGS: []
      set-vars : Set meza-core path variables   TAGS: []
      set-vars : Set meza-core default variables        TAGS: []
      set-vars : If using gluster (app_servers > 1), override m_uploads_dir     TAGS: []
      set-vars : Set meza local public variables        TAGS: []
      set-vars : Get individual wikis dirs from localhost       TAGS: []
      set_fact  TAGS: []
      set-vars : Set meza environment-specific public variables for env={{ env }}       TAGS: []
      set-vars : Set meza local secret variables        TAGS: []
      set_fact  TAGS: []
      set_fact  TAGS: []
      Ensure autodeployer cron in place TAGS: []

  play #5 (all:!exclude-all:!load_balancers_nonmeza:!load_balancers_nonmeza_external:!load_balancers_nonmeza_internal): all:!exclude-all:!load_balancers_nonmeza:!load_balancers_nonmeza_external:!load_balancers_nonmeza_internal     TAGS: [base]
    tasks:
      set-vars : Get Meza install path  TAGS: [base]
      set_fact  TAGS: [base]
      set-vars : Set OS-family specific variables       TAGS: [base]
      set-vars : Set meza-core path variables   TAGS: [base]
      set-vars : Set meza-core default variables        TAGS: [base]
      set-vars : If using gluster (app_servers > 1), override m_uploads_dir     TAGS: [base]
      set-vars : Set meza local public variables        TAGS: [base]
      set-vars : Get individual wikis dirs from localhost       TAGS: [base]
      set_fact  TAGS: [base]
      set-vars : Set meza environment-specific public variables for env={{ env }}       TAGS: [base]
      set-vars : Set meza local secret variables        TAGS: [base]
      base : Ensure user's meza-ansible and alt-meza-ansible in group "wheel"   TAGS: [base]
      base : Ensure user alt-meza-ansible .ssh dir configured   TAGS: [base]
      base : Copy meza-ansible authorized_keys to alt-meza-ansible      TAGS: [base]
      base : Ensure user meza-ansible and alt-meza-ansible authorized_keys configured   TAGS: [base]
      base : Set authorized key for alt-meza-ansible    TAGS: [base]
      base : Ensure no password on alt-meza-ansible user        TAGS: [base]
      base : Ensure /etc/sudoers.d/meza-ansible in place        TAGS: [base]
      base : Ensure PackageKit is removed       TAGS: [base]
      base : ensure deltarpm is installed and latest    TAGS: [base, latest]
      base : Ensure apt cache updated (Debian only)     TAGS: [base]
      base : Ensure aptitude installed to use Ansible 'package' (Debian only)   TAGS: [base]
      base : Upgrade all packages       TAGS: [base, latest, upgrade-packages]
      base : Ensure EPEL installed via epel-release package (CentOS and Rocky Linux)    TAGS: [base, latest]
      base : Check if EPEL repo is already configured (RedHat only)     TAGS: [base, latest]
      base : Ensure EPEL installed via URL (RedHat only)        TAGS: [base, latest]
      base : Import EPEL GPG key (RedHat only)  TAGS: [base, latest]
      base : Ensure optional repos enabled (RedHat Only)        TAGS: [base, latest]
      base : ensure libselinux-python installed prior to SELinux (RedHat/CentOS only)   TAGS: [base, latest]
      base : Ensure python3-selinux installed for Rocky/RHEL8   TAGS: [base, latest]
      base : Ensure dnf versionlock is installed        TAGS: [base]
      base : Pin packages for Ansible and Python        TAGS: [base]
      Ensure base packages installed CentOS7/RHEL7/Debian       TAGS: [base, latest]
      Install Rocky/RHEL8 base packages TAGS: [base, latest]
      base : Ensure selinux-policy installed (RedHat/CentOS only)       TAGS: [base, latest]
      base : put SELinux in permissive mode (RedHat/CentOS only)        TAGS: [base]
      base : Ensure firewalld is running and enable it at boot (RedHat/CentOS only)     TAGS: [base]
      base : Ensure UFW is enabled and denying access by default (Debian only)  TAGS: [base]
      ufw       TAGS: [base]
      base : Ensure sshd is running and enabled TAGS: [base]
      base : Ensure SSH client and SSH Daemon configs in place  TAGS: [base]
      base : Ensure SSH client and SSH Daemon configs in place  TAGS: [base]
      base : Ensure NTP is running and enabled as configured.   TAGS: [base]
      base : Enable chrony for Rocky/RHEL8      TAGS: [base]
      base : Copy the ntp.conf template file    TAGS: [base]
      base : Ensure install directory configured        TAGS: [base]
      base : Ensure data directory configured   TAGS: [base]
      base : Ensure deploy directory in place   TAGS: [base]
      base : Ensure {{ m_tmp }} exists  TAGS: [base]
      base : Ensure {{ m_logs }} exists TAGS: [base]
      base : Ensure {{ m_logs }} sub directories exist  TAGS: [base]
      base : Ensure crontab empty for meza-ansible when overwriting wikis       TAGS: [base]
      base : Ensure CA package installed        TAGS: [base]
      base : Copy any custom PEM-format CA certs into place     TAGS: [base]
      base : Copy any custom OpenSSL extended-format CA certs into place        TAGS: [base]
      base : Update CA trust if certs changed   TAGS: [base]
      base : Ensure meza-ansible has .gitconfig TAGS: [base]
      base : Check if obsolete Node.JS version of Parsoid exists on this server TAGS: [base]
      base : Do Parsoid cleanup if {{ m_parsoid_service_path }} exists  TAGS: [base]
      base-config-scripts : Ensure config variables available in PHP and shell files    TAGS: [base]

  play #6 (load_balancers,load_balancers_meza_internal,load_balancers_meza_external): load_balancers,load_balancers_meza_internal,load_balancers_meza_external  TAGS: [haproxy,load_balancers,load-balancer]
    tasks:
      set-vars : Get Meza install path  TAGS: [haproxy, load-balancer, load_balancers]
      set_fact  TAGS: [haproxy, load-balancer, load_balancers]
      set-vars : Set OS-family specific variables       TAGS: [haproxy, load-balancer, load_balancers]
      set-vars : Set meza-core path variables   TAGS: [haproxy, load-balancer, load_balancers]
      set-vars : Set meza-core default variables        TAGS: [haproxy, load-balancer, load_balancers]
      set-vars : If using gluster (app_servers > 1), override m_uploads_dir     TAGS: [haproxy, load-balancer, load_balancers]
      set-vars : Set meza local public variables        TAGS: [haproxy, load-balancer, load_balancers]
      set-vars : Get individual wikis dirs from localhost       TAGS: [haproxy, load-balancer, load_balancers]
      set_fact  TAGS: [haproxy, load-balancer, load_balancers]
      set-vars : Set meza environment-specific public variables for env={{ env }}       TAGS: [haproxy, load-balancer, load_balancers]
      set-vars : Set meza local secret variables        TAGS: [haproxy, load-balancer, load_balancers]
      set_fact  TAGS: [haproxy, load-balancer, load_balancers]
      set_fact  TAGS: [haproxy, load-balancer, load_balancers]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)  TAGS: [haproxy, load-balancer, load_balancers]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)     TAGS: [haproxy, load-balancer, load_balancers]
      Ensure UFW port {{ firewall_port }} open for list of servers (Debian only)        TAGS: [haproxy, load-balancer, load_balancers]
      Ensure UFW port {{ firewall_port }} open from all sources (Debian only)   TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Set fact if this load balancer will handle external connections (80/443)        TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Set fact if this load balancer will NOT handle external connections     TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Set fact if this load balancer will handle internal connections TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Set fact if this load balancer will NOT handle internal connections     TAGS: [haproxy, load-balancer, load_balancers]
      Install haproxy packages  TAGS: [haproxy, load-balancer, load_balancers]
      Ensure haproxy certs directory exists     TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Check if secret config on CONTROLLER has SSL keys       TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Ensure config SSL directory exists      TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : If not exists, create self-signed SSL cert on CONTROLLER        TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Ensure SSL cert and key are encrypted   TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Read SSL key into variable      TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Read SSL cert into variable     TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Ensure SSL cert on load balancers       TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Ensure SSL key on load balancers        TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Ensure cert and key assembled into into pem file        TAGS: [haproxy, load-balancer, load_balancers]
      Ensure haproxy certs have secure permissions      TAGS: [haproxy, load-balancer, load_balancers]
      write the haproxy config file     TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Ensure error files directory in place   TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Ensure error pages in place     TAGS: [haproxy, load-balancer, load_balancers]
      Ensure firewalld haproxy service files in place   TAGS: [haproxy, load-balancer, load_balancers]
      Ensure SELinux context for firewalld haproxy service files        TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Create list of ports to open to the world       TAGS: [haproxy, load-balancer, load_balancers]
      Ensure port {{ fully_open_ports | join(', ') }} open to the world for haproxy     TAGS: [haproxy, load-balancer, load_balancers]
      Ensure firewall port 1936 OPEN when haproxy stats ENABLED TAGS: [haproxy, load-balancer, load_balancers]
      Ensure firewall port 1936 CLOSED when haproxy stats DISABLED      TAGS: [haproxy, load-balancer, load_balancers]
      Ensure firewall port 8088 OPEN when PHP profiling ENABLED TAGS: [haproxy, load-balancer, load_balancers]
      Ensure firewall port 8088 CLOSED when PHP profiling DISABLED      TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Uncomment '$ModLoad imudp' in /etc/rsyslog.conf TAGS: [haproxy, load-balancer, load_balancers]
      haproxy : Uncomment '$UDPServerRun 514' in /etc/rsyslog.conf      TAGS: [haproxy, load-balancer, load_balancers]
      Ensure /etc/rsyslog.d/haproxy.conf configured     TAGS: [haproxy, load-balancer, load_balancers]
      ensure haproxy is running (and enable it at boot) TAGS: [haproxy, load-balancer, load_balancers]

  play #7 (app_servers): app_servers    TAGS: [apache-php]
    tasks:
      set-vars : Get Meza install path  TAGS: [apache-php]
      set_fact  TAGS: [apache-php]
      set-vars : Set OS-family specific variables       TAGS: [apache-php]
      set-vars : Set meza-core path variables   TAGS: [apache-php]
      set-vars : Set meza-core default variables        TAGS: [apache-php]
      set-vars : If using gluster (app_servers > 1), override m_uploads_dir     TAGS: [apache-php]
      set-vars : Set meza local public variables        TAGS: [apache-php]
      set-vars : Get individual wikis dirs from localhost       TAGS: [apache-php]
      set_fact  TAGS: [apache-php]
      set-vars : Set meza environment-specific public variables for env={{ env }}       TAGS: [apache-php]
      set-vars : Set meza local secret variables        TAGS: [apache-php]
      set_fact  TAGS: [apache-php]
      set_fact  TAGS: [apache-php]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)  TAGS: [apache-php]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)     TAGS: [apache-php]
      Ensure UFW port {{ firewall_port }} open for list of servers (Debian only)        TAGS: [apache-php]
      Ensure UFW port {{ firewall_port }} open from all sources (Debian only)   TAGS: [apache-php]
      Install Cent/RHEL7 base-extras packages   TAGS: [apache-php]
      Install Rocky/RHEL8+ base-extras packages TAGS: [apache-php]
      imagemagick : Ensure old ImageMagick installed from Meza RPM is removed (RedHat/CentOS only)      TAGS: [apache-php]
      imagemagick : Ensure Imagemagick and ghostscript installed        TAGS: [apache-php, latest]
      imagemagick : Copy xpdf bin64 files to /usr/local/bin     TAGS: [apache-php]
      apache-php : Ensure Apache webserver installed    TAGS: [apache-php]
      apache-php : Make apache own htdocs directory     TAGS: [apache-php]
      apache-php : Ensure mw-temp directory configured  TAGS: [apache-php]
      apache-php : Ensure user meza-ansible and alt-meza-ansible in group "apache"      TAGS: [apache-php]
      apache-php : write the apache config file for Cent/RHEL7  TAGS: [apache-php]
      apache-php : Write apache config for Rocky/RHEL8 using php-fpm    TAGS: [apache-php]
      apache-php : Ensure Apache environment variables set properly     TAGS: [apache-php]
      apache-php : Install Cent/RHEL7 php dependency packages   TAGS: [apache-php]
      apache-php : Install Rocky/RHEL8 php dependency packages  TAGS: [apache-php]
      apache-php : Install PHP (RedHat/CentOS only)     TAGS: [apache-php]
      apache-php : Install PHP (RedHat/Rocky 8+ only)   TAGS: [apache-php]
      apache-php : Install PHP (Debian only)    TAGS: [apache-php]
      apache-php : Install MS SQL driver for PHP (FIXME RedHat only for now)    TAGS: [apache-php]
      apache-php : Write php.ini file   TAGS: [apache-php]
      apache-php : Write php.d ini files        TAGS: [apache-php]
      apache-php : Write freetds.conf file      TAGS: [apache-php]
      apache-php : Ensure Apache modules installed (RedHat/CentOS only) TAGS: [apache-php]
      apache-php : Ensure Apache modules installed (Debian only)        TAGS: [apache-php]
      apache-php : Ensure Apache modules enabled (Debian only)  TAGS: [apache-php]
      Ensure Composer configured        TAGS: [apache-php]
      apache-php : Check if MongoDB service exists      TAGS: [apache-php]
      apache-php : Stop MongoDB service if profiling is disabled        TAGS: [apache-php]
      apache-php : Setup php-rpm for Rocky/RHEL8        TAGS: [apache-php]
      apache-php : Proper php.conf for Rocky/RHEL8 httpd        TAGS: [apache-php]
      apache-php : Enable and start php-from for Rocky/RHEL8+   TAGS: [apache-php]
      apache-php : ensure apache is running (and enable it at boot)     TAGS: [apache-php]
      netdata : Check if Netdata is present     TAGS: [apache-php]
      ansible.builtin.debug     TAGS: [apache-php]
      ansible.builtin.debug     TAGS: [apache-php]
      netdata : Install Intel/AMD 64bit static build of Netdata TAGS: [apache-php]
      set_fact  TAGS: [apache-php]
      set_fact  TAGS: [apache-php]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)  TAGS: [apache-php]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)     TAGS: [apache-php]
      Ensure UFW port {{ firewall_port }} open for list of servers (Debian only)        TAGS: [apache-php]
      Ensure UFW port {{ firewall_port }} open from all sources (Debian only)   TAGS: [apache-php]

  play #8 (app_servers): app_servers    TAGS: [gluster]
    tasks:
      set-vars : Get Meza install path  TAGS: [gluster]
      set_fact  TAGS: [gluster]
      set-vars : Set OS-family specific variables       TAGS: [gluster]
      set-vars : Set meza-core path variables   TAGS: [gluster]
      set-vars : Set meza-core default variables        TAGS: [gluster]
      set-vars : If using gluster (app_servers > 1), override m_uploads_dir     TAGS: [gluster]
      set-vars : Set meza local public variables        TAGS: [gluster]
      set-vars : Get individual wikis dirs from localhost       TAGS: [gluster]
      set_fact  TAGS: [gluster]
      set-vars : Set meza environment-specific public variables for env={{ env }}       TAGS: [gluster]
      set-vars : Set meza local secret variables        TAGS: [gluster]
      set_fact  TAGS: [gluster]
      set_fact  TAGS: [gluster]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)  TAGS: [gluster]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)     TAGS: [gluster]
      Ensure UFW port {{ firewall_port }} open for list of servers (Debian only)        TAGS: [gluster]
      Ensure UFW port {{ firewall_port }} open from all sources (Debian only)   TAGS: [gluster]
      set_fact  TAGS: [gluster]
      set_fact  TAGS: [gluster]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)  TAGS: [gluster]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)     TAGS: [gluster]
      Ensure UFW port {{ firewall_port }} open for list of servers (Debian only)        TAGS: [gluster]
      Ensure UFW port {{ firewall_port }} open from all sources (Debian only)   TAGS: [gluster]
      set_fact  TAGS: [gluster]
      set_fact  TAGS: [gluster]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)  TAGS: [gluster]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)     TAGS: [gluster]
      Ensure UFW port {{ firewall_port }} open for list of servers (Debian only)        TAGS: [gluster]
      Ensure UFW port {{ firewall_port }} open from all sources (Debian only)   TAGS: [gluster]
      set_fact  TAGS: [gluster]
      set_fact  TAGS: [gluster]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)  TAGS: [gluster]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)     TAGS: [gluster]
      Ensure UFW port {{ firewall_port }} open for list of servers (Debian only)        TAGS: [gluster]
      Ensure UFW port {{ firewall_port }} open from all sources (Debian only)   TAGS: [gluster]
      set_fact  TAGS: [gluster]
      set_fact  TAGS: [gluster]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)  TAGS: [gluster]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)     TAGS: [gluster]
      Ensure UFW port {{ firewall_port }} open for list of servers (Debian only)        TAGS: [gluster]
      Ensure UFW port {{ firewall_port }} open from all sources (Debian only)   TAGS: [gluster]
      set_fact  TAGS: [gluster]
      set_fact  TAGS: [gluster]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)  TAGS: [gluster]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)     TAGS: [gluster]
      Ensure UFW port {{ firewall_port }} open for list of servers (Debian only)        TAGS: [gluster]
      Ensure UFW port {{ firewall_port }} open from all sources (Debian only)   TAGS: [gluster]
      set_fact  TAGS: [gluster]
      set_fact  TAGS: [gluster]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)  TAGS: [gluster]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)     TAGS: [gluster]
      Ensure UFW port {{ firewall_port }} open for list of servers (Debian only)        TAGS: [gluster]
      Ensure UFW port {{ firewall_port }} open from all sources (Debian only)   TAGS: [gluster]
      set_fact  TAGS: [gluster]
      set_fact  TAGS: [gluster]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)  TAGS: [gluster]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)     TAGS: [gluster]
      Ensure UFW port {{ firewall_port }} open for list of servers (Debian only)        TAGS: [gluster]
      Ensure UFW port {{ firewall_port }} open from all sources (Debian only)   TAGS: [gluster]
      gluster : Include OS-specific variables.  TAGS: [gluster]
      Ensure gluster repo in place for RHEL7    TAGS: [gluster]
      Ensure CentOS gluster prerequisites in place      TAGS: [gluster]
      Install gluster Packages  TAGS: [gluster]
      gluster : Add PPA for GlusterFS.  TAGS: [gluster]
      gluster : Ensure GlusterFS will reinstall if the PPA was just added.      TAGS: [gluster]
      gluster : Ensure GlusterFS is installed.  TAGS: [gluster]
      gluster : Ensure GlusterFS is started and enabled at boot.        TAGS: [gluster]
      gluster : Ensure Gluster brick and mount directories exist.       TAGS: [gluster]
      gluster : Configure Gluster volume.       TAGS: [gluster]
      gluster : Ensure Gluster volume is mounted.       TAGS: [gluster]

  play #9 (memcached_servers): memcached_servers        TAGS: [memcached]
    tasks:
      set-vars : Get Meza install path  TAGS: [memcached]
      set_fact  TAGS: [memcached]
      set-vars : Set OS-family specific variables       TAGS: [memcached]
      set-vars : Set meza-core path variables   TAGS: [memcached]
      set-vars : Set meza-core default variables        TAGS: [memcached]
      set-vars : If using gluster (app_servers > 1), override m_uploads_dir     TAGS: [memcached]
      set-vars : Set meza local public variables        TAGS: [memcached]
      set-vars : Get individual wikis dirs from localhost       TAGS: [memcached]
      set_fact  TAGS: [memcached]
      set-vars : Set meza environment-specific public variables for env={{ env }}       TAGS: [memcached]
      set-vars : Set meza local secret variables        TAGS: [memcached]
      set_fact  TAGS: [memcached]
      set_fact  TAGS: [memcached]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)  TAGS: [memcached]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)     TAGS: [memcached]
      Ensure UFW port {{ firewall_port }} open for list of servers (Debian only)        TAGS: [memcached]
      Ensure UFW port {{ firewall_port }} open from all sources (Debian only)   TAGS: [memcached]
      Ensure memcached and netcat packages latest       TAGS: [latest, memcached]
      Write the memcached config file   TAGS: [memcached]
      Ensure memcached is running (and enable it at boot)       TAGS: [memcached]

  play #10 (db_master): db_master       TAGS: [database]
    tasks:
      set-vars : Get Meza install path  TAGS: [database]
      set_fact  TAGS: [database]
      set-vars : Set OS-family specific variables       TAGS: [database]
      set-vars : Set meza-core path variables   TAGS: [database]
      set-vars : Set meza-core default variables        TAGS: [database]
      set-vars : If using gluster (app_servers > 1), override m_uploads_dir     TAGS: [database]
      set-vars : Set meza local public variables        TAGS: [database]
      set-vars : Get individual wikis dirs from localhost       TAGS: [database]
      set_fact  TAGS: [database]
      set-vars : Set meza environment-specific public variables for env={{ env }}       TAGS: [database]
      set-vars : Set meza local secret variables        TAGS: [database]
      Ensure firewalld service {{ firewall_service }} allowed for list of servers (RedHat/CentOS only)  TAGS: [database]
      Ensure UFW service {{ firewall_service }} (port {{ ufw_service_ports['{{ firewall_service }}'] }}) allowed for list of servers (Debian only)      TAGS: [database]
      Ensure firewalld service {{ firewall_service }} allowed for list of servers (RedHat/CentOS only)  TAGS: [database]
      Ensure UFW service {{ firewall_service }} (port {{ ufw_service_ports['{{ firewall_service }}'] }}) allowed for list of servers (Debian only)      TAGS: [database]
      database : Include OS-specific variables. TAGS: [database]
      database : Include OS-specific variables (RedHat).        TAGS: [database]
      database : Define mysql_packages. TAGS: [database]
      database : Define mysql_daemon.   TAGS: [database]
      database : Define mysql_slow_query_log_file.      TAGS: [database]
      database : Define mysql_log_error.        TAGS: [database]
      database : Define mysql_syslog_tag.       TAGS: [database]
      database : Define mysql_pid_file. TAGS: [database]
      database : Define mysql_config_file.      TAGS: [database]
      database : Define mysql_config_include_dir.       TAGS: [database]
      database : Define mysql_socket.   TAGS: [database]
      database : Define mysql_supports_innodb_large_prefix.     TAGS: [database]
      include_tasks     TAGS: [database]
      include_tasks     TAGS: [database]
      database : Check if MySQL packages were installed.        TAGS: [database]
      database : Copy my.cnf global MySQL configuration.        TAGS: [database]
      database : Verify mysql include directory exists. TAGS: [database]
      database : Copy my.cnf override files into include directory.     TAGS: [database]
      database : Create slow query log file (if configured).    TAGS: [database]
      database : Create datadir if it does not exist    TAGS: [database]
      database : Set ownership on slow query log file (if configured).  TAGS: [database]
      database : Create error log file (if configured). TAGS: [database]
      database : Set ownership on error log file (if configured).       TAGS: [database]
      database : Rotate MariaDB log     TAGS: [database]
      database : Create datadir if it does not exist    TAGS: [database]
      database : Ensure MySQL is started and enabled on boot.   TAGS: [database]
      database : Get MySQL version.     TAGS: [database]
      database : Ensure default user is present.        TAGS: [database]
      database : Copy user-my.cnf file with password credentials.       TAGS: [database]
      database : Disallow root login remotely   TAGS: [database]
      database : Get list of hosts for the root user.   TAGS: [database]
      database : Update MySQL root password for localhost root account (5.7.x). TAGS: [database]
      database : Update MySQL root password for localhost root account (< 5.7.x).       TAGS: [database]
      database : Copy .my.cnf file with root password credentials       TAGS: [database]
      database : Copy .my.cnf file with root password credentials       TAGS: [database]
      database : Get list of hosts for the anonymous user.      TAGS: [database]
      database : Remove anonymous MySQL users.  TAGS: [database]
      Remove MySQL test database.       TAGS: [database]
      Ensure MySQL databases are present.       TAGS: [database]
      database : Ensure meza application MySQL users are present        TAGS: [database]
      database : If this DB-server is an app server, include localhost as a valid host for application user     TAGS: [database]
      database : Ensure additional MySQL users are present.     TAGS: [database]
      database : Check if valid slave   TAGS: [database]
      set_fact  TAGS: [database]
      database : Check if valid master  TAGS: [database]
      set_fact  TAGS: [database]
      database : Ensure replication user exists on master.      TAGS: [database]
      database : Check slave replication status.        TAGS: [database]
      ansible.builtin.debug     TAGS: [database]
      database : Check if slave needs configuration     TAGS: [database]
      ansible.builtin.debug     TAGS: [database]
      database : Check master replication status.       TAGS: [database]
      ansible.builtin.debug     TAGS: [database]
      database : fetch list of wikis on master  TAGS: [database]
      database : export dump file on master     TAGS: [database]
      database : fetch dump file        TAGS: [database]
      database : put dump file  TAGS: [database]
      database : Import dump on slave(s)        TAGS: [database]
      mysql_replication TAGS: [database]
      database : Configure replication on the slave.    TAGS: [database]
      database : Start replication.     TAGS: [database]

  play #11 (db_slaves): db_slaves       TAGS: [database]
    tasks:
      set-vars : Get Meza install path  TAGS: [database]
      set_fact  TAGS: [database]
      set-vars : Set OS-family specific variables       TAGS: [database]
      set-vars : Set meza-core path variables   TAGS: [database]
      set-vars : Set meza-core default variables        TAGS: [database]
      set-vars : If using gluster (app_servers > 1), override m_uploads_dir     TAGS: [database]
      set-vars : Set meza local public variables        TAGS: [database]
      set-vars : Get individual wikis dirs from localhost       TAGS: [database]
      set_fact  TAGS: [database]
      set-vars : Set meza environment-specific public variables for env={{ env }}       TAGS: [database]
      set-vars : Set meza local secret variables        TAGS: [database]
      Ensure firewalld service {{ firewall_service }} allowed for list of servers (RedHat/CentOS only)  TAGS: [database]
      Ensure UFW service {{ firewall_service }} (port {{ ufw_service_ports['{{ firewall_service }}'] }}) allowed for list of servers (Debian only)      TAGS: [database]
      database : Include OS-specific variables. TAGS: [database]
      database : Include OS-specific variables (RedHat).        TAGS: [database]
      database : Define mysql_packages. TAGS: [database]
      database : Define mysql_daemon.   TAGS: [database]
      database : Define mysql_slow_query_log_file.      TAGS: [database]
      database : Define mysql_log_error.        TAGS: [database]
      database : Define mysql_syslog_tag.       TAGS: [database]
      database : Define mysql_pid_file. TAGS: [database]
      database : Define mysql_config_file.      TAGS: [database]
      database : Define mysql_config_include_dir.       TAGS: [database]
      database : Define mysql_socket.   TAGS: [database]
      database : Define mysql_supports_innodb_large_prefix.     TAGS: [database]
      include_tasks     TAGS: [database]
      include_tasks     TAGS: [database]
      database : Check if MySQL packages were installed.        TAGS: [database]
      database : Copy my.cnf global MySQL configuration.        TAGS: [database]
      database : Verify mysql include directory exists. TAGS: [database]
      database : Copy my.cnf override files into include directory.     TAGS: [database]
      database : Create slow query log file (if configured).    TAGS: [database]
      database : Create datadir if it does not exist    TAGS: [database]
      database : Set ownership on slow query log file (if configured).  TAGS: [database]
      database : Create error log file (if configured). TAGS: [database]
      database : Set ownership on error log file (if configured).       TAGS: [database]
      database : Rotate MariaDB log     TAGS: [database]
      database : Create datadir if it does not exist    TAGS: [database]
      database : Ensure MySQL is started and enabled on boot.   TAGS: [database]
      database : Get MySQL version.     TAGS: [database]
      database : Ensure default user is present.        TAGS: [database]
      database : Copy user-my.cnf file with password credentials.       TAGS: [database]
      database : Disallow root login remotely   TAGS: [database]
      database : Get list of hosts for the root user.   TAGS: [database]
      database : Update MySQL root password for localhost root account (5.7.x). TAGS: [database]
      database : Update MySQL root password for localhost root account (< 5.7.x).       TAGS: [database]
      database : Copy .my.cnf file with root password credentials       TAGS: [database]
      database : Copy .my.cnf file with root password credentials       TAGS: [database]
      database : Get list of hosts for the anonymous user.      TAGS: [database]
      database : Remove anonymous MySQL users.  TAGS: [database]
      Remove MySQL test database.       TAGS: [database]
      Ensure MySQL databases are present.       TAGS: [database]
      database : Ensure meza application MySQL users are present        TAGS: [database]
      database : If this DB-server is an app server, include localhost as a valid host for application user     TAGS: [database]
      database : Ensure additional MySQL users are present.     TAGS: [database]
      database : Check if valid slave   TAGS: [database]
      set_fact  TAGS: [database]
      database : Check if valid master  TAGS: [database]
      set_fact  TAGS: [database]
      database : Ensure replication user exists on master.      TAGS: [database]
      database : Check slave replication status.        TAGS: [database]
      ansible.builtin.debug     TAGS: [database]
      database : Check if slave needs configuration     TAGS: [database]
      ansible.builtin.debug     TAGS: [database]
      database : Check master replication status.       TAGS: [database]
      ansible.builtin.debug     TAGS: [database]
      database : fetch list of wikis on master  TAGS: [database]
      database : export dump file on master     TAGS: [database]
      database : fetch dump file        TAGS: [database]
      database : put dump file  TAGS: [database]
      database : Import dump on slave(s)        TAGS: [database]
      mysql_replication TAGS: [database]
      database : Configure replication on the slave.    TAGS: [database]
      database : Start replication.     TAGS: [database]

  play #12 (backup_servers): backup_servers     TAGS: [backup_servers]
    tasks:
      set-vars : Get Meza install path  TAGS: [backup_servers]
      set_fact  TAGS: [backup_servers]
      set-vars : Set OS-family specific variables       TAGS: [backup_servers]
      set-vars : Set meza-core path variables   TAGS: [backup_servers]
      set-vars : Set meza-core default variables        TAGS: [backup_servers]
      set-vars : If using gluster (app_servers > 1), override m_uploads_dir     TAGS: [backup_servers]
      set-vars : Set meza local public variables        TAGS: [backup_servers]
      set-vars : Get individual wikis dirs from localhost       TAGS: [backup_servers]
      set_fact  TAGS: [backup_servers]
      set-vars : Set meza environment-specific public variables for env={{ env }}       TAGS: [backup_servers]
      set-vars : Set meza local secret variables        TAGS: [backup_servers]
      backup-config : Ensure MariaDB client installed on backup servers TAGS: [backup_servers, latest]
      backup-config : Ensure meza-backups group exists  TAGS: [backup_servers]
      backup-config : Ensure backups directory exists   TAGS: [backup_servers]
      backup-config : Ensure backups directory exists for environment   TAGS: [backup_servers]
      backup-config : Get individual wikis from controller config       TAGS: [backup_servers]
      backup-config : Ensure backups directory exists for each wiki     TAGS: [backup_servers]
      backup-config : Ensure backups uploads directory exists for each wiki     TAGS: [backup_servers]

  play #13 (elastic_servers): elastic_servers   TAGS: [elasticsearch]
    tasks:
      set-vars : Get Meza install path  TAGS: [elasticsearch]
      set_fact  TAGS: [elasticsearch]
      set-vars : Set OS-family specific variables       TAGS: [elasticsearch]
      set-vars : Set meza-core path variables   TAGS: [elasticsearch]
      set-vars : Set meza-core default variables        TAGS: [elasticsearch]
      set-vars : If using gluster (app_servers > 1), override m_uploads_dir     TAGS: [elasticsearch]
      set-vars : Set meza local public variables        TAGS: [elasticsearch]
      set-vars : Get individual wikis dirs from localhost       TAGS: [elasticsearch]
      set_fact  TAGS: [elasticsearch]
      set-vars : Set meza environment-specific public variables for env={{ env }}       TAGS: [elasticsearch]
      set-vars : Set meza local secret variables        TAGS: [elasticsearch]
      set_fact  TAGS: [elasticsearch]
      set_fact  TAGS: [elasticsearch]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)  TAGS: [elasticsearch]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)     TAGS: [elasticsearch]
      Ensure UFW port {{ firewall_port }} open for list of servers (Debian only)        TAGS: [elasticsearch]
      Ensure UFW port {{ firewall_port }} open from all sources (Debian only)   TAGS: [elasticsearch]
      set_fact  TAGS: [elasticsearch]
      set_fact  TAGS: [elasticsearch]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)  TAGS: [elasticsearch]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)     TAGS: [elasticsearch]
      Ensure UFW port {{ firewall_port }} open for list of servers (Debian only)        TAGS: [elasticsearch]
      Ensure UFW port {{ firewall_port }} open from all sources (Debian only)   TAGS: [elasticsearch]
      set_fact  TAGS: [elasticsearch]
      set_fact  TAGS: [elasticsearch]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)  TAGS: [elasticsearch]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)     TAGS: [elasticsearch]
      Ensure UFW port {{ firewall_port }} open for list of servers (Debian only)        TAGS: [elasticsearch]
      Ensure UFW port {{ firewall_port }} open from all sources (Debian only)   TAGS: [elasticsearch]
      set_fact  TAGS: [elasticsearch]
      set_fact  TAGS: [elasticsearch]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)  TAGS: [elasticsearch]
      Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)     TAGS: [elasticsearch]
      Ensure UFW port {{ firewall_port }} open for list of servers (Debian only)        TAGS: [elasticsearch]
      Ensure UFW port {{ firewall_port }} open from all sources (Debian only)   TAGS: [elasticsearch]
      elasticsearch : Ensure Java 1.7.0 OpenJDK is absent       TAGS: [elasticsearch]
      elasticsearch : Ensure Java 1.8.0 OpenJDK is installed    TAGS: [elasticsearch]
      elasticsearch : Set JAVA_HOME if configured.      TAGS: [elasticsearch]
      elasticsearch : Add Elasticsearch GPG key.        TAGS: [elasticsearch]
      elasticsearch : Add Elasticsearch repository.     TAGS: [elasticsearch]
      Ensure elasticsearch installed    TAGS: [elasticsearch]
      elasticsearch : Check whether /etc/hosts contains "127.0.0.1"     TAGS: [elasticsearch]
      elasticsearch : Add localhost to /etc/hosts if needed     TAGS: [elasticsearch]
      Ensure dirs from elasticsearch.yml exist and set ownership        TAGS: [elasticsearch]
      Copy extracted java cacerts to /etc/elasticsearch TAGS: [elasticsearch]
      elasticsearch : Configure and Restart Elasticsearch       TAGS: [elasticsearch]
      elasticsearch : Start Elasticsearch.      TAGS: [elasticsearch]
      elasticsearch : Make sure Elasticsearch is running before proceeding.     TAGS: [elasticsearch]
      elasticsearch : Check current Elasticsearch version       TAGS: [elasticsearch]
      elasticsearch : Display current Elasticsearch full version number TAGS: [elasticsearch]
      elasticsearch : Display desired Elasticsearch version     TAGS: [elasticsearch]
      elasticsearch : Set the Elasticsearch major version found TAGS: [elasticsearch]
      elasticsearch : Docker image building only: set found version to desired version  TAGS: [elasticsearch]
      elasticsearch : Set the Elasticsearch major version desired       TAGS: [elasticsearch]
      Set do_elasticsearch_upgrade to FALSE     TAGS: [elasticsearch]
      Set do_elasticsearch_upgrade to TRUE      TAGS: [elasticsearch]
      Ensure elasticsearch plugins removed      TAGS: [elasticsearch]
      elasticsearch : Disable shard allocation for the cluster  TAGS: [elasticsearch]
      elasticsearch : Perform synced flush      TAGS: [elasticsearch]
      Shutdown elasticsearch node       TAGS: [elasticsearch]
      elasticsearch : Ensure Elasticsearch is latest version    TAGS: [elasticsearch]
      Start elasticsearch       TAGS: [elasticsearch]
      Wait for elasticsearch node to come back up       TAGS: [elasticsearch]
      elasticsearch : Wait for cluster health to return to yellow or green      TAGS: [elasticsearch]
      elasticsearch : Enable shard allocation for the cluster   TAGS: [elasticsearch]
      elasticsearch : Check current Elasticsearch version       TAGS: [elasticsearch]
      elasticsearch : Re-display current Elasticsearch full version number after upgrade        TAGS: [elasticsearch]

  play #14 (app_servers): app_servers   TAGS: [mediawiki]
    tasks:
      set-vars : Get Meza install path  TAGS: [mediawiki]
      set_fact  TAGS: [mediawiki]
      set-vars : Set OS-family specific variables       TAGS: [mediawiki]
      set-vars : Set meza-core path variables   TAGS: [mediawiki]
      set-vars : Set meza-core default variables        TAGS: [mediawiki]
      set-vars : If using gluster (app_servers > 1), override m_uploads_dir     TAGS: [mediawiki]
      set-vars : Set meza local public variables        TAGS: [mediawiki]
      set-vars : Get individual wikis dirs from localhost       TAGS: [mediawiki]
      set_fact  TAGS: [mediawiki]
      set-vars : Set meza environment-specific public variables for env={{ env }}       TAGS: [mediawiki]
      set-vars : Set meza local secret variables        TAGS: [mediawiki]
      htdocs : Ensure ServerPerformance configured      TAGS: [mediawiki]
      htdocs : Ensure BackupDownload configured TAGS: [mediawiki]
      htdocs : Ensure BackupDownload NOT configured     TAGS: [mediawiki]
      htdocs : Ensure files configured  TAGS: [mediawiki]
      install lua packages      TAGS: [mediawiki]
      check out luasandbox from git     TAGS: [mediawiki]
      compile and install luasandbox    TAGS: [mediawiki]
      copy luasandbox initialization file       TAGS: [mediawiki]
      Sync configuration between controller and app servers     TAGS: [mediawiki]
      mediawiki : Ensure user meza-ansible .ssh dir configured  TAGS: [mediawiki]
      mediawiki : Copy meza-ansible keys to app servers TAGS: [mediawiki]
      mediawiki : Copy meza-ansible known_hosts to app_servers  TAGS: [mediawiki]
      mediawiki : Ensure MediaWiki core ignores submodules      TAGS: [mediawiki, mediawiki-core]
      mediawiki : Ensure MediaWiki core owned by meza-ansible   TAGS: [mediawiki, mediawiki-core]
      mediawiki : Ensure proper MediaWiki git version installed TAGS: [latest, mediawiki, mediawiki-core]
      mediawiki : Ensure MediaWiki core ignores submodules      TAGS: [mediawiki, mediawiki-core]
      mediawiki : Create symlink to core, to enable short urls  TAGS: [latest, mediawiki]
      mediawiki : Set variable holding list of core skins       TAGS: [mediawiki, skins]
      mediawiki : Set variable holding list of local skins      TAGS: [mediawiki, skins]
      mediawiki : Set variable holding list of core extensions  TAGS: [always, mediawiki]
      mediawiki : Ensure core meza extensions installed (non-Composer)  TAGS: [extensions, git-core-extensions, git-extensions, latest, mediawiki]
      mediawiki : Set variable holding list of local extensions TAGS: [always, mediawiki]
      mediawiki : Ensure core meza skins installed (non-Composer)       TAGS: [core-skins, extensions, mediawiki, skins]
      mediawiki : Ensure local meza extensions installed (non-Composer) TAGS: [extensions, git-extensions, git-local-extensions, latest, mediawiki]
      mediawiki : Ensure local meza skins installed (non-Composer)      TAGS: [local-skins, mediawiki, skins]
      mediawiki : Ensure Extensions.php in place        TAGS: [mediawiki]
      mediawiki : Ensure composer.local.json in place to load composer-based extensions TAGS: [mediawiki]
      mediawiki : Run composer update on MediaWiki for dependencies     TAGS: [composer-extensions, latest, mediawiki, skins]
      mediawiki : Remove SMW IdeAliases TAGS: [mediawiki]
      mediawiki : Run composer update on MediaWiki for extensions       TAGS: [composer-extensions, extensions, latest, mediawiki, skins]
      mediawiki : Ensure Git submodule requirements met for core meza extensions        TAGS: [extensions, git-submodules, latest, mediawiki]
      mediawiki : Ensure Git submodule requirements met for local meza extensions       TAGS: [extensions, git-submodules, latest, mediawiki]
      mediawiki : Ensure Git submodule requirements met for core meza skins     TAGS: [extensions, git-submodules, latest, mediawiki, skins]
      mediawiki : Ensure Git submodule requirements met for local meza skins    TAGS: [extensions, git-submodules, latest, local-skins, mediawiki, skins]
      mediawiki : Ensure LocalSettings.php in place     TAGS: [mediawiki]
      mediawiki : Ensure MediaWiki still properly owned TAGS: [file-perms, mediawiki, mediawiki-core]
      mediawiki : Check if the compiled_templates directory exists      TAGS: [mediawiki]
      mediawiki : Ensure compiled templates folder for widget extension is ownwed by apache     TAGS: [mediawiki]
      mediawiki : Ensure WikiBlender installed  TAGS: [mediawiki]
      mediawiki : Ensure BlenderSettings.php in place   TAGS: [mediawiki]
      mediawiki : Ensure WikiBlender properly owned     TAGS: [mediawiki]
      Include SAML role if SAML configured      TAGS: [mediawiki]
      mediawiki : Ensure localization cache root directory exists (each wiki with sub-directory)        TAGS: [mediawiki]
      mediawiki : Ensure root uploads dir configured    TAGS: [mediawiki]
      mediawiki : Check if any wikis exist      TAGS: [mediawiki]
      Add Demo Wiki to config if no wikis exist TAGS: [mediawiki]
      Re-sync configuration between controller and app servers if Demo just configured  TAGS: [mediawiki]
      mediawiki : Get individual wikis dirs from localhost      TAGS: [mediawiki]
      mediawiki : Set fact - list of wikis      TAGS: [mediawiki]
      mediawiki : Set fact - list of wikis ordered with primary wiki first (if primary_wiki_id set)     TAGS: [mediawiki]
      mediawiki : Check list of wikis   TAGS: [mediawiki]
      mediawiki : Set fact - initiate empty list of wikis to rebuild smw and search data        TAGS: [mediawiki]
      mediawiki : List_of_wikis -> loop TAGS: [mediawiki]
      Ensure defined wikis exist        TAGS: [mediawiki, verify-wiki]
      ansible.builtin.debug     TAGS: [mediawiki]
      mediawiki : Ensure data rebuilding scripts in place on app servers        TAGS: [mediawiki]
      mediawiki : Ensure data rebuilding logs directories exist TAGS: [mediawiki]
      mediawiki : Verify metastore index upgraded       TAGS: [mediawiki]
      mediawiki : (Re-)build search index for: {{ wikis_to_rebuild_data | join(', ') }} TAGS: [mediawiki, search-index]
      include_role      TAGS: [mediawiki, update.php]
      mediawiki : Reload (not restart) httpd to pick up changes to opcached php files   TAGS: [httpd-reload, mediawiki]
      mediawiki : Restart php-fpm to pick up changes to opcached php files      TAGS: [httpd-reload, mediawiki]
      mediawiki : Ensure Python3 present on RedHat7 variant     TAGS: [latest, mediawiki]
      mediawiki : Ensure Python3 present on Rocky/RHEL8 TAGS: [latest, mediawiki]

  play #15 (logging_servers): logging_servers   TAGS: [logging]
    tasks:
      set-vars : Get Meza install path  TAGS: [logging]
      set_fact  TAGS: [logging]
      set-vars : Set OS-family specific variables       TAGS: [logging]
      set-vars : Set meza-core path variables   TAGS: [logging]
      set-vars : Set meza-core default variables        TAGS: [logging]
      set-vars : If using gluster (app_servers > 1), override m_uploads_dir     TAGS: [logging]
      set-vars : Set meza local public variables        TAGS: [logging]
      set-vars : Get individual wikis dirs from localhost       TAGS: [logging]
      set_fact  TAGS: [logging]
      set-vars : Set meza environment-specific public variables for env={{ env }}       TAGS: [logging]
      set-vars : Set meza local secret variables        TAGS: [logging]
      meza-log : Check if server log database exists    TAGS: [logging]
      meza-log : Set fact if server log database DOES exist     TAGS: [logging]
      meza-log : Set fact if server log database DOES NOT exist TAGS: [logging]
      meza-log : Copy meza_server_log.sql to remote database hosts      TAGS: [logging]
      meza-log : Import server log database structure   TAGS: [logging]
      meza-log : Check if disk_space table exists       TAGS: [logging]
      meza-log : Set fact if disk_space table DOES exist        TAGS: [logging]
      meza-log : Set fact if disk_space table DOES NOT exist    TAGS: [logging]
      meza-log : Copy table_disk_space.sql to remote database hosts     TAGS: [logging]
      meza-log : Create table disk_space if not exists  TAGS: [logging]
      meza-log : Ensure logging scripts in place        TAGS: [logging]

  play #16 (backup_servers): backup_servers     TAGS: [backup-cleanup]
    tasks:
      set-vars : Get Meza install path  TAGS: [backup-cleanup]
      set_fact  TAGS: [backup-cleanup]
      set-vars : Set OS-family specific variables       TAGS: [backup-cleanup]
      set-vars : Set meza-core path variables   TAGS: [backup-cleanup]
      set-vars : Set meza-core default variables        TAGS: [backup-cleanup]
      set-vars : If using gluster (app_servers > 1), override m_uploads_dir     TAGS: [backup-cleanup]
      set-vars : Set meza local public variables        TAGS: [backup-cleanup]
      set-vars : Get individual wikis dirs from localhost       TAGS: [backup-cleanup]
      set_fact  TAGS: [backup-cleanup]
      set-vars : Set meza environment-specific public variables for env={{ env }}       TAGS: [backup-cleanup]
      set-vars : Set meza local secret variables        TAGS: [backup-cleanup]
      backups-cleanup : Ensure backups cleanup script in place  TAGS: [backup-cleanup]
      backups-cleanup : Ensure backups cleanup cron in place    TAGS: [backup-cleanup]

  play #17 (all:!exclude-all:!load_balancers_nonmeza:!load_balancers_nonmeza_external:!load_balancers_nonmeza_internal): all:!exclude-all:!load_balancers_nonmeza:!load_balancers_nonmeza_external:!load_balancers_nonmeza_internal    TAGS: [always,cron]
    tasks:
      set-vars : Get Meza install path  TAGS: [always, cron]
      set_fact  TAGS: [always, cron]
      set-vars : Set OS-family specific variables       TAGS: [always, cron]
      set-vars : Set meza-core path variables   TAGS: [always, cron]
      set-vars : Set meza-core default variables        TAGS: [always, cron]
      set-vars : If using gluster (app_servers > 1), override m_uploads_dir     TAGS: [always, cron]
      set-vars : Set meza local public variables        TAGS: [always, cron]
      set-vars : Get individual wikis dirs from localhost       TAGS: [always, cron]
      set_fact  TAGS: [always, cron]
      set-vars : Set meza environment-specific public variables for env={{ env }}       TAGS: [always, cron]
      set-vars : Set meza local secret variables        TAGS: [always, cron]
      Ensure cron is running (and enable it at boot)    TAGS: [always, cron]
      Ensure crontab file up-to-date    TAGS: [always, cron]
      cron : Ensure runAllJobs.php in place     TAGS: [always, cron]
      lineinfile        TAGS: [always, cron]
      lineinfile        TAGS: [always, cron]
      Ensure crontab up-to-date from file       TAGS: [always, cron]
      umask-unset : Unset umask at end of deploy        TAGS: [always, cron]

As we saw earlier, at the very start of output, it shows you the underlying Ansible command:

sudo -u meza-ansible ansible-playbook /opt/meza/src/playbooks/site.yml -i /opt/conf-meza/secret/monolith/hosts --vault-password-file /opt/conf-meza/users/meza-ansible/.vault-pass-monolith.txt --extra-vars '{"env": "monolith"}' --list-tasks

Task Reference

edit

To make an HTML page for reference, you could do the following (using aha, the ANSI HTML Adapter)

sudo meza deploy production --list-tasks | sudo tee > >(aha --black --title "Production Deploy Tasks" > /tmp/deploy.tasks.html)

Using Tags and Skipping Tags

edit

To be written. In our next update, we'll show you how to use and skip tags. You can even combine listing and skipping.

sudo meza deploy monolith --list-tasks --skip-tags cron Will show you all the tasks that would be executed if you skipped the cron tasks.

After making configuration changes to a meza wiki server, it will be common to run deploy with options such as this example:

sudo meza deploy monolith --tags mediawiki,parsoid (one or both) and/or --skip-tags latest,update.php,verify-wiki,smw-data,search-index (one or more)

Tags we recommend typically specifying:

  • mediawiki specifies all mediawiki setup steps, including config changes
  • parsoid is rarely necessary to specify, but it comes after mediawiki so if you're repeatedly running things starting at mediawiki it can be handy to run to the end by also specifying parsoid

Tags that are often a good idea to skip:

  • latest gets the latest versions of software, including git-fetch of mediawiki core and extensions. This can take a long time (but may be necessary to include if you add an extension).
    • TO-DO: There are also ways to specify just git extensions or just composer extensions, or just meza core extensions versus local config extensions.
  • update.php updates the MediaWiki database. This is not required if you're not changing MediaWiki version or extensions that make database changes. This takes a long time on large/plentiful wikis.
  • verify-wiki basically makes sure a bunch of stuff is present for each wiki, but it does not do specific config for each wiki. So if you make a wiki config change you still can skip this.
  • smw-data rebuilds SMW data. This takes ~24 hours on large wikis. This won't run unless a new wiki is created/imported, but you can still specify to skip it just to be sure.
  • search-index rebuilds the Elasticsearch data. This takes several hours on large wikis.
  • mediawiki-core git clone core Mediawiki, verifies ownership of directory structure in Mediawiki core

MediaWiki Maintenance

edit

Meza is wiki farm enabled by default. This mean that the LocalSettings.php file is conditioned to look for a wiki id in every request. There's a variable $mezaWikiEnvVarName='WIKI'; that is used to control the collaboration between the web server, command-line scripts, and file-system based identifiers. So, always pass a value for this SHELL variable for any command-line scripts:

WIKI=demo php /opt/htdocs/mediawiki/maintenance/update.php --quick

Note: this example is just that. It's an example of how to run MediaWiki php scripts in the maintenance directory. Normally you wouldn't need to run update.php outside of Meza because you can use the Ansible 'tag' update.phpas described in the section "Using Tags" ie. meza deploy <env> --tags update.php Without any tags specified, all deploys will run update.php if necessary.

Also note: In LocalSettings.php (and other PHP code generated by Meza), the wiki identifier variable name is $wikiId. In CLI scripts and the shell environment, the variable default name is WIKI. In YAML files or Ansible commands, the variable name is wiki_id. Why are there three different names for the same thing? This difference no doubt causes some confusion, while respecting traditional naming conventions in PHP, BASH and YAML. Convention could be ignored to use a consistent variable name e.g. WIKI_ID or SITE_ID throughout.

Undocumented Commands

edit

There are undocumented commands (see https://github.com/enterprisemediawiki/meza/issues/825) such as meza maint rebuild <env>

and meza maint runJobs <env> . The latter command is known to be broken and incomplete. See https://github.com/enterprisemediawiki/meza/issues/711