feat: Added support for multiple domains

Added suport for access via /
Added support for declaring instance_name of your choice as a variable

.gitignore

@@ -25,3 +25,8 @@ deploy/inventory/group_vars/*
 # But allow .template files in deploy/inventory/host_vars/ and deploy/inventory/group_vars/
 !deploy/inventory/host_vars/*.template
 !deploy/inventory/group_vars/*.template
+# Ignore Python bytecode files
+__pycache__/
+*.pyc
+*.pyo
+*.pyd

deploy/deploy.sh

@@ -30,7 +30,8 @@ ansible_install_2004() {
   }
 # install ansible on ubutnu22.04
   ansible_install_2204() {
-  sed -i 's/#$nrconf{restart} = '"'"'i'"'"';/$nrconf{restart} = '"'"'a'"'"';/g' /etc/needrestart/needrestart.conf  
+  # disables needrestart dialog on ubuntu 22.04 
+  sed -i 's/#$nrconf{restart} = '"'"'i'"'"';/$nrconf{restart} = '"'"'a'"'"';/g' /etc/needrestart/needrestart.conf 
   sed -i "s/#\$nrconf{kernelhints} = -1;/\$nrconf{kernelhints} = -1;/g" /etc/needrestart/needrestart.conf  
   sudo apt -yq update
   sudo apt install -yq  git

deploy/filter_plugins/to_fixed_string.py

@@ -0,0 +1,16 @@
+# filter_plugins/is_float.py
+class FilterModule(object):
+    def filters(self):
+        return {
+            'to_fixed_string': self.to_fixed_string,
+             'lowercase': self.lowercase,
+        }
+    def to_fixed_string(self, value):
+        if isinstance(value, float):
+            return format(value, '.2f')  # Adjust the precision (number of decimal places) as needed
+        return str(value)    
+    def lowercase(self,value):
+        if value is not None and value != 'None':
+            return str(value).lower()
+        return value
+

deploy/inventory/host_vars/postgres.template

@@ -1,13 +1,19 @@
 # Postgresql optimization
 # Copy the file postgres.template to postgres (or generally, the name of your
 # database host ) using cp command. i.e cp postgres.template postgres
-pg_max_connections: 400 
 
+# number of open connnectins to postgres database 
+pg_max_connections: 200
+
+# Shared Buffers for postgresql, recommended 0.25 x Available_RAM for PostgreSQL
 pg_shared_buffers: 8GB
 
+# PostgreSQL work memory, Recommended = (0.25 x Available_RAM)/max_connections
 pg_work_mem: 20MB
 
-pg_maintenance_work_mem: 3GB
+# As much as you can reasonably afford. Helps with index generation during the analytics generation task
+pg_maintenance_work_mem: 3GB 
 
+# As much as you can reasonably afford. Helps with index generation during the analytics generation task
 pg_effective_cache_size: 10GB 
 

deploy/inventory/host_vars/proxy.template

@@ -1,12 +1,12 @@
 ---
-# This is a template for proxy variables,
-# to make these varialbles available for your deployment, copy this template
-# file to proxy, that way your proxy intance will be able to read and use this
-# variables at runtime. 
-#  cp proxy.template proxy
+# This is a template for variables to be applied to proxy host.
+# use the template to create the file named 'proxy' 
+# the file name should correspond to the host you want to apply variables to.
+# in our case proxy 
+
 munin_users:
   - name: admin
-    password: <put_secure_password>
+    password: district
 
-# if you want munic access from non default base path  
-munin_base_path: <base_path_for_munin>
+# if you want munin access from non-default, change the below variable.  Default is munin
+munin_base_path: munin 

deploy/playbooks/delete-dhis2-instance.yml

@@ -13,6 +13,8 @@
         name: "{{ instance_name }}"
         state: absent
       when: inventory_hostname == instance_name
+      # ingroup instances 
+      # deleted is defined and deleted
 
     # need to incoporate apache2 as well
     - name: Delete nginx location configuration on nginx

deploy/roles/dhis2/tasks/dhis2_setup.yml

@@ -73,17 +73,16 @@
 
 - name: Check running dhis2 version
   ansible.builtin.shell:
-    cmd: unzip -q -p  /var/lib/tomcat9/webapps/{{ inventory_hostname }}/WEB-INF/lib/dhis-service-core-*.jar build.properties | awk -F' *= *' '$1=="build.version"{print
-      $2}'
-    removes: /var/lib/tomcat9/webapps/{{ inventory_hostname }}/WEB-INF/lib/dhis-service-core-*.jar
+    cmd: unzip -q -p  /var/lib/tomcat9/webapps/{{ instance_name | default(inventory_hostname) | to_fixed_string }}/WEB-INF/lib/dhis-service-core-*.jar build.properties | awk -F' *= *' '$1=="build.version"{print $2}'
+    removes: /var/lib/tomcat9/webapps/{{  instance_name | default(inventory_hostname) | to_fixed_string }}/WEB-INF/lib/dhis-service-core-*.jar
   register: version_results
   changed_when: false
 
 - ansible.builtin.debug:
     msg:
       - "Running release: {{ version_results.stdout | trim }}"
       - "Latest patch release: {{ latest_patchversion }}"
-      - set dhis2_auto_upgrade = True in your inventory file to enable automatic upgrade.
+      - set dhis2_auto_upgrade=True in your inventory file to enable automatic upgrade.
       - Prior to the upgrade, it is important to have a backup of your instance database
   when:
     - latest_patchversion is defined
@@ -129,7 +128,7 @@
 
 - name: Creating webapps directories
   ansible.builtin.file:
-    path: /var/lib/tomcat9/webapps/{{ inventory_hostname }}
+    path: /var/lib/tomcat9/webapps/{{ instance_name | default(inventory_hostname) | to_fixed_string }}
     mode: "0755"
     state: directory
   notify: Restart Tomcat
@@ -204,7 +203,7 @@
 - name: Extracting dhis2.war file
   ansible.builtin.unarchive:
     src: /opt/dhis2/dhis2.war
-    dest: /var/lib/tomcat9/webapps/{{ inventory_hostname }}
+    dest: /var/lib/tomcat9/webapps/{{ instance_name | default(inventory_hostname) | to_fixed_string }}
     remote_src: true
   notify: Restart Tomcat
 

deploy/roles/dhis2/tasks/glowroot.yml

@@ -22,3 +22,11 @@
     mode: "0640"
   when: not glowroot_admin_file_status.stat.exists
   notify: Restart Tomcat
+
+- name: Configure glowroot basepath
+  ansible.builtin.lineinfile:
+    path: /opt/glowroot/admin.json
+    regexp: '^(.*)"contextPath"'
+    line: '\1"contextPath": "{{ "/glowroot" if instance_name | default(inventory_hostname) | to_fixed_string == "ROOT" else "/" + instance_name | default(inventory_hostname) | to_fixed_string + "-glowroot" }}",'
+    backrefs: true
+  notify: Restart Tomcat

deploy/roles/dhis2/tasks/postgresql_db.yml

@@ -1,4 +1,54 @@
 ---
+- name: Edit pg_hba.conf permissions, allowing instances to connect
+  become: true
+  ansible.builtin.lineinfile:
+    path: /etc/postgresql/{{ postgresql_version_info.version.major }}/main/pg_hba.conf
+    insertafter: EOF
+    line: host     {{ item }}    {{ item }}  {{ hostvars[item]['ansible_host'] }}/32   md5
+  loop: "{{ groups['instances'] }}"
+  when:
+    - inventory_hostname == hostvars[item]['database_host']
+    - db_gateway_address is undefined
+  notify: Restart Postgres
+
+- name: Firewall | Open port 5432 from dhis2 instances
+  community.general.ufw:
+    rule: allow
+    port: "{{ postgresql_port | default('5432') }}"
+    src: "{{ hostvars[item]['ansible_host'] }}"
+    proto: tcp
+    comment: "Allow access from {{ item }} instance "
+    state: enabled
+  loop: "{{ groups['instances'] }}"
+  when:
+    - inventory_hostname == hostvars[item]['database_host']
+    - db_gateway_address is undefined
+
+- name: Edit pg_hba.conf permissions, instances db_gateway_address
+  become: true
+  ansible.builtin.lineinfile:
+    path: /etc/postgresql/{{ postgresql_version_info.version.major }}/main/pg_hba.conf
+    insertafter: EOF
+    line: host     {{ item }}    {{ item }}   {{ db_gateway_address }}/32   md5
+  loop: "{{ groups['instances'] }}"
+  when:
+    - inventory_hostname == hostvars[item]['database_host']
+    - db_gateway_address is defined
+  notify: Restart Postgres
+
+- name: Firewall | Open port 5432 from db_gateway_address
+  community.general.ufw:
+    rule: allow
+    port: "{{ postgresql_port | default('5432') }}"
+    src: "{{ db_gateway_address }}"
+    proto: tcp
+    comment: Allow access from {{ db_gateway_address }}
+    state: enabled
+  loop: "{{ groups['instances'] }}"
+  when:
+    - inventory_hostname == hostvars[item]['database_host']
+    - db_gateway_address is defined
+
 - name: "Create instances database role:"
   become: true
   become_user: postgres
@@ -39,3 +89,6 @@
   loop_control:
     label: "{{ item.1 }}"
   notify: Reload Postgres
+
+- name: Flushing Handlers
+  ansible.builtin.meta: flush_handlers

deploy/roles/dhis2/templates/glowroot_admin.json

@@ -24,7 +24,11 @@
   "web": {
     "port": 4000,
     "bindAddress": "0.0.0.0",
-    "contextPath": "/{{ inventory_hostname }}-glowroot",
+{% if instance_name | default(inventory_hostname) | to_fixed_string  == "ROOT"  %}
+  "contextPath": "/glowroot",
+{% else %}
+    "contextPath": "/{{ instance_name | default(inventory_hostname) | to_fixed_string }}-glowroot",
+{% endif %}
     "sessionTimeoutMinutes": 30,
     "sessionCookieName": "GLOWROOT_SESSION_ID"
   },

deploy/roles/monitoring/tasks/nginx-munin.yml

@@ -1,8 +1,4 @@
-- name: Install ibwww-perl libxml-simple-perl
-  ansible.builtin.apt:
-    name:
-      - libwww-perl
-
+---
 - name: Enable nginx modules for munin monitoring
   ansible.builtin.file:
     src: "/usr/share/munin/plugins/{{ item }}"

deploy/roles/monitoring/templates/hosts.conf.j2

@@ -10,7 +10,9 @@
 {% endif %}
 {% endfor %}
 #}
-{% for host in ansible_play_batch %}
+{# {% for host in ansible_play_batch %} #}
+
+{% for host in ansible_play_hosts_all %}
 [{{ host }}]
     address {{ hostvars[host]['ansible_host'] }}
     use_node_name yes

deploy/roles/postgres/tasks/lxd.yml

@@ -26,6 +26,10 @@
         parent: "{{ lxd_bridge_interface | default('lxdbr1') }}"
         nictype: bridged
         ipv4.address: "{{ ansible_host | ansible.utils.ipaddr(lxd_network) }}"
+      root:
+        path: /
+        pool: default
+        type: disk
 
 - name: Get facts
   ansible.builtin.setup:

deploy/roles/postgres/tasks/pg_install.yaml

@@ -73,55 +73,5 @@
     line: listen_addresses '*'
   notify: Restart Postgres
 
-- name: Edit pg_hba.conf permissions, allowing instances to connect
-  become: true
-  ansible.builtin.lineinfile:
-    path: /etc/postgresql/{{ postgresql_version_info.version.major }}/main/pg_hba.conf
-    insertafter: EOF
-    line: host     {{ item }}    {{ item }}  {{ hostvars[item]['ansible_host'] }}/32   md5
-  loop: "{{ groups['instances'] }}"
-  when:
-    - inventory_hostname == hostvars[item]['database_host']
-    - db_gateway_address is undefined
-  notify: Restart Postgres
-
-- name: Firewall | Open port 5432 from dhis2 instances
-  community.general.ufw:
-    rule: allow
-    port: "{{ postgresql_port | default('5432') }}"
-    src: "{{ hostvars[item]['ansible_host'] }}"
-    proto: tcp
-    comment: "Allow access from {{ item }} instance "
-    state: enabled
-  loop: "{{ groups['instances'] }}"
-  when:
-    - inventory_hostname == hostvars[item]['database_host']
-    - db_gateway_address is undefined
-
-- name: Edit pg_hba.conf permissions, instances db_gateway_address
-  become: true
-  ansible.builtin.lineinfile:
-    path: /etc/postgresql/{{ postgresql_version_info.version.major }}/main/pg_hba.conf
-    insertafter: EOF
-    line: host     {{ item }}    {{ item }}   {{ db_gateway_address }}/32   md5
-  loop: "{{ groups['instances'] }}"
-  when:
-    - inventory_hostname == hostvars[item]['database_host']
-    - db_gateway_address is defined
-  notify: Restart Postgres
-
-- name: Firewall | Open port 5432 from db_gateway_address
-  community.general.ufw:
-    rule: allow
-    port: "{{ postgresql_port | default('5432') }}"
-    src: "{{ db_gateway_address }}"
-    proto: tcp
-    comment: Allow access from {{ db_gateway_address }}
-    state: enabled
-  loop: "{{ groups['instances'] }}"
-  when:
-    - inventory_hostname == hostvars[item]['database_host']
-    - db_gateway_address is defined
-
 - name: Flushing Handlers
   ansible.builtin.meta: flush_handlers

deploy/roles/pre_requisites/tasks/lxd.yml

@@ -10,7 +10,7 @@
           - network
           - "!min"
 
-    - name: Update and upgrade system packages
+    - name: Update and upgrade the host
       ansible.builtin.apt:
         upgrade: "yes"
         update_cache: true