From ccef7ba2a1a23c2658032e32974035519afb4e82 Mon Sep 17 00:00:00 2001 From: Anish Mangal Date: Sat, 9 Feb 2019 14:21:39 +0000 Subject: [PATCH 01/12] Apache reverse-proxy for nodered --- roles/nodered/defaults/main.yml | 3 +++ roles/nodered/tasks/main.yml | 25 +++++++++++++++++++++++++ roles/nodered/templates/nodered.conf | 2 ++ 3 files changed, 30 insertions(+) create mode 100644 roles/nodered/templates/nodered.conf diff --git a/roles/nodered/defaults/main.yml b/roles/nodered/defaults/main.yml index 7e6b61729..69bce1cfd 100644 --- a/roles/nodered/defaults/main.yml +++ b/roles/nodered/defaults/main.yml @@ -7,3 +7,6 @@ nodered_password_hash: $2b$08$oxgvoU9et3deSbXY8UNVTOWHSTQAyEASIal86RHVMqYQJhpPMN # To generate a new password hash, run 'node-red-admin hash-pw' and enter the # new password. Paste the resulting hash above. After Ansible runs, username # and password hash will be placed in: /home/nodered/.node-red/settings.js + +nodered_web_path: nodered +nodered_port: 1880 diff --git a/roles/nodered/tasks/main.yml b/roles/nodered/tasks/main.yml index b99917afc..d8a69a282 100644 --- a/roles/nodered/tasks/main.yml +++ b/roles/nodered/tasks/main.yml @@ -54,6 +54,31 @@ state: started when: nodered_enabled +- name: Copy nodered.conf to apache sites-available + template: + backup: yes + src: nodered.conf.j2 + dest: /etc/apache2/sites-available/nodered.conf + owner: root + group: root + mode: 0666 + when: nodered_install + +- name: Link nodered.conf to apache sites-enabled + file: + src: /etc/apache2/sites-available/nodered.conf + dest: /etc/apache2/sites-enabled/nodered.conf + owner: root + group: root + state: link + when: nodered_enabled + +- name: Remove nodered.conf from apache sites-enabled + file: + path: /etc/apache2/sites-enabled/nodered.conf + state: absent + when: not nodered_enabled + - name: Add 'nodered' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" diff --git a/roles/nodered/templates/nodered.conf b/roles/nodered/templates/nodered.conf new file mode 100644 index 000000000..415fd08c3 --- /dev/null +++ b/roles/nodered/templates/nodered.conf @@ -0,0 +1,2 @@ +ProxyPass /{{ nodered_web_path }} http://localhost:{{ nodered_port }} +ProxyPassReverse /{{ nodered_web_path }} http://localhost:{{ nodered_port }} From 270c789820a326c16d7e197659b3674f2f3952aa Mon Sep 17 00:00:00 2001 From: Anish Mangal Date: Sat, 9 Feb 2019 14:27:18 +0000 Subject: [PATCH 02/12] Rename template file from nodered.conf to nodered.conf.j2 --- roles/nodered/templates/{nodered.conf => nodered.conf.j2} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/nodered/templates/{nodered.conf => nodered.conf.j2} (100%) diff --git a/roles/nodered/templates/nodered.conf b/roles/nodered/templates/nodered.conf.j2 similarity index 100% rename from roles/nodered/templates/nodered.conf rename to roles/nodered/templates/nodered.conf.j2 From 46c56610de8dfab05fe8009e7e1f2d3ef95f5ef7 Mon Sep 17 00:00:00 2001 From: Anish Mangal Date: Sat, 9 Feb 2019 14:33:05 +0000 Subject: [PATCH 03/12] restart apache after copying nodered.conf --- roles/nodered/tasks/main.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/roles/nodered/tasks/main.yml b/roles/nodered/tasks/main.yml index d8a69a282..329d1a327 100644 --- a/roles/nodered/tasks/main.yml +++ b/roles/nodered/tasks/main.yml @@ -79,6 +79,13 @@ state: absent when: not nodered_enabled +- name: Restart apache2 service + systemd: + name: apache2 + daemon_reload: yes + state: restarted + when: nodered_enabled + - name: Add 'nodered' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" From e76bbc582565080a1d6761f333f15b6b32fcca92 Mon Sep 17 00:00:00 2001 From: Anish Mangal Date: Sun, 10 Feb 2019 10:20:43 +0000 Subject: [PATCH 04/12] Fix nodered reverseproxy --- roles/nodered/tasks/main.yml | 5 +++++ roles/nodered/templates/nodered.conf.j2 | 7 +++++-- roles/nodered/templates/settings.js.j2 | 2 +- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/roles/nodered/tasks/main.yml b/roles/nodered/tasks/main.yml index 329d1a327..34a800685 100644 --- a/roles/nodered/tasks/main.yml +++ b/roles/nodered/tasks/main.yml @@ -79,6 +79,11 @@ state: absent when: not nodered_enabled +- name: Enable proxy_wstunnel apache2 module + apache2_module: + state: present + name: proxy_wstunnel + - name: Restart apache2 service systemd: name: apache2 diff --git a/roles/nodered/templates/nodered.conf.j2 b/roles/nodered/templates/nodered.conf.j2 index 415fd08c3..72d6b99f1 100644 --- a/roles/nodered/templates/nodered.conf.j2 +++ b/roles/nodered/templates/nodered.conf.j2 @@ -1,2 +1,5 @@ -ProxyPass /{{ nodered_web_path }} http://localhost:{{ nodered_port }} -ProxyPassReverse /{{ nodered_web_path }} http://localhost:{{ nodered_port }} +ProxyPreserveHost On +ProxyRequests Off +ProxyPass /{{ nodered_web_path }}/debug/ws ws://localhost:1880/{{ nodered_web_path }}/debug/ws +ProxyPass /{{ nodered_web_path }} http://localhost:{{ nodered_port }}/{{ nodered_web_path }} +ProxyPassReverse /{{ nodered_web_path }} http://localhost:{{ nodered_port }}/{{ nodered_web_path }} diff --git a/roles/nodered/templates/settings.js.j2 b/roles/nodered/templates/settings.js.j2 index eb709304e..50923671c 100644 --- a/roles/nodered/templates/settings.js.j2 +++ b/roles/nodered/templates/settings.js.j2 @@ -96,7 +96,7 @@ module.exports = { // The following property can be used in place of 'httpAdminRoot' and 'httpNodeRoot', // to apply the same root to both parts. - //httpRoot: '/red', + httpRoot: '/{{ nodered_web_path }}', // When httpAdminRoot is used to move the UI to a different root path, the // following property can be used to identify a directory of static content From 5b62fa1bffa2f5dcad7475e51d14b105f9e35f52 Mon Sep 17 00:00:00 2001 From: Anish Mangal Date: Sun, 10 Feb 2019 11:03:40 +0000 Subject: [PATCH 05/12] Restructure the starting of services in nodered playbook --- roles/nodered/tasks/main.yml | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/roles/nodered/tasks/main.yml b/roles/nodered/tasks/main.yml index 34a800685..d60e7316d 100644 --- a/roles/nodered/tasks/main.yml +++ b/roles/nodered/tasks/main.yml @@ -46,14 +46,6 @@ mode: 0666 when: nodered_install -- name: Enable & Start node-red service - systemd: - daemon_reload: yes - name: node-red - enabled: yes - state: started - when: nodered_enabled - - name: Copy nodered.conf to apache sites-available template: backup: yes @@ -91,6 +83,22 @@ state: restarted when: nodered_enabled +- name: Enable & Start node-red service + systemd: + daemon_reload: yes + name: node-red + enabled: yes + state: started + when: nodered_enabled + +- name: Disable & Stop node-red service + systemd: + daemon_reload: yes + name: node-red + enabled: no + state: stopped + when: (not nodered_enabled) + - name: Add 'nodered' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" From 76fe902c46509bbf7580be078e647784c1122dff Mon Sep 17 00:00:00 2001 From: Anish Mangal Date: Sun, 10 Feb 2019 11:32:28 +0000 Subject: [PATCH 06/12] Nodered: allow sockets over /comms in rev-proxy in apache config --- roles/nodered/templates/nodered.conf.j2 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/nodered/templates/nodered.conf.j2 b/roles/nodered/templates/nodered.conf.j2 index 72d6b99f1..916e1eed2 100644 --- a/roles/nodered/templates/nodered.conf.j2 +++ b/roles/nodered/templates/nodered.conf.j2 @@ -1,5 +1,6 @@ ProxyPreserveHost On ProxyRequests Off -ProxyPass /{{ nodered_web_path }}/debug/ws ws://localhost:1880/{{ nodered_web_path }}/debug/ws +ProxyPass /{{ nodered_web_path }}/debug/ws ws://localhost:{{ nodered_port }}/{{ nodered_web_path }}/debug/ws +ProxyPass /{{ nodered_web_path }}/comms ws://localhost:{{ nodered_port }}/{{ nodered_web_path }}/comms ProxyPass /{{ nodered_web_path }} http://localhost:{{ nodered_port }}/{{ nodered_web_path }} ProxyPassReverse /{{ nodered_web_path }} http://localhost:{{ nodered_port }}/{{ nodered_web_path }} From eac226980fcddab9f9842eb634265dced5b7f557 Mon Sep 17 00:00:00 2001 From: Anish Mangal Date: Sun, 10 Feb 2019 11:36:00 +0000 Subject: [PATCH 07/12] Nodered update README.rst with rev proxy path --- roles/nodered/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/nodered/README.rst b/roles/nodered/README.rst index adf61d51a..9a416b8df 100644 --- a/roles/nodered/README.rst +++ b/roles/nodered/README.rst @@ -14,7 +14,7 @@ Prior to installing IIAB, make sure your `/etc/iiab/local_vars.yml Date: Sun, 10 Feb 2019 09:41:22 -0500 Subject: [PATCH 08/12] Update README.rst --- roles/nodered/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/nodered/README.rst b/roles/nodered/README.rst index 9a416b8df..bee703c6b 100644 --- a/roles/nodered/README.rst +++ b/roles/nodered/README.rst @@ -14,7 +14,7 @@ Prior to installing IIAB, make sure your `/etc/iiab/local_vars.yml Date: Sun, 10 Feb 2019 10:01:38 -0500 Subject: [PATCH 09/12] Update main.yml --- roles/nodered/defaults/main.yml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/roles/nodered/defaults/main.yml b/roles/nodered/defaults/main.yml index 69bce1cfd..58b82a181 100644 --- a/roles/nodered/defaults/main.yml +++ b/roles/nodered/defaults/main.yml @@ -1,5 +1,11 @@ -nodered_install: False -nodered_enabled: False +# nodered_install: False +# nodered_enabled: False +# nodered_port: 1880 + +# All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml +# If nec, change them by editing /etc/iiab/local_vars.yml prior to installing! + +nodered_web_path: nodered # http://box/nodered redirect to http://box:1880 nodered_user: Admin nodered_password: changeme @@ -7,6 +13,3 @@ nodered_password_hash: $2b$08$oxgvoU9et3deSbXY8UNVTOWHSTQAyEASIal86RHVMqYQJhpPMN # To generate a new password hash, run 'node-red-admin hash-pw' and enter the # new password. Paste the resulting hash above. After Ansible runs, username # and password hash will be placed in: /home/nodered/.node-red/settings.js - -nodered_web_path: nodered -nodered_port: 1880 From 4e84c6caa5784d3c98d85fa2637d85f68b9926ed Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 10 Feb 2019 10:33:51 -0500 Subject: [PATCH 10/12] Apache + systemd cleanup for http://box/nodered --- roles/nodered/tasks/main.yml | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/roles/nodered/tasks/main.yml b/roles/nodered/tasks/main.yml index d60e7316d..47d27929e 100644 --- a/roles/nodered/tasks/main.yml +++ b/roles/nodered/tasks/main.yml @@ -46,7 +46,7 @@ mode: 0666 when: nodered_install -- name: Copy nodered.conf to apache sites-available +- name: Install Apache's sites-available/nodered.conf from template template: backup: yes src: nodered.conf.j2 @@ -56,7 +56,7 @@ mode: 0666 when: nodered_install -- name: Link nodered.conf to apache sites-enabled +- name: Create symlink nodered.conf from sites-enabled to sites-available, for short URL http://box/nodered (if nodered_enabled) file: src: /etc/apache2/sites-available/nodered.conf dest: /etc/apache2/sites-enabled/nodered.conf @@ -65,7 +65,7 @@ state: link when: nodered_enabled -- name: Remove nodered.conf from apache sites-enabled +- name: Remove symlink /etc/apache2/sites-enabled/nodered.conf (if not nodered_enabled) file: path: /etc/apache2/sites-enabled/nodered.conf state: absent @@ -75,15 +75,16 @@ apache2_module: state: present name: proxy_wstunnel + when: nodered_install -- name: Restart apache2 service +- name: Restart Apache service ({{ apache_service }}) to enable/disable http://box/nodered (not just http://box:{{ nodered_port }}) systemd: - name: apache2 daemon_reload: yes + name: "{{ apache_service }}" # httpd or apache2 state: restarted - when: nodered_enabled + when: nodered_install -- name: Enable & Start node-red service +- name: Enable & Start 'node-red' systemd service (if nodered_enabled) systemd: daemon_reload: yes name: node-red @@ -91,13 +92,13 @@ state: started when: nodered_enabled -- name: Disable & Stop node-red service +- name: Disable & Stop 'node-red' systemd service (if not nodered_enabled) systemd: daemon_reload: yes name: node-red enabled: no state: stopped - when: (not nodered_enabled) + when: not nodered_enabled - name: Add 'nodered' variable values to {{ iiab_ini_file }} ini_file: From 110ad13a5a85be629bcf936139d37a2d0f4b585d Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 10 Feb 2019 10:34:01 -0500 Subject: [PATCH 11/12] Apache+ systemd cleanup for http://box/sugar etc --- roles/sugarizer/tasks/main.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index fe95ae760..0c23b3aeb 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -229,14 +229,14 @@ # # Use this instead, if tabs are truly nec: # # block: "\tvar pathPrefix = '/sugarizer';\n\tapp.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));" -- name: Create symlink sugarizer.conf from sites-enabled to sites-available, for short URL http://box/sugarizer (debuntu) +- name: Create symlink sugarizer.conf from sites-enabled to sites-available, for short URLs http://box/sugar & http://box/sugarizer (if sugarizer_enabled) file: src: /etc/apache2/sites-available/sugarizer.conf path: /etc/apache2/sites-enabled/sugarizer.conf state: link when: sugarizer_enabled and is_debuntu -- name: "Remove symlink /etc/apache2/sites-enabled/sugarizer.conf, if sugarizer_enabled: False (debuntu)" +- name: Remove symlink /etc/apache2/sites-enabled/sugarizer.conf (if not sugarizer_enabled) file: path: /etc/apache2/sites-enabled/sugarizer.conf state: absent @@ -245,7 +245,8 @@ # 6. RESTART/STOP SYSTEMD SERVICE -- name: Enable & Restart systemd service if sugarizer_enabled, with "systemctl daemon-reload" (in case mongodb.service changed?) +# with "systemctl daemon-reload" in case mongodb.service changed, etc +- name: Enable & Restart 'sugarizer' systemd service (if sugarizer_enabled) systemd: name: sugarizer daemon_reload: yes @@ -253,9 +254,10 @@ state: restarted when: sugarizer_enabled -- name: "Disable systemd service, if sugarizer_enabled: False" +- name: Disable & Stop 'sugarizer' systemd service (if not sugarizer_enabled) systemd: name: sugarizer + daemon_reload: yes enabled: no state: stopped when: not sugarizer_enabled From fae071d2823daf8348478c13a4571d7383679a5d Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 10 Feb 2019 11:13:16 -0500 Subject: [PATCH 12/12] restart node-red service, for http://box/nodered w/o reboot --- roles/nodered/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/nodered/tasks/main.yml b/roles/nodered/tasks/main.yml index 47d27929e..a8526e19c 100644 --- a/roles/nodered/tasks/main.yml +++ b/roles/nodered/tasks/main.yml @@ -84,12 +84,12 @@ state: restarted when: nodered_install -- name: Enable & Start 'node-red' systemd service (if nodered_enabled) +- name: Enable & (Re)start 'node-red' systemd service (if nodered_enabled) systemd: daemon_reload: yes name: node-red enabled: yes - state: started + state: restarted when: nodered_enabled - name: Disable & Stop 'node-red' systemd service (if not nodered_enabled)