dataverse-ansible/site.yml at develop · ucla-data-science-center/dataverse-ansible · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
---
# site.yml
# Main playbook for deploying Dataverse
#
# Usage:
#   Local testing:
#     Use molecule instead: uv run molecule converge -s rocky9
#
#   AWS staging deployment:
#     ansible-playbook -i inventory/staging.yml site.yml
#
#   AWS production deployment:
#     ansible-playbook -i inventory/production.yml site.yml
#
# Prerequisites:
#   1. EC2 instance running Rocky Linux 9 or RHEL 9
#   2. SSH access configured (see inventory files)
#   3. Variables configured in group_vars/<environment>.yml
#   4. Secrets encrypted with ansible-vault

- name: Deploy Dataverse
  hosts: all
  become: yes

  pre_tasks:
    - name: Display deployment information
      debug:
        msg: |
          Deploying Dataverse to: {{ inventory_hostname }}
          Environment: {{ group_names[0] | default('unknown') }}
          Dataverse hostname: {{ dataverse_hostname | default('not configured') }}
      tags: always

    - name: Verify required variables are set
      assert:
        that:
          - dataverse_hostname is defined
          - dataverse_adminpass is defined
          - dataverse_postgresql_password is defined
        fail_msg: "Missing required variables. Check group_vars configuration."
        success_msg: "All required variables are configured."
      tags: always

    - name: Ensure python3-pip is installed (for psycopg2)
      package:
        name: python3-pip
        state: present
      when: ansible_os_family == "RedHat"

  tasks:
    - name: Include dataverse role tasks
      ansible.builtin.include_role:
        name: "{{ playbook_dir }}"
        apply:
          tags: all
      # This repository itself is the Dataverse ansible role
      # The role will read variables from:
      #   1. defaults/main.yml (lowest priority)
      #   2. group_vars/<environment>.yml (overrides defaults)
      #   3. inventory host_vars (highest priority)

  post_tasks:
    - name: Display post-deployment information
      debug:
        msg: |
          =================================================================
          Dataverse deployment complete!

          Access Dataverse at: {{ dataverse_siteurl }}
          Admin email: {{ dataverse_adminemail }}

          Next steps:
          1. Verify services are running:
             systemctl status payara postgresql-16 solr httpd

          2. Check Dataverse API:
             curl http://localhost:8080/api/info/version

          3. Access via web browser:
             {{ dataverse_siteurl }}

          4. Review logs if needed:
             /usr/local/payara6/glassfish/domains/domain1/logs/server.log

          Security reminders:
          - Change default passwords in ansible-vault
          - Enable SSL (see group_vars comments for Let's Encrypt)
          - Review Apache blocked endpoints configuration
          - Configure firewall rules for your EC2 security group
          =================================================================
      tags: always