Merge branch 'main' into 908-ldap-service-account

group_vars/pas/production.yml

@@ -1,6 +1,6 @@
 ---
-php_version: "8.1"
-php_unwanted_version: "7.4"
+php_version: "8.3"
+php_unwanted_version: "8.1"
 pas_db_name: "pas_prod"
 pas_db_user: "pas"
 pas_password: '{{ vault_pas_db_password }}'

group_vars/pas/staging.yml

@@ -1,6 +1,6 @@
 ---
-php_version: "8.1"
-php_unwanted_version: "7.4"
+php_version: "8.3"
+php_unwanted_version: "8.1"
 pas_db_driver: 'mysql'
 pas_db_name: "pas_staging"
 pas_db_user: "pas"

group_vars/video_reserves/production.yml

@@ -1,23 +1,3 @@
 ---
-mysql_server: false
-
-mysql_host: "mysql-db-prod1.princeton.edu"
-
-mysql_root_password: "{{ vault_mysql_root_password }}"
-mysql_databases:
-  - name: "{{ video_reserves_db_name }}"
-    encoding: utf8mb4
-    collation: utf8mb4_general_ci
-
-mysql_users:
-  - name: "{{ video_reserves_db_user }}"
-    host: "%"
-    password: "{{ vault_video_reserves_prod_user_password }}"
-    priv: "video_reserves_prod_db.*:ALL"
-
-video_reserves_db_name: "video_reserves_prod_db"
-video_reserves_db_user: "video_reserves_prod_db_user"
-video_reserves_db_password: "{{ vault_video_reserves_prod_user_password }}"
-db_host: "{{ mysql_host }}"
 video_reserves_cert_path: "/etc/apache2/ssl/certs/{{ inventory_hostname }}_chained.pem"
 video_reserves_domain_name: "videoreserves-prod.princeton.edu"

group_vars/video_reserves/staging.yml

@@ -1,24 +1,5 @@
 ---
 php_version: "8.1"
-mysql_server: false
 
-mysql_host: "mysql-db-staging1.princeton.edu"
-
-mysql_root_password: "{{ vault_mysql_root_password }}"
-mysql_databases:
-  - name: "{{ video_reserves_db_name }}"
-    encoding: utf8mb4
-    collation: utf8mb4_general_ci
-
-mysql_users:
-  - name: "{{ video_reserves_db_user }}"
-    host: "%"
-    password: "{{ vault_video_reserves_staging_user_password }}"
-    priv: "video_reserves_staging_db.*:ALL"
-
-video_reserves_db_name: "video_reserves_staging_db"
-video_reserves_db_user: "video_reserves_staging_db_user"
-video_reserves_db_password: "{{ vault_video_reserves_staging_user_password }}"
-db_host: "{{ mysql_host }}"
 video_reserves_cert_path: "/etc/apache2/ssl/certs/{{ inventory_hostname }}_chained.pem"
 video_reserves_domain_name: "videoreserves-staging.princeton.edu"

playbooks/video_reserves.yml

@@ -12,7 +12,6 @@
         - run a cap for video_reserves
   vars_files:
     - ../group_vars/video_reserves/{{ runtime_env | default('staging') }}.yml
-    - ../group_vars/video_reserves/vault.yml
   pre_tasks:
     - set_fact:
         deploy_id_rsa_private_key: "{{  lookup('file', '../roles/video_reserves/files/id_rsa')  }}\n"

roles/nginxplus/files/conf/http/dss-prod.conf

@@ -46,7 +46,7 @@ server {
         proxy_connect_timeout      2h;
         proxy_send_timeout         2h;
         proxy_read_timeout         2h;
-        health_check uri=/catalog interval=10 fails=3 passes=2;
+        health_check uri=/health.json?providers[]=database&providers[]=solr interval=10 fails=3 passes=2;
         proxy_intercept_errors on;
         #to allow springshare libwizard tutorial embeds
         add_header Content-Security-Policy "frame-ancestors 'self' https://princeton.libwizard.com;";

roles/nginxplus/files/conf/http/dss-staging.conf

@@ -48,7 +48,7 @@ server {
         proxy_connect_timeout      2h;
         proxy_send_timeout         2h;
         proxy_read_timeout         2h;
-        health_check uri=/catalog interval=10 fails=3 passes=2;
+        health_check uri=/health.json?providers[]=database&providers[]=solr interval=10 fails=3 passes=2;
         proxy_intercept_errors on;
         #to allow springshare libwizard tutorial embeds
         # add_header Content-Security-Policy "frame-ancestors 'self' https://princeton.libwizard.com;";

roles/php/tasks/main.yml

@@ -27,6 +27,12 @@
       - apt-transport-https
       - dirmngr
 
+- name: php | Add ondrej sury repository
+  ansible.builtin.apt_repository:
+    repo: "ppa:ondrej/php"
+    update_cache: true
+    state: present
+
 - name: php | install php
   ansible.builtin.apt:
     name: ["php{{ php_version }}", "php{{ php_version }}-dev", "php{{ php_version }}-curl", "php{{ php_version }}-zip"]

roles/video_reserves/meta/main.yml

@@ -16,7 +16,6 @@ galaxy_info:
 dependencies:
   - role: "deploy_user"
   - role: "composer"
-  - role: "mysql"
     # It is possible the ruby_s role is not required
     # Added while removing from the capistrano role
   - role: "ruby_s"

roles/video_reserves/molecule/default/converge.yml

@@ -3,12 +3,7 @@
   hosts: all
   vars:
     - running_on_server: false
-    - mysql_server: true
-    - mysql_root_password: 'change_me'
     - deploy_user: deploy
-    - root_db_password: change_me
-    - db_host: localhost
-    - db_password: '{{ mysql_root_password }}'
   become: true
   pre_tasks:
     - name: install iproute
@@ -30,10 +25,6 @@
         update_cache: true
         cache_valid_time: 600
   tasks:
-    - name: "Include mysql role"
-      ansible.builtin.include_role:
-        name: mysql
-
     - name: "Include video reserves role"
       ansible.builtin.include_role:
         name: video_reserves

roles/video_reserves/tasks/main.yml

@@ -6,7 +6,6 @@
   notify: restart apache2
   loop:
     - libapache2-mod-php{{ php_version }}
-    - php{{ php_version }}-mysql
 
 - name: video_reserves | create directories for shared files
   ansible.builtin.file:

roles/video_reserves/templates/config.tpl.j2

@@ -3,10 +3,6 @@
 // {{ ansible_managed | comment }}
 // mysql info
 //
-define ('HOST', '{{ app_db_host }}');
-define ('USER', '{{ app_db_user }}');
-define ('PASS', '{{ app_db_password }}');
-define ('DB', '{{ video_reserves_db_name }}');
 define ('APP_URL', 'https://{{ video_reserves_domain_name }}/hrc'); // without trailing slash
 define('CAS_DOMAIN', 'https://{{ video_reserves_domain_name }}');
 define('CERT_PATH', '{{ video_reserves_cert_path }}');