diff --git a/.drone.jsonnet b/.drone.jsonnet
index 18fab09..439fb8e 100644
--- a/.drone.jsonnet
+++ b/.drone.jsonnet
@@ -71,7 +71,7 @@ local PipelineDeployment(scenario='centos7') = {
'linting',
],
trigger: {
- ref: ['refs/heads/master', 'refs/tags/**'],
+ ref: ['refs/heads/master', 'refs/tags/**', 'refs/pull/**'],
},
};
@@ -116,6 +116,7 @@ local PipelineDocumentation = {
},
depends_on: [
'testing-centos7',
+ 'testing-rocky8',
],
};
@@ -154,6 +155,7 @@ local PipelineNotification = {
[
PipelineLinting,
PipelineDeployment(scenario='centos7'),
+ PipelineDeployment(scenario='rocky8'),
PipelineDocumentation,
PipelineNotification,
]
diff --git a/.drone.yml b/.drone.yml
index 81a6849..ec017c7 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -62,6 +62,40 @@ trigger:
ref:
- refs/heads/master
- refs/tags/**
+ - refs/pull/**
+
+depends_on:
+ - linting
+
+---
+kind: pipeline
+name: testing-rocky8
+
+platform:
+ os: linux
+ arch: amd64
+
+concurrency:
+ limit: 1
+
+workspace:
+ base: /drone/src
+ path: ${DRONE_REPO_NAME}
+
+steps:
+ - name: ansible-molecule
+ image: thegeeklab/molecule:3
+ commands:
+ - molecule test -s rocky8
+ environment:
+ HCLOUD_TOKEN:
+ from_secret: hcloud_token
+
+trigger:
+ ref:
+ - refs/heads/master
+ - refs/tags/**
+ - refs/pull/**
depends_on:
- linting
@@ -108,6 +142,7 @@ trigger:
depends_on:
- testing-centos7
+ - testing-rocky8
---
kind: pipeline
@@ -147,6 +182,6 @@ depends_on:
---
kind: signature
-hmac: 21e6cbb484335e0cebe849993af340bf5f2ca1356f9aea70b7ae8f1b2896919b
+hmac: 291bd4bbb9ede9e55f21134ec20ef3bdaefb9a06893e89a866014c5b0fb111a6
...
diff --git a/defaults/main.yml b/defaults/main.yml
index d1294a8..dc45c48 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,5 +1,5 @@
---
-cups_version: 2.3.1
+cups_version: 2.4.0-1
# @var cups_packages_extra:description: >
# Install dependencies or custom driver packages
@@ -16,8 +16,8 @@ cups_selinux_restorecon: []
cups_admin_group: printadmin
cups_admin_users:
- - name: 'cupsadm'
- password: 'secure'
+ - name: "cupsadm"
+ password: "secure"
cups_bind_url:
- localhost:631
diff --git a/handlers/main.yml b/handlers/main.yml
index 5248ec1..2377e45 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,7 +1,7 @@
---
- name: Restart service
service:
- name: org.cups.cupsd
+ name: cups
state: restarted
daemon_reload: yes
enabled: yes
diff --git a/molecule/centos7/tests/test_default.py b/molecule/centos7/tests/test_default.py
index 10d41ee..fc93e1c 100644
--- a/molecule/centos7/tests/test_default.py
+++ b/molecule/centos7/tests/test_default.py
@@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
def test_cups_running_and_enabled(host):
- cups = host.service("org.cups.cupsd")
+ cups = host.service("cups")
assert cups.is_running
assert cups.is_enabled
@@ -16,3 +16,11 @@ def test_cups_running_and_enabled(host):
def test_cups_socket(host):
# Verify the socket is listening for HTTP traffic
assert host.socket("tcp://127.0.0.1:631").is_listening
+
+
+def test_cups_conn_error(host):
+ code = int(host.run("curl -s -w '%{http_code}' http://127.0.0.1:631/ -o /dev/null").stdout)
+ body = host.run("curl -sX GET http://127.0.0.1:631/").stdout
+
+ assert code == 200
+ assert "OpenPrinting CUPS" in body
diff --git a/molecule/default b/molecule/default
index 2fdf3e8..62ea184 120000
--- a/molecule/default
+++ b/molecule/default
@@ -1 +1 @@
-centos7
\ No newline at end of file
+rocky8
\ No newline at end of file
diff --git a/molecule/rocky8/converge.yml b/molecule/rocky8/converge.yml
new file mode 100644
index 0000000..c2d744c
--- /dev/null
+++ b/molecule/rocky8/converge.yml
@@ -0,0 +1,5 @@
+---
+- name: Converge
+ hosts: all
+ roles:
+ - role: xoxys.cups
diff --git a/molecule/rocky8/create.yml b/molecule/rocky8/create.yml
new file mode 100644
index 0000000..8b945cd
--- /dev/null
+++ b/molecule/rocky8/create.yml
@@ -0,0 +1,120 @@
+---
+- name: Create
+ hosts: localhost
+ connection: local
+ gather_facts: false
+ no_log: "{{ molecule_no_log }}"
+ vars:
+ ssh_port: 22
+ ssh_user: root
+ ssh_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/ssh_key"
+ tasks:
+ - name: Create SSH key
+ user:
+ name: "{{ lookup('env', 'USER') }}"
+ generate_ssh_key: true
+ ssh_key_file: "{{ ssh_path }}"
+ force: true
+ register: generated_ssh_key
+
+ - name: Register the SSH key name
+ set_fact:
+ ssh_key_name: "molecule-generated-{{ 12345 | random | to_uuid }}"
+
+ - name: Register SSH key for test instance(s)
+ hcloud_ssh_key:
+ name: "{{ ssh_key_name }}"
+ public_key: "{{ generated_ssh_key.ssh_public_key }}"
+ state: present
+
+ - name: Create molecule instance(s)
+ hcloud_server:
+ name: "{{ item.name }}"
+ server_type: "{{ item.server_type }}"
+ ssh_keys:
+ - "{{ ssh_key_name }}"
+ image: "{{ item.image }}"
+ location: "{{ item.location | default(omit) }}"
+ datacenter: "{{ item.datacenter | default(omit) }}"
+ user_data: "{{ item.user_data | default(omit) }}"
+ api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
+ state: present
+ register: server
+ loop: "{{ molecule_yml.platforms }}"
+ async: 7200
+ poll: 0
+
+ - name: Wait for instance(s) creation to complete
+ async_status:
+ jid: "{{ item.ansible_job_id }}"
+ register: hetzner_jobs
+ until: hetzner_jobs.finished
+ retries: 300
+ loop: "{{ server.results }}"
+
+ - name: Create volume(s)
+ hcloud_volume:
+ name: "{{ item.name }}"
+ server: "{{ item.name }}"
+ location: "{{ item.location | default(omit) }}"
+ size: "{{ item.volume_size | default(10) }}"
+ api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
+ state: "present"
+ loop: "{{ molecule_yml.platforms }}"
+ when: item.volume | default(False) | bool
+ register: volumes
+ async: 7200
+ poll: 0
+
+ - name: Wait for volume(s) creation to complete
+ async_status:
+ jid: "{{ item.ansible_job_id }}"
+ register: hetzner_volumes
+ until: hetzner_volumes.finished
+ retries: 300
+ when: volumes.changed
+ loop: "{{ volumes.results }}"
+
+ # Mandatory configuration for Molecule to function.
+
+ - name: Populate instance config dict
+ set_fact:
+ instance_conf_dict:
+ {
+ "instance": "{{ item.hcloud_server.name }}",
+ "ssh_key_name": "{{ ssh_key_name }}",
+ "address": "{{ item.hcloud_server.ipv4_address }}",
+ "user": "{{ ssh_user }}",
+ "port": "{{ ssh_port }}",
+ "identity_file": "{{ ssh_path }}",
+ "volume": "{{ item.item.item.volume | default(False) | bool }}",
+ }
+ loop: "{{ hetzner_jobs.results }}"
+ register: instance_config_dict
+ when: server.changed | bool
+
+ - name: Convert instance config dict to a list
+ set_fact:
+ instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}"
+ when: server.changed | bool
+
+ - name: Dump instance config
+ copy:
+ content: |
+ # Molecule managed
+
+ {{ instance_conf | to_nice_yaml(indent=2) }}
+ dest: "{{ molecule_instance_config }}"
+ when: server.changed | bool
+
+ - name: Wait for SSH
+ wait_for:
+ port: "{{ ssh_port }}"
+ host: "{{ item.address }}"
+ search_regex: SSH
+ delay: 10
+ loop: "{{ lookup('file', molecule_instance_config) | from_yaml }}"
+
+ - name: Wait for VM to settle down
+ pause:
+ seconds: 30
diff --git a/molecule/rocky8/destroy.yml b/molecule/rocky8/destroy.yml
new file mode 100644
index 0000000..6454c71
--- /dev/null
+++ b/molecule/rocky8/destroy.yml
@@ -0,0 +1,78 @@
+---
+- name: Destroy
+ hosts: localhost
+ connection: local
+ gather_facts: false
+ no_log: "{{ molecule_no_log }}"
+ tasks:
+ - name: Check existing instance config file
+ stat:
+ path: "{{ molecule_instance_config }}"
+ register: cfg
+
+ - name: Populate the instance config
+ set_fact:
+ instance_conf: "{{ (lookup('file', molecule_instance_config) | from_yaml) if cfg.stat.exists else [] }}"
+
+ - name: Destroy molecule instance(s)
+ hcloud_server:
+ name: "{{ item.instance }}"
+ api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
+ state: absent
+ register: server
+ loop: "{{ instance_conf }}"
+ async: 7200
+ poll: 0
+
+ - name: Wait for instance(s) deletion to complete
+ async_status:
+ jid: "{{ item.ansible_job_id }}"
+ register: hetzner_jobs
+ until: hetzner_jobs.finished
+ retries: 300
+ loop: "{{ server.results }}"
+
+ - pause:
+ seconds: 5
+
+ - name: Destroy volume(s)
+ hcloud_volume:
+ name: "{{ item.instance }}"
+ server: "{{ item.instance }}"
+ api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
+ state: "absent"
+ register: volumes
+ loop: "{{ instance_conf }}"
+ when: item.volume | default(False) | bool
+ async: 7200
+ poll: 0
+
+ - name: Wait for volume(s) deletion to complete
+ async_status:
+ jid: "{{ item.ansible_job_id }}"
+ register: hetzner_volumes
+ until: hetzner_volumes.finished
+ retries: 300
+ when: volumes.changed
+ loop: "{{ volumes.results }}"
+
+ - name: Remove registered SSH key
+ hcloud_ssh_key:
+ name: "{{ instance_conf[0].ssh_key_name }}"
+ state: absent
+ when: (instance_conf | default([])) | length > 0
+
+ # Mandatory configuration for Molecule to function.
+
+ - name: Populate instance config
+ set_fact:
+ instance_conf: {}
+
+ - name: Dump instance config
+ copy:
+ content: |
+ # Molecule managed
+
+ {{ instance_conf | to_nice_yaml(indent=2) }}
+ dest: "{{ molecule_instance_config }}"
+ when: server.changed | bool
diff --git a/molecule/rocky8/molecule.yml b/molecule/rocky8/molecule.yml
new file mode 100644
index 0000000..b763ae6
--- /dev/null
+++ b/molecule/rocky8/molecule.yml
@@ -0,0 +1,24 @@
+---
+dependency:
+ name: galaxy
+ options:
+ role-file: molecule/requirements.yml
+ requirements-file: molecule/requirements.yml
+ env:
+ ANSIBLE_GALAXY_DISPLAY_PROGRESS: "false"
+driver:
+ name: delegated
+platforms:
+ - name: rocky8-cups
+ image: rocky-8
+ server_type: cx11
+lint: |
+ /usr/local/bin/flake8
+provisioner:
+ name: ansible
+ env:
+ ANSIBLE_FILTER_PLUGINS: ${ANSIBLE_FILTER_PLUGINS:-./plugins/filter}
+ ANSIBLE_LIBRARY: ${ANSIBLE_LIBRARY:-./library}
+ log: False
+verifier:
+ name: testinfra
diff --git a/molecule/rocky8/prepare.yml b/molecule/rocky8/prepare.yml
new file mode 100644
index 0000000..183f4d3
--- /dev/null
+++ b/molecule/rocky8/prepare.yml
@@ -0,0 +1,15 @@
+---
+- name: Prepare
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Bootstrap python for Ansible
+ raw: |
+ command -v python3 python || (
+ (test -e /usr/bin/dnf && sudo dnf install -y python3) ||
+ (test -e /usr/bin/apt && (apt -y update && apt install -y python-minimal)) ||
+ (test -e /usr/bin/yum && sudo yum -y -qq install python3) ||
+ echo "Warning: Python not boostrapped due to unknown platform."
+ )
+ become: true
+ changed_when: false
diff --git a/molecule/rocky8/tests/test_default.py b/molecule/rocky8/tests/test_default.py
new file mode 100644
index 0000000..fc93e1c
--- /dev/null
+++ b/molecule/rocky8/tests/test_default.py
@@ -0,0 +1,26 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ["MOLECULE_INVENTORY_FILE"]
+).get_hosts("all")
+
+
+def test_cups_running_and_enabled(host):
+ cups = host.service("cups")
+ assert cups.is_running
+ assert cups.is_enabled
+
+
+def test_cups_socket(host):
+ # Verify the socket is listening for HTTP traffic
+ assert host.socket("tcp://127.0.0.1:631").is_listening
+
+
+def test_cups_conn_error(host):
+ code = int(host.run("curl -s -w '%{http_code}' http://127.0.0.1:631/ -o /dev/null").stdout)
+ body = host.run("curl -sX GET http://127.0.0.1:631/").stdout
+
+ assert code == 200
+ assert "OpenPrinting CUPS" in body
diff --git a/tasks/install.yml b/tasks/install.yml
index fe7c9c9..276aba9 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -3,6 +3,7 @@
- name: Install cups
package:
name: "{{ cups_packages | default(__cups_packages) }}"
+ disable_gpg_check: yes
state: present
notify: __cupsd_restart
@@ -31,12 +32,5 @@
module_arguments: "{{ item.arguments | default(omit) }}"
new_module_path: "{{ item.new_module }}"
loop: "{{ __pam_config }}"
-
- - name: Replace default systemd unit
- template:
- src: "etc/systemd/system/org.cups.cupsd.service.j2"
- dest: "/etc/systemd/system/org.cups.cupsd.service"
- mode: 0640
- notify: __cupsd_restart
become: True
become_user: root
diff --git a/tasks/main.yml b/tasks/main.yml
index 2f0990f..1caf387 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,4 +1,16 @@
---
+- include_vars: "{{ var_files }}"
+ vars:
+ var_files: "{{ lookup('first_found', params, errors='ignore') }}"
+ params:
+ files:
+ - "{{ ansible_lsb.id | default('') | lower }}.yml"
+ - "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version }}.yml"
+ - "{{ ansible_os_family | lower }}.yml"
+ paths:
+ - "vars"
+ when: var_files
+
- include_tasks: prepare.yml
- include_tasks: install.yml
- include_tasks: selinux.yml
diff --git a/tasks/post_tasks.yml b/tasks/post_tasks.yml
index e63eedf..799f25f 100644
--- a/tasks/post_tasks.yml
+++ b/tasks/post_tasks.yml
@@ -1,7 +1,7 @@
---
- name: Ensure cups service is up and running
service:
- name: org.cups.cupsd
+ name: cups
state: started
daemon_reload: yes
enabled: yes
diff --git a/templates/etc/cups/cupsd.conf.j2 b/templates/etc/cups/cupsd.conf.j2
index 64f756a..cc1927a 100644
--- a/templates/etc/cups/cupsd.conf.j2
+++ b/templates/etc/cups/cupsd.conf.j2
@@ -1,6 +1,6 @@
#jinja2: lstrip_blocks: True
{{ ansible_managed | comment }}
-# Configuration file for the CUPS scheduler. See "man cupsd.conf" for a
+# Configuration file for the CUPS scheduler. See "man cupsd.conf" for a
# complete description of this file.
#
@@ -14,6 +14,12 @@ DefaultEncryption Never
LogLevel {{ cups_log_level | lower }}
PageLogFormat
+# Specifies the maximum size of the log files before they are rotated. The value "0" disables log rotation.
+MaxLogSize 1m
+
+# Default error policy for printers
+ErrorPolicy stop-printer
+
# Only listen for connections from the local machine.
{% for item in cups_bind_url %}
Listen {{ item }}
@@ -94,7 +100,7 @@ WebInterface Yes
Order deny,allow
- # Only the owner or an administrator can cancel or authenticate a job...
+ # Only the owner or an administrator can cancel or authenticate a job...
Require user @OWNER @SYSTEM
Order deny,allow
@@ -132,7 +138,7 @@ WebInterface Yes
Order deny,allow
- # All printer operations require a printer operator to authenticate...
+ # All printer operations require a printer operator to authenticate...
AuthType Default
Require user @SYSTEM
diff --git a/templates/etc/systemd/system/org.cups.cupsd.service.j2 b/templates/etc/systemd/system/org.cups.cupsd.service.j2
deleted file mode 100644
index e84694b..0000000
--- a/templates/etc/systemd/system/org.cups.cupsd.service.j2
+++ /dev/null
@@ -1,16 +0,0 @@
-#jinja2: lstrip_blocks: True
-{{ ansible_managed | comment }}
-[Unit]
-Description=CUPS Scheduler
-Documentation=man:cupsd(8)
-After=sssd.service network.target
-Wants=network.target
-
-[Service]
-ExecStart=/usr/sbin/cupsd -l
-Type=simple
-Restart=on-failure
-
-[Install]
-Also=org.cups.cupsd.socket org.cups.cupsd.path
-WantedBy=printer.target
diff --git a/vars/main.yml b/vars/main.yml
index 6f9bb10..c8ff514 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -1,10 +1,9 @@
---
__cups_download_url: https://gitea.rknet.org/rpmbuild/cups/releases/download/v{{ cups_version }}
__cups_packages:
- - "{{ __cups_download_url }}/cups-{{ cups_version }}-0.x86_64.rpm"
- - "{{ __cups_download_url }}/cups-devel-{{ cups_version }}-0.x86_64.rpm"
- - "{{ __cups_download_url }}/cups-libs-{{ cups_version }}-0.x86_64.rpm"
- - "{{ __cups_download_url }}/cups-lpd-{{ cups_version }}-0.x86_64.rpm"
+ - "{{ __cups_download_url }}/cups-{{ cups_version }}.el{{ ansible_distribution_major_version }}.x86_64.rpm"
+ - "{{ __cups_download_url }}/cups-libs-{{ cups_version }}.el{{ ansible_distribution_major_version }}.x86_64.rpm"
+ - "{{ __cups_download_url }}/cups-lpd-{{ cups_version }}.el{{ ansible_distribution_major_version }}.x86_64.rpm"
__pam_config:
- type: "auth"