From 62493ac5a9ccc7a20705d19e961583f35d08936f Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Wed, 17 Sep 2025 03:30:40 +0200 Subject: [PATCH] XWiki: increase installer execution timeout and add retries The task 'XWIKI | Execute installer page' now uses: - timeout: 300 (allow up to 5 min per request) - retries: 20 - delay: 15 - until: condition This prevents early failures during the first Distribution Wizard bootstrap when hundreds of extensions are still being installed. Context: https://chatgpt.com/share/68ca0f18-2124-800f-a70d-df1811966107 --- roles/docker-compose/handlers/main.yml | 2 +- roles/web-app-xwiki/tasks/01_core.yml | 26 ++++++++++++------- roles/web-app-xwiki/tasks/04_extensions.yml | 6 ++++- roles/web-app-xwiki/tasks/_flush_config.yml | 6 ----- roles/web-app-xwiki/templates/Dockerfile.j2 | 4 +++ .../templates/docker-compose.yml.j2 | 21 ++++++++++++++- roles/web-app-xwiki/templates/env.j2 | 1 + roles/web-app-xwiki/templates/xwiki.cfg.j2 | 25 ------------------ 8 files changed, 48 insertions(+), 43 deletions(-) delete mode 100644 roles/web-app-xwiki/templates/xwiki.cfg.j2 diff --git a/roles/docker-compose/handlers/main.yml b/roles/docker-compose/handlers/main.yml index 5bc19f59..fd4fe022 100644 --- a/roles/docker-compose/handlers/main.yml +++ b/roles/docker-compose/handlers/main.yml @@ -41,7 +41,7 @@ - docker compose up - docker compose restart -- name: Build docker compose +- name: Build docker compose shell: | set -euo pipefail docker compose build || { diff --git a/roles/web-app-xwiki/tasks/01_core.yml b/roles/web-app-xwiki/tasks/01_core.yml index 91ad33c7..42b0b1f4 100644 --- a/roles/web-app-xwiki/tasks/01_core.yml +++ b/roles/web-app-xwiki/tasks/01_core.yml @@ -1,14 +1,15 @@ - name: Validate XWiki variables include_tasks: 02_validation.yml -- name: "load docker, db and proxy for {{ application_id }}" - include_role: - name: sys-stk-full-stateful - vars: - docker_compose_flush_handlers: false +- block: + - name: "load docker, db and proxy for {{ application_id }}" + include_role: + name: sys-stk-full-stateful + vars: + docker_compose_flush_handlers: false -- name: Deploy Bootstrap Config - include_tasks: _flush_config.yml + - name: Deploy Bootstrap Config + include_tasks: _flush_config.yml vars: xwiki_oidc_enabled_switch: false xwiki_ldap_enabled_switch: false @@ -21,8 +22,15 @@ - name: Load setup procedures for extensions include_tasks: 04_extensions.yml -- name: Deploy Final Config - include_tasks: _flush_config.yml +- block: + - name: "Create Final Docker Compose File" + template: + src: "docker-compose.yml.j2" + dest: "{{ docker_compose.files.docker_compose }}" + notify: docker compose up + + - name: Deploy Final Config + include_tasks: _flush_config.yml vars: xwiki_oidc_enabled_switch: "{{ XWIKI_OIDC_ENABLED | bool }}" xwiki_ldap_enabled_switch: "{{ XWIKI_LDAP_ENABLED | bool }}" diff --git a/roles/web-app-xwiki/tasks/04_extensions.yml b/roles/web-app-xwiki/tasks/04_extensions.yml index e155e4c8..4b10353a 100644 --- a/roles/web-app-xwiki/tasks/04_extensions.yml +++ b/roles/web-app-xwiki/tasks/04_extensions.yml @@ -90,14 +90,18 @@ - name: "XWIKI | Execute installer page" uri: - url: "{{ 'http://127.0.0.1:' ~ XWIKI_HOST_PORT ~ '/bin/view/XWiki/InstallExtensions?xpage=plain' }}" + url: "http://127.0.0.1:{{ XWIKI_HOST_PORT }}/bin/view/XWiki/InstallExtensions?xpage=plain" method: GET user: "{{ XWIKI_SUPERADMIN_USERNAME }}" password: "{{ XWIKI_SUPERADMIN_PASSWORD }}" force_basic_auth: true status_code: [200] return_content: yes + timeout: 300 # allow up to 5 minutes per attempt register: _exec_page + retries: 20 # retry up to 20 times + delay: 15 # wait 15 seconds between retries + until: _exec_page is succeeded # Assert success: # - If nothing was requested, allow "SKIP: no extensions requested". diff --git a/roles/web-app-xwiki/tasks/_flush_config.yml b/roles/web-app-xwiki/tasks/_flush_config.yml index 557fa99e..0d7bfe97 100644 --- a/roles/web-app-xwiki/tasks/_flush_config.yml +++ b/roles/web-app-xwiki/tasks/_flush_config.yml @@ -1,9 +1,3 @@ -- name: "Render xwiki.cfg" - template: - src: "xwiki.cfg.j2" - dest: "{{ XWIKI_HOST_CONF_PATH }}" - notify: docker compose up - - name: "Deploy xwiki.properties" template: src: "xwiki.properties.j2" diff --git a/roles/web-app-xwiki/templates/Dockerfile.j2 b/roles/web-app-xwiki/templates/Dockerfile.j2 index 07f84292..e1764c41 100644 --- a/roles/web-app-xwiki/templates/Dockerfile.j2 +++ b/roles/web-app-xwiki/templates/Dockerfile.j2 @@ -1 +1,5 @@ FROM {{ XWIKI_IMAGE }}:{{ XWIKI_VERSION }} +RUN cat >> /usr/local/tomcat/webapps/ROOT/WEB-INF/xwiki.cfg <- +{% if xwiki_oidc_enabled_switch| bool %} + -Dxwiki.authentication.authclass=org.xwiki.contrib.oidc.auth.OIDCAuthServiceImpl +{% elif xwiki_ldap_enabled_switch | bool %} + -Dxwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl + -Dxwiki.authentication.ldap=1 + -Dxwiki.authentication.ldap.trylocal={{ (XWIKI_LDAP_TRYLOCAL | bool) | ternary(1, 0) }} + -Dxwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup={{ XWIKI_LDAP_ADMIN_GROUP_DN }} + -Dxwiki.authentication.ldap.mode_group_sync=always + -Dxwiki.authentication.ldap.server={{ XWIKI_LDAP_SERVER }} + -Dxwiki.authentication.ldap.port={{ XWIKI_LDAP_PORT }} + -Dxwiki.authentication.ldap.base_DN={{ XWIKI_LDAP_BASE_DN }} + -Dxwiki.authentication.ldap.bind_DN={{ XWIKI_LDAP_BIND_DN }} + -Dxwiki.authentication.ldap.bind_pass={{ XWIKI_LDAP_BIND_PASS }} + -Dxwiki.authentication.ldap.fields_mapping={{ XWIKI_LDAP_FIELDS_MAPPING }} + -Dxwiki.authentication.ldap.update_user=1 +{% else %} + -Dxwiki.authentication.authclass=com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl +{% endif %} volumes: - - "{{ XWIKI_HOST_CONF_PATH }}:/usr/local/tomcat/webapps/ROOT/WEB-INF/xwiki.cfg" - "{{ XWIKI_HOST_PROPERTIES_PATH }}:/usr/local/tomcat/webapps/ROOT/WEB-INF/xwiki.properties" - 'data:{{ XWIKI_DOCK_DATA_DIR }}' {% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %} diff --git a/roles/web-app-xwiki/templates/env.j2 b/roles/web-app-xwiki/templates/env.j2 index 087141a4..83e2deb1 100644 --- a/roles/web-app-xwiki/templates/env.j2 +++ b/roles/web-app-xwiki/templates/env.j2 @@ -4,3 +4,4 @@ DB_HOST="{{ database_host }}" DB_PORT="{{ database_port }}" DB_DATABASE="{{ database_name }}" DB_TYPE="{{ 'mariadb' if database_type == 'mariadb' else 'postgresql' }}" +XWIKI_SUPERADMIN_PASSWORD="{{ XWIKI_SUPERADMIN_PASSWORD }}" \ No newline at end of file diff --git a/roles/web-app-xwiki/templates/xwiki.cfg.j2 b/roles/web-app-xwiki/templates/xwiki.cfg.j2 deleted file mode 100644 index e1395506..00000000 --- a/roles/web-app-xwiki/templates/xwiki.cfg.j2 +++ /dev/null @@ -1,25 +0,0 @@ -# ---- Authentication selection -{% if xwiki_oidc_enabled_switch | bool %} -xwiki.authentication.authclass=org.xwiki.contrib.oidc.auth.OIDCAuthServiceImpl -{% elif xwiki_ldap_enabled_switch | bool %} -xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl -xwiki.authentication.ldap=1 -xwiki.authentication.ldap.trylocal={{ (XWIKI_LDAP_TRYLOCAL | bool) | ternary(1, 0) }} -xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup={{ XWIKI_LDAP_ADMIN_GROUP_DN }} -xwiki.authentication.ldap.mode_group_sync=always -xwiki.authentication.ldap.server={{ XWIKI_LDAP_SERVER }} -xwiki.authentication.ldap.port={{ XWIKI_LDAP_PORT }} -xwiki.authentication.ldap.base_DN={{ XWIKI_LDAP_BASE_DN }} -xwiki.authentication.ldap.bind_DN={{ XWIKI_LDAP_BIND_DN }} -xwiki.authentication.ldap.bind_pass={{ XWIKI_LDAP_BIND_PASS }} -xwiki.authentication.ldap.fields_mapping={{ XWIKI_LDAP_FIELDS_MAPPING }} -xwiki.authentication.ldap.update_user=1 -{% else %} -xwiki.authentication.authclass=com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl -{% endif %} - -{% if xwiki_superadmin_enabled_switch | bool %} -# ---- Superadmin must live in xwiki.cfg (not in xwiki.properties) -xwiki.superadminpassword={{ XWIKI_SUPERADMIN_PASSWORD }} -xwiki.superadmin=1 -{% endif %}