From 83a95fe49cb981686683f5d859b32da673aad440 Mon Sep 17 00:00:00 2001 From: Yi-Ting Shih Date: Mon, 7 Apr 2025 20:32:38 +0800 Subject: [PATCH] Fix(judgehost): works with Debian12 + docker --- README.md | 12 +- group_vars/all/main.yml | 4 +- hosts | 2 +- playbooks/judgehost.yml | 5 +- .../templates/docker-compose.yml.jinja | 3 + roles/configure_judgehost/handlers/main.yml | 4 + roles/configure_judgehost/tasks/main.yml | 15 +- .../handlers/main.yml | 14 ++ .../tasks/configure.yml | 138 +++++++++++++++++- .../tasks/download.yml | 60 +++++--- .../configure_judgehost_legacy/tasks/main.yml | 5 + .../tasks/main.yml | 0 12 files changed, 231 insertions(+), 31 deletions(-) create mode 100644 roles/configure_judgehost_legacy/handlers/main.yml rename roles/{install_packages_debian11 => install_packages_debian}/tasks/main.yml (100%) diff --git a/README.md b/README.md index 8bed580..77a92c5 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ ## Usage -0. Install Arch Linux for domserver and **Debian 11** for judgehost. +0. Install Arch Linux for domserver and **Debian 12** for judgehost. 1. Fill in the vars in `group_vars`. 2. Fill in `domserver` and `judgehost` groups in `hosts` file. 3. Run `ansible-playbook playbooks/domserver`. @@ -12,10 +12,18 @@ ## Trouble shooting +### I give up + +Just use Debian 12 + docker. + ### Judgehost cannot startup The cgroups v2 support had been patched since October, 2024. However the latest release of domjudge is 8.3.1, which was published on September, 2024. Therefore, before cgroups v2 patch came out as a stable release, we still have -to use a older release, like Debian 11, to make things work. +to use a older release, like Debian 12, to make things work. + +### PHP syntax error + +PHP version on Debian 11 is too old, use Debian 12 instead. diff --git a/group_vars/all/main.yml b/group_vars/all/main.yml index a48620b..780817e 100644 --- a/group_vars/all/main.yml +++ b/group_vars/all/main.yml @@ -1,3 +1,3 @@ --- -domjudge_base_dir: /opt/domjudge/midterm -domserver_url: https://cp1.konchin.com +domjudge_base_dir: /opt/domjudge +domserver_url: https://cp1.konchin.com/ diff --git a/hosts b/hosts index 8ee69cf..a8b52ff 100644 --- a/hosts +++ b/hosts @@ -7,7 +7,7 @@ localhost ansible_connection=local [judgehost] 10.4.2.227 -10.4.2.228 +#10.4.2.228 [all:vars] ansible_python_interpreter=/usr/bin/python3 diff --git a/playbooks/judgehost.yml b/playbooks/judgehost.yml index 50ab8aa..43f8769 100644 --- a/playbooks/judgehost.yml +++ b/playbooks/judgehost.yml @@ -2,5 +2,6 @@ - name: Install judgehost hosts: judgehost roles: - - role: install_packages_debian11 - - role: configure_judgehost_legacy + #- role: install_packages_debian + #- role: configure_judgehost_legacy + - role: configure_judgehost diff --git a/roles/configure_domserver/templates/docker-compose.yml.jinja b/roles/configure_domserver/templates/docker-compose.yml.jinja index 2384dd9..aaec4ce 100644 --- a/roles/configure_domserver/templates/docker-compose.yml.jinja +++ b/roles/configure_domserver/templates/docker-compose.yml.jinja @@ -21,8 +21,11 @@ services: CONTAINER_TIMEZONE: Asia/Taipei restart: always volumes: + - "restapi_secret:/opt/domjudge/domserver/etc/restapi.secret" - "./config/php/domjudge.conf:/etc/php/8.2/fpm/pool.d/domjudge.conf" depends_on: - mariadb ports: - "127.0.0.1:8080:80" +volumes: + restapi_secret: {} diff --git a/roles/configure_judgehost/handlers/main.yml b/roles/configure_judgehost/handlers/main.yml index 6041b95..1d8d1d6 100644 --- a/roles/configure_judgehost/handlers/main.yml +++ b/roles/configure_judgehost/handlers/main.yml @@ -1,6 +1,10 @@ --- - name: Reboot ansible.builtin.reboot: {} +- name: Update grub + ansible.builtin.command: | + update-grub + changed_when: true - name: Restart judgehost docker compose community.docker.docker_compose_v2: project_src: "{{ domjudge_base_dir }}" diff --git a/roles/configure_judgehost/tasks/main.yml b/roles/configure_judgehost/tasks/main.yml index ed724a1..8cfc8ee 100644 --- a/roles/configure_judgehost/tasks/main.yml +++ b/roles/configure_judgehost/tasks/main.yml @@ -1,10 +1,23 @@ --- -- name: Add boot parameters +- name: Add boot parameters (Archlinux) ansible.builtin.lineinfile: path: /boot/loader/entries/arch.conf line: >- options cgroup_enable=memory notify: Reboot + when: ansible_facts['distribution'] == "Archlinux" +- name: Add boot parameters (Debian) + ansible.builtin.lineinfile: + path: /etc/default/grub + regexp: '^GRUB_CMDLINE_LINUX_DEFAULT=' + line: >- + GRUB_CMDLINE_LINUX_DEFAULT="quiet + cgroup_enable=memory swapaccount=1 isolcpus=0 + systemd.unified_cgroup_hierarchy=0" + notify: + - Update grub + - Reboot + when: ansible_facts['distribution'] == "Debian" - name: Flush handlers ansible.builtin.meta: flush_handlers diff --git a/roles/configure_judgehost_legacy/handlers/main.yml b/roles/configure_judgehost_legacy/handlers/main.yml new file mode 100644 index 0000000..e339c4a --- /dev/null +++ b/roles/configure_judgehost_legacy/handlers/main.yml @@ -0,0 +1,14 @@ +--- +- name: Update grub + ansible.builtin.command: | + update-grub + changed_when: true +- name: Reboot + ansible.builtin.reboot: +- name: Systemd daemon-reload + ansible.builtin.systemd_service: + daemon_reload: true +- name: Restart judgehost + ansible.builtin.systemd_service: + name: domjudge-judgehost.target + state: restarted diff --git a/roles/configure_judgehost_legacy/tasks/configure.yml b/roles/configure_judgehost_legacy/tasks/configure.yml index 806b058..0cda5a4 100644 --- a/roles/configure_judgehost_legacy/tasks/configure.yml +++ b/roles/configure_judgehost_legacy/tasks/configure.yml @@ -1,4 +1,138 @@ --- -- name: Show domjudge base dir +- name: Run ./configure + tags: [make] + ansible.builtin.command: >- + ./configure + --with-baseurl={{ domserver_url }} + --prefix={{ domjudge_base_dir }} + args: + chdir: "{{ domjudge_base_dir }}" + become: true + become_user: domjudge + changed_when: true + register: debug +- name: Debug + tags: [make] ansible.builtin.debug: - var: domjudge_base_dir + var: debug.stdout_lines + +- name: Run make judgehost + tags: [make] + ansible.builtin.command: | + make judgehost + args: + chdir: "{{ domjudge_base_dir }}" + become: true + become_user: domjudge + register: debug +- name: Debug + tags: [make] + ansible.builtin.debug: + var: debug.stdout_lines + +- name: Run make install-judgehost + tags: [make] + ansible.builtin.command: | + make install-judgehost + args: + chdir: "{{ domjudge_base_dir }}" + notify: + - Systemd daemon-reload + register: debug +- name: Debug + tags: [make] + ansible.builtin.debug: + var: debug.stdout_lines + +- name: Create domjudge-run group + tags: [make] + ansible.builtin.group: + name: domjudge-run + +- name: Add domjudge-run user + tags: [make] + ansible.builtin.user: + name: domjudge-run + home: /nonexistent + group: domjudge-run + shell: /bin/false + +- name: Add domjudge-run-0 user + tags: [make] + ansible.builtin.user: + name: domjudge-run-0 + home: /nonexistent + group: domjudge-run + shell: /bin/false + +- name: Copy sudoers-domjudge + tags: [make] + ansible.builtin.copy: + src: "{{ domjudge_base_dir }}/etc/sudoers-domjudge" + dest: /etc/sudoers.d/sudoers-domjudge + remote_src: true + mode: '0440' + owner: root + group: root + +- name: Run misc-tools/dj_make_chroot + ansible.builtin.command: | + ./misc-tools/dj_make_chroot + args: + chdir: "{{ domjudge_base_dir }}" + +- name: Modify boot options + ansible.builtin.lineinfile: + path: /etc/default/grub + regexp: '^GRUB_CMDLINE_LINUX_DEFAULT=' + line: >- + GRUB_CMDLINE_LINUX_DEFAULT="quiet + cgroup_enable=memory swapaccount=1 isolcpus=0 + systemd.unified_cgroup_hierarchy=0" + notify: + - Update grub + - Reboot +- name: Flush handlers + ansible.builtin.meta: flush_handlers + +- name: Fetch judgehost password + tags: [make] + community.docker.docker_compose_v2_exec: + project_src: "{{ domjudge_base_dir }}" + service: domserver + command: >- + sed -nr 's/^.*\W+judgehost\W+(.+)$/\1/p' + /opt/domjudge/domserver/etc/restapi.secret + delegate_to: "{{ groups['domserver'] | first }}" + run_once: true + register: fetch_reg +- name: Set judgehost facts + tags: [make] + ansible.builtin.set_fact: + domserver_url: "{{ domserver_url }}" + judgehost_password: "{{ fetch_reg['stdout'] }}" + run_once: true +- name: Show judgehost password + tags: [make] + ansible.builtin.debug: + var: judgehost_password +- name: Install restapi.secret + tags: [make] + ansible.builtin.copy: + content: >- + default {{ domserver_url }}/api judgehost {{ judgehost_password }} + dest: "{{ domjudge_base_dir }}/judgehost/etc/restapi.secret" + mode: '0640' + owner: domjudge + group: domjudge + +- name: Flush handlers + tags: [make] + ansible.builtin.meta: flush_handlers + +- name: Enable and start domjudge-judgehost.target + tags: [make] + ansible.builtin.systemd_service: + name: domjudge-judgehost.target + state: started + enabled: true diff --git a/roles/configure_judgehost_legacy/tasks/download.yml b/roles/configure_judgehost_legacy/tasks/download.yml index e5ed582..ea89229 100644 --- a/roles/configure_judgehost_legacy/tasks/download.yml +++ b/roles/configure_judgehost_legacy/tasks/download.yml @@ -1,25 +1,43 @@ -- name: Download domjudge tarball - ansible.builtin.get_url: - url: "{{ domjudge_tarball_url }}" - dest: /opt/ - mode: '0644' - owner: root - group: root - register: downloaded_tarball - name: Install domjudge directory ansible.builtin.file: - path: "{{ domjudge_base_dir }}" + path: "{{ domjudge_base_dir | dirname }}" state: directory recurse: true - mode: '0700' - owner: root - group: root -- name: Extract domjudge tarball - ansible.builtin.unarchive: - src: "{{ downloaded_tarball.dest }}" - dest: "{{ domjudge_base_dir }}" - remote_src: true - register: domjudge_extracted -- name: Set new domjudge_base_dir - ansible.builtin.set_fact: - domjudge_base_dir: "{{ domjudge_extracted.dest }}" + mode: '0750' + owner: domjudge + group: domjudge +- name: Install domjudge by tarball + block: + - name: Create tmp for domjudge tarball + ansible.builtin.file: + path: /run/domjudge + state: directory + mode: '0755' + owner: root + group: root + - name: Download domjudge tarball + ansible.builtin.get_url: + url: "{{ domjudge_tarball_url }}" + dest: /run/domjudge/ + mode: '0644' + owner: domjudge + group: domjudge + register: downloaded_tarball + - name: Extract domjudge tarball + ansible.builtin.unarchive: + src: "{{ downloaded_tarball.dest }}" + dest: /run/domjudge/ + remote_src: true + owner: domjudge + group: domjudge + register: domjudge_extracted + - name: Set new domjudge_base_dir + ansible.builtin.set_fact: + domjudge_extracted_dir: "{{ domjudge_extracted.dest }}/domjudge-{{ judgehost_version }}" + - name: Move content to domjudge base directory + ansible.builtin.shell: | + echo "{{ domjudge_extracted_dir }}" + echo "{{ domjudge_base_dir }}" + mv {{ domjudge_extracted_dir }} {{ domjudge_base_dir }} + args: + creates: "{{ domjudge_base_dir }}" diff --git a/roles/configure_judgehost_legacy/tasks/main.yml b/roles/configure_judgehost_legacy/tasks/main.yml index 0b54ba2..3acf498 100644 --- a/roles/configure_judgehost_legacy/tasks/main.yml +++ b/roles/configure_judgehost_legacy/tasks/main.yml @@ -1,5 +1,10 @@ --- +- name: Add domjudge user + ansible.builtin.user: + name: domjudge + create_home: true - name: Import domjudge download ansible.builtin.import_tasks: download.yml - name: Import domjudge configure ansible.builtin.import_tasks: configure.yml + notify: Restart judgehost diff --git a/roles/install_packages_debian11/tasks/main.yml b/roles/install_packages_debian/tasks/main.yml similarity index 100% rename from roles/install_packages_debian11/tasks/main.yml rename to roles/install_packages_debian/tasks/main.yml