ansible-role-tomcat

Commit Graph

Author	SHA1	Message	Date
Andrea Dell'Amico	694b91e00a	Add SSL/TLS certificate support and improve connector configuration. - Add tasks/tomcat-certs.yml: copies cert and key from letsencrypt or mkcert source directories into a tomcat-readable location, installs the acme.sh renewal hook script. - Add templates/tomcat-letsencrypt-hook.j2: shell hook called by acme.sh on renewal; uses cmp to detect changes and restarts tomcat only when needed. - Add handlers for 'letsencrypt cert renewed': copy fullchain and key then notify tomcat restart; triggered via listen from any task in the same play. - Add HTTPS connector to tomcat-server.xml.j2: Http11NioProtocol with SSLHostConfig on Tomcat 9+, Http11AprProtocol with inline attributes on Tomcat 7/8; both connectors share the named Executor thread pool. - Improve HTTP connector: explicit Http11NioProtocol, remove attributes ignored when an Executor is referenced (maxThreads, maxQueueSize), replace disableUploadTimeout with connectionUploadTimeout, make connectionTimeout and maxHttpHeaderSize variables, drop useBodyEncodingForURI. - Move Executor definition outside tomcat_http_enabled guard so it is present whenever any connector is active; move acceptCount to each Connector. - Add tomcat_http_disable_when_ssl to suppress the HTTP connector when SSL is active. - Add new defaults: tomcat_ssl_*, tomcat_connection_timeout, tomcat_upload_timeout, tomcat_max_http_header_size, tomcat_ssl_port, tomcat_ssl_protocols, tomcat_executor_accept_count, tomcat_executor_min_spare_threads. - Rewrite README.md with full variable documentation and example playbooks. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-06 18:28:10 +01:00
Andrea Dell'Amico	a031904751	First import of the old role.	2020-06-01 18:55:11 +02:00
S2I2S @ ISTI-CNR	c6346bdc61	Initial commit	2020-05-28 15:03:22 +02:00

Author

SHA1

Message

Date

Andrea Dell'Amico

694b91e00a

Add SSL/TLS certificate support and improve connector configuration.

- Add tasks/tomcat-certs.yml: copies cert and key from letsencrypt or mkcert
  source directories into a tomcat-readable location, installs the acme.sh
  renewal hook script.
- Add templates/tomcat-letsencrypt-hook.j2: shell hook called by acme.sh on
  renewal; uses cmp to detect changes and restarts tomcat only when needed.
- Add handlers for 'letsencrypt cert renewed': copy fullchain and key then
  notify tomcat restart; triggered via listen from any task in the same play.
- Add HTTPS connector to tomcat-server.xml.j2: Http11NioProtocol with
  SSLHostConfig on Tomcat 9+, Http11AprProtocol with inline attributes on
  Tomcat 7/8; both connectors share the named Executor thread pool.
- Improve HTTP connector: explicit Http11NioProtocol, remove attributes
  ignored when an Executor is referenced (maxThreads, maxQueueSize),
  replace disableUploadTimeout with connectionUploadTimeout, make
  connectionTimeout and maxHttpHeaderSize variables, drop useBodyEncodingForURI.
- Move Executor definition outside tomcat_http_enabled guard so it is present
  whenever any connector is active; move acceptCount to each Connector.
- Add tomcat_http_disable_when_ssl to suppress the HTTP connector when SSL
  is active.
- Add new defaults: tomcat_ssl_*, tomcat_connection_timeout,
  tomcat_upload_timeout, tomcat_max_http_header_size, tomcat_ssl_port,
  tomcat_ssl_protocols, tomcat_executor_accept_count,
  tomcat_executor_min_spare_threads.
- Rewrite README.md with full variable documentation and example playbooks.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-06 18:28:10 +01:00

Andrea Dell'Amico

a031904751

First import of the old role.

2020-06-01 18:55:11 +02:00

S2I2S @ ISTI-CNR

c6346bdc61

Initial commit

2020-05-28 15:03:22 +02:00

3 Commits