Skip to content

Latest commit

 

History

History
239 lines (224 loc) · 9.62 KB

Variables.md

File metadata and controls

239 lines (224 loc) · 9.62 KB
Raw

Variables

The inventory hosts file created from host.template contains variables that can be customized to fit your specific environment.

In most cases, you only need to modify only three variables, i.e fqdn, email and timezone.

Variables not assigned to any specific group belong to the all group. To tie variables to a particular group, place them under [group_name:vars], e.g , [instances:vars]. If you want a variable to apply to a specific host, append it to the host line. For example, to add database_host and dhis2_version to the dhis host in the instances group, use the following format:

[instances]
dhis  ansible_host=172.19.2.11  database_host=postgres  dhis2_version=2.39

Another option is to create a file in the inventory/host_vars/ directory with the same name as the host in your inventory/hosts file. The benefit of this approach is that you can encrypt the file using ansible-vault for added security. Any variables you define in the host_vars directory will take precedence over those in inventory/hosts file

touch inventory/host_vars/dhis
vim inventory/host_vars/dhis

Add the variables using yaml syntax as its shown below

ansible_host: 172.19.2.11
database_host: postgres
dhis2_version: 2.39

Here's the list of available configuration parameters and their default values

general variables

Variable Comments
timezone list all available timezones with timedatectl list-timezones
Examples
  • Europe/Oslo
  • Africa/Nairobi
ansible_connection Depends on the Architecture you are adopting, default is lxd
Options
  • lxd ← (default), for single server architecture
  • ssh ← Distributed Architecture
lxd_network Here you define a network which your containers will be created into, default is 172.19.2.1/24
lxd_bridge_interface The name of the created lxd bridge, default is lxdbr1

Instance Variables

Variable Comments
create_db Whether the database should be created or not
Choices:
  • True ← (default)
  • False
database_host Host to use as your database server
Default=postgres
JAVA_VERSION Host to use as your database server
Choices:
  • 8 -- version ≤ 2.35
  • 11 -- 2.36 ≤ version ≤ 2.40
  • 17 -- version ≥ 2.40
dhis2_war_file Source for your dhis2 war file, can either be remote or available locally as file
Examples
  • "https://releases.dhis2.org/2.38/dhis2-stable-2.38.0.war"
  • /full/path/for/your/dhis2.war
dhis2_version You can specify just the major version of dhis2 and it will get its latest stable iteration from https://releases.dhis2.org.
If your have both dhis2_war_file and dhis2_version defined, dhis2_war_file wins,
Examples
  • 2.39
  • 2.38
heap_memory_size This is tomcat9 Java Heap Memory Size,
Example
heap_memory_size=2G

PostgreSQL Variables

Variable Comments
postgresql_version Version for PostgreSQL to be installed, default: 13
pg_max_connections Maximum allowed connections to the database
pg_shared_buffers Shared Buffers for postgresql,
recommended 0.25 x Available_RAM for PostgreSQL
pg_work_mem PostgreSQL work memory,
Recommended = (0.25 x Available_RAM)/max_connections
pg_maintenance_work_mem As much as you can reasonably afford. Helps with index generation during the analytics generation task
pg_effective_cache_size Approx 80% of (Available RAM - maintenance_work_mem - max_connections*work_mem)

Proxy Variables

Variable Comments
fqdn This is the domain used to access dhis2 application
Strictly required for Letsencrypt to work
email Strictly required if you are using Letsencrypt
proxy Proxy software of your choice
Options
  • nginx ← (default)
  • apache2
SSL_TYPE This parameter enables to specify whether you'd want to use letsencrypt or your own customssl certificate,
Options
  • letsencrypt ← (default)
  • customssl
munin_base_path Base path for accessing munin, e.g: https://domain.example.com/munin_base_path defaults to munin
munin_users A list of users with their corresponding passwords allowed to login to munin: Example: 
   
munin_users:
  - name: admin
    password: admin_password
  - name: user2
    password: user2_passsword
Default username and password is admin and district respectively.

backup related Variables

These variables pertain to the PostgreSQL database host and contain sensitive information. It is advisable to secure them using ansible-vault encryption. You have the flexibility to define these variables in different locations, but it is recommended to place them in the host file within the host_vars directory, as shown below:

dhis2-server-tools/deploy/inventory/host_vars/postgres

Variable Comments
s3_access_key This is a unique identifier for cloud user or programmatic entity (like an application) that needs to interact with object storage.
s3_secret_key This is a secret piece of information that is associated with the Access Key. It is used to digitally sign requests made to object storage and maybe other services. This Secret Access Key must be kept confidential, as it's used to authenticate and authorize requests on behalf of the Access Key.
s3_cluster_id Cluster URL for Object Storage is unique to each data center, different data-centers have unique cluster IDS, refer to Linode Object Storage Guide for Linode.
s3_bucket This is a container or storage resource for storing files in the context of object storage