The inventory hosts file created from host.template
contains variables that can be
customized to fit your specific environment.
In most cases, you only need to
modify only three variables, i.e fqdn
, email
and timezone
.
Variables not assigned to any specific group belong to the all
group. To tie
variables to a particular group, place them under [group_name:vars]
, e.g ,
[instances:vars]
. If you want a variable to apply to a specific host, append
it to the host line. For example, to add database_host
and dhis2_version
to
the dhis host in the instances
group, use the following format:
[instances]
dhis ansible_host=172.19.2.11 database_host=postgres dhis2_version=2.39
Another option is to create a file in the inventory/host_vars/
directory
with the same name as the host in your inventory/hosts
file. The benefit of
this approach is that you can encrypt the file using ansible-vault
for added
security. Any variables you define in the host_vars
directory will take
precedence over those in inventory/hosts
file
touch inventory/host_vars/dhis
vim inventory/host_vars/dhis
Add the variables using yaml
syntax as its shown below
ansible_host: 172.19.2.11
database_host: postgres
dhis2_version: 2.39
Variable | Comments |
---|---|
timezone |
list all available timezones with timedatectl
list-timezones Examples
|
ansible_connection |
Depends on the Architecture you are
adopting, default is lxd Options
|
lxd_network |
Here you define a network which your containers will be created into,
default is 172.19.2.1/24 |
lxd_bridge_interface |
The name of the created lxd bridge, default is lxdbr1 |
Variable | Comments |
---|---|
create_db |
Whether the database should be created or not Choices:
|
database_host |
Host to use as your database server Default= postgres |
JAVA_VERSION |
Host to use as your database server Choices:
|
dhis2_war_file |
Source for your dhis2 war file, can either be remote or available
locally as file Examples
|
dhis2_version |
You can specify just the major version of dhis2 and it will get its
latest stable iteration from https://releases.dhis2.org. If your have both dhis2_war_file and dhis2_version
defined, dhis2_war_file wins,
Examples
|
heap_memory_size |
This is tomcat9 Java Heap Memory Size, Example heap_memory_size=2G |
Variable | Comments |
---|---|
postgresql_version |
Version for PostgreSQL to be installed, default: 13 |
pg_max_connections |
Maximum allowed connections to the database |
pg_shared_buffers |
Shared Buffers for postgresql, recommended 0.25 x Available_RAM for PostgreSQL |
pg_work_mem |
PostgreSQL work memory, Recommended = (0.25 x Available_RAM)/max_connections |
pg_maintenance_work_mem |
As much as you can reasonably afford. Helps with index generation during the analytics generation task |
pg_effective_cache_size |
Approx 80% of (Available RAM - maintenance_work_mem - max_connections*work_mem) |
Variable | Comments |
---|---|
fqdn |
This is the domain used to access dhis2 application Strictly required for Letsencrypt to work |
email |
Strictly required if you are using Letsencrypt |
proxy |
Proxy software of your choice Options
|
SSL_TYPE |
This parameter enables to specify whether you'd want to use
letsencrypt or your own customssl
certificate,Options
|
munin_base_path |
Base path for accessing munin, e.g:
https://domain.example.com/munin_base_path defaults to munin
|
munin_users |
A list of users with their corresponding passwords allowed to login to munin:
Example:
|
These variables pertain to the PostgreSQL database host and contain sensitive information. It is advisable to secure them using ansible-vault encryption. You have the flexibility to define these variables in different locations, but it is recommended to place them in the host file within the host_vars directory, as shown below:
dhis2-server-tools/deploy/inventory/host_vars/postgres
Variable | Comments |
---|---|
s3_access_key |
This is a unique identifier for cloud user or programmatic entity (like an application) that needs to interact with object storage. |
s3_secret_key |
This is a secret piece of information that is associated with the Access Key. It is used to digitally sign requests made to object storage and maybe other services. This Secret Access Key must be kept confidential, as it's used to authenticate and authorize requests on behalf of the Access Key. |
s3_cluster_id |
Cluster URL for Object Storage is unique to each data center, different data-centers have unique cluster IDS, refer to Linode Object Storage Guide for Linode. |
s3_bucket |
This is a container or storage resource for storing files in the context of object storage |