An Ansible Role that installs Supervisor on Linux.
Python pip should be installed. If it is not already installed, you can use the geerlingguy.pip Ansible role to install Pip prior to running this role.
Available variables are listed below, along with default values (see defaults/main.yml):
supervisor_version: latest
Install a specific version of Supervisor by setting it here. See available Supervisor versions on Pypi. latest installs the latest stable release.
supervisor_started: true
supervisor_enabled: true
Choose whether to use an init script or systemd unit configuration to start Supervisor when it's installed and/or after a system boot.
supervisor_config_path: /etc/supervisor
The path where Supervisor configuration should be stored.
supervisor_programs:
- name: 'foo'
command: /bin/cat
state: present
- name: 'apache'
command: apache2ctl -DFOREGROUND
state: present
configuration: |
autostart=true
autorestart=true
startretries=1
startsecs=1
redirect_stderr=true
stderr_logfile=/var/log/apache-err.log
stdout_logfile=/var/log/apache-out.log
user=root
killasgroup=true
stopasgroup=true
supervisor_programs is an empty list by default; you can define a list of programs to be managed by Supervisor. If you set state to present, then a configuration file for the program (named [program-name-here].conf) will be added to the conf.d path included by the global Supervisor configuration. You can also manage program-level configuration on your own, outside this role, if you need more flexibility.
supervisor_nodaemon: false
Set to true if you need to run Supervisor in the foreground.
supervisor_log_dir: /var/log/supervisor
The location where Supervisor logs will be stored.
supervisor_user: root
supervisor_password: 'my_secret_password'
The user under which supervisord will be run, and the password to be used when connecting to Supervisor's HTTP server (either for supervisorctl access, or when viewing the administrative UI).
supervisor_unix_http_server_password_protect: true
supervisor_inet_http_server_password_protect: true
Password protection can be turned off for Unix HTTP and Inet HTTP by setting these variables to false, This would disable password protection for supervisorctl as well.
supervisor_unix_http_server_enable: true
supervisor_unix_http_server_socket_path: /var/run/supervisor.sock
Whether to enable the UNIX socket-based HTTP server, and the socket file to use if enabled.
Note: By default, this role enables an HTTP server over a UNIX socket that can be accessed locally using the
_userand_passworddefined earlier. Make sure you set a securesupervisor_passwordto prevent unauthorized access! (Or, if you don't need to HTTP server nor need to usesupervisorctl, you should disable the UNIX http server by setting this variable tofalse).
supervisor_inet_http_server_enable: false
supervisor_inet_http_server_port: '*:9001'
Whether to enable the TCP-based HTTP server, and the interface and port on which the server should listen if enabled.
None.
- hosts: all
roles:
- geerlingguy.pip
- geerlingguy.supervisor
If you need to use supervisorctl, you can either use Ansible's built-in supervisorctl module for management, or run it like so (accounting for the variable path to the configuration directory):
supervisorctl -c /etc/supervisor/supervisord.conf -u root -p [password] status all
MIT / BSD
This role was created in 2017 by Jeff Geerling, author of Ansible for DevOps.