Added pga role to deploy pga, fix #1
Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/c5b37ac5 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/c5b37ac5 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/c5b37ac5 Branch: refs/heads/develop Commit: c5b37ac515fbeb400358e0f31ff147eae0fca0bb Parents: f50e7ad Author: Shameera Rathnayaka <[email protected]> Authored: Fri Jul 29 01:15:03 2016 -0400 Committer: Shameera Rathnayaka <[email protected]> Committed: Fri Jul 29 01:15:03 2016 -0400 ---------------------------------------------------------------------- hosts | 3 +- roles/pga/tasks/main.yml | 66 ++++++++ roles/pga/templates/pga_config.php.j2 | 238 +++++++++++++++++++++++++++++ roles/pga/vars/main.yml | 28 ++++ site.yml | 8 + 5 files changed, 342 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/airavata/blob/c5b37ac5/hosts ---------------------------------------------------------------------- diff --git a/hosts b/hosts index 11a03c7..66f650f 100644 --- a/hosts +++ b/hosts @@ -9,7 +9,8 @@ #149.165.171.11 host_name=js-171-11 host_address=149.165.171.11 [pga] -149.165.156.196 +#149.165.156.196 +149.165.171.11 [zookeeper] 149.165.156.196 host_name=js-156-196 host_address=149.165.156.196 http://git-wip-us.apache.org/repos/asf/airavata/blob/c5b37ac5/roles/pga/tasks/main.yml ---------------------------------------------------------------------- diff --git a/roles/pga/tasks/main.yml b/roles/pga/tasks/main.yml new file mode 100644 index 0000000..ae08942 --- /dev/null +++ b/roles/pga/tasks/main.yml @@ -0,0 +1,66 @@ +--- +# - name: Create a new user group "{{ pga_group }}" +# group: name={{ pga_group }} +# # tags: user +# +# - name: Create a new user "{{ pga_user }}" +# user: name={{ pga_user }} group={{ pga_group }} +# # tags: user + +- name: Install pre-requireties + yum: name="{{ item }}" state=latest update_cache=yes + with_items: + - git + - httpd + - php-soap + - php + - composer + - php-mcrypt + - firewalld + +# This doesn't work sometimes, make sure selinux is dissabled in remote machine +# - name: Allow selinux outbound connection from web server + # command: setsebool -P httpd_can_network_connect 1 + +- name: Create root directory + file: path="{{ doc_root_dir }}" state=directory + +- name: Git clone php gateway + git: repo=https://github.com/apache/airavata-php-gateway.git dest="{{ doc_root_dir }}" version=master + +- name: Run composer update + command: composer update chdir="{{ doc_root_dir }}" + +- name: Create user data dir {{ user_data_dir }} + file: path="{{ user_data_dir }}" state=directory + +# step 6: Change pga configurations +- name: Copy pga config file + template: src=pga_config.php.j2 dest="{{ doc_root_dir }}/app/config/pga_config.php" + +# do we need to change permissions for root user? +# - name: Change storage permissions to g+rwx +# acl: name="{{ doc_root_dir }}/app/storage" entity="{{ pga_group }}" etype=group permissions="rwx" state=present + +# Ignored step 8,9 in doc by assuming selinux is dissabled in remote machine + +# TODO: stop iptables service, can't have both iptables and firewalld on same host +- name: Stop iptables, ip6tables services + service: name="{{ item }}" state=stopped + with_items: + - iptables + - ip6tables + +- name: Start firewalld service + service: name=firewalld state=started + +- name: Eanble https and http service on public zone + firewalld: service="{{ item }}" permanent=true state=enabled zone=public immediate=True + with_items: + - http + - https + +- name: Edit file + lineinfile: dest="{{ httpd_conf_file }}" regexp=^AllowOverride line="AllowOverride All" + +... http://git-wip-us.apache.org/repos/asf/airavata/blob/c5b37ac5/roles/pga/templates/pga_config.php.j2 ---------------------------------------------------------------------- diff --git a/roles/pga/templates/pga_config.php.j2 b/roles/pga/templates/pga_config.php.j2 new file mode 100644 index 0000000..703f67f --- /dev/null +++ b/roles/pga/templates/pga_config.php.j2 @@ -0,0 +1,238 @@ +<?php +return array( + /** + * ***************************************************************** + * WSO2 Identity Server Related Configurations + * ***************************************************************** + */ + + 'wsis' => [ + + /** + * Admin Role Name + */ + 'admin-role-name' => 'Internal/everyone', + + /** + * Read only Admin Role Name + */ + 'read-only-admin-role-name' => 'Internal/everyone', + + /** + * Gateway user role + */ + 'user-role-name' => 'Internal/everyone', + + /** + * Tenant Domain + */ + 'tenant-domain' => '{{ tenant_domain }}', + + /** + * Tenant admin's username + */ + 'admin-username' => '{{ admin_username }}', + + /** + * Tenant admin's password + */ + 'admin-password' => '{{ admin_password }}', + + /** + * OAuth client key + */ + 'oauth-client-key' => '{{ oauth_client_key }}', + + /** + * OAuth client secret + */ + 'oauth-client-secret' => '{{ oauth_client_secret }}', + + /** + * Identity server domain + */ + 'server' => 'idp.scigap.org', + + /** + * Identity server url + */ + 'service-url' => 'https://idp.scigap.org:9443/', + + /** + * Enable HTTPS server verification + */ + 'verify-peer' => true, + + /** + * Path to the server certificate file + */ + 'cafile-path' => app_path() . '/resources/security/idp_scigap_org.pem', + + /** + * Allow self signed server certificates + */ + 'allow-self-signed-cert' => false + ], + + + /** + * ***************************************************************** + * Airavata Client Configurations + * ***************************************************************** + */ + 'airavata' => [ + + /** + * Airavata API server location. Use tls:// as the protocol to + * connect TLS enabled Airavata + */ + 'airavata-server' => '{{ airavata_server }}', + + /** + * Airavata API server port + */ + 'airavata-port' => '{{ airavata_port }}', + + /** + * Airavata API server thrift communication timeout + */ + 'airavata-timeout' => '1000000', + + /** + * PGA Gateway ID + */ + 'gateway-id' => '{{ gateway_id }}', + + /** + * Maximum size of a file which is allowed to upload to the server + */ + 'server-allowed-file-size' => 64, + + /** + * absolute path of the data dir + */ + 'experiment-data-absolute-path' => '{{ experiment_data_dir }}', + + /** + * Advanced experiments options + */ + 'advanced-experiment-options' => '', + + /** + * Default queue name + */ + 'queue-name' => 'long', + + /** + * Default node count + */ + 'node-count' => '1', + + /** + * Default total core count + */ + 'total-cpu-count' => '16', + + /** + * Default wall time limit + */ + 'wall-time-limit' => '30', + + /** + * Enable app-catalog cache + */ + 'enable-app-catalog-cache' => true, + + /** + * Life time of app catalog data cache in minutes + */ + 'app-catalog-cache-duration' => 5, + + /** + * Gateway data store resource id + */ + 'gateway-data-store-resource-id' => '{{ gateway_data_store_resource_id }}' + ], + + /** + * ***************************************************************** + * Portal Related Configurations + * ***************************************************************** + */ + 'portal' => [ + /** + * Whether this portal is the SciGaP admin portal + */ + 'super-admin-portal' => {{ super_admin_portal }}, + + /** + * Set the name of theme in use here + */ + 'theme' => 'base', + + /** + * Portal title + */ + 'portal-title' => 'Airavata PHP Gateway', + + /** + * Email address of the portal admin. Portal admin well get email notifications for events + * such as new user creation + */ + 'admin-emails' => [{{ admin_emails }}], + + /** + * Email account that the portal should login to send emails + */ + 'portal-email-username' => '{{ portal_email_username }}', + + /** + * Password for the portal's email account + */ + 'portal-email-password' => '{{ portal_email_password }}', + + /** + * SMTP server on which the portal should connect + */ + 'portal-smtp-server-host' => 'smtp.gmail.com', + + /** + * SMTP server port on which the portal should connect + */ + 'portal-smtp-server-port' => '587', + + /** + * Set JIRA Issue Collector scripts here. + */ + 'jira-help' => + [ + /** + * Report Issue Script issued for your app by Atlassian JIRA + */ + 'report-issue-script' => '', + /** + * Collector id at the end of the above script + */ + 'report-issue-collector-id' => '', + /** + * Create Report Script issued for your app by Atlassian JIRA + */ + 'request-feature-script' => '', + /** + * Collector id at the end of the above script + */ + 'request-feature-collector-id' => '' + ], + + /** + * Set Google Analytics Id here. ID format that generates from + * creating tracker object should be + * + * UA-XXXXX-Y + * + * for it to be working correctly. Currently it is only set for + * sending pageviews. + */ + 'google-analytics-id' => '' + ] +); http://git-wip-us.apache.org/repos/asf/airavata/blob/c5b37ac5/roles/pga/vars/main.yml ---------------------------------------------------------------------- diff --git a/roles/pga/vars/main.yml b/roles/pga/vars/main.yml new file mode 100644 index 0000000..1ece511 --- /dev/null +++ b/roles/pga/vars/main.yml @@ -0,0 +1,28 @@ +--- +pga_user: "pga" +pga_group: "pga" +doc_root_dir: "/var/www/html/php-gateway" +user_data_dir: "/var/www/user_data" +httpd_conf_file: "/etc/httpd/conf/httpd.conf" + +## WSO2 IS related variables +tenant_domain: "master2.airavata" +admin_username: "master2" +admin_password: "master" +oauth_client_key: "5_GFR88Nzd4XvGthSMF1fnOJPuMa" +oauth_client_secret: "KNTf_LPLuGBDbRVZwkrP_fF5z2Ea" + +## Airavata Client related variables +airavata_server: "tls://gw77.iu.xsede.org" +airavata_port: "9930" +gateway_id: "default" +# relative to document root dir +experiment_data_dir: "{{ user_data_dir }}" +gateway_data_store_resource_id: "gw75.iu.xsede.org_3e40e62b-be11-4590-bf24-b1b6796c3572" + +## Portal related variables +super_admin_portal: "false" +admin_emails: "'[email protected]','[email protected]'" +portal_email_username: "[email protected]" +portal_email_password: "airavata12" +... http://git-wip-us.apache.org/repos/asf/airavata/blob/c5b37ac5/site.yml ---------------------------------------------------------------------- diff --git a/site.yml b/site.yml index cf71290..728d3f0 100644 --- a/site.yml +++ b/site.yml @@ -1,25 +1,33 @@ --- #Master playbook - hosts: zookeeper + tags: zookeeper roles: - setup - zookeeper - hosts: rabbitmq + tags: rabbitmq roles: - setup - rabbitmq - hosts: gfac + tags: gfac roles: - setup - common - gfac - hosts: api-orch + tags: api-orch roles: - setup - common - api-orch +- hosts: pga + tags: pga + roles: + - pga ...
