Dev SciGaP deploy (WIP); updates to Keycloak role
Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/12797790 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/12797790 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/12797790 Branch: refs/heads/develop Commit: 1279779099fb0a158ef37c3df494f2a1c2abbff0 Parents: 251070b Author: Marcus Christie <[email protected]> Authored: Wed Jun 14 10:39:30 2017 -0400 Committer: Marcus Christie <[email protected]> Committed: Thu Jun 15 12:18:14 2017 -0400 ---------------------------------------------------------------------- dev-tools/ansible/apiserver.yml | 34 +++++ dev-tools/ansible/database.yml | 11 ++ .../scigap/develop/files/airavata.jks | 76 +++++++++++ .../scigap/develop/files/airavata_sym.jks | 30 +++++ .../scigap/develop/files/client_truststore.jks | 126 +++++++++++++++++ .../scigap/develop/group_vars/all/vars.yml | 135 +++++++++++++++++++ .../scigap/develop/group_vars/all/vault.yml | 29 ++++ .../ansible/inventories/scigap/develop/hosts | 23 ++++ .../scigap/develop/pga_config/scigap/vars.yml | 56 ++++++++ .../scigap/develop/pga_config/scigap/vault.yml | 18 +++ .../scigap/develop/pga_config/seagrid/vars.yml | 55 ++++++++ .../scigap/develop/pga_config/seagrid/vault.yml | 18 +++ .../develop/pga_config/testdrive/vars.yml | 56 ++++++++ .../develop/pga_config/testdrive/vault.yml | 18 +++ dev-tools/ansible/keycloak.yml | 9 ++ dev-tools/ansible/pga-scigap-dev.yml | 26 ++++ dev-tools/ansible/roles/database/tasks/main.yml | 6 + .../ansible/roles/keycloak/defaults/main.yml | 8 ++ dev-tools/ansible/roles/keycloak/tasks/main.yml | 40 +++--- dev-tools/ansible/roles/pga/tasks/main.yml | 9 ++ 20 files changed, 760 insertions(+), 23 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/apiserver.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/apiserver.yml b/dev-tools/ansible/apiserver.yml new file mode 100644 index 0000000..222febf --- /dev/null +++ b/dev-tools/ansible/apiserver.yml @@ -0,0 +1,34 @@ +# +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +--- +- hosts: api-orch + tags: api-orch, airavata + roles: + - env_setup + - java + - role: common + become: yes + become_user: "{{user}}" + - role: api-orch + become: yes + become_user: "{{user}}" + +... http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/database.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/database.yml b/dev-tools/ansible/database.yml new file mode 100644 index 0000000..fc3dfef --- /dev/null +++ b/dev-tools/ansible/database.yml @@ -0,0 +1,11 @@ +--- + +- hosts: database + tags: mysql , airavata + roles: + - env_setup + - role: database + become: yes + become_user: "{{user}}" + +... http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/inventories/scigap/develop/files/airavata.jks ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/inventories/scigap/develop/files/airavata.jks b/dev-tools/ansible/inventories/scigap/develop/files/airavata.jks new file mode 100644 index 0000000..4124c40 --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/develop/files/airavata.jks @@ -0,0 +1,76 @@ +$ANSIBLE_VAULT;1.1;AES256 +32656330396637356236343162313734356339656337633933323238656630646566366533646333 +3139613434336665386532326136353266373839376563630a313865376639663637643130386364 +65313436343330303437613639653833333530383130383266643963336334373366353062393762 +6534303635313039320a643139666331343435303037356139663235613437653235326666396132 +38376233343461656232353963306362383435323061623164623135613538376161656533306464 +64613637303666323439306466666266363764306133346132393931383631393964363864343037 +31353737323039303961643933316164653635326333633930343665616135646338386661316231 +31303462366239326664326139353433343232363061363464356236353938343338306562363864 +30616137343539656237303030343863613432646366383232396262373538663030666332303061 +38383630613535663332323830303130313039393430656666316361383335326164393138393062 +37663535326533333239613364656638313239663365353261633934656132633732333332366337 +35613733666466363662633363633530376133663436653462656538346134353965303561643031 +65376462663964323137356264303831383933303862393435313633333337303635336133613932 +35356439326431353932333839643433326430653638626231663733326464643338323639656334 +31363433656163643136396132633766343937313331363537353930643331346135643663373535 +65343164313065396634636330626130643165336365663166343035363238316630626433653032 +65323561366363366561396562346533653135623565666166373230303862376463316637313734 +39373166626633626266306538373138303131343665316165346530363061656130333739363865 +31326631316130306331353034306663643531646635373638356164613333353536356634346236 +30663034613936303861636561633761663335326534393236646633333261663136643831396637 +62326135646265306662336239326363613736323162633933326636303536633263323437373262 +63393438623834626337626438393332353838316336666136663364353431623530653633626561 +66646238323238643963653162323136636265396333313236626632353237393565363462633734 +33666533303132306563346538393433663161623832613065346136376532343131383830353438 +65306235336534313733393238646235616366383035303566616330633437393132363262316337 +38626135626537353664376133323466373939323638616630633538663533313061373763373535 +33343564623963613336396463333361383534333735353261353639373435393466346131356562 +33366262376533393161613932343938396136663532373231626362356663386263613332323539 +38613666356430653537326663303331613431353434663737323935326566656461653630306436 +66393337323938373030616563373639623665653332643335653861643034346239666337336132 +31663463343530313964303232633662383535313436626361313236653466353538313663636235 +31316261323134646639383865613434643762346562323337333662306162333936373863656135 +35666462653631366136623137613131333962363030646531396366633030666632376439373036 +35393932633333653535363266626665363662663237303766666332326161306666333061646231 +37626637653365343962653336326332353739333664393831653132636431656439633134383139 +64363035353236333835393932616263346334346162376261643931396137656338373437643736 +37643364616264306531616534396332303932636336656434376663393265636135346262346562 +36633833393265356530646633343866646635643932336430363634313237363637653965633438 +32323534383164376563323136666533373338333766343663326566613364636136303461393232 +65306635326663633836386166383564363832356166616439373833346561623436373635393533 +34393930393764393363363330646161346331376636666132656662626434353338343861373964 +66633561396338306339393665633565643366666130643235613732626637643133656465316264 +37306230323665343730363761643637336665313437366366346139643137313165623339663436 +61663863366134666163616438326639636132643331613265353831383134356133376131333538 +30663132306633646264333931656233613039353830363135396364383730663133313730323739 +38336537663830333466663033653361636332303534356630333730303731613539633635636230 +33326233663763653039303131656437326361306537396130353162373333616339363930363637 +38333963306235333837303361386332383762306130393338373034633334313835613565623865 +32333330616337656566346231393636363061326364633136626539313634396337636661313838 +34636464303863636639666231363965316336646461383234656161663035366330643039386266 +62343564353835386637626165663438353739386538326463303832633765323563383036386437 +32633065303532303631356236383862316563346237653562393033623035636431343138646237 +62386463353862643865333836613938653561316335366563323338643834616634383361346162 +61343436356638333965396238623639303631386363373432323032636139633962366262316438 +33313065653130366235613133303130306362623133386239323637626561643536653830663038 +36363463313838366461626639636139616462336335373438613230663536346332656436653235 +61316439343731646631663133393065313462643230643162313462343365656431363438613933 +65343032653038633330653734356439353537363236343163623138333836663862383035373537 +31626136363232666362613036366536323533386534366264636131656362373963643137333830 +34373039653939313863303736643761376332313161343232323863323832313631366138396661 +64323638383532333263316132303538376631396637656463366430343865633061363636373834 +33373163376239356433373230323561343830326434316661346433323233353933313632666533 +63626130393866653866656231386532373461346236653363653338396165663431383438386166 +63636230643439626337386638613662646636326435313937623334333933303431653335663333 +35313935613034353865383633643334333865386262353632353632383933636161343638303033 +66373037353435386263396664333335323932616137653839323133323032386265306562393561 +64643831353835366365623531626661626466366563666431396233396634353731613033376265 +65366231653562393233386231333435366438663932393962326464666161643666303932306132 +35383338333533343133636662316635343531303535383237653866353563623333333838383138 +33333439383661666637306531313865343164653633323962346430653762386230313035336664 +63336634633434346164313664613539613832643939633331643132363232396637376234353539 +32653136363135646431376131373632353363383239303536343865373632366337333261353935 +34323466396430363830303332376434343534623037613862323732336566623366333861373134 +64373535336133616537613362646164366237343433363838663731353961376538346534646337 +373637313538306332616430383839623432 http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/inventories/scigap/develop/files/airavata_sym.jks ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/inventories/scigap/develop/files/airavata_sym.jks b/dev-tools/ansible/inventories/scigap/develop/files/airavata_sym.jks new file mode 100644 index 0000000..13ccf1b --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/develop/files/airavata_sym.jks @@ -0,0 +1,30 @@ +$ANSIBLE_VAULT;1.1;AES256 +66393935613465373265366662383133353632633262353839623837636364373339336564636265 +3862663231313565313064643833646530636361333866610a636266666561306263343632663734 +33306432363830323132653038326139323464393065313631373936346162386161626461396530 +3061376439346264310a346630616535326435626235393564643062326665313239373839336331 +38316134613764373336333338323263356563396638303932656562336538333137643131373366 +35653334383566313262336261623339626532333634363531313534353762356534643961646338 +34633938333436333135643736663437373532633061366464343632643366343337366262386465 +33373333333033303262316566346565613731633361333438363063616165333231323635646333 +34303463656431663932326464356332353235336238653462663463373332656231373562626664 +65346131663064376232643435653264383465323761373063366162663236323935373139386138 +39623734643064623635376261646465383663613238623531613066306464326662346532346365 +63623064383436303634393639316638366136653563663930303130643531373166613133653338 +36636433626539366661656164613032653931356561336336343561323962336462383164393463 +65353265363535616136306136353064346561666439663532626234363763653535663061386232 +61663566343361666634346134623538366664396236346365336431383937653761643235613661 +32373439656332306536623336343763386364363265306138356138616464656662363434636531 +30646163333462636236336532383964643234616131663465666663633333343366376134666263 +63353161336366613065303434656537396237643938376233333431663232356630373038333835 +37306162623439323062626532656633646138386131643037323566643264653432633735333362 +65613564393232393433646334376639356564376661663430353630626534336566663061303632 +64633235333463626435323134636333353536393936663539663539336233363934333931323961 +63313739333733613465376334336239306633636136383831396533326530616133373366653531 +33356137656636323037303430623065393930633731346634346161633334313362613136313138 +36633835353665626462363031653161646530366339363732373865343136356637326631386437 +30383235306538303261613262376634303164313862366330393463346261363866346336666136 +37333566396436383534633330316465306461383537616661343265663731363561323137303164 +36336532333233343463633064346162646562613332646331343931363838333739636335376331 +66626436313938346362303932336339636434666665373862306462646162393066303338383265 +64363138663564386332383032366265666565643633393236663830313936343637 http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/inventories/scigap/develop/files/client_truststore.jks ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/inventories/scigap/develop/files/client_truststore.jks b/dev-tools/ansible/inventories/scigap/develop/files/client_truststore.jks new file mode 100644 index 0000000..7b0b340 --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/develop/files/client_truststore.jks @@ -0,0 +1,126 @@ +$ANSIBLE_VAULT;1.1;AES256 +66313631383062343635306639666162386266333732613431303035376163666266393336313464 +3435386661323639643466623663613131343635373835320a643731636138623932616561663266 +30623931656566343630663538666336343939393136383738636531373362326138353065323639 +6539643335323139340a303433666531643662663662626534663738396563323963616265626662 +34386631316563653132343464643032663937303964633435396236306533336131393631626634 +31306330353963626130363231666266646532666439666336326262646466343039323461373738 +32623536383530376439313830376432343538323535363830623863363536666230323839373435 +33623838363561653232636630313164623461393739653730306464306231363262393264626431 +30393232346564396462643633373536303535393033643366613464376562633835353165383537 +65336132613139323166636333663636373231633631633862623836353364353562653036376464 +36303736663038613638383736663239643965666236356462643034666433353436343661663533 +62613162303363363463613534396531366531353439306161343762383231633339663138623664 +39306561633733353533376565336431393764353964633539663262393036386632393736666639 +62623265636132643038663038653436663536663535306336653564626535353831653832343531 +30626237663464366135656239663839306530643239626463386235653634613639376165663066 +62353864623162363635656537633837383930616266633638343365623835323666353365383864 +61366363326436303862323564393263626633653535346134636335306162393032373737646435 +38663834643030373632396134343033613432376662386239643930646636386462333665346635 +38353162643164313339376537383033626566383337653932333561663230316264613162643864 +65643638646265303834303862386339663937656332616239316562613735353763643366666464 +37386666356663393133373363636332346530643762336561363533376139373063386262353662 +62306331326131656264303533313638656563353639313764366165636262346161666465303938 +39383234393661336264656432396461366330313930323731623866623330383763336365393734 +30353031313662383963616232336431366631336635636433633235343636626531356138666232 +35613931643932636337343839626436393966323635323035303131303432663535386164343465 +65313739363933373666316134346139373132306439303432626532643536383136313233373939 +35613632303565326362313731313661396232326438363566373035323932376164326534346364 +33643638373838623437346265383833626264323039393132363335643236663830386663643838 +33373734303334346433656333353566386634633765343935613230373265366331636136663261 +64656135303363633034616437633834643930393561343861353932373136363734643162656232 +66306661333937313238373133613439656562313331366535613834353530653734353963343533 +33353239343131386530613165616435343631626434656437303534343335303338656130666266 +35333334323236646137316266633963613266326362343263383737653163303266383136376462 +64393733643438613831313562336535393663373133306564363364663538386662346332303831 +36383865323561373261313739633537623865623138383761326537303164336233633561613937 +30656663633232313233333636346330646136646635623263663734373538396530376466613037 +63356535643932643834653630393835343766353764356537363438383266303633656433353664 +36336662386433643761333231663066356230356138656338306136353133626662393332653864 +32386639306364343738663664326263306434356663356463383831393635303631356139363161 +35326664373531376638643739376233633139366234303165616365666331636438653930386330 +63303433623134386232336665653238383736316165336361396563323535363337363434643432 +37646536366332363938636464316162656364636634616165373333333033303634383365666632 +62623562646436633737613264323038663865376139633564636335326339306637333131663236 +63643661626164626234383064366561353039303439313634376237363634363932336336666131 +32643562633161376637393430646563623436323539636363636530626661393535323533666430 +62626533343233643634636330643433373632393230626339623264663365373530626663363666 +66343666393139656465333466393837373732616239613662303965363335643631616365623863 +30643931363239316637353463353930333862373533613931366439663633656137333136313362 +34313834363831636430633736643937343430386138323731306538303430653635636566613663 +66323465393535656531313630393031306463616236346530663564373231326663656265366662 +30306534393737633665613133633365326438393035313533376335393238633761316263666130 +66353635666161616266373465396664323464356538623631656639613130633033336464383937 +63303061323431333331623562356631356563396632636630346266356238653837336332363963 +66383662313238373737366564383963316661313933323363653664386363646261663932663632 +34333738633964353732373439326631353739376336303235663761353839393266386562356665 +31366661396462353563646566623336623736383535623233663464376161636334626438636135 +38373163373433303166366234613936326634363735633265636637366263616265666231343837 +65316463623039343732343966353130633666333061636361336633656263316265626339636235 +63633938643930323731646530386432613833383564356561386433383366303637373135316135 +37303334356437326635313062326630663432373239623564336662303433363533383439363266 +34383663323638373730376635303838373133343139323063333761396466316332396539323238 +35363565643562393163383939346536643532306563613632633363616636353934373935393065 +37343166396431616164386530373862313064326639303934373664393862386131303962396463 +37353734303239636662613935343734656532386636316464346432633032383330313162306365 +33663338643565623237616532666235653034626163326134333432343965633732626135306338 +66353636613539646565386330346464356236656238363433353565653931666638663838356634 +30306161643463386337303331393939323234353734613632393237396434636332356438373361 +36643536353161313266383130346634643863343233386362636563353265666635303935623232 +61616331303531313530636431386431316139643064623265303763363433326333333631343763 +65643933306265383531646633646632313138366130666564666633336435313132396266303433 +30323762366138346563663533656261663861313266666465396264663334306633626565626438 +39383031386438313366613337643530353564396632326435666463646133653436626264646639 +39313032306631326562636533653637373332383032373162663062386332373230386637636531 +38633336333764303864363731333632663064316236663439303531373135313165313439633364 +62336561326339333530613062306336633635633061383466376230663331623835393564306537 +62646366356633346362383532623831316439323834633631616433663562333339616263343934 +38373032396631333065383162326634643362393866343066306636333964386230336666393763 +66326265376531346139326439373663303030633933306232653835346463313831613038346530 +38376434653365333261303934633762373164643165326365393536336634333835396536666638 +32343530653934313932633033663134333961646162343935313831343766346232393431393632 +65393235653630323239653263336163343865333037353135623939323239663436303834376661 +63623932646638616138353432306432343733373961373731663437383164623036623538383832 +66636435366336656232353535333663666465633339353433363061323461376235623264663939 +34316334663932343835326666356163336461663233323637623034356263613330333166666561 +32323764326162616338363135393864653163366636323137353466656661353030383233356638 +35636364316437646366373430373264343562353339353239393761353336326538346164643265 +66633435323933343137313238646539346231396338336333666135336337633736613966323035 +63353731363037393235303339363533633535663535363332663738616335313866386462363431 +64363132396365613438626537386161373537623134616265303230353231336333616462646539 +62323362623261313037316431633833633863336432363936653132306333643931633532613061 +64363061646561656464636436333033373332366639623131383537656166373135643236346665 +30646262313264653132353363386566383562663930353965316338386537366530646633363738 +35393564643437333766643931366631663132643138393639643533303631373637663364373438 +38343534373464653035636232623937366637633736393765623661353930383262376531623732 +38623134393237613339333564323737623365643937636335316533653434363861333531323265 +65636130373561343663663737616332383662313339373934323736343639653734303832636466 +62333130393561666164383261393538633565636263376264313135303036663430343733646665 +39323539313863373033313265626462316232353762306239396634333365353265656438343539 +64646435376135623135633138633434663031646536326666343535623334646639626263383066 +66393163636637623639316162623930653339336336623133656330333763393364613438393863 +64623065626562663137343036633239383663313639313133306132363361376534333565356339 +38646139623532653532656165363766343139366137333233633635633037373235396138336266 +33633838383034643231656363373861313564626661333932313931336638666638386531396334 +37393233636339636538323633646234393863396666303364643864366232353737633162636661 +33633466653463383064636336333433663537363664326630636234376531636437336535643732 +63373862393632633530396632386162383066626237376465333131646536653330353364336462 +31386634326236333537323330343531333437393736353237326637363065643664346531666566 +64396230666164363433663236373139393731626639396464313638316538313466393137366361 +36623266343035353734366164363339626137393333316666393939656265363161646331633366 +66313164346435303064383262616135613365316262323866343037306561666362633966383232 +31346639626165316235613566373338633963663864303163323063646438666233343930633734 +64373863316439343835646565343161343532316532376636613062343330323833393561313262 +33313662323635643934393033303462353031663631633136343936666165303636326661613632 +35363235313338373936303435623430346362613366626665623738316239623963356366363862 +33303035343966666636623139333034393066356637653630323962656336326464343531356131 +35316438306265346466626461613266383537663961343331353432623736663064376530636163 +65346266373137646535373635626532333730383361353663336562653237313763626165356462 +38633235363233633761346664393539393361616664623635393634663134376239653232303562 +65353566313462643166353439386665633062363530613434306566386231616564326132643831 +36613436623162336461353036313864353163333336643530653936663962396239613637363364 +37353563656538313463626334636461333764326663616239643564373733616238343938383839 +63363137623463373432326438396330363932613338366531376462643030623638333333656332 +66346639613062343537353639616436643462376662643633653831336463613835343434383934 +33353466396237653434393936313436383537316230343231363364663739313933643233313261 +63343430303134343035613130323237393961333937303662653931363265616266 http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/inventories/scigap/develop/group_vars/all/vars.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/inventories/scigap/develop/group_vars/all/vars.yml b/dev-tools/ansible/inventories/scigap/develop/group_vars/all/vars.yml new file mode 100644 index 0000000..a8a2737 --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/develop/group_vars/all/vars.yml @@ -0,0 +1,135 @@ +# +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +--- +ansible_connection: ssh +ansible_user: centos + +user: airavata +group: airavata +user_home: "/home/{{ user }}" + +# deployment related variables +deployment_dir: "{{ user_home }}/develop-deployment" +airavata_source_dir: "{{ user_home }}/develop-source" +airavata_repo: "https://git-wip-us.apache.org/repos/asf/airavata.git"; +airavata_dist: "apache-airavata-server-0.17-SNAPSHOT" +airavata_dist_name: "{{ airavata_dist }}-bin.tar.gz" +old_airavata_dist: "apache-airavata-server-0.17-SNAPSHOT" +git_branch: develop + +# Database related variables +db_server: "{{ groups['database'][0] }}" +db_server_port: "3306" +db_user: "airavata" +db_password: "{{ vault_db_password }}" +mysql_root_password: "{{ vault_mysql_root_password }}" +app_catalog: "app_catalog" +exp_catalog: "experiment_catalog" +replica_catalog: "replica_catalog" +sharing_catalog: "sharing_catalog" +workflow_catalog: "workflow_catalog" +credential_store: "credential_store" +profile_service: "profile_service" + +mysql_connector_jar: "mysql-connector-java-5.1.37-bin.jar" + +# Rabbitmq related vareables +rabbitmq_server: "{{ groups['rabbitmq'][0] }}" +rabbitmq_vhost: "develop" +rabbitmq_user: "airavata" +rabbitmq_password: "{{ vault_rabbitmq_password }}" +rabbitmq_port: "5672" +rabbitmq_broker_url: "amqp://{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ rabbitmq_server}}:{{ rabbitmq_port }}/{{ rabbitmq_vhost }}" + +# Zoookeeper related variables +zookeeper_client_port: 2181 +zookeeper_url: "{{ groups['zookeeper'][0] }}:{{ zookeeper_client_port }}" + +# API Server related variables +api_server_name: "apiserver-node0" +api_server_host: "{{ groups['api-orch'][0] }}" +api_server_port: "8930" +api_secured: "true" +tls_enable: "true" +api_server_tls_port: "9930" +enable_sharing: "true" +remote_idp_service_url: "https://iamdev.scigap.org/auth"; + +# Orchestrator related variables +orchestrator_name: "orchestrator-node0" +orchestrator_host: "{{ groups['api-orch'][0] }}" +orchestrator_port: "8940" +api_orch_dir: "{{ deployment_dir }}/api-orchestrator" +api_orch_log_dir: "{{ api_orch_dir }}/logs" + +# registry related variables +registry_name: regserver-node0 +registry_host: "{{ groups['api-orch'][0] }}" +registry_port: 8970 +#registry_dir: "{{ deployment_dir }}/registry" +default_gateway: "default" + +# Credential and keystore related variables +keystore_src_path: "{{inventory_dir}}/files/airavata.jks" +keystore_passwd: "{{ vault_keystore_passwd }}" +client_truststore_src_path: "{{inventory_dir}}/files/client_truststore.jks" +client_truststore_passwd: "{{ vault_client_truststore_passwd }}" +cred_keystore_src_path: "{{inventory_dir}}/files/airavata_sym.jks" +cred_keystore_passwd: "{{ vault_cred_keystore_passwd }}" +cred_keystore_alias: "airavata" +cred_store_server_host: "{{ groups['api-orch'][0] }}" +cred_store_port: "8960" +keystores_location: "{{ deployment_dir }}/keystores" + +# Gfac related variables +gfac_name: "gfac-node0" +gfac_host: "{{ groups['gfac'][0] }}" +gfac_port: "8950" +gfac_dir: "{{ deployment_dir }}/gfac-instance" +gfac_log_dir: "{{ gfac_dir }}/logs" + +# Monitoring variables +monitor_email_address: "[email protected]" +monitor_email_password: "{{ vault_monitor_email_password }}" + +# PGA variables +pga_repo: "https://github.com/apache/airavata-php-gateway.git"; +user_data_dir: "/var/www/portals/gateway-user-data" +real_user_data_dir: "/data/gateway-user-data" +## Airavata Client related variables +airavata_server: "tls://{{ groups['api-orch'][0] }}" +airavata_port: "9930" +auth_verify_peer: "true" + +# Sharing Registry related variables +sharing_registry_host: "{{ groups['api-orch'][0] }}" +sharing_registry_port: 7878 + +# Profile Service related variables +profile_service_host: "{{ ansible_fqdn }}" +profile_service_port: 8962 + +# Keycloak +keycloak_ssl_keystore_file_name: "{{ inventory_dir }}/files/keycloak.jks" +keycloak_ssl_keystore_password: "{{ vault_keycloak_ssl_keystore_password }}" +keycloak_db_host: "{{ groups['database'][0] }}" +keycloak_db_username: "keycloak" +keycloak_db_password: "{{ vault_keycloak_db_password }}" http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/inventories/scigap/develop/group_vars/all/vault.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/inventories/scigap/develop/group_vars/all/vault.yml b/dev-tools/ansible/inventories/scigap/develop/group_vars/all/vault.yml new file mode 100644 index 0000000..8e7a4f3 --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/develop/group_vars/all/vault.yml @@ -0,0 +1,29 @@ +$ANSIBLE_VAULT;1.1;AES256 +32313735333539653633636436666662373537386237346632373635303063666535656535616435 +3161666366613764323163353064343339303661393266610a356238303466633032386366356662 +30303865613437643132613532643932636634646537626264386365356330366237353964316230 +6564376130373863340a616161393533626232663437313336313166623463303066313937326266 +35333036653864396430346634633536313464343966646562363636336234383631306261346263 +63353135623836383661393536633931623362306161363934623235366165376663313161333562 +32646565333430653166303662623364626334373163313533663932363561386532323034393030 +31343832393664366336653266363263393736333935343963333763386238663439646436336330 +33636239356633333266386136623531663433646539313834663365326634336661363961623438 +65313437363362383732323139326239643132303033326331623836633536656264383635316430 +66326332343236386137616536363433303636303433353930353061643733303032353435323265 +32633731616332393465616432663336373034346462313837643061616264376461353061326233 +30663361306165613363366162613735373333353437343163616632376363643936623333646531 +33323038346537353764323664636634633331303335626236323533363530386666643431343535 +65643331323336306166643039373532653935346264643236346464383663313136643364326532 +39383032356136306463363764366134663334393436373634393366353662363664373735623430 +36333132316165366531376133386466613262373162343832343035623738386465313836626163 +38356437643964323266643531306139663937313262376663303262366265663564313363353463 +34616261613832633630313735303836623934623736623763383233653538666334373135383564 +38373937316638333530343764616334666333626466386366623164306162306662633333363235 +35653939636366313737303239313237393136363265383161393239656236626537366237626161 +33616234323766616464626233613034623266383138336164666361306430393333306431383232 +61343262643434653362646235386431656432343037313630363331633366613937313364323061 +61616165626339343931363266666430343331346433333635633738356538393733656262393739 +64343161626661656564303135306165613135333661363266323934366661376230343566623332 +62643161613437366564373261623132383632316637626361356530336530376632306162386636 +39336563656437383764303939333766366664313834303835313230313636383236626131363462 +38643561373363653131 http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/inventories/scigap/develop/hosts ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/inventories/scigap/develop/hosts b/dev-tools/ansible/inventories/scigap/develop/hosts new file mode 100644 index 0000000..fd3a537 --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/develop/hosts @@ -0,0 +1,23 @@ +--- +# inventory file : scigap production deployment + +[zookeeper] +149.165.156.195 + +[rabbitmq] +149.165.156.195 + +[database] +149.165.156.27 + +[api-orch] +149.165.156.195 + +[gfac] +149.165.157.37 + +[pga] +149.165.156.46 + +[keycloak] +149.165.156.151 http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/inventories/scigap/develop/pga_config/scigap/vars.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/inventories/scigap/develop/pga_config/scigap/vars.yml b/dev-tools/ansible/inventories/scigap/develop/pga_config/scigap/vars.yml new file mode 100644 index 0000000..8cb7375 --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/develop/pga_config/scigap/vars.yml @@ -0,0 +1,56 @@ +# +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +--- +pga_repo: "https://github.com/apache/airavata-php-gateway.git"; +git_branch: "master" +user: "pga" +group: "pga" +doc_root_dir: "/var/www/portals/scigap" +vhost_servername: "scigap.org" +vhost_ssl: True +# TODO: have Ansible manage these files as well +ssl_certificate_file: "/etc/pki/tls/certs/scigap_org_cert.cer" +ssl_certificate_chain_file: "/etc/pki/tls/certs/scigap_org_interm.cer" +ssl_certificate_key_file: "/etc/pki/tls/private/scigap.key" + +## WSO2 IS related variables +tenant_domain: "" +admin_username: "scigap_admin" +admin_password: "{{ vault_admin_password }}" +oauth_client_key: "{{ vault_oauth_client_key }}" +oauth_client_secret: "{{ vault_oauth_client_secret }}" +user_role_name: "airavata-user" + +gateway_id: "scigap" +# relative to document root dir +experiment_data_dir: "{{ user_data_dir }}/scigap" +# TODO: this is only for testing, we'll need to update this again during the real migration +gateway_data_store_resource_id: "gf4.ucs.indiana.edu_61552681-96f0-462a-a36c-a62a010bffc6" + +## Portal related variables +super_admin_portal: "true" +admin_emails: "['[email protected]','[email protected]','[email protected]']" +portal_email_username: "[email protected]" +portal_email_password: "{{ vault_portal_email_password }}" +portal_theme: "scigap" +portal_theme_repo: "https://github.com/SciGaP/scigap-portal-theme"; +portal_title: "SciGaP Admin Portal" +... http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/inventories/scigap/develop/pga_config/scigap/vault.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/inventories/scigap/develop/pga_config/scigap/vault.yml b/dev-tools/ansible/inventories/scigap/develop/pga_config/scigap/vault.yml new file mode 100644 index 0000000..a30ba69 --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/develop/pga_config/scigap/vault.yml @@ -0,0 +1,18 @@ +$ANSIBLE_VAULT;1.1;AES256 +64653833663230383465353266623839636163316364356431373837653638306130616130383963 +3132323230336531646162616464633061623830653462640a663263373436653831643063616638 +31383336306438613732613839396336626566313737316363636430393136633632613130326237 +6539306131633433660a633734643961633161323161643433613938626166343961663337376266 +63323163343633666330313666306234373663303738303033343662366139636534646162663230 +66343034666431326666626261303061343334643461343633663436616430323339613732306437 +31633431613463666139646638643037336435346564383631653664633135333734356434373461 +35373963313361393331656463386234383962663039636164626239393465333137333839616439 +38356531643032363839363862376263336565396464623332336533333837333937623635636366 +61313532633161336631363561353139376637623562346438623865343332643232653036303536 +62333865396439633435333533623338323664326231623136383761316336653334653464336363 +31313261366162386533646365386230646338646466623730306166366235623466323066656239 +66306166363630633733303261616335383839323163313239393330363730663262616133613737 +30363537623061333030363162316138353361326430636534313034613032653433326130393134 +37636364633533363263363833626237613639313638383536643637303435663831613735343261 +36363937356332313237343563356134366162633338616263613338393736646561303135383362 +35616562353739343661306330376334376361396266646230373065326364336662 http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/inventories/scigap/develop/pga_config/seagrid/vars.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/inventories/scigap/develop/pga_config/seagrid/vars.yml b/dev-tools/ansible/inventories/scigap/develop/pga_config/seagrid/vars.yml new file mode 100644 index 0000000..122d6e0 --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/develop/pga_config/seagrid/vars.yml @@ -0,0 +1,55 @@ +# +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +--- +pga_repo: "https://github.com/apache/airavata-php-gateway.git"; +git_branch: "develop" +user: "pga" +group: "pga" +doc_root_dir: "/var/www/portals/{{ gateway_id }}" +vhost_servername: "dev.seagrid.org" +vhost_ssl: True +# TODO: have Ansible manage these files as well +ssl_certificate_file: "/etc/pki/tls/certs/seagrid_org_cert.cer" +ssl_certificate_chain_file: "/etc/pki/tls/certs/seagrid_org_interm.cer" +ssl_certificate_key_file: "/etc/pki/tls/private/portal.seagrid.key" + +## Keycloak related variables +tenant_domain: "seagrid" +admin_username: "admin" +admin_password: "{{ vault_admin_password }}" +oauth_client_key: "{{ vault_oauth_client_key }}" +oauth_client_secret: "{{ vault_oauth_client_secret }}" + +gateway_id: "seagrid" +# relative to document root dir +experiment_data_dir: "{{ user_data_dir }}/seagrid" +gateway_data_store_resource_id: "gf4.ucs.indiana.edu_61552681-96f0-462a-a36c-a62a010bffc6" +gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCApfdud3cJ7rx44M41gEKVgRfefk/Vd/7dIp9Xr9juX4jqmGuLoZR+hk287Hmbps6hZv23Av97XkCLldH0pueDekthcBDo4cRiQMDBp9NLz/9muqYVBl985psEbazYygagy/q/3ebi4CVEYVd4cHBee1V3GYyuJS2RklF0s/Otyf8x8auJSMniHGbTbVqtFlEOYuPdXlRBfH37k55N7+2iXKsIVvgn1MDweHEbQWJMx2LDCkLfJitreTiwcuST55w6N/n8WYZM2t+ie3BJEr6tcGAVIuyxj7CbMYMziM/hM5J+oQGPY/IBtiNZoxiZ0DeAC9SiEvE9fbTEW2iRWnQL" + +## Portal related variables +super_admin_portal: "false" +admin_emails: "['[email protected]', '[email protected]']" +portal_email_username: "[email protected]" +portal_email_password: "{{ vault_portal_email_password }}" +portal_theme: "seagrid" +portal_theme_repo: "https://github.com/SciGaP/seagrid-website-theme.git"; +portal_title: "SEAGrid Portal" +... http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/inventories/scigap/develop/pga_config/seagrid/vault.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/inventories/scigap/develop/pga_config/seagrid/vault.yml b/dev-tools/ansible/inventories/scigap/develop/pga_config/seagrid/vault.yml new file mode 100644 index 0000000..b253227 --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/develop/pga_config/seagrid/vault.yml @@ -0,0 +1,18 @@ +$ANSIBLE_VAULT;1.1;AES256 +66333335376433663761356636313739303836383431366135633735663262366262663737613936 +6238613036636365653530353538373031623562373335300a316462306231653531613330303030 +61383138343832616162353239303331663164326635336566663666316232366562616633316139 +6365666632373662340a666238353135396239373062383331386137353134336539386636623237 +37326237326233303437386666646138666530663766376238366263653730353938363064663336 +62336662643831653833633835653666363134303830633834336162383265666131303434346466 +32323937663766323632396631616264326232613361333834303031636239333435343563396366 +35643766376466613535383938623038653634303035323065363031303032303835343866643330 +37303462333839313265353063613937623431336635623839386137353433396136623162333233 +62633536616437376366663566393430626533323232383733353761643738376366316631353562 +35366133373866393737653665326566353963643138633630393838643363633562623430373132 +62383531356430646633323933633130623935653139363566326232653965333764363238333137 +30663863363566353035393437316135303265643165353034326664656336623930613632376237 +62393231336539656636636530643863323834363130636238323732373738316265306665643962 +62333437313064623566386438636136613461373332343462613733623736666338333064346661 +62643035636435663135613437383036663034363536646634633966666633643033303634633639 +63396139343037353433613936333962366130333336333231353836353161636365 http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/inventories/scigap/develop/pga_config/testdrive/vars.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/inventories/scigap/develop/pga_config/testdrive/vars.yml b/dev-tools/ansible/inventories/scigap/develop/pga_config/testdrive/vars.yml new file mode 100644 index 0000000..0e07e38 --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/develop/pga_config/testdrive/vars.yml @@ -0,0 +1,56 @@ +# +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +--- +pga_repo: "https://github.com/apache/airavata-php-gateway.git"; +git_branch: "master" +user: "pga" +group: "pga" +doc_root_dir: "/var/www/portals/testdrive" +vhost_servername: "testdrive.airavata.org" +vhost_serveralias: "www.testdrive.airavata.org" +vhost_ssl: True +# TODO: have Ansible manage these files as well +ssl_certificate_file: "/etc/pki/tls/certs/testdrive_airavata_org_cert.cer" +ssl_certificate_chain_file: "/etc/pki/tls/certs/testdrive_airavata_org_interm.cer" +ssl_certificate_key_file: "/etc/pki/tls/private/testdrive-airavata.key" + +## WSO2 IS related variables +tenant_domain: "prod.testdrive" +admin_username: "tdaadmin" +admin_password: "{{ vault_admin_password }}" +oauth_client_key: "{{ vault_oauth_client_key }}" +oauth_client_secret: "{{ vault_oauth_client_secret }}" + +gateway_id: "default" +# relative to document root dir +experiment_data_dir: "{{ user_data_dir }}/testdrive" +gateway_data_store_resource_id: "gf4.ucs.indiana.edu_61552681-96f0-462a-a36c-a62a010bffc6" +gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCUF51b2cYYqqadLHL9M/oPY0ZHZlWbdOdaIgjpzIzMnO7M9hKrHVY2pqyLPvqCLzaunxITPWsTqw0E8hwub4ttGLAx/O4kIf+BgyZK7iuwXWhI7u85/o58IfrD4B+jVCYKRNayuLR+lJWsiOeS6HSlunpTKTEhFGeOHn2UzdbLfgWYQ3VUFDtKN1oDPDT78ml5c2RCibJ21jltpevVfEtCUctERpTfniWSuQZggP1qiLNa1+PfiJ3mGsEzJFDntQvQetdinaAbEaT7+sctS8nBNjapkmYMf6tBl3S0bLttYPH51f8lUQAFaAzrestO1JpJNnIeY01/S3MWIlAWASnn" + +## Portal related variables +super_admin_portal: "false" +admin_emails: "['[email protected]','[email protected]','[email protected]']" +portal_email_username: "[email protected]" +portal_email_password: "{{ vault_portal_email_password }}" +#portal_theme: "base" +#portal_theme_repo: "" +portal_title: "Airavata Test Drive" +... http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/inventories/scigap/develop/pga_config/testdrive/vault.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/inventories/scigap/develop/pga_config/testdrive/vault.yml b/dev-tools/ansible/inventories/scigap/develop/pga_config/testdrive/vault.yml new file mode 100644 index 0000000..2719a75 --- /dev/null +++ b/dev-tools/ansible/inventories/scigap/develop/pga_config/testdrive/vault.yml @@ -0,0 +1,18 @@ +$ANSIBLE_VAULT;1.1;AES256 +62343936613436343730626461303331313361373265653231623265646366343037303261643162 +3730386162363861626462626432373932363365323233610a643637633565333538633462383530 +61333833323534356430343461363531663035386637623836366361653430323861333639653762 +6239626461646433380a376139303561346661316131376366623538643433326335363032653966 +63393732653961666637343966623839386564643339653665623433613132363832363061356665 +63346637373235623332613561303162356363323937303630623036386636393465346662336365 +63386238306534613136643466323564626336386165616137653133316532613465626365393961 +34373466613439346534366263633261643936323334316636376538613233663333646636383838 +66333437316165656262386337326131396432616137326631643532613438366633396337633065 +62363833616239626666613062623730326633616532336662653234393863373962396564353662 +66366461343066366161366633666562613031613036363237636333343734393730383332363534 +62306435633163303864636639613465633936636462333636633361613431396265626333373761 +32346234383639363163326435356330633062383162353666303931376133393431356336663665 +34303265386334623332303336633662323563643661623566353734303362326661643062613637 +31666239313065316633613162646631636534356233323533663666613537303263646261643363 +32303539633332386566623435353732396532396537643736356334383565316433633261333630 +36336263323934643764323263393362373531643165373435326539623266383936 http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/keycloak.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/keycloak.yml b/dev-tools/ansible/keycloak.yml new file mode 100644 index 0000000..9768799 --- /dev/null +++ b/dev-tools/ansible/keycloak.yml @@ -0,0 +1,9 @@ +--- +- hosts: keycloak + tags: keycloak + roles: + - env_setup + - java + - keycloak + +... \ No newline at end of file http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/pga-scigap-dev.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/pga-scigap-dev.yml b/dev-tools/ansible/pga-scigap-dev.yml new file mode 100644 index 0000000..04e2ef0 --- /dev/null +++ b/dev-tools/ansible/pga-scigap-dev.yml @@ -0,0 +1,26 @@ +# +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +--- +#- include: pga-single-vhost.yml vars_dir="{{ inventory_dir }}/pga_config/scigap" +- include: pga-single-vhost.yml vars_dir="{{ inventory_dir }}/pga_config/seagrid" +#- include: pga-single-vhost.yml vars_dir="{{ inventory_dir }}/pga_config/testdrive" + +... http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/roles/database/tasks/main.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/roles/database/tasks/main.yml b/dev-tools/ansible/roles/database/tasks/main.yml index eddd60b..423ed99 100644 --- a/dev-tools/ansible/roles/database/tasks/main.yml +++ b/dev-tools/ansible/roles/database/tasks/main.yml @@ -124,6 +124,12 @@ - "{{ groups['gfac'] }}" - "localhost" +- name: give access to {{ keycloak_db_username }} from remote + mysql_user: name="{{ keycloak_db_username }}" password="{{ keycloak_db_password }}" host="{{ item }}" + with_items: + - "{{ groups['keycloak'] }}" + when: "'keycloak' in groups" + - name: create new user {{ db_user }} with all privilege mysql_user: name="{{ db_user }}" password="{{ db_password }}" http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/roles/keycloak/defaults/main.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/roles/keycloak/defaults/main.yml b/dev-tools/ansible/roles/keycloak/defaults/main.yml index 4db4284..fecab13 100644 --- a/dev-tools/ansible/roles/keycloak/defaults/main.yml +++ b/dev-tools/ansible/roles/keycloak/defaults/main.yml @@ -9,4 +9,12 @@ mysql_db_connector_download_url: "https://dev.mysql.com/get/Downloads/Connector- keycloak_master_account_username: "username" keycloak_master_account_password: "password" keycloak_server_port: "443" + +keycloak_db_host: "localhost" +keycloak_db_port: "3306" +keycloak_db_schema_name: "keycloak" +keycloak_db_url: "jdbc:mysql://{{keycloak_db_host}}:{{keycloak_db_port}}/{{keycloak_db_schema_name}}" +keycloak_db_username: "username" +keycloak_db_password: "password" +keycloak_db_pool_size: "20" ... \ No newline at end of file http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/roles/keycloak/tasks/main.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/roles/keycloak/tasks/main.yml b/dev-tools/ansible/roles/keycloak/tasks/main.yml index 3fe6e1b..176e933 100644 --- a/dev-tools/ansible/roles/keycloak/tasks/main.yml +++ b/dev-tools/ansible/roles/keycloak/tasks/main.yml @@ -7,6 +7,8 @@ owner="{{ user }}" group="{{ group }}" creates="{{user_home}}/{{ keycloak_install_dir }}/bin/standalone.sh" + become: true + become_user: "{{ user }}" tags: - always @@ -17,6 +19,8 @@ path: "{{user_home}}/{{ keycloak_install_dir }}/modules/system/layers/keycloak/org/mysql/main" state: directory mode: 0755 + become: true + become_user: "{{ user }}" tags: - always @@ -27,11 +31,15 @@ owner="{{ user }}" group="{{ group }}" creates="{{user_home}}/{keycloak_db_connector_name}}/{{keycloak_db_connector_name}}-bin.jar" + become: true + become_user: "{{ user }}" tags: - always - name: move jdbc connector to keycloak module command: mv {{user_home}}/{{keycloak_db_connector_name}}/{{keycloak_db_connector_name}}-bin.jar {{user_home}}/{{ keycloak_install_dir }}/modules/system/layers/keycloak/org/mysql/main/ + become: true + become_user: "{{ user }}" tags: - always @@ -42,6 +50,8 @@ owner="{{ user }}" group="{{ group }}" mode="u=rw,g=r,o=r" + become: true + become_user: "{{ user }}" tags: - always @@ -57,6 +67,8 @@ owner="{{ user }}" group="{{ group }}" mode="u=rw,g=r,o=r" + become: true + become_user: "{{ user }}" tags: - hacluster @@ -68,6 +80,8 @@ owner="{{ user }}" group="{{ group }}" mode="u=rw,g=r,o=r" + become: true + become_user: "{{ user }}" tags: - standalone @@ -80,6 +94,8 @@ owner: "{{ user }}" group: "{{ group }}" mode: 0644 + become: true + become_user: "{{ user }}" tags: - standalone # </------------------------------ Server Configuration ends ----------------------------> @@ -132,29 +148,7 @@ - always -# <--------------------------install firewall & open keycloak Identity server firewall port------------------------------> -- name: Install Firewalld (RedHat) - yum: name=firewalld state=latest update_cache=yes - become: yes - become_user: root - when: ansible_os_family == "RedHat" - tags: - - always - -- name: Install Firewalld (Debian) - apt: name=firewalld state=latest update_cache=yes - become: yes - become_user: root - when: ansible_os_family == "Debian" - tags: - - always - -- name: Start firewalld service - service: name=firewalld state=started - become: yes - tags: - - always - +# <--------------------------open keycloak Identity server firewall port------------------------------> - name: open firewall port {{ keycloak_server_port }} firewalld: port="{{ keycloak_server_port }}/tcp" zone=public permanent=true state=enabled immediate=yes http://git-wip-us.apache.org/repos/asf/airavata/blob/12797790/dev-tools/ansible/roles/pga/tasks/main.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/roles/pga/tasks/main.yml b/dev-tools/ansible/roles/pga/tasks/main.yml index f510b70..5d72f25 100644 --- a/dev-tools/ansible/roles/pga/tasks/main.yml +++ b/dev-tools/ansible/roles/pga/tasks/main.yml @@ -35,6 +35,15 @@ become: yes become_user: "{{user}}" +- name: Create user data dir {{ real_user_data_dir }} + file: path="{{ real_user_data_dir }}" state=directory owner="{{user}}" group="{{group}}" mode=0777 + become: yes + +- name: Symlink user data dir {{ user_data_dir }} to {{ real_user_data_dir }} + file: src="{{ real_user_data_dir }}" dest="{{ user_data_dir }}" state=link owner="{{user}}" group="{{group}}" + become: yes + when: user_data_dir != real_user_data_dir + - name: Create experiment data dir {{ experiment_data_dir }} file: path="{{ experiment_data_dir }}" state=directory owner="{{user}}" group="{{group}}" mode=0777 recurse=yes follow=yes become: yes
