Update Ansible deploy for dREG gateway (Keycloak migration)
Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/ccd25183 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/ccd25183 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/ccd25183 Branch: refs/heads/develop Commit: ccd251830eca38e2d1fba0d0640fca77a6ca3dd0 Parents: 67f6fad Author: Marcus Christie <[email protected]> Authored: Tue Aug 8 17:27:44 2017 -0400 Committer: Marcus Christie <[email protected]> Committed: Wed Aug 9 11:20:25 2017 -0400 ---------------------------------------------------------------------- .../dreg-production/group_vars/pga/vars.yml | 14 +++++--- .../dreg-production/group_vars/pga/vault.yml | 34 ++++++++++---------- 2 files changed, 27 insertions(+), 21 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/airavata/blob/ccd25183/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vars.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vars.yml b/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vars.yml index 5eed223..a192f6b 100644 --- a/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vars.yml +++ b/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vars.yml @@ -25,8 +25,8 @@ real_user_data_dir: "/data/gateway-user-data" ## Airavata Client related variables airavata_server: "tls://{{ groups['api-orch'][0] }}" airavata_port: "9930" -# FIXME: temporarily turn off SSL verification for WSO2 IS -auth_verify_peer: "false" +airavata_profile_service_server: "{{ groups['api-orch'][0] }}" +oauth_service_url: "https://iam.scigap.org/auth"; pga_repo: "https://github.com/apache/airavata-php-gateway.git"; git_branch: "dreg-gateway" @@ -41,15 +41,21 @@ ssl_certificate_chain_file: "/etc/letsencrypt/live/dreg.dnasequence.org/fullchai ssl_certificate_key_file: "/etc/letsencrypt/live/dreg.dnasequence.org/privkey.pem" pga_ssl_vhost_template: "{{ inventory_dir }}/files/pga-ssl-vhost.conf.j2" -## WSO2 IS related variables -tenant_domain: "dreg.cornell" +## Keycloak related variables +tenant_domain: "{{ gateway_id }}" admin_username: "admin" admin_password: "{{ vault_admin_password }}" oauth_client_key: "{{ vault_oauth_client_key }}" oauth_client_secret: "{{ vault_oauth_client_secret }}" +oidc_discovery_url: "https://iam.scigap.org/auth/realms/{{ tenant_domain }}/.well-known/openid-configuration" # dREG gateway automatically gives users the gateway-user role so they don't have to wait on admin approval initial_role_name: "gateway-user" +auth_options: + - name: "dREG" + oauth_grant_type: "password" +oauth_callback_url: "https://{{ vhost_servername }}/callback-url" + gateway_id: "cornelldna" # relative to document root dir experiment_data_dir: "{{ user_data_dir }}/cornell-dnasequence" http://git-wip-us.apache.org/repos/asf/airavata/blob/ccd25183/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vault.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vault.yml b/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vault.yml index eaca63b..d10aef2 100644 --- a/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vault.yml +++ b/dev-tools/ansible/inventories/scigap/dreg-production/group_vars/pga/vault.yml @@ -1,18 +1,18 @@ $ANSIBLE_VAULT;1.1;AES256 -37653231363231666433316261313238643763633234663866393832386236643436623566303263 -3334323065363831656435383564623034393661323037300a343263316666633131366134613661 -39633030386362623966303630653462373762373034323134356539313036376563613335383135 -3962646533323362370a383064616634303730373232353663386165313666303732396635643562 -39313037323264656236323337643862636265626138656435303064353531616264633435643965 -38616138613039336666313436643635666337643533343264326637653864356563343532333262 -35323335336437333964373366653737343032306238643032343162353437666664376636353236 -32363138633432396330613832656266663734616131383735393565343133626666313766313164 -35386534313033623563613635343163633564613636636236316633623263313437626337663530 -64313166323263353266623135616236653463356439363530373630653232363863303238356265 -65363630393364636238643861386161356635666331336530626533666434373931393237643861 -33383663653439313064393735653064323836656666343366636161643938396136383234386232 -33343238636238373936663365316663653532616364636336363936316235353164636365613738 -33346462386230623735376132306663633932363838643935373539316565626435646565393833 -66623065373162623964363665646436356464643366633764323232343736353032616561643637 -30326166396262316335323463323763653930653263613162663336343863313937393934313765 -30626235653162643566366361303630616437346539333436616666313738346232 +30633363633061346666386462336238663331363234646631653163306264633566663239303433 +3163303835373161636632633561386362393364633963390a653133356165376562323435396237 +32646466353535383037393636643230343261346233643564363365633462623139373837666538 +6331373635663032640a376538366139303139386263333733643662356234376630366533366532 +66346632363632633837373366326638393931393036373663336463633961346364356165333635 +37303135643763356532633663326264313562646565343533393235626333333265303365663638 +61356530303235303664323765326634386562386435646130633835666461636263303138373036 +64396537356331656630313231666563346435363339613032623131373262663238363732306532 +37333734313034336531343361303834313961316632343535653864396461383230613535666435 +39613764396463616634633965643165313939336635633963646565353136653634373631313662 +64326436616137313837343339343132306234376465396165643661316331646162386465643931 +38336461353763666133303533396537626537666266363036366232363639663930393133623730 +62333834623663613030333432623631666666643836373537316536336533336635633631666234 +65356262313762616664626162396464653036616338333338363366653764383066653530613533 +36646234666431646239316437383431303361366566653962663062633530613138623263643034 +35373532633435356133343565313432666231306530356435653261656462626165393438376334 +3933
