This is an automated email from the ASF dual-hosted git repository. machristie pushed a commit to branch develop in repository https://gitbox.apache.org/repos/asf/airavata.git
commit 834c381b1b48c25d6acdbdc0500a07a534eaa841 Merge: dcba17a72d 65134efef9 Author: Marcus Christie <[email protected]> AuthorDate: Wed Jul 27 09:33:52 2022 -0400 Merge branch 'AIRAVATA-3609-develop-inventory' into develop .../scigap/production/group_vars/django/vars.yml | 2 +- .../production/host_vars/ampgateway/vault.yml | 25 +++-- .../production/host_vars/bcbportal/vault.yml | 25 +++-- .../production/host_vars/covid-geoact/vault.yml | 25 +++-- .../scigap/production/host_vars/csbglsu/vault.yml | 25 +++-- .../scigap/production/host_vars/deeppdb/vault.yml | 25 +++-- .../scigap/production/host_vars/delta/vault.yml | 25 +++-- .../production/host_vars/distantreader/vault.yml | 25 +++-- .../scigap/production/host_vars/dreg/vault.yml | 25 +++-- .../production/host_vars/epwgateway/vault.yml | 25 +++-- .../production/host_vars/futurewater/vault.yml | 25 +++-- .../scigap/production/host_vars/geo/vault.yml | 25 +++-- .../production/host_vars/georgiastate/vault.yml | 25 +++-- .../production/host_vars/global-flood/vault.yml | 25 +++-- .../production/host_vars/hicops-deepsnap/vars.yml | 3 + .../production/host_vars/hicops-deepsnap/vault.yml | 25 +++-- .../scigap/production/host_vars/hubzero/vault.yml | 25 +++-- .../scigap/production/host_vars/immune/vault.yml | 25 +++-- .../production/host_vars/interactwel/vault.yml | 25 +++-- .../production/host_vars/iugateway/vault.yml | 25 +++-- .../scigap/production/host_vars/kentucky/vault.yml | 25 +++-- .../production/host_vars/louisiana-state/vault.yml | 25 +++-- .../scigap/production/host_vars/lrose/vault.yml | 25 +++-- .../host_vars/microbial-genomes/vault.yml | 25 +++-- .../scigap/production/host_vars/mines/vault.yml | 25 +++-- .../production/host_vars/nanoconfinement/vault.yml | 25 +++-- .../production/host_vars/nanoshape/vault.yml | 25 +++-- .../production/host_vars/ncsaindustry/vault.yml | 25 +++-- .../production/host_vars/newmexicostate/vault.yml | 25 +++-- .../scigap/production/host_vars/nexttdb/vault.yml | 25 +++-- .../scigap/production/host_vars/oscer/vault.yml | 25 +++-- .../production/host_vars/pace-gatech/vault.yml | 25 +++-- .../production/host_vars/pathogenomics/vault.yml | 25 +++-- .../scigap/production/host_vars/phasta/vault.yml | 25 +++-- .../production/host_vars/physicell/vault.yml | 25 +++-- .../scigap/production/host_vars/r-hpc/vault.yml | 25 +++-- .../scigap/production/host_vars/regsnps/vault.yml | 25 +++-- .../scigap/production/host_vars/saverx/vault.yml | 25 +++-- .../scigap/production/host_vars/sdstate/vault.yml | 25 +++-- .../scigap/production/host_vars/seagrid/vars.yml | 5 + .../scigap/production/host_vars/seagrid/vault.yml | 25 +++-- .../production/host_vars/searchsra/vault.yml | 25 +++-- .../scigap/production/host_vars/simccs/vault.yml | 25 +++-- .../production/host_vars/simvascular/vars.yml | 4 +- .../production/host_vars/simvascular/vault.yml | 32 +++--- .../production/host_vars/simvascular_old/vault.yml | 25 +++-- .../scigap/production/host_vars/smaltr/vault.yml | 25 +++-- .../production/host_vars/snowvision/vault.yml | 25 +++-- .../production/host_vars/southdakota/vault.yml | 25 +++-- .../production/host_vars/testdrive/vault.yml | 25 +++-- .../scigap/production/host_vars/toppic/vault.yml | 25 +++-- .../scigap/production/host_vars/tsunami/vault.yml | 25 +++-- .../scigap/production/host_vars/tutorial/vault.yml | 25 +++-- .../scigap/production/host_vars/uab/vault.yml | 25 +++-- .../scigap/production/host_vars/ucmerced/vault.yml | 25 +++-- .../production/host_vars/ultrascan/vault.yml | 25 +++-- .../production/host_vars/unggateway/vault.yml | 25 +++-- .../scigap/production/host_vars/v4i/vault.yml | 25 +++-- .../scigap/production/host_vars/wvsu/vault.yml | 25 +++-- dev-tools/ansible/keycloak.yml | 1 - dev-tools/ansible/requirements.txt | 20 +++- dev-tools/ansible/roles/django/tasks/database.yml | 16 +-- .../django/tasks/install_deps_Centos_7.yml} | 12 +-- .../django/tasks/install_deps_Rocky_8.yml} | 15 +-- dev-tools/ansible/roles/django/tasks/main.yml | 29 ++++-- .../django_setup/tasks/install_deps_Rocky_8.yml | 108 +++++++++++++++++++++ dev-tools/ansible/roles/env_setup/tasks/main.yml | 31 +++--- .../httpd/tasks/install_deps_Rocky_8.yml} | 21 ++-- dev-tools/ansible/roles/httpd/tasks/main.yml | 5 +- dev-tools/ansible/roles/keycloak/defaults/main.yml | 1 + dev-tools/ansible/roles/keycloak/tasks/main.yml | 74 +++++++------- .../keycloak/templates/keycloak.service.j2} | 20 ++-- .../letsencrypt/tasks/install_deps_CentOS_7.yml} | 17 ++-- .../letsencrypt/tasks/install_deps_Rocky_8.yml} | 17 ++-- dev-tools/ansible/roles/letsencrypt/tasks/main.yml | 10 +- 75 files changed, 888 insertions(+), 905 deletions(-) diff --cc dev-tools/ansible/roles/env_setup/tasks/main.yml index 0756da011a,b038e840dd..44645cdd46 --- a/dev-tools/ansible/roles/env_setup/tasks/main.yml +++ b/dev-tools/ansible/roles/env_setup/tasks/main.yml @@@ -78,32 -73,25 +78,33 @@@ # Automatic security updates installation - - name: Install yum-cron, yum-utils (RedHat) - yum: name={{ item }} state=latest update_cache=yes - become: yes - when: ansible_os_family == "RedHat" - with_items: - - yum-cron - - yum-utils - - - name: Copy yum-cron.conf config file - copy: - src: yum-cron.conf - dest: /etc/yum/yum-cron.conf - backup: yes - become: yes - when: ansible_os_family == "RedHat" + # TODO: switch to dnf-automatic for Rocky Linux + # - name: Install yum-cron, yum-utils (RedHat) + # yum: name={{ item }} state=latest update_cache=yes + # become: yes + # when: ansible_os_family == "RedHat" + # with_items: + # - yum-cron + # - yum-utils + + # - name: Copy yum-cron.conf config file + # copy: + # src: yum-cron.conf + # dest: /etc/yum/yum-cron.conf + # backup: yes + # become: yes + # when: ansible_os_family == "RedHat" -# - name: Enable and start yum-cron -# service: name=yum-cron state=started enabled=yes daemon_reload=yes -# become: yes -# when: ansible_os_family == "RedHat" +- name: Copy dnf-cron.conf config file (RedHat or Rocky) + copy: + src: dnf-cron.conf + dest: /etc/dnf/automatic.conf + backup: yes + become: yes + when: ansible_os_family == "Rocky" + +- name: Enable and start yum-cron + service: name=yum-cron state=started enabled=yes daemon_reload=yes + become: yes + when: ansible_os_family == "RedHat" ... diff --cc dev-tools/ansible/roles/keycloak/tasks/main.yml index 9d61d283ce,78764959c5..e8e7a615d9 --- a/dev-tools/ansible/roles/keycloak/tasks/main.yml +++ b/dev-tools/ansible/roles/keycloak/tasks/main.yml @@@ -22,13 -22,33 +22,39 @@@ - name: Install httpd yum: name="httpd" state=latest update_cache=yes become: yes + when: ansible_os_family == "RedHat" + +- name: Install httpd (Rocky) + dnf: name="httpd" + become: yes + when: ansible_os_family == "Rocky" + - name: Install java + yum: name="java-1.8.0-openjdk-devel" state=present update_cache=yes + become: yes + tags: + - always + + # NOTE: If you see a file not found error, try running rm /var/lib/alternatives/{{ item.exe }} in the target machine + - name: set {{ keycloak_java_home }} as default + alternatives: + name="{{ item.exe }}" + link="/usr/bin/{{ item.exe }}" + path="{{ item.path }}/{{ item.exe }}" + with_items: + - { path: "{{ keycloak_java_home }}/bin", exe: 'java' } + - { path: "{{ keycloak_java_home }}/bin", exe: 'keytool' } + - { path: "{{ keycloak_java_home }}/bin", exe: 'javac' } + - { path: "{{ keycloak_java_home }}/bin", exe: 'javadoc' } + become: yes + tags: + - always + + - name: set selinux to permissive + selinux: state=permissive policy=targeted + become: yes + when: ansible_os_family == "RedHat" + - name: allow httpd to proxy to Keycloak process seboolean: name: httpd_can_network_connect diff --cc dev-tools/ansible/roles/letsencrypt/tasks/main.yml index 309610503a,978204d680..413f792673 --- a/dev-tools/ansible/roles/letsencrypt/tasks/main.yml +++ b/dev-tools/ansible/roles/letsencrypt/tasks/main.yml @@@ -20,28 -20,9 +20,20 @@@ --- - - name: install certbot and dependencies - yum: name={{ item }} state=installed update_cache=yes - with_items: - - certbot-1.11.0 - - python2-acme-1.11.0 - - python2-certbot-apache-1.11.0 - - ca-certificates-2021.2.50 - become: true - become_user: root + - include_tasks: install_deps_{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml when: ansible_os_family == "RedHat" +- name: install certbot and dependencies (Rocky) + dnf: name={{ item }} + with_items: + - epel-release + - mod_ssl + - certbot + - python3-certbot-apache + become: true + become_user: root + when: ansible_os_family == "Rocky" + - name: add Certbot PPA repository apt_repository: repo: "ppa:certbot/certbot"
