From 44c7857c8f17ccd49bf771427334b98c21bb0922 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <adellam@sevenseas.org>
Date: Tue, 1 Mar 2016 14:14:12 +0100
Subject: [PATCH] library/roles/d4s_user_services_perms: Manage the basic gcore
case, where we only create a user. d4science-ghn-cluster: Playbook to
provision access.d4science.org.
---
d4s_user_services_perms/defaults/main.yml | 2 +
.../tasks/d4s-basic-node.yml | 6 +++
.../tasks/d4s-smartgears-node.yml | 38 +++++++++++++++++
d4s_user_services_perms/tasks/main.yml | 41 ++-----------------
4 files changed, 50 insertions(+), 37 deletions(-)
create mode 100644 d4s_user_services_perms/tasks/d4s-basic-node.yml
create mode 100644 d4s_user_services_perms/tasks/d4s-smartgears-node.yml
diff --git a/d4s_user_services_perms/defaults/main.yml b/d4s_user_services_perms/defaults/main.yml
index 59d4a1b..214c918 100644
--- a/d4s_user_services_perms/defaults/main.yml
+++ b/d4s_user_services_perms/defaults/main.yml
@@ -1,6 +1,8 @@
---
d4science_user: gcube
+d4science_user_create_home: True
d4science_user_home: '/home/{{ d4science_user }}'
+d4science_user_shell: /bin/bash
d4science_tomcat_options_files:
- '/etc/default/tomcat-instance-{{ item.0.http_port }}'
diff --git a/d4s_user_services_perms/tasks/d4s-basic-node.yml b/d4s_user_services_perms/tasks/d4s-basic-node.yml
new file mode 100644
index 0000000..f9dd124
--- /dev/null
+++ b/d4s_user_services_perms/tasks/d4s-basic-node.yml
@@ -0,0 +1,6 @@
+---
+- name: Create the d4science user
+ user: name={{ d4science_user }} home={{ d4science_user_home }} createhome={{ d4science_user_create_home }} shell={{ d4science_user_shell }}
+ tags: [ 'gcore', 'd4science', 'users' ]
+
+
diff --git a/d4s_user_services_perms/tasks/d4s-smartgears-node.yml b/d4s_user_services_perms/tasks/d4s-smartgears-node.yml
new file mode 100644
index 0000000..1edc1bf
--- /dev/null
+++ b/d4s_user_services_perms/tasks/d4s-smartgears-node.yml
@@ -0,0 +1,38 @@
+---
+- name: Install the sudoers config that permits the tomcat user to restart the service
+ template: src=tomcat-sudoers.j2 dest=/etc/sudoers.d/tomcat-d4science owner=root group=root mode=0440
+ tags: [ 'tomcat', 'd4science', 'sudo' ]
+
+- name: Install the script that allows the tomcat user to start and stop the service without using the full path
+ template: src={{ item.1 }}.j2 dest={{ item.0.user_home }}/{{ item.1 }} owner={{ item.0.user }} group={{ item.0.user }} mode=0755
+ with_nested:
+ - '{{ tomcat_m_instances }}'
+ - [ 'startContainer.sh', 'stopContainer.sh' ]
+ tags: [ 'tomcat', 'd4science', 'sudo' ]
+
+- name: Install the README file that explains where the options files are placed and how start/stop the service
+ template: src={{ item.1 }}.j2 dest={{ item.0.user_home }}/{{ item.1 }} owner={{ item.0.user }} group={{ item.0.user }} mode=0444
+ with_nested:
+ - '{{ tomcat_m_instances }}'
+ - [ 'README' ]
+ tags: [ 'tomcat', 'd4science', 'd4s_readme' ]
+
+# - name: Set the read/write permissions on the tomcat default options files
+# acl: name={{ item.1 }} entity={{ item.0.user }} etype=user permissions=rw state=present
+# with_nested:
+# - '{{ tomcat_m_instances }}'
+# - '{{ d4science_tomcat_options_files }}'
+# tags: [ 'tomcat', 'd4science', 'acl' ]
+
+- name: Set the read/write permissions on the tomcat default options files
+ acl: name=/etc/default/tomcat-instance-{{ item.http_port }} entity={{ item.user }} etype=user permissions=rw state=present
+ with_items: tomcat_m_instances
+ tags: [ 'tomcat', 'd4science', 'acl' ]
+
+- name: Set the read/write permissions on the tomcat default local options files
+ acl: name=/etc/default/tomcat-instance-{{ item.http_port }}.local entity={{ item.user }} etype=user permissions=rw state=present
+ with_items: tomcat_m_instances
+ tags: [ 'tomcat', 'd4science', 'acl' ]
+ ignore_errors: True
+
+
diff --git a/d4s_user_services_perms/tasks/main.yml b/d4s_user_services_perms/tasks/main.yml
index 1edc1bf..99fb726 100644
--- a/d4s_user_services_perms/tasks/main.yml
+++ b/d4s_user_services_perms/tasks/main.yml
@@ -1,38 +1,5 @@
---
-- name: Install the sudoers config that permits the tomcat user to restart the service
- template: src=tomcat-sudoers.j2 dest=/etc/sudoers.d/tomcat-d4science owner=root group=root mode=0440
- tags: [ 'tomcat', 'd4science', 'sudo' ]
-
-- name: Install the script that allows the tomcat user to start and stop the service without using the full path
- template: src={{ item.1 }}.j2 dest={{ item.0.user_home }}/{{ item.1 }} owner={{ item.0.user }} group={{ item.0.user }} mode=0755
- with_nested:
- - '{{ tomcat_m_instances }}'
- - [ 'startContainer.sh', 'stopContainer.sh' ]
- tags: [ 'tomcat', 'd4science', 'sudo' ]
-
-- name: Install the README file that explains where the options files are placed and how start/stop the service
- template: src={{ item.1 }}.j2 dest={{ item.0.user_home }}/{{ item.1 }} owner={{ item.0.user }} group={{ item.0.user }} mode=0444
- with_nested:
- - '{{ tomcat_m_instances }}'
- - [ 'README' ]
- tags: [ 'tomcat', 'd4science', 'd4s_readme' ]
-
-# - name: Set the read/write permissions on the tomcat default options files
-# acl: name={{ item.1 }} entity={{ item.0.user }} etype=user permissions=rw state=present
-# with_nested:
-# - '{{ tomcat_m_instances }}'
-# - '{{ d4science_tomcat_options_files }}'
-# tags: [ 'tomcat', 'd4science', 'acl' ]
-
-- name: Set the read/write permissions on the tomcat default options files
- acl: name=/etc/default/tomcat-instance-{{ item.http_port }} entity={{ item.user }} etype=user permissions=rw state=present
- with_items: tomcat_m_instances
- tags: [ 'tomcat', 'd4science', 'acl' ]
-
-- name: Set the read/write permissions on the tomcat default local options files
- acl: name=/etc/default/tomcat-instance-{{ item.http_port }}.local entity={{ item.user }} etype=user permissions=rw state=present
- with_items: tomcat_m_instances
- tags: [ 'tomcat', 'd4science', 'acl' ]
- ignore_errors: True
-
-
+- include: d4s-smartgears-node.yml
+ when: smartgears_node is defined and smartgears_node
+- include: d4s-basic-node.yml
+ when: gcore_node is defined and gcore_node