ibrary/roles/d4s_user_services_perms: Move here the tasks that allow the d4science user to start/stop the tomcat service.
d4science-ghn-cluster: new generic playbook to configure a machine that will run the transact webapp.
This commit is contained in:
parent
8b21fb96a8
commit
579f97a1aa
|
@ -0,0 +1,3 @@
|
|||
This role assumes that only one tomcat instance is defined and running on the system.
|
||||
|
||||
Important note: the variable 'http_port' needs to be defined earlier in the calling playbook.
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
d4science_user: gcube
|
||||
d4science_user_home: '/home/{{ d4science_user }}'
|
|
@ -0,0 +1,11 @@
|
|||
---
|
||||
- name: Install the sudoers config that permits the tomcat user to restart the service
|
||||
template: src=tomcat-sudoers.j2 dest=/etc/sudoers.d/tomcat-d4science owner=root group=root mode=0440
|
||||
tags: [ 'tomcat', 'd4science', 'sudo' ]
|
||||
|
||||
- name: Install the script that allows the tomcat user to start and stop the service without using the full path
|
||||
template: src={{ item }}.j2 dest={{ d4science_user_home }}/{{ item }} owner={{ d4science_user }} group={{ d4science_user }} mode=0755
|
||||
with_items:
|
||||
- startContainer.sh
|
||||
- stopContainer.sh
|
||||
tags: [ 'tomcat', 'd4science', 'sudo' ]
|
|
@ -0,0 +1,5 @@
|
|||
#!/bin/bash
|
||||
|
||||
sudo /etc/init.d/tomcat-instance-{{ http_port }} start
|
||||
|
||||
exit $?
|
|
@ -0,0 +1,5 @@
|
|||
#!/bin/bash
|
||||
|
||||
sudo /etc/init.d/tomcat-instance-{{ http_port }} stop
|
||||
|
||||
exit $?
|
|
@ -0,0 +1,2 @@
|
|||
{{ d4science_user }} ALL=(ALL) NOPASSWD: /etc/init.d/tomcat-instance-*
|
||||
|
|
@ -1,6 +1,5 @@
|
|||
---
|
||||
manage_root_ssh_keys: True
|
||||
|
||||
#
|
||||
# Example:
|
||||
# user_ssh_key: [ '{{ sandro_labruzzo }}','{{ michele_artini }}', '{{ claudio_atzori }}' ]
|
||||
|
@ -31,6 +30,7 @@ gianpaolo_coro: ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAkLUsStIPUVZVWiHyiI2poDnB70Cj
|
|||
katerina_iatropoulou: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA29WTITAKDhIE4lYt41hEtL3TnE+bIrlZAdAzSKySHOXPI8Q1vxanvprnL8BU0okgfZJDx3qxcTWLbwpcdWvGbO2SIA8JSKl2viQqfYDc5VtWFd4xo5z9y5BRrNDOOel+XAZjamx8lv8c44Au0ACV+jCAhnzwJA4Iso1KuNsuj2M= kiatrop@rudie
|
||||
farah_karim: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzKSQSk3ntKGUW2Cy8lt/44BTK2+UxMM4W2XO4CrcwgUxxlgIfpL4UjyuSKIygRdU/lL/4xHJdRNzA7PSEiHnBhIeLiF9QWw1mO2GVdJ4/1G5J/XEZ3sL7zyEdwwks7FsnT4U9PO9drNDZ1AmIK8eDKtX9EJcOFflulOknbIHjIq29gXcXbrhQaV3rNHS8vGDkv3fkpJT9Wi8BEUMeMFYsa3k3pc3nPysCQR+xsVJ1Ht+1gpU71W7fACaI1ltYaCToPAJasU19Tz6xE3edl9/Dz6HIL5FcVNSbLFEiyQhd5oL1ITCXJOwzyqobrUUdRK/30iIBRRFW00AIGQCDV0S3 hadoop@karim-ThinkPad-S1-Yoga
|
||||
luca_frosini: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDlTQulSJFayTJyOOecgsct35u7uvVQGX/Da11UZVxvJzw2sQKOMSCMBBGF9zUlcMoP/qvF425jVMM71S8kamCcqgSN528fp9W/Nhw7s15NbCE3H9tJ3B+u5ESOYsRfgogeTIyL26aIY/2rke0DoKDIMU3YlOtN/1ipt5cY9uV3ootxTM126y2WChICGo0h77M/Ta1pIccUE0XbuaA1HwlJBkfDzQ2kh5tkaC7mjeETstOQzpEoPFoVr0qwSPz1Y6l8uiedpDZejrq64Z2zRcSxjEQ1wuA9r8uO7TJQttUKK8m/dHMe6q3WAiFc9sOYe4tf/GEmziB8VloMTNCPJQiz lucafrosini@pc-frosini
|
||||
francesco_mangiacrapa: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDa0NzwaCcauxAFlsupU2xG2eff9nzep9bnb8pISbX2lk+K4yoJvJOAz9W9klJtpPX/IUJx18YR4jjDNcdiYWNh4Y+5jKT2EhSPNkj7Vw2MhA/ZeOrfHx7JNtL8gdxa8XxYB0ZoZqutRppmaRwWmGGwdVh0wyUzWR/v0OT01IuQGYVneLKIjUtx+BcWGsosWISaOQzVbv9iTFbSwgjbkKFHzHasxwKsrK4t1wvbzuxwhVC+5/VKghBJWN219m/PO+itww/fSes0KpI5X/7q8jrYzUgYwrKwt290U41Fx8syDQ6101YnRzMXZRyZwuVNh2S7WosGWebg5nPS4IjKho/F francesco-mangiacrapa@ubuntu-francesco-i24
|
||||
|
||||
# Use the list when you want to give access to non root users
|
||||
ssh_users_list:
|
||||
|
@ -40,5 +40,3 @@ ssh_users_list:
|
|||
# And set the following variable to true:
|
||||
non_root_users: False
|
||||
|
||||
manage_root_ssh_keys: True
|
||||
|
||||
|
|
Loading…
Reference in New Issue