rimosso library/roles/ghn-gcore/gcore-authorization/ che è un duplicato di un ruolo già esistente

ghn-gcore/gcore-authorization/defaults/main.yml

@@ -1,32 +0,0 @@
----
-#authorization_service_install: False
-#authorization_service_upgrade: False
-authorization_service_name: authorization-service  
-#authorization_service_file: '{{ authorization_service_name }}-2.0.0-20160927.120833-1.war'
-#authorization_service_url: 'http://maven.research-infrastructures.eu/nexus/content/repositories/gcube-snapshots/org/gcube/common/authorization-service/2.0.0-SNAPSHOT/{{ authorization_service_file }}'
-#
-#authorization_version: "2.0.1-4.2.0-134808"
-authorization_service_version: "2.0.1-4.2.0-134808"
-
-repo: "gcube-staging"
-authorization_service_file: '{{ authorization_service_name }}-{{ authorization_service_version }}.war'
-authorization_service_url: 'http://maven.research-infrastructures.eu/nexus/content/repositories/{{ repo }}/org/gcube/common/authorization-service/{{ authorization_service_version }}/{{ authorization_service_file }}'
-authorization_service_persistence_dest: WEB-INF/classes/META-INF/persistence.xml
-authorization_service_config_dest: WEB-INF/AuthorizationConfiguration.xml
-#auth_user: '{{ d4science_user }}'
-tomcat_user: "tomcat"
-tomcat_document_root: "/usr/share/tomcat/"
-authorization_service_loglevel: INFO
-authorization_service_root_loglevel: WARN
-#authorization_service_http_port: 8080
-authorization_service_http_port: 80
-authorized_ips:
-#  - 127.0.0.1
-  - 0.0.0.0
-
-auth_postgresql_host: "localhost"
-psql_db_name: "gcoreauthz"
-psql_db_user: "gcoreauthz"
-authorization_db_pwd: "gcore-authz"
-postgres_port: "5431"
-pgpool_port: "5432"

ghn-gcore/gcore-authorization/meta/main.yml

@@ -1,4 +0,0 @@
-dependencies:
- - role: tomcat
- - role: postgresql
- - role: pgpool

ghn-gcore/gcore-authorization/tasks/main.yml

@@ -1,75 +0,0 @@
----
-- block:
-    - name: Ensure that postgres is running
-      service: name=postgresql state=started
-
-    - name: Create postgres database {{ psql_db_name }} and user {{ psql_db_user }}
-      shell: sudo -u postgres createdb {{ psql_db_name }} && sudo -u postgres createuser -s {{ psql_db_user }}
-      ignore_errors: True
-
-    - name: Set password for user {{ psql_db_user }} and grant all privileges on database {{ psql_db_name }}
-      shell: sudo -u postgres psql -c "ALTER USER {{ psql_db_user }}  WITH PASSWORD '{{ authorization_db_pwd }}';" &&  sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE {{ psql_db_name }} TO {{ psql_db_user }}";
-      ignore_errors: True
-
-    - name: Change postgres authentication method to password for localhost
-      lineinfile:  dest=/var/lib/pgsql/data/pg_hba.conf state=present regexp='^host    all             all             127.0.0.1/32' line='host    all             all             127.0.0.1/32            password'
-
-    - name: Change postgres authentication method to password for localhost ipv6
-      lineinfile:  dest=/var/lib/pgsql/data/pg_hba.conf state=present regexp='^host    all             all             ::1/128' line='host    all             all             ::1/128                 password'
-
-    - name: Change postgres port to {{ postgres_port }}
-      lineinfile:  dest="/usr/lib/systemd/system/postgresql.service" state=present regexp='^Environment=PGPORT=' line='Environment=PGPORT={{ postgres_port }}'
-
-    - name: Change pgpool port to {{ pgpool_port }}
-      lineinfile:  dest="/etc/pgpool-II/pgpool.conf" state=present regexp='^port =' line='port = {{ pgpool_port }}'
-
-    - name: Tell pgpool to connect to postgreqsl on port  {{ postgres_port }}
-      lineinfile:  dest="/etc/pgpool-II/pgpool.conf" state=present regexp='^backend_port0 =' line='backend_port0 = {{ postgres_port }}'
-
-    - name: Tell pgpool to enable ssl
-      lineinfile:  dest="/etc/pgpool-II/pgpool.conf" state=present regexp='^ssl = on' line='ssl = on'
-
-    - name: Running semanage to enable postgres to bind port {{ postgres_port }}
-      seport: ports={{ postgres_port }} proto=tcp setype=postgresql_port_t state=present reload=yes
-
-    - name: Running setsebool to allow tcp connections to the db
-      seboolean: name=httpd_can_network_connect_db state=yes persistent=yes
-
-#    - name: restart postgres
-#      service: name=postgresql state=restarted
-
-    #### on CentOS 7 we need to tell systemd to reload the service file since we made changes there
-    - name: restart postgresql
-      systemd: name=postgresql state=restarted enabled=yes daemon_reload=yes
-
-    - name: restart pgpool
-      service: name=pgpool state=restarted
-
-    - name: Stop tomcat when upgrading
-      service: name=tomcat state=stopped
-
-    - name: Create the authorization service webapp directory
-      file: dest={{ tomcat_document_root }}/webapps/authorization-service state=directory owner={{ tomcat_user }}  group={{ tomcat_user }}
-
-    - name: Get and unpack the authorization war file
-      unarchive: copy=no src={{ authorization_service_url }} dest={{ tomcat_document_root }}/webapps/authorization-service owner={{ tomcat_user }}  group={{ tomcat_user }}
-      args:
-        creates: '{{ tomcat_document_root }}/webapps/authorization-service/WEB-INF/AuthorizationConfiguration.xml'
-
-    - name: Install the authorization service AuthorizationConfiguration.xml template
-      template: src=AuthorizationConfiguration.xml.j2 dest={{ tomcat_document_root }}/webapps/authorization-service/{{ authorization_service_config_dest }} mode=0440 owner={{ tomcat_user }}  group={{ tomcat_user }}
-
-    - name: Install the authorization service persistence.xml template
-      template: src=persistence.xml.j2 dest={{ tomcat_document_root }}/webapps/authorization-service/{{ authorization_service_persistence_dest }} mode=0440 owner={{ tomcat_user }}  group={{ tomcat_user }}
-
-    - name: Install the logback configuration
-      template: src=logback.xml.j2 dest={{ tomcat_document_root }}/lib/logback.xml mode=0644 owner={{ tomcat_user }}  group={{ tomcat_user }}
-
-#    - name: restore ownership
-#      file: dest={{ tomcat_document_root }} owner=root group=tomcat recurse=yes
-
-    - name: Start tomcat
-      service: name=tomcat state=started
-
-  become: true
-  become_user: root

ghn-gcore/gcore-authorization/templates/AuthorizationConfiguration.xml.j2

@@ -1,24 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<Configuration>
-  <Rule path="/token/user" requiresToken="false">
-    {% for ip in authorized_ips %}
-    <Entity type="IP" value="{{ ip }}" />
-    {% endfor %}
-  </Rule>
-
-  <Rule path="/apikey" requiresToken="true" acceptedTokenTypes="USER"/>
-  <Rule path="/policyManager" requiresToken="true">
-    {% for ip in authorized_ips %}
-    <Entity type="IP" value="{{ ip }}" />
-    {% endfor %}
-  </Rule>
-  <Rule path="/token/external" requiresToken="true" acceptedTokenTypes="USER" />
-  <Rule path="/token/node" requiresToken="false" />
-  <Rule path="/token/service" requiresToken="true" acceptedTokenTypes="CONTAINER"/>
-  <Rule path="/token/resolve" requiresToken="false">
-    {% for ip in authorized_ips %}
-    <Entity type="IP" value="{{ ip }}" />
-    {% endfor %}
-  </Rule>
-</Configuration>
-

ghn-gcore/gcore-authorization/templates/logback.xml.j2

@@ -1,24 +0,0 @@
-
-<configuration>
-
-	<appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
-		<file>${catalina.base}/logs/ghn.log</file>
-		<append>true</append>
-		<encoder>
-			<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{0}: %msg%n
-			</pattern>
-		</encoder>
-		<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-			<fileNamePattern>${catalina.base}/logs/ghn.%d{yyyy-MM-dd}.log</fileNamePattern>
-			<maxHistory>30</maxHistory>
-		</rollingPolicy>
-	</appender>
-
-	<logger name="org.gcube" level="{{ authorization_service_loglevel }}" />
-	<logger name="org.gcube.common.authorizationservice" level="{{ authorization_service_loglevel }}" />
-	<logger name="org.gcube.common" level="{{ authorization_service_loglevel }}" />
-	
-	<root level="{{ authorization_service_root_loglevel }}">
-		<appender-ref ref="FILE" />
-	</root>
-</configuration>

ghn-gcore/gcore-authorization/templates/persistence.xml.j2

@@ -1,33 +0,0 @@
-<persistence xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd"
-	version="2.0" xmlns="http://java.sun.com/xml/ns/persistence">
-
-	<!-- change here if you want name of unit different -->
-	<persistence-unit name="authorization" transaction-type="RESOURCE_LOCAL">
-		<provider>org.eclipse.persistence.jpa.PersistenceProvider</provider>
-		
-		<!-- Converters -->
-		<class>org.gcube.common.authorizationservice.persistence.entities.converters.StringListConverter</class>
-		
-		
-		<!-- Entities -->
-		<class>org.gcube.common.authorizationservice.persistence.entities.AuthorizationEntity</class>
-		<class>org.gcube.common.authorizationservice.persistence.entities.ServiceAuthorizationEntity</class>
-		<class>org.gcube.common.authorizationservice.persistence.entities.UserAuthorizationEntity</class>
-		<class>org.gcube.common.authorizationservice.persistence.entities.ExternalServiceAuthorizationEntity</class>
-		<class>org.gcube.common.authorizationservice.persistence.entities.NodeAuthorizationEntity</class>
-		<class>org.gcube.common.authorizationservice.persistence.entities.PolicyEntity</class>
-		<class>org.gcube.common.authorizationservice.persistence.entities.ServicePolicyEntity</class>
-		<class>org.gcube.common.authorizationservice.persistence.entities.UserPolicyEntity</class>
-		<properties>
-			<property name="javax.persistence.jdbc.url"
-				value="jdbc:postgresql://{{ auth_postgresql_host }}/{{ psql_db_name }}" />
-			<property name="javax.persistence.jdbc.driver" value="org.postgresql.Driver" />
-			<property name="javax.persistence.jdbc.user" value="{{ psql_db_user }}" />
-			<property name="javax.persistence.jdbc.password" value="{{ authorization_db_pwd }}" />
-			<property name="eclipselink.ddl-generation" value="create-tables" />
-			<property name="eclipselink.ddl-generation.output-mode"
-				value="database" />
-		</properties>
-	</persistence-unit>
-</persistence>