forked from ISTI-ansible-roles/ansible-roles
added gcore roles and playbooks used to deploy gcore enabling services @ENG, added gcore-smartgears-container role used to generate a smartgears docker container
This commit is contained in:
parent
1ee36151a4
commit
1393325469
|
@ -0,0 +1,2 @@
|
|||
test_port: "8080"
|
||||
test_URL: "http://{{ inventory_hostname }}:{{ test_port }}"
|
|
@ -0,0 +1,17 @@
|
|||
- name: wait for the service to come up
|
||||
wait_for: host={{ inventory_hostname }} port={{ test_port }} delay=3 connect_timeout=3
|
||||
delegate_to: localhost
|
||||
|
||||
- name: check URL availability with curl
|
||||
raw: curl -k "{{ test_URL }}"
|
||||
register: curl_cmd
|
||||
failed_when: curl_cmd.rc >= 1
|
||||
|
||||
#raw: curl -k -m 3 "{{ test_URL }}"
|
||||
|
||||
#- name: test the specified URL
|
||||
# action: uri url={{ test_URL }}
|
||||
# register: webpage
|
||||
|
||||
#- name : check the returned contents
|
||||
# fail: msg="service not available"
|
|
@ -0,0 +1,32 @@
|
|||
---
|
||||
#authorization_service_install: False
|
||||
#authorization_service_upgrade: False
|
||||
authorization_service_name: authorization-service
|
||||
#authorization_service_file: '{{ authorization_service_name }}-2.0.0-20160927.120833-1.war'
|
||||
#authorization_service_url: 'http://maven.research-infrastructures.eu/nexus/content/repositories/gcube-snapshots/org/gcube/common/authorization-service/2.0.0-SNAPSHOT/{{ authorization_service_file }}'
|
||||
#
|
||||
#authorization_version: "2.0.1-4.2.0-134808"
|
||||
authorization_service_version: "2.0.1-4.2.0-134808"
|
||||
|
||||
repo: "gcube-staging"
|
||||
authorization_service_file: '{{ authorization_service_name }}-{{ authorization_service_version }}.war'
|
||||
authorization_service_url: 'http://maven.research-infrastructures.eu/nexus/content/repositories/{{ repo }}/org/gcube/common/authorization-service/{{ authorization_service_version }}/{{ authorization_service_file }}'
|
||||
authorization_service_persistence_dest: WEB-INF/classes/META-INF/persistence.xml
|
||||
authorization_service_config_dest: WEB-INF/AuthorizationConfiguration.xml
|
||||
#auth_user: '{{ d4science_user }}'
|
||||
tomcat_user: "tomcat"
|
||||
tomcat_document_root: "/usr/share/tomcat/"
|
||||
authorization_service_loglevel: INFO
|
||||
authorization_service_root_loglevel: WARN
|
||||
#authorization_service_http_port: 8080
|
||||
authorization_service_http_port: 80
|
||||
authorized_ips:
|
||||
# - 127.0.0.1
|
||||
- 0.0.0.0
|
||||
|
||||
auth_postgresql_host: "localhost"
|
||||
psql_db_name: "gcoreauthz"
|
||||
psql_db_user: "gcoreauthz"
|
||||
authorization_db_pwd: "gcore-authz"
|
||||
postgres_port: "5431"
|
||||
pgpool_port: "5432"
|
|
@ -0,0 +1,4 @@
|
|||
dependencies:
|
||||
- role: tomcat
|
||||
- role: postgresql
|
||||
- role: pgpool
|
|
@ -0,0 +1,75 @@
|
|||
---
|
||||
- block:
|
||||
- name: Ensure that postgres is running
|
||||
service: name=postgresql state=started
|
||||
|
||||
- name: Create postgres database {{ psql_db_name }} and user {{ psql_db_user }}
|
||||
shell: sudo -u postgres createdb {{ psql_db_name }} && sudo -u postgres createuser -s {{ psql_db_user }}
|
||||
ignore_errors: True
|
||||
|
||||
- name: Set password for user {{ psql_db_user }} and grant all privileges on database {{ psql_db_name }}
|
||||
shell: sudo -u postgres psql -c "ALTER USER {{ psql_db_user }} WITH PASSWORD '{{ authorization_db_pwd }}';" && sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE {{ psql_db_name }} TO {{ psql_db_user }}";
|
||||
ignore_errors: True
|
||||
|
||||
- name: Change postgres authentication method to password for localhost
|
||||
lineinfile: dest=/var/lib/pgsql/data/pg_hba.conf state=present regexp='^host all all 127.0.0.1/32' line='host all all 127.0.0.1/32 password'
|
||||
|
||||
- name: Change postgres authentication method to password for localhost ipv6
|
||||
lineinfile: dest=/var/lib/pgsql/data/pg_hba.conf state=present regexp='^host all all ::1/128' line='host all all ::1/128 password'
|
||||
|
||||
- name: Change postgres port to {{ postgres_port }}
|
||||
lineinfile: dest="/usr/lib/systemd/system/postgresql.service" state=present regexp='^Environment=PGPORT=' line='Environment=PGPORT={{ postgres_port }}'
|
||||
|
||||
- name: Change pgpool port to {{ pgpool_port }}
|
||||
lineinfile: dest="/etc/pgpool-II/pgpool.conf" state=present regexp='^port =' line='port = {{ pgpool_port }}'
|
||||
|
||||
- name: Tell pgpool to connect to postgreqsl on port {{ postgres_port }}
|
||||
lineinfile: dest="/etc/pgpool-II/pgpool.conf" state=present regexp='^backend_port0 =' line='backend_port0 = {{ postgres_port }}'
|
||||
|
||||
- name: Tell pgpool to enable ssl
|
||||
lineinfile: dest="/etc/pgpool-II/pgpool.conf" state=present regexp='^ssl = on' line='ssl = on'
|
||||
|
||||
- name: Running semanage to enable postgres to bind port {{ postgres_port }}
|
||||
seport: ports={{ postgres_port }} proto=tcp setype=postgresql_port_t state=present reload=yes
|
||||
|
||||
- name: Running setsebool to allow tcp connections to the db
|
||||
seboolean: name=httpd_can_network_connect_db state=yes persistent=yes
|
||||
|
||||
# - name: restart postgres
|
||||
# service: name=postgresql state=restarted
|
||||
|
||||
#### on CentOS 7 we need to tell systemd to reload the service file since we made changes there
|
||||
- name: restart postgresql
|
||||
systemd: name=postgresql state=restarted enabled=yes daemon_reload=yes
|
||||
|
||||
- name: restart pgpool
|
||||
service: name=pgpool state=restarted
|
||||
|
||||
- name: Stop tomcat when upgrading
|
||||
service: name=tomcat state=stopped
|
||||
|
||||
- name: Create the authorization service webapp directory
|
||||
file: dest={{ tomcat_document_root }}/webapps/authorization-service state=directory owner={{ tomcat_user }} group={{ tomcat_user }}
|
||||
|
||||
- name: Get and unpack the authorization war file
|
||||
unarchive: copy=no src={{ authorization_service_url }} dest={{ tomcat_document_root }}/webapps/authorization-service owner={{ tomcat_user }} group={{ tomcat_user }}
|
||||
args:
|
||||
creates: '{{ tomcat_document_root }}/webapps/authorization-service/WEB-INF/AuthorizationConfiguration.xml'
|
||||
|
||||
- name: Install the authorization service AuthorizationConfiguration.xml template
|
||||
template: src=AuthorizationConfiguration.xml.j2 dest={{ tomcat_document_root }}/webapps/authorization-service/{{ authorization_service_config_dest }} mode=0440 owner={{ tomcat_user }} group={{ tomcat_user }}
|
||||
|
||||
- name: Install the authorization service persistence.xml template
|
||||
template: src=persistence.xml.j2 dest={{ tomcat_document_root }}/webapps/authorization-service/{{ authorization_service_persistence_dest }} mode=0440 owner={{ tomcat_user }} group={{ tomcat_user }}
|
||||
|
||||
- name: Install the logback configuration
|
||||
template: src=logback.xml.j2 dest={{ tomcat_document_root }}/lib/logback.xml mode=0644 owner={{ tomcat_user }} group={{ tomcat_user }}
|
||||
|
||||
# - name: restore ownership
|
||||
# file: dest={{ tomcat_document_root }} owner=root group=tomcat recurse=yes
|
||||
|
||||
- name: Start tomcat
|
||||
service: name=tomcat state=started
|
||||
|
||||
become: true
|
||||
become_user: root
|
|
@ -0,0 +1,24 @@
|
|||
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
|
||||
<Configuration>
|
||||
<Rule path="/token/user" requiresToken="false">
|
||||
{% for ip in authorized_ips %}
|
||||
<Entity type="IP" value="{{ ip }}" />
|
||||
{% endfor %}
|
||||
</Rule>
|
||||
|
||||
<Rule path="/apikey" requiresToken="true" acceptedTokenTypes="USER"/>
|
||||
<Rule path="/policyManager" requiresToken="true">
|
||||
{% for ip in authorized_ips %}
|
||||
<Entity type="IP" value="{{ ip }}" />
|
||||
{% endfor %}
|
||||
</Rule>
|
||||
<Rule path="/token/external" requiresToken="true" acceptedTokenTypes="USER" />
|
||||
<Rule path="/token/node" requiresToken="false" />
|
||||
<Rule path="/token/service" requiresToken="true" acceptedTokenTypes="CONTAINER"/>
|
||||
<Rule path="/token/resolve" requiresToken="false">
|
||||
{% for ip in authorized_ips %}
|
||||
<Entity type="IP" value="{{ ip }}" />
|
||||
{% endfor %}
|
||||
</Rule>
|
||||
</Configuration>
|
||||
|
|
@ -0,0 +1,24 @@
|
|||
|
||||
<configuration>
|
||||
|
||||
<appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
|
||||
<file>${catalina.base}/logs/ghn.log</file>
|
||||
<append>true</append>
|
||||
<encoder>
|
||||
<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{0}: %msg%n
|
||||
</pattern>
|
||||
</encoder>
|
||||
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
|
||||
<fileNamePattern>${catalina.base}/logs/ghn.%d{yyyy-MM-dd}.log</fileNamePattern>
|
||||
<maxHistory>30</maxHistory>
|
||||
</rollingPolicy>
|
||||
</appender>
|
||||
|
||||
<logger name="org.gcube" level="{{ authorization_service_loglevel }}" />
|
||||
<logger name="org.gcube.common.authorizationservice" level="{{ authorization_service_loglevel }}" />
|
||||
<logger name="org.gcube.common" level="{{ authorization_service_loglevel }}" />
|
||||
|
||||
<root level="{{ authorization_service_root_loglevel }}">
|
||||
<appender-ref ref="FILE" />
|
||||
</root>
|
||||
</configuration>
|
|
@ -0,0 +1,33 @@
|
|||
<persistence xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd"
|
||||
version="2.0" xmlns="http://java.sun.com/xml/ns/persistence">
|
||||
|
||||
<!-- change here if you want name of unit different -->
|
||||
<persistence-unit name="authorization" transaction-type="RESOURCE_LOCAL">
|
||||
<provider>org.eclipse.persistence.jpa.PersistenceProvider</provider>
|
||||
|
||||
<!-- Converters -->
|
||||
<class>org.gcube.common.authorizationservice.persistence.entities.converters.StringListConverter</class>
|
||||
|
||||
|
||||
<!-- Entities -->
|
||||
<class>org.gcube.common.authorizationservice.persistence.entities.AuthorizationEntity</class>
|
||||
<class>org.gcube.common.authorizationservice.persistence.entities.ServiceAuthorizationEntity</class>
|
||||
<class>org.gcube.common.authorizationservice.persistence.entities.UserAuthorizationEntity</class>
|
||||
<class>org.gcube.common.authorizationservice.persistence.entities.ExternalServiceAuthorizationEntity</class>
|
||||
<class>org.gcube.common.authorizationservice.persistence.entities.NodeAuthorizationEntity</class>
|
||||
<class>org.gcube.common.authorizationservice.persistence.entities.PolicyEntity</class>
|
||||
<class>org.gcube.common.authorizationservice.persistence.entities.ServicePolicyEntity</class>
|
||||
<class>org.gcube.common.authorizationservice.persistence.entities.UserPolicyEntity</class>
|
||||
<properties>
|
||||
<property name="javax.persistence.jdbc.url"
|
||||
value="jdbc:postgresql://{{ auth_postgresql_host }}/{{ psql_db_name }}" />
|
||||
<property name="javax.persistence.jdbc.driver" value="org.postgresql.Driver" />
|
||||
<property name="javax.persistence.jdbc.user" value="{{ psql_db_user }}" />
|
||||
<property name="javax.persistence.jdbc.password" value="{{ authorization_db_pwd }}" />
|
||||
<property name="eclipselink.ddl-generation" value="create-tables" />
|
||||
<property name="eclipselink.ddl-generation.output-mode"
|
||||
value="database" />
|
||||
</properties>
|
||||
</persistence-unit>
|
||||
</persistence>
|
|
@ -0,0 +1,28 @@
|
|||
---
|
||||
repo: "gcube-staging"
|
||||
#ghn_distribution_version: "7.0.0-4.2.1-132334"
|
||||
ghn_distribution_bundle_version: "7.0.0-4.2.1-132334"
|
||||
|
||||
#### this gets the latest version in the specified repo
|
||||
#globus_url: "http://maven.research-infrastructures.eu/nexus/service/local/artifact/maven/redirect?r={{ repo }}&g=org/gcube/distribution&a=ghn-distribution&v=LATEST&e=tar.gz"
|
||||
|
||||
#### this is for the ghn-distribution-bundle
|
||||
#globus_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/distribution/ghn-distribution-bundle/{{ ghn_distribution_bundle_version }}/ghn-distribution-bundle-{{ ghn_distribution_bundle_version }}-bundle.tar.gz"
|
||||
|
||||
globus_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/distribution/ghn-distribution/{{ ghn_distribution_bundle_version }}/ghn-distribution-{{ ghn_distribution_bundle_version }}.tar.gz"
|
||||
ant_url: 'http://archive.apache.org/dist/ant/binaries/apache-ant-1.6.5-bin.tar.gz'
|
||||
|
||||
ghn_user: 'gCore'
|
||||
globus_location: "/opt/{{ ghn_user }}"
|
||||
ant_location: '/opt/ant/'
|
||||
|
||||
ghn_port: 8080
|
||||
ghn_hostname: "{{ ansible_hostname }}"
|
||||
ghn_published_host: "{{ ghn_hostname }}:{{ ghn_port }}"
|
||||
|
||||
gcube_key: 'd4s.gcubekey'
|
||||
servicemap_xmlfile: 'ServiceMap_d4s.xml'
|
||||
servicemap_endpoint: "{{ ghn_published_host }}"
|
||||
|
||||
common_scope_maps_file: "common-scope-maps-1.0.4-4.2.0-128425-patched.jar"
|
||||
patch_common_scope: 0
|
Binary file not shown.
|
@ -0,0 +1 @@
|
|||
<EFBFBD><03><><EFBFBD><EFBFBD><EFBFBD>B<EFBFBD><42><EFBFBD><EFBFBD>2<02>$
|
|
@ -0,0 +1,2 @@
|
|||
dependencies:
|
||||
- role: java-17
|
|
@ -0,0 +1,66 @@
|
|||
- name: add ghn user #home is /opt/ghn/, password is "gCore??"
|
||||
action: user name={{ ghn_user }} password=$1$SuG4r$6AGiUoMKjZAHFJgYLDTkW/ shell=/bin/bash createhome=yes home={{ globus_location }}
|
||||
|
||||
- name: download and extract ghn release specified in '../defaults/main.yml'
|
||||
unarchive: src='{{ globus_url }}' dest="{{ globus_location }}" copy=no extra_opts='--strip-components=1'
|
||||
#unarchive: src='{{ globus_url }}' dest="{{ globus_location }}" copy=no extra_opts='--show-stored-names --strip-components=1'
|
||||
#unarchive: src='http://dl.uxnr.de/mirror/curl/curl-7.52.1.tar.gz' dest="{{ globus_location }}" copy=no
|
||||
|
||||
- name: Test if ant is already deployed
|
||||
raw: ls -d {{ ant_location }}
|
||||
register: is_ant_deployed
|
||||
ignore_errors: True
|
||||
tags:
|
||||
- ant
|
||||
|
||||
- name: create ant_location as defined in '../defaults/main.yml'
|
||||
file: path={{ ant_location }} state=directory owner=root group=root mode=0755
|
||||
when: is_ant_deployed.rc != 0
|
||||
tags:
|
||||
- ant
|
||||
|
||||
- name: install apache ant
|
||||
unarchive: src={{ ant_url }} dest={{ ant_location }} copy=no extra_opts='--strip-components=1'
|
||||
#unarchive: src={{ ant_url }} dest={{ ant_location }} copy=no extra_opts='--show-stored-names --strip-components=1'
|
||||
when: is_ant_deployed.rc != 0
|
||||
tags:
|
||||
- ant
|
||||
|
||||
- name: upload the gcube key specified in '../defaults/main.yml'
|
||||
copy: src={{ gcube_key }} dest={{ globus_location }}/config/ mode=0600
|
||||
|
||||
- name: upload ghn start script
|
||||
template: src=gcore-start.sh dest={{ globus_location }} mode=0700
|
||||
|
||||
- name: copy custom servicemap files
|
||||
template: src=ServiceMap_d4s.xml dest={{ globus_location }}/config/
|
||||
when: patch_common_scope != 0
|
||||
|
||||
- name: copy custom servicemap files
|
||||
template: src=ServiceMap_d4stesting.xml dest={{ globus_location }}/config/
|
||||
when: patch_common_scope != 0
|
||||
|
||||
- name: patch_common_scope={{ patch_common_scope }}, removing bundled common-scope-maps
|
||||
raw: rm -f {{ globus_location }}/lib/common-scope-maps*
|
||||
when: patch_common_scope != 0
|
||||
ignore_errors: True
|
||||
tags:
|
||||
- common_scope_maps
|
||||
|
||||
- name: upload patched common-scope-maps
|
||||
copy: src={{ common_scope_maps_file }} dest={{ globus_location }}/lib/ owner={{ ghn_user }} group={{ ghn_user }} mode=0644
|
||||
when: patch_common_scope != 0
|
||||
tags:
|
||||
- common_scope_maps
|
||||
|
||||
- name: upload d4s.authorization
|
||||
template: src=d4s.authorization dest={{ globus_location }}/config/ mode=0644
|
||||
|
||||
- name: restore ownership
|
||||
file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
|
||||
|
||||
# this is commented out since at this point no service has been deployed yet
|
||||
#- name: start the container
|
||||
# become: yes
|
||||
# become_user: "{{ ghn_user }}"
|
||||
# command: "{{ globus_location }}/gcore-start.sh"
|
|
@ -0,0 +1,6 @@
|
|||
<ServiceMap>
|
||||
<Service name ="ISICAllQueryPT" endpoint ="http://{{ servicemap_endpoint }}/wsrf/services/gcube/informationsystem/collector/XQueryAccess"/>
|
||||
<Service name ="ISICAllRegistrationPT" endpoint ="http://{{ servicemap_endpoint }}/wsrf/services/gcube/informationsystem/collector/Sink"/>
|
||||
<Service name ="ISICAllCollectionPT" endpoint ="http://{{ servicemap_endpoint }}/wsrf/services/gcube/informationsystem/collector/wsdaix/XMLCollectionAccess"/>
|
||||
<Service name ="ISICAllStoragePT" endpoint ="http://{{ servicemap_endpoint }}/wsrf/services/gcube/informationsystem/collector/XMLStorageAccess"/>
|
||||
</ServiceMap>
|
|
@ -0,0 +1,6 @@
|
|||
<ServiceMap>
|
||||
<Service name ="ISICAllQueryPT" endpoint ="http://{{ servicemap_endpoint_testing }}/wsrf/services/gcube/informationsystem/collector/XQueryAccess"/>
|
||||
<Service name ="ISICAllRegistrationPT" endpoint ="http://{{ servicemap_endpoint_testing }}/wsrf/services/gcube/informationsystem/collector/Sink"/>
|
||||
<Service name ="ISICAllCollectionPT" endpoint ="http://{{ servicemap_endpoint_testing }}/wsrf/services/gcube/informationsystem/collector/wsdaix/XMLCollectionAccess"/>
|
||||
<Service name ="ISICAllStoragePT" endpoint ="http://{{ servicemap_endpoint_testing }}/wsrf/services/gcube/informationsystem/collector/XMLStorageAccess"/>
|
||||
</ServiceMap>
|
|
@ -0,0 +1 @@
|
|||
# example: registry={{ COMMON_NPM_MIRROR_URL }}
|
|
@ -0,0 +1 @@
|
|||
<authorization-endpoint priority="1" infrastructure="d4s"><host>{{ authorization_hostname }}</host><secure>false</secure><port>{{ authorization_port }}</port></authorization-endpoint>
|
|
@ -0,0 +1,6 @@
|
|||
#!/bin/bash
|
||||
export GLOBUS_LOCATION={{ globus_location }}
|
||||
export PATH=$PATH:$GLOBUS_LOCATION/bin
|
||||
export ANT_HOME={{ ant_location }}
|
||||
|
||||
nohup {{ globus_location }}/bin/gcore-start-container -p {{ ghn_port }}
|
|
@ -0,0 +1,21 @@
|
|||
---
|
||||
# recent versions of eXist setup do not allow for a quiet installation, therefore we switch to the
|
||||
# last known working version
|
||||
#exist_url: 'https://bintray.com/existdb/releases/download_file?file_path=eXist-db-setup-2.2.jar'
|
||||
exist_jar: 'eXist-setup-1.2.6-rev9165.jar'
|
||||
exist_url: "http://downloads.sourceforge.net/project/exist/Stable/1.2/{{ exist_jar }}"
|
||||
exist_location: "{{ globus_location }}/exist/"
|
||||
|
||||
repo: "gcube-staging"
|
||||
#collector_version: "3.0.2-4.1.0-126944"
|
||||
is_collector_service_version: "3.0.2-4.1.0-126944"
|
||||
collector_artifact: "is-collector-service-{{ is_collector_service_version }}"
|
||||
collector_gar: "{{ collector_artifact }}.gar"
|
||||
collector_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/informationsystem/is-collector-service/{{ is_collector_service_version }}/{{ collector_gar }}"
|
||||
|
||||
collector_hostname: "d4s.res.eng.it"
|
||||
collector_port: "8099"
|
||||
collector_endpoint: "{{ collector_hostname }}:{{ collector_port }}"
|
||||
|
||||
start_scopes: ''
|
||||
infrastructure: 'd4s'
|
|
@ -0,0 +1,2 @@
|
|||
dependencies:
|
||||
- role: gcore-base
|
|
@ -0,0 +1,73 @@
|
|||
- name: download eXist DB
|
||||
get_url: url={{ exist_url }} dest=/tmp force=yes
|
||||
|
||||
- name: create exist_location as defined in '../defaults/main.yml'
|
||||
file: path={{ exist_location }} state=directory owner={{ ghn_user }} group={{ ghn_user }} mode=0755
|
||||
|
||||
- name: install eXist DB
|
||||
command: "java -jar /tmp/{{ exist_jar }} -p {{ exist_location }}"
|
||||
|
||||
- name: remove eXist setup jar
|
||||
file: path="/tmp/{{ exist_jar }}" state=absent
|
||||
|
||||
- name: add the EXIST_HOME parameter to the gcore startup script
|
||||
lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertafter="^export ANT_HOME" state=present line="export EXIST_HOME={{ exist_location }}"
|
||||
|
||||
# remotely using with_fileglob seems to give all sorts of issues
|
||||
# while using copy module is out of question since it's not
|
||||
# capable of using wildcards, hence we'll use the shell module
|
||||
# when there's a need to use wildcards in filenames
|
||||
#- name: copy exist libs in "{{ globus_location }}/lib/"
|
||||
# copy: src={{ item }} dest="{{ globus_location }}/lib/" remote_src=true
|
||||
# with_fileglob:
|
||||
# - "{{ exist_location}}/exist.jar"
|
||||
# - "{{ exist_location}}/lib/core/quartz-*.jar"
|
||||
# - "{{ exist_location}}/lib/core/xmlrpc-*"
|
||||
# - "{{ exist_location}}/lib/core/xmldb.jar"
|
||||
# - "{{ exist_location}}/lib/core/jta.jar"
|
||||
# - "{{ exist_location}}/lib/core/commons-pool-*.jar"
|
||||
|
||||
- name: copy exist.jar in $GLOBUS_LOCATION/lib
|
||||
copy: src="{{ exist_location}}/exist.jar" dest="{{ globus_location }}/lib/" remote_src=true
|
||||
|
||||
- name: copy quartz jar in $GLOBUS_LOCATION/lib
|
||||
shell: cp -R {{ exist_location}}/lib/core/quartz-*.jar {{ globus_location }}/lib/
|
||||
|
||||
- name: copy xmlrpc-* in $GLOBUS_LOCATION/lib
|
||||
shell: cp -R {{ exist_location}}/lib/core/xmlrpc-* {{ globus_location }}/lib/
|
||||
|
||||
- name: copy xmldb in $GLOBUS_LOCATION/lib
|
||||
copy: src="{{ exist_location}}/lib/core/xmldb.jar" dest="{{ globus_location }}/lib/" remote_src=true
|
||||
|
||||
- name: copy jta.jar in $GLOBUS_LOCATION/lib
|
||||
copy: src="{{ exist_location}}/lib/core/jta.jar" dest="{{ globus_location }}/lib/" remote_src=true
|
||||
|
||||
- name: copy commons-pool-*.jar in $GLOBUS_LOCATION/lib
|
||||
shell: cp -R {{ exist_location}}/lib/core/commons-pool-*.jar {{ globus_location }}/lib/
|
||||
|
||||
- name: download is-collector-service.gar
|
||||
get_url: url={{ collector_url }} dest=/tmp force=yes
|
||||
|
||||
- name: deploy is-collector-service.gar
|
||||
shell: export GLOBUS_LOCATION={{ globus_location }} ANT_HOME={{ ant_location }} && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ collector_gar }}
|
||||
|
||||
- name: add GLOBUS_OPTIONS to the gcore startup script
|
||||
lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertafter="^export EXIST_HOME" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M -Dexist.home=$EXIST_HOME"'
|
||||
|
||||
- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
|
||||
replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ collector_hostname }}"
|
||||
|
||||
- name: copy updated GHNConfig.xml
|
||||
template: src=GHNConfig.xml dest={{ globus_location }}/config/
|
||||
|
||||
- name: updated is-collector-service jndi-config.xml, add start scopes
|
||||
lineinfile: dest="{{ globus_location }}/etc/{{ collector_artifact }}/jndi-config.xml" insertafter='.*?<service name="gcube/informationsystem/collector">' state=present line=" <environment name=\"startScopes\" value=\"/{{ infrastructure }}/{{ start_scopes }}\" type=\"java.lang.String\" override=\"false\" />"
|
||||
when: start_scopes != ""
|
||||
|
||||
- name: restore ownership
|
||||
file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
|
||||
|
||||
- name: start gCore
|
||||
become: yes
|
||||
become_user: "{{ ghn_user }}"
|
||||
shell: "{{ globus_location }}/gcore-start.sh"
|
|
@ -0,0 +1,87 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<jndiConfig xmlns="http://wsrf.globus.org/jndi/config">
|
||||
<global>
|
||||
|
||||
<environment
|
||||
name="securityenabled"
|
||||
value="false"
|
||||
type="java.lang.Boolean"
|
||||
override="false" />
|
||||
<environment
|
||||
name="mode"
|
||||
value="ROOT"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<!-- multiple scopes must be separated by a comma (e.g "EM,testing")-->
|
||||
<environment
|
||||
name="startScopes"
|
||||
value="{{ start_scopes }}"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="allowedScopes"
|
||||
value=""
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="infrastructure"
|
||||
value="{{ infrastructure }}"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="labels"
|
||||
value="GHNLabels.xml"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="GHNtype"
|
||||
value="STATIC"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="localProxy"
|
||||
value="/home/globus/..."
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="coordinates"
|
||||
value="43.719627,10.421626"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="country"
|
||||
value="it"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="location"
|
||||
value="Pisa"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="updateInterval"
|
||||
value="60"
|
||||
type="java.lang.Long"
|
||||
override="false" />
|
||||
|
||||
<environment
|
||||
name="trustedGHNSynchInterval"
|
||||
value="600"
|
||||
type="java.lang.Long"
|
||||
override="false" />
|
||||
|
||||
<!-- Test PublishedHost -->
|
||||
<environment
|
||||
name="publishedHost"
|
||||
value="{{ collector_hostname }}"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<!-- Test PublishedPort -->
|
||||
<environment
|
||||
name="publishedPort"
|
||||
value="{{ collector_port }}"
|
||||
type="java.lang.Integer"
|
||||
override="false" />
|
||||
|
||||
</global>
|
||||
</jndiConfig>
|
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
repo: "gcube-staging"
|
||||
notifier_version: "1.4.0-4.1.0-126911"
|
||||
notifier_artifact: "notifier-service-{{ notifier_version }}"
|
||||
notifier_gar: "{{ notifier_artifact }}.gar"
|
||||
notifier_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/informationsystem/notifier-service/{{ notifier_version }}/{{ notifier_gar }}"
|
||||
|
||||
notifier_hostname: "d4s.res.eng.it"
|
||||
notifier_port: "d4s.res.eng.it"
|
||||
notifier_endpoint: "{{ notifier_hostname }}:{{ notifier_port }}"
|
||||
|
||||
start_scopes: ''
|
||||
infrastructure: 'd4s'
|
|
@ -0,0 +1,2 @@
|
|||
dependencies:
|
||||
- role: gcore-base
|
|
@ -0,0 +1,26 @@
|
|||
- name: download {{ notifier_gar }}
|
||||
get_url: url={{ notifier_url }} dest=/tmp force=yes
|
||||
|
||||
- name: deploy {{ notifier_gar }}
|
||||
shell: export GLOBUS_LOCATION={{ globus_location }} ANT_HOME={{ ant_location }} && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ notifier_gar }}
|
||||
|
||||
- name: add GLOBUS_OPTIONS to the gcore startup script
|
||||
lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertbefore="^nohup" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M"'
|
||||
|
||||
- name: copy updated GHNConfig.xml
|
||||
template: src=GHNConfig.xml dest={{ globus_location }}/config/
|
||||
|
||||
## despite what the documentation says, seems there's no need to specify starting scopes for the notifier to work correctly
|
||||
#- name: copy updated notifier-service jndi-config.xml
|
||||
# template: src=jndi-config.xml dest={{ globus_location }}/etc/{{ notifier_artifact }}/
|
||||
|
||||
- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
|
||||
replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ notifier_hostname }}"
|
||||
|
||||
- name: restore ownership
|
||||
file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
|
||||
|
||||
- name: start gCore
|
||||
become: yes
|
||||
become_user: "{{ ghn_user }}"
|
||||
shell: "{{ globus_location }}/gcore-start.sh"
|
|
@ -0,0 +1,85 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<jndiConfig xmlns="http://wsrf.globus.org/jndi/config">
|
||||
<global>
|
||||
|
||||
<environment
|
||||
name="securityenabled"
|
||||
value="false"
|
||||
type="java.lang.Boolean"
|
||||
override="false" />
|
||||
<environment
|
||||
name="mode"
|
||||
value="ROOT"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<!-- multiple scopes must be separated by a comma (e.g "EM,testing")-->
|
||||
<environment
|
||||
name="startScopes"
|
||||
value="{{ start_scopes }}"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="allowedScopes"
|
||||
value=""
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="infrastructure"
|
||||
value="{{ infrastructure }}"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="labels"
|
||||
value="GHNLabels.xml"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="GHNtype"
|
||||
value="STATIC"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="localProxy"
|
||||
value="/home/globus/..."
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="coordinates"
|
||||
value="43.719627,10.421626"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="country"
|
||||
value="it"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="location"
|
||||
value="Pisa"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="updateInterval"
|
||||
value="60"
|
||||
type="java.lang.Long"
|
||||
override="false" />
|
||||
|
||||
<environment
|
||||
name="trustedGHNSynchInterval"
|
||||
value="600"
|
||||
type="java.lang.Long"
|
||||
override="false" />
|
||||
<!-- Test PublishedHost -->
|
||||
<environment
|
||||
name="publishedHost"
|
||||
value="{{ notifier_hostname }} "
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<!-- Test PublishedPort -->
|
||||
<environment
|
||||
name="publishedPort"
|
||||
value="{{ notifier_port }}"
|
||||
type="java.lang.Integer"
|
||||
override="false" />
|
||||
</global>
|
||||
</jndiConfig>
|
|
@ -0,0 +1,17 @@
|
|||
---
|
||||
repo: "gcube-staging"
|
||||
portal_version: "4.1.0-4.2.0-133176"
|
||||
portal_bundle: "gcube-portal-bundle-{{ portal_version }}.tar.gz"
|
||||
portal_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/distribution/gcube-portal-bundle/{{ portal_version }}/{{ portal_bundle }}"
|
||||
|
||||
portal_user: "gCore"
|
||||
portal_home: "/opt/{{ portal_user }}"
|
||||
|
||||
gcube_key: 'd4s.gcubekey'
|
||||
tomcat_port: "8080"
|
||||
|
||||
common_scope_maps_file: "common-scope-maps-1.0.4-4.2.0-128425-patched.jar"
|
||||
patch_common_scope: 0
|
||||
|
||||
start_scopes: ''
|
||||
infrastructure: 'd4s'
|
Binary file not shown.
|
@ -0,0 +1 @@
|
|||
<EFBFBD><03><><EFBFBD><EFBFBD><EFBFBD>B<EFBFBD><42><EFBFBD><EFBFBD>2<02>$
|
|
@ -0,0 +1,2 @@
|
|||
dependencies:
|
||||
- role: java-17
|
|
@ -0,0 +1,69 @@
|
|||
- name: add portal user #default home is /opt/ghn-portal/, password is "gCore??"
|
||||
action: user name={{ portal_user }} password=$1$SuG4r$6AGiUoMKjZAHFJgYLDTkW/ shell=/bin/bash createhome=yes home={{ portal_home }}
|
||||
|
||||
- name: download and extract {{ portal_bundle }} as specified in '../defaults/main.yml'
|
||||
unarchive: src={{ portal_url }} dest={{ portal_home }} copy=no #extra_opts='--show-stored-names --strip-components=1'
|
||||
|
||||
- name: upload the gcube key specified in '../defaults/main.yml'
|
||||
copy: src={{ gcube_key }} dest="{{ portal_home }}/gCube/keys/" mode=0600
|
||||
|
||||
- name: retrieve tomcat path
|
||||
shell: ls -d {{ portal_home }}/tomcat*
|
||||
register: tomcat_path
|
||||
|
||||
#### since this role deploys from scratch, there's no way to actually patch the common-scope-maps that's
|
||||
#### deployed from within the resource-management webapp for now, since the very same webapp hasn't been
|
||||
#### deployed yet
|
||||
#- name: retrieve resource-management webapp path
|
||||
# shell: ls -d {{ portal_home }}/tomcat*/webapps/resource-management-*/
|
||||
# register: resource_management_path
|
||||
# ignore_errors: True
|
||||
|
||||
- name: upload configured infrastructure.properties
|
||||
template: src="infrastructureproperties" dest="{{ tomcat_path.stdout }}/conf/infrastructure.properties" mode=0700
|
||||
|
||||
- name: updload portal-ext.properties
|
||||
template: src="portal-ext.properties" dest="{{ tomcat_path.stdout }}/webapps/ROOT/WEB-INF/classes/"
|
||||
|
||||
- name: upload .bashrc to {{ portal_user }}
|
||||
template: src=bashrc dest="{{ portal_home }}/.bashrc" mode=0644
|
||||
|
||||
- name: tell tomcat to listen to the tomcat_port variable defined in "../defaults/main.yml"
|
||||
shell: sed -i "s/8080/{{ tomcat_port }}/g" "{{ tomcat_path.stdout }}/conf/server.xml"
|
||||
|
||||
- name: patch_common_scope enabled, removing bundled common-scope-maps
|
||||
raw: rm -f {{ portal_home }}/{{ item }}/common-scope-maps*
|
||||
with_items:
|
||||
- gCube/lib/_fws
|
||||
- lib/fws
|
||||
# - "{{ resource_management_path }}"
|
||||
when: patch_common_scope != 0
|
||||
ignore_errors: True
|
||||
tags:
|
||||
- common_scope_maps
|
||||
|
||||
- name: upload patched common-scope-maps
|
||||
copy: src={{ common_scope_maps_file }} dest={{ portal_home }}/{{ item }}/ owner={{ portal_user }} group={{ portal_user }} mode=0644
|
||||
with_items:
|
||||
- gCube/lib/_fws
|
||||
- lib/fws
|
||||
# - "{{ resource_management_path }}"
|
||||
when: patch_common_scope != 0
|
||||
tags:
|
||||
- common_scope_maps
|
||||
|
||||
- name: upload d4s.authorization
|
||||
template: src=d4s.authorization dest={{ item }} owner={{ portal_user }} group={{ portal_user }} mode=0644
|
||||
with_items:
|
||||
- "{{ portal_home }}/lib/"
|
||||
- "{{ portal_home }}/gCube/lib/"
|
||||
- "{{ tomcat_path.stdout }}/lib/"
|
||||
- "{{ tomcat_path.stdout }}"
|
||||
|
||||
- name: restore ownership
|
||||
file: dest={{ portal_home }} owner={{ portal_user }} group={{ portal_user }} recurse=yes
|
||||
|
||||
- name: start the portal
|
||||
become: yes
|
||||
become_user: "{{ portal_user }}"
|
||||
shell: source ~/.bashrc && nohup {{ tomcat_path.stdout }}/bin/startup.sh &
|
|
@ -0,0 +1,188 @@
|
|||
---
|
||||
- name: Test if liferay is already installed
|
||||
raw: ls -l /var/lib/tomcat7/webapps/ROOT/WEB-INF/classes/portal-developer.properties
|
||||
register: liferay_install
|
||||
ignore_errors: True
|
||||
tags:
|
||||
- liferay
|
||||
|
||||
- name: Download the liferay war file
|
||||
get_url: url="http://downloads.sourceforge.net/project/lportal/Liferay%20Portal/6.1.2%20GA3/liferay-portal-6.1.2-ce-ga3-20130816114619181.war?r=http%3A%2F%2Fwww.liferay.com%2Fit%2Fdownloads%2Fliferay-portal%2Fadditional-files&ts=1383123826&use_mirror=garr" dest=/var/tmp/liferay-6.1.war
|
||||
when: liferay_install.rc != 0
|
||||
tags:
|
||||
- liferay
|
||||
|
||||
- name: Explode the liferay war
|
||||
shell: cd /var/lib/tomcat7/webapps/ROOT ; jar xf /var/tmp/liferay-6.1.war ; chown -R root:root . ; rm -f /var/tmp/liferay-6.1.war
|
||||
when: liferay_install.rc != 0
|
||||
notify:
|
||||
tomcat7 restart
|
||||
tags:
|
||||
- liferay
|
||||
|
||||
- name: Create the /usr/share/tomcat7/lib/ext directory
|
||||
file: dest=/usr/share/tomcat7/lib/ext state=directory owner=root group=root mode=0755
|
||||
tags:
|
||||
- liferay
|
||||
|
||||
- name: Install other liferay dependencies (taken from the liferay bundle)
|
||||
copy: src={{ item }} dest=/usr/share/tomcat7/lib/ext/{{ item }}
|
||||
with_items:
|
||||
- activation.jar
|
||||
- ccpp.jar
|
||||
# - hsql.jar
|
||||
- jms.jar
|
||||
- jta.jar
|
||||
- jtds.jar
|
||||
- junit.jar
|
||||
- jutf7.jar
|
||||
- mail.jar
|
||||
# - mysql.jar
|
||||
- persistence.jar
|
||||
- portal-service.jar
|
||||
- portlet.jar
|
||||
# - postgresql.jar
|
||||
- support-tomcat.jar
|
||||
notify: tomcat7 restart
|
||||
tags:
|
||||
- liferay
|
||||
|
||||
- name: Install liferay patch for ldap without using the test password
|
||||
copy: src={{ item }} dest=/var/lib/tomcat7/webapps/ROOT/WEB-INF/lib/{{ item }}
|
||||
with_items:
|
||||
- lps9001-ldap-ce6101-portal-impl.jar
|
||||
when: liferay_ldap_fix is defined and liferay_ldap_fix == 'True'
|
||||
notify: tomcat7 restart
|
||||
tags:
|
||||
- liferay
|
||||
- liferaycfg
|
||||
|
||||
- name: Ensure that the ldap authentication patch is not installed
|
||||
file: dest=/var/lib/tomcat7/webapps/ROOT/WEB-INF/lib/{{ item }} state=absent
|
||||
with_items:
|
||||
- lps9001-ldap-ce6101-portal-impl.jar
|
||||
when: liferay_ldap_fix is not defined or liferay_ldap_fix == 'False'
|
||||
notify: tomcat7 restart
|
||||
tags:
|
||||
- liferay
|
||||
- liferaycfg
|
||||
|
||||
- name: Create the funny /var/lib/tomcat7/temp/liferay/com/liferay/portal/deploy/dependencies directory
|
||||
file: dest=/var/lib/tomcat7/temp/liferay/com/liferay/portal/deploy/dependencies state=directory owner=root group=root mode=0755
|
||||
tags:
|
||||
- liferay
|
||||
|
||||
- name: Create the temp directory /var/lib/tomcat7/temp
|
||||
file: dest=/var/lib/tomcat7/temp owner=tomcat7 group=tomcat7 mode=0750 state=directory
|
||||
tags:
|
||||
- liferay
|
||||
|
||||
- name: Create the funny path needed by some liferay dependencies
|
||||
file: dest=/var/lib/tomcat7/temp/liferay/com/liferay/portal/deploy/dependencies state=directory owner=root group=root mode=0755
|
||||
tags:
|
||||
- liferay
|
||||
|
||||
- name: Install other liferay dependencies in funny places
|
||||
copy: src=../files/{{ item }} dest=/var/lib/tomcat7/temp/liferay/com/liferay/portal/deploy/dependencies/{{ item }}
|
||||
with_items:
|
||||
- resin.jar
|
||||
- script-10.jar
|
||||
notify:
|
||||
tomcat7 restart
|
||||
tags:
|
||||
- liferay
|
||||
|
||||
#
|
||||
# Note: we have the dependencies as local files. The two following tasks are not needed anymore
|
||||
#
|
||||
# - name: get the liferay dependencies
|
||||
# get_url: url="http://downloads.sourceforge.net/project/lportal/Liferay%20Portal/6.1.2%20GA3/liferay-portal-dependencies-6.1.2-ce-ga3-20130816114619181.zip?r=http%3A%2F%2Fwww.liferay.com%2Fit%2Fdownloads%2Fliferay-portal%2Fadditional-files&ts=1383130399&use_mirror=garr" dest=/var/tmp/liferay-dependencies.zip
|
||||
# register: dependencies_download
|
||||
|
||||
# - name: Install the liferay dependencies
|
||||
# shell: cd /usr/share/tomcat7/lib ; unzip /var/tmp/liferay-dependencies.zip ; chown -R root:root . ; ln -s */*.jar ./ext ; /bin/rm -f ./ext/hsql.jar
|
||||
# when: dependencies_download.changed
|
||||
# notify: tomcat7 restart
|
||||
|
||||
- name: liferay basic configuration
|
||||
template: src=../templates/portal-ext.properties.j2 dest=/var/lib/tomcat7/webapps/ROOT/WEB-INF/classes/portal-ext.properties owner=root group=tomcat7 mode=0640
|
||||
notify:
|
||||
tomcat7 restart
|
||||
tags:
|
||||
- liferay
|
||||
- liferaycfg
|
||||
|
||||
- name: Create the portal home directory outside the webapp root
|
||||
file: dest={{ liferay.portal_home }} state=directory owner=tomcat7 group=tomcat7 mode=0750
|
||||
tags:
|
||||
- liferay
|
||||
- liferaycfg
|
||||
|
||||
- name: Create data and deploy directories
|
||||
file: dest={{ liferay.portal_home }}/{{ item }} state=directory owner=tomcat7 group=tomcat7 mode=0750
|
||||
with_items:
|
||||
- data
|
||||
- deploy
|
||||
- liferay
|
||||
tags:
|
||||
- liferay
|
||||
- liferaycfg
|
||||
|
||||
- name: Force the logs in the right place
|
||||
file: src=/var/log/tomcat7 dest={{ liferay.portal_home }}/logs state=link
|
||||
tags:
|
||||
- liferay
|
||||
- liferaycfg
|
||||
|
||||
- name: Give write permissions to some directories
|
||||
file: dest=/var/lib/tomcat7/webapps/ROOT/html/{{ item }} state=directory owner=tomcat7 group=tomcat7
|
||||
with_items:
|
||||
- icons
|
||||
- themes
|
||||
notify: Recursively set liferay write permissions
|
||||
tags:
|
||||
- liferay
|
||||
- liferaycfg
|
||||
|
||||
- name: Put the static properties in the portal home directory
|
||||
template: src=../templates/home-portal-ext.properties.j2 dest={{ liferay.portal_home }}/portal-ext.properties owner=root group=tomcat7 mode=0640
|
||||
notify: tomcat7 restart
|
||||
tags:
|
||||
- liferay
|
||||
- liferaycfg
|
||||
|
||||
- name: Create an empty portal-setup-wizard.properties if does not exist
|
||||
copy: content="" dest={{ liferay.portal_home }}/portal-setup-wizard.properties owner=root group=tomcat7 mode=0660 force=no
|
||||
tags:
|
||||
- liferay
|
||||
- liferaycfg
|
||||
|
||||
- name: Test if the related webapps are installed
|
||||
raw: ls -l /var/lib/tomcat7/webapps/marketplace-portlet
|
||||
register: liferay_bundled_apps
|
||||
ignore_errors: True
|
||||
tags:
|
||||
- liferay
|
||||
|
||||
- name: Download the liferay bundle. Needed for the related webapps
|
||||
get_url: url="http://downloads.sourceforge.net/project/lportal/Liferay%20Portal/6.1.2%20GA3/liferay-portal-tomcat-6.1.2-ce-ga3-20130816114619181.zip?r=http%3A%2F%2Fwww.liferay.com%2Fit%2Fdownloads%2Fliferay-portal%2Favailable-releases&ts=1383043780&use_mirror=garr" dest=/var/tmp/liferay-bundle.zip
|
||||
when: liferay_bundled_apps.rc != 0
|
||||
tags:
|
||||
- liferay
|
||||
|
||||
- name: Explode the liferay bundle and install the needed webapps
|
||||
shell: cd /var/tmp ; /var/lib/tomcat7/webapps/ROOT ; unzip /var/tmp/liferay-bundle.zip ; cd /var/tmp/liferay-portal-6.1.2-ce-ga3/tomcat-7.0.40/webapps ; cp -a marketplace-portlet portal-compat-hook resources-importer-web welcome-theme /var/lib/tomcat7/webapps/ ; cd /var/tmp ; rm -fr /var/tmp/liferay-bundle.zip /var/tmp/liferay-portal-6.1.2-ce-ga3
|
||||
when: liferay_bundled_apps.rc != 0
|
||||
notify:
|
||||
tomcat7 restart
|
||||
tags:
|
||||
- liferay
|
||||
|
||||
- name: The images directory of the theme must be writeable by tomcat(!)
|
||||
file: dest=/var/lib/tomcat7/webapps/welcome-theme/images state=directory owner=tomcat7 group=tomcat7 mode=0750
|
||||
notify:
|
||||
Recursively change welcome-theme images permissions
|
||||
tags:
|
||||
- liferay
|
||||
- liferaycfg
|
||||
|
|
@ -0,0 +1,16 @@
|
|||
# .bashrc
|
||||
|
||||
# Source global definitions
|
||||
if [ -f /etc/bashrc ]; then
|
||||
. /etc/bashrc
|
||||
fi
|
||||
|
||||
# User specific aliases and functions
|
||||
export CLASSPATH=""
|
||||
export CATALINA_HOME="{{ tomcat_path.stdout }}"
|
||||
export JAVA_HOME="/usr/lib/jvm/jre-1.7.0"
|
||||
export JRE_HOME="/usr/lib/jvm/jre-1.7.0"
|
||||
#export CATALINA_OPTS="-DGLOBUS_LOCATION=$GLOBUS_LOCATION -Xmx2048m -Xms2048m -XX:MaxPermSize=256m -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -Dlog4j.ignoreTCL=true -Dlog4j.configuration=file://$CATALINA_HOME/portal-log4j.properties"
|
||||
export CATALINA_OPTS="-Dexternal-properties=portal-developer.properties -Xmx1000m -Xms1000m -XX:PermSize=512m -XX:MaxPermSize=512m -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -Dlog4j.ignoreTCL=true -Dlog4j.configuration=file://$CATALINA_HOME/portal-log4j.properties -Dlogback.configurationFile=file://$CATALINA_HOME/portal-logback.xml"
|
||||
export CATALINA_PID="{{ portal_home }}/pid.txt"
|
||||
|
|
@ -0,0 +1 @@
|
|||
<authorization-endpoint priority="1" infrastructure="d4s"><host>{{ authorization_hostname }}</host><secure>false</secure><port>{{ authorization_port }}</port></authorization-endpoint>
|
|
@ -0,0 +1,9 @@
|
|||
# DO NOT DELETE THIS FILE
|
||||
# gCube Infrastructure Properties tells the webapps on which infrastructure they run
|
||||
# Author: Massimiliano Assante, ISTI-CNR
|
||||
|
||||
# a single infrastructure
|
||||
infrastructure={{ infrastructure }}
|
||||
|
||||
# multiple scopes must be separated by comma (e.g FARM,gCubeApps)
|
||||
scopes={{ start_scopes }}
|
|
@ -0,0 +1,2 @@
|
|||
liferay.home={{ portal_home }}
|
||||
include-and-override={{ portal_home }}/portal-ext.properties
|
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
repo: "gcube-staging"
|
||||
registry_version: "2.1.4-4.1.0-126945"
|
||||
registry_artifact: "is-registry-service-{{ registry_version }}"
|
||||
registry_gar: "{{ registry_artifact }}.gar"
|
||||
registry_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/informationsystem/is-registry-service/{{ registry_version }}/{{ registry_gar }}"
|
||||
|
||||
start_scopes: ''
|
||||
infrastructure: 'd4s'
|
||||
|
||||
registry_port: '8080'
|
||||
registry_hostname: "{{ ansible_hostname }}"
|
||||
registry_published_host: '{{ registry_hostname }}:{{ registry_port }}'
|
|
@ -0,0 +1,2 @@
|
|||
#dependencies:
|
||||
# - role: gcore-base
|
|
@ -0,0 +1,29 @@
|
|||
- name: download {{ registry_gar }}
|
||||
get_url: url={{ registry_url }} dest=/tmp force=yes
|
||||
|
||||
- name: deploy {{ registry_gar }}
|
||||
shell: export GLOBUS_LOCATION={{ globus_location }} && export ANT_HOME={{ ant_location }} && export PATH=$PATH:$GLOBUS_LOCATION/bin && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ registry_gar }}
|
||||
|
||||
- name: add GLOBUS_OPTIONS to the gcore startup script
|
||||
lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertbefore="^nohup" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M"'
|
||||
|
||||
- name: copy updated GHNConfig.xml
|
||||
template: src=GHNConfig.xml dest={{ globus_location }}/config/
|
||||
|
||||
- name: updated is-registry-service jndi-config.xml, add start scopes when needed
|
||||
lineinfile: dest="{{ globus_location }}/etc/{{ registry_artifact }}/jndi-config.xml" insertafter='.*?<service name="gcube/informationsystem/registry">' state=present line=" <environment name=\"startScopes\" value=\"/{{ infrastructure }}/{{ start_scopes }}\" type=\"java.lang.String\" override=\"false\" />"
|
||||
when: start_scopes != ""
|
||||
|
||||
- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
|
||||
replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ registry_hostname }}"
|
||||
|
||||
- name: add is-registry Servicemap entry
|
||||
lineinfile: dest="{{ globus_location }}/config/{{ servicemap_xmlfile }}" insertbefore="^</ServiceMap>" state=present line=' <Service name ="ISRegistry" endpoint="http://{{ registry_published_host }}/wsrf/services/gcube/informationsystem/registry/ResourceRegistration" />'
|
||||
|
||||
- name: restore ownership
|
||||
file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
|
||||
|
||||
- name: start gCore
|
||||
become: yes
|
||||
become_user: "{{ ghn_user }}"
|
||||
shell: "{{ globus_location }}/gcore-start.sh"
|
|
@ -0,0 +1,86 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<jndiConfig xmlns="http://wsrf.globus.org/jndi/config">
|
||||
<global>
|
||||
|
||||
<environment
|
||||
name="securityenabled"
|
||||
value="false"
|
||||
type="java.lang.Boolean"
|
||||
override="false" />
|
||||
<environment
|
||||
name="mode"
|
||||
value="ROOT"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<!-- multiple scopes must be separated by a comma (e.g "EM,testing")-->
|
||||
<environment
|
||||
name="startScopes"
|
||||
value="{{ start_scopes }}"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="allowedScopes"
|
||||
value=""
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="infrastructure"
|
||||
value="{{ infrastructure }}"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="labels"
|
||||
value="GHNLabels.xml"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="GHNtype"
|
||||
value="STATIC"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="localProxy"
|
||||
value="/home/globus/..."
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="coordinates"
|
||||
value="43.719627,10.421626"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="country"
|
||||
value="it"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="location"
|
||||
value="Pisa"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="updateInterval"
|
||||
value="60"
|
||||
type="java.lang.Long"
|
||||
override="false" />
|
||||
|
||||
<environment
|
||||
name="trustedGHNSynchInterval"
|
||||
value="600"
|
||||
type="java.lang.Long"
|
||||
|
||||
override="false" />
|
||||
<!-- PublishedHost -->
|
||||
<environment
|
||||
name="publishedHost"
|
||||
value="{{ registry_hostname }}"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<!-- PublishedPort -->
|
||||
<environment
|
||||
name="publishedPort"
|
||||
value="{{ registry_port }}"
|
||||
type="java.lang.Integer"
|
||||
override="false" />
|
||||
</global>
|
||||
</jndiConfig>
|
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
repo: "gcube-staging"
|
||||
resourcebroker_version: "1.2.0-4.1.0-126927"
|
||||
resourcebroker_artifact: "resourcebroker-service-{{ resourcebroker_version }}"
|
||||
resourcebroker_gar: "{{ resourcebroker_artifact }}.gar"
|
||||
resourcebroker_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/resourcebroker-service/{{ resourcebroker_version }}/{{ resourcebroker_gar }}"
|
||||
|
||||
resourcebroker_serialization_version: "1.2.0-4.1.0-126929"
|
||||
resourcebroker_serialization_artifact: "resourcebroker-serialization-{{ resourcebroker_serialization_version }}"
|
||||
resourcebroker_serialization_jar: "{{ resourcebroker_serialization_artifact }}.jar"
|
||||
resourcebroker_serialization_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/resourcebroker-serialization/{{ resourcebroker_serialization_version}}/{{ resourcebroker_serialization_jar }}"
|
||||
|
||||
resourcebroker_stubs_version: "1.2.0-4.1.0-126927"
|
||||
resourcebroker_stubs_artifact: "rbstubs-{{ resourcebroker_stubs_version }}"
|
||||
resourcebroker_stubs_jar: "{{ resourcebroker_stubs_artifact }}.jar"
|
||||
resourcebroker_stubs_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/rbstubs/{{ resourcebroker_stubs_version }}/{{ resourcebroker_stubs_jar }}"
|
||||
|
||||
resourcebroker_hostname: "d4s.res.eng.it"
|
||||
resourcebroker_port: "8399"
|
||||
resourcebroker_endpoint: "{{ resourcebroker_hostname }}:{{ resourcebroker_port }}"
|
||||
|
||||
start_scopes: ''
|
||||
infrastructure: 'd4s'
|
|
@ -0,0 +1,2 @@
|
|||
dependencies:
|
||||
- role: gcore-base
|
|
@ -0,0 +1,31 @@
|
|||
- name: download {{ resourcebroker_gar }}
|
||||
get_url: url={{ resourcebroker_url }} dest=/tmp force=yes
|
||||
|
||||
- name: deploy {{ resourcebroker_gar }}
|
||||
shell: export GLOBUS_LOCATION={{ globus_location }} ANT_HOME={{ ant_location }} && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ resourcebroker_gar }}
|
||||
|
||||
- name: add GLOBUS_OPTIONS to the gcore startup script
|
||||
lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertbefore="^nohup" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M"'
|
||||
|
||||
- name: copy updated GHNConfig.xml
|
||||
template: src=GHNConfig.xml dest={{ globus_location }}/config/
|
||||
|
||||
#- name: update the resourcebroker jndi-config.xml, add start scopes when needed
|
||||
# lineinfile: dest="{{ globus_location }}/etc/{{ registry_artifact }}/jndi-config.xml" insertafter='.*?<service name="gcube/informationsystem/registry">' state=present line=" <environment name=\"startScopes\" value=\"{{ start_scopes }}\" type=\"java.lang.String\" override=\"false\" />"
|
||||
|
||||
- name: deploy {{ resourcebroker_serialization_artifact }}
|
||||
get_url: url={{ resourcebroker_serialization_url }} dest="{{ globus_location }}/lib/" force=yes
|
||||
|
||||
- name: deploy {{ resourcebroker_stubs_artifact }}
|
||||
get_url: url={{ resourcebroker_stubs_url }} dest="{{ globus_location }}/lib/" force=yes
|
||||
|
||||
- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
|
||||
replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ resourcebroker_hostname }}"
|
||||
|
||||
- name: restore ownership
|
||||
file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
|
||||
|
||||
- name: start gCore
|
||||
become: yes
|
||||
become_user: "{{ ghn_user }}"
|
||||
shell: "{{ globus_location }}/gcore-start.sh"
|
|
@ -0,0 +1,87 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<jndiConfig xmlns="http://wsrf.globus.org/jndi/config">
|
||||
<global>
|
||||
|
||||
<environment
|
||||
name="securityenabled"
|
||||
value="false"
|
||||
type="java.lang.Boolean"
|
||||
override="false" />
|
||||
<environment
|
||||
name="mode"
|
||||
value="ROOT"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<!-- multiple scopes must be separated by a comma (e.g "EM,testing")-->
|
||||
<environment
|
||||
name="startScopes"
|
||||
value="{{ start_scopes }}"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="allowedScopes"
|
||||
value=""
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="infrastructure"
|
||||
value="{{ infrastructure }}"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="labels"
|
||||
value="GHNLabels.xml"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="GHNtype"
|
||||
value="STATIC"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="localProxy"
|
||||
value="/home/globus/..."
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="coordinates"
|
||||
value="43.719627,10.421626"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="country"
|
||||
value="it"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="location"
|
||||
value="Pisa"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="updateInterval"
|
||||
value="60"
|
||||
type="java.lang.Long"
|
||||
override="false" />
|
||||
|
||||
<environment
|
||||
name="trustedGHNSynchInterval"
|
||||
value="600"
|
||||
type="java.lang.Long"
|
||||
override="false" />
|
||||
<!-- Test PublishedHost -->
|
||||
<environment
|
||||
name="publishedHost"
|
||||
value="{{ resourcebroker_hostname }} "
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<!-- Test PublishedPort -->
|
||||
<environment
|
||||
name="publishedPort"
|
||||
value="{{ resourcebroker_port }}"
|
||||
type="java.lang.Integer"
|
||||
override="false" />
|
||||
|
||||
|
||||
</global>
|
||||
</jndiConfig>
|
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
repo: "gcube-staging"
|
||||
resource_manager_version: "2.2.0-4.1.0-132314"
|
||||
resource_manager_artifact: "resource-manager-service-{{ resource_manager_version }}"
|
||||
resource_manager_gar: "{{ resource_manager_artifact }}.gar"
|
||||
resource_manager_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/resource-manager-service/{{ resource_manager_version }}/{{ resource_manager_gar}}"
|
||||
|
||||
resourcebroker_serialization_version: "1.2.0-4.1.0-126929"
|
||||
resourcebroker_serialization_artifact: "resourcebroker-serialization-{{ resourcebroker_serialization_version }}"
|
||||
resourcebroker_serialization_jar: "{{ resourcebroker_serialization_artifact }}.jar"
|
||||
resourcebroker_serialization_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/resourcebroker-serialization/{{ resourcebroker_serialization_version}}/{{ resourcebroker_serialization_jar }}"
|
||||
|
||||
resourcebroker_stubs_version: "1.2.0-4.1.0-126927"
|
||||
resourcebroker_stubs_artifact: "rbstubs-{{ resourcebroker_stubs_version }}"
|
||||
resourcebroker_stubs_jar: "{{ resourcebroker_stubs_artifact }}.jar"
|
||||
resourcebroker_stubs_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/rbstubs/{{ resourcebroker_stubs_version }}/{{ resourcebroker_stubs_jar }}"
|
||||
|
||||
resource_manager_hostname: "d4s.res.eng.it"
|
||||
resource_manager_port: "8499"
|
||||
resource_manager_endpoint: "{{ resource_manager_hostname }}:{{ resource_manager_port }}"
|
||||
|
||||
start_scopes: ''
|
||||
infrastructure: 'd4s'
|
|
@ -0,0 +1,2 @@
|
|||
dependencies:
|
||||
- role: gcore-base
|
|
@ -0,0 +1,31 @@
|
|||
- name: download {{ resource_manager_gar }}
|
||||
get_url: url={{ resource_manager_url }} dest=/tmp force=yes
|
||||
|
||||
- name: deploy {{ resource_manager_gar }}
|
||||
shell: export GLOBUS_LOCATION={{ globus_location }} ANT_HOME={{ ant_location }} && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ resource_manager_gar }}
|
||||
|
||||
- name: add GLOBUS_OPTIONS to the gcore startup script
|
||||
lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertbefore="^nohup" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M"'
|
||||
|
||||
- name: copy updated GHNConfig.xml
|
||||
template: src=GHNConfig.xml dest={{ globus_location }}/config/
|
||||
|
||||
#- name: copy updated resource-manager jndi-config.xml
|
||||
# template: src=jndi-config.xml dest={{ globus_location }}/etc/{{ resource_manager_artifact }}/
|
||||
|
||||
- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
|
||||
replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ resource_manager_hostname }}"
|
||||
|
||||
- name: deploy {{ resourcebroker_serialization_artifact }}
|
||||
get_url: url={{ resourcebroker_serialization_url }} dest="{{ globus_location }}/lib/" force=yes
|
||||
|
||||
- name: deploy {{ resourcebroker_stubs_artifact }}
|
||||
get_url: url={{ resourcebroker_stubs_url }} dest="{{ globus_location }}/lib/" force=yes
|
||||
|
||||
- name: restore ownership
|
||||
file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
|
||||
|
||||
- name: start gCore
|
||||
become: yes
|
||||
become_user: "{{ ghn_user }}"
|
||||
shell: "{{ globus_location }}/gcore-start.sh"
|
|
@ -0,0 +1,86 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<jndiConfig xmlns="http://wsrf.globus.org/jndi/config">
|
||||
<global>
|
||||
|
||||
<environment
|
||||
name="securityenabled"
|
||||
value="false"
|
||||
type="java.lang.Boolean"
|
||||
override="false" />
|
||||
<environment
|
||||
name="mode"
|
||||
value="ROOT"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<!-- multiple scopes must be separated by a comma (e.g "EM,testing")-->
|
||||
<environment
|
||||
name="startScopes"
|
||||
value="{{ start_scopes }}"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="allowedScopes"
|
||||
value=""
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="infrastructure"
|
||||
value="{{ infrastructure }}"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="labels"
|
||||
value="GHNLabels.xml"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="GHNtype"
|
||||
value="STATIC"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="localProxy"
|
||||
value="/home/globus/..."
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="coordinates"
|
||||
value="43.719627,10.421626"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="country"
|
||||
value="it"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="location"
|
||||
value="Pisa"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="updateInterval"
|
||||
value="60"
|
||||
type="java.lang.Long"
|
||||
override="false" />
|
||||
|
||||
<environment
|
||||
name="trustedGHNSynchInterval"
|
||||
value="600"
|
||||
type="java.lang.Long"
|
||||
override="false" />
|
||||
|
||||
<!-- Test PublishedHost -->
|
||||
<environment
|
||||
name="publishedHost"
|
||||
value="{{ resource_manager_hostname }} "
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<!-- Test PublishedPort -->
|
||||
<environment
|
||||
name="publishedPort"
|
||||
value="{{ resource_manager_port }}"
|
||||
type="java.lang.Integer"
|
||||
override="false" />
|
||||
</global>
|
||||
</jndiConfig>
|
|
@ -0,0 +1,11 @@
|
|||
repo: "gcube-staging"
|
||||
smartgears_version: "2.0.0-4.2.1-133740"
|
||||
image_name: "smartgears_whn"
|
||||
image_tag: "{{ smartgears_version }}"
|
||||
#image_tag: "latest"
|
||||
|
||||
|
||||
infrastructure: "d4s"
|
||||
hostname: "{{ ansible_hostname }}"
|
||||
token: "24edab1c-6ff6-4c61-8f51-b52d4f5f4611-98187548"
|
||||
container_mode: "offline"
|
Binary file not shown.
|
@ -0,0 +1,3 @@
|
|||
dependencies:
|
||||
# - role: java-17
|
||||
- role: docker
|
|
@ -0,0 +1,32 @@
|
|||
- name: ensure that the unarchive utils tar relies upon for file extraction are available (CentOS/RHEL)
|
||||
yum: name={{ item }} state=latest
|
||||
with_items:
|
||||
- bzip2
|
||||
- unzip
|
||||
when: ansible_os_family == "RedHat"
|
||||
|
||||
- name: ensure that the unarchive utils tar relies upon for file extraction are available (Debian/Ubuntu)
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- bzip2
|
||||
- unzip
|
||||
when: ansible_os_family == "Debian"
|
||||
|
||||
- name: create temporary build directory
|
||||
shell: mktemp -d
|
||||
register: tempdir
|
||||
|
||||
- name: copy the Dockerfile
|
||||
template: src=Dockerfile dest="{{ tempdir.stdout }}/"
|
||||
|
||||
- name: copy the authorization config file
|
||||
template: src=d4s.authorization dest="{{ tempdir.stdout }}/" mode=0644
|
||||
|
||||
- name: Build the docker image
|
||||
docker_image:
|
||||
path: "{{ tempdir.stdout }}"
|
||||
name: "{{ image_name }}"
|
||||
tag: "{{ image_tag }}"
|
||||
|
||||
- name: remove the temporary build directory
|
||||
file: path="{{ tempdir.stdout }}" state=absent
|
|
@ -0,0 +1,23 @@
|
|||
from openjdk:7
|
||||
|
||||
ENV GHN_HOME=/SmartGears-Bundle/
|
||||
ENV BUNDLE_HOME=$GHN_HOME
|
||||
ENV CATALINA_HOME=$GHN_HOME/tomcat/
|
||||
ENV CATALINA_OPTS="-Xmx2000m -Xms2000m -XX:MaxPermSize=512M"
|
||||
ENV CATALINA_PID=$CATALINA_HOME/pid.txt
|
||||
|
||||
RUN wget http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/distribution/smartgears-distribution-bundle/{{ smartgears_version }}/smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz
|
||||
RUN tar xzvf smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz
|
||||
RUN rm smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz
|
||||
WORKDIR $GHN_HOME/
|
||||
RUN echo 1 | /bin/bash $GHN_HOME/setup.sh -n {{ ansible_hostname }} -f
|
||||
ADD d4s.authorization $CATALINA_HOME/lib/
|
||||
RUN ln -s $GHN_HOME/SmartGears/container.xml $GHN_HOME/container.xml
|
||||
RUN sed -ie 's/^$CATALINA_HOME\/bin\/startup.sh/$CATALINA_HOME\/bin\/catalina.sh\ run/' $GHN_HOME/startContainer.sh
|
||||
RUN sed -ie "s/<container mode='offline'>/<container mode='{{ container_mode }}'>/" $GHN_HOME/container.xml
|
||||
RUN sed -ie "s/<infrastructure>gcube<\/infrastructure>/<infrastructure>{{ infrastructure }}<\/infrastructure>/" $GHN_HOME/container.xml
|
||||
RUN sed -ie "/<\/infrastructure>/a \ <token>{{ token }}</token>" $GHN_HOME/container.xml
|
||||
|
||||
EXPOSE 8080
|
||||
|
||||
CMD ./startContainer.sh
|
|
@ -0,0 +1,25 @@
|
|||
from openjdk:7
|
||||
|
||||
ENV GHN_HOME=/SmartGears-Bundle/
|
||||
ENV BUNDLE_HOME=$GHN_HOME
|
||||
ENV CATALINA_HOME=$GHN_HOME/tomcat/
|
||||
ENV CATALINA_OPTS="-Xmx2000m -Xms2000m -XX:MaxPermSize=512M"
|
||||
ENV CATALINA_PID=$CATALINA_HOME/pid.txt
|
||||
|
||||
#WORKDIR $GHN_HOME/
|
||||
|
||||
RUN \
|
||||
wget http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/distribution/smartgears-distribution-bundle/{{ smartgears_version }}/smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz \
|
||||
&& tar xzvf smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz \ #--strip-components=1 \
|
||||
&& rm smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz \
|
||||
&& cd smartgears-distribution-bundle-{{ smartgears_version }} \
|
||||
&& echo 1 | /bin/bash ./setup.sh -n {{ hostname }} -f \
|
||||
&& ln -s $GHN_HOME/SmartGears/container.xml $GHN_HOME/container.xml \
|
||||
&& sed -ie 's/^$CATALINA_HOME\/bin\/startup.sh/$CATALINA_HOME\/bin\/catalina.sh\ run/' startContainer.sh \
|
||||
&& sed -ie "s/<container mode='offline'>/<container mode='{{ container_mode }}'>/" container.xml \
|
||||
&& sed -ie "s/<infrastructure>gcube<\/infrastructure>/<infrastructure>{{ infrastructure }}<\/infrastructure>/" container.xml \
|
||||
&& sed -ie "/<\/infrastructure>/a \ <token>{{ token }}</token>" container.xml
|
||||
|
||||
EXPOSE 8080
|
||||
|
||||
CMD /SmartGears-Bundle/startContainer.sh
|
|
@ -0,0 +1 @@
|
|||
<authorization-endpoint priority="1" infrastructure="d4s"><host>{{ authorization_hostname }}</host><secure>false</secure><port>{{ authorization_port }}</port></authorization-endpoint>
|
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
repo: "gcube-staging"
|
||||
software_gateway_version: "1.1.6-4.1.0-126706"
|
||||
software_gateway_artifact: "softwaregateway-service-{{ software_gateway_version }}"
|
||||
software_gateway_gar: "{{ software_gateway_artifact }}.gar"
|
||||
software_gateway_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/softwaregateway-service/{{ software_gateway_version }}/{{ software_gateway_gar }}"
|
||||
|
||||
software_gateway_hostname: "d4s.res.eng.it"
|
||||
software_gateway_port: "8599"
|
||||
software_gateway_endpoint: "{{ software_gateway_hostname }}:{{ software_gateway_port }}"
|
||||
|
||||
start_scopes: ''
|
||||
infrastructure: 'd4s'
|
|
@ -0,0 +1,61 @@
|
|||
<settings xmlns="http://maven.apache.org/SETTINGS/1.1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.
|
||||
0 http://maven.apache.org/xsd/settings-1.1.0.xsd">
|
||||
<servers>
|
||||
<server>
|
||||
<id>gcube-snapshots</id>
|
||||
<username>gcube-user</username>
|
||||
<password>maven</password>
|
||||
</server>
|
||||
<server>
|
||||
<id>gcube-releases</id>
|
||||
<username>gcube-user</username>
|
||||
<password>maven</password>
|
||||
</server>
|
||||
</servers>
|
||||
|
||||
<profiles>
|
||||
<profile>
|
||||
<id>gcube</id>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>gcube-staging</id>
|
||||
<name>gCube Staging</name>
|
||||
<url>http://maven.research-infrastructures.eu/nexus/content/repositories/gcube-staging</url>
|
||||
<snapshots>
|
||||
<enabled>false</enabled>
|
||||
</snapshots>
|
||||
<releases>
|
||||
<enabled>true</enabled>
|
||||
</releases>
|
||||
</repository>
|
||||
<repository>
|
||||
<id>gcube-externals</id>
|
||||
<name>gCube Externals</name>
|
||||
<url>http://maven.research-infrastructures.eu/nexus/content/repositories/gcube-externals</url>
|
||||
<snapshots>
|
||||
<enabled>false</enabled>
|
||||
</snapshots>
|
||||
<releases>
|
||||
<enabled>true</enabled>
|
||||
</releases>
|
||||
</repository>
|
||||
</repositories>
|
||||
<pluginRepositories>
|
||||
<pluginRepository>
|
||||
<id>gcube-releases</id>
|
||||
<name>gCube Releases</name>
|
||||
<url>http://maven.research-infrastructures.eu/nexus/content/repositories/gcube-releases</url>
|
||||
<snapshots>
|
||||
<enabled>false</enabled>
|
||||
</snapshots>
|
||||
<releases>
|
||||
<enabled>true</enabled>
|
||||
</releases>
|
||||
</pluginRepository>
|
||||
</pluginRepositories>
|
||||
</profile>
|
||||
</profiles>
|
||||
<activeProfiles>
|
||||
<activeProfile>gcube</activeProfile>
|
||||
</activeProfiles>
|
||||
</settings>
|
|
@ -0,0 +1,2 @@
|
|||
dependencies:
|
||||
- role: gcore-base
|
|
@ -0,0 +1,25 @@
|
|||
- name: download {{ software_gateway_gar }}
|
||||
get_url: url={{ software_gateway_url }} dest=/tmp force=yes
|
||||
|
||||
- name: deploy {{ software_gateway_gar }}
|
||||
shell: export GLOBUS_LOCATION={{ globus_location }} ANT_HOME={{ ant_location }} && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ software_gateway_gar }}
|
||||
|
||||
- name: add GLOBUS_OPTIONS to the gcore startup script
|
||||
lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertbefore="^nohup" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M"'
|
||||
|
||||
- name: copy updated GHNConfig.xml
|
||||
template: src=GHNConfig.xml dest={{ globus_location }}/config/
|
||||
|
||||
- name: copy settings.xml as per "https://gcube.wiki.gcube-system.org/gcube/Talk:Creating_gCube_Maven_components:_How-To#Repositories"
|
||||
copy: src=settings.xml dest={{ globus_location }}/etc/{{ software_gateway_artifact }}/
|
||||
|
||||
- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
|
||||
replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ software_gateway_hostname }}"
|
||||
|
||||
- name: restore ownership
|
||||
file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
|
||||
|
||||
- name: start gCore
|
||||
become: yes
|
||||
become_user: "{{ ghn_user }}"
|
||||
shell: "{{ globus_location }}/gcore-start.sh"
|
|
@ -0,0 +1,86 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<jndiConfig xmlns="http://wsrf.globus.org/jndi/config">
|
||||
<global>
|
||||
|
||||
<environment
|
||||
name="securityenabled"
|
||||
value="false"
|
||||
type="java.lang.Boolean"
|
||||
override="false" />
|
||||
<environment
|
||||
name="mode"
|
||||
value="ROOT"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<!-- multiple scopes must be separated by a comma (e.g "EM,testing")-->
|
||||
<environment
|
||||
name="startScopes"
|
||||
value="{{ start_scopes }}"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="allowedScopes"
|
||||
value=""
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="infrastructure"
|
||||
value="{{ infrastructure }}"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="labels"
|
||||
value="GHNLabels.xml"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="GHNtype"
|
||||
value="STATIC"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="localProxy"
|
||||
value="/home/globus/..."
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="coordinates"
|
||||
value="43.719627,10.421626"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="country"
|
||||
value="it"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="location"
|
||||
value="Pisa"
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<environment
|
||||
name="updateInterval"
|
||||
value="60"
|
||||
type="java.lang.Long"
|
||||
override="false" />
|
||||
|
||||
<environment
|
||||
name="trustedGHNSynchInterval"
|
||||
value="600"
|
||||
type="java.lang.Long"
|
||||
override="false" />
|
||||
|
||||
<!-- Test PublishedHost -->
|
||||
<environment
|
||||
name="publishedHost"
|
||||
value="{{ software_gateway_hostname }} "
|
||||
type="java.lang.String"
|
||||
override="false" />
|
||||
<!-- Test PublishedPort -->
|
||||
<environment
|
||||
name="publishedPort"
|
||||
value="{{ software_gateway_port }}"
|
||||
type="java.lang.Integer"
|
||||
override="false" />
|
||||
</global>
|
||||
</jndiConfig>
|
Loading…
Reference in New Issue