library/roles/egi: egi/voms and egi/occi. Roles that install and configure the EGI clients.

2017-01-23 19:32:11 +01:00 · 2017-01-23 19:32:11 +01:00 · 5cb449bb5d
parent aa883e90b2
commit 5cb449bb5d
7 changed files with 95 additions and 0 deletions
--- a/egi/occi/defaults/main.yml
+++ b/egi/occi/defaults/main.yml
@ -0,0 +1,8 @@
+---
+# Reference: https://github.com/EGI-FCTF/rOCCI-cli
+rocci_egi_install: True
+rocci_repo_key: 'http://repository.egi.eu/community/keys/APPDBCOMM-DEB-PGP-KEY.asc'
+rocci_repo: 'deb [arch=amd64] http://repository.egi.eu/community/software/rocci.cli/4.3.x/releases/ubuntu precise main'
+
+rocci_pkgs:
+  - occi-cli
--- a/egi/occi/tasks/main.yml
+++ b/egi/occi/tasks/main.yml
@ -0,0 +1,14 @@
+---
+- block:
+    - name: Install the EGI repos key
+      apt_key: url={{ rocci_repo_key }} state=present
+
+    - name: Install the egi-trustedanchors repository
+      apt_repository: repo='{{ rocci_repo }}' state=present filename='rocci' update_cache=yes
+
+    - name: Install the rOCCI client
+      apt: pkg={{ item }} state=present
+      with_items: '{{ rocci_pkgs }}'
+      
+  when: rocci_egi_install
+  tags: [ 'voms', 'egi', 'occi', 'rocci' ]
--- a/egi/voms/defaults/main.yml
+++ b/egi/voms/defaults/main.yml
@ -0,0 +1,22 @@
+---
+# Reference: http://italiangrid.github.io/voms/documentation/voms-clients-guide
+voms_egi_install: True
+voms_egi_repo_key: "http://repository.egi.eu/sw/production/umd/UMD-DEB-PGP-KEY"
+voms_egi_trustanchors_repo: "deb http://repository.egi.eu/sw/production/cas/1/current egi-igtf core"
+voms_base_client_repo: "deb http://repository.egi.eu/sw/production/umd/3/debian/ squeeze main"
+voms_updates_client_repo: "deb http://repository.egi.eu/sw/production/umd/3/debian/ squeeze-updates main"
+voms_config_base_directory: /etc/vomses
+voms_trustanchors_base_directory: /etc/grid-security/vomsdir
+
+voms_fetch_crl_pkgs:
+  - fetch-crl
+
+voms_client_pkgs:
+  - voms-clients3
+
+voms_data:
+  - { name: 'example.org', subject: '/C=ORG/O=EXAMPLE/CN=example.org' }
+
+voms_trusted_anchors_data:
+  - { name: 'example.org', host_subject: '/C=ORG/O=EXAMPLE/OU=Host/L=FOO/CN=example.org', subject: '/C=ORG/O=EXAMPLE/CN=example.org' }
+  
--- a/egi/voms/tasks/main.yml
+++ b/egi/voms/tasks/main.yml
@ -0,0 +1,43 @@
+---
+- block:
+    - name: Install the EGI repos key
+      apt_key: url={{ voms_egi_repo_key }} state=present
+
+    - name: Install the egi-trustedanchors repository
+      apt_repository: repo='{{ voms_egi_trustanchors_repo }}' state=present filename='egi-trustanchors' update_cache=yes
+
+    - name: Install the UMD-3-base repository
+      apt_repository: repo='{{ voms_base_client_repo }}' state=present filename='UMD-3-base' update_cache=yes
+
+    - name: Install the UMD-3-updates repository
+      apt_repository: repo='{{ voms_updates_client_repo }}' state=present filename='UMD-3-updates' update_cache=yes
+
+    - name: Install the CRL fetcher package
+      apt: pkg={{ item }} state=present
+      with_items: '{{ voms_fetch_crl_pkgs }}'
+      
+    - name: Install the CRL fetcher package
+      apt: pkg={{ item }} state=present
+      with_items: '{{ voms_client_pkgs }}'
+      
+    - name: Enable the fetch-crls service. A cron job, really
+      service: name=fetch-crl-cron state=started enabled=yes
+
+    - name: Create the VOMS trusted anchors directories
+      file: dest={{ voms_trustanchors_base_directory }}/{{ item.name }} state=directory
+      with_items: '{{ voms_trusted_anchors_data }}'
+
+    - name: Define the VOMS trusted anchors, lsc version
+      template: src=lsc-gridsecurity-content.j2 dest={{ voms_trustanchors_base_directory }}/{{ item.name }}.lsc
+      with_items: '{{ voms_trusted_anchors_data }}'
+      
+    - name: Define the VOMS trusted anchors
+      template: src=gridsecurity-content.j2 dest={{ voms_trustanchors_base_directory }}/{{ item.name }}
+      with_items: '{{ voms_trusted_anchors_data }}'
+      
+    - name: Define the VOMS definitions
+      template: src=voms-data.j2 dest={{ voms_config_base_directory }}/{{ item.name }}
+      with_items: '{{ voms_data }}'
+
+  when: voms_egi_install
+  tags: [ 'voms', 'egi', 'occi', 'rocci' ]
--- a/egi/voms/templates/gridsecurity-content.j2
+++ b/egi/voms/templates/gridsecurity-content.j2
@ -0,0 +1,3 @@
+{{ item.host_subject }}
+{{ item.subject }}
+
--- a/egi/voms/templates/lsc-gridsecurity-content.j2
+++ b/egi/voms/templates/lsc-gridsecurity-content.j2
@ -0,0 +1,3 @@
+{{ item.host_subject }}
+{{ item.subject }}
+
--- a/egi/voms/templates/voms-data.j2
+++ b/egi/voms/templates/voms-data.j2
@ -0,0 +1,2 @@
+{{ item.subject }}
+