forked from ISTI-ansible-roles/ansible-roles
library/roles/d4s_user_services_perms: Now it's possible to create additional users on smartgears nodes too.
d4science-ghn-cluster/group_vars/geoserver_prod_spatial/geoserver_prod_spatial.yml: Give Emmanuel Blondel read/write permissions on the spatialite data.
This commit is contained in:
Andrea Dell'Amico
parent
cd7baca5d8
commit
8d57365c86
|
|
@ -1,4 +1,4 @@
|
|||
Four different scenarios are covered.
|
||||
Several different scenarios are covered.
|
||||
|
||||
1. One smartgears tomcat instance, installed inside the user's home
|
||||
2. One or more tomcat instances, each instance installed inside its
|
||||
|
|
@ -6,6 +6,9 @@ Four different scenarios are covered.
|
|||
3. One service, not tomcat based, installed inside the user's home
|
||||
4. One service, installed inside the user's home, not managed by other
|
||||
ansible playbooks (only the user is created)
|
||||
5. ACLs are used if more than one user must be able to read/write some
|
||||
common directories or files. This works both with the gcore and the
|
||||
smartgears cases
|
||||
|
||||
Important note: the variable 'http_port(s)' needs to be defined earlier in the calling playbook.
|
||||
|
||||
|
|
@ -18,3 +21,5 @@ service without using the full path
|
|||
- Installs the README file that explains where the options files are
|
||||
placed and how start/stop the service
|
||||
- The default open files limits are increased
|
||||
- Creates additional users if needed, and adds ACLS to allow them
|
||||
access shared directories
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ d4science_user_shell: /bin/bash
|
|||
d4s_service_node: False
|
||||
smartgears_node: False
|
||||
d4s_tomcat_node: False
|
||||
d4s_additional_users: False
|
||||
gcore_node: False
|
||||
gcore_multiple_users: False
|
||||
|
||||
|
|
|
|||
|
|
@ -1,12 +1,11 @@
|
|||
---
|
||||
- name: Create the d4science user
|
||||
user: name={{ d4science_user }} home={{ d4science_user_home }} createhome={{ d4science_user_create_home }} shell={{ d4science_user_shell }}
|
||||
when: not gcore_multiple_users
|
||||
when: gcore_users is not defined
|
||||
tags: [ 'gcore', 'd4science', 'users' ]
|
||||
|
||||
- name: Create the d4science users
|
||||
user: name={{ item }} home=/home/{{ item }} createhome={{ d4science_user_create_home }} shell={{ d4science_user_shell }}
|
||||
with_items: '{{ gcore_users | default([]) }}'
|
||||
when: gcore_multiple_users
|
||||
tags: [ 'gcore', 'd4science', 'users' ]
|
||||
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
- include: d4s-service-node.yml
|
||||
when: d4s_service_node
|
||||
- include: d4s-basic-node.yml
|
||||
when: gcore_node
|
||||
when: gcore_node or d4s_additional_users
|
||||
- include: users-data-dirs.yml
|
||||
when: d4s_users_data_directories is defined
|
||||
- include: security_limits.yml
|
||||
|
|
|
|||
Loading…
Reference in New Issue