Commit bda4fddf authored by viscapi's avatar viscapi
Browse files

Removed old iRODS role

parent b5214d0f
---
- name: Create UNIX iRODS group
group:
name: "{{ irods_unix_group_name }}"
gid: "{{ irods_unix_group_id }}"
state: present
- name: Create UNIX iRODS user
user:
name: "{{ irods_unix_user_name }}"
uid: "{{ irods_unix_user_id }}"
group: irods
state: present
password: "{{irods_unix_password}}"
#password: see docs.ansible.com/ansible/latest/user_module.html
...
---
- name: Template server_config.json file
template:
src: templates/irods_setup.json.j2
dest: /tmp/irods_setup.json
- name: Check that iRODS hasn't been configured before
stat:
path: /etc/irods/server_config.json
register: config
- name: Execute setup_irods.py script
command: /usr/bin/python setup_irods.py --json_configuration_file=/tmp/irods_setup.json
args:
chdir: /var/lib/irods/scripts
when: config.stat.exists == False
...
---
- import_tasks: group_user.yml
- import_tasks: repos.yml
- import_tasks: packages.yml
- import_tasks: security.yml
- import_tasks: pip.yml
- import_tasks: irods_config.yml
...
---
- name: Install iRODS packages and misc.
yum:
conf_file: '/etc/yum.conf'
name:
- libselinux-python
- python-pip
- irods-server-{{ irods_version }}
- irods-database-plugin-postgres-{{ irods_version }}
state: present
...
---
- name: Install python modules
pip:
name:
- pip
- psycopg2-binary
state: latest
...
---
- name: Add key for iRODS repository
rpm_key:
state: present
key: https://packages.irods.org/irods-signing-key.asc
validate_certs: yes
- name: Add iRODS repository
yum_repository:
description: RENCI iRODS Repository
name: irods
file: renci-irods.yum
baseurl: https://packages.irods.org/yum/pool/centos$releasever/$basearch
enabled: yes
gpgcheck: no
gpgkey: https://packages.irods.org/irods-signing-key.asc
repo_gpgcheck: no
state: present
...
---
- name: Set SELinux mode
selinux:
policy: targeted
state: "{{ selinux_mode }}"
...
{
"admin_password": "{{ admin_password }}",
"service_account_environment": {
"irods_host": "{{ ansible_fqdn }}",
"irods_port": 1247,
"irods_user_name": "rods",
"irods_zone_name": "{{ irods_zone }}",
"irods_client_server_negotiation": "request_server_negotiation",
"irods_client_server_policy": "CS_NEG_REFUSE",
"irods_cwd": "/{{ irods_zone }}/home/rods",
"irods_default_hash_scheme": "SHA256",
"irods_default_resource": "{{ default_resource }}",
"irods_encryption_algorithm": "AES-256-CBC",
"irods_encryption_key_size": 32,
"irods_encryption_salt_size": 32,
"irods_encryption_num_hash_rounds": 16,
"irods_home": "/{{ irods_zone }}/home/rods",
"irods_match_hash_policy": "compatible"
},
"host_access_control_config": {
"access_entries": []
},
"hosts_config": {
"host_entries": []
},
"host_system_information": {
"service_account_user_name": "{{ irods_unix_user_name }}",
"service_account_group_name": "{{ irods_unix_group_name }}"
},
"server_config": {
"advanced_settings": {
"default_log_rotation_in_days": 5,
"default_number_of_transfer_threads": 4,
"default_temporary_password_lifetime_in_seconds": 120,
"maximum_number_of_concurrent_rule_engine_server_processes": 4,
"maximum_size_for_single_buffer_in_megabytes": 32,
"maximum_temporary_password_lifetime_in_seconds": 1000,
"rule_engine_server_execution_time_in_seconds": 120,
"rule_engine_server_sleep_time_in_seconds": 30,
"transfer_buffer_size_for_parallel_transfer_in_megabytes": 4,
"transfer_chunk_size_for_parallel_transfer_in_megabytes": 40
},
"catalog_provider_hosts": [
{% if irods_server_mode == "provider" %}
"{{ ansible_fqdn }}"
{% elif irods_server_mode == "consumer" %}
"{{ provider_hostname }}"
{% endif %}
],
"catalog_service_role": "{{ irods_server_mode }}",
"default_dir_mode": "0750",
"default_file_mode": "0600",
"default_hash_scheme": "SHA256",
{% if irods_server_mode == "provider" %}
"default_resource_name": "{{ default_resource }}",
{% elif irods_server_mode == "consumer" %}
"default_resource_name": "{{ inventory_hostname_short }}Resource",
{% endif %}
"environment_variables": {},
"federation": [],
"match_hash_policy": "compatible",
"negotiation_key": "{{ negotiation_key }}",
"plugin_configuration": {
"authentication": {},
"database": {
"postgres": {
"db_host": "{{ database_hostname }}",
"db_name": "{{ database_name }}",
"db_odbc_driver": "PostgreSQL",
"db_password": "{{ database_password }}",
"db_port": 5432,
"db_username": "{{ database_user }}"
}
},
"network": {},
"resource": {},
"rule_engines": [
{
"instance_name": "irods_rule_engine_plugin-irods_rule_language-instance",
"plugin_name": "irods_rule_engine_plugin-irods_rule_language",
"plugin_specific_configuration": {
"re_data_variable_mapping_set": [
"core"
],
"re_function_name_mapping_set": [
"core"
],
"re_rulebase_set": [
"core"
],
"regexes_for_supported_peps": [
"ac[^ ]*",
"msi[^ ]*",
"[^ ]*pep_[^ ]*_(pre|post)"
]
},
"shared_memory_instance": "irods_rule_language_rule_engine"
},
{
"instance_name": "irods_rule_engine_plugin-cpp_default_policy-instance",
"plugin_name": "irods_rule_engine_plugin-cpp_default_policy",
"plugin_specific_configuration": {}
}
]
},
"rule_engine_namespaces": [
""
],
"schema_name": "server_config",
"schema_validation_base_uri": "file:///var/lib/irods/configuration_schemas",
"schema_version": "v3",
"server_control_plane_encryption_algorithm": "AES-256-CBC",
"server_control_plane_encryption_num_hash_rounds": 16,
"server_control_plane_key": "{{ server_control_plane_key }}",
"server_control_plane_port": 1248,
"server_control_plane_timeout_milliseconds": 10000,
"server_port_range_end": 20199,
"server_port_range_start": 20000,
"xmsg_port": 1279,
"zone_auth_scheme": "native",
"zone_key": "{{ zone_key }}",
"zone_name": "{{ irods_zone }}",
"zone_port": 1247,
"zone_user": "rods"
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment