You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2022/07/29 19:24:55 UTC
[airavata] branch master updated (31ce2c589c -> fc85a2f91a)
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/airavata.git
from 31ce2c589c Merge branch 'AIRAVATA-3609-production-inventory'
new ad6611f4bb Ansible: futurewater on js2
new fc85a2f91a Ansible: selinux for user_data_dir, which is usually a symlink and needs special permission
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../scigap/production/host_vars/futurewater/vars.yml | 17 ++++++++++++-----
dev-tools/ansible/inventories/scigap/production/hosts | 2 +-
dev-tools/ansible/roles/httpd/tasks/main.yml | 19 +++++++++++++++++--
3 files changed, 30 insertions(+), 8 deletions(-)
[airavata] 02/02: Ansible: selinux for user_data_dir, which is usually a symlink and needs special permission
Posted by ma...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/airavata.git
commit fc85a2f91ae85c17821de24a60f0e5e4a8944098
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Fri Jul 29 15:24:42 2022 -0400
Ansible: selinux for user_data_dir, which is usually a symlink and needs special permission
---
dev-tools/ansible/roles/httpd/tasks/main.yml | 19 +++++++++++++++++--
1 file changed, 17 insertions(+), 2 deletions(-)
diff --git a/dev-tools/ansible/roles/httpd/tasks/main.yml b/dev-tools/ansible/roles/httpd/tasks/main.yml
index ac13637c9d..4c9803bb40 100644
--- a/dev-tools/ansible/roles/httpd/tasks/main.yml
+++ b/dev-tools/ansible/roles/httpd/tasks/main.yml
@@ -65,7 +65,22 @@
become: yes
when: user_data_dir != real_user_data_dir
-- name: set selinux context to allow read/write on the user data directory
+- name: set selinux context to allow read/write on the user data directory ({{ user_data_dir }})
+ sefcontext:
+ target: "{{ user_data_dir }}(/.*)?"
+ setype: httpd_sys_rw_content_t
+ state: present
+ become: yes
+ notify:
+ - restart httpd
+ when: ansible_os_family == "RedHat"
+
+- name: run restorecon on user data directory ({{ user_data_dir }})
+ command: restorecon -F -R {{ user_data_dir }}
+ become: yes
+ when: ansible_os_family == "RedHat"
+
+- name: set selinux context to allow read/write on the user data directory ({{ real_user_data_dir }})
sefcontext:
# For SELinux file contexts, the real path without symbolic links must be used
target: "{{ real_user_data_dir }}(/.*)?"
@@ -76,7 +91,7 @@
- restart httpd
when: ansible_os_family == "RedHat"
-- name: run restorecon on user data directory
+- name: run restorecon on user data directory ({{ real_user_data_dir }})
command: restorecon -F -R {{ real_user_data_dir }}
become: yes
when: ansible_os_family == "RedHat"
[airavata] 01/02: Ansible: futurewater on js2
Posted by ma...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/airavata.git
commit ad6611f4bbeb83058507203392e1c365cd7f1344
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Fri Jul 29 15:20:52 2022 -0400
Ansible: futurewater on js2
---
.../scigap/production/host_vars/futurewater/vars.yml | 17 ++++++++++++-----
dev-tools/ansible/inventories/scigap/production/hosts | 2 +-
2 files changed, 13 insertions(+), 6 deletions(-)
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/futurewater/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/futurewater/vars.yml
index 721ca285c0..09819ef6af 100644
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/futurewater/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/futurewater/vars.yml
@@ -23,14 +23,21 @@
# NOTE: futurewater is deployed to a Jetstream VM
gateway_data_store_hostname: "gateway.futurewater.indiana.edu"
+# TODO: update host name of this storage resource to point to the new futurewater VM
gateway_data_store_resource_id: "js-171-92.jetstream-cloud.org_1a76397d-cc28-4ec9-82e8-d27c5cf80c79"
-tusd_vhost_servername: "tus.scigap.org"
+real_user_data_dir: "/media/volume/sdb/gateway-user-data"
+# Keep user_data_dir same as it was on old VM
+user_data_dir: "/data/gateway-user-data"
+# TODO: setup tusd server
+# tusd_vhost_servername: "tus.scigap.org"
+tusd_vhost_servername:
-vhost_servername: "gateway.futurewater.indiana.edu"
+# vhost_servername: "gateway.futurewater.indiana.edu"
+vhost_servername: "futurewater.js2.scigap.org"
vhost_ssl: True
-ssl_certificate_file: "/etc/letsencrypt/live/gateway.futurewater.indiana.edu/cert.pem"
-ssl_certificate_chain_file: "/etc/letsencrypt/live/gateway.futurewater.indiana.edu/fullchain.pem"
-ssl_certificate_key_file: "/etc/letsencrypt/live/gateway.futurewater.indiana.edu/privkey.pem"
+ssl_certificate_file: "/etc/letsencrypt/live/{{ vhost_servername }}/cert.pem"
+ssl_certificate_chain_file: "/etc/letsencrypt/live/{{ vhost_servername }}/fullchain.pem"
+ssl_certificate_key_file: "/etc/letsencrypt/live/{{ vhost_servername }}/privkey.pem"
django_file_upload_max_file_size_mb: 6000
diff --git a/dev-tools/ansible/inventories/scigap/production/hosts b/dev-tools/ansible/inventories/scigap/production/hosts
index 26d5da2c05..14b702912f 100644
--- a/dev-tools/ansible/inventories/scigap/production/hosts
+++ b/dev-tools/ansible/inventories/scigap/production/hosts
@@ -82,7 +82,7 @@ ehtgateway ansible_host=156.56.104.84
dreg ansible_host=149.165.156.72 ansible_user=centos
# futurewater jetstream server
-futurewater ansible_host=149.165.171.92 ansible_user=centos
+futurewater ansible_host=149.165.154.245 ansible_user=exouser
# Delta Jetstream server
delta ansible_host=149.165.169.250 ansible_user=centos