You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2022/07/27 13:35:26 UTC
[airavata] 09/10: Merge branch 'AIRAVATA-3609-develop-inventory' into develop

This is an automated email from the ASF dual-hosted git repository.

machristie pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/airavata.git

commit 834c381b1b48c25d6acdbdc0500a07a534eaa841
Merge: dcba17a72d 65134efef9
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Wed Jul 27 09:33:52 2022 -0400

    Merge branch 'AIRAVATA-3609-develop-inventory' into develop

 .../scigap/production/group_vars/django/vars.yml   |   2 +-
 .../production/host_vars/ampgateway/vault.yml      |  25 +++--
 .../production/host_vars/bcbportal/vault.yml       |  25 +++--
 .../production/host_vars/covid-geoact/vault.yml    |  25 +++--
 .../scigap/production/host_vars/csbglsu/vault.yml  |  25 +++--
 .../scigap/production/host_vars/deeppdb/vault.yml  |  25 +++--
 .../scigap/production/host_vars/delta/vault.yml    |  25 +++--
 .../production/host_vars/distantreader/vault.yml   |  25 +++--
 .../scigap/production/host_vars/dreg/vault.yml     |  25 +++--
 .../production/host_vars/epwgateway/vault.yml      |  25 +++--
 .../production/host_vars/futurewater/vault.yml     |  25 +++--
 .../scigap/production/host_vars/geo/vault.yml      |  25 +++--
 .../production/host_vars/georgiastate/vault.yml    |  25 +++--
 .../production/host_vars/global-flood/vault.yml    |  25 +++--
 .../production/host_vars/hicops-deepsnap/vars.yml  |   3 +
 .../production/host_vars/hicops-deepsnap/vault.yml |  25 +++--
 .../scigap/production/host_vars/hubzero/vault.yml  |  25 +++--
 .../scigap/production/host_vars/immune/vault.yml   |  25 +++--
 .../production/host_vars/interactwel/vault.yml     |  25 +++--
 .../production/host_vars/iugateway/vault.yml       |  25 +++--
 .../scigap/production/host_vars/kentucky/vault.yml |  25 +++--
 .../production/host_vars/louisiana-state/vault.yml |  25 +++--
 .../scigap/production/host_vars/lrose/vault.yml    |  25 +++--
 .../host_vars/microbial-genomes/vault.yml          |  25 +++--
 .../scigap/production/host_vars/mines/vault.yml    |  25 +++--
 .../production/host_vars/nanoconfinement/vault.yml |  25 +++--
 .../production/host_vars/nanoshape/vault.yml       |  25 +++--
 .../production/host_vars/ncsaindustry/vault.yml    |  25 +++--
 .../production/host_vars/newmexicostate/vault.yml  |  25 +++--
 .../scigap/production/host_vars/nexttdb/vault.yml  |  25 +++--
 .../scigap/production/host_vars/oscer/vault.yml    |  25 +++--
 .../production/host_vars/pace-gatech/vault.yml     |  25 +++--
 .../production/host_vars/pathogenomics/vault.yml   |  25 +++--
 .../scigap/production/host_vars/phasta/vault.yml   |  25 +++--
 .../production/host_vars/physicell/vault.yml       |  25 +++--
 .../scigap/production/host_vars/r-hpc/vault.yml    |  25 +++--
 .../scigap/production/host_vars/regsnps/vault.yml  |  25 +++--
 .../scigap/production/host_vars/saverx/vault.yml   |  25 +++--
 .../scigap/production/host_vars/sdstate/vault.yml  |  25 +++--
 .../scigap/production/host_vars/seagrid/vars.yml   |   5 +
 .../scigap/production/host_vars/seagrid/vault.yml  |  25 +++--
 .../production/host_vars/searchsra/vault.yml       |  25 +++--
 .../scigap/production/host_vars/simccs/vault.yml   |  25 +++--
 .../production/host_vars/simvascular/vars.yml      |   4 +-
 .../production/host_vars/simvascular/vault.yml     |  32 +++---
 .../production/host_vars/simvascular_old/vault.yml |  25 +++--
 .../scigap/production/host_vars/smaltr/vault.yml   |  25 +++--
 .../production/host_vars/snowvision/vault.yml      |  25 +++--
 .../production/host_vars/southdakota/vault.yml     |  25 +++--
 .../production/host_vars/testdrive/vault.yml       |  25 +++--
 .../scigap/production/host_vars/toppic/vault.yml   |  25 +++--
 .../scigap/production/host_vars/tsunami/vault.yml  |  25 +++--
 .../scigap/production/host_vars/tutorial/vault.yml |  25 +++--
 .../scigap/production/host_vars/uab/vault.yml      |  25 +++--
 .../scigap/production/host_vars/ucmerced/vault.yml |  25 +++--
 .../production/host_vars/ultrascan/vault.yml       |  25 +++--
 .../production/host_vars/unggateway/vault.yml      |  25 +++--
 .../scigap/production/host_vars/v4i/vault.yml      |  25 +++--
 .../scigap/production/host_vars/wvsu/vault.yml     |  25 +++--
 dev-tools/ansible/keycloak.yml                     |   1 -
 dev-tools/ansible/requirements.txt                 |  20 +++-
 dev-tools/ansible/roles/django/tasks/database.yml  |  16 +--
 .../django/tasks/install_deps_Centos_7.yml}        |  12 +--
 .../django/tasks/install_deps_Rocky_8.yml}         |  15 +--
 dev-tools/ansible/roles/django/tasks/main.yml      |  29 ++++--
 .../django_setup/tasks/install_deps_Rocky_8.yml    | 108 +++++++++++++++++++++
 dev-tools/ansible/roles/env_setup/tasks/main.yml   |  31 +++---
 .../httpd/tasks/install_deps_Rocky_8.yml}          |  21 ++--
 dev-tools/ansible/roles/httpd/tasks/main.yml       |   5 +-
 dev-tools/ansible/roles/keycloak/defaults/main.yml |   1 +
 dev-tools/ansible/roles/keycloak/tasks/main.yml    |  74 +++++++-------
 .../keycloak/templates/keycloak.service.j2}        |  20 ++--
 .../letsencrypt/tasks/install_deps_CentOS_7.yml}   |  17 ++--
 .../letsencrypt/tasks/install_deps_Rocky_8.yml}    |  17 ++--
 dev-tools/ansible/roles/letsencrypt/tasks/main.yml |  10 +-
 75 files changed, 888 insertions(+), 905 deletions(-)

diff --cc dev-tools/ansible/roles/env_setup/tasks/main.yml
index 0756da011a,b038e840dd..44645cdd46
--- a/dev-tools/ansible/roles/env_setup/tasks/main.yml
+++ b/dev-tools/ansible/roles/env_setup/tasks/main.yml
@@@ -78,32 -73,25 +78,33 @@@
  
  # Automatic security updates installation
  
- - name: Install yum-cron, yum-utils (RedHat)
-   yum: name={{ item }} state=latest update_cache=yes
-   become: yes
-   when: ansible_os_family == "RedHat"
-   with_items:
-     - yum-cron
-     - yum-utils
- 
- - name: Copy yum-cron.conf config file
-   copy:
-     src: yum-cron.conf
-     dest: /etc/yum/yum-cron.conf
-     backup: yes
-   become: yes
-   when: ansible_os_family == "RedHat"
+ # TODO: switch to dnf-automatic for Rocky Linux
+ # - name: Install yum-cron, yum-utils (RedHat)
+ #   yum: name={{ item }} state=latest update_cache=yes
+ #   become: yes
+ #   when: ansible_os_family == "RedHat"
+ #   with_items:
+ #     - yum-cron
+ #     - yum-utils
+ 
+ # - name: Copy yum-cron.conf config file
+ #   copy:
+ #     src: yum-cron.conf
+ #     dest: /etc/yum/yum-cron.conf
+ #     backup: yes
+ #   become: yes
+ #   when: ansible_os_family == "RedHat"
  
 -# - name: Enable and start yum-cron
 -#   service: name=yum-cron state=started enabled=yes daemon_reload=yes
 -#   become: yes
 -#   when: ansible_os_family == "RedHat"
 +- name: Copy dnf-cron.conf config file (RedHat or Rocky)
 +  copy:
 +    src: dnf-cron.conf
 +    dest: /etc/dnf/automatic.conf
 +    backup: yes
 +  become: yes
 +  when: ansible_os_family == "Rocky"
 +
 +- name: Enable and start yum-cron
 +  service: name=yum-cron state=started enabled=yes daemon_reload=yes
 +  become: yes
 +  when: ansible_os_family == "RedHat"
  ...
diff --cc dev-tools/ansible/roles/keycloak/tasks/main.yml
index 9d61d283ce,78764959c5..e8e7a615d9
--- a/dev-tools/ansible/roles/keycloak/tasks/main.yml
+++ b/dev-tools/ansible/roles/keycloak/tasks/main.yml
@@@ -22,13 -22,33 +22,39 @@@
  - name: Install httpd
    yum: name="httpd" state=latest update_cache=yes
    become: yes
 +  when: ansible_os_family == "RedHat"
 +
 +- name: Install httpd (Rocky)
 +  dnf: name="httpd"
 +  become: yes
 +  when: ansible_os_family == "Rocky"
  
+ - name: Install java
+   yum: name="java-1.8.0-openjdk-devel" state=present update_cache=yes
+   become: yes
+   tags:
+     - always
+ 
+ # NOTE: If you see a file not found error, try running rm /var/lib/alternatives/{{ item.exe }} in the target machine
+ - name: set {{ keycloak_java_home }} as default
+   alternatives:
+     name="{{ item.exe }}"
+     link="/usr/bin/{{ item.exe }}"
+     path="{{ item.path }}/{{ item.exe }}"
+   with_items:
+     - { path: "{{ keycloak_java_home }}/bin", exe: 'java' }
+     - { path: "{{ keycloak_java_home }}/bin", exe: 'keytool' }
+     - { path: "{{ keycloak_java_home }}/bin", exe: 'javac' }
+     - { path: "{{ keycloak_java_home }}/bin", exe: 'javadoc' }
+   become: yes
+   tags:
+        - always
+ 
+ - name: set selinux to permissive
+   selinux: state=permissive policy=targeted
+   become: yes
+   when: ansible_os_family == "RedHat"
+ 
  - name: allow httpd to proxy to Keycloak process
    seboolean:
      name: httpd_can_network_connect
diff --cc dev-tools/ansible/roles/letsencrypt/tasks/main.yml
index 309610503a,978204d680..413f792673
--- a/dev-tools/ansible/roles/letsencrypt/tasks/main.yml
+++ b/dev-tools/ansible/roles/letsencrypt/tasks/main.yml
@@@ -20,28 -20,9 +20,20 @@@
  
  ---
  
- - name: install certbot and dependencies
-   yum: name={{ item }} state=installed update_cache=yes
-   with_items:
-     - certbot-1.11.0
-     - python2-acme-1.11.0
-     - python2-certbot-apache-1.11.0
-     - ca-certificates-2021.2.50
-   become: true
-   become_user: root
+ - include_tasks: install_deps_{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml
    when: ansible_os_family == "RedHat"
  
 +- name: install certbot and dependencies (Rocky)
 +  dnf: name={{ item }}
 +  with_items:
 +    - epel-release
 +    - mod_ssl
 +    - certbot
 +    - python3-certbot-apache
 +  become: true
 +  become_user: root
 +  when: ansible_os_family == "Rocky"
 +
  - name: add Certbot PPA repository
    apt_repository:
      repo: "ppa:certbot/certbot"