You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2022/07/28 15:52:42 UTC
[airavata] branch develop updated: Ansible: switching keycloak domain back to iamdev.scigap.org
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/airavata.git
The following commit(s) were added to refs/heads/develop by this push:
new ba7f8874b0 Ansible: switching keycloak domain back to iamdev.scigap.org
ba7f8874b0 is described below
commit ba7f8874b0b6c0c49d252d3823bcbf3e7d22f98b
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Thu Jul 28 11:52:28 2022 -0400
Ansible: switching keycloak domain back to iamdev.scigap.org
---
.../ansible/inventories/scigap/develop-js2/group_vars/all/vars.yml | 4 ++--
dev-tools/ansible/inventories/scigap/develop-js2/hosts | 2 +-
dev-tools/ansible/roles/database/tasks/keycloak.yml | 5 ++++-
3 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/dev-tools/ansible/inventories/scigap/develop-js2/group_vars/all/vars.yml b/dev-tools/ansible/inventories/scigap/develop-js2/group_vars/all/vars.yml
index 4b3eb03ccc..53ac27809a 100644
--- a/dev-tools/ansible/inventories/scigap/develop-js2/group_vars/all/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/develop-js2/group_vars/all/vars.yml
@@ -75,7 +75,7 @@ api_secured: "true"
tls_enable: "true"
api_server_tls_port: "9930"
enable_sharing: "true"
-iam_server_url: "https://iam.js2.scigap.org/auth"
+iam_server_url: "https://iamdev.scigap.org/auth"
iam_server_super_admin_username: "admin"
iam_server_super_admin_password: "{{ vault_iam_server_super_admin_password }}"
@@ -144,7 +144,7 @@ keycloak_db_username: "keycloak"
keycloak_db_password: "{{ vault_keycloak_db_password }}"
keycloak_master_account_username: "admin"
keycloak_master_account_password: "{{ vault_keycloak_master_account_password }}"
-keycloak_vhost_servername: "iam.js2.scigap.org"
+keycloak_vhost_servername: "iamdev.scigap.org"
# Letsencrypt
letsencrypt_email: "circ-iu-group@iu.edu"
diff --git a/dev-tools/ansible/inventories/scigap/develop-js2/hosts b/dev-tools/ansible/inventories/scigap/develop-js2/hosts
index fdb0628370..35224e74db 100644
--- a/dev-tools/ansible/inventories/scigap/develop-js2/hosts
+++ b/dev-tools/ansible/inventories/scigap/develop-js2/hosts
@@ -13,7 +13,7 @@ db.js2.scigap.org ansible_python_interpreter=/usr/bin/python3
api.js2.scigap.org ansible_python_interpreter=/usr/bin/python3
[keycloak]
-iam.js2.scigap.org ansible_python_interpreter=/usr/bin/python3
+iamdev.scigap.org ansible_python_interpreter=/usr/bin/python3 public_ipv4=149.165.152.23
[helix]
helix.js2.scigap.org ansible_python_interpreter=/usr/bin/python3
diff --git a/dev-tools/ansible/roles/database/tasks/keycloak.yml b/dev-tools/ansible/roles/database/tasks/keycloak.yml
index 396492aa5d..c8f10bf276 100644
--- a/dev-tools/ansible/roles/database/tasks/keycloak.yml
+++ b/dev-tools/ansible/roles/database/tasks/keycloak.yml
@@ -26,7 +26,10 @@
when: "'keycloak' in groups"
- name: give access to {{ keycloak_db_username }} from remote
- mysql_user: name="{{ keycloak_db_username }}" password="{{ keycloak_db_password }}" host="{{ item }}"
+ # Creating the access record with the IP address works better for MySQL so it
+ # doesn't have to do a DNS lookup (and it has DNS caching issues if the domain
+ # name changes)
+ mysql_user: name="{{ keycloak_db_username }}" password="{{ keycloak_db_password }}" host="{{ hostvars[item].public_ipv4 | default(item) }}"
with_items:
- "{{ groups['keycloak'] }}"