You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airavata.apache.org by ma...@apache.org on 2018/02/16 14:22:04 UTC

[airavata] branch group-based-auth updated (4679a80 -> 42f4553)

This is an automated email from the ASF dual-hosted git repository.

machristie pushed a change to branch group-based-auth
in repository https://gitbox.apache.org/repos/asf/airavata.git.


    from 4679a80  Ansible scripts for group-based-auth dev env
     new 75963c3  PGA deployment for group-based-auth environment (for testing/debugging)
     new 42f4553  Write virtual host config file to separate file (not based on gateway_id).

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../group_vars/pga}/vars.yml                       | 24 +++++++++++-----------
 .../group_vars/pga}/vault.yml                      |  0
 .../inventories/scigap/group-based-auth/hosts      | 13 +++++++++---
 3 files changed, 22 insertions(+), 15 deletions(-)
 copy dev-tools/ansible/inventories/scigap/{develop/pga_config/seagrid => group-based-auth/group_vars/pga}/vars.yml (76%)
 copy dev-tools/ansible/inventories/scigap/{develop/pga_config/seagrid => group-based-auth/group_vars/pga}/vault.yml (100%)

-- 
To stop receiving notification emails like this one, please contact
machristie@apache.org.

[airavata] 01/02: PGA deployment for group-based-auth environment (for testing/debugging)

Posted by ma...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

machristie pushed a commit to branch group-based-auth
in repository https://gitbox.apache.org/repos/asf/airavata.git

commit 75963c3776ef03d6451722e126d8734f358a7cf3
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Tue Feb 13 10:47:58 2018 -0500

    PGA deployment for group-based-auth environment (for testing/debugging)
---
 .../group-based-auth/group_vars/pga/vars.yml       | 64 ++++++++++++++++++++++
 .../group-based-auth/group_vars/pga/vault.yml      | 18 ++++++
 .../inventories/scigap/group-based-auth/hosts      | 13 ++++-
 3 files changed, 92 insertions(+), 3 deletions(-)

diff --git a/dev-tools/ansible/inventories/scigap/group-based-auth/group_vars/pga/vars.yml b/dev-tools/ansible/inventories/scigap/group-based-auth/group_vars/pga/vars.yml
new file mode 100644
index 0000000..d4a2af9
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/group-based-auth/group_vars/pga/vars.yml
@@ -0,0 +1,64 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+---
+pga_repo: "https://github.com/apache/airavata-php-gateway.git"
+git_branch: "develop"
+user: "pga"
+group: "pga"
+doc_root_dir: "/var/www/portals/group-based-auth-seagrid"
+vhost_servername: "pga.group-based-auth.scigap.org"
+vhost_ssl: True
+ssl_certificate_file: "/etc/letsencrypt/live/pga.group-based-auth.scigap.org/cert.pem"
+ssl_certificate_chain_file: "/etc/letsencrypt/live/pga.group-based-auth.scigap.org/fullchain.pem"
+ssl_certificate_key_file: "/etc/letsencrypt/live/pga.group-based-auth.scigap.org/privkey.pem"
+
+## Keycloak related variables
+tenant_domain: "seagrid"
+admin_username: "admin"
+admin_password: "{{ vault_admin_password }}"
+oauth_client_key: "{{ vault_oauth_client_key }}"
+oauth_client_secret: "{{ vault_oauth_client_secret }}"
+oidc_discovery_url: "https://iamdev.scigap.org/auth/realms/seagrid/.well-known/openid-configuration"
+
+auth_options:
+  - name: "SEAGrid"
+    oauth_grant_type: "password"
+#  - name: "existing accounts"
+#    oauth_grant_type: "authorization_code"
+#    oauth_authorize_url_extra_params: "kc_idp_hint=oidc"
+#    logo: "/assets/cilogon-logo-24x24-b.png"
+oauth_callback_url: "https://{{ vhost_servername }}/callback-url"
+
+gateway_id: "seagrid"
+# relative to document root dir
+experiment_data_dir: "{{ user_data_dir }}/group-based-auth-seagrid"
+gateway_data_store_resource_id: "pgadev.scigap.org_7ddf28fd-d503-4ff8-bbc5-3279a7c3b99e"
+gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDWgLve4J9WCohF/4UnbBZsh/nRkP1aM9FmA1FjKwK2gQAnKwhU+NrbsjW38h2Hi+8s9N2oZ9cCJHrvDi2U0cMxz4exIUBcVoRhw37ThlREHADeKR1FbKw0QLhTyfJb0K+1/8GWRluiFx0vHPptJe0KTqu+RJY0NSe+d/BEuGyCZ1hR+SKNuTgcb05Ia6opbSN5D68N9biseEux60d69ARQxLw+VN3Kr/UaBNpGIAfKLlLSUQlTyPA6G6UKCcJZv+/ye10oa0SK0qtrxMpL+4VJcVx+d56U7CUFWKEgPAaQrX1qdGUNDA7HKmD+EBtzw6DJqNJ0Cue/XuPe/RT62tpf"
+
+## Portal related variables
+super_admin_portal: "false"
+admin_emails: "['sgg@iu.edu','pamidigs@iu.edu', 'eroma.abeysinghe@gmail.com']"
+portal_email_username: "pga.airavata@gmail.com"
+portal_email_password: "{{ vault_portal_email_password }}"
+portal_theme: "seagrid"
+portal_theme_repo: "https://github.com/SciGaP/seagrid-website-theme.git"
+portal_title: "SEAGrid Portal"
+...
diff --git a/dev-tools/ansible/inventories/scigap/group-based-auth/group_vars/pga/vault.yml b/dev-tools/ansible/inventories/scigap/group-based-auth/group_vars/pga/vault.yml
new file mode 100644
index 0000000..4fa5716
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/group-based-auth/group_vars/pga/vault.yml
@@ -0,0 +1,18 @@
+$ANSIBLE_VAULT;1.1;AES256
+35363834376232323532383937363965643066346662646162623433363134396438383566373532
+3166626337666161386532363635386338366439643935310a316430613738343939333932386333
+65313532396532323834346437643366376465393637326137333838366536373438643434653663
+3735333530316164340a626331396161636332663765653465303335306162653232313863303762
+39666330626562646533656639386639653635623735333432386431323532623334313964393732
+65383465353438366438383938393165353235383438636265653731616235613839363566396635
+38653763353363316233373932313638376231366531306462666436353437376139303939343433
+65613532666230366239626132323661646137333031336230343862306534613564623161303066
+62376132666365303632626639643835623465643564393033623866383836323932383533613861
+62363336393361363266323636356164383962343939336432396538373662396264633361353162
+66663935316236316533633134393136356361373936306438333932666662653263613662636166
+62326139646537326334376464303466366563636465343362656131643735626633393835636265
+63343833396434366637626539653536343539383763393234333466623031393634343930393836
+31636136386135336430303035376533343038336662383139653831666230663232616533653461
+61363665633937666162303638366435613838356665613361313730383734383163666537386330
+38386238316366306466346432663139333038353339376336346166393639336137313231356333
+3336
diff --git a/dev-tools/ansible/inventories/scigap/group-based-auth/hosts b/dev-tools/ansible/inventories/scigap/group-based-auth/hosts
index 2bb4417..94debcb 100644
--- a/dev-tools/ansible/inventories/scigap/group-based-auth/hosts
+++ b/dev-tools/ansible/inventories/scigap/group-based-auth/hosts
@@ -1,17 +1,24 @@
 ---
 # inventory file : scigap production deployment
 
+# api.group-based-auth.scigap.org
 [zookeeper]
 149.165.169.138
 
 [rabbitmq]
 149.165.169.138
 
-[database]
-149.165.168.22
-
 [api-orch]
 149.165.169.138
 
+# db.group-based-auth.scigap.org
+[database]
+149.165.168.22
+
+# gfac.group-based-auth.scigap.org
 [gfac]
 149.165.169.36
+
+# deploying the pga on pgadev.scigap.org
+[pga]
+149.165.156.46

-- 
To stop receiving notification emails like this one, please contact
machristie@apache.org.

[airavata] 02/02: Write virtual host config file to separate file (not based on gateway_id).

Posted by ma...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

machristie pushed a commit to branch group-based-auth
in repository https://gitbox.apache.org/repos/asf/airavata.git

commit 42f4553360274b3c07239d96933d4a3003db3e49
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Tue Feb 13 11:21:04 2018 -0500

    Write virtual host config file to separate file (not based on gateway_id).
---
 .../ansible/inventories/scigap/group-based-auth/group_vars/pga/vars.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/dev-tools/ansible/inventories/scigap/group-based-auth/group_vars/pga/vars.yml b/dev-tools/ansible/inventories/scigap/group-based-auth/group_vars/pga/vars.yml
index d4a2af9..f1018dd 100644
--- a/dev-tools/ansible/inventories/scigap/group-based-auth/group_vars/pga/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/group-based-auth/group_vars/pga/vars.yml
@@ -29,6 +29,8 @@ vhost_ssl: True
 ssl_certificate_file: "/etc/letsencrypt/live/pga.group-based-auth.scigap.org/cert.pem"
 ssl_certificate_chain_file: "/etc/letsencrypt/live/pga.group-based-auth.scigap.org/fullchain.pem"
 ssl_certificate_key_file: "/etc/letsencrypt/live/pga.group-based-auth.scigap.org/privkey.pem"
+httpd_confd_file_location:
+ RedHat: "/etc/httpd/conf.d/pga-group-based-auth.conf"
 
 ## Keycloak related variables
 tenant_domain: "seagrid"

-- 
To stop receiving notification emails like this one, please contact
machristie@apache.org.