diff --git a/curl-tester/defaults/main.yml b/curl-tester/defaults/main.yml
new file mode 100644
index 00000000..e39a48d4
--- /dev/null
+++ b/curl-tester/defaults/main.yml
@@ -0,0 +1,2 @@
+test_port: "8080"
+test_URL: "http://{{ inventory_hostname }}:{{ test_port }}"
diff --git a/curl-tester/tasks/main.yml b/curl-tester/tasks/main.yml
new file mode 100644
index 00000000..e7adcf99
--- /dev/null
+++ b/curl-tester/tasks/main.yml
@@ -0,0 +1,17 @@
+- name: wait for the service to come up
+ wait_for: host={{ inventory_hostname }} port={{ test_port }} delay=3 connect_timeout=3
+ delegate_to: localhost
+
+- name: check URL availability with curl
+ raw: curl -k "{{ test_URL }}"
+ register: curl_cmd
+ failed_when: curl_cmd.rc >= 1
+
+#raw: curl -k -m 3 "{{ test_URL }}"
+
+#- name: test the specified URL
+# action: uri url={{ test_URL }}
+# register: webpage
+
+#- name : check the returned contents
+# fail: msg="service not available"
diff --git a/gcore-authorization/defaults/main.yml b/gcore-authorization/defaults/main.yml
new file mode 100644
index 00000000..00403c9d
--- /dev/null
+++ b/gcore-authorization/defaults/main.yml
@@ -0,0 +1,32 @@
+---
+#authorization_service_install: False
+#authorization_service_upgrade: False
+authorization_service_name: authorization-service
+#authorization_service_file: '{{ authorization_service_name }}-2.0.0-20160927.120833-1.war'
+#authorization_service_url: 'http://maven.research-infrastructures.eu/nexus/content/repositories/gcube-snapshots/org/gcube/common/authorization-service/2.0.0-SNAPSHOT/{{ authorization_service_file }}'
+#
+#authorization_version: "2.0.1-4.2.0-134808"
+authorization_service_version: "2.0.1-4.2.0-134808"
+
+repo: "gcube-staging"
+authorization_service_file: '{{ authorization_service_name }}-{{ authorization_service_version }}.war'
+authorization_service_url: 'http://maven.research-infrastructures.eu/nexus/content/repositories/{{ repo }}/org/gcube/common/authorization-service/{{ authorization_service_version }}/{{ authorization_service_file }}'
+authorization_service_persistence_dest: WEB-INF/classes/META-INF/persistence.xml
+authorization_service_config_dest: WEB-INF/AuthorizationConfiguration.xml
+#auth_user: '{{ d4science_user }}'
+tomcat_user: "tomcat"
+tomcat_document_root: "/usr/share/tomcat/"
+authorization_service_loglevel: INFO
+authorization_service_root_loglevel: WARN
+#authorization_service_http_port: 8080
+authorization_service_http_port: 80
+authorized_ips:
+# - 127.0.0.1
+ - 0.0.0.0
+
+auth_postgresql_host: "localhost"
+psql_db_name: "gcoreauthz"
+psql_db_user: "gcoreauthz"
+authorization_db_pwd: "gcore-authz"
+postgres_port: "5431"
+pgpool_port: "5432"
diff --git a/gcore-authorization/meta/main.yml b/gcore-authorization/meta/main.yml
new file mode 100644
index 00000000..c136f5b7
--- /dev/null
+++ b/gcore-authorization/meta/main.yml
@@ -0,0 +1,4 @@
+dependencies:
+ - role: tomcat
+ - role: postgresql
+ - role: pgpool
diff --git a/gcore-authorization/tasks/main.yml b/gcore-authorization/tasks/main.yml
new file mode 100644
index 00000000..c2b6d380
--- /dev/null
+++ b/gcore-authorization/tasks/main.yml
@@ -0,0 +1,75 @@
+---
+- block:
+ - name: Ensure that postgres is running
+ service: name=postgresql state=started
+
+ - name: Create postgres database {{ psql_db_name }} and user {{ psql_db_user }}
+ shell: sudo -u postgres createdb {{ psql_db_name }} && sudo -u postgres createuser -s {{ psql_db_user }}
+ ignore_errors: True
+
+ - name: Set password for user {{ psql_db_user }} and grant all privileges on database {{ psql_db_name }}
+ shell: sudo -u postgres psql -c "ALTER USER {{ psql_db_user }} WITH PASSWORD '{{ authorization_db_pwd }}';" && sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE {{ psql_db_name }} TO {{ psql_db_user }}";
+ ignore_errors: True
+
+ - name: Change postgres authentication method to password for localhost
+ lineinfile: dest=/var/lib/pgsql/data/pg_hba.conf state=present regexp='^host all all 127.0.0.1/32' line='host all all 127.0.0.1/32 password'
+
+ - name: Change postgres authentication method to password for localhost ipv6
+ lineinfile: dest=/var/lib/pgsql/data/pg_hba.conf state=present regexp='^host all all ::1/128' line='host all all ::1/128 password'
+
+ - name: Change postgres port to {{ postgres_port }}
+ lineinfile: dest="/usr/lib/systemd/system/postgresql.service" state=present regexp='^Environment=PGPORT=' line='Environment=PGPORT={{ postgres_port }}'
+
+ - name: Change pgpool port to {{ pgpool_port }}
+ lineinfile: dest="/etc/pgpool-II/pgpool.conf" state=present regexp='^port =' line='port = {{ pgpool_port }}'
+
+ - name: Tell pgpool to connect to postgreqsl on port {{ postgres_port }}
+ lineinfile: dest="/etc/pgpool-II/pgpool.conf" state=present regexp='^backend_port0 =' line='backend_port0 = {{ postgres_port }}'
+
+ - name: Tell pgpool to enable ssl
+ lineinfile: dest="/etc/pgpool-II/pgpool.conf" state=present regexp='^ssl = on' line='ssl = on'
+
+ - name: Running semanage to enable postgres to bind port {{ postgres_port }}
+ seport: ports={{ postgres_port }} proto=tcp setype=postgresql_port_t state=present reload=yes
+
+ - name: Running setsebool to allow tcp connections to the db
+ seboolean: name=httpd_can_network_connect_db state=yes persistent=yes
+
+# - name: restart postgres
+# service: name=postgresql state=restarted
+
+ #### on CentOS 7 we need to tell systemd to reload the service file since we made changes there
+ - name: restart postgresql
+ systemd: name=postgresql state=restarted enabled=yes daemon_reload=yes
+
+ - name: restart pgpool
+ service: name=pgpool state=restarted
+
+ - name: Stop tomcat when upgrading
+ service: name=tomcat state=stopped
+
+ - name: Create the authorization service webapp directory
+ file: dest={{ tomcat_document_root }}/webapps/authorization-service state=directory owner={{ tomcat_user }} group={{ tomcat_user }}
+
+ - name: Get and unpack the authorization war file
+ unarchive: copy=no src={{ authorization_service_url }} dest={{ tomcat_document_root }}/webapps/authorization-service owner={{ tomcat_user }} group={{ tomcat_user }}
+ args:
+ creates: '{{ tomcat_document_root }}/webapps/authorization-service/WEB-INF/AuthorizationConfiguration.xml'
+
+ - name: Install the authorization service AuthorizationConfiguration.xml template
+ template: src=AuthorizationConfiguration.xml.j2 dest={{ tomcat_document_root }}/webapps/authorization-service/{{ authorization_service_config_dest }} mode=0440 owner={{ tomcat_user }} group={{ tomcat_user }}
+
+ - name: Install the authorization service persistence.xml template
+ template: src=persistence.xml.j2 dest={{ tomcat_document_root }}/webapps/authorization-service/{{ authorization_service_persistence_dest }} mode=0440 owner={{ tomcat_user }} group={{ tomcat_user }}
+
+ - name: Install the logback configuration
+ template: src=logback.xml.j2 dest={{ tomcat_document_root }}/lib/logback.xml mode=0644 owner={{ tomcat_user }} group={{ tomcat_user }}
+
+# - name: restore ownership
+# file: dest={{ tomcat_document_root }} owner=root group=tomcat recurse=yes
+
+ - name: Start tomcat
+ service: name=tomcat state=started
+
+ become: true
+ become_user: root
diff --git a/gcore-authorization/templates/AuthorizationConfiguration.xml.j2 b/gcore-authorization/templates/AuthorizationConfiguration.xml.j2
new file mode 100644
index 00000000..269d41c1
--- /dev/null
+++ b/gcore-authorization/templates/AuthorizationConfiguration.xml.j2
@@ -0,0 +1,24 @@
+
+
+
+ {% for ip in authorized_ips %}
+
+ {% endfor %}
+
+
+
+
+ {% for ip in authorized_ips %}
+
+ {% endfor %}
+
+
+
+
+
+ {% for ip in authorized_ips %}
+
+ {% endfor %}
+
+
+
diff --git a/gcore-authorization/templates/logback.xml.j2 b/gcore-authorization/templates/logback.xml.j2
new file mode 100644
index 00000000..c405cf2b
--- /dev/null
+++ b/gcore-authorization/templates/logback.xml.j2
@@ -0,0 +1,24 @@
+
+
+
+
+ ${catalina.base}/logs/ghn.log
+ true
+
+ %d{HH:mm:ss.SSS} [%thread] %-5level %logger{0}: %msg%n
+
+
+
+ ${catalina.base}/logs/ghn.%d{yyyy-MM-dd}.log
+ 30
+
+
+
+
+
+
+
+
+
+
+
diff --git a/gcore-authorization/templates/persistence.xml.j2 b/gcore-authorization/templates/persistence.xml.j2
new file mode 100644
index 00000000..3ad39bc0
--- /dev/null
+++ b/gcore-authorization/templates/persistence.xml.j2
@@ -0,0 +1,33 @@
+
+
+
+
+ org.eclipse.persistence.jpa.PersistenceProvider
+
+
+ org.gcube.common.authorizationservice.persistence.entities.converters.StringListConverter
+
+
+
+ org.gcube.common.authorizationservice.persistence.entities.AuthorizationEntity
+ org.gcube.common.authorizationservice.persistence.entities.ServiceAuthorizationEntity
+ org.gcube.common.authorizationservice.persistence.entities.UserAuthorizationEntity
+ org.gcube.common.authorizationservice.persistence.entities.ExternalServiceAuthorizationEntity
+ org.gcube.common.authorizationservice.persistence.entities.NodeAuthorizationEntity
+ org.gcube.common.authorizationservice.persistence.entities.PolicyEntity
+ org.gcube.common.authorizationservice.persistence.entities.ServicePolicyEntity
+ org.gcube.common.authorizationservice.persistence.entities.UserPolicyEntity
+
+
+
+
+
+
+
+
+
+
diff --git a/gcore-base/defaults/main.yml b/gcore-base/defaults/main.yml
new file mode 100644
index 00000000..f9d26cfe
--- /dev/null
+++ b/gcore-base/defaults/main.yml
@@ -0,0 +1,28 @@
+---
+repo: "gcube-staging"
+#ghn_distribution_version: "7.0.0-4.2.1-132334"
+ghn_distribution_bundle_version: "7.0.0-4.2.1-132334"
+
+#### this gets the latest version in the specified repo
+#globus_url: "http://maven.research-infrastructures.eu/nexus/service/local/artifact/maven/redirect?r={{ repo }}&g=org/gcube/distribution&a=ghn-distribution&v=LATEST&e=tar.gz"
+
+#### this is for the ghn-distribution-bundle
+#globus_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/distribution/ghn-distribution-bundle/{{ ghn_distribution_bundle_version }}/ghn-distribution-bundle-{{ ghn_distribution_bundle_version }}-bundle.tar.gz"
+
+globus_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/distribution/ghn-distribution/{{ ghn_distribution_bundle_version }}/ghn-distribution-{{ ghn_distribution_bundle_version }}.tar.gz"
+ant_url: 'http://archive.apache.org/dist/ant/binaries/apache-ant-1.6.5-bin.tar.gz'
+
+ghn_user: 'gCore'
+globus_location: "/opt/{{ ghn_user }}"
+ant_location: '/opt/ant/'
+
+ghn_port: 8080
+ghn_hostname: "{{ ansible_hostname }}"
+ghn_published_host: "{{ ghn_hostname }}:{{ ghn_port }}"
+
+gcube_key: 'd4s.gcubekey'
+servicemap_xmlfile: 'ServiceMap_d4s.xml'
+servicemap_endpoint: "{{ ghn_published_host }}"
+
+common_scope_maps_file: "common-scope-maps-1.0.4-4.2.0-128425-patched.jar"
+patch_common_scope: 0
diff --git a/gcore-base/files/common-scope-maps-1.0.4-4.2.0-128425-patched.jar b/gcore-base/files/common-scope-maps-1.0.4-4.2.0-128425-patched.jar
new file mode 100644
index 00000000..15c2afdd
Binary files /dev/null and b/gcore-base/files/common-scope-maps-1.0.4-4.2.0-128425-patched.jar differ
diff --git a/gcore-base/files/d4s.gcubekey b/gcore-base/files/d4s.gcubekey
new file mode 100644
index 00000000..a236e5ae
--- /dev/null
+++ b/gcore-base/files/d4s.gcubekey
@@ -0,0 +1 @@
+�B2�$
\ No newline at end of file
diff --git a/gcore-base/meta/main.yml b/gcore-base/meta/main.yml
new file mode 100644
index 00000000..7598753b
--- /dev/null
+++ b/gcore-base/meta/main.yml
@@ -0,0 +1,2 @@
+dependencies:
+ - role: java-17
diff --git a/gcore-base/tasks/main.yml b/gcore-base/tasks/main.yml
new file mode 100644
index 00000000..e3782a22
--- /dev/null
+++ b/gcore-base/tasks/main.yml
@@ -0,0 +1,66 @@
+- name: add ghn user #home is /opt/ghn/, password is "gCore??"
+ action: user name={{ ghn_user }} password=$1$SuG4r$6AGiUoMKjZAHFJgYLDTkW/ shell=/bin/bash createhome=yes home={{ globus_location }}
+
+- name: download and extract ghn release specified in '../defaults/main.yml'
+ unarchive: src='{{ globus_url }}' dest="{{ globus_location }}" copy=no extra_opts='--strip-components=1'
+ #unarchive: src='{{ globus_url }}' dest="{{ globus_location }}" copy=no extra_opts='--show-stored-names --strip-components=1'
+ #unarchive: src='http://dl.uxnr.de/mirror/curl/curl-7.52.1.tar.gz' dest="{{ globus_location }}" copy=no
+
+- name: Test if ant is already deployed
+ raw: ls -d {{ ant_location }}
+ register: is_ant_deployed
+ ignore_errors: True
+ tags:
+ - ant
+
+- name: create ant_location as defined in '../defaults/main.yml'
+ file: path={{ ant_location }} state=directory owner=root group=root mode=0755
+ when: is_ant_deployed.rc != 0
+ tags:
+ - ant
+
+- name: install apache ant
+ unarchive: src={{ ant_url }} dest={{ ant_location }} copy=no extra_opts='--strip-components=1'
+ #unarchive: src={{ ant_url }} dest={{ ant_location }} copy=no extra_opts='--show-stored-names --strip-components=1'
+ when: is_ant_deployed.rc != 0
+ tags:
+ - ant
+
+- name: upload the gcube key specified in '../defaults/main.yml'
+ copy: src={{ gcube_key }} dest={{ globus_location }}/config/ mode=0600
+
+- name: upload ghn start script
+ template: src=gcore-start.sh dest={{ globus_location }} mode=0700
+
+- name: copy custom servicemap files
+ template: src=ServiceMap_d4s.xml dest={{ globus_location }}/config/
+ when: patch_common_scope != 0
+
+- name: copy custom servicemap files
+ template: src=ServiceMap_d4stesting.xml dest={{ globus_location }}/config/
+ when: patch_common_scope != 0
+
+- name: patch_common_scope={{ patch_common_scope }}, removing bundled common-scope-maps
+ raw: rm -f {{ globus_location }}/lib/common-scope-maps*
+ when: patch_common_scope != 0
+ ignore_errors: True
+ tags:
+ - common_scope_maps
+
+- name: upload patched common-scope-maps
+ copy: src={{ common_scope_maps_file }} dest={{ globus_location }}/lib/ owner={{ ghn_user }} group={{ ghn_user }} mode=0644
+ when: patch_common_scope != 0
+ tags:
+ - common_scope_maps
+
+- name: upload d4s.authorization
+ template: src=d4s.authorization dest={{ globus_location }}/config/ mode=0644
+
+- name: restore ownership
+ file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
+
+# this is commented out since at this point no service has been deployed yet
+#- name: start the container
+# become: yes
+# become_user: "{{ ghn_user }}"
+# command: "{{ globus_location }}/gcore-start.sh"
diff --git a/gcore-base/templates/ServiceMap_d4s.xml b/gcore-base/templates/ServiceMap_d4s.xml
new file mode 100644
index 00000000..0376feaa
--- /dev/null
+++ b/gcore-base/templates/ServiceMap_d4s.xml
@@ -0,0 +1,6 @@
+
+
+
+
+
+
diff --git a/gcore-base/templates/ServiceMap_d4stesting.xml b/gcore-base/templates/ServiceMap_d4stesting.xml
new file mode 100644
index 00000000..79f604c6
--- /dev/null
+++ b/gcore-base/templates/ServiceMap_d4stesting.xml
@@ -0,0 +1,6 @@
+
+
+
+
+
+
diff --git a/gcore-base/templates/bashrc.j2 b/gcore-base/templates/bashrc.j2
new file mode 100644
index 00000000..ccd0f248
--- /dev/null
+++ b/gcore-base/templates/bashrc.j2
@@ -0,0 +1 @@
+# example: registry={{ COMMON_NPM_MIRROR_URL }}
diff --git a/gcore-base/templates/d4s.authorization b/gcore-base/templates/d4s.authorization
new file mode 100644
index 00000000..7e75ea64
--- /dev/null
+++ b/gcore-base/templates/d4s.authorization
@@ -0,0 +1 @@
+{{ authorization_hostname }}false{{ authorization_port }}
diff --git a/gcore-base/templates/gcore-start.sh b/gcore-base/templates/gcore-start.sh
new file mode 100755
index 00000000..60f59396
--- /dev/null
+++ b/gcore-base/templates/gcore-start.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+export GLOBUS_LOCATION={{ globus_location }}
+export PATH=$PATH:$GLOBUS_LOCATION/bin
+export ANT_HOME={{ ant_location }}
+
+nohup {{ globus_location }}/bin/gcore-start-container -p {{ ghn_port }}
diff --git a/gcore-collector/defaults/main.yml b/gcore-collector/defaults/main.yml
new file mode 100644
index 00000000..0db9f9d8
--- /dev/null
+++ b/gcore-collector/defaults/main.yml
@@ -0,0 +1,21 @@
+---
+# recent versions of eXist setup do not allow for a quiet installation, therefore we switch to the
+# last known working version
+#exist_url: 'https://bintray.com/existdb/releases/download_file?file_path=eXist-db-setup-2.2.jar'
+exist_jar: 'eXist-setup-1.2.6-rev9165.jar'
+exist_url: "http://downloads.sourceforge.net/project/exist/Stable/1.2/{{ exist_jar }}"
+exist_location: "{{ globus_location }}/exist/"
+
+repo: "gcube-staging"
+#collector_version: "3.0.2-4.1.0-126944"
+is_collector_service_version: "3.0.2-4.1.0-126944"
+collector_artifact: "is-collector-service-{{ is_collector_service_version }}"
+collector_gar: "{{ collector_artifact }}.gar"
+collector_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/informationsystem/is-collector-service/{{ is_collector_service_version }}/{{ collector_gar }}"
+
+collector_hostname: "d4s.res.eng.it"
+collector_port: "8099"
+collector_endpoint: "{{ collector_hostname }}:{{ collector_port }}"
+
+start_scopes: ''
+infrastructure: 'd4s'
diff --git a/gcore-collector/meta/main.yml.bckp b/gcore-collector/meta/main.yml.bckp
new file mode 100644
index 00000000..69d1e2cc
--- /dev/null
+++ b/gcore-collector/meta/main.yml.bckp
@@ -0,0 +1,2 @@
+dependencies:
+ - role: gcore-base
diff --git a/gcore-collector/tasks/main.yml b/gcore-collector/tasks/main.yml
new file mode 100644
index 00000000..2d861a3c
--- /dev/null
+++ b/gcore-collector/tasks/main.yml
@@ -0,0 +1,73 @@
+- name: download eXist DB
+ get_url: url={{ exist_url }} dest=/tmp force=yes
+
+- name: create exist_location as defined in '../defaults/main.yml'
+ file: path={{ exist_location }} state=directory owner={{ ghn_user }} group={{ ghn_user }} mode=0755
+
+- name: install eXist DB
+ command: "java -jar /tmp/{{ exist_jar }} -p {{ exist_location }}"
+
+- name: remove eXist setup jar
+ file: path="/tmp/{{ exist_jar }}" state=absent
+
+- name: add the EXIST_HOME parameter to the gcore startup script
+ lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertafter="^export ANT_HOME" state=present line="export EXIST_HOME={{ exist_location }}"
+
+# remotely using with_fileglob seems to give all sorts of issues
+# while using copy module is out of question since it's not
+# capable of using wildcards, hence we'll use the shell module
+# when there's a need to use wildcards in filenames
+#- name: copy exist libs in "{{ globus_location }}/lib/"
+# copy: src={{ item }} dest="{{ globus_location }}/lib/" remote_src=true
+# with_fileglob:
+# - "{{ exist_location}}/exist.jar"
+# - "{{ exist_location}}/lib/core/quartz-*.jar"
+# - "{{ exist_location}}/lib/core/xmlrpc-*"
+# - "{{ exist_location}}/lib/core/xmldb.jar"
+# - "{{ exist_location}}/lib/core/jta.jar"
+# - "{{ exist_location}}/lib/core/commons-pool-*.jar"
+
+- name: copy exist.jar in $GLOBUS_LOCATION/lib
+ copy: src="{{ exist_location}}/exist.jar" dest="{{ globus_location }}/lib/" remote_src=true
+
+- name: copy quartz jar in $GLOBUS_LOCATION/lib
+ shell: cp -R {{ exist_location}}/lib/core/quartz-*.jar {{ globus_location }}/lib/
+
+- name: copy xmlrpc-* in $GLOBUS_LOCATION/lib
+ shell: cp -R {{ exist_location}}/lib/core/xmlrpc-* {{ globus_location }}/lib/
+
+- name: copy xmldb in $GLOBUS_LOCATION/lib
+ copy: src="{{ exist_location}}/lib/core/xmldb.jar" dest="{{ globus_location }}/lib/" remote_src=true
+
+- name: copy jta.jar in $GLOBUS_LOCATION/lib
+ copy: src="{{ exist_location}}/lib/core/jta.jar" dest="{{ globus_location }}/lib/" remote_src=true
+
+- name: copy commons-pool-*.jar in $GLOBUS_LOCATION/lib
+ shell: cp -R {{ exist_location}}/lib/core/commons-pool-*.jar {{ globus_location }}/lib/
+
+- name: download is-collector-service.gar
+ get_url: url={{ collector_url }} dest=/tmp force=yes
+
+- name: deploy is-collector-service.gar
+ shell: export GLOBUS_LOCATION={{ globus_location }} ANT_HOME={{ ant_location }} && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ collector_gar }}
+
+- name: add GLOBUS_OPTIONS to the gcore startup script
+ lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertafter="^export EXIST_HOME" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M -Dexist.home=$EXIST_HOME"'
+
+- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
+ replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ collector_hostname }}"
+
+- name: copy updated GHNConfig.xml
+ template: src=GHNConfig.xml dest={{ globus_location }}/config/
+
+- name: updated is-collector-service jndi-config.xml, add start scopes
+ lineinfile: dest="{{ globus_location }}/etc/{{ collector_artifact }}/jndi-config.xml" insertafter='.*?' state=present line=" "
+ when: start_scopes != ""
+
+- name: restore ownership
+ file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
+
+- name: start gCore
+ become: yes
+ become_user: "{{ ghn_user }}"
+ shell: "{{ globus_location }}/gcore-start.sh"
diff --git a/gcore-collector/templates/GHNConfig.xml b/gcore-collector/templates/GHNConfig.xml
new file mode 100755
index 00000000..9fd8f9be
--- /dev/null
+++ b/gcore-collector/templates/GHNConfig.xml
@@ -0,0 +1,87 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/gcore-notifier/defaults/main.yml b/gcore-notifier/defaults/main.yml
new file mode 100644
index 00000000..8345344f
--- /dev/null
+++ b/gcore-notifier/defaults/main.yml
@@ -0,0 +1,13 @@
+---
+repo: "gcube-staging"
+notifier_version: "1.4.0-4.1.0-126911"
+notifier_artifact: "notifier-service-{{ notifier_version }}"
+notifier_gar: "{{ notifier_artifact }}.gar"
+notifier_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/informationsystem/notifier-service/{{ notifier_version }}/{{ notifier_gar }}"
+
+notifier_hostname: "d4s.res.eng.it"
+notifier_port: "d4s.res.eng.it"
+notifier_endpoint: "{{ notifier_hostname }}:{{ notifier_port }}"
+
+start_scopes: ''
+infrastructure: 'd4s'
diff --git a/gcore-notifier/meta/main.yml b/gcore-notifier/meta/main.yml
new file mode 100644
index 00000000..69d1e2cc
--- /dev/null
+++ b/gcore-notifier/meta/main.yml
@@ -0,0 +1,2 @@
+dependencies:
+ - role: gcore-base
diff --git a/gcore-notifier/tasks/main.yml b/gcore-notifier/tasks/main.yml
new file mode 100644
index 00000000..9e8fea11
--- /dev/null
+++ b/gcore-notifier/tasks/main.yml
@@ -0,0 +1,26 @@
+- name: download {{ notifier_gar }}
+ get_url: url={{ notifier_url }} dest=/tmp force=yes
+
+- name: deploy {{ notifier_gar }}
+ shell: export GLOBUS_LOCATION={{ globus_location }} ANT_HOME={{ ant_location }} && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ notifier_gar }}
+
+- name: add GLOBUS_OPTIONS to the gcore startup script
+ lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertbefore="^nohup" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M"'
+
+- name: copy updated GHNConfig.xml
+ template: src=GHNConfig.xml dest={{ globus_location }}/config/
+
+## despite what the documentation says, seems there's no need to specify starting scopes for the notifier to work correctly
+#- name: copy updated notifier-service jndi-config.xml
+# template: src=jndi-config.xml dest={{ globus_location }}/etc/{{ notifier_artifact }}/
+
+- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
+ replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ notifier_hostname }}"
+
+- name: restore ownership
+ file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
+
+- name: start gCore
+ become: yes
+ become_user: "{{ ghn_user }}"
+ shell: "{{ globus_location }}/gcore-start.sh"
diff --git a/gcore-notifier/templates/GHNConfig.xml b/gcore-notifier/templates/GHNConfig.xml
new file mode 100755
index 00000000..5cab62d4
--- /dev/null
+++ b/gcore-notifier/templates/GHNConfig.xml
@@ -0,0 +1,85 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/gcore-portal/defaults/main.yml b/gcore-portal/defaults/main.yml
new file mode 100644
index 00000000..160df6d3
--- /dev/null
+++ b/gcore-portal/defaults/main.yml
@@ -0,0 +1,17 @@
+---
+repo: "gcube-staging"
+portal_version: "4.1.0-4.2.0-133176"
+portal_bundle: "gcube-portal-bundle-{{ portal_version }}.tar.gz"
+portal_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/distribution/gcube-portal-bundle/{{ portal_version }}/{{ portal_bundle }}"
+
+portal_user: "gCore"
+portal_home: "/opt/{{ portal_user }}"
+
+gcube_key: 'd4s.gcubekey'
+tomcat_port: "8080"
+
+common_scope_maps_file: "common-scope-maps-1.0.4-4.2.0-128425-patched.jar"
+patch_common_scope: 0
+
+start_scopes: ''
+infrastructure: 'd4s'
diff --git a/gcore-portal/files/common-scope-maps-1.0.4-4.2.0-128425-patched.jar b/gcore-portal/files/common-scope-maps-1.0.4-4.2.0-128425-patched.jar
new file mode 100644
index 00000000..15c2afdd
Binary files /dev/null and b/gcore-portal/files/common-scope-maps-1.0.4-4.2.0-128425-patched.jar differ
diff --git a/gcore-portal/files/d4s.gcubekey b/gcore-portal/files/d4s.gcubekey
new file mode 100644
index 00000000..a236e5ae
--- /dev/null
+++ b/gcore-portal/files/d4s.gcubekey
@@ -0,0 +1 @@
+�B2�$
\ No newline at end of file
diff --git a/gcore-portal/meta/main.yml b/gcore-portal/meta/main.yml
new file mode 100644
index 00000000..7598753b
--- /dev/null
+++ b/gcore-portal/meta/main.yml
@@ -0,0 +1,2 @@
+dependencies:
+ - role: java-17
diff --git a/gcore-portal/tasks/main.yml b/gcore-portal/tasks/main.yml
new file mode 100644
index 00000000..5df4e9ac
--- /dev/null
+++ b/gcore-portal/tasks/main.yml
@@ -0,0 +1,69 @@
+- name: add portal user #default home is /opt/ghn-portal/, password is "gCore??"
+ action: user name={{ portal_user }} password=$1$SuG4r$6AGiUoMKjZAHFJgYLDTkW/ shell=/bin/bash createhome=yes home={{ portal_home }}
+
+- name: download and extract {{ portal_bundle }} as specified in '../defaults/main.yml'
+ unarchive: src={{ portal_url }} dest={{ portal_home }} copy=no #extra_opts='--show-stored-names --strip-components=1'
+
+- name: upload the gcube key specified in '../defaults/main.yml'
+ copy: src={{ gcube_key }} dest="{{ portal_home }}/gCube/keys/" mode=0600
+
+- name: retrieve tomcat path
+ shell: ls -d {{ portal_home }}/tomcat*
+ register: tomcat_path
+
+#### since this role deploys from scratch, there's no way to actually patch the common-scope-maps that's
+#### deployed from within the resource-management webapp for now, since the very same webapp hasn't been
+#### deployed yet
+#- name: retrieve resource-management webapp path
+# shell: ls -d {{ portal_home }}/tomcat*/webapps/resource-management-*/
+# register: resource_management_path
+# ignore_errors: True
+
+- name: upload configured infrastructure.properties
+ template: src="infrastructureproperties" dest="{{ tomcat_path.stdout }}/conf/infrastructure.properties" mode=0700
+
+- name: updload portal-ext.properties
+ template: src="portal-ext.properties" dest="{{ tomcat_path.stdout }}/webapps/ROOT/WEB-INF/classes/"
+
+- name: upload .bashrc to {{ portal_user }}
+ template: src=bashrc dest="{{ portal_home }}/.bashrc" mode=0644
+
+- name: tell tomcat to listen to the tomcat_port variable defined in "../defaults/main.yml"
+ shell: sed -i "s/8080/{{ tomcat_port }}/g" "{{ tomcat_path.stdout }}/conf/server.xml"
+
+- name: patch_common_scope enabled, removing bundled common-scope-maps
+ raw: rm -f {{ portal_home }}/{{ item }}/common-scope-maps*
+ with_items:
+ - gCube/lib/_fws
+ - lib/fws
+# - "{{ resource_management_path }}"
+ when: patch_common_scope != 0
+ ignore_errors: True
+ tags:
+ - common_scope_maps
+
+- name: upload patched common-scope-maps
+ copy: src={{ common_scope_maps_file }} dest={{ portal_home }}/{{ item }}/ owner={{ portal_user }} group={{ portal_user }} mode=0644
+ with_items:
+ - gCube/lib/_fws
+ - lib/fws
+# - "{{ resource_management_path }}"
+ when: patch_common_scope != 0
+ tags:
+ - common_scope_maps
+
+- name: upload d4s.authorization
+ template: src=d4s.authorization dest={{ item }} owner={{ portal_user }} group={{ portal_user }} mode=0644
+ with_items:
+ - "{{ portal_home }}/lib/"
+ - "{{ portal_home }}/gCube/lib/"
+ - "{{ tomcat_path.stdout }}/lib/"
+ - "{{ tomcat_path.stdout }}"
+
+- name: restore ownership
+ file: dest={{ portal_home }} owner={{ portal_user }} group={{ portal_user }} recurse=yes
+
+- name: start the portal
+ become: yes
+ become_user: "{{ portal_user }}"
+ shell: source ~/.bashrc && nohup {{ tomcat_path.stdout }}/bin/startup.sh &
diff --git a/gcore-portal/tasks/main.yml.orig b/gcore-portal/tasks/main.yml.orig
new file mode 100644
index 00000000..1018d83d
--- /dev/null
+++ b/gcore-portal/tasks/main.yml.orig
@@ -0,0 +1,188 @@
+---
+- name: Test if liferay is already installed
+ raw: ls -l /var/lib/tomcat7/webapps/ROOT/WEB-INF/classes/portal-developer.properties
+ register: liferay_install
+ ignore_errors: True
+ tags:
+ - liferay
+
+- name: Download the liferay war file
+ get_url: url="http://downloads.sourceforge.net/project/lportal/Liferay%20Portal/6.1.2%20GA3/liferay-portal-6.1.2-ce-ga3-20130816114619181.war?r=http%3A%2F%2Fwww.liferay.com%2Fit%2Fdownloads%2Fliferay-portal%2Fadditional-files&ts=1383123826&use_mirror=garr" dest=/var/tmp/liferay-6.1.war
+ when: liferay_install.rc != 0
+ tags:
+ - liferay
+
+- name: Explode the liferay war
+ shell: cd /var/lib/tomcat7/webapps/ROOT ; jar xf /var/tmp/liferay-6.1.war ; chown -R root:root . ; rm -f /var/tmp/liferay-6.1.war
+ when: liferay_install.rc != 0
+ notify:
+ tomcat7 restart
+ tags:
+ - liferay
+
+- name: Create the /usr/share/tomcat7/lib/ext directory
+ file: dest=/usr/share/tomcat7/lib/ext state=directory owner=root group=root mode=0755
+ tags:
+ - liferay
+
+- name: Install other liferay dependencies (taken from the liferay bundle)
+ copy: src={{ item }} dest=/usr/share/tomcat7/lib/ext/{{ item }}
+ with_items:
+ - activation.jar
+ - ccpp.jar
+# - hsql.jar
+ - jms.jar
+ - jta.jar
+ - jtds.jar
+ - junit.jar
+ - jutf7.jar
+ - mail.jar
+# - mysql.jar
+ - persistence.jar
+ - portal-service.jar
+ - portlet.jar
+# - postgresql.jar
+ - support-tomcat.jar
+ notify: tomcat7 restart
+ tags:
+ - liferay
+
+- name: Install liferay patch for ldap without using the test password
+ copy: src={{ item }} dest=/var/lib/tomcat7/webapps/ROOT/WEB-INF/lib/{{ item }}
+ with_items:
+ - lps9001-ldap-ce6101-portal-impl.jar
+ when: liferay_ldap_fix is defined and liferay_ldap_fix == 'True'
+ notify: tomcat7 restart
+ tags:
+ - liferay
+ - liferaycfg
+
+- name: Ensure that the ldap authentication patch is not installed
+ file: dest=/var/lib/tomcat7/webapps/ROOT/WEB-INF/lib/{{ item }} state=absent
+ with_items:
+ - lps9001-ldap-ce6101-portal-impl.jar
+ when: liferay_ldap_fix is not defined or liferay_ldap_fix == 'False'
+ notify: tomcat7 restart
+ tags:
+ - liferay
+ - liferaycfg
+
+- name: Create the funny /var/lib/tomcat7/temp/liferay/com/liferay/portal/deploy/dependencies directory
+ file: dest=/var/lib/tomcat7/temp/liferay/com/liferay/portal/deploy/dependencies state=directory owner=root group=root mode=0755
+ tags:
+ - liferay
+
+- name: Create the temp directory /var/lib/tomcat7/temp
+ file: dest=/var/lib/tomcat7/temp owner=tomcat7 group=tomcat7 mode=0750 state=directory
+ tags:
+ - liferay
+
+- name: Create the funny path needed by some liferay dependencies
+ file: dest=/var/lib/tomcat7/temp/liferay/com/liferay/portal/deploy/dependencies state=directory owner=root group=root mode=0755
+ tags:
+ - liferay
+
+- name: Install other liferay dependencies in funny places
+ copy: src=../files/{{ item }} dest=/var/lib/tomcat7/temp/liferay/com/liferay/portal/deploy/dependencies/{{ item }}
+ with_items:
+ - resin.jar
+ - script-10.jar
+ notify:
+ tomcat7 restart
+ tags:
+ - liferay
+
+#
+# Note: we have the dependencies as local files. The two following tasks are not needed anymore
+#
+# - name: get the liferay dependencies
+# get_url: url="http://downloads.sourceforge.net/project/lportal/Liferay%20Portal/6.1.2%20GA3/liferay-portal-dependencies-6.1.2-ce-ga3-20130816114619181.zip?r=http%3A%2F%2Fwww.liferay.com%2Fit%2Fdownloads%2Fliferay-portal%2Fadditional-files&ts=1383130399&use_mirror=garr" dest=/var/tmp/liferay-dependencies.zip
+# register: dependencies_download
+
+# - name: Install the liferay dependencies
+# shell: cd /usr/share/tomcat7/lib ; unzip /var/tmp/liferay-dependencies.zip ; chown -R root:root . ; ln -s */*.jar ./ext ; /bin/rm -f ./ext/hsql.jar
+# when: dependencies_download.changed
+# notify: tomcat7 restart
+
+- name: liferay basic configuration
+ template: src=../templates/portal-ext.properties.j2 dest=/var/lib/tomcat7/webapps/ROOT/WEB-INF/classes/portal-ext.properties owner=root group=tomcat7 mode=0640
+ notify:
+ tomcat7 restart
+ tags:
+ - liferay
+ - liferaycfg
+
+- name: Create the portal home directory outside the webapp root
+ file: dest={{ liferay.portal_home }} state=directory owner=tomcat7 group=tomcat7 mode=0750
+ tags:
+ - liferay
+ - liferaycfg
+
+- name: Create data and deploy directories
+ file: dest={{ liferay.portal_home }}/{{ item }} state=directory owner=tomcat7 group=tomcat7 mode=0750
+ with_items:
+ - data
+ - deploy
+ - liferay
+ tags:
+ - liferay
+ - liferaycfg
+
+- name: Force the logs in the right place
+ file: src=/var/log/tomcat7 dest={{ liferay.portal_home }}/logs state=link
+ tags:
+ - liferay
+ - liferaycfg
+
+- name: Give write permissions to some directories
+ file: dest=/var/lib/tomcat7/webapps/ROOT/html/{{ item }} state=directory owner=tomcat7 group=tomcat7
+ with_items:
+ - icons
+ - themes
+ notify: Recursively set liferay write permissions
+ tags:
+ - liferay
+ - liferaycfg
+
+- name: Put the static properties in the portal home directory
+ template: src=../templates/home-portal-ext.properties.j2 dest={{ liferay.portal_home }}/portal-ext.properties owner=root group=tomcat7 mode=0640
+ notify: tomcat7 restart
+ tags:
+ - liferay
+ - liferaycfg
+
+- name: Create an empty portal-setup-wizard.properties if does not exist
+ copy: content="" dest={{ liferay.portal_home }}/portal-setup-wizard.properties owner=root group=tomcat7 mode=0660 force=no
+ tags:
+ - liferay
+ - liferaycfg
+
+- name: Test if the related webapps are installed
+ raw: ls -l /var/lib/tomcat7/webapps/marketplace-portlet
+ register: liferay_bundled_apps
+ ignore_errors: True
+ tags:
+ - liferay
+
+- name: Download the liferay bundle. Needed for the related webapps
+ get_url: url="http://downloads.sourceforge.net/project/lportal/Liferay%20Portal/6.1.2%20GA3/liferay-portal-tomcat-6.1.2-ce-ga3-20130816114619181.zip?r=http%3A%2F%2Fwww.liferay.com%2Fit%2Fdownloads%2Fliferay-portal%2Favailable-releases&ts=1383043780&use_mirror=garr" dest=/var/tmp/liferay-bundle.zip
+ when: liferay_bundled_apps.rc != 0
+ tags:
+ - liferay
+
+- name: Explode the liferay bundle and install the needed webapps
+ shell: cd /var/tmp ; /var/lib/tomcat7/webapps/ROOT ; unzip /var/tmp/liferay-bundle.zip ; cd /var/tmp/liferay-portal-6.1.2-ce-ga3/tomcat-7.0.40/webapps ; cp -a marketplace-portlet portal-compat-hook resources-importer-web welcome-theme /var/lib/tomcat7/webapps/ ; cd /var/tmp ; rm -fr /var/tmp/liferay-bundle.zip /var/tmp/liferay-portal-6.1.2-ce-ga3
+ when: liferay_bundled_apps.rc != 0
+ notify:
+ tomcat7 restart
+ tags:
+ - liferay
+
+- name: The images directory of the theme must be writeable by tomcat(!)
+ file: dest=/var/lib/tomcat7/webapps/welcome-theme/images state=directory owner=tomcat7 group=tomcat7 mode=0750
+ notify:
+ Recursively change welcome-theme images permissions
+ tags:
+ - liferay
+ - liferaycfg
+
diff --git a/gcore-portal/templates/bashrc b/gcore-portal/templates/bashrc
new file mode 100644
index 00000000..5243d950
--- /dev/null
+++ b/gcore-portal/templates/bashrc
@@ -0,0 +1,16 @@
+# .bashrc
+
+# Source global definitions
+if [ -f /etc/bashrc ]; then
+ . /etc/bashrc
+fi
+
+# User specific aliases and functions
+export CLASSPATH=""
+export CATALINA_HOME="{{ tomcat_path.stdout }}"
+export JAVA_HOME="/usr/lib/jvm/jre-1.7.0"
+export JRE_HOME="/usr/lib/jvm/jre-1.7.0"
+#export CATALINA_OPTS="-DGLOBUS_LOCATION=$GLOBUS_LOCATION -Xmx2048m -Xms2048m -XX:MaxPermSize=256m -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -Dlog4j.ignoreTCL=true -Dlog4j.configuration=file://$CATALINA_HOME/portal-log4j.properties"
+export CATALINA_OPTS="-Dexternal-properties=portal-developer.properties -Xmx1000m -Xms1000m -XX:PermSize=512m -XX:MaxPermSize=512m -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -Dlog4j.ignoreTCL=true -Dlog4j.configuration=file://$CATALINA_HOME/portal-log4j.properties -Dlogback.configurationFile=file://$CATALINA_HOME/portal-logback.xml"
+export CATALINA_PID="{{ portal_home }}/pid.txt"
+
diff --git a/gcore-portal/templates/d4s.authorization b/gcore-portal/templates/d4s.authorization
new file mode 100644
index 00000000..7e75ea64
--- /dev/null
+++ b/gcore-portal/templates/d4s.authorization
@@ -0,0 +1 @@
+{{ authorization_hostname }}false{{ authorization_port }}
diff --git a/gcore-portal/templates/infrastructureproperties b/gcore-portal/templates/infrastructureproperties
new file mode 100644
index 00000000..de92b968
--- /dev/null
+++ b/gcore-portal/templates/infrastructureproperties
@@ -0,0 +1,9 @@
+# DO NOT DELETE THIS FILE
+# gCube Infrastructure Properties tells the webapps on which infrastructure they run
+# Author: Massimiliano Assante, ISTI-CNR
+
+# a single infrastructure
+infrastructure={{ infrastructure }}
+
+# multiple scopes must be separated by comma (e.g FARM,gCubeApps)
+scopes={{ start_scopes }}
diff --git a/gcore-portal/templates/portal-ext.properties b/gcore-portal/templates/portal-ext.properties
new file mode 100644
index 00000000..fd1450cf
--- /dev/null
+++ b/gcore-portal/templates/portal-ext.properties
@@ -0,0 +1,2 @@
+liferay.home={{ portal_home }}
+include-and-override={{ portal_home }}/portal-ext.properties
diff --git a/gcore-registry/defaults/main.yml b/gcore-registry/defaults/main.yml
new file mode 100644
index 00000000..8bfffadd
--- /dev/null
+++ b/gcore-registry/defaults/main.yml
@@ -0,0 +1,13 @@
+---
+repo: "gcube-staging"
+registry_version: "2.1.4-4.1.0-126945"
+registry_artifact: "is-registry-service-{{ registry_version }}"
+registry_gar: "{{ registry_artifact }}.gar"
+registry_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/informationsystem/is-registry-service/{{ registry_version }}/{{ registry_gar }}"
+
+start_scopes: ''
+infrastructure: 'd4s'
+
+registry_port: '8080'
+registry_hostname: "{{ ansible_hostname }}"
+registry_published_host: '{{ registry_hostname }}:{{ registry_port }}'
diff --git a/gcore-registry/meta/main.yml b/gcore-registry/meta/main.yml
new file mode 100644
index 00000000..b102421b
--- /dev/null
+++ b/gcore-registry/meta/main.yml
@@ -0,0 +1,2 @@
+#dependencies:
+# - role: gcore-base
diff --git a/gcore-registry/tasks/main.yml b/gcore-registry/tasks/main.yml
new file mode 100644
index 00000000..9a1b9381
--- /dev/null
+++ b/gcore-registry/tasks/main.yml
@@ -0,0 +1,29 @@
+- name: download {{ registry_gar }}
+ get_url: url={{ registry_url }} dest=/tmp force=yes
+
+- name: deploy {{ registry_gar }}
+ shell: export GLOBUS_LOCATION={{ globus_location }} && export ANT_HOME={{ ant_location }} && export PATH=$PATH:$GLOBUS_LOCATION/bin && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ registry_gar }}
+
+- name: add GLOBUS_OPTIONS to the gcore startup script
+ lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertbefore="^nohup" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M"'
+
+- name: copy updated GHNConfig.xml
+ template: src=GHNConfig.xml dest={{ globus_location }}/config/
+
+- name: updated is-registry-service jndi-config.xml, add start scopes when needed
+ lineinfile: dest="{{ globus_location }}/etc/{{ registry_artifact }}/jndi-config.xml" insertafter='.*?' state=present line=" "
+ when: start_scopes != ""
+
+- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
+ replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ registry_hostname }}"
+
+- name: add is-registry Servicemap entry
+ lineinfile: dest="{{ globus_location }}/config/{{ servicemap_xmlfile }}" insertbefore="^" state=present line=' '
+
+- name: restore ownership
+ file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
+
+- name: start gCore
+ become: yes
+ become_user: "{{ ghn_user }}"
+ shell: "{{ globus_location }}/gcore-start.sh"
diff --git a/gcore-registry/templates/GHNConfig.xml b/gcore-registry/templates/GHNConfig.xml
new file mode 100755
index 00000000..e80d5584
--- /dev/null
+++ b/gcore-registry/templates/GHNConfig.xml
@@ -0,0 +1,86 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/gcore-resourcebroker/defaults/main.yml b/gcore-resourcebroker/defaults/main.yml
new file mode 100644
index 00000000..647954c5
--- /dev/null
+++ b/gcore-resourcebroker/defaults/main.yml
@@ -0,0 +1,23 @@
+---
+repo: "gcube-staging"
+resourcebroker_version: "1.2.0-4.1.0-126927"
+resourcebroker_artifact: "resourcebroker-service-{{ resourcebroker_version }}"
+resourcebroker_gar: "{{ resourcebroker_artifact }}.gar"
+resourcebroker_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/resourcebroker-service/{{ resourcebroker_version }}/{{ resourcebroker_gar }}"
+
+resourcebroker_serialization_version: "1.2.0-4.1.0-126929"
+resourcebroker_serialization_artifact: "resourcebroker-serialization-{{ resourcebroker_serialization_version }}"
+resourcebroker_serialization_jar: "{{ resourcebroker_serialization_artifact }}.jar"
+resourcebroker_serialization_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/resourcebroker-serialization/{{ resourcebroker_serialization_version}}/{{ resourcebroker_serialization_jar }}"
+
+resourcebroker_stubs_version: "1.2.0-4.1.0-126927"
+resourcebroker_stubs_artifact: "rbstubs-{{ resourcebroker_stubs_version }}"
+resourcebroker_stubs_jar: "{{ resourcebroker_stubs_artifact }}.jar"
+resourcebroker_stubs_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/rbstubs/{{ resourcebroker_stubs_version }}/{{ resourcebroker_stubs_jar }}"
+
+resourcebroker_hostname: "d4s.res.eng.it"
+resourcebroker_port: "8399"
+resourcebroker_endpoint: "{{ resourcebroker_hostname }}:{{ resourcebroker_port }}"
+
+start_scopes: ''
+infrastructure: 'd4s'
diff --git a/gcore-resourcebroker/meta/main.yml.old b/gcore-resourcebroker/meta/main.yml.old
new file mode 100644
index 00000000..69d1e2cc
--- /dev/null
+++ b/gcore-resourcebroker/meta/main.yml.old
@@ -0,0 +1,2 @@
+dependencies:
+ - role: gcore-base
diff --git a/gcore-resourcebroker/tasks/main.yml b/gcore-resourcebroker/tasks/main.yml
new file mode 100644
index 00000000..b86ccf00
--- /dev/null
+++ b/gcore-resourcebroker/tasks/main.yml
@@ -0,0 +1,31 @@
+- name: download {{ resourcebroker_gar }}
+ get_url: url={{ resourcebroker_url }} dest=/tmp force=yes
+
+- name: deploy {{ resourcebroker_gar }}
+ shell: export GLOBUS_LOCATION={{ globus_location }} ANT_HOME={{ ant_location }} && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ resourcebroker_gar }}
+
+- name: add GLOBUS_OPTIONS to the gcore startup script
+ lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertbefore="^nohup" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M"'
+
+- name: copy updated GHNConfig.xml
+ template: src=GHNConfig.xml dest={{ globus_location }}/config/
+
+#- name: update the resourcebroker jndi-config.xml, add start scopes when needed
+# lineinfile: dest="{{ globus_location }}/etc/{{ registry_artifact }}/jndi-config.xml" insertafter='.*?' state=present line=" "
+
+- name: deploy {{ resourcebroker_serialization_artifact }}
+ get_url: url={{ resourcebroker_serialization_url }} dest="{{ globus_location }}/lib/" force=yes
+
+- name: deploy {{ resourcebroker_stubs_artifact }}
+ get_url: url={{ resourcebroker_stubs_url }} dest="{{ globus_location }}/lib/" force=yes
+
+- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
+ replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ resourcebroker_hostname }}"
+
+- name: restore ownership
+ file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
+
+- name: start gCore
+ become: yes
+ become_user: "{{ ghn_user }}"
+ shell: "{{ globus_location }}/gcore-start.sh"
diff --git a/gcore-resourcebroker/templates/GHNConfig.xml b/gcore-resourcebroker/templates/GHNConfig.xml
new file mode 100755
index 00000000..d23cdb0a
--- /dev/null
+++ b/gcore-resourcebroker/templates/GHNConfig.xml
@@ -0,0 +1,87 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/gcore-resourcemanager/defaults/main.yml b/gcore-resourcemanager/defaults/main.yml
new file mode 100644
index 00000000..1c1743fc
--- /dev/null
+++ b/gcore-resourcemanager/defaults/main.yml
@@ -0,0 +1,23 @@
+---
+repo: "gcube-staging"
+resource_manager_version: "2.2.0-4.1.0-132314"
+resource_manager_artifact: "resource-manager-service-{{ resource_manager_version }}"
+resource_manager_gar: "{{ resource_manager_artifact }}.gar"
+resource_manager_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/resource-manager-service/{{ resource_manager_version }}/{{ resource_manager_gar}}"
+
+resourcebroker_serialization_version: "1.2.0-4.1.0-126929"
+resourcebroker_serialization_artifact: "resourcebroker-serialization-{{ resourcebroker_serialization_version }}"
+resourcebroker_serialization_jar: "{{ resourcebroker_serialization_artifact }}.jar"
+resourcebroker_serialization_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/resourcebroker-serialization/{{ resourcebroker_serialization_version}}/{{ resourcebroker_serialization_jar }}"
+
+resourcebroker_stubs_version: "1.2.0-4.1.0-126927"
+resourcebroker_stubs_artifact: "rbstubs-{{ resourcebroker_stubs_version }}"
+resourcebroker_stubs_jar: "{{ resourcebroker_stubs_artifact }}.jar"
+resourcebroker_stubs_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/rbstubs/{{ resourcebroker_stubs_version }}/{{ resourcebroker_stubs_jar }}"
+
+resource_manager_hostname: "d4s.res.eng.it"
+resource_manager_port: "8499"
+resource_manager_endpoint: "{{ resource_manager_hostname }}:{{ resource_manager_port }}"
+
+start_scopes: ''
+infrastructure: 'd4s'
diff --git a/gcore-resourcemanager/meta/main.yml b/gcore-resourcemanager/meta/main.yml
new file mode 100644
index 00000000..69d1e2cc
--- /dev/null
+++ b/gcore-resourcemanager/meta/main.yml
@@ -0,0 +1,2 @@
+dependencies:
+ - role: gcore-base
diff --git a/gcore-resourcemanager/tasks/main.yml b/gcore-resourcemanager/tasks/main.yml
new file mode 100644
index 00000000..0a3a9d6d
--- /dev/null
+++ b/gcore-resourcemanager/tasks/main.yml
@@ -0,0 +1,31 @@
+- name: download {{ resource_manager_gar }}
+ get_url: url={{ resource_manager_url }} dest=/tmp force=yes
+
+- name: deploy {{ resource_manager_gar }}
+ shell: export GLOBUS_LOCATION={{ globus_location }} ANT_HOME={{ ant_location }} && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ resource_manager_gar }}
+
+- name: add GLOBUS_OPTIONS to the gcore startup script
+ lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertbefore="^nohup" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M"'
+
+- name: copy updated GHNConfig.xml
+ template: src=GHNConfig.xml dest={{ globus_location }}/config/
+
+#- name: copy updated resource-manager jndi-config.xml
+# template: src=jndi-config.xml dest={{ globus_location }}/etc/{{ resource_manager_artifact }}/
+
+- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
+ replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ resource_manager_hostname }}"
+
+- name: deploy {{ resourcebroker_serialization_artifact }}
+ get_url: url={{ resourcebroker_serialization_url }} dest="{{ globus_location }}/lib/" force=yes
+
+- name: deploy {{ resourcebroker_stubs_artifact }}
+ get_url: url={{ resourcebroker_stubs_url }} dest="{{ globus_location }}/lib/" force=yes
+
+- name: restore ownership
+ file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
+
+- name: start gCore
+ become: yes
+ become_user: "{{ ghn_user }}"
+ shell: "{{ globus_location }}/gcore-start.sh"
diff --git a/gcore-resourcemanager/templates/GHNConfig.xml b/gcore-resourcemanager/templates/GHNConfig.xml
new file mode 100755
index 00000000..f53384cf
--- /dev/null
+++ b/gcore-resourcemanager/templates/GHNConfig.xml
@@ -0,0 +1,86 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/gcore-smartgears-container/defaults/main.yml b/gcore-smartgears-container/defaults/main.yml
new file mode 100644
index 00000000..1b9265a5
--- /dev/null
+++ b/gcore-smartgears-container/defaults/main.yml
@@ -0,0 +1,11 @@
+repo: "gcube-staging"
+smartgears_version: "2.0.0-4.2.1-133740"
+image_name: "smartgears_whn"
+image_tag: "{{ smartgears_version }}"
+#image_tag: "latest"
+
+
+infrastructure: "d4s"
+hostname: "{{ ansible_hostname }}"
+token: "24edab1c-6ff6-4c61-8f51-b52d4f5f4611-98187548"
+container_mode: "offline"
diff --git a/gcore-smartgears-container/files/common-scope-maps-1.0.4-4.2.0-128425-patched.jar b/gcore-smartgears-container/files/common-scope-maps-1.0.4-4.2.0-128425-patched.jar
new file mode 100644
index 00000000..15c2afdd
Binary files /dev/null and b/gcore-smartgears-container/files/common-scope-maps-1.0.4-4.2.0-128425-patched.jar differ
diff --git a/gcore-smartgears-container/meta/main.yml b/gcore-smartgears-container/meta/main.yml
new file mode 100644
index 00000000..8f1a32cb
--- /dev/null
+++ b/gcore-smartgears-container/meta/main.yml
@@ -0,0 +1,3 @@
+dependencies:
+# - role: java-17
+ - role: docker
diff --git a/gcore-smartgears-container/tasks/main.yml b/gcore-smartgears-container/tasks/main.yml
new file mode 100644
index 00000000..224971c8
--- /dev/null
+++ b/gcore-smartgears-container/tasks/main.yml
@@ -0,0 +1,32 @@
+- name: ensure that the unarchive utils tar relies upon for file extraction are available (CentOS/RHEL)
+ yum: name={{ item }} state=latest
+ with_items:
+ - bzip2
+ - unzip
+ when: ansible_os_family == "RedHat"
+
+- name: ensure that the unarchive utils tar relies upon for file extraction are available (Debian/Ubuntu)
+ apt: name={{ item }} state=latest
+ with_items:
+ - bzip2
+ - unzip
+ when: ansible_os_family == "Debian"
+
+- name: create temporary build directory
+ shell: mktemp -d
+ register: tempdir
+
+- name: copy the Dockerfile
+ template: src=Dockerfile dest="{{ tempdir.stdout }}/"
+
+- name: copy the authorization config file
+ template: src=d4s.authorization dest="{{ tempdir.stdout }}/" mode=0644
+
+- name: Build the docker image
+ docker_image:
+ path: "{{ tempdir.stdout }}"
+ name: "{{ image_name }}"
+ tag: "{{ image_tag }}"
+
+- name: remove the temporary build directory
+ file: path="{{ tempdir.stdout }}" state=absent
diff --git a/gcore-smartgears-container/templates/Dockerfile b/gcore-smartgears-container/templates/Dockerfile
new file mode 100644
index 00000000..cc0d8638
--- /dev/null
+++ b/gcore-smartgears-container/templates/Dockerfile
@@ -0,0 +1,23 @@
+from openjdk:7
+
+ENV GHN_HOME=/SmartGears-Bundle/
+ENV BUNDLE_HOME=$GHN_HOME
+ENV CATALINA_HOME=$GHN_HOME/tomcat/
+ENV CATALINA_OPTS="-Xmx2000m -Xms2000m -XX:MaxPermSize=512M"
+ENV CATALINA_PID=$CATALINA_HOME/pid.txt
+
+RUN wget http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/distribution/smartgears-distribution-bundle/{{ smartgears_version }}/smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz
+RUN tar xzvf smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz
+RUN rm smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz
+WORKDIR $GHN_HOME/
+RUN echo 1 | /bin/bash $GHN_HOME/setup.sh -n {{ ansible_hostname }} -f
+ADD d4s.authorization $CATALINA_HOME/lib/
+RUN ln -s $GHN_HOME/SmartGears/container.xml $GHN_HOME/container.xml
+RUN sed -ie 's/^$CATALINA_HOME\/bin\/startup.sh/$CATALINA_HOME\/bin\/catalina.sh\ run/' $GHN_HOME/startContainer.sh
+RUN sed -ie "s///" $GHN_HOME/container.xml
+RUN sed -ie "s/gcube<\/infrastructure>/{{ infrastructure }}<\/infrastructure>/" $GHN_HOME/container.xml
+RUN sed -ie "/<\/infrastructure>/a \ {{ token }}" $GHN_HOME/container.xml
+
+EXPOSE 8080
+
+CMD ./startContainer.sh
diff --git a/gcore-smartgears-container/templates/Dockerfile.bckp b/gcore-smartgears-container/templates/Dockerfile.bckp
new file mode 100644
index 00000000..8d39cf33
--- /dev/null
+++ b/gcore-smartgears-container/templates/Dockerfile.bckp
@@ -0,0 +1,25 @@
+from openjdk:7
+
+ENV GHN_HOME=/SmartGears-Bundle/
+ENV BUNDLE_HOME=$GHN_HOME
+ENV CATALINA_HOME=$GHN_HOME/tomcat/
+ENV CATALINA_OPTS="-Xmx2000m -Xms2000m -XX:MaxPermSize=512M"
+ENV CATALINA_PID=$CATALINA_HOME/pid.txt
+
+#WORKDIR $GHN_HOME/
+
+RUN \
+ wget http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/distribution/smartgears-distribution-bundle/{{ smartgears_version }}/smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz \
+ && tar xzvf smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz \ #--strip-components=1 \
+ && rm smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz \
+ && cd smartgears-distribution-bundle-{{ smartgears_version }} \
+ && echo 1 | /bin/bash ./setup.sh -n {{ hostname }} -f \
+ && ln -s $GHN_HOME/SmartGears/container.xml $GHN_HOME/container.xml \
+ && sed -ie 's/^$CATALINA_HOME\/bin\/startup.sh/$CATALINA_HOME\/bin\/catalina.sh\ run/' startContainer.sh \
+ && sed -ie "s///" container.xml \
+ && sed -ie "s/gcube<\/infrastructure>/{{ infrastructure }}<\/infrastructure>/" container.xml \
+ && sed -ie "/<\/infrastructure>/a \ {{ token }}" container.xml
+
+EXPOSE 8080
+
+CMD /SmartGears-Bundle/startContainer.sh
diff --git a/gcore-smartgears-container/templates/d4s.authorization b/gcore-smartgears-container/templates/d4s.authorization
new file mode 100644
index 00000000..7e75ea64
--- /dev/null
+++ b/gcore-smartgears-container/templates/d4s.authorization
@@ -0,0 +1 @@
+{{ authorization_hostname }}false{{ authorization_port }}
diff --git a/gcore-softwaregateway/defaults/main.yml b/gcore-softwaregateway/defaults/main.yml
new file mode 100644
index 00000000..1e9fcc64
--- /dev/null
+++ b/gcore-softwaregateway/defaults/main.yml
@@ -0,0 +1,13 @@
+---
+repo: "gcube-staging"
+software_gateway_version: "1.1.6-4.1.0-126706"
+software_gateway_artifact: "softwaregateway-service-{{ software_gateway_version }}"
+software_gateway_gar: "{{ software_gateway_artifact }}.gar"
+software_gateway_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/softwaregateway-service/{{ software_gateway_version }}/{{ software_gateway_gar }}"
+
+software_gateway_hostname: "d4s.res.eng.it"
+software_gateway_port: "8599"
+software_gateway_endpoint: "{{ software_gateway_hostname }}:{{ software_gateway_port }}"
+
+start_scopes: ''
+infrastructure: 'd4s'
diff --git a/gcore-softwaregateway/files/settings.xml b/gcore-softwaregateway/files/settings.xml
new file mode 100644
index 00000000..28d09bf9
--- /dev/null
+++ b/gcore-softwaregateway/files/settings.xml
@@ -0,0 +1,61 @@
+
+
+
+ gcube-snapshots
+ gcube-user
+ maven
+
+
+ gcube-releases
+ gcube-user
+ maven
+
+
+
+
+
+ gcube
+
+
+ gcube-staging
+ gCube Staging
+ http://maven.research-infrastructures.eu/nexus/content/repositories/gcube-staging
+
+ false
+
+
+ true
+
+
+
+ gcube-externals
+ gCube Externals
+ http://maven.research-infrastructures.eu/nexus/content/repositories/gcube-externals
+
+ false
+
+
+ true
+
+
+
+
+
+ gcube-releases
+ gCube Releases
+ http://maven.research-infrastructures.eu/nexus/content/repositories/gcube-releases
+
+ false
+
+
+ true
+
+
+
+
+
+
+ gcube
+
+
diff --git a/gcore-softwaregateway/meta/main.yml b/gcore-softwaregateway/meta/main.yml
new file mode 100644
index 00000000..69d1e2cc
--- /dev/null
+++ b/gcore-softwaregateway/meta/main.yml
@@ -0,0 +1,2 @@
+dependencies:
+ - role: gcore-base
diff --git a/gcore-softwaregateway/tasks/main.yml b/gcore-softwaregateway/tasks/main.yml
new file mode 100644
index 00000000..5cf61566
--- /dev/null
+++ b/gcore-softwaregateway/tasks/main.yml
@@ -0,0 +1,25 @@
+- name: download {{ software_gateway_gar }}
+ get_url: url={{ software_gateway_url }} dest=/tmp force=yes
+
+- name: deploy {{ software_gateway_gar }}
+ shell: export GLOBUS_LOCATION={{ globus_location }} ANT_HOME={{ ant_location }} && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ software_gateway_gar }}
+
+- name: add GLOBUS_OPTIONS to the gcore startup script
+ lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertbefore="^nohup" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M"'
+
+- name: copy updated GHNConfig.xml
+ template: src=GHNConfig.xml dest={{ globus_location }}/config/
+
+- name: copy settings.xml as per "https://gcube.wiki.gcube-system.org/gcube/Talk:Creating_gCube_Maven_components:_How-To#Repositories"
+ copy: src=settings.xml dest={{ globus_location }}/etc/{{ software_gateway_artifact }}/
+
+- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
+ replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ software_gateway_hostname }}"
+
+- name: restore ownership
+ file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
+
+- name: start gCore
+ become: yes
+ become_user: "{{ ghn_user }}"
+ shell: "{{ globus_location }}/gcore-start.sh"
diff --git a/gcore-softwaregateway/templates/GHNConfig.xml b/gcore-softwaregateway/templates/GHNConfig.xml
new file mode 100755
index 00000000..31c2d44e
--- /dev/null
+++ b/gcore-softwaregateway/templates/GHNConfig.xml
@@ -0,0 +1,86 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+