tpiccioli
/
ansible-roles
forked from ISTI-ansible-roles/ansible-roles
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

library/roles/d4s_user_services_perms: Install a README file inside the gcube home directory. Set up acls so that the gcube user can read/write the tomcat options files.

This commit is contained in:
Andrea Dell'Amico 2015-07-24 12:00:37 +02:00
parent b9f91eeb4c
commit 550d02fc48
4 changed files with 43 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
d4s_user_services_perms/README.md
View File

@ -1,3 +1,12 @@
This role assumes that only one tomcat instance is defined and running on the system. This role assumes that only one tomcat instance is defined and running on the system.
Important note: the variable 'http_port' needs to be defined earlier in the calling playbook. Important note: the variable 'http_port' needs to be defined earlier in the calling playbook.
What the role does:
- Install the sudoers config that permits the tomcat user to restart
the service
- Install the script that allows the tomcat user to start and stop the
service without using the full path
- Install the README file that explains where the options files are
placed and how start/stop the service

4
d4s_user_services_perms/defaults/main.yml
View File

@ -1,3 +1,7 @@
--- ---
d4science_user: gcube d4science_user: gcube
d4science_user_home: '/home/{{ d4science_user }}' d4science_user_home: '/home/{{ d4science_user }}'
d4science_tomcat_options_files:
- '/etc/default/tomcat-instance-{{ item.0.http_port }}'
- '/etc/default/tomcat-instance-{{ item.0.http_port }}.local'

22
d4s_user_services_perms/tasks/main.yml
View File

@ -9,3 +9,25 @@
- '{{ tomcat_m_instances }}' - '{{ tomcat_m_instances }}'
- [ 'startContainer.sh', 'stopContainer.sh' ] - [ 'startContainer.sh', 'stopContainer.sh' ]
tags: [ 'tomcat', 'd4science', 'sudo' ] tags: [ 'tomcat', 'd4science', 'sudo' ]
- name: Install the README file that explains where the options files are placed and how start/stop the service
template: src={{ item.1 }}.j2 dest={{ item.0.user_home }}/{{ item.1 }} owner={{ item.0.user }} group={{ item.0.user }} mode=0444
with_nested:
- '{{ tomcat_m_instances }}'
- [ 'README' ]
tags: [ 'tomcat', 'd4science', 'd4s_readme' ]
- name: Set the read/write permissions on the tomcat default options files
acl: name={{ item.1 }} entity={{ item.0.user }} etype=user permissions=rw state=present
with_nested:
- '{{ tomcat_m_instances }}'
- '{{ d4science_tomcat_options_files }}'
tags: [ 'tomcat', 'd4science', 'acl' ]
- name: Set the default read/write permissions on the tomcat default options files
acl: name={{ item.1 }} entity={{ item.0.user }} etype=user permissions=rw state=present default=yes
with_nested:
- '{{ tomcat_m_instances }}'
- '{{ d4science_tomcat_options_files }}'
tags: [ 'tomcat', 'd4science', 'acl' ]

8
d4s_user_services_perms/templates/README.j2 Normal file
View File

@ -0,0 +1,8 @@
The java options are set inside /etc/default/tomcat-instance-{{ item.0.http_port }}
The GHN environment variables are set inside /etc/default/tomcat-instance-{{ item.0.http_port }}.local
The commands that start and stop the containers are:
/home/gcube/startContainer.sh
/home/gcube/stopContainer.sh
The log files live inside /home/gcube/tomcat/logs (it's a symbolic link to {{ tomcat_m_instances_logdir_base }}/{{ item.0.http_port }})