Commit d40c777e authored by Maiken's avatar Maiken
Browse files

In middle or rewrite from ansible to python only with jinja template.

parent 4c2553f0
This diff is collapsed.
...@@ -9,12 +9,12 @@ if __name__ == '__main__': ...@@ -9,12 +9,12 @@ if __name__ == '__main__':
if len(sys.argv) != 2: if len(sys.argv) != 2:
sys.exit('Syntax: %s COMMAND' % sys.argv[0]) sys.exit('Syntax: %s COMMAND' % sys.argv[0])
cmd = sys.argv[1].lower() action = (sys.argv[1].lower())[2:]
print action
if cmd == 'deploy-config':
if action == 'installwizard':
config = ConfigureARC() config = ConfigureARC()
config.configure() config.control()
else: else:
sys.exit('Unknown command "%s".' % cmd) sys.exit('Unknown action "%s".' % action)
...@@ -28,7 +28,7 @@ ...@@ -28,7 +28,7 @@
state: present state: present
createhome: no createhome: no
- name: Ensure /etc/grid-security folder exists - name: Ensure grid-security folder exists
file: file:
name: "{{ item }}" name: "{{ item }}"
state: directory state: directory
...@@ -38,33 +38,28 @@ ...@@ -38,33 +38,28 @@
- name: Download CertificateGenerator.py - name: Download CertificateGenerator.py
get_url: get_url:
url: http://svn.nordugrid.org/trac/nordugrid/export/32500/contrib/certificate_generator/CertificateGenerator.py url: https://source.coderefinery.org/nordugrid/contrib/raw/master/certificate_generator/CertificateGenerator.py
dest: /tmp dest: /tmp
mode: 444 mode: 444
when: create_host_cert when: create_host_cert
- name: checks hostcert exists on remote path
stat:
path: "/tmp/host-{{ frontend_ip }}-cert.pem"
register: cert
- name: checks hostkey on remote path
stat:
path: "/tmp/host-{{ frontend_ip }}-key.pem"
register: key
- name: checks tempCA on remote path
stat:
path: "/tmp/tempCA.pem"
register: ca
- name: checks tempCA.srl on remote path
stat:
path: "/tmp/tempCA.srl"
register: srl
- name: checks tempCA.signing_policy on remote path
stat:
path: "/tmp/tempCA.signing_policy"
register: policy
- name: Run CertificateGenerator.py to create host certificate
- name: Check if hostcerts and testCA files already exist
stat:
path: "/tmp/{{ item.name }}"
loop:
- "{{ HOST_CERT }}"
- "{{ TESTCA }}"
register: stat_var
- name: debug
debug:
msg: "{{item.reg}}"
with_items: "{{HOST_CERT}}"
- name: Run CertificateGenerator.py to create host and CA certificates (only if they do not exist)
command: python CertificateGenerator.py --CA tempCA --host {{ frontend_ip }} command: python CertificateGenerator.py --CA tempCA --host {{ frontend_ip }}
when: "not( cert.stat.exists or key.stat.exists or ca.stat.exists or srl.stat.exists or policy.stat.exists) and create_host_cert" when: "not( cert.stat.exists or key.stat.exists or ca.stat.exists or srl.stat.exists or policy.stat.exists) and create_host_cert"
args: args:
...@@ -73,25 +68,12 @@ ...@@ -73,25 +68,12 @@
ignore_errors: yes ignore_errors: yes
- name: move host certificate key file if it exists - name: Move host certifcate and testCA to specified folders
command: mv /tmp/host-{{ frontend_ip }}-key.pem {{ grid_security_path }} shell: mv /tmp/{{ item.name }} {{ item.dest }}
when: create_host_cert and run_cert.changed
- name: move host certificate file if it exists
command: mv /tmp/host-{{ frontend_ip }}-cert.pem {{ grid_security_path }}
when: create_host_cert and run_cert.changed
- name: move CA to /etc/grid-security/certificates
command: mv /tmp/tempCA.pem {{ grid_security_path }}/certificates
when: create_host_cert and run_cert.changed
- name: move ca signing policy file if it exists
command: mv /tmp/tempCA.signing_policy {{ grid_security_path }}/certificates
when: create_host_cert and run_cert.changed
- name: move softlinks it exists
shell: mv /tmp/*.0 {{ grid_security_path }}/certificates
when: create_host_cert and run_cert.changed when: create_host_cert and run_cert.changed
with_items:
- '{{HOST_CERT}}'
- '{{TESTCA}}'
ignore_errors: yes ignore_errors: yes
......
...@@ -18,3 +18,24 @@ arc_frontend_grid_queue: main ...@@ -18,3 +18,24 @@ arc_frontend_grid_queue: main
#enable_gridftpd: no #enable_gridftpd: no
##To-do: where to place key?
HOST_CERT:
- name: "host-{{ frontend_ip }}-cert.pem"
dest: "{{ grid_security_path }}"
- name: "host-{{ frontend_ip }}-key.pem"
dest: "{{ grid_security_path }}"
##To-do: where to place key and srl?
TESTCA:
- name: tempCA.pem
dest: "{{ grid_security_path }}/certificates"
- name: tempCA.signing_policy
dest: "{{ grid_security_path }}/certificates"
- name: "*.0"
dest: "{{ grid_security_path }}/certificates"
- name: tempCA-key.pem
dest: "{{ grid_security_path }}"
- name: tempCA.srl
dest: "{{ grid_security_path }}"
...@@ -20,6 +20,9 @@ x509_host_key = {{ host_key}} ...@@ -20,6 +20,9 @@ x509_host_key = {{ host_key}}
{% endif %} {% endif %}
[mapping]
unixmap={{ grid_user }}:{{ grid_group }} all
[lrms] [lrms]
lrms={{ lrms_type }} lrms={{ lrms_type }}
{% if lrms_type == 'slurm' %} {% if lrms_type == 'slurm' %}
...@@ -34,12 +37,12 @@ controldir={{ controldir }} ...@@ -34,12 +37,12 @@ controldir={{ controldir }}
sessiondir={{ sessiondir }} sessiondir={{ sessiondir }}
{% if enable_emies == 'yes' %} {% if enable_emies %}
[arex/ws] [arex/ws]
[arex/ws/emies] [arex/ws/emies]
{% endif %} {% endif %}
{% if enable_gridftpd == 'yes' %} {% if enable_gridftpd %}
[gridftpd] [gridftpd]
globus_tcp_port_range={{ globus_tcp_port_range }} globus_tcp_port_range={{ globus_tcp_port_range }}
globus_udp_port_range={{ globus_udp_port_range }} globus_udp_port_range={{ globus_udp_port_range }}
...@@ -53,7 +56,7 @@ loglevel=3 ...@@ -53,7 +56,7 @@ loglevel=3
[infosys/ldap] [infosys/ldap]
[infosys/ldap/bdii] [infosys/ldap/bdii]
[cluster] [infosys/cluster]
[queue:{{ arc_frontend_grid_queue }}] [queue:{{ arc_frontend_grid_queue }}]
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment