#8 switching to dotted notation

DICE-UNC · Apr 22, 2016 · e9e56a2 · e9e56a2
1 parent bca8f73
commit e9e56a2
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 55 deletions.
diff --git a/ansible/roles/irods/defaults/main.yml b/ansible/roles/irods/defaults/main.yml
@@ -1,25 +1,12 @@
 # basic defaults
 irods_icat_pkg: ftp://ftp.renci.org/pub/irods/releases/4.1.6/ubuntu14/irods-icat-4.1.6-ubuntu14-x86_64.deb
 irods_icat_rpm: ftp://ftp.renci.org/pub/irods/releases/4.1.8/centos7/irods-icat-4.1.8-centos7-x86_64.rpm
+irods_control_plane_port: 1248
+irods_control_plane_key: temp_32_byte_key_for_agent__conn
+irods_negotiation_key: temp_32_byte_key_for_agent__conn
 irods_postgres_pkg: ftp://ftp.renci.org/pub/irods/releases/4.1.6/ubuntu14/irods-database-plugin-postgres-1.6-ubuntu14-x86_64.deb
 irods_postgres_rpm: ftp://ftp.renci.org/pub/irods/releases/4.1.8/centos7/irods-database-plugin-postgres93-1.8-centos7-x86_64.rpm
-icat_pkg: irods-icat-4.1.6-ubuntu14-x86_64.deb
-postgres_pkg: irods-database-plugin-postgres-1.6-ubuntu14-x86_64.deb
 #postgresql_listen_addresses: "*"
-irods_service_acct_user: irods
-port_range_begin: 20000
-port_range_end: 20199
-vault_path: /var/lib/irods/iRODS/Vault1
-zone_key: temp_32_byte_key_for_agent__conn
-negotiation_key: temp_32_byte_key_for_agent__conn
-control_plane_port: 1248
-control_plane_key: temp_32_byte_key_for_agent__conn
-schema_uri: https://schemas.irods.org/configuration
-#
-# these are in group_vars now
-#irods_port: 1247
-#irods_admin: rods
-#icat_db: icat
-#icat_port: 5432
-#icat_irods_user: irods
-#irods_icat_password: irods
+irods_schema_uri: https://schemas.irods.org/configuration
+irods_vault_path: /var/lib/irods/iRODS/Vault1
+irods_zone_key: temp_32_byte_key_for_agent__conn
diff --git a/ansible/roles/irods/tasks/main.yml b/ansible/roles/irods/tasks/main.yml
@@ -66,17 +66,17 @@
 - name: Create PostgreSQL Database
   sudo: yes
   sudo_user: postgres
-  postgresql_db: name={{ irods_icat_db }}
+  postgresql_db: name={{ irods.icat.db }}
 
 - name: grant access to user
   sudo: yes
   sudo_user: postgres
-  postgresql_user: db={{ irods_icat_db }} name={{ irods_icat_user }} password={{ irods_icat_password }} priv=ALL
+  postgresql_user: db={{ irods.icat.db }} name={{ irods.icat.user }} password={{ irods.icat.password }} priv=ALL
 
-- name: ensure icat_irods_user does not have unnecessary privilege
+- name: ensure icat.irods.user does not have unnecessary privilege
   sudo: yes
   sudo_user: postgres
-  postgresql_user: name={{ irods_icat_user }} role_attr_flags=NOSUPERUSER,NOCREATEDB
+  postgresql_user: name={{ irods.icat.user }} role_attr_flags=NOSUPERUSER,NOCREATEDB
 
 - name: download iCAT for Debian
   get_url: url={{ irods_icat_pkg }} dest=/home/{{ ansible_ssh_user }}/
@@ -117,12 +117,12 @@
         ansible_distribution_major_version == '7'
 
 - name: ensure irods group exists
-  group: name={{ irods_admin }} state=present
+  group: name={{ irods.service_group }} state=present
   when: ansible_os_family == 'RedHat' and
         ansible_distribution_major_version == '7'
 
 - name: ensure irods user exists
-  user: name={{ irods_admin }} state=present group={{ irods_admin }}
+  user: name={{ irods.service_acct }} state=present group={{ irods.service_group }}
   when: ansible_os_family == 'RedHat' and
         ansible_distribution_major_version == '7'
 
@@ -160,12 +160,12 @@
 - name: create default resource
   sudo: yes
   sudo_user: irods
-  shell: "iadmin mkresc {{ irods_default_resource}} unixfilesystem {{ irods_host }}:{{ irods_default_resource_path }}"
+  shell: "iadmin mkresc {{ irods.default_resource}} unixfilesystem {{ irods.host }}:{{ irods.default_resource_path }}"
 
 - name: add irods_user to rodsadmin group
   sudo: yes
   sudo_user: irods
-  shell: "iadmin atg rodsadmin {{ irods_user }}"
+  shell: "iadmin atg rodsadmin {{ irods.user }}"
 
 # systemctl call errors out, use init.d instead
 - name: restart irods service

diff --git a/ansible/roles/irods/templates/genresponse.j2 b/ansible/roles/irods/templates/genresponse.j2
@@ -3,26 +3,28 @@
 
 RESPFILE=$1
 
-# setup_irods.sh seems to want zone first
+# some of these are set via defaults. should they all be group vars?
+
+# setup_irods.sh sometimes wants zone first, for whatever reason.
 echo "{{ irods_service_acct_user }}" > $RESPFILE  	# service account user ID
 echo "{{ irods_service_acct_user }}" >> $RESPFILE 	# service account group ID
-echo "{{ irods_zone }}" >> $RESPFILE            	# initial zone name
-echo "{{ irods_port }}" >> $RESPFILE            	# service port
-echo "{{ port_range_begin }}" >> $RESPFILE      	# transport starting port
-echo "{{ port_range_end }}" >> $RESPFILE        	# transport ending port
-echo "{{ vault_path }}" >> $RESPFILE 			# vault path
-echo "{{ zone_key }}" >> $RESPFILE 			# zone SID
-echo "{{ negotiation_key }}"  >> $RESPFILE 		# neg key
-echo "{{ control_plane_port }}" >> $RESPFILE		# control plane port
-echo "{{ control_plane_key }}" >> $RESPFILE     	# control plane key
-echo "{{ schema_uri }}" >> $RESPFILE            	# schema validation URI
-echo "{{ irods_admin }}" >> $RESPFILE       		# iRODS admin account
-echo "{{ irods_admin_password }}" >> $RESPFILE      	# iRODS admin password
+echo "{{ irods.zone }}" >> $RESPFILE            	# initial zone name
+echo "{{ irods.port }}" >> $RESPFILE            	# service port
+echo "{{ irods.portrange.start }}" >> $RESPFILE      	# transport starting port
+echo "{{ irods.portrange.end }}" >> $RESPFILE        	# transport ending port
+echo "{{ irods_vault_path }}" >> $RESPFILE 		# vault path
+echo "{{ irods_zone_key }}" >> $RESPFILE 		# zone SID
+echo "{{ irods_negotiation_key }}"  >> $RESPFILE 	# neg key
+echo "{{ irods_control_plane_port }}" >> $RESPFILE	# control plane port
+echo "{{ irods_control_plane_key }}" >> $RESPFILE     	# control plane key
+echo "{{ irods_schema_uri }}" >> $RESPFILE            	# schema validation URI
+echo "{{ irods.admin }}" >> $RESPFILE       		# iRODS admin account
+echo "{{ irods.admin_password }}" >> $RESPFILE      	# iRODS admin password
 echo "yes" >> $RESPFILE                   		# confirm iRODS settings
 #echo "{{ inventory_hostname }}" >> $RESPFILE   	# database hostname
-echo "{{ irods_icat_host }}" >> $RESPFILE    		# database hostname
-echo "{{ irods_icat_dbport }}" >> $RESPFILE             # database port
-echo "{{ irods_icat_db }}" >> $RESPFILE               	# database DB name
-echo "{{ irods_icat_user }}" >> $RESPFILE       	# database admin username
-echo "{{ irods_icat_password }}" >> $RESPFILE   	# database admin password
+echo "{{ irods.icat.host }}" >> $RESPFILE    		# database hostname
+echo "{{ irods.icat.dbport }}" >> $RESPFILE             # database port
+echo "{{ irods.icat.db }}" >> $RESPFILE               	# database DB name
+echo "{{ irods.icat.user }}" >> $RESPFILE       	# database admin username
+echo "{{ irods.icat.password }}" >> $RESPFILE   	# database admin password
 echo "yes" >> $RESPFILE                   		# confirm database settings
diff --git a/ansible/roles/irods/templates/server_config.json.j2 b/ansible/roles/irods/templates/server_config.json.j2
@@ -12,12 +12,12 @@
     "default_file_mode": "0600", 
     "default_hash_scheme": "SHA256", 
     "default_resource_directory": "{{ irods.vault }}",
-    "default_resource_name": "{{ irods_default_resource }}",
+    "default_resource_name": "{{ irods.default_resource }}",
     "environment_variables": {}, 
     "federation": [], 
-    "icat_host": "{{ irods_host }}", 
+    "icat_host": "{{ irods.host }}", 
     "match_hash_policy": "compatible", 
-    "negotiation_key": "{{ negotiation_key }}",
+    "negotiation_key": "{{ irods_negotiation_key }}",
     "re_data_variable_mapping_set": [
         {
             "filename": "core"
@@ -33,18 +33,18 @@
             "filename": "core"
         }
     ], 
-    "schema_validation_base_uri": "{{ schema_uri }}",
+    "schema_validation_base_uri": "{{ irods_schema_uri }}",
     "server_control_plane_encryption_algorithm": "AES-256-CBC", 
     "server_control_plane_encryption_num_hash_rounds": 16, 
-    "server_control_plane_key": "{{ control_plane_key }}",
-    "server_control_plane_port": {{ control_plane_port }},
+    "server_control_plane_key": "{{ irods_control_plane_key }}",
+    "server_control_plane_port": {{ irods_control_plane_port }},
     "server_control_plane_timeout_milliseconds": 10000, 
     "server_port_range_end": {{ irods.portrange.end }},
     "server_port_range_start": {{ irods.portrange.start }},
     "xmsg_port": 1279, 
     "zone_auth_scheme": "native", 
-    "zone_key": "{{ zone_key }}",
-    "zone_name": "{{ irods_zone }}",
-    "zone_port": {{ irods_port }},
-    "zone_user": "{{ irods_user }}"
+    "zone_key": "{{ irods_zone_key }}",
+    "zone_name": "{{ irods.zone }}",
+    "zone_port": {{ irods.port }},
+    "zone_user": "{{ irods.user }}"
 }