From 07dd49b57f4965f5b63996b19c79b84a8598a454 Mon Sep 17 00:00:00 2001
From: Miguel Caballer <micafer1@upv.es>
Date: Tue, 19 Nov 2024 12:10:38 +0100
Subject: [PATCH 01/10] Use docker-compose

---
 README.md         | 31 ++++++++++-------
 defaults/main.yml |  3 +-
 tasks/portal.yml  | 86 +++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 107 insertions(+), 13 deletions(-)

diff --git a/README.md b/README.md
index 17e13c4..c204a83 100644
--- a/README.md
+++ b/README.md
@@ -35,23 +35,30 @@ The variables that can be passed to this role and a brief description about them
 	# Galaxy export dir
 	galaxy_export_dir: /mnt/export
 	# Version of the Galaxy portal docker image to use
-	galaxy_image_version: 20.09-19.05.5 # or 20.09-20.02.7
+	galaxy_image_version: "24.1"
 	# ENV variables for the Docker Galaxy
 	galaxy_docker_env_vars:
-	   NONUSE: reports
-	   GALAXY_LOGGING: full
-	   DOCKER_PARENT: True
-	   GALAXY_CONFIG_HOST: 0.0.0.0
-	   GALAXY_DEFAULT_ADMIN_USER: "{{galaxy_admin}}"
-	   GALAXY_DEFAULT_ADMIN_PASSWORD: "{{galaxy_admin_password}}"
-	   GALAXY_DEFAULT_ADMIN_KEY: "{{galaxy_admin_password}}"
-	   GALAXY_CONFIG_ADMIN_USERS: "{{galaxy_admin}}"
-	   GALAXY_CONFIG_MASTER_API_KEY: "{{galaxy_admin_api_key}}"
+		USE_HTTPS: "True"
+		GALAXY_CONFIG_BRAND: "Galaxy"
+		NONUSE: "reports,slurmd,slurmctld,nodejs,condor"
+		GALAXY_LOGGING: "full"
+		DOCKER_PARENT: "True"
+		GALAXY_CONFIG_HOST: "0.0.0.0"
+		GALAXY_DEFAULT_ADMIN_USER: "{{galaxy_admin}}"
+		GALAXY_DEFAULT_ADMIN_PASSWORD: "{{galaxy_admin_password}}"
+		GALAXY_DEFAULT_ADMIN_KEY: "{{galaxy_admin_password}}"
+		GALAXY_CONFIG_ADMIN_USERS: "{{galaxy_admin}}"
+		GALAXY_CONFIG_MASTER_API_KEY: "{{galaxy_admin_api_key}}"
+		GALAXY_DESTINATIONS_DEFAULT: "local_no_container"
+		GALAXY_RUNNERS_ENABLE_SLURM: "False"
+		GALAXY_RUNNERS_ENABLE_K8: "False"
+		GALAXY_RUNNERS_ENABLE_PBS: "False"
 
 	# ENV variables for the Docker Galaxy in case of using slurm
 	slurm_galaxy_docker_env_vars:
-	   NONUSE: slurmctld,reports
-	   GALAXY_DESTINATIONS_DEFAULT: "slurm_cluster_docker"
+		NONUSE: "reports,slurmctld,slurmd,nodejs,condor"
+		GALAXY_DESTINATIONS_DEFAULT: "slurm_cluster"
+		GALAXY_RUNNERS_ENABLE_SLURM: "True"
 
 	galaxy_docker_volumes:
 	  - "/var/run/docker.sock:/var/run/docker.sock"
diff --git a/defaults/main.yml b/defaults/main.yml
index 465bf9c..34b9580 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -26,7 +26,8 @@ galaxy_export_dir: /mnt/export
 galaxy_image_version: "24.1"
 # ENV variables for the Docker Galaxy
 galaxy_docker_env_vars:
-   USE_HTTPS: "True"
+   USE_HTTPS: "False"
+   GALAXY_CONFIG_BRAND: "Galaxy"
    NONUSE: "reports,slurmd,slurmctld,nodejs,condor"
    GALAXY_LOGGING: "full"
    DOCKER_PARENT: "True"
diff --git a/tasks/portal.yml b/tasks/portal.yml
index 7af91bb..b90df73 100644
--- a/tasks/portal.yml
+++ b/tasks/portal.yml
@@ -18,6 +18,92 @@
 - include_tasks: slurm.yml
   when: galaxy_lrms == "slurm"
 
+- name: Set public_ip_address to Public IP
+  set_fact:
+    public_ip_address: "{{ IM_NODE_PUBLIC_IP }}"
+  when: IM_NODE_PUBLIC_IP is defined and IM_NODE_PUBLIC_IP != ""
+- name: Set default DNS name (nip.io)
+  set_fact:
+    dns_name: "galaxy.{{ public_ip_address }}.nip.io"
+  when: galaxy_dns_name is not defined or galaxy_dns_name == ""
+- name: Set custom DNS name
+  set_fact:
+    dns_name: "{{ galaxy_dns_name }}"
+  when: galaxy_dns_name is defined and galaxy_dns_name != ""
+
+- name: Create galaxy directory
+  file:
+    path: /opt/galaxy
+    state: directory
+    mode: '755'
+
+- name: Create docker-compose file
+  copy:
+    content: |
+      version: '3.3'
+      services:
+          galaxy:
+              restart: on-failure
+              privileged: true
+              image: quay.io/bgruening/galaxy:{{galaxy_image_version}}
+              container_name: galaxy_portal
+              environnment: {{ galaxy_docker_env_vars | to_yaml }}
+              expose:
+                  - "8080"
+              ports:
+                - "8022:22"
+                - "8021:21"
+                - "9002:9002"
+              networks:
+                  - frontend
+              volumes: {{ galaxy_docker_volumes }}
+              labels:
+                - "traefik.enable=true"
+                - "traefik.http.routers.galaxy.service=galaxy"
+                - "traefik.http.routers.galaxy.rule=Host(`{{ galaxy_dns_name }}`)"
+                - "traefik.http.routers.galaxy.entrypoints=websecure"
+                - "traefik.http.routers.galaxy.tls.certresolver=myresolver"
+                - "traefik.http.services.galaxy.loadbalancer.server.port=8080"
+                - "traefik.docker.network=mlflow_frontend"
+          traefik:
+              image: "traefik:v2.10"
+              container_name: "traefik"
+              command:
+                #- "--log.level=DEBUG"
+                - "--api.insecure=true"
+                - "--providers.docker=true"
+                - "--providers.docker.exposedbydefault=false"
+                - "--entrypoints.galaxy.address=:80"
+                - "--entrypoints.websecure.address=:443"
+                - "--entrypoints.galaxy.http.redirections.entryPoint.to=websecure"
+                - "--entrypoints.galaxy.http.redirections.entryPoint.scheme=https"
+                - "--entrypoints.galaxy.http.redirections.entrypoint.permanent=true"
+                - "--certificatesresolvers.myresolver.acme.httpchallenge=true"
+                - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=galaxy"
+                #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
+                - "--certificatesresolvers.myresolver.acme.email={{ galaxy_cert_email }}"
+                - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
+              ports:
+                - "80:80"
+                - "443:443"
+                - "8080:8080"
+              volumes:
+                - "./letsencrypt:/letsencrypt"
+                - "/var/run/docker.sock:/var/run/docker.sock:ro"
+              networks:
+                - frontend
+      networks:
+          frontend:
+              driver: bridge
+    dest: /opt/galaxy/docker-compose.yaml
+    mode: '644'
+
+- name: Exec docker-compose up
+  docker_compose:
+    project_src: /opt/galaxy/
+    state: present
+
+
 - name: Start galaxy container
   docker_container:
     name: galaxy

From aff86bac70e4935efa6d96dab7fb25bb5598e042 Mon Sep 17 00:00:00 2001
From: Miguel Caballer <micafer1@upv.es>
Date: Tue, 19 Nov 2024 12:34:29 +0100
Subject: [PATCH 02/10] Fix

---
 tasks/portal.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tasks/portal.yml b/tasks/portal.yml
index b90df73..7143322 100644
--- a/tasks/portal.yml
+++ b/tasks/portal.yml
@@ -47,7 +47,7 @@
               privileged: true
               image: quay.io/bgruening/galaxy:{{galaxy_image_version}}
               container_name: galaxy_portal
-              environnment: {{ galaxy_docker_env_vars | to_yaml }}
+              environment: {{ galaxy_docker_env_vars | to_yaml }}
               expose:
                   - "8080"
               ports:
@@ -60,7 +60,7 @@
               labels:
                 - "traefik.enable=true"
                 - "traefik.http.routers.galaxy.service=galaxy"
-                - "traefik.http.routers.galaxy.rule=Host(`{{ galaxy_dns_name }}`)"
+                - "traefik.http.routers.galaxy.rule=Host(`{{ dns_name }}`)"
                 - "traefik.http.routers.galaxy.entrypoints=websecure"
                 - "traefik.http.routers.galaxy.tls.certresolver=myresolver"
                 - "traefik.http.services.galaxy.loadbalancer.server.port=8080"
@@ -81,7 +81,7 @@
                 - "--certificatesresolvers.myresolver.acme.httpchallenge=true"
                 - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=galaxy"
                 #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
-                - "--certificatesresolvers.myresolver.acme.email={{ galaxy_cert_email }}"
+                - "--certificatesresolvers.myresolver.acme.email={{ galaxy_admin }}"
                 - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
               ports:
                 - "80:80"

From 10398890af4ae836dda17f89048128ddde6d7880 Mon Sep 17 00:00:00 2001
From: Miguel Caballer <micafer1@upv.es>
Date: Tue, 19 Nov 2024 12:35:03 +0100
Subject: [PATCH 03/10] Fix

---
 tasks/portal.yml | 16 ----------------
 1 file changed, 16 deletions(-)

diff --git a/tasks/portal.yml b/tasks/portal.yml
index 7143322..0299ebb 100644
--- a/tasks/portal.yml
+++ b/tasks/portal.yml
@@ -102,19 +102,3 @@
   docker_compose:
     project_src: /opt/galaxy/
     state: present
-
-
-- name: Start galaxy container
-  docker_container:
-    name: galaxy
-    image: "quay.io/bgruening/galaxy:{{galaxy_image_version}}"
-    ports:
-     - "8443:443"
-     - "8080:80"
-     - "8022:22"
-     - "8021:21"
-     - "9002:9002"
-#     - "8800:8800"
-    env: "{{galaxy_docker_env_vars}}"
-    volumes: "{{galaxy_docker_volumes}}"
-    privileged: yes 

From 667369843672e6c540eabff2dfe77223128e42d5 Mon Sep 17 00:00:00 2001
From: Miguel Caballer <micafer1@upv.es>
Date: Tue, 19 Nov 2024 12:55:59 +0100
Subject: [PATCH 04/10] Fix

---
 tasks/portal.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tasks/portal.yml b/tasks/portal.yml
index 0299ebb..380fec5 100644
--- a/tasks/portal.yml
+++ b/tasks/portal.yml
@@ -49,7 +49,7 @@
               container_name: galaxy_portal
               environment: {{ galaxy_docker_env_vars | to_yaml }}
               expose:
-                  - "8080"
+                  - "80"
               ports:
                 - "8022:22"
                 - "8021:21"
@@ -63,7 +63,7 @@
                 - "traefik.http.routers.galaxy.rule=Host(`{{ dns_name }}`)"
                 - "traefik.http.routers.galaxy.entrypoints=websecure"
                 - "traefik.http.routers.galaxy.tls.certresolver=myresolver"
-                - "traefik.http.services.galaxy.loadbalancer.server.port=8080"
+                - "traefik.http.services.galaxy.loadbalancer.server.port=80"
                 - "traefik.docker.network=mlflow_frontend"
           traefik:
               image: "traefik:v2.10"

From 342ec6ed0f4c1749dbe1bba62c0a82d418a715f7 Mon Sep 17 00:00:00 2001
From: Miguel Caballer <micafer1@upv.es>
Date: Wed, 20 Nov 2024 09:31:47 +0100
Subject: [PATCH 05/10] Activate https

---
 defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 34b9580..0b5429a 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -26,7 +26,7 @@ galaxy_export_dir: /mnt/export
 galaxy_image_version: "24.1"
 # ENV variables for the Docker Galaxy
 galaxy_docker_env_vars:
-   USE_HTTPS: "False"
+   USE_HTTPS: "True"
    GALAXY_CONFIG_BRAND: "Galaxy"
    NONUSE: "reports,slurmd,slurmctld,nodejs,condor"
    GALAXY_LOGGING: "full"

From 7820c9a0100634a90865e1f63b2e083666c57718 Mon Sep 17 00:00:00 2001
From: Miguel Caballer <micafer1@upv.es>
Date: Wed, 20 Nov 2024 09:55:50 +0100
Subject: [PATCH 06/10] Activate https

---
 tasks/portal.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/tasks/portal.yml b/tasks/portal.yml
index 380fec5..15f456f 100644
--- a/tasks/portal.yml
+++ b/tasks/portal.yml
@@ -49,7 +49,7 @@
               container_name: galaxy_portal
               environment: {{ galaxy_docker_env_vars | to_yaml }}
               expose:
-                  - "80"
+                  - "443"
               ports:
                 - "8022:22"
                 - "8021:21"
@@ -63,7 +63,8 @@
                 - "traefik.http.routers.galaxy.rule=Host(`{{ dns_name }}`)"
                 - "traefik.http.routers.galaxy.entrypoints=websecure"
                 - "traefik.http.routers.galaxy.tls.certresolver=myresolver"
-                - "traefik.http.services.galaxy.loadbalancer.server.port=80"
+                - "traefik.http.services.galaxy.loadbalancer.server.port=443"
+                - "traefik.http.services.galaxy.loadbalancer.server.scheme=https"
                 - "traefik.docker.network=mlflow_frontend"
           traefik:
               image: "traefik:v2.10"

From ff18fc53994a1904a3a5aaaf912cf7b82c33e2df Mon Sep 17 00:00:00 2001
From: Miguel Caballer <micafer1@upv.es>
Date: Wed, 20 Nov 2024 11:20:50 +0100
Subject: [PATCH 07/10] Fix https

---
 tasks/portal.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tasks/portal.yml b/tasks/portal.yml
index 15f456f..0c98d92 100644
--- a/tasks/portal.yml
+++ b/tasks/portal.yml
@@ -67,10 +67,11 @@
                 - "traefik.http.services.galaxy.loadbalancer.server.scheme=https"
                 - "traefik.docker.network=mlflow_frontend"
           traefik:
-              image: "traefik:v2.10"
+              image: "traefik:v2.11"
               container_name: "traefik"
               command:
                 #- "--log.level=DEBUG"
+                - "--serversTransport.insecureSkipVerify=true"
                 - "--api.insecure=true"
                 - "--providers.docker=true"
                 - "--providers.docker.exposedbydefault=false"

From ad519cf8899afb26bbd6bf0299f0596b9c3007da Mon Sep 17 00:00:00 2001
From: Miguel Caballer <micafer1@upv.es>
Date: Wed, 20 Nov 2024 11:26:58 +0100
Subject: [PATCH 08/10] disable flower and proftp

---
 defaults/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 0b5429a..6f09fcc 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -28,7 +28,7 @@ galaxy_image_version: "24.1"
 galaxy_docker_env_vars:
    USE_HTTPS: "True"
    GALAXY_CONFIG_BRAND: "Galaxy"
-   NONUSE: "reports,slurmd,slurmctld,nodejs,condor"
+   NONUSE: "reports,slurmd,slurmctld,nodejs,condor,proftp,flower"
    GALAXY_LOGGING: "full"
    DOCKER_PARENT: "True"
    GALAXY_CONFIG_HOST: "0.0.0.0"
@@ -44,7 +44,7 @@ galaxy_docker_env_vars:
 
 # ENV variables for the Docker Galaxy in case of using slurm
 slurm_galaxy_docker_env_vars:
-   NONUSE: "reports,slurmctld,slurmd,nodejs,condor"
+   NONUSE: "reports,slurmctld,slurmd,nodejs,condor,proftp,flower"
    GALAXY_DESTINATIONS_DEFAULT: "slurm_cluster"
    GALAXY_RUNNERS_ENABLE_SLURM: "True"
 

From 1dae3fe574f558043987786afc9367e72dc93cdb Mon Sep 17 00:00:00 2001
From: Miguel Caballer <micafer1@upv.es>
Date: Wed, 20 Nov 2024 12:12:27 +0100
Subject: [PATCH 09/10] Fix test

---
 tasks/portal.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tasks/portal.yml b/tasks/portal.yml
index 0c98d92..7d36253 100644
--- a/tasks/portal.yml
+++ b/tasks/portal.yml
@@ -22,6 +22,10 @@
   set_fact:
     public_ip_address: "{{ IM_NODE_PUBLIC_IP }}"
   when: IM_NODE_PUBLIC_IP is defined and IM_NODE_PUBLIC_IP != ""
+- name: Set public_ip_address to default IP
+  set_fact:
+    public_ip_address: "{{ ansible_default_ipv4.address }}"
+  when: IM_NODE_PUBLIC_IP is not defined or IM_NODE_PUBLIC_IP != ""
 - name: Set default DNS name (nip.io)
   set_fact:
     dns_name: "galaxy.{{ public_ip_address }}.nip.io"

From e99eb1db45375723366d7d829c60153e2b1cf7e9 Mon Sep 17 00:00:00 2001
From: Miguel Caballer <micafer1@upv.es>
Date: Wed, 20 Nov 2024 12:12:58 +0100
Subject: [PATCH 10/10] Fix test

---
 tasks/portal.yml | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/tasks/portal.yml b/tasks/portal.yml
index 7d36253..ccb4f8d 100644
--- a/tasks/portal.yml
+++ b/tasks/portal.yml
@@ -18,14 +18,13 @@
 - include_tasks: slurm.yml
   when: galaxy_lrms == "slurm"
 
+- name: Set public_ip_address to default IP
+  set_fact:
+    public_ip_address: "{{ ansible_default_ipv4.address }}"
 - name: Set public_ip_address to Public IP
   set_fact:
     public_ip_address: "{{ IM_NODE_PUBLIC_IP }}"
   when: IM_NODE_PUBLIC_IP is defined and IM_NODE_PUBLIC_IP != ""
-- name: Set public_ip_address to default IP
-  set_fact:
-    public_ip_address: "{{ ansible_default_ipv4.address }}"
-  when: IM_NODE_PUBLIC_IP is not defined or IM_NODE_PUBLIC_IP != ""
 - name: Set default DNS name (nip.io)
   set_fact:
     dns_name: "galaxy.{{ public_ip_address }}.nip.io"