Skip to content

Commit

Permalink
make long proxy name configurable + fix small bug in daemons configur…
Browse files Browse the repository at this point in the history
…ation
  • Loading branch information
tbeerman committed Jun 19, 2019
1 parent ea2cf69 commit 2d2ef7d
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 12 deletions.
4 changes: 2 additions & 2 deletions daemons/rucio.cfg.j2
Original file line number Diff line number Diff line change
Expand Up @@ -52,11 +52,11 @@ cacert = {{ RUCIO_CFG_CONVEYOR_CACERT | default('/opt/rucio/etc/web/ca.crt') }}
usercert = {{ RUCIO_CFG_CONVEYOR_USERCERT | default('/opt/rucio/tools/x509up') }}
{% if RUCIO_CFG_CONVEYOR_CACHE_TIME is defined %}cache_time = {{ RUCIO_CFG_CONVEYOR_CACHE_TIME }}{% endif %}
{% if RUCIO_CFG_CONVEYOR_USE_DETERMINISTIC_ID is defined %}use_deterministic_id = {{ RUCIO_CFG_CONVEYOR_USE_DETERMINISTIC_ID }}{% endif %}
{% if RUCIO_CFG_CONVEYOR_POLL_TIMEOUT is defined %}poll_timeout ={{ RUCIO_CFG_CONVEYOR_POLL_TIMEOUT }}{% endif %}
{% if RUCIO_CFG_CONVEYOR_POLL_TIMEOUT is defined %}poll_timeout = {{ RUCIO_CFG_CONVEYOR_POLL_TIMEOUT }}{% endif %}
{% if RUCIO_CFG_CONVEYOR_SUBMIT_TIMEOUT is defined %}submit_timeout = {{ RUCIO_CFG_CONVEYOR_SUBMIT_TIMEOUT }}{% endif %}
{% if RUCIO_CFG_CONVEYOR_BRING_ONLINE is defined %}bring_online = {{ RUCIO_CFG_CONVEYOR_BRING_ONLINE }}{% endif %}
{% if RUCIO_CFG_CONVEYOR_QUEUE_MODE is defined %}queue_mode = {{ RUCIO_CFG_CONVEYOR_QUEUE_MODE }}{% endif %}
{% if RUCIO_CFG_CONVEYOR_USING_MEMCACHE is defined %}using_memcache = { RUCIO_CFG_CONVEYOR_USING_MEMCACHE }}{% endif %}
{% if RUCIO_CFG_CONVEYOR_USING_MEMCACHE is defined %}using_memcache = {{ RUCIO_CFG_CONVEYOR_USING_MEMCACHE }}{% endif %}
{% if RUCIO_CFG_CONVEYOR_FTSMONHOSTS is defined %}ftsmonhosts = {{ RUCIO_CFG_CONVEYOR_FTSMONHOSTS }}{% endif %}
{% if RUCIO_CFG_CONVEYOR_USER_ACTIVITIES is defined %}user_activities = {{ RUCIO_CFG_CONVEYOR_USER_ACTIVITIES }}{% endif %}
{% if RUCIO_CFG_CONVEYOR_USER_TRANSFERS is defined %}user_transfers = {{ RUCIO_CFG_CONVEYOR_USER_TRANSFERS }}{% endif %}
Expand Down
12 changes: 2 additions & 10 deletions fts-cron/renew_fts_proxy_atlas.sh.j2
Original file line number Diff line number Diff line change
@@ -1,25 +1,17 @@
#!/bin/bash

# We have to copy the certificates because we cannot change permissions on them as mounted secrets and voms-proxy is particular about permissions
cp /opt/rucio/certs/long.proxy /tmp/long.proxy
cp /opt/rucio/certs/{{ RUCIO_LONG_PROXY }} /tmp/long.proxy
chmod 400 /tmp/long.proxy

# Generate a proxy with the voms extension if requested
voms-proxy-init --debug -valid 96:00 -cert /tmp/long.proxy -out /tmp/x509up {% if RUCIO_FTS_VOMS is defined -%}-voms {{ RUCIO_FTS_VOMS }}{%- endif %} -rfc -n

# Delegate the proxy to the requested servers
{% if RUCIO_FTS_SERVERS is defined %}
{% set ftses = RUCIO_FTS_SERVERS.split(',') %}
{% for fts in ftses %}
fts-rest-delegate -v -f -H 96 --key=/tmp/x509up --cert=/tmp/x509up -s {{ fts }}
{% endfor %}
{% endif %}

# Create the corresponding kubernetes secrets if asked
{% if RUCIO_FTS_SECRETS is defined %}
{% set secrets = RUCIO_FTS_SECRETS.split(',') %}
{% for secret in secrets %}
kubectl create secret generic {{ secret }} --from-file=/tmp/x509up --dry-run -o yaml | kubectl {% if RUCIO_KUBECONFIG is defined -%}--kubeconfig {{ RUCIO_KUBECONFIG }}{%- endif %} apply --validate=false -f -
kubectl create secret generic {{ secret }} --from-file=/tmp/x509up --dry-run -o yaml | kubectl apply --validate=false -f -
{% endfor %}
{% endif %}

0 comments on commit 2d2ef7d

Please sign in to comment.