Last active
November 17, 2020 10:40
-
-
Save lenards/501e788da736ed42d10cdc42c8f4353e to your computer and use it in GitHub Desktop.
See README for context
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# A silly attempt as testing ... | |
## Verification Environment | |
``` | |
git clone https://gist.github.com/501e788da736ed42d10cdc42c8f4353e.git clank-pr-test | |
vagrant up | |
``` | |
``` | |
vagrant ssh | |
. clank_env/bin/activate | |
cp test_data/test-role.yml clank/playbooks | |
``` | |
``` | |
ansible-playbook "/home/vagrant/clank/playbooks/test-role.yml" \ | |
--flush-cache -c local -e "@../test_data/certs-included-variables.yml" -i "localhost," | |
``` | |
``` | |
ansible-playbook "/home/vagrant/clank/playbooks/test-role.yml" \ | |
--flush-cache -c local -e "@../test_data/no-certs-variables.yml" -i "localhost," | |
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
########################################## | |
# Required vars to be filled out by user | |
########################################## | |
# Server url of the instance Atmosphere and/or Troposphere | |
# will be installed | |
SERVER_URL: # myhostname.org | |
SERVERNAME: {{SERVER_URL}} | |
# "mock" used only for development | |
MOCK_USERNAME: # valid user within system; should against on cloud providers | |
# Ansible Related Files | |
ANSIBLE_HOSTS_FILE: #Absolute Path Recommended | |
ANSIBLE_GROUP_VARS_FOLDER: #Absolute Path Recommended | |
############################### | |
# | |
# CLANK VARS | |
# | |
############################### | |
# ATMO | |
VIRTUAL_ENV_DIR_ATMOSPHERE: /opt/env | |
VIRTUAL_ENV_ATMOSPHERE: "{{ VIRTUAL_ENV_DIR_ATMOSPHERE }}/atmo" | |
ATMOSPHERE_DIR: /opt/dev | |
ATMOSPHERE_LOCATION: "{{ ATMOSPHERE_DIR }}/atmosphere" | |
ATMOSPHERE_REPO: https://github.com/iPlantCollaborativeOpenSource/atmosphere.git | |
# Placeholder for defining the atmosphere branch: | |
ATMOSPHERE_BRANCH: "" | |
# ATMOSPHERE ANSIBLE | |
ANSIBLE_DEPLOY_DIR: "{{ ATMOSPHERE_DIR }}" | |
ANSIBLE_DEPLOY_LOCATION: "{{ ANSIBLE_DEPLOY_DIR }}/atmosphere-ansible" | |
# Placeholder for defining the atmosphere-ansible branch: | |
ANSIBLE_DEPLOY_BRANCH: "" | |
ANSIBLE_REPO: https://github.com/iPlantCollaborativeOpenSource/atmosphere-ansible.git | |
# Placeholder for defining the atmosphere-ansible branch: | |
ATMOSPHERE_ANSIBLE_BRANCH: "" | |
# TROPO | |
VIRTUAL_ENV_DIR_TROPOSPHERE: /opt/env | |
VIRTUAL_ENV_TROPOSPHERE: "{{ VIRTUAL_ENV_DIR_TROPOSPHERE }}/troposphere" | |
TROPOSPHERE_DIR: /opt/dev | |
TROPOSPHERE_LOCATION: "{{ TROPOSPHERE_DIR }}/troposphere" | |
TROPOSPHERE_REPO: https://github.com/iplantcollaborativeOpenSource/troposphere.git | |
TROPOSPHERE_BUILD: "production" | |
# Placeholder for defining the troposphere branch: | |
TROPOSPHERE_BRANCH: "" | |
# POSTGRESQL DB INFORMATION | |
DB_VERSION: 9.3 # Currently defaults to 9.3 | |
ATMO_DBNAME: atmosphere | |
ATMO_DBUSER: atmosphere_app | |
ATMO_DBPASSWORD: mySECRETpassword | |
ATMO_DATA: | |
LOAD_DATABASE: False # set this to true when you want to load postgres with sql files | |
SQL_DUMP_FILE: # an absolute path to sql script that you want | |
# loaded /root/some_sql.sql | |
TROPO_DBNAME: troposphere | |
TROPO_DBUSER: troposphere_app | |
TROPO_DBPASSWORD: mySECRETpassword | |
TROPO_DATA: | |
LOAD_DATABASE: False # set this to true when you want to load postgres with sql files | |
SQL_DUMP_FILE: # an absolute path to sql script that you want | |
# loaded /root/some_sql.sql | |
# SSL RELATED VARS | |
GENERATE_SSH_CONFIG: true # Set this to false if you wish to keep your .ssh/config | |
CREATE_SSL: false # Set this to false if you wish to pass in your own certs | |
# If the above variable is set to true, don't edit next three vars below | |
SSL_CERTIFICATE: /home/vagrant/test_data/test-input.crt #Absolute Path Recommended | |
BUNDLE_CERT: /home/vagrant/test_data/test-bundle.crt #Absolute Path Recommended | |
SSL_KEY: /home/vagrant/test_data/test-input.key #Absolute Path Recommended | |
# SSH KEYS | |
CREATE_SSH_KEYS: true # Set this to false if you wish to pass in your own ssh keys | |
ID_RSA: #Absolute Path Recommended | |
ID_RSA_PUB: #Absolute Path Recommended | |
# uncomment if using New Relic to monitoring applications | |
# | |
#NEW_RELIC: | |
# # license key | |
# LICENSE: a1number30m3h43h00000000000 | |
# # name that will appear within New Relic site in APM | |
# ATMO_LABEL: 'Atmosphere Python (atmobeta)' | |
# # name that will appear within New Relic site in APM | |
# TROPO_LABEL: 'Troposphere Python (atmobeta)' | |
# # new relic environment: 'production' or 'atmobeta' | |
# ENVIRONMENT: 'atmobeta' | |
# # partial path to New Relic Browser snippet | |
# # - relative path from `troposphere/templates` | |
# BROWSER: 'partials/__new_relic_browser.html' | |
################################### | |
# | |
# COMMON BETWEEN ATMO AND TROP VARS | |
# | |
################################### | |
#COMMON: | |
################################### | |
# | |
# ATMOSPHERE VARS | |
# | |
################################### | |
ATMO: | |
COMMON: | |
SERVER_URL: "{{ SERVERNAME }}" | |
LDAP_SERVER: | |
LDAP_SERVER_DN: | |
TOKEN_EXPIRY_TIME_DAYS: 1 | |
DJANGO_SERVER_URL: "{{ SERVERNAME }}" | |
nginx: | |
ENABLE_HTTP2: False | |
ATMOSPHERE_PATH: "{{ ATMOSPHERE_LOCATION }}" | |
BUNDLE_FILE: "empty_bundle.crt" | |
CERT_DIR: /etc/ssl/certs | |
CERT_FILE: self-signed.crt | |
COMBINED_CERT_FILE: self_signed_combined.crt | |
COMBINED_CERT_PATH: /etc/ssl/certs/self_signed_combined.crt | |
DHPARAM: /etc/ssl/certs/dhparam.pem | |
KEY_FILE: self-signed.key | |
KEY_PATH: /etc/ssl/private | |
KEY_SIZE: 2048 | |
LEADERBOARD_URL: | |
LOCATIONS_DIR: /etc/nginx/locations | |
SITES_ENABLED_DIR: /etc/nginx/sites-enabled | |
SITES_AVAILABLE_DIR: /etc/nginx/sites-available | |
SERVER_URL: "{{ SERVERNAME }}" | |
VIRTUALENV_PATH: "{{ VIRTUAL_ENV_ATMOSPHERE }}" | |
uwsgi.ini: | |
LOCAL_DEV: False | |
PATH_TO_ATMOSPHERE: "{{ ATMOSPHERE_LOCATION }}" | |
VIRTUALENV_PATH: "{{ VIRTUAL_ENV_ATMOSPHERE }}" | |
UWSGI_USER: www-data | |
UWSGI_GROUP: www-data | |
UWSGI_LOG_PATH: /var/log/uwsgi/app/atmosphere.log | |
local.py: | |
ANSIBLE_ROOT: "{{ ANSIBLE_DEPLOY_LOCATION }}" | |
AUTH_USE_OVERRIDE: True | |
AUTH_ENABLE_CAS: False | |
AUTH_ENABLE_GLOBUS: False | |
AUTH_ENABLE_LDAP: False | |
AUTH_ENABLE_MOCK: True | |
AUTH_ENABLE_JWT: False | |
USE_MOCK_AUTH: True # Retained for Legacy purposes | |
AUTH_MOCK_USER: "{{ MOCK_USERNAME }}" | |
MOCK_USER: "{{ MOCK_USERNAME }}" # Retained for legacy purposes | |
LOGOUT_REDIRECT_URL: /logout | |
CAS_AUTH_PREFIX: | |
CAS_SERVER: | |
OAUTH_ISSUE_USER: "" | |
LDAP_SERVER: | |
LDAP_SERVER_DN: | |
JWT_INSTALL: True | |
JWT_PUBLIC_KEY: | |
JWT_CLIENT_KEY: | |
JWT_CLIENT_SECRET: | |
GLOBUS_OAUTH_ID: | |
GLOBUS_OAUTH_SECRET: | |
GLOBUS_OAUTH_CREDENTIALS_SCOPE: | |
GLOBUS_OAUTH_ATMOSPHERE_SCOPE: | |
GLOBUS_TOKENINFO_URL: | |
GLOBUS_TOKEN_URL: | |
GLOBUS_AUTH_URL: | |
OAUTH_CLIENT_KEY: | |
OAUTH_CLIENT_SECRET: | |
DATABASE_CONN_MAX_AGE: 60 | |
DATABASE_ENGINE: django.db.backends.postgresql_psycopg2 | |
DATABASE_HOST: localhost | |
DATABASE_NAME: "{{ATMO_DBNAME}}" | |
DATABASE_PASSWORD: "{{ATMO_DBPASSWORD}}" | |
DATABASE_PORT: 5432 | |
DATABASE_USER: "{{ATMO_DBUSER}}" | |
DJANGO_DEBUG: True | |
#NOTE: DO NOT SET ENFORCING UNLESS YOU ARE ON PRODUCTION!!!! | |
ENFORCING: False | |
DJANGO_JENKINS: False | |
# in seconds, 2 days: 2 * 24 * 60 * 60 | |
SESSION_COOKIE_AGE: 172800 | |
SSLSERVER: True | |
TESTING: True | |
SAML_SSO: "" | |
SAML_SSO_KEYFILE: "" | |
SAML_SSO_CERTFILE: "" | |
SAML_IDP_URL: | |
SAML_IDP_OAUTH_URL: | |
SSO_OAUTH_KEY: | |
SSO_OAUTH_SECRET: | |
SAML_ENTITY_ID: | |
DJANGO_TEMPLATE_DEBUG: True | |
LOG_LIBCLOUD: True | |
LOGGING_DEP_LEVEL: logging.WARNING | |
LOGGING_LEVEL: logging.DEBUG | |
LOGSTASH_HOST: | |
LOGSTASH_PORT: | |
METRIC_SERVER: | |
SECRET_KEY: | |
SELF_SIGNED_CERT: True | |
TEST_RUNNER: atmosphere.test_runner.CeleryDiscoverTestSuiteRunner | |
TEST_RUNNER_PASS: | |
TEST_RUNNER_USER: | |
SITE_NAME: CyVerse | |
TIME_ZONE: America/Phoenix | |
GLOBUS_MAPPING_FILE: "" | |
AUTO_CREATE_NEW_ACCOUNTS: False | |
REPLICATION_PROVIDER_LOCATION: | |
MONTHLY_RESET_PROVIDER_LOCATIONS: [''] | |
DEFAULT_PASSWORD_UPDATE: keystone_password_update | |
DEFAULT_PASSWORD_LOOKUP: crypt_hashpass | |
DEFAULT_ALLOCATION_THRESHOLD: (7 * 24 * 60) # In Minutes | |
DEFAULT_ALLOCATION_DELTA: (365 * 24 * 60) # In Minutes | |
DEFAULT_EMAIL_DOMAIN: | |
DEFAULT_IP_LOOKUP: iplant_hostname | |
DEFAULT_KEYSTONE_ROLE: _member_ | |
EMAIL_LOOKUP_METHOD: ldapLookupEmail | |
DEFAULT_QUOTA: {'cpu': 16, 'memory': 128, 'storage': 10} | |
ADMINS_EMAIL_TUPLE: [['<name>', '<email>']] | |
SUPPORT_EMAIL: | |
SUPPORT_EMAIL_SIGNATURE: Atmosphere Team | |
SUPPORT_LINKS: {'getting_started': "https://pods.iplantcollaborative.org/wiki/display/atmman/Using+Instances",'new_provider': "https://pods.iplantcollaborative.org/wiki/display/atmman/Changing+Providers"} | |
MONTHLY_RESET_PROVIDER_LOCATIONS: ['',] | |
REPLICATION_PROVIDER_LOCATION: | |
EMAIL_LOOKUP_METHOD: ldapLookupEmail | |
USER_EMAIL_LOOKUP_METHOD: ldap_get_email_info | |
INSTANCE_HOSTNAMING_DOMAIN: # host domain VMs will have | |
INSTANCE_HOSTNAMING_FORMAT: vm%(three)s-%(four)s.%(domain)s | |
DEPLOYMENT_KEYPAIR_NAME: # keypair name inject by atmo-ansible during instance deploy | |
CELERYBEAT_SCHEDULE: {"monitor_instances": {"schedule": 'timedelta(minutes=5)',}} | |
secrets.py: | |
IRODS_HOST: | |
IRODS_PORT: | |
IRODS_ZONE: | |
IRODS_ADMIN_USER: | |
IRODS_ADMIN_PASS: | |
LOCAL_STORAGE: /Storage | |
CHROMO_EXTRA_IMAGE_METADATA: {} | |
CHROMO_DEPLOYMENT_KEY: "" | |
ATMOSPHERE_SUPERUSER: | |
ATMOSPHERE_VNC_LICENSE: | |
ATMOSPHERE_SECRET_SEED: | |
celeryd.default: | |
VIRTUAL_ENV_ATMOSPHERE: "{{ VIRTUAL_ENV_ATMOSPHERE }}" | |
ATMOSPHERE_LOCATION: "{{ ATMOSPHERE_LOCATION }}" | |
SSL_LOCATION: /etc/ssl | |
SSL_CERTIFICATE: | |
SSL_KEY: iplantc.key | |
USE_PRODUCTION: False | |
FLOWER_AUTH_SCHEME: "basic" | |
# Required if auth_scheme is 'basic' | |
FLOWER_BASIC_USERNAME: "example-basic-user" | |
FLOWER_BASIC_PASSWORD: "some-security-basic-pass" | |
# Required if auth_scheme is 'google' | |
FLOWER_EMAIL_ACCESS_LIST: | |
FLOWER_OAUTH2_CLIENT_ID: | |
FLOWER_OAUTH2_CLIENT_SECRET: | |
FLOWER_OAUTH2_REDIRECT_URI: | |
################################### | |
# | |
# ATMOSPHERE ANSIBLE VARIABLES | |
# | |
################################### | |
ATMOSPHERE_ANSIBLE: | |
COMMON: | |
ATMOSPHERE_ANSIBLE_DIR: /opt/dev/atmosphere-ansible | |
ATMOSPHERE_ANSIBLE_LOG_DIR: /opt/dev/atmosphere/logs | |
ansible.cfg: | |
ANSIBLE_FACT_CACHE_BACKEND: redis | |
ANSIBLE_FACT_CACHE_TIMEOUT: 14400 | |
ANSIBLE_MANAGED_STR: "Ansible managed: {file} modified on %Y-%m-%d %H:%M:%S by {uid} on {host}" | |
ANSIBLE_SSH_TIMEOUT: 10 | |
SUBSPACE_PLUGINS_DIR: /opt/env/atmo/lib/python2.7/site-packages/subspace/plugins | |
SUBSPACE_CALLBACK_WHITELIST: play_logger | |
SUBSPACE_COW_SELECTION: random | |
SUBSPACE_NO_COWS: 1 | |
################################### | |
# | |
# TROPOSPHERE VARS | |
# | |
################################### | |
TROPO: | |
COMMON: | |
ASSETS_PATH: "{{ TROPOSPHERE_LOCATION }}/troposphere/assets/" | |
THEME_PATH: "{{ TROPOSPHERE_LOCATION }}/troposphere/themes/" | |
DJANGO_SERVER_URL: "https://{{ SERVERNAME }}" | |
SERVER_URL: "https://{{ SERVERNAME }}" | |
LDAP_SERVER: | |
LDAP_SERVER_DN: | |
TOKEN_EXPIRY_TIME_DAYS: 1 | |
nginx: | |
ENABLE_HTTP2: False | |
BUNDLE_FILE: "empty_bundle.crt" | |
TROPOSPHERE_PATH: "{{ TROPOSPHERE_LOCATION }}" | |
LOCATIONS_DIR: /etc/nginx/locations | |
SITES_AVAILABLE_DIR: /etc/nginx/sites-available | |
SITES_ENABLED_DIR: /etc/nginx/sites-enabled | |
SERVER_URL: "{{ SERVERNAME }}" | |
CERT_DIR: /etc/ssl/certs | |
CERT_FILE: self-signed.crt | |
COMBINED_CERT_FILE: self_signed_combined.crt | |
COMBINED_CERT_PATH: /etc/ssl/certs/self_signed_combined.crt | |
KEY_FILE: self-signed.key | |
KEY_PATH: /etc/ssl/private/ | |
KEY_SIZE: 2048 | |
DHPARAM: /etc/ssl/certs/dhparam.pem | |
VIRTUALENV_PATH: "{{ VIRTUAL_ENV_TROPOSPHERE }}" | |
uwsgi.ini: | |
LOCAL_DEV: True | |
PATH_TO_TROPOSPHERE: "{{ TROPOSPHERE_LOCATION }}" | |
VIRTUALENV_PATH: "{{ VIRTUAL_ENV_TROPOSPHERE }}" | |
UWSGI_USER: www-data | |
UWSGI_GROUP: www-data | |
UWSGI_LOG_PATH: /var/log/uwsgi/app/troposphere.log | |
local.py: | |
DEBUG: True | |
SECRET_KEY: "" | |
THEME_NAME: troposphere_theme | |
SITE_TITLE: Atmosphere | |
SITE_FOOTER: CyVerse | |
ORG_NAME: CyVerse | |
SUPPORT_EMAIL: "{{ MOCK_USERNAME }}@<email-domain>" | |
API_SERVER: "https://{{SERVERNAME}}" | |
BASE_URL: "" | |
ENABLE_WEBPACK_LOADER_CACHE: False | |
DYNAMIC_ASSET_LOADING: False | |
AUTH_USE_OVERRIDE: True | |
AUTH_ENABLE_MOCK: True | |
AUTH_ENABLE_MODEL: False | |
AUTH_ENABLE_GLOBUS: False | |
AUTH_ENABLE_OAUTH: False | |
AUTH_ENABLE_CAS: False | |
AUTH_ENABLE_LDAP: False | |
DATABASE_NAME: "{{ TROPO_DBNAME }}" | |
DATABASE_ENGINE: django.db.backends.postgresql_psycopg2 | |
DATABASE_USER: "{{ TROPO_DBUSER }}" | |
DATABASE_CONN_MAX_AGE: 60 | |
DATABASE_PASSWORD: "{{ TROPO_DBPASSWORD }}" | |
DATABASE_HOST: localhost | |
DATABASE_PORT: 5432 | |
DJANGO_JENKINS: "" | |
SSLSERVER: True | |
MOCK_USER: "{{ MOCK_USERNAME }}" | |
USE_MOCK_AUTH: True | |
LOGOUT_REDIRECT_URL: /logout | |
CAS_SERVER: | |
CAS_AUTH_PREFIX: | |
OAUTH_CLIENT_KEY: | |
OAUTH_CLIENT_SECRET: | |
OAUTH_CLIENT_CALLBACK: "" | |
GLOBUS_OAUTH_ID: "" | |
GLOBUS_OAUTH_SECRET: "" | |
GLOBUS_OAUTH_CREDENTIALS_SCOPE: "" | |
GLOBUS_OAUTH_ATMOSPHERE_SCOPE: "" | |
GLOBUS_TOKENINFO_URL: "" | |
GLOBUS_TOKEN_URL: "" | |
GLOBUS_AUTH_URL: "" | |
OAUTH_ISSUE_USER: "" | |
SESSION_COOKIE_AGE: 172800 | |
# user account names for staff & admins | |
STAFF_LIST_USERNAMES: [] | |
BADGES_ENABLED: False | |
BADGE_SECRET: "" | |
BADGE_HOST: "" | |
BADGE_API_HOST: "" | |
BADGE_SYSTEM_NAME: "" | |
BADGE_SYSTEM_SLUG: "" | |
SHOW_INSTANCE_METRICS: True | |
INTERCOM_APP_ID: | |
INTERCOM_COMPANY_ID: | |
INTERCOM_COMPANY_NAME: | |
USE_GATE_ONE_API: False | |
# Key and secret represent atmo-dev credentials | |
GATE_ONE_API_KEY: "" | |
GATE_ONE_API_SECRET: "" | |
# must be localhost or route-able domain | |
WEB_SH_ROUTE: "" | |
WEB_SH_BASE_URL: "" | |
WEB_SH_JS_FILE: static/gateone.js | |
# settings for noVNC transparent proxying | |
WEB_DESKTOP_SIGNING_SALT: | |
WEB_DESKTOP_FP_SALT: | |
WEB_DESKTOP_SIGNING_SECRET_KEY: | |
WEB_DESKTOP_FP_SECRET_KEY: | |
WEB_DESKTOP_INCLUDE_LINK: False | |
WEB_DESKTOP_PROXY_URL: | |
WEB_DESKTOP_PROXY_DOMAIN: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
########################################## | |
# Required vars to be filled out by user | |
########################################## | |
# Server url of the instance Atmosphere and/or Troposphere | |
# will be installed | |
SERVER_URL: # myhostname.org | |
SERVERNAME: {{SERVER_URL}} | |
# "mock" used only for development | |
MOCK_USERNAME: # valid user within system; should against on cloud providers | |
# Ansible Related Files | |
ANSIBLE_HOSTS_FILE: #Absolute Path Recommended | |
ANSIBLE_GROUP_VARS_FOLDER: #Absolute Path Recommended | |
############################### | |
# | |
# CLANK VARS | |
# | |
############################### | |
# ATMO | |
VIRTUAL_ENV_DIR_ATMOSPHERE: /opt/env | |
VIRTUAL_ENV_ATMOSPHERE: "{{ VIRTUAL_ENV_DIR_ATMOSPHERE }}/atmo" | |
ATMOSPHERE_DIR: /opt/dev | |
ATMOSPHERE_LOCATION: "{{ ATMOSPHERE_DIR }}/atmosphere" | |
ATMOSPHERE_REPO: https://github.com/iPlantCollaborativeOpenSource/atmosphere.git | |
# Placeholder for defining the atmosphere branch: | |
ATMOSPHERE_BRANCH: "" | |
# ATMOSPHERE ANSIBLE | |
ANSIBLE_DEPLOY_DIR: "{{ ATMOSPHERE_DIR }}" | |
ANSIBLE_DEPLOY_LOCATION: "{{ ANSIBLE_DEPLOY_DIR }}/atmosphere-ansible" | |
# Placeholder for defining the atmosphere-ansible branch: | |
ANSIBLE_DEPLOY_BRANCH: "" | |
ANSIBLE_REPO: https://github.com/iPlantCollaborativeOpenSource/atmosphere-ansible.git | |
# Placeholder for defining the atmosphere-ansible branch: | |
ATMOSPHERE_ANSIBLE_BRANCH: "" | |
# TROPO | |
VIRTUAL_ENV_DIR_TROPOSPHERE: /opt/env | |
VIRTUAL_ENV_TROPOSPHERE: "{{ VIRTUAL_ENV_DIR_TROPOSPHERE }}/troposphere" | |
TROPOSPHERE_DIR: /opt/dev | |
TROPOSPHERE_LOCATION: "{{ TROPOSPHERE_DIR }}/troposphere" | |
TROPOSPHERE_REPO: https://github.com/iplantcollaborativeOpenSource/troposphere.git | |
TROPOSPHERE_BUILD: "production" | |
# Placeholder for defining the troposphere branch: | |
TROPOSPHERE_BRANCH: "" | |
# POSTGRESQL DB INFORMATION | |
DB_VERSION: 9.3 # Currently defaults to 9.3 | |
ATMO_DBNAME: atmosphere | |
ATMO_DBUSER: atmosphere_app | |
ATMO_DBPASSWORD: mySECRETpassword | |
ATMO_DATA: | |
LOAD_DATABASE: False # set this to true when you want to load postgres with sql files | |
SQL_DUMP_FILE: # an absolute path to sql script that you want | |
# loaded /root/some_sql.sql | |
TROPO_DBNAME: troposphere | |
TROPO_DBUSER: troposphere_app | |
TROPO_DBPASSWORD: mySECRETpassword | |
TROPO_DATA: | |
LOAD_DATABASE: False # set this to true when you want to load postgres with sql files | |
SQL_DUMP_FILE: # an absolute path to sql script that you want | |
# loaded /root/some_sql.sql | |
# SSL RELATED VARS | |
GENERATE_SSH_CONFIG: true # Set this to false if you wish to keep your .ssh/config | |
CREATE_SSL: true # Set this to false if you wish to pass in your own certs | |
# If the above variable is set to true, don't edit next three vars below | |
SSL_CERTIFICATE: #Absolute Path Recommended | |
BUNDLE_CERT: #Absolute Path Recommended | |
SSL_KEY: #Absolute Path Recommended | |
# SSH KEYS | |
CREATE_SSH_KEYS: true # Set this to false if you wish to pass in your own ssh keys | |
ID_RSA: #Absolute Path Recommended | |
ID_RSA_PUB: #Absolute Path Recommended | |
# uncomment if using New Relic to monitoring applications | |
# | |
#NEW_RELIC: | |
# # license key | |
# LICENSE: a1number30m3h43h00000000000 | |
# # name that will appear within New Relic site in APM | |
# ATMO_LABEL: 'Atmosphere Python (atmobeta)' | |
# # name that will appear within New Relic site in APM | |
# TROPO_LABEL: 'Troposphere Python (atmobeta)' | |
# # new relic environment: 'production' or 'atmobeta' | |
# ENVIRONMENT: 'atmobeta' | |
# # partial path to New Relic Browser snippet | |
# # - relative path from `troposphere/templates` | |
# BROWSER: 'partials/__new_relic_browser.html' | |
################################### | |
# | |
# COMMON BETWEEN ATMO AND TROP VARS | |
# | |
################################### | |
#COMMON: | |
################################### | |
# | |
# ATMOSPHERE VARS | |
# | |
################################### | |
ATMO: | |
COMMON: | |
SERVER_URL: "{{ SERVERNAME }}" | |
LDAP_SERVER: | |
LDAP_SERVER_DN: | |
TOKEN_EXPIRY_TIME_DAYS: 1 | |
DJANGO_SERVER_URL: "{{ SERVERNAME }}" | |
nginx: | |
ENABLE_HTTP2: False | |
ATMOSPHERE_PATH: "{{ ATMOSPHERE_LOCATION }}" | |
BUNDLE_FILE: "empty_bundle.crt" | |
CERT_DIR: /etc/ssl/certs | |
CERT_FILE: self-signed.crt | |
COMBINED_CERT_FILE: self_signed_combined.crt | |
COMBINED_CERT_PATH: /etc/ssl/certs/self_signed_combined.crt | |
DHPARAM: /etc/ssl/certs/dhparam.pem | |
KEY_FILE: self-signed.key | |
KEY_PATH: /etc/ssl/private | |
KEY_SIZE: 2048 | |
LEADERBOARD_URL: | |
LOCATIONS_DIR: /etc/nginx/locations | |
SITES_ENABLED_DIR: /etc/nginx/sites-enabled | |
SITES_AVAILABLE_DIR: /etc/nginx/sites-available | |
SERVER_URL: "{{ SERVERNAME }}" | |
VIRTUALENV_PATH: "{{ VIRTUAL_ENV_ATMOSPHERE }}" | |
uwsgi.ini: | |
LOCAL_DEV: False | |
PATH_TO_ATMOSPHERE: "{{ ATMOSPHERE_LOCATION }}" | |
VIRTUALENV_PATH: "{{ VIRTUAL_ENV_ATMOSPHERE }}" | |
UWSGI_USER: www-data | |
UWSGI_GROUP: www-data | |
UWSGI_LOG_PATH: /var/log/uwsgi/app/atmosphere.log | |
local.py: | |
ANSIBLE_ROOT: "{{ ANSIBLE_DEPLOY_LOCATION }}" | |
AUTH_USE_OVERRIDE: True | |
AUTH_ENABLE_CAS: False | |
AUTH_ENABLE_GLOBUS: False | |
AUTH_ENABLE_LDAP: False | |
AUTH_ENABLE_MOCK: True | |
AUTH_ENABLE_JWT: False | |
USE_MOCK_AUTH: True # Retained for Legacy purposes | |
AUTH_MOCK_USER: "{{ MOCK_USERNAME }}" | |
MOCK_USER: "{{ MOCK_USERNAME }}" # Retained for legacy purposes | |
LOGOUT_REDIRECT_URL: /logout | |
CAS_AUTH_PREFIX: | |
CAS_SERVER: | |
OAUTH_ISSUE_USER: "" | |
LDAP_SERVER: | |
LDAP_SERVER_DN: | |
JWT_INSTALL: True | |
JWT_PUBLIC_KEY: | |
JWT_CLIENT_KEY: | |
JWT_CLIENT_SECRET: | |
GLOBUS_OAUTH_ID: | |
GLOBUS_OAUTH_SECRET: | |
GLOBUS_OAUTH_CREDENTIALS_SCOPE: | |
GLOBUS_OAUTH_ATMOSPHERE_SCOPE: | |
GLOBUS_TOKENINFO_URL: | |
GLOBUS_TOKEN_URL: | |
GLOBUS_AUTH_URL: | |
OAUTH_CLIENT_KEY: | |
OAUTH_CLIENT_SECRET: | |
DATABASE_CONN_MAX_AGE: 60 | |
DATABASE_ENGINE: django.db.backends.postgresql_psycopg2 | |
DATABASE_HOST: localhost | |
DATABASE_NAME: "{{ATMO_DBNAME}}" | |
DATABASE_PASSWORD: "{{ATMO_DBPASSWORD}}" | |
DATABASE_PORT: 5432 | |
DATABASE_USER: "{{ATMO_DBUSER}}" | |
DJANGO_DEBUG: True | |
#NOTE: DO NOT SET ENFORCING UNLESS YOU ARE ON PRODUCTION!!!! | |
ENFORCING: False | |
DJANGO_JENKINS: False | |
# in seconds, 2 days: 2 * 24 * 60 * 60 | |
SESSION_COOKIE_AGE: 172800 | |
SSLSERVER: True | |
TESTING: True | |
SAML_SSO: "" | |
SAML_SSO_KEYFILE: "" | |
SAML_SSO_CERTFILE: "" | |
SAML_IDP_URL: | |
SAML_IDP_OAUTH_URL: | |
SSO_OAUTH_KEY: | |
SSO_OAUTH_SECRET: | |
SAML_ENTITY_ID: | |
DJANGO_TEMPLATE_DEBUG: True | |
LOG_LIBCLOUD: True | |
LOGGING_DEP_LEVEL: logging.WARNING | |
LOGGING_LEVEL: logging.DEBUG | |
LOGSTASH_HOST: | |
LOGSTASH_PORT: | |
METRIC_SERVER: | |
SECRET_KEY: | |
SELF_SIGNED_CERT: True | |
TEST_RUNNER: atmosphere.test_runner.CeleryDiscoverTestSuiteRunner | |
TEST_RUNNER_PASS: | |
TEST_RUNNER_USER: | |
SITE_NAME: CyVerse | |
TIME_ZONE: America/Phoenix | |
GLOBUS_MAPPING_FILE: "" | |
AUTO_CREATE_NEW_ACCOUNTS: False | |
REPLICATION_PROVIDER_LOCATION: | |
MONTHLY_RESET_PROVIDER_LOCATIONS: [''] | |
DEFAULT_PASSWORD_UPDATE: keystone_password_update | |
DEFAULT_PASSWORD_LOOKUP: crypt_hashpass | |
DEFAULT_ALLOCATION_THRESHOLD: (7 * 24 * 60) # In Minutes | |
DEFAULT_ALLOCATION_DELTA: (365 * 24 * 60) # In Minutes | |
DEFAULT_EMAIL_DOMAIN: | |
DEFAULT_IP_LOOKUP: iplant_hostname | |
DEFAULT_KEYSTONE_ROLE: _member_ | |
EMAIL_LOOKUP_METHOD: ldapLookupEmail | |
DEFAULT_QUOTA: {'cpu': 16, 'memory': 128, 'storage': 10} | |
ADMINS_EMAIL_TUPLE: [['<name>', '<email>']] | |
SUPPORT_EMAIL: | |
SUPPORT_EMAIL_SIGNATURE: Atmosphere Team | |
SUPPORT_LINKS: {'getting_started': "https://pods.iplantcollaborative.org/wiki/display/atmman/Using+Instances",'new_provider': "https://pods.iplantcollaborative.org/wiki/display/atmman/Changing+Providers"} | |
MONTHLY_RESET_PROVIDER_LOCATIONS: ['',] | |
REPLICATION_PROVIDER_LOCATION: | |
EMAIL_LOOKUP_METHOD: ldapLookupEmail | |
USER_EMAIL_LOOKUP_METHOD: ldap_get_email_info | |
INSTANCE_HOSTNAMING_DOMAIN: # host domain VMs will have | |
INSTANCE_HOSTNAMING_FORMAT: vm%(three)s-%(four)s.%(domain)s | |
DEPLOYMENT_KEYPAIR_NAME: # keypair name inject by atmo-ansible during instance deploy | |
CELERYBEAT_SCHEDULE: {"monitor_instances": {"schedule": 'timedelta(minutes=5)',}} | |
secrets.py: | |
IRODS_HOST: | |
IRODS_PORT: | |
IRODS_ZONE: | |
IRODS_ADMIN_USER: | |
IRODS_ADMIN_PASS: | |
LOCAL_STORAGE: /Storage | |
CHROMO_EXTRA_IMAGE_METADATA: {} | |
CHROMO_DEPLOYMENT_KEY: "" | |
ATMOSPHERE_SUPERUSER: | |
ATMOSPHERE_VNC_LICENSE: | |
ATMOSPHERE_SECRET_SEED: | |
celeryd.default: | |
VIRTUAL_ENV_ATMOSPHERE: "{{ VIRTUAL_ENV_ATMOSPHERE }}" | |
ATMOSPHERE_LOCATION: "{{ ATMOSPHERE_LOCATION }}" | |
SSL_LOCATION: /etc/ssl | |
SSL_CERTIFICATE: | |
SSL_KEY: iplantc.key | |
USE_PRODUCTION: False | |
FLOWER_AUTH_SCHEME: "basic" | |
# Required if auth_scheme is 'basic' | |
FLOWER_BASIC_USERNAME: "example-basic-user" | |
FLOWER_BASIC_PASSWORD: "some-security-basic-pass" | |
# Required if auth_scheme is 'google' | |
FLOWER_EMAIL_ACCESS_LIST: | |
FLOWER_OAUTH2_CLIENT_ID: | |
FLOWER_OAUTH2_CLIENT_SECRET: | |
FLOWER_OAUTH2_REDIRECT_URI: | |
################################### | |
# | |
# ATMOSPHERE ANSIBLE VARIABLES | |
# | |
################################### | |
ATMOSPHERE_ANSIBLE: | |
COMMON: | |
ATMOSPHERE_ANSIBLE_DIR: /opt/dev/atmosphere-ansible | |
ATMOSPHERE_ANSIBLE_LOG_DIR: /opt/dev/atmosphere/logs | |
ansible.cfg: | |
ANSIBLE_FACT_CACHE_BACKEND: redis | |
ANSIBLE_FACT_CACHE_TIMEOUT: 14400 | |
ANSIBLE_MANAGED_STR: "Ansible managed: {file} modified on %Y-%m-%d %H:%M:%S by {uid} on {host}" | |
ANSIBLE_SSH_TIMEOUT: 10 | |
SUBSPACE_PLUGINS_DIR: /opt/env/atmo/lib/python2.7/site-packages/subspace/plugins | |
SUBSPACE_CALLBACK_WHITELIST: play_logger | |
SUBSPACE_COW_SELECTION: random | |
SUBSPACE_NO_COWS: 1 | |
################################### | |
# | |
# TROPOSPHERE VARS | |
# | |
################################### | |
TROPO: | |
COMMON: | |
ASSETS_PATH: "{{ TROPOSPHERE_LOCATION }}/troposphere/assets/" | |
THEME_PATH: "{{ TROPOSPHERE_LOCATION }}/troposphere/themes/" | |
DJANGO_SERVER_URL: "https://{{ SERVERNAME }}" | |
SERVER_URL: "https://{{ SERVERNAME }}" | |
LDAP_SERVER: | |
LDAP_SERVER_DN: | |
TOKEN_EXPIRY_TIME_DAYS: 1 | |
nginx: | |
ENABLE_HTTP2: False | |
BUNDLE_FILE: "empty_bundle.crt" | |
TROPOSPHERE_PATH: "{{ TROPOSPHERE_LOCATION }}" | |
LOCATIONS_DIR: /etc/nginx/locations | |
SITES_AVAILABLE_DIR: /etc/nginx/sites-available | |
SITES_ENABLED_DIR: /etc/nginx/sites-enabled | |
SERVER_URL: "{{ SERVERNAME }}" | |
CERT_DIR: /etc/ssl/certs | |
CERT_FILE: self-signed.crt | |
COMBINED_CERT_FILE: self_signed_combined.crt | |
COMBINED_CERT_PATH: /etc/ssl/certs/self_signed_combined.crt | |
KEY_FILE: self-signed.key | |
KEY_PATH: /etc/ssl/private/ | |
KEY_SIZE: 2048 | |
DHPARAM: /etc/ssl/certs/dhparam.pem | |
VIRTUALENV_PATH: "{{ VIRTUAL_ENV_TROPOSPHERE }}" | |
uwsgi.ini: | |
LOCAL_DEV: True | |
PATH_TO_TROPOSPHERE: "{{ TROPOSPHERE_LOCATION }}" | |
VIRTUALENV_PATH: "{{ VIRTUAL_ENV_TROPOSPHERE }}" | |
UWSGI_USER: www-data | |
UWSGI_GROUP: www-data | |
UWSGI_LOG_PATH: /var/log/uwsgi/app/troposphere.log | |
local.py: | |
DEBUG: True | |
SECRET_KEY: "" | |
THEME_NAME: troposphere_theme | |
SITE_TITLE: Atmosphere | |
SITE_FOOTER: CyVerse | |
ORG_NAME: CyVerse | |
SUPPORT_EMAIL: "{{ MOCK_USERNAME }}@<email-domain>" | |
API_SERVER: "https://{{SERVERNAME}}" | |
BASE_URL: "" | |
ENABLE_WEBPACK_LOADER_CACHE: False | |
DYNAMIC_ASSET_LOADING: False | |
AUTH_USE_OVERRIDE: True | |
AUTH_ENABLE_MOCK: True | |
AUTH_ENABLE_MODEL: False | |
AUTH_ENABLE_GLOBUS: False | |
AUTH_ENABLE_OAUTH: False | |
AUTH_ENABLE_CAS: False | |
AUTH_ENABLE_LDAP: False | |
DATABASE_NAME: "{{ TROPO_DBNAME }}" | |
DATABASE_ENGINE: django.db.backends.postgresql_psycopg2 | |
DATABASE_USER: "{{ TROPO_DBUSER }}" | |
DATABASE_CONN_MAX_AGE: 60 | |
DATABASE_PASSWORD: "{{ TROPO_DBPASSWORD }}" | |
DATABASE_HOST: localhost | |
DATABASE_PORT: 5432 | |
DJANGO_JENKINS: "" | |
SSLSERVER: True | |
MOCK_USER: "{{ MOCK_USERNAME }}" | |
USE_MOCK_AUTH: True | |
LOGOUT_REDIRECT_URL: /logout | |
CAS_SERVER: | |
CAS_AUTH_PREFIX: | |
OAUTH_CLIENT_KEY: | |
OAUTH_CLIENT_SECRET: | |
OAUTH_CLIENT_CALLBACK: "" | |
GLOBUS_OAUTH_ID: "" | |
GLOBUS_OAUTH_SECRET: "" | |
GLOBUS_OAUTH_CREDENTIALS_SCOPE: "" | |
GLOBUS_OAUTH_ATMOSPHERE_SCOPE: "" | |
GLOBUS_TOKENINFO_URL: "" | |
GLOBUS_TOKEN_URL: "" | |
GLOBUS_AUTH_URL: "" | |
OAUTH_ISSUE_USER: "" | |
SESSION_COOKIE_AGE: 172800 | |
# user account names for staff & admins | |
STAFF_LIST_USERNAMES: [] | |
BADGES_ENABLED: False | |
BADGE_SECRET: "" | |
BADGE_HOST: "" | |
BADGE_API_HOST: "" | |
BADGE_SYSTEM_NAME: "" | |
BADGE_SYSTEM_SLUG: "" | |
SHOW_INSTANCE_METRICS: True | |
INTERCOM_APP_ID: | |
INTERCOM_COMPANY_ID: | |
INTERCOM_COMPANY_NAME: | |
USE_GATE_ONE_API: False | |
# Key and secret represent atmo-dev credentials | |
GATE_ONE_API_KEY: "" | |
GATE_ONE_API_SECRET: "" | |
# must be localhost or route-able domain | |
WEB_SH_ROUTE: "" | |
WEB_SH_BASE_URL: "" | |
WEB_SH_JS_FILE: static/gateone.js | |
# settings for noVNC transparent proxying | |
WEB_DESKTOP_SIGNING_SALT: | |
WEB_DESKTOP_FP_SALT: | |
WEB_DESKTOP_SIGNING_SECRET_KEY: | |
WEB_DESKTOP_FP_SECRET_KEY: | |
WEB_DESKTOP_INCLUDE_LINK: False | |
WEB_DESKTOP_PROXY_URL: | |
WEB_DESKTOP_PROXY_DOMAIN: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-----BEGIN CERTIFICATE----- | |
MIID2zCCAsOgAwIBAgIJAM6gGTLB4shdMA0GCSqGSIb3DQEBCwUAMIGDMQswCQYD | |
VQQGEwJVUzEQMA4GA1UECAwHQXJpem9uYTEPMA0GA1UEBwwGVHVjc29uMRowGAYD | |
VQQKDBFMb2NhbCBEZXZlbG9wbWVudDEUMBIGA1UEAwwLc2VsZi1zaWduZWQxHzAd | |
BgkqhkiG9w0BCQEWEGxvY2FsQGF0bW8uY2xvdWQwHhcNMTYwNzIwMjM1NDMzWhcN | |
MjYwNzE4MjM1NDMzWjCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0FyaXpvbmEx | |
DzANBgNVBAcMBlR1Y3NvbjEaMBgGA1UECgwRTG9jYWwgRGV2ZWxvcG1lbnQxFDAS | |
BgNVBAMMC3NlbGYtc2lnbmVkMR8wHQYJKoZIhvcNAQkBFhBsb2NhbEBhdG1vLmNs | |
b3VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ikfTYXAzN1zct+P | |
ZL26TTO3vWOuIeCoXF0itsM0YFAqfFe1BDKXWrpugGhEep6VJzJ8CuxNIe42Poy/ | |
NAkEXxz/3BNYn1QxJULn6KVarnZzXu2wffqFeeDoIjTCifeOY6A/QZnoBc9xQQ+6 | |
h8DWZpDhAWtGfImU/IWf6jUMGCT5bFN1k3BklU9stTMHnlJRGxKe+1arMrybwTp3 | |
3SjNAoDWOh+OzqnuaZjkusEzQ0Eekd2Ax5GRrSomxVE1FjxwiDRcpgI4T7QK0EzT | |
g9HivHo1aHs7PCjCBGGb58+fC6Gg53c/qNgxAL/ZVU5GZq7MKozwO5L62s7ksL+6 | |
TGFjiQIDAQABo1AwTjAdBgNVHQ4EFgQUJfmOmPrGvR3nqye1PZyqpGa32SowHwYD | |
VR0jBBgwFoAUJfmOmPrGvR3nqye1PZyqpGa32SowDAYDVR0TBAUwAwEB/zANBgkq | |
hkiG9w0BAQsFAAOCAQEAQ1qTxjA5A/YI55vyqZ0qI6qo4NXMduf/QvCpei/qtGmv | |
9ms+u01Wfk7sfgf3sAIwHn1dsVoX09UL2crvAEn++XWdqNfOF5dJDurLAC/K6MpO | |
ttfWTrdsLZjudDITu1uaMuuu3Bv2usLY3TKJg5qJbcAn9LByPPr3GqEniZMF8FrI | |
jczwPshdr1Tk+wwJBfsBykTm28gW5TmlUPm3AqakW1p7jreudju4b/nK6FaMPDb4 | |
XXoITtRQwapRiZTyxu081bC7Io3LFZwbV2Qh5WZOfSK9lbabPCloNVhbK4GhlXuC | |
1tN2+QJCAp/2wab1FB5oYyyCq9FFwSrcaMn3Ee6lYw== | |
-----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-----BEGIN CERTIFICATE----- | |
MIID2zCCAsOgAwIBAgIJAM6gGTLB4shdMA0GCSqGSIb3DQEBCwUAMIGDMQswCQYD | |
VQQGEwJVUzEQMA4GA1UECAwHQXJpem9uYTEPMA0GA1UEBwwGVHVjc29uMRowGAYD | |
VQQKDBFMb2NhbCBEZXZlbG9wbWVudDEUMBIGA1UEAwwLc2VsZi1zaWduZWQxHzAd | |
BgkqhkiG9w0BCQEWEGxvY2FsQGF0bW8uY2xvdWQwHhcNMTYwNzIwMjM1NDMzWhcN | |
MjYwNzE4MjM1NDMzWjCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0FyaXpvbmEx | |
DzANBgNVBAcMBlR1Y3NvbjEaMBgGA1UECgwRTG9jYWwgRGV2ZWxvcG1lbnQxFDAS | |
BgNVBAMMC3NlbGYtc2lnbmVkMR8wHQYJKoZIhvcNAQkBFhBsb2NhbEBhdG1vLmNs | |
b3VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ikfTYXAzN1zct+P | |
ZL26TTO3vWOuIeCoXF0itsM0YFAqfFe1BDKXWrpugGhEep6VJzJ8CuxNIe42Poy/ | |
NAkEXxz/3BNYn1QxJULn6KVarnZzXu2wffqFeeDoIjTCifeOY6A/QZnoBc9xQQ+6 | |
h8DWZpDhAWtGfImU/IWf6jUMGCT5bFN1k3BklU9stTMHnlJRGxKe+1arMrybwTp3 | |
3SjNAoDWOh+OzqnuaZjkusEzQ0Eekd2Ax5GRrSomxVE1FjxwiDRcpgI4T7QK0EzT | |
g9HivHo1aHs7PCjCBGGb58+fC6Gg53c/qNgxAL/ZVU5GZq7MKozwO5L62s7ksL+6 | |
TGFjiQIDAQABo1AwTjAdBgNVHQ4EFgQUJfmOmPrGvR3nqye1PZyqpGa32SowHwYD | |
VR0jBBgwFoAUJfmOmPrGvR3nqye1PZyqpGa32SowDAYDVR0TBAUwAwEB/zANBgkq | |
hkiG9w0BAQsFAAOCAQEAQ1qTxjA5A/YI55vyqZ0qI6qo4NXMduf/QvCpei/qtGmv | |
9ms+u01Wfk7sfgf3sAIwHn1dsVoX09UL2crvAEn++XWdqNfOF5dJDurLAC/K6MpO | |
ttfWTrdsLZjudDITu1uaMuuu3Bv2usLY3TKJg5qJbcAn9LByPPr3GqEniZMF8FrI | |
jczwPshdr1Tk+wwJBfsBykTm28gW5TmlUPm3AqakW1p7jreudju4b/nK6FaMPDb4 | |
XXoITtRQwapRiZTyxu081bC7Io3LFZwbV2Qh5WZOfSK9lbabPCloNVhbK4GhlXuC | |
1tN2+QJCAp/2wab1FB5oYyyCq9FFwSrcaMn3Ee6lYw== | |
-----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-----BEGIN PRIVATE KEY----- | |
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDqKR9NhcDM3XNy | |
349kvbpNM7e9Y64h4KhcXSK2wzRgUCp8V7UEMpdaum6AaER6npUnMnwK7E0h7jY+ | |
jL80CQRfHP/cE1ifVDElQufopVqudnNe7bB9+oV54OgiNMKJ945joD9BmegFz3FB | |
D7qHwNZmkOEBa0Z8iZT8hZ/qNQwYJPlsU3WTcGSVT2y1MweeUlEbEp77VqsyvJvB | |
OnfdKM0CgNY6H47Oqe5pmOS6wTNDQR6R3YDHkZGtKibFUTUWPHCINFymAjhPtArQ | |
TNOD0eK8ejVoezs8KMIEYZvnz58LoaDndz+o2DEAv9lVTkZmrswqjPA7kvrazuSw | |
v7pMYWOJAgMBAAECggEAKAjx3ipBJYWzSG+qr5m0saBnCM1zJz2m62vNFJxZZyIt | |
sWa5f0c7E3sOi4vIMYLNk48RIDj4kxWMVrNvuXDVO4HUyQbRvyQA5xMCXYdv8qYz | |
4YYYB+H+UjE+3yJQJJCb2rK6PfgXcG7gOTR8OtugjJa2saxqt746J9ac2clKERJl | |
ha1KjbN31CNXlFceiqgSBmkr2BlwovdAtICr6BMkWfOYr4mL/DSRVIDZT585328Q | |
UXRAFr/bVnbmz6VazzBspyEyUqQwYqmj2vNQEN4bxyMzurn8r8UeZRkw70U5yAPV | |
jBHsnyRqNlA8Edbt4gvpVUJtKFP5EzMWBezADUBMVQKBgQD7u04CbVevBxSisGlu | |
VSN9eHVP2Yozk2cCxLap+JfimZC6jsuo/mpNjy09fK09se/2y7WH2vKHGVUqjP6f | |
Yiunbi7R0cmA7NLpInmVwBcs6FQTojowsEEHy0bipwrKbvJPaJkgP8gCJVFno+Jp | |
ujX70pry9pAWdPpTptQOrKB0ewKBgQDuIYv3o28yFJavnWl2JwNDzX5kMNNTz90i | |
GLMK2rHxTrvR2QQsO8DuB0+Ibx46pEgLi9Z3BD8JVh3t4eljFcD2QeScCVQ5NLpf | |
DiTffnQTW8TUcGyxOHMiviyoYaRXSoNe7ohimgvVgkuYAXRGqUcufewhiIVifHH0 | |
PWw7Dp8yywKBgDBMKZVxoScltqHYMwJGN371Q5zEYi2vFE6Fq35FAe8qA4inqQ+N | |
cJvc4pMvfpWdtCqnvvaH3YxqIdr+HkQ6M6H2E+mR1JV12ql8QdOnfUrScH8r2vpI | |
dtGmAL2vyvQ4ASmXKfn0As3Wlx3JZcFfRshAChafk9mbLAQst/bwzABNAoGAFCqH | |
HeubSRRxRmIAQl8/aYiHgZiY7OoXggGxd+PZWeQfB8BnGA/fYMkBtT4jwzeSWlf3 | |
S5DyfanrUu/kwd1fv/sIjyZDGa0bc11RRhQBZHpLCuqSader+G8+fOv37OSEh4+P | |
wTnmcqhcGn1VCX7gZlGHo7daBGMhi1uAROgSF00CgYEA6jdXseiUB/Jl3NfiB6Mp | |
tPfGVO528BJ5g3LkzDyT9c05MGjJRuDkOXk6jDnx7f2qnRP5svuNaEaq8XHCRs7s | |
SBd9rvS6o4gl4r67cP1Wrgs7X3DCGG151U13cUUJ0nI6QaYB1YEye4defbRwkSW1 | |
6YcGDSK08kRs4pzs87tUgSY= | |
-----END PRIVATE KEY----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# place under `playbooks`, /home/vagrant/clank/playbooks in Vagrant Environment | |
- name: Test setup-ssl | |
hosts: all | |
become: yes | |
become_user: root | |
pre_tasks: | |
- name: debug determine path | |
debug: msg="playbook_dir={{playbook_dir}}" | |
- stat: path="{{ playbook_dir }}" | |
register: p | |
- fail: msg="Please copy test-role.yml into /home/vagrant/clank/playbooks" | |
when: p.stat.path != '/home/vagrant/clank/playbooks' | |
# | |
# - debug: msg="{{p.stat}}" | |
# | |
roles: | |
- { role: setup-ssl, | |
CREATE_SSL_FILES: "{{ CREATE_SSL | default(True) }}", | |
tags: ['dependencies', 'ssl'] } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
install_script = " | |
apt-get update | |
apt-get install -y git python python-pip python-dev libffi-dev libssl-dev | |
pip install --upgrade pip virtualenv | |
git clone -b fix-gen-ssl-issue --depth 1 https://github.com/lenards/clank.git; | |
virtualenv clank_env | |
. clank_env/bin/activate | |
pip install -r clank/requirements.txt | |
git clone https://gist.github.com/501e788da736ed42d10cdc42c8f4353e.git /vagrant/test_data | |
mkdir test_data | |
cp -R /vagrant/test_data/* test_data | |
" | |
Vagrant.configure(2) do |config| | |
config.vm.define "clank-test" do |conf| | |
conf.vm.box = "ubuntu/trusty64" | |
conf.ssh.username = "vagrant" | |
conf.ssh.password = "vagrant" | |
conf.vm.network "private_network", ip: "192.168.72.19" | |
conf.vm.provision "shell", inline: install_script, privileged: true | |
conf.vm.provider "virtualbox" do |v| | |
v.memory = 4096 | |
v.cpus = 4 | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment