Skip to content
Snippets Groups Projects
Commit b40e4a32 authored by Jupiter Hu's avatar Jupiter Hu
Browse files

fixed ldapconfig dump

parent 4a752472
No related branches found
No related tags found
1 merge request!3Master
Hide whitespace changes
Inline Side-by-side
Showing
with 16 additions and 34563 deletions
roles/dump_ldap_config/tasks/main.yml
+ 1
2
View file @ b40e4a32
---
- name: grab cacert
shell: cat {{ ldapCertDest }}
# shell: cat /etc/openldap/certs/cacert.pem
shell: cat {{ ldapCARootDest }}
register: ldapCaCertContents
- name: dump vars
......
roles/karaage3.1.17/tasks/karaage.yml
+ 6
6
View file @ b40e4a32
......@@ -116,7 +116,7 @@
sudo: true
- name: install shibboleth cache file
template: src="{{ shibboleth_deploy }}_metadata.aaf.xml.j2" dest=/tmp/metadata.aaf.xml
template: src="files/{{ shibboleth_deploy }}_metadata.aaf.xml.j2" dest=/tmp/metadata.aaf.xml
-
name: "enabling Karaage configuration"
......@@ -154,11 +154,11 @@
sudo: true
when: karaage_db_init.stdout.find("0") == 0
#-
# name: "Create IDP institutes (disable it as cache is not available)"
# shell: kg-idps /tmp/metadata.aaf.xml
# sudo: true
# when: karaage_db_init.stdout.find("0") == 0
-
name: "Create IDP institutes (disable it as cache is not available)"
shell: kg-idps /tmp/metadata.aaf.xml
sudo: true
when: karaage_db_init.stdout.find("0") == 0
-
name: "Create projects"
......
roles/karaage3.1.17/templates/index.html.j2
+ 2
2
View file @ b40e4a32
<html><body><h3>HPC identity management</h3>
<p>To log in via AAF authentication, connect to <a href=https://hpc.erc.monash.edu.au/aafbootstrap>aafbootstrap</a></p>
<p>To log in without AAF authentication, connect to <a href=https://hpc.erc.monash.edu.au/users>users</a></p>
<p>To log in via AAF authentication, connect to <a href=https://{{ hpchostname }}.erc.monash.edu.au/aafbootstrap>aafbootstrap</a></p>
<p>To log in without AAF authentication, connect to <a href=https://{{ hpchostname }}.erc.monash.edu.au/users>users</a></p>
</body></html>
roles/karaage3.1.17/templates/kg_init.j2
+ 0
151
View file @ b40e4a32
......@@ -26,8 +26,6 @@ class HpcIdInit():
if self.path and os.path.exists(self.path):
with open(self.path) as data:
config_data = json.load(data)
self.project = config_data["project"]
self.mc = config_data["machine_category"]
self.user = config_data["superuser"]
else:
log("Invalid input data")
......@@ -44,115 +42,6 @@ class HpcIdInit():
now = time.strftime("%c")
self.logfile.write(now + ": " + message + "\n")
def getGroup(self, name):
group = None
try:
group =Group.objects.get(name = name)
if group:
self.log("Find group %s" %(name))
except:
self.log("Group %s not found" %(name))
finally:
return group
def getProject(self, name):
self.log("Get Project 1 %s" %(name))
project = None
try:
project = Project.objects.get(name = name)
if project:
self.log("Find project %s" %(project.name))
group = project.group
if group:
self.log("Group name = %s" %(group.name))
else:
self.log("Project %s not found" %(project.name))
except Project.DoesNotExist:
self.log("project %s does not exists" %(name))
except:
self.log("Exception: ", traceback.format_exc())
finally:
return project
def createProject(self, pid, name, institute_name, superuser):
project = None
try:
institute = self.getInstitute(institute_name)
if institute:
self.log("Find insititute %s" %(institute.name))
project = Project.objects.create(pid = pid, name = name, institute = institute, group = institute.group, is_active = True, is_approved = True, approved_by = superuser)
if project:
project.leaders.add(superuser)
self.log("Create project OK")
else:
self.log("Create project failed")
else:
self.log("Insititute %s does not exist" %(institute_name))
except:
self.log("Exception: ", traceback.format_exc())
finally:
return project
def getInstitute(self, name):
institute = None
try:
institute = Institute.objects.get(name = name)
if institute:
self.log("Institute %s exist" %(institute.name))
group = institute.group
if group:
self.log("Group name = %s" %(group.name))
else:
self.log("Institute %s not found" %(name))
except Institute.DoesNotExist:
self.log("Institute %s not found" %(name))
finally:
return institute
def getDefaultDatastore(self):
for key, value in settings.MACHINE_CATEGORY_DATASTORES.items():
if value:
return key
return None
def getMachineCategory(self, name):
mc = None
self.log("Running getMachineGategory %s" %(name))
try:
mc = MachineCategory.objects.get(name = name)
if mc:
self.log("Find machine category %s" %(mc.name))
else:
slef.log("Not found machine category %s" %(name))
except MachineCategory.DoesNotExist:
self.log("Machine category %s dose not exist" %(name))
except:
self.log("Except to create machine category %s" %(traceback.format_exc()))
finally:
return mc
def getOrCreateMachineCategory(self, name):
mc = None
try:
self.log("getOrCreateMachineCategory %s" %(name))
mc = self.getMachineCategory(name)
if not mc:
datastore = self.getDefaultDatastore()
self.log("datastore = '%s'" %(datastore))
mc = MachineCategory.objects.get_or_create(name = name, datastore = datastore)
self.log("after create machine catetory '%s'" %(name))
if mc:
self.log("Create MachineCategory %s OK" %(mc.name))
else:
self.log("Create MachineCategory failed")
except:
self.log("Except to create machine category %s" %(traceback.format_exc()))
finally:
return mc
def getUser(self, username):
person = None
try:
......@@ -171,33 +60,13 @@ class HpcIdInit():
if person:
person.set_password(self.password)
person.save()
result = self.addInstituteDelegate(person, institute)
if result:
log("Add super user %s to institute %s delegate" %(person.username, institute.name))
else:
log("Faired to add super user %s to institute %s delegate" %(person.username, institute.name))
person.full_clean()
except:
log("Create super user exception: %s" %(traceback.format_exc()))
finally:
return person
def addInstituteDelegate(self, su, institute):
result = True
try:
delegates = institute.delegates.all().filter(username = su.username)
if len(delegates) == 0:
self.log("Create institution delegate %s"%(su.username))
institute.delegates.add(su)
self.log("Create institution delegate %s OK"%(su.username))
except:
result = False
self.log("Create institution delegate exception: %s" %(traceback.format_exc()))
finally:
return result
def setup(self):
self.log("Debug = %s" %(self.debug))
su = self.getUser(self.user["username"])
if su:
self.log("Find super user %s" %(su.username))
......@@ -207,25 +76,6 @@ class HpcIdInit():
self.log("Create super user %s OK" %(su.username))
else:
self.log("Create super user %s failed" %(self.user["username"]))
if self.mc:
mc = self.getOrCreateMachineCategory(self.mc)
if mc:
self.log("Get machine category = '%s'" %(self.mc))
else:
self.log("Failed to get machine category = '%s'" %(self.mc))
if su:
for p in self.project:
project = self.getProject(p["project_name"])
if project:
self.log("Find project %s" %(project.name))
else:
self.log("Create project name = %s, pid = %s, institute name = %s" %(p["project_name"], p["pid"], p["institute_name"]))
project = self.createProject(p["pid"], p["project_name"], p["institute_name"], su)
if project:
self.log("Create project %s OK." %(project.name))
else:
self.log("Create project %s failed." %(p["project_name"]))
break
def main(argv):
config_path = None
......@@ -236,7 +86,6 @@ def main(argv):
if len(sys.argv) > 3:
debug = argv[2]
init = HpcIdInit(config_path, password, debug)
init.log("Password = %s, debug = %s" %(password, debug))
init.setup()
else:
print "Usage: kg_init <config file> <superuser password> <option: debug True | False>"
......
roles/karaage3.1.17/templates/kginit.conf.j2
+ 1
1
View file @ b40e4a32
{"project": [{"project_name": "MCC2", "pid": "pMcc2", "institute_name": "Monash University"}, {"project_name": "CVL", "pid": "pCvl", "institute_name": "Monash University"}], "machine_category": "hpc_cluster", "superuser": {"username": "admin", "email": "jupiter.hu@monash.edu", "institute_name": "Monash University", "short_name": "admin", "full_name": "admin"}}
{"superuser": {"username": "admin", "email": "jupiter.hu@monash.edu", "institute_name": "Monash University", "short_name": "admin", "full_name": "admin"}}
roles/karaage3.1.17/templates/settings.py.j2
+ 1
1
View file @ b40e4a32
......@@ -267,7 +267,7 @@ LOGGING = {
# Users are advised to contact this address if having problems.
# This is also used as the from address in outgoing emails.
ACCOUNTS_EMAIL = '{{ karaageAdminEmail }}'
ACCOUNTS_EMAIL = '{{ karaageAccountEmail }}'
# This organisation name, used in outgoing emails.
ACCOUNTS_ORG_NAME = '{{ karaageAcountName }}'
......
roles/karaage3.1.17/templates/test_metadata.aaf.xml.j2 deleted 100644 → 0
+ 0
34400
View file @ 4a752472
Source diff could not be displayed: it is too large. Options to address this: view the blob.
roles/ldapserver/tasks/main.yml
+ 4
0
View file @ b40e4a32
......@@ -77,6 +77,10 @@
copy: src="files/{{ ldapCAChain }}" dest="{{ ldapCAChainDest }}"
sudo: true
- name: copy ca root cert
copy: src="files/{{ ldap_TLSCARoot }}" dest="{{ ldapCARootDest }}"
sudo: true
when: ldap_TLSCARoot is defined
- name: copy key
copy: src="files/{{ ldapKey }}" dest="{{ ldapKeyDest }}" mode=600 owner={{ ldapuser }} group={{ ldapgroup }}
......
roles/ldapserver/vars/main.yml
+ 1
0
View file @ b40e4a32
......@@ -2,3 +2,4 @@
ldapCertDest: "{{ ldapDir }}/ssl/certs/ldapcert.pem"
ldapKeyDest: "{{ ldapDir }}/ssl/private/ldapkey.pem"
ldapCAChainDest: "{{ ldapDir }}/ssl/certs/cacert.pem"
ldapCARootDest: "{{ ldapDir }}/ssl/certs/ca_cert.pem"
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment