diff --git a/.github/workflows/build-test-release-client-packages.yml b/.github/workflows/build-test-release-client-packages.yml index cfe08fd9..0caf16e5 100644 --- a/.github/workflows/build-test-release-client-packages.yml +++ b/.github/workflows/build-test-release-client-packages.yml @@ -4,13 +4,11 @@ on: push: branches: - main - - test_client_packages_ci tags: - 'v*' pull_request: branches: - main - - test_client_packages_ci jobs: @@ -49,14 +47,21 @@ jobs: uses: bpicode/github-action-fpm@master with: fpm_args: "etc" - fpm_opts: "--debug -n cvmfs-config-eessi -v ${{ steps.get_version.outputs.version }} -t rpm -a all -s dir -C ./package --description 'CVMFS config repository package for EESSI.'" + fpm_opts: "--debug -n cvmfs-config-eessi -v ${{ steps.get_version.outputs.version }} -t rpm -a all -s dir -C ./package --description 'CVMFS configuration package for EESSI.'" - name: Build Deb package id: build-deb uses: bpicode/github-action-fpm@master with: fpm_args: "etc" - fpm_opts: "--debug -n cvmfs-config-eessi -v ${{ steps.get_version.outputs.version }} -t deb -a all -s dir -C ./package --description 'CVMFS config repository package for EESSI.'" + fpm_opts: "--debug -n cvmfs-config-eessi -v ${{ steps.get_version.outputs.version }} -t deb -a all -s dir -C ./package --description 'CVMFS configuration package for EESSI.'" + + - name: Build tar package + id: build-tar + uses: bpicode/github-action-fpm@master + with: + fpm_args: "etc" + fpm_opts: "--debug -n cvmfs-config-eessi -v ${{ steps.get_version.outputs.version }} -t tar -a all -s dir -C ./package --description 'CVMFS configuration package for EESSI.'" - name: Find filenames of generated packages id: find_filenames @@ -64,8 +69,10 @@ jobs: run: | rpmfile="$(ls -1 cvmfs-config-eessi*.rpm)" debfile="$(ls -1 cvmfs-config-eessi*.deb)" + tarfile="$(ls -1 cvmfs-config-eessi*.tar)" echo ::set-output name=rpmfile::${rpmfile} echo ::set-output name=debfile::${debfile} + echo ::set-output name=tarfile::${tarfile} - name: Upload Deb package as artifact uses: actions/upload-artifact@v2 @@ -79,6 +86,12 @@ jobs: name: RPM package path: ${{ steps.find_filenames.outputs.rpmfile }} + - name: Upload tar package as artifact + uses: actions/upload-artifact@v2 + with: + name: Tar package + path: ${{ steps.find_filenames.outputs.tarfile }} + build-macos-package: runs-on: macos-latest steps: @@ -113,7 +126,7 @@ jobs: run: gem install --no-document fpm - name: Build package - run: "fpm --debug -n cvmfs-config-eessi -v ${{ steps.get_version.outputs.version }} -t osxpkg -a all -s dir -C ./package --description 'CVMFS config repository package for EESSI.' etc" + run: "fpm --debug -n cvmfs-config-eessi -v ${{ steps.get_version.outputs.version }} -t osxpkg -a all -s dir -C ./package --description 'CVMFS configuration package for EESSI.' etc" - name: Find filename of generated package id: find_filename @@ -157,13 +170,13 @@ jobs: run: sudo dpkg -i ./${{ steps.find_filename.outputs.debfile }} - name: Add local CVMFS configuration (/etc/cvmfs/default.local) - run: echo "CVMFS_HTTP_PROXY=DIRECT" | sudo tee /etc/cvmfs/default.local + run: echo "CVMFS_CLIENT_PROFILE=single" | sudo tee /etc/cvmfs/default.local - name: Mount the repositories run: sudo cvmfs_config setup - name: Test repository access - run: ls /cvmfs/cvmfs-config.eessi-hpc.org/etc/cvmfs + run: ls /cvmfs/pilot.eessi-hpc.org/ test-rpm-package: needs: build-linux-packages @@ -195,14 +208,51 @@ jobs: run: rpm -i ./${{ steps.find_filename.outputs.rpmfile }} - name: Add local CVMFS configuration (/etc/cvmfs/default.local) - run: echo "CVMFS_HTTP_PROXY=DIRECT" | tee /etc/cvmfs/default.local + run: echo "CVMFS_CLIENT_PROFILE=single" | tee /etc/cvmfs/default.local - name: Mount the repositories #run: cvmfs_config setup - run: mkdir -p /cvmfs/cvmfs-config.eessi-hpc.org && mount -t cvmfs cvmfs-config.eessi-hpc.org /cvmfs/cvmfs-config.eessi-hpc.org + run: mkdir -p /cvmfs/pilot.eessi-hpc.org && mount -t cvmfs pilot.eessi-hpc.org /cvmfs/pilot.eessi-hpc.org + + - name: Test repository access + run: ls /cvmfs/pilot.eessi-hpc.org/ + + test-tar-package: + needs: build-linux-packages + runs-on: ubuntu-latest + steps: + - name: Install CVMFS dependencies + run: sudo apt-get install lsb-release + + - name: Download and install CVMFS client + run: wget https://ecsft.cern.ch/dist/cvmfs/cvmfs-release/cvmfs-release-latest_all.deb && sudo dpkg -i cvmfs-release-latest_all.deb + + - name: Install CVMFS client + run: sudo apt-get update && sudo apt-get install cvmfs + + - name: Download cvmfs-config-eessi package + uses: actions/download-artifact@v2 + with: + name: Tar package + + - name: Find filename of package + id: find_filename + shell: bash + run: | + tarfile="$(ls -1 cvmfs-config-eessi*.tar)" + echo ::set-output name=tarfile::${tarfile} + + - name: Install package + run: sudo tar -C / -xf ./${{ steps.find_filename.outputs.tarfile }} + + - name: Add local CVMFS configuration (/etc/cvmfs/default.local) + run: echo "CVMFS_CLIENT_PROFILE=single" | sudo tee /etc/cvmfs/default.local + + - name: Mount the repositories + run: sudo cvmfs_config setup - name: Test repository access - run: ls /cvmfs/cvmfs-config.eessi-hpc.org/etc/cvmfs + run: ls /cvmfs/pilot.eessi-hpc.org/ test-macos-package: needs: build-macos-package @@ -230,16 +280,16 @@ jobs: run: sudo installer -target / -pkg ./${{ steps.find_filename.outputs.pkgfile }} - name: Add local CVMFS configuration (/etc/cvmfs/default.local) - run: echo "CVMFS_HTTP_PROXY=DIRECT" | sudo tee /etc/cvmfs/default.local + run: echo "CVMFS_CLIENT_PROFILE=single" | sudo tee /etc/cvmfs/default.local - name: Mount the repositories - run: sudo mkdir -p /Users/Shared/cvmfs/cvmfs-config.eessi-hpc.org && sudo mount -t cvmfs cvmfs-config.eessi-hpc.org /Users/Shared/cvmfs/cvmfs-config.eessi-hpc.org + run: sudo mkdir -p /Users/Shared/cvmfs/pilot.eessi-hpc.org && sudo mount -t cvmfs pilot.eessi-hpc.org /Users/Shared/cvmfs/pilot.eessi-hpc.org - name: Test repository access - run: ls /Users/Shared/cvmfs/cvmfs-config.eessi-hpc.org/etc/cvmfs + run: ls /Users/Shared/cvmfs/pilot.eessi-hpc.org/ release: - needs: [build-linux-packages, build-macos-package, test-deb-package, test-rpm-package, test-macos-package] + needs: [build-linux-packages, build-macos-package, test-deb-package, test-rpm-package, test-macos-package, test-tar-package] if: startsWith(github.ref, 'refs/tags/') runs-on: ubuntu-latest steps: @@ -253,6 +303,11 @@ jobs: with: name: RPM package + - name: Download tar package + uses: actions/download-artifact@v2 + with: + name: Tar package + - name: Download macOS package uses: actions/download-artifact@v2 with: @@ -265,9 +320,11 @@ jobs: rpmfile="$(ls -1 cvmfs-config-eessi*.rpm)" debfile="$(ls -1 cvmfs-config-eessi*.deb)" pkgfile="$(ls -1 cvmfs-config-eessi*.pkg)" + tarfile="$(ls -1 cvmfs-config-eessi*.tar)" echo ::set-output name=rpmfile::${rpmfile} echo ::set-output name=debfile::${debfile} echo ::set-output name=pkgfile::${pkgfile} + echo ::set-output name=tarfile::${tarfile} - name: Create Release id: create_release @@ -309,3 +366,13 @@ jobs: asset_path: ${{ steps.find_filenames.outputs.pkgfile }} asset_name: ${{ steps.find_filenames.outputs.pkgfile }} asset_content_type: application/x-newton-compatible-pkg + + - name: Upload Tar as release asset + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ steps.create_release.outputs.upload_url }} + asset_path: ${{ steps.find_filenames.outputs.tarfile }} + asset_name: ${{ steps.find_filenames.outputs.tarfile }} + asset_content_type: application/x-tar diff --git a/.github/workflows/test-playbook.sh b/.github/workflows/test-playbook.sh index 3e599330..d6db6487 100755 --- a/.github/workflows/test-playbook.sh +++ b/.github/workflows/test-playbook.sh @@ -15,10 +15,12 @@ echo ' - 127.0.0.1' >> inventory/local_site_specific_vars.yml # Don't use the GEO API for the Stratum 1, since we do not have a key here. export CVMFS_GEO_DB_FILE=NONE -# Only test the cvmfs-config repo on the Stratum 1, as the other ones may be very large. +# Only test CI suitable repos on the Stratum 1, as the other ones may be very large. if [ $playbook == "stratum1.yml" ] then - echo 'cvmfs_repositories: "[{{ eessi_cvmfs_config_repo.repository }}]"' >> inventory/local_site_specific_vars.yml + cat >> inventory/local_site_specific_vars.yml <<-EOF + cvmfs_repositories: "{{ eessi_cvmfs_repositories | selectattr('use_for_ci', 'defined') | selectattr('use_for_ci', 'sameas', true) | list }}" + EOF fi # Install the Ansible dependencies. diff --git a/.github/workflows/test-playbooks.yml b/.github/workflows/test-playbooks.yml index 3d29f0a9..cfc06df8 100644 --- a/.github/workflows/test-playbooks.yml +++ b/.github/workflows/test-playbooks.yml @@ -34,8 +34,5 @@ jobs: run: docker run -d --workdir /github/workspace --rm -e INPUT_PLAYBOOK -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_PATH -e GITHUB_ENV -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v $HOME:"/github/home" -v "$HOME/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "$GITHUB_WORKSPACE":"/github/workspace" -v /sys/fs/cgroup:/sys/fs/cgroup --privileged --device /dev/fuse --mount type=bind,source=${GITHUB_WORKSPACE}/srv,target=/srv --mount type=bind,source=${GITHUB_WORKSPACE}/srv,target=/var/spool/cvmfs --name ${{ matrix.component }}-${{ matrix.os }} docker.pkg.github.com/$(echo $GITHUB_REPOSITORY | tr '[A-Z]' '[a-z]')/${{ matrix.os }} - name: Execute the playbook run: docker exec ${{ matrix.component }}-${{ matrix.os }} /test-playbook.sh ${{ matrix.component }}.yml - - name: Execute additional playbook for Stratum 0 - run: docker exec ${{ matrix.component }}-${{ matrix.os }} /test-playbook.sh ${{ matrix.component }}-deploy-cvmfs-config.yml - if: ${{ matrix.component == 'stratum0' }} - name: Stop the container run: docker kill ${{ matrix.component }}-${{ matrix.os }} diff --git a/README.md b/README.md index abbefa1e..93c43586 100644 --- a/README.md +++ b/README.md @@ -166,9 +166,13 @@ Next, you need to make a file `/etc/cvmfs/default.local` manually; this file is contains, for instance, the URL to your local proxy and the size of the local cache. As an example, you can put the following in this file, which corresponds to not using a proxy and setting the local quota limit to 40000MB: ``` -CVMFS_HTTP_PROXY=DIRECT +CVMFS_CLIENT_PROFILE=single CVMFS_QUOTA_LIMIT=40000 ``` +If you do want to use your own proxy, replace the first line by: +``` +CVMFS_HTTP_PROXY=: +``` For more details about configuring your client, see https://cvmfs.readthedocs.io/en/stable/cpt-configure.html. Finally, run `cvmfs_config setup` to set up CVMFS. diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml index af3b62e4..f9e3e541 100644 --- a/inventory/group_vars/all.yml +++ b/inventory/group_vars/all.yml @@ -2,16 +2,23 @@ # vars file for eessi project # Automatically configure EESSI CVMFS repos. -eessi_cvmfs_repos_enabled: config-repo +eessi_cvmfs_repos_enabled: true -# Email address for the project, which will be put in the contact file on the config repo. +# Email address for the project. eessi_email: eessi@list.rug.nl -# Defaults for eessi-hpc.org config repo, syntax for each key is the same as that of cvmfs_ -eessi_cvmfs_config_repo: - domain: eessi-hpc.org - key: - path: /etc/cvmfs/keys/eessi-hpc.org/cvmfs-config.eessi-hpc.org.pub +# +# Defaults for eessi-hpc.org repos. +# + +# We do not use a config repo anymore. +eessi_cvmfs_config_repo: {} + +# Public keys for the repositories, which you can find on the Stratum 0 at: +# /etc/cvmfs/keys/*.pub +# Note: you first have to run the stratum0.yml playbook once to generate the repositories and keys. +eessi_cvmfs_keys: + - path: /etc/cvmfs/keys/eessi-hpc.org/cvmfs-config.eessi-hpc.org.pub key: | -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoTBc/Eksr9ECEOoCzHA @@ -22,25 +29,6 @@ eessi_cvmfs_config_repo: +hCt494UsFs3tchmTebpK+x3pVRXybQ66Qm1mQiaz+2VbUJdQEov4RCC5PcOmOOk BwIDAQAB -----END PUBLIC KEY----- - urls: - - "http://cvmfs-s1-rug.eessi-hpc.org/cvmfs/@fqrn@" - - "http://cvmfs-s1-bgo.eessi-hpc.org/cvmfs/@fqrn@" - repository: - repository: cvmfs-config.eessi-hpc.org - stratum0: cvmfs-s0.eessi-hpc.org - owner: "{{ cvmfs_repo_owner | default('root') }}" - key_dir: /etc/cvmfs/keys/eessi-hpc.org - server_options: [] - client_options: [] - -# -# Defaults for eessi-hpc.org repos. -# - -# Public keys for the repositories, which you can find on the Stratum 0 at: -# /etc/cvmfs/keys/*.pub -# Note: you first have to run the stratum0.yml playbook once to generate the repositories and keys. -eessi_cvmfs_keys: - path: /etc/cvmfs/keys/eessi-hpc.org/pilot.eessi-hpc.org.pub key: | -----BEGIN PUBLIC KEY----- @@ -52,6 +40,19 @@ eessi_cvmfs_keys: HJN0HHOVdRIwNjjPkV2jIqhJoI85no89v8/V45SFPVo+A7N0Cj4QdQrQTezpnlby FQIDAQAB -----END PUBLIC KEY----- + # The following (duplicate) key can be removed after this PR has been merged: + # https://github.com/galaxyproject/ansible-cvmfs/pull/32 + - path: /etc/cvmfs/keys/eessi-hpc.org/ci.eessi-hpc.org.pub + key: | + -----BEGIN PUBLIC KEY----- + MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAommtaoqQ36Rb/cFnqUWg + 8FoYCOjJWVBMQ4sVZ87oFRWehOUbcfy/ah85D9055HQws7i/hLNGJJAa7Es3E2o8 + v8LtSlRdfR1A7b7LA6p3213HHz6dNU6I1riwtE2OP7/w4Q3+Agj1iRtW535GwzGo + 4ZbewL8T1kbyaEm4HyefoitHXJthoPyTlYAhvAegIil1VJPhJZW+q/NWxnsd9QGJ + uAtbSICQg6mBJI50KiCBYmKHOAjH2W8qEnLWc7JoPoNvAHuMx1ya6YerBM5T9Esm + HJN0HHOVdRIwNjjPkV2jIqhJoI85no89v8/V45SFPVo+A7N0Cj4QdQrQTezpnlby + FQIDAQAB + -----END PUBLIC KEY----- # URLs for all the Stratum 1 servers. eessi_cvmfs_server_urls: @@ -71,8 +72,17 @@ eessi_cvmfs_repositories: - CVMFS_AUTO_GC=false - CVMFS_AUTO_TAG_TIMESPAN="30 days ago" - CVMFS_GARBAGE_COLLECTION=true - client_options: - - CVMFS_NFILES=4096 + client_options: [] + use_for_ci: no + - repository: ci.eessi-hpc.org + stratum0: cvmfs-s0.eessi-hpc.org + owner: "{{ cvmfs_repo_owner | default('root') }}" + key_dir: /etc/cvmfs/keys/eessi-hpc.org + server_options: + - CVMFS_AUTO_GC=false + - CVMFS_GARBAGE_COLLECTION=true + client_options: [] + use_for_ci: yes # Override all the Galaxy defaults by our EESSI defaults. # This is required, beucase the galaxy_* variables are used inside the Ansible tasks. diff --git a/inventory/group_vars/cvmfsclients b/inventory/group_vars/cvmfsclients index ff211fcb..795c9a47 100644 --- a/inventory/group_vars/cvmfsclients +++ b/inventory/group_vars/cvmfsclients @@ -3,6 +3,3 @@ # List of proxies to be used for the clients. # Override this setting in your local_site_specific_vars.yml file. cvmfs_http_proxies: "{{ local_cvmfs_http_proxies | default(['DIRECT']) }}" - -# Use the CVMFS configuration repository for the clients. -eessi_cvmfs_repos_enabled: config-repo diff --git a/inventory/group_vars/cvmfsstratum0servers b/inventory/group_vars/cvmfsstratum0servers index ec952dfc..cd21505a 100644 --- a/inventory/group_vars/cvmfsstratum0servers +++ b/inventory/group_vars/cvmfsstratum0servers @@ -1,3 +1,2 @@ --- -cvmfs_repositories: "{{ eessi_cvmfs_repositories + [eessi_cvmfs_config_repo.repository] }}" diff --git a/inventory/group_vars/cvmfsstratum1servers b/inventory/group_vars/cvmfsstratum1servers index 1478980a..51f05182 100644 --- a/inventory/group_vars/cvmfsstratum1servers +++ b/inventory/group_vars/cvmfsstratum1servers @@ -1,5 +1,3 @@ --- -cvmfs_repositories: "{{ eessi_cvmfs_repositories + [eessi_cvmfs_config_repo.repository] }}" -cvmfs_keys: "{{ eessi_cvmfs_keys + [eessi_cvmfs_config_repo.key] }}" cvmfs_squid_conf_src: "{{ local_stratum1_cvmfs_squid_conf_src | default('eessi_stratum1_squid.conf.j2') }}" diff --git a/prepare-client-packages.yml b/prepare-client-packages.yml index bd6df32a..39e545f5 100644 --- a/prepare-client-packages.yml +++ b/prepare-client-packages.yml @@ -5,9 +5,18 @@ vars: package_vendor: EESSI package_maintainer: EESSI - package_description: CVMFS config repository package for EESSI. + package_description: CVMFS configuration package for EESSI. package_source_dir: "{{ lookup('env', 'GITHUB_WORKSPACE') | default('/tmp', True) }}/package" tasks: + - name: Check the number of defined domains (should be one!) + fail: + msg: "Cannot build a client package when eessi_cvmfs_server_urls contains different domains" + when: eessi_cvmfs_server_urls | selectattr('domain') | list | unique | count > 1 + + - name: Determine domain name + set_fact: + eessi_domain: "{{ eessi_cvmfs_server_urls[0].domain }}" + - name: Create directory structure for the CVMFS config file: path: "{{ item }}" @@ -18,28 +27,37 @@ - "{{ package_source_dir }}/etc" - "{{ package_source_dir }}/etc/cvmfs" - "{{ package_source_dir }}/etc/cvmfs/keys" - - "{{ package_source_dir }}/etc/cvmfs/keys/{{ eessi_cvmfs_config_repo.domain }}" - - "{{ package_source_dir }}/etc/cvmfs/config.d" - - "{{ package_source_dir }}/etc/cvmfs/default.d" + - "{{ package_source_dir }}/etc/cvmfs/keys/{{ eessi_domain }}" + - "{{ package_source_dir }}/etc/cvmfs/domain.d" - - name: Make EESSI CVMFS public key file + - name: Make EESSI CVMFS public key files copy: - content: "{{ eessi_cvmfs_config_repo.key.key }}" - dest: "{{ package_source_dir }}{{ eessi_cvmfs_config_repo.key.path }}" + content: "{{ item.key }}" + dest: "{{ package_source_dir }}{{ item.path }}" mode: 0644 + with_items: "{{ eessi_cvmfs_keys }}" - - name: Make EESSI CVMFS configuration file + - name: Make EESSI CVMFS domain configuration file copy: content: | - CVMFS_SERVER_URL="{{ eessi_cvmfs_config_repo.urls|join(';') }}" - CVMFS_PUBLIC_KEY="{{ eessi_cvmfs_config_repo.key.path }}" - dest: "{{ package_source_dir }}/etc/cvmfs/config.d/{{ eessi_cvmfs_config_repo.repository.repository }}.conf" - mode: 0644 + # Stratum 1 servers for the eessi-hpc.org domain + CVMFS_SERVER_URL="{{ item.urls|join(';') }}" - - name: Make EESSI CVMFS default configuration file - copy: - content: | - CVMFS_CONFIG_REPOSITORY="{{ eessi_cvmfs_config_repo.repository.repository }}" - CVMFS_DEFAULT_DOMAIN="{{ eessi_cvmfs_config_repo.domain }}" - dest: "{{ package_source_dir }}/etc/cvmfs/default.d/80-eessi-cvmfs.conf" + # Public keys for the eessi-hpc.org domain + CVMFS_KEYS_DIR="/etc/cvmfs/keys/{{ item.domain }}" + + # Enable or disable the Geo API, based on the configuration file + CVMFS_USE_GEOAPI="{{ item.use_geoapi | ternary('yes', 'no') }}" + + # The client profile is supposed to be set in /etc/cvmfs/default.local + if [ "$CVMFS_CLIENT_PROFILE" = "single" ]; then + if [ "$CVMFS_HTTP_PROXY" = "" ]; then + # For individual clients (laptops, clusters < 5 nodes), use a site proxy + # where possible and otherwise a direct stratum 1 connection + CVMFS_HTTP_PROXY="DIRECT" + fi + fi + + dest: "{{ package_source_dir }}/etc/cvmfs/domain.d/{{ item.domain }}.conf" mode: 0644 + with_items: "{{ eessi_cvmfs_server_urls }}" diff --git a/stratum0-deploy-cvmfs-config.yml b/stratum0-deploy-cvmfs-config.yml deleted file mode 100644 index 309c5b07..00000000 --- a/stratum0-deploy-cvmfs-config.yml +++ /dev/null @@ -1,57 +0,0 @@ -# Start a transaction on the Stratum 0 and put all the files for the config repo in place. -# Note: first deploy your Stratum 0 and make sure that group_vars/all.yml contains the right configuration, -# including all the keys of the repositories that have to be configured. ---- -- name: CVMFS Stratum 0 deploy config repository - hosts: cvmfsstratum0servers - tasks: - - name: Start the CVMFS transaction, create directories, and copy files - block: - - name: start CVMFS transaction - command: cvmfs_server transaction "{{ eessi_cvmfs_config_repo.repository.repository }}" - - - name: create directories - file: - mode: "755" - path: "{{ item }}" - state: directory - with_list: - - "/cvmfs/{{ eessi_cvmfs_config_repo.repository.repository }}/etc/cvmfs/keys/{{ eessi_cvmfs_config_repo.domain }}" - - "/cvmfs/{{ eessi_cvmfs_config_repo.repository.repository }}/etc/cvmfs/contact" - - "/cvmfs/{{ eessi_cvmfs_config_repo.repository.repository }}/etc/cvmfs/domain.d" - - - name: deploy public keys - copy: - content: "{{ item.key }}" - dest: "/cvmfs/{{ eessi_cvmfs_config_repo.repository.repository }}{{ item.path }}" - mode: "644" - with_items: "{{ eessi_cvmfs_keys }}" - - - name: create contacts file - copy: - content: "{{ eessi_email }}\n" - dest: "/cvmfs/{{ eessi_cvmfs_config_repo.repository.repository }}/etc/cvmfs/contact/{{ eessi_cvmfs_config_repo.domain }}" - mode: "644" - - - name: create domain configuration file - copy: - content: | - CVMFS_SERVER_URL="{{ eessi_cvmfs_config_repo.urls | join(';') }}" - CVMFS_KEYS_DIR="/cvmfs/{{ eessi_cvmfs_config_repo.repository.repository }}/etc/cvmfs/keys/{{ eessi_cvmfs_config_repo.domain }}" - CVMFS_USE_GEOAPI="{{ eessi_cvmfs_server_urls[0].use_geoapi | default(false) | ternary('yes', 'no') }}" - dest: "/cvmfs/{{ eessi_cvmfs_config_repo.repository.repository }}/etc/cvmfs/domain.d/{{ eessi_cvmfs_config_repo.domain }}.conf" - mode: "644" - - - name: create default CVMFS configuration file - copy: - content: | - # For reference see https://sft.its.cern.ch/jira/browse/CVM-878 - CVMFS_LOW_SPEED_LIMIT=10000 - dest: "/cvmfs/{{ eessi_cvmfs_config_repo.repository.repository }}/etc/cvmfs/default.conf" - mode: "644" - - - name: publish CVMFS transaction - command: cvmfs_server publish "{{ eessi_cvmfs_config_repo.repository.repository }}" - rescue: - - name: cancel the transaction - command: cvmfs_server abort -f "{{ eessi_cvmfs_config_repo.repository.repository }}"