From 12a4308bf543a6ba16251b87dbd0e27988d880d2 Mon Sep 17 00:00:00 2001 From: Johan Hermansson Date: Mon, 1 Feb 2016 11:32:25 +0100 Subject: [PATCH 1/4] Deploy arteria configs and arteria-bcl2fastq files as user arteria --- ansible-st2-local/roles/arteria_core/tasks/main.yml | 1 + .../roles/arteria_node/tasks/deploy_include_files.yml | 6 +++--- ansible-st2-local/roles/bcl2fastq/tasks/install.yml | 2 ++ ansible-st2-local/roles/bcl2fastq/tasks/main.yml | 4 ++++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/ansible-st2-local/roles/arteria_core/tasks/main.yml b/ansible-st2-local/roles/arteria_core/tasks/main.yml index d54c702..af4f82c 100644 --- a/ansible-st2-local/roles/arteria_core/tasks/main.yml +++ b/ansible-st2-local/roles/arteria_core/tasks/main.yml @@ -98,3 +98,4 @@ file: state: directory path: /etc/arteria + owner: "{{ arteria_user }}" diff --git a/ansible-st2-local/roles/arteria_node/tasks/deploy_include_files.yml b/ansible-st2-local/roles/arteria_node/tasks/deploy_include_files.yml index 007c37e..c7ee296 100644 --- a/ansible-st2-local/roles/arteria_node/tasks/deploy_include_files.yml +++ b/ansible-st2-local/roles/arteria_node/tasks/deploy_include_files.yml @@ -1,5 +1,5 @@ --- -- copy: src=hiseq.rsync dest=/etc/arteria/misc/ -- copy: src=ngi.rsync dest=/etc/arteria/misc/ -- copy: src=summary.rsync dest=/etc/arteria/misc/ \ No newline at end of file +- copy: src=hiseq.rsync dest=/etc/arteria/misc/ owner={{ arteria_user }} +- copy: src=ngi.rsync dest=/etc/arteria/misc/ owner={{ arteria_user }} +- copy: src=summary.rsync dest=/etc/arteria/misc/ owner={{ arteria_user }} diff --git a/ansible-st2-local/roles/bcl2fastq/tasks/install.yml b/ansible-st2-local/roles/bcl2fastq/tasks/install.yml index 80a16f7..10cd588 100644 --- a/ansible-st2-local/roles/bcl2fastq/tasks/install.yml +++ b/ansible-st2-local/roles/bcl2fastq/tasks/install.yml @@ -36,3 +36,5 @@ executable: "{{ arteria_bcl2fastq_env_root }}/bin/pip" extra_args: "-U" +- name: change file owner of arteria-bcl2fastq + shell: chown -R {{ arteria_user }} {{ arteria_bcl2fastq_env_root }} diff --git a/ansible-st2-local/roles/bcl2fastq/tasks/main.yml b/ansible-st2-local/roles/bcl2fastq/tasks/main.yml index 094b908..0da80de 100644 --- a/ansible-st2-local/roles/bcl2fastq/tasks/main.yml +++ b/ansible-st2-local/roles/bcl2fastq/tasks/main.yml @@ -13,21 +13,25 @@ file: state: directory path: "{{ arteria_bcl2fastq_config_root}}" + owner: "{{ arteria_user }}" - name: place arteria-bcl2fastq config file in "{{ arteria_bcl2fastq_app_config }}" template: src: bcl2fastq_app.config.j2 dest: "{{ arteria_bcl2fastq_app_config }}" + owner: "{{ arteria_user }}" - name: place arteria-bcl2fastq config file in "{{ arteria_bcl2fastq_logger_config }}" template: src: bcl2fastq_logger.config.j2 dest: "{{ arteria_bcl2fastq_logger_config }}" + owner: "{{ arteria_user }}" - name: deploy arteria-bcl2fastq supervisord config template: src: supervisor_arteria_bcl2fastq.conf.j2 dest: /etc/supervisor/conf.d/bcl2fastq.conf + owner: "{{ arteria_user }}" - supervisorctl: name: "bcl2fastq-ws:" From 9e3169ba18fe32b923668a9a3c54775de0a0d9f3 Mon Sep 17 00:00:00 2001 From: Johan Hermansson Date: Mon, 1 Feb 2016 13:13:30 +0100 Subject: [PATCH 2/4] Deploy siswrap, sisyphus and runfolder directories and files as user arteria --- ansible-st2-local/roles/runfolder/tasks/install.yml | 3 +++ ansible-st2-local/roles/runfolder/tasks/install_config.yml | 3 +++ ansible-st2-local/roles/siswrap/tasks/install.yml | 3 +++ ansible-st2-local/roles/siswrap/tasks/main.yml | 5 +++-- ansible-st2-local/roles/sisyphus/tasks/main.yml | 6 +++--- 5 files changed, 15 insertions(+), 5 deletions(-) diff --git a/ansible-st2-local/roles/runfolder/tasks/install.yml b/ansible-st2-local/roles/runfolder/tasks/install.yml index 05f9a8a..29dfacb 100644 --- a/ansible-st2-local/roles/runfolder/tasks/install.yml +++ b/ansible-st2-local/roles/runfolder/tasks/install.yml @@ -36,3 +36,6 @@ executable: "{{ arteria_runfolder_env_root }}/bin/pip" extra_args: "-U" +- name: change file owner of arteria-runfolder + shell: chown -R {{ arteria_user }} {{ arteria_runfolder_env_root }} + diff --git a/ansible-st2-local/roles/runfolder/tasks/install_config.yml b/ansible-st2-local/roles/runfolder/tasks/install_config.yml index 24d5bb4..7f0256e 100644 --- a/ansible-st2-local/roles/runfolder/tasks/install_config.yml +++ b/ansible-st2-local/roles/runfolder/tasks/install_config.yml @@ -4,16 +4,19 @@ file: state: directory path: "{{ arteria_runfolder_config_root }}" + owner: "{{ arteria_user }}" - name: deploy arteria-runfolder app config template: src: runfolder_app.config.j2 dest: "{{ arteria_runfolder_app_config }}" + owner: "{{ arteria_user }}" - name: deploy arteria-runfolder logger config template: src: runfolder_logger.config.j2 dest: "{{ arteria_runfolder_logger_config }}" + owner: "{{ arteria_user }}" - name: deploy arteria-runfolder supervisord config template: diff --git a/ansible-st2-local/roles/siswrap/tasks/install.yml b/ansible-st2-local/roles/siswrap/tasks/install.yml index 08fa7c3..0ed2dfd 100644 --- a/ansible-st2-local/roles/siswrap/tasks/install.yml +++ b/ansible-st2-local/roles/siswrap/tasks/install.yml @@ -36,3 +36,6 @@ executable: "{{ arteria_siswrap_env_root }}/bin/pip" extra_args: "-U" +- name: change file owner of arteria-siswrap + shell: chown -R {{ arteria_user }} {{ arteria_siswrap_env_root }} + diff --git a/ansible-st2-local/roles/siswrap/tasks/main.yml b/ansible-st2-local/roles/siswrap/tasks/main.yml index c34a24d..27dc55b 100644 --- a/ansible-st2-local/roles/siswrap/tasks/main.yml +++ b/ansible-st2-local/roles/siswrap/tasks/main.yml @@ -1,7 +1,5 @@ --- -# TODO Ensure all this is versioned! - # This all assumes that the sisyphus role has been run before this. - include: install.yml @@ -9,16 +7,19 @@ file: state: directory path: "{{ arteria_siswrap_config_root }}" + owner: "{{ arteria_user }}" - name: deploying arteria-siswrap app config template: src: siswrap_app.config.j2 dest: "{{ arteria_siswrap_app_config }}" + owner: "{{ arteria_user }}" - name: deploying arteria-siswrap logger config template: src: siswrap_logger.config.j2 dest: "{{ arteria_siswrap_logger_config }}" + owner: "{{ arteria_user }}" notify: - restart siswrap diff --git a/ansible-st2-local/roles/sisyphus/tasks/main.yml b/ansible-st2-local/roles/sisyphus/tasks/main.yml index 1eabcdc..25a84b7 100644 --- a/ansible-st2-local/roles/sisyphus/tasks/main.yml +++ b/ansible-st2-local/roles/sisyphus/tasks/main.yml @@ -43,7 +43,7 @@ cpanm: name=File::NFSLock - name: create sisyphus code folder - file: path={{ sisyphus_path }} state=directory + file: path={{ sisyphus_path }} state=directory owner={{ arteria_sisyphus_user }} - name: get sisyphus code git: repo={{ sisyphus_git_repo }} version={{ sisyphus_repo_branch }} dest={{ sisyphus_path }}/sisyphus-tmp update=yes @@ -63,8 +63,8 @@ - name: remove sisyphus-tmp file: path={{ sisyphus_path }}/sisyphus-tmp state=absent -- name: ensure latest version is globally readable - file: state=directory path={{ sisyphus_path }}/sisyphus-{{ sisyphus_version.stdout }} mode=775 recurse=yes +- name: ensure latest version is globally readable and owned by proper user + file: state=directory path={{ sisyphus_path }}/sisyphus-{{ sisyphus_version.stdout }} mode=775 recurse=yes owner={{ arteria_sisyphus_user }} - name: setup link to sisyphus latest file: state=link src={{ sisyphus_path }}/sisyphus-{{ sisyphus_version.stdout }} dest={{ sisyphus_path }}/sisyphus-latest mode=775 From 400d24f77a6db012dcd88b5c1abdbfddc6ad3360 Mon Sep 17 00:00:00 2001 From: Johan Hermansson Date: Mon, 1 Feb 2016 13:14:00 +0100 Subject: [PATCH 3/4] Create /opt/arteria as user arteria before populating with all products --- ansible-st2-local/roles/arteria_core/tasks/main.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/ansible-st2-local/roles/arteria_core/tasks/main.yml b/ansible-st2-local/roles/arteria_core/tasks/main.yml index 1174814..59a515b 100644 --- a/ansible-st2-local/roles/arteria_core/tasks/main.yml +++ b/ansible-st2-local/roles/arteria_core/tasks/main.yml @@ -99,3 +99,10 @@ state: directory path: /etc/arteria owner: "{{ arteria_user }}" + +- name: ensure /opt/arteria dir exists with proper owner + file: + state: directory + path: /opt/arteria + owner: "{{ arteria_user }}" + From 10bf49e8f738763f835e7917778bb06e5bdc5e0b Mon Sep 17 00:00:00 2001 From: Johan Hermansson Date: Mon, 1 Feb 2016 14:44:50 +0100 Subject: [PATCH 4/4] Make sure installed Python files are accessible for everyone --- ansible-st2-local/roles/arteria_core/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible-st2-local/roles/arteria_core/tasks/main.yml b/ansible-st2-local/roles/arteria_core/tasks/main.yml index 59a515b..c4b44ed 100644 --- a/ansible-st2-local/roles/arteria_core/tasks/main.yml +++ b/ansible-st2-local/roles/arteria_core/tasks/main.yml @@ -25,7 +25,7 @@ unarchive: src=/usr/src/Python-2.7.10.tgz dest=/usr/src copy=no - name: compile python - shell: ./configure && make --quiet altinstall && touch ansible_state_completed + shell: umask 0022 && ./configure && make --quiet altinstall && touch ansible_state_completed args: chdir: /usr/src/Python-2.7.10 creates: /usr/src/Python-2.7.10/ansible_state_completed @@ -43,7 +43,7 @@ copy: no - name: install setup-tools - shell: /usr/local/bin/python2.7 setup.py install && touch /usr/src/setuptools-1.4.2/ansible_state_completed + shell: umask 0022 && /usr/local/bin/python2.7 setup.py install && touch /usr/src/setuptools-1.4.2/ansible_state_completed args: chdir: /usr/src/setuptools-1.4.2 creates: /usr/src/setuptools-1.4.2/ansible_state_completed