From 95935e9a01b15e0070588e3aee2856d42f5353b9 Mon Sep 17 00:00:00 2001
From: cat-bro
Date: Fri, 2 Aug 2024 16:39:48 +1000
Subject: [PATCH] use history mailer ansible role
---
dev_playbook.yml | 130 ++++++++++---------
galaxy-backup_playbook.yml | 2 +
galaxy-db_playbook.yml | 1 +
group_vars/all.yml | 2 +
host_vars/dev.gvl.org.au.yml | 58 +++++++++
host_vars/galaxy-backup.yml | 67 ++++++++++
requirements.yml | 4 +
scripts/update_roles.py | 31 ++---
secret_group_vars/history_mailer_vault | 23 ++++
templates/history_mailer/email_deletion.html | 24 ++++
templates/history_mailer/email_warning.html | 34 +++++
11 files changed, 297 insertions(+), 79 deletions(-)
create mode 100644 secret_group_vars/history_mailer_vault
create mode 100644 templates/history_mailer/email_deletion.html
create mode 100644 templates/history_mailer/email_warning.html
diff --git a/dev_playbook.yml b/dev_playbook.yml
index 07560399d..e596ad863 100644
--- a/dev_playbook.yml
+++ b/dev_playbook.yml
@@ -11,6 +11,7 @@
- secret_group_vars/stats_server_vault
- secret_group_vars/dev_secrets
- secret_group_vars/sentry_vault
+ - secret_group_vars/history_mailer_vault
pre_tasks:
- name: Attach volume to instance
include_role:
@@ -44,68 +45,69 @@
enabled: false
state: stopped
roles:
- - galaxyproject.repos
- - common
- - mounts
- - install-tpv
- - geerlingguy.pip
- - gantsign.golang
- - cyverse-ansible.singularity
- - galaxyproject.galaxy
- - role: galaxyproject.miniconda
- become: true
- become_user: galaxy
- - usegalaxy_eu.galaxy_subdomains
- - webhooks
- - nginx-upload-module
- - galaxyproject.nginx
- - galaxyproject.tusd
- - geerlingguy.nfs
- - galaxyproject.slurm
- # - galaxyproject.s3fs
- - galaxyproject.cvmfs
- - galaxyproject.gxadmin
- - pg-post-tasks
- - remote-pulsar-cron
- - galaxy-pg-cleanup
- #- galaxyproject.tiaas2 # broken in galaxy release_23.1 - missing static/style/base.css
- - geerlingguy.docker
- - dj-wasabi.telegraf
- - postfix-mail-relay
- #- login-override
- - acl-on-startup
- post_tasks:
- - name: Ensure object store paths exist
- file:
- state: directory
- path: "{{ item }}"
- owner: galaxy
- group: galaxy
- with_items:
- - /mnt/galaxy/data
- - /mnt/galaxy/data-2
- - /mnt/galaxy/data-3
- - name: Make local_tool directory group-writable by machine users
- file:
- path: /mnt/galaxy/local_tools
- owner: root
- group: devs
- mode: 0775
- state: directory
- - name: Install slurm-drmaa
- package:
- name: slurm-drmaa1
- - name: Uninstall the existing web-dav-client
- pip:
- name: "webdavclient3"
- virtualenv: "{{ galaxy_venv_dir }}"
- state: absent
- - name: Workaround content-length header bug in webdav through forcible update to newer version
- pip:
- name: "webdavclient3@git+https://github.com/ezhov-evgeny/webdav-client-python-3@0f17fa7946e66f7963db367d0d6b2e7f940ebeb8"
- virtualenv: "{{ galaxy_venv_dir }}"
- - name: Reload exportfs
- command: exportfs -ra
- become: yes
- become_user: root
+ # - galaxyproject.repos
+ # - common
+ # - mounts
+ # - install-tpv
+ # - geerlingguy.pip
+ # - gantsign.golang
+ # - cyverse-ansible.singularity
+ # - galaxyproject.galaxy
+ # - role: galaxyproject.miniconda
+ # become: true
+ # become_user: galaxy
+ # - usegalaxy_eu.galaxy_subdomains
+ # - webhooks
+ # - nginx-upload-module
+ # - galaxyproject.nginx
+ # - galaxyproject.tusd
+ # - geerlingguy.nfs
+ # - galaxyproject.slurm
+ # # - galaxyproject.s3fs
+ # - galaxyproject.cvmfs
+ # - galaxyproject.gxadmin
+ # - pg-post-tasks
+ # - remote-pulsar-cron
+ # - galaxy-pg-cleanup
+ # #- galaxyproject.tiaas2 # broken in galaxy release_23.1 - missing static/style/base.css
+ # - geerlingguy.docker
+ # - dj-wasabi.telegraf
+ # - postfix-mail-relay
+ # #- login-override
+ # - acl-on-startup
+ - usegalaxy-au.history_mailer
+ # post_tasks:
+ # - name: Ensure object store paths exist
+ # file:
+ # state: directory
+ # path: "{{ item }}"
+ # owner: galaxy
+ # group: galaxy
+ # with_items:
+ # - /mnt/galaxy/data
+ # - /mnt/galaxy/data-2
+ # - /mnt/galaxy/data-3
+ # - name: Make local_tool directory group-writable by machine users
+ # file:
+ # path: /mnt/galaxy/local_tools
+ # owner: root
+ # group: devs
+ # mode: 0775
+ # state: directory
+ # - name: Install slurm-drmaa
+ # package:
+ # name: slurm-drmaa1
+ # - name: Uninstall the existing web-dav-client
+ # pip:
+ # name: "webdavclient3"
+ # virtualenv: "{{ galaxy_venv_dir }}"
+ # state: absent
+ # - name: Workaround content-length header bug in webdav through forcible update to newer version
+ # pip:
+ # name: "webdavclient3@git+https://github.com/ezhov-evgeny/webdav-client-python-3@0f17fa7946e66f7963db367d0d6b2e7f940ebeb8"
+ # virtualenv: "{{ galaxy_venv_dir }}"
+ # - name: Reload exportfs
+ # command: exportfs -ra
+ # become: yes
+ # become_user: root
diff --git a/galaxy-backup_playbook.yml b/galaxy-backup_playbook.yml
index 5a335a58c..e4a0296d4 100644
--- a/galaxy-backup_playbook.yml
+++ b/galaxy-backup_playbook.yml
@@ -6,6 +6,7 @@
- group_vars/VAULT
- host_vars/galaxy-backup.yml
- secret_group_vars/stats_server_vault
+ - secret_group_vars/history_mailer_vault
- secret_group_vars/ubuntu_maintenance_key
pre_tasks:
- name: Attach volume to instance
@@ -18,6 +19,7 @@
- common
- geerlingguy.pip
- slg.db-backup
+ - usegalaxy-au.history_mailer
- dj-wasabi.telegraf
post_tasks:
- name: Ensure desired version of ansible is installed
diff --git a/galaxy-db_playbook.yml b/galaxy-db_playbook.yml
index 7cf3c4663..0d6305ed2 100644
--- a/galaxy-db_playbook.yml
+++ b/galaxy-db_playbook.yml
@@ -7,6 +7,7 @@
- group_vars/dbservers.yml
- host_vars/galaxy-db.usegalaxy.org.au.yml
- secret_group_vars/stats_server_vault
+ - secret_group_vars/history_mailer_vault
- secret_group_vars/ubuntu_maintenance_key
pre_tasks:
- name: Attach volume to instance
diff --git a/group_vars/all.yml b/group_vars/all.yml
index 42f04438a..09f15b829 100644
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -158,6 +158,8 @@ common_packages:
- fail2ban
- software-properties-common
- pigz
+ - sqlite3
+ - iotop
#Set pip to be pip3 by default - see roles/geerlingguy.pip/defaults/main.yml
pip_package: python3-pip
diff --git a/host_vars/dev.gvl.org.au.yml b/host_vars/dev.gvl.org.au.yml
index 8e0c8e80d..732684d69 100644
--- a/host_vars/dev.gvl.org.au.yml
+++ b/host_vars/dev.gvl.org.au.yml
@@ -416,3 +416,61 @@ webhook_plugins:
- demo
- gtn
- news
+
+### History mailer
+
+# config
+history_mailer_warn_days: 365
+history_mailer_delete_days: 379
+history_mailer_email_days_threshold: 14
+history_mailer_purge_days_threshold: 6
+
+history_mailer_galaxy_url: https://dev.gvl.org.au
+history_mailer_galaxy_api_key: "{{ vault_jenkins_bot_dev_api_key }}" # TODO: add this!
+
+history_mailer_galaxy_keeplist_group: "History Retention Keeplist"
+
+# history_mailer_postal_base_url: "https://mail.usegalaxy.org.au/api/v1/"
+# history_mailer_postal_api_key: "{{ vault_history_mailer_postal_api_key }}"
+
+# history_mailer_email_template_warning: "{{ history_mailer_email_template_dir }}/email_warning.html"
+# history_mailer_email_template_deletion: "{{ history_mailer_email_template_dir }}/email_deletion.html"
+
+# history_mailer_mail_from: "Galaxy Australia "
+# history_mailer_mail_replyto: "help@genome.edu.au"
+
+# history_mailer_slack_token: "{{ vault_history_mailer_slack_token }}"
+# history_mailer_slack_alert_channel: "#alerts"
+# history_mailer_slack_log_channel: "#galaxy-logs"
+# history_mailer_alert_mentions: "<@Catherine>"
+# history_mailer_log_mentions: "<@Catherine>"
+
+# settings for ansible role
+history_mailer_user: ubuntu
+history_mailer_dir: "/home/{{ history_mailer_user }}/hm_TEST"
+
+# history_mailer_use_postal: true # Must be true for history mailer to work
+
+history_mailer_enable_cron_jobs: false # When not enabled, cron jobs will be entered in crontab in a disabled state
+
+history_mailer_cron_jobs:
+- name: warn_and_delete
+ weekday: "3"
+ hour: "11"
+ options:
+ - production
+ - warn
+ - dryrun
+# - name: purge_histories
+# weekday: "2"
+# hour: "12"
+# options:
+# - production
+# - purge
+# - notify
+
+# Delete these and use vault variables
+vault_history_mailer_postal_api_key: nottherealkey # xGV6VbNrHOGO8rirFL2e2E6b
+vault_history_mailer_slack_token: "xoxb"
+vault_jenkins_bot_production_api_key: abcdefg # TODO: add the real one, add these to vault
+vault_jenkins_bot_staging_api_key: xyz # TODO: add the real one, add these to vault
\ No newline at end of file
diff --git a/host_vars/galaxy-backup.yml b/host_vars/galaxy-backup.yml
index 303963718..3c3cdb96c 100644
--- a/host_vars/galaxy-backup.yml
+++ b/host_vars/galaxy-backup.yml
@@ -49,3 +49,70 @@ extra_keys:
ssh_config_id_file: "/home/{{ ssh_config_user }}/.ssh/internal_hop_key"
ssh_config_user: ubuntu
ssh_config_hosts: "{{ groups['galaxy_group'] }}"
+
+### History mailer
+
+# config
+history_mailer_warn_days: 365
+history_mailer_delete_days: 379
+history_mailer_email_days_threshold: 14
+history_mailer_purge_days_threshold: 6
+
+history_mailer_galaxy_url: https://usegalaxy.org.au
+history_mailer_galaxy_api_key: "{{ vault_jenkins_bot_production_api_key }}" # TODO: add this!
+history_mailer_staging_galaxy_url: https://staging.gvl.org.au
+history_mailer_staging_galaxy_api_key: "{{ vault_jenkins_bot_staging_api_key }}" # TODO: add this!
+
+history_mailer_galaxy_keeplist_group: "History Retention Keeplist"
+
+history_mailer_postal_base_url: "https://mail.usegalaxy.org.au/api/v1/"
+history_mailer_postal_api_key: "{{ vault_history_mailer_postal_api_key }}"
+
+history_mailer_email_template_warning: "{{ history_mailer_email_template_dir }}/email_warning.html"
+history_mailer_email_template_deletion: "{{ history_mailer_email_template_dir }}/email_deletion.html"
+
+history_mailer_mail_from: "Galaxy Australia "
+history_mailer_mail_replyto: "help@genome.edu.au"
+
+history_mailer_slack_token: "{{ vault_history_mailer_slack_token }}"
+history_mailer_slack_alert_channel: "#alerts"
+history_mailer_slack_log_channel: "#galaxy-logs"
+history_mailer_alert_mentions: "<@Catherine>"
+history_mailer_log_mentions: "<@Catherine>"
+
+# settings for ansible role
+history_mailer_user: ubuntu
+history_mailer_dir: "/home/{{ history_mailer_user }}/hm_TEST"
+
+history_mailer_use_postal: true # Must be true for history mailer to work
+
+history_mailer_enable_cron_jobs: false # When not enabled, cron jobs will be entered in crontab in a disabled state
+
+history_mailer_files:
+ - src: templates/history_mailer/email_warning.html
+ dest: "{{ history_mailer_email_template_warning }}"
+ - src: templates/history_mailer/email_deletion.html
+ dest: "{{ history_mailer_email_template_deletion }}"
+
+history_mailer_cron_jobs:
+- name: warn_and_delete
+ weekday: "3"
+ hour: "11"
+ options:
+ - production
+ - warn
+ - delete
+ - notify
+- name: purge_histories
+ weekday: "2"
+ hour: "12"
+ options:
+ - production
+ - purge
+ - notify
+
+# Delete these and use vault variables
+vault_history_mailer_postal_api_key: nottherealkey #
+vault_history_mailer_slack_token: "xoxb"
+vault_jenkins_bot_production_api_key: abcdefg # TODO: add the real one, add these to vault
+vault_jenkins_bot_staging_api_key: xyz # TODO: add the real one, add these to vault
diff --git a/requirements.yml b/requirements.yml
index c6c1487f6..9fe219567 100644
--- a/requirements.yml
+++ b/requirements.yml
@@ -79,3 +79,7 @@ roles:
- name: geerlingguy.redis
version: 1.8.0
+- name: usegalaxy-au.history_mailer
+ src: https://github.com/usegalaxy-au/ansible-history-mailer
+ version: d6a5120 # TODO: at the very least add a commit ID here
+
diff --git a/scripts/update_roles.py b/scripts/update_roles.py
index 9fce02138..6bc4e8861 100644
--- a/scripts/update_roles.py
+++ b/scripts/update_roles.py
@@ -30,7 +30,6 @@
role_requirements = yaml.safe_load(handle).get('roles')
for r in role_requirements:
- try:
name = r.get('name', r.get('src'))
if not name:
raise Exception(f'Could not find role {name} in yaml entry')
@@ -38,22 +37,24 @@
if not required_version:
print(f'role {name} has no required version, no need to update')
continue
+
role_info_file = os.path.join(here, roles_dir, name, 'meta', '.galaxy_install_info')
- role_info_version = None
- with open(role_info_file) as handle:
- role_info_lines = handle.readlines()
- for line in role_info_lines:
- content = re.split(':\s+', line.strip())
- if content[0] == 'version':
- role_info_version = content[1]
- if role_info_version and role_info_version == required_version:
- print(f'role {name} is already installed at version {role_info_version}, no need to update')
- else:
- print(f'role {name} will be updated from {role_info_version} to {required_version}')
+ if not os.path.exists(role_info_file):
+ print(f'role {name} has no .galaxy_install_info, assuming new and adding to roles to install')
roles_to_update.append(r)
- except Exception as e: # file doesnt exist or isn't parsed properly or something
- sys.stderr.write(str(e))
- roles_to_update.append(r)
+ else:
+ role_info_version = None
+ with open(role_info_file) as handle:
+ role_info_lines = handle.readlines()
+ for line in role_info_lines:
+ content = re.split(':\s+', line.strip())
+ if content[0] == 'version':
+ role_info_version = content[1]
+ if role_info_version and role_info_version == required_version:
+ print(f'role {name} is already installed at version {role_info_version}, no need to update')
+ else:
+ print(f'role {name} will be updated from {role_info_version} to {required_version}')
+ roles_to_update.append(r)
if roles_to_update:
with open(output_file, 'w') as handle:
yaml.safe_dump(roles_to_update, handle)
diff --git a/secret_group_vars/history_mailer_vault b/secret_group_vars/history_mailer_vault
new file mode 100644
index 000000000..e3ce6291f
--- /dev/null
+++ b/secret_group_vars/history_mailer_vault
@@ -0,0 +1,23 @@
+$ANSIBLE_VAULT;1.1;AES256
+31616565623561373966653435633261313061623030303666653565633133633066343434663433
+3364373839316366623839373838623236373365306230660a613235346463653064353765623030
+36316166326664643765623939343566633231333030646130343736366431666566386430363230
+6235643866386335640a633361303836663865343431616134363266623535623139616632353138
+61373737323061343261383862333736393761666534306439633034336564646261323363393238
+38626364376166663331386130333131656664633934323332316431376661656661303632393464
+38636238303935373265343837653731306635623964326639316436386463313163366334373039
+34626134353030623465303537653434333832303464663035326333653261393736393939326462
+33346532366335333434653539613861353838333539643035636333333464656437396133666161
+37366138386130613364333734323233323133393363663739663039326262343639626462313561
+37346162623963376561393633653230396337313763343763613530383630386437653237666665
+38643565383337613233616133643031393131623266646136663137353133643664653332373934
+66373764623861363738633331656436356534656262303433616436316637393635336665306166
+36633066393764616534303035613236386332633739626466623439353933383965316665366465
+30623432383839396465646434313536333066663064323066343334386566323234353438336632
+32643538363239373734623166333466653265303937393736363837666266363832363366313862
+34643764303736343732666536343465636230393636303739333338303164653138383238343263
+63663633373830626461336639626663356435343531626561336164663136666134613361326634
+31303937623063313663616531626530353065356138646336323131356430343933646434373439
+66663661623465326139326139393131356238306631383432303037623035333862323763653130
+64663230353835646436323538383662633539643866363063643732313132343537353665396462
+6566303835656131353431666435356362366633316338626466
diff --git a/templates/history_mailer/email_deletion.html b/templates/history_mailer/email_deletion.html
new file mode 100644
index 000000000..36894d562
--- /dev/null
+++ b/templates/history_mailer/email_deletion.html
@@ -0,0 +1,24 @@
+
+
+ Dear {{ username }},
+ You are receiving this email as one or more of your histories on Galaxy Australia have not been updated for {{ delete_weeks }} weeks or more and have now been marked as deleted. They and their associated data will be purged from our disk in 5 days time (from the date of this email).
+
+
Please see the {% if histories|length > 1 %}histories{% else %}history{% endif %} in question below:
+
+
+ History Name | Date last updated | Size |
+ {% for h in histories %}
+ {{ h['name'] }} | {{ h['h_update_time'] }} | {{ h['h_size'] }} |
+ {% endfor %}
+
+
+ If you have any queries regarding this email, please don't hesitate to reply to: help@genome.edu.au
+ Yours,
+
+
+ Galaxy Australia Administrators.
+
+
+
+
diff --git a/templates/history_mailer/email_warning.html b/templates/history_mailer/email_warning.html
new file mode 100644
index 000000000..002c24810
--- /dev/null
+++ b/templates/history_mailer/email_warning.html
@@ -0,0 +1,34 @@
+
+
+ Dear {{ username }},
+ You are receiving this email as one or more of your histories on Galaxy Australia have not been updated for {{ warn_weeks }} weeks or more. They will be beyond the User Data Storage time limits soon ({{ delete_weeks }} weeks). Displayed next to each history in the table below is the date that it will be deleted. If you do not run a job in that history or update it before that date, it will be automatically deleted and then purged from disk.
+
+ You should download any files you wish to keep from each history before the date specified. Instructions for doing so can be found at:
+
+ Galaxy Training Material - Downloading and Deleting Data
+
+ Please note that if you have received a warning email in the past, new histories could have been added to the following table and they will have a different scheduled deletion date.
+
+ Please see the {% if histories|length > 1 %}histories{% else %}history{% endif %} in question below:
+
+
+ History Name | Date last updated | Size | Deletion Date |
+ {% for h in histories | sort(attribute='h_update_time') %}
+ {{ h['name'] }} | {{ h['h_update_time'] }} | {{ h['h_size'] }} | {{ h['h_del_time'] }} |
+ {% endfor %}
+
+
+
+
+
+ Galaxy Australia is a data analysis platform and stores data in accordance with the User Data Storage Policy
+ If you have any queries regarding this email, please don't hesitate to contact us at: help@genome.edu.au
+ Yours,
+
+
+ Galaxy Australia Administrators.
+
+
+
+