-
Notifications
You must be signed in to change notification settings - Fork 18
/
Copy pathgalaxy_playbook.yml
123 lines (122 loc) · 4.11 KB
/
galaxy_playbook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
- hosts: galaxy
become: true
vars_files:
- group_vars/all.yml
- group_vars/galaxy_etca.yml
- group_vars/VAULT
- group_vars/galaxyservers.yml
- group_vars/galaxy_etca_slurm.yml
- host_vars/galaxy.usegalaxy.org.au.yml
- secret_group_vars/stats_server_vault
- secret_group_vars/ssh_keys
- secret_group_vars/etca_vault.yml
pre_tasks:
- name: Attach volume to instance
include_role:
name: attached-volumes
- name: Install slurm drmaa ppa
include_role:
name: galaxyproject.repos
- name: Install slurm-drmaa
package:
name: slurm-drmaa1
state: latest
- name: create dir for gravity configuration
file:
state: directory
path: /opt/galaxy
owner: root
group: galaxy
mode: 0775
- name: Create containing folders for external NFS file mounts
file:
state: directory
path: "{{ item }}"
with_items:
- "{{ qld_file_mounts_path }}"
- "{{ pawsey_file_mounts_path }}"
roles:
- common
- mounts
- geerlingguy.pip
- galaxyproject.galaxy
# - role: galaxyproject.miniconda # this role is needed for a fresh installation, but for subsequent playbook runs can take far too much time. TODO: fix this somehow
# become: true
# become_user: galaxy
- usegalaxy_eu.galaxy_subdomains
- webhooks
- nginx-upload-module
- galaxyproject.nginx
- galaxyproject.tusd
- galaxyproject.slurm
- galaxyproject.cvmfs
- usegalaxy_eu.apptainer
- geerlingguy.docker
- acl-on-startup
- dj-wasabi.telegraf
- geerlingguy.nfs
- galaxyproject.gxadmin
- postfix-mail-relay
- remote-pulsar-cron
# - delete-tmp-jwds-cron # commented out until galaxy etca is production galaxy, also needs to be enabled
- slg.galaxy_stats
- galaxy-pg-cleanup
- galaxyproject.tiaas2
- role: usegalaxy_eu.walle
tags: walle
post_tasks:
- name: create dir for galaxy's singularity cache
file:
state: directory
path: "{{ item }}"
owner: galaxy
group: galaxy
mode: 0700
with_items:
- "{{ galaxy_user_singularity_cachedir }}"
- "{{ galaxy_user_singularity_tmpdir }}"
- name: Make local_tool directory group-writable by machine users
# TODO: This path is problematic because the galaxyproject.galaxy role will chown it to root:root
# every time we run this playbook, potentially locking out tool devs for 10 minutes.
# New folder for in /mnt/tools? What would this mean for the lsync? What would this mean for docker volumes?
file:
path: "{{ galaxy_root }}/local_tools"
owner: root
group: devs
mode: 0775
state: directory
- name: Uninstall the existing web-dav-client # TODO: these two tasks could be a role
pip:
name: "webdavclient3"
virtualenv: "{{ galaxy_venv_dir }}"
state: absent
- name: Workaround content-length header bug in webdav through update to newer version
pip:
name: "webdavclient3@git+https://github.com/ezhov-evgeny/webdav-client-python-3@0f17fa7946e66f7963db367d0d6b2e7f940ebeb8"
virtualenv: "{{ galaxy_venv_dir }}"
- name: set up lsync between /mnt/galaxy and /mnt/ghost-galaxy-app
include_role:
name: lsyncd
# Nginx logrotate: keep nginx logs forever on /mnt disk
- name: Make sure extra nginx log dirs exist
file:
state: directory
path: "{{ item }}"
with_items:
- "{{ nginx_log_olddir_root }}"
- "{{ nginx_long_term_log_dir }}"
- name: Add lines to main block in nginx logrotate conf
lineinfile:
path: /etc/logrotate.d/nginx
line: "{{ item }}"
insertafter: ".*{"
with_items:
- "\tdateext"
- "\tolddir {{ nginx_log_olddir_root }}"
- name: Add lines to postrotate task in nginx logrotate conf
lineinfile:
path: /etc/logrotate.d/nginx
line: "{{ item }}"
insertafter: "\tpostrotate"
with_items:
- "\t\tcp -up {{ nginx_log_olddir_root }}/* {{ nginx_long_term_log_dir }}/"