diff --git a/README.org b/README.org
index f5555bfae1828feb5292c55ad2600c53e5850860..d2399e5926fbc3dd9a1d044ba9299335d7f5eb21 100644
--- a/README.org
+++ b/README.org
@@ -2,40 +2,4 @@
* Summary
-Ansible scripts to create VMs.
-The VM contains:
- - nginx
- - openjdk-17
- - shinyproxy
- - docker
- - guix
- - shinyscreen
-* Configuration
-
-** Basic system :DONE:
- - Ensure existence of `proxer` user. Shinyproxy is run under it.
- - Create /scratch/proxer folder at root.
- - Create /scratch/proxer/local.
- - Create /scratch/proxer/shinyscreen.
- - Create /scratch/proxer/shinyscreen/input.
- - Create /scratch/proxer/shinyscreen/projects.
-
-** Docker :DONE:
-
-- Docker/shinyproxy settings.
-- Restart docker service.
-
-** NginX :DONE:
-- Install nginx.
-- Generate self-signed certificate.
-- Set nginx up as a reverse proxy for shinyproxy.
-- Restart nginx.
-
-** Shinyproxy. :DONE:
-
-- Download shinyproxy to scratch/proxer/local.
-- Adapt config file.
-- Connect to nginx and docker.
-
-** Create Shinyscreen package and the container. :TODO:
diff --git a/ansible.cfg b/ansible.cfg
index 9040fcc81cc06847046eeaaaa1050b954cd00dcf..7feca38cd24706e12f36132ae3250d744565b784 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -1,7 +1,4 @@
[defaults]
-inventory = hosts.txt
-strategy = free
-command_warnings = false
-remote_user = root
-private_key_file = ~/.ssh/id_ed25519
-vault_password_file = offline/vaultpass
\ No newline at end of file
+inventory = ~/scratch/eci-teach-do-inventory/
+#strategy = free
+command_warnings = false
\ No newline at end of file
diff --git a/main.yml b/main.yml
index 94ea0326bc85eb870cddae91f542b46f1446e5dd..96d62869a955067c247faa3bcd62d1bfc8d1f401 100644
--- a/main.yml
+++ b/main.yml
@@ -2,6 +2,9 @@
# acces for this to work, ie ask pass allowed for the time bootstrap
# tasks are taking place. A temporary window from a fixed location
# makes sense.
+
+# We start from the marketplace shinyproxy images.
+
- hosts: stations
become: True
tasks:
@@ -11,8 +14,6 @@
update_cache: yes
cache_valid_time: 86400
tags: apt
-
-
- name: Install debian packages.
apt:
name: [ 'openssh-server',
@@ -30,188 +31,39 @@
'docker.io',
'nginx' ]
tags: apt
-
-
- - name: Create service user 'proxer'.
- user:
- name: proxer
- system: yes
- groups: docker
-
- - name: Create /scratch.
- ansible.builtin.file:
- path: /scratch
- state: directory
- mode: '0711'
- - name: Create /scratch/proxer.
- ansible.builtin.file:
- path: /scratch/proxer
- owner: proxer
- state: directory
- mode: '0711'
- - name: Create /scratch/proxer/shinyscreen.
- ansible.builtin.file:
- path: /scratch/proxer/shinyscreen
- owner: proxer
- state: directory
- mode: '0711'
- - name: Create /scratch/proxer/shinyscreen/input_data.
- ansible.builtin.file:
- path: /scratch/proxer/shinyscreen/input_data
- owner: proxer
- state: directory
- mode: '0711'
- - name: Create /scratch/proxer/shinyscreen/projects.
- ansible.builtin.file:
- path: /scratch/proxer/shinyscreen/projects
- owner: proxer
- state: directory
- mode: '0711'
- - name: Create /scratch/proxer/selfsigned.
- ansible.builtin.file:
- path: /scratch/proxer/selfsigned
- owner: proxer
- state: directory
- mode: '0700'
-
- - name: Get Data Practical input data.
- ansible.builtin.git:
- repo: 'https://gitlab.lcsb.uni.lu/eci/isb401.git'
- dest: /tmp/tmpisb401
-
- - name: Copy shinyscreen_files to where they are supposed to be.
- ansible.builtin.copy:
- remote_src: yes
- src: /tmp/tmpisb401/shinyscreen_files/
- dest: /scratch/proxer/shinyscreen/input_data/isb401
-
- - name: Copy mzMLs to where they are supposed to be.
- ansible.builtin.copy:
- src: files/mzml_data/
- owner: proxer
- dest: /scratch/proxer/shinyscreen/input_data/isb401
- mode: '0644'
-
- - name: Adapt permissions.
- ansible.builtin.file:
- path: /scratch/proxer/shinyscreen/input_data/isb401
- owner: proxer
- state: directory
- recurse: yes
- mode: '0711'
-
- - name: Get Shinyproxy.
- get_url:
- url: https://www.shinyproxy.io/downloads/shinyproxy-2.6.0.jar
- dest: /scratch/proxer/shinyproxy.jar
- owner: proxer
- mode: '0700'
-
-
- - name: Create private key.
- community.crypto.openssl_privatekey:
- path: /scratch/proxer/selfsigned/certificate.key
-
- - name: Create simple self-signed certificate.
- community.crypto.x509_certificate:
- path: /scratch/proxer/selfsigned/certificate.pem
- privatekey_path: /scratch/proxer/selfsigned/certificate.key
- provider: selfsigned
-
- - name: Copy configuration file for nginx (shinyproxy).
- ansible.builtin.copy:
- src: files/etc/nginx/conf.d/shinyproxy.conf
- dest: /etc/nginx/conf.d/shinyproxy.conf
- mode: '0644'
-
- - name: Write the hostname/IP address to the shinyproxy.conf file.
- ansible.builtin.replace:
- path: /etc/nginx/conf.d/shinyproxy.conf
- regexp: '___ECI_VM_HOSTNAME___'
- replace: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}"
- notify: Restart nginx.
-
- - name: Create docker config directory.
- ansible.builtin.file:
- path: /etc/systemd/system/docker.service.d
- state: directory
- mode: '0744'
-
- - name: Copy configuration file for docker (shinyproxy).
- ansible.builtin.copy:
- src: files/etc/systemd/system/docker.service.d/override.conf
- dest: /etc/systemd/system/docker.service.d/override.conf
- mode: '0644'
- notify:
- - Reload systemd.
- - Restart docker.
-
- - name: Copy config file for shinyproxy.
- tags: shinyproxy-conf
- ansible.builtin.copy:
- src: files/scratch/proxer/application.in.yml
- dest: /scratch/proxer/application.in.yml
- owner: proxer
- mode: '0600'
-
- - name: Copy users file for shinyproxy.
- tags: shinyproxy-conf
- ansible.builtin.copy:
- src: files/scratch/proxer/users.yml
- dest: /scratch/proxer/
- owner: proxer
- mode: '0600'
-
- - name: Copy users file for shinyproxy.
- tags: shinyproxy-conf
- ansible.builtin.copy:
- src: files/scratch/proxer/passwd.yml
- dest: /scratch/proxer/
- owner: proxer
- mode: '0600'
-
+ # - name: Copy config file for shinyproxy.
+ # tags: shinyproxy-conf
+ # ansible.builtin.copy:
+ # src: files/scratch/proxer/application.in.yml
+ # dest: /scratch/proxer/application.in.yml
+ # owner: proxer
+ # mode: '0600'
# - name: Copy users file for shinyproxy.
# tags: shinyproxy-conf
# ansible.builtin.copy:
- # src: files/scratch/proxer/addusers.py
+ # src: files/scratch/proxer/users.yml
# dest: /scratch/proxer/
# owner: proxer
- # mode: '0700'
-
- - name: Generate application.yml.
- tags: shinyproxy-conf
- ansible.builtin.script:
- cmd: files/scratch/proxer/addusers.py
- # creates: /scratch/proxer/application.yml
- chdir: /scratch/proxer
- executable: python3
- notify:
- - Change application.yml permissions.
- - Restart shinyproxy.
+ # mode: '0600'
+ # - name: Copy users file for shinyproxy.
+ # tags: shinyproxy-conf
+ # ansible.builtin.copy:
+ # src: files/scratch/proxer/passwd.yml
+ # dest: /scratch/proxer/
+ # owner: proxer
+ # mode: '0600'
+ # - name: Generate application.yml.
+ # tags: shinyproxy-conf
+ # ansible.builtin.script:
+ # cmd: files/scratch/proxer/addusers.py
+ # # creates: /scratch/proxer/application.yml
+ # chdir: /scratch/proxer
+ # executable: python3
+ # notify:
+ # - Change application.yml permissions.
+ # - Restart shinyproxy.
- - name: Copy service file for shinyproxy.
- tags: shinyproxy-conf
- ansible.builtin.copy:
- src: files/etc/systemd/system/shinyproxy.service
- dest: /etc/systemd/system/shinyproxy.service
- mode: '0644'
- notify: Restart shinyproxy.
-
- - name: Copy shinyproxy docker image.
- ansible.builtin.copy:
- src: files/scratch/docker-shinyscreen.tar.gz
- dest: /scratch/docker-shinyscreen.tar.gz
-
- - name: Load docker image.
- ansible.builtin.shell:
- cmd: docker load -i docker-shinyscreen.tar.gz && touch loaded.shinyscreen
- creates: loaded.shinyscreen
- chdir: /scratch
- notify: Restart shinyproxy.
-
-
-
handlers:
- name: Reload systemd.