forked from galaxyproject/ansible-galaxy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.yml
273 lines (224 loc) · 11.8 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
---
# defaults file for galaxyproject.galaxy
#
# Feature control
#
# Control which tasks are included, in case you need to perform different options on different hosts or server
# directories.
galaxy_create_user: no
galaxy_manage_paths: no
galaxy_manage_clone: yes
galaxy_manage_download: no
galaxy_manage_static_setup: yes
galaxy_manage_mutable_setup: yes
galaxy_manage_database: yes
galaxy_fetch_dependencies: yes
galaxy_build_client: yes
galaxy_manage_errordocs: no
galaxy_backup_configfiles: yes
#
# Access method control
#
# The role needs to perform tasks as different users depending on your configuration and how you are connecting to the
# target host. Keys are the privileges needed and the values are the user to connect as or become:
#
# root: Tasks that require "root" privileges such as creating/chowning directories inside directories owned by root
# galaxy: Tasks that run as the Galaxy user
# privsep: Tasks that run as the privilege separation user
# errdocs: Tasks that install error docs (run as whatever user owns these)
#
# You would most commonly connect to the target host either as root or as a user with full sudo privileges, but if not
# using privilege separation, it is possible to run this role as an unprivileged user with no escalation. In such a
# case, set `galaxy_become_users` to an empty hash like so:
#
#galaxy_become_users: {}
# Attempt to automatically decide whether to use `become` and which users to `become`. To disable, set
# `galaxy_become_users` to an empty hash.
__galaxy_privsep_user: "{{ galaxy_privsep_user if galaxy_separate_privileges else galaxy_user }}"
# this goes through two levels of variables since there's no "else if"
__galaxy_default_root_become_users:
galaxy: "{{ __galaxy_user_name }}"
privsep: "{{ __galaxy_privsep_user_name }}"
__galaxy_default_nonroot_become_users:
root: root
galaxy: "{{ __galaxy_user_name }}"
privsep: "{{ __galaxy_privsep_user_name }}"
__galaxy_default_become_users: "{{ __galaxy_default_root_become_users if ansible_user_uid == 0 else __galaxy_default_nonroot_become_users }}"
galaxy_become_users: "{{ {} if ansible_user_id == __galaxy_user_name and not galaxy_separate_privileges else __galaxy_default_become_users }}"
# Some sites do not allow the use of passwordless `sudo` and require logging directly in to accounts using `ssh`, this
# variable works like `galaxy_become_users` and accommodates such scenarios (if using you probably want to set
# `galaxy_become_users` to an empty hash)
galaxy_remote_users: {}
#
# Privilege separation, user and path management
#
# Privilege separation mode switch
galaxy_separate_privileges: no
# User that Galaxy runs as
galaxy_user: "{{ ansible_user_id }}"
# User that owns Galaxy code, configs, and virutalenv, and that runs `pip install` for dependencies
galaxy_privsep_user: root
# No explicit group is created by default, system policy will decide users' groups. However, in order to enable
# privilege separation without making configs world-readable, the users should share a common group. This group will be
# created if `galaxy_create_user` is enabled and it does not exist. Ideally this is the primary group of `galaxy_user`,
# on most Linux systems, just set this to the same value as `galaxy_user` if you want to enable this feature.
#galaxy_group:
# Because these vars can be either a bare username or a dict
__galaxy_user_name: "{{ galaxy_user.name | default(galaxy_user) }}"
__galaxy_privsep_user_name: "{{ galaxy_privsep_user.name | default(galaxy_privsep_user) }}"
# If `galaxy_create_user` is enabled, the privsep user will also be created, but you can override this behavior
galaxy_create_privsep_user: "{{ galaxy_create_user if __galaxy_privsep_user_name != 'root' else false }}"
# Directories to create as the Galaxy user if galaxy_manage_paths is enabled
galaxy_dirs:
- "{{ galaxy_mutable_data_dir }}"
- "{{ galaxy_mutable_config_dir }}"
- "{{ galaxy_cache_dir }}"
- "{{ galaxy_shed_tools_dir }}"
- "{{ galaxy_tool_dependency_dir }}"
- "{{ galaxy_file_path }}"
- "{{ galaxy_job_working_directory }}"
# Directories to create as the privilege separated user if galaxy_manage_paths is enabled
galaxy_privsep_dirs:
- "{{ galaxy_venv_dir }}"
- "{{ galaxy_server_dir }}"
- "{{ galaxy_config_dir }}"
- "{{ galaxy_local_tools_dir }}"
# Local (relative to playbook) path to local tools
galaxy_local_tools_src_dir: files/galaxy/tools
# Local (relative to playbook) path to dynamic job rules
galaxy_dynamic_job_rules_src_dir: files/galaxy/dynamic_job_rules
# Remote path to dynamic job rules (must be on Galaxy's $PYTHONPATH if not the default)
galaxy_dynamic_job_rules_dir: "{{ galaxy_server_dir }}/lib/galaxy/jobs/rules"
# List of dynamic rules to install
galaxy_dynamic_job_rules: []
#
# Version control
#
# This is now automatically determined in tasks/_inc_node_version.yml, but it can be set to force a version
#galaxy_node_version: "XX.YY.Z"
# Where to clone Galaxy from. Backwards compatibility with galaxy_git_repo
galaxy_repo: "{{ galaxy_git_repo | default('https://github.com/galaxyproject/galaxy.git') }}"
# Automatically delete things in the repo that do not belong there
galaxy_force_checkout: no
# Git clone depth for the galaxy repository. Leave unset to ignore.
#galaxy_clone_depth:
# This can be a tag (as shown here) but doing so will cause the revision check task to always report "changed".
# Backwards compatibility with galaxy_changeset_id.
galaxy_commit_id: "{{ galaxy_changeset_id | default('master') }}"
# Download URL (if used)
galaxy_download_url: "{{ galaxy_repo | replace('.git', '') }}/archive/{{ galaxy_commit_id }}.tar.gz"
#
# Path and Galaxy configuration
#
# Directory layout for deployment (legacy is the default)
#galaxy_layout: legacy
# List of tool configs to load
galaxy_tool_config_files:
- "{{ galaxy_server_dir }}/config/tool_conf.xml.sample"
- "{{ galaxy_shed_tool_conf_file }}"
# The shed tool conf path is needed separate from the value of tool_conf for instantiation
galaxy_shed_tool_conf_file: "{{ galaxy_mutable_config_dir }}/shed_tool_conf.xml"
# The Python `requirements.txt` file that should be used to install Galaxy dependent modules using pip
galaxy_requirements_file: "{{ galaxy_server_dir }}/lib/galaxy/dependencies/pinned-requirements.txt"
# This will be configurable at some point
galaxy_static_dir: "{{ galaxy_server_dir }}/static"
# Galaxy config file can either be 'ini-paste' (old style) or 'yaml'
galaxy_config_style: "ini-paste"
galaxy_config_file_basename: "galaxy.{{ 'yml' if galaxy_config_style in ('yaml', 'yml') else 'ini' }}"
galaxy_config_file_template: "{{ galaxy_config_file_basename }}.j2"
galaxy_config_file: "{{ galaxy_config_dir }}/{{ galaxy_config_file_basename }}"
galaxy_app_config_section: "{{ 'galaxy' if galaxy_config_style in ('yaml', 'yml') else 'app:main' }}"
# The default Galaxy configuration, ensures that Galaxy can find all of the configs if galaxy_config_dir !=
# galaxy_server_dir
galaxy_paste_app_factory: "galaxy.web.buildapp:app_factory"
galaxy_app_config_default:
# Defaults for sample configs that require a value to be set
builds_file_path: "{{ galaxy_server_dir }}/tool-data/shared/ucsc/builds.txt.sample"
data_manager_config_file: "{{ galaxy_server_dir }}/config/data_manager_conf.xml.sample"
datatypes_config_file: "{{ galaxy_server_dir }}/config/datatypes_conf.xml.sample"
external_service_type_config_file: "{{ galaxy_server_dir }}/config/external_service_types_conf.xml.sample"
openid_config_file: "{{ galaxy_server_dir }}/config/openid_conf.xml.sample"
ucsc_build_sites: "{{ galaxy_server_dir }}/tool-data/shared/ucsc/ucsc_build_sites.txt.sample"
tool_data_table_config_path: "{{ galaxy_server_dir }}/config/tool_data_table_conf.xml.sample"
tool_sheds_config_file: "{{ galaxy_server_dir }}/config/tool_sheds_conf.xml.sample"
# Various cache and temporary directories
template_cache_path: "{{ galaxy_cache_dir }}/template_cache"
whoosh_index_dir: "{{ galaxy_cache_dir }}/whoosh_cache"
object_store_cache_path: "{{ galaxy_cache_dir }}/object_store_cache"
openid_consumer_cache_path: "{{ galaxy_cache_dir }}/openid_consumer_cache"
citation_cache_data_dir: "{{ galaxy_cache_dir }}/citations/data"
citation_cache_lock_dir: "{{ galaxy_cache_dir }}/citations/locks"
new_file_path: "{{ galaxy_mutable_data_dir }}/tmp"
# Mutable config files
integrated_tool_panel_config: "{{ galaxy_mutable_config_dir }}/integrated_tool_panel.xml"
migrated_tools_config: "{{ galaxy_mutable_config_dir }}/migrated_tools_conf.xml"
shed_data_manager_config_file: "{{ galaxy_mutable_config_dir }}/shed_data_manager_conf.xml"
shed_tool_data_table_config: "{{ galaxy_mutable_config_dir }}/shed_tool_data_table_conf.xml"
# Directories that would often be stored outside the mutable data dir, these values are either from the layout or set by the user
file_path: "{{ galaxy_file_path }}"
job_working_directory: "{{ galaxy_job_working_directory }}"
tool_dependency_dir: "{{ galaxy_tool_dependency_dir }}"
# Static config files
tool_config_file: "{{ galaxy_tool_config_files | join(',') }}"
# Everything else
visualization_plugins_directory: "config/plugins/visualizations"
# Need to set galaxy_config_default[galaxy_app_config_section] dynamically but Ansible/Jinja2 does not make this easy
galaxy_config_default: "{{ {} | combine({galaxy_app_config_section: galaxy_app_config_default}) }}"
galaxy_config_merged: "{{ galaxy_config_default | combine(galaxy_config | default({}), recursive=True) }}"
# Automatically instantiate mutable config files if they don't exist (dest will not be overwritten if it exists)
galaxy_mutable_configs:
- src: "{{ galaxy_server_dir }}/config/migrated_tools_conf.xml.sample"
dest: "{{ galaxy_config_merged[galaxy_app_config_section].migrated_tools_config }}"
- src: "{{ galaxy_server_dir }}/config/shed_data_manager_conf.xml.sample"
dest: "{{ galaxy_config_merged[galaxy_app_config_section].shed_data_manager_config_file }}"
- src: "{{ galaxy_server_dir }}/config/shed_tool_data_table_conf.xml.sample"
dest: "{{ galaxy_config_merged[galaxy_app_config_section].shed_tool_data_table_config }}"
galaxy_mutable_config_templates:
- src: "shed_tool_conf.xml"
dest: "{{ galaxy_shed_tool_conf_file }}"
galaxy_config_error_email_to: "{{ galaxy_config_merged[galaxy_app_config_section].error_email_to | default('') }}"
galaxy_config_instance_resource_url: "{{ galaxy_config_merged[galaxy_app_config_section].instance_resource_url | default('') }}"
galaxy_errordocs_server_name: Galaxy
galaxy_errordocs_prefix: /error
# These are lists of hashes in the same format as galaxy_mutable_configs that can be used to cause extra files and
# templates to be installed on the managed host.
galaxy_config_files: []
galaxy_config_templates: []
# Default uWSGI configuration
galaxy_uwsgi_yaml_parser: internal
galaxy_uwsgi_config_default:
http: 127.0.0.1:8080
buffer-size: 16384
processes: 1
threads: 4
offload-threads: 2
static-map:
- /static/style={{ galaxy_server_dir }}/static/style/blue
- /static={{ galaxy_server_dir }}/static
master: true
virtualenv: "{{ galaxy_venv_dir }}"
pythonpath: "{{ galaxy_server_dir }}/lib"
module: galaxy.webapps.galaxy.buildapp:uwsgi_app()
thunder-lock: true
die-on-term: true
hook-master-start:
- unix_signal:2 gracefully_kill_them_all
- unix_signal:15 gracefully_kill_them_all
py-call-osafterfork: true
enable-threads: true
# TODO: Implement something like this for starter/restarter
#galaxy_server_type: paste_singleprocess
#
# Client build settings
#
# Options include: client / client-production / client-production-maps (default). Set to null to invoke each step of the
# build separately, but this is not guaranteed to work for all version of Galaxy - using `make` is the safer choice.
galaxy_client_make_target: client-production-maps
galaxy_client_build_steps:
default:
- client
- plugins
"19.09":
- fonts
- stageLibs
- plugins