From 360c304bc0ebba24231a7ab572fb36104671d6f1 Mon Sep 17 00:00:00 2001 From: Sebastian Luna-Valero Date: Fri, 20 Sep 2024 14:51:42 +0200 Subject: [PATCH] disable motley for now --- deployment/main.tf | 41 ++++++++++++------------- deployment/playbook.yaml | 64 ++++++++++++++++++++-------------------- 2 files changed, 53 insertions(+), 52 deletions(-) diff --git a/deployment/main.tf b/deployment/main.tf index 7c73dbf..cf63de0 100644 --- a/deployment/main.tf +++ b/deployment/main.tf @@ -6,7 +6,8 @@ resource "openstack_compute_instance_v2" "dashboard" { network { uuid = var.net_id } - security_groups = ["HTTP", "motley-cue"] + security_groups = ["HTTP"] + //security_groups = ["HTTP", "motley-cue"] } resource "openstack_compute_secgroup_v2" "secgroup" { @@ -28,25 +29,25 @@ resource "openstack_compute_secgroup_v2" "secgroup" { } } -resource "openstack_compute_secgroup_v2" "motley" { - name = "motley-cue" - description = "Open access via ssh-oidc" - - rule { - from_port = 22 - to_port = 22 - ip_protocol = "tcp" - cidr = "0.0.0.0/0" - } - - rule { - from_port = 8181 - to_port = 8181 - ip_protocol = "tcp" - cidr = "0.0.0.0/0" - } - -} +//resource "openstack_compute_secgroup_v2" "motley" { +// name = "motley-cue" +// description = "Open access via ssh-oidc" +// +// rule { +// from_port = 22 +// to_port = 22 +// ip_protocol = "tcp" +// cidr = "0.0.0.0/0" +// } +// +// rule { +// from_port = 8181 +// to_port = 8181 +// ip_protocol = "tcp" +// cidr = "0.0.0.0/0" +// } +// +//} resource "openstack_networking_floatingip_v2" "fip" { pool = var.ip_pool diff --git a/deployment/playbook.yaml b/deployment/playbook.yaml index b703ed9..fe91f90 100644 --- a/deployment/playbook.yaml +++ b/deployment/playbook.yaml @@ -14,43 +14,43 @@ roles: - role: "grycap.docker" docker_config_values: { "mtu": 1400 } - - role: "grycap.motley_cue" - ssh_oidc_other_vos_name: cloud.egi.eu - ssh_oidc_other_vos_role: auditor +# - role: "grycap.motley_cue" +# ssh_oidc_other_vos_name: cloud.egi.eu +# ssh_oidc_other_vos_role: auditor - hosts: all become: yes gather_facts: yes tasks: - - name: Disable default site in nginx - ansible.builtin.file: - path: /etc/nginx/sites-enabled/default - state: absent - - - name: Move motley-cue to a different port (nginx) - ansible.builtin.lineinfile: - path: /etc/nginx/sites-available/nginx.motley_cue - search_string: "8080;" - line: 8181; - - - name: Move motley-cue to a different port (pam-ssh-oidc) - ansible.builtin.lineinfile: - path: /etc/pam.d/pam-ssh-oidc-config.ini - search_string: "http://localhost:8080/verify_user" - line: http://localhost:8181/verify_user - - - name: Restart nginx - ansible.builtin.service: - name: nginx - state: restarted - enabled: yes - - - name: Restart motley-cue - ansible.builtin.service: - name: motley-cue - state: restarted - enabled: yes - +# - name: Disable default site in nginx +# ansible.builtin.file: +# path: /etc/nginx/sites-enabled/default +# state: absent +# +# - name: Move motley-cue to a different port (nginx) +# ansible.builtin.lineinfile: +# path: /etc/nginx/sites-available/nginx.motley_cue +# regexp: ".*listen 8080;$" +# line: " listen 8181;" +# +# - name: Move motley-cue to a different port (pam-ssh-oidc) +# ansible.builtin.lineinfile: +# path: /etc/pam.d/pam-ssh-oidc-config.ini +# search_string: "http://localhost:8080/verify_user" +# line: http://localhost:8181/verify_user +# +# - name: Restart nginx +# ansible.builtin.service: +# name: nginx +# state: restarted +# enabled: yes +# +# - name: Restart motley-cue +# ansible.builtin.service: +# name: motley-cue +# state: restarted +# enabled: yes +# - name: Checkout repo at VM ansible.builtin.git: repo: "https://github.com/EGI-Federation/fedcloud-dashboard.git"