Galaxy Admin:
- Upgrade Procedures
- Rebasing when upstream gets backports
- Process Management
- TIaaS Requests
- Jobs
- Monitoring
- Mixed Notes
Cloud Admin:
- NO EXCEPTIONS
- Do not merge things to the playbook repositories that will be auto-applied
- Do not do any manual systems administration
- Consider writing documentation or more test cases instead.
- They should login using GitHub auth.
- Note that they must be a member of an approved organisation. (Note that this link is to a specific revision where I could be sure the line number was correct, please check against
master
)
- Note that they must be a member of an approved organisation. (Note that this link is to a specific revision where I could be sure the line number was correct, please check against
- (As an admin) Open the user list
- Find them and "edit"
- Under "Organizations" type "Main" and select the main organisation that shows up, adding them as the appropriate role.
Some users do not get the activation email or are unable to find it. On request we can generate the link with the following procedure:
cd /opt/galaxy/server/
. ../venv/bin/activate
python /data/gxmnt/galaxy-dist/scripts/activation_link.py -c ~/config/galaxy.ini -e <their email>
Ansible Vault encrypts variables and files to protect sensitive content such as passwords or keys rather than leaving it visible as plaintext in playbooks or roles.To use Ansible Vault you need one or more passwords to encrypt and decrypt content. If you store your vault passwords in a third-party tool such as a secret manager, you need a script to access them. Use the passwords-with the ‘ansible-vault’ command line tool to create and view encrypted variables, create encrypted files, encrypt existing files, or edit, re-key, or decrypt files.
-
Clone our repository.
-
Navigate to Ansible vault directory
cd infrastructure-playbook/secret_group_vars/
-
Create a new branch or checkout to the branch you want to switch to, e.g.(‘dp_keycloak’)
-
Use command
ansible-vault create keycloak.yml
to create new encrypt file. -
Then ansible asks for:
New Vault password: Confirm New Vault password:
It is recommended to use the previously set Vault password for smooth running of playbook
-
The newly created encrypt file (‘keycloak.yml’) enables us to enter data or enter lines of code before encrypted.
-
The content in the encrypted files can be read by command
ansible-vault view keycloak.yml
and can be edited by the commandansible-vault edit keycloak.yml
followed by entering the given Vault password. -
Update the branch pushing commits
git push