vgcn/ansible/group_vars/all.yml at be7cf17f8de0365671714fe32feca9c0eca06ca3 · usegalaxy-eu/vgcn · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
---
vg_build: 60
# This will be replaced by jenkins.
build_tag: vggp-v##-j##-##-branch # overriden by packer var set in build.py

cloud: bwCloud

galaxy_uid: 999
galaxy_gid: 999

replace_non_galaxy_999: true

telegraf_agent_package_state: latest
telegraf_yum_gpgcheck: false
telegraf_agent_tags:
  - tag_name: datacenter
    tag_value: rz
  - tag_name: cloud
    tag_value: "{{ cloud }}"
  - tag_name: vgcn_build
    tag_value: "{{ build_tag }}"
  - tag_name: distribution
    tag_value: "{{ ansible_distribution }}"
  - tag_name: distribution_version
    tag_value: "{{ ansible_distribution_version }}"

telegraf_plugins_default:
  - plugin: cpu
    config:
      - percpu = true
  - plugin: disk
  - plugin: diskio
  - plugin: mem
  - plugin: system
  - plugin: swap
  - plugin: net
  - plugin: netstat
  - plugin: processes
  - plugin: kernel
  - plugin: chrony
  - plugin: exec
    config:
      - commands = ["/bin/iamalive"]
      - name_suffix = "_alive"

java_packages:
 - java-21-openjdk

# CVMFS
cvmfs_role: client
cvmfs_yum_releasever: "9"
galaxy_cvmfs_repos_enabled: true
galaxy_cvmfs_server_urls:
  - domain: galaxyproject.org
    urls:
      - "http://cvmfs1-ufr0.galaxyproject.eu/cvmfs/@fqrn@"
      - "http://cvmfs1-psu0.galaxyproject.org/cvmfs/@fqrn@"
      - "http://cvmfs-s1-galaxy.computecanada.ca:8000/cvmfs/@fqrn@"
      - "http://cvmfs1-iu0.galaxyproject.org/cvmfs/@fqrn@"
      - "http://cvmfs1-tacc0.galaxyproject.org/cvmfs/@fqrn@"
      - "http://cvmfs1-mel0.gvl.org.au/cvmfs/@fqrn@"

# dynmotd
dynmotd_custom:
  - name: Build
    command: "echo VGCN build: {{ build_tag }}"
  - name: Build date
    command: "echo  {{ ansible_date_time.iso8601 }}"

# Docker
docker_packages:
  - docker-ce
  - docker-ce-cli
  - containerd.io
  - docker-buildx-plugin
  - docker-compose-plugin
  - docker-ce-rootless-extras
docker_users:
  - centos
  - condor

nodejs_version: "8.x"
nodejs_install_npm_user: root
nodejs_npm_global_packages:
 - yarn

texlive_directory: /usr/local/texlive
texlive_mirror: "http://packages.oth-regensburg.de/ctan/systems/texlive/tlnet/"
texlive_rsync: "rsync://packages.oth-regensburg.de/ctan/systems/texlive/tlnet/"
scheme: full

# Filesystem maintenance
jwd_path: "/scratch/galaxy_db/job_working_directory/"
tmp_path: "/scratch/galaxy_db/tmp/"
mtime: "+30"

# Chrony
chrony_server: 'time.ruf.uni-freiburg.de iburst'
chrony_acquisitionport: 0
chrony_conf_file: '/etc/chrony.conf'
chrony_keyfile: '/etc/chrony.keys'

#usegalaxy_eu.handy.os_setup
# Autofs
autofs_service.install: True
autofs_service.enable: True
nfs_kernel_tuning: True
nfs_kernel_tuning_parameters:
  sunrpc.tcp_max_slot_table_entries: 100
handy_groups:
  - group_name: galaxy
    group_gid: 999
handy_users:
  - user_name: galaxy
    user_uid: 999
    user_group: galaxy

# usegalaxy_eu.handy.os_setup
# ansible_root_cron
ansible_root_cron:
  - name: "Prune unused Docker objects"
    weekday: "{{ 7 | random }}"
    minute: "{{ 60 | random }}"
    hour: "{{ 5 | random }}"
    job: "docker system prune -a -f"
  - name: "Stop containers running more than 1 months"
    weekday: "{{ 7 | random }}"
    minute: "{{ 60 | random }}"
    hour: "{{ 5 | random }}"
    job: "/usr/bin/docker-stop-1M"
  - name: "Vacuum logs older than 7 days"
    weekday: "{{ 7 | random }}"
    minute: "{{ 15 | random }}"
    hour: "{{ 2 | random }}"
    job: '/usr/bin/journalctl --vacuum-time="7 days"'

## packages
software_groups_to_install:
  - admin
  - apps
  - debug
  - development
  - editors
  - fonts
  - services
  - utils

## kernel_5
kernel_5_package: kernel-ml

docker_daemon_options: {}

# Devsec
# Forsing group owenership to root. The role is for some reason trying to change it to "ssh_keys"
# and this does not aligne with the base Rocky10 image
ssh_host_keys_group: root