From c0c093a74bbeedf393db7ad3bf0c14a231616fe4 Mon Sep 17 00:00:00 2001 From: Nate Coraor Date: Thu, 13 Apr 2023 10:57:30 -0400 Subject: [PATCH 1/3] Revert "Precreate directories" This reverts commit a0812154f28e1c328039eabf3d1e291f2baa9514. --- tasks/static_setup.yml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/tasks/static_setup.yml b/tasks/static_setup.yml index 56016f6..90706c8 100644 --- a/tasks/static_setup.yml +++ b/tasks/static_setup.yml @@ -8,14 +8,6 @@ include_tasks: _inc_galaxy_version.yml when: __galaxy_major_version is undefined - - name: Create directories for config files - ansible.builtin.file: - state: directory - path: "{{ item }}" - mode: "{{ __galaxy_dir_perms }}" - group: "{{ __galaxy_user_group }}" - loop: "{{ (galaxy_config_files + galaxy_config_templates) | map(attribute='dest') | map('dirname') | unique }}" - - name: Install additional Galaxy config files (static) copy: src: "{{ item.src }}" From 11fd0bde90d167b3bbd261f80df69c1690c4c9df Mon Sep 17 00:00:00 2001 From: Nate Coraor Date: Thu, 13 Apr 2023 10:58:00 -0400 Subject: [PATCH 2/3] Revert "second attempt at fixing, must be privsep to create" This reverts commit 2a9bf37125d9c4e25648b4fe691b890687281bc0. --- tasks/mutable_setup.yml | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) diff --git a/tasks/mutable_setup.yml b/tasks/mutable_setup.yml index e3201ad..6cf5310 100644 --- a/tasks/mutable_setup.yml +++ b/tasks/mutable_setup.yml @@ -1,28 +1,21 @@ --- # Instantiate mutable config files -- name: Mutable config directory setup +- name: Mutable config setup block: - - name: Create directories for mutable config files + + - name: Ensure Galaxy version is set + include_tasks: _inc_galaxy_version.yml + when: __galaxy_major_version is undefined + + - name: Create directories for config files ansible.builtin.file: state: directory path: "{{ item }}" mode: "{{ __galaxy_dir_perms }}" - owner: "{{ __galaxy_user_name }}" group: "{{ __galaxy_user_group }}" loop: "{{ (galaxy_mutable_config_files + galaxy_mutable_config_templates) | map(attribute='dest') | map('dirname') | unique }}" - remote_user: "{{ galaxy_remote_users.privsep | default(__galaxy_remote_user) }}" - become: "{{ true if galaxy_become_users.privsep is defined else __galaxy_become }}" - become_user: "{{ galaxy_become_users.privsep | default(__galaxy_become_user) }}" - -- name: Mutable config setup - block: - - - name: Ensure Galaxy version is set - include_tasks: _inc_galaxy_version.yml - when: __galaxy_major_version is undefined - # force: no in the following 2 tasks will not overwrite existing configs - name: Instantiate mutable configuration files copy: From e540b09304d6d36c4973ba8def5dadf1bf807658 Mon Sep 17 00:00:00 2001 From: Nate Coraor Date: Thu, 13 Apr 2023 10:59:22 -0400 Subject: [PATCH 3/3] Add vars for creating extra dirs --- defaults/main.yml | 6 ++++++ tasks/paths.yml | 4 ++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 60112e8..6fdd2aa 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -107,6 +107,9 @@ galaxy_dirs: - "{{ galaxy_tool_data_path }}" - "{{ galaxy_log_dir }}" +# Additional directories to create as the Galaxy user, so you don't have to copy the default galaxy_dirs +galaxy_extra_dirs: [] + # Directories to create as the privilege separated user if galaxy_manage_paths is enabled galaxy_privsep_dirs: - "{{ galaxy_venv_dir }}" @@ -114,6 +117,9 @@ galaxy_privsep_dirs: - "{{ galaxy_config_dir }}" - "{{ galaxy_local_tools_dir }}" +# Additional directories to create as the privilege separated user, so you don't have to copy the default galaxy_dirs +galaxy_extra_privsep_dirs: [] + # Local (relative to playbook) path to local tools galaxy_local_tools_src_dir: files/galaxy/tools diff --git a/tasks/paths.yml b/tasks/paths.yml index 66dbe2b..0b86999 100644 --- a/tasks/paths.yml +++ b/tasks/paths.yml @@ -20,7 +20,7 @@ owner: "{{ __galaxy_privsep_user_name }}" group: "{{ __galaxy_user_group }}" #This is set so that the galaxy_user can read the files in the priv_sep dirs. (As priv_sep dirs have defauly perms of 0640.) mode: "{{ __galaxy_dir_perms }}" - with_items: "{{ galaxy_privsep_dirs }}" + loop: "{{ galaxy_privsep_dirs + galaxy_extra_privsep_dirs }}" when: item | default(False) - name: Create additional directories @@ -30,7 +30,7 @@ owner: "{{ __galaxy_user_name }}" group: "{{ __galaxy_user_group }}" mode: "{{ __galaxy_dir_perms }}" - with_items: "{{ galaxy_dirs }}" + loop: "{{ galaxy_dirs + galaxy_extra_dirs }}" # TODO: for root squashing it might be useful for this to be separate from other root tasks remote_user: "{{ galaxy_remote_users.root | default(__galaxy_remote_user) }}"