%

dietrichliko · dietrichliko · commit 4da22f4b0f78 · 2019-06-02T01:18:36.000+02:00
diff --git a/README.md b/README.md
@@ -1,33 +1,29 @@
-Role Name
-=========
+# grid_htc_ce
 
 A brief description of the role goes here.
 
-Requirements
-------------
+## Requirements
+
 
 Any pre-requisites that may not be covered by Ansible itself or the role should
 be mentioned here. For instance, if the role uses the EC2 module, it may be a
 good idea to mention in this section that the boto package is required.
 
-Role Variables
---------------
+## Role Variables
+
+      grid_htc_ce_repo_install: true
+      grid_htc_ce_repo_development_enable: false
+      grid_htc_ce_batch_system: slurm
+      grid_htc_ce_argus_server:
 
-A description of the settable variables for this role should go here, including
-any variables that are in defaults/main.yml, vars/main.yml, and any variables
-that can/should be set via parameters to the role. Any variables that are read
-from other roles and/or the global scope (ie. hostvars, group vars, etc.) should
-be mentioned here as well.
 
-Dependencies
-------------
+## Dependencies
 
 A list of other roles hosted on Galaxy should go here, plus any details in
 regards to parameters that may need to be set for other roles, or variables that
 are used from other roles.
 
-Example Playbook
-----------------
+## Example Playbook
 
 Including an example of how to use your role (for instance, with variables
 passed in as parameters) is always nice for users too:
@@ -36,13 +32,8 @@ passed in as parameters) is always nice for users too:
       roles:
          - { role: hephyvienna.htcondor-ce, x: 42 }
 
-License
--------
-
-BSD
+## License
 
-Author Information
-------------------
+MIT
 
-An optional section for the role authors to include contact information, or a
-website (HTML is not allowed).
+## Author Information
diff --git a/files/gsi-authz.conf b/files/gsi-authz.conf
@@ -0,0 +1 @@
+globus_mapping /usr/lib64/libgsi_pep_callout.so argus_pep_callout
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -7,3 +7,13 @@
 - name: Install pkgs
   package:
     name: "{{ grid_htc_ce_pkgs }}"
+
+- name: Configure gsi-authz
+  copy:
+    src: files/gsi-authz.conf
+    dest: /etc/grid-security/gsi-authz.conf
+
+- name: Configure gsi-pep-callout-condor
+  template:
+    src: gsi-pep-callout-condor.conf.j2
+    dest: /etc/grid-security/gsi-pep-callout-condor.conf
diff --git a/templates/gsi-pep-callout-condor.conf.j2 b/templates/gsi-pep-callout-condor.conf.j2
@@ -0,0 +1,6 @@
+pep_ssl_server_capath /etc/grid-security/certificates/
+pep_ssl_client_cert /etc/grid-security/condorcert.pem
+pep_ssl_client_key /etc/grid-security/condorkey.pem
+pep_url https:{{ grid_htc_ce_argus_server }}:8154/authz
+pep_timeout 30 # seconds
+xacml_resourceid http:{{ grid_htc_ce_argus_server }}/condor-ce

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+globus_mapping /usr/lib64/libgsi_pep_callout.so argus_pep_callout`