Hi,


We are interested in running CloudMan/Galaxy with SSL and LDAP. After searching around on the internet it seems like this is achievable and probably not too difficult, but there is no current complete “cookbook recipe” for doing so, so I thought it best to ask questions before I go ahead and break stuff :)


As I understand:

·         ngnix needs to have the LDAP module added, as the standard CM ngnix build doesn’t include this

·         ngnix needs to have a custom ngnix.conf file which specifies the use of SSL and LDAP

·         Galaxy need to have a custom configuration universe_wsgi.ini for LDAP use


By searching online I can’t clearly figure out:

·         How to recompile (and persist across CM cluster termination/restart) a new version of ngnix

·         The best way to maintain and specify a custom ngnix.conf. Is it possible to do this by placing the custom ngnix.conf in the cluster S3 bucket and adding a configuration line specifying its URL (e.g. "nginx_conf_contents: https://s3.amazonaws.com/[cm bucket ID]/ngnix.conf") in persistent_data.yaml file in the CM S3 bucket?

·         Where do I make the modifications such that the changes to universe_wsgi.ini persist across CM cluster termination/restart?

It would be great to get some experienced insight on how best to complete this configuration, and have it persist.


Any guidance would be greatly appreciated. Thanks,


David Kovalic