David, Just to add to what Enis responded - in my previous position I managed a CloudMan instance that used SSL and LDAP - I documented some of what it took to configure it here https://production-galaxy-instances-with-cloudman-and-cloudbiolinux.readthed... but it was based on CloudBioLinux instead of the newer Ansible recipes so the documentation is probably of limited use - but it does give an idea about what needs to be updated to how to update it - it just has to be translated to Ansible. Best of luck, -John On Mon, Apr 27, 2015 at 10:39 AM, Enis Afgan <enis.afgan@irb.hr> wrote:
Hi David, The nginx change will require a new AMI that includes the appropriately compiled nginx. We've been working on automating the process of building the image and it's captured in this Ansible playbook: https://github.com/galaxyproject/galaxy-cloudman-playbook (the current README is a bit of out of sync with the code but I have been working on a updating that and will commit it later on today or tomorrow at the latest). You'll need to edit the nginx installation procedure to include the customizations for nginx you want.
Re. configuration changes (nginx.conf and galaxy.ini) - these are done via CloudMan (https://github.com/galaxyproject/cloudman/tree/master/cm/conftemplates). So it would be necessary to create a your own S3 bucket and host CloudMan source there with the desired customizations. I'll send you a paper that will be presented next month that captures all the pieces that are required for assemble a custom version of Galaxy CloudMan.
Hope this helps and please let us know if you have any more questions, Enis
On Fri, Apr 24, 2015 at 2:25 PM, David Kovalic <kovalic@analome.com> wrote:
Hi,
We are interested in running CloudMan/Galaxy with SSL and LDAP. After searching around on the internet it seems like this is achievable and probably not too difficult, but there is no current complete “cookbook recipe” for doing so, so I thought it best to ask questions before I go ahead and break stuff :)
As I understand:
· ngnix needs to have the LDAP module added, as the standard CM ngnix build doesn’t include this
· ngnix needs to have a custom ngnix.conf file which specifies the use of SSL and LDAP
· Galaxy need to have a custom configuration universe_wsgi.ini for LDAP use
By searching online I can’t clearly figure out:
· How to recompile (and persist across CM cluster termination/restart) a new version of ngnix
· The best way to maintain and specify a custom ngnix.conf. Is it possible to do this by placing the custom ngnix.conf in the cluster S3 bucket and adding a configuration line specifying its URL (e.g. "nginx_conf_contents: https://s3.amazonaws.com/[cm bucket ID]/ngnix.conf") in persistent_data.yaml file in the CM S3 bucket?
· Where do I make the modifications such that the changes to universe_wsgi.ini persist across CM cluster termination/restart?
It would be great to get some experienced insight on how best to complete this configuration, and have it persist.
Any guidance would be greatly appreciated. Thanks,
David Kovalic
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: https://lists.galaxyproject.org/
To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: https://lists.galaxyproject.org/
To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/