Setting up the Research Software Directory using Ansible.
Currently supported platforms are:
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
docker
(Docker SDK for Python)docker-compose
rsd_dependencies
- Default:
["docker", "docker-compose"]
- Description: List of required python modules.
- Default:
rsd_working_directory
- Default:
"/opt/rsd"
- Description: The path where the RSD repository will be checked out.
- Default:
rsd_version
- Default:
"latest"
- Description: What version of the RSD-as-a-service container images to deploy (image tag name).
If
latest
is used the container images will always be pulled prior starting the application.
- Default:
rsd_container_registry_path
- Default:
"ghcr.io/hifis-net/rsd-saas"
- Description: Path to the container registry from where the images are pulled.
- Default:
rsd_environment_file
- Default:
"rsd-secrets.env"
- Description: Inventory specific environment file.
- Default:
rsd_docker_compose_cmd
- Default:
"docker-compose"
- Description: Docker Compose command used to validate docker-compose.yml.
- Default:
rsd_docker_compose_template_file
- Default:
"docker-compose.yml.j2"
- Description: Template file for docker-compose.yml.
- Default:
rsd_nginx_config_template
- Default:
"nginx.conf.j2"
- Description: Template file for Nginx configuration.
- Default:
rsd_tls_cert_path
- Default:
"/etc/ssl/certs/rsd.pem"
- Description: Absolute destination path for TLS certificate file.
- Default:
rsd_tls_key_path
- Default:
"/etc/ssl/private/rsd.key"
- Description: Absolute destination path for TLS key file.
- Default:
rsd_nginx_dhparam_file_path
- Default:
"/etc/ssl/private/dhparam.pem"
- Description: Absolute destination path for DH parameters file.
- Default:
rsd_swagger_enabled
- Default:
false
- Description: Whether Swagger is enabled or not.
- Default:
rsd_swagger_version
- Default:
v4.15.0
- Description: version of of the Docker image
swaggerapi/swagger-ui
.
- Default:
rsd_prune_volumes
- Default:
false
- Description: Set to
true
to remove docker data volumes (this will force container recreation).
- Default:
rsd_migrate_spotlights
- Default:
false
- Description: Set to
true
to migrate the software spotlights from hifis.net into the RSD (Helmholtz theme only).
- Default:
rsd_spotlight_migration_image
- Default:
"ghcr.io/hifis-net/rsd-spotlight-migration:v1.0.0"
- Description: Container image for software spotlights migration
- Default:
rsd_compose_project_name
- Default:
"rsd"
- Description: Define the Compose project name, if you are running different versions of the RSD.
- Default:
rsd_domain
- Default:
"localhost"
- Description: Domain name under which the RSD should be accessible.
- Default:
rsd_auth_providers
- Default:
"SURFCONEXT;HELMHOLTZAAI"
- Description: Semicolon-separated list of supported OpenID auth providers.
- Default:
rsd_admin_email_list
- Default:
None
- Description: Semicolon-separated list of user email addresses (exact match incl. the letter casing) of RSD admins.
- Default:
rsd_auth_user_mail_whitelist
- Default:
None
- Description: Semicolon-separated list of user email addresses which are allowed to log into the RSD.
- Default:
rsd_hgfaai_client_id
- Default:
"rsd-dev"
- Description: Public Helmholtz AAI client ID.
- Default:
rsd_hgfaai_client_secret
- Default:
"changeme"
- Description: Helmholtz AAI client secret.
- Default:
rsd_hgfaai_well_known_url
- Default:
"https://login-dev.helmholtz.de/oauth2/.well-known/openid-configuration"
- Description: Helmholtz AAI well known URL.
- Default:
rsd_hgfaai_allow_external_users
- Default:
false
- Description: Set to
true
to allow users from non-Helmholtz centres or social IdPs.
- Default:
rsd_postgres_db_host
- Default:
"database"
- Description: Postgres database hostname.
- Default:
rsd_postgres_db_host_port
- Default:
"5432"
- Description: Postgres database host port.
- Default:
rsd_postgres_db
- Default:
"rsd-db"
- Description: Postgres database name.
- Default:
rsd_postgres_user
- Default:
"rsd"
- Description: Postgres user name.
- Default:
rsd_postgres_password
- Default:
"changeme"
- Description: Postgres password.
- Default:
rsd_postgres_authenticator_password
- Default:
"ChangeMe"
- Description: Postgres authenticator password used by the backend (should be different from
rsd_postgres_password
).
- Default:
rsd_max_requests_github
- Default:
"6"
- Description: Maximum number of requests to the GitHub API per run.
- Default:
rsd_max_requests_gitlab
- Default:
"6"
- Description: Maximum number of requests to the GitLab API per run.
- Default:
rsd_max_requests_doi
- Default:
"6"
- Description: Maximum number of mentions to scrape per run.
- Default:
rsd_oaipmh_scraper_enabled
- Default:
false
- Description: Set to
true
to enable the oaipmh scraper.
- Default:
rsd_surfconext_client_secret
- Default:
"changeme"
- Description: SurfConext client secret.
- Default:
rsd_gh_access_token
- Default:
"changeme"
- Description: GitHub personal access token.
- Default:
rsd_jwt_secret
- Default:
"changemeChangemeChangemeChangeme"
- Description: JSON web token secret with at least 32 characters to generate/verify tokens.
- Default:
rsd_zenodo_access_token
- Default:
"changeme"
- Description: Zenodo access token.
- Default:
rsd_crossref_contact_email
- Default:
""
- Description: Email address that Crossref can contact you with to comply with their "polite" policy.
- Default:
rsd_matomo_url
- Default:
""
- Description: Tracking URL (should end with a trailing slash)
- Default:
rsd_matomo_id
- Default:
""
- Description: Matomo ID for the corresponding tracking URL
- Default:
The Research Software Directory requires docker
and docker-compose
to be
available on the system. This role has been successfully used together with the
following Ansible roles:
- Docker - geerlingguy.docker
- Pip - geerlingguy.pip
- hosts: servers
roles:
- { role: hifis.rsd }
This role was created by HIFIS Software Services.
We would like to thank and give credits to the following contributors of this project: