Install Galaxy Production environment. This role has been specifically developed to be used in the INDIGO project.
This ansible role supports CentOS 7 and Ubuntu 16.04 Xenial
Minimum ansible version: 2.1.2.0
galaxy_instance_description: set Galaxy brand
galaxy_user: set linux user to launch the Galaxy portal (default: galaxy).
GALAXY_UID: set user UID (default: 4001).
galaxy_FS_path: path to install Galaxy (default: /home/galaxy).
galaxy_directory: Galaxy directory (usually galaxy or galaxy-dist, default galaxy).
galaxy_install_path: Galaxy installation directory (default: /home/galaxy/galaxy).
galaxy_config_path: Galaxy config pat location.
galaxy_config_file: Galaxy primary configuration file.
galaxy_venv_path: Galaxy virtual environment directory (usually located to <galaxy_install_path>/.venv).
galaxy_custom_config_path: Galaxy custom configuration files path (default: /etc/galaxy).
galaxy_custom_script_path: Galaxy custom script path (defautl: /usr/local/bin).
galaxy_log_path: log file directory (default: /var/log/galaxy).
galaxy_instance_url: instance url (default: http://<ipv4_address>/galaxy/).
galaxy_instance_key_pub: instance ssh public key to configure <galaxy_user> access.
galaxy_lrms: enable Galaxy virtual elastic cluster support. Currently supported local and slurm (default: local, possible values: local, slurm).
GALAXY_VERSION: set Galaxy version (e.g. master, release_17.01, release_17.05...).
create_galaxy_admin: if true the administrator user will be created (default: true).
GALAXY_ADMIN_USERNAME: Galaxy administrator username.
GALAXY_ADMIN_PASSWORD: Galaxy administrator password.
GALAXY_ADMIN_API_KEY: Galaxy administrator API_KEY. https://wiki.galaxyproject.org/Admin/API. Please note that this key acts as an alternate means to access your account, and should be treated with the same care as your login password. To be changed by the administrator.(default value: GALAXY_ADMIN_API_KEY)
GALAXY_ADMIN_EMAIL: Galaxy administrator e-mail address
export_dir: Galaxy userdata are stored here (defatult: /export).
tool_deps_path: change tool dependency directory (default: {{ export_dir }}/tool_deps)
conda_prefix: change conda prefix directory (default: {{ export_dir }}/_conda).
conda_channels: change conda channels (default: iuc,bioconda,r,defaults,conda-forge).
update_ucsc: update UCSC genome database (default: true``). A monthly cron job is added to keep update ucsc genome db.
fast_update: force database update by copying cached files (default: true).
use_pbkdf2: enable pbkdf2 cryptograpy (default: true).
require_login: force everyone to log in, i.e. disable anonymous access (default: True).
allow_user_creation: allow unregistered users to create new accounts (default: True).
allow_user_impersonation: allow administrators to log in as other users (default: True).
new_user_dataset_access_role_default_private: by default users data will be public, but setting this to True will cause it to be private (default: True).
postgresql_version: set postgres version to be installed (current default: 9.6).
galaxy_db_dir: change galaxy database directory to store jobs results (default: {{export_dir}}/galaxy/database).
galaxy_db_port: set postgres port (default: 5432).
galaxy_db_passwd: set database password. By default it is generated a random password 20 characters long.
set_pgsql_random_password: if set to false the role takes the password specified through galaxy_db_passwd variable (default: true).
nginx_upload_store_path: set nginx upload dataset directory (default: {{galaxy_db_dir}}/tmp/nginx_upload_store).
The Galaxy portal runs through an nginx http proxy by default. The following
variables enable you to set nginx in https mode:
nginx_https: true
ssl_cert: /etc/certs/cert.pem
ssl_key: /etc/certs/key.pem
ssl_dhparam: /etc/certs/dhparam.pem
If nginx_https is set to true, the other ssl variables are required.
You can either request a signed trusted certificate or generated self-signed
certificate. An ansible role to generate self-signed certificate can be found
in https://galaxy.ansible.com/LIP-Computing/ssl-certs/
proftpd_welcome: set proftpd welcome message (default: galaxy ftp server).
proftpd_conf_path: set proftpd configuration file path.
proftpd_db_user: set proftpd database user (default: galaxyftp).
proftpd_db_passwd: set postgresql database password. By default it is generated a random password 20 characters long.
proftpd_files_path: set proftpd upload directory (default: {{galaxy_db_dir}}/ftp).
proftpd_ftp_port: set proftpd port (default: 21).
proftpd_passive_port_low: set passive port range minimum (default: 30000).
proftpd_passive_port_high: set passive port reng maximum (default:40000).
set_proftpd_random_password: if set to false the role takes the password specified through proftpd_db_passwd variable (default: true).
Currently this role support supervisord and systemd/upstart to start Galaxy services.
init_type: if set to supervisord, it use to manage Galaxy. If set to init systemd/upstart is used to start Galaxy.
It is possible to exploit supervisord to manage postegreSQL, NGINX and proftpd setting to true the following variables. To run this role on docker container you have to set them to true.
supervisor_manage_postgres: enable supervisord postgresql management (default: false).
supervisor_manage_nginx: enable supervisord nginx management (default: false).
supervisor_manage_proftpd: enable supervisord proftpd management (default: false).
enable_storage_advanced_options: this option, false by the default, has to be set to true only if you run the ansible role indigo-dc.galaxycloud-os, for advanced path configuration, onedata and filesystem encryption support. More details here: :doc:ansible_galaxycloud-os (default: false).
Inform the role if galaxy tools and reference data will be installed. If yes, galaxy is not started to configure tools and reference data.
galaxy_flavor: specify the galaxy flavour. (default: galaxy-no-tools, i.e. galaxy without tools).
get_refdata: specify if reference data will be configured (default: false)
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
roles:
- role: indigo-dc.galaxycloud
GALAXY_ADMIN_EMAIL: "[email protected]"
GALAXY_ADMIN_USERNAME: "admin"
GALAXY_VERSION: "release_17.05"
galaxy_instance_key_pub: "your_public_key"
galaxy_instance_description: "INDIGO-CNR test"Install Galaxy setting postgresql passwords:
- hosts: servers
roles:
- role: indigo-dc.galaxycloud
GALAXY_ADMIN_EMAIL: "[email protected]"
GALAXY_ADMIN_USERNAME: "admin"
GALAXY_VERSION: "release_17.05"
galaxy_instance_key_pub: "your_public_key"
galaxy_instance_description: "INDIGO-CNR test"
set_pgsql_random_password: false
galaxy_db_passwd: 'galaxy'
set_proftpd_random_password: false
proftpd_db_passwd: 'galaxy'Setup Galaxy Docker container. The role, using ansible, automatically recognize the virtual platform (virtual machine or Docker contanier).
- hosts: servers
roles:
- role: indigo-dc.galaxycloud
GALAXY_ADMIN_EMAIL: "[email protected]"
GALAXY_ADMIN_USERNAME: "admin"
GALAXY_VERSION: "release_17.05"
galaxy_instance_key_pub: "your_public_key"
galaxy_instance_description: "INDIGO-CNR test"
supervisor_manage_postgres: "True"
supervisor_manage_nginx: "True"
supervisor_manage_proftpd: "True"Apache Licence v2
Galaxy: https://galaxyproject.org/
Apache licence: http://www.apache.org/licenses/LICENSE-2.0