refactor: replace user centos with ec2-user

ops/infrastructure/bastion_playbook.yml

@@ -77,7 +77,7 @@
  ansible.builtin.copy:
  src: '{{ backup_file }}'
  dest: "/home/ec2-user/database_bootstrap.backup"
- owner: centos
+ owner: ec2-user
  group:
  when: backup_file
 
@@ -94,8 +94,8 @@
  path: "{{ item }}"
  state: directory
  mode: '0755'
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  loop:
  - "/home/ec2-user/downloads"
  - "/home/ec2-user/converted"
@@ -105,17 +105,17 @@
  ansible.builtin.copy:
  src: "../../../../gigadb/app/tools/files-url-updater/databaseReset.sh"
  dest: /usr/local/bin/databaseReset
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  mode: a+x
 
  - name: Create a bin and log directory (for composer and cronjob logging) if it does not exist
  ansible.builtin.file:
  path: "/home/ec2-user/{{ item }}"
  state: directory
  mode: '0755'
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  loop:
  - "logs"
 
@@ -150,52 +150,52 @@
  ansible.builtin.copy:
  src: "../../../../gigadb/app/tools/excel-spreadsheet-uploader/execute.sh"
  dest: /usr/local/bin/datasetUpload
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  mode: a+x
 
  - name: Copy dataset upload tool shell post upload script
  ansible.builtin.copy:
  src: "../../../../gigadb/app/tools/excel-spreadsheet-uploader/postUpload.sh"
  dest: /usr/local/bin/postUpload
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  mode: a+x
 
  - name: Copy script for updating the md5 values and file size to db
  ansible.builtin.copy:
  src: "../../../../gigadb/app/tools/excel-spreadsheet-uploader/filesMetaToDb.sh"
  dest: /usr/local/bin/filesMetaToDb
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  mode: a+x
 
  - name: Create env file for database (for pg_client docker service)
  ansible.builtin.template:
  src: ../../../../gigadb/app/tools/excel-spreadsheet-uploader/env.j2
  dest: /home/ec2-user/db-env
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  mode: 0644
 
  - name: Create directories for dataset upload operations
  ansible.builtin.file:
  path: "{{ item }}"
  state: directory
  mode: '0755'
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  loop:
  - "/home/ec2-user/uploadLogs"
  - "/home/ec2-user/uploadDir"
 
- - name: Ensure centos user has GIGADB_ENV set
+ - name: Ensure ec2-user user has GIGADB_ENV set
  ansible.builtin.lineinfile:
  path: /home/ec2-user/.bash_profile
  insertafter: '# User specific environment and startup programs\n'
  line: "GIGADB_ENV={{ gigadb_environment }}"
 
- - name: Ensure centos user has GITLAB_PROJECT set
+ - name: Ensure ec2-user user has GITLAB_PROJECT set
  ansible.builtin.lineinfile:
  path: /home/ec2-user/.bash_profile
  insertafter: '# User specific environment and startup programs\n'
@@ -212,15 +212,15 @@
  path: "/etc/aws"
  state: directory
  mode: '0755'
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
 
  - name: Create AWS credential file for access to AWS S3 metadata bucket
  template:
  src: ../../../../ops/configuration/aws-conf/credentials.j2
  dest: "/etc/aws/credentials"
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  mode: 0644
 
 - name: Create setup for generating and uploading database dump files to S3
@@ -234,8 +234,8 @@
  path: /home/ec2-user/.config/rclone
  state: directory
  mode: '0755'
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
 
  - name: Create AWS S3 configuration for rclone
  template:
@@ -250,8 +250,8 @@
  path: "{{ item }}"
  state: directory
  mode: '0755'
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  loop:
  - "/home/ec2-user/backups"
 
@@ -284,24 +284,24 @@
  ansible.builtin.copy:
  content: 'df -h | grep /dev/ | cut -d " " -f10 | cut -d% -f1'
  dest: /home/ec2-user/diskUsage
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  mode: a+x
 
  - name: Create the Gitter notify script
  ansible.builtin.copy:
  content: "source /home/ec2-user/.env;curl -X POST -i -H \"Content-Type: application/json\" -H \"Accept: application/json\" -H \"Authorization: Bearer $GITTER_API_TOKEN\" \"https://api.gitter.im/v1/rooms/$GITTER_IT_NOTIFICATION_ROOM_ID/chatMessages\" -d '{\"text\":\"Disk space usage requires attention on '\"$DEPLOYMENT_TIER-$GIGADB_ENVIRONMENT\"': '\"$1\"'%\"}'"
  dest: /home/ec2-user/notify
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  mode: a+x
 
  - name: Copy swatch config file
  ansible.builtin.copy:
  src: "{{ item }}"
  dest: /home/ec2-user/
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  loop:
  - "../../../../gigadb/app/tools/disk-usage-monitor/swatch.conf"
  - "../../../../gigadb/app/tools/disk-usage-monitor/check-swatch.conf"
@@ -330,8 +330,8 @@
  ansible.builtin.copy:
  src: "../../../../gigadb/app/tools/readme-generator/createReadme.sh"
  dest: /usr/local/bin/createReadme
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  mode: a+x
 
  # Files created by readme tool container can be accessed in this directory
@@ -340,8 +340,8 @@
  path: /home/ec2-user/readmeFiles
  state: directory
  mode: '0755'
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
 
 - name: Setup files metadata console tool
  hosts: name_bastion_server_{{gigadb_env}}*
@@ -354,16 +354,16 @@
  ansible.builtin.copy:
  src: "../../../../gigadb/app/tools/files-metadata-console/scripts/updateUrls.sh"
  dest: /usr/local/bin/updateUrls
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  mode: a+x
 
  - name: Copy shell script for calculating the file sizes and md5
  ansible.builtin.copy:
  src: "../../../../gigadb/app/tools/files-metadata-console/scripts/md5.sh"
  dest: /usr/local/bin/calculateChecksumSizes
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  mode: a+x
 
  - name: Install gum
@@ -377,8 +377,8 @@
  ansible.builtin.copy:
  src: "../../../../gigadb/app/tools/files-metadata-console/scripts/compare_files.sh"
  dest: /usr/local/bin/compare
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
  mode: a+x
 
 

ops/infrastructure/roles/bastion-users/tasks/main.yml

@@ -4,7 +4,7 @@
  ansible.builtin.user:
  name: "{{ newuser }}"
  shell: /bin/bash
- groups: centos
+ groups: ec2-user
  append: yes
 
 - name: Create a .ssh and uploadDir directories
@@ -22,8 +22,8 @@
  ansible.builtin.file:
  path: "/home/ec2-user/{{ newuser }}.keys"
  state: directory
- owner: centos
- group: centos
+ owner: ec2-user
+ group: ec2-user
 
 - name: Add curator to sudoers
  ansible.builtin.lineinfile:
@@ -61,7 +61,7 @@
  - name: generate key pair
  community.crypto.openssh_keypair:
  path: "/home/ec2-user/{{ newuser }}.keys/id_ssh_rsa"
- owner: centos
+ owner: ec2-user
  register: pk
 
  - debug:

ops/scripts/ansible_init.sh

@@ -101,7 +101,7 @@ webapp_ip=$(terraform output ec2_public_ip | sed 's/"//g')
 files_private_ip=$(terraform output ec2_files_private_ip | sed 's/"//g')
 files_ip=$(terraform output ec2_files_public_ip | sed 's/"//g')
 
-echo "ec2_bastion_login_account = centos@$bastion_ip" >> ansible.properties
+echo "ec2_bastion_login_account = ec2-user@$bastion_ip" >> ansible.properties
 
 # variables needed by disk-usage-monitor
 gitter_room_id=$(curl -s --header "PRIVATE-TOKEN: $GITLAB_PRIVATE_TOKEN" "$FORK_VARIABLES_URL/GITTER_IT_NOTIFICATION_ROOM_ID" | jq -r .value)
@@ -132,9 +132,10 @@ ssh-keygen -R $bastion_ip
 ssh-keygen -R $webapp_private_ip
 ssh-keygen -R $files_private_ip
 # Add the new key
+# Add the new key
 ssh-keyscan -t ecdsa $bastion_ip >> ~/.ssh/known_hosts
-web_host=$(ssh -i $aws_ssh_key centos"@$bastion_ip" ssh-keyscan -t ecdsa "$webapp_private_ip")
-files_host=$(ssh -i $aws_ssh_key centos@"$bastion_ip" ssh-keyscan -t ecdsa "$files_private_ip")
+web_host=$(ssh -i $aws_ssh_key ec2-user"@$bastion_ip" ssh-keyscan -t ecdsa "$webapp_private_ip")
+files_host=$(ssh -i $aws_ssh_key ec2-user"@$bastion_ip" ssh-keyscan -t ecdsa "$files_private_ip")
 echo "$web_host" >> ~/.ssh/known_hosts
 echo "$files_host" >> ~/.ssh/known_hosts