Skip to content

SURFscz/SRAM-deploy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3,428 Commits

.github

.github

 
 

callback_plugins

callback_plugins

 
 

ci-runner

ci-runner

 
 

docker

docker

 
 

environments

environments

 
 

filter_plugins

filter_plugins

 
 

group_vars

group_vars

 
 

roles

roles

 
 

scripts

scripts

 
 

tasks

tasks

 
 

.ansible-lint

.ansible-lint

 
 

.editorconfig

.editorconfig

 
 

.flake8

.flake8

 
 

.gitignore

.gitignore

 
 

.gitmodules

.gitmodules

 
 

.yamllint

.yamllint

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

ansible.cfg

ansible.cfg

 
 

provision.yml

provision.yml

 
 

requirements.yml

requirements.yml

 
 

start-vm

start-vm

 
 

surf-decrypt

surf-decrypt

 
 

surf-deploy

surf-deploy

 
 

surf-run-command

surf-run-command

 
 

Repository files navigation

SURF Research Access Management

build status build status

The SURF Research Access Management (SRAM) project offers a Membership Management System for research collaborations. It is a middleware solution for researchers, which allows them to

  • log in using credentials from their university, as well as support (international) 'guests';
  • handle (Identity and) Access Management (IAM) for their collaborations;
  • allow members of their collaborations easy access to services (like web applications, databases, storage solutions, compute facilities, etc.);

It is meant to be used in combination with a (SAML/OIDC) identity federation and proxy such as EduTEAMS, but can be used stand-alone in combination with a single OIDC OP.

More information can be obtained from https://wiki.surfnet.nl/display/sram.

Technical

The SRAM is comprised of a number of open source components:

SBS

SBS is the actual Membership Management UI. See https://github.com/SURFscz/SBS.

OpenLDAP

OpenLDAP is used to expose authorization information to services.

pLSC (LDAP Synchronisation Connector)

pLSC is used to synchronize information from SBS to OpenLDAP. See https://github.com/SURFscz/plsc.

SRAM-deploy

This repository consists of an Ansible playbook to install a complete SRAM-platform.

WARNING

The instructions below are meant to deploy a TEST, DEV or DEMO environment and should never be used to deploy a PRODUCTION setup!

We support this on both Linux (tested on Ubuntu 20.04, experimental on openSUSE Tumbleweed) and OSX/MacOS (tested on Big Sur). The system is deployed to a number of docker containers.

To get started, do the following:

  • install Docker (>=19.03) and Ansible (>=2.10)

    Ubuntu/Debian: apt install ansible docker.io docker-compose

    OpenSUSE Tumbleweed: zypper install ansible docker docker-compose

    MacOS: see http://docs.ansible.com/ansible/latest/intro_installation.html#latest-releases-on-mac-osx and https://docs.docker.com/docker-for-mac/

  • Install required ansible modules

    ansible-galaxy install -r requirements.yml
ansible-galaxy collection install -r requirements.yml

  • Set up the containers and start the deploy:

    ./start-vm

    This will boot 8 containers and run ansible to deploy SRAM to these 8 hosts.

  • Alternatives:

    ./start-vm --skip-ansible

    This will start the containers, and skip the deploy.

    ./start-vm --skip-vm [params]

    This will skip the start of containers and deploy the software, [params] added to the ansible command.

  • After the deploy finishes, you should be able to browse to https://sbs.scz-vm.net (accept certificate) and login using the default platform admin credentials admin/admin

About

Deploy scripts for the SCZ

Topics

ansible ldap research collaboration saml2 openid-connect oidc comanage scz satosa science-collaboration-zone

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

4 stars

Watchers

9 watching

Forks

5 forks
Report repository

Releases

61 tags

Packages

No packages published

Contributors 9

Languages