@@ -144,9 +144,9 @@ installSite() {
144144 # will be wrong on the client
145145 ln -s " ${SERVERINSTALLDIR} /diracos/etc/grid-security/certificates/ca.cert.pem" " ${SERVERINSTALLDIR} /diracos/etc/grid-security/certificates/$caHash .0"
146146
147- # Copy the user cert and key to the correct directory
148- cp /ca/certs/client.pem " ${SERVERINSTALLDIR} /user/"
149- cp /ca/certs/client.key " ${SERVERINSTALLDIR} /user/"
147+ # # Copy the user cert and key to the correct directory
148+ # cp /ca/certs/client.pem "${SERVERINSTALLDIR}/user/"
149+ # cp /ca/certs/client.key "${SERVERINSTALLDIR}/user/"
150150
151151 rm -rf " ${SERVERINSTALLDIR} /etc"
152152 ln -s " ${SERVERINSTALLDIR} /diracos/etc" " ${SERVERINSTALLDIR} /etc"
@@ -231,10 +231,10 @@ fullInstallDIRAC() {
231231 cat " ${SERVERINSTALLDIR} /diracos/etc/Production.cfg"
232232 fi
233233
234- if ! diracCredentials; then
235- echo " ERROR: diracCredentials failed" >&2
236- exit 1
237- fi
234+ # if ! diracCredentials; then
235+ # echo "ERROR: diracCredentials failed" >&2
236+ # exit 1
237+ # fi
238238
239239 # just add a site
240240 if ! diracAddSite; then
@@ -243,7 +243,8 @@ fullInstallDIRAC() {
243243 fi
244244
245245 echo " ==> Restarting Configuration Server"
246- dirac-restart-component Configuration Server ${DEBUG}
246+ dirac-restart-component Configuration Server -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
247+ # dirac-restart-component Tornado Tornado -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
247248
248249 # Install the Framework
249250 findDatabases ' FrameworkSystem'
@@ -253,7 +254,6 @@ fullInstallDIRAC() {
253254 exit 1
254255 fi
255256
256- dirac-restart-component Tornado Tornado ${DEBUG}
257257
258258 findServices ' FrameworkSystem'
259259 grep -v ' Tornado' > disetServices
@@ -288,14 +288,14 @@ fullInstallDIRAC() {
288288 cat " ${SERVERINSTALLDIR} /etc/Production.cfg"
289289
290290 echo " ==> Restarting Framework services"
291- dirac-restart-component Framework ' *' ${DEBUG}
292- dirac-restart-component Tornado Tornado ${DEBUG}
291+ dirac-restart-component Framework ' *' -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
292+ # dirac-restart-component Tornado Tornado -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
293293
294294 # Now all the rest
295295
296296 # slave CS
297297 if [[ " ${TEST_HTTPS:- Yes} " = " No" ; then
298- if ! dirac-install-component Configuration TornadoConfiguration " ${DEBUG} " ; then
298+ if ! dirac-install-component Configuration TornadoConfiguration -o /DIRAC/Security/UseServerCertificate=True " ${DEBUG} " ; then
299299 echo ' ERROR: dirac-install-component failed' >&2
300300 exit 1
301301 fi
@@ -309,16 +309,10 @@ fullInstallDIRAC() {
309309 exit 1
310310 fi
311311
312- # upload proxies
313- if ! diracProxies; then
314- echo " ERROR: diracProxies failed" >&2
315- exit 1
316- fi
317-
318312 # fix the DBs (for the FileCatalog and MultiVOFileCatalog)
319313 diracDFCDB
320314 diracMVDFCDB
321- python " ${TESTCODE} /DIRAC/tests/Jenkins/dirac-cfg-update-dbs.py" " ${DEBUG} "
315+ python " ${TESTCODE} /DIRAC/tests/Jenkins/dirac-cfg-update-dbs.py" -o /DIRAC/Security/UseServerCertificate=True " ${DEBUG} "
322316
323317 # services (not looking for FrameworkSystem already installed)
324318 findServices ' exclude' ' FrameworkSystem'
@@ -341,66 +335,66 @@ fullInstallDIRAC() {
341335
342336 # install an additional FileCatalog service for multi VO metadata tests
343337 if [[ " ${TEST_HTTPS:- Yes} " = " No" ; then
344- echo " ==> calling dirac-install-component DataManagement MultiVOFileCatalog -m FileCatalog -p Port=9198 -p Database=MultiVOFileCatalogDB ${DEBUG} "
345- if ! dirac-install-component DataManagement MultiVOFileCatalog -m FileCatalog -p Port=9198 -p Database=MultiVOFileCatalogDB " ${DEBUG} " ; then
338+ echo " ==> calling dirac-install-component DataManagement MultiVOFileCatalog -m FileCatalog -p Port=9198 -p Database=MultiVOFileCatalogDB -o /DIRAC/Security/UseServerCertificate=True ${DEBUG} "
339+ if ! dirac-install-component DataManagement MultiVOFileCatalog -m FileCatalog -p Port=9198 -p Database=MultiVOFileCatalogDB -o /DIRAC/Security/UseServerCertificate=True " ${DEBUG} " ; then
346340 echo ' ERROR: dirac-install-component failed' >&2
347341 exit 1
348342 fi
349343 else
350- echo " ==> calling dirac-install-component DataManagement TornadoMultiVOFileCatalog -m TornadoFileCatalog -p Port=9198 -p Protocol=https -p Database=MultiVOFileCatalogDB ${DEBUG} "
351- if ! dirac-install-component DataManagement TornadoMultiVOFileCatalog -m TornadoFileCatalog -p Port=9198 -p Protocol=https -p Database=MultiVOFileCatalogDB " ${DEBUG} " ; then
344+ echo " ==> calling dirac-install-component DataManagement TornadoMultiVOFileCatalog -m TornadoFileCatalog -p Port=9198 -p Protocol=https -p Database=MultiVOFileCatalogDB -o /DIRAC/Security/UseServerCertificate=True ${DEBUG} "
345+ if ! dirac-install-component DataManagement TornadoMultiVOFileCatalog -m TornadoFileCatalog -p Port=9198 -p Protocol=https -p Database=MultiVOFileCatalogDB -o /DIRAC/Security/UseServerCertificate=True " ${DEBUG} " ; then
352346 echo ' ERROR: dirac-install-component failed' >&2
353347 exit 1
354348 fi
355349 echo " ==> Restarting Tornado Tornado"
356350 dirac-restart-component Tornado Tornado ${DEBUG}
357351 fi
358352 # fix the DFC services options
359- python " ${TESTCODE} /DIRAC/tests/Jenkins/dirac-cfg-update-services.py" " ${DEBUG} "
353+ python " ${TESTCODE} /DIRAC/tests/Jenkins/dirac-cfg-update-services.py" -o /DIRAC/Security/UseServerCertificate=True " ${DEBUG} "
360354
361355 # fix the SandboxStore and other stuff
362- python " ${TESTCODE} /DIRAC/tests/Jenkins/dirac-cfg-update-server.py" " ${DEBUG} "
356+ python " ${TESTCODE} /DIRAC/tests/Jenkins/dirac-cfg-update-server.py" -o /DIRAC/Security/UseServerCertificate=True " ${DEBUG} "
363357
364358 echo " ==> Restarting Tornado Tornado"
365- dirac-restart-component Tornado Tornado ${DEBUG}
359+ # dirac-restart-component Tornado Tornado -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
366360
367361 if [[ " ${TEST_HTTPS:- Yes} " = " No" ; then
368362 echo " ==> Restarting WorkloadManagement SandboxStore"
369- dirac-restart-component WorkloadManagement SandboxStore ${DEBUG}
363+ dirac-restart-component WorkloadManagement SandboxStore -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
370364 echo " ==> Restarting DataManagement FileCatalog"
371- dirac-restart-component DataManagement FileCatalog ${DEBUG}
365+ dirac-restart-component DataManagement FileCatalog -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
372366 echo " ==> Restarting DataManagement MultiVOFileCatalog"
373- dirac-restart-component DataManagement MultiVOFileCatalog ${DEBUG}
367+ dirac-restart-component DataManagement MultiVOFileCatalog -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
374368 echo " ==> Restarting ResourceStatus *"
375- dirac-restart-component ResourceStatus ResourceStatus ${DEBUG}
376- dirac-restart-component ResourceStatus ResourceManagement ${DEBUG}
377- dirac-restart-component ResourceStatus Publisher ${DEBUG}
369+ dirac-restart-component ResourceStatus ResourceStatus -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
370+ dirac-restart-component ResourceStatus ResourceManagement -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
371+ dirac-restart-component ResourceStatus Publisher -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
378372 fi
379373
380374 echo " ==> Restarting WorkloadManagement Matcher"
381- dirac-restart-component WorkloadManagement Matcher ${DEBUG}
375+ dirac-restart-component WorkloadManagement Matcher -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
382376
383377 echo " ==> Restarting Configuration Server"
384- dirac-restart-component Configuration Server ${DEBUG}
378+ dirac-restart-component Configuration Server -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
385379
386380 echo " ==> Restarting DataManagement StorageElement(s)"
387- dirac-restart-component DataManagement SE-1 ${DEBUG}
388- dirac-restart-component DataManagement SE-2 ${DEBUG}
381+ dirac-restart-component DataManagement SE-1 -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
382+ dirac-restart-component DataManagement SE-2 -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
389383
390384 # populate RSS
391385 echo " ==> Populating RSS DB"
392- dirac-rss-sync --element Site --defaultStatus Banned -o LogLevel=VERBOSE
393- dirac-rss-sync --element Resource --defaultStatus Banned -o LogLevel=VERBOSE
386+ dirac-rss-sync --element Site --defaultStatus Banned -o LogLevel=VERBOSE -o /DIRAC/Security/UseServerCertificate=True
387+ dirac-rss-sync --element Resource --defaultStatus Banned -o LogLevel=VERBOSE -o /DIRAC/Security/UseServerCertificate=True
394388 # init RSS
395389 echo " ==> Initializing status of sites and resources in RSS"
396- dirac-rss-sync --init --defaultStatus Banned -o LogLevel=VERBOSE
390+ dirac-rss-sync --init --defaultStatus Banned -o LogLevel=VERBOSE -o /DIRAC/Security/UseServerCertificate=True
397391 # Setting by hand
398- dirac-rss-set-status --element Resource --name ProductionSandboxSE --status Active --reason " Why not?"
399- dirac-rss-set-status --element Resource --name jenkins.cern.ch --status Active --reason " Why not?"
400- dirac-rss-set-status --element Resource --name JENKINS-FTS3 --status Active --reason " Why not?"
401- dirac-rss-set-status --element Resource --name FileCatalog --status Active --reason " Why not?"
402- dirac-rss-set-status --element Site --name DIRAC.Jenkins.ch --status Active --reason " Why not?"
403- dirac-admin-allow-se SE-1 SE-2 S3-DIRECT S3-INDIRECT --All
392+ dirac-rss-set-status --element Resource --name ProductionSandboxSE --status Active --reason " Why not?" -o /DIRAC/Security/UseServerCertificate=True
393+ dirac-rss-set-status --element Resource --name jenkins.cern.ch --status Active --reason " Why not?" -o /DIRAC/Security/UseServerCertificate=True
394+ dirac-rss-set-status --element Resource --name JENKINS-FTS3 --status Active --reason " Why not?" -o /DIRAC/Security/UseServerCertificate=True
395+ dirac-rss-set-status --element Resource --name FileCatalog --status Active --reason " Why not?" -o /DIRAC/Security/UseServerCertificate=True
396+ dirac-rss-set-status --element Site --name DIRAC.Jenkins.ch --status Active --reason " Why not?" -o /DIRAC/Security/UseServerCertificate=True
397+ dirac-admin-allow-se SE-1 SE-2 S3-DIRECT S3-INDIRECT --All -o /DIRAC/Security/UseServerCertificate=True
404398
405399 # agents
406400 findAgents
@@ -418,20 +412,20 @@ fullInstallDIRAC() {
418412
419413 if [[ " ${TEST_HTTPS:- Yes} " = " No" ; then
420414 echo " ==> Restarting WorkloadManagement JobManager"
421- dirac-restart-component WorkloadManagement JobManager ${DEBUG}
415+ dirac-restart-component WorkloadManagement JobManager -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
422416 else
423417 echo " ==> Restarting Tornado Tornado"
424- dirac-restart-component Tornado Tornado ${DEBUG}
418+ dirac-restart-component Tornado Tornado -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
425419 fi
426420
427421 echo ' Content of etc/Production.cfg:'
428422 cat " ${SERVERINSTALLDIR} /etc/Production.cfg"
429423
430424 echo " ==> Restarting Configuration Server"
431- dirac-restart-component Configuration Server ${DEBUG}
425+ dirac-restart-component Configuration Server -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
432426
433427 echo " ==> Restarting Tornado Tornado"
434- dirac-restart-component Tornado Tornado ${DEBUG}
428+ # dirac-restart-component Tornado Tornado -o /DIRAC/Security/UseServerCertificate=True ${DEBUG}
435429
436430}
437431
0 commit comments