From 79f2b2b1573e520d6b050d7455e049879992493d Mon Sep 17 00:00:00 2001
From: Massimo Sgaravatto <sgaravat@lxsgaravat.pd.infn.it>
Date: Mon, 3 Jun 2024 17:22:40 +0200
Subject: [PATCH 1/3] Changes for rgw
---
source/users_guides/general/rclone_minio.rst | 22 +++++++++++++-------
1 file changed, 14 insertions(+), 8 deletions(-)
diff --git a/source/users_guides/general/rclone_minio.rst b/source/users_guides/general/rclone_minio.rst
index c0db5952..d4915177 100644
--- a/source/users_guides/general/rclone_minio.rst
+++ b/source/users_guides/general/rclone_minio.rst
@@ -26,6 +26,8 @@ Installing Rclone
Go to the `releases page <https://github.com/DODAS-TS/rclone/releases>`_ and
download the most recent version for your platform.
+TBC
+
Installing oidc-agent
=====================
@@ -72,17 +74,21 @@ Rclone can be configured in a single command, where you specify:
.. code-block:: bash
- rclone_linux config create minio s3 provider "INFN Cloud" account oidc_client oidc_agent True endpoint https://minio.cloud.infn.it/
+ rclone config create rgw-backbone s3 provider "INFN Cloud" account oidc_client oidc_agent True endpoint https://rgw.cloud.infn.it/ role_name IAMaccess audience object env_auth false
.. code-block:: ini
- [minio]
+ [rgw-backbone]
type = s3
provider = INFN Cloud
account = oidc_client
oidc_agent = True
- endpoint = https://minio.cloud.infn.it/
+ endpoint = https://rgw.cloud.infn.it/
+ role_name = IAMaccess
+ audience = object
+ env_auth = false
+
Usage
@@ -98,14 +104,14 @@ A non-comprehensive list of examples is reported below:
.. code-block:: bash
- rclone_linux ls minio:/<object> # list the specified object, bucket
+ rclone_linux ls rgw-backbone:/<object> # list the specified object, bucket
# file, or folder
- rclone_linux cat minio:/<object> # dump the content of the specified
+ rclone_linux cat rgw-backbone:/<object> # dump the content of the specified
# object to stdout
rclone_linux copy <source> <dest> # copy the "source" into destination
# "dest". One of the two can be a
- # "minio:/<object>"
- rclone_linux delete minio:/<object> # delete the specified object
+ # "rgw-backbone:/<object>"
+ rclone_linux delete rgw-backbone:/<object> # delete the specified object
Mount as a filesystem
@@ -117,7 +123,7 @@ remote filesystems.
.. code-block:: bash
mkdir -p ~/infncloud
- ./rclone_linux mount minio:/cpellegr ~/infncloud/ --daemon
+ ./rclone_linux mount rgw-backbone:/cpellegr ~/infncloud/ --daemon
To un-mount the filesystem use the ``fusermount`` command:
--
GitLab
From ed296eec051fdcd7d78449989b99aa15777621e2 Mon Sep 17 00:00:00 2001
From: Alessandro Pascolini <alessandro.pascolini@cnaf.infn.it>
Date: Tue, 4 Jun 2024 15:30:53 +0200
Subject: [PATCH 2/3] Adding info on configuration of rclone and oidc-agent
---
source/users_guides/general/rclone_minio.rst | 28 ++++++++++++++------
1 file changed, 20 insertions(+), 8 deletions(-)
diff --git a/source/users_guides/general/rclone_minio.rst b/source/users_guides/general/rclone_minio.rst
index d4915177..43ffd3b3 100644
--- a/source/users_guides/general/rclone_minio.rst
+++ b/source/users_guides/general/rclone_minio.rst
@@ -26,7 +26,8 @@ Installing Rclone
Go to the `releases page <https://github.com/DODAS-TS/rclone/releases>`_ and
download the most recent version for your platform.
-TBC
+
+TBC --> aspettiamo i link agli eseguibili
Installing oidc-agent
@@ -38,6 +39,22 @@ Follow the instructions listed in the official `installation guide
Configuration
=============
+.. IMPORTANT ::
+
+ Please note that with ``oidc-agent`` >= 5 aud mode must be specified in
+ the confiugration. It can be configured with by creating the file
+ ``$HOME/.config/oidc-agent/issuer.config.d/infn-cloud`` with the following
+ content.
+
+ .. code-block:: bash
+
+ {
+ "issuer": "https://iam.cloud.infn.it/",
+ "register": "https://iam.cloud.infn.it/manage/dev/dynreg",
+ "legacy_aud_mode": true
+ }
+
+
oidc client
-----------
@@ -70,19 +87,14 @@ scopes.
Rclone
------
-Rclone can be configured in a single command, where you specify:
-
-.. code-block:: bash
-
- rclone config create rgw-backbone s3 provider "INFN Cloud" account oidc_client oidc_agent True endpoint https://rgw.cloud.infn.it/ role_name IAMaccess audience object env_auth false
-
+Rclone can be configured creating the file ``$HOME/.config/rclone/rclone.conf`` with the following content:
.. code-block:: ini
[rgw-backbone]
type = s3
provider = INFN Cloud
- account = oidc_client
+ account = <oidc_client_name>
oidc_agent = True
endpoint = https://rgw.cloud.infn.it/
role_name = IAMaccess
--
GitLab
From 42bd34dc8b5a9cc6d9e6723445adac7aa8e8e385 Mon Sep 17 00:00:00 2001
From: Carmen Giugliano <carmen.giugliano@cern.ch>
Date: Wed, 5 Jun 2024 10:15:39 +0200
Subject: [PATCH 3/3] aggiunte istruzioni per rclone_linux
---
source/users_guides/general/rclone_minio.rst | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/source/users_guides/general/rclone_minio.rst b/source/users_guides/general/rclone_minio.rst
index 43ffd3b3..87201bf7 100644
--- a/source/users_guides/general/rclone_minio.rst
+++ b/source/users_guides/general/rclone_minio.rst
@@ -24,11 +24,22 @@ customised version of `Rclone <https://github.com/DODAS-TS/rclone>`_ and the
Installing Rclone
=================
-Go to the `releases page <https://github.com/DODAS-TS/rclone/releases>`_ and
+Go to the `releases page <https://repo.cloud.cnaf.infn.it/#browse/browse:rclone>`_ and
download the most recent version for your platform.
-TBC --> aspettiamo i link agli eseguibili
+Please find below the instructions to download and test Rclone for linux:
+.. code-block:: bash
+
+ #download rclone
+
+ wget https://repo.cloud.cnaf.infn.it/repository/rclone/rclone-linux/2.0.0/rclone-linux-2.0.0 -O rclone_linux
+
+ #make it executable
+ chmod x rclone_linux
+
+ #test if it is executable
+ ./rclone_linux --help
Installing oidc-agent
=====================
--
GitLab