2017-09-20 10:11:05 +08:00
|
|
|
---
|
|
|
|
|
# install packages and generate shared configuration files
|
|
|
|
|
- name: install the packages required for ODCS
|
2017-09-27 18:28:20 +00:00
|
|
|
package:
|
|
|
|
|
pkg: "{{ item }}"
|
2017-09-20 10:11:05 +08:00
|
|
|
with_items:
|
2018-08-30 13:02:50 +00:00
|
|
|
- python3-psycopg2
|
|
|
|
|
- python3-odcs-common
|
2019-10-21 09:04:34 +00:00
|
|
|
- python3-celery
|
2017-09-20 10:11:05 +08:00
|
|
|
- odcs
|
2019-10-24 10:30:32 +00:00
|
|
|
- httpd
|
2020-04-21 05:27:48 +00:00
|
|
|
- make
|
|
|
|
|
- libxml2
|
|
|
|
|
- intltool
|
2017-09-20 10:11:05 +08:00
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
|
|
|
|
|
- name: install the latest ODCS packagess
|
2017-09-27 18:28:20 +00:00
|
|
|
package:
|
|
|
|
|
pkg: "{{ item }}"
|
2017-09-20 10:11:05 +08:00
|
|
|
with_items:
|
2018-08-30 13:02:50 +00:00
|
|
|
- python3-odcs-common
|
2017-09-20 10:11:05 +08:00
|
|
|
- odcs
|
2020-05-04 13:53:28 +02:00
|
|
|
- odcs-client
|
2017-09-20 10:11:05 +08:00
|
|
|
when: odcs_upgrade
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
|
2020-06-04 11:11:43 +02:00
|
|
|
- name: Enable the mod_auth_openidc module on rhel8
|
|
|
|
|
copy:
|
|
|
|
|
dest: /etc/dnf/modules.d/mod_auth_openidc.module
|
|
|
|
|
content: |
|
|
|
|
|
[mod_auth_openidc]
|
|
|
|
|
name=mod_auth_openidc
|
|
|
|
|
stream=2.3
|
|
|
|
|
profiles=
|
|
|
|
|
state=enabled
|
|
|
|
|
when: datacenter == "iad2"
|
|
|
|
|
|
2017-09-20 10:11:05 +08:00
|
|
|
# install required packages for frontend here, as we may
|
|
|
|
|
# need to reload httpd in next task when host is frontend
|
|
|
|
|
- name: install the packages required for ODCS frontend
|
2017-09-27 18:28:20 +00:00
|
|
|
package:
|
|
|
|
|
pkg: "{{ item }}"
|
2017-09-20 10:11:05 +08:00
|
|
|
state: present
|
|
|
|
|
with_items:
|
|
|
|
|
- mod_auth_openidc
|
2018-08-30 13:02:50 +00:00
|
|
|
- python3-mod_wsgi
|
2017-09-20 10:11:05 +08:00
|
|
|
when: inventory_hostname.startswith('odcs-frontend')
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
2017-09-24 20:48:32 +08:00
|
|
|
- odcs/frontend
|
2017-09-20 10:11:05 +08:00
|
|
|
|
|
|
|
|
- name: install the packages required for ODCS backend
|
2017-09-27 18:28:20 +00:00
|
|
|
package:
|
|
|
|
|
pkg: "{{ item }}"
|
2017-09-20 10:11:05 +08:00
|
|
|
state: present
|
|
|
|
|
with_items:
|
|
|
|
|
- koji
|
|
|
|
|
when: inventory_hostname.startswith('odcs-backend')
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
2017-09-24 20:48:32 +08:00
|
|
|
- odcs/backend
|
2017-09-20 10:11:05 +08:00
|
|
|
|
2020-03-18 10:41:56 +00:00
|
|
|
- name: create odcs-server group
|
|
|
|
|
group:
|
|
|
|
|
name: odcs-server
|
|
|
|
|
gid: 64321
|
|
|
|
|
state: present
|
|
|
|
|
|
|
|
|
|
- name: create odcs-server user
|
|
|
|
|
user:
|
|
|
|
|
name: odcs-server
|
|
|
|
|
uid: 64321
|
|
|
|
|
group: odcs-server
|
|
|
|
|
|
2019-10-21 13:43:31 +00:00
|
|
|
- name: create ODCS_TARGET_DIR
|
2020-08-03 11:10:44 -04:00
|
|
|
file:
|
|
|
|
|
path: "{{ item }}"
|
|
|
|
|
state: directory
|
|
|
|
|
owner: odcs-server
|
|
|
|
|
group: odcs-server
|
|
|
|
|
mode: 0775
|
|
|
|
|
# recurse: yes
|
|
|
|
|
follow: no
|
|
|
|
|
with_items:
|
|
|
|
|
- "{{ odcs_target_dir }}"
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/frontend
|
|
|
|
|
|
|
|
|
|
- name: create ODCS_TARGET_DIR private
|
2019-10-21 13:43:31 +00:00
|
|
|
file:
|
2020-03-17 05:55:10 +00:00
|
|
|
path: "{{ item }}"
|
2019-10-21 13:43:31 +00:00
|
|
|
state: directory
|
2020-03-18 10:41:56 +00:00
|
|
|
owner: odcs-server
|
|
|
|
|
group: odcs-server
|
2020-06-11 16:57:19 +02:00
|
|
|
mode: 0770
|
2020-03-18 10:59:24 +00:00
|
|
|
# recurse: yes
|
2019-10-21 13:43:31 +00:00
|
|
|
follow: no
|
2020-03-17 05:55:10 +00:00
|
|
|
with_items:
|
2020-08-03 11:10:44 -04:00
|
|
|
- "{{ odcs_target_dir }}/private"
|
2019-10-21 13:43:31 +00:00
|
|
|
tags:
|
2020-08-03 11:10:44 -04:00
|
|
|
- odcs
|
|
|
|
|
- odcs/frontend
|
2019-10-21 13:43:31 +00:00
|
|
|
|
2020-03-18 13:15:17 +00:00
|
|
|
- name: ensure ODCS service directories have right ownership
|
2020-03-18 12:59:24 +00:00
|
|
|
file:
|
2020-03-18 13:15:17 +00:00
|
|
|
path: "{{ item }}"
|
2020-03-18 12:59:24 +00:00
|
|
|
state: directory
|
|
|
|
|
owner: odcs-server
|
|
|
|
|
group: odcs-server
|
|
|
|
|
recurse: yes
|
|
|
|
|
follow: no
|
2020-03-18 13:15:17 +00:00
|
|
|
with_items:
|
|
|
|
|
- /var/run/odcs-backend
|
|
|
|
|
- /var/log/odcs-backend
|
2020-03-18 12:59:24 +00:00
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/backend
|
2020-03-17 05:55:10 +00:00
|
|
|
|
2020-03-18 14:05:23 +00:00
|
|
|
|
2017-09-20 10:11:05 +08:00
|
|
|
# this app config is shared by backend and frontend, but has different
|
|
|
|
|
# owner groups on backend and frontend, and notify different handlers,
|
|
|
|
|
# we can have vars set for frontend and backend seperately to do that,
|
|
|
|
|
# but it looks a little weird to have such special vars in
|
2017-09-24 20:48:32 +08:00
|
|
|
# inventory/group_vars/odcs-*, also we don't want to repeat the same
|
|
|
|
|
# required vars in frontend and backend, so just have 2 tasks in base
|
|
|
|
|
# to keep it simple.
|
2017-09-20 10:11:05 +08:00
|
|
|
- name: generate the ODCS app config for frontend
|
|
|
|
|
template:
|
|
|
|
|
src: etc/odcs/config.py.j2
|
|
|
|
|
dest: /etc/odcs/config.py
|
2020-03-18 10:41:56 +00:00
|
|
|
owner: odcs-server
|
2017-09-20 10:11:05 +08:00
|
|
|
group: apache
|
|
|
|
|
mode: 0440
|
|
|
|
|
notify:
|
|
|
|
|
- restart apache
|
|
|
|
|
when: inventory_hostname.startswith('odcs-frontend')
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
2017-09-24 20:48:32 +08:00
|
|
|
- odcs/frontend
|
2017-09-20 10:11:05 +08:00
|
|
|
|
|
|
|
|
- name: generate the ODCS app config for backend
|
|
|
|
|
template:
|
|
|
|
|
src: etc/odcs/config.py.j2
|
|
|
|
|
dest: /etc/odcs/config.py
|
2020-03-18 10:41:56 +00:00
|
|
|
owner: odcs-server
|
|
|
|
|
group: odcs-server
|
2017-09-20 10:11:05 +08:00
|
|
|
mode: 0440
|
|
|
|
|
notify:
|
2019-10-21 07:53:58 +00:00
|
|
|
- restart odcs-celery-backend
|
2017-09-20 10:11:05 +08:00
|
|
|
when: inventory_hostname.startswith('odcs-backend')
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
2017-09-24 20:48:32 +08:00
|
|
|
- odcs/backend
|
2017-12-11 08:48:28 +00:00
|
|
|
|
2018-01-18 07:03:01 +00:00
|
|
|
- name: generate the ODCS raw_config_wrapper config for backend
|
|
|
|
|
template:
|
|
|
|
|
src: etc/odcs/raw_config_wrapper.conf.j2
|
|
|
|
|
dest: /etc/odcs/raw_config_wrapper.conf
|
2020-03-18 10:41:56 +00:00
|
|
|
owner: odcs-server
|
|
|
|
|
group: odcs-server
|
2018-01-18 07:03:01 +00:00
|
|
|
mode: 0440
|
|
|
|
|
notify:
|
2019-10-21 07:53:58 +00:00
|
|
|
- restart odcs-celery-backend
|
2018-01-18 07:03:01 +00:00
|
|
|
when: inventory_hostname.startswith('odcs-backend')
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/backend
|
|
|
|
|
|
|
|
|
|
- name: generate the ODCS runroot_koji config for backend
|
|
|
|
|
template:
|
|
|
|
|
src: etc/odcs/runroot_koji.conf.j2
|
|
|
|
|
dest: /etc/odcs/runroot_koji.conf
|
2020-03-18 10:41:56 +00:00
|
|
|
owner: odcs-server
|
|
|
|
|
group: odcs-server
|
2018-01-18 07:03:01 +00:00
|
|
|
mode: 0440
|
|
|
|
|
notify:
|
2019-10-21 07:53:58 +00:00
|
|
|
- restart odcs-celery-backend
|
2018-01-18 07:03:01 +00:00
|
|
|
when: inventory_hostname.startswith('odcs-backend')
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/backend
|
|
|
|
|
|
2018-06-21 12:42:02 +00:00
|
|
|
- name: Make sure the /etc/fedmsg.d/odcs.py file (provided by rpm) is absent.
|
|
|
|
|
file:
|
|
|
|
|
path: /etc/fedmsg.d/odcs.py
|
|
|
|
|
state: absent
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/backend
|
|
|
|
|
|
2017-12-11 09:03:03 +00:00
|
|
|
- name: copy the ODCS pungi config template to backend
|
2018-06-21 12:20:44 +00:00
|
|
|
copy:
|
|
|
|
|
src: "{{ roles_path }}/odcs/base/files/pungi.conf"
|
|
|
|
|
dest: /etc/odcs/pungi.conf
|
2020-03-18 10:41:56 +00:00
|
|
|
owner: odcs-server
|
|
|
|
|
group: odcs-server
|
2018-06-21 12:20:44 +00:00
|
|
|
mode: 0640
|
2017-12-11 08:48:28 +00:00
|
|
|
notify:
|
2019-10-21 07:53:58 +00:00
|
|
|
- restart odcs-celery-backend
|
2017-12-11 08:48:28 +00:00
|
|
|
when: inventory_hostname.startswith('odcs-backend')
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/backend
|
2019-10-21 07:53:58 +00:00
|
|
|
|
|
|
|
|
- name: copy the odcs-celery-backend.service file.
|
2019-10-21 08:08:08 +00:00
|
|
|
template:
|
|
|
|
|
src: "etc/systemd/system/odcs-celery-backend.service.j2"
|
2019-10-21 07:53:58 +00:00
|
|
|
dest: /etc/systemd/system/odcs-celery-backend.service
|
2020-03-18 10:41:56 +00:00
|
|
|
owner: odcs-server
|
|
|
|
|
group: odcs-server
|
2019-10-21 07:53:58 +00:00
|
|
|
mode: 0640
|
|
|
|
|
notify:
|
|
|
|
|
- restart odcs-celery-backend
|
|
|
|
|
when: inventory_hostname.startswith('odcs-backend')
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/backend
|
|
|
|
|
|
2019-10-22 13:45:15 +00:00
|
|
|
- name: copy the odcs-celery-beat.service file.
|
|
|
|
|
template:
|
|
|
|
|
src: "etc/systemd/system/odcs-celery-beat.service.j2"
|
|
|
|
|
dest: /etc/systemd/system/odcs-celery-beat.service
|
2020-03-18 10:41:56 +00:00
|
|
|
owner: odcs-server
|
|
|
|
|
group: odcs-server
|
2019-10-22 13:45:15 +00:00
|
|
|
mode: 0640
|
|
|
|
|
notify:
|
|
|
|
|
- restart odcs-celery-beat
|
|
|
|
|
when: inventory_hostname.startswith('odcs-frontend')
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/frontend
|
|
|
|
|
|
2020-08-06 09:30:52 +02:00
|
|
|
- name: Reload systemd daemon
|
|
|
|
|
systemd:
|
|
|
|
|
daemon_reload: yes
|
2019-10-23 09:22:54 +00:00
|
|
|
tags:
|
|
|
|
|
- odcs
|
2020-08-06 09:30:52 +02:00
|
|
|
- odcs/backend
|
2019-10-23 09:22:54 +00:00
|
|
|
- odcs/frontend
|
2020-08-06 09:30:52 +02:00
|
|
|
|
|
|
|
|
- name: enable ODCS backend (odcs-celery-backend)
|
2020-08-06 09:35:03 +02:00
|
|
|
service:
|
2020-08-06 09:30:52 +02:00
|
|
|
name: odcs-celery-backend
|
|
|
|
|
enabled: yes
|
|
|
|
|
when: inventory_hostname.startswith('odcs-backend')
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
2019-10-23 09:22:54 +00:00
|
|
|
- odcs/backend
|
|
|
|
|
|
2019-10-22 13:45:15 +00:00
|
|
|
- name: enable ODCS beat (odcs-celery-beat)
|
2020-08-06 09:35:03 +02:00
|
|
|
service:
|
2019-10-22 13:45:15 +00:00
|
|
|
name: odcs-celery-beat
|
|
|
|
|
enabled: yes
|
|
|
|
|
when: inventory_hostname.startswith('odcs-frontend')
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/frontend
|
|
|
|
|
|
2020-08-06 09:30:52 +02:00
|
|
|
- name: copy the fedora-messaging.toml.j2 file.
|
|
|
|
|
template:
|
|
|
|
|
src: "fedora-messaging.toml.j2"
|
|
|
|
|
dest: /etc/fedora-messaging/config.toml
|
|
|
|
|
owner: odcs-server
|
|
|
|
|
group: odcs-server
|
|
|
|
|
mode: 0640
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/frontend
|
|
|
|
|
- odcs/backend
|
|
|
|
|
|
2019-10-21 07:53:58 +00:00
|
|
|
- name: copy the odcs-backend.conf tmpfiles.d file.
|
|
|
|
|
copy:
|
2019-10-21 08:29:28 +00:00
|
|
|
src: "{{ roles_path }}/odcs/base/files/tmpfiles.d/odcs-backend.conf"
|
2019-10-21 07:53:58 +00:00
|
|
|
dest: /etc/tmpfiles.d/odcs-backend.conf
|
2020-03-18 10:41:56 +00:00
|
|
|
owner: odcs-server
|
|
|
|
|
group: odcs-server
|
2019-10-21 07:53:58 +00:00
|
|
|
mode: 0640
|
|
|
|
|
notify:
|
|
|
|
|
- restart odcs-celery-backend
|
|
|
|
|
when: inventory_hostname.startswith('odcs-backend')
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/backend
|
|
|
|
|
|
2023-05-19 09:16:49 +02:00
|
|
|
- name: configure logrotate
|
|
|
|
|
copy:
|
2023-05-19 10:16:06 +02:00
|
|
|
src: "{{ roles_path }}/odcs/base/files/logrotate.d/odcs"
|
2023-05-19 09:16:49 +02:00
|
|
|
dest: /etc/logrotate.d/odcs
|
|
|
|
|
when: inventory_hostname.startswith('odcs-backend')
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/backend
|
|
|
|
|
|
2019-10-21 07:53:58 +00:00
|
|
|
- name: Run systemd-tmpfiles --create
|
|
|
|
|
command: systemd-tmpfiles --create
|
|
|
|
|
args:
|
|
|
|
|
creates: /var/run/odcs-backend
|
|
|
|
|
notify:
|
|
|
|
|
- restart odcs-celery-backend
|
|
|
|
|
when: inventory_hostname.startswith('odcs-backend')
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/backend
|
|
|
|
|
|
2019-10-23 09:22:54 +00:00
|
|
|
- name: copy the odcs rabbitmq private queue crt.
|
2019-10-22 08:39:33 +00:00
|
|
|
copy:
|
|
|
|
|
src: "{{private}}/files/rabbitmq/{{env}}/pki/issued/odcs-private-queue{{env_suffix}}.crt"
|
|
|
|
|
dest: /etc/odcs/odcs-private-queue.crt
|
2020-03-18 10:41:56 +00:00
|
|
|
owner: odcs-server
|
2019-10-24 06:25:53 +00:00
|
|
|
group: apache
|
2019-10-22 08:39:33 +00:00
|
|
|
mode: 0640
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/backend
|
|
|
|
|
- odcs/frontend
|
|
|
|
|
|
2019-10-23 09:22:54 +00:00
|
|
|
- name: copy the odcs rabbitmq private queue key.
|
2019-10-22 08:39:33 +00:00
|
|
|
copy:
|
|
|
|
|
src: "{{private}}/files/rabbitmq/{{env}}/pki/private/odcs-private-queue{{env_suffix}}.key"
|
|
|
|
|
dest: /etc/odcs/odcs-private-queue.key
|
2020-03-18 10:41:56 +00:00
|
|
|
owner: odcs-server
|
2019-10-24 06:25:53 +00:00
|
|
|
group: apache
|
2019-10-22 08:39:33 +00:00
|
|
|
mode: 0640
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/backend
|
|
|
|
|
- odcs/frontend
|
|
|
|
|
|
2019-10-23 09:22:54 +00:00
|
|
|
- name: copy the odcs rabbitmq crt.
|
|
|
|
|
copy:
|
|
|
|
|
src: "{{private}}/files/rabbitmq/{{env}}/pki/issued/odcs{{env_suffix}}.crt"
|
|
|
|
|
dest: /etc/odcs/odcs-rabbitmq.crt
|
2020-03-18 10:41:56 +00:00
|
|
|
owner: odcs-server
|
2019-10-23 11:52:25 +00:00
|
|
|
group: apache
|
2019-10-23 09:22:54 +00:00
|
|
|
mode: 0640
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/backend
|
|
|
|
|
- odcs/frontend
|
|
|
|
|
|
|
|
|
|
- name: copy the odcs rabbitmq key.
|
|
|
|
|
copy:
|
2019-10-23 11:09:50 +00:00
|
|
|
src: "{{private}}/files/rabbitmq/{{env}}/pki/private/odcs{{env_suffix}}.key"
|
2019-10-23 09:22:54 +00:00
|
|
|
dest: /etc/odcs/odcs-rabbitmq.key
|
2020-03-18 10:41:56 +00:00
|
|
|
owner: odcs-server
|
2019-10-23 11:52:25 +00:00
|
|
|
group: apache
|
2019-10-23 09:22:54 +00:00
|
|
|
mode: 0640
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/backend
|
2019-10-23 11:52:25 +00:00
|
|
|
- odcs/frontend
|
2019-10-23 09:22:54 +00:00
|
|
|
|
2019-10-22 08:39:33 +00:00
|
|
|
- name: copy the odcs rabbitmq CA cert.
|
|
|
|
|
copy:
|
|
|
|
|
src: "{{private}}/files/rabbitmq/{{env}}/pki/ca.crt"
|
|
|
|
|
dest: /etc/odcs/ca.crt
|
2020-03-18 10:41:56 +00:00
|
|
|
owner: odcs-server
|
2019-10-23 11:52:25 +00:00
|
|
|
group: apache
|
2019-10-22 08:39:33 +00:00
|
|
|
mode: 0640
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/backend
|
|
|
|
|
- odcs/frontend
|
|
|
|
|
|
2020-12-07 08:42:03 +01:00
|
|
|
- name: copy the custom_compose_raw_config_wrapper.conf file.
|
|
|
|
|
copy:
|
|
|
|
|
src: "{{ roles_path }}/odcs/base/files/odcs/custom_compose_raw_config_wrapper.conf"
|
|
|
|
|
dest: /etc/odcs/custom_compose_raw_config_wrapper.conf
|
|
|
|
|
owner: odcs-server
|
|
|
|
|
group: odcs-server
|
|
|
|
|
mode: 0640
|
|
|
|
|
notify:
|
|
|
|
|
- restart odcs-celery-backend
|
|
|
|
|
when: inventory_hostname.startswith('odcs-backend')
|
|
|
|
|
tags:
|
|
|
|
|
- odcs
|
|
|
|
|
- odcs/backend
|
