diff --git a/roles/batcave/files/geoip-download-databases b/roles/batcave/files/geoip-download-databases new file mode 100755 index 0000000000..0bceb57c55 --- /dev/null +++ b/roles/batcave/files/geoip-download-databases @@ -0,0 +1,49 @@ +#!/bin/bash +BASE_URL='http://geolite.maxmind.com/download/geoip/database/' +GEOLITE_COUNTRY_DB='GeoLiteCountry/GeoIP.dat' +GEOLITE_COUNTRY_IPV6_DB='GeoIPv6.dat' +GEOLITE_CITY_DB='GeoLiteCity.dat' +GEOLITE_CITY_IPV6_DB='GeoLiteCityv6-beta/GeoLiteCityv6.dat' + +if [ $# -eq 0 ]; then + echo "usage: geoip-download-databases " >&2 + exit 1 +fi + +outdir="$1" +tmpdir=$(mktemp -d) || exit 1 +trap "rm -rf ${tmpdir}" EXIT QUIT HUP KILL TERM + +pushd $tmpdir +wget "${BASE_URL}${GEOLITE_COUNTRY_DB}.gz" || exit 1 +wget "${BASE_URL}${GEOLITE_COUNTRY_IPV6_DB}.gz" || exit 1 +wget "${BASE_URL}${GEOLITE_CITY_DB}.gz" || exit 1 +wget "${BASE_URL}${GEOLITE_CITY_IPV6_DB}.gz" || exit 1 +gunzip * + +function file_size() +{ + local size + size=$(stat -c "%s" $1 2>/dev/null) + if [ -n "${size}" ]; then + echo ${size} + else + echo 0 + fi +} + +# 200KB. The country database should be just over 1MB, while the city database is presently 43MB. +# This is big enough to notice a seriously corrupted download. +MIN_SIZE=$((1024*200)) +IPV6_MIN_SIZE=$((1024*40)) + +if [ $(file_size $(basename ${GEOLITE_COUNTRY_DB})) -gt ${MIN_SIZE} -a \ + $(file_size $(basename ${GEOLITE_CITY_DB})) -gt ${MIN_SIZE} -a \ + $(file_size $(basename ${GEOLITE_COUNTRY_IPV6_DB})) -gt ${IPV6_MIN_SIZE} -a \ + $(file_size $(basename ${GEOLITE_CITY_IPV6_DB})) -gt ${IPV6_MIN_SIZE} ]; then + cp -a $(basename ${GEOLITE_COUNTRY_DB}) $(basename ${GEOLITE_CITY_DB}) $(basename ${GEOLITE_COUNTRY_IPV6_DB}) $(basename ${GEOLITE_CITY_IPV6_DB}) "${outdir}" +else + echo "unable to retrieve databases." >&2 + exit 1 +fi +exit 0 diff --git a/roles/batcave/files/geoip-download-databases.cron b/roles/batcave/files/geoip-download-databases.cron new file mode 100644 index 0000000000..b4fc995a19 --- /dev/null +++ b/roles/batcave/files/geoip-download-databases.cron @@ -0,0 +1 @@ +0 5 4 * * root /usr/local/bin/geoip-download-databases /srv/web/infra/bigfiles/geoip/ diff --git a/roles/batcave/files/repo2json.cron b/roles/batcave/files/repo2json.cron new file mode 100644 index 0000000000..ce329cb3d1 --- /dev/null +++ b/roles/batcave/files/repo2json.cron @@ -0,0 +1 @@ +5 * * * * apache cd /srv/web/repo/json && /usr/bin/python /srv/web/infra/ansible/roles/repo2json/files/rhel_to_json.py > /dev/null diff --git a/roles/batcave/files/sync-rhn b/roles/batcave/files/sync-rhn new file mode 100644 index 0000000000..ceb6cbe2b4 --- /dev/null +++ b/roles/batcave/files/sync-rhn @@ -0,0 +1,3 @@ +30 1 * * * root /mnt/fedora/app/fi-repo/rhel/do-rhel-sync 2> /dev/null +MAILTO=kevin@fedoraproject.org +30 3 * * * root /mnt/fedora/app/fi-repo/rhel/rhel7/rhel7-sync diff --git a/roles/batcave/tasks/main.yml b/roles/batcave/tasks/main.yml index bf27a636b8..4c2715d8a3 100644 --- a/roles/batcave/tasks/main.yml +++ b/roles/batcave/tasks/main.yml @@ -21,6 +21,10 @@ - yum-metadata-parser # Needed for rhn sync - yum-rhn-plugin # Needed for rhn sync - createrepo_c # Needed for rhn sync + - python-sqlalchemy # Needed for repo2json + - pyliblzma # Needed for repo2json + - ansible_utils # Needed for rbac-playbook + - python-GeoIP # Needed for geoip scripts tags: - batcave - config @@ -142,7 +146,7 @@ # #- name: setup public db copy script -# copy: src=public-db-copy.cron dest=/etc/cron.daily/public-db-copy.cron mode=0755 +# copy: src=public-db-copy.cron dest=/etc/cron.daily/public-db-copy.cron mode=0644 # tags: # - batcave # - config @@ -152,11 +156,21 @@ # #- name: setup checkdiff ansible job -# copy: src=ansible-playbook-check-diff.cron dest=/etc/cron.daily/ansible-playbook-check-diff.cron mode=0755 +# copy: src=ansible-playbook-check-diff.cron dest=/etc/cron.daily/ansible-playbook-check-diff.cron mode=0644 # tags: # - batcave # - config +# +# sync-rhn cron job +# +#- name: setup sync-rhn cron +# copy: src=sync-rhn dest=/etc/cron.d/sync-rhn mode=0644 +# tags: +# - batcave +# - config +# + # # Setup web server config # @@ -181,10 +195,45 @@ - config - httpd -# still to convert from puppet: -# include scripts::check-sshkeys -# include scripts::sync-rhn -# include repo2json -# include ansible_utils::ansible_utils -# include scripts::geoip-retriever -# include geoip-retriever +# +# this cron job creates a json file from the rhel repos +# + +- name: create repo2json directory + file: dest=/srv/web/repo/json mode=0755 state=directory owner=apache group=apache + tags: + - batcave + - config + +#- name: create repo2json cron job +# copy: src=repo2json.cron dest=/etc/cron.d/repo2json.cron mode=0644 +# tags: +# - batcave +# - config + +# +# ansible utils includes our rbac-playbook +# + +- name: install ansible_utils config + copy: src={{ puppet_private }}/rbac.yml dest=/etc/ansible_utils/rbac.yml mode=0500 + tags: + - batcave + - config + +# +# Setup geoip scripts. +# Other machines pull current geoip data from here. +# + +- name: Install geoip download databases script + copy: src=geoip-download-databases dest=/usr/local/bin/geoip-download-databases mode=0755 + tags: + - batcave + - config + +- name: Install geoip download cron + copy: src=geoip-download-databases.cron dest=/etc/cron.d/geoip-download-databases.cron mode=0644 + tags: + - batcave + - config