From 119dc56d6c94febf734438870c433bb5cdf59561 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miroslav=20Such=C3=BD?= Date: Mon, 15 Mar 2021 18:47:04 +0100 Subject: [PATCH] copr: add copr-db-stg --- inventory/group_vars/copr_db | 8 ++++ .../copr-db-stg.aws.fedoraproject.org | 46 +++++++++++++++++++ inventory/inventory | 6 +++ playbooks/groups/copr-db.yml | 38 +++++++++++++++ 4 files changed, 98 insertions(+) create mode 100644 inventory/group_vars/copr_db create mode 100644 inventory/host_vars/copr-db-stg.aws.fedoraproject.org create mode 100644 playbooks/groups/copr-db.yml diff --git a/inventory/group_vars/copr_db b/inventory/group_vars/copr_db new file mode 100644 index 0000000000..e45ccf63e3 --- /dev/null +++ b/inventory/group_vars/copr_db @@ -0,0 +1,8 @@ +--- +tcp_ports: [22, 5432] + +fas_client_groups: sysadmin-copr,fi-apprentice,sysadmin-noc,sysadmin-veteran +csi_security_category: Low +csi_primary_contact: "msuchy (mirek), frostyx, praiskup IRC #fedora-admin, #fedora-buildsys" +csi_purpose: Provide the testing environment of copr's db +csi_relationship: This host is the testing environment for copr's database diff --git a/inventory/host_vars/copr-db-stg.aws.fedoraproject.org b/inventory/host_vars/copr-db-stg.aws.fedoraproject.org new file mode 100644 index 0000000000..d81b02b4c4 --- /dev/null +++ b/inventory/host_vars/copr-db-stg.aws.fedoraproject.org @@ -0,0 +1,46 @@ +--- +datacenter: aws +inventory_hostname: "copr-db-stg.aws.fedoraproject.org" +inventory_instance_name: copr-db-stg + +nm_controlled_resolv: True +ansible_ifcfg_blocklist: True + +swap_file_size_mb: 4096 +swap_file_path: /swap + +hostbase: copr-db-stg- +public_ip: 52.200.82.86 +root_auth_users: msuchy frostyx praiskup schlupov +description: copr database - staging instance + +# Copr vars +copr_hostbase: copr-db-stg + +nagios_Check_Services: + mail: false + nrpe: false + sshd: false + named: false + dhcpd: false + httpd: false + swap: false + ping: false + raid: false + +# This is a generic list, monitored by collectd +databases: +- coprdb + +# This is a more strict list of databases to backup every day +dbs_to_backup: +- coprdb + +fas_client_groups: sysadmin-dba,sysadmin-noc,sysadmin-veteran + +db_backup_dir: ['/backups'] +# Should be 0.25 of memory +#shared_buffers: "16GB" +# Should be 0.80 of memory +#effective_cache_size: "50GB" +#max_stack_depth: "6MB" diff --git a/inventory/inventory b/inventory/inventory index 9b129bd92d..a60b700c02 100644 --- a/inventory/inventory +++ b/inventory/inventory @@ -219,6 +219,7 @@ db01.stg.iad2.fedoraproject.org db03.stg.iad2.fedoraproject.org db-datanommer01.stg.iad2.fedoraproject.org db-koji01.stg.iad2.fedoraproject.org +copr-db-stg.aws.fedoraproject.org # clients that talk to the main postgres servers [postgres_clients] @@ -647,6 +648,7 @@ buildvm-x86-05.stg.iad2.fedoraproject.org busgateway01.stg.iad2.fedoraproject.org compose-x86-01.stg.iad2.fedoraproject.org copr-be-dev.aws.fedoraproject.org +copr-db-stg.aws.fedoraproject.org copr-dist-git-dev.aws.fedoraproject.org copr-fe-dev.aws.fedoraproject.org copr-keygen-dev.aws.fedoraproject.org @@ -976,6 +978,7 @@ copr_front_dev_aws copr_back_dev_aws copr_dist_git_dev_aws copr_keygen_dev_aws +copr-db-stg.aws.fedoraproject.org [copr_all_instances_aws:children] copr_aws @@ -984,6 +987,9 @@ copr_dev_aws [copr_hypervisor] vmhost-x86-copr01.rdu-cc.fedoraproject.org +[copr_db] +copr-db-stg.aws.fedoraproject.org + # [copr_hypervisors_aarch64] # virthost-aarch64-os01.fedorainfracloud.org # virthost-aarch64-os02.fedorainfracloud.org diff --git a/playbooks/groups/copr-db.yml b/playbooks/groups/copr-db.yml new file mode 100644 index 0000000000..1f393f06aa --- /dev/null +++ b/playbooks/groups/copr-db.yml @@ -0,0 +1,38 @@ +# create a new database server system +# NOTE: most of these vars_path come from group_vars/backup_server or from hostvars + +# Once the instance exists, configure it. + +- name: configure postgresql server system + hosts: copr-db-stg.aws.fedoraproject.org + user: root + gather_facts: True + + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + + pre_tasks: + - include_vars: dir=/srv/web/infra/ansible/vars/all/ ignore_files=README + - import_tasks: "{{ tasks_path }}/yumrepos.yml" + + roles: + - base + - rkhunter + - { role: fas_client, when: env != "staging" } + - { role: ipa/client, when: env == "staging" } + - nagios_client + - hosts + #- postgresql_server + #- collectd/base + #- collectd/postgres # This requires a 'databases' var to be set in host_vars + - sudo + + tasks: + - import_tasks: "{{ tasks_path }}/2fa_client.yml" + when: env != "staging" + - import_tasks: "{{ tasks_path }}/motd.yml" + + handlers: + - import_tasks: "{{ handlers_path }}/restart_services.yml"