From 1c6c65844db000819dbeba2c87ad5ce59044ff0a Mon Sep 17 00:00:00 2001 From: James Antill Date: Mon, 3 Mar 2025 16:16:12 -0500 Subject: [PATCH] Add new osbuildapi-update-nft.cron entries, and get it installed when nftables. Signed-off-by: James Antill --- roles/koji_builder/tasks/main.yml | 16 ++++++++++++++++ .../templates/osbuildapi-update-nft.cron | 5 +++++ 2 files changed, 21 insertions(+) create mode 100644 roles/koji_builder/templates/osbuildapi-update-nft.cron diff --git a/roles/koji_builder/tasks/main.yml b/roles/koji_builder/tasks/main.yml index e7c88b8cc0..5b75bb0ff6 100644 --- a/roles/koji_builder/tasks/main.yml +++ b/roles/koji_builder/tasks/main.yml @@ -382,12 +382,28 @@ - name: Install script to update osbuild api ip in the firewall ansible.builtin.template: src=osbuildapi-update.sh dest=/usr/local/bin/osbuildapi-update.sh mode=755 + when: not nftables tags: - koji_builder - koji_builder/osbuildapi - name: Install cron job to run osbuild api ip update script every minute. ansible.builtin.template: src=osbuildapi-update.cron dest=/etc/cron.d/osbuildapi-update.cron mode=644 + when: not nftables + tags: + - koji_builder + - koji_builder/osbuildapi + +- name: Install script to update osbuild api ip in the firewall (nftables) + ansible.builtin.template: src=osbuildapi-update-nft.sh dest=/usr/local/bin/osbuildapi-update-nft.sh mode=755 + when: nftables + tags: + - koji_builder + - koji_builder/osbuildapi + +- name: Install cron job to run osbuild api ip update script every minute. (nftables) + ansible.builtin.template: src=osbuildapi-update-nft.cron dest=/etc/cron.d/osbuildapi-update-nft.cron mode=644 + when: nftables tags: - koji_builder - koji_builder/osbuildapi diff --git a/roles/koji_builder/templates/osbuildapi-update-nft.cron b/roles/koji_builder/templates/osbuildapi-update-nft.cron new file mode 100644 index 0000000000..12f0579b10 --- /dev/null +++ b/roles/koji_builder/templates/osbuildapi-update-nft.cron @@ -0,0 +1,5 @@ +{% if host in groups['osbuild'] %} +*/5 * * * * root /usr/local/bin/lock-wrapper osbuildapi "/usr/local/bin/osbuildapi-update-nft.sh" 2>&1 | /usr/local/bin/nag-once osbuildapi-update-nft.sh 1d 2>&1 +{% else %} +23 17 * * * root /usr/local/bin/lock-wrapper osbuildapi "/usr/local/bin/osbuildapi-update-nft.sh" 2>&1 | /usr/local/bin/nag-once osbuildapi-update-nft.sh 1d 2>&1 +{% endif %}