Merge branch 'master' of /git/ansible

inventory/host_vars/db-qa01.qa.fedoraproject.org

@@ -15,6 +15,7 @@ databases:
 - postgres
 - buildmaster
 - execdb
+- openqa
 - resultsdb
 
 # This is a more strict list, to be made publicly available
@@ -26,6 +27,10 @@ dbs_to_backup:
 - execdb
 - execdb_stg
 - execdb_dev
+# these names are also stored as host vars 'openqa_dbname',
+# make sure to keep in sync
+- openqa
+- openqa-stg
 - resultsdb
 - resultsdb_stg
 - resultsdb_dev

playbooks/hosts/osbs-dev.fedorainfracloud.org.yml

@@ -142,12 +142,11 @@
     - {
       role: docker-distribution,
         cert: {
-          private_path: "files/osbs/osbs-dev.certs",
+          dest_dir: "/etc/pki/docker/osbs-dev.fedorainfracloud.org:5000/",
-          dir: "/etc/pki/docker/osbs-dev.fedorainfracloud.org:5000/",
+          cert_src: "{{private}}/files/osbs/osbs-dev.certs/osbs-dev.fedorainfracloud.org.crt",
-          src_name: "osbs-dev.fedorainfracloud.org.crt",
+          cert_dest: "ca.key",
-          src_key_name: "osbs-dev.fedorainfracloud.org.key",
+          key_src: "{{private}}/files/osbs/osbs-dev.certs/osbs-dev.fedorainfracloud.org.key",
-          dest_name: "ca.cert",
+          key_dest: "ca.cert",
-          dest_key_name: "ca.key"
         },
         tls: {
           enabled: True,

roles/badges/backend/tasks/main.yml

@@ -172,13 +172,13 @@
 #Should work in sh/bash. Needs tested in other shells
 #
 - name: set PS1 for prod and stage in /etc/profile.d
-  copy: >
+  template: >
-  src=templates/setps1.sh.j2
+    src=templates/setps1.sh.j2
-  dest=/etc/profile.d/setps1.sh
+    dest="/etc/profile.d/setps1.sh"
-  owner=root
+    owner=root
-  group=sysadmin-badges
+    group=sysadmin-badges
-  mode=644
+    mode=644
-  when: {{ env in ['production','staging'] }}
+  when: {% env == 'staging' %} 
   tags:
   - base
   - config

roles/docker-distribution/defaults/main.yml

@@ -19,14 +19,13 @@ storage:
   filesystem:
     rootdirectory: "/var/lib/registry/"
 http:
-  addr: ":5000"
+  addr: "localhost:5000"
 
 # Cert information to place certificate files on system
 cert:
-  private_path: "PRIVATE_PATH_TO_CERT_DIR"
+  dest_dir: "/etc/pki/docker/{{ ansible_fqdn }}{{ http.addr }}"
-  dir: "/etc/pki/docker/{{ ansible_fqdn }}{{ http.addr }}"
+  cert_src: "ca.crt"
-  src_name: "ca.crt"
+  cert_dest: "ca.crt"
-  src_key_name: "ca.key"
+  key_src: "ca.key"
-  dest_name: "ca.crt"
+  key_dest: "ca.key"
-  dest_key_name: "ca.key"
 

roles/docker-distribution/handlers/main.yml

@@ -1,2 +1,4 @@
 ---
 # handlers file for docker-distribution
+- name: restart docker-distribution
+  service: name=docker-distribution state=restarted

roles/docker-distribution/tasks/main.yml

@@ -11,10 +11,11 @@
   template:
     src: config.yml.j2
     dest: "{{ conf_path }}"
+  notify: restart docker-distribution
 
 - name: ensure docker certs dir exists
   file:
-    path: "{{ cert.dir }}"
+    path: "{{ cert.dest_dir }}"
     state: directory
   when: tls.enabled
 
@@ -22,13 +23,13 @@
 
 - name: install tls cert for docker
   copy:
-    src: "{{ private  }}/{{ cert.private_path }}/{{ cert.src_name }}"
+    src: "{{ cert.cert_src }}"
-    dest: "{{ cert.dir }}/{{ cert.dest_name }}"
+    dest: "{{ cert.dest_dir}}/{{ cert.cert_dest }}"
   when: tls.enabled
 
 - name: install tls key for docker
   copy:
-    src: "{{ private  }}/{{ cert.private_path }}/{{ cert.src_key_name }}"
+    src: "{{ cert.key_src }}"
-    dest: "{{ cert.dir}}/{{ cert.dest_key_name }}"
+    dest: "{{ cert.dest_dir}}/{{ cert.key_dest }}"
   when: tls.enabled