From 2cb4f66f270421ed17a7b7b195c9129fc8efec58 Mon Sep 17 00:00:00 2001 From: Adrian Reber Date: Thu, 10 Oct 2019 14:38:09 +0200 Subject: [PATCH] Switch staging to new rust based mirrorlist server Signed-off-by: Adrian Reber --- .../mirrorlist_proxy/defaults/main.yml | 1 + .../mirrorlist_proxy/tasks/main.yml | 16 ++++++++++++++++ .../templates/mirrorlist.service.j2 | 15 +++++++++++++++ .../mirrormanager/mirrorlist_proxy/vars/main.yml | 2 ++ 4 files changed, 34 insertions(+) diff --git a/roles/mirrormanager/mirrorlist_proxy/defaults/main.yml b/roles/mirrormanager/mirrorlist_proxy/defaults/main.yml index 35b2fbc51f..452abc98d8 100644 --- a/roles/mirrormanager/mirrorlist_proxy/defaults/main.yml +++ b/roles/mirrormanager/mirrorlist_proxy/defaults/main.yml @@ -1 +1,2 @@ mirrorlist_container_image: "candidate-registry.fedoraproject.org/f29/mirrormanager2-mirrorlist:f29-container-candidate-80018-20190214185556" +mirrorlist_container_image_stg: "quay.io/adrianreber/mirrorlist-server:1.0.0" diff --git a/roles/mirrormanager/mirrorlist_proxy/tasks/main.yml b/roles/mirrormanager/mirrorlist_proxy/tasks/main.yml index af322db774..b71f742ce6 100644 --- a/roles/mirrormanager/mirrorlist_proxy/tasks/main.yml +++ b/roles/mirrormanager/mirrorlist_proxy/tasks/main.yml @@ -7,6 +7,22 @@ tags: - mirrorlist_proxy +- name: mirrormanager subgid + lineinfile: + dest: /etc/subgid + regexp: "^mirrormanager:" + line: "mirrormanager:{{ mirrormanager_subgid }}" + tags: + - mirrorlist_proxy + +- name: mirrormanager subuid + lineinfile: + dest: /etc/subuid + regexp: "^mirrormanager:" + line: "mirrormanager:{{ mirrormanager_subuid }}" + tags: + - mirrorlist_proxy + # mirrormanager user ssh key(s) - name: add authorized_keys for mirrormanager authorized_key: key="{{ item }}" user=mirrormanager state=present diff --git a/roles/mirrormanager/mirrorlist_proxy/templates/mirrorlist.service.j2 b/roles/mirrormanager/mirrorlist_proxy/templates/mirrorlist.service.j2 index 6ab9410fb2..f5461d4b5f 100644 --- a/roles/mirrormanager/mirrorlist_proxy/templates/mirrorlist.service.j2 +++ b/roles/mirrormanager/mirrorlist_proxy/templates/mirrorlist.service.j2 @@ -2,9 +2,24 @@ Description=Mirrorlist Container {{ item }} [Service] +{% if env == "staging" %} +User=mirrormanager +{% endif %} ExecStartPre=-/usr/bin/podman stop %n ExecStartPre=-/usr/bin/podman rm %n --force +{% if env == "staging" %} +ExecStart=/usr/bin/podman run \ + --net=host --userns=keep-id \ + -e RUST_LOG=info --rm=true --name %n \ + -v /usr/share/GeoIP:/usr/share/GeoIP \ + -v /srv/mirrorlist/data/mirrorlist{{ item }}:/var/lib/mirrormanager:z \ + -v /var/log/mirrormanager:/var/log/mirrormanager:z \ + {{ mirrorlist_container_image_stg }} \ + --port 1808{{ item }} \ + -l /var/log/mirrormanager/%n.log +{% else %} ExecStart=/usr/bin/podman run --rm=true --name %n -v /srv/mirrorlist/data/mirrorlist{{ item }}:/var/lib/mirrormanager:z -v /var/log/mirrormanager:/var/log/mirrormanager:z -p 1808{{ item }}:80 {{ mirrorlist_container_image }} -l /var/log/mirrormanager/%n.log +{% endif %} ExecStop=/usr/bin/podman stop %n [Install] diff --git a/roles/mirrormanager/mirrorlist_proxy/vars/main.yml b/roles/mirrormanager/mirrorlist_proxy/vars/main.yml index 089784c9b0..398f8c037b 100644 --- a/roles/mirrormanager/mirrorlist_proxy/vars/main.yml +++ b/roles/mirrormanager/mirrorlist_proxy/vars/main.yml @@ -1,4 +1,6 @@ mirrormanager_uid: 441 mirrormanager_gid: 441 +mirrormanager_subuid: "100000:65536" +mirrormanager_subgid: "100000:65536" mirrors_gid: 263 mirrors2_gid: 529