Merge branch 'master' of /git/ansible

2015-09-16 16:38:59 +00:00 · 2015-09-16 16:38:59 +00:00 · 35ff2d9806
commit 35ff2d9806
parent 002d045ff1 25f71933ab
8 changed files with 81 additions and 10 deletions
--- a/inventory/group_vars/batcave
+++ b/inventory/group_vars/batcave
@ -12,3 +12,4 @@ fas_client_groups: sysadmin-ask,sysadmin-build,sysadmin-cvs,sysadmin-main,sysadm

 ansible_base: /srv/web/infra/ansible
 freezes: false
+nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
--- a/playbooks/groups/batcave.yml
+++ b/playbooks/groups/batcave.yml
@ -20,16 +20,17 @@
  - ansible-server
  - sudo
  - collectd/base
+  - git/hooks
  - cgit/base
  - cgit/clean_lock_cron
  - cgit/make_pkgs_list
  - apache
  - httpd/mod_ssl
-  - { role: httpd/certificate, name: wildcard-2014.fedorapeople.org, SSLCertificateChainFile: wildcard-2014.fedorapeople.org.intermediate.cert }
-
+  - { role: httpd/certificate, name: wildcard-2014.fedoraproject.org, SSLCertificateChainFile: wildcard-2014.fedoraproject.org.intermediate.cert }
  - batcave

  - { role: nfs/client, mnt_dir: '/srv/web/pub',  nfs_src_dir: 'fedora_ftp/fedora.redhat.com/pub' }
+  - { role: nfs/client, mnt_dir: '/mnt/fedora/app',  nfs_src_dir: 'fedora_app/app' }
  
  tasks:
  - include: "{{ tasks }}/yumrepos.yml"
--- a/roles/batcave/files/ansible-playbook-check-diff.cron
+++ b/roles/batcave/files/ansible-playbook-check-diff.cron
@ -0,0 +1,10 @@
+#!/bin/bash
+mailto='admin@fedoraproject.org'
+source /root/sshagent >>/dev/null
+export ANSIBLE_HOST_KEY_CHECKING=False
+export HOME=/root/
+#export ANSIBLE_SSH_PIPELINING=False
+/srv/web/infra/ansible/scripts/ansible-playbook-check-diff |& grep ok=
+
+# Send a email with failed or changed from the above check/diff run
+/srv/web/infra/ansible/scripts/logview -d today -s CHECK_DIFF:CHANGED -s CHECK_DIFF:FAILED | mailx -s "ansible changed/failed actions from check/diff daily run" sysadmin-logs-members@fedoraproject.org
--- a/roles/batcave/files/public-db-copy.cron
+++ b/roles/batcave/files/public-db-copy.cron
@ -0,0 +1,5 @@
+#!/bin/bash
+mailto='admin@fedoraproject.org'
+source /root/sshagent >>/dev/null
+export ANSIBLE_HOST_KEY_CHECKING=False
+/srv/web/infra/ansible/scripts/public-db-copy >& /dev/null
--- a/roles/batcave/files/vmdiff.sh
+++ b/roles/batcave/files/vmdiff.sh
@ -0,0 +1,24 @@
+#!/bin/bash
+dest="/var/log/virthost-lists.out"
+output=$(mktemp tmp.XXXXXXXXXX)
+diffout=$(mktemp tmp.XXXXXXXXX)
+mailto='admin@fedoraproject.org'
+source /root/sshagent >>/dev/null
+export ANSIBLE_HOST_KEY_CHECKING=False
+/srv/web/infra/ansible/scripts/list-vms-per-host --host=virtservers 2>/dev/null  > "$output"
+chmod 644 "$output"
+diff -u "$dest" "$output" > $diffout
+rc=$?
+if [ $rc == 1 ]; then
+    cat $diffout | /bin/mail -s "virthosts changed: `date +'%Y-%m-%d %H:%M'`" $mailto
+    cp -f $dest ${dest}.last
+elif [ $rc == 2 ]; then
+    cat $output | /bin/mail -s "virthosts: `date +'%Y-%m-%d %H:%M'`" $mailto
+fi
+bad=""
+bad=`/bin/grep 'shutdown:1' $output`
+if [ -n "$bad" ]; then
+   echo -e "\n$bad\n" | /bin/mail -s "shutdown virt instances which are set to autorun" $mailto
+fi
+mv -f "$output" "$dest"
+rm -f $diffout
--- a/roles/batcave/tasks/main.yml
+++ b/roles/batcave/tasks/main.yml
@ -58,6 +58,37 @@
  - batcave
  - config

+#
+# This script checks all the virthosts and logs what guests they are running. 
+#
+
+#- name: install vmdiff.sh cron
+#  copy: src=vmdiff.sh dest=/etc/cron.hourly/vmdiff.sh mode=0755
+#  tags:
+#  - batcave
+#  - config
+
+#
+# Setup public db copy script.
+#
+
+#- name: setup public db copy script
+#  copy: src=public-db-copy.cron dest=/etc/cron.daily/public-db-copy.cron mode=0755
+#  tags:
+#  - batcave
+#  - config
+
+#
+# Setup job that runs a check/diff ansible run over all playbooks each night.
+#
+
+#- name: setup checkdiff ansible job
+#  copy: src=ansible-playbook-check-diff.cron dest=/etc/cron.daily/ansible-playbook-check-diff.cron mode=0755
+#  tags:
+#  - batcave
+#  - config
+
+
 # still to convert from puppet:
 #    include scripts::check-sshkeys
 #    include scripts::git-notifier
@ -65,20 +96,14 @@
 #    include scripts::sync-openshift-keys
 #    include scripts::zodbotAnnounceCommits
 #    include scripts::fedmsgAnnounceCommits
-#    include scripts::ansible-playbook-check-diff
-#    include scripts::public-db-copy
-#    include ansible_utils::ansible_utils
+#    include scripts::sync-rhn
 #
 #    include repo2json
+#    include ansible_utils::ansible_utils
 #
-#    include scripts::sync-rhn
-#    include scripts::vmdiff
 #    include rsync::server
 #    include scripts::geoip-retriever
 #    include geoip-retriever
-#    include git::package
-#    include git::mail-hooks
-#    include git-email-package
 #
 #    httpd::site { "infrastructure.fedoraproject.org": }
 #
--- a/roles/httpd/website/files/robots/robots.txt.apps.fedoraproject.org
+++ b/roles/httpd/website/files/robots/robots.txt.apps.fedoraproject.org
@ -0,0 +1,3 @@
+User-agent: *
+Disallow: /packages/
+Crawl-delay: 1
--- a/roles/pkgdb2/files/fas2.py
+++ b/roles/pkgdb2/files/fas2.py
@ -259,6 +259,8 @@ class AccountSystem(BaseClient):
            149140: 'jdulaney@fedoraproject.org',
            # Niels de Vos: niels@nixpanic.net
            102792: 'ndevos@redhat.com',
+            # Shawn Wells: swells@redhat.com
+            156515: 'shawn@redhat.com',
        }
        # A few people have an email account that is used in owners.list but
        # have setup a bugzilla account for their primary account system email