Merge branch 'master' of /git/ansible

2015-09-16 16:38:59 +00:00 · 2015-09-16 16:38:59 +00:00 · 35ff2d9806
commit 35ff2d9806
parent 002d045ff1 25f71933ab
8 changed files with 81 additions and 10 deletions
--- a/inventory/group_vars/batcave
+++ b/inventory/group_vars/batcave
@ -12,3 +12,4 @@ fas_client_groups: sysadmin-ask,sysadmin-build,sysadmin-cvs,sysadmin-main,sysadm
 ansible_base: /srv/web/infra/ansible
 freezes: false
 nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
--- a/playbooks/groups/batcave.yml
+++ b/playbooks/groups/batcave.yml
@ -20,16 +20,17 @@
  - ansible-server
  - sudo
  - collectd/base
  - git/hooks
  - cgit/base
  - cgit/clean_lock_cron
  - cgit/make_pkgs_list
  - apache
  - httpd/mod_ssl
-  - { role: httpd/certificate, name: wildcard-2014.fedorapeople.org, SSLCertificateChainFile: wildcard-2014.fedorapeople.org.intermediate.cert }
+  - { role: httpd/certificate, name: wildcard-2014.fedoraproject.org, SSLCertificateChainFile: wildcard-2014.fedoraproject.org.intermediate.cert }
  - batcave
  - { role: nfs/client, mnt_dir: '/srv/web/pub',  nfs_src_dir: 'fedora_ftp/fedora.redhat.com/pub' }
  - { role: nfs/client, mnt_dir: '/mnt/fedora/app',  nfs_src_dir: 'fedora_app/app' }
  tasks:
  - include: "{{ tasks }}/yumrepos.yml"
--- a/roles/batcave/files/ansible-playbook-check-diff.cron
+++ b/roles/batcave/files/ansible-playbook-check-diff.cron
@ -0,0 +1,10 @@
 #!/bin/bash
 mailto='admin@fedoraproject.org'
 source /root/sshagent >>/dev/null
 export ANSIBLE_HOST_KEY_CHECKING=False
 export HOME=/root/
 #export ANSIBLE_SSH_PIPELINING=False
 /srv/web/infra/ansible/scripts/ansible-playbook-check-diff |& grep ok=
 # Send a email with failed or changed from the above check/diff run
 /srv/web/infra/ansible/scripts/logview -d today -s CHECK_DIFF:CHANGED -s CHECK_DIFF:FAILED | mailx -s "ansible changed/failed actions from check/diff daily run" sysadmin-logs-members@fedoraproject.org
--- a/roles/batcave/files/public-db-copy.cron
+++ b/roles/batcave/files/public-db-copy.cron
@ -0,0 +1,5 @@
 #!/bin/bash
 mailto='admin@fedoraproject.org'
 source /root/sshagent >>/dev/null
 export ANSIBLE_HOST_KEY_CHECKING=False
 /srv/web/infra/ansible/scripts/public-db-copy >& /dev/null
--- a/roles/batcave/files/vmdiff.sh
+++ b/roles/batcave/files/vmdiff.sh
@ -0,0 +1,24 @@
 #!/bin/bash
 dest="/var/log/virthost-lists.out"
 output=$(mktemp tmp.XXXXXXXXXX)
 diffout=$(mktemp tmp.XXXXXXXXX)
 mailto='admin@fedoraproject.org'
 source /root/sshagent >>/dev/null
 export ANSIBLE_HOST_KEY_CHECKING=False
 /srv/web/infra/ansible/scripts/list-vms-per-host --host=virtservers 2>/dev/null  > "$output"
 chmod 644 "$output"
 diff -u "$dest" "$output" > $diffout
 rc=$?
 if [ $rc == 1 ]; then
    cat $diffout | /bin/mail -s "virthosts changed: `date +'%Y-%m-%d %H:%M'`" $mailto
    cp -f $dest ${dest}.last
 elif [ $rc == 2 ]; then
    cat $output | /bin/mail -s "virthosts: `date +'%Y-%m-%d %H:%M'`" $mailto
 fi
 bad=""
 bad=`/bin/grep 'shutdown:1' $output`
 if [ -n "$bad" ]; then
   echo -e "\n$bad\n" | /bin/mail -s "shutdown virt instances which are set to autorun" $mailto
 fi
 mv -f "$output" "$dest"
 rm -f $diffout
--- a/roles/batcave/tasks/main.yml
+++ b/roles/batcave/tasks/main.yml
@ -58,6 +58,37 @@
  - batcave
  - config
 #
 # This script checks all the virthosts and logs what guests they are running. 
 #
 #- name: install vmdiff.sh cron
 #  copy: src=vmdiff.sh dest=/etc/cron.hourly/vmdiff.sh mode=0755
 #  tags:
 #  - batcave
 #  - config
 #
 # Setup public db copy script.
 #
 #- name: setup public db copy script
 #  copy: src=public-db-copy.cron dest=/etc/cron.daily/public-db-copy.cron mode=0755
 #  tags:
 #  - batcave
 #  - config
 #
 # Setup job that runs a check/diff ansible run over all playbooks each night.
 #
 #- name: setup checkdiff ansible job
 #  copy: src=ansible-playbook-check-diff.cron dest=/etc/cron.daily/ansible-playbook-check-diff.cron mode=0755
 #  tags:
 #  - batcave
 #  - config
 # still to convert from puppet:
 #    include scripts::check-sshkeys
 #    include scripts::git-notifier
@ -65,20 +96,14 @@
 #    include scripts::sync-openshift-keys
 #    include scripts::zodbotAnnounceCommits
 #    include scripts::fedmsgAnnounceCommits
-#    include scripts::ansible-playbook-check-diff
+#    include scripts::sync-rhn
 #    include scripts::public-db-copy
 #    include ansible_utils::ansible_utils
 #
 #    include repo2json
 #    include ansible_utils::ansible_utils
 #
 #    include scripts::sync-rhn
 #    include scripts::vmdiff
 #    include rsync::server
 #    include scripts::geoip-retriever
 #    include geoip-retriever
 #    include git::package
 #    include git::mail-hooks
 #    include git-email-package
 #
 #    httpd::site { "infrastructure.fedoraproject.org": }
 #
--- a/roles/httpd/website/files/robots/robots.txt.apps.fedoraproject.org
+++ b/roles/httpd/website/files/robots/robots.txt.apps.fedoraproject.org
@ -0,0 +1,3 @@
 User-agent: *
 Disallow: /packages/
 Crawl-delay: 1
--- a/roles/pkgdb2/files/fas2.py
+++ b/roles/pkgdb2/files/fas2.py
@ -259,6 +259,8 @@ class AccountSystem(BaseClient):
            149140: 'jdulaney@fedoraproject.org',
            # Niels de Vos: niels@nixpanic.net
            102792: 'ndevos@redhat.com',
            # Shawn Wells: swells@redhat.com
            156515: 'shawn@redhat.com',
        }
        # A few people have an email account that is used in owners.list but
        # have setup a bugzilla account for their primary account system email