From 42e930e97f22ca75a3e7fbbf6658d8d5efe27f2e Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Tue, 7 Jun 2022 16:17:29 -0700 Subject: [PATCH] openqa-onebox: tweak db host stuff Using the machine's own hostname works for the ansible delegate stuff but doesn't work for openQA itself (if you try and access the DB by hostname like this, postgres denies access; you have to use 'localhost' for postgres to allow it). Using 'localhost' works for postgres but doesn't do the right thing for delegation. Let's use 'localhost' and split the two play steps into delegated and non-delegated versions. Signed-off-by: Adam Williamson --- inventory/group_vars/openqa_onebox_test | 1 + ...openqa-x86-worker05.iad2.fedoraproject.org | 4 ---- roles/openqa/server/tasks/main.yml | 20 +++++++++++++++---- 3 files changed, 17 insertions(+), 8 deletions(-) diff --git a/inventory/group_vars/openqa_onebox_test b/inventory/group_vars/openqa_onebox_test index 5443d7a487..e26f2f0d2f 100644 --- a/inventory/group_vars/openqa_onebox_test +++ b/inventory/group_vars/openqa_onebox_test @@ -28,6 +28,7 @@ openqa_compose_arches: x86_64 openqa_dbname: openqa-onebox openqa_dbpassword: "{{ stg_openqa_dbpassword }}" openqa_dbuser: openqastg +openqa_dbhost: localhost openqa_env: staging openqa_env_prefix: stg- # this is because openqa staging isn't really a staging host diff --git a/inventory/host_vars/openqa-x86-worker05.iad2.fedoraproject.org b/inventory/host_vars/openqa-x86-worker05.iad2.fedoraproject.org index d28ede9df3..bd54348f11 100644 --- a/inventory/host_vars/openqa-x86-worker05.iad2.fedoraproject.org +++ b/inventory/host_vars/openqa-x86-worker05.iad2.fedoraproject.org @@ -68,7 +68,3 @@ sudoers: "{{ private }}/files/sudo/qavirt-sudoers" # $ENV{QEMUPORT} = ($options{instance}) * 10 + 20002; # so for worker 1 it's 20012, for worker 2 it's 20022, etc etc tcp_ports: ['20013', '20023', '20033', '20043', '20053', '20063', '20073', '20083', '20093', '20103', '20113', '20123', '20133', '20143', '20153', '20163', '20173', '20183', '20193', '20203', '20213', '20223', '20233', '20243', '20253', '20263', '20273', '20283', '20293', '20303'] - -# ONLY FOR WHEN THIS IS ONEBOX_TEST. we make it its own pgsql server. -# I hope delegating to self works... -openqa_dbhost: openqa-x86-worker05.iad2.fedoraproject.org diff --git a/roles/openqa/server/tasks/main.yml b/roles/openqa/server/tasks/main.yml index 670beb9741..37a007ff6c 100644 --- a/roles/openqa/server/tasks/main.yml +++ b/roles/openqa/server/tasks/main.yml @@ -260,19 +260,31 @@ tags: - config -- name: Create database +- name: Create database (delegate) delegate_to: "{{ openqa_dbhost }}" become_user: postgres become: true postgresql_db: db={{ openqa_dbname }} - when: "openqa_dbhost is defined" + when: "openqa_dbhost is defined and openqa_dbhost != 'localhost'" -- name: Ensure db user has access to database +- name: Ensure db user has access to database (delegate) delegate_to: "{{ openqa_dbhost }}" become_user: postgres become: true postgresql_user: db={{ openqa_dbname }} user={{ openqa_dbuser }} password={{ openqa_dbpassword }} role_attr_flags=NOSUPERUSER - when: "openqa_dbhost is defined" + when: "openqa_dbhost is defined and openqa_dbhost != 'localhost'" + +- name: Create database (non-delegate) + become_user: postgres + become: true + postgresql_db: db={{ openqa_dbname }} + when: "openqa_dbhost is defined and openqa_dbhost == 'localhost'" + +- name: Ensure db user has access to database (non-delegate) + become_user: postgres + become: true + postgresql_user: db={{ openqa_dbname }} user={{ openqa_dbuser }} password={{ openqa_dbpassword }} role_attr_flags=NOSUPERUSER + when: "openqa_dbhost is defined and openqa_dbhost == 'localhost'" - name: Database config template: src=database.ini.pgsql.j2 dest=/etc/openqa/database.ini owner=geekotest group=root mode=0640