diff --git a/playbooks/groups/batcave.yml b/playbooks/groups/batcave.yml index 9571a5adb6..f291838547 100644 --- a/playbooks/groups/batcave.yml +++ b/playbooks/groups/batcave.yml @@ -20,16 +20,17 @@ - ansible-server - sudo - collectd/base + - git/hooks - cgit/base - cgit/clean_lock_cron - cgit/make_pkgs_list - apache - httpd/mod_ssl - - { role: httpd/certificate, name: wildcard-2014.fedorapeople.org, SSLCertificateChainFile: wildcard-2014.fedorapeople.org.intermediate.cert } - + - { role: httpd/certificate, name: wildcard-2014.fedoraproject.org, SSLCertificateChainFile: wildcard-2014.fedoraproject.org.intermediate.cert } - batcave - { role: nfs/client, mnt_dir: '/srv/web/pub', nfs_src_dir: 'fedora_ftp/fedora.redhat.com/pub' } + - { role: nfs/client, mnt_dir: '/mnt/fedora/app', nfs_src_dir: 'fedora_app/app' } tasks: - include: "{{ tasks }}/yumrepos.yml" diff --git a/roles/batcave/files/ansible-playbook-check-diff.cron b/roles/batcave/files/ansible-playbook-check-diff.cron new file mode 100755 index 0000000000..eeec65f31d --- /dev/null +++ b/roles/batcave/files/ansible-playbook-check-diff.cron @@ -0,0 +1,10 @@ +#!/bin/bash +mailto='admin@fedoraproject.org' +source /root/sshagent >>/dev/null +export ANSIBLE_HOST_KEY_CHECKING=False +export HOME=/root/ +#export ANSIBLE_SSH_PIPELINING=False +/srv/web/infra/ansible/scripts/ansible-playbook-check-diff |& grep ok= + +# Send a email with failed or changed from the above check/diff run +/srv/web/infra/ansible/scripts/logview -d today -s CHECK_DIFF:CHANGED -s CHECK_DIFF:FAILED | mailx -s "ansible changed/failed actions from check/diff daily run" sysadmin-logs-members@fedoraproject.org diff --git a/roles/batcave/files/public-db-copy.cron b/roles/batcave/files/public-db-copy.cron new file mode 100755 index 0000000000..84d9196c62 --- /dev/null +++ b/roles/batcave/files/public-db-copy.cron @@ -0,0 +1,5 @@ +#!/bin/bash +mailto='admin@fedoraproject.org' +source /root/sshagent >>/dev/null +export ANSIBLE_HOST_KEY_CHECKING=False +/srv/web/infra/ansible/scripts/public-db-copy >& /dev/null diff --git a/roles/batcave/files/vmdiff.sh b/roles/batcave/files/vmdiff.sh new file mode 100755 index 0000000000..9f840cf373 --- /dev/null +++ b/roles/batcave/files/vmdiff.sh @@ -0,0 +1,24 @@ +#!/bin/bash +dest="/var/log/virthost-lists.out" +output=$(mktemp tmp.XXXXXXXXXX) +diffout=$(mktemp tmp.XXXXXXXXX) +mailto='admin@fedoraproject.org' +source /root/sshagent >>/dev/null +export ANSIBLE_HOST_KEY_CHECKING=False +/srv/web/infra/ansible/scripts/list-vms-per-host --host=virtservers 2>/dev/null > "$output" +chmod 644 "$output" +diff -u "$dest" "$output" > $diffout +rc=$? +if [ $rc == 1 ]; then + cat $diffout | /bin/mail -s "virthosts changed: `date +'%Y-%m-%d %H:%M'`" $mailto + cp -f $dest ${dest}.last +elif [ $rc == 2 ]; then + cat $output | /bin/mail -s "virthosts: `date +'%Y-%m-%d %H:%M'`" $mailto +fi +bad="" +bad=`/bin/grep 'shutdown:1' $output` +if [ -n "$bad" ]; then + echo -e "\n$bad\n" | /bin/mail -s "shutdown virt instances which are set to autorun" $mailto +fi +mv -f "$output" "$dest" +rm -f $diffout diff --git a/roles/batcave/tasks/main.yml b/roles/batcave/tasks/main.yml index cdcfec60e8..4ac451b944 100644 --- a/roles/batcave/tasks/main.yml +++ b/roles/batcave/tasks/main.yml @@ -58,6 +58,37 @@ - batcave - config +# +# This script checks all the virthosts and logs what guests they are running. +# + +#- name: install vmdiff.sh cron +# copy: src=vmdiff.sh dest=/etc/cron.hourly/vmdiff.sh mode=0755 +# tags: +# - batcave +# - config + +# +# Setup public db copy script. +# + +#- name: setup public db copy script +# copy: src=public-db-copy.cron dest=/etc/cron.daily/public-db-copy.cron mode=0755 +# tags: +# - batcave +# - config + +# +# Setup job that runs a check/diff ansible run over all playbooks each night. +# + +#- name: setup checkdiff ansible job +# copy: src=ansible-playbook-check-diff.cron dest=/etc/cron.daily/ansible-playbook-check-diff.cron mode=0755 +# tags: +# - batcave +# - config + + # still to convert from puppet: # include scripts::check-sshkeys # include scripts::git-notifier @@ -65,20 +96,14 @@ # include scripts::sync-openshift-keys # include scripts::zodbotAnnounceCommits # include scripts::fedmsgAnnounceCommits -# include scripts::ansible-playbook-check-diff -# include scripts::public-db-copy -# include ansible_utils::ansible_utils +# include scripts::sync-rhn # # include repo2json +# include ansible_utils::ansible_utils # -# include scripts::sync-rhn -# include scripts::vmdiff # include rsync::server # include scripts::geoip-retriever # include geoip-retriever -# include git::package -# include git::mail-hooks -# include git-email-package # # httpd::site { "infrastructure.fedoraproject.org": } #