Merge branch 'master' of /git/ansible
This commit is contained in:
Randy Barlow
commit
5fb8c38b4b
15 changed files with 43 additions and 49 deletions
|
|
@ -23,7 +23,7 @@ custom_rules: [
|
|||
|
||||
# TODO - remove modularity-wg membership here once it is not longer needed:
|
||||
# https://fedorahosted.org/fedora-infrastructure/ticket/5363
|
||||
fas_client_groups: sysadmin-ask,sysadmin-web,sysadmin-main,sysadmin-cvs,sysadmin-build,sysadmin-noc,sysadmin-releng,sysadmin-dba,sysadmin-hosted,sysadmin-tools,sysadmin-spin,sysadmin-cloud,fi-apprentice,sysadmin-darkserver,sysadmin-badges,sysadmin-troubleshoot,sysadmin-qa,sysadmin-centos,sysadmin-ppc,sysadmin-koschei,sysadmin-secondary,sysadmin-fedimg,sysadmin-veteran,modularity-wg,pungi-devel
|
||||
fas_client_groups: sysadmin-ask,sysadmin-web,sysadmin-main,sysadmin-cvs,sysadmin-build,sysadmin-noc,sysadmin-releng,sysadmin-dba,sysadmin-hosted,sysadmin-tools,sysadmin-spin,sysadmin-cloud,fi-apprentice,sysadmin-darkserver,sysadmin-badges,sysadmin-troubleshoot,sysadmin-qa,sysadmin-centos,sysadmin-ppc,sysadmin-koschei,sysadmin-secondary,sysadmin-fedimg,sysadmin-veteran,sysadmin-mbs,modularity-wg,pungi-devel
|
||||
|
||||
#
|
||||
# This is a postfix gateway. This will pick up gateway postfix config in base
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ tcp_ports: [ 80, 443 ]
|
|||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-ask,sysadmin-build,sysadmin-cvs,sysadmin-main,sysadmin-web,sysadmin-noc,sysadmin-hosted,sysadmin-releng,sysadmin-qa,sysadmin-tools,sysadmin-cloud,sysadmin-bot,sysadmin-centos,sysadmin-koschei,sysadmin-datanommer,sysadmin-fedimg,fi-apprentice,sysadmin-regcfp,sysadmin-badges,sysadmin-veteran
|
||||
fas_client_groups: sysadmin-ask,sysadmin-build,sysadmin-cvs,sysadmin-main,sysadmin-web,sysadmin-noc,sysadmin-hosted,sysadmin-releng,sysadmin-qa,sysadmin-tools,sysadmin-cloud,sysadmin-bot,sysadmin-centos,sysadmin-koschei,sysadmin-datanommer,sysadmin-fedimg,fi-apprentice,sysadmin-regcfp,sysadmin-badges,sysadmin-mbs,sysadmin-veteran
|
||||
|
||||
ansible_base: /srv/web/infra
|
||||
freezes: false
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ freezes: false
|
|||
tcp_ports: [ 3000, 3001, 3002, 3003,
|
||||
3004, 3005, 3006, 3007 ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-releng
|
||||
fas_client_groups: sysadmin-noc,sysadmin-releng,sysadmin-mbs
|
||||
|
||||
# These people get told when something goes wrong.
|
||||
fedmsg_error_recipients:
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ freezes: false
|
|||
tcp_ports: [ 3000, 3001, 3002, 3003,
|
||||
3004, 3005, 3006, 3007 ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-releng
|
||||
fas_client_groups: sysadmin-noc,sysadmin-releng,sysadmin-mbs
|
||||
|
||||
# These people get told when something goes wrong.
|
||||
fedmsg_error_recipients:
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ tcp_ports: [ 80 ]
|
|||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-releng
|
||||
fas_client_groups: sysadmin-noc,sysadmin-releng,sysadmin-mbs
|
||||
|
||||
# These are consumed by a task in roles/fedmsg/base/main.yml
|
||||
fedmsg_certs:
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ tcp_ports: [ 80 ]
|
|||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-releng
|
||||
fas_client_groups: sysadmin-noc,sysadmin-releng,sysadmin-mbs
|
||||
|
||||
# These are consumed by a task in roles/fedmsg/base/main.yml
|
||||
fedmsg_certs:
|
||||
|
|
|
|||
|
|
@ -69,6 +69,10 @@ buildslave_password: '{{ qa_stg_buildslave_password }}'
|
|||
deployment_type: qa-stg
|
||||
tcp_ports: [ 80, 222, 443, "{{ buildslave_port }}", 3306 ]
|
||||
|
||||
# for downloading taskotron images
|
||||
imagesdir: /var/lib/diskimages
|
||||
slaves_group: apache
|
||||
|
||||
# static sites
|
||||
static_sites:
|
||||
- name: "{{ inventory_hostname }}"
|
||||
|
|
@ -79,6 +83,11 @@ static_sites:
|
|||
document_root: /srv/content/docs
|
||||
external_name: "docs.{{ external_hostname }}"
|
||||
|
||||
- name: "images.{{ inventory_hostname }}"
|
||||
document_root: /srv/content/images
|
||||
external_name: "images.{{ external_hostname }}"
|
||||
|
||||
|
||||
sslonly: false
|
||||
|
||||
freezes: false
|
||||
|
|
|
|||
|
|
@ -1,26 +0,0 @@
|
|||
---
|
||||
nm: 255.255.255.128
|
||||
gw: 152.19.134.129
|
||||
dns: 8.8.8.8
|
||||
ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
|
||||
ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
|
||||
volgroup: /dev/vg_ibiblio04
|
||||
eth0_ip: 152.19.134.195
|
||||
eth0_nm: 255.255.255.128
|
||||
has_ipv6: yes
|
||||
eth0_ipv6: "2610:28:3090:3001:5054:ff:fed9:f194"
|
||||
eth0_ipv6_gw: "2610:28:3090:3001::1"
|
||||
|
||||
vmhost: ibiblio04.fedoraproject.org
|
||||
datacenter: ibiblio
|
||||
postfix_group: vpn
|
||||
vpn: true
|
||||
|
||||
tcp_ports: [80, 443, 873]
|
||||
rsyncd_conf: "rsyncd.conf.download-{{ datacenter }}"
|
||||
nrpe_procs_warn: 900
|
||||
nrpe_procs_crit: 1000
|
||||
|
||||
lvm_size: 20000
|
||||
mem_size: 8192
|
||||
num_cpus: 4
|
||||
|
|
@ -2,9 +2,9 @@
|
|||
nm: 255.255.255.128
|
||||
gw: 152.19.134.129
|
||||
dns: 152.2.21.1
|
||||
ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7
|
||||
ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
|
||||
ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
|
||||
volgroup: /dev/vg_ibiblio04
|
||||
volgroup: /dev/vg_guests
|
||||
eth0_ip: 152.19.134.192
|
||||
eth0_nm: 255.255.255.128
|
||||
has_ipv6: yes
|
||||
|
|
|
|||
|
|
@ -2,9 +2,9 @@
|
|||
nm: 255.255.255.128
|
||||
gw: 152.19.134.129
|
||||
dns: 152.2.21.1
|
||||
ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7
|
||||
ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
|
||||
ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
|
||||
volgroup: /dev/vg_ibiblio04
|
||||
volgroup: /dev/vg_guests
|
||||
eth0_ip: 152.19.134.150
|
||||
eth0_nm: 255.255.255.128
|
||||
vmhost: ibiblio04.fedoraproject.org
|
||||
|
|
|
|||
|
|
@ -108,6 +108,9 @@
|
|||
tags:
|
||||
- qastaticsites
|
||||
|
||||
roles:
|
||||
- { role: taskotron/imagefactory-client, tags: ['imagefactoryclient']}
|
||||
|
||||
handlers:
|
||||
- include: "{{ handlers }}/restart_services.yml"
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
- name: verify koschei frontend
|
||||
hosts: "{{ koschei_web_hosts | default('koschei-web') }}"
|
||||
hosts: "{{ koschei_web_hosts | default('koschei-web:koschei-web-stg') }}"
|
||||
vars_files:
|
||||
- /srv/web/infra/ansible/vars/global.yml
|
||||
- /srv/private/ansible/vars.yml
|
||||
|
|
@ -11,7 +11,7 @@
|
|||
- koschei/frontend
|
||||
|
||||
- name: verify koschei backend
|
||||
hosts: "{{ koschei_backend_hosts | default('koschei-backend') }}"
|
||||
hosts: "{{ koschei_backend_hosts | default('koschei-backend:koschei-backend-stg') }}"
|
||||
vars_files:
|
||||
- /srv/web/infra/ansible/vars/global.yml
|
||||
- /srv/private/ansible/vars.yml
|
||||
|
|
@ -22,7 +22,7 @@
|
|||
- koschei/backend
|
||||
|
||||
- name: upgrade koschei backend
|
||||
hosts: "{{ koschei_backend_hosts | default('koschei-backend') }}"
|
||||
hosts: "{{ koschei_backend_hosts | default('koschei-backend:koschei-backend-stg') }}"
|
||||
vars_files:
|
||||
- /srv/web/infra/ansible/vars/global.yml
|
||||
- /srv/private/ansible/vars.yml
|
||||
|
|
@ -60,7 +60,7 @@
|
|||
- koschei-backend-fedora
|
||||
|
||||
- name: upgrade koschei frontend
|
||||
hosts: "{{ koschei_web_hosts | default('koschei-web') }}"
|
||||
hosts: "{{ koschei_web_hosts | default('koschei-web:koschei-web-stg') }}"
|
||||
vars_files:
|
||||
- /srv/web/infra/ansible/vars/global.yml
|
||||
- /srv/private/ansible/vars.yml
|
||||
|
|
@ -92,7 +92,7 @@
|
|||
- koschei-frontend-fedora
|
||||
|
||||
- name: run DB migration
|
||||
hosts: "{{ koschei_backend_hosts | default('koschei-backend') }}"
|
||||
hosts: "{{ koschei_backend_hosts | default('koschei-backend:koschei-backend-stg') }}"
|
||||
vars_files:
|
||||
- /srv/web/infra/ansible/vars/global.yml
|
||||
- /srv/private/ansible/vars.yml
|
||||
|
|
@ -104,7 +104,7 @@
|
|||
command: alembic -c /usr/share/koschei/alembic.ini upgrade head
|
||||
|
||||
- name: restart koschei frontend
|
||||
hosts: "{{ koschei_web_hosts | default('koschei-web') }}"
|
||||
hosts: "{{ koschei_web_hosts | default('koschei-web:koschei-web-stg') }}"
|
||||
vars_files:
|
||||
- /srv/web/infra/ansible/vars/global.yml
|
||||
- /srv/private/ansible/vars.yml
|
||||
|
|
@ -116,7 +116,7 @@
|
|||
- koschei/frontend
|
||||
|
||||
- name: restart koschei backend
|
||||
hosts: "{{ koschei_backend_hosts | default('koschei-backend') }}"
|
||||
hosts: "{{ koschei_backend_hosts | default('koschei-backend:koschei-backend-stg') }}"
|
||||
vars_files:
|
||||
- /srv/web/infra/ansible/vars/global.yml
|
||||
- /srv/private/ansible/vars.yml
|
||||
|
|
@ -127,13 +127,13 @@
|
|||
- koschei/backend
|
||||
|
||||
- name: Check whether backend update happened
|
||||
hosts: "{{ koschei_backend_hosts | default('koschei-backend') }}"
|
||||
hosts: "{{ koschei_backend_hosts | default('koschei-backend:koschei-backend-stg') }}"
|
||||
tasks:
|
||||
- assert:
|
||||
that: backend_upgrade.changed
|
||||
|
||||
- name: Check whether frontend update happened
|
||||
hosts: "{{ koschei_web_hosts | default('koschei-web') }}"
|
||||
hosts: "{{ koschei_web_hosts | default('koschei-web:koschei-web-stg') }}"
|
||||
tasks:
|
||||
- assert:
|
||||
that: frontend_upgrade.changed
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@
|
|||
user: name="copr-dist-git" group=copr-dist-git groups=cvsadmin,packager uid=1001
|
||||
|
||||
- name: create user for copr-dist-git service
|
||||
user: name="copr-service" group=copr-service groups=packager,docker generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa uid=1002
|
||||
user: name="copr-service" group=copr-service groups=packager,docker,apache,mock generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa uid=1002
|
||||
|
||||
- name: enable copr dist-git repo
|
||||
shell: "dnf -y copr enable clime/dist-git"
|
||||
|
|
@ -35,8 +35,6 @@
|
|||
- rdiff-backup
|
||||
- tmpwatch
|
||||
|
||||
- user: append=yes name="copr-service" groups=apache,mock
|
||||
|
||||
- name: install copr-dist-git
|
||||
dnf: state=latest name={{ item }}
|
||||
with_items:
|
||||
|
|
|
|||
|
|
@ -47,3 +47,13 @@
|
|||
- mbs
|
||||
- mbs/frontend
|
||||
- selinux
|
||||
|
||||
- name: make httpd logs world readable
|
||||
file:
|
||||
name: /var/log/httpd
|
||||
state: directory
|
||||
mode: 0755
|
||||
tags:
|
||||
- mbs
|
||||
- mbs/frontend
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
define service {
|
||||
host_name mirrorlist-osuosl, mirrorlist-ibiblio, mirrorlist-ibiblio02, mirrorlist-phx2, mirrorlist-host1plus, mirrorlist-dedicatedsolutions
|
||||
host_name mirrorlist-osuosl, mirrorlist-ibiblio02, mirrorlist-phx2, mirrorlist-host1plus, mirrorlist-dedicatedsolutions
|
||||
service_description Check MirrorList Cache
|
||||
check_command check_by_nrpe!check_mirrorlist_cache
|
||||
use defaulttemplate
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue