ansiblelint fixes-- fqcn[action-core] - copy to ansible.builtin.copy
Replaces many references to 'copy' with ansible.builtin.copy Signed-off-by: Ryan Lerch <rlerch@redhat.com>
This commit is contained in:
parent
62952df107
commit
6a3816dfdc
217 changed files with 790 additions and 769 deletions
|
|
@ -17,7 +17,7 @@
|
|||
- import_tasks: "{{ tasks_path }}/yumrepos.yml"
|
||||
|
||||
- name: override nbde_client-network-flush to work around bug
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ files }}/common/nbde_client-network-flush"
|
||||
dest: /usr/bin/nbde_client-network-flush
|
||||
owner: root
|
||||
|
|
@ -25,7 +25,7 @@
|
|||
mode: 755
|
||||
|
||||
- name: tell NetworkManager we don't want any auto connections
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ files }}/common/noautodefault.conf"
|
||||
dest: /etc/NetworkManager/conf.d/noautodefault.conf
|
||||
owner: root
|
||||
|
|
|
|||
|
|
@ -114,7 +114,7 @@
|
|||
|
||||
tasks:
|
||||
- name: Put sshfs key in place
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src="{{ private }}/files/releng/sshkeys/primary-s390x-sshfs{{ '-staging' if env == 'staging' else '' }}"
|
||||
dest="/etc/primary-s390x-sshfs"
|
||||
owner=root group=root mode=0600
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@
|
|||
become: true
|
||||
|
||||
- name: Temporarily dump keys so we can add them to bitwarden
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
content: "{{ copr_dev_pulp_default_admin_password }}"
|
||||
dest: /tmp/pulp_default_admin_password
|
||||
mode: "000"
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@
|
|||
tags: debuginfod
|
||||
|
||||
- name: install debuginfod configuration
|
||||
copy: src="{{ files }}/debuginfod/sysconfig.debuginfod" dest=/etc/sysconfig/debuginfod owner=root group=root mode=644
|
||||
ansible.builtin.copy: src="{{ files }}/debuginfod/sysconfig.debuginfod" dest=/etc/sysconfig/debuginfod owner=root group=root mode=644
|
||||
tags: debuginfod
|
||||
notify:
|
||||
- restart debuginfod
|
||||
|
|
@ -67,7 +67,7 @@
|
|||
|
||||
- name: install debuginfod systemd drop-in
|
||||
tags: debuginfod
|
||||
copy: src="{{ files }}/debuginfod/debuginfod.service.d" dest=/etc/systemd/system/debuginfod.service.d/override.conf owner=root group=root mode=644
|
||||
ansible.builtin.copy: src="{{ files }}/debuginfod/debuginfod.service.d" dest=/etc/systemd/system/debuginfod.service.d/override.conf owner=root group=root mode=644
|
||||
notify:
|
||||
- restart debuginfod
|
||||
|
||||
|
|
|
|||
|
|
@ -53,35 +53,35 @@
|
|||
- import_tasks: "{{ tasks_path }}/motd.yml"
|
||||
|
||||
- name: put in script for syncing fedora on download-ib01
|
||||
copy: src="{{ files }}/download/sync-up-downloads.sh.ib01" dest=/usr/local/bin/sync-up-downloads owner=root group=root mode=755
|
||||
ansible.builtin.copy: src="{{ files }}/download/sync-up-downloads.sh.ib01" dest=/usr/local/bin/sync-up-downloads owner=root group=root mode=755
|
||||
when: inventory_hostname == 'download-ib01.fedoraproject.org'
|
||||
- name: put in script for syncing fedora-alt on download-ib01
|
||||
copy: src="{{ files }}/download/sync-up-other.sh.ib01" dest=/usr/local/bin/sync-up-other owner=root group=root mode=755
|
||||
ansible.builtin.copy: src="{{ files }}/download/sync-up-other.sh.ib01" dest=/usr/local/bin/sync-up-other owner=root group=root mode=755
|
||||
when: inventory_hostname == 'download-ib01.fedoraproject.org'
|
||||
- name: put in script for syncing centos on download-ib01
|
||||
copy: src="{{ files }}/download/sync-up-centos.sh.ib01" dest=/usr/local/bin/sync-up-centos owner=root group=root mode=755
|
||||
ansible.builtin.copy: src="{{ files }}/download/sync-up-centos.sh.ib01" dest=/usr/local/bin/sync-up-centos owner=root group=root mode=755
|
||||
when: inventory_hostname == 'download-ib01.fedoraproject.org'
|
||||
- name: put in cron job for syncing
|
||||
copy: src="{{ files }}/download/download-sync.cron.ib01" dest=/etc/cron.d/download-sync owner=root group=root mode=644
|
||||
ansible.builtin.copy: src="{{ files }}/download/download-sync.cron.ib01" dest=/etc/cron.d/download-sync owner=root group=root mode=644
|
||||
when: inventory_hostname == 'download-ib01.fedoraproject.org'
|
||||
- name: put in last sync scrypt for download-ib01
|
||||
copy: src="{{ files}}/download/last-sync" dest=/usr/local/bin/last-sync mode=0755
|
||||
ansible.builtin.copy: src="{{ files}}/download/last-sync" dest=/usr/local/bin/last-sync mode=0755
|
||||
when: inventory_hostname == 'download-ib01.fedoraproject.org'
|
||||
- name: install bc so last-sync works.
|
||||
package: name=bc state=present
|
||||
when: inventory_hostname == 'download-ib01.fedoraproject.org'
|
||||
|
||||
- name: put in script for syncing on download-cc-rdu01
|
||||
copy: src="{{ files }}/download/sync-up-downloads.sh.cc-rdu01" dest=/usr/local/bin/sync-up-downloads owner=root group=root mode=755
|
||||
ansible.builtin.copy: src="{{ files }}/download/sync-up-downloads.sh.cc-rdu01" dest=/usr/local/bin/sync-up-downloads owner=root group=root mode=755
|
||||
when: inventory_hostname == 'download-cc-rdu01.fedoraproject.org'
|
||||
- name: put in script for syncing centos on download-cc-rdu01
|
||||
copy: src="{{ files }}/download/sync-up-centos.sh.cc-rdu01" dest=/usr/local/bin/sync-up-centos owner=root group=root mode=755
|
||||
ansible.builtin.copy: src="{{ files }}/download/sync-up-centos.sh.cc-rdu01" dest=/usr/local/bin/sync-up-centos owner=root group=root mode=755
|
||||
when: inventory_hostname == 'download-cc-rdu01.fedoraproject.org'
|
||||
- name: put in cron job for syncing on download-cc-rdu01
|
||||
copy: src="{{ files }}/download/download-sync.cron.cc-rdu01" dest=/etc/cron.d/download-sync owner=root group=root mode=644
|
||||
ansible.builtin.copy: src="{{ files }}/download/download-sync.cron.cc-rdu01" dest=/etc/cron.d/download-sync owner=root group=root mode=644
|
||||
when: inventory_hostname == 'download-cc-rdu01.fedoraproject.org'
|
||||
- name: put in last sync scrypt for download-cc-rdu01
|
||||
copy: src="{{ files}}/download/last-sync" dest=/usr/local/bin/last-sync mode=0755
|
||||
ansible.builtin.copy: src="{{ files}}/download/last-sync" dest=/usr/local/bin/last-sync mode=0755
|
||||
when: inventory_hostname == 'download-cc-rdu01.fedoraproject.org'
|
||||
|
||||
- name: make a mnt/koji link
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@
|
|||
# and it takes a long long time to run restorecon over them.
|
||||
#
|
||||
- name: exclude some directories from selinux relabeling on updates
|
||||
copy: src="{{ files }}/logserver/fixfiles_exclude_dirs" dest=/etc/selinux/fixfiles_exclude_dirs owner=root mode=0644
|
||||
ansible.builtin.copy: src="{{ files }}/logserver/fixfiles_exclude_dirs" dest=/etc/selinux/fixfiles_exclude_dirs owner=root mode=0644
|
||||
|
||||
handlers:
|
||||
- import_tasks: "{{ handlers_path }}/restart_services.yml"
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@
|
|||
- packages
|
||||
|
||||
- name: Allow packagers to use mock
|
||||
copy: dest=/etc/pam.d/mock src="{{ files }}/common/mock"
|
||||
ansible.builtin.copy: dest=/etc/pam.d/mock src="{{ files }}/common/mock"
|
||||
tags:
|
||||
- config
|
||||
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@
|
|||
mode: "0770"
|
||||
|
||||
- name: copy oc rpm
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: /srv/web/infra/bigfiles/openshiftboot/oc-client/oc-client.rpm
|
||||
dest: /root/oc-client.rpm
|
||||
|
||||
|
|
@ -44,7 +44,7 @@
|
|||
state: installed
|
||||
|
||||
- name: copy the jobs-summary script
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ files }}/scripts/jobs-summary"
|
||||
dest: /usr/local/bin/jobs-summary
|
||||
mode: "0755"
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@
|
|||
package: name=haproxy state=present
|
||||
|
||||
- name: install haproxy config
|
||||
copy: src="{{ files }}/communishift/haproxy.cfg" dest=/etc/haproxy/haproxy.cfg
|
||||
ansible.builtin.copy: src="{{ files }}/communishift/haproxy.cfg" dest=/etc/haproxy/haproxy.cfg
|
||||
|
||||
- name: Turn on certain selinux booleans so haproxy can bind to ports
|
||||
seboolean: name=haproxy_connect_any state=true persistent=true
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@
|
|||
|
||||
tasks:
|
||||
- name: Copy keytab
|
||||
copy: src={{private}}/files/keytabs/{{env}}/pkgs
|
||||
ansible.builtin.copy: src={{private}}/files/keytabs/{{env}}/pkgs
|
||||
dest=/etc/httpd.keytab
|
||||
owner=apache group=apache mode=0600
|
||||
tags:
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@
|
|||
# - import_tasks: "{{ tasks_path }}/mod_wsgi.yml"
|
||||
|
||||
- name: Ensure nf_conntrack module is loaded before tuning ip_conntrack_max
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
content: |
|
||||
nf_conntrack
|
||||
dest: /etc/modules-load.d/nf_conntrack.conf
|
||||
|
|
@ -138,7 +138,7 @@
|
|||
# If it's not, doesn't hurt to copy it over again
|
||||
#
|
||||
- name: deploy ticket key
|
||||
copy: src=/root/ticketkey_{{env}}.tkey dest=/etc/httpd/ticketkey_{{env}}.tkey
|
||||
ansible.builtin.copy: src=/root/ticketkey_{{env}}.tkey dest=/etc/httpd/ticketkey_{{env}}.tkey
|
||||
owner=root group=root mode=0600
|
||||
notify:
|
||||
- reload proxyhttpd
|
||||
|
|
|
|||
|
|
@ -206,7 +206,7 @@
|
|||
- containerrebuild
|
||||
|
||||
- name: set releng user keytab
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{private}}/files/keytabs/{{env}}/releng"
|
||||
dest: /etc/krb5.releng.keytab
|
||||
owner: root
|
||||
|
|
@ -216,7 +216,7 @@
|
|||
- containerrebuild
|
||||
|
||||
- name: copy releng ssh key for rebuild fedpkg/distgit pushes
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{private}}/files/releng/sshkeys/container-rebuild-{{env}}"
|
||||
dest: /etc/pki/releng
|
||||
owner: root
|
||||
|
|
@ -226,7 +226,7 @@
|
|||
- containerrebuild
|
||||
|
||||
- name: place relengpush script for automatic rebuilds
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{files}}/releng/relengpush"
|
||||
dest: "/usr/local/bin/relengpush"
|
||||
owner: root
|
||||
|
|
@ -236,7 +236,7 @@
|
|||
- containerrebuild
|
||||
|
||||
- name: place relengpush int script for automatic rebuilds
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{files}}/releng/relengpush-int"
|
||||
dest: "/usr/local/bin/relengpush-int"
|
||||
owner: root
|
||||
|
|
|
|||
|
|
@ -66,13 +66,13 @@
|
|||
- python3-productmd
|
||||
|
||||
- name: add create-filelist script from quick-fedora-mirror
|
||||
copy: src="{{ files }}/scripts/create-filelist.py2" dest=/usr/local/bin/create-filelist mode=0755
|
||||
ansible.builtin.copy: src="{{ files }}/scripts/create-filelist.py2" dest=/usr/local/bin/create-filelist mode=0755
|
||||
|
||||
- name: add cron script to update fullfiletimelist
|
||||
copy: src="{{ files }}/scripts/update-fullfiletimelist" dest=/usr/local/bin/update-fullfiletimelist mode=0755
|
||||
ansible.builtin.copy: src="{{ files }}/scripts/update-fullfiletimelist" dest=/usr/local/bin/update-fullfiletimelist mode=0755
|
||||
|
||||
- name: add cron script to prune old logs at /srv/pub/alt/linuxsystemroles/logs
|
||||
copy: src="{{ files }}/scripts/linuxsystemroles-logs-clean" dest=/usr/local/bin/linuxsystemroles-logs-clean mode=0755
|
||||
ansible.builtin.copy: src="{{ files }}/scripts/linuxsystemroles-logs-clean" dest=/usr/local/bin/linuxsystemroles-logs-clean mode=0755
|
||||
|
||||
- name: Update fullfiletimelist job
|
||||
cron: name="update-fullfiletimelist" hour="*/2" minute="55" user="root"
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@
|
|||
- import_tasks: "{{ tasks_path }}/yumrepos.yml"
|
||||
|
||||
- name: override nbde_client-network-flush to work around bug
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ files }}/common/nbde_client-network-flush"
|
||||
dest: /usr/bin/nbde_client-network-flush
|
||||
owner: root
|
||||
|
|
@ -30,7 +30,7 @@
|
|||
mode: 755
|
||||
|
||||
- name: tell NetworkManager we don't want any auto connections
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ files }}/common/noautodefault.conf"
|
||||
dest: /etc/NetworkManager/conf.d/noautodefault.conf
|
||||
owner: root
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@
|
|||
- '/etc/httpd/conf.d/git.fedorahosted.org'
|
||||
|
||||
- name: Install special fedorahosted-redirects.conf with fedorahosted redirects
|
||||
copy: src={{ files }}/httpd/fedorahosted-redirects.conf dest=/etc/httpd/conf.d/fedorahosted.org/fedorahosted-redirects.conf
|
||||
ansible.builtin.copy: src={{ files }}/httpd/fedorahosted-redirects.conf dest=/etc/httpd/conf.d/fedorahosted.org/fedorahosted-redirects.conf
|
||||
|
||||
- name: Install special git.fedorahosted-redirects.conf with git.fedorahosted redirects
|
||||
copy: src={{ files }}/httpd/git.fedorahosted-redirects.conf dest=/etc/httpd/conf.d/git.fedorahosted.org/fedorahosted-redirects.conf
|
||||
ansible.builtin.copy: src={{ files }}/httpd/git.fedorahosted-redirects.conf dest=/etc/httpd/conf.d/git.fedorahosted.org/fedorahosted-redirects.conf
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@
|
|||
become_user: "{{ sar_script_user }}"
|
||||
when: "sar_huge is not defined or not sar_huge"
|
||||
# Store the result on disk
|
||||
- copy:
|
||||
- ansible.builtin.copy:
|
||||
content: "{{ sar_data['stdout'] }}"
|
||||
dest: "{{ hostvars['localhost']['sar_tmp_dir'] }}/{{ sar_output_file }}"
|
||||
delegate_to: localhost
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@
|
|||
register: sar_data
|
||||
# Store the result on disk
|
||||
- name: Copy the output data locally
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
content: "{{ sar_data['stdout'] }}"
|
||||
dest: "{{ hostvars['localhost']['sar_tmp_dir'] }}/{{ item.value.sar_output_file }}"
|
||||
delegate_to: localhost
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@
|
|||
tasks:
|
||||
|
||||
- name: Add the pgpass file
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
content: |
|
||||
db01{{ env_suffix }}.iad2.fedoraproject.org:*:maubot:maubot:{{ (env == 'production')|ternary(maubot_prod_db_password, maubot_stg_db_password) }}
|
||||
dest: /root/.pgpass
|
||||
|
|
@ -27,7 +27,7 @@
|
|||
name: python3-psycopg2
|
||||
|
||||
- name: Install the import script
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ files }}/zodbot/karma-to-cookies-db.py"
|
||||
dest: /usr/local/bin/karma-to-cookies-db
|
||||
mode: "0755"
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
register: home_fedora_res
|
||||
|
||||
- name: Copy the script to the host
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ files }}/scripts/fix-home-fedora-ownerships.sh"
|
||||
dest: /usr/local/sbin/fix-home-fedora-ownerships.sh
|
||||
mode: "0755"
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@
|
|||
dest: "/var/www/html/rhcos/.treeinfo"
|
||||
mode: "0644"
|
||||
- name: == OCP KVM provisioning == Copy kubeadmin config files to bastion
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "/srv/web/infra/bigfiles/openshiftboot/{{ env }}/auth/"
|
||||
dest: "/root/ocp4/ocp-{{env}}/"
|
||||
- name: == OCP KVM provisioning == Downloading RHCOS deploy files
|
||||
|
|
|
|||
|
|
@ -9,4 +9,6 @@
|
|||
|
||||
tasks:
|
||||
- ansible.builtin.file: dest=/srv/web/fedoraproject.org/static/ state=directory
|
||||
- copy: src=hotspot.txt dest=/srv/web/fedoraproject.org/static/hotspot.txt
|
||||
- ansible.builtin.copy:
|
||||
src: hotspot.txt
|
||||
dest: /srv/web/fedoraproject.org/static/hotspot.txt
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@
|
|||
|
||||
tasks:
|
||||
- name: Copy script over to {{target}}
|
||||
copy: src={{private}}/scripts/drivestatus.py dest=/root/drivestatus.py
|
||||
ansible.builtin.copy: src={{private}}/scripts/drivestatus.py dest=/root/drivestatus.py
|
||||
|
||||
- name: Run it for {{mgmt}}
|
||||
shell: python /root/drivestatus.py {{mgmt}}
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@
|
|||
ansible.builtin.file: path={{ rpmdir }}-old state=directory
|
||||
|
||||
- name: Copy the source rpms to the SRPMS dir of {{ repodir }}
|
||||
copy: src={{ item }} dest={{ repodir }}/SRPMS/
|
||||
ansible.builtin.copy: src={{ item }} dest={{ repodir }}/SRPMS/
|
||||
with_fileglob:
|
||||
- "{{ rpmdir }}/*.src.rpm"
|
||||
|
||||
|
|
@ -58,12 +58,12 @@
|
|||
- "{{ rpmdir }}/*.src.rpm"
|
||||
|
||||
- name: Copy the binary rpms to the x86_64 dir of {{ repodir }}
|
||||
copy: src={{ item }} dest={{ repodir }}/x86_64/
|
||||
ansible.builtin.copy: src={{ item }} dest={{ repodir }}/x86_64/
|
||||
with_fileglob:
|
||||
- "{{ rpmdir }}/*.rpm"
|
||||
|
||||
- name: Copy the binary rpms to the i386 dir of {{ repodir }}
|
||||
copy: src={{ item }} dest={{ repodir }}/i386/
|
||||
ansible.builtin.copy: src={{ item }} dest={{ repodir }}/i386/
|
||||
with_fileglob:
|
||||
- "{{ rpmdir }}/*.rpm"
|
||||
|
||||
|
|
|
|||
|
|
@ -56,8 +56,10 @@
|
|||
- import_tasks: "{{ handlers_path }}/restart_services.yml"
|
||||
|
||||
tasks:
|
||||
- copy: src=/srv/web/infra/db-dumps/bodhi2.dump.xz dest=/var/tmp/bodhi2.dump.xz
|
||||
owner=postgres group=postgres
|
||||
- ansible.builtin.copy:
|
||||
src: /srv/web/infra/db-dumps/bodhi2.dump.xz
|
||||
dest: /var/tmp/bodhi2.dump.xz
|
||||
owner: postgres group=postgres
|
||||
- command: unxz /var/tmp/bodhi2.dump.xz
|
||||
creates=/var/tmp/bodhi2.dump
|
||||
- command: dropdb bodhi2
|
||||
|
|
|
|||
|
|
@ -73,7 +73,7 @@
|
|||
tasks:
|
||||
# push dump to stg from batcave
|
||||
- name: Push the DB dump from batcave to the dbhost in stg
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: /var/tmp/{{ db }}.dump.xz
|
||||
dest: /var/tmp/{{ db }}.dump.xz
|
||||
|
||||
|
|
|
|||
|
|
@ -35,11 +35,11 @@
|
|||
|
||||
tasks:
|
||||
# - template: src=templates/mailman-reset-staging.sql dest=/var/lib/pgsql/mailman-reset-staging.sql
|
||||
- copy:
|
||||
src=/srv/web/infra/db-dumps/mailman.dump.xz
|
||||
dest=/var/tmp/mailman.dump.xz
|
||||
owner=postgres
|
||||
group=postgres
|
||||
- ansible.builtin.copy:
|
||||
src: /srv/web/infra/db-dumps/mailman.dump.xz
|
||||
dest: /var/tmp/mailman.dump.xz
|
||||
owner: postgres
|
||||
group: postgres
|
||||
- command: unxz /var/tmp/mailman.dump.xz
|
||||
creates=/var/tmp/mailman.dump
|
||||
- command: dropdb mailman
|
||||
|
|
@ -50,11 +50,11 @@
|
|||
# shell: psql -f /var/lib/pgsql/mailman-reset-staging.sql mailman
|
||||
|
||||
# - template: src=templates/hyperkitty-reset-staging.sql dest=/var/lib/pgsql/hyperkitty-reset-staging.sql
|
||||
- copy:
|
||||
src=/srv/web/infra/db-dumps/hyperkitty.dump.xz
|
||||
dest=/var/tmp/hyperkitty.dump.xz
|
||||
owner=postgres
|
||||
group=postgres
|
||||
- ansible.builtin.copy:
|
||||
src: /srv/web/infra/db-dumps/hyperkitty.dump.xz
|
||||
dest: /var/tmp/hyperkitty.dump.xz
|
||||
owner: postgres
|
||||
group: postgres
|
||||
- command: unxz /var/tmp/hyperkitty.dump.xz
|
||||
creates=/var/tmp/hyperkitty.dump
|
||||
- command: dropdb hyperkitty
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@
|
|||
when: "{{ inventory_hostname == 'remote_src_host' }}"
|
||||
|
||||
- name: copy files from control node to remote_dest_host
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: /tmp/staging
|
||||
dest: /tmp/staging
|
||||
when: "{{ inventory_hostname == 'remote_dest_host' }}"
|
||||
|
|
|
|||
|
|
@ -65,7 +65,7 @@
|
|||
|
||||
- name: Copy updates
|
||||
check_mode: no
|
||||
copy: src={{ bigfiles }}/firmware/{{ item.item.0.dirname }}/{{ item.item.1}}
|
||||
ansible.builtin.copy: src={{ bigfiles }}/firmware/{{ item.item.0.dirname }}/{{ item.item.1}}
|
||||
dest=/root/firmware-upgrades/
|
||||
mode=0700
|
||||
register: copy_results
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@
|
|||
tasks:
|
||||
|
||||
- name: deploy ticket key
|
||||
copy: src=/root/ticketkey_{{env}}.tkey dest=/etc/httpd/ticketkey_{{env}}.tkey
|
||||
ansible.builtin.copy: src=/root/ticketkey_{{env}}.tkey dest=/etc/httpd/ticketkey_{{env}}.tkey
|
||||
owner=root group=root mode=0600
|
||||
notify:
|
||||
- reload proxyhttpd
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@
|
|||
ansible.builtin.file: path=/etc/fedora-messaging/faf owner=root group=root mode=0755 state=directory
|
||||
|
||||
- name: Install certs for fedora-messaging
|
||||
copy: src={{ item.src }}
|
||||
ansible.builtin.copy: src={{ item.src }}
|
||||
dest=/etc/fedora-messaging/faf/{{ item.dest }}
|
||||
owner={{ item.owner }} group=root mode={{ item.mode }}
|
||||
loop:
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@
|
|||
changed_when: false
|
||||
|
||||
- name: Cpf
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: ureport_sample
|
||||
dest: "{{ faf_spool_dir }}/reports/incoming"
|
||||
owner: faf
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
---
|
||||
|
||||
- name: Enable Copr repo for RHEL
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: group_abrt-faf-el8-epel-8.repo
|
||||
dest: /etc/yum.repos.d/
|
||||
when: ansible_distribution == 'RedHat'
|
||||
|
||||
- name: Enable Copr repo for Fedora
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: group_abrt-faf-el8-fedora.repo
|
||||
dest: /etc/yum.repos.d/
|
||||
when: ansible_distribution == 'Fedora'
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@
|
|||
- ansible-server
|
||||
|
||||
- name: Installing the phx2 dns check script
|
||||
copy: src=dns_check.py dest=/usr/local/bin/dns_check owner=root mode=0755
|
||||
ansible.builtin.copy: src=dns_check.py dest=/usr/local/bin/dns_check owner=root mode=0755
|
||||
tags:
|
||||
- ansible-server
|
||||
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@
|
|||
|
||||
# install hash randomization hotfix
|
||||
- name: Hotfix - copy over new httpd init script
|
||||
copy: src="{{ files }}/hotfix/httpd/httpd.init" dest=/etc/init.d/httpd
|
||||
ansible.builtin.copy: src="{{ files }}/hotfix/httpd/httpd.init" dest=/etc/init.d/httpd
|
||||
owner=root group=root mode=0755
|
||||
when: ansible_distribution_major_version|int < 30 and ansible_distribution == 'Fedora'
|
||||
notify:
|
||||
|
|
@ -44,7 +44,7 @@
|
|||
|
||||
# install hash randomization hotfix
|
||||
- name: Hotfix - copy over new httpd init script
|
||||
copy: src="{{ files }}/hotfix/httpd/httpd.init" dest=/etc/init.d/httpd
|
||||
ansible.builtin.copy: src="{{ files }}/hotfix/httpd/httpd.init" dest=/etc/init.d/httpd
|
||||
owner=root group=root mode=0755
|
||||
when: ansible_distribution_major_version|int <= 8 and ansible_distribution == 'RedHat'
|
||||
notify:
|
||||
|
|
@ -83,7 +83,7 @@
|
|||
- apachestatus
|
||||
|
||||
- name: Setup logrotate to our needs
|
||||
copy: src="{{ files }}/httpd/httpd.logrotate" dest=/etc/logrotate.d/httpd
|
||||
ansible.builtin.copy: src="{{ files }}/httpd/httpd.logrotate" dest=/etc/logrotate.d/httpd
|
||||
tags:
|
||||
- config
|
||||
- apache
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
- apps-fp-o
|
||||
|
||||
- name: Copy in the proxy config
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=apps.fp.o.conf dest=/etc/httpd/conf.d/{{website}}/apps.fp.o.conf
|
||||
owner=root group=root mode=0644
|
||||
notify:
|
||||
|
|
@ -48,7 +48,7 @@
|
|||
- apps-fp-o
|
||||
|
||||
- name: Copy in our app data yaml
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=apps.yaml dest=/usr/share/apps-fp-o/apps.yaml
|
||||
owner=root group=root mode=0644
|
||||
notify:
|
||||
|
|
|
|||
|
|
@ -96,7 +96,7 @@
|
|||
when: not host_keytab_status.stat.exists
|
||||
|
||||
- name: Deploy base64 keytab
|
||||
copy: dest=/etc/krb5.keytab.b64
|
||||
ansible.builtin.copy: dest=/etc/krb5.keytab.b64
|
||||
content={{keytab.stdout}}
|
||||
owner=root group=root mode=0600
|
||||
tags:
|
||||
|
|
|
|||
|
|
@ -158,7 +158,7 @@
|
|||
- iptables
|
||||
|
||||
- name: Install blocklist update script
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ private }}/files/blocklist/blocklist-update.sh"
|
||||
dest: /usr/local/bin/blocklist-update.sh
|
||||
owner: root
|
||||
|
|
@ -260,7 +260,7 @@
|
|||
- flush journald tmpfiles to persistent store
|
||||
|
||||
- name: Install rh ca for splunk
|
||||
copy: src={{ private }}/files/splunk-certs/2022-IT-Root-CA.pem
|
||||
ansible.builtin.copy: src={{ private }}/files/splunk-certs/2022-IT-Root-CA.pem
|
||||
dest=/etc/pki/tls/certs/2022-IT-Root-CA.pem
|
||||
tags:
|
||||
- rsyslogd
|
||||
|
|
@ -279,7 +279,7 @@
|
|||
when: inventory_hostname.startswith('log01')
|
||||
|
||||
- name: Rsyslog.conf
|
||||
copy: src={{ item }} dest=/etc/rsyslog.conf mode=0644
|
||||
ansible.builtin.copy: src={{ item }} dest=/etc/rsyslog.conf mode=0644
|
||||
with_first_found:
|
||||
- rsyslog/rsyslog.conf.{{ inventory_hostname }}
|
||||
- rsyslog/rsyslog.conf.{{ dist_tag }}
|
||||
|
|
@ -292,7 +292,7 @@
|
|||
- base
|
||||
|
||||
- name: Rsyslog log rotate for rsyslog servers
|
||||
copy: src=rsyslog/merged-rsyslog dest=/etc/logrotate.d/merged-rsyslog mode=0644
|
||||
ansible.builtin.copy: src=rsyslog/merged-rsyslog dest=/etc/logrotate.d/merged-rsyslog mode=0644
|
||||
when: inventory_hostname.startswith('log')
|
||||
notify:
|
||||
- restart rsyslog
|
||||
|
|
@ -302,7 +302,7 @@
|
|||
- base
|
||||
|
||||
- name: Add rsyslog config to /etc/rsyslog.d
|
||||
copy: src={{ item }} dest=/etc/rsyslog.d/ owner=root group=root mode=0644
|
||||
ansible.builtin.copy: src={{ item }} dest=/etc/rsyslog.d/ owner=root group=root mode=0644
|
||||
with_fileglob:
|
||||
- rsyslog/*.conf
|
||||
notify:
|
||||
|
|
@ -313,7 +313,7 @@
|
|||
- base
|
||||
|
||||
- name: Rsyslog-audit.conf
|
||||
copy: src={{ item }} dest=/etc/rsyslog.d/rsyslog-audit.conf owner=root group=root mode=0644
|
||||
ansible.builtin.copy: src={{ item }} dest=/etc/rsyslog.d/rsyslog-audit.conf owner=root group=root mode=0644
|
||||
with_first_found:
|
||||
- rsyslog/rsyslog-audit.conf.{{ datacenter }}
|
||||
- rsyslog/rsyslog-audit.conf.default
|
||||
|
|
@ -325,7 +325,7 @@
|
|||
- base
|
||||
|
||||
- name: Log everything to log01 except on mirrorlist, do not log local4 there.
|
||||
copy: src=rsyslog/rsyslog-log01 dest=/etc/rsyslog.d/rsyslog-log01.conf mode=0644
|
||||
ansible.builtin.copy: src=rsyslog/rsyslog-log01 dest=/etc/rsyslog.d/rsyslog-log01.conf mode=0644
|
||||
when: not inventory_hostname.startswith(('mirrorlist','copr'))
|
||||
tags:
|
||||
- rsyslogd
|
||||
|
|
@ -333,7 +333,7 @@
|
|||
- base
|
||||
|
||||
- name: Log everything to log01 except on mirrorlist, do log local4 there.
|
||||
copy: src=rsyslog/rsyslog-log01-nolocal4 dest=/etc/rsyslog.d/rsyslog-log01.conf mode=0644
|
||||
ansible.builtin.copy: src=rsyslog/rsyslog-log01-nolocal4 dest=/etc/rsyslog.d/rsyslog-log01.conf mode=0644
|
||||
when: inventory_hostname.startswith('mirrorlist')
|
||||
tags:
|
||||
- rsyslogd
|
||||
|
|
@ -348,7 +348,7 @@
|
|||
- config
|
||||
|
||||
- name: Rsyslogd put systemd limits directory for file handles
|
||||
copy: src=rsyslog/rsyslog-limits-systemd
|
||||
ansible.builtin.copy: src=rsyslog/rsyslog-limits-systemd
|
||||
dest=/etc/systemd/system/rsyslog.service.d/limits.conf mode=0644
|
||||
when: inventory_hostname.startswith('log') or inventory_hostname.startswith('people')
|
||||
tags:
|
||||
|
|
@ -364,7 +364,7 @@
|
|||
- rsyslog-audit
|
||||
|
||||
- name: Copy over our custom selinux module
|
||||
copy: src=selinux/rsyslog-audit.pp dest=/usr/local/share/rsyslog/rsyslog-audit.pp
|
||||
ansible.builtin.copy: src=selinux/rsyslog-audit.pp dest=/usr/local/share/rsyslog/rsyslog-audit.pp
|
||||
register: selinux_module
|
||||
tags:
|
||||
- rsyslogd
|
||||
|
|
@ -381,7 +381,7 @@
|
|||
|
||||
# Custom selinux policy to allow unix_chkpwd to map PAM database
|
||||
- name: Copy over our custom selinux module
|
||||
copy: src=selinux/mapchkpwd.pp dest=/usr/local/share/mapchkpwd.pp
|
||||
ansible.builtin.copy: src=selinux/mapchkpwd.pp dest=/usr/local/share/mapchkpwd.pp
|
||||
register: selinux_module
|
||||
when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
|
||||
tags:
|
||||
|
|
@ -390,7 +390,7 @@
|
|||
|
||||
# Custom selinux policy to allow unix_chkpwd to map PAM database
|
||||
- name: Copy over our custom selinux module
|
||||
copy: src=selinux/mapchkpwd.pp dest=/usr/local/share/mapchkpwd.pp
|
||||
ansible.builtin.copy: src=selinux/mapchkpwd.pp dest=/usr/local/share/mapchkpwd.pp
|
||||
register: selinux_module
|
||||
when: ansible_distribution_major_version|int >= 8 and ansible_distribution == 'RedHat'
|
||||
tags:
|
||||
|
|
@ -413,7 +413,7 @@
|
|||
#
|
||||
|
||||
- name: Install common scripts
|
||||
copy: src={{ item }} dest=/usr/local/bin/ owner=root group=root mode=0755
|
||||
ansible.builtin.copy: src={{ item }} dest=/usr/local/bin/ owner=root group=root mode=0755
|
||||
with_fileglob:
|
||||
- common-scripts/*
|
||||
tags:
|
||||
|
|
@ -437,7 +437,7 @@
|
|||
# Set PS1 to show stage environment at PS1
|
||||
#
|
||||
- name: Set PS1 for stage in /etc/profile.d
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=setstgps1.sh
|
||||
dest="/etc/profile.d/setstgps1.sh"
|
||||
owner=root
|
||||
|
|
@ -452,7 +452,7 @@
|
|||
# Set PS1 to show prod environment at PS1
|
||||
#
|
||||
- name: Set PS1 for prod in /etc/profile.d
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=setprodps1.sh
|
||||
dest="/etc/profile.d/setprodps1.sh"
|
||||
owner=root
|
||||
|
|
@ -467,7 +467,7 @@
|
|||
# Set PS1 to show prod-iad2 environment at PS1
|
||||
#
|
||||
- name: Set PS1 for prod in /etc/profile.d
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=setprodiad2ps1.sh
|
||||
dest="/etc/profile.d/setprodiad2ps1.sh"
|
||||
owner=root
|
||||
|
|
@ -536,7 +536,7 @@
|
|||
- python3alternative
|
||||
|
||||
- name: Cron jobs to compress logs under /var/log/hosts and /mnt/fedora_stats
|
||||
copy: src=compress-log.cron dest=/etc/cron.d/ mode=0644
|
||||
ansible.builtin.copy: src=compress-log.cron dest=/etc/cron.d/ mode=0644
|
||||
tags:
|
||||
- compress
|
||||
when: inventory_hostname.startswith('log0')
|
||||
|
|
@ -545,7 +545,7 @@
|
|||
import_tasks: crypto-policies.yml
|
||||
|
||||
- name: Proxy log rotate for proxy servers
|
||||
copy: src="{{ files }}/common/rsyslog-logrotate" dest=/etc/logrotate.d/rsyslog mode=0644
|
||||
ansible.builtin.copy: src="{{ files }}/common/rsyslog-logrotate" dest=/etc/logrotate.d/rsyslog mode=0644
|
||||
when: inventory_hostname.startswith('proxy')
|
||||
notify:
|
||||
- restart rsyslog
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: /etc/postfix/main.cf
|
||||
copy: src={{ item }} dest=/etc/postfix/main.cf
|
||||
ansible.builtin.copy: src={{ item }} dest=/etc/postfix/main.cf
|
||||
with_first_found:
|
||||
- "{{ postfix_maincf }}"
|
||||
- "postfix/main.cf/main.cf.{{ ansible_fqdn }}"
|
||||
|
|
@ -18,7 +18,7 @@
|
|||
- smtp_auth_relay
|
||||
|
||||
- name: Install /etc/postfix/master.cf file
|
||||
copy: src={{ item }} dest=/etc/postfix/master.cf mode=0644
|
||||
ansible.builtin.copy: src={{ item }} dest=/etc/postfix/master.cf mode=0644
|
||||
with_first_found:
|
||||
- "postfix/master.cf/master.cf.{{ inventory_hostname }}"
|
||||
- "postfix/master.cf/master.cf.{{ host_group }}"
|
||||
|
|
@ -33,7 +33,7 @@
|
|||
- base
|
||||
|
||||
- name: Deploy sender_access file
|
||||
copy: src="{{private}}/files/smtpd/sender_access.{{postfix_group}}" dest="/etc/postfix/sender_access"
|
||||
ansible.builtin.copy: src="{{private}}/files/smtpd/sender_access.{{postfix_group}}" dest="/etc/postfix/sender_access"
|
||||
when: postfix_group == "smtp-mm" or postfix_group == "mailman" or postfix_group == "gateway"
|
||||
notify:
|
||||
- restart postfix
|
||||
|
|
@ -63,7 +63,7 @@
|
|||
- base
|
||||
|
||||
- name: Install /etc/postfix/transport file
|
||||
copy: src="postfix/{{ postfix_transport_filename }}" dest=/etc/postfix/transport
|
||||
ansible.builtin.copy: src="postfix/{{ postfix_transport_filename }}" dest=/etc/postfix/transport
|
||||
when: inventory_hostname.startswith(('smtp-mm','bastion','noc02')) and env != 'staging'
|
||||
notify:
|
||||
- rebuild postfix transport
|
||||
|
|
@ -74,7 +74,7 @@
|
|||
- config
|
||||
|
||||
- name: Install /etc/postfix/bysender file
|
||||
copy: src="postfix/bysender" dest=/etc/postfix/bysender
|
||||
ansible.builtin.copy: src="postfix/bysender" dest=/etc/postfix/bysender
|
||||
when: inventory_hostname.startswith(('bastion')) and env != 'staging'
|
||||
notify:
|
||||
- rebuild postfix bysender
|
||||
|
|
@ -85,7 +85,7 @@
|
|||
- config
|
||||
|
||||
- name: Create /etc/postfix/tls_policy
|
||||
copy: src="postfix/tls_policy" dest=/etc/postfix/tls_policy
|
||||
ansible.builtin.copy: src="postfix/tls_policy" dest=/etc/postfix/tls_policy
|
||||
when: inventory_hostname.startswith(('bastion','smtp-mm','pagure')) and env != 'staging'
|
||||
notify:
|
||||
- rebuild postfix tls_policy
|
||||
|
|
@ -97,7 +97,7 @@
|
|||
# This has: private key, then cert, then intermediate cert
|
||||
# This cert is a digicert one, renew it there.
|
||||
- name: Install /etc/pki/tls/private/gateway-chain.pem
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src="{{private}}/files/smtpd/gateway-chain.pem"
|
||||
dest=/etc/pki/tls/private/gateway-chain.pem
|
||||
owner=root
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@
|
|||
- base
|
||||
|
||||
- name: Watchdog device configuration
|
||||
copy: src=watchdog.conf dest=/etc/watchdog.conf owner=root group=root mode=0644
|
||||
ansible.builtin.copy: src=watchdog.conf dest=/etc/watchdog.conf owner=root group=root mode=0644
|
||||
tags:
|
||||
- config
|
||||
- watchdog
|
||||
|
|
|
|||
|
|
@ -212,7 +212,7 @@
|
|||
- base
|
||||
|
||||
- name: Copy the certificates
|
||||
copy: src="{{pubkeydir}}/{{inventory_hostname}}{{item}}-cert.pub"
|
||||
ansible.builtin.copy: src="{{pubkeydir}}/{{inventory_hostname}}{{item}}-cert.pub"
|
||||
dest="{{item}}-cert.pub"
|
||||
with_items: "{{certs_to_sign}}"
|
||||
register: certcopy
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@
|
|||
when: inventory_hostname.startswith('batcave01')
|
||||
|
||||
- name: Setup ssh_known_hosts file
|
||||
copy: src=ssh_known_hosts dest=/etc/ssh/ssh_known_hosts mode=0644
|
||||
ansible.builtin.copy: src=ssh_known_hosts dest=/etc/ssh/ssh_known_hosts mode=0644
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
@ -59,40 +59,40 @@
|
|||
#
|
||||
|
||||
- name: Setup roots bashrc to note about agents
|
||||
copy: src=root_bashrc dest=/root/.bashrc
|
||||
ansible.builtin.copy: src=root_bashrc dest=/root/.bashrc
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
||||
- name: Run daily logview report for ansible actions.
|
||||
copy: src=logview.cron dest=/etc/cron.daily/logview.cron mode=0755
|
||||
ansible.builtin.copy: src=logview.cron dest=/etc/cron.daily/logview.cron mode=0755
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
when: inventory_hostname.startswith('batcave01')
|
||||
|
||||
- name: Install program for generating ticket key
|
||||
copy: src=generate_ticketkey dest=/usr/local/bin/generate_ticketkey mode=0755
|
||||
ansible.builtin.copy: src=generate_ticketkey dest=/usr/local/bin/generate_ticketkey mode=0755
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
||||
- name: Setup cron for daily ticketkey reollover
|
||||
copy: src=ticketkey.cron dest=/etc/cron.hourly/ticketkey.cron mode=0755
|
||||
ansible.builtin.copy: src=ticketkey.cron dest=/etc/cron.hourly/ticketkey.cron mode=0755
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
when: inventory_hostname.startswith('batcave01')
|
||||
|
||||
- name: Setup cron for removing old pdr requests
|
||||
copy: src=pdr.cron dest=/etc/cron.d/pdr.cron mode=0644
|
||||
ansible.builtin.copy: src=pdr.cron dest=/etc/cron.d/pdr.cron mode=0644
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
when: inventory_hostname.startswith('batcave01')
|
||||
|
||||
- name: Setup cron to expose the rabbitmq certs
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: make-rabbitmq-certs-public.sh
|
||||
dest: /etc/cron.daily/make-rabbitmq-certs-public
|
||||
mode: "0755"
|
||||
|
|
@ -136,7 +136,7 @@
|
|||
- fedora-messaging
|
||||
|
||||
- name: Install the rabbitmq certificates for batcave
|
||||
copy: src={{ item.src }}
|
||||
ansible.builtin.copy: src={{ item.src }}
|
||||
dest=/etc/pki/rabbitmq/{{ item.dest }}
|
||||
owner={{ item.owner }} group={{ item.group}} mode={{ item.mode }}
|
||||
with_items:
|
||||
|
|
@ -169,7 +169,7 @@
|
|||
#
|
||||
|
||||
- name: Setup git-notifier script
|
||||
copy: src=git-notifier dest=/usr/local/bin/git-notifier mode=0755
|
||||
ansible.builtin.copy: src=git-notifier dest=/usr/local/bin/git-notifier mode=0755
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
@ -177,7 +177,7 @@
|
|||
|
||||
# Hook to republish our bare repos for web viewing.
|
||||
- name: Setup syncgittree.sh script
|
||||
copy: src=syncgittree.sh dest=/usr/local/bin/syncgittree.sh mode=0755
|
||||
ansible.builtin.copy: src=syncgittree.sh dest=/usr/local/bin/syncgittree.sh mode=0755
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
@ -194,7 +194,7 @@
|
|||
# python $reposource/hooks/zodbot-announce-commits.py $reposource $zodbot_channel $oldrev $newrev ${1#refs/heads/}
|
||||
|
||||
- name: Install zodbot-announce-commits script
|
||||
copy: src=zodbot-announce-commits.py dest=/usr/local/bin/zodbot-announce-commits.py mode=0755
|
||||
ansible.builtin.copy: src=zodbot-announce-commits.py dest=/usr/local/bin/zodbot-announce-commits.py mode=0755
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
@ -217,14 +217,14 @@
|
|||
#
|
||||
|
||||
- name: Install vmdiff.sh cron
|
||||
copy: src=vmdiff.sh dest=/etc/cron.hourly/vmdiff.sh mode=0755
|
||||
ansible.builtin.copy: src=vmdiff.sh dest=/etc/cron.hourly/vmdiff.sh mode=0755
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
when: inventory_hostname.startswith('batcave01')
|
||||
|
||||
- name: Install infradocs.sh cron
|
||||
copy: src=infradocs.sh dest=/etc/cron.hourly/infradocs.sh mode=0755
|
||||
ansible.builtin.copy: src=infradocs.sh dest=/etc/cron.hourly/infradocs.sh mode=0755
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
@ -236,7 +236,7 @@
|
|||
#
|
||||
|
||||
- name: Setup public db copy script
|
||||
copy: src=public-db-copy.sh dest=/usr/local/bin/public-db-copy.sh mode=0755
|
||||
ansible.builtin.copy: src=public-db-copy.sh dest=/usr/local/bin/public-db-copy.sh mode=0755
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
@ -245,7 +245,7 @@
|
|||
#
|
||||
|
||||
- name: Setup public db copy script
|
||||
copy: src=public-db-copy.cron dest=/etc/cron.d/public-db-copy.cron mode=0644
|
||||
ansible.builtin.copy: src=public-db-copy.cron dest=/etc/cron.d/public-db-copy.cron mode=0644
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
@ -256,7 +256,7 @@
|
|||
#
|
||||
|
||||
- name: Setup checkdiff ansible job
|
||||
copy: src=ansible-playbook-check-diff.cron dest=/etc/cron.daily/ansible-playbook-check-diff.cron mode=0755
|
||||
ansible.builtin.copy: src=ansible-playbook-check-diff.cron dest=/etc/cron.daily/ansible-playbook-check-diff.cron mode=0755
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
@ -267,7 +267,7 @@
|
|||
#
|
||||
|
||||
- name: Setup letsencrypt run for proxies
|
||||
copy: src=proxy-certs-check-renew.cron dest=/etc/cron.weekly/proxy-certs-check-renew.cron mode=0755
|
||||
ansible.builtin.copy: src=proxy-certs-check-renew.cron dest=/etc/cron.weekly/proxy-certs-check-renew.cron mode=0755
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
@ -278,7 +278,7 @@
|
|||
#
|
||||
|
||||
- name: Setup rhel8 sync copy script
|
||||
copy: src=rhel8-sync dest=/mnt/fedora/app/fi-repo/rhel/rhel8/rhel8-sync mode=0775
|
||||
ansible.builtin.copy: src=rhel8-sync dest=/mnt/fedora/app/fi-repo/rhel/rhel8/rhel8-sync mode=0775
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
@ -288,7 +288,7 @@
|
|||
#
|
||||
|
||||
- name: Setup rhel9 sync copy script
|
||||
copy: src=rhel9-sync dest=/mnt/fedora/app/fi-repo/rhel/rhel9/rhel9-sync mode=0775
|
||||
ansible.builtin.copy: src=rhel9-sync dest=/mnt/fedora/app/fi-repo/rhel/rhel9/rhel9-sync mode=0775
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
@ -298,7 +298,7 @@
|
|||
# sync-rhn cron job
|
||||
#
|
||||
- name: Setup sync-rhn cron
|
||||
copy: src=sync-rhn dest=/etc/cron.d/sync-rhn mode=0644
|
||||
ansible.builtin.copy: src=sync-rhn dest=/etc/cron.d/sync-rhn mode=0644
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
@ -309,7 +309,7 @@
|
|||
# sync-centos cron job
|
||||
#
|
||||
- name: Setup sync-rhn cron
|
||||
copy: src=sync-centos dest=/etc/cron.d/sync-centos mode=0644
|
||||
ansible.builtin.copy: src=sync-centos dest=/etc/cron.d/sync-centos mode=0644
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
@ -320,7 +320,7 @@
|
|||
#
|
||||
|
||||
- name: Setup centos 9s sync script
|
||||
copy: src=centos-9s-sync dest=/mnt/fedora/app/fi-repo/centos/centos-9s-sync mode=0775
|
||||
ansible.builtin.copy: src=centos-9s-sync dest=/mnt/fedora/app/fi-repo/centos/centos-9s-sync mode=0775
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
@ -330,7 +330,7 @@
|
|||
#
|
||||
|
||||
- name: Setup centos 10 sync script
|
||||
copy: src=centos-10-sync dest=/mnt/fedora/app/fi-repo/centos/centos-10-sync mode=0775
|
||||
ansible.builtin.copy: src=centos-10-sync dest=/mnt/fedora/app/fi-repo/centos/centos-10-sync mode=0775
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
@ -340,7 +340,7 @@
|
|||
# Setup web server config
|
||||
#
|
||||
- name: Install web server config for batcave (mimetypes)
|
||||
copy: src=mime-types.conf dest=/etc/httpd/conf.d/mime-types.conf mode=0644
|
||||
ansible.builtin.copy: src=mime-types.conf dest=/etc/httpd/conf.d/mime-types.conf mode=0644
|
||||
notify:
|
||||
- reload httpd
|
||||
tags:
|
||||
|
|
@ -349,7 +349,7 @@
|
|||
- httpd
|
||||
|
||||
- name: Install web server config for batcave (access rules)
|
||||
copy: src=allows dest=/etc/httpd/conf.d/allows mode=0644
|
||||
ansible.builtin.copy: src=allows dest=/etc/httpd/conf.d/allows mode=0644
|
||||
notify:
|
||||
- reload httpd
|
||||
tags:
|
||||
|
|
@ -379,7 +379,7 @@
|
|||
when: inventory_hostname.startswith('batcave01')
|
||||
|
||||
- name: Create repo2json cron job
|
||||
copy: src=repo2json.cron dest=/etc/cron.d/repo2json.cron mode=0644
|
||||
ansible.builtin.copy: src=repo2json.cron dest=/etc/cron.d/repo2json.cron mode=0644
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
@ -390,7 +390,7 @@
|
|||
#
|
||||
|
||||
- name: Install the ansible_utils/rbac config
|
||||
copy: src={{ private }}/files/rbac/rbac.yaml dest=/etc/ansible_utils/rbac.yaml mode=0540 group=sysadmin
|
||||
ansible.builtin.copy: src={{ private }}/files/rbac/rbac.yaml dest=/etc/ansible_utils/rbac.yaml mode=0540 group=sysadmin
|
||||
tags:
|
||||
- rbac
|
||||
- batcave
|
||||
|
|
@ -411,7 +411,7 @@
|
|||
- config
|
||||
|
||||
- name: Install geoip download cron
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: geoip-download-databases.cron
|
||||
dest: /etc/cron.d/geoip-download-databases.cron
|
||||
mode: "0644"
|
||||
|
|
@ -549,7 +549,7 @@
|
|||
- batcave
|
||||
|
||||
- name: Add SAR script for koji
|
||||
copy: src=koji_sar.py dest=/usr/local/bin/koji_sar.py owner=root mode=0700
|
||||
ansible.builtin.copy: src=koji_sar.py dest=/usr/local/bin/koji_sar.py owner=root mode=0700
|
||||
tags:
|
||||
- SAR
|
||||
- GDPR
|
||||
|
|
@ -571,7 +571,7 @@
|
|||
- selinux
|
||||
|
||||
- name: Put in place namespace.conf file
|
||||
copy: src=namespace.conf dest=/etc/security/namespace.conf mode=644 owner=root group=root
|
||||
ansible.builtin.copy: src=namespace.conf dest=/etc/security/namespace.conf mode=644 owner=root group=root
|
||||
tags:
|
||||
- config
|
||||
- batcave
|
||||
|
|
@ -613,7 +613,7 @@
|
|||
#
|
||||
|
||||
- name: Enable the postgresql 12 module for psql on batcave
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
dest: /etc/dnf/modules.d/postgresql.module
|
||||
content: |
|
||||
[postgresql]
|
||||
|
|
@ -651,7 +651,7 @@
|
|||
- hotfix
|
||||
|
||||
- name: Empty default welcome.conf
|
||||
copy: dest=/etc/httpd/conf.d/welcome.conf content=""
|
||||
ansible.builtin.copy: dest=/etc/httpd/conf.d/welcome.conf content=""
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@
|
|||
- bkernel
|
||||
|
||||
- name: Setup pesign users config
|
||||
copy: src=pesign-users dest=/etc/pesign/users mode=0600 owner=root group=root
|
||||
ansible.builtin.copy: src=pesign-users dest=/etc/pesign/users mode=0600 owner=root group=root
|
||||
tags:
|
||||
- bkernel
|
||||
|
||||
|
|
@ -55,7 +55,7 @@
|
|||
- bkernel
|
||||
|
||||
- name: When you awake you will remember nothing
|
||||
copy: src=history_off.sh dest=/etc/profile.d/history_off.sh mode=0644
|
||||
ansible.builtin.copy: src=history_off.sh dest=/etc/profile.d/history_off.sh mode=0644
|
||||
tags:
|
||||
- bkernel
|
||||
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@
|
|||
- blockerbugs
|
||||
|
||||
- name: Setup blockerbugs apache conf
|
||||
copy: src=blockerbugs.conf dest=/etc/httpd/conf.d/blockerbugs.conf mode=644
|
||||
ansible.builtin.copy: src=blockerbugs.conf dest=/etc/httpd/conf.d/blockerbugs.conf mode=644
|
||||
notify:
|
||||
- reload httpd
|
||||
tags:
|
||||
|
|
@ -72,7 +72,7 @@
|
|||
- blockerbugs
|
||||
|
||||
- name: Setup blockerbugs cron (master node only)
|
||||
copy: src=blockerbugs.cron dest=/etc/cron.d/blockerbugs
|
||||
ansible.builtin.copy: src=blockerbugs.cron dest=/etc/cron.d/blockerbugs
|
||||
when: master_blockerbugs_node
|
||||
tags:
|
||||
- config
|
||||
|
|
@ -80,7 +80,7 @@
|
|||
|
||||
# this is a "short-term" patch that won't be needed for future versions of blockerbugs
|
||||
- name: Patch bz_interface to work with rhbz changes
|
||||
copy: src=20210914-patched-bz_interface.py dest=/usr/lib/python3.9/site-packages/blockerbugs/util/bz_interface.py
|
||||
ansible.builtin.copy: src=20210914-patched-bz_interface.py dest=/usr/lib/python3.9/site-packages/blockerbugs/util/bz_interface.py
|
||||
when: master_blockerbugs_node
|
||||
tags:
|
||||
- blockerbugs
|
||||
|
|
|
|||
|
|
@ -72,7 +72,7 @@
|
|||
- config
|
||||
|
||||
- name: Put pungi multilib configuration in place
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: pungi_multilib.conf
|
||||
dest: /etc/bodhi/pungi_multilib.conf
|
||||
tags:
|
||||
|
|
@ -81,7 +81,7 @@
|
|||
- config
|
||||
|
||||
- name: Put pungi general configuration in place
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: pungi_general.conf
|
||||
dest: /etc/bodhi/pungi_general.conf
|
||||
tags:
|
||||
|
|
@ -90,7 +90,7 @@
|
|||
- config
|
||||
|
||||
- name: Put createrepo_c configuration in place
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: createrepo_c.ini
|
||||
dest: /etc/bodhi/createrepo_c.ini
|
||||
tags:
|
||||
|
|
@ -138,7 +138,7 @@
|
|||
py3ver: "{{ _python3_version_result.stdout | trim }}"
|
||||
|
||||
- name: Put the koji sync listener script in place
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: koji_sync_listener.py
|
||||
dest: /usr/lib/python{{ py3ver }}/site-packages/koji_sync_listener.py
|
||||
mode: "0644"
|
||||
|
|
@ -170,7 +170,7 @@
|
|||
#
|
||||
|
||||
- name: Put new-updates-sync in place
|
||||
copy: src=new-updates-sync dest=/usr/local/bin/new-updates-sync mode="0755"
|
||||
ansible.builtin.copy: src=new-updates-sync dest=/usr/local/bin/new-updates-sync mode="0755"
|
||||
when: env == "production"
|
||||
tags:
|
||||
- config
|
||||
|
|
@ -178,7 +178,7 @@
|
|||
- cron
|
||||
|
||||
- name: Put bodhi-automated-pushes.py in place
|
||||
copy: src=bodhi-automated-pushes.py dest=/usr/local/bin/bodhi-automated-pushes.py mode="0755"
|
||||
ansible.builtin.copy: src=bodhi-automated-pushes.py dest=/usr/local/bin/bodhi-automated-pushes.py mode="0755"
|
||||
when: env == "production"
|
||||
tags:
|
||||
- config
|
||||
|
|
@ -187,14 +187,14 @@
|
|||
|
||||
# These next two are used by quick-fedora-mirror
|
||||
- name: Put update-fullfiletimelist in place
|
||||
copy: src="{{ files }}/scripts/update-fullfiletimelist" dest=/usr/local/bin/update-fullfiletimelist mode="0755"
|
||||
ansible.builtin.copy: src="{{ files }}/scripts/update-fullfiletimelist" dest=/usr/local/bin/update-fullfiletimelist mode="0755"
|
||||
when: env == "production"
|
||||
tags:
|
||||
- config
|
||||
- bodhi
|
||||
- cron
|
||||
- name: Add create-filelist script from quick-fedora-mirror
|
||||
copy: src="{{ files }}/scripts/create-filelist" dest=/usr/local/bin/create-filelist mode="0755"
|
||||
ansible.builtin.copy: src="{{ files }}/scripts/create-filelist" dest=/usr/local/bin/create-filelist mode="0755"
|
||||
when: env == "production"
|
||||
tags:
|
||||
- config
|
||||
|
|
@ -202,7 +202,7 @@
|
|||
- cron
|
||||
|
||||
- name: Set the updates sync cron job
|
||||
copy: src=new-updates-sync.cron dest=/etc/cron.d/updates-sync
|
||||
ansible.builtin.copy: src=new-updates-sync.cron dest=/etc/cron.d/updates-sync
|
||||
when: env == "production"
|
||||
tags:
|
||||
- config
|
||||
|
|
@ -210,7 +210,7 @@
|
|||
- cron
|
||||
|
||||
- name: Set the bodhi-automated-pushes cron job
|
||||
copy: src=bodhi-automated-pushes.cron dest=/etc/cron.d/bodhi-automated-pushes
|
||||
ansible.builtin.copy: src=bodhi-automated-pushes.cron dest=/etc/cron.d/bodhi-automated-pushes
|
||||
when: env == "production"
|
||||
tags:
|
||||
- config
|
||||
|
|
@ -340,7 +340,7 @@
|
|||
- bodhi
|
||||
|
||||
- name: Deploy the fedora-messaging CA
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ private }}/files/rabbitmq/{{env}}/pki/ca.crt"
|
||||
dest: /etc/pki/fedora-messaging/cacert.pem
|
||||
mode: "0644"
|
||||
|
|
@ -350,7 +350,7 @@
|
|||
- bodhi
|
||||
|
||||
- name: Deploy the fedora-messaging cert
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ private }}/files/rabbitmq/{{env}}/pki/issued/bodhi{{env_suffix}}.crt"
|
||||
dest: /etc/pki/fedora-messaging/bodhi-cert.pem
|
||||
mode: "0644"
|
||||
|
|
@ -360,7 +360,7 @@
|
|||
- bodhi
|
||||
|
||||
- name: Deploy the fedora-messaging key
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ private }}/files/rabbitmq/{{env}}/pki/private/bodhi{{env_suffix}}.key"
|
||||
dest: /etc/pki/fedora-messaging/bodhi-key.pem
|
||||
mode: "0600"
|
||||
|
|
@ -398,7 +398,7 @@
|
|||
- config
|
||||
|
||||
- name: Configure fm-consumer@.service to run as apache
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: fm-consumer@.service
|
||||
dest: /etc/systemd/system/fm-consumer@.service.d/local.conf
|
||||
owner: root
|
||||
|
|
@ -411,7 +411,7 @@
|
|||
- config
|
||||
|
||||
- name: Setup the Celery service
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: bodhi-celery.service
|
||||
dest: /etc/systemd/system/bodhi-celery.service
|
||||
owner: root
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@
|
|||
- bugzilla2fedmsg
|
||||
|
||||
- name: Copy a custom moksha systemd service file
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=moksha-hub.service
|
||||
dest=/usr/lib/systemd/system/moksha-hub.service
|
||||
notify:
|
||||
|
|
@ -47,7 +47,7 @@
|
|||
- bugzilla2fedmsg
|
||||
|
||||
- name: Copy in the certs and keys.
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src="{{ private }}/files/bugzilla2fedmsg/{{ item }}"
|
||||
dest="/etc/pki/fedmsg/{{ item }}"
|
||||
mode=0640 owner=fedmsg group=fedmsg
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@
|
|||
|
||||
## Install all files
|
||||
- name: Install the bz-review-report script
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=bz-review-report.py dest=/usr/local/bin/bz-review-report.py
|
||||
owner=root group=root mode=0755
|
||||
tags:
|
||||
|
|
@ -22,7 +22,7 @@
|
|||
|
||||
## Install the cron job
|
||||
- name: Install the bz-review-report cronjob
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=bz-review-report.cron dest=/etc/cron.d/bz-review-report.cron
|
||||
owner=root group=root mode=0644
|
||||
tags:
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@
|
|||
tags: cgit
|
||||
|
||||
- name: Copy cgit them into place.
|
||||
copy: src={{item}} dest=/usr/share/cgit/{{item}} owner=root group=root mode=0644
|
||||
ansible.builtin.copy: src={{item}} dest=/usr/share/cgit/{{item}} owner=root group=root mode=0644
|
||||
with_items:
|
||||
- cgit.css
|
||||
- cgit.png
|
||||
|
|
@ -34,15 +34,15 @@
|
|||
tags: cgit
|
||||
|
||||
- name: Put cgitrc in place for people
|
||||
copy: src=cgitrc.people dest=/etc/cgitrc owner=root mode=0644
|
||||
ansible.builtin.copy: src=cgitrc.people dest=/etc/cgitrc owner=root mode=0644
|
||||
when: inventory_hostname.startswith('people')
|
||||
tags: cgit
|
||||
|
||||
- name: Put cgitrc in place for batcave
|
||||
copy: src=cgitrc.batcave dest=/etc/cgitrc owner=root mode=0644
|
||||
ansible.builtin.copy: src=cgitrc.batcave dest=/etc/cgitrc owner=root mode=0644
|
||||
when: inventory_hostname.startswith('batcave')
|
||||
tags: cgit
|
||||
|
||||
# - name: Install the libravatar filter
|
||||
# copy: src=email-libravatar-korg.lua dest=/usr/libexec/cgit/filters/email-libravatar-korg.lua owner=root group=root mode=0755
|
||||
# ansible.builtin.copy: src=email-libravatar-korg.lua dest=/usr/libexec/cgit/filters/email-libravatar-korg.lua owner=root group=root mode=0755
|
||||
# tags: cgit
|
||||
|
|
|
|||
|
|
@ -2,5 +2,5 @@
|
|||
# tasklist for setting up the Cron job cleaning CGit locks
|
||||
|
||||
- name: Install the cron file
|
||||
copy: src=clean-lock.cron dest=/etc/cron.d/cgit-clean-lock.cron mode=0644
|
||||
ansible.builtin.copy: src=clean-lock.cron dest=/etc/cron.d/cgit-clean-lock.cron mode=0644
|
||||
tags: cgit
|
||||
|
|
|
|||
|
|
@ -10,16 +10,16 @@
|
|||
tags: cgit
|
||||
|
||||
- name: Ensure the repo list file exists
|
||||
copy: content="" dest=/srv/git/pkgs-git-repos-list force=no owner=apache group=apache mode=0644
|
||||
ansible.builtin.copy: content="" dest=/srv/git/pkgs-git-repos-list force=no owner=apache group=apache mode=0644
|
||||
tags: cgit
|
||||
|
||||
- name: Install the script
|
||||
copy: src=make-cgit-pkgs-list.sh dest=/usr/local/bin/make-cgit-pkgs-list.sh mode=0755
|
||||
ansible.builtin.copy: src=make-cgit-pkgs-list.sh dest=/usr/local/bin/make-cgit-pkgs-list.sh mode=0755
|
||||
when: inventory_hostname.startswith('pkgs')
|
||||
tags: cgit
|
||||
|
||||
- name: Install the script for fedorapeople
|
||||
copy: src=make-people-git.sh dest=/usr/local/bin/make-people-git.sh mode=0755
|
||||
ansible.builtin.copy: src=make-people-git.sh dest=/usr/local/bin/make-people-git.sh mode=0755
|
||||
when: inventory_hostname.startswith('people')
|
||||
tags: cgit
|
||||
|
||||
|
|
@ -27,7 +27,7 @@
|
|||
# For the batcave we just have a small static list
|
||||
#
|
||||
- name: Install the file for batcave
|
||||
copy: src=cgit-projects-batcave dest=/etc/cgit-projects-batcave mode=0644
|
||||
ansible.builtin.copy: src=cgit-projects-batcave dest=/etc/cgit-projects-batcave mode=0644
|
||||
when: inventory_hostname.startswith('batcave')
|
||||
tags: cgit
|
||||
|
||||
|
|
|
|||
|
|
@ -151,7 +151,7 @@
|
|||
# convenience while the roles are all run on the same system, and
|
||||
# stg uses the prod account and credentials to listen on prod
|
||||
- name: Deploy the Fedora infra fedora-messaging cert
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ private }}/files/rabbitmq/{{ checkcompose_env }}/pki/issued/{{ openqa_amqp_this_username }}.crt"
|
||||
dest: "/etc/pki/fedora-messaging/{{ openqa_amqp_this_username }}-cert.pem"
|
||||
mode: "0644"
|
||||
|
|
@ -166,7 +166,7 @@
|
|||
# on the same box as openQA, in fact we need to keep the ownership in
|
||||
# line. This needs making cleaner somehow.
|
||||
- name: Deploy the Fedora infra fedora-messaging key
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ private }}/files/rabbitmq/{{ checkcompose_env }}/pki/private/{{ openqa_amqp_this_username }}.key"
|
||||
dest: "/etc/pki/fedora-messaging/{{ openqa_amqp_this_username }}-key.pem"
|
||||
mode: "0640"
|
||||
|
|
|
|||
|
|
@ -22,13 +22,13 @@
|
|||
- cronie-anacron
|
||||
|
||||
- name: Setup the freshclam configuration
|
||||
copy: src=freshclam.conf dest=/etc/freshclam.conf
|
||||
ansible.builtin.copy: src=freshclam.conf dest=/etc/freshclam.conf
|
||||
|
||||
- name: Enable freshclam by fixing the stupid default sysconfig
|
||||
copy: src=freshclam-sysconfig dest=/etc/sysconfig/freshclam
|
||||
ansible.builtin.copy: src=freshclam-sysconfig dest=/etc/sysconfig/freshclam
|
||||
|
||||
- name: Setup the freshclam cron job
|
||||
copy: src=freshclam-cron dest=/etc/cron.daily/freshclam
|
||||
ansible.builtin.copy: src=freshclam-cron dest=/etc/cron.daily/freshclam
|
||||
|
||||
- name: Setup the periodic clam scan script
|
||||
template: >
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: Install the cloud-image-stat script
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=cloud-image-stat.py dest=/usr/local/bin/cloud-image-stat.py
|
||||
owner=root group=root mode=0755
|
||||
tags:
|
||||
|
|
@ -8,7 +8,7 @@
|
|||
- cloudstats
|
||||
|
||||
- name: Install the cloud-image-stats cronjob to collect stats from log01
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=cloud-image-stat.cron dest=/etc/cron.d/cloud-image-stat.cron
|
||||
owner=root group=root mode=0644
|
||||
tags:
|
||||
|
|
|
|||
|
|
@ -55,7 +55,7 @@
|
|||
|
||||
# install collectd-network config
|
||||
- name: /etc/collectd.d/network.conf
|
||||
copy: src=network-server.conf dest=/etc/collectd.d/network.conf
|
||||
ansible.builtin.copy: src=network-server.conf dest=/etc/collectd.d/network.conf
|
||||
tags:
|
||||
- collectd
|
||||
notify:
|
||||
|
|
@ -88,7 +88,7 @@
|
|||
when: collectd_apache and ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
|
||||
|
||||
- name: /etc/collectd/apache.conf
|
||||
copy: src=apache.conf dest=/etc/collectd.d/apache.conf
|
||||
ansible.builtin.copy: src=apache.conf dest=/etc/collectd.d/apache.conf
|
||||
tags:
|
||||
- collectd
|
||||
notify:
|
||||
|
|
@ -111,7 +111,7 @@
|
|||
when: ( collectd_apache is defined ) and ansible_selinux.status != "disabled"
|
||||
|
||||
- name: Enable collectd nfs module
|
||||
copy: src=nfs.conf dest=/etc/collectd.d/nfs.conf
|
||||
ansible.builtin.copy: src=nfs.conf dest=/etc/collectd.d/nfs.conf
|
||||
tags:
|
||||
- collectd
|
||||
notify:
|
||||
|
|
@ -125,7 +125,7 @@
|
|||
- selinux
|
||||
|
||||
- name: Copy over our general collectd selinux module
|
||||
copy: src=selinux/fi-collectd.pp dest=/usr/share/collectd/fi-collectd.pp
|
||||
ansible.builtin.copy: src=selinux/fi-collectd.pp dest=/usr/share/collectd/fi-collectd.pp
|
||||
register: ficgeneral_module
|
||||
tags:
|
||||
- collectd
|
||||
|
|
@ -159,7 +159,7 @@
|
|||
- selinux
|
||||
|
||||
- name: Copy over our pstorefs/collectd selinux module (rhel6 has no pstorefs)
|
||||
copy: src=selinux/fi-pstorefs.pp dest=/usr/share/collectd/fi-pstorefs.pp
|
||||
ansible.builtin.copy: src=selinux/fi-pstorefs.pp dest=/usr/share/collectd/fi-pstorefs.pp
|
||||
register: ficpstorefs_module
|
||||
tags:
|
||||
- collectd
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
- collectd
|
||||
|
||||
- name: Copy in /etc/collectd.d/bind.conf
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=bind.conf
|
||||
dest=/etc/collectd.d/bind.conf
|
||||
tags:
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
- collectd
|
||||
|
||||
- name: Copy in /usr/local/bin/fcomm-queue-collectd
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=fcomm-queue-collectd.py
|
||||
dest=/usr/local/bin/fcomm-queue-collectd
|
||||
mode=0755
|
||||
|
|
@ -15,7 +15,7 @@
|
|||
notify: restart collectd
|
||||
|
||||
- name: Copy in /etc/collectd.d/fcomm-queue.conf
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=fcomm-queue.conf
|
||||
dest=/etc/collectd.d/fcomm-queue-conf
|
||||
tags:
|
||||
|
|
@ -30,7 +30,7 @@
|
|||
- selinux
|
||||
|
||||
- name: Copy over our fcomm collectd selinux module
|
||||
copy: src=selinux/fi-collectd-fcomm.pp dest=/usr/share/collectd/fi-collectd-fcomm.pp
|
||||
ansible.builtin.copy: src=selinux/fi-collectd-fcomm.pp dest=/usr/share/collectd/fi-collectd-fcomm.pp
|
||||
register: ficfcomm_module
|
||||
tags:
|
||||
- collectd
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
---
|
||||
- name: Copy in /usr/local/bin/fedmsg-map
|
||||
copy: src=fedmsg-map.py dest=/usr/local/bin/fedmsg-map mode=0755
|
||||
ansible.builtin.copy: src=fedmsg-map.py dest=/usr/local/bin/fedmsg-map mode=0755
|
||||
tags:
|
||||
- collectd
|
||||
notify: restart collectd
|
||||
|
||||
- name: Copy in /etc/collectd.d/fedmsg-activation/conf
|
||||
copy: src=fedmsg-activation.conf dest=/etc/collectd.d/fedmsg-activation.conf
|
||||
ansible.builtin.copy: src=fedmsg-activation.conf dest=/etc/collectd.d/fedmsg-activation.conf
|
||||
tags:
|
||||
- collectd
|
||||
notify: restart collectd
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
|
||||
- name: Copy in the memcached collectd config
|
||||
copy: src=memcached.conf dest=/etc/collectd.d/memcached.conf
|
||||
ansible.builtin.copy: src=memcached.conf dest=/etc/collectd.d/memcached.conf
|
||||
tags:
|
||||
- collectd/memcached
|
||||
- collectd
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@
|
|||
|
||||
# install collectd types
|
||||
- name: Install collectd types
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ item }}"
|
||||
dest: /usr/share/collectd/{{ item }}
|
||||
loop:
|
||||
|
|
@ -44,7 +44,7 @@
|
|||
|
||||
# install collectd configs
|
||||
- name: Install collectd config
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ item }}"
|
||||
dest: /etc/collectd.d/{{ item }}
|
||||
loop:
|
||||
|
|
@ -59,14 +59,14 @@
|
|||
|
||||
# install apache config
|
||||
- name: Install collectd apache config
|
||||
copy: src=collectd.conf dest=/etc/httpd/conf.d/collectd.conf
|
||||
ansible.builtin.copy: src=collectd.conf dest=/etc/httpd/conf.d/collectd.conf
|
||||
tags:
|
||||
- config
|
||||
- collectd/server
|
||||
|
||||
# install upgrade target
|
||||
- name: Install collect upgrade target to handle v4 clients
|
||||
copy: src=vfive-upgrade.conf dest=/etc/collectd.d/vfive-upgrade.conf
|
||||
ansible.builtin.copy: src=vfive-upgrade.conf dest=/etc/collectd.d/vfive-upgrade.conf
|
||||
tags:
|
||||
- config
|
||||
- collectd/server
|
||||
|
|
@ -80,7 +80,7 @@
|
|||
|
||||
# push our custom config file for the graph CGIs
|
||||
- name: Push the collection.conf file
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: collection.conf
|
||||
dest: /etc/collection.conf
|
||||
tags:
|
||||
|
|
@ -96,7 +96,7 @@
|
|||
- collectd/server
|
||||
|
||||
- name: Override the timeout for stopping collectd
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: service.timeout.conf
|
||||
dest: /etc/systemd/system/collectd.service.d/timeout.conf
|
||||
notify:
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
---
|
||||
- name: install enable-swap.service
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: files/enable-swap.service
|
||||
dest: /etc/systemd/system/
|
||||
register: enable_swap_service
|
||||
|
||||
- name: install enable-swap.sh
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: files/enable-swap.sh
|
||||
dest: /usr/local/sbin/
|
||||
mode: '0755'
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@
|
|||
when: helpers_installed.changed
|
||||
|
||||
- name: set direct backend for guestfish
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
content: "export LIBGUESTFS_BACKEND=direct"
|
||||
dest: /etc/profile.d/guestfish-copr.sh
|
||||
|
||||
|
|
@ -70,7 +70,7 @@
|
|||
- "{{ eimg_configdir }}/files/copr-distgit-client"
|
||||
- "{{ eimg_configdir }}/files/copr-rpmbuild"
|
||||
|
||||
- copy:
|
||||
- ansible.builtin.copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ eimg_configdir }}/{{ item }}"
|
||||
loop:
|
||||
|
|
@ -88,7 +88,7 @@
|
|||
- files/copr-rpmbuild/rpkg.conf.j2
|
||||
|
||||
- name: eimg.sh config
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
content: |
|
||||
EIMG_COPR_PLAYBOOK_DIR={{ eimg_configdir }}
|
||||
EIMG_COPR_PLAYBOOK=local-image-update.yml
|
||||
|
|
|
|||
|
|
@ -24,12 +24,12 @@
|
|||
when: starting_builder
|
||||
|
||||
- name: put infra repos into yum.repos.d
|
||||
copy: src=files/dnf/infra-tags.repo dest=/etc/yum.repos.d
|
||||
ansible.builtin.copy: src=files/dnf/infra-tags.repo dest=/etc/yum.repos.d
|
||||
when:
|
||||
- preparing_image
|
||||
|
||||
- name: put infra stg repos into yum.repos.d if staging
|
||||
copy: src=files/dnf/infra-tags-stg.repo dest=/etc/yum.repos.d
|
||||
ansible.builtin.copy: src=files/dnf/infra-tags-stg.repo dest=/etc/yum.repos.d
|
||||
when:
|
||||
- devel
|
||||
- starting_builder
|
||||
|
|
@ -200,7 +200,7 @@
|
|||
- starting_builder
|
||||
|
||||
- name: put updated mock configs into /etc/mock
|
||||
copy: src=files/mock/ dest=/etc/copr-rpmbuild/mock-config-overrides
|
||||
ansible.builtin.copy: src=files/mock/ dest=/etc/copr-rpmbuild/mock-config-overrides
|
||||
# conditional, per https://pagure.io/copr/copr/issue/1189 - as we don't want
|
||||
# to bake broken mock configuration into the image.
|
||||
when:
|
||||
|
|
@ -230,7 +230,7 @@
|
|||
ignore_errors: true
|
||||
|
||||
- name: put copr-rpmbuild configuration file in the right place
|
||||
copy: src=files/main.ini dest=/etc/copr-rpmbuild/main.ini
|
||||
ansible.builtin.copy: src=files/main.ini dest=/etc/copr-rpmbuild/main.ini
|
||||
when:
|
||||
# TODO: use the default main.ini provided by copr-rpmbuild
|
||||
- starting_builder
|
||||
|
|
@ -252,7 +252,7 @@
|
|||
authorized_key: user=root key='{{ lookup('file', 'files/buildsys.pub') }}'
|
||||
|
||||
- name: setup 10x more fds in limits.conf
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
content: |
|
||||
* soft nofile 10240
|
||||
* hard nofile 10240
|
||||
|
|
@ -315,7 +315,7 @@
|
|||
# Hotfix for https://github.com/fedora-copr/copr/issues/3140
|
||||
# Hotfix for https://github.com/fedora-copr/copr/issues/3146
|
||||
- name: Install custom copr-rpmbuild configs
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "files/{{ item }}"
|
||||
dest: "/etc/copr-rpmbuild/{{ item }}"
|
||||
when:
|
||||
|
|
|
|||
|
|
@ -70,7 +70,7 @@
|
|||
tags: copr_ping
|
||||
|
||||
- name: Install the Copr API token
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
content: |
|
||||
[copr-cli]
|
||||
login = {{ copr_ping_bot_login }}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: Copy .pem
|
||||
copy: src=../../files/fedora-cloud/fed-cloud09.pem dest=/etc/pki/ca-trust/source/anchors/
|
||||
ansible.builtin.copy: src=../../files/fedora-cloud/fed-cloud09.pem dest=/etc/pki/ca-trust/source/anchors/
|
||||
register: cloud_pem_copied
|
||||
|
||||
- name: Update certificates
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@
|
|||
- .ssh
|
||||
|
||||
- name: Setup privkey for copr user
|
||||
copy: src="{{ private }}/files/copr/buildsys.priv" dest=/home/copr/.ssh/id_rsa owner=copr group=copr mode=600
|
||||
ansible.builtin.copy: src="{{ private }}/files/copr/buildsys.priv" dest=/home/copr/.ssh/id_rsa owner=copr group=copr mode=600
|
||||
|
||||
- name: Setup copr user ssh config file
|
||||
template:
|
||||
|
|
@ -81,7 +81,7 @@
|
|||
when: hostsstat.rc == 1
|
||||
|
||||
- name: Replace bashrc for copr user
|
||||
copy: src="copr_bashrc" dest=/home/copr/.bashrc owner=copr group=copr mode=600
|
||||
ansible.builtin.copy: src="copr_bashrc" dest=/home/copr/.bashrc owner=copr group=copr mode=600
|
||||
|
||||
- name: Auth_key so we can login to localhost as the copr user from the copr user
|
||||
authorized_key: user=copr key="{{ item }}"
|
||||
|
|
@ -90,7 +90,7 @@
|
|||
- "provision/files/buildsys.pub"
|
||||
|
||||
- name: Copy .boto file
|
||||
copy: src="boto" dest=/home/copr/.boto owner=copr group=copr
|
||||
ansible.builtin.copy: src="boto" dest=/home/copr/.boto owner=copr group=copr
|
||||
|
||||
# setup webserver
|
||||
- name: Install lighttpd.conf
|
||||
|
|
@ -122,7 +122,7 @@
|
|||
|
||||
# mime default to text/plain and enable dirlisting for indexes
|
||||
- name: Update lighttpd configs
|
||||
copy: src="lighttpd/{{ item }}" dest="/etc/lighttpd/conf.d/{{ item }}" owner=root group=root mode=0644
|
||||
ansible.builtin.copy: src="lighttpd/{{ item }}" dest="/etc/lighttpd/conf.d/{{ item }}" owner=root group=root mode=0644
|
||||
with_items:
|
||||
- dirlisting.conf
|
||||
- mime.conf
|
||||
|
|
@ -135,14 +135,14 @@
|
|||
template: src="lighttpd/dir-generator.php.j2" dest="/var/lib/copr/public_html/dir-generator.php" owner=copr group=copr mode=0755
|
||||
|
||||
- name: Install resalloc CGI script
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: cgi-resalloc
|
||||
dest: /var/www/
|
||||
setype: httpd_sys_script_exec_t
|
||||
mode: "0755"
|
||||
|
||||
- name: Install the helper scripts for lighttpd log rotation
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ item }}"
|
||||
dest: /usr/local/bin/{{ item }}
|
||||
mode: "0755"
|
||||
|
|
@ -206,12 +206,12 @@
|
|||
- resalloc
|
||||
|
||||
- name: Put ansible.cfg for all this into /etc/ansible/ on the system
|
||||
copy: src="provision/ansible.cfg" dest=/etc/ansible/ansible.cfg
|
||||
ansible.builtin.copy: src="provision/ansible.cfg" dest=/etc/ansible/ansible.cfg
|
||||
tags:
|
||||
- provision_config
|
||||
|
||||
- name: Install .ansible.cfg for copr user
|
||||
copy: src=ansible.cfg dest=/home/copr/.ansible.cfg
|
||||
ansible.builtin.copy: src=ansible.cfg dest=/home/copr/.ansible.cfg
|
||||
owner=copr group=copr mode=600
|
||||
tags:
|
||||
- provision_config
|
||||
|
|
@ -226,7 +226,7 @@
|
|||
- always
|
||||
|
||||
- name: Copy image preparation scripts
|
||||
copy: src="{{ item }}" dest=/usr/local/bin/
|
||||
ansible.builtin.copy: src="{{ item }}" dest=/usr/local/bin/
|
||||
owner=root mode=755
|
||||
with_fileglob:
|
||||
- copr-builder-image-*.sh
|
||||
|
|
@ -235,7 +235,7 @@
|
|||
- provision_config
|
||||
|
||||
- name: Testing fixture
|
||||
copy: dest="/home/copr/cloud/ec2rc.variable" content=""
|
||||
ansible.builtin.copy: dest="/home/copr/cloud/ec2rc.variable" content=""
|
||||
when: devel|bool
|
||||
|
||||
- name: Copy copr-be.conf
|
||||
|
|
@ -303,7 +303,7 @@
|
|||
- clean_rh_subscriptions
|
||||
|
||||
- name: Install offline token for copr-team in RHSM
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
content: "{{ copr_red_hat_subscription_offline_token }}"
|
||||
dest: "{{ rhn_offline_token_file }}"
|
||||
mode: "0600"
|
||||
|
|
@ -360,7 +360,7 @@
|
|||
ansible.builtin.file: dest=/usr/local/share/copr state=directory
|
||||
|
||||
- name: Copy over our custom selinux module
|
||||
copy: src=selinux/copr_rules.pp dest=/usr/local/share/copr/copr_rules.pp
|
||||
ansible.builtin.copy: src=selinux/copr_rules.pp dest=/usr/local/share/copr/copr_rules.pp
|
||||
register: selinux_module
|
||||
|
||||
- name: Install our custom selinux module
|
||||
|
|
@ -390,7 +390,7 @@
|
|||
append: yes
|
||||
|
||||
- name: Install daily custom copr-backend crontab
|
||||
copy: src=cron.daily/copr-backend dest=/etc/cron.daily/
|
||||
ansible.builtin.copy: src=cron.daily/copr-backend dest=/etc/cron.daily/
|
||||
mode=0755
|
||||
tags: [cron_tasks]
|
||||
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@
|
|||
when: datacenter == 'aws'
|
||||
block:
|
||||
- name: Install the drop-in raid-check.timer override
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
dest: /etc/systemd/system/raid-check.timer
|
||||
content: |
|
||||
[Unit]
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: Copy ifcfg-eth1
|
||||
copy: src="ifcfg-eth1" dest=/etc/sysconfig/network-scripts/ owner=root group=root mode=644
|
||||
ansible.builtin.copy: src="ifcfg-eth1" dest=/etc/sysconfig/network-scripts/ owner=root group=root mode=644
|
||||
|
||||
- name: Enable network-manager to use the /etc/sysconfig/network-scripts
|
||||
ini_file:
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@
|
|||
mode: "0700"
|
||||
|
||||
- name: Install Pulp auth certificates
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ private }}/files/copr/pulp/{{ item }}"
|
||||
dest: "/home/copr/.config/pulp/"
|
||||
owner: copr
|
||||
|
|
|
|||
|
|
@ -108,7 +108,7 @@
|
|||
provision_user: resalloc
|
||||
|
||||
- name: Install .ansible.cfg for {{ provision_user }} user
|
||||
copy: src=ansible.cfg dest=/var/lib/resallocserver/.ansible.cfg
|
||||
ansible.builtin.copy: src=ansible.cfg dest=/var/lib/resallocserver/.ansible.cfg
|
||||
owner=resalloc group=resalloc mode=600
|
||||
tags:
|
||||
- provision_config
|
||||
|
|
@ -139,7 +139,7 @@
|
|||
group: resalloc
|
||||
|
||||
- name: Resalloc, copy backend ssh identity
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ private }}/files/copr/buildsys.priv"
|
||||
dest: /var/lib/resallocserver/.ssh/id_rsa
|
||||
owner: resalloc
|
||||
|
|
@ -190,7 +190,7 @@
|
|||
- provision_config_resalloc_aws
|
||||
|
||||
- name: Shortcut for creating s390x images in cloud
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: copr-prepare-s390x-image-builder
|
||||
dest: /usr/local/bin/copr-prepare-s390x-image-builder
|
||||
mode: "0755"
|
||||
|
|
@ -201,7 +201,7 @@
|
|||
package: name=ansible-collection-community-general state=latest
|
||||
|
||||
- name: Install IBM Cloud token file
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
content: "IBMCLOUD_API_KEY={{ copr_cloud_ibm_token | default('unset') }}"
|
||||
dest: "{{ ibmcloud_token_file }}"
|
||||
owner: resalloc
|
||||
|
|
|
|||
|
|
@ -20,12 +20,12 @@
|
|||
when: ansible_distribution != 'Fedora'
|
||||
|
||||
- name: Copy .forward file
|
||||
copy: src="{{ _forward_src }}" dest="/root/.forward" owner=root group=root
|
||||
ansible.builtin.copy: src="{{ _forward_src }}" dest="/root/.forward" owner=root group=root
|
||||
tags:
|
||||
- config
|
||||
|
||||
- name: Deploy /etc/hosts file
|
||||
copy: src="hosts" dest=/etc/ owner=root group=root mode=644
|
||||
ansible.builtin.copy: src="hosts" dest=/etc/ owner=root group=root mode=644
|
||||
tags:
|
||||
- config
|
||||
|
||||
|
|
@ -39,7 +39,7 @@
|
|||
when: ansible_distribution == 'Fedora'
|
||||
|
||||
- name: Configure crond
|
||||
copy: src=sysconfig.crond dest=/etc/sysconfig/crond
|
||||
ansible.builtin.copy: src=sysconfig.crond dest=/etc/sysconfig/crond
|
||||
notify: restart crond
|
||||
|
||||
- name: Install base copr packages
|
||||
|
|
@ -69,7 +69,7 @@
|
|||
notify: restart crond
|
||||
|
||||
- name: Override the default rsyslog logrotate file
|
||||
copy: src=syslog-logrotate dest=/etc/logrotate.d/rsyslog
|
||||
ansible.builtin.copy: src=syslog-logrotate dest=/etc/logrotate.d/rsyslog
|
||||
tags:
|
||||
- logrotate
|
||||
when: ansible_distribution == 'Fedora'
|
||||
|
|
|
|||
|
|
@ -49,13 +49,13 @@
|
|||
- restart copr-dist-git
|
||||
|
||||
- name: Set git variables for copr-dist-git user
|
||||
copy: src=".gitconfig" dest="/home/copr-dist-git/.gitconfig"
|
||||
ansible.builtin.copy: src=".gitconfig" dest="/home/copr-dist-git/.gitconfig"
|
||||
|
||||
- name: Set git config username
|
||||
git_config: name=user.name scope=global value="Copr dist git"
|
||||
|
||||
- name: Install httpd config needed for COPR lookaside cache
|
||||
copy: src="httpd/dist-git/{{ item }}" dest="/etc/httpd/conf.d/dist-git/{{ item }}"
|
||||
ansible.builtin.copy: src="httpd/dist-git/{{ item }}" dest="/etc/httpd/conf.d/dist-git/{{ item }}"
|
||||
with_items:
|
||||
- lookaside-copr.conf
|
||||
tags:
|
||||
|
|
@ -70,7 +70,7 @@
|
|||
- certbot
|
||||
|
||||
- name: Install copr-dist-git httpd config
|
||||
copy: src="httpd/{{ item }}" dest="/etc/httpd/conf.d/{{ item }}"
|
||||
ansible.builtin.copy: src="httpd/{{ item }}" dest="/etc/httpd/conf.d/{{ item }}"
|
||||
with_items:
|
||||
- copr-dist-git.conf
|
||||
tags:
|
||||
|
|
@ -84,10 +84,10 @@
|
|||
- reload httpd
|
||||
|
||||
- name: Temporary logrotation fix until copr-dist-git 0.26 is released & deployed
|
||||
copy: src="logrotate.d/copr-dist-git" dest="/etc/logrotate.d/copr-dist-git"
|
||||
ansible.builtin.copy: src="logrotate.d/copr-dist-git" dest="/etc/logrotate.d/copr-dist-git"
|
||||
|
||||
- name: Install /etc/dist-git/dist-git.conf file
|
||||
copy: src="dist-git.conf" dest="/etc/dist-git/dist-git.conf" mode=0644
|
||||
ansible.builtin.copy: src="dist-git.conf" dest="/etc/dist-git/dist-git.conf" mode=0644
|
||||
tags:
|
||||
- config
|
||||
|
||||
|
|
@ -98,7 +98,7 @@
|
|||
seboolean: name=httpd_enable_cgi state=true persistent=true
|
||||
|
||||
- name: Install robots.txt
|
||||
copy: src="robots.txt" dest="/var/www/html/" mode=0644
|
||||
ansible.builtin.copy: src="robots.txt" dest="/var/www/html/" mode=0644
|
||||
tags:
|
||||
- config
|
||||
|
||||
|
|
@ -117,7 +117,7 @@
|
|||
ansible.builtin.file: path=/usr/local/share/selinux state=directory
|
||||
|
||||
- name: Copy over our custom selinux policy for cgit
|
||||
copy: src=git_script_t.pp dest=/usr/local/share/selinux/git_script_t.pp
|
||||
ansible.builtin.copy: src=git_script_t.pp dest=/usr/local/share/selinux/git_script_t.pp
|
||||
register: cgit_selinux_module
|
||||
tags:
|
||||
- selinux
|
||||
|
|
@ -138,7 +138,7 @@
|
|||
template: src="copr.conf" dest="/home/copr-dist-git/.config/copr" owner=copr-dist-git group=copr-dist-git
|
||||
|
||||
- name: Install the helper cron scripts
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ item }}"
|
||||
dest: "/usr/local/bin/{{ item }}"
|
||||
mode: '0755'
|
||||
|
|
@ -149,13 +149,13 @@
|
|||
- test-too-soon
|
||||
|
||||
- name: Install copr-dist-git.daily cron file
|
||||
copy: src="copr-dist-git.daily" dest="/etc/cron.daily/copr-dist-git" mode=755
|
||||
ansible.builtin.copy: src="copr-dist-git.daily" dest="/etc/cron.daily/copr-dist-git" mode=755
|
||||
tags:
|
||||
- config
|
||||
- cron
|
||||
|
||||
- name: Install copr-dist-git.weekly cron file
|
||||
copy: src="copr-dist-git.weekly" dest="/etc/cron.weekly/copr-dist-git" mode=755
|
||||
ansible.builtin.copy: src="copr-dist-git.weekly" dest="/etc/cron.weekly/copr-dist-git" mode=755
|
||||
tags:
|
||||
- config
|
||||
- cron
|
||||
|
|
@ -169,4 +169,4 @@
|
|||
- cron
|
||||
|
||||
- name: Install /etc/gitconfig file
|
||||
copy: src="gitconfig" dest="/etc/gitconfig"
|
||||
ansible.builtin.copy: src="gitconfig" dest="/etc/gitconfig"
|
||||
|
|
|
|||
|
|
@ -11,17 +11,17 @@
|
|||
when: pgsql_ls.stdout is defined and 'postgresql_db_t' not in pgsql_ls.stdout
|
||||
|
||||
- name: Install weekly custom copr-frontend-crontab
|
||||
copy: src=cron.weekly/copr-frontend-optional dest=/etc/cron.weekly/
|
||||
ansible.builtin.copy: src=cron.weekly/copr-frontend-optional dest=/etc/cron.weekly/
|
||||
mode=0755
|
||||
tags: [cron_tasks]
|
||||
|
||||
- name: Install daily custom copr-frontend-crontab
|
||||
copy: src=cron.daily/copr-frontend-optional dest=/etc/cron.daily/
|
||||
ansible.builtin.copy: src=cron.daily/copr-frontend-optional dest=/etc/cron.daily/
|
||||
mode=0755
|
||||
tags: [cron_tasks]
|
||||
|
||||
- name: Install hourly custom copr-frontend-crontab
|
||||
copy: src=cron.hourly/copr-frontend-optional dest=/etc/cron.hourly/
|
||||
ansible.builtin.copy: src=cron.hourly/copr-frontend-optional dest=/etc/cron.hourly/
|
||||
mode=0755
|
||||
tags: [cron_tasks]
|
||||
|
||||
|
|
@ -44,7 +44,7 @@
|
|||
- cron_tasks
|
||||
|
||||
- name: Deploy the prometheus monitoring script
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: copr-frontend-prometheus-monitoring.py
|
||||
dest: /usr/bin/copr-frontend-prometheus-monitoring.py
|
||||
mode: "0750"
|
||||
|
|
@ -93,7 +93,7 @@
|
|||
- copr_infrastructure_password
|
||||
|
||||
- name: Install config for 'copr-frontend chroots-template'
|
||||
copy: src="chroots.conf" dest=/etc/copr/chroots.conf mode=600
|
||||
ansible.builtin.copy: src="chroots.conf" dest=/etc/copr/chroots.conf mode=600
|
||||
owner=copr-fe group=copr-fe
|
||||
register: chroots_conf_installed
|
||||
tags:
|
||||
|
|
@ -152,11 +152,11 @@
|
|||
|
||||
- name: Set dev banner for dev instance
|
||||
when: devel|bool
|
||||
copy: src=banner-include.html dest=/var/lib/copr/
|
||||
ansible.builtin.copy: src=banner-include.html dest=/var/lib/copr/
|
||||
|
||||
- name: Disallow robots on dev instance
|
||||
when: devel|bool
|
||||
copy: src=robots.txt dest=/var/www/html/
|
||||
ansible.builtin.copy: src=robots.txt dest=/var/www/html/
|
||||
|
||||
|
||||
- name: Register whether indexes rebuild is required
|
||||
|
|
@ -189,12 +189,12 @@
|
|||
package_facts: manager=auto
|
||||
|
||||
- name: Install custom systemd service files
|
||||
copy: src=systemd dest=/etc
|
||||
ansible.builtin.copy: src=systemd dest=/etc
|
||||
notify:
|
||||
- reload httpd
|
||||
|
||||
- name: Compress rotated httpd logs
|
||||
copy: src="httpd.logrotate" dest="/etc/logrotate.d/httpd"
|
||||
ansible.builtin.copy: src="httpd.logrotate" dest="/etc/logrotate.d/httpd"
|
||||
tags: [logrotate_tasks]
|
||||
|
||||
- name: Start logrotate service
|
||||
|
|
@ -207,7 +207,7 @@
|
|||
- not services_disabled|bool
|
||||
|
||||
- name: Install bash_profile file to ease some admin tasks
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
content: |
|
||||
export PGUSER=copr-fe
|
||||
export PGDATABASE=coprdb
|
||||
|
|
@ -235,6 +235,6 @@
|
|||
tags: copr_cdn
|
||||
|
||||
- name: Install gai.conf
|
||||
copy: src=gai.conf dest=/etc
|
||||
ansible.builtin.copy: src=gai.conf dest=/etc
|
||||
notify:
|
||||
- reload httpd
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
when: not postgres_initialized.stat.exists
|
||||
|
||||
- name: Copy pg_hba.conf
|
||||
copy: src="pg/pg_hba.conf" dest=/var/lib/pgsql/data/pg_hba.conf owner=postgres group=postgres mode=0600
|
||||
ansible.builtin.copy: src="pg/pg_hba.conf" dest=/var/lib/pgsql/data/pg_hba.conf owner=postgres group=postgres mode=0600
|
||||
notify:
|
||||
- restart postgresql
|
||||
tags:
|
||||
|
|
@ -29,7 +29,7 @@
|
|||
# TODO: I think we missing user creation, check it we do it somewhere else ...
|
||||
|
||||
- name: Copy over backup scriplet
|
||||
copy: src="{{ files }}/../roles/postgresql_server/files/backup-database" dest=/usr/local/bin/backup-database mode=0755
|
||||
ansible.builtin.copy: src="{{ files }}/../roles/postgresql_server/files/backup-database" dest=/usr/local/bin/backup-database mode=0755
|
||||
tags:
|
||||
- config
|
||||
|
||||
|
|
@ -120,7 +120,7 @@
|
|||
- config
|
||||
|
||||
- name: Install psqlrc file
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
content: |
|
||||
\pset linestyle unicode
|
||||
\pset border 2
|
||||
|
|
@ -135,7 +135,7 @@
|
|||
mode: "0600"
|
||||
|
||||
- name: Install pgpass file
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
content: |
|
||||
localhost:*:coprdb:copr-fe:{{ copr_database_password }}
|
||||
dest: "{{ copr_fe_homedir }}/.pgpass"
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: OpenStack package repository for RHEL8, noarch only
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
content: |
|
||||
[openstack-for-rhel8]
|
||||
name = RHEL OpenStack RPMs
|
||||
|
|
@ -27,7 +27,7 @@
|
|||
# tags: swap
|
||||
|
||||
- name: Install the default profile script
|
||||
copy: src=profile.sh dest=/etc/profile.d/copr-hypervisor.sh
|
||||
ansible.builtin.copy: src=profile.sh dest=/etc/profile.d/copr-hypervisor.sh
|
||||
tags: profile_scripts
|
||||
|
||||
- name: Install libvirt packages
|
||||
|
|
@ -46,7 +46,7 @@
|
|||
- libvirtd
|
||||
|
||||
- name: Install libvirtd.conf
|
||||
copy: src="{{ files }}/virthost/libvirtd.conf" dest=/etc/libvirt/libvirtd.conf
|
||||
ansible.builtin.copy: src="{{ files }}/virthost/libvirtd.conf" dest=/etc/libvirt/libvirtd.conf
|
||||
notify:
|
||||
- restart libvirtd
|
||||
tags:
|
||||
|
|
@ -88,7 +88,7 @@
|
|||
tags: libvirtd
|
||||
|
||||
- name: Copy host-bridge config file to host
|
||||
copy: src=libvirt-net-bridge.xml
|
||||
ansible.builtin.copy: src=libvirt-net-bridge.xml
|
||||
dest=/root/.tmp-ansible-file.xml
|
||||
when: libvirt_bridge_exists.changed
|
||||
tags: libvirtd
|
||||
|
|
@ -155,14 +155,14 @@
|
|||
|
||||
# todo: generate it's own key
|
||||
- name: Make sure hostA can ssh to hostB
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ private }}/files/copr/buildsys.priv"
|
||||
dest: /home/copr/.ssh/id_rsa
|
||||
owner: copr
|
||||
mode: "0600"
|
||||
|
||||
- name: Provide pub key, too, so we can install them to generated builder images
|
||||
copy: src=buildsys.pub dest=/home/copr/.ssh/id_rsa.pub
|
||||
ansible.builtin.copy: src=buildsys.pub dest=/home/copr/.ssh/id_rsa.pub
|
||||
owner=copr mode=0600
|
||||
|
||||
- name: Enable praiskup-helpers repo
|
||||
|
|
@ -183,7 +183,7 @@
|
|||
- packages
|
||||
|
||||
- name: Install configuration for /bin/copr-image
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
dest: /etc/eimg/eimg.sh
|
||||
content: |
|
||||
EIMG_COPR_PLAYBOOK_DIR=/home/copr/provision
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
ansible.builtin.file: path=/var/lib/copr-keygen owner=copr-signer group=copr-signer recurse=yes
|
||||
|
||||
- name: Put keygen vhost for httpd
|
||||
copy: src="httpd/copr-keygen.conf" dest="/etc/httpd/conf.d/copr-keygen.conf"
|
||||
ansible.builtin.copy: src="httpd/copr-keygen.conf" dest="/etc/httpd/conf.d/copr-keygen.conf"
|
||||
notify:
|
||||
- reload httpd
|
||||
tags:
|
||||
|
|
@ -48,7 +48,7 @@
|
|||
ansible.builtin.file: dest=/usr/local/share/copr state=directory
|
||||
|
||||
- name: Copy over our custom selinux module
|
||||
copy: src=selinux/copr_rules.pp dest=/usr/local/share/copr/copr_rules.pp
|
||||
ansible.builtin.copy: src=selinux/copr_rules.pp dest=/usr/local/share/copr/copr_rules.pp
|
||||
register: selinux_module
|
||||
|
||||
- name: Install our custom selinux module
|
||||
|
|
|
|||
|
|
@ -3,7 +3,12 @@
|
|||
ansible.builtin.file: path=/backup state=directory
|
||||
|
||||
- name: Copy pubkey for backup encryption
|
||||
copy: src="{{ private }}/files/copr/keygen/backup_key.asc" dest="/root/backup_key.asc"
|
||||
ansible.builtin.copy: src="{{ private }}/files/copr/keygen/backup_key.asc" dest="/root/backup_key.asc"
|
||||
register: pub_key_installed
|
||||
|
||||
- name: Import pubkey for backup encryption
|
||||
shell: gpg2 --import /root/backup_key.asc creates=/root/backupkeyimported
|
||||
when: pub_key_installed.changed
|
||||
|
||||
- name: Copy backup script
|
||||
copy: src="backup_keyring.sh" dest="/etc/cron.hourly/backup_keyring.sh" owner=root group=root mode=755
|
||||
ansible.builtin.copy: src="backup_keyring.sh" dest="/etc/cron.hourly/backup_keyring.sh" owner=root group=root mode=755
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@
|
|||
|
||||
- name: Copy syncDeveloper script (stg)
|
||||
when: env == "staging"
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=syncDeveloper.stg.sh dest=/usr/local/bin/syncDeveloper owner=root group=root
|
||||
mode=0755
|
||||
tags:
|
||||
|
|
@ -19,19 +19,19 @@
|
|||
|
||||
- name: Copy syncDeveloper script (prod)
|
||||
when: env == "production"
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=syncDeveloper.sh dest=/usr/local/bin/syncDeveloper owner=root group=root
|
||||
mode=0755
|
||||
tags:
|
||||
- developer.fedoraproject.org
|
||||
|
||||
- name: Install rss.py script
|
||||
copy: src=rss.py dest=/usr/local/bin/rss.py mode=0755 owner=root group=root
|
||||
ansible.builtin.copy: src=rss.py dest=/usr/local/bin/rss.py mode=0755 owner=root group=root
|
||||
tags:
|
||||
- developer.fedoraproject.org
|
||||
|
||||
- name: Install the syncDeveloper cron job
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src={{item}}.cron dest=/etc/cron.d/{{item}}.cron
|
||||
owner=root group=root mode=0644
|
||||
with_items:
|
||||
|
|
|
|||
|
|
@ -1,11 +1,11 @@
|
|||
---
|
||||
- name: Copy in the sync-developer cronjob
|
||||
copy: src=cron-sync-developer dest=/etc/cron.d/sync-developer
|
||||
ansible.builtin.copy: src=cron-sync-developer dest=/etc/cron.d/sync-developer
|
||||
tags:
|
||||
- developer
|
||||
|
||||
- name: Copy some config files for {{website}}
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src={{item}} dest=/etc/httpd/conf.d/{{website}}/{{item}}
|
||||
owner=root group=root mode=0644
|
||||
with_items:
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
- dhcp_server
|
||||
|
||||
- name: Setup dhcpd.conf
|
||||
copy: src=dhcpd.conf.{{ inventory_hostname }} dest=/etc/dhcp/dhcpd.conf mode=644
|
||||
ansible.builtin.copy: src=dhcpd.conf.{{ inventory_hostname }} dest=/etc/dhcp/dhcpd.conf mode=644
|
||||
notify:
|
||||
- restart dhcpd
|
||||
tags:
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@
|
|||
# Set-up stunnel for the event source server
|
||||
|
||||
# - name: Install stunnel service definition
|
||||
# copy: src=stunnel.service
|
||||
# ansible.builtin.copy: src=stunnel.service
|
||||
# dest=/usr/lib/systemd/system/stunnel.service
|
||||
# owner=root group=root mode=0755
|
||||
# notify:
|
||||
|
|
@ -238,7 +238,7 @@
|
|||
- pagure
|
||||
|
||||
- name: Override the default pagure_worker.service file to change the user it is run under
|
||||
copy: src={{ item }}.service
|
||||
ansible.builtin.copy: src={{ item }}.service
|
||||
dest=/etc/systemd/system/{{ item }}.service
|
||||
owner=root group=root mode=0755
|
||||
with_items:
|
||||
|
|
@ -259,7 +259,7 @@
|
|||
|
||||
# Cron job to export extras information from the pagure DB
|
||||
- name: Install the apache configuration file for /extras
|
||||
copy: src={{ item }} dest=/etc/httpd/conf.d/{{ item }}
|
||||
ansible.builtin.copy: src={{ item }} dest=/etc/httpd/conf.d/{{ item }}
|
||||
owner=root group=root mode=0644
|
||||
with_items:
|
||||
- pagure_cron.conf
|
||||
|
|
@ -341,7 +341,7 @@
|
|||
- fedora-messaging
|
||||
|
||||
- name: Deploy pagure/rabbitmq certificate
|
||||
copy: src={{ item.src }}
|
||||
ansible.builtin.copy: src={{ item.src }}
|
||||
dest=/etc/pki/rabbitmq/pagurecert/{{ item.dest }}
|
||||
owner={{ item.owner }} group={{ item.group}} mode={{ item.mode }}
|
||||
with_items:
|
||||
|
|
@ -387,7 +387,7 @@
|
|||
- postfix
|
||||
|
||||
- name: Add SAR script for pagure
|
||||
copy: src={{ roles_path }}/pagure/files/pagure_sar.py
|
||||
ansible.builtin.copy: src={{ roles_path }}/pagure/files/pagure_sar.py
|
||||
dest=/usr/local/bin/pagure_sar.py
|
||||
owner=root mode=0700
|
||||
tags:
|
||||
|
|
@ -396,7 +396,7 @@
|
|||
- pagure
|
||||
|
||||
- name: Override the default syslog logrotate file
|
||||
copy: src=syslog-logrotate dest=/etc/logrotate.d/syslog
|
||||
ansible.builtin.copy: src=syslog-logrotate dest=/etc/logrotate.d/syslog
|
||||
tags:
|
||||
- pagure
|
||||
- logrotate
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
# -- Common ----------------------------------------------
|
||||
# This is very basic stuff that is needed by multiple of the next sections.
|
||||
- name: Enable the mod_auth_openidc module on rhel8
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
dest: /etc/dnf/modules.d/mod_auth_openidc.module
|
||||
content: |
|
||||
[mod_auth_openidc]
|
||||
|
|
@ -47,7 +47,7 @@
|
|||
- distgit
|
||||
|
||||
- name: Install suexec wrappers
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src=suexec-{{item}}.sh
|
||||
dest=/var/www/bin/suexec-{{item}}.sh
|
||||
owner=pagure
|
||||
|
|
@ -60,12 +60,12 @@
|
|||
- distgit
|
||||
|
||||
- name: Put in git service config
|
||||
copy: src=git@.service dest=/etc/systemd/system/git@.service
|
||||
ansible.builtin.copy: src=git@.service dest=/etc/systemd/system/git@.service
|
||||
tags:
|
||||
- distgit
|
||||
|
||||
- name: Install the mod_ssl configuration
|
||||
copy: src=ssl.conf dest=/etc/httpd/conf.d/ssl.conf
|
||||
ansible.builtin.copy: src=ssl.conf dest=/etc/httpd/conf.d/ssl.conf
|
||||
notify:
|
||||
- reload httpd
|
||||
tags:
|
||||
|
|
@ -81,7 +81,7 @@
|
|||
- letsencrypt
|
||||
|
||||
- name: Install the keytab
|
||||
copy: src="{{ private }}/files/keytabs/{{env}}/pkgs"
|
||||
ansible.builtin.copy: src="{{ private }}/files/keytabs/{{env}}/pkgs"
|
||||
dest=/etc/httpd.keytab
|
||||
owner=apache
|
||||
group=apache
|
||||
|
|
@ -111,7 +111,7 @@
|
|||
# do, this installs that wrapper (which is otherwise configured in sshd_config)
|
||||
|
||||
- name: Install the ssh_wrapper wrapper script
|
||||
copy: src=ssh_wrapper dest=/usr/local/bin/ssh_wrapper mode=0755
|
||||
ansible.builtin.copy: src=ssh_wrapper dest=/usr/local/bin/ssh_wrapper mode=0755
|
||||
tags:
|
||||
- config
|
||||
- distgit
|
||||
|
|
@ -129,7 +129,7 @@
|
|||
- distgit
|
||||
|
||||
- name: Install the dist-git config
|
||||
copy: src=dist-git.conf dest=/etc/dist-git/dist-git.conf
|
||||
ansible.builtin.copy: src=dist-git.conf dest=/etc/dist-git/dist-git.conf
|
||||
tags:
|
||||
- config
|
||||
- distgit
|
||||
|
|
@ -188,7 +188,7 @@
|
|||
- distgit
|
||||
|
||||
- name: Install robots.txt files
|
||||
copy: src={{item}} dest=/var/www/{{item}}
|
||||
ansible.builtin.copy: src={{item}} dest=/var/www/{{item}}
|
||||
with_items:
|
||||
- robots-pkgs.txt
|
||||
- robots-src.txt
|
||||
|
|
@ -196,14 +196,14 @@
|
|||
- distgit
|
||||
|
||||
- name: Install the DistGit related httpd config
|
||||
copy: src=git-smart-http.conf dest=/etc/httpd/conf.d/dist-git/git-smart-http.conf
|
||||
ansible.builtin.copy: src=git-smart-http.conf dest=/etc/httpd/conf.d/dist-git/git-smart-http.conf
|
||||
notify:
|
||||
- reload httpd
|
||||
tags:
|
||||
- distgit
|
||||
|
||||
- name: Symlink pkgs-git-repos-list
|
||||
copy: src=repolist.conf dest=/etc/httpd/conf.d/dist-git/repolist.conf
|
||||
ansible.builtin.copy: src=repolist.conf dest=/etc/httpd/conf.d/dist-git/repolist.conf
|
||||
notify:
|
||||
- reload httpd
|
||||
tags:
|
||||
|
|
@ -219,12 +219,12 @@
|
|||
- distgit
|
||||
|
||||
- name: Schedule the script to get retired packages
|
||||
copy: src="retired-packages.cron" dest="/etc/cron.d/retired-packages.cron" mode=644 owner=root group=root
|
||||
ansible.builtin.copy: src="retired-packages.cron" dest="/etc/cron.d/retired-packages.cron" mode=644 owner=root group=root
|
||||
tags:
|
||||
- distgit
|
||||
|
||||
- name: Install the two scripts needed for mass-branching
|
||||
copy: src={{item}} dest=/usr/local/bin/{{item}} owner=root group=root mode=0755
|
||||
ansible.builtin.copy: src={{item}} dest=/usr/local/bin/{{item}} owner=root group=root mode=0755
|
||||
with_items:
|
||||
- mass-branching-git.py
|
||||
- mass-branching-gitolite.py
|
||||
|
|
@ -288,12 +288,12 @@
|
|||
- distgit
|
||||
|
||||
- name: Install the fedora-ca.cert
|
||||
copy: src={{private}}/files/fedora-ca.cert dest=/etc/httpd/conf/cacert.pem
|
||||
ansible.builtin.copy: src={{private}}/files/fedora-ca.cert dest=/etc/httpd/conf/cacert.pem
|
||||
tags:
|
||||
- distgit
|
||||
|
||||
- name: Install the pkgs cert
|
||||
copy: src={{private}}/files/pkgs.fedoraproject.org_key_and_cert.pem
|
||||
ansible.builtin.copy: src={{private}}/files/pkgs.fedoraproject.org_key_and_cert.pem
|
||||
dest=/etc/httpd/conf/pkgs.fedoraproject.org_key_and_cert.pem
|
||||
owner=apache mode=0400
|
||||
when: env != "staging"
|
||||
|
|
@ -301,7 +301,7 @@
|
|||
- distgit
|
||||
|
||||
- name: Install the pkgs.stg cert
|
||||
copy: src={{private}}/files/pkgs.stg.fedoraproject.org_key_and_cert.pem
|
||||
ansible.builtin.copy: src={{private}}/files/pkgs.stg.fedoraproject.org_key_and_cert.pem
|
||||
dest=/etc/httpd/conf/pkgs.fedoraproject.org_key_and_cert.pem
|
||||
owner=apache mode=0400
|
||||
when: env == "staging"
|
||||
|
|
@ -314,7 +314,7 @@
|
|||
tags: selinux
|
||||
|
||||
- name: Copy over our custom selinux policy
|
||||
copy: src=upload_cgi.pp dest=/usr/local/share/selinux/upload_cgi.pp
|
||||
ansible.builtin.copy: src=upload_cgi.pp dest=/usr/local/share/selinux/upload_cgi.pp
|
||||
register: selinux_module
|
||||
tags: selinux
|
||||
|
||||
|
|
@ -324,7 +324,7 @@
|
|||
tags: selinux
|
||||
|
||||
- name: Copy over our custom nfs selinux policy
|
||||
copy: src=cgi-nfs.pp dest=/usr/local/share/selinux/cgi-nfs.pp
|
||||
ansible.builtin.copy: src=cgi-nfs.pp dest=/usr/local/share/selinux/cgi-nfs.pp
|
||||
register: nfs_selinux_module
|
||||
tags: selinux
|
||||
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@
|
|||
- dns
|
||||
|
||||
- name: Copy rndc config
|
||||
copy: src=rndc.conf dest=/etc/rndc.conf
|
||||
ansible.builtin.copy: src=rndc.conf dest=/etc/rndc.conf
|
||||
notify:
|
||||
- restart named
|
||||
tags:
|
||||
|
|
@ -18,7 +18,7 @@
|
|||
- dns
|
||||
|
||||
- name: Copy rndc key
|
||||
copy: src={{ private }}/files/dns/rndc.key dest=/etc/rndc.key
|
||||
ansible.builtin.copy: src={{ private }}/files/dns/rndc.key dest=/etc/rndc.key
|
||||
notify:
|
||||
- restart named
|
||||
tags:
|
||||
|
|
@ -26,7 +26,7 @@
|
|||
- dns
|
||||
|
||||
- name: Copy named cache
|
||||
copy: src=named.ca dest=/var/named/named.ca
|
||||
ansible.builtin.copy: src=named.ca dest=/var/named/named.ca
|
||||
notify:
|
||||
- restart named
|
||||
tags:
|
||||
|
|
@ -34,7 +34,7 @@
|
|||
- dns
|
||||
|
||||
- name: Copy geoip.py
|
||||
copy: src=geoip.py dest=/usr/local/bin/geoip.py mode=0755
|
||||
ansible.builtin.copy: src=geoip.py dest=/usr/local/bin/geoip.py mode=0755
|
||||
notify:
|
||||
- restart named
|
||||
tags:
|
||||
|
|
@ -42,7 +42,7 @@
|
|||
- dns
|
||||
|
||||
- name: Copy GeoIP.sh
|
||||
copy: src=GeoIP.sh dest=/var/named/GeoIP.sh mode=0755
|
||||
ansible.builtin.copy: src=GeoIP.sh dest=/var/named/GeoIP.sh mode=0755
|
||||
notify:
|
||||
- restart named
|
||||
tags:
|
||||
|
|
@ -58,7 +58,7 @@
|
|||
# - dns
|
||||
|
||||
- name: Copy update-dns
|
||||
copy: src=update-dns dest=/usr/local/bin/update-dns mode=0755
|
||||
ansible.builtin.copy: src=update-dns dest=/usr/local/bin/update-dns mode=0755
|
||||
notify:
|
||||
- restart named
|
||||
tags:
|
||||
|
|
@ -66,7 +66,7 @@
|
|||
- dns
|
||||
|
||||
- name: Copy zones
|
||||
copy: src=zones.conf dest=/etc/named/zones.conf owner=root group=root mode=0644
|
||||
ansible.builtin.copy: src=zones.conf dest=/etc/named/zones.conf owner=root group=root mode=0644
|
||||
notify:
|
||||
- restart named
|
||||
tags:
|
||||
|
|
@ -74,7 +74,7 @@
|
|||
- dns
|
||||
|
||||
- name: Copy named config
|
||||
copy: src=named.conf dest=/etc/named.conf mode=0644 owner=root group=root
|
||||
ansible.builtin.copy: src=named.conf dest=/etc/named.conf mode=0644 owner=root group=root
|
||||
notify:
|
||||
- restart named
|
||||
tags:
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@
|
|||
- docker-distribution
|
||||
|
||||
- name: Install tls cert for docker
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ cert.cert_src }}"
|
||||
dest: "{{ cert.dest_dir}}/{{ cert.cert_dest }}"
|
||||
when: tls.enabled
|
||||
|
|
@ -40,7 +40,7 @@
|
|||
- docker-distribution
|
||||
|
||||
- name: Install tls key for docker
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ cert.key_src }}"
|
||||
dest: "{{ cert.dest_dir}}/{{ cert.key_dest }}"
|
||||
when: tls.enabled
|
||||
|
|
@ -48,7 +48,7 @@
|
|||
- docker-distribution
|
||||
|
||||
- name: Override the default syslog logrotate file
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src=syslog-logrotate
|
||||
dest=/etc/logrotate.d/rsyslog
|
||||
tags:
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@
|
|||
template: src=rsync/motd_fedora.j2 dest=/etc/motd_fedora
|
||||
|
||||
- name: Configure logrotate for /var/log/rsyncd-fedora.log
|
||||
copy: src=logrotate-rsync-fedora dest=/etc/logrotate.d/rsync-fedora
|
||||
ansible.builtin.copy: src=logrotate-rsync-fedora dest=/etc/logrotate.d/rsync-fedora
|
||||
|
||||
- name: Check the selinux context pubdir
|
||||
command: matchpathcon /srv/pub
|
||||
|
|
@ -56,13 +56,13 @@
|
|||
- selinux
|
||||
|
||||
- name: Copy wildcard cert from puppet private
|
||||
copy: src="{{private}}/files/httpd/wildcard-2024.fedoraproject.org.cert" dest=/etc/pki/tls/certs/wildcard-2024.fedoraproject.org.cert owner=root group=root mode=0644
|
||||
ansible.builtin.copy: src="{{private}}/files/httpd/wildcard-2024.fedoraproject.org.cert" dest=/etc/pki/tls/certs/wildcard-2024.fedoraproject.org.cert owner=root group=root mode=0644
|
||||
|
||||
- name: Copy wildcard key from puppet private
|
||||
copy: src="{{private}}/files/httpd/wildcard-2024.fedoraproject.org.key" dest=/etc/pki/tls/private/wildcard-2024.fedoraproject.org.key owner=root group=root mode=0600
|
||||
ansible.builtin.copy: src="{{private}}/files/httpd/wildcard-2024.fedoraproject.org.key" dest=/etc/pki/tls/private/wildcard-2024.fedoraproject.org.key owner=root group=root mode=0600
|
||||
|
||||
- name: Copy intermediate wildcard cert from puppet private
|
||||
copy: src="{{private}}/files/httpd/wildcard-2024.fedoraproject.org.intermediate.cert" dest=/etc/pki/tls/certs/wildcard-2024.fedoraproject.org.intermediate.cert owner=root group=root mode=0644
|
||||
ansible.builtin.copy: src="{{private}}/files/httpd/wildcard-2024.fedoraproject.org.intermediate.cert" dest=/etc/pki/tls/certs/wildcard-2024.fedoraproject.org.intermediate.cert owner=root group=root mode=0644
|
||||
|
||||
- name: Configure httpd dl main conf
|
||||
template: src=httpd/dl.fedoraproject.org.conf dest=/etc/httpd/conf.d/dl.fedoraproject.org.conf
|
||||
|
|
@ -74,7 +74,7 @@
|
|||
- reload httpd
|
||||
|
||||
- name: Make sure apache autoindex.conf is replaced with ours
|
||||
copy: src=httpd/dl.fedoraproject.org/autoindex.conf dest=/etc/httpd/conf.d/autoindex.conf
|
||||
ansible.builtin.copy: src=httpd/dl.fedoraproject.org/autoindex.conf dest=/etc/httpd/conf.d/autoindex.conf
|
||||
tags:
|
||||
- httpd
|
||||
- config
|
||||
|
|
@ -82,7 +82,7 @@
|
|||
- reload httpd
|
||||
|
||||
- name: Configure httpd dl sub conf
|
||||
copy: src=httpd/dl.fedoraproject.org/ dest=/etc/httpd/conf.d/dl.fedoraproject.org/
|
||||
ansible.builtin.copy: src=httpd/dl.fedoraproject.org/ dest=/etc/httpd/conf.d/dl.fedoraproject.org/
|
||||
tags:
|
||||
- httpd
|
||||
- config
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@
|
|||
|
||||
## Install all files
|
||||
- name: Install the easyfix js/css files
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src={{ item }} dest=/srv/web/easyfix/{{ item }}
|
||||
owner=root group=root mode=0644
|
||||
with_items:
|
||||
|
|
@ -45,7 +45,7 @@
|
|||
- easyfix
|
||||
|
||||
- name: Install the easyfix template
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=template.html dest=/etc/fedora-gather-easyfix/template.html
|
||||
owner=root group=root mode=0644
|
||||
tags:
|
||||
|
|
@ -63,7 +63,7 @@
|
|||
|
||||
## Install the cron job
|
||||
- name: Install the easyfix cronjob
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=easyfix.cron dest=/etc/cron.d/easyfix.cron
|
||||
owner=root group=root mode=0644
|
||||
tags:
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@
|
|||
- easyfix/proxy
|
||||
|
||||
- name: Install the sync-easyfix cronjob to pull content from gatherer
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=sync-easyfix.cron dest=/etc/cron.d/sync-easyfix.cron
|
||||
owner=root group=root mode=0644
|
||||
tags:
|
||||
|
|
|
|||
|
|
@ -21,14 +21,14 @@
|
|||
when: fasjson_aliases is defined
|
||||
|
||||
- name: Fasjson-aliases cron job
|
||||
copy: src=fasjson-aliases.cron dest=/etc/cron.d/fasjson-aliases owner=root mode=0644
|
||||
ansible.builtin.copy: src=fasjson-aliases.cron dest=/etc/cron.d/fasjson-aliases owner=root mode=0644
|
||||
tags:
|
||||
- config
|
||||
- fasjson
|
||||
when: fasjson_aliases is defined
|
||||
|
||||
- name: Fasjson-aliases base static file
|
||||
copy: src=aliases.static dest=/etc/aliases.static owner=root mode=0644
|
||||
ansible.builtin.copy: src=aliases.static dest=/etc/aliases.static owner=root mode=0644
|
||||
tags:
|
||||
- config
|
||||
- fasjson
|
||||
|
|
|
|||
|
|
@ -188,7 +188,7 @@
|
|||
- restart fedmsg-relay
|
||||
|
||||
- name: Overwrite standard config with local fedmsg debugging loopback
|
||||
copy: src=relay-debug-loopback.py dest=/etc/fedmsg.d/relay.py
|
||||
ansible.builtin.copy: src=relay-debug-loopback.py dest=/etc/fedmsg.d/relay.py
|
||||
when: fedmsg_debug_loopback == true
|
||||
tags:
|
||||
- fedmsg_loopback
|
||||
|
|
@ -214,7 +214,7 @@
|
|||
- fedmsg/base
|
||||
|
||||
- name: Install fedmsg ca.cert
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src="{{ private }}/files/fedmsg-certs/keys/ca.crt"
|
||||
dest=/etc/pki/fedmsg/ca.crt
|
||||
owner=root
|
||||
|
|
@ -225,7 +225,7 @@
|
|||
- fedmsg/base
|
||||
|
||||
- name: Fedmsg certs
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src="{{ private }}/files/fedmsg-certs/keys/{{item['service']}}-{{fedmsg_fqdn | default(inventory_hostname)}}.crt"
|
||||
dest=/etc/pki/fedmsg/
|
||||
mode=644
|
||||
|
|
@ -239,7 +239,7 @@
|
|||
- fedmsg/base
|
||||
|
||||
- name: Fedmsg keys
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src="{{ private }}/files/fedmsg-certs/keys/{{item['service']}}-{{fedmsg_fqdn | default(inventory_hostname)}}.key"
|
||||
dest=/etc/pki/fedmsg/
|
||||
mode=0640
|
||||
|
|
@ -259,7 +259,7 @@
|
|||
- fedmsg/base
|
||||
|
||||
- name: Copy over our custom selinux module
|
||||
copy: src=selinux/fedmsg.pp dest=/usr/local/share/fedmsg/fedmsg.pp
|
||||
ansible.builtin.copy: src=selinux/fedmsg.pp dest=/usr/local/share/fedmsg/fedmsg.pp
|
||||
register: selinux_module
|
||||
tags:
|
||||
- fedmsg/base
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@
|
|||
- fedmsg/proxy
|
||||
|
||||
- name: Copy over our crl from the private repo
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src={{private}}/files/fedmsg-certs/keys/crl.pem dest=/srv/web/fedmsg/crl.pem
|
||||
owner=root group=root mode=0644
|
||||
tags:
|
||||
|
|
@ -24,7 +24,7 @@
|
|||
# End users (fedmsg-notify) need it to be able to validate our outbound
|
||||
# messages.
|
||||
- name: Copy over our CA cert from the private repo
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src={{private}}/files/fedmsg-certs/keys/ca.crt dest=/srv/web/fedmsg/ca.crt
|
||||
owner=root group=root mode=0644
|
||||
tags:
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@
|
|||
# - patch
|
||||
|
||||
- name: Copy in empty endpoints.py and gateway.py
|
||||
copy: src={{item}} dest=/etc/fedmsg.d/{{item}}
|
||||
ansible.builtin.copy: src={{item}} dest=/etc/fedmsg.d/{{item}}
|
||||
with_items:
|
||||
- endpoints.py
|
||||
- gateway.py
|
||||
|
|
@ -69,7 +69,7 @@
|
|||
- fedmsg/gateway/slave
|
||||
|
||||
- name: Install stunnel service definition
|
||||
copy: src=stunnel.service
|
||||
ansible.builtin.copy: src=stunnel.service
|
||||
dest=/usr/lib/systemd/system/stunnel.service
|
||||
owner=root group=root mode=0644
|
||||
notify:
|
||||
|
|
@ -97,7 +97,7 @@
|
|||
- fedmsg/gateway/slave
|
||||
|
||||
- name: Put our combined cert in place
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src={{private}}/files/httpd/wildcard-2024.fedoraproject.org.combined.cert
|
||||
dest=/etc/pki/tls/certs/wildcard-2024.fedoraproject.org.combined.cert
|
||||
owner=root group=root mode=0644
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@
|
|||
- fedmsgmonitor
|
||||
|
||||
- name: Setup fedmsg-gateway config file
|
||||
copy: src=gateway.py dest=/etc/fedmsg.d/gateway.py
|
||||
ansible.builtin.copy: src=gateway.py dest=/etc/fedmsg.d/gateway.py
|
||||
tags:
|
||||
- config
|
||||
- fedmsg/gateway
|
||||
|
|
@ -32,7 +32,7 @@
|
|||
- fedmsg/gateway
|
||||
|
||||
- name: Bump fs limits by installing a drop-in systemd config
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src=fs-limits.conf
|
||||
dest=/etc/systemd/system/fedmsg-gateway.service.d/fs-limits.conf
|
||||
tags:
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@
|
|||
when: "'python34_fedmsg' in group_names"
|
||||
|
||||
- name: Enable the websocket server if we should
|
||||
copy: src=websockets.py dest=/etc/fedmsg.d/websockets.py
|
||||
ansible.builtin.copy: src=websockets.py dest=/etc/fedmsg.d/websockets.py
|
||||
when: enable_websocket_server
|
||||
notify: restart fedmsg-hub
|
||||
|
||||
|
|
|
|||
|
|
@ -8,17 +8,23 @@
|
|||
- fedora-budget
|
||||
- fedora-budget/build
|
||||
|
||||
- copy: >
|
||||
src=cron-budget-sync dest=/etc/cron.d/budget-sync
|
||||
owner=root group=root mode=0644
|
||||
- ansible.builtin.copy:
|
||||
src: cron-budget-sync
|
||||
dest: /etc/cron.d/budget-sync
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
tags:
|
||||
- fedora-budget
|
||||
- fedora-budget/build
|
||||
when: env == "production"
|
||||
|
||||
- copy: >
|
||||
src=cron-budget-sync.stg dest=/etc/cron.d/budget-sync
|
||||
owner=root group=root mode=0644
|
||||
- ansible.builtin.copy:
|
||||
src: cron-budget-sync.stg
|
||||
dest: /etc/cron.d/budget-sync
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
tags:
|
||||
- fedora-budget
|
||||
- fedora-budget/build
|
||||
|
|
|
|||
|
|
@ -1,20 +1,20 @@
|
|||
---
|
||||
- name: Copy in the sync-budget cronjob
|
||||
copy: src=cron-sync-budget dest=/etc/cron.d/sync-budget
|
||||
ansible.builtin.copy: src=cron-sync-budget dest=/etc/cron.d/sync-budget
|
||||
tags:
|
||||
- fedora-web
|
||||
- fedora-web/budget
|
||||
when: env != "staging"
|
||||
|
||||
- name: Copy in the sync-budget cronjob (stg)
|
||||
copy: src=cron-sync-budget.stg dest=/etc/cron.d/sync-budget
|
||||
ansible.builtin.copy: src=cron-sync-budget.stg dest=/etc/cron.d/sync-budget
|
||||
tags:
|
||||
- fedora-web
|
||||
- fedora-web/budget
|
||||
when: env == "staging"
|
||||
|
||||
- name: Copy some config files for {{website}}
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src={{item}} dest=/etc/httpd/conf.d/{{website}}/{{item}}
|
||||
owner=root group=root mode=0644
|
||||
with_items:
|
||||
|
|
|
|||
|
|
@ -6,17 +6,23 @@
|
|||
- fedora-docs
|
||||
- fedora-docs/build
|
||||
|
||||
- copy: >
|
||||
src=cron-docs-sync dest=/etc/cron.d/docs-sync
|
||||
owner=root group=root mode=0644
|
||||
- ansible.builtin.copy:
|
||||
src: cron-docs-sync
|
||||
dest: /etc/cron.d/docs-sync
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
tags:
|
||||
- fedora-docs
|
||||
- fedora-docs/build
|
||||
when: env == "production"
|
||||
|
||||
- copy: >
|
||||
src=cron-docs-sync.stg dest=/etc/cron.d/docs-sync
|
||||
owner=root group=root mode=0644
|
||||
- ansible.builtin.copy:
|
||||
src: cron-docs-sync.stg
|
||||
dest: /etc/cron.d/docs-sync
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
tags:
|
||||
- fedora-docs
|
||||
- fedora-docs/build
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
- copy: >
|
||||
- ansible.builtin.copy: >
|
||||
src=docs-rsync.stg dest=/usr/local/bin/docs-rsync
|
||||
owner=root group=root mode=0755
|
||||
tags:
|
||||
|
|
@ -7,7 +7,7 @@
|
|||
- fedora-docs/proxy
|
||||
when: env == "staging"
|
||||
|
||||
- copy: >
|
||||
- ansible.builtin.copy: >
|
||||
src=docs-rsync dest=/usr/local/bin/docs-rsync
|
||||
owner=root group=root mode=0755
|
||||
tags:
|
||||
|
|
@ -15,7 +15,7 @@
|
|||
- fedora-docs/proxy
|
||||
when: env == "production"
|
||||
|
||||
- copy: >
|
||||
- ansible.builtin.copy: >
|
||||
src=cron-docs-rsync dest=/etc/cron.d/docs-rsync
|
||||
owner=root group=root mode=0644
|
||||
tags:
|
||||
|
|
@ -23,7 +23,7 @@
|
|||
- fedora-docs/proxy
|
||||
when: env == "production"
|
||||
|
||||
- copy: >
|
||||
- ansible.builtin.copy: >
|
||||
src=cron-docs-rsync.stg dest=/etc/cron.d/docs-rsync
|
||||
owner=root group=root mode=0644
|
||||
tags:
|
||||
|
|
@ -31,7 +31,7 @@
|
|||
- fedora-docs/proxy
|
||||
when: env == "staging"
|
||||
|
||||
- copy: >
|
||||
- ansible.builtin.copy: >
|
||||
src={{item}} dest=/etc/httpd/conf.d/{{website}}/{{item}}
|
||||
owner=root group=root mode=0644
|
||||
with_items:
|
||||
|
|
@ -44,7 +44,7 @@
|
|||
- fedora-docs/proxy
|
||||
when: env == "production"
|
||||
|
||||
- copy: >
|
||||
- ansible.builtin.copy: >
|
||||
src={{item}}.stg dest=/etc/httpd/conf.d/{{website}}/{{item}}
|
||||
owner=root group=root mode=0644
|
||||
with_items:
|
||||
|
|
|
|||
|
|
@ -49,7 +49,7 @@
|
|||
debug:
|
||||
var: user_result.ssh_public_key
|
||||
|
||||
- copy:
|
||||
- ansible.builtin.copy:
|
||||
src: ssh_config
|
||||
dest: ~_update_docs_trans/.ssh/config
|
||||
owner: _update_docs_trans
|
||||
|
|
@ -58,7 +58,7 @@
|
|||
tags:
|
||||
- fedora-docs-translation
|
||||
|
||||
- copy:
|
||||
- ansible.builtin.copy:
|
||||
src: docs-translation-update
|
||||
dest: /usr/local/bin/docs-translation-update
|
||||
owner: root
|
||||
|
|
@ -67,7 +67,7 @@
|
|||
tags:
|
||||
- fedora-docs-translation
|
||||
|
||||
- copy:
|
||||
- ansible.builtin.copy:
|
||||
src: cron-docs-translation-update
|
||||
dest: /etc/cron.d/cron-docs-translation-update
|
||||
owner: root
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: Install messaging script for our improvized tracing
|
||||
copy: src=simple_message_to_bus dest=/usr/local/bin/ mode=0755
|
||||
ansible.builtin.copy: src=simple_message_to_bus dest=/usr/local/bin/ mode=0755
|
||||
tags:
|
||||
- fedora-messaging
|
||||
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
---
|
||||
- name: Copy in the sync-alt cronjob
|
||||
copy: src=cron-sync-alt dest=/etc/cron.d/sync-alt
|
||||
ansible.builtin.copy: src=cron-sync-alt dest=/etc/cron.d/sync-alt
|
||||
tags:
|
||||
- fedora-web
|
||||
- fedora-web/alt
|
||||
|
||||
- name: Copy some config files for {{website}}
|
||||
copy: >
|
||||
ansible.builtin.copy: >
|
||||
src={{item}} dest=/etc/httpd/conf.d/{{website}}/{{item}}
|
||||
owner=root group=root mode=0644
|
||||
with_items:
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@
|
|||
when: ansible_distribution_major_version|int >= 9
|
||||
|
||||
- name: Create file to indicate we want live fedimg data
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
dest: /var/fedora_websites_live_fedimg
|
||||
content: "Indicator file"
|
||||
tags:
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: Copy over the registry passwd
|
||||
copy: src="{{private}}/files/docker-registry/{{env}}/candidate-htpasswd" dest=/etc/httpd/conf.d/candidate-registry.fedoraproject.org/passwd
|
||||
ansible.builtin.copy: src="{{private}}/files/docker-registry/{{env}}/candidate-htpasswd" dest=/etc/httpd/conf.d/candidate-registry.fedoraproject.org/passwd
|
||||
owner=root group=root mode=0644
|
||||
notify:
|
||||
- reload proxyhttpd
|
||||
|
|
|
|||
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Add a link
Reference in a new issue