diff --git a/inventory/host_vars/copr-fe.aws.fedoraproject.org b/inventory/host_vars/copr-fe.aws.fedoraproject.org new file mode 100644 index 0000000000..f033a54263 --- /dev/null +++ b/inventory/host_vars/copr-fe.aws.fedoraproject.org @@ -0,0 +1,40 @@ +--- +datacenter: aws +inventory_hostname: "copr-fe.aws.fedoraproject.org" +inventory_instance_name: copr-fe + +nm_controlled_resolv: True +ansible_ifcfg_blacklist: True + +hostbase: copr-fe- +public_ip: 54.162.234.149 +root_auth_users: msuchy frostyx dturecek praiskup schlupov thrnciar +description: copr frontend server - prod instance + +# Copr vars +copr_hostbase: copr-fe + +# dbs to be backed up on this host +dbs_to_backup: +- coprdb + +db_backup_dir: ['/backups'] + +nagios_Check_Services: + mail: false + nrpe: false + sshd: false + named: false + dhcpd: false + httpd: false + swap: false + ping: false + raid: false + +# this overrides vars/Fedora.yml +base_pkgs_erase: ['PackageKit*', 'sendmail', 'at'] + +# GDPR SAR variables +sar_script: /usr/share/copr/coprs_frontend/run/copr-gdpr-sar.sh +sar_script_user: copr-fe +sar_output_file: copr.json diff --git a/inventory/inventory b/inventory/inventory index c532d5ab2c..2c3c9b96dd 100644 --- a/inventory/inventory +++ b/inventory/inventory @@ -1110,6 +1110,9 @@ copr-keygen.cloud.fedoraproject.org [copr_front] copr-fe.cloud.fedoraproject.org +[copr_front_aws] +copr-fe.aws.fedoraproject.org + [copr_back] copr-be.cloud.fedoraproject.org @@ -1171,6 +1174,7 @@ copr_keygen copr_dist_git [copr_aws:children] +copr_front_aws copr_back_aws copr_dist_git_aws copr_keygen_aws diff --git a/playbooks/groups/copr-frontend-cloud.yml b/playbooks/groups/copr-frontend-cloud.yml index a2824464b3..5b190bb5ca 100644 --- a/playbooks/groups/copr-frontend-cloud.yml +++ b/playbooks/groups/copr-frontend-cloud.yml @@ -1,5 +1,5 @@ - name: check/create instance - hosts: copr_front_dev:copr_front:copr_front_dev_aws + hosts: copr_front_dev:copr_front:copr_front_dev_aws:copr_front_aws # hosts: copr_front user: root gather_facts: False @@ -18,7 +18,7 @@ when: datacenter == "aws" - name: cloud basic setup - hosts: copr_front_dev:copr_front:copr_front_dev_aws + hosts: copr_front_dev:copr_front:copr_front_dev_aws:copr_front_aws # hosts: copr_front gather_facts: True vars_files: @@ -35,7 +35,7 @@ when: datacenter != "aws" - name: provision instance - hosts: copr_front:copr_front_dev:copr_front_dev_aws + hosts: copr_front:copr_front_dev:copr_front_dev_aws:copr_front_aws # hosts: copr_front gather_facts: True diff --git a/roles/copr/frontend-cloud/handlers/main.yml b/roles/copr/frontend-cloud/handlers/main.yml index 210a0d66be..5dbbed4a16 100644 --- a/roles/copr/frontend-cloud/handlers/main.yml +++ b/roles/copr/frontend-cloud/handlers/main.yml @@ -7,3 +7,4 @@ - name: restart copr-fe-fedora-messaging-reader service: name="fm-consumer@copr_messaging" state=restarted + when: not services_disabled|bool diff --git a/roles/copr/frontend-cloud/tasks/main.yml b/roles/copr/frontend-cloud/tasks/main.yml index 37fbebe7aa..d5556e6d45 100644 --- a/roles/copr/frontend-cloud/tasks/main.yml +++ b/roles/copr/frontend-cloud/tasks/main.yml @@ -62,6 +62,7 @@ - name: enable and start redis # TODO: .service in copr-backend should depend on redis service: name=redis enabled=yes state=started + when: not services_disabled|bool - name: copy apache files to conf.d copy: src="httpd/{{ item }}" dest="/etc/httpd/conf.d/{{ item }}" @@ -119,6 +120,7 @@ with_items: - httpd - crond + when: not services_disabled|bool - name: set dev banner for dev instance when: devel|bool @@ -167,10 +169,13 @@ - name: start logrotate service service: name=logrotate.timer state=started enabled=yes + when: not services_disabled|bool - name: start fm-consumer service service: state=started enabled=yes name="fm-consumer@copr_messaging" - when: ansible_facts.packages['copr-frontend'][0].version is version('1.156', '>=') + when: + - ansible_facts.packages['copr-frontend'][0].version is version('1.156', '>=') + - not services_disabled|bool - name: add amount of time the server will wait for certain events before failing a request lineinfile: