copr: add production copr frontend instance in AWS

inventory/host_vars/copr-fe.aws.fedoraproject.org

@@ -0,0 +1,40 @@
+---
+datacenter: aws
+inventory_hostname: "copr-fe.aws.fedoraproject.org"
+inventory_instance_name: copr-fe
+
+nm_controlled_resolv: True
+ansible_ifcfg_blacklist: True
+
+hostbase: copr-fe-
+public_ip: 54.162.234.149
+root_auth_users: msuchy frostyx dturecek praiskup schlupov thrnciar
+description: copr frontend server - prod instance
+
+# Copr vars
+copr_hostbase: copr-fe
+
+# dbs to be backed up on this host
+dbs_to_backup:
+- coprdb
+
+db_backup_dir: ['/backups']
+
+nagios_Check_Services:
+  mail: false
+  nrpe: false
+  sshd: false
+  named: false
+  dhcpd: false
+  httpd: false
+  swap: false
+  ping: false
+  raid: false
+
+# this overrides vars/Fedora.yml
+base_pkgs_erase: ['PackageKit*', 'sendmail', 'at']
+
+# GDPR SAR variables
+sar_script: /usr/share/copr/coprs_frontend/run/copr-gdpr-sar.sh
+sar_script_user: copr-fe
+sar_output_file: copr.json

inventory/inventory

@@ -1110,6 +1110,9 @@ copr-keygen.cloud.fedoraproject.org
 [copr_front]
 copr-fe.cloud.fedoraproject.org
 
+[copr_front_aws]
+copr-fe.aws.fedoraproject.org
+
 [copr_back]
 copr-be.cloud.fedoraproject.org
 
@@ -1171,6 +1174,7 @@ copr_keygen
 copr_dist_git
 
 [copr_aws:children]
+copr_front_aws
 copr_back_aws
 copr_dist_git_aws
 copr_keygen_aws

playbooks/groups/copr-frontend-cloud.yml

@@ -1,5 +1,5 @@
 - name: check/create instance
-  hosts: copr_front_dev:copr_front:copr_front_dev_aws
+  hosts: copr_front_dev:copr_front:copr_front_dev_aws:copr_front_aws
   # hosts: copr_front
   user: root
   gather_facts: False
@@ -18,7 +18,7 @@
     when: datacenter == "aws"
 
 - name: cloud basic setup
-  hosts: copr_front_dev:copr_front:copr_front_dev_aws
+  hosts: copr_front_dev:copr_front:copr_front_dev_aws:copr_front_aws
   # hosts: copr_front
   gather_facts: True
   vars_files:
@@ -35,7 +35,7 @@
     when: datacenter != "aws"
 
 - name: provision instance
-  hosts: copr_front:copr_front_dev:copr_front_dev_aws
+  hosts: copr_front:copr_front_dev:copr_front_dev_aws:copr_front_aws
   # hosts: copr_front
   gather_facts: True
 

roles/copr/frontend-cloud/handlers/main.yml

@@ -7,3 +7,4 @@
 - name: restart copr-fe-fedora-messaging-reader
   service: name="fm-consumer@copr_messaging"
            state=restarted
+  when: not services_disabled|bool

roles/copr/frontend-cloud/tasks/main.yml

@@ -62,6 +62,7 @@
 
 - name: enable and start redis  # TODO: .service in copr-backend should depend on redis
   service: name=redis enabled=yes state=started
+  when: not services_disabled|bool
 
 - name: copy apache files to conf.d
   copy: src="httpd/{{ item }}" dest="/etc/httpd/conf.d/{{ item }}"
@@ -119,6 +120,7 @@
   with_items:
   - httpd
   - crond
+  when: not services_disabled|bool
 
 - name: set dev banner for dev instance
   when: devel|bool
@@ -167,10 +169,13 @@
 
 - name: start logrotate service
   service: name=logrotate.timer state=started enabled=yes
+  when: not services_disabled|bool
 
 - name: start fm-consumer service
   service: state=started enabled=yes name="fm-consumer@copr_messaging"
-  when: ansible_facts.packages['copr-frontend'][0].version is version('1.156', '>=')
+  when:
+  - ansible_facts.packages['copr-frontend'][0].version is version('1.156', '>=')
+  - not services_disabled|bool
 
 - name: add amount of time the server will wait for certain events before failing a request
   lineinfile: