From c4e510395e2eb5db80d9e1bb6ea66827c128759e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Miroslav=20Such=C3=BD?= <msuchy@redhat.com>
Date: Mon, 31 Mar 2014 11:48:24 +0000
Subject: [PATCH] sync up copr-dev with copr

---
 .../copr-be-dev.cloud.fedoraproject.org.yml   |  7 +++++++
 .../copr-fe-dev.cloud.fedoraproject.org.yml   | 21 +++++++++++++++++++
 2 files changed, 28 insertions(+)

diff --git a/playbooks/hosts/copr-be-dev.cloud.fedoraproject.org.yml b/playbooks/hosts/copr-be-dev.cloud.fedoraproject.org.yml
index 1ad3dff30a..0125bd9536 100644
--- a/playbooks/hosts/copr-be-dev.cloud.fedoraproject.org.yml
+++ b/playbooks/hosts/copr-be-dev.cloud.fedoraproject.org.yml
@@ -7,6 +7,10 @@
    - /srv/web/infra/ansible/vars/global.yml
    - "{{ private }}/vars.yml"
 
+  # Roles are run first, before tasks, regardless of where you place them here.
+  roles:
+  - fedmsg/base
+
   tasks:
   - include: "{{ tasks }}/persistent_cloud.yml"
   - include: "{{ tasks }}/growroot_cloud.yml"
@@ -29,6 +33,9 @@
   - name: copy copr.repo
     action: copy src="{{ files }}/copr/fe/yum/copr.repo" dest=/etc/yum.repos.d/copr.repo
 
+  - name: set the hostname
+    shell: hostname copr-be-dev.cloud.fedoraproject.org
+
   # packages needed
   - name: add packages for copr-be
     action: yum state=present name={{ item }}
diff --git a/playbooks/hosts/copr-fe-dev.cloud.fedoraproject.org.yml b/playbooks/hosts/copr-fe-dev.cloud.fedoraproject.org.yml
index 22cdf424ba..bcfa328c97 100644
--- a/playbooks/hosts/copr-fe-dev.cloud.fedoraproject.org.yml
+++ b/playbooks/hosts/copr-fe-dev.cloud.fedoraproject.org.yml
@@ -28,6 +28,9 @@
   - name: copy copr.repo
     action: copy src="{{ files }}/copr/fe/yum/copr.repo" dest=/etc/yum.repos.d/copr.repo
 
+  - name: set the hostname
+    shell: hostname copr-fe-dev.cloud.fedoraproject.org
+
   - name: install copr-fe pkgs
     action: yum state=installed pkg={{ item }}
     with_items:
@@ -35,9 +38,18 @@
     - copr-selinux
     - postgresql-server
     - bash-completion
+    - fail2ban
+    - mod_ssl
     tags:
     - packages
 
+  - name: install copr configs
+    template: src="{{ files }}/copr/fe/copr.conf" dest=/etc/copr/copr.conf mode=600
+    notify:
+    - restart httpd
+    tags:
+    - config
+
   - name: copy apache files to conf.d
     action: copy src="{{ files }}/copr/fe/httpd/{{ item }}" dest="/etc/httpd/conf.d/{{ item }}"
     with_items:
@@ -46,12 +58,21 @@
 
   - name: copy pg_hba.conf
     action: copy src="{{ files }}/copr/fe/pg/pg_hba.conf" dest=/var/lib/pgsql/data/pg_hba.conf owner=postgres group=postgres mode=0600
+
+  # open up ports (22, 80, 443)
+  - name: poke holes in the firewall
+    action: command lokkit {{ item }}
+    with_items:
+    - --service=ssh
+    - --service=https
+    - --service=http
   
   - name: enable services
     action: service state=running enabled=yes name={{ item }}
     with_items:
     - httpd
     - postgresql
+    - fail2ban
 
   handlers:
   - include: "{{ handlers }}/restart_services.yml"