Infrastructure/ansible
3
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of /git/ansible

Browse source
This commit is contained in:
Jan Kaluža 2018-01-10 16:04:57 +00:00
commit daf1bdd274
15 changed files with 113 additions and 124 deletions
Download patch file Download diff file Expand all files Collapse all files

6
inventory/group_vars/all
View file

@ -78,7 +78,7 @@ virt_install_command_one_nic: virt-install -n {{ inventory_hostname }}
hostname={{ inventory_hostname }} nameserver={{ dns }}
ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none'
--network bridge={{ main_bridge }},model=virtio
--autostart --noautoconsole --watchdog default --cpu host
--autostart --noautoconsole --watchdog default
virt_install_command_two_nic: virt-install -n {{ inventory_hostname }}
--memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
@ -89,7 +89,7 @@ virt_install_command_two_nic: virt-install -n {{ inventory_hostname }}
ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none
ip={{ eth1_ip }}:::{{ nm }}:{{ inventory_hostname }}-nfs:eth1:none'
--network bridge={{ main_bridge }},model=virtio --network=bridge={{ nfs_bridge }},model=virtio
--autostart --noautoconsole --watchdog default --cpu host
--autostart --noautoconsole --watchdog default
virt_install_command_aarch64_one_nic: virt-install -n {{ inventory_hostname }}
--memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
@ -128,7 +128,7 @@ virt_install_command_rhel6: virt-install -n {{ inventory_hostname }}
--vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
"ksdevice=eth0 ks={{ ks_url }} ip={{ eth0_ip }} netmask={{ nm }}
gateway={{ gw }} dns={{ dns }} console=tty0 console=ttyS0
hostname={{ inventory_hostname }}" --cpu host
hostname={{ inventory_hostname }}"
--network=bridge=br0 --autostart --noautoconsole --watchdog default
max_mem_size: "{{ mem_size * 5 }}"

8
inventory/group_vars/copr-keygen-stg
View file

@ -3,10 +3,10 @@ copr_hostbase: copr-keygen-dev
tcp_ports: []
# http + signd dest ports
custom_rules: [ '-A INPUT -p tcp -m tcp -s 172.25.32.206 --dport 80 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 172.25.159.112 --dport 80 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 172.25.32.206 --dport 5167 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 172.25.159.112 --dport 5167 -j ACCEPT']
custom_rules: [ '-A INPUT -p tcp -m tcp -s 172.25.32.11 --dport 80 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 172.25.153.203 --dport 80 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 172.25.32.211 --dport 5167 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 172.25.153.203 --dport 5167 -j ACCEPT']
datacenter: cloud

2
inventory/group_vars/copr-stg
View file

@ -5,7 +5,7 @@ _forward_src: "forward_dev"
# don't forget to update ip in ./copr-keygen-stg, due to custom firewall rules
copr_backend_ips: ["172.25.32.206", "172.25.159.112"]
copr_backend_ips: ["172.25.32.211", "172.25.153.203"]
keygen_host: "172.25.32.205"
resolvconf: "resolv.conf/cloud"

2
inventory/group_vars/taskotron-prod-client-hosts
View file

@ -66,7 +66,7 @@ buildslave_pubkey: 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3Fhg7qUJ1+3N2YficTWQGEPm
buildslave_private_sshkey_file: prod-buildslave-sshkey/prod_buildslave
buildslave_public_sshkey_file: prod-buildslave-sshkey/prod_buildslave.pub
buildmaster_pubkey: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9yMRz2GMoYSqlzVejI+SHR8CwTT9j3ecMwPrNQt6QHwNtrEvydU5coyP+ptIgRtlvcC14LA8usy/zmxSiI3H0GkCi7AanwuzoSh/PJfDBteDyhtvw5hoD+spFk1wZjhZ+p4zzLoCMsZg2XsASHaRlIwq1vAmMNSwZuQC/q4nHEEPnQbWYIms0Umwa+ztixmw7gSYJiHxByrEb3r1djRZoBubJsCOU48EyMBmNdCvHCGr1LLVtYdRun+qBm8kCLBUYRcpFstg/A4T9YBSH9svTL1tWnqodBN25NWtO3Fvk/Fv5MhU/SPgYSP9+KwWM/LdnbbN4oqHbBj+sIcJ8hjGj'
buildmaster_pubkey: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDT5q1z+tQ4gaIlmgOa2NXnVlaRX2tQito6bHkCy6r6CZYgB4CEWomAjSAzVKCaywTh9zGYPKvlvecs1w+r7R8p0RMejfKNdYnukhnKNzlarrSMk6D/caRs8zgvrMBVGM0rTrhamf2rs38ZZcxc8LkMdrbGkWDB9cjNLfgYCt+/coCMzpi0m9chJLr/sQ+pSCI/clW5b29n7FFXXYwMqkH/wJ/9BNmP4uHM3Q9FzwyAEyWa2edLHbKai2LWW+c2pBGPsa+mLLW3qZYpai7aWonMTd29w4dcy1Frk7sOSZ4z1MN2+zZ74WsJxolCdhTrOj17qAP5K8kA6+q01Zhwqbrn'
############################################################
# imagefactory config

2
inventory/host_vars/copr-be-dev.cloud.fedoraproject.org
View file

@ -1,6 +1,6 @@
---
instance_type: m1.xlarge
image: "{{ fedora26_x86_64 }}"
image: "{{ fedora27_x86_64 }}"
keypair: fedora-admin-20130801
security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,allow-nagios-persistent,fedmsg-relay-persistent
zone: nova

32
inventory/host_vars/qa12.qa.fedoraproject.org
View file

@ -7,20 +7,20 @@ nrpe_procs_crit: 1000
eth0_ip: 10.5.131.20
gw: 10.5.131.254
short_hostname: qa12.qa
short_hostname: qa12
slaves:
- { user: "{{ short_hostname }}-1", home: "/home/{{ short_hostname }}-1", dir: "/home/{{ short_hostname }}-1/slave" }
- { user: "{{ short_hostname }}-2", home: "/home/{{ short_hostname }}-2", dir: "/home/{{ short_hostname }}-2/slave" }
- { user: "{{ short_hostname }}-3", home: "/home/{{ short_hostname }}-3", dir: "/home/{{ short_hostname }}-3/slave" }
- { user: "{{ short_hostname }}-4", home: "/home/{{ short_hostname }}-4", dir: "/home/{{ short_hostname }}-4/slave" }
- { user: "{{ short_hostname }}-5", home: "/home/{{ short_hostname }}-5", dir: "/home/{{ short_hostname }}-5/slave" }
- { user: "{{ short_hostname }}-6", home: "/home/{{ short_hostname }}-6", dir: "/home/{{ short_hostname }}-6/slave" }
- { user: "{{ short_hostname }}-7", home: "/home/{{ short_hostname }}-7", dir: "/home/{{ short_hostname }}-7/slave" }
- { user: "{{ short_hostname }}-8", home: "/home/{{ short_hostname }}-8", dir: "/home/{{ short_hostname }}-8/slave" }
- { user: "{{ short_hostname }}-9", home: "/home/{{ short_hostname }}-9", dir: "/home/{{ short_hostname }}-9/slave" }
- { user: "{{ short_hostname }}-10", home: "/home/{{ short_hostname }}-10", dir: "/home/{{ short_hostname }}-10/slave" }
- { user: "{{ short_hostname }}-11", home: "/home/{{ short_hostname }}-11", dir: "/home/{{ short_hostname }}-11/slave" }
- { user: "{{ short_hostname }}-12", home: "/home/{{ short_hostname }}-12", dir: "/home/{{ short_hostname }}-12/slave" }
- { user: "{{ short_hostname }}-13", home: "/home/{{ short_hostname }}-13", dir: "/home/{{ short_hostname }}-13/slave" }
- { user: "{{ short_hostname }}-14", home: "/home/{{ short_hostname }}-14", dir: "/home/{{ short_hostname }}-14/slave" }
- { user: "{{ short_hostname }}-15", home: "/home/{{ short_hostname }}-15", dir: "/home/{{ short_hostname }}-15/slave" }
- { user: "{{ short_hostname }}-1", home: "/srv/buildslaves/{{ short_hostname }}-1", dir: "/srv/buildslaves/{{ short_hostname }}-1/slave" }
- { user: "{{ short_hostname }}-2", home: "/srv/buildslaves/{{ short_hostname }}-2", dir: "/srv/buildslaves/{{ short_hostname }}-2/slave" }
- { user: "{{ short_hostname }}-3", home: "/srv/buildslaves/{{ short_hostname }}-3", dir: "/srv/buildslaves/{{ short_hostname }}-3/slave" }
- { user: "{{ short_hostname }}-4", home: "/srv/buildslaves/{{ short_hostname }}-4", dir: "/srv/buildslaves/{{ short_hostname }}-4/slave" }
- { user: "{{ short_hostname }}-5", home: "/srv/buildslaves/{{ short_hostname }}-5", dir: "/srv/buildslaves/{{ short_hostname }}-5/slave" }
- { user: "{{ short_hostname }}-6", home: "/srv/buildslaves/{{ short_hostname }}-6", dir: "/srv/buildslaves/{{ short_hostname }}-6/slave" }
- { user: "{{ short_hostname }}-7", home: "/srv/buildslaves/{{ short_hostname }}-7", dir: "/srv/buildslaves/{{ short_hostname }}-7/slave" }
- { user: "{{ short_hostname }}-8", home: "/srv/buildslaves/{{ short_hostname }}-8", dir: "/srv/buildslaves/{{ short_hostname }}-8/slave" }
- { user: "{{ short_hostname }}-9", home: "/srv/buildslaves/{{ short_hostname }}-9", dir: "/srv/buildslaves/{{ short_hostname }}-9/slave" }
- { user: "{{ short_hostname }}-10", home: "/srv/buildslaves/{{ short_hostname }}-10", dir: "/srv/buildslaves/{{ short_hostname }}-10/slave" }
- { user: "{{ short_hostname }}-11", home: "/srv/buildslaves/{{ short_hostname }}-11", dir: "/srv/buildslaves/{{ short_hostname }}-11/slave" }
- { user: "{{ short_hostname }}-12", home: "/srv/buildslaves/{{ short_hostname }}-12", dir: "/srv/buildslaves/{{ short_hostname }}-12/slave" }
- { user: "{{ short_hostname }}-13", home: "/srv/buildslaves/{{ short_hostname }}-13", dir: "/srv/buildslaves/{{ short_hostname }}-13/slave" }
- { user: "{{ short_hostname }}-14", home: "/srv/buildslaves/{{ short_hostname }}-14", dir: "/srv/buildslaves/{{ short_hostname }}-14/slave" }
- { user: "{{ short_hostname }}-15", home: "/srv/buildslaves/{{ short_hostname }}-15", dir: "/srv/buildslaves/{{ short_hostname }}-15/slave" }

32
inventory/host_vars/qa13.qa.fedoraproject.org
View file

@ -7,20 +7,20 @@ nrpe_procs_crit: 1000
eth0_ip: 10.5.131.21
gw: 10.5.131.254
short_hostname: qa13.qa
short_hostname: qa13
slaves:
- { user: "{{ short_hostname }}-1", home: "/home/{{ short_hostname }}-1", dir: "/home/{{ short_hostname }}-1/slave" }
- { user: "{{ short_hostname }}-2", home: "/home/{{ short_hostname }}-2", dir: "/home/{{ short_hostname }}-2/slave" }
- { user: "{{ short_hostname }}-3", home: "/home/{{ short_hostname }}-3", dir: "/home/{{ short_hostname }}-3/slave" }
- { user: "{{ short_hostname }}-4", home: "/home/{{ short_hostname }}-4", dir: "/home/{{ short_hostname }}-4/slave" }
- { user: "{{ short_hostname }}-5", home: "/home/{{ short_hostname }}-5", dir: "/home/{{ short_hostname }}-5/slave" }
- { user: "{{ short_hostname }}-6", home: "/home/{{ short_hostname }}-6", dir: "/home/{{ short_hostname }}-6/slave" }
- { user: "{{ short_hostname }}-7", home: "/home/{{ short_hostname }}-7", dir: "/home/{{ short_hostname }}-7/slave" }
- { user: "{{ short_hostname }}-8", home: "/home/{{ short_hostname }}-8", dir: "/home/{{ short_hostname }}-8/slave" }
- { user: "{{ short_hostname }}-9", home: "/home/{{ short_hostname }}-9", dir: "/home/{{ short_hostname }}-9/slave" }
- { user: "{{ short_hostname }}-10", home: "/home/{{ short_hostname }}-10", dir: "/home/{{ short_hostname }}-10/slave" }
- { user: "{{ short_hostname }}-11", home: "/home/{{ short_hostname }}-11", dir: "/home/{{ short_hostname }}-11/slave" }
- { user: "{{ short_hostname }}-12", home: "/home/{{ short_hostname }}-12", dir: "/home/{{ short_hostname }}-12/slave" }
- { user: "{{ short_hostname }}-13", home: "/home/{{ short_hostname }}-13", dir: "/home/{{ short_hostname }}-13/slave" }
- { user: "{{ short_hostname }}-14", home: "/home/{{ short_hostname }}-14", dir: "/home/{{ short_hostname }}-14/slave" }
- { user: "{{ short_hostname }}-15", home: "/home/{{ short_hostname }}-15", dir: "/home/{{ short_hostname }}-15/slave" }
- { user: "{{ short_hostname }}-1", home: "/srv/buildslaves/{{ short_hostname }}-1", dir: "/srv/buildslaves/{{ short_hostname }}-1/slave" }
- { user: "{{ short_hostname }}-2", home: "/srv/buildslaves/{{ short_hostname }}-2", dir: "/srv/buildslaves/{{ short_hostname }}-2/slave" }
- { user: "{{ short_hostname }}-3", home: "/srv/buildslaves/{{ short_hostname }}-3", dir: "/srv/buildslaves/{{ short_hostname }}-3/slave" }
- { user: "{{ short_hostname }}-4", home: "/srv/buildslaves/{{ short_hostname }}-4", dir: "/srv/buildslaves/{{ short_hostname }}-4/slave" }
- { user: "{{ short_hostname }}-5", home: "/srv/buildslaves/{{ short_hostname }}-5", dir: "/srv/buildslaves/{{ short_hostname }}-5/slave" }
- { user: "{{ short_hostname }}-6", home: "/srv/buildslaves/{{ short_hostname }}-6", dir: "/srv/buildslaves/{{ short_hostname }}-6/slave" }
- { user: "{{ short_hostname }}-7", home: "/srv/buildslaves/{{ short_hostname }}-7", dir: "/srv/buildslaves/{{ short_hostname }}-7/slave" }
- { user: "{{ short_hostname }}-8", home: "/srv/buildslaves/{{ short_hostname }}-8", dir: "/srv/buildslaves/{{ short_hostname }}-8/slave" }
- { user: "{{ short_hostname }}-9", home: "/srv/buildslaves/{{ short_hostname }}-9", dir: "/srv/buildslaves/{{ short_hostname }}-9/slave" }
- { user: "{{ short_hostname }}-10", home: "/srv/buildslaves/{{ short_hostname }}-10", dir: "/srv/buildslaves/{{ short_hostname }}-10/slave" }
- { user: "{{ short_hostname }}-11", home: "/srv/buildslaves/{{ short_hostname }}-11", dir: "/srv/buildslaves/{{ short_hostname }}-11/slave" }
- { user: "{{ short_hostname }}-12", home: "/srv/buildslaves/{{ short_hostname }}-12", dir: "/srv/buildslaves/{{ short_hostname }}-12/slave" }
- { user: "{{ short_hostname }}-13", home: "/srv/buildslaves/{{ short_hostname }}-13", dir: "/srv/buildslaves/{{ short_hostname }}-13/slave" }
- { user: "{{ short_hostname }}-14", home: "/srv/buildslaves/{{ short_hostname }}-14", dir: "/srv/buildslaves/{{ short_hostname }}-14/slave" }
- { user: "{{ short_hostname }}-15", home: "/srv/buildslaves/{{ short_hostname }}-15", dir: "/srv/buildslaves/{{ short_hostname }}-15/slave" }

124
inventory/host_vars/taskotron01.qa.fedoraproject.org
View file

@ -19,8 +19,8 @@ eth0_ip: 10.5.124.206
# install
############################################################
ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-25-taskotron-master
ks_repo: http://10.5.126.23/pub/fedora/linux/releases/25/Server/x86_64/os/
ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-27-taskotron-master
ks_repo: http://10.5.126.23/pub/fedora/linux/releases/27/Server/x86_64/os/
sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
vmhost: virthost-comm03.qa.fedoraproject.org
volgroup: /dev/VirtGuests
@ -44,65 +44,65 @@ public_hostname: taskotron.fedoraproject.org
buildmaster: 10.5.124.206
buildslaves:
- qa12.qa-1
- qa12.qa-2
- qa12.qa-3
- qa12.qa-4
- qa12.qa-5
- qa12.qa-6
- qa12.qa-7
- qa12.qa-8
- qa12.qa-9
- qa12.qa-10
- qa12.qa-11
- qa12.qa-12
- qa12.qa-13
- qa12.qa-14
- qa12.qa-15
- qa13.qa-1
- qa13.qa-2
- qa13.qa-3
- qa13.qa-4
- qa13.qa-5
- qa13.qa-6
- qa13.qa-7
- qa13.qa-8
- qa13.qa-9
- qa13.qa-10
- qa13.qa-11
- qa13.qa-12
- qa13.qa-13
- qa13.qa-14
- qa13.qa-15
- qa12-1
- qa12-2
- qa12-3
- qa12-4
- qa12-5
- qa12-6
- qa12-7
- qa12-8
- qa12-9
- qa12-10
- qa12-11
- qa12-12
- qa12-13
- qa12-14
- qa12-15
- qa13-1
- qa13-2
- qa13-3
- qa13-4
- qa13-5
- qa13-6
- qa13-7
- qa13-8
- qa13-9
- qa13-10
- qa13-11
- qa13-12
- qa13-13
- qa13-14
- qa13-15
i386_buildslaves:
- qa13.qa-10
- qa13-10
x86_64_buildslaves:
- qa12.qa-1
- qa12.qa-2
- qa12.qa-3
- qa12.qa-4
- qa12.qa-5
- qa12.qa-6
- qa12.qa-7
- qa12.qa-8
- qa12.qa-9
- qa12.qa-10
- qa12.qa-11
- qa12.qa-12
- qa12.qa-13
- qa12.qa-14
- qa12.qa-15
- qa13.qa-1
- qa13.qa-2
- qa13.qa-3
- qa13.qa-4
- qa13.qa-5
- qa13.qa-6
- qa13.qa-7
- qa13.qa-8
- qa13.qa-9
- qa13.qa-11
- qa13.qa-12
- qa13.qa-13
- qa13.qa-14
- qa13.qa-15
- qa12-1
- qa12-2
- qa12-3
- qa12-4
- qa12-5
- qa12-6
- qa12-7
- qa12-8
- qa12-9
- qa12-10
- qa12-11
- qa12-12
- qa12-13
- qa12-14
- qa12-15
- qa13-1
- qa13-2
- qa13-3
- qa13-4
- qa13-5
- qa13-6
- qa13-7
- qa13-8
- qa13-9
- qa13-11
- qa13-12
- qa13-13
- qa13-14
- qa13-15

6
playbooks/groups/releng-compose.yml
View file

@ -55,17 +55,15 @@
- fedmsg/base
- {
role: "manage-container-images",
cert_dest_dir: "/etc/docker/certs.d/registry.stg.fedoraproject.org",
cert_dest_dir: "/etc/docker/certs.d/registry{{ env_suffix }}.fedoraproject.org",
cert_src: "{{private}}/files/docker-registry/{{env}}/docker-registry-internal.pem",
key_src: "{{private}}/files/docker-registry/{{env}}/docker-registry-internal.key",
when: env == "staging"
}
- {
role: "manage-container-images",
cert_dest_dir: "/etc/docker/certs.d/candidate-registry.stg.fedoraproject.org",
cert_dest_dir: "/etc/docker/certs.d/candidate-registry{{ env_suffix }}.fedoraproject.org",
cert_src: "{{private}}/files/docker-registry/{{env}}/docker-registry-internal.pem",
key_src: "{{private}}/files/docker-registry/{{env}}/docker-registry-internal.key",
when: env == "staging"
}

6
roles/koji_builder/templates/runroot.conf.j2
View file

@ -8,7 +8,7 @@
default_mounts = /mnt/koji
{% elif env == 'staging' %}
; In staging we also need the production split volume
default_mounts = /mnt/koji,/mnt/fedora_koji_prod/koji
default_mounts = /mnt/koji,/mnt/fedora_koji_prod/koji,/etc/kojid/secrets
{% endif %}
; comma-delimited list of safe roots.
@ -52,8 +52,8 @@ options = ro,bind
; Directory for secrets to be used by certain builds
[path3]
mountpoint = /etc/kojid/secrets/
path = /etc/kojid/secrets/
mountpoint = /etc/kojid/secrets
path = /etc/kojid/secrets
fstype = bind
options = ro,bind
{% endif %}

4
roles/taskotron/buildmaster/tasks/main.yml
View file

@ -47,11 +47,11 @@
- name: set the selinux fcontext type for the buildmaster_home to var_lib_t
command: semanage fcontext -a -t var_lib_t "{{ buildmaster_home }}(/.*)?"
when: deployment_type in ['prod', 'qa-stg']
when: deployment_type in ['qa-stg']
- name: ensure correct fcontext for buildmaster home (new)
file: path="{{ buildmaster_home }}(/. *)?" setype=var_lib_t owner=buildmaster group=buildmaster mode=0775 state=directory
when: deployment_type in ['dev', 'stg']
when: deployment_type in ['dev', 'stg', 'prod']
#- name: make sure the selinux fcontext is restored
# command: restorecon -R "{{ buildmaster_home }}"

2
roles/taskotron/buildslave-configure/tasks/main.yml
View file

@ -110,7 +110,7 @@
file: path={{ item.home }}/slave setype=var_lib_t owner={{ item.user }} group={{ slaves_group }} mode=0700 state=directory
with_items:
- '{{ slaves|default([dict(user="", home="", dir="")]) }}'
when: deployment_type in ['dev', 'stg']
when: deployment_type in ['dev', 'stg', 'prod']
- name: generate buildslave service file
template: src=buildslave@.service.j2 dest=/lib/systemd/system/buildslave@.service owner=root group=root mode=0644

8
roles/taskotron/buildslave-configure/templates/buildslave@.service.j2
View file

@ -4,18 +4,10 @@ After=network.target
[Service]
Type=forking
{% if deployment_type in ['prod'] %}
# disabled because of https://pagure.io/taskotron/issue/236
#PIDFile=/home/%i/slave/twistd.pid
ExecStart=/bin/buildslave start /home/%i/slave/
ExecStop=/bin/buildslave stop /home/%i/slave/
{% endif %}
{% if deployment_type in ['dev', 'stg'] %}
# disabled because of https://pagure.io/taskotron/issue/236
#PIDFile=/srv/buildslaves/%i/slave/twistd.pid
ExecStart=/bin/buildslave start /srv/buildslaves/%i/slave/
ExecStop=/bin/buildslave stop /srv/buildslaves/%i/slave/
{% endif %}
User=%i
Group={{ slaves_group }}

2
roles/taskotron/buildslave/tasks/main.yml
View file

@ -60,7 +60,7 @@
- name: set the selinux fcontext type for the buildslave dir to var_lib_t
command: semanage fcontext -a -t var_lib_t "{{ item.dir }}"
with_items: "{{ slaves }}"
when: slaves is defined and deployment_type in ['prod', 'qa-prod', 'qa-stg']
when: slaves is defined and deployment_type in ['qa-prod', 'qa-stg']
- name: make sure the selinux fcontext is restored
command: restorecon -R "{{ item.dir }}"

1
roles/taskotron/taskotron-master/tasks/main.yml
View file

@ -21,7 +21,6 @@
- name: allow httpd to read artifacts on nfs
seboolean: name=httpd_use_nfs state=yes persistent=yes
when: deployment_type in ['stg', 'prod']
- name: copy cronjob for cleaning old taskotron artifacts and buildmaster logs
template: src=taskotron-clean.cron.j2 dest=/etc/cron.d/taskotron-clean.cron owner=root group=root mode=0644