Merge branch 'master' of /git/ansible
This commit is contained in:
Jan Kaluža
commit
daf1bdd274
15 changed files with 113 additions and 124 deletions
|
|
@ -78,7 +78,7 @@ virt_install_command_one_nic: virt-install -n {{ inventory_hostname }}
|
|||
hostname={{ inventory_hostname }} nameserver={{ dns }}
|
||||
ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none'
|
||||
--network bridge={{ main_bridge }},model=virtio
|
||||
--autostart --noautoconsole --watchdog default --cpu host
|
||||
--autostart --noautoconsole --watchdog default
|
||||
|
||||
virt_install_command_two_nic: virt-install -n {{ inventory_hostname }}
|
||||
--memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
|
||||
|
|
@ -89,7 +89,7 @@ virt_install_command_two_nic: virt-install -n {{ inventory_hostname }}
|
|||
ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none
|
||||
ip={{ eth1_ip }}:::{{ nm }}:{{ inventory_hostname }}-nfs:eth1:none'
|
||||
--network bridge={{ main_bridge }},model=virtio --network=bridge={{ nfs_bridge }},model=virtio
|
||||
--autostart --noautoconsole --watchdog default --cpu host
|
||||
--autostart --noautoconsole --watchdog default
|
||||
|
||||
virt_install_command_aarch64_one_nic: virt-install -n {{ inventory_hostname }}
|
||||
--memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
|
||||
|
|
@ -128,7 +128,7 @@ virt_install_command_rhel6: virt-install -n {{ inventory_hostname }}
|
|||
--vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
|
||||
"ksdevice=eth0 ks={{ ks_url }} ip={{ eth0_ip }} netmask={{ nm }}
|
||||
gateway={{ gw }} dns={{ dns }} console=tty0 console=ttyS0
|
||||
hostname={{ inventory_hostname }}" --cpu host
|
||||
hostname={{ inventory_hostname }}"
|
||||
--network=bridge=br0 --autostart --noautoconsole --watchdog default
|
||||
|
||||
max_mem_size: "{{ mem_size * 5 }}"
|
||||
|
|
|
|||
|
|
@ -3,10 +3,10 @@ copr_hostbase: copr-keygen-dev
|
|||
tcp_ports: []
|
||||
|
||||
# http + signd dest ports
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 172.25.32.206 --dport 80 -j ACCEPT',
|
||||
'-A INPUT -p tcp -m tcp -s 172.25.159.112 --dport 80 -j ACCEPT',
|
||||
'-A INPUT -p tcp -m tcp -s 172.25.32.206 --dport 5167 -j ACCEPT',
|
||||
'-A INPUT -p tcp -m tcp -s 172.25.159.112 --dport 5167 -j ACCEPT']
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 172.25.32.11 --dport 80 -j ACCEPT',
|
||||
'-A INPUT -p tcp -m tcp -s 172.25.153.203 --dport 80 -j ACCEPT',
|
||||
'-A INPUT -p tcp -m tcp -s 172.25.32.211 --dport 5167 -j ACCEPT',
|
||||
'-A INPUT -p tcp -m tcp -s 172.25.153.203 --dport 5167 -j ACCEPT']
|
||||
|
||||
datacenter: cloud
|
||||
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ _forward_src: "forward_dev"
|
|||
|
||||
# don't forget to update ip in ./copr-keygen-stg, due to custom firewall rules
|
||||
|
||||
copr_backend_ips: ["172.25.32.206", "172.25.159.112"]
|
||||
copr_backend_ips: ["172.25.32.211", "172.25.153.203"]
|
||||
keygen_host: "172.25.32.205"
|
||||
|
||||
resolvconf: "resolv.conf/cloud"
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ buildslave_pubkey: 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3Fhg7qUJ1+3N2YficTWQGEPm
|
|||
|
||||
buildslave_private_sshkey_file: prod-buildslave-sshkey/prod_buildslave
|
||||
buildslave_public_sshkey_file: prod-buildslave-sshkey/prod_buildslave.pub
|
||||
buildmaster_pubkey: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9yMRz2GMoYSqlzVejI+SHR8CwTT9j3ecMwPrNQt6QHwNtrEvydU5coyP+ptIgRtlvcC14LA8usy/zmxSiI3H0GkCi7AanwuzoSh/PJfDBteDyhtvw5hoD+spFk1wZjhZ+p4zzLoCMsZg2XsASHaRlIwq1vAmMNSwZuQC/q4nHEEPnQbWYIms0Umwa+ztixmw7gSYJiHxByrEb3r1djRZoBubJsCOU48EyMBmNdCvHCGr1LLVtYdRun+qBm8kCLBUYRcpFstg/A4T9YBSH9svTL1tWnqodBN25NWtO3Fvk/Fv5MhU/SPgYSP9+KwWM/LdnbbN4oqHbBj+sIcJ8hjGj'
|
||||
buildmaster_pubkey: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDT5q1z+tQ4gaIlmgOa2NXnVlaRX2tQito6bHkCy6r6CZYgB4CEWomAjSAzVKCaywTh9zGYPKvlvecs1w+r7R8p0RMejfKNdYnukhnKNzlarrSMk6D/caRs8zgvrMBVGM0rTrhamf2rs38ZZcxc8LkMdrbGkWDB9cjNLfgYCt+/coCMzpi0m9chJLr/sQ+pSCI/clW5b29n7FFXXYwMqkH/wJ/9BNmP4uHM3Q9FzwyAEyWa2edLHbKai2LWW+c2pBGPsa+mLLW3qZYpai7aWonMTd29w4dcy1Frk7sOSZ4z1MN2+zZ74WsJxolCdhTrOj17qAP5K8kA6+q01Zhwqbrn'
|
||||
|
||||
############################################################
|
||||
# imagefactory config
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
instance_type: m1.xlarge
|
||||
image: "{{ fedora26_x86_64 }}"
|
||||
image: "{{ fedora27_x86_64 }}"
|
||||
keypair: fedora-admin-20130801
|
||||
security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,allow-nagios-persistent,fedmsg-relay-persistent
|
||||
zone: nova
|
||||
|
|
|
|||
|
|
@ -7,20 +7,20 @@ nrpe_procs_crit: 1000
|
|||
eth0_ip: 10.5.131.20
|
||||
gw: 10.5.131.254
|
||||
|
||||
short_hostname: qa12.qa
|
||||
short_hostname: qa12
|
||||
slaves:
|
||||
- { user: "{{ short_hostname }}-1", home: "/home/{{ short_hostname }}-1", dir: "/home/{{ short_hostname }}-1/slave" }
|
||||
- { user: "{{ short_hostname }}-2", home: "/home/{{ short_hostname }}-2", dir: "/home/{{ short_hostname }}-2/slave" }
|
||||
- { user: "{{ short_hostname }}-3", home: "/home/{{ short_hostname }}-3", dir: "/home/{{ short_hostname }}-3/slave" }
|
||||
- { user: "{{ short_hostname }}-4", home: "/home/{{ short_hostname }}-4", dir: "/home/{{ short_hostname }}-4/slave" }
|
||||
- { user: "{{ short_hostname }}-5", home: "/home/{{ short_hostname }}-5", dir: "/home/{{ short_hostname }}-5/slave" }
|
||||
- { user: "{{ short_hostname }}-6", home: "/home/{{ short_hostname }}-6", dir: "/home/{{ short_hostname }}-6/slave" }
|
||||
- { user: "{{ short_hostname }}-7", home: "/home/{{ short_hostname }}-7", dir: "/home/{{ short_hostname }}-7/slave" }
|
||||
- { user: "{{ short_hostname }}-8", home: "/home/{{ short_hostname }}-8", dir: "/home/{{ short_hostname }}-8/slave" }
|
||||
- { user: "{{ short_hostname }}-9", home: "/home/{{ short_hostname }}-9", dir: "/home/{{ short_hostname }}-9/slave" }
|
||||
- { user: "{{ short_hostname }}-10", home: "/home/{{ short_hostname }}-10", dir: "/home/{{ short_hostname }}-10/slave" }
|
||||
- { user: "{{ short_hostname }}-11", home: "/home/{{ short_hostname }}-11", dir: "/home/{{ short_hostname }}-11/slave" }
|
||||
- { user: "{{ short_hostname }}-12", home: "/home/{{ short_hostname }}-12", dir: "/home/{{ short_hostname }}-12/slave" }
|
||||
- { user: "{{ short_hostname }}-13", home: "/home/{{ short_hostname }}-13", dir: "/home/{{ short_hostname }}-13/slave" }
|
||||
- { user: "{{ short_hostname }}-14", home: "/home/{{ short_hostname }}-14", dir: "/home/{{ short_hostname }}-14/slave" }
|
||||
- { user: "{{ short_hostname }}-15", home: "/home/{{ short_hostname }}-15", dir: "/home/{{ short_hostname }}-15/slave" }
|
||||
- { user: "{{ short_hostname }}-1", home: "/srv/buildslaves/{{ short_hostname }}-1", dir: "/srv/buildslaves/{{ short_hostname }}-1/slave" }
|
||||
- { user: "{{ short_hostname }}-2", home: "/srv/buildslaves/{{ short_hostname }}-2", dir: "/srv/buildslaves/{{ short_hostname }}-2/slave" }
|
||||
- { user: "{{ short_hostname }}-3", home: "/srv/buildslaves/{{ short_hostname }}-3", dir: "/srv/buildslaves/{{ short_hostname }}-3/slave" }
|
||||
- { user: "{{ short_hostname }}-4", home: "/srv/buildslaves/{{ short_hostname }}-4", dir: "/srv/buildslaves/{{ short_hostname }}-4/slave" }
|
||||
- { user: "{{ short_hostname }}-5", home: "/srv/buildslaves/{{ short_hostname }}-5", dir: "/srv/buildslaves/{{ short_hostname }}-5/slave" }
|
||||
- { user: "{{ short_hostname }}-6", home: "/srv/buildslaves/{{ short_hostname }}-6", dir: "/srv/buildslaves/{{ short_hostname }}-6/slave" }
|
||||
- { user: "{{ short_hostname }}-7", home: "/srv/buildslaves/{{ short_hostname }}-7", dir: "/srv/buildslaves/{{ short_hostname }}-7/slave" }
|
||||
- { user: "{{ short_hostname }}-8", home: "/srv/buildslaves/{{ short_hostname }}-8", dir: "/srv/buildslaves/{{ short_hostname }}-8/slave" }
|
||||
- { user: "{{ short_hostname }}-9", home: "/srv/buildslaves/{{ short_hostname }}-9", dir: "/srv/buildslaves/{{ short_hostname }}-9/slave" }
|
||||
- { user: "{{ short_hostname }}-10", home: "/srv/buildslaves/{{ short_hostname }}-10", dir: "/srv/buildslaves/{{ short_hostname }}-10/slave" }
|
||||
- { user: "{{ short_hostname }}-11", home: "/srv/buildslaves/{{ short_hostname }}-11", dir: "/srv/buildslaves/{{ short_hostname }}-11/slave" }
|
||||
- { user: "{{ short_hostname }}-12", home: "/srv/buildslaves/{{ short_hostname }}-12", dir: "/srv/buildslaves/{{ short_hostname }}-12/slave" }
|
||||
- { user: "{{ short_hostname }}-13", home: "/srv/buildslaves/{{ short_hostname }}-13", dir: "/srv/buildslaves/{{ short_hostname }}-13/slave" }
|
||||
- { user: "{{ short_hostname }}-14", home: "/srv/buildslaves/{{ short_hostname }}-14", dir: "/srv/buildslaves/{{ short_hostname }}-14/slave" }
|
||||
- { user: "{{ short_hostname }}-15", home: "/srv/buildslaves/{{ short_hostname }}-15", dir: "/srv/buildslaves/{{ short_hostname }}-15/slave" }
|
||||
|
|
|
|||
|
|
@ -7,20 +7,20 @@ nrpe_procs_crit: 1000
|
|||
eth0_ip: 10.5.131.21
|
||||
gw: 10.5.131.254
|
||||
|
||||
short_hostname: qa13.qa
|
||||
short_hostname: qa13
|
||||
slaves:
|
||||
- { user: "{{ short_hostname }}-1", home: "/home/{{ short_hostname }}-1", dir: "/home/{{ short_hostname }}-1/slave" }
|
||||
- { user: "{{ short_hostname }}-2", home: "/home/{{ short_hostname }}-2", dir: "/home/{{ short_hostname }}-2/slave" }
|
||||
- { user: "{{ short_hostname }}-3", home: "/home/{{ short_hostname }}-3", dir: "/home/{{ short_hostname }}-3/slave" }
|
||||
- { user: "{{ short_hostname }}-4", home: "/home/{{ short_hostname }}-4", dir: "/home/{{ short_hostname }}-4/slave" }
|
||||
- { user: "{{ short_hostname }}-5", home: "/home/{{ short_hostname }}-5", dir: "/home/{{ short_hostname }}-5/slave" }
|
||||
- { user: "{{ short_hostname }}-6", home: "/home/{{ short_hostname }}-6", dir: "/home/{{ short_hostname }}-6/slave" }
|
||||
- { user: "{{ short_hostname }}-7", home: "/home/{{ short_hostname }}-7", dir: "/home/{{ short_hostname }}-7/slave" }
|
||||
- { user: "{{ short_hostname }}-8", home: "/home/{{ short_hostname }}-8", dir: "/home/{{ short_hostname }}-8/slave" }
|
||||
- { user: "{{ short_hostname }}-9", home: "/home/{{ short_hostname }}-9", dir: "/home/{{ short_hostname }}-9/slave" }
|
||||
- { user: "{{ short_hostname }}-10", home: "/home/{{ short_hostname }}-10", dir: "/home/{{ short_hostname }}-10/slave" }
|
||||
- { user: "{{ short_hostname }}-11", home: "/home/{{ short_hostname }}-11", dir: "/home/{{ short_hostname }}-11/slave" }
|
||||
- { user: "{{ short_hostname }}-12", home: "/home/{{ short_hostname }}-12", dir: "/home/{{ short_hostname }}-12/slave" }
|
||||
- { user: "{{ short_hostname }}-13", home: "/home/{{ short_hostname }}-13", dir: "/home/{{ short_hostname }}-13/slave" }
|
||||
- { user: "{{ short_hostname }}-14", home: "/home/{{ short_hostname }}-14", dir: "/home/{{ short_hostname }}-14/slave" }
|
||||
- { user: "{{ short_hostname }}-15", home: "/home/{{ short_hostname }}-15", dir: "/home/{{ short_hostname }}-15/slave" }
|
||||
- { user: "{{ short_hostname }}-1", home: "/srv/buildslaves/{{ short_hostname }}-1", dir: "/srv/buildslaves/{{ short_hostname }}-1/slave" }
|
||||
- { user: "{{ short_hostname }}-2", home: "/srv/buildslaves/{{ short_hostname }}-2", dir: "/srv/buildslaves/{{ short_hostname }}-2/slave" }
|
||||
- { user: "{{ short_hostname }}-3", home: "/srv/buildslaves/{{ short_hostname }}-3", dir: "/srv/buildslaves/{{ short_hostname }}-3/slave" }
|
||||
- { user: "{{ short_hostname }}-4", home: "/srv/buildslaves/{{ short_hostname }}-4", dir: "/srv/buildslaves/{{ short_hostname }}-4/slave" }
|
||||
- { user: "{{ short_hostname }}-5", home: "/srv/buildslaves/{{ short_hostname }}-5", dir: "/srv/buildslaves/{{ short_hostname }}-5/slave" }
|
||||
- { user: "{{ short_hostname }}-6", home: "/srv/buildslaves/{{ short_hostname }}-6", dir: "/srv/buildslaves/{{ short_hostname }}-6/slave" }
|
||||
- { user: "{{ short_hostname }}-7", home: "/srv/buildslaves/{{ short_hostname }}-7", dir: "/srv/buildslaves/{{ short_hostname }}-7/slave" }
|
||||
- { user: "{{ short_hostname }}-8", home: "/srv/buildslaves/{{ short_hostname }}-8", dir: "/srv/buildslaves/{{ short_hostname }}-8/slave" }
|
||||
- { user: "{{ short_hostname }}-9", home: "/srv/buildslaves/{{ short_hostname }}-9", dir: "/srv/buildslaves/{{ short_hostname }}-9/slave" }
|
||||
- { user: "{{ short_hostname }}-10", home: "/srv/buildslaves/{{ short_hostname }}-10", dir: "/srv/buildslaves/{{ short_hostname }}-10/slave" }
|
||||
- { user: "{{ short_hostname }}-11", home: "/srv/buildslaves/{{ short_hostname }}-11", dir: "/srv/buildslaves/{{ short_hostname }}-11/slave" }
|
||||
- { user: "{{ short_hostname }}-12", home: "/srv/buildslaves/{{ short_hostname }}-12", dir: "/srv/buildslaves/{{ short_hostname }}-12/slave" }
|
||||
- { user: "{{ short_hostname }}-13", home: "/srv/buildslaves/{{ short_hostname }}-13", dir: "/srv/buildslaves/{{ short_hostname }}-13/slave" }
|
||||
- { user: "{{ short_hostname }}-14", home: "/srv/buildslaves/{{ short_hostname }}-14", dir: "/srv/buildslaves/{{ short_hostname }}-14/slave" }
|
||||
- { user: "{{ short_hostname }}-15", home: "/srv/buildslaves/{{ short_hostname }}-15", dir: "/srv/buildslaves/{{ short_hostname }}-15/slave" }
|
||||
|
|
|
|||
|
|
@ -19,8 +19,8 @@ eth0_ip: 10.5.124.206
|
|||
# install
|
||||
############################################################
|
||||
|
||||
ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-25-taskotron-master
|
||||
ks_repo: http://10.5.126.23/pub/fedora/linux/releases/25/Server/x86_64/os/
|
||||
ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-27-taskotron-master
|
||||
ks_repo: http://10.5.126.23/pub/fedora/linux/releases/27/Server/x86_64/os/
|
||||
sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
|
||||
vmhost: virthost-comm03.qa.fedoraproject.org
|
||||
volgroup: /dev/VirtGuests
|
||||
|
|
@ -44,65 +44,65 @@ public_hostname: taskotron.fedoraproject.org
|
|||
buildmaster: 10.5.124.206
|
||||
|
||||
buildslaves:
|
||||
- qa12.qa-1
|
||||
- qa12.qa-2
|
||||
- qa12.qa-3
|
||||
- qa12.qa-4
|
||||
- qa12.qa-5
|
||||
- qa12.qa-6
|
||||
- qa12.qa-7
|
||||
- qa12.qa-8
|
||||
- qa12.qa-9
|
||||
- qa12.qa-10
|
||||
- qa12.qa-11
|
||||
- qa12.qa-12
|
||||
- qa12.qa-13
|
||||
- qa12.qa-14
|
||||
- qa12.qa-15
|
||||
- qa13.qa-1
|
||||
- qa13.qa-2
|
||||
- qa13.qa-3
|
||||
- qa13.qa-4
|
||||
- qa13.qa-5
|
||||
- qa13.qa-6
|
||||
- qa13.qa-7
|
||||
- qa13.qa-8
|
||||
- qa13.qa-9
|
||||
- qa13.qa-10
|
||||
- qa13.qa-11
|
||||
- qa13.qa-12
|
||||
- qa13.qa-13
|
||||
- qa13.qa-14
|
||||
- qa13.qa-15
|
||||
- qa12-1
|
||||
- qa12-2
|
||||
- qa12-3
|
||||
- qa12-4
|
||||
- qa12-5
|
||||
- qa12-6
|
||||
- qa12-7
|
||||
- qa12-8
|
||||
- qa12-9
|
||||
- qa12-10
|
||||
- qa12-11
|
||||
- qa12-12
|
||||
- qa12-13
|
||||
- qa12-14
|
||||
- qa12-15
|
||||
- qa13-1
|
||||
- qa13-2
|
||||
- qa13-3
|
||||
- qa13-4
|
||||
- qa13-5
|
||||
- qa13-6
|
||||
- qa13-7
|
||||
- qa13-8
|
||||
- qa13-9
|
||||
- qa13-10
|
||||
- qa13-11
|
||||
- qa13-12
|
||||
- qa13-13
|
||||
- qa13-14
|
||||
- qa13-15
|
||||
i386_buildslaves:
|
||||
- qa13.qa-10
|
||||
- qa13-10
|
||||
x86_64_buildslaves:
|
||||
- qa12.qa-1
|
||||
- qa12.qa-2
|
||||
- qa12.qa-3
|
||||
- qa12.qa-4
|
||||
- qa12.qa-5
|
||||
- qa12.qa-6
|
||||
- qa12.qa-7
|
||||
- qa12.qa-8
|
||||
- qa12.qa-9
|
||||
- qa12.qa-10
|
||||
- qa12.qa-11
|
||||
- qa12.qa-12
|
||||
- qa12.qa-13
|
||||
- qa12.qa-14
|
||||
- qa12.qa-15
|
||||
- qa13.qa-1
|
||||
- qa13.qa-2
|
||||
- qa13.qa-3
|
||||
- qa13.qa-4
|
||||
- qa13.qa-5
|
||||
- qa13.qa-6
|
||||
- qa13.qa-7
|
||||
- qa13.qa-8
|
||||
- qa13.qa-9
|
||||
- qa13.qa-11
|
||||
- qa13.qa-12
|
||||
- qa13.qa-13
|
||||
- qa13.qa-14
|
||||
- qa13.qa-15
|
||||
- qa12-1
|
||||
- qa12-2
|
||||
- qa12-3
|
||||
- qa12-4
|
||||
- qa12-5
|
||||
- qa12-6
|
||||
- qa12-7
|
||||
- qa12-8
|
||||
- qa12-9
|
||||
- qa12-10
|
||||
- qa12-11
|
||||
- qa12-12
|
||||
- qa12-13
|
||||
- qa12-14
|
||||
- qa12-15
|
||||
- qa13-1
|
||||
- qa13-2
|
||||
- qa13-3
|
||||
- qa13-4
|
||||
- qa13-5
|
||||
- qa13-6
|
||||
- qa13-7
|
||||
- qa13-8
|
||||
- qa13-9
|
||||
- qa13-11
|
||||
- qa13-12
|
||||
- qa13-13
|
||||
- qa13-14
|
||||
- qa13-15
|
||||
|
|
|
|||
|
|
@ -55,17 +55,15 @@
|
|||
- fedmsg/base
|
||||
- {
|
||||
role: "manage-container-images",
|
||||
cert_dest_dir: "/etc/docker/certs.d/registry.stg.fedoraproject.org",
|
||||
cert_dest_dir: "/etc/docker/certs.d/registry{{ env_suffix }}.fedoraproject.org",
|
||||
cert_src: "{{private}}/files/docker-registry/{{env}}/docker-registry-internal.pem",
|
||||
key_src: "{{private}}/files/docker-registry/{{env}}/docker-registry-internal.key",
|
||||
when: env == "staging"
|
||||
}
|
||||
- {
|
||||
role: "manage-container-images",
|
||||
cert_dest_dir: "/etc/docker/certs.d/candidate-registry.stg.fedoraproject.org",
|
||||
cert_dest_dir: "/etc/docker/certs.d/candidate-registry{{ env_suffix }}.fedoraproject.org",
|
||||
cert_src: "{{private}}/files/docker-registry/{{env}}/docker-registry-internal.pem",
|
||||
key_src: "{{private}}/files/docker-registry/{{env}}/docker-registry-internal.key",
|
||||
when: env == "staging"
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@
|
|||
default_mounts = /mnt/koji
|
||||
{% elif env == 'staging' %}
|
||||
; In staging we also need the production split volume
|
||||
default_mounts = /mnt/koji,/mnt/fedora_koji_prod/koji
|
||||
default_mounts = /mnt/koji,/mnt/fedora_koji_prod/koji,/etc/kojid/secrets
|
||||
{% endif %}
|
||||
|
||||
; comma-delimited list of safe roots.
|
||||
|
|
@ -52,8 +52,8 @@ options = ro,bind
|
|||
|
||||
; Directory for secrets to be used by certain builds
|
||||
[path3]
|
||||
mountpoint = /etc/kojid/secrets/
|
||||
path = /etc/kojid/secrets/
|
||||
mountpoint = /etc/kojid/secrets
|
||||
path = /etc/kojid/secrets
|
||||
fstype = bind
|
||||
options = ro,bind
|
||||
{% endif %}
|
||||
|
|
|
|||
|
|
@ -47,11 +47,11 @@
|
|||
|
||||
- name: set the selinux fcontext type for the buildmaster_home to var_lib_t
|
||||
command: semanage fcontext -a -t var_lib_t "{{ buildmaster_home }}(/.*)?"
|
||||
when: deployment_type in ['prod', 'qa-stg']
|
||||
when: deployment_type in ['qa-stg']
|
||||
|
||||
- name: ensure correct fcontext for buildmaster home (new)
|
||||
file: path="{{ buildmaster_home }}(/. *)?" setype=var_lib_t owner=buildmaster group=buildmaster mode=0775 state=directory
|
||||
when: deployment_type in ['dev', 'stg']
|
||||
when: deployment_type in ['dev', 'stg', 'prod']
|
||||
|
||||
#- name: make sure the selinux fcontext is restored
|
||||
# command: restorecon -R "{{ buildmaster_home }}"
|
||||
|
|
|
|||
|
|
@ -110,7 +110,7 @@
|
|||
file: path={{ item.home }}/slave setype=var_lib_t owner={{ item.user }} group={{ slaves_group }} mode=0700 state=directory
|
||||
with_items:
|
||||
- '{{ slaves|default([dict(user="", home="", dir="")]) }}'
|
||||
when: deployment_type in ['dev', 'stg']
|
||||
when: deployment_type in ['dev', 'stg', 'prod']
|
||||
|
||||
- name: generate buildslave service file
|
||||
template: src=buildslave@.service.j2 dest=/lib/systemd/system/buildslave@.service owner=root group=root mode=0644
|
||||
|
|
|
|||
|
|
@ -4,18 +4,10 @@ After=network.target
|
|||
|
||||
[Service]
|
||||
Type=forking
|
||||
{% if deployment_type in ['prod'] %}
|
||||
# disabled because of https://pagure.io/taskotron/issue/236
|
||||
#PIDFile=/home/%i/slave/twistd.pid
|
||||
ExecStart=/bin/buildslave start /home/%i/slave/
|
||||
ExecStop=/bin/buildslave stop /home/%i/slave/
|
||||
{% endif %}
|
||||
{% if deployment_type in ['dev', 'stg'] %}
|
||||
# disabled because of https://pagure.io/taskotron/issue/236
|
||||
#PIDFile=/srv/buildslaves/%i/slave/twistd.pid
|
||||
ExecStart=/bin/buildslave start /srv/buildslaves/%i/slave/
|
||||
ExecStop=/bin/buildslave stop /srv/buildslaves/%i/slave/
|
||||
{% endif %}
|
||||
User=%i
|
||||
Group={{ slaves_group }}
|
||||
|
||||
|
|
|
|||
|
|
@ -60,7 +60,7 @@
|
|||
- name: set the selinux fcontext type for the buildslave dir to var_lib_t
|
||||
command: semanage fcontext -a -t var_lib_t "{{ item.dir }}"
|
||||
with_items: "{{ slaves }}"
|
||||
when: slaves is defined and deployment_type in ['prod', 'qa-prod', 'qa-stg']
|
||||
when: slaves is defined and deployment_type in ['qa-prod', 'qa-stg']
|
||||
|
||||
- name: make sure the selinux fcontext is restored
|
||||
command: restorecon -R "{{ item.dir }}"
|
||||
|
|
|
|||
|
|
@ -21,7 +21,6 @@
|
|||
|
||||
- name: allow httpd to read artifacts on nfs
|
||||
seboolean: name=httpd_use_nfs state=yes persistent=yes
|
||||
when: deployment_type in ['stg', 'prod']
|
||||
|
||||
- name: copy cronjob for cleaning old taskotron artifacts and buildmaster logs
|
||||
template: src=taskotron-clean.cron.j2 dest=/etc/cron.d/taskotron-clean.cron owner=root group=root mode=0644
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue