From e065fd5891b60943e00a585f12054e1d0abd03d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakub=20Kadl=C4=8D=C3=ADk?= Date: Fri, 13 Jan 2017 00:07:33 +0100 Subject: [PATCH] Run MBS on copr-frontend instance (unfinished) --- playbooks/groups/copr-frontend.yml | 5 +- roles/copr/mbs/files/.gitignore | 0 roles/copr/mbs/files/httpd/mbs.conf | 49 +++++++++++++++ roles/copr/mbs/handlers/.gitignore | 0 roles/copr/mbs/meta/.gitignore | 0 roles/copr/mbs/tasks/.gitignore | 0 roles/copr/mbs/tasks/main.yml | 98 +++++++++++++++++++++++++++++ roles/copr/mbs/templates/.gitignore | 0 8 files changed, 150 insertions(+), 2 deletions(-) create mode 100644 roles/copr/mbs/files/.gitignore create mode 100644 roles/copr/mbs/files/httpd/mbs.conf create mode 100644 roles/copr/mbs/handlers/.gitignore create mode 100644 roles/copr/mbs/meta/.gitignore create mode 100644 roles/copr/mbs/tasks/.gitignore create mode 100644 roles/copr/mbs/tasks/main.yml create mode 100644 roles/copr/mbs/templates/.gitignore diff --git a/playbooks/groups/copr-frontend.yml b/playbooks/groups/copr-frontend.yml index d3f43e1546..e6e45675db 100644 --- a/playbooks/groups/copr-frontend.yml +++ b/playbooks/groups/copr-frontend.yml @@ -36,5 +36,6 @@ - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml roles: - - base - - copr/frontend + - base + - copr/frontend + - copr/mbs diff --git a/roles/copr/mbs/files/.gitignore b/roles/copr/mbs/files/.gitignore new file mode 100644 index 0000000000..e69de29bb2 diff --git a/roles/copr/mbs/files/httpd/mbs.conf b/roles/copr/mbs/files/httpd/mbs.conf new file mode 100644 index 0000000000..ead1e54ad1 --- /dev/null +++ b/roles/copr/mbs/files/httpd/mbs.conf @@ -0,0 +1,49 @@ +NameVirtualHost *:443 +LoadModule wsgi_module modules/mod_wsgi.so +WSGISocketPrefix /var/run/wsgi +#Alias /robots.txt /var/www/html/robots.txt + + + #ServerName copr.fedorainfracloud.org/module-build-service + #ServerAlias copr-fe.cloud.fedoraproject.org/module-build-service + + ServerName module-build-service + ServerAlias module-build-service + + WSGIPassAuthorization On + #WSGIDaemonProcess 127.0.0.1 user=mbs group=mbs threads=15 display-name=other + WSGIDaemonProcess module-build-service user=mbs group=mbs threads=15 display-name=module-build-service + #WSGIScriptAlias / /usr/share/copr/coprs_frontend/application + #WSGIScriptAlias / /usr/bin/mbs-frontend + #WSGIScriptAlias / /usr/share/copr/coprs_frontend/mbs + WSGIScriptAlias /module-build-service /usr/share/copr/coprs_frontend/mbs + WSGIProcessGroup 127.0.0.1/module-build-service + + + #ErrorLog logs/error_coprs + #CustomLog logs/access_coprs common + + + WSGIApplicationGroup %{GLOBAL} + Require all granted + + + + + +ExtendedStatus On + + + SetHandler server-status + Require all denied + Require host localhost .redhat.com + + + + + StartServers 8 + MinSpareServers 8 + MaxSpareServers 20 + MaxClients 50 + MaxRequestsPerChild 10000 + diff --git a/roles/copr/mbs/handlers/.gitignore b/roles/copr/mbs/handlers/.gitignore new file mode 100644 index 0000000000..e69de29bb2 diff --git a/roles/copr/mbs/meta/.gitignore b/roles/copr/mbs/meta/.gitignore new file mode 100644 index 0000000000..e69de29bb2 diff --git a/roles/copr/mbs/tasks/.gitignore b/roles/copr/mbs/tasks/.gitignore new file mode 100644 index 0000000000..e69de29bb2 diff --git a/roles/copr/mbs/tasks/main.yml b/roles/copr/mbs/tasks/main.yml new file mode 100644 index 0000000000..c7dac6f130 --- /dev/null +++ b/roles/copr/mbs/tasks/main.yml @@ -0,0 +1,98 @@ +--- + +- name: Install python and deps for ansible modules + raw: dnf install -y python2 python2-dnf libselinux-python + +- name: Install stuff + dnf: name={{ item }} state=latest + with_items: + # Those things are explicitly listed in Vagrantfile + # https://pagure.io/fm-orchestrator/blob/master/f/Vagrantfile + # Should they be covered by spec file? + - fedmsg-relay + - fedpkg + - gcc + - gcc + - gcc-c++ + - git + - koji + - krb5-workstation + - libffi-devel + - openssl-devel + - python + - python-devel + - python-devel + - python-flask + - python-mock + - python-virtualenv + - redhat-rpm-config + - redhat-rpm-config + - rpm-build + - swig + - systemd-devel + + # Required for copr + - copr-cli + + +# Install module-build-service +- name: Enable copr-dev repo + command: dnf -y copr enable frostyx/module-build-service + +- name: Install module-build-service package + #dnf: name=module-build-service state=latest + command: dnf install https://frostyx.fedorapeople.org/module-build-service-1.0.2-1.fc24.noarch.rpm + + +# Post-install stuff +- name: Copy config to fedmsg.d (probably workarounding .spec here) + command: creates=/etc/fedmsg.d/module_build_service.py + cp /etc/module-build-service/fedmsg.d/module_build_service.py /etc/fedmsg.d/ + + +# Create user and group for mbs +- name: Create group for mbs-frontend + group: name=mbs state=present + +- name: Create user for mbs-frontend + user: name=mbs group=mbs + + + +- name: Upgrade database + command: mbs-upgradedb + +- name: Generate cert + command: mbs-gencert + +- name: Export krbcc + command: echo 'export KRB5CCNAME=FILE:/var/tmp/krbcc' >> ~/.bashrc + +- name: Set properties in config + replace: + dest: /etc/module-build-service/config.py + regexp: '^ {{ item.key }} = .*$' + replace: ' {{ item.key }} = {{ item.value }}' + backup: yes + with_items: + - { key: 'SYSTEM', value: '"copr"'} + - { key: 'REQUIRE_PACKAGER', value: 'False'} + - { key: 'OIDC_CLIENT_SECRETS', value: '"/etc/module-build-service/client_secrets.json"'} + + +# @TODO Should be packaged in module-build-service package? Or should already exist on copr-frontend instance? +- name: Copy cacert.pem + command: wget https://pagure.io/fm-orchestrator/raw/master/f/conf/cacert.pem -O /etc/module-build-service/cacert.pem + + +# Run module-build-service processes +- name: Enable fedmsg-relay + service: name=fedmsg-relay enabled=yes state=started + +- name: Run fedmsg-hub + service: name=fedmsg-hub enabled=yes state=started + +- name: copy apache files to conf.d + copy: src=httpd/mbs.conf dest=/etc/httpd/conf.d/mbs.conf + tags: + - config diff --git a/roles/copr/mbs/templates/.gitignore b/roles/copr/mbs/templates/.gitignore new file mode 100644 index 0000000000..e69de29bb2