Merge branch 'master' of /git/ansible
This commit is contained in:
commit
e51ccaeae2
11 changed files with 79 additions and 6 deletions
|
|
@ -8,6 +8,8 @@ num_cpus: 6
|
|||
# the host_vars/$hostname file
|
||||
|
||||
tcp_ports: [ 22, 25, 80, 443, 9418,
|
||||
# Used for the eventsource
|
||||
8080,
|
||||
# This is for the pagure public fedmsg relay
|
||||
9940]
|
||||
|
||||
|
|
|
|||
|
|
@ -13,6 +13,10 @@ tcp_ports: [ 22, 25, 80, 443, 9418,
|
|||
# This is for the pagure public fedmsg relay
|
||||
9940]
|
||||
|
||||
stunnel_service: "eventsource"
|
||||
stunnel_source_port: 8080
|
||||
stunnel_destination_port: 8080
|
||||
|
||||
# These are consumed by a task in roles/fedmsg/base/main.yml
|
||||
fedmsg_certs:
|
||||
- service: shell
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
- name: push packages out
|
||||
hosts: value-stg
|
||||
hosts: value;value-stg
|
||||
user: root
|
||||
vars_files:
|
||||
- /srv/web/infra/ansible/vars/global.yml
|
||||
|
|
@ -22,7 +22,7 @@
|
|||
when: testing
|
||||
|
||||
- name: verify the config and restart it
|
||||
hosts: value-stg
|
||||
hosts: value;value-stg
|
||||
user: root
|
||||
vars_files:
|
||||
- /srv/web/infra/ansible/vars/global.yml
|
||||
|
|
|
|||
|
|
@ -76,5 +76,5 @@
|
|||
|
||||
- name: disable core dumps
|
||||
ini_file: dest=/etc/systemd/coredump.conf section=Coredump option=Storage value=none
|
||||
notify:
|
||||
- systemctl daemon-reload
|
||||
# notify:
|
||||
# - systemctl daemon-reload
|
||||
|
|
|
|||
14
roles/pagure/frontend/files/stunnel.service
Normal file
14
roles/pagure/frontend/files/stunnel.service
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
[Unit]
|
||||
Description=stunnel
|
||||
After=network.target
|
||||
Documentation=https://infrastructure.fedoraproject.org/infra/docs/fedmsg-websocket.txt
|
||||
|
||||
[Service]
|
||||
ExecStart=/usr/bin/stunnel /etc/stunnel/stunnel.conf
|
||||
Type=forking
|
||||
User=root
|
||||
Group=root
|
||||
Restart=on-failure
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
@ -11,6 +11,7 @@
|
|||
- redis
|
||||
- libsemanage-python
|
||||
- mod_ssl
|
||||
- stunnel
|
||||
tags:
|
||||
- pagure
|
||||
- packages
|
||||
|
|
@ -127,6 +128,39 @@
|
|||
- restart pagure_milter
|
||||
|
||||
|
||||
# Set-up stunnel for the event source server
|
||||
|
||||
- name: install stunnel service definition
|
||||
copy: src=stunnel.service
|
||||
dest=/usr/lib/systemd/system/stunnel.service
|
||||
owner=root group=root mode=0755
|
||||
notify:
|
||||
- reload systemd
|
||||
- restart stunnel
|
||||
tags:
|
||||
- pagure
|
||||
- stunnel
|
||||
|
||||
- name: ensure old stunnel init file is gone
|
||||
file: dest=/etc/init.d/stunnel/stunnel.init state=absent
|
||||
tags:
|
||||
- pagure
|
||||
- stunnel
|
||||
- config
|
||||
|
||||
- name: install stunnel.conf
|
||||
template: src={{ item.file }}
|
||||
dest={{ item.dest }}
|
||||
owner=root group=root mode=0600
|
||||
with_items:
|
||||
- { file: stunnel-conf.j2, dest: /etc/stunnel/stunnel.conf }
|
||||
notify: restart stunnel
|
||||
tags:
|
||||
- pagure
|
||||
- stunnel
|
||||
- config
|
||||
|
||||
|
||||
# Set-up Pagure
|
||||
|
||||
- name: create the /var/www/releases folder
|
||||
|
|
@ -165,6 +199,7 @@
|
|||
copy: >
|
||||
src={{ private}}/files/httpd/{{ item }} dest=/etc/pki/tls/certs/{{ item }}
|
||||
owner=root group=root mode=0600
|
||||
notify: restart stunnel
|
||||
with_items:
|
||||
- pagure.io.cert
|
||||
- pagure.io.key
|
||||
|
|
|
|||
8
roles/pagure/frontend/templates/stunnel-conf.j2
Normal file
8
roles/pagure/frontend/templates/stunnel-conf.j2
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
cert = /etc/pki/tls/certs/pagure.io.cert
|
||||
key = /etc/pki/tls/certs/pagure.io.key
|
||||
pid = /var/run/stunnel.pid
|
||||
|
||||
[{{ stunnel_service }}]
|
||||
|
||||
accept = {{ stunnel_source_port }}
|
||||
connect = {{ stunnel_destination_port }}
|
||||
2
roles/review-stats/build/files/review-stats.cron
Normal file
2
roles/review-stats/build/files/review-stats.cron
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
MAILTO=tibbs@fedoraproject.org
|
||||
0,30 * * * * apache /usr/local/bin/review-stats.py -c /usr/local/share/review-stats/review-stats.cfg -t /usr/local/share/review-stats/templates -d /srv/web/review-stats/
|
||||
|
|
@ -39,3 +39,11 @@
|
|||
- review-stats
|
||||
- review-stats/build
|
||||
|
||||
- name: Install the review-stats cronjob
|
||||
copy: >
|
||||
src=review-stats.cron dest=/etc/cron.d/review-stats.cron
|
||||
owner=root group=root mode=0644
|
||||
tags:
|
||||
- cron
|
||||
- review-stats
|
||||
- review-stats/build
|
||||
|
|
|
|||
|
|
@ -8,6 +8,6 @@ for f in `find -type f -mtime -30 | grep -v "fedora-meeting\."`
|
|||
do
|
||||
teamname=$(basename $f | awk -F. '{ print $1 }' )
|
||||
mkdir -p $BASELOCATION/$teamname
|
||||
ln -s $PWD/$f $BASELOCATION/$teamname/ 2> /dev/null
|
||||
ln -f -s $PWD/$f $BASELOCATION/$teamname/ 2> /dev/null
|
||||
done
|
||||
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ DEBUG = False
|
|||
TEMPLATE_DEBUG = False
|
||||
PUBLIC_REGISTER_ENABLED = True
|
||||
|
||||
DEFAULT_FROM_EMAIL = "no-reply@example.com"
|
||||
DEFAULT_FROM_EMAIL = "nobody@fedoraproject.org"
|
||||
SERVER_EMAIL = DEFAULT_FROM_EMAIL
|
||||
|
||||
INSTALLED_APPS += ["taiga_contrib_fas_openid_auth"]
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue