Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of /git/ansible

Browse source
This commit is contained in:
Chaoyi Zha 2015-06-18 18:09:56 +00:00
commit e51ccaeae2
11 changed files with 79 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

2
inventory/group_vars/pagure
View file

@ -8,6 +8,8 @@ num_cpus: 6
# the host_vars/$hostname file # the host_vars/$hostname file
tcp_ports: [ 22, 25, 80, 443, 9418, tcp_ports: [ 22, 25, 80, 443, 9418,
# Used for the eventsource
8080,
# This is for the pagure public fedmsg relay # This is for the pagure public fedmsg relay
9940] 9940]

4
inventory/group_vars/pagure-stg
View file

@ -13,6 +13,10 @@ tcp_ports: [ 22, 25, 80, 443, 9418,
# This is for the pagure public fedmsg relay # This is for the pagure public fedmsg relay
9940] 9940]
stunnel_service: "eventsource"
stunnel_source_port: 8080
stunnel_destination_port: 8080
# These are consumed by a task in roles/fedmsg/base/main.yml # These are consumed by a task in roles/fedmsg/base/main.yml
fedmsg_certs: fedmsg_certs:
- service: shell - service: shell

4
playbooks/manual/upgrade/mote.yml
View file

@ -1,5 +1,5 @@
- name: push packages out - name: push packages out
hosts: value-stg hosts: value;value-stg
user: root user: root
vars_files: vars_files:
- /srv/web/infra/ansible/vars/global.yml - /srv/web/infra/ansible/vars/global.yml
@ -22,7 +22,7 @@
when: testing when: testing
- name: verify the config and restart it - name: verify the config and restart it
hosts: value-stg hosts: value;value-stg
user: root user: root
vars_files: vars_files:
- /srv/web/infra/ansible/vars/global.yml - /srv/web/infra/ansible/vars/global.yml

4
roles/copr/backend/files/provision/provision_builder_tasks.yml
View file

@ -76,5 +76,5 @@
- name: disable core dumps - name: disable core dumps
ini_file: dest=/etc/systemd/coredump.conf section=Coredump option=Storage value=none ini_file: dest=/etc/systemd/coredump.conf section=Coredump option=Storage value=none
notify: # notify:
- systemctl daemon-reload # - systemctl daemon-reload

14
roles/pagure/frontend/files/stunnel.service Normal file
View file

@ -0,0 +1,14 @@
[Unit]
Description=stunnel
After=network.target
Documentation=https://infrastructure.fedoraproject.org/infra/docs/fedmsg-websocket.txt
[Service]
ExecStart=/usr/bin/stunnel /etc/stunnel/stunnel.conf
Type=forking
User=root
Group=root
Restart=on-failure
[Install]
WantedBy=multi-user.target

35
roles/pagure/frontend/tasks/main.yml
View file

@ -11,6 +11,7 @@
- redis - redis
- libsemanage-python - libsemanage-python
- mod_ssl - mod_ssl
- stunnel
tags: tags:
- pagure - pagure
- packages - packages
@ -127,6 +128,39 @@
- restart pagure_milter - restart pagure_milter
# Set-up stunnel for the event source server
- name: install stunnel service definition
copy: src=stunnel.service
dest=/usr/lib/systemd/system/stunnel.service
owner=root group=root mode=0755
notify:
- reload systemd
- restart stunnel
tags:
- pagure
- stunnel
- name: ensure old stunnel init file is gone
file: dest=/etc/init.d/stunnel/stunnel.init state=absent
tags:
- pagure
- stunnel
- config
- name: install stunnel.conf
template: src={{ item.file }}
dest={{ item.dest }}
owner=root group=root mode=0600
with_items:
- { file: stunnel-conf.j2, dest: /etc/stunnel/stunnel.conf }
notify: restart stunnel
tags:
- pagure
- stunnel
- config
# Set-up Pagure # Set-up Pagure
- name: create the /var/www/releases folder - name: create the /var/www/releases folder
@ -165,6 +199,7 @@
copy: > copy: >
src={{ private}}/files/httpd/{{ item }} dest=/etc/pki/tls/certs/{{ item }} src={{ private}}/files/httpd/{{ item }} dest=/etc/pki/tls/certs/{{ item }}
owner=root group=root mode=0600 owner=root group=root mode=0600
notify: restart stunnel
with_items: with_items:
- pagure.io.cert - pagure.io.cert
- pagure.io.key - pagure.io.key

8
roles/pagure/frontend/templates/stunnel-conf.j2 Normal file
View file

@ -0,0 +1,8 @@
cert = /etc/pki/tls/certs/pagure.io.cert
key = /etc/pki/tls/certs/pagure.io.key
pid = /var/run/stunnel.pid
[{{ stunnel_service }}]
accept = {{ stunnel_source_port }}
connect = {{ stunnel_destination_port }}

2
roles/review-stats/build/files/review-stats.cron Normal file
View file

@ -0,0 +1,2 @@
MAILTO=tibbs@fedoraproject.org
0,30 * * * * apache /usr/local/bin/review-stats.py -c /usr/local/share/review-stats/review-stats.cfg -t /usr/local/share/review-stats/templates -d /srv/web/review-stats/

8
roles/review-stats/build/tasks/main.yml
View file

@ -39,3 +39,11 @@
- review-stats - review-stats
- review-stats/build - review-stats/build
- name: Install the review-stats cronjob
copy: >
src=review-stats.cron dest=/etc/cron.d/review-stats.cron
owner=root group=root mode=0644
tags:
- cron
- review-stats
- review-stats/build

2
roles/supybot/files/meetings_by_team.sh
View file

@ -8,6 +8,6 @@ for f in `find -type f -mtime -30 | grep -v "fedora-meeting\."`
do do
teamname=$(basename $f | awk -F. '{ print $1 }' ) teamname=$(basename $f | awk -F. '{ print $1 }' )
mkdir -p $BASELOCATION/$teamname mkdir -p $BASELOCATION/$teamname
ln -s $PWD/$f $BASELOCATION/$teamname/ 2> /dev/null ln -f -s $PWD/$f $BASELOCATION/$teamname/ 2> /dev/null
done done

2
roles/taiga/templates/local.py
View file

@ -12,7 +12,7 @@ DEBUG = False
TEMPLATE_DEBUG = False TEMPLATE_DEBUG = False
PUBLIC_REGISTER_ENABLED = True PUBLIC_REGISTER_ENABLED = True
DEFAULT_FROM_EMAIL = "no-reply@example.com" DEFAULT_FROM_EMAIL = "nobody@fedoraproject.org"
SERVER_EMAIL = DEFAULT_FROM_EMAIL SERVER_EMAIL = DEFAULT_FROM_EMAIL
INSTALLED_APPS += ["taiga_contrib_fas_openid_auth"] INSTALLED_APPS += ["taiga_contrib_fas_openid_auth"]