Move mirrorlist-ibiblio over to mm2 and then there were 0 mm1 ones.
This commit is contained in:
Kevin Fenzi
parent
05f1c5c03d
commit
f2eb5ef700
10 changed files with 3 additions and 1301 deletions
|
|
@ -2,8 +2,8 @@
|
|||
nm: 255.255.255.128
|
||||
gw: 152.19.134.129
|
||||
dns: 152.2.21.1
|
||||
ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-6
|
||||
ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL6-x86_64/
|
||||
ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
|
||||
ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
|
||||
volgroup: /dev/vg_ibiblio04
|
||||
eth0_ip: 152.19.134.194
|
||||
vmhost: ibiblio04.fedoraproject.org
|
||||
|
|
|
|||
|
|
@ -343,12 +343,10 @@ fedoauth01.stg.phx2.fedoraproject.org
|
|||
memcached01.phx2.fedoraproject.org
|
||||
memcached02.phx2.fedoraproject.org
|
||||
|
||||
[mirrorlist]
|
||||
mirrorlist-ibiblio.fedoraproject.org
|
||||
|
||||
[mirrorlist2]
|
||||
mirrorlist-dedicatedsolutions.fedoraproject.org
|
||||
mirrorlist-host1plus.fedoraproject.org
|
||||
mirrorlist-ibiblio.fedoraproject.org
|
||||
mirrorlist-osuosl.fedoraproject.org
|
||||
mirrorlist-phx2.phx2.fedoraproject.org
|
||||
|
||||
|
|
|
|||
|
|
@ -1,56 +0,0 @@
|
|||
# create a new mirrorlist server
|
||||
# NOTE: should be used with --limit most of the time
|
||||
# NOTE: make sure there is room/space for this server on the vmhost
|
||||
# NOTE: most of these vars_path come from group_vars/mirrorlist or from hostvars
|
||||
|
||||
- name: make mirrorlist app server
|
||||
hosts: mirrorlist
|
||||
user: root
|
||||
gather_facts: False
|
||||
|
||||
vars_files:
|
||||
- /srv/web/infra/ansible/vars/global.yml
|
||||
- "/srv/private/ansible/vars.yml"
|
||||
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
|
||||
|
||||
tasks:
|
||||
- include: "{{ tasks }}/virt_instance_create.yml"
|
||||
|
||||
handlers:
|
||||
- include: "{{ handlers }}/restart_services.yml"
|
||||
|
||||
- name: make the box be real
|
||||
hosts: mirrorlist
|
||||
user: root
|
||||
gather_facts: True
|
||||
|
||||
vars_files:
|
||||
- /srv/web/infra/ansible/vars/global.yml
|
||||
- "/srv/private/ansible/vars.yml"
|
||||
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
|
||||
|
||||
roles:
|
||||
- base
|
||||
- rkhunter
|
||||
- denyhosts
|
||||
- nagios_client
|
||||
- geoip
|
||||
- hosts
|
||||
- fas_client
|
||||
- collectd/base
|
||||
- mirrormanager/mirrorlist
|
||||
- sudo
|
||||
- { role: openvpn/client,
|
||||
when: env != "staging" }
|
||||
|
||||
tasks:
|
||||
# this is how you include other task lists
|
||||
- include: "{{ tasks }}/yumrepos.yml"
|
||||
- include: "{{ tasks }}/2fa_client.yml"
|
||||
- include: "{{ tasks }}/motd.yml"
|
||||
- include: "{{ tasks }}/apache.yml"
|
||||
- include: "{{ tasks }}/mod_wsgi.yml"
|
||||
|
||||
|
||||
handlers:
|
||||
- include: "{{ handlers }}/restart_services.yml"
|
||||
File diff suppressed because it is too large
Load diff
|
|
@ -1 +0,0 @@
|
|||
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEA1+Mq0V8RPuCZrjsSz2y56tVR+hykwoYSodhs6ivqkuf16PHo1Aq2PR+I7xnxnJ/fqF20UEV4bmRFs9k4y/QnMOwi90O32vC3WZmfLfoY9S9dzUYXXOYy0lQZPMjmB+yOYZhhGIu2HTc4/CHKjVpCUZKHXwgkouEwsAEHQI86TrepvPwt5GrmAeZjcRp8T3maaFlRf8UFgcajF9ztgiEnBpWBEKaemtUtQ/g9cr/SwNMT3GK+M4qMVaXkuTCeiKwqxueZmTgn76aQ11sfoWYi1lVCyYt02iMDoBLaLERbwBLt3WpY/l3tQaZiPVoRPDH2EQb6v/XISsXNsqGtnc8APfhkVniURNwW/Qz8eXhpnd7GlU90iWPExvGo/Eaj2cNemgiNZH7/U7OKe3/7Li+IpPDhLCfJ8ue7Nqn+2uqhEWvzZXvamzcvEg89PBbgrdHDvJqVLnfsMDuDEo93KZ2pCfTGmjbYjbV3nnArhimLjkkb2E86489F09p65e4AoZw3HFgeW8yA3ecXtXd9FmYYkL0urT1AZFuJ/9B364h4gOqUt0oO7aW0vqhS1hW+7brIJ2DzM/vn90ONk8JVt1T3DvmgmVLxtuo1wu1PkDtekZNtJPGuGzvt5TYDjGPwZzrkYdYazLow3NMCyrhV6oNm8sxuZCLxeyZdM83Q7xty5nM= toshio@puppet1.fedora.phx.redhat.com
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
rsync -az --delete-delay --delay-updates --delete mirrormanager@bapp02:/var/lib/mirrormanager/ /var/lib/mirrormanager/
|
||||
kill -HUP $(cat /var/run/mirrormanager/mirrorlist_server.pid)
|
||||
|
|
@ -1,67 +0,0 @@
|
|||
|
||||
[supervisord]
|
||||
http_port=/var/tmp/supervisor.sock ; (default is to run a UNIX domain socket server)
|
||||
;http_port=127.0.0.1:9001 ; (alternately, ip_address:port specifies AF_INET)
|
||||
;sockchmod=0700 ; AF_UNIX socketmode (AF_INET ignore, default 0700)
|
||||
;sockchown=nobody.nogroup ; AF_UNIX socket uid.gid owner (AF_INET ignores)
|
||||
;umask=022 ; (process file creation umask;default 022)
|
||||
logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)
|
||||
logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB)
|
||||
logfile_backups=10 ; (num of main logfile rotation backups;default 10)
|
||||
loglevel=info ; (logging level;default info; others: debug,warn)
|
||||
pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
|
||||
nodaemon=false ; (start in foreground if true;default false)
|
||||
minfds=1024 ; (min. avail startup file descriptors;default 1024)
|
||||
minprocs=200 ; (min. avail process descriptors;default 200)
|
||||
|
||||
;nocleanup=true ; (don't clean up tempfiles at start;default false)
|
||||
;http_username=user ; (default is no username (open system))
|
||||
;http_password=123 ; (default is no password (open system))
|
||||
;childlogdir=/tmp ; ('AUTO' child log dir, default $TEMP)
|
||||
;user=chrism ; (default is current user, required if root)
|
||||
;directory=/tmp ; (default is not to cd during start)
|
||||
;environment=KEY=value ; (key value pairs to add to environment)
|
||||
|
||||
[supervisorctl]
|
||||
serverurl=unix:///var/tmp/supervisor.sock ; use a unix:// URL for a unix socket
|
||||
;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket
|
||||
;username=chris ; should be same as http_username if set
|
||||
;password=123 ; should be same as http_password if set
|
||||
;prompt=mysupervisor ; cmd line prompt (default "supervisor")
|
||||
|
||||
; The below sample program section shows all possible program subsection values,
|
||||
; create one or more 'real' program: sections to be able to control them under
|
||||
; supervisor.
|
||||
|
||||
;[program:theprogramname]
|
||||
;command=/bin/cat ; the program (relative uses PATH, can take args)
|
||||
;priority=999 ; the relative start priority (default 999)
|
||||
;autostart=true ; start at supervisord start (default: true)
|
||||
;autorestart=true ; retstart at unexpected quit (default: true)
|
||||
;startsecs=10 ; number of secs prog must stay running (def. 10)
|
||||
;startretries=3 ; max # of serial start failures (default 3)
|
||||
;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)
|
||||
;stopsignal=QUIT ; signal used to kill process (default TERM)
|
||||
;stopwaitsecs=10 ; max num secs to wait before SIGKILL (default 10)
|
||||
;user=chrism ; setuid to this UNIX account to run the program
|
||||
;log_stdout=true ; if true, log program stdout (default true)
|
||||
;log_stderr=true ; if true, log program stderr (def false)
|
||||
;logfile=/var/log/cat.log ; child log path, use NONE for none; default AUTO
|
||||
;logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)
|
||||
;logfile_backups=10 ; # of logfile backups (default 10)
|
||||
|
||||
[program:mirrorlist_server]
|
||||
command=/usr/share/mirrormanager/mirrorlist-server/mirrorlist_server.py
|
||||
priority=1
|
||||
autostart=true
|
||||
autorestart=true
|
||||
startsecs=10
|
||||
startretries=5
|
||||
stopsignal=TERM
|
||||
stopwaitsecs=10
|
||||
user=mirrormanager
|
||||
log_stderr=true
|
||||
log_stdout=true
|
||||
logfile=/var/log/mirrormanager/mirrorlist-server.log
|
||||
logfile_maxbytes=50MB
|
||||
logfile_backups=10
|
||||
|
|
@ -1,60 +0,0 @@
|
|||
---
|
||||
# tasklist for setting up the mirrorlist app components
|
||||
# create mirrormanager user
|
||||
- name: add mirrormanager user - uid {{ mirrormanager_uid }}
|
||||
user: name=mirrormanager uid={{ mirrormanager_uid }} state=present home=/home/mirrormanager createhome=yes
|
||||
|
||||
- name: install supervisor and mirrormanager
|
||||
yum: pkg={{ item }} state=present
|
||||
with_items:
|
||||
- supervisor
|
||||
- mirrormanager
|
||||
tags:
|
||||
- packages
|
||||
|
||||
# Put in the HOTFIX
|
||||
- name: HOTFIX mirrorlist_server.py
|
||||
copy: >
|
||||
src=mirrorlist_server.py dest=/usr/share/mirrormanager/mirrorlist-server/mirrorlist_server.py
|
||||
owner=root group=root mode=0755
|
||||
tags:
|
||||
- files
|
||||
notify:
|
||||
- restart httpd
|
||||
- restart supervisord
|
||||
|
||||
# mirrormanager user ssh key(s)
|
||||
- name: add authorized_keys for mirrormanager
|
||||
authorized_key: key="{{ item }}" user=mirrormanager state=present
|
||||
with_file:
|
||||
- mm-authorized_key
|
||||
|
||||
# install mirrorlist-server.conf apache config
|
||||
- name: mirrorlist-server apache conf
|
||||
template: src=mirrorlist-server.conf dest=/etc/httpd/conf.d/mirrorlist-server.conf
|
||||
notify:
|
||||
- restart apache
|
||||
tags:
|
||||
- config
|
||||
|
||||
# nuke mirrormanager.conf so that it doesn't start up
|
||||
- name: kill /etc/httpd/conf.d/mirrrormanager.conf
|
||||
copy: 'content="#blanked on purpose" dest=/etc/httpd/conf.d/mirrormanager.conf'
|
||||
when: inventory_hostname.startswith('mirrorlist')
|
||||
notify:
|
||||
- restart apache
|
||||
tags:
|
||||
- config
|
||||
|
||||
# selinux policy - mirrormanager - put in place - for the sockfile
|
||||
#
|
||||
|
||||
# setup and configure supervisord
|
||||
- name: /etc/supervisord.conf
|
||||
copy: src=supervisord.conf dest=/etc/supervisord.conf mode=0644
|
||||
notify:
|
||||
- restart supervisord
|
||||
|
||||
- name: enable supervisord
|
||||
service: name=supervisord state=started enabled=yes
|
||||
|
||||
|
|
@ -1,56 +0,0 @@
|
|||
KeepAlive off
|
||||
|
||||
Alias /mirrorlists /var/lib/mirrormanager/mirrorlists/
|
||||
Alias /publiclist /var/lib/mirrormanager/mirrorlists/publiclist/
|
||||
Alias /static /var/lib/mirrormanager/mirrorlists/static/
|
||||
|
||||
<Directory /var/lib/mirrormanager/mirrorlists>
|
||||
Options Indexes FollowSymLinks
|
||||
</Directory>
|
||||
|
||||
WSGIDaemonProcess mirrorlist user=apache processes={{ mirrorlist_procs }} threads=1 display-name=mirrorlist maximum-requests=1000
|
||||
|
||||
WSGIScriptAlias /metalink /usr/share/mirrormanager/mirrorlist-server/mirrorlist_client.wsgi
|
||||
WSGIScriptAlias /mirrorlist /usr/share/mirrormanager/mirrorlist-server/mirrorlist_client.wsgi
|
||||
|
||||
# Set this if you do not have a Reverse Proxy (HTTP Accelerator) that
|
||||
# is in front of your application server running this code.
|
||||
# SetEnv mirrorlist_client.noreverseproxy 1
|
||||
|
||||
<Location /mirrorlist>
|
||||
WSGIProcessGroup mirrorlist
|
||||
<IfModule mod_authz_core.c>
|
||||
# Apache 2.4
|
||||
Require all granted
|
||||
</IfModule>
|
||||
<IfModule !mod_authz_core.c>
|
||||
# Apache 2.2
|
||||
Order deny,allow
|
||||
Allow from all
|
||||
</IfModule>
|
||||
</Location>
|
||||
|
||||
<Location /metalink>
|
||||
WSGIProcessGroup mirrorlist
|
||||
<IfModule mod_authz_core.c>
|
||||
# Apache 2.4
|
||||
Require all granted
|
||||
</IfModule>
|
||||
<IfModule !mod_authz_core.c>
|
||||
# Apache 2.2
|
||||
Order deny,allow
|
||||
Allow from all
|
||||
</IfModule>
|
||||
</Location>
|
||||
|
||||
<Location /publiclist>
|
||||
<IfModule mod_authz_core.c>
|
||||
# Apache 2.4
|
||||
Require all granted
|
||||
</IfModule>
|
||||
<IfModule !mod_authz_core.c>
|
||||
# Apache 2.2
|
||||
Order deny,allow
|
||||
Allow from all
|
||||
</IfModule>
|
||||
</Location>
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
mirrormanager_uid: 441
|
||||
mirrormanager_gid: 441
|
||||
mirrors_gid: 263
|
||||
mirrors2_gid: 529
|
||||
Loading…
Add table
Add a link
Reference in a new issue