diff --git a/handlers/restart_services.yml b/handlers/restart_services.yml index 81c4749704..80f2c9e55f 100644 --- a/handlers/restart_services.yml +++ b/handlers/restart_services.yml @@ -33,9 +33,6 @@ - name: restart fedmsg-relay command: /usr/local/bin/conditional-restart.sh fedmsg-relay fedmsg-relay -- name: restart httpd - command: /usr/local/bin/conditional-restart.sh httpd httpd - - name: reload httpd action: service name=httpd state=reloaded @@ -87,14 +84,23 @@ - name: restart openvpn (Fedora) when: ansible_distribution == "Fedora" action: service name=openvpn@openvpn state=restarted + #notify: + #- fix openvpn routing - name: restart openvpn (RHEL6) when: ansible_distribution == "RedHat" and ansible_distribution_major_version|int == 6 action: service name=openvpn state=restarted + #notify: + #- fix openvpn routing - name: restart openvpn (RHEL7) when: ansible_distribution == "RedHat" and ansible_distribution_major_version|int == 7 action: service name=openvpn@openvpn state=restarted + #notify: + #- fix openvpn routing + +- name: fix openvpn routing + action: shell /etc/openvpn/fix-routes.sh - name: restart postfix action: service name=postfix state=restarted diff --git a/inventory/host_vars/db01.phx2.fedoraproject.org b/inventory/host_vars/db01.phx2.fedoraproject.org index 628b1e2d3c..4c734b56fe 100644 --- a/inventory/host_vars/db01.phx2.fedoraproject.org +++ b/inventory/host_vars/db01.phx2.fedoraproject.org @@ -27,6 +27,7 @@ databases: - notifications - nuancier_lite - pkgdb2 +- statscache - summershum - tahrir @@ -47,6 +48,7 @@ dbs_to_backup: - notifications - nuancier_lite - pkgdb2 +- statscache - summershum - tahrir diff --git a/playbooks/groups/logserver.yml b/playbooks/groups/logserver.yml index 5573a49d87..f90fc228eb 100644 --- a/playbooks/groups/logserver.yml +++ b/playbooks/groups/logserver.yml @@ -21,12 +21,12 @@ - collectd/server - sudo - epylog + - openvpn/client tasks: - include: "{{ tasks }}/yumrepos.yml" - include: "{{ tasks }}/2fa_client.yml" - include: "{{ tasks }}/motd.yml" - - include: "{{ tasks }}/openvpn_client_7.yml" handlers: - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/qa-stg.yml b/playbooks/groups/qa-stg.yml index ede1ecb425..28d6550c8b 100644 --- a/playbooks/groups/qa-stg.yml +++ b/playbooks/groups/qa-stg.yml @@ -87,14 +87,14 @@ - name: ensure ServerName is set in ssl.conf replace: dest=/etc/httpd/conf.d/ssl.conf regexp='^#ServerName .*$' replace='ServerName {{ external_hostname }}:443' notify: - - restart httpd + - reload httpd tags: - qastaticsites - name: ensure ServerName is set in httpd.conf replace: dest=/etc/httpd/conf/httpd.conf regexp='^#ServerName .*$' replace='ServerName {{ external_hostname }}:443' notify: - - restart httpd + - reload httpd tags: - qastaticsites @@ -108,7 +108,7 @@ template: src={{ files }}/httpd/newvirtualhost.conf.j2 dest=/etc/httpd/conf.d/{{ item.name }}.conf owner=root group=root mode=0644 with_items: static_sites notify: - - restart httpd + - reload httpd tags: - qastaticsites diff --git a/playbooks/groups/qadevel.yml b/playbooks/groups/qadevel.yml index 20014aef2e..2d7520d772 100644 --- a/playbooks/groups/qadevel.yml +++ b/playbooks/groups/qadevel.yml @@ -102,14 +102,14 @@ - name: ensure ServerName is set in ssl.conf replace: dest=/etc/httpd/conf.d/ssl.conf regexp='^#ServerName .*$' replace='ServerName {{ external_hostname }}:443' notify: - - restart httpd + - reload httpd tags: - qastaticsites - name: ensure ServerName is set in httpd.conf replace: dest=/etc/httpd/conf/httpd.conf regexp='^#ServerName .*$' replace='ServerName {{ external_hostname }}:443' notify: - - restart httpd + - reload httpd tags: - qastaticsites @@ -123,7 +123,7 @@ template: src={{ files }}/httpd/newvirtualhost.conf.j2 dest=/etc/httpd/conf.d/{{ item.name }}.conf owner=root group=root mode=0644 with_items: static_sites notify: - - restart httpd + - reload httpd tags: - qastaticsites diff --git a/playbooks/hosts/artboard.fedorainfracloud.org.yml b/playbooks/hosts/artboard.fedorainfracloud.org.yml index 227255f12c..83b37ff67f 100644 --- a/playbooks/hosts/artboard.fedorainfracloud.org.yml +++ b/playbooks/hosts/artboard.fedorainfracloud.org.yml @@ -109,7 +109,7 @@ with_items: - artboard.conf - redirect.conf - notify: restart httpd + notify: reload httpd tags: - artboard diff --git a/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml b/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml index 1d3fca7763..14f7ef9ab4 100644 --- a/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml +++ b/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml @@ -516,10 +516,10 @@ - lineinfile: dest=/etc/openstack-dashboard/local_settings regexp="^OPENSTACK_KEYSTONE_URL " line="OPENSTACK_KEYSTONE_URL = 'https://{{controller_publicname}}:5000/v2.0'" notify: - - restart httpd + - reload httpd - lineinfile: dest=/etc/openstack-dashboard/local_settings regexp="OPENSTACK_SSL_CACERT " line="OPENSTACK_SSL_CACERT = '/etc/pki/tls/certs/fedorainfracloud.org.digicert.pem'" notify: - - restart httpd + - reload httpd # configure cider with multi back-end # https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/5/html/Cloud_Administrator_Guide/section_manage-volumes.html @@ -637,6 +637,8 @@ copy_from: http://dl.fedoraproject.org/pub/fedora/linux/releases/22/Cloud/x86_64/Images/Fedora-Cloud-Atomic-22-20150521.x86_64.qcow2 - name: Fedora-Cloud-Base-22-20150521.x86_64 copy_from: http://dl.fedoraproject.org/pub/fedora/linux/releases/22/Cloud/x86_64/Images/Fedora-Cloud-Base-22-20150521.x86_64.qcow2 + - name: Fedora-Cloud-Base-23-20151030.x86_64 + copy_from: http://dl.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-23-20151030.x86_64.qcow2 - name: CentOS-7-x86_64-GenericCloud-1503 copy_from: http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-1503.qcow2 - name: CentOS-6-x86_64-GenericCloud-20141129_01 @@ -1171,5 +1173,5 @@ always_run: true changed_when: false register: TENANT_ID - - shell: source /root/keystonerc_admin && nova quota-update --instances 45 --cores 100 --ram 288300 --security-groups 20 {{ TENANT_ID.stdout }} + - shell: source /root/keystonerc_admin && nova quota-update --instances 45 --cores 150 --ram 288300 --security-groups 20 {{ TENANT_ID.stdout }} diff --git a/playbooks/hosts/lists-dev.fedorainfracloud.org.yml b/playbooks/hosts/lists-dev.fedorainfracloud.org.yml index 29a3af7585..79082f6be1 100644 --- a/playbooks/hosts/lists-dev.fedorainfracloud.org.yml +++ b/playbooks/hosts/lists-dev.fedorainfracloud.org.yml @@ -49,13 +49,13 @@ copy: src="{{ files }}/lists-dev/ssl.conf" dest=/etc/httpd/conf.d/ssl.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd - name: basic apache virtualhost config template: src="{{ files }}/lists-dev/apache.conf.j2" dest=/etc/httpd/conf.d/lists-dev.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd # Database - name: install postgresql server packages diff --git a/playbooks/include/proxies-fedora-web.yml b/playbooks/include/proxies-fedora-web.yml index ce1f7d1ba4..fc7352aa2b 100644 --- a/playbooks/include/proxies-fedora-web.yml +++ b/playbooks/include/proxies-fedora-web.yml @@ -23,6 +23,8 @@ website: boot.fedoraproject.org - role: fedora-web/mirrors website: mirrors.fedoraproject.org + - role: fedora-web/communityblog + website: communityblog.fedoraproject.org - role: fedora-web/community website: fedoracommunity.org - role: fedora-web/fudcon diff --git a/playbooks/include/proxies-reverseproxy.yml b/playbooks/include/proxies-reverseproxy.yml index 218228c2a6..8568db5bad 100644 --- a/playbooks/include/proxies-reverseproxy.yml +++ b/playbooks/include/proxies-reverseproxy.yml @@ -273,7 +273,6 @@ localpath: /statscache remotepath: /statscache proxyurl: http://localhost:10042 - when: env == "staging" - role: httpd/reverseproxy website: admin.fedoraproject.org diff --git a/playbooks/include/proxies-websites.yml b/playbooks/include/proxies-websites.yml index 0e60bed739..a1793cdc55 100644 --- a/playbooks/include/proxies-websites.yml +++ b/playbooks/include/proxies-websites.yml @@ -295,6 +295,12 @@ - www.uk.fedoracommunity.org cert_name: "{{wildcard_cert_name}}" + - role: httpd/website + name: communityblog.fedoraproject.org + server_aliases: [communityblog.fedoraproject.org] + sslonly: true + cert_name: "{{wildcard_cert_name}}" + - role: httpd/website name: people.fedoraproject.org server_aliases: [people.fedoraproject.org] diff --git a/playbooks/manual/upgrade/statscache.yml b/playbooks/manual/upgrade/statscache.yml new file mode 100644 index 0000000000..bb24358a80 --- /dev/null +++ b/playbooks/manual/upgrade/statscache.yml @@ -0,0 +1,100 @@ +- name: push packages out + hosts: statscache-backend;statscache-backend-stg;statscache-web;statscache-web-stg + user: root + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + vars: + testing: False + handlers: + - include: "{{ handlers }}/restart_services.yml" + + tasks: + - name: clean all metadata {%if testing%}(with infrastructure-testing on){%endif%} + command: yum clean all {%if testing%} --enablerepo=infrastructure-testing {%endif%} + always_run: yes + - name: yum update statscache packages from main repo + yum: name="statscache*" state=latest + when: not testing + - name: yum update statscache packages from testing repo + yum: name="statscache*" state=latest enablerepo=infrastructure-testing + when: testing + +- name: verify the frontend and stop it + hosts: statscache-web;statscache-web-stg + user: root + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + handlers: + - include: "{{ handlers }}/restart_services.yml" + + pre_tasks: + - name: tell nagios to shush w.r.t. the frontend + nagios: action=downtime minutes=15 service=host host={{ inventory_hostname_short }}{{ env_suffix }} + delegate_to: noc01.phx2.fedoraproject.org + ignore_errors: true + + roles: + - statscache/frontend + + post_tasks: + - service: name="httpd" state=stopped + +- name: verify the backend, stop it, and then upgrade the db + hosts: statscache-backend;statscache-backend-stg + user: root + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + handlers: + - include: "{{ handlers }}/restart_services.yml" + + pre_tasks: + - name: tell nagios to shush w.r.t. the backend + nagios: action=downtime minutes=15 service=host host={{ inventory_hostname_short }}{{ env_suffix }} + delegate_to: noc01.phx2.fedoraproject.org + ignore_errors: true + + roles: + - statscache/backend + + tasks: + - name: Stop the statscache backend + service: name="fedmsg-hub" state=stopped + + #- name: Upgrade the database + # command: /usr/bin/alembic -c /usr/share/statscache/alembic.ini upgrade head + # args: + # chdir: /usr/share/statscache/ + + - name: And... start the backend again + service: name="fedmsg-hub" state=started + + post_tasks: + - name: tell nagios to unshush w.r.t. the backend + nagios: action=unsilence service=host host={{ inventory_hostname_short }}{{ env_suffix }} + delegate_to: noc01.phx2.fedoraproject.org + ignore_errors: true + +- name: restart the frontend + hosts: statscache-web;statscache-web-stg + user: root + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + handlers: + - include: "{{ handlers }}/restart_services.yml" + + tasks: + - service: name="httpd" state=started + + post_tasks: + - name: tell nagios to unshush w.r.t. the frontend + nagios: action=unsilence service=host host={{ inventory_hostname_short }}{{ env_suffix }} + delegate_to: noc01.phx2.fedoraproject.org + ignore_errors: true diff --git a/roles/anitya/fedmsg/tasks/main.yml b/roles/anitya/fedmsg/tasks/main.yml index fec0f9888d..af3f4ef64c 100644 --- a/roles/anitya/fedmsg/tasks/main.yml +++ b/roles/anitya/fedmsg/tasks/main.yml @@ -54,7 +54,7 @@ - fedmsgdconfig - anitya/fedmsg notify: - - restart httpd + - reload httpd - restart fedmsg-relay - name: Remove unwanted files @@ -66,7 +66,7 @@ - fedmsgdconfig - anitya/fedmsg notify: - - restart httpd + - reload httpd - restart fedmsg-relay - name: setup /etc/pki/fedmsg directory diff --git a/roles/apps-fp-o/tasks/main.yml b/roles/apps-fp-o/tasks/main.yml index 3b159e471c..ba1dca388b 100644 --- a/roles/apps-fp-o/tasks/main.yml +++ b/roles/apps-fp-o/tasks/main.yml @@ -8,7 +8,7 @@ src=apps.fp.o.conf dest=/etc/httpd/conf.d/{{website}}/apps.fp.o.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - apps-fp-o diff --git a/roles/ask/tasks/main.yml b/roles/ask/tasks/main.yml index 07c9265c24..26440061d4 100644 --- a/roles/ask/tasks/main.yml +++ b/roles/ask/tasks/main.yml @@ -87,7 +87,7 @@ - ask - files notify: - - restart httpd + - reload httpd # # we add this wsgi to handle ssl issues in stg @@ -100,7 +100,7 @@ - ask - files notify: - - restart httpd + - reload httpd - name: Install askbot cron jobs copy: > @@ -156,7 +156,7 @@ - files - celery notify: - - restart httpd + - reload httpd - name: HOTFIX askbot backends.py copy: > @@ -167,7 +167,7 @@ - files - hotfix notify: - - restart httpd + - reload httpd # # fedora favicon @@ -194,7 +194,7 @@ - files - hotfix notify: - - restart httpd + - reload httpd # # fix for feedback @@ -209,4 +209,4 @@ - files - hotfix notify: - - restart httpd + - reload httpd diff --git a/roles/batcave/files/ticketkey.cron b/roles/batcave/files/ticketkey.cron index 884b124b9c..bd6311e4da 100755 --- a/roles/batcave/files/ticketkey.cron +++ b/roles/batcave/files/ticketkey.cron @@ -1,4 +1,4 @@ #!/bin/bash # Roll over the proxy SSL ticketkey -/usr/bin/ansible /srv/web/infra/ansible/playbooks/update_ticketkey.yml | mailx -s "TickeyKey rollover" puiterwijk@fedoraproject.org +/usr/bin/ansible-playbook /srv/web/infra/ansible/playbooks/update_ticketkey.yml | mailx -s "TickeyKey rollover" puiterwijk@fedoraproject.org diff --git a/roles/beaker/labcontroller/tasks/main.yml b/roles/beaker/labcontroller/tasks/main.yml index 7f3b8e7f3c..71c5ca9930 100644 --- a/roles/beaker/labcontroller/tasks/main.yml +++ b/roles/beaker/labcontroller/tasks/main.yml @@ -25,7 +25,7 @@ force: yes register: configure_result notify: - - restart httpd + - reload httpd - restart beaker lab controller tags: - beaker_lab_controller diff --git a/roles/beaker/server/tasks/main.yml b/roles/beaker/server/tasks/main.yml index baec70fb2c..37cd33074a 100644 --- a/roles/beaker/server/tasks/main.yml +++ b/roles/beaker/server/tasks/main.yml @@ -25,7 +25,7 @@ group: root mode: 0644 notify: - - restart httpd + - reload httpd tags: - beaker-server @@ -41,7 +41,7 @@ register: setup_beaker_conf notify: - restart beaker server - - restart httpd + - reload httpd tags: - beaker-server diff --git a/roles/blockerbugs/tasks/main.yml b/roles/blockerbugs/tasks/main.yml index 17495f0e67..e1bfe4841e 100644 --- a/roles/blockerbugs/tasks/main.yml +++ b/roles/blockerbugs/tasks/main.yml @@ -24,7 +24,7 @@ - name: setup blockerbugs apache conf copy: src=blockerbugs.conf dest=/etc/httpd/conf.d/blockerbugs.conf mode=644 notify: - - restart httpd + - reload httpd tags: - config - httpd @@ -33,7 +33,7 @@ - name: setup blockerbugs app settings file template: src=blockerbugs-settings.py.j2 dest=/etc/blockerbugs/settings.py mode=644 notify: - - restart httpd + - reload httpd tags: - config - httpd diff --git a/roles/bodhi/backend/tasks/main.yml b/roles/bodhi/backend/tasks/main.yml index adfe775d4e..2b15229124 100644 --- a/roles/bodhi/backend/tasks/main.yml +++ b/roles/bodhi/backend/tasks/main.yml @@ -33,7 +33,7 @@ group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - config @@ -116,7 +116,7 @@ mode=0600 when: inventory_hostname.startswith('bodhi-backend02') notify: - - restart httpd + - reload httpd tags: - config @@ -131,7 +131,7 @@ mode=0600 when: inventory_hostname.startswith('bodhi-backend01') notify: - - restart httpd + - reload httpd tags: - config diff --git a/roles/bodhi/base/tasks/main.yml b/roles/bodhi/base/tasks/main.yml index 017c584edd..a2bf2769f8 100644 --- a/roles/bodhi/base/tasks/main.yml +++ b/roles/bodhi/base/tasks/main.yml @@ -25,7 +25,7 @@ mode=0600 when: inventory_hostname.startswith('bodhi0') notify: - - restart httpd + - reload httpd tags: - config - bodhi @@ -39,7 +39,7 @@ mode=0644 when: inventory_hostname.startswith('bodhi0') notify: - - restart httpd + - reload httpd tags: - config - bodhi diff --git a/roles/bodhi2/base/tasks/main.yml b/roles/bodhi2/base/tasks/main.yml index 629ab31c1a..1251fbea49 100644 --- a/roles/bodhi2/base/tasks/main.yml +++ b/roles/bodhi2/base/tasks/main.yml @@ -39,7 +39,7 @@ mode=0600 when: inventory_hostname.startswith('bodhi') and env == 'staging' notify: - - restart httpd + - reload httpd tags: - config - bodhi @@ -53,7 +53,7 @@ mode=0600 when: inventory_hostname.startswith('bodhi') and env == 'production' notify: - - restart httpd + - reload httpd tags: - config - bodhi @@ -86,7 +86,7 @@ mode=0644 when: inventory_hostname.startswith('bodhi0') notify: - - restart httpd + - reload httpd tags: - config - bodhi diff --git a/roles/copr/dist_git/handlers/main.yml b/roles/copr/dist_git/handlers/main.yml index 12a4eb45fe..0f972dfde1 100644 --- a/roles/copr/dist_git/handlers/main.yml +++ b/roles/copr/dist_git/handlers/main.yml @@ -1,2 +1,2 @@ -- name: restart httpd +- name: reload httpd service: name="httpd" state="restarted" diff --git a/roles/copr/dist_git/tasks/main.yml b/roles/copr/dist_git/tasks/main.yml index 44c4e3d4d0..660551a63f 100644 --- a/roles/copr/dist_git/tasks/main.yml +++ b/roles/copr/dist_git/tasks/main.yml @@ -63,7 +63,7 @@ tags: - config notify: - - restart httpd + - reload httpd - copy: src="dist-git.conf" dest="/etc/dist-git/dist-git.conf" mode=0644 diff --git a/roles/copr/frontend/tasks/main.yml b/roles/copr/frontend/tasks/main.yml index 679187ff77..e1a605b107 100644 --- a/roles/copr/frontend/tasks/main.yml +++ b/roles/copr/frontend/tasks/main.yml @@ -20,7 +20,7 @@ - name: install copr configs template: src="copr.conf" dest=/etc/copr/copr.conf mode=600 notify: - - restart httpd + - reload httpd tags: - config diff --git a/roles/copr/keygen/tasks/main.yml b/roles/copr/keygen/tasks/main.yml index b66ef28d1d..e5cb8bbaa0 100644 --- a/roles/copr/keygen/tasks/main.yml +++ b/roles/copr/keygen/tasks/main.yml @@ -15,7 +15,7 @@ - name: put keygen vhost for httpd copy: src="httpd/copr-keygen.conf" dest="/etc/httpd/conf.d/copr-keygen.conf" notify: - - restart httpd + - reload httpd tags: - config diff --git a/roles/darkserver/tasks/main.yml b/roles/darkserver/tasks/main.yml index 3ee79bf8d3..d67aee7f7c 100644 --- a/roles/darkserver/tasks/main.yml +++ b/roles/darkserver/tasks/main.yml @@ -13,8 +13,8 @@ - name: darkserverweb.conf template: src=darkserverweb.conf.j2 dest=/etc/darkserver/darkserverweb.conf owner=apache group=apache mode=0640 - notify: restart httpd + notify: reload httpd - name: darkjobworker.conf template: src=darkjobworker.conf.j2 dest=/etc/darkserver/darkjobworker.conf owner=apache group=apache mode=640 - notify: restart httpd + notify: reload httpd diff --git a/roles/datagrepper/tasks/main.yml b/roles/datagrepper/tasks/main.yml index 963d1f2e69..37cc8de737 100644 --- a/roles/datagrepper/tasks/main.yml +++ b/roles/datagrepper/tasks/main.yml @@ -44,7 +44,7 @@ - name: setting up httpd config template: src=datagrepper-app.conf dest=/etc/httpd/conf.d/datagrepper.conf owner=root group=root notify: - - restart httpd + - reload httpd tags: - config - datagrepper diff --git a/roles/distgit/tasks/main.yml b/roles/distgit/tasks/main.yml index 7e49ef1f94..5fe57ddd8e 100644 --- a/roles/distgit/tasks/main.yml +++ b/roles/distgit/tasks/main.yml @@ -17,17 +17,17 @@ - name: install the httpd config file copy: src=pkgs.fedoraproject.org.conf dest=/etc/httpd/conf.d/pkgs.fedoraproject.org.conf notify: - - restart httpd + - reload httpd - name: install the httpd config directory file: dest=/etc/httpd/conf.d/pkgs.fedoraproject.org state=directory notify: - - restart httpd + - reload httpd - name: install the mod_ssl configuration copy: src=ssl.conf dest=/etc/httpd/conf.d/ssl.conf notify: - - restart httpd + - reload httpd - name: allow httpd to access the files on NFS seboolean: name=httpd_use_nfs state=yes persistent=yes @@ -71,7 +71,7 @@ - name: install the Dist Git-related httpd config copy: src=git-smart-http.conf dest=/etc/httpd/conf.d/pkgs.fedoraproject.org/git-smart-http.conf notify: - - restart httpd + - reload httpd - name: install the pkgdb_sync_git_branches.py scripts template: src={{item}} dest=/usr/local/bin/{{item}} owner=root group=root mode=0755 @@ -211,19 +211,19 @@ copy: src=cgitrc dest=/etc/cgitrc tags: distgit notify: - - restart httpd + - reload httpd - name: install our custom header for cgit template: src=cgit-header.html dest=/usr/share/cgit/cgit-header-fedora.html tags: distgit notify: - - restart httpd + - reload httpd - name: install the CGit-related httpd config copy: src=redirect.conf dest=/etc/httpd/conf.d/pkgs.fedoraproject.org/redirect.conf tags: distgit notify: - - restart httpd + - reload httpd # -- Lookaside Cache ------------------------------------- @@ -234,7 +234,7 @@ - lookaside.conf - lookaside-upload.conf notify: - - restart httpd + - reload httpd tags: - distgit @@ -332,7 +332,7 @@ - name: install the upload CGI script copy: src=dist-git-upload.cgi dest=/srv/web/upload.cgi owner=root group=root mode=0755 notify: - - restart httpd + - reload httpd tags: - distgit diff --git a/roles/dopr/tasks/main.yml b/roles/dopr/tasks/main.yml index b1bd53353d..274d415341 100644 --- a/roles/dopr/tasks/main.yml +++ b/roles/dopr/tasks/main.yml @@ -7,6 +7,7 @@ - "bash-completion" - "dnf-plugins-core" - "yum-utils" + - "libxslt-devel" tags: - packages diff --git a/roles/download/tasks/main.yml b/roles/download/tasks/main.yml index b4ed608326..4c3e9273d2 100644 --- a/roles/download/tasks/main.yml +++ b/roles/download/tasks/main.yml @@ -70,14 +70,14 @@ - name: Configure httpd dl main conf copy: src=httpd/dl.fedoraproject.org.conf dest=/etc/httpd/conf.d/dl.fedoraproject.org.conf notify: - - restart httpd + - reload httpd - name: Make sure apache autoindex.conf is replaced with ours copy: src=httpd/dl.fedoraproject.org/autoindex.conf dest=/etc/httpd/conf.d/autoindex.conf notify: - - restart httpd + - reload httpd - name: Configure httpd dl sub conf copy: src=httpd/dl.fedoraproject.org/ dest=/etc/httpd/conf.d/dl.fedoraproject.org/ notify: - - restart httpd + - reload httpd diff --git a/roles/easyfix/proxy/tasks/main.yml b/roles/easyfix/proxy/tasks/main.yml index a9efb4bbad..203597ccbb 100644 --- a/roles/easyfix/proxy/tasks/main.yml +++ b/roles/easyfix/proxy/tasks/main.yml @@ -10,7 +10,7 @@ dest=/etc/httpd/conf.d/{{website}}/gather-easyfix.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - easyfix - easyfix/proxy diff --git a/roles/epylog/tasks/main.yml b/roles/epylog/tasks/main.yml index c33857912d..219427ddde 100644 --- a/roles/epylog/tasks/main.yml +++ b/roles/epylog/tasks/main.yml @@ -45,7 +45,7 @@ - name: epylog httpd config copy: src=epylog-web.conf dest=/etc/httpd/conf.d/epylog-web.conf notify: - - restart httpd + - reload httpd tags: - config - apache diff --git a/roles/fas_server/tasks/main.yml b/roles/fas_server/tasks/main.yml index 77be21f881..85ef21c332 100644 --- a/roles/fas_server/tasks/main.yml +++ b/roles/fas_server/tasks/main.yml @@ -43,7 +43,7 @@ group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - config - fas @@ -62,7 +62,7 @@ group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - config - fas @@ -132,7 +132,7 @@ group=apache mode=0640 notify: - - restart httpd + - reload httpd tags: - config - fas @@ -159,7 +159,7 @@ mode=0640 when: master_fas_node == True notify: - - restart httpd + - reload httpd tags: - config - fas diff --git a/roles/fedmsg/base/tasks/main.yml b/roles/fedmsg/base/tasks/main.yml index 6d6b6de148..5aa62430a3 100644 --- a/roles/fedmsg/base/tasks/main.yml +++ b/roles/fedmsg/base/tasks/main.yml @@ -95,7 +95,7 @@ - fedmsgdconfig - fedmsg/base notify: - - restart httpd + - reload httpd - restart fedmsg-gateway - restart fedmsg-hub - restart fedmsg-irc @@ -116,7 +116,7 @@ - fedmsgdconfig - fedmsg/base notify: - - restart httpd + - reload httpd - restart fedmsg-gateway - restart fedmsg-hub - restart fedmsg-irc @@ -141,7 +141,7 @@ - fedmsgdconfig - fedmsg/base notify: - - restart httpd + - reload httpd - restart fedmsg-gateway - restart fedmsg-hub - restart fedmsg-irc @@ -154,7 +154,7 @@ - fedmsg_loopback - fedmsg/base notify: - - restart httpd + - reload httpd - restart fedmsg-gateway - restart fedmsg-hub - restart fedmsg-irc @@ -170,7 +170,7 @@ - fedmsg_loopback - fedmsg/base notify: - - restart httpd + - reload httpd - restart fedmsg-gateway - restart fedmsg-hub - restart fedmsg-irc @@ -183,7 +183,7 @@ - fedmsg_loopback - fedmsg/base notify: - - restart httpd + - reload httpd - restart fedmsg-gateway - restart fedmsg-hub - restart fedmsg-irc diff --git a/roles/fedmsg/crl/tasks/main.yml b/roles/fedmsg/crl/tasks/main.yml index 6984b110f5..d81d49a73d 100644 --- a/roles/fedmsg/crl/tasks/main.yml +++ b/roles/fedmsg/crl/tasks/main.yml @@ -37,7 +37,7 @@ dest=/etc/httpd/conf.d/{{website}}/fedmsg.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - fedmsg - fedmsg/crl diff --git a/roles/fedmsg/hub/tasks/main.yml b/roles/fedmsg/hub/tasks/main.yml index 6ef4138c1f..817df75185 100644 --- a/roles/fedmsg/hub/tasks/main.yml +++ b/roles/fedmsg/hub/tasks/main.yml @@ -21,6 +21,16 @@ when: not enable_websocket_server notify: restart fedmsg-hub +- name: set fedmsg ownership on /var/run/fedmsg + file: > + dest=/var/run/fedmsg/ + mode=0775 + owner=fedmsg + group=fedmsg + state=directory + tags: + - fedmsgmonitor + - name: ensure that nrpe has rights to monitor us file: > dest=/var/run/fedmsg/monitoring-fedmsg-hub.socket diff --git a/roles/fedora-web/arm/tasks/main.yml b/roles/fedora-web/arm/tasks/main.yml index ee5224adb9..f0141e58ca 100644 --- a/roles/fedora-web/arm/tasks/main.yml +++ b/roles/fedora-web/arm/tasks/main.yml @@ -12,7 +12,7 @@ - arm.conf - languages.conf notify: - - restart httpd + - reload httpd tags: - fedora-web - fedora-web/arm diff --git a/roles/fedora-web/boot/tasks/main.yml b/roles/fedora-web/boot/tasks/main.yml index 30ddc07b0d..5bad9611c5 100644 --- a/roles/fedora-web/boot/tasks/main.yml +++ b/roles/fedora-web/boot/tasks/main.yml @@ -12,7 +12,7 @@ - boot.conf - languages.conf notify: - - restart httpd + - reload httpd tags: - fedora-web - fedora-web/boot diff --git a/roles/fedora-web/build/files/syncStatic.stg.sh b/roles/fedora-web/build/files/syncStatic.stg.sh index 2cac9a7b1a..ce4e84e807 100644 --- a/roles/fedora-web/build/files/syncStatic.stg.sh +++ b/roles/fedora-web/build/files/syncStatic.stg.sh @@ -45,7 +45,7 @@ cd /srv/web/fedora-web /usr/bin/git clean -q -fdx || exit 1 /usr/bin/git reset -q --hard || exit 1 -/usr/bin/git checkout -q f23 || exit 1 +/usr/bin/git checkout -q two-week-atomic || exit 1 /usr/bin/git pull -q --ff-only || exit 1 build spins.fedoraproject.org diff --git a/roles/fedora-web/community/tasks/main.yml b/roles/fedora-web/community/tasks/main.yml index 49cca1569f..12e3710e0e 100644 --- a/roles/fedora-web/community/tasks/main.yml +++ b/roles/fedora-web/community/tasks/main.yml @@ -12,7 +12,7 @@ - fedoracommunity.org-web.conf - languages.conf notify: - - restart httpd + - reload httpd tags: - fedora-web - fedora-web/community diff --git a/roles/fedora-web/communityblog/tasks/main.yml b/roles/fedora-web/communityblog/tasks/main.yml new file mode 100644 index 0000000000..d58f380cb3 --- /dev/null +++ b/roles/fedora-web/communityblog/tasks/main.yml @@ -0,0 +1,11 @@ +- name: Copy some config files for {{website}} + template: > + src={{item}} dest=/etc/httpd/conf.d/{{website}}/{{item}} + owner=root group=root mode=0644 + with_items: + - communityblog-web.conf + notify: + - reload httpd + tags: + - fedora-web + - fedora-web/communityblog diff --git a/roles/fedora-web/communityblog/templates/communityblog-web.conf b/roles/fedora-web/communityblog/templates/communityblog-web.conf new file mode 100644 index 0000000000..4c32551739 --- /dev/null +++ b/roles/fedora-web/communityblog/templates/communityblog-web.conf @@ -0,0 +1,2 @@ +ProxyPass / http://209.132.184.207/ +ProxyPassReverse / http://209.132.184.207/ diff --git a/roles/fedora-web/fudcon/tasks/main.yml b/roles/fedora-web/fudcon/tasks/main.yml index 4ba4e6b2a2..609ceffea2 100644 --- a/roles/fedora-web/fudcon/tasks/main.yml +++ b/roles/fedora-web/fudcon/tasks/main.yml @@ -12,7 +12,7 @@ - fudcon.conf - languages.conf notify: - - restart httpd + - reload httpd tags: - fedora-web - fedora-web/fudcon diff --git a/roles/fedora-web/getfedora/tasks/main.yml b/roles/fedora-web/getfedora/tasks/main.yml index 073e15b388..6c49752223 100644 --- a/roles/fedora-web/getfedora/tasks/main.yml +++ b/roles/fedora-web/getfedora/tasks/main.yml @@ -12,7 +12,7 @@ - getfedora.org.conf - languages.conf notify: - - restart httpd + - reload httpd tags: - fedora-web - fedora-web/getfedora diff --git a/roles/fedora-web/labs/tasks/main.yml b/roles/fedora-web/labs/tasks/main.yml index 89f5d3e912..2a09a5e048 100644 --- a/roles/fedora-web/labs/tasks/main.yml +++ b/roles/fedora-web/labs/tasks/main.yml @@ -12,7 +12,7 @@ - labs.conf - languages.conf notify: - - restart httpd + - reload httpd tags: - fedora-web - fedora-web/labs diff --git a/roles/fedora-web/magazine/tasks/main.yml b/roles/fedora-web/magazine/tasks/main.yml index 5fdbea1ef3..0feddd0452 100644 --- a/roles/fedora-web/magazine/tasks/main.yml +++ b/roles/fedora-web/magazine/tasks/main.yml @@ -5,7 +5,7 @@ with_items: - fedoramagazine-web.conf notify: - - restart httpd + - reload httpd tags: - fedora-web - fedora-web/magazine diff --git a/roles/fedora-web/main/tasks/main.yml b/roles/fedora-web/main/tasks/main.yml index a8844f4853..a4a4739fb0 100644 --- a/roles/fedora-web/main/tasks/main.yml +++ b/roles/fedora-web/main/tasks/main.yml @@ -16,7 +16,7 @@ - expires.conf - deflate.conf notify: - - restart httpd + - reload httpd tags: - fedora-web - fedora-web/main @@ -28,7 +28,7 @@ with_items: - sponsor.conf notify: - - restart httpd + - reload httpd tags: - fedora-web - fedora-web/main @@ -38,7 +38,7 @@ src=browserid.fedoraproject.org dest=/srv/web/browserid.fedoraproject.org owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - fedora-web - fedora-web/main diff --git a/roles/fedora-web/mirrors/tasks/main.yml b/roles/fedora-web/mirrors/tasks/main.yml index c7b2fef332..369ba74f69 100644 --- a/roles/fedora-web/mirrors/tasks/main.yml +++ b/roles/fedora-web/mirrors/tasks/main.yml @@ -11,7 +11,7 @@ with_items: - mirrors.conf notify: - - restart httpd + - reload httpd tags: - fedora-web - fedora-web/mirrors diff --git a/roles/fedora-web/spins/tasks/main.yml b/roles/fedora-web/spins/tasks/main.yml index fa833602ce..1530313b71 100644 --- a/roles/fedora-web/spins/tasks/main.yml +++ b/roles/fedora-web/spins/tasks/main.yml @@ -12,7 +12,7 @@ - spins.conf - languages.conf notify: - - restart httpd + - reload httpd tags: - fedora-web - fedora-web/spins diff --git a/roles/fedora-web/start/tasks/main.yml b/roles/fedora-web/start/tasks/main.yml index afadedb2ad..481b28473e 100644 --- a/roles/fedora-web/start/tasks/main.yml +++ b/roles/fedora-web/start/tasks/main.yml @@ -12,7 +12,7 @@ - start-web.conf - languages.conf notify: - - restart httpd + - reload httpd tags: - fedora-web - fedora-web/start diff --git a/roles/fedora-web/whatcanidoforfedora/tasks/main.yml b/roles/fedora-web/whatcanidoforfedora/tasks/main.yml index 00f9c79fdb..dbf674c0e2 100644 --- a/roles/fedora-web/whatcanidoforfedora/tasks/main.yml +++ b/roles/fedora-web/whatcanidoforfedora/tasks/main.yml @@ -5,7 +5,7 @@ with_items: - whatcanidoforfedora-web.conf notify: - - restart httpd + - reload httpd tags: - fedora-web - fedora-web/whatcanidoforfedora diff --git a/roles/freemedia/tasks/main.yml b/roles/freemedia/tasks/main.yml index 57ddc285cc..a6525a4eae 100644 --- a/roles/freemedia/tasks/main.yml +++ b/roles/freemedia/tasks/main.yml @@ -6,7 +6,7 @@ with_items: - php notify: - - restart httpd + - reload httpd tags: - packages @@ -23,7 +23,7 @@ group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - config diff --git a/roles/geoip-city-wsgi/app/tasks/main.yml b/roles/geoip-city-wsgi/app/tasks/main.yml index 04e52e66f9..d2d57e3e33 100644 --- a/roles/geoip-city-wsgi/app/tasks/main.yml +++ b/roles/geoip-city-wsgi/app/tasks/main.yml @@ -19,7 +19,7 @@ group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - geoip_config - config @@ -47,7 +47,7 @@ group=root mode=0775 notify: - - restart httpd + - reload httpd tags: - geoip_config - config diff --git a/roles/geoip-city-wsgi/proxy/tasks/main.yml b/roles/geoip-city-wsgi/proxy/tasks/main.yml index 4ff021a7fd..39db649c59 100644 --- a/roles/geoip-city-wsgi/proxy/tasks/main.yml +++ b/roles/geoip-city-wsgi/proxy/tasks/main.yml @@ -4,7 +4,7 @@ dest=/etc/httpd/conf.d/{{website}}/geoip-city-wsgi-proxy.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - geoip-city-wsgi - geoip-city-wsgi/proxy diff --git a/roles/haproxy/rewrite/tasks/main.yml b/roles/haproxy/rewrite/tasks/main.yml index cb5e1ed808..95a994b44e 100644 --- a/roles/haproxy/rewrite/tasks/main.yml +++ b/roles/haproxy/rewrite/tasks/main.yml @@ -1,6 +1,6 @@ - template: src=rewrite.conf dest=/etc/httpd/conf.d/{{website}}/haproxy.conf notify: - - restart httpd + - reload httpd tags: - haproxy - haproxy/rewrite diff --git a/roles/haproxy/templates/haproxy.cfg b/roles/haproxy/templates/haproxy.cfg index 65c25d3bf1..f4c692ad9b 100644 --- a/roles/haproxy/templates/haproxy.cfg +++ b/roles/haproxy/templates/haproxy.cfg @@ -206,6 +206,12 @@ listen autocloud 0.0.0.0:10041 server autocloud-web02 autocloud-web02:80 check inter 10s rise 1 fall 2 option httpchk GET /autocloud/ +listen statscache 0.0.0.0:10042 + balance hdr(appserver) + server statscache-web01 statscache-web01:80 check inter 10s rise 1 fall 2 + server statscache-web02 statscache-web02:80 check inter 10s rise 1 fall 2 + option httpchk GET /statscache/ + # Apache doesn't handle the initial connection here like the other proxy # entries. This proxy also doesn't use the http mode like the others. # stunnel should be sitting on port 9939 (public) and redirecting diff --git a/roles/hosts/files/statscache-backend01.stg.phx2.fedoraproject.org-hosts b/roles/hosts/files/statscache-backend01.stg.phx2.fedoraproject.org-hosts new file mode 100644 index 0000000000..3e7caad435 --- /dev/null +++ b/roles/hosts/files/statscache-backend01.stg.phx2.fedoraproject.org-hosts @@ -0,0 +1,13 @@ +127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 +::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 + +10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 proxy05 proxy06 proxy07 proxy08 proxy09 proxy10 proxy11 fedoraproject.org admin.fedoraproject.org admin.stg.fedoraproject.org apps.stg.fedoraproject.org +10.5.126.51 apps.fedoraproject.org +10.5.126.23 infrastructure.fedoraproject.org +10.5.126.83 pkgs.fedoraproject.org +10.5.126.210 memcached01.stg.phx2.fedoraproject.org memcached01 memcached02 memcached03 memcached04 +10.5.126.85 db02.stg.fedoraproject.org +10.5.126.113 db05 +10.5.126.204 db01.stg.phx2.fedoraproject.org db-ask db-elections db-koji01 db-datanommer db-datanommer01 db-datanommer02 db-datanommer02.phx2.fedoraproject.org db-github2fedmsg db-fedocal tagger_db db-pkgdb2 db-summershum db-tahrir nuancier_db db-notifs db-blockerbugs db-kerneltest +10.5.126.86 fas01.stg.phx2.fedoraproject.org fas01.phx2.fedoraproject.org fas1 fas2 fas01 fas02 fas03 fas-all +10.5.126.87 koji01.stg.phx2.fedoraproject.org koji.stg.fedoraproject.org koji01 kojipkgs kojipkgs.stg.phx2.fedoraproject.org kojipkgs.stg.fedoraproject.org diff --git a/roles/hosts/files/sundries01.stg.phx2.fedoraproject.org-hosts b/roles/hosts/files/sundries01.stg.phx2.fedoraproject.org-hosts index ac7c874e90..488d794418 100644 --- a/roles/hosts/files/sundries01.stg.phx2.fedoraproject.org-hosts +++ b/roles/hosts/files/sundries01.stg.phx2.fedoraproject.org-hosts @@ -9,7 +9,10 @@ 10.5.126.113 db05 10.5.126.204 db01.stg.phx2.fedoraproject.org db-ask db-elections db-koji01 db-datanommer db-datanommer01 db-datanommer02 db-datanommer02.phx2.fedoraproject.org db-github2fedmsg db-fedocal tagger_db db-pkgdb2 db-summershum db-tahrir nuancier_db db-notifs db-blockerbugs db-kerneltest 10.5.126.86 fas01.stg.phx2.fedoraproject.org fas01.phx2.fedoraproject.org fas1 fas2 fas01 fas02 fas03 fas-all -10.5.126.87 koji01.stg.phx2.fedoraproject.org koji.stg.fedoraproject.org koji01 kojipkgs kojipkgs.stg.phx2.fedoraproject.org kojipkgs.stg.fedoraproject.org +10.5.126.87 koji01.stg.phx2.fedoraproject.org koji.stg.fedoraproject.org koji01 kojipkgs.stg.phx2.fedoraproject.org kojipkgs.stg.fedoraproject.org # For translations 209.132.182.79 fedora.zanata.org + +# To get the size of isos automatically for two-week-atomic +10.5.125.36 kojipkgs kojipkgs.fedoraproject.org diff --git a/roles/httpd/certificate/tasks/main.yml b/roles/httpd/certificate/tasks/main.yml index e37783a0ca..273c3164b2 100644 --- a/roles/httpd/certificate/tasks/main.yml +++ b/roles/httpd/certificate/tasks/main.yml @@ -13,7 +13,7 @@ mode=0644 when: SSLCertificateChainFile is defined notify: - - restart httpd + - reload httpd tags: - httpd - httpd/certificate @@ -29,7 +29,7 @@ - "{{private}}/files/httpd/{{cert}}.cert" - "{{private}}/files/httpd/{{name}}.cert" notify: - - restart httpd + - reload httpd tags: - httpd - httpd/certificate @@ -45,7 +45,7 @@ - "{{private}}/files/httpd/{{key}}.key" - "{{private}}/files/httpd/{{name}}.key" notify: - - restart httpd + - reload httpd tags: - httpd - httpd/certificate diff --git a/roles/httpd/domainrewrite/tasks/main.yml b/roles/httpd/domainrewrite/tasks/main.yml index 35087460c1..c75da82e81 100644 --- a/roles/httpd/domainrewrite/tasks/main.yml +++ b/roles/httpd/domainrewrite/tasks/main.yml @@ -16,7 +16,7 @@ - "{{roles}}/httpd/domainrewrite/templates/domainrewrite.{{destname}}.conf" - "{{roles}}/httpd/domainrewrite/templates/domainrewrite.conf" notify: - - restart httpd + - reload httpd tags: - httpd - httpd/domainrewrite diff --git a/roles/httpd/fingerprints/tasks/main.yml b/roles/httpd/fingerprints/tasks/main.yml index 00afe5c077..223a00f68e 100644 --- a/roles/httpd/fingerprints/tasks/main.yml +++ b/roles/httpd/fingerprints/tasks/main.yml @@ -1,6 +1,6 @@ - copy: src=fingerprints.html dest=/srv/web/fingerprints.html notify: - - restart httpd + - reload httpd tags: - fingerprints - httpd @@ -8,7 +8,7 @@ - copy: src=fingerprints.conf dest=/etc/httpd/conf.d/{{website}}/fingerprints.conf notify: - - restart httpd + - reload httpd tags: - fingerprints - httpd diff --git a/roles/httpd/mime-type/tasks/main.yml b/roles/httpd/mime-type/tasks/main.yml index efa0c9e107..fd7c7cd4c6 100644 --- a/roles/httpd/mime-type/tasks/main.yml +++ b/roles/httpd/mime-type/tasks/main.yml @@ -2,7 +2,7 @@ src=mime-types.conf dest=/etc/httpd/conf.d/{{website}}/mime-types.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - httpd - httpd/mime-type diff --git a/roles/httpd/mod_ssl/tasks/main.yml b/roles/httpd/mod_ssl/tasks/main.yml index 55b679bbd8..f8d0cb1535 100644 --- a/roles/httpd/mod_ssl/tasks/main.yml +++ b/roles/httpd/mod_ssl/tasks/main.yml @@ -1,7 +1,7 @@ - name: Install mod_ssl yum: name=mod_ssl state=installed notify: - - restart httpd + - reload httpd tags: - httpd - httpd/mod_ssl @@ -14,7 +14,7 @@ group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - httpd - httpd/certificate diff --git a/roles/httpd/proxy/tasks/main.yml b/roles/httpd/proxy/tasks/main.yml index b909de9fe1..bf6c5aefa4 100644 --- a/roles/httpd/proxy/tasks/main.yml +++ b/roles/httpd/proxy/tasks/main.yml @@ -3,7 +3,7 @@ src=httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - httpd - httpd/proxy @@ -27,7 +27,7 @@ - 02-ticketkey.conf - 03-reqtimeout.conf notify: - - restart httpd + - reload httpd tags: - httpd - httpd/proxy @@ -35,7 +35,7 @@ - name: set the apache mpm to use event MPM copy: src=00-mpm.conf dest=/etc/httpd/conf.modules.d/00-mpm.conf notify: - - restart httpd + - reload httpd tags: - httpd - httpd/proxy diff --git a/roles/httpd/redirect/tasks/main.yml b/roles/httpd/redirect/tasks/main.yml index 871d090108..44d81ee3f7 100644 --- a/roles/httpd/redirect/tasks/main.yml +++ b/roles/httpd/redirect/tasks/main.yml @@ -14,7 +14,7 @@ owner=root group=root notify: - - restart httpd + - reload httpd tags: - httpd - httpd/redirect diff --git a/roles/httpd/redirectmatch/tasks/main.yml b/roles/httpd/redirectmatch/tasks/main.yml index defbb79e2b..a14a2688a7 100644 --- a/roles/httpd/redirectmatch/tasks/main.yml +++ b/roles/httpd/redirectmatch/tasks/main.yml @@ -14,7 +14,7 @@ owner=root group=root notify: - - restart httpd + - reload httpd tags: - httpd - httpd/redirect diff --git a/roles/httpd/website/tasks/main.yml b/roles/httpd/website/tasks/main.yml index 11ffa7c9ce..0629c89604 100644 --- a/roles/httpd/website/tasks/main.yml +++ b/roles/httpd/website/tasks/main.yml @@ -16,7 +16,7 @@ group=root mode=0755 notify: - - restart httpd + - reload httpd tags: - httpd - httpd/website @@ -31,7 +31,7 @@ group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - httpd - httpd/website @@ -47,7 +47,7 @@ - logs - robots notify: - - restart httpd + - reload httpd tags: - httpd - httpd/website @@ -64,7 +64,7 @@ - robots/robots.txt.{{name}} - robots/robots.txt notify: - - restart httpd + - reload httpd tags: - httpd - httpd/website diff --git a/roles/ipsilon/files/templates/login/index.html b/roles/ipsilon/files/templates/login/index.html index fadcca8d38..14ec837d8d 100644 --- a/roles/ipsilon/files/templates/login/index.html +++ b/roles/ipsilon/files/templates/login/index.html @@ -1,7 +1,7 @@ {% extends "layout.html" %} {% block title %}Login{% endblock %} {% block toptext %} -{{ login_target }} is asking to authenticate using FedOAuth +{{ login_target }} is asking to authenticate using Ipsilon {% endblock %} {% block main %}
diff --git a/roles/ipsilon/files/templates/openid/consent_form.html b/roles/ipsilon/files/templates/openid/consent_form.html index fba03778e4..b0b254c6c3 100644 --- a/roles/ipsilon/files/templates/openid/consent_form.html +++ b/roles/ipsilon/files/templates/openid/consent_form.html @@ -1,6 +1,6 @@ {% extends "layout.html" %} {% block toptext %} -{{trustroot}} is asking to authenticate via OpenID using FedOAuth +{{trustroot}} is asking to authenticate via OpenID using Ipsilon {% endblock %} {% block main %} Review the authorization details diff --git a/roles/koji_hub/tasks/main.yml b/roles/koji_hub/tasks/main.yml index dc8ece7d97..d3bcd2d6a7 100644 --- a/roles/koji_hub/tasks/main.yml +++ b/roles/koji_hub/tasks/main.yml @@ -33,7 +33,7 @@ - name: fedmenu shim template: src=fedmenu-extra-footer.html dest=/usr/share/koji-web/static/extra-footer.html tags: koji_hub - notify: restart httpd + notify: reload httpd # XXX - we only want to do this in staging for now because it requires a patch # to koji itself to include the extra-footer.html file in a sufficiently # advanced way. @@ -45,14 +45,14 @@ tags: - config - koji_hub - notify: restart httpd + notify: reload httpd - name: kojiweb config template: src=web.conf.j2 dest=/etc/kojiweb/web.conf owner=apache group=apache mode=600 tags: - config - koji_hub - notify: restart httpd + notify: reload httpd - name: enable httpd_can_network_connect SELinux boolean for fedmsg seboolean: name=httpd_can_network_connect state=yes persistent=yes @@ -71,7 +71,7 @@ - name: koji fedmsg plugin template: src=fedmsg-koji-plugin.py dest=/usr/lib/koji-hub-plugins/fedmsg-koji-plugin.py notify: - - restart httpd + - reload httpd tags: - config - koji_hub @@ -82,7 +82,7 @@ - name: install kojiweb_cert_key.pem copy: src={{ private }}/files/koji/kojiweb_cert_key.pem dest=/etc/pki/tls/private/kojiweb_cert_key.pem owner=apache mode=600 notify: - - restart httpd + - reload httpd tags: - config - koji_hub @@ -91,7 +91,7 @@ - name: install production koji_cert.pem copy: src={{ private }}/files/koji/koji_cert.pem dest=/etc/pki/tls/certs/koji_cert.pem owner=apache mode=600 notify: - - restart httpd + - reload httpd tags: - config - koji_hub @@ -100,7 +100,7 @@ - name: install production koji_key.pem copy: src={{ private }}/files/koji/koji_key.pem dest=/etc/pki/tls/private/koji_key.pem owner=apache mode=600 notify: - - restart httpd + - reload httpd tags: - config - koji_hub @@ -112,7 +112,7 @@ - name: install s390 kojiweb_cert_key.pem copy: src={{ private }}/files/koji/s390.koji.fedoraproject.org_key_and_cert.pem dest=/etc/pki/tls/private/kojiweb_cert_key.pem owner=apache mode=600 notify: - - restart httpd + - reload httpd tags: - config - koji_hub @@ -121,7 +121,7 @@ - name: install s390 production koji_cert.pem copy: src={{ private }}/files/koji/s390_koji_cert.pem dest=/etc/pki/tls/certs/koji_cert.pem owner=apache mode=600 notify: - - restart httpd + - reload httpd tags: - config - koji_hub @@ -130,7 +130,7 @@ - name: install s390 production koji_key.pem copy: src={{ private }}/files/koji/s390_koji_key.pem dest=/etc/pki/tls/private/koji_key.pem owner=apache mode=600 notify: - - restart httpd + - reload httpd tags: - config - koji_hub @@ -142,7 +142,7 @@ - name: Install staging koji ssl cert copy: src={{ private }}/files/koji/koji.stg_cert.pem dest=/etc/pki/tls/certs/koji.stg_cert.pem notify: - - restart httpd + - reload httpd tags: - config - koji_hub @@ -151,7 +151,7 @@ - name: install staging koji ssl key copy: src={{ private }}/files/koji/koji.stg_key.pem dest=/etc/pki/tls/private/koji.stg_key.pem notify: - - restart httpd + - reload httpd tags: - config - koji_hub @@ -199,21 +199,21 @@ tags: - config - koji_hub - notify: restart httpd + notify: reload httpd - name: koji web hub specific config files template: src=kojiweb.conf.j2 dest=/etc/httpd/conf.d/kojiweb.conf owner=root group=root tags: - config - koji_hub - notify: restart httpd + notify: reload httpd - name: koji web staging config files copy: src=kojiweb.conf.stg dest=/etc/httpd/conf.d/kojiweb-stg.conf owner=root group=root tags: - config - koji_hub - notify: restart httpd + notify: reload httpd when: env == "staging" - name: koji staging ssl config @@ -221,7 +221,7 @@ tags: - config - koji_hub - notify: restart httpd + notify: reload httpd when: env == "staging" - name: koji ssl config @@ -229,7 +229,7 @@ tags: - config - koji_hub - notify: restart httpd + notify: reload httpd when: env != "staging" - name: koji robots.txt config @@ -237,7 +237,7 @@ tags: - config - koji_hub - notify: restart httpd + notify: reload httpd - name: kojira log dir file: dest=/var/log/kojira owner=root group=root mode=0750 state=directory @@ -306,7 +306,7 @@ service: name=httpd enabled=yes ignore_errors: true notify: - - restart httpd + - reload httpd tags: - service - koji_hub diff --git a/roles/kojipkgs/tasks/main.yml b/roles/kojipkgs/tasks/main.yml index a3b6ddc3ce..84502101e3 100644 --- a/roles/kojipkgs/tasks/main.yml +++ b/roles/kojipkgs/tasks/main.yml @@ -58,21 +58,21 @@ - kojipkgs.conf - infrastructure.conf notify: - - restart httpd + - reload httpd tags: - kojipkgs - name: make sure httpd ssl.conf is not around (conflicts with squid) file: dest=/etc/httpd/conf.d/ssl.conf state=absent notify: - - restart httpd + - reload httpd tags: - kojipkgs - name: make sure httpd listens on port 8080 lineinfile: dest=/etc/httpd/conf/httpd.conf state=present regexp="^Listen 80" line="Listen 8080" notify: - - restart httpd + - reload httpd tags: - kojipkgs @@ -84,7 +84,7 @@ tags: - kojipkgs notify: - - restart httpd + - reload httpd - name: Copy squid ssl key from puppet private copy: > @@ -94,7 +94,7 @@ tags: - kojipkgs notify: - - restart httpd + - reload httpd - name: set squid to start on boot service: name=squid enabled=true state=running diff --git a/roles/koschei/tasks/main.yml b/roles/koschei/tasks/main.yml index e8d1294ed4..5acf5e1f8c 100644 --- a/roles/koschei/tasks/main.yml +++ b/roles/koschei/tasks/main.yml @@ -32,7 +32,7 @@ - restart koschei-resolver - restart koschei-scheduler - restart koschei-watcher - - restart httpd + - reload httpd tags: - koschei - config @@ -74,7 +74,7 @@ - restart koschei-resolver - restart koschei-scheduler - restart koschei-watcher - - restart httpd + - reload httpd tags: - koschei - config @@ -84,7 +84,7 @@ src="httpd.conf.j2" dest="/etc/httpd/conf.d/koschei.conf" notify: - - restart httpd + - reload httpd tags: - koschei - config @@ -106,7 +106,7 @@ - httpd_can_network_connect - httpd_can_network_connect_db notify: - - restart httpd + - reload httpd tags: - koschei - selinux diff --git a/roles/mailman/tasks/main.yml b/roles/mailman/tasks/main.yml index 3fd30289d5..29eef4515d 100644 --- a/roles/mailman/tasks/main.yml +++ b/roles/mailman/tasks/main.yml @@ -174,7 +174,7 @@ # - config # - mailman # notify: -# - restart httpd +# - reload httpd - name: set the mailman conffile template: src={{ item }} dest=/etc/mailman.cfg diff --git a/roles/mediawiki/tasks/main.yml b/roles/mediawiki/tasks/main.yml index 0bac6d649d..31008582e6 100644 --- a/roles/mediawiki/tasks/main.yml +++ b/roles/mediawiki/tasks/main.yml @@ -88,13 +88,13 @@ - name: install localsettings template: src=LocalSettings.php.{{wikiname}}.j2 dest=/srv/web/{{wikiname}}-wiki/LocalSettings.php owner=apache group=apache mode=600 setype=httpd_sys_content_t - notify: restart httpd + notify: reload httpd tags: - mediawiki - name: httpd conf template: src=mediawiki-app.conf.j2 dest=/etc/httpd/conf.d/{{wikiname}}.conf - notify: restart httpd + notify: reload httpd tags: - mediawiki diff --git a/roles/membership-map/proxy/tasks/main.yml b/roles/membership-map/proxy/tasks/main.yml index d291749d7b..2489753f04 100644 --- a/roles/membership-map/proxy/tasks/main.yml +++ b/roles/membership-map/proxy/tasks/main.yml @@ -10,7 +10,7 @@ dest=/etc/httpd/conf.d/{{website}}/membership-map.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - membership-map - membership-map/proxy diff --git a/roles/mirrormanager/frontend2/tasks/main.yml b/roles/mirrormanager/frontend2/tasks/main.yml index dbdc060c9e..633b798c87 100644 --- a/roles/mirrormanager/frontend2/tasks/main.yml +++ b/roles/mirrormanager/frontend2/tasks/main.yml @@ -29,7 +29,7 @@ - { file: alembic.ini, dest: /etc/mirrormanager/alembic.ini } - { file: mirrormanager2.wsgi, dest: /var/www/mirrormanager2.wsgi } notify: - - restart httpd + - reload httpd tags: - mm2_frontend - config diff --git a/roles/nagios_server/files/plugins/restart_httpd b/roles/nagios_server/files/plugins/restart_httpd index a940f3e3ea..f461f45553 100755 --- a/roles/nagios_server/files/plugins/restart_httpd +++ b/roles/nagios_server/files/plugins/restart_httpd @@ -62,7 +62,7 @@ CRITICAL) # point (unless you disabled notifications for this service) HARD) echo -n "Restarting HTTP service..." - echo "#fedora-noc $hostalias - Attempting to restart httpd. $servicedesc is $servicestate" | /usr/bin/nc -w 1 value01 5050 + echo "#fedora-noc $hostalias - Attempting to reload httpd. $servicedesc is $servicestate" | /usr/bin/nc -w 1 value01 5050 # Call the init script to restart the HTTPD server /usr/lib64/nagios/plugins/check_nrpe -H $remotehost -c service_httpd_restart ;; diff --git a/roles/nagios_server/templates/nagios/checkcommands.cfg b/roles/nagios_server/templates/nagios/checkcommands.cfg index d0636036d3..e604f8e5c8 100644 --- a/roles/nagios_server/templates/nagios/checkcommands.cfg +++ b/roles/nagios_server/templates/nagios/checkcommands.cfg @@ -33,7 +33,7 @@ # ################################################################################ -# 'restart httpd' +# 'reload httpd' define command { command_name restart_httpd command_line $USER1$/restart_httpd $SERVICESTATE$ $SERVICESTATETYPE$ $SERVICEATTEMPT$ $HOSTADDRESS$ "$HOSTALIAS$" "$SERVICEDESC$" "$SERVICESTATE$" diff --git a/roles/openvpn/client/files/fix-routes.sh b/roles/openvpn/base/files/fix-routes.sh similarity index 100% rename from roles/openvpn/client/files/fix-routes.sh rename to roles/openvpn/base/files/fix-routes.sh diff --git a/roles/openvpn/base/tasks/main.yml b/roles/openvpn/base/tasks/main.yml index faba0ef9cc..2f3b628309 100644 --- a/roles/openvpn/base/tasks/main.yml +++ b/roles/openvpn/base/tasks/main.yml @@ -20,3 +20,9 @@ - restart openvpn (RHEL7) - restart openvpn (RHEL6) +- name: install fix-routes.sh script + copy: src=fix-routes.sh + dest=/etc/openvpn/fix-routes.sh + owner=root group=root mode=0755 + tags: + - openvpn diff --git a/roles/openvpn/client/tasks/main.yml b/roles/openvpn/client/tasks/main.yml index 67e44b1ac8..76817a24f9 100644 --- a/roles/openvpn/client/tasks/main.yml +++ b/roles/openvpn/client/tasks/main.yml @@ -17,9 +17,6 @@ - { file: client.conf, dest: /etc/openvpn/openvpn.conf, mode: '0644' } - - { file: fix-routes.sh, - dest: /etc/openvpn/fix-routes.sh, - mode: '0755' } - { file: "{{ private }}/files/vpn/openvpn/keys/{{ inventory_hostname }}.crt", dest: "/etc/openvpn/client.crt", mode: '0600' } diff --git a/roles/packages/bugz.fp.o/tasks/main.yml b/roles/packages/bugz.fp.o/tasks/main.yml index df7c8a98e3..675232eda7 100644 --- a/roles/packages/bugz.fp.o/tasks/main.yml +++ b/roles/packages/bugz.fp.o/tasks/main.yml @@ -2,7 +2,7 @@ src=bugz.conf dest=/etc/httpd/conf.d/{{website}}/bugz.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - packages - packages/proxy diff --git a/roles/packages/web/tasks/main.yml b/roles/packages/web/tasks/main.yml index cfa8883cb9..338ffe5338 100644 --- a/roles/packages/web/tasks/main.yml +++ b/roles/packages/web/tasks/main.yml @@ -38,7 +38,7 @@ dest=/etc/fedoracommunity/production.ini owner=apache group=apache mode=0600 notify: - - restart httpd + - reload httpd - restart fcomm-cache-worker tags: - packages @@ -50,7 +50,7 @@ dest=/etc/httpd/conf.d/fedora-packages.conf owner=root group=root mode=644 notify: - - restart httpd + - reload httpd tags: - packages - packages/web @@ -61,7 +61,7 @@ dest=/etc/fedoracommunity/yum-repo.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd - restart fcomm-cache-worker tags: - packages @@ -87,7 +87,7 @@ dest="{{pythonsitelib}}/fedoracommunity/search/distmappings.py" owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd - restart fcomm-cache-worker tags: - packages diff --git a/roles/pager_server/tasks/main.yml b/roles/pager_server/tasks/main.yml index b1889389aa..8fdb8f0af5 100644 --- a/roles/pager_server/tasks/main.yml +++ b/roles/pager_server/tasks/main.yml @@ -2,7 +2,7 @@ - name: setup pager app config copy: src=pager-app.conf dest=/etc/httpd/conf.d/pager-app.conf mode=644 notify: - - restart httpd + - reload httpd tags: - config - pager_server diff --git a/roles/pagure/fedmsg/tasks/main.yml b/roles/pagure/fedmsg/tasks/main.yml index 6952551e9a..017aae3a85 100644 --- a/roles/pagure/fedmsg/tasks/main.yml +++ b/roles/pagure/fedmsg/tasks/main.yml @@ -59,7 +59,7 @@ - pagure - pagure/fedmsg notify: - - restart httpd + - reload httpd - restart fedmsg-relay - name: Remove unwanted files @@ -72,7 +72,7 @@ - pagure - pagure/fedmsg notify: - - restart httpd + - reload httpd - restart fedmsg-relay - name: setup /etc/pki/fedmsg directory diff --git a/roles/paste/tasks/main.yml b/roles/paste/tasks/main.yml index 504049f3cf..931b61b52f 100644 --- a/roles/paste/tasks/main.yml +++ b/roles/paste/tasks/main.yml @@ -27,21 +27,21 @@ copy: src=sticky-notes.conf dest=/etc/httpd/conf.d/sticky-notes.conf owner=root group=root mode=644 tags: - config - notify: restart httpd + notify: reload httpd - name: sticky-notes php config template: src=config.php dest=/etc/sticky-notes/config.php owner=apache group=apache mode=600 tags: - config - notify: restart httpd + notify: reload httpd - name: php post limit config copy: src=sticky-notes.ini dest=/etc/php.d/sticky-notes.ini owner=root group=root mode=644 - notify: restart httpd + notify: reload httpd - name: timeout in case url.ca goes down copy: src=class_urlshort.php dest=/usr/share/sticky-notes/classes/class_urlshort.php owner=root group=root mode=644 - notify: restart httpd + notify: reload httpd - name: set sebooleans so paste can talk to the db seboolean: name=httpd_can_network_connect_db state=true persistent=true diff --git a/roles/pdc/tasks/main.yml b/roles/pdc/tasks/main.yml index 6123b727bc..2e56df5b9c 100644 --- a/roles/pdc/tasks/main.yml +++ b/roles/pdc/tasks/main.yml @@ -30,13 +30,13 @@ - name: Copy over settings_local.py template: src=settings_local.py dest=/usr/lib/python2.7/site-packages/pdc/settings_local.py - notify: restart httpd + notify: reload httpd tags: - pdc - name: Copy over httpd config template: src=pdc.conf dest=/etc/httpd/conf.d/pdc.conf - notify: restart httpd + notify: reload httpd tags: - pdc diff --git a/roles/phabricator/tasks/main.yml b/roles/phabricator/tasks/main.yml index 2aa797edc7..9cbec67bb7 100644 --- a/roles/phabricator/tasks/main.yml +++ b/roles/phabricator/tasks/main.yml @@ -64,7 +64,7 @@ - name: update php.ini copy: src=php.ini dest=/etc/php.d/php.ini owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd - name: update php-opcache config copy: @@ -93,6 +93,12 @@ notify: - restart phd +- name: copy phabricator custom login plugin + when: deployment_type == 'qa-stg' + template: src=CustomLoginHandler.php.j2 dest={{ phabroot }}/phabricator/src/extensions/CustomLoginHandler.php owner=apache group=apache mode=0644 + notify: + - restart phd + # this isn't well supported upstream right now, disabling #- name: generate chatbot config # template: src=chatbot-config.json.j2 dest={{ phabroot }}/phabricator/resources/chatbot/config.json owner=apache group=apache mode=0644 @@ -162,6 +168,6 @@ - name: copy phabricator httpd config template: src=phabricator.conf.j2 dest=/etc/httpd/conf.d/phabricator.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd diff --git a/roles/phabricator/templates/CustomLoginHandler.php.j2 b/roles/phabricator/templates/CustomLoginHandler.php.j2 new file mode 100644 index 0000000000..44b0585c0f --- /dev/null +++ b/roles/phabricator/templates/CustomLoginHandler.php.j2 @@ -0,0 +1,19 @@ +

Logging in to Fedora QA Devel Phabricator

+

+ This phabricator instance is only setup for authentication with the Fedora Accounts System. If you have previously logged in to this instance, click o n the 'Login or Register' button to log in again. If you are new to this system, please follow the follow + ing guidelines: +

+

"); + } +} diff --git a/roles/phabricator/templates/local.json.j2 b/roles/phabricator/templates/local.json.j2 index 33c8e00069..70caa75986 100644 --- a/roles/phabricator/templates/local.json.j2 +++ b/roles/phabricator/templates/local.json.j2 @@ -25,6 +25,7 @@ "metamta.mail-adapter" : "{{ "PhabricatorMailImplementationPHPMailerAdapter" if phabricator_mail_enabled else "PhabricatorMailImplementationTestAdapter"}}", "phpmailer.smtp-host" : "bastion.phx2.fedoraproject.org", "auth.email-domains" : ["fedoraproject.org"], +{% if deployment_type == 'qadevel-prod' %} "auth.login-message" : "

Logging in to Fedora QA Devel Phabricator

This phabricator instance is only setup for authentication with the Fedora Accounts System. If you have previously logged in to this instance, click on the 'Login or Register' button to log in again. If you are new to this system, please follow the follow @@ -35,6 +36,7 @@ ing guidelines:

  • If you have any questions, come find us in #fedora-qa on Freenode or on the Fedora QA Devel mailing list.

    • ", +{% endif %} "phabricator.uninstalled-applications" : { "PhabricatorApplicationPhame" : true, "PhabricatorApplicationDiviner" : true, diff --git a/roles/releng-dash/tasks/main.yml b/roles/releng-dash/tasks/main.yml index a03fb75870..0851f32ae1 100644 --- a/roles/releng-dash/tasks/main.yml +++ b/roles/releng-dash/tasks/main.yml @@ -10,6 +10,6 @@ with_items: - fedora-releng-dash.conf notify: - - restart httpd + - reload httpd tags: - releng-dash diff --git a/roles/releng/tasks/main.yml b/roles/releng/tasks/main.yml index 83ec4df25f..96e7cabf19 100644 --- a/roles/releng/tasks/main.yml +++ b/roles/releng/tasks/main.yml @@ -147,7 +147,7 @@ group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - config when: inventory_hostname.startswith('compose-x86-01') diff --git a/roles/review-stats/proxy/tasks/main.yml b/roles/review-stats/proxy/tasks/main.yml index 2ebd185347..e95fe48845 100644 --- a/roles/review-stats/proxy/tasks/main.yml +++ b/roles/review-stats/proxy/tasks/main.yml @@ -10,7 +10,7 @@ dest=/etc/httpd/conf.d/{{website}}/review-stats.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd tags: - review-stats - review-stats/proxy diff --git a/roles/statscache/backend/templates/statscache.py b/roles/statscache/backend/templates/statscache.py index b088d7ced0..6e64d8810e 100644 --- a/roles/statscache/backend/templates/statscache.py +++ b/roles/statscache/backend/templates/statscache.py @@ -3,6 +3,20 @@ import datetime config = { "statscache.datagrepper.profile": False, + {% if env == 'staging' %} + #"statscache.datagrepper.endpoint": "https://apps.stg.fedoraproject.org/datagrepper/raw", + + # Consume production fedmsg data in staging for now. + "statscache.datagrepper.endpoint": "https://apps.fedoraproject.org/datagrepper/raw", + "endpoints": { + "production-loopback": [ + "tcp://10.5.126.51:9940", + ], + }, + + {% else %} + "statscache.datagrepper.endpoint": "https://apps.fedoraproject.org/datagrepper/raw", + {% endif %} # Consumer stuff "statscache.consumer.enabled": True, @@ -10,7 +24,11 @@ config = { "statscache.sqlalchemy.uri": "postgres://statscache:{{statscache_db_password}}@db01/statscache", # stats models will go back at least this far (current value arbitrary) - "statscache.consumer.epoch": datetime.datetime(year=2015, month=8, day=8), + {% if env == 'staging' %} + "statscache.consumer.epoch": datetime.datetime(year=2015, month=10, day=1), + {% else %} + "statscache.consumer.epoch": datetime.datetime(year=2014, month=1, day=1), + {% endif %} # stats models are updated at this frequency "statscache.producer.frequency": datetime.timedelta(seconds=1), diff --git a/roles/taskotron/buildmaster-configure/templates/taskotron.master.cfg.j2 b/roles/taskotron/buildmaster-configure/templates/taskotron.master.cfg.j2 index db8e55653f..b3000d5298 100644 --- a/roles/taskotron/buildmaster-configure/templates/taskotron.master.cfg.j2 +++ b/roles/taskotron/buildmaster-configure/templates/taskotron.master.cfg.j2 @@ -161,7 +161,7 @@ factory.addStep(ShellCommand(command=["rm", "-f", "/var/log/taskotron/taskotron. {% if deployment_type == 'dev' %} # clean out /var/tmp/taskotron (see T253) -factory.addStep(ShellCommand(command=["rm", "-rf", Interpolate("/var/tmp/taskotron/%(prop:slavename)s/*")], name="rm_tmp", descriptionDone=['Clean tmp'])) +factory.addStep(ShellCommand(command=Interpolate("rm -rf /var/tmp/taskotron/%(prop:slavename)s/*"), name="rm_tmp", descriptionDone=['Clean tmp'])) {% endif %} # check out the source diff --git a/roles/taskotron/buildmaster/tasks/main.yml b/roles/taskotron/buildmaster/tasks/main.yml index 13a83c8b8a..0ee8d733e4 100644 --- a/roles/taskotron/buildmaster/tasks/main.yml +++ b/roles/taskotron/buildmaster/tasks/main.yml @@ -43,13 +43,13 @@ - name: copy httpd config template: src=buildmaster.conf.j2 dest=/etc/httpd/conf.d/buildmaster.conf owner=root group=root notify: - - restart httpd + - reload httpd - name: copy artifacts httpd config template: src=artifacts.conf.j2 dest=/etc/httpd/conf.d/artifacts.conf owner=root group=root when: deployment_type == 'prod' or deployment_type == 'stg' or deployment_type == 'dev' or deployment_type == 'local' notify: - - restart httpd + - reload httpd - name: create artifacts directory file: path={{ item }} state=directory owner=buildmaster group=buildmaster mode=0775 setype=httpd_sys_content_t diff --git a/roles/taskotron/execdb/tasks/main.yml b/roles/taskotron/execdb/tasks/main.yml index 1eb888a6cd..f4560651ef 100644 --- a/roles/taskotron/execdb/tasks/main.yml +++ b/roles/taskotron/execdb/tasks/main.yml @@ -57,12 +57,12 @@ - name: generate execdb config template: src=settings.py.j2 dest=/etc/execdb/settings.py owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd - name: generate execdb apache config template: src=execdb.conf.j2 dest=/etc/httpd/conf.d/execdb.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd - name: generate alembic.ini template: src=alembic.ini.j2 dest=/usr/share/execdb/alembic.ini owner=root group=root mode=0644 diff --git a/roles/taskotron/fake_fedorainfra/tasks/main.yml b/roles/taskotron/fake_fedorainfra/tasks/main.yml index 3edcf640e3..ba89f0eb5a 100644 --- a/roles/taskotron/fake_fedorainfra/tasks/main.yml +++ b/roles/taskotron/fake_fedorainfra/tasks/main.yml @@ -42,9 +42,9 @@ - name: generate fakefedorainfra config template: src=settings.py.j2 dest=/etc/fake_fedorainfra/settings.py owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd - name: generate fakefedorainfra apache config template: src=fake_fedorainfra.conf.j2 dest=/etc/httpd/conf.d/fakefedorainfra.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd diff --git a/roles/taskotron/resultsdb-backend/tasks/main.yml b/roles/taskotron/resultsdb-backend/tasks/main.yml index 5c3ac2c8c3..06faece0e2 100644 --- a/roles/taskotron/resultsdb-backend/tasks/main.yml +++ b/roles/taskotron/resultsdb-backend/tasks/main.yml @@ -50,12 +50,12 @@ - name: generate resultsdb config template: src=settings.py.j2 dest=/etc/resultsdb/settings.py owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd - name: generate resultsdb apache config template: src=resultsdb.conf.j2 dest=/etc/httpd/conf.d/resultsdb.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd # this command will clear the exising database and it's now being run every time, regardless of whether # /etc/resultsdb-is-init exists or not. We've already lost a lot of data, so commenting this command out diff --git a/roles/taskotron/resultsdb-frontend/tasks/main.yml b/roles/taskotron/resultsdb-frontend/tasks/main.yml index 1381814ae3..8294672c2e 100644 --- a/roles/taskotron/resultsdb-frontend/tasks/main.yml +++ b/roles/taskotron/resultsdb-frontend/tasks/main.yml @@ -16,9 +16,9 @@ - name: generate resultsdb_frontend config template: src=settings.py.j2 dest=/etc/resultsdb_frontend/settings.py owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd - name: generate resultsdb_frontend apache config template: src=resultsdb_frontend.conf.j2 dest=/etc/httpd/conf.d/resultsdb_frontend.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd diff --git a/roles/taskotron/ssl-taskotron/tasks/main.yml b/roles/taskotron/ssl-taskotron/tasks/main.yml index 80826c02de..86335a3efc 100644 --- a/roles/taskotron/ssl-taskotron/tasks/main.yml +++ b/roles/taskotron/ssl-taskotron/tasks/main.yml @@ -21,11 +21,11 @@ template: src=ssl.conf.rhel.j2 dest=/etc/httpd/conf.d/ssl.conf owner=root group=root mode=0644 when: is_rhel is defined notify: - - restart httpd + - reload httpd - name: generate fedora httpd ssl config template: src=ssl.conf.j2 dest=/etc/httpd/conf.d/ssl.conf owner=root group=root mode=0644 when: is_fedora is defined notify: - - restart httpd + - reload httpd diff --git a/roles/taskotron/taskotron-proxy/tasks/main.yml b/roles/taskotron/taskotron-proxy/tasks/main.yml index 0221d87ea3..477374fa54 100644 --- a/roles/taskotron/taskotron-proxy/tasks/main.yml +++ b/roles/taskotron/taskotron-proxy/tasks/main.yml @@ -21,9 +21,9 @@ - name: copy resultsdb proxy httpd config template: src=resultsdb.conf.j2 dest=/etc/httpd/conf.d/resultsdb.conf owner=root group=root notify: - - restart httpd + - reload httpd - name: copy execdb proxy httpd config template: src=execdb.conf.j2 dest=/etc/httpd/conf.d/execdb.conf owner=root group=root notify: - - restart httpd + - reload httpd diff --git a/roles/testdays/tasks/main.yml b/roles/testdays/tasks/main.yml index 80973be458..fc9117a862 100644 --- a/roles/testdays/tasks/main.yml +++ b/roles/testdays/tasks/main.yml @@ -25,10 +25,10 @@ - name: generate testdays config template: src=settings.py.j2 dest=/etc/testdays/settings.py owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd - name: generate testdays apache config template: src=testdays.conf.j2 dest=/etc/httpd/conf.d/testdays.conf owner=root group=root mode=0644 notify: - - restart httpd + - reload httpd diff --git a/roles/totpcgi/tasks/main.yml b/roles/totpcgi/tasks/main.yml index 23cfd7b180..8868bfd016 100644 --- a/roles/totpcgi/tasks/main.yml +++ b/roles/totpcgi/tasks/main.yml @@ -139,7 +139,7 @@ - files - config notify: - - restart httpd + - reload httpd when: env == "production" - name: copy server cert file over @@ -153,7 +153,7 @@ - files - config notify: - - restart httpd + - reload httpd when: env == "production" - name: copy totpcgi httpd config @@ -167,7 +167,7 @@ - files - config notify: - - restart httpd + - reload httpd when: env == "production" # vpn certs @@ -183,7 +183,7 @@ - files - config notify: - - restart httpd + - reload httpd when: env == "production" - name: copy VPN server cert file over