From 74c6e79140315f5fda912224171ff9d1d1c03977 Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Sat, 6 Dec 2014 20:51:52 +0100
Subject: [PATCH 1/5] Start working on the playbook to build a new secondary01

---
 .../secondary01.phx2.fedoraproject.org.yml    | 91 +++++++++++++++++++
 1 file changed, 91 insertions(+)
 create mode 100644 playbooks/hosts/secondary01.phx2.fedoraproject.org.yml

diff --git a/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml b/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml
new file mode 100644
index 0000000000..3d963f3abd
--- /dev/null
+++ b/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml
@@ -0,0 +1,91 @@
+# create a new server for secondary arch
+# NOTE: should be used with --limit most of the time
+# NOTE: make sure there is room/space for this server on the vmhost
+# NOTE: most of these vars_path come from group_vars/secondary* or from hostvars
+
+- name: make the servers
+  hosts: secondary01
+  user: root
+  gather_facts: False
+
+  vars_files:
+   - /srv/web/infra/ansible/vars/global.yml
+   - "{{ private }}/vars.yml"
+   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+  tasks:
+  - include: "{{ tasks }}/virt_instance_create.yml"
+
+  handlers:
+  - include: "{{ handlers }}/restart_services.yml"
+
+- name: make the boxen be real for real
+  hosts: secondary01
+  user: root
+  gather_facts: True
+
+  vars_files:
+   - /srv/web/infra/ansible/vars/global.yml
+   - "{{ private }}/vars.yml"
+   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+  roles:
+  - base
+  - rkhunter
+  - { role: denyhosts, when: ansible_distribution_major_version != '7' }
+  - nagios_client
+  - hosts
+  - fas_client
+  - sudo
+  - { role: nfs/client,
+      when: datacenter == "phx2",
+      mnt_dir: '/srv/pub/alt',
+      nfs_src_dir: '/vol/fedora_ftp/fedora.redhat.com/pub/alt'
+    }
+  - { role: nfs/client,
+      when: datacenter == "phx2",
+      mnt_dir: '/srv/pub/archive',
+      nfs_src_dir: '/vol/fedora_ftp/fedora.redhat.com/pub/archive'
+    }
+  - { role: nfs/client,
+      when: datacenter == "phx2",
+      mnt_dir: '/srv/pub/fedora-secondary', 
+      nfs_src_dir: '/vol/fedora_ftp/fedora.redhat.com/pub/fedora-secondary'
+    }
+
+  tasks:
+  - include: "{{ tasks }}/yumrepos.yml"
+  - include: "{{ tasks }}/2fa_client.yml"
+
+  handlers:
+  - include: "{{ handlers }}/restart_services.yml"
+
+- name: clean yum metadata
+  hosts: secondary01
+  user: root
+  gather_facts: False
+  command: yum clean all
+  tags:
+  - packages
+
+- name: install needed packages
+  hosts: secondary01
+  user: root
+  gather_facts: False
+  yum: pkg={{ item }} state=present
+  with_items:
+  - nfs-utils
+  - koji
+  tags:
+  - packages
+
+- name: set sebooleans so httpd can use nfs
+  hosts: secondary01
+  user: root
+  gather_facts: False
+  action: seboolean name={{ item }}
+                    state=true
+                    persistent=true
+  with_items:
+  - httpd_use_nfs
+

From 6bc652b8fb84643b5fae12fb0a1a5823667b09fe Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Sat, 6 Dec 2014 20:54:11 +0100
Subject: [PATCH 2/5] Use action instead of command in the playbook

---
 playbooks/hosts/secondary01.phx2.fedoraproject.org.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml b/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml
index 3d963f3abd..97c51c1ad1 100644
--- a/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml
+++ b/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml
@@ -64,7 +64,7 @@
   hosts: secondary01
   user: root
   gather_facts: False
-  command: yum clean all
+  action: yum clean all
   tags:
   - packages
 

From ec74b9d4877a81255b146872936f991081dda87e Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Sat, 6 Dec 2014 20:56:32 +0100
Subject: [PATCH 3/5] Restructure a bit the secondary01 playbook

---
 .../secondary01.phx2.fedoraproject.org.yml    | 45 +++++++++----------
 1 file changed, 20 insertions(+), 25 deletions(-)

diff --git a/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml b/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml
index 97c51c1ad1..1177008822 100644
--- a/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml
+++ b/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml
@@ -49,7 +49,7 @@
     }
   - { role: nfs/client,
       when: datacenter == "phx2",
-      mnt_dir: '/srv/pub/fedora-secondary', 
+      mnt_dir: '/srv/pub/fedora-secondary',
       nfs_src_dir: '/vol/fedora_ftp/fedora.redhat.com/pub/fedora-secondary'
     }
 
@@ -60,32 +60,27 @@
   handlers:
   - include: "{{ handlers }}/restart_services.yml"
 
-- name: clean yum metadata
+- name: Set up the rest of the box as desired
   hosts: secondary01
   user: root
-  gather_facts: False
-  action: yum clean all
-  tags:
-  - packages
+  gather_facts: True
 
-- name: install needed packages
-  hosts: secondary01
-  user: root
-  gather_facts: False
-  yum: pkg={{ item }} state=present
-  with_items:
-  - nfs-utils
-  - koji
-  tags:
-  - packages
+  - name: clean yum metadata
+    action: yum clean all
+    tags:
+    - packages
 
-- name: set sebooleans so httpd can use nfs
-  hosts: secondary01
-  user: root
-  gather_facts: False
-  action: seboolean name={{ item }}
-                    state=true
-                    persistent=true
-  with_items:
-  - httpd_use_nfs
+  - name: install needed packages
+    yum: pkg={{ item }} state=present
+    with_items:
+    - nfs-utils
+    - koji
+    tags:
+    - packages
 
+  - name: set sebooleans so httpd can use nfs
+    action: seboolean name={{ item }}
+                      state=true
+                      persistent=true
+    with_items:
+    - httpd_use_nfs

From 92577d7a43dc1ddb6bfcec53a491d362cbf7b63c Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Sat, 6 Dec 2014 20:57:54 +0100
Subject: [PATCH 4/5] Specify the variables and what are tasks

---
 playbooks/hosts/secondary01.phx2.fedoraproject.org.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml b/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml
index 1177008822..63f78cb7da 100644
--- a/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml
+++ b/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml
@@ -65,6 +65,12 @@
   user: root
   gather_facts: True
 
+  vars_files:
+   - /srv/web/infra/ansible/vars/global.yml
+   - "{{ private }}/vars.yml"
+   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+  tasks:
   - name: clean yum metadata
     action: yum clean all
     tags:

From 51308da4cf9dc48aff7d38491da48c68cbb4b9df Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Sun, 7 Dec 2014 00:09:13 +0100
Subject: [PATCH 5/5] Specify the nfs_mount_opts when mounting /pub/archive on
 secondary01

---
 playbooks/hosts/secondary01.phx2.fedoraproject.org.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml b/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml
index 63f78cb7da..d44dc31652 100644
--- a/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml
+++ b/playbooks/hosts/secondary01.phx2.fedoraproject.org.yml
@@ -45,7 +45,8 @@
   - { role: nfs/client,
       when: datacenter == "phx2",
       mnt_dir: '/srv/pub/archive',
-      nfs_src_dir: '/vol/fedora_ftp/fedora.redhat.com/pub/archive'
+      nfs_src_dir: '/vol/fedora_ftp/fedora.redhat.com/pub/archive',
+      nfs_mount_opts: 'ro,hard,bg,intr,noatime,nodev,nosuid'
     }
   - { role: nfs/client,
       when: datacenter == "phx2",