Infrastructure/ansible
5
0
Fork 0
Code Issues Pull requests 3 Projects Releases Packages Wiki Activity Actions
ansible/roles/odcs/base/tasks/main.yml
Michal Konečný fca44a415d [ODCS] Fix the syntax 
Signed-off-by: Michal Konečný <mkonecny@redhat.com>
2023-05-19 10:16:06 +02:00

380 lines
8.5 KiB
YAML
Raw Blame History

---
# install packages and generate shared configuration files
- name: install the packages required for ODCS
package:
pkg: "{{ item }}"
with_items:
- python3-psycopg2
- python3-odcs-common
- python3-celery
- odcs
- httpd
- make
- libxml2
- intltool
tags:
- odcs
- name: install the latest ODCS packagess
package:
pkg: "{{ item }}"
with_items:
- python3-odcs-common
- odcs
- odcs-client
when: odcs_upgrade
tags:
- odcs
- name: Enable the mod_auth_openidc module on rhel8
copy:
dest: /etc/dnf/modules.d/mod_auth_openidc.module
content: |
[mod_auth_openidc]
name=mod_auth_openidc
stream=2.3
profiles=
state=enabled
when: datacenter == "iad2"
# install required packages for frontend here, as we may
# need to reload httpd in next task when host is frontend
- name: install the packages required for ODCS frontend
package:
pkg: "{{ item }}"
state: present
with_items:
- mod_auth_openidc
- python3-mod_wsgi
when: inventory_hostname.startswith('odcs-frontend')
tags:
- odcs
- odcs/frontend
- name: install the packages required for ODCS backend
package:
pkg: "{{ item }}"
state: present
with_items:
- koji
when: inventory_hostname.startswith('odcs-backend')
tags:
- odcs
- odcs/backend
- name: create odcs-server group
group:
name: odcs-server
gid: 64321
state: present
- name: create odcs-server user
user:
name: odcs-server
uid: 64321
group: odcs-server
- name: create ODCS_TARGET_DIR
file:
path: "{{ item }}"
state: directory
owner: odcs-server
group: odcs-server
mode: 0775
# recurse: yes
follow: no
with_items:
- "{{ odcs_target_dir }}"
tags:
- odcs
- odcs/frontend
- name: create ODCS_TARGET_DIR private
file:
path: "{{ item }}"
state: directory
owner: odcs-server
group: odcs-server
mode: 0770
# recurse: yes
follow: no
with_items:
- "{{ odcs_target_dir }}/private"
tags:
- odcs
- odcs/frontend
- name: ensure ODCS service directories have right ownership
file:
path: "{{ item }}"
state: directory
owner: odcs-server
group: odcs-server
recurse: yes
follow: no
with_items:
- /var/run/odcs-backend
- /var/log/odcs-backend
tags:
- odcs
- odcs/backend
# this app config is shared by backend and frontend, but has different
# owner groups on backend and frontend, and notify different handlers,
# we can have vars set for frontend and backend seperately to do that,
# but it looks a little weird to have such special vars in
# inventory/group_vars/odcs-*, also we don't want to repeat the same
# required vars in frontend and backend, so just have 2 tasks in base
# to keep it simple.
- name: generate the ODCS app config for frontend
template:
src: etc/odcs/config.py.j2
dest: /etc/odcs/config.py
owner: odcs-server
group: apache
mode: 0440
notify:
- restart apache
when: inventory_hostname.startswith('odcs-frontend')
tags:
- odcs
- odcs/frontend
- name: generate the ODCS app config for backend
template:
src: etc/odcs/config.py.j2
dest: /etc/odcs/config.py
owner: odcs-server
group: odcs-server
mode: 0440
notify:
- restart odcs-celery-backend
when: inventory_hostname.startswith('odcs-backend')
tags:
- odcs
- odcs/backend
- name: generate the ODCS raw_config_wrapper config for backend
template:
src: etc/odcs/raw_config_wrapper.conf.j2
dest: /etc/odcs/raw_config_wrapper.conf
owner: odcs-server
group: odcs-server
mode: 0440
notify:
- restart odcs-celery-backend
when: inventory_hostname.startswith('odcs-backend')
tags:
- odcs
- odcs/backend
- name: generate the ODCS runroot_koji config for backend
template:
src: etc/odcs/runroot_koji.conf.j2
dest: /etc/odcs/runroot_koji.conf
owner: odcs-server
group: odcs-server
mode: 0440
notify:
- restart odcs-celery-backend
when: inventory_hostname.startswith('odcs-backend')
tags:
- odcs
- odcs/backend
- name: Make sure the /etc/fedmsg.d/odcs.py file (provided by rpm) is absent.
file:
path: /etc/fedmsg.d/odcs.py
state: absent
tags:
- odcs
- odcs/backend
- name: copy the ODCS pungi config template to backend
copy:
src: "{{ roles_path }}/odcs/base/files/pungi.conf"
dest: /etc/odcs/pungi.conf
owner: odcs-server
group: odcs-server
mode: 0640
notify:
- restart odcs-celery-backend
when: inventory_hostname.startswith('odcs-backend')
tags:
- odcs
- odcs/backend
- name: copy the odcs-celery-backend.service file.
template:
src: "etc/systemd/system/odcs-celery-backend.service.j2"
dest: /etc/systemd/system/odcs-celery-backend.service
owner: odcs-server
group: odcs-server
mode: 0640
notify:
- restart odcs-celery-backend
when: inventory_hostname.startswith('odcs-backend')
tags:
- odcs
- odcs/backend
- name: copy the odcs-celery-beat.service file.
template:
src: "etc/systemd/system/odcs-celery-beat.service.j2"
dest: /etc/systemd/system/odcs-celery-beat.service
owner: odcs-server
group: odcs-server
mode: 0640
notify:
- restart odcs-celery-beat
when: inventory_hostname.startswith('odcs-frontend')
tags:
- odcs
- odcs/frontend
- name: Reload systemd daemon
systemd:
daemon_reload: yes
tags:
- odcs
- odcs/backend
- odcs/frontend
- name: enable ODCS backend (odcs-celery-backend)
service:
name: odcs-celery-backend
enabled: yes
when: inventory_hostname.startswith('odcs-backend')
tags:
- odcs
- odcs/backend
- name: enable ODCS beat (odcs-celery-beat)
service:
name: odcs-celery-beat
enabled: yes
when: inventory_hostname.startswith('odcs-frontend')
tags:
- odcs
- odcs/frontend
- name: copy the fedora-messaging.toml.j2 file.
template:
src: "fedora-messaging.toml.j2"
dest: /etc/fedora-messaging/config.toml
owner: odcs-server
group: odcs-server
mode: 0640
tags:
- odcs
- odcs/frontend
- odcs/backend
- name: copy the odcs-backend.conf tmpfiles.d file.
copy:
src: "{{ roles_path }}/odcs/base/files/tmpfiles.d/odcs-backend.conf"
dest: /etc/tmpfiles.d/odcs-backend.conf
owner: odcs-server
group: odcs-server
mode: 0640
notify:
- restart odcs-celery-backend
when: inventory_hostname.startswith('odcs-backend')
tags:
- odcs
- odcs/backend
- name: configure logrotate
copy:
src: "{{ roles_path }}/odcs/base/files/logrotate.d/odcs"
dest: /etc/logrotate.d/odcs
when: inventory_hostname.startswith('odcs-backend')
tags:
- odcs
- odcs/backend
- name: Run systemd-tmpfiles --create
command: systemd-tmpfiles --create
args:
creates: /var/run/odcs-backend
notify:
- restart odcs-celery-backend
when: inventory_hostname.startswith('odcs-backend')
tags:
- odcs
- odcs/backend
- name: copy the odcs rabbitmq private queue crt.
copy:
src: "{{private}}/files/rabbitmq/{{env}}/pki/issued/odcs-private-queue{{env_suffix}}.crt"
dest: /etc/odcs/odcs-private-queue.crt
owner: odcs-server
group: apache
mode: 0640
tags:
- odcs
- odcs/backend
- odcs/frontend
- name: copy the odcs rabbitmq private queue key.
copy:
src: "{{private}}/files/rabbitmq/{{env}}/pki/private/odcs-private-queue{{env_suffix}}.key"
dest: /etc/odcs/odcs-private-queue.key
owner: odcs-server
group: apache
mode: 0640
tags:
- odcs
- odcs/backend
- odcs/frontend
- name: copy the odcs rabbitmq crt.
copy:
src: "{{private}}/files/rabbitmq/{{env}}/pki/issued/odcs{{env_suffix}}.crt"
dest: /etc/odcs/odcs-rabbitmq.crt
owner: odcs-server
group: apache
mode: 0640
tags:
- odcs
- odcs/backend
- odcs/frontend
- name: copy the odcs rabbitmq key.
copy:
src: "{{private}}/files/rabbitmq/{{env}}/pki/private/odcs{{env_suffix}}.key"
dest: /etc/odcs/odcs-rabbitmq.key
owner: odcs-server
group: apache
mode: 0640
tags:
- odcs
- odcs/backend
- odcs/frontend
- name: copy the odcs rabbitmq CA cert.
copy:
src: "{{private}}/files/rabbitmq/{{env}}/pki/ca.crt"
dest: /etc/odcs/ca.crt
owner: odcs-server
group: apache
mode: 0640
tags:
- odcs
- odcs/backend
- odcs/frontend
- name: copy the custom_compose_raw_config_wrapper.conf file.
copy:
src: "{{ roles_path }}/odcs/base/files/odcs/custom_compose_raw_config_wrapper.conf"
dest: /etc/odcs/custom_compose_raw_config_wrapper.conf
owner: odcs-server
group: odcs-server
mode: 0640
notify:
- restart odcs-celery-backend
when: inventory_hostname.startswith('odcs-backend')
tags:
- odcs
- odcs/backend
Reference in a new issue View git blame Copy permalink