2017-01-30 16:59:33 +00:00
|
|
|
---
|
|
|
|
|
# Common configuration for the Module Build Service (MBS) pieces
|
|
|
|
|
|
|
|
|
|
- name: install needed packages
|
2019-06-11 16:29:22 +01:00
|
|
|
package:
|
|
|
|
|
state: present
|
|
|
|
|
name:
|
|
|
|
|
- module-build-service
|
|
|
|
|
- python-psycopg2
|
|
|
|
|
- libsemanage-python
|
|
|
|
|
- python-memcached
|
2020-05-26 21:17:14 +02:00
|
|
|
- python2-distro
|
2017-01-30 16:59:33 +00:00
|
|
|
notify:
|
|
|
|
|
- restart apache
|
|
|
|
|
- restart fedmsg-hub
|
2021-01-26 10:26:01 -05:00
|
|
|
# - restart mbs poller
|
|
|
|
|
# - restart mbs workers
|
2017-01-30 16:59:33 +00:00
|
|
|
tags:
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
|
|
|
|
|
2017-03-03 10:47:04 +00:00
|
|
|
- name: kill development configs
|
|
|
|
|
file: path=/etc/fedmsg.d/{{ item }} state=absent
|
|
|
|
|
with_items:
|
|
|
|
|
- module_build_service.py
|
|
|
|
|
- mbs-logging.py
|
2017-02-15 17:25:35 +00:00
|
|
|
notify:
|
|
|
|
|
- restart apache
|
|
|
|
|
- restart fedmsg-hub
|
|
|
|
|
tags:
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
|
|
|
|
|
2017-01-30 16:59:33 +00:00
|
|
|
- name: copy app configuration
|
|
|
|
|
template: >
|
|
|
|
|
src=config.py dest=/etc/module-build-service/config.py
|
|
|
|
|
owner=root group=fedmsg mode=0640
|
|
|
|
|
notify:
|
|
|
|
|
- restart apache
|
|
|
|
|
- restart fedmsg-hub
|
2021-01-26 10:26:01 -05:00
|
|
|
# - restart mbs poller
|
|
|
|
|
# - restart mbs workers
|
2017-01-30 16:59:33 +00:00
|
|
|
tags:
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
2017-02-09 19:44:48 +00:00
|
|
|
|
2017-03-01 21:24:38 +00:00
|
|
|
- name: copy koji configuration
|
|
|
|
|
template: >
|
|
|
|
|
src=koji.conf dest=/etc/module-build-service/koji.conf
|
|
|
|
|
owner=root group=fedmsg mode=0644
|
|
|
|
|
notify:
|
|
|
|
|
- restart fedmsg-hub
|
|
|
|
|
tags:
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
|
|
|
|
|
2017-02-15 17:19:39 +00:00
|
|
|
- name: copy fedmsg configuration
|
|
|
|
|
template: >
|
|
|
|
|
src=mbs-fedmsg.py dest=/etc/fedmsg.d/mbs-fedmsg.py
|
|
|
|
|
owner=root group=fedmsg mode=0644
|
|
|
|
|
notify:
|
|
|
|
|
- restart apache
|
|
|
|
|
- restart fedmsg-hub
|
|
|
|
|
tags:
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
|
|
|
|
|
2017-02-15 15:52:03 +00:00
|
|
|
- name: copy client secrets
|
2017-02-09 19:44:48 +00:00
|
|
|
template: >
|
|
|
|
|
src=client_secrets.json.{{env}} dest=/etc/module-build-service/client_secrets.json
|
2017-02-15 15:58:01 +00:00
|
|
|
owner=root group=fedmsg mode=0640
|
2017-02-15 15:53:34 +00:00
|
|
|
when: inventory_hostname.startswith('mbs-frontend')
|
2017-02-09 19:44:48 +00:00
|
|
|
notify:
|
|
|
|
|
- restart apache
|
|
|
|
|
tags:
|
2018-05-30 19:47:05 +00:00
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
|
|
|
|
|
|
|
|
|
- name: create /var/cache/fedmsg/ directory for krb ccache
|
|
|
|
|
file:
|
|
|
|
|
path: /var/cache/fedmsg/
|
|
|
|
|
state: directory
|
|
|
|
|
owner: fedmsg
|
|
|
|
|
group: fedmsg
|
|
|
|
|
mode: 0750
|
|
|
|
|
tags:
|
2017-02-09 19:44:48 +00:00
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
2017-02-16 00:22:23 +00:00
|
|
|
|
2018-05-14 23:47:56 +00:00
|
|
|
- name: create /etc/pdc.d directory
|
|
|
|
|
file:
|
|
|
|
|
path: /etc/pdc.d
|
|
|
|
|
state: directory
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: 0775
|
|
|
|
|
|
2017-02-16 00:22:23 +00:00
|
|
|
- name: copy pdc client config file
|
|
|
|
|
copy: >
|
|
|
|
|
src=fedora.json.{{env}} dest=/etc/pdc.d/fedora.json
|
|
|
|
|
owner=root group=root mode=0644
|
|
|
|
|
notify:
|
|
|
|
|
- restart apache
|
|
|
|
|
- restart fedmsg-hub
|
|
|
|
|
tags:
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
2018-03-19 06:49:14 +00:00
|
|
|
|
2020-09-22 12:50:19 -04:00
|
|
|
- name: Configure MBS virtual host in RabbitMQ
|
|
|
|
|
block:
|
2021-01-28 16:13:02 -05:00
|
|
|
- name: copy the MBS rabbitmq private queue crt
|
|
|
|
|
copy:
|
|
|
|
|
src: "{{private}}/files/rabbitmq/{{env}}/pki/issued/mbs-private-queue{{env_suffix}}.crt"
|
|
|
|
|
dest: /etc/module-build-service/mbs-private-queue{{env_suffix}}.crt
|
|
|
|
|
owner: root
|
|
|
|
|
group: fedmsg
|
|
|
|
|
mode: 0640
|
|
|
|
|
tags:
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
|
|
|
|
|
|
|
|
|
- name: copy the MBS rabbitmq private queue key
|
|
|
|
|
copy:
|
|
|
|
|
src: "{{private}}/files/rabbitmq/{{env}}/pki/private/mbs-private-queue{{env_suffix}}.key"
|
|
|
|
|
dest: /etc/module-build-service/mbs-private-queue{{env_suffix}}.key
|
|
|
|
|
owner: root
|
|
|
|
|
group: fedmsg
|
|
|
|
|
mode: 0640
|
|
|
|
|
tags:
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
|
|
|
|
|
|
|
|
|
- name: copy the MBS rabbitmq CA cert
|
|
|
|
|
copy:
|
|
|
|
|
src: "{{private}}/files/rabbitmq/{{env}}/pki/ca.crt"
|
|
|
|
|
dest: /etc/module-build-service/ca.crt
|
|
|
|
|
owner: root
|
|
|
|
|
group: fedmsg
|
|
|
|
|
mode: 0640
|
|
|
|
|
tags:
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
|
|
|
|
|
2020-09-22 12:50:19 -04:00
|
|
|
- name: Configure the MBS virtual host
|
|
|
|
|
run_once: true
|
|
|
|
|
delegate_to: "rabbitmq01{{ env_suffix }}.iad2.fedoraproject.org"
|
|
|
|
|
rabbitmq_vhost:
|
|
|
|
|
name: /mbs
|
|
|
|
|
state: present
|
|
|
|
|
tags:
|
|
|
|
|
- rabbitmq_cluster
|
|
|
|
|
- config
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
|
|
|
|
|
|
|
|
|
- name: Configure the HA policy for the MBS queues
|
|
|
|
|
run_once: true
|
|
|
|
|
delegate_to: "rabbitmq01{{ env_suffix }}.iad2.fedoraproject.org"
|
|
|
|
|
rabbitmq_policy:
|
|
|
|
|
name: HA
|
|
|
|
|
apply_to: queues
|
|
|
|
|
pattern: .*
|
|
|
|
|
tags:
|
|
|
|
|
ha-mode: all
|
|
|
|
|
ha-sync-mode: automatic # Auto sync queues to new cluster members
|
|
|
|
|
ha-sync-batch-size: 10000 # Larger is faster, but must finish in 1 net_ticktime
|
|
|
|
|
vhost: /mbs
|
|
|
|
|
tags:
|
|
|
|
|
- rabbitmq_cluster
|
|
|
|
|
- config
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
|
|
|
|
|
|
|
|
|
- name: Grant the mbs user access to the MBS vhost
|
|
|
|
|
run_once: true
|
|
|
|
|
delegate_to: "rabbitmq01{{ env_suffix }}.iad2.fedoraproject.org"
|
|
|
|
|
rabbitmq_user:
|
|
|
|
|
user: "mbs{{ env_suffix }}"
|
|
|
|
|
vhost: /mbs
|
|
|
|
|
configure_priv: .*
|
|
|
|
|
read_priv: .*
|
|
|
|
|
write_priv: .*
|
|
|
|
|
tags:
|
|
|
|
|
- rabbitmq_cluster
|
|
|
|
|
- config
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
2021-04-09 13:22:03 -04:00
|
|
|
when: not mbs_frontend
|
2020-09-22 12:50:19 -04:00
|
|
|
|
|
|
|
|
- name: Configure the MBS workers and poller
|
|
|
|
|
block:
|
|
|
|
|
- name: Add the systemd service files
|
|
|
|
|
template:
|
|
|
|
|
src: "{{ item.src }}"
|
|
|
|
|
dest: "{{ item.dest }}"
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: "0644"
|
|
|
|
|
with_items:
|
|
|
|
|
- src: mbs-worker@.service.j2
|
|
|
|
|
dest: /etc/systemd/system/mbs-worker@.service
|
|
|
|
|
- src: mbs-poller.service.j2
|
|
|
|
|
dest: /etc/systemd/system/mbs-poller.service
|
|
|
|
|
notify:
|
|
|
|
|
- restart mbs poller
|
|
|
|
|
- restart mbs workers
|
|
|
|
|
tags:
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
|
|
|
|
|
|
|
|
|
- name: Enable the MBS workers
|
|
|
|
|
systemd:
|
|
|
|
|
name: "mbs-worker@{{ item }}"
|
|
|
|
|
daemon_reload: yes
|
|
|
|
|
enabled: yes
|
|
|
|
|
state: started
|
|
|
|
|
with_sequence: start=0 end={{ mbs_num_workers - 1 }}
|
|
|
|
|
tags:
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
|
|
|
|
|
|
|
|
|
- name: Populate the service facts to detect if there are MBS workers to disable
|
|
|
|
|
service_facts: {}
|
|
|
|
|
tags:
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
|
|
|
|
|
|
|
|
|
- name: Disable any extra MBS workers
|
|
|
|
|
systemd:
|
|
|
|
|
name: "mbs-worker@{{ worker_num }}"
|
|
|
|
|
enabled: no
|
|
|
|
|
state: stopped
|
|
|
|
|
with_items: "{{ ansible_facts.services | select('match', 'mbs-worker@\\d+.service') | list }}"
|
|
|
|
|
vars:
|
|
|
|
|
worker_num: "{{ item | regex_search('\\d+') }}"
|
|
|
|
|
when: (worker_num | int) >= mbs_num_workers
|
|
|
|
|
tags:
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
2021-04-09 13:22:03 -04:00
|
|
|
when: not mbs_frontend
|
2020-09-22 12:50:19 -04:00
|
|
|
|
2018-03-19 07:08:25 +00:00
|
|
|
- name: create /etc/module-build-service/default-modules directory
|
|
|
|
|
file:
|
|
|
|
|
path: /etc/module-build-service/default-modules
|
|
|
|
|
state: directory
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: 0775
|
2018-08-16 12:25:21 +00:00
|
|
|
tags:
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
2018-03-19 07:08:25 +00:00
|
|
|
|
|
|
|
|
- name: copy default modules to /etc/module-build-service/default-modules
|
2018-03-19 07:14:33 +00:00
|
|
|
copy: src={{ item }} dest=/etc/module-build-service/default-modules
|
|
|
|
|
with_fileglob:
|
|
|
|
|
- default-modules.{{ env }}/*.yaml
|
2018-08-16 12:25:21 +00:00
|
|
|
tags:
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
2018-03-19 07:08:25 +00:00
|
|
|
|
2018-03-19 06:49:14 +00:00
|
|
|
- name: import default-modules
|
2018-03-19 07:17:04 +00:00
|
|
|
command: /usr/bin/mbs-manager import_module /etc/module-build-service/default-modules/{{ item | basename }}
|
2018-03-19 06:49:14 +00:00
|
|
|
with_fileglob:
|
2018-03-19 07:14:33 +00:00
|
|
|
- default-modules.{{ env }}/*.yaml
|
2018-05-04 14:36:51 +00:00
|
|
|
when: mbs_import_default_modules | default(True)
|
2018-08-16 12:25:21 +00:00
|
|
|
tags:
|
|
|
|
|
- mbs
|
|
|
|
|
- mbs/common
|
