diff --git a/inventory/group_vars/ipsilon b/inventory/group_vars/ipsilon new file mode 100644 index 0000000000..442f89e068 --- /dev/null +++ b/inventory/group_vars/ipsilon @@ -0,0 +1,13 @@ +--- +# Define resources for this group of hosts here. +lvm_size: 20000 +mem_size: 4096 +num_cpus: 2 + +# for systems that do not match the above - specify the same parameter in +# the host_vars/$hostname file + +tcp_ports: [ 80, 443 ] + +# Neeed for rsync from log01 for logs. +custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] diff --git a/inventory/group_vars/ipsilon_stg b/inventory/group_vars/ipsilon_stg new file mode 100644 index 0000000000..17f3e45cd8 --- /dev/null +++ b/inventory/group_vars/ipsilon_stg @@ -0,0 +1,13 @@ +--- +# Define resources for this group of hosts here. +lvm_size: 20000 +mem_size: 4096 +num_cpus: 2 + +# for systems that do not match the above - specify the same parameter in +# the host_vars/$hostname file + +proxy_tcp_ports: [ 80, 443 ] + +# Neeed for rsync from log01 for logs. +custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] diff --git a/inventory/host_vars/ipsilon01.stg.iad2.fedoraproject.org b/inventory/host_vars/ipsilon01.stg.iad2.fedoraproject.org new file mode 100644 index 0000000000..97322f1199 --- /dev/null +++ b/inventory/host_vars/ipsilon01.stg.iad2.fedoraproject.org @@ -0,0 +1,12 @@ +--- +nm: 255.255.255.0 +gw: 10.3.166.254 +dns: 10.3.163.33 + +ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-32-iad2 +http://10.3.163.35/pub/fedora/linux/releases/32/Server/x86_64/os/ + +volgroup: /dev/vg_guests +eth0_ip: 10.3.166.30 +vmhost: vmhost-x86-01.stg.iad2.fedoraproject.org +datacenter: iad2 diff --git a/inventory/inventory b/inventory/inventory index 3d4f9cfe06..e6ef034297 100644 --- a/inventory/inventory +++ b/inventory/inventory @@ -295,6 +295,9 @@ ipa02.iad2.fedoraproject.org [ipa_stg] ipa01.stg.iad2.fedoraproject.org +[ipsilon-stg] +ipsilon01.stg.phx2.fedoraproject.org + [ipsilon_dev] iddev.fedorainfracloud.org @@ -600,6 +603,7 @@ oci-registry01.stg.iad2.fedoraproject.org # fedimg01.stg.iad2.fedoraproject.org github2fedmsg01.stg.iad2.fedoraproject.org ipa01.stg.iad2.fedoraproject.org +ipsilon01.stg.phx2.fedoraproject.org koji01.stg.iad2.fedoraproject.org # mailman01.stg.iad2.fedoraproject.org mbs-backend01.stg.iad2.fedoraproject.org diff --git a/playbooks/groups/ipsilon.yml b/playbooks/groups/ipsilon.yml new file mode 100644 index 0000000000..61264ee9ff --- /dev/null +++ b/playbooks/groups/ipsilon.yml @@ -0,0 +1,63 @@ +- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=ipsilon:ipsilon-stg" + +- name: make the box be real + hosts: ipsilon:ipsilon-stg + user: root + gather_facts: True + + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + + vars: + ipsilon_db_host: "db-fas01{{ env_suffix }}.iad2.fedoraproject.org" + + roles: + - base + - rkhunter + - nagios_client + - hosts + - fas_client + - rsyncd + - sudo + - { role: openvpn/client, + when: env != "staging" } + - mod_wsgi + - role: keytab/service + owner_user: apache + owner_group: apache + service: HTTP + host: "id.stg.fedoraproject.org" + when: env == "staging" + - role: keytab/service + owner_user: apache + owner_group: apache + service: HTTP + host: "id.fedoraproject.org" + when: env == "production" + + pre_tasks: + - import_tasks: "{{ tasks_path }}/yumrepos.yml" + + tasks: + - import_tasks: "{{ tasks_path }}/motd.yml" + + handlers: + - import_tasks: "{{ handlers_path }}/restart_services.yml" + +- name: deploy ipsilon itself + hosts: ipsilon:ipsilon-stg + user: root + gather_facts: True + + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - "{{ vars_path }}/{{ ansible_distribution }}.yml" + + roles: + - ipsilon + + handlers: + - import_tasks: "{{ handlers_path }}/restart_services.yml"