From a605ca0f15600387b1361696226a203d18136a86 Mon Sep 17 00:00:00 2001 From: Seth Vidal Date: Mon, 8 Oct 2012 19:35:54 +0000 Subject: [PATCH] first commit to the ansible public repo --- README | 23 ++++ TODO | 22 ++++ files/common/epel6.repo | 13 +++ files/common/infrastructure.repo | 6 + files/common/rhel6.repo | 14 +++ files/common/sysadmin-main | 39 +++++++ files/jenkins/gitconfig | 4 + files/jenkins/sshd_config_slave | 149 +++++++++++++++++++++++++ files/jenkins/sshd_config_slave.RedHat | 141 +++++++++++++++++++++++ handlers/restart_services.yml | 13 +++ inventory/group_vars/all | 4 + inventory/inventory | 62 ++++++++++ library/README | 1 + playbooks/cloud_el6_prep.yml | 15 +++ playbooks/jenkins_slave_el6.yml | 16 +++ scripts/README | 1 + tasks/cloud_setup_el6.yml | 34 ++++++ tasks/jenkins_slave.yml | 65 +++++++++++ vars/Fedora.yml | 2 + vars/RedHat.yml | 2 + vars/global.yml | 9 ++ 21 files changed, 635 insertions(+) create mode 100644 README create mode 100644 TODO create mode 100644 files/common/epel6.repo create mode 100644 files/common/infrastructure.repo create mode 100644 files/common/rhel6.repo create mode 100644 files/common/sysadmin-main create mode 100644 files/jenkins/gitconfig create mode 100644 files/jenkins/sshd_config_slave create mode 100644 files/jenkins/sshd_config_slave.RedHat create mode 100644 handlers/restart_services.yml create mode 100644 inventory/group_vars/all create mode 100644 inventory/inventory create mode 100644 library/README create mode 100644 playbooks/cloud_el6_prep.yml create mode 100644 playbooks/jenkins_slave_el6.yml create mode 100644 scripts/README create mode 100644 tasks/cloud_setup_el6.yml create mode 100644 tasks/jenkins_slave.yml create mode 100644 vars/Fedora.yml create mode 100644 vars/RedHat.yml create mode 100644 vars/global.yml diff --git a/README b/README new file mode 100644 index 0000000000..273d1955b7 --- /dev/null +++ b/README @@ -0,0 +1,23 @@ +ansible repository/structure + +files - files and templates for use in playbooks/tasks + - subdirs for specific tasks/dirs highly recommended + +inventory - where the inventory and additional vars is stored + +library - library of custom local ansible modules + +playbooks - collections of plays we want to run on systems + +tasks - snippets of tasks that should be included in plays + + +public path for everything is: + + /srv/web/infra/ansible + +private path - which is sysadmin-main accessible only is: + + /srv/private/ansible + + diff --git a/TODO b/TODO new file mode 100644 index 0000000000..3ec4e3d160 --- /dev/null +++ b/TODO @@ -0,0 +1,22 @@ +- make it easy to run playbooks against cloud instances w/o modifying + inventory or changing host entries in playbooks +- make it clear how to run as root from lockbox +- make path dests work correctly globally + +- define standards for: + - playbook naming + - play naming + - hosts or service or groups for talking to sets of systems + - tags: + - config + - service + - initonly + +- figure out how and where we are going to run these from cron +- common ssh key for all systems to be hit from + +- merge in tasks/playbooks/inventory/etc from: + - euca cloud + - builders + +- make a place to put scripts used in this whole process diff --git a/files/common/epel6.repo b/files/common/epel6.repo new file mode 100644 index 0000000000..fdaf8509ac --- /dev/null +++ b/files/common/epel6.repo @@ -0,0 +1,13 @@ +[epel] +name=Extras Packages for Enterprise Linux $releasever - $basearch +baseurl=http://infrastructure.fedoraproject.org/pub/epel/6/$basearch/ +enabled=1 +gpgcheck=1 +gpgkey=http://infrastructure.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6 + +[epel-test] +name=Extras Packages for Enterprise Linux $releasever - $basearch +baseurl=http://infrastructure.fedoraproject.org/pub/epel/testing/6/$basearch/ +enabled=0 +gpgcheck=1 +gpgkey=http://infrastructure.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6 diff --git a/files/common/infrastructure.repo b/files/common/infrastructure.repo new file mode 100644 index 0000000000..98ceb3fa55 --- /dev/null +++ b/files/common/infrastructure.repo @@ -0,0 +1,6 @@ +[infrastructure] +name=Extras Packages from Fedora Infrastructure $releasever - $basearch +baseurl=http://infrastructure.fedoraproject.org/repo/$releasever/$basearch/ +enabled=1 +gpgcheck=1 +gpgkey=http://infrastructure.fedoraproject.org/repo/RPM-GPG-KEY-INFRASTRUCTURE diff --git a/files/common/rhel6.repo b/files/common/rhel6.repo new file mode 100644 index 0000000000..3c533fa197 --- /dev/null +++ b/files/common/rhel6.repo @@ -0,0 +1,14 @@ +[rhel6-dvd] +name = rhel6 base dvd +baseurl=http://infrastructure.fedoraproject.org/repo/rhel/RHEL6-$basearch/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release + +[rhel6-base] +name = rhel6 base $basearch +baseurl=http://infrastructure.fedoraproject.org/repo/rhel/rhel-$basearch-server-6/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release + +[rhel6-optional] +name = rhel6 optional $basearch +baseurl=http://infrastructure.fedoraproject.org/repo/rhel/rhel-$basearch-server-optional-6/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release diff --git a/files/common/sysadmin-main b/files/common/sysadmin-main new file mode 100644 index 0000000000..3a789f0f3f --- /dev/null +++ b/files/common/sysadmin-main @@ -0,0 +1,39 @@ +#ausil +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAD9QDskl41P2f4wqBuDBRD3VJ7MfKD6gMetMEaOy2b/CzfxN1vzeoxEvUxefi4+uh5b5ht5+BhQVhvBV7sTxxYftEH+B7IRmWigqcS1Ndnw+ML6zCbSTCJOqDvTLxmkZic0NUBIBP907ztMCoZjaOW9SSCrdA9Vp87V3x/KEQaeSNntmnFqtnpQI/N0NlmqxB78p97W/QDpLuftqJ33sM0uyvxXSusThLSFBHjisezsWox49nEKY8HW+Kwkmw+k7EF4tsDWymPB+S0gMsMlTxzjutNASVDmn6H+lgkzns+5Xxii4/mZWrcjqfLuH7vCI2mWykZJ6ek0LiQea9tNN+KZomqX6NbTUK3riaDPrZPNexa4I83Fp+DYNmYgnGMInqn+cZ5PoUJ3u3LaqZGBQeuuONTw0yQ8Pkkn5xibpPO6qblHKcet0pfmWQ5ab+5BDrsyLcPXolMci5h45GNWebr7UMuXT6+q+EolnYgbgDzzGJ4xPohF04OW8CwflK64KEnYcqlGs+DF4TNgGFlhKiyCWfXSjizmQusxn17ayi6+yrkiGeqfz72qyZ1pSKlwA8XRYC2VkAAquJP6zAtAKjCUdmRTSyYgCpoIAlMwBO07BiPLLov6lKdphZYY1DI7pTXA98fhVU04PDqJJYR1GKkttmCsjbRWnxjkPl/Zka1+ei3k9DNidT6j4hFj+uTj8SS70qZUtKLNpc5IcedHaGEK0vcXJm9lIEKBIEnN0PCLZCa4kQZnfdsbuep1fbXNf4WYPXea29aRKJc4hiqsdrccTp4KueHgWt1Jj6CZDZcFgX+NlUVWwk6djgjRzHUryExtsjCcgGMPRJWdUnVcpgkQ1qJhEXng3W+nFFboArWfwU8u1pXEdeE1Z+m+ows3nJHdEgQevyy/cUx6BPNPZkBh10MWskSV8Z+vb02vJB+QikRMwQs3Ywf6RMaZFrBkWD4FfUaU24f4wgtPQN7j5xxJ2rWLJ/s9ZOWSl9yrytC6ZUQwmayLmiPUdm4u/7ZZmaly39K1YWqFDl3eUrRAZwf1L/NAqFu/qcQQ3Xf20K0nI55nVbZ8ODyx6BtfwoioblnTEcehK0uud5Vamc5mfpErFY0agEecsc0sMZO+ky9pf/gCUdM7je7kMDI2hdx61fOa8Wypb5u9WNBWKRKx8xT1XUKhb2uFumm3sR1iNm1Qhj92mo/NO2aETOA1lsYSL0XK571Yy0iFK3X1nOqp/gCsEGLI8OPQk6XuFqv8hmfiIXNKV8IwuDStw7eIvuQIgT7bmMkj+1Ca25foSmg3w5FqJux1gO9t5F018LeQZ6LVlYHZaQnaN+eTU7KfoCozhWw1H9pprDz Dennis Gilmore + +#codeblock +ssh-rsa AAAAB3NzaC1yc2EAAAABIwAACAEAstHxky7hl1inyHBy+q/9M+Aen2HSfy8IoW+sAO6HSuHEUT7qWB8AlSNjHhahjXx7sy/BUkUed+NB/177rjlThokZDJ0yoM9KKymp26ETGaamBSkWBxZatTj96BWfD0P2K9jc/9vxtgKBq3VK9UaOt6VtJ9q6mKY3DdWLZn+K6iGQAKMCAgd8cCMgD6epBB5/litz7WhYv+aYTyjZGUGbBojQUiWgXDv9lR7p0w+VP7pnZEeb3//k4pZhsPrKFwwRVRLxBvWgVKNvA6nMXmsdikHCLLj8YAevhEY1xAba+iCKOpTqT7Bu+1Fnb9St8u5iDod21gRmN7MGGWYsO+Iu2MNAW9sw2nsA/sdNR0HEEgBqJLhERjGv399fWKyiZaF90n59lg8Pb6EzE6wHRs6rSB+9uKApBzPk99BEHLvC6mhn6RjrOC+TWSTcmXojAwQYCadqIdgWUaBsxaugKEXBFcmRuDWtpDfsqmM1kjeGU6MiaMlqPW0KjsMaVVChLO5ZvB/T7qW4wr5ZjLri475MuHocCMP0ECSUk7I3YW2h8RU6FEFmTpuULFRQo01iPreY5XJ7l0+xy2eggAWo+X2h3nGjXhCPOelBg+LYe0WOmPgB5oc1m5HZtFTcFzYbhAE+xQKlbwNeYT8HmNmEMhPjVoNyOOV7NAap+ueS2u/7li5D59O5Iy8aa5n/WiuYfkqH4pG796nFyLr5L/LVudzyaYFb/Gk8C1j/NAWYw53D/9aOA277HHe5t0/daJhbo98u0asF5mvPld3swPuPqkEZzgUfmNgH5CkvcQcMzaOvj6qr6xNmQfgsHroCShb46kplQ2uSf1pMAqsjN7jGhk6l+Bu6hKHnJKhZJVLiuAZtgYvkCB1ahaO3wRVozA1VKCAlqHOqoCq4YLIobUL95H08Kwcz7vIRIadX1TkOoLb2EwPkE/xrhDp4BySh+j6YNklSBkiRHvJMBNnRIj8NTRjYyj2o1Om7kJ770lEdryg2og8QBaFWCmFkwzg1QVrBOuu0dN7kt2l7VI7Ib4lavKSVTrqUdxdSbthUlu/b4Qif+pbyEtUFgykRsHVs+5Ofg7FZpsgCJ8rLFjzeVF/hAYX7t3XaIPLu+DL8kzamb/CRy1b7+iAw9nJbd7ED2SGyU6+c2coMPG23y6+YxgEmNG/rkCLCypkEEDOZe4DuMerZQ/RxMo06+glC6HC/3VN2dHlVLtEEV33B04/6Z0plAhqtjG7PVs08f8a5msV/VYn5ifa4z0oIXX1r5CIg3Ejp1JguLhBHpWa7YbS2Mwu6GAbD+hQfCYrsUkFonoOLu5czpITLo7ceJFTQmAt7OxZEoZBfmtYfzADQsQVYQb6J4QwvM3iKJOn30dgtYnJOVlDZEn+0fivedxoBAt9jHJ8lVp2ov/dOFnimi5V+2QIMB0fKTkChsk10zsDZ/KUk6zfijjEju0WfjRHCd357KswNv3aXHazfRIw77S2UOenD+xmUDZ6WgnxservUSDNDz7NldLf/gdPOMO4uSwKZixzsoCNioeLEmQv4gomNK7DyZBLMHLlWlbliqP+QWuIJO1rfoH2vaxzzA7l5tJW1gfnxm87RrrwIf9v5kpdJM6gQZxqmBCRsKQd5VkrEJ/xaFfkv080pWNV0drWTZW8fAAgfUNYB260Hyk3rHsjQlVtQxGJ1aAcgjMi3eGKQMwptbUMYHqct75czX6xp6zgXPiC/glX6AtuiZQ5bOI07imil20ien/ks/dnel8L+dmYDasL9m0B2jZ3lbl3eR1Dy7UhqGyERx//vYQapEBuwFcqQ9UdIWCGGG2Pte1I39BSehUUGSCOOD38a/GCu0l7OWZKdwq80MK/Ixgz4neiZQZ7MD2wPy6vk6Num18PZPN7OynMrI2UG5MViQ0GAhRgxwbUCvc7uKnGRqZo9q2mCabCxLbv+hJ4bppxpHHJxMDDXilTKMfZb0YRbvjBUi7LFKLN3MBMK2U1jHE+PjBgweqF8Jtuw04CQMxK3unajZOVkYAIq8IdMbw0oBVP4++eGB9z0x1eH+IsqL6IgknbbyoMgQqW9/8atm8HW2QYCX47oPd4FHs8rgJZk3bz8MwN3tp8WCRtYnJuwkWGWSq77ans0Ycl/tUfSSwUjnSvMsJnuSbxvdX0XbP5eRWikk0pJz5lM9sjYFOPHrQ44/U254yBa0N6UhyNTQnMGzRvY+fADE49b10hXZwCCrxpY9KvGr1XNJMnMcUke+4p9RS5LUwcZ8A6v7oWtZaZwnuBzvKk+HAn2gevD7Stjto+TnRCx1qcbx8iOhAEC6nvbLl+U313TmawrO/usrI5w3EFKP/4BnlKJDtNBeklJ0MpU3R1fmisqfegjuBW2bbaxq8Uo6m7uqPsYuAl7E6rOyZHLbtA8szvbQ46MSqAHezqxHJajWn2oZXMtbddgO5vlkxbRp3SSVKaPOeIj3XOGl78Owp4gFNRE0RY2EuUvrwUhXZR4wx1VHYjS6o9HAwOx3dH+pf1OiblUEanLQ9HLuOBkLhP8wn1M2slsSw+A1gyuI0ayjRujYFXdw6Mqp6XKTdU8vNue2c3d0I+TMifBypP0oJtxXmEoPp/VsU9yLKA2FF7Xvv/Xq1gtZcuZWAbSwMok/ENY1xeIFyjV+0yBidmax3jaf9yus/XEpyeBS3iIz63ymU10Kb2vrWjubg/sa2yd+q0y96dLdDRbnbwGwMmg6mXvTlVXf8c= ricky@padlock01.home.elrod.me + +#jstanley +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDi5bNJQBrvT/YuvfLO0y6smZW5N+946uISkzmDi9myffLgHAZP4nBGeH/4GcB5ns9HJ19xVtbIwqOz4QwIqKh4gKU7DgaqND2Iu0bUUFL1KXPLGyAIW+9N3yHB+nKkH31alDnF4dpKkvO63DRkqh4ptxwEQbZDCFqn+vXuMnG4cPmDEweR3QZUt5m0Vc7HXzbehZxjUZ3xRWvT/pu+khBhJcRFkLlA60Fnqv7Q+MQP1C0Cpf3hiX1LcXUogXkNooAqx1YYRd8VqvI8e9yQW+a99x8FftnmXKlGCxP33ng6+U6Y2H7u3cRDrlRTbWqkry4SuUYo+6MtvZVgL0fw6PsZ jstanley@hawtness.rmrf.net + +#kevin +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJH1lA7WHRCbaFtvzbw0HxHYJstZjuXhax1+eL+SUJ5fFRGosEc4fLrSCP0gSFDfXmNzuspoBgcQTqnNO8FdIUwkJLDEu0vTQls1aT9YUXb+RVwKB7ULA3b1dqFkmOgLEjTJL9AplK4OJ9Su0kq6QBV4mXCxMsgEML/gn6r8muZmu2L/LdzUnxKKggyq7O5q1K/eW5Yy21fpvbHt2UPQX1f6gt4ty7E9Nnuhi7SHCI7fNIa+kHyIesfTm/SzeK/PY9rDwZKjuyS8o22GJXGEScJomK1cjMESH/J+t8Hffaj88BjGHNczvcnXAjq6y73VJQ9DiGLD4zmFquQMxDu0Tf kevin@jelerak.scrye.com + +#lmacken +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDefONrBaBJlCxKtDwkYWVhf96lMhRQfwVJyBoBd4Pk6TqKMlAu2eST1xRZlV4cJSxAWgZpOaFgqJ5EGd6mq8PvVk+mKXdtX7CAoWm4f3c6otUFsFDCTw3gVvYSlEk23XBHuACsbAVNL4HmP+9C7PxQBePukbMBFD2smsyQkPcX7lZw+lDJW5lOTz3dHAA92bcopDycxRDI99gGkawzjlmxpm2C9nhRabKS6mpGw3N64d8hwHkkFbtHY7rS0/0Cka0geYYYv0NVki1IIctkhZE9LndcWbVcVe1pIlR0RyW2sorfgCgoa5fRZZhukUCtspdv981h/0b87RpRVUJKuRd1 lmacken@tomservo + +#mdomsch +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsmLoA/97DrE7roCHOY7NdB5TV/g7oxAsk74HgHcFRYAbn/rkoa7r9ZsgR7qzwd6Z+5Z77qFqvl1Bs3XtJf+1vJ3kwdcNFdKTw1DgTdE/rNPI7QzUgXKKKv/WCiU6UDBX4HHWq8Yuq4tkr/yepS8sLzMz2e0pHU4uWFQuvr5ttP9ABGohhDnPr0IcaT5vm+uBTJItJBrhqGws2fnVxhWEm8Y96AZb2vFZVwiMdcKKqfVZby3/wTuEtaDbv0krQNtLJcjaOTWLHWnxJEvLWSdFgkuIDvoNKR7ZV2lsmh5UD/smStgf8TkORR59r63dp2kWAn0/Jl59ARsdXDXGCiduF3GamxglTUA+kYbkN/PBQbl6o+nNKy4Q5TI53WNmhpdsbEJWCjzT+V1ju5JejFEHIhnWyBoBUWB2NKxWaSlToI2B9E0iJ0HK68IlA7bO4X7SD8q5cZBVTKMByFxt9uQXFeZeG7QRCPIsg6bXsirnFn5028iz+RfVFe3Mavp18v1hObvH6SDTczQauuAhTwYOtphaPZj+iHbaKvKndvlOWdGoyrNxgcx+t4loyEEcEWD0Astdp0bZD39nag94PD7hnoENOC0oE6mbtyUuSCGrU6ogee8qxYAt0AP3Rq1LLaRWXqe/1rM5A9oaDNwNkWA/JWbJbZQf0vvWTZmTib3rfew== mdomsch@fedoraproject.org + +#mmcgrath +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7U0WbKLL/D6iR03/vdDZJ8Lkj1jjAkindSvC4PkXVgi6qJo1YBZnIgsmoQopYcra2yzHFt58crygIh79P/rpQowWY99W+Sk4kB9UNuiAiX/LRi+1YdxwCKcRNTVOwuji6MGZoscACERmIjPY6P1oFPERoXhUkOuzPcrDK/0z/Bp9dpNRVZE/0zN6dvHA9QODLGvcFtgnX73SbZfoIbaVP/37IvOZvjGI1jxC5DwCmY+ihM13GpELP6BM8iihlnl1pjk1vtqPxD9g9Llr14Sc6cZJKl1WCulqhde4SEMOjpMJ8J8cGYBSsdh49hB36pdKQuTTnuCXpEt5Tl8PUKCrr mmcgrath@desktop.mmcgrath.net + +#notting +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC3eVd6Ccegp1r1mhm7tPnlGUcw0zsAbR2p9hrFZ7RKxdIponuVV9ix4lgwpNEVDs0j4vxAApeLpJrsV8R8+YLUZO3Mzi+2s8nM8LXrKHtJT9wKKqoU3O/lC79drbWk3EMgETyP61Zpjkub0hwG2MjviPee63zCuRbxzxyalzk+AtwkRSxYaS2Ha0uKxGDiq1c/Iu6HRgm8HrtW+Pr6QbSSoHLhGUpR0HkgoC6852xXGhrRMkzXXbD9L6vaK9F39YmzD7Z8yey+xDTFW529avkEIWDeqBpbae+HjKqEQaBx71/rcmXhqKYrEagzUGpS8Bwskp3JMksd/v9tMuUhGQ2XaooCeKzvM0KnVUk/Q031ZtjNYxLpy/rEqbyt18+8wYOvVoGgnRZ/yJ/UVwYbGJrttYrrQmaJv7b357bkgDJobkIki+zGzi1xkvb85JWEt0mfh38H2vCnpwQtSAIyF/hmrS+1xsD/oAoc83IUhsVYcDhLbBEVKMX2IsJLMAPwCE6GexRYyVE5vEN4PMV9A8VmGuIC3IzkPEbStdtlbP4ttNKtfwS+MrY+ceAABDixls6xpedgT1he44R+7C1p+w4uj4TnYReLVce6+KgfJ6mz8CTXVULLWM4l2H3PylEUyoHGRDpVanGAvm7h2D0HgxErWIkjZkL79GFhzQc1xjzixQ== notting@nostromo.devel.redhat.com + +#ricky +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDDAeAohiRJ2v/RO7R9GS93TF92Gc9ixK6HM7wlbMdlZ4yYAbeoEX8VpeNaSTfo/Nw3zazr9VpmpHg+H70K8ljQsPgRwcgpetRVpF55M5FYjqM5oM+N94HV3nSGcnWbSIho1R31DaDH2ptxVqgh2m5DG7Bc45w9Bd4wjfdQ8nBrGv93tuH7X/cee4g6GvexLm5nXhAngdEmiyxw5MHuJAvj+54l4wMXRWpeF6XlI2iamW42nLSfRMCFkGNiXvBm8zkfkeH2L7I2cNKXXoP/cPCd3G/teIsI9FDqYpZ6CS0zMkWhlTuh7rlCjc9+nJsLdDLgwhb75skiUOOfimGvCCxWeHuCsSL+KpCu4AgI9UAVgO6xblDlmbQXxlGopep29U/s00W/0qv3Zp8Ks4Za0xHdoIwHiaLM0OYymFaNDd3ZqFG0FN23ZjcGqUmFGhGfUQRDt72+e9HtXlBJ0mUaCX9+e4wFGTVciG1/5CKsLHCaLRf+knsWXrv2zcv9BoZ9SCAK32zCZw05wjcmr7jYDCTLmtC6kEBNaOeE9Qqi2oomo4ji8ybg+Qq+1BwOtJKExvmZaooBZud0qd24HmCU0/0ysw732jGcqexzxsCR0VArd+7LKexOD7KwMW0VUss6fdOWac9gwCLx9FaKYh8mVvcQjKhKGI3aO2sXRUWSbBJw8w== ricky@alpha.rzhou.org + +#skvidal +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDjlnCEiFMrKpkiIBjs5IW1+RXDald3aKvTszj0hUw9Gl6w3vt3RAiqTD/XRKcNdP0+pVIK/I4KexKfZzemNZ8UYmZ+a9EK+Gj7OQbJv7TQDeR0zyJ8ZgFXaWoN+CnWXLO2mp9poysUR6CILjaDJt4GDxJaD+bebRu+zxUQSlgrjObhIUTSfwsEJu++zK+fy4+xSEMG7SANEJHd+zOAw6+isLnnbp8qY2fs3reKpc8XPkyJscLU4BQV2cGXwlPUhzPVv/itUUV/uWHeAqoz2i5XG4C0/BXk6D85qkGIyE08Nl3COxn6giivrdTIH6W4dUtBdYgTMZ3RgMHL9ClLpS17 skvidal@opus + +#smooge +ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEAxnzCHH11nDM1m7yvqo6Uanq5vcZjBcs/mr3LccxwJ59ENzSXwUgEQy/P8vby9VKMwsskoaqZcvJdOSZBFhNV970NTPb69OIXPQAl/xhaLwiJOn606fB+/S8WepeuntS0qLiebbEiA9vIQLteZ+bWl1s/didD/sFo3/wItoTGA4GuShUu1AyWJx5Ue7Y34rwGR+kIvDoy2GHUcunn2PjGt4r3v2vpiR8GuK0JRupJAGYbYCiMBDRMkR0cgEyHW6+QQNqMlA6nRJjp94PcUMKaZK6Tc+6h5v8kLLtzuZ6ZupwMMC4X8sh85YcxqoW9DynrvO28pzaMNBHm7qr9LeY9PIhXscSa35GAcGZ7UwPK4aJAAuIzCf8BzazyvUM3Ye7GPCXHxUwY0kdXk+MHMVKFzZDChNp/ovgdhxNrw9Xzcs4yw7XYambN9Bk567cI6/tWcPuYLYD4ZJQP0qSXVzVgFEPss1lDcgd0k4if+pINyxM8eVFZVAqU+BMeDC+6W8HUUPgv6LiyTWs+xTXTuORwBTSF1pOqWB4LjqsCGIiMAc6n/xdALBGUN7qsuKDU6Q7bwPppaxypi4KCvuJsqW+8sDtMUaZ34I5Zo1q7cu03wqnOljUGoAY6IDn3J66F2KlPPyb/q3PDV3WbY/jnH16L29/xUA73nFUW1p+WXutwmSU= ssmoogen@ponyo.int.smoogespace.com + +#spot +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFZ3AD/I0OfU84IrK573amZptucuBrDxHoue/c+PUsD3MGIA6QXRceq3ZkLuz25OAAu53hFxzCE4d6eVS299rVR8Cd+tVU8aqBdTHzdqv52Vs8zRfXMW69sV7fhwRLaQDcRTwY90Wmz2MbZmN996XmJDNtUIWI2mML+PBYEdO0PyiB2ttb7mmA3SwtC/rwEMJL2YHh+bTzlJ9W4BgFcFwizMXU3mk5uGp2/q3nKzEvgTROM8yWvqdM34cRYpjFKyOlpo6k3SPt76hgDUEIsAu6Ul1S0FHTCRMIihcxZOSN4frMtXVjX0NhW9mKcn1IRBpzd0Yon/gPB8OJ31ojIIop spot@pterodactyl + +#toshio +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDfgKJEBuHFlFc8/IHDeIpdprNnAFQHkicXAFfAzIJSkhUaOJFjsulmgPZn2TJJpYqFAxYUjhWJOdrOwx7AHSg6gWu4TT4a0sTay+Z0eqZOShf5UL/M587DxJk1JZU8g812yDKZMc7Sv7K6zdteONnCvno1kALSg0F2MVMJXFjE/tSontkIRH6IuG19R19NGEj1h56uGwdfe78xjOmv5wk6RZBjaOKqiPSQKNqCKbY9Kyz6yrem2M5uxRK45u3wSPJdmopo8l/nwf0p6ydrUSL5C/aXGh7LPqh31eTBDQUbWHw9LQMk1SibMGQPwJt59lLMlzc5OQZAJEbadsDAgl6VVA6MZkBQROiK9E087kvPesMoGWE0KBgvTqzpBZj0uHATP9i097dv80gjupMyaePsnQOxk0wRho9nRkxRo18Drt3QPVND4YGHzahMe/YR2N83MkbnGoP8K+GsFhLMAp3NKh6yUofFxTgRiB6H8ULKf3CV+hlk0Z9RJR3CpgMTKILYHPlaleJqoP6sXg6tJxI0rUE+0jUKvaTj+N2gX0MjKfUINk5mTbjD2mdVrPtKOBvos2luNhY5nTDpJuAHQqnFHPlPw8l3lXC2VBWOjqfTeeS+qD7ArKe6F7IO5ZNxJ2mTUuodhaPySta1MS37DWoz6UqeJu+wKIsHok90+EU4aAvUABh3RXSQA1E3IaxkooMhhrdIQO6K4L0M+CZ7lP35sW5pnwsN4sFlPec9Xn5e15LTlb9yFlx7Nm4DE2SX1s9QyMRE7z0LNO0X7wiihojuyQM6OQwc+ZaaDw5HerBisX/3LcC9osVLQQg1pt91YcCczUQ08qfUJV6aOD962K+EGzVFQGGauJDzgEH9BHQg7QwCWr0f3mu8/TNBzys2c0YsywDUc3AT1KP6TEJcR/dy6WbhJD3qyO/BLfCzRrHUOIaz+WbwmfTX8tGEQnVV5sEkZ39PWA1hRQ83b3MNV8cRJl+h/FnTk62yM4ZqGu73+x8JiEG3HAJp9/xYfNSwg8++PojJBXe+yM6DrTh5fTnBhxatLEKB658p8jTqJtF4+YD9D8+L39xEns6GQ7FphNqTC6IcpXyqq+zNuzF7vs/T+5n7978dUs3sK6YpBX4BlDxK6MsRF1WYqajEVeBJEMwdX2rfGkN9B5GfWdmdrzBjZQ6yyvlx5Dg++qgxpMiVOXSnw5v7H03PrT1we9wKre/2SQ1A2Oq/UDt/7tR2cMLoaPDNBpFT1W44LJB7o9iDT9YHUG3dC7R8JoeJ5YjyFmxbUQ5xg1oHnrBaPrGCuEYdQWhuDmp9Px2yRu8Agxzr9rNCZ/W8nWJVmvwvlXoldrum2rAECx0wiWqBhQ/+eX65 badger@unaka.lan + diff --git a/files/jenkins/gitconfig b/files/jenkins/gitconfig new file mode 100644 index 0000000000..780b54524f --- /dev/null +++ b/files/jenkins/gitconfig @@ -0,0 +1,4 @@ +[user] + email = sysadmin@fedoraproject.org + name = ${dist_tag} node - Fedora cloud + diff --git a/files/jenkins/sshd_config_slave b/files/jenkins/sshd_config_slave new file mode 100644 index 0000000000..ca6f43b746 --- /dev/null +++ b/files/jenkins/sshd_config_slave @@ -0,0 +1,149 @@ +# $OpenBSD: sshd_config,v 1.84 2011/05/23 03:30:07 djm Exp $ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options override the +# default value. + +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +# The default requires explicit activation of protocol 1 +#Protocol 2 + +# HostKey for protocol version 1 +#HostKey /etc/ssh/ssh_host_key +# HostKeys for protocol version 2 +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_dsa_key +#HostKey /etc/ssh/ssh_host_ecdsa_key + +# Lifetime and size of ephemeral version 1 server key +#KeyRegenerationInterval 1h +#ServerKeyBits 1024 + +# Logging +# obsoletes QuietMode and FascistLogging +#SyslogFacility AUTH +SyslogFacility AUTHPRIV +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +#PermitRootLogin yes +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +#RSAAuthentication yes +#PubkeyAuthentication yes + +# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 +# but this is overridden so installations will only check .ssh/authorized_keys +AuthorizedKeysFile .ssh/authorized_keys + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandRunAs nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#RhostsRSAAuthentication no +# similar for protocol version 2 +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# RhostsRSAAuthentication and HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +#PasswordAuthentication no +PasswordAuthentication yes +#PermitEmptyPasswords no +AllowUsers jenkins_slave root + + +# Change to no to disable s/key passwords +#ChallengeResponseAuthentication yes +ChallengeResponseAuthentication no + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no +#KerberosUseKuserok yes + +# GSSAPI options +#GSSAPIAuthentication no +GSSAPIAuthentication yes +#GSSAPICleanupCredentials yes +GSSAPICleanupCredentials yes +#GSSAPIStrictAcceptorCheck yes +#GSSAPIKeyExchange no + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. +# WARNING: 'UsePAM no' is not supported in Fedora and may cause several +# problems. +#UsePAM no +UsePAM yes + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +#X11Forwarding no +X11Forwarding yes +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PrintMotd yes +#PrintLastLog yes +#TCPKeepAlive yes +#UseLogin no +#UsePrivilegeSeparation yes +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#ShowPatchLevel no +#UseDNS yes +#PidFile /var/run/sshd.pid +#MaxStartups 10 +#PermitTunnel no +#ChrootDirectory none + +# no default banner path +#Banner none + +# Accept locale-related environment variables +AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES +AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT +AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE +AcceptEnv XMODIFIERS + +# override default of no subsystems +Subsystem sftp /usr/libexec/openssh/sftp-server + +# Uncomment this if you want to use .local domain +#Host *.local +# CheckHostIP no + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# ForceCommand cvs server diff --git a/files/jenkins/sshd_config_slave.RedHat b/files/jenkins/sshd_config_slave.RedHat new file mode 100644 index 0000000000..a429f05b35 --- /dev/null +++ b/files/jenkins/sshd_config_slave.RedHat @@ -0,0 +1,141 @@ +# $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options change a +# default value. + +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +# Disable legacy (protocol version 1) support in the server for new +# installations. In future the default will change to require explicit +# activation of protocol 1 +Protocol 2 + +# HostKey for protocol version 1 +#HostKey /etc/ssh/ssh_host_key +# HostKeys for protocol version 2 +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_dsa_key + +# Lifetime and size of ephemeral version 1 server key +#KeyRegenerationInterval 1h +#ServerKeyBits 1024 + +# Logging +# obsoletes QuietMode and FascistLogging +#SyslogFacility AUTH +SyslogFacility AUTHPRIV +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +#PermitRootLogin yes +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +RSAAuthentication yes +PubkeyAuthentication yes +AuthorizedKeysFile .ssh/authorized_keys +#AuthorizedKeysCommand none +#AuthorizedKeysCommandRunAs nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#RhostsRSAAuthentication no +# similar for protocol version 2 +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# RhostsRSAAuthentication and HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +#PasswordAuthentication yes +#PermitEmptyPasswords no +PasswordAuthentication yes +AllowUsers jenkins_slave root + +# Change to no to disable s/key passwords +#ChallengeResponseAuthentication yes +ChallengeResponseAuthentication no + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no +#KerberosUseKuserok yes + +# GSSAPI options +#GSSAPIAuthentication no +GSSAPIAuthentication yes +#GSSAPICleanupCredentials yes +GSSAPICleanupCredentials yes +#GSSAPIStrictAcceptorCheck yes +#GSSAPIKeyExchange no + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. +#UsePAM no +UsePAM yes + +# Accept locale-related environment variables +AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES +AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT +AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE +AcceptEnv XMODIFIERS + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +#X11Forwarding no +X11Forwarding yes +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PrintMotd yes +#PrintLastLog yes +#TCPKeepAlive yes +#UseLogin no +#UsePrivilegeSeparation yes +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#ShowPatchLevel no +#UseDNS yes +#PidFile /var/run/sshd.pid +#MaxStartups 10 +#PermitTunnel no +#ChrootDirectory none + +# no default banner path +#Banner none + +# override default of no subsystems +Subsystem sftp /usr/libexec/openssh/sftp-server + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# ForceCommand cvs server +PermitRootLogin without-password +UseDNS no diff --git a/handlers/restart_services.yml b/handlers/restart_services.yml new file mode 100644 index 0000000000..407337b6ed --- /dev/null +++ b/handlers/restart_services.yml @@ -0,0 +1,13 @@ +######################################## +# Handlers for restarting services +# + +- name: restart ntpd + action: service name=ntpd state=restarted + +- name: restart sshd + action: service name=sshd state=restarted + +- name: restart iptables + action: service name=iptables state=restarted + diff --git a/inventory/group_vars/all b/inventory/group_vars/all new file mode 100644 index 0000000000..b5bd90e552 --- /dev/null +++ b/inventory/group_vars/all @@ -0,0 +1,4 @@ +--- +files: /home/fedora/skvidal/ansible/public/files/ +is_fedora: "'$ansible_distribution' == 'Fedora'" +is_rhel: "'$ansible_distribution' == 'RedHat'" diff --git a/inventory/inventory b/inventory/inventory new file mode 100644 index 0000000000..f26c546f8b --- /dev/null +++ b/inventory/inventory @@ -0,0 +1,62 @@ +[builders] +buildhw +buildvm + +[buildvm] +buildvm-01.phx2.fedoraproject.org +buildvm-02.phx2.fedoraproject.org +buildvm-03.phx2.fedoraproject.org +buildvm-04.phx2.fedoraproject.org +buildvm-05.phx2.fedoraproject.org +buildvm-06.phx2.fedoraproject.org +buildvm-07.phx2.fedoraproject.org +buildvm-08.phx2.fedoraproject.org +buildvm-09.phx2.fedoraproject.org +buildvm-10.phx2.fedoraproject.org +buildvm-11.phx2.fedoraproject.org +buildvm-12.phx2.fedoraproject.org +buildvm-12.phx2.fedoraproject.org +buildvm-13.phx2.fedoraproject.org +buildvm-14.phx2.fedoraproject.org +buildvm-15.phx2.fedoraproject.org +buildvm-16.phx2.fedoraproject.org +buildvm-17.phx2.fedoraproject.org +buildvm-18.phx2.fedoraproject.org +buildvm-19.phx2.fedoraproject.org +buildvm-20.phx2.fedoraproject.org +buildvm-21.phx2.fedoraproject.org +buildvm-22.phx2.fedoraproject.org +buildvm-23.phx2.fedoraproject.org +buildvm-24.phx2.fedoraproject.org +buildvm-25.phx2.fedoraproject.org +buildvm-26.phx2.fedoraproject.org +buildvm-27.phx2.fedoraproject.org +buildvm-28.phx2.fedoraproject.org +buildvm-29.phx2.fedoraproject.org +buildvm-30.phx2.fedoraproject.org +buildvm-31.phx2.fedoraproject.org +buildvm-32.phx2.fedoraproject.org +buildvm-33.phx2.fedoraproject.org +buildvm-34.phx2.fedoraproject.org +buildvm-35.phx2.fedoraproject.org +#buildvm-36.phx2.fedoraproject.org + +[buildvmhost] +buildvmhost-01.phx2.fedoraproject.org +buildvmhost-02.phx2.fedoraproject.org +buildvmhost-03.phx2.fedoraproject.org +buildvmhost-04.phx2.fedoraproject.org +buildvmhost-05.phx2.fedoraproject.org +buildvmhost-06.phx2.fedoraproject.org +buildvmhost-07.phx2.fedoraproject.org +buildvmhost-08.phx2.fedoraproject.org +buildvmhost-09.phx2.fedoraproject.org + +[buildhw] +buildhw-01.phx2.fedoraproject.org +buildhw-02.phx2.fedoraproject.org + + +[releng] +releng01.phx2.fedoraproject.org + diff --git a/library/README b/library/README new file mode 100644 index 0000000000..49ca39d6a1 --- /dev/null +++ b/library/README @@ -0,0 +1 @@ +if we need any local ansible modules this is where they would go diff --git a/playbooks/cloud_el6_prep.yml b/playbooks/cloud_el6_prep.yml new file mode 100644 index 0000000000..af55ded787 --- /dev/null +++ b/playbooks/cloud_el6_prep.yml @@ -0,0 +1,15 @@ +# restricted to run on cloud instances only +- hosts: 209.132.184.* + user: root + vars_files: + - /home/fedora/skvidal/ansible/public/vars/global.yml + - $vars/${ansible_distribution}.yml + - $private/playbooks/vars.yml + + + tasks: + - include: $tasks/cloud_setup_el6.yml + + + handlers: + - include: $handlers/restart_services.yml diff --git a/playbooks/jenkins_slave_el6.yml b/playbooks/jenkins_slave_el6.yml new file mode 100644 index 0000000000..1c166ed82a --- /dev/null +++ b/playbooks/jenkins_slave_el6.yml @@ -0,0 +1,16 @@ +# restricted to run on cloud instances only +- hosts: 209.132.184.* + user: root + vars_files: + - /home/fedora/skvidal/ansible/public/vars/global.yml + - $vars/${ansible_distribution}.yml + - $private/playbooks/vars.yml + + + tasks: + - include: $tasks/cloud_setup_el6.yml + - include: $tasks/jenkins_slave.yml + + + handlers: + - include: $handlers/restart_services.yml diff --git a/scripts/README b/scripts/README new file mode 100644 index 0000000000..8a98bc5f87 --- /dev/null +++ b/scripts/README @@ -0,0 +1 @@ +executable scripts to use ansible on the system diff --git a/tasks/cloud_setup_el6.yml b/tasks/cloud_setup_el6.yml new file mode 100644 index 0000000000..f0cfd54530 --- /dev/null +++ b/tasks/cloud_setup_el6.yml @@ -0,0 +1,34 @@ +--- +- name: put repos on system + action: copy src=$files/common/$item dest=/etc/yum.repos.d/$item + with_items: + - epel6.repo + - rhel6.repo + tags: + - config + +- name: update all + action: command yum -y update + tags: + - packages + +- name: ntpdate install + action: yum state=installed pkg=ntpdate + tags: + - packages +- name: sync time - just once + action: command /usr/sbin/ntpdate -s -b 66.187.233.4 + +- name: edit hostname to be instance name + action: shell hostname `curl -s http://169.254.169.254/latest/meta-data/instance-id` + tags: + - config + +- name: put sysadmin-main in place for sshing in + action: copy src=$files/common/sysadmin-main dest=/root/.ssh/authorized_keys mode=600 backup=true + tags: + - config + +- name: put /dev/vda2 up as /mnt + action: mount name=/mnt src=/dev/vda2 fstype=ext3 passno=1 dump=1 state=mounted + diff --git a/tasks/jenkins_slave.yml b/tasks/jenkins_slave.yml new file mode 100644 index 0000000000..1c3e622ec0 --- /dev/null +++ b/tasks/jenkins_slave.yml @@ -0,0 +1,65 @@ +# setup jenkins slave +--- +- name: install pkgs for jenkins + action: yum state=installed pkg=$item + with_items: + - vim + - java-1.7.0-openjdk + - subversion + - bzr + - git + - rpmlint + - mercurial + - mock + - python-bugzilla + - python-straight-plugin + - python-pip + - python-virtualenv + - python-coverage + - pylint + - python-argparse + - python-nose + - python-BeautifulSoup + - python-fedora + tags: + - packages + +- name: install pkgs for jenkins for fedora systems + action: yum state=installed pkg=$item + only_if: '$is_fedora' + with_items: + - python3 + - python-nose-cover3 + - python3-nose-cover3 + tags: + - packages + +- name: set the hostname to jenkins-osversion + action: command hostname jenkins-${dist_tag} + tags: + - config + +- name: setup jenkins_slave user + action: user name=jenkins_slave state=present createhome=yes system=no password=$jenkins_slave_pw + +- name: jenkins_slave to mock group + action: user name=jenkins_slave groups=mock + +- name: add .gitconfig for jenkins_slave user + action: template src=$files/jenkins/gitconfig dest=/home/jenkins_slave/.gitconfig owner=jenkins_slave group=jenkins_slave mode=664 + tags: + - config + +- name: template sshd_config + action: template src=$item dest=/etc/ssh/sshd_config mode=0600 owner=root group=root + first_available_file: + - $files/jenkins/sshd_config_slave.$ansible_distribution + - $files/jenkins/sshd_config_slave + notify: + - restart sshd + tags: + - config + +- name: mkdir dir for jenkins data + action: file state=directory path=/mnt/jenkins owner=jenkins_slave group=jenkins_slave + diff --git a/vars/Fedora.yml b/vars/Fedora.yml new file mode 100644 index 0000000000..46fe79d679 --- /dev/null +++ b/vars/Fedora.yml @@ -0,0 +1,2 @@ +--- +dist_tag: f${ansible_distribution_version} diff --git a/vars/RedHat.yml b/vars/RedHat.yml new file mode 100644 index 0000000000..cbd9f9c3b9 --- /dev/null +++ b/vars/RedHat.yml @@ -0,0 +1,2 @@ +--- +dist_tag: el${ansible_distribution_version[0]} \ No newline at end of file diff --git a/vars/global.yml b/vars/global.yml new file mode 100644 index 0000000000..1836bb421d --- /dev/null +++ b/vars/global.yml @@ -0,0 +1,9 @@ +--- +private: /home/fedora/skvidal/ansible/private +files: /home/fedora/skvidal/ansible/public/files +handlers: /home/fedora/skvidal/ansible/public/handlers +tasks: /home/fedora/skvidal/ansible/public/tasks +vars: /home/fedora/skvidal/ansible/public/vars +is_fedora: "'$ansible_distribution' == 'Fedora'" +is_rhel: "'$ansible_distribution' == 'RedHat'" +dist_tag: unknown