Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
11474 commits 9 branches 0 tags 111 MiB
Commit graph

92 commits

Author SHA1 Message Date
Ralph Bean
b581e4a6f9 Use the gitolite Alias feature in staging. 2015-12-22 17:37:06 +00:00
Ralph Bean
a57d418bfb Make gitolite.rc a template. 2015-12-22 16:49:28 +00:00
Patrick Uiterwijk
4ec8ff4264 Publish the full list of git repos 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-12-18 00:50:29 +00:00
Ralph Bean
2bca286974 Make genacls.sh a template. 2015-12-17 21:54:17 +00:00
Pierre-Yves Chibon
16fb8ba80a Invert the folder/symlink status between rpms and repositories 2015-12-17 16:38:43 +01:00
Pierre-Yves Chibon
ec89cc5e83 Tag as distgit and config a few more tasks in the distgit role 2015-12-11 13:49:27 +01:00
Kevin Fenzi
87a5d3b374 Re-add run_once here. 2015-11-30 20:16:21 +00:00
Kevin Fenzi
7bc33f64f2 Might need to drop this for ansible 2.0 2015-11-21 18:12:36 +00:00
Patrick Uiterwijk
08568865fe Replace all restart httpd with reload httpd 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-11-04 23:40:01 +00:00
Kevin Fenzi
1caa9a2ef8 Add httpd_read_user_content selinux boolean on distgit 2015-07-21 23:44:31 +00:00
Pierre-Yves Chibon
24d6ca29a8 Turn on git_system_enable_homedirs but don't ask why 2015-07-15 11:38:22 +02:00
Pierre-Yves Chibon
f12571f531 Add some distgit tags 2015-06-05 18:13:00 +02:00
Mathieu Bridon
09f525598f distgit: Pretend we're on NFS 
Staging doesn't use NFS for its lookaside cache, like Prod does.

This makes SELinux happier, pretending that staging also is on NFS.
 2015-06-05 11:10:49 +02:00
Patrick Uiterwijk
4b22cd9f2a Update upload_cgi and add cgi-nfs for pkgs 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-06-05 09:02:28 +00:00
Ralph Bean
00c0c89076 Undo this stg/prod distinction. 2015-04-24 17:31:24 +00:00
Ralph Bean
4690a26ece Typofix. 2015-04-24 17:18:48 +00:00
Ralph Bean
fbccedc4e6 Try adding a custom cgit header for staging. 2015-04-24 17:17:53 +00:00
Ralph Bean
f4a1646d89 Typofix. 2015-04-24 17:12:36 +00:00
Ralph Bean
48c540664c Make cgitrc into separate files for prod and staging. 2015-04-24 17:11:03 +00:00
Patrick Uiterwijk
273620cd25 We need the _exec version off course 2015-03-13 00:50:40 +00:00
Patrick Uiterwijk
4a19044c35 More fixes to selinux pkgs 2015-03-13 00:49:11 +00:00
Patrick Uiterwijk
c015ad545c Same fix on more places 2015-03-13 00:45:16 +00:00
Patrick Uiterwijk
04dee89215 This type is always nfs_t, and we have a policy to allow that.. 2015-03-12 15:26:30 +00:00
Patrick Uiterwijk
1365500c17 Creating branches is now started by genacls.sh. 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-02-24 09:40:25 +00:00
Pierre-Yves Chibon
f883635ab5 Set the git_cgi_use_nfs SELinux boolean for the lookaside 2015-02-19 13:38:24 +01:00
Kevin Fenzi
5c6d849828 Wonder if it's a formatting issue 2015-02-16 16:01:27 +00:00
Kevin Fenzi
efc074f1ae Some more idemportency stuff 2015-02-16 15:51:08 +00:00
Kevin Fenzi
e6f2b7ad74 Run this even when doing check 2015-02-16 15:37:37 +00:00
Kevin Fenzi
88d5fd21e6 Move mount of lookaside on pkgs to nfs/client role 2015-02-16 14:47:04 +00:00
Pierre-Yves Chibon
31d4a63cd5 We do want a certificate in stg 2015-01-29 17:03:35 +00:00
Pierre-Yves Chibon
ad0972e28c Use different certs for prod and stg 2015-01-29 16:59:37 +00:00
Pierre-Yves Chibon
94c23a6992 Turn on the SELinux boolean nis_enabled on pkgs 2015-01-29 11:59:48 +01:00
Pierre-Yves Chibon
edaf6e3e80 Fix the content for /srv/cache 2015-01-28 15:27:57 +01:00
Pierre-Yves Chibon
bca02bd864 No need for two states and s/file/touch 2015-01-28 14:03:14 +01:00
Pierre-Yves Chibon
63fc693a28 Needs space 2015-01-28 13:55:29 +01:00
Pierre-Yves Chibon
44fe149b9e Precise the state, we want directories not file 2015-01-28 13:54:53 +01:00
Pierre-Yves Chibon
d2e73c5d91 Add our own SELinux policy for upload.cgi 
Many thanks to tfirg on #selinux for helping out making this policy
 2015-01-28 12:22:16 +01:00
Pierre-Yves Chibon
299ecf5943 Adjust the mode for the update hook itself 2015-01-27 18:44:14 +01:00
Mathieu Bridon
31933066d0 distgit: Fix perms on the Gitolite stuff 
We can't execute the update hooks otherwise.
 2015-01-27 18:40:11 +01:00
Pierre-Yves Chibon
14eeee7437 Fix the check-update-hooks, repos are in /srv 2015-01-27 17:14:30 +01:00
Mathieu Bridon
158afc5467 distgit: We also need semanage here 2015-01-27 15:48:22 +01:00
Mathieu Bridon
8a6719517b Revert "distgit: Merge in the cgit/make_pkgs_list role" 
This reverts commit a29f50a19a.

Turns out, Fedora People needs this as well, so it needs to remain
separated.

Sorry for the noise!
 2015-01-27 15:33:45 +01:00
Mathieu Bridon
a29f50a19a distgit: Merge in the cgit/make_pkgs_list role 
Having it split out was causing trouble, because distgit depends on it,
but it depends on the /srv/git folder being created, which is created
in the distgit role...

Nothing else uses this though, so merging it is the easy way out.
 2015-01-27 15:31:17 +01:00
Mathieu Bridon
c066e21c3a distgit: Ensure the proper SELinux contexts 2015-01-27 13:36:15 +01:00
Pierre-Yves Chibon
c617bc46a1 Give /srv/cache/lookaside/pkgs to apache 2015-01-27 08:49:35 +01:00
Pierre-Yves Chibon
52ff90ba9c Drop the fas.conf specific to distgit 2015-01-23 17:59:36 +01:00
Pierre-Yves Chibon
79eb0db7c0 Let distgit install its own fas.conf after the first run of fas_client 2015-01-23 15:06:47 +01:00
Mathieu Bridon
4602628727 Add the gen-acls user to the packager group 
This is required to run gitolite compile properly.
 2015-01-22 19:49:15 +01:00
Pierre-Yves Chibon
7a2f626fc9 Specify otherwise the groups with shell access 2015-01-22 18:06:52 +01:00
Pierre-Yves Chibon
8521f61cf8 Some join logic to fix the call to users-from-fas 2015-01-22 18:05:06 +01:00