228 lines
7.2 KiB
YAML
228 lines
7.2 KiB
YAML
---
|
|
# Configuration for the mirrormanager backend
|
|
|
|
- name: install needed packages
|
|
package: name={{ item }} state=present update_cache=yes
|
|
with_items:
|
|
- mirrormanager2-backend
|
|
- mirrormanager2-statistics
|
|
- bzip2
|
|
- python-psycopg2
|
|
- fedmsg
|
|
- fedora-messaging
|
|
- jq
|
|
- geolite2-city
|
|
- geolite2-country
|
|
- cargo
|
|
- postgresql-devel
|
|
- git
|
|
tags:
|
|
- packages
|
|
|
|
- name: create /etc/mirrormanager
|
|
file: path=/etc/mirrormanager state=directory
|
|
|
|
- name: create /var/log/mirrormanager
|
|
file: path=/var/log/mirrormanager state=directory owner=mirrormanager group=mirrormanager mode=0755
|
|
|
|
- name: install MM configuration file
|
|
template: src={{ item.file }} dest={{ item.dest }}
|
|
owner=mirrormanager group=mirrormanager mode=0600
|
|
with_items:
|
|
- { file: "{{ roles_path }}/mirrormanager/frontend2/templates/mirrormanager2.cfg",
|
|
dest: /etc/mirrormanager/mirrormanager2.cfg }
|
|
- { file: "{{ roles_path }}/mirrormanager/frontend2/templates/alembic.ini",
|
|
dest: /etc/mirrormanager/alembic.ini }
|
|
tags:
|
|
- config
|
|
|
|
- name: install the cron job
|
|
copy: src=backend.cron dest=/etc/cron.d/mm2_backend.cron
|
|
tags:
|
|
- config
|
|
when: env != 'staging'
|
|
|
|
- name: install backend helper scripts
|
|
copy: src={{ item }} dest=/usr/local/bin/{{ item }} mode=0755
|
|
with_items:
|
|
- umdl-required
|
|
- update-mirrorlist-server
|
|
tags:
|
|
- mirrormanager/backend
|
|
|
|
- name: install the umdl-required logrotate file
|
|
copy: src=mm2_umdl-required.logrotate dest=/etc/logrotate.d/mm2_umdl-required mode=644
|
|
|
|
- name: install backend helper scripts from template
|
|
template: src={{ item }} dest=/usr/local/bin/{{ item }} mode=0755
|
|
with_items:
|
|
- sync_cache_to_mirrorlists.sh
|
|
- handle_propagation.sh
|
|
- create_maps.sh
|
|
- create_statistics.sh
|
|
tags:
|
|
- mirrormanager/backend
|
|
|
|
- name: handle propagation cronjob
|
|
cron: name="handle-propagation" minute="45" hour="*/2" user="mirrormanager"
|
|
job="/usr/local/bin/handle_propagation.sh"
|
|
cron_file=handle-propagation
|
|
disabled=true
|
|
|
|
- name: create worldmap cronjob
|
|
cron: name="create-worldmap" minute="50" hour="20" user="mirrormanager"
|
|
job="/usr/local/bin/create_maps.sh"
|
|
cron_file=create-worldmap
|
|
disabled=true
|
|
|
|
- name: create mirrorlist statistics cronjob
|
|
cron: name="create-statistics" minute="4" hour="*/2" user="mirrormanager"
|
|
job="/usr/local/bin/create_statistics.sh"
|
|
cron_file=create-statistics
|
|
disabled=true
|
|
|
|
- name: create yesterdays mirrorlist statistics cronjob
|
|
cron: name="yesterdays-statistics" minute="55" hour="0" user="mirrormanager"
|
|
job="/usr/local/bin/create_statistics.sh yesterday"
|
|
cron_file=yesterdays-statistics
|
|
disabled=true
|
|
|
|
- name: setup /var/lib/mirrormanager/.ssh directory
|
|
copy: >
|
|
src="{{ private }}/files/mirrormanager/"
|
|
dest="/var/lib/mirrormanager/.ssh"
|
|
directory_mode=0700
|
|
owner=mirrormanager
|
|
group=mirrormanager
|
|
mode=0700
|
|
tags:
|
|
- config
|
|
when: env != 'staging'
|
|
|
|
- name: Create /etc/pki/fedora-messaging
|
|
file:
|
|
dest: /etc/pki/fedora-messaging
|
|
mode: 0775
|
|
owner: root
|
|
group: root
|
|
state: directory
|
|
when: "deployment_type is defined"
|
|
tags:
|
|
- config
|
|
|
|
# FIXME: do we need to create a mirrormanager cert ?
|
|
- name: Deploy the Fedora mirrormanager fedora-messaging cert
|
|
copy:
|
|
src: "{{ private }}/files/rabbitmq/{{env}}/pki/issued/mirrormanager2{{env_suffix}}.crt"
|
|
dest: /etc/pki/fedora-messaging/mirrormanager{{env_suffix}}-cert.pem
|
|
mode: 0644
|
|
owner: root
|
|
group: root
|
|
when: "deployment_type is defined"
|
|
tags:
|
|
- config
|
|
|
|
- name: Deploy the Fedora infra fedora-messaging key
|
|
copy:
|
|
src: "{{ private }}/files/rabbitmq/{{env}}/pki/private/mirrormanager2{{env_suffix}}.key"
|
|
dest: /etc/pki/fedora-messaging/mirrormanager{{env_suffix}}-key.pem
|
|
mode: 0640
|
|
owner: root
|
|
group: root
|
|
when: "deployment_type is defined"
|
|
tags:
|
|
- config
|
|
|
|
# To decrease the crawl duration on the mirrors we have been
|
|
# recommending to lower the default value of vfs_cache_pressure
|
|
# from 100 to 10. This causes the kernel to prefer to keep dentries
|
|
# when under memory pressure. Let's also set it on the mm backend
|
|
# systems as umdl is also mainly looking at the metadata.
|
|
- sysctl: name=vm.vfs_cache_pressure value=10 state=present sysctl_set=yes reload=yes
|
|
|
|
# MirrorManager cannot access pre-bitflip content:
|
|
# https://fedorahosted.org/fedora-infrastructure/ticket/5289
|
|
# Putting the mirrormanager user into the ftpsync(263) group
|
|
# should enable the mirrormanager user to read the files.
|
|
|
|
- group: name=ftpsync state=present gid=263
|
|
|
|
# The mirrormanager user is created by the mirrormanager2-backend RPM
|
|
# Just adding it the existing user to the ftpsync group.
|
|
- user: name=mirrormanager groups=ftpsync append=yes
|
|
|
|
- name: install generate-mirrorlist-cache configuration file
|
|
template:
|
|
src: generate-mirrorlist-cache.cfg
|
|
dest: /etc/mirrormanager/generate-mirrorlist-cache.cfg
|
|
owner: mirrormanager
|
|
group: mirrormanager
|
|
mode: 0600
|
|
- name: install scan-primary-mirror configuration file
|
|
template:
|
|
src: scan-primary-mirror.toml
|
|
dest: /etc/mirrormanager/scan-primary-mirror.toml
|
|
owner: mirrormanager
|
|
group: mirrormanager
|
|
mode: 0600
|
|
- name: install scan-primary-mirror centos configuration file
|
|
template:
|
|
src: scan-primary-mirror-centos.toml
|
|
dest: /etc/mirrormanager/scan-primary-mirror-centos.toml
|
|
owner: mirrormanager
|
|
group: mirrormanager
|
|
mode: 0600
|
|
- name: create /srv/mirrorlist-server.git
|
|
file: path=/srv/mirrorlist-server.git state=directory owner=mirrormanager group=mirrormanager mode=0755
|
|
- name: create /srv/scan-primary-mirror.git
|
|
file: path=/srv/scan-primary-mirror.git state=directory owner=mirrormanager group=mirrormanager mode=0755
|
|
- name: checkout mirrorlist-server
|
|
git:
|
|
repo: https://github.com/adrianreber/mirrorlist-server.git
|
|
version: 3.0.6
|
|
dest: /srv/mirrorlist-server.git
|
|
become: yes
|
|
become_user: mirrormanager
|
|
register: mirrorlist_server_downloaded
|
|
- name: checkout scan-primary-mirror
|
|
git:
|
|
repo: https://github.com/adrianreber/scan-primary-mirror.git
|
|
version: 0.4.3
|
|
dest: /srv/scan-primary-mirror.git
|
|
become: yes
|
|
become_user: mirrormanager
|
|
register: scan_primary_mirror_downloaded
|
|
- name: build generate-mirrorlist-cache
|
|
command: "cargo build --release --bin generate-mirrorlist-cache"
|
|
args:
|
|
chdir: /srv/mirrorlist-server.git
|
|
become: yes
|
|
become_user: mirrormanager
|
|
register: mirrorlist_server_built
|
|
when: "mirrorlist_server_downloaded is changed"
|
|
- name: build scan-primary-mirror
|
|
command: "cargo build --release"
|
|
args:
|
|
chdir: /srv/scan-primary-mirror.git
|
|
become: yes
|
|
become_user: mirrormanager
|
|
register: scan_primary_mirror_built
|
|
when: "scan_primary_mirror_downloaded is changed"
|
|
- name: install generate-mirrorlist-cache
|
|
copy:
|
|
src: /srv/mirrorlist-server.git/target/release/generate-mirrorlist-cache
|
|
dest: /usr/local/bin/generate-mirrorlist-cache
|
|
remote_src: yes
|
|
owner: root
|
|
group: root
|
|
mode: 0755
|
|
when: "mirrorlist_server_built is changed"
|
|
- name: install scan-primary-mirror
|
|
copy:
|
|
src: /srv/scan-primary-mirror.git/target/release/scan-primary-mirror
|
|
dest: /usr/local/bin/scan-primary-mirror
|
|
remote_src: yes
|
|
owner: root
|
|
group: root
|
|
mode: 0755
|
|
when: "scan_primary_mirror_built is changed"
|