Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
ansible/playbooks/groups/bodhi-backend.yml
Andrew Heath a961a5ed7d updating playbooks to work with ansible 2.14
2023-05-18 15:28:34 -04:00

132 lines
3.8 KiB
YAML
Raw Blame History

# create a new bodhi-backend system
#
# This group makes bodhi-backend servers.
# They are used by releng to push updates with bodhi.
# They also run some misc releng scripts.
#
- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml"
vars:
myhosts: "bodhi_backend:bodhi_backend_stg"
# Once the instance exists, configure it.
- name: make bodhi-backend server system
hosts: bodhi_backend:bodhi_backend_stg
user: root
gather_facts: True
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/web/infra/ansible/vars/all/RelEngFrozen.yaml"
- "/srv/web/infra/ansible/vars/all/00-FedoraCycleNumber.yaml"
- "/srv/web/infra/ansible/vars/all/FedoraBranched.yaml"
- "/srv/web/infra/ansible/vars/all/FedoraBranchedNumber.yaml"
- "/srv/web/infra/ansible/vars/all/FedoraRawhideNumber.yaml"
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
pre_tasks:
- include_vars: dir=/srv/web/infra/ansible/vars/all/ ignore_files=README
- import_tasks: "{{ tasks_path }}/yumrepos.yml"
roles:
- base
- nagios_client
- collectd/base
- hosts
- ipa/client
- sudo
- rkhunter
- role: nfs/client
mnt_dir: '/mnt/fedora_koji'
nfs_src_dir: 'fedora_koji'
- bodhi2/backend
- role: nfs/client
mnt_dir: '/mnt/koji/ostree'
nfs_src_dir: 'fedora_ostree_content/ostree'
when: env != 'staging'
- role: nfs/client
mnt_dir: '/mnt/koji/compose/ostree'
nfs_src_dir: 'fedora_ostree_content/compose/ostree'
when: env != 'staging'
- role: nfs/client
mnt_dir: '/mnt/koji/ostree'
nfs_src_dir: 'fedora_ostree_content-stg/ostree'
when: env == 'staging'
- role: nfs/client
mnt_dir: '/mnt/koji/compose/ostree'
nfs_src_dir: 'fedora_ostree_content_stg/compose/ostree'
when: env == 'staging'
# In staging, we mount fedora_koji as read only (see nfs_mount_opts)
- role: nfs/client
mnt_dir: '/mnt/fedora_koji_prod'
nfs_src_dir: 'fedora_koji'
when: env == 'staging'
- role: nfs/client
mnt_dir: '/pub/'
nfs_src_dir: 'fedora_ftp/fedora.redhat.com/pub/'
- role: nfs/client
mnt_dir: '/pub/archive'
nfs_src_dir: 'fedora_ftp_archive'
- role: keytab/service
owner_user: apache
owner_group: apache
service: bodhi
host: "bodhi{{ env_suffix }}.fedoraproject.org"
- role: zabbix/zabbix_agent
when: env == "staging"
- role: push-container-registry
cert_dest_dir: "/etc/docker/certs.d/registry{{ env_suffix }}.fedoraproject.org"
cert_src: "{{private}}/files/docker-registry/{{env}}/pki/issued/containerstable.crt"
key_src: "{{private}}/files/docker-registry/{{env}}/pki/private/containerstable.key"
certs_group: apache
- role: rabbit/queue
username: "bodhi{{ env_suffix }}"
queue_name: "bodhi{{ env_suffix }}_composer"
routing_keys: "{{ bodhi_message_routing_keys }}"
thresholds:
warning: 10
critical: 100
sent_topics: ^org\.fedoraproject\.{{ env_short }}\.bodhi\..*
- role: rabbit/queue
username: "bodhi{{ env_suffix }}"
queue_name: "bodhi{{ env_suffix }}_koji_sync_listener{{ env_suffix }}"
routing_keys:
- "io.pagure.*.pagure.issue.edit"
thresholds:
warning: 10
critical: 100
- role: zabbix/zabbix_agent
zabbix_server: apache
zabbix_server_ip: apache
when: env == "staging"
tasks:
- name: create secondary volume dir for stg bodhi
file: dest=/mnt/koji/vol state=directory owner=apache group=apache mode=0755
tags: bodhi
when: env == 'staging'
- name: create symlink for stg/prod secondary volume
file: src=/mnt/fedora_koji_prod/koji dest=/mnt/koji/vol/prod state=link
tags: bodhi
when: env == 'staging'
- import_tasks: "{{ tasks_path }}/motd.yml"
handlers:
- import_tasks: "{{ handlers_path }}/restart_services.yml"
Reference in a new issue View git blame Copy permalink