infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions
ansible/roles/mirror_pagure_ansible/tasks/main.yml
Ryan Lerch 3c41882bb0 ansiblelint fixes - fqcn[action-core] - shell to ansible.builtin.shell 
Replaces references to shell: with ansible.builtin.shell

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
2025-01-15 11:29:10 +10:00

125 lines
3.1 KiB
YAML
Raw Blame History

---
- name: Install packages
ansible.builtin.package: state=present name={{ item }}
with_items:
- fedora-messaging
- git
tags:
- packages
- mirror_pagure_ansible
# Create the user the service will run under
- name: Setup pagure user
user:
name: mirror_pagure_ansible
ansible.builtin.shell: /sbin/nologin
comment: "mirror_pagure_ansible User"
tags:
- mirror_pagure_ansible
- mirror_pagure_ansible/user
# Ensure the user can write to where we want to store the mirror
- name: Give access to mirror_pagure_ansible to /srv
ansible.builtin.command: setfacl -m d:u:mirror_pagure_ansible:rwx /srv -m u:mirror_pagure_ansible:rwx /srv/
tags:
- config
- mirror_pagure_ansible
# configure all the fedora-messaging files
- name: Create /etc/pki/fedora-messaging
ansible.builtin.file:
dest: /etc/pki/fedora-messaging
mode: "0775"
owner: root
group: root
state: directory
tags:
- config
- mirror_pagure_ansible
- name: Deploy pagure/rabbitmq certificate
ansible.builtin.copy: src={{ item.src }}
dest=/etc/pki/fedora-messaging/{{ item.dest }}
owner={{ item.owner }} group={{ item.group}} mode={{ item.mode }}
with_items:
- src: "{{private}}/files/rabbitmq/production/pki/issued/mirror_pagure_ansible{{env_suffix}}.crt"
dest: mirror_pagure_ansible.crt
owner: mirror_pagure_ansible
group: mirror_pagure_ansible
mode: "0644"
- src: "{{private}}/files/rabbitmq/production/pki/private/mirror_pagure_ansible{{env_suffix}}.key"
dest: mirror_pagure_ansible.key
owner: mirror_pagure_ansible
group: mirror_pagure_ansible
mode: "0600"
- src: "{{private}}/files/rabbitmq/production/pki/ca.crt"
dest: cacert.pem
owner: mirror_pagure_ansible
group: mirror_pagure_ansible
mode: "0644"
tags:
- pagure
- fedora-messaging
- name: Setup mirror_pagure_ansible fedora-messaging config
template:
src: mirror_pagure_ansible.cfg
dest: /etc/fedora-messaging/mirror_pagure_ansible.toml
owner: mirror_pagure_ansible
group: mirror_pagure_ansible
mode: "0640"
tags:
- config
- mirror_pagure_ansible
# Install the script
- name: Create /usr/local/libexec/mirror_pagure_ansible
ansible.builtin.file:
dest: /usr/local/libexec/mirror_pagure_ansible
mode: "0775"
owner: root
group: root
state: directory
tags:
- config
- mirror_pagure_ansible
- name: Install the consumer
template:
src: mirror_from_pagure_bus.py
dest: /usr/local/libexec/mirror_pagure_ansible/mirror_from_pagure_bus.py
tags:
- packages
- mirror_pagure_ansible
# Install and start the service
- name: Install the dedicated service file for mirror_pagure_ansible
template:
src: mirror_pagure_ansible.service
dest: /etc/systemd/system/mirror_pagure_ansible.service
owner: root
group: root
mode: "0755"
notify:
- reload systemd
tags:
- config
- mirror_pagure_ansible
- name: Enable and started the service
service:
name: mirror_pagure_ansible.service
enabled: yes
state: started
tags:
- config
- mirror_pagure_ansible
View git blame Copy permalink