ansible/playbooks/groups/mbs.yml

122 lines
2.8 KiB
YAML

- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=mbs:mbs-stg"
- name: make the box be real
hosts: mbs:mbs-stg
user: root
gather_facts: True
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
pre_tasks:
- include_tasks: "{{ tasks_path }}/yumrepos.yml"
roles:
- base
- rkhunter
- nagios_client
- hosts
- fas_client
- rsyncd
- sudo
- collectd/base
tasks:
- include_tasks: "{{ tasks_path }}/2fa_client.yml"
- include_tasks: "{{ tasks_path }}/motd.yml"
handlers:
- import_tasks: "{{ handllers_path }}/restart_services.yml"
- name: openvpn on the prod frontend nodes
hosts: mbs-frontend
user: root
gather_facts: True
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- "{{ vars_path }}/{{ ansible_distribution }}.yml"
roles:
- openvpn/client
handlers:
- import_tasks: "{{ handllers_path }}/restart_services.yml"
- name: Set up apache on the frontend MBS API app
hosts: mbs-frontend:mbs-frontend-stg
user: root
gather_facts: True
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- "{{ vars_path }}/{{ ansible_distribution }}.yml"
roles:
- mod_wsgi
handlers:
- import_tasks: "{{ handllers_path }}/restart_services.yml"
- name: set up fedmsg configuration and common mbs files
hosts: mbs:mbs-stg
user: root
gather_facts: True
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
roles:
- fedmsg/base
- mbs/common
handlers:
- import_tasks: "{{ handllers_path }}/restart_services.yml"
- name: deploy the frontend MBS API app
hosts: mbs-frontend:mbs-frontend-stg
user: root
gather_facts: True
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- "{{ vars_path }}/{{ ansible_distribution }}.yml"
roles:
- mbs/frontend
handlers:
- import_tasks: "{{ handllers_path }}/restart_services.yml"
- name: deploy the backend MBS scheduler daemon
hosts: mbs-backend:mbs-backend-stg
user: root
gather_facts: True
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- "{{ vars_path }}/{{ ansible_distribution }}.yml"
roles:
- role: keytab/service
service: mbs
owner_user: fedmsg
host: "mbs{{env_suffix}}.fedoraproject.org"
- role: fedmsg/hub
tags: fedmsg/hub
- role: collectd/fedmsg-service
process: fedmsg-hub
# Amazingly, there isn't need for a mbs/backend role. The fedmsg/hub role
# along with mbs/common is enough.
#- mbs/backend
handlers:
- import_tasks: "{{ handllers_path }}/restart_services.yml"