Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
ansible/roles/mirrormanager/backend/tasks/main.yml
Kevin Fenzi 7aba98780e fedora-messaging-migration: Patches from Karsten Hopp to move script calling things from fedmsg to fedora-messaging 
We will need to check these services after pushing this out and confirm
that they are still emitting or hearing messages they need to.

Many thanks Karsten!
2020-04-24 21:34:16 +02:00

140 lines
4.4 KiB
YAML
Raw Blame History

---
# Configuration for the mirrormanager backend
- name: install needed packages
package: name={{ item }} state=present update_cache=yes
with_items:
- mirrormanager2-backend
- mirrormanager2-statistics
- bzip2
- python-psycopg2
- fedmsg
- fedora-messaging
- jq
- geolite2-city
- geolite2-country
tags:
- packages
- name: create /etc/mirrormanager
file: path=/etc/mirrormanager state=directory
- name: create /var/log/mirrormanager
file: path=/var/log/mirrormanager state=directory owner=mirrormanager group=mirrormanager mode=0755
- name: install MM configuration file
template: src={{ item.file }} dest={{ item.dest }}
owner=mirrormanager group=mirrormanager mode=0600
with_items:
- { file: "{{ roles_path }}/mirrormanager/frontend2/templates/mirrormanager2.cfg",
dest: /etc/mirrormanager/mirrormanager2.cfg }
- { file: "{{ roles_path }}/mirrormanager/frontend2/templates/alembic.ini",
dest: /etc/mirrormanager/alembic.ini }
tags:
- config
- name: install the cron job
copy: src=backend.cron dest=/etc/cron.d/mm2_backend.cron
tags:
- config
when: env != 'staging'
- name: install the umdl-required script
copy: src=umdl-required dest=/usr/local/bin/umdl-required mode=0755
- name: install the umdl-required logrotate file
copy: src=mm2_umdl-required.logrotate dest=/etc/logrotate.d/mm2_umdl-required mode=644
- name: install backend helper scripts
template: src={{ item }} dest=/usr/local/bin/{{ item }} mode=0755
with_items:
- sync_pkl_to_mirrorlists.sh
- handle_propagation.sh
- create_maps.sh
- create_statistics.sh
tags:
- mirrormanager/backend
- name: handle propagation cronjob
cron: name="handle-propagation" minute="45" hour="*/2" user="mirrormanager"
job="/usr/local/bin/handle_propagation.sh"
cron_file=handle-propagation
- name: create worldmap cronjob
cron: name="create-worldmap" minute="50" hour="20" user="mirrormanager"
job="/usr/local/bin/create_maps.sh"
cron_file=create-worldmap
- name: create mirrorlist statistics cronjob
cron: name="create-statistics" minute="4" hour="*/2" user="mirrormanager"
job="/usr/local/bin/create_statistics.sh"
cron_file=create-statistics
- name: create yesterdays mirrorlist statistics cronjob
cron: name="yesterdays-statistics" minute="15" hour="0" user="mirrormanager"
job="/usr/local/bin/create_statistics.sh yesterday"
cron_file=yesterdays-statistics
- name: setup /var/lib/mirrormanager/.ssh directory
copy: >
src="{{ private }}/files/mirrormanager/"
dest="/var/lib/mirrormanager/.ssh"
directory_mode=yes
owner=mirrormanager
group=mirrormanager
mode=0700
tags:
- config
when: env != 'staging'
- name: Create /etc/pki/fedora-messaging
file:
dest: /etc/pki/fedora-messaging
mode: 0775
owner: root
group: root
state: directory
when: "deployment_type is defined"
tags:
- config
# FIXME: do we need to create a mirrormanager cert ?
- name: Deploy the Fedora mirrormanager fedora-messaging cert
copy:
src: "{{ private }}/files/rabbitmq/{{env}}/pki/issued/mirrormanager{{env_suffix}}.crt"
dest: /etc/pki/fedora-messaging/mirrormanager{{env_suffix}}-cert.pem
mode: 0644
owner: root
group: root
when: "deployment_type is defined"
tags:
- config
- name: Deploy the Fedora infra fedora-messaging key
copy:
src: "{{ private }}/files/rabbitmq/{{env}}/pki/private/mirrormanager{{env_suffix}}.key"
dest: /etc/pki/fedora-messaging/mirrormanager{{env_suffix}}-key.pem
mode: 0640
owner: root
group: root
when: "deployment_type is defined"
tags:
- config
# To decrease the crawl duration on the mirrors we have been
# recommending to lower the default value of vfs_cache_pressure
# from 100 to 10. This causes the kernel to prefer to keep dentries
# when under memory pressure. Let's also set it on the mm backend
# systems as umdl is also mainly looking at the metadata.
- sysctl: name=vm.vfs_cache_pressure value=10 state=present sysctl_set=yes reload=yes
# MirrorManager cannot access pre-bitflip content:
# https://fedorahosted.org/fedora-infrastructure/ticket/5289
# Putting the mirrormanager user into the ftpsync(263) group
# should enable the mirrormanager user to read the files.
- group: name=ftpsync state=present gid=263
# The mirrormanager user is created by the mirrormanager2-backend RPM
# Just adding it the existing user to the ftpsync group.
- user: name=mirrormanager groups=ftpsync append=yes
Reference in a new issue View git blame Copy permalink