Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
ansible/playbooks/hosts/gitlab-dev.cloud.fedoraproject.org.yml
Ricky Elrod 591fd26cd0 fix a syntax error
2013-03-28 19:36:33 +00:00

315 lines
10 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

- name: check/create instance
hosts: gitlab-dev.cloud.fedoraproject.org
user: root
gather_facts: False
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- ${private}/vars.yml
tasks:
- include: $tasks/persistent_cloud.yml
- name: provision instance
hosts: gitlab-dev.cloud.fedoraproject.org
user: root
gather_facts: True
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- ${private}/vars.yml
- ${vars}/${ansible_distribution}.yml
- ${private}/files/gitlab/vars.yml
tasks:
- include: $tasks/cloud_setup_basic.yml
handlers:
- include: $handlers/restart_services.yml
- hosts: gitlab-dev.cloud.fedoraproject.org
user: root
tasks:
- name: Install necessary packages
yum: state=present name=$item
with_items:
- httpd
- ruby
- rubygems
- ruby-devel
- git
- python-pygments
- perl-Data-Dumper
- postfix
- redis
- libicu-devel
- libxslt-devel
- libxml2-devel
- mysql-server
- mysql-devel
- MySQL-python
- gcc
- gcc-c++
- make
- glibc-devel
- name: Start services and make them start on boot
shell: systemctl enable $item.service && systemctl start $item.service
with_items:
- mysqld
- redis
- httpd
- name: Create user 'git'
user: state=present name=git system=yes shell=/bin/sh comment="Git Version Control"
- name: Create user 'gitlab'
user: state=present name=gitlab groups=git comment="GitLab" generate_ssh_key=yes
notify:
- Add local ssh key to known_hosts
handlers:
- name: Add local ssh key to known_hosts
shell: ssh-keyscan localhost >> /home/gitlab/.ssh/known_hosts
- hosts: gitlab-dev.cloud.fedoraproject.org
user: root
sudo: yes
sudo_user: git
tasks:
- name: Clone the gitlab fork of gitolite
git: repo=https://github.com/gitlabhq/gitolite.git dest=/home/git/gitolite version=gl-v320
- name: ensure /home/git/bin exists
file: state=directory path=/home/git/bin
# Its not ideal to solve this using handlers, but we dont want that append script to trigger twice and its not possible to check if it has run without doing anything crazy.
notify:
- Setup gitolite PATH
- Setup gitolite symlink
handlers:
- name: Setup gitolite PATH
command: sh -c 'printf "%b\n%b\n" "PATH=\$PATH:/home/git/bin" "export PATH" >> /home/git/.profile'
- name: Setup gitolite symlink
command: sh -c 'gitolite/install -ln /home/git/bin' chdir=/home/git
- hosts: gitlab-dev.cloud.fedoraproject.org
user: root
tasks:
- name: Copy the 'gitlab' user SSH key to the 'git' user home directory
command: cp /home/gitlab/.ssh/id_rsa.pub /home/git/gitlab.pub creates=/home/git/gitlab.pub
- name: Set permissions on the copied SSH key
file: path=/home/git/gitlab.pub mode=0444
- hosts: gitlab-dev.cloud.fedoraproject.org
user: root
sudo: yes
sudo_user: git
tasks:
- name: Run gitolite setup (creates gitolite-admin repo)
command: sh -c "PATH=/home/git/bin:$PATH; gitolite setup -pk /home/git/gitlab.pub" creates=/home/git/repositories/gitolite-admin.git
- hosts: gitlab-dev.cloud.fedoraproject.org
user: root
tasks:
- name: Ensure Gitolite config dir is owned by git:git and has mode 750
file: state=directory path=/home/git/.gitolite mode=750 owner=git group=git recurse=yes
- name: Fix directory permissions for repositories (1)
command: chmod -R ug+rwX,o-rwx /home/git/repositories/
- name: Fix directory permissions for repositories (2)
file: state=directory path=/home/git/repositories owner=git group=git recurse=yes
- name: Fix directory permissions for repositories (3)
shell: find /home/git/repositories -type d -print0 | sudo xargs -0 chmod g+s
- name: Fix directory permissions for /home/git
shell: chmod 750 /home/git
- name: Create a MySQL db
mysql_db: state=present name=gitlabhq_production collation=utf8_unicode_ci encoding=utf8
- name: Add a MySQL 'gitlab' user
mysql_user: state=present name=gitlab host=localhost password=$database_password
- name: Grant permissions to the new MySQL 'gitlab' user
mysql_user: state=present name=gitlab priv=gitlabhq_production.*:SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,INDEX,ALTER
- name: Install some extra necessary gems
command: gem install $item
with_items:
- charlock_holmes
- bundler
- hosts: gitlab-dev.cloud.fedoraproject.org
user: root
sudo: yes
sudo_user: gitlab
vars_files:
- /srv/web/infra/ansible/vars/global.yml
tasks:
- name: Clone GitLab 4.2 stable
git: repo=https://github.com/gitlabhq/gitlabhq.git dest=/home/gitlab/gitlab version=4-2-stable
- name: Create GitLab config
template: src=$files/gitlab/gitlab.yml dest=/home/gitlab/gitlab/config/gitlab.yml
- name: Create Unicorn config
template: src=$files/gitlab/unicorn.rb dest=/home/gitlab/gitlab/config/unicorn.rb
- name: Create database config
template: src=$files/gitlab/database.yml dest=/home/gitlab/gitlab/config/database.yml
- name: Run bundler
command: /usr/local/bin/bundle install --deployment --without development test postgres chdir=/home/gitlab/gitlab
- name: Set git username
command: chdir=/home/gitlab git config --global user.name "GitLab"
- name: Set git email
command: chdir=/home/gitlab git config --global user.email "gitlab@localhost" # Should use same user.email as in config/gitlab.yml is it really needed?
# TODO: If we don't use mysql, change this path.
- name: Run rake gitlab:setup
shell: creates=/home/gitlab/ran_migrations chdir=/home/gitlab/gitlab yes yes | /usr/local/bin/bundle exec rake gitlab:setup RAILS_ENV=production; touch /home/gitlab/ran_migrations
- hosts: gitlab-dev.cloud.fedoraproject.org
user: root
vars_files:
- /srv/web/infra/ansible/vars/global.yml
tasks:
- name: Copy post-receive hook
command: cp /home/gitlab/gitlab/lib/hooks/post-receive /home/git/.gitolite/hooks/common/post-receive creates=/home/git/.gitolite/hooks/common/post-receive
- name: Set permissions on post-receive hook
file: state=file path=/home/git/.gitolite/hooks/common/post-receive owner=git group=git
- name: Put gitlab and gitlab-worker systemd files in place
template: src=$files/gitlab/$item.service dest=/lib/systemd/system/$item.service
with_items:
- gitlab
- gitlab-worker
- name: Symlink systemd files into /etc
command: creates=/etc/systemd/system/$item.service ln -s /usr/lib/systemd/system/$item.service /etc/systemd/system/
with_items:
- gitlab
- gitlab-worker
- name: Tell systemd to find the new files
command: systemctl --system daemon-reload
- name: Start gitlab at boot
command: systemctl enable gitlab
- name: Start gitlab now
command: systemctl start gitlab.service
- name: Configure Apache
template: src=$files/gitlab/vhost.conf dest=/etc/httpd/conf.d/gitlab.conf
- name: Allow Apache to proxy to Unicorn (SELinux)
command: setsebool -P httpd_can_network_connect 1
- name: Restart Apache
command: service httpd restart
- name: Fix iptables
template: src=$files/gitlab/iptables dest=/etc/sysconfig/iptables
- name: Restart iptables
command: service iptables restart
- name: Phabricator
user: root
hosts: gitlab-dev.cloud.fedoraproject.org
vars_files:
- /srv/web/infra/ansible/vars/global.yml
tasks:
- name: Install dependencies
yum: state=present name=$item
with_items:
- git
- subversion
- mercurial
- httpd
- php
- php-process
- php-mysql
- php-gd
- php-mbstring
- php-apc
- mysql-server
- python-pygments
# TODO: Make permanent.
- name: Set SELinux to permissive
selinux: policy=targeted state=permissive
- name: Set PHABRICATOR_ENV. Forever.
shell: creates=/etc/profile.d/phabricator.sh echo 'export PHABRICATOR_ENV=custom/myconfig' > /etc/profile.d/phabricator.sh
- name: Source the new profile
shell: source /etc/profile.d/phabricator.sh
- name: Configure Apache
template: src=$files/phabricator/phabricator-vhost.conf dest=/etc/httpd/conf.d/phabricator.conf
- name: Graceful Apache
command: service httpd graceful
- name: Clone facebook/libphutil
git: repo=git://github.com/facebook/libphutil dest=/srv/www/facebook/libphutil
- name: Clone facebook/arcanist
git: repo=git://github.com/facebook/arcanist dest=/srv/www/facebook/arcanist
- name: Clone facebook/phabricator
git: repo=git://github.com/facebook/phabricator dest=/srv/www/facebook/phabricator
- name: Create a conf/custom directory.
file: state=directory path=/srv/www/facebook/phabricator/conf/custom
- name: Place a starting-point custom config in /srv/www/facebook/phabricator/conf/custom/myconfig.conf.php
template: src=$files/phabricator/phabricator.conf.php dest=/srv/www/facebook/phabricator/conf/custom/myconfig.conf.php
- name: Create the databases and bring them up to date
action: command chdir=/srv/www/facebook/phabricator ./bin/storage upgrade --force
- name: Start PHD daemons
action: command chdir=/srv/www/facebook/phabricator ./bin/phd start
- name: Set up Trac 1.0.1
user: root
hosts: gitlab-dev.cloud.fedoraproject.org
vars_files:
- /srv/web/infra/ansible/vars/global.yml
tasks:
- name: Install dependencies
yum: state=present name=$item
with_items:
- git
- subversion
- httpd
- python-setuptools
- python-genshi
- python-pip
- mod_wsgi
- name: Grab latest Trac via pip.
pip: name=trac
- name: Directory structure
file: state=directory path=/srv/www/trac
- name: Trac WSGI File
template: src=$files/trac/trac.wsgi dest=/srv/www/trac/trac.wsgi
- name: Apache config
template: src=$files/trac/trac-vhost.conf dest=/etc/httpd/conf.d/trac.conf
- name: Apache restart
command: service httpd restart
Reference in a new issue View git blame Copy permalink