Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
ansible/roles/bodhi2/backend/tasks/main.yml

322 lines
8.4 KiB
YAML
Raw Blame History

---
# tasklist for setting up bodhi/masher (requires bodhi/base)
# This is the base set of files needed for bodhi/masher
- name: add ftpsync group
group: name=ftpsync gid=263 system=yes state=present
tags:
- bodhi
- name: add ftpsync user
user: name=ftpsync uid=263 group=ftpsync createhome=yes system=yes state=present
tags:
- bodhi
- name: add the ftpsync update-fullfilelist script
copy: src=update-fullfilelist dest=/usr/local/bin/update-fullfilelist owner=ftpsync group=ftpsync mode=555
tags:
- bodhi
- name: install needed packages
yum: pkg={{ item }} state=present
with_items:
- mock
- mash
- fedmsg-hub
- fedmsg-relay
- fedmsg-atomic-composer
- python-mock
- sigul
tags:
- packages
- bodhi
- name: add masher group
group: name=masher gid=751 system=yes state=present
tags:
- bodhi
# masher user 751
- name: add masher user as 751 - and group
user: name=masher uid=751 group=masher home=/home/masher groups=mock,ftpsync,bodhi
tags:
- bodhi
- name: change owner and group attributes of bodhi.pem file
file: >
path="/etc/pki/bodhi/bodhi.pem"
owner=masher
group=masher
when: inventory_hostname.startswith('bodhi-backend')
tags:
- bodhi
- config
- name: change owner and group attributes of /var/log/bodhi directory
file: path=/var/log/bodhi owner=masher group=masher
when: inventory_hostname.startswith('bodhi-backend')
tags:
- bodhi
- config
- name: setup /etc/bodhi/mash.conf file...
template: >
src=mash.conf
dest=/etc/bodhi/mash.conf
owner=masher
group=masher
mode=0640
tags:
- config
- bodhi
- name: change type part of SELinux file context
file: >
dest=/var/tmp/bodhi/comps/
setype=httpd_sys_script_rw_t
state=directory
recurse=yes
tags:
- config
- bodhi
#- name: change owner attribute of /var/tmp/bodhi-bz.cookie file
# file: >
# path=/var/tmp/bodhi-bz.cookie
# owner=masher
# tags:
# - config
# - bodhi
- name: install /etc/bodhi/*.mash files
copy: >
src="{{ item }}"
dest="/etc/bodhi/{{ item }}"
owner=masher
mode=0640
with_items:
- f21-updates.mash
- f21-updates-testing.mash
- f22-updates.mash
- f22-updates-testing.mash
- f23-updates.mash
- f23-updates-testing.mash
- el6-epel.mash
- el6-epel-testing.mash
- epel7.mash
- epel7-testing.mash
tags:
- config
- bodhi
# tasks for setting up epelmasher
- name: install needed packages
yum: pkg={{ item }} state=present
with_items:
- repoview
tags:
- packages
- bodhi
#
# cron job that syncs packages to koji
#
#- name: put owner-sync-pkgdb in place
# template: src=owner-sync-pkgdb.j2 dest=/usr/local/bin/owner-sync-pkgdb mode=0755
# tags:
# - config
# - bodhi
- name: sync packages from pkgdb2 to koji (el5)
cron: name="owner-sync-el5" minute="7,17,27,37,47,57" user="root"
job="/usr/local/bin/owner-sync-pkgdb dist-5E-epel"
cron_file=update-koji-owner-EL-5
state=absent
when: inventory_hostname.startswith('bodhi-backend01') and env == "production"
tags:
- bodhi
- name: sync packages from pkgdb2 to koji (el6)
cron: name="owner-sync-el5" minute="7,17,27,37,47,57" user="root"
job="/usr/local/bin/owner-sync-pkgdb dist-6E-epel"
cron_file=update-koji-owner-EL-6
state=absent
when: inventory_hostname.startswith('bodhi-backend01') and env == "production"
tags:
- bodhi
- name: sync packages from pkgdb2 to koji (epel7)
cron: name="owner-sync-el5" minute="7,17,27,37,47,57" user="root"
job="/usr/local/bin/owner-sync-pkgdb epel7"
cron_file=update-koji-owner-epel7
state=absent
when: inventory_hostname.startswith('bodhi-backend01') and env == "production"
tags:
- bodhi
- name: sync packages from pkgdb2 to koji (f20)
cron: name="owner-sync-el5" minute="7,17,27,37,47,57" user="root"
job="/usr/local/bin/owner-sync-pkgdb f20"
cron_file=update-koji-owner-f20
state=absent
when: inventory_hostname.startswith('bodhi-backend01')
tags:
- bodhi
#
# cron job that syncs updates to master mirror
#
- name: put fedora-updates-push in place
copy: src=fedora-updates-push dest=/usr/local/bin/fedora-updates-push mode=0755
when: inventory_hostname.startswith('bodhi-backend01') and env == "production"
tags:
- config
- bodhi
- cron
- name: put fedora-epel-push in place
copy: src=fedora-epel-push dest=/usr/local/bin/fedora-epel-push mode=0755
when: inventory_hostname.startswith('bodhi-backend01') and env == "production"
tags:
- config
- bodhi
- cron
- name: put update-fullfilelist in place
copy: src=update-fullfilelist dest=/usr/local/bin/update-fullfilelist mode=0755
when: inventory_hostname.startswith('bodhi-backend01') and env == "production"
tags:
- config
- bodhi
- cron
- name: Updates sync cron job.
cron: name="updates-sync" minute="15,45" user="ftpsync"
job="/usr/local/bin/lock-wrapper fedora-updates-push '/usr/local/bin/fedora-updates-push && /usr/local/bin/update-fullfilelist fedora"
cron_file=updates-sync
when: inventory_hostname.startswith('bodhi-backend01') and env == "production"
tags:
- config
- bodhi
- cron
- name: epel Updates sync cron job.
cron: name="epel-updates-sync" minute="15,45" user="ftpsync"
job="/usr/local/bin/lock-wrapper fedora-epel-push '/usr/local/bin/fedora-epel-push && /usr/local/bin/update-fullfilelist epel"
cron_file=updates-sync
when: inventory_hostname.startswith('bodhi-backend01') and env == "production"
tags:
- config
- bodhi
- cron
- name: directory sizes update cron job.
cron: name="directory-sizes-update" minute="30" hour="19" user="ftpsync"
job="/usr/bin/find /srv/pub/alt/ /srv/pub/archive/ /srv/pub/fedora-secondary/ /srv/pub/fedora/ /srv/pub/epel/ -type d ! -path '/srv/pub/fedora/.snapshot*' ! -path '/srv/pub/epel/.snapshot*' ! -path '/srv/pub/alt/.snapshot*' ! -path '/srv/pub/archive/.snapshot*' ! -path '/srv/pub/fedora-secondary/.snapshot*' ! -path '/srv/pub/alt/stage*' ! -path '/srv/pub/alt/tmp' ! -path '/srv/pub/alt/screenshots/f21/source' | grep -v snapshot | /usr/bin/xargs -n 1 /usr/bin/du --exclude=.snapshot --exclude=stage -sh > /tmp/DIRECTORY_SIZES.txt 2> /dev/null; cp /tmp/DIRECTORY_SIZES.txt /srv/pub/"
cron_file=directory-sizes-update
when: inventory_hostname.startswith('bodhi-backend01') and env == "production"
tags:
- config
- bodhi
- cron
- name: have the masher own the bodhi config
file: >
path="/etc/bodhi/production.ini"
owner=masher
group=masher
when: inventory_hostname.startswith('bodhi')
tags:
- config
- bodhi
- name: make a mnt/koji link
file: state=link src=/mnt/fedora_koji/koji dest=/mnt/koji
when: env != 'staging'
tags:
- bodhi
- name: create the /usr/lib/systemd/system/fedmsg-hub.service.d drop-in directory
file: path=/usr/lib/systemd/system/fedmsg-hub.service.d state=directory mode=0755
tags:
- config
- bodhi
- name: install a femdsg-hub.service drop-in to run it as the masher
copy: >
src="fedmsg-hub.conf"
dest="/usr/lib/systemd/system/fedmsg-hub.service.d/fedmsg-hub.conf"
owner=root
group=root
mode=0644
notify:
- reload systemd
- restart fedmsg-hub
tags:
- bodhi
- config
- name: have the masher own /var/cache/mash
file: >
path="/var/cache/mash"
owner=masher
group=masher
when: inventory_hostname.startswith('bodhi-backend')
tags:
- config
- bodhi
- name: have the masher own /var/cache/bodhi because of course..
file: >
path="/var/cache/bodhi"
owner=masher
group=masher
when: inventory_hostname.startswith('bodhi-backend')
tags:
- config
- bodhi
- name: ensure that nrpe has rights to monitor us (dir)
file: >
dest=/var/run/fedmsg
mode=0775
owner=masher
group=nrpe
state=directory
ignore_errors: true
notify:
- restart fedmsg-hub
tags:
- fedmsgmonitor
- bodhi
- name: ensure that nrpe has rights to monitor us (file)
file: >
dest=/var/run/fedmsg/monitoring-fedmsg-hub.socket
mode=0775
owner=masher
group=nrpe
state=file
ignore_errors: true
tags:
- fedmsgmonitor
- bodhi
- name: install our atomic composer config
template: >
src=atomic-config.py.j2
dest=/usr/lib/python2.7/site-packages/fedmsg_atomic_composer/config.py
owner=masher
mode=0644
tags:
- config
- bodhi
- atomic
- name: ensure apache is disabled on the backend
service: name=httpd enabled=no state=stopped
tags:
- bodhi
Reference in a new issue View git blame Copy permalink