ansible/playbooks/hosts/lists-dev.cloud.fedoraproject.org.yml

- name: check/create instance
  hosts: lists-dev.cloud.fedoraproject.org
  user: root
  gather_facts: False

  vars_files: 
   - /srv/web/infra/ansible/vars/global.yml
   - "{{ private }}/vars.yml"

  tasks:
  - include: "{{ tasks }}/persistent_cloud.yml"

- name: provisions basics onto system/setup paths
  hosts: lists-dev.cloud.fedoraproject.org
  user: root
  gather_facts: True

  vars_files: 
   - /srv/web/infra/ansible/vars/global.yml
   - "{{ private }}/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  vars:
   - mailman_vardir: /srv/persist/mailman

  tasks:
  - include: "{{ tasks }}/cloud_setup_basic.yml"
  - include: "{{ tasks }}/postfix_basic.yml"

  - name: mount up disk of persistent storage
    action: mount name=/srv/persist src='LABEL=lists-dev' fstype=ext4 state=mounted

  - name: selinux status
    selinux: policy=targeted state=permissive

  # /srv/persist
  - name: mount up bind mount for postgres
    action: mount src=/srv/persist/pgsqldb name=/var/lib/pgsql fstype=auto opts=bind state=mounted
  - name: mount up bind mount for mailman
    action: mount src=/srv/persist/mailman name=/var/lib/mailman3 fstype=auto opts=bind state=mounted

  - name: get the repo file
    get_url: url=http://repos.fedorapeople.org/repos/abompard/hyperkitty/fedora-hyperkitty.repo
             dest=/etc/yum.repos.d/fedora-hyperkitty.repo mode=0444

  - name: install packages
    yum: state=installed name={{ item }}
    with_items:
      - httpd
      - mod_ssl
      - mod_wsgi
      - mailman
      - python-psycopg2
      - python-storm-postgresql
      - postgresql-server
      - system-config-firewall-base
      - rsync
      - openssh-clients
      - httpd-tools
      - cronie-noanacron

  - name: install apache and mod_wsgi
    yum: name=mod_wsgi state=installed
    notify:
      - restart apache

  - name: erase packages
    action: yum state=absent name={{ item }}
    with_items:
    - sendmail
    - cronie-anacron

  # open up ports (22, 80, 443, 25)
  - name: poke holes in the firewall
    command: lokkit {{ item }}
    with_items:
      - --service=ssh
      - --service=https
      - --service=http
      - --service=smtp

  # Database
  - name: initialize postgresql
    command: /usr/bin/postgresql-setup initdb
             creates=/var/lib/pgsql/data/postgresql.conf
  - name: copy pg_hba.conf
    copy: src="{{ files }}/lists-dev/pg_hba.conf" dest=/var/lib/pgsql/data/pg_hba.conf
    notify:
      - restart postgresql
  - name: start postgresql
    service: state=started name=postgresql

  handlers:
  - include: "{{ handlers }}/restart_services.yml"



- name: setup db users/passwords for hyperkitty
  hosts: hyperkitty-stg
  gather_facts: no
  sudo: yes
  sudo_user: postgres
  vars_files: 
   - /srv/web/infra/ansible/vars/global.yml
   - "{{ private }}/vars.yml"
   - "{{ vars_path }}/{{ ansible_distribution }}.yml"
  vars:
   - mailman_vardir: /srv/persist/mailman


  tasks:
    # mailman auto-updates its schema, there can only be one admin user
    - name: mailman DB user
      postgresql_user: name=mailmanadmin password={{ lists_dev_mm_db_pass }}
    - name: hyperkitty DB admin user
      postgresql_user: name=hyperkittyadmin password={{ lists_dev_hk_db_pass }}
    - name: hyperkitty DB user
      postgresql_user: name=hyperkittyapp password={{ lists_dev_hk_db_pass }}
    - name: kittystore DB admin user
      postgresql_user: name=kittystoreadmin password={{ lists_dev_ks_db_pass }}
    - name: kittystore DB user
      postgresql_user: name=kittystoreapp password={{ lists_dev_ks_db_pass }}
    - name: databases creation
      postgresql_db: name={{ item }} owner="{{ item }}admin" encoding=UTF-8
      with_items:
        - mailman
        - hyperkitty
        - kittystore

- name: setup mailman and hyperkitty
  hosts: hyperkitty-stg
  gather_facts: no
  vars_files: 
   - /srv/web/infra/ansible/vars/global.yml
   - "{{ private }}/vars.yml"
   - "{{ vars_path }}/{{ ansible_distribution }}.yml"
  vars:
   # override roles variables
   - mailman_dbserver: localhost
   - mailman_postfix_mydestination: lists-dev.cloud.fedoraproject.org
   - mailman_mm_db_pass: {{ lists_dev_mm_db_pass }}
   - mailman_hk_admin_db_pass: {{ lists_dev_hk_db_pass }}
   - mailman_hk_db_pass: {{ lists_dev_hk_db_pass }}
   - mailman_ks_admin_db_pass: {{ lists_dev_ks_db_pass }}
   - mailman_ks_db_pass: {{ lists_dev_ks_db_pass }}

  roles:
  - /srv/web/infra/ansible/roles/mailman

  tasks:

  - name: install more needed packages
    yum: pkg={{ item }} state=installed
    with_items:
    - tar
    - mailman # transition from mailman2.1
    tags:
    - packages

  #- name: easy access to the postgresql databases
  #  template: src="{{ files }}/lists-dev/pgpass.j2" dest=/root/.pgpass
  #            owner=root group=root mode=0600

  - name: send root mail to abompard
    lineinfile: dest=/etc/aliases regexp="^root:"
                line="root: abompard@fedoraproject.org"
    notify:
    - reload aliases


  # Start services
  - name: start services
    service: state=started enabled=yes name={{ item }}
    with_items:
    - httpd
    - postgresql
    - mailman3
    - postfix


  handlers:
  - include: "{{ handlers }}/restart_services.yml"
  - name: reload aliases
    command: newaliases