commit 6f0523fdba423fdc3d101174f8d59c21d2e60d4f
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Wed Jul 31 15:02:21 2019 +0200
Sync playbooks
playbooks/groups/backup-server.yml | 6 ++++--
playbooks/groups/bastion.yml | 13 ++++++++-----
playbooks/groups/batcave.yml | 6 ++++--
playbooks/groups/buildvm.yml | 2 +-
playbooks/groups/fas.yml | 8 +++++---
playbooks/groups/koji-hub.yml | 26 ++++++--------------------
playbooks/groups/kojipkgs.yml | 4 +++-
playbooks/groups/packages.yml | 8 +++++---
playbooks/groups/postgresql-server.yml | 8 +++++---
playbooks/groups/proxies.yml | 22 +++++++++++++---------
playbooks/groups/sign-bridge.yml | 8 +++++---
playbooks/groups/virthost.yml | 11 ++++++++---
12 files changed, 67 insertions(+), 55 deletions(-)
---
diff --git a/playbooks/groups/backup-server.yml b/playbooks/groups/backup-server.yml
index 48723ba..0a7a6f3 100644
--- a/playbooks/groups/backup-server.yml
+++ b/playbooks/groups/backup-server.yml
@@ -8,7 +8,7 @@
user: root
gather_facts: True
- vars_files:
+ vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
@@ -27,8 +27,10 @@
nfs_src_dir: 'fedora_backups' }
- openvpn/client
- tasks:
+ pre_tasks:
- import_tasks: "{{ tasks_path }}/yumrepos.yml"
+
+ tasks:
- import_tasks: "{{ tasks_path }}/2fa_client.yml"
- import_tasks: "{{ tasks_path }}/motd.yml"
- import_tasks: "{{ tasks_path }}/rdiff_backup_server.yml"
diff --git a/playbooks/groups/bastion.yml b/playbooks/groups/bastion.yml
index 3ed10ea..4d45bc9 100644
--- a/playbooks/groups/bastion.yml
+++ b/playbooks/groups/bastion.yml
@@ -1,4 +1,4 @@
-#- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml
myhosts=bastion"
+- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml
myhosts=bastion"
- name: make the boxen be real for real
hosts: bastion
@@ -21,8 +21,10 @@
- { role: openvpn/server, when: not
inventory_hostname.startswith('bastion-comm01') }
- { role: packager_alias, when: not
inventory_hostname.startswith('bastion-comm01') }
- tasks:
+ pre_tasks:
- import_tasks: "{{ tasks_path }}/yumrepos.yml"
+
+ tasks:
- import_tasks: "{{ tasks_path }}/2fa_client.yml"
- import_tasks: "{{ tasks_path }}/motd.yml"
@@ -36,6 +38,7 @@
tasks:
- name: install needed packages
- package: name={{ item }} state=present
- with_items:
- - ipmitool
+ package:
+ state: present
+ name:
+ - ipmitool
diff --git a/playbooks/groups/batcave.yml b/playbooks/groups/batcave.yml
index 8907bef..136709c 100644
--- a/playbooks/groups/batcave.yml
+++ b/playbooks/groups/batcave.yml
@@ -32,9 +32,11 @@
- { role: nfs/client, mnt_dir: '/srv/web/pub', nfs_src_dir:
'fedora_ftp/fedora.redhat.com/pub' }
- { role: nfs/client, mnt_dir: '/mnt/fedora/app', nfs_src_dir:
'fedora_app/app' }
-
- tasks:
+
+ pre_tasks:
- import_tasks: "{{ tasks_path }}/yumrepos.yml"
+
+ tasks:
- import_tasks: "{{ tasks_path }}/2fa_client.yml"
- import_tasks: "{{ tasks_path }}/motd.yml"
diff --git a/playbooks/groups/buildvm.yml b/playbooks/groups/buildvm.yml
index 7092b11..57463fd 100644
--- a/playbooks/groups/buildvm.yml
+++ b/playbooks/groups/buildvm.yml
@@ -35,7 +35,7 @@
when: not inventory_hostname.startswith('bkernel')
- name: make sure kojid is running
- service: name=kojid state=running enabled=yes
+ service: name=kojid state=started enabled=yes
handlers:
- import_tasks: "{{ handlers_path }}/restart_services.yml"
diff --git a/playbooks/groups/fas.yml b/playbooks/groups/fas.yml
index 3e5e2d4..2e480b9 100644
--- a/playbooks/groups/fas.yml
+++ b/playbooks/groups/fas.yml
@@ -1,9 +1,9 @@
# create a new fas server
-- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml
myhosts=fas:fas-stg"
+- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml
myhosts=fas:fas_stg"
- name: make the box be real
- hosts: fas-stg:fas
+ hosts: fas_stg:fas
user: root
gather_facts: True
@@ -28,8 +28,10 @@
# - yubikey
# - totpcgi
- tasks:
+ pre_tasks:
- import_tasks: "{{ tasks_path }}/yumrepos.yml"
+
+ tasks:
- import_tasks: "{{ tasks_path }}/2fa_client.yml"
- import_tasks: "{{ tasks_path }}/motd.yml"
diff --git a/playbooks/groups/koji-hub.yml b/playbooks/groups/koji-hub.yml
index c1f3b6f..2428661 100644
--- a/playbooks/groups/koji-hub.yml
+++ b/playbooks/groups/koji-hub.yml
@@ -2,12 +2,12 @@
# NOTE: should be used with --limit most of the time
# NOTE: most of these vars_path come from group_vars/koji-hub or from hostvars
-- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml
myhosts=koji-stg:koji"
+- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml
myhosts=koji_stg:koji"
# Once the instance exists, configure it.
- name: make koji_hub server system
- hosts: koji-stg:koji
+ hosts: koji_stg:koji
user: root
gather_facts: True
@@ -51,6 +51,10 @@
- { role: koji_builder, when: env == "staging" or
inventory_hostname.startswith('s390') or
inventory_hostname.startswith('arm') }
- sudo
+
+ pre_tasks:
+ - import_tasks: "{{ tasks_path }}/yumrepos.yml"
+
tasks:
- name: create secondary volume dir for stg koji
file: dest=/mnt/koji/vol state=directory owner=apache group=apache mode=0755
@@ -60,27 +64,9 @@
file: src=/mnt/fedora_koji_prod/koji dest=/mnt/koji/vol/prod state=link
tags: koji_hub
when: env == 'staging'
- - import_tasks: "{{ tasks_path }}/yumrepos.yml"
- import_tasks: "{{ tasks_path }}/2fa_client.yml"
- import_tasks: "{{ tasks_path }}/motd.yml"
handlers:
- import_tasks: "{{ handlers_path }}/restart_services.yml"
-
-#- name: Start the kojid builder daemon, but only on staging.
-# # Really -- this should never be set for prod.
-# hosts:
koji-stg:s390-koji01.qa.rpmfusion.org
-# user: root
-# gather_facts: True
-#
-# # XXX - should these just be included in koji_builder and koji_hub roles?
-# tasks:
-# - name: make sure kojid is running
-# service: name=kojid state=running
-# tags:
-# - kojid
-# - name: make sure kojira is running
-# service: name=kojira state=running
-# tags:
-# - kojira
diff --git a/playbooks/groups/kojipkgs.yml b/playbooks/groups/kojipkgs.yml
index 4b53cf8..8eaedc3 100644
--- a/playbooks/groups/kojipkgs.yml
+++ b/playbooks/groups/kojipkgs.yml
@@ -10,6 +10,9 @@
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+ pre_tasks:
+ - import_tasks: "{{ tasks_path }}/yumrepos.yml"
+
roles:
- base
- rkhunter
@@ -31,7 +34,6 @@
- kojipkgs
tasks:
- - import_tasks: "{{ tasks_path }}/yumrepos.yml"
- import_tasks: "{{ tasks_path }}/2fa_client.yml"
- import_tasks: "{{ tasks_path }}/motd.yml"
diff --git a/playbooks/groups/packages.yml b/playbooks/groups/packages.yml
index f709d65..0345687 100644
--- a/playbooks/groups/packages.yml
+++ b/playbooks/groups/packages.yml
@@ -3,10 +3,10 @@
# NOTE: make sure there is room/space for this server on the vmhost
# NOTE: most of these vars_path come from group_vars/packages* or from hostvars
-- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml
myhosts=packages:packages-stg"
+- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml
myhosts=packages:packages_stg"
- name: make the box be real
- hosts: packages:packages-stg
+ hosts: packages:packages_stg
user: root
gather_facts: True
@@ -15,6 +15,9 @@
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+ pre_tasks:
+ - import_tasks: "{{ tasks_path }}/yumrepos.yml"
+
roles:
- base
- rkhunter
@@ -29,7 +32,6 @@
- apache
tasks:
- - import_tasks: "{{ tasks_path }}/yumrepos.yml"
- import_tasks: "{{ tasks_path }}/2fa_client.yml"
- import_tasks: "{{ tasks_path }}/motd.yml"
- import_tasks: "{{ tasks_path }}/mod_wsgi.yml"
diff --git a/playbooks/groups/postgresql-server.yml
b/playbooks/groups/postgresql-server.yml
index db4c57c..c4bca93 100644
--- a/playbooks/groups/postgresql-server.yml
+++ b/playbooks/groups/postgresql-server.yml
@@ -4,18 +4,21 @@
- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml
myhosts=db02.online.rpmfusion.net"
-# Once the instance exists, configure it.
+# Once the instance exists, configure it.
- name: configure postgresql server system
hosts:
db02.online.rpmfusion.net
user: root
gather_facts: True
- vars_files:
+ vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+ pre_tasks:
+ - import_tasks: "{{ tasks_path }}/yumrepos.yml"
+
roles:
- base
- rkhunter
@@ -29,7 +32,6 @@
- koji_db
tasks:
- - import_tasks: "{{ tasks_path }}/yumrepos.yml"
- import_tasks: "{{ tasks_path }}/2fa_client.yml"
- import_tasks: "{{ tasks_path }}/motd.yml"
diff --git a/playbooks/groups/proxies.yml b/playbooks/groups/proxies.yml
index 2d3171b..848dafe 100644
--- a/playbooks/groups/proxies.yml
+++ b/playbooks/groups/proxies.yml
@@ -1,9 +1,9 @@
# create a new proxy server
-- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml
myhosts=proxies:proxies-stg"
+- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml
myhosts=proxies:proxies_stg:!proxy05.fedoraproject.org"
- name: make the box be real
- hosts: proxies-stg:proxies
+ hosts: proxies_stg:proxies
user: root
gather_facts: True
@@ -12,8 +12,13 @@
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+ pre_tasks:
+ - include_vars: dir=/srv/web/infra/ansible/vars/all/ ignore_files=README
+ - import_tasks: "{{ tasks_path }}/yumrepos.yml"
+
roles:
- base
+ - fas_client
- rkhunter
- nagios/client
- collectd/base
@@ -24,11 +29,10 @@
- apache
tasks:
- - import_tasks: "{{ tasks_path }}/yumrepos.yml"
- import_tasks: "{{ tasks_path }}/2fa_client.yml"
- import_tasks: "{{ tasks_path }}/motd.yml"
- # You might think we would want these tasks on the proxy nodes, but they
+ # You might think we would want these tasks_path on the proxy nodes, but they
# actually deliver a configuration that our proxy-specific roles below then go
# and overwrite... so, let's just leave them out.
#- import_tasks: "{{ tasks_path }}/apache.yml"
@@ -57,7 +61,8 @@
- name: Set up the proxy basics
- hosts: proxies-stg:proxies
+ hosts: proxies_stg:proxies
+ strategy: free
user: root
gather_facts: False
@@ -125,7 +130,8 @@
- import_playbook: /srv/web/infra/ansible/playbooks/include/proxies-miscellaneous.yml
- name: Make sure we are deployed fully
- hosts: proxies-stg:proxies
+ hosts: proxies_stg:proxies
+ strategy: free
user: root
gather_facts: False
@@ -149,7 +155,7 @@
- reload httpd
#
- # If this is an initial deployment, make sure docs are synced over.
+ # If this is an initial deployment, make sure docs are synced over.
# Do not count these as changed ever
#
- name: make sure docs are synced. This could take a very very very logtime to finish
@@ -161,5 +167,3 @@
command: restorecon -R /srv
changed_when: false
- roles:
- - fas_client
diff --git a/playbooks/groups/sign-bridge.yml b/playbooks/groups/sign-bridge.yml
index df7a97d..e1906fb 100644
--- a/playbooks/groups/sign-bridge.yml
+++ b/playbooks/groups/sign-bridge.yml
@@ -6,10 +6,10 @@
# Access is via management interface only. This playbook does initial setup.
# Please check with rel-eng before doing anything here.
-#- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml
myhosts=sign-bridge"
+- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml
myhosts=sign_bridge"
- name: configure sign bridge server
- hosts: sign-bridge
+ hosts: sign_bridge
user: root
gather_facts: true
@@ -30,9 +30,11 @@
# owner_group: sigul
- sigul/bridge
+ pre_tasks:
+ - import_tasks: "{{ tasks_path
+
tasks:
- import_tasks: "{{ tasks_path }}/motd.yml"
- - import_tasks: "{{ tasks_path }}/yumrepos.yml"
- import_tasks: "{{ tasks_path }}/2fa_client.yml"
handlers:
diff --git a/playbooks/groups/virthost.yml b/playbooks/groups/virthost.yml
index d1c1377..7eac207 100644
--- a/playbooks/groups/virthost.yml
+++ b/playbooks/groups/virthost.yml
@@ -2,16 +2,22 @@
# NOTE: should be used with --limit most of the time
# NOTE: most of these vars_path come from group_vars/backup_server or from hostvars
+- import_playbook: "/srv/web/infra/ansible/playbooks/include/happy_birthday.yml
myhosts=virthost:bvirthost:buildvmhost:virthost_comm:colo_virt:virthost_communishift
+
- name: make virthost server system
- hosts:
virthost:bvirthost:buildvmhost:virthost-comm:colo-virt:!internetx01.rpmfu...
+ hosts: virthost:bvirthost:buildvmhost:virthost_comm:colo_virt:virthost_communishift
user: root
gather_facts: True
- vars_files:
+ vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+ pre_tasks:
+ - include_vars: dir=/srv/web/infra/ansible/vars/all/ ignore_files=README
+ - import_tasks: "{{ tasks_path }}/yumrepos.yml"
+
roles:
- base
- rkhunter
@@ -25,7 +31,6 @@
- virthost
tasks:
- - import_tasks: "{{ tasks_path }}/yumrepos.yml"
- import_tasks: "{{ tasks_path }}/2fa_client.yml"
- import_tasks: "{{ tasks_path }}/motd.yml"