diff --git a/roles/mirrormanager/frontend/files/mirrormanager-app.conf b/roles/mirrormanager/frontend/files/mirrormanager-app.conf
deleted file mode 100644
index 9aa2c2c1e0..0000000000
--- a/roles/mirrormanager/frontend/files/mirrormanager-app.conf
+++ /dev/null
@@ -1,35 +0,0 @@
-Alias /mirrormanager/static /usr/share/mirrormanager/server/mirrormanager/static
-Alias /mirrormanager/crawler /var/log/mirrormanager/crawler
-
-WSGISocketPrefix /var/run/mirrormanager/wsgi
-WSGIRestrictSignal Off
-
-WSGIDaemonProcess mirrormanager user=mirrormanager group=mirrormanager display-name=mirrormanager maximum-requests=1000 processes=4 threads=1 umask=0007
-WSGIPythonOptimize 1
-
-WSGIScriptAlias /mirrormanager /usr/share/mirrormanager/server/mirrormanager.wsgi/mirrormanager
-
-
- WSGIProcessGroup mirrormanager
-
- # Apache 2.4
- Require all granted
-
-
- # Apache 2.2
- Order deny,allow
- Allow from all
-
-
-
-
-
- # Apache 2.4
- Require all granted
-
-
- # Apache 2.2
- Order deny,allow
- Allow from all
-
-
diff --git a/roles/mirrormanager/frontend/meta/main.yml b/roles/mirrormanager/frontend/meta/main.yml
deleted file mode 100644
index 4590c3dc7f..0000000000
--- a/roles/mirrormanager/frontend/meta/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-dependencies:
- - { role: mirrormanager/package }
diff --git a/roles/mirrormanager/frontend/tasks/main.yml b/roles/mirrormanager/frontend/tasks/main.yml
index 7ed2b992a9..6764ecc5c9 100644
--- a/roles/mirrormanager/frontend/tasks/main.yml
+++ b/roles/mirrormanager/frontend/tasks/main.yml
@@ -1,19 +1,41 @@
---
-# tasklist for setting up the mirrormanager app components
+# tasklist for setting up the mirrormanager web application
+
+- name: clean yum metadata
+ command: yum clean all
+ tags:
+ - packages
+
+- name: install needed packages
+ yum: pkg={{ item }} state=present
+ with_items:
+ - mirrormanager
+ - python-psycopg2
+ - python-openid-cla
+ - python-openid-teams
+ - python-memcached
+ - libsemanage-python
+ tags:
+ - packages
+
+- name: install configuration file
+ template: src={{ item.file }} dest={{ item.dest }}
+ owner=apache group=apache mode=0600
+ with_items:
+ - { file: mirrormanager.conf dest: /etc/httpd/conf.d/mirrormanager.conf }
+ - { file: mirrormanager2.cfg dest: /etc/mirrormanager/mirrormanager2.cfg }
+ - { file: mirrormanager2.wsgi dest: /var/www/mirrormanager2.wsgi }
+ notify:
+ - restart httpd
+ tags:
+ - config
+
+- name: create the database scheme
+ command: /usr/bin/python2 /usr/share/mirrormanager2/mirrormanager2_createdb.py
+ environment:
+ MM2_CONFIG: /etc/mirrormanager/mirrormanager2.cfg
- name: set sebooleans so mirrormanager can connect to its db
action: seboolean name=httpd_can_network_connect_db
state=true
persistent=true
-
-- name: install /etc/httpd/conf.d/mirrormanager-app.conf
- copy: >
- src="mirrormanager-app.conf"
- dest="/etc/httpd/conf.d/mirrormanager.conf"
- owner=root
- group=root
- mode=0644
- notify:
- - restart httpd
- tags:
- - config
diff --git a/roles/mirrormanager/frontend/templates/mirrormanager.conf b/roles/mirrormanager/frontend/templates/mirrormanager.conf
new file mode 100644
index 0000000000..4130aa669f
--- /dev/null
+++ b/roles/mirrormanager/frontend/templates/mirrormanager.conf
@@ -0,0 +1,24 @@
+# Apache configuration file for mirrormanager2
+
+Alias /mirrormanager/static /usr/lib/python2.7/site-packages/mirrormanager2/static/
+
+WSGIDaemonProcess mirrormanager user=apache maximum-requests=1000 display-name=mirrormanager processes=2 threads=1
+WSGISocketPrefix run/wsgi
+WSGIRestrictStdout On
+WSGIRestrictSignal Off
+WSGIPythonOptimize 1
+
+WSGIScriptAlias /mirrormanager /var/www/mirrormanager2.wsgi
+
+
+ WSGIProcessGroup mirrormanager
+
+ # Apache 2.4
+ Require all granted
+
+
+ # Apache 2.2
+ Order deny,allow
+ Allow from all
+
+
diff --git a/roles/mirrormanager/frontend/templates/mirrormanager2.cfg b/roles/mirrormanager/frontend/templates/mirrormanager2.cfg
new file mode 100644
index 0000000000..fcf85042a0
--- /dev/null
+++ b/roles/mirrormanager/frontend/templates/mirrormanager2.cfg
@@ -0,0 +1,140 @@
+# -*- coding: utf-8 -*-
+
+'''
+MirrorManager2 sample configuration.
+'''
+
+###
+# Most important configuration items
+###
+
+
+# url to the database server:
+DB_URL='postgresql://{{ mirrormanager_db_user }}:{{ mirrormanager_db_pass }}@{{ mirrormanager_db_host }}/{{ mirrormanager_db_name }}'
+
+# the number of items to display on the search pages
+# Default: ``50``.
+ITEMS_PER_PAGE = 50
+
+# secret key used to generate unique csrf token
+SECRET_KEY = '{{ mirrormanager_secret_key }}'
+
+# Seed used to make the password harder to brute force in case of leaking
+# This should be kept really secret!
+PASSWORD_SEED = "{{ mirrormanager_password_seed }}"
+
+
+
+###
+# Other configuration items for the web-app
+###
+
+from datetime import timedelta
+
+# Set the time after which the session expires. Flask's default is 31 days.
+# Default: ``timedelta(hours=1)`` corresponds to 1 hour.
+PERMANENT_SESSION_LIFETIME = timedelta(hours=1)
+
+# Folder containing the theme to use.
+# Default: ``fedora``.
+THEME_FOLDER = 'fedora'
+
+# Which authentication method to use, defaults to `fas` can be or `local`
+# Default: ``fas``.
+MM_AUTHENTICATION = 'fas'
+
+# If the authentication method is `fas`, groups in which should be the user
+# to be recognized as an admin.
+ADMIN_GROUP = ('sysadmin-main', 'sysadmin-web')
+
+# Email address used in the 'From' field of the emails sent.
+# Default: ``nobody@fedoraproject.org``.
+EMAIL_FROM = 'nobody@fedoraproject.org'
+
+# SMTP server to use,
+# Default: ``localhost``.
+SMTP_SERVER = 'localhost'
+
+# When this is set to True, the session cookie will only be returned to the
+# server via ssl (https). If you connect to the server via plain http, the
+# cookie will not be sent. This prevents sniffing of the cookie contents.
+# This may be set to False when testing your application but should always
+# be set to True in production.
+# Default: ``True``.
+MM_COOKIE_REQUIRES_HTTPS = True
+
+# The name of the cookie used to store the session id.
+# Default: ``.MirrorManager``.
+MM_COOKIE_NAME = 'MirrorManager'
+
+# If not specified the application will rely on the root_url when sending
+# emails, otherwise it will use this URL
+# Default: ``None``.
+APPLICATION_URL = None
+
+# Boolean specifying wether to check the user's IP address when retrieving
+# its session. This make things more secure (thus is on by default) but
+# under certain setup it might not work (for example is there are proxies
+# in front of the application).
+CHECK_SESSION_IP = True
+
+
+
+###
+# Configuration options used by the crons
+###
+
+
+umdl_master_directories = [
+ {
+ 'type': 'directory',
+ 'path': '../testdata/pub/epel/',
+ 'category': 'Fedora EPEL'
+ },
+ {
+ 'type': 'directory',
+ 'path': '../testdata/pub/fedora/linux/',
+ 'category': 'Fedora Linux'
+ },
+ {
+ 'type': 'directory',
+ 'path': '../testdata/pub/fedora-secondary/',
+ 'category': 'Fedora Secondary Arches'
+ },
+ {
+ 'type': 'directory',
+ 'path': '../testdata/pub/archive/',
+ 'category': 'Fedora Archive'
+ },
+ {
+ 'type': 'directory',
+ 'path': '../testdata/pub/alt/',
+ 'category': 'Fedora Other'
+ },
+# {
+# 'type':'directory',
+# 'path':'../testdata/pub/fedora/linux/',
+# 'category':'Fedora Linux',
+# 'excludes':['.*/core/?.*', '.*/extras/?.*', '.*/[7-8]/?.*' ]
+# },
+# {
+# 'type':'rsync',
+# 'url':'rsync://archive.ubuntu.com/ubuntu/',
+# 'category':'Ubuntu Archive'
+# },
+# {
+# 'type':'rsync',
+# 'url':'rsync://releases.ubuntu.com/releases/',
+# 'category':'Ubuntu CD Images'
+# },
+# {
+# 'type':'rsync',
+# 'url':'rsync://ports.ubuntu.com/ubuntu-ports/',
+# 'category':'Ubuntu Ports Archive'
+# },
+# {
+# 'type':'rsync',
+# 'url':'rsync://security.ubuntu.com/ubuntu/',
+# 'category':'Ubuntu Security Archive'
+# },
+]