From e5cef312a8da07845edfa9eb7f763071b6470a0a Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Wed, 11 Jun 2025 09:04:49 -0700
Subject: [PATCH] bodhi-backend01.rdu3: add bodhi-backend in rdu3

This does not include actual bodhi role or nfs mounts yet.
It's mostly just to allow testing of new signing infra.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 .../bodhi-backend01.rdu3.fedoraproject.org    | 23 +++++++++++++++++++
 inventory/inventory                           |  2 ++
 playbooks/groups/bodhi-backend.yml            | 22 +++++++++++-------
 3 files changed, 39 insertions(+), 8 deletions(-)
 create mode 100644 inventory/host_vars/bodhi-backend01.rdu3.fedoraproject.org

diff --git a/inventory/host_vars/bodhi-backend01.rdu3.fedoraproject.org b/inventory/host_vars/bodhi-backend01.rdu3.fedoraproject.org
new file mode 100644
index 0000000000..fdc72f9818
--- /dev/null
+++ b/inventory/host_vars/bodhi-backend01.rdu3.fedoraproject.org
@@ -0,0 +1,23 @@
+---
+# These set a config value, see roles/bodhi2/base/
+bodhi_masher_enabled: True
+bodhi_signed_handler_enabled: False
+bodhi_updates_handler_enabled: False
+datacenter: rdu3
+dns: 10.16.163.33
+dns1: 10.16.163.33
+dns2: 10.16.163.34
+eth0_ipv4_gw: 10.16.169.254
+eth0_ipv4_ip: 10.16.169.101
+ks_repo: https://infrastructure.fedoraproject.org/pub/fedora/linux/releases/42/Server/x86_64/os/
+ks_url: https://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-fedora
+max_mem_size: 98304
+mem_size: 98304
+num_cpus: 30
+sar_output_file: bodhi.json
+# GDPR SAR variables
+sar_script: /usr/bin/bodhi-sar
+sar_script_user: apache
+virt_install_command: "{{ virt_install_command_one_nic }}"
+vmhost: bvmhost-x86-01.rdu3.fedoraproject.org
+volgroup: /dev/vg_guests
diff --git a/inventory/inventory b/inventory/inventory
index ec966f6c05..3f15e7ab0d 100644
--- a/inventory/inventory
+++ b/inventory/inventory
@@ -107,6 +107,7 @@ mailman01.stg.iad2.fedoraproject.org
 [bodhi_backend]
 # This one handles the mashing/releng stuff
 bodhi-backend01.iad2.fedoraproject.org
+bodhi-backend01.rdu3.fedoraproject.org
 
 [bodhi_backend_stg]
 bodhi-backend01.stg.iad2.fedoraproject.org
@@ -920,6 +921,7 @@ bodhi-backend01.iad2.fedoraproject.org
 
 [sar]
 bodhi-backend01.iad2.fedoraproject.org
+bodhi-backend01.rdu3.fedoraproject.org
 mailman01.iad2.fedoraproject.org
 people01.fedoraproject.org
 pagure02.fedoraproject.org
diff --git a/playbooks/groups/bodhi-backend.yml b/playbooks/groups/bodhi-backend.yml
index f888a07e4d..9bf0e5c30a 100644
--- a/playbooks/groups/bodhi-backend.yml
+++ b/playbooks/groups/bodhi-backend.yml
@@ -45,53 +45,57 @@
     mnt_dir: '/mnt/fedora_koji'
     nfs_src_dir: 'fedora_koji'
 
-  - bodhi2/backend
+  - { role: bodhi2/backend, when: datacenter != 'rdu3 }
 
   - role: nfs/client
     mnt_dir: '/mnt/koji/ostree'
     nfs_src_dir: 'fedora_ostree_content/ostree'
-    when: env != 'staging'
+    when: env != 'staging' and datacenter == 'iad2'
 
   - role: nfs/client
     mnt_dir: '/mnt/koji/compose/ostree'
     nfs_src_dir: 'fedora_ostree_content/compose/ostree'
-    when: env != 'staging'
+    when: env != 'staging' and datacenter == 'iad2'
 
   - role: nfs/client
     mnt_dir: '/mnt/koji/ostree'
     nfs_src_dir: 'fedora_ostree_content_stg/ostree'
-    when: env == 'staging'
+    when: env == 'staging' and datacenter == 'iad2'
 
   - role: nfs/client
     mnt_dir: '/mnt/koji/compose/ostree'
     nfs_src_dir: 'fedora_ostree_content_stg/compose/ostree'
-    when: env == 'staging'
+    when: env == 'staging' and datacenter == 'iad2'
 
     # In staging, we mount fedora_koji as read only (see nfs_mount_opts)
   - role: nfs/client
     mnt_dir: '/mnt/fedora_koji_prod'
     nfs_src_dir: 'fedora_koji'
-    when: env == 'staging'
+    when: env == 'staging' and datacenter == 'iad2'
 
   - role: nfs/client
     mnt_dir: '/pub/'
     nfs_src_dir: 'fedora_ftp/fedora.redhat.com/pub/'
+    when: datacenter == 'iad2'
 
   - role: nfs/client
     mnt_dir: '/pub/archive'
     nfs_src_dir: 'fedora_ftp_archive'
+    when: datacenter == 'iad2'
 
   - role: keytab/service
     owner_user: apache
     owner_group: apache
     service: bodhi
     host: "bodhi{{ env_suffix }}.fedoraproject.org"
+    when: datacenter == 'iad2'
 
   - role: push-container-registry
     cert_dest_dir: "/etc/docker/certs.d/registry{{ env_suffix }}.fedoraproject.org"
     cert_src: "{{private}}/files/docker-registry/{{env}}/pki/issued/containerstable.crt"
     key_src: "{{private}}/files/docker-registry/{{env}}/pki/private/containerstable.key"
     certs_group: apache
+    when: datacenter == 'iad2'
 
   - role: rabbit/queue
     queue_username: "bodhi{{ env_suffix }}"
@@ -101,6 +105,7 @@
       warning: 10
       critical: 100
     user_sent_topics: "{{ bodhi_sent_topics }}"
+    when: datacenter == 'iad2'
 
   - role: rabbit/queue
     queue_username: "bodhi{{ env_suffix }}"
@@ -112,16 +117,17 @@
       critical: 100
     # We have to repeat this line for now (only the last one counts)
     user_sent_topics: "{{ bodhi_sent_topics }}"
+    when: datacenter == 'iad2'
 
   tasks:
   - name: Create secondary volume dir for stg bodhi
     ansible.builtin.file: dest=/mnt/koji/vol state=directory owner=apache group=apache mode=0755
     tags: bodhi
-    when: env == 'staging'
+    when: env == 'staging' and datacenter == 'iad2'
   - name: Create symlink for stg/prod secondary volume
     ansible.builtin.file: src=/mnt/fedora_koji_prod/koji dest=/mnt/koji/vol/prod state=link
     tags: bodhi
-    when: env == 'staging'
+    when: env == 'staging' and datacenter == 'iad2'
 
   handlers:
   - import_tasks: "{{ handlers_path }}/restart_services.yml"