WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-11 18:36:53 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
012447730e5696794deac2deb741bab16d2f28b2
fedora-infra_ansible/roles/taskotron/buildmaster/tasks/main.yml
Kamil Páral 780adf71a1 taskotron: upgrade production to F29
2019-04-09 19:27:11 +02:00

83 lines
3.3 KiB
YAML
Raw Blame History

---
- name: start httpd (provided in the apache role)
service: name=httpd state=started
- name: ensure packages required for buildmaster are installed
dnf: name={{ item }} state=present
with_items:
- buildbot-master
- buildbot-www
- python2-libsemanage
- python3-psycopg2
- policycoreutils-python-utils
- python3-treq
when: ansible_cmdline.ostree is not defined
- name: ensure additional packages required for CI buildmaster are installed
dnf: name={{ item }} state=present
when: deployment_type in ['qa-prod', 'qa-stg']
with_items:
- python-novaclient
- name: add the buildmaster user
user: name={{ buildmaster_user }} home={{ buildmaster_home }}
- name: ensure buildmaster user can use home directory (old)
file: path="{{ buildmaster_home }}" state=directory owner=buildmaster group=buildmaster mode=0775 setype=user_home_t
when: deployment_type == 'local'
- name: ensure buildmaster user can use home directory (new)
file: path="{{ buildmaster_home }}" state=directory owner=buildmaster group=buildmaster mode=0775
when: deployment_type in ['dev', 'stg', 'prod']
- name: set the selinux fcontext type for the buildmaster_home to var_lib_t
command: semanage fcontext -a -t var_lib_t "{{ buildmaster_home }}(/.*)?"
when: deployment_type in ['qa-stg']
- name: ensure correct fcontext for buildmaster home (new)
file: path="{{ buildmaster_home }}" setype=var_lib_t owner=buildmaster group=buildmaster mode=0775 state=directory
when: deployment_type in ['dev', 'stg', 'prod']
#- name: make sure the selinux fcontext is restored
# command: restorecon -R "{{ buildmaster_home }}"
# when: deployment_type in ['dev', 'stg', 'prod', 'qa-stg']
- name: allow httpd tcp connections with selinux
seboolean: name=httpd_can_network_connect state=true persistent=yes
- name: copy httpd config
template: src=buildmaster.conf.j2 dest=/etc/httpd/conf.d/buildmaster.conf owner=root group=root
notify:
- reload httpd
- name: ensure buildmaster database is created
delegate_to: "{{ buildmaster_db_host }}"
become: true
become_user: postgres
postgresql_db: db={{ buildmaster_db_name }}
- name: ensure dev db user has access to dev database
when: deployment_type in ['dev', 'stg']
delegate_to: "{{ buildmaster_db_host }}"
become: true
become_user: postgres
postgresql_user: db={{ buildmaster_db_name }} user={{ buildmaster_db_user }} password={{ buildmaster_db_password }} role_attr_flags=NOSUPERUSER
- name: ensure prod db user has access to prod database
when: deployment_type == 'prod'
delegate_to: "{{ buildmaster_db_host }}"
become: true
become_user: postgres
postgresql_user: db={{ buildmaster_db_name }} user={{ prod_buildmaster_db_user }} password={{ prod_buildmaster_db_password }} role_attr_flags=NOSUPERUSER
- name: ensure local db user has access to local database
when: deployment_type == 'local'
delegate_to: "{{ buildmaster_db_host }}"
become: true
become_user: postgres
postgresql_user: db={{ buildmaster_db_name }} user={{ local_buildmaster_db_user }} password={{ local_buildmaster_db_password }} role_attr_flags=NOSUPERUSER
- name: put robots.txt at web root of external hostname
when: robots_path is defined
template: src=robots.txt.j2 dest={{ robots_path }}/robots.txt owner=apache group=apache mode=0644
Reference in New Issue View Git Blame Copy Permalink