WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-03-19 19:46:38 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
11d11c214eaf9ea3b4db882b2f547bc3100ca656
fedora-infra_ansible/roles/logdetective/tasks/main.yml
Jiri Podivin 11d11c214e Skipping ansible-lint rules, in cases when it makes sense 
Signed-off-by: Jiri Podivin <jpodivin@redhat.com>
2026-02-10 10:23:23 +01:00

147 lines
3.8 KiB
YAML
Raw Blame History

---
- name: Import common cloud setup tasks
ansible.builtin.import_tasks: "{{ tasks_path }}/cloud_setup_basic.yml"
- name: Install basic packages
ansible.builtin.dnf:
name:
- python3-pip
- python3-devel
- pciutils
- git
- podman
- podman-compose
- wget
- gcc-c++
- firewalld
- certbot
- name: Download the cuda repofile
ansible.builtin.get_url:
url: https://developer.download.nvidia.com/compute/cuda/repos/fedora41/x86_64/cuda-fedora41.repo
dest: /etc/yum.repos.d/
mode: "0644"
tags:
- cuda_installation
- name: Install cuda
ansible.builtin.package:
name: cuda-toolkit-12
register: cuda_installation
tags:
- cuda_installation
- name: Restart the system
ansible.builtin.reboot:
when: cuda_installation.changed # noqa: no-handler
tags:
- cuda_installation
- name: Ensure state of secondary drive
ignore_errors: true # noqa: ignore-errors
when:
- drive_device is defined
block:
- name: Ensure mountpoint
ansible.builtin.file:
path: /mnt/srv
state: directory
mode: "0755"
- name: Mount the drive on boot
ansible.posix.mount:
src: "UUID={{ drive_device }}"
path: /mnt/srv
boot: true
state: mounted
fstype: ext4
- name: Create pip cache dir
ansible.builtin.file:
state: directory
path: /mnt/srv/.cache/pip
mode: "0777"
recurse: true
- name: Create Hugging Face cache dir
ansible.builtin.file:
state: directory
path: /mnt/srv/.cache/huggingface
mode: "0777"
recurse: true
- name: Set cache locations to the secondary drive
ansible.builtin.blockinfile:
create: true
path: /etc/profile.d/externalcaches.sh
block: |
export HUGGINGFACE_HUB_CACHE=/mnt/srv/.cache/huggingface
export PIP_CACHE_DIR=/mnt/srv/.cache/pip
mode: "0644"
- name: Set up CUDA binary paths
ansible.builtin.lineinfile:
path: /etc/profile.d/cudapath.sh
line: export PATH=/usr/local/cuda-12.8/bin${PATH:+:${PATH}}
- name: Use models directory on our secondary drive
ansible.builtin.lineinfile:
path: /etc/profile.d/models.sh
line: export MODELS_PATH=/mnt/srv/models/
create: true
mode: "0644"
# TODO Configure Podman to store data on our secondary drive in
# /mnt/srv/containers_storage/
# I couldn't figure how to do this, so I enlarged our primary disk from
# 20G to 50G, but this is not an ideal solution
# this should be set to ansible_hostname
# - name: "set hostname (required by some services, at least postfix need it)"
# hostname: name="{{copr_hostbase}}.cloud.fedoraproject.org"
# when: env != 'production'
# We should ideally configure this in /etc but I am not sure where and how.
# I would expect a drop-in config in /etc/containers/containers.conf.d/ to work
# but it doesn't.
- name: Podman cache on the secondary drive
ansible.builtin.lineinfile:
path: /usr/share/containers/storage.conf
regexp: '^graphroot = '
line: 'graphroot = "/mnt/srv/containers_storage"'
- name: Stop and disable nftables service
ansible.builtin.systemd:
name: nftables
state: stopped
enabled: false
- name: Start firewalld so that we can allow ports more easily
ansible.builtin.systemd:
name: firewalld
state: started
enabled: true
- name: Allow accessing 443 from the outside
ansible.posix.firewalld:
port: 443/tcp
permanent: true
state: enabled
- name: Allow accessing 8090 from the outside for Packit Interface
ansible.posix.firewalld:
port: 8090/tcp
permanent: true
state: enabled
- name: Allow HTTP and HTTPS in firewall
ansible.posix.firewalld:
service: "{{ item }}"
permanent: true
state: enabled
with_items:
- http
- https
Reference in New Issue View Git Blame Copy Permalink