mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-04-28 20:42:20 +08:00
74 lines
2.0 KiB
YAML
74 lines
2.0 KiB
YAML
---
|
|
# Configuration for the fedoauth webapp
|
|
|
|
- name: clean yum metadata
|
|
command: yum clean all
|
|
tags:
|
|
- packages
|
|
|
|
- name: install needed packages
|
|
yum: pkg={{ item }} state=present
|
|
with_items:
|
|
- fedoauth
|
|
- fedoauth-template-fedora
|
|
- fedoauth-backend-fedora
|
|
- fedoauth-provider-openid
|
|
- fedoauth-provider-persona
|
|
- python-psycopg2
|
|
- libsemanage-python
|
|
tags:
|
|
- packages
|
|
|
|
- name: copy fedoauth configuration
|
|
template: src=fedoauth.cfg
|
|
dest=/etc/fedoauth/fedoauth.cfg
|
|
owner=fedoauth group=fedoauth mode=0600
|
|
tags:
|
|
- config
|
|
notify:
|
|
- restart apache
|
|
|
|
- name: copy fedoauth logging configuration
|
|
template: src=fedoauth.log.cfg
|
|
dest=/etc/fedoauth/fedoauth.log.cfg
|
|
owner=fedoauth group=fedoauth mode=0600
|
|
tags:
|
|
- config
|
|
notify:
|
|
- restart apache
|
|
|
|
- name: copy fedoauth private key
|
|
copy: src={{ private }}/files/fedoauth/persona.key dest=/etc/fedoauth/persona.key
|
|
owner=fedoauth group=fedoauth mode=0600
|
|
when: env != "staging"
|
|
|
|
- name: copy fedoauth STG private key
|
|
copy: src={{ private }}/files/fedoauth/persona.stg.key dest=/etc/fedoauth/persona.stg.key
|
|
owner=fedoauth group=fedoauth mode=0600
|
|
when: env == "staging"
|
|
|
|
- name: create the database scheme
|
|
command: /usr/bin/python2 /usr/share/fedoauth/createdb.py
|
|
environment:
|
|
FEDOAUTH_CONFIG: /etc/fedoauth/fedoauth.cfg
|
|
|
|
#- name: Clean the database
|
|
# command: /usr/bin/python2 /usr/share/fedoauth/cleanup.py
|
|
# environment:
|
|
# FEDOAUTH_CONFIG: /etc/fedoauth/fedoauth.cfg
|
|
|
|
- name: set sebooleans so fedoauth can talk to the db
|
|
action: seboolean name=httpd_can_network_connect_db
|
|
state=true
|
|
persistent=true
|
|
|
|
- name: set sebooleans so fedoauth can send error logs
|
|
action: seboolean name=httpd_can_network_connect
|
|
state=true
|
|
persistent=true
|
|
|
|
- name: apply selinux type to the wsgi file
|
|
file: >
|
|
dest=/usr/share/fedoauth/fedoauth.wsgi
|
|
setype=httpd_sys_content_t
|