mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-05-01 05:51:56 +08:00
2ec055db6f
This will unify all the handlers to use first uppercase letter for ansible-lint to stop complaining. I went through all `notify:` occurrences and fixed them by running ``` set TEXT "text_to_replace"; set REPLACEMENT "replacement_text"; git grep -rlz "$TEXT" . | xargs -0 sed -i "s/$TEXT/$REPLACEMENT/g" ``` Then I went through all the changes and removed the ones that wasn't expected to be changed. Fixes https://pagure.io/fedora-infrastructure/issue/12391 Signed-off-by: Michal Konecny <mkonecny@redhat.com>
117 lines
3.0 KiB
YAML
117 lines
3.0 KiB
YAML
---
|
|
- name: Make sure the ticketkey is deployed
|
|
ansible.builtin.copy: src=/root/ticketkey_{{env}}.tkey dest=/etc/httpd/ticketkey_{{env}}.tkey
|
|
owner=root group=root mode=0600
|
|
notify:
|
|
- Reload proxyhttpd
|
|
|
|
- name: Copy in the main httpd.conf file for proxy nodes
|
|
ansible.builtin.template: >
|
|
src=httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf
|
|
owner=root group=root mode=0644
|
|
notify:
|
|
- Reload proxyhttpd
|
|
tags:
|
|
- httpd
|
|
- httpd/proxy
|
|
|
|
- name: Make sure certain files are gone
|
|
ansible.builtin.file: dest=/etc/httpd/conf.d/{{item}} state=absent
|
|
with_items:
|
|
- welcome.conf
|
|
tags:
|
|
- httpd
|
|
- httpd/proxy
|
|
|
|
- name: Copy over some basic configs into /etc/httpd/conf.d/
|
|
ansible.builtin.template: >
|
|
src={{item}} dest=/etc/httpd/conf.d/{{item}}
|
|
owner=root group=root mode=0644
|
|
with_items:
|
|
- forwarded.conf
|
|
- 02-ticketkey.conf
|
|
- 03-reqtimeout.conf
|
|
notify:
|
|
- Reload proxyhttpd
|
|
tags:
|
|
- httpd
|
|
- httpd/proxy
|
|
|
|
- name: Remove the keepalives configuration
|
|
ansible.builtin.file: path=/etc/httpd/conf.d/01-keepalives.conf state=absent
|
|
notify:
|
|
- Reload proxyhttpd
|
|
tags:
|
|
- httpd
|
|
- httpd/proxy
|
|
|
|
- name: Set the apache mpm to use event MPM
|
|
ansible.builtin.copy: src=00-mpm.conf dest=/etc/httpd/conf.modules.d/00-mpm.conf
|
|
notify:
|
|
- Reload proxyhttpd
|
|
tags:
|
|
- httpd
|
|
- httpd/proxy
|
|
|
|
- name: Install libsemanage
|
|
ansible.builtin.package:
|
|
state: present
|
|
name:
|
|
- libsemanage-python
|
|
tags:
|
|
- httpd
|
|
- httpd/proxy
|
|
- selinux
|
|
when: (ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 8) or (ansible_distribution_major_version|int < 30 and ansible_distribution == 'Fedora')
|
|
|
|
- name: Install libsemanage in a python3 manner
|
|
ansible.builtin.package:
|
|
state: present
|
|
name:
|
|
- python3-libsemanage
|
|
tags:
|
|
- httpd
|
|
- httpd/proxy
|
|
- selinux
|
|
when: (ansible_distribution_major_version|int >= 30 and ansible_distribution == 'Fedora') or (ansible_distribution == 'RedHat' and ansible_distribution_major_version|int >= 8)
|
|
|
|
- name: Turn on certain selinux booleans we need for our proxy layer
|
|
seboolean: name={{ item }} state=true persistent=true
|
|
with_items:
|
|
# We need this for httpd to be able to reverseproxy to other machines.
|
|
- httpd_can_network_connect
|
|
tags:
|
|
- httpd
|
|
- httpd/proxy
|
|
- selinux
|
|
|
|
- name: Create pki/httpd
|
|
ansible.builtin.file: path=/etc/pki/httpd state=directory
|
|
owner=root group=root mode=0600
|
|
tags:
|
|
- httpd
|
|
- httpd/proxy
|
|
|
|
- name: Disable systemd-oomd we do not need or want it
|
|
service: name=systemd-oomd state=stopped enabled=no
|
|
tags:
|
|
- httpd
|
|
- httpd/proxy
|
|
- disablesystemdoomd
|
|
|
|
- name: Create systemd drop in dir for httpd
|
|
ansible.builtin.file: path=/etc/systemd/system/httpd.service.d/ state=directory
|
|
tags:
|
|
- httpd
|
|
- httpd/proxy
|
|
- httpdoverride
|
|
|
|
- name: Create systemd drop in dir for httpd
|
|
ansible.builtin.copy: src=httpdoverride.conf dest=/etc/systemd/system/httpd.service.d/httpdoverride.conf
|
|
tags:
|
|
- httpd
|
|
- httpd/proxy
|
|
- httpdoverride
|
|
notify:
|
|
- Reload systemd
|