mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-04-28 12:32:50 +08:00
226 lines
7.3 KiB
YAML
226 lines
7.3 KiB
YAML
- name: set root passwd
|
|
user: name=root password={{ builder_rootpw }} state=present
|
|
tags:
|
|
- rootpw
|
|
|
|
- name: add mock user as 425
|
|
user: name=mock uid=425 state=present home=/var/lib/mock createhome=yes system=yes
|
|
- name: make mock homedir 2775
|
|
file: state=directory path=/var/lib/mock mode=2775 owner=mock group=mock
|
|
- name: add mock ssh dir
|
|
file: state=directory path=/var/lib/mock/.ssh mode=700 owner=mock group=mock
|
|
- name: add mock ssh keys
|
|
copy: src="{{ files }}/../roles/koji_builder/files//mock_auth_keys" dest=/var/lib/mock/.ssh/authorized_keys mode=644 owner=mock group=mock
|
|
|
|
- name: add ftpsync group
|
|
group: name=ftpsync gid=263 system=yes state=present
|
|
|
|
- name: add ftpsync user
|
|
user: name=ftpsync uid=263 group=ftpsync createhome=yes system=yes state=present
|
|
|
|
- name: add create-filelist script from quick-fedora-mirror
|
|
copy: src="{{ files }}/scripts/create-filelist" dest=/usr/local/bin/create-filelist mode=0755 owner=ftpsync group=ftpsync
|
|
|
|
- name: add the ftpsync update-fullfiletimelist script
|
|
copy: src="{{ files }}/scripts/update-fullfiletimelist" dest=/usr/local/bin/update-fullfiletimelist mode=0755
|
|
|
|
- name: add masher group
|
|
group: name=masher gid=751 system=yes state=present
|
|
# masher user 751
|
|
- name: add masher user as 751 - and group
|
|
user: name=masher uid=751 group=masher home=/home/masher groups=mock,ftpsync,fedmsg
|
|
# masher ssh keys and config
|
|
- name: add masher ssh dir
|
|
file: state=directory path=/home/masher/.ssh mode=700 owner=masher group=masher
|
|
- name: add masher ssh keys
|
|
copy: src="mash/masher.{{ item }}" dest="/home/masher/.ssh/{{ item }}" mode=600 owner=masher group=masher
|
|
with_items:
|
|
- id_rsa.pub
|
|
- config
|
|
|
|
- name: add masher ssh priv key
|
|
copy: src="{{ private }}/files/mash/masher.id_rsa" dest=/home/masher/.ssh/id_rsa mode=600 owner=masher group=masher
|
|
|
|
- name: add masher koji cert/key
|
|
copy: src="{{ private }}/files/mash/masher.pem" dest=/home/masher/.fedora.cert mode=600 owner=masher group=masher
|
|
|
|
- name: add releng koji cert/key
|
|
copy: src="{{ private }}/files/releng_key_and_cert.pem" dest=/root/.fedora.cert mode=600 owner=root group=root
|
|
|
|
# rawhide group
|
|
- name: rawhide group
|
|
group: name=rawhide gid=265
|
|
# rawhide user 265
|
|
- name: add rawhide user
|
|
user: name=rawhide uid=265 group=rawhide home=/tmp comment="rawhide compose account"
|
|
|
|
- name: make a bunch of dirs
|
|
file: state=directory path={{ item }}
|
|
with_items:
|
|
- /pub
|
|
- /pub/fedora-secondary
|
|
- /epel
|
|
- /mnt/fedora_koji
|
|
- /var/spool/rsyslog
|
|
|
|
- name: add pkgs
|
|
dnf: state=present pkg={{ item }}
|
|
with_items:
|
|
- yum-utils
|
|
- koji
|
|
- strace
|
|
- mock
|
|
- nfs-utils
|
|
- git
|
|
- mash
|
|
- intltool
|
|
- mutt
|
|
- createrepo
|
|
- pykickstart
|
|
- pyliblzma
|
|
- httpd
|
|
- hardlink
|
|
- pungi
|
|
- compose-utils
|
|
- python-scandir
|
|
- python2-productmd
|
|
|
|
- name: add pkgs
|
|
dnf: state=present pkg={{ item }}
|
|
with_items:
|
|
- pungi-utils
|
|
when: "'releng-compose' in group_names"
|
|
|
|
# add sigul to secondary arch compose boxes
|
|
- name: add pkgs
|
|
dnf: state=present pkg={{ item }}
|
|
with_items:
|
|
- sigul
|
|
when: ansible_distribution_major_version|int > 21 and "'releng-secondary' in group_names"
|
|
|
|
# put secondary sigul config on secondary compose boxes
|
|
- name: secondary sigul config
|
|
copy: src="sigul-client-secondary.conf" dest=/etc/sigul/client.conf
|
|
when: "'releng-secondary' in group_names"
|
|
|
|
- name: copy over our mash.conf
|
|
template: src=mash.conf dest=/etc/mash/mash.conf
|
|
|
|
- name: Custom compose-koji
|
|
template: src=compose-koji.j2 dest=/usr/bin/compose-koji
|
|
mode=0755
|
|
|
|
- name: /etc/koji.conf
|
|
template: src=koji.conf.j2 dest=/etc/koji.conf.d/compose.conf
|
|
|
|
# mock configs
|
|
- name: put extra special mock configs in
|
|
template: src="{{ item }}" dest="/etc/mock/{{ item }}" mode=644
|
|
with_items:
|
|
- fedora-22-compose-armhfp.cfg
|
|
- fedora-23-compose-armhfp.cfg
|
|
- fedora-24-compose-armhfp.cfg
|
|
- fedora-branched-compose-armhfp.cfg
|
|
- fedora-rawhide-compose-armhfp.cfg
|
|
- fedora-22-compose-i386.cfg
|
|
- fedora-23-compose-i386.cfg
|
|
- fedora-24-compose-i386.cfg
|
|
- fedora-branched-compose-i386.cfg
|
|
- fedora-rawhide-compose-i386.cfg
|
|
- fedora-22-compose-x86_64.cfg
|
|
- fedora-23-compose-x86_64.cfg
|
|
- fedora-24-compose-x86_64.cfg
|
|
- fedora-branched-compose-x86_64.cfg
|
|
- fedora-rawhide-compose-x86_64.cfg
|
|
- fedora-22-compose-aarch64.cfg
|
|
- fedora-23-compose-aarch64.cfg
|
|
- fedora-24-compose-aarch64.cfg
|
|
- fedora-branched-compose-aarch64.cfg
|
|
- fedora-rawhide-compose-aarch64.cfg
|
|
- fedora-22-compose-ppc64.cfg
|
|
- fedora-23-compose-ppc64.cfg
|
|
- fedora-24-compose-ppc64.cfg
|
|
- fedora-branched-compose-ppc64.cfg
|
|
- fedora-rawhide-compose-ppc64.cfg
|
|
- fedora-22-compose-ppc64le.cfg
|
|
- fedora-23-compose-ppc64le.cfg
|
|
- fedora-24-compose-ppc64le.cfg
|
|
- fedora-branched-compose-ppc64le.cfg
|
|
- fedora-rawhide-compose-ppc64le.cfg
|
|
|
|
- name: make a mnt/koji link
|
|
file: state=link src=/mnt/fedora_koji/koji dest=/mnt/koji
|
|
when: "'releng-compose' in group_names"
|
|
|
|
- name: make a mnt/koji link for AltArch
|
|
file: state=link src=/mnt/fedora_koji dest=/mnt/koji
|
|
when: "'releng-secondary' in group_names"
|
|
|
|
- name: symlink /srv/pungi
|
|
file: src=/mnt/fedora_koji/koji/compose dest=/srv/pungi state=link
|
|
when: "'releng-secondary' not in group_names"
|
|
|
|
- name: add pkgs for nightly compose
|
|
yum: state=present pkg={{ item }}
|
|
with_items:
|
|
- packagedb-cli
|
|
when: "'releng-compose' in group_names"
|
|
|
|
# put cron job in for branched compose
|
|
- name: branched compose cron
|
|
copy: src="branched" dest=/etc/cron.d/branched
|
|
when: inventory_hostname.startswith('branched-composer')
|
|
|
|
# put cron job in for rawhide compose
|
|
- name: rawhide compose cron
|
|
copy: src="rawhide" dest=/etc/cron.d/rawhide
|
|
when: inventory_hostname.startswith('rawhide-composer')
|
|
|
|
# put cron job in for aarch64 branched compose
|
|
- name: aarch64 branched compose cron
|
|
copy: src="aarch64.branched" dest=/etc/cron.d/branched
|
|
when: inventory_hostname.startswith('compose-ppc64le-01')
|
|
|
|
# put cron job in for Power64 branched compose
|
|
- name: power64 branched compose cron
|
|
copy: src="power64.branched" dest=/etc/cron.d/branched
|
|
when: inventory_hostname.startswith('compose-ppc64-01')
|
|
|
|
# put cron job in for s390 branched compose
|
|
- name: s390 branched compose cron
|
|
copy: src="s390.branched" dest=/etc/cron.d/branched
|
|
when: inventory_hostname.startswith('compose-s390-01')
|
|
|
|
# put cron job in for s390 rawhide compose
|
|
- name: s390 rawhide compose cron
|
|
copy: src="s390.rawhide" dest=/etc/cron.d/rawhide
|
|
when: inventory_hostname.startswith('compose-s390-01')
|
|
|
|
# put cron job in for two-week nightly compose
|
|
- name: twoweek compose cron
|
|
copy: src="twoweek-updates" dest=/etc/cron.d/twoweek-updates
|
|
when: inventory_hostname.startswith('compose-x86-01')
|
|
|
|
# put cron job in for docker nightly compose
|
|
- name: docker compose cron
|
|
copy: src="docker-updates" dest=/etc/cron.d/docker-updates
|
|
when: inventory_hostname.startswith('compose-x86-01')
|
|
|
|
# put cron job in for continuously deliverying atomic host
|
|
- name: atomic-cd compose cron
|
|
copy: src="atomic-cd" dest=/etc/cron.d/atomic-cd
|
|
when: inventory_hostname.startswith('compose-x86-01')
|
|
|
|
- name: install compose /etc/httpd/conf.d/compose.conf file
|
|
copy: >
|
|
src="compose.conf"
|
|
dest="/etc/httpd/conf.d/compose.conf"
|
|
owner=root
|
|
group=root
|
|
mode=0644
|
|
notify:
|
|
- reload httpd
|
|
tags:
|
|
- config
|
|
when: inventory_hostname.startswith('compose-x86-01')
|