mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-03-20 03:57:02 +08:00
9717d920af
Looks like the scrapers are hitting the download servers now. So, look at setting up an anubis pod there like we did for pagure. anubis package isn't available for epel9, so we just use the container. Will test this with dl01 and tweak until it's working. Signed-off-by: Kevin Fenzi <kevin@scrye.com>
75 lines
1.3 KiB
YAML
75 lines
1.3 KiB
YAML
---
|
|
|
|
- name: Install podman for anubis container
|
|
ansible.builtin.package:
|
|
name: podman
|
|
state: present
|
|
tags:
|
|
- config
|
|
- anubis
|
|
|
|
- name: Add anubis group
|
|
ansible.builtin.group:
|
|
name: anubis
|
|
system: yes
|
|
tags:
|
|
- config
|
|
- anubis
|
|
|
|
- name: Add anubis user
|
|
ansible.builtin.user:
|
|
name: anubis
|
|
group: anubis
|
|
system: yes
|
|
tags:
|
|
- config
|
|
- anubis
|
|
|
|
- name: Create the directory to store the anubis policy file
|
|
ansible.builtin.file:
|
|
dest: /srv/anubis/cfg/
|
|
state: directory
|
|
recurse: true
|
|
owner: root
|
|
group: root
|
|
mode: '0755'
|
|
tags:
|
|
- config
|
|
- anubis
|
|
|
|
- name: Add the anubis bot config file
|
|
ansible.builtin.copy:
|
|
src: botPolicy.yaml
|
|
dest: /srv/anubis/cfg/botPolicy.yaml
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
tags:
|
|
- config
|
|
- anubis
|
|
|
|
# This service calls podman to pull the anubis container,
|
|
# then sets various env variables for the service and runs it.
|
|
|
|
- name: Add the anubis systemd service
|
|
ansible.builtin.copy:
|
|
src: anubis.service
|
|
dest: /etc/systemd/system/anubis.service
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
tags:
|
|
- config
|
|
- anubis
|
|
notify:
|
|
- Reload systemd
|
|
|
|
- name: Enable and make sure pod is started
|
|
ansible.builtin.systemd:
|
|
name: anubis
|
|
state: started
|
|
enabled: true
|
|
tags:
|
|
- config
|
|
- anubis
|