mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-03-20 03:57:02 +08:00
100 lines
2.4 KiB
YAML
100 lines
2.4 KiB
YAML
---
|
|
- name: install sks
|
|
package: name=sks state=present
|
|
tags:
|
|
- packages
|
|
|
|
- name: install mod_ssl
|
|
package: name=mod_ssl state=present
|
|
tags:
|
|
- packages
|
|
|
|
- name: /srv/sks
|
|
file: >
|
|
path=/srv/sks
|
|
state=directory
|
|
owner=sks group=sks mode=0755
|
|
|
|
- name: /srv/sks/membership
|
|
copy: src="membership" dest=/srv/sks/membership owner=sks group=sks mode=0644
|
|
tags:
|
|
- config
|
|
- membership
|
|
|
|
- name: /srv/sks/sksconf
|
|
copy: src="sksconf" dest=/srv/sks/sksconf owner=sks group=sks mode=0644
|
|
tags:
|
|
- config
|
|
|
|
- name: /srv/sks/web
|
|
file: >
|
|
path=/srv/sks/web
|
|
state=directory
|
|
owner=sks group=sks mode=0755
|
|
|
|
- name: /srv/sks/web/index.html
|
|
copy: src="index.html" dest=/srv/sks/web/index.html owner=sks group=sks mode=0644
|
|
tags:
|
|
- config
|
|
|
|
- name: /srv/sks/web/css.css
|
|
copy: src="css.css" dest=/srv/sks/web/css.css owner=sks group=sks mode=0644
|
|
tags:
|
|
- config
|
|
|
|
- name: /srv/sks/web/robots.txt
|
|
copy: src="robots.txt" dest=/srv/sks/web/robots.txt owner=sks group=sks mode=0644
|
|
tags:
|
|
- config
|
|
|
|
- name: /etc/httpd/conf.d/sks.conf
|
|
template: src="sks.conf" dest=/etc/httpd/conf.d/sks.conf owner=root group=root mode=0644
|
|
tags:
|
|
- config
|
|
|
|
- name: /etc/httpd/conf.d/ssl.conf
|
|
template: src="ssl.conf" dest=/etc/httpd/conf.d/ssl.conf owner=root group=root mode=0644
|
|
tags:
|
|
- config
|
|
|
|
- name: /etc/pki/tls/keys_fedoraproject_org.crt.pem
|
|
copy: src="{{ private }}/files/httpd/keys_fedoraproject_org-2017.crt.pem" dest=/etc/pki/tls/keys_fedoraproject_org.crt.pem owner=root group=root mode=0600
|
|
tags:
|
|
- config
|
|
|
|
- name: /etc/pki/tls/keys_fedoraproject_org.key
|
|
copy: src="{{ private }}/files/httpd/keys_fedoraproject_org-2017.key" dest=/etc/pki/tls/keys_fedoraproject_org.key owner=root group=root mode=0600
|
|
tags:
|
|
- config
|
|
|
|
- cron: name="regenerate stats hourly"
|
|
hour="*"
|
|
minute="5"
|
|
job="pkill -f -n -SIGUSR2 'sks db'"
|
|
state=present
|
|
|
|
- name: Set sks-db to run on boot
|
|
service: name=sks-db enabled=yes
|
|
ignore_errors: true
|
|
notify:
|
|
- restart sks-db
|
|
tags:
|
|
- service
|
|
|
|
- name: Set sks-recon to run on boot
|
|
service: name=sks-recon enabled=yes
|
|
ignore_errors: true
|
|
notify:
|
|
- restart sks-recon
|
|
tags:
|
|
- service
|
|
|
|
# Two tasks for handling our custom selinux module
|
|
- name: copy over our custom selinux module
|
|
copy: src=keyserver.pp dest=/srv/sks/keyserver.pp
|
|
register: selinux_module
|
|
|
|
- name: install our custom selinux module
|
|
command: semodule -i /srv/sks/keyserver.pp
|
|
when: selinux_module is changed
|