fedora-infra_ansible/roles/taskotron/buildmaster/tasks/main.yml

---
- name: start httpd (provided in the apache role)
  service: name=httpd state=started

- name: ensure packages required for buildmaster are installed (yum)
  yum: name={{ item }} state=present enablerepo={{ extra_enablerepos }}
  with_items:
    - buildbot
    - buildbot-master
    - libsemanage-python
    - python-psycopg2
    - policycoreutils-python-utils
  when: ansible_distribution_major_version|int < 22

- name: ensure packages required for buildmaster are installed (dnf)
  dnf: name={{ item }} state=present enablerepo={{ extra_enablerepos }}
  with_items:
    - buildbot
    - buildbot-master
    - libsemanage-python
    - python-psycopg2
    - policycoreutils-python-utils
  when: ansible_distribution_major_version|int > 21 and ansible_cmdline.ostree is not defined

- name: ensure additional packages required for CI buildmaster are installed
  yum: name={{ item }} state=present enablerepo={{ extra_enablerepos }}
  when: ansible_distribution_major_version|int < 22 and (deployment_type == 'qa-prod' or deployment_type == 'qa-stg')
  with_items:
    - python-novaclient

- name: ensure additional packages required for CI buildmaster are installed
  dnf: name={{ item }} state=present enablerepo={{ extra_enablerepos }}
  when: ansible_distribution_major_version|int > 21 and (deployment_type == 'qa-prod' or deployment_type == 'qa-stg')
  with_items:
    - python-novaclient

- name: add the buildmaster user
  user: name={{ buildmaster_user }} home={{ buildmaster_home }}

- name: ensure buildmaster user can use home directory (old)
  file: path="{{ buildmaster_home }}" state=directory owner=buildmaster group=buildmaster mode=0775 setype=user_home_t
  when: deployment_type == 'local'

- name: ensure buildmaster user can use home directory (new)
  file: path="{{ buildmaster_home }}" state=directory owner=buildmaster group=buildmaster mode=0775
  when: deployment_type in ['dev', 'stg', 'prod']

- name: set the selinux fcontext type for the buildmaster_home to var_lib_t
  command: semanage fcontext -a -t var_lib_t "{{ buildmaster_home }}(/.*)?"
  when: deployment_type in ['dev', 'stg', 'prod', 'qa-stg']

- name: make sure the selinux fcontext is restored
  command: restorecon -R "{{ buildmaster_home }}"
  when: deployment_type in ['dev', 'stg', 'prod', 'qa-stg']

- name: allow httpd tcp connections with selinux
  seboolean: name=httpd_can_network_connect state=true persistent=yes

- name: copy httpd config
  template: src=buildmaster.conf.j2 dest=/etc/httpd/conf.d/buildmaster.conf owner=root group=root
  notify:
    - reload httpd

- name: ensure buildmaster database is created
  when: buildmaster_db_host != 'localhost'
  delegate_to: "{{ buildmaster_db_host }}"
  become: true
  become_user: postgres
  postgresql_db: db={{ buildmaster_db_name }}

- name: ensure dev db user has access to dev database
  when: deployment_type in ['dev', 'stg']
  delegate_to: "{{ buildmaster_db_host }}"
  become: true
  become_user: postgres
  postgresql_user: db={{ buildmaster_db_name }} user={{ buildmaster_db_user }} password={{ buildmaster_db_password }} role_attr_flags=NOSUPERUSER

- name: ensure prod db user has access to prod database
  when: deployment_type == 'prod'
  delegate_to: "{{ buildmaster_db_host }}"
  become: true
  become_user: postgres
  postgresql_user: db={{ buildmaster_db_name }} user={{ prod_buildmaster_db_user }} password={{ prod_buildmaster_db_password }} role_attr_flags=NOSUPERUSER

- name: ensure local db user has access to local database
  when: deployment_type == 'local'
  delegate_to: "{{ buildmaster_db_host }}"
  become: true
  become_user: postgres
  postgresql_user: db={{ buildmaster_db_name }} user={{ local_buildmaster_db_user }} password={{ local_buildmaster_db_password }} role_attr_flags=NOSUPERUSER

- name: put robots.txt at web root of external hostname
  when: robots_path is defined
  template: src=robots.txt.j2 dest={{ robots_path }}/robots.txt owner=apache group=apache mode=0644