mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-03-20 03:57:02 +08:00
b56a7826c6
We often get never-removed instances that need to be sent to IBM support for manual removal. This is the helper that eases the reporting part.
180 lines
4.4 KiB
YAML
180 lines
4.4 KiB
YAML
---
|
|
- name: install packages needed by resalloc server
|
|
dnf:
|
|
state: present
|
|
name:
|
|
- genisoimage
|
|
- libvirt-client
|
|
- postgresql-server
|
|
- python3-psycopg2
|
|
- python3-ibm-vpc
|
|
- resalloc
|
|
- resalloc-server
|
|
- resalloc-openstack
|
|
- resalloc-aws
|
|
- resalloc-webui
|
|
- virt-install
|
|
|
|
- name: See if postgreSQL is initialized
|
|
stat: path=/var/lib/pgsql/data/PG_VERSION
|
|
register: postgres_initialized
|
|
|
|
- name: init postgresql
|
|
shell: "postgresql-setup initdb"
|
|
when: not postgres_initialized.stat.exists
|
|
|
|
- name: enable PostgreSQL service
|
|
service: state=started enabled=yes name=postgresql
|
|
|
|
- name: allow system users to conenct into the database
|
|
lineinfile:
|
|
path: /var/lib/pgsql/data/pg_ident.conf
|
|
line: "{{ item }}"
|
|
owner: postgres
|
|
group: postgres
|
|
mode: 0600
|
|
with_items:
|
|
- "all postgres postgres"
|
|
- "all resalloc resalloc"
|
|
- "all lighttpd resalloc"
|
|
|
|
- name: configure access to the resalloc database
|
|
postgresql_pg_hba:
|
|
dest: /var/lib/pgsql/data/pg_hba.conf
|
|
contype: local
|
|
databases: all
|
|
users: all
|
|
method: peer
|
|
options: map=all
|
|
|
|
- name: Create PG user
|
|
postgresql_user: name="resalloc"
|
|
become: yes
|
|
become_user: postgres
|
|
|
|
- name: Create db
|
|
postgresql_db: name="resalloc" encoding='UTF-8' owner=resalloc
|
|
become: yes
|
|
become_user: postgres
|
|
|
|
- set_fact:
|
|
provision_directory: /var/lib/resallocserver/provision
|
|
ibmcloud_token_file: /var/lib/resallocserver/.ibm-cloud-token
|
|
tags:
|
|
- always
|
|
|
|
- name: setup provision directory
|
|
include_tasks: setup_provisioning_environment.yml
|
|
tags:
|
|
- always
|
|
vars:
|
|
cloud_vars: true
|
|
provision_user: resalloc
|
|
|
|
- name: install .ansible.cfg for {{ provision_user }} user
|
|
copy: src=ansible.cfg dest=/var/lib/resallocserver/.ansible.cfg
|
|
owner=resalloc group=resalloc mode=600
|
|
tags:
|
|
- provision_config
|
|
|
|
- name: resalloc, sync resalloc provisioning files
|
|
synchronize: src="resalloc_provision/" dest="/var/lib/resallocserver/resalloc_provision/"
|
|
tags:
|
|
- provision_config
|
|
|
|
- name: resalloc, scripts
|
|
template: src="resalloc/{{ item }}.j2" dest="/var/lib/resallocserver/resalloc_provision/{{ item }}"
|
|
mode=755
|
|
with_items:
|
|
- vm-delete
|
|
- vm-release
|
|
- ibm-cloud-vm
|
|
- ibm-cloud-list-vms
|
|
- ibm-cloud-list-deleting-vms
|
|
- osuosl-vm
|
|
tags:
|
|
- provision_config
|
|
|
|
- name: resalloc, ssh directory
|
|
file:
|
|
path: /var/lib/resallocserver/.ssh
|
|
state: directory
|
|
mode: 0700
|
|
owner: resalloc
|
|
group: resalloc
|
|
|
|
- name: resalloc, copy backend ssh identity
|
|
copy:
|
|
src: "{{ private }}/files/copr/buildsys.priv"
|
|
dest: /var/lib/resallocserver/.ssh/id_rsa
|
|
owner: resalloc
|
|
group: resalloc
|
|
mode: 0600
|
|
|
|
- name: resalloc, ssh config file
|
|
copy:
|
|
src: "ssh_config"
|
|
dest: /var/lib/resallocserver/.ssh/config
|
|
owner: resalloc
|
|
group: resalloc
|
|
mode: 0600
|
|
|
|
- name: resalloc, server config
|
|
template:
|
|
src: "resalloc/{{ item }}"
|
|
dest: "/etc/resallocserver/{{ item }}"
|
|
mode: 0640
|
|
owner: resalloc
|
|
group: resalloc
|
|
with_items:
|
|
- server.yaml
|
|
- pools.yaml
|
|
tags:
|
|
- provision_config
|
|
- resalloc_config
|
|
|
|
- name: start/enable resalloc server
|
|
service:
|
|
name: resalloc
|
|
state: started
|
|
enabled: yes
|
|
when: not services_disabled|bool
|
|
|
|
- name: shortcuts around resalloc-aws-start
|
|
template: src="{{ roles_path }}/copr/backend/templates/provision/copr-resalloc-aws-new.j2"
|
|
dest="/usr/local/bin/copr-resalloc-aws-new-{{ item }}"
|
|
mode=0755
|
|
with_items:
|
|
- aarch64
|
|
- x86_64
|
|
tags:
|
|
- provision_config
|
|
- provision_config_resalloc_aws
|
|
|
|
- name: shortcut for creating s390x images in cloud
|
|
copy:
|
|
src: copr-prepare-s390x-image-builder
|
|
dest: /usr/local/bin/copr-prepare-s390x-image-builder
|
|
mode: 0755
|
|
tags:
|
|
- images_s390x
|
|
|
|
- name: f33 has outdated ansible community general plugins, use copr
|
|
community.general.copr:
|
|
state: enabled
|
|
name: praiskup/ansible-collection-community-genral-f33
|
|
when: ansible_distribution_major_version|int == 33 and ansible_distribution == 'Fedora'
|
|
|
|
- name: sometimes it is worth having the copr.py ansible plugin
|
|
package: name=ansible-collection-community-general state=latest
|
|
|
|
- name: install IBM Cloud token file
|
|
copy:
|
|
content: "IBMCLOUD_API_KEY={{ copr_cloud_ibm_token | default('unset') }}"
|
|
dest: "{{ ibmcloud_token_file }}"
|
|
owner: resalloc
|
|
group: resalloc
|
|
mode: 0600
|
|
tags:
|
|
- provision_config
|