blob: 81f0a08c8101ace9e88e168d62f67b791728ef51 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
---
- include: "mount_fs.yml"
- command: "ls -dZ /var/lib/pgsql"
register: pgsql_ls
- name: update selinux context for postgress db dir if it's wrong
command: "restorecon -vvRF /var/lib/pgsql"
when: pgsql_ls.stdout is defined and 'postgresql_db_t' not in pgsql_ls.stdout
- name: install copr-frontend and copr-selinux
dnf: state=latest name={{ item }}
with_items:
- copr-frontend
- copr-selinux
tags:
- packages
- name: ensure python2-flask-whooshee is latest
dnf: state=latest name=python2-flask-whooshee
tags:
- packages
- name: install additional pkgs for copr-frontend
dnf: state=present pkg={{ item }}
with_items:
- "bash-completion"
- "mod_ssl"
- redis
- logstash
tags:
- packages
- name: install copr configs
template: src="copr.conf" dest=/etc/copr/copr.conf mode=600
notify:
- reload httpd
tags:
- config
- name: enable and start redis # TODO: .service in copr-backend should depend on redis
service: name=redis enabled=yes state=started
- name: enable and start copr-fedmsg-listener
service: name=copr-fedmsg-listener enabled=yes state=started
- name: copy apache files to conf.d
copy: src="httpd/{{ item }}" dest="/etc/httpd/conf.d/{{ item }}"
with_items:
- "welcome.conf"
- "coprs.conf"
tags:
- config
- name: install copr-frontend ssl vhost for production
template: src="httpd/coprs_ssl.conf.j2" dest="/etc/httpd/conf.d/copr_ssl.conf"
when: not devel
tags:
- config
- include: "psql_setup.yml"
- name: upgrade db to head
command: alembic upgrade head
become: yes
become_user: copr-fe
args:
chdir: /usr/share/copr/coprs_frontend/
- name: set up chroots
command: ./manage.py create_chroot epel-5-i386 epel-5-x86_64 epel-6-i386 epel-6-x86_64 epel-7-x86_64 fedora-20-i386 fedora-20-x86_64 fedora-21-i386 fedora-21-x86_64 fedora-22-i386 fedora-22-x86_64 fedora-rawhide-i386 fedora-rawhide-x86_64
become: yes
become_user: copr-fe
args:
chdir: /usr/share/copr/coprs_frontend/
- name: set up admins
command: ./manage.py alter_user --admin {{ item }}
become: yes
become_user: copr-fe
args:
chdir: /usr/share/copr/coprs_frontend/
ignore_errors: yes
with_items:
- msuchy
- sgallagh
- spot
- nb
- kevin
- name: rebuild indexes
command: ./manage.py update_indexes
become: yes
become_user: copr-fe
args:
chdir: /usr/share/copr/coprs_frontend/
- name: install ssl certificates for production
include: "install_certs.yml"
when: not devel
tags:
- config
- name: enable services
service: state=started enabled=yes name={{ item }}
with_items:
- httpd
- logstash
- name: set acl for logstash to access httpd logs
acl: name=/var/log/httpd entity=logstash etype=user permissions=rx state=present
- name: set dev banner for dev instance
when: devel
copy: src=banner-include.html dest=/var/lib/copr/
- name: disallow robots on dev instance
when: devel
copy: src=robots.txt dest=/var/www/html/
|
