Skip to content

Commit

Permalink
Update all calls to sudo to use 'become' and sudo_user to 'become_user'
Browse files Browse the repository at this point in the history
  • Loading branch information
@nirik
nirik committed Feb 2, 2016
1 parent 9815e9a commit 9006a36
Show file tree
Hide file tree
Showing 26 changed files with 108 additions and 121 deletions.
6 changes: 3 additions & 3 deletions inventory/group_vars/all
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,10 +130,10 @@ env_suffix:
# nfs mount options, override at the group/host level
nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"

# by default set sudo to false here We can override it as needed.
# Note that if sudo is true, you need to unset requiretty for
# by default set become to false here We can override it as needed.
# Note that if become is true, you need to unset requiretty for
# ssh controlpersist to work.
sudo: false
become: false

# default the root_auth_users to nothing.
# This should be set for cloud instances in their host or group vars.
Expand Down
6 changes: 0 additions & 6 deletions playbooks/groups/copr-dist-git.yml
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
- name: check/create instance
hosts: copr-dist-git-stg:copr-dist-git
user: root
#user: centos
#sudo: True
gather_facts: False

vars_files:
Expand All @@ -17,8 +15,6 @@
- name: cloud basic setup
hosts: copr-dist-git-stg:copr-dist-git
user: root
#user: centos
#sudo: True
gather_facts: True
vars_files:
- /srv/web/infra/ansible/vars/global.yml
Expand All @@ -32,8 +28,6 @@
- name: provision instance
hosts: copr-dist-git-stg:copr-dist-git
user: root
# user: centos
# sudo: True
gather_facts: True

vars_files:
Expand Down
4 changes: 2 additions & 2 deletions playbooks/groups/mailman.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,8 +55,8 @@
- name: setup the database
hosts: db01.stg.phx2.fedoraproject.org:db01.phx2.fedoraproject.org
gather_facts: no
sudo: yes
sudo_user: postgres
become: yes
become_user: postgres
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
Expand Down
2 changes: 0 additions & 2 deletions playbooks/groups/openstack-compute-nodes.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,6 @@

- name: deploy Open Stack compute nodes
hosts: openstack-compute
user: root
sudo: yes
gather_facts: True

vars_files:
Expand Down
4 changes: 0 additions & 4 deletions playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
---
- name: Prepare storage on compute nodes
hosts: openstack-compute
user: root
sudo: yes
gather_facts: True

vars_files:
Expand All @@ -21,8 +19,6 @@

- name: deploy Open Stack controler
hosts: fed-cloud09.cloud.fedoraproject.org
user: root
sudo: yes
gather_facts: True

vars:
Expand Down
8 changes: 4 additions & 4 deletions playbooks/hosts/java-deptools.fedorainfracloud.org
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
- name: check/create instance
hosts: java-deptools.fedorainfracloud.org
user: fedora
sudo: True
become_user: fedora
become: True
gather_facts: False

vars_files:
Expand All @@ -15,8 +15,8 @@

- name: setup all the things
hosts: java-deptools.fedorainfracloud.org
user: fedora
sudo: True
become_user: fedora
become: True
gather_facts: True
vars_files:
- /srv/web/infra/ansible/vars/global.yml
Expand Down
4 changes: 2 additions & 2 deletions playbooks/hosts/lists-dev.fedorainfracloud.org.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,8 +96,8 @@
- name: setup db users/passwords for mailman and hyperkitty
hosts: lists-dev.fedorainfracloud.org
gather_facts: no
sudo: yes
sudo_user: postgres
becom: yes
become_user: postgres
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
Expand Down
2 changes: 1 addition & 1 deletion playbooks/ssh_host_keys.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
- hosts: all
sudo: False
become: False
vars:
keyfile: /tmp/known_hosts
tasks:
Expand Down
4 changes: 2 additions & 2 deletions playbooks/update_grokmirror_repos.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@

- name: update grokmirror repos
hosts: taskotron-dev:taskotron-stg:taskotron-prod
sudo: true
sudo_user: "{{ grokmirror_user }}"
become: true
become_user: "{{ grokmirror_user }}"
gather_facts: false

tasks:
Expand Down
8 changes: 4 additions & 4 deletions roles/beaker/virthost/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,8 +132,8 @@
group: "{{ libvirt_user }}"
when: item.hostname not in result.list_vms
with_items: clients
sudo: true
sudo_user: "{{ libvirt_user }}"
become: true
become_user: "{{ libvirt_user }}"

- name: ensure the guest lvs are created
lvol: lv={{ item.hostname }} vg={{ volgroup }} size={{ item.lvm_size }} state=present
Expand All @@ -144,6 +144,6 @@
command: "virsh define --file /home/{{ libvirt_user }}/{{ item.hostname }}.libvirt.xml"
when: item.hostname not in result.list_vms
with_items: clients
sudo: true
sudo_user: "{{ libvirt_user }}"
become: true
become_user: "{{ libvirt_user }}"

16 changes: 8 additions & 8 deletions roles/copr/frontend/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,29 +45,29 @@

- name: populate db
command: ./manage.py create_db --alembic alembic.ini
sudo: yes
sudo_user: copr-fe
become: yes
become_user: copr-fe
args:
chdir: /usr/share/copr/coprs_frontend/

- name: upgrade db to head
command: alembic upgrade head
sudo: yes
sudo_user: copr-fe
become: yes
become_user: copr-fe
args:
chdir: /usr/share/copr/coprs_frontend/

- name: set up chroots
command: ./manage.py create_chroot epel-5-i386 epel-5-x86_64 epel-6-i386 epel-6-x86_64 epel-7-x86_64 fedora-20-i386 fedora-20-x86_64 fedora-21-i386 fedora-21-x86_64 fedora-22-i386 fedora-22-x86_64 fedora-rawhide-i386 fedora-rawhide-x86_64
sudo: yes
sudo_user: copr-fe
become: yes
become_user: copr-fe
args:
chdir: /usr/share/copr/coprs_frontend/

- name: set up admins
command: ./manage.py alter_user --admin {{ item }}
sudo: yes
sudo_user: copr-fe
become: yes
become_user: copr-fe
args:
chdir: /usr/share/copr/coprs_frontend/
ignore_errors: yes
Expand Down
8 changes: 4 additions & 4 deletions roles/copr/frontend/tasks/psql_setup.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,10 +47,10 @@

- name: Create db
postgresql_db: name="coprdb" encoding='UTF-8'
sudo: yes
sudo_user: postgres
become: yes
become_user: postgres

- name: Create db user
postgresql_user: db="coprdb" name="copr-fe" password="{{ copr_database_password }}" role_attr_flags=SUPERUSER,NOCREATEDB,NOCREATEROLE
sudo: yes
sudo_user: postgres
become: yes
become_user: postgres
1 change: 0 additions & 1 deletion roles/copr/keygen/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,6 @@
lineinfile: dest="/usr/lib/systemd/system/signd.service" line="[Install]" state=present

- name: ensure services are running
sudo: True
service: name={{ item }} state=started enabled=yes
with_items:
- httpd
Expand Down
8 changes: 4 additions & 4 deletions roles/dopr/tasks/psql_setup.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,10 +37,10 @@

- name: Create db
postgresql_db: name="cdicdb" encoding='UTF-8'
sudo: yes
sudo_user: postgres
become: yes
become_user: postgres

- name: Create db user
postgresql_user: db="cdicdb" name="cdic" password="{{ dopr_db_passwd }}" role_attr_flags=SUPERUSER,NOCREATEDB,NOCREATEROLE
sudo: yes
sudo_user: postgres
become: yes
become_user: postgres
12 changes: 6 additions & 6 deletions roles/openqa/server/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,8 +77,8 @@
repo: https://bitbucket.org/rajcze/openqa_fedora
dest: /var/lib/openqa/share/tests/fedora
register: gittests
sudo: true
sudo_user: geekotest
become: true
become_user: geekotest

- name: Check out openqa_fedora_tools
git:
Expand Down Expand Up @@ -131,15 +131,15 @@

- name: Create database
delegate_to: "{{ openqa_dbhost }}"
sudo_user: postgres
sudo: true
become_user: postgres
become: true
postgresql_db: db={{ openqa_dbname }}
when: "openqa_dbhost is defined"

- name: Ensure db user has access to database
delegate_to: "{{ openqa_dbhost }}"
sudo_user: postgres
sudo: true
become_user: postgres
become: true
postgresql_user: db={{ openqa_dbname }} user={{ openqa_dbuser }} password={{ openqa_dbpassword }} role_attr_flags=NOSUPERUSER
when: "openqa_dbhost is defined"

Expand Down
16 changes: 8 additions & 8 deletions roles/taskotron/buildmaster-configure/tasks/main.yml
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
- name: create master
sudo: true
sudo_user: "{{ buildmaster_user }}"
become: true
become_user: "{{ buildmaster_user }}"
command: creates={{ buildmaster_dir }} buildbot create-master -r {{ buildmaster_dir }}

- name: upload master config
sudo: true
sudo_user: "{{ buildmaster_user }}"
become: true
become_user: "{{ buildmaster_user }}"
template: src={{ buildmaster_template }} dest={{ buildmaster_dir }}/master.cfg owner={{ buildmaster_user }} group={{ buildmaster_user }}

- name: check master config
sudo: true
sudo_user: "{{ buildmaster_user }}"
become: true
become_user: "{{ buildmaster_user }}"
command: buildbot checkconfig {{ buildmaster_dir }}

#- name: upgrade master
Expand All @@ -23,6 +23,6 @@
service: name=buildmaster enabled=yes state=started

- name: reconfig master
sudo: true
sudo_user: "{{ buildmaster_user }}"
become: true
become_user: "{{ buildmaster_user }}"
command: buildbot reconfig {{ buildmaster_dir }}
16 changes: 8 additions & 8 deletions roles/taskotron/buildmaster/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,29 +48,29 @@
- name: ensure buildmaster database is created
when: buildmaster_db_host != 'localhost'
delegate_to: "{{ buildmaster_db_host }}"
sudo: true
sudo_user: postgres
become: true
become_user: postgres
postgresql_db: db={{ buildmaster_db_name }}

- name: ensure dev db user has access to dev database
when: deployment_type in ['dev', 'stg']
delegate_to: "{{ buildmaster_db_host }}"
sudo: true
sudo_user: postgres
become: true
become_user: postgres
postgresql_user: db={{ buildmaster_db_name }} user={{ buildmaster_db_user }} password={{ buildmaster_db_password }} role_attr_flags=NOSUPERUSER

- name: ensure prod db user has access to prod database
when: deployment_type == 'prod'
delegate_to: "{{ buildmaster_db_host }}"
sudo: true
sudo_user: postgres
become: true
become_user: postgres
postgresql_user: db={{ buildmaster_db_name }} user={{ prod_buildmaster_db_user }} password={{ prod_buildmaster_db_password }} role_attr_flags=NOSUPERUSER

- name: ensure local db user has access to local database
when: deployment_type == 'local'
delegate_to: "{{ buildmaster_db_host }}"
sudo: true
sudo_user: postgres
become: true
become_user: postgres
postgresql_user: db={{ buildmaster_db_name }} user={{ local_buildmaster_db_user }} password={{ local_buildmaster_db_password }} role_attr_flags=NOSUPERUSER

- name: put robots.txt at web root of external hostname
Expand Down
28 changes: 14 additions & 14 deletions roles/taskotron/buildslave-configure/tasks/main.yml
View file
Original file line number Diff line number Diff line change
@@ -1,19 +1,19 @@
- name: create slave
sudo: true
sudo_user: "{{ slave_user }}"
become: true
become_user: "{{ slave_user }}"
command: creates={{ slave_dir }} buildslave create-slave {{ slave_dir }} {{ buildmaster }} buildslave passwd
when: deployment_type in ['local', 'qa-stg']

- name: generate slave config
sudo: true
sudo_user: "{{ slave_user }}"
become: true
become_user: "{{ slave_user }}"
template: src=buildbot.tac.j2 dest={{ slave_dir }}/buildbot.tac mode=0600 owner={{ slave_user }} group={{ slave_user }}
when: deployment_type in ['local', 'qa-stg']
#when: deployment_type == 'prod' or deployment_type == 'stg' or deployment_type == 'local'

- name: generate slave info
sudo: true
sudo_user: "{{ slave_user }}"
become: true
become_user: "{{ slave_user }}"
template: src={{ item }}.j2 dest={{ slave_dir }}/info/{{ item }} mode=0644 owner={{ slave_user }} group={{ slave_user }}
with_items:
- admin
Expand Down Expand Up @@ -47,32 +47,32 @@


- name: create slave
sudo: true
sudo_user: '{{ item.user }}'
become: true
become_user: '{{ item.user }}'
command: creates={{ item.dir }} buildslave create-slave {{ item.dir }} {{ buildmaster }} buildslave passwd
with_items:
- '{{ slaves|default([dict(user="", home="", dir="")]) }}'
when: deployment_type in ['dev', 'stg', 'prod']

- name: generate slave config
sudo: true
sudo_user: '{{ item.user }}'
become: true
become_user: '{{ item.user }}'
template: src=buildbot.tac.j2 dest={{ item.dir }}/buildbot.tac mode=0600 owner={{ item.user }} group={{ slaves_group }}
with_items:
- '{{ slaves|default([dict(user="", home="", dir="")]) }}'
when: deployment_type in ['dev', 'stg', 'prod']

- name: generate slave admin info
sudo: true
sudo_user: '{{ item.user }}'
become: true
become_user: '{{ item.user }}'
template: src=admin.j2 dest={{ item.dir }}/info/admin mode=0644 owner={{ item.user }} group={{ slaves_group }}
with_items:
- '{{ slaves|default([dict(user="", home="", dir="")]) }}'
when: deployment_type in ['dev', 'stg', 'prod']

- name: generate slave host info
sudo: true
sudo_user: '{{ item.user }}'
become: true
become_user: '{{ item.user }}'
template: src=host.j2 dest={{ item.dir }}/info/host mode=0644 owner={{ item.user }} group={{ slaves_group }}
with_items:
- '{{ slaves|default([dict(user="", home="", dir="")]) }}'
Expand Down

0 comments on commit 9006a36

Please sign in to comment.