-
Notifications
You must be signed in to change notification settings - Fork 11
/
main.yml
190 lines (166 loc) · 4.64 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
- name: Mount external volume - create a partition
parted:
device: /dev/vdb
number: 1
state: present
- name: Mount external volume - create a filesystem
filesystem:
fstype: xfs
dev: /dev/vdb1
- name: create a mount folder
file:
path: /var/lib/docker
state: directory
- name: Mount external volume - mount the partition
mount:
path: /var/lib/docker
src: /dev/vdb1
fstype: xfs
state: mounted
- name: Install influxdb repo to get telegraf
yum_repository:
name: influxdb
description: InfluxDB Repository - RHEL \$releasever
baseurl: https://repos.influxdata.com/rhel/\$releasever/\$basearch/stable
enabled: yes
gpgcheck: yes
gpgkey: https://repos.influxdata.com/influxdb.key
- name: Install required packages
yum:
name: '{{ item }}'
state: present
with_items:
- docker
- docker-python
- httpd
- python-virtualenv
- telegraf
- name: Create a directory for the promoter logs
file:
path: '/home/centos/promoter_logs'
state: directory
setype: httpd_sys_content_t
owner: centos
group: centos
- name: copy logrotate selinux policy
copy:
src: logrotate-promoter.te
dest: /tmp/logrotate-promoter.te
register: policy
- name: compile and permanently install policy
shell: |
checkmodule -M -m -o /tmp/logrotate-promoter.mod /tmp/logrotate-promoter.te
semodule_package -m /tmp/logrotate-promoter.mod -o /tmp/logrotate-promoter.pp
semodule -i /tmp/logrotate-promoter.pp
rm -f /tmp/logrotate-promoter.pp /tmp/logrotate-promoter.mod
when: policy|changed
- name: Fix home directory permissions
file:
path: '/home/centos'
mode: 0755
- name: Disable the default welcome page
copy:
content: ''
dest: '/etc/httpd/conf.d/welcome.conf'
backup: yes
- name: Add config file for Apache to expose the logs
blockinfile:
path: '/etc/httpd/conf.d/promoter_logs.conf'
create: yes
block: |
<VirtualHost *:80>
ServerAdmin rdo-ci-admins@redhat.com
DocumentRoot "/home/centos/promoter_logs"
<Directory /home/centos/promoter_logs>
Options Indexes MultiViews
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
register: apache_config
- name: Start and enable Apache
service:
name: httpd
state: restarted
enabled: yes
when: apache_config|changed
- name: Start and enable Docker
service:
name: docker
state: started
enabled: yes
- name: add configuration for the log rotation
copy:
content: |
/home/centos/promoter_logs/*.log {
daily
missingok
su centos centos
dateext
dateyesterday
notifempty
delaycompress
rotate 60
}
dest: /etc/logrotate.d/promoter
owner: root
group: root
mode: 0644
- name: Copy files from the provisioned location to target
command: 'cp {{ item.source }} {{ item.target }}'
args:
creates: '{{ item.target }}'
with_items:
- { source: '/root/dlrnapi_secret', target: '/home/centos/dlrnapi_secret' }
- { source: '/root/registry_secret', target: '/home/centos/registry_secret' }
- { source: '/root/uploader_key', target: '/home/centos/.ssh/id_rsa' }
- name: Fix owners of the files
file:
path: '{{ item }}'
mode: '0600'
owner: 'centos'
group: 'centos'
with_items:
- '/home/centos/dlrnapi_secret'
- '/home/centos/registry_secret'
- '/home/centos/.ssh/id_rsa'
- become: true
become_user: centos
block:
- name: Clone to the ci-config repo
git:
repo: 'https://review.rdoproject.org/r/p/rdo-infra/ci-config.git'
dest: '~/ci-config'
- name: Generate public key from private key for uploader user
shell: >
ssh-keygen -y -t rsa -N '' -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
args:
creates: /home/centos/.ssh/id_rsa.pub
- name: Create a virtualenv for the promoter script
pip:
requirements: ~/ci-config/ci-scripts/dlrnapi_promoter/requirements.txt
virtualenv: ~/promoter_venv
- name: Install promoter service
copy:
src: dlrn-promoter.service
dest: /etc/systemd/system/
mode: '0644'
owner: 'root'
group: 'root'
- name: Start and enable promoter
service
name: dlrn-promoter
state: started
enabled: yes
- name: Copy telegraf config for promoter
copy:
src: dlrn-promoter.telegraf.conf
dest: /etc/telegraf/telegraf.d/dlrn-promoter.conf
mode: '0644'
owner: 'root'
group: 'root'
- name: Start and enable telegraf
service
name: telegraf
state: started
enabled: yes