Merge "Fix apt-cacher-ng file owners during rsync"

2016-12-21 12:38:48 +00:00 · 2016-12-21 12:38:48 +00:00 · aae3f2ba69
commit aae3f2ba69
parent 997047b558 1169edc47b
8 changed files with 96 additions and 21 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -46,5 +46,16 @@ repo_pkg_cache_enabled: true
 # Set the listening port for the Package Cache service
 repo_pkg_cache_port: 3142

-# Set the listening address for the PAckage Cache service
+# Set the listening address for the Package Cache service
 repo_pkg_cache_bind: "0.0.0.0"
+
+# Set the git file paths
+repo_git_cache_dirname: openstackgit
+repo_git_cache_dir: "{{ repo_service_home_folder }}/repo/{{ repo_git_cache_dirname }}"
+
+# Set the Package Cache Service files path
+repo_pkg_cache_dirname: pkg-cache
+repo_pkg_cache_dir: "{{ repo_service_home_folder }}/repo/{{ repo_pkg_cache_dirname }}"
+
+# Set the Package Cache Service owner
+repo_pkg_cache_owner: apt-cacher-ng
--- a/tasks/repo_cacher.yml
+++ b/tasks/repo_cacher.yml
@ -42,9 +42,9 @@

 - name: Create cache directory
  file:
-    path: "{{ repo_service_home_folder }}/repo/pkg-cache"
+    path: "{{ repo_pkg_cache_dir }}"
    state: "directory"
-    owner: "apt-cacher-ng"
+    owner: "{{ repo_pkg_cache_owner }}"
    group: "{{ repo_service_group_name }}"
    mode: "02775"

@ -72,4 +72,3 @@
    dest: "/etc/apt-cacher-ng/acng.conf"
  notify:
    - reload acng
-
--- a/tasks/repo_post_install.yml
+++ b/tasks/repo_post_install.yml
@ -78,16 +78,26 @@
  tags:
    - pkg-repo-dirs

+- name: Drop repo pre/post command script
+  template:
+    src: repo_prepost_cmd.sh.j2
+    dest: "{{ repo_service_home_folder }}/repo/repo_prepost_cmd.sh"
+    mode: "0750"
+    owner: "root"
+    group: "root"
+  tags:
+    - pkg-repo-config
+
 - name: Check if the git folder exists already
  stat:
-    path: "{{ repo_service_home_folder }}/repo/openstackgit"
+    path: "{{ repo_git_cache_dir }}"
  register: _git_folder
  tags:
    - pkg-repo-dirs

 - name: Git service data folder setup
  file:
-    path: "{{ (_git_folder.stat.exists and _git_folder.stat.islnk) | ternary(_git_folder.stat.lnk_source, repo_service_home_folder + '/repo/openstackgit') }}"
+    path: "{{ (_git_folder.stat.exists and _git_folder.stat.islnk) | ternary(_git_folder.stat.lnk_source, repo_git_cache_dir) }}"
    state: "directory"
    owner: "{{ repo_service_user_name }}"
    group: "{{ repo_service_group_name }}"
--- a/tasks/repo_pre_install.yml
+++ b/tasks/repo_pre_install.yml
@ -13,20 +13,13 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

-# This is so that the master repo server can stop nginx on the slaves
-# while data is syncing.
+# This is so that the master repo server can perform pre and post rsync tasks
+# which may include stopping nginx on the slaves while data is syncing.
 - name: Allow nginx user to stop/start nginx via sudo
  copy:
-    content: "nginx ALL=NOPASSWD: /etc/init.d/nginx start, /etc/init.d/nginx stop\n"
+    content: "nginx ALL=NOPASSWD: {{ repo_service_home_folder }}/repo/repo_prepost_cmd.sh\n"
    dest: /etc/sudoers.d/nginx

-# This is so that the master repo server can stop the git daemon on the slaves
-# while data is syncing.
- name: Allow nginx user to stop/start git-daemon via sudo
-  copy:
-    content: "nginx ALL=NOPASSWD: /etc/init.d/git-daemon start, /etc/init.d/git-daemon stop\n"
-    dest: /etc/sudoers.d/git-daemon
-
 - name: Drop rsyncd configuration file(s)
  copy:
    src: "rsync.defaults"
--- a/templates/acng.conf.j2
+++ b/templates/acng.conf.j2
@ -1,6 +1,6 @@
 # {{ ansible_managed }}

-CacheDir: {{ repo_service_home_folder }}/repo/pkg-cache
+CacheDir: {{ repo_pkg_cache_dir }}
 LogDir: /var/log/apt-cacher-ng
 Port: {{ repo_pkg_cache_port }}
 BindAddress: {{ repo_pkg_cache_bind }}
--- a/templates/git.service.j2
+++ b/templates/git.service.j2
@ -4,5 +4,5 @@ Documentation=man:git-daemon(1)

 [Service]
 User=nobody
-ExecStart=-{{ git_daemon_path }} --base-path={{ repo_service_home_folder }}/repo/openstackgit/ --export-all --user-path=public_git --syslog --inetd --verbose
+ExecStart=-{{ git_daemon_path }} --base-path={{ repo_git_cache_dir }}/ --export-all --user-path=public_git --syslog --inetd --verbose
 StandardInput=socket
--- a/templates/lsyncd.lua.j2
+++ b/templates/lsyncd.lua.j2
@ -593,14 +593,41 @@ sync {
    rsync,
    source = "{{ repo_service_home_folder }}/repo",
    target = "{{ hostvars[node]['ansible_host'] }}:{{ repo_service_home_folder }}/repo",
+    exclude = {"{{ repo_pkg_cache_dirname }}", "{{ repo_git_cache_dir }}"},
    rsync = {
        compress = true,
        acls = true,
        rsh = "/usr/bin/ssh -l {{ repo_service_user_name }} -i {{ repo_service_home_folder }}/.ssh/id_rsa -o StrictHostKeyChecking=no -o ServerAliveInterval=30 -o ServerAliveCountMax=5",
-        precmd = "sudo /etc/init.d/nginx stop; sudo /etc/init.d/git-daemon stop",
-        postcmd = "sudo /etc/init.d/nginx start; sudo /etc/init.d/git-daemon start"
+        precmd = "sudo {{ repo_service_home_folder }}/repo/repo_prepost_cmd.sh pre-www",
+        postcmd = "sudo {{ repo_service_home_folder }}/repo/repo_prepost_cmd.sh post-www"
    }
 }
-
+sync {
+    rsync,
+    source = "{{ repo_git_cache_dir }}",
+    target = "{{ hostvars[node]['ansible_host'] }}:{{ repo_git_cache_dir }}",
+    rsync = {
+        compress = true,
+        acls = true,
+        rsh = "/usr/bin/ssh -l {{ repo_service_user_name }} -i {{ repo_service_home_folder }}/.ssh/id_rsa -o StrictHostKeyChecking=no -o ServerAliveInterval=30 -o ServerAliveCountMax=5",
+        precmd = "sudo {{ repo_service_home_folder }}/repo/repo_prepost_cmd.sh pre-git",
+        postcmd = "sudo {{ repo_service_home_folder }}/repo/repo_prepost_cmd.sh post-git"
+    }
+}
+{% if repo_pkg_cache_enabled | bool %}
+sync {
+    rsync,
+    source = "{{ repo_pkg_cache_dir }}",
+    target = "{{ hostvars[node]['ansible_host'] }}:{{ repo_pkg_cache_dir }}",
+    delete = false,
+    rsync = {
+        compress = true,
+        acls = true,
+        rsh = "/usr/bin/ssh -l {{ repo_service_user_name }} -i {{ repo_service_home_folder }}/.ssh/id_rsa -o StrictHostKeyChecking=no -o ServerAliveInterval=30 -o ServerAliveCountMax=5",
+        precmd = "sudo {{ repo_service_home_folder }}/repo/repo_prepost_cmd.sh pre-pkg",
+        postcmd = "sudo {{ repo_service_home_folder }}/repo/repo_prepost_cmd.sh post-pkg"
+    }
+}
+{% endif %}
 {% endif %}
 {% endfor %}
--- a/templates/repo_prepost_cmd.sh.j2
+++ b/templates/repo_prepost_cmd.sh.j2
@ -0,0 +1,35 @@
+#!/bin/bash
+#  This script is called by lsyncd to perform 'pre' and 'post' rsync tasks.
+#
+PKG_CACHE={{ repo_pkg_cache_dir }}
+
+function chg_owner {
+  NEW_OWNER=$1
+  if [ -d $PKG_CACHE ]; then
+    chown -R $NEW_OWNER $PKG_CACHE
+  fi
+}
+
+CMD=$1
+case $CMD in
+pre-www)
+  systemctl stop nginx
+  ;;
+post-www)
+  systemctl start nginx
+  ;;
+pre-git)
+  systemctl stop git.socket
+  ;;
+post-git)
+  systemctl start git.socket
+  ;;
+pre-pkg)
+  chg_owner {{ repo_service_user_name }}
+  ;;
+post-pkg)
+  chg_owner {{ repo_pkg_cache_owner }}
+  ;;
+*)
+  echo "Unknown command."
+esac