openstack/openstack-ansible-repo_server
Code Issues Proposed changes
openstack-ansible-repo_server/tasks/repo_post_install.yml
Jimmy McCrory c87a8c1d4c Remove fastcgi and related configuration 
In I62321a7b62dabca469eb072ddbf4e8f250ce0fb3, git daemon was added to
support hosting git repos from the repo server over the git protocol.
When the integrated build transitions to using it, fastcgi and all
related configuration can be removed.

Depends-On: I09bc504490d4b5114895f7f646fc8254748a7f41
Change-Id: I7ec8277d3883d1f8891de6ae2b0881fe026a34c8
2016-07-26 16:15:49 -07:00

133 lines
4.8 KiB
YAML
Raw Blame History

---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: create the system group
group:
name: "{{ repo_service_group_name }}"
state: "present"
system: "yes"
tags:
- pkg-repo-group
- name: Remove old key file(s) if found
file:
path: "{{ item }}"
state: "absent"
with_items:
- "{{ repo_service_home_folder }}/.ssh/authorized_keys"
- "{{ repo_service_home_folder }}/.ssh/id_rsa"
- "{{ repo_service_home_folder }}/.ssh/id_rsa.pub"
when: repo_recreate_keys | bool
tags:
- repo-key
- repo-key-create
- name: Create the nginx system user
user:
name: "{{ repo_service_user_name }}"
group: "{{ repo_service_group_name }}"
comment: "Nginx repo user"
shell: "/bin/bash"
system: "yes"
createhome: "yes"
home: "{{ repo_service_home_folder }}"
generate_ssh_key: "yes"
tags:
- pkg-repo-user
- repo-key
- repo-key-create
- name: File and directory setup
file:
path: "{{ item.path }}"
state: "{{ item.state }}"
owner: "{{ item.owner|default('root') }}"
group: "{{ item.group|default('root') }}"
mode: "{{ item.mode }}"
with_items:
- { path: "{{ repo_service_home_folder }}", state: "directory", owner: "{{ repo_service_user_name }}", group: "{{ repo_service_group_name }}", mode: "2755" }
- { path: "{{ repo_service_home_folder }}/.ssh", state: "directory", owner: "{{ repo_service_user_name }}", group: "{{ repo_service_group_name }}", mode: "2700" }
- { path: "{{ repo_service_home_folder }}/repo", state: "directory", owner: "{{ repo_service_user_name }}", group: "{{ repo_service_group_name }}", mode: "2755" }
- { path: "{{ repo_service_home_folder }}/repo/links", state: "directory", owner: "{{ repo_service_user_name }}", group: "{{ repo_service_group_name }}", mode: "2755" }
- { path: "{{ repo_service_home_folder }}/repo/os-releases", state: "directory", owner: "{{ repo_service_user_name }}", group: "{{ repo_service_group_name }}", mode: "2755" }
- { path: "{{ repo_service_home_folder }}/repo/os-releases/{{ openstack_release }}", state: "directory", owner: "{{ repo_service_user_name }}", group: "{{ repo_service_group_name }}", mode: "2755" }
- { path: "{{ repo_service_home_folder }}/repo/openstackgit", state: "directory", owner: "{{ repo_service_user_name }}", group: "{{ repo_service_group_name }}", mode: "2755" }
- { path: "{{ repo_service_home_folder }}/repo/pools", state: "directory", owner: "{{ repo_service_user_name }}", group: "{{ repo_service_group_name }}", mode: "2755" }
- { path: "/etc/lsyncd", state: "directory", mode: "0755" }
- { path: "/var/log/lsyncd", state: "directory", mode: "0755" }
- { path: "/etc/nginx/sites-enabled/default", state: "absent", mode: "0644" }
- { path: "/etc/nginx/sites-available", state: "directory", mode: "0644" }
- { path: "/etc/nginx/sites-enabled", state: "directory", mode: "0644" }
tags:
- pkg-repo-dirs
- name: Drop NGINX configuration files
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- { src: "nginx.conf.j2", dest: "/etc/nginx/nginx.conf" }
- { src: "rsyncd.conf.j2", dest: "/etc/rsyncd.conf" }
- { src: "openstack-slushee.vhost.j2", dest: "/etc/nginx/sites-available/openstack-slushee.vhost" }
notify:
- reload nginx
tags:
- pkg-repo-nginx
- pkg-repo-config
- name: Enable openstack-slushee site
file:
src: "/etc/nginx/sites-available/openstack-slushee.vhost"
dest: "/etc/nginx/sites-enabled/openstack-slushee.vhost"
state: "link"
notify:
- reload nginx
tags:
- pkg-repo-nginx
- pkg-repo-config
- name: Place git daemon upstart init script
template:
src: "git-daemon-upstart-init.j2"
dest: "/etc/init/git-daemon.conf"
mode: "0644"
owner: "root"
group: "root"
when:
- pid1_name == "init"
- ansible_distribution == "Ubuntu"
notify:
- Init reload
- reload git-daemon
tags:
- git-daemon-init
- name: Place git daemon upstart init script
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "0644"
owner: "root"
group: "root"
with_items:
- { src: "git.service.j2", dest: "/lib/systemd/system/git@.service" }
- { src: "git.socket.j2", dest: "/lib/systemd/system/git.socket" }
when:
- pid1_name == "systemd"
notify:
- reload git socket
tags:
- git-daemon-init
View Git Blame Copy Permalink