101 lines
3.1 KiB
YAML
101 lines
3.1 KiB
YAML
---
|
|
- name: Ensure legacy workspace directory
|
|
file:
|
|
path: '{{ workspace }}'
|
|
state: directory
|
|
|
|
- name: Setup docker registry
|
|
when:
|
|
- ansible_distribution|lower != 'redhat'
|
|
- ansible_distribution_major_version is version('8', '<')
|
|
block:
|
|
- name: Set registry_deploy to true only when needed
|
|
set_fact:
|
|
registry_deploy: true
|
|
when:
|
|
- push_containers is defined and push_containers | bool
|
|
- "'127.0.0.1' in push_registry or push_registry.split(':')[0] in ansible_all_ipv4_addresses"
|
|
|
|
- name: Configure docker registry
|
|
include_role:
|
|
name: ansible-role-container-registry
|
|
vars:
|
|
container_registry_docker_options: "--log-driver=journald --signature-verification=false --iptables=true --live-restore"
|
|
container_registry_port: "{{ push_registry_port | default('8787') }}"
|
|
container_registry_deploy_docker_distribution: "{{ registry_deploy | default(false) }}"
|
|
container_registry_deployment_user: "{{ ansible_user }}"
|
|
|
|
- include_tasks: reset_connection.yaml
|
|
when: not use_buildah | default(false) | bool
|
|
|
|
- name: Prepare Buildah
|
|
become: true
|
|
when: use_buildah | default(false) | bool
|
|
block:
|
|
- name: Install Buildah
|
|
package:
|
|
name: buildah
|
|
state: present
|
|
|
|
- name: Configure insecure registry
|
|
ini_file:
|
|
path: /etc/containers/registries.conf
|
|
section: 'registries.insecure'
|
|
option: registries
|
|
value:
|
|
- "localhost:{{ push_registry_port }}"
|
|
|
|
- name: Setup repo web service
|
|
become: true
|
|
when: ansible_distribution|lower != 'redhat'
|
|
block:
|
|
- name: Install apache
|
|
package:
|
|
name: httpd
|
|
state: present
|
|
|
|
- name: Start apache
|
|
service:
|
|
name: httpd
|
|
state: started
|
|
|
|
- name: Fetch delorean repos if present
|
|
shell: |
|
|
set -ex
|
|
find /etc/yum.repos.d/ -name delorean\* | xargs -I {} cp {} /var/www/html/
|
|
|
|
- name: Add http iptables rules from containers
|
|
command: iptables -I openstack-INPUT 1 -p tcp --dport 80 -s 172.17.0.0/16 -j ACCEPT
|
|
become: true
|
|
|
|
- name: Setup tripleo registry
|
|
when:
|
|
- ansible_distribution|lower != 'redhat'
|
|
- ansible_distribution_major_version is version('8', '>=')
|
|
- use_buildah | default(false) | bool
|
|
block:
|
|
- name: Enable ports for httpd
|
|
seport:
|
|
ports:
|
|
- '80'
|
|
- "{{ push_registry_port | string }}"
|
|
proto: tcp
|
|
setype: http_port_t
|
|
state: present
|
|
- name: Setup Listen on default port for serving repo files
|
|
copy:
|
|
dest: /etc/httpd/conf.d/repos.conf
|
|
content: "Listen 80"
|
|
- name: set tripleo image serve role name for train
|
|
set_fact:
|
|
tripleo_image_serve_role: tripleo-image-serve
|
|
when:
|
|
(release is defined and release == 'train')
|
|
or (branch_override is defined and branch_override == 'stable/train')
|
|
- name: Configure tripleo registry
|
|
include_role:
|
|
name: "{{ tripleo_image_serve_role | default('tripleo_image_serve') }}"
|
|
vars:
|
|
tripleo_container_registry_port: "{{ push_registry_port | default('8787') }}"
|
|
become: true
|