dustin/configpolicy
1
1
Fork 0
Code Issues Releases Activity

roles/koji-hub: Deploy the Koji Hub

Browse Source 
The *koji-hub* role installs and configures the Koji Hub. It requires
Apache and mod_wsgi. Management of client certificates must be done
externally.
This commit is contained in:
Dustin
2018-08-12 09:33:08 -05:00
parent 943cdddc23
commit 760d3f4aec
7 changed files with 285 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

82
roles/koji-hub/tasks/main.yml Normal file
View File

@@ -0,0 +1,82 @@
- name: load distribution-specific values
include_vars: '{{ item }}'
with_first_found:
- '{{ ansible_distribution }}.yml'
- defaults.yml
tags:
- always
- name: ensure packages are installed
package:
name={{ koji_hub_packages|join(',') }}
state=present
tags:
- install
notify: restart httpd
- meta: flush_handlers
- name: ensure koji group exists
group:
name=koji
gid={{ koji_gid }}
state=present
- name: ensure koji user exists
user:
name=koji
home={{ koji_home }}
createhome=no
group=koji
uid={{ koji_uid }}
state=present
- name: ensure koji db user exists
become: true
become_user: postgres
postgresql_user:
name={{ koji_db_user }}
state=present
- name: ensure koji db exists
become: true
become_user: postgres
postgresql_db:
name={{ koji_db_name }}
owner={{ koji_db_user }}
state=present
notify:
- load koji db schema
- create koji admin user
- name: ensure koji filesystem layout is set up
file:
path={{ koji_home }}/{{ item }}
owner=koji
group=koji
setype=public_content_rw_t
state=directory
with_items:
- packages
- repos
- repos-dist
- scratch
- work
- name: ensure koji hub is configured
template:
src=hub.conf.j2
dest=/etc/koji-hub/hub.conf
mode=0644
notify: reload httpd
- name: ensure apache is configured to serve koji hub
template:
src=kojihub.httpd.conf.j2
dest=/etc/httpd/conf.d/kojihub.conf
notify: reload httpd
- name: ensure selinux is configured for koji hub
seboolean:
name={{ item }}
persistent=yes
state=yes
with_items:
- httpd_can_network_connect_db
- httpd_anon_write