65 lines
1.5 KiB
YAML
65 lines
1.5 KiB
YAML
- name: ensure packages are installed
|
|
package:
|
|
name={{ koji_web_packages|join(',') }}
|
|
state=present
|
|
tags:
|
|
- install
|
|
notify: restart httpd
|
|
- meta: flush_handlers
|
|
|
|
- name: ensure koji group exists
|
|
group:
|
|
name=koji
|
|
gid={{ koji_gid }}
|
|
state=present
|
|
- name: ensure koji user exists
|
|
user:
|
|
name=koji
|
|
home={{ koji_home }}
|
|
createhome=no
|
|
group=koji
|
|
uid={{ koji_uid }}
|
|
state=present
|
|
|
|
- name: ensure koji web certificate is installed
|
|
copy:
|
|
src={{ item }}
|
|
dest=/etc/kojiweb/{{ item|basename }}
|
|
mode=0440
|
|
owner=root
|
|
group=koji
|
|
with_fileglob:
|
|
- certs/koji/{{ inventory_hostname }}/kojiweb.pem
|
|
- name: ensure koji web ca certificates are installed
|
|
copy:
|
|
src={{ item }}
|
|
dest=/etc/kojiweb/{{ item|basename }}
|
|
mode=0644
|
|
with_fileglob:
|
|
- certs/koji/{{ inventory_hostname }}/*.crt
|
|
- name: ensure koji hub server ca certificate is trusted
|
|
copy:
|
|
src={{ item }}
|
|
dest=/etc/pki/ca-trust/source/anchors/koji-hub.crt
|
|
mode=0644
|
|
with_fileglob:
|
|
- certs/koji/{{ inventory_hostname }}/kojihubca.crt
|
|
notify: update ca trust
|
|
- name: ensure koji web is configured
|
|
template:
|
|
src=web.conf.j2
|
|
dest=/etc/kojiweb/web.conf
|
|
mode=0644
|
|
notify: reload httpd
|
|
|
|
- name: ensure apache is configured to serve koji web
|
|
template:
|
|
src=kojiweb.httpd.conf.j2
|
|
dest=/etc/httpd/conf.d/kojiweb.conf
|
|
notify: reload httpd
|
|
- name: ensure apache is allowed to make network connections
|
|
seboolean:
|
|
name=httpd_can_network_connect
|
|
persistent=yes
|
|
state=yes
|