mirror/infrastructure
1
1
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2025-01-18 08:06:16 +01:00
Code Issues
enable-gitlab-spamcheck
infrastructure/roles/flyspray/tasks/main.yml
Jelle van der Waa 12c76f0da7 flyspray: add removed packages script 
This script goes through all open bugs in the Arch Linux and Community
tracker and extracts the packagename from "[$pkgname]" and tries match
it to the list of packages in the repo. If there is no match the package
is assumed to be dropped from the repo and printed.

This script will give false positives, but not enough which requires
some extra filtering.
2023-02-21 20:20:33 +00:00

97 lines
3.3 KiB
YAML
Raw Permalink Blame History

- name: Run maintenance mode
include_role:
name: maintenance
vars:
service_name: "Bugtracker"
service_domain: "{{ flyspray_domain }}"
service_alternate_domains: []
service_nginx_conf: "{{ flyspray_nginx_conf }}"
when: maintenance is defined
- name: Install git
pacman: name=git state=present
- name: Make flyspray user
user: name="{{ flyspray_user }}" shell=/bin/false home="{{ flyspray_dir }}" createhome=no
register: user_created
- name: Fix home permissions
file: state=directory owner="{{ flyspray_user }}" group="{{ flyspray_user }}" path="{{ flyspray_dir }}" mode=0755
- name: Create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ flyspray_domain }}"]
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="{{ flyspray_nginx_conf }}" owner=root group=root mode=644
notify:
- Reload nginx
when: maintenance is not defined
tags: ['nginx']
- name: Install nginx migrated-tasks.map
copy: src=migrated-tasks.map dest=/etc/nginx/maps/ owner=root group=root mode=0644
- name: Make nginx log dir
file: path=/var/log/nginx/{{ flyspray_domain }} state=directory owner=root group=root mode=0755
- name: Create setup dir with write permissions
file: state=directory owner="{{ flyspray_user }}" group="{{ flyspray_user }}" path="{{ flyspray_dir }}/setup" mode=755
when: not user_created.changed
- name: Clone flyspray repo
git:
repo: https://gitlab.archlinux.org/archlinux/flyspray.git
version: "{{ flyspray_commit }}"
dest: "{{ flyspray_dir }}"
become: true
become_user: "{{ flyspray_user }}"
register: release
- name: Take away setup dir write permissions
file: state=directory owner="{{ flyspray_user }}" group="{{ flyspray_user }}" path="{{ flyspray_dir }}/setup" mode=000
- name: Configure flyspray
template: src=flyspray.conf.php.j2 dest=/srv/http/flyspray/flyspray.conf.php owner="{{ flyspray_user }}" group="{{ flyspray_user }}" mode=0660
register: config
no_log: true
- name: Create flyspray db
mysql_db: name="{{ flyspray_db }}" login_host="{{ flyspray_db_host }}" login_password="{{ vault_mariadb_users.root }}"
register: db_created
- name: Create flyspray db user
mysql_user: name={{ flyspray_db_user }} password={{ vault_flyspray_db_password }}
login_host="{{ flyspray_db_host }}" login_password="{{ vault_mariadb_users.root }}"
priv="{{ flyspray_db }}.*:ALL"
no_log: true
- name: Configure php-fpm
template:
src=php-fpm.conf.j2 dest="/etc/php7/php-fpm.d/{{ flyspray_user }}.conf"
owner=root group=root mode=0644
notify:
- Restart php-fpm7@flyspray
- name: Install fail2ban register ban filter
template: src=fail2ban.filter.j2 dest=/etc/fail2ban/filter.d/nginx-flyspray-register.local owner=root group=root mode=0644
notify:
- Restart fail2ban
tags:
- fail2ban
- name: Install fail2ban register ban jail
template: src=fail2ban.jail.j2 dest=/etc/fail2ban/jail.d/nginx-flyspray-register.local owner=root group=root mode=0644
notify:
- Restart fail2ban
tags:
- fail2ban
- name: Start and enable systemd socket
service: name=php-fpm7@flyspray.socket state=started enabled=true
- name: Copy removed package bugs script
copy: src=removed-packages-bugs.py dest=/usr/local/bin/removed-packages-bugs.py mode=0755 owner=root group=root
View Git Blame Copy Permalink