mirror/infrastructure
1
1
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2025-01-18 08:06:16 +01:00
Code Issues
promote-ptr1337-to-package-maintainer
infrastructure/roles/archbuild/tasks/main.yml
Levente Polyak 2ea71a5880
archbuild: fix srcdest perms, group renamed to junior-packager 
We are hitting a lot of permission problems lately for sources that are
co maintained. The culprint were wrong facl permissions that have not
been adjusted since we renamed TU to Packager.
Reflect this change by fixing the groups in the archbuild tasks to use
junior-dev and junior-packager.
2024-12-07 19:39:52 +01:00

139 lines
3.7 KiB
YAML
Raw Permalink Blame History

- name: Install archbuild
pacman:
name:
- base-devel
- devtools
- zsh
- git
- subversion
- mercurial
- bzr
- ruby
- tig
- colordiff
- pkgdiff
- elinks
- appstream-generator
state: present
- name: Install archbuild scripts
copy: src={{ item }} dest=/usr/local/bin/{{ item }} owner=root group=root mode=0755
with_items:
- mkpkg
- pkgdiffrepo
- clean-chroots
- clean-dests
- clean-offload-build
- gitpkg
- name: Install archbuild config files
copy: src={{ item }} dest=/usr/local/share/{{ item }} owner=root group=root mode=0644
with_items:
- elinks-pkgdiffrepo.conf
- name: Install archbuild units
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
with_items:
- clean-chroots.timer
- clean-chroots.service
- clean-dests.timer
- clean-dests.service
- clean-offload-build.timer
- clean-offload-build.service
- var-lib-archbuilddest.mount
- strictatime@.service
notify:
- Daemon reload
- name: Install archbuild unit
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
with_items:
- var-lib-archbuild.mount
notify:
- Daemon reload
- name: Install archbuild user units
copy: src={{ item }} dest=/etc/systemd/user/{{ item }} owner=root group=root mode=0644
with_items:
- mkpkg@.timer
- mkpkg@.service
- name: Create drop-in directories for devtools
file: path=/etc/systemd/system/{{ item }}.d state=directory owner=root group=root mode=0755
with_items:
- arch-nspawn-.scope
- devtools.slice
- user-.slice
- name: Install drop-in snippets for devtools
copy: src=devtools-override_{{ item }}.conf dest=/etc/systemd/system/{{ item }}.d/override.conf owner=root group=root mode=0644
with_items:
- arch-nspawn-.scope
- devtools.slice
- user-.slice
notify:
- Daemon reload
- name: Start and enable archbuild mounts
service: name={{ item }} enabled={{ "yes" if archbuild_fs == 'tmpfs' else "no" }} state={{ "started" if archbuild_fs == 'tmpfs' else "stopped" }}
with_items:
- var-lib-archbuild.mount
- name: Start and enable archbuilddest mount
service: name={{ item }} enabled=yes state=started
with_items:
- var-lib-archbuilddest.mount
- name: Create archbuilddest
file:
state: directory
path: '/var/lib/{{ "/".join(item) }}'
owner: root
group: root
mode: '0777'
with_nested:
- [archbuilddest]
- [srcdest]
- name: Set acl on archbuilddest
acl:
name: '/var/lib/archbuilddest/{{ item[0] }}'
state: present
entry: '{{ item[1] }}'
with_nested:
- [srcdest]
- ['user::rwx',
'group::rwx',
'group:junior-dev:rwx',
'group:junior-packager:rwx',
'other::rwx',
'mask::rwx',
'default:user::rwx',
'default:group::r-x',
'default:group:junior-dev:rwx',
'default:group:junior-packager:rwx',
'default:other::r-x',
'default:mask::rwx']
- name: Start and enable archbuild units
service: name={{ item }} enabled=yes state=started
with_items:
- clean-chroots.timer
- clean-dests.timer
- clean-offload-build.timer
- name: Override makepkg.conf variables
lineinfile:
path: /etc/makepkg.conf
regexp: '^#?{{ item.name | regex_escape }}='
line: '{{ item.name }}={{ item.value }}'
loop:
- { name: MAKEFLAGS, value: '"-j$(nproc)"' }
- { name: SRCDEST, value: /var/lib/archbuilddest/srcdest }
- name: Install archbuild sudoers config
copy: src=sudoers dest=/etc/sudoers.d/archbuild owner=root group=root mode=0440 validate='visudo -cf %s'
- name: Install gitconfig
copy: src=gitconfig dest=/etc/gitconfig owner=root group=root mode=0644
View Git Blame Copy Permalink