mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-05-05 14:06:04 +02:00
4112bdf9fd
yaml: truthy value should be one of [false, true] (truthy) yaml: wrong indentation: expected 4 but found 2 (indentation) yaml: too few spaces before comment (comments) yaml: missing starting space in comment (comments) yaml: too many blank lines (1 > 0) (empty-lines) yaml: too many spaces after colon (colons) yaml: comment not indented like content (comments-indentation) yaml: no new line character at the end of file (new-line-at-end-of-file) load-failure: Failed to load or parse file parser-error: couldn't resolve module/action 'hosts'. This often indicates a misspelling, missing collection, or incorrect module path.
285 lines
8.1 KiB
YAML
285 lines
8.1 KiB
YAML
---
|
|
- name: install required packages
|
|
pacman:
|
|
state: present
|
|
name:
|
|
- asciidoc
|
|
- highlight
|
|
- make
|
|
- php-memcached
|
|
- pyalpm
|
|
- python-alembic
|
|
- python-bleach
|
|
- python-markdown
|
|
- python-mysql-connector
|
|
- python-pygit2
|
|
- python-srcinfo
|
|
- sudo
|
|
- uwsgi-plugin-cgi
|
|
|
|
- name: install the cgit package
|
|
pacman:
|
|
state: present
|
|
name:
|
|
- cgit-aurweb
|
|
register: cgit
|
|
|
|
- name: install the git package
|
|
pacman:
|
|
state: present
|
|
name:
|
|
- git
|
|
register: git
|
|
|
|
- name: make aur user
|
|
user: name="{{ aurweb_user }}" shell=/bin/bash createhome=yes
|
|
|
|
- name: Create directory
|
|
file: path={{ aurweb_dir }} state=directory owner={{ aurweb_user }} group=http mode=0775
|
|
|
|
- name: clone aurweb repo
|
|
git: >
|
|
repo={{ aurweb_repository }}
|
|
dest="{{ aurweb_dir }}"
|
|
version={{ aurweb_version }}
|
|
become: true
|
|
become_user: "{{ aurweb_user }}"
|
|
register: release
|
|
|
|
- name: clone Trusted User documentation repo
|
|
git: >
|
|
repo={{ tubylaws_repository }}
|
|
dest="{{ aurweb_dir }}/tu-bylaws"
|
|
version={{ tubylaws_version }}
|
|
become: true
|
|
become_user: "{{ aurweb_user }}"
|
|
register: tubylaws_release
|
|
|
|
- name: create necessary directories
|
|
file: path={{ aurweb_dir }}/{{ item }} state=directory owner={{ aurweb_user }} group={{ aurweb_user }} mode=0755
|
|
with_items:
|
|
- 'aurblup'
|
|
- 'sessions'
|
|
- 'uploads'
|
|
- 'web/html/trusted-user'
|
|
|
|
- name: create aurweb conf dir
|
|
file: path={{ aurweb_conf_dir }} state=directory owner=root group=root mode=0755
|
|
|
|
- name: copy aurweb configuration file
|
|
copy: src={{ aurweb_dir }}/conf/config.defaults dest={{ aurweb_conf_dir }}/config.defaults remote_src=yes owner=root group=root mode=0644
|
|
|
|
# Note: initdb needs the config
|
|
- name: install custom aurweb configuration
|
|
template: src=config.j2 dest={{ aurweb_conf_dir }}/config owner=root group=root mode=0644
|
|
|
|
- name: create aur db
|
|
mysql_db: name="{{ aurweb_db }}" login_host="{{ aurweb_db_host }}" login_password="{{ vault_mariadb_users.root }}" encoding=utf8
|
|
register: db_created
|
|
no_log: true
|
|
|
|
- name: create aur db user
|
|
mysql_user: name={{ aurweb_db_user }} password={{ vault_aurweb_db_password }}
|
|
login_host="{{ aurweb_db_host }}" login_password="{{ vault_mariadb_users.root }}"
|
|
priv="{{ aurweb_db }}.*:ALL"
|
|
no_log: true
|
|
|
|
- name: initialize the database
|
|
command: python -m aurweb.initdb
|
|
args:
|
|
chdir: "{{ aurweb_dir }}"
|
|
become: true
|
|
become_user: "{{ aurweb_user }}"
|
|
when: db_created.changed
|
|
|
|
- name: run migrations
|
|
command: alembic upgrade head
|
|
args:
|
|
chdir: "{{ aurweb_dir }}"
|
|
environment:
|
|
- PYTHONPATH: .
|
|
become: true
|
|
become_user: "{{ aurweb_user }}"
|
|
when: release.changed or db_created.changed
|
|
|
|
- name: Check python module availability
|
|
command: "python3 -c 'import aurweb'"
|
|
ignore_errors: true
|
|
register: aurweb_installed
|
|
tags:
|
|
- skip_ansible_lint
|
|
|
|
- name: Install python module
|
|
command: "python3 setup.py install --install-scripts=/usr/local/bin"
|
|
args:
|
|
chdir: "{{ aurweb_dir }}"
|
|
when: release.changed or aurweb_installed.rc != 0
|
|
|
|
- name: Generate HTML documentation
|
|
make:
|
|
chdir: "{{ aurweb_dir }}/doc"
|
|
become: true
|
|
become_user: "{{ aurweb_user }}"
|
|
|
|
- name: Generate Translations
|
|
make:
|
|
chdir: "{{ aurweb_dir }}/po"
|
|
target: "install"
|
|
become: true
|
|
become_user: "{{ aurweb_user }}"
|
|
|
|
- name: Generate Trusted User documentation
|
|
make:
|
|
chdir: "{{ aurweb_dir }}/tu-bylaws"
|
|
become: true
|
|
become_user: "{{ aurweb_user }}"
|
|
when: tubylaws_release.changed
|
|
|
|
- name: Install Trusted User documentation
|
|
copy: src={{ aurweb_dir }}/tu-bylaws/tu-bylaws.html dest={{ aurweb_dir }}/web/html/trusted-user/tu-bylaws.html remote_src=yes owner={{ aurweb_user }} group=http mode=0644
|
|
when: tubylaws_release.changed
|
|
|
|
- name: Install Trusted User documentation symlink
|
|
file: src=tu-bylaws.html dest={{ aurweb_dir }}/web/html/trusted-user/TUbylaws.html state=link owner={{ aurweb_user }} group=http mode=0644
|
|
when: tubylaws_release.changed
|
|
|
|
- name: set up nginx
|
|
template: src=nginx.d.conf.j2 dest={{ aurweb_nginx_conf }} owner=root group=root mode=644
|
|
notify: reload nginx
|
|
tags: ['nginx']
|
|
|
|
- name: make nginx log dir
|
|
file: path=/var/log/nginx/{{ aurweb_domain }} state=directory owner=root group=root mode=0755
|
|
|
|
- name: configure php-fpm
|
|
template:
|
|
src=php-fpm.conf.j2 dest="/etc/php/php-fpm.d/{{ aurweb_user }}.conf"
|
|
owner=root group=root mode=0644
|
|
notify:
|
|
- restart php-fpm@{{ aurweb_user }}
|
|
|
|
- name: start and enable systemd socket
|
|
service: name=php-fpm@{{ aurweb_user }}.socket state=started enabled=true
|
|
|
|
- name: install cgit configuration
|
|
template: src=cgitrc.j2 dest="{{ aurweb_conf_dir }}/cgitrc" owner=root group=root mode=0644
|
|
|
|
- name: configure cgit uwsgi service
|
|
template: src=cgit.ini.j2 dest=/etc/uwsgi/vassals/cgit.ini owner={{ aurweb_user }} group=http mode=0644
|
|
|
|
- name: deploy new cgit release
|
|
become: true
|
|
become_user: "{{ aurweb_user }}"
|
|
file: path=/etc/uwsgi/vassals/cgit.ini state=touch owner=root group=root mode=0644
|
|
when: cgit.changed
|
|
|
|
- name: configure smartgit uwsgi service
|
|
template: src=smartgit.ini.j2 dest=/etc/uwsgi/vassals/smartgit.ini owner={{ aurweb_user }} group=http mode=0644
|
|
|
|
- name: deploy new smartgit release
|
|
become: true
|
|
become_user: "{{ aurweb_user }}"
|
|
file:
|
|
path: /etc/uwsgi/vassals/smartgit.ini
|
|
state: touch
|
|
owner: "{{ aurweb_user }}"
|
|
group: http
|
|
mode: 0644
|
|
when: git.changed
|
|
|
|
- name: create git repo dir
|
|
file: path={{ aurweb_git_dir }} state=directory owner={{ aurweb_user }} group=http mode=0775
|
|
|
|
- name: init git directory
|
|
command: git init --bare {{ aurweb_git_dir }}
|
|
args:
|
|
creates: "{{ aurweb_git_dir }}/HEAD"
|
|
become: true
|
|
become_user: "{{ aurweb_user }}"
|
|
tags:
|
|
- skip_ansible_lint
|
|
|
|
- name: save hideRefs setting on var
|
|
command: git config --local --get-all transfer.hideRefs
|
|
register: git_config
|
|
args:
|
|
chdir: "{{ aurweb_git_dir }}"
|
|
failed_when: git_config.rc == 2 # FIXME: does not work.
|
|
tags:
|
|
- skip_ansible_lint
|
|
|
|
- name: configure git tranfser.hideRefs
|
|
command: git config --local transfer.hideRefs '^refs/'
|
|
args:
|
|
chdir: "{{ aurweb_git_dir }}"
|
|
become: true
|
|
become_user: "{{ aurweb_user }}"
|
|
when: git_config.stdout.find('^refs/') == -1
|
|
tags:
|
|
- skip_ansible_lint
|
|
|
|
- name: configure git transfer.hideRefs second
|
|
command: git config --local --add transfer.hideRefs '!refs/'
|
|
args:
|
|
chdir: "{{ aurweb_git_dir }}"
|
|
become: true
|
|
become_user: "{{ aurweb_user }}"
|
|
when: git_config.stdout.find('!refs/') == -1
|
|
tags:
|
|
- skip_ansible_lint
|
|
|
|
- name: configure git transfer.hideRefs third
|
|
command: git config --local --add transfer.hideRefs '!HEAD'
|
|
args:
|
|
chdir: "{{ aurweb_git_dir }}"
|
|
become: true
|
|
become_user: "{{ aurweb_user }}"
|
|
when: git_config.stdout.find('!HEAD') == -1
|
|
tags:
|
|
- skip_ansible_lint
|
|
|
|
- name: create symlink for git hook
|
|
file:
|
|
src: "{{ aurweb_git_hook }}"
|
|
dest: "{{ aurweb_git_dir }}/hooks/update"
|
|
owner: root
|
|
group: root
|
|
mode: 0755
|
|
state: link
|
|
|
|
- name: install AUR systemd service and timers
|
|
template: src={{ item }}.j2 dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
|
|
with_items:
|
|
- aurweb-git.service
|
|
- aurweb-git.timer
|
|
- aurweb-aurblup.service
|
|
- aurweb-aurblup.timer
|
|
- aurweb-memcached.service
|
|
- aurweb-mkpkglists.service
|
|
- aurweb-mkpkglists.timer
|
|
- aurweb-pkgmaint.service
|
|
- aurweb-pkgmaint.timer
|
|
- aurweb-popupdate.service
|
|
- aurweb-popupdate.timer
|
|
- aurweb-tuvotereminder.service
|
|
- aurweb-tuvotereminder.timer
|
|
- aurweb-usermaint.service
|
|
- aurweb-usermaint.timer
|
|
|
|
- name: start and enable AUR systemd services and timers
|
|
service: name={{ item }} enabled=yes state=started
|
|
with_items:
|
|
- aurweb-git.timer
|
|
- aurweb-aurblup.timer
|
|
- aurweb-memcached.service
|
|
- aurweb-mkpkglists.timer
|
|
- aurweb-pkgmaint.timer
|
|
- aurweb-popupdate.timer
|
|
- aurweb-tuvotereminder.timer
|
|
- aurweb-usermaint.timer
|
|
|
|
- name: configure sshd
|
|
template: src=aurweb_config.j2 dest={{ sshd_includes_dir }}/aurweb_config owner=root group=root mode=0600 validate='/usr/sbin/sshd -t -f %s'
|
|
notify:
|
|
- restart sshd
|