diff --git a/books/main_servers.yml b/books/main_servers.yml index 89f3b39..c02d743 100644 --- a/books/main_servers.yml +++ b/books/main_servers.yml @@ -1,261 +1,262 @@ --- - name: Get local commit hosts: 127.0.0.1 tags: always connection: local gather_facts: false tasks: - shell: "git show-ref -s --head HEAD | head -n 1" register: commit tags: [ 'always' ] - name: Configure Jump Server hosts: lbs tags: conf-lbs vars_files: - "{{ var }}" vars: nagios_nrpe_server_allowed_hosts: "{{ groups['monit'][0] }},127.0.0.1" user: centos sudo: yes roles: - role: ../roles/common tags: [ 'common' ] - role: ../roles/swap/roles/swap tags: [ 'common' ] - role: ../roles/ganglia-gmond tags: [ 'common' ] - role: ../roles/nrpe tags: [ 'common', 'conf-monit' ] - role: ../roles/postfix postfix_mynetworks: [ "{{ ip_range }}" ] enable_postfix_relayhost: false - role: ../roles/letsencrypt when: env != "test" - role: ../roles/haproxy - role: ../roles/jump tasks: - shell: "echo {{ hostvars['127.0.0.1']['commit']['stdout'] }} > /{{ project_name }}_version" handlers: - include: ../handlers/main.yml #- name: Configure keepalived for jump # hosts: c4science-jump00 # roles: # - role: ../rolesepalived # keepalived_shared_ip: "{{ external_ip }}" # keepalived_role: ../rolesaster" #- name: Configure keepalived for jump2 # hosts: c4science-jump01 # roles: # - role: ../rolesepalived # keepalived_shared_ip: "{{ external_ip }}" # keepalived_role: ../roleslave" # tasks: # - shell: "echo {{ hostvars['127.0.0.1']['commit']['stdout'] }} > /{{ project_name }}_version" - name: Configure Monitoring Server hosts: monit tags: conf-monit vars_files: - "{{ var }}" vars: nagios_nrpe_server_allowed_hosts: "{{ groups['monit'][0] }},127.0.0.1" user: centos sudo: yes roles: - role: ../roles/common tags: [ 'common' ] - role: ../roles/swap/roles/swap tags: [ 'common' ] - role: ../roles/nrpe tags: [ 'common', 'conf-monit' ] - role: ../roles/postfix tags: [ 'common' ] - role: ../roles/logcheck - role: ../roles/rsyslog - { role: ../roles/apache, apache_config: placeholder.conf } - role: ../roles/nagios - role: ../roles/ganglia-gmond tags: [ 'common' ] - role: ../roles/ganglia-gmetad tasks: - include: ../roles/galera/tasks/install.yml yum_repo: ../roles/galera/files/yum.repo - service: name=mysql enabled=false state=stopped - shell: "echo {{ hostvars['127.0.0.1']['commit']['stdout'] }} > /{{ project_name }}_version" handlers: - include: ../handlers/main.yml - name: Configure Databases hosts: dbs tags: conf-dbs vars_files: - "{{ var }}" vars: nagios_nrpe_server_allowed_hosts: "{{ groups['monit'][0] }},127.0.0.1" user: centos sudo: yes roles: - role: ../roles/common tags: [ 'common' ] - role: ../roles/swap/roles/swap tags: [ 'common' ] - role: ../roles/nrpe tags: [ 'common', 'conf-monit' ] - role: ../roles/postfix tags: [ 'common' ] - role: ../roles/ganglia-gmond tags: [ 'common' ] - role: ../roles/galera tasks: - shell: "echo {{ hostvars['127.0.0.1']['commit']['stdout'] }} > /{{ project_name }}_version" handlers: - include: ../handlers/main.yml - name: Configure App hosts: app tags: conf-app vars_files: - "{{ var }}" vars: nagios_nrpe_server_allowed_hosts: "{{ groups['monit'][0] }},127.0.0.1" user: centos sudo: yes roles: - role: ../roles/common tags: [ 'common' ] - role: ../roles/swap/roles/swap tags: [ 'common' ] - role: ../roles/nrpe tags: [ 'common', 'conf-monit' ] - role: ../roles/postfix tags: [ 'common' ] - role: ../roles/ganglia-gmond tags: [ 'common' ] - { role: ../roles/apache, apache_config: phabricator.conf } - role: ../roles/glusterfs tags: ['gluster'] - role: ../roles/phabricator - role: ../roles/shibboleth tasks: - shell: "echo {{ hostvars['127.0.0.1']['commit']['stdout'] }} > /{{ project_name }}_version" handlers: - include: ../handlers/main.yml - name: Configure Filesystem for repositories hosts: fs tags: conf-fs vars_files: - "{{ var }}" vars: nagios_nrpe_server_allowed_hosts: "{{ groups['monit'][0] }},127.0.0.1" user: centos sudo: yes roles: - role: ../roles/common tags: [ 'common' ] - role: ../roles/swap/roles/swap tags: [ 'common' ] - role: ../roles/nrpe tags: [ 'common', 'conf-monit' ] - role: ../roles/postfix tags: [ 'common' ] - role: ../roles/ganglia-gmond tags: [ 'common' ] - role: ../roles/glusterfs tags: ['gluster'] - role: ../roles/fs tags: ['gluster'] tasks: - shell: "echo {{ hostvars['127.0.0.1']['commit']['stdout'] }} > /{{ project_name }}_version" handlers: - include: ../handlers/main.yml - name: Configure App Daemons hosts: phd tags: conf-phd vars_files: - "{{ var }}" vars: nagios_nrpe_server_allowed_hosts: "{{ groups['monit'][0] }},127.0.0.1" user: centos sudo: yes roles: - role: ../roles/common tags: [ 'common' ] - role: ../roles/swap/roles/swap tags: [ 'common' ] - role: ../roles/nrpe tags: [ 'common', 'conf-monit' ] - role: ../roles/postfix tags: [ 'common' ] - role: ../roles/ganglia-gmond tags: [ 'common' ] - role: ../roles/glusterfs tags: ['gluster'] tasks: - include: ../roles/phabricator/tasks/packages.yml - include: ../roles/phabricator/tasks/users.yml - include: ../roles/phabricator/tasks/glusterfs.yml - include: ../roles/phabricator/tasks/install.yml myconfig=../roles/phabricator/templates/myconfig.conf.php + #- include: ../roles/phabricator/tasks/customize.yml #might be needed sometime - include: ../roles/phabricator/tasks/daemons.yml phd_init: ../roles/phabricator/templates/phd_init - shell: "echo {{ hostvars['127.0.0.1']['commit']['stdout'] }} > /{{ project_name }}_version" handlers: - include: ../handlers/main.yml - name: Configure Jenkins master hosts: ci vars_files: - "{{ var }}" vars: nagios_nrpe_server_allowed_hosts: "{{ groups['monit'][0] }},127.0.0.1" user: centos sudo: yes roles: - role: ../roles/common tags: [ 'common' ] - role: ../roles/swap/roles/swap tags: [ 'common' ] - role: ../roles/nrpe tags: [ 'common', 'conf-monit' ] - role: ../roles/postfix tags: [ 'common' ] - role: ../roles/ganglia-gmond tags: [ 'common' ] - role: ../roles/jenkins plugins: - 'preSCMbuildstep' - 'git' - 'build-token-root' - 'phabricator-plugin' - 'docker-plugin' - 'build-monitor-plugin' - 'job-restrictions' - 'project-stats-plugin' - 'cluster-stats' - 'embeddable-build-status' - 'build-token-root' - 'ownership' - 'jobgenerator' prefix: '/build' email: smtp_host: 'localhost' smtp_ssl: 'false' default_email_suffix: "@{{ domain }}" - role: ../roles/ci tags: [ 'jenkins' ] tasks: - shell: "echo {{ hostvars['127.0.0.1']['commit']['stdout'] }} > /{{ project_name }}_version" #- name: Configure Jenkins slave # hosts: ci-slave # tags: conf-ci-slave # vars_files: # - "{{ var }}" # user: core # sudo: yes # roles: # - role: ../rolescker diff --git a/roles/phabricator/tasks/install.yml b/roles/phabricator/tasks/install.yml index b9954b6..74848fd 100644 --- a/roles/phabricator/tasks/install.yml +++ b/roles/phabricator/tasks/install.yml @@ -1,75 +1,77 @@ --- ## Install Phabricator # Source: https://github.com/relrod/phabricator-ansible - name: Create log directory file: state=directory path=/var/log/phabricator owner="{{ phd_user }}" group="{{ phd_user }}" - name: Create directory file: state=directory path=/srv/www owner="{{ phd_user }}" - name: Create tmp directory file: state=directory path=/var/tmp/phd/ owner="{{ phd_user }}" - name: Clone phacility/libphutil git: repo: https://github.com/phacility/libphutil dest: "{{ phabricator_path }}libphutil" version: stable update: false sudo_user: "{{ phd_user }}" - name: Clone phacility/arcanist git: repo: https://github.com/phacility/arcanist.git dest: "{{ phabricator_path }}arcanist" version: stable update: false sudo_user: "{{ phd_user }}" - name: Create symlink for arc file: path: /usr/local/bin/arc src: "{{ phabricator_path }}arcanist/bin/arc" state: link - name: Clone phacility/phabricator git: repo: https://github.com/phacility/phabricator.git dest: "{{ phabricator_path }}phabricator" version: stable update: false sudo_user: "{{ phd_user }}" - name: Remove local configuration if present file: path="{{ phabricator_path }}phabricator/conf/local/local.json" state=absent - name: Create a conf/custom directory. file: state=directory path={{ phabricator_path }}phabricator/conf/custom sudo_user: "{{ phd_user }}" - name: Place a starting-point custom config in {{ phabricator_path }}phabricator/conf/custom/myconfig.conf.php template: src: "{{ myconfig }}" dest: "{{ phabricator_path }}phabricator/conf/custom/myconfig.conf.php" mode: 0644 owner: root group: "{{ phd_user }}" notify: reload apache - name: Include the config shell: echo 'custom/myconfig' > {{ phabricator_path }}phabricator/conf/local/ENVIRONMENT args: creates: "{{ phabricator_path }}phabricator/conf/local/ENVIRONMENT" sudo_user: "{{ phd_user }}" - name: Migrate the database command: chdir={{ phabricator_path }}phabricator ./bin/storage upgrade --force sudo_user: "{{ phd_user }}" run_once: yes + when: "'app' in group_names" - name: Email with postfix lineinfile: dest: /etc/aliases line: "{{ phd_user }}: |{{ phabricator_path }}phabricator/scripts/mail/mail_handler.php" + when: "'app' in group_names"