diff --git a/books/main_servers.yml b/books/main_servers.yml index 0be5155..9c2b0fa 100644 --- a/books/main_servers.yml +++ b/books/main_servers.yml @@ -1,187 +1,188 @@ --- - name: Get local commit hosts: 127.0.0.1 tags: always connection: local gather_facts: false tasks: - shell: "git show-ref -s --head HEAD | head -n 1" register: commit tags: [ 'always' ] - name: Configure Jump Server hosts: lbs tags: conf-lbs vars_files: - "{{ var }}" vars: nagios_nrpe_server_allowed_hosts: "{{ groups['monit'][0] }},127.0.0.1" port: 222 user: centos become: yes roles: - role: ../roles/common tags: [ 'common' ] - role: ../roles/swap/roles/swap tags: [ 'common' ] - role: ../roles/ganglia-gmond tags: [ 'common' ] - role: ../roles/nrpe tags: [ 'common', 'conf-monit' ] - role: ../roles/postfix postfix_mynetworks: [ "{{ ip_range }}" ] enable_postfix_relayhost: false - role: ../roles/letsencrypt when: env != "test" - role: ../roles/haproxy - role: ../roles/jump tasks: - shell: "echo {{ hostvars['127.0.0.1']['commit']['stdout'] }} > /{{ project_name }}_version" handlers: - import_tasks: ../handlers/main.yml - name: Configure Monitoring Server hosts: monit tags: conf-monit vars_files: - "{{ var }}" vars: nagios_nrpe_server_allowed_hosts: "{{ groups['monit'][0] }},127.0.0.1" user: centos become: yes roles: - role: ../roles/common tags: [ 'common' ] - role: ../roles/swap/roles/swap tags: [ 'common' ] - role: ../roles/nrpe tags: [ 'common', 'conf-monit' ] - role: ../roles/postfix tags: [ 'common' ] - role: ../roles/logcheck - role: ../roles/rsyslog - role: ../roles/apache apache_config: placeholder.conf www_user: apache - role: ../roles/nagios - role: ../roles/ganglia-gmond tags: [ 'common' ] - role: ../roles/ganglia-gmetad tasks: - import_tasks: ../roles/mariadb/tasks/install.yml yum_repo: ../roles/mariadb/files/yum.repo - shell: "echo {{ hostvars['127.0.0.1']['commit']['stdout'] }} > /{{ project_name }}_version" - import_tasks: ../roles/phabricator/tasks/php.yml handlers: - import_tasks: ../handlers/main.yml - name: Configure Databases hosts: dbs tags: conf-dbs vars_files: - "{{ var }}" vars: nagios_nrpe_server_allowed_hosts: "{{ groups['monit'][0] }},127.0.0.1" user: centos become: yes roles: - role: ../roles/common tags: [ 'common' ] - role: ../roles/swap/roles/swap tags: [ 'common' ] - role: ../roles/nrpe tags: [ 'common', 'conf-monit' ] - role: ../roles/postfix tags: [ 'common' ] - role: ../roles/ganglia-gmond tags: [ 'common' ] - role: ../roles/mariadb tasks: - import_tasks: ../roles/phabricator/tasks/php.yml - import_tasks: ../roles/phabricator/tasks/packages.yml - import_tasks: ../roles/phabricator/tasks/users.yml - import_tasks: ../roles/phabricator/tasks/install.yml - shell: "echo {{ hostvars['127.0.0.1']['commit']['stdout'] }} > /{{ project_name }}_version" handlers: - import_tasks: ../handlers/main.yml - name: Configure App hosts: app tags: conf-app vars_files: - "{{ var }}" vars: nagios_nrpe_server_allowed_hosts: "{{ groups['monit'][0] }},127.0.0.1" user: centos become: yes roles: - role: ../roles/common tags: [ 'common' ] - role: ../roles/swap/roles/swap tags: [ 'common' ] - role: ../roles/nrpe tags: [ 'common', 'conf-monit' ] - role: ../roles/postfix postfix_mynetworks: [ "127.0.0.0/8", "{{ internal_ip }}" ] tags: [ 'common' ] - role: ../roles/ganglia-gmond tags: [ 'common' ] - role: ../roles/phabricator - role: ../roles/shibboleth - role: ../roles/apache apache_config: phabricator.conf tasks: - import_tasks: ../roles/phabricator/tasks/notif.yml - shell: "echo {{ hostvars['127.0.0.1']['commit']['stdout'] }} > /{{ project_name }}_version" handlers: - import_tasks: ../handlers/main.yml - name: Configure App Daemons part 1 hosts: phd tags: conf-phd vars_files: - "{{ var }}" vars: nagios_nrpe_server_allowed_hosts: "{{ groups['monit'][0] }},127.0.0.1" user: centos become: yes roles: - role: ../roles/common tags: [ 'common' ] - role: ../roles/swap/roles/swap tags: [ 'common' ] - role: ../roles/nrpe tags: [ 'common', 'conf-monit' ] - role: ../roles/postfix tags: [ 'common' ] - role: ../roles/ganglia-gmond tags: [ 'common' ] tasks: - import_tasks: ../roles/phabricator/tasks/backup.yml - import_tasks: ../roles/phabricator/tasks/customize.yml + - import_tasks: ../roles/phabricator/tasks/maintenance.yml - import_tasks: ../roles/phabricator/tasks/php.yml - import_tasks: ../roles/phabricator/tasks/packages.yml - import_tasks: ../roles/phabricator/tasks/users.yml - import_tasks: ../roles/phabricator/tasks/logs.yml - import_tasks: ../roles/phabricator/tasks/ssh.yml - import_tasks: ../roles/phabricator/tasks/install.yml - import_tasks: ../roles/phabricator/tasks/daemons.yml - import_tasks: ../roles/phabricator/tasks/repo.yml - import_tasks: ../roles/phabricator/tasks/files.yml - import_tasks: ../roles/phabricator/tasks/api.yml - shell: "echo {{ hostvars['127.0.0.1']['commit']['stdout'] }} > /{{ project_name }}_version" handlers: - import_tasks: ../handlers/main.yml - name: Configure App Daemons part 2 hosts: phd tags: conf-phd vars_files: - "{{ var }}" user: centos become: yes roles: - role: ../roles/apache apache_config: phabricator-withoutshibd.conf handlers: - import_tasks: ../handlers/main.yml diff --git a/roles/phabricator/tasks/customize.yml b/roles/phabricator/tasks/customize.yml index f9e17bf..0bd2bba 100644 --- a/roles/phabricator/tasks/customize.yml +++ b/roles/phabricator/tasks/customize.yml @@ -1,55 +1,15 @@ --- # TODO: Run most of the scripts as www_user when possible - name: Scripts directory file: path: /root/scripts state: directory # Reparse all repo - name: Update repo script template: src: "{{ cust_phab_update_repo }}" dest: /root/scripts/phab_update_repo.sh mode: 0750 - -# Git GC everyday -- name: Optimize repo file - template: - src: "{{ cust_repo_gc }}" - dest: /root/scripts/repo-gc.sh - mode: 0750 -- name: Optimize repositories task - cron: - name: Optimize repositories - minute: 0 - hour: 0 - weekday: 0 - job: "/root/scripts/repo-gc.sh" - run_once: yes - -# Merge identical files -- name: Compact file script - template: - src: "{{ cust_compact_storage }}" - dest: /root/scripts/compact-storage.sh - mode: 0750 -- name: Compact file storage task - cron: - name: Compact file storage - minute: 30 - hour: 0 - weekday: 0 - job: "/root/scripts/compact-storage.sh" - run_once: yes - -# Analyze DB -- name: Analyze MariaDB tables - cron: - name: Analyze MariaDB tables - minute: 0 - hour: 1 - job: "{{ phabricator_path }}/phabricator/bin/storage analyze --host {{ groups.dbs[0] }}" - run_once: yes - diff --git a/roles/phabricator/tasks/customize.yml b/roles/phabricator/tasks/maintenance.yml similarity index 73% copy from roles/phabricator/tasks/customize.yml copy to roles/phabricator/tasks/maintenance.yml index f9e17bf..8ad1996 100644 --- a/roles/phabricator/tasks/customize.yml +++ b/roles/phabricator/tasks/maintenance.yml @@ -1,55 +1,42 @@ --- -# TODO: Run most of the scripts as www_user when possible - - -- name: Scripts directory - file: - path: /root/scripts - state: directory - -# Reparse all repo -- name: Update repo script - template: - src: "{{ cust_phab_update_repo }}" - dest: /root/scripts/phab_update_repo.sh - mode: 0750 # Git GC everyday - name: Optimize repo file template: src: "{{ cust_repo_gc }}" dest: /root/scripts/repo-gc.sh mode: 0750 + - name: Optimize repositories task cron: name: Optimize repositories minute: 0 hour: 0 weekday: 0 job: "/root/scripts/repo-gc.sh" - run_once: yes # Merge identical files - name: Compact file script template: src: "{{ cust_compact_storage }}" dest: /root/scripts/compact-storage.sh mode: 0750 + - name: Compact file storage task cron: name: Compact file storage minute: 30 hour: 0 weekday: 0 job: "/root/scripts/compact-storage.sh" run_once: yes # Analyze DB - name: Analyze MariaDB tables cron: name: Analyze MariaDB tables minute: 0 hour: 1 job: "{{ phabricator_path }}/phabricator/bin/storage analyze --host {{ groups.dbs[0] }}" run_once: yes