ansible-openqa-management/tasks/openqa.yml
2024-03-22 22:59:42 +00:00

147 lines
3.5 KiB
YAML

---
- name: Install OpenQA packages
ansible.builtin.yum:
name: "{{ openqa_packages }}"
state: present
tags:
- packages
- name: Copy httpd configuration files
ansible.builtin.copy:
remote_src: true
src: /etc/httpd/conf.d/{{ item }}.template
dest: /etc/httpd/conf.d/{{ item }}
mode: "0644"
owner: root
group: root
loop:
- openqa.conf
- openqa-ssl.conf
notify: Restart httpd
tags:
- configure
ignore_errors: "{{ ansible_check_mode }}"
- name: Template OpenQA configuration files
ansible.builtin.template:
src: etc/openqa/{{ item }}.j2
dest: /etc/openqa/{{ item }}
owner: "{{ openqa_user }}"
group: "{{ openqa_group }}"
mode: "0444"
loop:
- openqa.ini
- client.conf
tags:
- configure
notify: Restart openQA workers
- name: Get service facts
ansible.builtin.service_facts:
check_mode: false
- name: Check for non-empty postgres data directory
ansible.builtin.stat:
path: /var/lib/pgsql/data/base
register: postgres_data_dir
- name: If postgresql is not already running, initialize database
ansible.builtin.command: postgresql-setup --initdb
when: not ( ansible_facts.services["postgresql.service"]["state"] == "running" )
and not postgres_data_dir.stat.exists
changed_when: true
ignore_errors: "{{ ansible_check_mode }}"
- name: Enable and start postgresql service
ansible.builtin.systemd:
name: postgresql
state: started
enabled: true
when: not ( ansible_facts.services["postgresql.service"]["state"] == "running" )
and not postgres_data_dir.stat.exists
ignore_errors: "{{ ansible_check_mode }}"
- name: Configure SELinux to allow httpd connection to network
ansible.posix.seboolean:
name: httpd_can_network_connect
state: true
persistent: true
tags:
- configure
- name: Enable and start OpenQA services
ansible.builtin.systemd:
name: "{{ item }}"
state: started
enabled: true
loop: "{{ openqa_services }}"
tags:
- configure
ignore_errors: "{{ ansible_check_mode }}"
- name: Create openqa-vnc firewalld service
ansible.builtin.template:
src: etc/firewalld/services/openqa-vnc.xml.j2
dest: /etc/firewalld/services/openqa-vnc.xml
owner: root
group: root
mode: "0644"
tags:
- configure
notify: Reload firewalld
- name: Systemctl daemon-reload
ansible.builtin.systemd:
daemon_reload: true
- name: Permit traffic for http and openqa-vnc services
ansible.posix.firewalld:
service: "{{ item }}"
permanent: true
state: enabled
loop:
- http
- openqa-vnc
tags:
- configure
notify: Reload firewalld
- name: Check for existing repository
ansible.builtin.stat:
path: "{{ openqa_homedir }}/share/tests/rocky"
register: rocky_testing_repo
tags:
- configure
- name: Clone repository if it does not already exist
ansible.builtin.git:
accept_hostkey: true
dest: "{{ openqa_homedir }}/share/tests/rocky"
repo: "{{ openqa_rocky_testing_repo }}"
version: develop
when: not rocky_testing_repo.stat.exists
tags:
- configure
- name: Set owner/group/permissions on repo contents
ansible.builtin.file:
path: "{{ openqa_homedir }}/share/tests/rocky"
recurse: true
owner: "{{ openqa_user }}"
group: "{{ openqa_group }}"
mode: "0775"
tags:
- configure
- name: Create asset directories
ansible.builtin.file:
path: "{{ openqa_homedir }}/share/factory/{{ item }}/fixed"
state: directory
owner: "{{ openqa_user }}"
group: "{{ openqa_group }}"
mode: "0775"
loop:
- iso
- hdd
...