From 8672876f2b5e411539f737f7e49cc671badf882d Mon Sep 17 00:00:00 2001
From: Louis Abel <tucklesepk@gmail.com>
Date: Fri, 15 Jul 2022 13:44:41 -0700
Subject: [PATCH] finish rsyncd configuration

---
 handlers/main.yml                             |  5 +++
 role-rocky-repopool.yml                       |  4 +++
 tasks/rsyncd.yml                              | 32 +++++++++++++++++++
 templates/etc/{rsyncd.conf => rsyncd.conf.j2} |  2 +-
 4 files changed, 42 insertions(+), 1 deletion(-)
 create mode 100644 tasks/rsyncd.yml
 rename templates/etc/{rsyncd.conf => rsyncd.conf.j2} (98%)

diff --git a/handlers/main.yml b/handlers/main.yml
index 05bc4ab..5e42247 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -46,4 +46,9 @@
   ansible.builtin.service:
     name: postfix
     state: restarted
+
+- name: restart_rsyncd
+  ansible.builtin.service:
+    name: rsyncd
+    state: restarted
 ...
diff --git a/role-rocky-repopool.yml b/role-rocky-repopool.yml
index eaa5665..0799198 100644
--- a/role-rocky-repopool.yml
+++ b/role-rocky-repopool.yml
@@ -31,6 +31,10 @@
       with_items: "{{ mounts }}"
       tags: ["koji_efs_mount"]
 
+    - name: "Setup rsyncd"
+      include_tasks: tasks/rsyncd.yml
+      tags: ["rsyncd"]
+
   post_tasks:
     - name: Touching run file that ansible has ran here
       ansible.builtin.file:
diff --git a/tasks/rsyncd.yml b/tasks/rsyncd.yml
new file mode 100644
index 0000000..1f46e89
--- /dev/null
+++ b/tasks/rsyncd.yml
@@ -0,0 +1,32 @@
+---
+# Configure rsyncd
+- name: Install rsync packages
+  ansible.builtin.dnf:
+    name:
+      - rsync-daemon
+      - python3-libsemanage
+    state: present
+  tags:
+    - packages
+    - rsync
+
+- name: Configure rsyncd configuration
+  ansible.builtin.template:
+    src: "etc/rsyncd.conf.j2"
+    dest: "/etc/rsyncd.conf"
+    mode: '0644'
+  notify: restart_rsyncd
+
+- name: Configure seboolean
+  ansible.posix.seboolean:
+    name: rsync_export_all_ro
+    persistent: true
+    state: true
+  notify: restart_rsyncd
+
+- name: Ensure postfix is running and enabled
+  ansible.builtin.service:
+    name: rsyncd
+    state: restarted
+    enabled: true
+...
diff --git a/templates/etc/rsyncd.conf b/templates/etc/rsyncd.conf.j2
similarity index 98%
rename from templates/etc/rsyncd.conf
rename to templates/etc/rsyncd.conf.j2
index abdae82..5f53a69 100644
--- a/templates/etc/rsyncd.conf
+++ b/templates/etc/rsyncd.conf.j2
@@ -1,7 +1,7 @@
 uid = nobody
 gid = mirror
 use chroot = yes
-max connections = 20
+max connections = 30
 pid file = /var/run/rsyncd.pid
 exclude = lost+found/
 transfer logging = yes