fixes

1 year ago · a15cb4bcd4
parent a3e11f1208
commit a15cb4bcd4
9 changed files with 65 additions and 69 deletions
--- a/libvirt/main.yml
+++ b/libvirt/main.yml
@ -4,18 +4,24 @@
  tasks:
    - name: mirbr0 network exists
      command: "virsh net-dumpxml mirbr0 > /dev/null 2>&1"
-      register: net_exists
+      check_mode: yes
+      changed_when: false
      ignore_errors: true
+      register: net_exists

    - name: storage pool exists
      command: "virsh pool-dumpxml mirror > /dev/null 2>&1"
-      register: pool_exists
+      check_mode: yes
+      changed_when: false
      ignore_errors: true
+      register: pool_exists

    - name: mirror vm exists
      command: "virsh dumpxml mirror > /dev/null 2>&1"
-      register: vm_exists
+      check_mode: yes
+      changed_when: false
      ignore_errors: true
+      register: vm_exists

    - name: create directory for vm
      file:
@ -53,8 +59,8 @@
      loop:
        - pool-define-as mirror dir --target="{{ playbook_dir }}/vm/disks"
        - pool-build mirror
-        - pool-start mirror
        - pool-autostart mirror
+        - pool-start mirror
      when: not pool_exists.rc == 0

    # hardcoded to 10G since modification would require change to user-data
@ -110,11 +116,8 @@
 #     - ftp

 # to write
-#    - merlin
-#    - scripts (in bin)
-#    - mirrormanager
-#    - users (make users + group + ssh conf + ssh pub key) (make sure runs second)
-
-# maybe replace ubuntu user with local user
-# users: mirror, local, push
-# ssh: allow user to login as root
+#    - could be combined into one
+        # - merlin
+        # - scripts (in bin)
+        # - mirrormanager
+#    - users 
--- a/requirements.yml
+++ b/requirements.yml
@ -1 +0,0 @@
- src: ansible.posix
--- a/roles/index/tasks/main.yml
+++ b/roles/index/tasks/main.yml
@ -1,30 +1,38 @@
 ---
- name: Copy over crond job
+- name: copy over crond job
  copy:
-    src: "{{role_path}}/templates/csc-mirror"
+    src: "{{ role_path }}/templates/csc-mirror"
    dest: /etc/cron.d/csc-mirror
+    owner: root
+    group: root
+    mode: 0644
 # restart cron

-# make sure that each role can run on its own or in any order (can assume that zfs + users role will run first)
-# remove this if useradding with home dir
- name: mirror home
-  file:
-    path: /home/mirror
-    state: directory
-    # owner: mirror
-    # group: mirror
-    mode: 0755
-    recurse: yes
+# create mirror home dir in user role
+# - name: mirror home
+#   file:
+#     path: /home/mirror
+#     state: directory
+#     owner: mirror
+#     group: mirror
+#     mode: 0755
+#     recurse: yes

 # user template module instead
 # https://docs.ansible.com/ansible/latest/collections/ansible/builtin/template_module.html
 - name: Copy index files
  copy:
-    src: "{{role_path}}/templates/mirror-index"
+    src: "{{ role_path }}/templates/mirror-index"
    dest: /home/mirror/mirror-index
+    owner: mirror
+    group: mirror
+    mode: 0775

 - name: Copy assets
  copy:
-    src: "{{role_path}}/templates/include"
+    src: "{{ role_path }}/templates/include"
    dest: /mirror/root/include
+    owner: root
+    group: csc-mirror
+    mode: 0755

--- a/roles/rsync/tasks/main.yml
+++ b/roles/rsync/tasks/main.yml
@ -1,18 +1,12 @@
- name: rsync
+- name: install rsync
  apt:
    name: rsync
-    state: latest
-    update_cache: true
-
- name: enable and start rsync daemon
-  systemd:
-    name: rsync
-    enabled: true
-    state: started
+    state: present
+    update_cache: yes

 - name: copy rsync configs
  template:
-    src: templates/{{ item.src }}
+    src: "{{ role_path }}/templates/{{ item.src }}"
    dest: /etc/{{ item.dest }}
    owner: root
    group: root
@ -20,4 +14,9 @@
  loop:
    - { src: "rsyncd.conf.j2", dest: "rsyncd.conf" } 
    - { src: "rsyncd-filter.conf.j2", dest: "rsyncd-filter.conf" } 
-  notify: restart rsync
+
+- name: enable and start rsync daemon
+  systemd:
+    name: rsync
+    enabled: true
+    state: started
--- a/roles/zfs/tasks/main.yml
+++ b/roles/zfs/tasks/main.yml
@ -1,8 +1,8 @@
 - name: install zfs
  apt:
    name: zfsutils-linux
-    state: latest
-    update_cache: true
+    state: present
+    update_cache: yes

 # in hosts/group_vars we can do
 # vars:
@ -38,8 +38,10 @@

 - name: zpool exists
  command: "zpool status cscmirror > /dev/null 2>&1"
-  register: zpool_exists
+  check_mode: yes
+  changed_when: false
  ignore_errors: true
+  register: zpool_exists

 - name: create and mount zpool
  command: >
--- a/todo/ftp/main.yml
+++ b/todo/ftp/main.yml
@ -1 +1,5 @@
- name: Install 
+- name: install proftpd
+  apt:
+    name: proftpd
+    state: present
+    update_cache: yes
--- a/todo/mirror-vm.yml
+++ b/todo/mirror-vm.yml
@ -1,15 +0,0 @@
-# instead of this we can just get the user to run
-# ansible-playbook qemu/main.yml
-# or
-# ansible-playbook libvirt/main.yml
-
---
-# - hosts: local
-#   roles:
-#   - vm-qemu
-  # - run-vm
-
- hosts: vm
-  become: yes
-  roles:
-  - nginx
--- a/todo/post-install.yml
+++ b/todo/post-install.yml
@ -1,12 +0,0 @@
-# don't really need anymore
-# just keeping here for reference
---
- name: install dependencies
-  apt:
-    pkg:
-      - zfsutils-linux
-      - rsync
-      - nginx
-      - proftpd
-    state: latest
-    update_cache: true
--- a/todo/users/README.md
+++ b/todo/users/README.md
@ -0,0 +1,8 @@
+# setup role for container 
+- create users (and their home dirs)
+    - mirror (most mirror related things are owned by this user)
+    - local (does nothing)
+    - push (stores some authorized_keys so upstream can push to us)
+    - csc-mirror (system user, donno what does)
+- modify ssh config to allow root login
+- copy over ssh public keys (if provided)