summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPedro Alvarez <pedro.alvarez@codethink.co.uk>2021-08-19 19:38:05 +0200
committerPedro Alvarez <pedro.alvarez@codethink.co.uk>2021-08-19 19:38:05 +0200
commitca5364cd55bc866d131d476ecd3bf86f36e9e587 (patch)
treea546a04b5bce30a2522cade6ab41db2d7e2a680a
parent92855a5194e78568bce13696e82242f7790dbfcb (diff)
downloadinfrastructure-ca5364cd55bc866d131d476ecd3bf86f36e9e587.tar.gz
baserock_ostree/instance-config.yml: to ubuntu
-rw-r--r--baserock_ostree/instance-config.yml76
1 files changed, 61 insertions, 15 deletions
diff --git a/baserock_ostree/instance-config.yml b/baserock_ostree/instance-config.yml
index 6363500e..89ff4c94 100644
--- a/baserock_ostree/instance-config.yml
+++ b/baserock_ostree/instance-config.yml
@@ -12,18 +12,25 @@
- import_tasks: ../tasks/create-data-volume.yml
vars:
lv_name: ostree
- lv_size: 290g
+ lv_size: 90g
mountpoint: /srv
# This should perhaps have been called ostree-cache
- name: ostree user
- user: name=ostree
+ user:
+ name: ostree
- name: ostree-releases user
- user: name=ostree-releases
+ user:
+ name: ostree-releases
- name: data directory
- file: mode=0755 owner=ostree group=ostree path=/srv/ostree/ state=directory
+ file:
+ mode: 0755
+ owner: ostree
+ group: ostree
+ path: /srv/ostree/
+ state: directory
- name: cache repository
command: ostree init --repo=/srv/ostree/cache --mode=archive-z2
@@ -32,7 +39,12 @@
creates: /srv/ostree/cache/config
- name: releases directory
- file: mode=0755 owner=ostree-releases group=ostree-releases path=/srv/ostree/releases state=directory
+ file:
+ mode: 0755
+ owner: ostree-releases
+ group: ostree-releases
+ path: /srv/ostree/releases
+ state: directory
- name: releases repository
command: ostree init --repo=/srv/ostree/releases --mode=archive-z2
@@ -46,27 +58,57 @@
dest: /etc/lighttpd/lighttpd.conf
- name: restart lighttpd server
- service: name=lighttpd enabled=yes state=restarted
+ service:
+ name: lighttpd
+ enabled: yes
+ state: restarted
- name: sshd configuration for ostree user -- header
- lineinfile: state="present" line="Match user ostree" path=/etc/ssh/sshd_config
+ lineinfile:
+ state: "present"
+ line: "Match user ostree"
+ path: /etc/ssh/sshd_config
- name: sshd configuration for ostree user -- force command
- lineinfile: state="present" line=" ForceCommand bst-artifact-receive --pull-url https://ostree.baserock.org/cache/ --verbose /srv/ostree/cache" insertafter="Match user ostree$" path=/etc/ssh/sshd_config
+ lineinfile:
+ state: "present"
+ line: " ForceCommand bst-artifact-receive --pull-url https://ostree.baserock.org/cache/ --verbose /srv/ostree/cache"
+ insertafter: "Match user ostree$"
+ path: /etc/ssh/sshd_config
- name: sshd configuration for ostree user -- disable password auth
- lineinfile: state="present" line=" PasswordAuthentication no" insertafter="Match user ostree$" path=/etc/ssh/sshd_config
+ lineinfile:
+ state: "present"
+ line: " PasswordAuthentication no"
+ insertafter: "Match user ostree$"
+ path: /etc/ssh/sshd_config
- name: sshd configuration for ostree-releases user -- header
- lineinfile: state="present" line="Match user ostree-releases" path=/etc/ssh/sshd_config
+ lineinfile:
+ state: "present"
+ line: "Match user ostree-releases"
+ path: /etc/ssh/sshd_config
- name: sshd configuration for ostree-releases user -- force command
- lineinfile: state="present" line=" ForceCommand ostree-receive -v --repo /srv/ostree/releases" insertafter="Match user ostree-releases$" path=/etc/ssh/sshd_config
+ lineinfile:
+ state: "present"
+ line: " ForceCommand ostree-receive -v --repo /srv/ostree/releases"
+ insertafter: "Match user ostree-releases$"
+ path: /etc/ssh/sshd_config
- name: sshd configuration for ostree-releases user -- disable password auth
- lineinfile: state="present" line=" PasswordAuthentication no" insertafter="Match user ostree-releases$" path=/etc/ssh/sshd_config
+ lineinfile:
+ state: "present"
+ line: " PasswordAuthentication no"
+ insertafter: "Match user ostree-releases$"
+ path: /etc/ssh/sshd_config
- name: restart sshd server
- service: name=sshd enabled=yes state=restarted
+ service:
+ name: sshd
+ enabled: yes
+ state: restarted
- name: install systemd units
- copy: src=./{{item}} dest=/{{item}}
+ copy:
+ src: ./{{item}}
+ dest: /{{item}}
with_items:
- etc/systemd/system/ostree-update-summary-cache.service
- etc/systemd/system/ostree-update-summary-cache.timer
@@ -74,7 +116,11 @@
- etc/systemd/system/ostree-update-summary-releases.timer
- name: enable systemd units
- systemd: name={{item}} enabled=yes daemon_reload=yes state=started
+ systemd:
+ name: "{{item}}"
+ enabled: yes
+ daemon_reload: yes
+ state: started
with_items:
- ostree-update-summary-cache.service
- ostree-update-summary-cache.timer