blob: 768deb1ac8d7b8288e3cce90db07fa6bf5a46d92 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
# Instance configuration for Baserock OStree cache server.
#
# Tested against Fedora 26 base image.
#
# See also: https://buildstream.gitlab.io/buildstream/artifacts.html
---
- hosts: ostree
gather_facts: false
become: yes
become_method: sudo
tasks:
- import_tasks: ../tasks/create-data-volume.yml lv_name=ostree lv_size=290g mountpoint=/srv
- name: ostree user
user: name=ostree
- name: data directory
file: mode=0755 owner=ostree group=ostree path=/srv/ostree/ state=directory
- name: cache repository
command: ostree init --repo=/srv/ostree/cache --mode=archive-z2
become_user: ostree
args:
creates: /srv/ostree/cache/config
- name: lighttpd configuration
copy:
src: lighttpd.conf
dest: /etc/lighttpd/lighttpd.conf
- name: restart lighttpd server
service: name=lighttpd enabled=yes state=restarted
- name: sshd configuration for ostree user -- header
lineinfile: state="present" line="Match user ostree" path=/etc/ssh/sshd_config
- name: sshd configuration for ostree user -- force command
lineinfile: state="present" line=" ForceCommand bst-artifact-receive --verbose /srv/ostree/cache" insertafter="Match user ostree" path=/etc/ssh/sshd_config
- name: sshd configuration for ostree user -- disable password auth
lineinfile: state="present" line=" PasswordAuthentication no" insertafter="Match user ostree" path=/etc/ssh/sshd_config
- name: restart sshd server
service: name=sshd enabled=yes state=restarted
- name: install systemd units
copy: src=./{{item}} dest=/{{item}}
with_items:
- etc/systemd/system/ostree-cache-update-summary.service
- etc/systemd/system/ostree-cache-update-summary.timer
- name: enable systemd units
systemd: name={{item}} enabled=yes daemon_reload=yes state=started
with_items:
- ostree-cache-update-summary.service
- ostree-cache-update-summary.timer
|