Flock discussions recap/request for input
by Kevin Fenzi
Greetings.
At the recent flock conference Infrastructure workshop, we had a nice
lively discussion on a number of items.
However, as is normal, we don't want to make decisions about things
without being open and allowing input from everyone, including those
that couldn't be at flock. So, I thought I would write up what we
talked about and the consensus we came up with and ask for any more
input from this list before we start implementing things. It's
possible there's something we didn't think about or that needs more
discussion, so do feel free to reply to this email with any parts you
want to comment on.
* Containers in Fedora Infrastructure:
* We want to look at moving things that make sense to containers.
* A good initial candidate is the mirrorlist servers.
* Would use the existing OSBS build system to build them.
* Would run on proxies.
* Would have haproxy list their socket as primary and old
mirrorlists as secondary.
* The container would have mirrorlist-server wsgi in it along with
the pkl updated hourly.
* Could allow us to spin up more as needed, but also should allow
faster answers from proxies as they don't have to depend on or
query over the vpn.
* Contributor resources in the fedorainfracloud
* Once our cloud is upgraded, we can use ipsilon to let users login
to the cloud and spin up instances for Fedora related needs.
* Outgoing restrictions would be added on port 25 and the like
* To start with users would only get 1 external floating ip.
* Initial rollout would enable qa and packager groups, need to see if
docs and i18n or other groups would have a use for it.
* would note that we can terminate any instance for any reason.
* Patrick would write some scripting to notify users after some time
and terminate if we didn't get an answer back.
* Long term instances should be moved to persistent infra playbooks.
* Build setup and requirements for infrastructure applications.
* Will get releng to set us up some side tags that we can build from
src.rpm in.
* all prod builds to be done in koji.
* Up to maintainers what priority they place on getting into
EPEL/Fedora. Encouraged for many reasons.
* FAS3 status
* Was running in staging, but we disabled for now until we can finish
a security audit.
* Need to get python-fedora changes lined up and ready/pushed out.
* Need to get fas3 fas_client packaged and ready to go.
* Need more testing in staging.
* Hopefully move production over after f25 is out.
* Fedora Infrastructure support setup
* Talked about on the list a fair bit.
* Support can be determined by looking at the domain:
fedoraproject.org - full 24x7 support, monitoring, uses RFR
stg.fedoraproject.org - 8x5 support, monitoring
fedoracommunity.org - some support, monitoring, uses simple RFR
fedorainfracloud.org - unsupported, apps run by contributors
* Fedora CA and cert infrastructure.
* Current CA expires in 2018.
* Plans being worked on now to back fas3 with freeipa so we could
move to kerberos tickets for koji then
* Need to figure out what would need to happen to sigul for that.
* Wait and see pending freeipa/fas3 integration.
* koji alternative arch proposals (on devel list, fesco ticket)
* Not too much infrastructure work here.
* will need to increase storage for primary koji, but can regain from
secondaries once their last releases go end of life.
Thats all I had notes on from the workshop, but there may well have
been other items, please do chime in with them if you think of
anything, or have any thoughts on the above.
kevin
7 years, 8 months
Freeze Break Request (Retroactive): Adding new staging database
host for testing in qa
by Tim Flink
I completely forgot that we were in Alpha freeze earlier today and made
some changes without requesting a freeze break. The changes shouldn't
impact production in any meaningful way but I can back all the changes
out if need be.
In summary, I did the following:
- created new dns entries for db-qa-stg01.qa
- added a new db-qa-stg01.qa host to inventory
- changed the postgres_server role to support dnf for f22+
- added the new db-qa-stg01.qa host to the postgres-server playbook
I've attached a diff to this email for review.
Tim
7 years, 8 months
Re: 'Meeting Agenda Item: Introduction Marc'
by Marc Bagatela
employment in the furture
On Tue, Aug 9, 2016 at 2:34 PM, Marc Bagatela <mbphilly84(a)gmail.com> wrote:
> Hi everyone My name is Marc
> IRC: marc84
> I can write Basic bash script but I willing to learn other programming
> language like python and also want to learn about web application. I have
> LPIC-1 certification and I want to improve my current linux administrator
> skills. I also have Linux User groups(Linux, Linux(tech support) & gentoo
> linux) on facebook and I also attend fosscon.
>
> What i want to learn?
> I want to know everything what infrastructure team and system
> administrator what they do. I like to learn new application and programming
> skills that will help me become a linux administrator and also help me get
>
7 years, 8 months
'Meeting Agenda Item: Introduction Marc'
by Marc Bagatela
Hi everyone My name is Marc
IRC: marc84
I can write Basic bash script but I willing to learn other programming language like python and also want to learn about web application. I have LPIC-1 certification and I want to improve my current linux administrator skills. I also have Linux User groups(Linux, Linux(tech support) & gentoo linux) on facebook and I also attend fosscon.
What i want to learn?
I want to know everything what infrastructure team and system administrator what they do. I like to learn new application and programming skills that will help me become a linux administrator and also help me get
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
7 years, 8 months
Builds from git repo with unpacked sources
by Michal Sekletar
Hello everyone,
this is my first post to Fedora Infrastructure list, allow me to
quickly introduce myself. My name is Michal Sekletar and I work for
Red Hat. I co-maintain systemd in both Fedora and RHEL. Also I am
Fedora user and contributor for more than 5 years now.
Some of you probably know that Red Hat's internal infrastructure
(dist-git and build system) has a lot in common with what is available
to Fedora packagers. Recently, internally they introduced very nice
feature that might be also useful to Fedora packagers. It is the
ability to build packages from exploded sources. Packager no longer
uploads tarball to lookaside cache and maintains patches in dist-git,
but points rhpkg (internal equivalent of fedpkg) to git repo that
contains exploded sources with downstream patches applied on top. This
allows for easy cherry-picking of patches between branches and a ton
of other nice features that make maintainer's life easier.
I briefly talked about this with Ralph at Flock. He suggested that I
send an email to this list where we can start the discussion if this
is something we want in Fedora, and in case yes, how to get there.
Cheers,
Michal
7 years, 8 months
[PATCH 1/4] Move mod_wsgi to a role rather than a included tasks
by Michael Scherer
---
files/mod_wsgi/wsgi.conf | 14 --------------
playbooks/groups/ask.yml | 2 +-
playbooks/groups/autocloud-web.yml | 2 +-
playbooks/groups/badges-web.yml | 2 +-
playbooks/groups/basset.yml | 2 +-
playbooks/groups/blockerbugs.yml | 2 +-
playbooks/groups/bodhi2.yml | 2 +-
playbooks/groups/datagrepper.yml | 2 +-
playbooks/groups/elections.yml | 2 +-
playbooks/groups/fas.yml | 2 +-
playbooks/groups/fas3.yml | 2 +-
playbooks/groups/fedocal.yml | 2 +-
playbooks/groups/github2fedmsg.yml | 2 +-
playbooks/groups/ipa.yml | 2 +-
playbooks/groups/ipsilon.yml | 2 +-
playbooks/groups/kerneltest.yml | 2 +-
playbooks/groups/koschei-web.yml | 2 +-
playbooks/groups/mailman.yml | 2 +-
playbooks/groups/mdapi.yml | 2 +-
playbooks/groups/mirrorlist2.yml | 2 +-
playbooks/groups/noc.yml | 2 +-
playbooks/groups/notifs-web.yml | 2 +-
playbooks/groups/nuancier.yml | 2 +-
playbooks/groups/packages.yml | 2 +-
playbooks/groups/pdc.yml | 4 +---
playbooks/groups/pkgdb.yml | 2 +-
playbooks/groups/statscache.yml | 4 +---
playbooks/groups/sundries.yml | 2 +-
playbooks/groups/tagger.yml | 2 +-
playbooks/groups/zanata2fedmsg.yml | 2 +-
.../hosts/grafana.cloud.fedoraproject.org.yml | 2 +-
playbooks/hosts/graphite.fedorainfracloud.org.yml | 2 +-
playbooks/hosts/iddev.fedorainfracloud.org.yml | 2 +-
playbooks/hosts/lists-dev.fedorainfracloud.org.yml | 2 +-
.../hosts/modernpaste.fedorainfracloud.org.yml | 2 +-
roles/mod_wsgi/files/wsgi.conf | 14 ++++++++++++++
roles/mod_wsgi/handlers/main.yml | 2 ++
roles/mod_wsgi/tasks/mod_wsgi.yml | 22 ++++++++++++++++++++++
tasks/mod_wsgi.yml | 22 ----------------------
39 files changed, 72 insertions(+), 74 deletions(-)
delete mode 100644 files/mod_wsgi/wsgi.conf
create mode 100644 roles/mod_wsgi/files/wsgi.conf
create mode 100644 roles/mod_wsgi/handlers/main.yml
create mode 100644 roles/mod_wsgi/tasks/mod_wsgi.yml
delete mode 100644 tasks/mod_wsgi.yml
diff --git a/files/mod_wsgi/wsgi.conf b/files/mod_wsgi/wsgi.conf
deleted file mode 100644
index 6c32a15..0000000
--- a/files/mod_wsgi/wsgi.conf
+++ /dev/null
@@ -1,14 +0,0 @@
-LoadModule wsgi_module modules/mod_wsgi.so
-
-# Some apps, notably anything that uses hg, need these off
-WSGIRestrictStdin Off
-WSGIRestrictStdout Off
-
-# Put the socket somewhere writable
-WSGISocketPrefix run/wsgi
-
-# Do not Optimize without stripping docstrings
-WSGIPythonOptimize 0
-
-# Set WSGIApplicationGroup to global
-WSGIApplicationGroup %{GLOBAL}
diff --git a/playbooks/groups/ask.yml b/playbooks/groups/ask.yml
index e52b1fb..574e309 100644
--- a/playbooks/groups/ask.yml
+++ b/playbooks/groups/ask.yml
@@ -18,6 +18,7 @@
- fas_client
- collectd/base
- apache
+ - mod_wsgi
- ask
- fedmsg/base
- rsyncd
@@ -29,7 +30,6 @@
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/autocloud-web.yml b/playbooks/groups/autocloud-web.yml
index 52c5ac4..47ec534 100644
--- a/playbooks/groups/autocloud-web.yml
+++ b/playbooks/groups/autocloud-web.yml
@@ -21,6 +21,7 @@
- fas_client
- collectd/base
- apache
+ - mod_wsgi
- fedmsg/base
- sudo
- role: openvpn/client
@@ -29,7 +30,6 @@
tasks:
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/badges-web.yml b/playbooks/groups/badges-web.yml
index cff2680..3f53cd9 100644
--- a/playbooks/groups/badges-web.yml
+++ b/playbooks/groups/badges-web.yml
@@ -29,6 +29,7 @@
- sudo
- { role: openvpn/client,
when: env != "staging" }
+ - mod_wsgi
- role: collectd/web-service
site: frontpage
url: "http://localhost/"
@@ -42,7 +43,6 @@
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/basset.yml b/playbooks/groups/basset.yml
index 1af41a4..3ee7b82 100644
--- a/playbooks/groups/basset.yml
+++ b/playbooks/groups/basset.yml
@@ -26,6 +26,7 @@
- mongodb
- rabbitmq
- apache
+ - mod_wsgi
- basset/frontend
- basset/worker
@@ -33,7 +34,6 @@
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/blockerbugs.yml b/playbooks/groups/blockerbugs.yml
index 27d4b16..113eda6 100644
--- a/playbooks/groups/blockerbugs.yml
+++ b/playbooks/groups/blockerbugs.yml
@@ -23,13 +23,13 @@
- { role: openvpn/client,
when: env != "staging" }
- apache
+ - mod_wsgi
- blockerbugs
tasks:
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/bodhi2.yml b/playbooks/groups/bodhi2.yml
index 0a12c32..df9fac2 100644
--- a/playbooks/groups/bodhi2.yml
+++ b/playbooks/groups/bodhi2.yml
@@ -22,6 +22,7 @@
- { role: openvpn/client,
when: env != "staging" }
- apache
+ - mod_wsgi
- { role: bodhi2/base, when: "inventory_hostname.startswith('bodhi0')" }
- { role: fedmsg/base, when: "inventory_hostname.startswith('bodhi0')" }
@@ -29,7 +30,6 @@
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/datagrepper.yml b/playbooks/groups/datagrepper.yml
index 9e343c0..c6eeaa1 100644
--- a/playbooks/groups/datagrepper.yml
+++ b/playbooks/groups/datagrepper.yml
@@ -25,12 +25,12 @@
- { role: openvpn/client,
when: env != "staging" }
- apache
+ - mod_wsgi
tasks:
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/elections.yml b/playbooks/groups/elections.yml
index 756fc37..afdc6a2 100644
--- a/playbooks/groups/elections.yml
+++ b/playbooks/groups/elections.yml
@@ -21,13 +21,13 @@
- { role: openvpn/client,
when: env != "staging" }
- apache
+ - mod_wsgi
- collectd/base
tasks:
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/fas.yml b/playbooks/groups/fas.yml
index bff9deb..3243a22 100644
--- a/playbooks/groups/fas.yml
+++ b/playbooks/groups/fas.yml
@@ -22,6 +22,7 @@
- rsyncd
- memcached
- apache
+ - mod_wsgi
- fas_server
- fedmsg/base
- sudo
@@ -33,7 +34,6 @@
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/fas3.yml b/playbooks/groups/fas3.yml
index 3c93166..021b492 100644
--- a/playbooks/groups/fas3.yml
+++ b/playbooks/groups/fas3.yml
@@ -22,6 +22,7 @@
- rsyncd
- memcached
- apache
+ - mod_wsgi
- fas3_server
- fedmsg/base
- sudo
@@ -33,7 +34,6 @@
- include: "{{ tasks }}/yumrepos.yml"
#- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/fedocal.yml b/playbooks/groups/fedocal.yml
index 3bee8ea..ec2989b 100644
--- a/playbooks/groups/fedocal.yml
+++ b/playbooks/groups/fedocal.yml
@@ -21,13 +21,13 @@
- { role: openvpn/client,
when: env != "staging" }
- apache
+ - mod_wsgi
- collectd/base
tasks:
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/github2fedmsg.yml b/playbooks/groups/github2fedmsg.yml
index ac8264a..99fe0eb 100644
--- a/playbooks/groups/github2fedmsg.yml
+++ b/playbooks/groups/github2fedmsg.yml
@@ -27,12 +27,12 @@
- { role: openvpn/client,
when: env != "staging" }
- apache
+ - mod_wsgi
tasks:
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/ipa.yml b/playbooks/groups/ipa.yml
index 609fb46..8ebfcf0 100644
--- a/playbooks/groups/ipa.yml
+++ b/playbooks/groups/ipa.yml
@@ -20,12 +20,12 @@
- sudo
- { role: openvpn/client,
when: env != "staging" }
+ - mod_wsgi
tasks:
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/ipsilon.yml b/playbooks/groups/ipsilon.yml
index 5706119..9bbccdf 100644
--- a/playbooks/groups/ipsilon.yml
+++ b/playbooks/groups/ipsilon.yml
@@ -26,12 +26,12 @@
- { role: openvpn/client,
when: env != "staging" }
- apache
+ - mod_wsgi
tasks:
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/kerneltest.yml b/playbooks/groups/kerneltest.yml
index 46ec3b8..221b1d3 100644
--- a/playbooks/groups/kerneltest.yml
+++ b/playbooks/groups/kerneltest.yml
@@ -27,12 +27,12 @@
- { role: openvpn/client,
when: env != "staging" }
- apache
+ - mod_wsgi
tasks:
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/koschei-web.yml b/playbooks/groups/koschei-web.yml
index a21edf1..9314f57 100644
--- a/playbooks/groups/koschei-web.yml
+++ b/playbooks/groups/koschei-web.yml
@@ -20,13 +20,13 @@
- collectd/base
- { role: sudo, sudoers: "{{ private }}/files/sudo/koschei01-sudoers" }
- { role: openvpn/client, when: env != "staging" }
+ - mod_wsgi
- koschei/frontend
tasks:
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/mailman.yml b/playbooks/groups/mailman.yml
index c4f837d..b3d0da0 100644
--- a/playbooks/groups/mailman.yml
+++ b/playbooks/groups/mailman.yml
@@ -26,13 +26,13 @@
when: env != "staging" }
- apache
- spamassassin
+ - mod_wsgi
tasks:
# this is how you include other task lists
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/mdapi.yml b/playbooks/groups/mdapi.yml
index f07ee88..656c139 100644
--- a/playbooks/groups/mdapi.yml
+++ b/playbooks/groups/mdapi.yml
@@ -21,12 +21,12 @@
- { role: openvpn/client,
when: env != "staging" }
- collectd/base
+ - mod_wsgi
tasks:
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/mirrorlist2.yml b/playbooks/groups/mirrorlist2.yml
index bbc8468..aea46eb 100644
--- a/playbooks/groups/mirrorlist2.yml
+++ b/playbooks/groups/mirrorlist2.yml
@@ -56,6 +56,7 @@
- fas_client
- collectd/base
- apache
+ - mod_wsgi
- httpd/mod_ssl
- role: httpd/certificate
@@ -95,7 +96,6 @@
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
diff --git a/playbooks/groups/noc.yml b/playbooks/groups/noc.yml
index 1d426ad..34d4bd3 100644
--- a/playbooks/groups/noc.yml
+++ b/playbooks/groups/noc.yml
@@ -22,12 +22,12 @@
- { role: openvpn/client,
when: env != "staging" }
- apache
+ - mod_wsgi
tasks:
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/notifs-web.yml b/playbooks/groups/notifs-web.yml
index afb8c7f..3c49b35 100644
--- a/playbooks/groups/notifs-web.yml
+++ b/playbooks/groups/notifs-web.yml
@@ -23,6 +23,7 @@
- fas_client
- collectd/base
- apache
+ - mod_wsgi
- fedmsg/base
- notifs/frontend
- sudo
@@ -33,7 +34,6 @@
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/nuancier.yml b/playbooks/groups/nuancier.yml
index 1d48752..5237609 100644
--- a/playbooks/groups/nuancier.yml
+++ b/playbooks/groups/nuancier.yml
@@ -26,12 +26,12 @@
- { role: openvpn/client,
when: env != "staging" }
- apache
+ - mod_wsgi
tasks:
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/packages.yml b/playbooks/groups/packages.yml
index 81e8997..a7f8505 100644
--- a/playbooks/groups/packages.yml
+++ b/playbooks/groups/packages.yml
@@ -27,12 +27,12 @@
- { role: openvpn/client,
when: env != "staging" }
- apache
+ - mod_wsgi
tasks:
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/pdc.yml b/playbooks/groups/pdc.yml
index 49e0fe1..f57bed8 100644
--- a/playbooks/groups/pdc.yml
+++ b/playbooks/groups/pdc.yml
@@ -42,12 +42,10 @@
- role: openvpn/client
when: env != "staging"
- apache
+ - mod_wsgi
- fedmsg/base
- pdc/frontend
- tasks:
- - include: "{{ tasks }}/mod_wsgi.yml"
-
- name: stuff just for the backend nodes
hosts: pdc-backend:pdc-backend-stg
user: root
diff --git a/playbooks/groups/pkgdb.yml b/playbooks/groups/pkgdb.yml
index 95b70ff..9c3cc4d 100644
--- a/playbooks/groups/pkgdb.yml
+++ b/playbooks/groups/pkgdb.yml
@@ -25,12 +25,12 @@
- { role: openvpn/client,
when: env != "staging" }
- apache
+ - mod_wsgi
tasks:
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/statscache.yml b/playbooks/groups/statscache.yml
index 3d1cd1e..a0a61ad 100644
--- a/playbooks/groups/statscache.yml
+++ b/playbooks/groups/statscache.yml
@@ -44,13 +44,11 @@
roles:
- apache
+ - mod_wsgi
- role: openvpn/client
when: env != "staging"
- statscache/frontend
- tasks:
- - include: "{{ tasks }}/mod_wsgi.yml"
-
- name: Stuff just for the fedmsg backend
hosts: statscache-backend:statscache-backend-stg
user: root
diff --git a/playbooks/groups/sundries.yml b/playbooks/groups/sundries.yml
index c7e66c2..537694f 100644
--- a/playbooks/groups/sundries.yml
+++ b/playbooks/groups/sundries.yml
@@ -23,6 +23,7 @@
- fas_client
- collectd/base
- apache
+ - mod_wsgi
- geoip
- geoip-city-wsgi/app
- role: koji_reminder
@@ -56,7 +57,6 @@
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/tagger.yml b/playbooks/groups/tagger.yml
index ab32b1c..f781868 100644
--- a/playbooks/groups/tagger.yml
+++ b/playbooks/groups/tagger.yml
@@ -27,12 +27,12 @@
- { role: openvpn/client,
when: env != "staging" }
- apache
+ - mod_wsgi
tasks:
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/groups/zanata2fedmsg.yml b/playbooks/groups/zanata2fedmsg.yml
index c23a9a2..0628d17 100644
--- a/playbooks/groups/zanata2fedmsg.yml
+++ b/playbooks/groups/zanata2fedmsg.yml
@@ -27,12 +27,12 @@
- { role: openvpn/client,
when: env != "staging" }
- apache
+ - mod_wsgi
tasks:
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/hosts/grafana.cloud.fedoraproject.org.yml b/playbooks/hosts/grafana.cloud.fedoraproject.org.yml
index 799d110..1933031 100644
--- a/playbooks/hosts/grafana.cloud.fedoraproject.org.yml
+++ b/playbooks/hosts/grafana.cloud.fedoraproject.org.yml
@@ -24,6 +24,7 @@
- base
- rkhunter
- apache
+ - mod_wsgi
#- graphite/graphite
#- graphite/statsd
#- graphite/fedmsg2statsd
@@ -33,7 +34,6 @@
- include: "{{ tasks }}/yumrepos.yml"
#- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/hosts/graphite.fedorainfracloud.org.yml b/playbooks/hosts/graphite.fedorainfracloud.org.yml
index c120980..d04bc38 100644
--- a/playbooks/hosts/graphite.fedorainfracloud.org.yml
+++ b/playbooks/hosts/graphite.fedorainfracloud.org.yml
@@ -24,6 +24,7 @@
- base
- rkhunter
- apache
+ - mod_wsgi
- certbot
- graphite/graphite
- graphite/statsd
@@ -33,7 +34,6 @@
- include: "{{ tasks }}/yumrepos.yml"
#- include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/hosts/iddev.fedorainfracloud.org.yml b/playbooks/hosts/iddev.fedorainfracloud.org.yml
index 54784d8..848a8c1 100644
--- a/playbooks/hosts/iddev.fedorainfracloud.org.yml
+++ b/playbooks/hosts/iddev.fedorainfracloud.org.yml
@@ -24,6 +24,7 @@
- sudo
- hosts
- apache
+ - mod_wsgi
- base
pre_tasks:
@@ -33,7 +34,6 @@
- include: "{{ tasks }}/cloud_setup_basic.yml"
- name: set hostname (required by some services, at least postfix need it)
hostname: name="{{inventory_hostname}}"
- - include: "{{ tasks }}/mod_wsgi.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
diff --git a/playbooks/hosts/lists-dev.fedorainfracloud.org.yml b/playbooks/hosts/lists-dev.fedorainfracloud.org.yml
index aa7d3c7..31185e2 100644
--- a/playbooks/hosts/lists-dev.fedorainfracloud.org.yml
+++ b/playbooks/hosts/lists-dev.fedorainfracloud.org.yml
@@ -33,13 +33,13 @@
- sudo
- hosts
- apache
+ - mod_wsgi
- base
tasks:
- include: "{{ tasks }}/postfix_basic.yml"
- include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/motd.yml"
- - include: "{{ tasks }}/mod_wsgi.yml"
# Basic Apache config
- name: install mod_ssl
diff --git a/playbooks/hosts/modernpaste.fedorainfracloud.org.yml b/playbooks/hosts/modernpaste.fedorainfracloud.org.yml
index 996d764..7d07691 100644
--- a/playbooks/hosts/modernpaste.fedorainfracloud.org.yml
+++ b/playbooks/hosts/modernpaste.fedorainfracloud.org.yml
@@ -24,6 +24,7 @@
- sudo
- hosts
- apache
+ - mod_wsgi
- base
pre_tasks:
@@ -33,4 +34,3 @@
- include: "{{ tasks }}/cloud_setup_basic.yml"
- name: set hostname (required by some services, at least postfix need it)
hostname: name="{{inventory_hostname}}"
- - include: "{{ tasks }}/mod_wsgi.yml"
diff --git a/roles/mod_wsgi/files/wsgi.conf b/roles/mod_wsgi/files/wsgi.conf
new file mode 100644
index 0000000..6c32a15
--- /dev/null
+++ b/roles/mod_wsgi/files/wsgi.conf
@@ -0,0 +1,14 @@
+LoadModule wsgi_module modules/mod_wsgi.so
+
+# Some apps, notably anything that uses hg, need these off
+WSGIRestrictStdin Off
+WSGIRestrictStdout Off
+
+# Put the socket somewhere writable
+WSGISocketPrefix run/wsgi
+
+# Do not Optimize without stripping docstrings
+WSGIPythonOptimize 0
+
+# Set WSGIApplicationGroup to global
+WSGIApplicationGroup %{GLOBAL}
diff --git a/roles/mod_wsgi/handlers/main.yml b/roles/mod_wsgi/handlers/main.yml
new file mode 100644
index 0000000..f599732
--- /dev/null
+++ b/roles/mod_wsgi/handlers/main.yml
@@ -0,0 +1,2 @@
+- name: restart apache
+ command: /usr/local/bin/conditional-restart.sh httpd httpd
diff --git a/roles/mod_wsgi/tasks/mod_wsgi.yml b/roles/mod_wsgi/tasks/mod_wsgi.yml
new file mode 100644
index 0000000..06c8aa5
--- /dev/null
+++ b/roles/mod_wsgi/tasks/mod_wsgi.yml
@@ -0,0 +1,22 @@
+---
+# install mod_wsgi
+- name: install mod_wsgi
+ yum: name=mod_wsgi state=present
+ tags:
+ - packages
+ when: ansible_distribution_major_version|int < 22
+
+- name: install mod_wsgi
+ dnf: name=mod_wsgi state=present
+ tags:
+ - packages
+ when: ansible_distribution_major_version|int > 21
+
+- name: wsgi.conf
+ copy: src="wsgi.conf" dest=/etc/httpd/conf.d/wsgi.conf
+ notify:
+ - restart apache
+ tags:
+ - config
+
+
diff --git a/tasks/mod_wsgi.yml b/tasks/mod_wsgi.yml
deleted file mode 100644
index c4d9deb..0000000
--- a/tasks/mod_wsgi.yml
+++ /dev/null
@@ -1,22 +0,0 @@
----
-# install mod_wsgi
-- name: install mod_wsgi
- yum: name=mod_wsgi state=present
- tags:
- - packages
- when: ansible_distribution_major_version|int < 22
-
-- name: install mod_wsgi
- dnf: name=mod_wsgi state=present
- tags:
- - packages
- when: ansible_distribution_major_version|int > 21
-
-- name: wsgi.conf
- copy: src="{{ files }}/mod_wsgi/wsgi.conf" dest=/etc/httpd/conf.d/wsgi.conf
- notify:
- - restart apache
- tags:
- - config
-
-
--
1.8.3.1
7 years, 8 months
[PATCH 1/3] Whitespace cleanup, make ansible-lint happy
by Michael Scherer
---
roles/dnf-automatic/tasks/main.yml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/roles/dnf-automatic/tasks/main.yml b/roles/dnf-automatic/tasks/main.yml
index 80b8046..2a41f19 100644
--- a/roles/dnf-automatic/tasks/main.yml
+++ b/roles/dnf-automatic/tasks/main.yml
@@ -1,9 +1,9 @@
---
#
-# This role adds dnf automatic package and configuration.
-# We want this on any public facing Fedora installs so we
-# can pick up security updates.
+# This role adds dnf automatic package and configuration.
+# We want this on any public facing Fedora installs so we
+# can pick up security updates.
#
- name: install dnf-automatic
--
1.8.3.1
7 years, 8 months
[PATCH] Simplify the task to install cronjob
by Michael Scherer
Giving directly the file to deploy and doing magic with the variable
permit to have a clearer idea of what is deployed when reading the
task for the first time
---
roles/mdapi/tasks/main.yml | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/roles/mdapi/tasks/main.yml b/roles/mdapi/tasks/main.yml
index d884654..ac4dacd 100644
--- a/roles/mdapi/tasks/main.yml
+++ b/roles/mdapi/tasks/main.yml
@@ -19,11 +19,12 @@
- name: Install the meta-data fetch cron job
when: inventory_hostname.startswith(('mdapi01'))
- template: src={{ item.file }}
- dest={{ item.location }}/{{ item.file }}
+ template:
+ src: "{{ item | basename }}"
+ dest: "{{ item }}"
with_items:
- - { file: 'mdapi.cron', location: /etc/cron.d }
- - { file: 'mdapi.cfg', location: /etc/mdapi }
+ - /etc/cron.d/mdapi.cron
+ - /etc/mdapi/mdapi.cfg
tags:
- mdapi
- config
--
1.8.3.1
7 years, 8 months
[PATCH 1/3] Whitespace cleanup, make ansible-lint happy
by Michael Scherer
---
roles/dnf-automatic/tasks/main.yml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/roles/dnf-automatic/tasks/main.yml b/roles/dnf-automatic/tasks/main.yml
index 80b8046..2a41f19 100644
--- a/roles/dnf-automatic/tasks/main.yml
+++ b/roles/dnf-automatic/tasks/main.yml
@@ -1,9 +1,9 @@
---
#
-# This role adds dnf automatic package and configuration.
-# We want this on any public facing Fedora installs so we
-# can pick up security updates.
+# This role adds dnf automatic package and configuration.
+# We want this on any public facing Fedora installs so we
+# can pick up security updates.
#
- name: install dnf-automatic
--
1.8.3.1
7 years, 8 months