You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
52 lines
1.2 KiB
52 lines
1.2 KiB
11 months ago
|
---
|
||
|
|
- name: Install koji-web and dependencies
|
||
|
|
ansible.builtin.dnf:
|
||
|
|
name:
|
||
|
|
- koji-web
|
||
|
|
- mod_ssl
|
||
|
|
state: installed
|
||
|
|
|
||
|
|
# TODO: add FreeIPA support
|
||
|
|
- name: Generate koji-web HTTP principal keytab
|
||
|
|
ansible.builtin.include_role:
|
||
|
|
name: msvsphere.ci.kerberos_principal
|
||
|
|
vars:
|
||
|
|
kerberos_principal_name: "{{ koji_web_principal }}"
|
||
|
|
kerberos_principal_keytab_path: "{{ koji_web_keytab }}"
|
||
|
|
|
||
|
|
- name: Grant httpd read access to koji-web keytab
|
||
|
|
ansible.builtin.file:
|
||
|
|
path: "{{ koji_web_keytab }}"
|
||
|
|
owner: root
|
||
|
|
group: apache
|
||
|
|
mode: 0o640
|
||
|
|
setype: httpd_config_t
|
||
|
|
notify:
|
||
|
|
- restart httpd
|
||
|
|
|
||
|
|
- name: Configure koji-web httpd
|
||
|
|
ansible.builtin.template:
|
||
|
|
src: etc/httpd/conf.d/kojiweb.conf.j2
|
||
|
|
dest: /etc/httpd/conf.d/kojiweb.conf
|
||
|
|
owner: root
|
||
|
|
group: root
|
||
|
|
mode: 0o644
|
||
|
|
notify:
|
||
|
|
- restart httpd
|
||
|
|
|
||
|
|
- name: Configure koji-web
|
||
|
|
ansible.builtin.template:
|
||
|
|
src: etc/kojiweb/web.conf.j2
|
||
|
|
dest: /etc/kojiweb/web.conf
|
||
|
|
owner: root
|
||
|
|
group: apache
|
||
|
|
mode: 0o640
|
||
|
|
notify:
|
||
|
|
- restart httpd
|
||
|
|
|
||
|
|
- name: Enable httpd network connections in SELinux
|
||
|
|
ansible.posix.seboolean:
|
||
|
|
name: httpd_can_network_connect
|
||
|
|
state: true
|
||
|
|
persistent: true
|