blob: 3b1bab8f298a0cfadf54165cd783688ea8b9e82c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
- hosts: single
remote_user: root
become: yes
roles:
- sane_debian_system
- comfortable
- unix_users
- letsencrypt
- haproxy
- qvisqve
- ick-controller
- ick-worker
- ick-artifact-store
- ick-notifier
- apt_repository
vars:
hostname: ick
debian_codename: stretch
ci_prefix: ""
letsencrypt: no
letsencrypt_email: liw@liw.fi
letsencrypt_domain: "{{ qvisqve_domain }}"
tls_certificate: "{{ lookup('pipe', 'pass show ick2/ick.pem') }}"
verify_tls: no
token_private_key: "{{ lookup('pipe', 'pass show ick2/token_key') }}"
token_public_key: "{{ lookup('pipe', 'pass show ick2/token_key.pub') }}"
qvisqve_domain: 127.0.0.1
qvisqve_port: 10000
qvisqve_url: "https://{{ qvisqve_domain }}"
controller_domain: 127.0.0.1
controller_port: 12765
controller_url: "https://{{ controller_domain }}"
artifact_store_domain: 127.0.0.1
artifact_store_port: 12766
artifact_store_url: "https://{{ artifact_store_domain }}"
apt_domain: 127.0.0.1
notify_domain: 127.0.0.1
notify_url: "https://{{ notify_domain }}/notify"
notify_port: 12767
smtp_server: pieni.net
smtp_port: 587
smtp_user: pienirelay
smtp_password: "{{ lookup('pipe', 'pass show pieni.net/pienirelay') }}"
unix_users:
- username: _ickwm
sudo: yes
ssh_key: "{{ wm_ssh_key }}"
ssh_key_pub: "{{ wm_ssh_key_pub }}"
apt_uploader_ssh_public_keys:
- "{{ wm_ssh_key_pub }}"
apt_signing_key: "{{ lookup('pipe', 'pass show ick2/apt_key') }}"
apt_signing_key_pub: "{{ lookup('pipe', 'pass show ick2/apt_key.pub') }}"
apt_signing_key_fingerprint: |
{{ lookup('pipe', 'pass show ick2/apt_key.pub | gpg --with-colons | grep "^fpr:" | cut -d: -f10') }}
apt_admin_email: liw@liw.fi
apt_distributions:
- codename: stretch
description: Release packages for stretch
- codename: stretch-ci
description: CI builds for stretch
- codename: unstable
description: Release packages for unstable
- codename: unstable-ci
description: CI builds for unstable
- codename: liw-ci
description: CI builds for unstable from liw
sources_lists:
- repo: "deb http://code.liw.fi/debian stretch main"
keyring_package: code.liw.fi-keyring
signing_key: "{{ code_liw_fi_signing_key }}"
- repo: "deb http://ci-prod-apt.vm.liw.fi/debian liw-ci main"
signing_key: "{{ ci_prod_apt_signing_key }}"
|