From 70115d527ff48f743137233b69335674b14b91d0 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <lwirzenius@wikimedia.org>
Date: Tue, 23 Jul 2019 20:11:24 +0300
Subject: Add: controller role

---
 roles/controller/files/controller.service | 13 ++++++++
 roles/controller/files/token.pub          |  1 +
 roles/controller/tasks/main.yml           | 50 +++++++++++++++++++++++++++++++
 3 files changed, 64 insertions(+)
 create mode 100644 roles/controller/files/controller.service
 create mode 100644 roles/controller/files/token.pub
 create mode 100644 roles/controller/tasks/main.yml

(limited to 'roles')

diff --git a/roles/controller/files/controller.service b/roles/controller/files/controller.service
new file mode 100644
index 0000000..a0a8e5c
--- /dev/null
+++ b/roles/controller/files/controller.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=Controler
+After=network.target
+
+[Service]
+Type=simple
+User=_wmf
+Group=_wmf
+ExecStart=/srv/wmf-ci-arch/api.py controller /etc/wmf_ci_token.pub /etc/wmf_controller_token
+KillSignal=QUIT
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/controller/files/token.pub b/roles/controller/files/token.pub
new file mode 100644
index 0000000..7d2603b
--- /dev/null
+++ b/roles/controller/files/token.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCesmXDo5ZG0/IbwTknMad4mOurX05PSW5cy9fk/KOO/2JbIicV1L5SS5NCXrwyrItXxaeXsYVugKO5z11Ont3Y3AG76NeyJHxqDLs1JjVWlLd9/KSaCI7jdCzC/bV3OOGjhMp4ZRmf6zrQrIZ9nCs2HTZ+3lIq2I03BLL+6KqY929wb7YlmNTsaW/RaKE4l0X5YzyxJfR8CN2exlXKMPCvOjQQtWvLGi68QZVbnkwpEfQbw2DeQJAeOo0QcrxLiA34hsf95SaeRTKY69Cv0wLmnjHQixIMaBvmW7CcKEvQ3D5oOG9XFcY3wbKJ8LyM7aq+FWXfswSAQpaTE8w3uMzdg0hypo+pqsiieftvBSY5IgoETtPaJGey8BIAYhCjP+Rwd6kX2vOiJHSdrf/5uK0OUlqZrSDoQnnUIZZpx63/VBVaQ4pAoqGvVhQr9svN9NojfJJ1zCUWicHOCXUEUxzQ2DFpraidxNnrjapEjTijM/GVbc28rVfZwuX9tdwrWM2UHOjeISiSJCs07P5hyfbWTh9vCbO3ffhQWhYA711budh7ZqxC3C4MaraTOMsp11LHu4eLxUvuw0OcLawX6bWy8SnXv/BdGKE6lO1hI3RZ+inVaRKIy8WagvmSvip3eK88dEHEgIoOsbmnDEytUpoDhoNpAH08lx1MIaYxtTm07w==
\ No newline at end of file
diff --git a/roles/controller/tasks/main.yml b/roles/controller/tasks/main.yml
new file mode 100644
index 0000000..e6ec7f1
--- /dev/null
+++ b/roles/controller/tasks/main.yml
@@ -0,0 +1,50 @@
+- name: "install controller dependencies and useful tools"
+  apt:
+    name:
+      - screen
+      - git
+      - haproxy
+      - psmisc
+      - python3
+      - python3-bottle
+      - python3-jwt
+      - python3-crypto
+    state: present
+
+- name: "install controller source"
+  git:
+    repo: git://git.liw.fi/wmf-ci-arch
+    dest: /srv/wmf-ci-arch
+
+- name: "create user for controller"
+  user:
+    name: _wmf
+    comment: "WMF CI"
+
+- name: "install key for checking incoming access tokens"
+  copy:
+    src: token.pub
+    dest: /etc/wmf_ci_token.pub
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: "install API access token for controller"
+  copy:
+    content: "{{ controller_token }}"
+    dest: /etc/wmf_controller_token
+    owner: _wmf
+    group: _wmf
+    mode: '0600'
+
+- name: "install controller.service"
+  copy:
+    src: controller.service
+    dest: /lib/systemd/system/controller.service
+
+- name: "enable and (re)start controller"
+  systemd:
+    name: controller.service
+    daemon_reload: yes
+    enabled: yes
+    state: restarted
-- 
cgit v1.2.1