openstack
/
openstack-ansible-repo_server
Code Issues Proposed changes

Remove all code for lsync, rsync and ssh 

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/842571
Change-Id: I4f32c03179a1d8814548a92fc714a5fd9dd3f433
This commit is contained in:
Jonathan Rosser 2022-04-12 16:24:22 +01:00 committed by Dmitriy Rabotyagov
parent 1f39aa0239
commit 03b55edaae
14 changed files with 3 additions and 889 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
defaults/main.yml
View File

@ -23,10 +23,6 @@ repo_nginx_threads: "{{ [[ansible_facts['processor_vcpus']|default(2) // 2, 1] |
## APT Cache Options
cache_timeout: 600
## Centos EPEL repository options
repo_centos_epel_mirror: "{{ centos_epel_mirror | default('http://download.fedoraproject.org/pub/epel') }}"
repo_centos_epel_key: "{{ centos_epel_key | default('http://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-' ~ ansible_facts['distribution_major_version']) }}"
## Centos NGINX repository options
repo_centos_nginx_mirror: "{{ centos_nginx_mirror | default('http://nginx.org/packages/centos/$releasever/$basearch') }}"
repo_centos_nginx_key: "{{ centos_nginx_key | default('http://nginx.org/keys/nginx_signing.key') }}"
@ -56,43 +52,6 @@ repo_build_global_links_dirname: links
# directory placed by the deployer will also be transferred
repo_upper_constraints_path: "/etc/openstack_deploy/upper-constraints"
# Delegated host for operating the ssh certificate authority
repo_ssh_keypairs_setup_host: "{{ openstack_ssh_keypairs_setup_host | default('localhost') }}"
# directory on the setup host to create and store SSH keypairs
repo_ssh_keypairs_dir: "{{ openstack_ssh_keypairs_dir | default('/etc/openstack_deploy/ssh_keypairs') }}"
#Each repo host needs a signed ssh certificate to log into the others
repo_ssh_keypairs:
- name: "repo-{{ inventory_hostname }}"
cert:
signed_by: "{{ openstack_ssh_signing_key }}"
principals: "{{ repo_ssh_key_principals | default('repo') }}"
valid_from: "{{ repo_ssh_key_valid_from | default('always') }}"
valid_to: "{{ repo_ssh_key_valid_to | default('forever') }}"
#Each repo host needs the signed ssh certificate installing to the repo_server user
repo_ssh_keypairs_install_keys:
owner: "{{ repo_service_user_name }}"
group: "{{ repo_service_group_name }}"
keys:
- cert: "repo-{{ inventory_hostname }}"
dest: "{{ repo_service_home_folder }}/.ssh/id_rsa"
#Each repo host must trust the SSHD certificate authoritiy in the sshd configuration
repo_ssh_keypairs_install_ca: "{{ openstack_ssh_keypairs_authorities }}"
#Each repo host must allow SSH certificates with the appropriate principal to log into the repo_server user
repo_ssh_keypairs_principals:
- user: "{{ repo_service_user_name }}"
principals: "{{ repo_ssh_key_principals | default(['repo']) }}"
# Temporary variable which allows the lsyncd/rsync installation to be disabled outside this
# role when transtioning to using a shared filesystem to sync contents between repo_servers.
# The default is to enable the sync manager to give backward compatibility and allow code to
# merge.
repo_server_enable_sync_manager: True
# Multiple repo servers must have a shared /var/www/repo
repo_server_systemd_mounts: []

24
handlers/main.yml
View File

@ -23,27 +23,3 @@
until: _restart is success
retries: 5
delay: 2
- name: reload rsyncd
service:
name: "{{ rsyncd_service_name }}"
enabled: yes
state: restarted
daemon_reload: "{{ (ansible_facts['service_mgr'] == 'systemd') | ternary('yes', omit) }}"
register: _restart
until: _restart is success
retries: 5
delay: 2
- name: reload lsyncd
service:
name: "lsyncd"
enabled: yes
state: restarted
daemon_reload: "{{ (ansible_facts['service_mgr'] == 'systemd') | ternary('yes', omit) }}"
register: _restart
until: _restart is success
retries: 5
delay: 2
delegate_to: "{{ groups['repo_all'][0] }}"
run_once: true

25
tasks/main.yml
View File

@ -41,37 +41,12 @@
tags:
- repo_server-config
- name: Create ssh keys for synchronising repo contents
include_role:
name: openstack.osa.ssh_keypairs
args:
apply:
tags:
- repo-key
- repo_server-config
vars:
ssh_keypairs_setup_hosst: "{{ repo_ssh_keypairs_setup_host }}"
ssh_keypairs_dir: "{{ repo_ssh_keypairs_dir }}"
ssh_keypairs: "{{ repo_ssh_keypairs }}"
ssh_keypairs_install_keys: "{{ repo_ssh_keypairs_install_keys }}"
ssh_keypairs_install_ca: "{{ repo_ssh_keypairs_install_ca }}"
ssh_keypairs_principals: "{{ repo_ssh_keypairs_principals }}"
tags:
- always
# TODO (jrosser) Remove this task for the Z release
- name: Remove legacy authorized keys file
file:
path: "{{ repo_service_home_folder }}/.ssh/authorized_keys"
state: absent
- include: repo_sync_manager.yml
when:
- repo_server_enable_sync_manager
- inventory_hostname == groups['repo_all'][0]
tags:
- repo_server-config
- include: repo_install_constraints.yml
when: inventory_hostname == groups['repo_all'][0]
tags: repo_server-config

43
tasks/repo_install.yml
View File

@ -13,33 +13,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Install EPEL gpg keys
rpm_key:
key: "{{ repo_centos_epel_key }}"
state: present
when:
- ansible_facts['pkg_mgr'] == 'dnf'
register: _add_yum_keys
until: _add_yum_keys is success
retries: 5
delay: 2
- name: Install the EPEL repository
yum_repository:
name: epel-repo_server
baseurl: "{{ repo_centos_epel_mirror ~ '/' ~ repo_centos_epel_base }}"
description: 'Extra Packages for Enterprise Linux'
gpgcheck: yes
enabled: yes
state: present
includepkgs: 'lsyncd'
when:
- ansible_facts['pkg_mgr'] == 'dnf'
register: install_epel_repo
until: install_epel_repo is success
retries: 5
delay: 2
- name: Add NGINX repository
yum_repository:
name: nginx
@ -62,18 +35,4 @@
register: install_packages
until: install_packages is success
retries: 5
delay: 5
# This is so that the master repo server can perform pre and post rsync tasks
# which may include stopping nginx on the slaves while data is syncing.
- name: Allow nginx user to stop/start nginx via sudo
copy:
content: "nginx ALL=NOPASSWD: {{ repo_service_home_folder }}/repo/repo_prepost_cmd.sh\n"
dest: /etc/sudoers.d/nginx
- name: Drop rsyncd configuration file(s)
copy:
src: "rsync.defaults"
dest: "/etc/default/rsync"
notify:
- reload rsyncd
delay: 5

17
tasks/repo_post_install.yml
View File

@ -19,14 +19,6 @@
name: pack.threads
value: '0'
- name: Enable SSHD
systemd:
name: "{{ repo_server_sshd }}"
state: started
enabled: yes
masked: no
daemon_reload: yes
- name: Remove default nginx file
file:
path: "{{ item.path }}"
@ -47,15 +39,6 @@
dest: "/etc/nginx/sites-available/openstack-slushee.vhost"
notify:
- reload nginx
- reload lsyncd
- name: Drop rsyncd configuration file
template:
src: "rsyncd.conf.j2"
dest: "/etc/rsyncd.conf"
notify:
- reload rsyncd
- name: Enable openstack-slushee site
file:

19
tasks/repo_pre_install.yml
View File

@ -117,23 +117,6 @@
- path: "/var/log/nginx"
mode: "0775"
- name: Sync file for master repo node
file:
path: "{{ repo_service_home_folder }}/repo/repo_sync_complete"
state: "touch"
owner: "{{ repo_service_user_name }}"
group: "{{ repo_service_group_name }}"
when: inventory_hostname == groups['repo_all'][0]
changed_when: False
- name: Drop repo pre/post command script
template:
src: repo_prepost_cmd.sh.j2
dest: "{{ repo_service_home_folder }}/repo/repo_prepost_cmd.sh"
mode: "0750"
owner: "root"
group: "root"
- name: File and directory setup (root user)
file:
path: "{{ item.path }}"
@ -142,8 +125,6 @@
group: "root"
mode: "0755"
with_items:
- path: "/etc/lsyncd"
- path: "/var/log/lsyncd"
- path: "/etc/nginx/conf.d"
- path: "/etc/nginx/sites-available"
- path: "/etc/nginx/sites-enabled"

30
tasks/repo_sync_manager.yml
View File

@ -1,30 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Deploy lsyncd configuration file
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- { src: "lsyncd.lua.j2", dest: "{{ repo_lsyncd_config_file }}", condition: true }
- { src: "lsyncd.defaults.j2", dest: "{{ repo_lsyncd_defaults_file }}", condition: "{{ ansible_facts['pkg_mgr'] == 'dnf' }}" }
notify:
- reload lsyncd
when:
- groups['repo_all'] | length > 1
- item.condition | bool
tags:
- repo-lsyncd
- repo-config

1
templates/lsyncd.defaults.j2
View File

@ -1 +0,0 @@
LSYNCD_OPTIONS="{{ repo_lsyncd_config_file }}"

632
templates/lsyncd.lua.j2
View File

@ -1,632 +0,0 @@
--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-- default-rsync.lua
--
-- Syncs with rsync ("classic" Lsyncd)
-- A (Layer 1) configuration.
--
-- Note:
-- this is infact just a configuration using Layer 1 configuration
-- like any other. It only gets compiled into the binary by default.
-- You can simply use a modified one, by copying everything into a
-- config file of yours and name it differently.
--
-- License: GPLv2 (see COPYING) or any later version
-- Authors: Axel Kittenberger <axkibe@gmail.com>
-- Pre/Post Command additions: Hugh Saunders <hugh@wherenow.org>
--
--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-- needed for executing pre/post tasks. Can't use the lsync spawn method as
-- that requires an event, and an event isn't available for the initial
-- recursive sync.
require ('os')
if not default then error( 'default not loaded' ) end
local rsync = { }
default.rsync = rsync
-- uses default collect
--
-- used to ensure there aren't typos in the keys
--
rsync.checkgauge = {
-- unsets default user action handlers
onCreate = false,
onModify = false,
onDelete = false,
onStartup = false,
onMove = false,
delete = true,
exclude = true,
excludeFrom = true,
target = true,
rsync = {
acls = true,
archive = true,
binary = true,
bwlimit = true,
checksum = true,
compress = true,
copy_links = true,
cvs_exclude = true,
dry_run = true,
executability = true,
group = true,
hard_links = true,
ignore_times = true,
inplace = true,
ipv4 = true,
ipv6 = true,
keep_dirlinks = true,
links = true,
one_file_system = true,
owner = true,
password_file = true,
perms = true,
protect_args = true,
prune_empty_dirs = true,
quiet = true,
rsh = true,
rsync_path = true,
sparse = true,
temp_dir = true,
timeout = true,
times = true,
update = true,
verbose = true,
whole_file = true,
xattrs = true,
_extra = true,
precmd = true,
postcmd = true,
},
}
--
-- Execute Pre/Post Command
--
prepost = function (config, prepost)
local cmd_string = (config.rsync.rsh .. ' '
.. string.gsub(config.target, ':.*$', '')
.. ' "' .. config.rsync[prepost] .. '"' )
log('Normal', 'Executing ' .. prepost .. ': ' .. cmd_string)
os.execute(cmd_string)
end
--
-- Returns true for non Init and Blanket events.
--
local eventNotInitBlank =
function
(
event
)
return event.etype ~= 'Init' and event.etype ~= 'Blanket'
end
--
-- Spawns rsync for a list of events
--
-- Exclusions are already handled by not having
-- events for them.
--
rsync.action = function
(
inlet
)
-- gets all events ready for syncing
local elist = inlet.getEvents( eventNotInitBlank )
--
-- Replaces what rsync would consider filter rules by literals
--
local function sub
(
p -- pattern
)
if not p then return end
return p:
gsub( '%?', '\\?' ):
gsub( '%*', '\\*' ):
gsub( '%[', '\\[' ):
gsub( '%]', '\\]' )
end
--
-- Gets the list of paths for the event list
--
-- Deletes create multi match patterns
--
local paths = elist.getPaths(
function
(
etype, -- event type
path1, -- path
path2 -- path to for move events
)
if string.byte( path1, -1 ) == 47 and etype == 'Delete'
then
return sub( path1 )..'***', sub( path2 )
else
return sub( path1 ), sub( path2 )
end
end
)
-- stores all filters by integer index
local filterI = { }
-- stores all filters with path index
local filterP = { }
-- adds one path to the filter
local function addToFilter
(
path
)
if filterP[ path ] then return end
filterP[ path ] = true
table.insert( filterI, path )
end
-- adds a path to the filter.
--
-- rsync needs to have entries for all steps in the path,
-- so the file for example d1/d2/d3/f1 needs following filters:
-- 'd1/', 'd1/d2/', 'd1/d2/d3/' and 'd1/d2/d3/f1'
for _, path in ipairs( paths )
do
if path and path ~= ''
then
addToFilter( path )
local pp = string.match( path, '^(.*/)[^/]+/?' )
while pp
do
addToFilter( pp )
pp = string.match( pp, '^(.*/)[^/]+/?' )
end
end
end
local filterS = table.concat( filterI, '\n' )
local filter0 = table.concat( filterI, '\000' )
log(
'Normal',
'Calling rsync with filter-list of new/modified files/dirs\n',
filterS
)
local config = inlet.getConfig( )
local delete = nil
if config.delete == true or config.delete == 'running'
then
delete = { '--delete', '--ignore-errors' }
end
prepost(config, 'precmd')
spawn(
elist,
config.rsync.binary,
'<', filter0,
config.rsync._computed,
'-r',
delete,
'--force',
'--from0',
'--include-from=-',
'--exclude=*',
config.source,
config.target
)
end
--
-- Spawns the recursive startup sync.
--
rsync.init = function
(
event
)
local config = event.config
local inlet = event.inlet
local excludes = inlet.getExcludes( )
local delete = nil
local target = config.target
if not target
then
if not config.host
then
error('Internal fail, Neither target nor host is configured')
end
target = config.host .. ':' .. config.targetdir
end
if config.delete == true
or config.delete == 'startup'
then
delete = { '--delete', '--ignore-errors' }
end
prepost(config, 'precmd')
if #excludes == 0
then
-- starts rsync without any excludes
log(
'Normal',
'recursive startup rsync: ',
config.source,
' -> ',
target
)
spawn(
event,
config.rsync.binary,
delete,
config.rsync._computed,
'-r',
config.source,
target
)
else
-- starts rsync providing an exclusion list
-- on stdin
local exS = table.concat( excludes, '\n' )
log(
'Normal',
'recursive startup rsync: ',
config.source,
' -> ',
target,
' excluding\n',
exS
)
spawn(
event,
config.rsync.binary,
'<', exS,
'--exclude-from=-',
delete,
config.rsync._computed,
'-r',
config.source,
target
)
end
end
--
-- Prepares and checks a syncs configuration on startup.
--
rsync.prepare = function
(
config, -- the configuration
level, -- additional error level for inherited use ( by rsyncssh )
skipTarget -- used by rsyncssh, do not check for target
)
-- First let default.prepare test the checkgauge
default.prepare( config, level + 6 )
if not skipTarget and not config.target
then
error(
'default.rsync needs "target" configured',
level
)
end
if config.rsyncOps
then
error(
'"rsyncOps" is outdated please use the new rsync = { ... } syntax.',
level
)
end
if config.rsyncOpts and config.rsync._extra
then
error(
'"rsyncOpts" is outdated in favor of the new rsync = { ... } syntax\n"' +
'for which you provided the _extra attribute as well.\n"' +
'Please remove rsyncOpts from your config.',
level
)
end
if config.rsyncOpts
then
log(
'Warn',
'"rsyncOpts" is outdated. Please use the new rsync = { ... } syntax."'
)
config.rsync._extra = config.rsyncOpts
config.rsyncOpts = nil
end
if config.rsyncBinary and config.rsync.binary
then
error(
'"rsyncBinary is outdated in favor of the new rsync = { ... } syntax\n"'+
'for which you provided the binary attribute as well.\n"' +
"Please remove rsyncBinary from your config.'",
level
)
end
if config.rsyncBinary
then
log(
'Warn',
'"rsyncBinary" is outdated. Please use the new rsync = { ... } syntax."'
)
config.rsync.binary = config.rsyncBinary
config.rsyncOpts = nil
end
-- checks if the _computed argument exists already
if config.rsync._computed
then
error(
'please do not use the internal rsync._computed parameter',
level
)
end
-- computes the rsync arguments into one list
local crsync = config.rsync;
-- everything implied by archive = true
local archiveFlags = {
recursive = true,
links = true,
perms = true,
times = true,
group = true,
owner = true,
devices = true,
specials = true,
hard_links = false,
acls = false,
xattrs = false,
}
-- if archive is given the implications are filled in
if crsync.archive
then
for k, v in pairs( archiveFlags )
do
if crsync[ k ] == nil
then
crsync[ k ] = v
end
end
end
crsync._computed = { true }
local computed = crsync._computed
local computedN = 2
local shortFlags = {
acls = 'A',
checksum = 'c',
compress = 'z',
copy_links = 'L',
cvs_exclude = 'C',
dry_run = 'n',
executability = 'E',
group = 'g',
hard_links = 'H',
ignore_times = 'I',
ipv4 = '4',
ipv6 = '6',
keep_dirlinks = 'K',
links = 'l',
one_file_system = 'x',
owner = 'o',
perms = 'p',
protect_args = 's',
prune_empty_dirs = 'm',
quiet = 'q',
sparse = 'S',
times = 't',
update = 'u',
verbose = 'v',
whole_file = 'W',
xattrs = 'X',
}
local shorts = { '-' }
local shortsN = 2
if crsync._extra
then
for k, v in ipairs( crsync._extra )
do
computed[ computedN ] = v
computedN = computedN + 1
end
end
for k, flag in pairs( shortFlags )
do
if crsync[ k ]
then
shorts[ shortsN ] = flag
shortsN = shortsN + 1
end
end
if crsync.devices and crsync.specials
then
shorts[ shortsN ] = 'D'
shortsN = shortsN + 1
else
if crsync.devices
then
computed[ computedN ] = '--devices'
computedN = computedN + 1
end
if crsync.specials
then
computed[ computedN ] = '--specials'
computedN = computedN + 1
end
end
if crsync.bwlimit
then
computed[ computedN ] = '--bwlimit=' .. crsync.bwlimit
computedN = computedN + 1
end
if crsync.inplace
then
computed[ computedN ] = '--inplace'
computedN = computedN + 1
end
if crsync.password_file
then
computed[ computedN ] = '--password-file=' .. crsync.password_file
computedN = computedN + 1
end
if crsync.rsh
then
computed[ computedN ] = '--rsh=' .. crsync.rsh
computedN = computedN + 1
end
if crsync.rsync_path
then
computed[ computedN ] = '--rsync-path=' .. crsync.rsync_path
computedN = computedN + 1
end
if crsync.temp_dir
then
computed[ computedN ] = '--temp-dir=' .. crsync.temp_dir
computedN = computedN + 1
end
if crsync.timeout
then
computed[ computedN ] = '--timeout=' .. crsync.timeout
computedN = computedN + 1
end
if shortsN ~= 2
then
computed[ 1 ] = table.concat( shorts, '' )
else
computed[ 1 ] = { }
end
-- appends a / to target if not present
if not skipTarget
and string.sub( config.target, -1 ) ~= '/'
then
config.target = config.target..'/'
end
end
---
--- Collect events and run postcmd after successful rsync
---
rsync.collect = function(agent, exitcode)
log('Normal', 'Collecting event, exitcode: ', exitcode)
local rc = default.collect(agent, exitcode)
if rc ~= 'again'
then
prepost(agent.config, 'postcmd')
end
return rc
end
--
-- By default do deletes.
--
rsync.delete = true
--
-- Rsyncd exitcodes
--
rsync.exitcodes = default.rsyncExitCodes
--
-- Calls rsync with this default options
--
rsync.rsync =
{
-- The rsync binary to be called.
binary = '/usr/bin/rsync',
links = true,
times = true,
protect_args = true
}
--
-- Default delay
--
rsync.delay = 15
settings {
logfile = "/var/log/lsyncd/lsyncd.log",
statusFile = "/var/log/lsyncd/lsyncd-status.log",
statusInterval = 20,
insist = true
}
{% for node in groups['repo_all'] %}
{% if groups['repo_all'][0] != node %}
sync {
rsync,
source = "{{ repo_service_home_folder }}/repo",
target = "{{ hostvars[node]['ansible_host'] }}:{{ repo_service_home_folder }}/repo",
exclude = {"{{ repo_build_global_links_dirname }}","/repo_sync_complete"},
rsync = {
compress = true,
acls = true,
rsh = "/usr/bin/ssh -l {{ repo_service_user_name }} -i {{ repo_service_home_folder }}/.ssh/id_rsa -o StrictHostKeyChecking=no -o ServerAliveInterval=30 -o ServerAliveCountMax=5",
precmd = "sudo {{ repo_service_home_folder }}/repo/repo_prepost_cmd.sh pre-www",
postcmd = "sudo {{ repo_service_home_folder }}/repo/repo_prepost_cmd.sh post-www"
}
}
{% endif %}
{% endfor %}

18
templates/repo_prepost_cmd.sh.j2
View File

@ -1,18 +0,0 @@
#!/bin/bash
# This script is called by lsyncd to perform 'pre' and 'post' rsync tasks.
#
CMD=$1
case $CMD in
pre-www)
rm /etc/nginx/sites-enabled/openstack-slushee.vhost
systemctl reload nginx
rm -f {{ repo_service_home_folder }}/repo/repo_sync_complete
;;
post-www)
ln -s /etc/nginx/sites-available/openstack-slushee.vhost /etc/nginx/sites-enabled/openstack-slushee.vhost
systemctl reload nginx
touch {{ repo_service_home_folder }}/repo/repo_sync_complete
;;
*)
echo "Unknown command."
esac

16
templates/rsyncd.conf.j2
View File

@ -1,16 +0,0 @@
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
max connections = 15
timeout = 600
transfer logging = true
address = {{ repo_server_bind_address }}
[openstack_mirror]
path = {{ repo_service_home_folder }}/repo
comment = OpenStack Private Cloud Mirror Server
use chroot = yes
read only = yes
uid = nobody
gid = nogroup

5
tests/test-repo-server-functional.yml
View File

@ -31,11 +31,6 @@
url: "http://localhost:8181"
status_code: 200
- name: Check lsync is running
shell: "ps auxf | grep lsync"
tags:
- skip_ansible_lint
- name: Check repo directory exists
stat:
path: /var/www/repo

9
vars/debian.yml
View File

@ -17,17 +17,10 @@ systemd_utils_prefix: "/lib/systemd"
repo_nginx_pid: /run/nginx.pid
# NOTE(jrosser) remove this once rsync cleanup tasks are no longer required
rsyncd_service_name: rsync
repo_server_distro_packages:
- git
- lsyncd
- nginx-extras
- openssh-server
- rsync
- sudo
repo_lsyncd_config_file: /etc/lsyncd/lsyncd.conf.lua
repo_lsyncd_defaults_file: /etc/default/lsyncd
repo_server_sshd: ssh

12
vars/redhat-8.yml
View File

@ -13,24 +13,14 @@
# See the License for the specific language governing permissions and
# limitations under the License.
repo_centos_epel_base: "{{ ansible_facts['distribution_major_version'] ~ '/Everything/' ~ ansible_facts['architecture'] }}"
systemd_utils_prefix: "/lib/systemd"
repo_nginx_pid: /run/nginx.pid
# NOTE(jrosser) remove this when rsyncd cleanup task are no longer required
rsyncd_service_name: rsyncd
repo_server_distro_packages:
- git
- lsyncd
- nginx
- openssh-server
- rsync
- rsync-daemon
- sudo
repo_lsyncd_config_file: /etc/lsyncd/lsyncd.conf.lua
repo_lsyncd_defaults_file: /etc/sysconfig/lsyncd
repo_server_sshd: sshd