basic grokmirror setup

This gets grokmirror stuff in place. The slave can be fully deployed from scratch. The master requires 2 steps. The first is deploying this the 2nd is then updating the gitolite-admin repo to have the POST_GIT hook we've defined in this playbook Change-Id: I0cd27eabb706f70c425648f7ecc90797dd7bbd31
author: Andy Doan <andy.doan@linaro.org> 2015-01-13 14:03:56 -0600
committer: Linaro Code Review <review@review.linaro.org> 2015-01-20 17:45:47 +0000
commit: 1e8f71cc1e974678a5d288e11be283cae05ac495 (patch)
tree: 505f8356e5a9d0089e5b6d18ef52f43c9dd51902
parent: 7a570983db72a4a7f0f00a5109242e4a9c954566 (diff)
16 files changed, 254 insertions, 13 deletions
diff --git a/per-service/git-servers/files/git.linaro.org.conf b/per-service/git-servers/files/git.linaro.org.conf
index 85d28031..399d1f72 100644
--- a/per-service/git-servers/files/git.linaro.org.conf
+++ b/per-service/git-servers/files/git.linaro.org.conf
@@ -7,6 +7,7 @@ SuexecUserGroup {{ git_user }} {{ git_user }}
 
 <VirtualHost *:80>
     ServerName {{ git_host }}
+    ServerAlias {{ inventory_hostname }}
     ServerAdmin webmaster@linaro.org
 
     CustomLog ${APACHE_LOG_DIR}/{{ git_host }}-access.log combined
diff --git a/per-service/git-servers/git-main.yml b/per-service/git-servers/git-main.yml
index 6914e276..8ec9e7d5 100644
--- a/per-service/git-servers/git-main.yml
+++ b/per-service/git-servers/git-main.yml
@@ -18,11 +18,12 @@
     - apache-conf
     - apache-website
     - {role: apache-site, src: "{{git_host}}.conf", config: "{{git_host}}", tags: [apache, website-conf] }
-    - url-rewrite
-    - cronjobs
+    - {role: url-rewrite, when: hosttype != 'git-slave'}
+    - {role: cronjobs, when: hosttype != 'git-slave'}
     - gitweb
     - upstart-git-daemon
-    - mirroring
+    - {role: mirroring, when: hosttype != 'git-slave'}
+    - {role: grokmirror, when: grokmirror_support}
 
 - hosts:
     - review-public
diff --git a/per-service/git-servers/group_vars/all b/per-service/git-servers/group_vars/all
index 161654d0..20ec3f05 100644
--- a/per-service/git-servers/group_vars/all
+++ b/per-service/git-servers/group_vars/all
@@ -7,6 +7,8 @@ mailto_address: linaro-infrastructure-errors@lists.linaro.org
 # If the server is public or private
 server_access: public
 
+grokmirror_support: false
+
 gerrit_managed: no
 gerrit_download_link: https://gerrit-releases.storage.googleapis.com/gerrit-2.8.6.1.war
 gerrit_root: /srv/gerrit
diff --git a/per-service/git-servers/roles/apache-conf/tasks/main.yml b/per-service/git-servers/roles/apache-conf/tasks/main.yml
index 767c35ae..bcaf0d4c 100644
--- a/per-service/git-servers/roles/apache-conf/tasks/main.yml
+++ b/per-service/git-servers/roles/apache-conf/tasks/main.yml
@@ -21,7 +21,7 @@
   with_items:
     - suexec
   notify: restart-apache
-  when: hosttype == "git-main"
+  when: hosttype in ["git-main", "git-slave"]
   tags:
     - install
     - apache-conf
diff --git a/per-service/git-servers/roles/apache-website/tasks/apache-website-git.yml b/per-service/git-servers/roles/apache-website/tasks/apache-website-git.yml
index fc061d7e..0abe66bd 100644
--- a/per-service/git-servers/roles/apache-website/tasks/apache-website-git.yml
+++ b/per-service/git-servers/roles/apache-website/tasks/apache-website-git.yml
@@ -7,7 +7,7 @@
         owner={{ git_user }}
         mode=0755
         path={{ apache_root }}/{{ git_host }}
-  when: hosttype == "git-main" or hosttype == "git-review"
+  when: hosttype in ["git-main", "git-review", "git-slave"]
   tags:
     - install
 
@@ -17,7 +17,7 @@
             owner={{ git_user }}
             group={{ git_user }}
             mode=0550
-  when: hosttype == "git-main" and server_access == "public"
+  when: hosttype in ["git-main", "git-slave"] and server_access == "public"
   tags:
     - install
 
@@ -27,6 +27,6 @@
             owner={{ git_user }}
             group={{ git_user }}
             mode=0550
-  when: hosttype == "git-main"
+  when: hosttype in ["git-main", "git-slave"]
   tags:
     - install
diff --git a/per-service/git-servers/roles/gitolite/tasks/gitolite-rc.yml b/per-service/git-servers/roles/gitolite/tasks/gitolite-rc.yml
index 45866001..d157533a 100644
--- a/per-service/git-servers/roles/gitolite/tasks/gitolite-rc.yml
+++ b/per-service/git-servers/roles/gitolite/tasks/gitolite-rc.yml
@@ -1,5 +1,4 @@
 # Manage gitolite.rc file.
-
 - name: Set the gitolite.rc file
   template: src=gitolite.rc
             dest=/home/{{ git_user }}/.gitolite.rc
diff --git a/per-service/git-servers/roles/gitolite/templates/gitolite.rc b/per-service/git-servers/roles/gitolite/templates/gitolite.rc
index 035006c0..9b053d71 100644
--- a/per-service/git-servers/roles/gitolite/templates/gitolite.rc
+++ b/per-service/git-servers/roles/gitolite/templates/gitolite.rc
@@ -169,6 +169,12 @@
         'post-compile/ssh-authkeys',
     ],
 
+{% if grokmirror_support %}
+    POST_GIT => [
+        'post-update.grokmirror',
+    ],
+{% endif %}
+
     # Custom script that is called to get groups authorization
     # based on the user that is performing the operation.
     GROUPLIST_PGM => '/home/{{ git_user }}/gitolite-tools/gitolite-groups',
diff --git a/per-service/git-servers/roles/gitweb/tasks/main.yml b/per-service/git-servers/roles/gitweb/tasks/main.yml
index 4be85589..ac616acf 100644
--- a/per-service/git-servers/roles/gitweb/tasks/main.yml
+++ b/per-service/git-servers/roles/gitweb/tasks/main.yml
@@ -15,7 +15,7 @@
     - gitweb-conf
 
 - name: Install gitweb Linaro theme
-  when: hosttype == "git-main"
+  when: hosttype in ["git-main", "git-slave"]
   git:  repo=http://git.linaro.org/git-ro/infrastructure/gitweb-linaro-theme.git
         dest={{ tools_checkout_dir }}/gitweb-linaro-theme
   tags:
@@ -23,7 +23,7 @@
     - gitweb
 
 - name: Locally copy gitweb Linaro theme
-  when: hosttype == "git-main"
+  when: hosttype in ["git-main", "git-slave"]
   shell:  cp *.* {{ apache_root }}/{{ git_host }}
           chdir={{ tools_checkout_dir }}/gitweb-linaro-theme
   tags:
@@ -31,7 +31,7 @@
     - gitweb
 
 - name: Fix gitweb Linaro theme permission
-  when: hosttype == "git-main"
+  when: hosttype in ["git-main", "git-slave"]
   shell:  chown {{ git_user }}:{{ git_user }} *
           chdir={{ apache_root }}/{{ git_host }}
   tags:
diff --git a/per-service/git-servers/roles/grokmirror/files/grok-git-daemon-export b/per-service/git-servers/roles/grokmirror/files/grok-git-daemon-export
new file mode 100644
index 00000000..9461fe51
--- /dev/null
+++ b/per-service/git-servers/roles/grokmirror/files/grok-git-daemon-export
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+cd $1
+touch git-daemon-export-ok
diff --git a/per-service/git-servers/roles/grokmirror/tasks/main.yml b/per-service/git-servers/roles/grokmirror/tasks/main.yml
new file mode 100644
index 00000000..0fe60da0
--- /dev/null
+++ b/per-service/git-servers/roles/grokmirror/tasks/main.yml
@@ -0,0 +1,31 @@
+- name: Install dependencies for grokmirror
+  apt: name={{item}}
+  with_items:
+    - python-setuptools
+    - python-anyjson
+    - python-git
+  tags:
+    - grokmirror
+
+- name: Clone grokmirror repository
+  git:  repo=https://github.com/mricon/grokmirror.git
+        dest=/srv/grokmirror
+        update=yes
+        accept_hostkey=yes
+  tags:
+    - grokmirror
+
+- name: Install grokmirror
+  command: python ./setup.py install
+           chdir=/srv/grokmirror
+           creates=/usr/local/bin/grok-manifest
+  tags:
+    - grokmirror
+
+- name: Setup grokmirror cron job
+  template: src=grokmirror.cron.d dest=/etc/cron.d/grokmirror
+            owner=root group=root mode=0644
+  tags:
+    - grokmirror
+
+- {include: slave.yml, when: hosttype == 'git-slave'}
diff --git a/per-service/git-servers/roles/grokmirror/tasks/slave.yml b/per-service/git-servers/roles/grokmirror/tasks/slave.yml
new file mode 100644
index 00000000..b340b25f
--- /dev/null
+++ b/per-service/git-servers/roles/grokmirror/tasks/slave.yml
@@ -0,0 +1,24 @@
+- name: Install grokmirror slave configuration
+  template: src=grokmirror-repos.conf dest=/etc/
+            owner=root group=root mode=0644
+  tags:
+    - grokmirror
+
+- name: Install grokmirror slave configuration fsck
+  template: src=grokmirror-fsck.conf dest=/etc/
+            owner=root group=root mode=0644
+  tags:
+    - grokmirror
+
+- name: Install grokmirror slave script
+  copy: src=grok-git-daemon-export dest=/usr/local/bin/
+        owner=root group=root mode=0755
+  tags:
+    - grokmirror
+
+- name: Setup repository directoy
+  file: path={{repo_root}} state=directory
+        owner={{git_user}} group={{git_user}} mode=0775
+  tags:
+    - grokmirror
+
diff --git a/per-service/git-servers/roles/grokmirror/templates/grokmirror-fsck.conf b/per-service/git-servers/roles/grokmirror/templates/grokmirror-fsck.conf
new file mode 100644
index 00000000..851e78f9
--- /dev/null
+++ b/per-service/git-servers/roles/grokmirror/templates/grokmirror-fsck.conf
@@ -0,0 +1,60 @@
+# You can have multiple sections, just name them appropriately
+[master-repo]
+# Where is the manifest containing the list of repositories?
+manifest = {{repo_root}}/manifest.js.gz
+#
+# Where are the repositories kept?
+#toplevel = /var/lib/git/mirror
+toplevel = {{repo_root}}/
+#
+# Where do we put the logs?
+#log = /var/log/mirror/kernelorg-fsck.log
+log = /tmp/grokmirror-fsck.log
+#
+# Log level can be "info" or "debug"
+#loglevel = info
+loglevel = info
+#
+# Make sure there is only one instance of grok-fsck running by
+# trying to exclusive-lock this file before we do anything.
+lock = /tmp/grokmirror-fsck.lock
+#
+# Where to keep the status file
+#statusfile = /var/lib/mirror/kernelorg-fsck.js
+statusfile = {{repo_root}}/grokmirror-fsck.js
+#
+# How often should we check each repository, in days.
+# Any newly added repository will have the first check within a random
+# period of 0 and $frequency, and then every $frequency after that,
+# to assure that not all repositories are checked on the same day.
+# Don't set to less than 7 unless you only mirror a few repositories
+# (or really like to thrash your disks).
+#frequency = 30
+frequency = 30
+#
+# Not all repositories take a long time to check. This option lets you
+# allocate some time after each run to check small repositories. Grok-fsck
+# will then sort all repos not already checked during the usual run by their
+# elapsed time, and run an fsck check on each of them until the allotted time
+# for quick checks is elapsed.
+# Note that if you only have a few repos, this pretty much obsoletes
+# "frequency" if it takes less than this much time to check them all.
+#quick_checks_max_min = 5
+quick_checks_max_min = 5
+#
+# Some errors are relatively benign and can be safely ignored. Add matching
+# substrings to this field to ignore them.
+ignore_errors = dangling commit
+                dangling blob
+                notice: HEAD points to an unborn branch
+                notice: No default references
+                contains zero-padded file modes
+#
+# Enable this option to repack the repository before calling git-fsck.
+# This will allow you to save some space if you have shared repositories.
+# To check if you have shared repositories, look at your manifest.js.gz to
+# see if any repository definition has a "reference" key.
+#repack = yes
+#
+# Default repack flags are -A -d -l -q, but you can specify your own here
+#repack_flags = -A -d -l -q
diff --git a/per-service/git-servers/roles/grokmirror/templates/grokmirror-repos.conf b/per-service/git-servers/roles/grokmirror/templates/grokmirror-repos.conf
new file mode 100644
index 00000000..be87e172
--- /dev/null
+++ b/per-service/git-servers/roles/grokmirror/templates/grokmirror-repos.conf
@@ -0,0 +1,106 @@
+# You can pull from multiple grok mirrors, just create
+# a separate section for each mirror. The name can be anything.
+[master-repo]
+# The host part of the mirror you're pulling from.
+#site = git://git.kernel.org
+site = http://{{git_master}}
+#
+# Where the grok manifest is published. The following protocols
+# are supported at this time:
+# http:// or https:// using If-Modified-Since http header
+# file:// (when manifest file is on NFS, for example)
+#manifest = http://git.kernel.org/manifest.js.gz
+manifest = http://{{git_master}}/manifest.js.gz
+#
+# Where are we going to put the mirror on our disk?
+#toplevel = /var/lib/git/mirror
+toplevel = {{repo_root}}/
+#
+# Where do we store our own manifest? Usually in the toplevel.
+#mymanifest = /var/lib/git/mirror/manifest.js.gz
+mymanifest = {{repo_root}}/manifest.js.gz
+#
+# Write out projects.list that can be used by gitweb or cgit.
+# Leave blank if you don't want a projects.list.
+#projectslist = /var/lib/git/mirror/projects.list
+projectslist = /home/{{git_user}}/projects.list
+#
+# When generating projects.list, start at this subpath instead
+# of at the toplevel. Useful when mirroring kernel or when generating
+# multiple gitweb/cgit configurations for the same tree.
+#projectslist_trimtop = /pub/scm/
+#projectslist_trimtop = /pub/scm/
+#
+# The default behaviour is to use cross-repository references (if present)
+# to set git alternates between projects. This helps both significantly
+# reduce the bandwidth during cloning and dramatically reduce the mirror size
+# on disk. If for some reason you always want to create non-shared repositories,
+# set ignore_repo_references to "yes"
+# NOTE: this will NOT remove alternates for repositories already mirrored. You
+# will need to run "git repack -a" and then manually remove the
+# objects/info/alternates file for each repository.
+#ignore_repo_references = no
+#
+# When generating projects.list, also create entries for symlinks.
+# Otherwise we assume they are just legacy and keep them out of
+# web interfaces.
+#projectslist_symlinks = yes
+projectslist_symlinks = no
+#
+# A simple hook to execute whenever a repository is modified.
+# It passes the full path to the git repository modified as the only
+# argument.
+#post_update_hook = /usr/local/bin/make-git-fairies-appear
+post_update_hook = /usr/local/bin/grok-git-daemon-export
+#
+# This prevents catastrophic mirror purges when our upstream master gives us
+# a manifest that is dramatically smaller than ours. The default is to refuse
+# the purge if the remote manifest has over 10% fewer repositories than what we
+# have, or in other words, if we have 100 repos and the remote manifest has
+# shrunk to 95 repos or less, we refuse to purge, suspecting that something has
+# gone wrong. You can set purgeprotect to a higher percentage, or override
+# it entirely with --force-purge commandline flag.
+#purgeprotect = 5
+purgeprotect = 5
+#
+# If owner is not specified in the manifest, who should be listed
+# as the default owner in tools like gitweb or cgit?
+#default_owner = Grokmirror User
+default_owner = Grokmirror User
+#
+# Where do we put the logs?
+#log = /var/log/mirror/kernelorg.log
+log = /tmp/grokmirror.log
+#
+# Log level can be "info" or "debug"
+#loglevel = info
+loglevel = info
+#
+# To speed up updates, grok-pull will use multiple threads. Please be
+# considerate to the mirror you're pulling from and don't set this very
+# high. You may also run into per-ip multiple session limits, so leave this
+# number at a nice low setting.
+#pull_threads = 5
+pull_threads = 5
+#
+# Use shell-globbing to list the repositories you would like to mirror.
+# If you want to mirror everything, just say "*". Separate multiple entries
+# with newline plus tab. Examples:
+#
+# mirror everything:
+#include = *
+#
+# mirror just the main kernel sources:
+#include = /pub/scm/linux/kernel/git/torvalds/linux.git
+#          /pub/scm/linux/kernel/git/stable/linux-stable.git
+#          /pub/scm/linux/kernel/git/next/linux-next.git
+#
+# mirror just git:
+#include = /pub/scm/git/*
+include = *
+#
+# This is processed after the include. If you want to exclude some specific
+# entries from an all-inclusive globbing above. E.g., to exclude all linux-2.4
+# git sources:
+#exclude = */linux-2.4*
+exclude =
diff --git a/per-service/git-servers/roles/grokmirror/templates/grokmirror.cron.d b/per-service/git-servers/roles/grokmirror/templates/grokmirror.cron.d
new file mode 100644
index 00000000..185a998b
--- /dev/null
+++ b/per-service/git-servers/roles/grokmirror/templates/grokmirror.cron.d
@@ -0,0 +1,7 @@
+{% if hosttype == "git-slave" %}
+* * * * *	git /usr/local/bin/grok-pull -p -c /etc/grokmirror-repos.conf
+00 02 * * *	git /usr/local/bin/grok-fsck -c /etc/grokmirror-fsck.conf
+{% endif %}
+{% if hosttype == "git-main" %}
+* * * * *	git /usr/local/bin/grok-manifest -m {{apache_root}}/{{git_host}}/manifest.js.gz -t {{repo_root}}/ -p
+{% endif %}
diff --git a/per-service/git-servers/roles/install-deps/tasks/main.yml b/per-service/git-servers/roles/install-deps/tasks/main.yml
index f9f20bc0..5a685cc5 100644
--- a/per-service/git-servers/roles/install-deps/tasks/main.yml
+++ b/per-service/git-servers/roles/install-deps/tasks/main.yml
@@ -27,7 +27,7 @@
   apt: name={{ item }}
   with_items:
     - apache2-suexec-custom
-  when: hosttype == "git-main"
+  when: hosttype in ["git-main", "git-slave"]
   tags:
     - deps
     - git
diff --git a/per-service/git-servers/roles/users/tasks/main.yml b/per-service/git-servers/roles/users/tasks/main.yml
index 3f062130..2d392418 100644
--- a/per-service/git-servers/roles/users/tasks/main.yml
+++ b/per-service/git-servers/roles/users/tasks/main.yml
@@ -1,7 +1,7 @@
 ---
 - name: Make sure the host git-user is available
   user: name={{ git_user }}
-  when: hosttype == "git-main"
+  when: hosttype in ["git-main", "git-slave"]
   tags:
     - deps
     - git
author	Andy Doan <andy.doan@linaro.org>	2015-01-13 14:03:56 -0600
committer	Linaro Code Review <review@review.linaro.org>	2015-01-20 17:45:47 +0000
commit	1e8f71cc1e974678a5d288e11be283cae05ac495 (patch)
tree	505f8356e5a9d0089e5b6d18ef52f43c9dd51902
parent	7a570983db72a4a7f0f00a5109242e4a9c954566 (diff)