configpolicy/roles/koji-builder/tasks/main.yml

- name: ensure packages are installed
  package:
    name=koji-builder
    state=present
  tags:
  - install

- name: ensure kojid certificate is installed
  copy:
    src={{ item }}
    dest=/etc/kojid/kojid.pem
    mode=0400
    owner=root
    group=root
  with_fileglob:
  - certs/koji/{{ inventory_hostname }}/kojid.pem
  notify: restart kojid
- name: ensure kojid ca certificates are installed
  copy:
    src={{ item }}
    dest=/etc/kojid/{{ item|basename }}
    mode=0644
  with_fileglob:
  - certs/koji/{{ inventory_hostname }}/*.crt
- name: ensure koji hub server ca certificate is trusted
  copy:
    src={{ item }}
    dest=/etc/pki/ca-trust/source/anchors/koji-hub.crt
    mode=0644
  with_fileglob:
  - certs/koji/{{ inventory_hostname }}/serverca.crt
  notify: update ca trust
- name: ensure kojid is configured
  template:
    src=kojid.conf.j2
    dest=/etc/kojid/kojid.conf
  notify: restart kojid

- name: ensure kojid unit extension directory exists
  file:
    path=/etc/systemd/system/kojid.service.d
    mode=0755
    state=directory
- name: ensure http proxy is configured for kojid
  template:
    src=http_proxy.conf.j2
    dest=/etc/systemd/system/kojid.service.d/http_proxy.conf
    mode=0644
  notify:
  - reload systemd
  - restart kojid

- name: ensure mock is configured
  template:
    src=site-defaults.mock.cfg.j2
    dest=/etc/mock/site-defaults.cfg
    mode=0644

- name: ensure kojid starts at boot
  service:
    name=kojid
    enabled=yes
- meta: flush_handlers
- name: ensure kojid is running
  service:
    name=kojid
    state=started

- name: ensure root has an ssh key
  user:
    name=root
    generate_ssh_key=yes
    ssh_key_type=rsa
    ssh_key_bits=4096
  register: root_user
- name: display ssh public key for root
  debug:
    var=root_user.ssh_public_key