| 1 | --- |
| 2 | - name: Install lava-server |
| 3 | apt: |
| 4 | name: |
| 5 | - lava-server |
| 6 | - libvirt-clients |
| 7 | - name: Enable apache modules |
| 8 | shell: |
| 9 | cmd: a2enmod "{{ item }}" |
| 10 | creates: "/etc/apache2/mods-enabled/{{item}}.load" |
| 11 | loop: |
| 12 | - proxy |
| 13 | - proxy_http |
| 14 | - ssl |
| 15 | notify: |
| 16 | - Restart apache |
| 17 | - name: Disable default apache2 site |
| 18 | ansible.builtin.file: |
| 19 | path: /etc/apache2/sites-enable/000-default.conf |
| 20 | state: absent |
| 21 | notify: |
| 22 | - Reload apache |
| 23 | - name: Enable lava-server site |
| 24 | shell: |
| 25 | cmd: a2ensite lava-server.conf |
| 26 | creates: /etc/apache2/sites-enabled/lava-server.conf |
| 27 | notify: |
| 28 | - Reload apache |
| 29 | - name: Deploy internal certificate |
| 30 | import_role: |
| 31 | name: common |
| 32 | tasks_from: certs |
| 33 | notify: |
| 34 | - Reload apache |
| 35 | - name: Create TLS vhost |
| 36 | copy: |
| 37 | src: vhost-tls.conf |
| 38 | dest: /etc/apache2/sites-enabled/lava-server-tls.conf |
| 39 | notify: |
| 40 | - Reload apache |
| 41 | - name: Configure lava-server allowed hosts |
| 42 | ansible.builtin.template: |
| 43 | src: allowed_hosts.yaml.j2 |
| 44 | dest: /etc/lava-server/settings.d/00-hosts.yaml |
| 45 | owner: lavaserver |
| 46 | group: lavaserver |
| 47 | mode: '0640' |
| 48 | notify: |
| 49 | - Restart lava-server-gunicorn |
| 50 | - name: Configure lava-server LDAP integration |
| 51 | ansible.builtin.template: |
| 52 | src: ldap.yaml.j2 |
| 53 | dest: /etc/lava-server/settings.d/01-ldap.yaml |
| 54 | owner: lavaserver |
| 55 | group: lavaserver |
| 56 | mode: '0640' |
| 57 | notify: |
| 58 | - Restart lava-server-gunicorn |
| 59 | - name: Add lava devices |
| 60 | include_tasks: enable_device.yml |
| 61 | loop: |
| 62 | - qemu |
| 63 | - x86 |
| 64 | - imx6q-wandboard |
| 65 | - cubietruck |
| 66 | - name: Clone lttng-ci repo |
| 67 | become: yes |
| 68 | become_user: lavaserver |
| 69 | git: |
| 70 | dest: /var/lib/lava-server/home/lttng-ci |
| 71 | repo: https://github.com/lttng/lttng-ci |
| 72 | register: clone_result |
| 73 | - name: List devices in lttng-ci repo |
| 74 | when: clone_result.before != clone_result.after |
| 75 | find: |
| 76 | paths: |
| 77 | - /var/lib/lava-server/home/lttng-ci/lava/devices/ |
| 78 | register: found_lava_devices |
| 79 | - name: Create device links |
| 80 | when: clone_result.before != clone_result.after |
| 81 | ansible.builtin.file: |
| 82 | src: "{{item}}" |
| 83 | path: "/etc/lava-server/dispatcher-config/devices/{{item | basename }}" |
| 84 | state: link |
| 85 | loop: "{{found_lava_devices['files'] | map(attribute='path')}}" |
| 86 | - name: Configure PDU Daemon |
| 87 | import_tasks: pdudaemon.yml |
| 88 | - name: Generate root SSH keypair |
| 89 | # The public key can be installed on qemu hosts |
| 90 | # lava-worker runs as root, not as lavaserver. |
| 91 | community.crypto.openssh_keypair: |
| 92 | path: /root/.ssh/id_ed25519 |
| 93 | type: ed25519 |