smedev/smeserver-koji
6
0
Fork 0
mirror of https://src.koozali.org/infra/smeserver-koji.git synced 2024-11-21 17:17:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

mostly adding selinux stuff

Browse Source
This commit is contained in:
Trevor Batley 2023-08-29 16:08:48 +10:00
parent 180cc1c36f
commit bcd69adf5f
4 changed files with 29 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
README.md
View File

@ -6,6 +6,7 @@ The purpose of these scripts it to enable setting up a koji environment quickly
with reasonable configurations. with reasonable configurations.
These scripts have been borrowed from Clear Linux and modified to suit the smeserver (Koozali.org) setup. These scripts have been borrowed from Clear Linux and modified to suit the smeserver (Koozali.org) setup.
Thanks to George T Kramer for doing a lot of the prework for these over at ClearLinux.
## Assumptions ## Assumptions
@ -20,11 +21,15 @@ These scripts have been borrowed from Clear Linux and modified to suit the smese
1. Copy these scripts into your ~/bin directory and make sure they are executeable 1. Copy these scripts into your ~/bin directory and make sure they are executeable
mkdir -p ~/bin mkdir -p ~/bin
cp <path where you copied the scripts> ~/bin/. curl https://src.koozali.org/smedev/smeserver-koji/raw/branch/master/koji-setup/gencert.sh > ~/bin/gencert.sh
curl https://src.koozali.org/smedev/smeserver-koji/raw/branch/master/koji-setup/globals.sh > ~/bin/globals.sh
curl https://src.koozali.org/smedev/smeserver-koji/raw/branch/master/koji-setup/parameters.sh > ~/bin/parameters.sh
curl https://src.koozali.org/smedev/smeserver-koji/raw/branch/master/koji-setup/deploy-koji.sh > ~/bin/deploy-koji.sh
curl https://src.koozali.org/smedev/smeserver-koji/raw/branch/master/koji-setup/bootstrap-build.sh > ~/bin/bootstrap-builld.sh
curl https://src.koozali.org/smedev/smeserver-koji/raw/branch/master/koji-setup/deploy-koji-nfs-server.sh > ~/bin/deploy-koji-nfs-server.sh
chmod a+x ~/bin/*.sh chmod a+x ~/bin/*.sh
1. Edit parameters.sh as needed. If running in a production environment, be 1. Edit parameters.sh as needed. If running in a production environment, be sure to supply reasonable SSL certificate field values.
sure to supply reasonable SSL certificate field values.
1. Run the required following scripts 1. Run the required following scripts
@ -43,12 +48,17 @@ If koji builder machine is not the same as koji master machine:
deploy-koji-nfs-server.sh deploy-koji-nfs-server.sh
1. Copy the koji builder certificate from the koji master machine to the koji 1. Copy the koji builder certificate from the koji master machine to the koji builder machine
builder machine
scp "$KOJI_PKI_DIR/$KOJI_SLAVE_FQDN.pem" "$KOJI_SLAVE_FQDN":"$KOJI_PKI_DIR" scp "$KOJI_PKI_DIR/$KOJI_SLAVE_FQDN.pem" "$KOJI_SLAVE_FQDN":"$KOJI_PKI_DIR"
ssh "root@$KOJI_SLAVE_FQDN" "mkdir -p ~/bin"
scp "~/bin/globals.sh" "root@$KOJI_SLAVE_FQDN":"/root/bin/."
scp "~/bin/parameters.sh" "root@$KOJI_SLAVE_FQDN":"/root/bin/."
1. On the koji builder machine, run 1. On the koji builder machine, run
curl https://src.koozali.org/smedev/smeserver-koji/raw/branch/master/koji-setup/deploy-koji-nfs-client.sh > ~/bin/deploy-koji-nfs-client.sh
curl https://src.koozali.org/smedev/smeserver-koji/raw/branch/master/koji-setup/deploy-koji-builder.sh > ~/bin/deploy-koji-builder.sh
chmod a+x ~/bin/*.sh
deploy-koji-nfs-client.sh deploy-koji-nfs-client.sh
deploy-koji-builder.sh deploy-koji-builder.sh

3
koji-setup/deploy-koji-builder.sh
View File

@ -7,8 +7,7 @@ SCRIPT_DIR="$(dirname "$(realpath "$0")")"
source "$SCRIPT_DIR"/globals.sh source "$SCRIPT_DIR"/globals.sh
source "$SCRIPT_DIR"/parameters.sh source "$SCRIPT_DIR"/parameters.sh
swupd bundle-add koji || : dnf install koji-builder
check_dependency kojid
# Create mock folders and permissions # Create mock folders and permissions
mkdir -p /etc/mock/koji mkdir -p /etc/mock/koji

12
koji-setup/deploy-koji-nfs-server.sh
View File

@ -7,12 +7,18 @@ SCRIPT_DIR="$(dirname "$(realpath "$0")")"
source "$SCRIPT_DIR"/globals.sh source "$SCRIPT_DIR"/globals.sh
source "$SCRIPT_DIR"/parameters.sh source "$SCRIPT_DIR"/parameters.sh
swupd bundle-add nfs-utils || : dnf install nfs-utils
check_dependency rpcbind
check_dependency rpc.nfsd
# Export server directory to be mounted by clients # Export server directory to be mounted by clients
echo "$KOJI_DIR $KOJI_SLAVE_FQDN(ro,no_root_squash)" >> /etc/exports echo "$KOJI_DIR $KOJI_SLAVE_FQDN(ro,no_root_squash)" >> /etc/exports
# allow nfs usage in selinux and firewall
setsebool -P httpd_use_nfs=1
firewall-cmd --permanent --add-service=nfs
firewall-cmd --permanent --add-service=mountd
firewall-cmd --permanent --add-service=rpc-bind
firewall-cmd --reload
systemctl enable --now rpcbind systemctl enable --now rpcbind
systemctl enable --now nfs-server systemctl enable --now nfs-server

8
koji-setup/parameters.sh
View File

@ -3,7 +3,7 @@
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
## KOJI RPM BUILD AND TRACKER ## KOJI RPM BUILD AND TRACKER
export KOJI_DIR=/mnt/koji export KOJI_DIR=/srv/koji
export KOJI_MOUNT_DIR=/mnt/koji export KOJI_MOUNT_DIR=/mnt/koji
export KOJI_MASTER_FQDN="$(hostname -f)" export KOJI_MASTER_FQDN="$(hostname -f)"
export KOJI_SLAVE_FQDN="$KOJI_MASTER_FQDN" export KOJI_SLAVE_FQDN="$KOJI_MASTER_FQDN"
@ -25,7 +25,7 @@ export DEBUG_RPM_DIR=
export EXTERNAL_REPO=http://mirrorlist.centos.org/releases/10/smeos/ export EXTERNAL_REPO=http://mirrorlist.centos.org/releases/10/smeos/
## POSTGRESQL DATABASE ## POSTGRESQL DATABASE
export POSTGRES_DIR=/var/lib/pgsql export POSTGRES_DIR=/srv/pgsql
## GIT REPOSITORIES ## GIT REPOSITORIES
export GIT_DIR= export GIT_DIR=
@ -34,8 +34,8 @@ export IS_ANONYMOUS_GIT_NEEDED=false
export GITOLITE_PUB_KEY='' export GITOLITE_PUB_KEY=''
## UPSTREAMS CACHE ## UPSTREAMS CACHE
export UPSTREAMS_DIR=/mnt/upstreams export UPSTREAMS_DIR=/srv/upstreams
## MASH RPMS ## MASH RPMS
export MASH_DIR=/mnt/mash export MASH_DIR=/srv/mash
export MASH_SCRIPT_DIR=/usr/local/bin export MASH_SCRIPT_DIR=/usr/local/bin