Dzahn has submitted this change and it was merged.
Change subject: Phabricator: allow rsyncing /srv/repos from active to passive
server
......................................................................
Phabricator: allow rsyncing /srv/repos from active to passive server
Check which server is set as active server in Hiera,
then include rsyncd and config on the non-active server
and allow (manual) rsyncing from active server pushing up
to passive server.
Avoid hardcoding server names or IPs, we should never have to edit this
besides the one "active server" switch in Hiera we already use
for other things like keeping the services stopped and skipping
monitoring stuff on the non-active server.
This is not an automated sync, it just allows an admin to do it in
a fully puppetized way.
Bug: T137928
Change-Id: Iff3b06395a6149820014cbcfac86c27c53bdf186
---
M modules/role/manifests/phabricator/main.pp
A modules/role/manifests/phabricator/rsync.pp
2 files changed, 27 insertions(+), 0 deletions(-)
Approvals:
jenkins-bot: Verified
Dzahn: Looks good to me, approved
diff --git a/modules/role/manifests/phabricator/main.pp
b/modules/role/manifests/phabricator/main.pp
index e9cacd7..a17f5e6 100644
--- a/modules/role/manifests/phabricator/main.pp
+++ b/modules/role/manifests/phabricator/main.pp
@@ -307,4 +307,6 @@
weekday => 1, # Monday
require => Package[$deploy_target],
}
+
+ include role::phabricator::rsync
}
diff --git a/modules/role/manifests/phabricator/rsync.pp
b/modules/role/manifests/phabricator/rsync.pp
new file mode 100644
index 0000000..c7be070
--- /dev/null
+++ b/modules/role/manifests/phabricator/rsync.pp
@@ -0,0 +1,25 @@
+# setup rsyncd and config on the _non_-active phab server
+# to allow pushing of /srv/repos from active to passive (T137928)
+class role::phabricator::rsync {
+
+ $phabricator_active_server = hiera('phabricator_active_server')
+
+ if $::hostname != $phabricator_active_server {
+ $hosts_allow = "@resolve((${phabricator_active_server}))"
+
+ ferm::service { 'phabricator-repo-rsync':
+ proto => 'tcp',
+ port => '873',
+ srange => "${hosts_allow}/32",
+ }
+
+ include rsync::server
+
+ rsync::server::module { 'phab-srv-repos':
+ path => '/srv/repos',
+ read_only => 'no',
+ hosts_allow => $hosts_allow,
+ }
+ }
+
+}
--
To view, visit https://gerrit.wikimedia.org/r/324796
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Iff3b06395a6149820014cbcfac86c27c53bdf186
Gerrit-PatchSet: 36
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Paladox <[email protected]>
Gerrit-Reviewer: 20after4 <[email protected]>
Gerrit-Reviewer: Dzahn <[email protected]>
Gerrit-Reviewer: Paladox <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
