[gnome-build-meta.wiki] Update Deployment - remote stuff that's now automated
- From: Sam Thursfield <sthursfield src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-build-meta.wiki] Update Deployment - remote stuff that's now automated
- Date: Fri, 29 Oct 2021 14:08:03 +0000 (UTC)
commit a7e3f4941cfda1e75fecb26e59cb644a28cc7593
Author: Sam Thursfield <sam afuera me uk>
Date: Fri Oct 29 14:08:02 2021 +0000
Update Deployment - remote stuff that's now automated
openqa/Deployment.md | 106 ++-------------------------------------------------
1 file changed, 3 insertions(+), 103 deletions(-)
---
diff --git a/openqa/Deployment.md b/openqa/Deployment.md
index 3927db3..7483b1a 100644
--- a/openqa/Deployment.md
+++ b/openqa/Deployment.md
@@ -1,10 +1,8 @@
# openqa.gnome.org deployment
-This server was manually.
+This server was initially deployed by hand. The deployment is now described using Ansible in
https://gitlab.gnome.org/sthursfield/openqa-ansible.
-We hope to redeploy it using Ansible eventually. Work in progress towards that can be found at:
https://gitlab.gnome.org/sthursfield/openqa-ansible/-/tree/main
-
-The following notes are from the initial deployment:
+The following steps from the initial deployment are not automated:
## Install docker
```
@@ -19,28 +17,8 @@ dnf install docker-ce docker-ce-cli containerd.io
dnf install containerd.io-1.4.6-3.1.fc34
```
-## Get the SSL
-```
-cd ssl_cert
-docker run -it --rm --privileged -p80:80 -v $PWD:/root debian:bullseye-slim /bin/bash
-```
-
-## Inside the docker:
-```
-apt-get update && apt-get install curl socat
-cd /root/.acme.sh/
-./acme.sh --issue --standalone -d openqa.gnome.org
-exit
-```
-
## In Host:
```
-cd /root
-mkdir openqa
-cd openqa/
-git clone https://github.com/os-autoinst/openQA.git
-mkdir -p workdir/data/factory/{iso,hdd,other,tmp} workdir/data/tests workdir/data/testresults
workdir/data/certs/ssl.{key,crt} workdir/data/conf
-chmod 0777 workdir/data/testresults
cp -r openQA/container/openqa_data/data.template/conf/* workdir/data/conf/
cp openQA/container/webui/conf/database.ini workdir/data/conf/
sed -i 's/#base_url = http://FIXME/base_url = http://openqa.gnome.org//' workdir/data/conf/openqa.ini
@@ -61,38 +39,6 @@ EOF
```
## change provider to appropriate provider and update key and secret
-```
-cp ../ssl_cert/.acme.sh/openqa.gnome.org/ca.cer workdir/data/certs/ssl.crt/ca.crt
-cp ../ssl_cert/.acme.sh/openqa.gnome.org/openqa.gnome.org.key workdir/data/certs/ssl.key/server.key
-cp ../ssl_cert/.acme.sh/openqa.gnome.org/openqa.gnome.org.cer workdir/data/certs/ssl.crt/server.crt
-docker network create openqa
-mkdir ~/openqa/dockerfile
-cat <<EOF >> ~/openqa/dockerfile/Dockerfile
-FROM registry.opensuse.org/devel/openqa/containers15.2/openqa_webui:latest
-RUN zypper --no-gpg-checks ref && zypper --no-gpg-checks update -y && zypper --no-gpg-checks in -y
'perl(Mojolicious::Plugin::OAuth2)'
-RUN usermod -d /var/lib/openqa -s /bin/bash geekotest
-COPY files /root/files
-RUN cp /root/files/gnomeos.png /usr/share/openqa/assets/images/gnomeos.png && \
- mkdir -p /usr/share/openqa/templates/webapi/branding/gnomeOS && \
- cp /root/files/*html* /usr/share/openqa/templates/webapi/branding/gnomeOS/. && \
- rm -rf /root/files && chown geekotest /usr/share/openqa/assets/images/gnomeos.png && \
- echo -e "\n! gnomeos.png\n< images/gnomeos.png" >> /usr/share/openqa/assets/assetpack.def
-EOF
-```
-
-## Copy `files` folder containing the logo and the sponsor html
-```
-cd dockerfile/
-docker build -t openqa_webui:test .
-cd ..
-cd ~/openqa/workdir/data/tests
-git clone https://gitlab.com/jamesthomas/gnome-tests.git gnomeos
-cd gnomeos
-git clone https://gitlab.com/jamesthomas/gnome-needles needles
-cd /root/openqa
-docker run -d --rm --network openqa -e POSTGRES_PASSWORD=openqa -e POSTGRES_USER=openqa -e
POSTGRES_DB=openqa -v$(pwd)/workdir/db:/var/lib/postgresql/data --name=db postgres:latest
-docker run --network openqa -d --rm --privileged -v $(pwd)/workdir/data:/data/ -v
$(pwd)/workdir/data/certs/ssl.crt:/etc/apache2/ssl.crt -v
$(pwd)/workdir/data/certs/ssl.key:/etc/apache2/ssl.key -p80:80 -p443:443 --name openqa_webui
openqa_webui:test
-```
## openqa will give admin access to the first user who loggedin. To give additional users admin access
```
@@ -104,55 +50,9 @@ update users set is_admin=1, is_operator=1 where id=4;
## change id to the id of the user who needs to have admin access
-
-## To stop the webui use `stop.sh` in /root/openqa and `start.sh` to start it.
-
-## stop.sh
-```
-#!/bin/bash
-
-BACKUP_DIR="backup-$(date +%Y%m%d_%H%M)"
-mkdir -p $BACKUP_DIR
-
-docker cp -a openqa_webui:/var/lib/openqa/images ${BACKUP_DIR}/.
-docker stop openqa_webui
-
-rm -f backup-latest
-ln -sf $BACKUP_DIR backup-latest
-```
-
-## start.sh
-```
-#!/bin/bash
-
-set -e
-
-docker run --network openqa -d --rm --privileged -v $(pwd)/workdir/data:/data/ -v
$(pwd)/workdir/data/certs/ssl.crt:/etc/apache2/ssl.crt -v
$(pwd)/workdir/data/certs/ssl.key:/etc/apache2/ssl.key -p80:80 -p443:443 --name openqa_webui
openqa_webui:test
-
-if [ -d backup-latest/images ]; then
- docker cp -a backup-latest/images openqa_webui:/var/lib/openqa/.
- docker exec openqa_webui chown -R geekotest /var/lib/openqa/images
-fi
-```
-
## How to renew SSL cert
-This should be automated as soon as possible, but in the meantime... here's how to get a new SSL cert as
root openqa gnome org:
-
-```
-cd /root/ssl_cert/acme.sh/
-git pull
-cd ..
-docker run -it --rm --privileged -p80:80 -v $PWD:/root debian:bullseye-slim /bin/bash
-apt-get update && apt-get install curl socat
-cd /root/.acme.sh/
-./acme.sh --issue --standalone -d openqa.gnome.org
-exit
-cd /root/openqa
-cp ../ssl_cert/.acme.sh/openqa.gnome.org/ca.cer workdir/data/certs/ssl.crt/ca.crt
-cp ../ssl_cert/.acme.sh/openqa.gnome.org/openqa.gnome.org.key workdir/data/certs/ssl.key/server.key
-cp ../ssl_cert/.acme.sh/openqa.gnome.org/openqa.gnome.org.cer workdir/data/certs/ssl.crt/server.crt
-```
+See the Ansible script for how to do this.
## Fixing diskimage uploads
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]