[gnome-build-meta.wiki] Update Deployment - remote stuff that's now automated



commit a7e3f4941cfda1e75fecb26e59cb644a28cc7593
Author: Sam Thursfield <sam afuera me uk>
Date:   Fri Oct 29 14:08:02 2021 +0000

    Update Deployment - remote stuff that's now automated

 openqa/Deployment.md | 106 ++-------------------------------------------------
 1 file changed, 3 insertions(+), 103 deletions(-)
---
diff --git a/openqa/Deployment.md b/openqa/Deployment.md
index 3927db3..7483b1a 100644
--- a/openqa/Deployment.md
+++ b/openqa/Deployment.md
@@ -1,10 +1,8 @@
 # openqa.gnome.org deployment
 
-This server was manually.
+This server was initially deployed by hand. The deployment is now described using Ansible in 
https://gitlab.gnome.org/sthursfield/openqa-ansible.
 
-We hope to redeploy it using Ansible eventually. Work in progress towards that can be found at: 
https://gitlab.gnome.org/sthursfield/openqa-ansible/-/tree/main
-
-The following notes are from the initial deployment:
+The following steps from the initial deployment are not automated:
 
 ## Install docker
 ```
@@ -19,28 +17,8 @@ dnf install docker-ce docker-ce-cli containerd.io
 dnf install containerd.io-1.4.6-3.1.fc34
 ```
 
-## Get the SSL
-```
-cd ssl_cert
-docker run -it --rm --privileged -p80:80 -v $PWD:/root debian:bullseye-slim /bin/bash
-```
-
-## Inside the docker:
-```
-apt-get update && apt-get install curl socat
-cd /root/.acme.sh/
-./acme.sh --issue --standalone -d openqa.gnome.org
-exit
-```
-
 ## In Host:
 ```
-cd /root
-mkdir openqa
-cd openqa/
-git clone https://github.com/os-autoinst/openQA.git
-mkdir -p workdir/data/factory/{iso,hdd,other,tmp} workdir/data/tests workdir/data/testresults 
workdir/data/certs/ssl.{key,crt} workdir/data/conf 
-chmod 0777 workdir/data/testresults
 cp -r openQA/container/openqa_data/data.template/conf/* workdir/data/conf/
 cp openQA/container/webui/conf/database.ini workdir/data/conf/
 sed -i 's/#base_url = http://FIXME/base_url = http://openqa.gnome.org//' workdir/data/conf/openqa.ini
@@ -61,38 +39,6 @@ EOF
 ```
 
 ## change provider to appropriate provider and update key and secret
-```
-cp ../ssl_cert/.acme.sh/openqa.gnome.org/ca.cer workdir/data/certs/ssl.crt/ca.crt
-cp ../ssl_cert/.acme.sh/openqa.gnome.org/openqa.gnome.org.key workdir/data/certs/ssl.key/server.key
-cp ../ssl_cert/.acme.sh/openqa.gnome.org/openqa.gnome.org.cer  workdir/data/certs/ssl.crt/server.crt
-docker network create openqa
-mkdir ~/openqa/dockerfile
-cat <<EOF >> ~/openqa/dockerfile/Dockerfile
-FROM registry.opensuse.org/devel/openqa/containers15.2/openqa_webui:latest
-RUN zypper --no-gpg-checks ref && zypper --no-gpg-checks update -y && zypper --no-gpg-checks in -y 
'perl(Mojolicious::Plugin::OAuth2)'
-RUN usermod -d /var/lib/openqa -s /bin/bash geekotest
-COPY files /root/files
-RUN cp /root/files/gnomeos.png /usr/share/openqa/assets/images/gnomeos.png && \
-  mkdir -p /usr/share/openqa/templates/webapi/branding/gnomeOS && \
-  cp /root/files/*html* /usr/share/openqa/templates/webapi/branding/gnomeOS/. && \
-  rm -rf /root/files && chown geekotest /usr/share/openqa/assets/images/gnomeos.png && \
-  echo -e "\n! gnomeos.png\n< images/gnomeos.png" >> /usr/share/openqa/assets/assetpack.def
-EOF
-```
-
-## Copy `files` folder containing the logo and the sponsor html 
-```
-cd dockerfile/
-docker build -t openqa_webui:test .
-cd ..
-cd ~/openqa/workdir/data/tests
-git clone https://gitlab.com/jamesthomas/gnome-tests.git gnomeos
-cd gnomeos
-git clone https://gitlab.com/jamesthomas/gnome-needles needles
-cd /root/openqa
-docker run -d --rm --network openqa -e POSTGRES_PASSWORD=openqa -e POSTGRES_USER=openqa -e 
POSTGRES_DB=openqa -v$(pwd)/workdir/db:/var/lib/postgresql/data --name=db postgres:latest
-docker run  --network openqa  -d --rm --privileged -v $(pwd)/workdir/data:/data/ -v 
$(pwd)/workdir/data/certs/ssl.crt:/etc/apache2/ssl.crt -v 
$(pwd)/workdir/data/certs/ssl.key:/etc/apache2/ssl.key  -p80:80 -p443:443 --name openqa_webui 
openqa_webui:test
-```
 
 ## openqa will give admin access to the first user who loggedin. To give additional users admin access
 ```
@@ -104,55 +50,9 @@ update users set is_admin=1, is_operator=1  where id=4;
 
 ## change id to the id of the user who needs to have admin access
 
-
-## To stop the webui use `stop.sh` in /root/openqa and `start.sh` to start it.
-
-## stop.sh
-```
-#!/bin/bash
-
-BACKUP_DIR="backup-$(date +%Y%m%d_%H%M)"
-mkdir -p $BACKUP_DIR
-
-docker cp -a  openqa_webui:/var/lib/openqa/images ${BACKUP_DIR}/.
-docker stop openqa_webui
-
-rm -f backup-latest
-ln -sf $BACKUP_DIR backup-latest
-```
-
-## start.sh
-```
-#!/bin/bash
-
-set -e
-
-docker run  --network openqa  -d --rm --privileged -v $(pwd)/workdir/data:/data/ -v 
$(pwd)/workdir/data/certs/ssl.crt:/etc/apache2/ssl.crt -v 
$(pwd)/workdir/data/certs/ssl.key:/etc/apache2/ssl.key  -p80:80 -p443:443 --name openqa_webui 
openqa_webui:test
-
-if [ -d backup-latest/images ]; then
-        docker cp -a backup-latest/images  openqa_webui:/var/lib/openqa/.
-        docker exec openqa_webui chown -R geekotest /var/lib/openqa/images
-fi
-```
-
 ## How to renew SSL cert
 
-This should be automated as soon as possible, but in the meantime... here's how to get a new SSL cert as 
root openqa gnome org:
-
-```
-cd /root/ssl_cert/acme.sh/
-git pull
-cd ..
-docker run -it --rm --privileged -p80:80 -v $PWD:/root debian:bullseye-slim /bin/bash
-apt-get update && apt-get install curl socat
-cd /root/.acme.sh/
-./acme.sh --issue --standalone -d openqa.gnome.org
-exit
-cd /root/openqa
-cp ../ssl_cert/.acme.sh/openqa.gnome.org/ca.cer workdir/data/certs/ssl.crt/ca.crt
-cp ../ssl_cert/.acme.sh/openqa.gnome.org/openqa.gnome.org.key workdir/data/certs/ssl.key/server.key
-cp ../ssl_cert/.acme.sh/openqa.gnome.org/openqa.gnome.org.cer  workdir/data/certs/ssl.crt/server.crt
-```
+See the Ansible script for how to do this.
 
 ## Fixing diskimage uploads
 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]