Commit 28fef068 authored by Sébastien Luttringer's avatar Sébastien Luttringer
Browse files

Add Archive

parent 42ae61cf
......@@ -19,3 +19,4 @@
- { role: sudo, tags: ['sudo', 'archusers'] }
- { role: archweb, archweb_site: false, archweb_services: true, archweb_mirrorcheck_locations: [5, 6], tags: ['archweb'] }
- { role: sources, sources_domain: "sources.archlinux.org", sources_dir: "/srv/sources", tags: ['sources'] }
- { role: archive, archive_domain: "archive.archlinux.org", archive_dir: "/srv/archive", tags: ['archive'] }
---
- name: install archivetools package
pacman: name=archivetools state=present
- name: make archive dir
file:
path: "{{ archive_dir }}"
state: directory
owner: archive
group: archive
mode: 0755
- name: setup archive configuration
template:
src: archive.conf.j2
dest: /etc/archive.conf
owner: root
group: root
mode: 0644
- name: setup archive timer
systemd: name=archive.timer enabled=yes state=started
- name: setup archive-hardlink timer
systemd: name=archive-hardlink.timer enabled=yes state=started
- name: set up nginx
template:
src: nginx.d.conf.j2
dest: /etc/nginx/nginx.d/archive.conf
owner: root
group: root
mode: 0644
notify:
- reload nginx
- name: make nginx log dir
file:
path: /var/log/nginx/{{ archive_domain }}
state: directory
owner: root
group: root
mode: 0755
# vim:set sw=2 ts=2 ft=sh et:
# This file is managed by Ansible. Local updates will be lost!
# Archlinux remote rsync server
ARCHIVE_RSYNC='rsync://rsync.archlinux.org/kitchensink_tier1/'
# Archive local directory
ARCHIVE_DIR='{{ archive_dir }}'
# Archive User and Group
ARCHIVE_USER=archive
ARCHIVE_GROUP=archive
# Package extensions
PKGEXT='.pkg.tar.xz'
PKGSIG="$PKGEXT.sig"
# Umask used when archiving
UMASK=022
##############################################################################
#### Repositories
##############################################################################
# Enable repositories archiving
ARCHIVE_REPO=1
# Enable daily repo trees
# This offer daily, weekly, monthly, yearly snapshot trees
REPO_DAYLY=1
# Enable packages tree
# Create a dedicated tree with packages sorted by name
REPO_PACKAGES=1
# Enable repository package index
# Needed by agetpkg to list packages
REPO_PACKAGES_INDEX=1
# Search in all repository snapshop. This is slow.
# Better option is to let it to 0 to look only in the last snapshot
REPO_PACKAGES_FULL_SEARCH=0
# Max duration in second of the rsyncing of the daily snapshot
REPO_RSYNC_TIMEOUT=80000
##############################################################################
#### ISO
##############################################################################
# Enable ISO archiving
ARCHIVE_ISO=1
# Max duration in second of the rsyncing of the iso images
ISO_RSYNC_TIMEOUT=6400
server {
listen 80;
listen [::]:80;
server_name {{ archive_domain }};
access_log /var/log/nginx/{{ archive_domain }}/access.log;
error_log /var/log/nginx/{{ archive_domain }}/error.log;
include snippets/letsencrypt.conf;
location / {
rewrite ^(.*) https://$server_name$1 permanent;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name {{ archive_domain }};
access_log /var/log/nginx/{{ archive_domain }}/access.log;
error_log /var/log/nginx/{{ archive_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ archive_domain }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ archive_domain }}/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/{{ archive_domain }}/chain.pem;
root {{ archive_dir }};
autoindex on;
autoindex_exact_size off;
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment