From b81cbc70a367987c2548c6763be1154de871847e Mon Sep 17 00:00:00 2001 From: Simon Ebner Date: Wed, 9 Jun 2021 08:27:34 +0200 Subject: [PATCH] update findings for repo00 --- infrastructure-guide/repo00.md | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/infrastructure-guide/repo00.md b/infrastructure-guide/repo00.md index 708e1b48..081eff0f 100644 --- a/infrastructure-guide/repo00.md +++ b/infrastructure-guide/repo00.md @@ -5,7 +5,8 @@ This machine acts as a mirror for the RHEL7 iso images. The installer iso images are downloaded from https://id-sat-prd.ethz.ch/pub/isos/ and put into /var/www/html/iso manually -The iso images in `/var/www/html/iso` then (automatically) mounted as loop devices by the `pli-mount-iso-images.service` +The iso images in `/var/www/html/iso` then (automatically) mounted as loop devices by the `pli-mount-iso-images.service`. This is an enabled service and it runs once on system boot automatically. Otherwise changes are not monitored, if one puts an iso there and wants it mounted, a manual restart of the service is required for anything to happen. + ``` [root@repo00 ~]# df -kh | grep /var/www @@ -37,13 +38,13 @@ The `pli-repo-mirror.timer` runs a daily sync, which pulls the repos into `/var/ From the above, a weekly snapshot is taken by the `pli-repo-snapshot.timer`. -The `/opt/pli/libexec/pli-repo-zoom.sh` is run from `/etc/crontab` , it maintains the zoom repo at /var/www/html/zoom/ +The `/opt/pli/libexec/pli-repo-zoom.sh` is run via the `pli-repo-zoom.timer` timer, it maintains the zoom repo at /var/www/html/zoom/ -``` -23 23 * * * root /opt/pli/libexec/pli-repo-zoom.sh -``` -The scripts and files in /opt/pli (except the crontab entry) can be found in this repository: +The `/opt/pli/libexec/pli-repo-yfs` script is run via the `pli-repo-yfs.timer` timer. It syncs the auristor repo and apparently also create tags. + + +The scripts and files in /opt/pli (as well as a copy of the systemd files) can be found in this repository: https://git.psi.ch/linux-infra/repo00_pli-scripts @@ -73,9 +74,6 @@ The ssh certificate is located in `/etc/pki/tls/` - SELinux is enforcing, this will not work. -- Could you please replace the `/etc/crontab` entry with a systemd service and timer and put these two files also in /opt/pli/systemd and link them in /etc/systemd/system. This way also this functionality is version controlled. - - - Timer added and cron removed - Can you explain a little bit more the structure of the /var/www/html/ directory (what is where, who is responsible for certain directories, what are they needed for, ...). The content of the web directory: ``` @@ -108,10 +106,6 @@ The rest were put there by hand. Much of it is probably not needed, but wouldn't - I know of no further documentation and it was set up by Kai, years ago. It would take quite a bit of trial and error to reproduce. -- Is the pli-mount-iso-images.service run manually? I do not see any timer/watchdog that executes this periodically or upon new .iso files appearing - - - It is an enabled service, so it runs once on system boot automatically. Otherwise changes are not monitored, if one puts an iso there and wants it mounted, a manual restart of the service is required for anything to happen. - - Is the mentiond httpd config everything that is needed, who is taking care of this certificate, how is it installed? how is the expiration monitored? - I don't think anything further is needed. The cert is requested from SWITCH and placed here manually. It is not monitored. The owner/admin of this server must take care of this.