commit ff0412f7495b6df38e7b85bd2163b5521f844659 Author: Iain R. Learmonth irl@fsfe.org Date: Wed Mar 4 15:49:48 2020 +0000
a/check: Run updater every 30 minutes --- ansible/roles/check/files/check.service | 10 ++++++++++ ansible/roles/check/files/checkupdate.service | 6 ++++++ ansible/roles/check/files/checkupdate.timer | 9 +++++++++ ansible/roles/check/files/cpexits.sh | 18 +++++++++++++++++ ansible/roles/check/tasks/main.yml | 28 ++++++++++++++++++++++----- 5 files changed, 66 insertions(+), 5 deletions(-)
diff --git a/ansible/roles/check/files/check.service b/ansible/roles/check/files/check.service new file mode 100644 index 0000000..d12fac1 --- /dev/null +++ b/ansible/roles/check/files/check.service @@ -0,0 +1,10 @@ +[Unit] +Description=Check Web Service + +[Service] +Type=simple +WorkingDirectory=/srv/check.torproject.org/check +ExecStart=/srv/check.torproject.org/check/check -port 8080 + +[Install] +WantedBy=default.target diff --git a/ansible/roles/check/files/checkupdate.service b/ansible/roles/check/files/checkupdate.service new file mode 100644 index 0000000..7ea8996 --- /dev/null +++ b/ansible/roles/check/files/checkupdate.service @@ -0,0 +1,6 @@ +[Unit] +Description=Check updater + +[Service] +Type=oneshot +ExecStart=/usr/bin/bash /srv/check.torproject.org/cpexits.sh diff --git a/ansible/roles/check/files/checkupdate.timer b/ansible/roles/check/files/checkupdate.timer new file mode 100644 index 0000000..ee4325a --- /dev/null +++ b/ansible/roles/check/files/checkupdate.timer @@ -0,0 +1,9 @@ +[Unit] +Description=Run check updater every 30 mins + +[Timer] +OnBootSec=5min +OnUnitActiveSec=30min + +[Install] +WantedBy=timers.target diff --git a/ansible/roles/check/files/cpexits.sh b/ansible/roles/check/files/cpexits.sh new file mode 100755 index 0000000..a8a2bf2 --- /dev/null +++ b/ansible/roles/check/files/cpexits.sh @@ -0,0 +1,18 @@ +#!/usr/bin/env bash + +CHECK=/srv/check.torproject.org/check +TORDATA=/srv/check.torproject.org/tordata +DNSEL=/srv/tordnsel.torproject.org +NOW=$(date +"%Y-%m-%d-%H-%M-%S") + +find $CHECK/data/exit-lists -type f -mtime +1 -delete +cat $DNSEL/exit-addresses > $CHECK/data/exit-lists/$NOW + +find $CHECK/data/consensuses -type f -mtime +1 -delete +cp $TORDATA/cached-consensus $CHECK/data/consensuses/$NOW-consensus + +cat $TORDATA/cached-descriptors $TORDATA/cached-descriptors.new > $CHECK/data/cached-descriptors + +cd $CHECK +scripts/exitips.py -n 1 +kill -s SIGUSR2 `cat check.pid` diff --git a/ansible/roles/check/tasks/main.yml b/ansible/roles/check/tasks/main.yml index c4af5a0..d1390d7 100644 --- a/ansible/roles/check/tasks/main.yml +++ b/ansible/roles/check/tasks/main.yml @@ -46,18 +46,36 @@ state: directory become: true become_user: check -- name: install tor client service file +- name: install check update script copy: - src: checktor.service - dest: "/srv/check.torproject.org/.config/systemd/user/checktor.service" + src: cpexits.sh + dest: "/srv/check.torproject.org/cpexits.sh" become: true become_user: check -- name: enable and start tor client service +- name: install systemd units + copy: + src: "{{ item }}" + dest: /srv/check.torproject.org/.config/systemd/user/ + owner: check + group: check + mode: 0644 + with_items: + - check.service + - checktor.service + - checkupdate.service + - checkupdate.timer + become: true + become_user: check +- name: enable and start services and timers systemd: scope: user - name: checktor + name: "{{ item }}" state: started enabled: yes daemon_reload: yes + with_items: + - check.service + - checktor.service + - checkupdate.timer become: yes become_user: check