Georg Koppen 895efbcd31 Move mcs and brade to alumns build machine-wise 4 years ago
..
group_vars 4d855e7458 Add GeKo to nightly build emails 4 years ago
roles 895efbcd31 Move mcs and brade to alumns build machine-wise 4 years ago
vaulted_vars 2baf119753 Bug 26440: move vaulted vars to a separate directory 6 years ago
Makefile 4580c03c93 Bug 25318: Add Tor Browser nightly builds email notification 6 years ago
README 513da80080 Bug 33952: Add instructions related to build-sunet-a.torproject.net 4 years ago
ansible-fpcentral.cfg c9a600cc36 Bug 23738: add ansible scripts to deploy fpcentral 6 years ago
boklm-tbb-nightly-build.yml 2baf119753 Bug 26440: move vaulted vars to a separate directory 6 years ago
fpcentral.yml c9a600cc36 Bug 23738: add ansible scripts to deploy fpcentral 6 years ago
inventory a2f565643d Bug 25817: add ansible roles for tbb-nightly setup 6 years ago
tbb-build.yml fd97762cb0 Bug 23384: install and configure unattended-upgrades on build-sunet-a.torproject.net 7 years ago

README

This directory contains some ansible script that we use to set up some
machines that we use for Tor Browser development.

To deploy some changes you need the ansible package to be installed on
your machine, and be able to log in with ssh as root on the machine(s)
where the changes need to be deployed.

You can then use one of the following makefile targets:

ansible-tbb-build:
Deploy changes to the machine used by Tor Browser team members to do
some Tor Browser builds. See below for more details about adding,
removing and updating users on this machine.

fpcentral:
Deploy fpcentral to forrestii.torproject.org. To be able to run this
you need to be in the fpcentral tpo ldap group. Your ldap password will
be asked, to sudo to the fpcentral user.

boklm-tbb-nightly-build:
This target is used by boklm to deploy a nightly build machine. If
anybody else wants to set up their own nightly builds, it is possible to
do it by adding a new host to the inventory file and making copies of
group_vars/boklm-tbb-nightly/ and boklm-tbb-nightly-build.yml.
For more details, see also this ticket:
https://trac.torproject.org/projects/tor/ticket/33948


Adding, removing, updating users on the Tor Browser team build machine
======================================================================

The tbb-build.yml playbook is used to set up the Tor Browser team build
machine (build-sunet-a.torproject.net).

To add a new user:

- add the new username to roles/tbb-team/defaults/main.yml
- add the ssh key file to roles/tbb-team/files/${username}.pub
- run "make ansible-tbb-build"

To update the ssh key for an existing user:
- update roles/tbb-team/files/${username}.pub
- run "make ansible-tbb-build"

To remove a user and their home directory from the build machine:
- in roles/tbb-team/defaults/main.yml, move the user from
tbb_team_members to tbb_team_alums
- remove roles/tbb-team/files/${username}.pub
- run "make ansible-tbb-build"

To install additional packages you can add them to
roles/tbb-builder/tasks/main.yml if they are necessary to build
Tor Browser, or to roles/useful-packages/tasks/main.yml otherwise.

If you don't want to apply the changes directly, but first want to check
what would be the changes done by ansible, you can edit the ansible-playbook
command in the Makefile to add the --check argument.