diff --git a/inventory/group_vars/bodhi2 b/inventory/group_vars/bodhi2
index 34444aa453..8e83bacf7e 100644
--- a/inventory/group_vars/bodhi2
+++ b/inventory/group_vars/bodhi2
@@ -113,6 +113,5 @@ csi_relationship: |
* Blockerbugs checks bodhi for lists of updates.
* fedora-packages will try to query bodhi for the release status of
updates.
- * fedora-hubs has some widgets that display bodhi update information.
* fedora-easy-karma, abrt, 'fedpkg update', an eclipse plugin and other
client tools make queries to the bodhi webapp here.
diff --git a/inventory/group_vars/bodhi2-stg b/inventory/group_vars/bodhi2-stg
index d3b323ae4a..174806ca15 100644
--- a/inventory/group_vars/bodhi2-stg
+++ b/inventory/group_vars/bodhi2-stg
@@ -116,6 +116,5 @@ csi_relationship: |
* Blockerbugs checks bodhi for lists of updates.
* fedora-packages will try to query bodhi for the release status of
updates.
- * fedora-hubs has some widgets that display bodhi update information.
* fedora-easy-karma, abrt, 'fedpkg update', an eclipse plugin and other
client tools make queries to the bodhi webapp here.
diff --git a/inventory/group_vars/hubs-stg b/inventory/group_vars/hubs-stg
deleted file mode 100644
index c52aecc1bc..0000000000
--- a/inventory/group_vars/hubs-stg
+++ /dev/null
@@ -1,33 +0,0 @@
----
-# Define resources for this group of hosts here.
-lvm_size: 20000
-mem_size: 4096
-num_cpus: 2
-
-# for systems that do not match the above - specify the same parameter in
-# the host_vars/$hostname file
-
-tcp_ports: [ 80 ]
-
-fas_client_groups: sysadmin-noc,sysadmin-web,sysadmin-hubs,sysadmin-veteran
-
-# These are consumed by a task in roles/fedmsg/base/tasks/main.yml
-fedmsg_certs:
-- service: shell
- owner: hubs
- group: hubs
- can_send:
- - logger.log
- - hubs.user.created
- - hubs.user.role.added
- - hubs.user.role.changed
- - hubs.user.role.removed
- - hubs.hub.created
- - hubs.hub.updated
- - hubs.widget.updated
-
-# Used by the hubs role
-hubs_url_hostname: hubs.stg.fedoraproject.org
-hubs_db_host: db01.stg.phx2.fedoraproject.org
-hubs_oidc_url: id.stg.fedoraproject.org
-hubs_oidc_secret: "{{ hubs_stg_oidc_secret }}"
diff --git a/master.yml b/master.yml
index 0353da09af..84b3a12189 100644
--- a/master.yml
+++ b/master.yml
@@ -138,7 +138,6 @@
- import_playbook: /srv/web/infra/ansible/playbooks/hosts/fedora-bootstrap.fedorainfracloud.org.yml
- import_playbook: /srv/web/infra/ansible/playbooks/hosts/fedimg-dev.fedorainfracloud.org.yml
- import_playbook: /srv/web/infra/ansible/playbooks/hosts/glittergallery-dev.fedorainfracloud.org.yml
-- import_playbook: /srv/web/infra/ansible/playbooks/hosts/hubs-dev.fedorainfracloud.org.yml
- import_playbook: /srv/web/infra/ansible/playbooks/hosts/iddev.fedorainfracloud.org.yml
- import_playbook: /srv/web/infra/ansible/playbooks/hosts/lists-dev.fedorainfracloud.org.yml
- import_playbook: /srv/web/infra/ansible/playbooks/hosts/magazine2.fedorainfracloud.org.yml
diff --git a/playbooks/include/proxies-websites.yml b/playbooks/include/proxies-websites.yml
index 6c1dbc0987..514fa794a1 100644
--- a/playbooks/include/proxies-websites.yml
+++ b/playbooks/include/proxies-websites.yml
@@ -290,12 +290,6 @@
cert_name: "{{wildcard_cert_name}}"
tags: ostree
- - role: httpd/website
- site_name: hubs.fedoraproject.org
- sslonly: true
- server_aliases: [hubs.stg.fedoraproject.org]
- cert_name: "{{wildcard_cert_name}}"
-
- role: httpd/website
site_name: flocktofedora.org
server_aliases:
diff --git a/roles/fedmsg/irc/templates/ircbot.py b/roles/fedmsg/irc/templates/ircbot.py
index 04fa154878..6ea0a9d3cc 100644
--- a/roles/fedmsg/irc/templates/ircbot.py
+++ b/roles/fedmsg/irc/templates/ircbot.py
@@ -78,29 +78,6 @@ config = dict(
),
),
- # For fedora-hubs (not fedora-apps)
- dict(
- network='chat.freenode.net',
- port=6667,
- make_pretty=True,
- make_terse=True,
-
- {% if env == 'staging' %}
- nickname='fn-stg-hubs',
- {% else %}
- nickname='fm-hubs',
- {% endif %}
- channel='fedora-hubs',
- filters=dict(
- topic=[
- '^((?!(github\.create|github\.issue\.|github\.pull_request\.|github\.commit_comment|github\.star|pagure)).)*$',
- ],
- body=[
- "^((?!(fedora-hubs)).)*$",
- ],
- ),
- ),
-
# For that commops crew!
dict(
network='chat.freenode.net',
diff --git a/roles/haproxy/templates/haproxy.cfg b/roles/haproxy/templates/haproxy.cfg
index ca7fc85264..be68fa52f3 100644
--- a/roles/haproxy/templates/haproxy.cfg
+++ b/roles/haproxy/templates/haproxy.cfg
@@ -178,17 +178,6 @@ backend fedocal-backend
{% endif %}
option httpchk GET /calendar
-frontend hubs-frontend
- bind 0.0.0.0:10068
- default_backend hubs-backend
-
-backend hubs-backend
- balance hdr(appserver)
-{% if env != "production" %}
- server hubs01 hubs01:80 check inter 10s rise 1 fall 2
-{% endif %}
- option httpchk GET /
-
# IMPORTANT: 10023-10026 will NOT work because of selinux policies
frontend datagrepper-frontend
diff --git a/roles/hubs/defaults/main.yml b/roles/hubs/defaults/main.yml
deleted file mode 100644
index 2cec928488..0000000000
--- a/roles/hubs/defaults/main.yml
+++ /dev/null
@@ -1,21 +0,0 @@
-main_user: hubs
-hubs_dev_mode: false
-hubs_secret_key: changeme
-hubs_base_dir: "/srv/hubs"
-hubs_code_dir: "{{ hubs_base_dir }}/fedora-hubs"
-hubs_conf_dir: "{{ hubs_base_dir }}/config"
-hubs_var_dir: "{{ hubs_base_dir }}/var"
-hubs_log_dir: "{{ hubs_base_dir }}/log"
-hubs_db_type: sqlite
-hubs_db_user: hubs
-hubs_db_password: changeme
-hubs_db_host: localhost
-hubs_db_name: hubs
-hubs_url_hostname: "{{ ansible_fqdn }}"
-hubs_url: http{% if not hubs_dev_mode %}s{% endif %}://{{ hubs_url_hostname }}{% if hubs_dev_mode %}:5000{% endif %}
-hubs_ssl_cert: /etc/pki/tls/certs/{{ hubs_url_hostname }}.crt
-hubs_ssl_key: /etc/pki/tls/private/{{ hubs_url_hostname }}.key
-hubs_fas_username: null
-hubs_fas_password: null
-hubs_oidc_url: iddev.fedorainfracloud.org
-hubs_oidc_secret: changeme
diff --git a/roles/hubs/files/nginx_proxy_params b/roles/hubs/files/nginx_proxy_params
deleted file mode 100644
index 8d22239908..0000000000
--- a/roles/hubs/files/nginx_proxy_params
+++ /dev/null
@@ -1,9 +0,0 @@
-proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-proxy_set_header X-Forwarded-Proto $scheme;
-proxy_set_header Host $http_host;
-# we don't want nginx trying to do something clever with
-# redirects, we set the Host: header above already.
-proxy_redirect off;
-# OpenID Connect uses large headers, we need bigger buffers.
-proxy_buffer_size 128k;
-proxy_buffers 8 256k;
diff --git a/roles/hubs/files/pg_hba.conf b/roles/hubs/files/pg_hba.conf
deleted file mode 100644
index c703fd9f99..0000000000
--- a/roles/hubs/files/pg_hba.conf
+++ /dev/null
@@ -1,14 +0,0 @@
-# PostgreSQL Client Authentication Configuration File
-# ===================================================
-#
-# Refer to the "Client Authentication" section in the PostgreSQL
-# documentation for a complete description of this file.
-
-# TYPE DATABASE USER ADDRESS METHOD
-
-# "local" is for Unix domain socket connections only
-local all all peer
-# IPv4 local connections:
-host all all 127.0.0.1/32 md5
-# IPv6 local connections:
-host all all ::1/128 md5
diff --git a/roles/hubs/handlers/main.yml b/roles/hubs/handlers/main.yml
deleted file mode 100644
index 4bc0f93892..0000000000
--- a/roles/hubs/handlers/main.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-- name: restart postgresql
- service: name=postgresql state=restarted
-
-- name: restart hubs triage
- service: name=fedora-hubs-triage@* state=restarted
- listen: "hubs configuration change"
- when: not hubs_dev_mode
-
-- name: restart hubs workers
- service: name=fedora-hubs-worker@* state=restarted
- listen: "hubs configuration change"
- when: not hubs_dev_mode
-
-- name: restart hubs SSE server
- service: name=fedora-hubs-sse state=restarted
- listen: "hubs configuration change"
- when: not hubs_dev_mode
-
-# Webserver
-- name: restart hubs webapp
- service: name=fedora-hubs-webapp state=restarted
- listen: "hubs configuration change"
- when: not hubs_dev_mode
-
-- name: restart nginx
- service: name=nginx state=restarted
diff --git a/roles/hubs/meta/main.yml b/roles/hubs/meta/main.yml
deleted file mode 100644
index a5f89de108..0000000000
--- a/roles/hubs/meta/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
-dependencies:
- - certbot
- - mongodb
diff --git a/roles/hubs/tasks/db-postgresql.yml b/roles/hubs/tasks/db-postgresql.yml
deleted file mode 100644
index 229c7a318e..0000000000
--- a/roles/hubs/tasks/db-postgresql.yml
+++ /dev/null
@@ -1,52 +0,0 @@
-# Set up Postgres, create the database, and populate it.
-
-- name: Install dependencies
- dnf: name={{ item }} state=present
- with_items:
- - postgresql-server
- - python3-psycopg2
- # For the ansible module
- - python-psycopg2
-
-- name: Set up postgresql database
- command: postgresql-setup --initdb
- args:
- creates: /var/lib/pgsql/data/base
-
-- name: Set up postgresql access rules to allow local access
- copy:
- src: pg_hba.conf
- dest: /var/lib/pgsql/data/pg_hba.conf
- owner: postgres
- group: postgres
- mode: 0600
- notify: restart postgresql
-
-- name: Start and enable postgresql
- service: name=postgresql state=started enabled=yes
-
-- name: Set up the DB user
- postgresql_user:
- name: hubs
- password: "{{ hubs_db_password }}"
- role_attr_flags: NOSUPERUSER,NOCREATEROLE,NOCREATEDB
- become: true
- become_user: postgres
-
-- name: Create the database
- postgresql_db:
- name: hubs
- owner: hubs
- register: db_creation
- become: true
- become_user: postgres
-
-- name: Populate the Fedora Hubs database
- command: "python3 {{ hubs_code_dir }}/populate.py"
- args:
- chdir: "{{ hubs_code_dir }}"
- environment:
- HUBS_CONFIG: "{{ hubs_conf_dir }}/hubs.py"
- become: true
- become_user: "{{ main_user }}"
- when: db_creation|succeeded and db_creation is changed and hubs_dev_mode
diff --git a/roles/hubs/tasks/db-sqlite.yml b/roles/hubs/tasks/db-sqlite.yml
deleted file mode 100644
index e8397277e8..0000000000
--- a/roles/hubs/tasks/db-sqlite.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-- name: Create and populate the Fedora Hubs database
- command: "python3 {{ hubs_code_dir }}/populate.py"
- args:
- creates: "{{ hubs_var_dir }}/hubs.db"
- chdir: "{{ hubs_code_dir }}"
- environment:
- HUBS_CONFIG: "{{ hubs_conf_dir }}/hubs.py"
- become: true
- become_user: "{{ main_user }}"
diff --git a/roles/hubs/tasks/dev.yml b/roles/hubs/tasks/dev.yml
deleted file mode 100644
index 91d7bfa3c1..0000000000
--- a/roles/hubs/tasks/dev.yml
+++ /dev/null
@@ -1,82 +0,0 @@
-# Set up the Python development environment
-
-- name: Install Fedora Hubs requirements.txt into hubs virtualenv
- pip:
- requirements: "{{ hubs_code_dir }}/requirements.txt"
- executable: pip3
-
-- name: Install Fedora Hubs test-requirements.txt into hubs virtualenv
- pip:
- requirements: "{{ hubs_code_dir }}/test-requirements.txt"
- executable: pip3
-
-- name: Install other packages into hubs virtualenv
- pip:
- name: "{{ item }}"
- executable: pip3
- with_items:
- - bleach
-
-- name: Install Fedora Hubs into the virtualenv
- command: "pip3 install -e {{ hubs_code_dir }}"
- args:
- creates: "/usr/lib/python3.6/site-packages/fedora-hubs.egg-link"
-
-
-# Set up JavaScript requirements
-
-- name: Install npm packages
- command: npm install
- become: true
- become_user: "{{ main_user }}"
- args:
- creates: node_modules
- chdir: "{{ hubs_code_dir }}/js"
-
-- name: Build JavaScript assets
- command: npm run build
- become: true
- become_user: "{{ main_user }}"
- args:
- chdir: "{{ hubs_code_dir }}/js"
- creates: "{{ hubs_code_dir }}/hubs/static/js/build/common.js"
-
-
-# Development tools
-
-- name: Install helpful development packages
- dnf: name={{ item }} state=present
- with_items:
- - git
- - vim-enhanced
-
-- name: Install Fedora Hubs development tools
- dnf: name={{ item }} state=present
- with_items:
- - python3-honcho
- - python3-tox
-
-- name: Ease local access to the database
- copy:
- content: "*:*:hubs:hubs:{{ hubs_db_password }}"
- dest: /home/{{ main_user }}/.pgpass
- mode: 600
- owner: "{{ main_user }}"
- group: "{{ main_user }}"
- when: hubs_db_type == "postgresql"
-
-- name: Install a custom bashrc
- template: src=bashrc dest=/home/{{ main_user }}/.bashrc
-
-- name: Install Honcho's env file
- template: src=honcho-env dest={{ hubs_base_dir }}/.env
-
-- name: Install Honcho's procfile
- template: src=honcho-procfile dest={{ hubs_base_dir }}/Procfile
-
-- name: Link to the FAS credentials file if any
- file:
- state: link
- path: "/etc/fedmsg.d/fas_credentials.py"
- src: "{{ hubs_code_dir }}/fedmsg.d/fas_credentials.py"
- notify: "hubs configuration change"
diff --git a/roles/hubs/tasks/dev_deps.yml b/roles/hubs/tasks/dev_deps.yml
deleted file mode 100644
index 38ba4ba7f1..0000000000
--- a/roles/hubs/tasks/dev_deps.yml
+++ /dev/null
@@ -1,64 +0,0 @@
-- name: Install Fedora Hubs development packages
- dnf: name={{ item }} state=present
- with_items:
- - gcc
- - gcc-c++
- - libffi-devel
- - openssl-devel
- - python-sphinx
- - python2-devel
- - python3-devel
- - python3-virtualenv
- - python3-flask-oidc
- - python3-moksha-common
- - redhat-rpm-config
- - sqlite-devel
- - npm
- - fedmsg-hub
-
-- name: Install the distribution versions of requirements.txt
- dnf: name={{ item }} state=present
- with_items:
- - python3-alembic
- - python3-arrow
- - python3-beautifulsoup4
- - python3-bleach
- - python3-blinker
- - python3-dateutil
- - python3-decorator
- - python3-dogpile-cache
- - python3-fedmsg
- - python3-fedmsg-meta-fedora-infrastructure
- - python3-fedora
- - python3-flask
- - python3-flask-oidc
- - python3-html5lib
- - python3-humanize
- - python3-iso3166
- - python3-markdown
- - python3-munch
- - python3-pkgwat-api
- - python3-pygments
- - python3-pygments-markdown-lexer
- - python3-pymongo
- - python3-pytz
- - python3-redis
- - python3-requests
- - python3-retask
- - python3-six
- - python3-sqlalchemy
- - python3-twisted
-
-
-- name: Create the directory structure
- file:
- path: "{{ item.path }}"
- state: directory
- owner: "{{ main_user }}"
- group: "{{ main_user }}"
- mode: "{{ item.mode }}"
- #setype: httpd_sys_content_rw_t
- with_items:
- - {path: "{{ hubs_base_dir }}", mode: 755}
- - {path: "{{ hubs_conf_dir }}", mode: 750}
- - {path: "{{ hubs_var_dir }}", mode: 750}
diff --git a/roles/hubs/tasks/main.yml b/roles/hubs/tasks/main.yml
deleted file mode 100644
index 4f4951037f..0000000000
--- a/roles/hubs/tasks/main.yml
+++ /dev/null
@@ -1,98 +0,0 @@
----
-- name: Install external dependencies
- dnf: name={{ item }} state=present
- with_items:
- - redis
- - python3-fedmsg
- - postfix
-
-
-- include_tasks: dev_deps.yml
- when: hubs_dev_mode
-
-- include_tasks: prod_deps.yml
- when: not hubs_dev_mode
-
-
-- name: Add a basic Hubs configuration file
- template:
- src: "{{ item }}"
- dest: "{{ hubs_conf_dir }}/hubs.py"
- owner: root
- group: "{{ main_user }}"
- mode: 0640
- with_first_found:
- - hubs_config.{{ ansible_hostname }}
- - hubs_config
- notify: "hubs configuration change"
-
-
-- name: Add a basic fedmsg configuration file
- template:
- src: "{{ item }}"
- dest: "/etc/fedmsg.d/fedora-hubs.py"
- with_first_found:
- - fedmsg_config.{{ ansible_hostname }}
- - fedmsg_config
- notify: "hubs configuration change"
-
-
-- name: Configure application to authenticate with the OIDC provider (dev)
- block:
- - dnf: name=python3-flask-oidc state=present
- - command:
- oidc-register
- --output-file {{ hubs_conf_dir }}/client_secrets.json
- https://{{ hubs_oidc_url }}/ {{ hubs_url }}
- args:
- creates: "{{ hubs_conf_dir }}/client_secrets.json"
- notify: "hubs configuration change"
- when: hubs_oidc_url == "iddev.fedorainfracloud.org"
-
-
-- name: Configure application to authenticate with the OIDC provider
- template:
- src: oidc_client_secrets.json
- dest: "{{ hubs_conf_dir }}/client_secrets.json"
- owner: root
- group: "{{ main_user }}"
- mode: 0640
- notify: "hubs configuration change"
- when: hubs_oidc_url != "iddev.fedorainfracloud.org"
-
-
-- name: Fix the permissions on the OIDC secrets file
- file:
- path: "{{ hubs_conf_dir }}/client_secrets.json"
- owner: root
- group: "{{ main_user }}"
- mode: 0640
-
-
-- name: Start and enable the common services
- service: name={{ item }} state=started enabled=yes
- with_items:
- - redis
- - postfix
-
-# Set up, create, and populate the database.
-- include_tasks: db-{{ hubs_db_type }}.yml
-
-
-# Services
-- name: Disable the system-wide fedmsg daemons
- service: name={{ item }} state=stopped enabled=no
- with_items:
- # We use honcho in dev mode and fedmsg-hub-3 in prod mode
- - fedmsg-hub
- # We use honcho in dev mode and fedmsg-relay-3 in prod mode
- - fedmsg-relay
-
-
-# Include mode-specific tasks
-
-- include_tasks: dev.yml
- when: hubs_dev_mode
-
-- include_tasks: prod.yml
- when: not hubs_dev_mode
diff --git a/roles/hubs/tasks/prod.yml b/roles/hubs/tasks/prod.yml
deleted file mode 100644
index 7900abd36c..0000000000
--- a/roles/hubs/tasks/prod.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: Install the service environment file
- template:
- src: env
- dest: /etc/sysconfig/fedora-hubs
-
-- name: Start and enable the services in prod mode
- service: name={{ item }} state=started enabled=yes
- with_items:
- - fedmsg-relay-3
- - fedmsg-hub-3
- - fedora-hubs-triage@1
- - fedora-hubs-triage@2
- - fedora-hubs-worker@1
- - fedora-hubs-worker@2
- - fedora-hubs-worker@3
- - fedora-hubs-worker@4
- - fedora-hubs-sse
-
-- include_tasks: web-apache.yml
diff --git a/roles/hubs/tasks/prod_deps.yml b/roles/hubs/tasks/prod_deps.yml
deleted file mode 100644
index b078a6470f..0000000000
--- a/roles/hubs/tasks/prod_deps.yml
+++ /dev/null
@@ -1,2 +0,0 @@
-- name: Install the Fedora Hubs package
- dnf: name=fedora-hubs state=present
diff --git a/roles/hubs/tasks/web-apache.yml b/roles/hubs/tasks/web-apache.yml
deleted file mode 100644
index 33fa4b7e1b..0000000000
--- a/roles/hubs/tasks/web-apache.yml
+++ /dev/null
@@ -1,42 +0,0 @@
-# Webserver config
-
-- name: Install the webserver packages
- dnf: name={{ item }} state=present
- with_items:
- - python3-mod_wsgi
- - libselinux-python
- - policycoreutils-python
-
-
-- name: Apache configuration for hubs
- template:
- src: apache.conf
- dest: /etc/httpd/conf.d/fedora-hubs.conf
- notify:
- - restart apache
-
-
-- name: Allow network connection for Apache
- seboolean:
- name: httpd_can_network_connect
- state: yes
- persistent: yes
-
-
-- name: Allow execmem for Apache
- seboolean:
- name: httpd_execmem
- state: yes
- persistent: yes
-
-
-- name: Allow Apache to write to the cache files
- sefcontext:
- setype: httpd_sys_rw_content_t
- target: "/var/lib/fedora-hubs(/.*)?"
-
-
-- name: Start and enable the services
- service: name={{ item }} state=started enabled=yes
- with_items:
- - httpd
diff --git a/roles/hubs/tasks/web-nginx.yml b/roles/hubs/tasks/web-nginx.yml
deleted file mode 100644
index 1c523782c3..0000000000
--- a/roles/hubs/tasks/web-nginx.yml
+++ /dev/null
@@ -1,80 +0,0 @@
-# Webserver config
-
-- name: Install the webserver packages
- dnf: name={{ item }} state=present
- with_items:
- - python3-gunicorn
- - nginx
- - libsemanage-python
-
-
-- name: install python3-certbot-nginx
- dnf: name=python3-certbot-nginx state=present
- when: hubs_ssl_cert != None
-
-- name: get the letsencrypt cert
- command: certbot certonly -n --standalone --pre-hook "systemctl stop nginx" --post-hook "systemctl start nginx" -d {{ hubs_url_hostname }} --agree-tos --email admin@fedoraproject.org
- args:
- creates: "{{ hubs_ssl_key }}"
- when: hubs_ssl_cert != None
- notify:
- - restart nginx
-
-
-- name: Nginx configuration for hubs
- template:
- src: nginx.conf
- dest: /etc/nginx/conf.d/fedora-hubs.conf
- notify:
- - restart nginx
-
-
-- name: Nginx SSL configuration
- template:
- src: "{{ item }}"
- dest: /etc/nginx/ssl_params
- with_first_found:
- - nginx_ssl_params.{{ ansible_hostname }}
- - nginx_ssl_params
- when: hubs_ssl_cert != None
- notify:
- - restart nginx
-
-
-- name: Nginx proxy configuration
- copy:
- src: "{{ item }}"
- dest: /etc/nginx/proxy_params
- with_first_found:
- - nginx_proxy_params.{{ ansible_hostname }}
- - nginx_proxy_params
- notify:
- - restart nginx
-
-
-- name: Allow network connection for Nginx
- seboolean:
- name: httpd_can_network_connect
- state: yes
- persistent: yes
-
-
-- name: Create the log directory
- file:
- path: "{{ hubs_log_dir }}"
- owner: "{{ main_user }}"
- state: directory
-
-
-- name: Install the Gunicorn config file
- template:
- src: gunicorn.py
- dest: "{{ hubs_conf_dir }}/gunicorn.py"
- notify: "hubs configuration change"
-
-
-- name: Start and enable the services
- service: name={{ item }} state=started enabled=yes
- with_items:
- - fedora-hubs-webapp
- - nginx
diff --git a/roles/hubs/templates/apache.conf b/roles/hubs/templates/apache.conf
deleted file mode 100644
index e283e56743..0000000000
--- a/roles/hubs/templates/apache.conf
+++ /dev/null
@@ -1,27 +0,0 @@
-Alias /static /usr/lib/python3.6/site-packages/hubs/static
-
-WSGIScriptAlias / /usr/share/fedora-hubs/hubs.wsgi
-WSGIDaemonProcess hubs user=hubs group=hubs display-name=hubs maximum-requests=1000 processes=4 threads=30
-WSGISocketPrefix run/wsgi
-WSGIRestrictStdout On
-WSGIRestrictSignal Off
-WSGIPythonOptimize 1
-
-
-
- Order deny,allow
- Allow from all
- Require all granted
-
- WSGIProcessGroup hubs
-
-
-
- Order deny,allow
- Allow from all
- Require all granted
-
-
-# SSE
-ProxyPass /sse http://localhost:8080
-ProxyPassReverse /sse http://localhost:8080
diff --git a/roles/hubs/templates/bashrc b/roles/hubs/templates/bashrc
deleted file mode 100644
index 93fd757a1a..0000000000
--- a/roles/hubs/templates/bashrc
+++ /dev/null
@@ -1,48 +0,0 @@
-# .bashrc
-
-# Source global definitions
-if [ -f /etc/bashrc ]; then
- . /etc/bashrc
-fi
-
-alias vi=vim
-
-
-# Uncomment the following line if you don't like systemctl's auto-paging feature:
-# export SYSTEMD_PAGER=
-
-# User specific aliases and functions
-# If adding new functions to this file, note that you can add help text to the function
-# by defining a variable with name __help containing the help text
-
-
-# Honcho has issues outputing UTF-8 in Vagrant SSH
-# https://github.com/nickstenning/honcho/issues/51
-export PYTHONIOENCODING=utf-8
-
-export HUBS_CONFIG={{ hubs_conf_dir }}/hubs.py
-export FLASK_APP={{ hubs_code_dir }}/hubs/app.py
-
-
-workon() {
- [ "$1" == "hubs" ] || ( echo "No such virtualenv."; exit 1 )
- cd {{ hubs_code_dir }}
-}
-
-alias hup="pushd ~ ; honcho start ; popd"
-
-hreset() {
- {% if hubs_db_type == "postgresql" %}
- sudo -u postgres dropdb hubs
- sudo -u postgres createdb -O hubs hubs
- {% else %}
- rm {{ hubs_var_dir }}/hubs.db
- {% endif %}
- rm {{ hubs_var_dir }}/cache.db
- pushd {{ hubs_code_dir }}
- python3 populate.py
- popd
-}
-
-# Enable autocomplete for the fedora-hubs command
-eval "$(_FEDORA_HUBS_COMPLETE=source fedora-hubs)"
diff --git a/roles/hubs/templates/env b/roles/hubs/templates/env
deleted file mode 100644
index 058139eb70..0000000000
--- a/roles/hubs/templates/env
+++ /dev/null
@@ -1,2 +0,0 @@
-HUBS_CONFIG={{ hubs_conf_dir }}/hubs.py
-WEBAPP_CONFIG={{ hubs_conf_dir }}/gunicorn.py
diff --git a/roles/hubs/templates/fedmsg_config b/roles/hubs/templates/fedmsg_config
deleted file mode 100644
index b8f7d276c7..0000000000
--- a/roles/hubs/templates/fedmsg_config
+++ /dev/null
@@ -1,32 +0,0 @@
-config = {
-
- # Database
- {% if hubs_db_type == "postgresql" %}
- 'hubs.sqlalchemy.uri': 'postgresql://{{ hubs_db_user }}:{{ hubs_db_password }}@{{ hubs_db_host }}/{{ hubs_db_name }}',
- {% else %}
- 'hubs.sqlalchemy.uri': 'sqlite:///{{ hubs_var_dir }}/hubs.db',
- {% endif %}
-
- # Some configuration for the general hubs cache.
- "fedora-hubs.cache": {
- "backend": "dogpile.cache.dbm",
- #"expiration_time": 0,
- "arguments": {
- "filename": "{{ hubs_var_dir }}/cache.db",
- },
- },
-
- {% if hubs_fas_username and hubs_fas_password %}
- # FAS credentials
- 'fas_credentials': {
- 'username': '{{ hubs_fas_username }}',
- 'password': '{{ hubs_fas_password }}',
- {% if env == "staging" %}
- 'base_url': "https://admin.stg.fedoraproject.org/accounts/",
- {% endif %}
- },
- {% endif %}
-
- # Use fedmsg-relay to publish messages
- 'active': True,
-}
diff --git a/roles/hubs/templates/gunicorn.py b/roles/hubs/templates/gunicorn.py
deleted file mode 100644
index 1e65b3a003..0000000000
--- a/roles/hubs/templates/gunicorn.py
+++ /dev/null
@@ -1,8 +0,0 @@
-# flake8:noqa
-
-bind = "127.0.0.1:8000"
-threads = 12
-logconfig = "{{ hubs_conf_dir }}/logging.ini"
-accesslog = "{{ hubs_log_dir }}/access.log"
-errorlog = "{{ hubs_log_dir }}/error.log"
-access_log_format = '%(h)s %(l)s %(u)s %(t)s "%(r)s" %(s)s %(b)s "%(f)s" "%(a)s" (%(L)ss)'
diff --git a/roles/hubs/templates/honcho-env b/roles/hubs/templates/honcho-env
deleted file mode 100644
index a9d806fdd7..0000000000
--- a/roles/hubs/templates/honcho-env
+++ /dev/null
@@ -1,3 +0,0 @@
-FLASK_DEBUG=1
-FLASK_APP={{ hubs_code_dir }}/hubs/app.py
-HUBS_CONFIG={{ hubs_conf_dir }}/hubs.py
diff --git a/roles/hubs/templates/honcho-procfile b/roles/hubs/templates/honcho-procfile
deleted file mode 100644
index 77692dafd7..0000000000
--- a/roles/hubs/templates/honcho-procfile
+++ /dev/null
@@ -1,7 +0,0 @@
-web: /usr/bin/flask-3 run --host 0.0.0.0 --port 5000
-triage: fedora-hubs run triage
-worker: fedora-hubs run worker
-sse: /usr/bin/twistd-3 -l - --pidfile= -n hubs-sse
-fedmsg_hub: /usr/bin/fedmsg-hub-3
-fedmsg_relay: /usr/bin/fedmsg-relay-3
-js_build: cd {{ hubs_code_dir }}/js && npm run dev
diff --git a/roles/hubs/templates/hubs_config b/roles/hubs/templates/hubs_config
deleted file mode 100644
index 0ddfa53588..0000000000
--- a/roles/hubs/templates/hubs_config
+++ /dev/null
@@ -1,28 +0,0 @@
-# Enter any hubs configuration here
-
-SECRET_KEY = "{{ hubs_secret_key }}"
-
-{% if hubs_dev_mode %}
-# Allow the cookie to be sent of http since we work on localhost
-OIDC_ID_TOKEN_COOKIE_SECURE = False
-{% endif %}
-
-OIDC_CLIENT_SECRETS = "{{ hubs_conf_dir }}/client_secrets.json"
-OIDC_OPENID_REALM = "{{ hubs_url }}/oidc_callback"
-{% if hubs_ssl_cert == None %}
-# There's an SSL proxy, flask_oidc will generate a redirect_uri without https
-# if we don't overwrite it here.
-OVERWRITE_REDIRECT_URI = "{{ hubs_url }}/oidc_callback"
-{% endif %}
-
-SSE_URL = {
- # "host": "sse.example.com",
- {% if hubs_dev_mode %}
- "port": "8080",
- {% else %}
- {% if hubs_ssl_cert == None %}
- "scheme": "https", # Because of the SSL proxy
- {% endif %}
- "path": "/sse",
- {% endif %}
-}
diff --git a/roles/hubs/templates/nginx.conf b/roles/hubs/templates/nginx.conf
deleted file mode 100644
index d36c412ee7..0000000000
--- a/roles/hubs/templates/nginx.conf
+++ /dev/null
@@ -1,76 +0,0 @@
-upstream hubs {
- # fail_timeout=0 means we always retry an upstream even if it failed
- # to return a good HTTP response
-
- # for UNIX domain socket setups
- #server unix:/tmp/gunicorn.sock fail_timeout=0;
-
- # for a TCP configuration
- server 127.0.0.1:8000 fail_timeout=0;
-}
-
-upstream hubs-sse {
- # SSE server (twisted-based)
- server 127.0.0.1:8080 fail_timeout=0;
-}
-
-# Main server block
-server {
-{% if hubs_ssl_cert == None %}
- listen 80;
- listen [::]:80;
-{% else %}
- listen 443 deferred;
- listen [::]:443 deferred;
- include ssl_params;
-{% endif %}
-
- server_name {{ hubs_url_hostname }};
-
- client_max_body_size 4G;
- keepalive_timeout 5;
-
- location / {
- # checks for static file, if not found proxy to app
- try_files $uri @proxy_to_app;
- }
-
- # path for static files
- location /static {
- alias /usr/lib/python3.6/site-packages/hubs/static;
- }
-
- location /sse/ {
- include proxy_params;
- proxy_pass http://hubs-sse/;
- # Allow long-running queries (SSE):
- proxy_buffering off;
- proxy_http_version 1.1;
- proxy_set_header Connection "";
- proxy_cache off;
- chunked_transfer_encoding off;
- keepalive_timeout 0;
- proxy_read_timeout 30m;
- }
-
- location @proxy_to_app {
- include proxy_params;
- proxy_pass http://hubs;
- }
-
- #error_page 500 502 503 504 /500.html;
- #location = /500.html {
- # root /path/to/app/current/public;
- #}
- }
-
-
-{% if hubs_ssl_cert != None %}
-# Redirect cleartext traffic to HTTPS
-server {
- listen 80;
- listen [::]:80;
- server_name {{ hubs_url_hostname }};
- return 301 https://$server_name$request_uri;
-}
-{% endif %}
diff --git a/roles/hubs/templates/nginx_ssl_params b/roles/hubs/templates/nginx_ssl_params
deleted file mode 100644
index 9a411c4157..0000000000
--- a/roles/hubs/templates/nginx_ssl_params
+++ /dev/null
@@ -1,5 +0,0 @@
-ssl on;
-ssl_certificate {{ hubs_ssl_cert }};
-ssl_certificate_key {{ hubs_ssl_key }};
-include /etc/letsencrypt/options-ssl-nginx.conf;
-ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
diff --git a/roles/hubs/templates/oidc_client_secrets.json b/roles/hubs/templates/oidc_client_secrets.json
deleted file mode 100644
index 9098138838..0000000000
--- a/roles/hubs/templates/oidc_client_secrets.json
+++ /dev/null
@@ -1,13 +0,0 @@
-{
- "web": {
- "client_id": "hubs",
- "auth_uri": "https://{{ hubs_oidc_url }}/openidc/Authorization",
- "issuer": "https://{{ hubs_oidc_url }}/openidc/",
- "client_secret": "{{ hubs_oidc_secret }}",
- "token_uri": "https://{{ hubs_oidc_url }}/openidc/Token",
- "userinfo_uri": "https://{{ hubs_oidc_url }}/openidc/UserInfo",
- "redirect_uris": [
- "{{ hubs_url }}/oidc_callback"
- ]
- }
-}