From 54b72eba2c42468e1de9c513bf56ee333ac10acd Mon Sep 17 00:00:00 2001 From: Nils Philippsen Date: Mon, 25 Jan 2021 12:38:13 +0100 Subject: [PATCH] Remove obsolete Ansible group var files - buildaarch74, buildarm, buildarm_stg - copr_front, copr_front_dev, copr_front_stg - dhcp - faf_stg - fas, fas_stg - fedocal, fedocal_stg - lockbox - mirrorlist2, mirrorlist2_stg - nuancier, nuancier_stg - postgresql_server - resultsdb_iad_prod Signed-off-by: Nils Philippsen --- inventory/group_vars/buildaarch64 | 7 -- inventory/group_vars/buildarm | 28 -------- inventory/group_vars/buildarm_stg | 28 -------- inventory/group_vars/copr_front | 20 ------ inventory/group_vars/copr_front_dev | 33 ---------- inventory/group_vars/copr_front_stg | 33 ---------- inventory/group_vars/dhcp | 13 ---- inventory/group_vars/faf_stg | 17 ----- inventory/group_vars/fas | 53 ---------------- inventory/group_vars/fas_stg | 53 ---------------- inventory/group_vars/fedocal | 41 ------------ inventory/group_vars/fedocal_stg | 41 ------------ inventory/group_vars/lockbox | 33 ---------- inventory/group_vars/mirrorlist2 | 29 --------- inventory/group_vars/mirrorlist2_stg | 20 ------ inventory/group_vars/nuancier | 39 ------------ inventory/group_vars/nuancier_stg | 39 ------------ inventory/group_vars/postgresql_server | 9 --- inventory/group_vars/resultsdb_iad_prod | 81 ------------------------ playbooks/groups/copr-frontend-cloud.yml | 9 +-- 20 files changed, 3 insertions(+), 623 deletions(-) delete mode 100644 inventory/group_vars/buildaarch64 delete mode 100644 inventory/group_vars/buildarm delete mode 100644 inventory/group_vars/buildarm_stg delete mode 100644 inventory/group_vars/copr_front delete mode 100644 inventory/group_vars/copr_front_dev delete mode 100644 inventory/group_vars/copr_front_stg delete mode 100644 inventory/group_vars/dhcp delete mode 100644 inventory/group_vars/faf_stg delete mode 100644 inventory/group_vars/fas delete mode 100644 inventory/group_vars/fas_stg delete mode 100644 inventory/group_vars/fedocal delete mode 100644 inventory/group_vars/fedocal_stg delete mode 100644 inventory/group_vars/lockbox delete mode 100644 inventory/group_vars/mirrorlist2 delete mode 100644 inventory/group_vars/mirrorlist2_stg delete mode 100644 inventory/group_vars/nuancier delete mode 100644 inventory/group_vars/nuancier_stg delete mode 100644 inventory/group_vars/postgresql_server delete mode 100644 inventory/group_vars/resultsdb_iad_prod diff --git a/inventory/group_vars/buildaarch64 b/inventory/group_vars/buildaarch64 deleted file mode 100644 index 51d9715793..0000000000 --- a/inventory/group_vars/buildaarch64 +++ /dev/null @@ -1,7 +0,0 @@ ---- -sudoers: "{{ private }}/files/sudo/sysadmin-secondary-sudoers" - -koji_hub_nfs: "fedora_arm" -koji_server_url: "https://arm.koji.fedoraproject.org/kojihub" -koji_weburl: "https://arm.koji.fedoraproject.org/koji" -koji_topurl: "https://armpkgs.fedoraproject.org/" diff --git a/inventory/group_vars/buildarm b/inventory/group_vars/buildarm deleted file mode 100644 index d1508a225a..0000000000 --- a/inventory/group_vars/buildarm +++ /dev/null @@ -1,28 +0,0 @@ ---- -host_group: kojibuilder -fas_client_groups: sysadmin-releng -sudoers: "{{ private }}/files/sudo/00releng-sudoers" -ansible_ifcfg_blocklist: true - -koji_server_url: "https://koji.fedoraproject.org/kojihub" -koji_weburl: "https:/koji.fedoraproject.org/koji" -koji_topurl: "https://kojipkgs.fedoraproject.org/" - -# These variables are pushed into /etc/system_identification by the base role. -# Groups and individual hosts should ovveride them with specific info. -# See http://infrastructure.fedoraproject.org/csi/security-policy/ - -csi_security_category: High -csi_primary_contact: Fedora Admins - admin@fedoraproject.org -csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This group builds packages for arm architecture. -csi_relationship: | - * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios - * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. - * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new - -# These variables are for koji-containerbuild/osbs -osbs_url: "osbs.fedoraproject.org" -docker_registry: "candidate-registry.fedoraproject.org" -source_registry: "registry.fedoraproject.org" -koji_root: "koji.fedoraproject.org/koji" -koji_hub: "koji.fedoraproject.org/kojihub" diff --git a/inventory/group_vars/buildarm_stg b/inventory/group_vars/buildarm_stg deleted file mode 100644 index ead40772c4..0000000000 --- a/inventory/group_vars/buildarm_stg +++ /dev/null @@ -1,28 +0,0 @@ ---- -host_group: kojibuilder -fas_client_groups: sysadmin-releng -sudoers: "{{ private }}/files/sudo/00releng-sudoers" -ansible_ifcfg_blocklist: true - -koji_server_url: "https://koji.stg.fedoraproject.org/kojihub" -koji_weburl: "https:/koji.stg.fedoraproject.org/koji" -koji_topurl: "https://kojipkgs.stg.fedoraproject.org/" - -# These variables are pushed into /etc/system_identification by the base role. -# Groups and individual hosts should ovveride them with specific info. -# See http://infrastructure.fedoraproject.org/csi/security-policy/ - -csi_security_category: High -csi_primary_contact: Fedora Admins - admin@fedoraproject.org -csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This group builds packages for arm architecture. -csi_relationship: | - * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios - * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. - * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new - -# These variables are for koji-containerbuild/osbs -osbs_url: "osbs.stg.fedoraproject.org" -docker_registry: "candidate-registry.stg.fedoraproject.org" -source_registry: "registry.fedoraproject.org" -koji_root: "koji.stg.fedoraproject.org/koji" -koji_hub: "koji.stg.fedoraproject.org/kojihub" diff --git a/inventory/group_vars/copr_front b/inventory/group_vars/copr_front deleted file mode 100644 index 9bd8038b33..0000000000 --- a/inventory/group_vars/copr_front +++ /dev/null @@ -1,20 +0,0 @@ ---- -copr_hostname: "copr-fe.cloud.fedoraproject.org" -copr_frontend_public_hostname: "copr.fedorainfracloud.org" - -# These variables are pushed into /etc/system_identification by the base role. -# Groups and individual hosts should override them with specific info. -# See http://infrastructure.fedoraproject.org/csi/security-policy/ - -csi_security_category: Moderate -csi_primary_contact: "msuchy (mirek), frostyx, praiskup IRC #fedora-admin, #fedora-buildsys" -csi_purpose: Provide a publicly accessible frontend for 3rd party packages (copr) -csi_relationship: | - - This host provides the frontend part of copr only. - - It's the point of contact between end users and the copr build system (backend, package singer) - -copr_pagure_events: - io.pagure.prod.pagure: "https://pagure.io/" - org.fedoraproject.prod.pagure: "https://src.fedoraproject.org/" - -copr_messaging_queue: "a9b74258-21c6-4e79-ba65-9e858dc84a2b" diff --git a/inventory/group_vars/copr_front_dev b/inventory/group_vars/copr_front_dev deleted file mode 100644 index 919bb4b70b..0000000000 --- a/inventory/group_vars/copr_front_dev +++ /dev/null @@ -1,33 +0,0 @@ ---- -copr_frontend_public_hostname: "copr-fe-dev.cloud.fedoraproject.org" - -fas_client_groups: sysadmin-copr,fi-apprentice,sysadmin-noc,sysadmin-veteran -csi_security_category: Low -csi_primary_contact: "msuchy (mirek), frostyx, praiskup IRC #fedora-admin, #fedora-buildsys" -csi_purpose: Provide the testing environment of copr's frontend -csi_relationship: This host is the testing environment for copr's web interface - -copr_mbs_cli_login: Y29wcg==##vtvvikhcjncwkfkdcssv - -# consumed by roles/copr/certbot -letsencrypt: - predefined_deploy_script: httpd - certificates: - copr-fe-dev.cloud.fedoraproject.org: - domains: - - copr-fe-dev.cloud.fedoraproject.org - challenge_dir: /var/www/html - mail: copr-devel@lists.fedorahosted.org - -whitelist_emails: - - msuchy@redhat.com - - praiskup@redhat.com - - jkadlcik@redhat.com - - schlupov@redhat.com - -copr_pagure_events: - io.pagure.prod.pagure: "https://pagure.io/" - org.fedoraproject.prod.pagure: "https://src.fedoraproject.org/" - io.pagure.stg.pagure: "https://stg.pagure.io" - -copr_messaging_queue: "c8e11df7-e863-4ca4-99b9-d37c6663c7f7" diff --git a/inventory/group_vars/copr_front_stg b/inventory/group_vars/copr_front_stg deleted file mode 100644 index b74c2a88db..0000000000 --- a/inventory/group_vars/copr_front_stg +++ /dev/null @@ -1,33 +0,0 @@ ---- -# Define resources for this group of hosts here. -lvm_size: 10000 -mem_size: 2048 -num_cpus: 1 - -# for systems that do not match the above - specify the same parameter in -# the host_vars/$hostname file - -copr_frontend_public_hostname: "copr.stg.fedoraproject.org" - -copruser_db_password: "{{ copruser_db_password_stg }}" - -tcp_ports: [ 80 ] - -custom_rules: [ - # Need for rsync from log01 for logs. - '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', - '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT', - ] - -fas_client_groups: sysadmin-copr,fi-apprentice,sysadmin-noc,sysadmin-veteran - -freezes: false - -# For the MOTD -csi_security_category: Low -csi_primary_contact: Fedora admins - admin@fedoraproject.org -csi_purpose: Copr community build service -csi_relationship: | - This machine depends on: - - PostgreSQL DB server - - bastion (for mail relay) diff --git a/inventory/group_vars/dhcp b/inventory/group_vars/dhcp deleted file mode 100644 index 061b46bc43..0000000000 --- a/inventory/group_vars/dhcp +++ /dev/null @@ -1,13 +0,0 @@ ---- -# Define resources for this group of hosts here. -lvm_size: 10000 -mem_size: 1024 -num_cpus: 1 - -# for systems that do not match the above - specify the same parameter in -# the host_vars/$hostname file - -tcp_ports: [ 68 ] -udp_ports: [ 69 ] - -fas_client_groups: sysadmin-noc,fi-apprentice,sysadmin-veteran diff --git a/inventory/group_vars/faf_stg b/inventory/group_vars/faf_stg deleted file mode 100644 index 8a062493c6..0000000000 --- a/inventory/group_vars/faf_stg +++ /dev/null @@ -1,17 +0,0 @@ ---- -fas_client_groups: retrace - -tcp_ports: [ 80, 443 ] - -sudoers: "{{ private }}/files/sudo/arm-retrace-sudoers" - -nagios_Check_Services: - mail: false - nrpe: false - swap: false - -# kernel SHMMAX value -kernel_shmmax: 687194767 -shared_buffers: "1GB" -effective_cache_size: "3GB" - diff --git a/inventory/group_vars/fas b/inventory/group_vars/fas deleted file mode 100644 index 91a11850d1..0000000000 --- a/inventory/group_vars/fas +++ /dev/null @@ -1,53 +0,0 @@ ---- -# Define resources for this group of hosts here. -lvm_size: 30000 -mem_size: 16384 -num_cpus: 8 - -virt_install_command: "{{ virt_install_command_rhel6 }}" - -base_pkgs_inst: ['iptables'] -base_pkgs_erase: ['firstboot-tui','bluez-utils', 'sendmail','firewalld'] -service_disabled: [] -service_enabled: [] -is_rhel: True - -# for systems that do not match the above - specify the same parameter in -# the host_vars/$hostname file - -wsgi_fedmsg_service: fas -wsgi_procs: 40 -wsgi_threads: 1 - -tcp_ports: [ 80, 873, 8443, 8444 ] - -fas_client_groups: sysadmin-main,sysadmin-accounts - -master_fas_node: False -gen_cert: False - -# A host group for rsync config -rsync_group: fas - -nrpe_procs_warn: 300 -nrpe_procs_crit: 500 - -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: -- service: shell - owner: root - group: sysadmin - can_send: - - logger.log -- service: fas - owner: root - group: fas - can_send: - - fas.group.create - - fas.group.member.apply - - fas.group.member.remove - - fas.group.member.sponsor - - fas.group.update - - fas.role.update - - fas.user.create - - fas.user.update diff --git a/inventory/group_vars/fas_stg b/inventory/group_vars/fas_stg deleted file mode 100644 index f921c234af..0000000000 --- a/inventory/group_vars/fas_stg +++ /dev/null @@ -1,53 +0,0 @@ ---- -# Define resources for this group of hosts here. -lvm_size: 30000 -mem_size: 8192 -num_cpus: 2 - -virt_install_command: "{{ virt_install_command_rhel6 }}" - -base_pkgs_inst: ['iptables'] -base_pkgs_erase: ['firstboot-tui','bluez-utils', 'sendmail','firewalld'] -service_disabled: [] -service_enabled: [] -is_rhel: True - -# for systems that do not match the above - specify the same parameter in -# the host_vars/$hostname file - -wsgi_fedmsg_service: fas -wsgi_procs: 40 -wsgi_threads: 1 - -tcp_ports: [ 80, 873, 8443, 8444 ] - -fas_client_groups: sysadmin-main,sysadmin-accounts - -master_fas_node: False -gen_cert: False - -# A host group for rsync config -rsync_group: fas - -nrpe_procs_warn: 300 -nrpe_procs_crit: 500 - -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: -- service: shell - owner: root - group: sysadmin - can_send: - - logger.log -- service: fas - owner: root - group: fas - can_send: - - fas.group.create - - fas.group.member.apply - - fas.group.member.remove - - fas.group.member.sponsor - - fas.group.update - - fas.role.update - - fas.user.create - - fas.user.update diff --git a/inventory/group_vars/fedocal b/inventory/group_vars/fedocal deleted file mode 100644 index 5b9bf7194a..0000000000 --- a/inventory/group_vars/fedocal +++ /dev/null @@ -1,41 +0,0 @@ ---- -# Define resources for this group of hosts here. -lvm_size: 20000 -mem_size: 4096 -num_cpus: 2 - -# for systems that do not match the above - specify the same parameter in -# the host_vars/$hostname file - -tcp_ports: [ 80, 443, - # These 16 ports are used by fedmsg. One for each wsgi thread. - 3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007, - 3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015] - -# Neeed for rsync from log01 for logs. -custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] - -fas_client_groups: sysadmin-noc,sysadmin-web,sysadmin-veteran - -freezes: false - -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: -- service: shell - owner: root - group: sysadmin - can_send: - - logger.log -- service: fedocal - owner: root - group: apache - can_send: - - fedocal.calendar.clear - - fedocal.calendar.delete - - fedocal.calendar.new - - fedocal.calendar.update - - fedocal.calendar.upload - - fedocal.meeting.delete - - fedocal.meeting.new - - fedocal.meeting.reminder - - fedocal.meeting.update diff --git a/inventory/group_vars/fedocal_stg b/inventory/group_vars/fedocal_stg deleted file mode 100644 index 10fa734c4e..0000000000 --- a/inventory/group_vars/fedocal_stg +++ /dev/null @@ -1,41 +0,0 @@ ---- -# Define resources for this group of hosts here. -lvm_size: 20000 -mem_size: 1024 -num_cpus: 2 - -# for systems that do not match the above - specify the same parameter in -# the host_vars/$hostname file - -tcp_ports: [ 80, 443, - # These 16 ports are used by fedmsg. One for each wsgi thread. - 3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007, - 3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015] - -# Neeed for rsync from log01 for logs. -custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] - -fas_client_groups: sysadmin-noc,sysadmin-web,sysadmin-veteran - -freezes: false - -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: -- service: shell - owner: root - group: sysadmin - can_send: - - logger.log -- service: fedocal - owner: root - group: apache - can_send: - - fedocal.calendar.clear - - fedocal.calendar.delete - - fedocal.calendar.new - - fedocal.calendar.update - - fedocal.calendar.upload - - fedocal.meeting.delete - - fedocal.meeting.new - - fedocal.meeting.reminder - - fedocal.meeting.update diff --git a/inventory/group_vars/lockbox b/inventory/group_vars/lockbox deleted file mode 100644 index 338338af4a..0000000000 --- a/inventory/group_vars/lockbox +++ /dev/null @@ -1,33 +0,0 @@ ---- -# Define resources for this group of hosts here. -lvm_size: 20000 -mem_size: 2048 -num_cpus: 2 - -tcp_ports: [ 443 ] - -fas_client_groups: sysadmin-noc,sysadmin-qa,fi-apprentice,sysadmin-veteran - -# These are consumed by a task in roles/fedmsg/base/main.yml -# We don't really use the announce cert.. but it was supposed to be a way for -# the FPL and other powers that be to broadcast announcements, like the FCC's -# emergency broadcast system. The cert are group are here.. but no tools on the -# client side are configured to do anything with this yet. -fedmsg_certs: -- service: shell - owner: root - group: sysadmin - can_send: - - ansible.playbook.complete - - ansible.playbook.start - - logger.log -- service: announce - owner: root - group: fedmsg-announce - can_send: - - announce.announcement -- service: scm - owner: root - group: sysadmin - can_send: - - infragit.receive diff --git a/inventory/group_vars/mirrorlist2 b/inventory/group_vars/mirrorlist2 deleted file mode 100644 index 4f86e8dad8..0000000000 --- a/inventory/group_vars/mirrorlist2 +++ /dev/null @@ -1,29 +0,0 @@ ---- -lvm_size: 20000 -mem_size: 8192 -num_cpus: 4 -# for systems that do not match the above - specify the same parameter in -# the host_vars/$hostname file - -custom_rules: [ '-A INPUT -p tcp -m tcp -s 192.168.0.0/16 --dport 80 -j ACCEPT', - '-A INPUT -p tcp -m tcp -s 192.168.0.0/16 --dport 443 -j ACCEPT', - '-A INPUT -p tcp -m tcp -s 10.5.126.0/24 --dport 80 -j ACCEPT', - '-A INPUT -p tcp -m tcp -s 10.5.126.0/24 --dport 443 -j ACCEPT', - '-A INPUT -p tcp -m tcp -s 67.219.144.68/32 --dport 443 -j ACCEPT', - '-A INPUT -p tcp -m tcp -s 5.175.150.50/32 --dport 443 -j ACCEPT', - '-A INPUT -p tcp -m tcp -s 152.19.134.142/32 --dport 443 -j ACCEPT', - '-A INPUT -p tcp -m tcp -s 140.211.169.196/32 --dport 443 -j ACCEPT', ] - -custom6_rules: [ '-A INPUT -p tcp -m tcp -s 2610:28:3090:3001:dead:beef:cafe:fed3 --dport 443 -j ACCEPT', - '-A INPUT -p tcp -m tcp -s 2604:1580:fe00:0:dead:beef:cafe:fed1 --dport 443 -j ACCEPT', - '-A INPUT -p tcp -m tcp -s 2a00:d1a0:1::131 --dport 443 -j ACCEPT', ] - -collectd_apache: true -fas_client_groups: sysadmin-web,sysadmin-noc,fi-apprentice,sysadmin-veteran -nrpe_procs_warn: 1200 -nrpe_procs_crit: 1400 -# By default run 45 wsgi procs -mirrorlist_procs: 60 - -# Set this to get the vpn postfix setup -postfix_group: vpn diff --git a/inventory/group_vars/mirrorlist2_stg b/inventory/group_vars/mirrorlist2_stg deleted file mode 100644 index ba08339d3d..0000000000 --- a/inventory/group_vars/mirrorlist2_stg +++ /dev/null @@ -1,20 +0,0 @@ ---- -lvm_size: 20000 -mem_size: 8192 -num_cpus: 4 -# for systems that do not match the above - specify the same parameter in -# the host_vars/$hostname file - -custom_rules: [ '-A INPUT -p tcp -m tcp -s 192.168.0.0/16 --dport 80 -j ACCEPT', - '-A INPUT -p tcp -m tcp -s 10.5.126.0/24 --dport 80 -j ACCEPT', - '-A INPUT -p tcp -m tcp -s 10.5.126.0/24 --dport 443 -j ACCEPT' ] - -collectd_apache: true -fas_client_groups: sysadmin-noc,fi-apprentice,sysadmin-web,sysadmin-veteran -nrpe_procs_warn: 500 -nrpe_procs_crit: 600 -# By default run 45 wsgi procs -mirrorlist_procs: 60 - -# Set this to get the vpn postfix setup -postfix_group: vpn diff --git a/inventory/group_vars/nuancier b/inventory/group_vars/nuancier deleted file mode 100644 index a94743e393..0000000000 --- a/inventory/group_vars/nuancier +++ /dev/null @@ -1,39 +0,0 @@ ---- -# Define resources for this group of hosts here. -lvm_size: 20000 -mem_size: 4096 -num_cpus: 2 - -# Definining these vars has a number of effects -# 1) mod_wsgi is configured to use the vars for its own setup -# 2) iptables opens enough ports for all threads for fedmsg -# 3) roles/fedmsg/base/ declares enough fedmsg endpoints for all threads -wsgi_fedmsg_service: nuancier -wsgi_procs: 2 -wsgi_threads: 2 - -tcp_ports: [ 80, - # This port is required by gluster - 6996, - ] - -fas_client_groups: sysadmin-noc,sysadmin-web,sysadmin-veteran - -freezes: false - -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: -- service: shell - owner: root - group: sysadmin - can_send: - - logger.log -- service: nuancier - owner: root - group: apache - can_send: - - nuancier.candidate.approved - - nuancier.candidate.denied - - nuancier.candidate.new - - nuancier.election.new - - nuancier.election.update diff --git a/inventory/group_vars/nuancier_stg b/inventory/group_vars/nuancier_stg deleted file mode 100644 index a94743e393..0000000000 --- a/inventory/group_vars/nuancier_stg +++ /dev/null @@ -1,39 +0,0 @@ ---- -# Define resources for this group of hosts here. -lvm_size: 20000 -mem_size: 4096 -num_cpus: 2 - -# Definining these vars has a number of effects -# 1) mod_wsgi is configured to use the vars for its own setup -# 2) iptables opens enough ports for all threads for fedmsg -# 3) roles/fedmsg/base/ declares enough fedmsg endpoints for all threads -wsgi_fedmsg_service: nuancier -wsgi_procs: 2 -wsgi_threads: 2 - -tcp_ports: [ 80, - # This port is required by gluster - 6996, - ] - -fas_client_groups: sysadmin-noc,sysadmin-web,sysadmin-veteran - -freezes: false - -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: -- service: shell - owner: root - group: sysadmin - can_send: - - logger.log -- service: nuancier - owner: root - group: apache - can_send: - - nuancier.candidate.approved - - nuancier.candidate.denied - - nuancier.candidate.new - - nuancier.election.new - - nuancier.election.update diff --git a/inventory/group_vars/postgresql_server b/inventory/group_vars/postgresql_server deleted file mode 100644 index 8721496b04..0000000000 --- a/inventory/group_vars/postgresql_server +++ /dev/null @@ -1,9 +0,0 @@ ---- -# common items for the releng-* boxes -lvm_size: 50000 -mem_size: 8192 -num_cpus: 4 -# for systems that do not match the above - specify the same parameter in -# the host_vars/$hostname file - -fas_client_groups: sysadmin-noc,sysadmin-veteran diff --git a/inventory/group_vars/resultsdb_iad_prod b/inventory/group_vars/resultsdb_iad_prod deleted file mode 100644 index 910fbb7902..0000000000 --- a/inventory/group_vars/resultsdb_iad_prod +++ /dev/null @@ -1,81 +0,0 @@ ---- -############################################################ -# general information -############################################################ -deployment_type: prod -external_hostname: taskotron.fedoraproject.org -tcp_ports: [ 80, 443, "{{ resultsdb_db_port }}" ] - -# common items for the releng-* boxes -lvm_size: 50000 -mem_size: 4096 -num_cpus: 4 -# for systems that do not match the above - specify the same parameter in -# the host_vars/$hostname file - -fas_client_groups: sysadmin-qa -nrpe_procs_warn: 250 -nrpe_procs_crit: 300 - - - - - -############################################################ -# resultsdb details -############################################################ - -# the db_host_machine bits are so that delegation continues to work, even if -# that db is localhost relative to resultsdb - -resultsdb_db_host_machine: db01.iad2.fedoraproject.org -resultsdb_db_host: "{{ resultsdb_db_host_machine }}" -resultsdb_db_port: 5432 -resultsdb_endpoint: 'resultsdb_api' -resultsdb_db_name: resultsdb -resultsdb_db_user: "{{ prod_resultsdb_db_user }}" -resultsdb_db_password: "{{ prod_resultsdb_db_password }}" -resultsdb_secret_key: "{{ prod_resultsdb_secret_key }}" - -allowed_hosts: - - 10.3.160.0/19 - - -############################################################ -# resultsdb-frontend details -############################################################ -resultsdb_fe_endpoint: "resultsdb" -resultsdb_frontend_secret_key: "{{ prod_resultsdb_frontend_secret_key }}" - - -############################################################ -# execdb details -############################################################ -execdb_db_host_machine: db01.iad2.fedoraproject.org -execdb_db_host: "{{ execdb_db_host_machine }}" -execdb_db_port: 5432 -execdb_endpoint: 'execdb' -execdb_db_name: execdb -execdb_db_user: "{{ prod_execdb_db_user }}" -execdb_db_password: "{{ prod_execdb_db_password }}" -execdb_secret_key: "{{ prod_execdb_secret_key }}" - - -############################################################ -# fedmsg details -############################################################ -fedmsg_active: True -fedmsg_cert_prefix: resultsdb - -fedmsg_certs: -- service: shell - owner: root - group: sysadmin - can_send: - - logger.log -- service: resultsdb - owner: root - group: apache - can_send: - - taskotron.result.new - - resultsdb.result.new diff --git a/playbooks/groups/copr-frontend-cloud.yml b/playbooks/groups/copr-frontend-cloud.yml index 09fa16d997..448a97c924 100644 --- a/playbooks/groups/copr-frontend-cloud.yml +++ b/playbooks/groups/copr-frontend-cloud.yml @@ -1,6 +1,5 @@ - name: check/create instance - hosts: copr_front_dev:copr_front:copr_front_dev_aws:copr_front_aws - # hosts: copr_front + hosts: copr_front_dev_aws:copr_front_aws user: root gather_facts: False @@ -23,8 +22,7 @@ - swap_file_size_mb is defined - name: cloud basic setup - hosts: copr_front_dev:copr_front:copr_front_dev_aws:copr_front_aws - # hosts: copr_front + hosts: copr_front_dev_aws:copr_front_aws gather_facts: True vars_files: - /srv/web/infra/ansible/vars/global.yml @@ -40,8 +38,7 @@ when: datacenter != "aws" - name: provision instance - hosts: copr_front:copr_front_dev:copr_front_dev_aws:copr_front_aws - # hosts: copr_front + hosts: copr_front_dev_aws:copr_front_aws gather_facts: True vars_files: