pagure-proxy: drop pagure-proxy as it's not needed anymore.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2019-07-15 20:46:15 +00:00 · 2019-07-15 20:46:15 +00:00 · 6e30ad8c76
commit 6e30ad8c76
parent 87be5ba24a
5 changed files with 0 additions and 115 deletions
--- a/inventory/group_vars/pagure_proxy
+++ b/inventory/group_vars/pagure_proxy
@ -1,23 +0,0 @@
 ---
 # for systems that do not match the above - specify the same parameter in
 # the host_vars/$hostname file
 tcp_ports: [ 22, 25, 80, 443, 9418,
    # Used for the eventsource
    8088,
    # This is for the pagure public fedmsg relay
    9940]
 fas_client_groups: sysadmin-noc
 freezes: true
 postfix_group: vpn.pagure
 # For the MOTD
 csi_security_category: Low
 csi_primary_contact: Fedora admins - admin@fedoraproject.org
 csi_purpose: Proxy specific ports to OSUOSL for preventing slow peering
 csi_relationship: |
    This box proxies traffic over to pagure01.fedoraproject.org
    (This is done because OSUOSL has terribly slow peering to EU)
--- a/inventory/host_vars/pagure-proxy01.fedoraproject.org
+++ b/inventory/host_vars/pagure-proxy01.fedoraproject.org
@ -1,55 +0,0 @@
 ---
 nm: 255.255.255.128
 gw: 152.19.134.129
 dns: 8.8.8.8
 custom_rules: ['-A FORWARD -j ACCEPT']
 nat_rules: [
    # SSH
    '-A PREROUTING --dst 152.19.134.147 -p tcp --dport 22 -j DNAT --to-destination 8.43.85.75:22',
    '-A POSTROUTING -p tcp --dst 8.43.85.75 --dport 22 -j SNAT --to-source 152.19.134.147',
    '-A OUTPUT --dst 152.19.134.147 -p tcp --dport 22 -j DNAT --to-destination 8.43.85.75:22',
    # SMTP
    '-A PREROUTING --dst 152.19.134.147 -p tcp --dport 25 -j DNAT --to-destination 8.43.85.75:25',
    '-A POSTROUTING -p tcp --dst 8.43.85.75 --dport 25 -j SNAT --to-source 152.19.134.147',
    '-A OUTPUT --dst 152.19.134.147 -p tcp --dport 25 -j DNAT --to-destination 8.43.85.75:25',
    # web-80
    '-A PREROUTING --dst 152.19.134.147 -p tcp --dport 80 -j DNAT --to-destination 8.43.85.75:80',
    '-A POSTROUTING -p tcp --dst 8.43.85.75 --dport 80 -j SNAT --to-source 152.19.134.147',
    '-A OUTPUT --dst 152.19.134.147 -p tcp --dport 80 -j DNAT --to-destination 8.43.85.75:80',
    # web-443
    '-A PREROUTING --dst 152.19.134.147 -p tcp --dport 443 -j DNAT --to-destination 8.43.85.75:443',
    '-A POSTROUTING -p tcp --dst 8.43.85.75 --dport 443 -j SNAT --to-source 152.19.134.147',
    '-A OUTPUT --dst 152.19.134.147 -p tcp --dport 443 -j DNAT --to-destination 8.43.85.75:443',
    # 9418
    '-A PREROUTING --dst 152.19.134.147 -p tcp --dport 9418 -j DNAT --to-destination 8.43.85.75:9418',
    '-A POSTROUTING -p tcp --dst 8.43.85.75 --dport 9418 -j SNAT --to-source 152.19.134.147',
    '-A OUTPUT --dst 152.19.134.147 -p tcp --dport 9418 -j DNAT --to-destination 8.43.85.75:9418',
    # Eventsource
    '-A PREROUTING --dst 152.19.134.147 -p tcp --dport 8088 -j DNAT --to-destination 8.43.85.75:8088',
    '-A POSTROUTING -p tcp --dst 8.43.85.75 --dport 8088 -j SNAT --to-source 152.19.134.147',
    '-A OUTPUT --dst 152.19.134.147 -p tcp --dport 8088 -j DNAT --to-destination 8.43.85.75:8088',
    # Fedmsg
    '-A PREROUTING --dst 152.19.134.147 -p tcp --dport 9940 -j DNAT --to-destination 8.43.85.75:9940',
    '-A POSTROUTING -p tcp --dst 8.43.85.75 --dport 9940 -j SNAT --to-source 152.19.134.147',
    '-A OUTPUT --dst 152.19.134.147 -p tcp --dport 9940 -j DNAT --to-destination 8.43.85.75:9940',
 ]
 ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
 ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 volgroup: /dev/vg_guests
 eth0_ip: 152.19.134.146
 eth0_nm: 255.255.255.128
 has_ipv6: yes
 eth0_ipv6: "2610:28:3090:3001:dead:beef:cafe:fe46"
 eth0_ipv6_gw: "2610:28:3090:3001::1"
 eth0_secondary_ip: 152.19.134.147
 sponsor: ibiblio
 datacenter: ibiblio
 postfix_group: vpn
 vmhost: ibiblio01.fedoraproject.org
--- a/inventory/inventory
+++ b/inventory/inventory
@ -1297,9 +1297,6 @@ pagure01.fedoraproject.org
 [pagure_stg]
 pagure-stg01.fedoraproject.org
 [pagure_proxy]
 pagure-proxy01.fedoraproject.org
 [twisted_buildbots]
 twisted-fedora26-1.fedorainfracloud.org
 twisted-fedora26-2.fedorainfracloud.org
--- a/master.yml
+++ b/master.yml
@ -79,7 +79,6 @@
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/os-proxies.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/packages.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/pagure.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/pagure-proxy.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/pdc.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/people.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/pkgs.yml
--- a/playbooks/groups/pagure-proxy.yml
+++ b/playbooks/groups/pagure-proxy.yml
@ -1,33 +0,0 @@
 - import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=pagure_proxy"
 - name: make the boxen be real for real
  hosts: pagure_proxy
  user: root
  gather_facts: True
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  roles:
  - base
  - rkhunter
  - nagios_client
  - hosts
  - fas_client
  - sudo
  - collectd/base
  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"
  tasks:
  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
  - import_tasks: "{{ tasks_path }}/motd.yml"
  - name: Enable ipv4_forward in sysctl
    sysctl: name=net.ipv4.ip_forward value=1 state=present sysctl_set=yes reload=yes
  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"