diff --git a/inventory/group_vars/bodhi_backend_stg b/inventory/group_vars/bodhi_backend_stg index e398fe73d0..c2d638f82c 100644 --- a/inventory/group_vars/bodhi_backend_stg +++ b/inventory/group_vars/bodhi_backend_stg @@ -31,16 +31,13 @@ testing: True notes: | Run the Bodhi masher. - The mashing of repos here happens as part of the 'fedmsg-hub' daemon. - Check logs with 'journalctl -u fedmsg-hub'. - Check the bodhi masher docs/code for more detail on what it does: https://github.com/fedora-infra/bodhi/blob/develop/bodhi/consumers/masher.py * This host relies on: * db01 for its database, which is shares with the bodhi2 frontend nodes. * An NFS mount of koji data in /mnt/koji/ - * The fedmsg bus for triggering mashes. + * The fedora messaging for triggering mashes. * XMLRPC calls to koji for tagging and untagging updates. * bugzilla for posting comments about status changes * the wiki for getting information about QA "Test Cases" diff --git a/inventory/group_vars/buildvm_aarch64_stg b/inventory/group_vars/buildvm_aarch64_stg index cbfdeabdd9..95b32abc08 100644 --- a/inventory/group_vars/buildvm_aarch64_stg +++ b/inventory/group_vars/buildvm_aarch64_stg @@ -33,6 +33,6 @@ volgroup: /dev/vg_guests notes: | Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders (staging). * VMs built on top of buildvmhost - * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios + * Relies on koji-hub, Packages, PkgDB, apache, fedora messaging, fas, virthost, and is monitored by nagios * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new diff --git a/inventory/group_vars/buildvm_ppc64le_stg b/inventory/group_vars/buildvm_ppc64le_stg index a9f120b8b9..2d86b5aca3 100644 --- a/inventory/group_vars/buildvm_ppc64le_stg +++ b/inventory/group_vars/buildvm_ppc64le_stg @@ -32,6 +32,6 @@ volgroup: /dev/vg_guests notes: | Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders (staging). * VMs built on top of buildvmhost - * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios + * Relies on koji-hub, Packages, PkgDB, apache, fedora messaging, fas, virthost, and is monitored by nagios * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new diff --git a/inventory/group_vars/buildvm_s390x_stg b/inventory/group_vars/buildvm_s390x_stg index 112594bca2..5ac826ad8d 100644 --- a/inventory/group_vars/buildvm_s390x_stg +++ b/inventory/group_vars/buildvm_s390x_stg @@ -12,6 +12,6 @@ virt_install_command: "{{ virt_install_command_s390x_one_nic_unsafe }}" notes: | Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders. * VMs built on top of a s390x LPAR - * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios + * Relies on koji-hub, Packages, PkgDB, apache, fedora messaging, fas, virthost, and is monitored by nagios * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new diff --git a/inventory/group_vars/buildvm_stg b/inventory/group_vars/buildvm_stg index 10926cf2dd..2b0cf8c8fd 100644 --- a/inventory/group_vars/buildvm_stg +++ b/inventory/group_vars/buildvm_stg @@ -32,6 +32,6 @@ volgroup: /dev/vg_guests notes: | Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders (staging). * VMs built on top of buildvmhost - * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios + * Relies on koji-hub, Packages, PkgDB, apache, fedora messaging, fas, virthost, and is monitored by nagios * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new diff --git a/inventory/group_vars/busgateway_stg b/inventory/group_vars/busgateway_stg deleted file mode 100644 index 2d9b0f17c0..0000000000 --- a/inventory/group_vars/busgateway_stg +++ /dev/null @@ -1,27 +0,0 @@ ---- -# Define resources for this group of hosts here. -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell -ipa_client_shell_groups: - - sysadmin-datanommer - - sysadmin-noc - - sysadmin-veteran -ipa_client_sudo_groups: - - sysadmin-datanommer -ipa_host_group: busgateway -ipa_host_group_desc: Bridge between fedmsg and fedora-messaging -lvm_size: 20000 -mem_size: 4096 -num_cpus: 1 -# for systems that do not match the above - specify the same parameter in -# the host_vars/$hostname file -tcp_ports: [3999, # The fedmsg-relay republishes here. Listeners need to connect. - 9941, # The fedmsg-relay listens here. Ephemeral producers connect. - 9940, # The fedmsg-gateway republishes here. Proxies need to connect. - 9919, # The websocket server publishes here. Proxies need to connect. -] diff --git a/inventory/group_vars/github2fedmsg_stg b/inventory/group_vars/github2fedmsg_stg deleted file mode 100644 index e631f64b82..0000000000 --- a/inventory/group_vars/github2fedmsg_stg +++ /dev/null @@ -1,73 +0,0 @@ ---- -# Define resources for this group of hosts here. -# Neeed for rsync from log01 for logs. -custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT'] -nft_custom_rules: - - 'add rule ip filter INPUT ip saddr 10.3.163.39 tcp dport 873 counter accept' - - 'add rule ip filter INPUT ip saddr 192.168.1.59 tcp dport 873 counter accept' -deployment_type: stg -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - github.commit_comment - - github.create - - github.delete - - github.fork - - github.gollum - - github.issue.assigned - - github.issue.closed - - github.issue.comment - - github.issue.edited - - github.issue.labeled - - github.issue.milestone - - github.issue.opened - - github.issue.reopened - - github.issue.unassigned - - github.issue.unlabeled - - github.label - - github.member - - github.page_build - - github.pull_request.assigned - - github.pull_request.closed - - github.pull_request.edited - - github.pull_request.labeled - - github.pull_request.opened - - github.pull_request_review - - github.pull_request_review_comment - - github.pull_request.review_requested - - github.pull_request.synchronize - - github.pull_request.unlabeled - - github.push - - github.release - - github.repository_vulnerability_alert - - github.star - - github.status - - github.team_add - - github.webhook - group: apache - owner: root - service: github2fedmsg -ipa_client_shell_groups: - - sysadmin-noc - - sysadmin-veteran -ipa_host_group: github2fedmsg -ipa_host_group_desc: Bridge select GitHub repo events into bus messages -lvm_size: 20000 -mem_size: 4096 -num_cpus: 1 -tcp_ports: [80] -# for fedora-messaging -username: "github2fedmsg{{ env_suffix }}" -user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.github\..* -# Definining these vars has a number of effects -# 1) mod_wsgi is configured to use the vars for its own setup -# 2) iptables opens enough ports for all threads for fedmsg -# 3) roles/fedmsg/base/ declares enough fedmsg endpoints for all threads -wsgi_fedmsg_service: github2fedmsg -wsgi_procs: 2 -wsgi_threads: 2 diff --git a/inventory/group_vars/greenwave_stg b/inventory/group_vars/greenwave_stg deleted file mode 100644 index 9cb417b264..0000000000 --- a/inventory/group_vars/greenwave_stg +++ /dev/null @@ -1,10 +0,0 @@ ---- -# XXX - this is not really a group of real hosts. -# Instead, it represents an application in openshift. -# See playbooks/openshift-apps/greenwave.yml -fedmsg_certs: - - can_send: - - logger.log - - greenwave.decision.update - service: greenwave -fedmsg_env: stg diff --git a/inventory/group_vars/koji_stg b/inventory/group_vars/koji_stg index 61368e1373..eddc8f6d90 100644 --- a/inventory/group_vars/koji_stg +++ b/inventory/group_vars/koji_stg @@ -1,25 +1,6 @@ --- # Define resources for this group of hosts here. docker_registry: "candidate-registry.stg.fedoraproject.org" -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - buildsys.build.state.change - - buildsys.package.list.change - - buildsys.repo.done - - buildsys.repo.init - - buildsys.rpm.sign - - buildsys.tag - - buildsys.task.state.change - - buildsys.untag - group: apache - owner: root - service: koji ipa_client_shell_groups: - fi-apprentice - sysadmin-noc @@ -42,7 +23,5 @@ num_cpus: 8 source_registry: "registry.stg.fedoraproject.org" # for systems that do not match the above - specify the same parameter in # the host_vars/$hostname file -tcp_ports: [80, 443, 111, 2049, - # These 8 ports are used by fedmsg. One for each wsgi thread. - 3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007] +tcp_ports: [80, 443, 111, 2049] udp_ports: [111, 2049] diff --git a/inventory/group_vars/mailman_stg b/inventory/group_vars/mailman_stg index efb64f031c..b8029b4786 100644 --- a/inventory/group_vars/mailman_stg +++ b/inventory/group_vars/mailman_stg @@ -1,18 +1,6 @@ --- # common items for the releng-* boxes deployment_type: prod -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - mailman.receive - group: mailman - owner: mailman - service: mailman ipa_client_shell_groups: - sysadmin-tools ipa_client_sudo_groups: @@ -59,9 +47,7 @@ num_cpus: 4 # Postfix main.cf postfix_group: mailman-stg -tcp_ports: [25, 80, 443, - # For outbound fedmsg - 3000, 3001, 3002, 3003] +tcp_ports: [25, 80, 443] # mailman role variables mailman_log_level: debug diff --git a/inventory/group_vars/notifs_backend_stg b/inventory/group_vars/notifs_backend_stg index 597c7905bc..4878a9dc8b 100644 --- a/inventory/group_vars/notifs_backend_stg +++ b/inventory/group_vars/notifs_backend_stg @@ -1,27 +1,6 @@ --- # Define resources for this group of hosts here. deployment_type: stg -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - # The shell cert needs to be allowed to send these too so it can do alembic - # upgrades that trigger messages. - can_send: - - fmn.filter.update - - fmn.preference.update - - fmn.rule.update - - fmn.confirmation.update - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - fmn.filter.update - - fmn.preference.update - - fmn.rule.update - - fmn.confirmation.update - group: fedmsg - owner: root - service: fmn ipa_client_shell_groups: - fi-apprentice - sysadmin-noc diff --git a/inventory/group_vars/notifs_web_stg b/inventory/group_vars/notifs_web_stg index 4c759dd349..f508695e0e 100644 --- a/inventory/group_vars/notifs_web_stg +++ b/inventory/group_vars/notifs_web_stg @@ -1,21 +1,6 @@ --- # Define resources for this group of hosts here. deployment_type: stg -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - fmn.filter.update - - fmn.preference.update - - fmn.rule.update - - fmn.confirmation.update - group: apache - owner: root - service: fmn lvm_size: 20000 mem_size: 1024 num_cpus: 2 diff --git a/inventory/group_vars/pagure_stg b/inventory/group_vars/pagure_stg index 9eeb4b11d6..efb93408a9 100644 --- a/inventory/group_vars/pagure_stg +++ b/inventory/group_vars/pagure_stg @@ -2,46 +2,6 @@ # Define resources for this group of hosts here. # For the MOTD env: pagure-staging -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - pagure.git.receive - - pagure.issue.assigned.added - - pagure.issue.assigned.reset - - pagure.issue.comment.added - - pagure.issue.comment.edited - - pagure.issue.dependency.added - - pagure.issue.dependency.removed - - pagure.issue.drop - - pagure.issue.edit - - pagure.issue.new - - pagure.issue.tag.added - - pagure.issue.tag.removed - - pagure.project.deleted - - pagure.project.edit - - pagure.project.forked - - pagure.project.group.added - - pagure.project.new - - pagure.project.tag.edited - - pagure.project.tag.removed - - pagure.project.user.access.updated - - pagure.project.user.added - - pagure.pull-request.closed - - pagure.pull-request.comment.added - - pagure.pull-request.flag.added - - pagure.pull-request.flag.updated - - pagure.pull-request.new - - pagure.request.assigned.added - group: apache - owner: git - service: pagure -fedmsg_env: stg -fedmsg_prefix: io.pagure freezes: false git_basepath: /srv/git/repositories git_daemon_user: git @@ -71,9 +31,7 @@ stunnel_source_port: :::8088 # the host_vars/$hostname file tcp_ports: [22, 25, 80, 443, 9418, # Used for the eventsource server - 8088, - # This is for the pagure public fedmsg relay - 9940] + 8088] vpn: true notes: | diff --git a/inventory/group_vars/pkgs_stg b/inventory/group_vars/pkgs_stg index cb6f046ce4..cb6d74b002 100644 --- a/inventory/group_vars/pkgs_stg +++ b/inventory/group_vars/pkgs_stg @@ -20,61 +20,6 @@ clamscan_paths: # This host is externally reachable # external: true -fedmsg_active: True -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - - git.branch - - git.mass_branch.complete - - git.mass_branch.start - - pagure.git.receive - group: sysadmin - owner: root - service: shell - - can_send: - - git.branch - - git.mass_branch.complete - - git.mass_branch.start - - git.receive - - pagure.git.receive - group: packager - owner: root - service: scm - - can_send: - - git.lookaside.new - group: apache - owner: root - service: lookaside - - can_send: - - pagure.git.receive - - pagure.issue.assigned.added - - pagure.issue.assigned.reset - - pagure.issue.comment.added - - pagure.issue.dependency.added - - pagure.issue.dependency.removed - - pagure.issue.edit - - pagure.issue.new - - pagure.issue.tag.added - - pagure.issue.tag.removed - - pagure.project.edit - - pagure.project.forked - - pagure.project.group.added - - pagure.project.new - - pagure.project.tag.edited - - pagure.project.tag.removed - - pagure.project.user.added - - pagure.project.user.removed - - pagure.pull-request.closed - - pagure.pull-request.comment.added - - pagure.pull-request.comment.edited - - pagure.pull-request.flag.added - - pagure.pull-request.flag.updated - - pagure.pull-request.new - - pagure.request.assigned.added - group: apache - owner: pagure - service: pagure ipa_client_shell_groups: - packager - sysadmin-cvs diff --git a/inventory/group_vars/proxies_stg b/inventory/group_vars/proxies_stg index 39ff48f242..33b33571df 100644 --- a/inventory/group_vars/proxies_stg +++ b/inventory/group_vars/proxies_stg @@ -9,10 +9,6 @@ custom_rules: [ '-A INPUT -p tcp -m tcp -s 127.0.0.1 --dport 6081 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 127.0.0.1 --dport 6082 -j ACCEPT', # also allow varnish from internal for purge requests '-A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport 6081 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.0/24 --dport 6081 -j ACCEPT', - # Allow stg.fedoramagazine.org running at vultr.com to talk inbound fedmsg - # Contact cydrobolt about the status of this. It hasn't hit prod status - # yet as of 2015-04-27 (threebean). - '-A INPUT -p tcp -m tcp --dport 9941 -s 104.207.133.220 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.115 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.116 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.117 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.118 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.119 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.120 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.121 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.122 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.123 -j ACCEPT'] nft_custom_rules: # Need for rsync from log01 for logs. @@ -24,11 +20,6 @@ nft_custom_rules: # also allow varnish from internal for purge requests - 'add rule ip filter INPUT ip saddr 192.168.1.0/24 tcp dport 6081 counter accept' - 'add rule ip filter INPUT ip saddr 10.3.163.0/24 tcp dport 6081 counter accept' - # Allow stg.fedoramagazine.org running at vultr.com to talk inbound fedmsg - # Contact cydrobolt about the status of this. It hasn't hit prod status - # yet as of 2015-04-27 (threebean). - #!# FIXME: Keep?? - - 'add rule ip filter INPUT ip saddr 104.207.133.220 tcp dport 9941 counter accept' - 'add rule ip filter INPUT ip saddr 10.3.166.115 tcp dport 22623 counter accept' - 'add rule ip filter INPUT ip saddr 10.3.166.116 tcp dport 22623 counter accept' - 'add rule ip filter INPUT ip saddr 10.3.166.117 tcp dport 22623 counter accept' @@ -80,12 +71,6 @@ tcp_ports: [ 15671, # This is for TOTP 8443, - # For fedmsg websocket server over stunnel - 9939, - # For fedmsg raw zeromq socket (outbound) - 9940, - # 9941 is closed generally, is for the inbound fedmsg and is covered in - # custom_rules ] varnish_group: proxies zabbix_templates: "{{ [] }}" # For the moment we have no proxies external to IAD2, if this changes, put in the changes in the production group. diff --git a/inventory/group_vars/staging b/inventory/group_vars/staging index d262195e31..1022f624c3 100644 --- a/inventory/group_vars/staging +++ b/inventory/group_vars/staging @@ -9,8 +9,6 @@ env_prefix: stg. env_short: stg env_suffix: .stg external: false -fedmsg_env: stg -fedmsg_prefix: org.fedoraproject freezes: false host_group: staging ipa_admin_password: "{{ ipa_stg_admin_password }}" diff --git a/inventory/group_vars/value_stg b/inventory/group_vars/value_stg index c91c714b02..166b76c433 100644 --- a/inventory/group_vars/value_stg +++ b/inventory/group_vars/value_stg @@ -19,32 +19,6 @@ nft_custom_rules: # batcave01 also needs access to announce commits. - 'add rule ip filter INPUT ip saddr 10.3.163.35 tcp dport 5050 counter accept' deployment_type: stg -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - # cookies! - - irc.karma - # standard meetbot stuff - - meetbot.meeting.complete - - meetbot.meeting.start - - meetbot.meeting.topic.update - # meetbot line items - - meetbot.meeting.item.agreed - - meetbot.meeting.item.accepted - - meetbot.meeting.item.rejected - - meetbot.meeting.item.action - - meetbot.meeting.item.info - - meetbot.meeting.item.idea - - meetbot.meeting.item.help - - meetbot.meeting.item.link - group: daemon - owner: root - service: supybot ipa_client_shell_groups: - fi-apprentice - sysadmin-mote @@ -61,9 +35,7 @@ mem_size: 6144 num_cpus: 2 # for systems that do not match the above - specify the same parameter in # the host_vars/$hostname file -tcp_ports: [80, 443, - # These 16 ports are used by fedmsg. One for each wsgi thread. - 3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007, 3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015] +tcp_ports: [80, 443] notes: | Hosts staging services which help facilitate communication over IRC and related mediums. diff --git a/inventory/group_vars/waiverdb_stg b/inventory/group_vars/waiverdb_stg deleted file mode 100644 index f876ba3a97..0000000000 --- a/inventory/group_vars/waiverdb_stg +++ /dev/null @@ -1,10 +0,0 @@ ---- -# XXX - this is not really a group of real hosts. -# Instead, it represents an application in openshift. -# See playbooks/openshift-apps/waiverdb.yml -fedmsg_certs: - - can_send: - - logger.log - - waiverdb.waiver.new - service: waiverdb -fedmsg_env: stg diff --git a/inventory/group_vars/wiki_stg b/inventory/group_vars/wiki_stg index c02a283d60..f87b60e28a 100644 --- a/inventory/group_vars/wiki_stg +++ b/inventory/group_vars/wiki_stg @@ -1,19 +1,6 @@ --- # Define resources for this group of hosts here. deployment_type: stg -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - can_send: - - logger.log - group: sysadmin - owner: root - service: shell - - can_send: - - wiki.article.edit - - wiki.upload.complete - group: apache - owner: root - service: mediawiki ipa_client_shell_groups: - fi-apprentice - sysadmin-noc diff --git a/inventory/host_vars/bodhi-backend01.stg.iad2.fedoraproject.org b/inventory/host_vars/bodhi-backend01.stg.iad2.fedoraproject.org index 3614e51e60..5d7c81316a 100644 --- a/inventory/host_vars/bodhi-backend01.stg.iad2.fedoraproject.org +++ b/inventory/host_vars/bodhi-backend01.stg.iad2.fedoraproject.org @@ -2,22 +2,6 @@ # These are consumed by a task in roles/fedmsg/base/main.yml eth0_ipv4_gw: 10.3.167.254 eth0_ipv4_ip: 10.3.167.32 -fedmsg_certs: - # This first cert is used by the push-tool. releng members run it and it fires - # off a simple fedmsg message that the masher (running as fedmsg-hub) is - # listening for. It then does all the worker. - # These are certs for pungi - - can_send: - # new school pungi-koji stuff (ask dgilmore) - - pungi.compose.phase.start - - pungi.compose.phase.stop - - pungi.compose.status.change - - pungi.compose.createiso.targets - - releng.atomic.twoweek.begin - - releng.atomic.twoweek.complete - group: sysadmin-releng - owner: apache - service: releng ks_repo: https://infrastructure.fedoraproject.org/pub/fedora/linux/releases/40/Server/x86_64/os/ ks_url: https://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-fedora vmhost: bvmhost-x86-03.stg.iad2.fedoraproject.org diff --git a/inventory/host_vars/compose-x86-01.stg.iad2.fedoraproject.org b/inventory/host_vars/compose-x86-01.stg.iad2.fedoraproject.org index bb2b665792..23f2cdd6c0 100644 --- a/inventory/host_vars/compose-x86-01.stg.iad2.fedoraproject.org +++ b/inventory/host_vars/compose-x86-01.stg.iad2.fedoraproject.org @@ -1,14 +1,6 @@ datacenter: staging eth0_ipv4_gw: 10.3.167.254 eth0_ipv4_ip: 10.3.167.33 -# These are consumed by a task in roles/fedmsg/base/main.yml -fedmsg_certs: - - group: root - owner: root - service: shell - - group: root - owner: root - service: bodhi koji_hub_nfs: "fedora_koji" kojihub_scheme: http kojihub_url: koji.stg.fedoraproject.org/kojihub diff --git a/inventory/host_vars/github2fedmsg01.stg.iad2.fedoraproject.org b/inventory/host_vars/github2fedmsg01.stg.iad2.fedoraproject.org deleted file mode 100644 index 4e68c7e28c..0000000000 --- a/inventory/host_vars/github2fedmsg01.stg.iad2.fedoraproject.org +++ /dev/null @@ -1,8 +0,0 @@ ---- -datacenter: iad2 -eth0_ipv4_gw: 10.3.166.254 -eth0_ipv4_ip: 10.3.166.39 -ks_repo: https://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/ -ks_url: https://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-iad2 -vmhost: vmhost-x86-11.stg.iad2.fedoraproject.org -volgroup: /dev/vg_guests diff --git a/inventory/inventory b/inventory/inventory index f614d9c94e..9814241a40 100644 --- a/inventory/inventory +++ b/inventory/inventory @@ -90,18 +90,12 @@ ibiblio05.fedoraproject.org [busgateway] busgateway01.iad2.fedoraproject.org -[busgateway_stg] -busgateway01.stg.iad2.fedoraproject.org - [flatpak_cache] flatpak-cache01.iad2.fedoraproject.org [github2fedmsg] github2fedmsg01.iad2.fedoraproject.org -[github2fedmsg_stg] -github2fedmsg01.stg.iad2.fedoraproject.org - [mailman] mailman01.iad2.fedoraproject.org @@ -161,7 +155,6 @@ db-datanommer01.stg.iad2.fedoraproject.org # clients that talk to the main postgres stg servers [postgres_clients_stg] bodhi-backend01.stg.iad2.fedoraproject.org -busgateway01.stg.iad2.fedoraproject.org koji01.stg.iad2.fedoraproject.org [download_iad2] @@ -532,7 +525,6 @@ buildvm-x86-02.stg.iad2.fedoraproject.org buildvm-x86-03.stg.iad2.fedoraproject.org buildvm-x86-04.stg.iad2.fedoraproject.org buildvm-x86-05.stg.iad2.fedoraproject.org -busgateway01.stg.iad2.fedoraproject.org compose-x86-01.stg.iad2.fedoraproject.org copr-be-dev.aws.fedoraproject.org #copr-be-dev-temp.aws.fedoraproject.org @@ -549,7 +541,6 @@ db.stg.aws.fedoraproject.org debuginfod01.stg.iad2.fedoraproject.org oci-candidate-registry01.stg.iad2.fedoraproject.org oci-registry01.stg.iad2.fedoraproject.org -github2fedmsg01.stg.iad2.fedoraproject.org ipa01.stg.iad2.fedoraproject.org ipa02.stg.iad2.fedoraproject.org ipa03.stg.iad2.fedoraproject.org @@ -667,46 +658,25 @@ wiki02.iad2.fedoraproject.org busgateway pkgs -[fedmsg_hubs_stg:children] -busgateway_stg -pkgs_stg - [fedmsg_ircs:children] value -[fedmsg_ircs_stg:children] -value_stg - [fedmsg_relays:children] busgateway -[fedmsg_relays_stg:children] -busgateway_stg - [fedmsg_gateways:children] busgateway proxies -[fedmsg_gateways_stg:children] -busgateway_stg -proxies_stg - [fedmsg_services:children] fedmsg_hubs fedmsg_ircs fedmsg_relays fedmsg_gateways -[fedmsg_services_stg:children] -fedmsg_hubs_stg -fedmsg_ircs_stg -fedmsg_relays_stg -fedmsg_gateways_stg - # These are groups that are using the python34 fedmsg stack. [python34_fedmsg:children] mailman -mailman_stg ## END fedmsg services @@ -1038,10 +1008,8 @@ bodhi_backend_stg buildvm_stg buildvm_ppc64le_stg buildvm_aarch64_stg -busgateway_stg dbserver_stg debuginfod_stg -github2fedmsg_stg ipa_stg ipsilon_stg koji_stg diff --git a/main.yml b/main.yml index 1f01b56e3e..5ee6587789 100644 --- a/main.yml +++ b/main.yml @@ -5,7 +5,6 @@ ## over all machines. ## ## some common ones: -## -t fedmsgconfig -> runs fedmsg/base config over all playbooks ## -t apache -> run when tasks/apache.yml changes. ## ## diff --git a/playbooks/groups/busgateway.yml b/playbooks/groups/busgateway.yml index 25d655cfa5..083146e4ef 100644 --- a/playbooks/groups/busgateway.yml +++ b/playbooks/groups/busgateway.yml @@ -1,10 +1,10 @@ --- - import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml" vars: - myhosts: "busgateway:busgateway_stg" + myhosts: "busgateway" - name: Dole out the generic configuration - hosts: busgateway:busgateway_stg + hosts: busgateway user: root gather_facts: true @@ -32,7 +32,7 @@ - import_tasks: "{{ handlers_path }}/restart_services.yml" - name: Dole out the service-specific config - hosts: busgateway:busgateway_stg + hosts: busgateway user: root gather_facts: true diff --git a/playbooks/groups/github2fedmsg.yml b/playbooks/groups/github2fedmsg.yml index 99a46d2279..dc8701057d 100644 --- a/playbooks/groups/github2fedmsg.yml +++ b/playbooks/groups/github2fedmsg.yml @@ -6,10 +6,10 @@ --- - import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml" vars: - myhosts: "github2fedmsg:github2fedmsg_stg" + myhosts: "github2fedmsg" - name: Make the box be real - hosts: github2fedmsg:github2fedmsg_stg + hosts: github2fedmsg user: root gather_facts: true @@ -39,7 +39,7 @@ - import_tasks: "{{ handlers_path }}/restart_services.yml" - name: Deploy service-specific config - hosts: github2fedmsg:github2fedmsg_stg + hosts: github2fedmsg user: root gather_facts: true diff --git a/playbooks/manual/noggin-deployment/uninstall_ipa_client.yml b/playbooks/manual/noggin-deployment/uninstall_ipa_client.yml index 70740e3861..4e34499494 100644 --- a/playbooks/manual/noggin-deployment/uninstall_ipa_client.yml +++ b/playbooks/manual/noggin-deployment/uninstall_ipa_client.yml @@ -1,6 +1,6 @@ --- - name: Uninstall IPA client - hosts: bodhi_backend_stg:bugzilla2fedmsg_stg:github2fedmsg_stg:ipsilon_stg:buildvm_stg:buildvm_ppc64le_stg:buildvm_aarch64_stg:buildvm_armv7_stg:buildvm_s390x_stg + hosts: bodhi_backend_stg:bugzilla2fedmsg_stg:ipsilon_stg:buildvm_stg:buildvm_ppc64le_stg:buildvm_aarch64_stg:buildvm_armv7_stg:buildvm_s390x_stg user: root vars_files: - /srv/web/infra/ansible/vars/global.yml diff --git a/playbooks/manual/restart-fedmsg-services.yml b/playbooks/manual/restart-fedmsg-services.yml index a67ba1bbca..89bf439f66 100644 --- a/playbooks/manual/restart-fedmsg-services.yml +++ b/playbooks/manual/restart-fedmsg-services.yml @@ -7,7 +7,7 @@ --- - name: Restart fedmsg-gateway instances - hosts: fedmsg_gateways:fedmsg_gateways_stg + hosts: fedmsg_gateways user: root gather_facts: false @@ -21,7 +21,7 @@ service: name=fedmsg-gateway state=restarted - name: Restart fedmsg-relay instances - hosts: fedmsg_relays:fedmsg_relays_stg + hosts: fedmsg_relays user: root gather_facts: false @@ -35,7 +35,7 @@ service: name=fedmsg-relay state=restarted - name: Restart fedmsg-irc instances - hosts: fedmsg_ircs:fedmsg_ircs_stg + hosts: fedmsg_ircs user: root gather_facts: false @@ -49,7 +49,7 @@ service: name=fedmsg-irc state=restarted - name: Tell nagios to be quiet about FMN for the moment - hosts: notifs_backend:notifs_backend_stg + hosts: notifs_backend user: root gather_facts: false @@ -67,7 +67,7 @@ # service: name=fmn-digests@1 state=restarted - name: Restart fedmsg-hub instances - hosts: fedmsg_hubs:fedmsg_hubs_stg + hosts: fedmsg_hubs user: root gather_facts: false @@ -81,7 +81,7 @@ service: name=fedmsg-hub state=restarted - name: Restart moksha-hub instances - hosts: moksha_hubs:moksha_hubs_stg + hosts: moksha_hubs user: root gather_facts: false diff --git a/playbooks/manual/upgrade/fedmsg.yml b/playbooks/manual/upgrade/fedmsg.yml index 69cc8ba61e..6fc94ba0eb 100644 --- a/playbooks/manual/upgrade/fedmsg.yml +++ b/playbooks/manual/upgrade/fedmsg.yml @@ -2,22 +2,16 @@ - name: Push packages out hosts: - fedmsg-hubs - - fedmsg-hubs-stg - fedmsg-relays - - fedmsg-relays-stg - fedmsg-ircs - - fedmsg-ircs-stg - fedmsg-gateways - - fedmsg-gateways-stg - moksha-hubs - - moksha-hubs-stg - datagrepper - - datagrepper-stg user: root vars_files: diff --git a/roles/base/templates/iptables/iptables.staging b/roles/base/templates/iptables/iptables.staging index 2f5248b4c6..37e41d97fb 100644 --- a/roles/base/templates/iptables/iptables.staging +++ b/roles/base/templates/iptables/iptables.staging @@ -29,13 +29,6 @@ -A INPUT -p tcp -m tcp --dport 10050 -s 10.3.166.61 -j ACCEPT -# if the host declares a fedmsg-enabled wsgi app, open ports for it -{% if wsgi_fedmsg_service is defined %} -{% for i in range(wsgi_procs * wsgi_threads) %} --A INPUT -p tcp -m tcp --dport 30{{ '%02d' % i }} -j ACCEPT -{% endfor %} -{% endif %} - # if the host/group defines incoming tcp_ports - allow them {% for port in tcp_ports %} -A INPUT -p tcp -m tcp --dport {{ port }} -j ACCEPT diff --git a/roles/base/templates/nftables/nftables.staging b/roles/base/templates/nftables/nftables.staging index 78fbb14bfd..3d13e3e928 100644 --- a/roles/base/templates/nftables/nftables.staging +++ b/roles/base/templates/nftables/nftables.staging @@ -29,13 +29,6 @@ add rule ip filter INPUT tcp dport 10051 counter accept add rule ip filter INPUT ip saddr 10.3.166.61 tcp dport 10050 counter accept -# if the host declares a fedmsg-enabled wsgi app, open ports for it -{% if wsgi_fedmsg_service is defined %} -{% for i in range(wsgi_procs * wsgi_threads) %} -add rule ip filter INPUT tcp dport 30{{ '%02d' % i }} counter accept -{% endfor %} -{% endif %} - # if the host/group defines incoming tcp_ports - allow them {% for port in tcp_ports %} add rule ip filter INPUT tcp dport {{ port }} counter accept diff --git a/roles/batcave/tasks/main.yml b/roles/batcave/tasks/main.yml index d386c41b47..b0017c74b3 100644 --- a/roles/batcave/tasks/main.yml +++ b/roles/batcave/tasks/main.yml @@ -201,7 +201,7 @@ - zodbot # -# This is another script to announce commits, this time to the fedmsg bus +# This is another script to announce commits, this time to the fedora messaging # - name: Install packages needed diff --git a/roles/bugzilla2fedmsg/tasks/main.yml b/roles/bugzilla2fedmsg/tasks/main.yml index 99a13e6e3d..769f3b52c0 100644 --- a/roles/bugzilla2fedmsg/tasks/main.yml +++ b/roles/bugzilla2fedmsg/tasks/main.yml @@ -1,6 +1,4 @@ --- -# Setup a fedmsg-hub - - name: Install needed packages ansible.builtin.package: name={{ item }} state=present with_items: diff --git a/roles/bugzilla2fedmsg/templates/bugzilla2fedmsg.ini b/roles/bugzilla2fedmsg/templates/bugzilla2fedmsg.ini index 8f41383c4a..cfdb59a7c6 100644 --- a/roles/bugzilla2fedmsg/templates/bugzilla2fedmsg.ini +++ b/roles/bugzilla2fedmsg/templates/bugzilla2fedmsg.ini @@ -5,8 +5,6 @@ # Some configuration for our workers bugzilla.products = Fedora, Fedora EPEL -# If you have 8 worker threads you *also* need 8 fedmsg endpoints in fedmsg.d/ -# and 8 open holes in the firewall bugzilla.num_workers = 1 moksha.workers_per_consumer = 2 moksha.threadpool_size = 5 diff --git a/roles/collectd/base/tasks/main.yml b/roles/collectd/base/tasks/main.yml index f4153e32cb..2105e1a2c2 100644 --- a/roles/collectd/base/tasks/main.yml +++ b/roles/collectd/base/tasks/main.yml @@ -184,9 +184,6 @@ # each of the below should move to a separate task list # since they are odd-balls and one-offs -# fedmsg - busgateway## only - # add /usr/share/collectd/fedmsg-types.db - # memcached - memcached only # postgres - this is a conn check diff --git a/roles/copr/backend/templates/copr-be.conf.j2 b/roles/copr/backend/templates/copr-be.conf.j2 index 72b00ffdea..4b7c9e67ac 100644 --- a/roles/copr/backend/templates/copr-be.conf.j2 +++ b/roles/copr/backend/templates/copr-be.conf.j2 @@ -77,10 +77,6 @@ builds_max_workers_sandbox=4 # actions. actions_max_workers={% if env == 'production' %}20{% else %}4{% endif %} -# publish fedmsg notifications from workers if true -# default is false -#fedmsg_enabled=false - # enable package signing, require configured # signer host and correct /etc/sign.conf do_sign={{ do_sign }} diff --git a/roles/hosts/files/koji01.stg.iad2.fedoraproject.org-hosts b/roles/hosts/files/koji01.stg.iad2.fedoraproject.org-hosts index c4b5ce5dbc..42f31a4a49 100644 --- a/roles/hosts/files/koji01.stg.iad2.fedoraproject.org-hosts +++ b/roles/hosts/files/koji01.stg.iad2.fedoraproject.org-hosts @@ -1,4 +1,4 @@ 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 -10.5.128.120 db01.stg.phx2.fedoraproject.org db-ask db-elections db-datanommer db-datanommer01 db-datanommer02 db-datanommer02.phx2.fedoraproject.org db-github2fedmsg db-fedocal tagger_dbdb-summershum db-tahrir db-notifs db-kerneltest +10.5.128.120 db01.stg.phx2.fedoraproject.org db-ask db-elections db-datanommer db-datanommer01 db-datanommer02 db-datanommer02.phx2.fedoraproject.org db-fedocal tagger_dbdb-summershum db-tahrir db-notifs db-kerneltest diff --git a/roles/openshift-apps/firmitas/templates/certlist.yml.j2 b/roles/openshift-apps/firmitas/templates/certlist.yml.j2 index a534a1b373..27f322803e 100644 --- a/roles/openshift-apps/firmitas/templates/certlist.yml.j2 +++ b/roles/openshift-apps/firmitas/templates/certlist.yml.j2 @@ -463,22 +463,6 @@ git-hooks: time: null path: production/git-hooks.crt user: firmitas-automata -github2fedmsg.stg: - certstat: - cstarted: true - cstopped: false - daystobt: -2055 - daystodd: 1595 - issuauth: RabbitMQ STAGING CA - serialno: 307862844954847146655560450394425008564 - stopdate: 2029-02-18 18:33:59 - strtdate: 2019-02-21 18:33:59 - notistat: - done: false - link: null - time: null - path: github2fedmsg.stg.crt - user: firmitas-automata gitlab-centos.stg: certstat: cstarted: true diff --git a/roles/openshift-apps/release-monitoring/templates/anitya.toml b/roles/openshift-apps/release-monitoring/templates/anitya.toml index 5ab97dc524..031ffad94a 100644 --- a/roles/openshift-apps/release-monitoring/templates/anitya.toml +++ b/roles/openshift-apps/release-monitoring/templates/anitya.toml @@ -219,11 +219,6 @@ level = "INFO" propagate = false handlers = ["console"] -[anitya_log_config.loggers.fedmsg] -level = "INFO" -propagate = false -handlers = ["console"] - [anitya_log_config.root] level = "INFO" handlers = ["console"] diff --git a/roles/pagure/tasks/main.yml b/roles/pagure/tasks/main.yml index 66d17e723d..f0bb4cf1a6 100644 --- a/roles/pagure/tasks/main.yml +++ b/roles/pagure/tasks/main.yml @@ -483,7 +483,6 @@ # - pagure_api_key_expire_mail.timer - pagure_mirror_project_in - pagure_mirror_project_in.timer -# - fedmsg-relay - haveged ignore_errors: true tags: