Remove old waiverdb role. See roles/openshift-apps/waiverdb/

2017-11-06 20:59:44 +00:00 · 2017-11-06 20:59:44 +00:00 · ce8b4467c7
commit ce8b4467c7
parent cd36f2d5a0
8 changed files with 0 additions and 220 deletions
--- a/roles/waiverdb/defaults/main.yml
+++ b/roles/waiverdb/defaults/main.yml
@ -1,8 +0,0 @@
---
-waiverdb_db_port: 5432
-waiverdb_oidc_auth_uri: 'https://iddev.fedorainfracloud.org/openidc/Authorization'
-waiverdb_oidc_token_uri: 'https://iddev.fedorainfracloud.org/openidc/Token'
-waiverdb_oidc_client_id: 'D-eb5668aa-f962-4d9e-8131-4ef6d7840436'
-waiverdb_oidc_client_secret: 'QctUSOfqot6-XQd7YG0DeIAI81wlc7oD'
-waiverdb_oidc_token_introspection_uri: 'https://iddev.fedorainfracloud.org/openidc/TokenInfo'
-waiverdb_oidc_userinfo_uri: 'https://iddev.fedorainfracloud.org/openidc/UserInfo'
--- a/roles/waiverdb/files/pg/pg_hba.conf
+++ b/roles/waiverdb/files/pg/pg_hba.conf
@ -1,29 +0,0 @@
-# This file is managed by Ansible - changes may be lost
-#
-# PostgreSQL Client Authentication Configuration File
-# ===================================================
-#
-# Refer to the "Client Authentication" section in the PostgreSQL
-# documentation for a complete description of this file.  A short
-# synopsis follows.
-#
-# This file controls: which hosts are allowed to connect, how clients
-# are authenticated, which PostgreSQL user names they can use, which
-# databases they can access.  Records take one of these forms:
-#
-# local      DATABASE  USER  METHOD  [OPTIONS]
-# host       DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
-# hostssl    DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
-# hostnossl  DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
-#
-# TYPE  DATABASE        USER            ADDRESS                 METHOD
-
-# Default:
-# 
-local  all  postgres    trust
-# "local" is for Unix domain socket connections only
-local  all  all    trust
-# IPv4 local connections:
-host  all  all  127.0.0.1/32  trust
-# IPv6 local connections:
-host  all  all  ::1/128  trust
--- a/roles/waiverdb/handlers/main.yml
+++ b/roles/waiverdb/handlers/main.yml
@ -1,10 +0,0 @@
---
- name: restart waiverdb
-  systemd:
-    name: waiverdb.service
-    state: restarted
-
- name: restart postgresql
-  systemd:
-    name: postgresql.service
-    state: restarted
--- a/roles/waiverdb/tasks/main.yml
+++ b/roles/waiverdb/tasks/main.yml
@ -1,64 +0,0 @@
---
- import_tasks: psql_setup.yml
-
-# Need to set selinux to permissive for now due to https://bugzilla.redhat.com/show_bug.cgi?id=1291940
- name: switch selinux to permissive
-  selinux: policy=targeted state=permissive
-
- name: install needed packages (yum)
-  package: name={{ item }} state=present
-  with_items:
-  - waiverdb
-  - python-gunicorn
-  - python-psycopg2
-  notify:
-  - restart waiverdb
-  when: ansible_distribution_major_version|int < 22
-
- name: install needed packages (dnf)
-  dnf: pkg={{ item }} state=present
-  with_items:
-  - waiverdb
-  - python-gunicorn
-  - python-psycopg2
-  notify:
-  - restart waiverdb
-  when: ansible_distribution_major_version|int > 21
-
- name: start waiverdb on boot
-  systemd:
-    name: waiverdb.socket
-    enabled: yes
-
- name: copy client secrets
-  template:
-    src: etc/waiverdb/client_secrets.json
-    dest: /etc/waiverdb/client_secrets.json
-    owner: root
-    group: root
-    mode: 0640
-  notify:
-  - restart waiverdb
-
- name: generate the app config
-  template:
-    src: etc/waiverdb/settings.py.j2
-    dest: /etc/waiverdb/settings.py
-    owner: root
-    group: root
-    mode: 0660
-    backup: yes
-    force: yes
-  notify:
-  - restart waiverdb
-
- name: install the nginx config
-  template:
-    src: etc/nginx/conf.d/waiverdb.conf.j2
-    dest: /etc/nginx/conf.d/waiverdb.conf
-    owner: nginx
-    group: nginx
-    mode: 0640
-  notify:
-  - restart nginx
- 
--- a/roles/waiverdb/tasks/psql_setup.yml
+++ b/roles/waiverdb/tasks/psql_setup.yml
@ -1,63 +0,0 @@
- name: install postresql (yum)
-  package: state=present pkg={{ item }}
-  with_items:
-  - "postgresql-server"
-  - "postgresql-contrib"
-  - "python-psycopg2"
-  when: ansible_distribution_major_version|int < 22
-
- name: install postresql (dnf)
-  dnf: state=present pkg={{ item }}
-  with_items:
-  - "postgresql-server"
-  - "postgresql-contrib"
-  - "python-psycopg2"
-  when: ansible_distribution_major_version|int > 21
-
- name: See if postgreSQL is installed
-  stat: path=/var/lib/pgsql/initdb_postgresql.log
-  register: pgsql_installed
-
- name: init postgresql
-  shell: "postgresql-setup initdb"
-  when: not pgsql_installed.stat.exists
-
- name: copy pg_hba.conf
-  copy: src="pg/pg_hba.conf" dest=/var/lib/pgsql/data/pg_hba.conf owner=postgres group=postgres mode=0600
-  notify:
-  - restart postgresql
-  tags:
-  - config
-
- name: Ensure postgres has a place to backup to
-  file: dest=/backups state=directory owner=postgres
-  tags:
-  - config
-
- name: Copy over backup scriplet
-  copy: src="{{ files }}/../roles/postgresql_server/files/backup-database" dest=/usr/local/bin/backup-database mode=0755
-  tags:
-  - config
-
- name: Set up some cronjobs to backup databases as configured
-  template: >
-    src="{{ files }}/../roles/postgresql_server/templates/cron-backup-database"
-    dest="/etc/cron.d/cron-backup-database-{{ item }}"
-  with_items:
-  - "{{ dbs_to_backup }}"
-  when: dbs_to_backup != []
-  tags:
-  - config
-
- name: enable Pg service
-  service: state=started enabled=yes name=postgresql
-
- name: Create db
-  postgresql_db: name="waiverdb" encoding='UTF-8'
-  become: yes
-  become_user: postgres
-
- name: Create db user
-  postgresql_user: db="waiverdb" name="waiverdb-user" role_attr_flags=SUPERUSER,NOCREATEDB,NOCREATEROLE
-  become: yes
-  become_user: postgres
--- a/roles/waiverdb/templates/etc/nginx/conf.d/waiverdb.conf.j2
+++ b/roles/waiverdb/templates/etc/nginx/conf.d/waiverdb.conf.j2
@ -1,21 +0,0 @@
-# HTTP server
-server {
-    listen 80 default_server;
-    server_name _;
-
-    large_client_header_buffers 4 32k;
-    client_max_body_size 50M;
-    charset utf-8;
-
-    location / {
-        root   /usr/share/nginx/html;
-        index  index.html index.htm;
-    }
-    location /api {
-        proxy_set_header Host $http_host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-        proxy_pass http://unix:/run/waiverdb/socket:/api;
-    }
-}
--- a/roles/waiverdb/templates/etc/waiverdb/client_secrets.json
+++ b/roles/waiverdb/templates/etc/waiverdb/client_secrets.json
@ -1,11 +0,0 @@
-{
-    "web": {
-        "auth_uri": "{{ waiverdb_oidc_auth_uri }}",
-        "client_id": "{{ waiverdb_oidc_client_id }}",
-        "client_secret": "{{ waiverdb_oidc_client_secret }}",
-        "redirect_uris": [],
-        "token_uri": "{{ waiverdb_oidc_token_uri }}",
-        "token_introspection_uri": "{{ waiverdb_oidc_token_introspection_uri }}",
-        "userinfo_uri": "{{ waiverdb_oidc_userinfo_uri }}"
-    }
-}
--- a/roles/waiverdb/templates/etc/waiverdb/settings.py.j2
+++ b/roles/waiverdb/templates/etc/waiverdb/settings.py.j2
@ -1,14 +0,0 @@
-{% if deployment_type == "prod" %}
-SECRET_KEY = '{{ prod_waiverdb_secret_key }}'
-{% elif deployment_type == "stg" %}
-SECRET_KEY = '{{ stg_waiverdb_secret_key }}'
-{% else %}
-SECRET_KEY = '{{ dev_waiverdb_secret_key }}'
-{% endif %}
-SQLALCHEMY_DATABASE_URI = 'postgresql://waiverdb-user@:{{ waiverdb_db_port }}/waiverdb'
-OIDC_CLIENT_SECRETS = '/etc/waiverdb/client_secrets.json'
-OIDC_REQUIRED_SCOPE = 'https://waiverdb.fedoraproject.org/oidc/create-waiver'
-OIDC_RESOURCE_SERVER_ONLY = True
-{% if deployment_type == "dev" %}
-ZEROMQ_PUBLISH = False
-{% endif %}