From e3f8c50b234d5be9fc8e20a73999abd290673580 Mon Sep 17 00:00:00 2001
From: Ralph Bean <rbean@redhat.com>
Date: Tue, 24 Jun 2014 14:32:06 +0000
Subject: [PATCH] A role for bugzilla2fedmsg.

---
 handlers/restart_services.yml                 |  3 ++
 inventory/group_vars/bugzilla2fedmsg          |  2 +-
 inventory/group_vars/bugzilla2fedmsg-stg      |  2 +-
 playbooks/groups/bugzilla2fedmsg.yml          | 38 ++++++-------
 .../bugzilla2fedmsg/files/moksha-hub.service  | 13 +++++
 roles/bugzilla2fedmsg/tasks/main.yml          | 53 +++++++++++++++++++
 .../templates/bugzilla2fedmsg.ini             | 30 +++++++++++
 .../templates/endpoints-bugzilla2fedmsg.py.j2 |  1 +
 8 files changed, 121 insertions(+), 21 deletions(-)
 create mode 100644 roles/bugzilla2fedmsg/files/moksha-hub.service
 create mode 100644 roles/bugzilla2fedmsg/tasks/main.yml
 create mode 100644 roles/bugzilla2fedmsg/templates/bugzilla2fedmsg.ini

diff --git a/handlers/restart_services.yml b/handlers/restart_services.yml
index 03ca864702..e4c380c06b 100644
--- a/handlers/restart_services.yml
+++ b/handlers/restart_services.yml
@@ -103,3 +103,6 @@
 
 - name: run rkhunter
   command: rkhunter --propupd
+
+- name: restart moksha-hub
+  service: name=moksha-hub state=restarted
diff --git a/inventory/group_vars/bugzilla2fedmsg b/inventory/group_vars/bugzilla2fedmsg
index 4721004e1d..2d5358e221 100644
--- a/inventory/group_vars/bugzilla2fedmsg
+++ b/inventory/group_vars/bugzilla2fedmsg
@@ -7,7 +7,7 @@ freezes: false
 # for systems that do not match the above - specify the same parameter in
 # the host_vars/$hostname file
 
-tcp_ports: [ 3000 ]
+tcp_ports: [ 3000, 3001 ]
 
 fas_client_groups: sysadmin-noc,sysadmin-datanommer
 
diff --git a/inventory/group_vars/bugzilla2fedmsg-stg b/inventory/group_vars/bugzilla2fedmsg-stg
index fe05f50077..a7b0923c24 100644
--- a/inventory/group_vars/bugzilla2fedmsg-stg
+++ b/inventory/group_vars/bugzilla2fedmsg-stg
@@ -7,7 +7,7 @@ num_cpus: 1
 # for systems that do not match the above - specify the same parameter in
 # the host_vars/$hostname file
 
-tcp_ports: [ 3000 ]
+tcp_ports: [ 3000, 3001 ]
 
 fas_client_groups: sysadmin-noc,sysadmin-datanommer
 
diff --git a/playbooks/groups/bugzilla2fedmsg.yml b/playbooks/groups/bugzilla2fedmsg.yml
index 50d872ff15..efefb38e0f 100644
--- a/playbooks/groups/bugzilla2fedmsg.yml
+++ b/playbooks/groups/bugzilla2fedmsg.yml
@@ -48,22 +48,22 @@
   handlers:
   - include: "{{ handlers }}/restart_services.yml"
 
-#- name: dole out the service-specific config
-#  hosts: bugzilla2fedmsg;bugzilla2fedmsg-stg
-#  user: root
-#  gather_facts: True
-#  accelerate: "{{ accelerated }}"
-#
-#  roles:
-#  - fedmsg/hub
-#  - bugzilla2fedmsg
-#  - role: collectd/fedmsg-service
-#    process: fedmsg-hub
-#
-#  vars_files: 
-#   - /srv/web/infra/ansible/vars/global.yml
-#   - "{{ private }}/vars.yml"
-#   - "{{ vars_path }}/{{ ansible_distribution }}.yml"
-#
-#  handlers:
-#  - include: "{{ handlers }}/restart_services.yml"
+- name: dole out the service-specific config
+  hosts: bugzilla2fedmsg;bugzilla2fedmsg-stg
+  user: root
+  gather_facts: True
+  accelerate: "{{ accelerated }}"
+
+  roles:
+  - bugzilla2fedmsg
+  # This is going to be way different
+  #- role: collectd/fedmsg-service
+  #  process: fedmsg-hub
+
+  vars_files: 
+   - /srv/web/infra/ansible/vars/global.yml
+   - "{{ private }}/vars.yml"
+   - "{{ vars_path }}/{{ ansible_distribution }}.yml"
+
+  handlers:
+  - include: "{{ handlers }}/restart_services.yml"
diff --git a/roles/bugzilla2fedmsg/files/moksha-hub.service b/roles/bugzilla2fedmsg/files/moksha-hub.service
new file mode 100644
index 0000000000..9ba6173c7b
--- /dev/null
+++ b/roles/bugzilla2fedmsg/files/moksha-hub.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=Generic moksha processing hub
+After=network.target
+Documentation=http://moksha.ws/
+
+[Service]
+ExecStart=/usr/bin/moksha-hub /etc/bugzilla2fedmsg.ini
+Type=simple
+User=fedmsg
+Group=fedmsg
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/bugzilla2fedmsg/tasks/main.yml b/roles/bugzilla2fedmsg/tasks/main.yml
new file mode 100644
index 0000000000..9f048c3b5b
--- /dev/null
+++ b/roles/bugzilla2fedmsg/tasks/main.yml
@@ -0,0 +1,53 @@
+---
+# Setup a fedmsg-hub
+
+- name: install needed packages
+  yum: pkg={{ item }} state=installed
+  with_items:
+  - python-moksha-hub
+  - python-bugzilla2fedmsg
+  - python-twisted-words
+  tags:
+  - packages
+
+- name: Copy a custom moksha systemd service file
+  copy: >
+     src=moksha-hub.service
+     dest=/usr/lib/systemd/system/fedmsg-hub.service
+  notify:
+  - restart moksha-hub
+
+- name: Copy the configuration for bugzilla2fedmsg over
+  template: >
+    src=bugzilla2fedmsg.ini
+    dest=/etc/bugzilla2fedmsg.ini
+    owner=fedmsg
+    group=fedmsg
+    mode=0640 
+  notify:
+  - restart moksha-hub
+
+- name: Copy in the staging certificates
+  copy: >
+    src="{{ private }}/files/bugzilla2fedmsg/{{ item }}"
+    dest="/etc/pki/fedmsg/{{ item }}"
+  with_items:
+  - fedora.devel.engineering.redhat.com.crt
+  - fedora.devel.engineering.redhat.com.key
+  when: env == 'staging'
+  notify:
+  - restart moksha-hub
+
+- name: Copy in the production certificates
+  copy: >
+    src="{{ private }}/files/bugzilla2fedmsg/{{ item }}"
+    dest="/etc/pki/fedmsg/{{ item }}"
+  with_items:
+  - fuse-fabric-fedoraproject.org.crt 
+  - fuse-fabric-fedoraproject.org.key
+  when: env != 'staging'
+  notify:
+  - restart moksha-hub
+
+- name: moksha-hub service
+  service: name=moksha-hub state=started enabled=yes
diff --git a/roles/bugzilla2fedmsg/templates/bugzilla2fedmsg.ini b/roles/bugzilla2fedmsg/templates/bugzilla2fedmsg.ini
new file mode 100644
index 0000000000..0e5f63f6d5
--- /dev/null
+++ b/roles/bugzilla2fedmsg/templates/bugzilla2fedmsg.ini
@@ -0,0 +1,30 @@
+# moksha configuration without fedmsg
+
+[app:main]
+
+# Some configuration for our workers
+bugzilla.products = Fedora, Fedora EPEL
+
+# If you have 8 worker threads you *also* need 8 fedmsg endpoints in fedmsg.d/
+# and 8 open holes in the firewall
+bugzilla.num_workers = 2
+
+# These are credentials used to log in to bugzilla
+bugzilla.url = https://bugzilla.redhat.com
+bugzilla.username = {{ bugzilla_user }}
+bugzilla.password = {{ bugzilla_password }}
+
+# Stomp broker configuration.
+{% if env == 'staging %}
+stomp_uri = fuse-fabric-01.stg.jboss.org:61617,fuse-fabric-02.stg.jboss.org:61617,fuse-fabric-03.stg.jboss.org:61617
+stomp_ssl_crt = /etc/fedmsg/pki/fedora.devel.engineering.redhat.com.crt
+stomp_ssl_key = /etc/fedmsg/pki/fedora.devel.engineering.redhat.com.key
+{% else %}
+stomp_uri = fuse-fabric-01.jboss.org:61617,fuse-fabric-02.jboss.org:61617,fuse-fabric-03.jboss.org:61617
+stomp_ssl_crt = /etc/fedmsg/pki/fuse-fabric-fedoraproject.org.crt
+stomp_ssl_key = /etc/fedmsg/pki/fuse-fabric-fedoraproject.org.key
+{% endif %}
+
+stomp_user = {{ redhat_dmz_broker_username }}
+stomp_pass = {{ redhat_dmz_broker_password }}
+
diff --git a/roles/fedmsg/base/templates/endpoints-bugzilla2fedmsg.py.j2 b/roles/fedmsg/base/templates/endpoints-bugzilla2fedmsg.py.j2
index f73c56e0cc..26e9e8a389 100644
--- a/roles/fedmsg/base/templates/endpoints-bugzilla2fedmsg.py.j2
+++ b/roles/fedmsg/base/templates/endpoints-bugzilla2fedmsg.py.j2
@@ -8,6 +8,7 @@ config = dict(
     endpoints={
         "bugzilla2fedmsg.bugzilla2fedmsg01": [
             "tcp://bugzilla2fedmsg01.%s:3000" % suffix,
+            "tcp://bugzilla2fedmsg01.%s:3001" % suffix,
         ],
     },
 )