inventory/master: Clean up master and drop a bunch of old playbooks for things we no longer have.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2020-05-11 16:59:59 -07:00 · 2020-05-11 16:59:59 -07:00 · ed8b2d0473
commit ed8b2d0473
parent b606ddb322
11 changed files with 13 additions and 489 deletions
--- a/inventory/inventory
+++ b/inventory/inventory
@ -187,9 +187,6 @@ mdapi01.phx2.fedoraproject.org
 [mdapi_stg]
 mdapi01.stg.phx2.fedoraproject.org
 # [minimal]
 # bkernel04.phx2.fedoraproject.org
 [bodhi_backend]
 # This one handles the mashing/releng stuff
 bodhi-backend01.phx2.fedoraproject.org
--- a/master.yml
+++ b/master.yml
@ -16,6 +16,7 @@
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/badges-backend.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/badges-web.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/basset.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/bastion_stg.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/bastion.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/batcave.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/blockerbugs.yml
@ -25,17 +26,16 @@
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/buildvm.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/busgateway.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/certgetter.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-backend.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-aarch64-hypervisors.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-backend.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-dist-git.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-frontend-cloud.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-keygen.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/datagrepper.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/dbgserver.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/oci-registry.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/dns.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/download.yml
- import_playbook: /srv/web/infra/ansible/playbooks/groups/elections.yml
+- import_playbook: /srv/web/infra/ansible/playbooks/groups/fas.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/fedimg.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/fedocal.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/github2fedmsg.yml
@ -46,19 +46,21 @@
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/kojipkgs.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/logserver.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/loopabull.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/mbs.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/mailman.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/maintainer-test.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/mariadb-server.yml
- import_playbook: /srv/web/infra/ansible/playbooks/groups/mirrormanager.yml
+- import_playbook: /srv/web/infra/ansible/playbooks/groups/mbs.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/memcached.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/mirrormanager.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/nfs-servers.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/noc.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/notifs-backend.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/notifs-web.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/nuancier.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/oci-registry.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/odcs.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/openqa.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/openqa-workers.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/openqa.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/osbs-cluster.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/os-cluster.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/os-proxies.yml
@ -67,21 +69,22 @@
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/pdc.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/people.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/pkgs.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/postgresql-server.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/postgresql-server-bdr.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/postgresql-server.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/proxies.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/resultsdb.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/rabbitmq.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/retrace.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/releng-compose.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/resultsdb.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/retrace.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/secondary.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/smtp-mm.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/sign-bridge.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/simple-koji-ci.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/smtp-mm.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/sundries.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/tang.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/taskotron.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/taskotron-client-hosts.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/taskotron.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/torrent.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/unbound.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/value.yml
--- a/playbooks/groups/batcomputer.yml
+++ b/playbooks/groups/batcomputer.yml
@ -1,31 +0,0 @@
 - import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=batcomputer"
 - name: make the box be real
  hosts: batcomputer
  user: root
  gather_facts: True
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  roles:
  - base
  - rkhunter
  - nagios_client
  - hosts
  - fas_client
  - sudo
  - collectd/base
  - ansible-ansible-awx
  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"
  tasks:
  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
  - import_tasks: "{{ tasks_path }}/motd.yml"
  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"
--- a/playbooks/groups/beaker-virthosts.yml
+++ b/playbooks/groups/beaker-virthosts.yml
@ -1,37 +0,0 @@
 # create a new beaker virthost server system
 # NOTE: should be used with --limit most of the time
 # NOTE: most of these vars_path come from group_vars/backup_server or from hostvars
 # This has an extra role that configures the virthost to be used with beaker for
 # virtual machine clients
 - name: make virthost server system
  hosts: beaker_virthosts
  user: root
  gather_facts: True
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  roles:
  - base
  - rkhunter
  - nagios_client
  - hosts
  - fas_client
  - collectd/base
  - { role: iscsi_client, when: datacenter == "phx2" }
  - sudo
  - { role: openvpn/client, when: datacenter != "phx2" }
  - { role: beaker/virthost, tags: ['beakervirthost'] }
  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"
  tasks:
  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
  - import_tasks: "{{ tasks_path }}/motd.yml"
  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"
--- a/playbooks/groups/beaker.yml
+++ b/playbooks/groups/beaker.yml
@ -1,58 +0,0 @@
 # create a new beaker server
 # NOTE: make sure there is room/space for this server on the vmhost
 # NOTE: most of these vars_path come from group_vars/mirrorlist or from hostvars
 - import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=beaker:beaker_stg"
 - name: make the box be real
  hosts: beaker:beaker_stg
  user: root
  gather_facts: True
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  roles:
  - base
  - rkhunter
  - nagios_client
  - hosts
  - fas_client
  - collectd/base
  - sudo
  - apache
  - { role: openvpn/client,
      when: env != "staging", tags: ['openvpn_client'] }
  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"
  tasks:
  # this is how you include other task lists
  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
  - import_tasks: "{{ tasks_path }}/motd.yml"
  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"
 - name: configure beaker and required services
  hosts: beaker:beaker_stg
  user: root
  gather_facts: True
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  roles:
   - { role: mariadb_server, tags: ['mariadb'] }
   - { role: beaker/base, tags: ['beakerbase'] }
   - { role: beaker/server, tags: ['beakerserver'] }
   - { role: beaker/labcontroller, tags: ['beakerlabcontroller'] }
  handlers:
   - import_tasks: "{{ handlers_path }}/restart_services.yml"
--- a/playbooks/groups/dhcp.yml
+++ b/playbooks/groups/dhcp.yml
@ -1,32 +0,0 @@
 - import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=dhcp"
 - name: make the box be real
  hosts: dhcp
  user: root
  gather_facts: True
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  roles:
  - base
  - rkhunter
  - nagios_client
  - hosts
  - fas_client
  - collectd/base
  - sudo
  - dhcp_server
  - tftp_server
  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"
  tasks:
  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
  - import_tasks: "{{ tasks_path }}/motd.yml"
  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"
--- a/playbooks/groups/hubs.yml
+++ b/playbooks/groups/hubs.yml
@ -1,115 +0,0 @@
 # create the hubs server
 # NOTE: should be used with --limit most of the time
 - import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=hubs_stg"
 - name: make the box be real
  hosts: hubs_stg
  user: root
  gather_facts: True
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - /srv/private/ansible/vars.yml
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"
  roles:
  - base
  - rkhunter
  - nagios_client
  - hosts
  - fas_client
  - collectd/base
  - sudo
  - { role: openvpn/client,
      when: env != "staging" }
  tasks:
  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
  - import_tasks: "{{ tasks_path }}/motd.yml"
  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"
 #
 # Database setup
 #
 - name: prepare setting up the database
  hosts: db01.stg.phx2.fedoraproject.org
  gather_facts: no
  user: root
  tasks:
  - name: install psycopg2 for the postgresql ansible modules
    package: name=python-psycopg2 state=present
    tags:
    - packages
 - name: setup the database
  hosts: db01.stg.phx2.fedoraproject.org
  gather_facts: no
  become: yes
  become_user: postgres
  vars_files:
  - /srv/web/infra/ansible/vars/global.yml
  - /srv/private/ansible/vars.yml
  - "/srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml"
  tasks:
  #- name: hubs DB admin user
  #  postgresql_user: name=hubsadmin password={{ hubs_admin_db_pass }}
  #- name: databases creation
  #  postgresql_db: name=hubs owner=hubsadmin encoding=UTF-8
  - name: hubs DB user
    postgresql_user: name=hubsapp password={{ hubs_db_pass }}
  - name: databases creation
    postgresql_db: name=hubs owner=hubsapp encoding=UTF-8
 #
 # Real Hubs-specific work
 #
 - name: setup Hubs
  hosts: hubs_stg
  user: root
  gather_facts: True
  vars_files:
  - /srv/web/infra/ansible/vars/global.yml
  - /srv/private/ansible/vars.yml
  - "/srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml"
  roles:
  - fedmsg/base
  - role: hubs
    main_user: hubs
    hubs_secret_key: "{{ hubs_session_secret }}"
    hubs_db_type: postgresql
    hubs_db_user: hubsapp
    hubs_db_password: "{{ hubs_db_pass }}"
    hubs_dev_mode: false
    hubs_conf_dir: /etc/fedora-hubs
    hubs_var_dir: /var/lib/fedora-hubs
    # Set the SSL files to null because we use a SSL proxy
    hubs_ssl_cert: null
    hubs_ssl_key: null
    hubs_fas_username: "{{ fedoraDummyUser }}"
    hubs_fas_password: "{{ fedoraDummyUserPassword }}"
  tasks:
  - name: add more hubs workers
    service: name={{item}} enabled=yes state=started
    with_items:
    - fedora-hubs-triage@3
    - fedora-hubs-triage@4
    - fedora-hubs-worker@3
    - fedora-hubs-worker@4
  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"
--- a/playbooks/groups/minimal.yml
+++ b/playbooks/groups/minimal.yml
@ -1,30 +0,0 @@
 # This is a basic playbook
 - name: dole out the generic configuration
  hosts: minimal
  user: root
  gather_facts: True
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"
  roles:
  - base
  - rkhunter
  - hosts
  - fas_client
  - nagios_client
  - collectd/base
  - sudo
  tasks:
  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
  - import_tasks: "{{ tasks_path }}/motd.yml"
  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"
--- a/playbooks/groups/newcloud-undercloud.yml
+++ b/playbooks/groups/newcloud-undercloud.yml
@ -1,43 +0,0 @@
 - import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=newcloud_undercloud"
 - name: make the box be real
  hosts: newcloud_undercloud
  user: root
  gather_facts: True
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  roles:
  - base
  - hosts
  - sudo
  - undercloud
  - apache
  - role: httpd/mod_ssl
  - role: httpd/website
    site_name: controller.fedorainfracloud.org
    ssl: true
    sslonly: true
    certbot: true
  - role: httpd/reverseproxy
    website: controller.fedorainfracloud.org
    destname: overcloud
    balancer_name: controller.fedorainfracloud.org
    balancer_members: ['192.168.20.51:80']
    certbot_addhost: undercloud01.fedorainfracloud.org
    http_not_https_yes_this_is_insecure_and_i_feel_bad: true
  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"
  tasks:
  - import_tasks: "{{ tasks_path }}/motd.yml"
  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"
--- a/playbooks/groups/qa.yml
+++ b/playbooks/groups/qa.yml
@ -1,100 +0,0 @@
 ---
 # create a new taskotron CI stg server
 # NOTE: make sure there is room/space for this server on the vmhost
 # NOTE: most of these vars_path come from group_vars/mirrorlist or from hostvars
 - import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=qa_prod:qa_stg"
 - name: make the box be real
  hosts: qa_prod:qa_stg
  user: root
  gather_facts: True
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  roles:
   - { role: base, tags: ['base'] }
   - { role: rkhunter, tags: ['rkhunter'] }
   - { role: nagios_client, tags: ['nagios_client'] }
   - hosts
   - { role: fas_client, tags: ['fas_client'] }
   - { role: collectd/base, tags: ['collectd_base'] }
   - { role: sudo, tags: ['sudo'] }
   - { role: openvpn/client,
       when: deployment_type != "qa-stg", tags: ['openvpn_client'] }
   - apache
  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"
  tasks:
  # this is how you include other task lists
  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
  - import_tasks: "{{ tasks_path }}/motd.yml"
  handlers:
   - import_tasks: "{{ handlers_path }}/restart_services.yml"
 - name: configure qa buildbot CI
  hosts: qa_stg
  user: root
  gather_facts: True
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  roles:
   - { role: taskotron/buildmaster, tags: ['buildmaster'] }
   - { role: taskotron/buildmaster-configure, tags: ['buildmasterconfig'] }
   - { role: taskotron/buildslave, tags: ['buildslave'] }
   - { role: taskotron/buildslave-configure, tags: ['buildslaveconfig'] }
  handlers:
   - import_tasks: "{{ handlers_path }}/restart_services.yml"
 - name: configure static sites for qa-stg
  hosts: qa_prod:qa_stg
  user: root
  gather_facts: True
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  tasks:
    - name: ensure ServerName is set in httpd.conf
      replace: dest=/etc/httpd/conf/httpd.conf regexp='^#ServerName .*$' replace='ServerName {{ external_hostname }}:443'
      notify:
        - reload httpd
      tags:
        - qastaticsites
    - name: create dirs for static sites
      file: path={{ item.document_root }} state=directory owner=apache group=apache mode=1755 setype=httpd_sys_content_t
      with_items: "{{ static_sites }}"
      tags:
        - qastaticsites
    - name: generate virtualhosts for static sites
      template:  src={{ files }}/httpd/qadevel-virtualhost.conf.j2 dest=/etc/httpd/conf.d/{{ item.name }}.conf owner=root group=root mode=0644
      with_items: "{{ static_sites }}"
      notify:
        - reload httpd
      tags:
        - qastaticsites
 # don't need this if buildbot is not enabled
 #  roles:
 #   - { role: taskotron/imagefactory-client,
 #       when: deployment_type != "qa-stg", tags: ['imagefactoryclient'] }
 #
  handlers:
     - import_tasks: "{{ handlers_path }}/restart_services.yml"
--- a/playbooks/groups/rhel8beta.yml
+++ b/playbooks/groups/rhel8beta.yml
@ -1,30 +0,0 @@
 # create a new rhel8 beta test server
 - import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=rhel8beta"
 - name: dole out the generic configuration
  hosts: rhel8beta
  user: root
  gather_facts: True
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  roles:
  - base
  - rkhunter
  - hosts
  - fas_client
  - sudo
  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"
  tasks:
  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
  - import_tasks: "{{ tasks_path }}/motd.yml"
  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"