fedora-hubs: delete unused ansible role + config

Signed-off-by: Clement Verna <cverna@tutanota.com>
2019-04-23 11:56:47 +02:00 · 2019-04-23 11:56:47 +02:00 · 18048e10ed
commit 18048e10ed
parent ba71e878c2
32 changed files with 0 additions and 846 deletions
--- a/inventory/group_vars/bodhi2
+++ b/inventory/group_vars/bodhi2
@ -113,6 +113,5 @@ csi_relationship: |
      * Blockerbugs checks bodhi for lists of updates.
      * fedora-packages will try to query bodhi for the release status of
        updates.
      * fedora-hubs has some widgets that display bodhi update information.
      * fedora-easy-karma, abrt, 'fedpkg update', an eclipse plugin and other
        client tools make queries to the bodhi webapp here.
--- a/inventory/group_vars/bodhi2-stg
+++ b/inventory/group_vars/bodhi2-stg
@ -116,6 +116,5 @@ csi_relationship: |
      * Blockerbugs checks bodhi for lists of updates.
      * fedora-packages will try to query bodhi for the release status of
        updates.
      * fedora-hubs has some widgets that display bodhi update information.
      * fedora-easy-karma, abrt, 'fedpkg update', an eclipse plugin and other
        client tools make queries to the bodhi webapp here.
--- a/inventory/group_vars/hubs-stg
+++ b/inventory/group_vars/hubs-stg
@ -1,33 +0,0 @@
 ---
 # Define resources for this group of hosts here.
 lvm_size: 20000
 mem_size: 4096
 num_cpus: 2
 # for systems that do not match the above - specify the same parameter in
 # the host_vars/$hostname file
 tcp_ports: [ 80 ]
 fas_client_groups: sysadmin-noc,sysadmin-web,sysadmin-hubs,sysadmin-veteran
 # These are consumed by a task in roles/fedmsg/base/tasks/main.yml
 fedmsg_certs:
 - service: shell
  owner: hubs
  group: hubs
  can_send:
  - logger.log
  - hubs.user.created
  - hubs.user.role.added
  - hubs.user.role.changed
  - hubs.user.role.removed
  - hubs.hub.created
  - hubs.hub.updated
  - hubs.widget.updated
 # Used by the hubs role
 hubs_url_hostname: hubs.stg.fedoraproject.org
 hubs_db_host: db01.stg.phx2.fedoraproject.org
 hubs_oidc_url: id.stg.fedoraproject.org
 hubs_oidc_secret: "{{ hubs_stg_oidc_secret }}"
--- a/master.yml
+++ b/master.yml
@ -138,7 +138,6 @@
 - import_playbook: /srv/web/infra/ansible/playbooks/hosts/fedora-bootstrap.fedorainfracloud.org.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/hosts/fedimg-dev.fedorainfracloud.org.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/hosts/glittergallery-dev.fedorainfracloud.org.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/hosts/hubs-dev.fedorainfracloud.org.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/hosts/iddev.fedorainfracloud.org.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/hosts/lists-dev.fedorainfracloud.org.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/hosts/magazine2.fedorainfracloud.org.yml
--- a/playbooks/include/proxies-websites.yml
+++ b/playbooks/include/proxies-websites.yml
@ -290,12 +290,6 @@
    cert_name: "{{wildcard_cert_name}}"
    tags: ostree
  - role: httpd/website
    site_name: hubs.fedoraproject.org
    sslonly: true
    server_aliases: [hubs.stg.fedoraproject.org]
    cert_name: "{{wildcard_cert_name}}"
  - role: httpd/website
    site_name: flocktofedora.org
    server_aliases:
--- a/roles/fedmsg/irc/templates/ircbot.py
+++ b/roles/fedmsg/irc/templates/ircbot.py
@ -78,29 +78,6 @@ config = dict(
            ),
        ),
        # For fedora-hubs (not fedora-apps)
        dict(
            network='chat.freenode.net',
            port=6667,
            make_pretty=True,
            make_terse=True,
            {% if env == 'staging' %}
            nickname='fn-stg-hubs',
            {% else %}
            nickname='fm-hubs',
            {% endif %}
            channel='fedora-hubs',
            filters=dict(
                topic=[
                    '^((?!(github\.create|github\.issue\.|github\.pull_request\.|github\.commit_comment|github\.star|pagure)).)*$',
                ],
                body=[
                    "^((?!(fedora-hubs)).)*$",
                ],
            ),
        ),
        # For that commops crew!
        dict(
            network='chat.freenode.net',
--- a/roles/haproxy/templates/haproxy.cfg
+++ b/roles/haproxy/templates/haproxy.cfg
@ -178,17 +178,6 @@ backend fedocal-backend
 {% endif %}
    option httpchk GET /calendar
 frontend hubs-frontend
    bind 0.0.0.0:10068
    default_backend hubs-backend
 backend hubs-backend
    balance hdr(appserver)
 {% if env != "production" %}
    server  hubs01 hubs01:80 check inter 10s rise 1 fall 2
 {% endif %}
    option httpchk GET /
 # IMPORTANT: 10023-10026 will NOT work because of selinux policies
 frontend datagrepper-frontend
--- a/roles/hubs/defaults/main.yml
+++ b/roles/hubs/defaults/main.yml
@ -1,21 +0,0 @@
 main_user: hubs
 hubs_dev_mode: false
 hubs_secret_key: changeme
 hubs_base_dir: "/srv/hubs"
 hubs_code_dir: "{{ hubs_base_dir }}/fedora-hubs"
 hubs_conf_dir: "{{ hubs_base_dir }}/config"
 hubs_var_dir: "{{ hubs_base_dir }}/var"
 hubs_log_dir: "{{ hubs_base_dir }}/log"
 hubs_db_type: sqlite
 hubs_db_user: hubs
 hubs_db_password: changeme
 hubs_db_host: localhost
 hubs_db_name: hubs
 hubs_url_hostname: "{{ ansible_fqdn }}"
 hubs_url: http{% if not hubs_dev_mode %}s{% endif %}://{{ hubs_url_hostname }}{% if hubs_dev_mode %}:5000{% endif %}
 hubs_ssl_cert: /etc/pki/tls/certs/{{ hubs_url_hostname }}.crt
 hubs_ssl_key: /etc/pki/tls/private/{{ hubs_url_hostname }}.key
 hubs_fas_username: null
 hubs_fas_password: null
 hubs_oidc_url: iddev.fedorainfracloud.org
 hubs_oidc_secret: changeme
--- a/roles/hubs/files/nginx_proxy_params
+++ b/roles/hubs/files/nginx_proxy_params
@ -1,9 +0,0 @@
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_set_header X-Forwarded-Proto $scheme;
 proxy_set_header Host $http_host;
 # we don't want nginx trying to do something clever with
 # redirects, we set the Host: header above already.
 proxy_redirect off;
 # OpenID Connect uses large headers, we need bigger buffers.
 proxy_buffer_size 128k;
 proxy_buffers 8 256k;
--- a/roles/hubs/files/pg_hba.conf
+++ b/roles/hubs/files/pg_hba.conf
@ -1,14 +0,0 @@
 # PostgreSQL Client Authentication Configuration File
 # ===================================================
 #
 # Refer to the "Client Authentication" section in the PostgreSQL
 # documentation for a complete description of this file.
 # TYPE  DATABASE        USER            ADDRESS                 METHOD
 # "local" is for Unix domain socket connections only
 local   all             all                                     peer
 # IPv4 local connections:
 host    all             all             127.0.0.1/32            md5
 # IPv6 local connections:
 host    all             all             ::1/128                 md5
--- a/roles/hubs/handlers/main.yml
+++ b/roles/hubs/handlers/main.yml
@ -1,26 +0,0 @@
 - name: restart postgresql
  service: name=postgresql state=restarted
 - name: restart hubs triage
  service: name=fedora-hubs-triage@* state=restarted
  listen: "hubs configuration change"
  when: not hubs_dev_mode
 - name: restart hubs workers
  service: name=fedora-hubs-worker@* state=restarted
  listen: "hubs configuration change"
  when: not hubs_dev_mode
 - name: restart hubs SSE server
  service: name=fedora-hubs-sse state=restarted
  listen: "hubs configuration change"
  when: not hubs_dev_mode
 # Webserver
 - name: restart hubs webapp
  service: name=fedora-hubs-webapp state=restarted
  listen: "hubs configuration change"
  when: not hubs_dev_mode
 - name: restart nginx
  service: name=nginx state=restarted
--- a/roles/hubs/meta/main.yml
+++ b/roles/hubs/meta/main.yml
@ -1,3 +0,0 @@
 dependencies:
 - certbot
 - mongodb
--- a/roles/hubs/tasks/db-postgresql.yml
+++ b/roles/hubs/tasks/db-postgresql.yml
@ -1,52 +0,0 @@
 # Set up Postgres, create the database, and populate it.
 - name: Install dependencies
  dnf: name={{ item }} state=present
  with_items:
    - postgresql-server
    - python3-psycopg2
    # For the ansible module
    - python-psycopg2
 - name: Set up postgresql database
  command: postgresql-setup --initdb
  args:
      creates: /var/lib/pgsql/data/base
 - name: Set up postgresql access rules to allow local access
  copy:
      src: pg_hba.conf
      dest: /var/lib/pgsql/data/pg_hba.conf
      owner: postgres
      group: postgres
      mode: 0600
  notify: restart postgresql
 - name: Start and enable postgresql
  service: name=postgresql state=started enabled=yes
 - name: Set up the DB user
  postgresql_user:
      name: hubs
      password: "{{ hubs_db_password }}"
      role_attr_flags: NOSUPERUSER,NOCREATEROLE,NOCREATEDB
  become: true
  become_user: postgres
 - name: Create the database
  postgresql_db:
      name: hubs
      owner: hubs
  register: db_creation
  become: true
  become_user: postgres
 - name: Populate the Fedora Hubs database
  command: "python3 {{ hubs_code_dir }}/populate.py"
  args:
    chdir: "{{ hubs_code_dir }}"
  environment:
    HUBS_CONFIG: "{{ hubs_conf_dir }}/hubs.py"
  become: true
  become_user: "{{ main_user }}"
  when: db_creation|succeeded and db_creation is changed and hubs_dev_mode
--- a/roles/hubs/tasks/db-sqlite.yml
+++ b/roles/hubs/tasks/db-sqlite.yml
@ -1,9 +0,0 @@
 - name: Create and populate the Fedora Hubs database
  command: "python3 {{ hubs_code_dir }}/populate.py"
  args:
    creates: "{{ hubs_var_dir }}/hubs.db"
    chdir: "{{ hubs_code_dir }}"
  environment:
    HUBS_CONFIG: "{{ hubs_conf_dir }}/hubs.py"
  become: true
  become_user: "{{ main_user }}"
--- a/roles/hubs/tasks/dev.yml
+++ b/roles/hubs/tasks/dev.yml
@ -1,82 +0,0 @@
 # Set up the Python development environment
 - name: Install Fedora Hubs requirements.txt into hubs virtualenv
  pip:
    requirements: "{{ hubs_code_dir }}/requirements.txt"
    executable: pip3
 - name: Install Fedora Hubs test-requirements.txt into hubs virtualenv
  pip:
    requirements: "{{ hubs_code_dir }}/test-requirements.txt"
    executable: pip3
 - name: Install other packages into hubs virtualenv
  pip:
    name: "{{ item }}"
    executable: pip3
  with_items:
    - bleach
 - name: Install Fedora Hubs into the virtualenv
  command: "pip3 install -e {{ hubs_code_dir }}"
  args:
    creates: "/usr/lib/python3.6/site-packages/fedora-hubs.egg-link"
 # Set up JavaScript requirements
 - name: Install npm packages
  command: npm install
  become: true
  become_user: "{{ main_user }}"
  args:
    creates: node_modules
    chdir: "{{ hubs_code_dir }}/js"
 - name: Build JavaScript assets
  command: npm run build
  become: true
  become_user: "{{ main_user }}"
  args:
    chdir: "{{ hubs_code_dir }}/js"
    creates: "{{ hubs_code_dir }}/hubs/static/js/build/common.js"
 # Development tools
 - name: Install helpful development packages
  dnf: name={{ item }} state=present
  with_items:
    - git
    - vim-enhanced
 - name: Install Fedora Hubs development tools
  dnf: name={{ item }} state=present
  with_items:
    - python3-honcho
    - python3-tox
 - name: Ease local access to the database
  copy:
    content: "*:*:hubs:hubs:{{ hubs_db_password }}"
    dest: /home/{{ main_user }}/.pgpass
    mode: 600
    owner: "{{ main_user }}"
    group: "{{ main_user }}"
  when: hubs_db_type == "postgresql"
 - name: Install a custom bashrc
  template: src=bashrc dest=/home/{{ main_user }}/.bashrc
 - name: Install Honcho's env file
  template: src=honcho-env dest={{ hubs_base_dir }}/.env
 - name: Install Honcho's procfile
  template: src=honcho-procfile dest={{ hubs_base_dir }}/Procfile
 - name: Link to the FAS credentials file if any
  file:
    state: link
    path: "/etc/fedmsg.d/fas_credentials.py"
    src: "{{ hubs_code_dir }}/fedmsg.d/fas_credentials.py"
  notify: "hubs configuration change"
--- a/roles/hubs/tasks/dev_deps.yml
+++ b/roles/hubs/tasks/dev_deps.yml
@ -1,64 +0,0 @@
 - name: Install Fedora Hubs development packages
  dnf: name={{ item }} state=present
  with_items:
    - gcc
    - gcc-c++
    - libffi-devel
    - openssl-devel
    - python-sphinx
    - python2-devel
    - python3-devel
    - python3-virtualenv
    - python3-flask-oidc
    - python3-moksha-common
    - redhat-rpm-config
    - sqlite-devel
    - npm
    - fedmsg-hub
 - name: Install the distribution versions of requirements.txt
  dnf: name={{ item }} state=present
  with_items:
    - python3-alembic
    - python3-arrow
    - python3-beautifulsoup4
    - python3-bleach
    - python3-blinker
    - python3-dateutil
    - python3-decorator
    - python3-dogpile-cache
    - python3-fedmsg
    - python3-fedmsg-meta-fedora-infrastructure
    - python3-fedora
    - python3-flask
    - python3-flask-oidc
    - python3-html5lib
    - python3-humanize
    - python3-iso3166
    - python3-markdown
    - python3-munch
    - python3-pkgwat-api
    - python3-pygments
    - python3-pygments-markdown-lexer
    - python3-pymongo
    - python3-pytz
    - python3-redis
    - python3-requests
    - python3-retask
    - python3-six
    - python3-sqlalchemy
    - python3-twisted
 - name: Create the directory structure
  file:
    path: "{{ item.path }}"
    state: directory
    owner: "{{ main_user }}"
    group: "{{ main_user }}"
    mode: "{{ item.mode }}"
    #setype: httpd_sys_content_rw_t
  with_items:
    - {path: "{{ hubs_base_dir }}", mode: 755}
    - {path: "{{ hubs_conf_dir }}", mode: 750}
    - {path: "{{ hubs_var_dir }}", mode: 750}
--- a/roles/hubs/tasks/main.yml
+++ b/roles/hubs/tasks/main.yml
@ -1,98 +0,0 @@
 ---
 - name: Install external dependencies
  dnf: name={{ item }} state=present
  with_items:
    - redis
    - python3-fedmsg
    - postfix
 - include_tasks: dev_deps.yml
  when: hubs_dev_mode
 - include_tasks: prod_deps.yml
  when: not hubs_dev_mode
 - name: Add a basic Hubs configuration file
  template:
    src: "{{ item }}"
    dest: "{{ hubs_conf_dir }}/hubs.py"
    owner: root
    group: "{{ main_user }}"
    mode: 0640
  with_first_found:
    - hubs_config.{{ ansible_hostname }}
    - hubs_config
  notify: "hubs configuration change"
 - name: Add a basic fedmsg configuration file
  template:
    src: "{{ item }}"
    dest: "/etc/fedmsg.d/fedora-hubs.py"
  with_first_found:
    - fedmsg_config.{{ ansible_hostname }}
    - fedmsg_config
  notify: "hubs configuration change"
 - name: Configure application to authenticate with the OIDC provider (dev)
  block:
  - dnf: name=python3-flask-oidc state=present
  - command:
      oidc-register
      --output-file {{ hubs_conf_dir }}/client_secrets.json
      https://{{ hubs_oidc_url }}/ {{ hubs_url }}
    args:
      creates: "{{ hubs_conf_dir }}/client_secrets.json"
    notify: "hubs configuration change"
  when: hubs_oidc_url == "iddev.fedorainfracloud.org"
 - name: Configure application to authenticate with the OIDC provider
  template:
    src: oidc_client_secrets.json
    dest: "{{ hubs_conf_dir }}/client_secrets.json"
    owner: root
    group: "{{ main_user }}"
    mode: 0640
  notify: "hubs configuration change"
  when: hubs_oidc_url != "iddev.fedorainfracloud.org"
 - name: Fix the permissions on the OIDC secrets file
  file:
    path: "{{ hubs_conf_dir }}/client_secrets.json"
    owner: root
    group: "{{ main_user }}"
    mode: 0640
 - name: Start and enable the common services
  service: name={{ item }} state=started enabled=yes
  with_items:
    - redis
    - postfix
 # Set up, create, and populate the database.
 - include_tasks: db-{{ hubs_db_type }}.yml
 # Services
 - name: Disable the system-wide fedmsg daemons
  service: name={{ item }} state=stopped enabled=no
  with_items:
    # We use honcho in dev mode and fedmsg-hub-3 in prod mode
    - fedmsg-hub
    # We use honcho in dev mode and fedmsg-relay-3 in prod mode
    - fedmsg-relay
 # Include mode-specific tasks
 - include_tasks: dev.yml
  when: hubs_dev_mode
 - include_tasks: prod.yml
  when: not hubs_dev_mode
--- a/roles/hubs/tasks/prod.yml
+++ b/roles/hubs/tasks/prod.yml
@ -1,19 +0,0 @@
 - name: Install the service environment file
  template:
    src: env
    dest: /etc/sysconfig/fedora-hubs
 - name: Start and enable the services in prod mode
  service: name={{ item }} state=started enabled=yes
  with_items:
    - fedmsg-relay-3
    - fedmsg-hub-3
    - fedora-hubs-triage@1
    - fedora-hubs-triage@2
    - fedora-hubs-worker@1
    - fedora-hubs-worker@2
    - fedora-hubs-worker@3
    - fedora-hubs-worker@4
    - fedora-hubs-sse
 - include_tasks: web-apache.yml
--- a/roles/hubs/tasks/prod_deps.yml
+++ b/roles/hubs/tasks/prod_deps.yml
@ -1,2 +0,0 @@
 - name: Install the Fedora Hubs package
  dnf: name=fedora-hubs state=present
--- a/roles/hubs/tasks/web-apache.yml
+++ b/roles/hubs/tasks/web-apache.yml
@ -1,42 +0,0 @@
 # Webserver config
 - name: Install the webserver packages
  dnf: name={{ item }} state=present
  with_items:
    - python3-mod_wsgi
    - libselinux-python
    - policycoreutils-python
 - name: Apache configuration for hubs
  template:
    src: apache.conf
    dest: /etc/httpd/conf.d/fedora-hubs.conf
  notify:
    - restart apache
 - name: Allow network connection for Apache
  seboolean:
    name: httpd_can_network_connect
    state: yes
    persistent: yes
 - name: Allow execmem for Apache
  seboolean:
    name: httpd_execmem
    state: yes
    persistent: yes
 - name: Allow Apache to write to the cache files
  sefcontext:
    setype: httpd_sys_rw_content_t   
    target: "/var/lib/fedora-hubs(/.*)?"
 - name: Start and enable the services
  service: name={{ item }} state=started enabled=yes
  with_items:
    - httpd
--- a/roles/hubs/tasks/web-nginx.yml
+++ b/roles/hubs/tasks/web-nginx.yml
@ -1,80 +0,0 @@
 # Webserver config
 - name: Install the webserver packages
  dnf: name={{ item }} state=present
  with_items:
    - python3-gunicorn
    - nginx
    - libsemanage-python
 - name: install python3-certbot-nginx
  dnf: name=python3-certbot-nginx state=present
  when: hubs_ssl_cert != None
 - name: get the letsencrypt cert
  command: certbot certonly -n --standalone --pre-hook "systemctl stop nginx" --post-hook "systemctl start nginx" -d {{ hubs_url_hostname }} --agree-tos --email admin@fedoraproject.org
  args:
    creates: "{{ hubs_ssl_key }}"
  when: hubs_ssl_cert != None
  notify:
    - restart nginx
 - name: Nginx configuration for hubs
  template:
    src: nginx.conf
    dest: /etc/nginx/conf.d/fedora-hubs.conf
  notify:
    - restart nginx
 - name: Nginx SSL configuration
  template:
    src: "{{ item }}"
    dest: /etc/nginx/ssl_params
  with_first_found:
    - nginx_ssl_params.{{ ansible_hostname }}
    - nginx_ssl_params
  when: hubs_ssl_cert != None
  notify:
    - restart nginx
 - name: Nginx proxy configuration
  copy:
    src: "{{ item }}"
    dest: /etc/nginx/proxy_params
  with_first_found:
    - nginx_proxy_params.{{ ansible_hostname }}
    - nginx_proxy_params
  notify:
    - restart nginx
 - name: Allow network connection for Nginx
  seboolean:
    name: httpd_can_network_connect
    state: yes
    persistent: yes
 - name: Create the log directory
  file:
    path: "{{ hubs_log_dir }}"
    owner: "{{ main_user }}"
    state: directory
 - name: Install the Gunicorn config file
  template:
    src: gunicorn.py
    dest: "{{ hubs_conf_dir }}/gunicorn.py"
  notify: "hubs configuration change"
 - name: Start and enable the services
  service: name={{ item }} state=started enabled=yes
  with_items:
    - fedora-hubs-webapp
    - nginx
--- a/roles/hubs/templates/apache.conf
+++ b/roles/hubs/templates/apache.conf
@ -1,27 +0,0 @@
 Alias /static      /usr/lib/python3.6/site-packages/hubs/static
 WSGIScriptAlias / /usr/share/fedora-hubs/hubs.wsgi
 WSGIDaemonProcess hubs user=hubs group=hubs display-name=hubs maximum-requests=1000 processes=4 threads=30
 WSGISocketPrefix run/wsgi
 WSGIRestrictStdout On
 WSGIRestrictSignal Off
 WSGIPythonOptimize 1
 <Directory "/usr/share/fedora-hubs">
    <Files hubs.wsgi>
        Order deny,allow
        Allow from all
        Require all granted
    </Files>
    WSGIProcessGroup hubs
 </Directory>
 <Directory "/usr/lib/python3.6/site-packages/hubs/static">
    Order deny,allow
    Allow from all
    Require all granted
 </Directory>
 # SSE
 ProxyPass /sse http://localhost:8080
 ProxyPassReverse /sse http://localhost:8080
--- a/roles/hubs/templates/bashrc
+++ b/roles/hubs/templates/bashrc
@ -1,48 +0,0 @@
 # .bashrc
 # Source global definitions
 if [ -f /etc/bashrc ]; then
    . /etc/bashrc
 fi
 alias vi=vim
 # Uncomment the following line if you don't like systemctl's auto-paging feature:
 # export SYSTEMD_PAGER=
 # User specific aliases and functions
 # If adding new functions to this file, note that you can add help text to the function
 # by defining a variable with name _<function>_help containing the help text
 # Honcho has issues outputing UTF-8 in Vagrant SSH
 # https://github.com/nickstenning/honcho/issues/51
 export PYTHONIOENCODING=utf-8
 export HUBS_CONFIG={{ hubs_conf_dir }}/hubs.py
 export FLASK_APP={{ hubs_code_dir }}/hubs/app.py
 workon() {
    [ "$1" == "hubs" ] || ( echo "No such virtualenv."; exit 1 )
    cd {{ hubs_code_dir }}
 }
 alias hup="pushd ~ ; honcho start ; popd"
 hreset() {
    {% if hubs_db_type == "postgresql" %}
    sudo -u postgres dropdb hubs
    sudo -u postgres createdb -O hubs hubs
    {% else %}
    rm {{ hubs_var_dir }}/hubs.db
    {% endif %}
    rm {{ hubs_var_dir }}/cache.db
    pushd {{ hubs_code_dir }}
    python3 populate.py
    popd
 }
 # Enable autocomplete for the fedora-hubs command
 eval "$(_FEDORA_HUBS_COMPLETE=source fedora-hubs)"
--- a/roles/hubs/templates/env
+++ b/roles/hubs/templates/env
@ -1,2 +0,0 @@
 HUBS_CONFIG={{ hubs_conf_dir }}/hubs.py
 WEBAPP_CONFIG={{ hubs_conf_dir }}/gunicorn.py
--- a/roles/hubs/templates/fedmsg_config
+++ b/roles/hubs/templates/fedmsg_config
@ -1,32 +0,0 @@
 config = {
    # Database
    {% if hubs_db_type == "postgresql" %}
    'hubs.sqlalchemy.uri': 'postgresql://{{ hubs_db_user }}:{{ hubs_db_password }}@{{ hubs_db_host }}/{{ hubs_db_name }}',
    {% else %}
    'hubs.sqlalchemy.uri': 'sqlite:///{{ hubs_var_dir }}/hubs.db',
    {% endif %}
    # Some configuration for the general hubs cache.
    "fedora-hubs.cache": {
        "backend": "dogpile.cache.dbm",
        #"expiration_time": 0,
        "arguments": {
            "filename": "{{ hubs_var_dir }}/cache.db",
        },
    },
    {% if hubs_fas_username and hubs_fas_password %}
    # FAS credentials
    'fas_credentials': {
        'username': '{{ hubs_fas_username }}',
        'password': '{{ hubs_fas_password }}',
        {% if env == "staging" %}
        'base_url': "https://admin.stg.fedoraproject.org/accounts/",
        {% endif %}
    },
    {% endif %}
    # Use fedmsg-relay to publish messages
    'active': True,
 }
--- a/roles/hubs/templates/gunicorn.py
+++ b/roles/hubs/templates/gunicorn.py
@ -1,8 +0,0 @@
 # flake8:noqa
 bind = "127.0.0.1:8000"
 threads = 12
 logconfig = "{{ hubs_conf_dir }}/logging.ini"
 accesslog = "{{ hubs_log_dir }}/access.log"
 errorlog = "{{ hubs_log_dir }}/error.log"
 access_log_format = '%(h)s %(l)s %(u)s %(t)s "%(r)s" %(s)s %(b)s "%(f)s" "%(a)s" (%(L)ss)'
--- a/roles/hubs/templates/honcho-env
+++ b/roles/hubs/templates/honcho-env
@ -1,3 +0,0 @@
 FLASK_DEBUG=1
 FLASK_APP={{ hubs_code_dir }}/hubs/app.py
 HUBS_CONFIG={{ hubs_conf_dir }}/hubs.py
--- a/roles/hubs/templates/honcho-procfile
+++ b/roles/hubs/templates/honcho-procfile
@ -1,7 +0,0 @@
 web: /usr/bin/flask-3 run --host 0.0.0.0 --port 5000
 triage: fedora-hubs run triage
 worker: fedora-hubs run worker
 sse: /usr/bin/twistd-3 -l - --pidfile= -n hubs-sse
 fedmsg_hub: /usr/bin/fedmsg-hub-3
 fedmsg_relay: /usr/bin/fedmsg-relay-3
 js_build: cd {{ hubs_code_dir }}/js && npm run dev
--- a/roles/hubs/templates/hubs_config
+++ b/roles/hubs/templates/hubs_config
@ -1,28 +0,0 @@
 # Enter any hubs configuration here
 SECRET_KEY = "{{ hubs_secret_key }}"
 {% if hubs_dev_mode %}
 # Allow the cookie to be sent of http since we work on localhost
 OIDC_ID_TOKEN_COOKIE_SECURE = False
 {% endif %}
 OIDC_CLIENT_SECRETS = "{{ hubs_conf_dir }}/client_secrets.json"
 OIDC_OPENID_REALM = "{{ hubs_url }}/oidc_callback"
 {% if hubs_ssl_cert == None %}
 # There's an SSL proxy, flask_oidc will generate a redirect_uri without https
 # if we don't overwrite it here.
 OVERWRITE_REDIRECT_URI = "{{ hubs_url }}/oidc_callback"
 {% endif %}
 SSE_URL = {
    # "host": "sse.example.com",
    {% if hubs_dev_mode %}
    "port": "8080",
    {% else %}
    {% if hubs_ssl_cert == None %}
    "scheme": "https",  # Because of the SSL proxy
    {% endif %}
    "path": "/sse",
    {% endif %}
 }
--- a/roles/hubs/templates/nginx.conf
+++ b/roles/hubs/templates/nginx.conf
@ -1,76 +0,0 @@
 upstream hubs {
    # fail_timeout=0 means we always retry an upstream even if it failed
    # to return a good HTTP response
    # for UNIX domain socket setups
    #server unix:/tmp/gunicorn.sock fail_timeout=0;
    # for a TCP configuration
    server 127.0.0.1:8000 fail_timeout=0;
 }
 upstream hubs-sse {
    # SSE server (twisted-based)
    server 127.0.0.1:8080 fail_timeout=0;
 }
 # Main server block
 server {
 {% if hubs_ssl_cert == None %}
    listen 80;
    listen [::]:80;
 {% else %}
    listen 443 deferred;
    listen [::]:443 deferred;
    include ssl_params;
 {% endif %}
    server_name {{ hubs_url_hostname }};
    client_max_body_size 4G;
    keepalive_timeout 5;
    location / {
      # checks for static file, if not found proxy to app
      try_files $uri @proxy_to_app;
    }
    # path for static files
    location /static {
      alias /usr/lib/python3.6/site-packages/hubs/static;
    }
    location /sse/ {
      include proxy_params;
      proxy_pass http://hubs-sse/;
      # Allow long-running queries (SSE):
      proxy_buffering off;
      proxy_http_version 1.1;
      proxy_set_header Connection "";
      proxy_cache off;
      chunked_transfer_encoding off;
      keepalive_timeout 0;
      proxy_read_timeout 30m;
    }
    location @proxy_to_app {
      include proxy_params;
      proxy_pass http://hubs;
    }
    #error_page 500 502 503 504 /500.html;
    #location = /500.html {
    #  root /path/to/app/current/public;
    #}
  }
 {% if hubs_ssl_cert != None %}
 # Redirect cleartext traffic to HTTPS
 server {
    listen 80;
    listen [::]:80;
    server_name {{ hubs_url_hostname }};
    return 301 https://$server_name$request_uri;
 }
 {% endif %}
--- a/roles/hubs/templates/nginx_ssl_params
+++ b/roles/hubs/templates/nginx_ssl_params
@ -1,5 +0,0 @@
 ssl                  on;
 ssl_certificate      {{ hubs_ssl_cert }};
 ssl_certificate_key  {{ hubs_ssl_key }};
 include /etc/letsencrypt/options-ssl-nginx.conf;
 ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
--- a/roles/hubs/templates/oidc_client_secrets.json
+++ b/roles/hubs/templates/oidc_client_secrets.json
@ -1,13 +0,0 @@
 {
    "web": {
        "client_id": "hubs",
        "auth_uri": "https://{{ hubs_oidc_url }}/openidc/Authorization",
        "issuer": "https://{{ hubs_oidc_url }}/openidc/",
        "client_secret": "{{ hubs_oidc_secret }}",
        "token_uri": "https://{{ hubs_oidc_url }}/openidc/Token",
        "userinfo_uri": "https://{{ hubs_oidc_url }}/openidc/UserInfo",
        "redirect_uris": [
            "{{ hubs_url }}/oidc_callback"
        ]
    }
 }
		`@ -1,2 +0,0 @@`
			`- name: Install the Fedora Hubs package`
			`dnf: name=fedora-hubs state=present`
		`@ -1,2 +0,0 @@`
			`HUBS_CONFIG={{ hubs_conf_dir }}/hubs.py`
			`WEBAPP_CONFIG={{ hubs_conf_dir }}/gunicorn.py`