diff --git a/roles/copr/frontend/files/banner-include.html b/roles/copr/frontend/files/banner-include.html deleted file mode 100644 index 78ada661ed..0000000000 --- a/roles/copr/frontend/files/banner-include.html +++ /dev/null @@ -1,8 +0,0 @@ -
-

- Warning! This is a staging server. -

-

- Production instance: https://copr.fedoraproject.org/ -

-
diff --git a/roles/copr/frontend/files/fedora/copr-gdpr-sar.sh b/roles/copr/frontend/files/fedora/copr-gdpr-sar.sh deleted file mode 100755 index 043d801175..0000000000 --- a/roles/copr/frontend/files/fedora/copr-gdpr-sar.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash -# Purpose of this script is to be remotely executed from batcave01 -# to collect user SAR data -# Read more: http://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/gdpr_sar.html -# Playbook: https://infrastructure.fedoraproject.org/cgit/ansible.git/tree/playbooks/manual/gdpr/sar.yml -# Usage: SAR_USERNAME=someusername /home/fedora/copr-gdpr-sar.sh -copr-frontend dump_user $SAR_USERNAME diff --git a/roles/copr/frontend/files/httpd.logrotate b/roles/copr/frontend/files/httpd.logrotate deleted file mode 100644 index ac3056152b..0000000000 --- a/roles/copr/frontend/files/httpd.logrotate +++ /dev/null @@ -1,12 +0,0 @@ -# managed by Ansible - -/var/log/httpd/*log { - missingok - compress - rotate 5 - notifempty - sharedscripts - postrotate - /bin/systemctl reload httpd.service > /dev/null 2>/dev/null || true - endscript -} diff --git a/roles/copr/frontend/tasks/main.yml b/roles/copr/frontend/tasks/main.yml deleted file mode 100644 index c405a80770..0000000000 --- a/roles/copr/frontend/tasks/main.yml +++ /dev/null @@ -1,93 +0,0 @@ ---- -- name: install copr-frontend packages - package: name={{ item }} state=present - with_items: - - copr-frontend - # workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1622513 - - python3-requests - tags: - - copr - - packages - -- name: install copr configs - template: src=copr.conf dest=/etc/copr/copr.conf mode=600 - notify: - - reload httpd - tags: - - copr - - config - -- name: copy apache files to conf.d (templates) - template: src=httpd.conf dest=/etc/httpd/conf.d/coprs.conf - notify: - - reload httpd - tags: - - copr - - config - -- name: set staging banner for staging instance - when: env == 'staging' - copy: src=banner-include.html dest=/var/lib/copr/ - tags: - - copr - - config - -# https://bugzilla.redhat.com/show_bug.cgi?id=1535689 -- name: Allow execmem for Apache - seboolean: - name: httpd_execmem - state: yes - persistent: yes - tags: - - copr - - selinux - -- name: install httpd logrotate - copy: src="httpd.logrotate" dest="/etc/logrotate.d/httpd" - -- name: enable and start httpd - service: name=httpd state=started enabled=yes - tags: - - copr - - service - - # FIXME mizdebsk 2018-09-07: copr-frontend package available in - # f28-updates and f28-infra is too old and it doesn't have - # pagure-events.service service - a newer copr-frontend version - # should be added to one of these tags. -- name: enable and start pagure-events - service: name=pagure-events enabled=yes state=started - when: not 'pagure-events.service is missing in latest copr-frontend rpm in f28 repos' - tags: - - copr - - service - - # FIXME mizdebsk 2018-09-07: This task is currently disabled because - # admin status should be treated as application data and does not - # need to be Ansible-managed. If it really needs to stay in Ansible - # then 1) the task shoud be fixed not to report changes and 2) it - # should allow setting different admins for staging and production. -- name: set up admins - command: ./manage.py alter_user --admin {{ item }} - become: yes - become_user: copr-fe - args: - chdir: /usr/share/copr/coprs_frontend/ - when: not 'admin status is application data, not config' - with_items: - - msuchy - - sgallagh - - spot - - nb - - kevin - - # FIXME mizdebsk 2018-09-07: This task is currently disabled because - # it is not idempotent - index rebuilding should probably be part of - # upgrade playbook, not deployment playbook. -- name: rebuild indexes - command: ./manage.py update_indexes - become: yes - become_user: copr-fe - args: - chdir: /usr/share/copr/coprs_frontend/ - when: not 'index rebuilding is not idempotent' diff --git a/roles/copr/frontend/templates/copr.conf b/roles/copr/frontend/templates/copr.conf deleted file mode 100644 index b0b0c6e11e..0000000000 --- a/roles/copr/frontend/templates/copr.conf +++ /dev/null @@ -1,96 +0,0 @@ -# Directory and files where is stored Copr database files -DATA_DIR = '/var/lib/copr/data' -DATABASE = '/var/lib/copr/data/copr.db' -OPENID_STORE = '/var/lib/copr/data/openid_store' -WHOOSHEE_DIR = '/var/lib/copr/data/whooshee' -WHOOSHEE_MIN_STRING_LEN = 2 -WHOOSHEE_WRITER_TIMEOUT = 10 - -SECRET_KEY = '{{ copr_secret_key }}' -BACKEND_PASSWORD = '{{ copr_backend_password }}' -BACKEND_BASE_URL = '{{ backend_base_url }}' - -# restrict access to a set of users -#USE_ALLOWED_USERS = False -#ALLOWED_USERS = ['bonnie', 'clyde'] - -SQLALCHEMY_DATABASE_URI = 'postgresql+psycopg2://copruser:{{ copruser_db_password }}@db01/copr' - -# Token length, defaults to 30 (max 255) -#API_TOKEN_LENGTH = 30 - -# Expiration of API token in days -#API_TOKEN_EXPIRATION = 180 - -# logging options -#SEND_LOGS_TO = ['root@localhost'] -#LOGGING_LEVEL = 'info' - -DEBUG = False -SQLALCHEMY_ECHO = False - -CSRF_ENABLED = True -WTF_CSRF_ENABLED = True - -# send emails when user's perms change in project? -SEND_EMAILS = True - -PUBLIC_COPR_HOSTNAME = "{{ copr_frontend_public_hostname }}" - -LOG_FILENAME = "/var/log/copr-frontend/frontend.log" -LOG_DIR = "/var/log/copr-frontend/" - -# to accept stat events from logstash -INTRANET_IPS = {{ copr_backend_ips }} - -REPO_GPGCHECK = 1 - -PUBLIC_COPR_BASE_URL = "https://{{ copr_frontend_public_hostname }}" - -# URLs for fedmenu -FEDMENU_URL = "https://apps{{ env_suffix }}.fedoraproject.org/fedmenu/" -FEDMENU_DATA_URL = "https://apps{{ env_suffix }}.fedoraproject.org/js/data.js" - -ENFORCE_PROTOCOL_FOR_BACKEND_URL = "https" -ENFORCE_PROTOCOL_FOR_FRONTEND_URL = "https" - -DIST_GIT_URL="https://{{ dist_git_base_url }}/cgit" -DIST_GIT_CLONE_URL="https://{{ dist_git_base_url }}/git" -COPR_DIST_GIT_LOGS_URL = "https://{{ dist_git_base_url }}/per-task-logs" - -# no need to filter cla_* groups, they are already filtered by fedora openid -BLACKLISTED_GROUPS = ['fedorabugs', 'packager', 'provenpackager'] - -DEFER_BUILD_SECONDS = 300 - -ENABLE_DISCUSSION = True -DISCOURSE_URL = "https://discussion.fedoraproject.org/" - -# We may have a (temporary) chroot that doesn't correspond with /etc/os-release -# on a client system, e.g. "rhelbeta-8" chroots in Copr which doesn't match to -# any real system, instead it is a temporary alias for "epel-8". In such case, -# set this to {"epel-8": "rhelbeta-8"} -CHROOT_NAME_RELEASE_ALIAS = {"epel-8": "rhelbeta-8"} -{% if whitelist_emails is defined %} - -ALLOWLIST_EMAILS = [ -{% for recipient in whitelist_emails %} - "{{ recipient }}", -{% endfor %} -] -{% endif %} - -PAGURE_EVENTS = { -{% if copr_pagure_events %} -{% for instance, url in copr_pagure_events.items() %} -{% for topic in [ - 'git.receive', - 'pull-request.new', - 'pull-request.rebased', - 'pull-request.updated', - 'pull-request.comment.added'] %} - '{{ instance }}.{{ topic }}' : '{{ url }}', -{% endfor %} -{% endfor %} -{% endif %} -} diff --git a/roles/copr/frontend/templates/httpd.conf b/roles/copr/frontend/templates/httpd.conf deleted file mode 100644 index eaed6e248e..0000000000 --- a/roles/copr/frontend/templates/httpd.conf +++ /dev/null @@ -1,27 +0,0 @@ -WSGIDaemonProcess 127.0.0.1 user=copr-fe group=copr-fe threads=15 display-name=other maximum-requests=8000 graceful-timeout=20 -WSGIDaemonProcess api user=copr-fe group=copr-fe threads=15 display-name=api maximum-requests=8000 graceful-timeout=20 -WSGIDaemonProcess backend user=copr-fe group=copr-fe threads=15 display-name=backend maximum-requests=8000 graceful-timeout=20 -WSGIDaemonProcess stats user=copr-fe group=copr-fe threads=15 display-name=stats maximum-requests=8000 graceful-timeout=20 -WSGIDaemonProcess tmp user=copr-fe group=copr-fe threads=15 display-name=tmp maximum-requests=8000 graceful-timeout=20 -WSGIScriptAlias / /usr/share/copr/coprs_frontend/application - -ServerName {{ inventory_hostname }} -WSGIPassAuthorization On - - - WSGIProcessGroup 127.0.0.1 - - - - WSGIApplicationGroup %{GLOBAL} - Require all granted - - - - StartServers 8 - MinSpareServers 8 - MaxSpareServers 20 - MaxClients 50 - MaxRequestsPerChild 10000 - -