basset: retire no longer deployed service

Signed-off-by: Kevin Fenzi <kevin@scrye.com>

playbooks/groups/basset.yml

@@ -1,41 +0,0 @@
-# create a new basset server
-
-- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml"
-  vars:
-    myhosts: "basset:basset_stg"
-
-- name: make the box be real
-  hosts: basset:basset_stg
-  user: root
-  gather_facts: True
-
-  vars_files:
-   - /srv/web/infra/ansible/vars/global.yml
-   - "/srv/private/ansible/vars.yml"
-   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
-
-  roles:
-  - base
-  - rkhunter
-  - nagios_client
-  - hosts
-  - { role: openvpn/client,
-      when: env != "staging" }
-  - ipa/client
-  - collectd/base
-  - rsyncd
-  - sudo
-  - mongodb
-  - rabbitmq
-  - mod_wsgi
-  - basset/frontend
-  - basset/worker
-
-  pre_tasks:
-  - import_tasks: "{{ tasks_path }}/yumrepos.yml"
-
-  tasks:
-  - import_tasks: "{{ tasks_path }}/motd.yml"
-
-  handlers:
-  - import_tasks: "{{ handlers_path }}/restart_services.yml"

roles/basset/frontend/files/basset.conf

@@ -1,15 +0,0 @@
-WSGIDaemonProcess basset user=basset-frontend group=basset-frontend threads=5
-WSGIScriptAlias /basset /usr/share/basset/basset-frontend
-
-<Location /basset>
-    AuthType basic
-    AuthName "Basset Frontend"
-    AuthUserFile "/etc/httpd/conf.d/basset.htpasswd"
-    Require valid-user
-</Location>
-
-<Directory /usr/share/basset>
-    WSGIProcessGroup basset
-    WSGIApplicationGroup %{GLOBAL}
-    Require all granted
-</Directory>

roles/basset/frontend/tasks/main.yml

@@ -1,57 +0,0 @@
-- name: install needed packages
-  package: name={{ item }} state=present
-  with_items:
-  - basset-frontend
-  tags:
-  - basset
-  - basset/frontend
-
-- name: start httpd
-  service: name=httpd state=started
-
-- name: install basset config
-  template: src=frontend.cfg.j2 dest=/etc/basset/frontend.cfg
-            owner=basset-frontend group=basset-frontend mode=0600
-  notify:
-  - restart apache
-  tags:
-  - basset
-  - basset/frontend
-
-- name: install staging htpasswd
-  copy: src={{private}}/files/httpd/basset.stg.htpasswd dest=/etc/httpd/conf.d/basset.htpasswd
-        owner=root group=root mode=0644
-  when: env == "staging"
-  notify:
-  - restart apache
-  tags:
-  - basset
-  - basset/frontend
-
-- name: install prod htpasswd
-  copy: src={{private}}/files/httpd/basset.prod.htpasswd dest=/etc/httpd/conf.d/basset.htpasswd
-        owner=root group=root mode=0644
-  when: env != "staging"
-  notify:
-  - restart apache
-  tags:
-  - basset
-  - basset/frontend
-
-- name: set sebooleans so basset-frontend can talk to the broker
-  seboolean: name=httpd_can_network_connect
-                    state=true
-                    persistent=true
-  tags:
-  - basset
-  - basset/frontend
-  - selinux
-
-- name: install frontend config
-  copy: src=basset.conf dest=/etc/httpd/conf.d/basset.conf
-        owner=root group=root mode=0644
-  notify:
-  - restart apache
-  tags:
-  - basset
-  - basset/frontend

roles/basset/frontend/templates/frontend.cfg.j2

@@ -1,23 +0,0 @@
-[submission_access]
-{% if env == "staging" %}
-10.5.128.188 = mediawiki.new,mediawiki.edit
-10.5.128.129 = fedora.fas.registration,fedora.fas.cla_sign
-10.5.128.74 = fedora.fas.registration,fedora.fas.cla_sign
-10.5.128.74 = fedora.fas.registration,fedora.fas.cla_sign
-10.5.128.104 = fedora.fas.registration,fedora.fas.cla_sign
-10.5.128.105 = fedora.fas.registration,fedora.fas.cla_sign
-10.5.128.106 = fedora.fas.registration,fedora.fas.cla_sign
-10.5.128.107 = fedora.fas.registration,fedora.fas.cla_sign
-{% else %}
-10.5.126.63 = mediawiki.new,mediawiki.edit
-10.5.126.73 = mediawiki.new,mediawiki.edit
-10.5.126.25 = fedora.fas.registration,fedora.fas.cla_sign
-10.5.126.26 = fedora.fas.registration,fedora.fas.cla_sign
-10.5.126.30 = fedora.fas.registration,fedora.fas.cla_sign
-10.5.126.248 = fedora.fas.registration,fedora.fas.cla_sign
-10.5.126.164 = fedora.fas.registration,fedora.fas.cla_sign
-10.5.126.165 = fedora.fas.registration,fedora.fas.cla_sign
-10.5.126.166 = fedora.fas.registration,fedora.fas.cla_sign
-10.5.126.167 = fedora.fas.registration,fedora.fas.cla_sign
-192.168.1.16 = trac.ticket.new,trac.ticket.update,trac.ticket.delete,trac.wiki.page.new,trac.wiki.page.update,trac.wiki.page.delete,trac.wiki.page.version.delete,trac.wiki.page.rename,trac.attachment.added,trac.attachment.deleted,trac.attachment.reparented
-{% endif %}

roles/basset/worker/files/basset-worker

@@ -1,164 +0,0 @@
-#!/usr/bin/python2
-# Copyright (c) 2016, Patrick Uiterwijk <patrick@puiterwijk.org>
-# All rights reserved.
-#
-# This file is part of Basset.
-#
-# Basset is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# Basset is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with Basset.  If not, see <http://www.gnu.org/licenses/>.
-
-import ConfigParser
-import json
-import logging
-import requests
-import pika
-import sys
-import time as time_module
-
-from basset import Core
-
-run_once = False
-run_test = False
-run_manual = False
-if len(sys.argv) > 1:
-    if sys.argv[1] == 'once':
-        run_once = True
-    elif sys.argv[1] == 'test':
-        run_once = True
-        run_test = True
-    elif sys.argv[1] == 'manual':
-        run_manual = True
-
-config = ConfigParser.SafeConfigParser()
-config.read(['worker.default.cfg',
-             '/etc/basset/worker.default.cfg',
-             'worker.cfg',
-             '/etc/basset/worker.cfg'])
-
-logging.basicConfig(level=logging.DEBUG)
-log = logging.getLogger(__name__)
-
-core = Core(config)
-
-args = {key: val for key, val in config.items('rabbitmq')} if config.has_section('rabbitmq') else {}
-params = pika.ConnectionParameters(**args)
-connection = pika.BlockingConnection(params)
-channel = connection.channel()
-channel.queue_declare('check_submission', durable=True)
-
-def callback(ch, method, properties, body):
-    body = json.loads(body)
-    log.debug('Received message %s' % body)
-    action = body.get('action', 'unknown')
-    time = body.get('time', 0)
-    data = body.get('data')
-    requeued = body.get('requeued')
-
-    if requeued and requeued > (time_module.time() - 2000):
-        # Probably the same message as the last one
-        log.warning('Arrived at same message. Delaying processing')
-        time_module.sleep(1)
-
-    mid = None
-    if not run_test and requeued is None:
-        mid = core.store_message(action, time, data)
-        log.debug('Stored message id: %s' % mid)
-
-    override = None
-    if run_manual:
-        print 'Data: %s' % data
-        decisions = core.process_message(action, time, data,
-                                         None)
-        print 'Would do: %s' % decisions
-        override = raw_input('Override [Cancel/use/approve/reject/skip]: ')
-        override = override.lower()
-        if override not in ['use', 'approve', 'reject', 'skip']:
-            print 'Aborting'
-            sys.exit(0)
-            raise Exception('Aborted')
-
-    if override == 'skip':
-        decisions = None
-    else:
-        if override and override != 'use':
-            # This turns override into None/True/False
-            override = override == 'approve'
-        else:
-            override = None
-        decisions = core.process_message(action, time, data,
-                                         override)
-
-        log.debug('Decisions: %s' % decisions)
-    if run_test:
-        raise Exception('Generated decisions')
-
-    if decisions is None:
-        # Requeue at the back
-        log.info("Requeued message because no decisions were generated")
-        channel.basic_publish(exchange='',
-                              routing_key='check_submission',
-                              body=json.dumps({
-                                'action': action,
-                                'time': time,
-                                'data': data,
-                                'requeued': time_module.time()
-                              }),
-                              properties=pika.BasicProperties(
-                                delivery_mode=2
-                              ))
-        ch.basic_ack(delivery_tag = method.delivery_tag)
-    else:
-        if isinstance(decisions, dict):
-            decisions = [decisions]
-
-        log.debug('Storing decisions')
-        if mid:
-            mids = core.store_decisions(mid, decisions)
-            log.debug('Decision IDs: %s' % ', '.join(mids))
-        log.debug('Processing decision')
-        if core.process_decisions(decisions) is True:
-            log.debug('Decision processed. Acknowledging')
-            ch.basic_ack(delivery_tag = method.delivery_tag)
-        else:
-            log.error('Error reported during processing')
-            channel.basic_publish(exchange='',
-                              routing_key='check_submission',
-                              body=json.dumps({
-                                'action': action,
-                                'time': time,
-                                'data': data,
-                                'requeued': time_module.time()
-                              }),
-                              properties=pika.BasicProperties(
-                                delivery_mode=2
-                              ))
-            ch.basic_ack(delivery_tag = method.delivery_tag)
-    log.debug('Message processed')
-    if run_once:
-        raise Exception('Single message processed')
-    # If we get here without there having been made a decission and acted
-    # upon that decission, that means we did not fully process this message.
-    # Since we did not acknowledge the message, that means the queue will
-    # increase, and if monitoring is setup that means admins will be warned.
-
-# Make sure we leave any other messages in the queue
-channel.basic_qos(prefetch_count=1)
-channel.basic_consume('check_submission', callback)
-#                      queue='check_submission')
-
-try:
-    log.debug('Starting consuming')
-    channel.start_consuming()
-except KeyboardInterrupt:
-    channel.cancel()
-    connection.close()

roles/basset/worker/tasks/main.yml

@@ -1,29 +0,0 @@
-- name: install needed packages
-  package: name={{ item }} state=present
-  with_items:
-  - basset
-  tags:
-  - basset
-  - basset/worker
-
-- name: install worker config
-  template: src={{private}}/files/basset/worker.cfg.j2 dest=/etc/basset/worker.cfg
-            mode=0600 owner=basset-worker group=basset-worker
-  notify:
-  - restart basset-worker
-  tags:
-  - basset
-  - basset/worker
-
-- name: hotfix basset-worker
-  copy: src=basset-worker dest=/usr/bin/basset-worker owner=root group=root mode=0755
-  tags:
-  - hotfix
-  - basset
-  - basset/worker
-
-- name: start basset worker
-  service: name=basset-worker state=started enabled=yes
-  tags:
-  - basset
-  - basset/worker

roles/mongodb/tasks/main.yml

@@ -1,11 +0,0 @@
-- name: install needed packages
-  package: name={{ item }} state=present
-  with_items:
-  - mongodb-server
-  tags: mongodb
-
-# mongod is the single daemon. mongos is a sharded cluster router,
-# but just plain mongod is good enough for now
-- name: start mongodb
-  service: name=mongod state=started enabled=yes
-  tags: mongodb

roles/nagios_client/templates/check_basset.cfg.j2

@@ -1,4 +1,2 @@
 command[check_mongo_proc]={{ libdir }}/nagios/plugins/check_procs -s RSD -u mongodb -C mongod -c 1:1
 command[check_rabbitmq_proc]={{ libdir }}/nagios/plugins/check_procs -s RSD -u rabbitmq -C beam.smp -c 1:1
-command[check_worker_proc]={{ libdir }}/nagios/plugins/check_procs -s RSD -u basset-worker -C basset-worker -c 1:6
-command[check_basset_queue]={{ libdir }}/nagios/plugins/check_rabbitmq_size check_submission 10 20