From 9e4841a3e01c89d3baf627778d8aaaaaaf340b44 Mon Sep 17 00:00:00 2001 From: Clement Verna Date: Fri, 19 Apr 2019 16:09:15 +0200 Subject: [PATCH] fas3_server: delete unused role Signed-off-by: Clement Verna --- .../host_vars/fas3-dev.fedorainfracloud.org | 18 -- master.yml | 13 +- .../hosts/fas3-dev.fedorainfracloud.org.yml | 32 --- playbooks/include/proxies-reverseproxy.yml | 8 - roles/fas3_server/files/accounts.conf | 31 --- roles/fas3_server/files/copr.repo | 8 - roles/fas3_server/tasks/main.yml | 55 ----- roles/fas3_server/templates/production.ini | 198 ------------------ 8 files changed, 6 insertions(+), 357 deletions(-) delete mode 100644 inventory/host_vars/fas3-dev.fedorainfracloud.org delete mode 100644 playbooks/hosts/fas3-dev.fedorainfracloud.org.yml delete mode 100644 roles/fas3_server/files/accounts.conf delete mode 100644 roles/fas3_server/files/copr.repo delete mode 100644 roles/fas3_server/tasks/main.yml delete mode 100644 roles/fas3_server/templates/production.ini diff --git a/inventory/host_vars/fas3-dev.fedorainfracloud.org b/inventory/host_vars/fas3-dev.fedorainfracloud.org deleted file mode 100644 index b15a4a2657..0000000000 --- a/inventory/host_vars/fas3-dev.fedorainfracloud.org +++ /dev/null @@ -1,18 +0,0 @@ ---- -image: rhel7-20141015 -instance_type: m1.small -keypair: fedora-admin-20130801 -security_group: ssh-anywhere-persistent,web-80-anywhere-persistent,default,all-icmp-persistent -zone: nova -tcp_ports: [22, 80, 443] - -inventory_tenant: persistent -inventory_instance_name: fas3-dev -hostbase: fas3-dev -public_ip: 209.132.184.64 -root_auth_users: laxathom -description: fas3 development instance - -cloud_networks: - # persistent-net - - net-id: "67b77354-39a4-43de-b007-bb813ac5c35f" diff --git a/master.yml b/master.yml index 37bee1cca5..0353da09af 100644 --- a/master.yml +++ b/master.yml @@ -1,19 +1,19 @@ --- # -# This is the master playbook. It includes all the other playbooks. -# Usually you would call it with a -t tagname to only run a specific tag -# over all machines. +# This is the master playbook. It includes all the other playbooks. +# Usually you would call it with a -t tagname to only run a specific tag +# over all machines. # -# some common ones: +# some common ones: # -t fedmsgconfig -> runs fedmsg/base config over all playbooks -# -t apache -> run when tasks/apache.yml changes. +# -t apache -> run when tasks/apache.yml changes. # # # group playbooks # - import_playbook: /srv/web/infra/ansible/playbooks/groups/arm-qa.yml -- import_playbook: /srv/web/infra/ansible/playbooks/groups/autocloud-backend.yml +- import_playbook: /srv/web/infra/ansible/playbooks/groups/autocloud-backend.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/autocloud-web.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/backup-server.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/badges-backend.yml @@ -134,7 +134,6 @@ - import_playbook: /srv/web/infra/ansible/playbooks/hosts/developer.fedorainfracloud.org.yml - import_playbook: /srv/web/infra/ansible/playbooks/hosts/elastic-dev.fedorainfracloud.org.yml - import_playbook: /srv/web/infra/ansible/playbooks/hosts/fas2-dev.fedorainfracloud.org.yml -- import_playbook: /srv/web/infra/ansible/playbooks/hosts/fas3-dev.fedorainfracloud.org.yml #- import_playbook: /srv/web/infra/ansible/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml - import_playbook: /srv/web/infra/ansible/playbooks/hosts/fedora-bootstrap.fedorainfracloud.org.yml - import_playbook: /srv/web/infra/ansible/playbooks/hosts/fedimg-dev.fedorainfracloud.org.yml diff --git a/playbooks/hosts/fas3-dev.fedorainfracloud.org.yml b/playbooks/hosts/fas3-dev.fedorainfracloud.org.yml deleted file mode 100644 index fea251f09c..0000000000 --- a/playbooks/hosts/fas3-dev.fedorainfracloud.org.yml +++ /dev/null @@ -1,32 +0,0 @@ -- name: check/create instance - hosts: fas3-dev.fedorainfracloud.org - gather_facts: False - - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - /srv/private/ansible/vars.yml - - /srv/web/infra/ansible/vars/fedora-cloud.yml - - /srv/private/ansible/files/openstack/passwords.yml - - tasks: - - import_tasks: "{{ tasks_path }}/persistent_cloud.yml" - - handlers: - - import_tasks: "{{ handlers_path }}/restart_services.yml" - -- name: setup all the things - hosts: fas3-dev.fedorainfracloud.org - gather_facts: True - vars_files: - - /srv/web/infra/ansible/vars/global.yml - - /srv/private/ansible/vars.yml - - /srv/private/ansible/files/openstack/passwords.yml - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - pre_tasks: - - import_tasks: "{{ tasks_path }}/cloud_setup_basic.yml" - - name: set hostname (required by some services, at least postfix need it) - hostname: name="{{inventory_hostname}}" - - roles: - - basessh diff --git a/playbooks/include/proxies-reverseproxy.yml b/playbooks/include/proxies-reverseproxy.yml index 0e2fcd56c3..54b3238827 100644 --- a/playbooks/include/proxies-reverseproxy.yml +++ b/playbooks/include/proxies-reverseproxy.yml @@ -650,14 +650,6 @@ proxyurl: http://localhost:10051 when: env == "staging" - - role: httpd/reverseproxy - website: admin.fedoraproject.org - destname: fas3 - remotepath: /fas3 - localpath: /fas3 - proxyurl: http://localhost:10052 - when: env == "staging" - - role: httpd/reverseproxy website: mbs.fedoraproject.org destname: mbs diff --git a/roles/fas3_server/files/accounts.conf b/roles/fas3_server/files/accounts.conf deleted file mode 100644 index af1587916a..0000000000 --- a/roles/fas3_server/files/accounts.conf +++ /dev/null @@ -1,31 +0,0 @@ -# File Start -WSGISocketPrefix run/wsgi - -WSGIRestrictStdout On -WSGIPassAuthorization On -WSGIApplicationGroup %{GLOBAL} - -# These are the real tunables -#WSGIDaemonProcess daemon processes=2 threads=2 maximum-requests=1000 user=fas group=fas display-name=fas inactivity-timeout=30 -WSGIDaemonProcess fas processes=2 threads=2 maximum-requests=1000 user=fas display-name=fas inactivity-timeout=30 -WSGIPythonOptimize 1 - -WSGIScriptAlias /fas3 /usr/sbin/fas.wsgi - - - WSGIProcessGroup fas - Order deny,allow - Allow from all - - -Alias /fas3/static /usr/share/fas/themes/fedoraproject/ - - Require all granted - - - - - Require all granted - - -ErrorLog logs/fas-error.log diff --git a/roles/fas3_server/files/copr.repo b/roles/fas3_server/files/copr.repo deleted file mode 100644 index fe6e64c5cf..0000000000 --- a/roles/fas3_server/files/copr.repo +++ /dev/null @@ -1,8 +0,0 @@ -[codeblock-fas3] -name=Copr repo for fas3 owned by codeblock -baseurl=https://copr-be.cloud.fedoraproject.org/results/codeblock/fas3/epel-7-$basearch/ -skip_if_unavailable=True -gpgcheck=1 -gpgkey=https://copr-be.cloud.fedoraproject.org/results/codeblock/fas3/pubkey.gpg -enabled=1 -enabled_metadata=1 diff --git a/roles/fas3_server/tasks/main.yml b/roles/fas3_server/tasks/main.yml deleted file mode 100644 index d90bfe359b..0000000000 --- a/roles/fas3_server/tasks/main.yml +++ /dev/null @@ -1,55 +0,0 @@ ---- -# Tasks to set up fas3_server - -- name: add temporary copr repo - copy: src=copr.repo dest=/etc/yum.repos.d/copr.repo - tags: - - config - - packages - - yumrepos - -- name: install needed packages - package: name={{ item }} state=present - with_items: - - fas - - fas-theme-fedoraproject - - httpd - - mod_wsgi - - python-psycopg2 - tags: - - packages - - fas3 - -- name: enable httpd_can_network_connect selinux boolean - seboolean: name={{ item }} state=yes persistent=yes - with_items: - - httpd_can_network_connect - tags: - - config - - fas3 - -- name: install /etc/httpd/conf.d/accounts.conf file - copy: > - src="accounts.conf" - dest="/etc/httpd/conf.d/accounts.conf" - owner=root - group=root - mode=0644 - notify: - - reload httpd - tags: - - config - - fas3 - -- name: install /etc/fas/production.ini file - template: > - src="production.ini" - dest="/etc/fas/production.ini" - owner=root - group=root - mode=0644 - notify: - - reload httpd - tags: - - config - - fas3 diff --git a/roles/fas3_server/templates/production.ini b/roles/fas3_server/templates/production.ini deleted file mode 100644 index 0cc6f957b5..0000000000 --- a/roles/fas3_server/templates/production.ini +++ /dev/null @@ -1,198 +0,0 @@ -### -# app configuration -# http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/environment.html -### - -[filter:proxy-prefix] -use = egg:PasteDeploy#prefix -prefix = /fas3 -scheme = https - -[app:main] -use = egg:fas -filter-with = proxy-prefix - -project.name = fedoraproject -project.organisation = Fedora Project -project.admin = fas-admin -project.moderator = accounts-modo -project.group.admin = sysadmin -project.domain.name = fedoraproject.org -project.url = https://admin.stg.fedoraproject.org/fas3/ -project.admin.email = admin@fedoraproject.org -project.group.cert.always_renew = false - -project.api.data.secret = {{fas3_stg_project_api_data_secret}} - -geoip.4.data.city = /usr/share/GeoIP/GeoLiteCity.dat -geoip.6.data.city = /usr/share/GeoIP/GeoLiteCityv6.dat - -# Captcha - if 'captcha.secret' is not None, then it will be used for comments -# captcha.secret must be 32 url-safe base64-encoded bytes -# you can generate a fresh one with >>> cryptography.fernet.Fernet.generate_key() -captcha.secret = {{fas3_captcha_secret}} -captcha.image.width = 300 -captcha.image.height = 80 -# Any truetype font will do. -captcha.font.path = /usr/share/fonts/liberation/LiberationMono-Regular.ttf -captcha.font.size = 36 -captcha.font.color = #000000 -captcha.font.padding = 5 -captcha.background.color = #ffffff -captcha.encoding = utf-8 -# If a captcha sits around for this many seconds, it will stop working. -captcha.ttl = 300 - -github.organization = fedora-infra -github.client.user-agent = Fedora Project\FAS 3.0 -github.client.id = -github.client.secret = -github.token = - -### -# Session settings -### -session.max_age = 1200 -session.timeout = 120 -session.renew_time = 20 -session.secret = {{fas3_stg_session_secret}} -session.auth.timeout = 1200 -session.auth.digest = sha512 -session.auth.secret = {{fas3_stg_session_auth_secret}} - -cache.max_age = 3600 - -### -# Log-in settings -### -login.failed_attempt = 3 -# Set account lock timeout in minute -login.lock.timeout = 15 -user.security_change.timeout = 60 - -### -# Database settings -### -sqlalchemy.url = postgresql://{{fas3_stg_user}}:{{fas3_stg_pass}}@db-fas01.stg:5432/fas3 -#sqlalchemy.url = sqlite:///%(here)s/fas.sqlite - - -### -# Templates settings -### -mako.directories = fas:templates/fedoraproject -mako.module_directory = /tmp - - -### -# i18n -### -locale.default = en -#locale.available = en_US,en_GB,fr - -### -# Blacklist items -### -blacklist.email.domain = fedoraproject.org -blacklist.country = ["--", "A1", "A2", "AN", "AS", "AX", "BI", "BL", "BV", "CC", "CU", "CV", "CX", "DM", "FK", "FO", "GF", "GG", "GP", "GS", "GW", "HM", "IO", "IR", "IQ", "JE", "KI", "KP", "MF", "MP", "MS", "MW", "NF", "NR", "NU", "PM", "PN", "RE", "SB", "SD", "SH", "SJ", "SY", "TC", "TF", "TK", "TL", "TV", "UM", "VC", "VG", "WF", "YT"] -blacklist.username = "abuse,accounts,adm,admin,amanda,apache,askfedora,asterisk,bin,board,bodhi2,canna,chair,chairman,cvsdirsec,cvsdocs,cvseclipse,cvsextras,cvsfont,daemon,dbus,decode,desktop,dgilmore,directors,dovecot,dumper,fama,famsco,fax,fedora,fedorarewards,fesco,freemedia,ftbfs,ftp,ftpadm,ftpadmin,games,gdm,gopher,gregdek,halt,hostmaster,ident,info,ingres,jaboutboul,jan,keys,kojiadmin,ldap,legal,logo,lp,mail,mailnull,manager,marketing,mysql,nagios,named,netdump,news,newsadm,newsadmin,nfsnobody,nobody,noc,nrpe,nscd,ntp,nut,openvideo,operator,packager,pcap,pkgdb,pkgsigner,postfix,postgres,postmaster,press,privoxy,pvm,quagga,radiusd,radvd,relnotes,root,rpc,rpcuser,rpm,sales,scholarship,secalert,security,shutdown,smmsp,squid,sshd,support,sync,system,tickets,toor,updates,usenet,uucp,vcsa,vendors,voting,webalizer,webmaster,wikiadmin,wnn,www,xfs,zabbix" - -### -# OpenSSL -### -# Valid TYPE value: -# 6: RSA -# 5: DSA -certificate.type = 6 -certificate.digest = sha256 -certificate.size = 2048 -certificate.expiry = 15552000 -certificate.public_exponent = 65537 -# example: -# 60*60*24*180 = 6 months - -# By default, the toolbar only appears for clients from IP addresses -# '127.0.0.1' and '::1'. -# debugtoolbar.hosts = 127.0.0.1 ::1 - -### -# Pyramid settings -### -pyramid.reload_templates = true -pyramid.debug_authorization = false -pyramid.debug_notfound = false -pyramid.debug_routematch = false -pyramid.default_locale_name = en -pyramid.includes = - pyramid_mako - pyramid_tm - -### -# Email notifications settings -### - -email.smtp.server = localhost -email.from = Fedora Account System -email.subject_prefix = [Staging Env] - - -### -# Fedmenu stuff -### - -fedmenu.url = https://apps.fedoraproject.org/fedmenu -fedmenu.data_url = https://apps.fedoraproject.org/js/data.js - - -[app:plugins] - -### -# wsgi server configuration -### - -[server:main] -use = egg:waitress#main -host = 0.0.0.0 -port = 6543 -#port = 80 - -### -# logging configuration -# http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/logging.html -### - -[loggers] -keys = root, fas, sqlalchemy - -[handlers] -keys = console - -[formatters] -keys = generic - -[logger_root] -level = DEBUG -handlers = console - -[logger_fas] -level = DEBUG -handlers = -qualname = fas - -[logger_sqlalchemy] -level = WARN -handlers = -qualname = sqlalchemy.engine -# "level = INFO" logs SQL queries. -# "level = DEBUG" logs SQL queries and results. -# "level = WARN" logs neither. (Recommended for production systems.) - -[handler_console] -class = StreamHandler -args = (sys.stderr,) -level = DEBUG -formatter = generic -#class = rainbow_logging_handler.RainbowLoggingHandler - -[formatter_generic] -format = %(asctime)s %(levelname)-5.5s [%(threadName)s:%(process)s][%(name)s:%(module)s][%(funcName)s:%(lineno)s] %(message)s