fas3_server: delete unused role

Signed-off-by: Clement Verna <cverna@tutanota.com>
2019-04-19 16:09:15 +02:00 · 2019-04-19 16:09:15 +02:00 · 9e4841a3e0
commit 9e4841a3e0
parent b37db2fb8d
8 changed files with 6 additions and 357 deletions
--- a/inventory/host_vars/fas3-dev.fedorainfracloud.org
+++ b/inventory/host_vars/fas3-dev.fedorainfracloud.org
@ -1,18 +0,0 @@
 ---
 image: rhel7-20141015
 instance_type: m1.small
 keypair: fedora-admin-20130801
 security_group: ssh-anywhere-persistent,web-80-anywhere-persistent,default,all-icmp-persistent
 zone: nova
 tcp_ports: [22, 80, 443]
 inventory_tenant: persistent
 inventory_instance_name: fas3-dev
 hostbase: fas3-dev
 public_ip: 209.132.184.64
 root_auth_users: laxathom
 description: fas3 development instance
 cloud_networks:
  # persistent-net
  - net-id: "67b77354-39a4-43de-b007-bb813ac5c35f"
--- a/master.yml
+++ b/master.yml
@ -134,7 +134,6 @@
 - import_playbook: /srv/web/infra/ansible/playbooks/hosts/developer.fedorainfracloud.org.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/hosts/elastic-dev.fedorainfracloud.org.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/hosts/fas2-dev.fedorainfracloud.org.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/hosts/fas3-dev.fedorainfracloud.org.yml
 #- import_playbook: /srv/web/infra/ansible/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/hosts/fedora-bootstrap.fedorainfracloud.org.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/hosts/fedimg-dev.fedorainfracloud.org.yml
--- a/playbooks/hosts/fas3-dev.fedorainfracloud.org.yml
+++ b/playbooks/hosts/fas3-dev.fedorainfracloud.org.yml
@ -1,32 +0,0 @@
 - name: check/create instance
  hosts: fas3-dev.fedorainfracloud.org
  gather_facts: False
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - /srv/private/ansible/vars.yml
   - /srv/web/infra/ansible/vars/fedora-cloud.yml
   - /srv/private/ansible/files/openstack/passwords.yml
  tasks:
  - import_tasks: "{{ tasks_path }}/persistent_cloud.yml"
  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"
 - name: setup all the things
  hosts: fas3-dev.fedorainfracloud.org
  gather_facts: True
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - /srv/private/ansible/vars.yml
   - /srv/private/ansible/files/openstack/passwords.yml
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  pre_tasks:
  - import_tasks: "{{ tasks_path }}/cloud_setup_basic.yml"
  - name: set hostname (required by some services, at least postfix need it)
    hostname: name="{{inventory_hostname}}"
  roles:
  - basessh
--- a/playbooks/include/proxies-reverseproxy.yml
+++ b/playbooks/include/proxies-reverseproxy.yml
@ -650,14 +650,6 @@
    proxyurl: http://localhost:10051
    when: env == "staging"
  - role: httpd/reverseproxy
    website: admin.fedoraproject.org
    destname: fas3
    remotepath: /fas3
    localpath: /fas3
    proxyurl: http://localhost:10052
    when: env == "staging"
  - role: httpd/reverseproxy
    website: mbs.fedoraproject.org
    destname: mbs
--- a/roles/fas3_server/files/accounts.conf
+++ b/roles/fas3_server/files/accounts.conf
@ -1,31 +0,0 @@
 # File Start
 WSGISocketPrefix run/wsgi
 WSGIRestrictStdout On
 WSGIPassAuthorization On
 WSGIApplicationGroup %{GLOBAL}
 # These are the real tunables
 #WSGIDaemonProcess daemon processes=2 threads=2 maximum-requests=1000 user=fas group=fas display-name=fas inactivity-timeout=30
 WSGIDaemonProcess fas  processes=2 threads=2 maximum-requests=1000 user=fas display-name=fas inactivity-timeout=30
 WSGIPythonOptimize 1
 WSGIScriptAlias /fas3 /usr/sbin/fas.wsgi
 <Location /fas3>
    WSGIProcessGroup fas
    Order deny,allow
    Allow from all
 </Location>
 Alias /fas3/static /usr/share/fas/themes/fedoraproject/
 <Directory /usr/share/fas/themes/fedoraproject/>
  Require all granted
 </Directory>
 <Directory /usr/sbin>
  Require all granted
 </Directory>
 ErrorLog logs/fas-error.log
--- a/roles/fas3_server/files/copr.repo
+++ b/roles/fas3_server/files/copr.repo
@ -1,8 +0,0 @@
 [codeblock-fas3]
 name=Copr repo for fas3 owned by codeblock
 baseurl=https://copr-be.cloud.fedoraproject.org/results/codeblock/fas3/epel-7-$basearch/
 skip_if_unavailable=True
 gpgcheck=1
 gpgkey=https://copr-be.cloud.fedoraproject.org/results/codeblock/fas3/pubkey.gpg
 enabled=1
 enabled_metadata=1
--- a/roles/fas3_server/tasks/main.yml
+++ b/roles/fas3_server/tasks/main.yml
@ -1,55 +0,0 @@
 ---
 # Tasks to set up fas3_server
 - name: add temporary copr repo
  copy: src=copr.repo dest=/etc/yum.repos.d/copr.repo
  tags:
  - config
  - packages
  - yumrepos
 - name: install needed packages
  package: name={{ item }} state=present
  with_items:
  - fas
  - fas-theme-fedoraproject
  - httpd
  - mod_wsgi
  - python-psycopg2
  tags:
  - packages
  - fas3
 - name: enable httpd_can_network_connect selinux boolean
  seboolean: name={{ item }} state=yes persistent=yes
  with_items:
  - httpd_can_network_connect
  tags:
  - config
  - fas3
 - name: install /etc/httpd/conf.d/accounts.conf file
  copy: >
    src="accounts.conf"
    dest="/etc/httpd/conf.d/accounts.conf"
    owner=root
    group=root
    mode=0644
  notify:
  - reload httpd
  tags:
  - config
  - fas3
 - name: install /etc/fas/production.ini file
  template: >
    src="production.ini"
    dest="/etc/fas/production.ini"
    owner=root
    group=root
    mode=0644
  notify:
  - reload httpd
  tags:
  - config
  - fas3
--- a/roles/fas3_server/templates/production.ini
+++ b/roles/fas3_server/templates/production.ini
@ -1,198 +0,0 @@
 ###
 # app configuration
 # http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/environment.html
 ###
 [filter:proxy-prefix]
 use = egg:PasteDeploy#prefix
 prefix = /fas3
 scheme = https
 [app:main]
 use = egg:fas
 filter-with = proxy-prefix
 project.name = fedoraproject
 project.organisation = Fedora Project
 project.admin = fas-admin
 project.moderator = accounts-modo
 project.group.admin = sysadmin
 project.domain.name = fedoraproject.org
 project.url = https://admin.stg.fedoraproject.org/fas3/
 project.admin.email = admin@fedoraproject.org
 project.group.cert.always_renew = false
 project.api.data.secret = {{fas3_stg_project_api_data_secret}}
 geoip.4.data.city = /usr/share/GeoIP/GeoLiteCity.dat
 geoip.6.data.city = /usr/share/GeoIP/GeoLiteCityv6.dat
 # Captcha - if 'captcha.secret' is not None, then it will be used for comments
 # captcha.secret must be 32 url-safe base64-encoded bytes
 # you can generate a fresh one with >>> cryptography.fernet.Fernet.generate_key()
 captcha.secret = {{fas3_captcha_secret}}
 captcha.image.width = 300
 captcha.image.height = 80
 # Any truetype font will do.
 captcha.font.path = /usr/share/fonts/liberation/LiberationMono-Regular.ttf
 captcha.font.size = 36
 captcha.font.color = #000000
 captcha.font.padding = 5
 captcha.background.color = #ffffff
 captcha.encoding = utf-8
 # If a captcha sits around for this many seconds, it will stop working.
 captcha.ttl = 300
 github.organization = fedora-infra
 github.client.user-agent = Fedora Project\FAS 3.0
 github.client.id =
 github.client.secret =
 github.token =
 ###
 # Session settings
 ###
 session.max_age = 1200
 session.timeout = 120
 session.renew_time = 20
 session.secret = {{fas3_stg_session_secret}}
 session.auth.timeout = 1200
 session.auth.digest = sha512
 session.auth.secret = {{fas3_stg_session_auth_secret}}
 cache.max_age = 3600
 ###
 # Log-in settings
 ###
 login.failed_attempt = 3
 # Set account lock timeout in minute
 login.lock.timeout = 15
 user.security_change.timeout = 60
 ###
 # Database settings
 ###
 sqlalchemy.url = postgresql://{{fas3_stg_user}}:{{fas3_stg_pass}}@db-fas01.stg:5432/fas3
 #sqlalchemy.url = sqlite:///%(here)s/fas.sqlite
 ###
 # Templates settings
 ###
 mako.directories = fas:templates/fedoraproject
 mako.module_directory = /tmp
 ###
 # i18n
 ###
 locale.default = en
 #locale.available = en_US,en_GB,fr
 ###
 # Blacklist items
 ###
 blacklist.email.domain = fedoraproject.org
 blacklist.country = ["--", "A1", "A2", "AN", "AS", "AX", "BI", "BL", "BV", "CC", "CU", "CV", "CX", "DM", "FK", "FO", "GF", "GG", "GP", "GS", "GW", "HM", "IO", "IR", "IQ", "JE", "KI", "KP", "MF", "MP", "MS", "MW", "NF", "NR", "NU", "PM", "PN", "RE", "SB", "SD", "SH", "SJ", "SY", "TC", "TF", "TK", "TL", "TV", "UM", "VC", "VG", "WF", "YT"]
 blacklist.username = "abuse,accounts,adm,admin,amanda,apache,askfedora,asterisk,bin,board,bodhi2,canna,chair,chairman,cvsdirsec,cvsdocs,cvseclipse,cvsextras,cvsfont,daemon,dbus,decode,desktop,dgilmore,directors,dovecot,dumper,fama,famsco,fax,fedora,fedorarewards,fesco,freemedia,ftbfs,ftp,ftpadm,ftpadmin,games,gdm,gopher,gregdek,halt,hostmaster,ident,info,ingres,jaboutboul,jan,keys,kojiadmin,ldap,legal,logo,lp,mail,mailnull,manager,marketing,mysql,nagios,named,netdump,news,newsadm,newsadmin,nfsnobody,nobody,noc,nrpe,nscd,ntp,nut,openvideo,operator,packager,pcap,pkgdb,pkgsigner,postfix,postgres,postmaster,press,privoxy,pvm,quagga,radiusd,radvd,relnotes,root,rpc,rpcuser,rpm,sales,scholarship,secalert,security,shutdown,smmsp,squid,sshd,support,sync,system,tickets,toor,updates,usenet,uucp,vcsa,vendors,voting,webalizer,webmaster,wikiadmin,wnn,www,xfs,zabbix"
 ###
 # OpenSSL 
 ###
 # Valid TYPE value:
 # 6: RSA
 # 5: DSA
 certificate.type = 6
 certificate.digest = sha256
 certificate.size = 2048
 certificate.expiry = 15552000
 certificate.public_exponent = 65537
 # example:
 # 60*60*24*180 = 6 months
 # By default, the toolbar only appears for clients from IP addresses
 # '127.0.0.1' and '::1'.
 # debugtoolbar.hosts = 127.0.0.1 ::1
 ###
 # Pyramid settings
 ###
 pyramid.reload_templates = true
 pyramid.debug_authorization = false
 pyramid.debug_notfound = false
 pyramid.debug_routematch = false
 pyramid.default_locale_name = en
 pyramid.includes =
    pyramid_mako
    pyramid_tm
 ###
 # Email notifications settings
 ###
 email.smtp.server = localhost
 email.from = Fedora Account System <noreply@fedoraproject.org>
 email.subject_prefix = [Staging Env]
 ###
 # Fedmenu stuff
 ###
 fedmenu.url = https://apps.fedoraproject.org/fedmenu
 fedmenu.data_url = https://apps.fedoraproject.org/js/data.js
 [app:plugins]
 ###
 # wsgi server configuration
 ###
 [server:main]
 use = egg:waitress#main
 host = 0.0.0.0
 port = 6543
 #port = 80
 ###
 # logging configuration
 # http://docs.pylonsproject.org/projects/pyramid/en/latest/narr/logging.html
 ###
 [loggers]
 keys = root, fas, sqlalchemy
 [handlers]
 keys = console
 [formatters]
 keys = generic
 [logger_root]
 level = DEBUG
 handlers = console
 [logger_fas]
 level = DEBUG
 handlers =
 qualname = fas
 [logger_sqlalchemy]
 level = WARN
 handlers =
 qualname = sqlalchemy.engine
 # "level = INFO" logs SQL queries.
 # "level = DEBUG" logs SQL queries and results.
 # "level = WARN" logs neither.  (Recommended for production systems.)
 [handler_console]
 class = StreamHandler
 args = (sys.stderr,)
 level = DEBUG
 formatter = generic
 #class = rainbow_logging_handler.RainbowLoggingHandler
 [formatter_generic]
 format = %(asctime)s %(levelname)-5.5s [%(threadName)s:%(process)s][%(name)s:%(module)s][%(funcName)s:%(lineno)s] %(message)s