diff --git a/inventory/service/host_vars/static01.opendev.org.yaml b/inventory/service/host_vars/static01.opendev.org.yaml
index 086f3a8127..a200108c80 100644
--- a/inventory/service/host_vars/static01.opendev.org.yaml
+++ b/inventory/service/host_vars/static01.opendev.org.yaml
@@ -4,6 +4,8 @@ letsencrypt_certs:
- static01.opendev.org
- files.openstack.org
- static.openstack.org
+ static01-ask-openstack-org:
+ - ask.openstack.org
static01-docs-airshipit-org:
- docs.airshipit.org
static01-ci-openstack-org:
diff --git a/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml b/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml
index 7a276cd8f7..02d2add388 100644
--- a/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml
+++ b/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml
@@ -39,6 +39,9 @@
- name: letsencrypt updated static01-opendev-org-main
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
+- name: letsencrypt updated static01-ask-openstack-org
+ include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
+
- name: letsencrypt updated static01-docs-airshipit-org
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
diff --git a/playbooks/roles/static/files/50-ask.openstack.org.conf b/playbooks/roles/static/files/50-ask.openstack.org.conf
new file mode 100644
index 0000000000..dba603e3b3
--- /dev/null
+++ b/playbooks/roles/static/files/50-ask.openstack.org.conf
@@ -0,0 +1,40 @@
+
+ ServerName ask.openstack.org
+ RewriteEngine On
+ RewriteRule ^/(.*) https://ask.openstack.org/$1 [last,redirect=permanent]
+ LogLevel warn
+ ErrorLog /var/log/apache2/ask.openstack.org_error.log
+ CustomLog /var/log/apache2/ask.openstack.org_access.log combined
+ ServerSignature Off
+
+
+
+
+
+ ServerName ask.openstack.org
+
+ DocumentRoot /var/www/ask.openstack.org
+
+ SSLCertificateFile /etc/letsencrypt-certs/ask.openstack.org/ask.openstack.org.cer
+ SSLCertificateKeyFile /etc/letsencrypt-certs/ask.openstack.org/ask.openstack.org.key
+ SSLCertificateChainFile /etc/letsencrypt-certs/ask.openstack.org/ca.cer
+ SSLProtocol All -SSLv2 -SSLv3
+ # Note: this list should ensure ciphers that provide forward secrecy
+ SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!AES256:!aNULL:!eNULL:!MD5:!DSS:!PSK:!SRP
+ SSLHonorCipherOrder on
+
+ Use UserAgentFilter
+
+
+ Options Indexes FollowSymLinks MultiViews
+ AllowOverrideList Redirect RedirectMatch
+ Require all granted
+
+
+ LogLevel warn
+ ErrorLog /var/log/apache2/ask.openstack.org_error.log
+ CustomLog /var/log/apache2/ask.openstack.org_access.log combined
+ ServerSignature Off
+
+
+
diff --git a/playbooks/roles/static/files/ask.openstack.org/index.html b/playbooks/roles/static/files/ask.openstack.org/index.html
new file mode 100644
index 0000000000..d1caa7b67a
--- /dev/null
+++ b/playbooks/roles/static/files/ask.openstack.org/index.html
@@ -0,0 +1,30 @@
+
+
+
+
+
+
+ ask.openstack.org
+
+
+
+
+
+
+ ask.openstack.org
+
+ The ask.openstack.org site was shutdown in May 2021.
+
+ The following options are available for community-based support.
+
+
+
+
+
+
diff --git a/playbooks/roles/static/tasks/50-ask.openstack.org.yaml b/playbooks/roles/static/tasks/50-ask.openstack.org.yaml
new file mode 100644
index 0000000000..8d1f25cdad
--- /dev/null
+++ b/playbooks/roles/static/tasks/50-ask.openstack.org.yaml
@@ -0,0 +1,15 @@
+- name: Create ask directory
+ file:
+ path: /var/www/ask.openstack.org
+ state: directory
+ owner: www-data
+ group: www-data
+ mode: 0755
+
+- name: Copy ask index.html
+ copy:
+ src: 'ask.openstack.org/index.html'
+ dest: '/var/www/ask.openstack.org/index.html'
+ owner: www-data
+ group: www-data
+ mode: 0644
diff --git a/playbooks/roles/static/tasks/enable_site.yaml b/playbooks/roles/static/tasks/enable_site.yaml
index 273ef93069..ebdd926bf5 100644
--- a/playbooks/roles/static/tasks/enable_site.yaml
+++ b/playbooks/roles/static/tasks/enable_site.yaml
@@ -1,14 +1,20 @@
-- name: Add {{ item }} configuration
+- name: Check for deployment tasks
+ include_tasks: "{{ _dt }}"
+ when: _dt != ""
+ vars:
+ _dt: "{{ lookup('first_found', dict(files=[config+'.yaml']), errors='ignore') }}"
+
+- name: Add {{ config }} configuration
copy:
- src: '{{ item }}.conf'
+ src: '{{ config }}.conf'
dest: /etc/apache2/sites-available/
owner: root
group: root
mode: 0644
-- name: 'Enable {{ item }}'
- command: 'a2ensite {{ item }}'
+- name: 'Enable {{ config }}'
+ command: 'a2ensite {{ config }}'
args:
- creates: '/etc/apache2/sites-enabled/{{ item }}'
+ creates: '/etc/apache2/sites-enabled/{{ config }}'
notify:
- Reload apache2
diff --git a/playbooks/roles/static/tasks/main.yaml b/playbooks/roles/static/tasks/main.yaml
index a3f10c6bc8..5dbde6c35e 100644
--- a/playbooks/roles/static/tasks/main.yaml
+++ b/playbooks/roles/static/tasks/main.yaml
@@ -79,6 +79,7 @@
include_tasks: enable_site.yaml
loop:
- 00-static.opendev.org
+ - 50-ask.openstack.org
- 50-ci.openstack.org
- 50-cinder.openstack.org
- 50-developer.openstack.org
@@ -102,6 +103,8 @@
- 50-tarballs.opendev.org
- 50-tarballs.openstack.org
- 50-zuul-ci.org
+ loop_control:
+ loop_var: config
- name: Enable git sites
include_tasks: enable_git_site.yaml
diff --git a/testinfra/test_static.py b/testinfra/test_static.py
index 67f5f79c74..ddf118f9fa 100644
--- a/testinfra/test_static.py
+++ b/testinfra/test_static.py
@@ -42,6 +42,12 @@ def test_static_opendev_org(host, name):
(name, name))
assert 'Index of /' in cmd.stdout
+def test_ask_openstack_org(host):
+ cmd = host.run('curl --insecure '
+ '--resolve ask.openstack.org:443:127.0.0.1 '
+ 'https://ask.openstack.org/')
+ assert 'ask.openstack.org' in cmd.stdout
+
def test_docs_airshipit_org(host):
cmd = host.run('curl --insecure '
'--resolve docs.airshipit.org:443:127.0.0.1 '