Serve meetings.opendev.org

This site replaces eavesdrop.openstack.org.  I think this name makes
more sense.

That is/was being published by jobs directly pushing this onto the
eavesdrop server.  Instead, the publishing jobs for irc-meetings now
publish to /afs/openstack.org/project/meetings.opendev.org.  This
makes the site available via the static server.

This is actually a production no-op; nothing has changed for the
current publishing.  It is still todo to figure out the correct
redirects to keep things working from the existing
eavesdrop.openstack.org and stop the old publishing method.

Depends-On: https://review.opendev.org/c/opendev/zone-opendev.org/+/794085
Change-Id: Ia582c4cee1f074e78cee32626be86fd5eb1d81bd
This commit is contained in:
Ian Wienand 2021-06-02 11:51:54 +10:00
parent 728fd00c6d
commit 270daa1b1a
6 changed files with 53 additions and 0 deletions

View File

@ -41,6 +41,8 @@ letsencrypt_certs:
- keystone.openstack.org
static01-nova-openstack-org:
- nova.openstack.org
static01-meetings-opendev-org:
- meetings.opendev.org
static01-planet-openstack-org:
- planet.openstack.org
static01-service-types-openstack-org:

View File

@ -35,6 +35,7 @@ VOLUMES = ['docs',
'project.airship',
'project.governance',
'project.opendev',
'project.meetings',
'project.releases',
'project.security',
'project.service-types',

View File

@ -90,6 +90,9 @@
- name: letsencrypt updated static01-keystone-openstack-org
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
- name: letsencrypt updated static01-meetings-opendev-org
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
- name: letsencrypt updated static01-nova-openstack-org
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml

View File

@ -0,0 +1,40 @@
Define AFS_ROOT /afs/openstack.org/project/meetings.opendev.org
<VirtualHost *:80>
ServerName meetings.opendev.org
RewriteEngine On
RewriteRule ^/(.*) https://meetings.opendev.org/$1 [last,redirect=permanent]
LogLevel warn
ErrorLog /var/log/apache2/meetings.opendev.org_error.log
CustomLog /var/log/apache2/meetings.opendev.org_access.log combined
ServerSignature Off
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName meetings.opendev.org
DocumentRoot ${AFS_ROOT}
SSLCertificateFile /etc/letsencrypt-certs/meetings.opendev.org/meetings.opendev.org.cer
SSLCertificateKeyFile /etc/letsencrypt-certs/meetings.opendev.org/meetings.opendev.org.key
SSLCertificateChainFile /etc/letsencrypt-certs/meetings.opendev.org/ca.cer
SSLProtocol All -SSLv2 -SSLv3
# Note: this list should ensure ciphers that provide forward secrecy
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!AES256:!aNULL:!eNULL:!MD5:!DSS:!PSK:!SRP
SSLHonorCipherOrder on
<Directory ${AFS_ROOT}>
Options Indexes FollowSymLinks MultiViews
AllowOverrideList Redirect RedirectMatch
Require all granted
</Directory>
LogLevel warn
ErrorLog /var/log/apache2/meetings.opendev.org_error.log
CustomLog /var/log/apache2/meetings.opendev.org_access.log combined
ServerSignature Off
</VirtualHost>
</IfModule>

View File

@ -92,6 +92,7 @@
- 50-glance.openstack.org
- 50-horizon.openstack.org
- 50-keystone.openstack.org
- 50-meetings.opendev.org
- 50-nova.openstack.org
- 50-planet.openstack.org
- 50-security.openstack.org

View File

@ -220,6 +220,12 @@ def test_planet_openstack_org_redirects(host):
assert '301 Moved Permanently' in cmd.stdout
assert 'https://opendev.org/openstack/openstack-planet' in cmd.stdout
def test_meetings_opendev_org(host):
cmd = host.run('curl --insecure '
'--resolve meetings.opendev.org:443:127.0.0.1 '
'https://meetings.opendev.org/')
assert 'IRC channels and meetings' in cmd.stdout
ci_redirects = (
('/jenkins-job-builder', 'https://docs.openstack.org/infra/jenkins-job-builder'),
('/nodepool', 'https://docs.openstack.org/infra/nodepool'),