diff --git a/doc/source/openstackid.rst b/doc/source/openstackid.rst deleted file mode 100644 index 32b9ce8f34..0000000000 --- a/doc/source/openstackid.rst +++ /dev/null @@ -1,147 +0,0 @@ -:title: OpenstackId - -================== -OpenstackId Server -================== - -OpenId Idp/ OAuth2.0 AS/RS - -At a Glance -=========== - -:Wiki: - * https://wiki.openstack.org/wiki/OpenStackID -:Hosts: - * https://openstackid-dev.openstack.org - * https://openstackid.org -:Puppet: - * https://opendev.org/opendev/puppet-openstackid - * :git_file:`modules/openstack_project/manifests/openstackid_dev.pp` -:Projects: - * http://opendev.org/osf/openstackid/ -:Bugs: - * https://storyboard.openstack.org/#!/project/728 -:Resources: - * http://laravel.com/docs/installation - * http://laravel.com/docs/configuration - -Objective -========= - -OpenStackID has been developed to provide a unique online identity for -all OpenStack web properties. The intention is to replace Launchpad as -openID provider. The code provides authentication via OpenID and -authentication + authorization via OAuth2. More details about -OpenStackID server are on the wiki. - -Servers -======= - -openstackid-dev.openstack.org is configured to deploy -http://tarballs.openstack.org/openstackid/openstackid-latest.tar.gz -which is the automatically generated per-commit tarball of the master -branch. No action is necessary to update the deployment of -openstackid-dev to the latest merged commit in master. - -openstackid.openstack.org is configured to deploy a specific tag. To -update this deployment, tag the repo to create a release, and then -update puppet to point to that release name. - -Configuration -============= - -Environment Configuration -_________________________ - -We need to instruct the Laravel Framework how to determine which -environment it is running in. The default environment is always -production. However, you may setup other environments within the -*bootstrap/start.php* file at the root of your installation. - -It is include on folder bootstrap a file called bootstrap/environment.php.tpl -you must make a copy and rename it to bootstrap/environment.php - -In this file you will find an **$app->detectEnvironment** call. The -array passed to this method is used to determine the current -environment. You may add other environments and machine names to the -array as needed. - -.. code-block:: php - - detectEnvironment(array( - - 'local' => array('your-machine-name'), - - )); - -Database Configuration -______________________ - -It is often helpful to have different configuration values based on -the environment the application is running in. For example, you may -wish to use a different database configuration on your development -machine than on the production server. It is easy to accomplish this -using environment based configuration. -Simply create a folder within the config directory that matches your -environment name, such as **dev**. Next, create the configuration -files you wish to override and specify the options for that -environment. For example, to override the database configuration for -the local environment, you would create a database.php file in -app/config/dev. - -OpenstackId server makes use of two database connections: - -* openstackid -* os_members - -**openstackid** is its own OpenstackId Server DB, where stores all -related configuration to openid/oauth2 protocol. -**os_members** is SS DB (http://www.openstack.org/). -both configuration are living on config file **database.php**, which -could be a set per environment as forementioned like -app/config/dev/database.php - - -Error Log Configuration -_______________________ - -Error log configuration is on file *app/config/log.php* but could be -overridden per environment such as *app/config/dev/log.php* , here you -set two variables: - -* to_email : The receiver of the error log email. -* from_email: The sender of the error log email. - - -Recaptcha Configuration -_______________________ - -OpenstackId server uses recaptcha facility to discourage brute force -attacks attempts on login page, so in order to work properly recaptcha -plugin must be provided with a public and a private key -(http://www.google.com/recaptcha). These keys are set on file -*app/config/packages/greggilbert/recaptcha/config.php*, but also -could be set per environment using following directory structure -*app/config/packages/greggilbert/recaptcha/dev/config.php*. - -Installation -____________ - -OpenstackId Server uses composer utility in order to install all -needed dependencies. After you get the source code from git, you must -run following commands on application root directory: - -* curl -sS https://getcomposer.org/installer | php -* php composer.phar install -* php artisan migrate --env=YOUR ENVIRONMENT -* php artisan db:seed --env=YOUR ENVIRONMENT - -** your virtual host must point to /public folder. - -Permissions -___________ - -Laravel may require one set of permissions to be configured: folders -within app/storage require write access by the web server. diff --git a/doc/source/systems.rst b/doc/source/systems.rst index f3d8f67b9c..addd112d0b 100644 --- a/doc/source/systems.rst +++ b/doc/source/systems.rst @@ -27,7 +27,6 @@ Major Systems reprepro lists wiki - openstackid storyboard kerberos afs diff --git a/hiera/common.yaml b/hiera/common.yaml index 75b752414b..181d365ec3 100644 --- a/hiera/common.yaml +++ b/hiera/common.yaml @@ -69,8 +69,6 @@ cacti_hosts: - nl04.opendev.org - ns1.opendev.org - ns2.opendev.org -- openstackid01.openstack.org -- openstackid.org - paste.openstack.org - puppetmaster.openstack.org - meetpad.opendev.org diff --git a/inventory/base/hosts.yaml b/inventory/base/hosts.yaml index d87fed21c0..c647feb0bf 100644 --- a/inventory/base/hosts.yaml +++ b/inventory/base/hosts.yaml @@ -590,20 +590,6 @@ all: region_name: ca-ymq-1 public_v4: 162.253.55.16 public_v6: 2604:e100:1:0:f816:3eff:fe2c:7447 - openstackid-dev01.openstack.org: - ansible_host: 104.130.246.14 - location: - cloud: openstackci-rax - region_name: DFW - public_v4: 104.130.246.14 - public_v6: 2001:4800:7819:103:be76:4eff:fe04:8719 - openstackid01.openstack.org: - ansible_host: 104.130.159.12 - location: - cloud: openstackci-rax - region_name: DFW - public_v4: 104.130.159.12 - public_v6: 2001:4800:7818:102:be76:4eff:fe04:673f paste01.opendev.org: ansible_host: 104.130.127.175 location: diff --git a/inventory/service/groups.yaml b/inventory/service/groups.yaml index 2afc3087d1..be39e25878 100644 --- a/inventory/service/groups.yaml +++ b/inventory/service/groups.yaml @@ -43,7 +43,6 @@ groups: control-plane-clouds: - bridge.openstack.org disabled: - - idp.openstackid.org - wiki-dev01.openstack.org - wiki-upgrade-test.openstack.org dns: @@ -94,7 +93,6 @@ groups: - meetpad[0-9]*.opendev.org - mirror[0-9]*.opendev.org - nb[0-9]*.opendev.org - - openstackid[0-9]*.openstack.org - paste[0-9]*.opendev.org - refstack[0-9]*.openstack.org - review[0-9]*.opendev.org @@ -124,11 +122,6 @@ groups: - nl[0-9]*.open*.org ns: - ns[0-9]*.open*.org - openstackid-dev: - - openstackid-dev*.openstack.org - openstackid: - - openstackid.org - - openstackid[0-9]*.openstack.org paste: - paste[0-9]*.opendev.org puppet: @@ -138,9 +131,6 @@ groups: - health[0-9]*.openstack.org - logstash-worker[0-9]*.open*.org - logstash[0-9]*.open*.org - - openstackid-dev*.openstack.org - - openstackid.org - - openstackid[0-9]*.openstack.org - status*.open*.org - storyboard-dev[0-9]*.opendev.org - storyboard[0-9]*.opendev.org @@ -156,8 +146,6 @@ groups: - health[0-9]*.openstack.org - logstash-worker[0-9]*.open*.org - logstash[0-9]*.open*.org - - openstackid[0-9]*.openstack.org - - openstackid-dev[0-9]*.openstack.org - status*.open*.org - storyboard[0-9]*.opendev.org - storyboard-dev[0-9]*.opendev.org @@ -200,9 +188,6 @@ groups: - health[0-9]*.openstack.org - nb[0-9]*.opendev.org - nl[0-9]*.open*.org - - openstackid-dev*.openstack.org - - openstackid.org - - openstackid[0-9]*.openstack.org - paste[0-9]*.opendev.org - refstack[0-9]*.openstack.org - static[0-9]*.opendev.org diff --git a/inventory/service/host_vars/openstackid01.openstack.org.yaml b/inventory/service/host_vars/openstackid01.openstack.org.yaml deleted file mode 100644 index b355a565ce..0000000000 --- a/inventory/service/host_vars/openstackid01.openstack.org.yaml +++ /dev/null @@ -1,4 +0,0 @@ -letsencrypt_certs: - openstackid01-openstack-org-main: - - openstackid.org - - www.openstackid.org diff --git a/manifests/site.pp b/manifests/site.pp index f4fd37aa50..aef839e3ad 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -203,109 +203,6 @@ node /^status\d*\.open.*\.org$/ { } } -# Node-OS: xenial -node /^openstackid\d*(\.openstack)?\.org$/ { - $group = "openstackid" - class { 'openstack_project::openstackid_prod': - site_admin_password => hiera('openstackid_site_admin_password'), - id_mysql_host => hiera('openstackid_id_mysql_host', 'localhost'), - id_mysql_password => hiera('openstackid_id_mysql_password'), - id_mysql_user => hiera('openstackid_id_mysql_user', 'username'), - id_db_name => hiera('openstackid_id_db_name'), - redis_password => hiera('openstackid_redis_password'), - ssl_cert_file => '/etc/letsencrypt-certs/openstackid.org/openstackid.org.cer', - ssl_key_file => '/etc/letsencrypt-certs/openstackid.org/openstackid.org.key', - ssl_chain_file => '/etc/letsencrypt-certs/openstackid.org/ca.cer', - id_recaptcha_public_key => hiera('openstackid_recaptcha_public_key'), - id_recaptcha_private_key => hiera('openstackid_recaptcha_private_key'), - vhost_name => 'openstackid.org', - session_cookie_domain => 'openstackid.org', - serveradmin => 'webmaster@openstackid.org', - canonicalweburl => 'https://openstackid.org/', - app_url => 'https://openstackid.org', - app_key => hiera('openstackid_app_key'), - id_log_error_to_email => 'openstack@tipit.net', - id_log_error_from_email => 'noreply@openstack.org', - email_driver => 'sendgrid', - email_send_grid_api_key => hiera('openstackid_send_grid_api_key'), - php_version => 7, - mysql_ssl_enabled => true, - mysql_ssl_ca_file_contents => hiera('openstackid_mysql_ssl_ca_file_contents'), - mysql_ssl_client_key_file_contents => hiera('openstackid_mysql_ssl_client_key_file_contents'), - mysql_ssl_client_cert_file_contents => hiera('openstackid_mysql_ssl_client_cert_file_contents'), - user_spam_processor_to => hiera('openstackid_user_spam_processor_to'), - message_broker_exchange_name => 'message-broker', - message_broker_host => hiera('openstackid_message_broker_host'), - message_broker_port => 5671, - message_broker_vhost => 'databus', - message_broker_login => hiera('openstackid_message_broker_login'), - message_broker_password => hiera('openstackid_message_broker_password'), - message_broker_ssl_enabled => true, - message_broker_ssl_ca_file_contents => hiera('openstackid_message_broker_ssl_ca_file_contents'), - message_broker_ssl_client_cert_file_contents => hiera('openstackid_message_broker_ssl_client_cert_file_contents'), - message_broker_ssl_client_key_file_contents => hiera('openstackid_message_broker_ssl_client_key_file_contents'), - message_broker_enabled => true, - cloud_storage_base_url => hiera('openstackid_cloud_storage_base_url'), - cloud_storage_auth_url => 'https://auth.vexxhost.net/v3', - cloud_storage_app_credential_id => hiera('openstackid_cloud_storage_app_credential_id'), - cloud_storage_app_credential_secret => hiera('openstackid_cloud_storage_app_credential_secret'), - cloud_storage_project_name => hiera('openstackid_cloud_storage_project_name'), - cloud_storage_region => 'ca-ymq-1', - cloud_storage_container => 'idp-osf', - } -} - -# Node-OS: xenial -node /^openstackid-dev\d*\.openstack\.org$/ { - $group = "openstackid-dev" - class { 'openstack_project::openstackid_dev': - site_admin_password => hiera('openstackid_dev_site_admin_password'), - id_mysql_host => hiera('openstackid_dev_id_mysql_host', 'localhost'), - id_mysql_password => hiera('openstackid_dev_id_mysql_password'), - id_mysql_user => hiera('openstackid_dev_id_mysql_user', 'username'), - redis_password => hiera('openstackid_dev_redis_password'), - ssl_cert_file_contents => hiera('openstackid_dev_ssl_cert_file_contents'), - ssl_key_file_contents => hiera('openstackid_dev_ssl_key_file_contents'), - ssl_chain_file_contents => hiera('openstackid_dev_ssl_chain_file_contents'), - id_recaptcha_public_key => hiera('openstackid_dev_recaptcha_public_key'), - id_recaptcha_private_key => hiera('openstackid_dev_recaptcha_private_key'), - vhost_name => 'openstackid-dev.openstack.org', - session_cookie_domain => 'openstackid-dev.openstack.org', - serveradmin => 'webmaster@openstackid-dev.openstack.org', - canonicalweburl => 'https://openstackid-dev.openstack.org/', - app_url => 'https://openstackid-dev.openstack.org', - app_key => hiera('openstackid_dev_app_key'), - id_log_error_to_email => 'openstack@tipit.net', - id_log_error_from_email => 'noreply@openstack.org', - email_driver => 'sendgrid', - email_send_grid_api_key => hiera('openstackid_dev_send_grid_api_key'), - php_version => 7, - mysql_ssl_enabled => true, - mysql_ssl_ca_file_contents => hiera('openstackid_dev_mysql_ssl_ca_file_contents'), - mysql_ssl_client_key_file_contents => hiera('openstackid_dev_mysql_ssl_client_key_file_contents'), - mysql_ssl_client_cert_file_contents => hiera('openstackid_dev_mysql_ssl_client_cert_file_contents'), - user_spam_processor_to => hiera('openstackid_dev_user_spam_processor_to'), - message_broker_exchange_name => 'message-broker', - message_broker_host => hiera('openstackid_dev_message_broker_host'), - message_broker_port => 5671, - message_broker_vhost => 'databus', - message_broker_login => hiera('openstackid_dev_message_broker_login'), - message_broker_password => hiera('openstackid_dev_message_broker_password'), - message_broker_ssl_enabled => true, - message_broker_ssl_ca_file_contents => hiera('openstackid_dev_message_broker_ssl_ca_file_contents'), - message_broker_ssl_client_cert_file_contents => hiera('openstackid_dev_message_broker_ssl_client_cert_file_contents'), - message_broker_ssl_client_key_file_contents => hiera('openstackid_dev_message_broker_ssl_client_key_file_contents'), - message_broker_enabled => true, - cloud_storage_base_url => hiera('openstackid_dev_cloud_storage_base_url'), - cloud_storage_auth_url => 'https://auth.vexxhost.net/v3', - cloud_storage_app_credential_id => hiera('openstackid_dev_cloud_storage_app_credential_id'), - cloud_storage_app_credential_secret => hiera('openstackid_dev_cloud_storage_app_credential_secret'), - cloud_storage_project_name => hiera('openstackid_dev_cloud_storage_project_name'), - cloud_storage_region => 'ca-ymq-1', - cloud_storage_container => 'idp-osf', - } -} - # Node-OS: xenial node /^translate\d+\.open.*\.org$/ { $group = "translate" diff --git a/modules.env b/modules.env index bc2255f3b1..2e6fde2489 100644 --- a/modules.env +++ b/modules.env @@ -72,7 +72,6 @@ INTEGRATION_MODULES["$OPENSTACK_GIT_ROOT/opendev/puppet-mediawiki"]="origin/mast INTEGRATION_MODULES["$OPENSTACK_GIT_ROOT/opendev/puppet-meetbot"]="origin/master" INTEGRATION_MODULES["$OPENSTACK_GIT_ROOT/opendev/puppet-mysql_backup"]="origin/master" INTEGRATION_MODULES["$OPENSTACK_GIT_ROOT/opendev/puppet-openstack_health"]="origin/master" -INTEGRATION_MODULES["$OPENSTACK_GIT_ROOT/opendev/puppet-openstackid"]="origin/master" INTEGRATION_MODULES["$OPENSTACK_GIT_ROOT/opendev/puppet-pgsql_backup"]="origin/master" INTEGRATION_MODULES["$OPENSTACK_GIT_ROOT/opendev/puppet-pip"]="origin/master" INTEGRATION_MODULES["$OPENSTACK_GIT_ROOT/opendev/puppet-project_config"]="origin/master" diff --git a/modules/openstack_project/manifests/openstackid_dev.pp b/modules/openstack_project/manifests/openstackid_dev.pp deleted file mode 100644 index 1d1fe4879a..0000000000 --- a/modules/openstack_project/manifests/openstackid_dev.pp +++ /dev/null @@ -1,185 +0,0 @@ -# Copyright 2013 OpenStack Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# openstackid idp(sso-openid) dev server -# -class openstack_project::openstackid_dev ( - $site_admin_password = '', - $id_mysql_host = '', - $id_mysql_user = '', - $id_mysql_password = '', - $id_db_name = 'openstackid_dev', - $redis_port = '6378', - $redis_max_memory = '1gb', - $redis_bind = '127.0.0.1', - $redis_password = '', - $redis_version = '2.8.4', - $id_recaptcha_public_key = '', - $id_recaptcha_private_key = '', - $id_recaptcha_template = '', - $id_log_error_to_email = '', - $id_log_error_from_email = '', - $id_environment = 'dev', - $ssl_cert_file_contents = '', - $ssl_key_file_contents = '', - $ssl_chain_file_contents = '', - $vhost_name = '', - $serveradmin = '', - $canonicalweburl = '', - $session_cookie_domain = '', - $app_url = '', - $app_key = '', - $email_driver = 'mail', - $email_send_grid_api_key = '', - $email_smtp_server = 'smtp.mailgun.org', - $email_smtp_server_port = 587, - $email_smtp_server_user = '', - $email_smtp_server_password = '', - $laravel_version = 5, - $app_log_level = 'debug', - $app_log_email_level = 'error', - $db_log_enabled = false, - $banning_enabled = false, - $app_debug = false, - $app_locale = 'en', - $curl_verify_ssl_cert = false, - $curl_allow_redirect = false, - $curl_timeout = 60, - $assets_base_url = 'https://devbranch.openstack.org/', - $cache_driver = 'redis', - $session_driver = 'redis', - $session_cookie_secure = false, - $php_version = 7, - $mysql_ssl_enabled = false, - $mysql_ssl_ca_file = '/etc/mysql-client-ssl/ca-cert.pem', - $mysql_ssl_ca_file_contents = '', - $mysql_ssl_client_key_file = '/etc/mysql-client-ssl/client-key.pem', - $mysql_ssl_client_key_file_contents = '', - $mysql_ssl_client_cert_file = '/etc/mysql-client-ssl/client-cert.pem', - $mysql_ssl_client_cert_file_contents = '', - $user_spam_processor_to = '', - $message_broker_exchange_name = 'message-broker', - $message_broker_host = '', - $message_broker_port = 5672, - $message_broker_vhost = 'databus', - $message_broker_login = '', - $message_broker_password = '', - $message_broker_ssl_enabled = false, - $message_broker_ssl_ca_file = '/etc/rabbitmq-client-ssl/ca-cert.pem', - $message_broker_ssl_ca_file_contents = '', - $message_broker_ssl_client_cert_file = '/etc/rabbitmq-client-ssl/client-cert.pem', - $message_broker_ssl_client_cert_file_contents = '', - $message_broker_ssl_client_key_file = '/etc/rabbitmq-client-ssl/client-key.pem', - $message_broker_ssl_client_key_file_contents = '', - $message_broker_enabled = false, - $cloud_storage_base_url = '', - $cloud_storage_auth_url = '', - $cloud_storage_app_credential_id = '', - $cloud_storage_app_credential_secret = '', - $cloud_storage_project_name = '', - $cloud_storage_region = '', - $cloud_storage_container = '', -) { - - class { 'openstack_project::server': } - - class { 'openstackid': - site_admin_password => $site_admin_password, - id_mysql_host => $id_mysql_host, - id_mysql_user => $id_mysql_user, - id_mysql_password => $id_mysql_password, - id_db_name => $id_db_name, - redis_port => $redis_port, - redis_host => $redis_bind, - redis_password => $redis_password, - id_recaptcha_public_key => $id_recaptcha_public_key, - id_recaptcha_private_key => $id_recaptcha_private_key, - id_recaptcha_template => $id_recaptcha_template, - id_log_error_to_email => $id_log_error_to_email, - id_log_error_from_email => $id_log_error_from_email, - id_environment => $id_environment, - ssl_cert_file => "/etc/ssl/certs/${::fqdn}.pem", - ssl_key_file => "/etc/ssl/private/${::fqdn}.key", - ssl_chain_file => '/etc/ssl/certs/intermediate.pem', - ssl_cert_file_contents => $ssl_cert_file_contents, - ssl_key_file_contents => $ssl_key_file_contents, - ssl_chain_file_contents => $ssl_chain_file_contents, - vhost_name => $vhost_name, - serveradmin => $serveradmin, - canonicalweburl => $canonicalweburl, - session_cookie_domain => $session_cookie_domain, - app_url => $app_url, - app_key => $app_key, - email_driver => $email_driver, - email_send_grid_api_key => $email_send_grid_api_key, - email_smtp_server => $email_smtp_server, - email_smtp_server_port => $email_smtp_server_port, - email_smtp_server_user => $email_smtp_server_user, - email_smtp_server_password => $email_smtp_server_password, - laravel_version => $laravel_version, - app_log_level => $app_log_level, - app_log_email_level => $app_log_email_level, - db_log_enabled => $db_log_enabled, - banning_enabled => $banning_enabled, - app_debug => $app_debug, - app_locale => $app_locale, - curl_verify_ssl_cert => $curl_verify_ssl_cert, - curl_allow_redirect => $curl_allow_redirect, - curl_timeout => $curl_timeout, - assets_base_url => $assets_base_url, - cache_driver => $cache_driver, - session_driver => $session_driver, - session_cookie_secure => $session_cookie_secure, - php_version => $php_version, - mysql_ssl_enabled => $mysql_ssl_enabled, - mysql_ssl_ca_file => $mysql_ssl_ca_file, - mysql_ssl_ca_file_contents => $mysql_ssl_ca_file_contents, - mysql_ssl_client_key_file => $mysql_ssl_client_key_file, - mysql_ssl_client_key_file_contents => $mysql_ssl_client_key_file_contents, - mysql_ssl_client_cert_file => $mysql_ssl_client_cert_file, - mysql_ssl_client_cert_file_contents => $mysql_ssl_client_cert_file_contents, - user_spam_processor_to => $user_spam_processor_to, - message_broker_exchange_name => $message_broker_exchange_name, - message_broker_host => $message_broker_host, - message_broker_port => $message_broker_port, - message_broker_vhost => $message_broker_vhost, - message_broker_login => $message_broker_login, - message_broker_password => $message_broker_password, - message_broker_ssl_enabled => $message_broker_ssl_enabled, - message_broker_ssl_ca_file => $message_broker_ssl_ca_file, - message_broker_ssl_ca_file_contents => $message_broker_ssl_ca_file_contents, - message_broker_ssl_client_cert_file => $message_broker_ssl_client_cert_file, - message_broker_ssl_client_cert_file_contents => $message_broker_ssl_client_cert_file_contents, - message_broker_ssl_client_key_file => $message_broker_ssl_client_key_file, - message_broker_ssl_client_key_file_contents => $message_broker_ssl_client_key_file_contents, - message_broker_enabled => $message_broker_enabled, - cloud_storage_base_url => $cloud_storage_base_url, - cloud_storage_auth_url => $cloud_storage_auth_url, - cloud_storage_app_credential_id => $cloud_storage_app_credential_id, - cloud_storage_app_credential_secret => $cloud_storage_app_credential_secret, - cloud_storage_project_name => $cloud_storage_project_name, - cloud_storage_region => $cloud_storage_region, - cloud_storage_container => $cloud_storage_container, - } - - # redis (custom module written by tipit) - class { 'redis': - redis_port => $redis_port, - redis_max_memory => $redis_max_memory, - redis_bind => $redis_bind, - redis_password => $redis_password, - version => $redis_version , - } - -} diff --git a/modules/openstack_project/manifests/openstackid_prod.pp b/modules/openstack_project/manifests/openstackid_prod.pp deleted file mode 100644 index 3edab3c156..0000000000 --- a/modules/openstack_project/manifests/openstackid_prod.pp +++ /dev/null @@ -1,197 +0,0 @@ -# Copyright 2013 OpenStack Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# openstackid idp(sso-openid) server -# -class openstack_project::openstackid_prod ( - $site_admin_password = '', - $id_mysql_host = '', - $id_mysql_user = '', - $id_mysql_password = '', - $id_db_name = '', - $redis_port = '6378', - $redis_max_memory = '1gb', - $redis_bind = '127.0.0.1', - $redis_password = '', - $redis_version = '2.8.4', - $id_recaptcha_public_key = '', - $id_recaptcha_private_key = '', - $id_recaptcha_template = '', - $id_log_error_to_email = '', - $id_log_error_from_email = '', - $id_environment = 'production', - $ssl_cert_file = "/etc/ssl/certs/${::fqdn}.pem", - $ssl_key_file = "/etc/ssl/private/${::fqdn}.key", - $ssl_chain_file = '/etc/ssl/certs/intermediate.pem', - $ssl_cert_file_contents = '', - $ssl_key_file_contents = '', - $ssl_chain_file_contents = '', - $vhost_name = '', - $serveradmin = '', - $canonicalweburl = '', - $session_cookie_domain = '', - $release = '3.0.18', - $app_url = '', - $app_key = '', - $email_driver = 'mail', - $email_send_grid_api_key = '', - $email_smtp_server = 'smtp.mailgun.org', - $email_smtp_server_port = 587, - $email_smtp_server_user = '', - $email_smtp_server_password = '', - $laravel_version = 5, - $app_log_level = 'error', - $app_log_email_level = 'error', - $db_log_enabled = false, - $banning_enabled = true, - $app_debug = false, - $app_locale = 'en', - $curl_verify_ssl_cert = true, - $curl_allow_redirect = false, - $curl_timeout = 60, - $assets_base_url = 'https://www.openstack.org/', - $cache_driver = 'redis', - $session_driver = 'redis', - $session_cookie_secure = false, - $php_version = 7, - $mysql_ssl_enabled = false, - $mysql_ssl_ca_file = '/etc/mysql-client-ssl/ca-cert.pem', - $mysql_ssl_ca_file_contents = '', - $mysql_ssl_client_key_file = '/etc/mysql-client-ssl/client-key.pem', - $mysql_ssl_client_key_file_contents = '', - $mysql_ssl_client_cert_file = '/etc/mysql-client-ssl/client-cert.pem', - $mysql_ssl_client_cert_file_contents = '', - $user_spam_processor_to = '', - $message_broker_exchange_name = 'message-broker', - $message_broker_host = '', - $message_broker_port = 5672, - $message_broker_vhost = 'databus', - $message_broker_login = '', - $message_broker_password = '', - $message_broker_ssl_enabled = false, - $message_broker_ssl_ca_file = '/etc/rabbitmq-client-ssl/ca-cert.pem', - $message_broker_ssl_ca_file_contents = '', - $message_broker_ssl_client_cert_file = '/etc/rabbitmq-client-ssl/client-cert.pem', - $message_broker_ssl_client_cert_file_contents = '', - $message_broker_ssl_client_key_file = '/etc/rabbitmq-client-ssl/client-key.pem', - $message_broker_ssl_client_key_file_contents = '', - $message_broker_enabled = false, - $cloud_storage_base_url = '', - $cloud_storage_auth_url = '', - $cloud_storage_app_credential_id = '', - $cloud_storage_app_credential_secret = '', - $cloud_storage_project_name = '', - $cloud_storage_region = '', - $cloud_storage_container = '', -) { - - class { 'openstack_project::server': } - - class { 'openstackid': - site_admin_password => $site_admin_password, - id_mysql_host => $id_mysql_host, - id_mysql_user => $id_mysql_user, - id_mysql_password => $id_mysql_password, - id_db_name => $id_db_name, - redis_port => $redis_port, - redis_host => $redis_bind, - redis_password => $redis_password, - id_recaptcha_public_key => $id_recaptcha_public_key, - id_recaptcha_private_key => $id_recaptcha_private_key, - id_recaptcha_template => $id_recaptcha_template, - id_log_error_to_email => $id_log_error_to_email, - id_log_error_from_email => $id_log_error_from_email, - id_environment => $id_environment, - ssl_cert_file => $ssl_cert_file, - ssl_key_file => $ssl_key_file, - ssl_chain_file => $ssl_chain_file, - ssl_cert_file_contents => $ssl_cert_file_contents, - ssl_key_file_contents => $ssl_key_file_contents, - ssl_chain_file_contents => $ssl_chain_file_contents, - vhost_name => $vhost_name, - serveradmin => $serveradmin, - canonicalweburl => $canonicalweburl, - session_cookie_domain => $session_cookie_domain, - openstackid_release => $release, - app_url => $app_url, - app_key => $app_key, - app_version => $release, - email_driver => $email_driver, - email_send_grid_api_key => $email_send_grid_api_key, - email_smtp_server => $email_smtp_server, - email_smtp_server_port => $email_smtp_server_port, - email_smtp_server_user => $email_smtp_server_user, - email_smtp_server_password => $email_smtp_server_password, - laravel_version => $laravel_version, - app_log_level => $app_log_level, - app_log_email_level => $app_log_email_level, - db_log_enabled => $db_log_enabled, - banning_enabled => $banning_enabled, - app_debug => $app_debug, - app_locale => $app_locale, - curl_verify_ssl_cert => $curl_verify_ssl_cert, - curl_allow_redirect => $curl_allow_redirect, - curl_timeout => $curl_timeout, - assets_base_url => $assets_base_url, - cache_driver => $cache_driver, - session_driver => $session_driver, - session_cookie_secure => $session_cookie_secure, - php_version => $php_version, - mysql_ssl_enabled => $mysql_ssl_enabled, - mysql_ssl_ca_file => $mysql_ssl_ca_file, - mysql_ssl_ca_file_contents => $mysql_ssl_ca_file_contents, - mysql_ssl_client_key_file => $mysql_ssl_client_key_file, - mysql_ssl_client_key_file_contents => $mysql_ssl_client_key_file_contents, - mysql_ssl_client_cert_file => $mysql_ssl_client_cert_file, - mysql_ssl_client_cert_file_contents => $mysql_ssl_client_cert_file_contents, - user_spam_processor_to => $user_spam_processor_to, - message_broker_exchange_name => $message_broker_exchange_name, - message_broker_host => $message_broker_host, - message_broker_port => $message_broker_port, - message_broker_vhost => $message_broker_vhost, - message_broker_login => $message_broker_login, - message_broker_password => $message_broker_password, - message_broker_ssl_enabled => $message_broker_ssl_enabled, - message_broker_ssl_ca_file => $message_broker_ssl_ca_file, - message_broker_ssl_ca_file_contents => $message_broker_ssl_ca_file_contents, - message_broker_ssl_client_cert_file => $message_broker_ssl_client_cert_file, - message_broker_ssl_client_cert_file_contents => $message_broker_ssl_client_cert_file_contents, - message_broker_ssl_client_key_file => $message_broker_ssl_client_key_file, - message_broker_ssl_client_key_file_contents => $message_broker_ssl_client_key_file_contents, - message_broker_enabled => $message_broker_enabled, - cloud_storage_base_url => $cloud_storage_base_url, - cloud_storage_auth_url => $cloud_storage_auth_url, - cloud_storage_app_credential_id => $cloud_storage_app_credential_id, - cloud_storage_app_credential_secret => $cloud_storage_app_credential_secret, - cloud_storage_project_name => $cloud_storage_project_name, - cloud_storage_region => $cloud_storage_region, - cloud_storage_container => $cloud_storage_container, - } - - # redis (custom module written by tipit) - class { 'redis': - redis_port => $redis_port, - redis_max_memory => $redis_max_memory, - redis_bind => $redis_bind, - redis_password => $redis_password, - version => $redis_version , - } - - mysql_backup::backup_remote { $id_db_name: - database_host => $id_mysql_host, - database_user => $id_mysql_user, - database_password => $id_mysql_password, - } - -} diff --git a/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml b/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml index f2bfe40990..1762fd73bf 100644 --- a/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml +++ b/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml @@ -246,9 +246,6 @@ - name: letsencrypt updated ethercalc02-openstack-org-main include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml -- name: letsencrypt updated openstackid01-openstack-org-main - include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml - - name: letsencrypt updated storyboard01-opendev-org-main include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml diff --git a/zuul.d/puppet.yaml b/zuul.d/puppet.yaml index 81ee2f9d8d..997aed2164 100644 --- a/zuul.d/puppet.yaml +++ b/zuul.d/puppet.yaml @@ -27,7 +27,6 @@ - opendev/puppet-meetbot - opendev/puppet-mysql_backup - opendev/puppet-openstack_health - - opendev/puppet-openstackid - opendev/puppet-openstack_infra_spec_helper - opendev/puppet-pgsql_backup - opendev/puppet-pip @@ -97,7 +96,6 @@ - opendev/puppet-mysql_backup - opendev/puppet-meetbot - opendev/puppet-pip - - opendev/puppet-openstackid - opendev/puppet-project_config - opendev/puppet-ethercalc - opendev/puppet-httpd