From 2fbf6d9e7a515a73ba958e82ae75b49380d4bd36 Mon Sep 17 00:00:00 2001 From: Jeremy Stanley Date: Tue, 31 Aug 2021 19:51:27 +0000 Subject: [PATCH] Stop managing OpenStackID servers The Open Infrastructure Foundation's developers who maintain the OpenStackID software are taking over management of the site itself, and have deployed it on new servers. DNS records have already been updated to the new IP address, so it's time to clean up our end in preparation for deleting the old servers we've been running. OpenStackID is still used by some services we run, like RefStack and Zanata, and we're still hosting the OpenStackID Git repository and documentation, so this does not get rid of all references to it. Change-Id: I1d625d5204f1e9e3a85ba9605465f6ebb9433021 --- doc/source/openstackid.rst | 147 ------------- doc/source/systems.rst | 1 - hiera/common.yaml | 2 - inventory/base/hosts.yaml | 14 -- inventory/service/groups.yaml | 15 -- .../openstackid01.openstack.org.yaml | 4 - manifests/site.pp | 103 --------- modules.env | 1 - .../manifests/openstackid_dev.pp | 185 ---------------- .../manifests/openstackid_prod.pp | 197 ------------------ .../handlers/main.yaml | 3 - zuul.d/puppet.yaml | 2 - 12 files changed, 674 deletions(-) delete mode 100644 doc/source/openstackid.rst delete mode 100644 inventory/service/host_vars/openstackid01.openstack.org.yaml delete mode 100644 modules/openstack_project/manifests/openstackid_dev.pp delete mode 100644 modules/openstack_project/manifests/openstackid_prod.pp diff --git a/doc/source/openstackid.rst b/doc/source/openstackid.rst deleted file mode 100644 index 32b9ce8f34..0000000000 --- a/doc/source/openstackid.rst +++ /dev/null @@ -1,147 +0,0 @@ -:title: OpenstackId - -================== -OpenstackId Server -================== - -OpenId Idp/ OAuth2.0 AS/RS - -At a Glance -=========== - -:Wiki: - * https://wiki.openstack.org/wiki/OpenStackID -:Hosts: - * https://openstackid-dev.openstack.org - * https://openstackid.org -:Puppet: - * https://opendev.org/opendev/puppet-openstackid - * :git_file:`modules/openstack_project/manifests/openstackid_dev.pp` -:Projects: - * http://opendev.org/osf/openstackid/ -:Bugs: - * https://storyboard.openstack.org/#!/project/728 -:Resources: - * http://laravel.com/docs/installation - * http://laravel.com/docs/configuration - -Objective -========= - -OpenStackID has been developed to provide a unique online identity for -all OpenStack web properties. The intention is to replace Launchpad as -openID provider. The code provides authentication via OpenID and -authentication + authorization via OAuth2. More details about -OpenStackID server are on the wiki. - -Servers -======= - -openstackid-dev.openstack.org is configured to deploy -http://tarballs.openstack.org/openstackid/openstackid-latest.tar.gz -which is the automatically generated per-commit tarball of the master -branch. No action is necessary to update the deployment of -openstackid-dev to the latest merged commit in master. - -openstackid.openstack.org is configured to deploy a specific tag. To -update this deployment, tag the repo to create a release, and then -update puppet to point to that release name. - -Configuration -============= - -Environment Configuration -_________________________ - -We need to instruct the Laravel Framework how to determine which -environment it is running in. The default environment is always -production. However, you may setup other environments within the -*bootstrap/start.php* file at the root of your installation. - -It is include on folder bootstrap a file called bootstrap/environment.php.tpl -you must make a copy and rename it to bootstrap/environment.php - -In this file you will find an **$app->detectEnvironment** call. The -array passed to this method is used to determine the current -environment. You may add other environments and machine names to the -array as needed. - -.. code-block:: php - - detectEnvironment(array( - - 'local' => array('your-machine-name'), - - )); - -Database Configuration -______________________ - -It is often helpful to have different configuration values based on -the environment the application is running in. For example, you may -wish to use a different database configuration on your development -machine than on the production server. It is easy to accomplish this -using environment based configuration. -Simply create a folder within the config directory that matches your -environment name, such as **dev**. Next, create the configuration -files you wish to override and specify the options for that -environment. For example, to override the database configuration for -the local environment, you would create a database.php file in -app/config/dev. - -OpenstackId server makes use of two database connections: - -* openstackid -* os_members - -**openstackid** is its own OpenstackId Server DB, where stores all -related configuration to openid/oauth2 protocol. -**os_members** is SS DB (http://www.openstack.org/). -both configuration are living on config file **database.php**, which -could be a set per environment as forementioned like -app/config/dev/database.php - - -Error Log Configuration -_______________________ - -Error log configuration is on file *app/config/log.php* but could be -overridden per environment such as *app/config/dev/log.php* , here you -set two variables: - -* to_email : The receiver of the error log email. -* from_email: The sender of the error log email. - - -Recaptcha Configuration -_______________________ - -OpenstackId server uses recaptcha facility to discourage brute force -attacks attempts on login page, so in order to work properly recaptcha -plugin must be provided with a public and a private key -(http://www.google.com/recaptcha). These keys are set on file -*app/config/packages/greggilbert/recaptcha/config.php*, but also -could be set per environment using following directory structure -*app/config/packages/greggilbert/recaptcha/dev/config.php*. - -Installation -____________ - -OpenstackId Server uses composer utility in order to install all -needed dependencies. After you get the source code from git, you must -run following commands on application root directory: - -* curl -sS https://getcomposer.org/installer | php -* php composer.phar install -* php artisan migrate --env=YOUR ENVIRONMENT -* php artisan db:seed --env=YOUR ENVIRONMENT - -** your virtual host must point to /public folder. - -Permissions -___________ - -Laravel may require one set of permissions to be configured: folders -within app/storage require write access by the web server. diff --git a/doc/source/systems.rst b/doc/source/systems.rst index f3d8f67b9c..addd112d0b 100644 --- a/doc/source/systems.rst +++ b/doc/source/systems.rst @@ -27,7 +27,6 @@ Major Systems reprepro lists wiki - openstackid storyboard kerberos afs diff --git a/hiera/common.yaml b/hiera/common.yaml index 75b752414b..181d365ec3 100644 --- a/hiera/common.yaml +++ b/hiera/common.yaml @@ -69,8 +69,6 @@ cacti_hosts: - nl04.opendev.org - ns1.opendev.org - ns2.opendev.org -- openstackid01.openstack.org -- openstackid.org - paste.openstack.org - puppetmaster.openstack.org - meetpad.opendev.org diff --git a/inventory/base/hosts.yaml b/inventory/base/hosts.yaml index d87fed21c0..c647feb0bf 100644 --- a/inventory/base/hosts.yaml +++ b/inventory/base/hosts.yaml @@ -590,20 +590,6 @@ all: region_name: ca-ymq-1 public_v4: 162.253.55.16 public_v6: 2604:e100:1:0:f816:3eff:fe2c:7447 - openstackid-dev01.openstack.org: - ansible_host: 104.130.246.14 - location: - cloud: openstackci-rax - region_name: DFW - public_v4: 104.130.246.14 - public_v6: 2001:4800:7819:103:be76:4eff:fe04:8719 - openstackid01.openstack.org: - ansible_host: 104.130.159.12 - location: - cloud: openstackci-rax - region_name: DFW - public_v4: 104.130.159.12 - public_v6: 2001:4800:7818:102:be76:4eff:fe04:673f paste01.opendev.org: ansible_host: 104.130.127.175 location: diff --git a/inventory/service/groups.yaml b/inventory/service/groups.yaml index 2afc3087d1..be39e25878 100644 --- a/inventory/service/groups.yaml +++ b/inventory/service/groups.yaml @@ -43,7 +43,6 @@ groups: control-plane-clouds: - bridge.openstack.org disabled: - - idp.openstackid.org - wiki-dev01.openstack.org - wiki-upgrade-test.openstack.org dns: @@ -94,7 +93,6 @@ groups: - meetpad[0-9]*.opendev.org - mirror[0-9]*.opendev.org - nb[0-9]*.opendev.org - - openstackid[0-9]*.openstack.org - paste[0-9]*.opendev.org - refstack[0-9]*.openstack.org - review[0-9]*.opendev.org @@ -124,11 +122,6 @@ groups: - nl[0-9]*.open*.org ns: - ns[0-9]*.open*.org - openstackid-dev: - - openstackid-dev*.openstack.org - openstackid: - - openstackid.org - - openstackid[0-9]*.openstack.org paste: - paste[0-9]*.opendev.org puppet: @@ -138,9 +131,6 @@ groups: - health[0-9]*.openstack.org - logstash-worker[0-9]*.open*.org - logstash[0-9]*.open*.org - - openstackid-dev*.openstack.org - - openstackid.org - - openstackid[0-9]*.openstack.org - status*.open*.org - storyboard-dev[0-9]*.opendev.org - storyboard[0-9]*.opendev.org @@ -156,8 +146,6 @@ groups: - health[0-9]*.openstack.org - logstash-worker[0-9]*.open*.org - logstash[0-9]*.open*.org - - openstackid[0-9]*.openstack.org - - openstackid-dev[0-9]*.openstack.org - status*.open*.org - storyboard[0-9]*.opendev.org - storyboard-dev[0-9]*.opendev.org @@ -200,9 +188,6 @@ groups: - health[0-9]*.openstack.org - nb[0-9]*.opendev.org - nl[0-9]*.open*.org - - openstackid-dev*.openstack.org - - openstackid.org - - openstackid[0-9]*.openstack.org - paste[0-9]*.opendev.org - refstack[0-9]*.openstack.org - static[0-9]*.opendev.org diff --git a/inventory/service/host_vars/openstackid01.openstack.org.yaml b/inventory/service/host_vars/openstackid01.openstack.org.yaml deleted file mode 100644 index b355a565ce..0000000000 --- a/inventory/service/host_vars/openstackid01.openstack.org.yaml +++ /dev/null @@ -1,4 +0,0 @@ -letsencrypt_certs: - openstackid01-openstack-org-main: - - openstackid.org - - www.openstackid.org diff --git a/manifests/site.pp b/manifests/site.pp index f4fd37aa50..aef839e3ad 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -203,109 +203,6 @@ node /^status\d*\.open.*\.org$/ { } } -# Node-OS: xenial -node /^openstackid\d*(\.openstack)?\.org$/ { - $group = "openstackid" - class { 'openstack_project::openstackid_prod': - site_admin_password => hiera('openstackid_site_admin_password'), - id_mysql_host => hiera('openstackid_id_mysql_host', 'localhost'), - id_mysql_password => hiera('openstackid_id_mysql_password'), - id_mysql_user => hiera('openstackid_id_mysql_user', 'username'), - id_db_name => hiera('openstackid_id_db_name'), - redis_password => hiera('openstackid_redis_password'), - ssl_cert_file => '/etc/letsencrypt-certs/openstackid.org/openstackid.org.cer', - ssl_key_file => '/etc/letsencrypt-certs/openstackid.org/openstackid.org.key', - ssl_chain_file => '/etc/letsencrypt-certs/openstackid.org/ca.cer', - id_recaptcha_public_key => hiera('openstackid_recaptcha_public_key'), - id_recaptcha_private_key => hiera('openstackid_recaptcha_private_key'), - vhost_name => 'openstackid.org', - session_cookie_domain => 'openstackid.org', - serveradmin => 'webmaster@openstackid.org', - canonicalweburl => 'https://openstackid.org/', - app_url => 'https://openstackid.org', - app_key => hiera('openstackid_app_key'), - id_log_error_to_email => 'openstack@tipit.net', - id_log_error_from_email => 'noreply@openstack.org', - email_driver => 'sendgrid', - email_send_grid_api_key => hiera('openstackid_send_grid_api_key'), - php_version => 7, - mysql_ssl_enabled => true, - mysql_ssl_ca_file_contents => hiera('openstackid_mysql_ssl_ca_file_contents'), - mysql_ssl_client_key_file_contents => hiera('openstackid_mysql_ssl_client_key_file_contents'), - mysql_ssl_client_cert_file_contents => hiera('openstackid_mysql_ssl_client_cert_file_contents'), - user_spam_processor_to => hiera('openstackid_user_spam_processor_to'), - message_broker_exchange_name => 'message-broker', - message_broker_host => hiera('openstackid_message_broker_host'), - message_broker_port => 5671, - message_broker_vhost => 'databus', - message_broker_login => hiera('openstackid_message_broker_login'), - message_broker_password => hiera('openstackid_message_broker_password'), - message_broker_ssl_enabled => true, - message_broker_ssl_ca_file_contents => hiera('openstackid_message_broker_ssl_ca_file_contents'), - message_broker_ssl_client_cert_file_contents => hiera('openstackid_message_broker_ssl_client_cert_file_contents'), - message_broker_ssl_client_key_file_contents => hiera('openstackid_message_broker_ssl_client_key_file_contents'), - message_broker_enabled => true, - cloud_storage_base_url => hiera('openstackid_cloud_storage_base_url'), - cloud_storage_auth_url => 'https://auth.vexxhost.net/v3', - cloud_storage_app_credential_id => hiera('openstackid_cloud_storage_app_credential_id'), - cloud_storage_app_credential_secret => hiera('openstackid_cloud_storage_app_credential_secret'), - cloud_storage_project_name => hiera('openstackid_cloud_storage_project_name'), - cloud_storage_region => 'ca-ymq-1', - cloud_storage_container => 'idp-osf', - } -} - -# Node-OS: xenial -node /^openstackid-dev\d*\.openstack\.org$/ { - $group = "openstackid-dev" - class { 'openstack_project::openstackid_dev': - site_admin_password => hiera('openstackid_dev_site_admin_password'), - id_mysql_host => hiera('openstackid_dev_id_mysql_host', 'localhost'), - id_mysql_password => hiera('openstackid_dev_id_mysql_password'), - id_mysql_user => hiera('openstackid_dev_id_mysql_user', 'username'), - redis_password => hiera('openstackid_dev_redis_password'), - ssl_cert_file_contents => hiera('openstackid_dev_ssl_cert_file_contents'), - ssl_key_file_contents => hiera('openstackid_dev_ssl_key_file_contents'), - ssl_chain_file_contents => hiera('openstackid_dev_ssl_chain_file_contents'), - id_recaptcha_public_key => hiera('openstackid_dev_recaptcha_public_key'), - id_recaptcha_private_key => hiera('openstackid_dev_recaptcha_private_key'), - vhost_name => 'openstackid-dev.openstack.org', - session_cookie_domain => 'openstackid-dev.openstack.org', - serveradmin => 'webmaster@openstackid-dev.openstack.org', - canonicalweburl => 'https://openstackid-dev.openstack.org/', - app_url => 'https://openstackid-dev.openstack.org', - app_key => hiera('openstackid_dev_app_key'), - id_log_error_to_email => 'openstack@tipit.net', - id_log_error_from_email => 'noreply@openstack.org', - email_driver => 'sendgrid', - email_send_grid_api_key => hiera('openstackid_dev_send_grid_api_key'), - php_version => 7, - mysql_ssl_enabled => true, - mysql_ssl_ca_file_contents => hiera('openstackid_dev_mysql_ssl_ca_file_contents'), - mysql_ssl_client_key_file_contents => hiera('openstackid_dev_mysql_ssl_client_key_file_contents'), - mysql_ssl_client_cert_file_contents => hiera('openstackid_dev_mysql_ssl_client_cert_file_contents'), - user_spam_processor_to => hiera('openstackid_dev_user_spam_processor_to'), - message_broker_exchange_name => 'message-broker', - message_broker_host => hiera('openstackid_dev_message_broker_host'), - message_broker_port => 5671, - message_broker_vhost => 'databus', - message_broker_login => hiera('openstackid_dev_message_broker_login'), - message_broker_password => hiera('openstackid_dev_message_broker_password'), - message_broker_ssl_enabled => true, - message_broker_ssl_ca_file_contents => hiera('openstackid_dev_message_broker_ssl_ca_file_contents'), - message_broker_ssl_client_cert_file_contents => hiera('openstackid_dev_message_broker_ssl_client_cert_file_contents'), - message_broker_ssl_client_key_file_contents => hiera('openstackid_dev_message_broker_ssl_client_key_file_contents'), - message_broker_enabled => true, - cloud_storage_base_url => hiera('openstackid_dev_cloud_storage_base_url'), - cloud_storage_auth_url => 'https://auth.vexxhost.net/v3', - cloud_storage_app_credential_id => hiera('openstackid_dev_cloud_storage_app_credential_id'), - cloud_storage_app_credential_secret => hiera('openstackid_dev_cloud_storage_app_credential_secret'), - cloud_storage_project_name => hiera('openstackid_dev_cloud_storage_project_name'), - cloud_storage_region => 'ca-ymq-1', - cloud_storage_container => 'idp-osf', - } -} - # Node-OS: xenial node /^translate\d+\.open.*\.org$/ { $group = "translate" diff --git a/modules.env b/modules.env index bc2255f3b1..2e6fde2489 100644 --- a/modules.env +++ b/modules.env @@ -72,7 +72,6 @@ INTEGRATION_MODULES["$OPENSTACK_GIT_ROOT/opendev/puppet-mediawiki"]="origin/mast INTEGRATION_MODULES["$OPENSTACK_GIT_ROOT/opendev/puppet-meetbot"]="origin/master" INTEGRATION_MODULES["$OPENSTACK_GIT_ROOT/opendev/puppet-mysql_backup"]="origin/master" INTEGRATION_MODULES["$OPENSTACK_GIT_ROOT/opendev/puppet-openstack_health"]="origin/master" -INTEGRATION_MODULES["$OPENSTACK_GIT_ROOT/opendev/puppet-openstackid"]="origin/master" INTEGRATION_MODULES["$OPENSTACK_GIT_ROOT/opendev/puppet-pgsql_backup"]="origin/master" INTEGRATION_MODULES["$OPENSTACK_GIT_ROOT/opendev/puppet-pip"]="origin/master" INTEGRATION_MODULES["$OPENSTACK_GIT_ROOT/opendev/puppet-project_config"]="origin/master" diff --git a/modules/openstack_project/manifests/openstackid_dev.pp b/modules/openstack_project/manifests/openstackid_dev.pp deleted file mode 100644 index 1d1fe4879a..0000000000 --- a/modules/openstack_project/manifests/openstackid_dev.pp +++ /dev/null @@ -1,185 +0,0 @@ -# Copyright 2013 OpenStack Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# openstackid idp(sso-openid) dev server -# -class openstack_project::openstackid_dev ( - $site_admin_password = '', - $id_mysql_host = '', - $id_mysql_user = '', - $id_mysql_password = '', - $id_db_name = 'openstackid_dev', - $redis_port = '6378', - $redis_max_memory = '1gb', - $redis_bind = '127.0.0.1', - $redis_password = '', - $redis_version = '2.8.4', - $id_recaptcha_public_key = '', - $id_recaptcha_private_key = '', - $id_recaptcha_template = '', - $id_log_error_to_email = '', - $id_log_error_from_email = '', - $id_environment = 'dev', - $ssl_cert_file_contents = '', - $ssl_key_file_contents = '', - $ssl_chain_file_contents = '', - $vhost_name = '', - $serveradmin = '', - $canonicalweburl = '', - $session_cookie_domain = '', - $app_url = '', - $app_key = '', - $email_driver = 'mail', - $email_send_grid_api_key = '', - $email_smtp_server = 'smtp.mailgun.org', - $email_smtp_server_port = 587, - $email_smtp_server_user = '', - $email_smtp_server_password = '', - $laravel_version = 5, - $app_log_level = 'debug', - $app_log_email_level = 'error', - $db_log_enabled = false, - $banning_enabled = false, - $app_debug = false, - $app_locale = 'en', - $curl_verify_ssl_cert = false, - $curl_allow_redirect = false, - $curl_timeout = 60, - $assets_base_url = 'https://devbranch.openstack.org/', - $cache_driver = 'redis', - $session_driver = 'redis', - $session_cookie_secure = false, - $php_version = 7, - $mysql_ssl_enabled = false, - $mysql_ssl_ca_file = '/etc/mysql-client-ssl/ca-cert.pem', - $mysql_ssl_ca_file_contents = '', - $mysql_ssl_client_key_file = '/etc/mysql-client-ssl/client-key.pem', - $mysql_ssl_client_key_file_contents = '', - $mysql_ssl_client_cert_file = '/etc/mysql-client-ssl/client-cert.pem', - $mysql_ssl_client_cert_file_contents = '', - $user_spam_processor_to = '', - $message_broker_exchange_name = 'message-broker', - $message_broker_host = '', - $message_broker_port = 5672, - $message_broker_vhost = 'databus', - $message_broker_login = '', - $message_broker_password = '', - $message_broker_ssl_enabled = false, - $message_broker_ssl_ca_file = '/etc/rabbitmq-client-ssl/ca-cert.pem', - $message_broker_ssl_ca_file_contents = '', - $message_broker_ssl_client_cert_file = '/etc/rabbitmq-client-ssl/client-cert.pem', - $message_broker_ssl_client_cert_file_contents = '', - $message_broker_ssl_client_key_file = '/etc/rabbitmq-client-ssl/client-key.pem', - $message_broker_ssl_client_key_file_contents = '', - $message_broker_enabled = false, - $cloud_storage_base_url = '', - $cloud_storage_auth_url = '', - $cloud_storage_app_credential_id = '', - $cloud_storage_app_credential_secret = '', - $cloud_storage_project_name = '', - $cloud_storage_region = '', - $cloud_storage_container = '', -) { - - class { 'openstack_project::server': } - - class { 'openstackid': - site_admin_password => $site_admin_password, - id_mysql_host => $id_mysql_host, - id_mysql_user => $id_mysql_user, - id_mysql_password => $id_mysql_password, - id_db_name => $id_db_name, - redis_port => $redis_port, - redis_host => $redis_bind, - redis_password => $redis_password, - id_recaptcha_public_key => $id_recaptcha_public_key, - id_recaptcha_private_key => $id_recaptcha_private_key, - id_recaptcha_template => $id_recaptcha_template, - id_log_error_to_email => $id_log_error_to_email, - id_log_error_from_email => $id_log_error_from_email, - id_environment => $id_environment, - ssl_cert_file => "/etc/ssl/certs/${::fqdn}.pem", - ssl_key_file => "/etc/ssl/private/${::fqdn}.key", - ssl_chain_file => '/etc/ssl/certs/intermediate.pem', - ssl_cert_file_contents => $ssl_cert_file_contents, - ssl_key_file_contents => $ssl_key_file_contents, - ssl_chain_file_contents => $ssl_chain_file_contents, - vhost_name => $vhost_name, - serveradmin => $serveradmin, - canonicalweburl => $canonicalweburl, - session_cookie_domain => $session_cookie_domain, - app_url => $app_url, - app_key => $app_key, - email_driver => $email_driver, - email_send_grid_api_key => $email_send_grid_api_key, - email_smtp_server => $email_smtp_server, - email_smtp_server_port => $email_smtp_server_port, - email_smtp_server_user => $email_smtp_server_user, - email_smtp_server_password => $email_smtp_server_password, - laravel_version => $laravel_version, - app_log_level => $app_log_level, - app_log_email_level => $app_log_email_level, - db_log_enabled => $db_log_enabled, - banning_enabled => $banning_enabled, - app_debug => $app_debug, - app_locale => $app_locale, - curl_verify_ssl_cert => $curl_verify_ssl_cert, - curl_allow_redirect => $curl_allow_redirect, - curl_timeout => $curl_timeout, - assets_base_url => $assets_base_url, - cache_driver => $cache_driver, - session_driver => $session_driver, - session_cookie_secure => $session_cookie_secure, - php_version => $php_version, - mysql_ssl_enabled => $mysql_ssl_enabled, - mysql_ssl_ca_file => $mysql_ssl_ca_file, - mysql_ssl_ca_file_contents => $mysql_ssl_ca_file_contents, - mysql_ssl_client_key_file => $mysql_ssl_client_key_file, - mysql_ssl_client_key_file_contents => $mysql_ssl_client_key_file_contents, - mysql_ssl_client_cert_file => $mysql_ssl_client_cert_file, - mysql_ssl_client_cert_file_contents => $mysql_ssl_client_cert_file_contents, - user_spam_processor_to => $user_spam_processor_to, - message_broker_exchange_name => $message_broker_exchange_name, - message_broker_host => $message_broker_host, - message_broker_port => $message_broker_port, - message_broker_vhost => $message_broker_vhost, - message_broker_login => $message_broker_login, - message_broker_password => $message_broker_password, - message_broker_ssl_enabled => $message_broker_ssl_enabled, - message_broker_ssl_ca_file => $message_broker_ssl_ca_file, - message_broker_ssl_ca_file_contents => $message_broker_ssl_ca_file_contents, - message_broker_ssl_client_cert_file => $message_broker_ssl_client_cert_file, - message_broker_ssl_client_cert_file_contents => $message_broker_ssl_client_cert_file_contents, - message_broker_ssl_client_key_file => $message_broker_ssl_client_key_file, - message_broker_ssl_client_key_file_contents => $message_broker_ssl_client_key_file_contents, - message_broker_enabled => $message_broker_enabled, - cloud_storage_base_url => $cloud_storage_base_url, - cloud_storage_auth_url => $cloud_storage_auth_url, - cloud_storage_app_credential_id => $cloud_storage_app_credential_id, - cloud_storage_app_credential_secret => $cloud_storage_app_credential_secret, - cloud_storage_project_name => $cloud_storage_project_name, - cloud_storage_region => $cloud_storage_region, - cloud_storage_container => $cloud_storage_container, - } - - # redis (custom module written by tipit) - class { 'redis': - redis_port => $redis_port, - redis_max_memory => $redis_max_memory, - redis_bind => $redis_bind, - redis_password => $redis_password, - version => $redis_version , - } - -} diff --git a/modules/openstack_project/manifests/openstackid_prod.pp b/modules/openstack_project/manifests/openstackid_prod.pp deleted file mode 100644 index 3edab3c156..0000000000 --- a/modules/openstack_project/manifests/openstackid_prod.pp +++ /dev/null @@ -1,197 +0,0 @@ -# Copyright 2013 OpenStack Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# openstackid idp(sso-openid) server -# -class openstack_project::openstackid_prod ( - $site_admin_password = '', - $id_mysql_host = '', - $id_mysql_user = '', - $id_mysql_password = '', - $id_db_name = '', - $redis_port = '6378', - $redis_max_memory = '1gb', - $redis_bind = '127.0.0.1', - $redis_password = '', - $redis_version = '2.8.4', - $id_recaptcha_public_key = '', - $id_recaptcha_private_key = '', - $id_recaptcha_template = '', - $id_log_error_to_email = '', - $id_log_error_from_email = '', - $id_environment = 'production', - $ssl_cert_file = "/etc/ssl/certs/${::fqdn}.pem", - $ssl_key_file = "/etc/ssl/private/${::fqdn}.key", - $ssl_chain_file = '/etc/ssl/certs/intermediate.pem', - $ssl_cert_file_contents = '', - $ssl_key_file_contents = '', - $ssl_chain_file_contents = '', - $vhost_name = '', - $serveradmin = '', - $canonicalweburl = '', - $session_cookie_domain = '', - $release = '3.0.18', - $app_url = '', - $app_key = '', - $email_driver = 'mail', - $email_send_grid_api_key = '', - $email_smtp_server = 'smtp.mailgun.org', - $email_smtp_server_port = 587, - $email_smtp_server_user = '', - $email_smtp_server_password = '', - $laravel_version = 5, - $app_log_level = 'error', - $app_log_email_level = 'error', - $db_log_enabled = false, - $banning_enabled = true, - $app_debug = false, - $app_locale = 'en', - $curl_verify_ssl_cert = true, - $curl_allow_redirect = false, - $curl_timeout = 60, - $assets_base_url = 'https://www.openstack.org/', - $cache_driver = 'redis', - $session_driver = 'redis', - $session_cookie_secure = false, - $php_version = 7, - $mysql_ssl_enabled = false, - $mysql_ssl_ca_file = '/etc/mysql-client-ssl/ca-cert.pem', - $mysql_ssl_ca_file_contents = '', - $mysql_ssl_client_key_file = '/etc/mysql-client-ssl/client-key.pem', - $mysql_ssl_client_key_file_contents = '', - $mysql_ssl_client_cert_file = '/etc/mysql-client-ssl/client-cert.pem', - $mysql_ssl_client_cert_file_contents = '', - $user_spam_processor_to = '', - $message_broker_exchange_name = 'message-broker', - $message_broker_host = '', - $message_broker_port = 5672, - $message_broker_vhost = 'databus', - $message_broker_login = '', - $message_broker_password = '', - $message_broker_ssl_enabled = false, - $message_broker_ssl_ca_file = '/etc/rabbitmq-client-ssl/ca-cert.pem', - $message_broker_ssl_ca_file_contents = '', - $message_broker_ssl_client_cert_file = '/etc/rabbitmq-client-ssl/client-cert.pem', - $message_broker_ssl_client_cert_file_contents = '', - $message_broker_ssl_client_key_file = '/etc/rabbitmq-client-ssl/client-key.pem', - $message_broker_ssl_client_key_file_contents = '', - $message_broker_enabled = false, - $cloud_storage_base_url = '', - $cloud_storage_auth_url = '', - $cloud_storage_app_credential_id = '', - $cloud_storage_app_credential_secret = '', - $cloud_storage_project_name = '', - $cloud_storage_region = '', - $cloud_storage_container = '', -) { - - class { 'openstack_project::server': } - - class { 'openstackid': - site_admin_password => $site_admin_password, - id_mysql_host => $id_mysql_host, - id_mysql_user => $id_mysql_user, - id_mysql_password => $id_mysql_password, - id_db_name => $id_db_name, - redis_port => $redis_port, - redis_host => $redis_bind, - redis_password => $redis_password, - id_recaptcha_public_key => $id_recaptcha_public_key, - id_recaptcha_private_key => $id_recaptcha_private_key, - id_recaptcha_template => $id_recaptcha_template, - id_log_error_to_email => $id_log_error_to_email, - id_log_error_from_email => $id_log_error_from_email, - id_environment => $id_environment, - ssl_cert_file => $ssl_cert_file, - ssl_key_file => $ssl_key_file, - ssl_chain_file => $ssl_chain_file, - ssl_cert_file_contents => $ssl_cert_file_contents, - ssl_key_file_contents => $ssl_key_file_contents, - ssl_chain_file_contents => $ssl_chain_file_contents, - vhost_name => $vhost_name, - serveradmin => $serveradmin, - canonicalweburl => $canonicalweburl, - session_cookie_domain => $session_cookie_domain, - openstackid_release => $release, - app_url => $app_url, - app_key => $app_key, - app_version => $release, - email_driver => $email_driver, - email_send_grid_api_key => $email_send_grid_api_key, - email_smtp_server => $email_smtp_server, - email_smtp_server_port => $email_smtp_server_port, - email_smtp_server_user => $email_smtp_server_user, - email_smtp_server_password => $email_smtp_server_password, - laravel_version => $laravel_version, - app_log_level => $app_log_level, - app_log_email_level => $app_log_email_level, - db_log_enabled => $db_log_enabled, - banning_enabled => $banning_enabled, - app_debug => $app_debug, - app_locale => $app_locale, - curl_verify_ssl_cert => $curl_verify_ssl_cert, - curl_allow_redirect => $curl_allow_redirect, - curl_timeout => $curl_timeout, - assets_base_url => $assets_base_url, - cache_driver => $cache_driver, - session_driver => $session_driver, - session_cookie_secure => $session_cookie_secure, - php_version => $php_version, - mysql_ssl_enabled => $mysql_ssl_enabled, - mysql_ssl_ca_file => $mysql_ssl_ca_file, - mysql_ssl_ca_file_contents => $mysql_ssl_ca_file_contents, - mysql_ssl_client_key_file => $mysql_ssl_client_key_file, - mysql_ssl_client_key_file_contents => $mysql_ssl_client_key_file_contents, - mysql_ssl_client_cert_file => $mysql_ssl_client_cert_file, - mysql_ssl_client_cert_file_contents => $mysql_ssl_client_cert_file_contents, - user_spam_processor_to => $user_spam_processor_to, - message_broker_exchange_name => $message_broker_exchange_name, - message_broker_host => $message_broker_host, - message_broker_port => $message_broker_port, - message_broker_vhost => $message_broker_vhost, - message_broker_login => $message_broker_login, - message_broker_password => $message_broker_password, - message_broker_ssl_enabled => $message_broker_ssl_enabled, - message_broker_ssl_ca_file => $message_broker_ssl_ca_file, - message_broker_ssl_ca_file_contents => $message_broker_ssl_ca_file_contents, - message_broker_ssl_client_cert_file => $message_broker_ssl_client_cert_file, - message_broker_ssl_client_cert_file_contents => $message_broker_ssl_client_cert_file_contents, - message_broker_ssl_client_key_file => $message_broker_ssl_client_key_file, - message_broker_ssl_client_key_file_contents => $message_broker_ssl_client_key_file_contents, - message_broker_enabled => $message_broker_enabled, - cloud_storage_base_url => $cloud_storage_base_url, - cloud_storage_auth_url => $cloud_storage_auth_url, - cloud_storage_app_credential_id => $cloud_storage_app_credential_id, - cloud_storage_app_credential_secret => $cloud_storage_app_credential_secret, - cloud_storage_project_name => $cloud_storage_project_name, - cloud_storage_region => $cloud_storage_region, - cloud_storage_container => $cloud_storage_container, - } - - # redis (custom module written by tipit) - class { 'redis': - redis_port => $redis_port, - redis_max_memory => $redis_max_memory, - redis_bind => $redis_bind, - redis_password => $redis_password, - version => $redis_version , - } - - mysql_backup::backup_remote { $id_db_name: - database_host => $id_mysql_host, - database_user => $id_mysql_user, - database_password => $id_mysql_password, - } - -} diff --git a/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml b/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml index f2bfe40990..1762fd73bf 100644 --- a/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml +++ b/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml @@ -246,9 +246,6 @@ - name: letsencrypt updated ethercalc02-openstack-org-main include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml -- name: letsencrypt updated openstackid01-openstack-org-main - include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml - - name: letsencrypt updated storyboard01-opendev-org-main include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml diff --git a/zuul.d/puppet.yaml b/zuul.d/puppet.yaml index 81ee2f9d8d..997aed2164 100644 --- a/zuul.d/puppet.yaml +++ b/zuul.d/puppet.yaml @@ -27,7 +27,6 @@ - opendev/puppet-meetbot - opendev/puppet-mysql_backup - opendev/puppet-openstack_health - - opendev/puppet-openstackid - opendev/puppet-openstack_infra_spec_helper - opendev/puppet-pgsql_backup - opendev/puppet-pip @@ -97,7 +96,6 @@ - opendev/puppet-mysql_backup - opendev/puppet-meetbot - opendev/puppet-pip - - opendev/puppet-openstackid - opendev/puppet-project_config - opendev/puppet-ethercalc - opendev/puppet-httpd