Merge "Serve meetings.opendev.org"

2 years ago · 4f51156785
parent d0eabc863c 270daa1b1a
commit 4f51156785
6 changed files with 53 additions and 0 deletions
--- a/inventory/service/host_vars/static01.opendev.org.yaml
+++ b/inventory/service/host_vars/static01.opendev.org.yaml
@ -41,6 +41,8 @@ letsencrypt_certs:
    - keystone.openstack.org
  static01-nova-openstack-org:
    - nova.openstack.org
+  static01-meetings-opendev-org:
+    - meetings.opendev.org
  static01-planet-openstack-org:
    - planet.openstack.org
  static01-service-types-openstack-org:
--- a/playbooks/roles/afs-release/files/release-volumes.py
+++ b/playbooks/roles/afs-release/files/release-volumes.py
@ -35,6 +35,7 @@ VOLUMES = ['docs',
           'project.airship',
           'project.governance',
           'project.opendev',
+           'project.meetings',
           'project.releases',
           'project.security',
           'project.service-types',
--- a/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml
+++ b/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml
@ -90,6 +90,9 @@
 - name: letsencrypt updated static01-keystone-openstack-org
  include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml

+- name: letsencrypt updated static01-meetings-opendev-org
+  include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
+
 - name: letsencrypt updated static01-nova-openstack-org
  include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml

--- a/playbooks/roles/static/files/50-meetings.opendev.org.conf
+++ b/playbooks/roles/static/files/50-meetings.opendev.org.conf
@ -0,0 +1,40 @@
+Define AFS_ROOT /afs/openstack.org/project/meetings.opendev.org
+
+<VirtualHost *:80>
+  ServerName meetings.opendev.org
+  RewriteEngine On
+  RewriteRule ^/(.*) https://meetings.opendev.org/$1 [last,redirect=permanent]
+  LogLevel warn
+  ErrorLog /var/log/apache2/meetings.opendev.org_error.log
+  CustomLog /var/log/apache2/meetings.opendev.org_access.log combined
+  ServerSignature Off
+</VirtualHost>
+
+<IfModule mod_ssl.c>
+<VirtualHost *:443>
+
+  ServerName meetings.opendev.org
+
+  DocumentRoot ${AFS_ROOT}
+
+  SSLCertificateFile      /etc/letsencrypt-certs/meetings.opendev.org/meetings.opendev.org.cer
+  SSLCertificateKeyFile   /etc/letsencrypt-certs/meetings.opendev.org/meetings.opendev.org.key
+  SSLCertificateChainFile /etc/letsencrypt-certs/meetings.opendev.org/ca.cer
+  SSLProtocol All -SSLv2 -SSLv3
+  # Note: this list should ensure ciphers that provide forward secrecy
+  SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!AES256:!aNULL:!eNULL:!MD5:!DSS:!PSK:!SRP
+  SSLHonorCipherOrder on
+
+  <Directory ${AFS_ROOT}>
+    Options Indexes FollowSymLinks MultiViews
+    AllowOverrideList Redirect RedirectMatch
+    Require all granted
+  </Directory>
+
+  LogLevel warn
+  ErrorLog /var/log/apache2/meetings.opendev.org_error.log
+  CustomLog /var/log/apache2/meetings.opendev.org_access.log combined
+  ServerSignature Off
+
+</VirtualHost>
+</IfModule>
--- a/playbooks/roles/static/tasks/main.yaml
+++ b/playbooks/roles/static/tasks/main.yaml
@ -92,6 +92,7 @@
    - 50-glance.openstack.org
    - 50-horizon.openstack.org
    - 50-keystone.openstack.org
+    - 50-meetings.opendev.org
    - 50-nova.openstack.org
    - 50-planet.openstack.org
    - 50-security.openstack.org
--- a/testinfra/test_static.py
+++ b/testinfra/test_static.py
@ -220,6 +220,12 @@ def test_planet_openstack_org_redirects(host):
    assert '301 Moved Permanently' in cmd.stdout
    assert 'https://opendev.org/openstack/openstack-planet' in cmd.stdout

+def test_meetings_opendev_org(host):
+    cmd = host.run('curl --insecure '
+                   '--resolve meetings.opendev.org:443:127.0.0.1 '
+                   'https://meetings.opendev.org/')
+    assert 'IRC channels and meetings' in cmd.stdout
+
 ci_redirects = (
    ('/jenkins-job-builder', 'https://docs.openstack.org/infra/jenkins-job-builder'),
    ('/nodepool', 'https://docs.openstack.org/infra/nodepool'),