system-config/playbooks/group_vars
Ian Wienand 670107045a Create opendev mirrors
This impelements mirrors to live in the opendev.org namespace.  The
implementation is Ansible native for deployment on a Bionic node.

The hostname prefix remains the same (mirrorXX.region.provider.) but
the groups.yaml splits the opendev.org mirrors into a separate group.
The matches in the puppet group are also updated so to not run puppet
on the hosts.

The kerberos and openafs client parts do not need any updating and
works on the Bionic host.

The hosts are setup to provision certificates for themselves from
letsencrypt.  Note we've added a new handler for mirror nodes to use
that restarts apache on certificate issue/renewal.

The new "mirror" role is a port of the existing puppet mirror.pp.  It
installs apache, sets up some modules, makes some symlinks, sets up a
cleanup cron job and installs the apache vhost configuration.

The vhost configuration is also ported from the extant puppet.  It is
simplified somewhat; but the biggest change is that we have extracted
the main port 80 configuration into a macro which is applied to both
port 80 and 443; i.e. the host will have SSL support.  The other ports
are left alone for now, but can be updated in due course.

Thus we should be able to CNAME the existing mirrors to new nodes, and
any existing http access can continue.  We can update our mirror setup
scripts to point to https resources as appropriate.

Change-Id: Iec576d631dd5b02f6b9fb445ee600be060f9cf1e
2019-05-21 11:08:25 +10:00
..
adns.yaml Allow DNS zone transfers from ns1/ns2.opendev.org 2019-01-02 16:31:56 +00:00
afs.yaml base-test: iptables: allow zuul console streaming 2018-08-29 09:20:42 -07:00
afsdb.yaml base-test: iptables: allow zuul console streaming 2018-08-29 09:20:42 -07:00
all.yaml Trim the openstack root list 2019-04-24 09:03:36 -07:00
ask.yaml Remove base.yaml things from openstack_project::server 2018-08-16 17:25:10 -05:00
dns.yaml master-nameserver: Add unmanaged domains; add acme.opendev.org 2019-03-27 14:22:59 +11:00
eavesdrop.yaml base-test: iptables: allow zuul console streaming 2018-08-29 09:20:42 -07:00
elasticsearch.yaml Correct iptables var names 2018-08-28 08:45:58 -07:00
firehose.yaml base-test: iptables: allow zuul console streaming 2018-08-29 09:20:42 -07:00
futureparser.yaml Use ansible group vars for futureparser flag 2018-08-16 14:02:50 -05:00
gerrit.yaml base-test: iptables: allow zuul console streaming 2018-08-29 09:20:42 -07:00
git-loadbalancer.yaml base-test: iptables: allow zuul console streaming 2018-08-29 09:20:42 -07:00
git-server.yaml base-test: iptables: allow zuul console streaming 2018-08-29 09:20:42 -07:00
gitea-lb.yaml Remove gitea06 from the gitea lb 2019-05-03 08:16:00 -07:00
gitea.yaml Run an haproxy load balancer for gitea 2019-02-22 12:54:04 -08:00
graphite.yaml Allow nb*.openstack.org to talk to graphite 2019-02-20 08:06:21 +11:00
groups.yaml Remove base.yaml things from openstack_project::server 2018-08-16 17:25:10 -05:00
kdc.yaml base-test: iptables: allow zuul console streaming 2018-08-29 09:20:42 -07:00
logstash.yaml Add ze12.openstack.org 2018-12-05 14:08:17 -08:00
mailman.yaml base-test: iptables: allow zuul console streaming 2018-08-29 09:20:42 -07:00
mirror.yaml base-test: iptables: allow zuul console streaming 2018-08-29 09:20:42 -07:00
mirror_opendev.yaml Create opendev mirrors 2019-05-21 11:08:25 +10:00
nodepool-builder.yaml Manage clouds.yaml files in ansible 2018-09-04 08:49:00 -07:00
nodepool-launcher.yaml Manage clouds.yaml files in ansible 2018-09-04 08:49:00 -07:00
nodepool.yaml Nodepool group no longer hosts zookeeper 2018-11-28 16:47:19 -08:00
ns.yaml base-test: iptables: allow zuul console streaming 2018-08-29 09:20:42 -07:00
openstackid-dev.yaml Move OpenStackID host_vars to group_vars 2019-02-05 17:19:17 +00:00
openstackid.yaml Move OpenStackID host_vars to group_vars 2019-02-05 17:19:17 +00:00
pbx.yaml base-test: iptables: allow zuul console streaming 2018-08-29 09:20:42 -07:00
puppet.yaml Be more explicit about puppet paths 2018-08-17 14:26:22 -05:00
puppet4.yaml Fix puppet 4 installations 2019-03-08 14:18:28 -08:00
registry.yaml Open port 5000 on the docker intermediate registry 2019-02-11 09:57:14 -08:00
storyboard-dev.yaml Remove base.yaml things from openstack_project::server 2018-08-16 17:25:10 -05:00
storyboard.yaml Add site name to Exim local_domains on SB server 2019-02-21 16:00:41 +00:00
webservers.yaml base-test: iptables: allow zuul console streaming 2018-08-29 09:20:42 -07:00
wiki.yaml Remove base.yaml things from openstack_project::server 2018-08-16 17:25:10 -05:00
zookeeper.yaml Add iptables role 2018-08-27 14:33:32 +00:00
zuul-executor.yaml base-test: iptables: allow zuul console streaming 2018-08-29 09:20:42 -07:00
zuul-preview.yaml Open port 80 on zuul-preview 2019-03-01 08:21:00 -08:00
zuul-scheduler.yaml Add ze12.openstack.org 2018-12-05 14:08:17 -08:00