pagure-proxy: drop pagure-proxy as it's not needed anymore.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2019-07-15 20:46:15 +00:00 · 2019-07-15 20:46:15 +00:00 · 6e30ad8c76
parent 87be5ba24a
commit 6e30ad8c76
5 changed files with 0 additions and 115 deletions
--- a/inventory/group_vars/pagure_proxy
+++ b/inventory/group_vars/pagure_proxy
@ -1,23 +0,0 @@
---
-# for systems that do not match the above - specify the same parameter in
-# the host_vars/$hostname file
-
-tcp_ports: [ 22, 25, 80, 443, 9418,
-    # Used for the eventsource
-    8088,
-    # This is for the pagure public fedmsg relay
-    9940]
-
-fas_client_groups: sysadmin-noc
-
-freezes: true
-postfix_group: vpn.pagure
-
-# For the MOTD
-csi_security_category: Low
-csi_primary_contact: Fedora admins - admin@fedoraproject.org
-csi_purpose: Proxy specific ports to OSUOSL for preventing slow peering
-csi_relationship: |
-    This box proxies traffic over to pagure01.fedoraproject.org
-
-    (This is done because OSUOSL has terribly slow peering to EU)
--- a/inventory/host_vars/pagure-proxy01.fedoraproject.org
+++ b/inventory/host_vars/pagure-proxy01.fedoraproject.org
@ -1,55 +0,0 @@
---
-nm: 255.255.255.128
-gw: 152.19.134.129
-dns: 8.8.8.8
-
-custom_rules: ['-A FORWARD -j ACCEPT']
-
-nat_rules: [
-    # SSH
-    '-A PREROUTING --dst 152.19.134.147 -p tcp --dport 22 -j DNAT --to-destination 8.43.85.75:22',
-    '-A POSTROUTING -p tcp --dst 8.43.85.75 --dport 22 -j SNAT --to-source 152.19.134.147',
-    '-A OUTPUT --dst 152.19.134.147 -p tcp --dport 22 -j DNAT --to-destination 8.43.85.75:22',
-    # SMTP
-    '-A PREROUTING --dst 152.19.134.147 -p tcp --dport 25 -j DNAT --to-destination 8.43.85.75:25',
-    '-A POSTROUTING -p tcp --dst 8.43.85.75 --dport 25 -j SNAT --to-source 152.19.134.147',
-    '-A OUTPUT --dst 152.19.134.147 -p tcp --dport 25 -j DNAT --to-destination 8.43.85.75:25',
-    # web-80
-    '-A PREROUTING --dst 152.19.134.147 -p tcp --dport 80 -j DNAT --to-destination 8.43.85.75:80',
-    '-A POSTROUTING -p tcp --dst 8.43.85.75 --dport 80 -j SNAT --to-source 152.19.134.147',
-    '-A OUTPUT --dst 152.19.134.147 -p tcp --dport 80 -j DNAT --to-destination 8.43.85.75:80',
-    # web-443
-    '-A PREROUTING --dst 152.19.134.147 -p tcp --dport 443 -j DNAT --to-destination 8.43.85.75:443',
-    '-A POSTROUTING -p tcp --dst 8.43.85.75 --dport 443 -j SNAT --to-source 152.19.134.147',
-    '-A OUTPUT --dst 152.19.134.147 -p tcp --dport 443 -j DNAT --to-destination 8.43.85.75:443',
-    # 9418
-    '-A PREROUTING --dst 152.19.134.147 -p tcp --dport 9418 -j DNAT --to-destination 8.43.85.75:9418',
-    '-A POSTROUTING -p tcp --dst 8.43.85.75 --dport 9418 -j SNAT --to-source 152.19.134.147',
-    '-A OUTPUT --dst 152.19.134.147 -p tcp --dport 9418 -j DNAT --to-destination 8.43.85.75:9418',
-    # Eventsource
-    '-A PREROUTING --dst 152.19.134.147 -p tcp --dport 8088 -j DNAT --to-destination 8.43.85.75:8088',
-    '-A POSTROUTING -p tcp --dst 8.43.85.75 --dport 8088 -j SNAT --to-source 152.19.134.147',
-    '-A OUTPUT --dst 152.19.134.147 -p tcp --dport 8088 -j DNAT --to-destination 8.43.85.75:8088',
-    # Fedmsg
-    '-A PREROUTING --dst 152.19.134.147 -p tcp --dport 9940 -j DNAT --to-destination 8.43.85.75:9940',
-    '-A POSTROUTING -p tcp --dst 8.43.85.75 --dport 9940 -j SNAT --to-source 152.19.134.147',
-    '-A OUTPUT --dst 152.19.134.147 -p tcp --dport 9940 -j DNAT --to-destination 8.43.85.75:9940',
-]
-
-
-ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
-ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
-
-volgroup: /dev/vg_guests
-
-eth0_ip: 152.19.134.146
-eth0_nm: 255.255.255.128
-has_ipv6: yes
-eth0_ipv6: "2610:28:3090:3001:dead:beef:cafe:fe46"
-eth0_ipv6_gw: "2610:28:3090:3001::1"
-eth0_secondary_ip: 152.19.134.147
-
-sponsor: ibiblio
-datacenter: ibiblio
-postfix_group: vpn
-vmhost: ibiblio01.fedoraproject.org
--- a/inventory/inventory
+++ b/inventory/inventory
@ -1297,9 +1297,6 @@ pagure01.fedoraproject.org
 [pagure_stg]
 pagure-stg01.fedoraproject.org

-[pagure_proxy]
-pagure-proxy01.fedoraproject.org
-
 [twisted_buildbots]
 twisted-fedora26-1.fedorainfracloud.org
 twisted-fedora26-2.fedorainfracloud.org
--- a/master.yml
+++ b/master.yml
@ -79,7 +79,6 @@
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/os-proxies.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/packages.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/pagure.yml
- import_playbook: /srv/web/infra/ansible/playbooks/groups/pagure-proxy.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/pdc.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/people.yml
 - import_playbook: /srv/web/infra/ansible/playbooks/groups/pkgs.yml
--- a/playbooks/groups/pagure-proxy.yml
+++ b/playbooks/groups/pagure-proxy.yml
@ -1,33 +0,0 @@
- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=pagure_proxy"
-
- name: make the boxen be real for real
-  hosts: pagure_proxy
-  user: root
-  gather_facts: True
-
-  vars_files:
-   - /srv/web/infra/ansible/vars/global.yml
-   - "/srv/private/ansible/vars.yml"
-   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
-
-  roles:
-  - base
-  - rkhunter
-  - nagios_client
-  - hosts
-  - fas_client
-  - sudo
-  - collectd/base
-
-  pre_tasks:
-  - import_tasks: "{{ tasks_path }}/yumrepos.yml"
-
-  tasks:
-  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
-  - import_tasks: "{{ tasks_path }}/motd.yml"
-
-  - name: Enable ipv4_forward in sysctl
-    sysctl: name=net.ipv4.ip_forward value=1 state=present sysctl_set=yes reload=yes
-
-  handlers:
-  - import_tasks: "{{ handlers_path }}/restart_services.yml"