e66eeb8c3c
This removes ansible configuration for the linaro cloud itself and the linaro cloud mirror. This cloud is in the process of going away and having these nodes in our inventory is creating base jobs failures due to unreachable nodes. This then dominoes into not running the LE refresh job and now some certs are not getting renewed. Clean this all up so that the rest of our systems are happy. Note that we don't fully clean up the idea of an unmanaged group as there may be other locations we want to do something similar (OpenMetal perhaps?). We also don't remove the openstack clouds.yaml entries for the linaro cloud yet. It isn't entirely clear when things will go offline, but it may be as late as August 10 so we keep those credentials around as they may be useful until then. Change-Id: Idd6b455de8da2aa9901bf989b1d131f1f4533420
289 lines
12 KiB
YAML
289 lines
12 KiB
YAML
# Handlers for "letsencrypt update {{ key }}" events
|
|
#
|
|
# Note that because Ansible requires every called handler to have a
|
|
# listener, every host will need to provide a handler somehow.
|
|
#
|
|
# NOTE(ianw): as at 04/2019 it seems that something like
|
|
# listen: letsencrypt updated letsencrypt01-main-service
|
|
# doesn't actually register the handler.
|
|
#
|
|
# NOTE: import_tasks or include can not be used in handlers
|
|
# ("include_tasks" is okay).
|
|
# https://docs.ansible.com/ansible/latest/porting_guides/porting_guide_2.8.html#imports-as-handlers
|
|
|
|
- name: letsencrypt updated eavesdrop01-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated graphite02-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_graphite.yaml
|
|
|
|
- name: letsencrypt updated tarballs-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated zuul-ci-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated zuul-ci-git
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated zuul01-opendev-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated zuul02-opendev-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated insecure-ci-registry02-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_zuul_registry.yaml
|
|
|
|
- name: letsencrypt updated insecure-ci-registry99-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_zuul_registry.yaml
|
|
|
|
- name: letsencrypt updated meetpad-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_jitsi_meet.yaml
|
|
|
|
# mailman
|
|
- name: letsencrypt updated lists-openstack-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated lists-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# Static
|
|
- name: letsencrypt updated static-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-api-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-ask-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-docs-airshipit-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-ci-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-cinder-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-developer-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-devstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-docs-opendev-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-docs-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-docs-starlingx-io
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-eavesdrop-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-glance-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-git-airshipit-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-git-starlingx-io
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-git-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-git-zuul-ci-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-governance-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-horizon-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-keystone-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-meetings-opendev-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-nova-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-planet-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-service-types-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-specs-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-security-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-summit-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-swift-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-releases-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-tarballs-opendev-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-tarballs-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-zuul-ci-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-gating-dev
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# Grafana
|
|
|
|
- name: letsencrypt updated grafana01-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# Codesearch (hound)
|
|
|
|
- name: letsencrypt updated codesearch01-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# nodepool
|
|
|
|
- name: letsencrypt updated nb01-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated nb02-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated nb04-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# paste
|
|
|
|
- name: letsencrypt updated paste-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# review
|
|
|
|
- name: letsencrypt updated review02-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# refstack
|
|
|
|
- name: letsencrypt updated refstack01-openstack-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# Mirrors
|
|
- name: letsencrypt updated mirror01-iad3-openmetal-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror02-dfw-rax-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror01-iad-rax-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror02-ord-rax-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror02-bhs1-ovh-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror03-gra1-ovh-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror01-sjc1-vexxhost-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror01-ca-ymq-1-vexxhost-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror01-regionone-osuosl-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# Gate testing hosts:
|
|
- name: letsencrypt updated letsencrypt01-main-service
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/touch_file.yaml
|
|
vars:
|
|
touch_file: '/tmp/letsencrypt01-main-service.stamp'
|
|
|
|
- name: letsencrypt updated letsencrypt01-other-service
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/touch_file.yaml
|
|
vars:
|
|
touch_file: '/tmp/letsencrypt01-other-service.stamp'
|
|
|
|
- name: letsencrypt updated letsencrypt02-main-service
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/touch_file.yaml
|
|
vars:
|
|
touch_file: '/tmp/letsencrypt02-main-service.stamp'
|
|
|
|
- name: letsencrypt updated mirror01-openafs-provider-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror02-openafs-provider-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror03-openafs-provider-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror04-openafs-provider-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated gitea99-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
|
|
|
|
- name: letsencrypt updated nb01-test-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated etherpad-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated keycloak-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated storyboard01-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated tracing-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated translate01-openstack-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated ptg-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated review99-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# We split out handlers for each gitea host as handlers should be run in order
|
|
# This allows us to do a rolling restart of the gitea backends.
|
|
- name: letsencrypt updated gitea09-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
|
|
|
|
- name: letsencrypt updated gitea10-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
|
|
|
|
- name: letsencrypt updated gitea11-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
|
|
|
|
- name: letsencrypt updated gitea12-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
|
|
|
|
- name: letsencrypt updated gitea13-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
|
|
|
|
- name: letsencrypt updated gitea14-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
|