Merge branch 'remove_arch32_mirror' into 'master'

Remove arch32 mirror role

See merge request !352

playbooks/mirrors.yml

@@ -11,7 +11,6 @@
     - { role: nginx }
     - { role: syncrepo, tags: ['nginx'] }
     - { role: archweb, archweb_site: false, archweb_services: false, archweb_mirrorcheck: true }
-    - { role: arch32_mirror, tags: ['nginx'] }
     - { role: prometheus_exporters }
     - { role: promtail }
     - { role: fail2ban }

roles/arch32_mirror/defaults/main.yml

----
-arch32_mirror_dir: /srv/archlinux32
-arch32_mirror_source: rsync://mirror.archlinux32.org/archlinux32
-arch32_mirror_lastupdate: https://mirror.archlinux32.org/lastupdate

roles/arch32_mirror/tasks/main.yml

----
-
-- name: create ssl cert
-  include_role:
-    name: certificate
-  vars:
-    domains: ["{{ arch32_mirror_domain }}"]
-  when: 'arch32_mirror_domain is defined'
-
-- name: install rsync
-  pacman: name=rsync state=present
-
-- name: install syncrepo script
-  template: src=syncrepo_arch32 dest=/usr/local/bin/syncrepo_arch32 owner=root group=root mode=0755
-
-- name: install syncrepo units
-  template: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
-  with_items:
-    - syncrepo_arch32.timer
-    - syncrepo_arch32.service
-
-- name: start and enable syncrepo unit
-  systemd:
-    name: syncrepo_arch32.timer
-    enabled: true
-    state: started
-    daemon_reload: true
-
-- name: make nginx log dir
-  file: path=/var/log/nginx/{{ arch32_mirror_domain }} state=directory owner=root group=root mode=0755
-
-- name: set up nginx
-  template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/syncrepo_arch32.conf owner=root group=root mode=0644
-  notify:
-    - reload nginx
-  when: 'arch32_mirror_domain is defined'
-  tags: ['nginx']

roles/arch32_mirror/templates/nginx.d.conf.j2

-server {
-    listen       80;
-    listen       [::]:80;
-    listen       443 ssl http2;
-    listen       [::]:443 ssl http2;
-    server_name  {{ arch32_mirror_domain }} pool.mirror.archlinux32.org;
-    root         {{ arch32_mirror_dir }};
-
-    access_log   /var/log/nginx/{{ arch32_mirror_domain }}/access.log reduced;
-    access_log   /var/log/nginx/{{ arch32_mirror_domain }}/access.log.json json_reduced;
-    error_log    /var/log/nginx/{{ arch32_mirror_domain }}/error.log;
-
-    include snippets/letsencrypt.conf;
-
-    ssl_certificate      /etc/letsencrypt/live/{{ arch32_mirror_domain }}/fullchain.pem;
-    ssl_certificate_key  /etc/letsencrypt/live/{{ arch32_mirror_domain }}/privkey.pem;
-    ssl_trusted_certificate /etc/letsencrypt/live/{{ arch32_mirror_domain }}/chain.pem;
-
-    autoindex on;
-}

roles/arch32_mirror/templates/syncrepo_arch32

-#!/bin/bash
-
-# This is a simple mirroring script. To save bandwidth it first checks a
-# timestamp via HTTP and only runs rsync when the timestamp differs from the
-# local copy. As of 2016, a single rsync run without changes transfers roughly
-# 6MiB of data which adds up to roughly 250GiB of traffic per month when rsync
-# is run every minute. Performing a simple check via HTTP first can thus save a
-# lot of traffic.
-
-target="{{ arch32_mirror_dir }}"
-tmp="/srv/syncrepo_arch32-tmp"
-lock="/var/lock/syncrepo_arch32.lck"
-
-# NOTE: You'll probably want to change this or set it to 0 to disable the limit
-# The default unit is KiB (see man rsync /--bwlimit for more)
-bwlimit=0
-
-# NOTE: Most people reading this very likely need to change this since
-# rsync.archlinux.org requires you to be a tier 1 mirror
-source='{{ arch32_mirror_source }}'
-lastupdate_url='{{ arch32_mirror_lastupdate }}'
-
-#### END CONFIG
-
-[ ! -d "${target}" ] && mkdir -p "${target}"
-[ ! -d "${tmp}" ] && mkdir -p "${tmp}"
-
-exec 9>"${lock}"
-flock -n 9 || exit
-
-rsync_cmd() {
-	local -a cmd=(rsync -rtlH --safe-links --delete-after ${VERBOSE} "--timeout=600" "--contimeout=60" -p \
-		--delay-updates --no-motd "--temp-dir=${tmp}")
-
-	if stty &>/dev/null; then
-		cmd+=(-h -v --progress)
-	else
-		cmd+=("--info=name1")
-	fi
-
-	if ((bwlimit>0)); then
-		cmd+=("--bwlimit=$bwlimit")
-	fi
-
-	"${cmd[@]}" "$@"
-}
-
-
-# if we are called without a tty (cronjob) only run when there are changes
-if ! tty -s && [[ -f "$target/lastupdate" ]] && diff -b <(curl -s "$lastupdate_url") "$target/lastupdate" >/dev/null; then
-	# keep lastsync file in sync for statistics generated by the Arch Linux website
-	rsync_cmd "$source/lastsync" "$target/lastsync"
-	exit 0
-fi
-
-rsync_cmd \
-	--exclude='*.links.tar.gz*' \
-	--exclude='/other' \
-	--exclude='/sources' \
-	"${source}" \
-	"${target}"
-
-#echo "Last sync was $(date -d @$(cat ${target}/lastsync))"

roles/arch32_mirror/templates/syncrepo_arch32.service

-[Unit]
-Description=Synchronize archlinux32 package repository mirror
-RequiresMountsFor={{ arch32_mirror_dir }}
-
-[Service]
-Type=oneshot
-ExecStart=/usr/local/bin/syncrepo_arch32
-Nice=19
-IOSchedulingClass=best-effort
-IOSchedulingPriority=7

roles/arch32_mirror/templates/syncrepo_arch32.timer

-[Unit]
-Description=Minutely archlinux32 repository sync
-
-[Timer]
-OnCalendar=minutely
-AccuracySec=1m
-Persistent=true
-
-[Install]
-WantedBy=timers.target