Skip to content
Snippets Groups Projects
Verified Commit 4e5550a8 authored by Kristian Klausen's avatar Kristian Klausen :tada:
Browse files

Decommission bugs.archlinux.org and replace it with a static copy[1]

As announced[2][3] the bugtracker has been migrated to gitlab, so
bugs.a.o can be decommissioned and replaced with a static copy[1](to
avoid link rot).

[1] https://gitlab.archlinux.org/archlinux/bugs-archive/
[2] https://archlinux.org/news/bugtracker-migration-to-gitlab-completed/
[3] https://lists.archlinux.org/hyperkitty/list/arch-dev-public@lists.archlinux.org/thread/WYXDTJ3TR2DWRQCDZK44BQDH67IDVGTS/

Fix #550
Fix #551
parent 3f483607
No related branches found
No related tags found
1 merge request!789Decommission bugs.archlinux.org and replace it with a static copy[1]
Showing
with 1 addition and 580 deletions
...@@ -26,11 +26,6 @@ ...@@ -26,11 +26,6 @@
### Services ### Services
- aurweb - aurweb
## bugs.archlinux.org
### Services
- flyspray
## bbs.archlinux.org ## bbs.archlinux.org
### Services ### Services
......
...@@ -73,12 +73,6 @@ ...@@ -73,12 +73,6 @@
256 MD5:02:38:35:e8:5c:62:dc:56:29:be:fb:1c:96:2c:17:4c root@archlinux-packer (ED25519) 256 MD5:02:38:35:e8:5c:62:dc:56:29:be:fb:1c:96:2c:17:4c root@archlinux-packer (ED25519)
3072 MD5:0a:a1:a1:44:4e:65:8b:10:f3:54:83:eb:17:41:f1:0c root@archlinux-packer (RSA) 3072 MD5:0a:a1:a1:44:4e:65:8b:10:f3:54:83:eb:17:41:f1:0c root@archlinux-packer (RSA)
# bugs.archlinux.org
1024 SHA256:c8CCzrXjPnUEi0d0B2yLzMWK935TyjzoCOdcP12BwEM root@archlinux-packer (DSA)
256 SHA256:z9CfWniDILraPxPn4e8Sao/vaAseI29KyXEhGU3sNRk root@archlinux-packer (ECDSA)
256 SHA256:ZL2RVyqM9FsvoSNqyXg9J7keN4QxRMD6+m6i4dDYkao root@archlinux-packer (ED25519)
3072 SHA256:u1iIRQp0fVyM2pgTTca/nxG/iO1QxbfR2nGhnIkohfg root@archlinux-packer (RSA)
1024 MD5:cf:10:49:2f:d2:35:99:35:59:8f:e2:54:b3:05:cb:a7 root@archlinux-packer (DSA) 1024 MD5:cf:10:49:2f:d2:35:99:35:59:8f:e2:54:b3:05:cb:a7 root@archlinux-packer (DSA)
256 MD5:d1:94:76:51:bb:7b:88:41:03:6d:12:63:a5:03:5f:58 root@archlinux-packer (ECDSA) 256 MD5:d1:94:76:51:bb:7b:88:41:03:6d:12:63:a5:03:5f:58 root@archlinux-packer (ECDSA)
256 MD5:d6:d3:a9:2e:c1:7d:69:c1:9a:21:c9:6f:30:53:e6:74 root@archlinux-packer (ED25519) 256 MD5:d6:d3:a9:2e:c1:7d:69:c1:9a:21:c9:6f:30:53:e6:74 root@archlinux-packer (ED25519)
......
...@@ -45,11 +45,6 @@ bugbuddy.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIb ...@@ -45,11 +45,6 @@ bugbuddy.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIb
bugbuddy.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDwd8YdPeQGAAlc9PsejSUvZFqnJqIclEz40BkjarQWh bugbuddy.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDwd8YdPeQGAAlc9PsejSUvZFqnJqIclEz40BkjarQWh
bugbuddy.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCmvWFNjc+wfUpsa1Zz+U/gfKW9z8ki5kgor8cO9frtyVweSEegrY8NaWKuOyTSq7jIpn+Zw49udq3QuHLpNvFolGU6T9ZVv/vVTf2a06mPAmyBMqgddFf1z4+L+1EKqQm2v4Zh6fChYGrW+ty5dnrXMIrNcPJEBLUnFeZDTPisnvri5Z0PBTG/u8kjWeZ95aKltFlXONy9GgMp3bhqMUgc08wrlrqpaFJojdHz0g2uxa4L68iSUSsCqlBNYFKx8mnDdpK2VyCVTxwooDds9fov15xV5i2OsLKZLkHm788CwrT97djaNjX32DE4uXZ2h0qdOKNi0oM8U4BFY7B8Rs/LQ++ZcX+JMiCwxMJ9l8r2vYGot88I/afI3qpR0Qwne54sws+gOHsXQS6xZWMByUmARnM/fnr+5h16Mr79XenaCGBpMogGC8+i7A4C1aPAexeGVLT5eluSPLJsMUqlYiOGt2hnI1zoyHbzJm0DYWvHTlenvGgb3icc1X1kgqEDrp8= bugbuddy.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCmvWFNjc+wfUpsa1Zz+U/gfKW9z8ki5kgor8cO9frtyVweSEegrY8NaWKuOyTSq7jIpn+Zw49udq3QuHLpNvFolGU6T9ZVv/vVTf2a06mPAmyBMqgddFf1z4+L+1EKqQm2v4Zh6fChYGrW+ty5dnrXMIrNcPJEBLUnFeZDTPisnvri5Z0PBTG/u8kjWeZ95aKltFlXONy9GgMp3bhqMUgc08wrlrqpaFJojdHz0g2uxa4L68iSUSsCqlBNYFKx8mnDdpK2VyCVTxwooDds9fov15xV5i2OsLKZLkHm788CwrT97djaNjX32DE4uXZ2h0qdOKNi0oM8U4BFY7B8Rs/LQ++ZcX+JMiCwxMJ9l8r2vYGot88I/afI3qpR0Qwne54sws+gOHsXQS6xZWMByUmARnM/fnr+5h16Mr79XenaCGBpMogGC8+i7A4C1aPAexeGVLT5eluSPLJsMUqlYiOGt2hnI1zoyHbzJm0DYWvHTlenvGgb3icc1X1kgqEDrp8=
# bugs.archlinux.org
bugs.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEYyQCHa1ojANfKHvlFbEFQ8Gxvz/iGBnnvf/G1IntEe9iJnw9b63T43dtlQyLReCs5ZeeUUDNMS9g4wSuEjudE=
bugs.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOZLeVfVnG/ShEKO+Aud/MGPEFIbkvPJ+O5M79UXK++r
bugs.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDCwWAqTR0Gr9h9MuSPkh9a97H3qNxetnpWFfUscnrTibEsf+YFr8wx7g661XAkbcb44ni23mkXQpPPYaZRXDrAg/hdcs/OxojyYAfzHjJUjNmRXF8HiGYKE6Ry08NgFw8QkcA3umk5S7po/4GH9n8LS6RKOM2qw1732ZAEowVx59Bnxn7yxdA6xoybESRCc0dcGATR75RvMpK/DO9F0lc1AQsXwABhp7COFzz3Ucd24kJGfXeXuoBqb6W8V223fVbUvn0PZgvB536MTyJT/8+hBN5SsgeXYavP0hLoRkov7IN+5kM39aHWUvySh8NDFeffOn9DdNnpoR6roZDn/KI1klAhnUbKXM7L4r2qNa26J6pb82gegvOVRx9nQooxE5TOiDtTHMqZ856DwhmD8tCfRcMYxA/YP9/aFEaZEGYOoCPVrd2Fq3wM0obaqJD+LdaLRFtk86+AgXODzBFokM7dCvGw2qr00X0+GKhKErqBRYg+WQBnC3J8KG0yyYobnvc=
# build.archlinux.org # build.archlinux.org
build.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBQbDI6+yt8T1Jmm1u30rRo4QrT66L9lewUHuVy1vkwEn1kzcyS1gSy1Ze6DkseeZEqEap3kUg3VtMUA402rsv0= build.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBQbDI6+yt8T1Jmm1u30rRo4QrT66L9lewUHuVy1vkwEn1kzcyS1gSy1Ze6DkseeZEqEap3kUg3VtMUA402rsv0=
build.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILmifn4KBLX24gBH4RwdBzYwLCSyVM1UbjGWxdtvoN1k build.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILmifn4KBLX24gBH4RwdBzYwLCSyVM1UbjGWxdtvoN1k
......
...@@ -24,7 +24,6 @@ root_ssh_keys: ...@@ -24,7 +24,6 @@ root_ssh_keys:
- key: artafinde.pub - key: artafinde.pub
- key: gromit.pub - key: gromit.pub
hosts: hosts:
- bugs.archlinux.org
- wiki.archlinux.org - wiki.archlinux.org
- man.archlinux.org - man.archlinux.org
- gitlab.archlinux.org - gitlab.archlinux.org
......
filesystem: btrfs
wireguard_address: 10.0.0.19
wireguard_public_key: Y5sWHwa/Hy6A7ga6lOU8uD/i/ZHZEBlkw2EW/CFE4ys=
$ANSIBLE_VAULT;1.1;AES256
65663465326231333435623630613266643936316265316639646332393565643866313766346236
3537343763393961653232333237353939623762636235370a613535633066643565393564633933
37383366363731323965623837343563363364316333386565633837633335303233623234633137
3433663038613537340a373439396663336163383566396335383164363338343061626432343439
64666331623135313165346637366138313362613063636362373962663232623039313261653463
38306662333366313433373136616232316634653763656139336261613063326539343962343463
32323130303764306134333136393763323733333265636436643461643639633264393466323762
39653437616632366264
...@@ -37,7 +37,6 @@ accounts.archlinux.org ...@@ -37,7 +37,6 @@ accounts.archlinux.org
archlinux.org archlinux.org
aur.archlinux.org aur.archlinux.org
bbs.archlinux.org bbs.archlinux.org
bugs.archlinux.org
gemini.archlinux.org gemini.archlinux.org
gitlab.archlinux.org gitlab.archlinux.org
homedir.archlinux.org homedir.archlinux.org
...@@ -59,7 +58,6 @@ homedir.archlinux.org ...@@ -59,7 +58,6 @@ homedir.archlinux.org
[mysql_servers] [mysql_servers]
aur.archlinux.org aur.archlinux.org
bbs.archlinux.org bbs.archlinux.org
bugs.archlinux.org
wiki.archlinux.org wiki.archlinux.org
[postgresql_servers] [postgresql_servers]
...@@ -110,7 +108,6 @@ archlinux.org ...@@ -110,7 +108,6 @@ archlinux.org
aur.archlinux.org aur.archlinux.org
bbs.archlinux.org bbs.archlinux.org
bugbuddy.archlinux.org bugbuddy.archlinux.org
bugs.archlinux.org
dashboards.archlinux.org dashboards.archlinux.org
debuginfod.archlinux.org debuginfod.archlinux.org
gluebuddy.archlinux.org gluebuddy.archlinux.org
......
- name: Setup bugs.archlinux.org
hosts: bugs.archlinux.org
remote_user: root
roles:
- { role: common }
- { role: sshd }
- { role: root_ssh }
- { role: certbot }
- { role: nginx }
- { role: mariadb }
- { role: sudo }
- { role: php7_fpm, php_extensions: ['mysqli'], zend_extensions: ['opcache'] }
- { role: flyspray }
- { role: borg_client, tags: ["borg"] }
- { role: postfix_null }
- { role: fail2ban }
- { role: prometheus_exporters }
- { role: promtail }
- { role: wireguard }
...@@ -16,7 +16,7 @@ ...@@ -16,7 +16,7 @@
delay: 10 delay: 10
- name: Upgrade and reboot all hetzner servers - name: Upgrade and reboot all hetzner servers
hosts: all,!accounts.archlinux.org,!bugs.archlinux.org,!kape_servers,!equinix_metal hosts: all,!accounts.archlinux.org,!kape_servers,!equinix_metal
max_fail_percentage: 0 max_fail_percentage: 0
serial: 20% serial: 20%
gather_facts: false gather_facts: false
......
flyspray_dir: '/srv/http/flyspray'
flyspray_commit: 'ce4a09c8cb5de0483bb9875135bd5645039765f9'
flyspray_domain: 'bugs.archlinux.org'
flyspray_nginx_conf: '/etc/nginx/nginx.d/flyspray.conf'
flyspray_user: 'flyspray'
flyspray_db: 'flyspray'
flyspray_db_host: 'localhost'
flyspray_db_user: 'flyspray'
#!/usr/bin/python
"""
url
https://bugs.archlinux.org/task/35831
post data
action: details.close
task_id: 35831
resolution_reason: 12
closure_comment: https://gitlab.archlinux.org/archlinux/netctl/issues/2
mark100: 1
"""
import argparse
import json
import requests
class Session(object):
def __init__(self, user, password):
self.user = user
self.password = password
self.login_page = 'https://bugs.archlinux.org/index.php?do=authenticate'
self.bug_url = 'https://bugs.archlinux.org/task/{}'
self.opener = requests.Session()
self.opener.headers.update({'User-agent': 'Mozilla/5.0'})
# need this twice - once to set cookies, once to log in...
self.login()
self.login()
def is_issue_closed(self, issue_id):
response = self.opener.get(self.bug_url.format(issue_id))
return '<div id="taskclosed">' in response.text
def close_issue(self, issue_id: int, gitlab_url: str):
response = self.opener.post(self.bug_url.format(issue_id), data={
"action": "details.close",
"task_id": issue_id,
"resolution_reason": 12,
"closure_comment": gitlab_url,
"mark100": 1,
})
assert response.status_code == 200
def login(self):
"handle login, populate the cookie jar"
login_data = {'user_name': self.user,
'password': self.password,
'remember_login': 'on'}
response = self.opener.get(self.login_page, params=login_data, allow_redirects=False)
return response.text
URL = 'https://bugs.archlinux.org/task/{}'
def parse_args():
parser = argparse.ArgumentParser(prog='close-flyspray-issues')
parser.add_argument('filename', help="id-mapping json file")
parser.add_argument('--username')
parser.add_argument('--password')
return parser.parse_args()
def main():
args = parse_args()
session = Session(args.username, args.password)
bugs_mapping = json.load(open(args.filename))
for flyspray_id, gitlab_url in bugs_mapping.items():
print(flyspray_id, gitlab_url)
if session.is_issue_closed(flyspray_id):
continue
session.close_issue(flyspray_id, gitlab_url)
if __name__ == "__main__":
main()
# archlinux-keyring
/task/56061 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/17;
/task/68501 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/18;
/task/37122 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/19;
/task/37123 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/20;
/task/37124 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/21;
/task/37125 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/22;
/task/37126 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/23;
/task/37127 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/24;
/task/37128 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/25;
/task/37129 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/26;
/task/38209 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/27;
/task/41524 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/28;
/task/41536 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/29;
/task/52337 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/30;
/task/52338 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/31;
/task/52766 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/32;
/task/55623 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/33;
/task/55624 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/34;
/task/55977 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/35;
/task/55978 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/36;
/task/55979 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/37;
/task/56016 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/38;
/task/57132 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/39;
/task/57133 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/40;
/task/58504 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/41;
/task/58822 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/42;
/task/58823 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/43;
/task/59639 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/44;
/task/60305 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/45;
/task/60306 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/46;
/task/60321 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/47;
/task/64099 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/48;
/task/64100 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/49;
/task/64151 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/50;
/task/64708 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/51;
/task/65081 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/52;
/task/67803 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/53;
/task/67848 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/54;
/task/68700 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/55;
/task/69078 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/56;
/task/37121 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/57;
/task/37433 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/58;
/task/38253 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/59;
/task/38941 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/60;
/task/41540 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/61;
/task/41584 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/62;
/task/42728 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/63;
/task/43443 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/64;
/task/43451 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/65;
/task/44591 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/66;
/task/44688 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/67;
/task/46710 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/68;
/task/47111 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/69;
/task/50257 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/70;
/task/50818 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/71;
/task/51814 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/72;
/task/52491 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/73;
/task/52649 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/74;
/task/53132 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/75;
/task/54158 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/76;
/task/55074 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/77;
/task/55506 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/78;
/task/55660 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/79;
/task/55726 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/80;
/task/56212 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/81;
/task/56513 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/82;
/task/56864 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/83;
/task/57452 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/84;
/task/57679 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/85;
/task/57845 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/86;
/task/59467 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/87;
/task/59544 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/88;
/task/59626 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/89;
/task/59899 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/90;
/task/60716 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/91;
/task/60753 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/92;
/task/60850 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/93;
/task/60872 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/94;
/task/60990 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/95;
/task/61152 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/96;
/task/62326 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/97;
/task/63926 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/98;
/task/63983 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/99;
/task/64131 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/100;
/task/66612 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/101;
/task/66634 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/102;
/task/66873 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/103;
/task/67255 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/104;
/task/67956 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/105;
/task/68638 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/106;
/task/68958 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/107;
/task/69192 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/108;
/task/48082 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/109;
/task/59872 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/110;
/task/63453 https://gitlab.archlinux.org/archlinux/archlinux-keyring/issues/111;
#!/usr/bin/python
from re import search
from subprocess import check_output
import sqlalchemy
REGEX = r'\[([A-Za-z0-9_-]+)\]'
packages = check_output(['/usr/bin/pacman', '-Slq']).decode().splitlines()
engine = sqlalchemy.create_engine('mysql://localhost/flyspray', connect_args={'read_default_file': '/root/.my.cnf'})
with engine.connect() as conn:
result = conn.execute("SELECT task_id,item_summary from flyspray_tasks where is_closed=0 and project_id in (1,5)")
for row in result:
m = search(REGEX, row['item_summary'])
if not m:
continue
pkgname = m.group(1)
if pkgname not in packages:
task_id = row['task_id']
print(f'Removed package {pkgname} found - https://bugs.archlinux.org/task/{task_id}')
- name: Restart php-fpm7@flyspray
service: name=php-fpm7@flyspray state=restarted
- name: Run maintenance mode
include_role:
name: maintenance
vars:
service_name: "Bugtracker"
service_domain: "{{ flyspray_domain }}"
service_alternate_domains: []
service_nginx_conf: "{{ flyspray_nginx_conf }}"
when: maintenance is defined
- name: Install git
pacman: name=git state=present
- name: Make flyspray user
user: name="{{ flyspray_user }}" shell=/bin/false home="{{ flyspray_dir }}" createhome=no
register: user_created
- name: Fix home permissions
file: state=directory owner="{{ flyspray_user }}" group="{{ flyspray_user }}" path="{{ flyspray_dir }}" mode=0755
- name: Create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ flyspray_domain }}"]
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="{{ flyspray_nginx_conf }}" owner=root group=root mode=644
notify:
- Reload nginx
when: maintenance is not defined
tags: ['nginx']
- name: Install nginx migrated-tasks.map
copy: src=migrated-tasks.map dest=/etc/nginx/maps/ owner=root group=root mode=0644
- name: Make nginx log dir
file: path=/var/log/nginx/{{ flyspray_domain }} state=directory owner=root group=root mode=0755
- name: Create setup dir with write permissions
file: state=directory owner="{{ flyspray_user }}" group="{{ flyspray_user }}" path="{{ flyspray_dir }}/setup" mode=755
when: not user_created.changed
- name: Clone flyspray repo
git:
repo: https://gitlab.archlinux.org/archlinux/flyspray.git
version: "{{ flyspray_commit }}"
dest: "{{ flyspray_dir }}"
become: true
become_user: "{{ flyspray_user }}"
register: release
- name: Take away setup dir write permissions
file: state=directory owner="{{ flyspray_user }}" group="{{ flyspray_user }}" path="{{ flyspray_dir }}/setup" mode=000
- name: Configure flyspray
template: src=flyspray.conf.php.j2 dest=/srv/http/flyspray/flyspray.conf.php owner="{{ flyspray_user }}" group="{{ flyspray_user }}" mode=0660
register: config
no_log: true
- name: Create flyspray db
mysql_db: name="{{ flyspray_db }}" login_host="{{ flyspray_db_host }}" login_password="{{ vault_mariadb_users.root }}"
register: db_created
- name: Create flyspray db user
mysql_user: name={{ flyspray_db_user }} password={{ vault_flyspray_db_password }}
login_host="{{ flyspray_db_host }}" login_password="{{ vault_mariadb_users.root }}"
priv="{{ flyspray_db }}.*:ALL"
no_log: true
- name: Configure php-fpm
template:
src=php-fpm.conf.j2 dest="/etc/php7/php-fpm.d/{{ flyspray_user }}.conf"
owner=root group=root mode=0644
notify:
- Restart php-fpm7@flyspray
- name: Install fail2ban register ban filter
template: src=fail2ban.filter.j2 dest=/etc/fail2ban/filter.d/nginx-flyspray-register.local owner=root group=root mode=0644
notify:
- Restart fail2ban
tags:
- fail2ban
- name: Install fail2ban register ban jail
template: src=fail2ban.jail.j2 dest=/etc/fail2ban/jail.d/nginx-flyspray-register.local owner=root group=root mode=0644
notify:
- Restart fail2ban
tags:
- fail2ban
- name: Start and enable systemd socket
service: name=php-fpm7@flyspray.socket state=started enabled=true
- name: Copy removed package bugs script
copy: src=removed-packages-bugs.py dest=/usr/local/bin/removed-packages-bugs.py mode=0755 owner=root group=root
[Definition]
failregex = ^<HOST> bugs.archlinux.org -.*POST /register HTTP/1\.." 200
ignoreregex =
[nginx-flyspray-register]
# bots regsiter 1 account per 10 minutes.
enabled = true
filter = nginx-flyspray-register
logpath = /var/log/nginx/bugs.archlinux.org/access.log
findtime = 14400 # 4 hours
bantime = 1d
maxretry = 20
; <?php die( 'Do not access this page directly.' ); ?>
[general]
cookiesalt="{{ vault_flyspray_cookie_salt }}"
output_buffering="on"
address_rewriting="1"
reminder_daemon="0"
passwdcrypt="md5"
doku_url="https://wiki.archlinux.org/"
syntax_plugin="none"
update_check="0"
[database]
dbtype="mysqli"
dbhost="{{ flyspray_db_host }}"
dbname="{{ flyspray_db }}"
dbuser="{{ flyspray_db_user }}"
dbpass="{{ vault_flyspray_db_password }}"
dbprefix="flyspray_"
[attachments]
zip="application/zip"
tgz="application/x-gzip"
gz="application/x-gzip"
bz2="application/x-bzip2"
png="image/png"
gif="image/gif"
jpg="image/jpeg"
jpeg="image/jpeg"
html="text/html"
xml="application/xml"
upstream flyspray {
server unix:///run/php-fpm7/flyspray.socket;
}
server {
listen 80;
listen [::]:80;
server_name {{ flyspray_domain }};
access_log /var/log/nginx/{{ flyspray_domain }}/access.log reduced;
access_log /var/log/nginx/{{ flyspray_domain }}/access.log.json json_reduced;
error_log /var/log/nginx/{{ flyspray_domain }}/error.log;
include snippets/letsencrypt.conf;
location / {
access_log off;
return 301 https://$server_name$request_uri;
}
}
map $uri $redirect {
default "";
include maps/migrated-tasks.map;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name {{ flyspray_domain }};
access_log /var/log/nginx/{{ flyspray_domain }}/access.log reduced;
access_log /var/log/nginx/{{ flyspray_domain }}/access.log.json json_reduced;
error_log /var/log/nginx/{{ flyspray_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ flyspray_domain }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ flyspray_domain }}/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/{{ flyspray_domain }}/chain.pem;
root {{ flyspray_dir }};
location /.git {
deny all;
}
location /setup/ {
deny all;
}
location /attachments/ {
location ~ \.php$ {return 403;}
}
location /cache/ {
location ~ \.php$ {return 403;}
}
location ~ ^/task/(?<task_id>[0-9]+) {
if ($redirect != "") {
return 302 $redirect;
}
rewrite ^/task/[0-9]+$ /index.php?do=details&task_id=$task_id last;
rewrite ^/task/[0-9]+/comment(?<comment_id>[0-9]+)$ /index.php?do=details&task_id=$task_id&comment=$comment_id last;
rewrite ^/task/[0-9]+/depends$ /index.php?do=depends&task_id=$task_id last;
if ( $arg_prune ~ "[0-9]+" ) {
rewrite ^ /index.php?do=depends&task_id=$task_id&prune=$arg_prune last;
}
rewrite ^/task/[0-9]+/edit$ /index.php?do=details&task_id=$task_id&edit=yep last;
}
location ~ ^/newtask {
rewrite ^/newtask$ /index.php?do=newtask last;
rewrite ^/newtask/proj(?<project_id>[0-9]+)$ /index.php?do=newtask&project=$project_id last;
}
location ~ ^/reports$ {
rewrite ^/reports$ /index.php?do=reports last;
}
location ~ ^/myprofile$ {
rewrite ^/myprofile$ /index.php?do=myprofile last;
}
location ~ ^/user/(?<user_id>[0-9]+)$ {
rewrite ^/user/[0-9]+$ /index.php?do=user&id=$user_id last;
}
location ~ ^/logout$ {
rewrite ^/logout$ /index.php?do=authenticate&logout=1 last;
}
location ~ ^/admin {
rewrite ^/admin/(?<area_id>[a-zA-Z]+)$ /index.php?do=admin&area=$area_id last;
rewrite ^/admin/editgroup/(?<group_id>[0-9]+)$ /index.php?do=admin&area=editgroup&id=$group_id last;
}
location ~ ^/pm {
rewrite ^/pm/proj(?<project_id>[0-9]+)/(?<area_id>[a-zA-Z]+)$ /index.php?do=pm&project=$project_id&area=$area_id last;
rewrite ^/pm/editgroup/(?<group_id>[0-9]+)$ /index.php?do=pm&area=editgroup&id=$group_id last;
}
location ~ ^/edituser/(?<user_id>[0-9]+)$ {
rewrite ^/edituser/[0-9]+$ /index.php?do=admin&area=users&user_id=$user_id last;
}
location ~ ^/register$ {
rewrite ^/register$ /index.php?do=register last;
}
location ~ ^/lostpw$ {
rewrite ^/lostpw$ /index.php?do=lostpw last;
}
location ~ ^/roadmap {
rewrite ^/roadmap$ /index.php?do=roadmap last;
rewrite ^/roadmap/proj(?<project_id>[0-9]+)$ /index.php?do=roadmap&project=$project_id last;
}
location ~ ^/toplevel {
rewrite ^/toplevel$ /index.php?do=toplevel last;
rewrite ^/toplevel/proj(?<project_id>[0-9]+)$ /index.php?do=toplevel&project=$project_id last;
}
location ~ ^/proj(?<project_id>[0-9]+)$ {
rewrite ^/proj[0-9]+$ /index.php?project=$project_id last;
}
location ~ ^/index$ {
rewrite ^/index$ /index.php?do=index last;
}
location ~ ^/index/proj(?<project_id>[0-9]+)$ {
rewrite ^/index/proj[0-9]+$ /index.php?do=index&project=$project_id last;
}
location ~ \.php$ {
access_log /var/log/nginx/{{ flyspray_domain }}/access.log main;
access_log /var/log/nginx/{{ flyspray_domain }}/access.log.json json_main;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
try_files $uri =404;
include fastcgi_params;
fastcgi_pass flyspray;
}
}
[global]
error_log = syslog
daemonize = no
[{{ flyspray_user }}]
listen = /run/php-fpm7/flyspray.socket
listen.owner = {{ flyspray_user }}
listen.group = http
listen.mode = 0660
pm = dynamic
pm.max_children = 30
pm.start_servers = 5
pm.min_spare_servers = 2
pm.max_spare_servers = 5
pm.max_requests = 2000
php_admin_value[open_basedir] = {{ flyspray_dir }}:/tmp
php_admin_value[opcache.memory_consumption] = 128
php_admin_value[opcache.interned_strings_buffer] = 8
php_admin_value[opcache.max_accelerated_files] = 200
php_admin_value[opcache.revalidate_freq] = 60
php_admin_value[opcache.fast_shutdown] = 1
php_admin_value[disable_functions] = virtual, dl, suexec, popen, proc_nice, proc_open, proc_terminate, exec, passthru, system, show_source, shell_exec, escapeshellcmd, escapeshellarg
php_admin_flag[allow_url_fopen] = off
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment