Goodbye luna

https://lists.archlinux.org/pipermail/arch-dev-public/2021-July/030471.html Fix #86

Goodbye luna
79f7d599 · Kristian Klausen · bb5ce6ef · 79f7d599 · 79f7d599 · 79f7d599
Commit 79f7d599 authored 3 years ago by Kristian Klausen
--- a/docs/servers.md
+++ b/docs/servers.md
@@ -10,12 +10,11 @@
  - sources (sources.archlinux.org)
  - archive (archive.archlinux.org)

-## luna
+## lists.archlinux.org

 ### Services

  - mailman
-  - projects (projects.archlinux.org)

 ## archlinux.org


--- a/docs/ssh-hostkeys.txt
+++ b/docs/ssh-hostkeys.txt
@@ -163,17 +163,6 @@
 256 MD5:3c:91:d8:b0:4b:5c:36:40:79:27:8a:c7:24:d6:26:af root@archlinux-packer (ED25519)
 3072 MD5:88:99:f2:47:b1:e3:3c:99:52:67:d5:d5:55:b0:af:2c root@archlinux-packer (RSA)

-# luna.archlinux.org
-1024 SHA256:9Nqu9y1LhT3L3Kd6J9CSyuOc1AdGWo0eLsPxoc5bpaw root@alderaan (DSA)
-256 SHA256:L71Q91yHwmHPYYkJMDgj0xmUuw16qFOhJbBr1mzsiOI root@alderaan (ECDSA)
-256 SHA256:HQ03dn6EasJHNDlt51KpQpFkT3yBX83x7BoIkA1iv2k root@alderaan.archlinux.org (ED25519)
-2048 SHA256:Ju+yWiMb/2O+gKQ9RJCDqvRg7l+Q95KFAeqM5sr6l2s root@alderaan (RSA)
-
-1024 MD5:f2:56:a9:3c:4d:f9:b7:88:7f:e4:a6:7c:eb:55:c0:15 root@alderaan (DSA)
-256 MD5:11:d1:4c:ae:9a:4f:15:06:d7:c8:0a:b4:08:02:aa:95 root@alderaan (ECDSA)
-256 MD5:1d:92:08:da:8e:a1:fb:1c:c5:65:00:c8:15:a4:87:32 root@alderaan.archlinux.org (ED25519)
-2048 MD5:c4:7f:00:d4:5e:c7:23:45:97:bb:40:ec:15:ce:7c:a9 root@alderaan (RSA)
-
 # mail.archlinux.org
 1024 SHA256:/d3MC4NoQbPSNgNebFyzNCze4HVHPhITVWy9vWdZUp4 root@archlinux-packer (DSA)
 256 SHA256:IbQnu28PPf6iZnr6DPwzITD4o2DznYMO6j0mkjZXasE root@archlinux-packer (ECDSA)

--- a/docs/ssh-known_hosts.txt
+++ b/docs/ssh-known_hosts.txt
@@ -73,11 +73,6 @@ lists.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz
 lists.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOVKwNsXUXpgNhlwPVlBRNlpvOt0U9deANS/n//nxbe1
 lists.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuKQnkGRdXyu74f92lzJcQMMDjTzVXkne/mLHiMYKQWlboIBIry3FkzyUGDLbNlZOe4PNR43D9FI0/1EjAuVV72HVQ9sidCbJR/azw3+JF8zwU1HDMOhtCNaWYNqk0DHDvHuWhL6N0duFASf+ZTKRB5Rgk3+p0FisKMCep2vJy5kHY0829INk6ORgPxYzCHCZOLEfZX0aydwscTnubKq1t9blWUdqKSm5Xq5+NEJNPKlo6TgdcBihkdAyaGnZ9KWrXycV6j0UaT/VJNuumZ9KlsvI7Xi/TVDWcLcsU/UqeEvnzUi3oRrvkADzIcoFa5/QrSRQJppKAUgjuhOuk+Px38IIvRdrwDxDoChei+qU8S2O24PP7Cu4oYZ/ecGb8wJleEWVVaYrD5JTEugg0iTe2t0LJiP6rTC1faxErZ9wru18nGNWYR2b+b1MfBzppAoikZUoqygKYYLAerHj3B9wFmw2RJG8JFZ95lMukJmDG8kCYz7eq753PYAAmpFZbdZU=

-# luna.archlinux.org
-luna.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOZAVWmj2k+dHTfyum7FyIivGcVUkDFHaXmPNxDwF7l8TvkAN8VDQJHEEGJhALMYtNsQ+kt0gksSh4HZqj9n5hI=
-luna.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM2DCBtPSTwWvBU3/3bAYwJVtnAmy+GEJf98Ek5QhOXh
-luna.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDErOc9MQyj8vf20sZrcVOU+bxfa6B0DVl28pUdG+03seGM+bTVT84HnCcKwz7iASvGSJSAWfzYUQa6Gq8JuDWATd419L8Rtou0UEoK30c9oprGfCmB4extsFkEpMDihnvpUyK/qwBukCY8WxRx9MsZAVgmyQSt3ibBrExnm0+RckctYlJf19/LF+W1ckzNcnbG5Yc/54W7/B2P4iCglniYZMjQpfVPALVc2Iew0GpEWj0wQbpxenPgOZWDgFcQCYxHGgCVUaBSTcbeT4CgwqI4O1+P2X/JVkdwYfD4+j99VQAlA5z+jsCsacMqRiWSu+p7urCED2VIoApg2fffwtv3
-
 # mail.archlinux.org
 mail.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFvJy2P8zOSKt3EocULHN85PVGW1AINk15+GilqUc5a79Zsy0FvWqV16fjxLRN3zIOkBvSKZMvsNadja+quEr9s=
 mail.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICTOoGxsf23f6AjIHcQQuvbTOaeIt48Y0PiBj9qlJi1H

--- a/hosts
+++ b/hosts
 [hetzner]
-luna.archlinux.org
 secure-runner1.archlinux.org
 gemini.archlinux.org

@@ -27,7 +26,6 @@ europe.mirror.pkgbuild.com
 [borg_clients]
 archlinux.org
 aur-dev.archlinux.org
-luna.archlinux.org
 state.archlinux.org
 matrix.archlinux.org
 quassel.archlinux.org
@@ -56,7 +54,6 @@ u236610.your-storagebox.de
 homedir.archlinux.org

 [mysql_servers]
-luna.archlinux.org
 bbs.archlinux.org
 bugs.archlinux.org
 aur.archlinux.org
@@ -73,7 +70,6 @@ man.archlinux.org

 [nginx]
 archlinux.org
-luna.archlinux.org
 bbs.archlinux.org
 bugs.archlinux.org
 aur.archlinux.org
@@ -131,7 +127,6 @@ bbs.archlinux.org
 build.archlinux.org
 bugs.archlinux.org
 gemini.archlinux.org
-luna.archlinux.org
 repro1.pkgbuild.com
 wiki.archlinux.org
 patchwork.archlinux.org

--- a/playbooks/luna.yml
+++ b/playbooks/luna.yml
---
-
- name: setup luna
-  hosts: luna.archlinux.org
-  remote_user: root
-  tasks:
-    - name: open firewall holes for services
-      ansible.posix.firewalld: service={{ item }} permanent=true state=enabled immediate=yes
-      with_items:
-        - http
-        - https
-        - rsyncd
-        - smtp
-        - git
-      when: configure_firewall
-      tags:
-        - firewall
-
-    - name: open firewall holes for ports
-      ansible.posix.firewalld: port={{ item }} permanent=true state=enabled immediate=yes
-      with_items:
-        - 6969/tcp
-        - 4949/tcp
-      when: configure_firewall
-      tags:
-        - firewall
-  roles:
-    - nginx
-    - rspamd
-    - { role: mariadb, mariadb_query_cache_type: '0', mariadb_innodb_file_per_table: true }
-    - { role: prometheus_exporters }
-    - { role: promtail }
--- a/roles/postfwd/templates/postfwd.cf.j2
+++ b/roles/postfwd/templates/postfwd.cf.j2
@@ -10,9 +10,7 @@
 };

 # no rate-limit for some authenticated users
-# luna is handling mailman and other services that distribute a lot of mail.
 &&NO_RATE_LIMIT_USERS {
-        sasl_username=luna
        sasl_username=aur;
 };
 id=NoRateLimit;

--- a/roles/prometheus/defaults/main.yml
+++ b/roles/prometheus/defaults/main.yml
@@ -23,7 +23,6 @@ blackbox_targets:
    - https://dev.archlinux.org
    - https://europe.archive.pkgbuild.com
    - https://europe.mirror.pkgbuild.com
-    - https://git.archlinux.org
    - https://gitlab.archlinux.org
    - https://ipxe.archlinux.org
    - https://logging.archlinux.org
@@ -45,7 +44,6 @@ blackbox_targets:
    - https://ping.archlinux.org
    - https://pkgbuild.com
    - https://planet.archlinux.org
-    - https://projects.archlinux.org
    - https://repos.archlinux.org/lastupdate
    - https://reproducible.archlinux.org
    - https://security.archlinux.org

--- a/tf-stage1/archlinux.tf
+++ b/tf-stage1/archlinux.tf
@@ -197,7 +197,7 @@ locals {
  #   - ttl (optional)
  #
  # Example:
-  # "lists" = { mx = "luna", ttl = 600 }
+  # "lists" = { mx = "lists", ttl = 600 }
  archlinux_org_mx = {
    "@"        = { mx = "mail", ttl = 600 }
    aur        = { mx = "mail", ttl = 600 }
@@ -235,10 +235,6 @@ locals {
      ipv4_address = "49.12.124.107"
      ipv6_address = "2a01:4f8:242:5614::2"
    }
-    luna = {
-      ipv4_address = "5.9.250.164"
-      ipv6_address = "2a01:4f8:160:3033::2"
-    }
    master-key = {
      ipv4_address = hcloud_server.machine["archlinux.org"].ipv4_address
      ipv6_address = hcloud_server.machine["archlinux.org"].ipv6_address
@@ -280,13 +276,11 @@ locals {
    archive       = { value = "gemini" }
    dev           = { value = "www" }
    g2kjxsblac7x  = { value = "gv-i5y6mnrelvpfiu.dv.googlehosted.com." }
-    git           = { value = "luna" }
    ipxe          = { value = "www" }
    mailman       = { value = "redirect" }
    packages      = { value = "www" }
    ping          = { value = "redirect" }
    planet        = { value = "www" }
-    projects      = { value = "luna" }
    repos         = { value = "gemini" }
    rsync         = { value = "gemini" }
    sources       = { value = "gemini" }