Merge branch 'master' of arch-git:/srv/git/infrastructure

a8bdc068 · Giancarlo Razzolini · d38a7112 · a57abfef · a8bdc068 · a8bdc068
Verified Commit a8bdc068 authored Dec 30, 2019 by Giancarlo Razzolini
--- a/README.md
+++ b/README.md
@@ -165,8 +165,9 @@ The following steps should be used to update our managed servers:
 ### dragon

 #### Services
-  - build server (pkgbuild.com)
+  - build server
  - sogrep
+  - arch-boxes (packer)

 ### state.archlinux.org

@@ -178,6 +179,11 @@ The following steps should be used to update our managed servers:
 #### Services:
  - quassel core

+## homedir.archlinux.org
+
+#### Services:
+  - ~/user/ webhost
+
 ## Ansible repo workflows

 ### Replace vault password and change vaulted passwords

--- a/docs/ssh-hostkeys.txt
+++ b/docs/ssh-hostkeys.txt
@@ -218,17 +218,6 @@
 256 MD5:25:a6:b4:cb:f6:c5:27:3a:0d:c6:47:1e:2f:d5:72:db root@archlinux (ED25519)
 2048 MD5:4d:09:b7:bc:d0:af:b9:1c:b4:0d:67:88:16:c7:c0:1c root@archlinux (RSA)

-# soyuz.archlinux.org
-1024 SHA256:7i6dEbYWr2waZYiZWruAf3IDkITWPLYZAb/vuA+L+cA root@soyuz (DSA)
-256 SHA256:GHQlxoizbgrUL2ZQY7eOewIYuNzJY2aR73+7CNgdBto root@soyuz (ECDSA)
-256 SHA256:ZKKPcOJexD4KP+iCIQc5qMHuu0f1INZh9S3/K0heUdU root@soyuz (ED25519)
-2048 SHA256:UpXXVnuxzD51LphEErdSbn5s6VWRDE/j2JK7Ldes/xs root@soyuz (RSA)
-
-1024 MD5:0d:9f:83:0b:35:f2:76:9e:90:84:17:3b:24:5f:72:4c root@soyuz (DSA)
-256 MD5:0a:66:44:0f:6d:5c:c4:33:d9:31:9c:c3:22:d0:d0:63 root@soyuz (ECDSA)
-256 MD5:e0:43:1d:3c:63:ac:a7:ca:eb:b0:17:e8:ec:f3:c0:38 root@soyuz (ED25519)
-2048 MD5:89:d5:e2:5b:32:b3:65:8d:50:a9:3e:ba:79:27:2f:0a root@soyuz (RSA)
-
 # state.archlinux.org
 1024 SHA256:4oNX8CksPEgIzibu+ETa2OVVPBX2pzcvcVUa60NbHiQ root@archlinux-packer (DSA)
 256 SHA256:uR7EDdVrvkZf43eNmumOeu2MeZn4oMB39ad9kHoobkk root@archlinux-packer (ECDSA)

--- a/docs/ssh-known_hosts.txt
+++ b/docs/ssh-known_hosts.txt
@@ -98,11 +98,6 @@ sgp.mirror.pkgbuild.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD7zHY11m8025vGMmC0
 sgp.mirror.pkgbuild.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJXTkELSODheIaMAe7B4xeKaovwbEoKo0REy4KuaSRyd1CYYoOVZVsiuEGhkJqd1EsFt1xUtbWUH6GiZ/z8tkxA=
 sgp.mirror.pkgbuild.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPAALm92Bp1FUNzwMHGIBvGxP31kMTZecexdiVnflre7

-# soyuz.archlinux.org
-soyuz.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUJaeM5PQWwtsM8pwbFIO8j1haViH4aH14T7NJA/qIxhfnuvC0+hoAom78cndUR66SZ1WFjEVgbL4zhCau3zvGCD2Ca8hNPNMfHuKlB/2TDfDzzrHkSvTE+VWPXcqxL5m1V4MLaowPsBE5KaNDtslCz1HT251DX7I3qlEfH089nEBk6+hnpMSqP2svyYGoWMCBgC9EOJ2pdgF0w0WCFtoaaLyC437K667we6cE1kL5Sh7DT1sogGbCLw/IotEL2qmhEvCB2qO5IzM2MN4ACwjsyYdPO+rLJOmReG1xGmhw1KFIgiwdlWQflYDKxRxSnYLTYmlkHPngXYwGLJ3LEdS/
-soyuz.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEtDQ4lyXAUiH/Zc0goqFitPslz6b/VUThYLk/4V59qp7b95EkZaIh4YKWBJ8lMManZv3mTgS0eCyhE5PpJ8BoI=
-soyuz.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICM/0VDx+ERVilzThUQ+vbfvVgOTQaCFOovGGOdIyRJx
-
 # state.archlinux.org
 state.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCoH0lD8Je2KUktA0RWREiN9v2oIpl/kTZfXZw7LhBaJLdZorqGLI/Nu0Kzb+7Wp0RvcNi5eOpLtFctAwIEs2nEvkPHmKH70KoMBiNNzMWHK6IwTH0EdyYQzjOm4E7qWtbIdK6vSUqtLwgkfaUJ+EokJu51632hmTE2Bk0I12K93hjODmZnM7GhGmSx6h+3KrYfkCz4a2PXVpTptvTTl5t4SkFQMdioQ6k+1m2itjhhEujkewl4N6rar6jB6b4yGHlPZN5Y3lmYaQhraZwen6kuPHfjuMjtkf6lR0cqoK7FvwwrkiXcuGqS8xcVYmRsqRQdXZzLORcMSW4wjlizwQCd
 state.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFbZyVxaIdyd5f/dhPN7qGBnOSpLCYzoEqAKuakhi5ou

--- a/group_vars/all/archusers.yml
+++ b/group_vars/all/archusers.yml
@@ -231,7 +231,6 @@ arch_users:
      - name: foutrelis_buildhost.pub
        hosts:
          - dragon.archlinux.org
-          - soyuz.archlinux.org
          - sgp.mirror.pkgbuild.com
    groups:
      - dev
@@ -275,7 +274,6 @@ arch_users:
      - name: heftig_work.pub
        hosts:
          - dragon.archlinux.org
-          - soyuz.archlinux.org
      - name: heftig_dragon.pub
        hosts:
          - homedir.archlinux.org
@@ -359,10 +357,6 @@ arch_users:
  maximbaz:
    name: "Maxim Baz"
    ssh_key: maximbaz.pub
-    additional_ssh_keys:
-      - name: maximbaz_soyuz.pub
-        hosts:
-          - soyuz.archlinux.org
    groups:
      - tu
  mtorromeo:

--- a/host_vars/soyuz.archlinux.org
+++ b/host_vars/soyuz.archlinux.org
---
-hostname: "soyuz"
-
-ipv4_address: "138.201.206.85"
-ipv4_netmask: "/32"
-ipv6_address: "2a01:4f8:173:1654::1"
-ipv6_netmask: "/128"
-ipv4_gateway: "138.201.206.65"
-ipv6_gateway: "fe80::1"
-filesystem: btrfs
-system_disks:
-  - /dev/sda
-  - /dev/sdb
-
-postgres_backup_dir: "/var/lib/postgres/backup"
-archbuild_fs: 'btrfs'
-
-zabbix_agent_templates:
-  - Template OS Linux
-  - Template App Borg Backup
-  - Template App Syncrepo
-  - Template App PostgreSQL
--- a/hosts
+++ b/hosts
@@ -2,7 +2,6 @@
 orion.archlinux.org
 vostok.archlinux.org
 apollo.archlinux.org
-soyuz.archlinux.org
 luna.archlinux.org
 dragon.archlinux.org

@@ -33,7 +32,6 @@ ger.mirror.pkgbuild.com
 [borg_clients]
 orion.archlinux.org
 apollo.archlinux.org
-soyuz.archlinux.org
 luna.archlinux.org
 state.archlinux.org
 matrix.archlinux.org
@@ -54,7 +52,6 @@ bugs.archlinux.org

 [postgresql_servers]
 apollo.archlinux.org
-soyuz.archlinux.org
 state.archlinux.org
 quassel.archlinux.org

@@ -67,7 +64,6 @@ bugs.archlinux.org

 [buildservers]
 dragon.archlinux.org
-soyuz.archlinux.org
 sgp.mirror.pkgbuild.com

 [gitlab_runners]

--- a/playbooks/soyuz.yml
+++ b/playbooks/soyuz.yml
---
-
- name: setup soyuz
-  hosts: soyuz.archlinux.org
-  remote_user: root
-  roles:
-    - { role: common, tags: ['common'] }
-    - { role: tools, tags: ['tools'] }
-    - { role: sshd, tags: ['sshd'] }
-    - { role: unbound }
-    - { role: root_ssh, tags: ['root_ssh'] }
-    - { role: borg-client, tags: ['borg'] }
-    - { role: opendkim, dkim_selector: soyuz, tags: ['mail'] }
-    - { role: postfix, postfix_relayhost: "orion.archlinux.org", tags: ["mail", "postfix"] }
-    - { role: archusers, tags: ['archusers'] }
-    - { role: certbot }
-    - { role: nginx, tags: ["nginx"] }
-    - { role: sudo, tags: ['sudo', 'archusers'] }
-    - { role: sogrep, tags: ['sogrep'] }
-    - { role: archbuild, tags: ['archbuild'] }
-    - { role: public_html, public_domain: "pkgbuild.com", tags: ['public_html', 'nginx'] }
-    - { role: crond, tags: ['crond'] }
-    - { role: docker-image }
--- a/pubkeys/maximbaz_soyuz.pub
+++ b/pubkeys/maximbaz_soyuz.pub
-command="rsync --server -logDtprze.iLsfxC --delete --partial . ~/public_html/repo/",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDX5UOJ2aRK0LBSoWetHMwHNBItE9YrSWq7SWzDdX9R4bkvI38U/fKhWVWLpsQMczu90wT/VU2BN8PmcnPL091NqvqPC3NR9ol4KWJb5BhqRIUivwJ+yw2XTq5h4J7nhuS1OQo9HxD+g0KvnCCwvlHTAbnccu7FoEX9dGwwseUfgwaQl0rPM7LUgZ5uPZV0BbBnELe2xn9c1pcWkoVjOfZRzYwqfoQ8A4+dQYgZZwizbrE+sfOrPcPYvm+lSpqQ4Y91baOYXLbO1GyT1G3oBppqzwcJ4utbfaOSr+gOrA2B6QwqYts22UHdqY/9QLUjTg/MbitsS4bVttMaQPjTU5yUEn5iJIBkPGpfrOtDfo9v0pZ6PoKKsQ7DjmiYG6BYHckNTi5We7XMVVC7zBCJ8HQGoq7RvIrsebBtMrA8Vh3JhBcD7K+I2CVy4cOOwlW7uYchFvxJwkbSlLgFxpMxsHtrJSIx/8C6gMrdnls08/BXYhpHoQOhcdSyNL2jqeqpROSEUdemhbMEj0E6o289mD6bqYmnoz6HJmpVVYhFh8+I4lSbN3PNjHoAZhKiC9+6qf744y5+jR7FBTnBebZlPmnNaF+j6/lJ0N7A5Fggo8NzF8/qHFgSvyJ9N0lxWKIkc6yfH1a9GKJEs0Ng+2yMEBoZdJzrPTuU0iBMJYivct1okw==
--- a/roles/archive/templates/archive.conf.j2
+++ b/roles/archive/templates/archive.conf.j2
@@ -12,8 +12,8 @@ ARCHIVE_USER=archive
 ARCHIVE_GROUP=archive

 # Package extensions
-PKGEXT='.pkg.tar.xz'
-PKGSIG="$PKGEXT.sig"
+PKGREGEX='\.pkg\.tar(\.(gz|bz2|xz|zst|lrz|lzo|Z|lz4|lz))?'
+PKGSIGREGEX="$PKGREGEX\.sig"

 # Umask used when archiving
 UMASK=022