mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-05-04 11:16:02 +02:00
Decommission patchwork.archlinux.org and replace it with a static copy[1]
As announced on the mailing list[2] pacman has been migrated to gitlab and there is no real use for patchwork left, so it can be decommissioned. A static copy[1] is kept around for the time being to avoid link rot. [1] https://gitlab.archlinux.org/archlinux/patchwork-archive [2] https://lists.archlinux.org/archives/list/arch-dev-public@lists.archlinux.org/message/7B6R5HVEC67U7B2VQ3SKUVXU4RDCRRMM/ Fix #487
This commit is contained in:
parent
20b7ca7f85
commit
24e73359c6
|
@ -131,11 +131,6 @@ Prometheus, and Grafana server which receives selected performance/metrics from
|
|||
- [Grafana](https://dashboards.archlinux.org) and [docs/grafana.md](./docs/grafana.md)
|
||||
- Prometheus
|
||||
|
||||
## patchwork.archlinux.org
|
||||
|
||||
### Services
|
||||
- patchwork
|
||||
|
||||
## redirect.archlinux.org
|
||||
|
||||
### Services
|
||||
|
|
|
@ -240,17 +240,6 @@
|
|||
256 MD5:fe:a1:ab:4d:f6:5d:76:f9:a3:99:be:fd:51:ee:77:ed root@archlinux-packer (ED25519)
|
||||
3072 MD5:ad:ee:a6:6d:b7:9b:f0:f7:78:9f:df:b4:53:2e:5f:9f root@archlinux-packer (RSA)
|
||||
|
||||
# patchwork.archlinux.org
|
||||
1024 SHA256:FRn2yrB4ABYzLFs9muVWw/4PRq3ahNoV0EnweAip87g root@archlinux-packer (DSA)
|
||||
256 SHA256:Zmox+d8LXNaUo4d8ywmPXTHyjV7mCCAFYycEZd73c6w root@archlinux-packer (ECDSA)
|
||||
256 SHA256:xdY/tDi/x0z2SDTxzCrrt+Oygn5IYI0kMyN9JlPesw4 root@archlinux-packer (ED25519)
|
||||
3072 SHA256:erHz5RJTWqaKPUCB/bZMBxQfXQIi23rrrOOTPH+KUtc root@archlinux-packer (RSA)
|
||||
|
||||
1024 MD5:44:f4:b3:50:0e:ef:bb:ee:b6:85:06:b6:fb:bd:02:6f root@archlinux-packer (DSA)
|
||||
256 MD5:6c:f2:1b:97:21:77:f2:b2:03:e7:9a:8f:aa:0d:c6:6c root@archlinux-packer (ECDSA)
|
||||
256 MD5:6b:03:f5:0e:0f:4c:50:34:7a:19:f8:28:48:5b:93:09 root@archlinux-packer (ED25519)
|
||||
3072 MD5:0a:03:c6:ef:a1:9d:24:a7:59:ce:bb:41:87:6a:e0:af root@archlinux-packer (RSA)
|
||||
|
||||
# phrik.archlinux.org
|
||||
1024 SHA256:+482UWH5/pSMZ8VoIgkGZxGOm1tZ72rI5RrZsnQHDVk root@archlinux-packer (DSA)
|
||||
256 SHA256:qL+sG+DBwRKII1uPVcFHKQUfQNd7sW0x6iop6/Ki1Og root@archlinux-packer (ECDSA)
|
||||
|
|
|
@ -120,11 +120,6 @@ monitoring.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAA
|
|||
monitoring.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJCU4tNW4WHTQ43+HBbho/sbsU3BCzildSOziaJrVNvE
|
||||
monitoring.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDVAMU3iku88nPDAKjB++je4RRRkotwNdJEhRcO45Ujslhbq67D6BwcnaliR0ekZuhkQFs13dTNVGeb1VqN3I/wHVaECsd/Gz7Q2M5Ki2CqdUR8ztGaW/eWpY9r8Yk+h/fWdnZdnJPYhk7uZftJI9buqyqpkthvjQy9fZ2wyOb/BAk+7BYUdclcvCEMlW9HQljpgmj7snjTpMYMN0t3U7X3xydcOO6PwNIoSikufuMmbtCqtsUx/Xl1mVU2Xi584L8arjoKn9a4OjMUDorqAlFLeco6bWn5XEdfim6e+W55ZKg333j4KGMBFVW5Dk5mZGKfykalq4WONMe3nu0m4EqYFA/rGG/smliqjxCbWu9N6eDw1gKYOeq5gzx7ppQ9zL3BjL3gl+AbeUckxNCQ+zM66amZC6GmciiMq+hnpqeTUhocaGeriGVda4vO+IlCp4Wwx1zqcCZaHyzt/eIWT9DuXDqHq4gAshluGUR0gFTJ/0qhrYxQA/dW681LE3r9YLE=
|
||||
|
||||
# patchwork.archlinux.org
|
||||
patchwork.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOpXUEDbpDxSTdEAZ9At+cpAxEiJBmAf/CbXkQ/868QjYmOg1nKrkBfEWStxH+TQJf7jb3W7wc8WRh1yb26IqfU=
|
||||
patchwork.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB/UP7+uXVjWrH21grHC62KETnkCt5+HPrfhgGwYkFFy
|
||||
patchwork.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC+Ykvy67N1lQbk5aKlDhN62+ymDr1MbBBwu+e5rXuxUcuKrNcK1reOqdMgGoxXE5ip6DvFTu1oxKDaHEeVH7tEdiDaC+cHljQEDjNd0qzdoyfxiL9PN9YcOgtUsBpKzOzORTc9n8grfG/bVeI2QLAorGk9sKVNsFDgawKTv5MVnhw4hE6Nbx+qZhtb5u9nJclhNv+MKI/y/3SrKibOU3yONlEDuiq5/zK8UkgTAnQ+F1TgjscqTwinFh0jEVAAqivNaWSIwBrjZDf9p433lOprotDAr0jZm/F+mPybZJhe1OXNutM5cnEZ2vEvJE52X2p60Hpo4vGtOrfLvSpub6aXaX9hAs2Pf+OPbHU6AET/nOz6GlzvUOs9H8fPyXn+JUjm1YXiqSZZHiA7V9qoNNcP2zaOPXW8tJEVV71r2pfA/fJ/L18bg8OgUIn4iRjODl8q29ZmRh4h4Azm41fwksQZq2rxBuE4likUikg6AkJtd/qWHAMwLRTQrTtho2GxN50=
|
||||
|
||||
# phrik.archlinux.org
|
||||
phrik.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHHPJ79o6go5pRmE5eoeHe6kS9gM7Nsx///MA/tpmyqY/8ktgYu6MTnvSYKdgF1O4oSTfsU5mc7grpq7Qsl8+tA=
|
||||
phrik.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO45OY6f+b4KyFq13PyxjN/EcU11cgVZ1CrQZN2hGP0h
|
||||
|
|
|
@ -1,6 +0,0 @@
|
|||
filesystem: btrfs
|
||||
memcached_socket: "/run/memcached/patchwork.sock"
|
||||
fetchmail_user: "patchwork@archlinux.org"
|
||||
fetchmail_delivery_cmd: "/usr/local/bin/patchwork-parsemail-wrapper.sh"
|
||||
wireguard_address: 10.0.0.23
|
||||
wireguard_public_key: DVeDuKQKf4FzfgS8hp3iZj1tD7gi3SJm8GqDfA+XZn4=
|
|
@ -1,8 +0,0 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
33383339643636623338323330653738393661623238353864393963393938303337366134313238
|
||||
3036353833313862346538376362383461636338343439310a643230383865343239626664636530
|
||||
66636632306132656361653465323666646263623933353336623630393166353561656238653834
|
||||
6166303662626237340a316331336131326163613861316465343064343061393662333166396365
|
||||
64396538343236396365646464366130333866346134616639373530663539333733666637303066
|
||||
66616662346532376633326233663734616365383835376232333962306433663335383030626530
|
||||
623535653132383862346136343937326638
|
|
@ -1,9 +0,0 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
38316462656565326465366437633163303835333463653631653833646662323430656439356633
|
||||
3364626234343837363333353866616134303032653865640a663834313462616236623432613533
|
||||
31363631356464393535373731613538376636396166643862613261643431323631613133623833
|
||||
6665386233306337360a623066343237366136653631316436616438333662363666316161653162
|
||||
33656137653236653433636666343532383834313530613533323363646361353038383661326632
|
||||
61613934613539653439356161646439393931343066333466623836306433623333393266363938
|
||||
38366665376633346261616635663465636162393366323834346537633434366631326662333834
|
||||
33646334393733306363
|
4
hosts
4
hosts
|
@ -44,7 +44,6 @@ mail.archlinux.org
|
|||
matrix.archlinux.org
|
||||
md.archlinux.org
|
||||
monitoring.archlinux.org
|
||||
patchwork.archlinux.org
|
||||
phrik.archlinux.org
|
||||
quassel.archlinux.org
|
||||
reproducible.archlinux.org
|
||||
|
@ -68,7 +67,6 @@ lists.archlinux.org
|
|||
man.archlinux.org
|
||||
matrix.archlinux.org
|
||||
md.archlinux.org
|
||||
patchwork.archlinux.org
|
||||
quassel.archlinux.org
|
||||
state.archlinux.org
|
||||
|
||||
|
@ -92,7 +90,6 @@ repro1.pkgbuild.com
|
|||
repro2.pkgbuild.com
|
||||
|
||||
[memcached]
|
||||
patchwork.archlinux.org
|
||||
wiki.archlinux.org
|
||||
|
||||
[prometheus]
|
||||
|
@ -123,7 +120,6 @@ matrix.archlinux.org
|
|||
md.archlinux.org
|
||||
mirror.pkgbuild.com
|
||||
monitoring.archlinux.org
|
||||
patchwork.archlinux.org
|
||||
phrik.archlinux.org
|
||||
quassel.archlinux.org
|
||||
redirect.archlinux.org
|
||||
|
|
|
@ -1,21 +0,0 @@
|
|||
- name: Setup patchwork.archlinux.org
|
||||
hosts: patchwork.archlinux.org
|
||||
remote_user: root
|
||||
roles:
|
||||
- { role: common }
|
||||
- { role: sshd }
|
||||
- { role: root_ssh }
|
||||
- { role: borg_client, tags: ["borg"] }
|
||||
- { role: certbot }
|
||||
- { role: nginx }
|
||||
- { role: postfix, postfix_relayhost: "mail.archlinux.org" }
|
||||
- { role: fetchmail }
|
||||
- { role: postgres }
|
||||
- { role: sudo }
|
||||
- { role: uwsgi }
|
||||
- { role: memcached }
|
||||
- { role: patchwork }
|
||||
- { role: fail2ban }
|
||||
- { role: prometheus_exporters }
|
||||
- { role: promtail }
|
||||
- { role: wireguard }
|
|
@ -1,15 +0,0 @@
|
|||
patchwork_dir: '/srv/http/patchwork'
|
||||
patchwork_domain: 'patchwork.archlinux.org'
|
||||
patchwork_nginx_conf: '/etc/nginx/nginx.d/patchwork.conf'
|
||||
patchwork_forced_deploy: false
|
||||
patchwork_admins: ["('Giancarlo Razzolini', 'grazzolini@archlinux.org')", "('Frederik Schwan', 'freswa@archlinux.org')"]
|
||||
patchwork_version: 'v3.0.0'
|
||||
patchwork_from_email: 'Arch Linux Patchwork <patchwork@patchwork.archlinux.org>'
|
||||
patchwork_notification_frequency: '10m'
|
||||
|
||||
patchwork_db: 'patchwork'
|
||||
patchwork_db_host: 'localhost'
|
||||
patchwork_db_user: 'patchwork'
|
||||
patchwork_db_backup_user: 'patchwork_backup'
|
||||
patchwork_db_backup_table_objs: 'ALL_IN_SCHEMA'
|
||||
patchwork_db_backup_sequence_objs: 'ALL_IN_SCHEMA'
|
|
@ -1,6 +0,0 @@
|
|||
- name: Daemon reload
|
||||
systemd:
|
||||
daemon-reload: true
|
||||
|
||||
- name: Restart patchwork memcached
|
||||
service: name=patchwork-memcached state=restarted
|
|
@ -1,141 +0,0 @@
|
|||
- name: Run maintenance mode
|
||||
include_role:
|
||||
name: maintenance
|
||||
vars:
|
||||
service_name: "patchwork"
|
||||
service_domain: "{{ patchwork_domain }}"
|
||||
service_alternate_domains: []
|
||||
service_nginx_conf: "{{ patchwork_nginx_conf }}"
|
||||
when: maintenance is defined
|
||||
|
||||
- name: Install packages
|
||||
pacman: name=gcc,git,python,python-psycopg2,sudo,uwsgi-plugin-python,python-pip state=present
|
||||
|
||||
- name: Make patchwork user
|
||||
user: name=patchwork shell=/bin/false home="{{ patchwork_dir }}" createhome=no
|
||||
|
||||
- name: Fix home permissions
|
||||
file: state=directory owner=patchwork group=patchwork mode=0755 path="{{ patchwork_dir }}"
|
||||
|
||||
- name: Set patchwork groups
|
||||
user: name=patchwork groups=uwsgi
|
||||
|
||||
- name: Create ssl cert
|
||||
include_role:
|
||||
name: certificate
|
||||
vars:
|
||||
domains: ["{{ patchwork_domain }}"]
|
||||
|
||||
- name: Set up nginx
|
||||
template: src=nginx.d.conf.j2 dest="{{ patchwork_nginx_conf }}" owner=root group=root mode=644
|
||||
notify:
|
||||
- Reload nginx
|
||||
when: maintenance is not defined
|
||||
tags: ['nginx']
|
||||
|
||||
- name: Make nginx log dir
|
||||
file: path=/var/log/nginx/{{ patchwork_domain }} state=directory owner=root group=root mode=0755
|
||||
|
||||
- name: Clone patchwork repo
|
||||
git: repo=https://github.com/getpatchwork/patchwork.git dest="{{ patchwork_dir }}" version="{{ patchwork_version }}"
|
||||
become: true
|
||||
become_user: patchwork
|
||||
register: release
|
||||
|
||||
- name: Make virtualenv
|
||||
command: python -m venv "{{ patchwork_dir }}"/env creates="{{ patchwork_dir }}/env/bin/python"
|
||||
become: true
|
||||
become_user: patchwork
|
||||
|
||||
- name: Install from requirements into virtualenv
|
||||
pip: requirements="{{ patchwork_dir }}/requirements-prod.txt" virtualenv="{{ patchwork_dir }}/env" extra_args="--no-binary :all:"
|
||||
become: true
|
||||
become_user: patchwork
|
||||
register: virtualenv
|
||||
|
||||
- name: Fix home permissions
|
||||
file: state=directory owner=patchwork group=patchwork mode=0755 path="{{ patchwork_dir }}"
|
||||
|
||||
- name: Configure patchwork
|
||||
template: src=production.py.j2 dest="{{ patchwork_dir }}/patchwork/settings/production.py" owner=patchwork group=patchwork mode=0660
|
||||
register: config
|
||||
no_log: true
|
||||
|
||||
- name: Create patchwork db users
|
||||
postgresql_user: name={{ item.user }} password={{ item.password }} login_host="{{ patchwork_db_host }}" login_password="{{ vault_postgres_users.postgres }}" encrypted=yes
|
||||
no_log: true
|
||||
with_items:
|
||||
- { user: "{{ patchwork_db_user }}", password: "{{ vault_patchwork_db_password }}" }
|
||||
- { user: "{{ patchwork_db_backup_user }}", password: "{{ vault_patchwork_db_backup_password }}" }
|
||||
|
||||
- name: Create patchwork db
|
||||
postgresql_db: name="{{ patchwork_db }}" login_host="{{ patchwork_db_host }}" login_password="{{ vault_postgres_users.postgres }}" owner="{{ patchwork_db_user }}"
|
||||
register: db_created
|
||||
|
||||
- name: Django migrate
|
||||
django_manage: app_path="{{ patchwork_dir }}" command=migrate virtualenv="{{ patchwork_dir }}/env"
|
||||
become: true
|
||||
become_user: patchwork
|
||||
when: (db_created.changed or release.changed or config.changed or virtualenv.changed or patchwork_forced_deploy)
|
||||
|
||||
- name: DB privileges for patchwork users
|
||||
postgresql_privs: database="{{ patchwork_db }}" host="{{ patchwork_db_host }}" login="{{ patchwork_db_user }}" password="{{ vault_patchwork_db_password }}"
|
||||
privs=CONNECT roles="{{ item }}" type=database
|
||||
with_items:
|
||||
- "{{ patchwork_db_backup_user }}"
|
||||
|
||||
- name: Table privileges for patchwork users
|
||||
postgresql_privs: database="{{ patchwork_db }}" host="{{ patchwork_db_host }}" login="{{ patchwork_db_user }}" password="{{ vault_patchwork_db_password }}"
|
||||
privs=SELECT roles="{{ item.user }}" type=table objs="{{ item.objs }}"
|
||||
with_items:
|
||||
- { user: "{{ patchwork_db_backup_user }}", objs: "{{ patchwork_db_backup_table_objs }}" }
|
||||
|
||||
- name: Sequence privileges for patchwork users
|
||||
postgresql_privs: database="{{ patchwork_db }}" host="{{ patchwork_db_host }}" login="{{ patchwork_db_user }}" password="{{ vault_patchwork_db_password }}"
|
||||
privs=SELECT roles="{{ item.user }}" type=sequence objs="{{ item.objs }}"
|
||||
with_items:
|
||||
- { user: "{{ patchwork_db_backup_user }}", objs: "{{ patchwork_db_backup_sequence_objs }}" }
|
||||
|
||||
- name: Django collectstatic
|
||||
django_manage: app_path="{{ patchwork_dir }}" command=collectstatic virtualenv="{{ patchwork_dir }}/env"
|
||||
become: true
|
||||
become_user: patchwork
|
||||
when: (db_created.changed or release.changed or config.changed or virtualenv.changed or patchwork_forced_deploy)
|
||||
|
||||
- name: Install patchwork parsemail script
|
||||
template: src="patchwork-parsemail-wrapper.sh.j2" dest="/usr/local/bin/patchwork-parsemail-wrapper.sh" owner=root group=root mode=0755
|
||||
|
||||
- name: Install sudoer rights for fetchmail to call patchwork
|
||||
template: src=sudoers-fetchmail-patchwork.j2 dest=/etc/sudoers.d/fetchmail-patchwork owner=root group=root mode=0440
|
||||
|
||||
- name: Install patchwork memcached service
|
||||
template: src="patchwork-memcached.service.j2" dest="/etc/systemd/system/patchwork-memcached.service" owner=root group=root mode=0644
|
||||
notify:
|
||||
- Daemon reload
|
||||
|
||||
- name: Install patchwork notification service
|
||||
template: src="patchwork-notification.service.j2" dest="/etc/systemd/system/patchwork-notification.service" owner=root group=root mode=0644
|
||||
notify:
|
||||
- Daemon reload
|
||||
|
||||
- name: Install patchwork notification timer
|
||||
template: src="patchwork-notification.timer.j2" dest="/etc/systemd/system/patchwork-notification.timer" owner=root group=root mode=0644
|
||||
notify:
|
||||
- Daemon reload
|
||||
|
||||
- name: Deploy patchwork
|
||||
template: src=patchwork.ini.j2 dest=/etc/uwsgi/vassals/patchwork.ini owner=patchwork group=http mode=0644
|
||||
|
||||
- name: Deploy new release
|
||||
file: path=/etc/uwsgi/vassals/patchwork.ini state=touch owner=patchwork group=http mode=0644
|
||||
when: (release.changed or config.changed or virtualenv.changed or patchwork_forced_deploy)
|
||||
|
||||
- name: Start and enable patchwork memcached service and notification timer
|
||||
systemd:
|
||||
name: "{{ item }}"
|
||||
enabled: true
|
||||
state: started
|
||||
daemon_reload: true
|
||||
with_items:
|
||||
- patchwork-memcached.service
|
||||
- patchwork-notification.timer
|
File diff suppressed because one or more lines are too long
|
@ -1,46 +0,0 @@
|
|||
upstream patchwork {
|
||||
server unix:///run/uwsgi/patchwork.sock;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name {{ patchwork_domain }};
|
||||
|
||||
access_log /var/log/nginx/{{ patchwork_domain }}/access.log reduced;
|
||||
access_log /var/log/nginx/{{ patchwork_domain }}/access.log.json json_reduced;
|
||||
error_log /var/log/nginx/{{ patchwork_domain }}/error.log;
|
||||
|
||||
include snippets/letsencrypt.conf;
|
||||
|
||||
location / {
|
||||
access_log off;
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
server_name {{ patchwork_domain }};
|
||||
|
||||
access_log /var/log/nginx/{{ patchwork_domain }}/access.log reduced;
|
||||
access_log /var/log/nginx/{{ patchwork_domain }}/access.log.json json_reduced;
|
||||
error_log /var/log/nginx/{{ patchwork_domain }}/error.log;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/{{ patchwork_domain }}/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/{{ patchwork_domain }}/privkey.pem;
|
||||
ssl_trusted_certificate /etc/letsencrypt/live/{{ patchwork_domain }}/chain.pem;
|
||||
|
||||
location /static/ {
|
||||
alias {{ patchwork_dir }}/htdocs/static/;
|
||||
}
|
||||
|
||||
location / {
|
||||
access_log /var/log/nginx/{{ patchwork_domain }}/access.log main;
|
||||
access_log /var/log/nginx/{{ patchwork_domain }}/access.log.json json_main;
|
||||
include uwsgi_params;
|
||||
uwsgi_pass patchwork;
|
||||
}
|
||||
|
||||
}
|
|
@ -1,17 +0,0 @@
|
|||
[Unit]
|
||||
Description=Patchwork Memcached Daemon
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
User=patchwork
|
||||
Group=memcached
|
||||
# Remove '-l 127.0.0.1' to listen on all addresses
|
||||
ExecStart=/usr/bin/memcached -s /run/memcached/patchwork.sock -o modern -a 770
|
||||
Restart=always
|
||||
PrivateTmp=yes
|
||||
PrivateDevices=yes
|
||||
ProtectSystem=full
|
||||
MemoryDenyWriteExecute=yes
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,12 +0,0 @@
|
|||
[Unit]
|
||||
Description=Patchwork notification service
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
User=patchwork
|
||||
WorkingDirectory={{ patchwork_dir }}
|
||||
ExecStart={{ patchwork_dir }}/env/bin/python manage.py cron
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,9 +0,0 @@
|
|||
[Unit]
|
||||
Description=Patchwork notification timer
|
||||
|
||||
[Timer]
|
||||
OnUnitActiveSec={{ patchwork_notification_frequency }}
|
||||
OnBootSec={{ patchwork_notification_frequency }}
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
|
@ -1,3 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
sudo -u patchwork /usr/bin/env PW_PYTHON={{ patchwork_dir }}/env/bin/python {{ patchwork_dir }}/patchwork/bin/parsemail.sh
|
|
@ -1,16 +0,0 @@
|
|||
[uwsgi]
|
||||
plugins=python
|
||||
chdir={{ patchwork_dir }}
|
||||
pythonpath={{ patchwork_dir }}
|
||||
module=patchwork.wsgi:application
|
||||
socket=/run/uwsgi/patchwork.sock
|
||||
chmod-socket=660
|
||||
virtualenv={{ patchwork_dir }}/env
|
||||
processes=2
|
||||
threads=2
|
||||
master=true
|
||||
uid=patchwork
|
||||
gid=http
|
||||
thunder-lock = true
|
||||
daemonize=/var/log/uwsgi/patchwork.log
|
||||
stats=/run/uwsgi/patchwork-stats.sock
|
|
@ -1,93 +0,0 @@
|
|||
"""
|
||||
Sample production-ready settings for patchwork project.
|
||||
|
||||
Most of these are commented out as they will be installation dependent.
|
||||
|
||||
Design based on:
|
||||
http://www.revsys.com/blog/2014/nov/21/recommended-django-project-layout/
|
||||
"""
|
||||
|
||||
from __future__ import absolute_import
|
||||
|
||||
import os
|
||||
|
||||
from .base import * # noqa
|
||||
|
||||
#
|
||||
# Core settings
|
||||
# https://docs.djangoproject.com/en/1.6/ref/settings/#core-settings
|
||||
#
|
||||
|
||||
# Security
|
||||
#
|
||||
# You'll need to replace this to a random string. The following python code can
|
||||
# be used to generate a secret key:
|
||||
#
|
||||
# import string, random
|
||||
# chars = string.letters + string.digits + string.punctuation
|
||||
# print repr("".join([random.choice(chars) for i in range(0,50)]))
|
||||
|
||||
SECRET_KEY = '{{ vault_patchwork_secret_key }}'
|
||||
|
||||
# Email
|
||||
#
|
||||
# Replace this with your own details
|
||||
|
||||
EMAIL_HOST = os.getenv('EMAIL_HOST', 'localhost')
|
||||
EMAIL_PORT = os.getenv('EMAIL_PORT', 25)
|
||||
EMAIL_HOST_USER = os.getenv('EMAIL_HOST_USER', '')
|
||||
EMAIL_HOST_PASSWORD = os.getenv('EMAIL_HOST_PASSWORD', '')
|
||||
EMAIL_USE_TLS = True
|
||||
|
||||
DEFAULT_FROM_EMAIL = '{{ patchwork_from_email }}'
|
||||
SERVER_EMAIL = DEFAULT_FROM_EMAIL
|
||||
NOTIFICATION_FROM_EMAIL = DEFAULT_FROM_EMAIL
|
||||
|
||||
{% if patchwork_admins %}
|
||||
ADMINS = (
|
||||
{% for admin in patchwork_admins %}
|
||||
{{ admin }},
|
||||
{% endfor %}
|
||||
)
|
||||
{% else %}
|
||||
ADMINS = ()
|
||||
{% endif %}
|
||||
|
||||
# Database
|
||||
#
|
||||
# If you're using a postgres database, connecting over a local unix-domain
|
||||
# socket, then the following setting should work for you. Otherwise,
|
||||
# see https://docs.djangoproject.com/en/1.7/ref/settings/#databases
|
||||
|
||||
DATABASES = {
|
||||
'default': {
|
||||
'ENGINE': 'django.db.backends.postgresql_psycopg2',
|
||||
'NAME': '{{ patchwork_db }}',
|
||||
'USER': '{{ patchwork_db_user }}',
|
||||
'PASSWORD': '{{ vault_patchwork_db_password }}',
|
||||
'HOST': '{{ patchwork_db_host }}',
|
||||
'PORT': 5432,
|
||||
},
|
||||
}
|
||||
|
||||
#
|
||||
# Static files settings
|
||||
# https://docs.djangoproject.com/en/1.7/ref/settings/#static-files
|
||||
#
|
||||
|
||||
STATIC_ROOT = '{{ patchwork_dir }}/htdocs/static'
|
||||
|
||||
TIME_ZONE = 'UTC'
|
||||
|
||||
ALLOWED_HOSTS = ['{{ patchwork_domain }}']
|
||||
|
||||
## Define cache settings
|
||||
CACHES = {
|
||||
'default': {
|
||||
'BACKEND' : 'django.core.cache.backends.memcached.MemcachedCache',
|
||||
'LOCATION': 'unix:/run/memcached/patchwork.sock',
|
||||
}
|
||||
}
|
||||
|
||||
# We only support HTTPS
|
||||
FORCE_HTTPS_LINKS = True
|
|
@ -1 +0,0 @@
|
|||
fetchmail ALL=(patchwork) NOPASSWD: /usr/bin/env PW_PYTHON={{ patchwork_dir }}/env/bin/python {{ patchwork_dir }}/patchwork/bin/parsemail.sh
|
|
@ -1,7 +1,3 @@
|
|||
postfix_patchwork_enabled: false
|
||||
postfix_patchwork_user: "patchwork"
|
||||
postfix_patchwork_mail_handler: "/usr/local/bin/patchwork-parsemail-wrapper.sh"
|
||||
|
||||
mail_domain: "mail.archlinux.org"
|
||||
|
||||
postfix_wiki_bounce_mail_handler: "/usr/local/bin/wiki-bouncehandler.pl"
|
||||
|
|
|
@ -167,18 +167,11 @@ local_recipient_maps =
|
|||
relocated_maps = ${indexed}/relocated
|
||||
|
||||
relay_domains =
|
||||
{%if postfix_patchwork_enabled %}
|
||||
archlinux.org
|
||||
{% endif %}
|
||||
|
||||
transport_maps =
|
||||
${indexed}/transport
|
||||
pcre:${config_directory}/transport.pcre
|
||||
|
||||
{% if postfix_patchwork_enabled %}
|
||||
patchwork_destination_recipient_limit = 1
|
||||
{% endif %}
|
||||
|
||||
wiki_bouncehandler_destination_recipient_limit = 1
|
||||
|
||||
authorized_mailq_users = root
|
||||
|
|
|
@ -82,10 +82,5 @@ lmtp unix - - n - - lmtp
|
|||
anvil unix - - n - 1 anvil
|
||||
scache unix - - n - 1 scache
|
||||
|
||||
{% if postfix_patchwork_enabled %}
|
||||
patchwork unix - n n - - pipe
|
||||
flags=DFRX user={{postfix_patchwork_user}} argv={{postfix_patchwork_mail_handler}}
|
||||
{% endif %}
|
||||
|
||||
wiki_bouncehandler unix - n n - - pipe
|
||||
flags=DFRX user={{postfix_wiki_bounce_user}} argv=/usr/bin/systemd-cat {{postfix_wiki_bounce_mail_handler}} {{postfix_wiki_bounce_config}}
|
||||
|
|
|
@ -4,6 +4,3 @@
|
|||
|
||||
#lists.archlinux.org mailman:
|
||||
gmail.com smtp-ipv4:
|
||||
{% if postfix_patchwork_enabled %}
|
||||
patchwork@archlinux.org patchwork:
|
||||
{% endif %}
|
||||
|
|
|
@ -121,10 +121,6 @@ locals {
|
|||
server_type = "cx31"
|
||||
domain = "monitoring"
|
||||
}
|
||||
"patchwork.archlinux.org" = {
|
||||
server_type = "cx11"
|
||||
domain = "patchwork"
|
||||
}
|
||||
"phrik.archlinux.org" = {
|
||||
server_type = "cx11"
|
||||
domain = "phrik"
|
||||
|
@ -174,6 +170,7 @@ locals {
|
|||
"tu-bylaws.aur" = "bbafd3ed82f336e0c52d3eb9774b2432"
|
||||
"reproducible-notes" = "8c657f2f2720db1c3db63be89605cf0d"
|
||||
"terms" = "0b62a71af2aa85fb491295b543b4c3d2"
|
||||
"patchwork" = "37eeadf24d5cd6614e8edb1f12868a5e"
|
||||
}
|
||||
|
||||
archlinux_page_gitlab_pages = {
|
||||
|
|
Loading…
Reference in New Issue