f20a6ed158
The mirror02 mirrors were booted on flavors that were much larger than necessary and didn't have external volumes attached for teh cache content. I've gone ahead and booted replacement Noble nodes using a smaller flavor naming them mirror03 and attached a volume to each one for caching. We pull mirror02 out of the inventory as we don't need it anymore (mirror01 is in use in production and will be cleaned up in followups). Depends-On: https://review.opendev.org/c/opendev/zone-opendev.org/+/944150 Change-Id: Ice9b4e79bfde5a8364d084c7434b848805d8ecfd
301 lines
12 KiB
YAML
301 lines
12 KiB
YAML
# Handlers for "letsencrypt update {{ key }}" events
|
|
#
|
|
# Note that because Ansible requires every called handler to have a
|
|
# listener, every host will need to provide a handler somehow.
|
|
#
|
|
# NOTE(ianw): as at 04/2019 it seems that something like
|
|
# listen: letsencrypt updated letsencrypt01-main-service
|
|
# doesn't actually register the handler.
|
|
#
|
|
# NOTE: import_tasks or include can not be used in handlers
|
|
# ("include_tasks" is okay).
|
|
# https://docs.ansible.com/ansible/latest/porting_guides/porting_guide_2.8.html#imports-as-handlers
|
|
|
|
- name: letsencrypt updated eavesdrop01-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated graphite02-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_graphite.yaml
|
|
|
|
- name: letsencrypt updated tarballs-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated zuul-ci-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated zuul-ci-git
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated zuul01-opendev-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated zuul02-opendev-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated insecure-ci-registry02-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_zuul_registry.yaml
|
|
|
|
- name: letsencrypt updated insecure-ci-registry99-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_zuul_registry.yaml
|
|
|
|
- name: letsencrypt updated meetpad-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_jitsi_meet.yaml
|
|
|
|
# mailman
|
|
- name: letsencrypt updated lists-openstack-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated lists-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# Static
|
|
- name: letsencrypt updated static-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-api-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-ask-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-docs-airshipit-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-ci-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-cinder-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-developer-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-devstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-docs-opendev-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-docs-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-docs-starlingx-io
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-eavesdrop-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-glance-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-git-airshipit-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-git-starlingx-io
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-git-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-git-zuul-ci-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-governance-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-horizon-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-keystone-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-meetings-opendev-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-nova-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-planet-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-service-types-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-specs-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-security-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-summit-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-swift-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-releases-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-tarballs-opendev-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-tarballs-openstack-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-zuul-ci-org
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated static-gating-dev
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# Grafana
|
|
|
|
- name: letsencrypt updated grafana02-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# Codesearch (hound)
|
|
|
|
- name: letsencrypt updated codesearch02-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# nodepool
|
|
|
|
- name: letsencrypt updated nb01-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated nb02-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated nb04-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# paste
|
|
|
|
- name: letsencrypt updated paste-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# review
|
|
|
|
- name: letsencrypt updated review02-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# refstack
|
|
|
|
- name: letsencrypt updated refstack01-openstack-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# Mirrors
|
|
- name: letsencrypt updated mirror01-iad3-openmetal-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror01-dfw3-raxflex-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror02-sjc3-raxflex-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror02-dfw-rax-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror01-iad-rax-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror02-ord-rax-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror02-bhs1-ovh-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror03-gra1-ovh-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror01-sjc1-vexxhost-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror03-sjc1-vexxhost-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror01-ca-ymq-1-vexxhost-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror03-ca-ymq-1-vexxhost-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror01-regionone-osuosl-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# Gate testing hosts:
|
|
- name: letsencrypt updated letsencrypt01-main-service
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/touch_file.yaml
|
|
vars:
|
|
touch_file: '/tmp/letsencrypt01-main-service.stamp'
|
|
|
|
- name: letsencrypt updated letsencrypt01-other-service
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/touch_file.yaml
|
|
vars:
|
|
touch_file: '/tmp/letsencrypt01-other-service.stamp'
|
|
|
|
- name: letsencrypt updated letsencrypt02-main-service
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/touch_file.yaml
|
|
vars:
|
|
touch_file: '/tmp/letsencrypt02-main-service.stamp'
|
|
|
|
- name: letsencrypt updated mirror01-openafs-provider-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror02-openafs-provider-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror03-openafs-provider-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated mirror04-openafs-provider-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated gitea99-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
|
|
|
|
- name: letsencrypt updated nb01-test-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated etherpad-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated keycloak-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated storyboard01-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated tracing-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated translate01-openstack-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated ptg-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
- name: letsencrypt updated review99-opendev-org-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
|
|
|
# We split out handlers for each gitea host as handlers should be run in order
|
|
# This allows us to do a rolling restart of the gitea backends.
|
|
- name: letsencrypt updated gitea09-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
|
|
|
|
- name: letsencrypt updated gitea10-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
|
|
|
|
- name: letsencrypt updated gitea11-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
|
|
|
|
- name: letsencrypt updated gitea12-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
|
|
|
|
- name: letsencrypt updated gitea13-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
|
|
|
|
- name: letsencrypt updated gitea14-main
|
|
include_tasks: roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
|