Merge branch 'prune-ssh-config' of github.com:CodeNow/devops-scripts into prune-ssh-config

Ryan Sandor Richards · Ryan Sandor Richards · commit ec278213ea6e · 2015-12-21T13:03:02.000-08:00
diff --git a/.gitignore b/.gitignore
@@ -7,3 +7,4 @@ erl_crash.dump
 npm-debug.log
 ca.srl
 .DS_Store
+ansible/roles/hipache/templates/runnable*
diff --git a/ansible/delta-hosts/variables b/ansible/delta-hosts/variables
@@ -1,10 +1,10 @@
 [api_group:vars]
-api_aws_access_key_id=AKIAIDC4WVMTCGV7KRVQ
-api_aws_secret_access_key=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
-api_github_client_id=b6072dc57062faca7fcb
-api_github_client_secret=ba73a9294dc4bfaa7ed02ba187f73918506e4293
+api_aws_access_key_id=AKIAJWSSSJYUXKNW2ZDA
+api_aws_secret_access_key=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
+api_github_client_id=d42d6634d4070c9d9bf9
+api_github_client_secret=d6cfde38fef5723e25e52629e3d25825c8a704c9
 api_github_deploy_keys_bucket=runnable.deploykeys.production
-api_mixpanel_app_id=c41affa4b08818443365c526cbb51606
+api_mixpanel_app_id=57260a5b6fc972e9c69184882efd009e
 api_mongo_auth=api:72192e5a-a5e1-11e5-add9-0270db32f7ad
 api_mongo_database=delta
 api_mongo_replset_name=delta-rs0
@@ -17,27 +17,27 @@ api_s3_context_bucket=runnable.context.resources.production
 docker_config=docks
 
 [eru:vars]
-eru_github_id=8abb08f83f6d1c52bd1a
-eru_github_secret=74a23ee56486d57b14f292283cb04625f600917c
+eru_github_id=46a23f5f99f0aa9460f8
+eru_github_secret=a0336d72e3d540fb9fbbed2c123a81e1cb329dab
 
 [khronos:vars]
 khronos_mongo_auth=api:oW4c7x9Wiv28oiNBy2Bc
 khronos_mongo_database=delta
 khronos_mongo_replset_name=delta
 
 [optimus:vars]
-optimus_aws_access_id=AKIAJPA2ZYSVVA5V7XXQ
-optimus_aws_secret_id=5V70AUxfIyHeLvlYZe0xaYevDAdgTOWOn5G7nHlt
+optimus_aws_access_id=AKIAJWSSSJYUXKNW2ZDA
+optimus_aws_secret_id=tyvGiCbj5jWCiQnMLvfrfD64dFo8i6prkdcga86y
 optimus_github_deploy_keys_bucket=runnable.deploykeys.production
 
 [palantiri:vars]
 palantiri_rollbar_key=f675e9090d6f483ca4e742af2c7f2f83
 
 [registry:vars]
-registry_s3_access_key=AKIAJK5EN7W6E62A3C3Q
+registry_s3_access_key=AKIAJKCSFJCHFDITLBUQ
 registry_s3_bucket=runnableimages.alpha
-registry_s3_secret_key=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
-registry_s3_region=us-east-1
+registry_s3_secret_key=LXxpb4F7Kxum1HvYkG0P20Yb/9Qpr+e5Gtt/0bIY
+registry_s3_region=us-west-2
 
 [shiva:vars]
 aws_access_key_id=AKIAJ3RCYU6FCULAJP2Q
@@ -56,9 +56,10 @@ vault_aws_region=us-east-1
 
 [delta:vars]
 ansible_ssh_private_key_file=~/.ssh/delta.pem
+api_hello_runnable_github_token=88ddc423c2312d02a8bbcaad76dd4c374a30e4af
 datadog_host_address=10.8.5.63
 datadog_tags=env:delta
-domain=runnable-delta.com
+domain=runnable.io
 mongo_port=27017
 new_relic_license_key=338516e0826451c297d44dc60aeaf0a0ca4bfead
 node_env=production-delta
@@ -67,9 +68,7 @@ pg_pass=59a5524e-a772-11e5-bedc-1bdc0db458b3
 rabbit_password=wKK7g7NWKpQXEeSzyWB7mIpxZIL8H2mDSf3Q6czR3Vk
 rabbit_username=o2mdLh9N9Ke2GzhoK8xsruYPhIQFN7iEL44dQJoq7OM
 registry_host=10.8.4.126
-swarm_token=d363b783f03a845a2c82b081bfe8443e
 user_content_domain=runnableapp.com
-api_hello_runnable_github_token=88ddc423c2312d02a8bbcaad76dd4c374a30e4af
 
 [ec2:vars]
 aws_custid=437258487404
diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
@@ -65,14 +65,24 @@ docker_cert_path: /etc/ssl/docker/cert.pem
 docker_key_path: /etc/ssl/docker/key.pem
 docker_port: 4242
 
+# ec2
+aws_access_key: "AKIAIB3IJCCJZQWQMVSQ"
+aws_secret_key: "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"
+
 # eru
 eru_port: 57831
 eru_hostname: admin.{{ domain }}
 
+# filibuster
+filibuster_port: 3112
+
 # fluffy
 fluffy_port: 80
 fluffy_hostname: "fluffy.{{ domain }}"
 
+# krain
+krain_port: 3100
+
 # mavis
 mavis_hostname: mavis.{{ domain }}
 mavis_port: 3000
@@ -115,11 +125,3 @@ swarm_container_name: swarm
 navi_mongo_database: navi
 navi_mongo_host_address: "{{ hostvars[groups['mongo-navi'][0]]['ansible_default_ipv4']['address'] }}"
 navi_mongo_port: 27017
-
-# consul
-consul_hostname: "{{ hostvars[groups['consul'][0]]['ansible_default_ipv4']['address'] }}"
-consul_port: 8500
-
-# ec2
-aws_access_key: "AKIAIB3IJCCJZQWQMVSQ"
-aws_secret_key: "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"
diff --git a/ansible/group_vars/alpha-api.yml b/ansible/group_vars/alpha-api.yml
@@ -24,12 +24,14 @@ container_envs: >
   -e DATADOG_HOST={{ datadog_host_address }}
   -e DATADOG_PORT={{ datadog_port }}
   -e DOMAIN={{ domain }}
+  -e FILIBUSTER_PORT={{ filibuster_port }}
   -e GITHUB_CALLBACK_URL=https://{{ api_hostname }}/auth/github/callback
   -e GITHUB_CLIENT_ID={{ api_github_client_id }}
   -e GITHUB_CLIENT_SECRET={{ api_github_client_secret }}
   -e GITHUB_DEPLOY_KEYS_BUCKET={{ api_github_deploy_keys_bucket }}
   -e GITHUB_HOOK_URL=https://{{ api_hostname }}/actions/github
   -e HELLO_RUNNABLE_GITHUB_TOKEN={{ api_hello_runnable_github_token }}
+  -e KRAIN_PORT={{ krain_port }}
   -e MAVIS_HOST=http://{{ mavis_hostname }}:80
   -e MIXPANEL_APP_ID={{ api_mixpanel_app_id }}
   -e MONGO=mongodb://{{ api_mongo_auth }}@{{ mongo_hosts }}/{{ api_mongo_database }}
@@ -52,8 +54,8 @@ container_envs: >
   -e ROLLBAR_KEY={{ api_rollbar_key }}
   -e S3_CONTEXT_RESOURCE_BUCKET={{ api_s3_context_bucket }}
   -e SENDGRID_KEY={{ sendgrid_key }}
-  -e USER_CONTENT_DOMAIN={{ user_content_domain }}
   -e SWARM_HOST=http://{{ swarm_host_address }}:{{ swarm_master_port }}
+  -e USER_CONTENT_DOMAIN={{ user_content_domain }}
 
 container_run_opts: >
   -h {{ name }}
diff --git a/ansible/group_vars/alpha-consul.yml b/ansible/group_vars/alpha-consul.yml
@@ -31,10 +31,10 @@ container_run_args: >
   -config-dir /etc/consul.d
   -client 0.0.0.0
   -recursor 8.8.8.8
-  {% if consul_hostname == ansible_default_ipv4.address %}-bootstrap-expect {{ groups['consul'] | length }}{% endif %}
+  {% if consul_host_address == ansible_default_ipv4.address %}-bootstrap-expect {{ groups['consul'] | length }}{% endif %}
   -data-dir /data
-  {% if consul_hostname == ansible_default_ipv4.address %}-ui-dir /ui{% endif %}
-  {% if consul_hostname != ansible_default_ipv4.address %}-retry-join {{ consul_hostname }}{% endif %}
+  {% if consul_host_address == ansible_default_ipv4.address %}-ui-dir /ui{% endif %}
+  {% if consul_host_address != ansible_default_ipv4.address %}-retry-join {{ consul_host_address }}{% endif %}
   > /var/log/consul.log 2>&1
 
 # some seed values
diff --git a/ansible/group_vars/alpha-hipache.yml b/ansible/group_vars/alpha-hipache.yml
@@ -5,6 +5,8 @@ container_image: registry.runnable.com/runnable/hipache
 container_tag: latest
 hosted_ports: [ 80, 443 ]
 
+log_driver: json-file
+
 container_run_opts: >
   -d
   -p 80:80
diff --git a/ansible/group_vars/alpha-registry.yml b/ansible/group_vars/alpha-registry.yml
@@ -5,6 +5,8 @@ container_image: "registry"
 container_tag: "2.1.1"
 hosted_ports: ["80"]
 
+log_driver: json-file
+
 container_envs: >
   -e REGISTRY_STORAGE_S3_ACCESSKEY={{ registry_s3_access_key }}
   -e REGISTRY_STORAGE_S3_SECRETKEY={{ registry_s3_secret_key }}
diff --git a/ansible/group_vars/alpha-workers.yml b/ansible/group_vars/alpha-workers.yml
@@ -17,13 +17,15 @@ container_envs: >
   -e DATADOG_HOST={{ datadog_host_address }}
   -e DATADOG_PORT={{ datadog_port }}
   -e DOMAIN={{ domain }}
+  -e FILIBUSTER_PORT={{ filibuster_port }}
   -e GITHUB_CALLBACK_URL=https://{{ api_hostname }}/auth/github/callback
   -e GITHUB_CLIENT_ID={{ api_github_client_id }}
   -e GITHUB_CLIENT_SECRET={{ api_github_client_secret }}
   -e GITHUB_DEPLOY_KEYS_BUCKET={{ api_github_deploy_keys_bucket }}
   -e GITHUB_HOOK_URL=https://{{ api_hostname }}/actions/github
   -e HELLO_RUNNABLE_GITHUB_TOKEN={{ api_hello_runnable_github_token }}
   -e IS_QUEUE_WORKER=true
+  -e KRAIN_PORT={{ krain_port }}
   -e MAVIS_HOST=http://{{ mavis_hostname }}:80
   -e MIXPANEL_APP_ID={{ api_mixpanel_app_id }}
   -e MONGO=mongodb://{{ api_mongo_auth }}@{{ mongo_hosts }}/{{ api_mongo_database }}
@@ -44,8 +46,8 @@ container_envs: >
   -e REDIS_PORT={{ redis_port }}
   -e ROLLBAR_KEY={{ api_rollbar_key }}
   -e S3_CONTEXT_RESOURCE_BUCKET={{ api_s3_context_bucket }}
-  -e USER_CONTENT_DOMAIN={{ user_content_domain }}
   -e SWARM_HOST=http://{{ swarm_host_address }}:{{ swarm_master_port }}
+  -e USER_CONTENT_DOMAIN={{ user_content_domain }}
 
 container_run_opts: >
   -h {{ name }}
diff --git a/ansible/roles/consul_value/tasks/main.yml b/ansible/roles/consul_value/tasks/main.yml
@@ -10,9 +10,9 @@
 
 - name: put values into consul
   run_once: true
-  when: consul_hostname is defined and consul_port is defined and consul_values is defined
+  when: consul_host_address is defined and consul_api_port is defined and consul_values is defined
   uri:
     method=PUT
-    url=http://{{ consul_hostname }}:{{ consul_port }}/v1/kv/{{ item.key }}
+    url=http://{{ consul_host_address }}:{{ consul_api_port }}/v1/kv/{{ item.key }}
     body="{{ item.value }}"
   with_items: "{{ consul_values }}"
diff --git a/ansible/roles/hipache/tasks/main.yml b/ansible/roles/hipache/tasks/main.yml
@@ -1,4 +1,35 @@
 ---
+- name: create certs path
+  sudo: yes
+  file:
+    path=/etc/ssl/certs/{{ domain }}
+    state=directory
+
+- name: create private cert path
+  sudo: yes
+  file:
+    path=/etc/ssl/private
+    state=directory
+
+# the keys below must be placed inside devops-scripts/ansible/roles/hipache/files
+- name: copy ca.crt
+  sudo: yes
+  template:
+    src={{ domain }}-ca.crt
+    dest=/etc/ssl/certs/ca.crt
+
+- name: copy {{ domain }}.crt
+  sudo: yes
+  template:
+    src={{ domain }}.crt
+    dest=/etc/ssl/certs/{ domain }}.crt
+
+- name: copy private ssl key
+  sudo: yes
+  template:
+    src={{ domain }}.key
+    dest=/etc/ssl/private/{{ domain }}.key
+
 - name: create hipache config directory
   sudo: yes
   file:
diff --git a/ssh/config b/ssh/config
@@ -148,7 +148,7 @@ Host hubot
 # beta
 ################################################################################
 Host beta-bastion
-  HostName 52.32.129.96
+  HostName 52.11.219.63
 
 Host 10.20.*.*
   User ubuntu
