From b11fece803bc21e6e34874680a4bb57976660d79 Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Sat, 16 Dec 2023 10:23:44 +0100 Subject: [PATCH] EOL GCE --- bundles/gce-workaround/items.py | 33 ---------------------------- bundles/icinga2/items.py | 21 +++++++----------- groups/locations.py | 35 ----------------------------- nodes/carlene.toml | 1 - nodes/gce/bind01.py | 38 -------------------------------- nodes/gce/dns02.py | 39 --------------------------------- nodes/gce/dns03.py | 39 --------------------------------- 7 files changed, 8 insertions(+), 198 deletions(-) delete mode 100644 bundles/gce-workaround/items.py delete mode 100644 nodes/gce/bind01.py delete mode 100644 nodes/gce/dns02.py delete mode 100644 nodes/gce/dns03.py diff --git a/bundles/gce-workaround/items.py b/bundles/gce-workaround/items.py deleted file mode 100644 index 583e055..0000000 --- a/bundles/gce-workaround/items.py +++ /dev/null @@ -1,33 +0,0 @@ -svc_systemd = {} -pkg_apt = {} - -for i in { - 'gce-disk-expand', - 'google-cloud-packages-archive-keyring', - 'google-cloud-sdk', - 'google-compute-engine', - 'google-compute-engine-oslogin', - 'google-guest-agent', - 'google-osconfig-agent', -}: - pkg_apt[i] = { - 'installed': False, - } - -for i in { - 'google-accounts-daemon.service', - 'google-accounts-manager.service', - 'google-clock-skew-daemon.service', - 'google-clock-sync-manager.service', - 'google-guest-agent.service', - 'google-osconfig-agent.service', - 'google-shutdown-scripts.service', - 'google-startup-scripts.service', - 'sshguard.service', - - 'google-oslogin-cache.timer', -}: - svc_systemd[i] = { - 'enabled': False, - 'running': False, - } diff --git a/bundles/icinga2/items.py b/bundles/icinga2/items.py index 607d098..2632de2 100644 --- a/bundles/icinga2/items.py +++ b/bundles/icinga2/items.py @@ -335,19 +335,14 @@ for rnode in sorted(repo.nodes): host_ips = repo.libs.tools.resolve_identifier(repo, rnode.name, only_physical=True) icinga_ips = {} - # XXX for the love of god, PLEASE remove this once DNS is no longer - # hosted at GCE - if rnode.in_group('gce'): - icinga_ips['ipv4'] = rnode.metadata.get('external_ipv4') - else: - for ip_type in ('ipv4', 'ipv6'): - for ip in sorted(host_ips[ip_type]): - if ip.is_private and not ip.is_link_local: - icinga_ips[ip_type] = str(ip) - break - else: - if host_ips[ip_type]: - icinga_ips[ip_type] = sorted(host_ips[ip_type])[0] + for ip_type in ('ipv4', 'ipv6'): + for ip in sorted(host_ips[ip_type]): + if ip.is_private and not ip.is_link_local: + icinga_ips[ip_type] = str(ip) + break + else: + if host_ips[ip_type]: + icinga_ips[ip_type] = sorted(host_ips[ip_type])[0] if not icinga_ips: raise ValueError(f'{rnode.name} requests monitoring, but has neither IPv4 nor IPv6 addresses!') diff --git a/groups/locations.py b/groups/locations.py index d60eccc..a3738a6 100644 --- a/groups/locations.py +++ b/groups/locations.py @@ -1,38 +1,3 @@ -groups['gce'] = { - 'bundles': { - 'gce-workaround', - }, - 'member_patterns': { - r"gce\..*", - }, - 'metadata': { - 'hosts': { - 'entries': { - '169.254.169.254': { - 'metadata.google.internal', - }, - }, - }, - 'location': 'gce', - 'nameservers': { - '8.8.8.8', - '8.8.4.4', - }, - 'postfix': { - # It's fine to do this without authentificating to the relayhost. - # These Systems are not supposed to send mail anywhere else - # than our own domains. - 'relayhost': '[mail.franzi.business]:2525', - }, - 'sysctl': { - 'options': { - 'net.ipv6.conf.all.disable_ipv6': '1', - 'net.ipv6.conf.default.disable_ipv6': '1', - }, - }, - }, -} - groups['htz'] = { 'subgroup_patterns': { r'htz\-.+', diff --git a/nodes/carlene.toml b/nodes/carlene.toml index 1f9459d..8f0372a 100644 --- a/nodes/carlene.toml +++ b/nodes/carlene.toml @@ -184,7 +184,6 @@ packages = [ [metadata.postfix] message_size_limit_mb = 100 myhostname = "mail.franzi.business" -mynetworks = ["gce"] [metadata.postfixadmin] domain = "postfixadmin.franzi.business" diff --git a/nodes/gce/bind01.py b/nodes/gce/bind01.py deleted file mode 100644 index 986996d..0000000 --- a/nodes/gce/bind01.py +++ /dev/null @@ -1,38 +0,0 @@ -# ns-1.kunbox.net -# Frankfurt, Germany - -nodes['gce.bind01'] = { - 'hostname': '34.89.208.78', - 'dummy': True, - 'groups': { - 'debian-bullseye', - 'dns', - }, - 'metadata': { - 'backups': { - 'exclude_from_backups': True, - }, - 'interfaces': { - 'ens4': { - 'ips': { - '10.156.0.4', - }, - 'gateway4': '10.156.0.1', - }, - }, - 'external_ipv4': '34.89.208.78', - 'icinga_options': { - 'pretty_name': 'ns-1.kunbox.net', - }, - 'postgresql': { - 'version': '15', - }, - 'powerdns': { - 'my_hostname': 'ns-1.kunbox.net', - }, - 'vm': { - 'cpu': 1, - 'ram': 1, - }, - }, -} diff --git a/nodes/gce/dns02.py b/nodes/gce/dns02.py deleted file mode 100644 index f1e8728..0000000 --- a/nodes/gce/dns02.py +++ /dev/null @@ -1,39 +0,0 @@ -# ns-2.kunbox.net -# Belgium - -nodes['gce.dns02'] = { - 'hostname': '35.187.109.249', - 'dummy': True, - 'bundles': set(), - 'groups': { - 'debian-bullseye', - 'dns', - }, - 'metadata': { - 'interfaces': { - 'ens4': { - 'ips': { - '10.132.0.2', - }, - 'gateway4': '10.132.0.1', - }, - }, - 'external_ipv4': '35.187.109.249', - 'icinga_options': { - 'pretty_name': 'ns-2.kunbox.net', - }, - 'backups': { - 'exclude_from_backups': True, - }, - 'postgresql': { - 'version': '15', - }, - 'powerdns': { - 'my_hostname': 'ns-2.kunbox.net', - }, - 'vm': { - 'cpu': 1, - 'ram': 1, - }, - }, -} diff --git a/nodes/gce/dns03.py b/nodes/gce/dns03.py deleted file mode 100644 index 83ae302..0000000 --- a/nodes/gce/dns03.py +++ /dev/null @@ -1,39 +0,0 @@ -# ns-3.kunbox.net -# Finland - -nodes['gce.dns03'] = { - 'hostname': '35.228.143.71', - 'dummy': True, - 'bundles': set(), - 'groups': { - 'debian-bullseye', - 'dns', - }, - 'metadata': { - 'interfaces': { - 'ens4': { - 'ips': { - '10.166.0.2', - }, - 'gateway4': '10.166.0.1', - }, - }, - 'external_ipv4': '35.228.143.71', - 'icinga_options': { - 'pretty_name': 'ns-3.kunbox.net', - }, - 'backups': { - 'exclude_from_backups': True, - }, - 'postgresql': { - 'version': '15', - }, - 'powerdns': { - 'my_hostname': 'ns-3.kunbox.net', - }, - 'vm': { - 'cpu': 1, - 'ram': 1, - }, - }, -}