From dafa0e4bd4d1ffcf992aa63e27970f2d8e245aff Mon Sep 17 00:00:00 2001
From: classabbyamp <void@placeviolette.net>
Date: Mon, 15 Jul 2024 00:59:43 -0400
Subject: [PATCH] ansible: decommission buildmaster

---
 ansible/roles/buildmaster/tasks/buildbot.yml | 166 +++----------------
 ansible/roles/buildmaster/tasks/pre.yml      |  24 +--
 ansible/roles/buildmaster/tasks/www.yml      |  34 ++--
 3 files changed, 46 insertions(+), 178 deletions(-)

diff --git a/ansible/roles/buildmaster/tasks/buildbot.yml b/ansible/roles/buildmaster/tasks/buildbot.yml
index a1e7fb95..d092688b 100644
--- a/ansible/roles/buildmaster/tasks/buildbot.yml
+++ b/ansible/roles/buildmaster/tasks/buildbot.yml
@@ -1,150 +1,34 @@
 ---
-- name: Install virtualenv & deps
-  xbps:
-    pkg:
-      - acl-progs
-      - base-devel
-      - python-devel
-    state: present
-
-- name: Create the BuildBot Master user
-  user:
-    name: "{{ buildmaster_user }}"
-    state: present
-    createhome: yes
-
-- name: Create the BuildMaster Root Directory
+- name: Disable BuildBot Service
   file:
-    path: "/{{ buildmaster_rootdir }}/buildmaster"
-    state: directory
-    owner: "{{ buildmaster_user }}"
-    group: "{{ buildmaster_user }}"
-    mode: 0750
-
-- name: Install Buildbot
-  pip:
-    name: buildbot
-    version: "{{ buildmaster_version }}"
-    virtualenv: "/{{ buildmaster_rootdir }}/virtual_builder"
-    virtualenv_python: python2
-  become_user: "{{ buildmaster_user }}"
-  become_method: sudo
+    path: /var/service/void-buildmaster
+    state: absent
 
-- name: Make Buildbot More Terse
-  patch:
-    src: terse-irc.patch
-    dest: "/{{ buildmaster_rootdir }}/virtual_builder/lib/python2.7/site-packages/buildbot/status/words.py"
-    backup: yes
-
-- name: Create BuildMaster Subdirectories
+- name: Remove BuildBot Service
   file:
-    path: "/{{ buildmaster_rootdir }}/buildmaster/{{ item }}"
-    state: directory
-    owner: "{{ buildmaster_user }}"
-    group: "{{ buildmaster_user }}"
-    mode: 0750
-  with_items:
-    - scripts
-    - public_html
-    - templates
-
-- name: Copy un-inheritable Buildbot Assets
-  copy:
-    src: "/{{ buildmaster_rootdir }}/virtual_builder/lib/python2.7/site-packages/buildbot/status/web/files/{{ item }}"
-    remote_src: true
-    dest: "/{{ buildmaster_rootdir }}/buildmaster/public_html/{{ item }}"
-    owner: "{{ buildmaster_user }}"
-    group: "{{ buildmaster_user }}"
-    mode: 0644
-  with_items:
-    - bg_gradient.jpg
-    - default.css
-    - favicon.ico
-    - robots.txt
-
-- name: Copy Buildbot Bootstrap Database
-  copy:
-    src: state.sqlite
-    dest: "/{{ buildmaster_rootdir }}/buildmaster/state.sqlite"
-    force: no
-    owner: "{{ buildmaster_user }}"
-    group: "{{ buildmaster_user }}"
-    mode: 0644
-
-- name: Install GitHub Webhook Password
-  copy:
-    src: secret/buildmaster_github_webhook_passwd
-    dest: "/{{ buildmaster_rootdir }}/github-webhook.passwd"
-    owner: "{{ buildmaster_user }}"
-    group: "{{ buildmaster_user }}"
-    mode: 0400
-  no_log: True
-
-- name: Configure BuildMaster
-  template:
-    src: master.cfg.j2
-    dest: "/{{ buildmaster_rootdir }}/buildmaster/master.cfg"
-    owner: "{{ buildmaster_user }}"
-    group: "{{ buildmaster_user }}"
-    mode: 0400
-  no_log: True
-
-- name: Install Static Scripts
-  copy:
-    src: "{{ item }}"
-    dest: "/{{ buildmaster_rootdir }}/buildmaster/scripts/{{ item }}"
-    owner: "{{ buildmaster_user }}"
-    group: "{{ buildmaster_user }}"
-    mode: 0640
-  with_items:
-    - __init__.py
-    - ShellCommandChangeList.py
-
-- name: Install Buildbot Master Configuration
-  template:
-    src: buildbot.tac.j2
-    dest: "/{{ buildmaster_rootdir }}/buildmaster/buildbot.tac"
-    owner: "{{ buildmaster_user }}"
-    group: "{{ buildmaster_user }}"
-    mode: 0644
-
-- include_vars: secret/buildslave_credentials.yml
-- include_vars: secret/buildmaster_users.yml
-
-- name: Configure BuildSlave References
-  template:
-    src: user_settings.py.j2
-    dest: "/{{ buildmaster_rootdir }}/buildmaster/scripts/user_settings.py"
-    owner: "{{ buildmaster_user }}"
-    group: "{{ buildmaster_user }}"
-    mode: 0400
+    path: /etc/sv/void-buildmaster
+    state: absent
 
-- name: Install BuildBot Service (1/2)
+- name: Remove the BuildMaster Root Directory
   file:
-    path: /etc/sv/void-buildmaster
-    state: directory
-    owner: root
-    group: root
-    mode: 0755
+    path: "/{{ buildmaster_rootdir }}"
+    state: absent
 
-- name: Install BuildBot Service (2/2)
-  template:
-    src: run.j2
-    dest: /etc/sv/void-buildmaster/run
-    owner: root
-    group: root
-    mode: 0755
+- name: Remove the BuildBot Master user
+  user:
+    name: "{{ buildmaster_user }}"
+    state: absent
+    remove: true
 
-- name: Enable BuildBot Service
-  file:
-    src: /etc/sv/void-buildmaster
-    dest: /var/service/void-buildmaster
-    state: link
+- name: Remove deps
+  xbps:
+    pkg:
+      - acl-progs
+      - base-devel
+      - python-devel
+    state: absent
 
-- name: Install sudo policy
-  template:
-    src: buildmaster.sudoers
-    dest: /etc/sudoers.d/buildmaster
-    owner: root
-    group: root
-    mode: 0640
+- name: Remove sudo policy
+  file:
+    path: /etc/sudoers.d/buildmaster
+    state: absent
diff --git a/ansible/roles/buildmaster/tasks/pre.yml b/ansible/roles/buildmaster/tasks/pre.yml
index 41882dac..2356d21c 100644
--- a/ansible/roles/buildmaster/tasks/pre.yml
+++ b/ansible/roles/buildmaster/tasks/pre.yml
@@ -1,25 +1,19 @@
 ---
-- name: Create the void-repo group
+- name: Remove the void-repo group
   group:
     name: void-repo
-    state: present
+    state: absent
 
-- name: Install the buildmaster firewall rules
-  copy:
-    src: buildmaster.rules
-    dest: /etc/iptables.d
-    owner: root
-    group: root
-    mode: 0640
+- name: Remove the buildmaster firewall rules
+  file:
+    path: /etc/iptables.d/buildmaster.rules
+    state: absent
   notify:
     - iptables
 
 - name: Install the buildmaster firewall rules (v6)
-  copy:
-    src: buildmaster.6rules
-    dest: /etc/ip6tables.d
-    owner: root
-    group: root
-    mode: 0640
+  file:
+    path: /etc/ip6tables.d/buildmaster.6rules
+    state: absent
   notify:
     - iptables
diff --git a/ansible/roles/buildmaster/tasks/www.yml b/ansible/roles/buildmaster/tasks/www.yml
index d8b7e507..dc838d9c 100644
--- a/ansible/roles/buildmaster/tasks/www.yml
+++ b/ansible/roles/buildmaster/tasks/www.yml
@@ -1,25 +1,15 @@
 ---
-- name: Configure webserver
-  include_role:
-    name: nginx
-    tasks_from: base-site
-  vars:
-    - site:
-        name: buildmaster
-        static_root: false
-        urls:
-          - build.voidlinux.org
-        tls:
-          certificate: "{{ buildmaster_ssl_cert_path | default('/dev/null') }}"
-          key: "{{ buildmaster_ssl_certkey_path | default('/dev/null') }}"
-          stapling: yes
-
-- name: Install root location block
-  copy:
-    src: buildmaster_root.conf
-    dest: /etc/nginx/locations.d/build.voidlinux.org/
-    owner: root
-    group: root
-    mode: 0644
+- name: Unconfigure nginx
+  file:
+    path: "{{ item }}"
+    state: absent
+  with_items:
+    - /var/lib/acme/live/build.voidlinux.org
+    - /etc/nginx/locations.d/build.voidlinux.org
+    - /etc/nginx/sites-available/buildmaster.conf
+    - /etc/nginx/sites-enabled/buildmaster.conf
+    - /etc/iptables.d/nginx-resolvers-buildmaster.rules
+    - /etc/ip6tables.d/nginx-resolvers-buildmaster.6rules
   notify:
     - nginx
+    - iptables