Page MenuHomePhabricator
Create Task
Maniphest T221268

Remove old letsencrypt puppet module
Closed, ResolvedPublic
Actions

Description

<bblack> (can we kill the old letsencrypt module yet?)

Conditional:

  • modules/tlsproxy/manifests/localssl.pp - this is probably only used in beta, which is using acme-chief from cherry-picks - please merge changes listed at T182927#5087304
  • modules/profile/manifests/gerrit/server.pp - @Paladox who does not have acme-chief installed

Unconditional:

  • modules/archiva/manifests/proxy.pp - see change below
  • modules/profile/manifests/mail/smarthost.pp - used on the mx-out hosts in cloudinfra, no acme-chief installed but that could be done
  • modules/profile/manifests/toolforge/mailrelay.pp - tools project, no acme-chief installed but that could be done
  • modules/toolserver_legacy/manifests/init.pp - toolserver-legacy project, no acme-chief installed but that could be done

Details

SubjectRepoBranchLines +/-
archiva::proxy: remove old letsencrypt module stuffoperations/puppetproduction+4 -7
Customize query in gerrit

Related Objects

Event Timeline

Krenair created this task.Apr 17 2019, 5:33 PM
Restricted Application added a project: SRE. · View Herald TranscriptApr 17 2019, 5:33 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
Krenair triaged this task as Low priority.Apr 17 2019, 5:33 PM
This comment was removed by Krenair.
Krenair added a subscriber: Paladox.Apr 17 2019, 5:37 PM
Paladox subscribed.Apr 17 2019, 5:37 PM

I use " modules/profile/manifests/gerrit/server.pp: letsencrypt::cert::integrated { 'gerrit':" for gerrit.git.wmflabs.org and gerrit.gerrit.wmflabs.org as the acme service does not work in WMCS. (Or the last time i checked it didn't work).

Krenair added a comment.EditedApr 17 2019, 5:37 PM

It does work in Cloud VPS, with some puppet cherry-picks and some credentials permitted by WMCS admins to allow modification of designate DNS records from within instances.

gerritbot added a comment.Apr 17 2019, 6:40 PM

Change 504648 had a related patch set uploaded (by Alex Monk; owner: Alex Monk):
[operations/puppet@production] archiva::proxy: remove old letsencrypt module stuff

https://gerrit.wikimedia.org/r/504648

gerritbot added a project: Patch-For-Review.Apr 17 2019, 6:40 PM
Krenair updated the task description. (Show Details)Apr 17 2019, 7:00 PM
Peachey88 added a project: Puppet.Apr 17 2019, 8:17 PM
gerritbot added a comment.Apr 23 2019, 8:25 AM

Change 504648 merged by Vgutierrez:
[operations/puppet@production] archiva::proxy: remove old letsencrypt module stuff

https://gerrit.wikimedia.org/r/504648

Krenair updated the task description. (Show Details)Apr 23 2019, 8:28 AM
ema moved this task from Backlog to TLS on the Traffic board.Apr 29 2019, 3:53 PM
Ladsgroup removed a project: Patch-For-Review.May 28 2019, 3:37 PM
Aklapper added a project: Infrastructure-Foundations.Jun 21 2021, 9:00 PM
BBlack moved this task from TLS to Icebox-Temp on the Traffic board.Oct 8 2021, 4:42 PM
BBlack edited projects, added Traffic-Icebox; removed Traffic.Oct 8 2021, 8:05 PM
BBlack subscribed.

The swap of Traffic for Traffic-Icebox in this ticket's set of tags was based on a bulk action for all tickets that aren't are neither part of our current planned work nor clearly a recent, higher-priority emergent issue. This is simply one step in a larger task cleanup effort. Further triage of these tickets (and especially, organizing future potential project ideas from them into a new medium) will occur afterwards! For more detail, have a look at the extended explanation on the main page of Traffic-Icebox . Thank you!

taavi closed this task as Resolved.Jun 24 2022, 8:17 AM
taavi assigned this task to Andrew.
taavi subscribed.

https://gerrit.wikimedia.org/r/c/operations/puppet/+/655762

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL