Merge pull request #399 from ameihm0912/configguide

Refresh configuration guide

database/createlocaldb.sh

@@ -1,22 +0,0 @@
-#! /usr/bin/env bash
-[ ! -x $(which sudo) ] && echo "sudo isn't available, that won't work" && exit 1
-
-genpass=1
-pass=""
-[ ! -z $1 ] && pass=$1 && echo "using predefined password '$pass'" && genpass=0
-
-for user in "migadmin" "migapi" "migscheduler"; do
-    [ $genpass -gt 0 ] && pass=$(cat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c${1:-32})
-    sudo su postgres -c "psql -c 'CREATE ROLE $user;'" 1>/dev/null
-    [ $? -ne 0 ] && echo "ERROR: user creation failed." && exit 123
-    sudo su postgres -c "psql -c \"ALTER ROLE $user WITH NOSUPERUSER INHERIT NOCREATEROLE NOCREATEDB LOGIN PASSWORD '$pass';\"" 1>/dev/null
-    [ $? -ne 0 ] && echo "ERROR: user creation failed." && exit 123
-    echo "Created user $user with password '$pass'"
-done
-sudo su postgres -c "psql -c 'CREATE DATABASE mig OWNER migadmin;'" 1>/dev/null
-[ $? -ne 0 ] && echo "ERROR: database creation failed." && exit 123
-
-sudo su postgres -c "psql -d mig -f schema.sql" 1>/dev/null
-[ $? -ne 0 ] && echo "ERROR: tables creation failed." && exit 123
-
-echo "MIG Database created successfully."

database/createremotedb.sh

@@ -1,30 +0,0 @@
-#! /usr/bin/env bash
-
-PGDATABASE='mig'
-PGUSER='migadmin'
-PGPASS='MYDATABASEPASSWORD'
-PGHOST='192.168.0.1'
-PGPORT=5432
-
-qfile=$(mktemp)
-schedpass=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-32})
-apipass=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-32})
-
-# pgpass file follow 'hostname:port:database:username:password'
-echo "$PGHOST:$PGPORT:$PGDATABASE:$PGUSER:$PGPASS" > ~/.pgpass
-chmod 400 ~/.pgpass
-
-cat > $qfile << EOF
-\c postgres
-CREATE ROLE migscheduler;
-ALTER ROLE migscheduler LOGIN PASSWORD '$schedpass';
-
-CREATE ROLE migapi;
-ALTER ROLE migapi LOGIN PASSWORD '$apipass';
-EOF
-
-psql -U $PGUSER -d $PGDATABASE -h $PGHOST -p $PGPORT -c "\i $qfile"
-psql -U $PGUSER -d $PGDATABASE -h $PGHOST -p $PGPORT -d mig -c "\i schema.sql"
-echo "created users: migscheduler/$schedpass migapi/$apipass"
-rm $qfile
-rm -f ~/.pgpass

doc/data.rst

@@ -8,23 +8,6 @@ MIG Data
 Postgresql
 ----------
 
-Database creation script
-~~~~~~~~~~~~~~~~~~~~~~~~
-
-Two scripts can be used to create a database for MIG.
-
-* `createlocaldb.sh`_ will create a database on an instance of postgresql
-  running locally. This is used by the standalone installation script.
-
-.. _`createlocaldb.sh`: https://github.com/mozilla/mig/blob/master/src/mig/database/createlocaldb.sh
-
-* `createremotedb.sh`_ will connect to an existing MIG database on a remote
-  postgresql server. This is a standard production setup. It assumes that you
-  have created a database beforehand. You can pass the DB credentials by
-  editing the bash variables at the top of the script before running it.
-
-.. _`createremotedb.sh`: https://github.com/mozilla/mig/blob/master/src/mig/database/createremotedb.sh
-
 Structure & Tables
 ~~~~~~~~~~~~~~~~~~
 

tools/create_rabbitmq_config.sh

@@ -1,74 +0,0 @@
-#! /usr/bin/env bash
-
-adminpass=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-32})
-schedpass=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-32})
-agentpass=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-32})
-workrpass=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-32})
-
-echo "creating rabbitmq users"
-sudo rabbitmqctl add_user admin $adminpass
-sudo rabbitmqctl set_user_tags admin administrator
-sudo rabbitmqctl add_user scheduler $schedpass
-sudo rabbitmqctl add_user agent $agentpass
-sudo rabbitmqctl add_user worker $workrpass
-
-echo "deleting guest user"
-sudo rabbitmqctl delete_user guest
-
-echo "creating 'mig' vhost"
-sudo rabbitmqctl add_vhost mig
-
-echo "creating ACLs for scheduler user"
-sudo rabbitmqctl set_permissions -p mig scheduler \
-        '^(toagents|toschedulers|toworkers|mig\.agt\..*)$' \
-        '^(toagents|toworkers|mig\.agt\.(heartbeats|results))$' \
-	'^(toagents|toschedulers|toworkers|mig\.agt\.(heartbeats|results))$'
-
-echo "creating ACLs for agent user"
-sudo rabbitmqctl set_permissions -p mig agent \
-        '^mig\.agt\..*$' \
-        '^(toschedulers|mig\.agt\..*)$' \
-        '^(toagents|mig\.agt\..*)$'
-
-echo "creating ACLs for worker user"
-sudo rabbitmqctl set_permissions -p mig worker \
-	'^migevent\..*$' \
-	'^migevent(|\..*)$' \
-	'^(toworkers|migevent\..*)$'
-
-echo "writing configuration to /etc/rabbitmq/rabbitmq.config"
-[ -e /etc/rabbitmq/rabbitmq.config ] && sudo cp /etc/rabbitmq/rabbitmq.config{,.bkp}
-mqconf=$(mktemp)
-echo '[
-  {rabbit, [
-         {ssl_listeners, [5671]},
-         {ssl_options, [{cacertfile,	"/etc/rabbitmq/ca.crt"},
-                        {certfile,		"/etc/rabbitmq/rabbitmq.crt"},
-                        {keyfile,		"/etc/rabbitmq/rabbitmq.key"},
-                        {verify,		verify_peer},
-                        {fail_if_no_peer_cert,	true},
-                        {versions, ["tlsv1.2", "tlsv1.1"]},
-                        {ciphers,  [{dhe_rsa,aes_256_cbc,sha256},
-                                    {dhe_rsa,aes_128_cbc,sha256},
-                                    {dhe_rsa,aes_256_cbc,sha},
-                                    {rsa,aes_256_cbc,sha256},
-                                    {rsa,aes_128_cbc,sha256},
-                                    {rsa,aes_256_cbc,sha}]}
-        ]}
-  ]}
-].' > $mqconf
-sudo mv $mqconf /etc/rabbitmq/rabbitmq.config
-
-echo "set mirroring policy"
-sudo rabbitmqctl -p mig set_policy mig-mirror-all "^(toschedulers|toagents|toworkers|mig(|event))\." '{"ha-mode":"all"}'
-
-sudo chown rabbitmq /etc/rabbitmq/*
-echo
-echo "rabbitmq configured with the following users:"
-echo "  admin       $adminpass"
-echo "  scheduler   $schedpass"
-echo "  agent       $agentpass"
-echo "  worker      $workrpass"
-echo
-echo "copy ca.crt and rabbitmq.{crt,key} into /etc/rabbitmq/"
-echo "then run $ service rabbitmq-server restart"