EOL GCE

bundles/gce-workaround/items.py

@@ -1,33 +0,0 @@
-svc_systemd = {}
-pkg_apt = {}
-
-for i in {
-    'gce-disk-expand',
-    'google-cloud-packages-archive-keyring',
-    'google-cloud-sdk',
-    'google-compute-engine',
-    'google-compute-engine-oslogin',
-    'google-guest-agent',
-    'google-osconfig-agent',
-}:
-    pkg_apt[i] = {
-        'installed': False,
-    }
-
-for i in {
-    'google-accounts-daemon.service',
-    'google-accounts-manager.service',
-    'google-clock-skew-daemon.service',
-    'google-clock-sync-manager.service',
-    'google-guest-agent.service',
-    'google-osconfig-agent.service',
-    'google-shutdown-scripts.service',
-    'google-startup-scripts.service',
-    'sshguard.service',
-
-    'google-oslogin-cache.timer',
-}:
-    svc_systemd[i] = {
-        'enabled': False,
-        'running': False,
-    }

bundles/icinga2/items.py

@@ -335,19 +335,14 @@ for rnode in sorted(repo.nodes):
     host_ips = repo.libs.tools.resolve_identifier(repo, rnode.name, only_physical=True)
     icinga_ips = {}
 
-    # XXX for the love of god, PLEASE remove this once DNS is no longer
-    # hosted at GCE
-    if rnode.in_group('gce'):
-        icinga_ips['ipv4'] = rnode.metadata.get('external_ipv4')
-    else:
-        for ip_type in ('ipv4', 'ipv6'):
-            for ip in sorted(host_ips[ip_type]):
-                if ip.is_private and not ip.is_link_local:
-                    icinga_ips[ip_type] = str(ip)
-                    break
-            else:
-                if host_ips[ip_type]:
-                    icinga_ips[ip_type] = sorted(host_ips[ip_type])[0]
+    for ip_type in ('ipv4', 'ipv6'):
+        for ip in sorted(host_ips[ip_type]):
+            if ip.is_private and not ip.is_link_local:
+                icinga_ips[ip_type] = str(ip)
+                break
+        else:
+            if host_ips[ip_type]:
+                icinga_ips[ip_type] = sorted(host_ips[ip_type])[0]
 
     if not icinga_ips:
         raise ValueError(f'{rnode.name} requests monitoring, but has neither IPv4 nor IPv6 addresses!')

groups/locations.py

@@ -1,38 +1,3 @@
-groups['gce'] = {
-    'bundles': {
-        'gce-workaround',
-    },
-    'member_patterns': {
-        r"gce\..*",
-    },
-    'metadata': {
-        'hosts': {
-            'entries': {
-                '169.254.169.254': {
-                    'metadata.google.internal',
-                },
-            },
-        },
-        'location': 'gce',
-        'nameservers': {
-            '8.8.8.8',
-            '8.8.4.4',
-        },
-        'postfix': {
-            # It's fine to do this without authentificating to the relayhost.
-            # These Systems are not supposed to send mail anywhere else
-            # than our own domains.
-            'relayhost': '[mail.franzi.business]:2525',
-        },
-        'sysctl': {
-            'options': {
-                'net.ipv6.conf.all.disable_ipv6': '1',
-                'net.ipv6.conf.default.disable_ipv6': '1',
-            },
-        },
-    },
-}
-
 groups['htz'] = {
     'subgroup_patterns': {
         r'htz\-.+',

nodes/carlene.toml

@@ -184,7 +184,6 @@ packages = [
 [metadata.postfix]
 message_size_limit_mb = 100
 myhostname = "mail.franzi.business"
-mynetworks = ["gce"]
 
 [metadata.postfixadmin]
 domain = "postfixadmin.franzi.business"

nodes/gce/bind01.py

@@ -1,38 +0,0 @@
-# ns-1.kunbox.net
-# Frankfurt, Germany
-
-nodes['gce.bind01'] = {
-    'hostname': '34.89.208.78',
-    'dummy': True,
-    'groups': {
-        'debian-bullseye',
-        'dns',
-    },
-    'metadata': {
-        'backups': {
-            'exclude_from_backups': True,
-        },
-        'interfaces': {
-            'ens4': {
-                'ips': {
-                    '10.156.0.4',
-                },
-                'gateway4': '10.156.0.1',
-            },
-        },
-        'external_ipv4': '34.89.208.78',
-        'icinga_options': {
-            'pretty_name': 'ns-1.kunbox.net',
-        },
-        'postgresql': {
-            'version': '15',
-        },
-        'powerdns': {
-            'my_hostname': 'ns-1.kunbox.net',
-        },
-        'vm': {
-            'cpu': 1,
-            'ram': 1,
-        },
-    },
-}

nodes/gce/dns02.py

@@ -1,39 +0,0 @@
-# ns-2.kunbox.net
-# Belgium
-
-nodes['gce.dns02'] = {
-    'hostname': '35.187.109.249',
-    'dummy': True,
-    'bundles': set(),
-    'groups': {
-        'debian-bullseye',
-        'dns',
-    },
-    'metadata': {
-        'interfaces': {
-            'ens4': {
-                'ips': {
-                    '10.132.0.2',
-                },
-                'gateway4': '10.132.0.1',
-            },
-        },
-        'external_ipv4': '35.187.109.249',
-        'icinga_options': {
-            'pretty_name': 'ns-2.kunbox.net',
-        },
-        'backups': {
-            'exclude_from_backups': True,
-        },
-        'postgresql': {
-            'version': '15',
-        },
-        'powerdns': {
-            'my_hostname': 'ns-2.kunbox.net',
-        },
-        'vm': {
-            'cpu': 1,
-            'ram': 1,
-        },
-    },
-}

nodes/gce/dns03.py

@@ -1,39 +0,0 @@
-# ns-3.kunbox.net
-# Finland
-
-nodes['gce.dns03'] = {
-    'hostname': '35.228.143.71',
-    'dummy': True,
-    'bundles': set(),
-    'groups': {
-        'debian-bullseye',
-        'dns',
-    },
-    'metadata': {
-        'interfaces': {
-            'ens4': {
-                'ips': {
-                    '10.166.0.2',
-                },
-                'gateway4': '10.166.0.1',
-            },
-        },
-        'external_ipv4': '35.228.143.71',
-        'icinga_options': {
-            'pretty_name': 'ns-3.kunbox.net',
-        },
-        'backups': {
-            'exclude_from_backups': True,
-        },
-        'postgresql': {
-            'version': '15',
-        },
-        'powerdns': {
-            'my_hostname': 'ns-3.kunbox.net',
-        },
-        'vm': {
-            'cpu': 1,
-            'ram': 1,
-        },
-    },
-}