redirector play

After reading more on CORS (and sleeping!) I have finally corrected CORS
for static files, restricting access to our knwon hosts. Our initial
implementation was almost correct. It simply lacked the protocol—HTTP,
HTTPS—on the regex.

In my late-night push to just be done with this, I failed to go back to
"first principles" and actually understand CORS, choosing to rely on
various online "solutions". This lead to the unnecessary headers seen in
previous commits. Since we only care about GET requests for fonts, we
only need the single header. There is no need to handle preflight
OPTIONS requests because we aren't making such requests.

LEARNER-568

We have invested *numerous* man-hours in attempting to provide a
properly-secured CORS implementation. Unfortunately, our efforts
have only resulted in a lot of frustration, failure, and new
knowledge. For now, given the low risk of exposing these files, we
will move forward with the insecure option.

LEARNER-568

Remove reference to nginx var where nginx role isn't used

Finally figured out where I misunderstood nginx

LEARNER-568

LEARNER-568

LEARNER-568

LEARNER-568

Remove tagging of the Alton instance.

LEARNER-568

We need to be able to run on sandboxes/devstacks

We'll safely skip the install of rabbitmq if something is already
installed, so warning is sufficient for our purposes.

the credentials service.

LEARNER-516

Be able to override the django sql CONN_MAX_AGE setting.

Allow `./shovel.py`, not just `python shovel.py`

E0d/upgrade rabbit rebase

We're stopping rabbit, but it's part of the configuration the service,
so I didn't use manage:.  We may need to re-discuss the tags (mongo_3_0
works similarly when stopping mongo to manage config).

Files for building a docker container for rabbitmq

All apt-get over https

New third-party repos

Enforce correct rabbit version installed

Flag rabbit upgrading

Adds the CHECK_RABBIT_VERSION flag (true by default). If true and the
rabbitmq version found differs from the version specified in
RABBITMQ_VERSION, the role fails. If false in the same scenario, the
role continues but does not install rabbitmq (because it's already
installed).

This enables us to continue using this role without forcing us to
upgrade rabbitmq.

Rebase miss

Missed merge conflict marker

syntax and whitespace

latest rabbit.

Run edxapp on Docker for Devstack

Updated redis conf to work correctly (start/restart) with 16.04

fix supervisor configuration file path

Dockerfile for notifier on 16.04

Disable app preload in gunicorn for LMS & Studio.

Since the earliest days of edX, we've run gunicorn with preload_app as
True. This was primarily because the first handful of courses were using
the XMLModuleStore, which was extremely slow to initialize because it
had to read entire courses from disk and load them into memory at
startup.

XMLModuleStore courses stopped being created with the introduction of
Studio, and we've long since removed them from edx.org. Note: This
should not be confused with importing courses that are authored in XML.
XMLModuleStore courses are courses who use the disk instead of Mongo
for content persistence, and require a server restart for content edits
to show.

This commit sets things back to how Django is more commonly deployed
with gunicorn. It will make server startup time somewhat more expensive
because each worker process does init work, but it should make it
easier to safely enable features like database connection pooling
without having to worry about shared resources.

[PERF-305]