From cf1c33fdd6f7d377a39d72ecbcc25893ad942ff3 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Mon, 23 Jun 2014 18:33:54 +0000 Subject: [PATCH 1/5] No denyhosts for rhel7 --- playbooks/groups/download.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/groups/download.yml b/playbooks/groups/download.yml index 7b1351a5dd..3fdb8624b4 100644 --- a/playbooks/groups/download.yml +++ b/playbooks/groups/download.yml @@ -49,7 +49,7 @@ roles: - base - rkhunter - - denyhosts + - { role: denyhosts, when: ansible_distribution_major_version != '7' } - nagios_client - hosts - fas_client From 80e8bb0ff1e2030ac45e2f317eb2d85a519f313f Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Mon, 23 Jun 2014 18:38:13 +0000 Subject: [PATCH 2/5] Also this isn't around on rhel/epel7 yet either. --- playbooks/groups/download.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/groups/download.yml b/playbooks/groups/download.yml index 3fdb8624b4..de70e8522d 100644 --- a/playbooks/groups/download.yml +++ b/playbooks/groups/download.yml @@ -55,7 +55,7 @@ - fas_client - collectd/base - download - - mod_limitipconn + - { role: mod_limitipconn, when: ansible_distribution_major_version != '7'} - rsyncd - { role: nfs/client, when: datacenter == "phx2", mnt_dir: '/srv/pub', nfs_src_dir: 'fedora_ftp/fedora.redhat.com/pub' } - { role: nfs/client, when: datacenter == "rdu", mnt_dir: '/srv/pub', nfs_src_dir: 'fedora_ftp/fedora.redhat.com/pub' } From e5862ccf2e6cd3633fb28ccfd8d27f0f1bd42c19 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Mon, 23 Jun 2014 19:08:46 +0000 Subject: [PATCH 3/5] Adjust download apache conf to work with 2.2 or 2.4 --- .../httpd/dl.fedoraproject.org/secondary.conf | 21 ++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/roles/download/files/httpd/dl.fedoraproject.org/secondary.conf b/roles/download/files/httpd/dl.fedoraproject.org/secondary.conf index 15dd4f7822..3475a2a9ef 100644 --- a/roles/download/files/httpd/dl.fedoraproject.org/secondary.conf +++ b/roles/download/files/httpd/dl.fedoraproject.org/secondary.conf @@ -2,12 +2,31 @@ Alias /pub /srv/pub DocumentRoot /srv/web + - Options Indexes FollowSymLinks HeaderName /HEADER.html ReadmeName /FOOTER.html + Options Indexes FollowSymLinks + + # Apache 2.4 + Require all granted + + + # Apache 2.2 + Order allow,deny + Allow from all + ReadmeName /pub/archive/README.html + + # Apache 2.4 + Require all granted + + + # Apache 2.2 + Order allow,deny + Allow from all + From 7bbe3e048c79f1c227198dcab6c8b7ef9eaa5c76 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Mon, 23 Jun 2014 19:25:51 +0000 Subject: [PATCH 4/5] Also allow /srv/web/ --- .../httpd/dl.fedoraproject.org/secondary.conf | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/roles/download/files/httpd/dl.fedoraproject.org/secondary.conf b/roles/download/files/httpd/dl.fedoraproject.org/secondary.conf index 3475a2a9ef..8adff7de1a 100644 --- a/roles/download/files/httpd/dl.fedoraproject.org/secondary.conf +++ b/roles/download/files/httpd/dl.fedoraproject.org/secondary.conf @@ -2,6 +2,20 @@ Alias /pub /srv/pub DocumentRoot /srv/web + + HeaderName /HEADER.html + ReadmeName /FOOTER.html + Options Indexes FollowSymLinks + + # Apache 2.4 + Require all granted + + + # Apache 2.2 + Order allow,deny + Allow from all + + HeaderName /HEADER.html From e4c35eb49477e845030fd435c87261bec35c950e Mon Sep 17 00:00:00 2001 From: Ralph Bean Date: Mon, 23 Jun 2014 20:22:01 +0000 Subject: [PATCH 5/5] Add generic fedmsg config for bugzilla2fedmsg. --- roles/fedmsg/base/tasks/main.yml | 1 + .../base/templates/endpoints-bugzilla2fedmsg.py.j2 | 13 +++++++++++++ roles/fedmsg/base/templates/ssl.py.j2 | 4 ++++ 3 files changed, 18 insertions(+) create mode 100644 roles/fedmsg/base/templates/endpoints-bugzilla2fedmsg.py.j2 diff --git a/roles/fedmsg/base/tasks/main.yml b/roles/fedmsg/base/tasks/main.yml index aa132c0d02..28e2f2d14b 100644 --- a/roles/fedmsg/base/tasks/main.yml +++ b/roles/fedmsg/base/tasks/main.yml @@ -42,6 +42,7 @@ - endpoints-summershum.py - endpoints-kerneltest.py - endpoints-github2fedmsg.py + - endpoints-bugzilla2fedmsg.py - relay.py - pkgdb.py - logging.py diff --git a/roles/fedmsg/base/templates/endpoints-bugzilla2fedmsg.py.j2 b/roles/fedmsg/base/templates/endpoints-bugzilla2fedmsg.py.j2 new file mode 100644 index 0000000000..f73c56e0cc --- /dev/null +++ b/roles/fedmsg/base/templates/endpoints-bugzilla2fedmsg.py.j2 @@ -0,0 +1,13 @@ +{% if env == 'staging' %} +suffix = 'stg.phx2.fedoraproject.org' +{% else %} +suffix = 'phx2.fedoraproject.org' +{% endif %} + +config = dict( + endpoints={ + "bugzilla2fedmsg.bugzilla2fedmsg01": [ + "tcp://bugzilla2fedmsg01.%s:3000" % suffix, + ], + }, +) diff --git a/roles/fedmsg/base/templates/ssl.py.j2 b/roles/fedmsg/base/templates/ssl.py.j2 index f9445c2e24..7ff5fed0b6 100644 --- a/roles/fedmsg/base/templates/ssl.py.j2 +++ b/roles/fedmsg/base/templates/ssl.py.j2 @@ -25,6 +25,10 @@ config = dict( certnames=dict( [ + ("bugzilla2fedmsg.bugzilla2fedmsg01", "bugzilla2fedmsg-bugzilla2fedmsg01.%s" % suffix) + ] + [ + ("shell.bugzilla2fedmsg01", "shell-bugzilla2fedmsg01.%s" % suffix) + ] + [ ("github2fedmsg.github2fedmsg0%i" % i, "github2fedmsg-github2fedmsg0%i.%s" % (i, suffix)) for i in range(1, 3) ] + [