Infrastructure/ansible
3
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of ssh://pagure.io/fedora-infra/ansible

Browse source
This commit is contained in:
Mark O'Brien 2020-06-22 10:43:05 +01:00
commit c56acff29e
62 changed files with 731 additions and 1174 deletions
Download patch file Download diff file Expand all files Collapse all files

1
README.md
View file

@ -86,3 +86,4 @@ When a playbook or change is checked into ansible you should assume
that it could be run at ***ANY TIME***. Always make sure the checked in state
is the desired state. Always test changes when they land so they don't
surprise you later.

14
inventory/builders
View file

@ -67,6 +67,12 @@ buildvm-a64-12.iad2.fedoraproject.org
buildvm-a64-13.iad2.fedoraproject.org
buildvm-a64-14.iad2.fedoraproject.org
buildvm-a64-15.iad2.fedoraproject.org
buildvm-a64-16.iad2.fedoraproject.org
buildvm-a64-17.iad2.fedoraproject.org
buildvm-a64-18.iad2.fedoraproject.org
buildvm-a64-19.iad2.fedoraproject.org
buildvm-a64-20.iad2.fedoraproject.org
buildvm-a64-21.iad2.fedoraproject.org
[buildvm_armv7]
buildvm-a32-01.iad2.fedoraproject.org
@ -84,6 +90,12 @@ buildvm-a32-12.iad2.fedoraproject.org
buildvm-a32-13.iad2.fedoraproject.org
buildvm-a32-14.iad2.fedoraproject.org
buildvm-a32-15.iad2.fedoraproject.org
buildvm-a32-16.iad2.fedoraproject.org
buildvm-a32-17.iad2.fedoraproject.org
buildvm-a32-18.iad2.fedoraproject.org
buildvm-a32-19.iad2.fedoraproject.org
buildvm-a32-20.iad2.fedoraproject.org
buildvm-a32-21.iad2.fedoraproject.org
[buildvm_s390x]
buildvm-s390x-01.s390.fedoraproject.org
@ -133,6 +145,8 @@ bvmhost-a64-02.iad2.fedoraproject.org
bvmhost-a64-03.iad2.fedoraproject.org
bvmhost-a64-04.iad2.fedoraproject.org
bvmhost-a64-05.iad2.fedoraproject.org
bvmhost-a64-06.iad2.fedoraproject.org
bvmhost-a64-07.iad2.fedoraproject.org
bvmhost-p09-01.iad2.fedoraproject.org
bvmhost-p09-02.iad2.fedoraproject.org

2
inventory/cloud
View file

@ -21,7 +21,7 @@ iddev.fedorainfracloud.org
testdays.fedorainfracloud.org
proxy30.fedoraproject.org
proxy31.fedoraproject.org
proxy32.fedoraproject.org ansible_ssh_user=fedora ansible_become=yes
proxy32.fedoraproject.org
copr-be.aws.fedoraproject.org
copr-be-dev.aws.fedoraproject.org
copr-dist-git.aws.fedoraproject.org

2
inventory/group_vars/os_masters
View file

@ -12,5 +12,5 @@ nagios_Check_Services:
# Set some bodhi variables here.
# Since they are used when running playbooks against the master nodes.
#
bodhi_version: 5.2.2-1.fc32.infra
bodhi_version: 5.4.0-1.fc32.infra
bodhi_openshift_pods: 2

3
inventory/hardware
View file

@ -109,6 +109,9 @@ bvmhost-a64-01.iad2.fedoraproject.org
bvmhost-a64-02.iad2.fedoraproject.org
bvmhost-a64-03.iad2.fedoraproject.org
bvmhost-a64-04.iad2.fedoraproject.org
bvmhost-a64-05.iad2.fedoraproject.org
bvmhost-a64-06.iad2.fedoraproject.org
bvmhost-a64-07.iad2.fedoraproject.org
[hardware:children]

2
inventory/host_vars/bkernel01.iad2.fedoraproject.org
View file

@ -1,6 +1,8 @@
---
nm: 255.255.255.0
gw: 10.3.169.254
eth0_ip: 10.3.169.29
dns: 10.3.163.33
datacenter: iad2
resolvconf: "resolv.conf/iad2"

11
inventory/host_vars/buildvm-a32-16.iad2.fedoraproject.org Normal file
View file

@ -0,0 +1,11 @@
---
vmhost: bvmhost-a64-06.iad2.fedoraproject.org
eth0_ip: 10.3.170.76
ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/armhfp/os/
ks_url: http://10.3.163.35/repo/rhel/ks/buildvm-fedora-32-armv7-iad2
resolvconf: "resolv.conf/iad2"
virt_install_command: "{{ virt_install_command_armv7_one_nic_unsafe }}"
ipa_server: ipa01.iad2.fedoraproject.org
gw: 10.3.170.254
dns: 10.3.163.33
datacenter: iad2

11
inventory/host_vars/buildvm-a32-17.iad2.fedoraproject.org Normal file
View file

@ -0,0 +1,11 @@
---
vmhost: bvmhost-a64-06.iad2.fedoraproject.org
eth0_ip: 10.3.170.77
ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/armhfp/os/
ks_url: http://10.3.163.35/repo/rhel/ks/buildvm-fedora-32-armv7-iad2
resolvconf: "resolv.conf/iad2"
virt_install_command: "{{ virt_install_command_armv7_one_nic_unsafe }}"
ipa_server: ipa01.iad2.fedoraproject.org
gw: 10.3.170.254
dns: 10.3.163.33
datacenter: iad2

11
inventory/host_vars/buildvm-a32-18.iad2.fedoraproject.org Normal file
View file

@ -0,0 +1,11 @@
---
vmhost: bvmhost-a64-06.iad2.fedoraproject.org
eth0_ip: 10.3.170.78
ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/armhfp/os/
ks_url: http://10.3.163.35/repo/rhel/ks/buildvm-fedora-32-armv7-iad2
resolvconf: "resolv.conf/iad2"
virt_install_command: "{{ virt_install_command_armv7_one_nic_unsafe }}"
ipa_server: ipa01.iad2.fedoraproject.org
gw: 10.3.170.254
dns: 10.3.163.33
datacenter: iad2

11
inventory/host_vars/buildvm-a32-19.iad2.fedoraproject.org Normal file
View file

@ -0,0 +1,11 @@
---
vmhost: bvmhost-a64-07.iad2.fedoraproject.org
eth0_ip: 10.3.170.79
ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/armhfp/os/
ks_url: http://10.3.163.35/repo/rhel/ks/buildvm-fedora-32-armv7-iad2
resolvconf: "resolv.conf/iad2"
virt_install_command: "{{ virt_install_command_armv7_one_nic_unsafe }}"
ipa_server: ipa01.iad2.fedoraproject.org
gw: 10.3.170.254
dns: 10.3.163.33
datacenter: iad2

11
inventory/host_vars/buildvm-a32-20.iad2.fedoraproject.org Normal file
View file

@ -0,0 +1,11 @@
---
vmhost: bvmhost-a64-07.iad2.fedoraproject.org
eth0_ip: 10.3.170.80
ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/armhfp/os/
ks_url: http://10.3.163.35/repo/rhel/ks/buildvm-fedora-32-armv7-iad2
resolvconf: "resolv.conf/iad2"
virt_install_command: "{{ virt_install_command_armv7_one_nic_unsafe }}"
ipa_server: ipa01.iad2.fedoraproject.org
gw: 10.3.170.254
dns: 10.3.163.33
datacenter: iad2

11
inventory/host_vars/buildvm-a32-21.iad2.fedoraproject.org Normal file
View file

@ -0,0 +1,11 @@
---
vmhost: bvmhost-a64-07.iad2.fedoraproject.org
eth0_ip: 10.3.170.81
ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/armhfp/os/
ks_url: http://10.3.163.35/repo/rhel/ks/buildvm-fedora-32-armv7-iad2
resolvconf: "resolv.conf/iad2"
virt_install_command: "{{ virt_install_command_armv7_one_nic_unsafe }}"
ipa_server: ipa01.iad2.fedoraproject.org
gw: 10.3.170.254
dns: 10.3.163.33
datacenter: iad2

11
inventory/host_vars/buildvm-a64-16.iad2.fedoraproject.org Normal file
View file

@ -0,0 +1,11 @@
---
vmhost: bvmhost-a64-06.iad2.fedoraproject.org
eth0_ip: 10.3.170.106
ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/aarch64/os/
ks_url: http://10.3.163.35/repo/rhel/ks/buildvm-fedora-32-aarch64-iad2
resolvconf: "resolv.conf/iad2"
virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"
ipa_server: ipa01.iad2.fedoraproject.org
gw: 10.3.170.254
dns: 10.3.163.33
datacenter: iad2

11
inventory/host_vars/buildvm-a64-17.iad2.fedoraproject.org Normal file
View file

@ -0,0 +1,11 @@
---
vmhost: bvmhost-a64-06.iad2.fedoraproject.org
eth0_ip: 10.3.170.107
ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/aarch64/os/
ks_url: http://10.3.163.35/repo/rhel/ks/buildvm-fedora-32-aarch64-iad2
resolvconf: "resolv.conf/iad2"
virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"
ipa_server: ipa01.iad2.fedoraproject.org
gw: 10.3.170.254
dns: 10.3.163.33
datacenter: iad2

11
inventory/host_vars/buildvm-a64-18.iad2.fedoraproject.org Normal file
View file

@ -0,0 +1,11 @@
---
vmhost: bvmhost-a64-06.iad2.fedoraproject.org
eth0_ip: 10.3.170.108
ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/aarch64/os/
ks_url: http://10.3.163.35/repo/rhel/ks/buildvm-fedora-32-aarch64-iad2
resolvconf: "resolv.conf/iad2"
virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"
ipa_server: ipa01.iad2.fedoraproject.org
gw: 10.3.170.254
dns: 10.3.163.33
datacenter: iad2

11
inventory/host_vars/buildvm-a64-19.iad2.fedoraproject.org Normal file
View file

@ -0,0 +1,11 @@
---
vmhost: bvmhost-a64-07.iad2.fedoraproject.org
eth0_ip: 10.3.170.109
ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/aarch64/os/
ks_url: http://10.3.163.35/repo/rhel/ks/buildvm-fedora-32-aarch64-iad2
resolvconf: "resolv.conf/iad2"
virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"
ipa_server: ipa01.iad2.fedoraproject.org
gw: 10.3.170.254
dns: 10.3.163.33
datacenter: iad2

11
inventory/host_vars/buildvm-a64-20.iad2.fedoraproject.org Normal file
View file

@ -0,0 +1,11 @@
---
vmhost: bvmhost-a64-07.iad2.fedoraproject.org
eth0_ip: 10.3.170.110
ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/aarch64/os/
ks_url: http://10.3.163.35/repo/rhel/ks/buildvm-fedora-32-aarch64-iad2
resolvconf: "resolv.conf/iad2"
virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"
ipa_server: ipa01.iad2.fedoraproject.org
gw: 10.3.170.254
dns: 10.3.163.33
datacenter: iad2

11
inventory/host_vars/buildvm-a64-21.iad2.fedoraproject.org Normal file
View file

@ -0,0 +1,11 @@
---
vmhost: bvmhost-a64-07.iad2.fedoraproject.org
eth0_ip: 10.3.170.111
ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/aarch64/os/
ks_url: http://10.3.163.35/repo/rhel/ks/buildvm-fedora-32-aarch64-iad2
resolvconf: "resolv.conf/iad2"
virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"
ipa_server: ipa01.iad2.fedoraproject.org
gw: 10.3.170.254
dns: 10.3.163.33
datacenter: iad2

9
inventory/host_vars/bvmhost-a64-05.iad2.fedoraproject.org Normal file
View file

@ -0,0 +1,9 @@
---
datacenter: iad2
br0_ip: 10.3.170.15
br0_nm: 255.255.255.0
br0_gw: 10.3.170.254
br0_dev: eth1
dns: 10.3.163.33

9
inventory/host_vars/bvmhost-a64-06.iad2.fedoraproject.org Normal file
View file

@ -0,0 +1,9 @@
---
datacenter: iad2
br0_ip: 10.3.170.16
br0_nm: 255.255.255.0
br0_gw: 10.3.170.254
br0_dev: eth1
dns: 10.3.163.33

9
inventory/host_vars/bvmhost-a64-07.iad2.fedoraproject.org Normal file
View file

@ -0,0 +1,9 @@
---
datacenter: iad2
br0_ip: 10.3.170.17
br0_nm: 255.255.255.0
br0_gw: 10.3.170.254
br0_dev: eth1
dns: 10.3.163.33

10
inventory/host_vars/db-fas01.iad2.fedoraproject.org
View file

@ -46,13 +46,3 @@ shared_buffers: "2GB"
effective_cache_size: "6GB"
temp_buffers: "8MB"
max_stack_depth: "4MB"
nagios_Can_Connect: false
nagios_Check_Services:
mail: false
nrpe: false
sshd: false
swap: false
ping: false
raid: false

2
inventory/host_vars/log01.iad2.fedoraproject.org
View file

@ -20,6 +20,6 @@ lvm_size: 1048576
mem_size: 16384
num_cpus: 16
fas_client_groups: fi-apprentice,sysadmin-veteran,sysadmin-logs,sysadmin-noc,sysadmin-atomic
fas_client_groups: fi-apprentice,sysadmin-veteran,sysadmin-logs,sysadmin-noc,sysadmin-atomic,sysadmin-analysis
#host_backup_targets: ['/var/log']

2
inventory/inventory
View file

@ -1199,6 +1199,8 @@ bvmhost-a64-02.iad2.fedoraproject.org
bvmhost-a64-03.iad2.fedoraproject.org
bvmhost-a64-04.iad2.fedoraproject.org
bvmhost-a64-05.iad2.fedoraproject.org
bvmhost-a64-06.iad2.fedoraproject.org
bvmhost-a64-07.iad2.fedoraproject.org
bvmhost-p09-01.iad2.fedoraproject.org
bvmhost-p09-02.iad2.fedoraproject.org
bvmhost-x86-01.iad2.fedoraproject.org

2
playbooks/groups/logserver.yml
View file

@ -91,10 +91,8 @@
- mod_ssl
- rsync
- emacs-nox
- emacs-git
- git
- bc
- gnuplot
- htmldoc
- mod_auth_gssapi

2
playbooks/groups/openqa.yml
View file

@ -21,8 +21,6 @@
- { role: fas_client, tags: ['fas_client'] }
- { role: collectd/base, tags: ['collectd_base'] }
- { role: sudo, tags: ['sudo'] }
- { role: openvpn/client,
when: deployment_type == "prod" and datacenter == 'iad2', tags: ['openvpn_client'] }
- apache
tasks:

4
playbooks/groups/releng-compose.yml
View file

@ -119,6 +119,10 @@
when: "'releng_stg' in group_names"
- fedmsg/base
- role: rabbit/user
username: "pungi{{ env_suffix }}"
- role: releng
tags:
- releng

2
playbooks/groups/virthost.yml
View file

@ -31,7 +31,7 @@
- { role: openvpn/client, when: vpn|bool }
- virthost
- { role: clevis, when: datacenter == 'iad2'}
- { role: serial-console, when: datacenter == 'iad2'}
- { role: serial-console, when: datacenter == 'iad2' and not inventory_hostname.startswith('buildvmhost-0') }
tasks:
- import_tasks: "{{ tasks_path }}/2fa_client.yml"

1
roles/batcave/files/allows
View file

@ -156,6 +156,7 @@ require ip 8.43.85.87
# ec2 instances
require ip 13.250.126.156
require ip 13.125.120.8
require ip 18.185.136.17
#
# We put this at the end because it fails for hosts with no reverse dns

2
roles/batcave/files/rhel6-sync
View file

@ -5,7 +5,7 @@ RHEL6CACHEDIR=/var/tmp/reposync-rhel6
cd $RHEL6SYNCDIR
DNFOPTS='--download-metadata -m --setopt=module_platform_id="platform:el6" -n'
DNFOPTS='--download-metadata -m -n'
mkdir -p ${RHEL6CACHEDIR}

2
roles/batcave/files/rhel7-sync
View file

@ -5,7 +5,7 @@ SYNCDIR=/var/cache/reposync/
YUMDIR=/var/tmp/reposync-rhel7/
## Need to download the metadata and the modular data
DNFOPTS='--download-metadata -m --setopt=module_platform_id="platform:el7"'
DNFOPTS='--download-metadata -m '
# s390 isnt working yet
ARCHES="ppc64le s390x x86_64"

19
roles/clevis/tasks/main.yml
View file

@ -15,9 +15,26 @@
tags:
- clevis
- name: enable the systemd unit to wipe dracut networking
- name: enable the systemd unit to wipe dracut networking (br0)
systemd:
name: flush-dracut-network@{{ br0_dev }}
enabled: true
when: br0_dev is defined
tags:
- clevis
- name: enable the systemd unit to wipe dracut networking (eno1)
systemd:
name: flush-dracut-network@eno1
enabled: true
when: eno1_ip is defined
tags:
- clevis
- name: enable the systemd unit to wipe dracut networking (eth0)
systemd:
name: flush-dracut-network@eth0
enabled: true
when: eth0_ip is defined
tags:
- clevis

6
roles/clevis/templates/99-clevis-fix.conf
View file

@ -1,5 +1,11 @@
# DHCP for talking to tang server
{% if br0_ip is defined %}
kernel_cmdline="ip={{ br0_ip }}::{{ br0_gw }}:{{ br0_nm }}::{{ br0_dev }}:none:{{ dns }}"
{% elif eth0_ip is defined %}
kernel_cmdline="ip={{ eth0_ip }}::{{ gw }}:{{ nm }}::eth0:none:{{ dns }}"
{% elif eno1_ip is defined %}
kernel_cmdline="ip={{ eno1_ip }}::{{ gw }}:{{ nm }}::eno1:none:{{ dns }}"
{% endif %}
# Don't create /etc/sysconfig/network-scripts/ifcfg-* files during boot
omit_dracutmodules+="ifcfg"

2
roles/copr/backend/files/provision/provision_builder_tasks.yml
View file

@ -25,7 +25,7 @@
with_items:
- "@copr/copr"
when:
# - devel
- devel
- prepare_base_image is not defined
- name: clean dnf cache

2
roles/datagrepper/templates/datagrepper-app.conf
View file

@ -23,7 +23,7 @@ AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text
# Static resources for the datagrepper app.
Alias /datagrepper/static/ /usr/lib/python2.7/site-packages/datagrepper/static/
WSGIDaemonProcess datagrepper user=fedmsg group=fedmsg maximum-requests=50000 display-name=datagrepper processes=20 threads=1 inactivity-timeout=900
WSGIDaemonProcess datagrepper user=fedmsg group=fedmsg maximum-requests=50000 display-name=datagrepper processes=20 threads=5 inactivity-timeout=900
WSGISocketPrefix run/wsgi
WSGIRestrictStdout Off
WSGIRestrictSignal Off

348
roles/dhcp_server/files/dhcpd.conf.noc01.iad2.fedoraproject.org
View file

@ -595,19 +595,6 @@ host bvmhost-a64-04 {
option subnet-mask 255.255.255.0;
}
host bvmhost-a64-04-mgmt {
hardware ethernet E8:6A:64:39:19:4F ;
fixed-address 10.3.160.104;
option routers 10.3.160.254;
option subnet-mask 255.255.255.0;
}
host bhwhost-a64-02-mgmt {
hardware ethernet AA:31:8D:3E:31:6F ;
fixed-address 10.3.160.244;
option routers 10.3.160.254;
option subnet-mask 255.0.0.0;
}
host qvmhost-x86-01 {
@ -644,12 +631,6 @@ host openqa01-a64-worker01 {
option subnet-mask 255.255.255.0;
}
host centos-mgmt01 {
hardware ethernet 4c:d9:8f:bc:5a:ea;
fixed-address 10.3.160.69;
option host-name "centos01-mgmt";
}
host bvmhost-p09-01 {
hardware ethernet ac:1f:6b:59:70:ff;
fixed-address 10.3.171.15;
@ -676,3 +657,332 @@ host bvmhost-p08-01 {
option subnet-mask 255.255.255.0;
# filename "boot/grub2/powerpc-ieee1275/core.elf";
}
#
# All MGMT hosts go below here
#
# Dell FX
host dell-fx01-mgmt {
hardware ethernet f4:8e:38:c1:3f:b6;
fixed-address 10.3.160.11;
option host-name "dell-fx01";
}
host dell-fx01-fc01-mgmt {
hardware ethernet 14:9E:CF:61:9E:60;
fixed-address 10.3.160.12;
option host-name "dell-fx01-fc01";
}
host dell-fx01-fc02-mgmt {
hardware ethernet 14:9E:CF:61:9F:30;
fixed-address 10.3.160.13;
option host-name "dell-fx01-fc02";
}
host dell-fx01-fc03-mgmt {
hardware ethernet 14:9E:CF:61:A4:E9;
fixed-address 10.3.160.14;
option host-name "dell-fx01-fc03";
}
host dell-fx01-fc04-mgmt {
hardware ethernet 14:9E:CF:61:A4:EA;
fixed-address 10.3.160.15;
option host-name "dell-fx01-fc04";
}
host dell-fx01-fc05-mgmt {
hardware ethernet 14:9E:CF:61:9E:7A;
fixed-address 10.3.160.16;
option host-name "dell-fx01-fc05";
}
host dell-fx01-fc06-mgmt {
hardware ethernet 14:9E:CF:61:A0:9E;
fixed-address 10.3.160.17;
option host-name "dell-fx01-fc06";
}
host dell-fx01-fc07-mgmt {
hardware ethernet 14:9E:CF:61:A6:57;
fixed-address 10.3.160.18;
option host-name "dell-fx01-fc07";
}
host dell-fx01-fc08-mgmt {
hardware ethernet 14:9E:CF:61:A6:58;
fixed-address 10.3.160.19;
option host-name "dell-fx01-08";
}
host dell-fx02-mgmt {
hardware ethernet f4:8e:38:c1:48:c6;
fixed-address 10.3.160.20;
option host-name "dell-fx02";
}
host dell-fx02-fc01-mgmt {
hardware ethernet F8:CA:B8:F7:26:E0;
fixed-address 10.3.160.21;
option host-name "dell-fx02-fc01";
}
host dell-fx02-fc02-mgmt {
hardware ethernet F8:CA:B8:F7:27:B0;
fixed-address 10.3.160.22;
option host-name "dell-fx02-fc02";
}
host dell-fx02-fc03-mgmt {
hardware ethernet F8:CA:B8:F7:2D:69;
fixed-address 10.3.160.23;
option host-name "dell-fx02-fc03";
}
host dell-fx02-fc04-mgmt {
hardware ethernet F8:CA:B8:F7:2D:6A;
fixed-address 10.3.160.24;
option host-name "dell-fx02-fc04";
}
host dell-fx02-fc05-mgmt {
hardware ethernet F8:CA:B8:F7:26:FA;
fixed-address 10.3.160.25;
option host-name "dell-fx02-fc05";
}
host dell-fx02-fc06-mgmt {
hardware ethernet F8:CA:B8:F7:29:1E;
fixed-address 10.3.160.26;
option host-name "dell-fx02-fc06";
}
host dell-fx02-fc07-mgmt {
hardware ethernet F8:CA:B8:F7:2E:D7;
fixed-address 10.3.160.27;
option host-name "dell-fx02-fc07";
}
host dell-fx02-fc08-mgmt {
hardware ethernet F8:CA:B8:F7:2E:D8;
fixed-address 10.3.160.28;
option host-name "dell-fx02-08";
}
host cavium01-mgmt {
hardware ethernet e0:d5:5e:ae:59:8d;
fixed-address 10.3.160.29;
option host-name "cavium01";
}
host cavium02-mgmt {
hardware ethernet e0:d5:5e:ae:53:e1;
fixed-address 10.3.160.30;
option host-name "cavium02";
}
host bvmhost-p08-03-mgmt {
hardware ethernet 40:F2:E9:A5:47:60;
fixed-address 10.3.160.121;
option host-name "bvmhost-p08-03";
}
host bvmhost-p08-04-mgmt {
hardware ethernet 98:BE:94:4B:96:10;
fixed-address 10.3.160.122;
option host-name "bvmhost-p08-04";
}
host bvmhost-p08-05-mgmt {
hardware ethernet 98:BE:94:4B:94:C4;
fixed-address 10.3.160.123;
option host-name "bvmhost-p08-05";
}
host bvmhost-p09-03-mgmt {
hardware ethernet ac:1f:6b:5c:03:9d;
fixed-address 10.3.160.128;
option host-name "bvmhost-p09-03";
}
host bvmhost-p09-04-mgmt {
hardware ethernet ac:1f:6b:5c:03:94;
fixed-address 10.3.160.129;
option host-name "bvmhost-p09-04";
}
host bvmhost-a64-04-mgmt {
hardware ethernet E8:6A:64:39:19:4F ;
fixed-address 10.3.160.104;
option routers 10.3.160.254;
}
host bvmhost-a64-05-mgmt {
hardware ethernet E8:6A:64:39:19:68;
fixed-address 10.3.160.105;
option host-name "bvmhost-aarch64-05";
}
host bvmhost-a64-06-mgmt {
hardware ethernet E8:6A:64:39:18:60;
fixed-address 10.3.160.106;
option host-name "bvmhost-aarch64-06";
}
host bvmhost-a64-07-mgmt {
hardware ethernet E8:6A:64:39:19:35;
fixed-address 10.3.160.107;
option host-name "bvmhost-aarch64-07";
}
host openqa-a64-02-mgmt {
hardware ethernet E8:6A:64:97:6B:41;
fixed-address 10.3.160.142;
option host-name "openqa-aarch64-01";
}
host openqa-a64-03-mgmt {
hardware ethernet E8:6A:64:97:6B:7A;
fixed-address 10.3.160.143;
option host-name "openqa-aarch64-03";
}
host buildvmhost-a64-osbs01-mgmt {
hardware ethernet E8:6A:64:39:18:B3;
fixed-address 10.3.160.120;
option host-name "bvmhost-a64-osbs01-01";
}
host bhwhost-a64-02-mgmt {
hardware ethernet AA:31:8D:3E:31:6F ;
fixed-address 10.3.160.244;
option routers 10.3.160.254;
option subnet-mask 255.255.255.0;
}
host centos-mgmt01 {
hardware ethernet 4c:d9:8f:bc:5a:ea;
fixed-address 10.3.160.69;
option host-name "centos01-mgmt";
}
host svault02-mgmt {
hardware ethernet D0:94:66:45:87:C5;
fixed-address 10.3.160.133;
option host-name "sign-vault02";
}
host dell-630-01-mgmt {
hardware ethernet 58:8A:5A:F3:9C:56;
fixed-address 10.3.160.31;
option host-name "bvirthost14";
}
host bkernel01-mgmt {
hardware ethernet D0:94:66:45:8C:13;
fixed-address 10.3.160.156;
option host-name "bkernel01";
}
host bkernel02-mgmt {
hardware ethernet D0:94:66:45:8C:0F;
fixed-address 10.3.160.157;
option host-name "bkernel02";
}
host opengear01 {
hardware ethernet 00:13:C6:01:00:85;
fixed-address 10.3.160.31;
option host-name "opengear01-mgmt";
}
host opengear02 {
hardware ethernet 00:13:C6:01:5C:FF;
fixed-address 10.3.160.32;
option host-name "opengear02-mgmt";
}
host dell-r6x0-01-mgmt {
hardware ethernet 64:00:6A:C4:8A:BE;
fixed-address 10.3.160.33;
option host-name "vmhost02-stg-mgmt";
}
host dell-r6x0-02-mgmt {
hardware ethernet 64:00:6A:C1:DC:82;
fixed-address 10.3.160.34;
option host-name "bvmhost01-stg-mgmt";
}
host dell-r6x0-03-mgmt {
hardware ethernet 64:00:6A:C1:EF:F0;
fixed-address 10.3.160.35;
option host-name "bvmhost01-mgmt";
}
host dell-r6x0-04-mgmt {
hardware ethernet 84:7b:eb:f3:62:32;
fixed-address 10.3.160.36;
option host-name "virthost06";
}
host dell-r6x0-05-mgmt {
hardware ethernet 84:7B:EB:F3:BC:7A;
fixed-address 10.3.160.37;
option host-name "bvirthost04";
}
host dell-r6x0-06-mgmt {
hardware ethernet 10:7D:1A:FF:5A:B6;
fixed-address 10.3.160.38;
option host-name "bvirthost05";
}
host dell-r6x0-07-mgmt {
hardware ethernet D0:94:66:44:CE:44;
fixed-address 10.3.160.39;
option host-name "vmhost01";
}
host dell-r6x0-08-mgmt {
hardware ethernet 58:8A:5A:F3:9E:BC ;
fixed-address 10.3.160.40;
option host-name "virthost14";
}
host dell-r6x0-09-mgmt {
hardware ethernet 58:8A:5A:EE:EF:F0;
fixed-address 10.3.160.41;
option host-name "virthost12";
}
host dell-r6x0-10-mgmt {
hardware ethernet 74:E6:E2:FD:78:54 ;
fixed-address 10.3.160.42;
option host-name "virthost19";
}
host dell-r6x0-11-mgmt {
hardware ethernet 74:E6:E2:FD:6A:5A;
fixed-address 10.3.160.43;
option host-name "virthost20";
}
host dell-r6x0-12-mgmt {
hardware ethernet 74:E6:E2:FD:76:DE;
fixed-address 10.3.160.44;
option host-name "virthost21";
}
host dell-r6x0-13-mgmt {
hardware ethernet 74:e6:e2:fd:76:ba;
fixed-address 10.3.160.45;
option host-name "virthost22";
}
host dell-r6x0-14-mgmt {
hardware ethernet 5c:f3:fc:53:db:fd;
fixed-address 10.3.160.46;
option host-name "virthost-comm01-mgmt";
}
host dell-r6x0-15-mgmt {
hardware ethernet 4c:d9:8f:04:64:5e;
fixed-address 10.3.160.47;
option host-name "vmhost01-mgmt";
}
host dell-r6x0-16-mgmt {
hardware ethernet 58:8A:5A:EE:F2:0E;
fixed-address 10.3.160.48;
option host-name "vmhost01-stg-mgmt";
}
host dell-r6x0-17-mgmt {
hardware ethernet 58:8A:5A:EE:F0:02;
fixed-address 10.3.160.49;
option host-name "bvirthost12";
}
host dell-r6x0-18-mgmt {
hardware ethernet 58:8A:5A:EE:F0:72;
fixed-address 10.3.160.50;
option host-name "bvirthost13";
}
host dell-r6x0-19-mgmt {
hardware ethernet 58:8A:5A:F3:A1:CE;
fixed-address 10.3.160.51;
option host-name "bvirthost15";
}
host dell-r6x0-20-mgmt {
hardware ethernet 4c:d9:8f:03:95:28;
fixed-address 10.3.160.52;
option host-name "qa01-mgmt";
}
host dell-r6x0-21 {
hardware ethernet 4c:d9:8f:04:3d:1c;
fixed-address 10.3.160.53;
option host-name "qa02-mgmt";
}

965
roles/dhcp_server/files/dhcpd.conf.noc01.phx2.fedoraproject.org
View file

File diff suppressed because it is too large Load diff

2
roles/hosts/files/pagure01.fedoraproject.org-hosts
View file

@ -1,3 +1,3 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
127.0.0.1 pagure.io
127.0.0.1 pagure.io db-pagure

3
roles/hosts/files/proxy01.iad2.fedoraproject.org-hosts
View file

@ -1,5 +1,2 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.93 oci-candidate-registry01
192.168.1.168 oci-registry01
192.168.1.169 oci-registry02

3
roles/hosts/files/proxy10.iad2.fedoraproject.org-hosts
View file

@ -1,5 +1,2 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.93 oci-candidate-registry01
192.168.1.168 oci-registry01
192.168.1.169 oci-registry02

3
roles/hosts/files/proxy101.iad2.fedoraproject.org-hosts
View file

@ -1,5 +1,2 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.93 oci-candidate-registry01
192.168.1.168 oci-registry01
192.168.1.169 oci-registry02

3
roles/hosts/files/proxy110.iad2.fedoraproject.org-hosts
View file

@ -1,5 +1,2 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.93 oci-candidate-registry01
192.168.1.168 oci-registry01
192.168.1.169 oci-registry02

7
roles/httpd/proxy/templates/00-namevirtualhost.conf
View file

@ -88,7 +88,6 @@ NameVirtualHost [2406:da18:39f:a01:a89d:5e25:1aab:8a52]:80
NameVirtualHost [2406:da18:39f:a01:a89d:5e25:1aab:8a52]:443
# proxy31
NameVirtualHost 13.125.120.8:80
NameVirtualHost 13.125.120.8:443
NameVirtualHost [2406:da12:0:c10:92a3:5a6e:221b:f9eb]:80
NameVirtualHost [2406:da12:0:c10:92a3:5a6e:221b:f9eb]:443
NameVirtualHost 18.185.136.17:80
NameVirtualHost 18.185.136.17:443

14
roles/httpd/website/tasks/main.yml
View file

@ -59,6 +59,20 @@
- httpd/website
- robots
- name: Create /srv/web
file: >
dest=/srv/web
state=directory
owner=root
group=root
mode=0755
notify:
- reload proxyhttpd
tags:
- httpd
- httpd/website
- robots
- name: And lastly, the robots.txt file
template: >
src={{item}}

4
roles/mediawiki/templates/LocalSettings.php.fp.j2
View file

@ -398,6 +398,10 @@ $wgSquidServersNoPurge = array(
"192.168.1.191",
"2406:da12:0:c10:92a3:5a6e:221b:f9eb",
# proxy32
"18.185.136.17",
"192.168.1.192",
{% endif %}
);
# This setting is used to send PURGE requests to varnish on reverse proxies upon page changes

2
roles/mirrormanager/mirrorlist_proxy/tasks/main.yml
View file

@ -226,7 +226,7 @@
command: "rsync -az --delete-delay --delay-updates --delete /var/lib/mirrormanager/mirrorlist_cache.proto /usr/share/mirrormanager2/country_continent.csv /var/lib/mirrormanager/global_netblocks.txt /var/lib/mirrormanager/i2_netblocks.txt {{ inventory_hostname }}:/srv/mirrorlist/data/mirrorlist1/"
become: yes
become_user: mirrormanager
delegate_to: "mm-backend01.{{ datacenter }}.fedoraproject.org"
delegate_to: "mm-backend01.iad2.fedoraproject.org"
when: env == "production" and not mirrorlist_cache_status.stat.exists
tags:
- mirrorlist_proxy

55
roles/nagios_server/files/nagios/services/iad2_internal/basset.cfg
View file

@ -1,27 +1,28 @@
define service {
hostgroup_name basset
service_description mongo process
check_command check_by_nrpe!check_mongo_proc
use defaulttemplate
}
define service {
hostgroup_name basset
service_description rabbitmq process
check_command check_by_nrpe!check_rabbitmq_proc
use defaulttemplate
}
define service {
hostgroup_name basset
service_description basset worker processes
check_command check_by_nrpe!check_worker_proc
use defaulttemplate
}
define service {
hostgroup_name basset
service_description basset processing queue
check_command check_by_nrpe!check_basset_queue
use defaulttemplate
}
# TODO: uncomment after moving to iad2
#define service {
# hostgroup_name basset
# service_description mongo process
# check_command check_by_nrpe!check_mongo_proc
# use defaulttemplate
#}
#
#define service {
# hostgroup_name basset
# service_description rabbitmq process
# check_command check_by_nrpe!check_rabbitmq_proc
# use defaulttemplate
#}
#
#define service {
# hostgroup_name basset
# service_description basset worker processes
# check_command check_by_nrpe!check_worker_proc
# use defaulttemplate
#}
#
#define service {
# hostgroup_name basset
# service_description basset processing queue
# check_command check_by_nrpe!check_basset_queue
# use defaulttemplate
#}

38
roles/nagios_server/files/nagios/services/iad2_internal/disk.cfg
View file

@ -12,12 +12,13 @@ define service {
use disktemplate
}
define service {
hostgroup_name qahardware
service_description Disk Space /srv
check_command check_by_nrpe!check_disk_/srv
use disktemplate
}
# TODO: uncomment when qahardware is back online
#define service {
# hostgroup_name qahardware
# service_description Disk Space /srv
# check_command check_by_nrpe!check_disk_/srv
# use disktemplate
#}
define service {
host_name log01.iad2.fedoraproject.org
@ -47,19 +48,20 @@ define service {
use ppc-secondarytemplate
}
define service {
hostgroup_name retrace
service_description Disk space /
check_command check_by_nrpe!check_disk_/
use retracetemplate
}
# TODO: Uncomment this and the one below when retrace is back in iad2
#define service {
# hostgroup_name retrace
# service_description Disk space /
# check_command check_by_nrpe!check_disk_/
# use retracetemplate
#}
define service {
hostgroup_name retrace
service_description Disk Space for huge /srv
check_command check_by_nrpe!check_disk_huge_/srv
use disktemplate
}
#define service {
# hostgroup_name retrace
# service_description Disk Space for huge /srv
# check_command check_by_nrpe!check_disk_huge_/srv
# use disktemplate
#}
define service {
hostgroup_name people

55
roles/nagios_server/files/nagios/services/iad2_internal/fedmsg.cfg
View file

@ -80,12 +80,14 @@ define service {
use defaulttemplate
}
define service {
host_name packages03.iad2.fedoraproject.org
service_description Check for fedmsg-hub proc
check_command check_by_nrpe!check_fedmsg_hub_proc
use defaulttemplate
}
# TODO: Uncomment this if it comes back in iad
#define service {
# host_name packages03.iad2.fedoraproject.org
# service_description Check for fedmsg-hub proc
# check_command check_by_nrpe!check_fedmsg_hub_proc
# use defaulttemplate
#}
define service {
host_name pdc-backend01.iad2.fedoraproject.org
service_description Check for fedmsg-hub proc
@ -310,12 +312,14 @@ define service {
use defaulttemplate
}
define service {
host_name packages03.iad2.fedoraproject.org
service_description Check fedmsg consumers and producers hub
check_command check_by_nrpe!check_fedmsg_cp_packages_backend
use defaulttemplate
}
# TODO: Uncomment this if it comes back in iad
#define service {
# host_name packages03.iad2.fedoraproject.org
# service_description Check fedmsg consumers and producers hub
# check_command check_by_nrpe!check_fedmsg_cp_packages_backend
# use defaulttemplate
#}
define service {
host_name pdc-backend01.iad2.fedoraproject.org
service_description Check fedmsg consumers and producers hub
@ -387,12 +391,14 @@ define service {
use defaulttemplate
}
define service {
host_name packages03.iad2.fedoraproject.org
service_description Check fedmsg-hub consumers exceptions
check_command check_by_nrpe!check_fedmsg_cexceptions_packages_backend
use defaulttemplate
}
# TODO: Uncomment this if it comes back in iad
#define service {
# host_name packages03.iad2.fedoraproject.org
# service_description Check fedmsg-hub consumers exceptions
# check_command check_by_nrpe!check_fedmsg_cexceptions_packages_backend
# use defaulttemplate
#}
define service {
host_name pdc-backend01.iad2.fedoraproject.org
service_description Check fedmsg-hub consumers exceptions
@ -465,12 +471,13 @@ define service {
use defaulttemplate
}
define service {
host_name packages03.iad2.fedoraproject.org
service_description Check fedmsg-hub consumers backlog
check_command check_by_nrpe!check_fedmsg_cbacklog_packages_backend
use defaulttemplate
}
# TODO: Uncomment this if it comes back in iad
#define service {
# host_name packages03.iad2.fedoraproject.org
# service_description Check fedmsg-hub consumers backlog
# check_command check_by_nrpe!check_fedmsg_cbacklog_packages_backend
# use defaulttemplate
#}
define service {
host_name pdc-backend01.iad2.fedoraproject.org

9
roles/nagios_server/files/nagios/services/iad2_internal/locking.cfg
View file

@ -1,13 +1,6 @@
define service {
host_name rawhide-composer.iad2.fedoraproject.org, koji01.iad2.fedoraproject.org
host_name koji01.iad2.fedoraproject.org
service_description Check NFS File Locks
check_command check_by_nrpe!check_lock
use criticaltemplate
}
define service {
host_name fas01.iad2.fedoraproject.org
service_description Check certificate lock
check_command check_by_nrpe!check_lock_file_age
use defaulttemplate
}

13
roles/nagios_server/files/nagios/services/procs.cfg
View file

@ -34,12 +34,13 @@ define service {
use defaulttemplate
}
define service {
hostgroup retrace
service_description Total Processes
check_command check_by_nrpe!check_total_procs
use retracetemplate
}
# TODO: uncomment when retrace is moved
#define service {
# hostgroup retrace
# service_description Total Processes
# check_command check_by_nrpe!check_total_procs
# use retracetemplate
#}
define service {

13
roles/nagios_server/files/nagios/services/raid.cfg
View file

@ -1,10 +1,11 @@
# Special-case this so it can use retracetemplate.
define service {
hostgroup_name retrace
service_description Check_Raid
check_command check_by_nrpe!check_raid
use retracetemplate
}
# TODO: uncomment when retrace is moved
#define service {
# hostgroup_name retrace
# service_description Check_Raid
# check_command check_by_nrpe!check_raid
# use retracetemplate
#}
# Everything else uses this group.
define service {

13
roles/nagios_server/files/nagios/services/ssh.cfg
View file

@ -28,9 +28,10 @@ define service {
# use autoqatemplate
#}
define service {
hostgroup_name retrace
service_description SSH-retrace
check_command check_ssh
use retracetemplate
}
# TODO: uncomment once retrace exists again
#define service {
# hostgroup_name retrace
# service_description SSH-retrace
# check_command check_ssh
# use retracetemplate
#}

13
roles/nagios_server/files/nagios/services/swap.cfg
View file

@ -5,9 +5,10 @@ define service {
use criticaltemplate
}
define service {
hostgroup retrace
service_description Swap
check_command check_by_nrpe!check_swap
use retracetemplate
}
# TODO: uncomment once retrace exists again
#define service {
# hostgroup retrace
# service_description Swap
# check_command check_by_nrpe!check_swap
# use retracetemplate
#}

12
roles/nagios_server/templates/nagios/hostgroups/all.cfg.j2
View file

@ -44,9 +44,11 @@ define hostgroup{
##
## Management hardware
define hostgroup {
hostgroup_name phx2_mgmt_systems
alias phx2_mgmt_systems
members {% for host in vars['phx2_management_hosts']|sort %}{{host}}{% if not loop.last %},{% endif %} {% endfor %}
#define hostgroup {
# hostgroup_name phx2_mgmt_systems
# alias phx2_mgmt_systems
# members {% for host in vars['phx2_management_hosts']|sort %}{{host}}{% if not loop.last %},{% endif %} {% endfor %}
#
#}
}
# TODO: Add iad2 mgmt here

5
roles/nagios_server/templates/nagios/hostgroups/vpnclients.cfg.j2
View file

@ -3,6 +3,7 @@
define hostgroup {
hostgroup_name vpnclients
alias vpnclients
members !bastion02.iad2.fedoraproject.org, {% for host in groups['all']|sort %}{% if ( hostvars[host].vpn == true ) and ( hostvars[host].nagios_Can_Connect == true ) %}{{host}},{% endif %} {% endfor %}
members {% for host in groups['all']|sort %}{% if ( hostvars[host].vpn == true ) and ( hostvars[host].nagios_Can_Connect == true ) %}{{host}},{% endif %} {% endfor %}
}
# TODO: Add !bastion02.iad2.fedoraproject.org above when it exists.

8
roles/openshift-apps/bodhi/templates/buildconfig.yml
View file

@ -19,14 +19,6 @@ items:
# While dnf has a --nodocs, it doesen't have a --docs...
RUN sed -i '/nodocs/d' /etc/dnf/dnf.conf
RUN dnf install -y bodhi-server-{{bodhi_version}} bodhi-docs-{{bodhi_version}} python3-pyramid_sawing python3-gunicorn
RUN curl -o /usr/lib/python3.8/site-packages/bodhi/server/models.py https://raw.githubusercontent.com/cverna/bodhi/fix_editing_updates/bodhi/server/models.py &&\
curl -o /usr/lib/python3.8/site-packages/bodhi/server/tasks/__init__.py https://raw.githubusercontent.com/cverna/bodhi/fix_editing_updates/bodhi/server/tasks/__init__.py &&\
curl -o /usr/lib/python3.8/site-packages/bodhi/server/util.py https://raw.githubusercontent.com/cverna/bodhi/fix_editing_updates/bodhi/server/util.py &&\
curl -o /usr/lib/python3.8/site-packages/bodhi/server/tasks/updates.py https://raw.githubusercontent.com/cverna/bodhi/fix_editing_updates/bodhi/server/tasks/updates.py &&\
curl -o /usr/lib/python3.8/site-packages/bodhi/server/tasks/tag_update_builds.py https://raw.githubusercontent.com/cverna/bodhi/fix_editing_updates/bodhi/server/tasks/tag_update_builds.py &&\
curl -o /usr/lib/python3.8/site-packages/bodhi/server/tasks/handle_side_and_related_tags.py https://raw.githubusercontent.com/cverna/bodhi/fix_editing_updates/bodhi/server/tasks/handle_side_and_related_tags.py &&\
curl -o /usr/lib/python3.8/site-packages/bodhi/server/tasks/approve_testing.py https://raw.githubusercontent.com/cverna/bodhi/fix_editing_updates/bodhi/server/tasks/approve_testing.py &&\
curl -o /usr/lib/python3.8/site-packages/bodhi/server/services/updates.py https://raw.githubusercontent.com/cverna/bodhi/fix_editing_updates/bodhi/server/services/updates.py
# Set up krb5
RUN rm -f /etc/krb5.conf && \

5
roles/pagure/frontend/files/hotfix/d3/d3.v3.min.js vendored Normal file
View file

File diff suppressed because one or more lines are too long

29
roles/pagure/frontend/tasks/main.yml
View file

@ -596,3 +596,32 @@
tags:
- pagure
- letsencrypt
- name: Hotfix missing JS lib -- find out where the file should be
shell:
cmd: rpm -ql pagure | grep 'pagure/static/vendor$' | head -n 1
warn: no # package, dnf, yum can't do this
register: pagure_hotfix_vendorlibpath
changed_when: False
failed_when: pagure_hotfix_vendorlibpath.rc != 0
tags:
- pagure
- hotfix
- name: Hotfix missing JS lib -- ensure directory exists
file:
path: "{{ pagure_hotfix_vendorlibpath.stdout }}/d3"
state: directory
mode: u+rwx,g+rx,o+rx-w
tags:
- pagure
- hotfix
- name: Hotfix missing JS lib -- ensure file exists
copy:
force: no # don't overwrite packaged files
src: hotfix/d3/d3.v3.min.js
dest: "{{ pagure_hotfix_vendorlibpath.stdout }}/d3/d3.v3.min.js"
tags:
- pagure
- hotfix

11
roles/postgresql_server/tasks/main.yml
View file

@ -102,15 +102,6 @@
- config
- postgresql
- name: postgresql recover.conf template (standby only)
template: dest=/var/lib/pgsql/data/recovery.conf src=recovery.conf
when: inventory_hostname.startswith('db-koji01.iad2')
notify:
- restart postgresql
tags:
- config
- postgresql
- name: Ensure postgres has a place to backup to
file: dest=/backups state=directory owner=postgres
tags:
@ -203,7 +194,7 @@
copy: >
src=datagrepper_sar.py
dest=/usr/local/bin/datagrepper_sar.py mode=0700
when: inventory_hostname.startswith(('db-datanommer02', 'pgbdr01.stg'))
when: inventory_hostname.startswith('db-datanommer01')
tags:
- postgresql
- SAR

19
roles/releng/templates/fedora-messaging.toml.j2
View file

@ -16,22 +16,3 @@ certfile = "/etc/pki/fedora-messaging/rabbitmq-pungi.crt"
[client_properties]
app = "pungi"
[qos]
prefetch_size = 0
prefetch_count = 25
[log_config]
version = 1
disable_existing_loggers = true
[log_config.formatters.simple]
format = "%(asctime)s [%(name)s %(levelname)s] %(message)s"
datefmt = "%Y-%m-%d %H:%M:%S"
[log_config.handlers.console]
class = "logging.StreamHandler"
formatter = "simple"
stream = "ext://sys.stdout"
[log_config.loggers.fedora_messaging]
level = "INFO"
propagate = false
handlers = ["console"]

6
roles/robosignatory/templates/robosignatory.toml.j2
View file

@ -504,7 +504,11 @@ handlers = ["console"]
[consumer_config.coreos]
bucket = "fcos-builds"
key = "{{ (env == 'production')|ternary('fedora-32', 'testkey') }}"
{% if env == "staging" %}
# Set key to 'testkey' because in staging we only have one key and
# detecting which key to use based on FCOS version numbers won't work.
key = "testkey"
{% endif %}
[consumer_config.coreos.aws]
access_key = "{{ fcos_builds_releng_aws_access_id }}"