diff --git a/files/httpd/newvirtualhost.conf.j2 b/files/httpd/newvirtualhost.conf.j2
new file mode 100644
index 0000000000..11fddcc60d
--- /dev/null
+++ b/files/httpd/newvirtualhost.conf.j2
@@ -0,0 +1,75 @@
+
+ # Change this to the domain which points to your host.
+ ServerName {{ item.name }}
+
+ # Use separate log files for the SSL virtual host; note that LogLevel
+ # is not inherited from httpd.conf.
+ ErrorLog logs/{{ item.name }}_error_log
+ TransferLog logs/{{ item.name }}_access_log
+ LogLevel warn
+
+ # SSL Engine Switch:
+ # Enable/Disable SSL for this virtual host.
+ SSLEngine on
+
+ # SSL Protocol support:
+ # List the enable protocol levels with which clients will be able to
+ # connect. Disable SSLv2 access by default:
+ SSLProtocol all -SSLv2
+
+ # SSL Cipher Suite:
+ # List the ciphers that the client is permitted to negotiate.
+ # See the mod_ssl documentation for a complete list.
+ #SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
+ SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
+
+ # Server Certificate:
+ # Point SSLCertificateFile at a PEM encoded certificate. If
+ # the certificate is encrypted, then you will be prompted for a
+ # pass phrase. Note that a kill -HUP will prompt again. A new
+ # certificate can be generated using the genkey(1) command.
+ SSLCertificateFile /etc/pki/tls/certs/{{ sslcertfile }}
+
+ # Server Private Key:
+ # If the key is not combined with the certificate, use this
+ # directive to point at the key file. Keep in mind that if
+ # you've both a RSA and a DSA private key you can configure
+ # both in parallel (to also allow the use of DSA ciphers, etc.)
+ SSLCertificateKeyFile /etc/pki/tls/private/{{ sslkeyfile }}
+
+ # Server Certificate Chain:
+ # Point SSLCertificateChainFile at a file containing the
+ # concatenation of PEM encoded CA certificates which form the
+ # certificate chain for the server certificate. Alternatively
+ # the referenced file can be the same as SSLCertificateFile
+ # when the CA certificates are directly appended to the server
+ # certificate for convinience.
+ #SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
+ {% if sslintermediatecertfile is defined %}
+ SSLCertificateChainFile /etc/pki/tls/certs/{{ sslintermediatecertfile }}
+ {% endif %}
+
+ # Certificate Authority (CA):
+ # Set the CA certificate verification path where to find CA
+ # certificates for client authentication or alternatively one
+ # huge file containing all of them (file must be PEM encoded)
+ #SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
+
+ DocumentRoot {{ item.document_root }}
+
+ Options Indexes FollowSymLinks
+
+
+
+
+
+ # Change this to the domain which points to your host.
+ ServerName {{ item.name }}
+ {% if sslonly %}
+ RewriteEngine On
+ RewriteCond %{HTTPS} off
+ RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [NE]
+ {% else %}
+ Options Indexes FollowSymLinks
+ {% endif %}
+
diff --git a/inventory/group_vars/buildaarch64 b/inventory/group_vars/buildaarch64
index 8705cac1e9..c87ba0b0b1 100644
--- a/inventory/group_vars/buildaarch64
+++ b/inventory/group_vars/buildaarch64
@@ -1,6 +1,6 @@
---
host_group: kojibuilder
-fas_client_groups: sysadmin-releng
+fas_client_groups: sysadmin-releng,sysadmin-secondary
sudoers: "{{ private }}/files/sudo/buildaarch64-sudoers"
koji_server_url: "http://arm.koji.fedoraproject.org/kojihub"
diff --git a/inventory/group_vars/buildppc64 b/inventory/group_vars/buildppc64
index 2a69cb003e..5861afe8c5 100644
--- a/inventory/group_vars/buildppc64
+++ b/inventory/group_vars/buildppc64
@@ -1,6 +1,6 @@
---
host_group: kojibuilder
-fas_client_groups: sysadmin-releng
+fas_client_groups: sysadmin-releng,sysadmin-secondary
#sudoers: "{{ private }}/files/sudo/buildppc64-sudoers"
koji_server_url: "http://ppc.koji.fedoraproject.org/kojihub"
diff --git a/inventory/group_vars/qadevel-stg b/inventory/group_vars/qadevel-stg
index fa67d354a3..83107ae046 100644
--- a/inventory/group_vars/qadevel-stg
+++ b/inventory/group_vars/qadevel-stg
@@ -75,4 +75,10 @@ buildslave_name: 'qadevel-stg'
deployment_type: qadevel-stg
tcp_ports: [ 80, 222, 443, "{{ buildslave_port }}", 3306 ]
+# static sites
+static_sites:
+ - name: docs.{{ external_hostname }}
+ document_root: /var/www/docs
+sslonly: false
+
freezes: false
diff --git a/inventory/group_vars/sundries b/inventory/group_vars/sundries
index 414df5e62b..6f294078ef 100644
--- a/inventory/group_vars/sundries
+++ b/inventory/group_vars/sundries
@@ -18,3 +18,5 @@ rsync_group: sundries
nrpe_procs_warn: 300
nrpe_procs_crit: 500
+
+sudoers: "{{ private }}/files/sudo/sundries-sudoers"
diff --git a/inventory/group_vars/sundries-stg b/inventory/group_vars/sundries-stg
index 414df5e62b..6f294078ef 100644
--- a/inventory/group_vars/sundries-stg
+++ b/inventory/group_vars/sundries-stg
@@ -18,3 +18,5 @@ rsync_group: sundries
nrpe_procs_warn: 300
nrpe_procs_crit: 500
+
+sudoers: "{{ private }}/files/sudo/sundries-sudoers"
diff --git a/inventory/host_vars/darkserver-dev.cloud.fedoraproject.org b/inventory/host_vars/darkserver-dev.cloud.fedoraproject.org
deleted file mode 100644
index 65c26f1421..0000000000
--- a/inventory/host_vars/darkserver-dev.cloud.fedoraproject.org
+++ /dev/null
@@ -1,16 +0,0 @@
-# 2cpus, 3GB of ram 20GB of ephemeral space
-instance_type: m1.large
-# image id
-image: "{{ el6_qcow_id }}"
-keypair: fedora-admin-20130801
-# what security group to add the host to
-security_group: webserver
-zone: fedoracloud
-# instance id will be appended
-hostbase: darkserver-dev-
-# ip should be in the 209.132.184.XXX range
-public_ip: 209.132.184.148
-# users/groups who should have root ssh access
-root_auth_users: kushal @sysadmin-main sayanchowdhury
-description: darkserver dev server
-freezes: false
diff --git a/inventory/host_vars/darkserver-dev.fedorainfracloud.org b/inventory/host_vars/darkserver-dev.fedorainfracloud.org
new file mode 100644
index 0000000000..cad5fcbe6b
--- /dev/null
+++ b/inventory/host_vars/darkserver-dev.fedorainfracloud.org
@@ -0,0 +1,18 @@
+---
+image: rhel7-20141015
+instance_type: m1.large
+keypair: fedora-admin-20130801
+security_group: ssh-anywhere-persistent,web-80-anywhere-persistent,default
+zone: nova
+tcp_ports: [22, 80, 443]
+
+inventory_tenant: persistent
+inventory_instance_name: darkserver-dev
+hostbase: darkserver-dev
+public_ip: 209.132.184.171
+root_auth_users: kushal
+description: darkserver development instance
+
+cloud_networks:
+ # persistent-net
+ - net-id: "67b77354-39a4-43de-b007-bb813ac5c35f"
diff --git a/inventory/inventory b/inventory/inventory
index bc9e63b8eb..15b08dafbc 100644
--- a/inventory/inventory
+++ b/inventory/inventory
@@ -805,8 +805,6 @@ fed-cloud15.cloud.fedoraproject.org
[persistent-cloud]
#shogun-ca.cloud.fedoraproject.org (oldcloud)
209.132.184.157
-# darkserver-dev (oldcloud)
-darkserver-dev.cloud.fedoraproject.org
# DevPi test instance - ticket 4524 (oldcloud)
209.132.184.166
#
@@ -835,6 +833,8 @@ fas2-dev.fedorainfracloud.org
fas3-dev.fedorainfracloud.org
# faitout
faitout.fedorainfracloud.org
+# darkserver development instance
+darkserver-dev.fedorainfracloud.org
[jenkins-slaves]
# EL-6 builder
diff --git a/master.yml b/master.yml
index c48e15bbb6..337d2299a6 100644
--- a/master.yml
+++ b/master.yml
@@ -110,7 +110,7 @@
- include: /srv/web/infra/ansible/playbooks/hosts/artboard.fedorainfracloud.org.yml
- include: /srv/web/infra/ansible/playbooks/hosts/cloud-noc01.cloud.fedoraproject.org.yml
-- include: /srv/web/infra/ansible/playbooks/hosts/darkserver-dev.cloud.fedoraproject.org.yml
+- include: /srv/web/infra/ansible/playbooks/hosts/darkserver-dev.fedorainfracloud.org.yml
- include: /srv/web/infra/ansible/playbooks/hosts/devpi.cloud.fedoraproject.org.yml
- include: /srv/web/infra/ansible/playbooks/hosts/dopr-dev.cloud.fedoraproject.org.yml
- include: /srv/web/infra/ansible/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml
diff --git a/playbooks/groups/qadevel-stg.yml b/playbooks/groups/qadevel-stg.yml
index b1e15159c2..b24c01a204 100644
--- a/playbooks/groups/qadevel-stg.yml
+++ b/playbooks/groups/qadevel-stg.yml
@@ -52,6 +52,7 @@
- name: configure phabricator
hosts: qadevel-stg
user: root
+
gather_facts: True
vars_files:
@@ -85,3 +86,47 @@
handlers:
- include: "{{ handlers }}/restart_services.yml"
+
+- name: configure static sites for qadevel-stg
+ hosts: qadevel-stg
+ user: root
+ gather_facts: True
+
+ vars_files:
+ - /srv/web/infra/ansible/vars/global.yml
+ - "/srv/private/ansible/vars.yml"
+ - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+ tasks:
+ - name: ensure ServerName is set in ssl.conf
+ replace: dest=/etc/httpd/conf.d/ssl.conf regexp='^#ServerName .*$' replace='ServerName {{ external_hostname }}:443'
+ notify:
+ - restart httpd
+ tags:
+ - qadevelstaticsites
+
+ - name: ensure ServerName is set in httpd.conf
+ replace: dest=/etc/httpd/conf/httpd.conf regexp='^#ServerName .*$' replace='ServerName {{ external_hostname }}:443'
+ notify:
+ - restart httpd
+ tags:
+ - qadevelstaticsites
+
+ - name: create dirs for static sites
+ file: path={{ item.document_root }} state=directory owner=apache group=apache mode=1755
+ with_items: static_sites
+ tags:
+ - qadevelstaticsites
+
+ - name: generate virtualhosts for static sites
+ template: src={{ files }}/httpd/newvirtualhost.conf.j2 dest=/etc/httpd/conf.d/{{ item.name }}.conf owner=root group=root mode=0644
+ with_items: static_sites
+ notify:
+ - restart httpd
+ tags:
+ - qadevelstaticsites
+
+ handlers:
+ - include: "{{ handlers }}/restart_services.yml"
+
+
diff --git a/playbooks/hosts/darkserver-dev.cloud.fedoraproject.org.yml b/playbooks/hosts/darkserver-dev.cloud.fedoraproject.org.yml
deleted file mode 100644
index 5e23506a0c..0000000000
--- a/playbooks/hosts/darkserver-dev.cloud.fedoraproject.org.yml
+++ /dev/null
@@ -1,28 +0,0 @@
-- name: check/create instance
- hosts: darkserver-dev.cloud.fedoraproject.org
- user: root
- gather_facts: False
-
- vars_files:
- - /srv/web/infra/ansible/vars/global.yml
- - "/srv/private/ansible/vars.yml"
-
- tasks:
- - include: "{{ tasks }}/persistent_cloud.yml"
-
-- name: provision instance
- hosts: darkserver-dev.cloud.fedoraproject.org
- user: root
- gather_facts: True
-
- vars_files:
- - /srv/web/infra/ansible/vars/global.yml
- - "/srv/private/ansible/vars.yml"
- - /srv/web/infra/ansible/vars//{{ ansible_distribution }}.yml
-
- tasks:
- - include: "{{ tasks }}/cloud_setup_basic.yml"
- # fill in other actions/includes/etc here
- #
- # handlers:
- # - include: "{{ handlers }}/restart_services.yml
diff --git a/playbooks/hosts/darkserver-dev.fedorainfracloud.org.yml b/playbooks/hosts/darkserver-dev.fedorainfracloud.org.yml
new file mode 100644
index 0000000000..cb1b22ca7b
--- /dev/null
+++ b/playbooks/hosts/darkserver-dev.fedorainfracloud.org.yml
@@ -0,0 +1,27 @@
+- name: check/create instance
+ hosts: darkserver-dev.fedorainfracloud.org
+ gather_facts: False
+
+ vars_files:
+ - /srv/web/infra/ansible/vars/global.yml
+ - /srv/private/ansible/vars.yml
+ - /srv/web/infra/ansible/vars/fedora-cloud.yml
+ - /srv/private/ansible/files/openstack/passwords.yml
+
+ tasks:
+ - include: "{{ tasks }}/persistent_cloud_new.yml"
+ - include: "{{ tasks }}/growroot_cloud_el7.yml"
+
+- name: setup all the things
+ hosts: darkserver-dev.fedorainfracloud.org
+ gather_facts: True
+ vars_files:
+ - /srv/web/infra/ansible/vars/global.yml
+ - /srv/private/ansible/vars.yml
+ - /srv/private/ansible/files/openstack/passwords.yml
+ - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+ pre_tasks:
+ - include: "{{ tasks }}/cloud_setup_basic.yml"
+ - name: set hostname (required by some services, at least postfix need it)
+ shell: "hostname {{inventory_hostname}}"
diff --git a/roles/base/files/resolv.conf/cloud b/roles/base/files/resolv.conf/cloud
index 1d8fdfec7c..4d417eea20 100644
--- a/roles/base/files/resolv.conf/cloud
+++ b/roles/base/files/resolv.conf/cloud
@@ -1,4 +1,4 @@
search cloud.fedoraproject.org fedoraproject.org
nameserver 66.35.62.163
-nameserver 152.19.134.150
+nameserver 140.211.169.201
options rotate timeout:1
diff --git a/roles/base/files/resolv.conf/fed-cloud09.cloud.fedoraproject.org b/roles/base/files/resolv.conf/fed-cloud09.cloud.fedoraproject.org
index 1d8fdfec7c..4d417eea20 100644
--- a/roles/base/files/resolv.conf/fed-cloud09.cloud.fedoraproject.org
+++ b/roles/base/files/resolv.conf/fed-cloud09.cloud.fedoraproject.org
@@ -1,4 +1,4 @@
search cloud.fedoraproject.org fedoraproject.org
nameserver 66.35.62.163
-nameserver 152.19.134.150
+nameserver 140.211.169.201
options rotate timeout:1
diff --git a/roles/base/files/resolv.conf/fedorainfracloud b/roles/base/files/resolv.conf/fedorainfracloud
index 3def2ca343..377f82a5ef 100644
--- a/roles/base/files/resolv.conf/fedorainfracloud
+++ b/roles/base/files/resolv.conf/fedorainfracloud
@@ -1,4 +1,4 @@
search fedorainfracloud.org cloud.fedoraproject.org fedoraproject.org
nameserver 66.35.62.163
-nameserver 152.19.134.150
+nameserver 140.211.169.201
options rotate timeout:1
diff --git a/roles/dhcp_server/files/dhcpd.conf.noc01.phx2.fedoraproject.org b/roles/dhcp_server/files/dhcpd.conf.noc01.phx2.fedoraproject.org
index 331887bd14..16d8266cdc 100644
--- a/roles/dhcp_server/files/dhcpd.conf.noc01.phx2.fedoraproject.org
+++ b/roles/dhcp_server/files/dhcpd.conf.noc01.phx2.fedoraproject.org
@@ -1424,6 +1424,94 @@ subnet 10.5.78.0 netmask 255.255.255.0 {
filename "grubaa64.efi";
}
+ host aarch64-05a {
+ hardware ethernet 00:01:73:02:0d:2f;
+ fixed-address 10.5.78.150;
+ option host-name "aarch64-05a";
+ next-server 10.5.126.41;
+ filename "grubaa64.efi";
+ }
+
+ host aarch64-06a {
+ hardware ethernet 00:01:73:02:0c:fb;
+ fixed-address 10.5.78.155;
+ option host-name "aarch64-06a";
+ next-server 10.5.126.41;
+ filename "grubaa64.efi";
+ }
+
+ host aarch64-07a {
+ hardware ethernet 00:01:73:02:0a:b3;
+ fixed-address 10.5.78.160;
+ option host-name "aarch64-07a";
+ next-server 10.5.126.41;
+ filename "grubaa64.efi";
+ }
+
+ host aarch64-08a {
+ hardware ethernet 00:01:73:02:08:83;
+ fixed-address 10.5.78.165;
+ option host-name "aarch64-08a";
+ next-server 10.5.126.41;
+ filename "grubaa64.efi";
+ }
+
+ host aarch64-09a {
+ hardware ethernet 00:01:73:02:09:c3;
+ fixed-address 10.5.78.170;
+ option host-name "aarch64-09a";
+ next-server 10.5.126.41;
+ filename "grubaa64.efi";
+ }
+
+ host aarch64-10a {
+ hardware ethernet 00:01:73:02:08:ff;
+ fixed-address 10.5.78.175;
+ option host-name "aarch64-10a";
+ next-server 10.5.126.41;
+ filename "grubaa64.efi";
+ }
+
+ host aarch64-11a {
+ hardware ethernet 2c:59:e5:36:9a:48;
+ fixed-address 10.5.78.180;
+ option host-name "aarch64-11a";
+ next-server 10.5.126.41;
+ filename "grubaa64.efi";
+ }
+
+ host aarch64-12a {
+ hardware ethernet 2c:59:e5:36:9a:4a;
+ fixed-address 10.5.78.185;
+ option host-name "aarch64-12a";
+ next-server 10.5.126.41;
+ filename "grubaa64.efi";
+ }
+
+ host aarch64-13a {
+ hardware ethernet 2c:59:e5:36:9a:4b;
+ fixed-address 10.5.78.190;
+ option host-name "aarch64-13a";
+ next-server 10.5.126.41;
+ filename "grubaa64.efi";
+ }
+
+ host aarch64-14a {
+ hardware ethernet 2c:59:e5:36:9a:4e;
+ fixed-address 10.5.78.195;
+ option host-name "aarch64-14a";
+ next-server 10.5.126.41;
+ filename "grubaa64.efi";
+ }
+
+ host aarch64-15a {
+ hardware ethernet 2c:59:e5:36:9a:51;
+ fixed-address 10.5.78.200;
+ option host-name "aarch64-15a";
+ next-server 10.5.126.41;
+ filename "grubaa64.efi";
+ }
+
}
diff --git a/roles/epylog/files/merged/weed_local.cf b/roles/epylog/files/merged/weed_local.cf
index cdf374e62f..e9dab712a5 100644
--- a/roles/epylog/files/merged/weed_local.cf
+++ b/roles/epylog/files/merged/weed_local.cf
@@ -120,6 +120,7 @@ NetworkManager.*: \.*Unspecific failure
nm-dispatcher: Dispatching action.*
ntpd.*: synchronized.*
ntpd.*: time reset.*
+openshift-master.*
openvpn.*: Auth read bytes.*
openvpn.*: CLIENT_LIST.*
openvpn.*: END
diff --git a/roles/hosts/files/kojibuilder-hosts b/roles/hosts/files/kojibuilder-hosts
index 9db5ed50ea..f2e91ca5ec 100644
--- a/roles/hosts/files/kojibuilder-hosts
+++ b/roles/hosts/files/kojibuilder-hosts
@@ -1,8 +1,14 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.23 infrastructure.fedoraproject.org
+10.5.126.51 mirrors.fedoraproject.org admin.fedoraproject.org
+# primary koji infra
10.5.125.63 koji.fedoraproject.org
10.5.125.36 kojipkgs.fedoraproject.org
-10.5.124.138 arm.koji.fedoraproject.org armpkgs.fedoraproject.org
10.5.125.44 pkgs.fedoraproject.org pkgs
-10.5.126.51 mirrors.fedoraproject.org admin.fedoraproject.org
+# arm koji infra
+10.5.124.138 arm.koji.fedoraproject.org armpkgs.fedoraproject.org
+# ppc koji infra
+10.5.124.182 ppc.koji.fedoraproject.org ppcpkgs.fedoraproject.org
+# s390 koji infra
+10.5.124.191 s390.koji.fedoraproject.org s390pkgs.fedoraproject.org
diff --git a/roles/ipsilon/files/ipsilon-httpd.conf b/roles/ipsilon/files/ipsilon-httpd.conf
index a8eab66a32..d7babee241 100644
--- a/roles/ipsilon/files/ipsilon-httpd.conf
+++ b/roles/ipsilon/files/ipsilon-httpd.conf
@@ -1,7 +1,7 @@
Alias /ui /usr/share/ipsilon/ui
Alias /.well-known /etc/ipsilon/wellknown
WSGIScriptAlias / /usr/libexec/ipsilon
-WSGIDaemonProcess ipsilon user=ipsilon group=ipsilon home=/var/lib/ipsilon
+WSGIDaemonProcess ipsilon user=ipsilon group=ipsilon home=/var/lib/ipsilon processes=2 threads=2 maximum-requests=1000
diff --git a/roles/koji_builder/files/builders/fedora-branched-pungi-aarch64.cfg b/roles/koji_builder/files/builders/fedora-branched-pungi-aarch64.cfg
new file mode 100644
index 0000000000..3d00881ab9
--- /dev/null
+++ b/roles/koji_builder/files/builders/fedora-branched-pungi-aarch64.cfg
@@ -0,0 +1,34 @@
+config_opts['root'] = 'fedora-branched-pungi-aarch64'
+config_opts['target_arch'] = 'aarch64'
+config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
+config_opts['dist'] = 'fc9'
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['internal_dev_setup'] = False
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['plugin_conf']['yum_cache_enable'] = False
+config_opts['plugin_conf']['ccache_enable'] = False
+
+config_opts['yum.conf'] = """
+[main]
+cachedir=/var/cache/yum
+debuglevel=1
+reposdir=/dev/null
+logfile=/var/log/yum.log
+retries=20
+obsoletes=1
+gpgcheck=0
+assumeyes=1
+http_caching=none
+
+# repos
+
+[fedora]
+name=fedora
+baseurl=http://armpkgs.fedoraproject.org/mash/branched/aarch64/os
+
+[buildroot]
+name=buildroot
+baseurl=http://armpkgs.fedoraproject.org/repos/f23-build/latest/aarch64/
+"""
diff --git a/roles/koji_builder/files/builders/fedora-branched-pungi-ppc64.cfg b/roles/koji_builder/files/builders/fedora-branched-pungi-ppc64.cfg
new file mode 100644
index 0000000000..18a07b9af6
--- /dev/null
+++ b/roles/koji_builder/files/builders/fedora-branched-pungi-ppc64.cfg
@@ -0,0 +1,34 @@
+config_opts['root'] = 'fedora-branched-pungi-ppc64'
+config_opts['target_arch'] = 'ppc64'
+config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
+config_opts['dist'] = 'fc9'
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['internal_dev_setup'] = False
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['plugin_conf']['yum_cache_enable'] = False
+config_opts['plugin_conf']['ccache_enable'] = False
+
+config_opts['yum.conf'] = """
+[main]
+cachedir=/var/cache/yum
+debuglevel=1
+reposdir=/dev/null
+logfile=/var/log/yum.log
+retries=20
+obsoletes=1
+gpgcheck=0
+assumeyes=1
+http_caching=none
+
+# repos
+
+[fedora]
+name=fedora
+baseurl=http://ppcpkgs.fedoraproject.org/mash/branched/ppc64/os
+
+[buildroot]
+name=buildroot
+baseurl=http://ppcpkgs.fedoraproject.org/repos/f23-build/latest/ppc64/
+"""
diff --git a/roles/koji_builder/files/builders/fedora-branched-pungi-ppc64le.cfg b/roles/koji_builder/files/builders/fedora-branched-pungi-ppc64le.cfg
new file mode 100644
index 0000000000..18a07b9af6
--- /dev/null
+++ b/roles/koji_builder/files/builders/fedora-branched-pungi-ppc64le.cfg
@@ -0,0 +1,34 @@
+config_opts['root'] = 'fedora-branched-pungi-ppc64'
+config_opts['target_arch'] = 'ppc64'
+config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
+config_opts['dist'] = 'fc9'
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['internal_dev_setup'] = False
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['plugin_conf']['yum_cache_enable'] = False
+config_opts['plugin_conf']['ccache_enable'] = False
+
+config_opts['yum.conf'] = """
+[main]
+cachedir=/var/cache/yum
+debuglevel=1
+reposdir=/dev/null
+logfile=/var/log/yum.log
+retries=20
+obsoletes=1
+gpgcheck=0
+assumeyes=1
+http_caching=none
+
+# repos
+
+[fedora]
+name=fedora
+baseurl=http://ppcpkgs.fedoraproject.org/mash/branched/ppc64/os
+
+[buildroot]
+name=buildroot
+baseurl=http://ppcpkgs.fedoraproject.org/repos/f23-build/latest/ppc64/
+"""
diff --git a/roles/koji_builder/files/builders/fedora-rawhide-pungi-aarch64.cfg b/roles/koji_builder/files/builders/fedora-rawhide-pungi-aarch64.cfg
new file mode 100644
index 0000000000..be3834227d
--- /dev/null
+++ b/roles/koji_builder/files/builders/fedora-rawhide-pungi-aarch64.cfg
@@ -0,0 +1,35 @@
+config_opts['root'] = 'fedora-rawhide-pungi-aarch64'
+config_opts['target_arch'] = 'aarch64'
+config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
+config_opts['dist'] = 'fc9'
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['internal_dev_setup'] = False
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['plugin_conf']['yum_cache_enable'] = False
+config_opts['plugin_conf']['ccache_enable'] = False
+
+
+config_opts['yum.conf'] = """
+[main]
+cachedir=/var/cache/yum
+debuglevel=1
+reposdir=/dev/null
+logfile=/var/log/yum.log
+retries=20
+obsoletes=1
+gpgcheck=0
+assumeyes=1
+http_caching=none
+
+# repos
+
+[fedora]
+name=fedora
+baseurl=http://armpkgs.fedoraproject.org/mash/rawhide/aarch64/os
+
+[buildroot]
+name=buildroot
+baseurl=http://armpkgs.fedoraproject.org/repos/f24-build/latest/aarch64/
+"""
diff --git a/roles/koji_builder/files/builders/fedora-rawhide-pungi-ppc64.cfg b/roles/koji_builder/files/builders/fedora-rawhide-pungi-ppc64.cfg
new file mode 100644
index 0000000000..f227e4659e
--- /dev/null
+++ b/roles/koji_builder/files/builders/fedora-rawhide-pungi-ppc64.cfg
@@ -0,0 +1,35 @@
+config_opts['root'] = 'fedora-rawhide-pungi-ppc64le'
+config_opts['target_arch'] = 'ppc64le'
+config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
+config_opts['dist'] = 'fc9'
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['internal_dev_setup'] = False
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['plugin_conf']['yum_cache_enable'] = False
+config_opts['plugin_conf']['ccache_enable'] = False
+
+
+config_opts['yum.conf'] = """
+[main]
+cachedir=/var/cache/yum
+debuglevel=1
+reposdir=/dev/null
+logfile=/var/log/yum.log
+retries=20
+obsoletes=1
+gpgcheck=0
+assumeyes=1
+http_caching=none
+
+# repos
+
+[fedora]
+name=fedora
+baseurl=http://ppcpkgs.fedoraproject.org/mash/rawhide/ppc64le/os
+
+[buildroot]
+name=buildroot
+baseurl=http://ppcpkgs.fedoraproject.org/repos/f24-build/latest/ppc64le/
+"""
diff --git a/roles/koji_builder/files/builders/fedora-rawhide-pungi-ppc64le.cfg b/roles/koji_builder/files/builders/fedora-rawhide-pungi-ppc64le.cfg
new file mode 100644
index 0000000000..f227e4659e
--- /dev/null
+++ b/roles/koji_builder/files/builders/fedora-rawhide-pungi-ppc64le.cfg
@@ -0,0 +1,35 @@
+config_opts['root'] = 'fedora-rawhide-pungi-ppc64le'
+config_opts['target_arch'] = 'ppc64le'
+config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
+config_opts['dist'] = 'fc9'
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['internal_dev_setup'] = False
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['plugin_conf']['yum_cache_enable'] = False
+config_opts['plugin_conf']['ccache_enable'] = False
+
+
+config_opts['yum.conf'] = """
+[main]
+cachedir=/var/cache/yum
+debuglevel=1
+reposdir=/dev/null
+logfile=/var/log/yum.log
+retries=20
+obsoletes=1
+gpgcheck=0
+assumeyes=1
+http_caching=none
+
+# repos
+
+[fedora]
+name=fedora
+baseurl=http://ppcpkgs.fedoraproject.org/mash/rawhide/ppc64le/os
+
+[buildroot]
+name=buildroot
+baseurl=http://ppcpkgs.fedoraproject.org/repos/f24-build/latest/ppc64le/
+"""
diff --git a/roles/koji_builder/files/ppc-koji.conf b/roles/koji_builder/files/ppc-koji.conf
deleted file mode 100644
index d36bf7641f..0000000000
--- a/roles/koji_builder/files/ppc-koji.conf
+++ /dev/null
@@ -1,23 +0,0 @@
-[koji]
-
-;configuration for koji cli tool
-
-;url of XMLRPC server
-server = http://ppc.koji.fedoraproject.org/kojihub
-
-;url of web interface
-weburl = http://ppc.koji.fedoraproject.org/koji
-
-;path to the koji top directory
-;topdir = /mnt/koji
-
-;configuration for SSL athentication
-
-;client certificate
-;cert = ~/.koji/client.crt
-
-;certificate of the CA that issued the client certificate
-;ca = ~/.koji/clientca.crt
-
-;certificate of the CA that issued the HTTP server certificate
-;serverca = ~/.koji/serverca.crt
diff --git a/roles/koschei/tasks/main.yml b/roles/koschei/tasks/main.yml
index a7854dd282..306787697d 100644
--- a/roles/koschei/tasks/main.yml
+++ b/roles/koschei/tasks/main.yml
@@ -106,6 +106,7 @@
template: src=cron-db-cleanup.j2 dest=/etc/cron.d/cron-db-cleanup
tags:
- koschei
+ - config
# See https://github.com/msimacek/koschei/issues/16
- name: HOTFIX koschei resolver.py
@@ -125,6 +126,7 @@
owner=koschei group=koschei mode=0600
tags:
- koschei
+ - config
- name: Create libexec/koschei dir
file: path=/usr/libexec/koschei state=directory
diff --git a/roles/koschei/templates/cron-db-cleanup.j2 b/roles/koschei/templates/cron-db-cleanup.j2
index 32fdf5fd58..c3f54c2a6b 100644
--- a/roles/koschei/templates/cron-db-cleanup.j2
+++ b/roles/koschei/templates/cron-db-cleanup.j2
@@ -1,2 +1,2 @@
0 3 * * * koschei koschei-admin cleanup --older-than 6
-0 4 * * * koschei psql -h {{ koschei_pgsql_hostname }} -d koschei -U koscheiadmin -c 'VACUUM FULL ANALYZE package;'
+0 4,10,16,22 * * * koschei psql -h {{ koschei_pgsql_hostname }} -d koschei -U koscheiadmin -c 'VACUUM FULL ANALYZE package;'
diff --git a/roles/taskotron/taskotron-client/files/yumrepoinfo.conf b/roles/taskotron/taskotron-client/files/yumrepoinfo.conf
index b3d6f746ef..1a3ad2ae09 100644
--- a/roles/taskotron/taskotron-client/files/yumrepoinfo.conf
+++ b/roles/taskotron/taskotron-client/files/yumrepoinfo.conf
@@ -33,8 +33,24 @@ release_status =
[rawhide]
url = %(rawhideurl)s
path = development/rawhide
-tag = f23
-release_status = rawhide
+tag = f24
+release_status = rawhida
+
+# Fedora 23
+[f23]
+url = %(rawhideurl)s
+path = development/23
+release_status = stable
+
+[f23-updates]
+url = %(updatesurl)s
+path = 23
+parent = f23
+
+[f23-updates-testing]
+url = %(updatesurl)s
+path = testing/23
+parent = f23-updates
# Fedora 22
[f22]
diff --git a/tasks/growroot_cloud_el7.yml b/tasks/growroot_cloud_el7.yml
new file mode 100644
index 0000000000..0879d95ecd
--- /dev/null
+++ b/tasks/growroot_cloud_el7.yml
@@ -0,0 +1,30 @@
+- name: add infra repo
+ action: get_url url=http://infrastructure.fedoraproject.org/el/infrastructure.repo dest=/etc/yum.repos.d/
+ when: is_rhel is defined
+ tags:
+ - config
+
+- name: install cloud-utils
+ yum: name=cloud-utils state=present
+ tags:
+ - packages
+
+- name: growpart the first partition (/) to full size
+ command: growpart /dev/vda 1
+ register: growpart
+ always_run: true
+ changed_when: "growpart.rc != 1"
+ failed_when: growpart.rc == 2
+
+- name: reboot the box
+ command: /sbin/reboot
+ when: growpart.rc == 0
+ ignore_errors: true
+
+- name: wait for it to come back (should be quick)
+ local_action: wait_for host={{ inventory_hostname }} port=22 delay=10 timeout=120
+ when: growpart.rc == 0
+
+- name: resize the /dev/vda 1 fs
+ command: xfs_growfs /
+ when: growpart.rc == 0