Merge branch 'master' of /git/ansible

files/httpd/newvirtualhost.conf.j2

@@ -0,0 +1,75 @@
+<VirtualHost *:443>
+  # Change this to the domain which points to your host.
+  ServerName {{ item.name }}
+
+  # Use separate log files for the SSL virtual host; note that LogLevel
+  # is not inherited from httpd.conf.
+  ErrorLog logs/{{ item.name }}_error_log
+  TransferLog logs/{{ item.name }}_access_log
+  LogLevel warn
+
+  #   SSL Engine Switch:
+  #   Enable/Disable SSL for this virtual host.
+  SSLEngine on
+
+  #   SSL Protocol support:
+  # List the enable protocol levels with which clients will be able to
+  # connect.  Disable SSLv2 access by default:
+  SSLProtocol all -SSLv2
+
+  #   SSL Cipher Suite:
+  # List the ciphers that the client is permitted to negotiate.
+  # See the mod_ssl documentation for a complete list.
+  #SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
+  SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
+
+  #   Server Certificate:
+  # Point SSLCertificateFile at a PEM encoded certificate.  If
+  # the certificate is encrypted, then you will be prompted for a
+  # pass phrase.  Note that a kill -HUP will prompt again.  A new
+  # certificate can be generated using the genkey(1) command.
+  SSLCertificateFile /etc/pki/tls/certs/{{ sslcertfile }}
+
+  #   Server Private Key:
+  #   If the key is not combined with the certificate, use this
+  #   directive to point at the key file.  Keep in mind that if
+  #   you've both a RSA and a DSA private key you can configure
+  #   both in parallel (to also allow the use of DSA ciphers, etc.)
+  SSLCertificateKeyFile /etc/pki/tls/private/{{ sslkeyfile }}
+
+  #   Server Certificate Chain:
+  #   Point SSLCertificateChainFile at a file containing the
+  #   concatenation of PEM encoded CA certificates which form the
+  #   certificate chain for the server certificate. Alternatively
+  #   the referenced file can be the same as SSLCertificateFile
+  #   when the CA certificates are directly appended to the server
+  #   certificate for convinience.
+  #SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
+  {% if sslintermediatecertfile is defined %}
+  SSLCertificateChainFile /etc/pki/tls/certs/{{ sslintermediatecertfile }}
+  {% endif %}
+
+  #   Certificate Authority (CA):
+  #   Set the CA certificate verification path where to find CA
+  #   certificates for client authentication or alternatively one
+  #   huge file containing all of them (file must be PEM encoded)
+  #SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
+
+  DocumentRoot {{ item.document_root }}
+
+  Options Indexes FollowSymLinks
+
+</VirtualHost>
+
+
+<VirtualHost *:80>
+  # Change this to the domain which points to your host.
+  ServerName {{ item.name }}
+  {% if sslonly %}
+    RewriteEngine On
+    RewriteCond %{HTTPS} off
+    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [NE]
+  {% else %}
+    Options Indexes FollowSymLinks
+  {% endif %}
+</VirtualHost>

inventory/group_vars/buildaarch64

@@ -1,6 +1,6 @@
 ---
 host_group: kojibuilder
-fas_client_groups: sysadmin-releng
+fas_client_groups: sysadmin-releng,sysadmin-secondary
 sudoers: "{{ private }}/files/sudo/buildaarch64-sudoers"
 
 koji_server_url: "http://arm.koji.fedoraproject.org/kojihub"

inventory/group_vars/buildppc64

@@ -1,6 +1,6 @@
 ---
 host_group: kojibuilder
-fas_client_groups: sysadmin-releng
+fas_client_groups: sysadmin-releng,sysadmin-secondary
 #sudoers: "{{ private }}/files/sudo/buildppc64-sudoers"
 
 koji_server_url: "http://ppc.koji.fedoraproject.org/kojihub"

inventory/group_vars/qadevel-stg

@@ -75,4 +75,10 @@ buildslave_name: 'qadevel-stg'
 deployment_type: qadevel-stg
 tcp_ports: [ 80, 222, 443, "{{ buildslave_port }}", 3306 ]
 
+# static sites
+static_sites:
+  - name: docs.{{ external_hostname }}
+    document_root: /var/www/docs
+sslonly: false
+
 freezes: false

inventory/group_vars/sundries

@@ -18,3 +18,5 @@ rsync_group: sundries
 
 nrpe_procs_warn: 300
 nrpe_procs_crit: 500
+
+sudoers: "{{ private }}/files/sudo/sundries-sudoers"

inventory/group_vars/sundries-stg

@@ -18,3 +18,5 @@ rsync_group: sundries
 
 nrpe_procs_warn: 300
 nrpe_procs_crit: 500
+
+sudoers: "{{ private }}/files/sudo/sundries-sudoers"

inventory/host_vars/darkserver-dev.cloud.fedoraproject.org

@@ -1,16 +0,0 @@
-# 2cpus, 3GB of ram 20GB of ephemeral space
-instance_type: m1.large
-# image id
-image: "{{ el6_qcow_id }}"
-keypair: fedora-admin-20130801
-# what security group to add the host to
-security_group: webserver
-zone: fedoracloud
-# instance id will be appended
-hostbase: darkserver-dev-
-# ip should be in the 209.132.184.XXX range
-public_ip: 209.132.184.148
-# users/groups who should have root ssh access
-root_auth_users:  kushal @sysadmin-main sayanchowdhury
-description: darkserver dev server
-freezes: false

inventory/host_vars/darkserver-dev.fedorainfracloud.org

@@ -0,0 +1,18 @@
+---
+image: rhel7-20141015
+instance_type: m1.large
+keypair: fedora-admin-20130801
+security_group: ssh-anywhere-persistent,web-80-anywhere-persistent,default
+zone: nova
+tcp_ports: [22, 80, 443]
+
+inventory_tenant: persistent
+inventory_instance_name: darkserver-dev
+hostbase: darkserver-dev
+public_ip: 209.132.184.171
+root_auth_users: kushal
+description: darkserver development instance
+
+cloud_networks:
+  # persistent-net
+  - net-id: "67b77354-39a4-43de-b007-bb813ac5c35f"

inventory/inventory

@@ -805,8 +805,6 @@ fed-cloud15.cloud.fedoraproject.org
 [persistent-cloud]
 #shogun-ca.cloud.fedoraproject.org (oldcloud)
 209.132.184.157
-# darkserver-dev (oldcloud)
-darkserver-dev.cloud.fedoraproject.org
 # DevPi test instance - ticket 4524 (oldcloud)
 209.132.184.166
 #
@@ -835,6 +833,8 @@ fas2-dev.fedorainfracloud.org
 fas3-dev.fedorainfracloud.org
 # faitout
 faitout.fedorainfracloud.org
+# darkserver development instance
+darkserver-dev.fedorainfracloud.org
 
 [jenkins-slaves]
 # EL-6 builder

master.yml

@@ -110,7 +110,7 @@
 
 - include: /srv/web/infra/ansible/playbooks/hosts/artboard.fedorainfracloud.org.yml
 - include: /srv/web/infra/ansible/playbooks/hosts/cloud-noc01.cloud.fedoraproject.org.yml
-- include: /srv/web/infra/ansible/playbooks/hosts/darkserver-dev.cloud.fedoraproject.org.yml
+- include: /srv/web/infra/ansible/playbooks/hosts/darkserver-dev.fedorainfracloud.org.yml
 - include: /srv/web/infra/ansible/playbooks/hosts/devpi.cloud.fedoraproject.org.yml
 - include: /srv/web/infra/ansible/playbooks/hosts/dopr-dev.cloud.fedoraproject.org.yml
 - include: /srv/web/infra/ansible/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml

playbooks/groups/qadevel-stg.yml

@@ -52,6 +52,7 @@
 - name: configure phabricator
   hosts: qadevel-stg
   user: root
+
   gather_facts: True
 
   vars_files:
@@ -85,3 +86,47 @@
 
   handlers:
    - include: "{{ handlers }}/restart_services.yml"
+
+- name: configure static sites for qadevel-stg
+  hosts: qadevel-stg
+  user: root
+  gather_facts: True
+
+  vars_files:
+   - /srv/web/infra/ansible/vars/global.yml
+   - "/srv/private/ansible/vars.yml"
+   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+  tasks:
+    - name: ensure ServerName is set in ssl.conf
+      replace: dest=/etc/httpd/conf.d/ssl.conf regexp='^#ServerName .*$' replace='ServerName {{ external_hostname }}:443'
+      notify:
+        - restart httpd
+      tags:
+        - qadevelstaticsites
+
+    - name: ensure ServerName is set in httpd.conf
+      replace: dest=/etc/httpd/conf/httpd.conf regexp='^#ServerName .*$' replace='ServerName {{ external_hostname }}:443'
+      notify:
+        - restart httpd
+      tags:
+        - qadevelstaticsites
+
+    - name: create dirs for static sites
+      file: path={{ item.document_root }} state=directory owner=apache group=apache mode=1755
+      with_items: static_sites
+      tags:
+        - qadevelstaticsites
+
+    - name: generate virtualhosts for static sites
+      template:  src={{ files }}/httpd/newvirtualhost.conf.j2 dest=/etc/httpd/conf.d/{{ item.name }}.conf owner=root group=root mode=0644
+      with_items: static_sites
+      notify:
+        - restart httpd
+      tags:
+        - qadevelstaticsites
+
+  handlers:
+     - include: "{{ handlers }}/restart_services.yml"
+
+

playbooks/hosts/darkserver-dev.cloud.fedoraproject.org.yml

@@ -1,28 +0,0 @@
-- name: check/create instance
-  hosts: darkserver-dev.cloud.fedoraproject.org
-  user: root
-  gather_facts: False
-
-  vars_files:
-   - /srv/web/infra/ansible/vars/global.yml
-   - "/srv/private/ansible/vars.yml"
-
-  tasks:
-  - include: "{{ tasks }}/persistent_cloud.yml"
-
-- name: provision instance
-  hosts: darkserver-dev.cloud.fedoraproject.org
-  user: root
-  gather_facts: True
-
-  vars_files:
-   - /srv/web/infra/ansible/vars/global.yml
-   - "/srv/private/ansible/vars.yml"
-   - /srv/web/infra/ansible/vars//{{ ansible_distribution }}.yml
-
-  tasks:
-  - include: "{{ tasks }}/cloud_setup_basic.yml"
-  # fill in other actions/includes/etc here
-  #
-  #   handlers:
-  #     - include: "{{ handlers }}/restart_services.yml

playbooks/hosts/darkserver-dev.fedorainfracloud.org.yml

@@ -0,0 +1,27 @@
+- name: check/create instance
+  hosts: darkserver-dev.fedorainfracloud.org
+  gather_facts: False
+
+  vars_files:
+   - /srv/web/infra/ansible/vars/global.yml
+   - /srv/private/ansible/vars.yml
+   - /srv/web/infra/ansible/vars/fedora-cloud.yml
+   - /srv/private/ansible/files/openstack/passwords.yml
+
+  tasks:
+  - include: "{{ tasks }}/persistent_cloud_new.yml"
+  - include: "{{ tasks }}/growroot_cloud_el7.yml"
+
+- name: setup all the things
+  hosts: darkserver-dev.fedorainfracloud.org
+  gather_facts: True
+  vars_files:
+   - /srv/web/infra/ansible/vars/global.yml
+   - /srv/private/ansible/vars.yml
+   - /srv/private/ansible/files/openstack/passwords.yml
+   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+  pre_tasks:
+  - include: "{{ tasks }}/cloud_setup_basic.yml"
+  - name: set hostname (required by some services, at least postfix need it)
+    shell: "hostname {{inventory_hostname}}"

roles/base/files/resolv.conf/cloud

@@ -1,4 +1,4 @@
 search cloud.fedoraproject.org fedoraproject.org
 nameserver 66.35.62.163
-nameserver 152.19.134.150
+nameserver 140.211.169.201
 options rotate timeout:1

roles/base/files/resolv.conf/fed-cloud09.cloud.fedoraproject.org

@@ -1,4 +1,4 @@
 search cloud.fedoraproject.org fedoraproject.org
 nameserver 66.35.62.163
-nameserver 152.19.134.150
+nameserver 140.211.169.201
 options rotate timeout:1

roles/base/files/resolv.conf/fedorainfracloud

@@ -1,4 +1,4 @@
 search fedorainfracloud.org cloud.fedoraproject.org fedoraproject.org
 nameserver 66.35.62.163
-nameserver 152.19.134.150
+nameserver 140.211.169.201
 options rotate timeout:1

roles/dhcp_server/files/dhcpd.conf.noc01.phx2.fedoraproject.org

@@ -1424,6 +1424,94 @@ subnet 10.5.78.0 netmask 255.255.255.0 {
 	 filename "grubaa64.efi";
     }
 
+    host aarch64-05a {
+         hardware ethernet 00:01:73:02:0d:2f;
+         fixed-address 10.5.78.150;
+         option host-name "aarch64-05a";
+         next-server 10.5.126.41;
+         filename "grubaa64.efi";
+    }
+
+    host aarch64-06a {
+         hardware ethernet 00:01:73:02:0c:fb;
+         fixed-address 10.5.78.155;
+         option host-name "aarch64-06a";
+         next-server 10.5.126.41;
+         filename "grubaa64.efi";
+    }
+
+    host aarch64-07a {
+         hardware ethernet 00:01:73:02:0a:b3;
+         fixed-address 10.5.78.160;
+         option host-name "aarch64-07a";
+         next-server 10.5.126.41;
+         filename "grubaa64.efi";
+    }
+
+    host aarch64-08a {
+         hardware ethernet 00:01:73:02:08:83;
+         fixed-address 10.5.78.165;
+         option host-name "aarch64-08a";
+         next-server 10.5.126.41;
+         filename "grubaa64.efi";
+    }
+
+    host aarch64-09a {
+         hardware ethernet 00:01:73:02:09:c3;
+         fixed-address 10.5.78.170;
+         option host-name "aarch64-09a";
+         next-server 10.5.126.41;
+         filename "grubaa64.efi";
+    }
+
+    host aarch64-10a {
+         hardware ethernet 00:01:73:02:08:ff;
+         fixed-address 10.5.78.175;
+         option host-name "aarch64-10a";
+         next-server 10.5.126.41;
+         filename "grubaa64.efi";
+    }
+
+    host aarch64-11a {
+         hardware ethernet 2c:59:e5:36:9a:48;
+         fixed-address 10.5.78.180;
+         option host-name "aarch64-11a";
+         next-server 10.5.126.41;
+         filename "grubaa64.efi";
+    }
+
+    host aarch64-12a {
+         hardware ethernet 2c:59:e5:36:9a:4a;
+         fixed-address 10.5.78.185;
+         option host-name "aarch64-12a";
+         next-server 10.5.126.41;
+         filename "grubaa64.efi";
+    }
+
+    host aarch64-13a {
+         hardware ethernet 2c:59:e5:36:9a:4b;
+         fixed-address 10.5.78.190;
+         option host-name "aarch64-13a";
+         next-server 10.5.126.41;
+         filename "grubaa64.efi";
+    }
+
+    host aarch64-14a {
+         hardware ethernet 2c:59:e5:36:9a:4e;
+         fixed-address 10.5.78.195;
+         option host-name "aarch64-14a";
+         next-server 10.5.126.41;
+         filename "grubaa64.efi";
+    }
+
+    host aarch64-15a {
+         hardware ethernet 2c:59:e5:36:9a:51;
+         fixed-address 10.5.78.200;
+         option host-name "aarch64-15a";
+         next-server 10.5.126.41;
+         filename "grubaa64.efi";
+    }
+
 }
 
 

roles/epylog/files/merged/weed_local.cf

@@ -120,6 +120,7 @@ NetworkManager.*: \<error\>.*Unspecific failure
 nm-dispatcher: Dispatching action.*
 ntpd.*: synchronized.*
 ntpd.*: time reset.*
+openshift-master.*
 openvpn.*: Auth read bytes.*
 openvpn.*: CLIENT_LIST.*
 openvpn.*: END

roles/hosts/files/kojibuilder-hosts

@@ -1,8 +1,14 @@
 127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
 ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
 10.5.126.23    infrastructure.fedoraproject.org
+10.5.126.51    mirrors.fedoraproject.org admin.fedoraproject.org
+# primary koji infra
 10.5.125.63    koji.fedoraproject.org
 10.5.125.36    kojipkgs.fedoraproject.org
-10.5.124.138   arm.koji.fedoraproject.org armpkgs.fedoraproject.org
 10.5.125.44    pkgs.fedoraproject.org  pkgs
-10.5.126.51    mirrors.fedoraproject.org admin.fedoraproject.org
+# arm koji infra
+10.5.124.138   arm.koji.fedoraproject.org armpkgs.fedoraproject.org
+# ppc koji infra
+10.5.124.182   ppc.koji.fedoraproject.org ppcpkgs.fedoraproject.org
+# s390 koji infra
+10.5.124.191   s390.koji.fedoraproject.org s390pkgs.fedoraproject.org

roles/ipsilon/files/ipsilon-httpd.conf

@@ -1,7 +1,7 @@
 Alias /ui /usr/share/ipsilon/ui
 Alias /.well-known /etc/ipsilon/wellknown
 WSGIScriptAlias / /usr/libexec/ipsilon
-WSGIDaemonProcess ipsilon user=ipsilon group=ipsilon home=/var/lib/ipsilon
+WSGIDaemonProcess ipsilon user=ipsilon group=ipsilon home=/var/lib/ipsilon processes=2 threads=2 maximum-requests=1000
 
 
 <Location />

roles/koji_builder/files/builders/fedora-branched-pungi-aarch64.cfg

@@ -0,0 +1,34 @@
+config_opts['root'] = 'fedora-branched-pungi-aarch64'
+config_opts['target_arch'] = 'aarch64'
+config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
+config_opts['dist'] = 'fc9'
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['internal_dev_setup'] = False
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['plugin_conf']['yum_cache_enable'] = False
+config_opts['plugin_conf']['ccache_enable'] = False
+
+config_opts['yum.conf'] = """
+[main]
+cachedir=/var/cache/yum
+debuglevel=1
+reposdir=/dev/null
+logfile=/var/log/yum.log
+retries=20
+obsoletes=1
+gpgcheck=0
+assumeyes=1
+http_caching=none
+
+# repos
+
+[fedora]
+name=fedora
+baseurl=http://armpkgs.fedoraproject.org/mash/branched/aarch64/os
+
+[buildroot]
+name=buildroot
+baseurl=http://armpkgs.fedoraproject.org/repos/f23-build/latest/aarch64/
+"""

roles/koji_builder/files/builders/fedora-branched-pungi-ppc64.cfg

@@ -0,0 +1,34 @@
+config_opts['root'] = 'fedora-branched-pungi-ppc64'
+config_opts['target_arch'] = 'ppc64'
+config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
+config_opts['dist'] = 'fc9'
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['internal_dev_setup'] = False
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['plugin_conf']['yum_cache_enable'] = False
+config_opts['plugin_conf']['ccache_enable'] = False
+
+config_opts['yum.conf'] = """
+[main]
+cachedir=/var/cache/yum
+debuglevel=1
+reposdir=/dev/null
+logfile=/var/log/yum.log
+retries=20
+obsoletes=1
+gpgcheck=0
+assumeyes=1
+http_caching=none
+
+# repos
+
+[fedora]
+name=fedora
+baseurl=http://ppcpkgs.fedoraproject.org/mash/branched/ppc64/os
+
+[buildroot]
+name=buildroot
+baseurl=http://ppcpkgs.fedoraproject.org/repos/f23-build/latest/ppc64/
+"""

roles/koji_builder/files/builders/fedora-branched-pungi-ppc64le.cfg

@@ -0,0 +1,34 @@
+config_opts['root'] = 'fedora-branched-pungi-ppc64'
+config_opts['target_arch'] = 'ppc64'
+config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
+config_opts['dist'] = 'fc9'
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['internal_dev_setup'] = False
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['plugin_conf']['yum_cache_enable'] = False
+config_opts['plugin_conf']['ccache_enable'] = False
+
+config_opts['yum.conf'] = """
+[main]
+cachedir=/var/cache/yum
+debuglevel=1
+reposdir=/dev/null
+logfile=/var/log/yum.log
+retries=20
+obsoletes=1
+gpgcheck=0
+assumeyes=1
+http_caching=none
+
+# repos
+
+[fedora]
+name=fedora
+baseurl=http://ppcpkgs.fedoraproject.org/mash/branched/ppc64/os
+
+[buildroot]
+name=buildroot
+baseurl=http://ppcpkgs.fedoraproject.org/repos/f23-build/latest/ppc64/
+"""

roles/koji_builder/files/builders/fedora-rawhide-pungi-aarch64.cfg

@@ -0,0 +1,35 @@
+config_opts['root'] = 'fedora-rawhide-pungi-aarch64'
+config_opts['target_arch'] = 'aarch64'
+config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
+config_opts['dist'] = 'fc9'
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['internal_dev_setup'] = False
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['plugin_conf']['yum_cache_enable'] = False
+config_opts['plugin_conf']['ccache_enable'] = False
+
+
+config_opts['yum.conf'] = """
+[main]
+cachedir=/var/cache/yum
+debuglevel=1
+reposdir=/dev/null
+logfile=/var/log/yum.log
+retries=20
+obsoletes=1
+gpgcheck=0
+assumeyes=1
+http_caching=none
+
+# repos
+
+[fedora]
+name=fedora
+baseurl=http://armpkgs.fedoraproject.org/mash/rawhide/aarch64/os
+
+[buildroot]
+name=buildroot
+baseurl=http://armpkgs.fedoraproject.org/repos/f24-build/latest/aarch64/
+"""

roles/koji_builder/files/builders/fedora-rawhide-pungi-ppc64.cfg

@@ -0,0 +1,35 @@
+config_opts['root'] = 'fedora-rawhide-pungi-ppc64le'
+config_opts['target_arch'] = 'ppc64le'
+config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
+config_opts['dist'] = 'fc9'
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['internal_dev_setup'] = False
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['plugin_conf']['yum_cache_enable'] = False
+config_opts['plugin_conf']['ccache_enable'] = False
+
+
+config_opts['yum.conf'] = """
+[main]
+cachedir=/var/cache/yum
+debuglevel=1
+reposdir=/dev/null
+logfile=/var/log/yum.log
+retries=20
+obsoletes=1
+gpgcheck=0
+assumeyes=1
+http_caching=none
+
+# repos
+
+[fedora]
+name=fedora
+baseurl=http://ppcpkgs.fedoraproject.org/mash/rawhide/ppc64le/os
+
+[buildroot]
+name=buildroot
+baseurl=http://ppcpkgs.fedoraproject.org/repos/f24-build/latest/ppc64le/
+"""

roles/koji_builder/files/builders/fedora-rawhide-pungi-ppc64le.cfg

@@ -0,0 +1,35 @@
+config_opts['root'] = 'fedora-rawhide-pungi-ppc64le'
+config_opts['target_arch'] = 'ppc64le'
+config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
+config_opts['dist'] = 'fc9'
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['internal_dev_setup'] = False
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
+config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
+config_opts['plugin_conf']['root_cache_enable'] = False
+config_opts['plugin_conf']['yum_cache_enable'] = False
+config_opts['plugin_conf']['ccache_enable'] = False
+
+
+config_opts['yum.conf'] = """
+[main]
+cachedir=/var/cache/yum
+debuglevel=1
+reposdir=/dev/null
+logfile=/var/log/yum.log
+retries=20
+obsoletes=1
+gpgcheck=0
+assumeyes=1
+http_caching=none
+
+# repos
+
+[fedora]
+name=fedora
+baseurl=http://ppcpkgs.fedoraproject.org/mash/rawhide/ppc64le/os
+
+[buildroot]
+name=buildroot
+baseurl=http://ppcpkgs.fedoraproject.org/repos/f24-build/latest/ppc64le/
+"""

roles/koji_builder/files/ppc-koji.conf

@@ -1,23 +0,0 @@
-[koji]
-
-;configuration for koji cli tool
-
-;url of XMLRPC server
-server = http://ppc.koji.fedoraproject.org/kojihub
-
-;url of web interface
-weburl = http://ppc.koji.fedoraproject.org/koji
-
-;path to the koji top directory
-;topdir = /mnt/koji
-
-;configuration for SSL athentication
-
-;client certificate
-;cert = ~/.koji/client.crt
-
-;certificate of the CA that issued the client certificate
-;ca = ~/.koji/clientca.crt
-
-;certificate of the CA that issued the HTTP server certificate
-;serverca = ~/.koji/serverca.crt

roles/koschei/tasks/main.yml

@@ -106,6 +106,7 @@
   template: src=cron-db-cleanup.j2 dest=/etc/cron.d/cron-db-cleanup
   tags:
   - koschei
+  - config
 
 # See https://github.com/msimacek/koschei/issues/16
 - name: HOTFIX koschei resolver.py
@@ -125,6 +126,7 @@
             owner=koschei group=koschei mode=0600
   tags:
   - koschei
+  - config
 
 - name: Create libexec/koschei dir
   file: path=/usr/libexec/koschei state=directory

roles/koschei/templates/cron-db-cleanup.j2

@@ -1,2 +1,2 @@
 0 3 * * *   koschei    koschei-admin cleanup --older-than 6
-0 4 * * *   koschei    psql -h {{ koschei_pgsql_hostname }} -d koschei -U koscheiadmin -c 'VACUUM FULL ANALYZE package;'
+0 4,10,16,22 * * *   koschei    psql -h {{ koschei_pgsql_hostname }} -d koschei -U koscheiadmin -c 'VACUUM FULL ANALYZE package;'

roles/taskotron/taskotron-client/files/yumrepoinfo.conf

@@ -33,8 +33,24 @@ release_status =
 [rawhide]
 url = %(rawhideurl)s
 path = development/rawhide
-tag = f23
+tag = f24
-release_status = rawhide
+release_status = rawhida
+
+# Fedora 23
+[f23]
+url = %(rawhideurl)s
+path = development/23
+release_status = stable
+
+[f23-updates]
+url = %(updatesurl)s
+path = 23
+parent = f23
+
+[f23-updates-testing]
+url = %(updatesurl)s
+path = testing/23
+parent = f23-updates
 
 # Fedora 22
 [f22]

tasks/growroot_cloud_el7.yml

@@ -0,0 +1,30 @@
+- name: add infra repo 
+  action: get_url url=http://infrastructure.fedoraproject.org/el/infrastructure.repo dest=/etc/yum.repos.d/
+  when: is_rhel is defined
+  tags:
+  - config
+
+- name: install cloud-utils
+  yum: name=cloud-utils state=present
+  tags:
+  - packages
+
+- name: growpart the first partition (/) to full size
+  command: growpart /dev/vda 1
+  register: growpart
+  always_run: true
+  changed_when: "growpart.rc != 1"
+  failed_when: growpart.rc == 2
+   
+- name: reboot the box
+  command: /sbin/reboot
+  when: growpart.rc == 0
+  ignore_errors: true
+
+- name: wait for it to come back (should be quick)
+  local_action: wait_for host={{ inventory_hostname }} port=22 delay=10 timeout=120
+  when: growpart.rc == 0
+
+- name: resize the /dev/vda 1 fs
+  command: xfs_growfs /
+  when: growpart.rc == 0