Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of /git/ansible

Browse source
This commit is contained in:
Andrea Veri 2014-02-15 15:03:54 +00:00
commit f26437b1f1
233 changed files with 3381 additions and 2121 deletions
Download patch file Download diff file Expand all files Collapse all files

4
files/copr/copr-be.conf
View file

@ -35,7 +35,7 @@ destdir=/var/lib/copr/public_html/results
sleeptime=30
# default is 8
num_workers=5
num_workers=8
# path to log file
# default is /var/log/copr/backend.log
@ -51,7 +51,7 @@ worker_logdir=/var/log/copr/workers/
# publish fedmsg notifications from workers if true
# default is false
#fedmsg_enabled=false
fedmsg_enabled=true
[builder]
# default is 1800

44
files/copr/fe/httpd/coprs.conf
View file

@ -18,3 +18,47 @@ WSGISocketPrefix /var/run/wsgi
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLProtocol all -SSLv2
#optimeize on speed
SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5
SSLHonorCipherOrder on
SSLCertificateFile /etc/pki/tls/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
ServerName copr-fe.cloud.fedoraproject.org:443
WSGIPassAuthorization On
#WSGIDaemonProcess 127.0.0.1 user=copr-fe group=copr-fe threads=5
WSGIScriptAlias / /usr/share/copr/coprs_frontend/application
WSGIProcessGroup 127.0.0.1
ErrorLog logs/error_coprs
CustomLog logs/access_coprs common
<Directory /usr/share/copr>
WSGIApplicationGroup %{GLOBAL}
Require all granted
</Directory>
</VirtualHost>
<IfModule mod_status.c>
ExtendedStatus On
<Location /server-status>
SetHandler server-status
Require all denied
Require host localhost .redhat.com
</Location>
</IfModule>
<IfModule mpm_prefork_module>
StartServers 8
MinSpareServers 8
MaxSpareServers 20
MaxClients 50
MaxRequestsPerChild 10000
</IfModule>

3
files/copr/forward
View file

@ -1 +1,4 @@
msuchy+coprmachine@redhat.com
kevin@scrye.com
nb@fedoraproject.org
sgallagh@redhat.com

10
files/copr/lighttpd/lighttpd.conf
View file

@ -90,7 +90,7 @@ server.port = 80
##
## Use IPv6?
##
server.use-ipv6 = "enable"
server.use-ipv6 = "disable"
##
## bind to a specific IP
@ -445,3 +445,11 @@ server.upload-dirs = ( "/var/tmp" )
#include_shell "cat /etc/lighttpd/vhosts.d/*.conf"
##
#######################################################################
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/coprs-be.fedoraproject.org.pem"
ssl.ca-file = "/etc/lighttpd/coprs-be.fedoraproject.org.crt"
ssl.disable-client-renegotiation = "enable"
ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
}

9
files/copr/provision/files/builder.repo
View file

@ -12,3 +12,12 @@ baseurl=http://172.16.5.4/results/msuchy/Mock/epel-6-$basearch/
skip_if_unavailable=True
gpgcheck=0
enabled=1
[msuchy-scl-utils]
name=Copr repo for scl-utils owned by msuchy
description=scl-utils with patch from https://bugzilla.redhat.com/show_bug.cgi?id=985233
baseurl=http://172.16.5.4/results/msuchy/scl-utils/epel-6-$basearch/
skip_if_unavailable=True
gpgcheck=0
enabled=1

6
files/copr/provision/files/mock/epel-5-i386.cfg
View file

@ -3,8 +3,12 @@ config_opts['target_arch'] = 'i386'
config_opts['legal_host_arches'] = ('i386', 'i586', 'i686', 'x86_64')
config_opts['chroot_setup_cmd'] = 'install buildsys-build'
config_opts['dist'] = 'el5' # only useful for --resultdir variable subst
config_opts['macros'] = {}
if not config_opts.has_key('macros'): config_opts['macros'] = {}
config_opts['macros']['%__arch_install_post'] = '%{nil}'
config_opts['macros']['%rhel'] = '5'
config_opts['macros']['%dist'] = '.el5'
config_opts['macros']['%el5'] = '1'
config_opts['releasever'] = '5'
config_opts['yum.conf'] = """
[main]

6
files/copr/provision/files/mock/epel-5-x86_64.cfg
View file

@ -3,8 +3,12 @@ config_opts['target_arch'] = 'x86_64'
config_opts['legal_host_arches'] = ('x86_64',)
config_opts['chroot_setup_cmd'] = 'install buildsys-build'
config_opts['dist'] = 'el5' # only useful for --resultdir variable subst
config_opts['macros'] = {}
if not config_opts.has_key('macros'): config_opts['macros'] = {}
config_opts['macros']['%__arch_install_post'] = '%{nil}'
config_opts['macros']['%rhel'] = '5'
config_opts['macros']['%dist'] = '.el5'
config_opts['macros']['%el5'] = '1'
config_opts['releasever'] = '5'
config_opts['yum.conf'] = """
[main]

4
files/copr/provision/files/mock/epel-7-x86_64.cfg
View file

@ -6,8 +6,12 @@ config_opts['legal_host_arches'] = ('x86_64',)
config_opts['chroot_setup_cmd'] = 'install bash bzip2 coreutils cpio diffutils findutils gawk gcc gcc-c++ grep gzip info make patch redhat-release-server redhat-rpm-config rpm-build sed shadow-utils tar unzip util-linux which xz'
config_opts['dist'] = 'el7' # only useful for --resultdir variable subst
config_opts['macros'] = {}
config_opts['macros']['%dist'] = '.el7'
config_opts['macros']['%rhel'] = '7'
config_opts['macros']['%el7'] = '1'
config_opts['macros']['%_topdir'] = '/builddir/build'
config_opts['macros']['%_rpmfilename'] = '%%{NAME}-%%{VERSION}-%%{RELEASE}.%%{ARCH}.rpm'
config_opts['releasever'] = '7'
config_opts['plugin_conf']['root_cache_enable'] = False
config_opts['plugin_conf']['yum_cache_enable'] = False

1
files/copr/provision/files/mock/fedora-20-i386.cfg
View file

@ -3,6 +3,7 @@ config_opts['target_arch'] = 'i686'
config_opts['legal_host_arches'] = ('i386', 'i586', 'i686', 'x86_64')
config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
config_opts['dist'] = 'fc20' # only useful for --resultdir variable subst
config_opts['releasever'] = '20'
config_opts['yum.conf'] = """
[main]

1
files/copr/provision/files/mock/fedora-20-x86_64.cfg
View file

@ -3,6 +3,7 @@ config_opts['target_arch'] = 'x86_64'
config_opts['legal_host_arches'] = ('x86_64',)
config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
config_opts['dist'] = 'fc20' # only useful for --resultdir variable subst
config_opts['releasever'] = '20'
config_opts['yum.conf'] = """
[main]

1
files/hosts/arm.fedoraproject.org-hosts
View file

@ -4,6 +4,7 @@
10.5.125.36 kojipkgs.fedoraproject.org
10.5.126.23 infrastructure.fedoraproject.org
10.5.124.138 arm.koji.fedoraproject.org
10.5.124.138 armpkgs.fedoraproject.org
10.5.125.44 pkgs.fedoraproject.org pkgs
#
# This is proxy01.phx2.fedoraproject.org

7
files/hosts/ask01.phx2.fedoraproject.org-hosts Normal file
View file

@ -0,0 +1,7 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.52 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.23 infrastructure.fedoraproject.org
10.5.126.71 db-ask

2
files/hosts/ask01.stg.phx2.fedoraproject.org-hosts
View file

@ -2,7 +2,7 @@
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.89 admin.fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy5 proxy01 proxy02 proxy03 proxy04 proxy05 fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.86 fas01.phx2.fedoraproject.org fas1 fas2 fas01 fas02 fas03 fas-all
10.5.126.23 infrastructure.fedoraproject.org

7
files/hosts/ask02.phx2.fedoraproject.org-hosts Normal file
View file

@ -0,0 +1,7 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.52 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.23 infrastructure.fedoraproject.org
10.5.126.71 db-ask

2
files/hosts/badges-backend01.stg.phx2.fedoraproject.org-hosts
View file

@ -2,7 +2,7 @@
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.89 admin.fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy5 proxy01 proxy02 proxy03 proxy04 proxy05 fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.86 fas01.phx2.fedoraproject.org fas1 fas2 fas01 fas02 fas03 fas-all
10.5.126.23 infrastructure.fedoraproject.org

2
files/hosts/badges-web01.phx2.fedoraproject.org-hosts
View file

@ -1,5 +1,5 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.52 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy5 proxy01 proxy02 proxy03 proxy04 proxy05 fedoraproject.org
10.5.126.52 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.23 infrastructure.fedoraproject.org
10.5.126.71 db-tahrir db-tahrir

2
files/hosts/badges-web01.stg.phx2.fedoraproject.org-hosts
View file

@ -2,7 +2,7 @@
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.89 admin.fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy5 proxy01 proxy02 proxy03 proxy04 proxy05 fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.86 fas01.phx2.fedoraproject.org fas1 fas2 fas01 fas02 fas03 fas-all
10.5.126.23 infrastructure.fedoraproject.org

2
files/hosts/badges-web02.phx2.fedoraproject.org-hosts
View file

@ -1,5 +1,5 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.52 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy5 proxy01 proxy02 proxy03 proxy04 proxy05 fedoraproject.org
10.5.126.52 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.23 infrastructure.fedoraproject.org
10.5.126.71 db-tahrir db-tahrir

9
files/hosts/fedoauth01.stg.phx2.fedoraproject.org-hosts Normal file
View file

@ -0,0 +1,9 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.89 admin.fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.86 fas01.phx2.fedoraproject.org fas1 fas2 fas01 fas02 fas03 fas-all
10.5.126.23 infrastructure.fedoraproject.org
10.5.126.81 memcached03 memcached03.stg app01 app01.stg

2
files/hosts/fedocal01.phx2.fedoraproject.org-hosts
View file

@ -2,7 +2,7 @@
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.89 admin.fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy5 proxy01 proxy02 proxy03 proxy04 proxy05 fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.86 fas01.phx2.fedoraproject.org fas1 fas2 fas01 fas02 fas03 fas-all
10.5.126.23 infrastructure.fedoraproject.org

2
files/hosts/fedocal01.stg.phx2.fedoraproject.org-hosts
View file

@ -2,7 +2,7 @@
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.89 admin.fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy5 proxy01 proxy02 proxy03 proxy04 proxy05 fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.86 fas01.phx2.fedoraproject.org fas1 fas2 fas01 fas02 fas03 fas-all
10.5.126.23 infrastructure.fedoraproject.org

2
files/hosts/fedocal02.phx2.fedoraproject.org-hosts
View file

@ -2,7 +2,7 @@
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.89 admin.fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy5 proxy01 proxy02 proxy03 proxy04 proxy05 fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.86 fas01.phx2.fedoraproject.org fas1 fas2 fas01 fas02 fas03 fas-all
10.5.126.23 infrastructure.fedoraproject.org

6
files/hosts/notifs-backend01.phx2.fedoraproject.org-hosts Normal file
View file

@ -0,0 +1,6 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.52 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.23 infrastructure.fedoraproject.org
10.5.126.71 db-notifs db-notifs
10.5.126.109 db-datanommer db-datanommer

3
files/hosts/notifs-backend01.stg.phx2.fedoraproject.org-hosts
View file

@ -2,10 +2,11 @@
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.89 admin.fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy5 proxy01 proxy02 proxy03 proxy04 proxy05 fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.86 fas01.phx2.fedoraproject.org fas1 fas2 fas01 fas02 fas03 fas-all
10.5.126.23 infrastructure.fedoraproject.org
10.5.126.81 memcached03 memcached03.stg app01 app01.stg
10.5.126.85 db-notifs db-notifs
10.5.126.85 db-datanommer db-datanommer

6
files/hosts/notifs-web01.phx2.fedoraproject.org-hosts Normal file
View file

@ -0,0 +1,6 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.52 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.23 infrastructure.fedoraproject.org
10.5.126.71 db-notifs db-notifs
10.5.126.109 db-datanommer db-datanommer

3
files/hosts/notifs-web01.stg.phx2.fedoraproject.org-hosts
View file

@ -2,10 +2,11 @@
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.89 admin.fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy5 proxy01 proxy02 proxy03 proxy04 proxy05 fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.86 fas01.phx2.fedoraproject.org fas1 fas2 fas01 fas02 fas03 fas-all
10.5.126.23 infrastructure.fedoraproject.org
10.5.126.81 memcached03 memcached03.stg app01 app01.stg
10.5.126.85 db-notifs db-notifs
10.5.126.85 db-datanommer db-datanommer

6
files/hosts/notifs-web02.phx2.fedoraproject.org-hosts Normal file
View file

@ -0,0 +1,6 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.52 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.23 infrastructure.fedoraproject.org
10.5.126.71 db-notifs db-notifs
10.5.126.109 db-datanommer db-datanommer

3
files/hosts/notifs-web02.stg.phx2.fedoraproject.org-hosts
View file

@ -2,10 +2,11 @@
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.89 admin.fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy5 proxy01 proxy02 proxy03 proxy04 proxy05 fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.86 fas01.phx2.fedoraproject.org fas1 fas2 fas01 fas02 fas03 fas-all
10.5.126.23 infrastructure.fedoraproject.org
10.5.126.81 memcached03 memcached03.stg app01 app01.stg
10.5.126.85 db-notifs db-notifs
10.5.126.85 db-datanommer db-datanommer

2
files/hosts/nuancier01.phx2.fedoraproject.org-hosts
View file

@ -1,7 +1,7 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.52 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy5 proxy01 proxy02 proxy03 proxy04 proxy05 fedoraproject.org
10.5.126.52 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.23 infrastructure.fedoraproject.org
10.5.126.71 nuancier_db nuancier_db

2
files/hosts/nuancier01.stg.phx2.fedoraproject.org-hosts
View file

@ -2,7 +2,7 @@
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.89 admin.fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy5 proxy01 proxy02 proxy03 proxy04 proxy05 fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.86 fas01.phx2.fedoraproject.org fas1 fas2 fas01 fas02 fas03 fas-all
10.5.126.23 infrastructure.fedoraproject.org

2
files/hosts/nuancier02.phx2.fedoraproject.org-hosts
View file

@ -1,7 +1,7 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.52 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy5 proxy01 proxy02 proxy03 proxy04 proxy05 fedoraproject.org
10.5.126.52 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.23 infrastructure.fedoraproject.org
10.5.126.71 nuancier_db nuancier_db

2
files/hosts/nuancier02.stg.phx2.fedoraproject.org-hosts
View file

@ -2,7 +2,7 @@
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.5.126.89 admin.fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy5 proxy01 proxy02 proxy03 proxy04 proxy05 fedoraproject.org
10.5.126.88 proxy01.phx2.fedoraproject.org proxy1 proxy2 proxy3 proxy4 proxy01 proxy02 proxy03 proxy04 fedoraproject.org
10.5.126.86 fas01.phx2.fedoraproject.org fas1 fas2 fas01 fas02 fas03 fas-all
10.5.126.23 infrastructure.fedoraproject.org

430
files/hotfix/python-openid/fetchers.py Normal file
View file

@ -0,0 +1,430 @@
# -*- test-case-name: openid.test.test_fetchers -*-
"""
This module contains the HTTP fetcher interface and several implementations.
"""
__all__ = ['fetch', 'getDefaultFetcher', 'setDefaultFetcher', 'HTTPResponse',
'HTTPFetcher', 'createHTTPFetcher', 'HTTPFetchingError',
'HTTPError']
import urllib2
import time
import cStringIO
import sys
import openid
import openid.urinorm
# Try to import httplib2 for caching support
# http://bitworking.org/projects/httplib2/
try:
import httplib2
except ImportError:
# httplib2 not available
httplib2 = None
# try to import pycurl, which will let us use CurlHTTPFetcher
try:
import pycurl
except ImportError:
pycurl = None
USER_AGENT = "python-openid/%s (%s)" % (openid.__version__, sys.platform)
MAX_RESPONSE_KB = 1024
def fetch(url, body=None, headers=None):
"""Invoke the fetch method on the default fetcher. Most users
should need only this method.
@raises Exception: any exceptions that may be raised by the default fetcher
"""
fetcher = getDefaultFetcher()
return fetcher.fetch(url, body, headers)
def createHTTPFetcher():
"""Create a default HTTP fetcher instance
prefers Curl to urllib2."""
if pycurl is None:
fetcher = Urllib2Fetcher()
else:
fetcher = CurlHTTPFetcher()
return fetcher
# Contains the currently set HTTP fetcher. If it is set to None, the
# library will call createHTTPFetcher() to set it. Do not access this
# variable outside of this module.
_default_fetcher = None
def getDefaultFetcher():
"""Return the default fetcher instance
if no fetcher has been set, it will create a default fetcher.
@return: the default fetcher
@rtype: HTTPFetcher
"""
global _default_fetcher
if _default_fetcher is None:
setDefaultFetcher(createHTTPFetcher())
return _default_fetcher
def setDefaultFetcher(fetcher, wrap_exceptions=True):
"""Set the default fetcher
@param fetcher: The fetcher to use as the default HTTP fetcher
@type fetcher: HTTPFetcher
@param wrap_exceptions: Whether to wrap exceptions thrown by the
fetcher wil HTTPFetchingError so that they may be caught
easier. By default, exceptions will be wrapped. In general,
unwrapped fetchers are useful for debugging of fetching errors
or if your fetcher raises well-known exceptions that you would
like to catch.
@type wrap_exceptions: bool
"""
global _default_fetcher
if fetcher is None or not wrap_exceptions:
_default_fetcher = fetcher
else:
_default_fetcher = ExceptionWrappingFetcher(fetcher)
def usingCurl():
"""Whether the currently set HTTP fetcher is a Curl HTTP fetcher."""
fetcher = getDefaultFetcher()
if isinstance(fetcher, ExceptionWrappingFetcher):
fetcher = fetcher.fetcher
return isinstance(fetcher, CurlHTTPFetcher)
class HTTPResponse(object):
"""XXX document attributes"""
headers = None
status = None
body = None
final_url = None
def __init__(self, final_url=None, status=None, headers=None, body=None):
self.final_url = final_url
self.status = status
self.headers = headers
self.body = body
def __repr__(self):
return "<%s status %s for %s>" % (self.__class__.__name__,
self.status,
self.final_url)
class HTTPFetcher(object):
"""
This class is the interface for openid HTTP fetchers. This
interface is only important if you need to write a new fetcher for
some reason.
"""
def fetch(self, url, body=None, headers=None):
"""
This performs an HTTP POST or GET, following redirects along
the way. If a body is specified, then the request will be a
POST. Otherwise, it will be a GET.
@param headers: HTTP headers to include with the request
@type headers: {str:str}
@return: An object representing the server's HTTP response. If
there are network or protocol errors, an exception will be
raised. HTTP error responses, like 404 or 500, do not
cause exceptions.
@rtype: L{HTTPResponse}
@raise Exception: Different implementations will raise
different errors based on the underlying HTTP library.
"""
raise NotImplementedError
def _allowedURL(url):
return url.startswith('http://') or url.startswith('https://')
class HTTPFetchingError(Exception):
"""Exception that is wrapped around all exceptions that are raised
by the underlying fetcher when using the ExceptionWrappingFetcher
@ivar why: The exception that caused this exception
"""
def __init__(self, why=None):
Exception.__init__(self, why)
self.why = why
class ExceptionWrappingFetcher(HTTPFetcher):
"""Fetcher that wraps another fetcher, causing all exceptions
@cvar uncaught_exceptions: Exceptions that should be exposed to the
user if they are raised by the fetch call
"""
uncaught_exceptions = (SystemExit, KeyboardInterrupt, MemoryError)
def __init__(self, fetcher):
self.fetcher = fetcher
def fetch(self, *args, **kwargs):
try:
return self.fetcher.fetch(*args, **kwargs)
except self.uncaught_exceptions:
raise
except:
exc_cls, exc_inst = sys.exc_info()[:2]
if exc_inst is None:
# string exceptions
exc_inst = exc_cls
raise HTTPFetchingError(why=exc_inst)
class Urllib2Fetcher(HTTPFetcher):
"""An C{L{HTTPFetcher}} that uses urllib2.
"""
# Parameterized for the benefit of testing frameworks, see
# http://trac.openidenabled.com/trac/ticket/85
urlopen = staticmethod(urllib2.urlopen)
def fetch(self, url, body=None, headers=None):
if not _allowedURL(url):
raise ValueError('Bad URL scheme: %r' % (url,))
if headers is None:
headers = {}
headers.setdefault(
'User-Agent',
"%s Python-urllib/%s" % (USER_AGENT, urllib2.__version__,))
req = urllib2.Request(url, data=body, headers=headers)
try:
f = self.urlopen(req)
try:
return self._makeResponse(f)
finally:
f.close()
except urllib2.HTTPError, why:
try:
return self._makeResponse(why)
finally:
why.close()
def _makeResponse(self, urllib2_response):
resp = HTTPResponse()
resp.body = urllib2_response.read(MAX_RESPONSE_KB * 1024)
resp.final_url = urllib2_response.geturl()
resp.headers = dict(urllib2_response.info().items())
if hasattr(urllib2_response, 'code'):
resp.status = urllib2_response.code
else:
resp.status = 200
return resp
class HTTPError(HTTPFetchingError):
"""
This exception is raised by the C{L{CurlHTTPFetcher}} when it
encounters an exceptional situation fetching a URL.
"""
pass
# XXX: define what we mean by paranoid, and make sure it is.
class CurlHTTPFetcher(HTTPFetcher):
"""
An C{L{HTTPFetcher}} that uses pycurl for fetching.
See U{http://pycurl.sourceforge.net/}.
"""
ALLOWED_TIME = 20 # seconds
def __init__(self):
HTTPFetcher.__init__(self)
if pycurl is None:
raise RuntimeError('Cannot find pycurl library')
def _parseHeaders(self, header_file):
header_file.seek(0)
# Remove the status line from the beginning of the input
unused_http_status_line = header_file.readline().lower ()
while unused_http_status_line.lower().startswith('http/1.1 1'):
unused_http_status_line = header_file.readline()
unused_http_status_line = header_file.readline()
lines = [line.strip() for line in header_file]
# and the blank line from the end
empty_line = lines.pop()
if empty_line:
raise HTTPError("No blank line at end of headers: %r" % (line,))
headers = {}
for line in lines:
try:
name, value = line.split(':', 1)
except ValueError:
raise HTTPError(
"Malformed HTTP header line in response: %r" % (line,))
value = value.strip()
# HTTP headers are case-insensitive
name = name.lower()
headers[name] = value
return headers
def _checkURL(self, url):
# XXX: document that this can be overridden to match desired policy
# XXX: make sure url is well-formed and routeable
return _allowedURL(url)
def fetch(self, url, body=None, headers=None):
stop = int(time.time()) + self.ALLOWED_TIME
off = self.ALLOWED_TIME
if headers is None:
headers = {}
headers.setdefault('User-Agent',
"%s %s" % (USER_AGENT, pycurl.version,))
header_list = []
if headers is not None:
for header_name, header_value in headers.iteritems():
header_list.append('%s: %s' % (header_name, header_value))
c = pycurl.Curl()
try:
c.setopt(pycurl.NOSIGNAL, 1)
if header_list:
c.setopt(pycurl.HTTPHEADER, header_list)
# Presence of a body indicates that we should do a POST
if body is not None:
c.setopt(pycurl.POST, 1)
c.setopt(pycurl.POSTFIELDS, body)
while off > 0:
if not self._checkURL(url):
raise HTTPError("Fetching URL not allowed: %r" % (url,))
data = cStringIO.StringIO()
def write_data(chunk):
if data.tell() > 1024*MAX_RESPONSE_KB:
return 0
else:
return data.write(chunk)
response_header_data = cStringIO.StringIO()
c.setopt(pycurl.WRITEFUNCTION, write_data)
c.setopt(pycurl.HEADERFUNCTION, response_header_data.write)
c.setopt(pycurl.TIMEOUT, off)
c.setopt(pycurl.URL, openid.urinorm.urinorm(url))
c.perform()
response_headers = self._parseHeaders(response_header_data)
code = c.getinfo(pycurl.RESPONSE_CODE)
if code in [301, 302, 303, 307]:
url = response_headers.get('location')
if url is None:
raise HTTPError(
'Redirect (%s) returned without a location' % code)
# Redirects are always GETs
c.setopt(pycurl.POST, 0)
# There is no way to reset POSTFIELDS to empty and
# reuse the connection, but we only use it once.
else:
resp = HTTPResponse()
resp.headers = response_headers
resp.status = code
resp.final_url = url
resp.body = data.getvalue()
return resp
off = stop - int(time.time())
raise HTTPError("Timed out fetching: %r" % (url,))
finally:
c.close()
class HTTPLib2Fetcher(HTTPFetcher):
"""A fetcher that uses C{httplib2} for performing HTTP
requests. This implementation supports HTTP caching.
@see: http://bitworking.org/projects/httplib2/
"""
def __init__(self, cache=None):
"""@param cache: An object suitable for use as an C{httplib2}
cache. If a string is passed, it is assumed to be a
directory name.
"""
if httplib2 is None:
raise RuntimeError('Cannot find httplib2 library. '
'See http://bitworking.org/projects/httplib2/')
super(HTTPLib2Fetcher, self).__init__()
# An instance of the httplib2 object that performs HTTP requests
self.httplib2 = httplib2.Http(cache)
# We want httplib2 to raise exceptions for errors, just like
# the other fetchers.
self.httplib2.force_exception_to_status_code = False
def fetch(self, url, body=None, headers=None):
"""Perform an HTTP request
@raises Exception: Any exception that can be raised by httplib2
@see: C{L{HTTPFetcher.fetch}}
"""
if body:
method = 'POST'
else:
method = 'GET'
if headers is None:
headers = {}
# httplib2 doesn't check to make sure that the URL's scheme is
# 'http' so we do it here.
if not (url.startswith('http://') or url.startswith('https://')):
raise ValueError('URL is not a HTTP URL: %r' % (url,))
httplib2_response, content = self.httplib2.request(
url, method, body=body, headers=headers)
# Translate the httplib2 response to our HTTP response abstraction
# When a 400 is returned, there is no "content-location"
# header set. This seems like a bug to me. I can't think of a
# case where we really care about the final URL when it is an
# error response, but being careful about it can't hurt.
try:
final_url = httplib2_response['content-location']
except KeyError:
# We're assuming that no redirects occurred
assert not httplib2_response.previous
# And this should never happen for a successful response
assert httplib2_response.status != 200
final_url = url
return HTTPResponse(
body=content,
final_url=final_url,
headers=dict(httplib2_response.items()),
status=httplib2_response.status,
)

16
files/jenkins/master/config.xml
View file

@ -78,6 +78,22 @@ class="jenkins.model.ProjectNamingStrategy$DefaultProjectNamingStrategy"/>
<label></label>
<nodeProperties/>
</slave>
<slave>
<name>Fedora20</name>
<description></description>
<remoteFS>/mnt/jenkins/</remoteFS>
<numExecutors>2</numExecutors>
<mode>NORMAL</mode>
<retentionStrategy class="hudson.slaves.RetentionStrategy$Always"/>
<launcher class="hudson.plugins.sshslaves.SSHLauncher"
plugin="ssh-slaves@0.21">
<host>172.16.5.23</host>
<port>22</port>
<credentialsId>950d5dd7-acb2-402a-8670-21f152d04928</credentialsId>
</launcher>
<label></label>
<nodeProperties/>
</slave>
</slaves>
<quietPeriod>5</quietPeriod>
<scmCheckoutRetryCount>0</scmCheckoutRetryCount>

22
files/jenkins/master/hudson.plugins.warnings.WarningsPublisher.xml Normal file
View file

@ -0,0 +1,22 @@
<?xml version='1.0' encoding='UTF-8'?>
<!-- plugin requested by user rholy (ticket #4175) -->
<hudson.plugins.warnings.WarningsDescriptor plugin="warnings@4.39">
<groovyParsers>
<hudson.plugins.warnings.GroovyParser>
<name>pyflakes</name>
<regexp>^(.*):([0-9]*):(.*)$</regexp>
<script>import hudson.plugins.warnings.parser.Warning
import hudson.plugins.analysis.util.model.Priority
String fileName = matcher.group(1)
String category = &quot;PyFlakes Error&quot;
String lineNumber = matcher.group(2)
String message = matcher.group(3)
return new Warning(fileName, Integer.parseInt(lineNumber), category, &quot;PyFlakes Parser&quot;, message, Priority.NORMAL);</script>
<example></example>
<linkName>https://pypi.python.org/pypi/pyflakes</linkName>
<trendName>pyflakes errors</trendName>
</hudson.plugins.warnings.GroovyParser>
</groovyParsers>
</hudson.plugins.warnings.WarningsDescriptor>

23
files/kojibuilder/arm-koji.conf
View file

@ -1,23 +0,0 @@
[koji]
;configuration for koji cli tool
;url of XMLRPC server
server = http://arm.koji.fedoraproject.org/kojihub
;url of web interface
weburl = http://arm.koji.fedoraproject.org/koji
;path to the koji top directory
;topdir = /mnt/koji
;configuration for SSL athentication
;client certificate
;cert = ~/.koji/client.crt
;certificate of the CA that issued the client certificate
;ca = ~/.koji/clientca.crt
;certificate of the CA that issued the HTTP server certificate
;serverca = ~/.koji/serverca.crt

62
files/kojibuilder/arm-kojid.conf
View file

@ -1,62 +0,0 @@
[kojid]
; The number of seconds to sleep between tasks
; sleeptime=15
; The maximum number of jobs that kojid will handle at a time
; maxjobs=10
; The minimum amount of free space (in MBs) required for each build root
; minspace=8192
; The directory root where work data can be found from the koji hub
; topdir=/mnt/koji
;url of package download site
topurl = http://armpkgs.fedoraproject.org/
; The directory root for temporary storage
; workdir=/tmp/koji
; The directory root for mock
; mockdir=/var/lib/mock
; The user to run as when doing builds
; mockuser=kojibuilder
; The vendor to use in rpm headers
vendor=Fedora Project
; The packager to use in rpm headers
packager=Fedora Project
; the distribution to use in rpm headers
distribution=Fedora Project
; The _host string to use in mock
mockhost=redhat-linux-gnu
; The URL for the xmlrpc server
server=http://arm.koji.fedoraproject.org/kojihub
; The URL for the packages tree
pkgurl=http://armpkgs.fedoraproject.org/packages
; A space-separated list of hostname:repository pairs that kojid is authorized to checkout from (no quotes)
allowed_scms=pkgs.fedoraproject.org:/*:false:fedpkg,sources git.fedorahosted.org:/git/spin-kickstarts.git:false
; The mail host to use for sending email notifications
smtphost=bastion.phx2.fedoraproject.org
; The From address used when sending email notifications
from_addr=Fedora Koji Build System <buildsys@fedoraproject.org>
;configuration for SSL athentication
;client certificate - puppet generated
cert = /etc/kojid/kojibuilder.pem
;certificate of the CA that issued the client certificate
ca = /etc/kojid/cacert.pem
;certificate of the CA that issued the HTTP server certificate
serverca = /etc/kojid/cacert.pem

6
files/kojibuilder/builder-infrastructure.repo
View file

@ -1,6 +0,0 @@
[builder-infrastructure]
name=Builder Packages from Fedora Infrastructure $releasever - $basearch
baseurl=http://infrastructure.fedoraproject.org/repo/builder-rpms/$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://infrastructure.fedoraproject.org/repo/RPM-GPG-KEY-INFRASTRUCTURE

11
files/kojibuilder/builders/bkernel-eth0-network
View file

@ -1,11 +0,0 @@
DEVICE={{ ansible_eth0["device"] }}
BOOTPROTO="static"
DNS1="10.5.126.21"
DNS2="10.5.126.22"
GATEWAY="10.5.125.254"
HWADDR={{ ansible_eth0["macaddress"] }}
IPADDR={{ ansible_eth0["ipv4"]["address"] }}
NETMASK={{ ansible_eth0["ipv4"]["netmask"] }}
NM_CONTROLLED="yes"
ONBOOT="yes"
TYPE="Ethernet"

3
files/kojibuilder/builders/bkernel-site-defaults.cfg
View file

@ -1,3 +0,0 @@
# mount the pesign socket into the chroot
config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/var/run/pesign', '/var/run/pesign' ))
config_opts['plugin_conf']['package_state_enable'] = False

31
files/kojibuilder/builders/fedora-branched-pungi-armhfp.cfg
View file

@ -1,31 +0,0 @@
config_opts['root'] = 'fedora-branched-pungi-armhfp'
config_opts['target_arch'] = 'armv7hl'
config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
config_opts['dist'] = 'fc9'
config_opts['plugin_conf']['root_cache_enable'] = False
config_opts['internal_dev_setup'] = False
config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
config_opts['yum.conf'] = """
[main]
cachedir=/var/cache/yum
debuglevel=1
reposdir=/dev/null
logfile=/var/log/yum.log
retries=20
obsoletes=1
gpgcheck=0
assumeyes=1
# repos
[fedora]
name=fedora
baseurl=http://kojipkgs.fedoraproject.org/mash/branched/armhfp/os
[buildroot]
name=buildroot
baseurl=http://kojipkgs.fedoraproject.org/repos/f20-build/latest/armhfp/
"""

31
files/kojibuilder/builders/fedora-branched-pungi-i386.cfg
View file

@ -1,31 +0,0 @@
config_opts['root'] = 'fedora-branched-pungi-i386'
config_opts['target_arch'] = 'i386'
config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
config_opts['dist'] = 'fc9'
config_opts['plugin_conf']['root_cache_enable'] = False
config_opts['internal_dev_setup'] = False
config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
config_opts['yum.conf'] = """
[main]
cachedir=/var/cache/yum
debuglevel=1
reposdir=/dev/null
logfile=/var/log/yum.log
retries=20
obsoletes=1
gpgcheck=0
assumeyes=1
# repos
[fedora]
name=fedora
baseurl=http://kojipkgs.fedoraproject.org/mash/branched/i386/os
[buildroot]
name=buildroot
baseurl=http://kojipkgs.fedoraproject.org/repos/f20-build/latest/i386/
"""

34
files/kojibuilder/builders/fedora-branched-pungi-x86_64.cfg
View file

@ -1,34 +0,0 @@
config_opts['root'] = 'fedora-branched-pungi-x86_64'
config_opts['target_arch'] = 'x86_64'
config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
config_opts['dist'] = 'fc9'
config_opts['plugin_conf']['root_cache_enable'] = False
config_opts['internal_dev_setup'] = False
config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
config_opts['yum.conf'] = """
[main]
cachedir=/var/cache/yum
debuglevel=1
reposdir=/dev/null
logfile=/var/log/yum.log
retries=20
obsoletes=1
gpgcheck=0
assumeyes=1
# grub/syslinux on x86_64 need glibc-devel.i386 which pulls in glibc.i386, need to exclude all
# .i?86 packages except these.
exclude=[!g]*.i*86 g[!l]*.i?86 gl[!i]*.i?86 gli[!b]*.i?86 glib[!c]*.i?86
# repos
[fedora]
name=fedora
baseurl=http://kojipkgs.fedoraproject.org/mash/branched/x86_64/os
[buildroot]
name=buildroot
baseurl=http://kojipkgs.fedoraproject.org/repos/f20-build/latest/x86_64/
"""

31
files/kojibuilder/builders/fedora-rawhide-pungi-armhfp.cfg
View file

@ -1,31 +0,0 @@
config_opts['root'] = 'fedora-rawhide-pungi-armhfp'
config_opts['target_arch'] = 'armv7hl'
config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
config_opts['dist'] = 'fc9'
config_opts['plugin_conf']['root_cache_enable'] = False
config_opts['internal_dev_setup'] = False
config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
config_opts['yum.conf'] = """
[main]
cachedir=/var/cache/yum
debuglevel=1
reposdir=/dev/null
logfile=/var/log/yum.log
retries=20
obsoletes=1
gpgcheck=0
assumeyes=1
# repos
[fedora]
name=fedora
baseurl=http://kojipkgs.fedoraproject.org/mash/rawhide/armhfp/os
[buildroot]
name=buildroot
baseurl=http://kojipkgs.fedoraproject.org/repos/f20-build/latest/armhfp/
"""

31
files/kojibuilder/builders/fedora-rawhide-pungi-i386.cfg
View file

@ -1,31 +0,0 @@
config_opts['root'] = 'fedora-rawhide-pungi-i386'
config_opts['target_arch'] = 'i386'
config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
config_opts['dist'] = 'fc9'
config_opts['plugin_conf']['root_cache_enable'] = False
config_opts['internal_dev_setup'] = False
config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
config_opts['yum.conf'] = """
[main]
cachedir=/var/cache/yum
debuglevel=1
reposdir=/dev/null
logfile=/var/log/yum.log
retries=20
obsoletes=1
gpgcheck=0
assumeyes=1
# repos
[fedora]
name=fedora
baseurl=http://kojipkgs.fedoraproject.org/mash/rawhide/i386/os
[buildroot]
name=buildroot
baseurl=http://kojipkgs.fedoraproject.org/repos/f20-build/latest/i386/
"""

34
files/kojibuilder/builders/fedora-rawhide-pungi-x86_64.cfg
View file

@ -1,34 +0,0 @@
config_opts['root'] = 'fedora-rawhide-pungi-x86_64'
config_opts['target_arch'] = 'x86_64'
config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
config_opts['dist'] = 'fc9'
config_opts['plugin_conf']['root_cache_enable'] = False
config_opts['internal_dev_setup'] = False
config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev', '/dev' ))
config_opts['plugin_conf']['bind_mount_opts']['dirs'].append(('/dev/pts', '/dev/pts' ))
config_opts['yum.conf'] = """
[main]
cachedir=/var/cache/yum
debuglevel=1
reposdir=/dev/null
logfile=/var/log/yum.log
retries=20
obsoletes=1
gpgcheck=0
assumeyes=1
# grub/syslinux on x86_64 need glibc-devel.i386 which pulls in glibc.i386, need to exclude all
# .i?86 packages except these.
exclude=[!g]*.i*86 g[!l]*.i?86 gl[!i]*.i?86 gli[!b]*.i?86 glib[!c]*.i?86
# repos
[fedora]
name=fedora
baseurl=http://kojipkgs.fedoraproject.org/mash/rawhide/x86_64/os
[buildroot]
name=buildroot
baseurl=http://kojipkgs.fedoraproject.org/repos/f20-build/latest/x86_64/
"""

1
files/kojibuilder/builders/site-defaults.cfg
View file

@ -1 +0,0 @@
config_opts['plugin_conf']['package_state_enable'] = False

11
files/kojibuilder/ftbfs_auth_keys
View file

@ -1,11 +0,0 @@
#dgilmore
from="10.5.126.23,10.5.126.12,10.5.126.11" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAD9QDskl41P2f4wqBuDBRD3VJ7MfKD6gMetMEaOy2b/CzfxN1vzeoxEvUxefi4+uh5b5ht5+BhQVhvBV7sTxxYftEH+B7IRmWigqcS1Ndnw+ML6zCbSTCJOqDvTLxmkZic0NUBIBP907ztMCoZjaOW9SSCrdA9Vp87V3x/KEQaeSNntmnFqtnpQI/N0NlmqxB78p97W/QDpLuftqJ33sM0uyvxXSusThLSFBHjisezsWox49nEKY8HW+Kwkmw+k7EF4tsDWymPB+S0gMsMlTxzjutNASVDmn6H+lgkzns+5Xxii4/mZWrcjqfLuH7vCI2mWykZJ6ek0LiQea9tNN+KZomqX6NbTUK3riaDPrZPNexa4I83Fp+DYNmYgnGMInqn+cZ5PoUJ3u3LaqZGBQeuuONTw0yQ8Pkkn5xibpPO6qblHKcet0pfmWQ5ab+5BDrsyLcPXolMci5h45GNWebr7UMuXT6+q+EolnYgbgDzzGJ4xPohF04OW8CwflK64KEnYcqlGs+DF4TNgGFlhKiyCWfXSjizmQusxn17ayi6+yrkiGeqfz72qyZ1pSKlwA8XRYC2VkAAquJP6zAtAKjCUdmRTSyYgCpoIAlMwBO07BiPLLov6lKdphZYY1DI7pTXA98fhVU04PDqJJYR1GKkttmCsjbRWnxjkPl/Zka1+ei3k9DNidT6j4hFj+uTj8SS70qZUtKLNpc5IcedHaGEK0vcXJm9lIEKBIEnN0PCLZCa4kQZnfdsbuep1fbXNf4WYPXea29aRKJc4hiqsdrccTp4KueHgWt1Jj6CZDZcFgX+NlUVWwk6djgjRzHUryExtsjCcgGMPRJWdUnVcpgkQ1qJhEXng3W+nFFboArWfwU8u1pXEdeE1Z+m+ows3nJHdEgQevyy/cUx6BPNPZkBh10MWskSV8Z+vb02vJB+QikRMwQs3Ywf6RMaZFrBkWD4FfUaU24f4wgtPQN7j5xxJ2rWLJ/s9ZOWSl9yrytC6ZUQwmayLmiPUdm4u/7ZZmaly39K1YWqFDl3eUrRAZwf1L/NAqFu/qcQQ3Xf20K0nI55nVbZ8ODyx6BtfwoioblnTEcehK0uud5Vamc5mfpErFY0agEecsc0sMZO+ky9pf/gCUdM7je7kMDI2hdx61fOa8Wypb5u9WNBWKRKx8xT1XUKhb2uFumm3sR1iNm1Qhj92mo/NO2aETOA1lsYSL0XK571Yy0iFK3X1nOqp/gCsEGLI8OPQk6XuFqv8hmfiIXNKV8IwuDStw7eIvuQIgT7bmMkj+1Ca25foSmg3w5FqJux1gO9t5F018LeQZ6LVlYHZaQnaN+eTU7KfoCozhWw1H9pprDz Dennis Gilmore
#kfenzi
from="10.5.126.23,10.5.126.12,10.5.126.11" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJH1lA7WHRCbaFtvzbw0HxHYJstZjuXhax1+eL+SUJ5fFRGosEc4fLrSCP0gSFDfXmNzuspoBgcQTqnNO8FdIUwkJLDEu0vTQls1aT9YUXb+RVwKB7ULA3b1dqFkmOgLEjTJL9AplK4OJ9Su0kq6QBV4mXCxMsgEML/gn6r8muZmu2L/LdzUnxKKggyq7O5q1K/eW5Yy21fpvbHt2UPQX1f6gt4ty7E9Nnuhi7SHCI7fNIa+kHyIesfTm/SzeK/PY9rDwZKjuyS8o22GJXGEScJomK1cjMESH/J+t8Hffaj88BjGHNczvcnXAjq6y73VJQ9DiGLD4zmFquQMxDu0Tf kevin@jelerak.scrye.com
#smooge
from="10.5.126.23,10.5.126.12,10.5.126.11" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEAxnzCHH11nDM1m7yvqo6Uanq5vcZjBcs/mr3LccxwJ59ENzSXwUgEQy/P8vby9VKMwsskoaqZcvJdOSZBFhNV970NTPb69OIXPQAl/xhaLwiJOn606fB+/S8WepeuntS0qLiebbEiA9vIQLteZ+bWl1s/didD/sFo3/wItoTGA4GuShUu1AyWJx5Ue7Y34rwGR+kIvDoy2GHUcunn2PjGt4r3v2vpiR8GuK0JRupJAGYbYCiMBDRMkR0cgEyHW6+QQNqMlA6nRJjp94PcUMKaZK6Tc+6h5v8kLLtzuZ6ZupwMMC4X8sh85YcxqoW9DynrvO28pzaMNBHm7qr9LeY9PIhXscSa35GAcGZ7UwPK4aJAAuIzCf8BzazyvUM3Ye7GPCXHxUwY0kdXk+MHMVKFzZDChNp/ovgdhxNrw9Xzcs4yw7XYambN9Bk567cI6/tWcPuYLYD4ZJQP0qSXVzVgFEPss1lDcgd0k4if+pINyxM8eVFZVAqU+BMeDC+6W8HUUPgv6LiyTWs+xTXTuORwBTSF1pOqWB4LjqsCGIiMAc6n/xdALBGUN7qsuKDU6Q7bwPppaxypi4KCvuJsqW+8sDtMUaZ34I5Zo1q7cu03wqnOljUGoAY6IDn3J66F2KlPPyb/q3PDV3WbY/jnH16L29/xUA73nFUW1p+WXutwmSU= ssmoogen@ponyo.int.smoogespace.com
#codeblock
from="10.5.126.23,10.5.126.12,10.5.126.11" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAACAEAstHxky7hl1inyHBy+q/9M+Aen2HSfy8IoW+sAO6HSuHEUT7qWB8AlSNjHhahjXx7sy/BUkUed+NB/177rjlThokZDJ0yoM9KKymp26ETGaamBSkWBxZatTj96BWfD0P2K9jc/9vxtgKBq3VK9UaOt6VtJ9q6mKY3DdWLZn+K6iGQAKMCAgd8cCMgD6epBB5/litz7WhYv+aYTyjZGUGbBojQUiWgXDv9lR7p0w+VP7pnZEeb3//k4pZhsPrKFwwRVRLxBvWgVKNvA6nMXmsdikHCLLj8YAevhEY1xAba+iCKOpTqT7Bu+1Fnb9St8u5iDod21gRmN7MGGWYsO+Iu2MNAW9sw2nsA/sdNR0HEEgBqJLhERjGv399fWKyiZaF90n59lg8Pb6EzE6wHRs6rSB+9uKApBzPk99BEHLvC6mhn6RjrOC+TWSTcmXojAwQYCadqIdgWUaBsxaugKEXBFcmRuDWtpDfsqmM1kjeGU6MiaMlqPW0KjsMaVVChLO5ZvB/T7qW4wr5ZjLri475MuHocCMP0ECSUk7I3YW2h8RU6FEFmTpuULFRQo01iPreY5XJ7l0+xy2eggAWo+X2h3nGjXhCPOelBg+LYe0WOmPgB5oc1m5HZtFTcFzYbhAE+xQKlbwNeYT8HmNmEMhPjVoNyOOV7NAap+ueS2u/7li5D59O5Iy8aa5n/WiuYfkqH4pG796nFyLr5L/LVudzyaYFb/Gk8C1j/NAWYw53D/9aOA277HHe5t0/daJhbo98u0asF5mvPld3swPuPqkEZzgUfmNgH5CkvcQcMzaOvj6qr6xNmQfgsHroCShb46kplQ2uSf1pMAqsjN7jGhk6l+Bu6hKHnJKhZJVLiuAZtgYvkCB1ahaO3wRVozA1VKCAlqHOqoCq4YLIobUL95H08Kwcz7vIRIadX1TkOoLb2EwPkE/xrhDp4BySh+j6YNklSBkiRHvJMBNnRIj8NTRjYyj2o1Om7kJ770lEdryg2og8QBaFWCmFkwzg1QVrBOuu0dN7kt2l7VI7Ib4lavKSVTrqUdxdSbthUlu/b4Qif+pbyEtUFgykRsHVs+5Ofg7FZpsgCJ8rLFjzeVF/hAYX7t3XaIPLu+DL8kzamb/CRy1b7+iAw9nJbd7ED2SGyU6+c2coMPG23y6+YxgEmNG/rkCLCypkEEDOZe4DuMerZQ/RxMo06+glC6HC/3VN2dHlVLtEEV33B04/6Z0plAhqtjG7PVs08f8a5msV/VYn5ifa4z0oIXX1r5CIg3Ejp1JguLhBHpWa7YbS2Mwu6GAbD+hQfCYrsUkFonoOLu5czpITLo7ceJFTQmAt7OxZEoZBfmtYfzADQsQVYQb6J4QwvM3iKJOn30dgtYnJOVlDZEn+0fivedxoBAt9jHJ8lVp2ov/dOFnimi5V+2QIMB0fKTkChsk10zsDZ/KUk6zfijjEju0WfjRHCd357KswNv3aXHazfRIw77S2UOenD+xmUDZ6WgnxservUSDNDz7NldLf/gdPOMO4uSwKZixzsoCNioeLEmQv4gomNK7DyZBLMHLlWlbliqP+QWuIJO1rfoH2vaxzzA7l5tJW1gfnxm87RrrwIf9v5kpdJM6gQZxqmBCRsKQd5VkrEJ/xaFfkv080pWNV0drWTZW8fAAgfUNYB260Hyk3rHsjQlVtQxGJ1aAcgjMi3eGKQMwptbUMYHqct75czX6xp6zgXPiC/glX6AtuiZQ5bOI07imil20ien/ks/dnel8L+dmYDasL9m0B2jZ3lbl3eR1Dy7UhqGyERx//vYQapEBuwFcqQ9UdIWCGGG2Pte1I39BSehUUGSCOOD38a/GCu0l7OWZKdwq80MK/Ixgz4neiZQZ7MD2wPy6vk6Num18PZPN7OynMrI2UG5MViQ0GAhRgxwbUCvc7uKnGRqZo9q2mCabCxLbv+hJ4bppxpHHJxMDDXilTKMfZb0YRbvjBUi7LFKLN3MBMK2U1jHE+PjBgweqF8Jtuw04CQMxK3unajZOVkYAIq8IdMbw0oBVP4++eGB9z0x1eH+IsqL6IgknbbyoMgQqW9/8atm8HW2QYCX47oPd4FHs8rgJZk3bz8MwN3tp8WCRtYnJuwkWGWSq77ans0Ycl/tUfSSwUjnSvMsJnuSbxvdX0XbP5eRWikk0pJz5lM9sjYFOPHrQ44/U254yBa0N6UhyNTQnMGzRvY+fADE49b10hXZwCCrxpY9KvGr1XNJMnMcUke+4p9RS5LUwcZ8A6v7oWtZaZwnuBzvKk+HAn2gevD7Stjto+TnRCx1qcbx8iOhAEC6nvbLl+U313TmawrO/usrI5w3EFKP/4BnlKJDtNBeklJ0MpU3R1fmisqfegjuBW2bbaxq8Uo6m7uqPsYuAl7E6rOyZHLbtA8szvbQ46MSqAHezqxHJajWn2oZXMtbddgO5vlkxbRp3SSVKaPOeIj3XOGl78Owp4gFNRE0RY2EuUvrwUhXZR4wx1VHYjS6o9HAwOx3dH+pf1OiblUEanLQ9HLuOBkLhP8wn1M2slsSw+A1gyuI0ayjRujYFXdw6Mqp6XKTdU8vNue2c3d0I+TMifBypP0oJtxXmEoPp/VsU9yLKA2FF7Xvv/Xq1gtZcuZWAbSwMok/ENY1xeIFyjV+0yBidmax3jaf9yus/XEpyeBS3iIz63ymU10Kb2vrWjubg/sa2yd+q0y96dLdDRbnbwGwMmg6mXvTlVXf8c= ricky@padlock01.home.elrod.me
#ftbfs
from="10.5.126.23,10.5.126.12,10.5.126.11" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAmareXr00ufdupdcu71ma3vZdFSyBDHOKyHOZarWp77Zf4eUU7GgXBQSgf6lxvz+KvgItW3p71C0VwpAB9O3y+CalxiO4vwLHLDeo2kNipS8UBDeCipI0NUydLVuAyV/Z73Xi5O28xBtTOjQcUQqrG86sHDhQqZbxMHN+V3VnrKNj0i0Ik9beiaeuYbttXF6qqoNA04piywYQAlHo+CX9t27mx+2HD59P5wCToUpU+MiITKthGGWYU0QZg6i7h3t9vJJvzmVNTLAQXvXRIqmhvdSamT7pNggbQIZD0dA1nJoBaOSAOej8q+3qsaZdzE1tyJTADF02rlXSXqsNVrYJQQ== skvidal@lockbox01.phx2.fedoraproject.org

2
files/kojibuilder/history_off.sh
View file

@ -1,2 +0,0 @@
unset HISTFILE
set HISTSIZE=0

114
files/kojibuilder/idmapd.conf
View file

@ -1,114 +0,0 @@
[General]
#Verbosity = 0
# The following should be set to the local NFSv4 domain name
# The default is the host's DNS domain name.
Domain = fedoraproject.org
# The following is a comma-separated list of Kerberos realm
# names that should be considered to be equivalent to the
# local realm, such that <user>@REALM.A can be assumed to
# be the same user as <user>@REALM.B
# If not specified, the default local realm is the domain name,
# which defaults to the host's DNS domain name,
# translated to upper-case.
# Note that if this value is specified, the local realm name
# must be included in the list!
#Local-Realms =
[Mapping]
#Nobody-User = nobody
#Nobody-Group = nobody
[Translation]
# Translation Method is an comma-separated, ordered list of
# translation methods that can be used. Distributed methods
# include "nsswitch", "umich_ldap", and "static". Each method
# is a dynamically loadable plugin library.
# New methods may be defined and inserted in the list.
# The default is "nsswitch".
Method = nsswitch
# Optional. This is a comma-separated, ordered list of
# translation methods to be used for translating GSS
# authenticated names to ids.
# If this option is omitted, the same methods as those
# specified in "Method" are used.
#GSS-Methods = <alternate method list for translating GSS names>
#-------------------------------------------------------------------#
# The following are used only for the "static" Translation Method.
#-------------------------------------------------------------------#
[Static]
# A "static" list of GSS-Authenticated names to
# local user name mappings
#someuser@REALM = localuser
#-------------------------------------------------------------------#
# The following are used only for the "umich_ldap" Translation Method.
#-------------------------------------------------------------------#
[UMICH_SCHEMA]
# server information (REQUIRED)
LDAP_server = ldap-server.local.domain.edu
# the default search base (REQUIRED)
LDAP_base = dc=local,dc=domain,dc=edu
#-----------------------------------------------------------#
# The remaining options have defaults (as shown)
# and are therefore not required.
#-----------------------------------------------------------#
# whether or not to perform canonicalization on the
# name given as LDAP_server
#LDAP_canonicalize_name = true
# absolute search base for (people) accounts
#LDAP_people_base = <LDAP_base>
# absolute search base for groups
#LDAP_group_base = <LDAP_base>
# Set to true to enable SSL - anything else is not enabled
#LDAP_use_ssl = false
# You must specify a CA certificate location if you enable SSL
#LDAP_ca_cert = /etc/ldapca.cert
# Objectclass mapping information
# Mapping for the person (account) object class
#NFSv4_person_objectclass = NFSv4RemotePerson
# Mapping for the nfsv4name attribute the person object
#NFSv4_name_attr = NFSv4Name
# Mapping for the UID number
#NFSv4_uid_attr = UIDNumber
# Mapping for the GSSAPI Principal name
#GSS_principal_attr = GSSAuthName
# Mapping for the account name attribute (usually uid)
# The value for this attribute must match the value of
# the group member attribute - NFSv4_member_attr
#NFSv4_acctname_attr = uid
# Mapping for the group object class
#NFSv4_group_objectclass = NFSv4RemoteGroup
# Mapping for the GID attribute
#NFSv4_gid_attr = GIDNumber
# Mapping for the Group NFSv4 name
#NFSv4_group_attr = NFSv4Name
# Mapping for the Group member attribute (usually memberUID)
# The value of this attribute must match the value of NFSv4_acctname_attr
#NFSv4_member_attr = memberUID

31
files/kojibuilder/koji.conf
View file

@ -1,31 +0,0 @@
[koji]
;configuration for koji cli tool
;url of XMLRPC server
server = http://koji.fedoraproject.org/kojihub
;url of web interface
weburl = http://koji.fedoraproject.org/koji
;url of package download site
topurl = http://kojipkgs.fedoraproject.org/
;path to the koji top directory
;topdir = /mnt/koji
;configuration for Kerberos authentication
;the service name of the principal being used by the hub
;krbservice = host
;configuration for SSL authentication
;client certificate
cert = ~/.fedora.cert
;certificate of the CA that issued the client certificate
ca = ~/.fedora-server-ca.cert
;certificate of the CA that issued the HTTP server certificate
serverca = ~/.fedora-server-ca.cert

59
files/kojibuilder/kojid.conf
View file

@ -1,59 +0,0 @@
[kojid]
; The number of seconds to sleep between tasks
; sleeptime=15
; The maximum number of jobs that kojid will handle at a time
; maxjobs=10
; The minimum amount of free space (in MBs) required for each build root
; minspace=8192
; The directory root where work data can be found from the koji hub
; topdir=/mnt/koji
;url of package download site
topurl = http://kojipkgs.fedoraproject.org/
; The directory root for temporary storage
; workdir=/tmp/koji
; The directory root for mock
; mockdir=/var/lib/mock
; The user to run as when doing builds
; mockuser=kojibuilder
; The vendor to use in rpm headers
vendor=Fedora Project
; The packager to use in rpm headers
packager=Fedora Project
; the distribution to use in rpm headers
distribution=Fedora Project
; The _host string to use in mock
mockhost=redhat-linux-gnu
; The URL for the xmlrpc server
server=http://koji.fedoraproject.org/kojihub
; A space-separated list of hostname:repository pairs that kojid is authorized to checkout from (no quotes)
allowed_scms=pkgs.fedoraproject.org:/*:false:fedpkg,sources git.fedorahosted.org:/git/spin-kickstarts.git:false
; The mail host to use for sending email notifications
smtphost=bastion.phx2.fedoraproject.org
; The From address used when sending email notifications
from_addr=Fedora Koji Build System <buildsys@fedoraproject.org>
;configuration for SSL athentication
;client certificate - puppet generated
cert = /etc/kojid/kojibuilder.pem
;certificate of the CA that issued the client certificate
ca = /etc/kojid/cacert.pem
;certificate of the CA that issued the HTTP server certificate
serverca = /etc/kojid/cacert.pem

53
files/kojibuilder/limits.conf
View file

@ -1,53 +0,0 @@
# /etc/security/limits.conf
#
#Each line describes a limit for a user in the form:
#
#<domain> <type> <item> <value>
#
#Where:
#<domain> can be:
# - an user name
# - a group name, with @group syntax
# - the wildcard *, for default entry
# - the wildcard %, can be also used with %group syntax,
# for maxlogin limit
#
#<type> can have the two values:
# - "soft" for enforcing the soft limits
# - "hard" for enforcing hard limits
#
#<item> can be one of the following:
# - core - limits the core file size (KB)
# - data - max data size (KB)
# - fsize - maximum filesize (KB)
# - memlock - max locked-in-memory address space (KB)
# - nofile - max number of open files
# - rss - max resident set size (KB)
# - stack - max stack size (KB)
# - cpu - max CPU time (MIN)
# - nproc - max number of processes
# - as - address space limit
# - maxlogins - max number of logins for this user
# - maxsyslogins - max number of logins on the system
# - priority - the priority to run user process with
# - locks - max number of file locks the user can hold
# - sigpending - max number of pending signals
# - msgqueue - max memory used by POSIX message queues (bytes)
# - nice - max nice priority allowed to raise to
# - rtprio - max realtime priority
#
#<domain> <type> <item> <value>
#
* - nofile 4096
#* soft core 0
#* hard rss 10000
#@student hard nproc 20
#@faculty soft nproc 20
#@faculty hard nproc 50
#ftp hard nproc 0
#@student - maxlogins 4
# End of file

1
files/kojibuilder/mock_auth_keys
View file

@ -1 +0,0 @@
from="10.5.125.64,10.5.125.66,10.5.125.69,10.5.125.68" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEA8qg9fzb6pbl15hUdIB8vcUIIK4LcoY30iwL/eJ/8PJRtWc0MJloAfhjGGmmgf7sJl5Lt5VGoZqBw5x1thUfLpxN6FasEQnAnjsBCJM3dfF3OybOtdMAX7+2f29V4xJ+r1djdJnBM7FeXQ6zDFLAmGjFF4flUNmKa0PPmHjJqXWPoLvQq3mLWTCkscanWEA2WL+ceQ/0Bac3ZuHJQ7yPY+lD3p/hHTnQlito+rJVItGzLTkSxmiZaS3UwUSkxPBB3Tms8e7coALaY3AM9K91mnFi0oFFW+pCPdccjBUfHuzT6Khx0SrbKVUI57riUZs2+FDLiBSST7OT8nDlIgBwMWiwfjgURfvp5HOh46hc3gb0+DCxScXlocRMs6a47rC/EACN7HB4HjbrvBbfQts3GegU67Ia7d3vgDNRknp1sR/RjhYeTPxFAPqXJN5/hFyuHyFYTjavw0BZpSvZvQHgAVvUIZsHwEshvlwFkMU5qnqgnR6oMJxlZHqYw63K3iKeUsKsFJepSV5xb+r9pTtHL/bmsTuaEaPhUOiW4kgq8E0RQ5K20FERFsGNCEgfMoAOnLYYQX0vaYIemnGHTA0Y4bqgo39opVBj7dKipVp3uENmxeYTBSQJ9pRJhlmQxxfk0AupQbs77+K9dSLvMo0E10gHK3fa8r1FigAA4T/IDtLs= masher@releng2.fedora.phx.redhat.com

2
files/kojibuilder/root_auth_keys
View file

@ -1,2 +0,0 @@
#ansible key
from="10.5.126.23,10.5.126.12,10.5.126.11,209.132.181.6,192.168.1.58,152.19.134.140,192.168.1.42" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAmS3g5fSXizcCqKMI1n5WPFrfMyu7BMrMkMYyck07rB/cf2orO8kKj5schjILA8NYJFStlv2CGRXmQlendj523FPzPmzxvTP/OT4qdywa4LKGvAxOkRGCMMxWzVFLdEMzsLUE/+FLX+xd1US9UPLGRsbMkdz4ORCc0G8gqTr835H56mQPI+/zPFeQjHoHGYtQA1wnJH/0LCuFFfU82IfzrXzFDIBAA5i2S+eEOk7/SA4Ciek1CthNtqPX27M6UqkJMBmVpnAdeDz2noWMvlzAAUQ7dHL84CiXbUnF3hhYrHDbmD+kEK+KiRrYh3PT+5YfEPVI/xiDJ2fdHGxY7Dr2TQ== root@lockbox01.phx2.fedoraproject.org

1
files/kojibuilder/route-eth1
View file

@ -1 +0,0 @@
10.5.88.0/24 via 10.5.127.254 dev eth1

96
files/lists-dev/aliases
View file

@ -1,96 +0,0 @@
#
# Aliases in this file will NOT be expanded in the header from
# Mail, but WILL be visible over networks or from /bin/mail.
#
# >>>>>>>>>> The program "newaliases" must be run after
# >> NOTE >> this file is updated for any changes to
# >>>>>>>>>> show through to sendmail.
#
# Basic system aliases -- these MUST be present.
mailer-daemon: postmaster
postmaster: root
# General redirections for pseudo accounts.
bin: root
daemon: root
adm: root
lp: root
sync: root
shutdown: root
halt: root
mail: root
news: root
uucp: root
operator: root
games: root
gopher: root
ftp: root
nobody: root
radiusd: root
nut: root
dbus: root
vcsa: root
canna: root
wnn: root
rpm: root
nscd: root
pcap: root
apache: root
webalizer: root
dovecot: root
fax: root
quagga: root
radvd: root
pvm: root
amandabackup: root
privoxy: root
ident: root
named: root
xfs: root
gdm: root
mailnull: root
postgres: root
sshd: root
smmsp: root
postfix: root
netdump: root
ldap: root
squid: root
ntp: root
mysql: root
desktop: root
rpcuser: root
rpc: root
nfsnobody: root
ingres: root
system: root
toor: root
manager: root
dumper: root
abuse: root
newsadm: news
newsadmin: news
usenet: news
ftpadm: ftp
ftpadmin: ftp
ftp-adm: ftp
ftp-admin: ftp
www: webmaster
webmaster: root
noc: root
security: root
hostmaster: root
info: postmaster
marketing: postmaster
sales: postmaster
support: postmaster
# trap decode to catch security attacks
decode: root
# Person who should get root's mail
root: abompard@fedoraproject.org

27
files/lists-dev/hyperkitty.apache.conf
View file

@ -1,27 +0,0 @@
#Alias /robots.txt /etc/hyperkitty/sites/default/static/robots.txt
#Alias /favicon.ico /etc/hyperkitty/sites/default/static/favicon.ico
Alias /hyperkitty/static /var/lib/hyperkitty/sites/default/static
#ErrorLog /var/log/httpd/hyperkitty_error.log
#CustomLog /var/log/httpd/hyperkitty_access.log combined
WSGIScriptAlias /hyperkitty /etc/hyperkitty/sites/default/wsgi.py
WSGIDaemonProcess hyperkitty threads=25 python-path=/etc/hyperkitty/sites/default
# If using VirtualEnv
#WSGIDaemonProcess hyperkitty threads=25 python-path=/etc/hyperkitty/sites/default:/path/to/your/venv/lib/python2.X/site-packages
WSGISocketPrefix run/wsgi
<Directory "/etc/hyperkitty/sites/default">
<Files wsgi.py>
Order deny,allow
Allow from all
Require all granted
</Files>
WSGIProcessGroup hyperkitty
</Directory>
<Directory "/var/lib/hyperkitty/sites/default/static">
Order deny,allow
Allow from all
Require all granted
</Directory>

3
files/lists-dev/hyperkitty.cfg
View file

@ -1,3 +0,0 @@
[general]
base_url: http://lists-dev.cloud.fedoraproject.org/
django_settings: /etc/hyperkitty/sites/default/settings.py

10
files/lists-dev/hyperkitty.logrotate.conf
View file

@ -1,10 +0,0 @@
/var/log/hyperkitty/*.log {
missingok
notifempty
sharedscripts
delaycompress
su root apache
postrotate
/sbin/service httpd reload > /dev/null 2>/dev/null || true
endscript
}

96
files/lists-dev/hyperkitty.settings_local.py.j2
View file

@ -1,96 +0,0 @@
#-*- coding: utf-8 -*-
"""
Django local settings for the hyperkitty project.
"""
DEBUG = True
TEMPLATE_DEBUG = DEBUG
ADMINS = ()
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql_psycopg2',
'NAME': 'hyperkitty',
'USER': 'hyperkitty',
'PASSWORD': '{{ lists_dev_hk_db_pass }}',
'HOST': 'localhost',
'PORT': '',
}
}
# URL prefix for static files.
# Example: "http://media.lawrence.com/static/"
STATIC_URL = '/hyperkitty/static/'
# Add Fedora to the authentication backends
AUTHENTICATION_BACKENDS = (
'social_auth.backends.browserid.BrowserIDBackend',
'hyperkitty.lib.fedora.FedoraBackend',
'social_auth.backends.google.GoogleBackend',
'social_auth.backends.yahoo.YahooBackend',
#'social_auth.backends.OpenIDBackend',
'django.contrib.auth.backends.ModelBackend',
)
# Use the email address as the username (add associate_by_email).
SOCIAL_AUTH_PIPELINE = (
'social_auth.backends.pipeline.social.social_auth_user',
'social_auth.backends.pipeline.associate.associate_by_email',
'social_auth.backends.pipeline.user.get_username',
'social_auth.backends.pipeline.user.create_user',
'social_auth.backends.pipeline.social.associate_user',
'social_auth.backends.pipeline.social.load_extra_data',
'social_auth.backends.pipeline.user.update_user_details'
)
# A sample logging configuration. The only tangible logging
# performed by this configuration is to send an email to
# the site admins on every HTTP 500 error.
# See http://docs.djangoproject.com/en/dev/topics/logging for
# more details on how to customize your logging configuration.
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'handlers': {
'mail_admins': {
'level': 'ERROR',
'class': 'django.utils.log.AdminEmailHandler'
},
'file':{
'level': 'DEBUG',
#'class': 'logging.handlers.RotatingFileHandler',
'class': 'logging.FileHandler',
'filename': '/var/log/hyperkitty/hyperkitty.log',
'formatter': 'verbose',
},
},
'loggers': {
'django.request': {
'handlers': ['file'],
'level': 'ERROR',
'propagate': True,
},
'django': {
'handlers': ['file'],
'level': 'ERROR',
'propagate': True,
},
'hyperkitty': {
'handlers': ['file'],
'level': 'DEBUG',
'propagate': True,
},
},
'formatters': {
'verbose': {
'format': '%(levelname)s %(asctime)s %(module)s %(process)d %(thread)d %(message)s'
},
'simple': {
'format': '%(levelname)s %(message)s'
},
},
}
APP_NAME = 'Fedora list archives'
KITTYSTORE_URL = 'postgres://kittystore:{{ lists_dev_ks_db_pass }}@localhost/kittystore'
USE_MOCKUPS = False

37
files/lists-dev/hyperkitty.urls.py
View file

@ -1,37 +0,0 @@
# -*- coding: utf-8 -*-
# Copyright (C) 1998-2012 by the Free Software Foundation, Inc.
#
# This file is part of HyperKitty.
#
# HyperKitty is free software: you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free
# Software Foundation, either version 3 of the License, or (at your option)
# any later version.
#
# HyperKitty is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
# more details.
#
# You should have received a copy of the GNU General Public License along with
# HyperKitty. If not, see <http://www.gnu.org/licenses/>.
import hyperkitty
from django.conf.urls.defaults import *
from django.conf import settings
# Uncomment the next two lines to enable the admin:
from django.contrib import admin
admin.autodiscover()
# Import mailman urls and set urlpatterns if you want to hook
# mailman_django into an existing django site.
# Otherwise set ROOT_URLCONF in settings.py to
# `mailman_django.urls`.
# from mailman_django import urls as mailman_urls
urlpatterns = patterns('',
url(r'^$', 'hyperkitty.views.pages.index'),
url(r'', include('hyperkitty.urls')),
)

8
files/lists-dev/index.html
View file

@ -1,8 +0,0 @@
<html>
<body>
<ul>
<li><a href="/hyperkitty">Archives</a></li>
<li><a href="/postorius">Management</a></li>
</ul>
</body>
</html>

25
files/lists-dev/mailman.cfg.j2
View file

@ -1,25 +0,0 @@
# This is the absolute bare minimum base configuration file. User supplied
# configurations are pushed onto this.
[mailman]
site_owner: root@localhost
# Set the paths to be Fedora-compliant
layout: fhs
[paths.fhs]
var_dir: /srv/persist/mailman
bin_dir: /usr/libexec/mailman
lock_dir: /run/lock/mailman
pid_file: /run/mailman/master.pid
[database]
class: mailman.database.postgresql.PostgreSQLDatabase
url: postgres://mailman:{{ lists_dev_mm_db_pass }}@localhost/mailman
[archiver.hyperkitty]
class: hyperkitty.archiver.Archiver
enable: yes
configuration: /etc/mailman.d/hyperkitty.cfg
#[archiver.prototype]
#enable: yes

7
files/lists-dev/pgpass.j2
View file

@ -1,4 +1,3 @@
*:*:mailman:mailman:{{ lists_dev_mm_db_pass }}
*:*:hyperkitty:hyperkitty:{{ lists_dev_hk_db_pass }}
*:*:kittystore:kittystore:{{ lists_dev_ks_db_pass }}
*:*:postorius:postorius:{{ lists_dev_ps_db_pass }}
*:*:mailman:mailmanadmin:{{ lists_dev_mm_db_pass }}
*:*:hyperkitty:hyperkittyadmin:{{ lists_dev_hk_db_pass }}
*:*:kittystore:kittystoreadmin:{{ lists_dev_ks_db_pass }}

694
files/lists-dev/postfix-main.cf.j2
View file

@ -1,694 +0,0 @@
# "false"
# Global Postfix configuration file. This file lists only a subset
# of all parameters. For the syntax, and for a complete parameter
# list, see the postconf(5) manual page (command: "man 5 postconf").
#
# For common configuration examples, see BASIC_CONFIGURATION_README
# and STANDARD_CONFIGURATION_README. To find these documents, use
# the command "postconf html_directory readme_directory", or go to
# http://www.postfix.org/.
#
# For best results, change no more than 2-3 parameters at a time,
# and test if Postfix still works after every change.
# SOFT BOUNCE
#
# The soft_bounce parameter provides a limited safety net for
# testing. When soft_bounce is enabled, mail will remain queued that
# would otherwise bounce. This parameter disables locally-generated
# bounces, and prevents the SMTP server from rejecting mail permanently
# (by changing 5xx replies into 4xx replies). However, soft_bounce
# is no cure for address rewriting mistakes or mail routing mistakes.
#
#soft_bounce = no
# LOCAL PATHNAME INFORMATION
#
# The queue_directory specifies the location of the Postfix queue.
# This is also the root directory of Postfix daemons that run chrooted.
# See the files in examples/chroot-setup for setting up Postfix chroot
# environments on different UNIX systems.
#
queue_directory = /var/spool/postfix
# The command_directory parameter specifies the location of all
# postXXX commands.
#
command_directory = /usr/sbin
# The daemon_directory parameter specifies the location of all Postfix
# daemon programs (i.e. programs listed in the master.cf file). This
# directory must be owned by root.
#
daemon_directory = /usr/libexec/postfix
# QUEUE AND PROCESS OWNERSHIP
#
# The mail_owner parameter specifies the owner of the Postfix queue
# and of most Postfix daemon processes. Specify the name of a user
# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS
# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In
# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED
# USER.
#
mail_owner = postfix
# The default_privs parameter specifies the default rights used by
# the local delivery agent for delivery to external file or command.
# These rights are used in the absence of a recipient user context.
# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER.
#
#default_privs = nobody
# INTERNET HOST AND DOMAIN NAMES
#
# The myhostname parameter specifies the internet hostname of this
# mail system. The default is to use the fully-qualified domain name
# from gethostname(). $myhostname is used as a default value for many
# other configuration parameters.
#
#myhostname = host.domain.tld
#myhostname = virtual.domain.tld
# The mydomain parameter specifies the local internet domain name.
# The default is to use $myhostname minus the first component.
# $mydomain is used as a default value for many other configuration
# parameters.
#
#mydomain = domain.tld
# SENDING MAIL
#
# The myorigin parameter specifies the domain that locally-posted
# mail appears to come from. The default is to append $myhostname,
# which is fine for small sites. If you run a domain with multiple
# machines, you should (1) change this to $mydomain and (2) set up
# a domain-wide alias database that aliases each user to
# user@that.users.mailhost.
#
# For the sake of consistency between sender and recipient addresses,
# myorigin also specifies the default domain name that is appended
# to recipient addresses that have no @domain part.
#
#myorigin = $myhostname
#myorigin = $mydomain
mydomain = fedoraproject.org
myorigin = fedoraproject.org
# RECEIVING MAIL
# The inet_interfaces parameter specifies the network interface
# addresses that this mail system receives mail on. By default,
# the software claims all active interfaces on the machine. The
# parameter also controls delivery of mail to user@[ip.address].
#
# See also the proxy_interfaces parameter, for network addresses that
# are forwarded to us via a proxy or network address translator.
#
# Note: you need to stop/start Postfix when this parameter changes.
#
#inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
inet_interfaces = all
# The proxy_interfaces parameter specifies the network interface
# addresses that this mail system receives mail on by way of a
# proxy or network address translation unit. This setting extends
# the address list specified with the inet_interfaces parameter.
#
# You must specify your proxy/NAT addresses when your system is a
# backup MX host for other domains, otherwise mail delivery loops
# will happen when the primary MX host is down.
#
#proxy_interfaces =
#proxy_interfaces = 1.2.3.4
# The mydestination parameter specifies the list of domains that this
# machine considers itself the final destination for.
#
# These domains are routed to the delivery agent specified with the
# local_transport parameter setting. By default, that is the UNIX
# compatible delivery agent that lookups all recipients in /etc/passwd
# and /etc/aliases or their equivalent.
#
# The default is $myhostname + localhost.$mydomain. On a mail domain
# gateway, you should also include $mydomain.
#
# Do not specify the names of virtual domains - those domains are
# specified elsewhere (see VIRTUAL_README).
#
# Do not specify the names of domains that this machine is backup MX
# host for. Specify those names via the relay_domains settings for
# the SMTP server, or use permit_mx_backup if you are lazy (see
# STANDARD_CONFIGURATION_README).
#
# The local machine is always the final destination for mail addressed
# to user@[the.net.work.address] of an interface that the mail system
# receives mail on (see the inet_interfaces parameter).
#
# Specify a list of host or domain names, /file/name or type:table
# patterns, separated by commas and/or whitespace. A /file/name
# pattern is replaced by its contents; a type:table is matched when
# a name matches a lookup key (the right-hand side is ignored).
# Continue long lines by starting the next line with whitespace.
#
# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS".
#
mydestination = $myhostname, lists-dev.cloud.fedoraproject.org,
localhost.$mydomain, localhost
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
# mail.$mydomain, www.$mydomain, ftp.$mydomain
# REJECTING MAIL FOR UNKNOWN LOCAL USERS
#
# The local_recipient_maps parameter specifies optional lookup tables
# with all names or addresses of users that are local with respect
# to $mydestination, $inet_interfaces or $proxy_interfaces.
#
# If this parameter is defined, then the SMTP server will reject
# mail for unknown local users. This parameter is defined by default.
#
# To turn off local recipient checking in the SMTP server, specify
# local_recipient_maps = (i.e. empty).
#
# The default setting assumes that you use the default Postfix local
# delivery agent for local delivery. You need to update the
# local_recipient_maps setting if:
#
# - You define $mydestination domain recipients in files other than
# /etc/passwd, /etc/aliases, or the $virtual_alias_maps files.
# For example, you define $mydestination domain recipients in
# the $virtual_mailbox_maps files.
#
# - You redefine the local delivery agent in master.cf.
#
# - You redefine the "local_transport" setting in main.cf.
#
# - You use the "luser_relay", "mailbox_transport", or "fallback_transport"
# feature of the Postfix local delivery agent (see local(8)).
#
# Details are described in the LOCAL_RECIPIENT_README file.
#
# Beware: if the Postfix SMTP server runs chrooted, you probably have
# to access the passwd file via the proxymap service, in order to
# overcome chroot restrictions. The alternative, having a copy of
# the system passwd file in the chroot jail is just not practical.
#
# The right-hand side of the lookup tables is conveniently ignored.
# In the left-hand side, specify a bare username, an @domain.tld
# wild-card, or specify a user@domain.tld address.
#
#local_recipient_maps = unix:passwd.byname $alias_maps
#local_recipient_maps = proxy:unix:passwd.byname $alias_maps
#local_recipient_maps =
# The unknown_local_recipient_reject_code specifies the SMTP server
# response code when a recipient domain matches $mydestination or
# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty
# and the recipient address or address local-part is not found.
#
# The default setting is 550 (reject mail) but it is safer to start
# with 450 (try again later) until you are certain that your
# local_recipient_maps settings are OK.
#
unknown_local_recipient_reject_code = 550
# TRUST AND RELAY CONTROL
# The mynetworks parameter specifies the list of "trusted" SMTP
# clients that have more privileges than "strangers".
#
# In particular, "trusted" SMTP clients are allowed to relay mail
# through Postfix. See the smtpd_recipient_restrictions parameter
# in postconf(5).
#
# You can specify the list of "trusted" network addresses by hand
# or you can let Postfix do it for you (which is the default).
#
# By default (mynetworks_style = subnet), Postfix "trusts" SMTP
# clients in the same IP subnetworks as the local machine.
# On Linux, this does works correctly only with interfaces specified
# with the "ifconfig" command.
#
# Specify "mynetworks_style = class" when Postfix should "trust" SMTP
# clients in the same IP class A/B/C networks as the local machine.
# Don't do this with a dialup site - it would cause Postfix to "trust"
# your entire provider's network. Instead, specify an explicit
# mynetworks list by hand, as described below.
#
# Specify "mynetworks_style = host" when Postfix should "trust"
# only the local machine.
#
#mynetworks_style = class
#mynetworks_style = subnet
#mynetworks_style = host
# Alternatively, you can specify the mynetworks list by hand, in
# which case Postfix ignores the mynetworks_style setting.
#
# Specify an explicit list of network/netmask patterns, where the
# mask specifies the number of bits in the network part of a host
# address.
#
# You can also specify the absolute pathname of a pattern file instead
# of listing the patterns here. Specify type:table for table-based lookups
# (the value on the table right-hand side is not used).
#
#mynetworks = 168.100.189.0/28, 127.0.0.0/8
#mynetworks = $config_directory/mynetworks
#mynetworks = hash:/etc/postfix/network_table
# The relay_domains parameter restricts what destinations this system will
# relay mail to. See the smtpd_recipient_restrictions description in
# postconf(5) for detailed information.
#
# By default, Postfix relays mail
# - from "trusted" clients (IP address matches $mynetworks) to any destination,
# - from "untrusted" clients to destinations that match $relay_domains or
# subdomains thereof, except addresses with sender-specified routing.
# The default relay_domains value is $mydestination.
#
# In addition to the above, the Postfix SMTP server by default accepts mail
# that Postfix is final destination for:
# - destinations that match $inet_interfaces or $proxy_interfaces,
# - destinations that match $mydestination
# - destinations that match $virtual_alias_domains,
# - destinations that match $virtual_mailbox_domains.
# These destinations do not need to be listed in $relay_domains.
#
# Specify a list of hosts or domains, /file/name patterns or type:name
# lookup tables, separated by commas and/or whitespace. Continue
# long lines by starting the next line with whitespace. A file name
# is replaced by its contents; a type:name table is matched when a
# (parent) domain appears as lookup key.
#
# NOTE: Postfix will not automatically forward mail for domains that
# list this system as their primary or backup MX host. See the
# permit_mx_backup restriction description in postconf(5).
#
#relay_domains = $mydestination
# INTERNET OR INTRANET
# The relayhost parameter specifies the default host to send mail to
# when no entry is matched in the optional transport(5) table. When
# no relayhost is given, mail is routed directly to the destination.
#
# On an intranet, specify the organizational domain name. If your
# internal DNS uses no MX records, specify the name of the intranet
# gateway host instead.
#
# In the case of SMTP, specify a domain, host, host:port, [host]:port,
# [address] or [address]:port; the form [host] turns off MX lookups.
#
# If you're connected via UUCP, see also the default_transport parameter.
#
#relayhost = $mydomain
#relayhost = [gateway.my.domain]
#relayhost = [mailserver.isp.tld]
#relayhost = uucphost
#relayhost = [an.ip.add.ress]
relayhost =
# REJECTING UNKNOWN RELAY USERS
#
# The relay_recipient_maps parameter specifies optional lookup tables
# with all addresses in the domains that match $relay_domains.
#
# If this parameter is defined, then the SMTP server will reject
# mail for unknown relay users. This feature is off by default.
#
# The right-hand side of the lookup tables is conveniently ignored.
# In the left-hand side, specify an @domain.tld wild-card, or specify
# a user@domain.tld address.
#
#relay_recipient_maps = hash:/etc/postfix/relay_recipients
# INPUT RATE CONTROL
#
# The in_flow_delay configuration parameter implements mail input
# flow control. This feature is turned on by default, although it
# still needs further development (it's disabled on SCO UNIX due
# to an SCO bug).
#
# A Postfix process will pause for $in_flow_delay seconds before
# accepting a new message, when the message arrival rate exceeds the
# message delivery rate. With the default 100 SMTP server process
# limit, this limits the mail inflow to 100 messages a second more
# than the number of messages delivered per second.
#
# Specify 0 to disable the feature. Valid delays are 0..10.
#
#in_flow_delay = 1s
# ADDRESS REWRITING
#
# The ADDRESS_REWRITING_README document gives information about
# address masquerading or other forms of address rewriting including
# username->Firstname.Lastname mapping.
masquerade_domains = redhat.com
masquerade_exceptions = root apache
# ADDRESS REDIRECTION (VIRTUAL DOMAIN)
#
# The VIRTUAL_README document gives information about the many forms
# of domain hosting that Postfix supports.
# "USER HAS MOVED" BOUNCE MESSAGES
#
# See the discussion in the ADDRESS_REWRITING_README document.
# TRANSPORT MAP
#
# See the discussion in the ADDRESS_REWRITING_README document.
# ALIAS DATABASE
#
# The alias_maps parameter specifies the list of alias databases used
# by the local delivery agent. The default list is system dependent.
#
# On systems with NIS, the default is to search the local alias
# database, then the NIS alias database. See aliases(5) for syntax
# details.
#
# If you change the alias database, run "postalias /etc/aliases" (or
# wherever your system stores the mail alias file), or simply run
# "newaliases" to build the necessary DBM or DB file.
#
# It will take a minute or so before changes become visible. Use
# "postfix reload" to eliminate the delay.
#
#alias_maps = dbm:/etc/aliases
alias_maps = hash:/etc/aliases
#alias_maps = hash:/etc/aliases, nis:mail.aliases
#alias_maps = netinfo:/aliases
# The alias_database parameter specifies the alias database(s) that
# are built with "newaliases" or "sendmail -bi". This is a separate
# configuration parameter, because alias_maps (see above) may specify
# tables that are not necessarily all under control by Postfix.
#
#alias_database = dbm:/etc/aliases
#alias_database = dbm:/etc/mail/aliases
alias_database = hash:/etc/aliases
#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases
# ADDRESS EXTENSIONS (e.g., user+foo)
#
# The recipient_delimiter parameter specifies the separator between
# user names and address extensions (user+foo). See canonical(5),
# local(8), relocated(5) and virtual(5) for the effects this has on
# aliases, canonical, virtual, relocated and .forward file lookups.
# Basically, the software tries user+foo and .forward+foo before
# trying user and .forward.
#
recipient_delimiter = +
# DELIVERY TO MAILBOX
#
# The home_mailbox parameter specifies the optional pathname of a
# mailbox file relative to a user's home directory. The default
# mailbox file is /var/spool/mail/user or /var/mail/user. Specify
# "Maildir/" for qmail-style delivery (the / is required).
#
#home_mailbox = Mailbox
#home_mailbox = Maildir/
# The mail_spool_directory parameter specifies the directory where
# UNIX-style mailboxes are kept. The default setting depends on the
# system type.
#
#mail_spool_directory = /var/mail
#mail_spool_directory = /var/spool/mail
# The mailbox_command parameter specifies the optional external
# command to use instead of mailbox delivery. The command is run as
# the recipient with proper HOME, SHELL and LOGNAME environment settings.
# Exception: delivery for root is done as $default_user.
#
# Other environment variables of interest: USER (recipient username),
# EXTENSION (address extension), DOMAIN (domain part of address),
# and LOCAL (the address localpart).
#
# Unlike other Postfix configuration parameters, the mailbox_command
# parameter is not subjected to $parameter substitutions. This is to
# make it easier to specify shell syntax (see example below).
#
# Avoid shell meta characters because they will force Postfix to run
# an expensive shell process. Procmail alone is expensive enough.
#
# IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN
# ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER.
#
#mailbox_command = /usr/bin/procmail
#mailbox_command = /some/where/procmail -a "$EXTENSION"
# The mailbox_transport specifies the optional transport in master.cf
# to use after processing aliases and .forward files. This parameter
# has precedence over the mailbox_command, fallback_transport and
# luser_relay parameters.
#
# Specify a string of the form transport:nexthop, where transport is
# the name of a mail delivery transport defined in master.cf. The
# :nexthop part is optional. For more details see the sample transport
# configuration file.
#
# NOTE: if you use this feature for accounts not in the UNIX password
# file, then you must update the "local_recipient_maps" setting in
# the main.cf file, otherwise the SMTP server will reject mail for
# non-UNIX accounts with "User unknown in local recipient table".
#
#mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
# If using the cyrus-imapd IMAP server deliver local mail to the IMAP
# server using LMTP (Local Mail Transport Protocol), this is prefered
# over the older cyrus deliver program by setting the
# mailbox_transport as below:
#
# mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
#
# The efficiency of LMTP delivery for cyrus-imapd can be enhanced via
# these settings.
#
# local_destination_recipient_limit = 300
# local_destination_concurrency_limit = 5
#
# Of course you should adjust these settings as appropriate for the
# capacity of the hardware you are using. The recipient limit setting
# can be used to take advantage of the single instance message store
# capability of Cyrus. The concurrency limit can be used to control
# how many simultaneous LMTP sessions will be permitted to the Cyrus
# message store.
#
# To use the old cyrus deliver program you have to set:
#mailbox_transport = cyrus
# The fallback_transport specifies the optional transport in master.cf
# to use for recipients that are not found in the UNIX passwd database.
# This parameter has precedence over the luser_relay parameter.
#
# Specify a string of the form transport:nexthop, where transport is
# the name of a mail delivery transport defined in master.cf. The
# :nexthop part is optional. For more details see the sample transport
# configuration file.
#
# NOTE: if you use this feature for accounts not in the UNIX password
# file, then you must update the "local_recipient_maps" setting in
# the main.cf file, otherwise the SMTP server will reject mail for
# non-UNIX accounts with "User unknown in local recipient table".
#
#fallback_transport = lmtp:unix:/var/lib/imap/socket/lmtp
#fallback_transport =
#transport_maps = hash:/etc/postfix/transport
# The luser_relay parameter specifies an optional destination address
# for unknown recipients. By default, mail for unknown@$mydestination,
# unknown@[$inet_interfaces] or unknown@[$proxy_interfaces] is returned
# as undeliverable.
#
# The following expansions are done on luser_relay: $user (recipient
# username), $shell (recipient shell), $home (recipient home directory),
# $recipient (full recipient address), $extension (recipient address
# extension), $domain (recipient domain), $local (entire recipient
# localpart), $recipient_delimiter. Specify ${name?value} or
# ${name:value} to expand value only when $name does (does not) exist.
#
# luser_relay works only for the default Postfix local delivery agent.
#
# NOTE: if you use this feature for accounts not in the UNIX password
# file, then you must specify "local_recipient_maps =" (i.e. empty) in
# the main.cf file, otherwise the SMTP server will reject mail for
# non-UNIX accounts with "User unknown in local recipient table".
#
#luser_relay = $user@other.host
#luser_relay = $local@other.host
#luser_relay = admin+$local
# JUNK MAIL CONTROLS
#
# The controls listed here are only a very small subset. The file
# SMTPD_ACCESS_README provides an overview.
# The header_checks parameter specifies an optional table with patterns
# that each logical message header is matched against, including
# headers that span multiple physical lines.
#
# By default, these patterns also apply to MIME headers and to the
# headers of attached messages. With older Postfix versions, MIME and
# attached message headers were treated as body text.
#
# For details, see "man header_checks".
#
header_checks = regexp:/etc/postfix/header_checks
# FAST ETRN SERVICE
#
# Postfix maintains per-destination logfiles with information about
# deferred mail, so that mail can be flushed quickly with the SMTP
# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld".
# See the ETRN_README document for a detailed description.
#
# The fast_flush_domains parameter controls what destinations are
# eligible for this service. By default, they are all domains that
# this server is willing to relay mail to.
#
#fast_flush_domains = $relay_domains
# SHOW SOFTWARE VERSION OR NOT
#
# The smtpd_banner parameter specifies the text that follows the 220
# code in the SMTP server's greeting banner. Some people like to see
# the mail version advertised. By default, Postfix shows no version.
#
# You MUST specify $myhostname at the start of the text. That is an
# RFC requirement. Postfix itself does not care.
#
#smtpd_banner = $myhostname ESMTP $mail_name
#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
# PARALLEL DELIVERY TO THE SAME DESTINATION
#
# How many parallel deliveries to the same user or domain? With local
# delivery, it does not make sense to do massively parallel delivery
# to the same user, because mailbox updates must happen sequentially,
# and expensive pipelines in .forward files can cause disasters when
# too many are run at the same time. With SMTP deliveries, 10
# simultaneous connections to the same domain could be sufficient to
# raise eyebrows.
#
# Each message delivery transport has its XXX_destination_concurrency_limit
# parameter. The default is $default_destination_concurrency_limit for
# most delivery transports. For the local delivery agent the default is 2.
#local_destination_concurrency_limit = 2
#default_destination_concurrency_limit = 20
# DEBUGGING CONTROL
#
# The debug_peer_level parameter specifies the increment in verbose
# logging level when an SMTP client or server host name or address
# matches a pattern in the debug_peer_list parameter.
#
debug_peer_level = 2
# The debug_peer_list parameter specifies an optional list of domain
# or network patterns, /file/name patterns or type:name tables. When
# an SMTP client or server host name or address matches a pattern,
# increase the verbose logging level by the amount specified in the
# debug_peer_level parameter.
#
#debug_peer_list = 127.0.0.1
#debug_peer_list = some.domain
# The debugger_command specifies the external command that is executed
# when a Postfix daemon program is run with the -D option.
#
# Use "command .. & sleep 5" so that the debugger can attach before
# the process marches on. If you use an X-based debugger, be sure to
# set up your XAUTHORITY environment variable before starting Postfix.
#
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
# If you can't use X, use this to capture the call stack when a
# daemon crashes. The result is in a file in the configuration
# directory, and is named after the process name and the process ID.
#
# debugger_command =
# PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont;
# echo where) | gdb $daemon_directory/$process_name $process_id 2>&1
# >$config_directory/$process_name.$process_id.log & sleep 5
#
# Another possibility is to run gdb under a detached screen session.
# To attach to the screen sesssion, su root and run "screen -r
# <id_string>" where <id_string> uniquely matches one of the detached
# sessions (from "screen -list").
#
# debugger_command =
# PATH=/bin:/usr/bin:/sbin:/usr/sbin; export PATH; screen
# -dmS $process_name gdb $daemon_directory/$process_name
# $process_id & sleep 1
# INSTALL-TIME CONFIGURATION INFORMATION
#
# The following parameters are used when installing a new Postfix version.
#
# sendmail_path: The full pathname of the Postfix sendmail command.
# This is the Sendmail-compatible mail posting interface.
#
sendmail_path = /usr/sbin/sendmail.postfix
# newaliases_path: The full pathname of the Postfix newaliases command.
# This is the Sendmail-compatible command to build alias databases.
#
newaliases_path = /usr/bin/newaliases.postfix
# mailq_path: The full pathname of the Postfix mailq command. This
# is the Sendmail-compatible mail queue listing command.
#
mailq_path = /usr/bin/mailq.postfix
# setgid_group: The group for mail submission and queue management
# commands. This must be a group name with a numerical group ID that
# is not shared with other accounts, not even with the Postfix account.
#
setgid_group = postdrop
# html_directory: The location of the Postfix HTML documentation.
#
html_directory = no
# manpage_directory: The location of the Postfix on-line manual pages.
#
manpage_directory = /usr/share/man
# sample_directory: The location of the Postfix sample configuration files.
# This parameter is obsolete as of Postfix 2.1.
#
sample_directory = /usr/share/doc/postfix-2.4.5/samples
# readme_directory: The location of the Postfix README files.
#
readme_directory = /usr/share/doc/postfix-2.4.5/README_FILES
# add this to new postfix to get it to add proper message-id and other
# headers to outgoing emails via the gateway.
message_size_limit = 20971520
# Mailman, see MTA.rst
owner_request_special = no
transport_maps = hash:{{mailman_vardir}}/data/postfix_lmtp
local_recipient_maps = hash:{{mailman_vardir}}/data/postfix_lmtp
relay_domains = hash:{{mailman_vardir}}/data/postfix_domains

26
files/lists-dev/postorius.apache.conf
View file

@ -1,26 +0,0 @@
#Alias /robots.txt /var/lib/postorius/sites/default/static/robots.txt
#Alias /favicon.ico /var/lib/postorius/sites/default/static/favicon.ico
Alias /postorius/static /var/lib/postorius/sites/default/static
#ErrorLog /var/log/httpd/postorius_error.log
#CustomLog /var/log/httpd/postorius_access.log combined
WSGIScriptAlias /postorius /etc/postorius/sites/default/srv/postorius.wsgi
WSGIDaemonProcess postorius threads=25 python-path=/etc/postorius/sites/default
# If using VirtualEnv
#WSGIDaemonProcess postorius threads=25 python-path=/etc/postorius/sites/default:/path/to/your/venv/lib/python2.X/site-packages
<Directory "/etc/postorius/sites/default/srv">
<Files postorius.wsgi>
Order deny,allow
Allow from all
Require all granted
</Files>
WSGIProcessGroup postorius
</Directory>
<Directory "/var/lib/postorius/sites/default/static">
Order deny,allow
Allow from all
Require all granted
</Directory>

20
files/lists-dev/postorius.initial-user.json
View file

@ -1,20 +0,0 @@
[
{
"fields": {
"date_joined": "2013-04-10T10:25:49.996",
"email": "root@lists-dev.cloud.fedoraproject.org",
"first_name": "List Admin",
"groups": [],
"is_active": true,
"is_staff": true,
"is_superuser": true,
"last_login": "2013-04-10T10:25:49.996",
"last_name": "",
"password": "pbkdf2_sha256$10000$uXnbYx0visOx$yux8mAZ2H/sjyCEYBvO3JEtJ7dmWfNMnvekQjePbue0=",
"user_permissions": [],
"username": "listadmin"
},
"model": "auth.user",
"pk": 1
}
]

34
files/lists-dev/postorius.settings_local.py.j2
View file

@ -1,34 +0,0 @@
#-*- coding: utf-8 -*-
"""
Django local settings for the postorious project.
"""
DEBUG = True
TEMPLATE_DEBUG = DEBUG
ADMINS = ()
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql_psycopg2',
'NAME': 'postorius',
'USER': 'postorius',
'PASSWORD': '{{ lists_dev_ps_db_pass }}',
'HOST': 'localhost',
'PORT': '',
}
}
# URL that handles the media served from STATIC_ROOT. Make sure to use a
STATIC_URL = '/postorius/static/'
# URL that handles the media served from MEDIA_ROOT. Make sure to use a
MEDIA_URL = '/postorius/media/'
# URL prefix for admin media -- CSS, JavaScript and images. Make sure to use a
# trailing slash.
# Examples: "http://foo.com/media/", "/media/".
ADMIN_MEDIA_PREFIX = '/postorius/static/admin/'
# Make this unique, and don't share it with anybody.
SECRET_KEY = '$!-7^wl#wiifjbh)5@f7ji%x!vp7s1vwt26hxvixq0u0'

38
files/lists-dev/postorius.urls.py
View file

@ -1,38 +0,0 @@
# -*- coding: utf-8 -*-
# Copyright (C) 1998-2012 by the Free Software Foundation, Inc.
#
# This file is part of Postorius.
#
# Postorius is free software: you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free
# Software Foundation, either version 3 of the License, or (at your option)
# any later version.
#
# Postorius is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
# more details.
#
# You should have received a copy of the GNU General Public License along with
# Postorius. If not, see <http://www.gnu.org/licenses/>.
import postorius
from django.conf.urls import *
from django.conf import settings
# Uncomment the next two lines to enable the admin:
from django.contrib import admin
admin.autodiscover()
# Import mailman urls and set urlpatterns if you want to hook
# mailman_django into an existing django site.
# Otherwise set ROOT_URLCONF in settings.py to
# `mailman_django.urls`.
# from mailman_django import urls as mailman_urls
urlpatterns = patterns('',
url(r'^$', 'postorius.views.list_index'),
url(r'', include('postorius.urls')),
url(r'', include('social_auth.urls')),
)

4
files/releng/fedmsg/endpoints.py
View file

@ -42,10 +42,6 @@ config = dict(
"tcp://app05.%s:300%i" % (non_phx_suffix, i)
for i in range(8)
],
"bodhi.app06": [
"tcp://app06.%s:300%i" % (non_phx_suffix, i)
for i in range(8)
],
"bodhi.app07": [
"tcp://app07.%s:300%i" % (suffix, i)
for i in range(8)

1
files/releng/fedmsg/ssl.py
View file

@ -6,7 +6,6 @@ app_hosts = [
"app03.phx2.fedoraproject.org",
"app04.phx2.fedoraproject.org",
"app05.fedoraproject.org",
"app06.fedoraproject.org",
"app07.phx2.fedoraproject.org",
"app08.fedoraproject.org",
]