ansible

Author	SHA1	Message	Date
Pierre-Yves Chibon	00804542f3	Revert "basessh/distgit: adjust the way ssh is configured for distgit" This is still being reviewed and wasn't meant to be pushed out yet This reverts commit `67844b4504`.	2021-04-03 19:10:54 +02:00
Pierre-Yves Chibon	9f335edcac	mirrormanager: do not include signed_fpca in the admin groups Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>	2021-04-03 19:09:00 +02:00
Pierre-Yves Chibon	67844b4504	basessh/distgit: adjust the way ssh is configured for distgit Basically, we are now installing a small wrapper in /usr/local/bin which just echoes to stdout what should be in the authorized_keys file for that user. That content is generated by retrieving the ssh key from sssd via the command sss_ssh_authorizedkeys as well as the usual ssh way to restrict the action an user/key can do: command="...". In this case, we're setting a couple of environment variable that are needed later on for things to work properly as well as only allow the user to call the aclchecker.py script provided by pagure. Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>	2021-04-03 19:01:38 +02:00
Pierre-Yves Chibon	0597180571	fedocal: look at deploying in openshift prod Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>	2021-04-02 11:18:26 +02:00
Pierre-Yves Chibon	4f103bce5c	fedocal: in openshift retrieve the agreements rather than CLA - new AAA Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>	2021-04-02 11:17:07 +02:00
Pierre-Yves Chibon	329cdbc683	fedocal: build from debug again... Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>	2021-04-02 10:30:03 +02:00
Pierre-Yves Chibon	d509f740b0	fedocal: build from the staging branch in staging Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>	2021-04-02 09:55:00 +02:00
Kevin Fenzi	373c11458c	openqa_lab_workers: add a ipa group for access with sysadmin-qa Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2021-04-01 17:48:19 -07:00
Adam Williamson	cd09666b16	Try and fix cecert definitions for openQA lab/stg Signed-off-by: Adam Williamson <awilliam@redhat.com>	2021-04-01 17:18:57 -07:00
Kevin Fenzi	c1324ea2bf	resultsdb: this host has vpn Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2021-04-01 16:56:02 -07:00
Kevin Fenzi	b4df850535	Revert "hosts: then and if swapped?" This reverts commit `b8f411c96b`.	2021-04-01 16:47:21 -07:00
Adam Williamson	dffebd91fe	Update openQA builds for staging again, right this time They're going to u-t too, but I want to deploy them without waiting. Signed-off-by: Adam Williamson <awilliam@redhat.com>	2021-04-01 16:28:46 -07:00
Kevin Fenzi	b8f411c96b	hosts: then and if swapped? Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2021-04-01 16:16:23 -07:00
Nils Philippsen	05f399851e	ipa/client: Don't apply hosts role on non-VPN hosts We don't want a custom /etc/hosts installed on every host, so bring back the conditional. Improves commit `7a2024398f`. Signed-off-by: Nils Philippsen <nils@redhat.com>	2021-04-02 00:13:18 +02:00
Kevin Fenzi	cdd7d76183	proxy06: remove duplicate dns variables Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2021-04-01 10:13:58 -07:00
Nils Philippsen	7a2024398f	hosts: do the right thing for VPN hosts Move the vpn ./. base logic from the ipa/client role into the hosts role, so that applying the latter doesn't apply the base profile on VPN hosts. Fixes: fedora-infrastructure#9822 Signed-off-by: Nils Philippsen <nils@redhat.com>	2021-04-01 16:31:59 +02:00
Nils Philippsen	6811f7df63	make-people-page: Update copyright statements Signed-off-by: Nils Philippsen <nils@redhat.com>	2021-04-01 10:05:30 +00:00
Nils Philippsen	1567f4d587	make-people-page: Remove stray trailing semicolon Signed-off-by: Nils Philippsen <nils@redhat.com>	2021-04-01 10:05:30 +00:00
Nils Philippsen	d80642e913	make-people-page: Move filtering out of template Signed-off-by: Nils Philippsen <nils@redhat.com>	2021-04-01 10:05:29 +00:00
Nils Philippsen	03beee66af	make-people-page: Catch some common problems Skip over home directories which are unowned or owned by someone else than the user, or if the user themselves is unknown, and report. Signed-off-by: Nils Philippsen <nils@redhat.com>	2021-04-01 10:05:29 +00:00
Nils Philippsen	84a5c6db9e	make-people-page: Loop over directories, not users With IPA, enumerating users isn't easy and potentially expensive. Loop over home directories instead. In the course, use pathlib.Path instead of legacy interfaces for paths and pwd.getpwnam() to get information about users instead of spawning external pipes. Signed-off-by: Nils Philippsen <nils@redhat.com>	2021-04-01 10:05:29 +00:00
Nils Philippsen	1ad70d6c81	make-people-page: Use renamed logotext image And use the Fedora blue as the background color of the page header. Signed-off-by: Nils Philippsen <nils@redhat.com>	2021-04-01 10:05:29 +00:00
Nils Philippsen	a64eb7b65e	make-people-page: Import one item per line Signed-off-by: Nils Philippsen <nils@redhat.com>	2021-04-01 10:05:29 +00:00
Nils Philippsen	440c7c7c1b	make-people-page: Use Python 3 Signed-off-by: Nils Philippsen <nils@redhat.com>	2021-04-01 10:05:29 +00:00
Pavel Raiskup	e7c08e5d33	copr-fe: use bash_profile, not bashrc	2021-04-01 11:30:03 +02:00
František Zatloukal	8dec01cb93	Revert "oraculum: Use a different branch on stg for test" This reverts commit `48af0e1675`.	2021-04-01 11:09:51 +02:00
Pavel Raiskup	de6b2cd7b0	copr-fe: typo in PG history file create	2021-04-01 10:53:16 +02:00
Pavel Raiskup	5184a2d111	copr-fe: fix creation of postgresql history file	2021-04-01 10:43:13 +02:00
Pavel Raiskup	00c619b151	copr-fe: allow easy PostgreSQL connection to copr-fe user	2021-04-01 10:30:05 +02:00
Pavel Raiskup	bc8b471253	copr-be-dev: try to enable messaging	2021-04-01 09:08:47 +02:00
Pavel Raiskup	5a61d7f43d	copr-be: never regress back to old novaclient We should really pay attention to use newer novaclient in the future, when we get back to some OpenStack cloud.	2021-04-01 09:02:07 +02:00
Patrick Uiterwijk	8979bb9a05	Import pre-prod bugzilla SAML data Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2021-04-01 07:35:24 +02:00
Kevin Fenzi	f3eb7ccaf8	ipa / client / sssd: ignore the named user in ipa as well to make named work on nameservers Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2021-03-31 17:09:02 -07:00
Kevin Fenzi	eeb798c778	os-nodes / staging: double memory and cpu Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2021-03-31 17:07:56 -07:00
Kevin Fenzi	5ab37b2d23	proxy12: drop duplicate dns lines from host vars Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2021-03-31 15:37:55 -07:00
Kevin Fenzi	0a53920236	ipsilon: up number of processes to handle more load Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2021-03-31 13:52:20 -07:00
Stephen Smoogen	bba58ea4c1	Fix some problems with the previous git merge with the proxy host_vars. Add in a public_hostname for all proxies	2021-03-31 16:44:17 -04:00
Stephen Smoogen	4104b9463c	try to standardize the proxy configs	2021-03-31 16:25:36 -04:00
Stephen Smoogen	6e46f502d7	missed the other osuosl system also proxy09	2021-03-31 16:13:58 -04:00
Stephen Smoogen	4165dd808b	missed proxy06 when doing the mass updates for network_connections	2021-03-31 16:01:46 -04:00
Bogdan Benea	6498334184	moved another batch of servers	2021-03-31 19:45:33 +00:00
Bogdan Benea	b05ff8be08	another batch of servers added	2021-03-31 19:45:33 +00:00
Bogdan Benea	7e76c7146c	fixed indentation according with yaml best practices	2021-03-31 19:45:33 +00:00
Bogdan Benea	6ec5ec01b9	fixed wrong state for eth0 (up instead of down)	2021-03-31 19:45:33 +00:00
Bogdan Benea	ec54469e8e	another batch of servers migrated	2021-03-31 19:45:32 +00:00
Bogdan Benea	c4e2a1b908	a few more servers migrated	2021-03-31 19:45:32 +00:00
Bogdan Benea	9118edf6c7	Another batch of servers	2021-03-31 19:45:32 +00:00
Bogdan Benea	58bda34047	updated a batch of servers	2021-03-31 19:45:32 +00:00
Bogdan Benea	92f2691138	changed config for buildhw-x86-01.iad2	2021-03-31 19:45:32 +00:00
Jan Kuparinen	2d95392296	proxy01.iad2.fedoraproject.org moved to linux-system-roles networking	2021-03-31 15:40:56 -04:00

1 2 3 4 5 ...

34634 commits