Turns out there was a z/vm and a kvm version of this host with both of
them using the same ip address. ;( Lets kill off the kvm one for now and
use just the z/vm one.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Seems like with lighttpd v1.4.61 we finally can match the index file
request against the rewritten url, so it is secure! This allows us to
prettily restrict the configuration to load the php script from only one
possible location.
This caused a bit of trouble since I disabled nosync in the kojibuilder
role. I think applied that with -t site-defaults, which updated
everything, _including_ bkernel machines. Sadly, bkernel machines have
additional config in site-defaults to allow for secure boot signing and
this was lost. So, make sure only the bkernel role changes site-defaults
on bkernel machines and also drop nosync from it's private config.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Originally added as: d03a23530d
Though that commit was probably related to OpenStack networking we had
those days. The traffic from Copr builders will have to be filtered-out
based on a specific UserAgent (or something alike), once we are on
the issue https://pagure.io/copr/copr/issue/1263
Currently gmail is throttling emails from fedoraproject.org, so the new
user tokens time out before they reach the new user. Bump this up to an
hour for now until the gmail issue is over.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
There were plenty of changes till the last release and this commit is
updating the current production configuration to reflect changes made
for staging.
Release of the-new-hotness 1.0.0.
Signed-off-by: Michal Konečný <mkonecny@redhat.com>
nosync has some glibc symbols that break when doing older chroots on f35
hosts. This breaks epel7 builds for example.
https://bugzilla.redhat.com/show_bug.cgi?id=2019329
So, until thats sorted, disable nosync
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
The buildhw-x86 blades also can enable serial console for ipmi/sol.
Rework this to handle the fedora case of options not being in
/etc/grub2-efi.cfg anymore.
Also set both serial S0 and S1 enabled, since some hardware seems to use
one and some uses the other.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
I haven't realized this can actually be done (mod_accesslog supports
error.log, too). And this finally _should be_ the working solution
for now. At least till we rework the hitcounter entirely, to also
support the AWS CloudFronts logs:
https://pagure.io/copr/copr/issue/1263
This will allow us to never reload the Lighty server processes for the
log rotation purposes, which turned out to be very problematic for no
obvious reason. Simply, when the Lighty server is under certain
"production" load (not reproducible via /bin/ab), Lighty fails to reload
(both on SIGHUP and SIGUSR1 signals). Something simply hangs the
processes.
If I had to guess, writes to the pipe to the cronolog process are
blocked causing some weird deadlock? Since we still have to SIGHUP the
cronolog process, Lighty fails to handle both (a) SIGHUP/SIGUSR1 and (b)
detect cronolog exitted at the same time? But I'm tired of the
debugging this now.
This is just cleaning up the mess of the bad parameter from
earlier, run of this play broke halfway through, need to do the
remaining half without choking on this part.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
For some reason here the bridge has a different mac address than the
interface that it's using to talk to the network.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
