Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
42837 commits 9 branches 0 tags 111 MiB
Commit graph

42837 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jakub Kadlcik
abee7a2c5f logdetective: install certbot package 2025-03-28 23:37:33 +01:00
Adam Williamson
7b84f30429 openqa/server: switch prod to OAuth2 
Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2025-03-28 14:37:00 -07:00
Adam Williamson
5da2faac67 openqa/server: allow OAuth2 authentication, enable on lab 
OpenID support in FAS is going away. openQA has OAuth2 support.
I've tested this config to work with manual edits on lab, now
ansiblizing it (for lab only to start with).

Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2025-03-28 13:40:57 -07:00
Adam Williamson
721ffe0df4 proxies: drop caiapi 
this isn't a thing any more.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2025-03-28 18:11:11 +00:00
Adam Williamson
4cd3765cd0 ipsilon: drop obsolete config for beaker and dead bugzillas 
We haven't had a beaker since 2018 or so, and none of these
various staging/test/dev bugzilla instances exist any more.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2025-03-28 18:04:30 +00:00
Kevin Fenzi
b1363750ce waiverdb: also delete the playbook play referring to the template that was just removed 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-03-28 11:00:34 -07:00
Lukas Holecek
6426d72854 waiverdb: Remove unnecessary image build 2025-03-28 17:55:33 +00:00
Kevin Fenzi
1d882f1aee matrix clients: update well-known endpoints for new element call 
Per EMS support, updating these to allow clients to use
the new element call setup.

See:
https://matrix.org/blog/2025/03/21/this-week-in-matrix-2025-03-21/#dept-of-voip-call-me-hand
and
https://ems-docs.element.io/books/element-cloud-documentation/page/ems-server-with-custom-domain

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-03-28 10:02:32 -07:00
David Kirwan
df246f9ffc
forgejo: add the template for creating the PostgresCluster 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2025-03-28 14:10:33 +00:00
Aurélien Bompard
17cd3edbc7
Create missing dir 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2025-03-28 14:50:37 +01:00
Aurélien Bompard
292c7f6c6e
Deploy journal-to-fedora-messaging on IPA (staging for now) 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2025-03-28 12:37:56 +01:00
Aurélien Bompard
9c5d4f0768
Repair logging in rabbitmq 
We had set the wrong file context for log files.
This changes is followed by these commands:

- `ansible -m command rabbitmq\* -a 'semanage fcontext -d -t var_log_t "/var/log/rabbitmq(/.*)?"'`
- `ansible -m command rabbitmq\* -a 'restorecon -v -R /var/log/rabbitmq'`

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2025-03-28 12:10:47 +01:00
Lukas Holecek
2a49ea6cea resultsdb: Make logs more verbose and include user-agents 2025-03-28 07:14:56 +00:00
Kevin Fenzi
33415d8399 proxies: riscv reverse proxies are not on ocp4 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-03-27 15:39:00 -07:00
Kevin Fenzi
5505dff89c bvmhost-p09-04/05: no nbde here 
I had reinstalled these both with no encryption in an attempt to see if
I could get more performance from them. Since we moved to iscsi this is
moot, and we should probibly reinstall them like the others again, but
for now just disable nbde so everything works with the playbook.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-03-27 15:11:49 -07:00
Kevin Fenzi
1cc761ac9b compose-eln01: this is using primary koji 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-03-27 13:39:49 -07:00
Kevin Fenzi
b462a186ee batcave / ansible_server: pin 2 collections that we want specifc versions of. 
We want to pin to these versions as the ones that get pulled in by other
collections are too new and don't support our ansible-core version.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-03-27 12:30:54 -07:00
Michal Konecny
c3dac79544 [mailman3] Another missed variable rename 
Fixing failing CI is not easy
 2025-03-27 13:56:08 +00:00
Greg Sutcliffe
e2f51bea3b resultsdb: Another bump to MPM Worker config to improve stability 2025-03-27 13:42:46 +00:00
Michal Konecny
3eec83ec9a [mailman3] Fix the incorrect variable names 2025-03-27 13:50:25 +01:00
Michal Konecny
a807fb3d4f [mailman3] Create gunicorn configuration file 
To make changing the gunicorn configuration more easily let's move
configuration values from systemd service to separate configuration
file.

The file will live in /etc/mailman3/gunicorn.conf.py.
 2025-03-27 13:01:13 +01:00
Kevin Fenzi
f256adda6e bvmhost-p09: also enable nbde here 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-03-26 17:48:52 -07:00
Kevin Fenzi
1f2bba4489 bvmhost-a64 / buildhw-a64: enable nbde role here as well 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-03-26 16:17:37 -07:00
Kevin Fenzi
de320e8298 bvmhost-a64-04: try and enable the nbde handling 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-03-26 16:05:28 -07:00
Greg Sutcliffe
9f431805ec nagios: Update authorized user lists 2025-03-26 21:16:13 +00:00
Kevin Fenzi
82f85d89ad compose / staging: these are primary koji instances 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-03-26 10:30:51 -07:00
Michal Konecny
1459e74b5a [pagure] Tweak the performance of httpd server 
Today the pagure started to be unresponsive. After few hours of
debugging we narrowed the issue to worker limit. We tweaked the value to
something that should be more responsive and it helped.

Here is the PR to make the change permanent.

Thanks @gwmngilfen and @nphillip for help with that.
 2025-03-26 14:03:34 +00:00
Pavel Raiskup
33e01feafc copr-frontend: upgrade using dnf command 
The Ansible dnf module still fails to update packages to the latest
versions, for an unknown reason.
 2025-03-26 08:06:49 +01:00
Pavel Raiskup
d2873f81f7 copr-frontend: try to expire all caches 
Ansible still doesn't update the packages :-(
 2025-03-26 08:03:40 +01:00
Pavel Raiskup
0f07d5c9d0 copr-frontend: update dnf caches when updating packages 2025-03-26 08:00:09 +01:00
Ryan Lerch
8778ac0afd forgejo: disable non-admin users being able to make orgs 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-03-26 15:28:10 +10:00
James Antill
f74cd17a23 Add regexp to drop spaces from hostnames in prompts, for add_host. 
Signed-off-by: James Antill <james@and.org>
 2025-03-25 20:36:02 -04:00
James Antill
aa5691d1b5 Add regexp to drop spaces from hostnames in prompts. 
Signed-off-by: James Antill <james@and.org>
 2025-03-25 20:00:53 -04:00
Jakub Kadlcik
6d9ff9b5f2 backend: add trailing slash if needed 
Otherwise we can redirect to something like this:

https://console.redhat.com/api/pulp-content/public-copr-stage@copr/TEST1742912352410340284-storage-pulp/fedora-41-x86_64/
 2025-03-25 19:44:25 +01:00
Kevin Fenzi
4ab30bdc37 backup: also add nbde role to backup server 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-03-25 11:33:11 -07:00
Kevin Fenzi
f54142e770 backup: add serial console config here 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-03-25 11:29:59 -07:00
Jakub Kadlcik
a6b86224fb copr: rename STG pulp domain 2025-03-25 15:01:07 +01:00
Jakub Kadlcik
5f7d5bda78 copr-fe-dev: fix pulp content URL 2025-03-25 14:22:35 +01:00
Jakub Kadlcik
22b6e9e2fe copr-be: use production pulp instance but stg domain 2025-03-25 14:09:11 +01:00
Jakub Kadlcik
9cfa240dd8 logdetective01, logdetective02: add sgallagh and mmassari as admins 2025-03-25 13:30:21 +01:00
Ryan Lerch
d20ff483b9 forgejo: try max_repo_limit 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-03-25 20:14:25 +10:00
Michal Konecny
daeaceaae5 [poddlers] Enable the FAS group sync on production 
Till now the automatic group sync was only working on staging. This
should enable it on production as well.
 2025-03-25 09:47:46 +00:00
Jakub Kadlcik
0fac971004 copr-be: start using Pulp certs also for STG 
We still need to fix the base_url
 2025-03-25 10:42:27 +01:00
Jakub Kadlcik
661ddacb55 copr-be: install pulp certificates also on STG 2025-03-25 10:17:23 +01:00
Kevin Fenzi
a4985b880b proxies / riscv-kojipkgs: try and get it to use the right template 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-03-24 16:44:12 -07:00
Kevin Fenzi
3c4d4250c0 proxies / riscv-kojipkgs: also need to set proxyurl 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-03-24 16:34:02 -07:00
Kevin Fenzi
81ca9bd8a1 proxies: add a riscv-kojipkgs virthost/proxy 
We are actually just pointing these to the hub for now, but we have them
seperated in case we want to make a seperate kojipkgs for this.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-03-24 16:23:11 -07:00
Josef Skladanka
1219776da7 Add lbrabec as appowner to FQA apps 2025-03-24 22:30:11 +01:00
James Antill
7f429f3d13 Clean nftables var. for specific staging groups. 
Signed-off-by: James Antill <james@and.org>
 2025-03-24 16:18:48 -04:00
James Antill
3d695e58b3 Turn on nftables for all of staging. 
Signed-off-by: James Antill <james@and.org>
 2025-03-24 15:13:35 -04:00