Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
36775 commits 9 branches 0 tags 111 MiB
Commit graph

36775 commits

This branch
This branch
All branches
Author SHA1 Message Date
Pavel Raiskup
47f1841494 copr/certbot: revert the automatic backup/restore of certs 
For synchronizing from host A to host B we would have to have SSH
configured from A to B or from B to A (which we don't, and we don't even
want to).  The slurp solution would work, but certbot is pretty picky
WRT the restored /etc/letsencrypt directory (structure, filenames,
symlinks..).
 2022-01-30 23:02:51 +01:00
Pavel Raiskup
38d6b8cc89 copr/certbot: missing tags/conditions 2022-01-30 22:13:45 +01:00
Pavel Raiskup
4044e7e518 copr/certbot: use rsync for copying the files 
And copy the whole directory structure.
 2022-01-30 22:09:42 +01:00
Pavel Raiskup
d257b20d2b copr/certbot: fixup prefix (it matters) 2022-01-30 21:13:21 +01:00
Pavel Raiskup
8d81803886 copr/certbot: combined.pem might be a symlink 2022-01-30 21:08:03 +01:00
Pavel Raiskup
9a49c2f1b4 copr/certbot: typo #2 2022-01-30 21:05:57 +01:00
Pavel Raiskup
0053ecf583 copr/certbot: typo 2022-01-30 21:02:55 +01:00
Pavel Raiskup
af11469b14 copr/certbot: better restoration 
Certbot expects that the files in live/ directory are symlinks.
 2022-01-30 21:00:43 +01:00
Pavel Raiskup
43ee0392b4 copr/certbot: fixup cert restoration 
- no need to create another live/ sub-directory
- don't run the reload script when restored from backups
 2022-01-30 20:08:40 +01:00
Pavel Raiskup
4adada983a copr/backend: restore letsencrypt cert from backup 2022-01-30 20:02:33 +01:00
Pavel Raiskup
cf15e43af2 copr/backend: tag certbot tasks 2022-01-30 18:58:20 +01:00
Pavel Raiskup
6ed3c7d48e copr/certbot: tag the import as "always" 2022-01-30 18:55:08 +01:00
Pavel Raiskup
5c1bb52029 copr/certbot: tag all the certbot tags 2022-01-30 18:54:15 +01:00
Pavel Raiskup
9ce266360f copr/certbot: support certificate backup 2022-01-30 18:51:09 +01:00
Adrian Reber
23adf9ca69
MM: Minor propagation script fixes 
Signed-off-by: Adrian Reber <adrian@lisas.de>
 2022-01-30 14:05:01 +01:00
Adrian Reber
b7f0305f1b
Add CentOS to MM propagation scan 
Signed-off-by: Adrian Reber <adrian@lisas.de>
 2022-01-29 10:05:14 +01:00
Kevin Fenzi
7512abc21b virthost-rdu01: let us only have one gateway please 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-01-28 09:44:48 -08:00
Zack Zlotnik
57f873d5ef fedora-coreos-pipeline: Add Zack Zlotnik (zzlotnik) 2022-01-28 16:28:21 +00:00
Adrian Reber
0025435b1c Add epel to MM propagation scans 
Signed-off-by: Adrian Reber <adrian@lisas.de>
 2022-01-28 17:09:37 +01:00
Pavel Raiskup
90cc321464 copr-be: deploy F35 builders to production 2022-01-28 14:48:00 +01:00
Silvie Chlupova
69573e6561 copr: don't ask before overwriting 2022-01-28 13:27:23 +01:00
Silvie Chlupova
23232d6eb7 copr: add renaming of textfile_collector files to a cronjob 2022-01-28 13:19:12 +01:00
Pavel Raiskup
24ea84effa copr-be-dev: update F35 images once more 
- AWS images have a frozen kernel for now (rhbz#2047266)
- others have disabled systemd-resolved
 2022-01-28 12:36:12 +01:00
Pedro Moura
44e4ab11c9 removed epel8-playground from scripts 
Signed-off-by: Pedro Moura <pmoura@redhat.com>
 2022-01-28 11:10:23 +00:00
Silvie Chlupova
e5c0c0ef3e copr: add path to monitoring.py script 2022-01-28 12:09:50 +01:00
Pavel Raiskup
a03f1f2ada copr-builders: don't update kernel-core in AWS images (again) 
https://bugzilla.redhat.com/show_bug.cgi?id=2047266
 2022-01-28 12:08:37 +01:00
Silvie Chlupova
e398df9222 copr: use textfile_collector also on devel for now 2022-01-28 11:48:37 +01:00
Pavel Raiskup
4a9c664ece copr: appropriate place for copr_builder_fedora_version default 2022-01-28 11:45:19 +01:00
Silvie Chlupova
53646d2a0f copr: use textfile_collector only on production 2022-01-28 11:43:11 +01:00
Pavel Raiskup
896f38a347 copr-hypervisors: define undefined variable 
It is sometimes not needed, so default it to 0.
 2022-01-28 11:31:21 +01:00
Silvie Chlupova
f871660fcc copr: add generating prometheus metrics to frontend 2022-01-28 10:20:56 +00:00
Pavel Raiskup
532b3cad10 copr-hypervisor: disable auth key fixes, take #2 2022-01-28 11:08:21 +01:00
Pavel Raiskup
b76e1b92c8 copr-hypervisor: temporarily disable auth keys modifications 2022-01-28 10:23:29 +01:00
Pavel Raiskup
55e2d07b72 copr-hypervisor: upload-qcow2-images: upload to OSUOSL as RAW 2022-01-28 09:33:23 +01:00
Kevin Fenzi
ab961cc73a koji hub/web: set processes and threads for wsgi 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-01-27 14:16:09 -08:00
Kevin Fenzi
aaa520c953 koji: try setting some wsgi params in koji 
This was suggested in https://pagure.io/koji/issue/3220
basically seperating koji web and koji xmlrpc from each other.
This is going to be tested first in staging.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-01-27 13:16:41 -08:00
Pete Buffon
7248eeb87c changed eth0_ip to eth0_ipv4_ip for group_vars/all virtinstall commands + cleaned up aarch64-test02.fedorainfracloud.org 2022-01-27 20:45:34 +00:00
Dusty Mabe
401bfb6fd1
fedora-coreos-pipeline: add more team members to appowners 2022-01-27 13:51:17 -05:00
Kevin Fenzi
57f0d4fdb6 wildcard-2022.fedoraproject.org cert 
This is the renewed version of the old 2020 cert.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-01-27 10:37:27 -08:00
Pavel Raiskup
984aae8ee4 copr-builders: fix broken production s390x spawner 
Those files are baked into the s390x image.
 2022-01-27 16:23:41 +01:00
Michael Scherer
989b0c433d Fix pagure templating to take its own IP v6 in account 
ssh git@pagure.io was broken (no longer accepting ssh connection).
A quick debug show that it was caused by the helper script not working,
showing a 403 error. And the httpd logs were complaining about
authorized IPs not present in the configuration.

The root cause is in 938e63fa71 as the variables were renamed
from eth0_ip and eth0_ipv6 to eth0_ipv4_ip and eth0_ipv6_ip

Then pagure config got regenerated later and this triggered the
bug preventing people from pushing.
 2022-01-27 15:53:38 +01:00
Pavel Raiskup
4d04c9a631 copr-builders: patch rpkg-util only on f35 2022-01-27 10:56:59 +01:00
Kevin Fenzi
f6cee06c5c inventory: have to adjust this to be a group 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-01-26 14:35:09 -08:00
Kevin Fenzi
fbb4e4691f Adjust the list of hosts that do not use linux-system-roles/network 
In addition to the cloud_aws group, we want to exclude ibiblio virthosts
as they use bonding and thats a more complex setup. Someday we should
get it working here.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-01-26 14:09:43 -08:00
Kevin Fenzi
d87aeef77a add some missing hosts vars for some a64 bvmhosts 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-01-26 14:02:37 -08:00
Kevin Fenzi
dba1e99477 dedicatedsolutions01: fix ipv6 nm 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-01-26 13:58:06 -08:00
Kevin Fenzi
e5be97ffc4 fix typo 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-01-26 13:22:31 -08:00
Kevin Fenzi
19889ef877 fix more gateways and a mac address 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-01-26 13:19:45 -08:00
Kevin Fenzi
88ee2b23ce ns05: fix ipv6 gateway 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-01-26 13:16:18 -08:00
Kevin Fenzi
0d4a922068 buildvm-s390x-01.stg: use correct subnet 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-01-26 12:48:05 -08:00