ansible

Author	SHA1	Message	Date
Randy Barlow	d51c1faf93	bodhi: Enable fm-consumer on bodhi backend servers. Signed-off-by: Randy Barlow <randy@electronsweatshop.com>	2019-05-09 22:22:50 +00:00
Randy Barlow	b3a4f6fa2f	bodhi: Deploy bodhi-4.0.0b0 to staging. A lot of things have changed in Bodhi 4.0.0, so I'm sure this commit isn't quite correct (too bad we can't easily test Ansible code before committing!) This adjusts the playbook to switch staging to Bodhi 4.0.0, which includes switching to fedora-messaging and a new logging config (Bodhi can now send rate-limited error e-mails!) Signed-off-by: Randy Barlow <randy@electronsweatshop.com>	2019-05-09 21:44:44 +00:00
Kevin Fenzi	82cb3bbf18	communishift: strike all that, we are going to take another tack here. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2019-05-09 21:20:40 +00:00
Kevin Fenzi	ca5cd86083	virthost-communishift: set virthost:true on these hosts. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2019-05-09 20:38:08 +00:00
Kevin Fenzi	13c5d78205	virthost-os*: add host vars with ip and such Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2019-05-09 20:27:26 +00:00
Kevin Fenzi	319d35e721	communishift: Hey look, a bunch of communishift nodes and virthosts and such. Note: This is not in the os-cluster playbook now except to install base items. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2019-05-09 20:15:35 +00:00
Randy Barlow	bd452c7f89	bodhi: Remove custom alembic. Bodhi uses the alembic provided by Fedora, so this custom one is no longer needed. Signed-off-by: Randy Barlow <randy@electronsweatshop.com>	2019-05-09 19:53:12 +00:00
Randy Barlow	f41415f729	bodhi: Remove bodhi_sar.py. bodhi_sar.py was replaced by bodhi-sar (shipped by upstream), so we don't need this file anymore. Signed-off-by: Randy Barlow <randy@electronsweatshop.com>	2019-05-09 19:51:20 +00:00
Patrick Uiterwijk	003519afdd	Allow specifying a route path Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 21:20:18 +02:00
Patrick Uiterwijk	30d9d21ceb	Use SSL for id.fp.o Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 20:37:17 +02:00
Patrick Uiterwijk	e67fc8ca91	Move ipsilon checks to proxies Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 20:35:05 +02:00
Patrick Uiterwijk	57069dba41	Retire ipsilon VMs Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 19:59:43 +02:00
Kevin Fenzi	7e18ec152d	mm-frontend-checkin01: add totpci to iptables so sudo will work. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2019-05-09 16:48:11 +00:00
Patrick Uiterwijk	305b40c916	ipsilon: fix bc Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 18:12:07 +02:00
Patrick Uiterwijk	9b4b708fc3	Set up krb5.conf for ipsilon Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 18:00:40 +02:00
Kevin Fenzi	df0cd4014a	nagios_client: The plugin is in the plugins dir. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2019-05-09 15:43:07 +00:00
Patrick Uiterwijk	5c33c6d6ea	ipsilon: update keytab path for openshift Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 17:10:34 +02:00
Patrick Uiterwijk	7034db58e3	ipsilon: Don't always start a new build Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 16:56:12 +02:00
Patrick Uiterwijk	354d53c8c2	Prepare for moving Ipsilon to openshift in prod Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 16:52:24 +02:00
Patrick Uiterwijk	06a40af89f	Remove ipsilon playbook Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 16:30:42 +02:00
Patrick Uiterwijk	5aa467f66e	ipsilon: enable deployment to production Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 16:08:14 +02:00
Patrick Uiterwijk	4b1f1d0581	Allow openshift into db-fas01.phx2 Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 16:06:44 +02:00
Patrick Uiterwijk	433270afac	ipsilon: move over definitely to openshift Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 16:02:46 +02:00
Patrick Uiterwijk	c2731b0ca0	ipsilon: move saml2 metadata to tempdir Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 15:58:28 +02:00
Patrick Uiterwijk	4d502c1827	Combine a lot of ipsilon build layers Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 15:49:32 +02:00
Patrick Uiterwijk	c0af4917f3	ipsilon: attempt move again Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 15:17:35 +02:00
Patrick Uiterwijk	f208989382	ipsilon: attempt move in stg to openshift Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 14:44:31 +02:00
Patrick Uiterwijk	c62cf8bf1d	ipsilon: move username.id mapping to ipsilon pods Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 14:38:10 +02:00
Patrick Uiterwijk	301e86a69a	Tell routers wildcard routes are acceptable Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2019-05-09 12:26:19 +00:00
Patrick Uiterwijk	c3ae810b86	ipsilon: use example instead of * Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2019-05-09 12:22:43 +00:00
Patrick Uiterwijk	2e099edfa4	ipsilon: add username route Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 14:19:32 +02:00
Patrick Uiterwijk	fa7c9891fa	In openshift, always use oidc.key Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 14:07:52 +02:00
Patrick Uiterwijk	2e9907e663	MAke openid-config available at canonical location Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 14:06:49 +02:00
Patrick Uiterwijk	7b04b1649d	Ipsilon is faster to start up than Bodhi if all goes right Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 13:59:05 +02:00
Patrick Uiterwijk	bbaa0f409b	openshift/project: fix if condition Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 13:54:16 +02:00
Patrick Uiterwijk	6fd848dbeb	Persona is dead. Nuke it Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 13:45:28 +02:00
Patrick Uiterwijk	446d00d549	Add tag to egresspolicy role Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 13:42:49 +02:00
Patrick Uiterwijk	72ac044a5e	openshift/project: simplify egresspolicy - different env db won't allow access anyway Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 13:41:55 +02:00
Patrick Uiterwijk	63451e80a1	Ipsilon has access to fas db Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 13:39:03 +02:00
Patrick Uiterwijk	8de1035266	Make the var into a default Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 13:35:39 +02:00
Patrick Uiterwijk	eac122c543	openshift/project: define default egress policy to prevent fas db access Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 13:32:55 +02:00
Patrick Uiterwijk	06307a788a	Allow -db-fas01.stg from openshift for ipsilon Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 13:20:47 +02:00
Patrick Uiterwijk	3f243e2112	ipsilon: specify host in original playbook Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2019-05-09 11:14:47 +00:00
Patrick Uiterwijk	ebf7677147	ipsilon: specify db_host Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2019-05-09 11:13:34 +00:00
Patrick Uiterwijk	eefdf5fd9d	ipsilon: set up wsgi config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2019-05-09 11:07:09 +00:00
Patrick Uiterwijk	f1d09db3a9	ipsilon: add mod_auth_gssapi Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2019-05-09 10:56:58 +00:00
Patrick Uiterwijk	420c1eaf00	ipsilon: do not use py3 yet Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2019-05-09 10:55:07 +00:00
Patrick Uiterwijk	655c0a63e4	Specify number of replicas Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 12:50:54 +02:00
Patrick Uiterwijk	db27331a16	ipsilon: Inject other secrets Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 12:49:02 +02:00
Patrick Uiterwijk	cadfe7c98a	ipsilon: attempt ansible lookup Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-05-09 12:45:42 +02:00

... 9 10 11 12 13 ...

27088 commits