Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
33349 commits 9 branches 0 tags 111 MiB
Commit graph

33349 commits

This branch
This branch
All branches
Author SHA1 Message Date
Adam Saleh
b8b001a70f Secret ref not indented properly for monitor dashboard 2020-10-20 13:48:35 +02:00
Adam Saleh
a920e43a92 Monitor dashboard secret needs to be a template 2020-10-20 13:40:58 +02:00
Adam Saleh
fd8b3327dd Monitor dashboard secret needs to be b64 encoded. 2020-10-20 13:38:52 +02:00
Adam Saleh
ec87b63acd Monitor dashboard secret needs to be b64 encoded. 2020-10-20 13:36:28 +02:00
Adam Saleh
c75d6cd6e4 Wirking around the datanommer password special chars for monitor dashboard by puttin it in env-var 2020-10-20 13:28:53 +02:00
Adam Saleh
81fb6eb6e7 On mkonecny advice, adding larger indent to monitor dashboard config. 2020-10-20 12:27:18 +02:00
Adam Saleh
7ad4ddc5c8 Maybe indent is needed for the monitor dashboard include to work? 2020-10-20 11:21:23 +02:00
Adam Saleh
a47f94ee4a The redeploy env-var for monitor dashboard should be string 2020-10-20 10:15:10 +02:00
Adam Saleh
dbeaf736d5 One more typo in monitor-dashboards. 2020-10-20 10:05:31 +02:00
Adam Saleh
e44f6e9a0c So this didn't interpret the damned thing as string? Will it help if I change it to j2? Strong dislike for ansible and jinja intensifies. Convention over configuration my @687240 2020-10-20 10:01:25 +02:00
Adam Saleh
5be5e63d8e With this fiddling around with monioring dashboards, I am starting to resent ansible. Can I have dry-run? 2020-10-20 09:51:46 +02:00
Adam Saleh
4cc4ae9053 Monitor dashboard template missing a macro. 2020-10-20 09:46:35 +02:00
Adam Saleh
6fb2ddb763 Monitor dashboard had template interpreted as plain file. 2020-10-20 09:42:20 +02:00
Adam Saleh
d532057da7 Wrong name for the monitor-dashboard datasource config 2020-10-20 09:21:59 +02:00
Adam Saleh
aa43609f6f Forgot to mark the value for monitor-dashboard load-file as string 2020-10-20 08:53:10 +02:00
Adam Saleh
b5102d6508 Monitor dashboards config shouldnt go through indent. 2020-10-19 22:51:09 +02:00
Adam Saleh
619fb93049 Monitor-dashboard file/template mixup. 2020-10-19 22:39:13 +02:00
Adam Saleh
5241c92d52 Added preset dashboards and a route. 2020-10-19 20:22:54 +00:00
Aurélien Bompard
5c3840d9fa
This should not be necessary 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-19 19:20:34 +02:00
Aurélien Bompard
0247d3d7f8
Set APP_MODULE 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-19 18:02:25 +02:00
Aurélien Bompard
e2f340ea01
Fix missing variable 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-19 17:54:47 +02:00
Aurélien Bompard
44d019e203
First try for the test-auth app 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-19 17:43:28 +02:00
Aurélien Bompard
dadb90e633
Missing part of bd1cc1d 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-16 09:36:03 +02:00
Kevin Fenzi
4c8d530926 inventory / staging: make sure buildvm-s390x-01.stg is in staging 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-10-15 19:18:55 -07:00
Kevin Fenzi
38e1eb3e4e bodhi / staging: adjust bodhi staging database to be the correct one. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-10-15 11:33:08 -07:00
Kevin Fenzi
2c15d84a87 openshift / bodhi / staging: adjust bodhi-web arguments to try and figure out why it's crashing on start 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-10-15 11:29:27 -07:00
Kevin Fenzi
dba7d2d870 inventory: pkgs and pkgs_stg variables 
Adjust pkgs prod to...what it actually already is.
Adjust stg to match prod so we can sync all the content to it.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-10-15 10:58:39 -07:00
Pavel Raiskup
cfee2bba99 copr-be: update the aarch64 aws image 
Fixes: rhbz#1887635
 2020-10-15 19:22:40 +02:00
Aurélien Bompard
e0918f5c96
Ipsilon: set the attribute mapping for openid too 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-15 19:05:08 +02:00
Aurélien Bompard
5078c95140
The ipsilon service is accessible from the ipsilon hosts, not the ipa hosts 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-15 18:51:12 +02:00
Aurélien Bompard
157f1d2d52
Ipsilon: improve the HBAC rule 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-15 18:46:51 +02:00
Aurélien Bompard
35f2aeb15d
Actually those tasks must be run on the IPA server 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-15 18:04:21 +02:00
Aurélien Bompard
2cc20bb1af
Ipsilon: create a HBAC rule 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-15 17:51:21 +02:00
Aurélien Bompard
bd1cc1d5f7
Allow redirect on usernames that have an underscore 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-15 17:25:23 +02:00
Aurélien Bompard
b219aad49f
Try to fix ipsilon's openid 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-15 16:45:20 +02:00
Aurélien Bompard
b75b580a49
Ipsilon: re-enable the alias for the well-known dir 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-15 15:07:49 +02:00
Aurélien Bompard
78ad8c102a
Ipsilon: fix access to the well-known dir 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-15 14:55:10 +02:00
Stephen Smoogen
6e54578608 Try to get retrace-stg to have vpn. 
Currently the retrace03 system is on the vpn while its variables state
vpn:false. I am forcing retrace-stg to have vpn as true to see if that
gets this box onto the VPN.

Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>
 2020-10-15 08:31:22 -04:00
Clement Verna
b52a7b7e22 Allow mattia to access bodhi in OpenShift (prod/stg) 
Signed-off-by: Clement Verna <cverna@tutanota.com>
 2020-10-15 08:36:32 +00:00
Kevin Fenzi
e59166aeac pkgs / staging: sort out staging certs and sites. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-10-14 16:20:32 -07:00
Kevin Fenzi
50cc7317bf certgetter / staging: drop certgetter01.stg 
We can just use the main one and not bother with a specific stg one

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-10-14 16:07:41 -07:00
Kevin Fenzi
ff0bf41f00 pkgs01 / staging: set correct db host 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-10-14 15:52:15 -07:00
Kevin Fenzi
150f53ecb0 Freeze Break Request: Update openshift ssl certs 
These certs are used for *.app.os.fedoraproject.org.
ie, things that don't also have/use a fedoraproject.org route.
THis includes the console and some apps that just never bothered to make
a fedoraproject route.

Fixes 9162

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-10-14 19:38:24 +00:00
Miroslav Suchý
1326be797a retrace: use podman for retracing 
this is submitted to upstream as well
 2020-10-14 21:02:00 +02:00
Stephen Smoogen
a01fa60589 correct problem with flipped ip addresses between centos-ipa-client01 and centos-ipa-client02 
Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>
 2020-10-14 13:26:42 -04:00
Kevin Fenzi
5c70045704 Update staging openshift ssl cert to new one. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-10-14 09:32:07 -07:00
Stephen Smoogen
7d2b81a658 Made whitespace change. 2020-10-14 10:37:01 -04:00
Stephen Smoogen
539cf52303 Add a host for CentOS testing of noggin 
This adds in for the staging environment a minimal system for centos
admins to test how items work in staging. Because this server will be
administered by CentOS, we only set up a minimal environment.

ToDo: Put in lines to get and copy the correct root ssh key into
/root/.ssh/authorized_keys for CentOS admins.

Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>
 2020-10-14 10:33:16 -04:00
Aurélien Bompard
e97aa82fc0
IPA: Don't allow all users to log into all hosts 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-14 14:44:45 +02:00
Aurélien Bompard
ca8a00dc54
Prepare FASJSON for the new certificate profile setting 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-14 11:47:58 +02:00