Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
29534 commits 9 branches 0 tags 111 MiB
Commit graph

79 commits

Author SHA1 Message Date
Mikolaj Izdebski
07fe534564 openvpn/server: Remove Koschei CCD files 2020-04-24 21:34:11 +02:00
Stephen Smoogen
ed6ff61a6f [repospanner] add vpn push files for hosts 2019-03-22 19:19:33 +00:00
Rick Elrod
baf7ab6181 move this to cc-rdu01 
Signed-off-by: Rick Elrod <relrod@redhat.com>
 2019-02-20 02:25:24 +00:00
David Shier
c0f45892ff Removed all traces i could fild of the tagger and statscache (and stats_cache for databases) in ansible, proxy configs, and the nagios config. Pursuant to request in pagzre issue https://pagure.io/fedora-infrastructure/issue/7267 . - Odin2016 2018-10-03 17:50:38 +00:00
Kevin Fenzi
6ca94af4e4 Openshift redeploy to production. 
Add 3 more nodes (we might use one later for staging)
move to latest openshift ansible
Change config to do multitenant, have logs and other config tweaks.
 2018-09-27 21:04:49 +00:00
Kevin Fenzi
d84e1df896 Rename the openvpn ccd file so the new oci-candidate-registry01 gets the right vpn ip 2018-08-22 14:49:04 +00:00
Rick Elrod
9a5b1cdc29 update vpn creds 
Signed-off-by: Rick Elrod <relrod@redhat.com>
 2018-08-21 18:54:46 +00:00
Kevin Fenzi
aae396bee5 add repospanner instance 2018-08-11 10:24:34 +00:00
Stephen Smoogen
7d853af43b how this worked before is not good 2018-07-10 19:02:14 +00:00
Stephen Smoogen
3db30a5396 add in ccd for download server 2018-07-01 23:28:55 +00:00
Rick Elrod
ffcafa61da add ccd for smtp-mm-cc-rdu01 
Signed-off-by: Rick Elrod <relrod@redhat.com>
 2018-06-28 19:12:28 +00:00
Mikolaj Izdebski
0879897677 Add missing openvpn config for koschei-web02 2018-05-22 04:02:38 +00:00
Patrick Uiterwijk
c3e5a23426 Add ccd files 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-11-23 14:19:11 +00:00
Patrick Uiterwijk
50b92d5e54 Nuke transitional datanommer and new db-datanommer01 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-10-17 22:36:16 +00:00
Patrick Uiterwijk
466f5c184d add transitional-datanommer01 ccd file 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-10-05 11:25:46 +00:00
Patrick Uiterwijk
d318a7a2b0 Add certgetter01 ccd file 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-09-09 23:27:40 +00:00
Ralph Bean
e6e1faded6 VPN ccd entries for odcs and freshmaker. 2017-08-31 14:48:44 +00:00
Kevin Fenzi
ab36495dd9 add vpn client and ccd files for os cluster 2017-08-22 21:40:12 +00:00
Ricky Elrod
627708c0ba Initial attempt at docker-registry02.phx2 and docker-registry03.phx2 
Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
 2017-07-19 18:15:59 +00:00
Patrick Uiterwijk
4cc1b78ff3 Check the certificate key usage 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-05-14 20:57:39 +00:00
Ricky Elrod
6b09124d2f add ccd for ci-cc-rdu01.fedoraproject.org 
Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
 2017-05-10 20:19:34 +00:00
Stephen Smoogen
36b265bb4b we have a new nagios vpn 2017-03-17 18:29:37 +00:00
Ricky Elrod
077087828a add ccd for modernpaste02 
Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
 2017-02-28 06:00:00 +00:00
Stephen Smoogen
3cb4f2a75f and remove its little doggies too <<cackle>> 2017-02-22 20:32:01 +00:00
Ricky Elrod
3e66902fd4 add ccd for modernpaste01 
Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
 2017-02-15 23:40:51 +00:00
Ralph Bean
bafba7f9a7 VPN ccd files for MBS frontend. 2017-01-10 17:03:24 +00:00
Tim Flink
67271dd51b adding vpn config for qa-prod01.qa 2016-12-16 01:35:06 +00:00
Stephen Smoogen
f3daded24a and we have new data for vpns 2016-12-01 21:55:02 +00:00
Stephen Smoogen
12a7979213 update files to put basics for proxy13/proxy14 into being 2016-12-01 17:46:58 +00:00
Patrick Uiterwijk
326a6e42da Create ccd files 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-10-13 14:37:15 +00:00
Kevin Fenzi
12ed1dd6f7 Update out vpn configs for better encryption. 2016-08-31 18:50:14 +00:00
Patrick Uiterwijk
135f18c726 Docke-candidate-registry ccd file 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-08-18 15:49:53 +00:00
Patrick Uiterwijk
eacefedadf Add osbs-master01 ccd file 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-07-14 13:01:21 +00:00
Patrick Uiterwijk
bb82361a04 Create docker-registry01 vpn config 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-07-12 17:14:35 +00:00
Patrick Uiterwijk
b6eb15c0ee Create mm-frontend-checkin01 
This server should be regarded as untrusted.

Related: CVE-2016-1000003
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-06-17 19:54:43 +00:00
Kevin Fenzi
7a10cd6b2f Drop mm-crawler03 - ticket 4877 2016-05-26 17:02:52 +00:00
Mikolaj Izdebski
c61b2f0e17 Remove VPN config for old Koschei host 2016-05-12 15:46:10 +00:00
Kevin Fenzi
e297178539 Add vpn ccd for koschei-web01 2016-05-12 15:33:08 +00:00
Stephen Smoogen
10d5884bd5 remove the old rdu download boxes we will decommission 2016-05-04 15:18:35 +00:00
Patrick Uiterwijk
e78464fff2 Create OpenVPN config for basset01 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-04-14 23:38:36 +00:00
Tim Flink
fb21045a5b adding vpn server side config for beaker01.qa 2016-04-14 19:56:40 +00:00
Patrick Uiterwijk
7861d0cc75 Create OpenVPN config for basset01 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-03-17 22:49:01 +00:00
Ralph Bean
3d53824019 vpn ccd file for zanata2fedmsg01. 2016-03-03 20:30:21 +00:00
Ralph Bean
33028dfd9f openvpn ccd files for pdc nodes. 2016-01-04 21:52:18 +00:00
Tim Flink
39ddb15e92 adding openqa01.qa to vpn 2015-12-01 21:59:11 +00:00
Kevin Fenzi
08b8ba352a Add hosts file and vpn ccd for mdapi01 2015-11-17 17:28:50 +00:00
Patrick Uiterwijk
8c9fcd56d1 Add mirrorlist-ibiblio02 vpn ccd 2015-10-25 00:54:36 +00:00
Patrick Uiterwijk
b1db3bafd8 Disable persist-tun for openvpn 
This should solve the issue where RHEL7 machines that get a network
hiccup need an OpenVPN restart to restore their routes.

The code is broken in the current upstream OpenVPN release, such that
it does tear down some of the routes during a ping-restart (when the
connection is dropped due to network hiccups), but the reconnection
code does not restore the routes.
I am working on an upstream patch to fix this, but in the meantime
disabling persist-tun will make sure that OpenVPN does the entire
initialization upon reconnection, which makes sure that all routes
are created.

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-10-21 18:26:32 +00:00
Kevin Fenzi
301a9cea82 Add first cut at a infinote server (config to come) 2015-10-09 19:03:59 +00:00
Ralph Bean
c891127d1a Add CCD files for statscache-web. 2015-10-09 18:17:21 +00:00