infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions

Fix majority of remaining yamllint warnings and errors

Browse source 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
This commit is contained in:
Ryan Lercho 2024-11-27 13:48:08 +10:00
parent 1073f70bce
commit 89f6f1fc32
591 changed files with 1491 additions and 1168 deletions
Download patch file Download diff file Expand all files Collapse all files

7
.yamllint.yaml
View file

@ -14,9 +14,10 @@ rules:
spaces: 2
indent-sequences: whatever
level: warning
line-length:
max: 100
level: warning
line-length: disable
# line-length:
# max: 100
# level: warning
truthy:
allowed-values: ['true', 'false', 'yes', 'no']
...

1
files/communishift/objects/oidc_cm.yml
View file

@ -1,3 +1,4 @@
---
apiVersion: config.openshift.io/v1
kind: OAuth
metadata:

10
handlers/restart_services.yml
View file

@ -1,7 +1,7 @@
########################################
# Handlers for restarting services
#
---
- name: reload systemd
command: systemctl daemon-reload
@ -75,14 +75,14 @@
- name: restart openvpn (Fedora)
when: ansible_distribution == "Fedora"
action: service name=openvpn-client@openvpn state=restarted
#notify:
#- fix openvpn routing
# notify:
# - fix openvpn routing
- name: restart openvpn (RHEL7+)
when: ansible_distribution == "RedHat" and ansible_distribution_major_version|int >= 7
action: service name=openvpn-client@openvpn state=restarted
#notify:
#- fix openvpn routing
# notify:
# - fix openvpn routing
- name: fix openvpn routing
action: shell /etc/openvpn/fix-routes.sh

2
main.yml
View file

@ -21,7 +21,7 @@
- import_playbook: /srv/web/infra/ansible/playbooks/groups/busgateway.yml
- import_playbook: /srv/web/infra/ansible/playbooks/groups/certgetter.yml
- import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-backend.yml
#- import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-db.yml
# - import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-db.yml
- import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-dist-git.yml
- import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-frontend.yml
- import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-hypervisor.yml

6
playbooks/groups/pkgs.yml
View file

@ -76,8 +76,7 @@
mnt_dir: '/srv/cache/lookaside',
nfs_src_dir:
'fedora_sourcecache',
# yamllint disable rule:commas
nfs_mount_opts='rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3'
nfs_mount_opts='rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3' # yamllint disable-line rule:commas rule:indentation
}
- {
role: nfs/client,
@ -86,8 +85,7 @@
mnt_dir: '/srv/cache/lookaside_prod',
nfs_src_dir:
'fedora_sourcecache',
# yamllint disable rule:commas
nfs_mount_opts='ro,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3'
nfs_mount_opts='ro,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3' # yamllint disable-line rule:commas rule:indentation
}
- role: distgit/pagure
- role: distgit

2
roles/abrt/faf-post/tasks/main.yml
View file

@ -9,7 +9,7 @@
state: directory
owner: faf
group: faf
mode: 0750
mode: "0750"
when: env != 'staging'
- import_tasks: cron.yml

10
roles/abrt/faf-pre/tasks/main.yml
View file

@ -28,18 +28,18 @@
- { src: "{{private}}/files/rabbitmq/{{env}}/pki/ca.crt",
dest: "ca.crt",
owner: faf,
mode: 0644
}
mode: "0644"
}
- { src: "{{private}}/files/rabbitmq/{{env}}/pki/private/faf{{env_suffix}}.key",
dest: "faf.key",
owner: faf,
mode: "600"
}
}
- { src: "{{private}}/files/rabbitmq/{{env}}/pki/issued/faf{{env_suffix}}.crt",
dest: "faf.crt",
owner: faf,
mode: 0644
}
mode: "0644"
}
# landing page
- name: install abrt-server-info-page

4
roles/abrt/faf-pre/tasks/ssl.yml
View file

@ -7,14 +7,14 @@
- letsencrypt is defined
- name: stop httpd when letsencrypt has not been run
service:
service:
name: httpd
state: stopped
when:
- letsencrypt is defined
- not item.stat.exists
with_items: "{{ le_stat_checks.results }}"
- name: install letsencrypt ssl certificates for dev
include_role: name=copr/certbot

9
roles/abrt/faf/.github/workflows/ansible-lint.yml vendored
View file

@ -1,10 +1,11 @@
---
name: Check Ansible Role
on:
on: # yamllint disable-line rule:truthy
push:
branches: [ master ]
branches: [master]
pull_request:
branches: [ master ]
branches: [master]
jobs:
lint:
@ -17,7 +18,7 @@ jobs:
# This can be pinned to a specific tag after something newer than v4.1.0.post0 materializes.
# https://github.com/ansible/ansible-lint-action/commit/91db49755c0e720d9eac9d3a481c227d3d14faf6
- name: Lint
- name: Lint
uses: ansible/ansible-lint-action@master
with:
targets: ./

6
roles/abrt/faf/defaults/main.yml
View file

@ -39,7 +39,7 @@ faf_web_on_root: false
# [MAIN]
faf_plugins_dir: /etc/faf/plugins/
faf_templates_dir: /etc/faf/templates/
faf_autoenableplugins: False
faf_autoenableplugins: false
# [STORAGE]
# variables used to automatically create a connectstring
@ -62,11 +62,11 @@ faf_from: no-reply@localhost
# [uREPORT]
faf_spool_dir: /var/spool/faf
faf_create_components: False
faf_create_components: false
# Allow uReports without affected package - meaning that crashing code was
# not packaged
faf_allow_unpackaged: False
faf_allow_unpackaged: false
###########################
# faf-webui configuration #

16
roles/abrt/faf/meta/main.yml
View file

@ -6,13 +6,13 @@ galaxy_info:
license: BSD
min_ansible_version: 2.5
platforms:
- name: EL
versions:
- 8
- name: Fedora
versions:
- 29
- 30
- name: EL
versions:
- 8
- name: Fedora
versions:
- 29
- 30
galaxy_tags:
- web
- web
dependencies: []

1
roles/abrt/faf/tasks/celery.yml
View file

@ -1,3 +1,4 @@
---
- name: install faf web celery packages
package:
name: "{{ faf_web_celery_packages }}"

2
roles/abrt/faf/tasks/check_web.yml
View file

@ -1,6 +1,6 @@
# check web functionality
#
---
- name: Set URL facts
set_fact:
main_url: "https://{{ ansible_default_ipv4.address }}{{ url_suffix }}"

2
roles/abrt/faf/tasks/config.yml
View file

@ -11,7 +11,7 @@
path: /etc/fedora-messaging/
owner: root
group: root
mode: 0755
mode: "0755"
state: directory
when: faf_with_fedmsg|bool

1
roles/abrt/faf/tasks/main.yml
View file

@ -1,3 +1,4 @@
---
- import_tasks: install.yml
tags: [faf, faf_install, packages]

2
roles/abrt/faf/tasks/web.yml
View file

@ -1,4 +1,4 @@
---
- name: Set url_suffix fact
set_fact:
url_suffix: ""

1
roles/abrt/requirements.yml
View file

@ -1,4 +1,5 @@
# Install a role from GitHub
---
- name: faf
src: https://github.com/abrt/ansible-role-faf.git
version: master

8
roles/abrt/retrace-post/tasks/retrace_setup.yml
View file

@ -1,6 +1,6 @@
---
#long running tasks - run them in background - we do not actually care about the results
# long running tasks - run them in background - we do not actually care about the results
- name: reposync for fedora
shell: nohup retrace-server-reposync fedora {{ item[0] }} {{ item[1] }} </dev/null >$(mktemp /tmp/ansible.reposync_for_fedoraXXXXXX.log) &
loop: "{{ rs_internal_fedora_vers | product(rs_internal_arch_list) | list }}"
@ -20,20 +20,20 @@
- file:
path: /srv/retrace/repos
state: directory
mode: 0755
mode: "0755"
owner: retrace
group: retrace
- file:
path: /srv/retrace/tasks
state: directory
mode: 0755
mode: "0755"
owner: retrace
group: retrace
- file:
path: /srv/retrace/hardlink-local
state: directory
mode: 0755
mode: "0755"
owner: retrace
group: retrace

6
roles/abrt/retrace-pre/tasks/main.yml
View file

@ -47,7 +47,7 @@
file:
path: /srv/retrace/repos
state: directory
mode: 0755
mode: "0755"
owner: retrace
group: retrace
@ -55,13 +55,13 @@
file:
path: /srv/retrace/tasks
state: directory
mode: 0755
mode: "0755"
owner: retrace
group: retrace
- file:
path: /srv/retrace/hardlink-local
state: directory
mode: 0755
mode: "0755"
owner: retrace
group: retrace

9
roles/abrt/retrace/.github/workflows/ansible-lint.yml vendored
View file

@ -1,10 +1,11 @@
---
name: Check Ansible Role
on:
on: # yamllint disable-line rule:truthy
push:
branches: [ master ]
branches: [master]
pull_request:
branches: [ master ]
branches: [master]
jobs:
lint:
@ -15,7 +16,7 @@ jobs:
- name: Check out sources
uses: actions/checkout@v2
- name: Lint
- name: Lint
uses: ansible/ansible-lint-action@master
with:
targets: ./

20
roles/abrt/retrace/meta/main.yml
View file

@ -5,14 +5,14 @@ galaxy_info:
license: BSD
min_ansible_version: 2.8
platforms:
- name: EL
versions:
- 7
- 8
- name: Fedora
versions:
- 33
- 34
- 35
- name: EL
versions:
- 7
- 8
- name: Fedora
versions:
- 33
- 34
- 35
galaxy_tags:
- system
- system

6
roles/abrt/retrace/tasks/config.yml
View file

@ -3,19 +3,19 @@
template:
src: etc-retrace-server.conf.j2
dest: /etc/retrace-server/retrace-server.conf
mode: 0644
mode: "0644"
notify: restart httpd
- name: retrace-server http config
template:
src: retrace-server-httpd.conf.j2
dest: /etc/httpd/conf.d/retrace-server-httpd.conf
mode: 0644
mode: "0644"
notify: restart httpd
- name: configure retrace-server hooks config
template:
src: etc-retrace-server-hooks.conf.j2
dest: /etc/retrace-server/retrace-server-hooks.conf
mode: 0644
mode: "0644"
notify: restart httpd

1
roles/ansible-osbuild-worker/meta/main.yml
View file

@ -1,3 +1,4 @@
---
galaxy_info:
role_name: osbuild_worker
namespace: osbuild

1
roles/apache/handlers/main.yml
View file

@ -1,2 +1,3 @@
---
- name: restart apache
command: /usr/local/bin/conditional-restart.sh httpd httpd

2
roles/apache/tasks/main.yml
View file

@ -15,7 +15,7 @@
package:
state: present
name:
- mod_http2
- mod_http2
tags:
- packages
- apache

766
roles/apps-fp-o/files/apps.yaml
View file

@ -1,7 +1,4 @@
%YAML 1.2
# This file is managed in two places, please keep them synchronised:
# - https://pagure.io/fedora-infra/ansible/blob/main/f/roles/apps-fp-o/files/apps.yaml
# - https://github.com/fedora-infra/apps.fp.o/blob/develop/data/apps.yaml
---
name: Fedora Apps
data:
@ -13,59 +10,57 @@ children:
- name: Accounts
data:
description: >
Tools for everybody -- use these things to manage your Fedora
Account.
Tools for everybody -- use these things to manage your Fedora
Account.
children:
- name: FedoraPeople
data:
url: https://fedorapeople.org
user_url: https://{user}.fedorapeople.org
status_mappings: ['people']
description: >
- name: FedoraPeople
data:
url: https://fedorapeople.org
user_url: https://{user}.fedorapeople.org
status_mappings: [people]
description: >
Being a community member you gain access to fedorapeople which
provides you with a space on the web where you can upload
files to share them with the community.
- name: Fedora Accounts
data:
url: https://accounts.fedoraproject.org/
user_url: https://accounts.fedoraproject.org/user/{user}
source_url: https://github.com/fedora-infra/noggin/
bugs_url: https://github.com/fedora-infra/noggin/issues/
docs_url: https://noggin-aaa.readthedocs.io/en/latest/
sops:
- https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/fas-notes.html
- https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/fas-openid.html
- https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/accountdeletion.html
- https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/nonhumanaccounts.html
status_mappings: ['fas']
description: >
- name: Fedora Accounts
data:
url: https://accounts.fedoraproject.org/
user_url: https://accounts.fedoraproject.org/user/{user}
source_url: https://github.com/fedora-infra/noggin/
bugs_url: https://github.com/fedora-infra/noggin/issues/
docs_url: https://noggin-aaa.readthedocs.io/en/latest/
sops:
- https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/fas-notes.html
- https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/fas-openid.html
- https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/accountdeletion.html
- https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/nonhumanaccounts.html
status_mappings: [fas]
description: >
Fedora Accounts. Update your profile
information and apply for membership in groups.
- name: Notifications
data:
icon: fedmsg.png
url: https://notifications.fedoraproject.org/
source_url: https://github.com/fedora-infra/fmn/
bugs_url: https://github.com/fedora-infra/fmn/issues/
docs_url: https://fmn.readthedocs.io/
sops:
- https://docs.fedoraproject.org/en-US/infra/sysadmin_guide/fmn/
status_mappings: ['fedmsg']
description: >
- name: Notifications
data:
icon: fedmsg.png
url: https://notifications.fedoraproject.org/
source_url: https://github.com/fedora-infra/fmn/
bugs_url: https://github.com/fedora-infra/fmn/issues/
docs_url: https://fmn.readthedocs.io/
sops: [https://docs.fedoraproject.org/en-US/infra/sysadmin_guide/fmn/]
status_mappings: [fedmsg]
description: >
Centrally managed preferences for Fedora Infrastructure
notifications to your inbox, irc client, and mobile device.
- name: Badges
status_mappings: ['badges']
data:
icon: badges.png
url: https://badges.fedoraproject.org
user_url: https://badges.fedoraproject.org/user/{user}
source_url: https://github.com/fedora-infra/tahrir/
bugs_url: https://github.com/fedora-infra/tahrir/issues/
docs_url: https://tahrir.readthedocs.org/en/latest/
sops:
- https://infrastructure.fedoraproject.org/infra/docs/badges.rst
description: >
- name: Badges
status_mappings: [badges]
data:
icon: badges.png
url: https://badges.fedoraproject.org
user_url: https://badges.fedoraproject.org/user/{user}
source_url: https://github.com/fedora-infra/tahrir/
bugs_url: https://github.com/fedora-infra/tahrir/issues/
docs_url: https://tahrir.readthedocs.org/en/latest/
sops: [https://infrastructure.fedoraproject.org/infra/docs/badges.rst]
description: >
An achievements system for Fedora Contributors! "Badges"
are awarded based on activity in the community. Can you
unlock them all?
@ -75,71 +70,69 @@ children:
- name: Content
data:
description: >
Tools for wordsmiths -- the apps that store and archive the troves
of content that Fedora authors produce. Blog posts, the wiki, and
more..
Tools for wordsmiths -- the apps that store and archive the troves
of content that Fedora authors produce. Blog posts, the wiki, and
more..
children:
- name: Ask Fedora
data:
icon: ask_fedora.png
url: https://ask.fedoraproject.org/
source_url: https://github.com/askbot/askbot-devel
bugs_url: https://github.com/askbot/askbot-devel/issues/
docs_url: http://askbot.org/doc/index.html
sops:
- https://infrastructure.fedoraproject.org/infra/docs/askbot.rst
status_mappings: ['ask']
description: >
- name: Ask Fedora
data:
icon: ask_fedora.png
url: https://ask.fedoraproject.org/
source_url: https://github.com/askbot/askbot-devel
bugs_url: https://github.com/askbot/askbot-devel/issues/
docs_url: http://askbot.org/doc/index.html
sops: [https://infrastructure.fedoraproject.org/infra/docs/askbot.rst]
status_mappings: [ask]
description: >
Any question at all about Fedora? Ask it here.
- name: The Wiki
data:
icon: mediawiki.png
url: https://fedoraproject.org/wiki
user_url: https://fedoraproject.org/wiki/User:{user}
source_url: https://www.mediawiki.org/
bugs_url: https://www.mediawiki.org/wiki/Phabricator#Get_started
docs_url: https://www.mediawiki.org/wiki/Sysadmin_hub
sops:
- https://infrastructure.fedoraproject.org/infra/docs/wiki.rst
status_mappings: ['wiki']
description: >
- name: The Wiki
data:
icon: mediawiki.png
url: https://fedoraproject.org/wiki
user_url: https://fedoraproject.org/wiki/User:{user}
source_url: https://www.mediawiki.org/
bugs_url: https://www.mediawiki.org/wiki/Phabricator#Get_started
docs_url: https://www.mediawiki.org/wiki/Sysadmin_hub
sops: [https://infrastructure.fedoraproject.org/infra/docs/wiki.rst]
status_mappings: [wiki]
description: >
Maintain your own user profile page, contribute to
documents about features, process, and governance.
- name: Fedora Magazine
data:
icon: magazine.png
url: https://fedoramagazine.org
docs_url: https://codex.wordpress.org/
- name: Fedora Magazine
data:
icon: magazine.png
url: https://fedoramagazine.org
docs_url: https://codex.wordpress.org/
# We don't have a SOP for the magazine yet.
# https://pagure.io/fedora-infrastructure/issue/5149
# sops:
# - put the url here
description: >
description: >
Fedora Magazine is a WordPress-based site which delivers all
the news of the Fedora Community. (It replaces the previous
Fedora Weekly News.)
- name: The Planet
data:
icon: planet_logo.png
url: http://fedoraplanet.org
docs_url: https://www.intertwingly.net/code/venus/
sops:
- https://infrastructure.fedoraproject.org/infra/docs/planetsubgroup.rst
description: >
- name: The Planet
data:
icon: planet_logo.png
url: http://fedoraplanet.org
docs_url: https://www.intertwingly.net/code/venus/
sops:
- https://infrastructure.fedoraproject.org/infra/docs/planetsubgroup.rst
description: >
The planet is a blog aggregator, a space accessible to you
as a community member where you can express your opinion and
talk about what you are doing for Fedora.
- name: Docs
data:
url: https://docs.fedoraproject.org
status_mappings: ['docs']
- name: Docs
data:
url: https://docs.fedoraproject.org
status_mappings: [docs]
# TODO - add the docs_url. I asked pete travis for info on this
# docs_url: put the url here
# TODO - add a sop.
# https://pagure.io/fedora-infrastructure/issue/5150
# sops:
# - add the sop url here.
description: >
description: >
RTFM! Everything you could ever want to know.
Probably the best place to find documentation about Fedora,
including the changes between releases (and a big kudos to
@ -148,92 +141,91 @@ children:
- name: QA
data:
description: >
Tools for testers -- the people who tell us its broken so we can
fix it.
Tools for testers -- the people who tell us its broken so we can
fix it.
children:
- name: Problem Tracker
data:
url: https://retrace.fedoraproject.org
package_url: https://retrace.fedoraproject.org/faf/reports/?component_names={package}
source_url: https://github.com/abrt/retrace-server/
bugs_url: https://github.com/abrt/retrace-server/issues
docs_url: https://abrt.readthedocs.org/en/latest/howitworks.html#faf
- name: Problem Tracker
data:
url: https://retrace.fedoraproject.org
package_url: https://retrace.fedoraproject.org/faf/reports/?component_names={package}
source_url: https://github.com/abrt/retrace-server/
bugs_url: https://github.com/abrt/retrace-server/issues
docs_url: https://abrt.readthedocs.org/en/latest/howitworks.html#faf
# TODO - write SOPs for this
# https://pagure.io/fedora-infrastructure/issue/5151
# sops:
# - url goes here
# - and another one goes here
description: >
description: >
The Problem Tracker is a platform for collecting and
analyzing package crashes reported via ABRT (Automatic Bug
Reporting Tool). It makes it easy to see what problems
users are hitting the most, and allows you to filter them
by Fedora release, associate, or component.
- name: Blocker Bugs
data:
url: https://qa.fedoraproject.org/blockerbugs
source_url: https://pagure.io/fedora-qa/blockerbugs
bugs_url: https://pagure.io/fedora-qa/blockerbugs
docs_url: https://tflink.fedorapeople.org/blockerbugs/docs/
sops:
- https://infrastructure.fedoraproject.org/infra/docs/blockerbugs.rst
status_mappings: ['blockerbugs']
description: >
- name: Blocker Bugs
data:
url: https://qa.fedoraproject.org/blockerbugs
source_url: https://pagure.io/fedora-qa/blockerbugs
bugs_url: https://pagure.io/fedora-qa/blockerbugs
docs_url: https://tflink.fedorapeople.org/blockerbugs/docs/
sops:
- https://infrastructure.fedoraproject.org/infra/docs/blockerbugs.rst
status_mappings: [blockerbugs]
description: >
The Fedora Blocker Bug Tracker tracks release blocking bugs
and related updates in Fedora releases currently under
development.
- name: Bugzilla
data:
icon: bugzilla.png
url: https://bugzilla.redhat.com
package_url: >
- name: Bugzilla
data:
icon: bugzilla.png
url: https://bugzilla.redhat.com
package_url: >
https://bugzilla.redhat.com/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Fedora&product=Fedora%20EPEL&query_format=advanced&component={package}
description: >
description: >
The Fedora Community makes use of a bugzilla instance
run by Red Hat. Notice something wrong with a Fedora
package? You can file an official bug here.
- name: Review Status
data:
url: https://fedoraproject.org/PackageReviewStatus/
package_url: >
- name: Review Status
data:
url: https://fedoraproject.org/PackageReviewStatus/
package_url: >
https://bugzilla.redhat.com/buglist.cgi?component=Package%20Review&query_format=advanced&short_desc_type=allwordssubstr&short_desc={package}
# TODO - write the SOP for this
# https://pagure.io/fedora-infrastructure/issue/5152
# sops:
# - url goes here
description: >
description: >
These pages contain periodically generated reports with
information on the current state of all Fedora <strong>package review
tickets</strong> -- a super useful window on bugzilla.
- name: Kerneltest
data:
icon: tux.png
url: https://apps.fedoraproject.org/kerneltest
source_url: https://github.com/jmflinuxtx/kerneltest-harness
bugs_url: https://github.com/jmflinuxtx/kerneltest-harness/issues
docs_url: https://fedoraproject.org/wiki/KernelTestingInitiative
sops:
- https://infrastructure.fedoraproject.org/infra/docs/kerneltest-harness.rst
description: >
- name: Kerneltest
data:
icon: tux.png
url: https://apps.fedoraproject.org/kerneltest
source_url: https://github.com/jmflinuxtx/kerneltest-harness
bugs_url: https://github.com/jmflinuxtx/kerneltest-harness/issues
docs_url: https://fedoraproject.org/wiki/KernelTestingInitiative
sops:
- https://infrastructure.fedoraproject.org/infra/docs/kerneltest-harness.rst
description: >
As part of the <a
href="https://fedoraproject.org/wiki/KernelTestingInitiative">kernel
testing initiative</a> we provide a webapp where users and
automated systems can upload test results. If you have
access to hardware where we could catch tricky driver
issues, your assistance here would be much appreciated.
- name: Koschei
data:
icon: koschei.png
url: https://koschei.fedoraproject.org/
user_url: https://koschei.fedoraproject.org/user/{user}
package_url: https://koschei.fedoraproject.org/package/{package}
source_url: https://github.com/fedora-infra/koschei
bugs_url: https://github.com/fedora-infra/koschei/issues
docs_url: https://fedoraproject.org/wiki/Koschei
sops:
- https://infrastructure.fedoraproject.org/infra/docs/koschei.rst
status_mappings: ['koschei']
description: >
- name: Koschei
data:
icon: koschei.png
url: https://koschei.fedoraproject.org/
user_url: https://koschei.fedoraproject.org/user/{user}
package_url: https://koschei.fedoraproject.org/package/{package}
source_url: https://github.com/fedora-infra/koschei
bugs_url: https://github.com/fedora-infra/koschei/issues
docs_url: https://fedoraproject.org/wiki/Koschei
sops: [https://infrastructure.fedoraproject.org/infra/docs/koschei.rst]
status_mappings: [koschei]
description: >
Koschei is a continuous integration system for RPM packages. It
tracks dependency changes done in Koji repositories and rebuilds
packages whose dependencies change. It can help packagers to
@ -242,106 +234,101 @@ children:
- name: Coordination
data:
description: >
Tools for people -- so we can talk to each other and share content
and ideas.
Tools for people -- so we can talk to each other and share content
and ideas.
children:
- name: Asknot
data:
url: https://whatcanidoforfedora.org
source_url: https://github.com/fedora-infra/asknot-ng
bugs_url: https://github.com/fedora-infra/asknot-ng/issues
docs_url: https://github.com/fedora-infra/asknot-ng/blob/develop/README.md
- name: Asknot
data:
url: https://whatcanidoforfedora.org
source_url: https://github.com/fedora-infra/asknot-ng
bugs_url: https://github.com/fedora-infra/asknot-ng/issues
docs_url: https://github.com/fedora-infra/asknot-ng/blob/develop/README.md
# TODO - write SOP for asknot-ng
# https://pagure.io/fedora-infrastructure/issue/5154
# sops:
# - url goes here
status_mappings: []
description: >
status_mappings: []
description: >
Ask not what Fedora can do for you, but <a
href="https://whatcanidoforfedora.org">what you can do for
Fedora?</a> This site is a starting place for brand new
contributors to help them figure out where they can
hop on board!
- name: Elections
data:
url: https://elections.fedoraproject.org/
source_url: https://github.com/fedora-infra/elections
bugs_url: https://github.com/fedora-infra/elections/issues
docs_url: https://github.com/fedora-infra/elections/blob/develop/README.md
sops:
- https://infrastructure.fedoraproject.org/infra/docs/voting.rst
status_mappings: ['elections']
description: >
- name: Elections
data:
url: https://elections.fedoraproject.org/
source_url: https://github.com/fedora-infra/elections
bugs_url: https://github.com/fedora-infra/elections/issues
docs_url: https://github.com/fedora-infra/elections/blob/develop/README.md
sops: [https://infrastructure.fedoraproject.org/infra/docs/voting.rst]
status_mappings: [elections]
description: >
As a member of the community, you can now vote for the
different steering committees and for this you will use the
Election application. Voting is a right and a duty as a member
of the community; it is one of the things you can do to
influence the development of Fedora.
- name: The Mailing lists
data:
icon: hyperkitty.png
url: https://lists.fedoraproject.org
source_url: https://gitlab.com/mailman/hyperkitty
bugs_url: https://gitlab.com/mailman/hyperkitty/issues
docs_url: https://hyperkitty.readthedocs.org/en/latest/
sops:
- https://infrastructure.fedoraproject.org/infra/docs/mailman.rst
status_mappings: ['mailinglists']
description: >
- name: The Mailing lists
data:
icon: hyperkitty.png
url: https://lists.fedoraproject.org
source_url: https://gitlab.com/mailman/hyperkitty
bugs_url: https://gitlab.com/mailman/hyperkitty/issues
docs_url: https://hyperkitty.readthedocs.org/en/latest/
sops: [https://infrastructure.fedoraproject.org/infra/docs/mailman.rst]
status_mappings: [mailinglists]
description: >
Mailing lists are used for communication within the community.
There are lists for generic topics and lists more dedicated
to a specific topic, there is for sure one for you.
- name: FedoCal
data:
icon: fedocal.png
url: https://calendar.fedoraproject.org/
source_url: https://github.com/fedora-infra/fedocal
bugs_url: https://github.com/fedora-infra/fedocal/issues
docs_url: https://fedocal.readthedocs.org/en/latest/
sops:
- https://infrastructure.fedoraproject.org/infra/docs/fedocal.rst
status_mappings: ['fedocal']
description: >
- name: FedoCal
data:
icon: fedocal.png
url: https://calendar.fedoraproject.org/
source_url: https://github.com/fedora-infra/fedocal
bugs_url: https://github.com/fedora-infra/fedocal/issues
docs_url: https://fedocal.readthedocs.org/en/latest/
sops: [https://infrastructure.fedoraproject.org/infra/docs/fedocal.rst]
status_mappings: [fedocal]
description: >
The Fedora Calendar (or <strong>fedocal</strong>), you might
have already guessed, is a public calendar service. You can
create your own calendar, or subscribe to others. Want to
be kept abrest of releases, freezes, and events? This is
the tool for you.
- name: Meetbot
data:
icon: meetbot.png
url: https://meetbot.fedoraproject.org
source_url: https://github.com/fedora-infra/mote
bugs_url: https://github.com/fedora-infra/mote/issues
docs_url: https://github.com/fedora-infra/mote/blob/master/README.md
sops:
- https://infrastructure.fedoraproject.org/infra/docs/mote.rst
- https://infrastructure.fedoraproject.org/infra/docs/zodbot.rst
status_mappings: ['zodbot']
description: >
- name: Meetbot
data:
icon: meetbot.png
url: https://meetbot.fedoraproject.org
source_url: https://github.com/fedora-infra/mote
bugs_url: https://github.com/fedora-infra/mote/issues
docs_url: https://github.com/fedora-infra/mote/blob/master/README.md
sops:
- https://infrastructure.fedoraproject.org/infra/docs/mote.rst
- https://infrastructure.fedoraproject.org/infra/docs/zodbot.rst
status_mappings: [zodbot]
description: >
Fedora Infrastructure runs a friendly IRC bot that you may
know named <a href="https://fedoraproject.org/wiki/Zodbot">zodbot</a>.
Among its many and varied functions is logging IRC meetings,
the archives of which you can find here.
- name: Packaging
data:
description: >
Tools for packagers -- where the pieces of the distribution get
built.
Tools for packagers -- where the pieces of the distribution get
built.
children:
- name: Packages
data:
url: https://packages.fedoraproject.org/
package_url: https://apps.fedoraproject.org/packages/{package}
source_url: https://pagure.io/fedora-packages-static
bugs_url: https://pagure.io/fedora-packages-static/issues
docs_url: http://threebean.org/blog/history-of-fedora-packages/
sops:
- https://infrastructure.fedoraproject.org/infra/docs/fedorapackages.rst
status_mappings: ['packages']
description: >
- name: Packages
data:
url: https://packages.fedoraproject.org/
package_url: https://apps.fedoraproject.org/packages/{package}
source_url: https://pagure.io/fedora-packages-static
bugs_url: https://pagure.io/fedora-packages-static/issues
docs_url: http://threebean.org/blog/history-of-fedora-packages/
sops:
- https://infrastructure.fedoraproject.org/infra/docs/fedorapackages.rst
status_mappings: [packages]
description: >
A meta-app over the other packaging apps; the best place to
find out what is in the Fedora repositories. Which
packages are present in which version, who is maintaining
@ -349,104 +336,101 @@ children:
reported against them. All these kind of questions can be
answered here.
It is sometimes called "Fedora Community v2" after the old
<a href="https://admin.fedoraproject.org/community">Fedora Community</a> site.
- name: COPR
data:
icon: copr.png
url: https://copr.fedoraproject.org
user_url: https://copr.fedoraproject.org/coprs/{user}/
source_url: https://github.com/fedora-copr/copr
bugs_url: >
<a href="https://admin.fedoraproject.org/community">Fedora Community</a>
site.
- name: COPR
data:
icon: copr.png
url: https://copr.fedoraproject.org
user_url: https://copr.fedoraproject.org/coprs/{user}/
source_url: https://github.com/fedora-copr/copr
bugs_url: >
https://bugzilla.redhat.com/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=POST&bug_status=MODIFIED&bug_status=ON_DEV&bug_status=ON_QA&bug_status=VERIFIED&bug_status=RELEASE_PENDING&classification=Community&list_id=4767864&product=Copr&query_format=advanced
docs_url: https://copr-backend.readthedocs.org/
docs_url: https://copr-backend.readthedocs.org/
# Also:
# - https://copr-keygen.readthedocs.org/
# - https://copr-rest-api.readthedocs.org/
sops:
- https://infrastructure.fedoraproject.org/infra/docs/copr.rst
status_mappings: ['copr']
description: >
sops: [https://infrastructure.fedoraproject.org/infra/docs/copr.rst]
status_mappings: [copr]
description: >
Copr is an easy-to-use automatic build system providing a
package repository as its output. You can make your **own** repositories!
- name: Koji
data:
icon: koji.png
url: https://koji.fedoraproject.org/koji
package_url: >
- name: Koji
data:
icon: koji.png
url: https://koji.fedoraproject.org/koji
package_url: >
https://koji.fedoraproject.org/koji/search?match=glob&type=package&terms={package}
user_url: https://koji.fedoraproject.org/koji/userinfo?userID={user}
source_url: https://pagure.io/koji
bugs_url: https://pagure.io/koji/issues
docs_url: https://koji.build/
sops:
- https://infrastructure.fedoraproject.org/infra/docs/koji.rst
- https://infrastructure.fedoraproject.org/infra/docs/koji-builder-setup.rst
status_mappings: ['koji']
description: >
user_url: https://koji.fedoraproject.org/koji/userinfo?userID={user}
source_url: https://pagure.io/koji
bugs_url: https://pagure.io/koji/issues
docs_url: https://koji.build/
sops:
- https://infrastructure.fedoraproject.org/infra/docs/koji.rst
- https://infrastructure.fedoraproject.org/infra/docs/koji-builder-setup.rst
status_mappings: [koji]
description: >
Koji is the software that builds RPM packages for the
Fedora project. It uses Mock to create chroot
environments to perform builds that are both safe and
trusted.
- name: Bodhi
data:
icon: bodhi.png
url: https://admin.fedoraproject.org/updates
package_url: https://admin.fedoraproject.org/updates/{package}
user_url: https://admin.fedoraproject.org/updates/user/{user}
source_url: https://github.com/fedora-infra/bodhi
bugs_url: https://github.com/fedora-infra/bodhi/issues
docs_url: https://bodhi.fedoraproject.org/docs
sops:
- https://infrastructure.fedoraproject.org/infra/docs/bodhi.rst
status_mappings: ['bodhi']
description: >
- name: Bodhi
data:
icon: bodhi.png
url: https://admin.fedoraproject.org/updates
package_url: https://admin.fedoraproject.org/updates/{package}
user_url: https://admin.fedoraproject.org/updates/user/{user}
source_url: https://github.com/fedora-infra/bodhi
bugs_url: https://github.com/fedora-infra/bodhi/issues
docs_url: https://bodhi.fedoraproject.org/docs
sops: [https://infrastructure.fedoraproject.org/infra/docs/bodhi.rst]
status_mappings: [bodhi]
description: >
The tool you will use to push your packages to the Fedora
repositories as an update, first an update to be tested
(repository: updates-testing) then a stable update
(repository: updates). Behold -- the <em>Magic
Cabbage.</em>
- name: Package Sources
data:
icon: package-sources.png
url: https://src.fedoraproject.org/
package_url: https://src.fedoraproject.org/rpms/{package}
source_url: https://pagure.io/pagure
bugs_url: https://pagure.io/pagure/issues
docs_url: https://pagure.io/docs/pagure/
status_mappings: ['pkgs']
description: >
- name: Package Sources
data:
icon: package-sources.png
url: https://src.fedoraproject.org/
package_url: https://src.fedoraproject.org/rpms/{package}
source_url: https://pagure.io/pagure
bugs_url: https://pagure.io/pagure/issues
docs_url: https://pagure.io/docs/pagure/
status_mappings: [pkgs]
description: >
Ever wonder <em>exactly</em> what is in the new release
of a Fedora package? This is where the change histories
of all the packages in Fedora for every release of
Fedora (and EPEL) are kept.. forever! A gold mine.
- name: Mdapi
data:
url: https://apps.fedoraproject.org/mdapi
description: >
mdapi is a small API exposing the metadata contained in
different RPM repositories.
- name: Mdapi
data:
url: https://apps.fedoraproject.org/mdapi
description: >
mdapi is a small API exposing the metadata contained in
different RPM repositories.
- name: Upstream
data:
description: >
Tools for <a
href="https://fedoraproject.org/wiki/Staying_close_to_upstream_projects">upstream</a>
developers -- because we love you.
Tools for <a
href="https://fedoraproject.org/wiki/Staying_close_to_upstream_projects">upstream</a>
developers -- because we love you.
children:
- name: Release Monitoring
data:
url: https://release-monitoring.org
package_url: https://release-monitoring.org/projects/search/?pattern={package}
source_url: https://github.com/fedora-infra/anitya
bugs_url: https://github.com/fedora-infra/anitya/issues
docs_url: https://fedoraproject.org/wiki/Upstream_release_monitoring
- name: Release Monitoring
data:
url: https://release-monitoring.org
package_url: https://release-monitoring.org/projects/search/?pattern={package}
source_url: https://github.com/fedora-infra/anitya
bugs_url: https://github.com/fedora-infra/anitya/issues
docs_url: https://fedoraproject.org/wiki/Upstream_release_monitoring
# TODO - write sops for anitya and the-new-hotness
# https://pagure.io/fedora-infrastructure/issue/5157
# sops:
# - https://infrastructure.fedoraproject.org/infra/docs/anitya.rst
# - https://infrastructure.fedoraproject.org/infra/docs/hotness.rst
description: >
description: >
Code named <a
href="https://github.com/fedora-infra/anitya">anitya</a>, this
project is slated to replace <a
@ -457,95 +441,92 @@ children:
then be responsible for filing bugs, attempting to
automatically build packages, perform some preliminary QA
checks, etc..
- name: Webhook to Fedora Messaging
data:
url: https://webhook.fedoraproject.org/
source_url: https://github.com/fedora-infra/webhook-to-fedora-messaging
bugs_url: https://github.com/fedora-infra/webhook-to-fedora-messaging/issues
docs_url: >
- name: Webhook to Fedora Messaging
data:
url: https://webhook.fedoraproject.org/
source_url: https://github.com/fedora-infra/webhook-to-fedora-messaging
bugs_url: https://github.com/fedora-infra/webhook-to-fedora-messaging/issues
docs_url: >
https://github.com/fedora-infra/webhook-to-fedora-messaging/
sops:
- https://docs.fedoraproject.org/en-US/infra/sysadmin_guide/webhook2fedmsg/
description: >
sops:
- https://docs.fedoraproject.org/en-US/infra/sysadmin_guide/webhook2fedmsg/
description: >
Webhook to Fedora Messaging is a web service that bridges upstream
activity into the <a href="https://fedora-messaging.readthedocs.io/"
>Fedora Infrastructure message bus</a>. Visit the self-service
dashboard to add your application.
- name: Pagure
data:
icon: pagure.png
url: https://pagure.io/
status_mappings: ['pagure']
description: >
- name: Pagure
data:
icon: pagure.png
url: https://pagure.io/
status_mappings: [pagure]
description: >
Pagure is a git-centered forge, python based using pygit2.
With pagure you can host your project with its documentation,
let your users report issues or request enhancements using
the ticketing system and build your community of contributors
by allowing them to fork your projects and contribute to it
via the now-popular pull-request mechanism.
- name: Infrastructure
data:
description: >
Tools for sysadmins -- the people who run the servers that run
Fedora (and otherwise).
Tools for sysadmins -- the people who run the servers that run
Fedora (and otherwise).
children:
- name: GeoIP
data:
url: https://geoip.fedoraproject.org
source_url: https://github.com/fedora-infra/geoip-city-wsgi
bugs_url: https://github.com/fedora-infra/geoip-city-wsgi/issues
docs_url: https://github.com/fedora-infra/geoip-city-wsgi/blob/master/geoip-city.wsgi
- name: GeoIP
data:
url: https://geoip.fedoraproject.org
source_url: https://github.com/fedora-infra/geoip-city-wsgi
bugs_url: https://github.com/fedora-infra/geoip-city-wsgi/issues
docs_url: https://github.com/fedora-infra/geoip-city-wsgi/blob/master/geoip-city.wsgi
# TODO - write a sop for this thing
# https://pagure.io/fedora-infrastructure/issue/5159
# sops:
# - https://infrastructure.fedoraproject.org/infra/docs/geoip.rst
description: >
description: >
A simple web service running <a
href="https://github.com/fedora-infra/geoip-city-wsgi">geoip-city-wsgi</a>
that will return geoip information to you.
- name: Easyfix
data:
url: https://fedoraproject.org/easyfix
source_url: https://github.com/fedora-infra/fedora-gather-easyfix
bugs_url: https://github.com/fedora-infra/fedora-gather-easyfix/issues
docs_url: https://github.com/fedora-infra/fedora-gather-easyfix/blob/master/README
sops:
- https://infrastructure.fedoraproject.org/infra/docs/gather-easyfix.rst
description: >
- name: Easyfix
data:
url: https://fedoraproject.org/easyfix
source_url: https://github.com/fedora-infra/fedora-gather-easyfix
bugs_url: https://github.com/fedora-infra/fedora-gather-easyfix/issues
docs_url: https://github.com/fedora-infra/fedora-gather-easyfix/blob/master/README
sops:
- https://infrastructure.fedoraproject.org/infra/docs/gather-easyfix.rst
description: >
A list of easy-to-fix problems for the different projects in
Fedora. Interested in getting into helping out with sysadmin
work or web application development? This should be useful
to you.
- name: DataGrepper
data:
icon: fedmsg.png
url: https://apps.fedoraproject.org/datagrepper
package_url: https://apps.fedoraproject.org/datagrepper/raw?package={package}
user_url: https://apps.fedoraproject.org/datagrepper/raw?user={user}
source_url: https://github.com/fedora-infra/datagrepper
bugs_url: https://github.com/fedora-infra/datagrepper/issues
docs_url: https://github.com/fedora-infra/datagrepper/blob/develop/README.rst
sops:
- https://infrastructure.fedoraproject.org/infra/docs/datanommer.rst
status_mappings: ['fedmsg']
description: >
- name: DataGrepper
data:
icon: fedmsg.png
url: https://apps.fedoraproject.org/datagrepper
package_url: https://apps.fedoraproject.org/datagrepper/raw?package={package}
user_url: https://apps.fedoraproject.org/datagrepper/raw?user={user}
source_url: https://github.com/fedora-infra/datagrepper
bugs_url: https://github.com/fedora-infra/datagrepper/issues
docs_url: https://github.com/fedora-infra/datagrepper/blob/develop/README.rst
sops: [https://infrastructure.fedoraproject.org/infra/docs/datanommer.rst]
status_mappings: [fedmsg]
description: >
DataGrepper is an HTTP API for querying the datanommer
database. You can use it to dig into the history of the
<a href="https://fedmsg.readthedocs.io/">fedmsg</a> message bus. You
can grab events by username, by package, by message
source, by topic... you name it.
- name: Status
data:
icon: status-good.png
url: http://www.fedorastatus.org
source_url: https://github.com/fedora-infra/statusfpo/
bugs_url: https://github.com/fedora-infra/statusfpo/issues
docs_url: https://github.com/fedora-infra/statusfpo/README
sops:
- https://infrastructure.fedoraproject.org/infra/docs/status-fedora.rst
description: >
- name: Status
data:
icon: status-good.png
url: http://www.fedorastatus.org
source_url: https://github.com/fedora-infra/statusfpo/
bugs_url: https://github.com/fedora-infra/statusfpo/issues
docs_url: https://github.com/fedora-infra/statusfpo/README
sops:
- https://infrastructure.fedoraproject.org/infra/docs/status-fedora.rst
description: >
Sometimes the Fedora Infrastructure team messes up (or
lightning strikes our datacenter(s)). Sorry about that.
You can use this website to check the status. Is it
@ -553,20 +534,20 @@ children:
in your browser tab. It changes based on the status,
so if you keep this open you can check back to it at a
glance.
- name: MirrorManager
data:
icon: downloads.png
url: https://mirrors.fedoraproject.org
source_url: https://github.com/fedora-infra/mirrormanager2
bugs_url: https://github.com/fedora-infra/mirrormanager2/issues
docs_url: https://mirrormanager.readthedocs.org/en/latest/
sops:
- https://infrastructure.fedoraproject.org/infra/docs/mirrormanager.rst
- https://infrastructure.fedoraproject.org/infra/docs/mastermirror.rst
- https://infrastructure.fedoraproject.org/infra/docs/mirrorhiding.rst
- https://infrastructure.fedoraproject.org/infra/docs/mirrormanager-S3-EC2-netblocks.rst
status_mappings: ['mirrormanager', 'mirrorlist']
description: >
- name: MirrorManager
data:
icon: downloads.png
url: https://mirrors.fedoraproject.org
source_url: https://github.com/fedora-infra/mirrormanager2
bugs_url: https://github.com/fedora-infra/mirrormanager2/issues
docs_url: https://mirrormanager.readthedocs.org/en/latest/
sops:
- https://infrastructure.fedoraproject.org/infra/docs/mirrormanager.rst
- https://infrastructure.fedoraproject.org/infra/docs/mastermirror.rst
- https://infrastructure.fedoraproject.org/infra/docs/mirrorhiding.rst
- https://infrastructure.fedoraproject.org/infra/docs/mirrormanager-S3-EC2-netblocks.rst
status_mappings: [mirrormanager, mirrorlist]
description: >
Fedora is distributed to millions of systems globally.
This would not be possible without the donations of time,
disk space, and bandwidth by hundreds of volunteer system
@ -575,57 +556,54 @@ children:
donations. The list on the <strong>MirrorManager</strong>
site is dynamically generated every hour, listing only
up-to-date mirrors.
- name: Nagios
data:
icon: nagios-logo.png
url: https://admin.fedoraproject.org/nagios
source_url: https://github.com/NagiosEnterprises/nagioscore
bugs_url: https://pagure.io/fedora-infrastructure/issues
docs_url: https://www.nagios.org/documentation/
sops:
- https://infrastructure.fedoraproject.org/infra/docs/nagios.rst
description: >
- name: Nagios
data:
icon: nagios-logo.png
url: https://admin.fedoraproject.org/nagios
source_url: https://github.com/NagiosEnterprises/nagioscore
bugs_url: https://pagure.io/fedora-infrastructure/issues
docs_url: https://www.nagios.org/documentation/
sops: [https://infrastructure.fedoraproject.org/infra/docs/nagios.rst]
description: >
"Is telia down?" The answer can most definitively be
found here (and in detail). The Fedora Infrastructure
team uses Nagios to monitor the servers that serve
Fedora. Accessing most details requires membership
in the <em>sysadmin</em> group.
- name: Collectd
data:
icon: collectd.png
url: https://admin.fedoraproject.org/collectd/
source_url: https://github.com/collectd/collectd
bugs_url: https://github.com/collectd/collectd/issues
docs_url: https://collectd.org/documentation.shtml
sops:
- https://infrastructure.fedoraproject.org/infra/docs/collectd.rst
description: >
- name: Collectd
data:
icon: collectd.png
url: https://admin.fedoraproject.org/collectd/
source_url: https://github.com/collectd/collectd
bugs_url: https://github.com/collectd/collectd/issues
docs_url: https://collectd.org/documentation.shtml
sops: [https://infrastructure.fedoraproject.org/infra/docs/collectd.rst]
description: >
Tracks and displays statistics on the Fedora
Infrastructure machines over time. Useful for debugging
ineffeciencies and problems.
- name: HAProxy
data:
url: https://admin.fedoraproject.org/haproxy/proxy1
source_url: https://git.haproxy.org/
bugs_url: https://www.haproxy.org/knownbugs-1.3.html
docs_url: https://www.haproxy.org/#docs
sops:
- https://infrastructure.fedoraproject.org/infra/docs/haproxy.rst
description: >
- name: HAProxy
data:
url: https://admin.fedoraproject.org/haproxy/proxy1
source_url: https://git.haproxy.org/
bugs_url: https://www.haproxy.org/knownbugs-1.3.html
docs_url: https://www.haproxy.org/#docs
sops: [https://infrastructure.fedoraproject.org/infra/docs/haproxy.rst]
description: >
Shows the health of our proxies. How many bytes?
Concurrent sessions? Health checks?
- name: In Development
data:
description: >
These are the apps that we're working on, but that aren't quite
ready for prime-time yet. Try and use them, and report bugs when
they're broken -- it's a big help!.
Check back here from time to time, as this section will change.
These are the apps that we're working on, but that aren't quite
ready for prime-time yet. Try and use them, and report bugs when
they're broken -- it's a big help!.
Check back here from time to time, as this section will change.
children:
- name: Ipsilon
data:
url: https://pagure.io/ipsilon
description: >
- name: Ipsilon
data:
url: https://pagure.io/ipsilon
description: >-
Ipsilon is our central authentication agent that is used to
authenticate users agains FAS. It is seperate from FAS. The
only service that is not using this currently is the wiki.

1
roles/apps-fp-o/handlers/main.yml
View file

@ -1,3 +1,4 @@
---
- name: rebuild apps-fp-o html
shell: /usr/bin/apps-fp-o-yaml2html.py > /srv/web/apps-fp-o/apps-yaml.html

1
roles/apps-fp-o/tasks/main.yml
View file

@ -1,3 +1,4 @@
---
- name: Install that apps-fp-o rpm package
package: name=apps-fp-o state=present
tags:

10
roles/awx/podman/tasks/main.yml
View file

@ -10,7 +10,7 @@
ansible.builtin.file:
path: "~{{ podman_user }}/.config/containers"
state: directory
mode: 0700
mode: "0700"
owner: "{{ podman_user }}"
group: "{{ podman_group }}"
@ -23,7 +23,7 @@
dest: "~{{ podman_user }}/.config/containers/containers.conf"
owner: "{{ podman_user }}"
group: "{{ podman_group }}"
mode: 0600
mode: "0600"
- name: Create empty mounts config file to avoid permissions error message
ansible.builtin.copy:
@ -32,17 +32,17 @@
force: false
owner: "{{ podman_user }}"
group: "{{ podman_group }}"
mode: 0600
mode: "0600"
- name: Ensure registries.conf.d exists
ansible.builtin.file:
path: /etc/containers/registries.conf.d/
state: directory
mode: 0755
mode: "0755"
- name: Force fully qualified image names to be provided to podman pull
ansible.builtin.copy:
content: |
unqualified-search-registries = []
dest: /etc/containers/registries.conf.d/force-fully-qualified-images.conf
mode: 0644
mode: "0644"

8
roles/base/meta/main.yml
View file

@ -1,6 +1,6 @@
---
dependencies:
- { role: linux-system-roles.network, when: "'no_linux_system_roles' not in group_names", tags: ['linux-system-roles.network'] }
- { role: basessh, tags: ['basessh'] }
- { role: chrony }
- { role: dnf-automatic, tags: ['dnf-automatic'] }
- { role: linux-system-roles.network, when: "'no_linux_system_roles' not in group_names", tags: ['linux-system-roles.network'] }
- { role: basessh, tags: ['basessh'] }
- { role: chrony }
- { role: dnf-automatic, tags: ['dnf-automatic'] }

1
roles/base/tasks/crypto-policies.yml
View file

@ -1,3 +1,4 @@
---
- name: Check current crypto-policy
command: "update-crypto-policies --show"
register: currentcryptopolicy

7
roles/base/tasks/postfix.yml
View file

@ -1,3 +1,4 @@
---
- name: /etc/postfix/main.cf
copy: src={{ item }} dest=/etc/postfix/main.cf
with_first_found:
@ -91,12 +92,12 @@
- restart postfix
tags:
- postfix
# Install gateway tls cert as a pem file.
# Install gateway tls cert as a pem file.
# This has: private key, then cert, then intermediate cert
# This cert is a digicert one, renew it there.
- name: install /etc/pki/tls/private/gateway-chain.pem
copy:
copy:
src="{{private}}/files/smtpd/gateway-chain.pem"
dest=/etc/pki/tls/private/gateway-chain.pem
owner=root

1
roles/base/tasks/watchdog.yml
View file

@ -1,3 +1,4 @@
---
- name: See if theres a watchdog device
stat: path=/dev/watchdog
when: ansible_virtualization_role is defined and ansible_virtualization_role == 'guest'

14
roles/basessh/tasks/main.yml
View file

@ -1,26 +1,26 @@
---
#
# We have some tasks here in case this is a bare metal machine
# and we are provisioning it for the first time.
# and we are provisioning it for the first time.
# virtual machines are handled in tasks/virt-instance-create
#
- name: make sure there is no old ssh host key for the host still around
local_action: known_hosts path={{item}} host={{ inventory_hostname }} state=absent
ignore_errors: True
ignore_errors: true
with_items:
- /root/.ssh/known_hosts
when: birthday is defined
- name: gather ssh host key from new instance
local_action: command ssh-keyscan -t rsa {{ inventory_hostname }}
ignore_errors: True
ignore_errors: true
register: hostkey
when: birthday is defined
- name: add new ssh host key (until we can sign it)
local_action: known_hosts path={{item}} key="{{ hostkey.stdout }}" host={{ inventory_hostname }} state=present
ignore_errors: True
ignore_errors: true
with_items:
- /root/.ssh/known_hosts
when: birthday is defined
@ -33,7 +33,7 @@
- config
- sshd
- selinux
when: ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 8
when: ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 8
- name: make sure python3-libselinux is installed
package: name=python3-libselinux state=present
@ -163,7 +163,7 @@
state=directory
delegate_to: localhost
run_once: true
changed_when: False
changed_when: false
tags:
- basessh
- sshd_cert
@ -249,6 +249,6 @@
- name: make sure there is no old ssh host key for the host still around
local_action: known_hosts path={{item}} host={{ inventory_hostname }} state=absent
ignore_errors: True
ignore_errors: true
with_items:
- /root/.ssh/known_hosts

9
roles/batcave/tasks/main.yml
View file

@ -6,6 +6,7 @@
# make directory for nfs mounts to live in
#
---
- name: create /srv/web/pub for nfs mounts
file: dest=/srv/web/pub state=directory mode=0755
tags:
@ -38,7 +39,7 @@
- fedora-messaging # To send/receive messages on the amqp bus
- ansible-freeipa # For the IPA server configuration tasks
- moreutils # needed for pee command for dns repo hook
#- python39-jmespath # for the copr playbooks
# - python39-jmespath # for the copr playbooks
- rhel-system-roles # for networking
- python3-requests-kerberos # for authentication via kinit inside ansible
tags:
@ -94,7 +95,7 @@
copy:
src: make-rabbitmq-certs-public.sh
dest: /etc/cron.daily/make-rabbitmq-certs-public
mode: 0755
mode: "0755"
tags:
- batcave
- config
@ -404,7 +405,7 @@
template:
src: geoip-download-databases
dest: /usr/local/bin/geoip-download-databases
mode: 0700
mode: "0700"
tags:
- batcave
- config
@ -413,7 +414,7 @@
copy:
src: geoip-download-databases.cron
dest: /etc/cron.d/geoip-download-databases.cron
mode: 0644
mode: "0644"
tags:
- batcave
- config

2
roles/bkernel/tasks/main.yml
View file

@ -63,7 +63,7 @@
template:
src: bkernel-site-defaults.cfg
dest: /etc/mock/site-defaults.cfg
mode: 0644
mode: "0644"
owner: root
group: mock
tags:

8
roles/blockerbugs/tasks/main.yml
View file

@ -30,10 +30,10 @@
- name: create the `blockerbugs` user
user:
name: blockerbugs
group: blockerbugs
shell: /bin/nologin
home: /usr/share/blockerbugs
name: blockerbugs
group: blockerbugs
shell: /bin/nologin
home: /usr/share/blockerbugs
tags:
- blockerbugs
- config

2
roles/bodhi2/backend/tasks/main.yml
View file

@ -131,7 +131,7 @@
- -c
- "from sys import version_info as vi; print(f'{vi[0]}.{vi[1]}')"
register: _python3_version_result
changed_when: False
changed_when: false
- name: Set Python version fact
set_fact:

4
roles/btrfs/tasks/main.yml
View file

@ -12,7 +12,7 @@
path: /etc/systemd/system/btrfs-balance.timer.d
owner: root
group: root
mode: 0755
mode: "0755"
- name: Configure btrfs-balance timer
@ -21,7 +21,7 @@
dest: /etc/systemd/system/btrfs-balance.timer.d/schedule.conf
owner: root
group: root
mode: 0644
mode: "0644"
notify:
- reload systemd
- restart btrfs-balance

1
roles/builder_repo/tasks/main.yml
View file

@ -1,3 +1,4 @@
---
- name: add builder infra yum repo
file: dest=/etc/yum.repos.d/builder-infrastructure.repo state=absent
tags:

2
roles/centosci-keytab/tasks/main.yml
View file

@ -5,7 +5,7 @@
state: directory
owner: root
group: root
mode: 0750
mode: "0750"
- name: Acquire a keytab for staging
include_role:

2
roles/cgit/base/tasks/main.yml
View file

@ -43,6 +43,6 @@
when: inventory_hostname.startswith('batcave')
tags: cgit
#- name: install the libravatar filter
# - name: install the libravatar filter
# copy: src=email-libravatar-korg.lua dest=/usr/libexec/cgit/filters/email-libravatar-korg.lua owner=root group=root mode=0755
# tags: cgit

1
roles/check-compose/defaults/main.yml
View file

@ -1,3 +1,4 @@
---
checkcompose_prod: false
checkcompose_amqp_passive: false
checkcompose_amqp_url: "amqps://fedora:@rabbitmq.fedoraproject.org/%2Fpublic_pubsub"

1
roles/check-compose/handlers/main.yml
View file

@ -1,4 +1,5 @@
# Restart handler for our fedora-messaging consumer
---
- name: Conditionally restart check-compose consumer service
command: /usr/local/bin/conditional-restart.sh fm-consumer@check-compose
listen:

9
roles/check-compose/tasks/main.yml
View file

@ -101,13 +101,14 @@
# by openqa/dispatcher role; ideally we should factor this out into a
# shared task or something.
#- name: Install required packages (testing)
# - name: Install required packages (testing)
# dnf: name={{ item }} state=present enablerepo="updates-testing"
# with_items:
# - python3-fedfind
# tags:
# - packages
---
- name: Install required packages
package:
name: ['fedora-messaging', 'python3-fedfind', 'python3-openqa_client', 'python3-pip',
@ -138,7 +139,7 @@
- name: Create /etc/pki/fedora-messaging
file:
dest: /etc/pki/fedora-messaging
mode: 0775
mode: "0775"
owner: root
group: root
state: directory
@ -153,7 +154,7 @@
copy:
src: "{{ private }}/files/rabbitmq/{{ checkcompose_env }}/pki/issued/{{ openqa_amqp_this_username }}.crt"
dest: "/etc/pki/fedora-messaging/{{ openqa_amqp_this_username }}-cert.pem"
mode: 0644
mode: "0644"
owner: root
group: root
when: "deployment_type is defined"
@ -168,7 +169,7 @@
copy:
src: "{{ private }}/files/rabbitmq/{{ checkcompose_env }}/pki/private/{{ openqa_amqp_this_username }}.key"
dest: "/etc/pki/fedora-messaging/{{ openqa_amqp_this_username }}-key.pem"
mode: 0640
mode: "0640"
owner: root
group: geekotest
when: "deployment_type is defined"

1
roles/chrony/tasks/main.yml
View file

@ -1,3 +1,4 @@
---
- name: install chrony
package: name=chrony state=present
tags:

1
roles/cloudstats/tasks/main.yml
View file

@ -1,3 +1,4 @@
---
- name: Install the cloud-image-stat script
copy: >
src=cloud-image-stat.py dest=/usr/local/bin/cloud-image-stat.py

7
roles/collectd/base/tasks/main.yml
View file

@ -1,8 +1,7 @@
# collectd client setup
# install pkg
---
- name: install collectd
package: name=collectd state=present
tags:
@ -106,7 +105,7 @@
seboolean: name=collectd_tcp_network_connect state=yes persistent=yes
tags:
- collectd
ignore_errors: True
ignore_errors: true
notify:
- restart collectd
when: ( collectd_apache is defined ) and ansible_selinux.status != "disabled"
@ -182,8 +181,6 @@
- collectd
- selinux
# each of the below should move to a separate task list
# since they are odd-balls and one-offs

1
roles/collectd/fedmsg-activation/tasks/main.yml
View file

@ -1,3 +1,4 @@
---
- name: Copy in /usr/local/bin/fedmsg-map
copy: src=fedmsg-map.py dest=/usr/local/bin/fedmsg-map mode=0755
tags:

1
roles/collectd/fedmsg-service/vars/main.yml
View file

@ -1,2 +1,3 @@
---
user: fedmsg
process: fedmsg-hub

3
roles/collectd/rabbitmq/tasks/main.yml
View file

@ -1,3 +1,4 @@
---
- name: install collectd-rabbitmq
package:
state: present
@ -20,7 +21,7 @@
dest: "/etc/collectd.d/rabbitmq.conf"
owner: root
group: root
mode: 0640
mode: "0640"
tags:
- collectd
- config

2
roles/collectd/web-service/tasks/main.yml
View file

@ -21,4 +21,4 @@
seboolean: name=collectd_tcp_network_connect state=yes persistent=yes
tags:
- collectd
ignore_errors: True
ignore_errors: true

2
roles/communishift/default/main.yml
View file

@ -1,7 +1,7 @@
---
communishift_efs_access_key: "OVERRIDEME"
communishift_efs_secret_key: "OVERRIDEME"
communishift_project_name: "OVERRIDEME"
communishift_region: "OVERRIDEME"
communishift_subnet_id: "OVERRIDEME"
communishift_security_group: "OVERRIDEME"

2
roles/communishift/tasks/cleanup-administration-tasks.yml
View file

@ -1,3 +1,3 @@
---
#- include_tasks: retrieve-communishift-admin-data.yml
# - include_tasks: retrieve-communishift-admin-data.yml
- include_tasks: send-tenant-deletion-notifications.yml

1
roles/copr/backend/files/provision/create_swap_file.yml
View file

@ -1,3 +1,4 @@
---
- name: install enable-swap.service
copy:
src: files/enable-swap.service

2
roles/copr/backend/files/provision/playbook-prepare-builder-to-create-images.yml
View file

@ -96,7 +96,7 @@
--run-command "chcon -v -R -h system_u:object_r:ssh_home_t:s0 /root/.ssh" )
EIMG_DOUBLECHECK_WAITING_FOR_IPV4=true
dest: /etc/eimg/eimg.sh
mode: 0644
mode: "0644"
- stat: path={{ private_key_file }}
register: key_stat

4
roles/copr/backend/files/provision/provision_builder_tasks.yml
View file

@ -209,7 +209,7 @@
- name: run /bin/copr-update-builder from copr-builder package
shell: /usr/bin/copr-update-builder
#- name: install the latest mock and mock-core-configs from updates-testing
# - name: install the latest mock and mock-core-configs from updates-testing
# package: state=latest name={{ packages }}
# register: mock_updated
# vars:
@ -259,7 +259,7 @@
dest: /etc/security/limits.d/50-copr-fds.conf
owner: root
group: root
mode: 0644
mode: "0644"
when:
- preparing_image

1
roles/copr/backend/handlers/main.yml
View file

@ -1,3 +1,4 @@
---
- name: chmod_key
file: path=/etc/lighttpd/copr-be.fedoraproject.org.pem owner=root group=root mode=0600

8
roles/copr/backend/tasks/copr-ping.yml
View file

@ -35,7 +35,7 @@
src: "{{ ping_script }}.j2"
owner: "{{ ping_user }}"
group: "{{ ping_user }}"
mode: 0700
mode: "0700"
tags: copr_ping
- name: install the check script
@ -44,7 +44,7 @@
src: "copr-ping-check.py.j2"
owner: "{{ ping_user }}"
group: "nagios"
mode: 0750
mode: "0750"
tags: copr_ping
- name: selinux - allow nrpe_t to read ping_log
@ -65,7 +65,7 @@
path: "{{ ping_homedir }}/.config"
owner: "{{ ping_user }}"
group: "{{ ping_user }}"
mode: 0755
mode: "0755"
state: directory
tags: copr_ping
@ -78,7 +78,7 @@
token = {{ copr_ping_bot_token }}
copr_url = https://copr.fedorainfracloud.org
dest: "{{ ping_homedir }}/.config/copr"
mode: 0600
mode: "0600"
owner: "{{ ping_user }}"
group: "{{ ping_user }}"
tags: copr_ping

1
roles/copr/backend/tasks/install_cloud_cert.yml
View file

@ -1,3 +1,4 @@
---
- name: copy .pem
copy: src=../../files/fedora-cloud/fed-cloud09.pem dest=/etc/pki/ca-trust/source/anchors/
register: cloud_pem_copied

20
roles/copr/backend/tasks/main.yml
View file

@ -34,7 +34,7 @@
tags:
- packages
#- name: patch for prunerepo, issue 1090
# - name: patch for prunerepo, issue 1090
# patch: src=patches/prunerepo-dataloss.patch
# dest=/usr/bin/prunerepo
# tags: patches
@ -64,7 +64,7 @@
dest: /home/copr/.ssh/config
owner: copr
group: copr
mode: 0600
mode: "0600"
tags:
- backend_to_hv_ssh_config
- provision_config
@ -85,7 +85,7 @@
- name: auth_key so we can login to localhost as the copr user from the copr user
authorized_key: user=copr key="{{ item }}"
no_log: True
no_log: true
with_file:
- "provision/files/buildsys.pub"
@ -139,13 +139,13 @@
src: cgi-resalloc
dest: /var/www/
setype: httpd_sys_script_exec_t
mode: 0755
mode: "0755"
- name: install the helper scripts for lighttpd log rotation
copy:
src: "{{ item }}"
dest: /usr/local/bin/{{ item }}
mode: 0755
mode: "0755"
owner: root
group: root
with_items:
@ -167,7 +167,7 @@
service: state=started enabled=yes name=lighttpd
# setup dirs for the ansible execution off of provisioning
#- name: dirs from provision
# - name: dirs from provision
# file: state=directory path="/home/copr/provision/{{ item }}" owner=copr group=copr
# with_items:
# - action_plugins
@ -227,7 +227,7 @@
copy: src="{{ item }}" dest=/usr/local/bin/
owner=root mode=755
with_fileglob:
- copr-builder-image-*.sh
- copr-builder-image-*.sh
when: devel|bool
tags:
- provision_config
@ -278,7 +278,7 @@
- command: "ls -dZ /var/lib/copr/public_html/"
register: public_html_ls
check_mode: no
changed_when: False
changed_when: false
- name: update selinux context for results if root folder does not have proper type
command: "restorecon -vvRF /var/lib/copr/public_html/"
@ -304,7 +304,7 @@
copy:
content: "{{ copr_red_hat_subscription_offline_token }}"
dest: "{{ rhn_offline_token_file }}"
mode: 0600
mode: "0600"
owner: resalloc
group: resalloc
tags:
@ -314,7 +314,7 @@
template:
src: "{{ item }}"
dest: /usr/local/bin/{{ item }}
mode: 0755
mode: "0755"
loop:
- cleanup-unused-vms-from-redis
- cleanup-unused-redhat-subscriptions

1
roles/copr/backend/tasks/network.yml
View file

@ -1,3 +1,4 @@
---
- name: copy ifcfg-eth1
copy: src="ifcfg-eth1" dest=/etc/sysconfig/network-scripts/ owner=root group=root mode=644

6
roles/copr/backend/tasks/pulp.yml
View file

@ -10,7 +10,7 @@
path: /home/copr/.config/pulp/
owner: copr
group: copr
mode: 0700
mode: "0700"
- name: Install Pulp auth certificates
copy:
@ -18,7 +18,7 @@
dest: "/home/copr/.config/pulp/"
owner: copr
group: copr
mode: 0600
mode: "0600"
with_items:
- copr-pulp-prod.crt
- copr-pulp-prod.key
@ -30,4 +30,4 @@
dest: "/home/copr/.config/pulp/cli.toml"
owner: copr
group: copr
mode: 0600
mode: "0600"

14
roles/copr/backend/tasks/resalloc.yml
View file

@ -33,7 +33,7 @@
line: "{{ item }}"
owner: postgres
group: postgres
mode: 0600
mode: "0600"
with_items:
- "all postgres postgres"
- "all resalloc resalloc"
@ -101,7 +101,7 @@
file:
path: /var/lib/resallocserver/.ssh
state: directory
mode: 0700
mode: "0700"
owner: resalloc
group: resalloc
@ -111,7 +111,7 @@
dest: /var/lib/resallocserver/.ssh/id_rsa
owner: resalloc
group: resalloc
mode: 0600
mode: "0600"
- name: resalloc, ssh config file
template:
@ -119,7 +119,7 @@
dest: /var/lib/resallocserver/.ssh/config
owner: resalloc
group: resalloc
mode: 0600
mode: "0600"
tags:
- backend_to_hv_ssh_config
- provision_config
@ -128,7 +128,7 @@
template:
src: "resalloc/{{ item }}"
dest: "/etc/resallocserver/{{ item }}"
mode: 0640
mode: "0640"
owner: resalloc
group: resalloc
with_items:
@ -160,7 +160,7 @@
copy:
src: copr-prepare-s390x-image-builder
dest: /usr/local/bin/copr-prepare-s390x-image-builder
mode: 0755
mode: "0755"
tags:
- images_s390x
@ -173,6 +173,6 @@
dest: "{{ ibmcloud_token_file }}"
owner: resalloc
group: resalloc
mode: 0600
mode: "0600"
tags:
- provision_config

6
roles/copr/backend/tasks/setup_provisioning_environment.yml
View file

@ -35,7 +35,7 @@
template:
src: "{{ roles_path }}/copr/backend/templates/provision/{{ item }}"
dest: "{{ provision_directory }}/{{ item }}"
mode: 0755
mode: "0755"
with_items:
- upload-qcow2-images
tags:
@ -48,7 +48,7 @@
template:
src: "{{ roles_path }}/copr/backend/templates/provision/{{ item }}"
dest: "{{ provision_directory }}/{{ item }}"
mode: 0755
mode: "0755"
with_items:
- libvirt-new
tags:
@ -93,6 +93,6 @@
dest: "{{ provision_directory }}/.rc-osuosl.sh"
owner: "{{ provision_user }}"
group: "{{ provision_user }}"
mode: 0600
mode: "0600"
tags:
- provision_config

1
roles/copr/backend/templates/provision/aws_cloud_vars.yml
View file

@ -1,3 +1,4 @@
---
aws_access_key: {{ copr_aws_access_key_id }}
aws_secret_key: {{ copr_aws_secret_access_key }}

5
roles/copr/backend/templates/resalloc/server.yaml
View file

@ -1,6 +1,7 @@
---
db_url: 'postgresql://resalloc@/resalloc'
logdir: '/var/log/resallocserver'
# Listen only on localhost!
hostname: 'localhost'
#port: 49100
#loglevel: info
# port: 49100
# loglevel: info

4
roles/copr/base/tasks/main.yml
View file

@ -6,10 +6,10 @@
# again to late to do it here
# - import_tasks: "{{ tasks_path }}/cloud_setup_basic.yml"
# already included into the `base` role
#- import_tasks: "{{ tasks_path }}/postfix_basic.yml"
# - import_tasks: "{{ tasks_path }}/postfix_basic.yml"
# To late to do it here (
#- name: setup correct hostname for copr machine
# - name: setup correct hostname for copr machine
# hostname: name="{{ copr_hostbase }}.cloud.fedoraproject.org"
# # hostname: name="{{ hostbase|regex_replace('.*-$', '')}}.cloud.fedoraproject.org"
# tags:

2
roles/copr/certbot/tasks/letsencrypt.yml
View file

@ -133,7 +133,7 @@
file:
path: "{{ le_backup_path }}"
# nobody, except for root, can step into this directory (on batcave)
mode: 0700
mode: "0700"
owner: root
group: root
state: directory

1
roles/copr/certbot/tasks/main.yml
View file

@ -1,3 +1,4 @@
---
- include_tasks: letsencrypt.yml
when:
- letsencrypt is defined

1
roles/copr/dist_git/handlers/main.yml
View file

@ -1,3 +1,4 @@
---
- name: reload httpd
service: name="httpd" state="restarted"

1
roles/copr/dist_git/tasks/main.yml
View file

@ -1,3 +1,4 @@
---
- import_tasks: "mount_fs.yml"
# pre-create users/groups and copy uids/gids from the current prod copr-dist-git

1
roles/copr/dist_git/tasks/mount_fs.yml
View file

@ -1,3 +1,4 @@
---
- name: prepare mount point
file: state=directory path=/var/lib/dist-git

1
roles/copr/frontend/handlers/main.yml
View file

@ -1,3 +1,4 @@
---
- import_tasks: "{{ handlers_path }}/restart_services.yml"
- name: restart postgresql

12
roles/copr/frontend/tasks/main.yml
View file

@ -4,7 +4,7 @@
- name: register security context for pgsql directory
command: "ls -dZ /var/lib/pgsql"
register: pgsql_ls
changed_when: False # `ls' command is not changing anything
changed_when: false # `ls' command is not changing anything
- name: update selinux context for postgress db dir if it's wrong
command: "restorecon -vvRF /var/lib/pgsql"
@ -47,7 +47,7 @@
copy:
src: copr-frontend-prometheus-monitoring.py
dest: /usr/bin/copr-frontend-prometheus-monitoring.py
mode: 0750
mode: "0750"
owner: root
group: root
tags:
@ -70,7 +70,7 @@
tags:
- packages
#- name: patch for issue XXX
# - name: patch for issue XXX
# patch: src=patches/xxx.patch
# dest=/the/patched/file.py
# tags: patches
@ -164,8 +164,8 @@
become: yes
become_user: copr-fe
register: update_indexes_required_result
changed_when: False
failed_when: False
changed_when: false
failed_when: false
- name: rebuild indexes
command: ./manage.py update_indexes
@ -229,7 +229,7 @@
dest: "/usr/bin/copr-cdn-check.py"
src: "copr-cdn-check.py.j2"
group: "nagios"
mode: 0750
mode: "0750"
vars:
api_key: "{{ copr_uptimerobot_api_key_ro | default('not-configured') }}"
tags: copr_cdn

2
roles/copr/frontend/tasks/mount_fs.yml
View file

@ -1,6 +1,6 @@
---
- name: mount up disk of copr fe
mount: name=/srv/copr-fe src='LABEL=copr-fe' fstype=ext4 state=mounted
- name: mount up bind mount for postgres
mount: src=/srv/copr-fe/pgsqldb name=/var/lib/pgsql fstype=auto opts=bind state=mounted

5
roles/copr/frontend/tasks/psql_setup.yml
View file

@ -1,3 +1,4 @@
---
- name: install postresql
package: state=present pkg={{ item }}
with_items:
@ -131,7 +132,7 @@
dest: "{{ copr_fe_homedir }}/.psqlrc"
owner: copr-fe
group: copr-fe
mode: 0600
mode: "0600"
- name: install pgpass file
copy:
@ -140,7 +141,7 @@
dest: "{{ copr_fe_homedir }}/.pgpass"
owner: copr-fe
group: copr-fe
mode: 0400
mode: "0400"
- stat: path="{{ copr_fe_homedir }}/.psql_history"
register: history_file

2
roles/copr/hypervisor/tasks/main.yml
View file

@ -159,7 +159,7 @@
src: "{{ private }}/files/copr/buildsys.priv"
dest: /home/copr/.ssh/id_rsa
owner: copr
mode: 0600
mode: "0600"
- name: provide pub key, too, so we can install them to generated builder images
copy: src=buildsys.pub dest=/home/copr/.ssh/id_rsa.pub

1
roles/copr/keygen/tasks/setup_backup.yml
View file

@ -1,3 +1,4 @@
---
- name: ensure /backup dir
file: path=/backup state=directory

1
roles/debug_env/tasks/main.yml
View file

@ -3,5 +3,6 @@
# the env from ansible to see what variables and facts are.
# Taken from https://coderwall.com/p/13lh6w
#
---
- name: Dump all ansible vars
template: src=dumpall.j2 dest=/tmp/debug_env.out

1
roles/developer/build/tasks/main.yml
View file

@ -1,3 +1,4 @@
---
- name: Create directories
file: state=directory
path=/srv/web/{{item}}

1
roles/developer/website/tasks/main.yml
View file

@ -1,3 +1,4 @@
---
- name: Copy in the sync-developer cronjob
copy: src=cron-sync-developer dest=/etc/cron.d/sync-developer
tags:

1
roles/distgit/templates/repospanner-admin.yml
View file

@ -4,4 +4,3 @@ admin:
ca: /etc/pagure/ca.crt
cert: /etc/pagure/fedora_rpms_admin.crt
key: /etc/pagure/fedora_rpms_admin.key

2
roles/dns/tasks/main.yml
View file

@ -49,7 +49,7 @@
- config
- dns
#- name: create GeoIP acl
# - name: create GeoIP acl
# command: /var/named/GeoIP.sh
# changed_when: "1 != 1"
# notify:

3
roles/docker-distribution/defaults/main.yml
View file

@ -7,7 +7,7 @@ conf_path: "/etc/docker-distribution/registry/config.yml"
# Config directives
tls:
enabled: False
enabled: false
certificate: "PATH_TO_CERT"
key: "PATH_TO_KEY"
log:
@ -28,4 +28,3 @@ cert:
cert_dest: "ca.crt"
key_src: "ca.key"
key_dest: "ca.key"

61
roles/docker-distribution/meta/main.yml
View file

@ -20,18 +20,18 @@ galaxy_info:
# the ones that apply to your role. If you don't see your
# platform on this list, let us know and we'll get it added!
#
#platforms:
#- name: EL
# platforms:
# - name: EL
# versions:
# - all
# - 5
# - 6
# - 7
#- name: GenericUNIX
# - name: GenericUNIX
# versions:
# - all
# - any
#- name: Solaris
# - name: Solaris
# versions:
# - all
# - 10
@ -39,7 +39,7 @@ galaxy_info:
# - 11.1
# - 11.2
# - 11.3
#- name: Fedora
# - name: Fedora
# versions:
# - all
# - 16
@ -49,15 +49,15 @@ galaxy_info:
# - 20
# - 21
# - 22
#- name: Windows
# - name: Windows
# versions:
# - all
# - 2012R2
#- name: SmartOS
# - name: SmartOS
# versions:
# - all
# - any
#- name: opensuse
# - name: opensuse
# versions:
# - all
# - 12.1
@ -65,16 +65,16 @@ galaxy_info:
# - 12.3
# - 13.1
# - 13.2
#- name: Amazon
# - name: Amazon
# versions:
# - all
# - 2013.03
# - 2013.09
#- name: GenericBSD
# - name: GenericBSD
# versions:
# - all
# - any
#- name: FreeBSD
# - name: FreeBSD
# versions:
# - all
# - 8.0
@ -86,7 +86,7 @@ galaxy_info:
# - 9.1
# - 9.1
# - 9.2
#- name: Ubuntu
# - name: Ubuntu
# versions:
# - all
# - lucid
@ -100,7 +100,7 @@ galaxy_info:
# - trusty
# - utopic
# - vivid
#- name: SLES
# - name: SLES
# versions:
# - all
# - 10SP3
@ -109,11 +109,11 @@ galaxy_info:
# - 11SP1
# - 11SP2
# - 11SP3
#- name: GenericLinux
# - name: GenericLinux
# versions:
# - all
# - any
#- name: Debian
# - name: Debian
# versions:
# - all
# - etch
@ -125,23 +125,22 @@ galaxy_info:
# Below are all categories currently available. Just as with
# the platforms above, uncomment those that apply to your role.
#
#categories:
#- cloud
#- cloud:ec2
#- cloud:gce
#- cloud:rax
#- clustering
#- database
#- database:nosql
#- database:sql
#- development
#- monitoring
#- networking
#- packaging
#- system
#- web
# categories:
# - cloud
# - cloud:ec2
# - cloud:gce
# - cloud:rax
# - clustering
# - database
# - database:nosql
# - database:sql
# - development
# - monitoring
# - networking
# - packaging
# - system
# - web
dependencies: []
# List your role dependencies here, one per line.
# Be sure to remove the '[]' above if you add dependencies
# to this list.

12
roles/download/tasks/main.yml
View file

@ -104,18 +104,18 @@
- name: Set tcp read buffers higher for download improvements
sysctl:
name: net.ipv4.tcp_rmem
value: "4096 131072 67108864"
sysctl_file: /etc/sysctl.d/10-tcp-socket-buffers.conf
name: net.ipv4.tcp_rmem
value: "4096 131072 67108864"
sysctl_file: /etc/sysctl.d/10-tcp-socket-buffers.conf
tags:
- service
- config
- name: Set tcp write buffers higher for download improvements
sysctl:
name: net.ipv4.tcp_wmem
value: "4096 16384 67108864"
sysctl_file: /etc/sysctl.d/10-tcp-socket-buffers.conf
name: net.ipv4.tcp_wmem
value: "4096 16384 67108864"
sysctl_file: /etc/sysctl.d/10-tcp-socket-buffers.conf
tags:
- service
- config

1
roles/easyfix/proxy/tasks/main.yml
View file

@ -1,3 +1,4 @@
---
- name: Ensure dir for content exists
file: dest=/srv/web/gather-easyfix owner=root group=root mode=0755 state=directory
tags:

1
roles/fas2discourse/default/main.yml
View file

@ -1,3 +1,4 @@
---
fas2discourse_hostname: "fas2discourse.hostna.me"
fas2discourse_namespace: "fas2discourse-operator"
fas2discourse_project_description: "The fas2discourse-operator is responsible for synchronising group membership for users between Discourse and IPA."

3
roles/fas2discourse/tasks/administration-tasks.yml
View file

@ -5,11 +5,10 @@
state: directory
owner: root
group: root
mode: 0770
mode: "0770"
recurse: yes
- include_tasks: create-operator-namespace.yml
- include_tasks: create-keytab-secret.yml
- include_tasks: create-discourse-apikey-secret.yml
- include_tasks: deploy-fas2discourse-operator.yml

3
roles/fas2discourse/tasks/create-discourse-apikey-secret.yml
View file

@ -4,9 +4,8 @@
template:
src: "secret-discourse-apikey.yml"
dest: "/root/ocp4/openshift-apps/fas2discourse-operator/secret-discourse-apikey.yml"
mode: 0770
mode: "0770"
# apply created openshift resources
- name: oc apply resources
command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/fas2discourse-operator/secret-discourse-apikey.yml"

7
roles/fas2discourse/tasks/create-keytab-secret.yml
View file

@ -4,15 +4,15 @@
ansible.builtin.fetch:
src: "/etc/openshift_apps/fas2discourse/fas2discourse{{ env_suffix }}-keytab.kt"
dest: "/etc/openshift_apps/fas2discourse/fas2discourse{{ env_suffix }}-keytab.kt"
flat: True
mode: 0600
flat: true
mode: "0600"
# generate the templates for project to be created
- name: copy the templates to the host
template:
src: "secret-keytab.yml"
dest: "/root/ocp4/openshift-apps/fas2discourse-operator/secret-keytab.yml"
mode: 0770
mode: "0770"
vars:
fas2discourse_keytab_file:
"{{ lookup('file',
@ -22,4 +22,3 @@
# apply created openshift resources
- name: oc apply resources
command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/fas2discourse-operator/secret-keytab.yml"

3
roles/fas2discourse/tasks/create-keytab.yml
View file

@ -6,7 +6,7 @@
state: directory
owner: root
group: root
mode: 0750
mode: "0750"
tags:
- create-keytab
@ -21,4 +21,3 @@
host: "{{ fas2discourse_hostname }}"
tags:
- create-keytab

2
roles/fas2discourse/tasks/create-operator-namespace.yml
View file

@ -4,7 +4,7 @@
template:
src: "namespace.yml"
dest: "/root/ocp4/openshift-apps/fas2discourse-operator/namespace.yml"
mode: 0770
mode: "0770"
# apply created openshift resources
- name: oc apply resources

1
roles/fas2discourse/tasks/deploy-fas2discourse-operator.yml
View file

@ -15,4 +15,3 @@
make:
chdir: "/root/ocp4/openshift-apps/fas2discourse-operator/fas2discourse-operator/"
target: "deploy"

1
roles/fas2discourse/templates/namespace.yml
View file

@ -6,4 +6,3 @@ metadata:
annotations:
openshift.io/description: "{{ fas2discourse_project_description }}"
openshift.io/display-name: "{{ fas2discourse_namespace }}"

2
roles/fas2discourse/templates/secret-discourse-apikey.yml
View file

@ -1,3 +1,4 @@
---
apiVersion: v1
kind: Secret
metadata:
@ -12,4 +13,3 @@ data:
"{{ (env == 'production')|ternary(fas2discourse_fasjson_hostname, fas2discourse_stg_fasjson_hostname) | b64encode }}"
fas2discourse-principal:
"{{ (env == 'production')|ternary(fas2discourse_principal, fas2discourse_stg_principal) | b64encode }}"

2
roles/fas2discourse/templates/secret-keytab.yml
View file

@ -1,3 +1,4 @@
---
apiVersion: v1
kind: Secret
metadata:
@ -6,4 +7,3 @@ metadata:
data:
fas2discourse-keytab:
"{{ fas2discourse_keytab_file | b64encode }}"

1
roles/fasjson/tasks/main.yml
View file

@ -33,4 +33,3 @@
- config
- fasjson
when: fasjson_aliases is defined

1
roles/fedmsg/crl/tasks/main.yml
View file

@ -3,6 +3,7 @@
# repo and throw it into fedoraproject.org/fedmsg/crl.pem
# See https://infrastructure.fedoraproject.org/infra/docs/fedmsg-certs.txt
---
- name: Ensure dir for content exists
file: dest=/srv/web/fedmsg owner=apache group=apache mode=0755 state=directory
tags:

Some files were not shown because too many files have changed in this diff Show more