This will unify all the handlers to use first uppercase letter for
ansible-lint to stop complaining.
I went through all `notify:` occurrences and fixed them by running
```
set TEXT "text_to_replace"; set REPLACEMENT "replacement_text"; git grep
-rlz "$TEXT" . | xargs -0 sed -i "s/$TEXT/$REPLACEMENT/g"
```
Then I went through all the changes and removed the ones that wasn't
expected to be changed.
Fixes https://pagure.io/fedora-infrastructure/issue/12391
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
fix 1900 failures of the following case issue:
`name[casing]: All names should start with an uppercase letter.`
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
Using `git grep el6` and `git grep el7` and variants like EL-7 or
el-7, I found various entries and files which were no longer needed
with the current ansible. I updated text or tests to later versions of
RHEL as needed.
found entries for the fedora ami's for the original cloud and removed
those entries also.
Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>
We want to migrate db-datanommer01.stg to this to make sure things work
ok before doing the prod one next week.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
We need this to try and relay in emails.
It turns out to be bordering on impossible to do this sanely with our
current setup, so make a fedora vm that lets us use saslauthdb to have a
specific (small) list of users that can authenticate and relay emails
via bastion and out. We can't do this on rhel, because they don't build
the saslauthdb backend. We can't use any of the other backends because
they either don't work or would allow any fedora user to relay, which we
do not want.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
We add vpn to it to make ipa work, drop old openshift volumes, change
the name and in general get it ready to add to ansible.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Right now this task makes the ccd dir as 0755 and root.root, but then a
later task syncs this from batcave01 and it gets 2755 and
root.sysadmin-main. Just change this to match so we are more idempotent.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
We had a bunch of old el6 conditionals in here, and we have 0 el6
machines. We also now have some CentOS instances, so we shouldn't check
for RedHat or Fedora anymore. Also, everything is using the newer
openvpn now so no need to make sure the old one is stopped.
This should not affect the vast majority of hosts, but it should allow
the el7/el8-test instances vpns to actually work.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
We need to add these hosts to the vpn to use ipa for auth on them.
They are in the 192.168.100 network, which is the 'more restricted'
subnet of vpn. After the freeze we will probibly want to lock this down
more with a rule on all hosts except ipa* to reject everything from
them. In the mean time the firewall rules blocking most things should be
ok for now.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
We want to add another ipa server host in case the load gets large when
we migrate from fas. We can always nuke this one or add more.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
When we moved datacenters we had iad2 pointing to 192.168.20 at various
points to migrate things. We should no longer have any hosts using that
ip range. Move them all back.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Note that this just needs to add a new ccd file, nothing has to be
restarted and it can't possibly be used by anything but
'pagure02.fedoraproject.org' so it should not affect freeze on bastion.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
We need retrace03 on the vpn at least for now, or else 2fa won't work.
At some point when fasClient is gone we may be able to drop this
when we switch to sssd or something else.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
