Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
31100 commits 9 branches 0 tags 111 MiB
Commit graph

183 commits

Author SHA1 Message Date
Tim Flink
17fd242e1b openvpn: removing qa01.qa and taskotron01.qa 2020-05-20 21:37:28 +00:00
Kevin Fenzi
f832aead89 certgetter01 for iad2, update ccd files for vpn. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-19 20:53:15 -07:00
Kevin Fenzi
396b33d37e openvpn/server: also copy log01 from phx2 to iad2 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-18 15:31:54 -07:00
Kevin Fenzi
a8c53bf27d openvpn/server: clean up ccd files for a bunch of old hosts that should not ever be connecting anymore 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-18 14:15:56 -07:00
Kevin Fenzi
eb065f1e99 openvpn/server: Add some iad2 ccd files for openvpn server 
Note that we want the iad2 things to keep the exact same ip as their
phx2 counterparts, this allows dns to stay the same for both
datacenters.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-18 14:05:07 -07:00
Kevin Fenzi
998a7beb31 iad2: openvpn/client: point all the iad2 instances to use the iad2 bastion 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-18 13:33:12 -07:00
Nils Philippsen
5958059b47 Remove remnants of lists-dev and lists01 
Follow-up on:

commit a11e1da4b435928c8895259e12ea1bf895860cb4
Author: Kevin Fenzi <kevin@scrye.com>
Date:   Thu Feb 20 17:09:00 2020 +0000

    lists-dev: farewell

    Signed-off-by: Kevin Fenzi <kevin@scrye.com>

commit dd3bf3b50d
Author: Kevin Fenzi <kevin@scrye.com>
Date:   Fri May 20 18:09:20 2016 +0000

    Drop collab03 and hosted-lists01 (everything is going to mailman01 now).
    Drop hosted01 (we arent going to move hosted to rhel7)

Signed-off-by: Nils Philippsen <nils@redhat.com>
 2020-05-03 22:02:42 +00:00
Stephen Smoogen
e8073c3bcd remove elections server from ansible. it is now in openshift 2020-04-24 21:34:29 +02:00
Stephen Smoogen
c7831930a5 forgot that vpn boxes need a ccd file 2020-04-24 21:34:27 +02:00
Rick Elrod
0dbf337fae add proxy30 to vpn 
Signed-off-by: Rick Elrod <relrod@redhat.com>
 2020-04-24 21:34:21 +02:00
Mikolaj Izdebski
07fe534564 openvpn/server: Remove Koschei CCD files 2020-04-24 21:34:11 +02:00
Kevin Fenzi
81fb4582e7 ansible: change when conditions to use == instead of is when checking strings. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:10 +02:00
Kevin Fenzi
a562b8a3f8 ansible_distribution_version: address FIXME's/review tweaks. 
download: mod_limitipconn isn't used anyone, dropped the entire line.
transient_cloud: just dropped the dnf part and use 'package' entirely.
sshd_config: UsePrivilegeSeparation isn't used in Fedora at all.
koji_hub: no fedora or rhel8 hubs yet, so just 7 is fine for now.
openvpn: changes look ok
packages3: Should get cverna to review, packages is using fedora now.
varnish: no rhel8 varnish servers yet.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:10 +02:00
Karsten Hopp
c9ed62ac32 update ansible_distribution_major_version conditionals 
Signed-off-by: Karsten Hopp <karsten@redhat.com>
 2020-04-24 21:34:10 +02:00
Karsten Hopp
60c2d50072 openvpn: dnf -> package, with_item changes 2019-06-11 15:00:23 +00:00
Stephen Smoogen
ed6ff61a6f [repospanner] add vpn push files for hosts 2019-03-22 19:19:33 +00:00
Rick Elrod
baf7ab6181 move this to cc-rdu01 
Signed-off-by: Rick Elrod <relrod@redhat.com>
 2019-02-20 02:25:24 +00:00
David Shier
c0f45892ff Removed all traces i could fild of the tagger and statscache (and stats_cache for databases) in ansible, proxy configs, and the nagios config. Pursuant to request in pagzre issue https://pagure.io/fedora-infrastructure/issue/7267 . - Odin2016 2018-10-03 17:50:38 +00:00
Kevin Fenzi
bcc42fad9c Add back a client.conf for rhel6 hosts (fas servers) 2018-09-29 18:28:39 +00:00
Kevin Fenzi
514d2b75ef also masters get messed up by this 2018-09-27 23:10:46 +00:00
Kevin Fenzi
6ca94af4e4 Openshift redeploy to production. 
Add 3 more nodes (we might use one later for staging)
move to latest openshift ansible
Change config to do multitenant, have logs and other config tweaks.
 2018-09-27 21:04:49 +00:00
Patrick Uiterwijk
325155810b Actually use the ansible hostname 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-09-18 05:51:46 +02:00
Patrick Uiterwijk
8ad630412f Make OpenVPN use tun1 for os-node's 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-09-18 05:49:15 +02:00
Kevin Fenzi
d84e1df896 Rename the openvpn ccd file so the new oci-candidate-registry01 gets the right vpn ip 2018-08-22 14:49:04 +00:00
Rick Elrod
9a5b1cdc29 update vpn creds 
Signed-off-by: Rick Elrod <relrod@redhat.com>
 2018-08-21 18:54:46 +00:00
Patrick Uiterwijk
64f17dd5f7 Also fix paths for el6 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-17 04:55:48 +00:00
Patrick Uiterwijk
78ae75ac8a Fix client cert paths 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-17 04:39:50 +00:00
Patrick Uiterwijk
7b90e30af8 Fix directory name 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-17 04:32:29 +00:00
Patrick Uiterwijk
7016d073a0 Fix up dh2048 path 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-17 04:31:42 +00:00
Patrick Uiterwijk
a1b11705e7 Fix ca.crt path 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-17 04:30:09 +00:00
Patrick Uiterwijk
758af3f7d6 Make bastion use new server cert 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-17 04:28:14 +00:00
Kevin Fenzi
aae396bee5 add repospanner instance 2018-08-11 10:24:34 +00:00
Stephen Smoogen
7d853af43b how this worked before is not good 2018-07-10 19:02:14 +00:00
Stephen Smoogen
3db30a5396 add in ccd for download server 2018-07-01 23:28:55 +00:00
Rick Elrod
ffcafa61da add ccd for smtp-mm-cc-rdu01 
Signed-off-by: Rick Elrod <relrod@redhat.com>
 2018-06-28 19:12:28 +00:00
Mikolaj Izdebski
0879897677 Add missing openvpn config for koschei-web02 2018-05-22 04:02:38 +00:00
Patrick Uiterwijk
2948514084 Use the variable, not the string 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-01-02 02:14:00 +00:00
Patrick Uiterwijk
543acabdb1 Try to ensure that haproxy and varnish get started after VPN comes up on proxies 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-01-02 02:11:43 +00:00
Kevin Fenzi
fc484f796c drop some old openvpn stuff 2017-11-25 21:44:59 +00:00
Patrick Uiterwijk
c3e5a23426 Add ccd files 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-11-23 14:19:11 +00:00
Patrick Uiterwijk
65a6ad06f2 This service does not exist on newly installed boxes 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-11-21 23:07:56 +00:00
Patrick Uiterwijk
50b92d5e54 Nuke transitional datanommer and new db-datanommer01 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-10-17 22:36:16 +00:00
Patrick Uiterwijk
936e8b261a yum accepted pkg=, package calls it name= 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2017-10-09 00:38:26 +02:00
Patrick Uiterwijk
adcbf72f03 Packageize this, packageize that, packageize the world 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-10-08 22:25:52 +00:00
Patrick Uiterwijk
466f5c184d add transitional-datanommer01 ccd file 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-10-05 11:25:46 +00:00
Patrick Uiterwijk
d318a7a2b0 Add certgetter01 ccd file 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-09-09 23:27:40 +00:00
Ralph Bean
e6e1faded6 VPN ccd entries for odcs and freshmaker. 2017-08-31 14:48:44 +00:00
Kevin Fenzi
0ed471745c add correct tags here so openvpn is installed 2017-08-22 22:47:14 +00:00
Kevin Fenzi
ab36495dd9 add vpn client and ccd files for os cluster 2017-08-22 21:40:12 +00:00
Ricky Elrod
627708c0ba Initial attempt at docker-registry02.phx2 and docker-registry03.phx2 
Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
 2017-07-19 18:15:59 +00:00