ansible

Author	SHA1	Message	Date
Greg Sutcliffe	5835b04785	Zabbix-stg: add placeholder macro dict to the correct group_vars	2025-05-02 08:55:51 +00:00
Kevin Fenzi	4d4365cdf5	nftables: add defined check for nft_nat_rules and set it also [] by default Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-04-24 13:17:03 -07:00
James Antill	68cbd3dc2c	Turn nftables on everywhere. Signed-off-by: James Antill <james@and.org>	2025-04-24 20:05:03 +00:00
James Antill	31d65aa439	Actually move to nftables for any host with nftables: true (nothing atm). Signed-off-by: James Antill <jantill@redhat.com>	2025-03-03 21:20:30 +00:00
Michal Konecny	6428f8f772	Sunset github2fedmsg and fedmsg This commit is removing all the fedmsg related stuff from ansible repository. Signed-off-by: Michal Konecny <mkonecny@redhat.com>	2025-02-13 10:08:51 +00:00
iamyaash	b3d6a90b9a	motd generic template added migrated notes from infra/hosts motd changes; excluding CSI infos removed csi_* vars from group_vars; converted csi_purpose & csi_relationship into notes fixed merge conflicts minor changes; var updating YAMLs & playbooks udpated YAMLs & playbooks again updated correctly; buildhw.yml fixing merge conflicts dest added in motd.yml	2025-01-28 01:10:14 +00:00
James Antill	80aa4bbbc2	Initial version of iptables to nftables conversion.	2025-01-16 11:28:24 -05:00
Kevin Fenzi	eafcece0cf	batcave: redirect http to https We hadn't done this in the past because virt-install couldn't do https urls, but thats long since no longer the case. So, move all the ks_url and ks_repo calls to use https and since they are using https, they need to use the valid infrastructure.fedoraproject.org name so they can verify the cert. Set batcave to redirect http to https now since that was the thing holding this back. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-01-06 09:45:25 -08:00
David Kirwan	a1543f3068	communishift: mark communishift-bootc do not delete Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>	2024-11-26 08:12:07 +00:00
David Kirwan	b6a4e03d09	communishift: remove empty incorrectly provisioned project Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>	2024-11-25 17:13:40 +00:00
David Kirwan	19edfbb42e	communishift: mark admin namespace as do not delete will move project offboarding into separate playbook add fasjson lookup for communishift project notifications Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>	2024-11-25 17:03:01 +00:00
David Kirwan	307060801c	communishift: marked projects not to be cleaned up by clean up script Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>	2024-10-21 08:11:33 +01:00
David Kirwan	e325a03d40	communishift: onboard communishift-commops-datanom project Infra #12119 Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>	2024-10-15 12:49:54 +01:00
Adam Williamson	2083a05dac	Make NBDE device configurable, fix it on single-disk openQA hosts Signed-off-by: Adam Williamson <awilliam@redhat.com>	2024-10-09 17:32:40 +00:00
Kevin Fenzi	c04dd50fbf	certificates: move to new 2024 wildcard fedoraproject.org cert The old one expires in about 57 days, but might as well just renew it early and avoid problems later. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2024-10-03 16:50:01 -07:00
Kevin Fenzi	f5ceec7303	inventory / all vars: try adding a 'state: up' to default network-connections On builders currently, they install and everything is up, but NetworkManager doesn't tell systemd-resolved the new information (nameservers, search domains, etc). Hopefully adding this will allow it to actually tell systemd-resolved about it. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2024-10-02 09:03:09 -07:00
David Kirwan	6354a6bd38	communishift: add communishift-commops-analytics project Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>	2024-09-12 13:42:39 +01:00
David Kirwan	1764f3f86f	communishift: add communishift-fossology Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>	2024-09-11 15:39:48 +01:00
Kevin Fenzi	969024df88	communishift: add weekly-bootc. ticket 12156 Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2024-09-03 15:10:16 -07:00
Kevin Fenzi	4f020d47a5	Add communishift-ocm group (ticket 12138) Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2024-08-28 17:07:36 -07:00
David Kirwan	765e619525	communishift: gitlabce Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>	2024-07-29 08:29:59 +01:00
Ryan Lerch	cebe9b9cb7	add communishift-forgejo project Signed-off-by: Ryan Lerch <rlerch@redhat.com>	2024-07-23 08:50:26 +10:00
Stephen Smoogen	432a3a497b	Go through and remove entries for EL6 and EL7 Using `git grep el6` and `git grep el7` and variants like EL-7 or el-7, I found various entries and files which were no longer needed with the current ansible. I updated text or tests to later versions of RHEL as needed. found entries for the fedora ami's for the original cloud and removed those entries also. Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>	2024-07-03 22:20:30 +00:00
Kevin Fenzi	71b7104525	communishift: add eventbot project Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2024-06-21 10:39:05 -07:00
Kevin Fenzi	cbf687a58f	communishift: add metrics project Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2024-06-17 15:28:53 -07:00
Aurélien Bompard	894ba795f8	Factor the hostname of the datanommer server in staging and prod Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2024-04-25 17:08:58 +02:00
Leo Puvilland	be00c5f65e	Create communishift namespace for lrossett Signed-off-by: Leo Puvilland <leo@craftcat.dev>	2024-04-02 00:59:14 +00:00
Leo Puvilland	65f06a461c	communishift: allow overriding of max pods, and increase pods of openscanhub to 16 Signed-off-by: Leo Puvilland <leo@craftcat.dev>	2024-03-11 13:49:52 +00:00
Pavel Raiskup	6b0dffe31e	communishift-log-detective: more resources https://github.com/fedora-copr/log-detective-website/issues/105 https://pagure.io/fedora-infrastructure/issue/11809 Closes: #1823	2024-03-06 09:44:08 +01:00
Kevin Fenzi	d40369957d	move global server back to ipa01 Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2024-01-25 09:32:19 -08:00
Michal Konecny	3ff1e073f8	[ipa/server] Set ipa02 as ipa_server Signed-off-by: Michal Konecny <mkonecny@redhat.com>	2024-01-25 17:06:39 +01:00
Michal Konecny	705970d409	[ipa/server] Update ipa02 to RHEL9 Prepare variables for ipa02 upgrade. Signed-off-by: Michal Konecny <mkonecny@redhat.com>	2024-01-25 12:35:58 +01:00
Michal Konecny	282ff5a51f	[ipa/server] Prepare ipa03 for replication We currently only have ipa02 working, so we need to set it as replication host for ipa03. Signed-off-by: Michal Konecny <mkonecny@redhat.com>	2024-01-23 22:25:05 +01:00
Michal Konecny	696edb4c3d	[ipa/server] Restore the variable changes Let's restore variables to state before we caused the issue started happening on IPA cluster. Signed-off-by: Michal Konecny <mkonecny@redhat.com>	2024-01-23 00:44:54 +01:00
Michal Konecny	ea1f8a14c1	[ipa/server] Restore ipa02 from scratch Let's try to resolve the ipa errors by doing the ipa02 installation from scratch. Signed-off-by: Michal Konecny <mkonecny@redhat.com>	2024-01-22 23:35:59 +01:00
Michal Konecny	51a2ab7e73	[ipa/server] Reinstall ipa03 from scratch This will create the ipa03 server from scratch. Signed-off-by: Michal Konecny <mkonecny@redhat.com>	2024-01-22 20:03:44 +00:00
Kevin Fenzi	3d520b3357	new wildcard cert for prod apps.ocp Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2024-01-15 16:52:04 -08:00
Leo Puvilland	125f956f06	rework communishift to allow for per-project resource requirements	2023-11-16 19:52:58 +00:00
Kevin Fenzi	0772307af5	Revert "buildvm-ppc64le: try reenabling this nested feature" This reverts commit `9938279f6b`. Turns out this isn't supported in virt-install, which is why I removed it. ;)	2023-06-21 11:45:06 -07:00
Kevin Fenzi	9938279f6b	buildvm-ppc64le: try reenabling this nested feature Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2023-06-21 11:40:39 -07:00
Kevin Fenzi	624f7545f0	Fare thee well 32bit arm. You served long and well. Now that f36 is eol we don't need 32bit arm builders, test machines or exceptions anywhere. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2023-05-16 17:05:14 -07:00
Kevin Fenzi	93043d8f74	proxies / openshift: add new cert for apps.ocp Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2023-02-19 08:46:42 -08:00
Frank Ch. Eigler	f3a095d430	sort inventory/group_vars/all	2023-02-15 15:51:09 -05:00
Frank Ch. Eigler	21d24f7e69	Add host variable dnf_automatic_type to influence dnf-automatic-install mode Set it to "security" for status quo ante for most hosts, and "default" for debuginfod* hosts.	2023-02-15 15:27:16 -05:00
Kevin Fenzi	68f4ecd690	defaults: set network_allow_restart: yes linux system roles does a fine job configuring networking on our systems, but without this it just configures it but doesn't bring things 'live' until a 'nmcli c up eth0'. Just set this so it should allow it to restart things and reflect the network as we want it right after the playbook runs on it. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2023-01-30 13:53:15 -08:00
Kevin Fenzi	3328386f51	fix more vim syntax fun Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2023-01-11 09:26:48 -08:00
Kevin Fenzi	c652719988	vim did something weird here Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2023-01-11 08:53:49 -08:00
Kevin Fenzi	47cf07184e	wildcard-2023.fedoraproject.org: new wildcard ssl cert Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2023-01-11 08:48:40 -08:00
Kevin Fenzi	5ca2b2eb36	os.fedoraproject.org / app.os.fedoraproject.org: remove more old openshift 3.11 cluster stuff It may be that having this on some of the proxies is causing problems because it's trying to ping the old openshift 3.11 cluster and filling up apache slots with it. We do not need this stuff anymore, so remove it. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2022-12-16 10:15:27 -08:00
Kevin Fenzi	54f746d30e	proxies: drop mirrors*.centos.org certs, use letsencrypt locally instead Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2022-07-27 10:28:59 -07:00

1 2 3 4 5 ...

367 commits