infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions
35698 commits 9 branches 0 tags 110 MiB
Commit graph

7432 commits

Author SHA1 Message Date
Mark O Brien
3e156240e3 datanommer: missed host reference for virt-create 2021-09-16 11:59:40 +01:00
Mark O Brien
80467d77fa datanommer: second datanommer database server 2021-09-16 10:40:57 +00:00
Aurélien Bompard
74057f6ae5
Zodbot: create the right username in rabbitmq 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-09-16 10:10:52 +02:00
Stephen Coady
628eafed9e add keytab service for fmn backend 
similar to other services, fmn should
have a keytab installed by the playbook.

Signed-off-by: Stephen Coady <scoady@redhat.com>
 2021-09-13 09:52:57 +01:00
Luca BRUNO
6d0385d961
coreos-cincinnati: add a start-build task 2021-09-10 08:20:51 +00:00
Nils Philippsen
a766ec6416 Merge awstats role into web-data-analysis 
This is to enable running the syncing and combining scripts in
series rather than from independently scheduled cron jobs.

Signed-off-by: Nils Philippsen <nils@redhat.com>
 2021-09-09 10:38:38 +00:00
Kevin Fenzi
1176de7808 pagure / staging: use normal cert, not bundle for stunnel 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-09-08 12:28:33 -07:00
Ryan Lerch
af53fd848b badges-backend-stg: create client keytab 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2021-09-08 18:41:32 +10:00
Kevin Fenzi
6ba659a130 proxies / staging: set the correct chain file here for ssl 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-09-06 11:24:34 -07:00
David Kirwan
991da5d981 metrics-for-apps: Renamed tag, added firewall rules for proxies 
Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-09-06 12:36:00 +09:00
Kevin Fenzi
d8193ced1f proxies: env is the full env name 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-09-04 14:34:56 -07:00
Kevin Fenzi
5a8f655671 proxies: add intermediate certs for mirrors.centos.org 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-09-02 16:56:24 -07:00
Kevin Fenzi
91d645f656 Proxies: also install mirrors.centos.org certs 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-09-02 16:22:56 -07:00
Kevin Fenzi
e5929f6f9b proxies: add mirrors.stg.centos.org for mirrorlist testing in staging 
The cert here is gotten from centos.org folks and checked into private.
At some point we will get a longer term cert here so there's less manual
churn. Otherwise we just make a new mirrors.stg.centos.org and proxy it
to mirrorlists just like mirrors.stg.fedoraproject.org.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-09-02 16:01:50 -07:00
Mark O Brien
54082babef ocp: fix typo in certificate name 2021-09-02 10:42:46 +01:00
David Kirwan
3ffcddf050 metrics-for-apps: commenting out run once directive 
Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-09-02 12:52:57 +09:00
David Kirwan
534ce4dd15 metrics-for-apps: attempting to target specific hosts in tasks 
Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-09-02 11:48:45 +09:00
David Kirwan
be3ff19ce2 metrics-for-apps: updating when expression to run on certain hostgroups 
Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-09-02 11:42:05 +09:00
David Kirwan
7a4e8a8542 metrics-for-apps: fixing eror with when statement 
Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-09-02 11:26:12 +09:00
David Kirwan
766fab92ad metrics-for-apps: updated logic to target hosts based on membership of group 
Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-09-02 11:17:02 +09:00
David Kirwan
f042ec7a4d metrics-for-apps: update hosts ocp4-place-ignitionfiles playbook targets 
to include new prod ocp hosts

Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-09-02 11:02:44 +09:00
David Kirwan
7b9e35a562 metrics-for-apps: Update hosts target to only tarket existing hosts + 
new staging cluster

Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-09-02 10:47:51 +09:00
David Kirwan
c54d0b3470 metrics-for-apps: Updating asknot ocp install target 
Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-09-02 10:47:51 +09:00
David Kirwan
9f39d76e2c metrics-for-apps: Adding inventory/groupvars/changes for ocp prod 
Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-09-02 01:37:34 +00:00
Kevin Fenzi
19b66e404b Add matrix well-known files 
Matrix can use some well-known uri's for configuration (rfc 8615).
This commit:
* Sets up fedora.im as a seperate side on proxies that redirects to
  getfedora.org and serves a server and client static matrix file.
* gets fedora.im it's own ssl cert via letsencrypt so it's all valid
  (currently it points to proxies generically and gets the
fedoraproject.org cert)
* Adds config to serve matrix client/server well-known static files for
  fedoraproject.org site.

Note that all the acutal contents of these files are empty for now, but
once our matrix server is up we can fill them in properly and re-run the
playbook. :)

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-08-30 21:53:56 +00:00
Dusty Mabe
de0b7f9df1 openshift-apps/coreos-koji-tagger: fixup specified keytab username 
This was changed slightly when the datacenter moved from phx2.
 2021-08-30 20:24:36 +00:00
Pavel Raiskup
35664cc9a3 copr-be-upgrade: upgrade also copr-cli 
Which is needed nowadays for the copr-ping cronjob.
 2021-08-26 09:37:49 +02:00
David Kirwan
03c6f77555 metrics-for-apps: no longer need pxe bios template for ocp nodes 
Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-08-25 13:52:16 +09:00
Brendan Early
0f18b26363 fedora-packages-static: add production os to hosts 2021-08-24 21:28:41 +00:00
lrossett
e56d0b6809
enabling both stg and prod servers 2021-08-23 13:42:23 -03:00
Frank Ch. Eigler
d835aba567 debuginfod proxies: preserve & pass %2F etc. 
Apache httpd by default blocks URL-encoded / (%2F) characters in the
URL path, even though these are RFC-compliant.  Enable them and permit
their safe passage to the debuginfod servers.

See also https://stackoverflow.com/a/9933890/661150

Signed-off-by: Frank Ch. Eigler <fche@redhat.com>
 2021-08-23 11:39:36 +00:00
Kevin Fenzi
918956204d value: rw for the meetbot meeting logs in /srv 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-08-19 17:00:47 -07:00
Kevin Fenzi
ce5c8188d2 proxies: setup askbot redirect to ask (ticket 10140) 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-08-19 13:43:17 -07:00
Kevin Fenzi
5fafaafec3 value: add a keytab for zodbot on value02 in prod 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-08-17 12:34:40 -07:00
Kevin Fenzi
8a363ce123 value: add nfs volume for meeting logs 
This allows us to share these between value01 and value02

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-08-17 12:25:05 -07:00
Kevin Fenzi
01043987b7 value02: Install rhel8 based value02. 
This host will run zodbot with python3.
mote will stay on value01 until it can be moved/upgraded/re-written.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-08-17 11:58:36 -07:00
David Kirwan
1868c951a7 metrics-for-apps: Ensure the playbook copies environment specific files 
to control nodes

Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-08-17 12:26:54 +09:00
Francois Andrieu
cc88b49dd2 websites: enable ssl redirect for fedoracommunity 2021-08-16 22:29:43 +00:00
Nils Philippsen
5e09dce82d Import fedora-messaging-utils role 
Importing the role rather than listing it in the playbook lets its tasks
have the tags used in the importing role, i.e. should ensure they are
run when the things that need simple_message_to_bus are installed.

Additionally, don't attempt to install it manually from
web-data-analysis (it isn't found because it lives in a different role).

Signed-off-by: Nils Philippsen <nils@redhat.com>
 2021-08-16 06:02:37 +00:00
David Kirwan
ef700c72a2 metrics-for-apps: ocp compute nodes run the console 
Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-08-16 13:38:06 +09:00
David Kirwan
55185861c8 metrics-for-apps: 
- Updating apache proxy config to handle ocp4 CA cert
- place ocp4 CA cert on proxies
- add ocp4 stg ca cert to haproxy/files

Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-08-13 20:02:38 +00:00
Aurélien Bompard
70c435d41f
Adjust self-referencing URL again 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-08-12 17:17:51 +02:00
Aurélien Bompard
fd58efe5b8
Make Datagrepper 2 available in staging 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-08-12 17:06:07 +02:00
Aurélien Bompard
13ebc4e684
Add the staging openshift config for datagrepper 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-08-12 16:29:19 +02:00
Stephen Coady
137cd7ee7c add scoady to datanommer appowners 
Signed-off-by: Stephen Coady <scoady@redhat.com>
 2021-08-12 15:17:56 +01:00
Aurélien Bompard
499ff17f5e
Add the queue for datanommer 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-08-12 15:33:30 +02:00
Aurélien Bompard
56440ef994
Build the new datanommer on python 3.9 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-08-11 15:28:38 +02:00
Lenka Segura
bc57a02675 datanommer: porting to openshift 2021-08-11 12:40:38 +00:00
Adam Saleh
db936062b3 Add more message-based tracing to log01 scripts 2021-08-11 11:18:17 +00:00
Clement Verna
805599baeb remove unused code 
Signed-off-by: Clement Verna <cverna@tutanota.com>
 2021-08-11 08:56:09 +00:00