Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
11209 commits 9 branches 0 tags 111 MiB
Commit graph

249 commits

Author SHA1 Message Date
Till Maas
be5c2eb707 Fix validate syntax 2015-12-07 20:15:23 +01:00
Till Maas
1b28aecdcf Validate iptables files before restoring 2015-12-07 20:10:09 +01:00
Patrick Uiterwijk
38effbb69b This hotfix is now reverted, and should be deleted 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-12-03 17:16:01 +00:00
Patrick Uiterwijk
ba2a83b96a Remove digicert hotfix 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-12-03 17:05:29 +00:00
Patrick Uiterwijk
ac05dd73f8 But rhel6 does not hae usr unification 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-12-03 15:08:23 +00:00
Patrick Uiterwijk
8b82bc20ef This also seems to exist on RHEL6 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-12-03 15:06:35 +00:00
Patrick Uiterwijk
0bf133caa3 Fix path 2015-12-03 15:03:24 +00:00
Patrick Uiterwijk
8deaa480b0 Jinja2-ize 2015-12-03 15:01:54 +00:00
Patrick Uiterwijk
10ec5b518f Add temporary digicert hotfix 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-12-03 14:59:57 +00:00
Kevin Fenzi
dcfc795f4e Hey look. Some new ntp servers. 2015-12-02 21:13:57 +00:00
Kevin Fenzi
5585dacf50 Add ceylon-lang.org to transports so it delivers correctly. 2015-12-02 00:17:27 +00:00
Kevin Fenzi
f64646fec2 Revert "install python-dnf on F22+" 
This reverts commit b1c890974c.
 2015-11-30 20:23:54 +00:00
Miroslav Suchý
b1c890974c install python-dnf on F22+ 2015-11-30 08:07:23 +01:00
Kevin Fenzi
17d96e5da9 Add a conditional-reload script and use it so we can not fail on hosts with no httpd installed. 2015-11-13 23:49:38 +00:00
Kevin Fenzi
352c1a2838 think we need and here. 2015-11-10 21:08:25 +00:00
Ricky Elrod
edc4b7067d watchdog-ify staging, hopefully 
Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
 2015-11-10 20:11:11 +00:00
Peter Robinson
595c222baf kojibuilder: add ppc hub to firewall 2015-10-13 03:02:45 +00:00
Kevin Fenzi
f6722659e5 Switch sshd config for f22/f23 to explicitly say only v2 protocol, adjust rkhunter for this. 2015-10-09 19:32:51 +00:00
Kevin Fenzi
96d1784001 Adjust rkhunter and sshd config for releng so they stop alerting. 2015-10-08 16:42:13 +00:00
Kevin Fenzi
b03b871080 Drop *.info on the mirrorlist servers as that causes a ton of traffic to log01 2015-10-07 15:30:26 +00:00
Kevin Fenzi
981f1906a1 Add f22 and f23 sshd configs 2015-09-27 16:04:35 +00:00
Kevin Fenzi
1dd79c9801 Remove mentions of lockbox01. 2015-09-25 18:49:17 +00:00
Stephen Smoogen
3be0ca58fa and we have nagios-external 2015-09-01 23:05:58 +00:00
Stephen Smoogen
b74a402571 and we remove proxy09 2015-09-01 22:13:09 +00:00
Kevin Fenzi
096a7204a2 Fix out ntp setup to use 5 ip's from the rhel.pool.ntp.org pool. 2015-08-31 16:32:10 +00:00
Mikolaj Izdebski
80a2b5c6bb Remove configuration for old jenkins 2015-08-26 16:51:39 +00:00
Mikolaj Izdebski
11840759fa Add custom resolv.conf for jenknis in new cloud 2015-08-26 16:49:26 +00:00
Kevin Fenzi
eb61b06a56 Fix resolv.conf on s390 koji for good hopefully. 2015-08-23 19:33:49 +00:00
Kevin Fenzi
237a7113fd Take out releng04/relepel01/bodhi01/bodhi02. 2015-08-21 19:17:59 +00:00
Aurélien Bompard
278c215cce Rollback migration of lists.fedorahosted.org 2015-08-21 15:48:50 +00:00
Aurélien Bompard
5b5c83d4de Update the Mailman role after addition of fedorahosted 2015-08-21 10:43:32 +00:00
Kevin Fenzi
4d72631446 Make sure all hosts have at least 2 nameservers and rotate with 1 sec timeout. 2015-08-19 18:52:51 +00:00
Ralph Bean
08ca54945c Copy prod fedmsg iptables loop to staging. 2015-08-18 03:47:44 +00:00
Kevin Fenzi
371b97ead5 Fix some typos 2015-08-15 15:27:50 +00:00
Kevin Fenzi
f28aad573d Use fas-all ips instead of name, as dns may not yet be on at boot. 2015-08-15 15:16:03 +00:00
Aurélien Bompard
bdff5cf7bf Set the postfix main.cf file for the new lists-dev 2015-07-31 08:33:12 +00:00
Mikolaj Izdebski
d3af309a12 Jenkins: don't try to relay mail through bastion 2015-07-30 15:06:17 +00:00
Kevin Fenzi
b6cd81c40b Good bye bapp02. You served long and well. 2015-07-28 03:26:40 +00:00
Kevin Fenzi
81f09d2e00 Drop some more app01.stg stuff 2015-07-27 18:35:39 +00:00
Kevin Fenzi
8fdf8ef319 Fix up sync http logs cron job 2015-07-20 15:30:28 +00:00
Patrick Uiterwijk
0a113b2993 Seems the other NTP servers are unreachable 2015-07-18 10:56:40 +00:00
Tim Flink
8a344cc106 properly rename sshd config for qa-stg 2015-07-17 22:42:43 +00:00
Tim Flink
12659b2361 more renaming stuff for migration from qadevel-stg to qa-stg 2015-07-17 22:37:04 +00:00
Kevin Fenzi
856c3b9e31 Switch out which unbound server cloud uses. 
The ibiblio one doesn't allow 53/udp.
 2015-07-17 14:14:47 +00:00
Kevin Fenzi
aaaca2101c Drop hosted04 and collab04. 
These were warm spares we haven't used in the last 2.5 years even once.
Backups used to use them, but now backup from the main/prod instances.
Also sort our parents on ibiblio hosts for vms we have moved.
 2015-07-16 19:13:36 +00:00
Patrick Uiterwijk
4c5f650962 Also grab ipsilon http logs 2015-07-15 09:49:36 +00:00
Mikolaj Izdebski
40ae74811a Remove koschei.cloud.fedoraproject.org host 
Koschei has been moved to producion.  The old cloud instance
(koschei.cloud.fedoraproject.org) is used only for serving HTTP 301
redirect.  It hasn't been terminated yet, but this can happen at any
time - we don't need to maintain persistent Ansible configuration.
 2015-07-14 14:30:36 +00:00
Kevin Fenzi
68bcc9bff7 Switch from people03 to people01. 
Switch backups
Change fasClient runs to run on people01 instead of people03.
Change sync logs to get from people01
Change nagios to monitor people01 instead of people03
Change quota limits some to work better.
Enable planet cron jobs on people01.
 2015-07-08 21:08:47 +00:00
Mikolaj Izdebski
7025200095 Support IPv6 on jenkins 2015-06-26 20:59:11 +00:00
Mikolaj Izdebski
4e593519cc Use custom iptables config for jenkins 2015-06-26 20:47:11 +00:00