Matrix can use some well-known uri's for configuration (rfc 8615).
This commit:
* Sets up fedora.im as a seperate side on proxies that redirects to
getfedora.org and serves a server and client static matrix file.
* gets fedora.im it's own ssl cert via letsencrypt so it's all valid
(currently it points to proxies generically and gets the
fedoraproject.org cert)
* Adds config to serve matrix client/server well-known static files for
fedoraproject.org site.
Note that all the acutal contents of these files are empty for now, but
once our matrix server is up we can fill them in properly and re-run the
playbook. :)
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
By default nagios assumes it can connect to everything in inventory via
nrpe and monitor things like swap and number of emails in the postfix
queue. For ocp hosts running CoreOS we don't want to have nagios
monitor any of that, we only want it to monitor ping (is the host up).
This change is only in vars here, but it needs a noc run to activate, so
it will need a freeze break to run the noc playbook (as noc is frozen).
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
We moved zodbot from value01 (rhel7/python2) to value02 (rhel8/python3).
Without this it starts zodbot on 2 hosts and caused problems.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Tomas added f35 back to this policy yesterday, which would
usually be the right thing to do, but in fact we have a modified
policy for f35 because some tests are known failing - see
d19fd11 . We don't want f35 in the main policy till the bugs
affecting those tests are fixed, or else no update will ever
pass gating.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
This host is an old phx2 host thats been sitting there on this ip, but
we haven't moved any vm's to it (thus it shouldn't be affected by the
freeze). However, we should get in ansible so it's network is managed
and so we remember to reboot it for updates, etc.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Apache httpd by default blocks URL-encoded / (%2F) characters in the
URL path, even though these are RFC-compliant. Enable them and permit
their safe passage to the debuginfod servers.
See also https://stackoverflow.com/a/9933890/661150
Signed-off-by: Frank Ch. Eigler <fche@redhat.com>
desktop_background tests are known to fail ATM because the F35
backgrounds don't exist yet, and desktop_update_graphical on
GNOME is known broken:
https://bugzilla.redhat.com/show_bug.cgi?id=1995817
so we add a copy of the policy with those tests left out, to
avoid all F35 updates failing gating because of these issues.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
