opensourcemirror
/
fedora-ansible
mirror of https://pagure.io/fedora-infra/ansible.git
1
0
Fork 0
Code Issues Releases Wiki Activity
40,764 Commits 9 Branches 0 Tags 111 MiB
Commit Graph

40764 Commits

Author SHA1 Message Date
Kevin Fenzi fd005e711a bvmhost-p09-04: fix network vars 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-25 17:46:08 -07:00
Dusty Mabe 5cf15304e0
aws/iam/policies: give fcos-upload permisions to describe tags 2024-04-25 15:30:05 -04:00
Aurélien Bompard e17802d271
Disable the services on badges-backend 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-25 17:43:42 +02:00
Aurélien Bompard 3092b01893
Fix the syntax 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-25 17:15:11 +02:00
Aurélien Bompard 894ba795f8
Factor the hostname of the datanommer server in staging and prod 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-25 17:08:58 +02:00
Aurélien Bompard 4fc54a4d88
Give datagrepper its own DB user 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-25 17:00:12 +02:00
Aurélien Bompard 7d6bcdd87d
Badges: use a specific user to connect to the datanommer DB 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-25 15:11:37 +02:00
Aurélien Bompard 1a7c8b7f31
Badges: cache the datanommer queries longer 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-25 14:28:30 +02:00
David Kirwan 81ffe56f4a
zabbix: move https to http for proxies template 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2024-04-25 12:51:32 +01:00
David Kirwan 4cfba84485
zabbix: retag tasks in zabbix_templates role 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2024-04-25 12:17:52 +01:00
David Kirwan 0551f3f343
zabbix: add clearer ansible tags on zabbix_template role tasks 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2024-04-25 11:58:40 +01:00
David Kirwan 9d97299285
zabbix: template to handle external hosts 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2024-04-25 11:26:49 +01:00
Kevin Fenzi 1678a72e26 buildvm-ppc64le-05.stg: make this vm slightly smaller to fit 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-24 17:27:51 -07:00
Leo Puvilland 5e59e8c213 add current oncall and recent oncalls to nagios permissions CGI 
Signed-off-by: Leo Puvilland <leo@craftcat.dev>
 2024-04-25 00:17:29 +00:00
Kevin Fenzi 990bebe39f bvmhost-p09-01.stg: add correct dhcp entry 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-24 17:11:17 -07:00
Adam Williamson 8b9778777b iptables: correct invalid syntax in nat table 
This `[0:]` syntax doesn't seem to be correct. iptables 1.8.10
errors out on encountering it, saying:

invalid policy counters for chain 'PREROUTING'

this seems to be because the check was tightened between 1.8.9
and 1.8.10 to apply even when iptables is not actively restoring
the counters:
https://git.netfilter.org/iptables/commit/?id=4a2b2008fdf4df980433f99a6d8f2003f2005296

I think these are all meant to be 0:0, so let's make them that
and stop iptables choking.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2024-04-24 13:00:51 -07:00
Kevin Fenzi e7d5a04cf0 bodhi / backend / staging: fix incorrect ostree staging volume name 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-24 11:51:50 -07:00
Kevin Fenzi 5f680d9d0b mailman / spamassasin: disable spamhaus queries 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-24 11:30:57 -07:00
Mattia Verga 8ae7d1610c bodhi: adjust config for staging instance 
Signed-off-by: Mattia Verga <mattia.verga@tiscali.it>
 2024-04-24 16:38:05 +00:00
Lenka Segura f137bbb0f1 Remove pagure-sync-bugzilla.py.js script 
The script is not referenced anywhere and the sync is now done by
distgit_bugzilla_sync toddler.

Signed-off-by: Lenka Segura <lsegura@redhat.com>
 2024-04-24 16:24:12 +00:00
Kevin Fenzi 4da77268dd openscanhub: proxy setup for both prod and stg 
Change the stg conditionals so both prod and stg are setup.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-24 16:22:34 +00:00
Kevin Fenzi b7d6994507 F40 freeze is over now 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-24 09:11:47 -07:00
Aurélien Bompard 91a57247f9
Badges: 2 consumers in prod should be enough for everyone 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-24 10:39:54 +02:00
Kevin Fenzi 18390f3189 pkgdb / gnome-software endpoint: Set f40 to active so it is offered to users 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-23 11:28:37 -07:00
Jiri Kyjovsky 363ed8d1a5 copr-hv02: add overlooked macs from hv2 2024-04-23 19:38:20 +02:00
Aurélien Bompard b07b066f98
Badges: fixup ccf5dad 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-23 19:31:30 +02:00
Aurélien Bompard ccf5dad24a
Badges: add the cache config for fedbadges 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-23 18:36:18 +02:00
Aurélien Bompard b6f7f24d6c
Badges: run multiple consumers in prod 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-23 18:36:18 +02:00
Jiri Kyjovsky 48c6c44d27 copr-hv02: update ethernet mac address 2024-04-23 18:00:51 +02:00
Francois Andrieu 45f7525a1b
proxies: redirect labs.fp-o to main site 2024-04-23 14:29:46 +02:00
David Kirwan 017235c79d
zabbix: add agent to `logger` systems 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2024-04-23 13:07:12 +01:00
David Kirwan 9cc8c5d489
zabbix: add external host https template 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2024-04-23 12:37:55 +01:00
Paul Whalen 4a8c9ecf96 IoT: Sign stable with f40 key 
Signed-off-by: Paul Whalen <pwhalen@fedoraproject.org>
 2024-04-22 12:53:38 -04:00
Kevin Fenzi 635d3eaa94 kernel02: fix netmask to use cider 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-22 09:13:41 -07:00
Kevin Fenzi 4b64142fa3 kernel02: correct network info 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-22 09:12:20 -07:00
Aurélien Bompard 86c0b2e50c
Fix the last badges-related commit on the staging proxy 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-22 17:18:22 +02:00
Aurélien Bompard f75f5d7823
Badges: update the proxies to point to openshift 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-22 12:38:47 +02:00
Aurélien Bompard e9ceda06da
Badges: add the official route 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-22 12:33:16 +02:00
Miro Hrončok fc460139cd Hack around c8s python39 module versions not in ascending order 
Fixes https://pagure.io/releng/issue/11947

See also:

https://issues.redhat.com/browse/CS-2025 (module with highest version is incomplete)
https://issues.redhat.com/browse/CS-2044 (module versions are not in ascending order)

Signed-off-by: Miro Hrončok <miro@hroncok.cz>
 2024-04-22 10:06:38 +00:00
Aurélien Bompard cef59c7a8f
Badges: prepare for prod deployment 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-22 11:21:13 +02:00
Neil Hanlon bafcded29e fix(os:cloud-image-uploader): set workingDir on container 
The latest import failed due to "ERROR: Unable to create local
directories(/.ansible/tmp): [Errno 13] Permission denied: b'/.ansible'".
Which implies the code is being executed from `/`, despite the WORKDIR
variable being set in the container image--I suspect this is a quirk of
kube/openshift that was not expected.

This change sets the workingDir to /srv/cloud-uploader, as specified in
the Containerfile, which should resolve the execution error.

Signed-off-by: Neil Hanlon <neil@shrug.pw>
 2024-04-20 20:47:16 +00:00
Kevin Fenzi 6ac1be1f3a lists: block agreessive crawler 
This crawler is doing about 2M requests a day to
lists.fedoraproject.org. This is causing db load on db01, causing
services to have issues.

So, block them here for now, but we may want to block them elsewhere
too.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-19 11:47:18 -07:00
Samyak Jain 7e6b1b19f1 Fedora 40 is GO 
Signed-off-by: Samyak Jain <samyak.jn11@gmail.com>
 2024-04-19 21:36:49 +05:30
Kevin Fenzi 9c125b16ea Add aws-pyai group for ticket 11882 
Note that this needs the group created in ipa first and the aws iam
policy setup.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-18 21:23:57 +00:00
Kevin Fenzi 3b2853b5d4 nagios / staging: fix staging vmhost mgmt 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-18 14:20:03 -07:00
Kevin Fenzi 838338e312 IAD2 datacenter changes 
There were folks on site this week to rack new machines/pull old
machines, and unfortunately we don't really have much control over when
this happens based on our freeze, so I am just pushing this as part of
the 'do whats required to handle an outage'.

We did the following changes:

- removed old autosign01 (was out of service as we moved to autosign02 a
  while ago)

- removed vmhost-x86-08/09. We also want to migrate off 07 soon and
  remove it next visit. A new vmhost-x86-08 is installed to replace
  these 3.

- removed vmhost-x86-03/04.stg. Added new vmhost-x86-01.stg to replace
  them both.

- added a new kernel02 to replace kernel01 the next onsite trip.
  This machine still needs switch ports configured.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-18 12:53:13 -07:00
Aurélien Bompard 1b164fb0ba
Badges: identify staging users with their staging email address 
This will ensure that people don't "accidentally" export their staging
badges to their official backpack.

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-18 11:10:22 +02:00
Kevin Fenzi 744ba3d779 staging: move some vms around to retire vmhost-x86-03/04 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-17 10:03:32 -07:00
Jeremy Cline 79935add66
cloud-image-uploader: Fix routing key for AMQP binding 
env renders to "production" which is not what messages are published
under ("prod"). Match what other apps are doing and just use a wildcard
so it'll match anything. Since prod and stage are separate brokers this
is fine.
 2024-04-17 11:10:46 -04:00
Aurélien Bompard 8541e8980b
Badges: have fedbadges build from the right branch and enable github webhook 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-17 08:51:36 +02:00