Kevin Fenzi
fd005e711a
bvmhost-p09-04: fix network vars
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-04-25 17:46:08 -07:00
Dusty Mabe
5cf15304e0
aws/iam/policies: give fcos-upload permisions to describe tags
2024-04-25 15:30:05 -04:00
Aurélien Bompard
e17802d271
Disable the services on badges-backend
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-04-25 17:43:42 +02:00
Aurélien Bompard
3092b01893
Fix the syntax
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-04-25 17:15:11 +02:00
Aurélien Bompard
894ba795f8
Factor the hostname of the datanommer server in staging and prod
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-04-25 17:08:58 +02:00
Aurélien Bompard
4fc54a4d88
Give datagrepper its own DB user
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-04-25 17:00:12 +02:00
Aurélien Bompard
7d6bcdd87d
Badges: use a specific user to connect to the datanommer DB
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-04-25 15:11:37 +02:00
Aurélien Bompard
1a7c8b7f31
Badges: cache the datanommer queries longer
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-04-25 14:28:30 +02:00
David Kirwan
81ffe56f4a
zabbix: move https to http for proxies template
...
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
2024-04-25 12:51:32 +01:00
David Kirwan
4cfba84485
zabbix: retag tasks in zabbix_templates role
...
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
2024-04-25 12:17:52 +01:00
David Kirwan
0551f3f343
zabbix: add clearer ansible tags on zabbix_template role tasks
...
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
2024-04-25 11:58:40 +01:00
David Kirwan
9d97299285
zabbix: template to handle external hosts
...
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
2024-04-25 11:26:49 +01:00
Kevin Fenzi
1678a72e26
buildvm-ppc64le-05.stg: make this vm slightly smaller to fit
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-04-24 17:27:51 -07:00
Leo Puvilland
5e59e8c213
add current oncall and recent oncalls to nagios permissions CGI
...
Signed-off-by: Leo Puvilland <leo@craftcat.dev>
2024-04-25 00:17:29 +00:00
Kevin Fenzi
990bebe39f
bvmhost-p09-01.stg: add correct dhcp entry
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-04-24 17:11:17 -07:00
Adam Williamson
8b9778777b
iptables: correct invalid syntax in nat table
...
This `[0:]` syntax doesn't seem to be correct. iptables 1.8.10
errors out on encountering it, saying:
invalid policy counters for chain 'PREROUTING'
this seems to be because the check was tightened between 1.8.9
and 1.8.10 to apply even when iptables is not actively restoring
the counters:
https://git.netfilter.org/iptables/commit/?id=4a2b2008fdf4df980433f99a6d8f2003f2005296
I think these are all meant to be 0:0, so let's make them that
and stop iptables choking.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
2024-04-24 13:00:51 -07:00
Kevin Fenzi
e7d5a04cf0
bodhi / backend / staging: fix incorrect ostree staging volume name
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-04-24 11:51:50 -07:00
Kevin Fenzi
5f680d9d0b
mailman / spamassasin: disable spamhaus queries
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-04-24 11:30:57 -07:00
Mattia Verga
8ae7d1610c
bodhi: adjust config for staging instance
...
Signed-off-by: Mattia Verga <mattia.verga@tiscali.it>
2024-04-24 16:38:05 +00:00
Lenka Segura
f137bbb0f1
Remove pagure-sync-bugzilla.py.js script
...
The script is not referenced anywhere and the sync is now done by
distgit_bugzilla_sync toddler.
Signed-off-by: Lenka Segura <lsegura@redhat.com>
2024-04-24 16:24:12 +00:00
Kevin Fenzi
4da77268dd
openscanhub: proxy setup for both prod and stg
...
Change the stg conditionals so both prod and stg are setup.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-04-24 16:22:34 +00:00
Kevin Fenzi
b7d6994507
F40 freeze is over now
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-04-24 09:11:47 -07:00
Aurélien Bompard
91a57247f9
Badges: 2 consumers in prod should be enough for everyone
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-04-24 10:39:54 +02:00
Kevin Fenzi
18390f3189
pkgdb / gnome-software endpoint: Set f40 to active so it is offered to users
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-04-23 11:28:37 -07:00
Jiri Kyjovsky
363ed8d1a5
copr-hv02: add overlooked macs from hv2
2024-04-23 19:38:20 +02:00
Aurélien Bompard
b07b066f98
Badges: fixup ccf5dad
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-04-23 19:31:30 +02:00
Aurélien Bompard
ccf5dad24a
Badges: add the cache config for fedbadges
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-04-23 18:36:18 +02:00
Aurélien Bompard
b6f7f24d6c
Badges: run multiple consumers in prod
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-04-23 18:36:18 +02:00
Jiri Kyjovsky
48c6c44d27
copr-hv02: update ethernet mac address
2024-04-23 18:00:51 +02:00
Francois Andrieu
45f7525a1b
proxies: redirect labs.fp-o to main site
2024-04-23 14:29:46 +02:00
David Kirwan
017235c79d
zabbix: add agent to `logger` systems
...
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
2024-04-23 13:07:12 +01:00
David Kirwan
9cc8c5d489
zabbix: add external host https template
...
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
2024-04-23 12:37:55 +01:00
Paul Whalen
4a8c9ecf96
IoT: Sign stable with f40 key
...
Signed-off-by: Paul Whalen <pwhalen@fedoraproject.org>
2024-04-22 12:53:38 -04:00
Kevin Fenzi
635d3eaa94
kernel02: fix netmask to use cider
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-04-22 09:13:41 -07:00
Kevin Fenzi
4b64142fa3
kernel02: correct network info
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-04-22 09:12:20 -07:00
Aurélien Bompard
86c0b2e50c
Fix the last badges-related commit on the staging proxy
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-04-22 17:18:22 +02:00
Aurélien Bompard
f75f5d7823
Badges: update the proxies to point to openshift
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-04-22 12:38:47 +02:00
Aurélien Bompard
e9ceda06da
Badges: add the official route
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-04-22 12:33:16 +02:00
Miro Hrončok
fc460139cd
Hack around c8s python39 module versions not in ascending order
...
Fixes https://pagure.io/releng/issue/11947
See also:
https://issues.redhat.com/browse/CS-2025 (module with highest version is incomplete)
https://issues.redhat.com/browse/CS-2044 (module versions are not in ascending order)
Signed-off-by: Miro Hrončok <miro@hroncok.cz>
2024-04-22 10:06:38 +00:00
Aurélien Bompard
cef59c7a8f
Badges: prepare for prod deployment
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-04-22 11:21:13 +02:00
Neil Hanlon
bafcded29e
fix(os:cloud-image-uploader): set workingDir on container
...
The latest import failed due to "ERROR: Unable to create local
directories(/.ansible/tmp): [Errno 13] Permission denied: b'/.ansible'".
Which implies the code is being executed from `/`, despite the WORKDIR
variable being set in the container image--I suspect this is a quirk of
kube/openshift that was not expected.
This change sets the workingDir to /srv/cloud-uploader, as specified in
the Containerfile, which should resolve the execution error.
Signed-off-by: Neil Hanlon <neil@shrug.pw>
2024-04-20 20:47:16 +00:00
Kevin Fenzi
6ac1be1f3a
lists: block agreessive crawler
...
This crawler is doing about 2M requests a day to
lists.fedoraproject.org. This is causing db load on db01, causing
services to have issues.
So, block them here for now, but we may want to block them elsewhere
too.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-04-19 11:47:18 -07:00
Samyak Jain
7e6b1b19f1
Fedora 40 is GO
...
Signed-off-by: Samyak Jain <samyak.jn11@gmail.com>
2024-04-19 21:36:49 +05:30
Kevin Fenzi
9c125b16ea
Add aws-pyai group for ticket 11882
...
Note that this needs the group created in ipa first and the aws iam
policy setup.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-04-18 21:23:57 +00:00
Kevin Fenzi
3b2853b5d4
nagios / staging: fix staging vmhost mgmt
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-04-18 14:20:03 -07:00
Kevin Fenzi
838338e312
IAD2 datacenter changes
...
There were folks on site this week to rack new machines/pull old
machines, and unfortunately we don't really have much control over when
this happens based on our freeze, so I am just pushing this as part of
the 'do whats required to handle an outage'.
We did the following changes:
- removed old autosign01 (was out of service as we moved to autosign02 a
while ago)
- removed vmhost-x86-08/09. We also want to migrate off 07 soon and
remove it next visit. A new vmhost-x86-08 is installed to replace
these 3.
- removed vmhost-x86-03/04.stg. Added new vmhost-x86-01.stg to replace
them both.
- added a new kernel02 to replace kernel01 the next onsite trip.
This machine still needs switch ports configured.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-04-18 12:53:13 -07:00
Aurélien Bompard
1b164fb0ba
Badges: identify staging users with their staging email address
...
This will ensure that people don't "accidentally" export their staging
badges to their official backpack.
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-04-18 11:10:22 +02:00
Kevin Fenzi
744ba3d779
staging: move some vms around to retire vmhost-x86-03/04
...
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-04-17 10:03:32 -07:00
Jeremy Cline
79935add66
cloud-image-uploader: Fix routing key for AMQP binding
...
env renders to "production" which is not what messages are published
under ("prod"). Match what other apps are doing and just use a wildcard
so it'll match anything. Since prod and stage are separate brokers this
is fine.
2024-04-17 11:10:46 -04:00
Aurélien Bompard
8541e8980b
Badges: have fedbadges build from the right branch and enable github webhook
...
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2024-04-17 08:51:36 +02:00