WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-30 21:41:53 +08:00
Code Issues Packages Projects Releases Wiki Activity
43,966 Commits 9 Branches 0 Tags
04dcafe578f9cd6d98ad525529341b35f424ad4e
Commit Graph

382 Commits

Author SHA1 Message Date
Greg Sutcliffe
e72d2b062b Communishift: add missing name atttribute to communishift-admins 
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
 2025-07-28 10:49:03 +01:00
Greg Sutcliffe
93c5faa6c1 Communishift: two new projects for Discourse and Jitsi 
See Pagure tickets 12661 and 12615

Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
 2025-07-28 09:43:35 +01:00
Nils Philippsen
6c85fda0c9 Mass remove/replace iad2 -> rdu3, 10.3. -> 10.16. 
Signed-off-by: Nils Philippsen <nils@redhat.com>
 2025-07-03 20:05:02 +02:00
Kevin Fenzi
d831a03bef group_vars/all: change some defaults over to rdu3 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-30 10:26:55 -07:00
Kevin Fenzi
cc03b32da8 inventory: switch to rdu3 ipa servers by default 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-30 10:10:21 -07:00
Michal Konecny
f1102f6b54 [ipa] Add VMs for RDU3 
Add VM definitions for IPA machines in RDU3.
 2025-06-23 13:06:51 +00:00
Kevin Fenzi
7d0b266757 inventory rework to split rdu3 and iad2 more 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-21 13:05:49 -07:00
Kevin Fenzi
634b116925 virt-install: use dns1 and dns2 for dns servers for virt-installs 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-17 11:53:10 -07:00
Kevin Fenzi
b7abca9804 proxies: default ocp4_rdu3 to false for now 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-16 12:26:55 -07:00
Kevin Fenzi
fd99080952 openshift / openvpn: setup things to deploy openvpn on rdu3 nodes 
Add the rest of the rdu3 workers in and setup openvpn role to setup on
them.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-15 15:15:31 -07:00
Kevin Fenzi
880e83dd43 proxies / rdu3: fix ca filename 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-14 14:51:21 -07:00
Kevin Fenzi
e1132667d3 proxies: add a ocp-rdu3 site/endpoint to get to the new rdu3 prod openshift 
We can't use easily the existing hostname/site, as that goes to the
current iad2 cluster, so setup a -rdu3 version for now.
After we switch we can drop this and repoint the main one to the new
cluster.

Hopefully this all works and does the right thing.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-14 12:35:20 -07:00
Kevin Fenzi
f2a5e7b6a4 koji: revert riscv channel config partly 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-13 11:30:26 -07:00
Kevin Fenzi
bb08cbd834 ocp virt-installs: try and set eth0 so connectivity works on boot 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-12 15:17:36 -07:00
Kevin Fenzi
b4baaac6fb virt-install: apparently rhel9 is not pickable, so picking rhel9.5 (the latest one it has) 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-12 14:57:47 -07:00
Greg Sutcliffe
5835b04785 Zabbix-stg: add placeholder macro dict to the correct group_vars 2025-05-02 08:55:51 +00:00
Kevin Fenzi
4d4365cdf5 nftables: add defined check for nft_nat_rules and set it also [] by default 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-04-24 13:17:03 -07:00
James Antill
68cbd3dc2c Turn nftables on everywhere. 
Signed-off-by: James Antill <james@and.org>
 2025-04-24 20:05:03 +00:00
James Antill
31d65aa439 Actually move to nftables for any host with nftables: true (nothing atm). 
Signed-off-by: James Antill <jantill@redhat.com>
 2025-03-03 21:20:30 +00:00
Michal Konecny
6428f8f772 Sunset github2fedmsg and fedmsg 
This commit is removing all the fedmsg related stuff from ansible
repository.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2025-02-13 10:08:51 +00:00
iamyaash
b3d6a90b9a motd generic template added 
migrated notes from infra/hosts

motd changes; excluding CSI infos

removed csi_* vars from group_vars; converted csi_purpose & csi_relationship into notes

fixed merge conflicts

minor changes; var

updating YAMLs & playbooks

udpated YAMLs & playbooks again

updated correctly; buildhw.yml

fixing merge conflicts

dest added in motd.yml
 2025-01-28 01:10:14 +00:00
James Antill
80aa4bbbc2 Initial version of iptables to nftables conversion. 2025-01-16 11:28:24 -05:00
Kevin Fenzi
eafcece0cf batcave: redirect http to https 
We hadn't done this in the past because virt-install couldn't do https
urls, but thats long since no longer the case.

So, move all the ks_url and ks_repo calls to use https and since they
are using https, they need to use the valid
infrastructure.fedoraproject.org name so they can verify the cert.

Set batcave to redirect http to https now since that was the thing
holding this back.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-01-06 09:45:25 -08:00
David Kirwan
a1543f3068 communishift: mark communishift-bootc do not delete 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2024-11-26 08:12:07 +00:00
David Kirwan
b6a4e03d09 communishift: remove empty incorrectly provisioned project 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2024-11-25 17:13:40 +00:00
David Kirwan
19edfbb42e communishift: mark admin namespace as do not delete 
will move project offboarding into separate playbook
add fasjson lookup for communishift project notifications

Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2024-11-25 17:03:01 +00:00
David Kirwan
307060801c communishift: marked projects not to be cleaned up by clean up script 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2024-10-21 08:11:33 +01:00
David Kirwan
e325a03d40 communishift: onboard communishift-commops-datanom project 
Infra #12119

Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2024-10-15 12:49:54 +01:00
Adam Williamson
2083a05dac Make NBDE device configurable, fix it on single-disk openQA hosts 
Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2024-10-09 17:32:40 +00:00
Kevin Fenzi
c04dd50fbf certificates: move to new 2024 wildcard fedoraproject.org cert 
The old one expires in about 57 days, but might as well just renew it
early and avoid problems later.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-10-03 16:50:01 -07:00
Kevin Fenzi
f5ceec7303 inventory / all vars: try adding a 'state: up' to default network-connections 
On builders currently, they install and everything is up, but
NetworkManager doesn't tell systemd-resolved the new information
(nameservers, search domains, etc). Hopefully adding this will allow it
to actually tell systemd-resolved about it.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-10-02 09:03:09 -07:00
David Kirwan
6354a6bd38 communishift: add communishift-commops-analytics project 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2024-09-12 13:42:39 +01:00
David Kirwan
1764f3f86f communishift: add communishift-fossology 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2024-09-11 15:39:48 +01:00
Kevin Fenzi
969024df88 communishift: add weekly-bootc. ticket 12156 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-09-03 15:10:16 -07:00
Kevin Fenzi
4f020d47a5 Add communishift-ocm group (ticket 12138) 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-08-28 17:07:36 -07:00
David Kirwan
765e619525 communishift: gitlabce 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2024-07-29 08:29:59 +01:00
Ryan Lerch
cebe9b9cb7 add communishift-forgejo project 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2024-07-23 08:50:26 +10:00
Stephen Smoogen
432a3a497b Go through and remove entries for EL6 and EL7 
Using `git grep el6` and `git grep el7` and variants like EL-7 or
el-7, I found various entries and files which were no longer needed
with the current ansible. I updated text or tests to later versions of
RHEL as needed.

found entries for the fedora ami's for the original cloud and removed
those entries also.

Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>
 2024-07-03 22:20:30 +00:00
Kevin Fenzi
71b7104525 communishift: add eventbot project 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-06-21 10:39:05 -07:00
Kevin Fenzi
cbf687a58f communishift: add metrics project 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-06-17 15:28:53 -07:00
Aurélien Bompard
894ba795f8 Factor the hostname of the datanommer server in staging and prod 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-04-25 17:08:58 +02:00
Leo Puvilland
be00c5f65e Create communishift namespace for lrossett 
Signed-off-by: Leo Puvilland <leo@craftcat.dev>
 2024-04-02 00:59:14 +00:00
Leo Puvilland
65f06a461c communishift: allow overriding of max pods, and increase pods of openscanhub to 16 
Signed-off-by: Leo Puvilland <leo@craftcat.dev>
 2024-03-11 13:49:52 +00:00
Pavel Raiskup
6b0dffe31e communishift-log-detective: more resources 
https://github.com/fedora-copr/log-detective-website/issues/105
https://pagure.io/fedora-infrastructure/issue/11809

Closes: #1823
 2024-03-06 09:44:08 +01:00
Kevin Fenzi
d40369957d move global server back to ipa01 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-25 09:32:19 -08:00
Michal Konecny
3ff1e073f8 [ipa/server] Set ipa02 as ipa_server 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-01-25 17:06:39 +01:00
Michal Konecny
705970d409 [ipa/server] Update ipa02 to RHEL9 
Prepare variables for ipa02 upgrade.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-01-25 12:35:58 +01:00
Michal Konecny
282ff5a51f [ipa/server] Prepare ipa03 for replication 
We currently only have ipa02 working, so we need to set it as replication host
for ipa03.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-01-23 22:25:05 +01:00
Michal Konecny
696edb4c3d [ipa/server] Restore the variable changes 
Let's restore variables to state before we caused the issue started happening on
IPA cluster.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-01-23 00:44:54 +01:00
Michal Konecny
ea1f8a14c1 [ipa/server] Restore ipa02 from scratch 
Let's try to resolve the ipa errors by doing the ipa02 installation from scratch.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-01-22 23:35:59 +01:00