WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-03 00:34:04 +08:00
Code Issues Packages Projects Releases Wiki Activity
43,966 Commits 9 Branches 0 Tags
04dcafe578f9cd6d98ad525529341b35f424ad4e
Commit Graph

45 Commits

Author SHA1 Message Date
Nils Philippsen
6c85fda0c9 Mass remove/replace iad2 -> rdu3, 10.3. -> 10.16. 
Signed-off-by: Nils Philippsen <nils@redhat.com>
 2025-07-03 20:05:02 +02:00
Kevin Fenzi
6d4f4da388 openvpn/server: install the right ccd files in rdu3 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-30 11:56:45 -07:00
Kevin Fenzi
a130888041 bastion / rdu3 / openvpn_server: setup ccd files for rdu3 bastion openvpn 
This deploys a new set of ccd files to bastion*rdu3 for openvpn.
Right now bastion01.iad2 is the vpn hub/server for all connections.
Once dns is changed and clients restarted, they will connect to
bastion01.rdu3.

These ccd files swap the iad2 for rdu3 servers.
So, for example now 'wiki01.vpn.fedoraproject.org', or 'wiki01' as the
proxies call it, will go to wiki01.iad2.fedoraproject.org.

After the dns switch and client reconnects here,
wiki01.vpn.fedoraproject.org/wiki01's ip will be claimed by
wiki01.rdu3.fedoraproject.org instead and wiki01.iad2 will get a dynamic
ip (or will be just turned off).

This will allow us to more easly move services from proxies.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-28 08:12:44 -07:00
Ryan Lerch
25391e95b7 ansiblelint fixes - fqcn[action-core] - package to ansible.builtin.package 
Replaces many references to  package: with ansible.builtin.package

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 11:28:00 +10:00
Ryan Lerch
6a3816dfdc ansiblelint fixes-- fqcn[action-core] - copy to ansible.builtin.copy 
Replaces many references to 'copy' with ansible.builtin.copy

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 10:43:31 +10:00
Ryan Lerch
62952df107 ansiblelint fixes-- fqcn[action-core] - file to ansible.builtin.file 
Replaces many references to  file: with ansible.builtin.file

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 10:41:52 +10:00
Ryan Lerch
691adee6ee Fix name[casing] ansible-lint issues 
fix 1900 failures of the following case issue:

`name[casing]: All names should start with an uppercase letter.`

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-14 20:20:07 +10:00
Ryan Lerch
89f6f1fc32 Fix majority of remaining yamllint warnings and errors 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2024-11-28 17:31:45 +10:00
Kevin Fenzi
3caebd6095 openvpn/server: really remove the group 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-05-05 15:29:06 -07:00
Kevin Fenzi
0760ee57a6 openvpn / server: make the ccd dir idempotent 
Right now this task makes the ccd dir as 0755 and root.root, but then a
later task syncs this from batcave01 and it gets 2755 and
root.sysadmin-main. Just change this to match so we are more idempotent.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-05-05 14:53:03 -07:00
Stephen Smoogen
046f0a3126 try to clean out old ccd files with delete 2020-06-09 21:55:38 -04:00
Stephen Smoogen
d74f9d82bd try syncronize on ccd files to clean up ones we do not have anymore 2020-06-09 21:51:17 -04:00
Patrick Uiterwijk
7b90e30af8 Fix directory name 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-17 04:32:29 +00:00
Patrick Uiterwijk
7016d073a0 Fix up dh2048 path 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-17 04:31:42 +00:00
Patrick Uiterwijk
758af3f7d6 Make bastion use new server cert 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-08-17 04:28:14 +00:00
Patrick Uiterwijk
936e8b261a yum accepted pkg=, package calls it name= 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2017-10-09 00:38:26 +02:00
Patrick Uiterwijk
adcbf72f03 Packageize this, packageize that, packageize the world 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-10-08 22:25:52 +00:00
Kevin Fenzi
273093ecbb put server ccd files under server subdir 2017-05-15 02:34:31 +00:00
Kevin Fenzi
42b69d73f3 also the server files 2017-05-14 20:56:30 +00:00
Kevin Fenzi
179cc4dd54 switch openvpn to use seperate service units and directories for client and server, hopefully in a mostly transparent way that will not cause much outage 2017-05-14 19:01:17 +00:00
Kevin Fenzi
8a6e51a9a6 change state=running to start=started as the old one is going away in ansible 2.7 2017-04-13 01:37:21 +00:00
Kevin Fenzi
2873cdd427 Move all puppet_private stuff to ansible private so we can stop using puppet private. 2015-09-25 18:16:23 +00:00
Praveen Kumar
4b1e5162d7 Update state from installed/removed to present/absent for yum module as per latest documents -> http://docs.ansible.com/yum_module.html 2014-11-05 15:32:11 +00:00
Kevin Fenzi
a3222e0097 Fix typo in filename 2014-10-08 23:25:37 +00:00
Kevin Fenzi
d7693328eb No need for recurse here. 2014-10-08 23:22:53 +00:00
Kevin Fenzi
837ae4ef1e Correct path here 2014-10-08 23:20:28 +00:00
Kevin Fenzi
8b32c6129c Here too 2014-10-08 23:17:45 +00:00
Kevin Fenzi
bf67428a23 Try copy here 2014-10-08 23:15:09 +00:00
Kevin Fenzi
a50758d90e A basic first cut at a bastion role. Going to use on bastion02 2014-10-08 22:37:24 +00:00
Tim Flink
4cad62833a fixing typo in restart notification 2014-09-24 17:35:59 +00:00
Tim Flink
d6195c2c33 changing openvpn restart notifications to work on sysvinit and systemd style machines 2014-09-24 17:32:41 +00:00
Pierre-Yves Chibon
6e0e238f10 OpenVPN server needs the crl.pem file 2014-08-01 18:37:25 +02:00
Pierre-Yves Chibon
54764c5e41 File works 2014-08-01 17:10:13 +02:00
Pierre-Yves Chibon
d26ae5df9f Use copy instead of file 2014-08-01 17:04:34 +02:00
Pierre-Yves Chibon
b818538962 Y'all get quotes 2014-08-01 16:48:16 +02:00
Pierre-Yves Chibon
27913def24 More quotes for the handler names 2014-08-01 16:45:57 +02:00
Pierre-Yves Chibon
8de71b59e3 Tag all the openvpn tasks as 'openvpn' 2014-08-01 16:41:55 +02:00
Pierre-Yves Chibon
8a89bd9fff Fix accessing the mode 2014-08-01 16:34:21 +02:00
Pierre-Yves Chibon
8185a415d2 And we put directly the destination, no location set 2014-08-01 16:30:08 +02:00
Pierre-Yves Chibon
cf1f8dba40 What about quotes 2014-08-01 16:26:15 +02:00
Pierre-Yves Chibon
b34999e1f4 Add the logic to enable the openvpn server on EL6, EL7 and Fedora in the client and the server 2014-08-01 12:39:43 +02:00
Pierre-Yves Chibon
7f30c0fc7a Adjust the openvpn handler automatically to the distribution used 2014-08-01 12:35:11 +02:00
Pierre-Yves Chibon
3aa0127662 Dependencies between roles are marked in the meta folder not the tasks one 2014-08-01 12:16:09 +02:00
Pierre-Yves Chibon
901624caea Mark the openvpn client and server as requesting the openvpn base role 2014-08-01 12:10:06 +02:00
Pierre-Yves Chibon
e5ff3b586e Start the port to ansible of openvpn 2014-07-31 22:37:58 +02:00