WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-03-20 03:57:02 +08:00
Code Issues Packages Projects Releases Wiki Activity
45,334 Commits 9 Branches 0 Tags
0d56b527a6ce27e428d0538052ad4454e67eb7c8
Commit Graph

68 Commits

Author SHA1 Message Date
Greg Sutcliffe
0a4a78bf9a Zabbix: Add HAProxy monitoring template 
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
 2025-11-03 15:54:57 +00:00
Greg Sutcliffe
69645f5da5 HAProxy/Rsyslog: fix logging to the rsyslog UDP port that haproxy expects 
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
 2025-10-07 21:21:02 +00:00
Michal Konecny
17d33b34cd [haproxy] Let's use the correct cert for ipa 
HAProxy had incorrect IPA certificate for staging. I'm not sure how that
even worked, but the issue was revealed when the IAD2 machines were
removed from cluster.
 2025-07-04 16:09:24 +02:00
Adam Williamson
9da2cfb6f2 haproxy: IPA certs don't depend on data center 
The IPA cert doesn't change when we move datacenters, because we
just replicate across. So it shouldn't have the datacenter in the
name. This should fix haproxy deployment (it was broken because
we didn't have an 'rdu3' file).

Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2025-07-03 11:55:59 -07:00
Nils Philippsen
6c85fda0c9 Mass remove/replace iad2 -> rdu3, 10.3. -> 10.16. 
Signed-off-by: Nils Philippsen <nils@redhat.com>
 2025-07-03 20:05:02 +02:00
Kevin Fenzi
643aaadb8e openshift / stg / rdu3: add cluster cert and point ocp to it 
This will break things in not rdu3, but we are moving staging tomorrow
anyhow. So, just running this on rdu3 staging for now.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-25 20:03:08 -07:00
Kevin Fenzi
a1a16698ab proxies / openshift / rdu3: just copy the iad2 stg ocp cert for now, will replace with new cert once staging cluster is up 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-20 09:57:06 -07:00
Kevin Fenzi
3f726efdbf proxies / rdu3: add service ca to web bundle 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-14 15:09:49 -07:00
Kevin Fenzi
43b150af7a haproxy: add prod rdu3 openshift ca 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-14 09:36:21 -07:00
Kevin Fenzi
659c9c719a openshift / haproxy: add service ca to trusted bundle 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-12-08 09:28:46 -08:00
Francois Andrieu
89a8e33677 haproxy: add the openshift-service CA cert to the CA bundle 2024-12-08 00:34:27 +01:00
Francois Andrieu
ce45b1775e ocp: renew internal ingress certificates 2023-08-11 12:50:57 +02:00
Kevin Fenzi
36b489bce2 haproxy: adjust content size to 503 page 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-04-04 07:50:02 -07:00
Francois Andrieu
0ece2dfe06 use fedoraproject favicon everywhere it's needed 2023-04-03 13:35:55 +02:00
David Kirwan
d7f5be0ebb metrics-for-apps: updating api-int CA cert for ocp4 
Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-09-09 12:52:18 +09:00
David Kirwan
4e8fa0e687 metrics-for-apps: add ocp4 prod CA cert to haproxy 
Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-09-08 12:32:42 +09:00
Kevin Fenzi
3bdb267ad4 staging: rename the ocp cert 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-08-30 15:53:34 -07:00
Kevin Fenzi
ee60a42ccb haproxy: check in a temp prod ocp ca pem so playbooks do not fail 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-08-17 17:15:29 -07:00
David Kirwan
773bb63e35 metrics-for-apps: CA cert for the ocp4 staging cluster 
Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-08-17 10:26:56 +09:00
David Kirwan
6de8b73b9a metrics-for-apps: hotfix rename ocp4 staging CA cert 
Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-08-16 11:04:59 +09:00
David Kirwan
63b493fe31 metrics-for-apps: hotfix rename ocp4 staging ca certificate 
Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-08-16 10:51:33 +09:00
David Kirwan
55185861c8 metrics-for-apps: 
- Updating apache proxy config to handle ocp4 CA cert
- place ocp4 CA cert on proxies
- add ocp4 stg ca cert to haproxy/files

Signed-off-by: David Kirwan <dkirwan@redhat.com>
 2021-08-13 20:02:38 +00:00
Kevin Fenzi
368bfaef01 haproxy: adjust content length for new text in 503 message 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-05-17 09:43:45 -07:00
Kevin Fenzi
80079bec37 503: adjust wording on the service not available doc 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-05-17 16:40:25 +00:00
Kevin Fenzi
14c486b41d haproxy: adjust content-length 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-05-12 13:38:48 -07:00
Aurélien Bompard
aace9bb2cc New certificate for IPA in staging 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-02-12 11:39:24 +01:00
Kevin Fenzi
e6a1139cec haproxy / staging: update openshift ca cert for haproxy 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-07-31 11:31:12 -07:00
Kevin Fenzi
959fdaa00b haproxy: add a placeholder ca for openshift staging 
Openshift doesn't exist in staging yet, but we want to finish mostly
building out proxy01 before doing that, so set a placeholder ca here
until we can update it with the real one.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-07-25 09:39:17 -07:00
Kevin Fenzi
16d012933c haproxy: add ipa stg cert for iad2 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-07-24 21:52:12 -07:00
Kevin Fenzi
83d76a8614 iad2: haproxy: fix up openshift certs so iad2 and phx2 are correct and both install. Just copy the phx2 ipa pem for now 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-28 10:46:48 -07:00
Pierre-Yves Chibon
cb93ea22a1 proxy: Fix a number of links in the 503 error template 
See https://pagure.io/fedora-infrastructure/issue/8452 for
some more context about this change.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-04-24 21:34:20 +02:00
Kevin Fenzi
ff74860db5 new ca cert for prod openshift 2018-09-27 22:27:51 +00:00
Kevin Fenzi
a63607d51b update os-master ca 2018-09-10 21:35:11 +00:00
Kevin Fenzi
233f22575a New openshift ssl ca 2018-05-31 23:47:27 +00:00
Patrick Uiterwijk
06f53389bc Add a README for the os-cert 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-05-31 02:11:07 +02:00
Kevin Fenzi
1f74423825 Update staging cert 2018-05-31 00:09:32 +00:00
Kevin Fenzi
8a19a0ef8d try this one 2018-02-24 01:44:25 +00:00
Kevin Fenzi
b651061e5c new staging ca cert 2018-02-24 01:13:56 +00:00
Ricky Elrod
a5d017c71f new os-master cert 
Signed-off-by: Ricky Elrod <relrod@redhat.com>
 2017-11-29 07:14:00 +00:00
Kevin Fenzi
3ae95a6169 fix names 2017-08-22 19:49:20 +00:00
Kevin Fenzi
4047dc3228 move file for env name 2017-08-22 19:45:25 +00:00
Kevin Fenzi
9d330280ef add prod os CA and make haproxy use it 2017-08-22 19:41:07 +00:00
Patrick Uiterwijk
67939cfd7a New OS certificate 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-06-29 15:17:47 +00:00
Kevin Fenzi
04e93913b4 update openshift ca from current install 2017-05-25 19:35:48 +00:00
Kevin Fenzi
eb1dd0ae0f look, you can fix a error with 0s 2017-05-16 15:24:23 +00:00
Patrick Uiterwijk
331a664f1e Updatecert 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-05-12 15:03:41 +00:00
Patrick Uiterwijk
2b365b3c32 Add the newest openshift cert 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-05-12 02:34:39 +00:00
Ricky Elrod
bbe6c25b6f try os-master proxy setup 
Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
 2017-05-11 19:49:31 +00:00
Kevin Fenzi
077cbc03d6 remove fedorahosted from nagios 2017-03-02 22:16:19 +00:00
Patrick Uiterwijk
1c74f98cca Add production IPA cert 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-10-13 13:46:34 +00:00