WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-28 12:32:50 +08:00
Code Issues Packages Projects Releases Wiki Activity
20,712 Commits 9 Branches 0 Tags
15aa64b80784bbd34d7b6f85e3a9ce43cfc94de4
Commit Graph

495 Commits

Author SHA1 Message Date
Kevin Fenzi
afef097a3d switch all the include tasks to import tasks 2017-10-17 17:37:03 +00:00
Kevin Fenzi
583f303946 we cannot use autoremove yet, it needs dnf 2 everywhere 2017-10-15 21:14:06 +00:00
Kevin Fenzi
ceff9bfca4 first stab at replacing include with include_playbook or includ_tasks 2017-10-15 19:46:08 +00:00
Kevin Fenzi
0425fd11b0 do not autoremove on base packages to remove 2017-10-15 18:26:17 +00:00
Kevin Fenzi
21c5d61f43 Revert "look, some whitespace changes" 
This reverts commit b1201baec0.
 2017-10-12 21:58:16 +00:00
Kevin Fenzi
57a74246fd have to ignore errors here because if the unit does not exist systemd will error out 2017-10-12 21:57:44 +00:00
Kevin Fenzi
b1201baec0 look, some whitespace changes 2017-10-12 21:54:21 +00:00
Kevin Fenzi
0067afe12f restart docker service on iptables reloads, and set docker to not restart containers on service restarts 2017-10-12 21:46:01 +00:00
Patrick Uiterwijk
936e8b261a yum accepted pkg=, package calls it name= 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2017-10-09 00:38:26 +02:00
Patrick Uiterwijk
adcbf72f03 Packageize this, packageize that, packageize the world 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-10-08 22:25:52 +00:00
Patrick Uiterwijk
394cf40242 == True is not ideal 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-10-08 20:57:08 +00:00
Kevin Fenzi
9108a0d6fe now that we have staging moved to its own subnet, we can just block that entire thing in prod iptables and no longer need to change everytime a stg machine appears or disappears. 2017-10-04 16:40:55 +00:00
Stephen Smoogen
e3c0199dad make another set of stg ip changes 2017-09-29 15:24:58 +00:00
Patrick Uiterwijk
08ab5dd6f0 Add missing .stg.phx2.fp.o to krb5.conf. If env will be removed after freeze 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-09-15 20:27:02 +00:00
Adam Williamson
cac1fb41ab openqa tap workers: allow masquerade on eth2 also, for ppc64 
Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2017-09-09 11:14:55 -07:00
Patrick Uiterwijk
dae3290dd7 Add dns1 and dns2 for nm-controlled resolv.conf 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-08-21 21:01:08 +00:00
Patrick Uiterwijk
d12cedc5d3 Allow NM-controlled DNS if intended 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-08-21 20:58:55 +00:00
Kevin Fenzi
06033a3b27 move this to a dep instead of including it 2017-08-19 17:13:49 +00:00
Patrick Uiterwijk
aef0feda87 Turns out it was just missing a name= 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-08-16 17:43:00 +00:00
Patrick Uiterwijk
e2b829c900 Turns out name: is incompatible with include_role 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-08-16 17:41:49 +00:00
Patrick Uiterwijk
e43e0e06b1 Move SSH setup to its own role 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-08-16 17:39:23 +00:00
Patrick Uiterwijk
dfc9e56b96 Revert "bypass sshd restart for nowg" 
This reverts commit ecb03a1093.
 2017-08-15 16:59:30 +00:00
Patrick Uiterwijk
778272ed90 Update sshd_config everywhere to present cert 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-08-15 16:41:48 +00:00
Patrick Uiterwijk
1fad80a314 We no longer have any <Fedora24 boxes 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-08-15 16:38:11 +00:00
Patrick Uiterwijk
ecb03a1093 bypass sshd restart for nowg 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-08-15 16:32:16 +00:00
Patrick Uiterwijk
11a36497c8 Lets just call out to date... 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-08-15 16:24:37 +00:00
Patrick Uiterwijk
800f9145d3 Add sshd_cert tag 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-08-15 15:19:53 +00:00
Patrick Uiterwijk
d0c938a7e9 Open firewall enough from s390x-01 for sshfs 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-08-12 01:02:13 +00:00
Patrick Uiterwijk
fe5f1c3152 Or no quoting 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-08-04 16:49:13 +00:00
Patrick Uiterwijk
4eef39463f Quote this too. Quote all the things 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-08-04 16:47:29 +00:00
Patrick Uiterwijk
fa0d94d697 Fix EPARSE 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-08-04 16:46:12 +00:00
Patrick Uiterwijk
cfab031a8a Deploy sender_access file 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2017-08-04 18:20:17 +02:00
Patrick Uiterwijk
7a5346019b Create a sender_access file 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-08-04 16:20:13 +00:00
Patrick Uiterwijk
bb707cc070 when != hen 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-07-14 02:55:02 +00:00
Patrick Uiterwijk
1bf3eacc7c Teach ansible about the enc900 interface on s390 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-07-14 02:53:27 +00:00
Stephen Smoogen
68e2a472b3 How beauteous mankind is! O brave new world 2017-06-26 19:03:03 +00:00
Stephen Smoogen
06be05edfb cut down the list of hosts external 2017-06-23 19:19:18 +00:00
Ricky Elrod
6e6239051a add resolv.conf for internetx 
Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
 2017-06-20 21:03:40 +00:00
Tim Flink
c40d6a5ebd adding main.cf for upstreamfirst.fedorainfracloud.org 2017-05-25 15:51:18 +00:00
Kevin Fenzi
a60055fbaa oops, == here not is 2017-05-15 17:37:56 +00:00
Kevin Fenzi
2df1d71510 clean up iptables in base to not apply to cloud compute/master, osbs or os 2017-05-15 17:33:51 +00:00
Kevin Fenzi
d860015a28 lets try this s390 caching again 2017-05-14 18:30:14 +00:00
Kevin Fenzi
9f71fa2295 comment in rsyslog-audit module in base 2017-05-04 14:20:37 +00:00
Patrick Uiterwijk
f4ae8df39d Fix up policy source and add EL6 compiled version 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-05-04 14:12:56 +00:00
Kevin Fenzi
fcf570d42e initial selinux module work for rsyslog to read audit 2017-05-04 14:02:02 +00:00
Kevin Fenzi
db328d7ac2 Revert "ansible tells me not to use {s in when, lets see if this works" 
This reverts commit 9b77ca729b.
 2017-04-20 17:03:09 +00:00
Kevin Fenzi
9b77ca729b ansible tells me not to use {s in when, lets see if this works 2017-04-20 16:57:07 +00:00
Kevin Fenzi
8a6e51a9a6 change state=running to start=started as the old one is going away in ansible 2.7 2017-04-13 01:37:21 +00:00
Stephen Smoogen
cf89a2516d and we will try nagios templates 2017-04-11 21:18:04 +00:00
Kevin Fenzi
31254f9775 kill paste0* instances 2017-04-11 19:42:45 +00:00