fedora-infra_ansible

mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-28 04:22:18 +08:00

Author	SHA1	Message	Date
Patrick Uiterwijk	99e5baf76e	Send HTTP/421 on kojipkgs on non-phx2 Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-11-28 15:39:37 +00:00
Patrick Uiterwijk	bc3bbcb5c0	Also return 421 from non-phx2 proxies for src.fp.o Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-11-26 21:13:33 +00:00
Patrick Uiterwijk	40de21728b	Set the error message centrally Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-11-26 21:12:32 +00:00
Patrick Uiterwijk	34a655ee37	Send a 421 Misdirected error to koji from non-phx2 proxies Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-11-26 21:05:59 +00:00
Patrick Uiterwijk	ac055b3927	Deploy ticketkey as part of proxy role Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-11-25 00:02:26 +00:00
Patrick Uiterwijk	e1bb4e64a4	Do not includeSubDomains for id.fp.o STS Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-11-24 22:49:05 +00:00
Patrick Uiterwijk	cabbfe3015	Deploy split servers to prod Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-11-24 22:46:24 +00:00
Patrick Uiterwijk	bc95beb269	Split id.fp.o and username.id.fp.o for TLS/h2 reasons. Start with staging Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-11-24 22:20:25 +00:00
Patrick Uiterwijk	de010afa89	Enable h2 in production Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-11-22 15:03:06 +00:00
Patrick Uiterwijk	0f94698922	Enable h2 for proxies and also h2c for Fedora app servers Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-11-21 21:16:27 +00:00
Patrick Uiterwijk	6d2b69b7d2	Be slightly more permissive Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-10-17 08:46:40 +00:00
Patrick Uiterwijk	a48f48d911	Who am I kidding? Nobody's going to report these failures.. This reverts commit `f3fbcce829`.	2017-10-16 22:13:07 +00:00
Patrick Uiterwijk	f3fbcce829	Thse two headers should be fine, but let's test them in staging first Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-10-16 22:11:35 +00:00
Patrick Uiterwijk	9245388053	Add securityheades to websites Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-10-16 21:47:06 +00:00
Patrick Uiterwijk	f027845144	There is no elif, just an else Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-10-10 15:12:58 +00:00
Patrick Uiterwijk	3233cc1388	Allow mod_proxy_balancer optionally Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2017-10-10 17:07:48 +02:00
Stephen Smoogen	d03b61ac73	and we have ips we need for the hosts	2017-10-09 19:44:31 +00:00
Patrick Uiterwijk	039b08354a	Yum allowed state=installed. Lets use state=present consistently Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-10-08 22:31:03 +00:00
Patrick Uiterwijk	a9e616022f	Also package-ize this Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-10-08 22:03:18 +00:00
Patrick Uiterwijk	7a0635c347	Make use of the package: module Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-10-08 21:59:40 +00:00
Stephen Smoogen	e3c0199dad	make another set of stg ip changes	2017-09-29 15:24:58 +00:00
Patrick Uiterwijk	e7411874fe	Do not httpd-redirect for acme challenges Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-09-14 09:25:05 +00:00
Patrick Uiterwijk	b373d2d597	Revert "Do not httpd-redirect for acme challenges" Not yet +2 FBR This reverts commit `fd0a29275a`.	2017-09-09 23:58:12 +00:00
Patrick Uiterwijk	fd0a29275a	Do not httpd-redirect for acme challenges Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-09-09 23:42:19 +00:00
Patrick Uiterwijk	863dffdb66	Allow setting up a vhost for certgetter Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-09-09 23:27:40 +00:00
Patrick Uiterwijk	5bd010cc68	Move to registry02/03 in production Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2017-08-04 00:22:01 +02:00
Patrick Uiterwijk	323dfd93ec	Revert "Deploy httpd config to prevent varnish attacks" This reverts commit `ef52ab8e89`.	2017-08-02 21:08:29 +00:00
Patrick Uiterwijk	ef52ab8e89	Deploy httpd config to prevent varnish attacks Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-08-02 17:29:00 +00:00
Patrick Uiterwijk	5482145b93	Disable removing 100-continue Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-07-22 11:40:23 +00:00
Patrick Uiterwijk	dc7d020e21	Fix fedpkg double uploads by abusing the krb5 replay cache being local Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-07-22 11:32:04 +00:00
Adam Miller	bc86f6ab1c	add webUI for stage reverseproxy Signed-off-by: Adam Miller <admiller@redhat.com>	2017-06-30 15:36:22 +00:00
Patrick Uiterwijk	9829ff7358	We want to modify the staging part Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-06-30 15:27:36 +00:00
Ricky Elrod	82417064e4	Change static content caching from 5 days to 30 minutes Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>	2017-06-09 06:30:47 +00:00
Kevin Fenzi	058f6a84ec	missed a few of these due to spacing	2017-04-13 18:35:43 +00:00
Patrick Uiterwijk	3a8e11cf7e	Split staging and prod docker push certs Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-04-10 22:06:52 +02:00
Patrick Uiterwijk	9841d619fc	Why, Docker, why? I thought we were friends Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-03-15 22:56:21 +00:00
Michael Simacek	adade90a2c	Disallow robots from expensive queries on koschei	2017-02-24 16:02:40 +01:00
Patrick Uiterwijk	4289a2056c	Alias and mod_rewrite mixing doesn't go too well Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-02-21 15:06:51 +00:00
Patrick Uiterwijk	49323cdec7	Create directory for registry-signatures Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-02-21 14:34:47 +00:00
Patrick Uiterwijk	7fdfd90dad	CDN has no clue about staging Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-02-16 20:03:33 +00:00
Patrick Uiterwijk	9453a5cba0	Do this the other way around. And Docker... Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-02-16 19:57:12 +00:00
Patrick Uiterwijk	47c396423d	Do not send update requests to CDN Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-02-16 19:47:09 +00:00
Ricky Elrod	a78a6d2bec	redirect mirrors.fp.o/publiclist to admin.fp.o/mirrormanager Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>	2017-02-16 17:56:08 +00:00
Patrick Uiterwijk	e1601ca869	More flexible regex Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-02-15 15:59:46 +00:00
Patrick Uiterwijk	c1b28e4568	Redirect blob requests to CDN Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-02-15 15:48:20 +00:00
Patrick Uiterwijk	fbbf28f32c	Remove keepalives configuration in production Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-02-14 16:11:09 +00:00
Patrick Uiterwijk	40476d05a2	Because Docker Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-02-13 22:37:39 +00:00
Patrick Uiterwijk	14d68a4b22	Let's try keepalive Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-02-13 16:00:29 +00:00
Stephen Smoogen	a59950b213	make a small set of changes before too many	2017-02-01 23:39:23 +00:00
Patrick Uiterwijk	2aa9950702	Block all traffic for this paste at the proxies Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-01-23 14:06:42 +00:00

1 2 3 4 5

210 Commits