WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-04 14:03:32 +08:00
Code Issues Packages Projects Releases Wiki Activity
41,474 Commits 9 Branches 0 Tags
289bda56985f9cf20ff56b091e367a3e94de24ff
Commit Graph

116 Commits

Author SHA1 Message Date
Pavel Raiskup
4a01fb6f3e copr: use aws_ipv6_con var on more palces 2024-03-13 21:35:22 +01:00
Pavel Raiskup
5a45135c38 copr: ipv6 also on non-Fedora boxes 2024-03-13 21:32:51 +01:00
Pavel Raiskup
20d43f939f copr-pulp: setup ipv6 2024-03-13 21:26:45 +01:00
Pavel Raiskup
cdb5c923a5 copr-pulp-dev: don't start node exporter 
EL9 boxes have the service named differently, and we don't need it
started right now.
 2024-03-13 19:47:40 +01:00
Jakub Kadlcik
4889f42f5e copr/base: do all the networking magic only on Fedora 
On copr-pulp-dev the connection is named `System eth0`. I don't have
time to debug it right now and we IMHO don't need the networking magic
right from the start.
 2023-08-20 19:40:39 +02:00
Jakub Kadlcik
dd31fcceea copr/base: use rsyslog-logrotate only on Fedora 
It isn't available in EPEL8
 2023-08-20 19:31:22 +02:00
Jakub Kadlcik
60d5faf5d6 copr: mask systemd-oomd only on Fedora hosts 
The copr-pulp instance will run on RHEL8 and systemd-oomd is not
installed there.
 2023-08-20 19:22:44 +02:00
Pavel Raiskup
21be6fd294 copr: use smtp-auth-relay for all hosts 2023-06-19 11:08:23 +02:00
Pavel Raiskup
70d60d4968 copr/base: forward cron output to copr-team 2023-02-21 09:08:36 +01:00
Pavel Raiskup
a1019b0e4a copr/base: post logrotate scripts should ping to rsyslog.pid, not syslog.pid 2023-02-15 11:31:29 +01:00
Pavel Raiskup
e24dfce94f copr/base: rsyslog uses "rsyslog" logrotate file, not syslog 2023-02-15 10:35:47 +01:00
Pavel Raiskup
265fd1bb73 copr/base: override rsyslog logrotate config 
Copy-paste the stuff others use in this repository.  While on it, assure
logrotate is installed on copr boxes, and install the packages by a
single 'package' statement.
 2023-02-15 10:19:29 +01:00
Jakub Kadlcik
98410c9b7b copr: mask the systemd-oomd service 2023-01-09 11:40:08 +01:00
Jakub Kadlcik
02130aed22 Revert "copr: ipv6.never-default yes" 
This reverts commit 8f59bfd6cb.

It was a bad idea. It won't be possible to curl the server via IPv6
 2022-12-06 16:14:05 +01:00
Jakub Kadlcik
8f59bfd6cb copr: ipv6.never-default yes 
Don't use IPv6 gateway. It breaks OpenID login for us

https://github.com/fedora-copr/copr/issues/2418
https://pagure.io/fedora-infrastructure/issue/11025
 2022-12-06 14:27:14 +01:00
Jakub Kadlcik
ee1f6638a6 copr: restart systemd-oomd after changing its config 2022-11-29 22:46:43 +01:00
Jakub Kadlcik
1e56a328b8 copr: use SwapUsedLimit=80 for systemd-oomd on all copr servers 2022-11-29 22:25:55 +01:00
Pavel Raiskup
5107c13c9c copr/base: better detect ipv6 config 
Check the connection configuration, not the actual device setup (device
setup might be automatically configured, but still non-working).
 2022-11-29 21:43:11 +01:00
Pavel Raiskup
2bb712b026 copr-base: ipv6.may-fail yes 2022-11-28 18:25:41 +01:00
Pavel Raiskup
20ab4ef0b1 copr-base: we need ipv6.method auto eventually 
This is needed to setup gateway, etc.  After that we need to do
'nmcli con up'.
 2022-11-23 22:42:54 +01:00
Pavel Raiskup
96b00cbd33 copr-base: don't reconfigure ipv6 over again 2022-11-23 12:42:10 +01:00
Pavel Raiskup
a1b7c1102a copr/base, copr-fe: don't restart prometheus exporter all the time 2022-11-23 12:17:34 +01:00
Pavel Raiskup
094242ecc6 copr/base: drop an unused resolv.conf hack 
This was long time ago used with the Fedora Infra OpenStack.
 2022-11-23 12:12:13 +01:00
Pavel Raiskup
84386e8b4f copr_base: install acl package 2022-11-22 23:29:56 +01:00
Pavel Raiskup
e61a356554 copr-base: test ipv6 manual 2022-11-22 10:49:19 +01:00
Jakub Kadlcik
070a99e324 copr: use nmcli to configure IPv6 
The best conversion table I found is here
https://networkmanager.dev/docs/api/latest/nm-settings-ifcfg-rh.html
See: Table 23. ipv6 setting
 2022-11-21 11:16:12 +01:00
Jakub Kadlcik
83c20f9aeb copr: disable offloading in the nmconnection keyfile 
The old network script is deprecated, please see
/etc/sysconfig/network-scripts/readme-ifcfg-rh.txt

You can check that the settings are correct with

    ethtool -k eth0 | egrep 'tcp-segmentation-offload:
                             |generic-receive-offload:
                             |generic-segmentation-offload: '
 2022-11-19 14:38:22 +01:00
Silvie Chlupova
7a88ef0429 copr: restart node_exporter just in case the service file changed 2022-05-04 13:03:35 +02:00
Silvie Chlupova
b951f4ec82 copr: change node_exporter settings according to changes in golang-github-prometheus-node-exporter 2022-04-27 14:47:47 +02:00
Silvie Chlupova
cf3f507296 copr: we still need to freeze node-exporter to version 1.2.2 2022-04-11 14:29:16 +02:00
Silvie Chlupova
1de1f667fb copr: we don't have to freeze golang-github-prometheus-node-exporter version 2022-04-05 13:01:09 +02:00
Silvie Chlupova
166b814a28 copr: downgrade node_exporter to version 1.2.2 2022-01-25 16:35:07 +01:00
Silvie Chlupova
ba86e27e79 copr: add nagios checks for copr servers 2022-01-21 14:18:05 +01:00
Silvie Chlupova
22bf73ae9e copr: move installation of node_exporter to copr base role 2021-12-06 11:18:34 +01:00
Pavel Raiskup
4586b8e0f7 copr: fix IPV6 config 2021-11-30 13:37:36 +01:00
Pavel Raiskup
a9c8dda4ca copr: auto-setup the ipv6 configuration 
Turns out that, even though IPv6 is configured on the initial VM boot,
the IPv6 needs manual tweeks and reboot (or nmcli dance).  Related to:
https://pavel.raiskup.cz/blog/switch-fedora-box-to-ipv6-in-aws.html
 2021-11-30 13:35:23 +01:00
Jakub Kadlcik
0a4c5c3034 copr: let nagios_client role to install nrpe 
We shouldn't install `nrpe` package in the `copr/base` playbook
because it creates the following user

    nrpe:x:992:991:NRPE user for the NRPE service:/var/run/nrpe:/sbin/nologin

That UID collides with an user for keygen

    - user: name="copr-signer" group=copr-signer groups=apache uid=992

The `nrpe` installation needs to be done later, in the `nagios_client`
role that we call after `copr/keygen` role.
 2021-11-28 22:21:52 +01:00
Pavel Raiskup
c4d56a9419 copr: fix cron MAILTO so it doesn't bounce 2021-05-03 21:03:50 +02:00
Kevin Fenzi
9ef275491c copr / base: update root fowrard 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-01-08 16:27:33 -08:00
Pavel Raiskup
04343eee01 copr/base: install cronie-anacrontab 
... right before we try to configure it.
 2020-11-11 13:53:02 +01:00
Pavel Raiskup
cf99f80657 copr: base: don't send emails to root 
Send the mails to praiskup@redhat.com for now, till we solve what to do
about it.
 2020-04-24 21:34:25 +02:00
Miroslav Suchý
2898069905 Revert "copr: unmask tmp.mount" 
This reverts commit 911e10db3ae661d1758e971a71e3b098ee7670f6.
in favour of change in 1569679e1b213374b7eb75915e6a87cfd8799b30
 2020-04-24 21:34:24 +02:00
Miroslav Suchý
57823e23c6 copr: do not set PEERDNS in aws 2020-04-24 21:34:24 +02:00
Miroslav Suchý
feda20ad3c copr: unmask tmp.mount 2020-04-24 21:34:24 +02:00
Miroslav Suchý
a696618ec2 copr: system-config-firewall-base does not exist on f31 
we used to need it becouse of lokkit, but it seems we do not use it any more
 2020-04-24 21:34:23 +02:00
Pavel Raiskup
cfada1684c Revert "Revert "copr: temporarily don't start logrotate"" 
This reverts commit be6005f32433dcc37686f8eccfcc973961dcf3d8.
 2020-04-24 21:34:09 +02:00
Pavel Raiskup
3c20dc3e14 Revert "copr: temporarily don't start logrotate" 
This reverts commit 3d7cd5969d2538c7482652aa07e7e44342f7d5d7.
 2020-04-24 21:34:09 +02:00
Pavel Raiskup
3a3ae7b785 copr: temporarily don't start logrotate 
It is already starting on background, but analyzing many GB of logs --
and we need to finish the upgrade ASAP.
 2020-04-24 21:34:09 +02:00
Miroslav Suchý
7662f6b6cb copr: just start the logrotate 
do not enable it, systemd does not like it.
we added Wants= to copr units, so this is redundant now
 2020-04-24 21:34:09 +02:00
Miroslav Suchý
72adc128c3 copr: enable logrotate 2020-04-24 21:34:09 +02:00