WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-04 11:21:46 +08:00
Code Issues Packages Projects Releases Wiki Activity
41,474 Commits 9 Branches 0 Tags
289bda56985f9cf20ff56b091e367a3e94de24ff
Commit Graph

56 Commits

Author SHA1 Message Date
Michal Konecny
be2edf7b47 [mailman3] Add script for generating fulltext index for mailing lists 
The index generated by the hyperkitty-hourly script generated unusually big
index (around 1TB).

This script should help with generating the search index from scratch, after
that we can leave it to hyperkitty-hourly job again.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-07-29 14:41:12 +02:00
Michal Konecny
cdd78d1442 [mailman3] Disable search in hyperkitty 
Mailman has huge memory spikes after migration, those are caused by visiting
`/archives/search` URL. This is probably because of the search index still being
regenerated.

This patch will disable the search from both web UI and as a HTTP URL endpoint.

Fixes https://pagure.io/fedora-infrastructure/issue/12043

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-07-12 11:05:18 +02:00
Kevin Fenzi
1da59362cd mailman: adjust some settings to try and avoid OOM 
Set django to have 4 workers and have a retry longer than the timeout.
Disable local memcached and use the memcached01 instance.
Enabled debug logging on gunicorn to see what it's doing.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-07-09 13:27:32 -07:00
Michal Konecny
61cb8fd515 [mailman3] Add correct permissions to fedora-messaging certificates 
The mailman user needs to have access to fedora-messaging certificates to send
messages.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-07-02 15:54:49 +02:00
Michal Konecny
24eb9a4eda [mailman3] Use the correct mailman certificate 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-07-02 10:28:17 +02:00
Michal Konecny
98417787d6 [mailman3] Fix the YAML error 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-07-01 18:19:10 +02:00
Michal Konecny
ae8efd0dd4 [mailman3] Fix the yamllint errors 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-07-01 18:04:42 +02:00
Michal Konecny
319bc2204a [mailman3] Add fedora-messaging certificates 
It seems that I forgot to actually create the certificates for new mailman
fedora archiver. Let's fix that.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-07-01 17:56:42 +02:00
Michal Konecny
c69ef120c3 [mailman3] Add logrotate capabilities 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-06-28 11:02:10 +02:00
Michal Konecny
62b319cadb [mailman3] Fix the migration task 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-06-27 14:14:12 +02:00
Michal Konecny
84e83a16e1 [mailman3] Use the correct syntax for env 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-06-27 13:58:36 +02:00
Michal Konecny
08f990cf79 [mailman3] We need admin access to database for migrations 
We didn't need that on staging, but on production the permissions are more
granular.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-06-27 13:47:20 +02:00
Michal Konecny
bba5d4340e [mailman3] Enable memcached before enabling hyperkitty 
For `mailman-web compress` memcached have to be running.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-06-24 17:45:25 +02:00
Michal Konecny
df67f2be1f [mailman3] Start and enable timers not services 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-06-21 14:00:11 +02:00
Michal Konecny
996cef7d22 [mailman3] Add missing tags to patch task 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-06-21 12:46:08 +02:00
Michal Konecny
0fbd79a26e [mailman3] Fix the patch file and how it is applied 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-06-21 11:55:10 +02:00
Michal Konecny
d0e06d1ab0 [mailman3] Add patch for django_mailman3 
Till https://src.fedoraproject.org/rpms/python-django-mailman3/pull-request/2 is
merged let's apply the patch directly.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-06-21 09:09:34 +00:00
Lenka Segura
889f20be54 mailman: Enable and start timers 
Signed-off-by: Lenka Segura <lsegura@redhat.com>
 2024-06-18 10:22:43 +02:00
Lenka Segura
789bf6fcac mailman3: Fix quarter_hourly timer format and add hperkitty.target 
Signed-off-by: Lenka Segura <lsegura@redhat.com>
 2024-06-06 11:44:31 +00:00
Lenka Segura
7a862baa5b mailman3: copy files with copy module, not file 
Signed-off-by: Lenka Segura <lsegura@redhat.com>
 2024-06-03 09:03:01 +00:00
Lenka Segura
73612b973a Create systemd timers for tasks 
Signed-off-by: Lenka Segura <lsegura@redhat.com>
 2024-05-31 11:52:49 +00:00
Michal Konecny
132d5ce608 [mailman3] Fix the initial-data.json dataload 
The fedora isn't available in allauth library and mailman user needs to have
access to initial-data.json

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-05-31 11:55:40 +02:00
Michal Konecny
06ed86e690 [mailman3] Migrate initial-data.json from mailman role 
This JSON file contains authentication providers set up in mailman. This change
should allow it to be used in mailman3 role.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-05-30 16:15:54 +02:00
Michal Konecny
454d844a9e [mailman3] Fix 500 when opening admin page for some lists 
The postorius was missing python3-cmarkgfm in dependencies which caused
rendering of info metadata in lists to throw 500 because markdown renderer was
missing.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-05-30 15:38:27 +02:00
Michal Konecny
16f8d40075 [mailman3] Process static files every time 
Waiting for static_root_dir change could skip files that were added to static
after the initial deployment. This should prevent that.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-04-26 15:33:50 +02:00
Michal Konecny
89c45beb9f [mailman3] Fix the remaining SELinux issues 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-04-26 15:27:53 +02:00
Michal Konecny
4e221cf347 [mailman3] Fix the ownership of log file 
Both become and become_user needs to be set to work. So the script was executed
as root which caused the hyperkitty log file to be created with root owner.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-04-26 14:04:31 +02:00
Michal Konecny
4b54cadbdc [mailman3] Use the correct handler 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-04-26 12:48:07 +02:00
Michal Konecny
6416dd6249 [mod_wsgi] Install the mod_wsgi correctly on RHEL9 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-04-26 12:07:12 +02:00
Michal Konecny
8e19bddb1c [mailman3] Fix syntax issue 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-04-26 11:27:58 +02:00
Michal Konecny
88c28e2b09 [mailman3] Fix yamllint errors 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-04-26 11:02:47 +02:00
Michal Konecny
261ec360fa [mailman3] Remove the superuser creation 
We don't need the superuser if we knew how to add the permissions to any user.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-04-26 10:43:52 +02:00
Michal Konecny
a8cd5dfff3 [mailman3] Add migration script for Fedora auth provider 
This will add migration script for Fedora auth provider. This is only needed
when updating to Fedora auth provider using OpenID Connect.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-04-26 10:43:52 +02:00
Michal Konecny
4c7885c89d [mailman3] Add django superuser creation task 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-04-26 10:43:52 +02:00
Michal Konecny
6605685527 [mailman3] Add missing script and config file 
* Add mailman-sar script
* Add fedora-messaging config

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-04-26 10:43:52 +02:00
Michal Konecny
ff4ad03fd0 [mailman3] Add hyperkitty tag to all hyperkitty tasks 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-04-11 09:54:29 +02:00
Michal Konecny
a8c375429d [mailman3] Use the correct name of the file for hyperkitty config 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-04-10 15:49:04 +02:00
Michal Konecny
f961e40c3d [mailman3] Deploy hyperkitty.cfg as template 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-04-10 15:11:58 +02:00
Michal Konecny
cf48dec0eb [mailman3] Disable signup on mailman 
This module disables signup on mailman web UI.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-04-08 14:10:22 +02:00
Michal Konecny
d9f1031dbc [mailman3] Add fedmsg archiver 
Plenty of existing archived lists are reliable on fedmsg archiver. The EPEL9
package is currently in bodhi
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-39533b3dcb. Let's add
it to mailman3 role.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-04-08 14:10:22 +02:00
Michal Konecny
0079d06eea [mailman3] Add missing SELinux policies 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-03-28 16:23:19 +01:00
Michal Konecny
96b5e73a99 [mailman3] Add compress step 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-03-28 16:09:44 +01:00
Michal Konecny
a47cab5804 [mailman3] Use the correct ansible module 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-03-27 16:20:28 +01:00
Michal Konecny
df0c21ed89 [mailman3] Remove SSL apache conf 
The SSL is handled by proxies we don't need to handle it on the machine itself.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-03-27 16:01:58 +01:00
Michal Konecny
f919603485 [mailman3] Add our own urls file 
The current deployment doesn't look to work correctly for redirects, this should
fix it.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-03-27 14:42:13 +01:00
Michal Konecny
3d52a247d8 [mailman3] Use httpd_can_network_relay as it's more secure 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-03-27 14:27:08 +01:00
Michal Konecny
ed6e67512e [mailman3] Add ssl configuration for apache 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-03-26 16:22:07 +01:00
Michal Konecny
0a1fbd509f [mailman3] Use gunicorn instead of apache 
Use apache only as reverse proxy, but run mailman-web through gunicorn.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-03-26 15:18:58 +01:00
Michal Konecny
cd83c8377c [mailman3] Create the bin directory 
We need at least one script that is useful, let's add it somewhere.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-03-26 11:58:23 +01:00
Michal Konecny
301cb90d7e [mailman3] Add prod-to-stg script 
The script was missing in files, let's add it.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-03-26 11:16:45 +01:00