fedora-infra_ansible

mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-03 01:24:36 +08:00

Author	SHA1	Message	Date
Patrick Uiterwijk	d56a613b5d	Remove stray characters Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2018-02-12 15:26:13 +01:00
Patrick Uiterwijk	f73b9f8934	Open firewall port to pagure proxy Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2018-02-12 15:21:34 +01:00
Patrick Uiterwijk	18f1320eb3	Support secondary IP Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-02-10 21:12:27 +00:00
Patrick Uiterwijk	da7f7f89eb	Commit to our changes Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-02-08 15:39:49 +00:00
Patrick Uiterwijk	ce78bf8497	Nat table has different entries Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-02-08 15:38:58 +00:00
Patrick Uiterwijk	0bfb2a2d1f	nat_rules go into the nat table Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-02-08 15:37:20 +00:00
Patrick Uiterwijk	40fbf2d575	Do not remove all whitespace Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-02-08 15:31:24 +00:00
Patrick Uiterwijk	d5ce7a014e	Add nat-rules Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-02-08 15:30:13 +00:00
Patrick Uiterwijk	c18ea6b658	Allow mmfrontend-checkin to connect to VPN Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-01-13 13:59:53 +00:00
Patrick Uiterwijk	c2493bc677	Allow access to repos Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-01-11 23:05:01 +00:00
Patrick Uiterwijk	f94a5f94cd	Also allow dns out Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-01-11 23:02:44 +00:00
Patrick Uiterwijk	eb2fab3c6a	Add iptables for mm-frontend-checkin01 Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-01-11 22:36:11 +00:00
Patrick Uiterwijk	54399eb157	If I say disabled, do not enable Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-12-22 02:19:30 +01:00
Patrick Uiterwijk	4d7f15164c	Allow interfaces to be marked as explicitly disabled Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-12-22 02:15:04 +01:00
Stephen Smoogen	02938f63ad	we need to update this in 2 places and run it on logs and people	2017-12-20 21:37:46 +00:00
Patrick Uiterwijk	42da45351c	Fix koji service accounts with gssapi Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-12-04 14:41:01 +00:00
Patrick Uiterwijk	9527cce666	Allow builders to proxy101 and proxy110 Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-12-02 10:51:53 +00:00
Patrick Uiterwijk	894a0cc805	FedoraHosted is not anymore Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-12-01 12:54:34 +00:00
Kevin Fenzi	21c5d61f43	Revert "look, some whitespace changes" This reverts commit `b1201baec0`.	2017-10-12 21:58:16 +00:00
Kevin Fenzi	b1201baec0	look, some whitespace changes	2017-10-12 21:54:21 +00:00
Kevin Fenzi	9108a0d6fe	now that we have staging moved to its own subnet, we can just block that entire thing in prod iptables and no longer need to change everytime a stg machine appears or disappears.	2017-10-04 16:40:55 +00:00
Stephen Smoogen	e3c0199dad	make another set of stg ip changes	2017-09-29 15:24:58 +00:00
Patrick Uiterwijk	08ab5dd6f0	Add missing .stg.phx2.fp.o to krb5.conf. If env will be removed after freeze Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-09-15 20:27:02 +00:00
Adam Williamson	cac1fb41ab	openqa tap workers: allow masquerade on eth2 also, for ppc64 Signed-off-by: Adam Williamson <awilliam@redhat.com>	2017-09-09 11:14:55 -07:00
Patrick Uiterwijk	dae3290dd7	Add dns1 and dns2 for nm-controlled resolv.conf Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-08-21 21:01:08 +00:00
Patrick Uiterwijk	d12cedc5d3	Allow NM-controlled DNS if intended Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-08-21 20:58:55 +00:00
Patrick Uiterwijk	d0c938a7e9	Open firewall enough from s390x-01 for sshfs Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-08-12 01:02:13 +00:00
Patrick Uiterwijk	1bf3eacc7c	Teach ansible about the enc900 interface on s390 Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-07-14 02:53:27 +00:00
Stephen Smoogen	68e2a472b3	How beauteous mankind is! O brave new world	2017-06-26 19:03:03 +00:00
Stephen Smoogen	06be05edfb	cut down the list of hosts external	2017-06-23 19:19:18 +00:00
Kevin Fenzi	d860015a28	lets try this s390 caching again	2017-05-14 18:30:14 +00:00
Stephen Smoogen	cf89a2516d	and we will try nagios templates	2017-04-11 21:18:04 +00:00
Stephen Smoogen	dfd088ab5e	put in many changes for new nagios server	2017-04-06 23:50:44 +00:00
Stephen Smoogen	cc4a91a1eb	stage a template to replace syncHttpLogs.sh someday	2017-03-17 19:43:11 +00:00
Patrick Uiterwijk	ec68c3ce39	Make it not match autocloud01 Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-02-08 14:31:56 +00:00
Patrick Uiterwijk	a90e9070cd	No stg ip override in cloud Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-02-08 14:07:25 +00:00
Kevin Fenzi	4588fedfb2	also allow tcp dns for builders	2017-01-16 16:41:44 +00:00
Stephen Smoogen	d35ef94142	no reverse klingon logic in which files to fix	2017-01-10 23:48:57 +00:00
Patrick Uiterwijk	cd50a3c55d	Disable rdns on masters Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2016-12-22 16:51:57 +00:00
Patrick Uiterwijk	d8b121b2df	Make sure all machines know which realm to use Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2016-12-20 08:26:18 +00:00
Kevin Fenzi	7e9d4e4700	more s390 move changes	2016-12-07 15:58:41 +00:00
Kevin Fenzi	77ff2a473b	Set NM_CONTROLLED=yes in our hosts that are in fact NM_CONTROLLED.	2016-12-05 17:21:47 +00:00
Kevin Fenzi	6c9392f89a	fix missing close in jinja template for ipa masters config	2016-12-05 17:06:17 +00:00
Patrick Uiterwijk	1652f6776c	Only apply on stg for now Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2016-12-04 03:13:26 +00:00
Patrick Uiterwijk	793fe47fec	No canonicalization or rdns Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2016-12-04 03:12:45 +00:00
Patrick Uiterwijk	9d2343a72d	RHEL6 doesn't have the https proxy Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2016-11-29 16:19:34 +00:00
Patrick Uiterwijk	39672c66f2	Use id.fp.o for krb everywhere Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2016-11-28 08:57:20 +00:00
Patrick Uiterwijk	0bc8c56f06	This is also env-dependant Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2016-11-23 18:17:29 +00:00
Patrick Uiterwijk	b88c5c4da6	Seems IPA masters need a different krb5 conf Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2016-11-23 18:13:24 +00:00
Patrick Uiterwijk	ea1f97809a	Make builders use the https proxy for krb Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2016-11-03 13:02:48 +00:00

1 2 3 4

162 Commits