WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-26 19:42:55 +08:00
Code Issues Packages Projects Releases Wiki Activity
14,670 Commits 9 Branches 0 Tags
37fada00a71c09ef569bea8e522bdfff285913ff
Commit Graph

359 Commits

Author SHA1 Message Date
Kevin Fenzi
42afc9a637 Fix a bunch of places that didn't use the full correct mode 2016-08-08 19:53:57 +00:00
Kevin Fenzi
04a52b8667 Death to all trailing whitespace. 2016-08-08 19:36:31 +00:00
Patrick Uiterwijk
9fbe49b3bc Make this really norelay 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-07-23 15:50:02 +00:00
Kevin Fenzi
90b8c96e6c remove debugging, set base to always set hostname 2016-07-18 21:48:09 +00:00
Kevin Fenzi
28f1b6427b drop no longer existant download-rdus from this script 2016-07-13 16:48:51 +00:00
Patrick Uiterwijk
6e0178e000 osbs-stg will use the normal iptables, and will get docker iptables via a script 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-07-05 19:16:59 +00:00
Kevin Fenzi
bca365bbf4 Until I can figure out this nameserver thing, don't track dns requests to keep conntrack tables not full 2016-06-30 16:19:38 +00:00
Kevin Fenzi
5623bc1967 ppc8-04 is a hw builder 2016-06-27 14:07:52 +00:00
Kevin Fenzi
2209cb5efa drop bodhost01 and proxy07 2016-05-31 16:48:17 +00:00
Kevin Fenzi
d59f480002 Update ip address for ppc hub. 2016-05-20 16:09:17 +00:00
Kevin Fenzi
8da3c329b9 Switch mm-smtp servers to send to mailman01 instead of relaying via collab03. 
Also, remove the old transports file which as far as I can tell is not used by anything.
 2016-05-18 20:45:12 +00:00
Kevin Fenzi
9fe0726ddb Try this and see if it works any differently. 2016-05-14 17:49:50 +00:00
Aurélien Bompard
c115f786ae Bypass spam checking for emails from Mailman 2016-05-12 12:11:23 +00:00
Aurélien Bompard
6d3d810683 Fixup activation of SpamAssassin on Mailman 2016-05-12 09:31:18 +00:00
Aurélien Bompard
5241b6f601 Add Spamassassin to Mailman 2016-05-12 09:08:58 +00:00
Kevin Fenzi
a32f8b9e4a Change ansible_fqdn to inventory_hostname. This fixes some few hosts that have incorrect reverse dns 
and shouldn't break any others since we always use fully qualified in our inventory.
 2016-05-11 15:08:50 +00:00
Patrick Uiterwijk
b015134235 OSBS needs prod kojipkgs 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-05-10 22:08:35 +00:00
Patrick Uiterwijk
1777c84e0f Osbs needs access to kojipkgs 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-05-10 16:01:27 +00:00
Patrick Uiterwijk
87b7aeca1e Nobody asked docker to override dns servers, yet it does 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-05-09 21:35:11 +00:00
Patrick Uiterwijk
d8b4efb68a Allow all traffic over the docker0 interface 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-05-09 21:16:22 +00:00
Patrick Uiterwijk
4ddee387ea Seems it tries to use koji stg over http... 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-05-09 20:56:53 +00:00
Patrick Uiterwijk
4ffd3342d5 Allow https clone from pkgs.stg 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-05-09 20:45:12 +00:00
Patrick Uiterwijk
d1cecec937 Prod != stg 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-05-09 20:38:27 +00:00
Patrick Uiterwijk
44dad913e5 Add iptables for osbs build 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-05-09 19:45:37 +00:00
Adam Williamson
b0b7dc9b47 openqa/worker: give up on GRE, single tap host instead 
OK, this GRE crap ain't working. Let's give up! Instead let's
have one tap-capable host per openQA deployment, so all the
tap jobs will go to it. This...should achieve that. Let's see
what blows up.
 2016-05-05 14:10:46 -07:00
Adam Williamson
62dbe6e6dc openqa: fix iptables stuff 
apparently host_group is not the same thing as inventory group.
 2016-04-27 18:51:09 -07:00
Adam Williamson
59e76a7f37 add an 'ansible_ifcfg_whitelist' feature and use it for openqa 
semi-acked by nirik (but he'll deny it furiously and it's all
my fault if everything blows up): for openQA's openvswitch
stuff I need a 'br0' and a 'tap0' that I don't want the base
role to mess with, but I *do* want the base role to configure
eth0 for me. ansible_ifcfg_blacklist isn't granular enough. So
let's invent ansible_ifcfg_whitelist, which if defined is a
list of interface names you want the base role to configure.
Any interface not in the list is left alone.
 2016-04-27 18:38:57 -07:00
Adam Williamson
178bffc9d0 openqa: setup firewall rules for openqa openvswitch guests 
they need to talk to the bridge and to each other. their
traffic is not directly routed over the bridge, it is NAT'ed,
hence the masquerade rule.
 2016-04-27 17:20:25 -07:00
Michael Scherer
189260776c Move ntp setup in a role 
Since base install ntp on all platforms, we can skip the vars
and place it by default (next step is to convert the
few playbooks duplicating the role)
 2016-04-16 17:47:36 +00:00
Todd Zullinger
b374a0ff03 base: only set PS1 for prod/stage for interactive sessions 
Setting PS1 for non-interactive shells doesn't make sense.  Using tput
in the PS1 causes spurious errors to be logged:

    tput: No value for $TERM and no -T specified
    tput: No value for $TERM and no -T specified

Resolves: #5234
 2016-04-14 23:28:35 +00:00
Mikolaj Izdebski
e84a937620 Improve scripts for setting PS1 2016-04-13 23:15:42 +00:00
Kevin Fenzi
193bdc7ba1 Move bodhi02.stg to bodhi01.stg since it's not booting right anyhow. 2016-04-11 19:28:13 +00:00
aikidouke
32f675c261 added tag "prompt" 2016-04-11 13:51:32 +00:00
aikidouke
0dcf06601e set prod/stg colored PS1 depending on env == staging or production 
remove from testing on badges and added to base role
 2016-04-11 13:42:29 +00:00
Kevin Fenzi
abdf1d310d Try this 2016-04-10 16:39:20 +00:00
Kevin Fenzi
5479f08c80 Try and fix watchdog so it doesn't try and install everywhere breaking everything. ;) 2016-04-10 16:33:32 +00:00
Michael Scherer
833269b151 Split postfix in a separate file for clarity 2016-04-09 20:28:14 +00:00
Kevin Fenzi
71684be33c Try and fix up this to work when running with tags that aren't in watchdog tags 2016-04-09 20:16:51 +00:00
Peter Robinson
e1b4ecc674 koji builder: add s390 hub to firewall 2016-04-08 15:52:21 +00:00
aikidouke
0432eca89a Good idea to not delete the base role.. 2016-04-05 21:34:13 +00:00
aikidouke
01bca326b1 Merge branch 'prodprompt' 
Conflicts:
	roles/base/tasks/main.yml
 2016-04-05 18:49:16 +00:00
Kevin Fenzi
8a9e586794 A whitespace change 2016-04-04 21:19:11 +00:00
Kevin Fenzi
5d9e56a45e Move a copy of this handler to the base role 2016-04-04 21:17:55 +00:00
Kevin Fenzi
dd37aa4965 Fix typo 2016-04-04 21:06:40 +00:00
Michael Scherer
2f26bd0f63 Refactor the condition to setup the watchdog with a block 2016-04-04 19:22:14 +00:00
Michael Scherer
2b470d2fa0 Use package module, so we can simplify the package installation 2016-04-04 19:22:12 +00:00
Michael Scherer
465f1d0cb0 Split watchdog related setup in a separate file 2016-04-04 19:22:09 +00:00
Dennis Gilmore
4dd019ffb9 allow the builders to access pagure.io on port 443 
Signed-off-by: Dennis Gilmore <ausil@fedoraproject.org>
 2016-04-04 17:12:56 +00:00
Kevin Fenzi
109c0ece10 Move some handlers around. Some to just base but some also to base. 2016-03-30 15:06:15 +00:00
Kevin Fenzi
dc775203ae We also don't want to track the torrent connections the other direction either. 2016-03-30 14:51:12 +00:00