WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-25 02:50:15 +08:00
Code Issues Packages Projects Releases Wiki Activity
15,256 Commits 9 Branches 0 Tags
5a316c72d414857d6772ad48e9cef19aec00a3ca
Commit Graph

383 Commits

Author SHA1 Message Date
Kevin Fenzi
ad51691c60 fix syntax error 2016-10-17 19:57:42 +00:00
Kevin Fenzi
b462a78248 use correct group name 2016-10-17 19:55:42 +00:00
Kevin Fenzi
6d6f6635d6 Attempt to limit pg access to clients that need it only. 2016-10-17 19:53:05 +00:00
Patrick Uiterwijk
c24963b18c Set domain realm for krb5 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-10-14 20:45:03 +00:00
Patrick Uiterwijk
9164552f6f Put krb5.conf in base role 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-10-13 17:57:17 +00:00
Kevin Fenzi
173902e4fc tweak base role interfaces for docker networks 2016-10-10 22:50:20 +00:00
Stephen Smoogen
e8bc82f0a7 remove the entries to noc02 that wont work because that hostnmae doesnt exist 2016-09-30 15:23:54 +00:00
Patrick Uiterwijk
1e9441af9b Install complete.crt into .crt 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-09-27 18:21:10 +00:00
Patrick Uiterwijk
905ef28ad2 Install gateway cert with intermediate cert 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-09-27 18:15:04 +00:00
Stephen Smoogen
e13358ccd8 push the tls change out to the smtp-mm boxes 2016-09-27 17:37:21 +00:00
Kevin Fenzi
41cee6c129 Fix the order of this handler 2016-09-27 16:35:29 +00:00
Kevin Fenzi
4302a23215 Swap the order of these handlers so it does the map, then the postfix restart. 2016-09-27 16:09:32 +00:00
Stephen Smoogen
a875430ac8 too much email still requires ipv4 only and our ipv6 reverse doesnt work here 2016-09-27 15:37:37 +00:00
Stephen Smoogen
39459ede7d rebuild then restart 2016-09-27 03:34:39 +00:00
Stephen Smoogen
626a00c257 tls_ssl_options not implemented in our postfix 2016-09-27 03:28:39 +00:00
Stephen Smoogen
865dc57de9 call it a crt not a csr 2016-09-27 03:25:37 +00:00
Stephen Smoogen
2c055ba46e and we need to have a trigger 2016-09-27 03:08:25 +00:00
Stephen Smoogen
379340b456 and put in the items kevin asked for. 2016-09-27 03:00:03 +00:00
Stephen Smoogen
6780736eb3 lets try another go at patching 2016-09-27 01:46:38 +00:00
Stephen Smoogen
d2764137e5 try this patch set on for size to get tls working with smtp 2016-09-27 01:10:46 +00:00
Patrick Uiterwijk
ebf41c6366 Also delivery master.cf to noc02 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-09-24 00:51:05 +00:00
Stephen Smoogen
bf85ec58dd why? 2016-09-24 00:41:31 +00:00
Stephen Smoogen
caa5411057 I broke it so I need to buy it. 2016-09-24 00:38:10 +00:00
Stephen Smoogen
2d05f9675d try to put in place smtp files for noc02 to use smtp-ipv4 vs ipv6 for google 2016-09-23 23:42:08 +00:00
Kevin Fenzi
42afc9a637 Fix a bunch of places that didn't use the full correct mode 2016-08-08 19:53:57 +00:00
Kevin Fenzi
04a52b8667 Death to all trailing whitespace. 2016-08-08 19:36:31 +00:00
Patrick Uiterwijk
9fbe49b3bc Make this really norelay 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-07-23 15:50:02 +00:00
Kevin Fenzi
90b8c96e6c remove debugging, set base to always set hostname 2016-07-18 21:48:09 +00:00
Kevin Fenzi
28f1b6427b drop no longer existant download-rdus from this script 2016-07-13 16:48:51 +00:00
Patrick Uiterwijk
6e0178e000 osbs-stg will use the normal iptables, and will get docker iptables via a script 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-07-05 19:16:59 +00:00
Kevin Fenzi
bca365bbf4 Until I can figure out this nameserver thing, don't track dns requests to keep conntrack tables not full 2016-06-30 16:19:38 +00:00
Kevin Fenzi
5623bc1967 ppc8-04 is a hw builder 2016-06-27 14:07:52 +00:00
Kevin Fenzi
2209cb5efa drop bodhost01 and proxy07 2016-05-31 16:48:17 +00:00
Kevin Fenzi
d59f480002 Update ip address for ppc hub. 2016-05-20 16:09:17 +00:00
Kevin Fenzi
8da3c329b9 Switch mm-smtp servers to send to mailman01 instead of relaying via collab03. 
Also, remove the old transports file which as far as I can tell is not used by anything.
 2016-05-18 20:45:12 +00:00
Kevin Fenzi
9fe0726ddb Try this and see if it works any differently. 2016-05-14 17:49:50 +00:00
Aurélien Bompard
c115f786ae Bypass spam checking for emails from Mailman 2016-05-12 12:11:23 +00:00
Aurélien Bompard
6d3d810683 Fixup activation of SpamAssassin on Mailman 2016-05-12 09:31:18 +00:00
Aurélien Bompard
5241b6f601 Add Spamassassin to Mailman 2016-05-12 09:08:58 +00:00
Kevin Fenzi
a32f8b9e4a Change ansible_fqdn to inventory_hostname. This fixes some few hosts that have incorrect reverse dns 
and shouldn't break any others since we always use fully qualified in our inventory.
 2016-05-11 15:08:50 +00:00
Patrick Uiterwijk
b015134235 OSBS needs prod kojipkgs 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-05-10 22:08:35 +00:00
Patrick Uiterwijk
1777c84e0f Osbs needs access to kojipkgs 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-05-10 16:01:27 +00:00
Patrick Uiterwijk
87b7aeca1e Nobody asked docker to override dns servers, yet it does 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-05-09 21:35:11 +00:00
Patrick Uiterwijk
d8b4efb68a Allow all traffic over the docker0 interface 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-05-09 21:16:22 +00:00
Patrick Uiterwijk
4ddee387ea Seems it tries to use koji stg over http... 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-05-09 20:56:53 +00:00
Patrick Uiterwijk
4ffd3342d5 Allow https clone from pkgs.stg 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-05-09 20:45:12 +00:00
Patrick Uiterwijk
d1cecec937 Prod != stg 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-05-09 20:38:27 +00:00
Patrick Uiterwijk
44dad913e5 Add iptables for osbs build 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-05-09 19:45:37 +00:00
Adam Williamson
b0b7dc9b47 openqa/worker: give up on GRE, single tap host instead 
OK, this GRE crap ain't working. Let's give up! Instead let's
have one tap-capable host per openQA deployment, so all the
tap jobs will go to it. This...should achieve that. Let's see
what blows up.
 2016-05-05 14:10:46 -07:00
Adam Williamson
62dbe6e6dc openqa: fix iptables stuff 
apparently host_group is not the same thing as inventory group.
 2016-04-27 18:51:09 -07:00