WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-01 14:02:12 +08:00
Code Issues Packages Projects Releases Wiki Activity
11,289 Commits 9 Branches 0 Tags
65c3812c3191b4b201aedf8aec2e76e0528fa2fd
Commit Graph

262 Commits

Author SHA1 Message Date
Kevin Fenzi
c779582362 Set sshd Protocol here to 2, this makes rkhunter happy hopefully. 2015-12-11 04:11:38 +00:00
Dennis Gilmore
1fb2627410 allow the builders to talk o kojipkgs on port 443 
Signed-off-by: Dennis Gilmore <ausil@fedoraproject.org>
 2015-12-09 20:08:09 +00:00
Kevin Fenzi
9066854b56 Drop backup for test 2015-12-09 19:20:25 +00:00
Kevin Fenzi
7b97a1246e Revert "Drop validate just for a test" 
This reverts commit 19ed9254b8.
 2015-12-09 19:19:51 +00:00
Kevin Fenzi
19ed9254b8 Drop validate just for a test 2015-12-09 19:19:10 +00:00
Kevin Fenzi
0bd796a739 This is /sbin on rhel6 hosts and should work on rhel7 too 2015-12-09 18:33:04 +00:00
Kevin Fenzi
82902fd1c0 Does this work now? 2015-12-09 18:27:01 +00:00
Kevin Fenzi
5e4bb96eb5 Lets sort staging hosts in iptables template too 2015-12-09 18:00:12 +00:00
Kevin Fenzi
8f7ef04c2a Add dnf-automatic as a required role for base. This will enable it on all Fedora machines. 2015-12-09 17:35:23 +00:00
Dennis Gilmore
312ac98ff5 fedorahosted server moved and we did not update the iptables rules 
Signed-off-by: Dennis Gilmore <ausil@fedoraproject.org>
 2015-12-09 04:26:45 +00:00
Kevin Fenzi
bd72a45ef0 Add closing conditional 2015-12-08 19:36:56 +00:00
Kevin Fenzi
4cbb6d909e Switch builders to use bastion01/02 for ntp 2015-12-08 19:34:58 +00:00
Kevin Fenzi
a5007ba910 Move ntp to a template. In phx2 non bastion01/02 hosts will use bastion01/02 and those will use the normal rhel pools. 2015-12-08 19:33:29 +00:00
Till Maas
be5c2eb707 Fix validate syntax 2015-12-07 20:15:23 +01:00
Till Maas
1b28aecdcf Validate iptables files before restoring 2015-12-07 20:10:09 +01:00
Patrick Uiterwijk
38effbb69b This hotfix is now reverted, and should be deleted 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-12-03 17:16:01 +00:00
Patrick Uiterwijk
ba2a83b96a Remove digicert hotfix 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-12-03 17:05:29 +00:00
Patrick Uiterwijk
ac05dd73f8 But rhel6 does not hae usr unification 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-12-03 15:08:23 +00:00
Patrick Uiterwijk
8b82bc20ef This also seems to exist on RHEL6 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-12-03 15:06:35 +00:00
Patrick Uiterwijk
0bf133caa3 Fix path 2015-12-03 15:03:24 +00:00
Patrick Uiterwijk
8deaa480b0 Jinja2-ize 2015-12-03 15:01:54 +00:00
Patrick Uiterwijk
10ec5b518f Add temporary digicert hotfix 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-12-03 14:59:57 +00:00
Kevin Fenzi
dcfc795f4e Hey look. Some new ntp servers. 2015-12-02 21:13:57 +00:00
Kevin Fenzi
5585dacf50 Add ceylon-lang.org to transports so it delivers correctly. 2015-12-02 00:17:27 +00:00
Kevin Fenzi
f64646fec2 Revert "install python-dnf on F22+" 
This reverts commit b1c890974c.
 2015-11-30 20:23:54 +00:00
Miroslav Suchý
b1c890974c install python-dnf on F22+ 2015-11-30 08:07:23 +01:00
Kevin Fenzi
17d96e5da9 Add a conditional-reload script and use it so we can not fail on hosts with no httpd installed. 2015-11-13 23:49:38 +00:00
Kevin Fenzi
352c1a2838 think we need and here. 2015-11-10 21:08:25 +00:00
Ricky Elrod
edc4b7067d watchdog-ify staging, hopefully 
Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
 2015-11-10 20:11:11 +00:00
Peter Robinson
595c222baf kojibuilder: add ppc hub to firewall 2015-10-13 03:02:45 +00:00
Kevin Fenzi
f6722659e5 Switch sshd config for f22/f23 to explicitly say only v2 protocol, adjust rkhunter for this. 2015-10-09 19:32:51 +00:00
Kevin Fenzi
96d1784001 Adjust rkhunter and sshd config for releng so they stop alerting. 2015-10-08 16:42:13 +00:00
Kevin Fenzi
b03b871080 Drop *.info on the mirrorlist servers as that causes a ton of traffic to log01 2015-10-07 15:30:26 +00:00
Kevin Fenzi
981f1906a1 Add f22 and f23 sshd configs 2015-09-27 16:04:35 +00:00
Kevin Fenzi
1dd79c9801 Remove mentions of lockbox01. 2015-09-25 18:49:17 +00:00
Stephen Smoogen
3be0ca58fa and we have nagios-external 2015-09-01 23:05:58 +00:00
Stephen Smoogen
b74a402571 and we remove proxy09 2015-09-01 22:13:09 +00:00
Kevin Fenzi
096a7204a2 Fix out ntp setup to use 5 ip's from the rhel.pool.ntp.org pool. 2015-08-31 16:32:10 +00:00
Mikolaj Izdebski
80a2b5c6bb Remove configuration for old jenkins 2015-08-26 16:51:39 +00:00
Mikolaj Izdebski
11840759fa Add custom resolv.conf for jenknis in new cloud 2015-08-26 16:49:26 +00:00
Kevin Fenzi
eb61b06a56 Fix resolv.conf on s390 koji for good hopefully. 2015-08-23 19:33:49 +00:00
Kevin Fenzi
237a7113fd Take out releng04/relepel01/bodhi01/bodhi02. 2015-08-21 19:17:59 +00:00
Aurélien Bompard
278c215cce Rollback migration of lists.fedorahosted.org 2015-08-21 15:48:50 +00:00
Aurélien Bompard
5b5c83d4de Update the Mailman role after addition of fedorahosted 2015-08-21 10:43:32 +00:00
Kevin Fenzi
4d72631446 Make sure all hosts have at least 2 nameservers and rotate with 1 sec timeout. 2015-08-19 18:52:51 +00:00
Ralph Bean
08ca54945c Copy prod fedmsg iptables loop to staging. 2015-08-18 03:47:44 +00:00
Kevin Fenzi
371b97ead5 Fix some typos 2015-08-15 15:27:50 +00:00
Kevin Fenzi
f28aad573d Use fas-all ips instead of name, as dns may not yet be on at boot. 2015-08-15 15:16:03 +00:00
Aurélien Bompard
bdff5cf7bf Set the postfix main.cf file for the new lists-dev 2015-07-31 08:33:12 +00:00
Mikolaj Izdebski
d3af309a12 Jenkins: don't try to relay mail through bastion 2015-07-30 15:06:17 +00:00