WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-03-20 03:57:02 +08:00
Code Issues Packages Projects Releases Wiki Activity
45,349 Commits 9 Branches 0 Tags
68ec08de9f4dd3eeb78b01b515fbba6394638a59
Commit Graph

86 Commits

Author SHA1 Message Date
James Antill
ae0c64cc69 rkhunter: Skip on el10. 
Signed-off-by: James Antill <james@and.org>
 2025-10-22 12:38:56 -04:00
Michal Konecny
2ec055db6f Use first uppercase letter for all handlers 
This will unify all the handlers to use first uppercase letter for
ansible-lint to stop complaining.

I went through all `notify:` occurrences and fixed them by running
```
set TEXT "text_to_replace"; set REPLACEMENT "replacement_text"; git grep
-rlz "$TEXT" . | xargs -0 sed -i "s/$TEXT/$REPLACEMENT/g"
```

Then I went through all the changes and removed the ones that wasn't
expected to be changed.

Fixes https://pagure.io/fedora-infrastructure/issue/12391

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2025-02-10 20:31:49 +00:00
Ryan Lerch
47c68f478d ansiblelint fixes - fqcn[action-core] - template to ansible.builtin.template 
Replaces references to template: with ansible.builtin.template

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 11:30:29 +10:00
Ryan Lerch
25391e95b7 ansiblelint fixes - fqcn[action-core] - package to ansible.builtin.package 
Replaces many references to  package: with ansible.builtin.package

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 11:28:00 +10:00
Ryan Lerch
6a3816dfdc ansiblelint fixes-- fqcn[action-core] - copy to ansible.builtin.copy 
Replaces many references to 'copy' with ansible.builtin.copy

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-15 10:43:31 +10:00
Ryan Lerch
691adee6ee Fix name[casing] ansible-lint issues 
fix 1900 failures of the following case issue:

`name[casing]: All names should start with an uppercase letter.`

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2025-01-14 20:20:07 +10:00
Kevin Fenzi
09e932080c rkhunter: adjust for f41+ journald.conf default 
On Fedora 41 /etc/systemd/journald.conf isn't shipped by default anymore.
Instead /usr/lib/systemd/journalc.conf is the default
On RHEL and older Fedora's we can just not set this and it will
find the default one.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-11-24 14:55:13 -08:00
Kevin Fenzi
a462e96836 rkhunter: adjust ipa rules a bit more 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-02 10:52:08 -07:00
Kevin Fenzi
998959d683 rkhunter: adjust some paramters to avoid false positives 
zabbix_agent uses shm (and a fair bit of it), so bump that check up all
around.
Change the ipa whitelist, as it's changed files in new ipa.
There's no longer a system subdir involved.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-04-01 09:28:54 -07:00
Kevin Fenzi
4a6cb460ca buildvm_s390x in boston: retire 
We have moved over to the rdu mainframe, drop all the bos kvm hosts.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-02-27 08:33:41 -08:00
Kevin Fenzi
20dc948173 notifs (old fmn): retire 
We are retiring this in favor of the new service.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-15 12:28:28 -08:00
David Kirwan
9c3a24e79a zabbix: Zabbix production configuration 2023-11-09 12:55:26 +00:00
Kevin Fenzi
605f282f7b rkhunter: adjust email for rkhunter 
I don't think Patrick and Mark care about these emails anymore.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-09-22 10:23:07 -07:00
Stephen Smoogen
7d7d0bf0a8 Remove smooge from various aliases 
Currently, I (Stephen Smoogen) do not have the time to work on Fedora
system administration items. However, I get a lot of email and people
see my email address in various places to ping me for working on
things. I feel it would be better to remove myself from those places
and let Fedora Infrastructure add someone else to replace me when it
is possible to do so.

Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>
 2023-07-17 23:34:18 +00:00
Kevin Fenzi
36eab9026b rkhunter: exclude the apache balancer shm files 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-03-31 21:10:37 -07:00
Kevin Fenzi
c0fbfa39be rkhunter: allow hidden man pages for containers-common 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-11-19 09:26:02 -08:00
Kevin Fenzi
a5dc93c76d rkhunter: adjust for rhel9 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-01 12:02:17 -07:00
Kevin Fenzi
18f4d49a9d rkhunter: fix bit of dyslexia 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-05-13 12:41:05 -07:00
Kevin Fenzi
e204d82994 rkhunter: add releng_compose_stg for podman use 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-05-13 12:39:42 -07:00
Kevin Fenzi
68d9114494 adjust rkhunter some more for podman and postgres 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-05-03 09:29:30 -07:00
Kevin Fenzi
f15f545d8a Add some missing or's. Conjunction junction. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-05-01 21:55:33 -07:00
Kevin Fenzi
bb23884017 adjust rkhunter rules 
Include staging db servers as postgres
drop a bunch of old squid rules from kojipkgs (it uses varnish now)

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-05-01 21:50:43 -07:00
Stephen Smoogen
2adb66f4d5 General cleanup of aliases and add mobrien to various places. 
Remove old smooge lines
Remove centos box which is no longer existant.

Signed-off-by: Stephen Smoogen <smooge@smoogespace.com>
 2021-03-23 16:52:20 +00:00
Kevin Fenzi
af0253afe5 clean up some more openqa_stg vs openqa_lab 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-09-21 15:24:03 -07:00
Kevin Fenzi
20b1b72e56 rkhunter: Adjust template to work with current database servers. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-06-16 15:07:02 -07:00
Stephen Smoogen
e2a8626eee start standing up openqa for iad2 2020-05-29 11:42:14 -04:00
Tim Flink
77adf20745 rkhunter: removing taskotron group references 2020-05-22 15:02:17 -06:00
Kevin Fenzi
74866ebb8b rkhunter: drop the extra endif here that was breaking the template 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-13 10:58:39 -07:00
Kevin Fenzi
2882e32341 rkhunter: pagure-stg01 also now has a postgresql shm file 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-13 10:49:05 -07:00
Kevin Fenzi
abc8a2ad85 two last small scraps leftover from ci-cc 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:19 +02:00
Kevin Fenzi
9b14a4aaf5 proxies: adjust rkhunter for new non root mirrorlist pods 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:14 +02:00
Kevin Fenzi
738779a150 rkhunter: just install on all machines that include the role. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:13 +02:00
Kevin Fenzi
03aff34bd2 rkhunter: fix the fact that f30+ don't install ifup/ifdown from network-scripts anymore. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:11 +02:00
Kevin Fenzi
81fb4582e7 ansible: change when conditions to use == instead of is when checking strings. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:10 +02:00
Karsten Hopp
c9ed62ac32 update ansible_distribution_major_version conditionals 
Signed-off-by: Karsten Hopp <karsten@redhat.com>
 2020-04-24 21:34:10 +02:00
Kevin Fenzi
ddad0d396c rkhunter / osbs: newest fedora doesn't use network-scripts by default, so don't check ifup/ifdown. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:09 +02:00
Kevin Fenzi
e729cd4fb0 rkhunter: also drop promic test on buildvmhost-s390x as the birdge has to be in that mode. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2019-07-10 18:28:00 +00:00
Kevin Fenzi
5a79337b8c rkhunter: Fix some over changed _s back to -s 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2019-06-20 16:20:04 +00:00
Karsten Hopp
0516df54c1 rkhunter: dnf->package 2019-06-11 16:08:43 +00:00
Kevin Fenzi
4b31ac5152 ansible: Change all our group names from foo-bar to foo_bar or foo-bar-baz to foo_bar_baz 
In ansible 2.8 the - character isn't supposed to be valid in group names.
While we could override this, might has well just bite the bullet and change it.
So, just switch all group names to use _ instead of -

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2019-05-20 17:38:09 +00:00
Kevin Fenzi
b8d73fde1e proxies: allow another shm file that apache seems to make now. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2019-04-11 04:36:10 +00:00
Kevin Fenzi
18ca69b231 just globally allow .java 2018-12-03 16:28:25 +00:00
Kevin Fenzi
4e59394183 more machines have .java now 2018-12-02 20:38:10 +00:00
Kevin Fenzi
b3a9cb6df6 add new fips junk that just landed in f28 for some reason 2018-07-14 18:28:57 +00:00
Kevin Fenzi
23335a4eb5 fix false positive on db-qa03 2018-07-01 18:42:29 +00:00
Kevin Fenzi
aabe4115b5 try and simplify 2018-04-06 05:38:25 +00:00
Kevin Fenzi
6699d4ed8e fix space 2018-04-06 05:34:04 +00:00
Kevin Fenzi
180cc21c6a fix typo 2018-04-06 05:31:38 +00:00
Kevin Fenzi
52c43d2148 adjust shm size check for postgres servers 2018-04-06 05:26:20 +00:00
Kevin Fenzi
2622dea3c4 drop db-koji02.stg from inventory 2018-03-21 17:44:36 +00:00