This ip had hit release-monitoring.org like 5,000,000 times in the
course of a few hours and swamped it's web pod.
Lets block it for now and see if anyone complains.
If this is you: please add some rate limiting.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
The x86 ones are now in rdu3 and reinstalled with rhel10.
All the power9 ones are in rdu3 and reinstalled.
So, we should just enable nbde on all of them.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
There's no need to keep ocp-rdu3 around anymore, we only used
it when we were moving datacenters last year.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Seems like the proxies don't want to handle port 80 nicely, I get
errors in Zabbix for them using localhost:80/apache-status (which
works elsewhere, like sundries). However using https/443 seems to
work, so we'll do that instead.
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
Fix https://github.com/fedora-copr/copr/issues/4001
I updated the `copr_builder_images.hypervisor.x86_64` even though the image is
not uploaded there yet because the HV is currently down.
Somebody needs to run this when it gets back online:
STAMP=$(date -I) \
ARCHES=x86_64 \
TARGETS=libvirt \
copr-upload-builder-images /var/lib/copr/public_html/images/2026-01-14/
This removes the known-good things we've had in Zabbix for a while -
RAID, disk space, processes, and mail queue. It also removes swap which
we've decided we don't need.
Also includes some FS overrides on the Zabbix side so the relevant
NFS mounts get monitored on the OCI, and pkgs hosts, as per Nagios had.
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
Anubis was accidentally enabled for all traffic (/) instead of just
the /coprs/ web UI. This caused unnecessary bot challenges for API
clients, dnf/yum, and other automated tools.
Use Anubis BASE_PREFIX to cleanly protect only specific endpoints:
- Frontend: /coprs/ (web UI)
- Dist-git: /{{ cgit_uri }}/ (package browser)
https://anubis.techaro.lol/docs/admin/installation#using-base-prefix
I hope I got this right. This IP is trying Little Bobby Tables
attacks on openQA and it's making the servers crash.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
We manually added cpus and memory in the past to 01/10/101/110, so
update ansible so it matches whats deployed now.
On staging, 2 cpus isn't going to cut it anymore, so just bump them up
to be the same as prod.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
There's no log messages about it, but we have been seeing some odd
connection reset messages and collectd shows we are near the 2500 limit
we had.
So, bump this to 3200 (based on 8 cpus * 300 ).
If we need to bump this more, we probibly need to add cpus.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
