WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-28 04:22:18 +08:00
Code Issues Packages Projects Releases Wiki Activity
17,222 Commits 9 Branches 0 Tags
9523dadd164dfd82f33bbf8564d5deffc6a9ddbe
Commit Graph

161 Commits

Author SHA1 Message Date
Kevin Fenzi
1516393f04 ipv4 on phx2 bastion hosts 2017-02-14 21:29:33 +00:00
Kevin Fenzi
02ca818720 and now have gateway use the milter 2017-02-14 19:46:08 +00:00
Stephen Smoogen
8c90ef6064 ok this should allow smtp to send to bastion for fedorahosted. 2017-02-02 19:26:19 +00:00
Stephen Smoogen
3c9b0e4654 make fedorahosted on baston 2017-02-02 18:01:26 +00:00
Kevin Fenzi
0456dd002c drop any relayhost for copr mails, mx1.redhat.com will not relay for it 2017-01-31 17:14:58 +00:00
Kevin Fenzi
484ab27f17 for some reason postfix wants this fqdn 2017-01-19 20:39:41 +00:00
Kevin Fenzi
a24c859d9a koji builders only should have to deal with ipv4 mail 2017-01-19 19:46:58 +00:00
Stephen Smoogen
2f92b9777a we need to add a larger limits for file coverage 2017-01-18 19:34:08 +00:00
Stephen Smoogen
4fe0981401 we need to do all this stuff in templates. 2017-01-16 01:01:45 +00:00
Tim Flink
cb0ef0b2fd adding new qa-prod01.qa host to replace qadevel.qa 2016-12-15 18:02:29 +00:00
Kevin Fenzi
1effd347df Setup a proxyreload for httpd that looks for the ticketkey. If it's not there, assume the proxy is just being configured and don't reload httpd. 2016-12-01 21:36:07 +00:00
Stephen Smoogen
12a7979213 update files to put basics for proxy13/proxy14 into being 2016-12-01 17:46:58 +00:00
Patrick Uiterwijk
2a6e8a5e25 Revert "Enable GSSAPI for ssh" 
This reverts commit b4f1088938.
 2016-10-27 18:53:24 +00:00
Patrick Uiterwijk
b4f1088938 Enable GSSAPI for ssh 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-10-27 09:19:14 +00:00
Stephen Smoogen
e8bc82f0a7 remove the entries to noc02 that wont work because that hostnmae doesnt exist 2016-09-30 15:23:54 +00:00
Stephen Smoogen
e13358ccd8 push the tls change out to the smtp-mm boxes 2016-09-27 17:37:21 +00:00
Stephen Smoogen
a875430ac8 too much email still requires ipv4 only and our ipv6 reverse doesnt work here 2016-09-27 15:37:37 +00:00
Stephen Smoogen
626a00c257 tls_ssl_options not implemented in our postfix 2016-09-27 03:28:39 +00:00
Stephen Smoogen
865dc57de9 call it a crt not a csr 2016-09-27 03:25:37 +00:00
Stephen Smoogen
379340b456 and put in the items kevin asked for. 2016-09-27 03:00:03 +00:00
Stephen Smoogen
6780736eb3 lets try another go at patching 2016-09-27 01:46:38 +00:00
Stephen Smoogen
d2764137e5 try this patch set on for size to get tls working with smtp 2016-09-27 01:10:46 +00:00
Stephen Smoogen
caa5411057 I broke it so I need to buy it. 2016-09-24 00:38:10 +00:00
Stephen Smoogen
2d05f9675d try to put in place smtp files for noc02 to use smtp-ipv4 vs ipv6 for google 2016-09-23 23:42:08 +00:00
Patrick Uiterwijk
9fbe49b3bc Make this really norelay 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-07-23 15:50:02 +00:00
Kevin Fenzi
28f1b6427b drop no longer existant download-rdus from this script 2016-07-13 16:48:51 +00:00
Kevin Fenzi
2209cb5efa drop bodhost01 and proxy07 2016-05-31 16:48:17 +00:00
Kevin Fenzi
8da3c329b9 Switch mm-smtp servers to send to mailman01 instead of relaying via collab03. 
Also, remove the old transports file which as far as I can tell is not used by anything.
 2016-05-18 20:45:12 +00:00
Aurélien Bompard
c115f786ae Bypass spam checking for emails from Mailman 2016-05-12 12:11:23 +00:00
Aurélien Bompard
5241b6f601 Add Spamassassin to Mailman 2016-05-12 09:08:58 +00:00
Michael Scherer
189260776c Move ntp setup in a role 
Since base install ntp on all platforms, we can skip the vars
and place it by default (next step is to convert the
few playbooks duplicating the role)
 2016-04-16 17:47:36 +00:00
Todd Zullinger
b374a0ff03 base: only set PS1 for prod/stage for interactive sessions 
Setting PS1 for non-interactive shells doesn't make sense.  Using tput
in the PS1 causes spurious errors to be logged:

    tput: No value for $TERM and no -T specified
    tput: No value for $TERM and no -T specified

Resolves: #5234
 2016-04-14 23:28:35 +00:00
Mikolaj Izdebski
e84a937620 Improve scripts for setting PS1 2016-04-13 23:15:42 +00:00
Kevin Fenzi
193bdc7ba1 Move bodhi02.stg to bodhi01.stg since it's not booting right anyhow. 2016-04-11 19:28:13 +00:00
aikidouke
0dcf06601e set prod/stg colored PS1 depending on env == staging or production 
remove from testing on badges and added to base role
 2016-04-11 13:42:29 +00:00
Kevin Fenzi
0281dc80fe Fix nagios and inventory to switch over to people02 2016-02-11 16:18:27 +00:00
Stephen Smoogen
429781ddae and lo, a herald angel called forth and said let there be vlans, and there were vlans... and it was good. 2016-02-05 20:52:56 +00:00
Kevin Fenzi
f6640e2768 Blacklist cdc_ether on all virt hosts. 2016-02-02 20:49:53 +00:00
Patrick Uiterwijk
c9edc339a5 Enable rsyslog journald module and persistent journald 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-01-30 23:21:26 +00:00
Patrick Uiterwijk
aa377b10e3 Make smtp-mm accept email for lists.fh.o and forward 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-12-23 07:07:05 +00:00
Stephen Smoogen
b3d1236fff when adding a new proxy.. always remember to sync its httpd logs or they go byby 2015-12-18 00:07:50 +00:00
Kevin Fenzi
c779582362 Set sshd Protocol here to 2, this makes rkhunter happy hopefully. 2015-12-11 04:11:38 +00:00
Kevin Fenzi
a5007ba910 Move ntp to a template. In phx2 non bastion01/02 hosts will use bastion01/02 and those will use the normal rhel pools. 2015-12-08 19:33:29 +00:00
Patrick Uiterwijk
10ec5b518f Add temporary digicert hotfix 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-12-03 14:59:57 +00:00
Kevin Fenzi
dcfc795f4e Hey look. Some new ntp servers. 2015-12-02 21:13:57 +00:00
Kevin Fenzi
5585dacf50 Add ceylon-lang.org to transports so it delivers correctly. 2015-12-02 00:17:27 +00:00
Kevin Fenzi
17d96e5da9 Add a conditional-reload script and use it so we can not fail on hosts with no httpd installed. 2015-11-13 23:49:38 +00:00
Ricky Elrod
edc4b7067d watchdog-ify staging, hopefully 
Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
 2015-11-10 20:11:11 +00:00
Kevin Fenzi
f6722659e5 Switch sshd config for f22/f23 to explicitly say only v2 protocol, adjust rkhunter for this. 2015-10-09 19:32:51 +00:00
Kevin Fenzi
96d1784001 Adjust rkhunter and sshd config for releng so they stop alerting. 2015-10-08 16:42:13 +00:00