WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-28 20:42:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
44,013 Commits 9 Branches 0 Tags
be1b1503d64a2be5a1dfd32ebdda931679d1ebdb
Commit Graph

26683 Commits

Author SHA1 Message Date
Kevin Fenzi
2a2f75daf1 base / iptables: don't remove iptables for now 
This was a good change in theory, but in practice it's not.
The 'iptables-legacy' package provides 'iptables' so it gets removed,
but there's some things we still install that depend on it, so it just
gets pulled in later as a dependency.

Examples:

build* machines install oz and ImageFactory that need it
(but we can possibly drop those now)

virthosts have some libvirt subpackages that require it.

I'm not sure we can readd this in a targeted way or should just drop it
for now entirely.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-08-09 09:17:18 -07:00
Aurélien Bompard
b9c73dd6ee Forward Openshift logs to log01 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2025-08-09 15:55:03 +00:00
Kevin Fenzi
e57e3dd7e4 ipa/client: mode should be 640 on fedora instances 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-08-08 12:29:13 -07:00
Kevin Fenzi
2b21bc41e4 nfs / client: add some logging to the role to show what mount/dir it's called with 
This is useful for places like releng-compose that mount a ton of things
and it's hard to tell which one is failing.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-08-08 12:17:31 -07:00
Kevin Fenzi
db0e5eb546 ipa / client: fedora systems use root:sssd ownership 
On rhel the sssd dropin files (which need to be the same owner/group as
the main sssd.conf file) are root:root, but on fedora they are
root:sssd. So, split out this task to handle the two different cases.

Assisted-by: claude
(I had it generate this, and it actually did a reasonable job I think)

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-08-08 11:54:33 -07:00
Lenka Segura
a2cfb0a360 pagure: hotfix for links to accounts.fpo 
Signed-off-by: Lenka Segura <lsegura@redhat.com>
 2025-08-07 21:15:42 +00:00
Lenka Segura
c5ca513364 pagure: Fix lint errors in main task 
Signed-off-by: Lenka Segura <lsegura@redhat.com>
 2025-08-07 22:21:42 +02:00
Kevin Fenzi
4445de3f1a tftp_server: drop old rhcos images 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-08-06 11:57:39 -07:00
Kevin Fenzi
94406996e3 tftp_server: delete files not in bigfiles on batcave01 
We should just always setup files on batcave and sync them over instead
of having local copies of things.

I've saved a copy of the current one off on each noc in case there was
some super special image we didn't save off, but hopefully we don't need
it.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-08-06 11:54:56 -07:00
Aurélien Bompard
ba0393fece Deploy a patch in distgit to fix Infra ticket 12622 
See: https://pagure.io/fedora-infrastructure/issue/12622
Patch sent upstream: https://pagure.io/pagure/pull-request/5529

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2025-08-06 17:04:00 +02:00
Kevin Fenzi
0df178ffac dns: remove old iad2 zones from named.conf 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-08-05 14:49:10 -07:00
Samyak Jain
8b7b4a8368 robosignatory: also allow resigning f43 tagged packages with f44 key 
Signed-off-by: Samyak Jain <samyak.jn11@gmail.com>
 2025-08-05 16:43:49 +00:00
Miroslav Suchý
5b12a47264 bump up numbers of reserved instances for copr builders 2025-08-04 13:34:03 +02:00
Akashdeep Dhar
cbd9dbb563 Move from Python-based MDAPI to Go-based MetaSource 
Signed-off-by: Akashdeep Dhar <akashdeep.dhar@gmail.com>
 2025-08-04 08:33:08 +00:00
Yaakov Selkowitz
3d3cc7f868 flatpak-indexer: raise differ memory limit to 8Gi 
This pod keeps getting OOMKilled while processing larger flatpak artifacts.
 2025-08-01 08:45:15 +00:00
Aurélien Bompard
eb98c66f15 Adjust FMN timeouts to the new direct DB connection times 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2025-08-01 10:42:57 +02:00
Yaakov Selkowitz
cbb5570268 Revert "flatpak-indexer: migrate to valkey" 
This reverts commit 29e3ff3e31e9793fbd01606ee7fba436f571b8bb.
 2025-07-31 12:18:45 -04:00
David Kirwan
8347a8792c forgejo: rename PVC to correct name expected by forgejo 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2025-07-31 15:52:02 +01:00
David Kirwan
bb997b6954 forgejo: Disable helm creating persistent storage 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2025-07-31 15:02:28 +01:00
David Kirwan
f32c33a26b forgejo: create namespace prior to PVC creation 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2025-07-31 15:02:28 +01:00
Greg Sutcliffe
1f472c9754 Zabbix: improve tagging and make sure Ping Hosts are in All Hosts 
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
 2025-07-31 14:32:18 +01:00
Yaakov Selkowitz
71c5c4a8f1 flatpak-indexer: migrate to valkey 
redis was dropped in Fedora 41 due to the license change:

https://fedoraproject.org/wiki/Changes/Replace_Redis_With_Valkey
27798b9109
 2025-07-31 13:12:19 +00:00
Michal Konecny
750151cd6e [flatpak-indexer] Use empty storageClassName 
The named volumes doesn't have any storage class set, so the storage
class doesn't match. This should fix it.
 2025-07-31 15:07:40 +02:00
Greg Sutcliffe
b4651f8b5b Zabbix: Add method to define ping-only hosts in host_vars 
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
 2025-07-31 12:52:04 +01:00
Greg Sutcliffe
a1b2783a67 Zabbix: ensure existence of correct hostgroups 
also applies the correct hostgroups when creating/updating hosts

Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
 2025-07-31 12:51:43 +01:00
Yaakov Selkowitz
246e643b2e flatpak-indexer: update images 
Also, fix the imagestream reference to the fedora image.
 2025-07-31 08:45:18 +00:00
Michal Konecny
d5f83a7272 [nagios] Use server checks on noc01 
Just move datanommer check to server plugins, so it's the same as before.
 2025-07-31 10:26:01 +02:00
Michal Konecny
e4afc6cf7a [nagios_server] Remove datanommer check 
This check is already installed as part of nagios_client playbook. The
nagios_server role contained old version which doesn't work anymore. Let's get rid
off it.
 2025-07-31 10:02:02 +02:00
Kevin Fenzi
c48af3dad4 openqa-a64-worker04: add dhcp and host vars 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-07-30 19:18:18 -07:00
Kevin Fenzi
627c51d892 noc01 / dhcpd: add openqa-a64-worker03 to dhcp 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-07-30 17:32:41 -07:00
Kevin Fenzi
b259bb5465 batcave01: add new vlan at ibiblio to allows 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-07-30 15:38:13 -07:00
Kevin Fenzi
496110d184 bodhi / backend: set sqlite = True globally 
Both the packages app and mdapi really prefer sqlite data existing.
packages setup a workaround to try and recreate the repodata
locally with sqlite, but it's not working with epel10 branches
at least.

Since all this does is take up a small bit of space, lets
just (at least for now) enable it globally.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-07-30 14:02:10 -07:00
Greg Sutcliffe
e332937c54 Zabbix: template updates 
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
 2025-07-30 16:37:24 +01:00
Greg Sutcliffe
5fb8726bcd Zabbix: Add zabbix_agent tag to API host-creation tasks 
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
 2025-07-30 10:50:46 +01:00
David Kirwan
46c8cfff0f forgejo: create the PVC first 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2025-07-30 10:49:52 +01:00
Kevin Fenzi
c05160fede download / rsyncd logrotate: compress log weekly 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-07-29 16:43:59 -07:00
Kevin Fenzi
9a22870dd7 candidate-registry: set network to 10.16 instead of the old iad2 10.3 
This apache config is needed in order to allow auth to upload to the
candidate registry. Without it, skopeo just gives a perm denied.
Anytime the datacenter networks change this will also need updated.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-07-29 15:28:51 -07:00
Mattia Verga
855ff668eb bodhi: update blacklist for homepage users stats 
Signed-off-by: Mattia Verga <mattia.verga@tiscali.it>
 2025-07-29 21:10:53 +00:00
Michal Konecny
2f1ee9e0d6 [ansible-server] Set transfer_method to smart 
When trying to run the playbook for
bvmhost-p09-05.rdu3.fedoraproject.org I encountered an error when
copying files through scp. After some digging I found this in the
ansible documentation
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/ssh_connection.html#parameter-ssh_transfer_method
and it helped with that.
Let's make the change permanent with this commit.
 2025-07-29 14:19:10 +02:00
David Kirwan
398252f899 forgejo; update task to create PV 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2025-07-29 13:14:29 +01:00
David Kirwan
c51b5532f9 forgejo; add pv template, update pvc to point at pv 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
 2025-07-29 13:13:11 +01:00
Pavel Raiskup
8e74de5f80 copr: powerful osuosl machines can build arch_power9 builds 
Per Resalloc ERROR:
ERROR 2025-07-29 07:46:12,024 PID:903186:140127796283200(Manager)
Couldn't find appropriate on demand pool for ticket=4209285, it will
never be resolved!
 2025-07-29 09:54:50 +02:00
Pavel Raiskup
1a079c61d2 copr: delete _all_ OSUOSL machines 
Relates: https://github.com/fedora-copr/copr/issues/3092
 2025-07-29 08:07:17 +02:00
Pavel Raiskup
17122b9409 copr: re-uploaded aarch64 image 
With the correct --arch aarch64 metadata.
 2025-07-28 19:22:53 +02:00
Pavel Raiskup
53638672c7 copr: upload-qcow2-images-be.j2: select ami architecture explicitly 
Otherwise it goes with x86_64 (since the uploading machine is x86).
 2025-07-28 14:42:55 +02:00
Michal Konecny
31b05ab861 [nagios_client] Install the nagios script on noc 
To get the datanommer checks working on noc01, we need to install the
nagios scripts on noc01 as well.
 2025-07-28 13:00:14 +02:00
Michal Konecny
eb732ee1ac [nagios_client] Fix yamllint errors 2025-07-28 12:09:29 +02:00
Michal Konecny
88132737b5 [nagios_client] Fix ansible-lint errors 2025-07-28 11:58:02 +02:00
Michal Konecny
4670886484 [nagios_client] Install datanommer checks on noc01 
https://pagure.io/fedora-infrastructure/issue/12402
 2025-07-28 11:58:02 +02:00
Kevin Fenzi
0f1a3e91d3 robosignatory: disable f43->f43 signing to process mass rebuild faster 
Also, comment section we will need in a few weeks to resign all of f43
with f44 key for branching.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-07-27 08:47:31 -07:00