fedora-infra_ansible

mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-03-20 03:57:02 +08:00

Author	SHA1	Message	Date
Jiri Kyjovsky	88102722cb	copr-anubis: allow copr-related user agents to pass without challenge	2026-01-12 09:00:32 +00:00
Jiri Kyjovsky	3595436104	copr-anubis: loosen policies (go through defaults), allow essentials	2026-01-08 16:40:34 +01:00
Greg Sutcliffe	5765dd09b5	Zabbix: report warnings to #noc:fpo Matrix room Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>	2026-01-08 13:56:38 +00:00
Greg Sutcliffe	85ac8eeab7	Zabbix: raise warning levels for openqa disk usage Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>	2026-01-08 13:55:20 +00:00
Jiri Kyjovsky	d79d6ca487	copr/anubis: fix configuration on frontend to protect only /coprs (same for distgit) Anubis was accidentally enabled for all traffic (/) instead of just the /coprs/ web UI. This caused unnecessary bot challenges for API clients, dnf/yum, and other automated tools. Use Anubis BASE_PREFIX to cleanly protect only specific endpoints: - Frontend: /coprs/ (web UI) - Dist-git: /{{ cgit_uri }}/ (package browser) https://anubis.techaro.lol/docs/admin/installation#using-base-prefix	2026-01-07 13:58:11 +01:00
Miroslav Suchý	1becdd9e81	bump up number of reserved instances	2026-01-06 12:55:31 +01:00
Kevin Fenzi	ee5c732c8c	people01: also increase memory to 32g Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-30 09:34:45 -08:00
Kevin Fenzi	f717aeb615	people01: bump number of cpus to 16 Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-30 09:31:39 -08:00
Adam Williamson	37e2d34eb6	proxies: block IP attempting SQL injections on openQA (prod) My staging effort seems to have worked, so let's do prod too. Signed-off-by: Adam Williamson <awilliam@redhat.com>	2025-12-30 08:58:11 -08:00
Adam Williamson	3e8c446877	proxies: block IP attempting SQL injections on openQA I hope I got this right. This IP is trying Little Bobby Tables attacks on openQA and it's making the servers crash. Signed-off-by: Adam Williamson <awilliam@redhat.com>	2025-12-30 08:46:28 -08:00
James Antill	c127602949	Remove rest of f41-test. Signed-off-by: James Antill <james@and.org>	2025-12-26 12:46:03 -05:00
James Antill	efa0061ca5	Remove f41-test from inventory. Signed-off-by: James Antill <james@and.org>	2025-12-25 08:35:47 -05:00
Greg Sutcliffe	9fae8c7d2d	Zabbix: First try of the CMDB-in-Zabbix-Inventory idea (#12817 ) Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>	2025-12-22 15:09:07 +00:00
Pavel Raiskup	cd95aa0095	copr-be: try to use x86 copr04	2025-12-20 15:54:12 +01:00
James Antill	c68ec66f3e	Move prox01.stg to F43. Signed-off-by: James Antill <james@and.org>	2025-12-19 14:39:12 -05:00
Greg Sutcliffe	149047b50d	Copr: fix IP hostvars on vmhost-x86-copr04 - again Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>	2025-12-19 11:51:57 +00:00
Greg Sutcliffe	f639e26c12	Copr: fix IP hostvars on vmhost-x86-copr04 Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>	2025-12-19 11:43:49 +00:00
David Kirwan	1a18ff41fd	communishift: mark project communishift-fedora-coreos-ai-helpers do not clean up. Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>	2025-12-18 16:09:42 +00:00
Kevin Fenzi	c4f5d8ea2e	proxies / proxies_stg: fix comment about max workers and set to 3200 both places Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-14 09:45:38 -08:00
Kevin Fenzi	e6e014780d	proxies: sync up prod proxies mem/cpus and add more in stg We manually added cpus and memory in the past to 01/10/101/110, so update ansible so it matches whats deployed now. On staging, 2 cpus isn't going to cut it anymore, so just bump them up to be the same as prod. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-13 12:34:17 -08:00
Kevin Fenzi	6ceed5e1b9	smtp-auth-iso01: add ipv6 address Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-12 15:57:15 -08:00
Kevin Fenzi	6789314251	smtp-mm-iso01: add ipv6 address Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-12 15:54:15 -08:00
Kevin Fenzi	5acda7f784	proxy03: set dc to not be rdu3 Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-12 15:50:08 -08:00
Kevin Fenzi	52dffb8df4	proxy03: fix dns search order Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-12 15:05:49 -08:00
Kevin Fenzi	182104ec0f	proxy03: use mac address from ansible Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-12 14:56:25 -08:00
Kevin Fenzi	e1524d1fd0	smtp-mm-iso01: use correct hostname in inventory Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-12 14:20:16 -08:00
Kevin Fenzi	e8bd81d11d	vmhost-x86-iso03: add to inventory Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-12 13:58:12 -08:00
Kevin Fenzi	e7c35d4d2b	vmhost-x86-iso02: update mac addresses Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-12 13:56:36 -08:00
Kevin Fenzi	16ce599474	vmhost-x86-iso02: add to inventory Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-12 12:58:15 -08:00
Kevin Fenzi	a81f88f031	vmhost-x86-iso02: update mac addresses Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-12 12:55:07 -08:00
Kevin Fenzi	73c0c6214f	proxy14: try and set it for a rdu3-iso datacenter Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-12 10:29:11 -08:00
Michal Konecny	9fb417b79a	[proxy14] Fix typo in host_vars This caused ticketkey playbook to fail and all proxies started alerting about old age of ticketkey.	2025-12-12 10:52:14 +01:00
Kevin Fenzi	a3dbedb3e7	proxy14: adjust dns search path Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 21:06:44 -08:00
Kevin Fenzi	2d78574d7e	smtp-mm-iso01 host vars to the correct name Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 18:57:07 -08:00
Kevin Fenzi	2ea32b924f	proxies: update hostnames for proxy03/14 Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 17:53:29 -08:00
Kevin Fenzi	117c334dae	rename smtp-mm-cc-rdu01 to smtp-mm-iso01 Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 17:13:39 -08:00
Kevin Fenzi	0498dd6bd9	proxy03: correct vmhost Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 17:11:40 -08:00
Kevin Fenzi	3b3399c6d8	proxy03 and proxy14 adjustments for rdu3 move Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 16:30:02 -08:00
Kevin Fenzi	1f055f415b	download-iso01: add missing network info Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 15:06:38 -08:00
Kevin Fenzi	9fdcd69f80	download-cc-rdu01 becomes download-iso01.rdu3 Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 15:02:59 -08:00
Kevin Fenzi	af10d77d68	smtp-auth-iso01: use rdu3 domain in name Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 14:51:06 -08:00
Kevin Fenzi	8b85f0e197	vmhost-x86-iso04: add to inventory Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 14:36:25 -08:00
Kevin Fenzi	b11f24402e	vmhost-x86-iso04: fix mac addresses Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 14:31:49 -08:00
Kevin Fenzi	8ccc39cb7d	smtp-auth: fix vmhost Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 14:26:47 -08:00
Kevin Fenzi	7d4c52b418	smtp-auth-iso01: provision in rdu3 Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 14:24:14 -08:00
Kevin Fenzi	f1e7c95538	vmhost-x86-copr04: fix ipv6 address Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 12:51:36 -08:00
Kevin Fenzi	af85968a22	vmhost-p09-copr01: fix ipv6 config Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 12:51:00 -08:00
Kevin Fenzi	61866b9046	update rdu2-cc to rdu3 hardware Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 11:30:41 -08:00
Kevin Fenzi	48d97a929d	proxies: increase max workers to 3200 There's no log messages about it, but we have been seeing some odd connection reset messages and collectd shows we are near the 2500 limit we had. So, bump this to 3200 (based on 8 cpus * 300 ). If we need to bump this more, we probibly need to add cpus. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-12-11 10:21:27 -08:00
James Antill	5fe62a9b5f	Fix typo for DNS search key. Signed-off-by: James Antill <james@and.org>	2025-12-11 12:49:31 -05:00

1 2 3 4 5 ...

10201 Commits