Patrick Uiterwijk
|
dae3290dd7
|
Add dns1 and dns2 for nm-controlled resolv.conf
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-08-21 21:01:08 +00:00 |
|
Patrick Uiterwijk
|
d12cedc5d3
|
Allow NM-controlled DNS if intended
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-08-21 20:58:55 +00:00 |
|
Kevin Fenzi
|
06033a3b27
|
move this to a dep instead of including it
|
2017-08-19 17:13:49 +00:00 |
|
Patrick Uiterwijk
|
aef0feda87
|
Turns out it was just missing a name=
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-08-16 17:43:00 +00:00 |
|
Patrick Uiterwijk
|
e2b829c900
|
Turns out name: is incompatible with include_role
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-08-16 17:41:49 +00:00 |
|
Patrick Uiterwijk
|
e43e0e06b1
|
Move SSH setup to its own role
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-08-16 17:39:23 +00:00 |
|
Patrick Uiterwijk
|
dfc9e56b96
|
Revert "bypass sshd restart for nowg"
This reverts commit ecb03a1093.
|
2017-08-15 16:59:30 +00:00 |
|
Patrick Uiterwijk
|
778272ed90
|
Update sshd_config everywhere to present cert
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-08-15 16:41:48 +00:00 |
|
Patrick Uiterwijk
|
1fad80a314
|
We no longer have any <Fedora24 boxes
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-08-15 16:38:11 +00:00 |
|
Patrick Uiterwijk
|
ecb03a1093
|
bypass sshd restart for nowg
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-08-15 16:32:16 +00:00 |
|
Patrick Uiterwijk
|
11a36497c8
|
Lets just call out to date...
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-08-15 16:24:37 +00:00 |
|
Patrick Uiterwijk
|
800f9145d3
|
Add sshd_cert tag
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-08-15 15:19:53 +00:00 |
|
Patrick Uiterwijk
|
d0c938a7e9
|
Open firewall enough from s390x-01 for sshfs
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-08-12 01:02:13 +00:00 |
|
Patrick Uiterwijk
|
fe5f1c3152
|
Or no quoting
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-08-04 16:49:13 +00:00 |
|
Patrick Uiterwijk
|
4eef39463f
|
Quote this too. Quote all the things
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-08-04 16:47:29 +00:00 |
|
Patrick Uiterwijk
|
fa0d94d697
|
Fix EPARSE
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-08-04 16:46:12 +00:00 |
|
Patrick Uiterwijk
|
cfab031a8a
|
Deploy sender_access file
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
|
2017-08-04 18:20:17 +02:00 |
|
Patrick Uiterwijk
|
7a5346019b
|
Create a sender_access file
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-08-04 16:20:13 +00:00 |
|
Patrick Uiterwijk
|
bb707cc070
|
when != hen
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-07-14 02:55:02 +00:00 |
|
Patrick Uiterwijk
|
1bf3eacc7c
|
Teach ansible about the enc900 interface on s390
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-07-14 02:53:27 +00:00 |
|
Stephen Smoogen
|
68e2a472b3
|
How beauteous mankind is! O brave new world
|
2017-06-26 19:03:03 +00:00 |
|
Stephen Smoogen
|
06be05edfb
|
cut down the list of hosts external
|
2017-06-23 19:19:18 +00:00 |
|
Ricky Elrod
|
6e6239051a
|
add resolv.conf for internetx
Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
|
2017-06-20 21:03:40 +00:00 |
|
Tim Flink
|
c40d6a5ebd
|
adding main.cf for upstreamfirst.fedorainfracloud.org
|
2017-05-25 15:51:18 +00:00 |
|
Kevin Fenzi
|
a60055fbaa
|
oops, == here not is
|
2017-05-15 17:37:56 +00:00 |
|
Kevin Fenzi
|
2df1d71510
|
clean up iptables in base to not apply to cloud compute/master, osbs or os
|
2017-05-15 17:33:51 +00:00 |
|
Kevin Fenzi
|
d860015a28
|
lets try this s390 caching again
|
2017-05-14 18:30:14 +00:00 |
|
Kevin Fenzi
|
9f71fa2295
|
comment in rsyslog-audit module in base
|
2017-05-04 14:20:37 +00:00 |
|
Patrick Uiterwijk
|
f4ae8df39d
|
Fix up policy source and add EL6 compiled version
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-05-04 14:12:56 +00:00 |
|
Kevin Fenzi
|
fcf570d42e
|
initial selinux module work for rsyslog to read audit
|
2017-05-04 14:02:02 +00:00 |
|
Kevin Fenzi
|
db328d7ac2
|
Revert "ansible tells me not to use {s in when, lets see if this works"
This reverts commit 9b77ca729b.
|
2017-04-20 17:03:09 +00:00 |
|
Kevin Fenzi
|
9b77ca729b
|
ansible tells me not to use {s in when, lets see if this works
|
2017-04-20 16:57:07 +00:00 |
|
Kevin Fenzi
|
8a6e51a9a6
|
change state=running to start=started as the old one is going away in ansible 2.7
|
2017-04-13 01:37:21 +00:00 |
|
Stephen Smoogen
|
cf89a2516d
|
and we will try nagios templates
|
2017-04-11 21:18:04 +00:00 |
|
Kevin Fenzi
|
31254f9775
|
kill paste0* instances
|
2017-04-11 19:42:45 +00:00 |
|
Kevin Fenzi
|
e8f50d9336
|
drop hosted03 from nagios and various other places
|
2017-04-11 18:01:34 +00:00 |
|
Patrick Uiterwijk
|
fcc5657525
|
Configure SSH certificates
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-04-10 10:20:15 +00:00 |
|
Patrick Uiterwijk
|
78a6c13010
|
Production key is generated
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-04-09 23:32:41 +00:00 |
|
Patrick Uiterwijk
|
09cd075108
|
Revert "Make explicitly invalid"
This reverts commit b91d69d1ed.
|
2017-04-09 23:24:08 +00:00 |
|
Patrick Uiterwijk
|
b91d69d1ed
|
Make explicitly invalid
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-04-09 23:22:25 +00:00 |
|
Patrick Uiterwijk
|
d01c436580
|
SSH does not know years
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-04-09 23:18:54 +00:00 |
|
Patrick Uiterwijk
|
dc1664c8f3
|
Combine properly
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-04-09 23:17:58 +00:00 |
|
Patrick Uiterwijk
|
7a7054b34c
|
Allow setting additional hostnames
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-04-09 23:15:16 +00:00 |
|
Patrick Uiterwijk
|
3ec28fa016
|
Use a static dir
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-04-09 22:50:25 +00:00 |
|
Patrick Uiterwijk
|
7ce0b12a42
|
Fix env tests
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-04-09 22:34:55 +00:00 |
|
Patrick Uiterwijk
|
c96d44b232
|
Add initial SSH certificates
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
2017-04-09 22:29:14 +00:00 |
|
Kevin Fenzi
|
a0727e3fd2
|
do not apply iptables to any fed-cloud machine now
|
2017-04-07 19:23:42 +00:00 |
|
Stephen Smoogen
|
dfd088ab5e
|
put in many changes for new nagios server
|
2017-04-06 23:50:44 +00:00 |
|
Stephen Smoogen
|
cc4a91a1eb
|
stage a template to replace syncHttpLogs.sh someday
|
2017-03-17 19:43:11 +00:00 |
|
Kevin Fenzi
|
3743d7691c
|
add tag for common scripts
|
2017-03-02 16:00:06 +00:00 |
|