WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-29 04:51:16 +08:00
Code Issues Packages Projects Releases Wiki Activity
40,414 Commits 9 Branches 0 Tags
f259ca4e04884b6cdcfc8a171de41a60ac55c8c2
Commit Graph

325 Commits

Author SHA1 Message Date
Kevin Fenzi
a60ca7159f nuancier: retire and remove from ansible 
See https://pagure.io/fedora-infrastructure/issue/11371
This service is retired.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-15 10:44:00 -08:00
David Kirwan
9c3a24e79a zabbix: Zabbix production configuration 2023-11-09 12:55:26 +00:00
Kevin Fenzi
21a3a4f6ff ipsilon: add SAML2 mapping for aws-openscanhub group 
This adds a mapping for a aws-openscanhub group.
See https://pagure.io/fedora-infrastructure/issue/11384 for more info.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-11-08 22:16:53 +00:00
Francois Andrieu
6af2bb2619 ipsilon: add zabbix stg sp 2023-08-14 16:50:39 +02:00
Francois Andrieu
d86babdfe9 AWX: Initial configuration 2023-07-26 13:34:08 +02:00
Aurélien Bompard
b080195aea Ipsilon: restart apache if the code changes 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2023-05-10 18:06:20 +02:00
Aurélien Bompard
af40d62193 Ipsilon: make sure the ipsilon-fedora addons are installed 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2023-05-10 17:51:43 +02:00
Aurélien Bompard
360e184862 FMN: move the old to -old and redirect to the new 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2023-04-26 10:55:25 +02:00
Aurélien Bompard
32938ffc64 Ipsilon: automatically load the SAML2 metadata for PDC in prod as well 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2023-04-20 14:43:10 +02:00
Aurélien Bompard
7949f778d9 Ipsilon: make the package module call faster 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2023-04-20 13:54:41 +02:00
Aurélien Bompard
577ba916be Ipsilon: add missing tags 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2023-04-20 13:52:32 +02:00
Aurélien Bompard
aa0fbcad18 Ipsilon: automatically load the SAML2 metadata for PDC 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2023-04-20 12:43:24 +02:00
Nick Bebout
6987b8bc1e Add aws-fpl group to ipsilon per mattdm's request 2023-01-10 20:12:27 -06:00
Aurélien Bompard
aa43c7a742 Ipsilon: set CORS headers for OIDC 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2022-11-22 18:35:44 +01:00
Kevin Fenzi
f183f5262b pagure-stg01 / ipsilon*.stg: split db passwords from stg and prod 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-09-19 13:53:15 -07:00
Mark O Brien
fd0dbee572 add new aws role for readonly access to fcos bucket 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-08-03 12:27:30 +01:00
Aurélien Bompard
293cf34e8d Adapt to Ipsilon 3.0.3 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2022-07-05 17:36:03 +02:00
Mark O Brien
4bd7546413 update bugzilla stage saml 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-06-22 20:50:27 +01:00
Mark O Brien
2c46ee6e5e move bugzilla stage to ipsilon stage 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-06-22 20:35:53 +01:00
Aurélien Bompard
6b9d639421 ipsilon: add sebooleans on f36 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2022-06-03 09:55:25 +02:00
Kevin Fenzi
a180488e0d ipsilon: drop staging conditional on wsgiscriptalias 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-02 15:28:32 -07:00
Kevin Fenzi
b68200e0bc ipsilon: make sure /etc/ipsilon/root is owned by ipsilon 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-02 15:25:22 -07:00
Kevin Fenzi
4c4be31afb ipsilon / staging: the wsgi is named differently in stg/f36? 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-05-25 17:42:30 -07:00
Kevin Fenzi
792f082750 Revert "ipsilon / staging: fixes for f36" 
This reverts commit 6d5911cc3c.

Turns out these are the way the new version installs. ;)
 2022-05-25 17:38:04 -07:00
Kevin Fenzi
6d5911cc3c ipsilon / staging: fixes for f36 
The wsgi has changed from /usr/libexec/ipsilon/ipsilon.py to
/usr/libexec/ipsilon, so adjust wsgi and directory perms to handle that.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-05-25 16:58:17 -07:00
Aurélien Bompard
c030ab4c77 Ipsilon needs an SELinux boolean to use python-pam 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2022-05-25 11:32:57 +02:00
Aurélien Bompard
b6390112af amend last commit 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2022-05-25 11:22:57 +02:00
Aurélien Bompard
cd277a01d8 We now use PAM auth in Ipsilon 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2022-05-25 11:21:07 +02:00
Aurélien Bompard
61821fb1ba Update ipsilon to 3.0.1 in prod 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2022-05-25 10:27:02 +02:00
Stephen Gallagher
7d26c4cde9 Use persistent SAML identifiers 
Using "unspecified" will always send just the user's (FAS) username,
which has been known to conflict with existing accounts on Gitlab. The
"persistent" name-id format guarantees uniqueness.

Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
 2022-05-11 18:39:05 +00:00
Kevin Fenzi
6260673484 update SAML2 data for bugzilla.redhat.com 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-03-01 16:58:23 -08:00
Kevin Fenzi
9bb24871c3 ipsilon: add saml2 for gitlab.com 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-11-30 15:37:33 +00:00
Kevin Fenzi
cc0f507a2c ipsilon: run the saml2 script as ipsilon user 
Right now it runs as root which means ipsilon can't read it.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-11-30 07:34:16 -08:00
Aurélien Bompard
286bde8098 Ipsilon: use the pam auth module on staging 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-10-27 10:12:59 +02:00
Clement Verna
ea2354658f Remove fpdc playbooks and config. 
Signed-off-by: Clement Verna <cverna@tutanota.com>
 2021-08-10 20:37:12 +00:00
Kevin Fenzi
79afbb7406 bugzilla: try and update saml2 data for new bugzilla 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-07-31 12:10:38 -07:00
Mattia Verga
15f3dea6a1 Use bugzilla.stage instance after partner-bugzilla shutdown 
Signed-off-by: Mattia Verga <mattia.verga@protonmail.com>
 2021-07-31 17:08:49 +00:00
Ryan Lerch
ff1395d99c ipsilon: clean up ipsilon role 
This cleans up the ipsilon role, removing a bunch of old, commented out
lines, and removes files and templates that are no longer used.

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2021-07-08 10:13:41 +00:00
Kevin Fenzi
f732a95cb3 ipsilon / sssd: try and set ldap_dref_threshold to 0 to improve things with sssd 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-05-27 11:05:40 -07:00
Aurélien Bompard
06605d7d35 Ipsilon: allow dots in usernames 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-05-27 13:05:33 +02:00
Patrick Uiterwijk
cd8859d7a6 Update RHBZ SAML data 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2021-05-27 07:32:03 +02:00
Aurélien Bompard
0c845843c4 Update ipsilon-fedora on the Ipsilon servers 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-04-30 10:37:31 +02:00
Patrick Uiterwijk
8979bb9a05 Import pre-prod bugzilla SAML data 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2021-04-01 07:35:24 +02:00
Kevin Fenzi
0a53920236 ipsilon: up number of processes to handle more load 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-03-31 13:52:20 -07:00
Aurélien Bompard
196d20086c Some Ipsilon fixes for the new openid api extension 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-03-26 12:11:07 +01:00
Aurélien Bompard
94b32cee08 Use our custom info plugin 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-03-25 18:56:08 +01:00
Aurélien Bompard
fc759fd447 Add the ipsilon script to generate the metadata 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-03-25 11:15:29 +01:00
Aurélien Bompard
2c04966b51 Adjust the location of the service keytab in ipsilon 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-03-24 17:58:12 +01:00
Aurélien Bompard
4c5e2d605b Fix the sssd config file 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-03-24 17:31:55 +01:00
Aurélien Bompard
be8535cf05 Fix ipsilon config 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-03-24 17:03:58 +01:00