WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-03-19 19:46:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: WarlockFish:e5d26fea609fce8f48e4e98031754ccd2947b334
Branches Tags
WarlockFish:main WarlockFish:letsencrypt WarlockFish:rawhide-greenwave WarlockFish:openqa WarlockFish:secarch WarlockFish:darkserver WarlockFish:openvpn_handler WarlockFish:easyfix WarlockFish:denyhosts
..
compare: WarlockFish:c4bdfcc89723d5bc11e4d5c4a5ef6ad7a2b96702
Branches Tags
WarlockFish:main WarlockFish:letsencrypt WarlockFish:rawhide-greenwave WarlockFish:openqa WarlockFish:secarch WarlockFish:darkserver WarlockFish:openvpn_handler WarlockFish:easyfix WarlockFish:denyhosts

3 Commits
e5d26fea60 ... c4bdfcc897

Author SHA1 Message Date
Kevin Fenzi
c4bdfcc897 proxies: block a ip that was hitting release-monitoring.org a lot 
This ip had hit release-monitoring.org like 5,000,000 times in the
course of a few hours and swamped it's web pod.

Lets block it for now and see if anyone complains.
If this is you: please add some rate limiting.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2026-02-13 08:48:01 -08:00
Pavel Raiskup
a943654af2 copr-be: avoid the hacks - we no longer need the testing VMs 2026-02-13 17:36:19 +01:00
Pavel Raiskup
432f23126e copr-be: keep one more p09 machine up for debugging 2026-02-13 12:33:27 +01:00
2 changed files with 1 additions and 5 deletions
Expand all files Collapse all files

1
inventory/group_vars/proxies
View File

@@ -84,6 +84,7 @@ nft_block_rules:
- 'add rule ip filter INPUT ip saddr 101.47.184.0/21 counter reject'
- 'add rule ip filter INPUT ip saddr 101.47.185.0/24 counter reject'
- 'add rule ip filter INPUT ip saddr 101.47.186.0/23 counter reject'
- 'add rule ip filter INPUT ip saddr 34.159.191.146/32 counter reject'
nft_custom_rules:
# Need for rsync from log01 for logs.
- 'add rule ip filter INPUT ip saddr 10.16.163.39 tcp dport 873 counter accept'

5
roles/copr/backend/tasks/resalloc.yml
View File

@@ -45,11 +45,6 @@
set -- $(echo "$decoded")
IP=$1
fi
case $RESALLOC_NAME in
*vmhost_p09_02_prod_01867876_20260202_151259*)
exit 0
;;
esac
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ConnectTimeout=10 "${SSH_USER-root}@$IP" true
mode: "0755"
dest: /usr/local/bin/resalloc-check-vm-ip