diff options
| author | Patrick Uiterwijk <puiterwijk@redhat.com> | 2014-02-03 19:46:34 +0000 |
|---|---|---|
| committer | Patrick Uiterwijk <puiterwijk@redhat.com> | 2014-02-03 19:46:34 +0000 |
| commit | ecf064d0305ca9c9af24e85909e6fc5a2fc33aa0 (patch) | |
| tree | 9b7b95b07f1bfb5239b9bb111c2267443440efbd | |
| parent | f1aa4ab7c120fede05030919aaf240018636c3a5 (diff) | |
| parent | 2caf90aed2633c335da8aaf3f9280cc2f934990b (diff) | |
| download | ansible-ecf064d0305ca9c9af24e85909e6fc5a2fc33aa0.tar.gz ansible-ecf064d0305ca9c9af24e85909e6fc5a2fc33aa0.tar.xz ansible-ecf064d0305ca9c9af24e85909e6fc5a2fc33aa0.zip | |
Merge branch 'master' of /git/ansible
21 files changed, 129 insertions, 20 deletions
diff --git a/files/copr/copr-be.conf b/files/copr/copr-be.conf index 2c159cb99..b00db87ae 100644 --- a/files/copr/copr-be.conf +++ b/files/copr/copr-be.conf @@ -51,7 +51,7 @@ worker_logdir=/var/log/copr/workers/ # publish fedmsg notifications from workers if true # default is false #fedmsg_enabled=false - +fedmsg_enabled=true [builder] # default is 1800 diff --git a/files/copr/provision/files/mock/epel-5-i386.cfg b/files/copr/provision/files/mock/epel-5-i386.cfg index 38a425aba..bd55bbcb5 100644 --- a/files/copr/provision/files/mock/epel-5-i386.cfg +++ b/files/copr/provision/files/mock/epel-5-i386.cfg @@ -5,6 +5,9 @@ config_opts['chroot_setup_cmd'] = 'install buildsys-build' config_opts['dist'] = 'el5' # only useful for --resultdir variable subst if not config_opts.has_key('macros'): config_opts['macros'] = {} config_opts['macros']['%__arch_install_post'] = '%{nil}' +config_opts['macros']['%rhel'] = '5' +config_opts['macros']['%dist'] = '.el5' +config_opts['macros']['%el5'] = '1' config_opts['releasever'] = '5' config_opts['yum.conf'] = """ diff --git a/files/copr/provision/files/mock/epel-5-x86_64.cfg b/files/copr/provision/files/mock/epel-5-x86_64.cfg index 2f26af0ba..31351d53c 100644 --- a/files/copr/provision/files/mock/epel-5-x86_64.cfg +++ b/files/copr/provision/files/mock/epel-5-x86_64.cfg @@ -5,6 +5,9 @@ config_opts['chroot_setup_cmd'] = 'install buildsys-build' config_opts['dist'] = 'el5' # only useful for --resultdir variable subst if not config_opts.has_key('macros'): config_opts['macros'] = {} config_opts['macros']['%__arch_install_post'] = '%{nil}' +config_opts['macros']['%rhel'] = '5' +config_opts['macros']['%dist'] = '.el5' +config_opts['macros']['%el5'] = '1' config_opts['releasever'] = '5' config_opts['yum.conf'] = """ diff --git a/files/hosts/arm.fedoraproject.org-hosts b/files/hosts/arm.fedoraproject.org-hosts index 7970c8d6b..4ee48472b 100644 --- a/files/hosts/arm.fedoraproject.org-hosts +++ b/files/hosts/arm.fedoraproject.org-hosts @@ -4,6 +4,7 @@ 10.5.125.36 kojipkgs.fedoraproject.org 10.5.126.23 infrastructure.fedoraproject.org 10.5.124.138 arm.koji.fedoraproject.org +10.5.124.138 armpkgs.fedoraproject.org 10.5.125.44 pkgs.fedoraproject.org pkgs # # This is proxy01.phx2.fedoraproject.org diff --git a/inventory/group_vars/mailman b/inventory/group_vars/mailman index 51b55f101..be7c2b61a 100644 --- a/inventory/group_vars/mailman +++ b/inventory/group_vars/mailman @@ -27,3 +27,6 @@ virt_install_command: /usr/sbin/virt-install -n {{ inventory_hostname }} -r {{ m gateway={{ gw }} dns={{ dns }} console=tty0 console=ttyS0 hostname={{ inventory_hostname }}" --network=bridge=br0 --autostart --noautoconsole + +# Used by the mailman role +mailman_dbserver: db01.phx2.fedoraproject.org diff --git a/inventory/group_vars/mailman-stg b/inventory/group_vars/mailman-stg index 51b55f101..62acb4eac 100644 --- a/inventory/group_vars/mailman-stg +++ b/inventory/group_vars/mailman-stg @@ -27,3 +27,6 @@ virt_install_command: /usr/sbin/virt-install -n {{ inventory_hostname }} -r {{ m gateway={{ gw }} dns={{ dns }} console=tty0 console=ttyS0 hostname={{ inventory_hostname }}" --network=bridge=br0 --autostart --noautoconsole + +# Used by the mailman role +mailman_dbserver: db02.stg.phx2.fedoraproject.org diff --git a/playbooks/groups/jenkins-cloud.yml b/playbooks/groups/jenkins-cloud.yml index 7b6b5e748..e68c62b3c 100644 --- a/playbooks/groups/jenkins-cloud.yml +++ b/playbooks/groups/jenkins-cloud.yml @@ -100,10 +100,81 @@ - name: mkdir dir for jenkins data action: file state=directory path=/var/lib/jenkins/plugins/ owner=jenkins group=jenkins - - name: import jenkins plugins - action: copy src={{ item }} owner=jenkins group=jenkins dest=/var/lib/jenkins/plugins/ - with_fileglob: - - "{{ files }}/jenkins/master/plugins/*.hpi" + - name: Download jenkins plugins + get_url: url=https://updates.jenkins-ci.org/download/plugins/{{ item.name }}/{{ item.version }}/{{ item.name }}.hpi + dest=/var/lib/jenkins/plugins/{{ item.name }}.hpi + sha256sum={{ item.sha }} + with_items: + - name: bazaar + version: 1.22 + sha: d7ff0987c96e2a694257ecf897ceee376908c5f94abfd1d5efc32482e4d54141 + - name: chucknorris + version: 0.5 + sha: bd9df0507008255ad2ed046368d10a4d039a6cbcfefb53c71c1768cc0dcbf65b + - name: cobertura + version: 1.9.3 + sha: 3db93d70486b80a904a74ce40b0ac6a7812d1f522f820d0e5d7b538401bc2946 + - name: csv + version: 2.11 + sha: 7c917bc824019a81d54472c525e4d724dfb4ae10b59bf64e692a2fc59fcd33cc + - name: external-monitor-job + version: 1.2 + sha: 8dd2644271d0138839490342833e9ff7f82772038f673f5ac6220193c587747d + - name: git + version: 2.0.1 + sha: 68c7fa6f9e3e1e3991bbba67ca86c2590e425f80a7176171ad7c645d57abe839 + - name: git-client + version: 1.6.1 + sha: 6b5762e7f423e0c40b068f671a276e83e4093c019164f61959b83d98bc24dedd + - name: instant-messaging + version: 1.28 + sha: 0b84561fd72cb80d89c5c57548fe8b7270d448f66361dedd07e227fb1bd44f03 + - name: ldap + version: 1.8 + sha: 491905ec3675b6a5acf2098722c121732801fd6210e6ff54bc99d213b5b8ee58 + - name: maven-plugin + version: 2.1 + sha: 1f80592242251bd1c3ca7ba0290905567bba2883fdf828f66a6759d64d1a64bf + - name: mercurial + version: 1.49 + sha: c7af29d9af2071aa60fd82efc90d97f52c38b8911160796c1d9c0a89768f36e4 + - name: openid + version: 1.8 + sha: fed09c7da7762323cf55c3b725493622a4a2460eab8622230497e35914ac9d7e + - name: python + version: 1.2 + sha: e3358a945f21b84a8156237b0d621815a7822322e1180ae1e66d10798aaf1f56 + - name: scm-api + version: 0.2 + sha: cc856d8dc8b951cf9a195baa2bf7bbff0d12368534a6b973e43e2909141eff3f + - name: ssh-agent + version: 1.4.1 + sha: ae8227bf219e96a4d76f36dc6d6e652ddd0209e8d9c4cf4483a07858d707ce6e + - name: subversion + version: 1.54 + sha: 90c109cbecdf00fbe1a377770d735cf12dcae6f750c00b19b59eaee223a54aa2 + - name: translation + version: 1.11 + sha: 4d88b8d74ade119cef76827bd385693447fa68fa18fd1bfc8806aff9d931f00e + - name: violations + version: 0.7.11 + sha: f8eacb53eb01f83f3702009a41cef89e520a72933671ac1ee9154d88bde2d67a + - name: xunit + version: 1.81 + sha: 8749ef1b3861ea6a5166c7a6f443e20dca346f98aa58ab2bb3f3376b6392244e + - name: warnings + version: 4.28 + sha: cc2de4391030e15ffeee86269bdf1afc5a377d484690e4b3ad8fe1c1f2dfd18c + - name: multiple-scms + version: 0.3 + sha: e79d7e855ffe0ad060d11ae1ce0b39f68e7fa031c6e831f60fe33e5ddb3392ac + - name: credentials + version: 1.9.4 + sha: 2fedc41d977a166c1addd82cd0cc9b73cffd34b97f7c0756bad7dc198ccd98de + - name: mailer + version: 1.8 + sha: fb9c6d471c2fea97fc2ccb64bfac18f77c847e740bcc2d5a4de31c35e851728a + tags: - config diff --git a/playbooks/groups/mailman.yml b/playbooks/groups/mailman.yml index 7826f1447..9c1cda5a9 100644 --- a/playbooks/groups/mailman.yml +++ b/playbooks/groups/mailman.yml @@ -54,7 +54,21 @@ - include: "{{ handlers }}/restart_services.yml" +# # Database setup +# + +- name: prepare setting up the database + hosts: db02.stg.phx2.fedoraproject.org:db01.phx2.fedoraproject.org + gather_facts: no + user: root + + tasks: + - name: install psycopg2 for the postgresql ansible modules + yum: pkg=python-psycopg2 state=installed + tags: + - packages + - name: setup the database hosts: db02.stg.phx2.fedoraproject.org:db01.phx2.fedoraproject.org gather_facts: no @@ -98,7 +112,6 @@ roles: - role: mailman - mailman_dbserver: db02.stg.phx2.fedoraproject.org mailman_postfix_mydestination: "lists.fedoraproject.org, lists.stg.fedoraproject.org" mailman_mm_db_pass: "{{ mailman_mm_db_pass }}" mailman_hk_admin_db_pass: "{{ mailman_hk_admin_db_pass }}" diff --git a/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml b/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml index 24ae5ec03..86958a7e0 100644 --- a/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml +++ b/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml @@ -54,6 +54,7 @@ - git - screen - fail2ban + - system-config-firewall-base - name: make copr dirs diff --git a/playbooks/hosts/lists-dev.cloud.fedoraproject.org.yml b/playbooks/hosts/lists-dev.cloud.fedoraproject.org.yml index d8b44ec6d..674fbae4d 100644 --- a/playbooks/hosts/lists-dev.cloud.fedoraproject.org.yml +++ b/playbooks/hosts/lists-dev.cloud.fedoraproject.org.yml @@ -134,6 +134,8 @@ - tar - mailman # transition from mailman2.1 - vim + - tmux + - patch tags: - packages diff --git a/playbooks/rdiff-backup.yml b/playbooks/rdiff-backup.yml index d896a0ed6..7e9046ea8 100644 --- a/playbooks/rdiff-backup.yml +++ b/playbooks/rdiff-backup.yml @@ -25,6 +25,6 @@ when: global_backup_targets is defined - name: run rdiff-backup hitting all the host targets - local_action: "shell rdiff-backup --exclude='**.snapshot' --create-full-path --print-statistics {{ inventory_hostname }}::{{ item }} /fedora_backups/{{ inventory_hostname }}/`basename {{ item }}` | mail -r sysadmin-backup-members@fedoraproject.org -s 'rdiff-backup: {{ inventory_hostname }}:{{ item }}' sysadmin-backup-members@fedoraproject.org" + local_action: "shell rdiff-backup --exclude='**git-seed*' --exclude='**git_seed' --exclude='**.snapshot' --create-full-path --print-statistics {{ inventory_hostname }}::{{ item }} /fedora_backups/{{ inventory_hostname }}/`basename {{ item }}` | mail -r sysadmin-backup-members@fedoraproject.org -s 'rdiff-backup: {{ inventory_hostname }}:{{ item }}' sysadmin-backup-members@fedoraproject.org" with_items: host_backup_targets when: host_backup_targets is defined diff --git a/roles/ask/templates/settings.py b/roles/ask/templates/settings.py index 6d9d4803a..ed9d2bbb8 100644 --- a/roles/ask/templates/settings.py +++ b/roles/ask/templates/settings.py @@ -255,7 +255,7 @@ LANGUAGES = ( ('es', gettext('Spanish')), ('en', gettext('English')), ('ru', gettext('Russian')), - ('zh-tw', gettext('Chinese')), + ('zh-cn', gettext('Simplified Chinese')), ('fr', gettext('French')), ('el', gettext('Greek')), ('id', gettext('Indonesian')), @@ -278,6 +278,7 @@ LANGUAGES = ( ('pt-br', gettext('Brazilian Portuguese')), ('id', gettext('Indonesian')), ('el', gettext('Greek')), + ('zh-cn', gettext('Simplified Chinese')), ) {% endif %} diff --git a/roles/badges-frontend/templates/tahrir.ini b/roles/badges-frontend/templates/tahrir.ini index a9b1277c6..c208eacad 100644 --- a/roles/badges-frontend/templates/tahrir.ini +++ b/roles/badges-frontend/templates/tahrir.ini @@ -35,7 +35,7 @@ tahrir.admin = ralph@fedoraproject.org, oddshocks@fedoraproject.org, puiterwijk@ tahrir.pngs.uri = /usr/share/badges/pngs dogpile.cache.backend = dogpile.cache.memcached -dogpile.cache.expiration_time = 10000 +dogpile.cache.expiration_time = 100 dogpile.cache.arguments.url = memcached03:11211 dogpile.cache.arguments.distributed_lock = True diff --git a/roles/fedmsg_base/templates/relay.py.j2 b/roles/fedmsg_base/templates/relay.py.j2 index 0b13e2ac9..c4694c346 100644 --- a/roles/fedmsg_base/templates/relay.py.j2 +++ b/roles/fedmsg_base/templates/relay.py.j2 @@ -31,7 +31,7 @@ config = dict( "tcp://app01.%s:3998" % suffix, # Scripts from the vpn (people03) connect here - "tcp://app01.vpn.fedoraproject.org:3998", + #"tcp://app01.vpn.fedoraproject.org:3998", # Scripts from outside connect here (coprs, secondary arch composes) "tcp://busgateway01.%s:9941" % suffix, diff --git a/roles/fedmsg_base/templates/ssl.py.j2 b/roles/fedmsg_base/templates/ssl.py.j2 index ac51ce850..0f3df555e 100644 --- a/roles/fedmsg_base/templates/ssl.py.j2 +++ b/roles/fedmsg_base/templates/ssl.py.j2 @@ -144,6 +144,7 @@ config = dict( # since it is an openstack node. This might be a little fragile. :/ # See https://github.com/fedora-infra/fedmsg/issues/199 for the plan. ("copr.copr-be-i-00000407", "copr-copr-be.cloud.fedoraproject.org"), + ("copr.copr-be", "copr-copr-be.cloud.fedoraproject.org"), ]), routing_policy={ # The gist here is that only messages signed by the diff --git a/roles/mailman/defaults/main.yml b/roles/mailman/defaults/main.yml index 6fb905b43..dffdecd16 100644 --- a/roles/mailman/defaults/main.yml +++ b/roles/mailman/defaults/main.yml @@ -1,6 +1,6 @@ --- mailman_webui_basedir: /srv/webui -mailman_webui_confdir: ${mailman_webui_basedir}/config +mailman_webui_confdir: "{{ mailman_webui_basedir }}/config" mailman_dbserver: localhost mailman_postfix_mydestination: "{{ ansible_fqdn }}" mailman_mm_db_pass: changeme diff --git a/roles/mailman/files/pg-give-rights.py b/roles/mailman/files/pg-give-rights.py index e99dd77f2..08031515a 100755 --- a/roles/mailman/files/pg-give-rights.py +++ b/roles/mailman/files/pg-give-rights.py @@ -24,7 +24,7 @@ def give_rights(dbhost, dbuser, dbpasswd, dbname): cur.execute(dbrightsquery) # Table permissions cur.execute(""" - SELECT 'GRANT SELECT,INSERT,UPDATE,DELETE,TRUNCATE ON ' || relname || ' TO %sapp;' + SELECT 'GRANT SELECT,INSERT,UPDATE,DELETE,TRUNCATE ON "' || relname || '" TO %sapp;' FROM pg_class JOIN pg_namespace ON pg_namespace.oid = pg_class.relnamespace WHERE nspname = 'public' AND relkind IN ('r', 'v'); diff --git a/roles/mailman/tasks/main.yml b/roles/mailman/tasks/main.yml index 163f94fe6..75619c1ec 100644 --- a/roles/mailman/tasks/main.yml +++ b/roles/mailman/tasks/main.yml @@ -225,7 +225,7 @@ - restart postfix - name: create the postfix aliases - command: sudo -u mailman mailman3 aliases + command: su mailman -s /bin/sh -c "mailman3 aliases" creates=/var/lib/mailman3/data/postfix_lmtp.db # Memcached diff --git a/roles/mailman/templates/settings.py.j2 b/roles/mailman/templates/settings.py.j2 index 1fd96f1f8..f819bb5d9 100644 --- a/roles/mailman/templates/settings.py.j2 +++ b/roles/mailman/templates/settings.py.j2 @@ -142,6 +142,7 @@ MIDDLEWARE_CLASSES = ( 'hyperkitty.middleware.KittyStoreDjangoMiddleware', 'hyperkitty.middleware.SSLRedirect', 'hyperkitty.middleware.TimezoneMiddleware', + 'hyperkitty.middleware.MailmanUserMetadata', ) ROOT_URLCONF = 'urls' diff --git a/roles/mirrorlist/files/mirrorlist-server.conf b/roles/mirrorlist/files/mirrorlist-server.conf index 1ee87bcc3..929578708 100644 --- a/roles/mirrorlist/files/mirrorlist-server.conf +++ b/roles/mirrorlist/files/mirrorlist-server.conf @@ -4,8 +4,6 @@ Alias /static /var/lib/mirrormanager/mirrorlists/static/ <Directory /var/lib/mirrormanager/mirrorlists> Options Indexes FollowSymLinks - ExpiresActive On - ExpiresDefault "modification plus 1 day" </Directory> WSGIDaemonProcess mirrorlist user=apache processes=45 threads=1 display-name=mirrorlist maximum-requests=1000 @@ -42,3 +40,15 @@ WSGIScriptAlias /mirrorlist /usr/share/mirrormanager/mirrorlist-server/mirrorlis Allow from all </IfModule> </Location> + +<Location /publiclist> + <IfModule mod_authz_core.c> + # Apache 2.4 + Require all granted + </IfModule> + <IfModule !mod_authz_core.c> + # Apache 2.2 + Order deny,allow + Allow from all + </IfModule> +</Location> diff --git a/scripts/ansible-playbook-check-diff b/scripts/ansible-playbook-check-diff index 72c0d78b1..0fe46b72a 100755 --- a/scripts/ansible-playbook-check-diff +++ b/scripts/ansible-playbook-check-diff @@ -18,8 +18,4 @@ for dir in ("hosts", "groups"): playbookpath = os.path.join(path, file) cmd = ("ansible-playbook", playbookpath, "--check", "--diff") ansibleprocess = subprocess.Popen(cmd) - -# -# Add this if you want to run them one at a time instead of all forked off in a bunch. -# ansibleprocess.communicate() -# + ansibleprocess.communicate() |