summaryrefslogtreecommitdiffstats
path: root/roles/base
Commit message (Collapse)AuthorAgeFilesLines
...
* use correct group nameKevin Fenzi2016-10-171-1/+1
|
* Attempt to limit pg access to clients that need it only.Kevin Fenzi2016-10-171-0/+85
|
* Set domain realm for krb5Patrick Uiterwijk2016-10-141-0/+7
| | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Put krb5.conf in base rolePatrick Uiterwijk2016-10-132-0/+38
| | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* tweak base role interfaces for docker networksKevin Fenzi2016-10-101-1/+1
|
* remove the entries to noc02 that wont work because that hostnmae doesnt existStephen Smoogen2016-09-301-3/+0
|
* Install complete.crt into .crtPatrick Uiterwijk2016-09-271-1/+1
| | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Install gateway cert with intermediate certPatrick Uiterwijk2016-09-271-1/+1
| | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* push the tls change out to the smtp-mm boxesStephen Smoogen2016-09-272-3/+40
|
* Fix the order of this handlerKevin Fenzi2016-09-271-1/+1
|
* Swap the order of these handlers so it does the map, then the postfix restart.Kevin Fenzi2016-09-271-1/+1
|
* too much email still requires ipv4 only and our ipv6 reverse doesnt work hereStephen Smoogen2016-09-271-1/+1
|
* rebuild then restartStephen Smoogen2016-09-271-2/+2
|
* tls_ssl_options not implemented in our postfixStephen Smoogen2016-09-271-1/+1
|
* call it a crt not a csrStephen Smoogen2016-09-272-3/+3
|
* and we need to have a triggerStephen Smoogen2016-09-271-0/+3
|
* and put in the items kevin asked for.Stephen Smoogen2016-09-272-5/+10
|
* lets try another go at patchingStephen Smoogen2016-09-272-21/+16
|
* try this patch set on for size to get tls working with smtpStephen Smoogen2016-09-272-0/+68
|
* Also delivery master.cf to noc02Patrick Uiterwijk2016-09-241-1/+1
| | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* why?Stephen Smoogen2016-09-241-1/+1
|
* I broke it so I need to buy it.Stephen Smoogen2016-09-243-0/+0
|
* try to put in place smtp files for noc02 to use smtp-ipv4 vs ipv6 for googleStephen Smoogen2016-09-233-0/+828
|
* Fix a bunch of places that didn't use the full correct modeKevin Fenzi2016-08-082-12/+12
|
* Death to all trailing whitespace.Kevin Fenzi2016-08-081-4/+4
|
* Make this really norelayPatrick Uiterwijk2016-07-231-1/+1
| | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* remove debugging, set base to always set hostnameKevin Fenzi2016-07-181-4/+1
|
* drop no longer existant download-rdus from this scriptKevin Fenzi2016-07-131-2/+0
|
* osbs-stg will use the normal iptables, and will get docker iptables via a scriptPatrick Uiterwijk2016-07-051-104/+0
| | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Until I can figure out this nameserver thing, don't track dns requests to ↵Kevin Fenzi2016-06-302-0/+248
| | | | keep conntrack tables not full
* ppc8-04 is a hw builderKevin Fenzi2016-06-271-1/+1
|
* drop bodhost01 and proxy07Kevin Fenzi2016-05-311-1/+0
|
* Update ip address for ppc hub.Kevin Fenzi2016-05-201-2/+2
|
* Switch mm-smtp servers to send to mailman01 instead of relaying via collab03.Kevin Fenzi2016-05-182-6/+4
| | | | Also, remove the old transports file which as far as I can tell is not used by anything.
* Try this and see if it works any differently.Kevin Fenzi2016-05-141-1/+1
|
* Bypass spam checking for emails from MailmanAurélien Bompard2016-05-121-0/+5
|
* Fixup activation of SpamAssassin on MailmanAurélien Bompard2016-05-121-1/+1
|
* Add Spamassassin to MailmanAurélien Bompard2016-05-121-0/+97
|
* Change ansible_fqdn to inventory_hostname. This fixes some few hosts that ↵Kevin Fenzi2016-05-112-7/+6
| | | | | | have incorrect reverse dns and shouldn't break any others since we always use fully qualified in our inventory.
* OSBS needs prod kojipkgsPatrick Uiterwijk2016-05-101-1/+5
| | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Osbs needs access to kojipkgsPatrick Uiterwijk2016-05-101-0/+4
| | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Nobody asked docker to override dns servers, yet it doesPatrick Uiterwijk2016-05-091-0/+4
| | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Allow all traffic over the docker0 interfacePatrick Uiterwijk2016-05-091-0/+2
| | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Seems it tries to use koji stg over http...Patrick Uiterwijk2016-05-091-0/+1
| | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Allow https clone from pkgs.stgPatrick Uiterwijk2016-05-091-0/+1
| | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Prod != stgPatrick Uiterwijk2016-05-091-7/+3
| | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add iptables for osbs buildPatrick Uiterwijk2016-05-091-0/+92
| | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* openqa/worker: give up on GRE, single tap host insteadAdam Williamson2016-05-051-0/+0
| | | | | | | OK, this GRE crap ain't working. Let's give up! Instead let's have one tap-capable host per openQA deployment, so all the tap jobs will go to it. This...should achieve that. Let's see what blows up.
* openqa: fix iptables stuffAdam Williamson2016-04-271-0/+0
| | | | apparently host_group is not the same thing as inventory group.
* add an 'ansible_ifcfg_whitelist' feature and use it for openqaAdam Williamson2016-04-271-1/+1
| | | | | | | | | | | semi-acked by nirik (but he'll deny it furiously and it's all my fault if everything blows up): for openQA's openvswitch stuff I need a 'br0' and a 'tap0' that I don't want the base role to mess with, but I *do* want the base role to configure eth0 for me. ansible_ifcfg_blacklist isn't granular enough. So let's invent ansible_ifcfg_whitelist, which if defined is a list of interface names you want the base role to configure. Any interface not in the list is left alone.
generated by cgit (git 2.34.1) at 2025-09-26 06:14:46 +0000