[ansible] Update redirects
by Nicolas Chauvet
commit 3adbdbc85ea38a4e0ed934d5970d74bd45a05503
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Fri Nov 25 18:43:32 2016 +0100
Update redirects
roles/fedora-web/main/files/redirects.conf.prod | 8 ++------
roles/fedora-web/main/templates/sponsor.conf | 1 -
2 files changed, 2 insertions(+), 7 deletions(-)
---
diff --git a/roles/fedora-web/main/files/redirects.conf.prod b/roles/fedora-web/main/files/redirects.conf.prod
index 4b59472..0f849cf 100644
--- a/roles/fedora-web/main/files/redirects.conf.prod
+++ b/roles/fedora-web/main/files/redirects.conf.prod
@@ -11,13 +11,9 @@ RewriteRule .* - [F]
RewriteCond %{REMOTE_ADDR} ^95\.24\.237\.122$
RewriteRule .* - [F]
-# Sponsor links should go to the specific sponsor page
-RewriteRule ^(/.*)?/sponsors.*$ https://getfedora.org/sponsors [R=301,L]
RewriteEngine On
-RewriteCond %{HTTPS} off
-RewriteRule ^/([^/]+/)?(keys|verify)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
+RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
+RewriteRule ^(.*)$ https://rpmfusion.org/$1 [R=301,L]
-RewriteCond %{HTTP_REFERER} .*fedorproject.*
-RewriteRule .* http://mmcgrath.fedorapeople.org/spam.html [R=301,L]
diff --git a/roles/fedora-web/main/templates/sponsor.conf b/roles/fedora-web/main/templates/sponsor.conf
index 2ee4235..e69de29 100644
--- a/roles/fedora-web/main/templates/sponsor.conf
+++ b/roles/fedora-web/main/templates/sponsor.conf
@@ -1 +0,0 @@
-Alias /static/js/sponsor.js /srv/web/{{website}}/static/js/sponsors/{{sponsor}}.js
8 years
[ansible] Update fedora-web
by Nicolas Chauvet
commit 3b8b760f49e2c686fdcbbd643a63489c57e5d1e8
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Fri Nov 25 18:34:34 2016 +0100
Update fedora-web
roles/fedora-web/main/files/languages.conf | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/roles/fedora-web/main/files/languages.conf b/roles/fedora-web/main/files/languages.conf
index 4db0ada..95d9e07 100644
--- a/roles/fedora-web/main/files/languages.conf
+++ b/roles/fedora-web/main/files/languages.conf
@@ -78,7 +78,7 @@ RewriteCond %{QUERY_STRING} ^lang=(af|ar|as|ast|bal|bg|bn|bn_IN|br|ca|cs|da|de|d
RewriteRule ^(?:/(?:af|ar|as|ast|bal|bg|bn|bn_IN|br|ca|cs|da|de|de_CH|el|en|en_GB|es|eu|fa|fi|fr|gl|gu|he|hi|hu|ia|id|is|it|ja|ka|kn|ko|lv|ml|mr|nb|nl|or|pa|pl|pt|pt_BR|ro|ru|sk|sq|sr|sv|ta|te|tg|th|tr|uk|vi|zh_CN|zh_TW))?(/.*)$ /%1$1? [R=301]
AliasMatch ^(?:/(?:af|ar|as|ast|bal|bg|bn|bn_IN|br|ca|cs|da|de|de_CH|el|en|en_GB|es|eu|fa|fi|fr|gl|gu|he|hi|hu|ia|id|is|it|ja|ka|kn|ko|lv|ml|mr|nb|nl|or|pa|pl|pt|pt_BR|ro|ru|sk|sq|sr|sv|ta|te|tg|th|tr|uk|vi|zh_CN|zh_TW))(/.*)?$ /srv/web/fedoraproject.org$1
-<Directory /srv/web/fedoraproject.org>
+<Directory /srv/web/rpmfusion.org>
Options MultiViews
SetEnvIf Request_URI ^/af/ prefer-language=af
8 years
[ansible] Switch to letsencrypts ssl
by Nicolas Chauvet
commit 80f76cf91f901e33f39f4a85244052d08dd6a9d5
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Fri Nov 25 18:21:04 2016 +0100
Switch to letsencrypts ssl
playbooks/include/proxies-websites.yml | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
---
diff --git a/playbooks/include/proxies-websites.yml b/playbooks/include/proxies-websites.yml
index c5437f9..5301698 100644
--- a/playbooks/include/proxies-websites.yml
+++ b/playbooks/include/proxies-websites.yml
@@ -51,7 +51,8 @@
server_aliases:
- www.rpmfusion.org
sslonly: true
- cert_name: "{{wildcard_cert_name}}"
+ cert_name: rpmfusion.org
+ SSLCertificateChainFile : rpmfusion.org-intermediate.cert
- role: httpd/website
name: admin.rpmfusion.org
8 years
[ansible] moin at root location
by Nicolas Chauvet
commit fe660497b8d7ad4c4ef85b0de4fff241103b2948
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Fri Nov 25 17:04:29 2016 +0100
moin at root location
files/moin/wikiconfig.py | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/files/moin/wikiconfig.py b/files/moin/wikiconfig.py
index e8738f6..61cacf7 100644
--- a/files/moin/wikiconfig.py
+++ b/files/moin/wikiconfig.py
@@ -60,7 +60,7 @@ class Config(multiconfig.DefaultConfig):
# use this setting and it will automatically work.
# If you run your wiki script at /mywiki, you need to use this:
#url_prefix_static = '/mywiki' + url_prefix_static
- url_prefix_static = '/moin' + url_prefix_static
+ #url_prefix_static = '/moin' + url_prefix_static
# Wiki identity ----------------------------------------------------
8 years
[ansible] Update moin01 apache
by Nicolas Chauvet
commit 148351b01a1d36df2c4e263cf024ffd8e8354f3b
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Fri Nov 25 17:03:46 2016 +0100
Update moin01 apache
roles/moin/files/moin.conf | 6 ++----
1 files changed, 2 insertions(+), 4 deletions(-)
---
diff --git a/roles/moin/files/moin.conf b/roles/moin/files/moin.conf
index 9f4a228..a1f3d8d 100644
--- a/roles/moin/files/moin.conf
+++ b/roles/moin/files/moin.conf
@@ -3,7 +3,5 @@
# MoinMoin
WSGISocketPrefix /var/run/httpd/moin-wsgi
WSGIDaemonProcess moin user=apache group=apache processes=5 threads=10 maximum-requests=1000 umask=0007
- WSGIScriptAlias /moin /var/www/moin/moin.wsgi
- <Location /moin>
- WSGIProcessGroup moin
- </Location>
+ WSGIScriptAlias / /var/www/moin/moin.wsgi
+ WSGIProcessGroup moin
8 years
[ansible] Update to moin01 and fixup bodhi
by Nicolas Chauvet
commit c02024f781ca307ca78c07f7c06cd13a0546ce85
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Fri Nov 25 16:59:20 2016 +0100
Update to moin01 and fixup bodhi
playbooks/include/proxies-reverseproxy.yml | 8 +++++---
1 files changed, 5 insertions(+), 3 deletions(-)
---
diff --git a/playbooks/include/proxies-reverseproxy.yml b/playbooks/include/proxies-reverseproxy.yml
index 261d997..68fe7e0 100644
--- a/playbooks/include/proxies-reverseproxy.yml
+++ b/playbooks/include/proxies-reverseproxy.yml
@@ -15,14 +15,16 @@
- role: httpd/reverseproxy
website: rpmfusion.org
- destname: se01
+ destname: moin01
localpath: /
- remotepath: /moin
- proxyurl: http://se01
+ remotepath: /
+ proxyurl: http://moin01
- role: httpd/reverseproxy
website: admin.rpmfusion.org
destname: bodhi
+ localpath: /updates
+ remotepath: /
proxyurl: http://bodhi01
- role: httpd/reverseproxy
8 years
[ansible] Add mailman group
by Nicolas Chauvet
commit 077d73641f8e12f49352191c98c7b0028e11a965
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Fri Nov 25 16:42:32 2016 +0100
Add mailman group
inventory/group_vars/mailman | 64 ++++++++++++++++++++++++++++++++++++++++++
1 files changed, 64 insertions(+), 0 deletions(-)
---
diff --git a/inventory/group_vars/mailman b/inventory/group_vars/mailman
new file mode 100644
index 0000000..9921acd
--- /dev/null
+++ b/inventory/group_vars/mailman
@@ -0,0 +1,64 @@
+---
+# common items for the releng-* boxes
+lvm_size: 250000
+mem_size: 16384
+num_cpus: 4
+# for systems that do not match the above - specify the same parameter in
+# the host_vars/$hostname file
+
+tcp_ports: [
+ 25, 80, 443,
+ # For outgoing fedmsg
+ 3000, 3001, 3002, 3003,
+]
+
+fas_client_groups: sysadmin-tools,sysadmin-main
+
+# These are consumed by a task in roles/fedmsg/base/main.yml
+fedmsg_certs:
+- service: shell
+ owner: root
+ group: sysadmin
+ can_send:
+ - logger.log
+- service: mailman
+ owner: mailman
+ group: mailman
+ can_send:
+ - mailman.receive
+
+# Postfix main.cf
+postfix_group: mailman
+
+# Used by the mailman role
+mailman_db_server: db02.online.rpmfusion.net
+mailman_domains:
+- lists.rpmfusion.org
+mailman_login:
+ gitlab:
+ display_name: GitLab
+ provider: gitlab
+ github:
+ display_name: GitHub
+ provider: github
+ twitter:
+ display_name: Twitter
+ provider: twitter
+ google:
+ display_name: Google
+ provider: google
+ facebook:
+ display_name: Facebook
+ provider: facebook
+ stackexchange:
+ display_name: StackExchange
+ provider: stackexchange
+
+# by default, the number of emails in queue before we whine
+nrpe_check_postfix_queue_warn: 100
+nrpe_check_postfix_queue_crit: 200
+
+# Number of processes for nagios
+nrpe_procs_warn: 300
+nrpe_procs_crit: 500
+
8 years