October 2018 - sysadmin-notify

[ansible] Fixup nmcli and iptables-restore

by Nicolas Chauvet

commit e681cbc0054cf26dee1cea2120dc21e5ac7e6992 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Sun Oct 21 18:14:34 2018 +0200 Fixup nmcli and iptables-restore inventory/host_vars/buildvm-07.virt.rpmfusion.net | 9 +++++++++ roles/base/tasks/main.yml | 4 ++-- 2 files changed, 11 insertions(+), 2 deletions(-) --- diff --git a/inventory/host_vars/buildvm-07.virt.rpmfusion.net b/inventory/host_vars/buildvm-07.virt.rpmfusion.net new file mode 100644 index 0000000..6720b95 --- /dev/null +++ b/inventory/host_vars/buildvm-07.virt.rpmfusion.net @@ -0,0 +1,9 @@ +--- +datacenter: virt + +# +# We need to mount koji storage rw here so run_root can work. +# The rest of the group can be ro, it's only builders in the +# compose channel that need a rw mount + +nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3" diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml index a44f9b7..f3b63c4 100644 --- a/roles/base/tasks/main.yml +++ b/roles/base/tasks/main.yml @@ -62,7 +62,7 @@ - ifcfg - name: get interface uuid - shell: nmcli -f "DEVICE,UUID" c show --active | grep -E '^eth|^br' + shell: nmcli -f "DEVICE,UUID" c show --active | grep -E '^eth|^br|^en' register: if_uuid changed_when: false failed_when: 'if_uuid.stdout == ""' @@ -189,7 +189,7 @@ - base - name: iptables - template: src={{ item }} dest=/etc/sysconfig/iptables mode=0600 validate="/sbin/iptables-restore --text %s" + template: src={{ item }} dest=/etc/sysconfig/iptables mode=0600 validate="/sbin/iptables-restore %s" with_first_found: - iptables/iptables.{{ datacenter }} - iptables/iptables.{{ inventory_hostname }}

6 years, 2 months

1
0
0 / 0

[ansible] Add arm-builder11

by Nicolas Chauvet

commit 9e3417211cf033b3d704147df8cd79bc9bc64cec Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Sun Oct 21 18:14:14 2018 +0200 Add arm-builder11 inventory/builders | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) --- diff --git a/inventory/builders b/inventory/builders index 54027de..664a6d0 100644 --- a/inventory/builders +++ b/inventory/builders @@ -55,6 +55,7 @@ arm-builder04.scaleway.rpmfusion.net [home-arm] arm-builder09.home.rpmfusion.net arm-builder10.home.rpmfusion.net +arm-builder11.home.rpmfusion.net arm-jetson-tk1.home.rpmfusion.net arm-jetson-tx1.home.rpmfusion.net

6 years, 2 months

1
0
0 / 0

[ansible] Move buildvm-07/08 as separate builder

by Nicolas Chauvet

commit e096954f8dcee3aeef6a0329ea1d22f59db868c4 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Sun Oct 21 15:46:30 2018 +0200 Move buildvm-07/08 as separate builder inventory/builders | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) --- diff --git a/inventory/builders b/inventory/builders index 58be36f..54027de 100644 --- a/inventory/builders +++ b/inventory/builders @@ -8,12 +8,12 @@ buildvm-01.online.rpmfusion.net buildvm-02.online.rpmfusion.net buildvm-05.virt.rpmfusion.net buildvm-06.virt.rpmfusion.net -buildvm-07.virt.rpmfusion.net -buildvm-08.virt.rpmfusion.net [buildhw-x86] buildvm-03.online.rpmfusion.net buildvm-04.online.rpmfusion.net +buildvm-07.virt.rpmfusion.net +buildvm-08.virt.rpmfusion.net [buildvm-ppc64] buildppc-01.osuosl.rpmfusion.net ansible_user=fedora ansible_become=yes

6 years, 2 months

1
0
0 / 0

[ansible] Add proxy smtp-relay alias

by Nicolas Chauvet

commit 445d14bdda7332bf2b3ea8c1e2295301b01b374f Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Mon Oct 8 15:52:13 2018 +0200 Add proxy smtp-relay alias roles/hosts/files/home-hosts | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) --- diff --git a/roles/hosts/files/home-hosts b/roles/hosts/files/home-hosts index a3e3aea..f34e51a 100644 --- a/roles/hosts/files/home-hosts +++ b/roles/hosts/files/home-hosts @@ -17,4 +17,4 @@ 192.168.181.141 bodhi01.online.rpmfusion.net bodhi01 # hv01 online - vpn -192.168.182.1 hv01.vpn.rpmfusion.net proxy.vpn.rpmfusion.net nfs-server.vpn.rpmfusion.net nfs-server log01 +192.168.182.1 hv01.vpn.rpmfusion.net proxy.vpn.rpmfusion.net nfs-server.vpn.rpmfusion.net nfs-server log01 proxy smtp-relay

6 years, 2 months

1
0
0 / 0

[ansible] Add home group

by Nicolas Chauvet

commit f722d2094d46122032b9160ff6f7756d282b28b7 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Mon Oct 8 14:08:12 2018 +0200 Add home group inventory/builders | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) --- diff --git a/inventory/builders b/inventory/builders index c311287..58be36f 100644 --- a/inventory/builders +++ b/inventory/builders @@ -43,6 +43,9 @@ buildaarch64 buildvm-ppc64 buildvm-ppc64le +[home:children] +home-arm + [scaleway-c1] arm-builder01.scaleway.rpmfusion.net arm-builder02.scaleway.rpmfusion.net

6 years, 2 months

1
0
0 / 0

[ansible] Add home-hosts

by Nicolas Chauvet

commit 8cd86d763503745fd39ef8b97bcc65885f689df2 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Mon Oct 8 14:07:06 2018 +0200 Add home-hosts roles/hosts/files/home-hosts | 20 ++++++++++++++++++++ 1 files changed, 20 insertions(+), 0 deletions(-) --- diff --git a/roles/hosts/files/home-hosts b/roles/hosts/files/home-hosts new file mode 100644 index 0000000..a3e3aea --- /dev/null +++ b/roles/hosts/files/home-hosts @@ -0,0 +1,20 @@ +127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 +::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 + +# hv01 online - public +#195.154.185.75 hv01.online.rpmfusion.net hv01 +212.83.132.100 koji.rpmfusion.org koji +212.129.31.198 pkgs.rpmfusion.org pkgs + +# hv01 online - lan +192.168.181.254 hv01.online.rpmfusion.net hv01 nfs-server.online.rpmfusion.net proxy.online.rpmfusion.net hub.online.rpmfusion.net +192.168.181.101 buildvm-01.online.rpmfusion.net buildvm-01 +192.168.181.102 buildvm-02.online.rpmfusion.net buildvm-02 +192.168.181.130 db02.online.rpmfusion.net db02 +192.168.181.135 koji01.online.rpmfusion.net koji01 +192.168.181.137 pkgs01.online.rpmfusion.net pkgs01 +192.168.181.138 pkgdb02.online.rpmfusion.net pkgdb02 +192.168.181.141 bodhi01.online.rpmfusion.net bodhi01 + +# hv01 online - vpn +192.168.182.1 hv01.vpn.rpmfusion.net proxy.vpn.rpmfusion.net nfs-server.vpn.rpmfusion.net nfs-server log01

6 years, 2 months

1
0
0 / 0

[ansible] Update rpmfusion default postfix main.cf

by Nicolas Chauvet

commit fd14115095eefd28f8db33628a55e904675d4154 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Wed Oct 3 18:49:54 2018 +0200 Update rpmfusion default postfix main.cf roles/base/files/postfix/main.cf/main.cf | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) --- diff --git a/roles/base/files/postfix/main.cf/main.cf b/roles/base/files/postfix/main.cf/main.cf index 5d152fc..c77ae28 100644 --- a/roles/base/files/postfix/main.cf/main.cf +++ b/roles/base/files/postfix/main.cf/main.cf @@ -313,7 +313,7 @@ unknown_local_recipient_reject_code = 550 #relayhost = [mailserver.isp.tld] #relayhost = uucphost #relayhost = [an.ip.add.ress] -relayhost = [mx1.rpmfusion.net] +relayhost = [smtp-relay] # REJECTING UNKNOWN RELAY USERS @@ -353,7 +353,7 @@ relayhost = [mx1.rpmfusion.net] # address masquerading or other forms of address rewriting including # username->Firstname.Lastname mapping. -masquerade_domains = rpmfusion.org +masquerade_domains = !lists.rpmfusion.org rpmfusion.org masquerade_exceptions = root apache # ADDRESS REDIRECTION (VIRTUAL DOMAIN) @@ -682,6 +682,9 @@ readme_directory = /usr/share/doc/postfix-2.4.5/README_FILES # add this to new postfix to get it to add proper message-id and other # headers to outgoing emails via the gateway. +smtpd_relay_restrictions = permit_mynetworks, + permit_sasl_authenticated, + reject_unauth_destination message_size_limit = 20971520 #inet_protocols = ipv4

6 years, 2 months

1
0
0 / 0

[ansible] Add arm-builder10

by Nicolas Chauvet

commit cd018c124b93e25eee8b15d5cb4def38f2195168 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Tue Oct 2 17:27:20 2018 +0200 Add arm-builder10 inventory/builders | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) --- diff --git a/inventory/builders b/inventory/builders index 31c7090..c311287 100644 --- a/inventory/builders +++ b/inventory/builders @@ -51,6 +51,7 @@ arm-builder04.scaleway.rpmfusion.net [home-arm] arm-builder09.home.rpmfusion.net +arm-builder10.home.rpmfusion.net arm-jetson-tk1.home.rpmfusion.net arm-jetson-tx1.home.rpmfusion.net

6 years, 2 months

1
0
0 / 0

[ansible] Add update-koji-owner for f29/f30

by Nicolas Chauvet

commit 3e4c3b76a522fbea249b25f4e5feef4c57927509 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Tue Oct 2 17:02:40 2018 +0200 Add update-koji-owner for f29/f30 roles/bodhi2/backend/tasks/main.yml | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) --- diff --git a/roles/bodhi2/backend/tasks/main.yml b/roles/bodhi2/backend/tasks/main.yml index 8ef916f..1c7ceeb 100644 --- a/roles/bodhi2/backend/tasks/main.yml +++ b/roles/bodhi2/backend/tasks/main.yml @@ -177,7 +177,7 @@ - name: sync packages from pkgdb2 to koji fedora cron: name="owner-sync-fedora" minute="7,17,27,37,47,57" user="root" - job="/usr/local/bin/owner-sync-pkgdb f26-free; /usr/local/bin/owner-sync-pkgdb f26-nonfree; /usr/local/bin/owner-sync-pkgdb f27-free; /usr/local/bin/owner-sync-pkgdb f27-nonfree; /usr/local/bin/owner-sync-pkgdb f28-free; /usr/local/bin/owner-sync-pkgdb f28-nonfree" + job="/usr/local/bin/owner-sync-pkgdb f27-free; /usr/local/bin/owner-sync-pkgdb f27-nonfree; /usr/local/bin/owner-sync-pkgdb f28-free; /usr/local/bin/owner-sync-pkgdb f28-nonfree; /usr/local/bin/owner-sync-pkgdb f29-free; /usr/local/bin/owner-sync-pkgdb f29-nonfree; /usr/local/bin/owner-sync-pkgdb f30-free; /usr/local/bin/owner-sync-pkgdb f30-nonfree" cron_file=update-koji-owner-fedora when: inventory_hostname.startswith('bodhi-backend01') and env == "production" tags:

6 years, 2 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

sysadmin-notify October 2018