March 2018 - sysadmin-notify

by Nicolas Chauvet

commit ef7647baf997dafa17570623d5f5745f282f6471 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Thu Mar 15 13:17:12 2018 +0100 Fix ports for koji inventory/group_vars/koji | 4 +--- 1 files changed, 1 insertions(+), 3 deletions(-) --- diff --git a/inventory/group_vars/koji b/inventory/group_vars/koji index 87d2b65..cdc4e89 100644 --- a/inventory/group_vars/koji +++ b/inventory/group_vars/koji @@ -6,9 +6,7 @@ num_cpus: 16 # for systems that do not match the above - specify the same parameter in # the host_vars/$hostname file -tcp_ports: [ 80, 443, - # These 8 ports are used by fedmsg. One for each wsgi thread. - 3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007] +tcp_ports: [ 80, 443] udp_ports: []

6 years, 9 months

1
0
0 / 0

[ansible] fixup

by Nicolas Chauvet

commit 5c9b313db364880f12d6e6c3ba8f4155db9c758b Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Thu Mar 15 11:22:29 2018 +0100 fixup inventory/host_vars/hv01.online.rpmfusion.net | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) --- diff --git a/inventory/host_vars/hv01.online.rpmfusion.net b/inventory/host_vars/hv01.online.rpmfusion.net index 6473799..f28d410 100644 --- a/inventory/host_vars/hv01.online.rpmfusion.net +++ b/inventory/host_vars/hv01.online.rpmfusion.net @@ -12,7 +12,7 @@ br1_nm: 255.255.255.0 tcp_ports: ['22', '25', '53', '1194'] udp_ports: ['53', '1194'] -custom_rules: [ '-A FORWARD -d 192.168.181.0/24 -o br1 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT' , '-A FORWARD -s 192.168.181.0/24 -i br1 -j ACCEPT', '-A INPUT -i br1 -p tcp -m tcp --dport 111 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 111 -j ACCEPT' , '-A INPUT -i br1 -p udp -m udp --dport 514 -j ACCEPT', '-A INPUT -i tun0 -p udp -m udp --dport 514 -j ACCEPT' ,'-A INPUT -i br1 -p tcp -m tcp --dport 662 -j ACCEPT' , '-A INPUT -i tun0 -p tcp -m tcp --dport 662 -j ACCEPT', '-A INPUT -i br1 -p tcp -m tcp --dport 892 -j ACCEPT' , '-A INPUT -i tun0 -p tcp -m tcp --dport 892 -j ACCEPT', '-A INPUT -i br1 -p tcp -m tcp --dport 2049 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 2049 -j ACCEPT', '-A INPUT -i br1 -p udp -m udp --dport 2049 -j ACCEPT', '-A INPUT -i tun0 -p udp -m udp --dport 2049 -j ACCEPT', '-A INPUT -i br1 -p tcp -m tcp --dport 5000 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 5000 -j ACCEPT' ,'-A INPUT -i br1 -p tcp -m tcp --dport 3 2803 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 32803 -j ACCEPT' , '-A INPUT -i br1 -p udp -m udp --dport 32769 -j ACCEPT', '-A INPUT -i tun0 -p udp -m udp --dport 32769 -j ACCEPT' , '-A INPUT -i br1 -p tcp -m tcp --dport 3128 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 3128 -j ACCEPT'] +custom_rules: [ '-A FORWARD -d 192.168.181.0/24 -o br1 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT' , '-A FORWARD -s 192.168.181.0/24 -i br1 -j ACCEPT', '-A INPUT -i br1 -p tcp -m tcp --dport 111 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 111 -j ACCEPT' , '-A INPUT -i br1 -p udp -m udp --dport 514 -j ACCEPT', '-A INPUT -i tun0 -p udp -m udp --dport 514 -j ACCEPT' , '-A INPUT -i br1 -p tcp -m tcp --dport 514 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 514 -j ACCEPT' ,'-A INPUT -i br1 -p tcp -m tcp --dport 662 -j ACCEPT' , '-A INPUT -i tun0 -p tcp -m tcp --dport 662 -j ACCEPT', '-A INPUT -i br1 -p tcp -m tcp --dport 892 -j ACCEPT' , '-A INPUT -i tun0 -p tcp -m tcp --dport 892 -j ACCEPT', '-A INPUT -i br1 -p tcp -m tcp --dport 2049 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 2049 -j ACCEPT', '-A INPUT -i br1 -p udp -m udp --dport 2049 -j ACCEPT', '-A INPUT -i tun0 -p udp -m udp --dport 2049 -j ACCEPT', '-A INPUT -i br1 -p tcp -m tcp --dport 50 00 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 5000 -j ACCEPT' ,'-A INPUT -i br1 -p tcp -m tcp --dport 32803 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 32803 -j ACCEPT' , '-A INPUT -i br1 -p udp -m udp --dport 32769 -j ACCEPT', '-A INPUT -i tun0 -p udp -m udp --dport 32769 -j ACCEPT' , '-A INPUT -i br1 -p tcp -m tcp --dport 3128 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 3128 -j ACCEPT'] custom_nat_rules: ['-A POSTROUTING -o br0 -j MASQUERADE' ]

6 years, 9 months

1
0
0 / 0

[ansible] Update iptables ports

by Nicolas Chauvet

commit 64b57555d6d637c5b78444471e633cf81966e044 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Thu Mar 15 11:17:24 2018 +0100 Update iptables ports inventory/host_vars/hv01.online.rpmfusion.net | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) --- diff --git a/inventory/host_vars/hv01.online.rpmfusion.net b/inventory/host_vars/hv01.online.rpmfusion.net index e6f0b4a..6473799 100644 --- a/inventory/host_vars/hv01.online.rpmfusion.net +++ b/inventory/host_vars/hv01.online.rpmfusion.net @@ -12,7 +12,7 @@ br1_nm: 255.255.255.0 tcp_ports: ['22', '25', '53', '1194'] udp_ports: ['53', '1194'] -custom_rules: [ '-A FORWARD -d 192.168.181.0/24 -o br1 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT' , '-A FORWARD -s 192.168.181.0/24 -i br1 -j ACCEPT', '-A INPUT -i br1 -p tcp -m tcp --dport 111 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 111 -j ACCEPT' ,'-A INPUT -i br1 -p tcp -m tcp --dport 662 -j ACCEPT' , '-A INPUT -i tun0 -p tcp -m tcp --dport 662 -j ACCEPT', '-A INPUT -i br1 -p tcp -m tcp --dport 892 -j ACCEPT' , '-A INPUT -i tun0 -p tcp -m tcp --dport 892 -j ACCEPT', '-A INPUT -i br1 -p tcp -m tcp --dport 2049 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 2049 -j ACCEPT', '-A INPUT -i br1 -p udp -m udp --dport 2049 -j ACCEPT', '-A INPUT -i tun0 -p udp -m udp --dport 2049 -j ACCEPT', '-A INPUT -i br1 -p tcp -m tcp --dport 32803 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 32803 -j ACCEPT', '-A INPUT -i br1 -p udp -m udp --dport 32769 -j ACCEPT', '-A INPUT -i tun0 -p udp -m udp --dport 32769 -j ACCEPT' , '-A INPUT -i br1 -p tcp -m tcp --dp ort 3128 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 3128 -j ACCEPT'] +custom_rules: [ '-A FORWARD -d 192.168.181.0/24 -o br1 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT' , '-A FORWARD -s 192.168.181.0/24 -i br1 -j ACCEPT', '-A INPUT -i br1 -p tcp -m tcp --dport 111 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 111 -j ACCEPT' , '-A INPUT -i br1 -p udp -m udp --dport 514 -j ACCEPT', '-A INPUT -i tun0 -p udp -m udp --dport 514 -j ACCEPT' ,'-A INPUT -i br1 -p tcp -m tcp --dport 662 -j ACCEPT' , '-A INPUT -i tun0 -p tcp -m tcp --dport 662 -j ACCEPT', '-A INPUT -i br1 -p tcp -m tcp --dport 892 -j ACCEPT' , '-A INPUT -i tun0 -p tcp -m tcp --dport 892 -j ACCEPT', '-A INPUT -i br1 -p tcp -m tcp --dport 2049 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 2049 -j ACCEPT', '-A INPUT -i br1 -p udp -m udp --dport 2049 -j ACCEPT', '-A INPUT -i tun0 -p udp -m udp --dport 2049 -j ACCEPT', '-A INPUT -i br1 -p tcp -m tcp --dport 5000 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 5000 -j ACCEPT' ,'-A INPUT -i br1 -p tcp -m tcp --dport 3 2803 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 32803 -j ACCEPT' , '-A INPUT -i br1 -p udp -m udp --dport 32769 -j ACCEPT', '-A INPUT -i tun0 -p udp -m udp --dport 32769 -j ACCEPT' , '-A INPUT -i br1 -p tcp -m tcp --dport 3128 -j ACCEPT', '-A INPUT -i tun0 -p tcp -m tcp --dport 3128 -j ACCEPT'] custom_nat_rules: ['-A POSTROUTING -o br0 -j MASQUERADE' ]

6 years, 9 months

1
0
0 / 0

[ansible] Fixup log01 route

by Nicolas Chauvet

commit d40a197bba831e8fb9c1f26f5d4a1edff3c487c5 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Mon Mar 12 11:28:28 2018 +0100 Fixup log01 route roles/hosts/files/osuosl-hosts | 2 +- roles/hosts/files/scaleway-hosts | 4 ++-- roles/hosts/files/virt-hosts | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) --- diff --git a/roles/hosts/files/osuosl-hosts b/roles/hosts/files/osuosl-hosts index 83cfa0c..97c216f 100644 --- a/roles/hosts/files/osuosl-hosts +++ b/roles/hosts/files/osuosl-hosts @@ -12,7 +12,7 @@ #192.168.181.137 pkgs01.online.rpmfusion.net pkgs01 pkgs.rpmfusion.org pkgs # hv01 online - vpn -192.168.182.1 hv01.vpn.rpmfusion.net proxy.vpn.rpmfusion.net nfs-server.vpn.rpmfusion.net nfs-server +192.168.182.1 hv01.vpn.rpmfusion.net proxy.vpn.rpmfusion.net nfs-server.vpn.rpmfusion.net nfs-server log01 # osuosl #buildppc-01.osuosl.rpmfusion.net diff --git a/roles/hosts/files/scaleway-hosts b/roles/hosts/files/scaleway-hosts index 386b1e0..d216c24 100644 --- a/roles/hosts/files/scaleway-hosts +++ b/roles/hosts/files/scaleway-hosts @@ -7,7 +7,7 @@ 212.129.31.198 pkgs.rpmfusion.org pkgs # hv01 online - lan -192.168.181.254 hv01.online.rpmfusion.net hv01 nfs-server.online.rpmfusion.net log01.online.rpmfusion.net log01 proxy.online.rpmfusion.net hub.online.rpmfusion.net +192.168.181.254 hv01.online.rpmfusion.net hv01 nfs-server.online.rpmfusion.net log01.online.rpmfusion.net proxy.online.rpmfusion.net hub.online.rpmfusion.net 192.168.181.101 buildvm-01.online.rpmfusion.net buildvm-01 192.168.181.102 buildvm-02.online.rpmfusion.net buildvm-02 192.168.181.130 db02.online.rpmfusion.net db02 @@ -17,7 +17,7 @@ 192.168.181.141 bodhi01.online.rpmfusion.net bodhi01 # hv01 online - vpn -192.168.182.1 hv01.vpn.rpmfusion.net proxy.vpn.rpmfusion.net nfs-server.vpn.rpmfusion.net nfs-server +192.168.182.1 hv01.vpn.rpmfusion.net proxy.vpn.rpmfusion.net nfs-server.vpn.rpmfusion.net nfs-server log01 # scaleway 10.2.10.75 proxy01.scaleway.rpmfusion.net proxy01 proxy diff --git a/roles/hosts/files/virt-hosts b/roles/hosts/files/virt-hosts index b6b218d..866d8a1 100644 --- a/roles/hosts/files/virt-hosts +++ b/roles/hosts/files/virt-hosts @@ -7,10 +7,10 @@ 212.129.31.198 pkgs.rpmfusion.org pkgs # hv01 online - lan -192.168.181.254 hv01.online.rpmfusion.net hv01 nfs-server.online.rpmfusion.net log01.online.rpmfusion.net log01 proxy.online.rpmfusion.net hub.online.rpmfusion.net +192.168.181.254 hv01.online.rpmfusion.net hv01 nfs-server.online.rpmfusion.net proxy.online.rpmfusion.net hub.online.rpmfusion.net # hv01 online - vpn -192.168.182.1 hv01.vpn.rpmfusion.net proxy.vpn.rpmfusion.net nfs-server.vpn.rpmfusion.net nfs-server +192.168.182.1 hv01.vpn.rpmfusion.net proxy.vpn.rpmfusion.net nfs-server.vpn.rpmfusion.net nfs-server log01 -# scaleway +# virt 192.168.122.103 bastion03.virt.rpmfusion.net bastion03 proxy

6 years, 9 months

1
0
0 / 0

[ansible] Remove old fedora configs

by Nicolas Chauvet

commit d6e780db05e6378a0273c6fb794686ad2f689d16 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Mon Mar 12 11:25:29 2018 +0100 Remove old fedora configs roles/base/files/ssh/sshd_config.19 | 151 ----------------------------------- roles/base/files/ssh/sshd_config.20 | 151 ----------------------------------- roles/base/files/ssh/sshd_config.21 | 151 ----------------------------------- roles/base/files/ssh/sshd_config.22 | 151 ----------------------------------- roles/base/files/ssh/sshd_config.23 | 151 ----------------------------------- 5 files changed, 0 insertions(+), 755 deletions(-)

6 years, 9 months

1
0
0 / 0

[ansible] Fixup directory sizes for alt archive

by Nicolas Chauvet

commit db83cc8cf5e9413818f7a0710614de11655990c3 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Mon Mar 12 10:36:50 2018 +0100 Fixup directory sizes for alt archive roles/bodhi2/backend/tasks/main.yml | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) --- diff --git a/roles/bodhi2/backend/tasks/main.yml b/roles/bodhi2/backend/tasks/main.yml index d95ef47..8ef916f 100644 --- a/roles/bodhi2/backend/tasks/main.yml +++ b/roles/bodhi2/backend/tasks/main.yml @@ -252,7 +252,7 @@ - name: directory sizes update cron job. cron: name="directory-sizes-update" minute="30" hour="23" user="root" - job="/usr/bin/find /pub/free/alt/ /pub/free/archive/ /pub/free/fedora-secondary/ /pub/free/fedora/ /pub/free/el/ /pub/nonfree/alt/ /pub/nonfree/archive/ /pub/nonfree/fedora-secondary/ /pub/nonfree/fedora/ /pub/nonfree/el/ -type d | grep -v snapshot | /usr/bin/xargs -n 1 /usr/bin/du --exclude=.snapshot -sh > /tmp/DIRECTORY_SIZES.txt 2> /dev/null; cp /tmp/DIRECTORY_SIZES.txt /pub/ ; chown root:sysadmin-build /pub/DIRECTORY_SIZES.txt ; chmod 644 /pub/DIRECTORY_SIZES.txt" + job="/usr/bin/find /pub/free/fedora/ /pub/free/el/ /pub/nonfree/fedora/ /pub/nonfree/el/ -type d | grep -v snapshot | /usr/bin/xargs -n 1 /usr/bin/du --exclude=.snapshot -sh > /tmp/DIRECTORY_SIZES.txt 2> /dev/null; cp /tmp/DIRECTORY_SIZES.txt /pub/ ; chown root:sysadmin-build /pub/DIRECTORY_SIZES.txt ; chmod 644 /pub/DIRECTORY_SIZES.txt" cron_file=directory-sizes-update when: inventory_hostname.startswith('bodhi-backend01') and env == "production" tags:

6 years, 9 months

1
0
0 / 0

[ansible] Add f28 branch

by Nicolas Chauvet

commit 8f5dd8877ab3e759f2daa2abe3ec62c51207ced3 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Mon Mar 12 10:18:12 2018 +0100 Add f28 branch roles/distgit/templates/genacls.pkgdb | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) --- diff --git a/roles/distgit/templates/genacls.pkgdb b/roles/distgit/templates/genacls.pkgdb index f574c8b..758b79c 100755 --- a/roles/distgit/templates/genacls.pkgdb +++ b/roles/distgit/templates/genacls.pkgdb @@ -32,7 +32,7 @@ if __name__ == '__main__': 'F-11': 'f11', 'F-12': 'f12', 'F-13': 'f13', 'f14': 'f14', 'f15': 'f15', 'f16': 'f16', 'f17': 'f17', 'f18': 'f18', 'f19': 'f19', 'f20': 'f20', 'f21': 'f21', 'f22': 'f22', 'f23': 'f23', 'f24': 'f24', - 'f25': 'f25', 'f26': 'f26', 'f27': 'f27', + 'f25': 'f25', 'f26': 'f26', 'f27': 'f27', 'f28': 'f28', 'devel': 'master', 'master': 'master'} # Create a "regex"ish list 0f the reserved branches

6 years, 9 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

sysadmin-notify March 2018