July 2019 - sysadmin-notify

by Nicolas Chauvet

commit 7ab7e7720113788a348a33dc3566049b259dd1e8 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Wed Jul 31 19:38:23 2019 +0200 Add missing groups inventory/group_vars/builders | 21 +++++++++++++++++++++ inventory/group_vars/buildhw_aarch64 | 27 +++++++++++++++++++++++++++ inventory/group_vars/buildvm_aarch64 | 27 +++++++++++++++++++++++++++ inventory/group_vars/buildvm_ppc64 | 27 +++++++++++++++++++++++++++ inventory/group_vars/buildvm_ppc64le | 27 +++++++++++++++++++++++++++ 5 files changed, 129 insertions(+), 0 deletions(-) --- diff --git a/inventory/group_vars/builders b/inventory/group_vars/builders new file mode 100644 index 0000000..6c99f98 --- /dev/null +++ b/inventory/group_vars/builders @@ -0,0 +1,21 @@ +--- +# for systems that do not match the above - specify the same parameter in +# the host_vars/$hostname file +host_group: kojibuilder +fas_client_groups: sysadmin-releng +sudoers: "{{ private }}/files/sudo/00releng-sudoers" + +koji_hub_nfs: "rpmfusion_koji" +koji_server_url: "http://koji.rpmfusion.org/kojihub" +koji_weburl: "http://koji.rpmfusion.org/koji" +koji_topurl: "http://koji.rpmfusion.org/kojifiles" + +csi_security_category: High +csi_primary_contact: RPM Fusion Admins - sysadmin(a)lists.rpmfusion.org +csi_purpose: Koji service employs a set of machines to build packages for the RPM Fusion project. This playbook builds vm builders. +csi_relationship: | + * VMs built on top of buildvmhost + * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios + * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. + * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new + diff --git a/inventory/group_vars/buildhw_aarch64 b/inventory/group_vars/buildhw_aarch64 new file mode 100644 index 0000000..bde80bf --- /dev/null +++ b/inventory/group_vars/buildhw_aarch64 @@ -0,0 +1,27 @@ +--- +host_group: kojibuilder +fas_client_groups: sysadmin-build +sudoers: "{{ private }}/files/sudo/00releng-sudoers" +ansible_ifcfg_blacklist: true + +koji_hub_nfs: "rpmfusion_koji" + +koji_server_url: "http://koji.rpmfusion.org/kojihub" +koji_weburl: "http:/koji.rpmfusion.org/koji" +koji_topurl: "http://koji.rpmfusion.org/kojifiles" + +# These variables are pushed into /etc/system_identification by the base role. +# Groups and individual hosts should ovveride them with specific info. +# See http://infrastructure.rpmfusion.org/csi/security-policy/ + +csi_security_category: High +csi_primary_contact: RPM Fusion Admins - root(a)rpmfusion.org +csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This group builds packages for arm architecture. +csi_relationship: | + * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios + * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. + * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new + +# These variables are for koji-containerbuild/osbs +koji_root: "koji.rpmfusion.org/koji" +koji_hub: "koji.rpmfusion.org/kojihub" diff --git a/inventory/group_vars/buildvm_aarch64 b/inventory/group_vars/buildvm_aarch64 new file mode 100644 index 0000000..bde80bf --- /dev/null +++ b/inventory/group_vars/buildvm_aarch64 @@ -0,0 +1,27 @@ +--- +host_group: kojibuilder +fas_client_groups: sysadmin-build +sudoers: "{{ private }}/files/sudo/00releng-sudoers" +ansible_ifcfg_blacklist: true + +koji_hub_nfs: "rpmfusion_koji" + +koji_server_url: "http://koji.rpmfusion.org/kojihub" +koji_weburl: "http:/koji.rpmfusion.org/koji" +koji_topurl: "http://koji.rpmfusion.org/kojifiles" + +# These variables are pushed into /etc/system_identification by the base role. +# Groups and individual hosts should ovveride them with specific info. +# See http://infrastructure.rpmfusion.org/csi/security-policy/ + +csi_security_category: High +csi_primary_contact: RPM Fusion Admins - root(a)rpmfusion.org +csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This group builds packages for arm architecture. +csi_relationship: | + * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios + * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. + * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new + +# These variables are for koji-containerbuild/osbs +koji_root: "koji.rpmfusion.org/koji" +koji_hub: "koji.rpmfusion.org/kojihub" diff --git a/inventory/group_vars/buildvm_ppc64 b/inventory/group_vars/buildvm_ppc64 new file mode 100644 index 0000000..bde80bf --- /dev/null +++ b/inventory/group_vars/buildvm_ppc64 @@ -0,0 +1,27 @@ +--- +host_group: kojibuilder +fas_client_groups: sysadmin-build +sudoers: "{{ private }}/files/sudo/00releng-sudoers" +ansible_ifcfg_blacklist: true + +koji_hub_nfs: "rpmfusion_koji" + +koji_server_url: "http://koji.rpmfusion.org/kojihub" +koji_weburl: "http:/koji.rpmfusion.org/koji" +koji_topurl: "http://koji.rpmfusion.org/kojifiles" + +# These variables are pushed into /etc/system_identification by the base role. +# Groups and individual hosts should ovveride them with specific info. +# See http://infrastructure.rpmfusion.org/csi/security-policy/ + +csi_security_category: High +csi_primary_contact: RPM Fusion Admins - root(a)rpmfusion.org +csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This group builds packages for arm architecture. +csi_relationship: | + * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios + * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. + * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new + +# These variables are for koji-containerbuild/osbs +koji_root: "koji.rpmfusion.org/koji" +koji_hub: "koji.rpmfusion.org/kojihub" diff --git a/inventory/group_vars/buildvm_ppc64le b/inventory/group_vars/buildvm_ppc64le new file mode 100644 index 0000000..bde80bf --- /dev/null +++ b/inventory/group_vars/buildvm_ppc64le @@ -0,0 +1,27 @@ +--- +host_group: kojibuilder +fas_client_groups: sysadmin-build +sudoers: "{{ private }}/files/sudo/00releng-sudoers" +ansible_ifcfg_blacklist: true + +koji_hub_nfs: "rpmfusion_koji" + +koji_server_url: "http://koji.rpmfusion.org/kojihub" +koji_weburl: "http:/koji.rpmfusion.org/koji" +koji_topurl: "http://koji.rpmfusion.org/kojifiles" + +# These variables are pushed into /etc/system_identification by the base role. +# Groups and individual hosts should ovveride them with specific info. +# See http://infrastructure.rpmfusion.org/csi/security-policy/ + +csi_security_category: High +csi_primary_contact: RPM Fusion Admins - root(a)rpmfusion.org +csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This group builds packages for arm architecture. +csi_relationship: | + * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios + * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. + * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new + +# These variables are for koji-containerbuild/osbs +koji_root: "koji.rpmfusion.org/koji" +koji_hub: "koji.rpmfusion.org/kojihub"

5 years, 4 months

1
0
0 / 0

[ansible] Update buildvm-03 on linaro

by Nicolas Chauvet

commit 44ae6bc12f2919491ee5699a9ad5dd03e537135d Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Wed Jul 31 18:37:49 2019 +0200 Update buildvm-03 on linaro roles/hosts/files/linaro-hosts | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) --- diff --git a/roles/hosts/files/linaro-hosts b/roles/hosts/files/linaro-hosts index bd8c81c..b689b3a 100644 --- a/roles/hosts/files/linaro-hosts +++ b/roles/hosts/files/linaro-hosts @@ -13,5 +13,5 @@ 192.168.1.7 bastion02.linaro.rpmfusion.net bastion02 proxy 192.168.1.10 aarch64-01.linaro.rpmfusion.net aarch64-01 192.168.1.14 aarch64-02.linaro.rpmfusion.net aarch64-02 -192.168.1.6 aarch64-03.linaro.rpmfusion.net aarch64-03 +192.168.1.22 aarch64-03.linaro.rpmfusion.net aarch64-03 192.168.1.8 aarch64-04.linaro.rpmfusion.net aarch64-04

5 years, 4 months

1
0
0 / 0

[ansible] Update group_vars

by Nicolas Chauvet

commit 1d6bcae2a1993e1c960b9257042c013b5480d38a Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Wed Jul 31 18:01:27 2019 +0200 Update group_vars inventory/group_vars/buildhw_armv7 | 26 ++++++++++++++++++++++++++ inventory/group_vars/home-arm | 1 - inventory/group_vars/home_arm | 2 ++ inventory/group_vars/linaro | 1 + inventory/group_vars/osuosl | 1 + inventory/group_vars/scaleway-c1 | 1 - inventory/group_vars/scaleway_c1 | 2 ++ 7 files changed, 32 insertions(+), 2 deletions(-) --- diff --git a/inventory/group_vars/buildhw_armv7 b/inventory/group_vars/buildhw_armv7 new file mode 100644 index 0000000..76ea99a --- /dev/null +++ b/inventory/group_vars/buildhw_armv7 @@ -0,0 +1,26 @@ +host_group: kojibuilder +fas_client_groups: sysadmin-build +sudoers: "{{ private }}/files/sudo/00releng-sudoers" +ansible_ifcfg_blacklist: true + +koji_hub_nfs: "rpmfusion_koji" + +koji_server_url: "http://koji.rpmfusion.org/kojihub" +koji_weburl: "http:/koji.rpmfusion.org/koji" +koji_topurl: "http://koji.rpmfusion.org/kojifiles" + +# These variables are pushed into /etc/system_identification by the base role. +# Groups and individual hosts should ovveride them with specific info. +# See http://infrastructure.rpmfusion.org/csi/security-policy/ + +csi_security_category: High +csi_primary_contact: RPM Fusion Admins - root(a)rpmfusion.org +csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This group builds packages for arm architecture. +csi_relationship: | + * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios + * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver. + * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new + +# These variables are for koji-containerbuild/osbs +koji_root: "koji.rpmfusion.org/koji" +koji_hub: "koji.rpmfusion.org/kojihub" diff --git a/inventory/group_vars/home_arm b/inventory/group_vars/home_arm new file mode 100644 index 0000000..a368ce7 --- /dev/null +++ b/inventory/group_vars/home_arm @@ -0,0 +1,2 @@ +datacenter: home +ansible_ifcfg_blacklist: True diff --git a/inventory/group_vars/linaro b/inventory/group_vars/linaro index 69ac632..1ba16db 100644 --- a/inventory/group_vars/linaro +++ b/inventory/group_vars/linaro @@ -1 +1,2 @@ datacenter: linaro +ansible_ifcfg_blacklist: True diff --git a/inventory/group_vars/osuosl b/inventory/group_vars/osuosl index b472508..332f3db 100644 --- a/inventory/group_vars/osuosl +++ b/inventory/group_vars/osuosl @@ -1 +1,2 @@ datacenter: osuosl +ansible_ifcfg_blacklist: True diff --git a/inventory/group_vars/scaleway_c1 b/inventory/group_vars/scaleway_c1 new file mode 100644 index 0000000..57e6063 --- /dev/null +++ b/inventory/group_vars/scaleway_c1 @@ -0,0 +1,2 @@ +datacenter: scaleway +ansible_ifcfg_blacklist: True

5 years, 4 months

1
0
0 / 0

[ansible] Fixup the buildvm-03 name

by Nicolas Chauvet

commit 5138ca18ef12c21b148c865546ab4f2dd6eaaaa4 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Wed Jul 31 17:46:24 2019 +0200 Fixup the buildvm-03 name .../resolv.conf/buildvm-03.online.rpmfusion.net | 2 ++ .../resolv.conf/buildvm-03.virt.rpmfusion.net | 2 -- 2 files changed, 2 insertions(+), 2 deletions(-) --- diff --git a/roles/base/files/resolv.conf/buildvm-03.online.rpmfusion.net b/roles/base/files/resolv.conf/buildvm-03.online.rpmfusion.net new file mode 100644 index 0000000..6dcf7f6 --- /dev/null +++ b/roles/base/files/resolv.conf/buildvm-03.online.rpmfusion.net @@ -0,0 +1,2 @@ +domain online.rpmfusion.net +nameserver 192.168.102.1

5 years, 4 months

1
0
0 / 0

[ansible] Test01

by Nicolas Chauvet

commit 620618736bfc4f7e5f446c342b9951cbff3778c5 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Wed Jul 31 17:02:47 2019 +0200 Test01 inventory/inventory | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) --- diff --git a/inventory/inventory b/inventory/inventory index 2b7759f..6736be7 100644 --- a/inventory/inventory +++ b/inventory/inventory @@ -41,6 +41,7 @@ db02.online.rpmfusion.net [moin] moin01.online.rpmfusion.net +test01.online.rpmfusion.net [pkgdb] pkgdb02.online.rpmfusion.net

5 years, 4 months

1
0
0 / 0

[ansible] Update test01 as scaleway

by Nicolas Chauvet

commit 58b0d0920550bac0b32bc6f7c1b74b125f9798d7 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Wed Jul 31 17:02:08 2019 +0200 Update test01 as scaleway inventory/inventory | 6 ++++-- 1 files changed, 4 insertions(+), 2 deletions(-) --- diff --git a/inventory/inventory b/inventory/inventory index 0cf866e..2b7759f 100644 --- a/inventory/inventory +++ b/inventory/inventory @@ -33,13 +33,11 @@ koji01.online.rpmfusion.net se01.online.rpmfusion.net [mailman-stg] -test01.scaleway.rpmfusion.net [mailman-db] db02.online.rpmfusion.net [mailman-stg] -test01.scaleway.rpmfusion.net [moin] moin01.online.rpmfusion.net @@ -78,6 +76,10 @@ buildppcle-02.osuosl.rpmfusion.net [virthost] hv01.online.rpmfusion.net +[scaleway] +mirrorlist03.scaleway.rpmfusion.net +proxy01.scaleway.rpmfusion.net +test01.scaleway.rpmfusion.net [virtservers:children] virthost

5 years, 4 months

1
0
0 / 0

[ansible] Update site-default for el8

by Nicolas Chauvet

commit 48d6126266784b20e6c12cdfa681a169a15839a7 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Wed Jul 31 15:59:36 2019 +0200 Update site-default for el8 .../koji_builder/files/builders/site-defaults.cfg | 5 ++--- 1 files changed, 2 insertions(+), 3 deletions(-) --- diff --git a/roles/koji_builder/files/builders/site-defaults.cfg b/roles/koji_builder/files/builders/site-defaults.cfg index 4dfbe00..c13198c 100644 --- a/roles/koji_builder/files/builders/site-defaults.cfg +++ b/roles/koji_builder/files/builders/site-defaults.cfg @@ -5,6 +5,5 @@ config_opts['http_proxy'] = 'http://proxy:3128' config_opts['nosync'] = True config_opts['nosync_force'] = True config_opts['environment']['LANG'] = os.environ.setdefault('LANG', 'C.UTF-8') -config_opts['bootstrap_chroot_additional_packages'] = [] -config_opts['bootstrap_module_enable'] = [] -config_opts['bootstrap_module_install'] = [] +if config_opts['chroot_name'].startswith('koji/el8'): + config_opts['dnf_common_opts'] = ['--setopt=module_platform_id=platform:el8']

5 years, 4 months

1
0
0 / 0

[ansible] Fixup sudoer file for buildvm

by Nicolas Chauvet

commit 07aeab1021a5145bfed4690a0053abc4147fdf43 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Wed Jul 31 15:46:12 2019 +0200 Fixup sudoer file for buildvm inventory/group_vars/buildvm | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) --- diff --git a/inventory/group_vars/buildvm b/inventory/group_vars/buildvm index c306d3e..08ea33c 100644 --- a/inventory/group_vars/buildvm +++ b/inventory/group_vars/buildvm @@ -15,7 +15,7 @@ virt_install_command: "{{ virt_install_command_one_nic }}" # the host_vars/$hostname file host_group: kojibuilder fas_client_groups: sysadmin-releng -sudoers: "{{ private }}/files/sudo/sysadmin-main" +sudoers: "{{ private }}/files/sudo/00releng-sudoers" koji_hub_nfs: "rpmfusion_koji" koji_server_url: "http://koji.rpmfusion.org/kojihub"

5 years, 4 months

1
0
0 / 0

[ansible] Sync ansible.cfg

by Nicolas Chauvet

commit 097072bc40c773fc5538dcca678d3a5a71de2823 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Wed Jul 31 15:38:18 2019 +0200 Sync ansible.cfg roles/ansible-server/templates/ansible.cfg.j2 | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) --- diff --git a/roles/ansible-server/templates/ansible.cfg.j2 b/roles/ansible-server/templates/ansible.cfg.j2 index d197372..14bc86d 100644 --- a/roles/ansible-server/templates/ansible.cfg.j2 +++ b/roles/ansible-server/templates/ansible.cfg.j2 @@ -415,7 +415,7 @@ pipelining = True # * scp = use scp to transfer files # * piped = use 'dd' over SSH to transfer files # * smart = try sftp, scp, and piped, in that order [default] -#transfer_method = smart +transfer_method = scp # if False, sftp will not use batch mode to transfer files. This may cause some # types of file transfer failures impossible to catch however, and should

5 years, 4 months

1
0
0 / 0

[ansible] Sync sudo

by Nicolas Chauvet

commit 85c2d8e949a23774bbc55e7e00f596efbc6eaec2 Author: Nicolas Chauvet <kwizart(a)gmail.com> Date: Wed Jul 31 15:38:00 2019 +0200 Sync sudo roles/sudo/tasks/main.yml | 8 ++++---- 1 files changed, 4 insertions(+), 4 deletions(-) --- diff --git a/roles/sudo/tasks/main.yml b/roles/sudo/tasks/main.yml index c3b419d..5d0b156 100644 --- a/roles/sudo/tasks/main.yml +++ b/roles/sudo/tasks/main.yml @@ -1,10 +1,10 @@ --- # -# This task sets up /etc/sudoers.d/fedora on a machine. +# This task sets up /etc/sudoers.d/fedora on a machine. # # -# Put in place the default sysadmin-main sudoers file. +# Put in place the default sysadmin-main sudoers file. # - name: setup /etc/sudoers.d/01-sysadmin-main copy: src="{{ private }}/files/sudo/sysadmin-main" dest=/etc/sudoers.d/01-sysadmin-main owner=root group=root mode=0600 @@ -33,7 +33,7 @@ - sudoers # -# This will move a /etc/sudoers.d/ file in place +# This will move a /etc/sudoers.d/ file in place # - name: setup /etc/sudoers.d/sudoer file for client use copy: src={{ item }} dest=/etc/sudoers.d/{{ item | basename | replace('.', '_') }} @@ -41,7 +41,7 @@ with_first_found: - files: - "{{ sudoers }}" - - "{{ private }}/files/sudo/{{ ansible_fqdn }}-sudoers" + - "{{ private }}/files/sudo/{{ inventory_hostname }}-sudoers" - "{{ private }}/files/sudo/{{ ansible_hostname }}-sudoers" - "{{ private }}/files/sudo/{{ ansible_domain }}-sudoers" skip: true

5 years, 4 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

sysadmin-notify July 2019