infrastructure

mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2024-09-25 01:40:39 +02:00

Author	SHA1	Message	Date
Jelle van der Waa	2422fa8093	group_vars: remove thomas from sudoers	2019-05-06 16:14:51 +02:00
Giancarlo Razzolini	f397362dd8	root_access: For some reason, after all this time, still did not had sudo access.	2019-04-14 18:11:27 -03:00
Florian Pritz	97c0a1dcbe	Add some more zsh/fish users based on orion's passwd Signed-off-by: Florian Pritz <bluewind@xinu.at>	2019-04-05 08:36:59 +02:00
Evangelos Foutras	acb571dcdb	archusers: Change shell for eworm to zsh	2019-04-05 09:09:28 +03:00
Florian Pritz	3713930c66	archusers: Set zsh for some more users Signed-off-by: Florian Pritz <bluewind@xinu.at>	2019-04-03 21:15:31 +02:00
Florian Pritz	4cd98aa009	archusers: Set zsh for some more users Signed-off-by: Florian Pritz <bluewind@xinu.at>	2019-04-03 20:31:14 +02:00
Florian Pritz	acff12e07e	archusers: Change shell for jerome to zsh Signed-off-by: Florian Pritz <bluewind@xinu.at>	2019-04-03 16:48:32 +02:00
Florian Pritz	83ce9add96	Add archive uploader Signed-off-by: Florian Pritz <bluewind@xinu.at>	2019-03-30 22:57:01 +01:00
Sven-Hendrik Haase	48dc27e492	Add terraform_state role	2019-03-24 20:54:57 +01:00
Evangelos Foutras	282266d4ff	Add my build host key to dragon	2019-03-20 00:06:45 +02:00
Giancarlo Razzolini	6085c220f9	Merge branch 'master' of arch-git:/srv/git/infrastructure	2019-03-19 16:40:43 -03:00
Giancarlo Razzolini	5f5c0d56bd	archusers: Add developer powers to dvzrv.	2019-03-19 16:39:09 -03:00
Sven-Hendrik Haase	ab1c932e7a	Lower Python version requirement to any Python 3 version This is because otherwise we'll fail to install on any system not explicitly running Python 3.7 (like some Debian we provision Arch on). We don't strictly need Python 3.7 and most Python 3 versions will in fact work with Ansible.	2019-03-19 18:51:44 +01:00
Evangelos Foutras	d9f1649cb3	common: drop congestion control configuration It's highly unlikely we'll be using anything other than cubic, so there is no need for this to be configurable.	2019-02-27 11:49:26 +02:00
Florian Pritz	ed51f84f7d	Remove allan from wheel group Signed-off-by: Florian Pritz <bluewind@xinu.at>	2019-02-10 22:23:47 +01:00
Florian Pritz	2ec6c3adf6	Give Pierre full root access Signed-off-by: Florian Pritz <bluewind@xinu.at>	2019-02-10 15:32:18 +01:00
Florian Pritz	cb46185a7f	Document what to run when root_access variables are changed Signed-off-by: Florian Pritz <bluewind@xinu.at>	2019-02-10 15:32:18 +01:00
Florian Pritz	6d4c3dee5f	root_access: Sort lists Signed-off-by: Florian Pritz <bluewind@xinu.at>	2019-02-10 15:12:37 +01:00
Florian Pritz	8b8abd3d83	Rename group_vars/root_pubkeys to root_access This better reflects the content (sudo wheel access + root login). Signed-off-by: Florian Pritz <bluewind@xinu.at>	2019-02-10 15:07:49 +01:00
Florian Pritz	cba5e3eb1b	Move sudo_users to root_pubkeys.yml This ensures that all info regarding "who has root" is in one place. Signed-off-by: Florian Pritz <bluewind@xinu.at>	2019-02-10 15:06:33 +01:00
Florian Pritz	69bc8d008c	Remove dave and ionut from wheel group Signed-off-by: Florian Pritz <bluewind@xinu.at>	2019-02-10 15:05:16 +01:00
Jan Alexander Steffens (heftig)	9540818e3a	archweb: Add well-known file required for Matrix https://github.com/matrix-org/synapse/blob/master/docs/MSC1711_certificates_FAQ.md	2019-02-06 00:23:12 +01:00
Bartłomiej Piotrowski	d7e53c07c9	Add new TU - Daurnimator	2019-01-27 19:06:49 +01:00
Florian Pritz	199e39dddf	Disable BBR TCP congestion control BBR behaves badly when it is not the sole connection. It slows down other streams (bbr and cubic) and generally doesn't scale well when deployed widely. Let's disable it so we don't make the internet for others worse. https://ripe76.ripe.net/presentations/10-2018-05-15-bbr.pdf `7dd7510424` Signed-off-by: Florian Pritz <bluewind@xinu.at>	2019-01-21 16:49:01 +01:00
Florian Pritz	38c0fdaf2c	Set default zabbix_agent_templates This is mostly so that the roles runs OK and that we have every host in there. This change only affects 2 unused pia machines. All other hosts already set a template list. Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-12-25 18:19:42 +01:00
Florian Pritz	0efeaa3e78	Remove python2 group_vars This breaks firewalld for machines where this variable hasn't yet been reconfigured. We don't need python2 anywhere so just get rid of this and use the python3 default I put into another group var already. Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-12-25 18:02:17 +01:00
Florian Pritz	7401c79bfa	Remove redundant dns_servers definitions and use 127.0.0.1 everywhere This only changes the dns server of two unused PIA boxes. All other machines were already configured like this. Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-12-25 17:29:35 +01:00
Florian Pritz	682835af84	Enable firewall for all hosts Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-12-25 17:15:26 +01:00
Florian Pritz	d364a72800	Use unbound for DNS and disable resolved when unbound is used We don't need resolved and it is sometimes buggy so let's just get rid of it and use unbound like we do on our mail machines already. Details: `7dd7510424` Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-12-25 16:39:57 +01:00
Florian Pritz	f5fb5c43cf	Add new TU - Daniel M. Capella Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-12-07 11:52:39 +01:00
Evangelos Foutras	bd4fd43a28	Add my host-specific key used to fetch packages Key resides on orion and is used to pull packages from soyuz and sgp.	2018-11-27 14:43:48 +02:00
Jan Alexander Steffens (heftig)	32a0c062ed	Update my SSH keys Work key to soyuz because I sync my zsh/nvim/stuff config with it if I can't reach my home network.	2018-11-27 12:49:39 +01:00
Florian Pritz	4366b9b070	Manage zabbix host configuration via ansible This currently deploys the same configuration we used to have apart from some '127.0.0.1' IPs for the agent IP, but those were incorrect anyways. Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-11-25 17:10:50 +01:00
Florian Pritz	49caae399b	Add soyuz-only key for Maxim Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-11-25 15:52:59 +01:00
Bartłomiej Piotrowski	65cca332e3	Add new TU - Brett Cornwall	2018-11-21 12:00:42 +01:00
Florian Pritz	c5a14a00cc	Add new TU - Maxim Baz Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-11-20 23:52:01 +01:00
Bartłomiej Piotrowski	7c11caa5e4	Add new TU - Konstantin Gizdov	2018-11-13 10:11:47 +01:00
Florian Pritz	f944db487c	Add new TU - Daniel Bermond Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-11-07 10:35:32 +01:00
Jan Alexander Steffens (heftig)	5a1700eba2	roles/matrix: Sync config with generated default one	2018-11-05 23:56:50 +01:00
Jelle van der Waa	13c37bf6df	Remove dan from sudoers	2018-10-03 21:48:59 +02:00
Jelle van der Waa	32b37e8552	archusers: eric resigned Remove eric's pubkey and addition of it['s user account.	2018-09-19 10:59:07 +02:00
Florian Pritz	a4ee0643a7	Add new TU - Chih-Hsuan Yen Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-08-31 23:28:21 +02:00
Phillip Smith	f73d2d0d3f	set variables to enable firewall	2018-08-17 10:32:35 +10:00
Florian Pritz	48cbaf9f2c	Create docker-image-sudo group Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-08-07 19:45:32 +02:00
Florian Pritz	3edfe3adc0	Give sangy sudo to docker-image user Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-08-07 19:43:02 +02:00
Florian Pritz	0f0ea32304	Add new TU - Santiago Torres-Arias Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-08-07 14:50:51 +02:00
Bartłomiej Piotrowski	05cb80d613	Remove Pierre Neidhart's account	2018-07-31 12:47:43 +02:00
Florian Pritz	e3355a2527	Add new TU - Filipe Laíns Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-07-28 10:26:59 +02:00
Florian Pritz	592765f5b1	Change vault key and rekey all vault files Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-06-07 12:11:06 +02:00
Florian Pritz	f185ead14b	Improve group vars vault usage for matrix Signed-off-by: Florian Pritz <bluewind@xinu.at>	2018-06-07 12:11:06 +02:00

1 2 3 4

158 Commits