mirror/infrastructure
1
1
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2024-09-20 04:53:30 +02:00
Code Issues
1,098 Commits 29 Branches 0 Tags 20 MiB
ce5dcc7324
Commit Graph

150 Commits

Author SHA1 Message Date
Jelle van der Waa
f2aa4f137e reprobuilds: add reproducible build playbook 
Add a playbook for our reproducible builds workers. Set's up a sudo user
so that an admin of the reproducible builds project can configure the
worker.
 2018-11-25 21:58:23 +01:00
Jelle van der Waa
c17a91e798 nymeria: enable mirrorresolv service 2018-11-24 12:43:24 +01:00
Florian Pritz
b331f34210
Add nginx role to luna 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2018-11-10 16:48:46 +01:00
Bartłomiej Piotrowski
eabdd4df7e Deploy public_html on sgp 2018-10-17 13:24:00 +02:00
Phillip Smith
17b6c54b42 fix typo: signapore -> singapore 2018-09-12 17:09:05 +10:00
Jelle van der Waa
e7aa39e00b Move commit, server, version to host_vars 2018-08-28 21:31:46 +02:00
Jelle van der Waa
12e5090ad3 Bump archweb to latest version 2018-08-28 19:41:10 +02:00
Florian Pritz
cf2b01c0d2
Fix apollo postgres ip detection and firewall generation 
- firewall tag so that the facts exist when only firewall is run
- extract IPs from our host vars all the time. no need to query
autodetected facts
- remove empty elements from the list with select(). not all hosts have
ipv6
- fix the subnetmask for v6
- fix the postgres role configuring a v4 rule instead of v6 for a v6
address
- hardcode netmask for orion addresses too

Little bit much for one commit, but splitting it doesn't make a whole
lot of sense.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2018-08-28 15:00:57 +02:00
Phillip Smith
8d681f0040 add "firewall" tag to all relevant tasks 2018-08-17 14:56:37 +10:00
Phillip Smith
d13089e608 break postgres client ips into separate variables 
we have to use rich rules in firewalld to restict a specific port to a list of
specific ip addresses. when using rich rules, you have to specify the address
family (ipv4 or ipv6) which we can't do in an automated fashion with the ipv4
and ipv6 addresses of the clients dynamically generated into a single variable.
so this commit creates 2 variables; one for ipv4 clients and one for ipv6
clients which can be referred to as required when creating the rich rules.
 2018-08-17 10:32:35 +10:00
Phillip Smith
8c3f8bf7bb initial commit of luna.yml playbook 2018-08-17 10:32:35 +10:00
Florian Pritz
1112c18bd1 Add ssh hostkeys list 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2018-08-17 10:32:10 +10:00
Florian Pritz
73ada882e2 fetch-borg-keys: Update path 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2018-08-17 10:32:10 +10:00
Florian Pritz
ca7875f882 Move install_arch and fetch-borg-keys playbooks to tasks subdir 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2018-08-17 10:32:10 +10:00
Phillip Smith
532d72cb1a bring firewalld role earlier in the list 
other roles with firewalld tasks will fail if firewalld is not installed,
enabled and started prior to them trying to run.
 2018-08-17 10:32:10 +10:00
Phillip Smith
1258e6b7d1 make all firewalld changes take effect immediately 2018-08-17 10:32:10 +10:00
Florian Pritz
1e1a5ad0e5
Enable docker-image role on soyuz 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2018-08-07 19:42:13 +02:00
Jelle van der Waa
5979007db7 Add donor import systemd services/timer 2018-07-25 22:53:44 +02:00
Jelle van der Waa
a7d683d8b1 Update to pre-release 2018-07-23 22:53:13 +02:00
Jelle van der Waa
42920de032 Update archweb staging 2018-07-20 23:35:50 +02:00
Jelle van der Waa
bd39f71100 Add mirrorstatus check to archweb staging 2018-07-06 23:16:44 +02:00
Florian Pritz
2e0cd7f894 Add playbook to upload new pacman website 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2018-07-04 20:10:27 +02:00
Florian Pritz
8a89b4dd65
Update dbscripts to 20180603 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2018-07-04 09:28:46 +02:00
Florian Pritz
53dd4d6891 Configure network/dns on PIA machines 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2018-07-02 13:29:08 +02:00
Jelle van der Waa
e503d15f23 nymeria: update to latest archweb version 
Added/removed RSS feeds, highlighting for selected item in list view.
 2018-06-08 21:24:03 +02:00
Jan Alexander Steffens (heftig)
3bf7507695
Update soyuz' oidentd setup 
Currently needs custom versions of quassel (for oidentd-strict) and
oidentd (for forwarding).

Expect quassel to switch to forwarding as well once their identserver
implementation lands.
 2018-05-22 12:35:06 +02:00
Jelle van der Waa
6250430a61 Fix unresolved conflict 2018-05-15 20:35:09 +02:00
Jelle van der Waa
fc5758266c archweb-dev: update staging 
Update to konami code removed commit
 2018-05-13 13:22:18 +02:00
Jelle van der Waa
26d114afd3 staging: update to latest major release 2018-05-11 21:36:39 +02:00
Jelle van der Waa
c7d18df7ee staging: update archweb to the next pre release 2018-05-10 17:18:46 +02:00
Jelle van der Waa
74a4650fae staging: Enable postfix for mail delivery 
Make the mail server address configurable in Ansible for archweb, to
spot the difference between error mails on staging and production.
 2018-05-10 16:54:49 +02:00
Jelle van der Waa
424ebd2eef nymeria: use new domain for archweb staging env 2018-05-01 20:46:12 +02:00
Jelle van der Waa
3c6c145edb Create nymeria playbook for Archweb staging 
nymeria.archlinux.org will be a staging ground for Archweb where it can
be tested.
 2018-05-01 20:46:12 +02:00
Florian Pritz
fc785c7e5a
Update dbscripts 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2018-04-09 09:39:24 +02:00
Florian Pritz
5b52fed9d5 playbooks/all-hosts-basic: Remove old comment regarding borg-client 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2018-03-24 20:37:33 +01:00
Bartłomiej Piotrowski
b9aac3c0eb Use sgp.mirror as build server 2018-03-24 20:13:40 +01:00
Phillip Smith
ef9f4b831d tag firewall with "firewall" instead of "firewalld" 2018-03-08 09:49:13 +11:00
Phillip Smith
59807399ed initial commit of firewalld role and tasks 2018-03-06 08:46:24 +11:00
Florian Pritz
e28df1c7a1
php: Load opcache extension 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2018-03-03 15:12:28 +01:00
Giancarlo Razzolini
a40d6e1f98
Fix typo in the tags for the archwiki role 2018-03-02 22:31:22 -03:00
Giancarlo Razzolini
bf43586686
Add the archwiki role to the apollo playbook 
Added the archwiki role to the apollo playbook and also added the intl extension to the
php-fpm role.
 2018-03-02 19:57:44 -03:00
Florian Pritz
6a2f69cff2
Remove double quote of postgres_listen_addresses 
Already quoted in the new config template.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2018-03-02 13:17:43 +01:00
Florian Pritz
6c3d7ffe06
Update dbscripts version to latest 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2018-03-02 12:45:26 +01:00
Jelle van der Waa
a2c4c9d3f4 orion: disable archweb_donor_import timer 
A new archweb release has not been made yet with the donor import
integration.
 2018-02-25 20:38:08 +01:00
Jelle van der Waa
8ec94d3e1b Add donor import service 
Add donor import service, which imports donors from a maildir directory
in /home/donate/. The emails are dumped using a script on orion which
calls doveadm to create a directory with exported emails.
 2018-02-25 20:33:11 +01:00
Florian Pritz
ea7a38feb4
playbooks/fetch-borg-keys.yml: Encrypt keys with GPG 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2018-01-10 21:02:25 +01:00
Florian Pritz
13ad123a84
Add playbook to fetch borg crypto keys 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2018-01-02 16:38:43 +01:00
Bartłomiej Piotrowski
69a91b0574 mirrors: drop reduntant tags 2017-12-07 17:21:51 +01:00
Florian Pritz
425f4263d8 Deploy basic config on nymeria and dragon 
Mostly interesting for root_ssh.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-11-20 21:32:02 +01:00
Bartłomiej Piotrowski
e5b461e31a Add role for mirroring archlinux32 2017-11-15 12:50:32 +01:00