mirror/infrastructure
1
1
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2024-09-20 11:54:39 +02:00
Code Issues
682 Commits 29 Branches 0 Tags 20 MiB
cfda2ad72f
Commit Graph

682 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Giancarlo Razzolini
43734a9b6c
roles/patchwork: Add a patchwork notification timer 
Patchwork optionally can send notifications. Configure it to run
at the patchwork_notifications_frequency, which by default should run
at the same frequency as NOTIFICATION_DELAY_MINUTES which is 10 minutes.
 2017-08-23 11:05:02 -03:00
Giancarlo Razzolini
701de3720a
roles/patchwork: Add a systemd service for running patchwork notifications 
Patchwork can optionally send patch notifications. Create a service for
running the cron patchwork command.
 2017-08-23 11:03:04 -03:00
Giancarlo Razzolini
f0736897ae
ansible.cfg: Enable the profile_tasks callback plugin 
The profile_tasks plugin shows how much time the book run took and
also breaks down an individual view of how much time each task took
to complete.
 2017-08-22 17:49:44 -03:00
Florian Pritz
c78d5cf059
dbscripts: Update whitelisted IP of archlinux.de 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-08-22 21:44:40 +02:00
Florian Pritz
94f8b01c58
arch-boxes: Use qemu-headless 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-08-22 16:23:39 +02:00
Florian Pritz
48b6f09fcb
arch-boxes: Move git checkout to subdir 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-08-22 16:23:25 +02:00
Florian Pritz
02bc587ebe
soyuz: Add arch-boxes role 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-08-22 16:13:18 +02:00
Florian Pritz
4d3a73a544 Merge branch 'shibumi-dev' 2017-08-22 16:02:59 +02:00
Christian Rebischke
a4b6bcbb69 added new sha1sums.txt for packer 2017-08-22 16:02:52 +02:00
Christian Rebischke
0a6644eeb2 enabled write_zeroes 2017-08-22 16:02:52 +02:00
Christian Rebischke
0cd64a2490 changed time from monthly to every month on the 5th 2017-08-22 16:02:52 +02:00
Christian Rebischke
655267e5c8 escaped curly brackets 2017-08-22 16:02:52 +02:00
Christian Rebischke
8aba94db23 added substitution for apikey 2017-08-22 16:02:52 +02:00
Christian Rebischke
678e1cbd2b added new variables to packer-io call 
This will set the iso_check to none. We don't need that here hence
packer-io can't check GPG signatures.
We want to change iso_url to make sure that we use a local mirror of the
iso file. The {{isotime..}}-template is a variable that will change
every call of packer-io.
 2017-08-22 16:02:52 +02:00
Christian Rebischke
b4605688df added force to overwrite the changes from ansible 
This is important for idempotence..
 2017-08-22 16:02:52 +02:00
Christian Rebischke
5c741ef0f9 removed variables 2017-08-22 16:02:52 +02:00
Christian Rebischke
87387b9f43 added packer-io line 2017-08-22 16:02:52 +02:00
Christian Rebischke
d87b93195e initial commit for arch-boxes project 2017-08-22 16:02:52 +02:00
Jan Alexander Steffens (heftig)
00f102d26e
gitpkg: Be explicit about "meson setup" 2017-08-22 01:00:01 +02:00
Jan Alexander Steffens (heftig)
33aaac2cbc
gitpkg: mesontest is deprecated; use "meson test" 2017-08-22 00:59:33 +02:00
Florian Pritz
039d04571c
grafana: Bind only to localhost 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-08-15 10:59:32 +02:00
Florian Pritz
f2bc1c185f
Add grafana 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-08-12 18:20:41 +02:00
Florian Pritz
28fa929502 Revert "security_tracker: Set service to RemainAfterExit" 
This reverts commit 5dd8e05134.

Setting RemainAfterExit breaks the timer and prevents it from running
again.
 2017-08-10 15:36:32 +02:00
Florian Pritz
f3357317a5
Add new TU: Dan Printzell 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-08-09 14:41:54 +02:00
Giancarlo Razzolini
5efdc28257
roles/syncrepo: Don't exclude isos anymore from the soyuz mirror. 
There's a need for having the iso on soyuz, for the arch-boxes role,
so it can build the images without needing to download an iso from
external sources.
 2017-08-07 10:25:05 -03:00
Florian Pritz
642c81c584 Remove groups and ssh key for andrea 
Requested on IRC, also no longer a dev/TU

Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-08-04 20:27:49 +02:00
Giancarlo Razzolini
7a39953f7a
archusers: Add myself to the dev group. 
Make things technically official, not just on paper.
 2017-08-04 15:17:05 -03:00
Florian Pritz
cb7e68ec7b borg: Delete snapshot after creating backup 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-07-29 17:36:25 +02:00
Florian Pritz
7551de298f
syncrepo: Merge changes from my own version 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-07-29 17:15:39 +02:00
Florian Pritz
513246f27f
syncrepo: Move lockfile to /var/lock/ 
I'm not sure if a symlink race is possible with lockfiles, but better
safe than sorry.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-07-29 16:56:48 +02:00
Florian Pritz
54cd0ff5d8
syncrepo: Keep temporary files in dedicated directory 
Without this hidden files will show up in the /srv/ftp tree and other
mirrors will sync these. Sometimes they get removed in the meantime and
then errors are printed on the downstream mirror. Just move them out of
the way and let rsync keep them in a dedicated directory until they are
ready to be moved into place.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-07-29 16:49:25 +02:00
Florian Pritz
6b200b3520
syncrepo: Update lastsync file in HTTP check 
This is simpler/better than coding some complex check directly in
archweb and it should work just fine. Not really needed for our mirror
(no monitoring in archweb), but potentially important for downstream mirrors.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-07-29 16:47:34 +02:00
Jelle van der Waa
74016b329f security_tracker: Add talisman dependency 
Add the new dependency on python-flask-talisman for CSP.
 2017-07-28 18:26:19 +02:00
Florian Pritz
5dd8e05134
security_tracker: Set service to RemainAfterExit 
This allows zabbix to monitor the active/failed status of the service.
Otherwise systemd will discard it once the executable exits.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-07-26 12:37:07 +02:00
Giancarlo Razzolini
748842f1d1
Disable retry files by default 
Disable retry files by default. Those can be enabled on a per role
or per playbook basis.
 2017-07-25 10:06:57 -03:00
Bartłomiej Piotrowski
8c15db9174 archweb: disable cache for check_network_status.txt 2017-07-21 11:30:01 +02:00
Giancarlo Razzolini
542d249fd7
security_tracker: Change the git url 
The security_tracker repository was moved to the archlinux organization
on github.
 2017-07-20 10:56:44 -03:00
Jan Alexander Steffens (heftig)
3e9505156e
gitpkg: Tweak help 2017-07-17 22:18:53 +02:00
Giancarlo Razzolini
24f103ed6b
patchwork: Add a memcached systemd unit for patchwork 
Create a systemd unit for patchwork memcached.
 2017-07-15 18:35:02 -03:00
Giancarlo Razzolini
7fdcc0ad9f
patchwork: Configure the default from email and cache backend 
Configure the DEFAULT_FROM_EMAIL variable and also add a cache backend
configuration using the patchwork memcached instance.
 2017-07-15 18:33:49 -03:00
Giancarlo Razzolini
95ac80f452
patchwork: Add the memcached deployment to the tasks 
Add a memcached systemd unit and start it on patchwork deployment.
 2017-07-15 18:32:52 -03:00
Giancarlo Razzolini
aceda64a40
patchwork: Add a default from email 
Define the default from email for patchwork.
 2017-07-15 18:31:53 -03:00
Giancarlo Razzolini
ac0531df3b
patchwork: Add a handler to patchwork's memcached daemon 
Create a patchwork handler for reloading systemd and memcached.
 2017-07-15 18:25:26 -03:00
Florian Pritz
53ed7dbdcd
borg: Exclude /srv/archive 
Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-07-11 13:06:55 +02:00
Florian Pritz
a71c3ea29a
Add unbound 
Spamassassin on apollo tries to connect to a local dns resolver, but
can't which leads to long timeouts. Flyspray sends mail via SMTP which
goes through SA and thus each request that sends a mail will also block
for a long time.

Fix this by adding unbound as a local resolver which is needed for
proper performance of SA since public resolvers are often blocked by
blacklists because they send too many requests.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
 2017-07-09 20:51:19 +02:00
Evangelos Foutras
573bf39cd3 Use BBR for congestion control on orion 
According to rumors, the bits travel faster to New Zealand with BBR.
 2017-07-08 13:51:03 +03:00
Bartłomiej Piotrowski
0d3fe3d5dc nginx: enable gzip and brotli compression 2017-07-05 15:05:57 +02:00
Bartłomiej Piotrowski
02f1ea4d42 Drop disable-abs playbook 2017-07-04 21:48:35 +02:00
Jelle van der Waa
441307640b archweb: set cache-headers for JS, PNG and CSS 
Django generates an unique css, png and JavaScript files when
collectstatic is run. Which allows us to set an expiry of 1 month.

Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl>
 2017-07-04 21:33:14 +02:00
Giancarlo Razzolini
5983f06003
Removed Dan and added Jelle to archweb ADMINS 2017-07-04 15:20:45 -03:00