From 86ee70934ff0a4c0fc2bcbf32c972802b545ab67 Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Feb 10 2014 21:11:49 +0000 Subject: Merge branch 'master' of /git/ansible --- diff --git a/inventory/host_vars/badges-web02.phx2.fedoraproject.org b/inventory/host_vars/badges-web02.phx2.fedoraproject.org index 63f076c..5db61af 100644 --- a/inventory/host_vars/badges-web02.phx2.fedoraproject.org +++ b/inventory/host_vars/badges-web02.phx2.fedoraproject.org @@ -4,7 +4,7 @@ gw: 10.5.126.254 dns: 10.5.126.21 ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-6 ks_repo: http://10.5.126.23/repo/rhel/RHEL6-x86_64/ -volgroup: /dev/VirtGuests00 +volgroup: /dev/vg_guests00 eth0_ip: 10.5.126.102 -vmhost: virthost01.phx2.fedoraproject.org +vmhost: virthost15.phx2.fedoraproject.org datacenter: phx2 diff --git a/playbooks/sign_and_import.yml b/playbooks/sign_and_import.yml index d252e0e..9cfdd38 100644 --- a/playbooks/sign_and_import.yml +++ b/playbooks/sign_and_import.yml @@ -1,10 +1,13 @@ # This playbook takes new rpms specified with a fileglob, signs them, and adds # them to the infrastructure repo. # +# To push to infra-testing: +# requires --extra-vars="rpmdir='/home/fedora/ralph/rpms/' testing=True" +# +# To push to infra: # requires --extra-vars="rpmdir='/home/fedora/ralph/rpms/'" # TODO -- grab rpms from koji build/task ids beforehand? -# TODO -- how do make it easy to select the infra-testing repo? # TODO -- other arches than x86_64? - name: batch sign and import a directory full of rpms @@ -16,8 +19,8 @@ # repo. Since we're in freeze right now, we'll default to the testing repo. # It would be nice to be able to toggle this from the command line. vars: - #- repodir: /mnt/fedora/app/fi-repo/testing/6 - - repodir: /mnt/fedora/app/fi-repo/6 + - repodir: /mnt/fedora/app/fi-repo/{% if testing %}testing/{% endif %}6 + - testing: False tasks: - name: Fail if no rpmdir provided @@ -32,7 +35,7 @@ - name: make a directory where we store the rpms afterwards file: path={{ rpmdir }}-old state=directory - - name: copy the source rpms to the SRPMS dir + - name: copy the source rpms to the SRPMS dir of {{ repodir }} copy: src={{ item }} dest={{ repodir }}/SRPMS/ with_fileglob: - "{{ rpmdir }}/*.src.rpm" @@ -45,7 +48,7 @@ with_fileglob: - "{{ rpmdir }}/*.src.rpm" - - name: copy the binary rpms to the x86_64 dir + - name: copy the binary rpms to the x86_64 dir of {{ repodir }} copy: src={{ item }} dest={{ repodir }}/x86_64/ with_fileglob: - "{{ rpmdir }}/*.rpm" diff --git a/roles/badges-frontend/templates/tahrir.ini b/roles/badges-frontend/templates/tahrir.ini index c208eac..66b2b04 100644 --- a/roles/badges-frontend/templates/tahrir.ini +++ b/roles/badges-frontend/templates/tahrir.ini @@ -44,12 +44,14 @@ dogpile.cache.arguments.distributed_lock = True tahrir.title = Fedora Badges (staging!) tahrir.base_url = https://badges.stg.fedoraproject.org tahrir.openid_identifier = http://id.stg.fedoraproject.org/ +tahrir.trusted_openid = ^http(s)?:\/\/([a-zA-Z0-9]+\.)?stg.id\.fedoraproject\.org(/)?$ tahrir.openid_realm = https://badges.stg.fedoraproject.org tahrir.websocket.topic = org.fedoraproject.stg.fedbadges.badge.award {% else %} tahrir.title = Fedora Badges tahrir.base_url = https://badges.fedoraproject.org tahrir.openid_identifier = http://id.fedoraproject.org/ +tahrir.trusted_openid = ^http(s)?:\/\/([a-zA-Z0-9]+\.)?id\.fedoraproject\.org(/)?$ tahrir.openid_realm = https://badges.fedoraproject.org tahrir.websocket.topic = org.fedoraproject.prod.fedbadges.badge.award {% endif %} diff --git a/roles/mailman/files/post-update.sh b/roles/mailman/files/post-update.sh index b16d4da..f04228f 100755 --- a/roles/mailman/files/post-update.sh +++ b/roles/mailman/files/post-update.sh @@ -21,6 +21,9 @@ chmod g+w -R $INDEXDIR # Give database rights to the non-admin user $BASEDIR/bin/pg-give-rights.py +# SELinux contexts +restorecon -r "$BASEDIR" + # Reload Apache to flush the python cache systemctl reload httpd # Restart Mailman3 since kittystore was updated diff --git a/roles/mailman/templates/postfix-main.cf.j2 b/roles/mailman/templates/postfix-main.cf.j2 index 9d0c830..3d50a73 100644 --- a/roles/mailman/templates/postfix-main.cf.j2 +++ b/roles/mailman/templates/postfix-main.cf.j2 @@ -314,7 +314,7 @@ unknown_local_recipient_reject_code = 550 #relayhost = [mailserver.isp.tld] #relayhost = uucphost #relayhost = [an.ip.add.ress] -relayhost = bastion +relayhost = bastion.phx2.fedoraproject.org # REJECTING UNKNOWN RELAY USERS