]> git.openstreetmap.org Git - chef.git/log
chef.git
4 years agoUse systemd-resolved stub resolver for nginx resolver
Tom Hughes [Sun, 16 Feb 2020 17:56:27 +0000 (17:56 +0000)]
Use systemd-resolved stub resolver for nginx resolver

This ensures that nginx queries follow the same path as everything
else and are subject to DNSSEC validation as well as allowing us to
simplify the tests that use nginx.

4 years agoAdd test for tilecache cookbook
Tom Hughes [Sun, 16 Feb 2020 17:55:33 +0000 (17:55 +0000)]
Add test for tilecache cookbook

4 years agoMake tilecache cookbook enable nginx cache automatically
Tom Hughes [Sun, 16 Feb 2020 17:49:16 +0000 (17:49 +0000)]
Make tilecache cookbook enable nginx cache automatically

4 years agoMake nginx cookbook default to using the nginx upstream repository
Tom Hughes [Sun, 16 Feb 2020 17:34:43 +0000 (17:34 +0000)]
Make nginx cookbook default to using the nginx upstream repository

4 years agoMove cron customisation for tile caches to the tools cookbook
Tom Hughes [Sun, 16 Feb 2020 17:09:02 +0000 (17:09 +0000)]
Move cron customisation for tile caches to the tools cookbook

4 years agoAdd tests for web cookbook
Tom Hughes [Sun, 16 Feb 2020 15:37:45 +0000 (15:37 +0000)]
Add tests for web cookbook

4 years agoAdd test for geoipupdate cookbook
Tom Hughes [Sun, 16 Feb 2020 11:31:49 +0000 (11:31 +0000)]
Add test for geoipupdate cookbook

4 years agoAdd test for passenger cookbook
Tom Hughes [Sun, 16 Feb 2020 10:29:04 +0000 (10:29 +0000)]
Add test for passenger cookbook

4 years agoMerge pull request #269 from Firefishy/blogs-use-bundle-deployment
Grant [Sun, 16 Feb 2020 01:06:20 +0000 (01:06 +0000)]
Merge pull request #269 from Firefishy/blogs-use-bundle-deployment

blogs: use bundle install deployment over global

4 years agoblogs: run bundle install as blogs user
Grant Slater [Sun, 16 Feb 2020 00:06:18 +0000 (00:06 +0000)]
blogs: run bundle install as blogs user

4 years agoRemove redundant sudo key and specify os in travis config
Tom Hughes [Sun, 16 Feb 2020 00:04:35 +0000 (00:04 +0000)]
Remove redundant sudo key and specify os in travis config

4 years agoblogs: use bundle install deployment over global
Grant Slater [Sat, 15 Feb 2020 23:43:08 +0000 (23:43 +0000)]
blogs: use bundle install deployment over global

Switch to using safe `bundle install --deployment` instead of
global install, which may conflict with other dependencies.

4 years agoMerge pull request #268 from Firefishy/update-travis-ci-version
Grant [Sat, 15 Feb 2020 23:01:29 +0000 (23:01 +0000)]
Merge pull request #268 from Firefishy/update-travis-ci-version

Update travis ci version

4 years agoMerge pull request #267 from Firefishy/apt-source-disable
Grant [Sat, 15 Feb 2020 22:41:31 +0000 (22:41 +0000)]
Merge pull request #267 from Firefishy/apt-source-disable

apt: Disable used apt-src per Ubuntu 18.04 default

4 years agoUse Ubuntu Bionic for travis-ci
Grant Slater [Sat, 15 Feb 2020 22:27:59 +0000 (22:27 +0000)]
Use Ubuntu Bionic for travis-ci

4 years agoUpdate CI ruby version to 2.5.7
Grant Slater [Sat, 15 Feb 2020 22:26:59 +0000 (22:26 +0000)]
Update CI ruby version to 2.5.7

4 years agoapt: Disable used apt-src per Ubuntu 18.04 default
Grant Slater [Sat, 15 Feb 2020 21:58:27 +0000 (21:58 +0000)]
apt: Disable used apt-src per Ubuntu 18.04 default

4 years agoRevert accidental change
Tom Hughes [Sat, 15 Feb 2020 19:19:51 +0000 (19:19 +0000)]
Revert accidental change

4 years agoOnly cleanup sysctl keys that are no longer set
Tom Hughes [Sat, 15 Feb 2020 18:36:23 +0000 (18:36 +0000)]
Only cleanup sysctl keys that are no longer set

4 years agoSplit out default munin plugin installation to a new recipe
Tom Hughes [Sat, 15 Feb 2020 17:24:57 +0000 (17:24 +0000)]
Split out default munin plugin installation to a new recipe

Having split them out make sure the default recipe is included
anywhere a munin_plugin resource is used, to ensure that munin
is installed and make coupling explicit.

4 years agoQuiet HP DL360 G6 fan speed car alarm
Grant Slater [Sat, 15 Feb 2020 17:11:58 +0000 (17:11 +0000)]
Quiet HP DL360 G6 fan speed car alarm

4 years agoReduce implicit coupling between cookbooks
Tom Hughes [Sat, 15 Feb 2020 16:56:35 +0000 (16:56 +0000)]
Reduce implicit coupling between cookbooks

4 years agoAdd tests for planet cookbook
Tom Hughes [Sat, 15 Feb 2020 14:52:12 +0000 (14:52 +0000)]
Add tests for planet cookbook

4 years agoAdd test for osmosis cookbook
Tom Hughes [Sat, 15 Feb 2020 12:33:21 +0000 (12:33 +0000)]
Add test for osmosis cookbook

4 years agoAdd test for incron cookbook
Tom Hughes [Sat, 15 Feb 2020 12:28:21 +0000 (12:28 +0000)]
Add test for incron cookbook

4 years agoFix package dependencies in planet cookbook
Tom Hughes [Sat, 15 Feb 2020 12:05:56 +0000 (12:05 +0000)]
Fix package dependencies in planet cookbook

4 years agoResync exim config with upstream default
Tom Hughes [Sat, 15 Feb 2020 11:29:35 +0000 (11:29 +0000)]
Resync exim config with upstream default

4 years agoAdd geodns map for nominatim
Tom Hughes [Fri, 14 Feb 2020 22:55:21 +0000 (22:55 +0000)]
Add geodns map for nominatim

4 years agoUpdate dnscontrol to 2.11 release
Tom Hughes [Fri, 14 Feb 2020 22:18:08 +0000 (22:18 +0000)]
Update dnscontrol to 2.11 release

4 years agoAdd test for squid cookbook
Tom Hughes [Fri, 14 Feb 2020 20:09:02 +0000 (20:09 +0000)]
Add test for squid cookbook

4 years agoAdd test for nginx cookbook
Tom Hughes [Fri, 14 Feb 2020 20:00:39 +0000 (20:00 +0000)]
Add test for nginx cookbook

4 years agoAdd test for nodejs cookbook
Tom Hughes [Fri, 14 Feb 2020 19:36:59 +0000 (19:36 +0000)]
Add test for nodejs cookbook

4 years agoExpect munin to use an IPv6 socket
Tom Hughes [Fri, 14 Feb 2020 18:45:35 +0000 (18:45 +0000)]
Expect munin to use an IPv6 socket

4 years agoAdd test for memcached cookbook
Tom Hughes [Fri, 14 Feb 2020 16:44:32 +0000 (16:44 +0000)]
Add test for memcached cookbook

4 years agoAdd test for openssh cookbook
Tom Hughes [Fri, 14 Feb 2020 16:33:49 +0000 (16:33 +0000)]
Add test for openssh cookbook

4 years agoAdd test for fail2ban cookbook
Tom Hughes [Fri, 14 Feb 2020 16:30:14 +0000 (16:30 +0000)]
Add test for fail2ban cookbook

4 years agoMake fail2ban use the journal to monitor sshd
Tom Hughes [Fri, 14 Feb 2020 16:29:49 +0000 (16:29 +0000)]
Make fail2ban use the journal to monitor sshd

4 years agoAdd test for donate cookbook
Tom Hughes [Fri, 14 Feb 2020 16:06:16 +0000 (16:06 +0000)]
Add test for donate cookbook

4 years agoAdd test for dmca cookbook
Tom Hughes [Fri, 14 Feb 2020 15:42:01 +0000 (15:42 +0000)]
Add test for dmca cookbook

4 years agoCheck that servers are listening on the right protocols
Tom Hughes [Fri, 14 Feb 2020 14:46:10 +0000 (14:46 +0000)]
Check that servers are listening on the right protocols

4 years agoAdd test for dhcpd cookbook
Tom Hughes [Fri, 14 Feb 2020 14:36:18 +0000 (14:36 +0000)]
Add test for dhcpd cookbook

4 years agoAdd test for devices cookbook
Tom Hughes [Fri, 14 Feb 2020 14:35:40 +0000 (14:35 +0000)]
Add test for devices cookbook

4 years agoImprove check for whether to run freshclam
Tom Hughes [Thu, 13 Feb 2020 22:54:31 +0000 (22:54 +0000)]
Improve check for whether to run freshclam

4 years agoAdd basic tests for clamav, exim and spamassassin cookbooks
Tom Hughes [Thu, 13 Feb 2020 22:39:44 +0000 (22:39 +0000)]
Add basic tests for clamav, exim and spamassassin cookbooks

4 years agoAdd basic test for the ntp cookbook
Tom Hughes [Thu, 13 Feb 2020 21:53:11 +0000 (21:53 +0000)]
Add basic test for the ntp cookbook

4 years agoRemove unused file that existed for kitchen-vagrant support
Tom Hughes [Thu, 13 Feb 2020 21:44:52 +0000 (21:44 +0000)]
Remove unused file that existed for kitchen-vagrant support

4 years agoRemove any sysctl settings which are no longer required
Tom Hughes [Thu, 13 Feb 2020 19:54:09 +0000 (19:54 +0000)]
Remove any sysctl settings which are no longer required

4 years agoDisable sysctl comments for now
Tom Hughes [Thu, 13 Feb 2020 19:22:52 +0000 (19:22 +0000)]
Disable sysctl comments for now

This requires chef 15.x as the client...

4 years agoUse the sysctl resource to manage sysctl settings
Tom Hughes [Thu, 13 Feb 2020 19:21:40 +0000 (19:21 +0000)]
Use the sysctl resource to manage sysctl settings

4 years agoFix some cookstyle warnings
Tom Hughes [Thu, 13 Feb 2020 19:16:10 +0000 (19:16 +0000)]
Fix some cookstyle warnings

4 years agoUpdate bundle
Tom Hughes [Thu, 13 Feb 2020 19:13:42 +0000 (19:13 +0000)]
Update bundle

4 years agoEnable remaining test-kitchen suites in travis
Tom Hughes [Wed, 12 Feb 2020 23:06:15 +0000 (23:06 +0000)]
Enable remaining test-kitchen suites in travis

4 years agoDrop kitchen-vagrant and make kitchen-dokken the only test driver
Tom Hughes [Wed, 12 Feb 2020 23:04:21 +0000 (23:04 +0000)]
Drop kitchen-vagrant and make kitchen-dokken the only test driver

4 years agoSplit Travis script into separate jobs and add apt cookbook test
Michal Migurski [Mon, 3 Feb 2020 00:49:33 +0000 (16:49 -0800)]
Split Travis script into separate jobs and add apt cookbook test

With kitchen-dokken in place, travis should now successfully run
both the cookstyle script and individual kitchen tests as separate
matrix builds.

Matrix builds will run in parallel, and the global Travis 50min limit
should apply to each separately ensuring that all cookbooks get tested.

https://docs.travis-ci.com/user/build-matrix/

4 years agoAdd kitchen-dokken as a new provider in the kitchen configuration
Jamie Alessio [Sun, 9 Feb 2020 18:44:44 +0000 (18:44 +0000)]
Add kitchen-dokken as a new provider in the kitchen configuration

4 years agoAdjust tests to expect that SSL is enabled by default
Tom Hughes [Wed, 12 Feb 2020 21:18:39 +0000 (21:18 +0000)]
Adjust tests to expect that SSL is enabled by default

4 years agoAllow retrying of apache service actions
Tom Hughes [Tue, 11 Feb 2020 22:57:35 +0000 (22:57 +0000)]
Allow retrying of apache service actions

There seems to be an issue with the otrs cookbook when deployed
on a new machine where it tries to both restart and also reload
apache and the reload sometime fails because it seems to happen
before the restart has completed.

It's possible this is because the use of mod_perl for otrs is
slowing down the restart but as a workaround we allow the reload
action to be retried a couple of times.

4 years agoMake sure the Passwd ohai plugin is enabled
Tom Hughes [Wed, 12 Feb 2020 19:04:35 +0000 (19:04 +0000)]
Make sure the Passwd ohai plugin is enabled

This plugin becomes optional in chef 15 so make sure it is
enabled, and cope during the first pass on a new node when
it is not enabled yet.

4 years agoMake sure the bind.clients attribute is set when testing
Tom Hughes [Tue, 11 Feb 2020 22:23:27 +0000 (22:23 +0000)]
Make sure the bind.clients attribute is set when testing

4 years agoUnmount any bind mount that is hiding /etc/resolv.conf
Tom Hughes [Tue, 11 Feb 2020 11:13:23 +0000 (11:13 +0000)]
Unmount any bind mount that is hiding /etc/resolv.conf

This avoids problems when running under kitchen-dokken which
has a bind mount over the top.

4 years agoMake sure resolv.conf is using the systemd-resolved stub resolver
Tom Hughes [Tue, 11 Feb 2020 11:12:49 +0000 (11:12 +0000)]
Make sure resolv.conf is using the systemd-resolved stub resolver

4 years agoRestart systemd-resolved immediately if the configuration changes
Tom Hughes [Tue, 11 Feb 2020 11:12:04 +0000 (11:12 +0000)]
Restart systemd-resolved immediately if the configuration changes

4 years agoDrop internal interface for culebre
Tom Hughes [Tue, 11 Feb 2020 11:02:19 +0000 (11:02 +0000)]
Drop internal interface for culebre

4 years agoIncrease cache memory limit on culebre
Tom Hughes [Tue, 11 Feb 2020 11:01:14 +0000 (11:01 +0000)]
Increase cache memory limit on culebre

4 years agoInstall libdatetime-perl for OTRS
Tom Hughes [Tue, 11 Feb 2020 00:43:23 +0000 (00:43 +0000)]
Install libdatetime-perl for OTRS

4 years agoDrop attempt to run otrs.RebuildConfig.pl
Tom Hughes [Tue, 11 Feb 2020 00:35:06 +0000 (00:35 +0000)]
Drop attempt to run otrs.RebuildConfig.pl

4 years agoMake sure a full set of locales are installed
Tom Hughes [Tue, 11 Feb 2020 00:34:50 +0000 (00:34 +0000)]
Make sure a full set of locales are installed

4 years agoUpdate piwik to 3.13.2
Tom Hughes [Tue, 11 Feb 2020 00:17:21 +0000 (00:17 +0000)]
Update piwik to 3.13.2

4 years agoStub searchs for certificates in tests
Tom Hughes [Mon, 10 Feb 2020 21:51:45 +0000 (21:51 +0000)]
Stub searchs for certificates in tests

4 years agoMake sure g++ is installed for the blogs cookbook
Tom Hughes [Mon, 10 Feb 2020 21:34:30 +0000 (21:34 +0000)]
Make sure g++ is installed for the blogs cookbook

4 years agoUse bundler 1.x for the blogs cookbook
Tom Hughes [Mon, 10 Feb 2020 21:34:11 +0000 (21:34 +0000)]
Use bundler 1.x for the blogs cookbook

4 years agoImprove name generations for ssh_known_hosts
Tom Hughes [Sun, 9 Feb 2020 15:24:59 +0000 (15:24 +0000)]
Improve name generations for ssh_known_hosts

4 years agoInclude sshfp on DNS management host
Tom Hughes [Sat, 8 Feb 2020 15:48:25 +0000 (15:48 +0000)]
Include sshfp on DNS management host

4 years agoRevert "Generate a DNS include file for SSHFP records"
Tom Hughes [Sat, 8 Feb 2020 15:47:40 +0000 (15:47 +0000)]
Revert "Generate a DNS include file for SSHFP records"

This reverts commit 269b5b28ccf95dd4b96cac3f51168ea3280c83db.

4 years agoGenerate a DNS include file for SSHFP records
Tom Hughes [Sat, 8 Feb 2020 15:41:10 +0000 (15:41 +0000)]
Generate a DNS include file for SSHFP records

4 years agoDisable dnscontrol installation until a new version is available
Tom Hughes [Sat, 8 Feb 2020 11:00:29 +0000 (11:00 +0000)]
Disable dnscontrol installation until a new version is available

4 years agoInstall dnscontrol and API credentials on DNS management server
Tom Hughes [Fri, 7 Feb 2020 15:39:00 +0000 (15:39 +0000)]
Install dnscontrol and API credentials on DNS management server

4 years agoplanet: increase bandwidth cap
Grant Slater [Wed, 5 Feb 2020 23:40:15 +0000 (23:40 +0000)]
planet: increase bandwidth cap

4 years agoplanet: run mirror redirect more often, fix minor escaping issue
Grant Slater [Wed, 5 Feb 2020 20:19:03 +0000 (20:19 +0000)]
planet: run mirror redirect more often, fix minor escaping issue

4 years agoMerge pull request #265 from mmd-osm/patch/planet_redirect
Grant [Wed, 5 Feb 2020 20:08:10 +0000 (20:08 +0000)]
Merge pull request #265 from mmd-osm/patch/planet_redirect

Planet redirect: add pbf+full history

4 years agoPlanet redirect: add pbf+full history
mmd-osm [Wed, 5 Feb 2020 20:00:33 +0000 (21:00 +0100)]
Planet redirect: add pbf+full history

Fixes https://github.com/openstreetmap/operations/issues/355

4 years agoReduce cache memory limit on keizer
Tom Hughes [Mon, 3 Feb 2020 13:01:12 +0000 (13:01 +0000)]
Reduce cache memory limit on keizer

4 years agotilecache: increases cache size (where available)
Grant Slater [Sun, 2 Feb 2020 23:18:35 +0000 (23:18 +0000)]
tilecache: increases cache size (where available)

4 years agotilecache: nginx cache more layers
Grant Slater [Sun, 2 Feb 2020 23:03:31 +0000 (23:03 +0000)]
tilecache: nginx cache more layers

4 years agosystemd: add dropin support for exec actions
Grant Slater [Sun, 2 Feb 2020 22:32:19 +0000 (22:32 +0000)]
systemd: add dropin support for exec actions

4 years agoUpdate carto stylesheet to v4.25.0
Tom Hughes [Sat, 1 Feb 2020 16:17:18 +0000 (16:17 +0000)]
Update carto stylesheet to v4.25.0

Closes #264

4 years agoMerge remote-tracking branch 'github/pull/263'
Tom Hughes [Fri, 31 Jan 2020 18:05:08 +0000 (18:05 +0000)]
Merge remote-tracking branch 'github/pull/263'

4 years agoImprove wording when not to use this form
polarbearing [Fri, 31 Jan 2020 18:01:57 +0000 (19:01 +0100)]
Improve wording when not to use this form

as discussed in recent DWG meeting, the target wiki page has already been updated accordingly. Intention is to reduce the misdirected requests.

4 years agonominatim now needs python3-psycopg2
Sarah Hoffmann [Fri, 31 Jan 2020 17:09:19 +0000 (18:09 +0100)]
nominatim now needs python3-psycopg2

4 years agoSwitch MTA-STS policy to enforce mode
Tom Hughes [Wed, 29 Jan 2020 18:01:37 +0000 (18:01 +0000)]
Switch MTA-STS policy to enforce mode

4 years agoRestrict MTA-STS to the MX domains
Tom Hughes [Tue, 28 Jan 2020 18:56:21 +0000 (18:56 +0000)]
Restrict MTA-STS to the MX domains

4 years agoAllow access to MTA-STS policy files
Tom Hughes [Tue, 28 Jan 2020 18:50:56 +0000 (18:50 +0000)]
Allow access to MTA-STS policy files

4 years agoSet directory for MTA-STS policy files
Tom Hughes [Tue, 28 Jan 2020 18:40:41 +0000 (18:40 +0000)]
Set directory for MTA-STS policy files

4 years agoIssue SMTP certificate for all domains we handle
Tom Hughes [Tue, 28 Jan 2020 18:35:20 +0000 (18:35 +0000)]
Issue SMTP certificate for all domains we handle

4 years agoPublish MTA-STS policy for mail domains
Tom Hughes [Tue, 28 Jan 2020 17:40:02 +0000 (17:40 +0000)]
Publish MTA-STS policy for mail domains

4 years agoplanet: move rate limit banner to page top
Grant Slater [Sun, 26 Jan 2020 13:43:03 +0000 (13:43 +0000)]
planet: move rate limit banner to page top

4 years agoplanet: add message to correct header
Grant Slater [Sun, 26 Jan 2020 13:36:07 +0000 (13:36 +0000)]
planet: add message to correct header

4 years agoplanet: Add ratelimit header notice
Grant Slater [Sun, 26 Jan 2020 13:28:24 +0000 (13:28 +0000)]
planet: Add ratelimit header notice

4 years agomediawiki: tune abusefilter limits. Fix #353
Grant Slater [Sat, 25 Jan 2020 14:15:03 +0000 (14:15 +0000)]
mediawiki: tune abusefilter limits. Fix #353

4 years agoReduce cache memory limit on tuatara
Tom Hughes [Thu, 23 Jan 2020 10:30:48 +0000 (10:30 +0000)]
Reduce cache memory limit on tuatara