]> git.openstreetmap.org Git - chef.git/log
chef.git
13 months agoEnable upload rate limiting for cgimap
Tom Hughes [Wed, 15 Nov 2023 17:22:16 +0000 (17:22 +0000)]
Enable upload rate limiting for cgimap

13 months agoSet SECRET_KEY_BASE when delivering messages from email
Tom Hughes [Mon, 13 Nov 2023 18:57:13 +0000 (18:57 +0000)]
Set SECRET_KEY_BASE when delivering messages from email

13 months agoSet SECRET_KEY_BASE_DUMMY for the statistics script
Tom Hughes [Thu, 9 Nov 2023 00:23:13 +0000 (00:23 +0000)]
Set SECRET_KEY_BASE_DUMMY for the statistics script

13 months agoSet SECRET_KEY_BASE for rails job runners
Tom Hughes [Wed, 8 Nov 2023 19:05:47 +0000 (19:05 +0000)]
Set SECRET_KEY_BASE for rails job runners

13 months agoSet SECRET_KEY_BASE_DUMMY when building assets
Tom Hughes [Wed, 8 Nov 2023 18:54:44 +0000 (18:54 +0000)]
Set SECRET_KEY_BASE_DUMMY when building assets

13 months agoSet memory limits for user slices on the dev server
Tom Hughes [Wed, 8 Nov 2023 18:48:23 +0000 (18:48 +0000)]
Set memory limits for user slices on the dev server

13 months agoDisable RemoveIPC for reindex services
Tom Hughes [Sun, 5 Nov 2023 15:11:21 +0000 (15:11 +0000)]
Disable RemoveIPC for reindex services

13 months agoEnable cgimap with ratelimit-upload option for tomh dev site
Tom Hughes [Sat, 4 Nov 2023 15:26:38 +0000 (15:26 +0000)]
Enable cgimap with ratelimit-upload option for tomh dev site

13 months agoInstall libxml-twig-perl on the dev server
Tom Hughes [Fri, 3 Nov 2023 17:15:49 +0000 (17:15 +0000)]
Install libxml-twig-perl on the dev server

13 months agoUse sql_exporter to monitor rails queue lengths
Tom Hughes [Thu, 2 Nov 2023 18:40:08 +0000 (18:40 +0000)]
Use sql_exporter to monitor rails queue lengths

13 months agoAdd support for using sql_exporter to query postgres
Tom Hughes [Thu, 2 Nov 2023 18:19:39 +0000 (18:19 +0000)]
Add support for using sql_exporter to query postgres

13 months agoDrop rails71 dev site
Tom Hughes [Thu, 2 Nov 2023 11:39:44 +0000 (11:39 +0000)]
Drop rails71 dev site

13 months agodiscourse: increase smtp timeouts
Grant Slater [Wed, 1 Nov 2023 21:54:15 +0000 (21:54 +0000)]
discourse: increase smtp timeouts

13 months agoDrop alertmanager API block
Tom Hughes [Wed, 1 Nov 2023 20:27:28 +0000 (20:27 +0000)]
Drop alertmanager API block

The whole of alertmanager is IP restricted anyway.

13 months agoAllow domain level blocks on email senders
Tom Hughes [Wed, 1 Nov 2023 09:02:35 +0000 (09:02 +0000)]
Allow domain level blocks on email senders

13 months agoRevert "Allow domain level blocks on email senders"
Grant Slater [Wed, 1 Nov 2023 16:57:40 +0000 (16:57 +0000)]
Revert "Allow domain level blocks on email senders"

This reverts commit a54ccb43f33b675eed9ff85da0eebc951f0558c0.

13 months agoAllow domain level blocks on email senders
Tom Hughes [Wed, 1 Nov 2023 09:02:35 +0000 (09:02 +0000)]
Allow domain level blocks on email senders

13 months agoplanet: allow redirect to eu or us bucket for all years
Grant Slater [Mon, 30 Oct 2023 13:45:31 +0000 (13:45 +0000)]
planet: allow redirect to eu or us bucket for all years

13 months agoplanet: wait for s3 replication to complete
Grant Slater [Mon, 30 Oct 2023 13:41:52 +0000 (13:41 +0000)]
planet: wait for s3 replication to complete

13 months agoplanet: add S3 buckets to torrents
Grant Slater [Mon, 30 Oct 2023 11:18:30 +0000 (11:18 +0000)]
planet: add S3 buckets to torrents

13 months agoplanet: first copy to s3
Grant Slater [Mon, 30 Oct 2023 10:55:01 +0000 (10:55 +0000)]
planet: first copy to s3

13 months agoConfigure moderator limits for cgimap explicitly
Tom Hughes [Mon, 30 Oct 2023 12:46:24 +0000 (12:46 +0000)]
Configure moderator limits for cgimap explicitly

13 months agopodman: workaround ubuntu 22.04 crun bug
Grant Slater [Sat, 28 Oct 2023 22:01:58 +0000 (23:01 +0100)]
podman: workaround ubuntu 22.04 crun bug

13 months agopodman: avoid starting and immediate restart on first run
Grant Slater [Fri, 27 Oct 2023 21:11:28 +0000 (22:11 +0100)]
podman: avoid starting and immediate restart on first run

14 months agocivicrm + extensions version bump
Guillaume RISCHARD [Thu, 26 Oct 2023 20:08:52 +0000 (16:08 -0400)]
civicrm + extensions version bump

14 months agoInstall libbytes-random-secure-perl on the dev server
Tom Hughes [Thu, 26 Oct 2023 14:33:42 +0000 (15:33 +0100)]
Install libbytes-random-secure-perl on the dev server

14 months agodns: bump dnscontrol to v4.6.0
Grant Slater [Wed, 25 Oct 2023 08:22:39 +0000 (09:22 +0100)]
dns: bump dnscontrol to v4.6.0

14 months agoPublish global state for changesets after local state
Tom Hughes [Tue, 24 Oct 2023 06:08:41 +0000 (07:08 +0100)]
Publish global state for changesets after local state

14 months agoplanet: also sync to s3 changeset state config file
Grant Slater [Tue, 24 Oct 2023 06:03:05 +0000 (07:03 +0100)]
planet: also sync to s3 changeset state config file

14 months agoUse S3 as the source for replication diffs for render servers
Tom Hughes [Sun, 22 Oct 2023 18:36:17 +0000 (19:36 +0100)]
Use S3 as the source for replication diffs for render servers

14 months agoplanet: cleanup redirects and add replication diff redirects
Grant Slater [Sun, 22 Oct 2023 19:14:06 +0000 (20:14 +0100)]
planet: cleanup redirects and add replication diff redirects

14 months agoAvoid double call to ip2region; consolidate rewrite conditions
Guillaume Rischard [Sat, 21 Oct 2023 16:51:38 +0000 (12:51 -0400)]
Avoid double call to ip2region; consolidate rewrite conditions

14 months agoUse dual stack (IPv4/IPv6) S3 endpoints for public-facing planet
Guillaume Rischard [Sat, 21 Oct 2023 16:25:09 +0000 (12:25 -0400)]
Use dual stack (IPv4/IPv6) S3 endpoints for public-facing planet

Fixes https://github.com/openstreetmap/operations/issues/983

14 months agoSwitch palulukon to use postgres 16
Tom Hughes [Sat, 21 Oct 2023 23:04:07 +0000 (00:04 +0100)]
Switch palulukon to use postgres 16

14 months agoMake prometheus backup service fail on error
Tom Hughes [Sat, 21 Oct 2023 14:07:49 +0000 (15:07 +0100)]
Make prometheus backup service fail on error

14 months agoAllow prometheus backup server to acess AWS cache
Tom Hughes [Sat, 21 Oct 2023 14:07:22 +0000 (15:07 +0100)]
Allow prometheus backup server to acess AWS cache

14 months agoSilence curl progress messages
Tom Hughes [Sat, 21 Oct 2023 14:06:25 +0000 (15:06 +0100)]
Silence curl progress messages

14 months agoEnable prometheus backup timer
Tom Hughes [Sat, 21 Oct 2023 14:05:34 +0000 (15:05 +0100)]
Enable prometheus backup timer

14 months agoMerge remote-tracking branch 'github/pull/631'
Tom Hughes [Sat, 21 Oct 2023 14:03:25 +0000 (15:03 +0100)]
Merge remote-tracking branch 'github/pull/631'

14 months agoBackup prometheus data to S3
Tom Hughes [Sat, 21 Oct 2023 11:51:32 +0000 (12:51 +0100)]
Backup prometheus data to S3

14 months agoDisable progress messages for osm2pgsql
Tom Hughes [Sat, 21 Oct 2023 10:52:13 +0000 (11:52 +0100)]
Disable progress messages for osm2pgsql

14 months agoSwitch piasa to use postgres 16
Tom Hughes [Fri, 20 Oct 2023 23:42:38 +0000 (00:42 +0100)]
Switch piasa to use postgres 16

14 months agoplanet: increase AWS upload max_bandwidth
Grant Slater [Fri, 20 Oct 2023 11:19:13 +0000 (12:19 +0100)]
planet: increase AWS upload max_bandwidth

14 months agoEnable prometheus admin API
Tom Hughes [Thu, 19 Oct 2023 20:19:45 +0000 (21:19 +0100)]
Enable prometheus admin API

14 months agoMake prometheus API blocks work
Tom Hughes [Thu, 19 Oct 2023 20:15:27 +0000 (21:15 +0100)]
Make prometheus API blocks work

14 months agoBlock external access to prometheus admin API
Tom Hughes [Thu, 19 Oct 2023 19:47:09 +0000 (20:47 +0100)]
Block external access to prometheus admin API

14 months agoInstall libyaml-dev for rails
Tom Hughes [Wed, 18 Oct 2023 18:06:32 +0000 (19:06 +0100)]
Install libyaml-dev for rails

14 months agocivicrm version bump, corrected extension name
Guillaume RISCHARD [Tue, 17 Oct 2023 12:21:19 +0000 (08:21 -0400)]
civicrm version bump, corrected extension name

14 months agoStop trying to URI encode passwords
Tom Hughes [Sun, 15 Oct 2023 17:58:50 +0000 (18:58 +0100)]
Stop trying to URI encode passwords

14 months agoMake postgres exporter connect as the prometheus user
Tom Hughes [Sun, 15 Oct 2023 17:42:31 +0000 (18:42 +0100)]
Make postgres exporter connect as the prometheus user

14 months agoGrant roles to newly created users
Tom Hughes [Sun, 15 Oct 2023 11:27:40 +0000 (11:27 +0000)]
Grant roles to newly created users

14 months agoRemove some old cleanup code
Tom Hughes [Sun, 15 Oct 2023 11:19:13 +0000 (12:19 +0100)]
Remove some old cleanup code

14 months agoAdd a prometheus user to all postgres clusters
Tom Hughes [Sun, 15 Oct 2023 11:16:21 +0000 (11:16 +0000)]
Add a prometheus user to all postgres clusters

14 months agoAdd support for granting roles to postgres users
Tom Hughes [Sun, 15 Oct 2023 10:16:01 +0000 (11:16 +0100)]
Add support for granting roles to postgres users

14 months agoSwitch nidhogg to use postgres 16
Tom Hughes [Sat, 14 Oct 2023 14:23:25 +0000 (15:23 +0100)]
Switch nidhogg to use postgres 16

14 months agoSwitch culebre to use postgres 16
Tom Hughes [Fri, 13 Oct 2023 17:54:15 +0000 (18:54 +0100)]
Switch culebre to use postgres 16

14 months agoAdd alert for interface redundancy
Tom Hughes [Fri, 13 Oct 2023 16:54:51 +0000 (17:54 +0100)]
Add alert for interface redundancy

14 months agoReport bond mode for bonded interfaces
Tom Hughes [Fri, 13 Oct 2023 16:39:10 +0000 (17:39 +0100)]
Report bond mode for bonded interfaces

14 months agooxidized: add libyaml-dev requirement
Grant Slater [Fri, 13 Oct 2023 15:47:35 +0000 (16:47 +0100)]
oxidized: add libyaml-dev requirement

14 months agoUse the directory name as the certificate name for uploads
Tom Hughes [Fri, 13 Oct 2023 08:05:47 +0000 (09:05 +0100)]
Use the directory name as the certificate name for uploads

14 months agoStatically configure backup replication metrics
Tom Hughes [Thu, 12 Oct 2023 18:05:13 +0000 (19:05 +0100)]
Statically configure backup replication metrics

14 months agoSet roundingPeriod explicitly for all jobs
Tom Hughes [Thu, 12 Oct 2023 16:17:18 +0000 (17:17 +0100)]
Set roundingPeriod explicitly for all jobs

14 months agoSplit daily metrics into separate jobs
Tom Hughes [Thu, 12 Oct 2023 15:54:39 +0000 (16:54 +0100)]
Split daily metrics into separate jobs

14 months agoLook back two days for S2 daily statistics
Tom Hughes [Thu, 12 Oct 2023 14:33:22 +0000 (15:33 +0100)]
Look back two days for S2 daily statistics

14 months agoRevert "cloudwatch: add eu-north-1 for osm-main to collect replication metrics"
Grant Slater [Thu, 12 Oct 2023 04:21:27 +0000 (05:21 +0100)]
Revert "cloudwatch: add eu-north-1 for osm-main to collect replication metrics"

This reverts commit 7e0c2e2982f696e3d1e57c6ec4889fe1e6038446.

14 months agoRevert "cloudwatch: Own job for Replication Metrics"
Grant Slater [Thu, 12 Oct 2023 04:21:23 +0000 (05:21 +0100)]
Revert "cloudwatch: Own job for Replication Metrics"

This reverts commit 6c92319de16d70a02efabb29a4ea2d84e83b8acc.

14 months agocloudwatch: Own job for Replication Metrics
Grant Slater [Thu, 12 Oct 2023 03:09:43 +0000 (04:09 +0100)]
cloudwatch: Own job for Replication Metrics

14 months agocloudwatch: add eu-north-1 for osm-main to collect replication metrics
Grant Slater [Thu, 12 Oct 2023 02:50:22 +0000 (03:50 +0100)]
cloudwatch: add eu-north-1 for osm-main to collect replication metrics

14 months agoFix query interval for billing metrics
Tom Hughes [Wed, 11 Oct 2023 23:24:46 +0000 (00:24 +0100)]
Fix query interval for billing metrics

14 months agocloudwatch: Add other billed accounts
Grant Slater [Wed, 11 Oct 2023 22:09:12 +0000 (23:09 +0100)]
cloudwatch: Add other billed accounts

14 months agoAdd monitoring for AWS billing metrics
Tom Hughes [Wed, 11 Oct 2023 18:52:04 +0000 (19:52 +0100)]
Add monitoring for AWS billing metrics

14 months agoAdd monitoring for some EC2 metrics
Tom Hughes [Wed, 11 Oct 2023 18:18:33 +0000 (19:18 +0100)]
Add monitoring for some EC2 metrics

14 months agoInstall awscli on prometheus server
Tom Hughes [Wed, 11 Oct 2023 18:04:19 +0000 (19:04 +0100)]
Install awscli on prometheus server

14 months agocloudwatch: add account name comment
Grant Slater [Wed, 11 Oct 2023 16:50:18 +0000 (17:50 +0100)]
cloudwatch: add account name comment

14 months agocloudwatch: add sts-region
Grant Slater [Wed, 11 Oct 2023 16:36:54 +0000 (17:36 +0100)]
cloudwatch: add sts-region

14 months agoAdd dummy openid connect key for tests
Tom Hughes [Wed, 11 Oct 2023 14:48:45 +0000 (15:48 +0100)]
Add dummy openid connect key for tests

14 months agoAdd additional roles and regions to S3 monitoring
Tom Hughes [Wed, 11 Oct 2023 13:59:01 +0000 (14:59 +0100)]
Add additional roles and regions to S3 monitoring

14 months agoEnable some optional features for the cloudwatch exporter
Tom Hughes [Wed, 11 Oct 2023 07:59:52 +0000 (08:59 +0100)]
Enable some optional features for the cloudwatch exporter

14 months agoRestart cloudwatch exporter when the configuration changes
Tom Hughes [Tue, 10 Oct 2023 23:58:52 +0000 (00:58 +0100)]
Restart cloudwatch exporter when the configuration changes

14 months agoIncrease period for daily S3 metrics
Tom Hughes [Tue, 10 Oct 2023 23:56:15 +0000 (00:56 +0100)]
Increase period for daily S3 metrics

14 months agoConfigure cloudwatch exporter to collect S3 metrics
Tom Hughes [Tue, 10 Oct 2023 23:32:12 +0000 (00:32 +0100)]
Configure cloudwatch exporter to collect S3 metrics

14 months agoSend osmdbt log files to S3
Tom Hughes [Tue, 10 Oct 2023 16:21:27 +0000 (17:21 +0100)]
Send osmdbt log files to S3

14 months agoAdd AWS credentials for osmdbt uploads
Tom Hughes [Tue, 10 Oct 2023 16:06:58 +0000 (17:06 +0100)]
Add AWS credentials for osmdbt uploads

14 months agowordpress: unpin wp-fail2ban release
Grant Slater [Fri, 6 Oct 2023 22:15:49 +0000 (23:15 +0100)]
wordpress: unpin wp-fail2ban release

14 months agoSwitch odin and ysera to use postgres 16
Tom Hughes [Sun, 8 Oct 2023 09:29:59 +0000 (10:29 +0100)]
Switch odin and ysera to use postgres 16

14 months agoFix user creation for new dev sites
Tom Hughes [Sun, 8 Oct 2023 09:13:04 +0000 (10:13 +0100)]
Fix user creation for new dev sites

14 months agoAdd rails71 dev site
Tom Hughes [Sun, 8 Oct 2023 09:00:31 +0000 (10:00 +0100)]
Add rails71 dev site

14 months agoUse local variables in functions to avoid damaging the global scope
Tom Hughes [Sun, 8 Oct 2023 07:43:08 +0000 (08:43 +0100)]
Use local variables in functions to avoid damaging the global scope

14 months agoIgnore ancestry when switching svn branches
Tom Hughes [Fri, 6 Oct 2023 21:40:16 +0000 (22:40 +0100)]
Ignore ancestry when switching svn branches

14 months agoFreeze mutable objects assigned to constants
Guillaume Rischard [Fri, 6 Oct 2023 21:00:57 +0000 (17:00 -0400)]
Freeze mutable objects assigned to constants

Fixes cookstyle complaint:

Calling `DidYouMean::SPELL_CHECKERS.merge!(error_name => spell_checker)' has been deprecated. Please call `DidYouMean.correct_error(error_name, spell_checker)' instead.
Inspecting 597 files
...............................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Offenses:

cookbooks/db/recipes/master.rb:87:22: C: [Correctable] Style/MutableConstant: Freeze mutable objects assigned to constants.
CGIMAP_PERMISSIONS = { ...
                     ^
cookbooks/db/recipes/master.rb:122:26: C: [Correctable] Style/MutableConstant: Freeze mutable objects assigned to constants.
PLANETDUMP_PERMISSIONS = { ...
                         ^
cookbooks/db/recipes/master.rb:128:26: C: [Correctable] Style/MutableConstant: Freeze mutable objects assigned to constants.
PLANETDIFF_PERMISSIONS = { ...
                         ^

597 files inspected, 3 offenses detected, 3 offenses auto-correctable

14 months agocivicrm version bump, new plugins, cleanup
Guillaume RISCHARD [Fri, 6 Oct 2023 20:55:53 +0000 (16:55 -0400)]
civicrm version bump, new plugins, cleanup

14 months agoSimplify configuration of database permissions
Tom Hughes [Fri, 6 Oct 2023 15:40:57 +0000 (15:40 +0000)]
Simplify configuration of database permissions

14 months agoIgnore system tables and sequences
Tom Hughes [Fri, 6 Oct 2023 08:52:40 +0000 (08:52 +0000)]
Ignore system tables and sequences

14 months agoMinimise permissions for planetdump and planetdiff users
Tom Hughes [Fri, 6 Oct 2023 07:13:50 +0000 (08:13 +0100)]
Minimise permissions for planetdump and planetdiff users

14 months agoRun smokeping on prometheus servers
Tom Hughes [Thu, 5 Oct 2023 19:01:28 +0000 (20:01 +0100)]
Run smokeping on prometheus servers

14 months agoAdd additional PostgreSQL ACL permission decoding
Tom Hughes [Thu, 5 Oct 2023 17:24:31 +0000 (17:24 +0000)]
Add additional PostgreSQL ACL permission decoding

https://www.postgresql.org/docs/current/ddl-priv.html#PRIVILEGE-ABBREVS-TABLE

14 months agoManage permissions for database tables and sequences
Tom Hughes [Thu, 5 Oct 2023 17:07:56 +0000 (17:07 +0000)]
Manage permissions for database tables and sequences

14 months agoRemove role for nepomuk
Tom Hughes [Thu, 5 Oct 2023 16:02:17 +0000 (17:02 +0100)]
Remove role for nepomuk

14 months agoDrop role for firnen
Tom Hughes [Thu, 5 Oct 2023 15:45:05 +0000 (16:45 +0100)]
Drop role for firnen

14 months agoAdd postgresql_sequence for managing sequences
Tom Hughes [Thu, 5 Oct 2023 13:29:56 +0000 (13:29 +0000)]
Add postgresql_sequence for managing sequences