]> git.openstreetmap.org Git - chef.git/log
chef.git
20 months agoReplace incron with inotifywait as the planetdump trigger
Tom Hughes [Fri, 24 Mar 2023 16:49:03 +0000 (16:49 +0000)]
Replace incron with inotifywait as the planetdump trigger

21 months agoMerge remote-tracking branch 'github/pull/585'
Tom Hughes [Fri, 24 Mar 2023 12:13:13 +0000 (12:13 +0000)]
Merge remote-tracking branch 'github/pull/585'

21 months agoBump cookstyle from 7.32.1 to 7.32.2
dependabot[bot] [Fri, 24 Mar 2023 11:57:11 +0000 (11:57 +0000)]
Bump cookstyle from 7.32.1 to 7.32.2

Bumps [cookstyle](https://github.com/chef/cookstyle) from 7.32.1 to 7.32.2.
- [Release notes](https://github.com/chef/cookstyle/releases)
- [Changelog](https://github.com/chef/cookstyle/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chef/cookstyle/compare/v7.32.1...v7.32.2)

---
updated-dependencies:
- dependency-name: cookstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
21 months agoMake sure meraxes holds a DHCPv6 lease
Tom Hughes [Fri, 24 Mar 2023 10:11:59 +0000 (10:11 +0000)]
Make sure meraxes holds a DHCPv6 lease

21 months agoAdd debian-11 to test kitchen platforms
Tom Hughes [Thu, 23 Mar 2023 20:20:25 +0000 (20:20 +0000)]
Add debian-11 to test kitchen platforms

21 months agoUse java 11 for logstash for debian compatibility
Tom Hughes [Thu, 23 Mar 2023 18:50:42 +0000 (18:50 +0000)]
Use java 11 for logstash for debian compatibility

21 months agoGet hardware cookbook working on debian
Tom Hughes [Thu, 23 Mar 2023 18:28:11 +0000 (18:28 +0000)]
Get hardware cookbook working on debian

21 months agocommunity: dummy commit to bump version
Grant Slater [Thu, 23 Mar 2023 13:02:54 +0000 (13:02 +0000)]
community: dummy commit to bump version

21 months agodns: upgrade dnscontrol to 3.29.0
Grant Slater [Thu, 23 Mar 2023 10:26:27 +0000 (10:26 +0000)]
dns: upgrade dnscontrol to 3.29.0

21 months agoGet geoipdate working on debian
Tom Hughes [Wed, 22 Mar 2023 22:34:48 +0000 (22:34 +0000)]
Get geoipdate working on debian

21 months agoGet chef cookbook working on debian
Tom Hughes [Wed, 22 Mar 2023 22:26:48 +0000 (22:26 +0000)]
Get chef cookbook working on debian

21 months agoUse mariadb instead of mysql on debian
Tom Hughes [Wed, 22 Mar 2023 20:32:16 +0000 (20:32 +0000)]
Use mariadb instead of mysql on debian

21 months agoGet dhcpd working on debian
Tom Hughes [Wed, 22 Mar 2023 20:14:40 +0000 (20:14 +0000)]
Get dhcpd working on debian

21 months agoGet apt configuration working on debian
Tom Hughes [Tue, 21 Mar 2023 20:45:54 +0000 (20:45 +0000)]
Get apt configuration working on debian

21 months agoDrop no longer used forum tests
Tom Hughes [Wed, 22 Mar 2023 22:09:42 +0000 (22:09 +0000)]
Drop no longer used forum tests

21 months agoDrop unused ubuntugis repository support
Tom Hughes [Wed, 22 Mar 2023 19:12:49 +0000 (19:12 +0000)]
Drop unused ubuntugis repository support

21 months agoDrop use of git-core PPA
Tom Hughes [Wed, 22 Mar 2023 18:44:13 +0000 (18:44 +0000)]
Drop use of git-core PPA

21 months agoDisable autovacuum logging for prometheus
Tom Hughes [Tue, 21 Mar 2023 18:55:17 +0000 (18:55 +0000)]
Disable autovacuum logging for prometheus

21 months agoRemove netplan support
Tom Hughes [Tue, 21 Mar 2023 18:48:15 +0000 (18:48 +0000)]
Remove netplan support

21 months agoExpect apache to listen on tcp6 instead of tcp
Tom Hughes [Tue, 21 Mar 2023 18:47:53 +0000 (18:47 +0000)]
Expect apache to listen on tcp6 instead of tcp

21 months agoReduce sensitivity of CPU pressure alerts
Tom Hughes [Tue, 21 Mar 2023 17:34:01 +0000 (17:34 +0000)]
Reduce sensitivity of CPU pressure alerts

21 months agoSwitch remaining machines to use systemd-networkd
Tom Hughes [Tue, 21 Mar 2023 17:04:50 +0000 (17:04 +0000)]
Switch remaining machines to use systemd-networkd

21 months agoSwitch machines in Amsterdam to use systemd-networkd
Tom Hughes [Tue, 21 Mar 2023 13:41:41 +0000 (13:41 +0000)]
Switch machines in Amsterdam to use systemd-networkd

21 months agoDrop blackholing of Google IPv6 blocks in Amsterdam
Tom Hughes [Tue, 21 Mar 2023 11:36:53 +0000 (11:36 +0000)]
Drop blackholing of Google IPv6 blocks in Amsterdam

21 months agoIgnore additional routes that point at ourselves
Tom Hughes [Tue, 21 Mar 2023 11:24:11 +0000 (11:24 +0000)]
Ignore additional routes that point at ourselves

21 months agoSwitch machines at UCL to use systemd-networkd
Tom Hughes [Tue, 21 Mar 2023 10:49:01 +0000 (10:49 +0000)]
Switch machines at UCL to use systemd-networkd

21 months agoSwitch machines in Dublin to use systemd-networkd
Tom Hughes [Tue, 21 Mar 2023 08:45:30 +0000 (08:45 +0000)]
Switch machines in Dublin to use systemd-networkd

21 months agoSwitch horntail to use systemd-networkd
Tom Hughes [Tue, 21 Mar 2023 08:41:42 +0000 (08:41 +0000)]
Switch horntail to use systemd-networkd

21 months agoFix typo
Tom Hughes [Mon, 20 Mar 2023 22:24:51 +0000 (22:24 +0000)]
Fix typo

21 months agoSwitch grindtooth to use systemd-networkd
Tom Hughes [Mon, 20 Mar 2023 22:21:43 +0000 (22:21 +0000)]
Switch grindtooth to use systemd-networkd

21 months agoDon't try and recreate bond and vlan devices
Tom Hughes [Mon, 20 Mar 2023 20:52:00 +0000 (20:52 +0000)]
Don't try and recreate bond and vlan devices

21 months agoUse correct gateway for additional routes
Tom Hughes [Mon, 20 Mar 2023 20:15:59 +0000 (20:15 +0000)]
Use correct gateway for additional routes

21 months agoSwitch naga to use systemd-networkd
Tom Hughes [Mon, 20 Mar 2023 20:04:48 +0000 (20:04 +0000)]
Switch naga to use systemd-networkd

21 months agoAdd support for using systemd-networkd directly instead of netplan
Tom Hughes [Sun, 19 Mar 2023 17:48:43 +0000 (17:48 +0000)]
Add support for using systemd-networkd directly instead of netplan

21 months agoImprove naming of wireguard configuration files
Tom Hughes [Mon, 20 Mar 2023 17:41:41 +0000 (17:41 +0000)]
Improve naming of wireguard configuration files

21 months agoDrop support for Ubuntu 18.04
Tom Hughes [Mon, 20 Mar 2023 17:19:58 +0000 (17:19 +0000)]
Drop support for Ubuntu 18.04

21 months agoFix nftable stop on gateway machines
Tom Hughes [Sat, 18 Mar 2023 12:10:24 +0000 (12:10 +0000)]
Fix nftable stop on gateway machines

21 months agoEnable implicit conversion of addresses to strings
Tom Hughes [Sat, 18 Mar 2023 11:47:23 +0000 (11:47 +0000)]
Enable implicit conversion of addresses to strings

21 months agoCoerce addresses to strings
Tom Hughes [Sat, 18 Mar 2023 11:43:55 +0000 (11:43 +0000)]
Coerce addresses to strings

21 months agoAdd comparison operator for IP addresses
Tom Hughes [Sat, 18 Mar 2023 11:38:32 +0000 (11:38 +0000)]
Add comparison operator for IP addresses

21 months agoMerge interface families
Tom Hughes [Sat, 18 Mar 2023 11:02:29 +0000 (11:02 +0000)]
Merge interface families

Merge separate IPv4 and IPv6 interface definitions into a
single definition with two sets of addresses.

21 months agoSuppress file changed warnings during discourse backup
Tom Hughes [Sat, 18 Mar 2023 07:36:53 +0000 (07:36 +0000)]
Suppress file changed warnings during discourse backup

21 months agoInstall libjson-xs-perl on dev for rails asset cleanup
Tom Hughes [Sat, 18 Mar 2023 07:35:40 +0000 (07:35 +0000)]
Install libjson-xs-perl on dev for rails asset cleanup

21 months agodev: add aria2 to required packages
Grant Slater [Fri, 17 Mar 2023 13:59:12 +0000 (13:59 +0000)]
dev: add aria2 to required packages

21 months agoquote groups with dash
Grant Slater [Fri, 17 Mar 2023 13:55:37 +0000 (13:55 +0000)]
quote groups with dash

21 months agoEnable za-imagery user and role
Grant Slater [Fri, 17 Mar 2023 13:54:03 +0000 (13:54 +0000)]
Enable za-imagery user and role

21 months agoAdd extra dev users. ZA Imagery
Grant Slater [Fri, 17 Mar 2023 09:51:39 +0000 (09:51 +0000)]
Add extra dev users. ZA Imagery

21 months agobind: add missing networking dependency
Grant Slater [Wed, 15 Mar 2023 14:56:01 +0000 (14:56 +0000)]
bind: add missing networking dependency

21 months agowordpress: Allow access to robots.txt and similar files
Grant Slater [Wed, 15 Mar 2023 14:03:35 +0000 (14:03 +0000)]
wordpress: Allow access to robots.txt and similar files

21 months agowordpress: Remove duplicate memory limit. Add ENV type
Grant Slater [Wed, 15 Mar 2023 14:02:55 +0000 (14:02 +0000)]
wordpress: Remove duplicate memory limit. Add ENV type

21 months agowordpress: Increase memory limit to allow large image resizes
Grant Slater [Wed, 15 Mar 2023 13:10:52 +0000 (13:10 +0000)]
wordpress: Increase memory limit to allow large image resizes

21 months agowordpress: Disable fail2ban health filter check
Grant Slater [Wed, 15 Mar 2023 12:37:33 +0000 (12:37 +0000)]
wordpress: Disable fail2ban health filter check

21 months agowordpress: update RewriteRule to recommendation
Grant Slater [Wed, 15 Mar 2023 12:03:18 +0000 (12:03 +0000)]
wordpress: update RewriteRule to recommendation

21 months agowordpress: enable CGIPassAuth
Grant Slater [Wed, 15 Mar 2023 12:02:27 +0000 (12:02 +0000)]
wordpress: enable CGIPassAuth

21 months agowordpress: add php-imagick
Grant Slater [Tue, 14 Mar 2023 17:51:37 +0000 (17:51 +0000)]
wordpress: add php-imagick

21 months agowordpress: install wordpress cli
Grant Slater [Tue, 14 Mar 2023 13:26:45 +0000 (13:26 +0000)]
wordpress: install wordpress cli

21 months agoSimplify generation of ACLs for munin and logstash
Tom Hughes [Mon, 13 Mar 2023 20:57:10 +0000 (20:57 +0000)]
Simplify generation of ACLs for munin and logstash

21 months agoSimplify named configuration
Tom Hughes [Mon, 13 Mar 2023 20:20:02 +0000 (20:20 +0000)]
Simplify named configuration

21 months agoAdd tools to block and unblock addresses
Tom Hughes [Sun, 12 Mar 2023 11:41:21 +0000 (11:41 +0000)]
Add tools to block and unblock addresses

21 months agoPreserve blocklists over firewall restarts
Tom Hughes [Sun, 12 Mar 2023 11:07:07 +0000 (11:07 +0000)]
Preserve blocklists over firewall restarts

21 months agoRemove unused template
Tom Hughes [Sun, 12 Mar 2023 11:01:59 +0000 (11:01 +0000)]
Remove unused template

21 months agoGeneralise configuration of firewall sets
Tom Hughes [Sat, 11 Mar 2023 14:45:43 +0000 (14:45 +0000)]
Generalise configuration of firewall sets

21 months agoFix newline suppression in ERB template
Tom Hughes [Sat, 11 Mar 2023 14:45:11 +0000 (14:45 +0000)]
Fix newline suppression in ERB template

21 months agoFix munin node configuration
Tom Hughes [Sat, 11 Mar 2023 14:34:10 +0000 (14:34 +0000)]
Fix munin node configuration

21 months agoRefactor firewall rules to simplify IPv4/IPv6 handling
Tom Hughes [Thu, 9 Mar 2023 18:26:46 +0000 (18:26 +0000)]
Refactor firewall rules to simplify IPv4/IPv6 handling

21 months agoMake sure database backups abort on error
Tom Hughes [Sat, 11 Mar 2023 07:51:44 +0000 (07:51 +0000)]
Make sure database backups abort on error

21 months agoDrop role for pummelzacken
Tom Hughes [Fri, 10 Mar 2023 12:20:27 +0000 (12:20 +0000)]
Drop role for pummelzacken

21 months agoDrop role for noquiklos
Tom Hughes [Fri, 10 Mar 2023 07:05:25 +0000 (07:05 +0000)]
Drop role for noquiklos

21 months agoReorder authorization matches
Tom Hughes [Thu, 9 Mar 2023 21:54:21 +0000 (21:54 +0000)]
Reorder authorization matches

21 months agoImprove error handling in API statistics daemon
Tom Hughes [Thu, 9 Mar 2023 21:49:23 +0000 (21:49 +0000)]
Improve error handling in API statistics daemon

21 months agoAdd a metric to track usage of API authentication methods
Tom Hughes [Thu, 9 Mar 2023 21:34:56 +0000 (21:34 +0000)]
Add a metric to track usage of API authentication methods

21 months agoRestart smokeping exporter when the configuration changes
Tom Hughes [Thu, 9 Mar 2023 13:47:48 +0000 (13:47 +0000)]
Restart smokeping exporter when the configuration changes

21 months agoDrop roles for clifford and sarel
Tom Hughes [Thu, 9 Mar 2023 12:49:47 +0000 (12:49 +0000)]
Drop roles for clifford and sarel

21 months agoRelax thresholds for packet loss reporting
Tom Hughes [Thu, 9 Mar 2023 08:26:59 +0000 (08:26 +0000)]
Relax thresholds for packet loss reporting

21 months agodns: upgrade dnscontrol to 3.27.2
Grant Slater [Thu, 9 Mar 2023 07:15:47 +0000 (07:15 +0000)]
dns: upgrade dnscontrol to 3.27.2

Signed-off-by: Grant Slater <github@firefishy.com>
21 months agoScale some percentage values correctly in alerts
Tom Hughes [Wed, 8 Mar 2023 22:44:29 +0000 (22:44 +0000)]
Scale some percentage values correctly in alerts

21 months agoAdd a packet loss alert
Tom Hughes [Wed, 8 Mar 2023 20:28:06 +0000 (20:28 +0000)]
Add a packet loss alert

21 months agoFix sandboxing of smokeping exporter
Tom Hughes [Wed, 8 Mar 2023 19:25:41 +0000 (19:25 +0000)]
Fix sandboxing of smokeping exporter

21 months agoFix typo
Tom Hughes [Wed, 8 Mar 2023 18:51:43 +0000 (18:51 +0000)]
Fix typo

21 months agoSort ping targets
Tom Hughes [Wed, 8 Mar 2023 18:35:40 +0000 (18:35 +0000)]
Sort ping targets

21 months agoRun smokeping exporter on gateways
Tom Hughes [Wed, 8 Mar 2023 18:33:24 +0000 (18:33 +0000)]
Run smokeping exporter on gateways

21 months agocommunity: minor feed url fix
Grant Slater [Wed, 8 Mar 2023 14:34:28 +0000 (14:34 +0000)]
community: minor feed url fix

21 months agocommunity: add workaround method to add custom feed
Grant Slater [Wed, 8 Mar 2023 14:16:39 +0000 (14:16 +0000)]
community: add workaround method to add custom feed

21 months agocommunity: disable feed for moment
Grant Slater [Wed, 8 Mar 2023 13:54:12 +0000 (13:54 +0000)]
community: disable feed for moment

21 months agoRemove old forum code. Add cert to discourse
Grant Slater [Wed, 8 Mar 2023 09:15:30 +0000 (09:15 +0000)]
Remove old forum code. Add cert to discourse

21 months agocommunity: Add missing atom file
Grant Slater [Wed, 8 Mar 2023 09:12:39 +0000 (09:12 +0000)]
community: Add missing atom file

21 months agoDon't filter outgoing multicast packets
Tom Hughes [Wed, 8 Mar 2023 08:59:26 +0000 (08:59 +0000)]
Don't filter outgoing multicast packets

21 months agocommunity: Add custom static atom feed
Grant Slater [Wed, 8 Mar 2023 08:48:19 +0000 (08:48 +0000)]
community: Add custom static atom feed

Signed-off-by: Grant Slater <github@firefishy.com>
21 months agoFix test failures
Tom Hughes [Tue, 7 Mar 2023 21:25:18 +0000 (21:25 +0000)]
Fix test failures

21 months agoFix icmp echo rate limiting
Tom Hughes [Tue, 7 Mar 2023 20:27:37 +0000 (20:27 +0000)]
Fix icmp echo rate limiting

21 months agoReintroduce helper support and implement it
Tom Hughes [Tue, 7 Mar 2023 19:55:11 +0000 (19:55 +0000)]
Reintroduce helper support and implement it

21 months agoPort custom firewall rule to nftables
Tom Hughes [Tue, 7 Mar 2023 19:19:14 +0000 (19:19 +0000)]
Port custom firewall rule to nftables

21 months agoSimplify rate limit and connection limit configuration
Tom Hughes [Tue, 7 Mar 2023 19:16:42 +0000 (19:16 +0000)]
Simplify rate limit and connection limit configuration

21 months agoDrop unused support for conntrack helpers
Tom Hughes [Tue, 7 Mar 2023 19:14:35 +0000 (19:14 +0000)]
Drop unused support for conntrack helpers

21 months agoDrop tcp vs tcp:syn distinction
Tom Hughes [Tue, 7 Mar 2023 19:13:38 +0000 (19:13 +0000)]
Drop tcp vs tcp:syn distinction

21 months agoMerge http and https rules
Tom Hughes [Tue, 7 Mar 2023 19:07:36 +0000 (19:07 +0000)]
Merge http and https rules

21 months agoSimpligy configuration of port numbers in firewall rules
Tom Hughes [Tue, 7 Mar 2023 19:06:00 +0000 (19:06 +0000)]
Simpligy configuration of port numbers in firewall rules

21 months agoUse interval sets for blocklists
Tom Hughes [Tue, 7 Mar 2023 18:04:34 +0000 (18:04 +0000)]
Use interval sets for blocklists

21 months agoRename firewall tables to avoid any clash with iptables
Tom Hughes [Tue, 7 Mar 2023 18:00:02 +0000 (18:00 +0000)]
Rename firewall tables to avoid any clash with iptables

21 months agofoundation: add pptx to dwg
Grant Slater [Tue, 7 Mar 2023 08:47:59 +0000 (08:47 +0000)]
foundation: add pptx to dwg

Signed-off-by: Grant Slater <github@firefishy.com>