]> git.openstreetmap.org Git - chef.git/log
chef.git
19 months agocommunity: enable IPv6 template again
Grant Slater [Fri, 14 Apr 2023 05:02:08 +0000 (06:02 +0100)]
community: enable IPv6 template again

19 months agocommunity: Enable ssl stapling and set a ssl_dhparam
Grant Slater [Fri, 14 Apr 2023 04:41:20 +0000 (05:41 +0100)]
community: Enable ssl stapling and set a ssl_dhparam

19 months agocommunity: Temporarily use discourse-translator fork and add discourse-saved-searches
Grant Slater [Wed, 12 Apr 2023 17:25:38 +0000 (18:25 +0100)]
community: Temporarily use discourse-translator fork and add discourse-saved-searches

* Use a fork of discourse-translator to support sr-Latn see: https://github.com/discourse/discourse-translator/pull/103
* Added discourse-saved-searches

19 months agoApply memory limits to apache servers to avoid memory exhaustion
Tom Hughes [Wed, 12 Apr 2023 17:07:34 +0000 (18:07 +0100)]
Apply memory limits to apache servers to avoid memory exhaustion

19 months agoStop running hwraid status daemons
Tom Hughes [Wed, 12 Apr 2023 16:45:17 +0000 (17:45 +0100)]
Stop running hwraid status daemons

19 months agoSort supybot capabilities in it's prefered order
Tom Hughes [Mon, 10 Apr 2023 18:20:14 +0000 (19:20 +0100)]
Sort supybot capabilities in it's prefered order

19 months agoMove supybot from ironbelly to idris
Tom Hughes [Mon, 10 Apr 2023 18:07:57 +0000 (19:07 +0100)]
Move supybot from ironbelly to idris

19 months agoBase site power alerts on a one hour rolling average
Tom Hughes [Mon, 10 Apr 2023 15:04:05 +0000 (16:04 +0100)]
Base site power alerts on a one hour rolling average

19 months agoAutomate configuration of prometheus allow list for discourse
Tom Hughes [Mon, 10 Apr 2023 15:00:21 +0000 (16:00 +0100)]
Automate configuration of prometheus allow list for discourse

19 months agoRemove site current alerts and update pdu current alerts
Tom Hughes [Mon, 10 Apr 2023 14:45:29 +0000 (15:45 +0100)]
Remove site current alerts and update pdu current alerts

19 months agoIncrease alert window for site power usage alert
Grant Slater [Fri, 7 Apr 2023 00:16:22 +0000 (01:16 +0100)]
Increase alert window for site power usage alert

19 months agocommunity: Enable DISCOURSE_PROMETHEUS_TRUSTED_IP_ALLOWLIST_REGEX
Grant Slater [Thu, 6 Apr 2023 23:23:14 +0000 (00:23 +0100)]
community: Enable DISCOURSE_PROMETHEUS_TRUSTED_IP_ALLOWLIST_REGEX

19 months agoAlert for RAID batteries that have been recharging for too long
Tom Hughes [Thu, 6 Apr 2023 20:27:48 +0000 (21:27 +0100)]
Alert for RAID batteries that have been recharging for too long

19 months agoSet an explicit timeout for the passenger exporter
Tom Hughes [Thu, 6 Apr 2023 20:25:43 +0000 (21:25 +0100)]
Set an explicit timeout for the passenger exporter

19 months agoAdd alerts for site power usage in Amsterdam and Dublin
Tom Hughes [Thu, 6 Apr 2023 19:45:27 +0000 (20:45 +0100)]
Add alerts for site power usage in Amsterdam and Dublin

19 months agoStop mirroring prometheus into promscale
Tom Hughes [Thu, 6 Apr 2023 19:32:36 +0000 (20:32 +0100)]
Stop mirroring prometheus into promscale

19 months agoIncrease prometheus retention time to approximately 18 months
Tom Hughes [Thu, 6 Apr 2023 19:31:54 +0000 (20:31 +0100)]
Increase prometheus retention time to approximately 18 months

19 months agodocker: Enable IPv6 support using ULA
Grant Slater [Wed, 5 Apr 2023 19:37:42 +0000 (20:37 +0100)]
docker: Enable IPv6 support using ULA

Signed-off-by: Grant Slater <github@firefishy.com>
19 months agoAdd msbarry ssh public key header
Grant Slater [Wed, 5 Apr 2023 22:38:52 +0000 (23:38 +0100)]
Add msbarry ssh public key header

19 months agoAdd msbarry ssh public key
Grant Slater [Wed, 5 Apr 2023 22:37:38 +0000 (23:37 +0100)]
Add msbarry ssh public key

19 months agoEnable msbarry on dev and dribble
Grant Slater [Wed, 5 Apr 2023 22:35:15 +0000 (23:35 +0100)]
Enable msbarry on dev and dribble

19 months agocommunity: fix IPv6 port 80 listen
Grant Slater [Wed, 5 Apr 2023 21:08:49 +0000 (22:08 +0100)]
community: fix IPv6 port 80 listen

19 months agocommunity: Enable new IPv6 template
Grant Slater [Wed, 5 Apr 2023 00:59:22 +0000 (01:59 +0100)]
community: Enable new IPv6 template

19 months agoFix path to rails storage
Tom Hughes [Tue, 4 Apr 2023 14:25:14 +0000 (15:25 +0100)]
Fix path to rails storage

19 months agoAllow job runners on dev to write to the activestorage directory
Tom Hughes [Tue, 4 Apr 2023 13:34:23 +0000 (14:34 +0100)]
Allow job runners on dev to write to the activestorage directory

19 months agoSwitch to using containers for ideditor and hot. Move to naga
Grant Slater [Mon, 3 Apr 2023 11:48:21 +0000 (12:48 +0100)]
Switch to using containers for ideditor and hot. Move to naga

19 months agodns: update dnscontrol to 3.30.0
Grant Slater [Fri, 31 Mar 2023 10:04:51 +0000 (11:04 +0100)]
dns: update dnscontrol to 3.30.0

19 months agoDrop roles for drogon and viserion
Tom Hughes [Wed, 29 Mar 2023 10:41:13 +0000 (11:41 +0100)]
Drop roles for drogon and viserion

19 months agoInclude internal addresses in munin allow list
Tom Hughes [Tue, 28 Mar 2023 20:09:12 +0000 (20:09 +0000)]
Include internal addresses in munin allow list

19 months agoStop trying to backup non-existent SOTM 2016 site
Tom Hughes [Tue, 28 Mar 2023 08:33:07 +0000 (09:33 +0100)]
Stop trying to backup non-existent SOTM 2016 site

19 months agoSuppress file changed warnings during SOTM backup
Tom Hughes [Mon, 27 Mar 2023 08:36:54 +0000 (09:36 +0100)]
Suppress file changed warnings during SOTM backup

20 months agoUpdate to planet-dump-ng 1.2.7
Tom Hughes [Fri, 24 Mar 2023 23:57:14 +0000 (23:57 +0000)]
Update to planet-dump-ng 1.2.7

20 months agoInstall planetdump-trigger script
Tom Hughes [Fri, 24 Mar 2023 16:54:21 +0000 (16:54 +0000)]
Install planetdump-trigger script

20 months agoDrop incron support
Tom Hughes [Fri, 24 Mar 2023 16:50:55 +0000 (16:50 +0000)]
Drop incron support

20 months agoReplace incron with inotifywait as the planetdump trigger
Tom Hughes [Fri, 24 Mar 2023 16:49:03 +0000 (16:49 +0000)]
Replace incron with inotifywait as the planetdump trigger

20 months agoMerge remote-tracking branch 'github/pull/585'
Tom Hughes [Fri, 24 Mar 2023 12:13:13 +0000 (12:13 +0000)]
Merge remote-tracking branch 'github/pull/585'

20 months agoBump cookstyle from 7.32.1 to 7.32.2
dependabot[bot] [Fri, 24 Mar 2023 11:57:11 +0000 (11:57 +0000)]
Bump cookstyle from 7.32.1 to 7.32.2

Bumps [cookstyle](https://github.com/chef/cookstyle) from 7.32.1 to 7.32.2.
- [Release notes](https://github.com/chef/cookstyle/releases)
- [Changelog](https://github.com/chef/cookstyle/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chef/cookstyle/compare/v7.32.1...v7.32.2)

---
updated-dependencies:
- dependency-name: cookstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
20 months agoMake sure meraxes holds a DHCPv6 lease
Tom Hughes [Fri, 24 Mar 2023 10:11:59 +0000 (10:11 +0000)]
Make sure meraxes holds a DHCPv6 lease

20 months agoAdd debian-11 to test kitchen platforms
Tom Hughes [Thu, 23 Mar 2023 20:20:25 +0000 (20:20 +0000)]
Add debian-11 to test kitchen platforms

20 months agoUse java 11 for logstash for debian compatibility
Tom Hughes [Thu, 23 Mar 2023 18:50:42 +0000 (18:50 +0000)]
Use java 11 for logstash for debian compatibility

20 months agoGet hardware cookbook working on debian
Tom Hughes [Thu, 23 Mar 2023 18:28:11 +0000 (18:28 +0000)]
Get hardware cookbook working on debian

20 months agocommunity: dummy commit to bump version
Grant Slater [Thu, 23 Mar 2023 13:02:54 +0000 (13:02 +0000)]
community: dummy commit to bump version

20 months agodns: upgrade dnscontrol to 3.29.0
Grant Slater [Thu, 23 Mar 2023 10:26:27 +0000 (10:26 +0000)]
dns: upgrade dnscontrol to 3.29.0

20 months agoGet geoipdate working on debian
Tom Hughes [Wed, 22 Mar 2023 22:34:48 +0000 (22:34 +0000)]
Get geoipdate working on debian

20 months agoGet chef cookbook working on debian
Tom Hughes [Wed, 22 Mar 2023 22:26:48 +0000 (22:26 +0000)]
Get chef cookbook working on debian

20 months agoUse mariadb instead of mysql on debian
Tom Hughes [Wed, 22 Mar 2023 20:32:16 +0000 (20:32 +0000)]
Use mariadb instead of mysql on debian

20 months agoGet dhcpd working on debian
Tom Hughes [Wed, 22 Mar 2023 20:14:40 +0000 (20:14 +0000)]
Get dhcpd working on debian

20 months agoGet apt configuration working on debian
Tom Hughes [Tue, 21 Mar 2023 20:45:54 +0000 (20:45 +0000)]
Get apt configuration working on debian

20 months agoDrop no longer used forum tests
Tom Hughes [Wed, 22 Mar 2023 22:09:42 +0000 (22:09 +0000)]
Drop no longer used forum tests

20 months agoDrop unused ubuntugis repository support
Tom Hughes [Wed, 22 Mar 2023 19:12:49 +0000 (19:12 +0000)]
Drop unused ubuntugis repository support

20 months agoDrop use of git-core PPA
Tom Hughes [Wed, 22 Mar 2023 18:44:13 +0000 (18:44 +0000)]
Drop use of git-core PPA

20 months agoDisable autovacuum logging for prometheus
Tom Hughes [Tue, 21 Mar 2023 18:55:17 +0000 (18:55 +0000)]
Disable autovacuum logging for prometheus

20 months agoRemove netplan support
Tom Hughes [Tue, 21 Mar 2023 18:48:15 +0000 (18:48 +0000)]
Remove netplan support

20 months agoExpect apache to listen on tcp6 instead of tcp
Tom Hughes [Tue, 21 Mar 2023 18:47:53 +0000 (18:47 +0000)]
Expect apache to listen on tcp6 instead of tcp

20 months agoReduce sensitivity of CPU pressure alerts
Tom Hughes [Tue, 21 Mar 2023 17:34:01 +0000 (17:34 +0000)]
Reduce sensitivity of CPU pressure alerts

20 months agoSwitch remaining machines to use systemd-networkd
Tom Hughes [Tue, 21 Mar 2023 17:04:50 +0000 (17:04 +0000)]
Switch remaining machines to use systemd-networkd

20 months agoSwitch machines in Amsterdam to use systemd-networkd
Tom Hughes [Tue, 21 Mar 2023 13:41:41 +0000 (13:41 +0000)]
Switch machines in Amsterdam to use systemd-networkd

20 months agoDrop blackholing of Google IPv6 blocks in Amsterdam
Tom Hughes [Tue, 21 Mar 2023 11:36:53 +0000 (11:36 +0000)]
Drop blackholing of Google IPv6 blocks in Amsterdam

20 months agoIgnore additional routes that point at ourselves
Tom Hughes [Tue, 21 Mar 2023 11:24:11 +0000 (11:24 +0000)]
Ignore additional routes that point at ourselves

20 months agoSwitch machines at UCL to use systemd-networkd
Tom Hughes [Tue, 21 Mar 2023 10:49:01 +0000 (10:49 +0000)]
Switch machines at UCL to use systemd-networkd

20 months agoSwitch machines in Dublin to use systemd-networkd
Tom Hughes [Tue, 21 Mar 2023 08:45:30 +0000 (08:45 +0000)]
Switch machines in Dublin to use systemd-networkd

20 months agoSwitch horntail to use systemd-networkd
Tom Hughes [Tue, 21 Mar 2023 08:41:42 +0000 (08:41 +0000)]
Switch horntail to use systemd-networkd

20 months agoFix typo
Tom Hughes [Mon, 20 Mar 2023 22:24:51 +0000 (22:24 +0000)]
Fix typo

20 months agoSwitch grindtooth to use systemd-networkd
Tom Hughes [Mon, 20 Mar 2023 22:21:43 +0000 (22:21 +0000)]
Switch grindtooth to use systemd-networkd

20 months agoDon't try and recreate bond and vlan devices
Tom Hughes [Mon, 20 Mar 2023 20:52:00 +0000 (20:52 +0000)]
Don't try and recreate bond and vlan devices

20 months agoUse correct gateway for additional routes
Tom Hughes [Mon, 20 Mar 2023 20:15:59 +0000 (20:15 +0000)]
Use correct gateway for additional routes

20 months agoSwitch naga to use systemd-networkd
Tom Hughes [Mon, 20 Mar 2023 20:04:48 +0000 (20:04 +0000)]
Switch naga to use systemd-networkd

20 months agoAdd support for using systemd-networkd directly instead of netplan
Tom Hughes [Sun, 19 Mar 2023 17:48:43 +0000 (17:48 +0000)]
Add support for using systemd-networkd directly instead of netplan

20 months agoImprove naming of wireguard configuration files
Tom Hughes [Mon, 20 Mar 2023 17:41:41 +0000 (17:41 +0000)]
Improve naming of wireguard configuration files

20 months agoDrop support for Ubuntu 18.04
Tom Hughes [Mon, 20 Mar 2023 17:19:58 +0000 (17:19 +0000)]
Drop support for Ubuntu 18.04

20 months agoFix nftable stop on gateway machines
Tom Hughes [Sat, 18 Mar 2023 12:10:24 +0000 (12:10 +0000)]
Fix nftable stop on gateway machines

20 months agoEnable implicit conversion of addresses to strings
Tom Hughes [Sat, 18 Mar 2023 11:47:23 +0000 (11:47 +0000)]
Enable implicit conversion of addresses to strings

20 months agoCoerce addresses to strings
Tom Hughes [Sat, 18 Mar 2023 11:43:55 +0000 (11:43 +0000)]
Coerce addresses to strings

20 months agoAdd comparison operator for IP addresses
Tom Hughes [Sat, 18 Mar 2023 11:38:32 +0000 (11:38 +0000)]
Add comparison operator for IP addresses

20 months agoMerge interface families
Tom Hughes [Sat, 18 Mar 2023 11:02:29 +0000 (11:02 +0000)]
Merge interface families

Merge separate IPv4 and IPv6 interface definitions into a
single definition with two sets of addresses.

20 months agoSuppress file changed warnings during discourse backup
Tom Hughes [Sat, 18 Mar 2023 07:36:53 +0000 (07:36 +0000)]
Suppress file changed warnings during discourse backup

20 months agoInstall libjson-xs-perl on dev for rails asset cleanup
Tom Hughes [Sat, 18 Mar 2023 07:35:40 +0000 (07:35 +0000)]
Install libjson-xs-perl on dev for rails asset cleanup

20 months agodev: add aria2 to required packages
Grant Slater [Fri, 17 Mar 2023 13:59:12 +0000 (13:59 +0000)]
dev: add aria2 to required packages

20 months agoquote groups with dash
Grant Slater [Fri, 17 Mar 2023 13:55:37 +0000 (13:55 +0000)]
quote groups with dash

20 months agoEnable za-imagery user and role
Grant Slater [Fri, 17 Mar 2023 13:54:03 +0000 (13:54 +0000)]
Enable za-imagery user and role

20 months agoAdd extra dev users. ZA Imagery
Grant Slater [Fri, 17 Mar 2023 09:51:39 +0000 (09:51 +0000)]
Add extra dev users. ZA Imagery

20 months agobind: add missing networking dependency
Grant Slater [Wed, 15 Mar 2023 14:56:01 +0000 (14:56 +0000)]
bind: add missing networking dependency

20 months agowordpress: Allow access to robots.txt and similar files
Grant Slater [Wed, 15 Mar 2023 14:03:35 +0000 (14:03 +0000)]
wordpress: Allow access to robots.txt and similar files

20 months agowordpress: Remove duplicate memory limit. Add ENV type
Grant Slater [Wed, 15 Mar 2023 14:02:55 +0000 (14:02 +0000)]
wordpress: Remove duplicate memory limit. Add ENV type

20 months agowordpress: Increase memory limit to allow large image resizes
Grant Slater [Wed, 15 Mar 2023 13:10:52 +0000 (13:10 +0000)]
wordpress: Increase memory limit to allow large image resizes

20 months agowordpress: Disable fail2ban health filter check
Grant Slater [Wed, 15 Mar 2023 12:37:33 +0000 (12:37 +0000)]
wordpress: Disable fail2ban health filter check

20 months agowordpress: update RewriteRule to recommendation
Grant Slater [Wed, 15 Mar 2023 12:03:18 +0000 (12:03 +0000)]
wordpress: update RewriteRule to recommendation

20 months agowordpress: enable CGIPassAuth
Grant Slater [Wed, 15 Mar 2023 12:02:27 +0000 (12:02 +0000)]
wordpress: enable CGIPassAuth

20 months agowordpress: add php-imagick
Grant Slater [Tue, 14 Mar 2023 17:51:37 +0000 (17:51 +0000)]
wordpress: add php-imagick

20 months agowordpress: install wordpress cli
Grant Slater [Tue, 14 Mar 2023 13:26:45 +0000 (13:26 +0000)]
wordpress: install wordpress cli

20 months agoSimplify generation of ACLs for munin and logstash
Tom Hughes [Mon, 13 Mar 2023 20:57:10 +0000 (20:57 +0000)]
Simplify generation of ACLs for munin and logstash

20 months agoSimplify named configuration
Tom Hughes [Mon, 13 Mar 2023 20:20:02 +0000 (20:20 +0000)]
Simplify named configuration

20 months agoAdd tools to block and unblock addresses
Tom Hughes [Sun, 12 Mar 2023 11:41:21 +0000 (11:41 +0000)]
Add tools to block and unblock addresses

20 months agoPreserve blocklists over firewall restarts
Tom Hughes [Sun, 12 Mar 2023 11:07:07 +0000 (11:07 +0000)]
Preserve blocklists over firewall restarts

20 months agoRemove unused template
Tom Hughes [Sun, 12 Mar 2023 11:01:59 +0000 (11:01 +0000)]
Remove unused template

20 months agoGeneralise configuration of firewall sets
Tom Hughes [Sat, 11 Mar 2023 14:45:43 +0000 (14:45 +0000)]
Generalise configuration of firewall sets

20 months agoFix newline suppression in ERB template
Tom Hughes [Sat, 11 Mar 2023 14:45:11 +0000 (14:45 +0000)]
Fix newline suppression in ERB template

20 months agoFix munin node configuration
Tom Hughes [Sat, 11 Mar 2023 14:34:10 +0000 (14:34 +0000)]
Fix munin node configuration

20 months agoRefactor firewall rules to simplify IPv4/IPv6 handling
Tom Hughes [Thu, 9 Mar 2023 18:26:46 +0000 (18:26 +0000)]
Refactor firewall rules to simplify IPv4/IPv6 handling

20 months agoMake sure database backups abort on error
Tom Hughes [Sat, 11 Mar 2023 07:51:44 +0000 (07:51 +0000)]
Make sure database backups abort on error