]> git.openstreetmap.org Git - chef.git/log
chef.git
12 months agoUse fail2ban to block bogus note searches
Tom Hughes [Sun, 3 Dec 2023 20:20:43 +0000 (20:20 +0000)]
Use fail2ban to block bogus note searches

12 months agoUse fail2ban to block hosts with repeated request timeouts
Tom Hughes [Sun, 3 Dec 2023 20:20:21 +0000 (20:20 +0000)]
Use fail2ban to block hosts with repeated request timeouts

12 months agoMove web site logging to global scope
Tom Hughes [Sun, 3 Dec 2023 18:54:21 +0000 (18:54 +0000)]
Move web site logging to global scope

12 months agoUpdate to osm-carto v5.8.0
Tom Hughes [Fri, 1 Dec 2023 19:07:35 +0000 (19:07 +0000)]
Update to osm-carto v5.8.0

Closes #639

12 months agonominatim: update Python packages
Sarah Hoffmann [Thu, 30 Nov 2023 16:34:15 +0000 (17:34 +0100)]
nominatim: update Python packages

12 months agochef: remove old verisign cert cleanup
Grant Slater [Thu, 30 Nov 2023 11:42:03 +0000 (11:42 +0000)]
chef: remove old verisign cert cleanup

12 months agoDrop legacy code used when converting chef to run on a timer
Tom Hughes [Thu, 30 Nov 2023 00:35:05 +0000 (00:35 +0000)]
Drop legacy code used when converting chef to run on a timer

12 months agoUse unix domain sockets for cgimap on the production servers
Tom Hughes [Thu, 30 Nov 2023 00:26:07 +0000 (00:26 +0000)]
Use unix domain sockets for cgimap on the production servers

12 months agoUse unix domain sockets for cgimap on the dev server
Tom Hughes [Thu, 30 Nov 2023 00:08:56 +0000 (00:08 +0000)]
Use unix domain sockets for cgimap on the dev server

12 months agocivi extension version bump, civix update org.openstreetmap.username & org.civicrm...
Guillaume RISCHARD [Wed, 29 Nov 2023 19:29:40 +0000 (14:29 -0500)]
civi extension version bump, civix update org.openstreetmap.username & org.civicrm.donotsendreportemail

12 months agocivi version bump
Guillaume RISCHARD [Wed, 29 Nov 2023 19:02:26 +0000 (14:02 -0500)]
civi version bump

12 months agoMerge remote-tracking branch 'github/pull/644'
Tom Hughes [Wed, 29 Nov 2023 11:50:44 +0000 (11:50 +0000)]
Merge remote-tracking branch 'github/pull/644'

12 months agoBump kitchen-dokken from 2.20.2 to 2.20.3
dependabot[bot] [Wed, 29 Nov 2023 11:39:40 +0000 (11:39 +0000)]
Bump kitchen-dokken from 2.20.2 to 2.20.3

Bumps [kitchen-dokken](https://github.com/test-kitchen/kitchen-dokken) from 2.20.2 to 2.20.3.
- [Release notes](https://github.com/test-kitchen/kitchen-dokken/releases)
- [Changelog](https://github.com/test-kitchen/kitchen-dokken/blob/main/CHANGELOG.md)
- [Commits](https://github.com/test-kitchen/kitchen-dokken/compare/v2.20.2...v2.20.3)

---
updated-dependencies:
- dependency-name: kitchen-dokken
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
12 months agoMerge remote-tracking branch 'github/pull/643'
Tom Hughes [Tue, 28 Nov 2023 11:58:42 +0000 (11:58 +0000)]
Merge remote-tracking branch 'github/pull/643'

12 months agoBump test-kitchen from 3.5.1 to 3.6.0
dependabot[bot] [Tue, 28 Nov 2023 11:56:33 +0000 (11:56 +0000)]
Bump test-kitchen from 3.5.1 to 3.6.0

Bumps [test-kitchen](https://github.com/test-kitchen/test-kitchen) from 3.5.1 to 3.6.0.
- [Release notes](https://github.com/test-kitchen/test-kitchen/releases)
- [Changelog](https://github.com/test-kitchen/test-kitchen/blob/main/CHANGELOG.md)
- [Commits](https://github.com/test-kitchen/test-kitchen/compare/v3.5.1...v3.6.0)

---
updated-dependencies:
- dependency-name: test-kitchen
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
12 months agoMerge remote-tracking branch 'github/pull/641'
Tom Hughes [Tue, 28 Nov 2023 10:20:02 +0000 (10:20 +0000)]
Merge remote-tracking branch 'github/pull/641'

12 months agoAdd test for chef cookbook
Grant Slater [Tue, 28 Nov 2023 04:17:08 +0000 (04:17 +0000)]
Add test for chef cookbook

12 months agochef: on Debian ARM use Ubuntu deb
Grant Slater [Tue, 28 Nov 2023 10:15:30 +0000 (10:15 +0000)]
chef: on Debian ARM use Ubuntu deb

12 months agoMerge remote-tracking branch 'github/pull/642'
Tom Hughes [Tue, 28 Nov 2023 08:19:53 +0000 (08:19 +0000)]
Merge remote-tracking branch 'github/pull/642'

12 months agochef: Remove ancient verisign 1024 root cert
Grant Slater [Tue, 28 Nov 2023 04:35:57 +0000 (04:35 +0000)]
chef: Remove ancient verisign 1024 root cert

12 months agoFix en.openstreetmap.town container
Grant Slater [Tue, 28 Nov 2023 03:52:35 +0000 (03:52 +0000)]
Fix en.openstreetmap.town container

12 months agoRemove accidentially added chef test
Grant Slater [Tue, 28 Nov 2023 03:52:09 +0000 (03:52 +0000)]
Remove accidentially added chef test

12 months agoAdd basic en.openstreetmap.town redirect service
Grant Slater [Tue, 28 Nov 2023 03:41:49 +0000 (03:41 +0000)]
Add basic en.openstreetmap.town redirect service

12 months agoConfigure doorkeeper keys for dev instances
Tom Hughes [Mon, 27 Nov 2023 22:41:25 +0000 (22:41 +0000)]
Configure doorkeeper keys for dev instances

12 months agoMerge remote-tracking branch 'github/pull/640'
Tom Hughes [Mon, 27 Nov 2023 12:20:29 +0000 (12:20 +0000)]
Merge remote-tracking branch 'github/pull/640'

12 months agoBump kitchen-dokken from 2.19.1 to 2.20.2
dependabot[bot] [Mon, 27 Nov 2023 12:03:34 +0000 (12:03 +0000)]
Bump kitchen-dokken from 2.19.1 to 2.20.2

Bumps [kitchen-dokken](https://github.com/test-kitchen/kitchen-dokken) from 2.19.1 to 2.20.2.
- [Release notes](https://github.com/test-kitchen/kitchen-dokken/releases)
- [Changelog](https://github.com/test-kitchen/kitchen-dokken/blob/main/CHANGELOG.md)
- [Commits](https://github.com/test-kitchen/kitchen-dokken/compare/v2.19.1...v2.20.2)

---
updated-dependencies:
- dependency-name: kitchen-dokken
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
12 months agoMove tilejson.json to html directory so it gets deployed
Tom Hughes [Sun, 26 Nov 2023 10:41:41 +0000 (10:41 +0000)]
Move tilejson.json to html directory so it gets deployed

12 months agoDrop support for old style tile server replication
Tom Hughes [Sun, 26 Nov 2023 10:41:02 +0000 (10:41 +0000)]
Drop support for old style tile server replication

12 months agoInstall g++ for knife
Tom Hughes [Sun, 26 Nov 2023 10:26:35 +0000 (10:26 +0000)]
Install g++ for knife

12 months agoSwitch remaining render servers to osm2pgsql replication
Tom Hughes [Sun, 26 Nov 2023 09:39:15 +0000 (09:39 +0000)]
Switch remaining render servers to osm2pgsql replication

12 months agoUse osm2pgsql for replication on bowser
Tom Hughes [Sat, 25 Nov 2023 14:10:30 +0000 (14:10 +0000)]
Use osm2pgsql for replication on bowser

12 months agoRun osm2pgsql replication in a loop instead of relying on Restart=always
Tom Hughes [Thu, 23 Nov 2023 00:39:40 +0000 (00:39 +0000)]
Run osm2pgsql replication in a loop instead of relying on Restart=always

12 months agoRun expiry as a separate service for osm2pgsql replication
Tom Hughes [Thu, 23 Nov 2023 00:10:51 +0000 (00:10 +0000)]
Run expiry as a separate service for osm2pgsql replication

12 months agoAllow osm2pgsql replication to write to tile directories
Tom Hughes [Wed, 22 Nov 2023 22:43:43 +0000 (22:43 +0000)]
Allow osm2pgsql replication to write to tile directories

12 months agoTrack sequence and timestamp of last update
Tom Hughes [Wed, 22 Nov 2023 22:39:37 +0000 (22:39 +0000)]
Track sequence and timestamp of last update

12 months agoFix tile directory switch for render_expired
Tom Hughes [Wed, 22 Nov 2023 22:36:33 +0000 (22:36 +0000)]
Fix tile directory switch for render_expired

12 months agoUse osm2pgsql for replication on balerion
Tom Hughes [Wed, 22 Nov 2023 22:22:56 +0000 (22:22 +0000)]
Use osm2pgsql for replication on balerion

12 months agoMerge remote-tracking branch 'github/pull/638'
Tom Hughes [Wed, 22 Nov 2023 22:08:55 +0000 (22:08 +0000)]
Merge remote-tracking branch 'github/pull/638'

12 months agoUpdate microsoft authentication ID
Tom Hughes [Tue, 21 Nov 2023 22:12:48 +0000 (22:12 +0000)]
Update microsoft authentication ID

12 months agoDon't allow mail relay via gateway hosts
Tom Hughes [Mon, 20 Nov 2023 14:59:14 +0000 (14:59 +0000)]
Don't allow mail relay via gateway hosts

12 months agoUse callout verification for domains we are relaying to
Tom Hughes [Mon, 20 Nov 2023 09:27:43 +0000 (09:27 +0000)]
Use callout verification for domains we are relaying to

12 months agoRevert "Use callout verification for domains we are relaying to"
Grant Slater [Mon, 20 Nov 2023 02:03:50 +0000 (02:03 +0000)]
Revert "Use callout verification for domains we are relaying to"

This reverts commit f59b522f292def10d39f5bb6e4fbe770add1b5c4.

13 months agoUse callout verification for domains we are relaying to
Tom Hughes [Sat, 18 Nov 2023 11:48:36 +0000 (11:48 +0000)]
Use callout verification for domains we are relaying to

13 months agohardware: add debian firmware-linux meta package
Grant Slater [Fri, 17 Nov 2023 22:04:15 +0000 (22:04 +0000)]
hardware: add debian firmware-linux meta package

13 months agoapt: add debian non-free-firmware repo
Grant Slater [Fri, 17 Nov 2023 21:53:26 +0000 (21:53 +0000)]
apt: add debian non-free-firmware repo

13 months agoUse gamin instead of inotify on Ubuntu
Tom Hughes [Fri, 17 Nov 2023 19:55:07 +0000 (19:55 +0000)]
Use gamin instead of inotify on Ubuntu

13 months agoEnsure python modules for log monitoring are installed for fail2ban
Tom Hughes [Fri, 17 Nov 2023 19:41:46 +0000 (19:41 +0000)]
Ensure python modules for log monitoring are installed for fail2ban

13 months agoDrop special casing of gen10 HP repo for Debian
Tom Hughes [Fri, 17 Nov 2023 19:26:46 +0000 (19:26 +0000)]
Drop special casing of gen10 HP repo for Debian

13 months agoUse debian 11 chef client on debian 12
Tom Hughes [Fri, 17 Nov 2023 19:02:46 +0000 (19:02 +0000)]
Use debian 11 chef client on debian 12

13 months agostateofthemap: add 2024
Grant Slater [Fri, 17 Nov 2023 13:53:38 +0000 (13:53 +0000)]
stateofthemap: add 2024

13 months agoAdd support for using osm2pgsql-replication on render servers
Tom Hughes [Thu, 16 Nov 2023 19:17:57 +0000 (19:17 +0000)]
Add support for using osm2pgsql-replication on render servers

13 months agoAllow cgimap to read issues and reports
Tom Hughes [Wed, 15 Nov 2023 17:51:31 +0000 (17:51 +0000)]
Allow cgimap to read issues and reports

13 months agoMerge remote-tracking branch 'github/pull/637'
Tom Hughes [Wed, 15 Nov 2023 17:39:55 +0000 (17:39 +0000)]
Merge remote-tracking branch 'github/pull/637'

13 months agoEnable upload rate limiting for cgimap
Tom Hughes [Wed, 15 Nov 2023 17:22:16 +0000 (17:22 +0000)]
Enable upload rate limiting for cgimap

13 months agoBump test-kitchen from 3.5.0 to 3.5.1
dependabot[bot] [Wed, 15 Nov 2023 11:12:44 +0000 (11:12 +0000)]
Bump test-kitchen from 3.5.0 to 3.5.1

Bumps [test-kitchen](https://github.com/test-kitchen/test-kitchen) from 3.5.0 to 3.5.1.
- [Release notes](https://github.com/test-kitchen/test-kitchen/releases)
- [Changelog](https://github.com/test-kitchen/test-kitchen/blob/main/CHANGELOG.md)
- [Commits](https://github.com/test-kitchen/test-kitchen/compare/v3.5.0...v3.5.1)

---
updated-dependencies:
- dependency-name: test-kitchen
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
13 months agoSet SECRET_KEY_BASE when delivering messages from email
Tom Hughes [Mon, 13 Nov 2023 18:57:13 +0000 (18:57 +0000)]
Set SECRET_KEY_BASE when delivering messages from email

13 months agoSet SECRET_KEY_BASE_DUMMY for the statistics script
Tom Hughes [Thu, 9 Nov 2023 00:23:13 +0000 (00:23 +0000)]
Set SECRET_KEY_BASE_DUMMY for the statistics script

13 months agoSet SECRET_KEY_BASE for rails job runners
Tom Hughes [Wed, 8 Nov 2023 19:05:47 +0000 (19:05 +0000)]
Set SECRET_KEY_BASE for rails job runners

13 months agoSet SECRET_KEY_BASE_DUMMY when building assets
Tom Hughes [Wed, 8 Nov 2023 18:54:44 +0000 (18:54 +0000)]
Set SECRET_KEY_BASE_DUMMY when building assets

13 months agoSet memory limits for user slices on the dev server
Tom Hughes [Wed, 8 Nov 2023 18:48:23 +0000 (18:48 +0000)]
Set memory limits for user slices on the dev server

13 months agoDisable RemoveIPC for reindex services
Tom Hughes [Sun, 5 Nov 2023 15:11:21 +0000 (15:11 +0000)]
Disable RemoveIPC for reindex services

13 months agoEnable cgimap with ratelimit-upload option for tomh dev site
Tom Hughes [Sat, 4 Nov 2023 15:26:38 +0000 (15:26 +0000)]
Enable cgimap with ratelimit-upload option for tomh dev site

13 months agoInstall libxml-twig-perl on the dev server
Tom Hughes [Fri, 3 Nov 2023 17:15:49 +0000 (17:15 +0000)]
Install libxml-twig-perl on the dev server

13 months agoUse sql_exporter to monitor rails queue lengths
Tom Hughes [Thu, 2 Nov 2023 18:40:08 +0000 (18:40 +0000)]
Use sql_exporter to monitor rails queue lengths

13 months agoAdd support for using sql_exporter to query postgres
Tom Hughes [Thu, 2 Nov 2023 18:19:39 +0000 (18:19 +0000)]
Add support for using sql_exporter to query postgres

13 months agoDrop rails71 dev site
Tom Hughes [Thu, 2 Nov 2023 11:39:44 +0000 (11:39 +0000)]
Drop rails71 dev site

13 months agodiscourse: increase smtp timeouts
Grant Slater [Wed, 1 Nov 2023 21:54:15 +0000 (21:54 +0000)]
discourse: increase smtp timeouts

13 months agoDrop alertmanager API block
Tom Hughes [Wed, 1 Nov 2023 20:27:28 +0000 (20:27 +0000)]
Drop alertmanager API block

The whole of alertmanager is IP restricted anyway.

13 months agoAllow domain level blocks on email senders
Tom Hughes [Wed, 1 Nov 2023 09:02:35 +0000 (09:02 +0000)]
Allow domain level blocks on email senders

13 months agoRevert "Allow domain level blocks on email senders"
Grant Slater [Wed, 1 Nov 2023 16:57:40 +0000 (16:57 +0000)]
Revert "Allow domain level blocks on email senders"

This reverts commit a54ccb43f33b675eed9ff85da0eebc951f0558c0.

13 months agoAllow domain level blocks on email senders
Tom Hughes [Wed, 1 Nov 2023 09:02:35 +0000 (09:02 +0000)]
Allow domain level blocks on email senders

13 months agoplanet: allow redirect to eu or us bucket for all years
Grant Slater [Mon, 30 Oct 2023 13:45:31 +0000 (13:45 +0000)]
planet: allow redirect to eu or us bucket for all years

13 months agoplanet: wait for s3 replication to complete
Grant Slater [Mon, 30 Oct 2023 13:41:52 +0000 (13:41 +0000)]
planet: wait for s3 replication to complete

13 months agoplanet: add S3 buckets to torrents
Grant Slater [Mon, 30 Oct 2023 11:18:30 +0000 (11:18 +0000)]
planet: add S3 buckets to torrents

13 months agoplanet: first copy to s3
Grant Slater [Mon, 30 Oct 2023 10:55:01 +0000 (10:55 +0000)]
planet: first copy to s3

13 months agoConfigure moderator limits for cgimap explicitly
Tom Hughes [Mon, 30 Oct 2023 12:46:24 +0000 (12:46 +0000)]
Configure moderator limits for cgimap explicitly

13 months agopodman: workaround ubuntu 22.04 crun bug
Grant Slater [Sat, 28 Oct 2023 22:01:58 +0000 (23:01 +0100)]
podman: workaround ubuntu 22.04 crun bug

13 months agopodman: avoid starting and immediate restart on first run
Grant Slater [Fri, 27 Oct 2023 21:11:28 +0000 (22:11 +0100)]
podman: avoid starting and immediate restart on first run

13 months agocivicrm + extensions version bump
Guillaume RISCHARD [Thu, 26 Oct 2023 20:08:52 +0000 (16:08 -0400)]
civicrm + extensions version bump

13 months agoInstall libbytes-random-secure-perl on the dev server
Tom Hughes [Thu, 26 Oct 2023 14:33:42 +0000 (15:33 +0100)]
Install libbytes-random-secure-perl on the dev server

13 months agodns: bump dnscontrol to v4.6.0
Grant Slater [Wed, 25 Oct 2023 08:22:39 +0000 (09:22 +0100)]
dns: bump dnscontrol to v4.6.0

13 months agoPublish global state for changesets after local state
Tom Hughes [Tue, 24 Oct 2023 06:08:41 +0000 (07:08 +0100)]
Publish global state for changesets after local state

13 months agoplanet: also sync to s3 changeset state config file
Grant Slater [Tue, 24 Oct 2023 06:03:05 +0000 (07:03 +0100)]
planet: also sync to s3 changeset state config file

13 months agoUse S3 as the source for replication diffs for render servers
Tom Hughes [Sun, 22 Oct 2023 18:36:17 +0000 (19:36 +0100)]
Use S3 as the source for replication diffs for render servers

13 months agoplanet: cleanup redirects and add replication diff redirects
Grant Slater [Sun, 22 Oct 2023 19:14:06 +0000 (20:14 +0100)]
planet: cleanup redirects and add replication diff redirects

13 months agoAvoid double call to ip2region; consolidate rewrite conditions
Guillaume Rischard [Sat, 21 Oct 2023 16:51:38 +0000 (12:51 -0400)]
Avoid double call to ip2region; consolidate rewrite conditions

13 months agoUse dual stack (IPv4/IPv6) S3 endpoints for public-facing planet
Guillaume Rischard [Sat, 21 Oct 2023 16:25:09 +0000 (12:25 -0400)]
Use dual stack (IPv4/IPv6) S3 endpoints for public-facing planet

Fixes https://github.com/openstreetmap/operations/issues/983

13 months agoSwitch palulukon to use postgres 16
Tom Hughes [Sat, 21 Oct 2023 23:04:07 +0000 (00:04 +0100)]
Switch palulukon to use postgres 16

13 months agoMake prometheus backup service fail on error
Tom Hughes [Sat, 21 Oct 2023 14:07:49 +0000 (15:07 +0100)]
Make prometheus backup service fail on error

13 months agoAllow prometheus backup server to acess AWS cache
Tom Hughes [Sat, 21 Oct 2023 14:07:22 +0000 (15:07 +0100)]
Allow prometheus backup server to acess AWS cache

13 months agoSilence curl progress messages
Tom Hughes [Sat, 21 Oct 2023 14:06:25 +0000 (15:06 +0100)]
Silence curl progress messages

13 months agoEnable prometheus backup timer
Tom Hughes [Sat, 21 Oct 2023 14:05:34 +0000 (15:05 +0100)]
Enable prometheus backup timer

13 months agoMerge remote-tracking branch 'github/pull/631'
Tom Hughes [Sat, 21 Oct 2023 14:03:25 +0000 (15:03 +0100)]
Merge remote-tracking branch 'github/pull/631'

13 months agoBackup prometheus data to S3
Tom Hughes [Sat, 21 Oct 2023 11:51:32 +0000 (12:51 +0100)]
Backup prometheus data to S3

13 months agoDisable progress messages for osm2pgsql
Tom Hughes [Sat, 21 Oct 2023 10:52:13 +0000 (11:52 +0100)]
Disable progress messages for osm2pgsql

13 months agoSwitch piasa to use postgres 16
Tom Hughes [Fri, 20 Oct 2023 23:42:38 +0000 (00:42 +0100)]
Switch piasa to use postgres 16

13 months agoplanet: increase AWS upload max_bandwidth
Grant Slater [Fri, 20 Oct 2023 11:19:13 +0000 (12:19 +0100)]
planet: increase AWS upload max_bandwidth

14 months agoEnable prometheus admin API
Tom Hughes [Thu, 19 Oct 2023 20:19:45 +0000 (21:19 +0100)]
Enable prometheus admin API

14 months agoMake prometheus API blocks work
Tom Hughes [Thu, 19 Oct 2023 20:15:27 +0000 (21:15 +0100)]
Make prometheus API blocks work

14 months agoBlock external access to prometheus admin API
Tom Hughes [Thu, 19 Oct 2023 19:47:09 +0000 (20:47 +0100)]
Block external access to prometheus admin API