rtyler
/
infra-puppet
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
466 Commits 4 Branches 0 Tags 6.1 MiB
Commit Graph

466 Commits

Author SHA1 Message Date
Kohsuke Kawaguchi ae887c46c9 Serve PGP public key over HTTPS to establish the chain of trust. 2014-01-15 16:02:20 -08:00
Kohsuke Kawaguchi 51fd4bc550 The shorter TTL was for Contegix data center migration. 
Now that it is long over, setting TTL back to the normal value
 2013-11-17 09:18:49 -08:00
Kohsuke Kawaguchi 7dec749c22 DKIM deployment verified. 
Reverting TTL to more sane number
 2013-11-17 09:18:06 -08:00
Kohsuke Kawaguchi 2b83879fc5 publishing DKIM key for eggplant 2013-11-17 09:02:46 -08:00
Kohsuke Kawaguchi cf691c0ead deploying DKIM to eggplant 2013-11-17 08:59:34 -08:00
Kohsuke Kawaguchi 1193ef3ac7 defined another flavor we use 2013-11-17 08:58:12 -08:00
Kohsuke Kawaguchi c1ba2ad34b exim4 tries to read this file after it does setuid 
So the file needs to be readable to 'Debian-exim4' user
 2013-11-17 08:57:55 -08:00
Kohsuke Kawaguchi cb7a88c522 for portability in other hosts, not listing 'eggplant.jenkins-ci.org' 
according to http://manpages.ubuntu.com/manpages/hardy/man8/update-exim4.conf.8.html,
dc_other_hostnames specify the local domains. Since we aren't using eggplant.jenkins-ci.org as a valid host name portion of any e-mail address, this change should be safe.
 2013-11-17 08:56:14 -08:00
Kohsuke Kawaguchi 4c85f5d6d3 taken as-is from eggplant 2013-11-17 08:55:03 -08:00
Kohsuke Kawaguchi 530ddb5f1b don't let local modifications from blocking puppet apply. 
If a local workspace is modified intentionally or unintentionally,
"git pull" will refuse to overwrite local changes with what's in
the repo, and puppet application will block forever.

It'd be much better to automatically correct this situation,
especially given that we have no ability to detect failures
to apply puppet configuration currently.

This has a risk of overwriting local changes anyone is making
on that box, but one is not supposed to do that anyway!
 2013-11-17 08:37:14 -08:00
Kohsuke Kawaguchi b9be900ae4 Typo 2013-11-17 08:33:32 -08:00
Kohsuke Kawaguchi 7701fd743b added my new module 2013-11-17 08:33:03 -08:00
Kohsuke Kawaguchi d03d24ee4d applying DKIM setting on cucumber 2013-11-17 08:21:57 -08:00
Kohsuke Kawaguchi cee28ad34a let's also generate key in puppet as well 
... since we are doing per-host key
 2013-11-17 08:21:57 -08:00
Kohsuke Kawaguchi 4ba85c9477 fixing up loose ends with exim4 configuration 2013-11-17 08:21:57 -08:00
Kohsuke Kawaguchi e9477c1320 need to load local modules as well. 
Does this mean no one has been testing stuff with Vagrant!?
 2013-11-17 08:21:57 -08:00
Kohsuke Kawaguchi 63f3d27558 split exim4 config into DKIM portion and self-routing portion 2013-11-17 08:21:57 -08:00
Kohsuke Kawaguchi 320c45b89f On 2nd thought, there's nothing cucumber specific about this. 
This configuration would be appliable to any hosts that route e-mails by themselves.
 2013-11-17 08:21:56 -08:00
Kohsuke Kawaguchi 294cac2ef7 taken as-is from the current /etc/exim4/update-exim4.conf.conf 2013-11-17 08:21:56 -08:00
Kohsuke Kawaguchi bd77b0430b Adding DKIM record for cucumber's public key 
The key is located in /etc/exim4/dkim-cucumber.key and .pub and
they are not a part of the puppet definition.
 2013-11-17 08:21:56 -08:00
Kohsuke Kawaguchi ea5abc43d7 Documenting a bit more for myself in the future 2013-11-16 13:45:29 -08:00
Kohsuke Kawaguchi 09ee3b4334 Deploying SPF records 
Hopefully this helps Google groups to handle e-mails from JIRA correctly
 2013-11-16 13:36:44 -08:00
Kohsuke Kawaguchi 22c1fef871 Tomcat isn't smart enough to handle stale PID file, so we do it for Tomcat 2013-11-03 22:09:02 -08:00
Kohsuke Kawaguchi b2d74673b6 direct people to the startup log file 2013-11-03 22:08:08 -08:00
Kohsuke Kawaguchi 3c7233d98d This expression would match more than just "puppet". 
Example:

root@eggplant:~/infra-puppet# gem list | grep puppet
librarian-puppet (0.9.9)
root@eggplant:~/infra-puppet# gem uninstall -ax puppet facter
ERROR:  While executing gem ... (Gem::InstallError)
    cannot uninstall, check `gem list -d puppet`
 2013-11-03 21:58:43 -08:00
Kohsuke Kawaguchi fcb1435756 Deploy Tomcat manager alongside Confluence. 
I'm trying to invalidate all the current HTTP sessions to fight
active spammers. Even after we lock the user in LDAP, Confluence
still happily accepts edits from the said user until the session
expires.
 2013-11-03 21:54:40 -08:00
Kohsuke Kawaguchi dc710bf5f5 Committing the updated file 
... as a result of my adding a new module
 2013-10-02 17:02:29 -07:00
Kohsuke Kawaguchi a0975fc366 adding short-cut for referencing pull request. 
I'm going to use this from Confluence
 2013-10-02 16:51:13 -07:00
Kohsuke Kawaguchi 477b459d47 indentation fix. TAB->WS 2013-10-02 16:49:59 -07:00
Kohsuke Kawaguchi ee73e1cfbc renamed apache site configuration files to the same consistent name 2013-10-02 16:46:56 -07:00
Kohsuke Kawaguchi f9e7f597d5 converting the main site configuration file into Puppet 2013-10-02 16:45:31 -07:00
Kohsuke Kawaguchi 3e3b5685b2 This needs to be run as bash 
"exec > >(tee ..)" isn't in /bin/sh
 2013-07-22 16:42:46 -07:00
R. Tyler Croy 95ce11942f There's a dot in my zone file! 2013-07-21 13:23:41 -07:00
R. Tyler Croy 6c09826e8b Add an ldap.jenkins-ci.org CNAME for convenience 2013-07-21 13:17:00 -07:00
R. Tyler Croy b51b9ec7c4 Update cucumber A record to point to the new host 2013-07-21 13:16:02 -07:00
R. Tyler Croy 28d5d2b5dd Missed an A record to update, whoops 2013-07-21 08:40:09 -07:00
R. Tyler Croy 45ce7f439d Switch hosts over to the gherkin CNAME 2013-07-21 01:46:16 -07:00
R. Tyler Croy 4dab1be759 Move jekyll.jenkins-ci.org to run as a GitHub Pages repo 2013-07-20 13:55:01 -07:00
R. Tyler Croy 2a3dc62cdd Update the Vagrantfile to default to precise images for testing 2013-07-20 13:55:01 -07:00
R. Tyler Croy 75af78b712 Add ruby-devel package to kale so it can build librarian-puppet properly 
Really, it's the json gem's native extensions that require ruby-devel
 2013-07-20 13:55:01 -07:00
R. Tyler Croy 70b886ce2c Newer versions of puppetlabs-ntp don't need the ensure present 2013-07-20 12:11:44 -07:00
R. Tyler Croy 4ef4657d8a Remove Vagrant from the Gemfile, it's now distributed via system packages 
Get it here <http://downloads.vagrantup.com/>
 2013-07-20 10:53:35 -07:00
R. Tyler Croy 27bfa4520d Drop the TTL for all the CNAME records that point to cucumber 2013-07-19 09:35:30 -07:00
R. Tyler Croy 916ce46461 Add a new A record for the new home for cucumber at Contegix's new facility 2013-07-19 09:31:49 -07:00
R. Tyler Croy de08dffc42 Actually install modules from librarian-puppet; oops. 2013-06-30 21:26:52 -07:00
R. Tyler Croy e0aa5729a4 Add HERO MODE to the Blimpfile for spinning up a number of machines to test manifests on. 
Also an effective way to spend money on AWS.
 2013-06-30 21:25:03 -07:00
R. Tyler Croy a0e0ba395d Correct the Rakefile's lint target for the new local-modules tree 2013-06-30 20:10:38 -07:00
R. Tyler Croy e264899063 Change the dependency on the puppet module to hit Puppet Forge 2013-06-30 20:10:17 -07:00
R. Tyler Croy 14bd52795f Rework the run script to ensure librarian-puppet is installed 
Also including some clever shell tricks to dump output into stdout and the logfile
 2013-06-30 19:44:43 -07:00
R. Tyler Croy 790fcaa13c Add all the local modules back into the tree with librarian-puppet 2013-06-30 19:44:43 -07:00