diff options
Diffstat (limited to 'deployment')
27 files changed, 163 insertions, 140 deletions
diff --git a/deployment/access_classes/manifests/committers.pp b/deployment/access_classes/manifests/committers.pp index cf73f373..37c0e266 100644 --- a/deployment/access_classes/manifests/committers.pp +++ b/deployment/access_classes/manifests/committers.pp @@ -5,7 +5,7 @@ class access_classes::committers { # user, and erase the password ( see pam_auth.c in openssh code, # seek badpw ) # so the file must exist - # permission to use svn, git, etc must be added separatly + # permission to use svn, git, etc must be added separately class { 'pam::multiple_ldap_access': access_classes => ['mga-shell_access'], diff --git a/deployment/common/manifests/base_packages.pp b/deployment/common/manifests/base_packages.pp index 091e7c3e..2d7d57d0 100644 --- a/deployment/common/manifests/base_packages.pp +++ b/deployment/common/manifests/base_packages.pp @@ -16,7 +16,7 @@ class common::base_packages { 'iotop', 'wget'] - if $::architecture == 'x86_64' { + if $facts['architecture'] == 'x86_64' { package { ['mcelog']: } } diff --git a/deployment/common/manifests/default_ssh_root_key.pp b/deployment/common/manifests/default_ssh_root_key.pp index 65c38fa4..ab17466d 100644 --- a/deployment/common/manifests/default_ssh_root_key.pp +++ b/deployment/common/manifests/default_ssh_root_key.pp @@ -69,6 +69,7 @@ class common::default_ssh_root_key { } ssh_authorized_key { 'ssh_key_neoclust': + ensure => 'absent', type => 'ssh-rsa', key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDGyI8oIP8SgahPbMZ04Msr/vnI2gf4yx//QhEnZv8b++WIH0oibfK8g5Lz4HXReJRHzNXN1EhKQXoClgAKwv7zqkTLxV44tVcz8cwvfldkKNB+QxfL74JgsxCyNW8mpJdrJ71kbkT4Jt6AxeEd10ltQyqT7QDQMM7fxH8dbOCMcc7jtgOqwPXLy7hEumqkYxNuMxjrAbiDk2Nx0ddP2Ta4NJjSsGzUzSPsGhLVCO3+Wv6Ymss9Vacbe684ERwqz6odi5ZX0utfXXNphqqAckKCxurrI+LoWzt9MgWtR9iJC1joVDqRbggNm6bNNPZIdhmi5/yJrk3x7qwXb7uQNiE7', } @@ -83,4 +84,8 @@ class common::default_ssh_root_key { key => 'AAAAB3NzaC1yc2EAAAABIwAAAQEAsB/PAEQJE/M5c3keyef6rKQvCtTk5cdw6ujXl6n8G7D7Q6h4IgIccd5mYcBU7ij2S5N3lfOQmKJqf2Pa5pByLfXlQnhCLzsgL9X45WJmpsoVK1MzjDY8iY+aL/74tj3wiMzuzAAwwpE3EftyfscxhSwf2e11B3qDzVRmNnxPVKlm85nTygnrZ0ag4nOC6O4yC3Hh1ULhKGtNAsGNF2yRGs7IcN9ytcVhGF3WGJfRI2c2kIuKW/lXxeE04sWWb+k019ys4ah0iQoLja6xVSHgxbVlm3oDz+mGGsPtoSvtoWpvF3q9FKqGclJpboWRMo3jyP6yDRVcTMXUSONmq3N8uw==', } + ssh_authorized_key { 'ssh_key_danf': + type => 'ssh-rsa', + key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQCgWFg4EsUkZ5uh34ScVbfwhVdP7kTLRwsojeF+DgmwXSPbM9NUxiCmyFrHuh3m6bxG3BPMwrDskqUrQ3z/5WX6dB/CzSP/j03EkslzaE7eTzIpGt/vKIuZHR+4Z9FZcY1pyoI44rdgW5MVC+yBoJkvBerOkvNzfiRSfQ9R4eopPNTif3vb4MP/cFzFfa3o8NMqHxhgGFhF945NlzCUmnec13sNggx1wGNFHMpWttSaQ0izgvSdb61WSswNnCjBF5t3oyh7DgI80TN/XfXfDWZPjkQUzLrh9inuPollAWfreeInoCmF8ou268efaRoSfRMZ3qdRkJLDDy2Os8eL/d3d', + } } diff --git a/deployment/common/manifests/export_ssh_keys.pp b/deployment/common/manifests/export_ssh_keys.pp index 55b8f33b..f8896e7a 100644 --- a/deployment/common/manifests/export_ssh_keys.pp +++ b/deployment/common/manifests/export_ssh_keys.pp @@ -1,7 +1,7 @@ class common::export_ssh_keys { - @@sshkey { $::fqdn: + @@sshkey { $facts['fqdn']: type => 'rsa', - key => $::sshrsakey, - host_aliases => [$::ipaddress,$::hostname], + key => $facts['sshrsakey'], + host_aliases => [$facts['ipaddress'],$facts['hostname']], } } diff --git a/deployment/common/manifests/i18n.pp b/deployment/common/manifests/i18n.pp index 7df46089..43b1fc3a 100644 --- a/deployment/common/manifests/i18n.pp +++ b/deployment/common/manifests/i18n.pp @@ -1,7 +1,7 @@ class common::i18n { package { 'locales-en': } - # push the locale everywhere, as it affect facter + # push the locale everywhere, as it affects facter file { '/etc/sysconfig/i18n': content => template('common/i18n'), } diff --git a/deployment/dns/templates/2.1.0.0.0.0.0.1.b.0.e.0.1.0.a.2.ip6.arpa.zone b/deployment/dns/templates/2.1.0.0.0.0.0.1.b.0.e.0.1.0.a.2.ip6.arpa.zone index 166408b4..8ab67138 100644 --- a/deployment/dns/templates/2.1.0.0.0.0.0.1.b.0.e.0.1.0.a.2.ip6.arpa.zone +++ b/deployment/dns/templates/2.1.0.0.0.0.0.1.b.0.e.0.1.0.a.2.ip6.arpa.zone @@ -1,10 +1,10 @@ $TTL 3D @ IN SOA ns0.mageia.org. root.mageia.org. ( - 2012110200 ; Serial + 2024090202 ; Serial 3600 ; Refresh 3600 ; Retry - 2419200 ; Expire - 86400 ; Minimum TTL + 3600000 ; Expire + 3600 ; Minimum TTL ) ; nameservers diff --git a/deployment/dns/templates/7.0.0.0.2.0.0.0.8.7.1.2.2.0.a.2.ip6.arpa.zone b/deployment/dns/templates/7.0.0.0.2.0.0.0.8.7.1.2.2.0.a.2.ip6.arpa.zone index 6dfee4ff..b163a61e 100644 --- a/deployment/dns/templates/7.0.0.0.2.0.0.0.8.7.1.2.2.0.a.2.ip6.arpa.zone +++ b/deployment/dns/templates/7.0.0.0.2.0.0.0.8.7.1.2.2.0.a.2.ip6.arpa.zone @@ -1,10 +1,10 @@ $TTL 3D @ IN SOA ns0.mageia.org. root.mageia.org. ( - 2019070601 ; Serial + 2026021002 ; Serial 3600 ; Refresh 3600 ; Retry - 2419200 ; Expire - 86400 ; Minimum TTL + 3600000 ; Expire + 3600 ; Minimum TTL ) ; nameservers @@ -13,7 +13,11 @@ $TTL 3D 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR gw-ipv6.mageia.org. 4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR ecosse.mageia.org. -6.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR fiona.mageia.org. 7.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR sucuk.mageia.org. 8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR rabbit.mageia.org. 9.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR duvel.mageia.org. +a.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR garcimore.mageia.org. +b.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR houdini.mageia.org. +c.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR mandrake.mageia.org. +d.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR webb.mageia.org. +e.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR melies.mageia.org. diff --git a/deployment/dns/templates/mageia.org.zone b/deployment/dns/templates/mageia.org.zone index ff8e31b6..9314afc3 100644 --- a/deployment/dns/templates/mageia.org.zone +++ b/deployment/dns/templates/mageia.org.zone @@ -7,10 +7,10 @@ ; $Id$ $TTL 30m @ IN SOA ns0.mageia.org. root.mageia.org. ( - 2024040801 ; Serial + 2026021001 ; Serial 7200 ; Refresh 3600 ; Retry - 86400 ; Expire + 3600000 ; Expire 300 ; Minimum TTL ) @@ -21,11 +21,24 @@ $TTL 30m @ IN MX 10 sucuk.mageia.org. @ IN MX 20 neru.mageia.org. +; DKIM for mageia.org +sucuk._domainkey IN TXT "v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGH25Jb2Al84XlTfSWuqZL8f6K6b+QhJjvV3zbF1/t31WmLwEt0So+p3FbFeKmaq/e0nJ+wKteTSVZsl3xwux+MaARKJDpEXslEgy+ojCedWqqpP6xLUjPuYPimGPljwkLwDoJxwvjiLa2POebec7C+R/nzaGm2nnTFwYQomqlvQIDAQAB" +sucuk._domainkey.group IN TXT "v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBRrdmAaYpDBHCtzkephaLX9LrMFJvgq84dS0ogTIb0xD32qxQF69FU/gEUlfTjzJooTJQC3PK7R3oLnfoWttMlbHCGg/llSfoSI0gD/4UolZokzWZY3qdqMz+zKi9+bfjz0y4Fwx5EPyda1ihHhVB6c+wq6cekhDNOH8PHhO74QIDAQAB" +sucuk._domainkey.duvel IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHYgFMZTHMYlymX0WJ17ZvgchABE+5O/c6np1gj5sBV2BPIJGs+h/i+Iq6jLYVhSOWEI+6wQKza/8r3Vr4ddi3/UPDzllfqMnKsbPHC/LscyIkQmpNiO2n0nIUhKbuVU1SsRC1B8svO9iNmEjg33/lrLiaV3DtDbGr0ozmBmeFVwIDAQAB" +sucuk._domainkey.forums IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEVhhONroS/ayEPs+9fmom34EWsny7asKVxIuyJh8EzvPJmx6ODYtX/tN1ul++3xoFNHeAe5YSSGyK+7EgJ5E5wlhw6FwnHPnYp/eMsShDI2dyfYsQnS2Yc1VXkI9s83ZWaVTL9uPRDETMKDIF+QjljFQZAN+eaH55q9u3EZRrWwIDAQAB" +sucuk._domainkey.identity IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBv4aqFb9cQQkPB30zRfCtcquWKsP5G2Nhh3HSEdN0fFvOegQnGykuGq6lDED9iJuiNSVGO2cjtWtFTwX3+1/W1AW7pmaUD7U9HzPoZgxGPWtvFcJ/tZ1mjKNoGaPa5vLaVpXwxNKjPUCI+w2t5cM8JPnemW1Vm/LeEJ0XLE0InwIDAQAB" +sucuk._domainkey.madb IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDI9WOO3aRQLLnXc08q9HP15VY79TQZR5GqdBcYu0H+jAiuR+OKz6NUSNoYdeNQ4FSvrz27elW6thNcKQg4wYNT4tsJ8d4OU5ScFcrPJszPucVyMpkl/ybCgVq0CmXgOh1yXYwl2YY4AfzUQ6skpTE5G2abIWBvPOvs8Q92vYJ1nwIDAQAB" +sucuk._domainkey.rabbit IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZYdG5dEd0CHAYGPRG+OXm2gJTDVpjmsKkn5+4BISToAOXXyogRcJN/P6oPySlG+CyUl5PW/2nBIiiUfHNKxVSa9gPO3vS0nlEppSHulkhth4deNu8YXRgJQp31IgaD0/Cbu7CKcDJbxTKGdnMV7XPKoIxB/Mjn0TxUS+WC2WY6QIDAQAB" +sucuk._domainkey.sucuk IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDdzn4W4Tl4sJ0pfhktNVlWRYFXnIwaMENqmi2vgc/P8M/zVxysVuWPcEwhy+IiVT8tMleXMt9dreErzJS+8ZmMd8oTqRXM55ZzRuBtqiecKnbIrXpecYUhh+2o0BMouTRHZvrPK5PV6Y2PrXkXwLF8qOS/eslZDk7hLRk2XBVDWwIDAQAB" +sucuk._domainkey.ml IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4uPUsb1kvNCXT1AsEBldhU/9akmeRrRHOQtI8g60K+y2fRRur5l+TJDZ/+bnyVS69AMhyfeWEaWGhQytvmkKZBQyHZ6JzS2him+HT/x7xCYOHlQ5vixy0t4jYqbYZ04pdokJ4jcJ3pU7CFisgzk2Ln7HA4JDD1Dc+kCYbOvivtQIDAQAB" +sucuk._domainkey.neru IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4uPUsb1kvNCXT1AsEBldhU/9akmeRrRHOQtI8g60K+y2fRRur5l+TJDZ/+bnyVS69AMhyfeWEaWGhQytvmkKZBQyHZ6JzS2him+HT/x7xCYOHlQ5vixy0t4jYqbYZ04pdokJ4jcJ3pU7CFisgzk2Ln7HA4JDD1Dc+kCYbOvivtQIDAQAB" + ; TODO use a loop here ml IN MX 10 sucuk.mageia.org. ml IN MX 20 neru.mageia.org. ; Sender Policy Framework for mailing lists & some automated mails +@ IN TXT "v=spf1 include:smtp.dnamail.fi mx ~all" ml IN TXT "v=spf1 mx ~all" group IN TXT "v=spf1 mx ~all" @@ -65,7 +78,9 @@ mageia.org. IN A <%= nodes['neru']['ipv4'] %> mageia.org. IN AAAA <%= nodes['neru']['ipv6'] %> ; madb on mageia.madb.org -madb IN A 163.172.201.211 +;madb IN A 163.172.201.211 +; temporarily for hosting a redirect while the real madb is down +madb IN CNAME neru ; since we have a subdomain, we cannot use a CNAME ml IN A <%= nodes['sucuk']['ipv4'] %> @@ -105,6 +120,7 @@ epoll IN CNAME sucuk forums IN CNAME sucuk forum IN CNAME sucuk +send IN CNAME sucuk bugs IN CNAME sucuk check IN CNAME sucuk gitweb IN CNAME sucuk @@ -128,27 +144,14 @@ ecosse1 IN CNAME ecosse rabbit0 IN CNAME rabbit rabbit1 IN CNAME rabbit rabbit2 IN CNAME rabbit -ec2aa1-a IN CNAME ec2aa1 -ec2aa1-b IN CNAME ec2aa1 -ec2aa2-a IN CNAME ec2aa2 -ec2aa2-b IN CNAME ec2aa2 -ec2aa3-a IN CNAME ec2aa3 -ec2aa3-b IN CNAME ec2aa3 -ec2x1-a IN CNAME ec2x1 -ec2x1-b IN CNAME ec2x1 -ec2x2-a IN CNAME ec2x2 -ec2x2-b IN CNAME ec2x2 -pktaa1-a IN CNAME pktaa1 -pktaa1-b IN CNAME pktaa1 -pktaa1-c IN CNAME pktaa1 -pktaa1-d IN CNAME pktaa1 -pktaa1-e IN CNAME pktaa1 -pktaa1-f IN CNAME pktaa1 ociaa1-a IN CNAME ociaa1 ociaa1-b IN CNAME ociaa1 ociaa1-c IN CNAME ociaa1 ociaa2-a IN CNAME ociaa2 ociaa2-b IN CNAME ociaa2 ociaa2-c IN CNAME ociaa2 +ncaa1-a IN CNAME ncaa1 +ncaa1-b IN CNAME ncaa1 +ncaa1-c IN CNAME ncaa1 <%# vim: set filetype=bindzone : -%> diff --git a/deployment/lists/manifests/init.pp b/deployment/lists/manifests/init.pp index ea26557e..34958639 100755 --- a/deployment/lists/manifests/init.pp +++ b/deployment/lists/manifests/init.pp @@ -33,7 +33,8 @@ class lists { } sympa::list::public {'basesystem': - subject => 'Developement discussion list about mageia basesystem', + subject => 'Development discussion list about mageia basesystem', + sender_email => [ "bugzilla_noreply@ml.${::domain}" ], topics => 'developers', } @@ -50,7 +51,7 @@ class lists { } sympa::list::public {'dev': - subject => 'Developement discussion list', + subject => 'Development discussion list', topics => 'developers', } @@ -60,7 +61,8 @@ class lists { } sympa::list::public {'gnome': - subject => 'Developement discussion list about mageia Gnome integration', + subject => 'Development discussion list about mageia Gnome integration', + sender_email => [ "bugzilla_noreply@ml.${::domain}" ], topics => 'developers', } @@ -81,8 +83,8 @@ class lists { reply_to => "i18n-discuss@ml.${::domain}", sender_subscriber => true, sender_email => [ - 'r2d2@vargas.calenco.com', - "blog@${::domain}", + # 'r2d2@vargas.calenco.com', + # "blog@${::domain}", "root@${::domain}", "subversion_noreply@ml.${::domain}", ], @@ -177,42 +179,49 @@ class lists { } sympa::list::public {'isobuild': - subject => 'Developement discussion list about Mageia isos', + subject => 'Development discussion list about Mageia isos', topics => 'developers', } sympa::list::public {'java': - subject => 'Developement discussion list about Java', + subject => 'Development discussion list about Java', + sender_email => [ "bugzilla_noreply@ml.${::domain}" ], topics => 'developers', } sympa::list::public {'kde': - subject => 'Developement discussion list about KDE', + subject => 'Development discussion list about KDE', + sender_email => [ "bugzilla_noreply@ml.${::domain}" ], topics => 'developers', } sympa::list::public {'kernel': - subject => 'Developement discussion list about Kernel', + subject => 'Development discussion list about Kernel', + sender_email => [ "bugzilla_noreply@ml.${::domain}" ], topics => 'developers', } sympa::list::public {'mageiatools': - subject => 'Developement discussion list about Mageiatools', + subject => 'Development discussion list about Mageiatools', + sender_email => [ "bugzilla_noreply@ml.${::domain}" ], topics => 'developers', } sympa::list::public {'perl': - subject => 'Developement discussion list about Perl', + subject => 'Development discussion list about Perl', + sender_email => [ "bugzilla_noreply@ml.${::domain}" ], topics => 'developers', } sympa::list::public {'php': - subject => 'Developement discussion list about Php', + subject => 'Development discussion list about Php', + sender_email => [ "bugzilla_noreply@ml.${::domain}" ], topics => 'developers', } sympa::list::public {'python': - subject => 'Developement discussion list about Python', + subject => 'Development discussion list about Python', + sender_email => [ "bugzilla_noreply@ml.${::domain}" ], topics => 'developers', } @@ -222,7 +231,7 @@ class lists { } sympa::list::public {'rpmstack': - subject => 'Developement discussion list about Mageia rpm stack', + subject => 'Development discussion list about Mageia rpm stack', topics => 'developers', } @@ -281,7 +290,7 @@ class lists { sympa::list::announce { 'mirrors-announce': subject => 'Important announces about mirrors updates', reply_to => "sysadmin-discuss@ml.${::domain}", - sender_email => [ "root@${::domain}" ], + sender_ldap_group => "mga-sysadmin", topics => 'sysadmin', } @@ -309,6 +318,7 @@ class lists { reply_to => "sysadmin-discuss@ml.${::domain}", sender_email => [ "bugzilla_noreply@ml.${::domain}" ], topics => 'sysadmin', + critical => true, } sympa::list::announce { 'soft-commits': diff --git a/deployment/main_mirror/files/mirror/mirror.readme b/deployment/main_mirror/files/mirror/mirror.readme index d5f78a1a..5846d12e 100644 --- a/deployment/main_mirror/files/mirror/mirror.readme +++ b/deployment/main_mirror/files/mirror/mirror.readme @@ -37,7 +37,7 @@ The servers below synchronise the tree directly from the Mageia rsync server. located in Curitiba (Brasil) o rsync://mirrors.kernel.org/mirrors/mageia/ located in USA and Europe - o rsync://ftp.acc.umu.se/mirror/mageia/ + o rsync://mirror.accum.se/mirror/mageia/ located in Umea (Sweden) o rsync://mirror.math.princeton.edu/pub/mageia/ located in Princeton (USA) diff --git a/deployment/main_mirror/manifests/init.pp b/deployment/main_mirror/manifests/init.pp index 9b26a64d..26d8437b 100644 --- a/deployment/main_mirror/manifests/init.pp +++ b/deployment/main_mirror/manifests/init.pp @@ -2,6 +2,9 @@ class main_mirror { # FIXME shouldn't the various code in this module ? include mirror::main + $mirror_owner = 'schedbot' + $mirror_group = 'mirror' + class { 'rsyncd': rsyncd_conf => 'main_mirror/rsyncd.conf' } @@ -11,11 +14,19 @@ class main_mirror { "${mirror}/mirror", "${mirror}/archive"]: ensure => directory, + owner => $mirror_owner, + group => $mirror_group, } file { - "${mirror}/README": source => 'puppet:///modules/main_mirror/README'; - "${mirror}/mirror/mirror.readme": source => 'puppet:///modules/main_mirror/mirror/mirror.readme'; - "${mirror}/mirror/paths.readme": source => 'puppet:///modules/main_mirror/mirror/paths.readme'; + "${mirror}/README": source => 'puppet:///modules/main_mirror/README', + owner => $mirror_owner, + group => $mirror_group; + "${mirror}/mirror/mirror.readme": source => 'puppet:///modules/main_mirror/mirror/mirror.readme', + owner => $mirror_owner, + group => $mirror_group; + "${mirror}/mirror/paths.readme": source => 'puppet:///modules/main_mirror/mirror/paths.readme', + owner => $mirror_owner, + group => $mirror_group; } } diff --git a/deployment/main_mirror/templates/rsyncd.conf b/deployment/main_mirror/templates/rsyncd.conf index ca1b42fe..f4298b15 100644 --- a/deployment/main_mirror/templates/rsyncd.conf +++ b/deployment/main_mirror/templates/rsyncd.conf @@ -8,48 +8,29 @@ gid = nogroup comment = Mageia Mirror Tree hosts allow = \ 10.42.0.0/24 \ - rabbit.<%= domain %> \ - sucuk.<%= domain %> \ + 2a02:2178:2:7::/64 \ + rabbit.<%= @domain %> \ + sucuk.<%= @domain %> \ + mandrake.<%= @domain %> \ distrib-coffee.ipsl.jussieu.fr \ - distribipsl.aero.jussieu.fr \ + ftp.proxad.net \ jobbot0.ibiblio.org \ - 152.19.134.30 \ - 2610:28:3090:3000::bad:cafe:30 \ - sagres.c3sl.ufpr.br \ - 2801:82:80ff:8000::c \ - 2801:82:80ff:8000::2 \ - tiz-korg-mirror.kernel.org \ - sjc-korg-mirror.kernel.org \ - pao-korg-mirror.kernel.org \ - sfo-korg-mirror.kernel.org \ - mirrors.pdx.kernel.org \ - zeus1.kernel.org \ - zeus2.kernel.org \ - 2604:1380:45e3:2400::1 \ - 139.178.88.99 \ - 2604:1380:4601:e00::3 \ - 147.75.80.249 \ - 2001:4f8:8:10::/64 \ - 2001:4f8:1:10::/64 \ - 2001:4f8:4:6f:0:1994:3:14 \ - 2001:500:60:10::/64 \ - 2001:6b0:e:4017::/64 \ - churchill.acc.umu.se \ - 130.239.18.141 \ - 2001:6b0:e:2018::141 \ - poincare.acc.umu.se \ - 130.239.18.154 \ - 2001:6b0:e:2018::154 \ - 31.171.248.208 \ - 85.134.55.73 \ - ftp.proxad.net \ - ftp.free.fr \ - 212.27.60.27 \ - 2a01:e0c:1:1598::1 \ - mirror.math.princeton.edu \ - 147.75.69.246 + jobbot1.ibiblio.org \ + mirror.math.princeton.edu \ + poincare.accum.se \ + poincare.acc.umu.se \ + sagres.c3sl.ufpr.br \ + sv.mirrors.kernel.org \ + 139.178.88.99 \ + 2604:1380:45e3:2400::1 \ + dfw.mirrors.kernel.org \ + 142.0.200.124 \ + 2605:f480:58:1:0:1994:3:14 \ + 147.75.69.246 \ + 2001:14ba:a417:eb00::1 \ + 2001:14ba:a417:eb00::2 [git] path = /git comment = Mageia Git repos - hosts allow = sucuk.<%= domain %> + hosts allow = sucuk.<%= @domain %> diff --git a/deployment/mga_buildsystem/manifests/config.pp b/deployment/mga_buildsystem/manifests/config.pp index 6b7ceb2b..13608e47 100644 --- a/deployment/mga_buildsystem/manifests/config.pp +++ b/deployment/mga_buildsystem/manifests/config.pp @@ -16,7 +16,7 @@ class mga_buildsystem::config { } class { 'buildsystem::var::iurt': - timeout_multiplier => $::architecture ? { + timeout_multiplier => $facts['architecture'] ? { /arm/ => 4, 'aarch64' => 2, default => 1, @@ -28,37 +28,26 @@ class mga_buildsystem::config { build_nodes => { 'i586' => [ 'ecosse0', 'rabbit0', 'ecosse1', 'rabbit1', 'rabbit2' ], 'i686' => [ 'ecosse0', 'rabbit0', 'ecosse1', 'rabbit1', 'rabbit2' ], + #'i686' => [ 'ecosse0', 'rabbit0', 'ecosse1', 'rabbit1', 'rabbit2', 'houdini', 'garcimore' ], 'x86_64' => [ 'rabbit0', 'ecosse0', 'rabbit1', 'ecosse1', 'rabbit2' ], - 'armv7hl' => [ 'ociaa1-a', 'ociaa1-b'], - 'aarch64' => [ 'ociaa1-a', 'ociaa1-b'], + #'x86_64' => [ 'rabbit0', 'ecosse0', 'rabbit1', 'ecosse1', 'rabbit2', 'houdini', 'garcimore' ], + 'armv7hl' => [ 'ncaa1-a', 'ncaa1-b', 'ncaa1-c', 'ociaa1-a', 'ociaa1-b'], + 'aarch64' => [ 'ncaa1-a', 'ncaa1-b', 'ncaa1-c', 'ociaa1-a', 'ociaa1-b' ], + #'aarch64' => [ 'ncaa1-a', 'ncaa1-b', 'ncaa1-c', 'ociaa1-a', 'ociaa1-b','lavand', 'majax' ], }, build_nodes_aliases => { 'ecosse0' => "ecosse.${::domain}", 'ecosse1' => "ecosse.${::domain}", 'rabbit0' => "rabbit.${::domain}", 'rabbit1' => "rabbit.${::domain}", - 'ec2aa1-a' => "ec2aa1.${::domain}", - 'ec2aa1-b' => "ec2aa1.${::domain}", - 'ec2aa2-a' => "ec2aa2.${::domain}", - 'ec2aa2-b' => "ec2aa2.${::domain}", - 'ec2aa3-a' => "ec2aa3.${::domain}", - 'ec2aa3-b' => "ec2aa3.${::domain}", - 'ec2x1-a' => "ec2x1.${::domain}", - 'ec2x1-b' => "ec2x1.${::domain}", - 'ec2x2-a' => "ec2x2.${::domain}", - 'ec2x2-b' => "ec2x2.${::domain}", - 'pktaa1-a' => "pktaa1.${::domain}", - 'pktaa1-b' => "pktaa1.${::domain}", - 'pktaa1-c' => "pktaa1.${::domain}", - 'pktaa1-d' => "pktaa1.${::domain}", - 'pktaa1-e' => "pktaa1.${::domain}", - 'pktaa1-f' => "pktaa1.${::domain}", + 'rabbit2' => "rabbit.${::domain}", 'ociaa1-a' => "ociaa1.${::domain}", 'ociaa1-b' => "ociaa1.${::domain}", 'ociaa1-c' => "ociaa1.${::domain}", - 'ociaa2-a' => "ociaa2.${::domain}", - 'ociaa2-b' => "ociaa2.${::domain}", - 'ociaa2-c' => "ociaa2.${::domain}", + 'lavand' => "lavand.${::domain}", + 'majax' => "majax.${::domain}", + 'garcimore' => "garcimore.${::domain}", + 'houdini' => "houdini.${::domain}", }, build_src_node => 'duvel', } @@ -170,8 +159,12 @@ class mga_buildsystem::config { $::nodes_ipaddr[duvel][ipv4], $::nodes_ipaddr[ecosse][ipv6], $::nodes_ipaddr[ecosse][ipv4], - $::nodes_ipaddr[fiona][ipv6], - $::nodes_ipaddr[fiona][ipv4], + $::nodes_ipaddr[lavand][ipv4], + $::nodes_ipaddr[majax][ipv4], + $::nodes_ipaddr[houdini][ipv6], + $::nodes_ipaddr[houdini][ipv4], + $::nodes_ipaddr[garcimore][ipv6], + $::nodes_ipaddr[garcimore][ipv4], '10.42.0', $::nodes_ipaddr[rabbit][ipv4], $::nodes_ipaddr[rabbit][ipv6], @@ -191,6 +184,8 @@ class mga_buildsystem::config { '2001:bc8:628:1f00::1', # Oracle cloud VMs '2603:c026:c101:f00::/64', + $::nodes_ipaddr[ncaa1][ipv4], + $::nodes_ipaddr[ncaa1][ipv6], ] $repo_allow_from_domains = [ ".${::domain}", @@ -223,7 +218,6 @@ class mga_buildsystem::config { 'archive', 'mail', 'maintdb', - 'rebuild', ], 'posts' => [ 'genhdlist2_zstd', @@ -436,9 +430,9 @@ class mga_buildsystem::config { 'authorized_packages' => 'drak|^(urpmi|perl-(MDK-Common|Gtk3|Glib(-Object-Introspection)?|URPM)|mgaonline|net_monitor|perl_checker|mandi|indexhtml|ldetect(-lst)?|msec|manatools|rpm-(mageia-setup|helper)|(mga-|mageia).*|iurt)$', 'authorized_arches' => 'none', 'authorized_users' => "^${cauldron_authorized_users}\$", - 'mode' => 'normal', + #'mode' => 'normal', #'mode' => 'version_freeze', - #'mode' => 'freeze', + 'mode' => 'freeze', } # for EOL distributions @@ -617,9 +611,9 @@ class mga_buildsystem::config { } $checks_tag_options = { 'tags' => { - 'release' => inline_template("^[^~]*<%= std_macros['distsuffix'] %>\\d+"), - 'distribution' => inline_template("^<%= std_macros['distribution'] %>"), - 'vendor' => inline_template("^<%= std_macros['vendor'] %>$"), + 'release' => inline_template("^[^~]*<%= @std_macros['distsuffix'] %>\\d+"), + 'distribution' => inline_template("^<%= @std_macros['distribution'] %>"), + 'vendor' => inline_template("^<%= @std_macros['vendor'] %>$"), }, } class { 'buildsystem::var::youri': diff --git a/deployment/mgagit/files/git_multimail.py b/deployment/mgagit/files/git_multimail.py index 39aa1458..0c5c8d7b 100644 --- a/deployment/mgagit/files/git_multimail.py +++ b/deployment/mgagit/files/git_multimail.py @@ -2571,7 +2571,7 @@ class Environment(object): def get_default_ref_ignore_regex(self): # The commit messages of git notes are essentially meaningless - # and "filenames" in git notes commits are an implementational + # and "filenames" in git notes commits are an implementation # detail that might surprise users at first. As such, we # would need a completely different method for handling emails # of git notes in order for them to be of benefit for users, @@ -3097,7 +3097,7 @@ class ConfigRecipientsEnvironmentMixin( lines = config.get_all(name) if lines is not None: lines = [line.strip() for line in lines] - # Single "none" is a special value equivalen to empty string. + # Single "none" is a special value equivalence to empty string. if lines == ['none']: lines = [''] return ', '.join(lines) diff --git a/deployment/mgagit/manifests/init.pp b/deployment/mgagit/manifests/init.pp index 42753b03..f6aa5f02 100644 --- a/deployment/mgagit/manifests/init.pp +++ b/deployment/mgagit/manifests/init.pp @@ -13,6 +13,7 @@ class mgagit( $gitolite_confdir = "${gitolite_dir}/conf" $gitolite_hooksdir = "${gitolite_dir}/hooks" $gitolite_commonhooksdir = "${gitolite_hooksdir}/common" + # This conf file is created by the mgagit package $gitolite_conf = "${gitolite_confdir}/gitolite.conf" $gitoliterc = "${git_homedir}/.gitolite.rc" $bindpwfile = '/etc/mgagit.secret' @@ -90,6 +91,15 @@ class mgagit( content => template('mgagit/repodef_repo.gl'), } + # Update $gitolite_conf regularly with new group members and SSH keys + cron { 'update gitolite.conf': + command => '/usr/bin/mgagit glrun', + hour => '*', + minute => '19', + user => $git_login, + environment => 'MAILTO=root', + } + mgagit::tmpl { 'artwork': tmpldir => $gitolite_tmpldir, ml => 'atelier', diff --git a/deployment/mgagit/templates/git-post-receive-hook b/deployment/mgagit/templates/git-post-receive-hook index b72094b3..a4bbe09a 100755 --- a/deployment/mgagit/templates/git-post-receive-hook +++ b/deployment/mgagit/templates/git-post-receive-hook @@ -1,4 +1,6 @@ #!/usr/bin/python3 +# git post-receive hook that send an e-mail as well as updating Bugzilla when a +# commit referencing a bug is submitted. import configparser import os @@ -90,7 +92,7 @@ def repo_shortname(): return basename -# Override the Environment class to generate an apporpriate short name which is +# Override the Environment class to generate an appropriate short name which is # used in git links and as an email prefix class MageiaEnvironment(git_multimail.Environment): def get_repo_shortname(self): diff --git a/deployment/mgagit/templates/gitolite.rc b/deployment/mgagit/templates/gitolite.rc index 07bbc244..c4c925e6 100644 --- a/deployment/mgagit/templates/gitolite.rc +++ b/deployment/mgagit/templates/gitolite.rc @@ -83,7 +83,7 @@ # essential (unless you're using smart-http mode) 'ssh-authkeys', - # creates git-config enties from gitolite.conf file entries like 'config foo.bar = baz' + # creates git-config entities from gitolite.conf file entries like 'config foo.bar = baz' 'git-config', # creates git-daemon-export-ok files; if you don't use git-daemon, comment this out diff --git a/deployment/releasekey/templates/sign_checksums b/deployment/releasekey/templates/sign_checksums index 9483a1c9..5edf7e57 100644 --- a/deployment/releasekey/templates/sign_checksums +++ b/deployment/releasekey/templates/sign_checksums @@ -7,5 +7,5 @@ fi directory=$1 cd "$directory" for chksum in *.md5 *.sha3 *.sha512; do - gpg --homedir "<%= sign_keydir %>" --yes --sign "$chksum" + gpg --homedir "<%= @sign_keydir %>" --yes --sign "$chksum" done diff --git a/deployment/reports/templates/socket.yaml b/deployment/reports/templates/socket.yaml index 075d7a9f..6b0a8b33 100644 --- a/deployment/reports/templates/socket.yaml +++ b/deployment/reports/templates/socket.yaml @@ -1,2 +1,2 @@ --- -socket_path: /var/lib/ii/<%= nick %>/<%= server %>/<%= channel %>/in +socket_path: /var/lib/ii/<%= @nick %>/<%= @server %>/<%= @channel %>/in diff --git a/deployment/repositories/manifests/subversion.pp b/deployment/repositories/manifests/subversion.pp index 742efe67..4c4ef847 100644 --- a/deployment/repositories/manifests/subversion.pp +++ b/deployment/repositories/manifests/subversion.pp @@ -51,6 +51,7 @@ class repositories::subversion { group => 'mga-packagers-committers', no_binary => true, commit_mail => ["packages-commits@ml.${::domain}"], + nonmaintainer_mail => true, } subversion::repository { '/svn/test-irker/': diff --git a/deployment/tld_redirections/manifests/init.pp b/deployment/tld_redirections/manifests/init.pp index 9815367c..18db541c 100644 --- a/deployment/tld_redirections/manifests/init.pp +++ b/deployment/tld_redirections/manifests/init.pp @@ -18,7 +18,7 @@ class tld_redirections { } } - # domaine owned by Florin Catalin Russen + # domain owned by Florin Catalin Russen redirection { "ro": } # domain owned by the association diff --git a/deployment/websites/templates/vhost_meetbot.conf b/deployment/websites/templates/vhost_meetbot.conf index a6f812c5..40a0f92a 100644 --- a/deployment/websites/templates/vhost_meetbot.conf +++ b/deployment/websites/templates/vhost_meetbot.conf @@ -1,6 +1,6 @@ <VirtualHost *:80> ServerAdmin sysadm@mageia.org - ServerName meetbot.<%= domain %> + ServerName meetbot.<%= @domain %> DocumentRoot <%= scope.lookupvar("websites::meetbot::vhostdir") %> CustomLog /var/log/httpd/access_meetbot_log combined @@ -17,7 +17,7 @@ <VirtualHost *:443> ServerAdmin sysadm@mageia.org - ServerName meetbot.<%= domain %> + ServerName meetbot.<%= @domain %> DocumentRoot <%= scope.lookupvar("websites::meetbot::vhostdir") %> CustomLog /var/log/httpd/access_meetbot_log combined diff --git a/deployment/websites/templates/vhost_static.conf b/deployment/websites/templates/vhost_static.conf index d250a712..fcadc425 100644 --- a/deployment/websites/templates/vhost_static.conf +++ b/deployment/websites/templates/vhost_static.conf @@ -1,5 +1,5 @@ <VirtualHost *:80> - ServerName static.<%= domain %> + ServerName static.<%= @domain %> DocumentRoot <%= scope.lookupvar("websites::static::vhostdir") %> CustomLog /var/log/httpd/static_log combined @@ -40,7 +40,7 @@ </VirtualHost> <VirtualHost *:443> - ServerName static.<%= domain %> + ServerName static.<%= @domain %> DocumentRoot <%= scope.lookupvar("websites::static::vhostdir") %> CustomLog /var/log/httpd/static_log combined diff --git a/deployment/websites/templates/vhost_www.conf b/deployment/websites/templates/vhost_www.conf index 79ac0ee1..399681be 100644 --- a/deployment/websites/templates/vhost_www.conf +++ b/deployment/websites/templates/vhost_www.conf @@ -1,6 +1,6 @@ Redirect /wiki https://wiki.mageia.org/# -# Everything under /g/ is static content to be served by a seconday host +# Everything under /g/ is static content to be served by a secondary host RewriteEngine On RewriteRule ^g/(.+)$ https://static.mageia.org/g/$1 [R,L,QSA] diff --git a/deployment/wikis/manifests/init.pp b/deployment/wikis/manifests/init.pp index c34b06d5..3270f3bb 100644 --- a/deployment/wikis/manifests/init.pp +++ b/deployment/wikis/manifests/init.pp @@ -13,9 +13,9 @@ class wikis { source => "git://git.${::domain}/web/templates/mediawiki" } - $wiki_languages = [ 'en','de', 'fr' ] + $wiki_languages = [ 'en', 'de', 'fr' ] mediawiki::instance { $wiki_languages: - title => 'Mageia wiki', + site_title => 'Mageia wiki', wiki_settings => template('wikis/wiki_settings'), skinsdir => "${wikis_templates}/skins", } diff --git a/deployment/wikis/templates/wiki_settings b/deployment/wikis/templates/wiki_settings index 16d9245d..ec6e647d 100644 --- a/deployment/wikis/templates/wiki_settings +++ b/deployment/wikis/templates/wiki_settings @@ -13,7 +13,7 @@ $wgScriptPath = "/mw-$wgLanguageCode"; $wgArticlePath = "/$wgLanguageCode/$1"; $wgUsePathInfo = true; $wgStylePath = "$wgScriptPath/skins"; -$wgStyleDirectory = '<%= wikis_templates %>/skins'; +$wgStyleDirectory = '<%= @wikis_templates %>/skins'; $wgLogo = ""; $wgDefaultSkin = 'vector'; $wgFavicon = '/mw-en/skins/cavendish/favicon.png'; diff --git a/deployment/wikis/templates/wiki_vhost.conf b/deployment/wikis/templates/wiki_vhost.conf index d4e5e0a2..e087afb5 100644 --- a/deployment/wikis/templates/wiki_vhost.conf +++ b/deployment/wikis/templates/wiki_vhost.conf @@ -1,17 +1,19 @@ -<Directory <%= wikis_root %>> +<Directory <%= @wikis_root %>> Options +FollowSymLinks </Directory> RewriteEngine On RewriteRule ^/?$ /en/ [R] -<%- for lang in wiki_languages -%> +Alias /robots.txt <%= @wikis_root %>/robots.txt -<Directory <%= wikis_root %>/<%= lang %>/images> +<%- for lang in @wiki_languages -%> + +<Directory <%= @wikis_root %>/<%= lang %>/images> SetHandler default-handler </Directory> -Alias /<%= lang %> <%= wikis_root %>/<%= lang %>/index.php -Alias /mw-<%= lang %> <%= wikis_root %>/<%= lang %> +Alias /<%= lang %> <%= @wikis_root %>/<%= lang %>/index.php +Alias /mw-<%= lang %> <%= @wikis_root %>/<%= lang %> <%- end -%> |