aboutsummaryrefslogtreecommitdiffstats
path: root/modules
Commit message (Collapse)AuthorAgeFilesLines
* Rename some classes to work with Puppet >= 4Pascal Terjan2026-02-216-14/+5
|
* Use spaces to please puppet-lintPascal Terjan2026-02-211-5/+5
|
* iurt: increase webkit2 timeoutJani Välimaa2026-02-131-1/+1
|
* Revert "mirror: fix bootstrap mirror owner and group"Jani Välimaa2026-02-131-2/+0
| | | | This reverts commit aff2234a87c43c44b86d6177d9ca78746a09642e.
* mirror: fix bootstrap mirror owner and groupJani Välimaa2026-02-131-0/+2
|
* Add new serversuser/bcornec/infraBruno Cornec2026-02-102-2/+10
| | | | | | | | | | | | | | | | | | - 2 new aarch64 build nodes named lavand and majax - 2 new build nodes named houdini and garcimore - a deploy server named mandrake - a web server named webb - a repo server named melies - update DNS and monitoring - prepare to integrate the new build nodes Preparation for 2 new x86_64 build nodes Adds pp file for majax IPs added for garcimore and houdini update DNS
* Replacing /dev/null by /var/www/empty in documentRoot for Web serverpvi-tm2026-02-101-1/+1
|
* Fix virtual aliases errorpvi-tm2026-02-081-1/+1
|
* Improving aliases for new bureaupvi-tm2026-02-081-2/+4
|
* Fixing aliases for new bureaupvi-tm2026-02-061-2/+5
|
* ntp: fix multicastclient settingJani Välimaa2026-01-251-1/+1
|
* Separate running the SSH keys script from the mgagit script (mga#34826)Dan Fandrich2026-01-071-1/+1
| | | | | | | | | The mgagit script was previously run after the SSH keys script, but only if an SSH key was updated. That meant that any group changes were not reflected until after someone changed an SSH key. Decouple the running of the two scripts since they are not (completely) dependent on each other.
* Protecting svnweb against DDOS that use GET http://svnweb with rewrite ↵pvi-tm2025-12-291-4/+3
| | | | engine (Fix)
* Protecting svnweb against DDOS that use GET http://svnweb with rewrite enginepvi-tm2025-12-291-0/+6
|
* Protect the /server-status and /server-info endpointsDan Fandrich2025-12-262-0/+40
| | | | | | | These provide potentially sensitive information, so allow access only from localhost. Reported-by: bas
* check: add mga10 templateJani Välimaa2025-12-081-0/+241
|
* Protect the sympa ldap include filesDan Fandrich2025-11-291-0/+3
| | | | These could hold secrets so should not be world-readable.
* Send plain text alongside HTML in non-maintainer notificationsDan Fandrich2025-11-181-1/+2
| | | | | E-mails are now sent in both plain text and HTML for broader maintainer appeal.
* Improve nonmaintainer_notify.shDan Fandrich2025-11-171-3/+4
| | | | | | | - Send messages also when packages are moved to obsolete - Mention the maintainer name explicitly in the message - Be more robust in handling a malformed maintdb.txt with duplicate entries
* Send an e-mail on a nonmaintainer package changeDan Fandrich2025-11-142-10/+81
| | | | | | | If someone other than the registered maintainer of a package submits a change to that package, notify the maintainer. These notifications are skipped for robot changes and bulk changes where many packages are changed at once.
* Increase blender build timeoutJani Välimaa2025-11-021-0/+1
|
* Enable anti-robots features only on svnwebDan Fandrich2025-09-093-41/+47
| | | | | | | | | | These were intended to be enabled only on svnweb.mageia.org but mirrors.mageia.org (and a couple others) were using the same template. The changes in commit 6802d174 caused the anti-robot mitigation to be triggered when urpmi downloaded $MIRRORLIST from a URL like https://mirrors.mageia.org/api/mageia.9.x86_64.list?reason=update which contains a query part. Fork the template so only svnweb gets these features, which was the original intent.
* Treat anything other than a plain path as "expensive"Dan Fandrich2025-09-071-2/+6
| | | | | Try to reduce svnweb load by making anything other than a plain path require an anti-robot cookie.
* youri-check: run tests in parallelJani Välimaa2025-08-121-1/+1
|
* Reduce number of logs kept on friteuseDan Fandrich2025-07-121-1/+1
| | | | The disk just fills up too quickly.
* Fix timestamp for mass rebuildPascal Terjan2025-07-041-2/+2
|
* Update Age check for new mass rebuildPascal Terjan2025-06-281-3/+3
|
* Disable the Bugzilla collectstats.pl scriptDan Fandrich2025-06-271-6/+7
| | | | | | | | | | | This fails with "Unable to open the chart datafile ./data/mining/0." because that file isn't writable by apache. Rather than trying to fix those permissions, just disable the script since nobody seems to be using whatever statistics are being collected ("data about bugs to be used in Old and New Charts"). This page has some information about the problem: https://serverfault.com/questions/182139
* Use more appropriate decoding/encoding when redirectingDan Fandrich2025-06-061-2/+2
|
* Properly escape the target in then anti-robot redirectDan Fandrich2025-06-064-3/+20
| | | | Any additional URL parameters after a & were previously dropped.
* Increase LLVM build timeoutJani Välimaa2025-06-031-3/+3
|
* Use an absolute URL when redirectingDan Fandrich2025-05-231-3/+4
| | | | | This reduces the possibility of a malicious URL redirecting to another domain.
* Use a fixed random number in the cookieDan Fandrich2025-05-231-1/+1
| | | | | The intent of this cookie isn't actually to track sessions, so eliminate any privacy impact by using a fixed number instead.
* Add another allowed character for cookie redirectsDan Fandrich2025-05-231-1/+1
|
* Block expensive svnweb operations without a cookieDan Fandrich2025-05-233-0/+45
| | | | | | | | | If an expensive request comes in from anyone without a cookie attached, redirect to a page where the cookie is set using JavaScript, then redirect back. This should block robots from these paths, most of which do not support JavaScript. The collateral damage is that a JavaScript browser is now required for users to access those paths. The contents of the cookie is not currently checked, merely that it is set.
* Reduce the number of SVN paths considered too expensiveDan Fandrich2025-05-231-4/+3
| | | | | | | These two don't seem to contribute much to the load seen when robots start hitting svnweb that hard. Also, remove a separate query block that seems to not help much (and which was hard to find in a different location in the file).
* Block expensive operations on another Google botDan Fandrich2025-05-191-2/+2
| | | | | | | The last range was actually another Google bot, which clearly doesn't support Crawl-Delay:. Rather than block one IP range, which isn't going to work long-term since they have so many ranges, block only expensive operations via its new User-Agent: string instead.
* Block another abusive IP address rangeDan Fandrich2025-05-191-1/+1
|
* Block more abusive IP address rangesDan Fandrich2025-05-171-1/+1
| | | | These comprise roughly 20% of current requests.
* Try to ensure sympa-outgoing.service being runningJani Välimaa2025-05-161-0/+5
|
* Limit PostgreSQL memory usage a bitJani Välimaa2025-05-111-4/+4
|
* Fix typo in effective_cache_size PostgreSQL memory parameterJani Välimaa2025-05-111-1/+1
|
* Tune more PostgreSQL memory parametersJani Välimaa2025-05-111-3/+3
|
* Increase PostgreSQL server shared_buffers to 4GBJani Välimaa2025-05-111-1/+1
| | | | According to upstream a reasonable starting value for shared_buffers is 25% of the memory which would be actually 8GB in sucuk.
* Rotate apache logs weekly on sucuk to keep them smallerJani Välimaa2025-05-101-0/+3
|
* Block PrestoJani Välimaa2025-05-041-1/+1
| | | | Most probably Presto is not used as user agent in browsers used by potential users of Mageia.
* Block TridentJani Välimaa2025-05-041-1/+1
|
* Add robots.txt for forumsJani Välimaa2025-05-043-0/+18
|
* Fix wiki robots.txt creationJani Välimaa2025-05-041-1/+3
|
* Add robots.txt to wikiJani Välimaa2025-05-042-0/+12
|
generated by cgit v1.2.1 (git 2.21.0) at 2026-04-17 16:50:42 +0000