chef.git
16 months agoRedirect http requests on render servers to https
Tom Hughes [Fri, 16 Feb 2018 18:37:38 +0000 (18:37 +0000)]
Redirect http requests on render servers to https

16 months agoFix alias processing in mediawiki apache configuration
Tom Hughes [Fri, 16 Feb 2018 12:40:12 +0000 (12:40 +0000)]
Fix alias processing in mediawiki apache configuration

16 months agoRemove junk link from wordpress cookbook
Tom Hughes [Fri, 16 Feb 2018 09:00:37 +0000 (09:00 +0000)]
Remove junk link from wordpress cookbook

16 months agoMake sure apt-transport-https is installed
Tom Hughes [Fri, 16 Feb 2018 08:31:16 +0000 (08:31 +0000)]
Make sure apt-transport-https is installed

16 months agoInstall libffi-dev for rails
Tom Hughes [Thu, 15 Feb 2018 18:24:53 +0000 (18:24 +0000)]
Install libffi-dev for rails

16 months agoAdd osm as an allowed file type for wiki uploads
Clive Blackledge [Mon, 12 Feb 2018 16:54:39 +0000 (08:54 -0800)]
Add osm as an allowed file type for wiki uploads

Fixes operations/194
Closes #150

16 months agoRemove ssl_enabled option for mediawiki sites
Tom Hughes [Sun, 11 Feb 2018 19:55:14 +0000 (19:55 +0000)]
Remove ssl_enabled option for mediawiki sites

16 months agoRemove ssl_enabled option for wordpress sites
Tom Hughes [Sun, 11 Feb 2018 19:50:25 +0000 (19:50 +0000)]
Remove ssl_enabled option for wordpress sites

16 months agoConvert some URLs to https
Tom Hughes [Sun, 11 Feb 2018 19:47:17 +0000 (19:47 +0000)]
Convert some URLs to https

16 months agoConvert more URLs to https
Tom Hughes [Sun, 11 Feb 2018 00:17:41 +0000 (00:17 +0000)]
Convert more URLs to https

16 months agonominatim: fix rights for restricted IP log
Sarah Hoffmann [Sun, 11 Feb 2018 08:59:54 +0000 (09:59 +0100)]
nominatim: fix rights for restricted IP log

16 months agoConvert various URLs to https
Tom Hughes [Sat, 10 Feb 2018 18:02:05 +0000 (18:02 +0000)]
Convert various URLs to https

16 months agoAdd https support for git.osm.org
Tom Hughes [Sat, 10 Feb 2018 17:42:52 +0000 (17:42 +0000)]
Add https support for git.osm.org

16 months agoMake trac use https when authenticating
Tom Hughes [Sat, 10 Feb 2018 17:14:20 +0000 (17:14 +0000)]
Make trac use https when authenticating

16 months agoAdd tile.openstreetmap.org to render server certificates
Tom Hughes [Sat, 10 Feb 2018 14:44:38 +0000 (14:44 +0000)]
Add tile.openstreetmap.org to render server certificates

16 months agoUse https between tile caches and render servers
Tom Hughes [Sat, 10 Feb 2018 14:28:51 +0000 (14:28 +0000)]
Use https between tile caches and render servers

16 months agoEnable SSL on tile render servers
Tom Hughes [Fri, 9 Feb 2018 19:04:44 +0000 (19:04 +0000)]
Enable SSL on tile render servers

16 months agoDisable HSTS for Firefox 52 to avoid issues with remote editing
Tom Hughes [Thu, 8 Feb 2018 19:13:36 +0000 (19:13 +0000)]
Disable HSTS for Firefox 52 to avoid issues with remote editing

16 months agonominatim: reinstate fail2ban on restricted_ips.log
Sarah Hoffmann [Wed, 7 Feb 2018 20:39:04 +0000 (21:39 +0100)]
nominatim: reinstate fail2ban on restricted_ips.log

This file is smaller so that fail2ban hopefully can handle it.

16 months agonominatim: add restricted_ips.log to log rotation
Sarah Hoffmann [Wed, 7 Feb 2018 20:38:31 +0000 (21:38 +0100)]
nominatim: add restricted_ips.log to log rotation

16 months agoUse RewriteRule for ACME redirect on gps-tile
Tom Hughes [Wed, 7 Feb 2018 14:33:30 +0000 (14:33 +0000)]
Use RewriteRule for ACME redirect on gps-tile

16 months agoRun old planet file cleanup on first Monday of the month.
Matt Amos [Mon, 5 Feb 2018 13:51:11 +0000 (13:51 +0000)]
Run old planet file cleanup on first Monday of the month.

Not every Monday and additionally the 1st through 7th, as the
previous cron configuration actually meant. Turns out the command
runs when either the day of week matches _or_ the day of month
matches, unlike all the other rules.

16 months agoFix ooc.osm.org HTML title
Grant Slater [Sun, 4 Feb 2018 11:39:19 +0000 (11:39 +0000)]
Fix ooc.osm.org HTML title

16 months agoIncrease HSTS expiry to a year
Tom Hughes [Sat, 3 Feb 2018 12:18:48 +0000 (12:18 +0000)]
Increase HSTS expiry to a year

16 months agoUpdate carto stylesheet to v4.7.1
Tom Hughes [Fri, 2 Feb 2018 19:52:04 +0000 (19:52 +0000)]
Update carto stylesheet to v4.7.1

Closes #148

16 months agoAdd crossdomain.xml for ooc site
Tom Hughes [Fri, 2 Feb 2018 19:37:20 +0000 (19:37 +0000)]
Add crossdomain.xml for ooc site

16 months agoRewrite ooc site using leaflet and bring it under chef control
Tom Hughes [Fri, 2 Feb 2018 19:23:53 +0000 (19:23 +0000)]
Rewrite ooc site using leaflet and bring it under chef control

16 months agoIncrease pool_idle_time for frontends
Tom Hughes [Thu, 1 Feb 2018 20:33:05 +0000 (20:33 +0000)]
Increase pool_idle_time for frontends

16 months agoUpdate carto stylesheet to v4.7.0
Tom Hughes [Fri, 26 Jan 2018 18:47:11 +0000 (18:47 +0000)]
Update carto stylesheet to v4.7.0

Closes #146

16 months agoSort certificates in a stable order
Tom Hughes [Fri, 26 Jan 2018 15:34:13 +0000 (15:34 +0000)]
Sort certificates in a stable order

16 months agoDon't check the certificate when the connection failed
Tom Hughes [Fri, 26 Jan 2018 15:30:13 +0000 (15:30 +0000)]
Don't check the certificate when the connection failed

16 months agoCheck all hosts for shared certificates
Tom Hughes [Fri, 26 Jan 2018 15:22:34 +0000 (15:22 +0000)]
Check all hosts for shared certificates

16 months agoStart reminding about expiry at 21 days
Tom Hughes [Fri, 26 Jan 2018 10:23:45 +0000 (10:23 +0000)]
Start reminding about expiry at 21 days

16 months agoRescue all errors
Tom Hughes [Fri, 26 Jan 2018 09:21:35 +0000 (09:21 +0000)]
Rescue all errors

16 months agoCorrect over aggressive search and replace
Tom Hughes [Fri, 26 Jan 2018 09:21:11 +0000 (09:21 +0000)]
Correct over aggressive search and replace

17 months agoAdd a cron job to check SSL certificate validity
Tom Hughes [Thu, 25 Jan 2018 00:08:44 +0000 (00:08 +0000)]
Add a cron job to check SSL certificate validity

17 months agoAdd cron job to delete old planet files.
Matt Amos [Wed, 24 Jan 2018 12:26:55 +0000 (12:26 +0000)]
Add cron job to delete old planet files.

At the moment it's just hard-coded to the general consensus view that we should keep the last 4 weeks of planet files, and the first planet for each calendar month before that.

This doesn't touch any of the "historical interest" planets in `/store/planet/cc-by-sa`.

17 months agoExempt /server-status from redirection
Tom Hughes [Mon, 22 Jan 2018 19:11:41 +0000 (19:11 +0000)]
Exempt /server-status from redirection

Fixed #144

17 months agoIncrease HSTS expiry to ten days
Tom Hughes [Sat, 20 Jan 2018 15:44:38 +0000 (15:44 +0000)]
Increase HSTS expiry to ten days

17 months agoUse https URL for html base tag for nominatim.openstreetmap.org.
Guillaume RISCHARD [Tue, 16 Jan 2018 14:10:32 +0000 (15:10 +0100)]
Use https URL for html base tag for nominatim.openstreetmap.org.

17 months agoEnable mod_headers everywhere as we use it for HSTS support
Tom Hughes [Wed, 17 Jan 2018 19:08:44 +0000 (19:08 +0000)]
Enable mod_headers everywhere as we use it for HSTS support

17 months agoMake dev sites serve crossdomain.xml with correct MIME type
Tom Hughes [Wed, 17 Jan 2018 18:47:05 +0000 (18:47 +0000)]
Make dev sites serve crossdomain.xml with correct MIME type

17 months agoAllow cross domain access to https tiles from http pages
Tom Hughes [Tue, 16 Jan 2018 17:49:39 +0000 (17:49 +0000)]
Allow cross domain access to https tiles from http pages

17 months agoFix HSTS for tile caches
Tom Hughes [Tue, 16 Jan 2018 12:30:17 +0000 (12:30 +0000)]
Fix HSTS for tile caches

17 months agoFix permalink control on imagery sites
Tom Hughes [Tue, 16 Jan 2018 09:42:25 +0000 (09:42 +0000)]
Fix permalink control on imagery sites

17 months agoQualify property names
Tom Hughes [Tue, 16 Jan 2018 09:31:26 +0000 (09:31 +0000)]
Qualify property names

17 months agoEnable HSTS for all nginx served SSL sites
Tom Hughes [Tue, 16 Jan 2018 09:20:40 +0000 (09:20 +0000)]
Enable HSTS for all nginx served SSL sites

17 months agoMove nginx SSL configuration to shared location in nginx cookbook
Tom Hughes [Tue, 16 Jan 2018 09:15:14 +0000 (09:15 +0000)]
Move nginx SSL configuration to shared location in nginx cookbook

17 months agoAdd new skin to OSMF mediawiki instance
Michael Glanznig [Sun, 14 Jan 2018 09:03:24 +0000 (10:03 +0100)]
Add new skin to OSMF mediawiki instance

Closes #141

17 months agoUpdate to leaflet 1.3.0
Tom Hughes [Mon, 15 Jan 2018 10:17:02 +0000 (10:17 +0000)]
Update to leaflet 1.3.0

17 months agoUpdate piwik to 3.3.0
Tom Hughes [Sat, 13 Jan 2018 00:15:58 +0000 (00:15 +0000)]
Update piwik to 3.3.0

17 months agoIncrease HSTS expiry
Tom Hughes [Fri, 12 Jan 2018 18:43:01 +0000 (18:43 +0000)]
Increase HSTS expiry

17 months agoEnable HSTS for all apache served SSL sites
Tom Hughes [Thu, 11 Jan 2018 18:13:53 +0000 (18:13 +0000)]
Enable HSTS for all apache served SSL sites

17 months agoAdd static site for 2013.stateofthemap.org
Tom Hughes [Wed, 10 Jan 2018 18:39:58 +0000 (18:39 +0000)]
Add static site for 2013.stateofthemap.org

17 months agoConvert various links to https
Tom Hughes [Fri, 5 Jan 2018 19:58:43 +0000 (19:58 +0000)]
Convert various links to https

17 months agoConvert planet references to use https
Tom Hughes [Thu, 4 Jan 2018 21:53:35 +0000 (21:53 +0000)]
Convert planet references to use https

17 months agoRevert "Make planet redirect to https"
Tom Hughes [Thu, 4 Jan 2018 21:22:15 +0000 (21:22 +0000)]
Revert "Make planet redirect to https"

This reverts commit 31a516770ed279c68a6fb17ec9a498824becdcf3.

17 months agoMake imagery sites redirect to https
Tom Hughes [Thu, 4 Jan 2018 19:28:13 +0000 (19:28 +0000)]
Make imagery sites redirect to https

17 months agoMake planet redirect to https
Tom Hughes [Thu, 4 Jan 2018 19:21:15 +0000 (19:21 +0000)]
Make planet redirect to https

17 months agoMake mediawiki sites redirect to https
Tom Hughes [Thu, 4 Jan 2018 18:55:45 +0000 (18:55 +0000)]
Make mediawiki sites redirect to https

17 months agoBring dev.osm.org under chef control and SSL enable it
Tom Hughes [Thu, 4 Jan 2018 18:31:52 +0000 (18:31 +0000)]
Bring dev.osm.org under chef control and SSL enable it

17 months agoUpdate phppgadmin site to use https
Tom Hughes [Thu, 4 Jan 2018 18:21:31 +0000 (18:21 +0000)]
Update phppgadmin site to use https

17 months agoRedirect user dev sites to https
Tom Hughes [Thu, 4 Jan 2018 18:19:28 +0000 (18:19 +0000)]
Redirect user dev sites to https

17 months agoEnable SSL for user sites on the dev server
Tom Hughes [Thu, 4 Jan 2018 17:58:45 +0000 (17:58 +0000)]
Enable SSL for user sites on the dev server

17 months agoRedirect all gps-tile access to https
Tom Hughes [Thu, 4 Jan 2018 17:37:06 +0000 (17:37 +0000)]
Redirect all gps-tile access to https

17 months agoUse --quieter switch to pluto
Tom Hughes [Wed, 3 Jan 2018 20:58:45 +0000 (20:58 +0000)]
Use --quieter switch to pluto

17 months agowiki: use noreply email address
Grant Slater [Mon, 1 Jan 2018 21:44:39 +0000 (21:44 +0000)]
wiki: use noreply email address

18 months agoRevert "Switch bytemark to use eddie for readonly database queries"
Tom Hughes [Sat, 23 Dec 2017 14:38:03 +0000 (14:38 +0000)]
Revert "Switch bytemark to use eddie for readonly database queries"

This reverts commit 5914b757dd8016700a06cb6392f631a7706b53ad.

18 months agoLog statements taking longer than 1s on the main database
Tom Hughes [Fri, 22 Dec 2017 11:21:37 +0000 (11:21 +0000)]
Log statements taking longer than 1s on the main database

18 months agoIncrease MinSpareThreads and MaxSpareThreads for nominatim
Tom Hughes [Wed, 20 Dec 2017 08:49:04 +0000 (08:49 +0000)]
Increase MinSpareThreads and MaxSpareThreads for nominatim

18 months agonominatim: apply rate limit
Sarah Hoffmann [Tue, 19 Dec 2017 21:27:52 +0000 (22:27 +0100)]
nominatim: apply rate limit

18 months agoAdd support for rate limit http connections
Tom Hughes [Tue, 19 Dec 2017 20:55:42 +0000 (20:55 +0000)]
Add support for rate limit http connections

18 months agoUpdate carto stylesheet to v4.6.0
Tom Hughes [Sun, 17 Dec 2017 21:50:57 +0000 (21:50 +0000)]
Update carto stylesheet to v4.6.0

Closes #140

18 months agoSwitch moderation dev site to use gravitystorm's branch
Tom Hughes [Thu, 14 Dec 2017 11:46:29 +0000 (11:46 +0000)]
Switch moderation dev site to use gravitystorm's branch

18 months agoSwitch bytemark to use eddie for readonly database queries
Tom Hughes [Tue, 12 Dec 2017 09:08:13 +0000 (09:08 +0000)]
Switch bytemark to use eddie for readonly database queries

18 months agoReduce random_page_cost for postgres instances on SSD
Tom Hughes [Thu, 7 Dec 2017 12:06:11 +0000 (12:06 +0000)]
Reduce random_page_cost for postgres instances on SSD

18 months agoUpdate piwik to 3.2.1
Tom Hughes [Thu, 7 Dec 2017 09:31:10 +0000 (09:31 +0000)]
Update piwik to 3.2.1

18 months agoRemove tilecache role from komodo for now
Tom Hughes [Tue, 5 Dec 2017 15:55:29 +0000 (15:55 +0000)]
Remove tilecache role from komodo for now

18 months agoDisable chef exception handler
Tom Hughes [Tue, 5 Dec 2017 14:11:32 +0000 (14:11 +0000)]
Disable chef exception handler

18 months agoUpdate interface name for cmok
Tom Hughes [Tue, 5 Dec 2017 12:44:47 +0000 (12:44 +0000)]
Update interface name for cmok

18 months agoDisable chef report handler
Tom Hughes [Sun, 3 Dec 2017 12:14:53 +0000 (12:14 +0000)]
Disable chef report handler

18 months agoUse string keys for piwik configuration items
Tom Hughes [Fri, 1 Dec 2017 00:26:09 +0000 (00:26 +0000)]
Use string keys for piwik configuration items

18 months agoInstall image optimisation tools on rails machines
Tom Hughes [Wed, 29 Nov 2017 15:44:47 +0000 (15:44 +0000)]
Install image optimisation tools on rails machines

18 months agoDisable "slow run" reporting for chef
Tom Hughes [Tue, 28 Nov 2017 09:11:53 +0000 (09:11 +0000)]
Disable "slow run" reporting for chef

18 months agoExclude fd0 from diskstats munin plugin
Tom Hughes [Tue, 28 Nov 2017 08:35:29 +0000 (08:35 +0000)]
Exclude fd0 from diskstats munin plugin

18 months agoUpgrade remaining machines to chef 13
Tom Hughes [Mon, 27 Nov 2017 15:54:36 +0000 (15:54 +0000)]
Upgrade remaining machines to chef 13

18 months agoUpgrade IC machines to chef 13
Tom Hughes [Mon, 27 Nov 2017 15:44:29 +0000 (15:44 +0000)]
Upgrade IC machines to chef 13

18 months agoQualify property names
Tom Hughes [Mon, 27 Nov 2017 15:40:53 +0000 (15:40 +0000)]
Qualify property names

18 months agoCoerce piwik goals into a normal hash
Tom Hughes [Mon, 27 Nov 2017 15:38:18 +0000 (15:38 +0000)]
Coerce piwik goals into a normal hash

18 months agoUpgrade bytemark machines to chef 13
Tom Hughes [Mon, 27 Nov 2017 15:23:14 +0000 (15:23 +0000)]
Upgrade bytemark machines to chef 13

18 months agoQualify property names
Tom Hughes [Mon, 27 Nov 2017 15:20:13 +0000 (15:20 +0000)]
Qualify property names

18 months agoUpgrade remaining UCL machines to chef 13
Tom Hughes [Mon, 27 Nov 2017 15:13:50 +0000 (15:13 +0000)]
Upgrade remaining UCL machines to chef 13

18 months agoUpgrade ridley to chef 13
Tom Hughes [Mon, 27 Nov 2017 15:04:35 +0000 (15:04 +0000)]
Upgrade ridley to chef 13

18 months agoUpgrade urmel to chef 13
Tom Hughes [Mon, 27 Nov 2017 15:00:29 +0000 (15:00 +0000)]
Upgrade urmel to chef 13

18 months agoFix warning cleaning up symbolic link
Tom Hughes [Mon, 27 Nov 2017 14:59:45 +0000 (14:59 +0000)]
Fix warning cleaning up symbolic link

18 months agoQualify property names
Tom Hughes [Mon, 27 Nov 2017 14:51:49 +0000 (14:51 +0000)]
Qualify property names

18 months agoUpgrade eustace to chef 13
Tom Hughes [Mon, 27 Nov 2017 14:46:19 +0000 (14:46 +0000)]
Upgrade eustace to chef 13

18 months agoConvert rails_port definition to a resource
Tom Hughes [Sun, 26 Nov 2017 20:48:58 +0000 (20:48 +0000)]
Convert rails_port definition to a resource

18 months agoDrop redundant file_column_root attribute
Tom Hughes [Sun, 26 Nov 2017 20:48:17 +0000 (20:48 +0000)]
Drop redundant file_column_root attribute

19 months agoEnable CSP in report only mode for the main web site
Tom Hughes [Thu, 23 Nov 2017 21:21:43 +0000 (21:21 +0000)]
Enable CSP in report only mode for the main web site