chef.git
23 months agoModernise shorewall configuration
Tom Hughes [Thu, 2 Aug 2018 17:57:57 +0000 (18:57 +0100)]
Modernise shorewall configuration

23 months agoUse configured read only database for note dumps
Tom Hughes [Thu, 2 Aug 2018 11:33:45 +0000 (12:33 +0100)]
Use configured read only database for note dumps

23 months agoDon't disable loopback connection tracking on 14.04
Tom Hughes [Thu, 2 Aug 2018 09:47:32 +0000 (10:47 +0100)]
Don't disable loopback connection tracking on 14.04

23 months agoDisable tracking of loopback connections
Tom Hughes [Thu, 2 Aug 2018 09:09:02 +0000 (10:09 +0100)]
Disable tracking of loopback connections

23 months agoCorrect name of sysctl variable
Tom Hughes [Thu, 2 Aug 2018 08:11:08 +0000 (09:11 +0100)]
Correct name of sysctl variable

23 months agoUse pfifo_fast as the default queuing discipline
Tom Hughes [Thu, 2 Aug 2018 07:40:35 +0000 (08:40 +0100)]
Use pfifo_fast as the default queuing discipline

23 months agoMerge pull request #177 from jburgess777/jburgess-raise-tilecache-limits
Grant [Wed, 1 Aug 2018 21:47:13 +0000 (22:47 +0100)]
Merge pull request #177 from jburgess777/jburgess-raise-tilecache-limits

Bump file limits of Nginx and Squid processes from 64k ro 96k

23 months agoBump file limits of Nginx and Squid processes from 64k ro 96k
Jon Burgess [Wed, 1 Aug 2018 21:42:32 +0000 (22:42 +0100)]
Bump file limits of Nginx and Squid processes from 64k ro 96k

23 months agoReduce squid cache memory on sarkany
Tom Hughes [Wed, 1 Aug 2018 08:54:26 +0000 (09:54 +0100)]
Reduce squid cache memory on sarkany

23 months agoReduce squid cache memory on viserion
Tom Hughes [Wed, 1 Aug 2018 07:23:44 +0000 (08:23 +0100)]
Reduce squid cache memory on viserion

23 months agoReduce squid memory usage on noomoahk
Tom Hughes [Wed, 1 Aug 2018 06:08:07 +0000 (07:08 +0100)]
Reduce squid memory usage on noomoahk

23 months agoReduce nf_conntrack_max on jakelong
Tom Hughes [Wed, 1 Aug 2018 06:03:39 +0000 (07:03 +0100)]
Reduce nf_conntrack_max on jakelong

23 months agoEnable chef exception handler
Tom Hughes [Tue, 31 Jul 2018 22:03:19 +0000 (23:03 +0100)]
Enable chef exception handler

23 months agoRemove cleanup code that is no longer needed
Tom Hughes [Tue, 31 Jul 2018 21:39:26 +0000 (22:39 +0100)]
Remove cleanup code that is no longer needed

23 months agoTurn the nginx access log off properly
Tom Hughes [Tue, 31 Jul 2018 21:42:26 +0000 (22:42 +0100)]
Turn the nginx access log off properly

23 months agoDisable nginx logging on tile caches
Tom Hughes [Tue, 31 Jul 2018 21:36:47 +0000 (22:36 +0100)]
Disable nginx logging on tile caches

23 months agotilecache: increase backend keepalive connection
Grant Slater [Tue, 31 Jul 2018 20:56:57 +0000 (21:56 +0100)]
tilecache: increase backend keepalive connection

Increase the backend keepalive connections to reduce the number of
overall connections to backend.

23 months agoIncrease nf_conntrack_max for tile caches
Tom Hughes [Tue, 31 Jul 2018 20:50:01 +0000 (21:50 +0100)]
Increase nf_conntrack_max for tile caches

23 months agoTweak smartd.conf disk test interval
Grant Slater [Tue, 31 Jul 2018 16:13:41 +0000 (17:13 +0100)]
Tweak smartd.conf disk test interval

23 months agoReduce cache memory on viserion
Hrvoje Bogner [Mon, 30 Jul 2018 12:04:06 +0000 (14:04 +0200)]
Reduce cache memory on viserion

Closes #176

23 months agoFix up some Intel disk details
Tom Hughes [Mon, 30 Jul 2018 08:00:56 +0000 (09:00 +0100)]
Fix up some Intel disk details

23 months agoAllow mediawiki instances to access /dev/null
Tom Hughes [Sun, 29 Jul 2018 12:25:09 +0000 (13:25 +0100)]
Allow mediawiki instances to access /dev/null

23 months agoInstall lua for Scribuntu
Tom Hughes [Sun, 29 Jul 2018 12:17:53 +0000 (13:17 +0100)]
Install lua for Scribuntu

23 months agoInstall the CodeEditor extension and configure Sribunto to use it
Tom Hughes [Sun, 29 Jul 2018 11:50:07 +0000 (12:50 +0100)]
Install the CodeEditor extension and configure Sribunto to use it

23 months agoInstall the Scribunto extension in the main wiki
Tom Hughes [Sun, 29 Jul 2018 11:21:00 +0000 (12:21 +0100)]
Install the Scribunto extension in the main wiki

23 months agoUse new combined upstream for france
Tom Hughes [Sat, 28 Jul 2018 15:51:26 +0000 (16:51 +0100)]
Use new combined upstream for france

23 months agoReduce cache memory on noomoahk
Tom Hughes [Sat, 28 Jul 2018 15:42:50 +0000 (16:42 +0100)]
Reduce cache memory on noomoahk

23 months agoFix typo
Tom Hughes [Sat, 28 Jul 2018 14:12:48 +0000 (15:12 +0100)]
Fix typo

23 months agoAdd remote hands account to tetaneutral machines
Tom Hughes [Sat, 28 Jul 2018 13:23:28 +0000 (14:23 +0100)]
Add remote hands account to tetaneutral machines

23 months agoAdd role for noomoahk
Tom Hughes [Sat, 28 Jul 2018 12:47:45 +0000 (13:47 +0100)]
Add role for noomoahk

23 months agoImprove determination of external IP addresses for certificate checks
Tom Hughes [Sat, 28 Jul 2018 08:53:40 +0000 (09:53 +0100)]
Improve determination of external IP addresses for certificate checks

23 months agoConfigure PDU monitoring in Amsterdam
Tom Hughes [Thu, 26 Jul 2018 17:54:13 +0000 (18:54 +0100)]
Configure PDU monitoring in Amsterdam

23 months agoMerge commit '77e9695dace417d550bdcce75fe2a0dd860c239b'
Tom Hughes [Thu, 26 Jul 2018 14:31:24 +0000 (15:31 +0100)]
Merge commit '77e9695dace417d550bdcce75fe2a0dd860c239b'

23 months agoCorrect names for PDUs
Tom Hughes [Thu, 26 Jul 2018 14:30:56 +0000 (15:30 +0100)]
Correct names for PDUs

23 months agoAdd PDUs to DHCP
Tom Hughes [Thu, 26 Jul 2018 13:40:19 +0000 (14:40 +0100)]
Add PDUs to DHCP

23 months agoupdate jburgess ssh key
Jon Burgess [Thu, 26 Jul 2018 13:33:12 +0000 (14:33 +0100)]
update jburgess ssh key

23 months agoAdd support for monitoring hosts behind NAT
Tom Hughes [Thu, 26 Jul 2018 10:04:42 +0000 (11:04 +0100)]
Add support for monitoring hosts behind NAT

23 months agoTeach munin to use internal addresses for Amsterdam machines
Tom Hughes [Thu, 26 Jul 2018 09:50:50 +0000 (10:50 +0100)]
Teach munin to use internal addresses for Amsterdam machines

23 months agoConfigure dulcy's serial terminal on ttyS1
Tom Hughes [Thu, 26 Jul 2018 09:21:46 +0000 (10:21 +0100)]
Configure dulcy's serial terminal on ttyS1

23 months agoUpdate MAC addresses for OOB cards on Amsterdam spikes and thorns
Tom Hughes [Wed, 25 Jul 2018 23:27:16 +0000 (00:27 +0100)]
Update MAC addresses for OOB cards on Amsterdam spikes and thorns

23 months agoCorrect internal address for dulcy
Tom Hughes [Wed, 25 Jul 2018 23:15:25 +0000 (00:15 +0100)]
Correct internal address for dulcy

23 months agoAllow openvpn connections over IPv6
Tom Hughes [Wed, 25 Jul 2018 21:29:52 +0000 (22:29 +0100)]
Allow openvpn connections over IPv6

23 months agoAllow VPN connections to/from Amsterdam
Tom Hughes [Wed, 25 Jul 2018 21:25:33 +0000 (22:25 +0100)]
Allow VPN connections to/from Amsterdam

23 months agoCorrect vlan number for spike-01
Tom Hughes [Wed, 25 Jul 2018 19:42:52 +0000 (20:42 +0100)]
Correct vlan number for spike-01

23 months agoEnable dhcpd on ironbelly
Tom Hughes [Wed, 25 Jul 2018 19:24:26 +0000 (20:24 +0100)]
Enable dhcpd on ironbelly

23 months agoUpdate upstream role for Amsterdam machines
Tom Hughes [Wed, 25 Jul 2018 17:07:51 +0000 (18:07 +0100)]
Update upstream role for Amsterdam machines

23 months agoUpdate network configuration for Amsterdam
Tom Hughes [Wed, 25 Jul 2018 17:01:29 +0000 (18:01 +0100)]
Update network configuration for Amsterdam

23 months agoIncrease cache memory for viserion
Hrvoje Bogner [Wed, 25 Jul 2018 14:12:42 +0000 (16:12 +0200)]
Increase cache memory for viserion

Ram increased  from 24 GB -> 48 GB
cache_mem => "12500 MB" increased  to cache_mem => "35000 MB"

23 months agoFix equinix spelling
James Kingdom [Wed, 25 Jul 2018 09:28:36 +0000 (10:28 +0100)]
Fix equinix spelling

23 months agoEnable chef report handler
Tom Hughes [Wed, 25 Jul 2018 07:40:02 +0000 (08:40 +0100)]
Enable chef report handler

23 months agoAdd ic firewall zone back
Tom Hughes [Wed, 25 Jul 2018 06:13:36 +0000 (07:13 +0100)]
Add ic firewall zone back

23 months agoUpdate configuration for move from Imperial to Amsterdam
Tom Hughes [Wed, 18 Jul 2018 21:28:48 +0000 (22:28 +0100)]
Update configuration for move from Imperial to Amsterdam

23 months agofix rubocop offenses
Sarah Hoffmann [Tue, 24 Jul 2018 13:27:36 +0000 (15:27 +0200)]
fix rubocop offenses

23 months agoreduce size of fpm pool on pummelzacken even more
Sarah Hoffmann [Tue, 24 Jul 2018 08:55:28 +0000 (10:55 +0200)]
reduce size of fpm pool on pummelzacken even more

23 months agoreduce size of fpm pool on pummelzacken
Sarah Hoffmann [Tue, 24 Jul 2018 08:26:19 +0000 (10:26 +0200)]
reduce size of fpm pool on pummelzacken

23 months agoUpdate IP addresses for move from Imperial to Amsterdam
Tom Hughes [Thu, 19 Jul 2018 07:49:09 +0000 (08:49 +0100)]
Update IP addresses for move from Imperial to Amsterdam

23 months agoIncrease maximum database connections for tile servers
Tom Hughes [Sun, 22 Jul 2018 21:26:13 +0000 (22:26 +0100)]
Increase maximum database connections for tile servers

23 months agoEnable postgresql apt source on rhaegal
Tom Hughes [Sun, 22 Jul 2018 18:28:37 +0000 (19:28 +0100)]
Enable postgresql apt source on rhaegal

23 months agoUse postgis 2.4 on rhaegal
Tom Hughes [Sun, 22 Jul 2018 18:12:03 +0000 (19:12 +0100)]
Use postgis 2.4 on rhaegal

23 months agoConfigure rhaegal as a tile server
Tom Hughes [Sun, 22 Jul 2018 18:01:49 +0000 (19:01 +0100)]
Configure rhaegal as a tile server

23 months agoConfigure parsoid to use https to access the mediawiki API
Tom Hughes [Sat, 21 Jul 2018 13:50:53 +0000 (14:50 +0100)]
Configure parsoid to use https to access the mediawiki API

23 months agoRevert "Add hosting credit for rhaegal"
Tom Hughes [Fri, 20 Jul 2018 10:09:12 +0000 (11:09 +0100)]
Revert "Add hosting credit for rhaegal"

This reverts commit 06d05ac19f91a655ad2cbf06f5754f7aeb976980.

23 months agoAdd hosting credit for rhaegal
Tom Hughes [Fri, 20 Jul 2018 10:00:21 +0000 (11:00 +0100)]
Add hosting credit for rhaegal

23 months agoManage mmiler account on rhaegal
Tom Hughes [Fri, 20 Jul 2018 09:35:32 +0000 (10:35 +0100)]
Manage mmiler account on rhaegal

23 months agoAdd role for rhaegal
Tom Hughes [Fri, 20 Jul 2018 09:24:21 +0000 (10:24 +0100)]
Add role for rhaegal

23 months agoIncrease the passenger pool size for taginfo servers
Tom Hughes [Thu, 19 Jul 2018 11:19:58 +0000 (12:19 +0100)]
Increase the passenger pool size for taginfo servers

23 months agoRemove old machines from dhcp and add IC machines
Tom Hughes [Wed, 18 Jul 2018 21:36:18 +0000 (22:36 +0100)]
Remove old machines from dhcp and add IC machines

23 months agoDisable warnings from the daiy statistics script
Tom Hughes [Wed, 18 Jul 2018 17:36:07 +0000 (18:36 +0100)]
Disable warnings from the daiy statistics script

23 months agoReplace PGconn with PG::Connection
Tom Hughes [Mon, 16 Jul 2018 13:36:38 +0000 (14:36 +0100)]
Replace PGconn with PG::Connection

23 months agoMove planet dump and replication to grisu
Tom Hughes [Mon, 16 Jul 2018 13:19:35 +0000 (14:19 +0100)]
Move planet dump and replication to grisu

23 months agoAdd backup role to grisu
Tom Hughes [Mon, 16 Jul 2018 13:11:38 +0000 (14:11 +0100)]
Add backup role to grisu

23 months agoRemove the PrivateDevices option from gpx-import
Tom Hughes [Mon, 16 Jul 2018 11:15:01 +0000 (12:15 +0100)]
Remove the PrivateDevices option from gpx-import

This now implies NoNewPrivileges=true which stops gpx-import
being able to run the (setuid) exim to send mail.

23 months agoFix name for eddie
Tom Hughes [Mon, 16 Jul 2018 10:46:17 +0000 (11:46 +0100)]
Fix name for eddie

23 months agoMove GPX import and daily web tasks to spike-04
Tom Hughes [Sun, 15 Jul 2018 08:33:14 +0000 (09:33 +0100)]
Move GPX import and daily web tasks to spike-04

23 months agoSend upload traffic to Bytemark and keep other backend traffic local
Tom Hughes [Sun, 15 Jul 2018 10:53:15 +0000 (11:53 +0100)]
Send upload traffic to Bytemark and keep other backend traffic local

23 months agoPut web site back online
Tom Hughes [Sun, 15 Jul 2018 10:43:27 +0000 (11:43 +0100)]
Put web site back online

23 months agoFix name for katla
Tom Hughes [Sun, 15 Jul 2018 10:37:00 +0000 (11:37 +0100)]
Fix name for katla

23 months agoMake katla the database master
Tom Hughes [Sun, 15 Jul 2018 08:34:54 +0000 (09:34 +0100)]
Make katla the database master

23 months agoMake IC frontends use bytemark backends
Tom Hughes [Sun, 15 Jul 2018 10:27:58 +0000 (11:27 +0100)]
Make IC frontends use bytemark backends

23 months agoRevert "Move GPX import and daily web tasks to spike-04"
Tom Hughes [Sun, 15 Jul 2018 10:25:06 +0000 (11:25 +0100)]
Revert "Move GPX import and daily web tasks to spike-04"

This reverts commit 432278631bdb7b422b361f2e6a274c6b7abc393b.

23 months agoUpdate gpx-import package list for Ubuntu 18.04 compatibility
Tom Hughes [Sun, 15 Jul 2018 10:19:36 +0000 (11:19 +0100)]
Update gpx-import package list for Ubuntu 18.04 compatibility

23 months agoMove GPX import and daily web tasks to spike-04
Tom Hughes [Sun, 15 Jul 2018 08:33:14 +0000 (09:33 +0100)]
Move GPX import and daily web tasks to spike-04

23 months agoSwitch web site to readonly against katla and eddie
Tom Hughes [Sun, 15 Jul 2018 08:31:38 +0000 (09:31 +0100)]
Switch web site to readonly against katla and eddie

23 months agoRevert "Update cron job to use cerbot instead of letsencrypt"
Tom Hughes [Fri, 13 Jul 2018 23:03:15 +0000 (00:03 +0100)]
Revert "Update cron job to use cerbot instead of letsencrypt"

This reverts commit 867b64809332c9c9aafbe99a2f65a43747f11c09.

23 months agodisable fail2ban for nominatim again
Sarah Hoffmann [Thu, 12 Jul 2018 19:06:43 +0000 (21:06 +0200)]
disable fail2ban for nominatim again

23 months agoRemove remaining traces of poldi
Tom Hughes [Thu, 12 Jul 2018 16:56:44 +0000 (17:56 +0100)]
Remove remaining traces of poldi

23 months agoDrop the poldi role
Tom Hughes [Thu, 12 Jul 2018 16:55:17 +0000 (17:55 +0100)]
Drop the poldi role

23 months agoRewrite aliases that aren't full addresses
Tom Hughes [Wed, 11 Jul 2018 19:35:17 +0000 (20:35 +0100)]
Rewrite aliases that aren't full addresses

23 months agoRevert "Move db-backup role to eddie"
Tom Hughes [Wed, 11 Jul 2018 10:21:57 +0000 (11:21 +0100)]
Revert "Move db-backup role to eddie"

This reverts commit bb930580464a4446fd5f8513537e6295e6c15bcd.

23 months agoDon't rewrite addresses that are in the aliases file
Tom Hughes [Tue, 10 Jul 2018 19:15:05 +0000 (20:15 +0100)]
Don't rewrite addresses that are in the aliases file

23 months agoUse deadline scheduler for disks in katie
Tom Hughes [Tue, 10 Jul 2018 12:26:47 +0000 (13:26 +0100)]
Use deadline scheduler for disks in katie

2 years agoAdd the TemplateData extension to wikis
Tom Hughes [Sun, 8 Jul 2018 17:04:45 +0000 (18:04 +0100)]
Add the TemplateData extension to wikis

2 years agoSet the default skin for the mediawiki mobile frontend
Tom Hughes [Sun, 8 Jul 2018 09:21:17 +0000 (10:21 +0100)]
Set the default skin for the mediawiki mobile frontend

2 years agoInstall composer on mediawiki machines
Tom Hughes [Sat, 7 Jul 2018 10:08:16 +0000 (11:08 +0100)]
Install composer on mediawiki machines

2 years agoUpdate wiki to mediawiki 1.31
Tom Hughes [Sat, 7 Jul 2018 09:44:33 +0000 (10:44 +0100)]
Update wiki to mediawiki 1.31

2 years agoRun composer for mediawiki extensions that need it
Tom Hughes [Fri, 6 Jul 2018 18:04:11 +0000 (19:04 +0100)]
Run composer for mediawiki extensions that need it

2 years agoImagery: increase spawn-fcgi socket backlog limit
Grant Slater [Fri, 6 Jul 2018 11:35:27 +0000 (12:35 +0100)]
Imagery: increase spawn-fcgi socket backlog limit

2 years agoSet IO rq_affinity for HP RAID disks
Grant Slater [Fri, 6 Jul 2018 11:17:35 +0000 (12:17 +0100)]
Set IO rq_affinity for HP RAID disks

2 years agoIncrease nginx connection limits
Grant Slater [Fri, 6 Jul 2018 11:16:44 +0000 (12:16 +0100)]
Increase nginx connection limits

2 years agoImagery: set GDAL_CACHEMAX environment variable
Grant Slater [Fri, 6 Jul 2018 10:24:33 +0000 (11:24 +0100)]
Imagery: set GDAL_CACHEMAX environment variable