chef.git
5 years agoFix PHP start tag compatibility
Grant Slater [Sun, 26 Oct 2014 13:51:51 +0000 (13:51 +0000)]
Fix PHP start tag compatibility

5 years agoCome back online
Tom Hughes [Sun, 26 Oct 2014 12:54:15 +0000 (12:54 +0000)]
Come back online

5 years agoBring site back online in readonly mode on ramoth
Tom Hughes [Sun, 26 Oct 2014 12:44:08 +0000 (12:44 +0000)]
Bring site back online in readonly mode on ramoth

5 years agoUpdate replication ACL
Tom Hughes [Sun, 26 Oct 2014 12:06:18 +0000 (12:06 +0000)]
Update replication ACL

5 years agoCorrect archive path
Tom Hughes [Sun, 26 Oct 2014 12:02:10 +0000 (12:02 +0000)]
Correct archive path

5 years agoSwap database roles
Tom Hughes [Sun, 26 Oct 2014 11:50:08 +0000 (11:50 +0000)]
Swap database roles

5 years agoGo to offline mode
Tom Hughes [Sun, 26 Oct 2014 11:35:41 +0000 (11:35 +0000)]
Go to offline mode

5 years agoRequire ruby-dev so we can build native extensions
Tom Hughes [Sun, 26 Oct 2014 11:31:14 +0000 (11:31 +0000)]
Require ruby-dev so we can build native extensions

5 years agoThere isn't a separate rubygems package in 14.04
Tom Hughes [Sun, 26 Oct 2014 11:28:40 +0000 (11:28 +0000)]
There isn't a separate rubygems package in 14.04

5 years agoThe portmap service is now rpcbind
Tom Hughes [Sun, 26 Oct 2014 11:25:12 +0000 (11:25 +0000)]
The portmap service is now rpcbind

5 years agoUpdate chef server version mapping
Tom Hughes [Sun, 26 Oct 2014 11:20:58 +0000 (11:20 +0000)]
Update chef server version mapping

5 years agoProxy chef to http for now
Tom Hughes [Sun, 26 Oct 2014 11:17:49 +0000 (11:17 +0000)]
Proxy chef to http for now

5 years agoUpdate planet to use apache 2.4 permissions
Tom Hughes [Sun, 26 Oct 2014 11:14:11 +0000 (11:14 +0000)]
Update planet to use apache 2.4 permissions

5 years agoRewriteLock is not needed in apache 2.4
Tom Hughes [Sun, 26 Oct 2014 11:10:38 +0000 (11:10 +0000)]
RewriteLock is not needed in apache 2.4

5 years agoOnly allow external SMTP connections on the mail server
Tom Hughes [Fri, 24 Oct 2014 16:48:39 +0000 (17:48 +0100)]
Only allow external SMTP connections on the mail server

5 years agoOnly add a domein to relay_to_domains if we are really relaying to it
Tom Hughes [Fri, 24 Oct 2014 16:44:02 +0000 (17:44 +0100)]
Only add a domein to relay_to_domains if we are really relaying to it

5 years agoUpdate piwik to 2.8.3
Tom Hughes [Thu, 23 Oct 2014 21:56:39 +0000 (22:56 +0100)]
Update piwik to 2.8.3

5 years agoBring piwik installation/upgrade under chef control
Tom Hughes [Thu, 23 Oct 2014 21:50:14 +0000 (22:50 +0100)]
Bring piwik installation/upgrade under chef control

5 years agoDisable SSLv3
Tom Hughes [Tue, 21 Oct 2014 09:23:11 +0000 (10:23 +0100)]
Disable SSLv3

5 years agoDisable setting of Access-Control-Allow-Origin by taginfo
Tom Hughes [Mon, 20 Oct 2014 18:14:30 +0000 (19:14 +0100)]
Disable setting of Access-Control-Allow-Origin by taginfo

5 years agoAdd #osm-ar, #osm-bw, #osm-cz, #osm-pt & #osm-ht to irc list
Grant Slater [Sat, 18 Oct 2014 20:01:52 +0000 (21:01 +0100)]
Add #osm-ar, #osm-bw, #osm-cz, #osm-pt & #osm-ht to irc list

5 years agodeactivate nominatim cron scripts on poldi
Sarah Hoffmann [Wed, 15 Oct 2014 21:19:40 +0000 (23:19 +0200)]
deactivate nominatim cron scripts on poldi

5 years agomatch complete URIs in nominatim's apache conf
Sarah Hoffmann [Tue, 14 Oct 2014 18:14:49 +0000 (20:14 +0200)]
match complete URIs in nominatim's apache conf

5 years agoapache ssl: faster timeout on slow OCSP responses
Grant Slater [Sat, 11 Oct 2014 18:47:36 +0000 (19:47 +0100)]
apache ssl: faster timeout on slow OCSP responses

5 years agoapache ssl: Do not pass OCSP stapling failures to client
Grant Slater [Sat, 11 Oct 2014 18:09:27 +0000 (19:09 +0100)]
apache ssl: Do not pass OCSP stapling failures to client

Do not pass OCSP stapling failures to client.
CA's OCSP servers occionally fail, propagating an error is undesireable and causes Firefox and other clients by default to reject the connection.

5 years agowiki: remove Lacking_proper_attribution from robots.txt
Grant Slater [Sat, 11 Oct 2014 16:50:08 +0000 (17:50 +0100)]
wiki: remove Lacking_proper_attribution from robots.txt

5 years agoMove mediawiki + wiki cookbook to public repo
Grant Slater [Sat, 11 Oct 2014 16:04:11 +0000 (17:04 +0100)]
Move mediawiki + wiki cookbook to public repo

5 years agoForce eth hwaddr on ouroboros before HW switch-out
Grant Slater [Sat, 11 Oct 2014 13:42:50 +0000 (14:42 +0100)]
Force eth hwaddr on ouroboros before HW switch-out

5 years agoget rid of multiviews and locationmatch to make apache 2,4 happy
Sarah Hoffmann [Tue, 7 Oct 2014 20:13:21 +0000 (22:13 +0200)]
get rid of multiviews and locationmatch to make apache 2,4 happy

5 years agoAdd #osm-latam
Tom Hughes [Mon, 6 Oct 2014 20:02:42 +0000 (21:02 +0100)]
Add #osm-latam

5 years agoUpdate carto stylesheet to v2.22.0
Tom Hughes [Mon, 6 Oct 2014 17:59:32 +0000 (18:59 +0100)]
Update carto stylesheet to v2.22.0

5 years agoInstall libwww-perl for the apache munin plugins
Tom Hughes [Mon, 6 Oct 2014 12:23:40 +0000 (13:23 +0100)]
Install libwww-perl for the apache munin plugins

5 years agoenable nominatim cron jobs on pummelzacken
Sarah Hoffmann [Mon, 6 Oct 2014 12:12:24 +0000 (14:12 +0200)]
enable nominatim cron jobs on pummelzacken

5 years agoForce Access-Control-Allow-Origin for taginfo api responses
Tom Hughes [Mon, 6 Oct 2014 08:54:35 +0000 (09:54 +0100)]
Force Access-Control-Allow-Origin for taginfo api responses

This is a horrid hack as a workaround pending a fix to the actual
bug in apache:

https://issues.apache.org/bugzilla/show_bug.cgi?id=56898

5 years agoFix permissions handling replies to OTRS messages
Tom Hughes [Thu, 2 Oct 2014 21:44:51 +0000 (22:44 +0100)]
Fix permissions handling replies to OTRS messages

5 years agoConsider tiles not accessed in last 21 days for expiry
Tom Hughes [Mon, 29 Sep 2014 20:07:24 +0000 (21:07 +0100)]
Consider tiles not accessed in last 21 days for expiry

5 years agoRemove horntail and konqi roles
Tom Hughes [Mon, 29 Sep 2014 19:24:35 +0000 (20:24 +0100)]
Remove horntail and konqi roles

5 years agoUpdate carto stylesheet to v2.21.0
Tom Hughes [Sat, 27 Sep 2014 13:17:55 +0000 (14:17 +0100)]
Update carto stylesheet to v2.21.0

6 years agoEnable deletion of trac tickets
Tom Hughes [Mon, 22 Sep 2014 13:59:49 +0000 (14:59 +0100)]
Enable deletion of trac tickets

6 years agoUpdate chef client to 11.16.2-1
Tom Hughes [Fri, 19 Sep 2014 15:46:54 +0000 (16:46 +0100)]
Update chef client to 11.16.2-1

6 years agoUpdate taginfo 'about' text.
Jochen Topf [Fri, 19 Sep 2014 08:11:30 +0000 (10:11 +0200)]
Update taginfo 'about' text.

6 years agoAdd new 'projects' source to taginfo.
Jochen Topf [Thu, 18 Sep 2014 12:42:00 +0000 (14:42 +0200)]
Add new 'projects' source to taginfo.

6 years agoWP plugin XML Sitemap Generator now internally handles sitemap.xml
Grant Slater [Mon, 15 Sep 2014 21:33:30 +0000 (22:33 +0100)]
WP plugin XML Sitemap Generator now internally handles sitemap.xml

6 years agoUpdate chef client to 11.16.0-1
Tom Hughes [Sun, 14 Sep 2014 17:38:41 +0000 (18:38 +0100)]
Update chef client to 11.16.0-1

6 years agoput db back in normal mode on pummelzacken
Sarah Hoffmann [Thu, 11 Sep 2014 19:13:04 +0000 (21:13 +0200)]
put db back in normal mode on pummelzacken

6 years agoCorrect IPv6 prefix length for viserion
Tom Hughes [Thu, 11 Sep 2014 11:42:25 +0000 (12:42 +0100)]
Correct IPv6 prefix length for viserion

6 years agoUpdate IPv6 gateway for viserion
Tom Hughes [Thu, 11 Sep 2014 11:39:11 +0000 (12:39 +0100)]
Update IPv6 gateway for viserion

6 years agoFix IPv6 address for viserion
Tom Hughes [Thu, 11 Sep 2014 11:11:47 +0000 (12:11 +0100)]
Fix IPv6 address for viserion

6 years agoRemvoe tilecache role from viserion for now
Tom Hughes [Thu, 11 Sep 2014 10:48:26 +0000 (11:48 +0100)]
Remvoe tilecache role from viserion for now

6 years agoFix typo
Tom Hughes [Thu, 11 Sep 2014 10:38:17 +0000 (11:38 +0100)]
Fix typo

6 years agoAdd role for viserion
Tom Hughes [Thu, 11 Sep 2014 10:12:10 +0000 (11:12 +0100)]
Add role for viserion

6 years agoEnable OCSP stapling on 14.04 machines
Tom Hughes [Tue, 9 Sep 2014 21:38:28 +0000 (22:38 +0100)]
Enable OCSP stapling on 14.04 machines

6 years agoUpdate carto stylesheet to v2.20.1
Tom Hughes [Mon, 8 Sep 2014 21:26:08 +0000 (22:26 +0100)]
Update carto stylesheet to v2.20.1

6 years agoput pummelzacken in import mode
Sarah Hoffmann [Sat, 6 Sep 2014 19:57:08 +0000 (21:57 +0200)]
put pummelzacken in import mode

6 years agoUpdate carto stylesheet to v2.20.0
Tom Hughes [Sat, 6 Sep 2014 11:12:23 +0000 (12:12 +0100)]
Update carto stylesheet to v2.20.0

6 years agoRun spamassassin as debian-spamd
Tom Hughes [Sat, 6 Sep 2014 09:59:44 +0000 (10:59 +0100)]
Run spamassassin as debian-spamd

6 years agoIgnore bogus ipmi_temp warnings on G6 machines
Tom Hughes [Wed, 3 Sep 2014 12:56:00 +0000 (13:56 +0100)]
Ignore bogus ipmi_temp warnings on G6 machines

6 years agoIncrease parallelism of munin-update
Tom Hughes [Wed, 3 Sep 2014 12:37:31 +0000 (13:37 +0100)]
Increase parallelism of munin-update

6 years agoAdd munin monitoring of rrdcached
Tom Hughes [Tue, 2 Sep 2014 20:45:12 +0000 (21:45 +0100)]
Add munin monitoring of rrdcached

6 years agoUse rrdcached with munin
Tom Hughes [Tue, 2 Sep 2014 20:29:40 +0000 (21:29 +0100)]
Use rrdcached with munin

6 years agoUpdate munin to apache 2.4 style access controls
Tom Hughes [Tue, 2 Sep 2014 18:43:45 +0000 (19:43 +0100)]
Update munin to apache 2.4 style access controls

6 years agoUpdate piwik to apache 2.4 style access controls
Tom Hughes [Tue, 2 Sep 2014 08:20:46 +0000 (09:20 +0100)]
Update piwik to apache 2.4 style access controls

6 years agoExclude noreply.openstreetmap.org from alias expansion
Tom Hughes [Mon, 1 Sep 2014 09:21:17 +0000 (10:21 +0100)]
Exclude noreply.openstreetmap.org from alias expansion

6 years agoDon't allow SSL proxy connections to be reused
Tom Hughes [Fri, 29 Aug 2014 15:47:56 +0000 (16:47 +0100)]
Don't allow SSL proxy connections to be reused

If we allow reuse of SSL connections then we may sent a Host
header that doesn't match the name sent in SNI when the connection
was setup, and the backend will then reject it.

6 years agoRevert "Use http for all backend requests"
Tom Hughes [Fri, 29 Aug 2014 15:16:10 +0000 (16:16 +0100)]
Revert "Use http for all backend requests"

This reverts commit b7579691793f64a2cc7fd86930ed33ffcde88b98.

6 years agoRemove 12.04 support in web cookbook
Tom Hughes [Fri, 29 Aug 2014 14:46:31 +0000 (15:46 +0100)]
Remove 12.04 support in web cookbook

6 years agoUse http for all backend requests
Tom Hughes [Fri, 29 Aug 2014 14:38:07 +0000 (15:38 +0100)]
Use http for all backend requests

6 years agoAdd custom DH parameters our main certificate
Tom Hughes [Fri, 29 Aug 2014 14:32:30 +0000 (15:32 +0100)]
Add custom DH parameters our main certificate

Java before version 7 can't cope with DH parameters longer
than 1024 bits but Apache 2.4 bases the DH parameter length
on the certificate key length, which is 2048 bits.

http://httpd.apache.org/docs/current/ssl/ssl_faq.html#javadh

6 years agoAdd some more apache 2.4 access rules
Tom Hughes [Fri, 29 Aug 2014 12:57:00 +0000 (13:57 +0100)]
Add some more apache 2.4 access rules

6 years agoEnable mod_lbmethod_byrequests for frontends running 14.04
Tom Hughes [Fri, 29 Aug 2014 12:11:18 +0000 (13:11 +0100)]
Enable mod_lbmethod_byrequests for frontends running 14.04

6 years agoEnable mod_lbmethod_bybusyness for frontends running 14.04
Tom Hughes [Fri, 29 Aug 2014 12:06:20 +0000 (13:06 +0100)]
Enable mod_lbmethod_bybusyness for frontends running 14.04

6 years agoUse mod_proxy_fcgi for the map call
Tom Hughes [Fri, 29 Aug 2014 08:34:55 +0000 (09:34 +0100)]
Use mod_proxy_fcgi for the map call

6 years agoFixes for building cgimap on 14.04 machines
Tom Hughes [Fri, 29 Aug 2014 08:24:08 +0000 (09:24 +0100)]
Fixes for building cgimap on 14.04 machines

6 years agoUse apache 2.4 style access controls
Tom Hughes [Fri, 29 Aug 2014 08:10:27 +0000 (09:10 +0100)]
Use apache 2.4 style access controls

6 years agoUse mod_proxy_fcgi for FCGI support with apache 2.4
Tom Hughes [Fri, 29 Aug 2014 08:09:09 +0000 (09:09 +0100)]
Use mod_proxy_fcgi for FCGI support with apache 2.4

6 years agoSet the path for the spamassassin auto whitelist
Tom Hughes [Wed, 27 Aug 2014 22:10:20 +0000 (23:10 +0100)]
Set the path for the spamassassin auto whitelist

6 years agoImprove handling of spamassassin state files
Tom Hughes [Wed, 27 Aug 2014 21:58:23 +0000 (22:58 +0100)]
Improve handling of spamassassin state files

6 years agoUse public CC for trac
Tom Hughes [Wed, 27 Aug 2014 12:48:28 +0000 (13:48 +0100)]
Use public CC for trac

6 years agoUpdate trac configuration with new defaults
Tom Hughes [Wed, 27 Aug 2014 11:14:53 +0000 (12:14 +0100)]
Update trac configuration with new defaults

6 years agoDisable CacheStaleOnError for taginfo
Tom Hughes [Tue, 26 Aug 2014 19:32:52 +0000 (20:32 +0100)]
Disable CacheStaleOnError for taginfo

6 years agoBring OSQA backups under chef control
Tom Hughes [Tue, 26 Aug 2014 16:44:34 +0000 (17:44 +0100)]
Bring OSQA backups under chef control

6 years agoFix apache alias for OSQA uploads
Tom Hughes [Tue, 26 Aug 2014 16:29:36 +0000 (17:29 +0100)]
Fix apache alias for OSQA uploads

6 years agoMove OSQA uploaded files to a folder outside the code tree
Tom Hughes [Tue, 26 Aug 2014 14:31:32 +0000 (15:31 +0100)]
Move OSQA uploaded files to a folder outside the code tree

6 years agospamassassin: Add virtual home
Grant Slater [Mon, 25 Aug 2014 11:57:59 +0000 (12:57 +0100)]
spamassassin: Add virtual home

6 years agoTimeout bad DNS servers quicker
Grant Slater [Sat, 23 Aug 2014 15:27:13 +0000 (16:27 +0100)]
Timeout bad DNS servers quicker

6 years agoUpdate paulla DNS servers
Grant Slater [Sat, 23 Aug 2014 15:26:21 +0000 (16:26 +0100)]
Update paulla DNS servers

6 years agoplanet-notes-dump: move quiet option to correct place
Grant Slater [Sat, 23 Aug 2014 13:15:55 +0000 (14:15 +0100)]
planet-notes-dump: move quiet option to correct place

6 years agoMake planet-notes-dump cron quiet
Grant Slater [Fri, 22 Aug 2014 21:34:08 +0000 (22:34 +0100)]
Make planet-notes-dump cron quiet

6 years agoEnable version control plugins for trac
Tom Hughes [Wed, 20 Aug 2014 23:42:52 +0000 (00:42 +0100)]
Enable version control plugins for trac

6 years agoUpdate svn for apache 2.4
Tom Hughes [Wed, 20 Aug 2014 23:35:54 +0000 (00:35 +0100)]
Update svn for apache 2.4

6 years agoUpdate OTRS to 3.3.8
Tom Hughes [Wed, 20 Aug 2014 17:40:21 +0000 (18:40 +0100)]
Update OTRS to 3.3.8

6 years agoUse apache 2.4 style access rules
Tom Hughes [Wed, 20 Aug 2014 13:43:51 +0000 (14:43 +0100)]
Use apache 2.4 style access rules

6 years agoGrant access to OSQA files
Tom Hughes [Wed, 20 Aug 2014 13:14:13 +0000 (14:14 +0100)]
Grant access to OSQA files

6 years agoInstall OSQA from git instead of svn
Tom Hughes [Wed, 20 Aug 2014 13:06:17 +0000 (14:06 +0100)]
Install OSQA from git instead of svn

6 years agoUse apache 2.4 style permissions
Tom Hughes [Wed, 20 Aug 2014 12:57:43 +0000 (13:57 +0100)]
Use apache 2.4 style permissions

6 years agoUse apache 2.4 syle permissions
Tom Hughes [Wed, 20 Aug 2014 12:28:25 +0000 (13:28 +0100)]
Use apache 2.4 syle permissions

6 years agoUse apache 2.4 style access controls
Tom Hughes [Wed, 20 Aug 2014 12:01:29 +0000 (13:01 +0100)]
Use apache 2.4 style access controls

6 years agoUse apache 2.4 style access controls
Tom Hughes [Wed, 20 Aug 2014 11:30:17 +0000 (12:30 +0100)]
Use apache 2.4 style access controls

6 years agoFix planet-notes-dump cron escaping
Grant Slater [Wed, 20 Aug 2014 08:01:44 +0000 (09:01 +0100)]
Fix planet-notes-dump cron escaping

6 years agoUse apache 2.4 style access controls
Tom Hughes [Tue, 19 Aug 2014 21:52:40 +0000 (22:52 +0100)]
Use apache 2.4 style access controls