chef.git
5 months agoFix package dependencies in planet cookbook
Tom Hughes [Sat, 15 Feb 2020 12:05:56 +0000 (12:05 +0000)]
Fix package dependencies in planet cookbook

5 months agoResync exim config with upstream default
Tom Hughes [Sat, 15 Feb 2020 11:29:35 +0000 (11:29 +0000)]
Resync exim config with upstream default

5 months agoAdd geodns map for nominatim
Tom Hughes [Fri, 14 Feb 2020 22:55:21 +0000 (22:55 +0000)]
Add geodns map for nominatim

5 months agoUpdate dnscontrol to 2.11 release
Tom Hughes [Fri, 14 Feb 2020 22:18:08 +0000 (22:18 +0000)]
Update dnscontrol to 2.11 release

5 months agoAdd test for squid cookbook
Tom Hughes [Fri, 14 Feb 2020 20:09:02 +0000 (20:09 +0000)]
Add test for squid cookbook

5 months agoAdd test for nginx cookbook
Tom Hughes [Fri, 14 Feb 2020 20:00:39 +0000 (20:00 +0000)]
Add test for nginx cookbook

5 months agoAdd test for nodejs cookbook
Tom Hughes [Fri, 14 Feb 2020 19:36:59 +0000 (19:36 +0000)]
Add test for nodejs cookbook

5 months agoExpect munin to use an IPv6 socket
Tom Hughes [Fri, 14 Feb 2020 18:45:35 +0000 (18:45 +0000)]
Expect munin to use an IPv6 socket

5 months agoAdd test for memcached cookbook
Tom Hughes [Fri, 14 Feb 2020 16:44:32 +0000 (16:44 +0000)]
Add test for memcached cookbook

5 months agoAdd test for openssh cookbook
Tom Hughes [Fri, 14 Feb 2020 16:33:49 +0000 (16:33 +0000)]
Add test for openssh cookbook

5 months agoAdd test for fail2ban cookbook
Tom Hughes [Fri, 14 Feb 2020 16:30:14 +0000 (16:30 +0000)]
Add test for fail2ban cookbook

5 months agoMake fail2ban use the journal to monitor sshd
Tom Hughes [Fri, 14 Feb 2020 16:29:49 +0000 (16:29 +0000)]
Make fail2ban use the journal to monitor sshd

5 months agoAdd test for donate cookbook
Tom Hughes [Fri, 14 Feb 2020 16:06:16 +0000 (16:06 +0000)]
Add test for donate cookbook

5 months agoAdd test for dmca cookbook
Tom Hughes [Fri, 14 Feb 2020 15:42:01 +0000 (15:42 +0000)]
Add test for dmca cookbook

5 months agoCheck that servers are listening on the right protocols
Tom Hughes [Fri, 14 Feb 2020 14:46:10 +0000 (14:46 +0000)]
Check that servers are listening on the right protocols

5 months agoAdd test for dhcpd cookbook
Tom Hughes [Fri, 14 Feb 2020 14:36:18 +0000 (14:36 +0000)]
Add test for dhcpd cookbook

5 months agoAdd test for devices cookbook
Tom Hughes [Fri, 14 Feb 2020 14:35:40 +0000 (14:35 +0000)]
Add test for devices cookbook

5 months agoImprove check for whether to run freshclam
Tom Hughes [Thu, 13 Feb 2020 22:54:31 +0000 (22:54 +0000)]
Improve check for whether to run freshclam

5 months agoAdd basic tests for clamav, exim and spamassassin cookbooks
Tom Hughes [Thu, 13 Feb 2020 22:39:44 +0000 (22:39 +0000)]
Add basic tests for clamav, exim and spamassassin cookbooks

5 months agoAdd basic test for the ntp cookbook
Tom Hughes [Thu, 13 Feb 2020 21:53:11 +0000 (21:53 +0000)]
Add basic test for the ntp cookbook

5 months agoRemove unused file that existed for kitchen-vagrant support
Tom Hughes [Thu, 13 Feb 2020 21:44:52 +0000 (21:44 +0000)]
Remove unused file that existed for kitchen-vagrant support

5 months agoRemove any sysctl settings which are no longer required
Tom Hughes [Thu, 13 Feb 2020 19:54:09 +0000 (19:54 +0000)]
Remove any sysctl settings which are no longer required

5 months agoDisable sysctl comments for now
Tom Hughes [Thu, 13 Feb 2020 19:22:52 +0000 (19:22 +0000)]
Disable sysctl comments for now

This requires chef 15.x as the client...

5 months agoUse the sysctl resource to manage sysctl settings
Tom Hughes [Thu, 13 Feb 2020 19:21:40 +0000 (19:21 +0000)]
Use the sysctl resource to manage sysctl settings

5 months agoFix some cookstyle warnings
Tom Hughes [Thu, 13 Feb 2020 19:16:10 +0000 (19:16 +0000)]
Fix some cookstyle warnings

5 months agoUpdate bundle
Tom Hughes [Thu, 13 Feb 2020 19:13:42 +0000 (19:13 +0000)]
Update bundle

5 months agoEnable remaining test-kitchen suites in travis
Tom Hughes [Wed, 12 Feb 2020 23:06:15 +0000 (23:06 +0000)]
Enable remaining test-kitchen suites in travis

5 months agoDrop kitchen-vagrant and make kitchen-dokken the only test driver
Tom Hughes [Wed, 12 Feb 2020 23:04:21 +0000 (23:04 +0000)]
Drop kitchen-vagrant and make kitchen-dokken the only test driver

5 months agoSplit Travis script into separate jobs and add apt cookbook test
Michal Migurski [Mon, 3 Feb 2020 00:49:33 +0000 (16:49 -0800)]
Split Travis script into separate jobs and add apt cookbook test

With kitchen-dokken in place, travis should now successfully run
both the cookstyle script and individual kitchen tests as separate
matrix builds.

Matrix builds will run in parallel, and the global Travis 50min limit
should apply to each separately ensuring that all cookbooks get tested.

https://docs.travis-ci.com/user/build-matrix/

5 months agoAdd kitchen-dokken as a new provider in the kitchen configuration
Jamie Alessio [Sun, 9 Feb 2020 18:44:44 +0000 (18:44 +0000)]
Add kitchen-dokken as a new provider in the kitchen configuration

5 months agoAdjust tests to expect that SSL is enabled by default
Tom Hughes [Wed, 12 Feb 2020 21:18:39 +0000 (21:18 +0000)]
Adjust tests to expect that SSL is enabled by default

5 months agoAllow retrying of apache service actions
Tom Hughes [Tue, 11 Feb 2020 22:57:35 +0000 (22:57 +0000)]
Allow retrying of apache service actions

There seems to be an issue with the otrs cookbook when deployed
on a new machine where it tries to both restart and also reload
apache and the reload sometime fails because it seems to happen
before the restart has completed.

It's possible this is because the use of mod_perl for otrs is
slowing down the restart but as a workaround we allow the reload
action to be retried a couple of times.

5 months agoMake sure the Passwd ohai plugin is enabled
Tom Hughes [Wed, 12 Feb 2020 19:04:35 +0000 (19:04 +0000)]
Make sure the Passwd ohai plugin is enabled

This plugin becomes optional in chef 15 so make sure it is
enabled, and cope during the first pass on a new node when
it is not enabled yet.

5 months agoMake sure the bind.clients attribute is set when testing
Tom Hughes [Tue, 11 Feb 2020 22:23:27 +0000 (22:23 +0000)]
Make sure the bind.clients attribute is set when testing

5 months agoUnmount any bind mount that is hiding /etc/resolv.conf
Tom Hughes [Tue, 11 Feb 2020 11:13:23 +0000 (11:13 +0000)]
Unmount any bind mount that is hiding /etc/resolv.conf

This avoids problems when running under kitchen-dokken which
has a bind mount over the top.

5 months agoMake sure resolv.conf is using the systemd-resolved stub resolver
Tom Hughes [Tue, 11 Feb 2020 11:12:49 +0000 (11:12 +0000)]
Make sure resolv.conf is using the systemd-resolved stub resolver

5 months agoRestart systemd-resolved immediately if the configuration changes
Tom Hughes [Tue, 11 Feb 2020 11:12:04 +0000 (11:12 +0000)]
Restart systemd-resolved immediately if the configuration changes

5 months agoDrop internal interface for culebre
Tom Hughes [Tue, 11 Feb 2020 11:02:19 +0000 (11:02 +0000)]
Drop internal interface for culebre

5 months agoIncrease cache memory limit on culebre
Tom Hughes [Tue, 11 Feb 2020 11:01:14 +0000 (11:01 +0000)]
Increase cache memory limit on culebre

5 months agoInstall libdatetime-perl for OTRS
Tom Hughes [Tue, 11 Feb 2020 00:43:23 +0000 (00:43 +0000)]
Install libdatetime-perl for OTRS

5 months agoDrop attempt to run otrs.RebuildConfig.pl
Tom Hughes [Tue, 11 Feb 2020 00:35:06 +0000 (00:35 +0000)]
Drop attempt to run otrs.RebuildConfig.pl

5 months agoMake sure a full set of locales are installed
Tom Hughes [Tue, 11 Feb 2020 00:34:50 +0000 (00:34 +0000)]
Make sure a full set of locales are installed

5 months agoUpdate piwik to 3.13.2
Tom Hughes [Tue, 11 Feb 2020 00:17:21 +0000 (00:17 +0000)]
Update piwik to 3.13.2

5 months agoStub searchs for certificates in tests
Tom Hughes [Mon, 10 Feb 2020 21:51:45 +0000 (21:51 +0000)]
Stub searchs for certificates in tests

5 months agoMake sure g++ is installed for the blogs cookbook
Tom Hughes [Mon, 10 Feb 2020 21:34:30 +0000 (21:34 +0000)]
Make sure g++ is installed for the blogs cookbook

5 months agoUse bundler 1.x for the blogs cookbook
Tom Hughes [Mon, 10 Feb 2020 21:34:11 +0000 (21:34 +0000)]
Use bundler 1.x for the blogs cookbook

5 months agoImprove name generations for ssh_known_hosts
Tom Hughes [Sun, 9 Feb 2020 15:24:59 +0000 (15:24 +0000)]
Improve name generations for ssh_known_hosts

6 months agoInclude sshfp on DNS management host
Tom Hughes [Sat, 8 Feb 2020 15:48:25 +0000 (15:48 +0000)]
Include sshfp on DNS management host

6 months agoRevert "Generate a DNS include file for SSHFP records"
Tom Hughes [Sat, 8 Feb 2020 15:47:40 +0000 (15:47 +0000)]
Revert "Generate a DNS include file for SSHFP records"

This reverts commit 269b5b28ccf95dd4b96cac3f51168ea3280c83db.

6 months agoGenerate a DNS include file for SSHFP records
Tom Hughes [Sat, 8 Feb 2020 15:41:10 +0000 (15:41 +0000)]
Generate a DNS include file for SSHFP records

6 months agoDisable dnscontrol installation until a new version is available
Tom Hughes [Sat, 8 Feb 2020 11:00:29 +0000 (11:00 +0000)]
Disable dnscontrol installation until a new version is available

6 months agoInstall dnscontrol and API credentials on DNS management server
Tom Hughes [Fri, 7 Feb 2020 15:39:00 +0000 (15:39 +0000)]
Install dnscontrol and API credentials on DNS management server

6 months agoplanet: increase bandwidth cap
Grant Slater [Wed, 5 Feb 2020 23:40:15 +0000 (23:40 +0000)]
planet: increase bandwidth cap

6 months agoplanet: run mirror redirect more often, fix minor escaping issue
Grant Slater [Wed, 5 Feb 2020 20:19:03 +0000 (20:19 +0000)]
planet: run mirror redirect more often, fix minor escaping issue

6 months agoMerge pull request #265 from mmd-osm/patch/planet_redirect
Grant [Wed, 5 Feb 2020 20:08:10 +0000 (20:08 +0000)]
Merge pull request #265 from mmd-osm/patch/planet_redirect

Planet redirect: add pbf+full history

6 months agoPlanet redirect: add pbf+full history
mmd-osm [Wed, 5 Feb 2020 20:00:33 +0000 (21:00 +0100)]
Planet redirect: add pbf+full history

Fixes https://github.com/openstreetmap/operations/issues/355

6 months agoReduce cache memory limit on keizer
Tom Hughes [Mon, 3 Feb 2020 13:01:12 +0000 (13:01 +0000)]
Reduce cache memory limit on keizer

6 months agotilecache: increases cache size (where available)
Grant Slater [Sun, 2 Feb 2020 23:18:35 +0000 (23:18 +0000)]
tilecache: increases cache size (where available)

6 months agotilecache: nginx cache more layers
Grant Slater [Sun, 2 Feb 2020 23:03:31 +0000 (23:03 +0000)]
tilecache: nginx cache more layers

6 months agosystemd: add dropin support for exec actions
Grant Slater [Sun, 2 Feb 2020 22:32:19 +0000 (22:32 +0000)]
systemd: add dropin support for exec actions

6 months agoUpdate carto stylesheet to v4.25.0
Tom Hughes [Sat, 1 Feb 2020 16:17:18 +0000 (16:17 +0000)]
Update carto stylesheet to v4.25.0

Closes #264

6 months agoMerge remote-tracking branch 'github/pull/263'
Tom Hughes [Fri, 31 Jan 2020 18:05:08 +0000 (18:05 +0000)]
Merge remote-tracking branch 'github/pull/263'

6 months agoImprove wording when not to use this form
polarbearing [Fri, 31 Jan 2020 18:01:57 +0000 (19:01 +0100)]
Improve wording when not to use this form

as discussed in recent DWG meeting, the target wiki page has already been updated accordingly. Intention is to reduce the misdirected requests.

6 months agonominatim now needs python3-psycopg2
Sarah Hoffmann [Fri, 31 Jan 2020 17:09:19 +0000 (18:09 +0100)]
nominatim now needs python3-psycopg2

6 months agoSwitch MTA-STS policy to enforce mode
Tom Hughes [Wed, 29 Jan 2020 18:01:37 +0000 (18:01 +0000)]
Switch MTA-STS policy to enforce mode

6 months agoRestrict MTA-STS to the MX domains
Tom Hughes [Tue, 28 Jan 2020 18:56:21 +0000 (18:56 +0000)]
Restrict MTA-STS to the MX domains

6 months agoAllow access to MTA-STS policy files
Tom Hughes [Tue, 28 Jan 2020 18:50:56 +0000 (18:50 +0000)]
Allow access to MTA-STS policy files

6 months agoSet directory for MTA-STS policy files
Tom Hughes [Tue, 28 Jan 2020 18:40:41 +0000 (18:40 +0000)]
Set directory for MTA-STS policy files

6 months agoIssue SMTP certificate for all domains we handle
Tom Hughes [Tue, 28 Jan 2020 18:35:20 +0000 (18:35 +0000)]
Issue SMTP certificate for all domains we handle

6 months agoPublish MTA-STS policy for mail domains
Tom Hughes [Tue, 28 Jan 2020 17:40:02 +0000 (17:40 +0000)]
Publish MTA-STS policy for mail domains

6 months agoplanet: move rate limit banner to page top
Grant Slater [Sun, 26 Jan 2020 13:43:03 +0000 (13:43 +0000)]
planet: move rate limit banner to page top

6 months agoplanet: add message to correct header
Grant Slater [Sun, 26 Jan 2020 13:36:07 +0000 (13:36 +0000)]
planet: add message to correct header

6 months agoplanet: Add ratelimit header notice
Grant Slater [Sun, 26 Jan 2020 13:28:24 +0000 (13:28 +0000)]
planet: Add ratelimit header notice

6 months agomediawiki: tune abusefilter limits. Fix #353
Grant Slater [Sat, 25 Jan 2020 14:15:03 +0000 (14:15 +0000)]
mediawiki: tune abusefilter limits. Fix #353

6 months agoReduce cache memory limit on tuatara
Tom Hughes [Thu, 23 Jan 2020 10:30:48 +0000 (10:30 +0000)]
Reduce cache memory limit on tuatara

6 months agoAdd IPv6 address for tuatara
Tom Hughes [Wed, 22 Jan 2020 22:50:56 +0000 (22:50 +0000)]
Add IPv6 address for tuatara

6 months agoRestrict test image to DHCP provided resolvers
Tom Hughes [Tue, 21 Jan 2020 18:46:37 +0000 (18:46 +0000)]
Restrict test image to DHCP provided resolvers

6 months agoAvoid overwrite prompts when unzipping
Tom Hughes [Sun, 19 Jan 2020 17:53:33 +0000 (17:53 +0000)]
Avoid overwrite prompts when unzipping

6 months agoQuote argument to prevent wildcard expansion
Tom Hughes [Sun, 19 Jan 2020 17:52:24 +0000 (17:52 +0000)]
Quote argument to prevent wildcard expansion

6 months agoUse chef cache directory instead of creating our own
Tom Hughes [Sun, 19 Jan 2020 16:33:03 +0000 (16:33 +0000)]
Use chef cache directory instead of creating our own

6 months agoRemove redundant cleanup code
Tom Hughes [Sun, 19 Jan 2020 16:32:32 +0000 (16:32 +0000)]
Remove redundant cleanup code

6 months agoRequire unzip for unpacking theme
Tom Hughes [Sun, 19 Jan 2020 15:51:26 +0000 (15:51 +0000)]
Require unzip for unpacking theme

6 months agoUpdate bundle
Tom Hughes [Sun, 19 Jan 2020 15:51:09 +0000 (15:51 +0000)]
Update bundle

6 months agotilecache: Disable rate limiting tiles
Grant Slater [Sat, 18 Jan 2020 18:45:37 +0000 (18:45 +0000)]
tilecache: Disable rate limiting tiles

6 months agoExpect /etc/init.d/screen-cleanup to be a link
Tom Hughes [Fri, 17 Jan 2020 13:31:17 +0000 (13:31 +0000)]
Expect /etc/init.d/screen-cleanup to be a link

6 months agoUpdate chef client to 14.14.29
Tom Hughes [Fri, 17 Jan 2020 11:29:08 +0000 (11:29 +0000)]
Update chef client to 14.14.29

6 months agoUpdate piwik to 3.13.1
Tom Hughes [Fri, 17 Jan 2020 11:25:39 +0000 (11:25 +0000)]
Update piwik to 3.13.1

6 months agoAvoid exception iterating a non-existent directory
Tom Hughes [Thu, 16 Jan 2020 22:34:29 +0000 (22:34 +0000)]
Avoid exception iterating a non-existent directory

6 months agoUse chef 14 to run tests
Tom Hughes [Thu, 16 Jan 2020 22:22:50 +0000 (22:22 +0000)]
Use chef 14 to run tests

6 months agoMake sure netplan is installed before trying to use it
Tom Hughes [Thu, 16 Jan 2020 21:09:01 +0000 (21:09 +0000)]
Make sure netplan is installed before trying to use it

6 months agoDrop redundant apache-ssl test
Tom Hughes [Thu, 16 Jan 2020 19:27:23 +0000 (19:27 +0000)]
Drop redundant apache-ssl test

6 months agoSwitch tests to use Ubuntu 18.04
Tom Hughes [Thu, 16 Jan 2020 19:26:54 +0000 (19:26 +0000)]
Switch tests to use Ubuntu 18.04

6 months agoUpdate mediawiki public key
Tom Hughes [Wed, 15 Jan 2020 19:18:44 +0000 (19:18 +0000)]
Update mediawiki public key

6 months agoLower squid memory on nidhogg
Tom Hughes [Wed, 15 Jan 2020 14:26:23 +0000 (14:26 +0000)]
Lower squid memory on nidhogg

6 months agodevice: Fix QEMU udev
Grant Slater [Wed, 15 Jan 2020 13:47:36 +0000 (13:47 +0000)]
device: Fix QEMU udev

6 months agoAdjust shared memory limits
Tom Hughes [Fri, 3 Jan 2020 13:36:32 +0000 (13:36 +0000)]
Adjust shared memory limits

6 months agoLower squid memory on boitata
Grant Slater [Wed, 15 Jan 2020 13:34:18 +0000 (13:34 +0000)]
Lower squid memory on boitata

6 months agoplanet: only rate limit files else apache segfault
Grant Slater [Mon, 13 Jan 2020 19:16:34 +0000 (19:16 +0000)]
planet: only rate limit files else apache segfault

6 months agoplanet: Rate limit downloads to help fibre fault
Grant Slater [Mon, 13 Jan 2020 14:54:04 +0000 (14:54 +0000)]
planet: Rate limit downloads to help fibre fault

6 months agoMerge branch 'master' of ssh://git.openstreetmap.org/var/lib/git/public/chef
Guillaume RISCHARD [Sun, 12 Jan 2020 22:32:07 +0000 (23:32 +0100)]
Merge branch 'master' of ssh://git.openstreetmap.org/var/lib/git/public/chef