chef.git
6 years agoSimplify management of nodes file permission now CHEF#1260 is fixed
Tom Hughes [Sun, 9 Feb 2014 10:23:32 +0000 (10:23 +0000)]
Simplify management of nodes file permission now CHEF#1260 is fixed

6 years agoUpdate chef client to 11.10.0
Tom Hughes [Sun, 9 Feb 2014 10:18:06 +0000 (10:18 +0000)]
Update chef client to 11.10.0

6 years agoAdd MAC address for grindtooth's OOB card
Tom Hughes [Sun, 9 Feb 2014 10:01:50 +0000 (10:01 +0000)]
Add MAC address for grindtooth's OOB card

6 years agoAdd role for grindtooth
Tom Hughes [Sun, 9 Feb 2014 09:51:18 +0000 (09:51 +0000)]
Add role for grindtooth

6 years agoAdd KVM guest sysctl tuning
Grant Slater [Sat, 8 Feb 2014 07:38:47 +0000 (07:38 +0000)]
Add KVM guest sysctl tuning

6 years agojakelong, nepomuk: Decrease scheduler queue depth to improve latency
Grant Slater [Sat, 8 Feb 2014 07:31:58 +0000 (07:31 +0000)]
jakelong, nepomuk: Decrease scheduler queue depth to improve latency

6 years agonadder: Decrease scheduler queue depth to improve latency
Grant Slater [Sat, 8 Feb 2014 06:43:27 +0000 (06:43 +0000)]
nadder: Decrease scheduler queue depth to improve latency

6 years agosquid: specify manager email
Grant Slater [Sat, 8 Feb 2014 06:25:08 +0000 (06:25 +0000)]
squid: specify manager email

6 years agotilecache: fix broken export acl
Grant Slater [Sat, 8 Feb 2014 06:22:12 +0000 (06:22 +0000)]
tilecache: fix broken export acl

6 years agoAdd basic forum cookbook + role and apply for clifford
Grant Slater [Fri, 7 Feb 2014 01:57:33 +0000 (01:57 +0000)]
Add basic forum cookbook + role and apply for clifford

6 years agoDNS: use https tiles
Grant Slater [Wed, 5 Feb 2014 19:46:35 +0000 (19:46 +0000)]
DNS: use https tiles

6 years agoAdd placeholder roundup cookbook & role and apply to ascalon
Grant Slater [Wed, 5 Feb 2014 18:19:06 +0000 (18:19 +0000)]
Add placeholder roundup cookbook & role and apply to ascalon

6 years agoascalon: enable emacsen account
Grant Slater [Wed, 5 Feb 2014 18:01:26 +0000 (18:01 +0000)]
ascalon: enable emacsen account

6 years agoridgeback: Only trigger munin smartctl_exit_status warning if a worthwhile error
Grant Slater [Tue, 4 Feb 2014 12:50:10 +0000 (12:50 +0000)]
ridgeback: Only trigger munin smartctl_exit_status warning if a worthwhile error

6 years agoAdd external IP on ascalon + clifford
Grant Slater [Tue, 4 Feb 2014 12:47:08 +0000 (12:47 +0000)]
Add external IP on ascalon + clifford

6 years agoidris: remove external IP
Grant Slater [Tue, 4 Feb 2014 12:46:13 +0000 (12:46 +0000)]
idris: remove external IP

6 years agoInstall ipmitool on machines with the ipmi_si module loaded
Tom Hughes [Mon, 3 Feb 2014 22:32:14 +0000 (22:32 +0000)]
Install ipmitool on machines with the ipmi_si module loaded

6 years agoAdd OOB MAC addresses for clifford and ascalon
Tom Hughes [Mon, 3 Feb 2014 20:40:54 +0000 (20:40 +0000)]
Add OOB MAC addresses for clifford and ascalon

6 years agoAdd rols for clifford and ascalon
Tom Hughes [Mon, 3 Feb 2014 20:15:15 +0000 (20:15 +0000)]
Add rols for clifford and ascalon

6 years agoswitch2osm: add wpml addons
Grant Slater [Fri, 31 Jan 2014 12:09:16 +0000 (12:09 +0000)]
switch2osm: add wpml addons

6 years agoswitch2osm: add sitepress-multilingual-cms plugin
Grant Slater [Fri, 31 Jan 2014 10:15:09 +0000 (10:15 +0000)]
switch2osm: add sitepress-multilingual-cms plugin

6 years agowordpress: Make fail2ban a little friendlier
Grant Slater [Fri, 31 Jan 2014 10:04:11 +0000 (10:04 +0000)]
wordpress: Make fail2ban a little friendlier

6 years agoDisplay cache server name in tile server debug output
Tom Hughes [Mon, 27 Jan 2014 21:28:36 +0000 (21:28 +0000)]
Display cache server name in tile server debug output

6 years agoMake sure we don't lose changes if we are interrupted
Grant Slater [Thu, 23 Jan 2014 15:27:26 +0000 (15:27 +0000)]
Make sure we don't lose changes if we are interrupted

If we are interrupted after we have fetched changes, but before we
have applied them, then rollback so that we try againt next time.

6 years agoMonitor ping times and reachability from tile caches to renderers
Tom Hughes [Wed, 22 Jan 2014 10:46:55 +0000 (10:46 +0000)]
Monitor ping times and reachability from tile caches to renderers

6 years agoConfigure the nfs_client and tcp munin plugins
Tom Hughes [Wed, 22 Jan 2014 10:28:00 +0000 (10:28 +0000)]
Configure the nfs_client and tcp munin plugins

6 years agoConfigure HDD temperature monitoring for all directly attached disks
Tom Hughes [Wed, 22 Jan 2014 00:41:00 +0000 (00:41 +0000)]
Configure HDD temperature monitoring for all directly attached disks

6 years agoRemove unused support for legacy linux_diskstat_ munin plugin
Tom Hughes [Wed, 22 Jan 2014 00:19:48 +0000 (00:19 +0000)]
Remove unused support for legacy linux_diskstat_ munin plugin

6 years agoConfigure SMART attribute monitoring for direct attached SATA disks
Tom Hughes [Tue, 21 Jan 2014 23:01:48 +0000 (23:01 +0000)]
Configure SMART attribute monitoring for direct attached SATA disks

6 years agoAdd jsrouting.apis.dev.openstreetmap.org
Tom Hughes [Tue, 21 Jan 2014 21:49:36 +0000 (21:49 +0000)]
Add jsrouting.apis.dev.openstreetmap.org

6 years agoQuote the database and user strings when altering databases.
Andy Allan [Tue, 21 Jan 2014 12:26:26 +0000 (12:26 +0000)]
Quote the database and user strings when altering databases.

6 years agoAdd newer version of fw_forwarded_local munin plugin
Tom Hughes [Tue, 21 Jan 2014 09:57:32 +0000 (09:57 +0000)]
Add newer version of fw_forwarded_local munin plugin

This handles connection tracking using the conntrack helper
program when required by newer kernels.

6 years agotilecache: unblock osmand user-agent for 1 week.
Grant Slater [Tue, 21 Jan 2014 00:43:11 +0000 (00:43 +0000)]
tilecache: unblock osmand user-agent for 1 week.

6 years agotilecache: unblock 1 faked user-agent for 1 week. Grrrrr
Grant Slater [Mon, 20 Jan 2014 23:16:55 +0000 (23:16 +0000)]
tilecache: unblock 1 faked user-agent for 1 week. Grrrrr

6 years agotilecache: whitelist apemap for now
Grant Slater [Fri, 17 Jan 2014 17:02:16 +0000 (17:02 +0000)]
tilecache: whitelist apemap for now

6 years agotilecache: cleanup scraper UA blocks slightly
Grant Slater [Fri, 17 Jan 2014 11:43:41 +0000 (11:43 +0000)]
tilecache: cleanup scraper UA blocks slightly

6 years agotilecache: reject common tile scrapers
Grant Slater [Fri, 17 Jan 2014 10:58:32 +0000 (10:58 +0000)]
tilecache: reject common tile scrapers

6 years agosquid: disable icp loggin
Grant Slater [Thu, 16 Jan 2014 21:29:55 +0000 (21:29 +0000)]
squid: disable icp loggin

6 years agosquid: log icp queries initially during debug
Grant Slater [Thu, 16 Jan 2014 21:05:02 +0000 (21:05 +0000)]
squid: log icp queries initially during debug

6 years agotilecache: tweak shorewall ICP UDP rule
Grant Slater [Thu, 16 Jan 2014 20:52:45 +0000 (20:52 +0000)]
tilecache: tweak shorewall ICP UDP rule

6 years agotilecache: allow ICP UDP replies
Grant Slater [Thu, 16 Jan 2014 20:38:21 +0000 (20:38 +0000)]
tilecache: allow ICP UDP replies

6 years agosquid: do not log icp queries
Grant Slater [Thu, 16 Jan 2014 20:12:05 +0000 (20:12 +0000)]
squid: do not log icp queries

6 years agotilecache: remove scraper acl again
Grant Slater [Thu, 16 Jan 2014 19:44:03 +0000 (19:44 +0000)]
tilecache: remove scraper acl again

6 years agotilecache: prefer cache siblings, allow caching of response hits
Grant Slater [Thu, 16 Jan 2014 19:25:20 +0000 (19:25 +0000)]
tilecache: prefer cache siblings, allow caching of response hits

6 years agotilecache: add best peers to each cache (based on avg ping latency)
Grant Slater [Thu, 16 Jan 2014 19:04:23 +0000 (19:04 +0000)]
tilecache: add best peers to each cache (based on avg ping latency)

6 years agotilecache: tweak scraper regex
Grant Slater [Thu, 16 Jan 2014 14:40:13 +0000 (14:40 +0000)]
tilecache: tweak scraper regex

6 years agotilecache: block heavy scrapers.
Grant Slater [Thu, 16 Jan 2014 14:28:20 +0000 (14:28 +0000)]
tilecache: block heavy scrapers.

6 years agotile: ensure ttf-dejavu + ttf-unifont packages are installed
Grant Slater [Tue, 14 Jan 2014 11:20:44 +0000 (11:20 +0000)]
tile: ensure ttf-dejavu + ttf-unifont packages are installed

6 years agoReduce tile expiry cutoff time to 28 days
Tom Hughes [Tue, 14 Jan 2014 09:15:23 +0000 (09:15 +0000)]
Reduce tile expiry cutoff time to 28 days

6 years agotilecache: use xz for logrotate
Grant Slater [Sat, 11 Jan 2014 15:48:30 +0000 (15:48 +0000)]
tilecache: use xz for logrotate

6 years agoUpdate carto stylesheet to v2.8.0
Tom Hughes [Thu, 9 Jan 2014 17:55:59 +0000 (17:55 +0000)]
Update carto stylesheet to v2.8.0

6 years agotilecache: compress immediately on logrotate
Grant Slater [Wed, 8 Jan 2014 00:55:10 +0000 (00:55 +0000)]
tilecache: compress immediately on logrotate

6 years agoSet correct wiki backup prefix for cleanup script
Grant Slater [Mon, 6 Jan 2014 16:32:11 +0000 (16:32 +0000)]
Set correct wiki backup prefix for cleanup script

6 years agotilecache: nginx pass client IP
Grant Slater [Sun, 5 Jan 2014 02:52:08 +0000 (02:52 +0000)]
tilecache: nginx pass client IP

6 years agossl: tile.openstreetmap.org public cert add trust chain
Grant Slater [Sun, 5 Jan 2014 02:28:31 +0000 (02:28 +0000)]
ssl: tile.openstreetmap.org public cert add trust chain

6 years agonginx: restart on site config change
Grant Slater [Sun, 5 Jan 2014 02:02:11 +0000 (02:02 +0000)]
nginx: restart on site config change

6 years agonginx: enable but do not immediately restart
Grant Slater [Sun, 5 Jan 2014 02:00:50 +0000 (02:00 +0000)]
nginx: enable but do not immediately restart

6 years agotilecache: nginx tweak
Grant Slater [Sun, 5 Jan 2014 01:40:35 +0000 (01:40 +0000)]
tilecache: nginx tweak

6 years agotilecache: minor cleanup
Grant Slater [Sun, 5 Jan 2014 01:35:51 +0000 (01:35 +0000)]
tilecache: minor cleanup

6 years agotilecache: add nginx dependency
Grant Slater [Sun, 5 Jan 2014 01:25:35 +0000 (01:25 +0000)]
tilecache: add nginx dependency

6 years agotilecache: add basic nginx ssl configuration
Grant Slater [Sun, 5 Jan 2014 01:21:58 +0000 (01:21 +0000)]
tilecache: add basic nginx ssl configuration

6 years agoMove tile cache sibling configuration to roles
Tom Hughes [Thu, 2 Jan 2014 19:04:13 +0000 (19:04 +0000)]
Move tile cache sibling configuration to roles

6 years agotilecache: proxy-only hot-wired peers
Grant Slater [Thu, 2 Jan 2014 18:48:58 +0000 (18:48 +0000)]
tilecache: proxy-only hot-wired peers

6 years agoWeb: add additional alias + problem 3rd party alias
Grant Slater [Wed, 1 Jan 2014 20:57:35 +0000 (20:57 +0000)]
Web: add additional alias + problem 3rd party alias

6 years agodev: increase PHP upload max to 32MB
Grant Slater [Mon, 30 Dec 2013 22:40:54 +0000 (22:40 +0000)]
dev: increase PHP upload max to 32MB

6 years agoSet NOKOGIRI_USE_SYSTEM_LIBRARIES while instailling the rails bundle
Tom Hughes [Fri, 20 Dec 2013 09:06:10 +0000 (09:06 +0000)]
Set NOKOGIRI_USE_SYSTEM_LIBRARIES while instailling the rails bundle

6 years agoAdd role for simurgh
Tom Hughes [Thu, 19 Dec 2013 13:04:47 +0000 (13:04 +0000)]
Add role for simurgh

6 years agoUpdate chef client to 11.8.2
Tom Hughes [Thu, 19 Dec 2013 13:03:34 +0000 (13:03 +0000)]
Update chef client to 11.8.2

6 years agoTilecache: breakout render parents to avoid squid roundrobin DNS issue
Grant Slater [Wed, 18 Dec 2013 12:59:11 +0000 (12:59 +0000)]
Tilecache: breakout render parents to avoid squid roundrobin DNS issue

6 years agoRevert "Tilecache: breakout render parents to avoid squid roundrobin DNS issue"
Grant Slater [Wed, 18 Dec 2013 12:25:23 +0000 (12:25 +0000)]
Revert "Tilecache: breakout render parents to avoid squid roundrobin DNS issue"

This reverts commit 9dce3290df98d37eafe424fee505bde9a7384862.

6 years agoTilecache: breakout render parents to avoid squid roundrobin DNS issue
Grant Slater [Wed, 18 Dec 2013 12:24:07 +0000 (12:24 +0000)]
Tilecache: breakout render parents to avoid squid roundrobin DNS issue

6 years agotilecache: additional path blacklist
Grant Slater [Tue, 17 Dec 2013 16:57:16 +0000 (16:57 +0000)]
tilecache: additional path blacklist

6 years agotilecache: Add path whitelist + blacklist to avoid false positive IDS @ ISP
Grant Slater [Tue, 17 Dec 2013 15:56:34 +0000 (15:56 +0000)]
tilecache: Add path whitelist + blacklist to avoid false positive IDS @ ISP

6 years agoMove readonly database traffic to katla
Tom Hughes [Thu, 12 Dec 2013 10:16:18 +0000 (10:16 +0000)]
Move readonly database traffic to katla

6 years agoRevert "Move readonly database traffic to katla"
Tom Hughes [Thu, 12 Dec 2013 15:39:59 +0000 (15:39 +0000)]
Revert "Move readonly database traffic to katla"

This reverts commit e1bad7cf91c5b6ac6b435d2489b55ab86b165d9a.

6 years agoMove readonly database traffic to katla
Tom Hughes [Thu, 12 Dec 2013 10:16:18 +0000 (10:16 +0000)]
Move readonly database traffic to katla

6 years agoUpdate carto stylesheets to v2.7.0
Tom Hughes [Wed, 11 Dec 2013 00:06:56 +0000 (00:06 +0000)]
Update carto stylesheets to v2.7.0

6 years agofix log file ownership
Sarah Hoffmann [Sun, 8 Dec 2013 08:19:57 +0000 (09:19 +0100)]
fix log file ownership

6 years agopoldi: tweak md sync (check) performance to lower impact on machine
Grant Slater [Thu, 5 Dec 2013 10:36:33 +0000 (10:36 +0000)]
poldi: tweak md sync (check) performance to lower impact on machine

6 years agoondemand freq scaling: Slower down sampling (100)
Grant Slater [Tue, 3 Dec 2013 13:42:50 +0000 (13:42 +0000)]
ondemand freq scaling: Slower down sampling (100)

6 years agoMove backup authentication rules to the db-backup role
Tom Hughes [Tue, 3 Dec 2013 09:55:43 +0000 (09:55 +0000)]
Move backup authentication rules to the db-backup role

6 years agoAdd the db-backup role to katla
Tom Hughes [Tue, 3 Dec 2013 09:46:53 +0000 (09:46 +0000)]
Add the db-backup role to katla

6 years agoDrop help.apis.dev.openstreetmap.org
Tom Hughes [Tue, 3 Dec 2013 09:18:43 +0000 (09:18 +0000)]
Drop help.apis.dev.openstreetmap.org

6 years agoDrop redesign.apis.dev.openstreetmap.org
Tom Hughes [Tue, 3 Dec 2013 08:26:07 +0000 (08:26 +0000)]
Drop redesign.apis.dev.openstreetmap.org

6 years agologrotation for nominatim
Sarah Hoffmann [Tue, 3 Dec 2013 08:00:40 +0000 (09:00 +0100)]
logrotation for nominatim

6 years agoondemand frequency scaling: slower down sampling
Grant Slater [Mon, 2 Dec 2013 11:01:48 +0000 (11:01 +0000)]
ondemand frequency scaling: slower down sampling

6 years agoValidate sysfs settings on each chef run
Tom Hughes [Mon, 2 Dec 2013 09:37:21 +0000 (09:37 +0000)]
Validate sysfs settings on each chef run

6 years agoUpdate SSL cipher suites to latest recomendations
Tom Hughes [Sat, 30 Nov 2013 15:55:55 +0000 (15:55 +0000)]
Update SSL cipher suites to latest recomendations

6 years agoAllow katla to fetch WALK logs from ramoth
Tom Hughes [Fri, 29 Nov 2013 14:09:59 +0000 (14:09 +0000)]
Allow katla to fetch WALK logs from ramoth

6 years agoTweak disks a bit more on katla
Tom Hughes [Thu, 28 Nov 2013 21:01:21 +0000 (21:01 +0000)]
Tweak disks a bit more on katla

6 years agoAllow katla to make replication connections to ramoth
Tom Hughes [Thu, 28 Nov 2013 18:25:09 +0000 (18:25 +0000)]
Allow katla to make replication connections to ramoth

6 years agoAdjust postgres archive path
Tom Hughes [Thu, 28 Nov 2013 18:22:38 +0000 (18:22 +0000)]
Adjust postgres archive path

6 years agoConfigure katla as a database slave
Tom Hughes [Thu, 28 Nov 2013 18:02:52 +0000 (18:02 +0000)]
Configure katla as a database slave

6 years agoDisable SMTP callout verification for telenav.com senders
Tom Hughes [Thu, 28 Nov 2013 00:27:41 +0000 (00:27 +0000)]
Disable SMTP callout verification for telenav.com senders

The telenav.com servers return 550 for any attempt to deliver mail
when the sender address is null, which leads to all mail from them
being rejected due to a failed sender verification.

6 years agoRevert "Go readonly on smaug"
Tom Hughes [Wed, 27 Nov 2013 19:18:42 +0000 (19:18 +0000)]
Revert "Go readonly on smaug"

This reverts commit a5a304af4155b480952d2b39de82d9050e443f46.

6 years agoGo readonly on smaug
Tom Hughes [Wed, 27 Nov 2013 17:24:39 +0000 (17:24 +0000)]
Go readonly on smaug

6 years agoUpdate ssh host keys for spike-{01,02,03} oob cards
Tom Hughes [Wed, 27 Nov 2013 17:21:51 +0000 (17:21 +0000)]
Update ssh host keys for spike-{01,02,03} oob cards

6 years agocgiirc: add #osrm
Grant Slater [Mon, 25 Nov 2013 20:22:09 +0000 (20:22 +0000)]
cgiirc: add #osrm

6 years agoSpecify hardware addresses for spike-{01,02,03}
Tom Hughes [Mon, 25 Nov 2013 15:02:36 +0000 (15:02 +0000)]
Specify hardware addresses for spike-{01,02,03}

6 years agoConvert munin_plugin and munin_plugin_conf to LWRPs
Tom Hughes [Sun, 24 Nov 2013 22:46:45 +0000 (22:46 +0000)]
Convert munin_plugin and munin_plugin_conf to LWRPs