Peter Palfrader [Sat, 28 Jan 2017 22:15:03 +0000 (23:15 +0100)]
Add senfter-lvm2
Peter Palfrader [Sat, 28 Jan 2017 18:26:08 +0000 (19:26 +0100)]
give site name
Peter Palfrader [Sat, 28 Jan 2017 18:25:47 +0000 (19:25 +0100)]
Fix path
Peter Palfrader [Sat, 28 Jan 2017 18:21:56 +0000 (19:21 +0100)]
and install template
Peter Palfrader [Sat, 28 Jan 2017 18:17:15 +0000 (19:17 +0100)]
add manpages vhost extra info
Peter Palfrader [Sat, 28 Jan 2017 17:43:57 +0000 (18:43 +0100)]
retire obsolete nova/openstack stuff
Peter Palfrader [Sat, 28 Jan 2017 17:43:36 +0000 (18:43 +0100)]
manziarly manpages staticsync
Peter Palfrader [Sat, 28 Jan 2017 16:58:48 +0000 (17:58 +0100)]
Put manpages SSL things onto static mirrors
Peter Palfrader [Fri, 27 Jan 2017 21:01:45 +0000 (22:01 +0100)]
add bilbao
Peter Palfrader [Fri, 27 Jan 2017 20:35:09 +0000 (21:35 +0100)]
Add bilbao
Peter Palfrader [Fri, 27 Jan 2017 08:43:36 +0000 (09:43 +0100)]
conova <-> netcologne peer directly at decix
Peter Palfrader [Fri, 27 Jan 2017 08:02:10 +0000 (09:02 +0100)]
Add manpages.d.o static component
Peter Palfrader [Fri, 27 Jan 2017 07:59:00 +0000 (08:59 +0100)]
manziarly is a static source
Peter Palfrader [Thu, 26 Jan 2017 21:05:28 +0000 (22:05 +0100)]
Deploy key/cert for dyn.manpages.debian.org
Peter Palfrader [Thu, 26 Jan 2017 17:47:41 +0000 (18:47 +0100)]
give sledge sudo on acker
Peter Palfrader [Wed, 25 Jan 2017 13:19:00 +0000 (14:19 +0100)]
set PATH in ntp-restart-if-required so we can find service(8)
Peter Palfrader [Wed, 25 Jan 2017 10:37:36 +0000 (11:37 +0100)]
grep for ntpd
Peter Palfrader [Wed, 25 Jan 2017 10:33:28 +0000 (11:33 +0100)]
And stdout to /dev/null too
Peter Palfrader [Wed, 25 Jan 2017 10:31:38 +0000 (11:31 +0100)]
restart ntp hourly if not in sync
Peter Palfrader [Wed, 25 Jan 2017 09:25:37 +0000 (10:25 +0100)]
Revert "Reject mail from l8r.net for now - see discussion on dsa@"
This reverts commit
111fae54ebbd997e88ecfc6a9c4baf76ae93608c.
Peter Palfrader [Tue, 24 Jan 2017 13:14:11 +0000 (14:14 +0100)]
Allo DNS from 172.29.180.0/24 at manda
Peter Palfrader [Mon, 23 Jan 2017 11:52:56 +0000 (12:52 +0100)]
raise max connections on syslog hosts
Peter Palfrader [Mon, 23 Jan 2017 10:47:34 +0000 (11:47 +0100)]
samhain: try to ignore -certchain files in /etc/ssl/private
Peter Palfrader [Fri, 20 Jan 2017 20:18:30 +0000 (21:18 +0100)]
No backups for future conova arm buildds
Peter Palfrader [Fri, 20 Jan 2017 13:15:18 +0000 (14:15 +0100)]
retire fede (RT##5219)
Peter Palfrader [Fri, 20 Jan 2017 11:51:59 +0000 (12:51 +0100)]
systemd-timesync for grnet
Peter Palfrader [Fri, 20 Jan 2017 08:04:52 +0000 (09:04 +0100)]
experimental apache on coccia, milanollo, pejacevic, petrova, philp, ticharich
Peter Palfrader [Fri, 20 Jan 2017 07:41:58 +0000 (08:41 +0100)]
newer apache on manziarly
Peter Palfrader [Thu, 19 Jan 2017 15:56:06 +0000 (16:56 +0100)]
restart syslog after boot on kfreebsd
Peter Palfrader [Mon, 16 Jan 2017 21:28:26 +0000 (22:28 +0100)]
apache munin thing wants libwww-perl
Peter Palfrader [Mon, 16 Jan 2017 08:55:20 +0000 (09:55 +0100)]
Why would we not want backups of pkgmirror-csail.debian.org? Enable them!
Peter Palfrader [Mon, 16 Jan 2017 08:53:31 +0000 (09:53 +0100)]
remove steffani
Peter Palfrader [Mon, 16 Jan 2017 08:53:10 +0000 (09:53 +0100)]
remove rautavaara
Peter Palfrader [Sun, 15 Jan 2017 14:02:39 +0000 (15:02 +0100)]
Reject mail from l8r.net for now - see discussion on dsa@
Peter Palfrader [Sat, 14 Jan 2017 23:40:57 +0000 (00:40 +0100)]
make root's shell history contain more than 500 lines
Peter Palfrader [Tue, 10 Jan 2017 20:49:24 +0000 (21:49 +0100)]
Merge remote-tracking branch 'waldi/managed-rsyncd-ftp-master'
* waldi/managed-rsyncd-ftp-master:
Use archvsync managed secrets files for rsyncd on ftp-master
Bastian Blank [Tue, 10 Jan 2017 18:57:38 +0000 (19:57 +0100)]
Use archvsync managed secrets files for rsyncd on ftp-master
Tollef Fog Heen [Tue, 10 Jan 2017 20:29:06 +0000 (21:29 +0100)]
Drop req.grace, it is gone in newer Varnish version
Tollef Fog Heen [Tue, 10 Jan 2017 20:27:17 +0000 (21:27 +0100)]
Update VCL to something that ought to work with 4.0
Tollef Fog Heen [Tue, 10 Jan 2017 20:17:54 +0000 (21:17 +0100)]
Include varnish for pkgmirror-csail
Tollef Fog Heen [Tue, 10 Jan 2017 20:16:00 +0000 (21:16 +0100)]
.. and add the template
Tollef Fog Heen [Tue, 10 Jan 2017 20:13:43 +0000 (21:13 +0100)]
Add key + cert in a single file to /etc/ssl/private
Hitch and HAProxy both need this, so let's just do it for all keys and
certs.
Peter Palfrader [Tue, 10 Jan 2017 20:08:37 +0000 (21:08 +0100)]
Merge remote-tracking branch 'waldi/managed-rsyncd-security-master'
* waldi/managed-rsyncd-security-master:
Use archvsync managed secrets files for rsyncd on security-master
Drop dead exports rsync module from security-master
Bastian Blank [Tue, 10 Jan 2017 20:01:30 +0000 (21:01 +0100)]
Use archvsync managed secrets files for rsyncd on security-master
Bastian Blank [Tue, 10 Jan 2017 20:01:24 +0000 (21:01 +0100)]
Drop dead exports rsync module from security-master
Peter Palfrader [Tue, 10 Jan 2017 19:34:03 +0000 (20:34 +0100)]
Merge remote-tracking branch 'waldi/managed-rsyncd-ports-master'
* waldi/managed-rsyncd-ports-master:
Use archvsync managed secrets files for rsyncd on ports-master
Bastian Blank [Tue, 10 Jan 2017 18:43:36 +0000 (19:43 +0100)]
Use archvsync managed secrets files for rsyncd on ports-master
Peter Palfrader [Tue, 10 Jan 2017 12:43:54 +0000 (13:43 +0100)]
other sil network for weasel
Peter Palfrader [Tue, 10 Jan 2017 12:14:47 +0000 (13:14 +0100)]
update dnssec key for 29.172.in-addr.arpa
Peter Palfrader [Tue, 10 Jan 2017 12:11:58 +0000 (13:11 +0100)]
Update 29.172.in-addr.arpa.key dnssec key
Peter Palfrader [Sun, 8 Jan 2017 08:49:11 +0000 (09:49 +0100)]
ignore /etc/tsm on sibelius
Peter Palfrader [Sat, 7 Jan 2017 16:53:42 +0000 (17:53 +0100)]
retire oyens
Peter Palfrader [Sat, 7 Jan 2017 16:51:21 +0000 (17:51 +0100)]
retire oyens
Peter Palfrader [Sat, 7 Jan 2017 13:12:01 +0000 (14:12 +0100)]
new picconi devices
Julien Cristau [Fri, 6 Jan 2017 17:55:14 +0000 (18:55 +0100)]
Switch to LE certs for sip / repro
Julien Cristau [Fri, 6 Jan 2017 17:04:19 +0000 (18:04 +0100)]
Move {,}debian.org cert to LE, with separate certs
Julien Cristau [Fri, 6 Jan 2017 13:34:43 +0000 (14:34 +0100)]
Switch db.d.o to letsencrypt
Julien Cristau [Fri, 6 Jan 2017 12:14:51 +0000 (13:14 +0100)]
Add new apache on beach
Julien Cristau [Fri, 6 Jan 2017 12:05:52 +0000 (13:05 +0100)]
Switch bugs.d.o to LE
Peter Palfrader [Fri, 6 Jan 2017 12:12:06 +0000 (13:12 +0100)]
And new apache on picconi
Peter Palfrader [Fri, 6 Jan 2017 09:18:19 +0000 (10:18 +0100)]
mirror-isc renumber
Peter Palfrader [Thu, 5 Jan 2017 17:29:35 +0000 (18:29 +0100)]
Put new apache onto pkgmirror-csail
Peter Palfrader [Tue, 3 Jan 2017 07:59:53 +0000 (08:59 +0100)]
screenrc update
Peter Palfrader [Sun, 1 Jan 2017 12:38:19 +0000 (13:38 +0100)]
systemd timesync at csail
Julien Cristau [Sat, 31 Dec 2016 17:46:17 +0000 (18:46 +0100)]
Remove TLSA record for remaining gandi certificates
Peter Palfrader [Sat, 31 Dec 2016 08:10:33 +0000 (09:10 +0100)]
Let mirroradm also sudo to mirroradm
Peter Palfrader [Fri, 30 Dec 2016 09:56:58 +0000 (10:56 +0100)]
Add melartin.debian.org
Tollef Fog Heen [Thu, 29 Dec 2016 07:52:53 +0000 (08:52 +0100)]
Redirect stdout to /dev/null too
Peter Palfrader [Wed, 28 Dec 2016 10:39:57 +0000 (11:39 +0100)]
This does not work yet
Peter Palfrader [Wed, 28 Dec 2016 10:38:04 +0000 (11:38 +0100)]
fix variable
Peter Palfrader [Wed, 28 Dec 2016 10:37:01 +0000 (11:37 +0100)]
torrc header template
Peter Palfrader [Wed, 28 Dec 2016 10:35:45 +0000 (11:35 +0100)]
torrc header template
Peter Palfrader [Wed, 28 Dec 2016 10:35:08 +0000 (11:35 +0100)]
Check if tor is installed also
Peter Palfrader [Wed, 28 Dec 2016 10:17:57 +0000 (11:17 +0100)]
tor_ge_0.2.9 facter
Peter Palfrader [Tue, 20 Dec 2016 09:37:14 +0000 (10:37 +0100)]
more experimental apache servers
Peter Palfrader [Tue, 20 Dec 2016 09:21:17 +0000 (10:21 +0100)]
more experimental apache servers
Peter Palfrader [Sun, 18 Dec 2016 14:38:40 +0000 (15:38 +0100)]
vim listchars once more: avoid small hyphen as it cannot be used in urxvt's cutchars
Peter Palfrader [Thu, 15 Dec 2016 21:07:34 +0000 (22:07 +0100)]
listchars: Actually, the issue was using a soft-hyphen in tabchars, and that has different (the real) semantics now. Use a (short) real hyphen there now
Peter Palfrader [Thu, 15 Dec 2016 20:59:33 +0000 (21:59 +0100)]
Fix listchars encoding which makes (remote) stable vim in stretch urxvt look broken
Peter Palfrader [Thu, 15 Dec 2016 20:56:55 +0000 (21:56 +0100)]
Fix listchars encoding which makes (remote) stable vim in stretch urxvt look broken
Peter Palfrader [Sun, 11 Dec 2016 22:29:12 +0000 (23:29 +0100)]
Add sreview
Peter Palfrader [Sun, 11 Dec 2016 08:32:02 +0000 (09:32 +0100)]
I think servers are separated by whitespace, not commas, and systemd is too shy to complain
Peter Palfrader [Fri, 9 Dec 2016 10:34:58 +0000 (11:34 +0100)]
want systemd-timesyncd from multi-user.target
Peter Palfrader [Fri, 9 Dec 2016 09:27:11 +0000 (09:27 +0000)]
Switch VMs at bytemark from ntp to systemd-timesyncd
Peter Palfrader [Fri, 9 Dec 2016 09:02:39 +0000 (09:02 +0000)]
move ntp munin checks to ntp module
Peter Palfrader [Fri, 9 Dec 2016 08:13:00 +0000 (08:13 +0000)]
Move ntp and ntpdate incldue into a time module
Peter Palfrader [Fri, 9 Dec 2016 08:10:58 +0000 (09:10 +0100)]
Let the puppet usergroup read puppet.conf
Aurelien Jarno [Thu, 8 Dec 2016 14:14:36 +0000 (15:14 +0100)]
decommission franck
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Aurelien Jarno [Thu, 8 Dec 2016 14:10:16 +0000 (15:10 +0100)]
Change /etc/puppet/puppet.conf mode to 0440
It contains a password on the master node.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Peter Palfrader [Thu, 8 Dec 2016 09:59:43 +0000 (10:59 +0100)]
sudo from videoteam to sreview
Peter Palfrader [Sat, 3 Dec 2016 09:38:13 +0000 (10:38 +0100)]
raise HPKP timeout from 14 days to 60
Peter Palfrader [Thu, 1 Dec 2016 10:19:44 +0000 (10:19 +0000)]
install popcon
Peter Palfrader [Thu, 1 Dec 2016 10:18:48 +0000 (10:18 +0000)]
Use proper bacula port in bacula-idle-restart
Peter Palfrader [Wed, 30 Nov 2016 07:20:51 +0000 (08:20 +0100)]
Revert "Revert "move back to default bacula ports for ubc""
This reverts commit
24fc21e69a739a6465c51c4c7f950814bc656b5c.
Peter Palfrader [Tue, 29 Nov 2016 18:09:51 +0000 (19:09 +0100)]
Revert "move back to default bacula ports for ubc"
This reverts commit
9a3c9db00b1fe093ef39d584baf1d47b1c1fadb2.
Peter Palfrader [Tue, 29 Nov 2016 18:06:56 +0000 (19:06 +0100)]
move back to default bacula ports for ubc
Peter Palfrader [Sat, 26 Nov 2016 13:23:43 +0000 (14:23 +0100)]
kill munin-update jobs older than 2 hours
Peter Palfrader [Sat, 26 Nov 2016 11:43:14 +0000 (12:43 +0100)]
Merge ubcece (old IP address range) into ubc
Peter Palfrader [Sat, 26 Nov 2016 11:33:24 +0000 (11:33 +0000)]
Make bacula-idle-restart use ports defined in the manifest
Peter Palfrader [Sat, 26 Nov 2016 11:31:09 +0000 (11:31 +0000)]
Put client_port into the stored config