Verified Commit a8bdc068 authored by Giancarlo Razzolini's avatar Giancarlo Razzolini
Browse files

Merge branch 'master' of arch-git:/srv/git/infrastructure

parents d38a7112 a57abfef
......@@ -165,8 +165,9 @@ The following steps should be used to update our managed servers:
### dragon
#### Services
- build server (pkgbuild.com)
- build server
- sogrep
- arch-boxes (packer)
### state.archlinux.org
......@@ -178,6 +179,11 @@ The following steps should be used to update our managed servers:
#### Services:
- quassel core
## homedir.archlinux.org
#### Services:
- ~/user/ webhost
## Ansible repo workflows
### Replace vault password and change vaulted passwords
......
......@@ -218,17 +218,6 @@
256 MD5:25:a6:b4:cb:f6:c5:27:3a:0d:c6:47:1e:2f:d5:72:db root@archlinux (ED25519)
2048 MD5:4d:09:b7:bc:d0:af:b9:1c:b4:0d:67:88:16:c7:c0:1c root@archlinux (RSA)
# soyuz.archlinux.org
1024 SHA256:7i6dEbYWr2waZYiZWruAf3IDkITWPLYZAb/vuA+L+cA root@soyuz (DSA)
256 SHA256:GHQlxoizbgrUL2ZQY7eOewIYuNzJY2aR73+7CNgdBto root@soyuz (ECDSA)
256 SHA256:ZKKPcOJexD4KP+iCIQc5qMHuu0f1INZh9S3/K0heUdU root@soyuz (ED25519)
2048 SHA256:UpXXVnuxzD51LphEErdSbn5s6VWRDE/j2JK7Ldes/xs root@soyuz (RSA)
1024 MD5:0d:9f:83:0b:35:f2:76:9e:90:84:17:3b:24:5f:72:4c root@soyuz (DSA)
256 MD5:0a:66:44:0f:6d:5c:c4:33:d9:31:9c:c3:22:d0:d0:63 root@soyuz (ECDSA)
256 MD5:e0:43:1d:3c:63:ac:a7:ca:eb:b0:17:e8:ec:f3:c0:38 root@soyuz (ED25519)
2048 MD5:89:d5:e2:5b:32:b3:65:8d:50:a9:3e:ba:79:27:2f:0a root@soyuz (RSA)
# state.archlinux.org
1024 SHA256:4oNX8CksPEgIzibu+ETa2OVVPBX2pzcvcVUa60NbHiQ root@archlinux-packer (DSA)
256 SHA256:uR7EDdVrvkZf43eNmumOeu2MeZn4oMB39ad9kHoobkk root@archlinux-packer (ECDSA)
......
......@@ -98,11 +98,6 @@ sgp.mirror.pkgbuild.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD7zHY11m8025vGMmC0
sgp.mirror.pkgbuild.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJXTkELSODheIaMAe7B4xeKaovwbEoKo0REy4KuaSRyd1CYYoOVZVsiuEGhkJqd1EsFt1xUtbWUH6GiZ/z8tkxA=
sgp.mirror.pkgbuild.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPAALm92Bp1FUNzwMHGIBvGxP31kMTZecexdiVnflre7
# soyuz.archlinux.org
soyuz.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUJaeM5PQWwtsM8pwbFIO8j1haViH4aH14T7NJA/qIxhfnuvC0+hoAom78cndUR66SZ1WFjEVgbL4zhCau3zvGCD2Ca8hNPNMfHuKlB/2TDfDzzrHkSvTE+VWPXcqxL5m1V4MLaowPsBE5KaNDtslCz1HT251DX7I3qlEfH089nEBk6+hnpMSqP2svyYGoWMCBgC9EOJ2pdgF0w0WCFtoaaLyC437K667we6cE1kL5Sh7DT1sogGbCLw/IotEL2qmhEvCB2qO5IzM2MN4ACwjsyYdPO+rLJOmReG1xGmhw1KFIgiwdlWQflYDKxRxSnYLTYmlkHPngXYwGLJ3LEdS/
soyuz.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEtDQ4lyXAUiH/Zc0goqFitPslz6b/VUThYLk/4V59qp7b95EkZaIh4YKWBJ8lMManZv3mTgS0eCyhE5PpJ8BoI=
soyuz.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICM/0VDx+ERVilzThUQ+vbfvVgOTQaCFOovGGOdIyRJx
# state.archlinux.org
state.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCoH0lD8Je2KUktA0RWREiN9v2oIpl/kTZfXZw7LhBaJLdZorqGLI/Nu0Kzb+7Wp0RvcNi5eOpLtFctAwIEs2nEvkPHmKH70KoMBiNNzMWHK6IwTH0EdyYQzjOm4E7qWtbIdK6vSUqtLwgkfaUJ+EokJu51632hmTE2Bk0I12K93hjODmZnM7GhGmSx6h+3KrYfkCz4a2PXVpTptvTTl5t4SkFQMdioQ6k+1m2itjhhEujkewl4N6rar6jB6b4yGHlPZN5Y3lmYaQhraZwen6kuPHfjuMjtkf6lR0cqoK7FvwwrkiXcuGqS8xcVYmRsqRQdXZzLORcMSW4wjlizwQCd
state.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFbZyVxaIdyd5f/dhPN7qGBnOSpLCYzoEqAKuakhi5ou
......
......@@ -231,7 +231,6 @@ arch_users:
- name: foutrelis_buildhost.pub
hosts:
- dragon.archlinux.org
- soyuz.archlinux.org
- sgp.mirror.pkgbuild.com
groups:
- dev
......@@ -275,7 +274,6 @@ arch_users:
- name: heftig_work.pub
hosts:
- dragon.archlinux.org
- soyuz.archlinux.org
- name: heftig_dragon.pub
hosts:
- homedir.archlinux.org
......@@ -359,10 +357,6 @@ arch_users:
maximbaz:
name: "Maxim Baz"
ssh_key: maximbaz.pub
additional_ssh_keys:
- name: maximbaz_soyuz.pub
hosts:
- soyuz.archlinux.org
groups:
- tu
mtorromeo:
......
---
hostname: "soyuz"
ipv4_address: "138.201.206.85"
ipv4_netmask: "/32"
ipv6_address: "2a01:4f8:173:1654::1"
ipv6_netmask: "/128"
ipv4_gateway: "138.201.206.65"
ipv6_gateway: "fe80::1"
filesystem: btrfs
system_disks:
- /dev/sda
- /dev/sdb
postgres_backup_dir: "/var/lib/postgres/backup"
archbuild_fs: 'btrfs'
zabbix_agent_templates:
- Template OS Linux
- Template App Borg Backup
- Template App Syncrepo
- Template App PostgreSQL
......@@ -2,7 +2,6 @@
orion.archlinux.org
vostok.archlinux.org
apollo.archlinux.org
soyuz.archlinux.org
luna.archlinux.org
dragon.archlinux.org
......@@ -33,7 +32,6 @@ ger.mirror.pkgbuild.com
[borg_clients]
orion.archlinux.org
apollo.archlinux.org
soyuz.archlinux.org
luna.archlinux.org
state.archlinux.org
matrix.archlinux.org
......@@ -54,7 +52,6 @@ bugs.archlinux.org
[postgresql_servers]
apollo.archlinux.org
soyuz.archlinux.org
state.archlinux.org
quassel.archlinux.org
......@@ -67,7 +64,6 @@ bugs.archlinux.org
[buildservers]
dragon.archlinux.org
soyuz.archlinux.org
sgp.mirror.pkgbuild.com
[gitlab_runners]
......
---
- name: setup soyuz
hosts: soyuz.archlinux.org
remote_user: root
roles:
- { role: common, tags: ['common'] }
- { role: tools, tags: ['tools'] }
- { role: sshd, tags: ['sshd'] }
- { role: unbound }
- { role: root_ssh, tags: ['root_ssh'] }
- { role: borg-client, tags: ['borg'] }
- { role: opendkim, dkim_selector: soyuz, tags: ['mail'] }
- { role: postfix, postfix_relayhost: "orion.archlinux.org", tags: ["mail", "postfix"] }
- { role: archusers, tags: ['archusers'] }
- { role: certbot }
- { role: nginx, tags: ["nginx"] }
- { role: sudo, tags: ['sudo', 'archusers'] }
- { role: sogrep, tags: ['sogrep'] }
- { role: archbuild, tags: ['archbuild'] }
- { role: public_html, public_domain: "pkgbuild.com", tags: ['public_html', 'nginx'] }
- { role: crond, tags: ['crond'] }
- { role: docker-image }
command="rsync --server -logDtprze.iLsfxC --delete --partial . ~/public_html/repo/",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDX5UOJ2aRK0LBSoWetHMwHNBItE9YrSWq7SWzDdX9R4bkvI38U/fKhWVWLpsQMczu90wT/VU2BN8PmcnPL091NqvqPC3NR9ol4KWJb5BhqRIUivwJ+yw2XTq5h4J7nhuS1OQo9HxD+g0KvnCCwvlHTAbnccu7FoEX9dGwwseUfgwaQl0rPM7LUgZ5uPZV0BbBnELe2xn9c1pcWkoVjOfZRzYwqfoQ8A4+dQYgZZwizbrE+sfOrPcPYvm+lSpqQ4Y91baOYXLbO1GyT1G3oBppqzwcJ4utbfaOSr+gOrA2B6QwqYts22UHdqY/9QLUjTg/MbitsS4bVttMaQPjTU5yUEn5iJIBkPGpfrOtDfo9v0pZ6PoKKsQ7DjmiYG6BYHckNTi5We7XMVVC7zBCJ8HQGoq7RvIrsebBtMrA8Vh3JhBcD7K+I2CVy4cOOwlW7uYchFvxJwkbSlLgFxpMxsHtrJSIx/8C6gMrdnls08/BXYhpHoQOhcdSyNL2jqeqpROSEUdemhbMEj0E6o289mD6bqYmnoz6HJmpVVYhFh8+I4lSbN3PNjHoAZhKiC9+6qf744y5+jR7FBTnBebZlPmnNaF+j6/lJ0N7A5Fggo8NzF8/qHFgSvyJ9N0lxWKIkc6yfH1a9GKJEs0Ng+2yMEBoZdJzrPTuU0iBMJYivct1okw==
......@@ -12,8 +12,8 @@ ARCHIVE_USER=archive
ARCHIVE_GROUP=archive
# Package extensions
PKGEXT='.pkg.tar.xz'
PKGSIG="$PKGEXT.sig"
PKGREGEX='\.pkg\.tar(\.(gz|bz2|xz|zst|lrz|lzo|Z|lz4|lz))?'
PKGSIGREGEX="$PKGREGEX\.sig"
# Umask used when archiving
UMASK=022
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment