Re: Freeze break: add rsyncd to s390 hub

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Aug 05, 2015 at 10:44:06AM -0600, Kevin Fenzi wrote:
> So, I applied that, but we need some additional changes. ;( 
> 
> First, the secondary01 host uses the external ip to talk to the s390
> hub, so we need to allow that. Secondly, the ansible_fqdn for the s390
> hub isn't the internal name... 
> 
> More +1s?
> 
> diff --git a/inventory/host_vars/s390-koji01.qa.fedoraproject.org b/inventory/host_vars/s390-koji01.qa.fedorapr
> index 0543250..358d51b 100644
> --- a/inventory/host_vars/s390-koji01.qa.fedoraproject.org
> +++ b/inventory/host_vars/s390-koji01.qa.fedoraproject.org
> @@ -15,6 +15,11 @@ fas_client_groups: sysadmin-noc,sysadmin-secondary
>  
>  fedmsg_fqdn: s390-koji01.qa.fedoraproject.org
>  
> +custom_rules: [
> +    # Need for rsync from secondary01 for content.
> +    '-A INPUT -p tcp -m tcp -s 209.132.181.8 --dport 873 -j ACCEPT',
> +]
> +
>  sudoers: "{{ private }}/files/sudo/sysadmin-secondary-sudoers"
>  
>  #
> diff --git a/roles/rsyncd/files/rsyncd.conf.s390.koji.fedoraproject.org b/roles/rsyncd/files/rsyncd.conf.s390.k
> index ff7bf1f..e2abd5d 100644
> --- a/roles/rsyncd/files/rsyncd.conf.s390.koji.fedoraproject.org
> +++ b/roles/rsyncd/files/rsyncd.conf.s390.koji.fedoraproject.org
> @@ -21,4 +21,4 @@ path = /mnt/koji/tree/
>  uid = root
>  gid = root
>  read only = yes
> -hosts allow = 10.5.126.27
> +hosts allow = 209.132.181.8

+1 as well


Pierre

Attachment: pgpQnLcy8hucK.pgp
Description: PGP signature

_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure

[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux