Commit a24c3aa9 authored by Holger Levsen's avatar Holger Levsen

reproducible Debian: re-add host profitbricks7 and use it to host buildinfos.debian.net

Signed-off-by: Holger Levsen's avatarHolger Levsen <holger@layer-acht.org>
parent 6a406c32
......@@ -14,6 +14,7 @@ Debian packages for t.r-b.o
Debian packages for t.r-b.o
** 16 cores and 48 GB memory for profitbricks-build15-amd64.debian.net used for building amd64 Debian packages for t.r-b.o, running in the future
** 9 cores and 36 GB memory for profitbricks-build16-i386.debian.net sed for building i386 Debian packages for t.r-b.o, running in the future
** 2 cores and 8 GB memory for profitbricks-build7-amd64.debian.net used for buildinfos.debian.net
** 5 cores and 10 GB memory for profitbricks-build9-amd64.debian.net used for rebootstrap jobs
** 4 cores and 12 GB memory for profitbricks-build10-amd64.debian.net used for chroot-installation jobs
** 9 cores and 19 GB memory for freebsd-jenkins.debian.net (also running on Profitbricks virtual hardware), used for building FreeBSD for t.r-b.o
......
......@@ -17,6 +17,7 @@ common_init "$@"
explain_nodes() {
case $JENKINS_NODENAME in
jenkins) ;;
profitbricks7) write_page "<br /><small>(buildinfos.debian.net)</small>" ;;
profitbricks9) write_page "<br /><small>(jenkins.d.n rebootstrap jobs)</small>" ;;
profitbricks10) write_page "<br /><small>(jenkins.d.n chroot-installation jobs)</small>" ;;
osuosl167) write_page "<br /><small>(http-proxy for osuosl nodes)</small>" ;;
......@@ -109,6 +110,7 @@ build_nodes_health_page() {
# worker.log links
case $JENKINS_NODENAME in
jenkins) write_page "<td></td>" ;;
profitbricks7) write_page "<td></td>" ;;
profitbricks9) write_page "<td></td>" ;;
profitbricks10) write_page "<td></td>" ;;
osuosl*) write_page "<td></td>" ;;
......@@ -125,6 +127,7 @@ build_nodes_health_page() {
for SUITE in ${SUITES} ; do
case $JENKINS_NODENAME in
jenkins) write_page "<td></td>" ;;
profitbricks7) write_page "<td></td>" ;;
profitbricks9) write_page "<td></td>" ;;
profitbricks10) write_page "<td></td>" ;;
osuosl*) write_page "<td></td>" ;;
......@@ -211,6 +214,7 @@ build_graph_overview_pages() {
if [ "$GRAPH" = "jenkins_reproducible_builds" ] ; then
case $JENKINS_NODENAME in
jenkins) write_page "<td></td>" ; continue ;;
profitbricks7) write_page "<td></td>" ; continue ;;
profitbricks9) write_page "<td></td>" ; continue ;;
profitbricks10) write_page "<td></td>" ; continue ;;
osuosl*) write_page "<td></td>" ; continue ;;
......
......@@ -106,7 +106,6 @@ Use https-redirect reproducible-builds.org
Use https-redirect www.reproducible-builds.org
Use https-redirect diffoscope.org
Use https-redirect www.diffoscope.org
Use https-redirect buildinfos.debian.net
<VirtualHost *:80>
Use common-directives tests.reproducible-builds.org
......@@ -289,11 +288,3 @@ Use https-redirect buildinfos.debian.net
# just redirect everything to the new hostname
Redirect permanent / https://tests.reproducible-builds.org/
</VirtualHost>
<VirtualHost *:443>
use common-directives buildinfos.debian.net
Use common-directives-ssl buildinfos.debian.net
AddDefaultCharset utf-8
RedirectMatch permanent ^/$ https://buildinfos.debian.net/ftp-master.debian.org/buildinfo/
DocumentRoot /var/lib/jenkins/userContent/reproducible/debian/
</VirtualHost>
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default
# This is also true if you have upgraded from before 2.2.9-3 (i.e. from
# Debian etch). See /usr/share/doc/apache2.2-common/NEWS.Debian.gz and
# README.Debian.gz
#NameVirtualHost *:80
Listen 80
<IfModule mod_ssl.c>
# If you add NameVirtualHost *:443 here, you will also have to change
# the VirtualHost statement in /etc/apache2/sites-available/default-ssl
# to <VirtualHost *:443>
# Server Name Indication for SSL named virtual hosts is currently not
# supported by MSIE on Windows XP.
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
<Macro https-redirect $name>
<VirtualHost *:80>
ServerName $name
ServerAdmin holger@layer-acht.org
Redirect permanent / https://$name/
</VirtualHost>
</Macro>
<Macro common-directives-ssl $name>
SSLEngine on
SSLCertificateKeyFile /etc/apache2/ssl/$name.key
SSLCertificateFile /etc/apache2/ssl/$name.pem
SSLCipherSuite HIGH:!aNULL:!eNULL:!EXP:!LOW:!MD5
SSLHonorCipherOrder on
Header always add Strict-Transport-Security "max-age=15552000"
</Macro>
<Macro common-directives $name>
ServerName $name
ServerAdmin holger@layer-acht.org
#block bad bots with a 403
SetEnvIf User-Agent "AhrefsBot" bad_bot
SetEnvIf User-Agent "Baiduspider" bad_bot
SetEnvIf User-Agent "bingbot" bad_bot
SetEnvIf User-Agent "DotBot" bad_bot
SetEnvIf User-Agent "Exabot" bad_bot
SetEnvIf User-Agent "Experibot" bad_bot
SetEnvIf User-Agent "facebookexternalhit" bad_bot
SetEnvIf User-Agent "FlipboardProxy" bad_bot
SetEnvIf User-Agent "Googlebot" bad_bot
SetEnvIf User-Agent "ltx71" bad_bot
SetEnvIf User-Agent "mediawords" bad_bot
SetEnvIf User-Agent "MetaURI" bad_bot
SetEnvIf User-Agent "MJ12bot" bad_bot
SetEnvIf User-Agent "SemrushBot" bad_bot
SetEnvIf User-Agent "Slackbot" bad_bot
SetEnvIf User-Agent "Sogou" bad_bot
SetEnvIf User-Agent "Twitterbot" bad_bot
SetEnvIf User-Agent "yacybot" bad_bot
SetEnvIf User-Agent "ZoomBot" bad_bot
#end block bad bots
<Directory />
Options FollowSymLinks
AllowOverride None
<Limit GET POST HEAD>
Order Allow,Deny
Allow from all
Deny from env=bad_bot
</Limit>
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all granted
AddType text/plain .log
<Limit GET POST HEAD>
Order Allow,Deny
Allow from all
Deny from env=bad_bot
</Limit>
</Directory>
<Directory /var/lib/jenkins/userContent>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all granted
AddType text/plain .log
<Limit GET POST HEAD>
Order Allow,Deny
Allow from all
Deny from env=bad_bot
</Limit>
</Directory>
<FilesMatch "\.gz$">
Header append Content-Encoding gzip
# this causes errors 406 to client connecting without Accept-Encoding=gzip.
#AddEncoding gzip .gz
ForceType text/plain
</FilesMatch>
RewriteEngine on
ProxyRequests Off
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</Macro>
Use https-redirect buildinfos.debian.net
<VirtualHost *:443>
use common-directives buildinfos.debian.net
Use common-directives-ssl buildinfos.debian.net
AddDefaultCharset utf-8
RedirectMatch permanent ^/$ https://buildinfos.debian.net/ftp-master.debian.org/buildinfo/
DocumentRoot /var/lib/jenkins/userContent/reproducible/debian/
</VirtualHost>
......@@ -322,6 +322,7 @@
- 'profitbricks2': { my_arch: 'i386' }
- 'profitbricks5': { my_arch: 'amd64' }
- 'profitbricks6': { my_arch: 'i386' }
- 'profitbricks7': { my_arch: 'amd64' }
- 'profitbricks9': { my_arch: 'amd64' }
- 'profitbricks10': { my_arch: 'amd64' }
- 'profitbricks11': { my_arch: 'amd64' }
......@@ -381,6 +382,7 @@
- 'profitbricks2': { my_arch: 'i386' }
- 'profitbricks5': { my_arch: 'amd64' }
- 'profitbricks6': { my_arch: 'i386' }
- 'profitbricks7': { my_arch: 'amd64' }
- 'profitbricks9': { my_arch: 'amd64' }
- 'profitbricks10': { my_arch: 'amd64' }
- 'profitbricks11': { my_arch: 'amd64' }
......
......@@ -22,6 +22,10 @@
ip: 213.244.192.14
keys:
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAMBF2j2Xq41fXFC2z5O23AMB4wRqkiisge5hv8BjUxG root@profitbricks-build6-i386
- hostname: profitbricks-build7-amd64.debian.net
ip: 157.97.110.83
keys:
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH/0IyXWVtgFqrOwwe68VUhbs6fj4wFqKWPgPRI0NOat root@debian
- hostname: profitbricks-build9-amd64.debian.net
ip: 46.16.78.222
keys:
......
......@@ -290,10 +290,12 @@ if [ -f /etc/debian_version ] ; then
osuosl-build173-amd64) DEBS="$DEBS libdpkg-perl libwww-mechanize-perl sbuild" ;;
*) ;;
esac
# install squid on a few nodes only
# install squid / apache2 on a few nodes only
case $HOSTNAME in
profitbricks-build1-a*|profitbricks-build10*|codethink-sled16*|osuosl-build167*) DEBS="$DEBS
squid" ;;
profitbricks-build7-a*) DEBS="$DEBS
apache2" ;;
*) ;;
esac
# notifications are only done from a view nodes
......@@ -539,7 +541,7 @@ sudo chown root.root /etc/sudoers.d/jenkins ; sudo chmod 700 /etc/sudoers.d/jenk
sudo chown root.root /etc/sudoers.d/jenkins-adm ; sudo chmod 700 /etc/sudoers.d/jenkins-adm
[ -f /etc/mailname ] || ( echo $HOSTNAME.debian.net | sudo tee /etc/mailname )
if [ "$HOSTNAME" = "jenkins" ] ; then
if [ "$HOSTNAME" = "jenkins" ] || [ "$HOSTNAME" = "profitbricks-build7-amd64" ] ; then
if ! $UP2DATE || [ $BASEDIR/hosts/$HOSTNAME/etc/apache2 -nt $STAMP ] ; then
if [ ! -e /etc/apache2/mods-enabled/proxy.load ] ; then
sudo a2enmod proxy
......@@ -550,9 +552,14 @@ if [ "$HOSTNAME" = "jenkins" ] ; then
sudo a2enmod macro
sudo a2enmod filter
fi
sudo a2ensite -q jenkins.debian.net
if [ "$HOSTNAME" = "jenkins" ] ; then
sudo a2ensite -q jenkins.debian.net
sudo chown jenkins-adm.jenkins-adm /etc/apache2/sites-enabled/jenkins.debian.net.conf
else # "$HOSTNAME" = "profitbricks-build7-amd64"
sudo a2ensite -q buildinfos.debian.net
sudo chown jenkins-adm.jenkins-adm /etc/apache2/sites-enabled/buildinfos.debian.net.conf
fi
sudo a2enconf -q munin
sudo chown jenkins-adm.jenkins-adm /etc/apache2/sites-enabled/jenkins.debian.net.conf
# for reproducible.d.n url rewriting:
[ -L /var/www/userContent ] || sudo ln -sf /var/lib/jenkins/userContent /var/www/userContent
sudo service apache2 reload
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment