Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ubuntu 18.04, round 2 #219

Merged
merged 209 commits into from Dec 15, 2020
Merged

Ubuntu 18.04, round 2 #219

merged 209 commits into from Dec 15, 2020

Conversation

aerickson
Copy link
Member

@aerickson aerickson commented Aug 26, 2020
edited

based on #217

DONE:

  • sudoers fixing and testing
  • install/manage puppet 6
  • puppet run at boot (modules/puppet/manifests/atboot.pp)
  • modules/gui (configure xvfb for autologin)
  • disable services
    • gdm / Xwayland via systemd default
  • Xsession
    • g-w start
  • locale
  • updated to latest g-w/tc components
  • fix/add talos stuff
    • BC says http proxy not required, tests seem to confirm
  • disable services
    • gnome-initial-setup
    • deja-dup-monitor, update-notifier
    • those mentioned in modules/disableservices in build-puppet
  • added imagemagick 7
  • added psutil (https://bugzilla.mozilla.org/show_bug.cgi?id=1667166)
  • chrome autoupdate
  • write more spec tests
  • updated to latest g-w/tc components, again
  • added tc start-worker
  • use tc start-worker / worker-runner
  • operator hold mode (similar to quarantine)
  • securitize module
    • remove root pw
    • remove relops pw
    • add relops users ssh keys to relops user's authorized keys
    • relops can sudo all without pw
  • mercurial upgrade/debugging
  • grub timeout to 10 seconds
  • compare services, processes to 1604 on moonshot
  • compare packages to 1804 docker image
  • change worker type in gecko_t_linux_talos_generic_worker.pp

TESTING:

TODO:

  • nothing before landing

TODO (after merging this PR):

  • modules/roles_profiles/manifests/profiles/gecko_t_linux_talos_generic_worker.pp: point at master, vs this branch
    • can't do in this PR as the role already exists on master and it would revert the currently running test hosts

FUTURE PRS:

  • syslog/papertrail
  • auditd
  • telegraf
  • repo pinning?
    • what repos are enabled?
  • nrpe checks?
  • firewall fixing
    • copy from puppetagain, low priority

@aerickson aerickson changed the title Moonshot 1804 work Ubuntu 18.04 Sep 23, 2020
@aerickson aerickson changed the title Ubuntu 18.04 Ubuntu 18.04, round 2 Sep 23, 2020
@aerickson aerickson self-assigned this Dec 2, 2020
dividehex
dividehex previously approved these changes Dec 11, 2020
View reviewed changes
Copy link
Contributor

@dividehex dividehex left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

r+ with changes recommended inline

modules/linux_packages/manifests/psutil_py2.pp Outdated
# file, You can obtain one at http://mozilla.org/MPL/2.0/.

class linux_packages::psutil_py2 {
require linux_packages::py3
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should this be py2?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, will fix.

modules/users/manifests/add_relops_keys_to_relops_user.pp
@@ -0,0 +1,45 @@
# This Source Code Form is subject to the terms of the Mozilla Public
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No need to add all user keys to the relops user. It just needs the relops_common keys

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK. Will change.

@aerickson aerickson merged commit 4252395 into mozilla-platform-ops:master Dec 15, 2020
@aerickson aerickson deleted the moonshot_1804 branch December 15, 2020 17:50
@aerickson aerickson mentioned this pull request Jan 6, 2021
Merged
@aerickson aerickson mentioned this pull request Jun 4, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dividehex dividehex dividehex approved these changes

@davehouse davehouse Awaiting requested review from davehouse

Assignees

@aerickson aerickson

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@aerickson @dividehex @davehouse