summaryrefslogtreecommitdiffstats
path: root/hosts/jenkins/etc
AgeCommit message (Collapse)AuthorFilesLines
2015-11-07mitigate jenkins remote execute 0-dayHelmut Grohne1-0/+2
https://jenkins-ci.org/content/mitigating-unauthenticated-remote-code-execution-0-day-jenkins-cli It seems that two channels need to be secured. The first is a custom tcp port which is firewalled anyway. The other part is urls starting with /cli. Instead of filtering this entry point in jenkins (and thus breaking bin/abort.sh), we apply the filtering in apache. Thus a local execute vulnerability remains, but we didn't care about those earlier.
2015-11-06add a munin plugin to plot OutOfMemoryError exceptionsHelmut Grohne1-0/+5
2015-11-04Allow Indexes on r-b.org/gitJérémy Bobbio1-0/+1
Even if Git can fetch the repositories, people are unhappy when they see a 403.
2015-10-31It's the Engine we turn on for rewritingJérémy Bobbio1-1/+1
2015-10-31Setup reproducible-builds.org websiteJérémy Bobbio1-8/+13
2015-10-31Revert "Setup reproducible-builds.org website"Holger Levsen1-4/+10
This reverts commit b32118218c89ad429ef26fa03ed16d55069728ac.
2015-10-31Setup reproducible-builds.org websiteJérémy Bobbio1-10/+4
2015-10-28pbuilder: set BUILDPLACE=/srv/workspace/pbuilder instead of using a symlinkMattia Rizzolo1-0/+1
otherwise `pbuilder clean` removes the symlink, and the following builds won't use the tmpfs, etc..
2015-10-18reproducible pbuilder hooks: use BUILDDIR, to comply with pbuilder 0.216Mattia Rizzolo3-10/+10
2015-10-17reproducible: silently delete…Holger Levsen1-1/+1
2015-10-17reproducible: cleanup with sudoHolger Levsen1-0/+1
2015-10-17reproducible arch: redirect /archlinux/Holger Levsen1-0/+6
2015-10-15run dsa-check-running-kernel and dsa-check-packages twice a day via cronHolger Levsen1-2/+2
2015-10-09add 'AddDefaultCharset utf-8' to all virtual hosts, thanks SantiagoHolger Levsen1-0/+3
2015-10-08reproducible: add profitbricks-build5-amd64 and profitbricks-build6-amd64Holger Levsen1-1/+30
2015-10-08reproducible: rename profitbricks-build3-amd64 to profitbricks-build5-amd64Holger Levsen1-5/+6
2015-10-05reproducible: replace 'ps fax|grep -v grep|grep foo|wc -l' with 'pgrep -fc foo'Holger Levsen1-1/+1
2015-10-04munin: exclude /sys/fs/cgroup in df* pluginsHolger Levsen1-1/+1
2015-10-04munin: stop graphing diskstats plugin and disable iostat_ios plugin everywhereHolger Levsen1-0/+40
2015-10-04reproducible: try harder to log the hostnameHolger Levsen1-1/+1
2015-10-03reproducible: run df on pbuilder failures to debug diskspace issuesHolger Levsen1-0/+4
2015-10-03reproducible: allow umounting schrootsHolger Levsen1-0/+1
2015-10-03munin/df plugin: exclude sysfs filesystems and /dev/shmHolger Levsen1-2/+2
2015-10-03reproducible: allow sudo where schroot-create.sh needs itHolger Levsen1-3/+4
2015-09-28reproducible: temporarily disable disorderfsHolger Levsen1-0/+3
we have problems properly unmounting it (or rather cleanup…) and I'm unable to debug and fix this properly atm. thus, to avoid false ftbfs due to out of disk space problems, we disable it temporarily.
2015-09-25update IPsHolger Levsen1-2/+2
2015-09-23reproducible: be more verbose when mounting+unmounting with disorderfsHolger Levsen3-0/+6
2015-09-22reproducible: enable disorderfs on hb0Holger Levsen1-1/+0
2015-09-22reproducible: also unmount disorderfs as root - compliment cf017798Holger Levsen2-2/+2
2015-09-22disorderfs is unneeded on the hostHolger Levsen1-1/+0
2015-09-22reproducible: remove cleanup code as each build job now cleans up before ↵Holger Levsen1-3/+0
starting a build
2015-09-22reproducible: install EXTRA_PACKAGES when setting up pbuilder and not during ↵Holger Levsen1-1/+1
each and every build - this is a followup for 049a78fc
2015-09-22Revert "reproducible: hosting is serious business, thanks for that too, Vagrant"Holger Levsen1-1/+1
This reverts commit 6db56cf69baf0808697148bb9cf84d18d65bfe77.
2015-09-22reproducible: hosting is serious business, thanks for that too, VagrantHolger Levsen1-1/+1
2015-09-22reproducible: install disorderfs within pbuilder on all nodesHolger Levsen1-2/+2
2015-09-22reproducible: (would) use new --multi-user=yes feature from disorderfs 0.3.0-1Holger Levsen1-4/+3
2015-09-22reproducible: fixup rewrite condition in c5a7c8a5Holger Levsen1-1/+1
2015-09-22reproducible: also rewrite /$suite/armhf/$pkg urls as expectedHolger Levsen1-3/+3
2015-09-22reproducible: fix commentHolger Levsen1-1/+1
2015-09-21add profitbricks-build3-amd64Holger Levsen1-1/+1
2015-09-21send munin notifications to qa-jenkins-scm@lists.alioth.debian.orgHolger Levsen1-1/+1
2015-09-15don't complain about low read io so earlyHolger Levsen1-0/+14
2015-09-13warn a bit later about almost full disksHolger Levsen1-4/+4
2015-09-12apache: do not pass /munin-cgi to the jenkins webui in the backendMattia Rizzolo1-0/+1
2015-09-10reproducible: call schroot without sudoHolger Levsen1-2/+0
2015-09-09reproducible: fixup sudo usageHolger Levsen1-1/+1
2015-09-09sigh, typosHolger Levsen1-2/+2
2015-09-09reproducible: allow to use schroot as needed (fixup acaeeaa2)Holger Levsen1-0/+2
2015-09-09reproducible: redirect '(/testing|unstable|/experimental)/(amd64|armhf)' and ↵Holger Levsen1-0/+10
'(/(amd64|armhf)' properly
2015-09-09munin: correctly graph past values when we had more cores. (Thanks to Steve ↵Holger Levsen1-0/+1
Schnepp for this.)