[Git][qa/jenkins.debian.net][master] reproducible: Add armhf build nodes: virt32z and virt64z.
Vagrant Cascadian (@vagrant)
gitlab at salsa.debian.org
Wed Feb 7 22:53:19 GMT 2024
Vagrant Cascadian pushed to branch master at Debian QA / jenkins.debian.net
Commits:
8700924a by Vagrant Cascadian at 2024-02-07T14:50:49-08:00
reproducible: Add armhf build nodes: virt32z and virt64z.
- - - - -
11 changed files:
- + hosts/virt32z
- + hosts/virt32z-armhf-rb/etc/munin/munin-node.conf
- + hosts/virt32z-armhf-rb/etc/postfix/main.cf
- + hosts/virt32z-armhf-rb/etc/ssh/sshd_config
- + hosts/virt32z-armhf-rb/etc/ssh/sshd_config.d/jdn.port-2267.conf
- + hosts/virt64z
- + hosts/virt64z-armhf-rb/etc/munin/munin-node.conf
- + hosts/virt64z-armhf-rb/etc/postfix/main.cf
- + hosts/virt64z-armhf-rb/etc/ssh/sshd_config
- + hosts/virt64z-armhf-rb/etc/ssh/sshd_config.d/jdn.port-2268.conf
- nodes/list.yml
Changes:
=====================================
hosts/virt32z
=====================================
@@ -0,0 +1 @@
+virt32z-armhf-rb/
\ No newline at end of file
=====================================
hosts/virt32z-armhf-rb/etc/munin/munin-node.conf
=====================================
@@ -0,0 +1,66 @@
+#
+# Example config-file for munin-node
+#
+
+log_level 4
+log_file /var/log/munin/munin-node.log
+pid_file /var/run/munin/munin-node.pid
+
+background 1
+setsid 1
+
+user root
+group root
+
+# This is the timeout for the whole transaction.
+# Units are in sec. Default is 15 min
+#
+# global_timeout 900
+
+# This is the timeout for each plugin.
+# Units are in sec. Default is 1 min
+#
+# timeout 60
+
+# Regexps for files to ignore
+ignore_file [\#~]$
+ignore_file DEADJOE$
+ignore_file \.bak$
+ignore_file %$
+ignore_file \.dpkg-(tmp|new|old|dist)$
+ignore_file \.rpm(save|new)$
+ignore_file \.pod$
+
+# Set this if the client doesn't report the correct hostname when
+# telnetting to localhost, port 4949
+#
+#host_name localhost.localdomain
+
+# A list of addresses that are allowed to connect. This must be a
+# regular expression, since Net::Server does not understand CIDR-style
+# network notation unless the perl module Net::CIDR is installed. You
+# may repeat the allow line as many times as you'd like
+
+allow ^127\.0\.0\.1$
+allow ^::1$
+
+# If you have installed the Net::CIDR perl module, you can use one or more
+# cidr_allow and cidr_deny address/mask patterns. A connecting client must
+# match any cidr_allow, and not match any cidr_deny. Note that a netmask
+# *must* be provided, even if it's /32
+#
+# Example:
+#
+# cidr_allow 127.0.0.1/32
+# cidr_allow 192.0.2.0/24
+# cidr_deny 192.0.2.42/32
+
+# Which address to bind to;
+host *
+# host 127.0.0.1
+
+# And which port
+port 4949
+
+allow ^78\.137\.96\.196
+hostname virt32z-armhf-rb.debian.net
=====================================
hosts/virt32z-armhf-rb/etc/postfix/main.cf
=====================================
@@ -0,0 +1,41 @@
+# See /usr/share/postfix/main.cf.dist for a commented, more complete version
+
+
+# Debian specific: Specifying a file name will cause the first
+# line of that file to be used as the name. The Debian default
+# is /etc/mailname.
+#myorigin = /etc/mailname
+
+smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
+biff = no
+
+# appending .domain is the MUA's job.
+append_dot_mydomain = no
+
+# Uncomment the next line to generate "delayed mail" warnings
+#delay_warning_time = 4h
+
+readme_directory = no
+
+# TLS parameters
+smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
+smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
+smtpd_use_tls=yes
+smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
+smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
+
+# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
+# information on enabling SSL in the smtp client.
+
+myhostname = virt32z-armhf-rb.debian.net
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+myorigin = /etc/mailname
+mydestination = virt32z-armhf-rb.debian.net, localhost
+relayhost = mail.holgerlevsen.de
+#mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
+mynetworks = 127.0.0.0/8
+mailbox_size_limit = 0
+recipient_delimiter = +
+inet_interfaces = all
+mailbox_command = /usr/bin/procmail -a "$EXTENSION"
=====================================
hosts/virt32z-armhf-rb/etc/ssh/sshd_config
=====================================
@@ -0,0 +1,108 @@
+# Package generated configuration file
+# See the sshd_config(5) manpage for details
+
+# What ports, IPs and protocols we listen for
+Port 22
+Port 2278
+#AddressFamily any
+#ListenAddress ::
+#ListenAddress 0.0.0.0
+
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_ecdsa_key
+HostKey /etc/ssh/ssh_host_ed25519_key
+
+
+# Logging
+#SyslogFacility AUTH
+#LogLevel INFO
+
+# Authentication:
+
+#LoginGraceTime 2n
+PermitRootLogin prohibit-password
+#StrictModes yes
+#MaxAuthTries 6
+#MaxSessions 10
+
+PubkeyAuthentication yes
+
+AuthorizedKeysFile /var/lib/misc/userkeys/%u %h/.ssh/authorized_keys
+
+#AuthorizedPrincipalsFile none
+
+#AuthorizedKeysCommand none
+#AuthorizedKeysCommandUser nobody
+
+# For this to work you will also need host keys in /etc/ssh_known_hosts
+#HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# HostbasedAuthentication
+#IgnoreUserKnownHosts no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+IgnoreRhosts yes
+
+# To disable tunneled clear text passwords, change to no here!
+PasswordAuthentication no
+#PermitEmptyPasswords no
+
+# Change to yes to enable challenge-response passwords (beware issues with
+# some PAM modules and threads)
+ChallengeResponseAuthentication no
+
+# Change to no to disable tunnelled clear text passwords
+PasswordAuthentication no
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+#KerberosGetAFSToken no
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+#GSSAPIStrictAcceptorCheck yes
+#GSSAPIKeyExchange no
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication. Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+UsePAM yes
+
+#AllowAgentForwarding yes
+#AllowTcpForwarding yes
+#GatewayPorts no
+X11Forwarding no
+#X11DisplayOffset 10
+#X11UseLocalhost yes
+#PermitTTY yes
+PrintMotd no
+#PrintLastLog yes
+#TCPKeepAlive yes
+#UseLogin no
+#PermitUserEnvironment no
+#Compression delayed
+#ClientAliveInterval 0
+#ClientAliveCountMax 3
+#UseDNS no
+#PidFile /var/run/sshd.pid
+#MaxStartups 10:30:100
+#PermitTunnel no
+#ChrootDirectory none
+#VersionAddendum none
+
+# no default banner path
+#Banner none
+
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
+# override default of no subsystems
+Subsystem sftp /usr/lib/openssh/sftp-server
=====================================
hosts/virt32z-armhf-rb/etc/ssh/sshd_config.d/jdn.port-2267.conf
=====================================
@@ -0,0 +1 @@
+Port 2267
=====================================
hosts/virt64z
=====================================
@@ -0,0 +1 @@
+virt64z-armhf-rb/
\ No newline at end of file
=====================================
hosts/virt64z-armhf-rb/etc/munin/munin-node.conf
=====================================
@@ -0,0 +1,66 @@
+#
+# Example config-file for munin-node
+#
+
+log_level 4
+log_file /var/log/munin/munin-node.log
+pid_file /var/run/munin/munin-node.pid
+
+background 1
+setsid 1
+
+user root
+group root
+
+# This is the timeout for the whole transaction.
+# Units are in sec. Default is 15 min
+#
+# global_timeout 900
+
+# This is the timeout for each plugin.
+# Units are in sec. Default is 1 min
+#
+# timeout 60
+
+# Regexps for files to ignore
+ignore_file [\#~]$
+ignore_file DEADJOE$
+ignore_file \.bak$
+ignore_file %$
+ignore_file \.dpkg-(tmp|new|old|dist)$
+ignore_file \.rpm(save|new)$
+ignore_file \.pod$
+
+# Set this if the client doesn't report the correct hostname when
+# telnetting to localhost, port 4949
+#
+#host_name localhost.localdomain
+
+# A list of addresses that are allowed to connect. This must be a
+# regular expression, since Net::Server does not understand CIDR-style
+# network notation unless the perl module Net::CIDR is installed. You
+# may repeat the allow line as many times as you'd like
+
+allow ^127\.0\.0\.1$
+allow ^::1$
+
+# If you have installed the Net::CIDR perl module, you can use one or more
+# cidr_allow and cidr_deny address/mask patterns. A connecting client must
+# match any cidr_allow, and not match any cidr_deny. Note that a netmask
+# *must* be provided, even if it's /32
+#
+# Example:
+#
+# cidr_allow 127.0.0.1/32
+# cidr_allow 192.0.2.0/24
+# cidr_deny 192.0.2.42/32
+
+# Which address to bind to;
+host *
+# host 127.0.0.1
+
+# And which port
+port 4949
+
+allow ^78\.137\.96\.196
+hostname virt64z-armhf-rb.debian.net
=====================================
hosts/virt64z-armhf-rb/etc/postfix/main.cf
=====================================
@@ -0,0 +1,41 @@
+# See /usr/share/postfix/main.cf.dist for a commented, more complete version
+
+
+# Debian specific: Specifying a file name will cause the first
+# line of that file to be used as the name. The Debian default
+# is /etc/mailname.
+#myorigin = /etc/mailname
+
+smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
+biff = no
+
+# appending .domain is the MUA's job.
+append_dot_mydomain = no
+
+# Uncomment the next line to generate "delayed mail" warnings
+#delay_warning_time = 4h
+
+readme_directory = no
+
+# TLS parameters
+smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
+smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
+smtpd_use_tls=yes
+smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
+smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
+
+# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
+# information on enabling SSL in the smtp client.
+
+myhostname = virt64z-armhf-rb.debian.net
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+myorigin = /etc/mailname
+mydestination = virt64z-armhf-rb.debian.net, localhost
+relayhost = mail.holgerlevsen.de
+#mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
+mynetworks = 127.0.0.0/8
+mailbox_size_limit = 0
+recipient_delimiter = +
+inet_interfaces = all
+mailbox_command = /usr/bin/procmail -a "$EXTENSION"
=====================================
hosts/virt64z-armhf-rb/etc/ssh/sshd_config
=====================================
@@ -0,0 +1,108 @@
+# Package generated configuration file
+# See the sshd_config(5) manpage for details
+
+# What ports, IPs and protocols we listen for
+Port 22
+Port 2277
+#AddressFamily any
+#ListenAddress ::
+#ListenAddress 0.0.0.0
+
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_ecdsa_key
+HostKey /etc/ssh/ssh_host_ed25519_key
+
+
+# Logging
+#SyslogFacility AUTH
+#LogLevel INFO
+
+# Authentication:
+
+#LoginGraceTime 2n
+PermitRootLogin prohibit-password
+#StrictModes yes
+#MaxAuthTries 6
+#MaxSessions 10
+
+PubkeyAuthentication yes
+
+AuthorizedKeysFile /var/lib/misc/userkeys/%u %h/.ssh/authorized_keys
+
+#AuthorizedPrincipalsFile none
+
+#AuthorizedKeysCommand none
+#AuthorizedKeysCommandUser nobody
+
+# For this to work you will also need host keys in /etc/ssh_known_hosts
+#HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# HostbasedAuthentication
+#IgnoreUserKnownHosts no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+IgnoreRhosts yes
+
+# To disable tunneled clear text passwords, change to no here!
+PasswordAuthentication no
+#PermitEmptyPasswords no
+
+# Change to yes to enable challenge-response passwords (beware issues with
+# some PAM modules and threads)
+ChallengeResponseAuthentication no
+
+# Change to no to disable tunnelled clear text passwords
+PasswordAuthentication no
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+#KerberosGetAFSToken no
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+#GSSAPIStrictAcceptorCheck yes
+#GSSAPIKeyExchange no
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication. Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+UsePAM yes
+
+#AllowAgentForwarding yes
+#AllowTcpForwarding yes
+#GatewayPorts no
+X11Forwarding no
+#X11DisplayOffset 10
+#X11UseLocalhost yes
+#PermitTTY yes
+PrintMotd no
+#PrintLastLog yes
+#TCPKeepAlive yes
+#UseLogin no
+#PermitUserEnvironment no
+#Compression delayed
+#ClientAliveInterval 0
+#ClientAliveCountMax 3
+#UseDNS no
+#PidFile /var/run/sshd.pid
+#MaxStartups 10:30:100
+#PermitTunnel no
+#ChrootDirectory none
+#VersionAddendum none
+
+# no default banner path
+#Banner none
+
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
+# override default of no subsystems
+Subsystem sftp /usr/lib/openssh/sftp-server
=====================================
hosts/virt64z-armhf-rb/etc/ssh/sshd_config.d/jdn.port-2268.conf
=====================================
@@ -0,0 +1 @@
+Port 2268
=====================================
nodes/list.yml
=====================================
@@ -171,6 +171,11 @@
port: 2278
keys:
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcDy8+Np3RECS9RDxh0PerT2aCCcQSBF4pbiF0yJRep root at virt32c
+- hostname: virt32z-armhf-rb.debian.net
+ ip: 71.36.123.233
+ port: 2267
+ keys:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ7w/l5Houf99877W/SPQHQ7OzBPFD7rcrG2V5mSIrNJ root at virt32z
- hostname: virt64a-armhf-rb.debian.net
ip: 71.36.123.233
port: 2272
@@ -186,6 +191,11 @@
port: 2277
keys:
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMeb+cfelXWxi4O7ap/nnyPlBZ/pz6lV3UAUMXY6Q0BX root at virt64c
+- hostname: virt64z-armhf-rb.debian.net
+ ip: 71.36.123.233
+ port: 2268
+ keys:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICsvk15fTyzaP1LNL8lO46i3ttDncfh5C6g5N/6Jl81v root at virt64z
- hostname: wbq0-armhf-rb.debian.net
ip: 71.36.123.233
port: 2225
View it on GitLab: https://salsa.debian.org/qa/jenkins.debian.net/-/commit/8700924ae405d3de26ffd20323f2da341bb1cb8d
--
View it on GitLab: https://salsa.debian.org/qa/jenkins.debian.net/-/commit/8700924ae405d3de26ffd20323f2da341bb1cb8d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/qa-jenkins-scm/attachments/20240207/102f4005/attachment-0001.htm>
More information about the Qa-jenkins-scm
mailing list