WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-26 11:36:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
012447730e5696794deac2deb741bab16d2f28b2
fedora-infra_ansible/inventory/group_vars/value_stg
Kevin Fenzi 4b31ac5152 ansible: Change all our group names from foo-bar to foo_bar or foo-bar-baz to foo_bar_baz 
In ansible 2.8 the - character isn't supposed to be valid in group names.
While we could override this, might has well just bite the bullet and change it.
So, just switch all group names to use _ instead of -

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2019-05-20 17:38:09 +00:00

67 lines
2.2 KiB
Plaintext
Raw Blame History

---
# Define resources for this group of hosts here.
lvm_size: 30000
mem_size: 6144
num_cpus: 2
# for systems that do not match the above - specify the same parameter in
# the host_vars/$hostname file
tcp_ports: [ 80, 443,
# These 16 ports are used by fedmsg. One for each wsgi thread.
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
custom_rules: [
# Neeed for rsync from log01 for logs.
'-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
# Needed to let nagios on noc01 and noc02 (noc01.stg) pipe alerts to zodbot here
'-A INPUT -p tcp -m tcp -s 10.5.126.41 --dport 5050 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 10.5.128.38 --dport 5050 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 152.19.134.192 --dport 5050 -j ACCEPT',
# batcave01 also needs access to announce commits.
'-A INPUT -p tcp -m tcp -s 10.5.126.23 --dport 5050 -j ACCEPT',
]
fas_client_groups: sysadmin-noc,fi-apprentice,sysadmin-web,sysadmin-mote,sysadmin-veteran
# These are consumed by a task in roles/fedmsg/base/main.yml
fedmsg_certs:
- service: shell
owner: root
group: sysadmin
can_send:
- logger.log
- service: supybot
owner: root
group: daemon
can_send:
# cookies!
- irc.karma
# standard meetbot stuff
- meetbot.meeting.complete
- meetbot.meeting.start
- meetbot.meeting.topic.update
# meetbot line items
- meetbot.meeting.item.agreed
- meetbot.meeting.item.accepted
- meetbot.meeting.item.rejected
- meetbot.meeting.item.action
- meetbot.meeting.item.info
- meetbot.meeting.item.idea
- meetbot.meeting.item.help
- meetbot.meeting.item.link
# For the MOTD
csi_security_category: Moderate
csi_primary_contact: mote admins - sysadmin-mote-members@fedoraproject.org
csi_purpose: Hosts staging services which help facilitate communication over IRC and related mediums.
csi_relationship: |
There are a couple things running here.
* ursabot, a supybot instance. See the zodbot SOP for more info.
* fedmsg-irc, our staging fedmsg to IRC relay. 'journalctl -u fedmsg-irc'
* mote, a webapp running behind httpd that serves meetbot log files.
Reference in New Issue View Git Blame Copy Permalink