mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-03-20 03:57:02 +08:00
33 lines
1.2 KiB
Plaintext
33 lines
1.2 KiB
Plaintext
---
|
|
# Define resources for this group of hosts here.
|
|
ansible_ifcfg_allowlist:
|
|
- eth0
|
|
- eth1
|
|
# For the MOTD
|
|
# for systems that do not match the above - specify the same parameter in
|
|
# the host_vars/$hostname file
|
|
|
|
# Make connections from signing bridges stateless, they break sigul connections
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1283364
|
|
custom_rules: ['-A INPUT --proto tcp --sport 44334 --source 10.16.169.120 -j ACCEPT']
|
|
nft_custom_rules: ['add rule ip filter INPUT ip saddr 10.16.169.120 tcp sport 44334 counter accept']
|
|
host_group: autosign
|
|
ipa_client_shell_groups:
|
|
- sysadmin-releng
|
|
ipa_client_sudo_groups:
|
|
- sysadmin-releng
|
|
ipa_host_group: autosign
|
|
ipa_host_group_desc: Hosts signing content automatically
|
|
lvm_size: 30000
|
|
mem_size: 2048
|
|
nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
|
|
num_cpus: 2
|
|
|
|
notes: |
|
|
Automatically sign Rawhide and Branched packages
|
|
|
|
This host will run the robosignatory application which should automatically sign
|
|
builds. It listens to koji over fedora-messaging for notifications of new builds,
|
|
and then asks sigul, the signing server, to sign the rpms and store the new rpm
|
|
header back in Koji.
|