WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-03-20 03:57:02 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
55f225d4284adf468e7b568a685b1f68987031bb
fedora-infra_ansible/inventory/group_vars/pagure_stg
Greg Sutcliffe e30e0e2114 Zabbix: Rework how PSKs are defined in Ansible 
The "file+env_suffix" is a problem when dealing with hosts like
pagure-stg01 that actually exists in prod. We can't override env_suffix
without breaking many things.

Instead, the PSKs are now defined directly in the private vars, instead
of in a file, and the variable name is then read from inventory vars.
This means we can override it for a group/host.

Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
2025-10-03 13:27:05 +01:00

54 lines
1.5 KiB
Plaintext
Raw Blame History

---
# Define resources for this group of hosts here.
# For the MOTD
env: pagure-staging
env_prefix: stg.
env_suffix: .stg
env_short: stg
freezes: false
git_basepath: /srv/git/repositories
git_daemon_user: git
# Configuration for the git-daemon/server
git_group: git
git_port: 9418
git_server: /usr/libexec/git-core/git-daemon
git_server_args: --export-all --syslog --inetd --verbose
ipa_client_shell_groups:
- sysadmin-noc
- sysadmin-web
- sysadmin-veteran
ipa_client_sudo_groups:
- sysadmin-web
ipa_host_group: pagure
ipa_host_group_desc: Pagure GIT Forge
lvm_size: 50000
mem_size: 8192
num_cpus: 4
postfix_group: vpn.pagure-stg
sshd_config: ssh/sshd_config.pagure
sshd_keyhelper: true
stunnel_destination_port: 8080
stunnel_service: "eventsource"
stunnel_source_port: :::8088
# for systems that do not match the above - specify the same parameter in
# the host_vars/$hostname file
tcp_ports: [22, 25, 80, 443, 9418,
# Used for the eventsource server
8088]
vpn: true
# Pagure-stg has special needs for monitoring
zabbix_host: zabbix01.vpn.fedoraproject.org
zabbix_server: "{{ zabbix_hostname }}"
zabbix_auth_key: "{{ zabbix_apikey }}" # ansible-private repo
zabbix_tls_psk: "{{ zabbix_tls_prod_psk }}" # in ansible-private repo, pagure-stg is weird...
notes: |
Run the pagure instances for fedora
There are a few things running here:
* The apache/mod_wsgi app for pagure
* This host relies on:
* A postgres db server running locally
* Things that rely on this host:
* nothing currently
Reference in New Issue View Git Blame Copy Permalink