mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-02-02 20:59:02 +08:00
48 lines
1.3 KiB
Plaintext
48 lines
1.3 KiB
Plaintext
---
|
|
freezes: false
|
|
|
|
host_group: copr_hypervisor
|
|
|
|
vpn: true
|
|
ipa_client_shell_groups:
|
|
- sysadmin-noc
|
|
- sysadmin-copr
|
|
|
|
ipa_client_sudo_groups:
|
|
- sysadmin-copr
|
|
|
|
ipa_host_group: copr-vmhost
|
|
ipa_host_group_desc: Copr hypervisors
|
|
|
|
postfix_group: vpn
|
|
primary_auth_source: ipa
|
|
|
|
nbde_device: /dev/md2
|
|
nbde_client_bindings:
|
|
- device: "{{ nbde_device }}"
|
|
encryption_password: "{{ nbde_password }}"
|
|
password_temporary: no
|
|
threshold: 1
|
|
servers:
|
|
- http://tang01.rdu3.fedoraproject.org
|
|
- http://tang02.rdu3.fedoraproject.org
|
|
|
|
libvirt_host: "{{ inventory_hostname }}"
|
|
|
|
nft_custom_rules:
|
|
- add rule ip filter INPUT iifname virbr0 udp dport bootps accept
|
|
- add rule ip filter INPUT iifname virbr0 udp dport 53 accept
|
|
- add rule ip filter INPUT iifname virbr0 tcp dport ssh accept
|
|
- add rule ip filter FORWARD iifname "virbr0" oif != "virbr0" counter accept
|
|
- add rule ip filter FORWARD iifname "virbr0" ct state new counter accept
|
|
- add rule ip filter FORWARD ct state established,related counter accept
|
|
- add rule ip filter FORWARD ip protocol icmp counter accept
|
|
|
|
zabbix_macros:
|
|
CPU.UTIL.CRIT: 100
|
|
MEMORY.UTIL.MAX: 100
|
|
NET.IF.IFNAME.NOT_MATCHES: "^(vnet.*|virbr.*)"
|
|
SWAP.PFREE.MIN.WARN: 0
|
|
VFS.DEV.READ.AWAIT.WARN: 40
|
|
VFS.DEV.WRITE.AWAIT.WARN: 80
|