infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions

move secondary sigul to phx2 forward zone

Browse source
This commit is contained in:
Kevin Fenzi 2016-05-23 17:25:05 +00:00
parent f79aa31144
commit 7f7951c79e
4 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
inventory/group_vars/autosign
View file

@ -9,7 +9,7 @@ num_cpus: 2
# Make connections from signing bridges stateless, they break sigul connections # Make connections from signing bridges stateless, they break sigul connections
# https://bugzilla.redhat.com/show_bug.cgi?id=1283364 # https://bugzilla.redhat.com/show_bug.cgi?id=1283364
custom_rules: ['-A INPUT --proto tcp --sport 44334 --source sign-bridge01.phx2.fedoraproject.org,secondary-bridge01.qa.fedoraproject.org -j ACCEPT'] custom_rules: ['-A INPUT --proto tcp --sport 44334 --source sign-bridge01.phx2.fedoraproject.org,secondary-bridge01.phx2.fedoraproject.org -j ACCEPT']
fas_client_groups: sysadmin-releng fas_client_groups: sysadmin-releng
host_group: autosign host_group: autosign

2
inventory/group_vars/autosign-hardware
View file

@ -1,6 +1,6 @@
--- ---
# Make connections from signing bridges stateless, they break sigul connections # Make connections from signing bridges stateless, they break sigul connections
# https://bugzilla.redhat.com/show_bug.cgi?id=1283364 # https://bugzilla.redhat.com/show_bug.cgi?id=1283364
custom_rules: ['-A INPUT --proto tcp --sport 44334 --source sign-bridge01.phx2.fedoraproject.org,secondary-bridge01.qa.fedoraproject.org -j ACCEPT'] custom_rules: ['-A INPUT --proto tcp --sport 44334 --source sign-bridge01.phx2.fedoraproject.org,secondary-bridge01.phx2.fedoraproject.org -j ACCEPT']
host_group: autosign host_group: autosign

4
inventory/inventory
View file

@ -213,14 +213,14 @@ bodhi-backend01.stg.phx2.fedoraproject.org
[sign-bridge] [sign-bridge]
sign-bridge01.phx2.fedoraproject.org sign-bridge01.phx2.fedoraproject.org
sign-bridge01.stg.phx2.fedoraproject.org sign-bridge01.stg.phx2.fedoraproject.org
secondary-bridge01.qa.fedoraproject.org secondary-bridge01.phx2.fedoraproject.org
# #
# sign vault servers don't listen to ssh by default. # sign vault servers don't listen to ssh by default.
# #
[sign-vault] [sign-vault]
#sign-vault03.phx2.fedoraproject.org #sign-vault03.phx2.fedoraproject.org
#sign-vault04.phx2.fedoraproject.org #sign-vault04.phx2.fedoraproject.org
#secondary-vault01.qa.fedoraproject.org #secondary-vault01.phx2.fedoraproject.org
#sign-vault01.stg.phx2.fedoraproject.org #sign-vault01.stg.phx2.fedoraproject.org
[autocloud-web] [autocloud-web]

2
playbooks/manual/sign-vault.yml
View file

@ -7,7 +7,7 @@
# Please check with rel-eng before doing anything here. # Please check with rel-eng before doing anything here.
- name: make sign-vault server vm (secondary and stg only) - name: make sign-vault server vm (secondary and stg only)
hosts: secondary-vault01.qa.fedoraproject.org:sign-vault01.stg.phx2.fedoraproject.org hosts: secondary-vault01.phx2.fedoraproject.org:sign-vault01.stg.phx2.fedoraproject.org
user: root user: root
gather_facts: False gather_facts: False