From 8e8fc651fa1ed6f281f8a52d1ed3822d8cadf326 Mon Sep 17 00:00:00 2001
From: James Antill <james@and.org>
Date: Mon, 10 Mar 2025 16:40:08 -0400
Subject: [PATCH] Turn on nftables for a few more staging groups.

Signed-off-by: James Antill <james@and.org>
---
 inventory/group_vars/koji_stg    | 1 +
 inventory/group_vars/pkgs_stg    | 1 +
 inventory/group_vars/proxies_stg | 1 +
 inventory/group_vars/wiki_stg    | 1 +
 4 files changed, 4 insertions(+)

diff --git a/inventory/group_vars/koji_stg b/inventory/group_vars/koji_stg
index eddc8f6d90..354edf27b1 100644
--- a/inventory/group_vars/koji_stg
+++ b/inventory/group_vars/koji_stg
@@ -19,6 +19,7 @@ lvm_size: 250000
 mem_size: 32768
 # NOTE -- staging mounts read-only
 nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
+nftables: true
 num_cpus: 8
 source_registry: "registry.stg.fedoraproject.org"
 # for systems that do not match the above - specify the same parameter in
diff --git a/inventory/group_vars/pkgs_stg b/inventory/group_vars/pkgs_stg
index cb6d74b002..a250dc466b 100644
--- a/inventory/group_vars/pkgs_stg
+++ b/inventory/group_vars/pkgs_stg
@@ -33,6 +33,7 @@ ipa_host_group: pkgs
 lvm_size: 500000
 max_mem_size: 32768
 mem_size: 16384
+nftables: true
 num_cpus: 8
 pagure_static_uid: 600
 # Configures ssh for git@ user
diff --git a/inventory/group_vars/proxies_stg b/inventory/group_vars/proxies_stg
index 33b33571df..c0a742705a 100644
--- a/inventory/group_vars/proxies_stg
+++ b/inventory/group_vars/proxies_stg
@@ -29,6 +29,7 @@ nft_custom_rules:
   - 'add rule ip filter INPUT ip saddr 10.3.166.121 tcp dport 22623 counter accept'
   - 'add rule ip filter INPUT ip saddr 10.3.166.122 tcp dport 22623 counter accept'
   - 'add rule ip filter INPUT ip saddr 10.3.166.123 tcp dport 22623 counter accept'
+nftables: true
 external: true
 ipa_client_shell_groups:
   - fi-apprentice
diff --git a/inventory/group_vars/wiki_stg b/inventory/group_vars/wiki_stg
index f87b60e28a..2e4346b0f6 100644
--- a/inventory/group_vars/wiki_stg
+++ b/inventory/group_vars/wiki_stg
@@ -13,6 +13,7 @@ ipa_host_group_desc: Fedora Wiki
 lvm_size: 30000
 mem_size: 4096
 nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
+nftables: true
 num_cpus: 2
 tcp_ports: [80]
 # mediawiki variables