Enter log01, bravest of the brave
This commit is contained in:
Kevin Fenzi
parent
10c4c85a53
commit
92549b5c05
42 changed files with 97 additions and 67 deletions
|
|
@ -8,8 +8,8 @@ tcp_ports: [ 80, 443,
|
|||
# These 8 ports are used by fedmsg. One for each wsgi thread.
|
||||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-ask,fi-apprentice
|
||||
|
||||
|
|
|
|||
|
|
@ -8,8 +8,8 @@ tcp_ports: [ 80, 443,
|
|||
# These 8 ports are used by fedmsg. One for each wsgi thread.
|
||||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-ask,fi-apprentice
|
||||
|
||||
|
|
|
|||
|
|
@ -12,8 +12,8 @@ tcp_ports: [ 80, 443,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-badges
|
||||
|
||||
|
|
|
|||
|
|
@ -12,8 +12,8 @@ tcp_ports: [ 80, 443,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-badges
|
||||
|
||||
|
|
|
|||
|
|
@ -15,8 +15,8 @@ tcp_ports: [ 80, 443,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc
|
||||
|
||||
|
|
|
|||
|
|
@ -15,8 +15,8 @@ tcp_ports: [ 80, 443,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc
|
||||
|
||||
|
|
|
|||
|
|
@ -8,8 +8,8 @@ num_cpus: 2
|
|||
# the host_vars/$hostname file
|
||||
|
||||
tcp_ports: [ 80, 443, 6996 ]
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-datanommer,fi-apprentice
|
||||
|
||||
|
|
|
|||
|
|
@ -8,8 +8,8 @@ num_cpus: 1
|
|||
# the host_vars/$hostname file
|
||||
|
||||
tcp_ports: [ 80, 443, 6996 ]
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-datanommer,fi-apprentice
|
||||
|
||||
|
|
|
|||
|
|
@ -10,8 +10,8 @@ tcp_ports: [ 80,
|
|||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-web,fi-apprentice
|
||||
|
||||
|
|
|
|||
|
|
@ -9,8 +9,8 @@ tcp_ports: [ 80,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-web,fi-apprentice
|
||||
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ num_cpus: 2
|
|||
|
||||
tcp_ports: [ 80, 443 ]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-main,sysadmin-accounts
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ num_cpus: 2
|
|||
|
||||
tcp_ports: [ 80, 443 ]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-main,sysadmin-accounts
|
||||
|
|
|
|||
|
|
@ -12,8 +12,8 @@ tcp_ports: [ 80, 443,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-web
|
||||
|
||||
|
|
|
|||
|
|
@ -12,8 +12,8 @@ tcp_ports: [ 80, 443,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-web
|
||||
|
||||
|
|
|
|||
|
|
@ -12,8 +12,8 @@ tcp_ports: [ 80, 443,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc
|
||||
|
||||
|
|
|
|||
|
|
@ -12,8 +12,8 @@ tcp_ports: [ 80, 443,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc
|
||||
|
||||
|
|
|
|||
|
|
@ -12,8 +12,8 @@ tcp_ports: [ 80, 443,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc
|
||||
|
||||
|
|
|
|||
|
|
@ -12,8 +12,8 @@ tcp_ports: [ 80, 443,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc
|
||||
|
||||
|
|
|
|||
|
|
@ -14,8 +14,8 @@ tcp_ports: [ 80, 443,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-web
|
||||
|
||||
|
|
|
|||
|
|
@ -12,8 +12,8 @@ tcp_ports: [ 80, 443,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-web
|
||||
|
||||
|
|
|
|||
|
|
@ -8,8 +8,8 @@ num_cpus: 2
|
|||
# the host_vars/$hostname file
|
||||
|
||||
tcp_ports: [ 80, 443, 8888 ]
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-paste,fi-apprentice
|
||||
# This host doesn't freeze
|
||||
|
|
|
|||
|
|
@ -8,8 +8,8 @@ num_cpus: 2
|
|||
# the host_vars/$hostname file
|
||||
|
||||
tcp_ports: [ 80, 443, 8888 ]
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,sysadmin-paste,fi-apprentice
|
||||
# This host doesn't freeze
|
||||
|
|
|
|||
|
|
@ -12,8 +12,8 @@ tcp_ports: [ 80, 443,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc
|
||||
|
||||
|
|
|
|||
|
|
@ -12,8 +12,8 @@ tcp_ports: [ 80, 443,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc
|
||||
|
||||
|
|
|
|||
|
|
@ -12,8 +12,8 @@ tcp_ports: [ 80, 443, 5050,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,fi-apprentice
|
||||
|
||||
|
|
|
|||
|
|
@ -12,8 +12,8 @@ tcp_ports: [ 80, 443, 5050,
|
|||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
|
||||
# Neeed for rsync from log02 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
||||
fas_client_groups: sysadmin-noc,fi-apprentice
|
||||
|
||||
|
|
|
|||
|
|
@ -27,7 +27,10 @@
|
|||
- include: /srv/web/infra/ansible/playbooks/groups/bugzilla2fedmsg.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/buildhw.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/buildvm.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/busgateway.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/composers.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/datagrepper.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/dhcp.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/docs-backend.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/download.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/elections.yml
|
||||
|
|
@ -44,6 +47,7 @@
|
|||
- include: /srv/web/infra/ansible/playbooks/groups/mailman.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/mirrorlist.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/memcached.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/noc.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/notifs-backend.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/notifs-web.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/nuancier.yml
|
||||
|
|
@ -51,16 +55,17 @@
|
|||
- include: /srv/web/infra/ansible/playbooks/groups/paste.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/pkgdb.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/postgresl-server.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/resultsdb-prod.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/resultsdb-dev.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/resultsdb-stg.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/smtp-mm.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/summershum.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/sundries.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/tagger.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/taskotron-prod.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/taskotron-dev.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/taskotron-dev-clients.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/taskotron-stg-clients.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/taskotron.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/unbound.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/value.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/groups/virthost.yml
|
||||
|
|
@ -81,5 +86,6 @@
|
|||
- include: /srv/web/infra/ansible/playbooks/hosts/fedocal.dev.fedoraproject.org.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/hosts/hrf.cloud.fedoraproject.org.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/hosts/lists-dev.cloud.fedoraproject.org.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/hosts/logserver.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/hosts/logstash-dev.cloud.fedoraproject.org.yml
|
||||
- include: /srv/web/infra/ansible/playbooks/hosts/shogun-ca.cloud.fedoraproject.org.yml
|
||||
|
|
|
|||
|
|
@ -10,4 +10,4 @@ $InputFileFacility local6
|
|||
$InputRunFileMonitor
|
||||
|
||||
:msg, !contains, "type=AVC"
|
||||
local6.* @@log02:514
|
||||
local6.* @@log01:514
|
||||
|
|
|
|||
4
roles/base/files/rsyslog/rsyslog-log01
Normal file
4
roles/base/files/rsyslog/rsyslog-log01
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
#
|
||||
# Send everything on to central log01 logger machines
|
||||
#
|
||||
cron.*;kern.*;authpriv.*;local7.*;*.info;local6.none;local4.* @@log01:514
|
||||
4
roles/base/files/rsyslog/rsyslog-log01-nolocal4
Normal file
4
roles/base/files/rsyslog/rsyslog-log01-nolocal4
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
#
|
||||
# Send everything on to central log01 logger machines
|
||||
#
|
||||
cron.*;kern.*;authpriv.*;local7.*;*.info;local6.none @@log01:514
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
#
|
||||
# Send everything on to central log02 logger machines
|
||||
# Send everything on to central log01 logger machines
|
||||
#
|
||||
cron.*;kern.*;authpriv.*;local7.*;*.info;local6.none;local4.* @@log02:514
|
||||
cron.*;kern.*;authpriv.*;local7.*;*.info;local6.none;local4.* @@log01:514
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
#
|
||||
# Send everything on to central log02 logger machines
|
||||
# Send everything on to central log01 logger machines
|
||||
#
|
||||
cron.*;kern.*;authpriv.*;local7.*;*.info;local6.none @@log02:514
|
||||
cron.*;kern.*;authpriv.*;local7.*;*.info;local6.none @@log01:514
|
||||
|
|
|
|||
|
|
@ -166,6 +166,22 @@
|
|||
tags:
|
||||
- rsyslogd
|
||||
- config
|
||||
|
||||
- name: log everything to log01 except on mirrorlist, do not log local4 there.
|
||||
copy: src=rsyslog/rsyslog-log01 dest=/etc/rsyslog.d/rsyslog-log01.conf mode=644
|
||||
when: not inventory_hostname.startswith('mirrorlist')
|
||||
tags:
|
||||
- rsyslogd
|
||||
- config
|
||||
- base
|
||||
|
||||
- name: log everything to log01 except on mirrorlist, do not log local4 there.
|
||||
copy: src=rsyslog/rsyslog-log01-nolocal4 dest=/etc/rsyslog.d/rsyslog-log01.conf mode=644
|
||||
when: inventory_hostname.startswith('mirrorlist')
|
||||
tags:
|
||||
- rsyslogd
|
||||
- config
|
||||
- base
|
||||
- base
|
||||
|
||||
- name: /etc/postfix/main.cf
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@
|
|||
-A OUTPUT -p tcp -m tcp -d 10.5.126.23 --dport 80 -j ACCEPT
|
||||
-A OUTPUT -p tcp -m tcp -d 10.5.126.23 --dport 443 -j ACCEPT
|
||||
|
||||
# rsyslog out to log02
|
||||
# rsyslog out to log01
|
||||
-A OUTPUT -p tcp -m tcp -d 10.5.126.29 --dport 514 -j ACCEPT
|
||||
|
||||
# SSH
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
LoadPlugin network
|
||||
|
||||
<Plugin "network">
|
||||
Server "log02"
|
||||
Server "log01"
|
||||
</Plugin>
|
||||
|
|
|
|||
|
|
@ -12,5 +12,5 @@ priority = 7
|
|||
# Report this many "top ranking hosts"
|
||||
#
|
||||
report_top = 10
|
||||
ignore_hosts = log02.vpn.fedoraproject.org log02.phx2.fedoraproject.org proxy3.vpn.fedoraproject.org proxy04.vpn.fedoraproject.org proxy6.vpn.fedoraproject.org proxy01.phx2.fedoraproject.org proxy07.vpn.fedoraproject.org proxy02.vpn.fedoraproject.org proxy03.vpn.fedoraproject.org proxy06.vpn.fedoraproject.org collab04.fedoraproject.org hosted04.fedoraproject.org admin.fedoraproject.org proxy01.stg.phx2.fedoraproject.org proxy08.vpn.fedoraproject.org proxy09.vpn.fedoraproject.org
|
||||
ignore_hosts = log01.vpn.fedoraproject.org log01.phx2.fedoraproject.org proxy3.vpn.fedoraproject.org proxy04.vpn.fedoraproject.org proxy6.vpn.fedoraproject.org proxy01.phx2.fedoraproject.org proxy07.vpn.fedoraproject.org proxy02.vpn.fedoraproject.org proxy03.vpn.fedoraproject.org proxy06.vpn.fedoraproject.org collab04.fedoraproject.org hosted04.fedoraproject.org admin.fedoraproject.org proxy01.stg.phx2.fedoraproject.org proxy08.vpn.fedoraproject.org proxy09.vpn.fedoraproject.org
|
||||
|
||||
|
|
|
|||
|
|
@ -1,3 +1,3 @@
|
|||
This role is for servers that have httpd access and error logs
|
||||
that we wish to sync to log02 to be able to review and backup.
|
||||
that we wish to sync to log01 to be able to review and backup.
|
||||
|
||||
|
|
|
|||
|
|
@ -13,4 +13,4 @@ path = /var/log
|
|||
uid = root
|
||||
gid = root
|
||||
read only = yes
|
||||
hosts allow = 10.5.126.29 192.168.1.56
|
||||
hosts allow = 10.5.126.13 192.168.1.59
|
||||
|
|
|
|||
|
|
@ -101,5 +101,5 @@ refuse options = checksum
|
|||
uid = root
|
||||
gid = root
|
||||
read only = yes
|
||||
hosts allow = 10.5.126.29 192.168.1.56
|
||||
hosts allow = 10.5.126.13 192.168.1.59
|
||||
list = no
|
||||
|
|
|
|||
|
|
@ -105,5 +105,5 @@ refuse options = checksum
|
|||
uid = root
|
||||
gid = root
|
||||
read only = yes
|
||||
hosts allow = 10.5.126.29
|
||||
hosts allow = 10.5.126.13
|
||||
list = no
|
||||
|
|
|
|||
|
|
@ -101,5 +101,5 @@ refuse options = checksum
|
|||
uid = root
|
||||
gid = root
|
||||
read only = yes
|
||||
hosts allow = 10.5.126.29 192.168.1.56
|
||||
hosts allow = 10.5.126.13 192.168.1.59
|
||||
list = no
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ path = /var/log
|
|||
uid = root
|
||||
gid = root
|
||||
read only = yes
|
||||
hosts allow = 10.5.126.29 192.168.1.56
|
||||
hosts allow = 10.5.126.13 192.168.1.59
|
||||
|
||||
[gather-easyfix]
|
||||
comment = Gather easyfix available in Fedora
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue