38 lines
1.3 KiB
Text
38 lines
1.3 KiB
Text
---
|
|
# Define resources for this group of hosts here.
|
|
lvm_size: 30000
|
|
mem_size: 2048
|
|
num_cpus: 2
|
|
|
|
# for systems that do not match the above - specify the same parameter in
|
|
# the host_vars/$hostname file
|
|
|
|
# Make connections from signing bridges stateless, they break sigul connections
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1283364
|
|
custom_rules: ['-A INPUT --proto tcp --sport 44334 --source sign-bridge01.phx2.fedoraproject.org,secondary-bridge01.phx2.fedoraproject.org -j ACCEPT']
|
|
|
|
ansible_ifcfg_whitelist:
|
|
- eth0
|
|
- eth1
|
|
|
|
fas_client_groups: sysadmin-releng
|
|
host_group: autosign
|
|
|
|
fedmsg_error_recipients:
|
|
- puiterwijk@fedoraproject.org
|
|
|
|
nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
|
|
|
|
# For the MOTD
|
|
csi_security_category: High
|
|
csi_primary_contact: Release Engineering - rel-eng@lists.fedoraproject.org
|
|
csi_purpose: Automatically sign Rawhide and Branched packages
|
|
csi_relationship: |
|
|
This host will run the autosigner.py script which should automatically sign
|
|
new rawhide and branched builds. It listens to koji over fedmsg for
|
|
notifications of new builds, and then asks sigul, the signing server, to
|
|
sign the rpms and store the new rpm header back in Koji.
|
|
|
|
The script[1] currently runs in the foreground from a git checkout.
|
|
|
|
[1] https://pagure.io/releng/blob/master/f/scripts/autosigner.py
|