Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Turn on nftables for a few more staging groups.

Browse source 
Signed-off-by: James Antill <james@and.org>
This commit is contained in:
James Antill 2025-03-10 16:40:08 -04:00
parent 5c07d5b8c6
commit 8e8fc651fa
4 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
inventory/group_vars/koji_stg
View file

@ -19,6 +19,7 @@ lvm_size: 250000
mem_size: 32768
# NOTE -- staging mounts read-only
nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
nftables: true
num_cpus: 8
source_registry: "registry.stg.fedoraproject.org"
# for systems that do not match the above - specify the same parameter in

1
inventory/group_vars/pkgs_stg
View file

@ -33,6 +33,7 @@ ipa_host_group: pkgs
lvm_size: 500000
max_mem_size: 32768
mem_size: 16384
nftables: true
num_cpus: 8
pagure_static_uid: 600
# Configures ssh for git@ user

1
inventory/group_vars/proxies_stg
View file

@ -29,6 +29,7 @@ nft_custom_rules:
- 'add rule ip filter INPUT ip saddr 10.3.166.121 tcp dport 22623 counter accept'
- 'add rule ip filter INPUT ip saddr 10.3.166.122 tcp dport 22623 counter accept'
- 'add rule ip filter INPUT ip saddr 10.3.166.123 tcp dport 22623 counter accept'
nftables: true
external: true
ipa_client_shell_groups:
- fi-apprentice

1
inventory/group_vars/wiki_stg
View file

@ -13,6 +13,7 @@ ipa_host_group_desc: Fedora Wiki
lvm_size: 30000
mem_size: 4096
nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
nftables: true
num_cpus: 2
tcp_ports: [80]
# mediawiki variables