---
# Define resources for this group of hosts here.
# For the MOTD
custom_rules: [
  # Needed for rsync from log01 for logs.
  '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
  # Needed to let nagios on noc01 and noc02 pipe alerts to zodbot here
  '-A INPUT -p tcp -m tcp -s 10.3.163.10 --dport 5050 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.20 --dport 5050 -j ACCEPT',
  # batcave01 also needs access to announce commits.
  '-A INPUT -p tcp -m tcp -s 10.3.163.35 --dport 5050 -j ACCEPT']
nft_custom_rules:
  # Needed for rsync from log01 for logs.
  - 'add rule ip filter INPUT ip saddr 10.3.163.39 tcp dport 873 counter accept'
  - 'add rule ip filter INPUT ip saddr 192.168.1.59 tcp dport 873 counter accept'
  # Needed to let nagios on noc01 and noc02 pipe alerts to zodbot here
  - 'add rule ip filter INPUT ip saddr 10.3.163.10 tcp dport 5050 counter accept'
  - 'add rule ip filter INPUT ip saddr 192.168.1.20 tcp dport 5050 counter accept'
  # batcave01 also needs access to announce commits.
  - 'add rule ip filter INPUT ip saddr 10.3.163.35 tcp dport 5050 counter accept'
deployment_type: prod
ipa_client_shell_groups:
  - fi-apprentice
  - sysadmin-mote
  - sysadmin-noc
  - sysadmin-veteran
  - sysadmin-web
ipa_client_sudo_groups:
  - sysadmin-mote
  - sysadmin-web
ipa_host_group: value
ipa_host_group_desc: "Value added: IRC bots, message logging, etc."
lvm_size: 30000
mem_size: 6144
num_cpus: 2
primary_auth_source: ipa
# for systems that do not match the above - specify the same parameter in
# the host_vars/$hostname file
tcp_ports: [80, 443]

notes: |
  Hosts services which help facilitate communication over IRC and related mediums.
  There are a couple things running here.
    * zodbot, a supybot instance.  See the zodbot SOP for more info.
    * mote, a webapp running behind httpd that serves meetbot log files.