75 lines
3.5 KiB
YAML
75 lines
3.5 KiB
YAML
---
|
|
basedir: /srv/web/infra/ansible
|
|
private: /srv/private/ansible
|
|
bigfiles: /srv/web/infra/bigfiles
|
|
files: /srv/web/infra/ansible/files
|
|
roles_path: /srv/web/infra/ansible/roles
|
|
handlers_path: /srv/web/infra/ansible/handlers
|
|
tasks_path: /srv/web/infra/ansible/tasks
|
|
vars_path: "/srv/web/infra/ansible/vars"
|
|
dist_tag: unknown
|
|
auth_keys_from_fas: '/srv/web/infra/ansible/scripts/auth-keys-from-fas'
|
|
#
|
|
# These are images in the old cloud using the ec2 interface
|
|
#
|
|
el6_qcow_id: ami-00000013
|
|
f18_qcow_id: ami-00000016
|
|
el6_ami_id: ami-0000000e
|
|
f17_qcow_id: ami-00000001
|
|
# Fedora-19
|
|
f19_qcow_id: ami-00000020
|
|
# Fedora-20
|
|
f20_qcow_id: ami-00000042
|
|
# Fedora-21
|
|
f21_qcow_id: ami-0000005a
|
|
# RHEL7beta
|
|
el7b_qcow_id: ami-0000003f
|
|
# RHEL7
|
|
el7_qcow_id: ami-00000050
|
|
|
|
#
|
|
# These are the new images in the new cloud using the nova interface.
|
|
#
|
|
fedora20_x86_64: Fedora-x86_64-20-20140407
|
|
fedora21_x86_64: Fedora-Cloud-Base-20141203-21.x86_64
|
|
fedora22_alpha_x86_64: Fedora-Cloud-Base-22_Alpha-20150305.x86_64
|
|
fedora22_beta_x86_64: Fedora-Cloud-Base-22_Beta-20150415.x86_64
|
|
fedora22_x86_64: Fedora-Cloud-Base-22-20150521.x86_64
|
|
fedora_atomic_22_alpha: Fedora-Cloud-Atomic-22_Alpha-20150305.x86_64
|
|
fedora_atomic_22_beta: Fedora-Cloud-Atomic-22_Beta-20150415.x86_64
|
|
fedora_atomic_22: Fedora-Cloud-Atomic-22-20150521.x86_64
|
|
fedora23_x86_64: Fedora-Cloud-Base-23-20151030.x86_64
|
|
fedora24_alpha_x86_64: Fedora-Cloud-Base-24_Alpha-7.x86_64.qcow2
|
|
fedora24_x86_64: Fedora-Cloud-Base-24-1.2.x86_64.qcow2
|
|
fedora25_x86_64: Fedora-Cloud-Base-25-1.3.x86_64
|
|
fedora26_x86_64: Fedora-Cloud-Base-26-1.4.x86_64
|
|
fedora27_x86_64: Fedora-Cloud-Base-27-1.2.x86_64
|
|
fedora28_x86_64: Fedora-Cloud-Base-28-1.1.x86_64
|
|
fedora29_x86_64: Fedora-Cloud-Base-29-1.2.x86_64
|
|
fedora30_beta_x86_64: Fedora-Cloud-Base-30-20190329.n.0.x86_64
|
|
fedora30_x86_64: Fedora-Cloud-Base-30-1.2.x86_64
|
|
fedora30_20190925_ppc64le: Fedora-Cloud-Base-30-20190925.0.ppc64le
|
|
centos70_x86_64: CentOS-7-x86_64-GenericCloud-1503
|
|
centos66_x86_64: CentOS-6-x86_64-GenericCloud-20141129_01
|
|
rhel70_x86_64: rhel-guest-image-7.0-20140930.0.x86_64
|
|
rhel66_x86_64: rhel-guest-image-6.6-20141222.0.x86_64
|
|
fedora31_x86_64: Fedora-Cloud-Base-31-1.9.x86_64
|
|
|
|
# Note: we do "+all -some" rather than "+some" to make sure we can use this
|
|
# same list on both EL7 and Fedora and get new ciphers: on Fedora, at time of writing,
|
|
# this includes TLSv1.3, which EL7 does not have.
|
|
ssl_protocols: "+all -SSLv3 -TLSv1 -TLSv1.1"
|
|
ssl_ciphers: "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK"
|
|
|
|
httpd_maxrequestworkers: 256
|
|
|
|
# Set a default hostname base to transient. Override in host vars or command line.
|
|
hostbase: transient
|
|
global_pkgs_inst: ['bind-utils', 'nc', 'openssh-clients',
|
|
'patch', 'postfix', 'rsync', 'strace',
|
|
'tmpwatch', 'traceroute', 'vim-enhanced', 'xz', 'zsh',
|
|
'bash-completion',
|
|
'atop', 'htop', 'rsyslog']
|
|
# Set up variables for various files to make sure we don't forget to use.
|
|
repoSpanner_rpms_http: 8445
|
|
repoSpanner_ansible_http: 8443
|