1ee95304e1
See: https://pagure.io/fedora-infrastructure/issue/9304 Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
50 lines
1.5 KiB
Org Mode
50 lines
1.5 KiB
Org Mode
---
|
|
nm: 255.255.255.0
|
|
gw: 10.3.166.254
|
|
dns: 10.3.163.33
|
|
volgroup: /dev/vg_guests
|
|
eth0_ip: 10.3.166.34
|
|
vmhost: vmhost-x86-02.stg.iad2.fedoraproject.org
|
|
datacenter: iad2
|
|
|
|
ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
|
|
ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
|
|
|
|
# This is a generic list, monitored by collectd
|
|
databases:
|
|
- fas2
|
|
|
|
# This is a more strict list, to be made publicly available
|
|
dbs_to_backup:
|
|
- fas2
|
|
|
|
# These are normally group variables, but in this case db servers are often different
|
|
lvm_size: 30000
|
|
mem_size: 4096
|
|
num_cpus: 2
|
|
fas_client_groups: sysadmin-dba,sysadmin-noc,sysadmin-veteran
|
|
|
|
#
|
|
# Only allow postgresql access from the frontend node and ipsilon01.stg and
|
|
# fas3-01.stg and openshift
|
|
#
|
|
custom_rules:
|
|
# - '-A INPUT -p tcp -m tcp -s 10.5.128.129 --dport 5432 -j ACCEPT'
|
|
# - '-A INPUT -p tcp -m tcp -s 10.5.128.137 --dport 5432 -j ACCEPT'
|
|
# - '-A INPUT -p tcp -m tcp -s 10.5.128.82 --dport 5432 -j ACCEPT'
|
|
# - '-A INPUT -p tcp -m tcp -s 10.5.128.104 --dport 5432 -j ACCEPT'
|
|
# - '-A INPUT -p tcp -m tcp -s 10.5.128.105 --dport 5432 -j ACCEPT'
|
|
# - '-A INPUT -p tcp -m tcp -s 10.5.128.106 --dport 5432 -j ACCEPT'
|
|
# - '-A INPUT -p tcp -m tcp -s 10.5.128.107 --dport 5432 -j ACCEPT'
|
|
# TODO: lock it down more
|
|
- '-A INPUT -p tcp -m tcp -s 10.3.166.0/24 --dport 5432 -j ACCEPT'
|
|
|
|
#
|
|
# Large updates pushes cause lots of db threads doing the tag moves, so up this from default.
|
|
#
|
|
nrpe_procs_warn: 400
|
|
nrpe_procs_crit: 500
|
|
|
|
db_backup_dir: ['/backups']
|
|
shared_buffers: "1GB"
|
|
effective_cache_size: "3GB"
|