---
# Define resources for this group of hosts here.
lvm_size: 20000
mem_size: 8192
num_cpus: 2

# for systems that do not match the above - specify the same parameter in
# the host_vars/$hostname file

custom_rules: [
    # Need for rsync from log01 for logs.
    '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT',
    '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
 ]

# No other ports open.  no web service running here.
#tcp_ports: []

fas_client_groups: sysadmin-noc,sysadmin-veteran

freezes: false

# Don't use testing repos in production
testing: False

# These are consumed by a task in roles/fedmsg/base/main.yml
fedmsg_certs:
- service: shell
  owner: root
  group: sysadmin
  can_send:
  - logger.log
- service: anitya
  owner: root
  group: fedmsg
  can_send:
  - anitya.project.version.update


fedmsg_prefix: org.release-monitoring
fedmsg_env: prod

# For the MOTD
csi_security_category: Low
csi_primary_contact: Fedora admins - admin@fedoraproject.org
csi_purpose: Run the 'anitya' backend cronjobs and database server
csi_relationship: |
    There are a few things running here:

    - A number of cronjobs that scrape upstreams for new releases
    - A postgres database server to be used by those crons and by
      anitya-frontend01

    - This host relies on:
      - The fedmsg-relay daemon running on anitya-frontend01.
      - Lots of external third-party services.  The cronjobs make all kinds of
        requests out to the Internet that can fail in various ways.

    - Things that rely on this host:
      - The webapps running on anitya-frontend01 relies on the postgres db
        server running on this node.