blob: b00192c727208aefe941d3e8b954777f85cae301 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
---
# Define resources for this group of hosts here.
lvm_size: 30000
mem_size: 2048
num_cpus: 2
# for systems that do not match the above - specify the same parameter in
# the host_vars/$hostname file
# Make connections from signing bridges stateless, they break sigul connections
# https://bugzilla.redhat.com/show_bug.cgi?id=1283364
custom_rules: ['-A INPUT --proto tcp --sport 44334 --source sign-bridge01.phx2.fedoraproject.org,secondary-bridge01.phx2.fedoraproject.org -j ACCEPT']
ansible_ifcfg_whitelist:
- eth0
- eth1
fas_client_groups: sysadmin-releng
host_group: autosign
fedmsg_error_recipients:
- puiterwijk@fedoraproject.org
nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=4.0"
# For the MOTD
csi_security_category: High
csi_primary_contact: Release Engineering - rel-eng@lists.fedoraproject.org
csi_purpose: Automatically sign Rawhide and Branched packages
csi_relationship: |
This host will run the autosigner.py script which should automatically sign
new rawhide and branched builds. It listens to koji over fedmsg for
notifications of new builds, and then asks sigul, the signing server, to
sign the rpms and store the new rpm header back in Koji.
The script[1] currently runs in the foreground from a git checkout.
[1] https://pagure.io/releng/blob/master/f/scripts/autosigner.py
|
