summaryrefslogtreecommitdiffstats
path: root/inventory/group_vars/value
blob: ddff304f0835e3cbb8ca6593250b72bee7ea80fc (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

---
# Define resources for this group of hosts here. 
lvm_size: 30000
mem_size: 6144
num_cpus: 2

# for systems that do not match the above - specify the same parameter in
# the host_vars/$hostname file

tcp_ports: [ 80, 443,
    # These 16 ports are used by fedmsg.  One for each wsgi thread.
    3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
    3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]

custom_rules: [
    # Needed for rsync from log01 for logs.
    '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT',
    '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
    # Needed to let nagios on noc01 and noc02 pipe alerts to zodbot here
    '-A INPUT -p tcp -m tcp -s 10.5.126.41 --dport 5050 -j ACCEPT',
    '-A INPUT -p tcp -m tcp -s 10.5.126.241 --dport 5050 -j ACCEPT',
    '-A INPUT -p tcp -m tcp -s 192.168.1.20 --dport 5050 -j ACCEPT',
    # batcave01 also needs access to announce commits.
    '-A INPUT -p tcp -m tcp -s 10.5.126.23 --dport 5050 -j ACCEPT',
]

fas_client_groups: sysadmin-noc,fi-apprentice,sysadmin-web,sysadmin-mote,sysadmin-veteran

# These are consumed by a task in roles/fedmsg/base/main.yml
fedmsg_certs:
- service: shell
  owner: root
  group: sysadmin
  can_send:
  - logger.log
- service: supybot
  owner: root
  group: daemon
  can_send:
  # cookies!
  - irc.karma
  # standard meetbot stuff
  - meetbot.meeting.complete
  - meetbot.meeting.start
  - meetbot.meeting.topic.update
  # meetbot line items
  - meetbot.meeting.item.agreed
  - meetbot.meeting.item.accepted
  - meetbot.meeting.item.rejected
  - meetbot.meeting.item.action
  - meetbot.meeting.item.info
  - meetbot.meeting.item.idea
  - meetbot.meeting.item.help
  - meetbot.meeting.item.link

# For the MOTD
csi_security_category: Moderate
csi_primary_contact: mote admins - sysadmin-mote-members@fedoraproject.org
csi_purpose: Hosts services which help facilitate communication over IRC and related mediums.
csi_relationship: |
    There are a couple things running here.

    * zodbot, a supybot instance.  See the zodbot SOP for more info.
    * fedmsg-irc, our fedmsg to IRC relay.  'journalctl -u fedmsg-irc'
    * mote, a webapp running behind httpd that serves meetbot log files.
generated by cgit (git 2.34.1) at 2025-07-03 07:48:49 +0000