Did my attachment not arrive OK? Trying again. Should I assume the csi vars were OK like that then? Happy to carry on doing more. Great exercise to get to know how the infrastructure is set up Juan On Fri, 2015-11-20 at 11:08 -0700, Kevin Fenzi wrote: Unfortunately, there's some line wrapping issues going on that makes it so git doesn't want to apply. ;( Can you resend as an attachment? kevin |
commit 4598da9a56a231d1b65eedfdd867ef5c261b7277
Author: Juan Jimenez-Anca <juan@xxxxxxxxxxxxxx>
Date: Wed Nov 18 21:58:48 2015 +0000
csi vars for bastion, copr-back, cpr-back-stg, copr-front, copr-front-stg
diff --git a/inventory/group_vars/bastion b/inventory/group_vars/bastion
index 87a0e33..40733b4 100644
--- a/inventory/group_vars/bastion
+++ b/inventory/group_vars/bastion
@@ -1,5 +1,5 @@
---
-# Define resources for this group of hosts here.
+# Define resources for this group of hosts here.
lvm_size: 20000
mem_size: 8192
num_cpus: 4
@@ -37,3 +37,16 @@ fas_aliases: true
#
nrpe_procs_warn: 1100
nrpe_procs_crit: 1200
+
+# These variables are pushed into /etc/system_identification by the base role.
+# Groups and individual hosts should override them with specific info.
+# See http://infrastructure.fedoraproject.org/csi/security-policy/
+
+csi_security_category: High
+csi_primary_contact: sysadmin-main admin@xxxxxxxxxxxxxxxxx
+csi_purpose: SSH proxy to access infrastructure not exposed to the web
+csi_relationship:
+ * Provides ssh access to all phx2/vpn connected servers.
+ * Bastion is the hub for all infrastructure's VPN connections.
+ * All incoming SMTP from phx2 and VPN, as well as outgoing SMTP, pass or are filtered here.
+ * Bastion does not accept any mail outside phx2/vpn.
diff --git a/inventory/group_vars/copr-back b/inventory/group_vars/copr-back
index 6d598e4..c2a279f 100644
--- a/inventory/group_vars/copr-back
+++ b/inventory/group_vars/copr-back
@@ -20,3 +20,14 @@ do_sign: "true"
spawn_in_advance: "true"
frontend_base_url: "https://copr-fe.cloud.fedoraproject.org";
+
+# These variables are pushed into /etc/system_identification by the base role.
+# Groups and individual hosts should override them with specific info.
+# See http://infrastructure.fedoraproject.org/csi/security-policy/
+
+csi_security_category: High
+csi_primary_contact: msuchy (mirek, vgologuz) | IRC: #fedora-admin, #fedora-buildsys
+csi_purpose: Provide the backend for copr (3rd party packages)
+csi_relationship:
+ * Backend: Management of copr cloud infrastructure (OpenStack).
+ * Small frontend with copr's public stats
diff --git a/inventory/group_vars/copr-back-stg b/inventory/group_vars/copr-back-stg
index 7c0fb6a..42ac9fa 100644
--- a/inventory/group_vars/copr-back-stg
+++ b/inventory/group_vars/copr-back-stg
@@ -18,3 +18,12 @@ do_sign: "true"
spawn_in_advance: "false"
frontend_base_url: "http://copr-fe-dev.cloud.fedoraproject.org";
+
+# These variables are pushed into /etc/system_identification by the base role.
+# Groups and individual hosts should override them with specific info.
+# See http://infrastructure.fedoraproject.org/csi/security-policy/
+
+csi_security_category: Moderate
+csi_primary_contact: msuchy (mirek, vgologuz) | IRC: #fedora-admin, #fedora-buildsys
+csi_purpose: Provide the testing environment of copr's backend
+csi_relationship: This host is the testing environment for the cloud infrastructure of copr's backend
diff --git a/inventory/group_vars/copr-front b/inventory/group_vars/copr-front
index 7dcfcd7..628ab78 100644
--- a/inventory/group_vars/copr-front
+++ b/inventory/group_vars/copr-front
@@ -1,3 +1,14 @@
---
copr_hostname: "copr-fe.cloud.fedoraproject.org"
copr_frontend_public_hostname: "copr.fedoraproject.org"
+
+# These variables are pushed into /etc/system_identification by the base role.
+# Groups and individual hosts should override them with specific info.
+# See http://infrastructure.fedoraproject.org/csi/security-policy/
+
+csi_security_category: Moderate
+csi_primary_contact: msuchy (mirek, vgologuz) | IRC: #fedora-admin, #fedora-buildsys
+csi_purpose: Provide a publicly accessible frontend for 3rd party packages (copr)
+csi_relationship:
+ * This host provides the frontend part of copr only.
+ * It's the point of contact between end users and the copr build system (backend, package singer)
diff --git a/inventory/group_vars/copr-front-stg b/inventory/group_vars/copr-front-stg
index 835a21a..e12e6e2 100644
--- a/inventory/group_vars/copr-front-stg
+++ b/inventory/group_vars/copr-front-stg
@@ -1,2 +1,7 @@
---
copr_frontend_public_hostname: "copr-fe-dev.cloud.fedoraproject.org"
+
+csi_security_category: Low
+csi_primary_contact: msuchy (mirek, vgologuz) | IRC: #fedora-admin, #fedora-buildsys
+csi_purpose: Provide the testing environment of copr's frontend
+csi_relationship: This host is the testing environment for copr's web interface
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
