-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy pathdata_transfer.yml
36 lines (36 loc) · 1.31 KB
/
data_transfer.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
---
iptables_allow_icmp_inbound:
- ANY
iptables_allow_https_inbound:
- ANY # On data_transfer servers port 443 is used for SSH too.
iptables_allow_ssh_inbound:
- ANY
ssh_host_signer_hostnames: "{{ inventory_hostname }}\
{% for network_id in ip_addresses[inventory_hostname] %}\
{% if ip_addresses[inventory_hostname][network_id]['fqdn'] is defined and
ip_addresses[inventory_hostname][network_id]['fqdn'] | length >= 1 %}\
{% if ip_addresses[inventory_hostname][network_id]['fqdn'] == 'NXDOMAIN' %}\
,{{ ip_addresses[inventory_hostname][network_id]['address'] }}\
{% else %}\
,{{ ip_addresses[inventory_hostname][network_id]['fqdn'] }}\
{% endif %}\
{% endif %}\
{% endfor %}\
{% for host in groups['jumphost'] | default([]) %}\
,{{ host }}+{{ inventory_hostname }}\
{% endfor %}\
{% for external_jumphost in external_jumphosts | default([])
| map(attribute='hosts') | flatten
| map(attribute='hostname') %}\
,{{ external_jumphost }}+{{ inventory_hostname }}\
{% endfor %}"
local_mounts:
- mount_point: '/groups'
device: '/dev/vdb'
mounted_owner: root
mounted_group: root
mounted_mode: '0755'
mount_options: rw,relatime,nofail,x-systemd.device-timeout=10
type: ext4
repo_manager: 'none'
...