X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/0a2e445a79bf4a5fdb0d3448665fa7146ab7ef23..91ea002ac9e3f1383e3f4d857f6157491e27dea9:/roles/nepomuk.rb?ds=inline diff --git a/roles/nepomuk.rb b/roles/nepomuk.rb index 6f006744e..474a43e83 100644 --- a/roles/nepomuk.rb +++ b/roles/nepomuk.rb @@ -3,76 +3,38 @@ description "Master role applied to nepomuk" default_attributes( :networking => { + :firewall => { + :incoming => [ + "tcp sport { 1024-65535 } tcp dport { 5666 } ip saddr { 77.95.64.120, 77.95.64.131, 77.95.64.139 } ct state new accept" + ] + }, :interfaces => { - :external_ipv4_old => { + :external => { :interface => "eth0", :role => :external, - :family => :inet, - :address => "77.95.70.166", - :prefix => "27", - :gateway => "77.95.70.161" - }, - :external_ipv6_old => { - :interface => "eth0", - :role => :external, - :family => :inet6, - :address => "2a03:9180:1:21::a6", - :prefix => "64", - :gateway => "2a03:9180:1:21::a1" - }, - :external_ipv4 => { - :interface => "eth1", - :role => :external, - :family => :inet, - :address => "77.95.65.39", - :prefix => "27", - :gateway => "77.95.65.33" - }, - :external_ipv6 => { - :interface => "eth1", - :role => :external, - :family => :inet6, - :address => "2a03:9180:0:100::7", - :prefix => "64", - :gateway => "2a03:9180:0:100::1" - } - } - }, - :sysctl => { - :kvm => { - :comment => "Tuning for KVM guest", - :parameters => { - "kernel.sched_min_granularity_ns" => 10000000, - "kernel.sched_wakeup_granularity_ns" => 15000000 + :inet => { + :address => "77.95.65.39", + :prefix => "27", + :gateway => "77.95.65.33" + }, + :inet6 => { + :address => "2a03:9180:0:100::7", + :prefix => "64", + :gateway => "2a03:9180:0:100::1" + } } } }, - :squid => { - :cache_mem => "7500 MB", - :cache_dir => "coss /store/squid/coss-01 128000 block-size=8192 max-size=262144 membufs=80" - }, :sysfs => { :hdd_tune => { :comment => "Tune the queue for improved performance", :parameters => { - "block/vda/queue/nr_requests" => "128", - "block/vda/queue/scheduler" => "deadline" + "block/vda/queue/nr_requests" => "128" } } - }, - :tilecache => { - :tile_parent => "lyon.render.openstreetmap.org", - :tile_siblings => [ - "trogdor.openstreetmap.org", - "katie.openstreetmap.org", - "konqi.openstreetmap.org", - "ridgeback.openstreetmap.org", - "gorynych.openstreetmap.org" - ] } ) run_list( - "role[lyonix]", - "role[tilecache]" + "role[lyonix]" )