X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/0a2e445a79bf4a5fdb0d3448665fa7146ab7ef23..e99aaf0252bf1730b29a1db425f01d5dddd65f7c:/roles/nepomuk.rb diff --git a/roles/nepomuk.rb b/roles/nepomuk.rb index 6f006744e..4abe868d1 100644 --- a/roles/nepomuk.rb +++ b/roles/nepomuk.rb @@ -3,25 +3,23 @@ description "Master role applied to nepomuk" default_attributes( :networking => { + :firewall => { + :inet => [ + { + :action => "ACCEPT", + :source => "net:77.95.64.120,77.95.64.131,77.95.64.139", + :dest => "fw", + :proto => "tcp", + :dest_ports => "5666", + :source_ports => "1024:", + :rate_limit => "-", + :connection_limit => "-" + } + ] + }, :interfaces => { - :external_ipv4_old => { - :interface => "eth0", - :role => :external, - :family => :inet, - :address => "77.95.70.166", - :prefix => "27", - :gateway => "77.95.70.161" - }, - :external_ipv6_old => { - :interface => "eth0", - :role => :external, - :family => :inet6, - :address => "2a03:9180:1:21::a6", - :prefix => "64", - :gateway => "2a03:9180:1:21::a1" - }, :external_ipv4 => { - :interface => "eth1", + :interface => "eth0", :role => :external, :family => :inet, :address => "77.95.65.39", @@ -29,7 +27,7 @@ default_attributes( :gateway => "77.95.65.33" }, :external_ipv6 => { - :interface => "eth1", + :interface => "eth0", :role => :external, :family => :inet6, :address => "2a03:9180:0:100::7", @@ -38,41 +36,16 @@ default_attributes( } } }, - :sysctl => { - :kvm => { - :comment => "Tuning for KVM guest", - :parameters => { - "kernel.sched_min_granularity_ns" => 10000000, - "kernel.sched_wakeup_granularity_ns" => 15000000 - } - } - }, - :squid => { - :cache_mem => "7500 MB", - :cache_dir => "coss /store/squid/coss-01 128000 block-size=8192 max-size=262144 membufs=80" - }, :sysfs => { :hdd_tune => { :comment => "Tune the queue for improved performance", :parameters => { - "block/vda/queue/nr_requests" => "128", - "block/vda/queue/scheduler" => "deadline" + "block/vda/queue/nr_requests" => "128" } } - }, - :tilecache => { - :tile_parent => "lyon.render.openstreetmap.org", - :tile_siblings => [ - "trogdor.openstreetmap.org", - "katie.openstreetmap.org", - "konqi.openstreetmap.org", - "ridgeback.openstreetmap.org", - "gorynych.openstreetmap.org" - ] } ) run_list( - "role[lyonix]", - "role[tilecache]" + "role[lyonix]" )