description "Master role applied to shenron"
default_attributes(
- :accounts => {
- :users => {
- :bretth => {
- :status => :user,
- :shell => "/usr/bin/git-shell"
- },
- }
- },
:apache => {
:mpm => "event",
:event => {
- :max_requests_per_child => 2000
+ :min_spare_threads => 50,
+ :max_spare_threads => 150
}
},
:hardware => {
+ :hwmon => {
+ "platform_it87_552" => {
+ :ignore => %w[in6]
+ }
+ },
+ :mcelog => {
+ :enabled => false
+ },
:modules => [
"it87"
- ],
- },
+ ]
+ }
+)
+
+override_attributes(
:networking => {
+ :dnssec => "false",
:interfaces => {
:external_ipv4 => {
:interface => "eth0",
:address => "2001:41c9:1:400::32",
:prefix => "64",
:gateway => "fe80::1"
- },
- }
- },
- :openvpn => {
- :address => "10.0.16.3",
- :tunnels => {
- :shenron2ucl => {
- :port => "1194",
- :mode => "server",
- :peer => {
- :host => "ridley.openstreetmap.org"
- }
}
- }
+ },
+ # Do not use Cloudflare Public DNS as it does not support ECS as required by https://www.spamhaus.org/organization/dnsblusage/
+ # https://www.spamhaus.org/news/article/816/service-update-spamhaus-dnsbl-users-who-query-via-cloudflare-dns-need-to-make-changes-to-email-set-up
+ :nameservers => ["8.8.8.8", "8.8.4.4", "2001:4860:4860::8888", "2001:4860:4860::8844"],
+ :private_address => "10.0.16.100"
}
)
"role[bytemark]",
"role[mail]",
"role[lists]",
- "role[git]",
"role[subversion]",
"role[trac]",
"role[osqa]",
"role[irc]",
- "role[dns]",
- "role[geodns]",
- "role[chef-repository]",
- "recipe[openvpn]"
+ "recipe[blogs]"
)
projects / chef.git / blobdiff