X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/4257000ade199f7ca768e5cf9bca538bd02ca1b4..743ccc20d107fb66d801138af23752fd6b4fa701:/roles/shenron.rb diff --git a/roles/shenron.rb b/roles/shenron.rb index 42d25d9d0..27a10f9c1 100644 --- a/roles/shenron.rb +++ b/roles/shenron.rb @@ -2,14 +2,6 @@ name "shenron" description "Master role applied to shenron" default_attributes( - :accounts => { - :users => { - :bretth => { - :status => :user, - :shell => "/usr/bin/git-shell" - } - } - }, :apache => { :mpm => "event", :event => { @@ -17,33 +9,24 @@ default_attributes( :max_spare_threads => 150 } }, - :apt => { - :sources => ["brightbox-ruby-ng"] - }, :hardware => { + :hwmon => { + "platform_it87_552" => { + :ignore => %w[in6] + } + }, :mcelog => { :enabled => false }, :modules => [ "it87" ] - }, - :openvpn => { - :address => "10.0.16.3", - :tunnels => { - :shenron2ucl => { - :port => "1194", - :mode => "server", - :peer => { - :host => "ridley.openstreetmap.org" - } - } - } } ) override_attributes( :networking => { + :dnssec => "false", :interfaces => { :external_ipv4 => { :interface => "eth0", @@ -61,7 +44,11 @@ override_attributes( :prefix => "64", :gateway => "fe80::1" } - } + }, + # Do not use Cloudflare Public DNS as it does not support ECS as required by https://www.spamhaus.org/organization/dnsblusage/ + # https://www.spamhaus.org/news/article/816/service-update-spamhaus-dnsbl-users-who-query-via-cloudflare-dns-need-to-make-changes-to-email-set-up + :nameservers => ["8.8.8.8", "8.8.4.4", "2001:4860:4860::8888", "2001:4860:4860::8844"], + :private_address => "10.0.16.100" } ) @@ -69,14 +56,9 @@ run_list( "role[bytemark]", "role[mail]", "role[lists]", - "role[git]", "role[subversion]", "role[trac]", "role[osqa]", "role[irc]", - "role[dns]", - "role[geodns]", - "role[chef-repository]", - "recipe[blogs]", - "recipe[openvpn]" + "recipe[blogs]" )