X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/da8f75f725d2c105419c351195231bac70a46e7c..a4e98a39669d82fc53a3d7f3fcc65689c05cc6cd:/roles/ironbelly.rb

diff --git a/roles/ironbelly.rb b/roles/ironbelly.rb
index a3a94fc63..098568265 100644
--- a/roles/ironbelly.rb
+++ b/roles/ironbelly.rb
@@ -2,6 +2,32 @@ name "ironbelly"
 description "Master role applied to ironbelly"
 
 default_attributes(
+  :apt => {
+    :sources => ["ubuntugis-unstable"]
+  },
+  :elasticsearch => {
+    :cluster => {
+      :routing => {
+        :allocation => {
+          :disk => {
+            :watermark => {
+              :low => "95%",
+              :high => "98%"
+            }
+          }
+        }
+      }
+    },
+    :path => {
+      :data => "/store/elasticsearch"
+    }
+  },
+  :git => {
+    :allowed_nodes => "*:*",
+    :user => "chefrepo",
+    :group => "chefrepo",
+    :backup => "chef-git"
+  },
   :networking => {
     :interfaces => {
       :internal_ipv4 => {
@@ -35,11 +61,62 @@ default_attributes(
         }
       }
     }
+  },
+  :rsyncd => {
+    :modules => {
+      :hosts => {
+        :comment => "Host data",
+        :path => "/home/hosts",
+        :read_only => true,
+        :write_only => false,
+        :list => false,
+        :uid => "tomh",
+        :gid => "tomh",
+        :transfer_logging => false,
+        :hosts_allow => [
+          "212.110.172.32",                      # shenron
+          "2001:41c9:1:400::32",                 # shenron
+          "212.159.112.221"                      # grant
+        ]
+      },
+      :logs => {
+        :comment => "Log files",
+        :path => "/store/logs",
+        :read_only => false,
+        :write_only => true,
+        :list => false,
+        :uid => "www-data",
+        :gid => "www-data",
+        :transfer_logging => false,
+        :hosts_allow => [
+          "128.40.168.0/24",      # ucl external (wates)
+          "128.40.45.192/27",     # ucl external (wolfson)
+          "146.179.159.160/27",   # ic internal
+          "193.63.75.96/27",      # ic external
+          "2001:630:12:500::/64", # ic external
+          "127.0.0.0/8",          # localhost
+          "::1"                   # localhost
+        ],
+        :nodes_allow => "roles:tilecache"
+      }
+    }
   }
-);
+)
 
 run_list(
   "role[ic]",
   "role[gateway]",
-  "recipe[openvpn]"
+  "role[chef-server]",
+  "role[chef-repository]",
+  "role[web-storage]",
+  "role[supybot]",
+  "role[backup]",
+  "role[stats]",
+  "role[planet]",
+  "role[planetdump]",
+  "role[logstash]",
+  "recipe[rsyncd]",
+  "recipe[openvpn]",
+  "recipe[git::server]",
+  "recipe[tilelog]"
 )