Mercurial > repos > other > Puppet
view manifests/nodes.pp @ 462:2f2ecf1f0215
Reduce PHP FPM overheads
* Reduce "max idle servers", which leaves LOTS of unused servers
sitting around most of the time
* Remove old, unused static config file
author | IBBoard <dev@ibboard.co.uk> |
---|---|
date | Sat, 18 Nov 2023 18:38:12 +0000 |
parents | 4a6ad700cded |
children | 65290cb0cec2 |
line wrap: on
line source
node 'ibbpi.hostedpi.com' { class { 'ibboardvpsnode': primary_ip => '2a00:1098:0008:0157::1', gateway_ip => '2a00:1098:0008:0157::2', proxy_4to6_ip_prefix => '2a00:1098:0008:0157::01d4', # ::old4 for IPv4! proxy_upstream => ['2a00:1098::82:1000:3b:1:1', '2a00:1098::80:1000:3b:1:1'], nat64_ranges => ['64:ff9b::/96'], mailserver => 'mail.ibboard.co.uk', imapserver => 'imap.ibboard.co.uk', mailrelays => ['mx.mythic-beasts.com'], firewall_cmd => 'iptables', } firewall { '090 Allow SSH (IPv4-to-IPv6)': dport => 22, source => '2a00:1098:0:82:1000:0:5d5d:826a', proto => 'tcp', action => 'accept', } } node 'vpsarm.home' { class { 'ibboardvpsnode': primary_ip => '2a00:23c8:a480:3701:5054:ff:fe42:65f9', mailserver => 'mail.ibboard.co.uk', imapserver => 'imap.ibboard.co.uk', firewall_cmd => 'iptables', } } node 'vps-arm-2204.test.ibboard.co.uk' { class { 'ibboardvpsnode': primary_ip => 'fd21:d7cd:fe52:0:5054:ff:fee4:9b6e', mailserver => 'mail.ibboard.co.uk', imapserver => 'imap.ibboard.co.uk', firewall_cmd => 'iptables', } } node 'vps-2204.test.ibboard.co.uk' { class { 'ibboardvpsnode': primary_ip => 'fd21:d7cd:fe52:0:5054:ff:fec7:76c3', mailserver => 'mail.ibboard.co.uk', imapserver => 'imap.ibboard.co.uk', firewall_cmd => 'iptables', } } node 'ibbvps.vs.mythic-beasts.com' { class { 'ibboardvpsnode': primary_ip => '2a00:1098:82:52::1', proxy_4to6_ip_prefix => '2a00:1098:82:52::01d4', # ::old4 for IPv4! proxy_upstream => ['2a00:1098::82:1000:3b:1:1', '2a00:1098::80:1000:3b:1:1'], nat64_ranges => ['64:ff9b::/96'], mailserver => 'mail.ibboard.co.uk', imapserver => 'imap.ibboard.co.uk', mailrelays => ['mx.mythic-beasts.com'], firewall_cmd => 'iptables', } # If the console fails to start, you may need to run "restorecon /etc/systemd/system/getty.target.wants/*" # to reset the SELinux context of the file service { 'serial-getty@ttyS0': ensure => 'running', enable => 'true', } firewall { '090 Allow SSH (IPv4-to-IPv6)': dport => 22, source => '2a00:1098:0:82:1000:0:5d5d:826a', proto => 'tcp', action => 'accept', } }