status-im
/
infra-nimbus
mirror of https://github.com/status-im/infra-nimbus.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
infra-nimbus/ansible/group_vars/all.yml

74 lines
6.0 KiB
YAML
Raw Blame History

---
# Root password
bootstrap__root_pass: '{{lookup("bitwarden", "root-pass")}}'
bootstrap__admin_pass: '{{lookup("bitwarden", "macos/admin", field="password")}}'
# Consul
bootstrap__consul_encryption_key: '{{lookup("bitwarden", "consul/cluster", field="encryption-key")}}'
bootstarp__consul_agent_acl_token: '{{lookup("bitwarden", "consul/acl-tokens", field="agent-default")}}'
bootstrap__consul_certs_ca_crt: '{{lookup("bitwarden", "consul/certs", file="ca.pem")}}'
bootstrap__consul_certs_client_crt: '{{lookup("bitwarden", "consul/certs", file="client.pem")}}'
bootstrap__consul_certs_client_key: '{{lookup("bitwarden", "consul/certs", file="client-key.pem")}}'
# SSHGuard
bootstrap__sshguard_whitelist_extra: ['{{lookup("bitwarden", "sshguard/whitelist", field="jakubgs-home")}}']
# Wireguard
wireguard_consul_acl_token: '{{lookup("bitwarden", "consul/acl-tokens", field="wireguard")}}'
# Custom SSH accounts for Nimbus fleet, should start from UID 8000.
bootstrap__active_extra_users:
- { name: zahary, uid: 8000, admin: true, win_groups: ['Administrators'], mac_groups: ['admin'], key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZ4uk6O6e6KgiTGVOntGbUN+tUXM5XbnK4x9RPc8hsmphO0SIi/jim8TDh8SstyNA7IRx5TG3//tAzrjikA3xBfBktiZc7cIklkKwVsby7WEThbu99B+tKfXGrJEaIoXuGc7nk/t1ynMqbLSxo44Yu3+OksozDxtj1mDl2ze+ICa7XteAJgu7vIsfKUZwnpIVXglfqve0x/GJ8oQyp4vx7MFdaaBTl4yLyajwd+h+tINmf4fikUl34gVTLtM2VxXHy2VtbzjQUXb7pCISXELyXy0OnJ6HczNiWA2K0z47pohC5cAFYlErhmbZ1MRhKYysEAm/mAasTPRVKTK4agpSB zahary@status.im' }
- { name: dustin, uid: 8001, admin: true, win_groups: ['Administrators'], mac_groups: ['admin'], key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKrxMjWZZJ7E6EQY77IbOGaj1q6YzlRnQnCbTQqZja4c user@merfeint' }
- { name: dryajov, uid: 8004, admin: false, win_groups: ['Administrators'], mac_groups: ['admin'], key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBjhsSxUXSQBv6PFEwE9TYG0TeuzabRipy/IoIS33BTt dryajov@status.im' }
- { name: kim, uid: 8005, admin: true, win_groups: ['Administrators'], mac_groups: ['admin'], key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCQdvm2Hd3h3sPDVmLXAxQQXDYyuHCZne/3oIkMTn8zUjky66VRMUoIuZy7CqjCa/cKnBnq+n7FDwqSytIFln2fFIHC1yqrjG4YxHa8OyrT/H29wedOA1X4XHyU44JUXxTcAb+Mvnn7IjRQ42+orIFu4LAlUQAlJkta/weXlA+N1yPAkv168IbhsWYGd0myGqafiFbCo/IaTFKezs9TXfEBtSTzBTwLusFfnTUdyiNFZqkk3hq/7m13/HE0fI0iQ2y+Q1EXgYxT8C3a625n8n3zldaiKUBHQm7+DJdJllURstXhq35XFmhlUx4N+QbognoxqZ00pWRIOE/ooPW2rqv kim.demey@status.im' }
- { name: cheatfate, uid: 8008, admin: true, win_groups: ['Administrators'], mac_groups: ['admin'], key: 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAgEAkw8sQiChWeUuXUbaWunScWKuAvYTmCP2+lklQNSzzxXpkQhGzLFnlsksTB1sKtQ6op4yDpysx1lp8E2pf2VlACIjSc7t39VY1vsQaAlBfvssLc9LGFMXIIOz4RZaIbbsbplIxI7IpkdhGk9WdD/QAO8fCl8gJ2SoAWMROds2oUDCir0VfsOupFtqQ9FUC4ANf4nHWqk9TwiVXU+nndeWWj8cYNGBq/3rWgn+tQTomQooYaoQHqslLFzmLYK2dJX8qrJDx1pX99h/aLhbbyCBnBZRSOzhNfpa9bRraofcKigNvLAUIfaRDhOize8C4/6WMOcyQVGNEmReBAzHGk5yoUJeMWENZAMCeWsY7cbdiKmEyDPlRDNGuzBlXkdFlJSlNYs1xhZsKkkiAdpSNrZB9/WOpBaKWba+7VRC4ejuuBhYr04kh22UJi4cc9xX0pyYc4tZ9MyjqTMSJoKGFceUXm1ne5g7nxdo1z4/Z6sQd4vFBCvKWFPpJx1cW0n+2XvFSoehou2sEGfoQp8UvSFhuiA/kA56OuahHQANBJBTqpKSCesSc8Y/4ys27qU8tSPjADWOtwxElUQpoBRbcAfTpNLy8r0AjAQFnAcj1Tq0dh+kIe03HPabx5b05Wq8K0opqkX1yPd5yI9IAPNhmbVMuONOEHhyTYCyhHK2ASdXSy0= eugene.kabanov@status.im' }
- { name: etan, uid: 8010, admin: true, win_groups: ['Administrators'], mac_groups: ['admin'], key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOguworK7iqh7hPjC1AL3eCe+OZcK7tWRqThyBrEK6r2 etan@status.im' }
- { name: p1ge0nh8er, uid: 8011, admin: false, win_groups: ['Administrators'], mac_groups: ['admin'], key: 'sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBFMfy5lx2dGwpv7yq9kLFVanatgfMa9M/EFcVHV00ASS533sNJGklosiQLsqeiWXcKlubjK6f2taYViajodswFUAAAAXc3NoOnN0YXR1cy1nb2VybGktbm9kZXM= aaryamann@status.im' }
- { name: crypt1d, uid: 8013, admin: false, win_groups: ['Administrators'], mac_groups: ['admin'], key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8A+BRe9eLtN/y+NmX0vEQ7cHNgBLszZPfPjPm385w4c9r3ErGQJBqGd3jAjVn44z7AoDDjBhwmVh/47/6MwGnQuhRR7gVyFqowE0LawZ0paQKXvHVqGgW3wD+BwN155xOM0LQfVcWeJUfFTZ3YfZLCTVk1Nnd78J1q8ar/tg3uvyPXmYLkcGcXSnGOq8UeJ6ZhQxyELCSnGOilI4rgVEuxEOi0xWJNJMVyE5CtGu9jM/RLTjtfc6VNQFyc7aU31XcXKdwg9okWnfbDJgLAJp19vfHxT+l5muVWGYPQtyaw8BIA6YIphrX8Q99eHVWoMint5klGcUsGUcJPQc3dr/b nikola@status.im' }
- { name: dan, uid: 8014, admin: false, win_groups: ['Administrators'], mac_groups: ['admin'], key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFuvophIgGxNOgH9pExQ2BhfQ8kGTxs4QHj7whU8GESU daniil@status.im' }
- { name: ujscale, uid: 8015, admin: false, key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF2Vzzmx81xKmNy96rz5vPAQ23j7eeV5f0Y4QK1kkrPK mumar@status.im' }
# TRACE needs more disk space
bootstrap__rsyslog_docker_logs_path: '/docker/log'
# Print just the message, lower size of log files and make parsing easier
bootstrap__rsyslog_docker_format: !unsafe '%msg:2:2048%\n'
# Some logs are just SPAMmed too much.
bootstrap__rsyslog_filter_rules:
- 'Attestation resolved'
- 'Attestation received'
# lower local retention to save space
bootstrap__logrotate_frequency: 'hourly'
bootstrap__logrotate_count: 48
bootstrap__logrotate_mbytes: 500
# Extra packages for debugging
bootstrap__extra_packages:
- gdb
- linux-tools-common
- linux-tools-generic
bootstrap_sysctl_config:
kernel.core_pattern: '/var/lib/systemd/coredump/core.%e.%p.%u.%t'
fs.inotify.max_user_watches: 131072
# Allow calling 'perf' without root'
kernel.perf_event_paranoid: 1
# Consul Catalog Query URL
consul_catalog_url: 'http://localhost:8500/v1/catalog'
# Beacon nodes can be quite memory hungry
swap_file_path: '/docker/main.swap'
swap_file_size_mb: 2048
# SMART Metrics
smart_metrics_listen_port: 9633
# Nimbus ------------------------------
beacon_node_log_level: DEBUG
# Builds
beacon_node_build_nim_flags: >-
-d:testnet_servers_image
-d:noSignalHandler
-d:libp2p_protobuf_metrics
-d:libp2p_network_protocols_metrics
# Peers
beacon_node_max_peers: 320
Reference in New Issue View Git Blame Copy Permalink