-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathmain.yml
95 lines (78 loc) · 4.16 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
# default variables for mirror role
# Is this also part of the new mirror cdn for 9-stream and beyond ?
# If enabled, consider also the other mirror_stream_* variables that will be applied at various places too and in templates
mirror_stream_content: True
# CDN section, if used as origin server
# Are we origin node (True|False) and if so, under which specific hostname
mirror_stream_httpd_origin_node: False
mirror_stream_httpd_origin_hostname: # if used as origin, different hostname and different TLS cert too
mirror_stream_httpd_origin_secret: # Which shared header to use between cdn and us, origin server to restrict access
# Full rsync path::module to use to rsync centos mirror content from
mirror_rsync_from: node1.centos.org
mirror_rsync_from_module: centos-full
mirror_stream_rsync_from_module: centos-stream-full
mirror_rsync_from_fallback: node0.centos.org
# default path where to sync content to
mirror_local_path: /home/centos/
mirror_stream_local_path: /home/centos-stream/
# Default user owning all the files
mirror_local_user: centos
# If we want to have some other snippet in httpd conf
mirror_httpd_snippet: |
# This is a snippet block coming from mirror_httpd_snippet var
# If we want to have specific RewriteRules that we can also override
mirror_httpd_rewrite_rules: |
# This is a RewriteRules block comming from mirror_httpd_rewrite_rules var
RewriteEngine on
ReWriteRule "^/(?:centos|centos-[345678])/(.*)/isos/(.*)/(.*\.iso)$" http://isoredirect.centos.org/centos/$1/isos/$2/$3
ReWriteRule "^/(?:centos|centos-[345678])/(.*)/isos/(.*)/$" http://isoredirect.centos.org/centos/$1/isos/$2/
ReWriteRule "^/(?:altarch)/(.*)/isos/(.*)/(.*\.iso)$" http://isoredirect.centos.org/altarch/$1/isos/$2/$3
ReWriteRule "^/(?:altarch)/(.*)/isos/(.*)/(.*\.raw.xz)$" http://isoredirect.centos.org/altarch/$1/isos/$2/$3
ReWriteRule "^/(?:altarch)/(.*)/isos/(.*)/$" http://isoredirect.centos.org/altarch/$1/isos/$2/
mirror_stream_httpd_rewrite_rules: ""
# Some message to be displayed on html pages
mirror_header_page:
title: 'CentOS Mirror'
title_lead: ''
with_manifestation: 'CentOS Mirror'
with_content:
- element: p
element_class: alert alert-warning
element_content: >-
This directory tree doesn't contain any supported/maintained release ! <br>
For CentOS Stream 9 and beyond (including src.rpm and debuginfo packages), see <a href="http://mirror.stream.centos.org">CentOS Stream mirror</a>.<br>
For archived content from EOL releases, see <a href="http://vault.centos.org">Vault mirror</a> and <a href="http://debuginfo.centos.org">Debuginfo mirror</a>
mirror_stream_header_page:
title: 'CentOS Stream Mirror'
title_lead: ''
with_manifestation: ''
with_content:
- element: p
element_class: alert alert-success
element_content: >-
This directory tree contains new CentOS Stream releases, starting from release '9-stream'<br>
For previous CentOS Linux releases , see <a href="http://mirror.centos.org">CentOS mirror</a>.<br>
# Do we also want to become member of the msync network
# So opening up rsyncd to oustide world to let them sync from us
mirror_rsyncd: True
# We'll parse inventory to allow some IPs based on hostgroup-role-mirror vars
# But we can also add other ones (outside of ansible for example)
mirror_rsyncd_allow_from:
- 192.168.1.1
- 172.16.31.230
# Do we also be a full internal/public mirror (so with no RewriteRules for .iso sending to isoredirect)
# If so we just need to enable and declare public hostname (non centos.org)
mirror_external_vhost: False
mirror_external_hostname: centos-mirror.yourdomain.com
mirror_stream_httpd_serveralias: "{{ inventory_hostname }}"
# GPG symmetric key used to decrypt the file generated dynamically by mirror crawler for ACL rights
# Obviously the wrong one in the default variables here for the role
mirror_acl_gpg_key: eq6xVZ4bdpgtGfwnqvr4T0SK
# Full path/URI to the .gpg files with ACLs
mirror_acl_url: https://node99.centos.org/01_CentOS.conf.gpg
mirror_stream_acl_url: https://node99.centos.org/02_CentOS-Stream.conf.gpg
# Zabbix/monitoring part
mirror_zabbix_templates:
- Template CentOS Msync server
mirror_zabbix_groups:
- CentOS Msync servers