groups['gce'] = { 'bundles': { 'gce-workaround', }, 'member_patterns': { r"gce\..*", }, 'metadata': { 'hosts': { 'entries': { '169.254.169.254': { 'metadata.google.internal', }, }, }, 'location': 'gce', 'nameservers': { '8.8.8.8', '8.8.4.4', }, 'postfix': { # It's fine to do this without authentificating to the relayhost. # These Systems are not supposed to send mail anywhere else # than our own domains. 'relayhost': '[rx300.kunbox.net]:2525', }, }, } groups['htz'] = { 'subgroup_patterns': { r'htz\-.+', }, } groups['htz-cloud'] = { 'member_patterns': { r"htz\-cloud\..*", }, 'metadata': { 'apt': { 'packages': { 'cryptsetup-bin': { 'installed': False, }, 'cryptsetup-run': { 'installed': False, }, 'cryptsetup-initramfs': { 'installed': False, }, }, }, 'location': 'htz-cloud', }, } groups['htz-hel'] = { 'member_patterns': { r'htz\-hel\..+', }, 'metadata': { 'location': 'htz-hel', }, } groups['home'] = { 'member_patterns': { r"home\..*", }, 'bundles': { 'lldp', }, 'metadata': { 'location': 'home', 'icinga_options': { 'also_affected_by': { 'home.router', }, 'vars.notification.sms': False, }, 'postfix': { # It's fine to do this without authentificating to the relayhost. # These Systems are not supposed to send mail anywhere else # than our own domains. 'relayhost': '[rx300.kunbox.net]:2525', }, }, } groups['ovh'] = { 'member_patterns': { r"ovh\..*", }, 'metadata': { 'location': 'ovh', 'postfix': { 'relayhost': '[rx300.kunbox.net]:2525', }, 'users': { 'debian': { 'delete': True, }, }, }, } groups['voc'] = { 'member_patterns': { r"voc\..*", }, 'metadata': { 'apt': { # Move patchday to somewhere where the possibility of # clashing with actual events is less likely. 'unattended-upgrades': { 'day': 1, }, }, 'location': 'voc', }, }