Store AFS cell configuration at authz.afs.cells instead of just

[invirt/packages/xvm-prodconfig.git] / master.yaml

diff --git a/master.yaml b/master.yaml
index f73f80f..0034344 100644 (file)
--- a/master.yaml
+++ b/master.yaml
@@ -1,13 +1,26 @@
+contact: &contact xvm@mit.edu
+adminacl: &adminacl system:xvm-root
+priv_contact: &priv_contact xvm-root@mit.edu
+
 apt:
  keyid: 35AE3C4F
 
 authz:
- - type: afs
-   cell: athena.mit.edu
-   auth: yes
- - type: afs
-   cell: sipb.mit.edu
-   auth: yes
+ mech: invirt.authz.locker
+ afs:
+  cells:
+  - cell: athena.mit.edu
+    auth: yes
+  - cell: sipb.mit.edu
+    auth: yes
+  - cell: zone.mit.edu
+    auth: yes
+  - cell: ops.mit.edu
+    auth: no
+  - cell: net.mit.edu
+    auth: no
+  - cell: dev.mit.edu
+    auth: no
 
 console:
  hostname: xvm-console.mit.edu
@@ -31,7 +44,7 @@ dhcp:
  search_domain: mit.edu
 
 dns:
- contact: xvm@mit.edu
+ contact: *contact
  domains: # first one is advertised
   - xvm.mit.edu
   - 2.181.18.in-addr.arpa
@@ -41,6 +54,19 @@ dns:
  zone_files:
   - /etc/invirt/zone
 
+git:
+ pockets:
+  prod:
+   acl: *adminacl
+   apt: stable
+  dev:
+   acl: system:xvm-dev
+   apt: unstable
+   allow_backtracking: yes
+ tagger:
+  name: Invirt Build Server
+  email: invirt@mit.edu
+
 hosts: # hosts on which VMs run
  - hostname: citadel-station.mit.edu
    ip: 18.181.0.221
@@ -54,6 +80,9 @@ hosts: # hosts on which VMs run
 kerberos:
  realm: ATHENA.MIT.EDU
 
+mail:
+ forward: *priv_contact
+
 monitoring:
  - hostname: syn.mit.edu
    ip: 18.181.0.65
@@ -76,8 +105,7 @@ vnc:
 web:
  baseuri: https://xvm.mit.edu/
  hostname: xvm.mit.edu
- errormail: xvm@mit.edu
- adminacl: system:xvm-root
+ errormail: *contact
  errormail_exclude:
   - broder
   - price