In the current quarter, RelEng and Security are pairing up on improving our release pipeline. We plan to install a standalone Jenkins installation--no Zuul, not connected to rest of CI or Gerrit--to run daily jobs to generate our tar files & patches.
The existing Jenkins setup is not suitable since these builds will contain unreleased security patches and access will be locked down. So we need a dedicated host but there's no need to waste physical hardware for this.
I'm thinking like 2 cores, 4gb of ram, ~125gb of disk should be plenty. Probably don't even need quite that much disk. Standard partition scheme (large /srv, everything else on /) is good.