diff options
author | Micah Anderson <micah@riseup.net> | 2014-11-24 16:11:17 -0500 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2014-11-24 16:11:17 -0500 |
commit | 364a43d1ac65abd030baeddfc3eff763486cfe16 (patch) | |
tree | 490cc48ed0f7bf2022c35792d29067e4d7bd03c1 | |
parent | 2d0248f9c8d9692ec7df4f46c659282d1a7c310c (diff) |
update ssh host keys
38 files changed, 398 insertions, 1339 deletions
diff --git a/files/nodes/clam/clam_ssh.pub b/files/nodes/clam/clam_ssh.pub index e3078be..939acaf 100644 --- a/files/nodes/clam/clam_ssh.pub +++ b/files/nodes/clam/clam_ssh.pub @@ -1 +1 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDR+ZrQQ4ggDM5ZpNyoVmZJ3cQwzlfrTorWohEY0BAhLDuxpKR5U95Dam8xckh4tM2o0ZFkayVYLoW2s1hrD8Rt6AYVM6l7z5tSf/lIbWO++PAoIKSPJmSmg7kZs+P3Tafs0VjJh3Ypc2nmqvih+oRPSSdDUP7Dqumham5GGWVG/Y7UzukY7r1SeWdFW3fEvR+74/rCpWbSPgG5Fckp9FTy82JV7z+E+S+UHD1Dcgpimve4GGAbHVySNPI1khNHeTFuPJCgehwLOInCexXJO5gIcqyj4d3xABt84BGEHbzaSYDiUNZJep/dOddGt+xTZCzmmFtYcSjUZLR+wQCMFOeH
\ No newline at end of file +ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMYfDEXXpRdNtIaa1aGLVqG/3laVEoLi4ujKAFKtsgOJqw6qd6Sph29Jyqb5SmXNqzebuVKbWmKogXia1wKnjUc=
\ No newline at end of file diff --git a/files/nodes/deer/deer_ssh.pub b/files/nodes/deer/deer_ssh.pub index 76a37e2..8a4380a 100644 --- a/files/nodes/deer/deer_ssh.pub +++ b/files/nodes/deer/deer_ssh.pub @@ -1 +1 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDz1/VqEz2qDtR1lgUqhnS8G8wYaDwbB1lPsBhloyCFHuSKmr2DGjmVSVYKtmTXnQZhAuOQuME4RHiVgNPUAKOBGDTyA5eCdjUeguZm4CnZU0ISBj1iKSa1l7RHZDZmirC62f8OJ6Ma9Ls62BZN8Vy4T7v55qn5Ky+D+/XrDqlES3zTHoNWkR3Xn1JDZ1Ov20qvB2wdYRL6LStcB915BE1e56IrnOEq7ybg5h84Jtpx8fyq1Geynjoz3q3YUAQuhziawM6seQk+v7QUTGMHD/xyaRD/VZqGn65k4suin4OHb1gFysxf2xdwzEnhheItXZontQue5DgjE8GE/OlRCvdx
\ No newline at end of file +ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBORp1ohUpy+qSPhgklCvujSTGeIsHdY9hBDJZimfeRZFq3ZuZvLltrvla8++BBTCskgEUdGtNivK9I0oCviyDeA=
\ No newline at end of file diff --git a/files/nodes/elephant/elephant_ssh.pub b/files/nodes/elephant/elephant_ssh.pub index fd59e58..d4dad42 100644 --- a/files/nodes/elephant/elephant_ssh.pub +++ b/files/nodes/elephant/elephant_ssh.pub @@ -1 +1 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClpJntSyXlBMiHfmZ6xIo1NiNCgomVOWrkl3nH+9nzqimKWqikp2DlR6jWSMebTyyuy8rB/1lbj7/Z3AxNXjUoOpGpyKrE3viNYZie4Y4QDn3hFPMxHjoYcD/OerosFFZe8Byf0ExTQ4VPmzNKdcTJN/QFjWWZk5AElX2OLnpSYOOBUwiDQeAJkALMmInXYO/+IXeBsygYND8+KZb0qfLpvgPYa4t0p8WVuRS/c0o+dtATmc2HN6N1YxEnmuzx1h1UDO6k4PRNDbO8+U7zsGagEpMJmzGc+liJxwDCgLCieQAxriXWTpiqxJ55pDtLIJKONaNP2UsUai2b9xQ9NsNN
\ No newline at end of file +ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOktOAJ7qxG2pC+qGVJTMNLMZGdhyInsuCX7phvQSTJxo2HNTUcSR/CJuLwsV0yqBVTmbrUNBCJS/n+x6bVqUeg=
\ No newline at end of file diff --git a/files/nodes/elk/elk_ssh.pub b/files/nodes/elk/elk_ssh.pub index 9a5bd44..bf8e40d 100644 --- a/files/nodes/elk/elk_ssh.pub +++ b/files/nodes/elk/elk_ssh.pub @@ -1 +1 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDu95UcykhjBiamMLHpGqB1UrPScpihrfOvlX0yO4zTa3PoJy+tx06UNfZ5JZD5llsezZ5HifUANSQ0XFPeYr3Vf4wrbD59oilUQtNXyB8avXatipRljURp6Yb5w1/pputbuZSe8aqn1HMDrSkTILbaCSdF0y5vWvssU2eDmpaZMtNEgPvA39PHHgxLXno7aktMJ8Vc3Wvqm6aUiBURZILGPchnVHgiMZUNiwm/nx7eRkIv1OTOJwPRBAOzqZuKf3c6jemtAMpihlwq4hBl99f+mWe/Fpzy0pq+BkfCPCnOE9iXk9ELd7hl0MoLHMdjCoQeWdVVEm5gJTjx0iZCDdyF
\ No newline at end of file +ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJxIofc6JyVvppMKv/hZnMZp/aYeEcy5kHAW1O1/ZkHnclc/cmxEQ2HtRNhMXziOrYZG/UB9NCEBkTFG2PG6XH8=
\ No newline at end of file diff --git a/files/nodes/snail/snail_ssh.pub b/files/nodes/snail/snail_ssh.pub index 46c66fd..2f780c5 100644 --- a/files/nodes/snail/snail_ssh.pub +++ b/files/nodes/snail/snail_ssh.pub @@ -1 +1 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8wxuY3ytE1h/XDKYUkcAwIoGjhWTOafRrziSbpIxwNmadSKPh/sv7kUweRexFdoh+H1uLVGmN/YEciZvq6L7HomH1eX00NamZBJyBE9018cNOfD4943Lqs+LIQDDNVis+4fVoOdyVco+Q1U/bnUQcbAa1eRZ4LzAm8pDDyzdtFGFJEeHt1xsqEqyHv5As6lNMwpgRGDUFUOZClyUc/2gvPWx6GReCuwyXNUYRt99eN+p+F3mjSk5n0dzRsi32Mo550pHHJxIlbnJifq15Q4DqVMBoYGHYWFHfDdjb5G9botPa3NF/7Db/yNQQ9EZPBOIDf135lgduK53OM5spDg9b
\ No newline at end of file +ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK+IgHh5d/DYKrfzc8yGSBiNxFOg8vnTTfuykuQK3wO9F7Obzxuux/qlvHV1yPV0I9id72bduDfyfngMU5jqugY=
\ No newline at end of file diff --git a/files/nodes/starfish/starfish_ssh.pub b/files/nodes/starfish/starfish_ssh.pub index b9821da..c3cdef4 100644 --- a/files/nodes/starfish/starfish_ssh.pub +++ b/files/nodes/starfish/starfish_ssh.pub @@ -1 +1 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYdKG2P28qWIzj497n8DaC50wPUUHDGg6qvSf64+qtfKGG6n1NNL4vrtO/mvOwLVCE7EqeQGzKD3V6/RyDECvKQK3bspMLE6E5MuH5cMKzlSKDZETtCMI/23UTRe8HXoQSZbwxtSFEA+p38M0yqqwysk5tna+Fo9ZatDgwRqOln1m9ny6ckxXMhpuc0s/7nbqLtHvhm22i70ghU5Hrjgz+/xI5IoL5e3vkDbAih1Jub+TdpmxnTKw53oWL2vzDxKstsmNm7GOeujPr5SDdVpxhzxfg/9JBtT59yiGm4C3sNC7LsceME2V77qSx9RIqVeWv/hvHjRqEFErIAMCl6UoB
\ No newline at end of file +ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH7hjD8SIQshnCrMkin4MY6ff1QAJRusnMMsitiTc3+rpn5cCVW+ZB6+nwSKUyiXbD8l6wcL0CTxEZJGhYyfKc0=
\ No newline at end of file diff --git a/files/nodes/urchin/urchin_ssh.pub b/files/nodes/urchin/urchin_ssh.pub index 2cdc63b..ef70195 100644 --- a/files/nodes/urchin/urchin_ssh.pub +++ b/files/nodes/urchin/urchin_ssh.pub @@ -1 +1 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfU1/BwcAUPRHNffdxePpL15ME0shqsINsbyTbE3pcxwB+oUk0BO8Hk2rVU9WAvUXBRzKjjTNVbXz3lFv1cDsIIRmSewN5G2qR3KO2MAlEaOPZa9oy6vzoJ3i8r8SlESDFUZLkzWfTDtnvb7DlkYAZwaJ1LMhO7Ou3PDdxyWixmpE5cblCExoO55fmJMP9FmD6viqc2rfRKiNkb9W8uqiEBXEGG96QBnAwXGPD3THlfe7SWJeGGuvWsH9kUJIDAABb8GHdzquOYr2xvwyBnQNgWCbyI60umlNLFNlOuX3Q8s8bGcEcKtwb5mJIztBgITsyuzm7H+z/e+EGOU1G2I0r
\ No newline at end of file +ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKuJ+QA8GaXfxxERGFQSznpqJNmIk4gNFp3UvqYvL9PLeFUP4DwwsyCWg24x1R7RkFE3P75Jcck6Q8JW8d9iQWo=
\ No newline at end of file diff --git a/files/ssh/known_hosts b/files/ssh/known_hosts index 39e3dc8..6e933e6 100644 --- a/files/ssh/known_hosts +++ b/files/ssh/known_hosts @@ -6,11 +6,11 @@ ant,ant.demo.bitmask.i,ant.demo.bitmask.net,198.252.153.82 ecdsa-sha2-nistp256 A canvasback,canvasback.cdev.bitmask.i,canvasback.cdev.bitmask.net,199.119.112.4 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH5g/h43gZ3pQsU8ohme4J2mDeZgxGnd3lfR428GRqxKH4MEDGGrimpK1oPf6scey+oD8WYvSYP3ZjPFZHxyq4A= chameleon,chameleon.unstable.bitmask.i,chameleon.unstable.bitmask.net,199.119.112.10 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCbam3MYRlMunsimA/FMoS3qH03GcSTS7PPphE5es7oucWidaBp8HUKhl9SXTXe/98wYWTTMZPdWvjJvloWHxTAH1nt/TQxcCRZLPjaInt7NUo3aV5u0ADNaBKvcI8mFZMECSOol8ss+2+HHaqN3AQXcrotClz0vDb0a/9wPBKO0/oYR9PaDBR2wqq5TpOQn7lLmvygMCxvMr9PGgn02RnVsMHQ7qBH+Dk2MDM9DqT4Nr/WW61kwQKv1G/cfAD0MFN2HHMBj6Tx4pHPgTm9GhlEGmkUzykNSrqkg5V69peqeDTkNTkWy6WIwzk0Td7ohhLypa4dMUB5miSPHObrKSDJ chipmonk,chipmonk.cdev.bitmask.i,chipmonk.cdev.bitmask.net,199.119.112.19 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDyqIb8/kigC0IUCVFlIKmhp5+C/P2W7d71jMX6ZK9XAzRzxFdMmcvn5H6ypUsLWQ7r327nD1bRupKiYdmPWrWk= -clam,clam.dev.bitmask.i,clam.dev.bitmask.net,176.53.69.22 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDR+ZrQQ4ggDM5ZpNyoVmZJ3cQwzlfrTorWohEY0BAhLDuxpKR5U95Dam8xckh4tM2o0ZFkayVYLoW2s1hrD8Rt6AYVM6l7z5tSf/lIbWO++PAoIKSPJmSmg7kZs+P3Tafs0VjJh3Ypc2nmqvih+oRPSSdDUP7Dqumham5GGWVG/Y7UzukY7r1SeWdFW3fEvR+74/rCpWbSPgG5Fckp9FTy82JV7z+E+S+UHD1Dcgpimve4GGAbHVySNPI1khNHeTFuPJCgehwLOInCexXJO5gIcqyj4d3xABt84BGEHbzaSYDiUNZJep/dOddGt+xTZCzmmFtYcSjUZLR+wQCMFOeH -deer,deer.dev.bitmask.i,deer.dev.bitmask.net,202.85.227.195 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDz1/VqEz2qDtR1lgUqhnS8G8wYaDwbB1lPsBhloyCFHuSKmr2DGjmVSVYKtmTXnQZhAuOQuME4RHiVgNPUAKOBGDTyA5eCdjUeguZm4CnZU0ISBj1iKSa1l7RHZDZmirC62f8OJ6Ma9Ls62BZN8Vy4T7v55qn5Ky+D+/XrDqlES3zTHoNWkR3Xn1JDZ1Ov20qvB2wdYRL6LStcB915BE1e56IrnOEq7ybg5h84Jtpx8fyq1Geynjoz3q3YUAQuhziawM6seQk+v7QUTGMHD/xyaRD/VZqGn65k4suin4OHb1gFysxf2xdwzEnhheItXZontQue5DgjE8GE/OlRCvdx +clam,clam.dev.bitmask.i,clam.dev.bitmask.net,176.53.69.22 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMYfDEXXpRdNtIaa1aGLVqG/3laVEoLi4ujKAFKtsgOJqw6qd6Sph29Jyqb5SmXNqzebuVKbWmKogXia1wKnjUc= +deer,deer.dev.bitmask.i,deer.dev.bitmask.net,202.85.227.195 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBORp1ohUpy+qSPhgklCvujSTGeIsHdY9hBDJZimfeRZFq3ZuZvLltrvla8++BBTCskgEUdGtNivK9I0oCviyDeA= demodex,demodex.dev.bitmask.i,demodex.dev.bitmask.net,204.13.164.171 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2iNuS97BTd7flA/8nho/w3+THNriQPf1IpgcI/TCaTxIG5T85FRIApNAIxayJjBAt9C/MM8LMUlpRTq1Y8vlpYmfcWAJj5V8bbP03TXNIkgK8rtStjN061bhWXo4AVfD1hFyL+wUrdGRX2laaJvOgMO+UCkYb9PPqEfyKCMhcu3Da7auznYucrNxcJwCU4TpVgmQDYE0DWpYkssTbGJ7YJOZAtwNWtOrZFVRzOvMy3WvAM/s0x/ME6CQi6k6dDHlSpafhPAl/B4koTtnPksmXc7xCpmaun1j68C0yvD1l9QBPKyFwJ1KCJgx+9++CqnSFbIbX3ebb0FGtMHrak2xL -elephant,elephant.dev.bitmask.i,elephant.dev.bitmask.net,176.53.69.13 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClpJntSyXlBMiHfmZ6xIo1NiNCgomVOWrkl3nH+9nzqimKWqikp2DlR6jWSMebTyyuy8rB/1lbj7/Z3AxNXjUoOpGpyKrE3viNYZie4Y4QDn3hFPMxHjoYcD/OerosFFZe8Byf0ExTQ4VPmzNKdcTJN/QFjWWZk5AElX2OLnpSYOOBUwiDQeAJkALMmInXYO/+IXeBsygYND8+KZb0qfLpvgPYa4t0p8WVuRS/c0o+dtATmc2HN6N1YxEnmuzx1h1UDO6k4PRNDbO8+U7zsGagEpMJmzGc+liJxwDCgLCieQAxriXWTpiqxJ55pDtLIJKONaNP2UsUai2b9xQ9NsNN -elk,elk.dev.bitmask.i,elk.dev.bitmask.net,176.53.69.127 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDu95UcykhjBiamMLHpGqB1UrPScpihrfOvlX0yO4zTa3PoJy+tx06UNfZ5JZD5llsezZ5HifUANSQ0XFPeYr3Vf4wrbD59oilUQtNXyB8avXatipRljURp6Yb5w1/pputbuZSe8aqn1HMDrSkTILbaCSdF0y5vWvssU2eDmpaZMtNEgPvA39PHHgxLXno7aktMJ8Vc3Wvqm6aUiBURZILGPchnVHgiMZUNiwm/nx7eRkIv1OTOJwPRBAOzqZuKf3c6jemtAMpihlwq4hBl99f+mWe/Fpzy0pq+BkfCPCnOE9iXk9ELd7hl0MoLHMdjCoQeWdVVEm5gJTjx0iZCDdyF +elephant,elephant.dev.bitmask.i,elephant.dev.bitmask.net,176.53.69.13 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOktOAJ7qxG2pC+qGVJTMNLMZGdhyInsuCX7phvQSTJxo2HNTUcSR/CJuLwsV0yqBVTmbrUNBCJS/n+x6bVqUeg= +elk,elk.dev.bitmask.i,elk.dev.bitmask.net,176.53.69.127 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJxIofc6JyVvppMKv/hZnMZp/aYeEcy5kHAW1O1/ZkHnclc/cmxEQ2HtRNhMXziOrYZG/UB9NCEBkTFG2PG6XH8= frog,frog.bitmask.i,frog.bitmask.net,199.119.112.23 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNurBzA0Yk4smJr9x+EttnpdaZg9FNnWTl+JKwmYBMXxaoh+W0fOCkooA5DuQq/e6V/BmJC5WoerFWhV2oxSs5w= gadwall,gadwall.cdev.bitmask.i,gadwall.cdev.bitmask.net,199.119.112.5 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBC4ycn7GabjeeewBmzTUbH+rZjRQV9seFmqbW2o5cE4jLsbPIMcMRRwLhA7TfIRLL7bLyuRNUWXwOqKZb/Psiog= hippo,hippo.demo.bitmask.i,hippo.demo.bitmask.net,85.17.92.143 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBL4iit51nt0P5yulG9s5iNP94MVGOXZTbPeHbnIqXmiYv8u5Cq8l/R4S9T8s9oh8PdZvGfWrbxewz3CaHgIvtbc= @@ -20,8 +20,8 @@ millipede,millipede.demo.bitmask.i,millipede.demo.bitmask.net,198.252.153.83 ecd octopus,octopus.unstable.bitmask.i,octopus.unstable.bitmask.net,199.119.112.16 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDLbvsEZGXVaC74PcXd/M4wwv7nnAhg3318EqcGbo2aX5Tt+mAYbxjLj+HAiJgG63Mp6+GEuH5KNwgrRNwaOqh84tOMOYOKFAdgha4z6WC9q9sFIkqwaE2KDfoENKyUo0ywb0aBAW0EvYMt92BL7p5T8oQr/SbFw/GW1iyEqCPFK4VcupdnjDd8wyolgLawg0Okah5IHVosuJQEZXii7I0nhAl5OUkn5DIr6NklW6gTht+m6yRl7KNS+SGfyZs5U/1NywtwqPIH5Zgwt3Cphzga+d++6HbpO3PXA1PmN/bYJGDC0zG9gDSae1mvc+pDWWELgHEfpjzigrqqeNJtO2UD panda,panda.unstable.bitmask.i,panda.unstable.bitmask.net,199.119.112.9 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2cA8eQ4VD3tW7p+Fy0ZLXBzFbgwFOXjdau8zQd0WzJd2sifsLMHv/iGcfELsK+O7Jh7KsezwhT+seZQR6QmdX4qgFvtKB86DgUmMVc5k1Zja1+vXjhsMVB0/EY7k7CM3Clm8NRJzjiA407TFYsCMLuVRaW5hvgFiH9+4aszbmtbfWoFVT97y3o2bkP0exz5jxgKsnlJDF9HJBsVEHXnozvopZeoprrDbtJZQGQA+HcllJm678sIzwEwWn/6JtH6LmcvhnRL5ohd0Tlhf/lqFS9if+EzEt278crUMWcePSxb7a4lV6cJrxE3VaiZ+ldsvJebcYDvtJCK1T8ea4OarB seahorse,seahorse.unstable.bitmask.i,seahorse.unstable.bitmask.net,199.119.112.12 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCfIO4Zdb7Xl1xP3Nw6hCSRSU9t6D2l3HpP38V1VM+2sLHDUdGDlHYWgUlfril5wZ6DdvU1DO2xrSTPDR1LrLEk/OKuFthnNUmRfE+NQQbf/KjEfj+AFj36l9evbWwef/EwECOtydQYZTEabVvrt0yprHYnfd728UklkFjXg67962X9A8DtK2OcPovEbcpPA3vo88+SZukNXAFUQcZPbX5ux0WZ1RH0GQVLVFo0dL4dQdEHZIXVYNvI9X7FzcN4WNjYyZfibiCmo3zdv15Hybh1NMQtBC6H5ZtiykzqL7cbUmmKeYzgIycFnewUxr6P4WyWx7/kPqfR/0Dw5aQqufw1 -snail,snail.dev.bitmask.i,snail.dev.bitmask.net,176.53.69.14 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8wxuY3ytE1h/XDKYUkcAwIoGjhWTOafRrziSbpIxwNmadSKPh/sv7kUweRexFdoh+H1uLVGmN/YEciZvq6L7HomH1eX00NamZBJyBE9018cNOfD4943Lqs+LIQDDNVis+4fVoOdyVco+Q1U/bnUQcbAa1eRZ4LzAm8pDDyzdtFGFJEeHt1xsqEqyHv5As6lNMwpgRGDUFUOZClyUc/2gvPWx6GReCuwyXNUYRt99eN+p+F3mjSk5n0dzRsi32Mo550pHHJxIlbnJifq15Q4DqVMBoYGHYWFHfDdjb5G9botPa3NF/7Db/yNQQ9EZPBOIDf135lgduK53OM5spDg9b -starfish,starfish.dev.bitmask.i,starfish.dev.bitmask.net,176.53.69.23 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYdKG2P28qWIzj497n8DaC50wPUUHDGg6qvSf64+qtfKGG6n1NNL4vrtO/mvOwLVCE7EqeQGzKD3V6/RyDECvKQK3bspMLE6E5MuH5cMKzlSKDZETtCMI/23UTRe8HXoQSZbwxtSFEA+p38M0yqqwysk5tna+Fo9ZatDgwRqOln1m9ny6ckxXMhpuc0s/7nbqLtHvhm22i70ghU5Hrjgz+/xI5IoL5e3vkDbAih1Jub+TdpmxnTKw53oWL2vzDxKstsmNm7GOeujPr5SDdVpxhzxfg/9JBtT59yiGm4C3sNC7LsceME2V77qSx9RIqVeWv/hvHjRqEFErIAMCl6UoB +snail,snail.dev.bitmask.i,snail.dev.bitmask.net,176.53.69.14 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK+IgHh5d/DYKrfzc8yGSBiNxFOg8vnTTfuykuQK3wO9F7Obzxuux/qlvHV1yPV0I9id72bduDfyfngMU5jqugY= +starfish,starfish.dev.bitmask.i,starfish.dev.bitmask.net,176.53.69.23 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH7hjD8SIQshnCrMkin4MY6ff1QAJRusnMMsitiTc3+rpn5cCVW+ZB6+nwSKUyiXbD8l6wcL0CTxEZJGhYyfKc0= thrips,thrips.demo.bitmask.i,thrips.demo.bitmask.net,204.13.164.162 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIJHNnsfeuNBkVRm7cJvgD0rTX1wztnoz9SuHK2vJ9Pcluo8VfFoQrwayoFiAPJNC0dOoSra0Ir9L/eNQtjEzW0= -urchin,urchin.dev.bitmask.i,urchin.dev.bitmask.net,176.53.69.21 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfU1/BwcAUPRHNffdxePpL15ME0shqsINsbyTbE3pcxwB+oUk0BO8Hk2rVU9WAvUXBRzKjjTNVbXz3lFv1cDsIIRmSewN5G2qR3KO2MAlEaOPZa9oy6vzoJ3i8r8SlESDFUZLkzWfTDtnvb7DlkYAZwaJ1LMhO7Ou3PDdxyWixmpE5cblCExoO55fmJMP9FmD6viqc2rfRKiNkb9W8uqiEBXEGG96QBnAwXGPD3THlfe7SWJeGGuvWsH9kUJIDAABb8GHdzquOYr2xvwyBnQNgWCbyI60umlNLFNlOuX3Q8s8bGcEcKtwb5mJIztBgITsyuzm7H+z/e+EGOU1G2I0r +urchin,urchin.dev.bitmask.i,urchin.dev.bitmask.net,176.53.69.21 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKuJ+QA8GaXfxxERGFQSznpqJNmIk4gNFp3UvqYvL9PLeFUP4DwwsyCWg24x1R7RkFE3P75Jcck6Q8JW8d9iQWo= wallaby,wallaby.demo.bitmask.i,wallaby.demo.bitmask.net,204.13.164.57 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBP/bJJ5OoSveoTEXAl26Gz0tqJkwzdA2fezMFeyoDDF6BCWntfzFZahoxHWg5alUfNMCJeYYOPYu/k05QzXThkQ= diff --git a/hiera/ant.yaml b/hiera/ant.yaml index dbfbebf..59e9afd 100644 --- a/hiera/ant.yaml +++ b/hiera/ant.yaml @@ -8,8 +8,6 @@ couch: epmd_port: 4369 neighbors: - thrips.demo.bitmask.net - master: false - mode: multimaster port: 5984 users: admin: @@ -24,10 +22,6 @@ couch: password: CyhRSafC4SUGQ9F762Qfv3TPQDqTjn2G salt: e3ee9259723d0cbd8b3265dbe8b4e21e username: nickserver - replication: - password: gPFMMKdZaTHF24nQGYQTDHkAduQcarBm - salt: 215a1f508e2b564978f98e43231e1506 - username: replication soledad: password: cGqWZqTdFc_fuSZvfPtUTL_7uMA6d5YC salt: 514355e86f1d3fa4de42b677de21281d @@ -80,9 +74,6 @@ mail: smarthost: - leech.demo.bitmask.net name: ant -platform: - major_version: "0.6" - version: "0.6" service_type: internal_service services: - couchdb @@ -123,29 +114,25 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - clients: - ednp_clients: - thrips_9002: - accept_port: 4001 - connect: thrips.demo.bitmask.i - connect_port: 19002 - original_port: 9002 - epmd_clients: - thrips_4369: - accept_port: 4000 - connect: thrips.demo.bitmask.i - connect_port: 14369 - original_port: 4369 - servers: - couch_server: - accept_port: 15984 - connect_port: 5984 - ednp_server: - accept_port: 19002 - connect_port: 9002 - epmd_server: - accept_port: 14369 - connect_port: 4369 + couch_server: + accept: 15984 + connect: "127.0.0.1:5984" + ednp_clients: + thrips_9002: + accept_port: 4001 + connect: thrips.demo.bitmask.i + connect_port: 19002 + ednp_server: + accept: 19002 + connect: "127.0.0.1:9002" + epmd_clients: + thrips_4369: + accept_port: 4000 + connect: thrips.demo.bitmask.i + connect_port: 14369 + epmd_server: + accept: 14369 + connect: "127.0.0.1:4369" tags: - demo - seattle @@ -211,9 +198,6 @@ x509: BQxrMTmmPg9p/pQgsRd0zrMBAHVVOWIUdEvMe9d6JMsHabOsDG+nySGrDAgTuBf3 Eqk8NgcHUMUFnnESUmcKjsMsn/fSQceYG06R8nNBsq1vpH9Vv+7kvgJx4WQCjg== -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEpQIBAAKCAQEAms2pFpXAyOqZ54YccmnQBFYTXQAdqCs5mpr0xSOPwI9J25nn @@ -243,4 +227,3 @@ x509: /DVs7/l3QcdZumI+MVs1fSMQWAvad7PSC5GOr7s1KcMxi0nHkFZ1de0= -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/canvasback.yaml b/hiera/canvasback.yaml index 1f8d46f..4980fcf 100644 --- a/hiera/canvasback.yaml +++ b/hiera/canvasback.yaml @@ -105,9 +105,9 @@ development: site_config: true dns: aliases: - - api.cdev.bitmask.net - canvasback.cdev.bitmask.net - cdev.bitmask.net + - api.cdev.bitmask.net - nicknym.cdev.bitmask.net public: true domain: @@ -119,15 +119,12 @@ domain: enabled: true environment: clientdev haproxy: - couch: - listen_port: 4096 - servers: - gadwall: - backup: false - host: localhost - port: 4000 - weight: 100 - writable: true + servers: + gadwall: + backup: false + host: localhost + port: 4000 + weight: 100 hosts: chipmonk: domain_full: chipmonk.cdev.bitmask.net @@ -156,9 +153,6 @@ nickserver: username: nickserver domain: nicknym.cdev.bitmask.net port: 6425 -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - webapp @@ -199,29 +193,25 @@ ssh: ports: "60000:61000" port: 22 stunnel: - clients: - couch_client: - gadwall_5984: - accept_port: 4000 - connect: gadwall.cdev.bitmask.i - connect_port: 15984 - original_port: 5984 - servers: {} + couch_client: + gadwall_5984: + accept_port: 4000 + connect: gadwall.cdev.bitmask.i + connect_port: 15984 tags: - clientdev - dc webapp: admins: - - azul - elijah + - varac + - micah - kwadronaut - mcnair - meanderingcode - - micah - - varac + - azul allow_anonymous_certs: false allow_limited_certs: false - allow_registration: true allow_unlimited_certs: true api_version: 1 client_certificates: @@ -237,29 +227,16 @@ webapp: password: _CatyL3Ienc4wRrfPubrhyfYCFmCyt9t salt: 1c1dd6eb78f027414f1638bd6c902a5a username: webapp - customization_dir: /srv/leap/files/webapp/ + customization_dir: /etc/leap/files/webapp/ default_service_level: 1 domain: cdev.bitmask.net - engines: - - support - forbidden_usernames: - - admin - - administrator - - arin-admin - - certmaster - - contact - - info - - maildrop - - postmaster - - ssladmin - - www-data git: revision: origin/master source: "https://leap.se/git/leap_web" modules: + - user - billing - help - - user nagios_test_user: password: HpR8dKsLPnYXjQaHXfC3rP_dM3CpXKIL username: nagios_test @@ -572,4 +549,3 @@ x509: QJ+JGFsRME7FZQr9oetc7XefTczI1a0ENLiVTDeTgi4g2mqly3uSIg== -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/hiera/chameleon.yaml b/hiera/chameleon.yaml index ffccfeb..e7b07cd 100644 --- a/hiera/chameleon.yaml +++ b/hiera/chameleon.yaml @@ -137,10 +137,10 @@ development: site_config: true dns: aliases: - - api.unstable.bitmask.net - chameleon.unstable.bitmask.net - - nicknym.unstable.bitmask.net - unstable.bitmask.net + - api.unstable.bitmask.net + - nicknym.unstable.bitmask.net public: true domain: full: chameleon.unstable.bitmask.net @@ -151,15 +151,12 @@ domain: enabled: true environment: unstable haproxy: - couch: - listen_port: 4096 - servers: - panda: - backup: false - host: localhost - port: 4000 - weight: 100 - writable: true + servers: + panda: + backup: false + host: localhost + port: 4000 + weight: 100 hosts: ant: domain_full: ant.demo.bitmask.net @@ -184,12 +181,12 @@ hosts: clam: domain_full: clam.dev.bitmask.net domain_internal: clam.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDR+ZrQQ4ggDM5ZpNyoVmZJ3cQwzlfrTorWohEY0BAhLDuxpKR5U95Dam8xckh4tM2o0ZFkayVYLoW2s1hrD8Rt6AYVM6l7z5tSf/lIbWO++PAoIKSPJmSmg7kZs+P3Tafs0VjJh3Ypc2nmqvih+oRPSSdDUP7Dqumham5GGWVG/Y7UzukY7r1SeWdFW3fEvR+74/rCpWbSPgG5Fckp9FTy82JV7z+E+S+UHD1Dcgpimve4GGAbHVySNPI1khNHeTFuPJCgehwLOInCexXJO5gIcqyj4d3xABt84BGEHbzaSYDiUNZJep/dOddGt+xTZCzmmFtYcSjUZLR+wQCMFOeH" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMYfDEXXpRdNtIaa1aGLVqG/3laVEoLi4ujKAFKtsgOJqw6qd6Sph29Jyqb5SmXNqzebuVKbWmKogXia1wKnjUc=" ip_address: "176.53.69.22" deer: domain_full: deer.dev.bitmask.net domain_internal: deer.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDz1/VqEz2qDtR1lgUqhnS8G8wYaDwbB1lPsBhloyCFHuSKmr2DGjmVSVYKtmTXnQZhAuOQuME4RHiVgNPUAKOBGDTyA5eCdjUeguZm4CnZU0ISBj1iKSa1l7RHZDZmirC62f8OJ6Ma9Ls62BZN8Vy4T7v55qn5Ky+D+/XrDqlES3zTHoNWkR3Xn1JDZ1Ov20qvB2wdYRL6LStcB915BE1e56IrnOEq7ybg5h84Jtpx8fyq1Geynjoz3q3YUAQuhziawM6seQk+v7QUTGMHD/xyaRD/VZqGn65k4suin4OHb1gFysxf2xdwzEnhheItXZontQue5DgjE8GE/OlRCvdx" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBORp1ohUpy+qSPhgklCvujSTGeIsHdY9hBDJZimfeRZFq3ZuZvLltrvla8++BBTCskgEUdGtNivK9I0oCviyDeA=" ip_address: "202.85.227.195" demodex: domain_full: demodex.dev.bitmask.net @@ -199,12 +196,12 @@ hosts: elephant: domain_full: elephant.dev.bitmask.net domain_internal: elephant.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClpJntSyXlBMiHfmZ6xIo1NiNCgomVOWrkl3nH+9nzqimKWqikp2DlR6jWSMebTyyuy8rB/1lbj7/Z3AxNXjUoOpGpyKrE3viNYZie4Y4QDn3hFPMxHjoYcD/OerosFFZe8Byf0ExTQ4VPmzNKdcTJN/QFjWWZk5AElX2OLnpSYOOBUwiDQeAJkALMmInXYO/+IXeBsygYND8+KZb0qfLpvgPYa4t0p8WVuRS/c0o+dtATmc2HN6N1YxEnmuzx1h1UDO6k4PRNDbO8+U7zsGagEpMJmzGc+liJxwDCgLCieQAxriXWTpiqxJ55pDtLIJKONaNP2UsUai2b9xQ9NsNN" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOktOAJ7qxG2pC+qGVJTMNLMZGdhyInsuCX7phvQSTJxo2HNTUcSR/CJuLwsV0yqBVTmbrUNBCJS/n+x6bVqUeg=" ip_address: "176.53.69.13" elk: domain_full: elk.dev.bitmask.net domain_internal: elk.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDu95UcykhjBiamMLHpGqB1UrPScpihrfOvlX0yO4zTa3PoJy+tx06UNfZ5JZD5llsezZ5HifUANSQ0XFPeYr3Vf4wrbD59oilUQtNXyB8avXatipRljURp6Yb5w1/pputbuZSe8aqn1HMDrSkTILbaCSdF0y5vWvssU2eDmpaZMtNEgPvA39PHHgxLXno7aktMJ8Vc3Wvqm6aUiBURZILGPchnVHgiMZUNiwm/nx7eRkIv1OTOJwPRBAOzqZuKf3c6jemtAMpihlwq4hBl99f+mWe/Fpzy0pq+BkfCPCnOE9iXk9ELd7hl0MoLHMdjCoQeWdVVEm5gJTjx0iZCDdyF" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJxIofc6JyVvppMKv/hZnMZp/aYeEcy5kHAW1O1/ZkHnclc/cmxEQ2HtRNhMXziOrYZG/UB9NCEBkTFG2PG6XH8=" ip_address: "176.53.69.127" frog: domain_full: frog.bitmask.net @@ -254,12 +251,12 @@ hosts: snail: domain_full: snail.dev.bitmask.net domain_internal: snail.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8wxuY3ytE1h/XDKYUkcAwIoGjhWTOafRrziSbpIxwNmadSKPh/sv7kUweRexFdoh+H1uLVGmN/YEciZvq6L7HomH1eX00NamZBJyBE9018cNOfD4943Lqs+LIQDDNVis+4fVoOdyVco+Q1U/bnUQcbAa1eRZ4LzAm8pDDyzdtFGFJEeHt1xsqEqyHv5As6lNMwpgRGDUFUOZClyUc/2gvPWx6GReCuwyXNUYRt99eN+p+F3mjSk5n0dzRsi32Mo550pHHJxIlbnJifq15Q4DqVMBoYGHYWFHfDdjb5G9botPa3NF/7Db/yNQQ9EZPBOIDf135lgduK53OM5spDg9b" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK+IgHh5d/DYKrfzc8yGSBiNxFOg8vnTTfuykuQK3wO9F7Obzxuux/qlvHV1yPV0I9id72bduDfyfngMU5jqugY=" ip_address: "176.53.69.14" starfish: domain_full: starfish.dev.bitmask.net domain_internal: starfish.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYdKG2P28qWIzj497n8DaC50wPUUHDGg6qvSf64+qtfKGG6n1NNL4vrtO/mvOwLVCE7EqeQGzKD3V6/RyDECvKQK3bspMLE6E5MuH5cMKzlSKDZETtCMI/23UTRe8HXoQSZbwxtSFEA+p38M0yqqwysk5tna+Fo9ZatDgwRqOln1m9ny6ckxXMhpuc0s/7nbqLtHvhm22i70ghU5Hrjgz+/xI5IoL5e3vkDbAih1Jub+TdpmxnTKw53oWL2vzDxKstsmNm7GOeujPr5SDdVpxhzxfg/9JBtT59yiGm4C3sNC7LsceME2V77qSx9RIqVeWv/hvHjRqEFErIAMCl6UoB" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH7hjD8SIQshnCrMkin4MY6ff1QAJRusnMMsitiTc3+rpn5cCVW+ZB6+nwSKUyiXbD8l6wcL0CTxEZJGhYyfKc0=" ip_address: "176.53.69.23" thrips: domain_full: thrips.demo.bitmask.net @@ -269,7 +266,7 @@ hosts: urchin: domain_full: urchin.dev.bitmask.net domain_internal: urchin.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfU1/BwcAUPRHNffdxePpL15ME0shqsINsbyTbE3pcxwB+oUk0BO8Hk2rVU9WAvUXBRzKjjTNVbXz3lFv1cDsIIRmSewN5G2qR3KO2MAlEaOPZa9oy6vzoJ3i8r8SlESDFUZLkzWfTDtnvb7DlkYAZwaJ1LMhO7Ou3PDdxyWixmpE5cblCExoO55fmJMP9FmD6viqc2rfRKiNkb9W8uqiEBXEGG96QBnAwXGPD3THlfe7SWJeGGuvWsH9kUJIDAABb8GHdzquOYr2xvwyBnQNgWCbyI60umlNLFNlOuX3Q8s8bGcEcKtwb5mJIztBgITsyuzm7H+z/e+EGOU1G2I0r" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKuJ+QA8GaXfxxERGFQSznpqJNmIk4gNFp3UvqYvL9PLeFUP4DwwsyCWg24x1R7RkFE3P75Jcck6Q8JW8d9iQWo=" ip_address: "176.53.69.21" wallaby: domain_full: wallaby.demo.bitmask.net @@ -286,11 +283,6 @@ mail: smarthost: - octopus.unstable.bitmask.net nagios: - domains_internal: - - cdev.bitmask.i - - demo.bitmask.i - - dev.bitmask.i - - unstable.bitmask.i hosts: ant: domain_full_suffix: demo.bitmask.net @@ -311,8 +303,8 @@ nagios: domain_internal: chameleon.unstable.bitmask.i ip_address: "199.119.112.10" services: - - monitor - webapp + - monitor ssh_port: 4422 chipmonk: domain_full_suffix: cdev.bitmask.net @@ -473,13 +465,10 @@ nickserver: username: nickserver domain: nicknym.unstable.bitmask.net port: 6425 -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - - monitor - webapp + - monitor ssh: authorized_keys: azul: @@ -527,30 +516,26 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - clients: - couch_client: - panda_5984: - accept_port: 4000 - connect: panda.unstable.bitmask.i - connect_port: 15984 - original_port: 5984 - servers: {} + couch_client: + panda_5984: + accept_port: 4000 + connect: panda.unstable.bitmask.i + connect_port: 15984 tags: + - unstable - dc - sandbox-braintree - - unstable webapp: admins: - - azul - elijah + - varac + - micah - kwadronaut - mcnair - meanderingcode - - micah - - varac + - azul allow_anonymous_certs: false allow_limited_certs: false - allow_registration: true allow_unlimited_certs: true api_version: 1 billing: @@ -572,29 +557,16 @@ webapp: password: enfhmsmcLc3Az3GF6TFKwRk99Iqjm2ew salt: 478bf7e8ca879a9711b279055f00153e username: webapp - customization_dir: /srv/leap/files/webapp/ + customization_dir: /etc/leap/files/webapp/ default_service_level: 1 domain: unstable.bitmask.net - engines: - - support - forbidden_usernames: - - admin - - administrator - - arin-admin - - certmaster - - contact - - info - - maildrop - - postmaster - - ssladmin - - www-data git: revision: origin/develop source: "https://leap.se/git/leap_web" modules: + - user - billing - help - - user nagios_test_user: password: SvVjM5NCe2RF6XwTtZ7dGxAZ7E7KeSNS username: nagios_test @@ -908,4 +880,3 @@ x509: MXxW/683yhX/wP2WfhDpam3gZjAOmRUXjb4OmevRF2jlwLOJssykv7A= -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/hiera/chipmonk.yaml b/hiera/chipmonk.yaml index b2220e3..167f258 100644 --- a/hiera/chipmonk.yaml +++ b/hiera/chipmonk.yaml @@ -18,15 +18,12 @@ domain: enabled: true environment: clientdev haproxy: - couch: - listen_port: 4096 - servers: - gadwall: - backup: false - host: localhost - port: 4000 - weight: 100 - writable: true + servers: + gadwall: + backup: false + host: localhost + port: 4000 + weight: 100 hosts: chipmonk: domain_full: chipmonk.cdev.bitmask.net @@ -48,41 +45,38 @@ mail: smarthost: [] mynetworks: - "176.53.69.127" - - "176.53.69.13" - - "176.53.69.14" - - "176.53.69.21" - - "176.53.69.22" + - "199.119.112.9" + - "192.168.5.9" - "176.53.69.23" - - "192.168.5.10" - - "192.168.5.12" - - "192.168.5.16" - - "192.168.5.19" - - "192.168.5.23" - - "192.168.5.4" + - "199.119.112.5" - "192.168.5.5" - - "192.168.5.8" - - "192.168.5.9" - - "198.252.153.82" - - "198.252.153.83" - - "198.252.153.85" + - "176.53.69.21" + - "204.13.164.171" - "199.119.112.10" + - "192.168.5.10" + - "198.252.153.83" - "199.119.112.12" + - "192.168.5.12" + - "204.13.164.162" + - "198.252.153.82" - "199.119.112.16" + - "192.168.5.16" + - "204.13.164.57" + - "176.53.69.14" - "199.119.112.19" + - "192.168.5.19" + - "176.53.69.13" + - "202.85.227.195" - "199.119.112.23" + - "192.168.5.23" + - "85.17.92.143" + - "176.53.69.22" - "199.119.112.4" - - "199.119.112.5" + - "192.168.5.4" + - "198.252.153.85" - "199.119.112.8" - - "199.119.112.9" - - "202.85.227.195" - - "204.13.164.162" - - "204.13.164.171" - - "204.13.164.57" - - "85.17.92.143" + - "192.168.5.8" name: chipmonk -platform: - major_version: "0.6" - version: "0.6" service_type: user_service services: - mx @@ -123,14 +117,11 @@ ssh: ports: "60000:61000" port: 22 stunnel: - clients: - couch_client: - gadwall_5984: - accept_port: 4000 - connect: gadwall.cdev.bitmask.i - connect_port: 15984 - original_port: 5984 - servers: {} + couch_client: + gadwall_5984: + accept_port: 4000 + connect: gadwall.cdev.bitmask.i + connect_port: 15984 tags: - clientdev - dc @@ -435,4 +426,3 @@ x509: c9OAySi7JcI0Pl9/ilUtc53EpsalTEaN3uuFlQoL8A8OKxabskS9bw== -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/hiera/clam.yaml b/hiera/clam.yaml index 599f9f2..a227516 100644 --- a/hiera/clam.yaml +++ b/hiera/clam.yaml @@ -26,8 +26,8 @@ couch: salt: 70bcff5aeb5a7ed22a96a4b43790965f username: nickserver replication: - password: _mVfcIyFV_vfRFUvpNmAWYn_9KUxJ7Pv - salt: b53363c123da0677255bd93ec1627db7 + password: B7LFWg7x7AQRIXdxGmsd4MjfQISB_EZj + salt: 868afc4ca18138cc256f57ff2a3c99a5 username: replication soledad: password: PgrbUREhqBGY4r4XIXQEgkk3jTH4sEJA @@ -59,22 +59,22 @@ hosts: clam: domain_full: clam.dev.bitmask.net domain_internal: clam.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDR+ZrQQ4ggDM5ZpNyoVmZJ3cQwzlfrTorWohEY0BAhLDuxpKR5U95Dam8xckh4tM2o0ZFkayVYLoW2s1hrD8Rt6AYVM6l7z5tSf/lIbWO++PAoIKSPJmSmg7kZs+P3Tafs0VjJh3Ypc2nmqvih+oRPSSdDUP7Dqumham5GGWVG/Y7UzukY7r1SeWdFW3fEvR+74/rCpWbSPgG5Fckp9FTy82JV7z+E+S+UHD1Dcgpimve4GGAbHVySNPI1khNHeTFuPJCgehwLOInCexXJO5gIcqyj4d3xABt84BGEHbzaSYDiUNZJep/dOddGt+xTZCzmmFtYcSjUZLR+wQCMFOeH" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMYfDEXXpRdNtIaa1aGLVqG/3laVEoLi4ujKAFKtsgOJqw6qd6Sph29Jyqb5SmXNqzebuVKbWmKogXia1wKnjUc=" ip_address: "176.53.69.22" elk: domain_full: elk.dev.bitmask.net domain_internal: elk.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDu95UcykhjBiamMLHpGqB1UrPScpihrfOvlX0yO4zTa3PoJy+tx06UNfZ5JZD5llsezZ5HifUANSQ0XFPeYr3Vf4wrbD59oilUQtNXyB8avXatipRljURp6Yb5w1/pputbuZSe8aqn1HMDrSkTILbaCSdF0y5vWvssU2eDmpaZMtNEgPvA39PHHgxLXno7aktMJ8Vc3Wvqm6aUiBURZILGPchnVHgiMZUNiwm/nx7eRkIv1OTOJwPRBAOzqZuKf3c6jemtAMpihlwq4hBl99f+mWe/Fpzy0pq+BkfCPCnOE9iXk9ELd7hl0MoLHMdjCoQeWdVVEm5gJTjx0iZCDdyF" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJxIofc6JyVvppMKv/hZnMZp/aYeEcy5kHAW1O1/ZkHnclc/cmxEQ2HtRNhMXziOrYZG/UB9NCEBkTFG2PG6XH8=" ip_address: "176.53.69.127" starfish: domain_full: starfish.dev.bitmask.net domain_internal: starfish.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYdKG2P28qWIzj497n8DaC50wPUUHDGg6qvSf64+qtfKGG6n1NNL4vrtO/mvOwLVCE7EqeQGzKD3V6/RyDECvKQK3bspMLE6E5MuH5cMKzlSKDZETtCMI/23UTRe8HXoQSZbwxtSFEA+p38M0yqqwysk5tna+Fo9ZatDgwRqOln1m9ny6ckxXMhpuc0s/7nbqLtHvhm22i70ghU5Hrjgz+/xI5IoL5e3vkDbAih1Jub+TdpmxnTKw53oWL2vzDxKstsmNm7GOeujPr5SDdVpxhzxfg/9JBtT59yiGm4C3sNC7LsceME2V77qSx9RIqVeWv/hvHjRqEFErIAMCl6UoB" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH7hjD8SIQshnCrMkin4MY6ff1QAJRusnMMsitiTc3+rpn5cCVW+ZB6+nwSKUyiXbD8l6wcL0CTxEZJGhYyfKc0=" ip_address: "176.53.69.23" urchin: domain_full: urchin.dev.bitmask.net domain_internal: urchin.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfU1/BwcAUPRHNffdxePpL15ME0shqsINsbyTbE3pcxwB+oUk0BO8Hk2rVU9WAvUXBRzKjjTNVbXz3lFv1cDsIIRmSewN5G2qR3KO2MAlEaOPZa9oy6vzoJ3i8r8SlESDFUZLkzWfTDtnvb7DlkYAZwaJ1LMhO7Ou3PDdxyWixmpE5cblCExoO55fmJMP9FmD6viqc2rfRKiNkb9W8uqiEBXEGG96QBnAwXGPD3THlfe7SWJeGGuvWsH9kUJIDAABb8GHdzquOYr2xvwyBnQNgWCbyI60umlNLFNlOuX3Q8s8bGcEcKtwb5mJIztBgITsyuzm7H+z/e+EGOU1G2I0r" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKuJ+QA8GaXfxxERGFQSznpqJNmIk4gNFp3UvqYvL9PLeFUP4DwwsyCWg24x1R7RkFE3P75Jcck6Q8JW8d9iQWo=" ip_address: "176.53.69.21" ip_address: "176.53.69.22" location: diff --git a/hiera/couch1.yaml b/hiera/couch1.yaml index f0de356..0aef52d 100644 --- a/hiera/couch1.yaml +++ b/hiera/couch1.yaml @@ -8,8 +8,6 @@ couch: epmd_port: 4369 neighbors: - couch2.bitmask.net - master: false - mode: multimaster port: 5984 users: admin: @@ -24,10 +22,6 @@ couch: password: bJFrsP5dXGuegQIT5jZXMYMITpT5w5YR salt: 73567fc12c27a79152620084e97b4fba username: nickserver - replication: - password: fbZMru8SZ9UhaHXYRW2f9RVCjJmBwBuJ - salt: b2716ac90f4e9dd7b2a088d2765ae374 - username: replication soledad: password: E9at8FUjuxTEJEPEvACk9DWjWnR5rbKp salt: e2b6fa1a29b1afbe1ea4a3f7ec5bacc7 @@ -73,9 +67,6 @@ mail: smarthost: - mx1.bitmask.net name: couch1 -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - couchdb @@ -125,29 +116,25 @@ ssh: ports: "60000:61000" port: 22 stunnel: - clients: - ednp_clients: - couch2_9002: - accept_port: 4001 - connect: couch2.bitmask.i - connect_port: 19002 - original_port: 9002 - epmd_clients: - couch2_4369: - accept_port: 4000 - connect: couch2.bitmask.i - connect_port: 14369 - original_port: 4369 - servers: - couch_server: - accept_port: 15984 - connect_port: 5984 - ednp_server: - accept_port: 19002 - connect_port: 9002 - epmd_server: - accept_port: 14369 - connect_port: 4369 + couch_server: + accept: 15984 + connect: "127.0.0.1:5984" + ednp_clients: + couch2_9002: + accept_port: 4001 + connect: couch2.bitmask.i + connect_port: 19002 + ednp_server: + accept: 19002 + connect: "127.0.0.1:9002" + epmd_clients: + couch2_4369: + accept_port: 4000 + connect: couch2.bitmask.i + connect_port: 14369 + epmd_server: + accept: 14369 + connect: "127.0.0.1:4369" tags: - local x509: @@ -212,9 +199,6 @@ x509: 7AQ/LsmCL5K6F5OqPAUMwc7w1Jp2CSq0sqBSuyjq5Xaom2eQcRD02c1pcLfJwWRS iEbJwlSbPVGpScfRfoaOlyiH96btwnWvaIBgf3Ii7dLTSc2EIO5s -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEAzGNOpJbUz6hQrWmBUgfJPzYfVZhDeEJAalXuuXxlVU1wlsSG @@ -244,4 +228,3 @@ x509: SeSdWAYGKZZAMSQInihge20dMu1TgS7R0ijeAf4LaoMEq3AOkXMf -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/couch2.yaml b/hiera/couch2.yaml index c08b592..5b84310 100644 --- a/hiera/couch2.yaml +++ b/hiera/couch2.yaml @@ -8,8 +8,6 @@ couch: epmd_port: 4369 neighbors: - couch1.bitmask.net - master: false - mode: multimaster port: 5984 users: admin: @@ -24,10 +22,6 @@ couch: password: bJFrsP5dXGuegQIT5jZXMYMITpT5w5YR salt: 73567fc12c27a79152620084e97b4fba username: nickserver - replication: - password: fbZMru8SZ9UhaHXYRW2f9RVCjJmBwBuJ - salt: b2716ac90f4e9dd7b2a088d2765ae374 - username: replication soledad: password: E9at8FUjuxTEJEPEvACk9DWjWnR5rbKp salt: e2b6fa1a29b1afbe1ea4a3f7ec5bacc7 @@ -73,9 +67,6 @@ mail: smarthost: - mx1.bitmask.net name: couch2 -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - couchdb @@ -125,29 +116,25 @@ ssh: ports: "60000:61000" port: 22 stunnel: - clients: - ednp_clients: - couch1_9002: - accept_port: 4001 - connect: couch1.bitmask.i - connect_port: 19002 - original_port: 9002 - epmd_clients: - couch1_4369: - accept_port: 4000 - connect: couch1.bitmask.i - connect_port: 14369 - original_port: 4369 - servers: - couch_server: - accept_port: 15984 - connect_port: 5984 - ednp_server: - accept_port: 19002 - connect_port: 9002 - epmd_server: - accept_port: 14369 - connect_port: 4369 + couch_server: + accept: 15984 + connect: "127.0.0.1:5984" + ednp_clients: + couch1_9002: + accept_port: 4001 + connect: couch1.bitmask.i + connect_port: 19002 + ednp_server: + accept: 19002 + connect: "127.0.0.1:9002" + epmd_clients: + couch1_4369: + accept_port: 4000 + connect: couch1.bitmask.i + connect_port: 14369 + epmd_server: + accept: 14369 + connect: "127.0.0.1:4369" tags: - local x509: @@ -212,9 +199,6 @@ x509: zXhBGqCxzoUZSCaxmCIeRBe18GoWRM0JZnpBbi4K3r3ZOIjzoEUK3L6e0tRkJCNc GXE33HbYQAtwidqDCHrb0LLWJjLeI/10avzPtGr/rqVKYufTRq1b -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEpQIBAAKCAQEAse0pV7xCoGB/dvqmIlc8nY+9/TaKtp/2qfCWAE4fa49vP3NU @@ -244,4 +228,3 @@ x509: balQCbIbD77nO3413Tdg3G0mj6826wrJI4j0jvHk1HU53C7bkaL1dxo= -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/elephant.yaml b/hiera/elephant.yaml index df601fe..64c4ffa 100644 --- a/hiera/elephant.yaml +++ b/hiera/elephant.yaml @@ -182,22 +182,22 @@ hosts: clam: domain_full: clam.dev.bitmask.net domain_internal: clam.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDR+ZrQQ4ggDM5ZpNyoVmZJ3cQwzlfrTorWohEY0BAhLDuxpKR5U95Dam8xckh4tM2o0ZFkayVYLoW2s1hrD8Rt6AYVM6l7z5tSf/lIbWO++PAoIKSPJmSmg7kZs+P3Tafs0VjJh3Ypc2nmqvih+oRPSSdDUP7Dqumham5GGWVG/Y7UzukY7r1SeWdFW3fEvR+74/rCpWbSPgG5Fckp9FTy82JV7z+E+S+UHD1Dcgpimve4GGAbHVySNPI1khNHeTFuPJCgehwLOInCexXJO5gIcqyj4d3xABt84BGEHbzaSYDiUNZJep/dOddGt+xTZCzmmFtYcSjUZLR+wQCMFOeH" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMYfDEXXpRdNtIaa1aGLVqG/3laVEoLi4ujKAFKtsgOJqw6qd6Sph29Jyqb5SmXNqzebuVKbWmKogXia1wKnjUc=" ip_address: "176.53.69.22" elk: domain_full: elk.dev.bitmask.net domain_internal: elk.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDu95UcykhjBiamMLHpGqB1UrPScpihrfOvlX0yO4zTa3PoJy+tx06UNfZ5JZD5llsezZ5HifUANSQ0XFPeYr3Vf4wrbD59oilUQtNXyB8avXatipRljURp6Yb5w1/pputbuZSe8aqn1HMDrSkTILbaCSdF0y5vWvssU2eDmpaZMtNEgPvA39PHHgxLXno7aktMJ8Vc3Wvqm6aUiBURZILGPchnVHgiMZUNiwm/nx7eRkIv1OTOJwPRBAOzqZuKf3c6jemtAMpihlwq4hBl99f+mWe/Fpzy0pq+BkfCPCnOE9iXk9ELd7hl0MoLHMdjCoQeWdVVEm5gJTjx0iZCDdyF" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJxIofc6JyVvppMKv/hZnMZp/aYeEcy5kHAW1O1/ZkHnclc/cmxEQ2HtRNhMXziOrYZG/UB9NCEBkTFG2PG6XH8=" ip_address: "176.53.69.127" starfish: domain_full: starfish.dev.bitmask.net domain_internal: starfish.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYdKG2P28qWIzj497n8DaC50wPUUHDGg6qvSf64+qtfKGG6n1NNL4vrtO/mvOwLVCE7EqeQGzKD3V6/RyDECvKQK3bspMLE6E5MuH5cMKzlSKDZETtCMI/23UTRe8HXoQSZbwxtSFEA+p38M0yqqwysk5tna+Fo9ZatDgwRqOln1m9ny6ckxXMhpuc0s/7nbqLtHvhm22i70ghU5Hrjgz+/xI5IoL5e3vkDbAih1Jub+TdpmxnTKw53oWL2vzDxKstsmNm7GOeujPr5SDdVpxhzxfg/9JBtT59yiGm4C3sNC7LsceME2V77qSx9RIqVeWv/hvHjRqEFErIAMCl6UoB" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH7hjD8SIQshnCrMkin4MY6ff1QAJRusnMMsitiTc3+rpn5cCVW+ZB6+nwSKUyiXbD8l6wcL0CTxEZJGhYyfKc0=" ip_address: "176.53.69.23" urchin: domain_full: urchin.dev.bitmask.net domain_internal: urchin.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfU1/BwcAUPRHNffdxePpL15ME0shqsINsbyTbE3pcxwB+oUk0BO8Hk2rVU9WAvUXBRzKjjTNVbXz3lFv1cDsIIRmSewN5G2qR3KO2MAlEaOPZa9oy6vzoJ3i8r8SlESDFUZLkzWfTDtnvb7DlkYAZwaJ1LMhO7Ou3PDdxyWixmpE5cblCExoO55fmJMP9FmD6viqc2rfRKiNkb9W8uqiEBXEGG96QBnAwXGPD3THlfe7SWJeGGuvWsH9kUJIDAABb8GHdzquOYr2xvwyBnQNgWCbyI60umlNLFNlOuX3Q8s8bGcEcKtwb5mJIztBgITsyuzm7H+z/e+EGOU1G2I0r" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKuJ+QA8GaXfxxERGFQSznpqJNmIk4gNFp3UvqYvL9PLeFUP4DwwsyCWg24x1R7RkFE3P75Jcck6Q8JW8d9iQWo=" ip_address: "176.53.69.21" ip_address: "176.53.69.13" location: diff --git a/hiera/elk.yaml b/hiera/elk.yaml index 2266138..3318434 100644 --- a/hiera/elk.yaml +++ b/hiera/elk.yaml @@ -26,8 +26,8 @@ couch: salt: 70bcff5aeb5a7ed22a96a4b43790965f username: nickserver replication: - password: _mVfcIyFV_vfRFUvpNmAWYn_9KUxJ7Pv - salt: b53363c123da0677255bd93ec1627db7 + password: B7LFWg7x7AQRIXdxGmsd4MjfQISB_EZj + salt: 868afc4ca18138cc256f57ff2a3c99a5 username: replication soledad: password: PgrbUREhqBGY4r4XIXQEgkk3jTH4sEJA @@ -59,22 +59,22 @@ hosts: clam: domain_full: clam.dev.bitmask.net domain_internal: clam.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDR+ZrQQ4ggDM5ZpNyoVmZJ3cQwzlfrTorWohEY0BAhLDuxpKR5U95Dam8xckh4tM2o0ZFkayVYLoW2s1hrD8Rt6AYVM6l7z5tSf/lIbWO++PAoIKSPJmSmg7kZs+P3Tafs0VjJh3Ypc2nmqvih+oRPSSdDUP7Dqumham5GGWVG/Y7UzukY7r1SeWdFW3fEvR+74/rCpWbSPgG5Fckp9FTy82JV7z+E+S+UHD1Dcgpimve4GGAbHVySNPI1khNHeTFuPJCgehwLOInCexXJO5gIcqyj4d3xABt84BGEHbzaSYDiUNZJep/dOddGt+xTZCzmmFtYcSjUZLR+wQCMFOeH" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMYfDEXXpRdNtIaa1aGLVqG/3laVEoLi4ujKAFKtsgOJqw6qd6Sph29Jyqb5SmXNqzebuVKbWmKogXia1wKnjUc=" ip_address: "176.53.69.22" elk: domain_full: elk.dev.bitmask.net domain_internal: elk.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDu95UcykhjBiamMLHpGqB1UrPScpihrfOvlX0yO4zTa3PoJy+tx06UNfZ5JZD5llsezZ5HifUANSQ0XFPeYr3Vf4wrbD59oilUQtNXyB8avXatipRljURp6Yb5w1/pputbuZSe8aqn1HMDrSkTILbaCSdF0y5vWvssU2eDmpaZMtNEgPvA39PHHgxLXno7aktMJ8Vc3Wvqm6aUiBURZILGPchnVHgiMZUNiwm/nx7eRkIv1OTOJwPRBAOzqZuKf3c6jemtAMpihlwq4hBl99f+mWe/Fpzy0pq+BkfCPCnOE9iXk9ELd7hl0MoLHMdjCoQeWdVVEm5gJTjx0iZCDdyF" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJxIofc6JyVvppMKv/hZnMZp/aYeEcy5kHAW1O1/ZkHnclc/cmxEQ2HtRNhMXziOrYZG/UB9NCEBkTFG2PG6XH8=" ip_address: "176.53.69.127" starfish: domain_full: starfish.dev.bitmask.net domain_internal: starfish.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYdKG2P28qWIzj497n8DaC50wPUUHDGg6qvSf64+qtfKGG6n1NNL4vrtO/mvOwLVCE7EqeQGzKD3V6/RyDECvKQK3bspMLE6E5MuH5cMKzlSKDZETtCMI/23UTRe8HXoQSZbwxtSFEA+p38M0yqqwysk5tna+Fo9ZatDgwRqOln1m9ny6ckxXMhpuc0s/7nbqLtHvhm22i70ghU5Hrjgz+/xI5IoL5e3vkDbAih1Jub+TdpmxnTKw53oWL2vzDxKstsmNm7GOeujPr5SDdVpxhzxfg/9JBtT59yiGm4C3sNC7LsceME2V77qSx9RIqVeWv/hvHjRqEFErIAMCl6UoB" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH7hjD8SIQshnCrMkin4MY6ff1QAJRusnMMsitiTc3+rpn5cCVW+ZB6+nwSKUyiXbD8l6wcL0CTxEZJGhYyfKc0=" ip_address: "176.53.69.23" urchin: domain_full: urchin.dev.bitmask.net domain_internal: urchin.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfU1/BwcAUPRHNffdxePpL15ME0shqsINsbyTbE3pcxwB+oUk0BO8Hk2rVU9WAvUXBRzKjjTNVbXz3lFv1cDsIIRmSewN5G2qR3KO2MAlEaOPZa9oy6vzoJ3i8r8SlESDFUZLkzWfTDtnvb7DlkYAZwaJ1LMhO7Ou3PDdxyWixmpE5cblCExoO55fmJMP9FmD6viqc2rfRKiNkb9W8uqiEBXEGG96QBnAwXGPD3THlfe7SWJeGGuvWsH9kUJIDAABb8GHdzquOYr2xvwyBnQNgWCbyI60umlNLFNlOuX3Q8s8bGcEcKtwb5mJIztBgITsyuzm7H+z/e+EGOU1G2I0r" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKuJ+QA8GaXfxxERGFQSznpqJNmIk4gNFp3UvqYvL9PLeFUP4DwwsyCWg24x1R7RkFE3P75Jcck6Q8JW8d9iQWo=" ip_address: "176.53.69.21" ip_address: "176.53.69.127" location: diff --git a/hiera/frog.yaml b/hiera/frog.yaml index 3c880d9..bfa81a1 100644 --- a/hiera/frog.yaml +++ b/hiera/frog.yaml @@ -19,9 +19,6 @@ location: ~ mail: smarthost: [] name: frog -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - static @@ -327,9 +324,6 @@ static: tls_only: true formats: - amber -stunnel: - clients: {} - servers: {} tags: - production x509: @@ -394,9 +388,6 @@ x509: do1tnppn3G1Y2EW18zztBS+pykt5+kFJdDAfC5tL3SNh2er+croopzn/pg7NMaS8 7ri/3hdHttbqDQjAxbQPl1CkpyxgKbQQyPVXAMfm1xUVtw== -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEpQIBAAKCAQEAw7CiUKaxU165suQ0h2/r3qWePJ6M7AE2rVNgQSi3w0EmYlKi @@ -426,4 +417,3 @@ x509: F0ZIjOlu8zvQIl+L9tpmtEELTG+8LMyycvh0bPq9baY/LhTvnFKzMHE= -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/gadwall.yaml b/hiera/gadwall.yaml index 9c8ad77..096acff 100644 --- a/hiera/gadwall.yaml +++ b/hiera/gadwall.yaml @@ -7,8 +7,6 @@ couch: ednp_port: 9002 epmd_port: 4369 neighbors: [] - master: false - mode: multimaster port: 5984 users: admin: @@ -23,10 +21,6 @@ couch: password: vjJAZqxPL4BeGKAEUVuBVK5MIba_aIY5 salt: eab38a050b5eb2569549f8e50cab9034 username: nickserver - replication: - password: gxbjRLwwDW5bQQx9MpbjNaqF_KdMbCng - salt: 751525d259cb7ec8e536b7caa21bb23c - username: replication soledad: password: MrUyYGnT_44NUyBAm46L3GCLPHKVZ_De salt: ac15331e0c098126e04ecf7a21045079 @@ -74,9 +68,6 @@ mail: smarthost: - chipmonk.cdev.bitmask.net name: gadwall -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - couchdb @@ -125,19 +116,17 @@ ssh: ports: "60000:61000" port: 22 stunnel: - clients: - ednp_clients: {} - epmd_clients: {} - servers: - couch_server: - accept_port: 15984 - connect_port: 5984 - ednp_server: - accept_port: 19002 - connect_port: 9002 - epmd_server: - accept_port: 14369 - connect_port: 4369 + couch_server: + accept: 15984 + connect: "127.0.0.1:5984" + ednp_clients: {} + ednp_server: + accept: 19002 + connect: "127.0.0.1:9002" + epmd_clients: {} + epmd_server: + accept: 14369 + connect: "127.0.0.1:4369" tags: - clientdev - dc @@ -204,9 +193,6 @@ x509: jAR3FCr8Vvm4UoDbxvF4jeg+6Bd1D1Pz5lsMd5q/LHSk8nuTB+y2B6x96Q9/VkNc 14teuyf5AarZxA== -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEA0Jt1sr/RTOJ8ue70yqv2qLeo4mAVPaZsGgtkh6l5eMrTGCOH @@ -236,4 +222,3 @@ x509: C917/dIQt48xJFBcX1oRHcFoakIVB4+h41Bc8mS09cR29Og8+JPP -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/hippo.yaml b/hiera/hippo.yaml index bea7963..0a6adec 100644 --- a/hiera/hippo.yaml +++ b/hiera/hippo.yaml @@ -24,11 +24,6 @@ mail: smarthost: - leech.demo.bitmask.net name: hippo -obfsproxy: - gateway_address: "85.17.92.167" - scramblesuit: - password: ONLW2MTQJJ4HUU3WGNVEC42JIF4XEWDS - port: 18943 openvpn: adblock: false allow_limited: false @@ -51,9 +46,6 @@ openvpn: second_gateway_address: ~ unlimited_prefix: UNLIMITED user_ips: false -platform: - major_version: "0.6" - version: "0.6" service_type: user_service services: - openvpn @@ -94,23 +86,14 @@ ssh: enabled: true ports: "60000:61000" port: 4422 -stunnel: - clients: {} - servers: {} tags: - - amsterdam - demo + - amsterdam tor: bandwidth_rate: 100 contacts: - sysdev@leap.se family: "deeruSaR9IekHdQGUGI,hippobagtc8Z3KPmfnT" - hidden_service: - active: ~ - address: ~ - key_type: RSA - private_key: ~ - public_key: ~ nickname: hippobagtc8Z3KPmfnT x509: ca_cert: | @@ -209,9 +192,6 @@ x509: xIAokTRYLx/6lq8bwelCPGVjy7EsGXt9aN+gMb4R3L9vA/NQrXu+dmCJKPE1vUHF gkVBxxt/s0R2aKM= -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ dh: | -----BEGIN DH PARAMETERS----- MIIBngKCAZcAsTaQV6TwbN9PpD6dYdXz0lA0drrXLRvS8rNoMTaDnIv134RwKwsb @@ -253,4 +233,3 @@ x509: Dqxr7d6Ded5Witr98xqbbXZLkwf/iUHAwT9xTnFD+2mfRIwN3ifYSA== -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/leech.yaml b/hiera/leech.yaml index a058197..a068eae 100644 --- a/hiera/leech.yaml +++ b/hiera/leech.yaml @@ -18,21 +18,17 @@ domain: enabled: true environment: demo haproxy: - couch: - listen_port: 4096 - servers: - ant: - backup: false - host: localhost - port: 4000 - weight: 100 - writable: true - thrips: - backup: false - host: localhost - port: 4001 - weight: 100 - writable: true + servers: + ant: + backup: false + host: localhost + port: 4000 + weight: 100 + thrips: + backup: false + host: localhost + port: 4001 + weight: 100 hosts: ant: domain_full: ant.demo.bitmask.net @@ -59,41 +55,38 @@ mail: smarthost: [] mynetworks: - "176.53.69.127" - - "176.53.69.13" - - "176.53.69.14" - - "176.53.69.21" - - "176.53.69.22" + - "199.119.112.9" + - "192.168.5.9" - "176.53.69.23" - - "192.168.5.10" - - "192.168.5.12" - - "192.168.5.16" - - "192.168.5.19" - - "192.168.5.23" - - "192.168.5.4" + - "199.119.112.5" - "192.168.5.5" - - "192.168.5.8" - - "192.168.5.9" - - "198.252.153.82" - - "198.252.153.83" - - "198.252.153.85" + - "176.53.69.21" + - "204.13.164.171" - "199.119.112.10" + - "192.168.5.10" + - "198.252.153.83" - "199.119.112.12" + - "192.168.5.12" + - "204.13.164.162" + - "198.252.153.82" - "199.119.112.16" + - "192.168.5.16" + - "204.13.164.57" + - "176.53.69.14" - "199.119.112.19" + - "192.168.5.19" + - "176.53.69.13" + - "202.85.227.195" - "199.119.112.23" + - "192.168.5.23" + - "85.17.92.143" + - "176.53.69.22" - "199.119.112.4" - - "199.119.112.5" + - "192.168.5.4" + - "198.252.153.85" - "199.119.112.8" - - "199.119.112.9" - - "202.85.227.195" - - "204.13.164.162" - - "204.13.164.171" - - "204.13.164.57" - - "85.17.92.143" + - "192.168.5.8" name: leech -platform: - major_version: "0.6" - version: "0.6" service_type: user_service services: - mx @@ -134,19 +127,15 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - clients: - couch_client: - ant_5984: - accept_port: 4000 - connect: ant.demo.bitmask.i - connect_port: 15984 - original_port: 5984 - thrips_5984: - accept_port: 4001 - connect: thrips.demo.bitmask.i - connect_port: 15984 - original_port: 5984 - servers: {} + couch_client: + ant_5984: + accept_port: 4000 + connect: ant.demo.bitmask.i + connect_port: 15984 + thrips_5984: + accept_port: 4001 + connect: thrips.demo.bitmask.i + connect_port: 15984 tags: - demo - seattle @@ -573,4 +562,3 @@ x509: aqXFA4DlcGkygA40hl2lB5NJbQVSHXXjgpAb395dasMyH8cblC34Lw== -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/hiera/millipede.yaml b/hiera/millipede.yaml index 3ca1ee0..6fdbf6b 100644 --- a/hiera/millipede.yaml +++ b/hiera/millipede.yaml @@ -24,11 +24,6 @@ mail: smarthost: - leech.demo.bitmask.net name: millipede -obfsproxy: - gateway_address: "198.252.153.84" - scramblesuit: - password: JFEV6NCYIV3FMV2CIZBVMNDCPJDUGUKE - port: 19538 openvpn: adblock: false allow_limited: false @@ -51,9 +46,6 @@ openvpn: second_gateway_address: ~ unlimited_prefix: UNLIMITED user_ips: false -platform: - major_version: "0.6" - version: "0.6" service_type: user_service services: - openvpn @@ -93,9 +85,6 @@ ssh: enabled: true ports: "60000:61000" port: 4422 -stunnel: - clients: {} - servers: {} tags: - demo - seattle @@ -196,9 +185,6 @@ x509: xIAokTRYLx/6lq8bwelCPGVjy7EsGXt9aN+gMb4R3L9vA/NQrXu+dmCJKPE1vUHF gkVBxxt/s0R2aKM= -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ dh: | -----BEGIN DH PARAMETERS----- MIIBngKCAZcAsTaQV6TwbN9PpD6dYdXz0lA0drrXLRvS8rNoMTaDnIv134RwKwsb @@ -240,4 +226,3 @@ x509: WVHhd08IF7vrVOiHIn3TeXsSRV+RR079ikzCTc7ueaZhHMlg/p0= -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/monitor1.yaml b/hiera/monitor1.yaml index 9071644..3893d12 100644 --- a/hiera/monitor1.yaml +++ b/hiera/monitor1.yaml @@ -52,11 +52,6 @@ mail: smarthost: - mx1.bitmask.net nagios: - domains_internal: - - cdev.bitmask.i - - demo.bitmask.i - - dev.bitmask.i - - unstable.bitmask.i hosts: couch1: domain_full_suffix: bitmask.net @@ -118,9 +113,6 @@ nagios: ssh_port: 22 nagiosadmin_pw: Y_uRtQby7LtwXxFRhIv_qVVrwWHzYrQq name: monitor1 -platform: - major_version: "0.6" - version: "0.6" service_type: internal_service services: - monitor @@ -171,9 +163,6 @@ ssh: enabled: true ports: "60000:61000" port: 22 -stunnel: - clients: {} - servers: {} tags: - local x509: @@ -598,4 +587,3 @@ x509: exVX87n7WqrJ9tG9aM0KVRNONhucBKICpzmPCCeFWsehWImIlsfn4nda -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/hiera/mx1.yaml b/hiera/mx1.yaml index 9bf16bc..37d5ce6 100644 --- a/hiera/mx1.yaml +++ b/hiera/mx1.yaml @@ -18,21 +18,17 @@ domain: enabled: true environment: local haproxy: - couch: - listen_port: 4096 - servers: - couch1: - backup: false - host: localhost - port: 4000 - weight: 10 - writable: true - couch2: - backup: false - host: localhost - port: 4001 - weight: 10 - writable: true + servers: + couch1: + backup: false + host: localhost + port: 4000 + weight: 10 + couch2: + backup: false + host: localhost + port: 4001 + weight: 10 hosts: couch1: domain_full: couch1.bitmask.net @@ -52,41 +48,38 @@ mail: smarthost: [] mynetworks: - "176.53.69.127" - - "176.53.69.13" - - "176.53.69.14" - - "176.53.69.21" - - "176.53.69.22" + - "199.119.112.9" + - "192.168.5.9" - "176.53.69.23" - - "192.168.5.10" - - "192.168.5.12" - - "192.168.5.16" - - "192.168.5.19" - - "192.168.5.23" - - "192.168.5.4" + - "199.119.112.5" - "192.168.5.5" - - "192.168.5.8" - - "192.168.5.9" - - "198.252.153.82" - - "198.252.153.83" - - "198.252.153.85" + - "176.53.69.21" + - "204.13.164.171" - "199.119.112.10" + - "192.168.5.10" + - "198.252.153.83" - "199.119.112.12" + - "192.168.5.12" + - "204.13.164.162" + - "198.252.153.82" - "199.119.112.16" + - "192.168.5.16" + - "204.13.164.57" + - "176.53.69.14" - "199.119.112.19" + - "192.168.5.19" + - "176.53.69.13" + - "202.85.227.195" - "199.119.112.23" + - "192.168.5.23" + - "85.17.92.143" + - "176.53.69.22" - "199.119.112.4" - - "199.119.112.5" + - "192.168.5.4" + - "198.252.153.85" - "199.119.112.8" - - "199.119.112.9" - - "202.85.227.195" - - "204.13.164.162" - - "204.13.164.171" - - "204.13.164.57" - - "85.17.92.143" + - "192.168.5.8" name: mx1 -platform: - major_version: "0.6" - version: "0.6" service_type: user_service services: - mx @@ -128,19 +121,15 @@ ssh: ports: "60000:61000" port: 22 stunnel: - clients: - couch_client: - couch1_5984: - accept_port: 4000 - connect: couch1.bitmask.i - connect_port: 15984 - original_port: 5984 - couch2_5984: - accept_port: 4001 - connect: couch2.bitmask.i - connect_port: 15984 - original_port: 5984 - servers: {} + couch_client: + couch1_5984: + accept_port: 4000 + connect: couch1.bitmask.i + connect_port: 15984 + couch2_5984: + accept_port: 4001 + connect: couch2.bitmask.i + connect_port: 15984 tags: - local x509: @@ -565,4 +554,3 @@ x509: ZxgCM4SPY7CPwZOXfXvV3suBehvJ1FJIWGz45wJAeBvH+sHIlTi4cw== -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/hiera/octopus.yaml b/hiera/octopus.yaml index 5843f10..8512f0c 100644 --- a/hiera/octopus.yaml +++ b/hiera/octopus.yaml @@ -18,15 +18,12 @@ domain: enabled: true environment: unstable haproxy: - couch: - listen_port: 4096 - servers: - panda: - backup: false - host: localhost - port: 4000 - weight: 100 - writable: true + servers: + panda: + backup: false + host: localhost + port: 4000 + weight: 100 hosts: octopus: domain_full: octopus.unstable.bitmask.net @@ -48,41 +45,38 @@ mail: smarthost: [] mynetworks: - "176.53.69.127" - - "176.53.69.13" - - "176.53.69.14" - - "176.53.69.21" - - "176.53.69.22" + - "199.119.112.9" + - "192.168.5.9" - "176.53.69.23" - - "192.168.5.10" - - "192.168.5.12" - - "192.168.5.16" - - "192.168.5.19" - - "192.168.5.23" - - "192.168.5.4" + - "199.119.112.5" - "192.168.5.5" - - "192.168.5.8" - - "192.168.5.9" - - "198.252.153.82" - - "198.252.153.83" - - "198.252.153.85" + - "176.53.69.21" + - "204.13.164.171" - "199.119.112.10" + - "192.168.5.10" + - "198.252.153.83" - "199.119.112.12" + - "192.168.5.12" + - "204.13.164.162" + - "198.252.153.82" - "199.119.112.16" + - "192.168.5.16" + - "204.13.164.57" + - "176.53.69.14" - "199.119.112.19" + - "192.168.5.19" + - "176.53.69.13" + - "202.85.227.195" - "199.119.112.23" + - "192.168.5.23" + - "85.17.92.143" + - "176.53.69.22" - "199.119.112.4" - - "199.119.112.5" + - "192.168.5.4" + - "198.252.153.85" - "199.119.112.8" - - "199.119.112.9" - - "202.85.227.195" - - "204.13.164.162" - - "204.13.164.171" - - "204.13.164.57" - - "85.17.92.143" + - "192.168.5.8" name: octopus -platform: - major_version: "0.6" - version: "0.6" service_type: user_service services: - mx @@ -123,17 +117,14 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - clients: - couch_client: - panda_5984: - accept_port: 4000 - connect: panda.unstable.bitmask.i - connect_port: 15984 - original_port: 5984 - servers: {} + couch_client: + panda_5984: + accept_port: 4000 + connect: panda.unstable.bitmask.i + connect_port: 15984 tags: - - dc - unstable + - dc x509: ca_cert: | -----BEGIN CERTIFICATE----- @@ -435,4 +426,3 @@ x509: O1j7UCNyBJ70TpZ4F7RR3rcmlFbR8Moys/GrEMuUG1CJmOHRxGju2g== -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/hiera/panda.yaml b/hiera/panda.yaml index ac92386..d7a4509 100644 --- a/hiera/panda.yaml +++ b/hiera/panda.yaml @@ -7,8 +7,6 @@ couch: ednp_port: 9002 epmd_port: 4369 neighbors: [] - master: false - mode: multimaster port: 5984 users: admin: @@ -23,10 +21,6 @@ couch: password: PzzQwxCvQLZUxRdS2jshMPN37Ps4qtbH salt: b54d7b0f595d7318d961c636fb8f5530 username: nickserver - replication: - password: LZg8s_Z6FCg2MZRQYjkYeE6arCIU2pCw - salt: b004ef682f926531fdda36e26d48c4fa - username: replication soledad: password: 35MzsnEEAeHTVNhI_FaCFNS5bhd7RGEf salt: 7f725f3cc60c388e9af8140555e09dfa @@ -74,9 +68,6 @@ mail: smarthost: - octopus.unstable.bitmask.net name: panda -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - couchdb @@ -125,22 +116,20 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - clients: - ednp_clients: {} - epmd_clients: {} - servers: - couch_server: - accept_port: 15984 - connect_port: 5984 - ednp_server: - accept_port: 19002 - connect_port: 9002 - epmd_server: - accept_port: 14369 - connect_port: 4369 + couch_server: + accept: 15984 + connect: "127.0.0.1:5984" + ednp_clients: {} + ednp_server: + accept: 19002 + connect: "127.0.0.1:9002" + epmd_clients: {} + epmd_server: + accept: 14369 + connect: "127.0.0.1:4369" tags: - - dc - unstable + - dc x509: ca_cert: | -----BEGIN CERTIFICATE----- @@ -204,9 +193,6 @@ x509: on5r5VCjv69sw/yJCqGWUaDfPb8ui+kv+JfIsQ8BoXSaSA81OZ5HeQ11vo5Hh7TZ jUjUzNF+926ph4U2SgvNjQ== -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEA0iB5rq3smyrvJRHApK3NapMbIZFzWfVIReFjqSt1jX6ZGWsM @@ -236,4 +222,3 @@ x509: gXDYMT8LiHhMP5GD5vauBqcJwmH6kiGpqoWWirotjVaXbLcCBnyIDw== -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/plain1.yaml b/hiera/plain1.yaml index 0803790..c9f70c4 100644 --- a/hiera/plain1.yaml +++ b/hiera/plain1.yaml @@ -20,9 +20,6 @@ mail: smarthost: - mx1.bitmask.net name: plain1 -platform: - major_version: "0.6" - version: "0.6" service_type: internal_service services: [] squid_deb_proxy_client: true @@ -62,9 +59,6 @@ ssh: enabled: true ports: "60000:61000" port: 22 -stunnel: - clients: {} - servers: {} tags: - local x509: @@ -129,9 +123,6 @@ x509: eETeBOj/+0v63CmHRfJ6Z98xO/MJSZFFjGS2//qTIK5xzgv/KGsCc6kAG1hraxQD Kr4RCrkqLyEJCJE59qGTrFnOgSL5Eg/RoCH/VEWLi/ExnlcAjaOlqA== -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEA1ziNA/5axlzBHy237cP9U1Fw9flwUp1cxQ5e5lfYHY3qKAvZ @@ -161,4 +152,3 @@ x509: HOV/+qIAtUvR2IkgKg1W26N61zzagmn0aBP+c7EBxEtSOh2+2VHm -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/seahorse.yaml b/hiera/seahorse.yaml index 99a6d71..567f63a 100644 --- a/hiera/seahorse.yaml +++ b/hiera/seahorse.yaml @@ -24,11 +24,6 @@ mail: smarthost: - octopus.unstable.bitmask.net name: seahorse -obfsproxy: - gateway_address: "199.119.112.13" - scramblesuit: - password: K52VQ53KKNVFE2TLLJKFS3SYKRKEENTO - port: 22088 openvpn: adblock: false allow_limited: false @@ -36,7 +31,6 @@ openvpn: configuration: auth: SHA1 cipher: AES-128-CBC - fragment: 1500 keepalive: "10 30" tls-cipher: DHE-RSA-AES128-SHA tun-ipv6: true @@ -52,9 +46,6 @@ openvpn: second_gateway_address: ~ unlimited_prefix: UNLIMITED user_ips: false -platform: - major_version: "0.6" - version: "0.6" service_type: user_service services: - openvpn @@ -94,12 +85,9 @@ ssh: enabled: true ports: "60000:61000" port: 4422 -stunnel: - clients: {} - servers: {} tags: - - dc - unstable + - dc x509: ca_cert: | -----BEGIN CERTIFICATE----- @@ -197,9 +185,6 @@ x509: xIAokTRYLx/6lq8bwelCPGVjy7EsGXt9aN+gMb4R3L9vA/NQrXu+dmCJKPE1vUHF gkVBxxt/s0R2aKM= -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ dh: | -----BEGIN DH PARAMETERS----- MIIBngKCAZcAsTaQV6TwbN9PpD6dYdXz0lA0drrXLRvS8rNoMTaDnIv134RwKwsb @@ -241,4 +226,3 @@ x509: /D+dY+CRU62HFTIwHXNviqCP0Izmq1Wh/I/LAWpc9uzmOfOcxF63+g== -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/single.yaml b/hiera/single.yaml deleted file mode 100644 index d2603ed..0000000 --- a/hiera/single.yaml +++ /dev/null @@ -1,564 +0,0 @@ ---- -api: - domain: api.bitmask.local - port: 4430 -contacts: - - sysdev@leap.se -couch: - bigcouch: - cookie: QnBSJJBxjqAz6KDnGMsQyW844XrIJBY7 - ednp_port: 9002 - epmd_port: 4369 - neighbors: [] - master: false - mode: multimaster - port: 5984 - users: - admin: - password: _Bn6AqU54shspQxbnsQTpRySjLQKTjBh - salt: 3195fb6efdbf4b4825026116d5aaabfe - username: admin - leap_mx: - password: Fc3qYjjVuwWAEyGDYPGYqUYUqeqJIfba - salt: 071d214afa9e7cfb9cba66575817f6fe - username: leap_mx - nickserver: - password: bJFrsP5dXGuegQIT5jZXMYMITpT5w5YR - salt: 73567fc12c27a79152620084e97b4fba - username: nickserver - replication: - password: s5Jn4AVnDgzu5sFzUR74akrB_yyqdNGc - salt: 63967ed2cd906c68917ea565b38b08df - username: replication - soledad: - password: E9at8FUjuxTEJEPEvACk9DWjWnR5rbKp - salt: e2b6fa1a29b1afbe1ea4a3f7ec5bacc7 - username: soledad - tapicero: - password: fCffkJygcPHSRmTePxXeAMSP6uQSQKnR - salt: 81bf56d4a7aab971412407d3a0c06462 - username: tapicero - webapp: - password: pg9XGGdt4Dr3WcM9PYDqMmxxKHTpvsc9 - salt: 7e8868f8c4775290fd37d2f520d13672 - username: webapp - webapp: - nagios_test_pw: uI_cYvPGNDZrcXTVLH_x88QFWjJ2yCZT -couchdb_leap_mx_user: - password: Fc3qYjjVuwWAEyGDYPGYqUYUqeqJIfba - salt: 071d214afa9e7cfb9cba66575817f6fe - username: leap_mx -definition_files: - eip_service: |- - { - "gateways": [ - - ], - "locations": { - - }, - "openvpn_configuration": null, - "serial": 1, - "version": 1 - } - provider: |- - { - "api_uri": "https://api.bitmask.local:4430", - "api_version": "1", - "ca_cert_fingerprint": "SHA256: a1bec1699d1a57ce37ad48ffc30a6ebb21a0d233b5a9250753d345a7bf40844d", - "ca_cert_uri": "https://bitmask.local/ca.crt", - "default_language": "en", - "description": { - "el": "Bitmask είναι ένα έργο του LEAP με σκοπό τον έλεγχο της απόδοσης και της αξιοπιστίας του λογισμικού LEAP. Bitmask τρέχει για τις τελευταίες αιμορραγία άκρο του κώδικα LEAP, και θα έχει πιθανότατα περισσότερες δυνατότητες και λιγότερα αξιοπιστία από άλλους φορείς παροχής υπηρεσιών.", - "en": "Bitmask is a project of LEAP with the purpose to test the performance and reliability of the LEAP software. Bitmask runs on the latest bleeding edge of the LEAP code, and will likely have more features and less reliability than other service providers.", - "es": "Bitmask es un proyecto de LEAP con el propósito de probar el rendimiento y la fiabilidad del software LEAP. Bitmask corre la última versión del código LEAP, y es de esperar que tenga más funciones y menos fiabilidad que los proveedores de servicios." - }, - "domain": "bitmask.local", - "enrollment_policy": "open", - "languages": [ - "el", - "en", - "es" - ], - "name": { - "en": "Bitmask" - }, - "service": { - "allow_anonymous": true, - "allow_free": true, - "allow_limited_bandwidth": false, - "allow_paid": false, - "allow_registration": true, - "allow_unlimited_bandwidth": true, - "bandwidth_limit": 102400, - "default_service_level": 1, - "levels": { - "1": { - "description": "Please donate.", - "name": "free" - } - } - }, - "services": [ - "mx" - ] - } - smtp_service: | - { - "hosts": { - "single": { - "hostname": "single.bitmask.local", - "ip_address": "10.5.5.62", - "port": 465 - } - }, - "locations": { - - }, - "serial": 1, - "version": 1 - } - soledad_service: |- - { - "hosts": { - "single": { - "hostname": "single.bitmask.local", - "ip_address": "10.5.5.62", - "port": 2323 - } - }, - "locations": { - - }, - "serial": 1, - "version": 1 - } -development: - site_config: true -dns: - aliases: - - api.bitmask.local - - bitmask.local - - nicknym.bitmask.local - - single.bitmask.local - public: true -domain: - full: single.bitmask.local - full_suffix: bitmask.local - internal: single.bitmask.i - internal_suffix: bitmask.i - name: single.bitmask.local -enabled: true -environment: local -haproxy: - couch: - listen_port: 4096 - servers: - single: - backup: false - host: localhost - port: 5984 - weight: 10 - writable: true -hosts: - single: - domain_full: single.bitmask.local - domain_internal: single.bitmask.i - host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMb8quTUv+6HgRT50xFYcyCC6BwqdZiTQvjms9Xqy9lyfDQHg18Uuw6VoPIcH2Sr3qaJffL9j4sEigiFTuYzGrk=" - ip_address: "10.5.5.62" -ip_address: "10.5.5.62" -location: ~ -mail: - smarthost: [] -mynetworks: [] -name: single -nickserver: - couchdb_nickserver_user: - password: bJFrsP5dXGuegQIT5jZXMYMITpT5w5YR - salt: 73567fc12c27a79152620084e97b4fba - username: nickserver - domain: nicknym.bitmask.local - port: 6425 -openvpn: - allow_free: true - filter_dns: true - free_gateway_address: "10.5.5.64" - gateway_address: "10.5.5.63" -service_type: user_service -services: - - couchdb - - mx - - soledad - - webapp -soledad: - couchdb_soledad_user: - password: E9at8FUjuxTEJEPEvACk9DWjWnR5rbKp - salt: e2b6fa1a29b1afbe1ea4a3f7ec5bacc7 - username: soledad - port: 2323 - require_couchdb: true -ssh: - authorized_keys: - azul: - key: AAAAB3NzaC1yc2EAAAABIwAAAQEA2rpPukC7v43Q9RvYgxAx1aDsem7+eZvvSKR+Uvkb0yRvI4h56eds1Cj0pOFOCinjIMyw+LkrhcubWDtFYzC1yTHUUcjSoIi2M+TurQZdTkMnsg2u34U61+EjOPb2jYdxBwUu9e/wDRGqih7FjFYCsHFMPH1ENVS+LZeerXn1F344HIP8VhLpWSjLAKgfMUCuvoTEqNaR4I90w1PAG0uRslYouTuxOA3VOCnf75FW7b4ZuBw1y2rmWcz9Rm5M4tz3EQCeX8v+AIKd6QQU0gFSytcelQtBVqu0YjnnL5Lp+fcKw3BJO+QQXk+OyYqGuP9WQfPPki2tEDHJ9rHcPD3l+w== - type: ssh-rsa - chiiph: - key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDAotYxNrKKXihZrDd39iKrXZSm3r8L9SNzhe9JG6cPaLTYuxhrS9QejYih9noboWfsVFmNPFYH42u3/vMyJEtf1WEUqQ84Qh2oQaC3orGMdpo3fXlCwlcp9q55gZTbSkpKwjn4pmg++wdTNjMmldi1ifPDl2uVt7dUkjQk8hy7CTJofkTxrXIzGZx+OI0knuos+lNV1uU3nJ6upbBwkvxwy3S9nfZ9kq7y5PBo0wK9YkOrKIAZtCnb0nobOiFMPeQDJdBWIo0btv5tCtzqe/b28TYz6DrMWrLIEJ+t8PH6QxaB0oLtlx5fImRxykLVHEe9AO1WcV0aXW4+6ZsHRG4X - type: ssh-rsa - db: - key: AAAAB3NzaC1yc2EAAAADAQABAAACAQCZoVRqaxZL4Btmt7Nfcj0jNbM5UhBSFl37MWApS9qUlx1zJeH7Vw1ZRzUT8zLtdpOyL4JrF1jJ+D25/dqdTEv5dc7I/IcUz16uVD3REi9wk9uRo05DmG1PXQ0Pp3kRGhNFTh5e1ZeGbPlxZkHyUirWGz8A6hrPTUA/k+KRsQg4nH+3UTPzZcy3jvw6YvdATFNkZ5dhKyae9T41McBEdh5yPArfuVTL/ssckTxyISF5ObsvbzuuarTeNQQO5VpFvK9luKzXpta9IRHMeAHpu88MCiMcWiZUZlaVlD9tC6OcMNxCBWWMlNwtowgBmoIZnjo7NrMsJ1ksUT4eDsvf6huu9nX3KIigSUeuWPtaPMHCghhLXLQSuIOhQWXjFzl+KzgiOZ4ahmNMqiCaRFHAHw6BRuZRxphiMq2gjvKRg6a4giDIf9gkEQ6v+tiUQoGYXuwfb0sGVJfrnZVifUz+I1j0wWCBWaY7+/LtfaNIl1byyPzG+qRhHMUlj/IALnT4DuHM+VkXNyQ0fucGcyhFxabqfdxRUT0EQok8ib06f16JBCoqdd6bn64v1M29QGFeSF0t4zjqqDik7VQvOMph2WAZv9FwhvPrmbSSs3MIe7wVBaFC8zeavrZ8oCO1U40q2UcntO6Z0NpIhnGZC7zVxguEux1moAtWIE0+JIsrbu41gQ== - type: ssh-rsa - elijah: - key: AAAAB3NzaC1yc2EAAAABIwAAAQEAypuIGD2h1ZDtIRvjyqKH1qM3XKxzG/JpOATpaAtI5h8+rf3OHeDUdvuPlQfTpZiAoWjU1xsiDrxqIVgdFNe5+1WB1tDAtJ7sGBNa2u8AQTpI9mqSiwf2lXS95b+8VV8yu6woGKXrytfdXffcGyVLfzwJFl0Fmdy2J3HrbzrXYVEGrJs1SRpZ+1U+KizRs1m2MugxhNxOTroM1kKuRsjRswTSkXoXHJ/fUd+dxdJJnEsyqA9uFAH+6ljJnPscwERkd0UsgaVIniSe43jM79qcwBhFiJKejquRaw282ncQghEQpR4xtYfSnWX6SgGkOAnN8vrGjm7o3xtK8YEjGWW0LQ== - type: ssh-rsa - jessie: - key: AAAAB3NzaC1yc2EAAAABIwAAAQEAu248g60EsU1m5qmmli8nQ0/CYvU7LI5sv7qOjT1vWd94UGiRjIX4hTcbKg+AXT3zB6ieaAozJ31qeoLFxQwznnMNaka5zWcQbFt6ht5q8hsxRQjKOVSfEqH/Bn7eVvlLrp6oEbaBgGixKVGF6RXTLCkmWKo3fjgRM2QY6SylSxRrr8jhGvtcGtAh/tJ4ejWL+WFOV4m77qRS81c/uhNIfgjavCpvOxWoS3mLUe8q3uRnuWqhtXX/8LSOIAbcwXk8X0uhOBRpV81Hy7k0h77JO+otc2OlhYKA2Mu8TGmw2I69YswQyKzNPSU+K2flPClO63lYuJD83jaIPGDC6YNelw== - type: ssh-rsa - kali: - key: AAAAB3NzaC1yc2EAAAADAQABAAACAQDOrTTNY60n/eMKFG4twVfInoO54HEqK2wlETb+Pe91W4sOSPaBtsP4xvk1hj/7WVg1fUN7B2MhYHZRmppyS2eMQGlaBbziFzlm3+rqn997l4CZxxkFsCINFvik60vQjdWn1Qh5gtaTWPLp8igjF43+3FdZZk8arS2AQgHixQdZ0XfjpBvvxpP3DI/VEOgOaCEI8XkDj8WTAkeQxrFmX3/TxbvGARdfYvJwYEC2qE3WABbI+DVOJfLsFmv8RW62ax8ErA63Yy3RWsgnv2Nzxwi6o6MmWcr14f1gpPybPK8KrZNJoJkDVceDTVwdTxwUfjOrI8df8NiFLVR3/lEGX+Cnd0UeKzk5Tqy84g1+MDGWkRDVyplB24fFxi/ujInlasew3uTYS2waZkNrroU2B8VO36xj8C8bn2sf3818hvjS4XD+lvpwKrKaWwWFTM89Xvu/K9KHFn3+58EbcyE88MAzuqrgDarkeXCdVT9Re0OUchmul3JOz9OnV1Osv0yi9pRCaAGTKAivnbN8DwmALz8d9FBTMxbcBgEqqGvyNe7muYTQtvTvfcKHdtF/MlTibte8YIbj7UX+c19A1VxX1eFU7mbfSxW1zXok1D0o+cUfcyUFauq6YMNDK1+FrMID+Mrm86woKB5gOmQRLJ9BARcKl9GZY2YnQAat9hRHQR8O2Q== - type: ssh-rsa - kwadronaut: - key: AAAAB3NzaC1yc2EAAAADAQABAAACAQDbZEkLGBE/VX9B+DhqAkWZMUc4HxxjyW0x1e2KRNWhrXY0nlLfl7d4OFdCMxy1nzVrCvfmdfP3tDrpPmeMrjqotWbgzhSIG63KhnVcVH6TouZ0NbsVMrNh/LscwlHr7sGoXjCOjHmuZMIr4Wfsasj1xvsgLUwUCIeXI8AXoaggBo2CGSDLtWpGO8aYcS4rVymxAXMwDf2s3cNXLbUQRb1o2Hx8VvGEYNRnrJzyPJKOEqJ7/xfnj0Ukdv3NY4sYfP0A41afcm0yZc1dxTZwletBB59szaN+APRT/TpbCQJqkcVnhNgKpv74pPTvQ/Kcr7hrmbTcpHxBF6BRElGiE8FQW/6NQpi+9PGd9AiRlAw/ZeGvMv/youfWnsgVXshlz50/PgRJNoHGz6DxR6sPulU/gpPpyWi4yy+bo3xUoa3jm1utlpoC+aO3wtYlQbS0ccmhDQwkyqLP09Yn9rTv30ZMNaCtUYX69Ju0adczaT9fIhbdbnuUpuhwrFX92Qy1W61mGFj3KkJcEj1vrJVncN8C56X/V936qzfRFr4ug9KgcN3dNJ0ISxzj5JUU1y+KJfVuTIAVxBO+OmVWH84AW44sYXps6b+kXoTU0Em8HfpBrRhhsbLXu0xyfAbRaA/P7/WDOlv9cLsgtg3VI9IBoZY6hlB8JhcJ8UhkiTgZE+WiLw== - type: ssh-rsa - micah: - key: AAAAB3NzaC1yc2EAAAABIwAAAQEA1lHzO6il/4+V+KSiJZy34mxBKJNrn9Ah7VBxa3ss4AnahDgVwYqGlLk8xe45CShLRlu3nP4ccX06LUCJOBuLI2QZccR6+h2jfIEjXIaNC8lp12thIriEPUWZaKwV04fnhOnpA/VzNCRri8DOCuNvA8pfjg51DUtvhEuIV9UNxHCsLFSNg8RPngqNxrDgZJvjIMFFdTyOl0OdE1sN1zG2A6UPTlqO7Tmt6+/AByAS/C519nL0MIDix1S93sqaxaIE4kZSmVVx7Ft/albzWSIhIF/UbLxqfkc6L0HV0OpvBPMMuYUZkLC3DfAMggkxJsTTHkcR2Z1fIQ3P9am75WSwGw== - type: ssh-rsa - monitor: - key: AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAFqCXlaYmqZqbefpMBaMPqzjhYNaxejlOX/x8YCXsDN2HMfeb/E/FYfpEPCuLVJ5Z0aDkp76JL9i1CX/9Rcbq4DEQEc6vkEv79MOI2jfUCVVeWRcybvRK0YAT9eQK59+FgNDbEo2NCUWBRvKd+8TjzZ7GtCLDnGd6+gkr6orkiA3uus/A== - type: ecdsa-sha2-nistp521 - varac: - key: AAAAB3NzaC1yc2EAAAABIwAAAgEAnMA/JCaz/BMTZqhW+/h06ZZewhaYqMrmrgwXI1Ui6r9QkGzPy89ZB+86LV/tvZOJSWsT/CfN+zqRqDRH8ApnOuXsnmU1BF+Y/dXpLH8Z7t52yBwCVpQII4m29zZT9mfcyb5ZV6Rxh+BOChFERPkZwQJaMI9KU4nkmcKvgpOEbPfvXrv7aYy+G1YddMfmitWKpljL4VB+DVuKh7/Csxs9B8g8wy261rbVJDCvP2cblFA6nAuxk0UB/UFgA9VgjoNA/s2cXIsPDFvvHKoy6bDN0V7CQr3391eGv66KCoQIPCIkI6PY2MImA+Lx1jYQwEQUIJVm/KbuPFrm0GF/LSs5T+mNcFTyU+saSCOi1sxkCNtAikvvjzk9xg0W6RkR9ITZy3+3cKPhbHCd1qOMAxVvMCrN5s+bK2Ps5+wE1pxxz//owcRgsR0yk3kg/V5h716qL5EaWyh5XJoWbrlwzrXLW9ofceGBmqYv7dLKrXd3hwCzJqdZVtWSTePz1gB84rgCAwXhjofY3mwXSRjqQCu9RTImSpepKRCAEBujMHCK38aXR1IAXbenOWCQso05gMFdtlHY7DfvtmsT0xElbQXztKCBqtNrYoDf1+eQBOpveCK4n0gSivmo2NqDkw8R+1nW+CMo6eO3Qsfc3BXkJyufcOCsDjg1IXOP/fhWeNXqSL8= - type: ssh-rsa - mosh: - enabled: true - ports: "60000:61000" - port: 22 -stunnel: - clients: - couch_client: {} - ednp_clients: {} - epmd_clients: {} - servers: - couch_server: - accept_port: 15984 - connect_port: 5984 - ednp_server: - accept_port: 19002 - connect_port: 9002 - epmd_server: - accept_port: 14369 - connect_port: 4369 -tags: - - local -webapp: - admins: - - elijah - - etest1 - - kwadronaut - - mcnair - - meanderingcode - - micah - - varac - allow_anonymous_certs: true - allow_limited_certs: false - allow_registration: true - allow_unlimited_certs: true - api_version: 1 - client_certificates: - bit_size: 2048 - digest: SHA256 - life_span: 2m - limited_prefix: LIMITED - unlimited_prefix: UNLIMITED - client_version: - max: ~ - min: "0.5" - couchdb_webapp_user: - password: pg9XGGdt4Dr3WcM9PYDqMmxxKHTpvsc9 - salt: 7e8868f8c4775290fd37d2f520d13672 - username: webapp - customization_dir: /etc/leap/files/webapp/ - default_service_level: 1 - domain: bitmask.local - engines: - - support - git: - revision: origin/master - source: "https://leap.se/git/leap_web" - modules: - - billing - - help - - user - nagios_test_user: - password: uI_cYvPGNDZrcXTVLH_x88QFWjJ2yCZT - username: nagios_test - secret_token: btsFN6UD9nfP4SAWDYMmuMkgRTL5WW7E - secure: false - service_levels: - ? "1" - : - description: "Please donate." - name: free -x509: - ca_cert: | - -----BEGIN CERTIFICATE----- - MIIFczCCA1ugAwIBAgIBATANBgkqhkiG9w0BAQ0FADBMMRAwDgYDVQQKDAdCaXRt - YXNrMR4wHAYDVQQLDBVodHRwczovL2JpdG1hc2subG9jYWwxGDAWBgNVBAMMD0Jp - dG1hc2sgUm9vdCBDQTAeFw0xNDA4MjcwMDAwMDBaFw0yNDA4MjcwMDAwMDBaMEwx - EDAOBgNVBAoMB0JpdG1hc2sxHjAcBgNVBAsMFWh0dHBzOi8vYml0bWFzay5sb2Nh - bDEYMBYGA1UEAwwPQml0bWFzayBSb290IENBMIICIjANBgkqhkiG9w0BAQEFAAOC - Ag8AMIICCgKCAgEAzuIeBC8NWSTZF7j3WJTiH532vZ0Xn9zZ0+ge4Va3vKt/8H3u - xrWdjIdBF86D+e5FlObF9rqmN0AfGUv9K/ex2BAa09BzK+P5dmBoUhHUMNJPXUKy - 0oCNM6KXZkSD3SsGO1jCyolvtY/RR8t95yALy0bs8dDqA+wzM5UvQIoDWBeJaoVV - UQkbsO42HxF6c+IBe4I8o0RM1mbNC3cKOs4QnYxSMqv17MnomWZZu7ZguNH95TxU - RAR0Fw+A68OSEBev+t9NJ3dly5H0pp1pNeqKzIu8F9P+0c/PWG2ZV3TePgZt+JuF - SiIWjTbF58wbOszfqlsKRI3qBuFXgti5eCGQjSsJQOm2oaqTUaSSa3iFmC0al75k - AAgVB0iS6BJoDYoUfgeQoP1jCV5glGZbVc/WZOJx/m14pB8SV5KQ5OHM1pM+kZcC - yJi+9QrjdwsnPoAA+erQpXERufv6ce2E7YknusHV5U/ULJ32NFnvWFs4Gy0adjYz - XleEl83OBN+8f4ETQK6e17oxVkgFZ1ajwaKxhI9wgYwQ4mYJ/pOp93YgDJ7o2St4 - h7dbfABxb7Nteug1bMxotbHWz92otspafeP9+4Cu/d8Q1XbV9wlNy/OFHBcHp7AV - cwjV3cBMg9gABXcKITwxvED1G9zoEWFS0MNk3Gc6RfJZefA+wCLRgz1pb00CAwEA - AaNgMF4wHQYDVR0OBBYEFOS3wnWViCsm2V7AN9zNGeaQPtejMA4GA1UdDwEB/wQE - AwICBDAMBgNVHRMEBTADAQH/MB8GA1UdIwQYMBaAFOS3wnWViCsm2V7AN9zNGeaQ - PtejMA0GCSqGSIb3DQEBDQUAA4ICAQAo56u3499+60Q34+p4N0Xa/WP1ucLM23/7 - ZItAQfBgKP9nCCepTpZrE1h+pHYuAbZTR7muJ5tBgLWAH6XXNXHGe+BL8V+DlUdC - TnDnhIemc+OSoIc+AM7efgBEX7ART2saMIedCkHqB3x596EEByuwekTsDhpG+eq4 - 4HWW6YNQIIPhjUthi+Z/fKpAqhXtkbisQ0zyDCjQc5EsdZdg1dRS6c46q5CFXnZI - iWaBwMdzvg1uNF+euai+2XMbtdhAZWTF2fC4zCkJ7TOJLu+w87YmaV6mhnbmZX2G - eUOWhlzwBUoxZWMLHQ5YjV+FEqO3Zbs08ph6l4PJkwPNnc3oUYyFUNDT+cF723Uh - mg9MIY/fLxNfuZIt++q1gDJgi64hL2+I9aEzMVmjZ0hCnre061cX60TU20oSJRJJ - z7D9JQA4Nq7XxkrSBA3/UhVCH5crF2NwTzJx3fwW4FMnDA4W3DsHOSUpgq6WBrMa - GGPH6sbq21EZXkzpi3XtrQokNQL50lULvJqZID0KGlBmwpcXwBaP7H/0FxVNDvCZ - cSxp7nUenwZ6VnSKASIhveEoL7FkTuJRHlEfr1V9NzUdvFqq/51gm+g34HcdxtcW - r5BsKNPa4cNsGFfLV7XRMnz146pswhKJ5+QzUKGoospnyybez7lWw8K2w7wlIPHb - D2FUi3Y39Q== - -----END CERTIFICATE----- - cert: | - -----BEGIN CERTIFICATE----- - MIIE4DCCAsigAwIBAgIQHOYg9efmaHPDsJiUt11PzjANBgkqhkiG9w0BAQsFADBK - MRgwFgYDVQQDDA9CaXRtYXNrIFJvb3QgQ0ExEDAOBgNVBAoMB0JpdG1hc2sxHDAa - BgNVBAsME2h0dHBzOi8vYml0bWFzay5uZXQwHhcNMTQwODI3MDAwMDAwWhcNMTUw - ODI3MDAwMDAwWjAfMR0wGwYDVQQDDBRzaW5nbGUuYml0bWFzay5sb2NhbDCCASIw - DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALNd2wmCASd0w6aZlXZJv/t1HcvH - Jiyob8J+DZ0gyv8izRz7foigZAKWpi8H4vFf04yWI13hZNBp+DJsM7imDdcXCzI4 - vy8NYsXVPBNqiy9uZldKblls3ui/qh+cyLwQ4y4usLmGy/hxvVspo9ECyNGdw5KK - AzDYfhgGgDLyTIUE3rBWCyM9w+F8qdB5tBc/6vDk2I3IJIkNhwdBmcq9BTbIvjCn - PWG763uNV/DC0FCGog+1RIoZBMLzb2bZUkJ1C4x/oAtL/rAOzKERL3nKLDyUcbNi - TICFyzbcVf+45u879qWvEjcHBUWLvEmEdqc5D3YYtZMTDFfubVQDRWthwj8CAwEA - AaOB7DCB6TAdBgNVHQ4EFgQUHREU/5qWnzAv37pBMmkMdBtomP8wcAYDVR0RBGkw - Z4IRYXBpLmJpdG1hc2subG9jYWyCDWJpdG1hc2subG9jYWyCFW5pY2tueW0uYml0 - bWFzay5sb2NhbIIQc2luZ2xlLmJpdG1hc2suaYIUc2luZ2xlLmJpdG1hc2subG9j - YWyHBAoFBT4wCwYDVR0PBAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF - BQcDAjAJBgNVHRMEAjAAMB8GA1UdIwQYMBaAFLmBgyy9rLMJ2KRx7z66LdSVPg+P - MA0GCSqGSIb3DQEBCwUAA4ICAQBeGvIr2k08H+jcjL8KwZeXlCdfp1mG+cHXk8j/ - eIuWcWXW4umiCDLoDPRikjuPcuTbK2Ca+M+MoVegH6W368iRn6a/vMJvSrqLEz3e - AaVH9+NxAoa6+TzvcEcDJ8cotVJS3ou90hFACQserzXl8LqwIgVqVkPHWXNkz/gv - J1h1Cn6siYkzDHeBrq1Uqp4Ma0sFMmvu91MrxY4u1Tctw4pjQPzIVhXIRjsmSXYc - tIQQ3aJnt17oEQRHbMAY6YZ1kn6KXB8Cb5xSlj03nlZxfVn8eVc6MHkCIwwWuas0 - 9XicB6rKOkAJ1Kd0kzyGA+tO3qUM9vsbQL8N/FH0h10gwkakEX3RwzHeGgmhBwwT - CX7zYL4z5MfhBvR0DajTm1sxALJYqrWLmj0w/p7PF5wlO37WKTGud+zKtAG6BEj2 - 0/blwqiZv/6JPeYUuKJZBjoQs7AeyVa1mnmbakKRPhn1sBBXnb/ROGQKmpdYNPTF - mlxgWDQ2Sq+FRXCJX+ADy5UOsF/MkKZ9go7LjKTXfUndwXeEaNZ2WlR0UlPX7OXM - n15hPtcJ9hNufNbEDmzHvJWwU/1r7g5HmCvAg6CTzD6/67Ni3g6viKPh3b8oiQAI - aBV6p/F5kJcNHog3siMPKoUn/uQcSSpSQzPAE/nL4eMaBLqIAhxORQWzM3S8LwtU - hUwrQg== - -----END CERTIFICATE----- - client_ca_cert: | - -----BEGIN CERTIFICATE----- - MIIFqzCCA5OgAwIBAgIBATANBgkqhkiG9w0BAQ0FADBoMRAwDgYDVQQKDAdCaXRt - YXNrMR4wHAYDVQQLDBVodHRwczovL2JpdG1hc2subG9jYWwxNDAyBgNVBAMMK0Jp - dG1hc2sgUm9vdCBDQSAoY2xpZW50IGNlcnRpZmljYXRlcyBvbmx5ISkwHhcNMTQw - ODI3MDAwMDAwWhcNMjQwODI3MDAwMDAwWjBoMRAwDgYDVQQKDAdCaXRtYXNrMR4w - HAYDVQQLDBVodHRwczovL2JpdG1hc2subG9jYWwxNDAyBgNVBAMMK0JpdG1hc2sg - Um9vdCBDQSAoY2xpZW50IGNlcnRpZmljYXRlcyBvbmx5ISkwggIiMA0GCSqGSIb3 - DQEBAQUAA4ICDwAwggIKAoICAQCs8hK5EjnDjJVOKc4ZbDYFmM9PcilYtw3lb9yt - DcT8EY5qzfU4SkuV+I8UGSx4s2YC3oro4nDKNPm75RTpml5BOXKAGUp7/1+wBKoO - +pGeS52BsuNsrQKUbP/x+6XpuhSp3IVsVKcKJmDyOaJOJRj2DfaoqcpKM55gr/ot - meq+gJwL2wpD8015jkVERWg3l2I0Dj92cW4Qs4dJ+7JjI5idN5ShXXVmwvPQDa8H - c6SHd0j0BK92FB1O3GyPr244i6e0qdPGZhK0KC9pUru1ZYCWj7Jjr8RYCmK+jw0k - pc8TKph5tjLl5VEuDO8ZTtG+1Z0Vx2uSyCsAjH/PhzheqdfbNPAde/D8AKyLlDwm - U4h3R73GKAJcVS1A0DR1kqZ2spBz4HmmmcXcoQ++KdAmLOPBsIWhwhRGuzGdwQgR - eslm8oNkpToU3J/pMbpiBHEUSv5MKZJF7GTKRN8c69XIK2OebEZ8+DYuvi4uBjeZ - 9eydmT9VVN4h8R2E2572c36e/uWUhYdZrlienBBwNDe4Vuqmc+M0EwQQnQLl9XID - dQSN66Ao7zLQOenYrwM4/w3d7rhPXlD7DpYJHWCR4eP73jR7DOV2u3aX90B580MW - 8NjdyJS3gnjPKTCCq8vIolkHCGPqmpDzbajwqQvVsMnCaTV77zZtyLvodc5G/7gB - jZnreQIDAQABo2AwXjAdBgNVHQ4EFgQUD8GCfb8mWh3JNXAnvu2ObnPo/mwwDgYD - VR0PAQH/BAQDAgIEMAwGA1UdEwQFMAMBAf8wHwYDVR0jBBgwFoAUD8GCfb8mWh3J - NXAnvu2ObnPo/mwwDQYJKoZIhvcNAQENBQADggIBAIFO6f9ZUa6221jMGRMROe8X - XnQLoIX9AGkLG9Rpu/9PVnN/NoK1/MWoA7+qix1Pdaj1Skpz+yUmKGSGo6Oq4XRf - K2DNoy+BYjRauZVreLkE1QUuxzP1DQg0ej3hRl31c/Kv+KaMJy1ptrhFEbhP1yYk - b9Fayu6kuc96Xd8o0ARh6NAA4HysW119awDUsMANVm1VGuPTojdV3/Yn3bywCwG8 - B6Fqx2EfI6YptsNhzzm+o9v1VjXE+BQ4zbfmgY7uORqVY7b+5gK2+D5FAN4hsGbn - jiPo8G7Azv4VtmBcKROXbCf6B8tQA/Z3uFgfTHxM8iEaGsgnh8IUB1idnNmeUxqL - QcH5TRf8RAMr8xgYueyiWPR0NEAahrojvoNQGYPW5EdqJd4JzfqYNRnccTXAIF9F - VSCBPPtg4Ifc3Bfs9PObG2/2WJGkwJLevpdj00SO5otc+wWl/MG3eQlksceWtXJC - Laoxpno11oA6fwqxxIsqjCCCzwE+WL9xtEgaNoJ+bvB1DuzCoZ/MF0Q4nmQw5o0o - E8ODAhuMkfSz6Mwk+56iNTRV0hpKhADtVWuVsXd6Vmcyu4fX5IJ6vPzyCkal63L0 - K7TGCQJQeQnI52RkX3zpLIWA8SYp28qC+81dBdKEXPOs0MDHn5zWpnR8xHjs5jki - WOtY6TTfYq8pBdwToAQu - -----END CERTIFICATE----- - client_ca_key: | - -----BEGIN RSA PRIVATE KEY----- - MIIJKAIBAAKCAgEArPISuRI5w4yVTinOGWw2BZjPT3IpWLcN5W/crQ3E/BGOas31 - OEpLlfiPFBkseLNmAt6K6OJwyjT5u+UU6ZpeQTlygBlKe/9fsASqDvqRnkudgbLj - bK0ClGz/8ful6boUqdyFbFSnCiZg8jmiTiUY9g32qKnKSjOeYK/6LZnqvoCcC9sK - Q/NNeY5FREVoN5diNA4/dnFuELOHSfuyYyOYnTeUoV11ZsLz0A2vB3Okh3dI9ASv - dhQdTtxsj69uOIuntKnTxmYStCgvaVK7tWWAlo+yY6/EWApivo8NJKXPEyqYebYy - 5eVRLgzvGU7RvtWdFcdrksgrAIx/z4c4XqnX2zTwHXvw/ACsi5Q8JlOId0e9xigC - XFUtQNA0dZKmdrKQc+B5ppnF3KEPvinQJizjwbCFocIURrsxncEIEXrJZvKDZKU6 - FNyf6TG6YgRxFEr+TCmSRexkykTfHOvVyCtjnmxGfPg2Lr4uLgY3mfXsnZk/VVTe - IfEdhNue9nN+nv7llIWHWa5YnpwQcDQ3uFbqpnPjNBMEEJ0C5fVyA3UEjeugKO8y - 0Dnp2K8DOP8N3e64T15Q+w6WCR1gkeHj+940ewzldrt2l/dAefNDFvDY3ciUt4J4 - zykwgqvLyKJZBwhj6pqQ822o8KkL1bDJwmk1e+82bci76HXORv+4AY2Z63kCAwEA - AQKCAgAdY7G805UPXxeMRdxpQ5NWliY8qPjPw6PP5peIrPtZnp4mFkPiwfVgUfH2 - h2SgSlQ+jpTqiHiEVEZQINjR7dKwoNONYz7eHYKkRdakXv5Z+R2WCdFOCYSTtoY0 - GACU3HNgfkIKK8SLHASDhTnIr9MzFSJifSAMRgNXCPCpySs0HmTmOt3euDzlOEEb - HfRc5hPhJr6wIQyEOA34i5Y/9K+dn/FZDqnBwcVvCLRCvuspviKenSE4HqjwWtL0 - A+rmHw1rzSRY5cWt6dpMuqt9YvdcHqVA/YCPOYyYN3UTUj4DUszAei7iFHscKUSE - d3l7RY/BQLdOJUfxeu7JVIBGzfQJW728puZRxmDFqGFOYGKYiCMmUMV+ZiJ0IINL - gCCuKFCspk/5ciwLZvoseERxKNtDhEsOKnLtWyL4055HWOTPwYKuTngsp5PDKl3c - XytVGmOFYZ0RAWcONKpts9V4FBQXVpGdUT3BpOc0U1/d1CelcesBh5FORSIZNVgP - Q+WUgHaKCNU+jjZ83sxDC8du6YpXkt8imREH034R7b9QkhS0AzEE/MrEvxWAcT+B - y9Fzvw18Cfol+IfQ1pLo9EL6bVAcXqZMgDwAqPOvw2T1OVYkBSfDr/UUhM2Bg4XU - WuzOfH0p9MpnrbrA89Ar8B7TqgAABTj8nCZkM/HQ6J2JVfU9ZQKCAQEA2y2hsEdK - kTmNmgxa8mG2RuGgWx5oYD7bZRQD97GML1dZj1/gtg+OWml3VLrOhueqT/ItkNPk - bOGjQFDYpYzUYtOSA8UTn9Crs1rRUc5tHXcVHOAR9OCGKRClpIV7+4lbCQuX1v+m - rO9FNzumVJSw/6rAtJsuZ2TI6Ml/2LHUNOXgPUBPlIJ9dMv+0+eN45upMUzcmaIG - 4TtND8DeOakXb1ZanliR16PES+M9bWs1tWV2yubtO2o7+fQTwKZMqg6kGY88oSed - +HP6QxtMIbkGp7GYM7QHrgEwnp8nR5tCp1rL/LIvIIbWAsnfh7ZqQSRMoSMFonzv - lKqTm21jiavSuwKCAQEAygAUBScRklR8/zLVkdB2+Fy/E2TtC+AGDGmzhUygMpFH - k9DjeD0+92zM4Q+zbScLXZMZOTPiRRw8pOq8Q/VqHufAxEse5VBE3oxHpWzKH6cr - 5eheKMCRiIpwylUakdEgxyFWNA9pRfrpBmxOAy+RuLd2tR0wNkucFEXgQFoUpLyk - LurDUK5cbclmaSbjpx04lUyXJFd3e1P9H1A6L7hHqh9ebBL2O5rXbtOBevzvVRX/ - sCp/aITXolxYFVXlcexJ9Quh65amlBxcN9nO2RGyC2ZbAocqJEXFX7ARz01DEtIg - NCuTosszHfH5drqq6WQM6YKM1SZYeOsibemdlxlZWwKCAQEAr0Kk2SWYrdncrgMV - Ml4J+FHw/QuqoNOCcif4KDd0BmMNvYUIVezIgul0v28FOIDFAlqALyAQtzQSa5p6 - Mp8TMddGGfecAp5Evg1v9b9gJ0CSxF00XqCvBuVF3vHSO0gRYIFBsG0LJZvKuCjd - jyK7CiXLJGA2Uf0YXnTJ40gHjSkID1J+kB1sHloE8gNlxUwylbaFa+BRKgdWTrOF - v4vDrobZvWbLcCiHDbuu4fDpqJxyyjqwFmOThAK1TMZt5UoB1GJiM+dO/V4YD1Mj - pI+kj7GGKEncHjrbWuue6DZxrQsAtJby8kp/lQlB0e5+topFMFCl79GBblqb35ww - DOU1gwKCAQA18sVmBuQjf5sOkSYG1nUfqa2CYX8Jn+AdqpE+dZOHTdOe/7fwofLS - I+Wn6giSi032xNWEuH2i1YLAzMxRHhckf+K0yhdLSR/LjA2Keb6Vq5EGywNywNNd - cxPihc4dyYuGgznBl6gW/4cCpyRCp460lZMHle8NYS4jH/JfXW+L+7GhsiNNxfN7 - gsFuLeu48w3smdL36sBHWMwOc9/GZOIG5m/ST1Ih4x3MRIKdNTY6NDDgfMkgQfJR - M3Z25ETuIxwxbNTm1YpRni1m4S3kPVyevMxrpWu02kl3X8+x3MGgIixloonAfaJ+ - SeTFN99zi7wDFVHFj4MrcCj2z+C9vRBnAoIBAGl/ph9U5fDnNXBJKhzdQ1/eFGaU - cTLQrALqklWOqAuP7Yt9Aq0zxxYWZvZ5zxkoMDDN+wBcVH/0vxRW7/ktbViDHABD - 9Loj/a5gSQLs/1thZ8Duq66vTqBnUqbo4CK+kewHfB8VgoNVXvU9IkSqKu7Gt1iO - eRJZ2pF4mGBHMw34ot5jbU/kc9p8xUUoxExSq5uh7ahG+jWtqx6MVMz9R03rQnNl - EYU6npkpxjxNOuTu0akZl1v2bgi6fCO9KopGM/9t8kOY9P8cJmpBt7ohlUHkjiDR - 5QOqC7UGR7G4MrbJp6B5ChfY8TrbNEeQsrnDEb8+OMjmkshmvAfoZKq2odw= - -----END RSA PRIVATE KEY----- - commercial_ca_cert: | - -----BEGIN CERTIFICATE----- - MIIEozCCA4ugAwIBAgIQWrYdrB5NogYUx1U9Pamy3DANBgkqhkiG9w0BAQUFADCB - lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug - Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho - dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt - SGFyZHdhcmUwHhcNMDgxMDIzMDAwMDAwWhcNMjAwNTMwMTA0ODM4WjBBMQswCQYD - VQQGEwJGUjESMBAGA1UEChMJR0FOREkgU0FTMR4wHAYDVQQDExVHYW5kaSBTdGFu - ZGFyZCBTU0wgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2VD2l - 2w0ieFBqWiOJP5eh1AcaqVgIm6AVwzK2t/HouaVvrTf2bnEbtHUtSF6fxhWqge/l - xIiVijpsd8y1zWXkZ+VzyVBSlMEnST6ga0EWQbaUmUGuPsviBkYJ6U2+yUxVqRh+ - pt9u/UqyzGxO2chQFZOz8unjwmqtOtX7w3lQnyV5KbJHZHwgPuIITZMpFLY0bs9x - Rn52EPT9bKoB0sIG3pKDzFiQLpLeHmW3Yy89sutwjEzgvhWd3sFNVvgLxo4HuV3f - lfB7QB8aLNecK0t29Fn1Q8EsZhCenmaWYJ0cdBtOGFwIsG5symkaAum7ynjvZi7j - Mv1BXJV0gU302v5LAgMBAAGjggE+MIIBOjAfBgNVHSMEGDAWgBShcl8mGyiYQ5Vd - BzfVhZadS9LDRTAdBgNVHQ4EFgQUtqj/oqgv0KbNS7Fo8+dQEDGneSEwDgYDVR0P - AQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwGAYDVR0gBBEwDzANBgsrBgEE - AbIxAQICGjBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8vY3JsLnVzZXJ0cnVzdC5j - b20vVVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwdAYIKwYBBQUHAQEEaDBmMD0G - CCsGAQUFBzAChjFodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVROQWRkVHJ1c3RT - ZXJ2ZXJfQ0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3Qu - Y29tMA0GCSqGSIb3DQEBBQUAA4IBAQAZU78DPZvia1r9ukkfT+zhxoI5PNIDBA+r - ez6CqYUQH/TeMq9YP/9w8zAdly1MmuLsDD4ULS+YSJ2uFmqsLUKqtWSkcLvrc5R7 - RkznehR2W0wdhKEgdB8uS1xwiNy99xk97VkN4j8m4pyspDyVHPi+jAOu8OWcTbzH - m1gAv6+t+jducW0YNA7B6mr4Dd9pVFYV8iiz/qRj7MUEZGC7/irw9IehsK69quQv - 4wMLL2ZfhaQye0btJQzn8bfnGf1gul+Hd96YB5bkXupjfajeVdphXDyQg0MEBzzd - 8/ifBlIK3se2e4/hEfcEejX/arxbx1BJCHBvlEPNnsdw8dvQbdqP - -----END CERTIFICATE----- - commercial_cert: | - -----BEGIN CERTIFICATE----- - MIIEcDCCAligAwIBAgIRAMqxAnEi09LnUmxHz34zaygwDQYJKoZIhvcNAQELBQAw - TDEQMA4GA1UECgwHQml0bWFzazEeMBwGA1UECwwVaHR0cHM6Ly9iaXRtYXNrLmxv - Y2FsMRgwFgYDVQQDDA9CaXRtYXNrIFJvb3QgQ0EwHhcNMTQwODI3MDAwMDAwWhcN - MTUwODI3MDAwMDAwWjAqMRAwDgYDVQQKDAdCaXRtYXNrMRYwFAYDVQQDDA1iaXRt - YXNrLmxvY2FsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2flsifSE - SbAZ4GZE3594alIx0Y4wH+zPlpffAyAuH0/woIfbU0niYpjCMp2IukAkcMfwsvAy - j3I2EKimkxWBDvmaDH5fY2SB6Mk6jun4TbYNbzZxPjN5ZG1arOl9Z+nXy8rR18jJ - nXwR/QT7GeEsCUbT+GN0TamFzGqaKP5QyOhVEorzcKnxuRTFoc6N1e3kB1kq2bDK - npX376mKTFWW7OLeXH2+Eh8A2X+w8zqQTpRta6631DyynO7MLAsihiAmDlOVpIsA - hYF/jDblpqCsh7es/78Rf09I4/pqwDByU+4wcuQ2CihdMqu8qZYY0iZFSelpikhp - mjvuVug0J91CVQIDAQABo28wbTAdBgNVHQ4EFgQU6/xkpENCcBkmnS+8pjjIKFOZ - ndUwCwYDVR0PBAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAkGA1UdEwQCMAAw - HwYDVR0jBBgwFoAU5LfCdZWIKybZXsA33M0Z5pA+16MwDQYJKoZIhvcNAQELBQAD - ggIBAARhtd1EdoHrHL3HCeqo5WplQnW0bd6M+KdFTlp2o84sRwDDsRhTQ64xeZC3 - kK7h+R54cm2xzrqHs70t5UYNoYXh0DRYqCsEu9ZMfnxtye4sofGo53s5LWtkAguE - sTcpijbj95RodvGZnal+V7Z+B8yt0u0HcfFSrWv7956i3+Zcxdt+/9+FLYOzbOVj - sUnqKob3J8++PURJlPvnsgrrPPMxrRL7WfRn5njwrYNWrpOljh2G6PLcUmEHFQ/m - op8xbFwbb6mmkuyZqiQfcSci1Z/562kMR341Ba1plIvr3MPNShSzaIxyPNJrBATP - D1PUK4AORbpolhxJPjx8qfGyCKUBQKKACBRO3pBUlnHIiC21bjYJu9hev1qv9Vd0 - VPeJRHC3Y/1Bv4ptMvwIXjh3uy16TYHA7V1cUIQmKk8HzBByHTek+xupdFERyFx3 - 0LDXPu7ry3bWHKoojsgNqWRXaTVuMZilgTGmwF24gCdjMrXgWANnxhFG2UVPa7sg - 5OreMhK/jBLeXFrfTjXZtIDRdZmsgSkleUQuAlMG1yCZZud0cMebjBmCkcaada7e - 4C0WFjpZHq/4PNcoO9aFTlNzzWlTm57Otvfc+kfItEt0Tx2YrOFKuHTofGptYtFm - OsUsS1uOeX1yFG4h3y6OT1gQJaNIep6N4/Qps8l4NK/0Wn9+ - -----END CERTIFICATE----- - commercial_key: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEA2flsifSESbAZ4GZE3594alIx0Y4wH+zPlpffAyAuH0/woIfb - U0niYpjCMp2IukAkcMfwsvAyj3I2EKimkxWBDvmaDH5fY2SB6Mk6jun4TbYNbzZx - PjN5ZG1arOl9Z+nXy8rR18jJnXwR/QT7GeEsCUbT+GN0TamFzGqaKP5QyOhVEorz - cKnxuRTFoc6N1e3kB1kq2bDKnpX376mKTFWW7OLeXH2+Eh8A2X+w8zqQTpRta663 - 1DyynO7MLAsihiAmDlOVpIsAhYF/jDblpqCsh7es/78Rf09I4/pqwDByU+4wcuQ2 - CihdMqu8qZYY0iZFSelpikhpmjvuVug0J91CVQIDAQABAoIBAGyn/igCwJLu+uc2 - c6y5lNADKxxX8btoU86w5BVtzDAFrGCJeJZbJUOa/Gs4xjh50vB5ao34WGvTNgo1 - 19tIA+6QE++YazpjlrKQ5OTq0sECOE4w6GBmTmP2cxXwynerRMwszU/wojgj6d+j - xPwQl+AD85RFF2vDTpQoq7I1m9WZt1awszigmG8VDBwa/LFKfrz/HACH0lmQ6wQ1 - h+dYcKjS7K68rEhZ29cjkO7k6Il44B4/6nfPSFCXCcypZD3uNXwGGDGR9QGcBzCY - HLCveb+v3rKnIjMpAX8xi1R6LVaxX+/wRCoaMRRhWqH3mBijVV/SKDvo+AOATECM - UNDYOaECgYEA9yNhwS2zL1lZhqqejG9CPL5GaxB+Rl6cFDP2U8xUVVYZjbvjnJBb - mU0/c+zGWFlHvqgBOCW5pCFOJx7eFvpp10zVJgqH6Nbdsz/nE0+kx2PwVT+miyBT - 1CdtB8UQt4FDllYo3BToeqLlICBwuTe77UILWMjx4WPSQB/mJOlfHD0CgYEA4cpU - ogjCG4dU6W66RL4y+eP63VDBtz6kUmMHiX5xXEjn6UdYYp4TBL3VxonkMbOzHtAX - B95klqs2vl1arQf3glrv9PfVWyexWy+U/0YkibS8OGDJJUVLLRS7gZrEMGPbeKY5 - SSeEDOtkmrUW6EmrCAmwaVW24uObAtzJJH6bp/kCgYEAs3bfGvA7yauBppgp8GMu - 33txGXhtql4zyzv8qdeceie/ALyrSdtOmSGObXlIg4m53sqTsBk9GOISpbf1oQwR - ZgZmVmyZS00Uy4EhJVXVm/GH6fAB2dAM7+f9dgH15Lwav4Yrv73zIHNAHbdRBD9j - 2aP3J28srvbVDDnd33oU1iUCgYBNrD3bE+o6cB68wtOfLFL69ftpwQsyz4DVuq1w - FihHF+l3rYxxOHHQcsGkr/DpTCk1U15o3Y966WFGsXStC42QsVnUyqEB37C6bq7x - 9h5BpQQO3PS1NpY65uPuHOCayO9KHNyeFtLtYtjUA7HirN0CQdsHEW59tNCxdmRX - gppneQKBgAS27C022cGm0Qa0/X1a55G8D8MTXWe+fV6kNWJmfNca2YnWGIPJb+Ec - ISk5wkWOga3Cs9UcaJKnIbAiqaUU0VdyL0aZRaXyO6SlzgQLwpYUQ6zNzEhdgEhi - vd4rafhTMnvMUaDLjO5AVRnZ1eG+/5Gm/Y5XAvCPDqBEUlgvIRVn - -----END RSA PRIVATE KEY----- - key: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEAs13bCYIBJ3TDppmVdkm/+3Udy8cmLKhvwn4NnSDK/yLNHPt+ - iKBkApamLwfi8V/TjJYjXeFk0Gn4MmwzuKYN1xcLMji/Lw1ixdU8E2qLL25mV0pu - WWze6L+qH5zIvBDjLi6wuYbL+HG9Wymj0QLI0Z3DkooDMNh+GAaAMvJMhQTesFYL - Iz3D4Xyp0Hm0Fz/q8OTYjcgkiQ2HB0GZyr0FNsi+MKc9Ybvre41X8MLQUIaiD7VE - ihkEwvNvZtlSQnULjH+gC0v+sA7MoREvecosPJRxs2JMgIXLNtxV/7jm7zv2pa8S - NwcFRYu8SYR2pzkPdhi1kxMMV+5tVANFa2HCPwIDAQABAoIBAEYza7ES8sSwjIq9 - /aNoRf1y3xCMh0JfQi6LC2T+GrU0t7aqL+HldH8W2z/5BDeYW8HgWUM7Hiv77ao+ - cxfH1g7i8/zZ/Om7gXcQeAzZXFRaDzAG752MYMoTidAJmv8QVPoUSBK00UwRqBzv - 9S+uuU5hQtQttAYAFYntsWs/Lfe5QkDklfZ4EhVRm6R9dDbBNuraeOVkkSCJxL/Y - ei5+MLpdysKUbKb5NkVI1Olh23w0D1qJcWVv3WtO+V4i184ewT8Vb8GFK0bOGRxd - pLpVDpojH44av+HJGGbWFruBlcXzic6JJU5JWf0tu8xFpyURPAFcIW0M7T9UXwWV - LJ5c1rECgYEA4a0XAYfeyCNlVOzub5CR9DHhwt5FCPHxmdGA+pw8a2FpRq6iU7pN - r9yM2hrVmTOsM+/Zq28BAngtP0PXn9rancFx7/1FsHgp3xiz7LYAFNJoKImH6ipd - xdCkwA9yoO/owBWBc+dHK77Z1uvLgpnlfct/9DL0SfcrZr3Ngmbkzh0CgYEAy3fK - TAbSIgirJzyt0CvXub6ecZt/IV4w+P2mVTdmuCD1yC/EmyIm+shj2wLzdFUgvL6z - GQwSDVGd63/sTJ0nLii5Q6MQdS636qdWFXk3m7RUtb044TQSuIe08fZ/yc335NeR - uXbTlqGqPbvDqIMsJ79Qm8HTZ0sWhOaH+qxn0wsCgYEAyRfRrj2CGNjhjKFrfeJX - DD/+qgQhg+0DmksDIU1i0VSF2MP4RZ93ZkOjBx5uQwu2YLlTPt21CpxHxV4Qn5MG - xxf/DRikprEMro12lnE+9U7gHW8fu1txH7nhdHrPa/Ubcz42ki7+Tk7MEiUevQuh - YUyageF9qQMkm3J5078YF0kCgYBYrW3SsspUoPiPUkfiyajswGJn20CON3Iaotoi - m9G+AEd+pysF/d2FQV8b7e5TTmLFQEvoZ7Vabq7oG8nOHlQcLw2HqAMdP25S6/l9 - xGXzC6Y7yyuGI17hY+v95NQPDSC0cSuG7H4NUYpT+4ir4feVnzEvoUtU4on/BEZR - f2CEvwKBgD/I0U24VHkD2vHrkcrrSXbBRIm630xXT3Wx7Al9D/f9N5z5OJ4pmCn8 - f8nYmHwasWYUA2cMWODCQgIiblfYkewltw2K2qXByRZR98Y/OjScOWS2bwc+rMnb - cwCgFA2WXzfcw4WzZoYotzPvOWkYARur/VdJvry9UMX0ljkt64d0 - -----END RSA PRIVATE KEY----- - use: true - use_commercial: true diff --git a/hiera/snail.yaml b/hiera/snail.yaml index 2413ec0..fcfac89 100644 --- a/hiera/snail.yaml +++ b/hiera/snail.yaml @@ -27,8 +27,8 @@ name: snail obfsproxy: gateway_address: "176.53.69.19" scramblesuit: - password: OY3FIR2JIJ3WEWRYPJRVS5SGOJLEG3SU - port: 24218 + password: OZ3FOSKQKR3EUTCZPJWTEZKWMVGVCNZZ + port: 27889 openvpn: adblock: false allow_free: false @@ -37,6 +37,7 @@ openvpn: configuration: auth: SHA1 cipher: AES-128-CBC + fragment: 1500 keepalive: "10 30" tls-cipher: DHE-RSA-AES128-SHA tun-ipv6: true diff --git a/hiera/starfish.yaml b/hiera/starfish.yaml index 7b894c2..7a086a2 100644 --- a/hiera/starfish.yaml +++ b/hiera/starfish.yaml @@ -43,22 +43,22 @@ hosts: clam: domain_full: clam.dev.bitmask.net domain_internal: clam.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDR+ZrQQ4ggDM5ZpNyoVmZJ3cQwzlfrTorWohEY0BAhLDuxpKR5U95Dam8xckh4tM2o0ZFkayVYLoW2s1hrD8Rt6AYVM6l7z5tSf/lIbWO++PAoIKSPJmSmg7kZs+P3Tafs0VjJh3Ypc2nmqvih+oRPSSdDUP7Dqumham5GGWVG/Y7UzukY7r1SeWdFW3fEvR+74/rCpWbSPgG5Fckp9FTy82JV7z+E+S+UHD1Dcgpimve4GGAbHVySNPI1khNHeTFuPJCgehwLOInCexXJO5gIcqyj4d3xABt84BGEHbzaSYDiUNZJep/dOddGt+xTZCzmmFtYcSjUZLR+wQCMFOeH" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMYfDEXXpRdNtIaa1aGLVqG/3laVEoLi4ujKAFKtsgOJqw6qd6Sph29Jyqb5SmXNqzebuVKbWmKogXia1wKnjUc=" ip_address: "176.53.69.22" elk: domain_full: elk.dev.bitmask.net domain_internal: elk.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDu95UcykhjBiamMLHpGqB1UrPScpihrfOvlX0yO4zTa3PoJy+tx06UNfZ5JZD5llsezZ5HifUANSQ0XFPeYr3Vf4wrbD59oilUQtNXyB8avXatipRljURp6Yb5w1/pputbuZSe8aqn1HMDrSkTILbaCSdF0y5vWvssU2eDmpaZMtNEgPvA39PHHgxLXno7aktMJ8Vc3Wvqm6aUiBURZILGPchnVHgiMZUNiwm/nx7eRkIv1OTOJwPRBAOzqZuKf3c6jemtAMpihlwq4hBl99f+mWe/Fpzy0pq+BkfCPCnOE9iXk9ELd7hl0MoLHMdjCoQeWdVVEm5gJTjx0iZCDdyF" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJxIofc6JyVvppMKv/hZnMZp/aYeEcy5kHAW1O1/ZkHnclc/cmxEQ2HtRNhMXziOrYZG/UB9NCEBkTFG2PG6XH8=" ip_address: "176.53.69.127" starfish: domain_full: starfish.dev.bitmask.net domain_internal: starfish.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYdKG2P28qWIzj497n8DaC50wPUUHDGg6qvSf64+qtfKGG6n1NNL4vrtO/mvOwLVCE7EqeQGzKD3V6/RyDECvKQK3bspMLE6E5MuH5cMKzlSKDZETtCMI/23UTRe8HXoQSZbwxtSFEA+p38M0yqqwysk5tna+Fo9ZatDgwRqOln1m9ny6ckxXMhpuc0s/7nbqLtHvhm22i70ghU5Hrjgz+/xI5IoL5e3vkDbAih1Jub+TdpmxnTKw53oWL2vzDxKstsmNm7GOeujPr5SDdVpxhzxfg/9JBtT59yiGm4C3sNC7LsceME2V77qSx9RIqVeWv/hvHjRqEFErIAMCl6UoB" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH7hjD8SIQshnCrMkin4MY6ff1QAJRusnMMsitiTc3+rpn5cCVW+ZB6+nwSKUyiXbD8l6wcL0CTxEZJGhYyfKc0=" ip_address: "176.53.69.23" urchin: domain_full: urchin.dev.bitmask.net domain_internal: urchin.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfU1/BwcAUPRHNffdxePpL15ME0shqsINsbyTbE3pcxwB+oUk0BO8Hk2rVU9WAvUXBRzKjjTNVbXz3lFv1cDsIIRmSewN5G2qR3KO2MAlEaOPZa9oy6vzoJ3i8r8SlESDFUZLkzWfTDtnvb7DlkYAZwaJ1LMhO7Ou3PDdxyWixmpE5cblCExoO55fmJMP9FmD6viqc2rfRKiNkb9W8uqiEBXEGG96QBnAwXGPD3THlfe7SWJeGGuvWsH9kUJIDAABb8GHdzquOYr2xvwyBnQNgWCbyI60umlNLFNlOuX3Q8s8bGcEcKtwb5mJIztBgITsyuzm7H+z/e+EGOU1G2I0r" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKuJ+QA8GaXfxxERGFQSznpqJNmIk4gNFp3UvqYvL9PLeFUP4DwwsyCWg24x1R7RkFE3P75Jcck6Q8JW8d9iQWo=" ip_address: "176.53.69.21" ip_address: "176.53.69.23" location: diff --git a/hiera/thrips.yaml b/hiera/thrips.yaml index ca86ee5..6d916bc 100644 --- a/hiera/thrips.yaml +++ b/hiera/thrips.yaml @@ -9,8 +9,6 @@ couch: epmd_port: 4369 neighbors: - ant.demo.bitmask.net - master: false - mode: multimaster port: 5984 users: admin: @@ -25,10 +23,6 @@ couch: password: CyhRSafC4SUGQ9F762Qfv3TPQDqTjn2G salt: e3ee9259723d0cbd8b3265dbe8b4e21e username: nickserver - replication: - password: gPFMMKdZaTHF24nQGYQTDHkAduQcarBm - salt: 215a1f508e2b564978f98e43231e1506 - username: replication soledad: password: cGqWZqTdFc_fuSZvfPtUTL_7uMA6d5YC salt: 514355e86f1d3fa4de42b677de21281d @@ -81,9 +75,6 @@ mail: smarthost: - leech.demo.bitmask.net name: thrips -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - couchdb @@ -132,29 +123,25 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - clients: - ednp_clients: - ant_9002: - accept_port: 4001 - connect: ant.demo.bitmask.i - connect_port: 19002 - original_port: 9002 - epmd_clients: - ant_4369: - accept_port: 4000 - connect: ant.demo.bitmask.i - connect_port: 14369 - original_port: 4369 - servers: - couch_server: - accept_port: 15984 - connect_port: 5984 - ednp_server: - accept_port: 19002 - connect_port: 9002 - epmd_server: - accept_port: 14369 - connect_port: 4369 + couch_server: + accept: 15984 + connect: "127.0.0.1:5984" + ednp_clients: + ant_9002: + accept_port: 4001 + connect: ant.demo.bitmask.i + connect_port: 19002 + ednp_server: + accept: 19002 + connect: "127.0.0.1:9002" + epmd_clients: + ant_4369: + accept_port: 4000 + connect: ant.demo.bitmask.i + connect_port: 14369 + epmd_server: + accept: 14369 + connect: "127.0.0.1:4369" tags: - demo - seattle @@ -221,9 +208,6 @@ x509: bbeVsHat97eo2210j/wOQUxoGYzUq4WVKoCbQFfAhf/ksXhNn6mBBCuhCDp/Mu09 s0n2njL9 -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEogIBAAKCAQEA9TdRRiX7Ia4yRKvGpRuV7Ff/iS29eFdddwSYg+uPSRm4Hn4f @@ -253,4 +237,3 @@ x509: GaBuHcOkEMwibPgxyoBZLPlS4/Au7MZLRTRqGoo8N1vl0x71mhA= -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/tor1.yaml b/hiera/tor1.yaml index 7363ed3..e29a87b 100644 --- a/hiera/tor1.yaml +++ b/hiera/tor1.yaml @@ -20,9 +20,6 @@ mail: smarthost: - mx1.bitmask.net name: tor1 -platform: - major_version: "0.6" - version: "0.6" service_type: internal_service services: - tor @@ -63,9 +60,6 @@ ssh: enabled: true ports: "60000:61000" port: 22 -stunnel: - clients: {} - servers: {} tags: - local tor: @@ -73,12 +67,6 @@ tor: contacts: - sysdev@leap.se family: "deeruSaR9IekHdQGUGI,hippobagtc8Z3KPmfnT" - hidden_service: - active: ~ - address: ~ - key_type: RSA - private_key: ~ - public_key: ~ nickname: tor1pPXtPbHH5BVHVE2 x509: ca_cert: | @@ -142,9 +130,6 @@ x509: KyFwoPZJ/prUbN7soJcaXfMRwKjKBtAZcfiEIuF/Kj0q0ej3SlIRQn9qQ3kB8gCm rq5L0rF43W9j+Nk6UsuShrFnpNco1oeVupR64lMe/NeS -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEpQIBAAKCAQEA22A15S8yonSXCU8U/5UHkTMMgsWpnEwk28+xGzwbRCX5g4dF @@ -174,4 +159,3 @@ x509: FPbeaUQIPPQfHUADhENClQ9eGyeOEj4BUwGbGxyKVBQEeJUO0VsD4eM= -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/urchin.yaml b/hiera/urchin.yaml index c4b6076..236061f 100644 --- a/hiera/urchin.yaml +++ b/hiera/urchin.yaml @@ -27,8 +27,8 @@ couch: salt: 70bcff5aeb5a7ed22a96a4b43790965f username: nickserver replication: - password: _mVfcIyFV_vfRFUvpNmAWYn_9KUxJ7Pv - salt: b53363c123da0677255bd93ec1627db7 + password: B7LFWg7x7AQRIXdxGmsd4MjfQISB_EZj + salt: 868afc4ca18138cc256f57ff2a3c99a5 username: replication soledad: password: PgrbUREhqBGY4r4XIXQEgkk3jTH4sEJA @@ -60,22 +60,22 @@ hosts: clam: domain_full: clam.dev.bitmask.net domain_internal: clam.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDR+ZrQQ4ggDM5ZpNyoVmZJ3cQwzlfrTorWohEY0BAhLDuxpKR5U95Dam8xckh4tM2o0ZFkayVYLoW2s1hrD8Rt6AYVM6l7z5tSf/lIbWO++PAoIKSPJmSmg7kZs+P3Tafs0VjJh3Ypc2nmqvih+oRPSSdDUP7Dqumham5GGWVG/Y7UzukY7r1SeWdFW3fEvR+74/rCpWbSPgG5Fckp9FTy82JV7z+E+S+UHD1Dcgpimve4GGAbHVySNPI1khNHeTFuPJCgehwLOInCexXJO5gIcqyj4d3xABt84BGEHbzaSYDiUNZJep/dOddGt+xTZCzmmFtYcSjUZLR+wQCMFOeH" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMYfDEXXpRdNtIaa1aGLVqG/3laVEoLi4ujKAFKtsgOJqw6qd6Sph29Jyqb5SmXNqzebuVKbWmKogXia1wKnjUc=" ip_address: "176.53.69.22" elk: domain_full: elk.dev.bitmask.net domain_internal: elk.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDu95UcykhjBiamMLHpGqB1UrPScpihrfOvlX0yO4zTa3PoJy+tx06UNfZ5JZD5llsezZ5HifUANSQ0XFPeYr3Vf4wrbD59oilUQtNXyB8avXatipRljURp6Yb5w1/pputbuZSe8aqn1HMDrSkTILbaCSdF0y5vWvssU2eDmpaZMtNEgPvA39PHHgxLXno7aktMJ8Vc3Wvqm6aUiBURZILGPchnVHgiMZUNiwm/nx7eRkIv1OTOJwPRBAOzqZuKf3c6jemtAMpihlwq4hBl99f+mWe/Fpzy0pq+BkfCPCnOE9iXk9ELd7hl0MoLHMdjCoQeWdVVEm5gJTjx0iZCDdyF" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJxIofc6JyVvppMKv/hZnMZp/aYeEcy5kHAW1O1/ZkHnclc/cmxEQ2HtRNhMXziOrYZG/UB9NCEBkTFG2PG6XH8=" ip_address: "176.53.69.127" starfish: domain_full: starfish.dev.bitmask.net domain_internal: starfish.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYdKG2P28qWIzj497n8DaC50wPUUHDGg6qvSf64+qtfKGG6n1NNL4vrtO/mvOwLVCE7EqeQGzKD3V6/RyDECvKQK3bspMLE6E5MuH5cMKzlSKDZETtCMI/23UTRe8HXoQSZbwxtSFEA+p38M0yqqwysk5tna+Fo9ZatDgwRqOln1m9ny6ckxXMhpuc0s/7nbqLtHvhm22i70ghU5Hrjgz+/xI5IoL5e3vkDbAih1Jub+TdpmxnTKw53oWL2vzDxKstsmNm7GOeujPr5SDdVpxhzxfg/9JBtT59yiGm4C3sNC7LsceME2V77qSx9RIqVeWv/hvHjRqEFErIAMCl6UoB" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH7hjD8SIQshnCrMkin4MY6ff1QAJRusnMMsitiTc3+rpn5cCVW+ZB6+nwSKUyiXbD8l6wcL0CTxEZJGhYyfKc0=" ip_address: "176.53.69.23" urchin: domain_full: urchin.dev.bitmask.net domain_internal: urchin.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfU1/BwcAUPRHNffdxePpL15ME0shqsINsbyTbE3pcxwB+oUk0BO8Hk2rVU9WAvUXBRzKjjTNVbXz3lFv1cDsIIRmSewN5G2qR3KO2MAlEaOPZa9oy6vzoJ3i8r8SlESDFUZLkzWfTDtnvb7DlkYAZwaJ1LMhO7Ou3PDdxyWixmpE5cblCExoO55fmJMP9FmD6viqc2rfRKiNkb9W8uqiEBXEGG96QBnAwXGPD3THlfe7SWJeGGuvWsH9kUJIDAABb8GHdzquOYr2xvwyBnQNgWCbyI60umlNLFNlOuX3Q8s8bGcEcKtwb5mJIztBgITsyuzm7H+z/e+EGOU1G2I0r" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKuJ+QA8GaXfxxERGFQSznpqJNmIk4gNFp3UvqYvL9PLeFUP4DwwsyCWg24x1R7RkFE3P75Jcck6Q8JW8d9iQWo=" ip_address: "176.53.69.21" ip_address: "176.53.69.21" location: diff --git a/hiera/vpn1.yaml b/hiera/vpn1.yaml index b3005e7..ec7818b 100644 --- a/hiera/vpn1.yaml +++ b/hiera/vpn1.yaml @@ -20,11 +20,6 @@ mail: smarthost: - mx1.bitmask.net name: vpn1 -obfsproxy: - gateway_address: "10.5.5.46" - scramblesuit: - password: K5HEYZTLIVIDIUDZKF2EE2BZKNTGCSSF - port: 22735 openvpn: adblock: false allow_free: true @@ -49,9 +44,6 @@ openvpn: second_gateway_address: ~ unlimited_prefix: UNLIMITED user_ips: false -platform: - major_version: "0.6" - version: "0.6" service_type: user_service services: - openvpn @@ -92,9 +84,6 @@ ssh: enabled: true ports: "60000:61000" port: 22 -stunnel: - clients: {} - servers: {} tags: - local x509: @@ -193,9 +182,6 @@ x509: xIAokTRYLx/6lq8bwelCPGVjy7EsGXt9aN+gMb4R3L9vA/NQrXu+dmCJKPE1vUHF gkVBxxt/s0R2aKM= -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ dh: | -----BEGIN DH PARAMETERS----- MIIBngKCAZcAsTaQV6TwbN9PpD6dYdXz0lA0drrXLRvS8rNoMTaDnIv134RwKwsb @@ -237,4 +223,3 @@ x509: 8hacajGZ/d17cG5lIC269f9SeCqCBkg4IjJJA8aPX65M4J1UdF+h -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/wallaby.yaml b/hiera/wallaby.yaml index e9a07e1..d240647 100644 --- a/hiera/wallaby.yaml +++ b/hiera/wallaby.yaml @@ -161,10 +161,10 @@ development: site_config: true dns: aliases: - - api.demo.bitmask.net + - wallaby.demo.bitmask.net - demo.bitmask.net + - api.demo.bitmask.net - nicknym.demo.bitmask.net - - wallaby.demo.bitmask.net public: true domain: full: wallaby.demo.bitmask.net @@ -175,21 +175,17 @@ domain: enabled: true environment: demo haproxy: - couch: - listen_port: 4096 - servers: - ant: - backup: false - host: localhost - port: 4000 - weight: 100 - writable: true - thrips: - backup: false - host: localhost - port: 4001 - weight: 100 - writable: true + servers: + ant: + backup: false + host: localhost + port: 4000 + weight: 100 + thrips: + backup: false + host: localhost + port: 4001 + weight: 100 hosts: ant: domain_full: ant.demo.bitmask.net @@ -223,9 +219,6 @@ nickserver: username: nickserver domain: nicknym.demo.bitmask.net port: 6425 -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - webapp @@ -266,34 +259,29 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - clients: - couch_client: - ant_5984: - accept_port: 4000 - connect: ant.demo.bitmask.i - connect_port: 15984 - original_port: 5984 - thrips_5984: - accept_port: 4001 - connect: thrips.demo.bitmask.i - connect_port: 15984 - original_port: 5984 - servers: {} + couch_client: + ant_5984: + accept_port: 4000 + connect: ant.demo.bitmask.i + connect_port: 15984 + thrips_5984: + accept_port: 4001 + connect: thrips.demo.bitmask.i + connect_port: 15984 tags: - demo - seattle webapp: admins: - - azul - elijah + - varac + - micah - kwadronaut - mcnair - meanderingcode - - micah - - varac + - azul allow_anonymous_certs: true allow_limited_certs: false - allow_registration: true allow_unlimited_certs: true api_version: 1 client_certificates: @@ -309,29 +297,16 @@ webapp: password: LH5DH5rbLZs7zuCaIgWpDAetDpLvUAHg salt: c632af58769857bcdf108b46da9eaa44 username: webapp - customization_dir: /srv/leap/files/webapp/ + customization_dir: /etc/leap/files/webapp/ default_service_level: 1 domain: demo.bitmask.net - engines: - - support - forbidden_usernames: - - admin - - administrator - - arin-admin - - certmaster - - contact - - info - - maildrop - - postmaster - - ssladmin - - www-data git: revision: origin/master source: "https://leap.se/git/leap_web" modules: + - user - billing - help - - user nagios_test_user: password: CsdFzBeYX6bepZdbzvaN6Dbu5NPz6Ycv username: nagios_test @@ -766,4 +741,3 @@ x509: /76btyS2OfJe1Jcz43JX5/RD90q3Uo6Yi0j4NZwQb6TvFRyXnW5p2g== -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/hiera/web1.yaml b/hiera/web1.yaml index 8fed05a..cd0130b 100644 --- a/hiera/web1.yaml +++ b/hiera/web1.yaml @@ -124,10 +124,10 @@ development: site_config: true dns: aliases: - - api.bitmask.net + - web1.bitmask.net - bitmask.net + - api.bitmask.net - nicknym.bitmask.net - - web1.bitmask.net public: true domain: full: web1.bitmask.net @@ -138,21 +138,17 @@ domain: enabled: true environment: local haproxy: - couch: - listen_port: 4096 - servers: - couch1: - backup: false - host: localhost - port: 4000 - weight: 10 - writable: true - couch2: - backup: false - host: localhost - port: 4001 - weight: 10 - writable: true + servers: + couch1: + backup: false + host: localhost + port: 4000 + weight: 10 + couch2: + backup: false + host: localhost + port: 4001 + weight: 10 hosts: couch1: domain_full: couch1.bitmask.net @@ -179,9 +175,6 @@ nickserver: username: nickserver domain: nicknym.bitmask.net port: 6425 -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - webapp @@ -223,33 +216,28 @@ ssh: ports: "60000:61000" port: 22 stunnel: - clients: - couch_client: - couch1_5984: - accept_port: 4000 - connect: couch1.bitmask.i - connect_port: 15984 - original_port: 5984 - couch2_5984: - accept_port: 4001 - connect: couch2.bitmask.i - connect_port: 15984 - original_port: 5984 - servers: {} + couch_client: + couch1_5984: + accept_port: 4000 + connect: couch1.bitmask.i + connect_port: 15984 + couch2_5984: + accept_port: 4001 + connect: couch2.bitmask.i + connect_port: 15984 tags: - local webapp: admins: - - azul - elijah + - varac + - micah - kwadronaut - mcnair - meanderingcode - - micah - - varac + - azul allow_anonymous_certs: false allow_limited_certs: false - allow_registration: true allow_unlimited_certs: true api_version: 1 client_certificates: @@ -265,29 +253,16 @@ webapp: password: pg9XGGdt4Dr3WcM9PYDqMmxxKHTpvsc9 salt: 7e8868f8c4775290fd37d2f520d13672 username: webapp - customization_dir: /srv/leap/files/webapp/ + customization_dir: /etc/leap/files/webapp/ default_service_level: 1 domain: bitmask.net - engines: - - support - forbidden_usernames: - - admin - - administrator - - arin-admin - - certmaster - - contact - - info - - maildrop - - postmaster - - ssladmin - - www-data git: revision: origin/master source: "https://leap.se/git/leap_web" modules: + - user - billing - help - - user nagios_test_user: password: uI_cYvPGNDZrcXTVLH_x88QFWjJ2yCZT username: nagios_test @@ -721,4 +696,3 @@ x509: E4LfGgOC9CfxpTJOZIJM/4jTiozg/fVedFIuAqdDpgKAUiWNBbhheQ== -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/secrets.json b/secrets.json index de79387..6030ef7 100644 --- a/secrets.json +++ b/secrets.json @@ -7,8 +7,6 @@ "couch_leap_mx_password_salt": "b80d3038cfaa3bd0802dc140752d0dc6", "couch_nickserver_password": "vjJAZqxPL4BeGKAEUVuBVK5MIba_aIY5", "couch_nickserver_password_salt": "eab38a050b5eb2569549f8e50cab9034", - "couch_replication_password": "gxbjRLwwDW5bQQx9MpbjNaqF_KdMbCng", - "couch_replication_password_salt": "751525d259cb7ec8e536b7caa21bb23c", "couch_soledad_password": "MrUyYGnT_44NUyBAm46L3GCLPHKVZ_De", "couch_soledad_password_salt": "ac15331e0c098126e04ecf7a21045079", "couch_tapicero_password": "Gds68vK4JyZzPkUcEzBVEXdEFXq3jaFp", @@ -26,8 +24,6 @@ "couch_leap_mx_password_salt": "44cebadcb0fffe36a13d88091aaffeb9", "couch_nickserver_password": "CyhRSafC4SUGQ9F762Qfv3TPQDqTjn2G", "couch_nickserver_password_salt": "e3ee9259723d0cbd8b3265dbe8b4e21e", - "couch_replication_password": "gPFMMKdZaTHF24nQGYQTDHkAduQcarBm", - "couch_replication_password_salt": "215a1f508e2b564978f98e43231e1506", "couch_soledad_password": "cGqWZqTdFc_fuSZvfPtUTL_7uMA6d5YC", "couch_soledad_password_salt": "514355e86f1d3fa4de42b677de21281d", "couch_tapicero_password": "4JUh6VMj9Z9RmBLhNBGGkKqnYEYbxuba", @@ -35,10 +31,6 @@ "couch_webapp_password": "LH5DH5rbLZs7zuCaIgWpDAetDpLvUAHg", "couch_webapp_password_salt": "c632af58769857bcdf108b46da9eaa44", "nagios_test_password": "CsdFzBeYX6bepZdbzvaN6Dbu5NPz6Ycv", - "scramblesuit_password_hippo": "ONLW2MTQJJ4HUU3WGNVEC42JIF4XEWDS", - "scramblesuit_password_millipede": "JFEV6NCYIV3FMV2CIZBVMNDCPJDUGUKE", - "scramblesuit_port_hippo": 18943, - "scramblesuit_port_millipede": 19538, "tor_family": "bagtc8Z3KPmfnTUTJhZeJ4TrIECfHHRr", "webapp_secret_token": "GgKvW3NhAKwgvQuMAzdHhLDBh3g3u5Xd" }, @@ -50,8 +42,8 @@ "couch_leap_mx_password_salt": "79fd6d71c94a1aaf44cefc84a5a748dc", "couch_nickserver_password": "VH7PcCGPLAIy8WHcLIJxVKnUpR7A2EuM", "couch_nickserver_password_salt": "70bcff5aeb5a7ed22a96a4b43790965f", - "couch_replication_password": "_mVfcIyFV_vfRFUvpNmAWYn_9KUxJ7Pv", - "couch_replication_password_salt": "b53363c123da0677255bd93ec1627db7", + "couch_replication_password": "B7LFWg7x7AQRIXdxGmsd4MjfQISB_EZj", + "couch_replication_password_salt": "868afc4ca18138cc256f57ff2a3c99a5", "couch_soledad_password": "PgrbUREhqBGY4r4XIXQEgkk3jTH4sEJA", "couch_soledad_password_salt": "e3bec4f7126db333ce796beabd322244", "couch_tapicero_password": "rZ8MYBTj8fHZDxI7awS927cnhE8qbrBC", @@ -59,8 +51,8 @@ "couch_webapp_password": "PvRAdP9JrjS8qRsNCpyQ_KVDBTgTNGkY", "couch_webapp_password_salt": "86497f034c8ef09b097f5c757ab038b7", "nagios_test_password": "zvzLB64_Z_5ZL5xvI5MfpUCP3b7gKzhP", - "scramblesuit_password_snail": "OY3FIR2JIJ3WEWRYPJRVS5SGOJLEG3SU", - "scramblesuit_port_snail": 24218, + "scramblesuit_password_snail": "OZ3FOSKQKR3EUTCZPJWTEZKWMVGVCNZZ", + "scramblesuit_port_snail": 27889, "tor_family": "uSaR9IekHdQGUGIRrdThPFW64_JYgEnr", "webapp_secret_token": "_DLZ7e9YhU_d3HDCWFzCMd3WnC4QaP__" }, @@ -72,8 +64,6 @@ "couch_leap_mx_password_salt": "071d214afa9e7cfb9cba66575817f6fe", "couch_nickserver_password": "bJFrsP5dXGuegQIT5jZXMYMITpT5w5YR", "couch_nickserver_password_salt": "73567fc12c27a79152620084e97b4fba", - "couch_replication_password": "fbZMru8SZ9UhaHXYRW2f9RVCjJmBwBuJ", - "couch_replication_password_salt": "b2716ac90f4e9dd7b2a088d2765ae374", "couch_soledad_password": "E9at8FUjuxTEJEPEvACk9DWjWnR5rbKp", "couch_soledad_password_salt": "e2b6fa1a29b1afbe1ea4a3f7ec5bacc7", "couch_tapicero_password": "fCffkJygcPHSRmTePxXeAMSP6uQSQKnR", @@ -82,8 +72,6 @@ "couch_webapp_password_salt": "7e8868f8c4775290fd37d2f520d13672", "nagios_admin_password": "Y_uRtQby7LtwXxFRhIv_qVVrwWHzYrQq", "nagios_test_password": "uI_cYvPGNDZrcXTVLH_x88QFWjJ2yCZT", - "scramblesuit_password_vpn1": "K5HEYZTLIVIDIUDZKF2EE2BZKNTGCSSF", - "scramblesuit_port_vpn1": 22735, "tor_family": "p_PXtPbHH5BVHVE2GamSuwjaKVYQjJKS", "webapp_secret_token": "btsFN6UD9nfP4SAWDYMmuMkgRTL5WW7E" }, @@ -95,8 +83,6 @@ "couch_leap_mx_password_salt": "b4ac83520fa38b3acb722984fe5e3343", "couch_nickserver_password": "PzzQwxCvQLZUxRdS2jshMPN37Ps4qtbH", "couch_nickserver_password_salt": "b54d7b0f595d7318d961c636fb8f5530", - "couch_replication_password": "LZg8s_Z6FCg2MZRQYjkYeE6arCIU2pCw", - "couch_replication_password_salt": "b004ef682f926531fdda36e26d48c4fa", "couch_soledad_password": "35MzsnEEAeHTVNhI_FaCFNS5bhd7RGEf", "couch_soledad_password_salt": "7f725f3cc60c388e9af8140555e09dfa", "couch_tapicero_password": "VwgddQnXRJrbYpZaU3eIcxUHyXJPMIxI", @@ -105,8 +91,6 @@ "couch_webapp_password_salt": "478bf7e8ca879a9711b279055f00153e", "nagios_admin_password": "r35FbwIuktJZXFfbnrVxCh8StDnIzhXj", "nagios_test_password": "SvVjM5NCe2RF6XwTtZ7dGxAZ7E7KeSNS", - "scramblesuit_password_seahorse": "K52VQ53KKNVFE2TLLJKFS3SYKRKEENTO", - "scramblesuit_port_seahorse": 22088, "webapp_secret_token": "aC9zAs6X5YE_9EC_RQckGCFkKfJ4vTAJ" } } |