diff options
| author | Micah Anderson <micah@riseup.net> | 2014-12-02 09:16:42 -0500 |
|---|---|---|
| committer | Micah Anderson <micah@riseup.net> | 2014-12-03 15:14:28 -0500 |
| commit | 40cd096ce2f683b5d8e6a6d51b7d8ebc152248d4 (patch) | |
| tree | 30fcd88c1e2baaa0005ca2903b503ebe4ca4d84f | |
| parent | 77fe6470e43edb81e9e9c5e21d695655684ec36a (diff) | |
leap compile
| -rw-r--r-- | hiera/canvasback.yaml | 69 | ||||
| -rw-r--r-- | hiera/chipmonk.yaml | 78 | ||||
| -rw-r--r-- | hiera/couch1.yaml | 3 | ||||
| -rw-r--r-- | hiera/couch2.yaml | 3 | ||||
| -rw-r--r-- | hiera/frog.yaml | 10 | ||||
| -rw-r--r-- | hiera/gadwall.yaml | 39 | ||||
| -rw-r--r-- | hiera/monitor1.yaml | 8 | ||||
| -rw-r--r-- | hiera/mx1.yaml | 3 | ||||
| -rw-r--r-- | hiera/web1.yaml | 3 |
9 files changed, 147 insertions, 69 deletions
diff --git a/hiera/canvasback.yaml b/hiera/canvasback.yaml index 4980fcf..2809bed 100644 --- a/hiera/canvasback.yaml +++ b/hiera/canvasback.yaml @@ -7,13 +7,6 @@ contacts: definition_files: eip_service: |- { - "gateways": [ - - ], - "locations": { - - }, - "openvpn_configuration": null, "serial": 1, "version": 1 } @@ -105,9 +98,9 @@ development: site_config: true dns: aliases: + - api.cdev.bitmask.net - canvasback.cdev.bitmask.net - cdev.bitmask.net - - api.cdev.bitmask.net - nicknym.cdev.bitmask.net public: true domain: @@ -119,23 +112,28 @@ domain: enabled: true environment: clientdev haproxy: - servers: - gadwall: - backup: false - host: localhost - port: 4000 - weight: 100 + couch: + listen_port: 4096 + servers: + gadwall: + backup: false + host: localhost + port: 4000 + weight: 100 + writable: true hosts: chipmonk: domain_full: chipmonk.cdev.bitmask.net domain_internal: chipmonk.cdev.bitmask.i host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDyqIb8/kigC0IUCVFlIKmhp5+C/P2W7d71jMX6ZK9XAzRzxFdMmcvn5H6ypUsLWQ7r327nD1bRupKiYdmPWrWk=" ip_address: "192.168.5.19" + port: 22 gadwall: domain_full: gadwall.cdev.bitmask.net domain_internal: gadwall.cdev.bitmask.i host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBC4ycn7GabjeeewBmzTUbH+rZjRQV9seFmqbW2o5cE4jLsbPIMcMRRwLhA7TfIRLL7bLyuRNUWXwOqKZb/Psiog=" ip_address: "192.168.5.5" + port: 22 ip_address: "199.119.112.4" location: country_code: US @@ -153,6 +151,9 @@ nickserver: username: nickserver domain: nicknym.cdev.bitmask.net port: 6425 +platform: + major_version: "0.6" + version: "0.6" service_type: public_service services: - webapp @@ -193,25 +194,29 @@ ssh: ports: "60000:61000" port: 22 stunnel: - couch_client: - gadwall_5984: - accept_port: 4000 - connect: gadwall.cdev.bitmask.i - connect_port: 15984 + clients: + couch_client: + gadwall_5984: + accept_port: 4000 + connect: gadwall.cdev.bitmask.i + connect_port: 15984 + original_port: 5984 + servers: {} tags: - clientdev - dc webapp: admins: + - azul - elijah - - varac - - micah - kwadronaut - mcnair - meanderingcode - - azul + - micah + - varac allow_anonymous_certs: false allow_limited_certs: false + allow_registration: true allow_unlimited_certs: true api_version: 1 client_certificates: @@ -227,16 +232,29 @@ webapp: password: _CatyL3Ienc4wRrfPubrhyfYCFmCyt9t salt: 1c1dd6eb78f027414f1638bd6c902a5a username: webapp - customization_dir: /etc/leap/files/webapp/ + customization_dir: /srv/leap/files/webapp/ default_service_level: 1 domain: cdev.bitmask.net + engines: + - support + forbidden_usernames: + - admin + - administrator + - arin-admin + - certmaster + - contact + - info + - maildrop + - postmaster + - ssladmin + - www-data git: - revision: origin/master + revision: origin/version/0.6 source: "https://leap.se/git/leap_web" modules: - - user - billing - help + - user nagios_test_user: password: HpR8dKsLPnYXjQaHXfC3rP_dM3CpXKIL username: nagios_test @@ -549,3 +567,4 @@ x509: QJ+JGFsRME7FZQr9oetc7XefTczI1a0ENLiVTDeTgi4g2mqly3uSIg== -----END RSA PRIVATE KEY----- use: true + use_commercial: true diff --git a/hiera/chipmonk.yaml b/hiera/chipmonk.yaml index 167f258..2eb4dd4 100644 --- a/hiera/chipmonk.yaml +++ b/hiera/chipmonk.yaml @@ -18,23 +18,28 @@ domain: enabled: true environment: clientdev haproxy: - servers: - gadwall: - backup: false - host: localhost - port: 4000 - weight: 100 + couch: + listen_port: 4096 + servers: + gadwall: + backup: false + host: localhost + port: 4000 + weight: 100 + writable: true hosts: chipmonk: domain_full: chipmonk.cdev.bitmask.net domain_internal: chipmonk.cdev.bitmask.i host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDyqIb8/kigC0IUCVFlIKmhp5+C/P2W7d71jMX6ZK9XAzRzxFdMmcvn5H6ypUsLWQ7r327nD1bRupKiYdmPWrWk=" ip_address: "192.168.5.19" + port: 22 gadwall: domain_full: gadwall.cdev.bitmask.net domain_internal: gadwall.cdev.bitmask.i host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBC4ycn7GabjeeewBmzTUbH+rZjRQV9seFmqbW2o5cE4jLsbPIMcMRRwLhA7TfIRLL7bLyuRNUWXwOqKZb/Psiog=" ip_address: "192.168.5.5" + port: 22 ip_address: "199.119.112.19" location: country_code: US @@ -45,38 +50,41 @@ mail: smarthost: [] mynetworks: - "176.53.69.127" - - "199.119.112.9" - - "192.168.5.9" - - "176.53.69.23" - - "199.119.112.5" - - "192.168.5.5" + - "176.53.69.13" + - "176.53.69.14" - "176.53.69.21" - - "204.13.164.171" - - "199.119.112.10" + - "176.53.69.22" + - "176.53.69.23" - "192.168.5.10" - - "198.252.153.83" - - "199.119.112.12" - "192.168.5.12" - - "204.13.164.162" - - "198.252.153.82" - - "199.119.112.16" - "192.168.5.16" - - "204.13.164.57" - - "176.53.69.14" - - "199.119.112.19" - "192.168.5.19" - - "176.53.69.13" - - "202.85.227.195" - - "199.119.112.23" - "192.168.5.23" - - "85.17.92.143" - - "176.53.69.22" - - "199.119.112.4" - "192.168.5.4" + - "192.168.5.5" + - "192.168.5.8" + - "192.168.5.9" + - "198.252.153.82" + - "198.252.153.83" - "198.252.153.85" + - "199.119.112.10" + - "199.119.112.12" + - "199.119.112.16" + - "199.119.112.19" + - "199.119.112.23" + - "199.119.112.4" + - "199.119.112.5" - "199.119.112.8" - - "192.168.5.8" + - "199.119.112.9" + - "202.85.227.195" + - "204.13.164.162" + - "204.13.164.171" + - "204.13.164.57" + - "85.17.92.143" name: chipmonk +platform: + major_version: "0.6" + version: "0.6" service_type: user_service services: - mx @@ -117,11 +125,14 @@ ssh: ports: "60000:61000" port: 22 stunnel: - couch_client: - gadwall_5984: - accept_port: 4000 - connect: gadwall.cdev.bitmask.i - connect_port: 15984 + clients: + couch_client: + gadwall_5984: + accept_port: 4000 + connect: gadwall.cdev.bitmask.i + connect_port: 15984 + original_port: 5984 + servers: {} tags: - clientdev - dc @@ -426,3 +437,4 @@ x509: c9OAySi7JcI0Pl9/ilUtc53EpsalTEaN3uuFlQoL8A8OKxabskS9bw== -----END RSA PRIVATE KEY----- use: true + use_commercial: true diff --git a/hiera/couch1.yaml b/hiera/couch1.yaml index 9ab700b..efb624d 100644 --- a/hiera/couch1.yaml +++ b/hiera/couch1.yaml @@ -59,14 +59,17 @@ hosts: domain_full: couch1.bitmask.net domain_internal: couch1.bitmask.i ip_address: "10.5.5.44" + port: 22 couch2: domain_full: couch2.bitmask.net domain_internal: couch2.bitmask.i ip_address: "10.5.5.52" + port: 22 mx1: domain_full: mx1.bitmask.net domain_internal: mx1.bitmask.i ip_address: "10.5.5.51" + port: 22 ip_address: "10.5.5.44" location: ~ mail: diff --git a/hiera/couch2.yaml b/hiera/couch2.yaml index 80c365c..69aa2eb 100644 --- a/hiera/couch2.yaml +++ b/hiera/couch2.yaml @@ -59,14 +59,17 @@ hosts: domain_full: couch1.bitmask.net domain_internal: couch1.bitmask.i ip_address: "10.5.5.44" + port: 22 couch2: domain_full: couch2.bitmask.net domain_internal: couch2.bitmask.i ip_address: "10.5.5.52" + port: 22 mx1: domain_full: mx1.bitmask.net domain_internal: mx1.bitmask.i ip_address: "10.5.5.51" + port: 22 ip_address: "10.5.5.52" location: ~ mail: diff --git a/hiera/frog.yaml b/hiera/frog.yaml index bfa81a1..3c880d9 100644 --- a/hiera/frog.yaml +++ b/hiera/frog.yaml @@ -19,6 +19,9 @@ location: ~ mail: smarthost: [] name: frog +platform: + major_version: "0.6" + version: "0.6" service_type: public_service services: - static @@ -324,6 +327,9 @@ static: tls_only: true formats: - amber +stunnel: + clients: {} + servers: {} tags: - production x509: @@ -388,6 +394,9 @@ x509: do1tnppn3G1Y2EW18zztBS+pykt5+kFJdDAfC5tL3SNh2er+croopzn/pg7NMaS8 7ri/3hdHttbqDQjAxbQPl1CkpyxgKbQQyPVXAMfm1xUVtw== -----END CERTIFICATE----- + commercial_ca_cert: ~ + commercial_cert: ~ + commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEpQIBAAKCAQEAw7CiUKaxU165suQ0h2/r3qWePJ6M7AE2rVNgQSi3w0EmYlKi @@ -417,3 +426,4 @@ x509: F0ZIjOlu8zvQIl+L9tpmtEELTG+8LMyycvh0bPq9baY/LhTvnFKzMHE= -----END RSA PRIVATE KEY----- use: true + use_commercial: false diff --git a/hiera/gadwall.yaml b/hiera/gadwall.yaml index 096acff..4949fa1 100644 --- a/hiera/gadwall.yaml +++ b/hiera/gadwall.yaml @@ -7,6 +7,8 @@ couch: ednp_port: 9002 epmd_port: 4369 neighbors: [] + master: false + mode: multimaster port: 5984 users: admin: @@ -21,6 +23,10 @@ couch: password: vjJAZqxPL4BeGKAEUVuBVK5MIba_aIY5 salt: eab38a050b5eb2569549f8e50cab9034 username: nickserver + replication: + password: CGcAbvXcXuGRUJE_WSj6TEw6cJxNHRtu + salt: d124d33d15f0171cead41d238e58ec9e + username: replication soledad: password: MrUyYGnT_44NUyBAm46L3GCLPHKVZ_De salt: ac15331e0c098126e04ecf7a21045079 @@ -53,11 +59,13 @@ hosts: domain_internal: chipmonk.cdev.bitmask.i host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDyqIb8/kigC0IUCVFlIKmhp5+C/P2W7d71jMX6ZK9XAzRzxFdMmcvn5H6ypUsLWQ7r327nD1bRupKiYdmPWrWk=" ip_address: "192.168.5.19" + port: 22 gadwall: domain_full: gadwall.cdev.bitmask.net domain_internal: gadwall.cdev.bitmask.i host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBC4ycn7GabjeeewBmzTUbH+rZjRQV9seFmqbW2o5cE4jLsbPIMcMRRwLhA7TfIRLL7bLyuRNUWXwOqKZb/Psiog=" ip_address: "192.168.5.5" + port: 22 ip_address: "199.119.112.5" location: country_code: US @@ -68,6 +76,9 @@ mail: smarthost: - chipmonk.cdev.bitmask.net name: gadwall +platform: + major_version: "0.6" + version: "0.6" service_type: public_service services: - couchdb @@ -116,17 +127,19 @@ ssh: ports: "60000:61000" port: 22 stunnel: - couch_server: - accept: 15984 - connect: "127.0.0.1:5984" - ednp_clients: {} - ednp_server: - accept: 19002 - connect: "127.0.0.1:9002" - epmd_clients: {} - epmd_server: - accept: 14369 - connect: "127.0.0.1:4369" + clients: + ednp_clients: {} + epmd_clients: {} + servers: + couch_server: + accept_port: 15984 + connect_port: 5984 + ednp_server: + accept_port: 19002 + connect_port: 9002 + epmd_server: + accept_port: 14369 + connect_port: 4369 tags: - clientdev - dc @@ -193,6 +206,9 @@ x509: jAR3FCr8Vvm4UoDbxvF4jeg+6Bd1D1Pz5lsMd5q/LHSk8nuTB+y2B6x96Q9/VkNc 14teuyf5AarZxA== -----END CERTIFICATE----- + commercial_ca_cert: ~ + commercial_cert: ~ + commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEA0Jt1sr/RTOJ8ue70yqv2qLeo4mAVPaZsGgtkh6l5eMrTGCOH @@ -222,3 +238,4 @@ x509: C917/dIQt48xJFBcX1oRHcFoakIVB4+h41Bc8mS09cR29Og8+JPP -----END RSA PRIVATE KEY----- use: true + use_commercial: false diff --git a/hiera/monitor1.yaml b/hiera/monitor1.yaml index 9071644..5e93913 100644 --- a/hiera/monitor1.yaml +++ b/hiera/monitor1.yaml @@ -18,34 +18,42 @@ hosts: domain_full: couch1.bitmask.net domain_internal: couch1.bitmask.i ip_address: "10.5.5.44" + port: 22 couch2: domain_full: couch2.bitmask.net domain_internal: couch2.bitmask.i ip_address: "10.5.5.52" + port: 22 monitor1: domain_full: monitor1.bitmask.net domain_internal: monitor1.bitmask.i ip_address: "10.5.5.49" + port: 22 mx1: domain_full: mx1.bitmask.net domain_internal: mx1.bitmask.i ip_address: "10.5.5.51" + port: 22 plain1: domain_full: plain1.bitmask.net domain_internal: plain1.bitmask.i ip_address: "10.5.5.53" + port: 22 tor1: domain_full: tor1.bitmask.net domain_internal: tor1.bitmask.i ip_address: "10.5.5.50" + port: 22 vpn1: domain_full: vpn1.bitmask.net domain_internal: vpn1.bitmask.i ip_address: "10.5.5.45" + port: 22 web1: domain_full: web1.bitmask.net domain_internal: web1.bitmask.i ip_address: "10.5.5.47" + port: 22 ip_address: "10.5.5.49" location: ~ mail: diff --git a/hiera/mx1.yaml b/hiera/mx1.yaml index 9bf16bc..95a524e 100644 --- a/hiera/mx1.yaml +++ b/hiera/mx1.yaml @@ -38,14 +38,17 @@ hosts: domain_full: couch1.bitmask.net domain_internal: couch1.bitmask.i ip_address: "10.5.5.44" + port: 22 couch2: domain_full: couch2.bitmask.net domain_internal: couch2.bitmask.i ip_address: "10.5.5.52" + port: 22 mx1: domain_full: mx1.bitmask.net domain_internal: mx1.bitmask.i ip_address: "10.5.5.51" + port: 22 ip_address: "10.5.5.51" location: ~ mail: diff --git a/hiera/web1.yaml b/hiera/web1.yaml index 62f15c1..0cbf146 100644 --- a/hiera/web1.yaml +++ b/hiera/web1.yaml @@ -158,14 +158,17 @@ hosts: domain_full: couch1.bitmask.net domain_internal: couch1.bitmask.i ip_address: "10.5.5.44" + port: 22 couch2: domain_full: couch2.bitmask.net domain_internal: couch2.bitmask.i ip_address: "10.5.5.52" + port: 22 mx1: domain_full: mx1.bitmask.net domain_internal: mx1.bitmask.i ip_address: "10.5.5.51" + port: 22 ip_address: "10.5.5.47" location: ~ mail: |