diff options
| author | Micah Anderson <micah@riseup.net> | 2017-04-25 19:32:11 -0400 |
|---|---|---|
| committer | Micah Anderson <micah@riseup.net> | 2017-04-25 19:32:11 -0400 |
| commit | b69dde3981d93d3e2585de4b47ac74baa1c33830 (patch) | |
| tree | 96a47a223108e9470e1a6525dc3e1ddf02d533f4 /hiera | |
| parent | d4171c00773e1ca8b05cf9c1be23d1227d9bd9af (diff) | |
switch demo to demovpn and add a demomail tag/environment
Diffstat (limited to 'hiera')
| -rw-r--r-- | hiera/alpaca.yaml | 15 | ||||
| -rw-r--r-- | hiera/ant.yaml | 43 | ||||
| -rw-r--r-- | hiera/demodex.yaml | 2 | ||||
| -rw-r--r-- | hiera/donkey.yaml | 10 | ||||
| -rw-r--r-- | hiera/dotterel.yaml | 3 | ||||
| -rw-r--r-- | hiera/giraffe.yaml | 3 | ||||
| -rw-r--r-- | hiera/leech.yaml | 46 | ||||
| -rw-r--r-- | hiera/lynx.yaml | 15 | ||||
| -rw-r--r-- | hiera/millipede.yaml | 21 | ||||
| -rw-r--r-- | hiera/orangutan.yaml | 1 | ||||
| -rw-r--r-- | hiera/otter.yaml | 26 |
11 files changed, 86 insertions, 99 deletions
diff --git a/hiera/alpaca.yaml b/hiera/alpaca.yaml index 8bdc758..d9c8306 100644 --- a/hiera/alpaca.yaml +++ b/hiera/alpaca.yaml @@ -43,6 +43,7 @@ couchdb_leap_mx_user: password: kh8Md4qQZupTX4qAYZDHP8LAXWFIkwkq salt: b89cc440b6866bf25bba69d8ee22fc9d username: leap_mx +couchdb_port: 5984 definition_files: eip_service: |- { @@ -175,16 +176,6 @@ firewall: - 6425 - 80 to: "199.119.112.223" -haproxy: - couch: - listen_port: 4096 - servers: - alpaca: - backup: false - host: localhost - port: 5984 - weight: 100 - writable: true hosts: alpaca: aliases: @@ -230,6 +221,7 @@ mynetworks: - "37.218.242.213" - "37.218.242.214" - "37.218.242.215" + - "37.218.247.46" - "46.165.242.166" name: alpaca nickserver: @@ -274,6 +266,7 @@ sources: platform: apt: basic: "http://deb.leap.se/0.9" + component: snapshots soledad: package: soledad-server revision: latest @@ -341,6 +334,7 @@ stunnel: connect_port: 5984 tags: - dc + - demomail - mail testing: api_hosts: @@ -380,6 +374,7 @@ webapp: password: 5sICnwb5QCVHBcETILBhE8qUsZaF7Cuw salt: 402b758e70fc5ab21509fcb46df37f09 username: admin + couchdb_port: 5984 couchdb_webapp_user: password: BUHSRknNYnLEzQHuLesseraW8WZ9IMpM salt: 1d0e3f0b126a69e19a1f6109fe8e2e40 diff --git a/hiera/ant.yaml b/hiera/ant.yaml index d1decd9..b4324b4 100644 --- a/hiera/ant.yaml +++ b/hiera/ant.yaml @@ -7,31 +7,31 @@ couch: port: 5984 users: admin: - password: hfY4x7epQ7BrULbZJRgu5KKk4gR_J2AW - salt: e1dca99375c513be477295f141b9f032 + password: PPWxBEwVQTvruUKKwWsdnuwxWrYD2uDP + salt: 85b233308446aaf350893a26731c3af4 username: admin leap_mx: - password: RcW_Xm2ERaZruapjSqQkhGeGIKgFLzML - salt: 44cebadcb0fffe36a13d88091aaffeb9 + password: 8QUjjrXKk42anruuX73faYqHSesVgPsx + salt: 0db4e8db34b7647878a30476626d045f username: leap_mx nickserver: - password: CyhRSafC4SUGQ9F762Qfv3TPQDqTjn2G - salt: e3ee9259723d0cbd8b3265dbe8b4e21e + password: RakzTLdLzUerZc5ZqJNNjgUe9pLEVAaa + salt: 503757ff7b6528afba49d3a625a82729 username: nickserver replication: - password: 43IaTkRV_5bE2YgX6gPpCVcPsgKYEQ3t - salt: b9fc41d96052687645540af0ba178b83 + password: qshRqAumawP9CdpgCcYeYaSXkQBVe73m + salt: e2ae71e191fd4f2e3fd1eb0b2db35d8c username: replication soledad: - password: cGqWZqTdFc_fuSZvfPtUTL_7uMA6d5YC - salt: 514355e86f1d3fa4de42b677de21281d + password: w29RPSvfv9kYrEBPgS3D4ULkBzE755MI + salt: 2aabd64f30d5f72fcc93055e5de0deb7 username: soledad webapp: - password: LH5DH5rbLZs7zuCaIgWpDAetDpLvUAHg - salt: c632af58769857bcdf108b46da9eaa44 + password: EuxvQQJpHdKNzugx9qR9QCsRgZnYfJE2 + salt: 296e9cb713018afb02273d68213ec8f5 username: webapp webapp: - nagios_test_pw: CsdFzBeYX6bepZdbzvaN6Dbu5NPz6Ycv + nagios_test_pw: asDCV5RKzagaU2SHjXV8FtMbSwbYWxDe development: site_config: true dns: @@ -43,7 +43,7 @@ domain: internal_suffix: demo.bitmask.i name: ant.demo.bitmask.i enabled: true -environment: demo +environment: demovpn firewall: ssh: from: sysadmin @@ -71,8 +71,8 @@ mail: smarthost: [] name: ant platform: - major_version: "0.9" - version: "0.9" + major_version: "0.10" + version: "0.10" service_type: internal_service services: - couchdb @@ -86,18 +86,19 @@ sources: revision: latest type: apt nickserver: - revision: origin/version/0.9 + revision: origin/master source: "https://leap.se/git/nickserver" type: git platform: apt: - basic: "http://deb.leap.se/0.9" + basic: "http://deb.leap.se/platform" + component: snapshots soledad: package: soledad-server revision: latest type: apt webapp: - revision: origin/version/0.8 + revision: origin/master source: "https://leap.se/git/leap_web" type: git ssh: @@ -157,13 +158,13 @@ stunnel: accept_port: 15984 connect_port: 5984 tags: - - demo + - demovpn - seattle testing: api_hosts: - leech.demo.bitmask.net api_uri: "https://api.demo.bitmask.net:4430/1" - monitor_auth_token: pvUz85Prt4jXF5aypSaBVeyeHBgHDcj5 + monitor_auth_token: XeX4E2eha2rbcfpPRbHpvcKbxDAZBMNK x509: ca_cert: | -----BEGIN CERTIFICATE----- diff --git a/hiera/demodex.yaml b/hiera/demodex.yaml index 4c8af66..4eb72eb 100644 --- a/hiera/demodex.yaml +++ b/hiera/demodex.yaml @@ -116,7 +116,7 @@ stunnel: clients: {} servers: {} tags: - - demo + - demovpn - development - seattle x509: diff --git a/hiera/donkey.yaml b/hiera/donkey.yaml index 1ea20b4..eba321f 100644 --- a/hiera/donkey.yaml +++ b/hiera/donkey.yaml @@ -338,7 +338,7 @@ nagios: contact_emails: - drebs@leap.se - sysdev@leap.se - demo: + demovpn: contact_emails: - elijah@leap.se - sysdev@leap.se @@ -385,7 +385,7 @@ nagios: domain_full_suffix: demo.bitmask.net domain_internal: ant.demo.bitmask.i domain_internal_suffix: demo.bitmask.i - environment: demo + environment: demovpn ip_address: "198.252.153.82" services: - couchdb @@ -470,7 +470,7 @@ nagios: domain_full_suffix: demo.bitmask.net domain_internal: leech.demo.bitmask.i domain_internal_suffix: demo.bitmask.i - environment: demo + environment: demovpn ip_address: "198.252.153.85" services: - webapp @@ -489,7 +489,7 @@ nagios: domain_full_suffix: demo.bitmask.net domain_internal: millipede.demo.bitmask.i domain_internal_suffix: demo.bitmask.i - environment: demo + environment: demovpn ip_address: "198.252.153.83" openvpn_gateway_address: "198.252.153.84" services: @@ -520,7 +520,7 @@ nagios: domain_full_suffix: demo.bitmask.net domain_internal: otter.demo.bitmask.i domain_internal_suffix: demo.bitmask.i - environment: demo + environment: demovpn ip_address: "46.165.242.166" openvpn_gateway_address: "46.165.242.169" services: diff --git a/hiera/dotterel.yaml b/hiera/dotterel.yaml index 47ce6ad..ead3555 100644 --- a/hiera/dotterel.yaml +++ b/hiera/dotterel.yaml @@ -123,13 +123,14 @@ tor: contacts: - micah@leap.se - sysdev@leap.se - family: "dottereluSaR9IekHdQ,otterbagtc8Z3KPmfnT" + family: "dottereluSaR9IekHdQ,otterdVuPt9yFz8SpKm" hidden_service: active: ~ address: ~ key_type: RSA private_key: ~ public_key: ~ + single_hop: false nickname: dottereluSaR9IekHdQ type: exit x509: diff --git a/hiera/giraffe.yaml b/hiera/giraffe.yaml index 5c1a750..5d84513 100644 --- a/hiera/giraffe.yaml +++ b/hiera/giraffe.yaml @@ -105,7 +105,8 @@ sources: type: git platform: apt: - basic: "http://deb.leap.se/experimental-0.9" + basic: "http://deb.leap.se/experimental-platform" + component: snapshots soledad: package: soledad-server revision: latest diff --git a/hiera/leech.yaml b/hiera/leech.yaml index 5ce67d2..c3fa178 100644 --- a/hiera/leech.yaml +++ b/hiera/leech.yaml @@ -158,7 +158,7 @@ domain: internal_suffix: demo.bitmask.i name: leech.demo.bitmask.net enabled: true -environment: demo +environment: demovpn firewall: ssh: from: sysadmin @@ -173,16 +173,6 @@ firewall: - 6425 - 80 to: "198.252.153.85" -haproxy: - couch: - listen_port: 4096 - servers: - ant: - backup: false - host: localhost - port: 4000 - weight: 100 - writable: true hosts: ant: domain_full: ant.demo.bitmask.net @@ -201,14 +191,14 @@ mail: name: leech nickserver: couchdb_nickserver_user: - password: CyhRSafC4SUGQ9F762Qfv3TPQDqTjn2G - salt: e3ee9259723d0cbd8b3265dbe8b4e21e + password: RakzTLdLzUerZc5ZqJNNjgUe9pLEVAaa + salt: 503757ff7b6528afba49d3a625a82729 username: nickserver domain: nicknym.demo.bitmask.net port: 6425 platform: - major_version: "0.9" - version: "0.9" + major_version: "0.10" + version: "0.10" service_type: public_service services: - webapp @@ -222,18 +212,19 @@ sources: revision: latest type: apt nickserver: - revision: origin/version/0.9 + revision: origin/master source: "https://leap.se/git/nickserver" type: git platform: apt: - basic: "http://deb.leap.se/0.9" + basic: "http://deb.leap.se/platform" + component: snapshots soledad: package: soledad-server revision: latest type: apt webapp: - revision: origin/version/0.8 + revision: origin/master source: "https://leap.se/git/leap_web" type: git ssh: @@ -296,7 +287,7 @@ stunnel: original_port: 5984 servers: {} tags: - - demo + - demovpn - seattle webapp: admins: @@ -319,7 +310,7 @@ webapp: - "198.252.153.83" - "198.252.153.85" - "46.165.242.166" - monitor: pvUz85Prt4jXF5aypSaBVeyeHBgHDcj5 + monitor: XeX4E2eha2rbcfpPRbHpvcKbxDAZBMNK api_version: 1 client_certificates: bit_size: 2048 @@ -329,14 +320,15 @@ webapp: unlimited_prefix: UNLIMITED client_version: max: ~ - min: "0.7" + min: "0.9.4" couchdb_admin_user: - password: hfY4x7epQ7BrULbZJRgu5KKk4gR_J2AW - salt: e1dca99375c513be477295f141b9f032 + password: PPWxBEwVQTvruUKKwWsdnuwxWrYD2uDP + salt: 85b233308446aaf350893a26731c3af4 username: admin + couchdb_port: 4000 couchdb_webapp_user: - password: LH5DH5rbLZs7zuCaIgWpDAetDpLvUAHg - salt: c632af58769857bcdf108b46da9eaa44 + password: EuxvQQJpHdKNzugx9qR9QCsRgZnYfJE2 + salt: 296e9cb713018afb02273d68213ec8f5 username: webapp customization_dir: /srv/leap/files/webapp/ default_locale: en @@ -393,9 +385,9 @@ webapp: - help - user nagios_test_user: - password: CsdFzBeYX6bepZdbzvaN6Dbu5NPz6Ycv + password: asDCV5RKzagaU2SHjXV8FtMbSwbYWxDe username: nagios_test - secret_token: GgKvW3NhAKwgvQuMAzdHhLDBh3g3u5Xd + secret_token: EIzVM3Y5K4bzeKRf75ebeR7q9ndRKWVD secure: true service_levels: 1: diff --git a/hiera/lynx.yaml b/hiera/lynx.yaml index 79243e9..8f8ec45 100644 --- a/hiera/lynx.yaml +++ b/hiera/lynx.yaml @@ -14,6 +14,7 @@ couchdb_leap_mx_user: password: HJXaTzM5gChwwr5Ur3epyacegvXNIDYK salt: b80d3038cfaa3bd0802dc140752d0dc6 username: leap_mx +couchdb_port: 4000 definition_files: eip_service: |- { @@ -142,16 +143,6 @@ firewall: - 6425 - 80 to: "37.218.242.146" -haproxy: - couch: - listen_port: 4096 - servers: - giraffe: - backup: false - host: localhost - port: 4000 - weight: 100 - writable: true hosts: giraffe: domain_full: giraffe.cdev.bitmask.net @@ -237,7 +228,8 @@ sources: type: git platform: apt: - basic: "http://deb.leap.se/experimental-0.9" + basic: "http://deb.leap.se/experimental-platform" + component: snapshots soledad: package: soledad-server revision: latest @@ -347,6 +339,7 @@ webapp: password: abVQmkZubeAvncgcVSYRD4_pHANEItWb salt: a5a58ff4365be3113f19014ea3050129 username: admin + couchdb_port: 4000 couchdb_webapp_user: password: _CatyL3Ienc4wRrfPubrhyfYCFmCyt9t salt: 1c1dd6eb78f027414f1638bd6c902a5a diff --git a/hiera/millipede.yaml b/hiera/millipede.yaml index d2af465..cf3daae 100644 --- a/hiera/millipede.yaml +++ b/hiera/millipede.yaml @@ -13,7 +13,7 @@ domain: internal_suffix: demo.bitmask.i name: millipede.demo.bitmask.net enabled: true -environment: demo +environment: demovpn firewall: ssh: from: sysadmin @@ -23,7 +23,7 @@ firewall: vpn: from: "*" port: - - 22642 + - 19345 - "443" to: "198.252.153.84" hosts: {} @@ -39,8 +39,8 @@ name: millipede obfsproxy: gateway_address: "198.252.153.84" scramblesuit: - password: LBRG2TCRGVGFE42NLFJTM5SUKI2DIVCX - port: 22642 + password: OJUDKRKLMZJXIM3UNBTXMODRKJSVI4TT + port: 19345 openvpn: adblock: false allow_limited: false @@ -64,8 +64,8 @@ openvpn: unlimited_prefix: UNLIMITED user_ips: false platform: - major_version: "0.9" - version: "0.9" + major_version: "0.10" + version: "0.10" service_type: user_service services: - openvpn @@ -79,18 +79,19 @@ sources: revision: latest type: apt nickserver: - revision: origin/version/0.9 + revision: origin/master source: "https://leap.se/git/nickserver" type: git platform: apt: - basic: "http://deb.leap.se/0.9" + basic: "http://deb.leap.se/platform" + component: snapshots soledad: package: soledad-server revision: latest type: apt webapp: - revision: origin/version/0.8 + revision: origin/master source: "https://leap.se/git/leap_web" type: git ssh: @@ -147,7 +148,7 @@ stunnel: clients: {} servers: {} tags: - - demo + - demovpn - seattle x509: ca_cert: | diff --git a/hiera/orangutan.yaml b/hiera/orangutan.yaml index 7fa0332..99c877c 100644 --- a/hiera/orangutan.yaml +++ b/hiera/orangutan.yaml @@ -250,6 +250,7 @@ sources: platform: apt: basic: "http://deb.leap.se/experimental-platform" + component: snapshots soledad: package: soledad-server revision: latest diff --git a/hiera/otter.yaml b/hiera/otter.yaml index 6340e7c..1ad3c3c 100644 --- a/hiera/otter.yaml +++ b/hiera/otter.yaml @@ -13,7 +13,7 @@ domain: internal_suffix: demo.bitmask.i name: otter.demo.bitmask.net enabled: true -environment: demo +environment: demovpn firewall: ssh: from: sysadmin @@ -23,7 +23,7 @@ firewall: vpn: from: "*" port: - - 31540 + - 31244 - "443" to: "46.165.242.169" hosts: {} @@ -39,8 +39,8 @@ name: otter obfsproxy: gateway_address: "46.165.242.169" scramblesuit: - password: OVCGCNTDNMZWIYKDJZBDOWDLG4ZUGQJW - port: 31540 + password: KJEFGZTYLFEFITTDPJRXASLNKVYGEUKX + port: 31244 openvpn: adblock: false allow_limited: false @@ -64,8 +64,8 @@ openvpn: unlimited_prefix: UNLIMITED user_ips: false platform: - major_version: "0.9" - version: "0.9" + major_version: "0.10" + version: "0.10" service_type: user_service services: - openvpn @@ -80,18 +80,19 @@ sources: revision: latest type: apt nickserver: - revision: origin/version/0.9 + revision: origin/master source: "https://leap.se/git/nickserver" type: git platform: apt: - basic: "http://deb.leap.se/0.9" + basic: "http://deb.leap.se/platform" + component: snapshots soledad: package: soledad-server revision: latest type: apt webapp: - revision: origin/version/0.8 + revision: origin/master source: "https://leap.se/git/leap_web" type: git ssh: @@ -148,21 +149,22 @@ stunnel: clients: {} servers: {} tags: - - demo + - demovpn - frankfurt tor: bandwidth_rate: 100 contacts: - elijah@leap.se - sysdev@leap.se - family: "dottereluSaR9IekHdQ,otterbagtc8Z3KPmfnT" + family: "dottereluSaR9IekHdQ,otterdVuPt9yFz8SpKm" hidden_service: active: ~ address: ~ key_type: RSA private_key: ~ public_key: ~ - nickname: otterbagtc8Z3KPmfnT + single_hop: false + nickname: otterdVuPt9yFz8SpKm x509: ca_cert: | -----BEGIN CERTIFICATE----- |