diff options
| -rw-r--r-- | files/cert/cdev.bitmask.net.crt | 20 | ||||
| -rw-r--r-- | files/cert/dev.bitmask.net.crt | 20 | ||||
| -rw-r--r-- | files/puppet/modules/custom/manifests/apt/additional_sources.pp | 24 | ||||
| -rw-r--r-- | files/puppet/modules/custom/manifests/init.pp | 8 | ||||
| -rw-r--r-- | hiera/donkey.yaml | 22 |
5 files changed, 61 insertions, 33 deletions
diff --git a/files/cert/cdev.bitmask.net.crt b/files/cert/cdev.bitmask.net.crt index 5f84c77..07672cf 100644 --- a/files/cert/cdev.bitmask.net.crt +++ b/files/cert/cdev.bitmask.net.crt @@ -1,8 +1,8 @@ -----BEGIN CERTIFICATE----- -MIIGAzCCBOugAwIBAgISA/djPqoqFpoKaCNI9DYpNXaoMA0GCSqGSIb3DQEBCwUA +MIIGAzCCBOugAwIBAgISA8oBJExluR9ZpA4h2Rreorv+MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD -ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA3MTgxNTAzMDBaFw0x -NzEwMTYxNTAzMDBaMBsxGTAXBgNVBAMTEGNkZXYuYml0bWFzay5uZXQwggIiMA0G +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA5MDUxNjU4MDBaFw0x +NzEyMDQxNjU4MDBaMBsxGTAXBgNVBAMTEGNkZXYuYml0bWFzay5uZXQwggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDOSQHWGCuXnCz/MykBAugtPJUNu855 SPLEmKkKjg7mIsAPKWh9hXXXBi8PsE8GTQcFsjdv86nzLnfDYr0f7+PV8Fs4WxE+ hN8T8derrYM90Fbers9gmzIQORYE+iyXnuPSiGk5XBNTugDvr+fYMfvPf5b092SE @@ -25,13 +25,13 @@ CCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUH AgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9u IGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGgg dGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNy -eXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAT2F7qSf81CqV -9EOJGabCU/eAUbhJ0Lm97X+r9q9PRGgk3v0vTaUcUFFJhwW2F0v0KenVfHqWiios -xkQXaeZY38lfcVWqffZSBKdG2xCWRT6lY+5QHLW4gC62qdcev3jmNOAiimMuChR6 -mDHbZZLeO6zhVZNFC2FZ2wWHN/6AjksCI350UtUq9xAiHcRzqTVUiLCuA4hMnueq -Yuqaw0Iv46vTFREnTQcGQQibF9X6Kc6UsZe/GpqHmLKIEclSGb2ytf8i++dSsRxT -Z0R9vTPCrWNYVvvLK8Z4WAojL6gl9T6vUz/n/oYAaVScDK3i+gAxilU3wDXSkdLw -8JNUC/OaCQ== +eXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAjp+83HopTxZ0 +p+QajfKOX+BisroEiTK+/zAQMBtJ85y1cKUmd0x35dmQi5y4MOvXTsUjopIkmy7q +zf0N8ajXi6KfmmEeBJBoFJd9L4KNgX4zJLHYivaSazXK90b3pPCIvHjIeMYXok9M +urrrAsnqXpJinaHdnYpEGWyyLPJ6c0lUH6+jvj0kxHUGX4F7HnFBl7YwKIkPgNID +JfxuZmqvZQ4zflEtfqF8ik/eD6nMR/QpjiLy2P03xnfTZzRvLg6hjAkuRZ7Phgxq +JGsyVjwZ0UH+g/rf4WE/APvfQ2fX9VAwv3I2O59soMYfjNLZQY7iJ3V3kIbSYOYb +7SJkNr55kA== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/ diff --git a/files/cert/dev.bitmask.net.crt b/files/cert/dev.bitmask.net.crt index 85f0dac..8b6af72 100644 --- a/files/cert/dev.bitmask.net.crt +++ b/files/cert/dev.bitmask.net.crt @@ -1,8 +1,8 @@ -----BEGIN CERTIFICATE----- -MIIGATCCBOmgAwIBAgISA8E1V+o2lFHuS6xcRXbaC8KWMA0GCSqGSIb3DQEBCwUA +MIIGATCCBOmgAwIBAgISA9AnnVkXz8B7kz7mmuL6e2fTMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD -ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA4MTQwNTUwMDBaFw0x -NzExMTIwNTUwMDBaMBoxGDAWBgNVBAMTD2Rldi5iaXRtYXNrLm5ldDCCAiIwDQYJ +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA5MDUxNjU4MDBaFw0x +NzEyMDQxNjU4MDBaMBoxGDAWBgNVBAMTD2Rldi5iaXRtYXNrLm5ldDCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBALgKYaWVwXrg2n8ojpff4inIEzU6vP7d PAhal95VtoiQWInTQI4/M39IFd11aF5BUxa/ruZHgc32WloTkNx8DoGuPB1q1yQH ZbEpdxsGQfvDICwQKNLdI0JYTKgIADcG4dsxXG8P6VwwdBp5V+bD8Jorhp30iJL3 @@ -25,13 +25,13 @@ BgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwIC MIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBi eSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRo ZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlw -dC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAC2oPTL8ohzEFO0A -Na6iuQJf5Z5cUB+heYVmjrH4CPMDuSuvSCtoaLNs4Cn7uSgIWau4ZtmDfcMs/Ypl -VhSUpSgg5On+K2PKLSJv+rk6OQe9hF4j8GB7MnZ2y0OP/GAC9YxDFB2V07Hn8ojz -x1W/onpp0upvu4rLk+Xrxj7aV2EFMH2sKtiX0EzX0isoImW5by3TLd6cOQvyeTp9 -NPQYIYlYuQst6r/WbsvNxTgCB9yTk+OL/DKeFzE6SYRjhnd2qnsXwSbjIwdHt0/Y -vAt9N9z+yapmbG6K85Lb+XtUMbrn8kngicCJqefunurOCxCbn1inA54gGh1HGZC8 -Ts8Dtrc= +dC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAHpB2C1vPzVmS5WJ +7/9uHcfpLH0YlvT10Cqoias2zfHC8vnzQhBEvme1xz5W6/5TT6T7KDcdbZypjrIp +NBUpMS0ZUdySJ0tDgx47N/XTXkoZGEF+LsGJj5LjHMorHU6m9RM2NmnpTxu+V8nX +lGqA/u4IGdMRDy/DvePqr5N6A4XXS3oEUI3nwpTXj3BzvDitf0opeNYTjsEcQJRh +I6nFCLhb8RDbaITJLdG3sOCTJPriDGun0E0RQ2I/LoF+G2gyvfwWnzXKL26oGrdi +569ils8gYoden6FwrXsEy4RJuppZ/Dql60bJDwsSDVBQsibundExJk14GaxQOYZ/ +3ZMSw0c= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/ diff --git a/files/puppet/modules/custom/manifests/apt/additional_sources.pp b/files/puppet/modules/custom/manifests/apt/additional_sources.pp new file mode 100644 index 0000000..029c92d --- /dev/null +++ b/files/puppet/modules/custom/manifests/apt/additional_sources.pp @@ -0,0 +1,24 @@ +# Add additional sources and configure unattended updates for it +define custom::apt::additional_sources ( + $ensure = 'present', + $signed_by = '[signed-by=/usr/share/keyrings/leap-archive.gpg]', + $repodomain = 'deb.leap.se', + $project = 'platform', + $dist = $::lsbdistcodename, + $component = 'master' +){ + + apt::sources_list { "${name}.list": + ensure => $ensure, + content => "deb ${signed_by} http://${repodomain}/${project} ${dist} ${component}", + } + + apt::apt_conf { "52unattended-upgrades-${name}": + content => "Unattended-Upgrade::Origins-Pattern { + \"site=${repodomain},component=${component}\"; +}", + require => Package['unattended-upgrades'], + refresh_apt => false, + } + +} diff --git a/files/puppet/modules/custom/manifests/init.pp b/files/puppet/modules/custom/manifests/init.pp index 0a67491..db5dfbb 100644 --- a/files/puppet/modules/custom/manifests/init.pp +++ b/files/puppet/modules/custom/manifests/init.pp @@ -22,7 +22,11 @@ class custom { include custom_munin_node::openvpn } - if member ( $services, 'pixelated') { - include ::pixelated + # Use additional packages from master repo + if $::domain == 'unstable.bitmask.net' { + ::custom::apt::additional_sources {'leap-master': + component => 'master' + } } + } diff --git a/hiera/donkey.yaml b/hiera/donkey.yaml index c1be69f..f1432c5 100644 --- a/hiera/donkey.yaml +++ b/hiera/donkey.yaml @@ -703,7 +703,7 @@ webapp: unlimited_prefix: UNLIMITED client_version: max: ~ - min: "0.9.4" + min: "0.9.2" couchdb_admin_user: password: LYaDX9L9QKe2Re6p8dFKhu_t2XCxTqNZ salt: b9d35fd378ba1598e843d5a784cfdf7e @@ -939,10 +939,10 @@ x509: commercial_ca_cert: ~ commercial_cert: | -----BEGIN CERTIFICATE----- - MIIGCzCCBPOgAwIBAgISA0zU6uxX84uaIFoAlEy2/wtYMA0GCSqGSIb3DQEBCwUA + MIIGCzCCBPOgAwIBAgISAw6ta0DacxFqo1Ruiv51ikGLMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD - ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA2MTUxMjU4MDBaFw0x - NzA5MTMxMjU4MDBaMB8xHTAbBgNVBAMTFHVuc3RhYmxlLmJpdG1hc2submV0MIIC + ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA4MTUwNDA0MDBaFw0x + NzExMTMwNDA0MDBaMB8xHTAbBgNVBAMTFHVuc3RhYmxlLmJpdG1hc2submV0MIIC IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAx0u3IkbJ8qpGsFOWCm4K3QKk /50vHLTq/gqU4xYeGCvpHQRw59wasVCLSZWEmemVjBQtQ7tjWUYaVbFHtqRX/KwG IQIEZ4mkfneDczI71EVIsJMPn8sjzZrQHHyMSLFe3xIKCtsb25UlxmIL93h7KrvG @@ -965,13 +965,13 @@ x509: BggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVs aWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFu Y2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8v - bGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAg - G1u7HufY8sk4NSOcOl3vT7Aiik9/yUKos9MF5iqfVLPFBkI76Bu+kURfuQf+KT9c - RFnAvZTwMz/4WsD0BrogM43WiX5SyfjtAGn9gYkKlI3vgVh4B+R+Scgm5x+ln0R1 - /Hk6szJRFag5V6oiFt/f2Ax2KwLtoCbOk7KEJ0OsvPesSXePpyTTPXL3dAQ/AiPJ - gxO8RF1ShG0kpixunWbJ2MO8snmIZFiRJ+K0SqULT9A/B0vkzsg8R64/5L90iEUK - BtyGYaPB63r/vW8j2CjEuFW9yDF1YkdYAPocTdGEJhPJXRVt25BBWPIgqMdq5UQ9 - sLLn5G5KhTYP8b7cDEU2 + bGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQA2 + qtCB+oqqsq1OkMDZNXyxoQNi2N5kU9NI3FoY0F7O3svM16oolA2kQY8jkGDGzwnI + xxBKxWWLaYq7mKwiu3R1knLUU+LHxLRon2gyElvoGW4MSB/UZ8oyq3ZdJzcTmqK8 + Iv85ztD/LekOd7MET1HSqGtx+udECASAUBStP1mn+VlL2Cb9HjFpDGlc8Ui/EGEM + vIIgFFBG+Ujlwk+qbwvXQhw3WO8XTjsAScVgjRk+mGw+ymdUPWorRxlICG7JcLSj + 57cc2GKI0Oqaqj0AWNVO17Fms0XVIl0XOTlSRtDpCMpmZvm5DoWT8Le9KfRKOuAW + RXA1vxBk4lPIgjavyR0J -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/ |