diff options
| -rw-r--r-- | hiera/chameleon.yaml | 36 | ||||
| -rw-r--r-- | hiera/octopus.yaml | 77 | ||||
| -rw-r--r-- | hiera/panda.yaml | 34 | ||||
| -rw-r--r-- | hiera/seahorse.yaml | 14 | ||||
| -rw-r--r-- | secrets.json | 4 |
5 files changed, 104 insertions, 61 deletions
diff --git a/hiera/chameleon.yaml b/hiera/chameleon.yaml index e41f788..e10047b 100644 --- a/hiera/chameleon.yaml +++ b/hiera/chameleon.yaml @@ -71,7 +71,7 @@ definition_files: "en": "Bitmask" }, "service": { - "allow_anonymous": true, + "allow_anonymous": false, "allow_free": true, "allow_limited_bandwidth": false, "allow_paid": false, @@ -151,12 +151,15 @@ domain: enabled: true environment: unstable haproxy: - servers: - panda: - backup: false - host: localhost - port: 4000 - weight: 100 + couch: + listen_port: 4096 + servers: + panda: + backup: false + host: localhost + port: 4000 + weight: 100 + writable: true hosts: ant: domain_full: ant.demo.bitmask.net @@ -516,11 +519,14 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - couch_client: - panda_5984: - accept_port: 4000 - connect: panda.unstable.bitmask.i - connect_port: 15984 + clients: + couch_client: + panda_5984: + accept_port: 4000 + connect: panda.unstable.bitmask.i + connect_port: 15984 + original_port: 5984 + servers: {} tags: - unstable - dc @@ -534,8 +540,9 @@ webapp: - mcnair - meanderingcode - azul - allow_anonymous_certs: true + allow_anonymous_certs: false allow_limited_certs: false + allow_registration: true allow_unlimited_certs: true api_version: 1 billing: @@ -563,7 +570,7 @@ webapp: engines: - support git: - revision: origin/master + revision: origin/develop source: "https://leap.se/git/leap_web" modules: - user @@ -886,3 +893,4 @@ x509: zj1phDvC1SxOKRGtM39+B8poUvsLais3X7FE33bjEaBScVcIc9U= -----END RSA PRIVATE KEY----- use: true + use_commercial: true diff --git a/hiera/octopus.yaml b/hiera/octopus.yaml index 1d44de6..c26d2c4 100644 --- a/hiera/octopus.yaml +++ b/hiera/octopus.yaml @@ -18,12 +18,15 @@ domain: enabled: true environment: unstable haproxy: - servers: - panda: - backup: false - host: localhost - port: 4000 - weight: 100 + couch: + listen_port: 4096 + servers: + panda: + backup: false + host: localhost + port: 4000 + weight: 100 + writable: true hosts: octopus: domain_full: octopus.unstable.bitmask.net @@ -44,38 +47,38 @@ location: mail: smarthost: [] mynetworks: - - "199.119.112.5" - - "192.168.5.5" - - "199.119.112.9" - - "192.168.5.9" - - "202.85.227.204" + - "176.53.69.22" + - "199.119.112.8" + - "192.168.5.8" + - "176.53.69.127" + - "198.252.153.83" + - "204.13.164.57" + - "199.119.112.23" + - "192.168.5.23" + - "85.17.92.143" + - "198.252.153.82" + - "199.119.112.16" + - "192.168.5.16" - "199.119.112.10" - "192.168.5.10" - - "176.53.69.21" - - "204.13.164.162" - "198.252.153.85" - - "85.17.92.143" + - "202.85.227.195" + - "199.119.112.9" + - "192.168.5.9" + - "176.53.69.13" + - "176.53.69.23" + - "176.53.69.21" + - "176.53.69.14" - "204.13.164.171" + - "199.119.112.5" + - "192.168.5.5" + - "199.119.112.12" + - "192.168.5.12" - "199.119.112.4" - "192.168.5.4" - - "198.252.153.83" - - "199.119.112.23" - - "192.168.5.23" - - "176.53.69.14" - - "199.119.112.8" - - "192.168.5.8" - - "176.53.69.22" - "199.119.112.19" - "192.168.5.19" - - "176.53.69.127" - - "204.13.164.57" - - "176.53.69.13" - - "199.119.112.12" - - "192.168.5.12" - - "199.119.112.16" - - "192.168.5.16" - - "176.53.69.23" - - "198.252.153.82" + - "204.13.164.162" name: octopus service_type: user_service services: @@ -117,11 +120,14 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - couch_client: - panda_5984: - accept_port: 4000 - connect: panda.unstable.bitmask.i - connect_port: 15984 + clients: + couch_client: + panda_5984: + accept_port: 4000 + connect: panda.unstable.bitmask.i + connect_port: 15984 + original_port: 5984 + servers: {} tags: - unstable - dc @@ -430,3 +436,4 @@ x509: O1j7UCNyBJ70TpZ4F7RR3rcmlFbR8Moys/GrEMuUG1CJmOHRxGju2g== -----END RSA PRIVATE KEY----- use: true + use_commercial: true diff --git a/hiera/panda.yaml b/hiera/panda.yaml index 3a3d83f..22f4c58 100644 --- a/hiera/panda.yaml +++ b/hiera/panda.yaml @@ -7,6 +7,8 @@ couch: ednp_port: 9002 epmd_port: 4369 neighbors: [] + master: false + mode: multimaster port: 5984 users: admin: @@ -21,6 +23,10 @@ couch: password: PzzQwxCvQLZUxRdS2jshMPN37Ps4qtbH salt: b54d7b0f595d7318d961c636fb8f5530 username: nickserver + replication: + password: LZg8s_Z6FCg2MZRQYjkYeE6arCIU2pCw + salt: b004ef682f926531fdda36e26d48c4fa + username: replication soledad: password: 35MzsnEEAeHTVNhI_FaCFNS5bhd7RGEf salt: 7f725f3cc60c388e9af8140555e09dfa @@ -116,17 +122,19 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - couch_server: - accept: 15984 - connect: "127.0.0.1:5984" - ednp_clients: {} - ednp_server: - accept: 19002 - connect: "127.0.0.1:9002" - epmd_clients: {} - epmd_server: - accept: 14369 - connect: "127.0.0.1:4369" + clients: + ednp_clients: {} + epmd_clients: {} + servers: + couch_server: + accept_port: 15984 + connect_port: 5984 + ednp_server: + accept_port: 19002 + connect_port: 9002 + epmd_server: + accept_port: 14369 + connect_port: 4369 tags: - unstable - dc @@ -193,6 +201,9 @@ x509: on5r5VCjv69sw/yJCqGWUaDfPb8ui+kv+JfIsQ8BoXSaSA81OZ5HeQ11vo5Hh7TZ jUjUzNF+926ph4U2SgvNjQ== -----END CERTIFICATE----- + commercial_ca_cert: ~ + commercial_cert: ~ + commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEA0iB5rq3smyrvJRHApK3NapMbIZFzWfVIReFjqSt1jX6ZGWsM @@ -222,3 +233,4 @@ x509: gXDYMT8LiHhMP5GD5vauBqcJwmH6kiGpqoWWirotjVaXbLcCBnyIDw== -----END RSA PRIVATE KEY----- use: true + use_commercial: false diff --git a/hiera/seahorse.yaml b/hiera/seahorse.yaml index 5cd0f46..ef76f27 100644 --- a/hiera/seahorse.yaml +++ b/hiera/seahorse.yaml @@ -13,7 +13,7 @@ domain: name: seahorse.unstable.bitmask.net enabled: true environment: unstable -hosts: ~ +hosts: {} ip_address: "199.119.112.12" location: country_code: US @@ -24,6 +24,11 @@ mail: smarthost: - octopus.unstable.bitmask.net name: seahorse +obfsproxy: + gateway_address: "199.119.112.13" + scramblesuit: + password: K52VQ53KKNVFE2TLLJKFS3SYKRKEENTO + port: 22088 openvpn: adblock: false allow_limited: false @@ -85,6 +90,9 @@ ssh: enabled: true ports: "60000:61000" port: 4422 +stunnel: + clients: {} + servers: {} tags: - unstable - dc @@ -185,6 +193,9 @@ x509: xIAokTRYLx/6lq8bwelCPGVjy7EsGXt9aN+gMb4R3L9vA/NQrXu+dmCJKPE1vUHF gkVBxxt/s0R2aKM= -----END CERTIFICATE----- + commercial_ca_cert: ~ + commercial_cert: ~ + commercial_key: ~ dh: | -----BEGIN DH PARAMETERS----- MIIBngKCAZcAsTaQV6TwbN9PpD6dYdXz0lA0drrXLRvS8rNoMTaDnIv134RwKwsb @@ -226,3 +237,4 @@ x509: /D+dY+CRU62HFTIwHXNviqCP0Izmq1Wh/I/LAWpc9uzmOfOcxF63+g== -----END RSA PRIVATE KEY----- use: true + use_commercial: false diff --git a/secrets.json b/secrets.json index 2ea5562..85b6878 100644 --- a/secrets.json +++ b/secrets.json @@ -83,6 +83,8 @@ "couch_leap_mx_password_salt": "b4ac83520fa38b3acb722984fe5e3343", "couch_nickserver_password": "PzzQwxCvQLZUxRdS2jshMPN37Ps4qtbH", "couch_nickserver_password_salt": "b54d7b0f595d7318d961c636fb8f5530", + "couch_replication_password": "LZg8s_Z6FCg2MZRQYjkYeE6arCIU2pCw", + "couch_replication_password_salt": "b004ef682f926531fdda36e26d48c4fa", "couch_soledad_password": "35MzsnEEAeHTVNhI_FaCFNS5bhd7RGEf", "couch_soledad_password_salt": "7f725f3cc60c388e9af8140555e09dfa", "couch_tapicero_password": "VwgddQnXRJrbYpZaU3eIcxUHyXJPMIxI", @@ -91,6 +93,8 @@ "couch_webapp_password_salt": "478bf7e8ca879a9711b279055f00153e", "nagios_admin_password": "r35FbwIuktJZXFfbnrVxCh8StDnIzhXj", "nagios_test_password": "SvVjM5NCe2RF6XwTtZ7dGxAZ7E7KeSNS", + "scramblesuit_password_seahorse": "K52VQ53KKNVFE2TLLJKFS3SYKRKEENTO", + "scramblesuit_port_seahorse": 22088, "webapp_secret_token": "aC9zAs6X5YE_9EC_RQckGCFkKfJ4vTAJ" } } |