summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--hiera/chameleon.yaml94
-rw-r--r--hiera/octopus.yaml80
-rw-r--r--hiera/panda.yaml41
-rw-r--r--hiera/seahorse.yaml18
-rw-r--r--secrets.json4
5 files changed, 169 insertions, 68 deletions
diff --git a/hiera/chameleon.yaml b/hiera/chameleon.yaml
index 5d05bb7..d156f95 100644
--- a/hiera/chameleon.yaml
+++ b/hiera/chameleon.yaml
@@ -137,10 +137,10 @@ development:
site_config: true
dns:
aliases:
- - chameleon.unstable.bitmask.net
- - unstable.bitmask.net
- api.unstable.bitmask.net
+ - chameleon.unstable.bitmask.net
- nicknym.unstable.bitmask.net
+ - unstable.bitmask.net
public: true
domain:
full: chameleon.unstable.bitmask.net
@@ -151,128 +151,154 @@ domain:
enabled: true
environment: unstable
haproxy:
- servers:
- panda:
- backup: false
- host: localhost
- port: 4000
- weight: 100
+ couch:
+ listen_port: 4096
+ servers:
+ panda:
+ backup: false
+ host: localhost
+ port: 4000
+ weight: 100
+ writable: true
hosts:
ant:
domain_full: ant.demo.bitmask.net
domain_internal: ant.demo.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBGDhCu92zulHOAhv63sTLnxPQrP+GxbWC4YUxonYOiWKaI/oS5soH5vfgI0/kkzZgA044F6ZyWo5S5dEwz4AEI="
ip_address: "198.252.153.82"
+ port: 4422
canvasback:
domain_full: canvasback.cdev.bitmask.net
domain_internal: canvasback.cdev.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH5g/h43gZ3pQsU8ohme4J2mDeZgxGnd3lfR428GRqxKH4MEDGGrimpK1oPf6scey+oD8WYvSYP3ZjPFZHxyq4A="
ip_address: "192.168.5.4"
+ port: 22
chameleon:
domain_full: chameleon.unstable.bitmask.net
domain_internal: chameleon.unstable.bitmask.i
host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCbam3MYRlMunsimA/FMoS3qH03GcSTS7PPphE5es7oucWidaBp8HUKhl9SXTXe/98wYWTTMZPdWvjJvloWHxTAH1nt/TQxcCRZLPjaInt7NUo3aV5u0ADNaBKvcI8mFZMECSOol8ss+2+HHaqN3AQXcrotClz0vDb0a/9wPBKO0/oYR9PaDBR2wqq5TpOQn7lLmvygMCxvMr9PGgn02RnVsMHQ7qBH+Dk2MDM9DqT4Nr/WW61kwQKv1G/cfAD0MFN2HHMBj6Tx4pHPgTm9GhlEGmkUzykNSrqkg5V69peqeDTkNTkWy6WIwzk0Td7ohhLypa4dMUB5miSPHObrKSDJ"
ip_address: "192.168.5.10"
+ port: 4422
chipmonk:
domain_full: chipmonk.cdev.bitmask.net
domain_internal: chipmonk.cdev.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDyqIb8/kigC0IUCVFlIKmhp5+C/P2W7d71jMX6ZK9XAzRzxFdMmcvn5H6ypUsLWQ7r327nD1bRupKiYdmPWrWk="
ip_address: "192.168.5.19"
+ port: 22
clam:
domain_full: clam.dev.bitmask.net
domain_internal: clam.dev.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMYfDEXXpRdNtIaa1aGLVqG/3laVEoLi4ujKAFKtsgOJqw6qd6Sph29Jyqb5SmXNqzebuVKbWmKogXia1wKnjUc="
ip_address: "176.53.69.22"
+ port: 4422
deer:
domain_full: deer.dev.bitmask.net
domain_internal: deer.dev.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBORp1ohUpy+qSPhgklCvujSTGeIsHdY9hBDJZimfeRZFq3ZuZvLltrvla8++BBTCskgEUdGtNivK9I0oCviyDeA="
ip_address: "202.85.227.195"
+ port: 22
demodex:
domain_full: demodex.dev.bitmask.net
domain_internal: demodex.dev.bitmask.i
host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2iNuS97BTd7flA/8nho/w3+THNriQPf1IpgcI/TCaTxIG5T85FRIApNAIxayJjBAt9C/MM8LMUlpRTq1Y8vlpYmfcWAJj5V8bbP03TXNIkgK8rtStjN061bhWXo4AVfD1hFyL+wUrdGRX2laaJvOgMO+UCkYb9PPqEfyKCMhcu3Da7auznYucrNxcJwCU4TpVgmQDYE0DWpYkssTbGJ7YJOZAtwNWtOrZFVRzOvMy3WvAM/s0x/ME6CQi6k6dDHlSpafhPAl/B4koTtnPksmXc7xCpmaun1j68C0yvD1l9QBPKyFwJ1KCJgx+9++CqnSFbIbX3ebb0FGtMHrak2xL"
ip_address: "204.13.164.171"
+ port: 22
elephant:
domain_full: elephant.dev.bitmask.net
domain_internal: elephant.dev.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOktOAJ7qxG2pC+qGVJTMNLMZGdhyInsuCX7phvQSTJxo2HNTUcSR/CJuLwsV0yqBVTmbrUNBCJS/n+x6bVqUeg="
ip_address: "176.53.69.13"
+ port: 4422
elk:
domain_full: elk.dev.bitmask.net
domain_internal: elk.dev.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJxIofc6JyVvppMKv/hZnMZp/aYeEcy5kHAW1O1/ZkHnclc/cmxEQ2HtRNhMXziOrYZG/UB9NCEBkTFG2PG6XH8="
ip_address: "176.53.69.127"
+ port: 22
frog:
domain_full: frog.bitmask.net
domain_internal: frog.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNurBzA0Yk4smJr9x+EttnpdaZg9FNnWTl+JKwmYBMXxaoh+W0fOCkooA5DuQq/e6V/BmJC5WoerFWhV2oxSs5w="
ip_address: "199.119.112.23"
+ port: 22
gadwall:
domain_full: gadwall.cdev.bitmask.net
domain_internal: gadwall.cdev.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBC4ycn7GabjeeewBmzTUbH+rZjRQV9seFmqbW2o5cE4jLsbPIMcMRRwLhA7TfIRLL7bLyuRNUWXwOqKZb/Psiog="
ip_address: "192.168.5.5"
+ port: 22
hippo:
domain_full: hippo.demo.bitmask.net
domain_internal: hippo.demo.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBL4iit51nt0P5yulG9s5iNP94MVGOXZTbPeHbnIqXmiYv8u5Cq8l/R4S9T8s9oh8PdZvGfWrbxewz3CaHgIvtbc="
ip_address: "85.17.92.143"
+ port: 4422
ladybug:
domain_full: ladybug.dev.bitmask.net
domain_internal: ladybug.dev.bitmask.i
host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDB2QMVLYRTwLfZzafas9wTfh1OsHCuRFc1yfezZt/hPPYbNREkbDLW7xgvCBFAqZdRU/1EEyzTdLwUPWP7RtFRSVPrBn3Re9Y2DmVno4YR/7SklWo330tc3aNX5sVFfvgSLHqe4T/SOSmQvjPz/AxkRekIi7Rsjrew9C3SiCZ9S3PygxEQw3XnPoeh4Kju1fl7eXSzLwWVu1TtUJvRn6gbP9+qTY5/1e9MHEBD0zOXO7tAcRWwjkzMPdQ1GgMqvAqamtIXOmG2RWXApeaitix8qZQlC/eb1pJzlh2b5MNiizJPS1rCqnGSN3Jx6H5CqthKWu1JaUzxGhLacuu5AWSN"
ip_address: "192.168.5.8"
+ port: 22
leech:
domain_full: leech.demo.bitmask.net
domain_internal: leech.demo.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCiT3/fejkQIAny1f71ijFYaSEcYho6gR10z20ctmLumV3pHtXcFXtHqzAFJ07txANyef5P/yiIOl+/x/uRANjo="
ip_address: "198.252.153.85"
+ port: 4422
millipede:
domain_full: millipede.demo.bitmask.net
domain_internal: millipede.demo.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBG02MrdDFaqZO11JbYSAAC5q/W/FCch3AQXo+dRcpErvHLmv9kWkrV1ESqfZ+s6qEfk8Aqv0vsym7YigMiGXlBo="
ip_address: "198.252.153.83"
+ port: 4422
octopus:
domain_full: octopus.unstable.bitmask.net
domain_internal: octopus.unstable.bitmask.i
host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDLbvsEZGXVaC74PcXd/M4wwv7nnAhg3318EqcGbo2aX5Tt+mAYbxjLj+HAiJgG63Mp6+GEuH5KNwgrRNwaOqh84tOMOYOKFAdgha4z6WC9q9sFIkqwaE2KDfoENKyUo0ywb0aBAW0EvYMt92BL7p5T8oQr/SbFw/GW1iyEqCPFK4VcupdnjDd8wyolgLawg0Okah5IHVosuJQEZXii7I0nhAl5OUkn5DIr6NklW6gTht+m6yRl7KNS+SGfyZs5U/1NywtwqPIH5Zgwt3Cphzga+d++6HbpO3PXA1PmN/bYJGDC0zG9gDSae1mvc+pDWWELgHEfpjzigrqqeNJtO2UD"
ip_address: "192.168.5.16"
+ port: 4422
panda:
domain_full: panda.unstable.bitmask.net
domain_internal: panda.unstable.bitmask.i
host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2cA8eQ4VD3tW7p+Fy0ZLXBzFbgwFOXjdau8zQd0WzJd2sifsLMHv/iGcfELsK+O7Jh7KsezwhT+seZQR6QmdX4qgFvtKB86DgUmMVc5k1Zja1+vXjhsMVB0/EY7k7CM3Clm8NRJzjiA407TFYsCMLuVRaW5hvgFiH9+4aszbmtbfWoFVT97y3o2bkP0exz5jxgKsnlJDF9HJBsVEHXnozvopZeoprrDbtJZQGQA+HcllJm678sIzwEwWn/6JtH6LmcvhnRL5ohd0Tlhf/lqFS9if+EzEt278crUMWcePSxb7a4lV6cJrxE3VaiZ+ldsvJebcYDvtJCK1T8ea4OarB"
ip_address: "192.168.5.9"
+ port: 4422
seahorse:
domain_full: seahorse.unstable.bitmask.net
domain_internal: seahorse.unstable.bitmask.i
host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCfIO4Zdb7Xl1xP3Nw6hCSRSU9t6D2l3HpP38V1VM+2sLHDUdGDlHYWgUlfril5wZ6DdvU1DO2xrSTPDR1LrLEk/OKuFthnNUmRfE+NQQbf/KjEfj+AFj36l9evbWwef/EwECOtydQYZTEabVvrt0yprHYnfd728UklkFjXg67962X9A8DtK2OcPovEbcpPA3vo88+SZukNXAFUQcZPbX5ux0WZ1RH0GQVLVFo0dL4dQdEHZIXVYNvI9X7FzcN4WNjYyZfibiCmo3zdv15Hybh1NMQtBC6H5ZtiykzqL7cbUmmKeYzgIycFnewUxr6P4WyWx7/kPqfR/0Dw5aQqufw1"
ip_address: "192.168.5.12"
+ port: 4422
snail:
domain_full: snail.dev.bitmask.net
domain_internal: snail.dev.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK+IgHh5d/DYKrfzc8yGSBiNxFOg8vnTTfuykuQK3wO9F7Obzxuux/qlvHV1yPV0I9id72bduDfyfngMU5jqugY="
ip_address: "176.53.69.14"
+ port: 4422
starfish:
domain_full: starfish.dev.bitmask.net
domain_internal: starfish.dev.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH7hjD8SIQshnCrMkin4MY6ff1QAJRusnMMsitiTc3+rpn5cCVW+ZB6+nwSKUyiXbD8l6wcL0CTxEZJGhYyfKc0="
ip_address: "176.53.69.23"
+ port: 4422
thrips:
domain_full: thrips.demo.bitmask.net
domain_internal: thrips.demo.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIJHNnsfeuNBkVRm7cJvgD0rTX1wztnoz9SuHK2vJ9Pcluo8VfFoQrwayoFiAPJNC0dOoSra0Ir9L/eNQtjEzW0="
ip_address: "204.13.164.162"
+ port: 4422
urchin:
domain_full: urchin.dev.bitmask.net
domain_internal: urchin.dev.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKuJ+QA8GaXfxxERGFQSznpqJNmIk4gNFp3UvqYvL9PLeFUP4DwwsyCWg24x1R7RkFE3P75Jcck6Q8JW8d9iQWo="
ip_address: "176.53.69.21"
+ port: 4422
wallaby:
domain_full: wallaby.demo.bitmask.net
domain_internal: wallaby.demo.bitmask.i
host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBP/bJJ5OoSveoTEXAl26Gz0tqJkwzdA2fezMFeyoDDF6BCWntfzFZahoxHWg5alUfNMCJeYYOPYu/k05QzXThkQ="
ip_address: "204.13.164.57"
+ port: 4422
ip_address: "199.119.112.10"
location:
country_code: US
@@ -283,6 +309,11 @@ mail:
smarthost:
- octopus.unstable.bitmask.net
nagios:
+ domains_internal:
+ - cdev.bitmask.i
+ - demo.bitmask.i
+ - dev.bitmask.i
+ - unstable.bitmask.i
hosts:
ant:
domain_full_suffix: demo.bitmask.net
@@ -303,8 +334,8 @@ nagios:
domain_internal: chameleon.unstable.bitmask.i
ip_address: "199.119.112.10"
services:
- - webapp
- monitor
+ - webapp
ssh_port: 4422
chipmonk:
domain_full_suffix: cdev.bitmask.net
@@ -465,10 +496,13 @@ nickserver:
username: nickserver
domain: nicknym.unstable.bitmask.net
port: 6425
+platform:
+ major_version: "0.6"
+ version: "0.6"
service_type: public_service
services:
- - webapp
- monitor
+ - webapp
ssh:
authorized_keys:
azul:
@@ -516,26 +550,30 @@ ssh:
ports: "60000:61000"
port: 4422
stunnel:
- couch_client:
- panda_5984:
- accept_port: 4000
- connect: panda.unstable.bitmask.i
- connect_port: 15984
+ clients:
+ couch_client:
+ panda_5984:
+ accept_port: 4000
+ connect: panda.unstable.bitmask.i
+ connect_port: 15984
+ original_port: 5984
+ servers: {}
tags:
- - unstable
- dc
- sandbox-braintree
+ - unstable
webapp:
admins:
+ - azul
- elijah
- - varac
- - micah
- kwadronaut
- mcnair
- meanderingcode
- - azul
+ - micah
+ - varac
allow_anonymous_certs: false
allow_limited_certs: false
+ allow_registration: true
allow_unlimited_certs: true
api_version: 1
billing:
@@ -557,16 +595,29 @@ webapp:
password: enfhmsmcLc3Az3GF6TFKwRk99Iqjm2ew
salt: 478bf7e8ca879a9711b279055f00153e
username: webapp
- customization_dir: /etc/leap/files/webapp/
+ customization_dir: /srv/leap/files/webapp/
default_service_level: 1
domain: unstable.bitmask.net
+ engines:
+ - support
+ forbidden_usernames:
+ - admin
+ - administrator
+ - arin-admin
+ - certmaster
+ - contact
+ - info
+ - maildrop
+ - postmaster
+ - ssladmin
+ - www-data
git:
revision: origin/version/0.6
source: "https://leap.se/git/leap_web"
modules:
- - user
- billing
- help
+ - user
nagios_test_user:
password: SvVjM5NCe2RF6XwTtZ7dGxAZ7E7KeSNS
username: nagios_test
@@ -880,3 +931,4 @@ x509:
MXxW/683yhX/wP2WfhDpam3gZjAOmRUXjb4OmevRF2jlwLOJssykv7A=
-----END RSA PRIVATE KEY-----
use: true
+ use_commercial: true
diff --git a/hiera/octopus.yaml b/hiera/octopus.yaml
index 8512f0c..3846a72 100644
--- a/hiera/octopus.yaml
+++ b/hiera/octopus.yaml
@@ -18,23 +18,28 @@ domain:
enabled: true
environment: unstable
haproxy:
- servers:
- panda:
- backup: false
- host: localhost
- port: 4000
- weight: 100
+ couch:
+ listen_port: 4096
+ servers:
+ panda:
+ backup: false
+ host: localhost
+ port: 4000
+ weight: 100
+ writable: true
hosts:
octopus:
domain_full: octopus.unstable.bitmask.net
domain_internal: octopus.unstable.bitmask.i
host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDLbvsEZGXVaC74PcXd/M4wwv7nnAhg3318EqcGbo2aX5Tt+mAYbxjLj+HAiJgG63Mp6+GEuH5KNwgrRNwaOqh84tOMOYOKFAdgha4z6WC9q9sFIkqwaE2KDfoENKyUo0ywb0aBAW0EvYMt92BL7p5T8oQr/SbFw/GW1iyEqCPFK4VcupdnjDd8wyolgLawg0Okah5IHVosuJQEZXii7I0nhAl5OUkn5DIr6NklW6gTht+m6yRl7KNS+SGfyZs5U/1NywtwqPIH5Zgwt3Cphzga+d++6HbpO3PXA1PmN/bYJGDC0zG9gDSae1mvc+pDWWELgHEfpjzigrqqeNJtO2UD"
ip_address: "192.168.5.16"
+ port: 4422
panda:
domain_full: panda.unstable.bitmask.net
domain_internal: panda.unstable.bitmask.i
host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2cA8eQ4VD3tW7p+Fy0ZLXBzFbgwFOXjdau8zQd0WzJd2sifsLMHv/iGcfELsK+O7Jh7KsezwhT+seZQR6QmdX4qgFvtKB86DgUmMVc5k1Zja1+vXjhsMVB0/EY7k7CM3Clm8NRJzjiA407TFYsCMLuVRaW5hvgFiH9+4aszbmtbfWoFVT97y3o2bkP0exz5jxgKsnlJDF9HJBsVEHXnozvopZeoprrDbtJZQGQA+HcllJm678sIzwEwWn/6JtH6LmcvhnRL5ohd0Tlhf/lqFS9if+EzEt278crUMWcePSxb7a4lV6cJrxE3VaiZ+ldsvJebcYDvtJCK1T8ea4OarB"
ip_address: "192.168.5.9"
+ port: 4422
ip_address: "199.119.112.16"
location:
country_code: US
@@ -45,38 +50,41 @@ mail:
smarthost: []
mynetworks:
- "176.53.69.127"
- - "199.119.112.9"
- - "192.168.5.9"
- - "176.53.69.23"
- - "199.119.112.5"
- - "192.168.5.5"
+ - "176.53.69.13"
+ - "176.53.69.14"
- "176.53.69.21"
- - "204.13.164.171"
- - "199.119.112.10"
+ - "176.53.69.22"
+ - "176.53.69.23"
- "192.168.5.10"
- - "198.252.153.83"
- - "199.119.112.12"
- "192.168.5.12"
- - "204.13.164.162"
- - "198.252.153.82"
- - "199.119.112.16"
- "192.168.5.16"
- - "204.13.164.57"
- - "176.53.69.14"
- - "199.119.112.19"
- "192.168.5.19"
- - "176.53.69.13"
- - "202.85.227.195"
- - "199.119.112.23"
- "192.168.5.23"
- - "85.17.92.143"
- - "176.53.69.22"
- - "199.119.112.4"
- "192.168.5.4"
+ - "192.168.5.5"
+ - "192.168.5.8"
+ - "192.168.5.9"
+ - "198.252.153.82"
+ - "198.252.153.83"
- "198.252.153.85"
+ - "199.119.112.10"
+ - "199.119.112.12"
+ - "199.119.112.16"
+ - "199.119.112.19"
+ - "199.119.112.23"
+ - "199.119.112.4"
+ - "199.119.112.5"
- "199.119.112.8"
- - "192.168.5.8"
+ - "199.119.112.9"
+ - "202.85.227.195"
+ - "204.13.164.162"
+ - "204.13.164.171"
+ - "204.13.164.57"
+ - "85.17.92.143"
name: octopus
+platform:
+ major_version: "0.6"
+ version: "0.6"
service_type: user_service
services:
- mx
@@ -117,14 +125,17 @@ ssh:
ports: "60000:61000"
port: 4422
stunnel:
- couch_client:
- panda_5984:
- accept_port: 4000
- connect: panda.unstable.bitmask.i
- connect_port: 15984
+ clients:
+ couch_client:
+ panda_5984:
+ accept_port: 4000
+ connect: panda.unstable.bitmask.i
+ connect_port: 15984
+ original_port: 5984
+ servers: {}
tags:
- - unstable
- dc
+ - unstable
x509:
ca_cert: |
-----BEGIN CERTIFICATE-----
@@ -426,3 +437,4 @@ x509:
O1j7UCNyBJ70TpZ4F7RR3rcmlFbR8Moys/GrEMuUG1CJmOHRxGju2g==
-----END RSA PRIVATE KEY-----
use: true
+ use_commercial: true
diff --git a/hiera/panda.yaml b/hiera/panda.yaml
index d7a4509..a074bce 100644
--- a/hiera/panda.yaml
+++ b/hiera/panda.yaml
@@ -7,6 +7,8 @@ couch:
ednp_port: 9002
epmd_port: 4369
neighbors: []
+ master: false
+ mode: multimaster
port: 5984
users:
admin:
@@ -21,6 +23,10 @@ couch:
password: PzzQwxCvQLZUxRdS2jshMPN37Ps4qtbH
salt: b54d7b0f595d7318d961c636fb8f5530
username: nickserver
+ replication:
+ password: QgnmZaGgDWkb5ptprsbj9xvfYVWLFUj5
+ salt: 01a82aa87990d967cfb81f3ff32f8095
+ username: replication
soledad:
password: 35MzsnEEAeHTVNhI_FaCFNS5bhd7RGEf
salt: 7f725f3cc60c388e9af8140555e09dfa
@@ -53,11 +59,13 @@ hosts:
domain_internal: octopus.unstable.bitmask.i
host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDLbvsEZGXVaC74PcXd/M4wwv7nnAhg3318EqcGbo2aX5Tt+mAYbxjLj+HAiJgG63Mp6+GEuH5KNwgrRNwaOqh84tOMOYOKFAdgha4z6WC9q9sFIkqwaE2KDfoENKyUo0ywb0aBAW0EvYMt92BL7p5T8oQr/SbFw/GW1iyEqCPFK4VcupdnjDd8wyolgLawg0Okah5IHVosuJQEZXii7I0nhAl5OUkn5DIr6NklW6gTht+m6yRl7KNS+SGfyZs5U/1NywtwqPIH5Zgwt3Cphzga+d++6HbpO3PXA1PmN/bYJGDC0zG9gDSae1mvc+pDWWELgHEfpjzigrqqeNJtO2UD"
ip_address: "192.168.5.16"
+ port: 4422
panda:
domain_full: panda.unstable.bitmask.net
domain_internal: panda.unstable.bitmask.i
host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2cA8eQ4VD3tW7p+Fy0ZLXBzFbgwFOXjdau8zQd0WzJd2sifsLMHv/iGcfELsK+O7Jh7KsezwhT+seZQR6QmdX4qgFvtKB86DgUmMVc5k1Zja1+vXjhsMVB0/EY7k7CM3Clm8NRJzjiA407TFYsCMLuVRaW5hvgFiH9+4aszbmtbfWoFVT97y3o2bkP0exz5jxgKsnlJDF9HJBsVEHXnozvopZeoprrDbtJZQGQA+HcllJm678sIzwEwWn/6JtH6LmcvhnRL5ohd0Tlhf/lqFS9if+EzEt278crUMWcePSxb7a4lV6cJrxE3VaiZ+ldsvJebcYDvtJCK1T8ea4OarB"
ip_address: "192.168.5.9"
+ port: 4422
ip_address: "199.119.112.9"
location:
country_code: US
@@ -68,6 +76,9 @@ mail:
smarthost:
- octopus.unstable.bitmask.net
name: panda
+platform:
+ major_version: "0.6"
+ version: "0.6"
service_type: public_service
services:
- couchdb
@@ -116,20 +127,22 @@ ssh:
ports: "60000:61000"
port: 4422
stunnel:
- couch_server:
- accept: 15984
- connect: "127.0.0.1:5984"
- ednp_clients: {}
- ednp_server:
- accept: 19002
- connect: "127.0.0.1:9002"
- epmd_clients: {}
- epmd_server:
- accept: 14369
- connect: "127.0.0.1:4369"
+ clients:
+ ednp_clients: {}
+ epmd_clients: {}
+ servers:
+ couch_server:
+ accept_port: 15984
+ connect_port: 5984
+ ednp_server:
+ accept_port: 19002
+ connect_port: 9002
+ epmd_server:
+ accept_port: 14369
+ connect_port: 4369
tags:
- - unstable
- dc
+ - unstable
x509:
ca_cert: |
-----BEGIN CERTIFICATE-----
@@ -193,6 +206,9 @@ x509:
on5r5VCjv69sw/yJCqGWUaDfPb8ui+kv+JfIsQ8BoXSaSA81OZ5HeQ11vo5Hh7TZ
jUjUzNF+926ph4U2SgvNjQ==
-----END CERTIFICATE-----
+ commercial_ca_cert: ~
+ commercial_cert: ~
+ commercial_key: ~
key: |
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA0iB5rq3smyrvJRHApK3NapMbIZFzWfVIReFjqSt1jX6ZGWsM
@@ -222,3 +238,4 @@ x509:
gXDYMT8LiHhMP5GD5vauBqcJwmH6kiGpqoWWirotjVaXbLcCBnyIDw==
-----END RSA PRIVATE KEY-----
use: true
+ use_commercial: false
diff --git a/hiera/seahorse.yaml b/hiera/seahorse.yaml
index 567f63a..d05f88c 100644
--- a/hiera/seahorse.yaml
+++ b/hiera/seahorse.yaml
@@ -24,6 +24,11 @@ mail:
smarthost:
- octopus.unstable.bitmask.net
name: seahorse
+obfsproxy:
+ gateway_address: "199.119.112.13"
+ scramblesuit:
+ password: G5AVGZTEL5LTGVLKMV4TS6KVGVSV6X2Q
+ port: 26098
openvpn:
adblock: false
allow_limited: false
@@ -31,6 +36,7 @@ openvpn:
configuration:
auth: SHA1
cipher: AES-128-CBC
+ fragment: 1500
keepalive: "10 30"
tls-cipher: DHE-RSA-AES128-SHA
tun-ipv6: true
@@ -46,6 +52,9 @@ openvpn:
second_gateway_address: ~
unlimited_prefix: UNLIMITED
user_ips: false
+platform:
+ major_version: "0.6"
+ version: "0.6"
service_type: user_service
services:
- openvpn
@@ -85,9 +94,12 @@ ssh:
enabled: true
ports: "60000:61000"
port: 4422
+stunnel:
+ clients: {}
+ servers: {}
tags:
- - unstable
- dc
+ - unstable
x509:
ca_cert: |
-----BEGIN CERTIFICATE-----
@@ -185,6 +197,9 @@ x509:
xIAokTRYLx/6lq8bwelCPGVjy7EsGXt9aN+gMb4R3L9vA/NQrXu+dmCJKPE1vUHF
gkVBxxt/s0R2aKM=
-----END CERTIFICATE-----
+ commercial_ca_cert: ~
+ commercial_cert: ~
+ commercial_key: ~
dh: |
-----BEGIN DH PARAMETERS-----
MIIBngKCAZcAsTaQV6TwbN9PpD6dYdXz0lA0drrXLRvS8rNoMTaDnIv134RwKwsb
@@ -226,3 +241,4 @@ x509:
/D+dY+CRU62HFTIwHXNviqCP0Izmq1Wh/I/LAWpc9uzmOfOcxF63+g==
-----END RSA PRIVATE KEY-----
use: true
+ use_commercial: false
diff --git a/secrets.json b/secrets.json
index 6952b95..5036cd5 100644
--- a/secrets.json
+++ b/secrets.json
@@ -87,6 +87,8 @@
"couch_leap_mx_password_salt": "b4ac83520fa38b3acb722984fe5e3343",
"couch_nickserver_password": "PzzQwxCvQLZUxRdS2jshMPN37Ps4qtbH",
"couch_nickserver_password_salt": "b54d7b0f595d7318d961c636fb8f5530",
+ "couch_replication_password": "QgnmZaGgDWkb5ptprsbj9xvfYVWLFUj5",
+ "couch_replication_password_salt": "01a82aa87990d967cfb81f3ff32f8095",
"couch_soledad_password": "35MzsnEEAeHTVNhI_FaCFNS5bhd7RGEf",
"couch_soledad_password_salt": "7f725f3cc60c388e9af8140555e09dfa",
"couch_tapicero_password": "VwgddQnXRJrbYpZaU3eIcxUHyXJPMIxI",
@@ -95,6 +97,8 @@
"couch_webapp_password_salt": "478bf7e8ca879a9711b279055f00153e",
"nagios_admin_password": "r35FbwIuktJZXFfbnrVxCh8StDnIzhXj",
"nagios_test_password": "SvVjM5NCe2RF6XwTtZ7dGxAZ7E7KeSNS",
+ "scramblesuit_password_seahorse": "G5AVGZTEL5LTGVLKMV4TS6KVGVSV6X2Q",
+ "scramblesuit_port_seahorse": 26098,
"webapp_secret_token": "aC9zAs6X5YE_9EC_RQckGCFkKfJ4vTAJ"
}
}