From 23a30332a9a29e9f924f78341841951cf9c802ac Mon Sep 17 00:00:00 2001 From: elijah Date: Wed, 17 Dec 2014 13:08:25 -0800 Subject: decommission hippo --- files/ssh/known_hosts | 2 +- hiera/deer.yaml | 2 +- hiera/hippo.yaml | 34 ++++++++++------------------------ hiera/millipede.yaml | 2 ++ hiera/otter.yaml | 2 +- hiera/snail.yaml | 2 ++ hiera/wallaby.yaml | 27 --------------------------- nodes/hippo.json | 8 ++------ secrets.json | 4 ++++ services/openvpn.json | 4 ++++ tags/disabled.json | 6 ++++++ 11 files changed, 33 insertions(+), 60 deletions(-) create mode 100644 tags/disabled.json diff --git a/files/ssh/known_hosts b/files/ssh/known_hosts index dd0d3a6..40e237b 100644 --- a/files/ssh/known_hosts +++ b/files/ssh/known_hosts @@ -13,7 +13,7 @@ elephant,elephant.dev.bitmask.i,elephant.dev.bitmask.net,176.53.69.13 ecdsa-sha2 elk,elk.dev.bitmask.i,elk.dev.bitmask.net,176.53.69.127 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7uOD/mcSbTbeC8s69yL6olS9pm5dpWO8TQG6k3PJg4Fh7VnSDbIpv3ybRMw1aOwhz3ZCUadn1IP0Immii2dS4wZ3tlH0RfeTNw82XEiVTnuLCM6rhu+YP+fX+K5sDA+enpEgMe9mA8IaNIdkepXNJfNqeSuDs7BwPAm5PLaOAILR6JCdv45GRbJ6ukcd9yX/5Gz95sFOjWU78JAgIo6E7/MTlNy0BnrVwDrIXyOUJYJWEr1tV45xt8xFix/zUVbnD6AjowNRJFJGp9XbsSZ5iymtP0TG/imZmrE/602MNNhB0d4X3YQXPB27IUME3HBqFP17vcwrNYSxDzSBLqr6Z frog,frog.bitmask.i,frog.bitmask.net,199.119.112.23 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNurBzA0Yk4smJr9x+EttnpdaZg9FNnWTl+JKwmYBMXxaoh+W0fOCkooA5DuQq/e6V/BmJC5WoerFWhV2oxSs5w= gadwall,gadwall.cdev.bitmask.i,gadwall.cdev.bitmask.net,199.119.112.5 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBC4ycn7GabjeeewBmzTUbH+rZjRQV9seFmqbW2o5cE4jLsbPIMcMRRwLhA7TfIRLL7bLyuRNUWXwOqKZb/Psiog= -hippo,hippo.demo.bitmask.i,hippo.demo.bitmask.net,85.17.92.143 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBL4iit51nt0P5yulG9s5iNP94MVGOXZTbPeHbnIqXmiYv8u5Cq8l/R4S9T8s9oh8PdZvGfWrbxewz3CaHgIvtbc= +hippo,hippo.bitmask.i,hippo.bitmask.net,85.17.92.143 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBL4iit51nt0P5yulG9s5iNP94MVGOXZTbPeHbnIqXmiYv8u5Cq8l/R4S9T8s9oh8PdZvGfWrbxewz3CaHgIvtbc= ladybug,ladybug.dev.bitmask.i,ladybug.dev.bitmask.net,199.119.112.8 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDB2QMVLYRTwLfZzafas9wTfh1OsHCuRFc1yfezZt/hPPYbNREkbDLW7xgvCBFAqZdRU/1EEyzTdLwUPWP7RtFRSVPrBn3Re9Y2DmVno4YR/7SklWo330tc3aNX5sVFfvgSLHqe4T/SOSmQvjPz/AxkRekIi7Rsjrew9C3SiCZ9S3PygxEQw3XnPoeh4Kju1fl7eXSzLwWVu1TtUJvRn6gbP9+qTY5/1e9MHEBD0zOXO7tAcRWwjkzMPdQ1GgMqvAqamtIXOmG2RWXApeaitix8qZQlC/eb1pJzlh2b5MNiizJPS1rCqnGSN3Jx6H5CqthKWu1JaUzxGhLacuu5AWSN leech,leech.demo.bitmask.i,leech.demo.bitmask.net,198.252.153.85 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCiT3/fejkQIAny1f71ijFYaSEcYho6gR10z20ctmLumV3pHtXcFXtHqzAFJ07txANyef5P/yiIOl+/x/uRANjo= millipede,millipede.demo.bitmask.i,millipede.demo.bitmask.net,198.252.153.83 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBG02MrdDFaqZO11JbYSAAC5q/W/FCch3AQXo+dRcpErvHLmv9kWkrV1ESqfZ+s6qEfk8Aqv0vsym7YigMiGXlBo= diff --git a/hiera/deer.yaml b/hiera/deer.yaml index 2a33635..bd8d208 100644 --- a/hiera/deer.yaml +++ b/hiera/deer.yaml @@ -78,7 +78,7 @@ tor: contacts: - micah@leap.se - sysdev@leap.se - family: "deeruSaR9IekHdQGUGI,hippobagtc8Z3KPmfnT,otterbagtc8Z3KPmfnT" + family: "deeruSaR9IekHdQGUGI,otterbagtc8Z3KPmfnT" hidden_service: active: ~ address: ~ diff --git a/hiera/hippo.yaml b/hiera/hippo.yaml index 7c7c7da..d853cfa 100644 --- a/hiera/hippo.yaml +++ b/hiera/hippo.yaml @@ -1,19 +1,18 @@ --- contacts: - - elijah@leap.se - sysdev@leap.se development: site_config: true dns: public: true domain: - full: hippo.demo.bitmask.net - full_suffix: demo.bitmask.net - internal: hippo.demo.bitmask.i - internal_suffix: demo.bitmask.i - name: hippo.demo.bitmask.net + full: hippo.bitmask.net + full_suffix: bitmask.net + internal: hippo.bitmask.i + internal_suffix: bitmask.i + name: hippo.bitmask.net enabled: true -environment: demo +environment: disabled hosts: {} ip_address: "85.17.92.143" location: @@ -22,14 +21,13 @@ location: name: Amsterdam timezone: "+1" mail: - smarthost: - - leech.demo.bitmask.net + smarthost: [] name: hippo obfsproxy: gateway_address: "85.17.92.167" scramblesuit: - password: GJBFKVRUNZRXKOKUKN2FAWSWLJ3XIWDC - port: 18093 + password: GZ5FI5KQJUZVSTTYOI3XESDNOVEXQR2K + port: 28975 openvpn: adblock: false allow_limited: false @@ -59,7 +57,6 @@ platform: service_type: user_service services: - openvpn - - tor ssh: authorized_keys: azul: @@ -101,20 +98,9 @@ stunnel: servers: {} tags: - amsterdam - - demo + - disabled tor: bandwidth_rate: 100 - contacts: - - elijah@leap.se - - sysdev@leap.se - family: "deeruSaR9IekHdQGUGI,hippobagtc8Z3KPmfnT,otterbagtc8Z3KPmfnT" - hidden_service: - active: ~ - address: ~ - key_type: RSA - private_key: ~ - public_key: ~ - nickname: hippobagtc8Z3KPmfnT x509: ca_cert: | -----BEGIN CERTIFICATE----- diff --git a/hiera/millipede.yaml b/hiera/millipede.yaml index 17b8ec1..7adfb74 100644 --- a/hiera/millipede.yaml +++ b/hiera/millipede.yaml @@ -101,6 +101,8 @@ stunnel: tags: - demo - seattle +tor: + bandwidth_rate: 100 x509: ca_cert: | -----BEGIN CERTIFICATE----- diff --git a/hiera/otter.yaml b/hiera/otter.yaml index 726a860..53f937e 100644 --- a/hiera/otter.yaml +++ b/hiera/otter.yaml @@ -107,7 +107,7 @@ tor: contacts: - elijah@leap.se - sysdev@leap.se - family: "deeruSaR9IekHdQGUGI,hippobagtc8Z3KPmfnT,otterbagtc8Z3KPmfnT" + family: "deeruSaR9IekHdQGUGI,otterbagtc8Z3KPmfnT" hidden_service: active: ~ address: ~ diff --git a/hiera/snail.yaml b/hiera/snail.yaml index b973411..19c0b5b 100644 --- a/hiera/snail.yaml +++ b/hiera/snail.yaml @@ -102,6 +102,8 @@ stunnel: tags: - development - istanbul +tor: + bandwidth_rate: 100 x509: ca_cert: | -----BEGIN CERTIFICATE----- diff --git a/hiera/wallaby.yaml b/hiera/wallaby.yaml index 4923ac5..dc582d3 100644 --- a/hiera/wallaby.yaml +++ b/hiera/wallaby.yaml @@ -9,27 +9,6 @@ definition_files: eip_service: |- { "gateways": [ - { - "capabilities": { - "adblock": false, - "filter_dns": false, - "limited": false, - "ports": [ - "443" - ], - "protocols": [ - "tcp", - "udp" - ], - "transport": [ - "openvpn" - ], - "user_ips": false - }, - "host": "hippo.demo.bitmask.net", - "ip_address": "85.17.92.167", - "location": "amsterdam" - }, { "capabilities": { "adblock": false, @@ -74,12 +53,6 @@ definition_files: } ], "locations": { - "amsterdam": { - "country_code": "NL", - "hemisphere": "N", - "name": "Amsterdam", - "timezone": "+1" - }, "frankfurt": { "country_code": "DE", "hemisphere": "N", diff --git a/nodes/hippo.json b/nodes/hippo.json index 7d6d9f4..9881b99 100644 --- a/nodes/hippo.json +++ b/nodes/hippo.json @@ -1,13 +1,9 @@ // http://torstatus.blutmagie.de/router_detail.php?FP=855b6cfe6c20a48cf1b815b87d565df6ea93e74a { "ip_address": "85.17.92.143", - "services": ["openvpn", "tor"], - "tags": ["demo", "amsterdam"], + "services": ["openvpn"], + "tags": ["disabled", "amsterdam"], "openvpn": { "gateway_address": "85.17.92.167" - }, - "tor": { - // KB/s - "bandwidth_rate": 100 } } diff --git a/secrets.json b/secrets.json index e0bb521..5d2751a 100644 --- a/secrets.json +++ b/secrets.json @@ -66,6 +66,10 @@ "tor_family": "uSaR9IekHdQGUGIRrdThPFW64_JYgEnr", "webapp_secret_token": "_DLZ7e9YhU_d3HDCWFzCMd3WnC4QaP__" }, + "disabled": { + "scramblesuit_password_hippo": "GZ5FI5KQJUZVSTTYOI3XESDNOVEXQR2K", + "scramblesuit_port_hippo": 28975 + }, "local": { "bigcouch_cookie": "QnBSJJBxjqAz6KDnGMsQyW844XrIJBY7", "couch_admin_password": "_Bn6AqU54shspQxbnsQTpRySjLQKTjBh", diff --git a/services/openvpn.json b/services/openvpn.json index 937c31e..98f1231 100644 --- a/services/openvpn.json +++ b/services/openvpn.json @@ -1,5 +1,9 @@ { "openvpn": { "ports": ["443"] + }, + "tor": { + // KB/s + "bandwidth_rate": 100 } } diff --git a/tags/disabled.json b/tags/disabled.json new file mode 100644 index 0000000..153d24e --- /dev/null +++ b/tags/disabled.json @@ -0,0 +1,6 @@ +{ + "environment": "disabled", + "ssh": { + "port": 4422 + } +} \ No newline at end of file -- cgit v1.2.3