From 364a43d1ac65abd030baeddfc3eff763486cfe16 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Mon, 24 Nov 2014 16:11:17 -0500 Subject: update ssh host keys --- hiera/ant.yaml | 55 ++--- hiera/canvasback.yaml | 58 ++---- hiera/chameleon.yaml | 85 +++----- hiera/chipmonk.yaml | 76 +++---- hiera/clam.yaml | 12 +- hiera/couch1.yaml | 55 ++--- hiera/couch2.yaml | 55 ++--- hiera/elephant.yaml | 8 +- hiera/elk.yaml | 12 +- hiera/frog.yaml | 10 - hiera/gadwall.yaml | 37 +--- hiera/hippo.yaml | 23 +- hiera/leech.yaml | 96 ++++----- hiera/millipede.yaml | 15 -- hiera/monitor1.yaml | 12 -- hiera/mx1.yaml | 96 ++++----- hiera/octopus.yaml | 78 +++---- hiera/panda.yaml | 39 ++-- hiera/plain1.yaml | 10 - hiera/seahorse.yaml | 18 +- hiera/single.yaml | 564 -------------------------------------------------- hiera/snail.yaml | 5 +- hiera/starfish.yaml | 8 +- hiera/thrips.yaml | 55 ++--- hiera/tor1.yaml | 16 -- hiera/urchin.yaml | 12 +- hiera/vpn1.yaml | 15 -- hiera/wallaby.yaml | 80 +++---- hiera/web1.yaml | 80 +++---- 29 files changed, 380 insertions(+), 1305 deletions(-) delete mode 100644 hiera/single.yaml (limited to 'hiera') diff --git a/hiera/ant.yaml b/hiera/ant.yaml index dbfbebf..59e9afd 100644 --- a/hiera/ant.yaml +++ b/hiera/ant.yaml @@ -8,8 +8,6 @@ couch: epmd_port: 4369 neighbors: - thrips.demo.bitmask.net - master: false - mode: multimaster port: 5984 users: admin: @@ -24,10 +22,6 @@ couch: password: CyhRSafC4SUGQ9F762Qfv3TPQDqTjn2G salt: e3ee9259723d0cbd8b3265dbe8b4e21e username: nickserver - replication: - password: gPFMMKdZaTHF24nQGYQTDHkAduQcarBm - salt: 215a1f508e2b564978f98e43231e1506 - username: replication soledad: password: cGqWZqTdFc_fuSZvfPtUTL_7uMA6d5YC salt: 514355e86f1d3fa4de42b677de21281d @@ -80,9 +74,6 @@ mail: smarthost: - leech.demo.bitmask.net name: ant -platform: - major_version: "0.6" - version: "0.6" service_type: internal_service services: - couchdb @@ -123,29 +114,25 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - clients: - ednp_clients: - thrips_9002: - accept_port: 4001 - connect: thrips.demo.bitmask.i - connect_port: 19002 - original_port: 9002 - epmd_clients: - thrips_4369: - accept_port: 4000 - connect: thrips.demo.bitmask.i - connect_port: 14369 - original_port: 4369 - servers: - couch_server: - accept_port: 15984 - connect_port: 5984 - ednp_server: - accept_port: 19002 - connect_port: 9002 - epmd_server: - accept_port: 14369 - connect_port: 4369 + couch_server: + accept: 15984 + connect: "127.0.0.1:5984" + ednp_clients: + thrips_9002: + accept_port: 4001 + connect: thrips.demo.bitmask.i + connect_port: 19002 + ednp_server: + accept: 19002 + connect: "127.0.0.1:9002" + epmd_clients: + thrips_4369: + accept_port: 4000 + connect: thrips.demo.bitmask.i + connect_port: 14369 + epmd_server: + accept: 14369 + connect: "127.0.0.1:4369" tags: - demo - seattle @@ -211,9 +198,6 @@ x509: BQxrMTmmPg9p/pQgsRd0zrMBAHVVOWIUdEvMe9d6JMsHabOsDG+nySGrDAgTuBf3 Eqk8NgcHUMUFnnESUmcKjsMsn/fSQceYG06R8nNBsq1vpH9Vv+7kvgJx4WQCjg== -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEpQIBAAKCAQEAms2pFpXAyOqZ54YccmnQBFYTXQAdqCs5mpr0xSOPwI9J25nn @@ -243,4 +227,3 @@ x509: /DVs7/l3QcdZumI+MVs1fSMQWAvad7PSC5GOr7s1KcMxi0nHkFZ1de0= -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/canvasback.yaml b/hiera/canvasback.yaml index 1f8d46f..4980fcf 100644 --- a/hiera/canvasback.yaml +++ b/hiera/canvasback.yaml @@ -105,9 +105,9 @@ development: site_config: true dns: aliases: - - api.cdev.bitmask.net - canvasback.cdev.bitmask.net - cdev.bitmask.net + - api.cdev.bitmask.net - nicknym.cdev.bitmask.net public: true domain: @@ -119,15 +119,12 @@ domain: enabled: true environment: clientdev haproxy: - couch: - listen_port: 4096 - servers: - gadwall: - backup: false - host: localhost - port: 4000 - weight: 100 - writable: true + servers: + gadwall: + backup: false + host: localhost + port: 4000 + weight: 100 hosts: chipmonk: domain_full: chipmonk.cdev.bitmask.net @@ -156,9 +153,6 @@ nickserver: username: nickserver domain: nicknym.cdev.bitmask.net port: 6425 -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - webapp @@ -199,29 +193,25 @@ ssh: ports: "60000:61000" port: 22 stunnel: - clients: - couch_client: - gadwall_5984: - accept_port: 4000 - connect: gadwall.cdev.bitmask.i - connect_port: 15984 - original_port: 5984 - servers: {} + couch_client: + gadwall_5984: + accept_port: 4000 + connect: gadwall.cdev.bitmask.i + connect_port: 15984 tags: - clientdev - dc webapp: admins: - - azul - elijah + - varac + - micah - kwadronaut - mcnair - meanderingcode - - micah - - varac + - azul allow_anonymous_certs: false allow_limited_certs: false - allow_registration: true allow_unlimited_certs: true api_version: 1 client_certificates: @@ -237,29 +227,16 @@ webapp: password: _CatyL3Ienc4wRrfPubrhyfYCFmCyt9t salt: 1c1dd6eb78f027414f1638bd6c902a5a username: webapp - customization_dir: /srv/leap/files/webapp/ + customization_dir: /etc/leap/files/webapp/ default_service_level: 1 domain: cdev.bitmask.net - engines: - - support - forbidden_usernames: - - admin - - administrator - - arin-admin - - certmaster - - contact - - info - - maildrop - - postmaster - - ssladmin - - www-data git: revision: origin/master source: "https://leap.se/git/leap_web" modules: + - user - billing - help - - user nagios_test_user: password: HpR8dKsLPnYXjQaHXfC3rP_dM3CpXKIL username: nagios_test @@ -572,4 +549,3 @@ x509: QJ+JGFsRME7FZQr9oetc7XefTczI1a0ENLiVTDeTgi4g2mqly3uSIg== -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/hiera/chameleon.yaml b/hiera/chameleon.yaml index ffccfeb..e7b07cd 100644 --- a/hiera/chameleon.yaml +++ b/hiera/chameleon.yaml @@ -137,10 +137,10 @@ development: site_config: true dns: aliases: - - api.unstable.bitmask.net - chameleon.unstable.bitmask.net - - nicknym.unstable.bitmask.net - unstable.bitmask.net + - api.unstable.bitmask.net + - nicknym.unstable.bitmask.net public: true domain: full: chameleon.unstable.bitmask.net @@ -151,15 +151,12 @@ domain: enabled: true environment: unstable haproxy: - couch: - listen_port: 4096 - servers: - panda: - backup: false - host: localhost - port: 4000 - weight: 100 - writable: true + servers: + panda: + backup: false + host: localhost + port: 4000 + weight: 100 hosts: ant: domain_full: ant.demo.bitmask.net @@ -184,12 +181,12 @@ hosts: clam: domain_full: clam.dev.bitmask.net domain_internal: clam.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDR+ZrQQ4ggDM5ZpNyoVmZJ3cQwzlfrTorWohEY0BAhLDuxpKR5U95Dam8xckh4tM2o0ZFkayVYLoW2s1hrD8Rt6AYVM6l7z5tSf/lIbWO++PAoIKSPJmSmg7kZs+P3Tafs0VjJh3Ypc2nmqvih+oRPSSdDUP7Dqumham5GGWVG/Y7UzukY7r1SeWdFW3fEvR+74/rCpWbSPgG5Fckp9FTy82JV7z+E+S+UHD1Dcgpimve4GGAbHVySNPI1khNHeTFuPJCgehwLOInCexXJO5gIcqyj4d3xABt84BGEHbzaSYDiUNZJep/dOddGt+xTZCzmmFtYcSjUZLR+wQCMFOeH" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMYfDEXXpRdNtIaa1aGLVqG/3laVEoLi4ujKAFKtsgOJqw6qd6Sph29Jyqb5SmXNqzebuVKbWmKogXia1wKnjUc=" ip_address: "176.53.69.22" deer: domain_full: deer.dev.bitmask.net domain_internal: deer.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDz1/VqEz2qDtR1lgUqhnS8G8wYaDwbB1lPsBhloyCFHuSKmr2DGjmVSVYKtmTXnQZhAuOQuME4RHiVgNPUAKOBGDTyA5eCdjUeguZm4CnZU0ISBj1iKSa1l7RHZDZmirC62f8OJ6Ma9Ls62BZN8Vy4T7v55qn5Ky+D+/XrDqlES3zTHoNWkR3Xn1JDZ1Ov20qvB2wdYRL6LStcB915BE1e56IrnOEq7ybg5h84Jtpx8fyq1Geynjoz3q3YUAQuhziawM6seQk+v7QUTGMHD/xyaRD/VZqGn65k4suin4OHb1gFysxf2xdwzEnhheItXZontQue5DgjE8GE/OlRCvdx" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBORp1ohUpy+qSPhgklCvujSTGeIsHdY9hBDJZimfeRZFq3ZuZvLltrvla8++BBTCskgEUdGtNivK9I0oCviyDeA=" ip_address: "202.85.227.195" demodex: domain_full: demodex.dev.bitmask.net @@ -199,12 +196,12 @@ hosts: elephant: domain_full: elephant.dev.bitmask.net domain_internal: elephant.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClpJntSyXlBMiHfmZ6xIo1NiNCgomVOWrkl3nH+9nzqimKWqikp2DlR6jWSMebTyyuy8rB/1lbj7/Z3AxNXjUoOpGpyKrE3viNYZie4Y4QDn3hFPMxHjoYcD/OerosFFZe8Byf0ExTQ4VPmzNKdcTJN/QFjWWZk5AElX2OLnpSYOOBUwiDQeAJkALMmInXYO/+IXeBsygYND8+KZb0qfLpvgPYa4t0p8WVuRS/c0o+dtATmc2HN6N1YxEnmuzx1h1UDO6k4PRNDbO8+U7zsGagEpMJmzGc+liJxwDCgLCieQAxriXWTpiqxJ55pDtLIJKONaNP2UsUai2b9xQ9NsNN" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOktOAJ7qxG2pC+qGVJTMNLMZGdhyInsuCX7phvQSTJxo2HNTUcSR/CJuLwsV0yqBVTmbrUNBCJS/n+x6bVqUeg=" ip_address: "176.53.69.13" elk: domain_full: elk.dev.bitmask.net domain_internal: elk.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDu95UcykhjBiamMLHpGqB1UrPScpihrfOvlX0yO4zTa3PoJy+tx06UNfZ5JZD5llsezZ5HifUANSQ0XFPeYr3Vf4wrbD59oilUQtNXyB8avXatipRljURp6Yb5w1/pputbuZSe8aqn1HMDrSkTILbaCSdF0y5vWvssU2eDmpaZMtNEgPvA39PHHgxLXno7aktMJ8Vc3Wvqm6aUiBURZILGPchnVHgiMZUNiwm/nx7eRkIv1OTOJwPRBAOzqZuKf3c6jemtAMpihlwq4hBl99f+mWe/Fpzy0pq+BkfCPCnOE9iXk9ELd7hl0MoLHMdjCoQeWdVVEm5gJTjx0iZCDdyF" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJxIofc6JyVvppMKv/hZnMZp/aYeEcy5kHAW1O1/ZkHnclc/cmxEQ2HtRNhMXziOrYZG/UB9NCEBkTFG2PG6XH8=" ip_address: "176.53.69.127" frog: domain_full: frog.bitmask.net @@ -254,12 +251,12 @@ hosts: snail: domain_full: snail.dev.bitmask.net domain_internal: snail.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8wxuY3ytE1h/XDKYUkcAwIoGjhWTOafRrziSbpIxwNmadSKPh/sv7kUweRexFdoh+H1uLVGmN/YEciZvq6L7HomH1eX00NamZBJyBE9018cNOfD4943Lqs+LIQDDNVis+4fVoOdyVco+Q1U/bnUQcbAa1eRZ4LzAm8pDDyzdtFGFJEeHt1xsqEqyHv5As6lNMwpgRGDUFUOZClyUc/2gvPWx6GReCuwyXNUYRt99eN+p+F3mjSk5n0dzRsi32Mo550pHHJxIlbnJifq15Q4DqVMBoYGHYWFHfDdjb5G9botPa3NF/7Db/yNQQ9EZPBOIDf135lgduK53OM5spDg9b" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK+IgHh5d/DYKrfzc8yGSBiNxFOg8vnTTfuykuQK3wO9F7Obzxuux/qlvHV1yPV0I9id72bduDfyfngMU5jqugY=" ip_address: "176.53.69.14" starfish: domain_full: starfish.dev.bitmask.net domain_internal: starfish.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYdKG2P28qWIzj497n8DaC50wPUUHDGg6qvSf64+qtfKGG6n1NNL4vrtO/mvOwLVCE7EqeQGzKD3V6/RyDECvKQK3bspMLE6E5MuH5cMKzlSKDZETtCMI/23UTRe8HXoQSZbwxtSFEA+p38M0yqqwysk5tna+Fo9ZatDgwRqOln1m9ny6ckxXMhpuc0s/7nbqLtHvhm22i70ghU5Hrjgz+/xI5IoL5e3vkDbAih1Jub+TdpmxnTKw53oWL2vzDxKstsmNm7GOeujPr5SDdVpxhzxfg/9JBtT59yiGm4C3sNC7LsceME2V77qSx9RIqVeWv/hvHjRqEFErIAMCl6UoB" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH7hjD8SIQshnCrMkin4MY6ff1QAJRusnMMsitiTc3+rpn5cCVW+ZB6+nwSKUyiXbD8l6wcL0CTxEZJGhYyfKc0=" ip_address: "176.53.69.23" thrips: domain_full: thrips.demo.bitmask.net @@ -269,7 +266,7 @@ hosts: urchin: domain_full: urchin.dev.bitmask.net domain_internal: urchin.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfU1/BwcAUPRHNffdxePpL15ME0shqsINsbyTbE3pcxwB+oUk0BO8Hk2rVU9WAvUXBRzKjjTNVbXz3lFv1cDsIIRmSewN5G2qR3KO2MAlEaOPZa9oy6vzoJ3i8r8SlESDFUZLkzWfTDtnvb7DlkYAZwaJ1LMhO7Ou3PDdxyWixmpE5cblCExoO55fmJMP9FmD6viqc2rfRKiNkb9W8uqiEBXEGG96QBnAwXGPD3THlfe7SWJeGGuvWsH9kUJIDAABb8GHdzquOYr2xvwyBnQNgWCbyI60umlNLFNlOuX3Q8s8bGcEcKtwb5mJIztBgITsyuzm7H+z/e+EGOU1G2I0r" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKuJ+QA8GaXfxxERGFQSznpqJNmIk4gNFp3UvqYvL9PLeFUP4DwwsyCWg24x1R7RkFE3P75Jcck6Q8JW8d9iQWo=" ip_address: "176.53.69.21" wallaby: domain_full: wallaby.demo.bitmask.net @@ -286,11 +283,6 @@ mail: smarthost: - octopus.unstable.bitmask.net nagios: - domains_internal: - - cdev.bitmask.i - - demo.bitmask.i - - dev.bitmask.i - - unstable.bitmask.i hosts: ant: domain_full_suffix: demo.bitmask.net @@ -311,8 +303,8 @@ nagios: domain_internal: chameleon.unstable.bitmask.i ip_address: "199.119.112.10" services: - - monitor - webapp + - monitor ssh_port: 4422 chipmonk: domain_full_suffix: cdev.bitmask.net @@ -473,13 +465,10 @@ nickserver: username: nickserver domain: nicknym.unstable.bitmask.net port: 6425 -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - - monitor - webapp + - monitor ssh: authorized_keys: azul: @@ -527,30 +516,26 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - clients: - couch_client: - panda_5984: - accept_port: 4000 - connect: panda.unstable.bitmask.i - connect_port: 15984 - original_port: 5984 - servers: {} + couch_client: + panda_5984: + accept_port: 4000 + connect: panda.unstable.bitmask.i + connect_port: 15984 tags: + - unstable - dc - sandbox-braintree - - unstable webapp: admins: - - azul - elijah + - varac + - micah - kwadronaut - mcnair - meanderingcode - - micah - - varac + - azul allow_anonymous_certs: false allow_limited_certs: false - allow_registration: true allow_unlimited_certs: true api_version: 1 billing: @@ -572,29 +557,16 @@ webapp: password: enfhmsmcLc3Az3GF6TFKwRk99Iqjm2ew salt: 478bf7e8ca879a9711b279055f00153e username: webapp - customization_dir: /srv/leap/files/webapp/ + customization_dir: /etc/leap/files/webapp/ default_service_level: 1 domain: unstable.bitmask.net - engines: - - support - forbidden_usernames: - - admin - - administrator - - arin-admin - - certmaster - - contact - - info - - maildrop - - postmaster - - ssladmin - - www-data git: revision: origin/develop source: "https://leap.se/git/leap_web" modules: + - user - billing - help - - user nagios_test_user: password: SvVjM5NCe2RF6XwTtZ7dGxAZ7E7KeSNS username: nagios_test @@ -908,4 +880,3 @@ x509: MXxW/683yhX/wP2WfhDpam3gZjAOmRUXjb4OmevRF2jlwLOJssykv7A= -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/hiera/chipmonk.yaml b/hiera/chipmonk.yaml index b2220e3..167f258 100644 --- a/hiera/chipmonk.yaml +++ b/hiera/chipmonk.yaml @@ -18,15 +18,12 @@ domain: enabled: true environment: clientdev haproxy: - couch: - listen_port: 4096 - servers: - gadwall: - backup: false - host: localhost - port: 4000 - weight: 100 - writable: true + servers: + gadwall: + backup: false + host: localhost + port: 4000 + weight: 100 hosts: chipmonk: domain_full: chipmonk.cdev.bitmask.net @@ -48,41 +45,38 @@ mail: smarthost: [] mynetworks: - "176.53.69.127" - - "176.53.69.13" - - "176.53.69.14" - - "176.53.69.21" - - "176.53.69.22" + - "199.119.112.9" + - "192.168.5.9" - "176.53.69.23" - - "192.168.5.10" - - "192.168.5.12" - - "192.168.5.16" - - "192.168.5.19" - - "192.168.5.23" - - "192.168.5.4" + - "199.119.112.5" - "192.168.5.5" - - "192.168.5.8" - - "192.168.5.9" - - "198.252.153.82" - - "198.252.153.83" - - "198.252.153.85" + - "176.53.69.21" + - "204.13.164.171" - "199.119.112.10" + - "192.168.5.10" + - "198.252.153.83" - "199.119.112.12" + - "192.168.5.12" + - "204.13.164.162" + - "198.252.153.82" - "199.119.112.16" + - "192.168.5.16" + - "204.13.164.57" + - "176.53.69.14" - "199.119.112.19" + - "192.168.5.19" + - "176.53.69.13" + - "202.85.227.195" - "199.119.112.23" + - "192.168.5.23" + - "85.17.92.143" + - "176.53.69.22" - "199.119.112.4" - - "199.119.112.5" + - "192.168.5.4" + - "198.252.153.85" - "199.119.112.8" - - "199.119.112.9" - - "202.85.227.195" - - "204.13.164.162" - - "204.13.164.171" - - "204.13.164.57" - - "85.17.92.143" + - "192.168.5.8" name: chipmonk -platform: - major_version: "0.6" - version: "0.6" service_type: user_service services: - mx @@ -123,14 +117,11 @@ ssh: ports: "60000:61000" port: 22 stunnel: - clients: - couch_client: - gadwall_5984: - accept_port: 4000 - connect: gadwall.cdev.bitmask.i - connect_port: 15984 - original_port: 5984 - servers: {} + couch_client: + gadwall_5984: + accept_port: 4000 + connect: gadwall.cdev.bitmask.i + connect_port: 15984 tags: - clientdev - dc @@ -435,4 +426,3 @@ x509: c9OAySi7JcI0Pl9/ilUtc53EpsalTEaN3uuFlQoL8A8OKxabskS9bw== -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/hiera/clam.yaml b/hiera/clam.yaml index 599f9f2..a227516 100644 --- a/hiera/clam.yaml +++ b/hiera/clam.yaml @@ -26,8 +26,8 @@ couch: salt: 70bcff5aeb5a7ed22a96a4b43790965f username: nickserver replication: - password: _mVfcIyFV_vfRFUvpNmAWYn_9KUxJ7Pv - salt: b53363c123da0677255bd93ec1627db7 + password: B7LFWg7x7AQRIXdxGmsd4MjfQISB_EZj + salt: 868afc4ca18138cc256f57ff2a3c99a5 username: replication soledad: password: PgrbUREhqBGY4r4XIXQEgkk3jTH4sEJA @@ -59,22 +59,22 @@ hosts: clam: domain_full: clam.dev.bitmask.net domain_internal: clam.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDR+ZrQQ4ggDM5ZpNyoVmZJ3cQwzlfrTorWohEY0BAhLDuxpKR5U95Dam8xckh4tM2o0ZFkayVYLoW2s1hrD8Rt6AYVM6l7z5tSf/lIbWO++PAoIKSPJmSmg7kZs+P3Tafs0VjJh3Ypc2nmqvih+oRPSSdDUP7Dqumham5GGWVG/Y7UzukY7r1SeWdFW3fEvR+74/rCpWbSPgG5Fckp9FTy82JV7z+E+S+UHD1Dcgpimve4GGAbHVySNPI1khNHeTFuPJCgehwLOInCexXJO5gIcqyj4d3xABt84BGEHbzaSYDiUNZJep/dOddGt+xTZCzmmFtYcSjUZLR+wQCMFOeH" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMYfDEXXpRdNtIaa1aGLVqG/3laVEoLi4ujKAFKtsgOJqw6qd6Sph29Jyqb5SmXNqzebuVKbWmKogXia1wKnjUc=" ip_address: "176.53.69.22" elk: domain_full: elk.dev.bitmask.net domain_internal: elk.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDu95UcykhjBiamMLHpGqB1UrPScpihrfOvlX0yO4zTa3PoJy+tx06UNfZ5JZD5llsezZ5HifUANSQ0XFPeYr3Vf4wrbD59oilUQtNXyB8avXatipRljURp6Yb5w1/pputbuZSe8aqn1HMDrSkTILbaCSdF0y5vWvssU2eDmpaZMtNEgPvA39PHHgxLXno7aktMJ8Vc3Wvqm6aUiBURZILGPchnVHgiMZUNiwm/nx7eRkIv1OTOJwPRBAOzqZuKf3c6jemtAMpihlwq4hBl99f+mWe/Fpzy0pq+BkfCPCnOE9iXk9ELd7hl0MoLHMdjCoQeWdVVEm5gJTjx0iZCDdyF" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJxIofc6JyVvppMKv/hZnMZp/aYeEcy5kHAW1O1/ZkHnclc/cmxEQ2HtRNhMXziOrYZG/UB9NCEBkTFG2PG6XH8=" ip_address: "176.53.69.127" starfish: domain_full: starfish.dev.bitmask.net domain_internal: starfish.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYdKG2P28qWIzj497n8DaC50wPUUHDGg6qvSf64+qtfKGG6n1NNL4vrtO/mvOwLVCE7EqeQGzKD3V6/RyDECvKQK3bspMLE6E5MuH5cMKzlSKDZETtCMI/23UTRe8HXoQSZbwxtSFEA+p38M0yqqwysk5tna+Fo9ZatDgwRqOln1m9ny6ckxXMhpuc0s/7nbqLtHvhm22i70ghU5Hrjgz+/xI5IoL5e3vkDbAih1Jub+TdpmxnTKw53oWL2vzDxKstsmNm7GOeujPr5SDdVpxhzxfg/9JBtT59yiGm4C3sNC7LsceME2V77qSx9RIqVeWv/hvHjRqEFErIAMCl6UoB" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH7hjD8SIQshnCrMkin4MY6ff1QAJRusnMMsitiTc3+rpn5cCVW+ZB6+nwSKUyiXbD8l6wcL0CTxEZJGhYyfKc0=" ip_address: "176.53.69.23" urchin: domain_full: urchin.dev.bitmask.net domain_internal: urchin.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfU1/BwcAUPRHNffdxePpL15ME0shqsINsbyTbE3pcxwB+oUk0BO8Hk2rVU9WAvUXBRzKjjTNVbXz3lFv1cDsIIRmSewN5G2qR3KO2MAlEaOPZa9oy6vzoJ3i8r8SlESDFUZLkzWfTDtnvb7DlkYAZwaJ1LMhO7Ou3PDdxyWixmpE5cblCExoO55fmJMP9FmD6viqc2rfRKiNkb9W8uqiEBXEGG96QBnAwXGPD3THlfe7SWJeGGuvWsH9kUJIDAABb8GHdzquOYr2xvwyBnQNgWCbyI60umlNLFNlOuX3Q8s8bGcEcKtwb5mJIztBgITsyuzm7H+z/e+EGOU1G2I0r" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKuJ+QA8GaXfxxERGFQSznpqJNmIk4gNFp3UvqYvL9PLeFUP4DwwsyCWg24x1R7RkFE3P75Jcck6Q8JW8d9iQWo=" ip_address: "176.53.69.21" ip_address: "176.53.69.22" location: diff --git a/hiera/couch1.yaml b/hiera/couch1.yaml index f0de356..0aef52d 100644 --- a/hiera/couch1.yaml +++ b/hiera/couch1.yaml @@ -8,8 +8,6 @@ couch: epmd_port: 4369 neighbors: - couch2.bitmask.net - master: false - mode: multimaster port: 5984 users: admin: @@ -24,10 +22,6 @@ couch: password: bJFrsP5dXGuegQIT5jZXMYMITpT5w5YR salt: 73567fc12c27a79152620084e97b4fba username: nickserver - replication: - password: fbZMru8SZ9UhaHXYRW2f9RVCjJmBwBuJ - salt: b2716ac90f4e9dd7b2a088d2765ae374 - username: replication soledad: password: E9at8FUjuxTEJEPEvACk9DWjWnR5rbKp salt: e2b6fa1a29b1afbe1ea4a3f7ec5bacc7 @@ -73,9 +67,6 @@ mail: smarthost: - mx1.bitmask.net name: couch1 -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - couchdb @@ -125,29 +116,25 @@ ssh: ports: "60000:61000" port: 22 stunnel: - clients: - ednp_clients: - couch2_9002: - accept_port: 4001 - connect: couch2.bitmask.i - connect_port: 19002 - original_port: 9002 - epmd_clients: - couch2_4369: - accept_port: 4000 - connect: couch2.bitmask.i - connect_port: 14369 - original_port: 4369 - servers: - couch_server: - accept_port: 15984 - connect_port: 5984 - ednp_server: - accept_port: 19002 - connect_port: 9002 - epmd_server: - accept_port: 14369 - connect_port: 4369 + couch_server: + accept: 15984 + connect: "127.0.0.1:5984" + ednp_clients: + couch2_9002: + accept_port: 4001 + connect: couch2.bitmask.i + connect_port: 19002 + ednp_server: + accept: 19002 + connect: "127.0.0.1:9002" + epmd_clients: + couch2_4369: + accept_port: 4000 + connect: couch2.bitmask.i + connect_port: 14369 + epmd_server: + accept: 14369 + connect: "127.0.0.1:4369" tags: - local x509: @@ -212,9 +199,6 @@ x509: 7AQ/LsmCL5K6F5OqPAUMwc7w1Jp2CSq0sqBSuyjq5Xaom2eQcRD02c1pcLfJwWRS iEbJwlSbPVGpScfRfoaOlyiH96btwnWvaIBgf3Ii7dLTSc2EIO5s -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEAzGNOpJbUz6hQrWmBUgfJPzYfVZhDeEJAalXuuXxlVU1wlsSG @@ -244,4 +228,3 @@ x509: SeSdWAYGKZZAMSQInihge20dMu1TgS7R0ijeAf4LaoMEq3AOkXMf -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/couch2.yaml b/hiera/couch2.yaml index c08b592..5b84310 100644 --- a/hiera/couch2.yaml +++ b/hiera/couch2.yaml @@ -8,8 +8,6 @@ couch: epmd_port: 4369 neighbors: - couch1.bitmask.net - master: false - mode: multimaster port: 5984 users: admin: @@ -24,10 +22,6 @@ couch: password: bJFrsP5dXGuegQIT5jZXMYMITpT5w5YR salt: 73567fc12c27a79152620084e97b4fba username: nickserver - replication: - password: fbZMru8SZ9UhaHXYRW2f9RVCjJmBwBuJ - salt: b2716ac90f4e9dd7b2a088d2765ae374 - username: replication soledad: password: E9at8FUjuxTEJEPEvACk9DWjWnR5rbKp salt: e2b6fa1a29b1afbe1ea4a3f7ec5bacc7 @@ -73,9 +67,6 @@ mail: smarthost: - mx1.bitmask.net name: couch2 -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - couchdb @@ -125,29 +116,25 @@ ssh: ports: "60000:61000" port: 22 stunnel: - clients: - ednp_clients: - couch1_9002: - accept_port: 4001 - connect: couch1.bitmask.i - connect_port: 19002 - original_port: 9002 - epmd_clients: - couch1_4369: - accept_port: 4000 - connect: couch1.bitmask.i - connect_port: 14369 - original_port: 4369 - servers: - couch_server: - accept_port: 15984 - connect_port: 5984 - ednp_server: - accept_port: 19002 - connect_port: 9002 - epmd_server: - accept_port: 14369 - connect_port: 4369 + couch_server: + accept: 15984 + connect: "127.0.0.1:5984" + ednp_clients: + couch1_9002: + accept_port: 4001 + connect: couch1.bitmask.i + connect_port: 19002 + ednp_server: + accept: 19002 + connect: "127.0.0.1:9002" + epmd_clients: + couch1_4369: + accept_port: 4000 + connect: couch1.bitmask.i + connect_port: 14369 + epmd_server: + accept: 14369 + connect: "127.0.0.1:4369" tags: - local x509: @@ -212,9 +199,6 @@ x509: zXhBGqCxzoUZSCaxmCIeRBe18GoWRM0JZnpBbi4K3r3ZOIjzoEUK3L6e0tRkJCNc GXE33HbYQAtwidqDCHrb0LLWJjLeI/10avzPtGr/rqVKYufTRq1b -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEpQIBAAKCAQEAse0pV7xCoGB/dvqmIlc8nY+9/TaKtp/2qfCWAE4fa49vP3NU @@ -244,4 +228,3 @@ x509: balQCbIbD77nO3413Tdg3G0mj6826wrJI4j0jvHk1HU53C7bkaL1dxo= -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/elephant.yaml b/hiera/elephant.yaml index df601fe..64c4ffa 100644 --- a/hiera/elephant.yaml +++ b/hiera/elephant.yaml @@ -182,22 +182,22 @@ hosts: clam: domain_full: clam.dev.bitmask.net domain_internal: clam.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDR+ZrQQ4ggDM5ZpNyoVmZJ3cQwzlfrTorWohEY0BAhLDuxpKR5U95Dam8xckh4tM2o0ZFkayVYLoW2s1hrD8Rt6AYVM6l7z5tSf/lIbWO++PAoIKSPJmSmg7kZs+P3Tafs0VjJh3Ypc2nmqvih+oRPSSdDUP7Dqumham5GGWVG/Y7UzukY7r1SeWdFW3fEvR+74/rCpWbSPgG5Fckp9FTy82JV7z+E+S+UHD1Dcgpimve4GGAbHVySNPI1khNHeTFuPJCgehwLOInCexXJO5gIcqyj4d3xABt84BGEHbzaSYDiUNZJep/dOddGt+xTZCzmmFtYcSjUZLR+wQCMFOeH" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMYfDEXXpRdNtIaa1aGLVqG/3laVEoLi4ujKAFKtsgOJqw6qd6Sph29Jyqb5SmXNqzebuVKbWmKogXia1wKnjUc=" ip_address: "176.53.69.22" elk: domain_full: elk.dev.bitmask.net domain_internal: elk.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDu95UcykhjBiamMLHpGqB1UrPScpihrfOvlX0yO4zTa3PoJy+tx06UNfZ5JZD5llsezZ5HifUANSQ0XFPeYr3Vf4wrbD59oilUQtNXyB8avXatipRljURp6Yb5w1/pputbuZSe8aqn1HMDrSkTILbaCSdF0y5vWvssU2eDmpaZMtNEgPvA39PHHgxLXno7aktMJ8Vc3Wvqm6aUiBURZILGPchnVHgiMZUNiwm/nx7eRkIv1OTOJwPRBAOzqZuKf3c6jemtAMpihlwq4hBl99f+mWe/Fpzy0pq+BkfCPCnOE9iXk9ELd7hl0MoLHMdjCoQeWdVVEm5gJTjx0iZCDdyF" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJxIofc6JyVvppMKv/hZnMZp/aYeEcy5kHAW1O1/ZkHnclc/cmxEQ2HtRNhMXziOrYZG/UB9NCEBkTFG2PG6XH8=" ip_address: "176.53.69.127" starfish: domain_full: starfish.dev.bitmask.net domain_internal: starfish.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYdKG2P28qWIzj497n8DaC50wPUUHDGg6qvSf64+qtfKGG6n1NNL4vrtO/mvOwLVCE7EqeQGzKD3V6/RyDECvKQK3bspMLE6E5MuH5cMKzlSKDZETtCMI/23UTRe8HXoQSZbwxtSFEA+p38M0yqqwysk5tna+Fo9ZatDgwRqOln1m9ny6ckxXMhpuc0s/7nbqLtHvhm22i70ghU5Hrjgz+/xI5IoL5e3vkDbAih1Jub+TdpmxnTKw53oWL2vzDxKstsmNm7GOeujPr5SDdVpxhzxfg/9JBtT59yiGm4C3sNC7LsceME2V77qSx9RIqVeWv/hvHjRqEFErIAMCl6UoB" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH7hjD8SIQshnCrMkin4MY6ff1QAJRusnMMsitiTc3+rpn5cCVW+ZB6+nwSKUyiXbD8l6wcL0CTxEZJGhYyfKc0=" ip_address: "176.53.69.23" urchin: domain_full: urchin.dev.bitmask.net domain_internal: urchin.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfU1/BwcAUPRHNffdxePpL15ME0shqsINsbyTbE3pcxwB+oUk0BO8Hk2rVU9WAvUXBRzKjjTNVbXz3lFv1cDsIIRmSewN5G2qR3KO2MAlEaOPZa9oy6vzoJ3i8r8SlESDFUZLkzWfTDtnvb7DlkYAZwaJ1LMhO7Ou3PDdxyWixmpE5cblCExoO55fmJMP9FmD6viqc2rfRKiNkb9W8uqiEBXEGG96QBnAwXGPD3THlfe7SWJeGGuvWsH9kUJIDAABb8GHdzquOYr2xvwyBnQNgWCbyI60umlNLFNlOuX3Q8s8bGcEcKtwb5mJIztBgITsyuzm7H+z/e+EGOU1G2I0r" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKuJ+QA8GaXfxxERGFQSznpqJNmIk4gNFp3UvqYvL9PLeFUP4DwwsyCWg24x1R7RkFE3P75Jcck6Q8JW8d9iQWo=" ip_address: "176.53.69.21" ip_address: "176.53.69.13" location: diff --git a/hiera/elk.yaml b/hiera/elk.yaml index 2266138..3318434 100644 --- a/hiera/elk.yaml +++ b/hiera/elk.yaml @@ -26,8 +26,8 @@ couch: salt: 70bcff5aeb5a7ed22a96a4b43790965f username: nickserver replication: - password: _mVfcIyFV_vfRFUvpNmAWYn_9KUxJ7Pv - salt: b53363c123da0677255bd93ec1627db7 + password: B7LFWg7x7AQRIXdxGmsd4MjfQISB_EZj + salt: 868afc4ca18138cc256f57ff2a3c99a5 username: replication soledad: password: PgrbUREhqBGY4r4XIXQEgkk3jTH4sEJA @@ -59,22 +59,22 @@ hosts: clam: domain_full: clam.dev.bitmask.net domain_internal: clam.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDR+ZrQQ4ggDM5ZpNyoVmZJ3cQwzlfrTorWohEY0BAhLDuxpKR5U95Dam8xckh4tM2o0ZFkayVYLoW2s1hrD8Rt6AYVM6l7z5tSf/lIbWO++PAoIKSPJmSmg7kZs+P3Tafs0VjJh3Ypc2nmqvih+oRPSSdDUP7Dqumham5GGWVG/Y7UzukY7r1SeWdFW3fEvR+74/rCpWbSPgG5Fckp9FTy82JV7z+E+S+UHD1Dcgpimve4GGAbHVySNPI1khNHeTFuPJCgehwLOInCexXJO5gIcqyj4d3xABt84BGEHbzaSYDiUNZJep/dOddGt+xTZCzmmFtYcSjUZLR+wQCMFOeH" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMYfDEXXpRdNtIaa1aGLVqG/3laVEoLi4ujKAFKtsgOJqw6qd6Sph29Jyqb5SmXNqzebuVKbWmKogXia1wKnjUc=" ip_address: "176.53.69.22" elk: domain_full: elk.dev.bitmask.net domain_internal: elk.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDu95UcykhjBiamMLHpGqB1UrPScpihrfOvlX0yO4zTa3PoJy+tx06UNfZ5JZD5llsezZ5HifUANSQ0XFPeYr3Vf4wrbD59oilUQtNXyB8avXatipRljURp6Yb5w1/pputbuZSe8aqn1HMDrSkTILbaCSdF0y5vWvssU2eDmpaZMtNEgPvA39PHHgxLXno7aktMJ8Vc3Wvqm6aUiBURZILGPchnVHgiMZUNiwm/nx7eRkIv1OTOJwPRBAOzqZuKf3c6jemtAMpihlwq4hBl99f+mWe/Fpzy0pq+BkfCPCnOE9iXk9ELd7hl0MoLHMdjCoQeWdVVEm5gJTjx0iZCDdyF" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJxIofc6JyVvppMKv/hZnMZp/aYeEcy5kHAW1O1/ZkHnclc/cmxEQ2HtRNhMXziOrYZG/UB9NCEBkTFG2PG6XH8=" ip_address: "176.53.69.127" starfish: domain_full: starfish.dev.bitmask.net domain_internal: starfish.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYdKG2P28qWIzj497n8DaC50wPUUHDGg6qvSf64+qtfKGG6n1NNL4vrtO/mvOwLVCE7EqeQGzKD3V6/RyDECvKQK3bspMLE6E5MuH5cMKzlSKDZETtCMI/23UTRe8HXoQSZbwxtSFEA+p38M0yqqwysk5tna+Fo9ZatDgwRqOln1m9ny6ckxXMhpuc0s/7nbqLtHvhm22i70ghU5Hrjgz+/xI5IoL5e3vkDbAih1Jub+TdpmxnTKw53oWL2vzDxKstsmNm7GOeujPr5SDdVpxhzxfg/9JBtT59yiGm4C3sNC7LsceME2V77qSx9RIqVeWv/hvHjRqEFErIAMCl6UoB" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH7hjD8SIQshnCrMkin4MY6ff1QAJRusnMMsitiTc3+rpn5cCVW+ZB6+nwSKUyiXbD8l6wcL0CTxEZJGhYyfKc0=" ip_address: "176.53.69.23" urchin: domain_full: urchin.dev.bitmask.net domain_internal: urchin.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfU1/BwcAUPRHNffdxePpL15ME0shqsINsbyTbE3pcxwB+oUk0BO8Hk2rVU9WAvUXBRzKjjTNVbXz3lFv1cDsIIRmSewN5G2qR3KO2MAlEaOPZa9oy6vzoJ3i8r8SlESDFUZLkzWfTDtnvb7DlkYAZwaJ1LMhO7Ou3PDdxyWixmpE5cblCExoO55fmJMP9FmD6viqc2rfRKiNkb9W8uqiEBXEGG96QBnAwXGPD3THlfe7SWJeGGuvWsH9kUJIDAABb8GHdzquOYr2xvwyBnQNgWCbyI60umlNLFNlOuX3Q8s8bGcEcKtwb5mJIztBgITsyuzm7H+z/e+EGOU1G2I0r" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKuJ+QA8GaXfxxERGFQSznpqJNmIk4gNFp3UvqYvL9PLeFUP4DwwsyCWg24x1R7RkFE3P75Jcck6Q8JW8d9iQWo=" ip_address: "176.53.69.21" ip_address: "176.53.69.127" location: diff --git a/hiera/frog.yaml b/hiera/frog.yaml index 3c880d9..bfa81a1 100644 --- a/hiera/frog.yaml +++ b/hiera/frog.yaml @@ -19,9 +19,6 @@ location: ~ mail: smarthost: [] name: frog -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - static @@ -327,9 +324,6 @@ static: tls_only: true formats: - amber -stunnel: - clients: {} - servers: {} tags: - production x509: @@ -394,9 +388,6 @@ x509: do1tnppn3G1Y2EW18zztBS+pykt5+kFJdDAfC5tL3SNh2er+croopzn/pg7NMaS8 7ri/3hdHttbqDQjAxbQPl1CkpyxgKbQQyPVXAMfm1xUVtw== -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEpQIBAAKCAQEAw7CiUKaxU165suQ0h2/r3qWePJ6M7AE2rVNgQSi3w0EmYlKi @@ -426,4 +417,3 @@ x509: F0ZIjOlu8zvQIl+L9tpmtEELTG+8LMyycvh0bPq9baY/LhTvnFKzMHE= -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/gadwall.yaml b/hiera/gadwall.yaml index 9c8ad77..096acff 100644 --- a/hiera/gadwall.yaml +++ b/hiera/gadwall.yaml @@ -7,8 +7,6 @@ couch: ednp_port: 9002 epmd_port: 4369 neighbors: [] - master: false - mode: multimaster port: 5984 users: admin: @@ -23,10 +21,6 @@ couch: password: vjJAZqxPL4BeGKAEUVuBVK5MIba_aIY5 salt: eab38a050b5eb2569549f8e50cab9034 username: nickserver - replication: - password: gxbjRLwwDW5bQQx9MpbjNaqF_KdMbCng - salt: 751525d259cb7ec8e536b7caa21bb23c - username: replication soledad: password: MrUyYGnT_44NUyBAm46L3GCLPHKVZ_De salt: ac15331e0c098126e04ecf7a21045079 @@ -74,9 +68,6 @@ mail: smarthost: - chipmonk.cdev.bitmask.net name: gadwall -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - couchdb @@ -125,19 +116,17 @@ ssh: ports: "60000:61000" port: 22 stunnel: - clients: - ednp_clients: {} - epmd_clients: {} - servers: - couch_server: - accept_port: 15984 - connect_port: 5984 - ednp_server: - accept_port: 19002 - connect_port: 9002 - epmd_server: - accept_port: 14369 - connect_port: 4369 + couch_server: + accept: 15984 + connect: "127.0.0.1:5984" + ednp_clients: {} + ednp_server: + accept: 19002 + connect: "127.0.0.1:9002" + epmd_clients: {} + epmd_server: + accept: 14369 + connect: "127.0.0.1:4369" tags: - clientdev - dc @@ -204,9 +193,6 @@ x509: jAR3FCr8Vvm4UoDbxvF4jeg+6Bd1D1Pz5lsMd5q/LHSk8nuTB+y2B6x96Q9/VkNc 14teuyf5AarZxA== -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEA0Jt1sr/RTOJ8ue70yqv2qLeo4mAVPaZsGgtkh6l5eMrTGCOH @@ -236,4 +222,3 @@ x509: C917/dIQt48xJFBcX1oRHcFoakIVB4+h41Bc8mS09cR29Og8+JPP -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/hippo.yaml b/hiera/hippo.yaml index bea7963..0a6adec 100644 --- a/hiera/hippo.yaml +++ b/hiera/hippo.yaml @@ -24,11 +24,6 @@ mail: smarthost: - leech.demo.bitmask.net name: hippo -obfsproxy: - gateway_address: "85.17.92.167" - scramblesuit: - password: ONLW2MTQJJ4HUU3WGNVEC42JIF4XEWDS - port: 18943 openvpn: adblock: false allow_limited: false @@ -51,9 +46,6 @@ openvpn: second_gateway_address: ~ unlimited_prefix: UNLIMITED user_ips: false -platform: - major_version: "0.6" - version: "0.6" service_type: user_service services: - openvpn @@ -94,23 +86,14 @@ ssh: enabled: true ports: "60000:61000" port: 4422 -stunnel: - clients: {} - servers: {} tags: - - amsterdam - demo + - amsterdam tor: bandwidth_rate: 100 contacts: - sysdev@leap.se family: "deeruSaR9IekHdQGUGI,hippobagtc8Z3KPmfnT" - hidden_service: - active: ~ - address: ~ - key_type: RSA - private_key: ~ - public_key: ~ nickname: hippobagtc8Z3KPmfnT x509: ca_cert: | @@ -209,9 +192,6 @@ x509: xIAokTRYLx/6lq8bwelCPGVjy7EsGXt9aN+gMb4R3L9vA/NQrXu+dmCJKPE1vUHF gkVBxxt/s0R2aKM= -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ dh: | -----BEGIN DH PARAMETERS----- MIIBngKCAZcAsTaQV6TwbN9PpD6dYdXz0lA0drrXLRvS8rNoMTaDnIv134RwKwsb @@ -253,4 +233,3 @@ x509: Dqxr7d6Ded5Witr98xqbbXZLkwf/iUHAwT9xTnFD+2mfRIwN3ifYSA== -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/leech.yaml b/hiera/leech.yaml index a058197..a068eae 100644 --- a/hiera/leech.yaml +++ b/hiera/leech.yaml @@ -18,21 +18,17 @@ domain: enabled: true environment: demo haproxy: - couch: - listen_port: 4096 - servers: - ant: - backup: false - host: localhost - port: 4000 - weight: 100 - writable: true - thrips: - backup: false - host: localhost - port: 4001 - weight: 100 - writable: true + servers: + ant: + backup: false + host: localhost + port: 4000 + weight: 100 + thrips: + backup: false + host: localhost + port: 4001 + weight: 100 hosts: ant: domain_full: ant.demo.bitmask.net @@ -59,41 +55,38 @@ mail: smarthost: [] mynetworks: - "176.53.69.127" - - "176.53.69.13" - - "176.53.69.14" - - "176.53.69.21" - - "176.53.69.22" + - "199.119.112.9" + - "192.168.5.9" - "176.53.69.23" - - "192.168.5.10" - - "192.168.5.12" - - "192.168.5.16" - - "192.168.5.19" - - "192.168.5.23" - - "192.168.5.4" + - "199.119.112.5" - "192.168.5.5" - - "192.168.5.8" - - "192.168.5.9" - - "198.252.153.82" - - "198.252.153.83" - - "198.252.153.85" + - "176.53.69.21" + - "204.13.164.171" - "199.119.112.10" + - "192.168.5.10" + - "198.252.153.83" - "199.119.112.12" + - "192.168.5.12" + - "204.13.164.162" + - "198.252.153.82" - "199.119.112.16" + - "192.168.5.16" + - "204.13.164.57" + - "176.53.69.14" - "199.119.112.19" + - "192.168.5.19" + - "176.53.69.13" + - "202.85.227.195" - "199.119.112.23" + - "192.168.5.23" + - "85.17.92.143" + - "176.53.69.22" - "199.119.112.4" - - "199.119.112.5" + - "192.168.5.4" + - "198.252.153.85" - "199.119.112.8" - - "199.119.112.9" - - "202.85.227.195" - - "204.13.164.162" - - "204.13.164.171" - - "204.13.164.57" - - "85.17.92.143" + - "192.168.5.8" name: leech -platform: - major_version: "0.6" - version: "0.6" service_type: user_service services: - mx @@ -134,19 +127,15 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - clients: - couch_client: - ant_5984: - accept_port: 4000 - connect: ant.demo.bitmask.i - connect_port: 15984 - original_port: 5984 - thrips_5984: - accept_port: 4001 - connect: thrips.demo.bitmask.i - connect_port: 15984 - original_port: 5984 - servers: {} + couch_client: + ant_5984: + accept_port: 4000 + connect: ant.demo.bitmask.i + connect_port: 15984 + thrips_5984: + accept_port: 4001 + connect: thrips.demo.bitmask.i + connect_port: 15984 tags: - demo - seattle @@ -573,4 +562,3 @@ x509: aqXFA4DlcGkygA40hl2lB5NJbQVSHXXjgpAb395dasMyH8cblC34Lw== -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/hiera/millipede.yaml b/hiera/millipede.yaml index 3ca1ee0..6fdbf6b 100644 --- a/hiera/millipede.yaml +++ b/hiera/millipede.yaml @@ -24,11 +24,6 @@ mail: smarthost: - leech.demo.bitmask.net name: millipede -obfsproxy: - gateway_address: "198.252.153.84" - scramblesuit: - password: JFEV6NCYIV3FMV2CIZBVMNDCPJDUGUKE - port: 19538 openvpn: adblock: false allow_limited: false @@ -51,9 +46,6 @@ openvpn: second_gateway_address: ~ unlimited_prefix: UNLIMITED user_ips: false -platform: - major_version: "0.6" - version: "0.6" service_type: user_service services: - openvpn @@ -93,9 +85,6 @@ ssh: enabled: true ports: "60000:61000" port: 4422 -stunnel: - clients: {} - servers: {} tags: - demo - seattle @@ -196,9 +185,6 @@ x509: xIAokTRYLx/6lq8bwelCPGVjy7EsGXt9aN+gMb4R3L9vA/NQrXu+dmCJKPE1vUHF gkVBxxt/s0R2aKM= -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ dh: | -----BEGIN DH PARAMETERS----- MIIBngKCAZcAsTaQV6TwbN9PpD6dYdXz0lA0drrXLRvS8rNoMTaDnIv134RwKwsb @@ -240,4 +226,3 @@ x509: WVHhd08IF7vrVOiHIn3TeXsSRV+RR079ikzCTc7ueaZhHMlg/p0= -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/monitor1.yaml b/hiera/monitor1.yaml index 9071644..3893d12 100644 --- a/hiera/monitor1.yaml +++ b/hiera/monitor1.yaml @@ -52,11 +52,6 @@ mail: smarthost: - mx1.bitmask.net nagios: - domains_internal: - - cdev.bitmask.i - - demo.bitmask.i - - dev.bitmask.i - - unstable.bitmask.i hosts: couch1: domain_full_suffix: bitmask.net @@ -118,9 +113,6 @@ nagios: ssh_port: 22 nagiosadmin_pw: Y_uRtQby7LtwXxFRhIv_qVVrwWHzYrQq name: monitor1 -platform: - major_version: "0.6" - version: "0.6" service_type: internal_service services: - monitor @@ -171,9 +163,6 @@ ssh: enabled: true ports: "60000:61000" port: 22 -stunnel: - clients: {} - servers: {} tags: - local x509: @@ -598,4 +587,3 @@ x509: exVX87n7WqrJ9tG9aM0KVRNONhucBKICpzmPCCeFWsehWImIlsfn4nda -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/hiera/mx1.yaml b/hiera/mx1.yaml index 9bf16bc..37d5ce6 100644 --- a/hiera/mx1.yaml +++ b/hiera/mx1.yaml @@ -18,21 +18,17 @@ domain: enabled: true environment: local haproxy: - couch: - listen_port: 4096 - servers: - couch1: - backup: false - host: localhost - port: 4000 - weight: 10 - writable: true - couch2: - backup: false - host: localhost - port: 4001 - weight: 10 - writable: true + servers: + couch1: + backup: false + host: localhost + port: 4000 + weight: 10 + couch2: + backup: false + host: localhost + port: 4001 + weight: 10 hosts: couch1: domain_full: couch1.bitmask.net @@ -52,41 +48,38 @@ mail: smarthost: [] mynetworks: - "176.53.69.127" - - "176.53.69.13" - - "176.53.69.14" - - "176.53.69.21" - - "176.53.69.22" + - "199.119.112.9" + - "192.168.5.9" - "176.53.69.23" - - "192.168.5.10" - - "192.168.5.12" - - "192.168.5.16" - - "192.168.5.19" - - "192.168.5.23" - - "192.168.5.4" + - "199.119.112.5" - "192.168.5.5" - - "192.168.5.8" - - "192.168.5.9" - - "198.252.153.82" - - "198.252.153.83" - - "198.252.153.85" + - "176.53.69.21" + - "204.13.164.171" - "199.119.112.10" + - "192.168.5.10" + - "198.252.153.83" - "199.119.112.12" + - "192.168.5.12" + - "204.13.164.162" + - "198.252.153.82" - "199.119.112.16" + - "192.168.5.16" + - "204.13.164.57" + - "176.53.69.14" - "199.119.112.19" + - "192.168.5.19" + - "176.53.69.13" + - "202.85.227.195" - "199.119.112.23" + - "192.168.5.23" + - "85.17.92.143" + - "176.53.69.22" - "199.119.112.4" - - "199.119.112.5" + - "192.168.5.4" + - "198.252.153.85" - "199.119.112.8" - - "199.119.112.9" - - "202.85.227.195" - - "204.13.164.162" - - "204.13.164.171" - - "204.13.164.57" - - "85.17.92.143" + - "192.168.5.8" name: mx1 -platform: - major_version: "0.6" - version: "0.6" service_type: user_service services: - mx @@ -128,19 +121,15 @@ ssh: ports: "60000:61000" port: 22 stunnel: - clients: - couch_client: - couch1_5984: - accept_port: 4000 - connect: couch1.bitmask.i - connect_port: 15984 - original_port: 5984 - couch2_5984: - accept_port: 4001 - connect: couch2.bitmask.i - connect_port: 15984 - original_port: 5984 - servers: {} + couch_client: + couch1_5984: + accept_port: 4000 + connect: couch1.bitmask.i + connect_port: 15984 + couch2_5984: + accept_port: 4001 + connect: couch2.bitmask.i + connect_port: 15984 tags: - local x509: @@ -565,4 +554,3 @@ x509: ZxgCM4SPY7CPwZOXfXvV3suBehvJ1FJIWGz45wJAeBvH+sHIlTi4cw== -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/hiera/octopus.yaml b/hiera/octopus.yaml index 5843f10..8512f0c 100644 --- a/hiera/octopus.yaml +++ b/hiera/octopus.yaml @@ -18,15 +18,12 @@ domain: enabled: true environment: unstable haproxy: - couch: - listen_port: 4096 - servers: - panda: - backup: false - host: localhost - port: 4000 - weight: 100 - writable: true + servers: + panda: + backup: false + host: localhost + port: 4000 + weight: 100 hosts: octopus: domain_full: octopus.unstable.bitmask.net @@ -48,41 +45,38 @@ mail: smarthost: [] mynetworks: - "176.53.69.127" - - "176.53.69.13" - - "176.53.69.14" - - "176.53.69.21" - - "176.53.69.22" + - "199.119.112.9" + - "192.168.5.9" - "176.53.69.23" - - "192.168.5.10" - - "192.168.5.12" - - "192.168.5.16" - - "192.168.5.19" - - "192.168.5.23" - - "192.168.5.4" + - "199.119.112.5" - "192.168.5.5" - - "192.168.5.8" - - "192.168.5.9" - - "198.252.153.82" - - "198.252.153.83" - - "198.252.153.85" + - "176.53.69.21" + - "204.13.164.171" - "199.119.112.10" + - "192.168.5.10" + - "198.252.153.83" - "199.119.112.12" + - "192.168.5.12" + - "204.13.164.162" + - "198.252.153.82" - "199.119.112.16" + - "192.168.5.16" + - "204.13.164.57" + - "176.53.69.14" - "199.119.112.19" + - "192.168.5.19" + - "176.53.69.13" + - "202.85.227.195" - "199.119.112.23" + - "192.168.5.23" + - "85.17.92.143" + - "176.53.69.22" - "199.119.112.4" - - "199.119.112.5" + - "192.168.5.4" + - "198.252.153.85" - "199.119.112.8" - - "199.119.112.9" - - "202.85.227.195" - - "204.13.164.162" - - "204.13.164.171" - - "204.13.164.57" - - "85.17.92.143" + - "192.168.5.8" name: octopus -platform: - major_version: "0.6" - version: "0.6" service_type: user_service services: - mx @@ -123,17 +117,14 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - clients: - couch_client: - panda_5984: - accept_port: 4000 - connect: panda.unstable.bitmask.i - connect_port: 15984 - original_port: 5984 - servers: {} + couch_client: + panda_5984: + accept_port: 4000 + connect: panda.unstable.bitmask.i + connect_port: 15984 tags: - - dc - unstable + - dc x509: ca_cert: | -----BEGIN CERTIFICATE----- @@ -435,4 +426,3 @@ x509: O1j7UCNyBJ70TpZ4F7RR3rcmlFbR8Moys/GrEMuUG1CJmOHRxGju2g== -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/hiera/panda.yaml b/hiera/panda.yaml index ac92386..d7a4509 100644 --- a/hiera/panda.yaml +++ b/hiera/panda.yaml @@ -7,8 +7,6 @@ couch: ednp_port: 9002 epmd_port: 4369 neighbors: [] - master: false - mode: multimaster port: 5984 users: admin: @@ -23,10 +21,6 @@ couch: password: PzzQwxCvQLZUxRdS2jshMPN37Ps4qtbH salt: b54d7b0f595d7318d961c636fb8f5530 username: nickserver - replication: - password: LZg8s_Z6FCg2MZRQYjkYeE6arCIU2pCw - salt: b004ef682f926531fdda36e26d48c4fa - username: replication soledad: password: 35MzsnEEAeHTVNhI_FaCFNS5bhd7RGEf salt: 7f725f3cc60c388e9af8140555e09dfa @@ -74,9 +68,6 @@ mail: smarthost: - octopus.unstable.bitmask.net name: panda -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - couchdb @@ -125,22 +116,20 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - clients: - ednp_clients: {} - epmd_clients: {} - servers: - couch_server: - accept_port: 15984 - connect_port: 5984 - ednp_server: - accept_port: 19002 - connect_port: 9002 - epmd_server: - accept_port: 14369 - connect_port: 4369 + couch_server: + accept: 15984 + connect: "127.0.0.1:5984" + ednp_clients: {} + ednp_server: + accept: 19002 + connect: "127.0.0.1:9002" + epmd_clients: {} + epmd_server: + accept: 14369 + connect: "127.0.0.1:4369" tags: - - dc - unstable + - dc x509: ca_cert: | -----BEGIN CERTIFICATE----- @@ -204,9 +193,6 @@ x509: on5r5VCjv69sw/yJCqGWUaDfPb8ui+kv+JfIsQ8BoXSaSA81OZ5HeQ11vo5Hh7TZ jUjUzNF+926ph4U2SgvNjQ== -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEA0iB5rq3smyrvJRHApK3NapMbIZFzWfVIReFjqSt1jX6ZGWsM @@ -236,4 +222,3 @@ x509: gXDYMT8LiHhMP5GD5vauBqcJwmH6kiGpqoWWirotjVaXbLcCBnyIDw== -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/plain1.yaml b/hiera/plain1.yaml index 0803790..c9f70c4 100644 --- a/hiera/plain1.yaml +++ b/hiera/plain1.yaml @@ -20,9 +20,6 @@ mail: smarthost: - mx1.bitmask.net name: plain1 -platform: - major_version: "0.6" - version: "0.6" service_type: internal_service services: [] squid_deb_proxy_client: true @@ -62,9 +59,6 @@ ssh: enabled: true ports: "60000:61000" port: 22 -stunnel: - clients: {} - servers: {} tags: - local x509: @@ -129,9 +123,6 @@ x509: eETeBOj/+0v63CmHRfJ6Z98xO/MJSZFFjGS2//qTIK5xzgv/KGsCc6kAG1hraxQD Kr4RCrkqLyEJCJE59qGTrFnOgSL5Eg/RoCH/VEWLi/ExnlcAjaOlqA== -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEA1ziNA/5axlzBHy237cP9U1Fw9flwUp1cxQ5e5lfYHY3qKAvZ @@ -161,4 +152,3 @@ x509: HOV/+qIAtUvR2IkgKg1W26N61zzagmn0aBP+c7EBxEtSOh2+2VHm -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/seahorse.yaml b/hiera/seahorse.yaml index 99a6d71..567f63a 100644 --- a/hiera/seahorse.yaml +++ b/hiera/seahorse.yaml @@ -24,11 +24,6 @@ mail: smarthost: - octopus.unstable.bitmask.net name: seahorse -obfsproxy: - gateway_address: "199.119.112.13" - scramblesuit: - password: K52VQ53KKNVFE2TLLJKFS3SYKRKEENTO - port: 22088 openvpn: adblock: false allow_limited: false @@ -36,7 +31,6 @@ openvpn: configuration: auth: SHA1 cipher: AES-128-CBC - fragment: 1500 keepalive: "10 30" tls-cipher: DHE-RSA-AES128-SHA tun-ipv6: true @@ -52,9 +46,6 @@ openvpn: second_gateway_address: ~ unlimited_prefix: UNLIMITED user_ips: false -platform: - major_version: "0.6" - version: "0.6" service_type: user_service services: - openvpn @@ -94,12 +85,9 @@ ssh: enabled: true ports: "60000:61000" port: 4422 -stunnel: - clients: {} - servers: {} tags: - - dc - unstable + - dc x509: ca_cert: | -----BEGIN CERTIFICATE----- @@ -197,9 +185,6 @@ x509: xIAokTRYLx/6lq8bwelCPGVjy7EsGXt9aN+gMb4R3L9vA/NQrXu+dmCJKPE1vUHF gkVBxxt/s0R2aKM= -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ dh: | -----BEGIN DH PARAMETERS----- MIIBngKCAZcAsTaQV6TwbN9PpD6dYdXz0lA0drrXLRvS8rNoMTaDnIv134RwKwsb @@ -241,4 +226,3 @@ x509: /D+dY+CRU62HFTIwHXNviqCP0Izmq1Wh/I/LAWpc9uzmOfOcxF63+g== -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/single.yaml b/hiera/single.yaml deleted file mode 100644 index d2603ed..0000000 --- a/hiera/single.yaml +++ /dev/null @@ -1,564 +0,0 @@ ---- -api: - domain: api.bitmask.local - port: 4430 -contacts: - - sysdev@leap.se -couch: - bigcouch: - cookie: QnBSJJBxjqAz6KDnGMsQyW844XrIJBY7 - ednp_port: 9002 - epmd_port: 4369 - neighbors: [] - master: false - mode: multimaster - port: 5984 - users: - admin: - password: _Bn6AqU54shspQxbnsQTpRySjLQKTjBh - salt: 3195fb6efdbf4b4825026116d5aaabfe - username: admin - leap_mx: - password: Fc3qYjjVuwWAEyGDYPGYqUYUqeqJIfba - salt: 071d214afa9e7cfb9cba66575817f6fe - username: leap_mx - nickserver: - password: bJFrsP5dXGuegQIT5jZXMYMITpT5w5YR - salt: 73567fc12c27a79152620084e97b4fba - username: nickserver - replication: - password: s5Jn4AVnDgzu5sFzUR74akrB_yyqdNGc - salt: 63967ed2cd906c68917ea565b38b08df - username: replication - soledad: - password: E9at8FUjuxTEJEPEvACk9DWjWnR5rbKp - salt: e2b6fa1a29b1afbe1ea4a3f7ec5bacc7 - username: soledad - tapicero: - password: fCffkJygcPHSRmTePxXeAMSP6uQSQKnR - salt: 81bf56d4a7aab971412407d3a0c06462 - username: tapicero - webapp: - password: pg9XGGdt4Dr3WcM9PYDqMmxxKHTpvsc9 - salt: 7e8868f8c4775290fd37d2f520d13672 - username: webapp - webapp: - nagios_test_pw: uI_cYvPGNDZrcXTVLH_x88QFWjJ2yCZT -couchdb_leap_mx_user: - password: Fc3qYjjVuwWAEyGDYPGYqUYUqeqJIfba - salt: 071d214afa9e7cfb9cba66575817f6fe - username: leap_mx -definition_files: - eip_service: |- - { - "gateways": [ - - ], - "locations": { - - }, - "openvpn_configuration": null, - "serial": 1, - "version": 1 - } - provider: |- - { - "api_uri": "https://api.bitmask.local:4430", - "api_version": "1", - "ca_cert_fingerprint": "SHA256: a1bec1699d1a57ce37ad48ffc30a6ebb21a0d233b5a9250753d345a7bf40844d", - "ca_cert_uri": "https://bitmask.local/ca.crt", - "default_language": "en", - "description": { - "el": "Bitmask είναι ένα έργο του LEAP με σκοπό τον έλεγχο της απόδοσης και της αξιοπιστίας του λογισμικού LEAP. Bitmask τρέχει για τις τελευταίες αιμορραγία άκρο του κώδικα LEAP, και θα έχει πιθανότατα περισσότερες δυνατότητες και λιγότερα αξιοπιστία από άλλους φορείς παροχής υπηρεσιών.", - "en": "Bitmask is a project of LEAP with the purpose to test the performance and reliability of the LEAP software. Bitmask runs on the latest bleeding edge of the LEAP code, and will likely have more features and less reliability than other service providers.", - "es": "Bitmask es un proyecto de LEAP con el propósito de probar el rendimiento y la fiabilidad del software LEAP. Bitmask corre la última versión del código LEAP, y es de esperar que tenga más funciones y menos fiabilidad que los proveedores de servicios." - }, - "domain": "bitmask.local", - "enrollment_policy": "open", - "languages": [ - "el", - "en", - "es" - ], - "name": { - "en": "Bitmask" - }, - "service": { - "allow_anonymous": true, - "allow_free": true, - "allow_limited_bandwidth": false, - "allow_paid": false, - "allow_registration": true, - "allow_unlimited_bandwidth": true, - "bandwidth_limit": 102400, - "default_service_level": 1, - "levels": { - "1": { - "description": "Please donate.", - "name": "free" - } - } - }, - "services": [ - "mx" - ] - } - smtp_service: | - { - "hosts": { - "single": { - "hostname": "single.bitmask.local", - "ip_address": "10.5.5.62", - "port": 465 - } - }, - "locations": { - - }, - "serial": 1, - "version": 1 - } - soledad_service: |- - { - "hosts": { - "single": { - "hostname": "single.bitmask.local", - "ip_address": "10.5.5.62", - "port": 2323 - } - }, - "locations": { - - }, - "serial": 1, - "version": 1 - } -development: - site_config: true -dns: - aliases: - - api.bitmask.local - - bitmask.local - - nicknym.bitmask.local - - single.bitmask.local - public: true -domain: - full: single.bitmask.local - full_suffix: bitmask.local - internal: single.bitmask.i - internal_suffix: bitmask.i - name: single.bitmask.local -enabled: true -environment: local -haproxy: - couch: - listen_port: 4096 - servers: - single: - backup: false - host: localhost - port: 5984 - weight: 10 - writable: true -hosts: - single: - domain_full: single.bitmask.local - domain_internal: single.bitmask.i - host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMb8quTUv+6HgRT50xFYcyCC6BwqdZiTQvjms9Xqy9lyfDQHg18Uuw6VoPIcH2Sr3qaJffL9j4sEigiFTuYzGrk=" - ip_address: "10.5.5.62" -ip_address: "10.5.5.62" -location: ~ -mail: - smarthost: [] -mynetworks: [] -name: single -nickserver: - couchdb_nickserver_user: - password: bJFrsP5dXGuegQIT5jZXMYMITpT5w5YR - salt: 73567fc12c27a79152620084e97b4fba - username: nickserver - domain: nicknym.bitmask.local - port: 6425 -openvpn: - allow_free: true - filter_dns: true - free_gateway_address: "10.5.5.64" - gateway_address: "10.5.5.63" -service_type: user_service -services: - - couchdb - - mx - - soledad - - webapp -soledad: - couchdb_soledad_user: - password: E9at8FUjuxTEJEPEvACk9DWjWnR5rbKp - salt: e2b6fa1a29b1afbe1ea4a3f7ec5bacc7 - username: soledad - port: 2323 - require_couchdb: true -ssh: - authorized_keys: - azul: - key: AAAAB3NzaC1yc2EAAAABIwAAAQEA2rpPukC7v43Q9RvYgxAx1aDsem7+eZvvSKR+Uvkb0yRvI4h56eds1Cj0pOFOCinjIMyw+LkrhcubWDtFYzC1yTHUUcjSoIi2M+TurQZdTkMnsg2u34U61+EjOPb2jYdxBwUu9e/wDRGqih7FjFYCsHFMPH1ENVS+LZeerXn1F344HIP8VhLpWSjLAKgfMUCuvoTEqNaR4I90w1PAG0uRslYouTuxOA3VOCnf75FW7b4ZuBw1y2rmWcz9Rm5M4tz3EQCeX8v+AIKd6QQU0gFSytcelQtBVqu0YjnnL5Lp+fcKw3BJO+QQXk+OyYqGuP9WQfPPki2tEDHJ9rHcPD3l+w== - type: ssh-rsa - chiiph: - key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDAotYxNrKKXihZrDd39iKrXZSm3r8L9SNzhe9JG6cPaLTYuxhrS9QejYih9noboWfsVFmNPFYH42u3/vMyJEtf1WEUqQ84Qh2oQaC3orGMdpo3fXlCwlcp9q55gZTbSkpKwjn4pmg++wdTNjMmldi1ifPDl2uVt7dUkjQk8hy7CTJofkTxrXIzGZx+OI0knuos+lNV1uU3nJ6upbBwkvxwy3S9nfZ9kq7y5PBo0wK9YkOrKIAZtCnb0nobOiFMPeQDJdBWIo0btv5tCtzqe/b28TYz6DrMWrLIEJ+t8PH6QxaB0oLtlx5fImRxykLVHEe9AO1WcV0aXW4+6ZsHRG4X - type: ssh-rsa - db: - key: AAAAB3NzaC1yc2EAAAADAQABAAACAQCZoVRqaxZL4Btmt7Nfcj0jNbM5UhBSFl37MWApS9qUlx1zJeH7Vw1ZRzUT8zLtdpOyL4JrF1jJ+D25/dqdTEv5dc7I/IcUz16uVD3REi9wk9uRo05DmG1PXQ0Pp3kRGhNFTh5e1ZeGbPlxZkHyUirWGz8A6hrPTUA/k+KRsQg4nH+3UTPzZcy3jvw6YvdATFNkZ5dhKyae9T41McBEdh5yPArfuVTL/ssckTxyISF5ObsvbzuuarTeNQQO5VpFvK9luKzXpta9IRHMeAHpu88MCiMcWiZUZlaVlD9tC6OcMNxCBWWMlNwtowgBmoIZnjo7NrMsJ1ksUT4eDsvf6huu9nX3KIigSUeuWPtaPMHCghhLXLQSuIOhQWXjFzl+KzgiOZ4ahmNMqiCaRFHAHw6BRuZRxphiMq2gjvKRg6a4giDIf9gkEQ6v+tiUQoGYXuwfb0sGVJfrnZVifUz+I1j0wWCBWaY7+/LtfaNIl1byyPzG+qRhHMUlj/IALnT4DuHM+VkXNyQ0fucGcyhFxabqfdxRUT0EQok8ib06f16JBCoqdd6bn64v1M29QGFeSF0t4zjqqDik7VQvOMph2WAZv9FwhvPrmbSSs3MIe7wVBaFC8zeavrZ8oCO1U40q2UcntO6Z0NpIhnGZC7zVxguEux1moAtWIE0+JIsrbu41gQ== - type: ssh-rsa - elijah: - key: AAAAB3NzaC1yc2EAAAABIwAAAQEAypuIGD2h1ZDtIRvjyqKH1qM3XKxzG/JpOATpaAtI5h8+rf3OHeDUdvuPlQfTpZiAoWjU1xsiDrxqIVgdFNe5+1WB1tDAtJ7sGBNa2u8AQTpI9mqSiwf2lXS95b+8VV8yu6woGKXrytfdXffcGyVLfzwJFl0Fmdy2J3HrbzrXYVEGrJs1SRpZ+1U+KizRs1m2MugxhNxOTroM1kKuRsjRswTSkXoXHJ/fUd+dxdJJnEsyqA9uFAH+6ljJnPscwERkd0UsgaVIniSe43jM79qcwBhFiJKejquRaw282ncQghEQpR4xtYfSnWX6SgGkOAnN8vrGjm7o3xtK8YEjGWW0LQ== - type: ssh-rsa - jessie: - key: AAAAB3NzaC1yc2EAAAABIwAAAQEAu248g60EsU1m5qmmli8nQ0/CYvU7LI5sv7qOjT1vWd94UGiRjIX4hTcbKg+AXT3zB6ieaAozJ31qeoLFxQwznnMNaka5zWcQbFt6ht5q8hsxRQjKOVSfEqH/Bn7eVvlLrp6oEbaBgGixKVGF6RXTLCkmWKo3fjgRM2QY6SylSxRrr8jhGvtcGtAh/tJ4ejWL+WFOV4m77qRS81c/uhNIfgjavCpvOxWoS3mLUe8q3uRnuWqhtXX/8LSOIAbcwXk8X0uhOBRpV81Hy7k0h77JO+otc2OlhYKA2Mu8TGmw2I69YswQyKzNPSU+K2flPClO63lYuJD83jaIPGDC6YNelw== - type: ssh-rsa - kali: - key: AAAAB3NzaC1yc2EAAAADAQABAAACAQDOrTTNY60n/eMKFG4twVfInoO54HEqK2wlETb+Pe91W4sOSPaBtsP4xvk1hj/7WVg1fUN7B2MhYHZRmppyS2eMQGlaBbziFzlm3+rqn997l4CZxxkFsCINFvik60vQjdWn1Qh5gtaTWPLp8igjF43+3FdZZk8arS2AQgHixQdZ0XfjpBvvxpP3DI/VEOgOaCEI8XkDj8WTAkeQxrFmX3/TxbvGARdfYvJwYEC2qE3WABbI+DVOJfLsFmv8RW62ax8ErA63Yy3RWsgnv2Nzxwi6o6MmWcr14f1gpPybPK8KrZNJoJkDVceDTVwdTxwUfjOrI8df8NiFLVR3/lEGX+Cnd0UeKzk5Tqy84g1+MDGWkRDVyplB24fFxi/ujInlasew3uTYS2waZkNrroU2B8VO36xj8C8bn2sf3818hvjS4XD+lvpwKrKaWwWFTM89Xvu/K9KHFn3+58EbcyE88MAzuqrgDarkeXCdVT9Re0OUchmul3JOz9OnV1Osv0yi9pRCaAGTKAivnbN8DwmALz8d9FBTMxbcBgEqqGvyNe7muYTQtvTvfcKHdtF/MlTibte8YIbj7UX+c19A1VxX1eFU7mbfSxW1zXok1D0o+cUfcyUFauq6YMNDK1+FrMID+Mrm86woKB5gOmQRLJ9BARcKl9GZY2YnQAat9hRHQR8O2Q== - type: ssh-rsa - kwadronaut: - key: AAAAB3NzaC1yc2EAAAADAQABAAACAQDbZEkLGBE/VX9B+DhqAkWZMUc4HxxjyW0x1e2KRNWhrXY0nlLfl7d4OFdCMxy1nzVrCvfmdfP3tDrpPmeMrjqotWbgzhSIG63KhnVcVH6TouZ0NbsVMrNh/LscwlHr7sGoXjCOjHmuZMIr4Wfsasj1xvsgLUwUCIeXI8AXoaggBo2CGSDLtWpGO8aYcS4rVymxAXMwDf2s3cNXLbUQRb1o2Hx8VvGEYNRnrJzyPJKOEqJ7/xfnj0Ukdv3NY4sYfP0A41afcm0yZc1dxTZwletBB59szaN+APRT/TpbCQJqkcVnhNgKpv74pPTvQ/Kcr7hrmbTcpHxBF6BRElGiE8FQW/6NQpi+9PGd9AiRlAw/ZeGvMv/youfWnsgVXshlz50/PgRJNoHGz6DxR6sPulU/gpPpyWi4yy+bo3xUoa3jm1utlpoC+aO3wtYlQbS0ccmhDQwkyqLP09Yn9rTv30ZMNaCtUYX69Ju0adczaT9fIhbdbnuUpuhwrFX92Qy1W61mGFj3KkJcEj1vrJVncN8C56X/V936qzfRFr4ug9KgcN3dNJ0ISxzj5JUU1y+KJfVuTIAVxBO+OmVWH84AW44sYXps6b+kXoTU0Em8HfpBrRhhsbLXu0xyfAbRaA/P7/WDOlv9cLsgtg3VI9IBoZY6hlB8JhcJ8UhkiTgZE+WiLw== - type: ssh-rsa - micah: - key: AAAAB3NzaC1yc2EAAAABIwAAAQEA1lHzO6il/4+V+KSiJZy34mxBKJNrn9Ah7VBxa3ss4AnahDgVwYqGlLk8xe45CShLRlu3nP4ccX06LUCJOBuLI2QZccR6+h2jfIEjXIaNC8lp12thIriEPUWZaKwV04fnhOnpA/VzNCRri8DOCuNvA8pfjg51DUtvhEuIV9UNxHCsLFSNg8RPngqNxrDgZJvjIMFFdTyOl0OdE1sN1zG2A6UPTlqO7Tmt6+/AByAS/C519nL0MIDix1S93sqaxaIE4kZSmVVx7Ft/albzWSIhIF/UbLxqfkc6L0HV0OpvBPMMuYUZkLC3DfAMggkxJsTTHkcR2Z1fIQ3P9am75WSwGw== - type: ssh-rsa - monitor: - key: AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAFqCXlaYmqZqbefpMBaMPqzjhYNaxejlOX/x8YCXsDN2HMfeb/E/FYfpEPCuLVJ5Z0aDkp76JL9i1CX/9Rcbq4DEQEc6vkEv79MOI2jfUCVVeWRcybvRK0YAT9eQK59+FgNDbEo2NCUWBRvKd+8TjzZ7GtCLDnGd6+gkr6orkiA3uus/A== - type: ecdsa-sha2-nistp521 - varac: - key: AAAAB3NzaC1yc2EAAAABIwAAAgEAnMA/JCaz/BMTZqhW+/h06ZZewhaYqMrmrgwXI1Ui6r9QkGzPy89ZB+86LV/tvZOJSWsT/CfN+zqRqDRH8ApnOuXsnmU1BF+Y/dXpLH8Z7t52yBwCVpQII4m29zZT9mfcyb5ZV6Rxh+BOChFERPkZwQJaMI9KU4nkmcKvgpOEbPfvXrv7aYy+G1YddMfmitWKpljL4VB+DVuKh7/Csxs9B8g8wy261rbVJDCvP2cblFA6nAuxk0UB/UFgA9VgjoNA/s2cXIsPDFvvHKoy6bDN0V7CQr3391eGv66KCoQIPCIkI6PY2MImA+Lx1jYQwEQUIJVm/KbuPFrm0GF/LSs5T+mNcFTyU+saSCOi1sxkCNtAikvvjzk9xg0W6RkR9ITZy3+3cKPhbHCd1qOMAxVvMCrN5s+bK2Ps5+wE1pxxz//owcRgsR0yk3kg/V5h716qL5EaWyh5XJoWbrlwzrXLW9ofceGBmqYv7dLKrXd3hwCzJqdZVtWSTePz1gB84rgCAwXhjofY3mwXSRjqQCu9RTImSpepKRCAEBujMHCK38aXR1IAXbenOWCQso05gMFdtlHY7DfvtmsT0xElbQXztKCBqtNrYoDf1+eQBOpveCK4n0gSivmo2NqDkw8R+1nW+CMo6eO3Qsfc3BXkJyufcOCsDjg1IXOP/fhWeNXqSL8= - type: ssh-rsa - mosh: - enabled: true - ports: "60000:61000" - port: 22 -stunnel: - clients: - couch_client: {} - ednp_clients: {} - epmd_clients: {} - servers: - couch_server: - accept_port: 15984 - connect_port: 5984 - ednp_server: - accept_port: 19002 - connect_port: 9002 - epmd_server: - accept_port: 14369 - connect_port: 4369 -tags: - - local -webapp: - admins: - - elijah - - etest1 - - kwadronaut - - mcnair - - meanderingcode - - micah - - varac - allow_anonymous_certs: true - allow_limited_certs: false - allow_registration: true - allow_unlimited_certs: true - api_version: 1 - client_certificates: - bit_size: 2048 - digest: SHA256 - life_span: 2m - limited_prefix: LIMITED - unlimited_prefix: UNLIMITED - client_version: - max: ~ - min: "0.5" - couchdb_webapp_user: - password: pg9XGGdt4Dr3WcM9PYDqMmxxKHTpvsc9 - salt: 7e8868f8c4775290fd37d2f520d13672 - username: webapp - customization_dir: /etc/leap/files/webapp/ - default_service_level: 1 - domain: bitmask.local - engines: - - support - git: - revision: origin/master - source: "https://leap.se/git/leap_web" - modules: - - billing - - help - - user - nagios_test_user: - password: uI_cYvPGNDZrcXTVLH_x88QFWjJ2yCZT - username: nagios_test - secret_token: btsFN6UD9nfP4SAWDYMmuMkgRTL5WW7E - secure: false - service_levels: - ? "1" - : - description: "Please donate." - name: free -x509: - ca_cert: | - -----BEGIN CERTIFICATE----- - MIIFczCCA1ugAwIBAgIBATANBgkqhkiG9w0BAQ0FADBMMRAwDgYDVQQKDAdCaXRt - YXNrMR4wHAYDVQQLDBVodHRwczovL2JpdG1hc2subG9jYWwxGDAWBgNVBAMMD0Jp - dG1hc2sgUm9vdCBDQTAeFw0xNDA4MjcwMDAwMDBaFw0yNDA4MjcwMDAwMDBaMEwx - EDAOBgNVBAoMB0JpdG1hc2sxHjAcBgNVBAsMFWh0dHBzOi8vYml0bWFzay5sb2Nh - bDEYMBYGA1UEAwwPQml0bWFzayBSb290IENBMIICIjANBgkqhkiG9w0BAQEFAAOC - Ag8AMIICCgKCAgEAzuIeBC8NWSTZF7j3WJTiH532vZ0Xn9zZ0+ge4Va3vKt/8H3u - xrWdjIdBF86D+e5FlObF9rqmN0AfGUv9K/ex2BAa09BzK+P5dmBoUhHUMNJPXUKy - 0oCNM6KXZkSD3SsGO1jCyolvtY/RR8t95yALy0bs8dDqA+wzM5UvQIoDWBeJaoVV - UQkbsO42HxF6c+IBe4I8o0RM1mbNC3cKOs4QnYxSMqv17MnomWZZu7ZguNH95TxU - RAR0Fw+A68OSEBev+t9NJ3dly5H0pp1pNeqKzIu8F9P+0c/PWG2ZV3TePgZt+JuF - SiIWjTbF58wbOszfqlsKRI3qBuFXgti5eCGQjSsJQOm2oaqTUaSSa3iFmC0al75k - AAgVB0iS6BJoDYoUfgeQoP1jCV5glGZbVc/WZOJx/m14pB8SV5KQ5OHM1pM+kZcC - yJi+9QrjdwsnPoAA+erQpXERufv6ce2E7YknusHV5U/ULJ32NFnvWFs4Gy0adjYz - XleEl83OBN+8f4ETQK6e17oxVkgFZ1ajwaKxhI9wgYwQ4mYJ/pOp93YgDJ7o2St4 - h7dbfABxb7Nteug1bMxotbHWz92otspafeP9+4Cu/d8Q1XbV9wlNy/OFHBcHp7AV - cwjV3cBMg9gABXcKITwxvED1G9zoEWFS0MNk3Gc6RfJZefA+wCLRgz1pb00CAwEA - AaNgMF4wHQYDVR0OBBYEFOS3wnWViCsm2V7AN9zNGeaQPtejMA4GA1UdDwEB/wQE - AwICBDAMBgNVHRMEBTADAQH/MB8GA1UdIwQYMBaAFOS3wnWViCsm2V7AN9zNGeaQ - PtejMA0GCSqGSIb3DQEBDQUAA4ICAQAo56u3499+60Q34+p4N0Xa/WP1ucLM23/7 - ZItAQfBgKP9nCCepTpZrE1h+pHYuAbZTR7muJ5tBgLWAH6XXNXHGe+BL8V+DlUdC - TnDnhIemc+OSoIc+AM7efgBEX7ART2saMIedCkHqB3x596EEByuwekTsDhpG+eq4 - 4HWW6YNQIIPhjUthi+Z/fKpAqhXtkbisQ0zyDCjQc5EsdZdg1dRS6c46q5CFXnZI - iWaBwMdzvg1uNF+euai+2XMbtdhAZWTF2fC4zCkJ7TOJLu+w87YmaV6mhnbmZX2G - eUOWhlzwBUoxZWMLHQ5YjV+FEqO3Zbs08ph6l4PJkwPNnc3oUYyFUNDT+cF723Uh - mg9MIY/fLxNfuZIt++q1gDJgi64hL2+I9aEzMVmjZ0hCnre061cX60TU20oSJRJJ - z7D9JQA4Nq7XxkrSBA3/UhVCH5crF2NwTzJx3fwW4FMnDA4W3DsHOSUpgq6WBrMa - GGPH6sbq21EZXkzpi3XtrQokNQL50lULvJqZID0KGlBmwpcXwBaP7H/0FxVNDvCZ - cSxp7nUenwZ6VnSKASIhveEoL7FkTuJRHlEfr1V9NzUdvFqq/51gm+g34HcdxtcW - r5BsKNPa4cNsGFfLV7XRMnz146pswhKJ5+QzUKGoospnyybez7lWw8K2w7wlIPHb - D2FUi3Y39Q== - -----END CERTIFICATE----- - cert: | - -----BEGIN CERTIFICATE----- - MIIE4DCCAsigAwIBAgIQHOYg9efmaHPDsJiUt11PzjANBgkqhkiG9w0BAQsFADBK - MRgwFgYDVQQDDA9CaXRtYXNrIFJvb3QgQ0ExEDAOBgNVBAoMB0JpdG1hc2sxHDAa - BgNVBAsME2h0dHBzOi8vYml0bWFzay5uZXQwHhcNMTQwODI3MDAwMDAwWhcNMTUw - ODI3MDAwMDAwWjAfMR0wGwYDVQQDDBRzaW5nbGUuYml0bWFzay5sb2NhbDCCASIw - DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALNd2wmCASd0w6aZlXZJv/t1HcvH - Jiyob8J+DZ0gyv8izRz7foigZAKWpi8H4vFf04yWI13hZNBp+DJsM7imDdcXCzI4 - vy8NYsXVPBNqiy9uZldKblls3ui/qh+cyLwQ4y4usLmGy/hxvVspo9ECyNGdw5KK - AzDYfhgGgDLyTIUE3rBWCyM9w+F8qdB5tBc/6vDk2I3IJIkNhwdBmcq9BTbIvjCn - PWG763uNV/DC0FCGog+1RIoZBMLzb2bZUkJ1C4x/oAtL/rAOzKERL3nKLDyUcbNi - TICFyzbcVf+45u879qWvEjcHBUWLvEmEdqc5D3YYtZMTDFfubVQDRWthwj8CAwEA - AaOB7DCB6TAdBgNVHQ4EFgQUHREU/5qWnzAv37pBMmkMdBtomP8wcAYDVR0RBGkw - Z4IRYXBpLmJpdG1hc2subG9jYWyCDWJpdG1hc2subG9jYWyCFW5pY2tueW0uYml0 - bWFzay5sb2NhbIIQc2luZ2xlLmJpdG1hc2suaYIUc2luZ2xlLmJpdG1hc2subG9j - YWyHBAoFBT4wCwYDVR0PBAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF - BQcDAjAJBgNVHRMEAjAAMB8GA1UdIwQYMBaAFLmBgyy9rLMJ2KRx7z66LdSVPg+P - MA0GCSqGSIb3DQEBCwUAA4ICAQBeGvIr2k08H+jcjL8KwZeXlCdfp1mG+cHXk8j/ - eIuWcWXW4umiCDLoDPRikjuPcuTbK2Ca+M+MoVegH6W368iRn6a/vMJvSrqLEz3e - AaVH9+NxAoa6+TzvcEcDJ8cotVJS3ou90hFACQserzXl8LqwIgVqVkPHWXNkz/gv - J1h1Cn6siYkzDHeBrq1Uqp4Ma0sFMmvu91MrxY4u1Tctw4pjQPzIVhXIRjsmSXYc - tIQQ3aJnt17oEQRHbMAY6YZ1kn6KXB8Cb5xSlj03nlZxfVn8eVc6MHkCIwwWuas0 - 9XicB6rKOkAJ1Kd0kzyGA+tO3qUM9vsbQL8N/FH0h10gwkakEX3RwzHeGgmhBwwT - CX7zYL4z5MfhBvR0DajTm1sxALJYqrWLmj0w/p7PF5wlO37WKTGud+zKtAG6BEj2 - 0/blwqiZv/6JPeYUuKJZBjoQs7AeyVa1mnmbakKRPhn1sBBXnb/ROGQKmpdYNPTF - mlxgWDQ2Sq+FRXCJX+ADy5UOsF/MkKZ9go7LjKTXfUndwXeEaNZ2WlR0UlPX7OXM - n15hPtcJ9hNufNbEDmzHvJWwU/1r7g5HmCvAg6CTzD6/67Ni3g6viKPh3b8oiQAI - aBV6p/F5kJcNHog3siMPKoUn/uQcSSpSQzPAE/nL4eMaBLqIAhxORQWzM3S8LwtU - hUwrQg== - -----END CERTIFICATE----- - client_ca_cert: | - -----BEGIN CERTIFICATE----- - MIIFqzCCA5OgAwIBAgIBATANBgkqhkiG9w0BAQ0FADBoMRAwDgYDVQQKDAdCaXRt - YXNrMR4wHAYDVQQLDBVodHRwczovL2JpdG1hc2subG9jYWwxNDAyBgNVBAMMK0Jp - dG1hc2sgUm9vdCBDQSAoY2xpZW50IGNlcnRpZmljYXRlcyBvbmx5ISkwHhcNMTQw - ODI3MDAwMDAwWhcNMjQwODI3MDAwMDAwWjBoMRAwDgYDVQQKDAdCaXRtYXNrMR4w - HAYDVQQLDBVodHRwczovL2JpdG1hc2subG9jYWwxNDAyBgNVBAMMK0JpdG1hc2sg - Um9vdCBDQSAoY2xpZW50IGNlcnRpZmljYXRlcyBvbmx5ISkwggIiMA0GCSqGSIb3 - DQEBAQUAA4ICDwAwggIKAoICAQCs8hK5EjnDjJVOKc4ZbDYFmM9PcilYtw3lb9yt - DcT8EY5qzfU4SkuV+I8UGSx4s2YC3oro4nDKNPm75RTpml5BOXKAGUp7/1+wBKoO - +pGeS52BsuNsrQKUbP/x+6XpuhSp3IVsVKcKJmDyOaJOJRj2DfaoqcpKM55gr/ot - meq+gJwL2wpD8015jkVERWg3l2I0Dj92cW4Qs4dJ+7JjI5idN5ShXXVmwvPQDa8H - c6SHd0j0BK92FB1O3GyPr244i6e0qdPGZhK0KC9pUru1ZYCWj7Jjr8RYCmK+jw0k - pc8TKph5tjLl5VEuDO8ZTtG+1Z0Vx2uSyCsAjH/PhzheqdfbNPAde/D8AKyLlDwm - U4h3R73GKAJcVS1A0DR1kqZ2spBz4HmmmcXcoQ++KdAmLOPBsIWhwhRGuzGdwQgR - eslm8oNkpToU3J/pMbpiBHEUSv5MKZJF7GTKRN8c69XIK2OebEZ8+DYuvi4uBjeZ - 9eydmT9VVN4h8R2E2572c36e/uWUhYdZrlienBBwNDe4Vuqmc+M0EwQQnQLl9XID - dQSN66Ao7zLQOenYrwM4/w3d7rhPXlD7DpYJHWCR4eP73jR7DOV2u3aX90B580MW - 8NjdyJS3gnjPKTCCq8vIolkHCGPqmpDzbajwqQvVsMnCaTV77zZtyLvodc5G/7gB - jZnreQIDAQABo2AwXjAdBgNVHQ4EFgQUD8GCfb8mWh3JNXAnvu2ObnPo/mwwDgYD - VR0PAQH/BAQDAgIEMAwGA1UdEwQFMAMBAf8wHwYDVR0jBBgwFoAUD8GCfb8mWh3J - NXAnvu2ObnPo/mwwDQYJKoZIhvcNAQENBQADggIBAIFO6f9ZUa6221jMGRMROe8X - XnQLoIX9AGkLG9Rpu/9PVnN/NoK1/MWoA7+qix1Pdaj1Skpz+yUmKGSGo6Oq4XRf - K2DNoy+BYjRauZVreLkE1QUuxzP1DQg0ej3hRl31c/Kv+KaMJy1ptrhFEbhP1yYk - b9Fayu6kuc96Xd8o0ARh6NAA4HysW119awDUsMANVm1VGuPTojdV3/Yn3bywCwG8 - B6Fqx2EfI6YptsNhzzm+o9v1VjXE+BQ4zbfmgY7uORqVY7b+5gK2+D5FAN4hsGbn - jiPo8G7Azv4VtmBcKROXbCf6B8tQA/Z3uFgfTHxM8iEaGsgnh8IUB1idnNmeUxqL - QcH5TRf8RAMr8xgYueyiWPR0NEAahrojvoNQGYPW5EdqJd4JzfqYNRnccTXAIF9F - VSCBPPtg4Ifc3Bfs9PObG2/2WJGkwJLevpdj00SO5otc+wWl/MG3eQlksceWtXJC - Laoxpno11oA6fwqxxIsqjCCCzwE+WL9xtEgaNoJ+bvB1DuzCoZ/MF0Q4nmQw5o0o - E8ODAhuMkfSz6Mwk+56iNTRV0hpKhADtVWuVsXd6Vmcyu4fX5IJ6vPzyCkal63L0 - K7TGCQJQeQnI52RkX3zpLIWA8SYp28qC+81dBdKEXPOs0MDHn5zWpnR8xHjs5jki - WOtY6TTfYq8pBdwToAQu - -----END CERTIFICATE----- - client_ca_key: | - -----BEGIN RSA PRIVATE KEY----- - MIIJKAIBAAKCAgEArPISuRI5w4yVTinOGWw2BZjPT3IpWLcN5W/crQ3E/BGOas31 - OEpLlfiPFBkseLNmAt6K6OJwyjT5u+UU6ZpeQTlygBlKe/9fsASqDvqRnkudgbLj - bK0ClGz/8ful6boUqdyFbFSnCiZg8jmiTiUY9g32qKnKSjOeYK/6LZnqvoCcC9sK - Q/NNeY5FREVoN5diNA4/dnFuELOHSfuyYyOYnTeUoV11ZsLz0A2vB3Okh3dI9ASv - dhQdTtxsj69uOIuntKnTxmYStCgvaVK7tWWAlo+yY6/EWApivo8NJKXPEyqYebYy - 5eVRLgzvGU7RvtWdFcdrksgrAIx/z4c4XqnX2zTwHXvw/ACsi5Q8JlOId0e9xigC - XFUtQNA0dZKmdrKQc+B5ppnF3KEPvinQJizjwbCFocIURrsxncEIEXrJZvKDZKU6 - FNyf6TG6YgRxFEr+TCmSRexkykTfHOvVyCtjnmxGfPg2Lr4uLgY3mfXsnZk/VVTe - IfEdhNue9nN+nv7llIWHWa5YnpwQcDQ3uFbqpnPjNBMEEJ0C5fVyA3UEjeugKO8y - 0Dnp2K8DOP8N3e64T15Q+w6WCR1gkeHj+940ewzldrt2l/dAefNDFvDY3ciUt4J4 - zykwgqvLyKJZBwhj6pqQ822o8KkL1bDJwmk1e+82bci76HXORv+4AY2Z63kCAwEA - AQKCAgAdY7G805UPXxeMRdxpQ5NWliY8qPjPw6PP5peIrPtZnp4mFkPiwfVgUfH2 - h2SgSlQ+jpTqiHiEVEZQINjR7dKwoNONYz7eHYKkRdakXv5Z+R2WCdFOCYSTtoY0 - GACU3HNgfkIKK8SLHASDhTnIr9MzFSJifSAMRgNXCPCpySs0HmTmOt3euDzlOEEb - HfRc5hPhJr6wIQyEOA34i5Y/9K+dn/FZDqnBwcVvCLRCvuspviKenSE4HqjwWtL0 - A+rmHw1rzSRY5cWt6dpMuqt9YvdcHqVA/YCPOYyYN3UTUj4DUszAei7iFHscKUSE - d3l7RY/BQLdOJUfxeu7JVIBGzfQJW728puZRxmDFqGFOYGKYiCMmUMV+ZiJ0IINL - gCCuKFCspk/5ciwLZvoseERxKNtDhEsOKnLtWyL4055HWOTPwYKuTngsp5PDKl3c - XytVGmOFYZ0RAWcONKpts9V4FBQXVpGdUT3BpOc0U1/d1CelcesBh5FORSIZNVgP - Q+WUgHaKCNU+jjZ83sxDC8du6YpXkt8imREH034R7b9QkhS0AzEE/MrEvxWAcT+B - y9Fzvw18Cfol+IfQ1pLo9EL6bVAcXqZMgDwAqPOvw2T1OVYkBSfDr/UUhM2Bg4XU - WuzOfH0p9MpnrbrA89Ar8B7TqgAABTj8nCZkM/HQ6J2JVfU9ZQKCAQEA2y2hsEdK - kTmNmgxa8mG2RuGgWx5oYD7bZRQD97GML1dZj1/gtg+OWml3VLrOhueqT/ItkNPk - bOGjQFDYpYzUYtOSA8UTn9Crs1rRUc5tHXcVHOAR9OCGKRClpIV7+4lbCQuX1v+m - rO9FNzumVJSw/6rAtJsuZ2TI6Ml/2LHUNOXgPUBPlIJ9dMv+0+eN45upMUzcmaIG - 4TtND8DeOakXb1ZanliR16PES+M9bWs1tWV2yubtO2o7+fQTwKZMqg6kGY88oSed - +HP6QxtMIbkGp7GYM7QHrgEwnp8nR5tCp1rL/LIvIIbWAsnfh7ZqQSRMoSMFonzv - lKqTm21jiavSuwKCAQEAygAUBScRklR8/zLVkdB2+Fy/E2TtC+AGDGmzhUygMpFH - k9DjeD0+92zM4Q+zbScLXZMZOTPiRRw8pOq8Q/VqHufAxEse5VBE3oxHpWzKH6cr - 5eheKMCRiIpwylUakdEgxyFWNA9pRfrpBmxOAy+RuLd2tR0wNkucFEXgQFoUpLyk - LurDUK5cbclmaSbjpx04lUyXJFd3e1P9H1A6L7hHqh9ebBL2O5rXbtOBevzvVRX/ - sCp/aITXolxYFVXlcexJ9Quh65amlBxcN9nO2RGyC2ZbAocqJEXFX7ARz01DEtIg - NCuTosszHfH5drqq6WQM6YKM1SZYeOsibemdlxlZWwKCAQEAr0Kk2SWYrdncrgMV - Ml4J+FHw/QuqoNOCcif4KDd0BmMNvYUIVezIgul0v28FOIDFAlqALyAQtzQSa5p6 - Mp8TMddGGfecAp5Evg1v9b9gJ0CSxF00XqCvBuVF3vHSO0gRYIFBsG0LJZvKuCjd - jyK7CiXLJGA2Uf0YXnTJ40gHjSkID1J+kB1sHloE8gNlxUwylbaFa+BRKgdWTrOF - v4vDrobZvWbLcCiHDbuu4fDpqJxyyjqwFmOThAK1TMZt5UoB1GJiM+dO/V4YD1Mj - pI+kj7GGKEncHjrbWuue6DZxrQsAtJby8kp/lQlB0e5+topFMFCl79GBblqb35ww - DOU1gwKCAQA18sVmBuQjf5sOkSYG1nUfqa2CYX8Jn+AdqpE+dZOHTdOe/7fwofLS - I+Wn6giSi032xNWEuH2i1YLAzMxRHhckf+K0yhdLSR/LjA2Keb6Vq5EGywNywNNd - cxPihc4dyYuGgznBl6gW/4cCpyRCp460lZMHle8NYS4jH/JfXW+L+7GhsiNNxfN7 - gsFuLeu48w3smdL36sBHWMwOc9/GZOIG5m/ST1Ih4x3MRIKdNTY6NDDgfMkgQfJR - M3Z25ETuIxwxbNTm1YpRni1m4S3kPVyevMxrpWu02kl3X8+x3MGgIixloonAfaJ+ - SeTFN99zi7wDFVHFj4MrcCj2z+C9vRBnAoIBAGl/ph9U5fDnNXBJKhzdQ1/eFGaU - cTLQrALqklWOqAuP7Yt9Aq0zxxYWZvZ5zxkoMDDN+wBcVH/0vxRW7/ktbViDHABD - 9Loj/a5gSQLs/1thZ8Duq66vTqBnUqbo4CK+kewHfB8VgoNVXvU9IkSqKu7Gt1iO - eRJZ2pF4mGBHMw34ot5jbU/kc9p8xUUoxExSq5uh7ahG+jWtqx6MVMz9R03rQnNl - EYU6npkpxjxNOuTu0akZl1v2bgi6fCO9KopGM/9t8kOY9P8cJmpBt7ohlUHkjiDR - 5QOqC7UGR7G4MrbJp6B5ChfY8TrbNEeQsrnDEb8+OMjmkshmvAfoZKq2odw= - -----END RSA PRIVATE KEY----- - commercial_ca_cert: | - -----BEGIN CERTIFICATE----- - MIIEozCCA4ugAwIBAgIQWrYdrB5NogYUx1U9Pamy3DANBgkqhkiG9w0BAQUFADCB - lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug - Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho - dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt - SGFyZHdhcmUwHhcNMDgxMDIzMDAwMDAwWhcNMjAwNTMwMTA0ODM4WjBBMQswCQYD - VQQGEwJGUjESMBAGA1UEChMJR0FOREkgU0FTMR4wHAYDVQQDExVHYW5kaSBTdGFu - ZGFyZCBTU0wgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2VD2l - 2w0ieFBqWiOJP5eh1AcaqVgIm6AVwzK2t/HouaVvrTf2bnEbtHUtSF6fxhWqge/l - xIiVijpsd8y1zWXkZ+VzyVBSlMEnST6ga0EWQbaUmUGuPsviBkYJ6U2+yUxVqRh+ - pt9u/UqyzGxO2chQFZOz8unjwmqtOtX7w3lQnyV5KbJHZHwgPuIITZMpFLY0bs9x - Rn52EPT9bKoB0sIG3pKDzFiQLpLeHmW3Yy89sutwjEzgvhWd3sFNVvgLxo4HuV3f - lfB7QB8aLNecK0t29Fn1Q8EsZhCenmaWYJ0cdBtOGFwIsG5symkaAum7ynjvZi7j - Mv1BXJV0gU302v5LAgMBAAGjggE+MIIBOjAfBgNVHSMEGDAWgBShcl8mGyiYQ5Vd - BzfVhZadS9LDRTAdBgNVHQ4EFgQUtqj/oqgv0KbNS7Fo8+dQEDGneSEwDgYDVR0P - AQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwGAYDVR0gBBEwDzANBgsrBgEE - AbIxAQICGjBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8vY3JsLnVzZXJ0cnVzdC5j - b20vVVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwdAYIKwYBBQUHAQEEaDBmMD0G - CCsGAQUFBzAChjFodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVROQWRkVHJ1c3RT - ZXJ2ZXJfQ0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3Qu - Y29tMA0GCSqGSIb3DQEBBQUAA4IBAQAZU78DPZvia1r9ukkfT+zhxoI5PNIDBA+r - ez6CqYUQH/TeMq9YP/9w8zAdly1MmuLsDD4ULS+YSJ2uFmqsLUKqtWSkcLvrc5R7 - RkznehR2W0wdhKEgdB8uS1xwiNy99xk97VkN4j8m4pyspDyVHPi+jAOu8OWcTbzH - m1gAv6+t+jducW0YNA7B6mr4Dd9pVFYV8iiz/qRj7MUEZGC7/irw9IehsK69quQv - 4wMLL2ZfhaQye0btJQzn8bfnGf1gul+Hd96YB5bkXupjfajeVdphXDyQg0MEBzzd - 8/ifBlIK3se2e4/hEfcEejX/arxbx1BJCHBvlEPNnsdw8dvQbdqP - -----END CERTIFICATE----- - commercial_cert: | - -----BEGIN CERTIFICATE----- - MIIEcDCCAligAwIBAgIRAMqxAnEi09LnUmxHz34zaygwDQYJKoZIhvcNAQELBQAw - TDEQMA4GA1UECgwHQml0bWFzazEeMBwGA1UECwwVaHR0cHM6Ly9iaXRtYXNrLmxv - Y2FsMRgwFgYDVQQDDA9CaXRtYXNrIFJvb3QgQ0EwHhcNMTQwODI3MDAwMDAwWhcN - MTUwODI3MDAwMDAwWjAqMRAwDgYDVQQKDAdCaXRtYXNrMRYwFAYDVQQDDA1iaXRt - YXNrLmxvY2FsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2flsifSE - SbAZ4GZE3594alIx0Y4wH+zPlpffAyAuH0/woIfbU0niYpjCMp2IukAkcMfwsvAy - j3I2EKimkxWBDvmaDH5fY2SB6Mk6jun4TbYNbzZxPjN5ZG1arOl9Z+nXy8rR18jJ - nXwR/QT7GeEsCUbT+GN0TamFzGqaKP5QyOhVEorzcKnxuRTFoc6N1e3kB1kq2bDK - npX376mKTFWW7OLeXH2+Eh8A2X+w8zqQTpRta6631DyynO7MLAsihiAmDlOVpIsA - hYF/jDblpqCsh7es/78Rf09I4/pqwDByU+4wcuQ2CihdMqu8qZYY0iZFSelpikhp - mjvuVug0J91CVQIDAQABo28wbTAdBgNVHQ4EFgQU6/xkpENCcBkmnS+8pjjIKFOZ - ndUwCwYDVR0PBAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAkGA1UdEwQCMAAw - HwYDVR0jBBgwFoAU5LfCdZWIKybZXsA33M0Z5pA+16MwDQYJKoZIhvcNAQELBQAD - ggIBAARhtd1EdoHrHL3HCeqo5WplQnW0bd6M+KdFTlp2o84sRwDDsRhTQ64xeZC3 - kK7h+R54cm2xzrqHs70t5UYNoYXh0DRYqCsEu9ZMfnxtye4sofGo53s5LWtkAguE - sTcpijbj95RodvGZnal+V7Z+B8yt0u0HcfFSrWv7956i3+Zcxdt+/9+FLYOzbOVj - sUnqKob3J8++PURJlPvnsgrrPPMxrRL7WfRn5njwrYNWrpOljh2G6PLcUmEHFQ/m - op8xbFwbb6mmkuyZqiQfcSci1Z/562kMR341Ba1plIvr3MPNShSzaIxyPNJrBATP - D1PUK4AORbpolhxJPjx8qfGyCKUBQKKACBRO3pBUlnHIiC21bjYJu9hev1qv9Vd0 - VPeJRHC3Y/1Bv4ptMvwIXjh3uy16TYHA7V1cUIQmKk8HzBByHTek+xupdFERyFx3 - 0LDXPu7ry3bWHKoojsgNqWRXaTVuMZilgTGmwF24gCdjMrXgWANnxhFG2UVPa7sg - 5OreMhK/jBLeXFrfTjXZtIDRdZmsgSkleUQuAlMG1yCZZud0cMebjBmCkcaada7e - 4C0WFjpZHq/4PNcoO9aFTlNzzWlTm57Otvfc+kfItEt0Tx2YrOFKuHTofGptYtFm - OsUsS1uOeX1yFG4h3y6OT1gQJaNIep6N4/Qps8l4NK/0Wn9+ - -----END CERTIFICATE----- - commercial_key: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEA2flsifSESbAZ4GZE3594alIx0Y4wH+zPlpffAyAuH0/woIfb - U0niYpjCMp2IukAkcMfwsvAyj3I2EKimkxWBDvmaDH5fY2SB6Mk6jun4TbYNbzZx - PjN5ZG1arOl9Z+nXy8rR18jJnXwR/QT7GeEsCUbT+GN0TamFzGqaKP5QyOhVEorz - cKnxuRTFoc6N1e3kB1kq2bDKnpX376mKTFWW7OLeXH2+Eh8A2X+w8zqQTpRta663 - 1DyynO7MLAsihiAmDlOVpIsAhYF/jDblpqCsh7es/78Rf09I4/pqwDByU+4wcuQ2 - CihdMqu8qZYY0iZFSelpikhpmjvuVug0J91CVQIDAQABAoIBAGyn/igCwJLu+uc2 - c6y5lNADKxxX8btoU86w5BVtzDAFrGCJeJZbJUOa/Gs4xjh50vB5ao34WGvTNgo1 - 19tIA+6QE++YazpjlrKQ5OTq0sECOE4w6GBmTmP2cxXwynerRMwszU/wojgj6d+j - xPwQl+AD85RFF2vDTpQoq7I1m9WZt1awszigmG8VDBwa/LFKfrz/HACH0lmQ6wQ1 - h+dYcKjS7K68rEhZ29cjkO7k6Il44B4/6nfPSFCXCcypZD3uNXwGGDGR9QGcBzCY - HLCveb+v3rKnIjMpAX8xi1R6LVaxX+/wRCoaMRRhWqH3mBijVV/SKDvo+AOATECM - UNDYOaECgYEA9yNhwS2zL1lZhqqejG9CPL5GaxB+Rl6cFDP2U8xUVVYZjbvjnJBb - mU0/c+zGWFlHvqgBOCW5pCFOJx7eFvpp10zVJgqH6Nbdsz/nE0+kx2PwVT+miyBT - 1CdtB8UQt4FDllYo3BToeqLlICBwuTe77UILWMjx4WPSQB/mJOlfHD0CgYEA4cpU - ogjCG4dU6W66RL4y+eP63VDBtz6kUmMHiX5xXEjn6UdYYp4TBL3VxonkMbOzHtAX - B95klqs2vl1arQf3glrv9PfVWyexWy+U/0YkibS8OGDJJUVLLRS7gZrEMGPbeKY5 - SSeEDOtkmrUW6EmrCAmwaVW24uObAtzJJH6bp/kCgYEAs3bfGvA7yauBppgp8GMu - 33txGXhtql4zyzv8qdeceie/ALyrSdtOmSGObXlIg4m53sqTsBk9GOISpbf1oQwR - ZgZmVmyZS00Uy4EhJVXVm/GH6fAB2dAM7+f9dgH15Lwav4Yrv73zIHNAHbdRBD9j - 2aP3J28srvbVDDnd33oU1iUCgYBNrD3bE+o6cB68wtOfLFL69ftpwQsyz4DVuq1w - FihHF+l3rYxxOHHQcsGkr/DpTCk1U15o3Y966WFGsXStC42QsVnUyqEB37C6bq7x - 9h5BpQQO3PS1NpY65uPuHOCayO9KHNyeFtLtYtjUA7HirN0CQdsHEW59tNCxdmRX - gppneQKBgAS27C022cGm0Qa0/X1a55G8D8MTXWe+fV6kNWJmfNca2YnWGIPJb+Ec - ISk5wkWOga3Cs9UcaJKnIbAiqaUU0VdyL0aZRaXyO6SlzgQLwpYUQ6zNzEhdgEhi - vd4rafhTMnvMUaDLjO5AVRnZ1eG+/5Gm/Y5XAvCPDqBEUlgvIRVn - -----END RSA PRIVATE KEY----- - key: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEAs13bCYIBJ3TDppmVdkm/+3Udy8cmLKhvwn4NnSDK/yLNHPt+ - iKBkApamLwfi8V/TjJYjXeFk0Gn4MmwzuKYN1xcLMji/Lw1ixdU8E2qLL25mV0pu - WWze6L+qH5zIvBDjLi6wuYbL+HG9Wymj0QLI0Z3DkooDMNh+GAaAMvJMhQTesFYL - Iz3D4Xyp0Hm0Fz/q8OTYjcgkiQ2HB0GZyr0FNsi+MKc9Ybvre41X8MLQUIaiD7VE - ihkEwvNvZtlSQnULjH+gC0v+sA7MoREvecosPJRxs2JMgIXLNtxV/7jm7zv2pa8S - NwcFRYu8SYR2pzkPdhi1kxMMV+5tVANFa2HCPwIDAQABAoIBAEYza7ES8sSwjIq9 - /aNoRf1y3xCMh0JfQi6LC2T+GrU0t7aqL+HldH8W2z/5BDeYW8HgWUM7Hiv77ao+ - cxfH1g7i8/zZ/Om7gXcQeAzZXFRaDzAG752MYMoTidAJmv8QVPoUSBK00UwRqBzv - 9S+uuU5hQtQttAYAFYntsWs/Lfe5QkDklfZ4EhVRm6R9dDbBNuraeOVkkSCJxL/Y - ei5+MLpdysKUbKb5NkVI1Olh23w0D1qJcWVv3WtO+V4i184ewT8Vb8GFK0bOGRxd - pLpVDpojH44av+HJGGbWFruBlcXzic6JJU5JWf0tu8xFpyURPAFcIW0M7T9UXwWV - LJ5c1rECgYEA4a0XAYfeyCNlVOzub5CR9DHhwt5FCPHxmdGA+pw8a2FpRq6iU7pN - r9yM2hrVmTOsM+/Zq28BAngtP0PXn9rancFx7/1FsHgp3xiz7LYAFNJoKImH6ipd - xdCkwA9yoO/owBWBc+dHK77Z1uvLgpnlfct/9DL0SfcrZr3Ngmbkzh0CgYEAy3fK - TAbSIgirJzyt0CvXub6ecZt/IV4w+P2mVTdmuCD1yC/EmyIm+shj2wLzdFUgvL6z - GQwSDVGd63/sTJ0nLii5Q6MQdS636qdWFXk3m7RUtb044TQSuIe08fZ/yc335NeR - uXbTlqGqPbvDqIMsJ79Qm8HTZ0sWhOaH+qxn0wsCgYEAyRfRrj2CGNjhjKFrfeJX - DD/+qgQhg+0DmksDIU1i0VSF2MP4RZ93ZkOjBx5uQwu2YLlTPt21CpxHxV4Qn5MG - xxf/DRikprEMro12lnE+9U7gHW8fu1txH7nhdHrPa/Ubcz42ki7+Tk7MEiUevQuh - YUyageF9qQMkm3J5078YF0kCgYBYrW3SsspUoPiPUkfiyajswGJn20CON3Iaotoi - m9G+AEd+pysF/d2FQV8b7e5TTmLFQEvoZ7Vabq7oG8nOHlQcLw2HqAMdP25S6/l9 - xGXzC6Y7yyuGI17hY+v95NQPDSC0cSuG7H4NUYpT+4ir4feVnzEvoUtU4on/BEZR - f2CEvwKBgD/I0U24VHkD2vHrkcrrSXbBRIm630xXT3Wx7Al9D/f9N5z5OJ4pmCn8 - f8nYmHwasWYUA2cMWODCQgIiblfYkewltw2K2qXByRZR98Y/OjScOWS2bwc+rMnb - cwCgFA2WXzfcw4WzZoYotzPvOWkYARur/VdJvry9UMX0ljkt64d0 - -----END RSA PRIVATE KEY----- - use: true - use_commercial: true diff --git a/hiera/snail.yaml b/hiera/snail.yaml index 2413ec0..fcfac89 100644 --- a/hiera/snail.yaml +++ b/hiera/snail.yaml @@ -27,8 +27,8 @@ name: snail obfsproxy: gateway_address: "176.53.69.19" scramblesuit: - password: OY3FIR2JIJ3WEWRYPJRVS5SGOJLEG3SU - port: 24218 + password: OZ3FOSKQKR3EUTCZPJWTEZKWMVGVCNZZ + port: 27889 openvpn: adblock: false allow_free: false @@ -37,6 +37,7 @@ openvpn: configuration: auth: SHA1 cipher: AES-128-CBC + fragment: 1500 keepalive: "10 30" tls-cipher: DHE-RSA-AES128-SHA tun-ipv6: true diff --git a/hiera/starfish.yaml b/hiera/starfish.yaml index 7b894c2..7a086a2 100644 --- a/hiera/starfish.yaml +++ b/hiera/starfish.yaml @@ -43,22 +43,22 @@ hosts: clam: domain_full: clam.dev.bitmask.net domain_internal: clam.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDR+ZrQQ4ggDM5ZpNyoVmZJ3cQwzlfrTorWohEY0BAhLDuxpKR5U95Dam8xckh4tM2o0ZFkayVYLoW2s1hrD8Rt6AYVM6l7z5tSf/lIbWO++PAoIKSPJmSmg7kZs+P3Tafs0VjJh3Ypc2nmqvih+oRPSSdDUP7Dqumham5GGWVG/Y7UzukY7r1SeWdFW3fEvR+74/rCpWbSPgG5Fckp9FTy82JV7z+E+S+UHD1Dcgpimve4GGAbHVySNPI1khNHeTFuPJCgehwLOInCexXJO5gIcqyj4d3xABt84BGEHbzaSYDiUNZJep/dOddGt+xTZCzmmFtYcSjUZLR+wQCMFOeH" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMYfDEXXpRdNtIaa1aGLVqG/3laVEoLi4ujKAFKtsgOJqw6qd6Sph29Jyqb5SmXNqzebuVKbWmKogXia1wKnjUc=" ip_address: "176.53.69.22" elk: domain_full: elk.dev.bitmask.net domain_internal: elk.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDu95UcykhjBiamMLHpGqB1UrPScpihrfOvlX0yO4zTa3PoJy+tx06UNfZ5JZD5llsezZ5HifUANSQ0XFPeYr3Vf4wrbD59oilUQtNXyB8avXatipRljURp6Yb5w1/pputbuZSe8aqn1HMDrSkTILbaCSdF0y5vWvssU2eDmpaZMtNEgPvA39PHHgxLXno7aktMJ8Vc3Wvqm6aUiBURZILGPchnVHgiMZUNiwm/nx7eRkIv1OTOJwPRBAOzqZuKf3c6jemtAMpihlwq4hBl99f+mWe/Fpzy0pq+BkfCPCnOE9iXk9ELd7hl0MoLHMdjCoQeWdVVEm5gJTjx0iZCDdyF" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJxIofc6JyVvppMKv/hZnMZp/aYeEcy5kHAW1O1/ZkHnclc/cmxEQ2HtRNhMXziOrYZG/UB9NCEBkTFG2PG6XH8=" ip_address: "176.53.69.127" starfish: domain_full: starfish.dev.bitmask.net domain_internal: starfish.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYdKG2P28qWIzj497n8DaC50wPUUHDGg6qvSf64+qtfKGG6n1NNL4vrtO/mvOwLVCE7EqeQGzKD3V6/RyDECvKQK3bspMLE6E5MuH5cMKzlSKDZETtCMI/23UTRe8HXoQSZbwxtSFEA+p38M0yqqwysk5tna+Fo9ZatDgwRqOln1m9ny6ckxXMhpuc0s/7nbqLtHvhm22i70ghU5Hrjgz+/xI5IoL5e3vkDbAih1Jub+TdpmxnTKw53oWL2vzDxKstsmNm7GOeujPr5SDdVpxhzxfg/9JBtT59yiGm4C3sNC7LsceME2V77qSx9RIqVeWv/hvHjRqEFErIAMCl6UoB" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH7hjD8SIQshnCrMkin4MY6ff1QAJRusnMMsitiTc3+rpn5cCVW+ZB6+nwSKUyiXbD8l6wcL0CTxEZJGhYyfKc0=" ip_address: "176.53.69.23" urchin: domain_full: urchin.dev.bitmask.net domain_internal: urchin.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfU1/BwcAUPRHNffdxePpL15ME0shqsINsbyTbE3pcxwB+oUk0BO8Hk2rVU9WAvUXBRzKjjTNVbXz3lFv1cDsIIRmSewN5G2qR3KO2MAlEaOPZa9oy6vzoJ3i8r8SlESDFUZLkzWfTDtnvb7DlkYAZwaJ1LMhO7Ou3PDdxyWixmpE5cblCExoO55fmJMP9FmD6viqc2rfRKiNkb9W8uqiEBXEGG96QBnAwXGPD3THlfe7SWJeGGuvWsH9kUJIDAABb8GHdzquOYr2xvwyBnQNgWCbyI60umlNLFNlOuX3Q8s8bGcEcKtwb5mJIztBgITsyuzm7H+z/e+EGOU1G2I0r" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKuJ+QA8GaXfxxERGFQSznpqJNmIk4gNFp3UvqYvL9PLeFUP4DwwsyCWg24x1R7RkFE3P75Jcck6Q8JW8d9iQWo=" ip_address: "176.53.69.21" ip_address: "176.53.69.23" location: diff --git a/hiera/thrips.yaml b/hiera/thrips.yaml index ca86ee5..6d916bc 100644 --- a/hiera/thrips.yaml +++ b/hiera/thrips.yaml @@ -9,8 +9,6 @@ couch: epmd_port: 4369 neighbors: - ant.demo.bitmask.net - master: false - mode: multimaster port: 5984 users: admin: @@ -25,10 +23,6 @@ couch: password: CyhRSafC4SUGQ9F762Qfv3TPQDqTjn2G salt: e3ee9259723d0cbd8b3265dbe8b4e21e username: nickserver - replication: - password: gPFMMKdZaTHF24nQGYQTDHkAduQcarBm - salt: 215a1f508e2b564978f98e43231e1506 - username: replication soledad: password: cGqWZqTdFc_fuSZvfPtUTL_7uMA6d5YC salt: 514355e86f1d3fa4de42b677de21281d @@ -81,9 +75,6 @@ mail: smarthost: - leech.demo.bitmask.net name: thrips -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - couchdb @@ -132,29 +123,25 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - clients: - ednp_clients: - ant_9002: - accept_port: 4001 - connect: ant.demo.bitmask.i - connect_port: 19002 - original_port: 9002 - epmd_clients: - ant_4369: - accept_port: 4000 - connect: ant.demo.bitmask.i - connect_port: 14369 - original_port: 4369 - servers: - couch_server: - accept_port: 15984 - connect_port: 5984 - ednp_server: - accept_port: 19002 - connect_port: 9002 - epmd_server: - accept_port: 14369 - connect_port: 4369 + couch_server: + accept: 15984 + connect: "127.0.0.1:5984" + ednp_clients: + ant_9002: + accept_port: 4001 + connect: ant.demo.bitmask.i + connect_port: 19002 + ednp_server: + accept: 19002 + connect: "127.0.0.1:9002" + epmd_clients: + ant_4369: + accept_port: 4000 + connect: ant.demo.bitmask.i + connect_port: 14369 + epmd_server: + accept: 14369 + connect: "127.0.0.1:4369" tags: - demo - seattle @@ -221,9 +208,6 @@ x509: bbeVsHat97eo2210j/wOQUxoGYzUq4WVKoCbQFfAhf/ksXhNn6mBBCuhCDp/Mu09 s0n2njL9 -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEogIBAAKCAQEA9TdRRiX7Ia4yRKvGpRuV7Ff/iS29eFdddwSYg+uPSRm4Hn4f @@ -253,4 +237,3 @@ x509: GaBuHcOkEMwibPgxyoBZLPlS4/Au7MZLRTRqGoo8N1vl0x71mhA= -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/tor1.yaml b/hiera/tor1.yaml index 7363ed3..e29a87b 100644 --- a/hiera/tor1.yaml +++ b/hiera/tor1.yaml @@ -20,9 +20,6 @@ mail: smarthost: - mx1.bitmask.net name: tor1 -platform: - major_version: "0.6" - version: "0.6" service_type: internal_service services: - tor @@ -63,9 +60,6 @@ ssh: enabled: true ports: "60000:61000" port: 22 -stunnel: - clients: {} - servers: {} tags: - local tor: @@ -73,12 +67,6 @@ tor: contacts: - sysdev@leap.se family: "deeruSaR9IekHdQGUGI,hippobagtc8Z3KPmfnT" - hidden_service: - active: ~ - address: ~ - key_type: RSA - private_key: ~ - public_key: ~ nickname: tor1pPXtPbHH5BVHVE2 x509: ca_cert: | @@ -142,9 +130,6 @@ x509: KyFwoPZJ/prUbN7soJcaXfMRwKjKBtAZcfiEIuF/Kj0q0ej3SlIRQn9qQ3kB8gCm rq5L0rF43W9j+Nk6UsuShrFnpNco1oeVupR64lMe/NeS -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ key: | -----BEGIN RSA PRIVATE KEY----- MIIEpQIBAAKCAQEA22A15S8yonSXCU8U/5UHkTMMgsWpnEwk28+xGzwbRCX5g4dF @@ -174,4 +159,3 @@ x509: FPbeaUQIPPQfHUADhENClQ9eGyeOEj4BUwGbGxyKVBQEeJUO0VsD4eM= -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/urchin.yaml b/hiera/urchin.yaml index c4b6076..236061f 100644 --- a/hiera/urchin.yaml +++ b/hiera/urchin.yaml @@ -27,8 +27,8 @@ couch: salt: 70bcff5aeb5a7ed22a96a4b43790965f username: nickserver replication: - password: _mVfcIyFV_vfRFUvpNmAWYn_9KUxJ7Pv - salt: b53363c123da0677255bd93ec1627db7 + password: B7LFWg7x7AQRIXdxGmsd4MjfQISB_EZj + salt: 868afc4ca18138cc256f57ff2a3c99a5 username: replication soledad: password: PgrbUREhqBGY4r4XIXQEgkk3jTH4sEJA @@ -60,22 +60,22 @@ hosts: clam: domain_full: clam.dev.bitmask.net domain_internal: clam.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDR+ZrQQ4ggDM5ZpNyoVmZJ3cQwzlfrTorWohEY0BAhLDuxpKR5U95Dam8xckh4tM2o0ZFkayVYLoW2s1hrD8Rt6AYVM6l7z5tSf/lIbWO++PAoIKSPJmSmg7kZs+P3Tafs0VjJh3Ypc2nmqvih+oRPSSdDUP7Dqumham5GGWVG/Y7UzukY7r1SeWdFW3fEvR+74/rCpWbSPgG5Fckp9FTy82JV7z+E+S+UHD1Dcgpimve4GGAbHVySNPI1khNHeTFuPJCgehwLOInCexXJO5gIcqyj4d3xABt84BGEHbzaSYDiUNZJep/dOddGt+xTZCzmmFtYcSjUZLR+wQCMFOeH" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMYfDEXXpRdNtIaa1aGLVqG/3laVEoLi4ujKAFKtsgOJqw6qd6Sph29Jyqb5SmXNqzebuVKbWmKogXia1wKnjUc=" ip_address: "176.53.69.22" elk: domain_full: elk.dev.bitmask.net domain_internal: elk.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDu95UcykhjBiamMLHpGqB1UrPScpihrfOvlX0yO4zTa3PoJy+tx06UNfZ5JZD5llsezZ5HifUANSQ0XFPeYr3Vf4wrbD59oilUQtNXyB8avXatipRljURp6Yb5w1/pputbuZSe8aqn1HMDrSkTILbaCSdF0y5vWvssU2eDmpaZMtNEgPvA39PHHgxLXno7aktMJ8Vc3Wvqm6aUiBURZILGPchnVHgiMZUNiwm/nx7eRkIv1OTOJwPRBAOzqZuKf3c6jemtAMpihlwq4hBl99f+mWe/Fpzy0pq+BkfCPCnOE9iXk9ELd7hl0MoLHMdjCoQeWdVVEm5gJTjx0iZCDdyF" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJxIofc6JyVvppMKv/hZnMZp/aYeEcy5kHAW1O1/ZkHnclc/cmxEQ2HtRNhMXziOrYZG/UB9NCEBkTFG2PG6XH8=" ip_address: "176.53.69.127" starfish: domain_full: starfish.dev.bitmask.net domain_internal: starfish.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYdKG2P28qWIzj497n8DaC50wPUUHDGg6qvSf64+qtfKGG6n1NNL4vrtO/mvOwLVCE7EqeQGzKD3V6/RyDECvKQK3bspMLE6E5MuH5cMKzlSKDZETtCMI/23UTRe8HXoQSZbwxtSFEA+p38M0yqqwysk5tna+Fo9ZatDgwRqOln1m9ny6ckxXMhpuc0s/7nbqLtHvhm22i70ghU5Hrjgz+/xI5IoL5e3vkDbAih1Jub+TdpmxnTKw53oWL2vzDxKstsmNm7GOeujPr5SDdVpxhzxfg/9JBtT59yiGm4C3sNC7LsceME2V77qSx9RIqVeWv/hvHjRqEFErIAMCl6UoB" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH7hjD8SIQshnCrMkin4MY6ff1QAJRusnMMsitiTc3+rpn5cCVW+ZB6+nwSKUyiXbD8l6wcL0CTxEZJGhYyfKc0=" ip_address: "176.53.69.23" urchin: domain_full: urchin.dev.bitmask.net domain_internal: urchin.dev.bitmask.i - host_pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfU1/BwcAUPRHNffdxePpL15ME0shqsINsbyTbE3pcxwB+oUk0BO8Hk2rVU9WAvUXBRzKjjTNVbXz3lFv1cDsIIRmSewN5G2qR3KO2MAlEaOPZa9oy6vzoJ3i8r8SlESDFUZLkzWfTDtnvb7DlkYAZwaJ1LMhO7Ou3PDdxyWixmpE5cblCExoO55fmJMP9FmD6viqc2rfRKiNkb9W8uqiEBXEGG96QBnAwXGPD3THlfe7SWJeGGuvWsH9kUJIDAABb8GHdzquOYr2xvwyBnQNgWCbyI60umlNLFNlOuX3Q8s8bGcEcKtwb5mJIztBgITsyuzm7H+z/e+EGOU1G2I0r" + host_pub_key: "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKuJ+QA8GaXfxxERGFQSznpqJNmIk4gNFp3UvqYvL9PLeFUP4DwwsyCWg24x1R7RkFE3P75Jcck6Q8JW8d9iQWo=" ip_address: "176.53.69.21" ip_address: "176.53.69.21" location: diff --git a/hiera/vpn1.yaml b/hiera/vpn1.yaml index b3005e7..ec7818b 100644 --- a/hiera/vpn1.yaml +++ b/hiera/vpn1.yaml @@ -20,11 +20,6 @@ mail: smarthost: - mx1.bitmask.net name: vpn1 -obfsproxy: - gateway_address: "10.5.5.46" - scramblesuit: - password: K5HEYZTLIVIDIUDZKF2EE2BZKNTGCSSF - port: 22735 openvpn: adblock: false allow_free: true @@ -49,9 +44,6 @@ openvpn: second_gateway_address: ~ unlimited_prefix: UNLIMITED user_ips: false -platform: - major_version: "0.6" - version: "0.6" service_type: user_service services: - openvpn @@ -92,9 +84,6 @@ ssh: enabled: true ports: "60000:61000" port: 22 -stunnel: - clients: {} - servers: {} tags: - local x509: @@ -193,9 +182,6 @@ x509: xIAokTRYLx/6lq8bwelCPGVjy7EsGXt9aN+gMb4R3L9vA/NQrXu+dmCJKPE1vUHF gkVBxxt/s0R2aKM= -----END CERTIFICATE----- - commercial_ca_cert: ~ - commercial_cert: ~ - commercial_key: ~ dh: | -----BEGIN DH PARAMETERS----- MIIBngKCAZcAsTaQV6TwbN9PpD6dYdXz0lA0drrXLRvS8rNoMTaDnIv134RwKwsb @@ -237,4 +223,3 @@ x509: 8hacajGZ/d17cG5lIC269f9SeCqCBkg4IjJJA8aPX65M4J1UdF+h -----END RSA PRIVATE KEY----- use: true - use_commercial: false diff --git a/hiera/wallaby.yaml b/hiera/wallaby.yaml index e9a07e1..d240647 100644 --- a/hiera/wallaby.yaml +++ b/hiera/wallaby.yaml @@ -161,10 +161,10 @@ development: site_config: true dns: aliases: - - api.demo.bitmask.net + - wallaby.demo.bitmask.net - demo.bitmask.net + - api.demo.bitmask.net - nicknym.demo.bitmask.net - - wallaby.demo.bitmask.net public: true domain: full: wallaby.demo.bitmask.net @@ -175,21 +175,17 @@ domain: enabled: true environment: demo haproxy: - couch: - listen_port: 4096 - servers: - ant: - backup: false - host: localhost - port: 4000 - weight: 100 - writable: true - thrips: - backup: false - host: localhost - port: 4001 - weight: 100 - writable: true + servers: + ant: + backup: false + host: localhost + port: 4000 + weight: 100 + thrips: + backup: false + host: localhost + port: 4001 + weight: 100 hosts: ant: domain_full: ant.demo.bitmask.net @@ -223,9 +219,6 @@ nickserver: username: nickserver domain: nicknym.demo.bitmask.net port: 6425 -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - webapp @@ -266,34 +259,29 @@ ssh: ports: "60000:61000" port: 4422 stunnel: - clients: - couch_client: - ant_5984: - accept_port: 4000 - connect: ant.demo.bitmask.i - connect_port: 15984 - original_port: 5984 - thrips_5984: - accept_port: 4001 - connect: thrips.demo.bitmask.i - connect_port: 15984 - original_port: 5984 - servers: {} + couch_client: + ant_5984: + accept_port: 4000 + connect: ant.demo.bitmask.i + connect_port: 15984 + thrips_5984: + accept_port: 4001 + connect: thrips.demo.bitmask.i + connect_port: 15984 tags: - demo - seattle webapp: admins: - - azul - elijah + - varac + - micah - kwadronaut - mcnair - meanderingcode - - micah - - varac + - azul allow_anonymous_certs: true allow_limited_certs: false - allow_registration: true allow_unlimited_certs: true api_version: 1 client_certificates: @@ -309,29 +297,16 @@ webapp: password: LH5DH5rbLZs7zuCaIgWpDAetDpLvUAHg salt: c632af58769857bcdf108b46da9eaa44 username: webapp - customization_dir: /srv/leap/files/webapp/ + customization_dir: /etc/leap/files/webapp/ default_service_level: 1 domain: demo.bitmask.net - engines: - - support - forbidden_usernames: - - admin - - administrator - - arin-admin - - certmaster - - contact - - info - - maildrop - - postmaster - - ssladmin - - www-data git: revision: origin/master source: "https://leap.se/git/leap_web" modules: + - user - billing - help - - user nagios_test_user: password: CsdFzBeYX6bepZdbzvaN6Dbu5NPz6Ycv username: nagios_test @@ -766,4 +741,3 @@ x509: /76btyS2OfJe1Jcz43JX5/RD90q3Uo6Yi0j4NZwQb6TvFRyXnW5p2g== -----END RSA PRIVATE KEY----- use: true - use_commercial: true diff --git a/hiera/web1.yaml b/hiera/web1.yaml index 8fed05a..cd0130b 100644 --- a/hiera/web1.yaml +++ b/hiera/web1.yaml @@ -124,10 +124,10 @@ development: site_config: true dns: aliases: - - api.bitmask.net + - web1.bitmask.net - bitmask.net + - api.bitmask.net - nicknym.bitmask.net - - web1.bitmask.net public: true domain: full: web1.bitmask.net @@ -138,21 +138,17 @@ domain: enabled: true environment: local haproxy: - couch: - listen_port: 4096 - servers: - couch1: - backup: false - host: localhost - port: 4000 - weight: 10 - writable: true - couch2: - backup: false - host: localhost - port: 4001 - weight: 10 - writable: true + servers: + couch1: + backup: false + host: localhost + port: 4000 + weight: 10 + couch2: + backup: false + host: localhost + port: 4001 + weight: 10 hosts: couch1: domain_full: couch1.bitmask.net @@ -179,9 +175,6 @@ nickserver: username: nickserver domain: nicknym.bitmask.net port: 6425 -platform: - major_version: "0.6" - version: "0.6" service_type: public_service services: - webapp @@ -223,33 +216,28 @@ ssh: ports: "60000:61000" port: 22 stunnel: - clients: - couch_client: - couch1_5984: - accept_port: 4000 - connect: couch1.bitmask.i - connect_port: 15984 - original_port: 5984 - couch2_5984: - accept_port: 4001 - connect: couch2.bitmask.i - connect_port: 15984 - original_port: 5984 - servers: {} + couch_client: + couch1_5984: + accept_port: 4000 + connect: couch1.bitmask.i + connect_port: 15984 + couch2_5984: + accept_port: 4001 + connect: couch2.bitmask.i + connect_port: 15984 tags: - local webapp: admins: - - azul - elijah + - varac + - micah - kwadronaut - mcnair - meanderingcode - - micah - - varac + - azul allow_anonymous_certs: false allow_limited_certs: false - allow_registration: true allow_unlimited_certs: true api_version: 1 client_certificates: @@ -265,29 +253,16 @@ webapp: password: pg9XGGdt4Dr3WcM9PYDqMmxxKHTpvsc9 salt: 7e8868f8c4775290fd37d2f520d13672 username: webapp - customization_dir: /srv/leap/files/webapp/ + customization_dir: /etc/leap/files/webapp/ default_service_level: 1 domain: bitmask.net - engines: - - support - forbidden_usernames: - - admin - - administrator - - arin-admin - - certmaster - - contact - - info - - maildrop - - postmaster - - ssladmin - - www-data git: revision: origin/master source: "https://leap.se/git/leap_web" modules: + - user - billing - help - - user nagios_test_user: password: uI_cYvPGNDZrcXTVLH_x88QFWjJ2yCZT username: nagios_test @@ -721,4 +696,3 @@ x509: E4LfGgOC9CfxpTJOZIJM/4jTiozg/fVedFIuAqdDpgKAUiWNBbhheQ== -----END RSA PRIVATE KEY----- use: true - use_commercial: true -- cgit v1.2.3