+++ /dev/null
----
-infra::role: base_for_old_systems
-infra::additional_classes:
- - java
- - accounts
- - infra::profile::cron
-
-java::package: java-1.8.0-oraclejdk
-puppetconf::server: puppetmaster01.pixelpark.com
-
-
-apache::mod::mime::mime_types_additional:
- 'AddHandler':
- 'type-map': 'var'
- 'AddType':
- 'text/html': '.shtml'
- 'AddOutputFilter':
- 'INCLUDES': '.shtml'
- 'AddEncoding':
- 'gzip': '.svgz'
-
-accounts::users:
- sirona:
- apply: false
-
-aem::maven::mirrors:
- - {id: pixelpark-nexus, url: 'https://nexus.pixelpark.com/content/groups/public/', mirrorof: '*'}
-
-sudo::configs:
- aem:
- priority: "05"
- content: |
- Cmnd_Alias START_PUBLISH = /usr/bin/systemctl start publish
- Cmnd_Alias START_AUTHOR = /usr/bin/systemctl start author
- Cmnd_Alias START_PUPPET = /usr/bin/systemctl start puppet
- Cmnd_Alias STOP_PUBLISH = /usr/bin/systemctl stop publish
- Cmnd_Alias STOP_AUTHOR = /usr/bin/systemctl stop author
- Cmnd_Alias STOP_PUPPET = /usr/bin/systemctl stop puppet
- Cmnd_Alias BACKUP = /usr/local/sbin/zfs_rotation.sh*
- aem ALL=(ALL) NOPASSWD:START_PUBLISH, START_AUTHOR, START_PUPPET, STOP_PUBLISH, STOP_AUTHOR, STOP_PUPPET, BACKUP
-
-#
-# Author
-#
-infra::profile::aem::author::license_download_id: ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAHiAyTkjYu7u4DveVGZYC9TKUmFWwAVcll4SFMZ604E38Xm+5rNa8TVAcW9lnnA3qqtbEn6+zwdm/aaSZqq9f/jdtbEcHH2syGq7WcdWtmR7bKVsOWz2J0JiGWyKlCKkAHP4kSWYJ2dQUMaah9rF/4qMaND36Z5fiBoTu/+hfNW0or+eqTHB25E0apIfir1x4MyKwlrdryvYqVlAVczAha1HxIbfNAEhPu4ij0dS3Y7aULAlXyULSBsSM8RmfXrGzrkphAH1lgt6ubk2B7rPchu5CKDl63YVYjz6u7nd2wNcj8a31Gwc8r3bsLbOHVaPKsgeQ8/SiA6kNHZu3oFQ9YzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBt6tSmxQnKOlaK+zrP3CKcgDAiKA5trIvwC+HOEXL5LN6XpIFTNN4TLWccnKJoHneUCJzdw3vK19RN23XEwlb+aCk=]
-infra::profile::aem::author::license_product_version: '6.1.0.20150507'
-infra::profile::aem::author::license_customer_name: 'Day Training'
-infra::profile::aem::author::license_product_name: 'Adobe Experience Manager'
-
-infra::profile::aem::author::jvm_opts: '-d64 -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=9010 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false'
-
-#aem::author::install_packages:
-infra::profile::aem::author::instance_name: author
-infra::profile::aem::author::install_mode: 'quickstart'
-infra::profile::aem::author::install_options:
- download_type: maven
- download_uri: com.adobe.aem:aem-quickstart:6.1:jar
-
-# Compaction & Backup for Author
-infra::profile::aem::author::oak_version: '1.2.7'
-infra::profile::aem::author::backup_command: '/usr/bin/sudo -n /usr/local/sbin/zfs_rotation.sh datapool 2592000'
-infra::profile::aem::author::compaction_timeout: 21600 # 6h Timeout
-infra::profile::aem::author::mail_to:
- - gerstenberg@pixelpark.com
-
-#
-# Publisher
-#
-infra::profile::aem::publish::license_download_id: ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAYdR+YqNXHmBT02M0v6XzyqGqI6C1tSrttKzOhka9kVde3KpVTIFCZjP7qg7SEvSPYesgcTAEPNJBGfFOAwZ3OsMLO/ikdGbZ2+nTIyB+CV8mGb98djBCkKjp69Qf6Vc6hl25djj7oj5sgoV7TqHMovrxxzkiqcleUCsz66h+uOP7WLBNnevRez7kqbfanwmeNoV2n/g1ZEX/oVxfthBMruE2cwLs45tSBeNx7244MYOv2tUyjMgm4odjwFH8ADWMvS//cGrWlblTQrFaG5c/6WCsBqj/mB9LmP3s6oykQd/At4Rxn04/9HjYjHLeymBkoEDs6Pe0Cmtpze3WdXdQWjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBocffLcP/NHPsJFRPpyIttgDCTdpMMU3E+vHV0mgruxSOC8j/oSk0cMtfDeDhL1v1kmTy6+RhxKGkoshUCJ5Ymq9o=]
-infra::profile::aem::publish::license_product_version: '6.1.0.20150507'
-infra::profile::aem::publish::license_customer_name: 'Day Training'
-infra::profile::aem::publish::license_product_name: 'Adobe Experience Manager'
-
-infra::profile::aem::publish::jvm_opts: '-d64 -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=9010 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false'
-
-infra::profile::aem::publish::install_mode: 'quickstart'
-infra::profile::aem::publish::instance_name: publish
-infra::profile::aem::publish::install_options:
- download_type: maven
- download_uri: com.adobe.aem:aem-quickstart:6.1:jar
-
-# Compaction & Backup for Publisher
-infra::profile::aem::publish::oak_version: '1.2.7'
-infra::profile::aem::publish::backup_command: '/usr/bin/sudo -n /usr/local/sbin/zfs_rotation.sh datapool 2592000'
-infra::profile::aem::publish::compaction_timeout: 21600 # 6h Timeout
-infra::profile::aem::publish::mail_to:
- - gerstenberg@pixelpark.com
-#
-# dispatcher
-#
-aem::dispatcher::download_type_options:
- groupid: com.adobe.aem
- artifactid: dispatcher-apache2.4
- version: 4.2.0
- packaging: so
- repos: https://nexus.pixelpark.com/content/groups/public/
+++ /dev/null
----
-# Fuer Livegang
-# accounts::users:
-# florian.schade:
-# apply: true
-
-# admin:8Z7YrhLk2zOG
-infra::profile::aem::author::admin_pass: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEALVpH8ef4BshDYRnThveSnC7hLczTJ1b7BQ4TGzADdVKFq3OW9czp7OSLlan74Ld5crOsQn+4fLQWSKRTOxMAKkPU31jVwzQd7Y0PHTyo5EAWoUNGbfR3jt1MAStWfUzeaLhi+bmxWV68SdIHOfV6lUSUpZca/rBehlQbORKygiopT60L8gTGdqiMZNTWGnhuA/59Vc57ssMJGQpv0EZGbfwTqrVQN2qnJHjAd4Sdph1EytlV+Fgo//NjQNzJ2+NQ9wl1PzixgZSGAU8HEYBe+4oxZ/BBR3/hiPHQGp2HBzy6OPynFP+RxNYI08gmeNIOajob5u5GAqgRVAH2dGr5xDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCX07CnIhjH5gnVJk7BX2X9gBCCCHVuiYEEZoKC123D7fin]
-infra::profile::aem::publish::admin_pass: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEABEVGusGv7HNHvLKGWJvFEe2kkyaCYeUvuEHBsV/2h789GrApbuSYREq0s2FY8z+qMgeUoySKtZF2ARO4Qk/eprjD6oMzfZ/xf2Ga7XgEaxVrZLHKLUIUt2xmftI1fJiDPuyff94vxK1NThCwwYNkoZmz/IkiofImxlYdQKOGGgXg3w53SAk6szVA01E27Al7s8ogib0IYcrhdAWcn1RLqmdBj0FWI9/WV6APIQdpAB3f1cDk/SRx5Sdf4NwN2EnBsX8waVq+4irlCws067tYMDRdRhia7SjjzCdBc6JzTs7AAEannhnEl1LmKUjUxt29f9iw4b8xL7mFBkdnrT75+DA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD81RIzpWvsCu5WCh6oqTPBgBC2zQKCNqpsa/EjV6iElGJx]
-
-aem::packages:
- service_pack_1:
- groupid: 'com.adobe.aem'
- artifactid: 'aem61-service-pack-1'
- version: '1.0'
- acs_aem_commons:
- groupid: 'com.adobe.acs'
- artifactid: 'acs-aem-commons-content'
- version: '2.6.4'
- cq-6.1.0-hotfix-9130:
- groupid: 'com.adobe.aem'
- artifactid: 'cq-6.1.0-hotfix-9130'
- version: '1.0'
- cq-6.1.0-hotfix-9381:
- groupid: 'com.adobe.aem'
- artifactid: 'cq-6.1.0-hotfix-9381'
- version: '1.1'
-
-infra::profile::aem::publish::jvm_heap_min: 4096M
-infra::profile::aem::publish::jvm_heap_max: 6144M
-
-infra::profile::aem::author::jvm_heap_min: 4096M
-infra::profile::aem::author::jvm_heap_max: 6144M
-
-# www:yIRN57qmO28y
-infra::profile::apache::htdigest:
- server:
- www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAiBukxV7jmUZA/lYsE7pL0KpuGQ2ViHubHZehBUwtxa9zOgyrB/Tlr2Z79THHZsjSXGOzQSK1di57m8Hn15fUVXacrjvLeYsnA2bg+EgQb/ZzbdSQBTuWyKwDZ3bkXPnX6OwhRuSsYvN/pNjc/sgfNdT/j/staZEshMAQVCgJ/WekVAALaWK50yYWL5+JUNfYdRiluKOU39IkBGp5dPQhNWDFPezSiRbr7yDnSL6pAYxyj1pqTXmlGnzzqvA3tk83q6nVgM7nEsNzaHcrlRBVPTezfwyjpPahCTnAYGquMyMQ2wWmqxYapKPDrpyPdN/u+VzaO0wv/oocRwXBAUAGcTA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDY01oPkVnWlNvTokIhrHaigBC3RE6PdNfrlMoAnEA5Kk4F]
-
-# Apache Publisher
-infra::profile::aem::publish::pp_vhosts:
- bmw:
- serveraliases:
- - www-bmw-de.pixelpark.net
- docroot: '/var/www/html/cache'
- ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
- ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem'
- ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
- docroot_owner: apache
- directories:
- - docroot:
- provider: directory
- path: '/var/www/html/cache'
- sethandler: dispatcher-handler
- options:
- - FollowSymLinks
- - location1:
- provider: location
- path: '/'
- auth_type: Digest
- auth_name: server
- auth_digest_provider: file
- auth_digest_algorithm: MD5
- auth_user_file: '/etc/httpd/htdigest'
- auth_require: 'valid-user'
- require:
- - local
-
-# Apache Author
-infra::profile::aem::author::enable_apache: true
-infra::profile::aem::author::pp_vhosts:
- bmw-author:
- docroot: '/var/www'
- servername: red-bmw-de.pixelpark.net
- ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
- ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem'
- ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
- allow_encoded_slashes: 'on'
- rewrites_non_ssl:
- - https:
- comment: 'all to https'
- rewrite_rule:
- - '^(.*)$ https://red-bmw-de.pixelpark.net$1 [L,R=302]'
- proxy_preserve_host: true
- proxy_pass:
- - { path: /, url: 'http://localhost:4502/' }
- request_headers_ssl:
- - 'set X-Forwarded-Proto "https" env=HTTPS'
- directories:
- - docroot:
- provider: directory
- path: '/var/www/'
-
-aem::dispatcher::publish_farm:
- website:
- clientheaders:
- - '*'
- renders:
- - { hostname: "127.0.0.1", port: '4503' }
- filter:
- - { type: 'deny', glob: '*' }
- - { type: 'allow', url: '/' }
- - { type: 'allow', url: '*.html' }
- - { type: 'allow', url: '*.css' } # enable css
- - { type: 'allow', url: '*.gif' } # enable gifs
- - { type: 'allow', url: '*.ico' } # enable icos
- - { type: 'allow', url: '*.js' } # enable javascript
- - { type: 'allow', url: '*.png' } # enable png
- - { type: 'allow', url: '*.swf' } # enable flash
- - { type: 'allow', url: '*.jpg' } # enable jpg
- - { type: 'allow', url: '*.jpeg' } # enable jpeg
- - { type: 'allow', url: '*.svg' } # enable svg
- - { type: 'allow', url: '*.ttf' } # enable ttf
- - { type: 'allow', url: '*.woff' } # enable woff
- - { type: 'allow', url: '*.woff2' } # enable woff2
- - { type: 'allow', url: '*.eot' } # enable eot
- - { type: 'allow', url: '*.pdf' } # enable pdf
- - { type: 'allow', url: '*.wmv' } # enable wmv
- - { type: 'allow', url: '*.psd' } # enable psd (Adobe Photoshop Dokument)
- - { type: 'allow', url: '*.tif' } # enable tif
- - { type: 'allow', url: '*.indd' } # enable indd (Adobe Indesign Dokument)
- # Enable features
- - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
- - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
- # Security Rules
- - { type: 'deny', url: '/etc/' }
- - { type: 'deny', url: '/libs/' }
- - { type: 'allow', url: '/etc/designs/*' }
- - { type: 'allow', url: '/etc/clientlibs/*' }
- - { type: 'allow', url: '/etc/segmentation.segment.js' }
- - { type: 'allow', url: '/libs/cq/personalization/components/clickstreamcloud/content/config.json' }
- - { type: 'allow', url: '/libs/wcm/stats/tracker.js' }
- - { type: 'allow', url: '/libs/cq/personalization/*' } # (JS, CSS and JSON)
- - { type: 'allow', url: '/libs/cq/security/userinfo.json' } # (CQ user information)
- - { type: 'allow', url: '/libs/granite/security/currentuser.json' } # (data must not be cached)
- - { type: 'allow', url: '/libs/cq/i18n/*' } # (Internalization)
- # CSRF
- - { type: 'allow', url: '/libs/granite/csrf/token.json' }
- # Deny content grabbing
- - { type: 'deny', url: '*.infinity.json' }
- - { type: 'deny', url: '*.tidy.json' }
- - { type: 'deny', url: '*.sysview.xml' }
- - { type: 'deny', url: '*.docview.json' }
- - { type: 'deny', url: '*.docview.xml' }
- - { type: 'deny', url: '*.*[0-9].json' }
- # Deny query
- - { type: 'deny', url: '*.query.json' }
- cache_docroot: '/var/www/html/cache'
- cache_rules:
- - { type: 'allow', glob: '*' }
- cache_invalidate:
- - { type: 'deny', glob: '*' }
- - { type: 'allow', glob: '*.html' }
- - { type: 'allow', glob: '/etc/segmentation.segment.js' }
- - { type: 'allow', glob: '*/analytics.sitecatalyst.js' }
- cache_allowed_clients:
- - { type: 'deny', glob: '*' }
- - { type: 'allow', glob: '127.0.0.1' }
- cache_headers:
- - 'X-Content-Type-Options'
- - 'X-Frame-Options'
- - 'X-XSS-Protection'
- - 'Last-Modified'
- - 'Expires'
- - 'Content-Type'
- - 'Access-Control-Allow-Origin'
projects / pixelpark / hiera.git / commitdiff