logstash::generic_resource:
catalina:
resource: file
- order: 10 # Input
+ order: 10 # Input
parameters:
path: '/var/lib/tomcat/catalina/odt-cms/logs/catalina.out'
type: tomcat
negate: true
opencms:
resource: file
- order: 10 # Input
+ order: 10 # Input
parameters:
path: '/var/lib/tomcat/catalina/odt-cms/webapps/ROOT/WEB-INF/logs/opencms.log'
type: opencms
negate: true
tomcat_access:
resource: file
- order: 10 # Input
+ order: 10 # Input
parameters:
path: '/var/lib/tomcat/catalina/odt-cms/logs/localhost_access_log.*'
type: tomcat-access
---
-infra::role: base_for_old_systems # because we don't need xymon
+infra::role: base_for_old_systems # because we don't need xymon
infra::additional_classes:
- infra::profile::pg_server
- infra::profile::mongodb_server
- opencms_to_slash_http:
comment: '/opencms to /'
rewrite_rule:
- - '^/opencms/(.*)$ http://localhost:8080/opencms/$1 [P,L]'
+ - '^/opencms/(.*)$ http://localhost:8080/opencms/$1 [P,L]'
- https:
comment: 'all to https'
rewrite_rule:
- opencms_to_slash_https:
comment: '/opencms to /'
rewrite_rule:
- - '^/opencms/(.*)$ http://localhost:8081/opencms/$1 [P,L]'
+ - '^/opencms/(.*)$ http://localhost:8081/opencms/$1 [P,L]'
- proxy_https:
rewrite_cond:
- '%%{ich-trickse}{REQUEST_URI} !^/(opencms|resources|export|skins|genImages|genImagesTemp|fonts)'
- '%%{ich-trickse}{REQUEST_URI} !^/.\.html'
rewrite_rule:
- '^(.*)$ https://int-odt-daimler-com.pixelpark.net$1 [L,R=301]'
- #rewrites_ssl:
+ # rewrites_ssl:
# - check_auth:
# comment: 'show error if denied'
# rewrite_cond:
provider: location
path: '/newsletterservice'
require:
- - ip 217.66.51.0/24
- - ip 217.66.50.0/24
- - ip 217.66.56.0/24
- - ip 213.61.96.226
- - ip 176.28.25.242
- - ip 37.120.57.39
- - ip 46.30.59.148
- - ip 82.165.141.125
- - ip 37.120.103.75
- - ip 83.125.19.254
- - ip 192.168.170.49
- - ip 192.168.170.53
- - ip 192.168.170.52
- - ip 54.205.87.231
- - ip 86.56.52.27
- - ip 37.202.1.232
- - ip 46.30.60.116
- - ip 192.168.170.102
- - ip 192.168.170.103
- - ip 85.236.207.96
- - ip 37.201.4.175
- - ip 192.168.170.129
- - ip 92.79.46.246
- - ip 88.217.140.58
+ - ip 217.66.51.0/24
+ - ip 217.66.50.0/24
+ - ip 217.66.56.0/24
+ - ip 213.61.96.226
+ - ip 176.28.25.242
+ - ip 37.120.57.39
+ - ip 46.30.59.148
+ - ip 82.165.141.125
+ - ip 37.120.103.75
+ - ip 83.125.19.254
+ - ip 192.168.170.49
+ - ip 192.168.170.53
+ - ip 192.168.170.52
+ - ip 54.205.87.231
+ - ip 86.56.52.27
+ - ip 37.202.1.232
+ - ip 46.30.60.116
+ - ip 192.168.170.102
+ - ip 192.168.170.103
+ - ip 85.236.207.96
+ - ip 37.201.4.175
+ - ip 192.168.170.129
+ - ip 92.79.46.246
+ - ip 88.217.140.58
infra::profile::cron::cronjobs:
fetchcrl:
- opencms_to_slash_http:
comment: '/opencms to /'
rewrite_rule:
- - '^/opencms/(.*)$ http://localhost:8080/opencms/$1 [P,L]'
+ - '^/opencms/(.*)$ http://localhost:8080/opencms/$1 [P,L]'
- https:
comment: 'all to https'
rewrite_rule:
- opencms_to_slash_https:
comment: '/opencms to /'
rewrite_rule:
- - '^/opencms/(.*)$ http://localhost:8081/opencms/$1 [P,L]'
+ - '^/opencms/(.*)$ http://localhost:8081/opencms/$1 [P,L]'
- proxy_https:
rewrite_cond:
- '%%{ich-trickse}{REQUEST_URI} !^/(opencms|resources|export|skins|genImages|genImagesTemp|fonts)'
---
-accounts::users:
- jenkins:
- apply: true
- sudo: true
-
infra::role: base
infra::additional_classes:
- infra::profile::apache
- '%%{ich-trickse}{REQUEST_URI} !^/.\.html'
rewrite_rule:
- '^(.*)$ https://int-odt-daimler-com.pixelpark.net$1 [L,R=301]'
- #rewrites_ssl:
+ # rewrites_ssl:
# - check_auth:
# comment: 'show error if denied'
# rewrite_cond:
provider: location
path: '/newsletterservice'
require:
- - ip 217.66.51.0/24
- - ip 217.66.50.0/24
- - ip 217.66.56.0/24
- - ip 213.61.96.226
- - ip 176.28.25.242
- - ip 37.120.57.39
- - ip 46.30.59.148
- - ip 82.165.141.125
- - ip 37.120.103.75
- - ip 83.125.19.254
- - ip 192.168.170.49
- - ip 192.168.170.53
- - ip 192.168.170.52
- - ip 54.205.87.231
- - ip 86.56.52.27
- - ip 37.202.1.232
- - ip 46.30.60.116
- - ip 192.168.170.102
- - ip 192.168.170.103
- - ip 37.201.4.175
- - ip 85.236.207.96
- - ip 192.168.170.129
+ - ip 217.66.51.0/24
+ - ip 217.66.50.0/24
+ - ip 217.66.56.0/24
+ - ip 213.61.96.226
+ - ip 176.28.25.242
+ - ip 37.120.57.39
+ - ip 46.30.59.148
+ - ip 82.165.141.125
+ - ip 37.120.103.75
+ - ip 83.125.19.254
+ - ip 192.168.170.49
+ - ip 192.168.170.53
+ - ip 192.168.170.52
+ - ip 54.205.87.231
+ - ip 86.56.52.27
+ - ip 37.202.1.232
+ - ip 46.30.60.116
+ - ip 192.168.170.102
+ - ip 192.168.170.103
+ - ip 37.201.4.175
+ - ip 85.236.207.96
+ - ip 192.168.170.129
infra::profile::cron::cronjobs:
fetchcrl:
---
-infra::role: base_for_old_systems # because we can't install xymon
+infra::role: base_for_old_systems # because we can't install xymon
infra::additional_classes:
- accounts
- infra::profile::apache
logstash::generic_resource:
catalina:
resource: file
- order: 10 # Input
+ order: 10 # Input
parameters:
path: '/var/lib/tomcat/catalina/odt-cms/logs/catalina.out'
type: tomcat
negate: true
opencms:
resource: file
- order: 10 # Input
+ order: 10 # Input
parameters:
path: '/var/lib/tomcat/catalina/odt-cms/webapps/ROOT/WEB-INF/logs/opencms.log'
type: opencms
negate: true
tomcat_access:
resource: file
- order: 10 # Input
+ order: 10 # Input
parameters:
path: '/var/lib/tomcat/catalina/odt-cms/logs/localhost_access_log.*'
type: tomcat-access
---
-infra::role: base # because we don't need xymon
+infra::role: base # because we don't need xymon
infra::additional_classes:
- infra::profile::pg_server
- infra::profile::mongodb_server
- 'host openemm openemm 77.74.234.111/32 md5'
- 'host opencms opencms 10.90.13.0/24 md5'
- 'host opencms opencms 10.90.14.0/24 md5'
- - 'host opencms opencms 93.188.107.192/26 md5' # temporary 'till migration
- - 'host openemm openemm 93.188.107.192/26 md5' # temporary 'till migration
- - 'host openemm_cms openemm 93.188.107.192/26 md5' # temporary 'till migration
+ - 'host opencms opencms 93.188.107.192/26 md5' # temporary 'till migration
+ - 'host openemm openemm 93.188.107.192/26 md5' # temporary 'till migration
+ - 'host openemm_cms openemm 93.188.107.192/26 md5' # temporary 'till migration
infra::profile::pg_server::pgpw: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAkFafa2YcmiQDm4Ke++iIWS5cxwg3MGeVhiFZkrz4o7mwk05R2wXDIQdsP+2qQQgKJje2PTZqyICXNIhv8fraJYvRBkpNY730jdlFzaUIJjwBgdJTHxsqiU+IDReC+DMuqEyl9otu8NUkYVErWHPOR1dWYjBGF7BcyaYXOb4fCZD+tw4Y9EfkGJ2ZIQVIRDAp4mGFYAG9AHNJods2WIOnskTvzD/beXj2BxnN6nXTnJobFymw/L/HttaDza3qW8d1yeVdYqGXhjWrlqK1d/3nxuyfJNSfBe6Cbl40c7UaGeH73/E3WuzTNcv7H5o7tyberOC6jI2AbOzQ1kFz+r27IzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBqEuxyHaOpRI67UG1wBtE6gCCV8Kzjc0vmC/ax42U9rBQow5KGBDwN1qiO1m+4iMJJUQ==]
infra::profile::pg_server::dbs:
---
-infra::role: base_for_old_systems # because we can't install xymon
+infra::role: base_for_old_systems # because we can't install xymon
infra::additional_classes:
- accounts
- infra::profile::apache
# enabled until merge of 71e4c530d286b8f11863d16ee94bc2f28f800cce
SSLRequire %%{ich-trickse}{SSL_CLIENT_I_DN_O} eq "ODT"
SSLVerifyClient require
- #- webservice:
+ # - webservice:
# provider: location
# path: '/emm_webservice'
# require:
# - 'ip 93.188.107.192/26'
# - 'ip 217.66.50.0/24'
# - 'ip 217.66.51.0/24'
- #- newsletterservice:
+ # - newsletterservice:
# provider: location
# path: '/newsletterservice'
# require:
projects / pixelpark / hiera.git / commitdiff