Moving customer/pixelpark/puppetmaster01.pixelpark.com.yaml -> customer/pixelpark...

diff --git a/customer/pixelpark-puppet/puppetmaster01.pixelpark.com.yaml b/customer/pixelpark-puppet/puppetmaster01.pixelpark.com.yaml
new file mode 100644 (file)
index 0000000..021ccad
--- /dev/null
+++ b/customer/pixelpark-puppet/puppetmaster01.pixelpark.com.yaml
@@ -0,0 +1,115 @@
+---
+infra::role: base
+infra::additional_classes:
+  - infra::profile::apache
+  # - infra::profile::mcollective::common
+  - apache::mod::cgid
+
+accounts::users:
+  jenkins:
+    apply: true
+
+# mcollective::client: false
+# mcollective::server: true
+
+sudo::configs:
+  deploy:
+    priority: "06"
+    content: |
+      apache ALL=(ALL) NOPASSWD: /bin/git, /opt/puppetlabs/puppet/bin/r10k, /bin/touch, /usr/bin/curl, /opt/puppetlabs/puppet/bin/curl
+
+#apache::mod::passenger::passenger_max_pool_size: 32
+#apache::mod::passenger::passenger_pool_idle_time: 600
+#apache::mod::passenger::passenger_max_requests: 10000
+#apache::mod::passenger::passenger_high_performance: 'On'
+#apache::mod::passenger::passenger_ruby: /usr/bin/ruby
+#apache::mod::passenger::passenger_root: /usr/share/ruby/vendor_ruby/phusion_passenger/locations.ini
+
+infra::profile::apache::pp_vhosts:
+  gitdeploy:
+    servername: puppetmaster.pixelpark.com
+    serveraliases:
+      - puppetmaster01.pixelpark.com
+      - puppetmaster02.pixelpark.com
+    cert_servername: 'wildcard.pixelpark.com'
+    cert_customer: 'pixelpark'
+    ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem'
+    ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.com-key.pem'
+    ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem'
+    docroot: /var/www/cgi-bin
+    directories:
+      - directory1:
+        provider: directory
+        path: '/var/www/cgi-bin'
+        options:
+          - FollowSymlinks
+          - MultiViews
+          - ExecCGI
+        addhandlers:
+          handler: cgi-script
+          extensions: '.py'
+    rewrites:
+      - comment: 'http to https'
+        rewrite_cond:
+          - '%%{ich-trickse}{HTTPS} !=on'
+        rewrite_rule:
+          - '(.*) https://%{literal("%")}{HTTP_HOST}%{literal("%")}{REQUEST_URI} [R=301,L]'
+
+#infra::profile::apache::vhosts:
+#  rewrite:
+#    port: 80
+#    servername: puppetmaster.pixelpark.com
+#    serveraliases:
+#      - puppetmaster01.pixelpark.com
+#    docroot: /var/www/html/
+#    redirect_dest: https://foreman.pixelpark.com
+#  gitdeploy:
+#    port: 8009
+#    servername: puppetmaster.pixelpark.com
+#    serveraliases:
+#      - puppetmaster01.pixelpark.com
+#    docroot: /var/www/cgi-bin
+#    directories:
+#      - directory1:
+#        provider: directory
+#        path: '/var/www/cgi-bin'
+#        options:
+#          - Indexes
+#          - FollowSymlinks
+#          - MultiViews
+#          - ExecCGI
+#        addhandlers:
+#          handler: cgi-script
+#          extensions: '.py'
+#  puppetmaster:
+#    servername: puppetmaster.pixelpark.com
+#    serveraliases:
+#      - puppetmaster01.pixelpark.com
+#    docroot: /usr/share/puppet/rack/puppetmasterd/public
+#    passenger_min_instances: 4
+#    port: 8140
+#    ssl: true
+#    ssl_protocol: "ALL -SSLv2 -SSLv3"
+#    ssl_cipher: "EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA"
+#    ssl_options: "+StdEnvVars +ExportCertData"
+#    ssl_verify_client: "optional"
+#    ssl_verify_depth: 1
+#    ssl_crl: "/var/lib/puppet/ssl/ca/ca_crl.pem"
+#    ssl_crl_check: chain
+#    ssl_ca: "/var/lib/puppet/ssl/ca/ca_crt.pem"
+#    ssl_chain: "/var/lib/puppet/ssl/ca/ca_crt.pem"
+#    ssl_key: "/var/lib/puppet/ssl/private_keys/puppetmaster01.pixelpark.com.pem"
+#    ssl_cert: "/var/lib/puppet/ssl/certs/puppetmaster01.pixelpark.com.pem"
+#    request_headers:
+#      - "unset X-Forwarded-For"
+#      - "set X-SSL-Subject %%{ich-trickse}{SSL_CLIENT_S_DN}e"
+#      - "set X-Client-DN %%{ich-trickse}{SSL_CLIENT_S_DN}e"
+#      - "set X-Client-Verify %%{ich-trickse}{SSL_CLIENT_VERIFY}e"
+#    directories:
+#      - directory1:
+#        provider: directory
+#        path: '/usr/share/puppet/rack/puppetmasterd'
+#        options:
+#          - None
+#        allow_override:
+#          - None

diff --git a/customer/pixelpark/puppetmaster01.pixelpark.com.yaml b/customer/pixelpark/puppetmaster01.pixelpark.com.yaml
deleted file mode 100644 (file)
index a6c14b4..0000000
--- a/customer/pixelpark/puppetmaster01.pixelpark.com.yaml
+++ /dev/null
@@ -1,83 +0,0 @@
----
-infra::role: base
-infra::additional_classes:
-  - infra::profile::apache
-  - infra::profile::mcollective::common
-  - infra::profile::postfix
-  - infra::profile::cron
-  - apache::mod::cgid
-
-accounts::users:
-  jenkins:
-    apply: true
-
-mcollective::client: false
-mcollective::server: true
-
-
-
-#apache::mod::passenger::passenger_max_pool_size: 32
-#apache::mod::passenger::passenger_pool_idle_time: 600
-#apache::mod::passenger::passenger_max_requests: 10000
-#apache::mod::passenger::passenger_high_performance: 'On'
-#apache::mod::passenger::passenger_ruby: /usr/bin/ruby
-#apache::mod::passenger::passenger_root: /usr/share/ruby/vendor_ruby/phusion_passenger/locations.ini
-
-infra::profile::apache::vhosts:
-  rewrite:
-    port: 80
-    servername: puppetmaster.pixelpark.com
-    serveraliases:
-      - puppetmaster01.pixelpark.com
-    docroot: /var/www/html/
-    redirect_dest: https://foreman.pixelpark.com
-  gitdeploy:
-    port: 8009
-    servername: puppetmaster.pixelpark.com
-    serveraliases:
-      - puppetmaster01.pixelpark.com
-    docroot: /var/www/cgi-bin
-    directories:
-      - directory1:
-        provider: directory
-        path: '/var/www/cgi-bin'
-        options:
-          - Indexes
-          - FollowSymlinks
-          - MultiViews
-          - ExecCGI
-        addhandlers:
-          handler: cgi-script
-          extensions: '.py'
-#  puppetmaster:
-#    servername: puppetmaster.pixelpark.com
-#    serveraliases:
-#      - puppetmaster01.pixelpark.com
-#    docroot: /usr/share/puppet/rack/puppetmasterd/public
-#    passenger_min_instances: 4
-#    port: 8140
-#    ssl: true
-#    ssl_protocol: "ALL -SSLv2 -SSLv3"
-#    ssl_cipher: "EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA"
-#    ssl_options: "+StdEnvVars +ExportCertData"
-#    ssl_verify_client: "optional"
-#    ssl_verify_depth: 1
-#    ssl_crl: "/var/lib/puppet/ssl/ca/ca_crl.pem"
-#    ssl_crl_check: chain
-#    ssl_ca: "/var/lib/puppet/ssl/ca/ca_crt.pem"
-#    ssl_chain: "/var/lib/puppet/ssl/ca/ca_crt.pem"
-#    ssl_key: "/var/lib/puppet/ssl/private_keys/puppetmaster01.pixelpark.com.pem"
-#    ssl_cert: "/var/lib/puppet/ssl/certs/puppetmaster01.pixelpark.com.pem"
-#    request_headers:
-#      - "unset X-Forwarded-For"
-#      - "set X-SSL-Subject %%{ich-trickse}{SSL_CLIENT_S_DN}e"
-#      - "set X-Client-DN %%{ich-trickse}{SSL_CLIENT_S_DN}e"
-#      - "set X-Client-Verify %%{ich-trickse}{SSL_CLIENT_VERIFY}e"
-#    directories:
-#      - directory1:
-#        provider: directory
-#        path: '/usr/share/puppet/rack/puppetmasterd'
-#        options:
-#          - None
-#        allow_override:
-#          - None