From: Frank Brehm Date: Wed, 11 Oct 2017 14:18:04 +0000 (+0200) Subject: Moving customer/pixelpark/puppetmaster01.pixelpark.com.yaml -> customer/pixelpark... X-Git-Tag: v0.1.0~2353^2~2 X-Git-Url: https://git.uhu-banane.org/?a=commitdiff_plain;h=f2edf550b48a319bb76ee84c95cb94ddcb478c7d;p=pixelpark%2Fhiera.git Moving customer/pixelpark/puppetmaster01.pixelpark.com.yaml -> customer/pixelpark-puppet/puppetmaster01.pixelpark.com.yaml and formating it for puppet 5 --- diff --git a/customer/pixelpark-puppet/puppetmaster01.pixelpark.com.yaml b/customer/pixelpark-puppet/puppetmaster01.pixelpark.com.yaml new file mode 100644 index 00000000..021ccadd --- /dev/null +++ b/customer/pixelpark-puppet/puppetmaster01.pixelpark.com.yaml @@ -0,0 +1,115 @@ +--- +infra::role: base +infra::additional_classes: + - infra::profile::apache + # - infra::profile::mcollective::common + - apache::mod::cgid + +accounts::users: + jenkins: + apply: true + +# mcollective::client: false +# mcollective::server: true + +sudo::configs: + deploy: + priority: "06" + content: | + apache ALL=(ALL) NOPASSWD: /bin/git, /opt/puppetlabs/puppet/bin/r10k, /bin/touch, /usr/bin/curl, /opt/puppetlabs/puppet/bin/curl + +#apache::mod::passenger::passenger_max_pool_size: 32 +#apache::mod::passenger::passenger_pool_idle_time: 600 +#apache::mod::passenger::passenger_max_requests: 10000 +#apache::mod::passenger::passenger_high_performance: 'On' +#apache::mod::passenger::passenger_ruby: /usr/bin/ruby +#apache::mod::passenger::passenger_root: /usr/share/ruby/vendor_ruby/phusion_passenger/locations.ini + +infra::profile::apache::pp_vhosts: + gitdeploy: + servername: puppetmaster.pixelpark.com + serveraliases: + - puppetmaster01.pixelpark.com + - puppetmaster02.pixelpark.com + cert_servername: 'wildcard.pixelpark.com' + cert_customer: 'pixelpark' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.com-key.pem' + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem' + docroot: /var/www/cgi-bin + directories: + - directory1: + provider: directory + path: '/var/www/cgi-bin' + options: + - FollowSymlinks + - MultiViews + - ExecCGI + addhandlers: + handler: cgi-script + extensions: '.py' + rewrites: + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%{literal("%")}{HTTP_HOST}%{literal("%")}{REQUEST_URI} [R=301,L]' + +#infra::profile::apache::vhosts: +# rewrite: +# port: 80 +# servername: puppetmaster.pixelpark.com +# serveraliases: +# - puppetmaster01.pixelpark.com +# docroot: /var/www/html/ +# redirect_dest: https://foreman.pixelpark.com +# gitdeploy: +# port: 8009 +# servername: puppetmaster.pixelpark.com +# serveraliases: +# - puppetmaster01.pixelpark.com +# docroot: /var/www/cgi-bin +# directories: +# - directory1: +# provider: directory +# path: '/var/www/cgi-bin' +# options: +# - Indexes +# - FollowSymlinks +# - MultiViews +# - ExecCGI +# addhandlers: +# handler: cgi-script +# extensions: '.py' +# puppetmaster: +# servername: puppetmaster.pixelpark.com +# serveraliases: +# - puppetmaster01.pixelpark.com +# docroot: /usr/share/puppet/rack/puppetmasterd/public +# passenger_min_instances: 4 +# port: 8140 +# ssl: true +# ssl_protocol: "ALL -SSLv2 -SSLv3" +# ssl_cipher: "EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA" +# ssl_options: "+StdEnvVars +ExportCertData" +# ssl_verify_client: "optional" +# ssl_verify_depth: 1 +# ssl_crl: "/var/lib/puppet/ssl/ca/ca_crl.pem" +# ssl_crl_check: chain +# ssl_ca: "/var/lib/puppet/ssl/ca/ca_crt.pem" +# ssl_chain: "/var/lib/puppet/ssl/ca/ca_crt.pem" +# ssl_key: "/var/lib/puppet/ssl/private_keys/puppetmaster01.pixelpark.com.pem" +# ssl_cert: "/var/lib/puppet/ssl/certs/puppetmaster01.pixelpark.com.pem" +# request_headers: +# - "unset X-Forwarded-For" +# - "set X-SSL-Subject %%{ich-trickse}{SSL_CLIENT_S_DN}e" +# - "set X-Client-DN %%{ich-trickse}{SSL_CLIENT_S_DN}e" +# - "set X-Client-Verify %%{ich-trickse}{SSL_CLIENT_VERIFY}e" +# directories: +# - directory1: +# provider: directory +# path: '/usr/share/puppet/rack/puppetmasterd' +# options: +# - None +# allow_override: +# - None diff --git a/customer/pixelpark/puppetmaster01.pixelpark.com.yaml b/customer/pixelpark/puppetmaster01.pixelpark.com.yaml deleted file mode 100644 index a6c14b49..00000000 --- a/customer/pixelpark/puppetmaster01.pixelpark.com.yaml +++ /dev/null @@ -1,83 +0,0 @@ ---- -infra::role: base -infra::additional_classes: - - infra::profile::apache - - infra::profile::mcollective::common - - infra::profile::postfix - - infra::profile::cron - - apache::mod::cgid - -accounts::users: - jenkins: - apply: true - -mcollective::client: false -mcollective::server: true - - - -#apache::mod::passenger::passenger_max_pool_size: 32 -#apache::mod::passenger::passenger_pool_idle_time: 600 -#apache::mod::passenger::passenger_max_requests: 10000 -#apache::mod::passenger::passenger_high_performance: 'On' -#apache::mod::passenger::passenger_ruby: /usr/bin/ruby -#apache::mod::passenger::passenger_root: /usr/share/ruby/vendor_ruby/phusion_passenger/locations.ini - -infra::profile::apache::vhosts: - rewrite: - port: 80 - servername: puppetmaster.pixelpark.com - serveraliases: - - puppetmaster01.pixelpark.com - docroot: /var/www/html/ - redirect_dest: https://foreman.pixelpark.com - gitdeploy: - port: 8009 - servername: puppetmaster.pixelpark.com - serveraliases: - - puppetmaster01.pixelpark.com - docroot: /var/www/cgi-bin - directories: - - directory1: - provider: directory - path: '/var/www/cgi-bin' - options: - - Indexes - - FollowSymlinks - - MultiViews - - ExecCGI - addhandlers: - handler: cgi-script - extensions: '.py' -# puppetmaster: -# servername: puppetmaster.pixelpark.com -# serveraliases: -# - puppetmaster01.pixelpark.com -# docroot: /usr/share/puppet/rack/puppetmasterd/public -# passenger_min_instances: 4 -# port: 8140 -# ssl: true -# ssl_protocol: "ALL -SSLv2 -SSLv3" -# ssl_cipher: "EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA" -# ssl_options: "+StdEnvVars +ExportCertData" -# ssl_verify_client: "optional" -# ssl_verify_depth: 1 -# ssl_crl: "/var/lib/puppet/ssl/ca/ca_crl.pem" -# ssl_crl_check: chain -# ssl_ca: "/var/lib/puppet/ssl/ca/ca_crt.pem" -# ssl_chain: "/var/lib/puppet/ssl/ca/ca_crt.pem" -# ssl_key: "/var/lib/puppet/ssl/private_keys/puppetmaster01.pixelpark.com.pem" -# ssl_cert: "/var/lib/puppet/ssl/certs/puppetmaster01.pixelpark.com.pem" -# request_headers: -# - "unset X-Forwarded-For" -# - "set X-SSL-Subject %%{ich-trickse}{SSL_CLIENT_S_DN}e" -# - "set X-Client-DN %%{ich-trickse}{SSL_CLIENT_S_DN}e" -# - "set X-Client-Verify %%{ich-trickse}{SSL_CLIENT_VERIFY}e" -# directories: -# - directory1: -# provider: directory -# path: '/usr/share/puppet/rack/puppetmasterd' -# options: -# - None -# allow_override: -# - None