diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2017-10-23 19:43:47 -0200 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2017-10-23 19:43:47 -0200 |
commit | b45c60df8af294fe97b8912a0b9703c76e5de8d6 (patch) | |
tree | 2a3442f2e0b3c7494cc591ac8c8053d84c3c9d84 /puppet/config/hiera.yaml | |
parent | c880b15f013c6d761e4632570112f796ffc1dcda (diff) | |
parent | 1bfffe2e0adff6e44ec33726988b64f95ea2f599 (diff) | |
download | debian-b45c60df8af294fe97b8912a0b9703c76e5de8d6.tar.gz debian-b45c60df8af294fe97b8912a0b9703c76e5de8d6.tar.bz2 |
Merge commit '1bfffe2e0adff6e44ec33726988b64f95ea2f599' into develop
Diffstat (limited to 'puppet/config/hiera.yaml')
-rw-r--r-- | puppet/config/hiera.yaml | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/puppet/config/hiera.yaml b/puppet/config/hiera.yaml new file mode 100644 index 0000000..c39c8e7 --- /dev/null +++ b/puppet/config/hiera.yaml @@ -0,0 +1,41 @@ +--- +:backends: + - eyaml + - yaml +:yaml: + # Right now vagrant and puppet are not fully supporting + # a relative datadir. For it to work, we were forced to + # create a manifests/hiera symlink. This should be + # reconsidered in the future. + # + # See http://docs.vagrantup.com/v2/provisioning/puppet_apply.html + :datadir: '%{settings::confdir}/config' +:eyaml: + :datadir: '%{settings::confdir}/config' + :extension: 'yaml' + + # If using the pkcs7 encryptor (default) + :pkcs7_private_key: '%{settings::confdir}/keys/private_key.pkcs7.pem' + :pkcs7_public_key: '%{settings::confdir}/keys/public_key.pkcs7.pem' +:hierarchy: + # + # Put in the secrets folder all sensitive information that + # wont be spread into every system if you're using the Hydra Suite. + # + # We also recommend to leave only encrypted data in your hiera config. + # + - 'secrets/node/%{::clientcert}' + - 'secrets/role/%{::nodo::role}' + - 'secrets/location/%{::nodo::location}' + - 'secrets/domain/%{::domain}' + + # + # All other stuff goes in regular YAML files. + # + - 'node/%{::clientcert}' + - 'role/%{::nodo::role}' + - 'virtual/%{::virtual}' + - 'location/%{::nodo::location}' + - 'domain/%{::domain}' + - compiled + - common |