diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2015-11-06 11:01:26 -0200 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2015-11-06 11:01:26 -0200 |
commit | 8748f432cdb01090767001523496f096345a492b (patch) | |
tree | cba4fd0d8d4501424c7fb5e84ba37dc2cdd7fca4 /puppet/hiera/hiera.yaml | |
parent | 506b62a99e35c69354e8bc977780e41117f1e6ca (diff) | |
parent | 5512c493e13998d4c83d7eab3d89e5a1c0836566 (diff) | |
download | debian-8748f432cdb01090767001523496f096345a492b.tar.gz debian-8748f432cdb01090767001523496f096345a492b.tar.bz2 |
Merge commit '5512c493e13998d4c83d7eab3d89e5a1c0836566' into develop
Conflicts:
puppet/puppet.conf
Diffstat (limited to 'puppet/hiera/hiera.yaml')
-rw-r--r-- | puppet/hiera/hiera.yaml | 28 |
1 files changed, 20 insertions, 8 deletions
diff --git a/puppet/hiera/hiera.yaml b/puppet/hiera/hiera.yaml index 33acc9e..a8ae792 100644 --- a/puppet/hiera/hiera.yaml +++ b/puppet/hiera/hiera.yaml @@ -8,14 +8,26 @@ # reconsidered in the future. # # See http://docs.vagrantup.com/v2/provisioning/puppet_apply.html - :datadir: hiera + :datadir: '%{settings::confdir}/hiera' :hierarchy: - - '%{::environment}/domain/%{::domain}/node/%{::clientcert}' - - '%{::environment}/domain/%{::domain}/role/%{::role}' - - '%{::environment}/domain/%{::domain}/location/%{::location}' - - '%{::environment}/domain/%{::domain}/%{::domain}' - - '%{::environment}/location/%{::location}' - - '%{::environment}/virtual/%{::virtual}' - - '%{::environment}/role/%{::role}' + # + # Put in the secrets folder all sensitive information that + # wont be spread into every system if you're using the Hydra Suite. + # + # We also recommend to leave only encrypted data in your hiera config. + # + - 'secrets/node/%{::clientcert}' + - 'secrets/role/%{::nodo::role}' + - 'secrets/location/%{::nodo::location}' + - 'secrets/domain/%{::domain}' + + # + # All other stuff goes in regular YAML files. + # + - 'node/%{::clientcert}' + - 'role/%{::nodo::role}' + - 'virtual/%{::virtual}' + - 'location/%{::nodo::location}' + - 'domain/%{::domain}' - bootstrap - common |