diff options
Diffstat (limited to 'config/hiera.yaml')
| -rw-r--r-- | config/hiera.yaml | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/config/hiera.yaml b/config/hiera.yaml new file mode 100644 index 0000000..c39c8e7 --- /dev/null +++ b/config/hiera.yaml @@ -0,0 +1,41 @@ +--- +:backends: + - eyaml + - yaml +:yaml: + # Right now vagrant and puppet are not fully supporting + # a relative datadir. For it to work, we were forced to + # create a manifests/hiera symlink. This should be + # reconsidered in the future. + # + # See http://docs.vagrantup.com/v2/provisioning/puppet_apply.html + :datadir: '%{settings::confdir}/config' +:eyaml: + :datadir: '%{settings::confdir}/config' + :extension: 'yaml' + + # If using the pkcs7 encryptor (default) + :pkcs7_private_key: '%{settings::confdir}/keys/private_key.pkcs7.pem' + :pkcs7_public_key: '%{settings::confdir}/keys/public_key.pkcs7.pem' +:hierarchy: + # + # Put in the secrets folder all sensitive information that + # wont be spread into every system if you're using the Hydra Suite. + # + # We also recommend to leave only encrypted data in your hiera config. + # + - 'secrets/node/%{::clientcert}' + - 'secrets/role/%{::nodo::role}' + - 'secrets/location/%{::nodo::location}' + - 'secrets/domain/%{::domain}' + + # + # All other stuff goes in regular YAML files. + # + - 'node/%{::clientcert}' + - 'role/%{::nodo::role}' + - 'virtual/%{::virtual}' + - 'location/%{::nodo::location}' + - 'domain/%{::domain}' + - compiled + - common |