diff options
Diffstat (limited to 'puppet/hiera/hiera.yaml')
| -rw-r--r-- | puppet/hiera/hiera.yaml | 28 |
1 files changed, 20 insertions, 8 deletions
diff --git a/puppet/hiera/hiera.yaml b/puppet/hiera/hiera.yaml index 33acc9e..a8ae792 100644 --- a/puppet/hiera/hiera.yaml +++ b/puppet/hiera/hiera.yaml @@ -8,14 +8,26 @@ # reconsidered in the future. # # See http://docs.vagrantup.com/v2/provisioning/puppet_apply.html - :datadir: hiera + :datadir: '%{settings::confdir}/hiera' :hierarchy: - - '%{::environment}/domain/%{::domain}/node/%{::clientcert}' - - '%{::environment}/domain/%{::domain}/role/%{::role}' - - '%{::environment}/domain/%{::domain}/location/%{::location}' - - '%{::environment}/domain/%{::domain}/%{::domain}' - - '%{::environment}/location/%{::location}' - - '%{::environment}/virtual/%{::virtual}' - - '%{::environment}/role/%{::role}' + # + # Put in the secrets folder all sensitive information that + # wont be spread into every system if you're using the Hydra Suite. + # + # We also recommend to leave only encrypted data in your hiera config. + # + - 'secrets/node/%{::clientcert}' + - 'secrets/role/%{::nodo::role}' + - 'secrets/location/%{::nodo::location}' + - 'secrets/domain/%{::domain}' + + # + # All other stuff goes in regular YAML files. + # + - 'node/%{::clientcert}' + - 'role/%{::nodo::role}' + - 'virtual/%{::virtual}' + - 'location/%{::nodo::location}' + - 'domain/%{::domain}' - bootstrap - common |