diff options
Diffstat (limited to 'templates')
24 files changed, 0 insertions, 789 deletions
diff --git a/templates/apache/htdocs/images/README.html.erb b/templates/apache/htdocs/images/README.html.erb deleted file mode 100644 index 4d0f929..0000000 --- a/templates/apache/htdocs/images/README.html.erb +++ /dev/null @@ -1,3 +0,0 @@ -<pre> -When not explicitly mentioned, the use of these images is restricted to <%= base_domain %> -</pre> diff --git a/templates/apache/htdocs/index.html.erb b/templates/apache/htdocs/index.html.erb deleted file mode 100644 index 6d2d7ea..0000000 --- a/templates/apache/htdocs/index.html.erb +++ /dev/null @@ -1,9 +0,0 @@ -<html><head> -<meta http-equiv="refresh" content="1;url=http://<%= domain %>"> -<title><%= domain %></title></head><body> - -<center> - <p><code>You are being redirected to <a href="http://<%= domain %>">http://<%= domain %></a>.</code></p> -</center> - -</body></html> diff --git a/templates/apache/htdocs/missing.html.erb b/templates/apache/htdocs/missing.html.erb deleted file mode 100644 index 0c95ef3..0000000 --- a/templates/apache/htdocs/missing.html.erb +++ /dev/null @@ -1,12 +0,0 @@ -<html> -<head> -<title>404 - Not Found</title> -</head> -<body> - <center> - <pre> - The address you are trying to reach could not be found. :( - </pre> - </center> -</body> -</html> diff --git a/templates/apache/vhosts/cgit.erb b/templates/apache/vhosts/cgit.erb deleted file mode 100644 index d2d393d..0000000 --- a/templates/apache/vhosts/cgit.erb +++ /dev/null @@ -1,30 +0,0 @@ -# begin vhost for cgit -<VirtualHost *:80> - ServerName git.<%= domain %> - ServerAlias gitweb.<%= domain %> - - ServerSignature Off - - Alias /cgit.css /var/www/htdocs/cgit/cgit.css - Alias /cgit.png /var/www/htdocs/cgit/cgit.png - - ScriptAlias /cgi-bin/ /var/www/htdocs/cgit/ - - DocumentRoot /var/git/repositories - <Directory /var/git/repositories> - AllowOverride None - Options +ExecCGI - Order allow,deny - Allow from all - - DirectoryIndex /cgi-bin/cgit.cgi - - RewriteEngine on - RewriteCond %{REQUEST_FILENAME} !-f - RewriteRule ^.*$ /cgi-bin/cgit.cgi/$0 [L,PT] - </Directory> - - ErrorLog /var/log/apache2/cgit.openezx.org/error.log - CustomLog /var/log/apache2/cgit.openezx.org/access.log common -</VirtualHost> -# end vhost for git diff --git a/templates/apache/vhosts/git.erb b/templates/apache/vhosts/git.erb deleted file mode 100644 index 89173ac..0000000 --- a/templates/apache/vhosts/git.erb +++ /dev/null @@ -1,21 +0,0 @@ -# begin vhost for git -<VirtualHost *:80> - # Recipe based on http://josephspiros.com/2009/07/26/configuring-gitweb-for-apache-on-debian - - ServerName git.<%= domain %> - ServerAlias gitweb.<%= domain %> - SetEnv GITWEB_CONFIG /etc/gitweb.conf - HeaderName HEADER - DocumentRoot /var/git/repositories - Alias /gitweb.css /usr/share/gitweb/gitweb.css - Alias /git-favicon.png /usr/share/gitweb/git-favicon.png - Alias /git-logo.png /usr/share/gitweb/git-logo.png - - ScriptAlias /gitweb /usr/lib/cgi-bin/gitweb.cgi - RewriteEngine on - - # Rewrite all other paths that aren't git repo internals to gitweb - RewriteRule ^/$ /gitweb [PT] - RewriteRule ^/(.*\.git/(?!/?(HEAD|info|objects|refs)).*)?$ /gitweb%{REQUEST_URI} [L,PT] -</VirtualHost> -# end vhost for git diff --git a/templates/apache/vhosts/lists.erb b/templates/apache/vhosts/lists.erb deleted file mode 100644 index 158dfd4..0000000 --- a/templates/apache/vhosts/lists.erb +++ /dev/null @@ -1,22 +0,0 @@ -# begin vhost for lists.<%= domain %> -<VirtualHost *:80> - ServerName lists.<%= domain %> - DocumentRoot /var/www/data/lists - - RedirectMatch ^/$ https://lists.<%= domain %>/wws - Alias /static-sympa /var/lib/sympa/static_content - Alias /wwsicons /usr/share/sympa/icons - ScriptAlias /wws /var/www/data/lists/wwsympa.fcgi - - <IfModule mod_fcgid.c> - IPCCommTimeout 120 - MaxProcessCount 2 - </IfModule> - - SuexecUserGroup sympa sympa - - <Location /wws> - SetHandler fcgid-script - </Location> -</VirtualHost> -# end vhost for lists.<%= domain %> diff --git a/templates/apache/vhosts/mail.erb b/templates/apache/vhosts/mail.erb deleted file mode 100644 index 3badcf0..0000000 --- a/templates/apache/vhosts/mail.erb +++ /dev/null @@ -1,72 +0,0 @@ -# begin vhost for mail.<%= domain > -<VirtualHost *:80> - ServerName mail.<%= domain > - #DocumentRoot /usr/share/squirrelmail - DocumentRoot /var/lib/roundcube - - # begin squirrel config - <Directory /usr/share/squirrelmail> - Options Indexes FollowSymLinks - <IfModule mod_php4.c> - php_flag register_globals off - </IfModule> - <IfModule mod_php5.c> - php_flag register_globals off - </IfModule> - <IfModule mod_dir.c> - DirectoryIndex index.php - </IfModule> - - # access to configtest is limited by default to prevent information leak - <Files configtest.php> - order deny,allow - deny from all - allow from 127.0.0.1 - </Files> - </Directory> - # end squirrel config - - # begin roundcube config - # Access to tinymce files - Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ - Alias /roundcube /var/lib/roundcube - - <Directory "/usr/share/tinymce/www/"> - Options Indexes MultiViews FollowSymLinks - AllowOverride None - Order allow,deny - allow from all - </Directory> - - <Directory /var/lib/roundcube/> - Options +FollowSymLinks - # This is needed to parse /var/lib/roundcube/.htaccess. See its - # content before setting AllowOverride to None. - AllowOverride All - order allow,deny - allow from all - </Directory> - - # Protecting basic directories: - <Directory /var/lib/roundcube/config> - Options -FollowSymLinks - AllowOverride None - </Directory> - - <Directory /var/lib/roundcube/temp> - Options -FollowSymLinks - AllowOverride None - Order allow,deny - Deny from all - </Directory> - - <Directory /var/lib/roundcube/logs> - Options -FollowSymLinks - AllowOverride None - Order allow,deny - Deny from all - </Directory> - # end roundcube config - -</VirtualHost> -# end vhost for mail.<%= domain > diff --git a/templates/apache/vhosts/nagios.erb b/templates/apache/vhosts/nagios.erb deleted file mode 100644 index 8b3d252..0000000 --- a/templates/apache/vhosts/nagios.erb +++ /dev/null @@ -1,61 +0,0 @@ -# begin vhost for nagios -<VirtualHost *:80> - ServerName nagios.<%= domain > - DocumentRoot /usr/share/nagios3/htdocs - - # apache configuration for nagios 3.x - # note to users of nagios 1.x and 2.x: - # throughout this file are commented out sections which preserve - # backwards compatibility with bookmarks/config forî<80><80>older nagios versios. - # simply look for lines following "nagios 1.x:" and "nagios 2.x" comments. - - ScriptAlias /cgi-bin/nagios3 /usr/lib/cgi-bin/nagios3 - ScriptAlias /nagios3/cgi-bin /usr/lib/cgi-bin/nagios3 - # nagios 1.x: - #ScriptAlias /cgi-bin/nagios /usr/lib/cgi-bin/nagios3 - #ScriptAlias /nagios/cgi-bin /usr/lib/cgi-bin/nagios3 - # nagios 2.x: - #ScriptAlias /cgi-bin/nagios2 /usr/lib/cgi-bin/nagios3 - #ScriptAlias /nagios2/cgi-bin /usr/lib/cgi-bin/nagios3 - - # Where the stylesheets (config files) reside - Alias /nagios3/stylesheets /etc/nagios3/stylesheets - # nagios 1.x: - #Alias /nagios/stylesheets /etc/nagios3/stylesheets - # nagios 2.x: - #Alias /nagios2/stylesheets /etc/nagios3/stylesheets - - # Where the HTML pages live - Alias /nagios3 /usr/share/nagios3/htdocs - # nagios 2.x: - #Alias /nagios2 /usr/share/nagios3/htdocs - # nagios 1.x: - #Alias /nagios /usr/share/nagios3/htdocs - - <DirectoryMatch (/usr/share/nagios3/htdocs|/usr/lib/cgi-bin/nagios3)> - Options FollowSymLinks - - DirectoryIndex index.html - - AllowOverride AuthConfig - Order Allow,Deny - Allow From All - - AuthName "Nagios Access" - AuthType Basic - AuthUserFile /etc/nagios3/htpasswd.users - # nagios 1.x: - #AuthUserFile /etc/nagios/htpasswd.users - require valid-user - </DirectoryMatch> - - # Enable this ScriptAlias if you want to enable the grouplist patch. - # See http://apan.sourceforge.net/download.html for more info - # It allows you to see a clickable list of all hostgroups in the - # left pane of the Nagios web interface - # XXX This is not tested for nagios 2.x use at your own peril - #ScriptAlias /nagios3/side.html /usr/lib/cgi-bin/nagios3/grouplist.cgi - # nagios 1.x: - #ScriptAlias /nagios/side.html /usr/lib/cgi-bin/nagios3/grouplist.cgi -</VirtualHost> -# end vhost for nagios diff --git a/templates/apache/vhosts/wiki.erb b/templates/apache/vhosts/wiki.erb deleted file mode 100644 index 56e395b..0000000 --- a/templates/apache/vhosts/wiki.erb +++ /dev/null @@ -1,17 +0,0 @@ -# begin vhost for wiki.<%= domain > -<VirtualHost *:80> - ServerName wiki.<%= domain > - DocumentRoot /var/www/data/wiki - - # begin wiki config - <Directory /var/www/data/wiki> - Options Indexes Includes FollowSymLinks MultiViews - AllowOverride All - </Directory> - # end wiki config - - <IfModule mpm_itk_module> - AssignUserId wiki wiki - </IfModule> -</VirtualHost> -# end vhost for wiki.<%= domain > diff --git a/templates/etc/aliases.erb b/templates/etc/aliases.erb deleted file mode 100644 index f520f68..0000000 --- a/templates/etc/aliases.erb +++ /dev/null @@ -1,15 +0,0 @@ -# /etc/aliases -mailer-daemon: postmaster -postmaster: root -nobody: root -hostmaster: root -usenet: root -news: root -webmaster: root -www: root -ftp: root -abuse: root -noc: root -security: root -reprepro: root -root: <%= first_user_email %> diff --git a/templates/etc/nagios3/htpasswd.users.erb b/templates/etc/nagios3/htpasswd.users.erb deleted file mode 100644 index c21d493..0000000 --- a/templates/etc/nagios3/htpasswd.users.erb +++ /dev/null @@ -1 +0,0 @@ -nagiosadmin:0FCabjvUTHvxF diff --git a/templates/etc/nginx/domain.erb b/templates/etc/nginx/domain.erb deleted file mode 100644 index 8beff14..0000000 --- a/templates/etc/nginx/domain.erb +++ /dev/null @@ -1,173 +0,0 @@ -# <%= domain %> proxy config - -# Set the max size for file uploads -client_max_body_size 100M; - -# SNI Configuration -server { - listen 443 default; - server_name _; - ssl on; - ssl_certificate /etc/ssl/certs/blank.crt; - ssl_certificate_key /etc/ssl/private/blank.pem; - return 403; -} - -server { - # see config tips at - # http://blog.taragana.com/index.php/archive/nginx-hacking-tips/ - - # Don't log anything - access_log /dev/null; - error_log /dev/null; - - # simple reverse-proxy - listen 80; - server_name *.<%= domain %> <%= domain %> - - # enable HSTS header - add_header Strict-Transport-Security "max-age=15768000; includeSubdomains"; - - # https redirection by default - rewrite ^(.*) https://$host$1 redirect; - - # rewrite rules for backups.<%= domain %> - #if ($host ~* ^backups\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # rewrite rules for admin.<%= domain %> - #if ($host ~* ^admin\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # rewrite rules for munin.<%= domain %> - #if ($host ~* ^munin\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # rewrite rules for trac.<%= domain %> - #if ($host ~* ^trac\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # rewrite rules for nagios.<%= domain %> - #if ($host ~* ^nagios\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # rewrite rules for htpasswd.<%= domain %> - #if ($host ~* ^htpasswd\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # rewrite rules for postfixadmin.<%= domain %> - #if ($host ~* ^postfixadmin\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # rewrite rules for mail.<%= domain %> - #if ($host ~* ^mail\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # rewrite rules for lists.<%= domain %> - #if ($host ~* ^lists\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # pass requests for dynamic content - location / { - proxy_set_header Host $http_host; - proxy_pass http://weblocal:80; - } - -} - -server { - # https reverse proxy - listen 443; - server_name *.<%= domain %> <%= domain %>; - - # Don't log anything - access_log /dev/null; - error_log /dev/null; - - ssl on; - ssl_certificate /etc/ssl/certs/cert.crt; - ssl_certificate_key /etc/ssl/private/cert.pem; - - ssl_session_timeout 5m; - - ssl_protocols SSLv3 TLSv1; - ssl_ciphers HIGH:MEDIUM:!aNULL:!SSLv2:!MD5:@STRENGTH; - ssl_prefer_server_ciphers on; - ssl_dhparam /etc/ssl/dhparams/dhparams_2048.pem; - - # Set the max size for file uploads - client_max_body_size 100M; - - location / { - # preserve http header and set forwarded proto - proxy_set_header Host $http_host; - proxy_set_header X-Forwarded-Proto https; - - proxy_read_timeout 120; - proxy_connect_timeout 120; - - # rewrite rules for admin.<%= domain %> - if ($host ~* ^admin\.<%= domain %>$) { - proxy_pass http://admin:80; - break; - } - - # rewrite rules for munin.<%= domain %> - if ($host ~* ^munin\.<%= domain %>$) { - proxy_pass http://admin:80; - break; - } - - # rewrite rules for trac.<%= domain %> - if ($host ~* ^trac\.<%= domain %>$) { - proxy_pass http://admin:80; - break; - } - - # rewrite rules for nagios.<%= domain %> - if ($host ~* ^nagios\.<%= domain %>$) { - proxy_pass http://admin:80; - break; - } - - # rewrite rules for postfixadmin.<%= domain %> - if ($host ~* ^postfixadmin\.<%= domain %>$) { - proxy_pass http://mail:80; - break; - } - - # rewrite rules for mail.<%= domain %> - if ($host ~* ^mail\.<%= domain %>$) { - proxy_pass http://mail:80; - break; - } - - # rewrite rules for lists.<%= domain %> - if ($host ~* ^lists\.<%= domain %>$) { - proxy_pass http://mail:80; - break; - } - - # default proxy pass - proxy_pass http://weblocal:80; - } - -} diff --git a/templates/postfix/tls_policy.erb b/templates/postfix/tls_policy.erb deleted file mode 100644 index e69de29..0000000 --- a/templates/postfix/tls_policy.erb +++ /dev/null diff --git a/templates/puppet/auth.conf.erb b/templates/puppet/auth.conf.erb deleted file mode 100644 index 96f078c..0000000 --- a/templates/puppet/auth.conf.erb +++ /dev/null @@ -1,120 +0,0 @@ -# This is the default auth.conf file, which implements the default rules -# used by the puppet master. (That is, the rules below will still apply -# even if this file is deleted.) -# -# The ACLs are evaluated in top-down order. More specific stanzas should -# be towards the top of the file and more general ones at the bottom; -# otherwise, the general rules may "steal" requests that should be -# governed by the specific rules. -# -# See http://docs.puppetlabs.com/guides/rest_auth_conf.html for a more complete -# description of auth.conf's behavior. -# -# Supported syntax: -# Each stanza in auth.conf starts with a path to match, followed -# by optional modifiers, and finally, a series of allow or deny -# directives. -# -# Example Stanza -# --------------------------------- -# path /path/to/resource # simple prefix match -# # path ~ regex # alternately, regex match -# [environment envlist] -# [method methodlist] -# [auth[enthicated] {yes|no|on|off|any}] -# allow [host|backreference|*|regex] -# deny [host|backreference|*|regex] -# allow_ip [ip|cidr|ip_wildcard|*] -# deny_ip [ip|cidr|ip_wildcard|*] -# -# The path match can either be a simple prefix match or a regular -# expression. `path /file` would match both `/file_metadata` and -# `/file_content`. Regex matches allow the use of backreferences -# in the allow/deny directives. -# -# The regex syntax is the same as for Ruby regex, and captures backreferences -# for use in the `allow` and `deny` lines of that stanza -# -# Examples: -# -# path ~ ^/path/to/resource # Equivalent to `path /path/to/resource`. -# allow * # Allow all authenticated nodes (since auth -# # defaults to `yes`). -# -# path ~ ^/catalog/([^/]+)$ # Permit nodes to access their own catalog (by -# allow $1 # certname), but not any other node's catalog. -# -# path ~ ^/file_(metadata|content)/extra_files/ # Only allow certain nodes to -# auth yes # access the "extra_files" -# allow /^(.+)\.example\.com$/ # mount point; note this must -# allow_ip 192.168.100.0/24 # go ABOVE the "/file" rule, -# # since it is more specific. -# -# environment:: restrict an ACL to a comma-separated list of environments -# method:: restrict an ACL to a comma-separated list of HTTP methods -# auth:: restrict an ACL to an authenticated or unauthenticated request -# the default when unspecified is to restrict the ACL to authenticated requests -# (ie exactly as if auth yes was present). -# - -### Authenticated ACLs - these rules apply only when the client -### has a valid certificate and is thus authenticated - -# allow nodes to retrieve their own catalog -path ~ ^/catalog/([^/]+)$ -method find -allow $1 - -# allow nodes to retrieve their own node definition -path ~ ^/node/([^/]+)$ -method find -allow $1 - -# allow all nodes to access the certificates services -path /certificate_revocation_list/ca -method find -allow * - -# allow all nodes to store their own reports -path ~ ^/report/([^/]+)$ -method save -allow $1 - -# Allow all nodes to access all file services; this is necessary for -# pluginsync, file serving from modules, and file serving from custom -# mount points (see fileserver.conf). Note that the `/file` prefix matches -# requests to both the file_metadata and file_content paths. See "Examples" -# above if you need more granular access control for custom mount points. -path /file -allow * - -### Unauthenticated ACLs, for clients without valid certificates; authenticated -### clients can also access these paths, though they rarely need to. - -# allow access to the CA certificate; unauthenticated nodes need this -# in order to validate the puppet master's certificate -path /certificate/ca -auth any -method find -allow * - -# allow nodes to retrieve the certificate they requested earlier -path /certificate/ -auth any -method find -allow * - -# allow nodes to request a new certificate -path /certificate_request -auth any -method find, save -allow * - -path /v2.0/environments -method find -allow * - -# deny everything else; this ACL is not strictly necessary, but -# illustrates the default policy. -path / -auth any diff --git a/templates/puppet/fileserver.conf.erb b/templates/puppet/fileserver.conf.erb deleted file mode 100644 index e4d6e0a..0000000 --- a/templates/puppet/fileserver.conf.erb +++ /dev/null @@ -1,21 +0,0 @@ -# See http://docs.puppetlabs.com/guides/file_serving.html - -# Files -[files] - path /etc/puppet/files - allow *.<%= base_domain %> - -# SSL keys -[ssl] - path /etc/puppet/keys/ssl - deny * - -# SSH keys -[ssh] - path /etc/puppet/keys/ssh/%h - allow * - -# Public keys -[pubkeys] - path /etc/puppet/keys/public - allow * diff --git a/templates/puppet/master.pp.erb b/templates/puppet/master.pp.erb deleted file mode 100644 index 5865723..0000000 --- a/templates/puppet/master.pp.erb +++ /dev/null @@ -1,10 +0,0 @@ -node '<%= hostname %>-master.<%= domain %>' { - $main_master = true - include nodo::master - - # encrypted data remote backup - #backup::rdiff { "other-host": - # port => "10102", - #} - -} diff --git a/templates/puppet/nodes.pp.erb b/templates/puppet/nodes.pp.erb deleted file mode 100644 index 4acddc6..0000000 --- a/templates/puppet/nodes.pp.erb +++ /dev/null @@ -1,14 +0,0 @@ -# -# Node definitions. -# - -<%- if first_nodes == 'present' then -%> -import "nodes/<%= first_hostname %>.pp" -import "nodes/<%= first_hostname %>-master.pp" -import "nodes/<%= first_hostname %>-proxy.pp" -import "nodes/<%= first_hostname %>-web.pp" -import "nodes/<%= first_hostname %>-storage.pp" -import "nodes/<%= first_hostname %>-test.pp" -<%- else -%> -#import "nodes/example.pp" -<%- end -%> diff --git a/templates/puppet/proxy.pp.erb b/templates/puppet/proxy.pp.erb deleted file mode 100644 index 908c2ec..0000000 --- a/templates/puppet/proxy.pp.erb +++ /dev/null @@ -1,53 +0,0 @@ -node '<%= hostname %>-proxy.<%= domain %>' { - #$mail_delivery = 'tunnel' - #$mail_hostname = 'mail' - #$mail_ssh_port = '2202' - - include nodo::proxy - - # encrypted data remote backup - #backup::rdiff { "other-host": - # port => "10102", - #} - - # reference to admin vserver - host { "<%= hostname %>-master": - ensure => present, - ip => "192.168.0.2", - host_aliases => [ "<%= hostname %>-master.<%= domain %>", "puppet", "admin" ], - notify => Service["nginx"], - } - - # reference to proxy vserver - #host { "<%= hostname %>-proxy": - # ensure => present, - # ip => "192.168.0.3", - # host_aliases => [ "<%= hostname %>-proxy.<%= domain %>", "<%= hostname %>-proxy" ], - # notify => Service["nginx"], - #} - - # reference to web vserver - host { "<%= hostname %>-web": - ensure => present, - ip => "192.168.0.4", - host_aliases => [ "<%= hostname %>-web.<%= domain %>", "<%= hostname %>-web", "weblocal" ], - notify => Service["nginx"], - } - - # reference to storage vserver - host { "<%= hostname %>-storage": - ensure => present, - ip => "192.168.0.5", - host_aliases => [ "<%= hostname %>-storage.<%= domain %>", "<%= hostname %>-storage" ], - notify => Service["nginx"], - } - - # reference to test vserver - host { "<%= hostname %>-test": - ensure => present, - ip => "192.168.0.6", - host_aliases => [ "<%= hostname %>-test.<%= domain %>", "<%= hostname %>-test" ], - notify => Service["nginx"], - } - -} diff --git a/templates/puppet/puppet.conf.erb b/templates/puppet/puppet.conf.erb deleted file mode 100644 index e2751ca..0000000 --- a/templates/puppet/puppet.conf.erb +++ /dev/null @@ -1,30 +0,0 @@ -[main] -logdir = /var/log/puppet -vardir = /var/lib/puppetmaster -ssldir = $vardir/ssl -rundir = /var/run/puppet -factpath = $vardir/lib/facter -pluginsync = true - -[master] -templatedir = $vardir/templates -masterport = 8140 -autosign = false -storeconfigs = true -dbadapter = sqlite3 -#dbadapter = mysql -#dbserver = localhost -#dbuser = puppet -#dbpassword = <%= db_password %> -dbconnections = 15 -certname = puppet.<%= base_domain %> -ssl_client_header = SSL_CLIENT_S_DN -ssl_client_verify_header = SSL_CLIENT_VERIFY - -[agent] -server = puppet.<%= base_domain %> -vardir = /var/lib/puppet -ssldir = $vardir/ssl -runinterval = 7200 -puppetport = 8139 -configtimeout = 300 diff --git a/templates/puppet/server.pp.erb b/templates/puppet/server.pp.erb deleted file mode 100644 index fcd21e0..0000000 --- a/templates/puppet/server.pp.erb +++ /dev/null @@ -1,41 +0,0 @@ -node '<%= hostname %>.<%= domain %>' { - #$mail_delivery = 'tunnel' - #$mail_hostname = 'mail' - #$mail_ssh_port = '2202' - $shorewall_dmz = true - $resolvconf_nameservers = $opendns_nameservers - $has_ups = false - include nodo::server - - # - # Linux-VServers - # - #nodo::vserver::instance { "<%= hostname %>-master": - # context => '2', - # puppetmaster => true, - #} - - #nodo::vserver::instance { "<%= hostname %>-proxy": - # context => '3', - # proxy => true, - #} - - #nodo::vserver::instance { "<%= hostname %>-web": - # context => '4', - # gitd => true, - #} - - #nodo::vserver::instance { "<%= hostname %>-storage": - # context => '5', - #} - - #nodo::vserver::instance { "<%= hostname %>-test": - # context => '6', - # memory_limit => 500, - #} - - # encrypted data remote backup - #backup::rdiff { "other-host": - # port => "10105", - #} -} diff --git a/templates/puppet/storage.pp.erb b/templates/puppet/storage.pp.erb deleted file mode 100644 index be93335..0000000 --- a/templates/puppet/storage.pp.erb +++ /dev/null @@ -1,13 +0,0 @@ -node '<%= hostname %>-storage.<%= domain %>' { - #$mail_delivery = 'tunnel' - #$mail_hostname = 'mail' - #$mail_ssh_port = '2202' - - include nodo::storage - - # encrypted data remote backup - #backup::rdiff { "other-host": - # port => "10102", - #} - -} diff --git a/templates/puppet/test.pp.erb b/templates/puppet/test.pp.erb deleted file mode 100644 index 816eca9..0000000 --- a/templates/puppet/test.pp.erb +++ /dev/null @@ -1,13 +0,0 @@ -node '<%= hostname %>-test.<%= domain %>' { - #$mail_delivery = 'tunnel' - #$mail_hostname = 'mail' - #$mail_ssh_port = '2202' - - include nodo::test - - # encrypted data remote backup - #backup::rdiff { "other-host": - # port => "10102", - #} - -} diff --git a/templates/puppet/users.pp.erb b/templates/puppet/users.pp.erb deleted file mode 100644 index 3b7c857..0000000 --- a/templates/puppet/users.pp.erb +++ /dev/null @@ -1,25 +0,0 @@ -class users::virtual inherits user { - # define custom users here -} - -class users::backup inherits user { - # define third-party hosted backup users here -} - -class users::admin inherits user { - # root user and password - user::manage { "root": - tag => "admin", - homedir => '/root', - password => '<%= root_password %>', - } - - # first user config - user::manage { "<%= first_user %>": - tag => "admin", - groups => [ "sudo", ], - password => '<%= first_user_password %>', - sshkey => [ "<%= first_user_sshkey %>" ], - } - -} diff --git a/templates/puppet/web.pp.erb b/templates/puppet/web.pp.erb deleted file mode 100644 index afc328b..0000000 --- a/templates/puppet/web.pp.erb +++ /dev/null @@ -1,13 +0,0 @@ -node '<%= hostname %>-web.<%= domain %>' { - #$mail_delivery = 'tunnel' - #$mail_hostname = 'mail' - #$mail_ssh_port = '2202' - - include nodo::web - - # encrypted data remote backup - #backup::rdiff { "other-host": - # port => "10102", - #} - -} |