From a7ca30e854f845f670c852a2edd5ef13656c774f Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Mon, 19 Sep 2016 10:55:43 -0300 Subject: Removes bootless templates, adds node secret template --- share/config/puppet/nodo.example.org.yaml | 2 + share/config/puppet/secrets/nodo.example.org.yaml | 8 ++ share/config/templates/bootless/custom.cfg | 26 ----- share/config/templates/bootless/grub.cfg | 111 ---------------------- share/config/templates/node/nodo.example.org.pp | 3 - share/config/templates/node/nodo.example.org.yaml | 8 -- 6 files changed, 10 insertions(+), 148 deletions(-) create mode 100644 share/config/puppet/nodo.example.org.yaml create mode 100644 share/config/puppet/secrets/nodo.example.org.yaml delete mode 100644 share/config/templates/bootless/custom.cfg delete mode 100644 share/config/templates/bootless/grub.cfg delete mode 100644 share/config/templates/node/nodo.example.org.pp delete mode 100644 share/config/templates/node/nodo.example.org.yaml (limited to 'share/config') diff --git a/share/config/puppet/nodo.example.org.yaml b/share/config/puppet/nodo.example.org.yaml new file mode 100644 index 0000000..65aee56 --- /dev/null +++ b/share/config/puppet/nodo.example.org.yaml @@ -0,0 +1,2 @@ +--- +nodo::role: 'virtual' diff --git a/share/config/puppet/secrets/nodo.example.org.yaml b/share/config/puppet/secrets/nodo.example.org.yaml new file mode 100644 index 0000000..79b15c1 --- /dev/null +++ b/share/config/puppet/secrets/nodo.example.org.yaml @@ -0,0 +1,8 @@ +--- +nodo::role: 'virtual' + +# +# Backup +# +nodo::subsystem::backup::encryptkey: "FIXME" +nodo::subsystem::backup::password: 'FIXME using hiera-eyaml' diff --git a/share/config/templates/bootless/custom.cfg b/share/config/templates/bootless/custom.cfg deleted file mode 100644 index 87de184..0000000 --- a/share/config/templates/bootless/custom.cfg +++ /dev/null @@ -1,26 +0,0 @@ -# -# Menu appearance -# -set menu_color_normal=white/blue -set menu_color_highlight=yellow/red - -# -# Example: imagens stored in the USB stick: just put your images under custom/debian/images. -# -menuentry 'Example: Darkstar' { - set volume=/dev/sda5 - set version=3.16.0-4-amd64 - set target=sda5_crypt - set rootfs=darkstar--vg-root - set distro=debian - bootimg ${volume} ${version} ${source} ${target} ${distro} -} - -# -# Example: Full Disk Encryption: images are loaded from encrypted partition. -# -menuentry 'Example: Darkstar FDE' { - set volume=darkstar - set version=3.16.0-4-amd64 - bootfde ${volume} ${version} -} diff --git a/share/config/templates/bootless/grub.cfg b/share/config/templates/bootless/grub.cfg deleted file mode 100644 index 35827db..0000000 --- a/share/config/templates/bootless/grub.cfg +++ /dev/null @@ -1,111 +0,0 @@ -# -# Bootless: evil-maid mitigator. -# - -# -# Load environment -# -if [ -s $prefix/grubenv ]; then - load_env -fi - -# -# Basic config -# -set default="0" -set timeout=5 - -# -# Menu appearance -# -set menu_color_normal=white/blue -set menu_color_highlight=yellow/red - -# -# Handles boot from fully encrypted /boot volumes. -# Usage: bootfde [source] [target] -# -function bootfde { - insmod luks - insmod lvm - - set volume=${1} - - if [ "${2}" ]; then - set version=${2} - else - set version=3.16.0-4-amd64 - fi - - if [ "${3}" ]; then - set source=${3} - else - set source=/dev/mapper/${1} - fi - - if [ "${4}" ]; then - set target=${4} - else - set target=root - fi - - cryptomount lvm/${volume} - set root=(crypto0) - echo "Loading ${volume}..." - linux /boot/vmlinuz-${version} root=/dev/mapper/${target} cryptopts=target=${target},source=${source} ro quiet - echo 'Loading initial ramdisk ...' - initrd /boot/initrd.img-${version} -} - -# -# Handles boot from images stored in the USB stick. -# Usage: bootfde [target] [rootfs] [distro] -# -function bootimg { - set volume=${1} - - if [ "${2}" ]; then - set version=${2} - else - set version=3.16.0-4-amd64 - fi - - if [ "${3}" ]; then - set target=${3} - else - set target=root - fi - - if [ "${4}" ]; then - set rootfs=${4} - else - set rootfs=${target} - fi - - if [ "${5}" ]; then - set distro=${5} - else - set distro=debian - fi - - echo "Loading ${1}..." - linux /boot/custom/${distro}/vmlinuz-${version} root=/dev/mapper/${rootfs} cryptopts=target=${target},source=${volume} ro quiet apparmor=1 security=apparmor - echo 'Loading initial ramdisk ...' - initrd /boot/custom/${distro}/initrd.img-${version} -} - -# -# Default menu entry -# -menuentry "Memtest86+" { - linux16 /boot/default/memtest/memtest86+.bin -} - -# -# Custom menu entries -# -if [ -e "/boot/custom/custom.cfg" ]; then - menuentry "Custom configurations" { - configfile /boot/custom/custom.cfg - } -fi diff --git a/share/config/templates/node/nodo.example.org.pp b/share/config/templates/node/nodo.example.org.pp deleted file mode 100644 index 1d6cdf6..0000000 --- a/share/config/templates/node/nodo.example.org.pp +++ /dev/null @@ -1,3 +0,0 @@ -node 'nodename.example.org' { - include nodo -} diff --git a/share/config/templates/node/nodo.example.org.yaml b/share/config/templates/node/nodo.example.org.yaml deleted file mode 100644 index 02a3bea..0000000 --- a/share/config/templates/node/nodo.example.org.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -nodo::role: 'virtual' - -# -# Backup -# -nodo::subsystem::backup::encryptkey: "FIXME" -nodo::subsystem::backup::password: 'FIXME' -- cgit v1.2.3