diff options
Diffstat (limited to 'hiera')
-rw-r--r-- | hiera/hiera.yaml | 22 | ||||
-rw-r--r-- | hiera/node/puppet-bootstrap.example.org.yaml (renamed from hiera/domain/example.org/node/puppet-bootstrap.example.org.yaml) | 0 |
2 files changed, 17 insertions, 5 deletions
diff --git a/hiera/hiera.yaml b/hiera/hiera.yaml index 96cfb87..7e541b1 100644 --- a/hiera/hiera.yaml +++ b/hiera/hiera.yaml @@ -10,12 +10,24 @@ # See http://docs.vagrantup.com/v2/provisioning/puppet_apply.html :datadir: hiera :hierarchy: - - 'domain/%{::domain}/node/%{::clientcert}' - - 'domain/%{::domain}/role/%{::role}' - - 'domain/%{::domain}/location/%{::location}' - - 'domain/%{::domain}/%{::domain}' + # + # Put in the secrets folder all sensitive information that + # wont be spread into every system if you're using the Hydra Suite. + # + # We also recommend to leave only encrypted data in your hiera config. + # + - 'secrets/node/%{::clientcert}' + - 'secrets/domain/%{::domain}' + - 'secrets/role/%{::role}' + - 'secrets/location/%{::location}' + + # + # All other stuff goes in regular YAML files. + # + - 'node/%{::clientcert}' + - 'domain/%{::domain}' + - 'role/%{::role}' - 'location/%{::location}' - 'virtual/%{::virtual}' - - 'role/%{::role}' - bootstrap - common diff --git a/hiera/domain/example.org/node/puppet-bootstrap.example.org.yaml b/hiera/node/puppet-bootstrap.example.org.yaml index deec4fa..deec4fa 100644 --- a/hiera/domain/example.org/node/puppet-bootstrap.example.org.yaml +++ b/hiera/node/puppet-bootstrap.example.org.yaml |