aboutsummaryrefslogtreecommitdiff
path: root/config/hiera.yaml
blob: 68a43d356db690083bdaeb447c59ce647980ba0d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
---
:backends:
  - eyaml
  - yaml
:yaml:
  # Right now vagrant and puppet are not fully supporting
  # a relative datadir. For it to work, we were forced to
  # create a manifests/hiera symlink. This should be
  # reconsidered in the future.
  #
  # See http://docs.vagrantup.com/v2/provisioning/puppet_apply.html
  :datadir: '%{settings::confdir}/config'
:eyaml:
  :datadir: '%{settings::confdir}/config'
  :extension: 'yaml'

  # If using the pkcs7 encryptor (default)
  :pkcs7_private_key: '%{settings::confdir}/keys/private_key.pkcs7.pem'
  :pkcs7_public_key:  '%{settings::confdir}/keys/public_key.pkcs7.pem'
:hierarchy:
  #
  # Put in the secrets folder all sensitive information that
  # wont be spread into every system if you're using the Hydra Suite.
  #
  # We also recommend to leave only encrypted data in your hiera config.
  #
  - 'secrets/node/%{::clientcert}'
  - 'secrets/role/%{::nodo::role}'
  - 'secrets/location/%{::nodo::location}'
  - 'secrets/domain/%{::domain}'

  #
  # All other stuff goes in regular YAML files.
  #
  - 'node/%{::clientcert}'
  - 'role/%{::nodo::role}'
  - 'virtual/%{::virtual}'
  - 'location/%{::nodo::location}'
  - 'domain/%{::domain}'
  - common