Merge commit 'c212514035cffd38acbfac1413064937b28685b6' as 'puppet'

1 files changed, 65 insertions, 0 deletions

diff --git a/puppet/config/common.yaml b/puppet/config/common.yaml
new file mode 100644
index 0000000..936420d
--- /dev/null
+++ b/puppet/config/common.yaml
@@ -0,0 +1,65 @@
+---
+#
+# General
+#
+nodo::subsystem::apt::include_src      : false
+nodo::subsystem::apt::use_next_release : false
+nodo::subsystem::monitor::use_nagios   : false
+nodo::subsystem::monitor::address      : "%{::fqdn}"
+
+#
+# Firewall
+#
+firewall::ssl_ratelimit       : "s:ssl:200/sec:20"
+firewall::local_net           : false
+firewall::local::manage_host  : true
+firewall::local::manage_iface : false
+
+#
+# Mail
+#
+mail::sympa::subdomain : "listas"
+mail::sympa::lang      : "pt_BR"
+
+#
+# Monitoring
+#
+nodo::munin_node::allow: '127.0.0.1:192.168.0.[0-9]*:192.168.1.[0-9]*'
+
+#
+# Timezone and ntp
+#
+ntp::zone     : "Brazil/East"
+ntp::pool     : "south-america.pool.ntp.org"
+ntp::servers  :
+  - 'a.ntp.br'
+  - 'b.ntp.br'
+  - 'c.ntp.br'
+
+#
+# Nameservers
+#
+# OpenDNS
+nodo::subsystem::resolver::nameservers:
+  - '208.67.222.222'
+  - '208.67.220.220'
+
+#
+# OpenSSH
+#
+sshd::use_storedconfigs       : false
+sshd::manage_nagios           : false
+sshd::listen_address          : [ "%{::ipaddress}", '127.0.0.1' ]
+sshd::password_authentication : 'yes'
+sshd::shared_ip               : 'yes'
+sshd::tcp_forwarding          : 'yes'
+sshd::x11_forwarding          : 'no'
+sshd::hardened                : 'yes'
+sshd::print_motd              : 'no'
+sshd::ports                   : [ 22 ]
+sshd::use_pam                 : 'no'
+
+#
+# Backup
+#
+backupninja::keystore: ''