summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJan Dittberner <jandd@cacert.org>2020-06-21 16:42:20 +0200
committerJan Dittberner <jandd@cacert.org>2020-06-21 16:42:20 +0200
commitcf70f260e83c75c838f5dbbca9beb545ad847e07 (patch)
tree94873ff91c528dc316640d6a82cfca45afd98870
parent7029b831e30e067f05d1c469dc4a4bc696d21677 (diff)
downloadcacert-puppet-cf70f260e83c75c838f5dbbca9beb545ad847e07.tar.gz
cacert-puppet-cf70f260e83c75c838f5dbbca9beb545ad847e07.tar.xz
cacert-puppet-cf70f260e83c75c838f5dbbca9beb545ad847e07.zip
Add training instances
This commit adds the training instances on infra-lx to the Puppet repository. I removed DSA keys that should not be used anymore.
-rw-r--r--hieradata/common.yaml8
-rw-r--r--hieradata/nodes/training1.yaml7
-rw-r--r--hieradata/nodes/training2.yaml7
-rw-r--r--hieradata/nodes/training3.yaml7
-rw-r--r--sitemodules/profiles/manifests/base.pp12
-rw-r--r--sitemodules/roles/manifests/traininginstance.pp26
6 files changed, 57 insertions, 10 deletions
diff --git a/hieradata/common.yaml b/hieradata/common.yaml
index 89bc2e8..8d92a15 100644
--- a/hieradata/common.yaml
+++ b/hieradata/common.yaml
@@ -35,10 +35,6 @@ profiles::base::users:
name: default
type: ssh-rsa
key: ENC[PKCS7,MIIEPQYJKoZIhvcNAQcDoIIELjCCBCoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAOcx25z6/EUDI/qpF32wUolP5gwVdI4l7xWOo0h/TR4wbAWWDbgvreCtQL7wYRaV2wAcEUgOOB0mtnYFhAnVkg+VIcK6cKhL1SZ7Gx7bS6nr3LVHL/YND+mN713RhzyR0ZI3sx546r8s9+wvQ3W04VYFYnCL6FC61L63ZmKPrO6wMBQvkw0L5cN1PE3Zp516oKl8gAyFIeaMUg2sSUYZyW/pyZBDcaw2tNIgaN3rAciurPaEFgoFyfaC8uq9wwV54vUGwcmzdazYwgyrTvO/1r0L31D7gHnhuR2tbwKPq/FDRc9kLY7ZXh8+07SZAeqa60lkyh7lTluaqbvHfdgJPKjCCAv4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEDCIwaGL3eIoaFYEQU5El2GAggLQub+d1pdd8dpz2ShtVSEKxv4xq1yuPpzQkwn6FdojSjiyiRM+kR9HqwA1ia87lanw031kuAdww8EMyzbAnw22mN/YBuh9UqRIWk5H3QZxSZZV58OjH+5+ibJu3VQXizWS6YVp16ahIv4XiJ1a3tOeNiHzJydt8NvkHqqU6ffEmYLRrdZFY6sNsUTeGqRmudPw5YEwVKhXkYg74UFHv7uOgKObnZr2FdfsJwlUzhmpFLApdhGoRgbYFNJGCcPxZma9Nr6fy12T2kt8ZhoysBnLFHEz4hDzIxgXHQ6RT/A21m/bIdD1RnzPJvEEyCstLZWGK2Dbqr+Q4QQX+CFLsEDyr9llH2pyEgp6WG0tBPYSu1WUOdjgh3ZhXAQxVG1Hpm7s8c9CvjksOS98pSaeilGXOVdMyQD6KO39x0yQoV3jVFYeTCwMiXbr7tsnxxhwV1Ljbc4stHFzKZAX3Ymeez8yEa5lI61rA6lUXuYxFBey9wivz+69pOmdGjD+JtXPmS6GRGEbWaVQzfisHunhEXva1BCW0grB+4efcaF44o1cPr3vanaHmwERDRE6EW919adWQ6lodqh88KTctrg7ZprcMVcPyukJ0LGV2zLwhXFw6fWO762VVs1QhC43ccZLcQLl3U+lSLmP27oL6EqPyGgv0CXVGfxhvVuN9vhNwRalKoDZGjO5K1HHb0YA+KryDdUuVqw4uJlOlUwJcFeLuhaXn6ECA+NBJt0leP2yWr6ipwoWtd3iinboU0o09vOb5Hbvplj0iwvEKr7cYHh4yuMmLreewGfqh7NN15H6w7cmVVA/+Ah6WJjM2SXb+adPLmdtITQU88talFi1FwznIr2yRJROF635f/iTNDIOcXHSPgBgJQ5573ix/EsNofeHmcFTRIzMnFkQNPAu1E+8fpUecUz2yPIGcl0PNpa/p0IYESRNC0L+8Lzvx0qKtDMW9J7K]
- -
- name: olddsa
- type: ssh-dss
- key: ENC[PKCS7,MIIDvQYJKoZIhvcNAQcDoIIDrjCCA6oCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAFlMnp5/GjTc9u6H7IlFvPb1OCGx+2EkijO0S0jqwIV3u4ZTCGrxxfQR99iW4o4ID1nvkXjecLJzcL+D158tmcnQrVHVJWRobZ+wGYtDRFge03Kh7uZXI+MPQ6ndc2TTRpYPz7XSDrzm2HCAL7vEogeORKsfE8bjAnNEkHy1V/lOixaLa1yYUid1erGKoOyYItBbwH6pMhejTIeLQ1i/er4sWafaiOOof7WsuahN/vYhWzcax17lBcsbPUH8kPcZWz04b+hPVForD2gPnUsL53IX1E/AfcZD1ulcfAPR4KrWEPH6jmM7bhgKnUDBxp2yMCXsm7apMwIiEOXf7rvGUczCCAn4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEABESUVzMYsINc6QIE29XoaAggJQXiYOQnw99VJuAsjD/jkYix6/+HR48YzmRO/8qX7UqAprAv1bJ3GNLzJe+ibhokFHuj5dk6dfXnAOwGeFrD180TR7BBDIkw1jBwX8p+8mQMeAKv5rF9B3041oGfrxvFrE7lBgYW6pGhaHmycP9/nPmoPYWT+V3OhViVZkhi+3j9MjHgPKa7kTRzbFYo4xmpjYtRN2E3Ftvg6zqgEGtlxlBet22ICNCj9CFoIrvRVP3NQue5sRbQj0KKih+KWfN4gT7GWqhIvKtzESp0vU/WbyDFfEbfON9jFVloo+ndGcLs1k0e3LUpu90lDZ450SWc+DbMi5YlWMN/CvWKzuVahw7gIYMP0Ug9a/7x8WQqi7ilmkqU2rmlVdcCgvTjx9R/5G+mVXsCJgud55o9d3aP9eBcaqRIQ/vTmhdNpbmKmfaga/w3GE59K0v3ovNGEv64XJtJDLaD7ZkrUpwjZyexGaSjNvYCLcQUZwLtQ4SB0nqbT/FGv9BnH9mFUcu4S2CM5Yy8RcBGZ8DKAKHRez+RyzNwhjQ01VS5IOvIuXNsYnVCzuZ/MQelxgk5fzAC5wYXrpj+COoQY8QhhKmjLxO0HD5MdhbUQ+Nnmid8vOs5s7MsV/jeKsSeM+sxmA3M1aDFy/0rZ2zS2XbMePd7iBNTB3LwAjzIwx3SJbNDAJ0CDEM5e9iWkWah17PqvzLufE0QCd5FgbS/RxW7PAXtHWHvcx0qg1MJZXl5DGWy0HcxcWMJHmLNSjmEgEGcuRTvwAK0whbQePKIvBBvY6Gaovs18EOw==]
dirk:
username: dirk
fullname: Dirk Astrath
@@ -98,10 +94,6 @@ profiles::base::users:
name: default
type: ssh-rsa
key: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEArxabkcQw/Xm8GVd7L3bmGKJb9aZzeIHqFw/rkUpJ8JYTVVjwwer6JFA/FtBoo2jVj5BENxmqZhJtlQFTazerrHGu/u+bGgKg7TZiYtr6682Lk+4xaFhF5ncnFGa1I9rFDSp/35DW0oVz9ejfpECx7jQMnEUatQVvlOkoAzgBh72L9427mb7mAtvrMMN3hfOJ1l5iEVbmxV4TYkRspubDiMLBV6ZPSOvShtNjL9+YFokqh2ynfeRhZ9jVXaTDAlphs4AueenpbXb9AeKepZlk6wmfQauiDZMHKqdqUGKwpbPix73v6wTcSbB1BdH9RujjGYpZ/lQL8ZSqRv4RG/Yc5jCCAa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEBGNAeh9+PKsMljJ5ZbpsXqAggGAuosqZ5Rolcf64ym4aMWZIlICAdHoVHZYky6bC4/euZMmQcnrFbjt+12lBZBYbOfm7VzXgnvSv+fOu9B9zVuV+GiPoocaUReKb5xs5npPG+EpyICmo20LK9HQgddYVWbQY83+vrc5lhDLWHQPo3tm9QjPk+voIb9lZxmyIvNrwe5uyj6rVazr4PQ+LLIUS9xLmFZfka8uGwZUjaXqcHMazq/AeVdytTqaR72fDcPp2t20/nrGMFzhNpQdQasH5DNaTLQhFZAczeoslBywaxAEVIByQTMZFqJdYzqikp4gZk61tXEsJAhQWk5kapW56NxmtekutcgyWyBiMtPQqa13ACoywtHzlc1whdcOp5ByaKlzQmiAZt19l2lqLxhfAtxb5PHsSXz+DbSxblOl3+OsrwN1cOOtkKLIegZibN6HWM6JqeE0Uga2On9d7YEO8peKU2WX7LmUTNKJ1KC9rDOZiUXyA4CDC5V2cpjmQH2JSAHFJmNMSn3xZRbxDrz5LkiS]
- -
- name: dsa
- type: ssh-dss
- key: ENC[PKCS7,MIIDvQYJKoZIhvcNAQcDoIIDrjCCA6oCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAVGYsaRwA4lhzp8kc8A2BUk1Uy4PXz+1Tb70IYF61QcTjgiPeOP+/o/wBjkhjGb8cdlwRZzu400M3yqOef6GWGb+BL9KjsXHveyYtKkyVQK43iVnARzI76DowNaxjS3Phnk2WgsPLB+3/6bqThGy8weLsE8oZnYALl3XtNiiggJTA8UFxUTjlW3LMQyDgPjcexb8MXgI7NiqCnWk6Gof4UeDT+y6d8pUkI6D6EuEJ4Y9OmCNNoDVzdD3nThQMrZPgXzo3WGVAWZ90odrJ26tUdNn6EX6YTHj/1IO+uz3oM75w9QM8zuUVY49O9rMoC3piSus5uTJVIY25p8k69FdT0TCCAn4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEECWRfyNTNSuZmTljOkSqD2eAggJQ9n22TyCzZqnNrUN2RtKAkiHoAHinG/fmqP5jlHUTeQJ6fQ7lgjZBdLRihDN/yYv1qKlYwUAGln8tJWAYjS+C7Aj2a1O09st/sYkNJI04BbQTdqezSGsowarbOkJq20m+yboqLEAX8YdY8+yMJ9wzPHaecsi1CqK7GkDhyFsyj0gakOsorODWsBRkyZ4YMkmeOdKBhgaQBdj2AoPKby1ZoENsLJCtIvErSSEzSPr+GblGLdL30nn1qET/JwGPi0nF7W9ETWaxaf+12Y/oTnvB4BaOmhwCI9dLmyDLbljx3LcERWh+pDloZopKILYpjPVm2ZillDbe/4A6xxWu1nDml+j4YtxW5v+4JlBTMDJb+B13HsqRAqQnWtCVdmxzuOTxPF/RWLMJSJqQfAOhjI4V6nJupPdC5jxQshE+Fo4I8+pbCtTXA4PIUToBxqhylcP8Z2x+Yd25S2TwksYJAX9slMZE622L6U4sh9q5+6XMOfA0mYS5nkSfTmTblerJKNaOgFOUXB+ehxK1yGCch0DLtt6ahajzZmPkJzF7ptLAtuc/U8uNWLe1olhk8eIaCp5ZaQXQdt5STzxzAkezXg4vJuwM/ZJfgQuLnTLfKef+319bTuQOokDnBFUS3ujHsnchXOzIb4Hm4ohPNNPfhj7ZfP8mo6xLkMHAaUv7Wg9HwhEgkyrYZLe+keb7xfvYaIXoFHAbqI1lDcF+9JycWhEfrUKsGApMc7PCrRNEOM2ZRiBC7eXsRiu1fAWNFTmW+drPlTEF/tP7qsEkvgl+ACVvog==]
gukk:
username: gukk
fullname: Karl-Heinz Goedderz
diff --git a/hieradata/nodes/training1.yaml b/hieradata/nodes/training1.yaml
new file mode 100644
index 0000000..6d95f09
--- /dev/null
+++ b/hieradata/nodes/training1.yaml
@@ -0,0 +1,7 @@
+---
+classes:
+ - roles::traininginstance
+profiles::base::admins:
+ - jandd
+ - dirk
+profiles::base::is_external: true
diff --git a/hieradata/nodes/training2.yaml b/hieradata/nodes/training2.yaml
new file mode 100644
index 0000000..6d95f09
--- /dev/null
+++ b/hieradata/nodes/training2.yaml
@@ -0,0 +1,7 @@
+---
+classes:
+ - roles::traininginstance
+profiles::base::admins:
+ - jandd
+ - dirk
+profiles::base::is_external: true
diff --git a/hieradata/nodes/training3.yaml b/hieradata/nodes/training3.yaml
new file mode 100644
index 0000000..6d95f09
--- /dev/null
+++ b/hieradata/nodes/training3.yaml
@@ -0,0 +1,7 @@
+---
+classes:
+ - roles::traininginstance
+profiles::base::admins:
+ - jandd
+ - dirk
+profiles::base::is_external: true
diff --git a/sitemodules/profiles/manifests/base.pp b/sitemodules/profiles/manifests/base.pp
index 0772aef..8309eda 100644
--- a/sitemodules/profiles/manifests/base.pp
+++ b/sitemodules/profiles/manifests/base.pp
@@ -35,7 +35,7 @@
# Copyright
# ---------
#
-# Copyright 2016-2019 Jan Dittberner
+# Copyright 2016-2020 Jan Dittberner
#
class profiles::base (
Array[String] $admins = [],
@@ -106,9 +106,17 @@ class profiles::base (
ensure => latest,
}
+ file { '/etc/network/interfaces':
+ ensure => file,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ content => "auto lo\niface lo inet loopback\n",
+ }
+
Package["zsh"] -> User <| |>
- package { ['aptitude', 'apticron']:
+ package { ['aptitude', 'apticron', 'isc-dhcp-client']:
ensure => purged,
}
diff --git a/sitemodules/roles/manifests/traininginstance.pp b/sitemodules/roles/manifests/traininginstance.pp
new file mode 100644
index 0000000..9cacf78
--- /dev/null
+++ b/sitemodules/roles/manifests/traininginstance.pp
@@ -0,0 +1,26 @@
+# Class: roles::traininginstance
+# ==============================
+#
+# This class defines the traininginstance role for servers providing training
+# environments for CAcert sytem administration volunteers. You should assign
+# this class using hiera or via an ENC.
+#
+# Examples
+# --------
+#
+# @example
+# class { 'roles::traininginstance': }
+#
+# Authors
+# -------
+#
+# Jan Dittberner <jandd@cacert.org>
+#
+# Copyright
+# ---------
+#
+# Copyright 2020 Jan Dittberner
+#
+class roles::traininginstance {
+ include profiles::base
+}