diff options
-rw-r--r-- | hieradata/common.yaml | 8 | ||||
-rw-r--r-- | hieradata/nodes/training1.yaml | 7 | ||||
-rw-r--r-- | hieradata/nodes/training2.yaml | 7 | ||||
-rw-r--r-- | hieradata/nodes/training3.yaml | 7 | ||||
-rw-r--r-- | sitemodules/profiles/manifests/base.pp | 12 | ||||
-rw-r--r-- | sitemodules/roles/manifests/traininginstance.pp | 26 |
6 files changed, 57 insertions, 10 deletions
diff --git a/hieradata/common.yaml b/hieradata/common.yaml index 89bc2e8..8d92a15 100644 --- a/hieradata/common.yaml +++ b/hieradata/common.yaml @@ -35,10 +35,6 @@ profiles::base::users: name: default type: ssh-rsa key: ENC[PKCS7,MIIEPQYJKoZIhvcNAQcDoIIELjCCBCoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAOcx25z6/EUDI/qpF32wUolP5gwVdI4l7xWOo0h/TR4wbAWWDbgvreCtQL7wYRaV2wAcEUgOOB0mtnYFhAnVkg+VIcK6cKhL1SZ7Gx7bS6nr3LVHL/YND+mN713RhzyR0ZI3sx546r8s9+wvQ3W04VYFYnCL6FC61L63ZmKPrO6wMBQvkw0L5cN1PE3Zp516oKl8gAyFIeaMUg2sSUYZyW/pyZBDcaw2tNIgaN3rAciurPaEFgoFyfaC8uq9wwV54vUGwcmzdazYwgyrTvO/1r0L31D7gHnhuR2tbwKPq/FDRc9kLY7ZXh8+07SZAeqa60lkyh7lTluaqbvHfdgJPKjCCAv4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEDCIwaGL3eIoaFYEQU5El2GAggLQub+d1pdd8dpz2ShtVSEKxv4xq1yuPpzQkwn6FdojSjiyiRM+kR9HqwA1ia87lanw031kuAdww8EMyzbAnw22mN/YBuh9UqRIWk5H3QZxSZZV58OjH+5+ibJu3VQXizWS6YVp16ahIv4XiJ1a3tOeNiHzJydt8NvkHqqU6ffEmYLRrdZFY6sNsUTeGqRmudPw5YEwVKhXkYg74UFHv7uOgKObnZr2FdfsJwlUzhmpFLApdhGoRgbYFNJGCcPxZma9Nr6fy12T2kt8ZhoysBnLFHEz4hDzIxgXHQ6RT/A21m/bIdD1RnzPJvEEyCstLZWGK2Dbqr+Q4QQX+CFLsEDyr9llH2pyEgp6WG0tBPYSu1WUOdjgh3ZhXAQxVG1Hpm7s8c9CvjksOS98pSaeilGXOVdMyQD6KO39x0yQoV3jVFYeTCwMiXbr7tsnxxhwV1Ljbc4stHFzKZAX3Ymeez8yEa5lI61rA6lUXuYxFBey9wivz+69pOmdGjD+JtXPmS6GRGEbWaVQzfisHunhEXva1BCW0grB+4efcaF44o1cPr3vanaHmwERDRE6EW919adWQ6lodqh88KTctrg7ZprcMVcPyukJ0LGV2zLwhXFw6fWO762VVs1QhC43ccZLcQLl3U+lSLmP27oL6EqPyGgv0CXVGfxhvVuN9vhNwRalKoDZGjO5K1HHb0YA+KryDdUuVqw4uJlOlUwJcFeLuhaXn6ECA+NBJt0leP2yWr6ipwoWtd3iinboU0o09vOb5Hbvplj0iwvEKr7cYHh4yuMmLreewGfqh7NN15H6w7cmVVA/+Ah6WJjM2SXb+adPLmdtITQU88talFi1FwznIr2yRJROF635f/iTNDIOcXHSPgBgJQ5573ix/EsNofeHmcFTRIzMnFkQNPAu1E+8fpUecUz2yPIGcl0PNpa/p0IYESRNC0L+8Lzvx0qKtDMW9J7K] - - - name: olddsa - type: ssh-dss - key: ENC[PKCS7,MIIDvQYJKoZIhvcNAQcDoIIDrjCCA6oCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAFlMnp5/GjTc9u6H7IlFvPb1OCGx+2EkijO0S0jqwIV3u4ZTCGrxxfQR99iW4o4ID1nvkXjecLJzcL+D158tmcnQrVHVJWRobZ+wGYtDRFge03Kh7uZXI+MPQ6ndc2TTRpYPz7XSDrzm2HCAL7vEogeORKsfE8bjAnNEkHy1V/lOixaLa1yYUid1erGKoOyYItBbwH6pMhejTIeLQ1i/er4sWafaiOOof7WsuahN/vYhWzcax17lBcsbPUH8kPcZWz04b+hPVForD2gPnUsL53IX1E/AfcZD1ulcfAPR4KrWEPH6jmM7bhgKnUDBxp2yMCXsm7apMwIiEOXf7rvGUczCCAn4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEABESUVzMYsINc6QIE29XoaAggJQXiYOQnw99VJuAsjD/jkYix6/+HR48YzmRO/8qX7UqAprAv1bJ3GNLzJe+ibhokFHuj5dk6dfXnAOwGeFrD180TR7BBDIkw1jBwX8p+8mQMeAKv5rF9B3041oGfrxvFrE7lBgYW6pGhaHmycP9/nPmoPYWT+V3OhViVZkhi+3j9MjHgPKa7kTRzbFYo4xmpjYtRN2E3Ftvg6zqgEGtlxlBet22ICNCj9CFoIrvRVP3NQue5sRbQj0KKih+KWfN4gT7GWqhIvKtzESp0vU/WbyDFfEbfON9jFVloo+ndGcLs1k0e3LUpu90lDZ450SWc+DbMi5YlWMN/CvWKzuVahw7gIYMP0Ug9a/7x8WQqi7ilmkqU2rmlVdcCgvTjx9R/5G+mVXsCJgud55o9d3aP9eBcaqRIQ/vTmhdNpbmKmfaga/w3GE59K0v3ovNGEv64XJtJDLaD7ZkrUpwjZyexGaSjNvYCLcQUZwLtQ4SB0nqbT/FGv9BnH9mFUcu4S2CM5Yy8RcBGZ8DKAKHRez+RyzNwhjQ01VS5IOvIuXNsYnVCzuZ/MQelxgk5fzAC5wYXrpj+COoQY8QhhKmjLxO0HD5MdhbUQ+Nnmid8vOs5s7MsV/jeKsSeM+sxmA3M1aDFy/0rZ2zS2XbMePd7iBNTB3LwAjzIwx3SJbNDAJ0CDEM5e9iWkWah17PqvzLufE0QCd5FgbS/RxW7PAXtHWHvcx0qg1MJZXl5DGWy0HcxcWMJHmLNSjmEgEGcuRTvwAK0whbQePKIvBBvY6Gaovs18EOw==] dirk: username: dirk fullname: Dirk Astrath @@ -98,10 +94,6 @@ profiles::base::users: name: default type: ssh-rsa key: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEArxabkcQw/Xm8GVd7L3bmGKJb9aZzeIHqFw/rkUpJ8JYTVVjwwer6JFA/FtBoo2jVj5BENxmqZhJtlQFTazerrHGu/u+bGgKg7TZiYtr6682Lk+4xaFhF5ncnFGa1I9rFDSp/35DW0oVz9ejfpECx7jQMnEUatQVvlOkoAzgBh72L9427mb7mAtvrMMN3hfOJ1l5iEVbmxV4TYkRspubDiMLBV6ZPSOvShtNjL9+YFokqh2ynfeRhZ9jVXaTDAlphs4AueenpbXb9AeKepZlk6wmfQauiDZMHKqdqUGKwpbPix73v6wTcSbB1BdH9RujjGYpZ/lQL8ZSqRv4RG/Yc5jCCAa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEBGNAeh9+PKsMljJ5ZbpsXqAggGAuosqZ5Rolcf64ym4aMWZIlICAdHoVHZYky6bC4/euZMmQcnrFbjt+12lBZBYbOfm7VzXgnvSv+fOu9B9zVuV+GiPoocaUReKb5xs5npPG+EpyICmo20LK9HQgddYVWbQY83+vrc5lhDLWHQPo3tm9QjPk+voIb9lZxmyIvNrwe5uyj6rVazr4PQ+LLIUS9xLmFZfka8uGwZUjaXqcHMazq/AeVdytTqaR72fDcPp2t20/nrGMFzhNpQdQasH5DNaTLQhFZAczeoslBywaxAEVIByQTMZFqJdYzqikp4gZk61tXEsJAhQWk5kapW56NxmtekutcgyWyBiMtPQqa13ACoywtHzlc1whdcOp5ByaKlzQmiAZt19l2lqLxhfAtxb5PHsSXz+DbSxblOl3+OsrwN1cOOtkKLIegZibN6HWM6JqeE0Uga2On9d7YEO8peKU2WX7LmUTNKJ1KC9rDOZiUXyA4CDC5V2cpjmQH2JSAHFJmNMSn3xZRbxDrz5LkiS] - - - name: dsa - type: ssh-dss - key: ENC[PKCS7,MIIDvQYJKoZIhvcNAQcDoIIDrjCCA6oCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAVGYsaRwA4lhzp8kc8A2BUk1Uy4PXz+1Tb70IYF61QcTjgiPeOP+/o/wBjkhjGb8cdlwRZzu400M3yqOef6GWGb+BL9KjsXHveyYtKkyVQK43iVnARzI76DowNaxjS3Phnk2WgsPLB+3/6bqThGy8weLsE8oZnYALl3XtNiiggJTA8UFxUTjlW3LMQyDgPjcexb8MXgI7NiqCnWk6Gof4UeDT+y6d8pUkI6D6EuEJ4Y9OmCNNoDVzdD3nThQMrZPgXzo3WGVAWZ90odrJ26tUdNn6EX6YTHj/1IO+uz3oM75w9QM8zuUVY49O9rMoC3piSus5uTJVIY25p8k69FdT0TCCAn4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEECWRfyNTNSuZmTljOkSqD2eAggJQ9n22TyCzZqnNrUN2RtKAkiHoAHinG/fmqP5jlHUTeQJ6fQ7lgjZBdLRihDN/yYv1qKlYwUAGln8tJWAYjS+C7Aj2a1O09st/sYkNJI04BbQTdqezSGsowarbOkJq20m+yboqLEAX8YdY8+yMJ9wzPHaecsi1CqK7GkDhyFsyj0gakOsorODWsBRkyZ4YMkmeOdKBhgaQBdj2AoPKby1ZoENsLJCtIvErSSEzSPr+GblGLdL30nn1qET/JwGPi0nF7W9ETWaxaf+12Y/oTnvB4BaOmhwCI9dLmyDLbljx3LcERWh+pDloZopKILYpjPVm2ZillDbe/4A6xxWu1nDml+j4YtxW5v+4JlBTMDJb+B13HsqRAqQnWtCVdmxzuOTxPF/RWLMJSJqQfAOhjI4V6nJupPdC5jxQshE+Fo4I8+pbCtTXA4PIUToBxqhylcP8Z2x+Yd25S2TwksYJAX9slMZE622L6U4sh9q5+6XMOfA0mYS5nkSfTmTblerJKNaOgFOUXB+ehxK1yGCch0DLtt6ahajzZmPkJzF7ptLAtuc/U8uNWLe1olhk8eIaCp5ZaQXQdt5STzxzAkezXg4vJuwM/ZJfgQuLnTLfKef+319bTuQOokDnBFUS3ujHsnchXOzIb4Hm4ohPNNPfhj7ZfP8mo6xLkMHAaUv7Wg9HwhEgkyrYZLe+keb7xfvYaIXoFHAbqI1lDcF+9JycWhEfrUKsGApMc7PCrRNEOM2ZRiBC7eXsRiu1fAWNFTmW+drPlTEF/tP7qsEkvgl+ACVvog==] gukk: username: gukk fullname: Karl-Heinz Goedderz diff --git a/hieradata/nodes/training1.yaml b/hieradata/nodes/training1.yaml new file mode 100644 index 0000000..6d95f09 --- /dev/null +++ b/hieradata/nodes/training1.yaml @@ -0,0 +1,7 @@ +--- +classes: + - roles::traininginstance +profiles::base::admins: + - jandd + - dirk +profiles::base::is_external: true diff --git a/hieradata/nodes/training2.yaml b/hieradata/nodes/training2.yaml new file mode 100644 index 0000000..6d95f09 --- /dev/null +++ b/hieradata/nodes/training2.yaml @@ -0,0 +1,7 @@ +--- +classes: + - roles::traininginstance +profiles::base::admins: + - jandd + - dirk +profiles::base::is_external: true diff --git a/hieradata/nodes/training3.yaml b/hieradata/nodes/training3.yaml new file mode 100644 index 0000000..6d95f09 --- /dev/null +++ b/hieradata/nodes/training3.yaml @@ -0,0 +1,7 @@ +--- +classes: + - roles::traininginstance +profiles::base::admins: + - jandd + - dirk +profiles::base::is_external: true diff --git a/sitemodules/profiles/manifests/base.pp b/sitemodules/profiles/manifests/base.pp index 0772aef..8309eda 100644 --- a/sitemodules/profiles/manifests/base.pp +++ b/sitemodules/profiles/manifests/base.pp @@ -35,7 +35,7 @@ # Copyright # --------- # -# Copyright 2016-2019 Jan Dittberner +# Copyright 2016-2020 Jan Dittberner # class profiles::base ( Array[String] $admins = [], @@ -106,9 +106,17 @@ class profiles::base ( ensure => latest, } + file { '/etc/network/interfaces': + ensure => file, + owner => 'root', + group => 'root', + mode => '0644', + content => "auto lo\niface lo inet loopback\n", + } + Package["zsh"] -> User <| |> - package { ['aptitude', 'apticron']: + package { ['aptitude', 'apticron', 'isc-dhcp-client']: ensure => purged, } diff --git a/sitemodules/roles/manifests/traininginstance.pp b/sitemodules/roles/manifests/traininginstance.pp new file mode 100644 index 0000000..9cacf78 --- /dev/null +++ b/sitemodules/roles/manifests/traininginstance.pp @@ -0,0 +1,26 @@ +# Class: roles::traininginstance +# ============================== +# +# This class defines the traininginstance role for servers providing training +# environments for CAcert sytem administration volunteers. You should assign +# this class using hiera or via an ENC. +# +# Examples +# -------- +# +# @example +# class { 'roles::traininginstance': } +# +# Authors +# ------- +# +# Jan Dittberner <jandd@cacert.org> +# +# Copyright +# --------- +# +# Copyright 2020 Jan Dittberner +# +class roles::traininginstance { + include profiles::base +} |