summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Puppetfile1
-rw-r--r--README.md20
-rw-r--r--hieradata/common.yaml148
-rw-r--r--hieradata/nodes/authserver.yaml16
-rw-r--r--hieradata/nodes/blog.yaml46
-rw-r--r--hieradata/nodes/bugs.yaml50
-rw-r--r--hieradata/nodes/code.yaml152
-rw-r--r--hieradata/nodes/community.yaml420
-rw-r--r--hieradata/nodes/email.yaml443
-rw-r--r--hieradata/nodes/emailout.yaml145
-rw-r--r--hieradata/nodes/extmon.yaml223
-rw-r--r--hieradata/nodes/git.yaml148
-rw-r--r--hieradata/nodes/idp.yaml16
-rw-r--r--hieradata/nodes/infra03.yaml11
-rw-r--r--hieradata/nodes/ingress03.yaml3
-rw-r--r--hieradata/nodes/ircserver.yaml150
-rw-r--r--hieradata/nodes/issue.yaml148
-rw-r--r--hieradata/nodes/jenkins.yaml20
-rw-r--r--hieradata/nodes/mariadb.yaml20
-rw-r--r--hieradata/nodes/monitor.yaml864
-rw-r--r--hieradata/nodes/motion.yaml60
-rw-r--r--hieradata/nodes/nextcloud.yaml20
-rw-r--r--hieradata/nodes/oidcdemo.yaml16
-rw-r--r--hieradata/nodes/pgsql.yaml20
-rw-r--r--hieradata/nodes/proxyin.yaml22
-rw-r--r--hieradata/nodes/proxyout.yaml21
-rw-r--r--hieradata/nodes/puppet.yaml42
-rw-r--r--hieradata/nodes/svn.yaml71
-rw-r--r--hieradata/nodes/test3.yaml20
-rw-r--r--hieradata/nodes/translations.yaml150
-rw-r--r--hieradata/nodes/web.yaml184
-rw-r--r--hieradata/nodes/webstatic.yaml146
-rw-r--r--hieradata/nodes/wiki.yaml46
-rw-r--r--sitemodules/profiles/files/gitea/gitea.service18
-rw-r--r--sitemodules/profiles/files/icinga2_external_commands/check_kernel_status.py66
-rw-r--r--sitemodules/profiles/files/icinga2_external_commands/check_ocsp56
-rw-r--r--sitemodules/profiles/files/icinga2_external_commands/ssl_cert-cacert-command.conf6
-rw-r--r--sitemodules/profiles/files/icinga2_master/check_puppetdb_nodes500
-rw-r--r--sitemodules/profiles/files/icinga2_master/icinga2-git-pull-hook16
-rw-r--r--sitemodules/profiles/manifests/base.pp111
-rw-r--r--sitemodules/profiles/manifests/gitea.pp162
-rw-r--r--sitemodules/profiles/manifests/icinga2_common.pp25
-rw-r--r--sitemodules/profiles/manifests/icinga2_master.pp76
-rw-r--r--sitemodules/profiles/manifests/icinga2_satellite.pp19
-rw-r--r--sitemodules/profiles/manifests/pootle.pp3
-rw-r--r--sitemodules/profiles/manifests/wordpress.pp3
-rw-r--r--sitemodules/profiles/manifests/x509cert_common.pp6
-rwxr-xr-xsitemodules/profiles/templates/base/update-crls.epp160
-rw-r--r--sitemodules/profiles/templates/cacert_boardvoting/config.yaml.epp3
-rw-r--r--sitemodules/profiles/templates/gitea/app.ini.epp101
-rw-r--r--sitemodules/profiles/templates/gitea/nginx.conf.epp82
-rw-r--r--sitemodules/profiles/templates/squid/squid.conf.epp3
-rw-r--r--sitemodules/profiles/templates/wordpress/wordpress-ssl.conf.epp4
-rw-r--r--sitemodules/roles/manifests/authserver.pp29
-rw-r--r--sitemodules/roles/manifests/code.pp28
-rw-r--r--sitemodules/roles/manifests/emailout.pp3
-rw-r--r--sitemodules/roles/manifests/git.pp3
-rw-r--r--sitemodules/roles/manifests/idp.pp29
-rw-r--r--sitemodules/roles/manifests/infra03.pp4
-rw-r--r--sitemodules/roles/manifests/ircserver.pp3
-rw-r--r--sitemodules/roles/manifests/issue.pp3
-rw-r--r--sitemodules/roles/manifests/monitor.pp3
-rw-r--r--sitemodules/roles/manifests/oidcdemo.pp28
-rw-r--r--sitemodules/roles/manifests/pgsql.pp2
-rw-r--r--sitemodules/roles/manifests/traininginstance.pp26
-rw-r--r--sitemodules/roles/manifests/translations.pp3
66 files changed, 3725 insertions, 1721 deletions
diff --git a/Puppetfile b/Puppetfile
index 5729c76..fd79aba 100644
--- a/Puppetfile
+++ b/Puppetfile
@@ -6,7 +6,6 @@ mod 'puppetlabs/concat', :latest
mod 'puppetlabs/mailalias_core', :latest
mod 'puppetlabs/postgresql', :latest
mod 'puppetlabs/stdlib', :latest
-mod 'puppetlabs/translate', :latest
mod 'saz/sudo', :latest
mod 'stm/debconf', :latest
mod 'puppet/archive', :latest
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..c7b0512
--- /dev/null
+++ b/README.md
@@ -0,0 +1,20 @@
+# CAcert Puppet
+
+This repository contains Puppet code (manifests, templates, files, configuration data) to configure the
+[CAcert infrastructure systems](https://infradocs.cacert.org).
+
+The private key used to decrypt the Hiera data in [the hierdata subdirectory](hieradata) is stored on the
+[Puppet server](https://infradocs.cacert.org/systems/puppet.html) in
+`/etc/puppetlabs/code/environments/production/keys`
+
+All future infrastructure changes should be made via this repository.
+
+## Why Puppet?
+
+We use [Puppet](https://puppet.com/docs/puppet/6/puppet_index.html) with
+[Hiera](https://puppet.com/docs/puppet/6/hiera.html) in combination with
+[PuppetDB](https://puppet.com/docs/puppet/6/puppetdb_overview.html) to have a proper audit trail for changes to our
+infrastructure systems.
+
+Alternatives like Ansible might be easier to learn, but do not provide the desired audit trail without more custom
+tooling.
diff --git a/hieradata/common.yaml b/hieradata/common.yaml
index e18ffc8..10d1188 100644
--- a/hieradata/common.yaml
+++ b/hieradata/common.yaml
@@ -12,16 +12,13 @@ profiles::base::users:
shell: /bin/zsh
password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAYmmeAt8w5DMzcB2T84r/s2mikksh1kxVFEG5Nk0o/jOh0BSdtKnEZLYV1SRa2Gvgu6ACqLAqYD+4c9neAnYcQrYL5y9rXC+l61bid3L83wM2XkBJYt534ZlU8XqjEB7R7wyQu+uVXA6PAqy9YccAJmAkDiIHy07yVoG8biG71IoCX7f40Otw28iXLU/N7xoX5ngGrWZaVDkQulwGxFAjD9KDwho9/pPXFEfqdeuJSuL3t3O3PEumvuva+qiZHO8Mb4Ngg8wDgHNFHXLjxohBGQ4e2RgrrcGWwFa+nSFRSukOecFv+WNzBbnNon7hiZ3QiFZoH9ooWIbfghWfZiWAezCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQSYlfah+RAoUKmvuQGB79E4BwJDg6EL2YyQ1GWFxz2EYj9cjaVD4AhLUJqsgex5YozliQZCPcflv3VoegHTp2jJ742HbrRDZmE7ZNlsj7BswpOVtE1SO4Xqh4OJTmvLy4V2G2sac/usorrB5LwS+n55Fp/PTBHe3VD0R0Ywv24K6bYg==]
ssh_keys:
- -
- name: default
+ - name: default
type: ssh-rsa
key: ENC[PKCS7,MIIEPQYJKoZIhvcNAQcDoIIELjCCBCoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAV95FOtVeyG8OAzQHmi+oWO+iCkqdkiNgMbCqYujvCpXhqQl42GloghrfP0nvU4c7HiY4wA1HEd3M3Yj5t3//S7mAauhLrxGkS1P3oeN+Q9nFC76F3sbWVoO2reI0h58o6a4r2vU/r+Vely3F67y+3T38X69Amw41/SG+cf5GOJoYzMPbFzNBh7nZlS0U/gx5tXCitrUdWqvmaLYLorDEII9JfNMqXFsAthkxy9G/VI8pSZU8LGfCmvb0eBkuiFZ1wNwkvVLItAHTojtR9RfjN7uRplJf71ulsPDOLk028hoe0wx3Iz6GDSm37adNXYXrwEG+cc/7e8S4Rq4wUL8OajCCAv4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEJocSNI7Xxh05qLbKDQowdKAggLQwdxzSyWRWLImjlVg9RXwVN/ukICpMGMnpreY72m4pGGH0UXZ7yCKfN+SaM5Zt+WbDLFBHSiFu+X3vq0hSK8osK8VLxUV/GeuKu1fsOs6q6Sx7aZE+0b4FEXqAtQVg4aCACeuVAdcKnAiwXUpEjGbekIWAnWeDElDiipRhf0VQhQ3VGngzHq/GTZ9XeNpv+Imk2oNVA+W50yRZ4dTX0kXv8NVMzBNskjirPzRbDltfm5lDGAncOkMTt/5WlW0YFD33nEueMmWQ53hpuD4HmRroNiPElXw+aM2ttf3FIdltAx1aBe+Ao1CdUZf4cq/GDjlbPGbUTkXI9CM8Y6WAI82mQvsbrfC4p7a8OcwNrTZj17TqJR/KQzmSUvYZqkc7tEWSt5MqB8MzmnYiBBpH2tk4uk/RzdeioXkjTudYIFGb1kps0B2qlK4aVBIuRGjE/E7GaZY1EydmC9tfMaPN2mNCmGe4ZC6Igg/XWC2ElxY52ANldJZKUvK0nT1g9SeWkmRzFl8rOhXb9o1I04fXsvwCSy1n5aHz+hUHheUJm9r+evI7EOQwpYis19CUTaQG1yrIDCgmDAjRWrkEl4hs0jEYt4EzxqymDmJC3xU26WAk+iZ914l6nmwzdqDgcfapstigFYaTu7bGNgtDBxBVA1bocf4Ibf741r5EzeAaVEbN6WSFkgX/ma/DTn0ou04sei1KC7Gb2VwC76DCGmtnj2qxPbhE42zhUhoL7RCXwEKvBfJJF6CP4O/hacdcm5Vm1BpkATOSQu+7GJOWG0s5bf4ukdSXfi90sX2SL4AQzC7CWJpQihLUf14OdDtJJ1kCL6Oa5C/pWvynFbAK7/18hCexdmvCiXv5xIu9zldpN5x4s63xr2ZuIA/cFcGIo/xXCNWybdluqfgjLZKD3csF/4pMw5+lTRVXS+tatSaAP19pbz/dBH/CtRvJX/Zs43hxbjW]
- -
- name: edgepolster
+ - name: edgepolster
type: ssh-rsa
key: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAuTm982b9l+AXsDMkM/XlAc2o5oiAxSHN/rEObWnGL+9SkJj22Ln8otYymPZ/LfePrAKT5X0Bl+sek1Z3/KIsIulnKibHYwb3Nd3zwa1YyrxyFcLAg993Fb8aO3/lTZ6QMkuowKRB2bNheYOl6kwgnfEHMEi06V7owHoPriOTQpH1sKrcIdJX0sefFhttC6LMDxZKEWJuRcGTGSSZx0g0Q9bKIxElKScAuK3+ptm50m688yOgvlG5EZeR9fKGlDXRK2D451mg74GvE1NwOcO8fdXOPXFKeQzsN2duKFvPbJl8BWswaQfyhqzqJmUU17wz10Va6v8R93fEnjyUJRdB7TCCAa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEIRyL9YjKiYbINKg++yNxOeAggGAII9L0zWfvwFG9PntQVWnWhgAkHzJj5iWli4DrKlRIxI63jXyEbCEgNKl7sl5BT5nGb89KPHbCG7HD/HoVRSHe1hBMRB77CmN8xXIwT0ZKGszPAjOSOEwySOPgbASHJaiY7hMJTBXp3uIQEJ4iXhv0cZBeP40XBFsHpjVEkrgF1qoFYNn7HgJ0E6M/yRNjvD/1WCwj/hvZhcdIkyHVXiicB03I4Vuk5PwTEJ6O0WQgMcEePdYfRoVNneewed1E1ytqRHcL+qalfyG7VfhseNwDyngIhaF8JlMtXMfMWa1uZsj58v2Hx48b61jKn39a6CLJNl+KmmErLcja4i8LmJzM+e2sPJJu5MGfNddlCC3elwOmtHUL9ZI1mXFiInQfBRfV1WWjyP5556XakKXWL4KYPQdXUNXZCsHgmzlaulyCyYMx7grXo+dz4DXriZZ1BHrOYnEbyzZE44m2uoaCpB8X7cGCAtAEWPU7vbAEEA0EtpvgssAiRI9cKZTfxTZ9Ass]
- -
- name: nitrokey
+ - name: nitrokey
type: ssh-rsa
key: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEALYPplgEn31LlGszLFeelN4mNW2BKR+Zcv47+gd91c8spyLDvYU8lBTTyR2BiuffOaXC2JYs+xIBpqMYMLjtMgApZXfcRW5eMTn97B70YETEYkHYr+TWFVm8RW+GikXOTGjfjwZZdm4LjwPWZylkPFfX78tF8nIlIhJkwUjMpYi5LAQNc2YZ1Ukzi2s6QmbHh29EVMRCZRvzi1DgsT8iT6xh9Kltq4QPIwlGhSsWKcd5FWOvKjCYZgHae4dr6zH7qXKcvizloWas/TJnvXSb0lXyQFRSoKH95T5ne2EaxCEo1MC6LH1qFYJifxzOSWTLDL2xrQqwHZuzEJc2sDTHBijCCAa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEN18IzZTOjM0ewz52zDBzG2AggGAm0iSN3BDJ7qqob6PGpnepaKGUcTjUjINOc+3oe3lPkH6sd9mPIupn6e9vG9tla5oXHM9Mrku6Zayjh9xD+xxmFToJCKYeR0CHe5b5H/ab6n066H0YRTpJ3U757Pts55KQgpzbAttJRx/7zOLIBiLcaKdSFDF8+HshBy25KrSRTrlR1QGKn+fV/iB9POU1cbt05vRh126ByNc54n8J/P6MRiZqLeGnMrBCGekZDYdnMJOafBCiMQp2ZijFYutXi8h/3Gms3TKGKUsfJ6yQ3tYjcXB0d1vgxp3ZJzOUPJYSaIF3Wq3rwAmgmAivxrqimyZdIIP+HMOnOWQ6TN0Tu43lmoBF8hKzDIQeJ4n6YEyZ2ILDJsNspUItLR3D+Zxc+qOE5egqAicgcbBZwYDGc+VDlc83eCW7pcVh6dn1MFrog7GFUVSWNNgAHV0PaKRkZZ9H7KEfuwT8rs8yviOh0pZMnfmgVSq6LsgZRGQtTs8JBgXcA7YdPvoy4T+kSbWtA7O]
law:
@@ -31,8 +28,7 @@ profiles::base::users:
shell: /bin/bash
password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAc0aZpU2bfVCFwNTbfZfg4VVDqHLB5DNMQjWxwP1FJ/SKUOuApFhOH20nRtZf+KQUo3XnltTqF4Hq+Wt1XclvhzS9UijufQZCGrbWFIJNNEAZ6SVoFKWWRuwmHL34LI0xjidmIFLjM5YeNd3d5+pEU1YQjeS09N58SPySSkDFzUXCgjFMTKzP8nYvTsJ1jpIrXfg7g/gvVJZGXLIQAoDmU2pe1/grPyst5Bc15Rpb2GRKSpl2Cg3qIqv9WQPwNjxHrGKaSpMN/HEaNAUC4cYceUUN3S6/jkPfCtoqBXDyVXHoY7FB7gXpNZiO4ByMF1Uh45zRweH/3nq+69Pk0r4AeDCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQ+Avp4L2ueR0dPafRqPGGjIBwW5o3/Zq8DiK4XVzZx/wf4chUu1g3dvJYh/Fn42wv85eBNQrmPFqvj78HybmdStAduY91+dyOPPyux4V0dnco0xr+Ceeym7km9WnWyJgPgC/POjPUQcyUuO58/PyDmVqv+P8RH2rDMSJCSzSRMBFVXg==]
ssh_keys:
- -
- name: default
+ - name: default
type: ssh-rsa
key: ENC[PKCS7,MIIEPQYJKoZIhvcNAQcDoIIELjCCBCoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAOcx25z6/EUDI/qpF32wUolP5gwVdI4l7xWOo0h/TR4wbAWWDbgvreCtQL7wYRaV2wAcEUgOOB0mtnYFhAnVkg+VIcK6cKhL1SZ7Gx7bS6nr3LVHL/YND+mN713RhzyR0ZI3sx546r8s9+wvQ3W04VYFYnCL6FC61L63ZmKPrO6wMBQvkw0L5cN1PE3Zp516oKl8gAyFIeaMUg2sSUYZyW/pyZBDcaw2tNIgaN3rAciurPaEFgoFyfaC8uq9wwV54vUGwcmzdazYwgyrTvO/1r0L31D7gHnhuR2tbwKPq/FDRc9kLY7ZXh8+07SZAeqa60lkyh7lTluaqbvHfdgJPKjCCAv4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEDCIwaGL3eIoaFYEQU5El2GAggLQub+d1pdd8dpz2ShtVSEKxv4xq1yuPpzQkwn6FdojSjiyiRM+kR9HqwA1ia87lanw031kuAdww8EMyzbAnw22mN/YBuh9UqRIWk5H3QZxSZZV58OjH+5+ibJu3VQXizWS6YVp16ahIv4XiJ1a3tOeNiHzJydt8NvkHqqU6ffEmYLRrdZFY6sNsUTeGqRmudPw5YEwVKhXkYg74UFHv7uOgKObnZr2FdfsJwlUzhmpFLApdhGoRgbYFNJGCcPxZma9Nr6fy12T2kt8ZhoysBnLFHEz4hDzIxgXHQ6RT/A21m/bIdD1RnzPJvEEyCstLZWGK2Dbqr+Q4QQX+CFLsEDyr9llH2pyEgp6WG0tBPYSu1WUOdjgh3ZhXAQxVG1Hpm7s8c9CvjksOS98pSaeilGXOVdMyQD6KO39x0yQoV3jVFYeTCwMiXbr7tsnxxhwV1Ljbc4stHFzKZAX3Ymeez8yEa5lI61rA6lUXuYxFBey9wivz+69pOmdGjD+JtXPmS6GRGEbWaVQzfisHunhEXva1BCW0grB+4efcaF44o1cPr3vanaHmwERDRE6EW919adWQ6lodqh88KTctrg7ZprcMVcPyukJ0LGV2zLwhXFw6fWO762VVs1QhC43ccZLcQLl3U+lSLmP27oL6EqPyGgv0CXVGfxhvVuN9vhNwRalKoDZGjO5K1HHb0YA+KryDdUuVqw4uJlOlUwJcFeLuhaXn6ECA+NBJt0leP2yWr6ipwoWtd3iinboU0o09vOb5Hbvplj0iwvEKr7cYHh4yuMmLreewGfqh7NN15H6w7cmVVA/+Ah6WJjM2SXb+adPLmdtITQU88talFi1FwznIr2yRJROF635f/iTNDIOcXHSPgBgJQ5573ix/EsNofeHmcFTRIzMnFkQNPAu1E+8fpUecUz2yPIGcl0PNpa/p0IYESRNC0L+8Lzvx0qKtDMW9J7K]
dirk:
@@ -42,12 +38,10 @@ profiles::base::users:
shell: /bin/bash
password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAC8aCZiuxL8u4I9eTeiehsKXIDgGrudCvDaafiGMVCZiXPVdwwQf/3K+l3aozAuM5ZH61gIA3kwig+A5xUoNGCNxdlt5p+JmtmKm7yewTGaLIXH0QwNt9+DwmfeeBWNNbbxKY7jcAYQiL7YzQhE1Ug+2YpJWJnkw78MQdpfKuFaJH53hjDNpvaQVOVpyDS58ayR+QAxYYj7XdzJ6U7jrmRniRTO0jXnCRKQN9lPnp9i0StYnNpQRMG8lFjrCF7kzI0RSJkwEa5yAOxMzY4Km7iGxMJdSWH8TwIwvPfZWyNaZAl3FCzz+nNOnAXmDcElg/ZeNBN7QuDF554NGV4z2S7jCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQHLMrrfoN545YYM1a7EDWboBwZaGY/+Y9EV2mCsTyeX9MXXzuwx/5JC1B7fI7M/HAlOVV5c7dmhB6HKEiTvw6gLiZsb6oi1fQ1JZLolvPf6+cxZCWzx3c+xb1sPw8CAMxXPsTYuKoZ0wLuKsERudlVa5TBqvQPqf7TKFIod83x0feFA==]
ssh_keys:
- -
- name: default
+ - name: default
type: ssh-ed25519
key: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAsoFkNFm0h/EjewGZf4XGU/nSbP/m272G/QAukhpSDhROiYrRRnd41E/A9QlWcMNVQSmAhZldgOOuYbKv2+9b8TYeD41OR0UeIRpxBm5uJ4cUbgyXgmOs7y+huCA1crjVuU7noWUO4f2AHDGk/ENHL43myQLHCk/oqJsFzfIfQHI0/kGCSIxc8vwSOjIsjelKRAkZRCTR76FWX5VrOIp6dGZBy6sJjff6+qVIy1WQ532VwArvN9r5Y3IiydI4oHwhnsO/nDDE5wFDxkwS6iDk6YKuAGvSvgfifEX+S9OKU289WrosAFhQllUOA6+11hnYWPv6SwQwLyOE5SIf7T/h2jB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAXYCaqIkeAtzRiRdlfZwiIgFB/3umOXRan6Fe7E/C99Wb1KWughyGhjkWkEu1/I93jNKg9Y4TuRhmvyRZtG9D7ZZm3G7h/4Y3dyFjNOgqmxzQhiuPQYm3tPqQk/OE+LVFQtQ==]
- -
- name: rsa4096
+ - name: rsa4096
type: ssh-rsa
key: ENC[PKCS7,MIIEPQYJKoZIhvcNAQcDoIIELjCCBCoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAVVW+UX1MlJfQAu0EytjbPohPycgvDmzDMuxeTMnYxPVdVUPRIiT8zcWVBrym9ar+n01b3x/eAy8mjQF8n94xJDSvpWI/hLVDQJtDW+MrsMCnoAhcnVlb1E8cCH5b4Lflnk+JklcVxYFIxSurlqHrbKdWXAFw6DfniMsr64LyaYuRHun47RY/qfed9sLzwnqJQiZ8oGPbekTEJVbNDzvfopnCHzAdH+cYCI6y5IawTxZFQr8VAtaxvklbKOqaC4KtH2tOp/wYB+6IBYzQaqO+L2eM3+9p2flPtEERZ9Eq0Y9lDWRjkHXFKdOgXPjqRnqlKEcQ4cro+iX1dWUlAkV5ETCCAv4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEGRQx04BZuJ6kRvYwv1IRAiAggLQH24aFiONst/QRk2UM0nQDTEDwpT1I/n3e2Y4nHbT/HFDaiIT2176Lk8sG2WCNUkVGYcSrfiKGthM846Wp9C4xijQSxDtthcicDHOP0knv8hc1Cf1Z9tqLHBApJyj2yeGtaq6UoJMJSVXfTYCZczPxifJ/RHY9hHsWSBTclVLfhkCYrJo3GfFXnXFgWx7T052fldZ0cU7ywQ1NF7eB8c9CQyBSqZb1kDGfEESmOFGcRlf375llToRMkqcAQzlDxcedvDYfWLBCYg+5ztIlUY5OzpWFWvIkKLPeE1YwYzW+9THYRmIQcZ3j975/cwk2af+0hCRsm3dnXKrf/ocfMXr5hI3SAupsneSTt5mLdd7CJQwt5XEeKtPlT13hx5LIy7xbrnladTUIvRT84MA/FLwXEcxNzuaCcHeqs06vrLl5LM6N+DIwRkM1yXciHL2giTwvYqnTjeNv4yO2p7IF8Ilb3PjVvQbjHiEr8UGJJEKoMRJo7mWZKoZ13JSg7ICvG03QaFbvrFks3clGJFBlfJu2ihvuC0y3sixF3OV147ae7sb0OAvyMz4sagQjS5CTrq6kiQwL6m8VRXLYgANxEgABGc/aG73b1RcgDHiea3uRzqsN5oKr/P0HNFziX/WwD5YnfenyZhjHL69O22YwDo+UuJkh3XHLNkPBfT9/hNfza96JrV/n7vlloJMEphfH8BplUo4Na+FmUH6cn9vtucKkfTOQxzuBN++39a0xQ5pIaBDDyZbxnQ/3YpXv0IoQp0OgQs8kWsUsi2ejeVHdDxy7h9CaDpuvie9zETKIUMHXqFQt4HDfIUbsy6ksLyKCYPxSMAEUQyWH3YXQTCRqph817kphAP+sxSoWF07j38MwDohJjdBrWTGnwLwQb3mBD/eSq1m7hKj26cxaxMc7Z7QyH7k6uT0eYh605cdOOt5PrPctiDtoRnwyRDO+g18Acbn]
wytze:
@@ -57,8 +51,7 @@ profiles::base::users:
shell: /bin/bash
password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAA6BtmpFWXj1Aaqe88NF3b2KAGN5DiEBFj0AMDGyth+YvncerjVYo0nMoG8fBN5LEYHzNuL+5EbnFPuM42U3Mu8gOeZSBbjbd6XKaQYbbS8ILlrZjtaKO+WFTtFHh3O1GyO9HxWb/te/uXGmsEsoLwLiQBcaC7nB2vwhA6XKUIitQBxC3Sg2hxH4wUgXoHR7ZH5iVlmCbc9vvCJZWWxNjhKBTOrRrp+q86eBwMJLE3ekuczMkcIDDZ4EkfbAHYqaaI1wdV1gnRCLX2AW88O3GILtY4V8GboXlZUtymgl5HdKoF7lFPLykRE2tmuRmpaHmLtINeVxPfhSHiQ68aDb0UTCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQmkyLO0dsomgfjdHN/rRwEIBwUZdFHCA/v/9uvbvlZwKjrgXNjZnz+qiNqpsFHXqL4hyCiwBc1REgkDYC9o9vApqiMuoz1YbVFj7v8sFPdbqvxE9WubRqZfGOBn4h61s3xns4VY9+qasGMqoOjTIvVzYM2fYKiBmyP+hKZoimn0ZudA==]
ssh_keys:
- -
- name: default
+ - name: default
type: ecdsa-sha2-nistp521
key: ENC[PKCS7,MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAmyFeJSSsLDzOgKZuwRzHiG55YK9x5Z7XDjHLMOiUo+BrGx/zAtocezLv+pTcJ4HrbjE2phfLxmbpm6cjQhgN4/P7brZBWW74+mD01aaKGi79/6ipIMdA3pkiHe3cqY5vcHpPs/PQG/7FCwFr0Wygn30ibX9Z8jl4n7sS9yAcLXxZRND33ssu7Z4/wXb+RY+a5bYPzJiYVH3DteAvVKOhCRCfY28080uPOgIIv801kDliLc4qpSTEi1R3yIjj107xFZJWR+SpljYN2DfMx/97alRqrJf5hgF1WJzqjecR9dgrM/gQ+IovzukFmAwee0U9uVT8yPTxMbg3PQ/niXhLDDCCAR0GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEMl0Ee04qo/XGRy10VJ6b5SAgfB7JwuIqPF8VbFX9ooMAzE0xvPvxP65GldaikFH2IwKthyNAx1wRPc+0Oyi9pYan1aevwRC+UGuRONArdG1w/SPKSRF+oktNZHSUg572dxYP8JqzFrKKGkRRPlEApzUpL0w0STC9Odykh+d2c3KBUkqc5bHGMyGeJS19nnWGEx3q80Yeen6nr9XuCBACWT1PRDzekWs/hMKcgksCbijS7TDNBjyUvQDU6TaMyMb0rfzesMkcNB3ZchgFT0kCL09trjpbrfz9oCw5yvGkan1gkF6mzcpaUIhjZ6EyhYeywVGU8c/cDFi2FphiWKVnHSC95c=]
mendel:
@@ -68,8 +61,7 @@ profiles::base::users:
shell: /bin/bash
password: ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEACWHkaPgSf9C6TkccvR6cVQQH/mrevLhraJ1A575kPe/BG9YmsOj+OpJgm1JQlsHYhFb+7JTuljOLZ8CC2DvYN0zaVuGExAXFUPVl1nr7zn3nifeuFpDR9wgF/eC1g4SkCDaHw1eoapimIZK9RsgEgmrLH4PjB5Au4c3T6o5OfWkg9d6N0z/nofTZsjUg6706g86BR0phR+M1QST36DM4g57IhRxYz6lN1xD2QRHrSIRihaQM5pgQGTrEHWRsQLrbwiuhJImM17wZxuK2JW4xHygRCZ1JA860wDLsgmGFLM0u6f5/CR5E7gn42tvReXcNHKXP3iqwDJSDZJh1n5hDvTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD7FqrizPCAMRBsMsgZ8EH2gDDav/JGDUh1DYOI2bcxioooadi3gUUc9eRT2W93Rbmvs2W0fA+DLnelcexbcCJDtuk=]
ssh_keys:
- -
- name: default
+ - name: default
type: ssh-dss
key: ENC[PKCS7,MIIDvQYJKoZIhvcNAQcDoIIDrjCCA6oCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAYih6hjOdjjcQhlkmIWtgM+Sjddns15KEwT7OH89VycJpfTcGItodJjLjQbM7mxSq7SH2vrlWmzx0LqixdTtJ4gwyqB2i3LanV3eD/NK4ZveIEb41S2Ju5lJc/TqHsiv2oSAAKu12GDTdZhwMQxwTLv2LK8VhqP1rxpYtYU7+wA4t4DU2oTALrbn1bRCsfSrnEXUM6uVnZhTc58NoUm+0/EsB2jmmsykxtM4WnL4Mt77vi+3YgivvkV+MfadC32Zail98yKYZxdALW+tX1dFJO8pWO3z7RyHTl6D2tb0RLYsxgyKhu6NGi3hhVPq28VNc8JaxVBGTAcTAXg4NiGB5ujCCAn4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEELQChp0jVXAqgVgiNpBs0CGAggJQ/ct6GNxT8y8BMXkJ+39ueheXsPDB4UQe96zIYrPCGgY+a7H+c6LGUKLWrJoQYNkLF7rOd5xFrFyUmFxVx7YcqggWtggTrt75ZeJyJFsy/qy4xStxmRca80+pt5fLZce5E3WH1YjIUhgnoLJas7pCIMoCDvHbq2vQS4V9bvCCsx9bjACItBnCCMcaA5PmYUtAXP7frhj+1WpWvpV7yfZOx5Y8t0TsUfEjaUA54zD1wWYg2zB2Szk4h8Jm19ffQGWNrI1R2eXJuE5oHXP8WsSwkMvWneCavzXW1AgswhwGgnIl40I0MCSpU0mhV6b6cQJMJ7Ptudad2nCTtgkBRIKKm0H6BvUMRpxiJ1j9wX5SQGYCPrON+1E6wQmPUqwIVfPWfJTBNcDbbxWCQWUTSZVFne12ewQjmx62tQj+o1fzWBypWoqcn/zOXgSwRUSWwVK+fD+m/3ohVQ2cj+ltbFM126EfLpA2Cl9m0DW9UZ9LMf3jvR1KEq6ayiHJloDiFq2C2lXvfOUGt3+bHsVoeF9DwEm6uhhdLvYripvBmwrlwkvxj6/h+XzGvRaIbdlzFtLMv1TVMdklruC1NS2GkStoE5/8JLud9lj+Glin5bDuTgrSMm8NnOHGsqIP7VbIHgjMGr6uNDEW+jzDJSWGygtrQ7gR+rLuVakbpOak6W5klFfh+Wlnh66sOzw/pJPQiWd81WYtIICQ3UffqwmpKLvrJCV6/lunmFYImMaCcxSVlwhuKTINGeSCCz93wEqiAimsP8nhXOM4IcdpsV6T/6hhqA==]
neo:
@@ -79,8 +71,7 @@ profiles::base::users:
shell: /bin/bash
password: ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAU2KJTKlyeQ98TrPOizmFg5Mxtf7WvlPduLZzz754AlEdYmU29z3kpw0s6MxoehQUoSSvUHcr3Ai/Q17W5vxpkwvuj5Ehg7sQVR7oOr1EJTtbGCl9Wh1p/LYRrmg8MecFiA6A/1SQrcB/0cX0/d8sfvBbdv35PUyqvk1kxCaJbXmIUOLKjlD/h4m27me1+frranta8yJrpDs9GYmmwnyMwpuOywsTK4OIdQ75++LOrrLM+QOWc7j1NaD7AmPL/RQ8Uxp4rxu9OsOSq+y61rFtw1bcp/8HboAvfPAnK8qeEAfraX32bhYxuDCe+FPoHSTAUQvuRaaQbOqG559fmM8TazBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCdx0ze9zXer8YY/J5HfXKWgDDaGIiYF/XXe1eIEeN1/TdZ0iYk2wKNJyqko/S+SGLrPeRmrBOgL4NrR1Wtn8VpxxI=]
ssh_keys:
- -
- name: default
+ - name: default
type: ssh-rsa
key: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAPQoYDBMDHX8/HmEJevV8tzPxcoh+tjLewjyd9/GTtBowiAdUeFvSC3s9jPYO916Cx26BJojcWzG0P5CWrpJBNh6HX89qAFyOclYoahtTRaPtZ5bsuXLcepFkqZFr/zy9RgWX0THhKG8IguYISzpEv0yCSVKZ0OnBQhjGlxaipvTyI39X6LIH6IFsnxbhMzeDKCyAf9J0scgJG7yKcNgH7It/9caV6bgG0Iqp/jP4bMt/zIFq3tAp4+Nsv2btjdIAoFO7mECfjCxbOzQy3vZgJlsycG4STvImUXZnqLo+664ZgLNj1So+yWZ876+4dg9mutvp7gPrqEHAqq3lzY0cdDCCAa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEM/y3wfO6pGSfFgGv6GS1K6AggGAjI/D2TIcm7Lx4ogSjKLLeII2j9gniOoHGK3e0d0dfWupIB/8x8VHJQVaaHOMlOhSpvq1DUu0bsyVwcid+6MVB5uAGrS9CuEkTnyf55zTiRfYdz2e3gf3bz28Uo92Mknoy9eIBi3harp4llY8WuxMjyi30k2Czi6/98RbE/wBamZeghoXl3T5hibvoKDzR691ZsKVWZDUVayU6cDaeu2r/xn5qYd/xo/LuIdhy4mkxyppDf9bgmVhw/QiK2Lsjn7I5LBjOM8ouRPuur2+T+6mgKhvX3yq0Z//TOee7FHaQj6eP+pSoIAWe3DxtYMermIs0A6wreuL1Rmju+hSYXupryFPN0LWxG2+9+XmrjwhxDXZTokCfqUJJEBb7JIM8IMvIKl9jICHPVMZsFzJqIWla4oGCqmloZhB1p/LXYjUYPpWYn7qFOUcxl8QFuMxV64J41qk5rUN8qpNRdfv1cAWUGNO+owZ8phKxo2oEzSNZTdut6CFAq08yByQ6UQ7PLN6]
ted:
@@ -90,8 +81,7 @@ profiles::base::users:
shell: /bin/bash
password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAv4pM3eYdyqCpT1Fcwttaut18uxHcBFY12HqlwhPQjyDLwTxxGL4axMSpwUd8iYu4yLJE8lxWfV8sHdA+TxTj1lTqGeo6qn6J1+H8rUrPXpXPL8/tWbDFWu3zUy8iTXIHwS66OY7j7AskiU0wAxOnp+cIr/LDt97bnZZ7yje0TJ6gImHdYkoizZy2uA7+5LZWFSReIZkbc7/Ros/A2wFnSnux4qkYpeuXvtj4whK8ZEK4qHsemlguhV2rcoE0ivqp3gVgQTGtnGhrrnVm/e+Ff8EQWGChKwFDrM6jXZFabfh3BXkt6TD+zYSPGnc4ttolj5ccvFV7jge26ry9VaeiszCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQeXKtyksA7JksRwr7pbuVCYBwJO3u4YbZ39ATrXOngMeoCUu031QEZQjwWceakitb9cX52FBDnS30AwWks9Mge6YZObS5NT3Ma9cVnRJB0G5z8iBlZDXTaw1LfdJuCu71SWt1njAfaiJzXEqKvTcpGEqNuRxO02xfFlxo+PSC1L1mNw==]
ssh_keys:
- -
- name: default
+ - name: default
type: ssh-rsa
key: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEArxabkcQw/Xm8GVd7L3bmGKJb9aZzeIHqFw/rkUpJ8JYTVVjwwer6JFA/FtBoo2jVj5BENxmqZhJtlQFTazerrHGu/u+bGgKg7TZiYtr6682Lk+4xaFhF5ncnFGa1I9rFDSp/35DW0oVz9ejfpECx7jQMnEUatQVvlOkoAzgBh72L9427mb7mAtvrMMN3hfOJ1l5iEVbmxV4TYkRspubDiMLBV6ZPSOvShtNjL9+YFokqh2ynfeRhZ9jVXaTDAlphs4AueenpbXb9AeKepZlk6wmfQauiDZMHKqdqUGKwpbPix73v6wTcSbB1BdH9RujjGYpZ/lQL8ZSqRv4RG/Yc5jCCAa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEBGNAeh9+PKsMljJ5ZbpsXqAggGAuosqZ5Rolcf64ym4aMWZIlICAdHoVHZYky6bC4/euZMmQcnrFbjt+12lBZBYbOfm7VzXgnvSv+fOu9B9zVuV+GiPoocaUReKb5xs5npPG+EpyICmo20LK9HQgddYVWbQY83+vrc5lhDLWHQPo3tm9QjPk+voIb9lZxmyIvNrwe5uyj6rVazr4PQ+LLIUS9xLmFZfka8uGwZUjaXqcHMazq/AeVdytTqaR72fDcPp2t20/nrGMFzhNpQdQasH5DNaTLQhFZAczeoslBywaxAEVIByQTMZFqJdYzqikp4gZk61tXEsJAhQWk5kapW56NxmtekutcgyWyBiMtPQqa13ACoywtHzlc1whdcOp5ByaKlzQmiAZt19l2lqLxhfAtxb5PHsSXz+DbSxblOl3+OsrwN1cOOtkKLIegZibN6HWM6JqeE0Uga2On9d7YEO8peKU2WX7LmUTNKJ1KC9rDOZiUXyA4CDC5V2cpjmQH2JSAHFJmNMSn3xZRbxDrz5LkiS]
gukk:
@@ -101,8 +91,7 @@ profiles::base::users:
shell: /bin/bash
password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAC6SlsNj2tVo7putSVv0hWfks5Ysq1PyDkUefBgqU+hoBY+yw9vaLYGX4Qy+EdXokVtwdfMF5YyKY5K0wPkesd6hmFgONOd0vDv3PSuklsYjqVWuxujxBya4eu7OYacpP0nebj7glrnsgL1NyfFfsKj7Qyc33edPa/dvbhqFh3xDhWPYKwOORBaOJkwiOjtVsYdgAxLrv1PKAP2u07FerL7GZS8n9QOhtkjWQDXtjTD8+j9IPuX71HiqqKgIVF95T4tbsnVpZe3b3mGMAhS2c697KFEbHJOUNWA0kJDqRfax2a7DkXmZOo81uX2CadgqRUQlvN/jaYqsKlQ6P4LOCNjCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQALYIJOAshKsMxVRqQz18/oBw8yFt06YKCma9WnX/hTsw/eVKS3mDA+k19DXxCKqqes3tFXypKdFrEn6s5kUY+GUaauM0h9OLsMSPLXUb7sD+iKcPV53Xpchg5KnvSZ636bwhbg1WPORViuvS2QBPDvIavFy+AcLgnPWjwrUVtT1gww==]
ssh_keys:
- -
- name: default
+ - name: default
type: ssh-rsa
key: ENC[PKCS7,MIIG7QYJKoZIhvcNAQcDoIIG3jCCBtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEALeHaGXeNNupyPtX0YtBqRHQsTM/VDEfPU42V9bhuscEL+U1YzLw+sW2OUsnI2N13R4LI2H78xlnMX/W05xPk+9sSRmyCxwDux5fFrI7GmbAEdfGKybp8Yxv3+ARMnSNI80uCkQ4wmCvo7A+/E72Yh5zookjoRI0ncUq/60knKn+MyLFCztOlpJMc5bJq2pnEDo1aAwZqofUBXrNqd4Lwk/kndbnbqCoKC6JMwefxNc+ea6Q4HA7tLM9EI0cywIahFjeTfdMBD3V/tITy9GWGFfSJrIRsbUgYBq4frVYbtElysR8Zp0sIj++iOLdchbVAC7Rdt59hh030qW1wGGHJxTCCBa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEOo+v7HRbKKfOZ2JwORhE6OAggWA7suAKXPpwBgNkQLTH4D+6+JMshzWW9TEJfvVm+Uluo8jHui5T/p4hh8uUQIDL27leBpju0Tp0l7ScAYIRDgeoqqwrm9bg5FjELG4wS6llP0fdzsHm7rd1r+zpc/yd1ObzlPX2/tcDOcrIePChR252QtuX3IQTIgAFNSD051ZZn4enb7tG2P8EFbNrVKjDFFpBoAUabtc1o1gnoLN1qMGcYw8rCzFQQi7s1WyirPSdm0/0WOedRLfovXwQRlon1k224IBqCGb1vHyT6I9bm1t2XVkfx/yB9JT7YVA1XA71ZA6bpDv3LXU3OBW9tn+R/bpyA6r5fALa6oAcWC28FmR5+fnf7dPYaQqG5p/L+LAJ6MjnDSWu6d658yHYugNP/IIRqC/zupaZ+ml4KFLkz6qL77RPdPjEHdU6HfL3xcEiaizxGCMopdITBtccRENtUntvNwUDZL+bgvLus0RTAuPGoypdSSMWMn/kYZ7qbBw+D9aTGN7UcDA8qAZG6FDivCDSp4TjTnQzmPD/qF4K72liCJRzsq4bHASifgam0BD75Obd4Ytzm4Xkt/CVB/VZQBzMvMEmelpQYb3f7ASVkMcFP2WQ/2ersPykBeLh3gOB0COhUxBj+b75ts7Xan7/F0Cu0mh1xH4tSZbl0WiTfCkJjZCqP9fd/hkuw3hs2Gi/Jjsv7ZU1YvGuUowBRUrBZ1ov+vIFwPQqHFeEMPu+TLJg2qM+avRn8GmGckECXAR1CM2Vb60GHzFpnJCPRN0zfgwF1WkDsHnXfqRHqaSUySfNOre651PDKiTrRc6qFMawcu5bx7Xv7C7vYK69/+kw/PDodyE1vd/L7XjnfMAEpLiGwGU0T9LK4SzZsrGKnZsTKc6qUKROVG6tqAg0rd9OPrEn5ePtd9m+lWe4lH5APeKl2ZGS66HUy7LVDXSjGUTUeBZSEuu4hrCdrgIce9SN9KPqhdoJG845i9ds9hYZI6cnhgkk0wRLe0qhpWKaL5k88AO0jBHSYyYyl2iZ2pq/rfzO0c0e28bNtKXif6gw2v8+tsturd4gC2O8kX7pN1mDF5F3ae5OfP7VWTV5rZaaNPI1FfcBKIbNZll8nfuu9hmdKvMOFCi0iReY8vQveXH6vuc2UPpxu7ryt/YCn1FPkgTm0TTYu8zn3svC78Sj5EffjiOrwQze48RmYZlyScTBa5e4AfsT8n6tkugvQvUDAcFA8Q6sonfOIEKwRIo31r8/0ujOPq3uD4gw/JyuL3jtUiPGJelIWWbJgEA2LHjuFiCY46wVYLQbmALAiI7b2bIDp4jP06WPuOpCXZx73eEInbTs2oMFrgWEDc1sJydcgdUi9uDQ+tHvNoOID1lMLtrIiPVrbWHkkPzkLeSo3cDZGuc50wrKUbns3HBi9cw/dE4zH5tTj2p6fKvv4sBLcve1xAikRBh/FbMqGQ1OfWOx8Zahxv2rJpIIugUhWRn6d0yyes+NEa5wQJ7Eei4gzIVL5rUcTyt3dCdYdqjvJAP3Ecd5YjeUgS2zJwJLS0aBscXYFyh7NmTKKajCOfTBwnFZdOjggcxZldu7Wi0037VgQ/3aG5ItmZmhY7KmUVc4oUnsW61G3TBpEAd3PkmWmt3nqn6EWlsqTpKuJ/C/sQ5fYE4/unjrtwvfEqfO6gdqrMnfLunkci58r9SvimHt5qXrJBFgQ+3PRU7BNnEJAgwIvdTQtjTunbfjmpdQ0X6tW9hhuVj/KE/dbSz/7XpZOqRR98tBMdtkm/6sIDjV090xwICjMR43Gc6ow2yld2BApMqvZxlaHWujW7EJkbWt+4GyOH4mjz8jxctjP3aKGf3RNJgds41ibQ0z75j/zEGn+8eQdROM2610+Ra2KJInxUJ4g==]
jselzer:
@@ -112,8 +101,7 @@ profiles::base::users:
shell: /bin/bash
password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAPPRy8mgzFyevRBWlDPkbj5H2e8gRQymcr9sjb1iih1+GL/a2EgppsVw4AFLr8oeLymsrNdOTVprPWMa6PXx91sKOvmHUfJ10IqpzFgqb8ZbtSUSxdr2aNWUz4zvRuo9MGKEZ/puniUv+hy3bmYYn7RVzX4TVDZLOIvjfbSiTLr/BgWAC6ksNYhvK+JfEyRl3pQJvPA+Y3int0RZ4AGIAATr6rwOumEO/3j9R2qNNakga+dbCxJE0hEKm1Hb5o+vQiAZsrRBwtbh5vYceGP+JsUtuyIU9mUjOCmKzSFTh0SeedHwEUXHBBcAJ7pjtc9KJTDKxYLisGkOrSyxc3XotkTCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQs5eQYV3U6FA9nSNBDObAq4BwpuEpMQlLLROR/wycfeQVsVTvo/eRZC9lbuw3Hax2a3bDt1Cy0uSipKzhrJaomeEIwwEi6NZHXA4hJcINRl4lE3YNs0Pvd99i3MmY5LPdA546cyi/tlr7zfA2GWV5hzxX0lzJM9mbJ/3pljzWcXP+Ew==]
ssh_keys:
- -
- name: default
+ - name: default
type: ssh-rsa
key: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEATqNWmia/zJzSs8lOUE7i+k/IunDDW7Uq5mRrvUshtp1hmkDCF/ZjB92oKOKTnp3ufG7BXqLsjPEFj+d1lqP477q2vO4EDUt/k6fGj+gWoaLAXdUJJwQ8QB7JLyUzc1qF0h2rPJrIZX7rI2xFuq52QGHCsPXX1iiz6gxxzvkDaZPWhuLmIXFzznsEYDixYngSuDSBqZQl2u6rN9VlRFxaMcVtMGWS2uZeUJaUV2rDPBbLgPCOjEx5T8Cw6t0aB95Mmfhno71sXMAhrV/OpeSuBHvxYz+oitp2I6/+M3CPWeys2F9EO/swNf247R5rnDxm2ssXURCdnC2CyT/E6p0WOzCCAa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEELFCkD35HEdhC4+e131T/zWAggGAq7JO6RPPBYsXNrrdfJxXkbcXllJ1nqRroEUl02bXnovmBKpiAN+77kS+Q8nObKjc7BHWdeVULXMNvKXU863z8fWIVHuAN3P4DEBed+Ap4P5o6yXxa8LM/OokUrgseDblIUy7y+z+umMB0KyhJNGGGhTvEsC+V4o/XrBTJfreI9BL0u1g5JTIUPxHihnvGz0SXa/HTuHZqXY4OSBTGZuiZZMnTDr++6Waut1GOX9uSw+f/mThiEpqC3jlgVTXP7S95UVppdJtgFyQ0rAtTw27d5TQDwcWl8yxTsc/x7CAperEiO//oHH0LSo41LGFiWrjz7pgAYJjqmfebO4MZKPE44yUjC2PKly07EL9CwHphNcgsUJ/RBJWtDCfY5y4hCClT8d9FFBHYnZwTL2VcD6VHlGUYQAyZ4R1+Eth9ur+s2DI4JE9kT9Uqyzl+OaujYDRCEbmzqhSrOgTPZL1v6LzUt33SaqKx0wYtwY4C71H4jyl3hB6GxbHipHVhPErswqC]
markus:
@@ -123,8 +111,7 @@ profiles::base::users:
shell: /bin/bash
password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAf1D2y9Jud0jUMfzexWvbbA6m/pqKrLe50i3QKLlacrQwLjtj/Ioe/9hvzSQJLfr2BrZ+C5eFvB2u7YdGOT8nYasEpPcBP7wrZm+VRE2VaR85ATmcHsrYex8P5o7abifc3nVfRXlHoSfAD5epwzKYCgj6T8G5aBZV+EL5PiykQsNVuaCBat/RzXBOX/mxSbiVQDTF9QezOFE3CqdWWoYzSh9r0t6bPq2EFG3iQw/nefvLHdVrEUdnJHPfHp7grdYWLr9x1RDxPwueUb7oGHbxxQ8jYes6EyVaWlGB7PXg6CPhMC3jU+s2MfAdU+eELBtRxTE0PStvZqjU9vG+EKFkYDCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQ6NCtegYWJCLh6BJXW0JZ/IBwuJgJdjSmBjVnZpG3v6/d/f/cLE65/P9e/NcESg7LEwKgJ5m1/2ZCrepC/UfITf5Z+M6c9AAVczRD79gXhF/aIsFHgwlFIfTN6maTM3mRzQH8q2hjx8GGqc3MbKv3Ei70+eaG2YubCWwOP5Ao34eVQg==]
ssh_keys:
- -
- name: default
+ - name: default
type: ssh-rsa
key: ENC[PKCS7,MIIEPQYJKoZIhvcNAQcDoIIELjCCBCoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAZ+YZwaql+65y+E3AdhUYJdWcYZFho9zrfTSkDEoDOYXsta9MZPPF5XIHrth7pvZtu4ykMsM0ouddGOMwU8dFKaaV/bXfcz+wCEH3kk2VpailtOaRSqB32hqqBatBQ+9vwkyqAD9L5v5IwUMrbOODhgSuvcqaN+8kQxpiTbRSCXhN+S2PeuoKu3CqgCFo+KWEIiXqayNKHI2P7BoxUz01Hq6xLs6OLJC5/yTcT1uEVGluzH9oIu98XSTfbjL/SNNwRClkKM3/Hz55+Jt+MiNct1uzjw9LwoJ3jakAOk4ROSq5mn5crwwqipJQlS3hC2ghZCB4GY/8D/rkKDfojopgejCCAv4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEHsVnXD4xZNXGZ7rGKQNpUmAggLQET9BG9FSaDOxlhlryKx+jgoWP72ouHYvm3sEsbehGnXYy5oTgdbP6BD/WafFZKDSLzn0g9mHYbnLG1VFxmxV92NjPXTiiPKYmLE/nIQJNERXBtRbGGQVFjYMRUvp8n64oHsjRY5xwZAzePCITPhwtHupVfFSoB1gLJ++svzap3BrIIckMcvL8uLBDuv8AU1jmIlYzWugireYxeZLVDzbroK7X0KoQzlT41ool9Rf/t/JkIkgij8M5iZJqLIflgpgzpIBMFw5LLmV7AMdGNStk4KdMvcL/oCSk1Z2wMtqROKukaJR8p8Sn2cXH/3pwzz9wBiQMTnq9ICfm/EIHYJcuf4J1hjT9cCYQCjjQJV7FIHVemT/RuHnFiSDeyM0/riaNxZpA32kRdxN80oDOvxL5sqnewYRMoTD53gC0JLW3TjcYPAYBvXQ+EZdDQkt3sH7s8TF53uQeeSBNr3XS3A8wVb9nVfBVdP2NQFfIzFRndJoKiF4M2JRK+99i2h9WGASY6/KVhGBvjrjFJfXHO7WvpSNV/2oljkJf/n6XRgJqNAMFcrzIeARUG7pWVn2yx05TnsB4hfn9ZCBX2fdMcWOLedHa+AwgYgYkE1db/1uh3cc5F3FLH+zs1lv/2ziN7FY0anpTNLrFtnk74iLRi+TzNGRqACT5M/QpVmSm3f/G8HDNP+m8MvJPvClyhxRxW6UrJQ+4tk0rSp1W/VQY9OUEvCqZTarG6AJCNusuI38VeGgcQUMJhR/1KSSQlbdzsYSj7CiJt0L60ZtdEnb8YvW1g0zdw9PDjLYw6YzBeUq7e+gSSYvFnVzWggb6JwgnCgmsEXP8Tj7yj4cYBHLR1jo27m0LIbLl8KewWDTu3rKv8vQy60v4c8tIc3UOQBaL2YB9ybJqLZojcNrX624ukHf5y7uYj4j2ZAqkOwlNEsiWxic4iOV6HkKJna7vfZvEpRt]
bpschuck:
@@ -134,8 +121,7 @@ profiles::base::users:
shell: /bin/bash
password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAa/0HvwkmraQVMB7rIaJUEH9uh2SCb+gUGFvVhUfdc8BQ2h82CXBc3TwAKJBav6UwzVHrGQuXjOmL/J17miIB8SDV7RYe7xMJbYoaeWUMCXO6jwUnYc4dRzNTc543LlUAmehXNJsnollbLh82GUIAGhsBJjxG18+OeZHFXlq29WR1OC0hRC5I4Jo6wKG06OidchIMtdLxUhzC5qr4YNLSXavC6mA1VjxEZhiXB5PiMoxgZOnQG215G1rVzIgXSKNVQJULk4hf54dtPrI9v1mSu8Ejoa3OIMLBmiFvRCQkWBtG3nKBqP1AtzEQGJq9q6HKigVjq/R6yGIHzdgAnngYMzCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQ6XcRs1Gj9INpvO3crD7vzYBwfPDeuNLyFcYQbJDi33amxTJTQtYg54mnFmjyjmWUdZycMrxUhF1qfOI1PHcBj18TTpBWl5dgp4j0/X4k3dxPajGuWsJSdAAXzqUA3fnugA52maUsTc2s6VaCW/fltaG07+1mCKcgIfIEFDR8wEM8Cg==]
ssh_keys:
- -
- name: default
+ - name: default
type: ssh-ed25519
key: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAsW4Nf4FQVcQAcctcyrK63zN03nEuPt3duCquRcPdsklVrrSyJW84niPuLtXRANnfduAvMuyFbUdPywudjX5Efu2JsDC4olJgZB8LCufJGnY782tzCzV/VXaYPbv45C2OMpLSHCYeWkLxKgyjfLwlcKfOXH7PrWVL48Ap0cTfP/abhjw3RB+6KnTYWPaWAWsHqdmYhGX3KqdSPp5cCUpAKDGcXarXiLT/LEJhHHUbPjQQErqWSov0PSymyX4lH8JVQxncnz0wMQvgPqtrpWxj6V81+1+JjCOJrXzNqDQy3AseiPEdPuvm6iJJG1o+kjY6cWsJEP1HbunUup80n55nyDB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDh8P2WxKpOZRP+/k12L0iNgFBteIoPMwyDEcs8WiJhB5AeU1Yf5jeISbF+vWgdDn42wmn/EmqET7MPbBSk/OGltguaIhGEOL2/a6ubwV0ZJxu45i42zX+ug/AGJmrcPMcmCg==]
davevdm:
@@ -145,8 +131,7 @@ profiles::base::users:
shell: /bin/bash
password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAuJ3dAsmnRsdaTLxV0/1FyyKC8oFKBBABTvOjZp8qvnfkrz3okP51+mPx+PWNSZPLws+mFBqcWwELvDVt9yTr5MiaOcg1qx9jhtNpPyNyl1d6CUa9wS5cRBJaBNxT9x41U17ps+1NkoEOybyJtIyMVe8hlaL9UGnsnOSJAw8SxVI0b3QMv1f1VZwY122DQgu933L93U/ERSF0torPUFoF6CVQmGK+4Pe5jTcpD1b0Hr0k+wFUTSBlK9bajmWN5jFmniVFYNH5+OZbYdBC2XL4MsCtGJSOfm6S7myOXjn06V2FR1VSwA1wxyk8g837onE37l0vXA1dFQw0KoJcUfIBlDCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQK6wXmHPq98j6dQbRyYxqYIBwhDPj8ysITuKy1S2nmgklaU1l5HtvTWwpqP9Ujhnj0mxXpKoed2hdIuwzbZqKz/x5qy648YLQoiHMWaVdpJPz0RNWllAlfRMYQyz0jJ8H0+oWZ/xjoRheANDwuv+UVMblCpLizTUWcrOpapoTaZwxbQ==]
ssh_keys:
- -
- name: default
+ - name: default
type: ssh-rsa
key: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAPrHIrmBWXttl3t9oLitBjV93SSqsSqPljuPFzquuDEetz6e/nIhZJgAFTunLVIE4txxjBVFZwrBk7QcYZ/kT8+Tdvbg5mntQyM3Tre0vS5YVcLnxESBSVSQaA/wpbRSRcVx61wZLZHRztLLJdBoDms0LCJdSaWv8fJUn+jZ89a5quozNgizd1L8VUROWafha29h7QFv+6ekJ4/x5gapmqHYG+QmfJzOxRzLdQF/Ads6KkQmVjK1UpTQR2QGWbv5nD6ch32qlKpG9fiIrvzAb17pKLdVjb1o2clwmZwjzH96ORHIGTYc2eUTUJaKmF2CcyhTQXD0VgeA5ks2xtsg/WzCCAa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEAaUBOFKINd++8UjAgwgx4aAggGA7yCLM24lzjTg+mPjAdiHtwIN7aswL9g+L/ZUk90A/Ifp0OKPxJsmAAFunKTGNnTWGJ3JsRIwwB/w4IJvS0GOxrbIEeVbtg5WhsXMe30lGjyaIJpTN9hzB0v33GU+4vIssdhUgN0FX3LENq9UCLlWn2wGnubu12jvdbZd2+9wo+NHHvZkOByEAjAoEQy16xo0UarEv1+YDnYv3iUjCSnsnjj2LSfVqpRQnhHluvcw8oMJi0io2XGeRi51Qoe+MVUGYPzx2xPMBEY2xMlU2hxCaSWGRo3GZWQPuKNWNFft6n8I9gziXwy8VTQfX0cFTNHfwqj/FSEX/iwa6xQNcdYD3jpKM7N1H27lu9+0XhnQy/i61Qh+b4fkc5oht52LJjlTZMeIpgOMpf1jOXUqMVhMi54lNcHd48MF3aCmnb0Wif5fXhRdh1c4PUcn4u3yXQMdnc/XhLBGws4SN4SgZHYaeU2kx5UwsHJ8g3rjvDXf7bxqQvm3N17YuwJgk7WAdA53]
dinoex:
@@ -156,8 +141,7 @@ profiles::base::users:
shell: /bin/bash
password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAbtFryYP7TOjfBp47lzKEc5awCVu/YS5peYCo01oS9H+U4xmto6vvxqo77IR/1Z4vnFgubSRCMY2BsSwq8t/wOdUv/uvnXPtG2JbyISfQVLXuwMuM0u8gNcDyAo+5HjVRYqIn+a7WaBLFcK0IO1uYcuKWaUz9McNxv/p5oLpZjA5TSqdyGIa9gUu9PrLw36hO5h1cEbLGeJh5Rv8bILRtv6f+b+X5bIOPhhbTm9WGpj4+6uHW8kHNsbM6sLFdLiEMxCD4RWHGGLqRUELeCe43qidaqDl4SSAbhoj5dZ0aBTPUzVeVss29I739OYF65YA7GRyT9KQvYe3EYYM32Q3+6TCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQZ6KbScQmmPOguvNQNXMzEoBwiX/iswt0IoLmEVF2UJBn7QS9Z4XdvZLDUrhv7HeGGAssqkZsoGXNyllnv+3J/PxkNR4Jji/jjJC+rCuKzLTiVCB7tvo+a0EqWjVYi/qyEzb7kj+Abd3ZvQbaxF/FtaYQW+gfVutXHK22r9ELbiNUAQ==]
ssh_keys:
- -
- name: default
+ - name: default
type: ssh-ed25519
key: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAEv9/oME1zVsCZgAOQL/q2CO+IjDZCkMFx97XEzbmlIT3xgY6s/mQ0bb3IGbUxmABZCno771ocv37CHQwbSVjFJjvuQ3j1gpSoN/QeU2HeQXMl48tJ0Y4ouDU5SFQhN7rbh+M6/BTeoKPqX7XXXzt2++cXCa4TH3Qqhuv0Ooi0KAcKamFqr7cNwmt1POT+MSxHWNrhyKmtT5SFxQg3NGyZx+oZnZIuA0z0DUCs1WmxRe3oYwfqYcUAVQsi73gYAmzjbbufIRs33/q9h0SGdQAGYlaT1OQigBMZAAT0z66u0hM6qhChcYb0LkLpSiYuMpuz+VtTPhFlt8/VUYRW1kaKTB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCIZUNksq3f53Y/UvSBuhlpgFBFamhUw8Ni/Reg8mf86XJ2ueweLS7HlGgFm0BYJz7yoBiXzaBm2r7AP3PJnkDgA94tWYiQFi5oygi7UDAqdFLnEM6qQsygZ5e/dWxF3PloBQ==]
edkapite:
@@ -167,8 +151,7 @@ profiles::base::users:
shell: /bin/bash
password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAeW7DqxspLoev9Ny/GY92DO7hVf/Eur6QGRIwnOe+nu7JPdlPbkHF7iy+4m6hXgMgkxOgRZt2KE4pKVvgV6H4Tb89/X1L4oXGv5lzv748Ik8wX7OtL78rlNX2HvDNJrgi4Ho03d+W8VilIqoycMo5yvCcM9KP6K/FPitiQ8MePNBwBlaPAaW+j9obDojV5Yopxkpi2XDevs4VyZB1GEggVBJRxZ9SGSCGbAmmPEaK7RyXEcDabfmkBDa/VUtYrk0LgSKFL8jl59P6OQty8IikEcuYSLDInPo8ACEsGni7rSNXdTTocfJ4lhfBHijEJbHzLQZQZOTfxsJoIr2A/jzkIDCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQSZUC6K+kUPgJCa8A7WH3G4Bw8luHM2y0AVUzwmE7JZfKCv0ZRdLWnkSgvX2RN6ToLTX2gncuQuhVEmok4fsmahodp1mfqeVbext8bggmu1eSLxA8XBwh72v1rVL7ttLaQGDl3VawkDgbh6gX7AzABjyMGP+uLAbeKoJ1IsEo9WIhbg==]
ssh_keys:
- -
- name: default
+ - name: default
type: ssh-rsa
key: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAQf9k9VeRXTmGLg649fal0pSLRU+pwgEYdDkvu6euH93cJDiQ8V+HQkDwnJCV0Uw06hoKXwLMHaOWkQy06BTQXSb5eYVK/i26ADrrpN4cZeeonGPS4IkYlMZuj0RkfFKYMXD69AR/on0hxWJp/B3+ro42k8sCDqvzBuxhp9saiilVRkKAs4Ai8fp7OLcKDVrGTtH84oILLGrNmFd5ESUYOpniMwsZkFRsNz+BYA9zekSOekoanPqJzDOGCFMrtWNYcqkueJzVy26p52QD/hVzv/qciH4+UQfwJ8CS0FoEq2tesByo6QcB0u3I65vNrYsFPKrDNCRewptU0VsQzDbYyzCCAa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEN/muZQElLjvkI4ZNeyLtoSAggGApgpPf8nTDvwEZyDWzkbDyJXwwt6Pcpx/RK2Js9wrtKaKcr5MXadcjvw/mLMShOaZM2IX8iuv4VLhWMlQZZVLQKUBVUerJD/dAsaKOX3k6VSvvNF6m/aZq92r2AOVcnf/NNi1eCUCubTP/a8G2GNwsJbeQkDqc/TEgRnlw3KX0O35csy995ZS44fOpWseBnVhVe7NymaPyhCYam3+/M3r//Bo9enmckWWz/NcOk578HfAR3P6G9pXlJZcqextmlUMFrauxKNg+cEhsxDvpJRiDNQzeKoHBJRlrJTXfkCxCVsX8wFHUHJT5usryp1xNcAamD41JAsPFeSu9nwfXvsmOzMNTFtkApUR0mb0rD03LTgJOsvG9OBC147OVsYCeuFXWiLgI/KvkemSM+dgdPX2je+5e+aOMPTtELsb40gg/k/h2jaW27ElnUkFt6kZVTgA95qTopwrMDvYvbEkIHQwMFKgBRmuB0/MCBt2CvPVfcvNlICAQuCFvRrLf7NR0HWR]
mish:
@@ -178,8 +161,7 @@ profiles::base::users:
shell: /bin/bash
password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAJgGCZlQI5dx9qCtmJMA2E1Gm3c7lEEA9PYGJGSCCKzZ7lXwXc5JXGG8VZXgw8H6Jl/4pmk5W5h2/ZvG3XUq3cjIn97ctfk7oonzT4q1byEvpsRZZc+OMJF7dv/tdZm3okzUU9ETUygcOvu4eurl2N79EhHmKzQagwt1UWSByKn0GO438qA0+nep3bjIDzw4sRvdcJ8rKWJj7ua/fuvP91HLStcriHMbKg707KWRXVc6N9DbtyNKpY5d7bQJGvH3uhyO6O91a7csJSHdFSPRVAY4cUB6Kxbsu04c5i+v8NVHNXugYT+VchLggeqB8lC8/N62Nbl16HylzmhUjsDm+YTCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQd6NYPL0JlSJjJhhyhY0Q/IBwFH94+5wLrw6hW2C8s2vj75y5cQ3WAvJ/axC346/yAQkTywCb09eeI+tHAQ8kKsk8FFOBFcM0y8hKMyAQz9+ecc97P1SR8bDgw2mm0QzlUG1J+yUDMCmlsSQv+wsWMk7Q5AP7IpGpz7NuwJVHenw64A==]
ssh_keys:
- -
- name: default
+ - name: default
type: ssh-ed25519
key: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAX8bFst3ZPRVLttBBl1rD1rrjeyC0pHFYd6RbezfauA3LhecNGyxlpGS1ivcl3+HPfPgSqnkFkOnVZaRE8+TmWtBCPPB4zpVFVVJm2tpsj0vH0fmUBasjkW5NPk9krf8I0l8n/zs32W41XURmwvlEsB+VNZ3ttRsEpVNflEzIGGzSRTq/iI2KYV1jjKsV6ns/KBB3b/GPZr0lJ23xojfJtEyCJReLsSbljeZY2a3kuqD1vFiWpD7B5fNY4JSXPaMxkhUkWCX1RUsjJm/dSnMLOZK5GOIoDkYipt4XCst49QWNl+/r6vkBngM6sbQES9dkY3/r+KR0Wt03DUA5U5xmezB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDrw85SmW6AK2vuGp1TP21kgFCYO/l/FrI5fZizRwZyp9U2uNvDVcG0/JDKoZKflY+AtDtw3mjEk1LngRX8QdrpO11MGImz6qhxTAgRY58rG6kXzZIHYok9mrPcsLY3a5mB+w==]
sat:
@@ -189,8 +171,7 @@ profiles::base::users:
shell: /bin/bash
password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAGhOLy4zMuhXCvUP3ibsDzxs+rS59y54T59J8BqenqIFD3vcJRYHUKFOxTdy1Fl0LtfU57cebftorAJUQYMIS/obM3c7PUXWlPa5Tc0wwBl50plYvWnr6s5qCTa4n6gshNoTwPcNPFKSya68bWfhRbVrl80oyh6+bfAkZFKIoDf+b14abrFyGYnE9i7JG65fuDrsQGSxqZusHW0Cm/pxUwne43qL4mPWcCVN1DuY456WR+ZDEum38yA94rkOPtrvoWTSRQDoPfA9YLh508P8p6SPa/ZbTbdkRQfvQI1bMU1K4qTICQUlf+5x+k1O807ZzmhEEUP4A9CKDAACm+HCQkzCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQlApm2cR5rrH4MzEZyR8gnYBwPVJs6/bkdDVU9sF34s8G66wfQeUdJvDo9AwPXV+pOdT8Mxbas1bVuZVk5dJATt+yVhQjgP7AsVwVZ/oIVKxC1B6AStxChsYLEfp2C7jxqCWOh09o34bainKshdaQLddArsrf8b8rv673FeGMC0dQgg==]
ssh_keys:
- -
- name: default
+ - name: default
type: ssh-ed25519
key: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAI9U2/fk4XrZBFpofjrQ5O3oiYOb/74VI5HQQxL9SgjGUQKHr5+b+A2fv//89EviXo/mI0EsR55PZyamkjavJVWt0b+AMwlSu1B7LWPdCu+5dxBt0LzF03pybubQZkdFsu/9/yD4sEIbd8N85/VqNXv4Nt6P+bhle0pbp6jl6bgcvn5ppIhGB0+SKKQqzHuz+xOD5OV6+S63uxkcvGPujhycRd6qzVjTisTp2ZT7YXZd24HJpOSrapYXhlY+5oV/pYysJPimlxchkLmLDQmsOZeloIf66yMtlzpiG1Rure5ZfRAzjSDt+NocPzWqNXMVCveV8A418OOcuBljq6fdmTDB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBASCLj5gcdCKa17ub6WyYoTgFDYwFpMIQHKgxUQY6TmHFobx++54j1s6CRQ+IKu/2e+bhXw+5OUoq4RZ/qtJQdeMsOQjk415kpVckrDMagJCyXZzmZgZULB5ZfNcTH5d0zfTA==]
waclav:
@@ -200,10 +181,19 @@ profiles::base::users:
shell: /bin/bash
password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEADzZ9Q1Naa7TQMVc2VNfb356HQmyjOiHgcrK8MueSvrNqNACG4NgwFbVzeJthUeVwPjy4Hk7w+06ifK7jiq4N7hOBTOO0zdbxzA23EQ85Q7qZrts0gYp+r1CJvMv9meMoOAIvyLizoTkSU5aO9lTPu1TAl/A6LW0c5Ya45cbNCYXqcW6fRjiYJj7/S4Co8lHeWOaHy/tUzpDc9Quyxd5vdWRWgKx/8ZILyATtk+bdkxwVVyW46nxMmE9O/RNXEOGrdIAled6GwcixoDVzwrq+pM4/DTijCBPVMIZUyR3tL2H4Fr9p2tW1LrzEo3zudZP1C4vZqoIVqu/G1dczp0JuuzCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQR5ZCSfFnxZGBQZtqzRjxCIBwyU8pPLvPgJ5tffhx9G13TdfBHe7W7MqOjJ2xjXj+Aa2Dr613SsLxh8X5ivyzuwX8wrm/nmuBD/uDnfPW+cOS0kUnW3MTgsENQCBFKTL+vw4+FiP612whGf9uD5oUPxRWT39Msxh+Bb7J++ZfIyAfNg==]
ssh_keys:
- -
- name: default
+ - name: default
type: ssh-rsa
key: ENC[PKCS7,MIIDnQYJKoZIhvcNAQcDoIIDjjCCA4oCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAistES1GTDLBO7nex3K/G8qWA3VOFRibcSp5uRCyBrudPZk4EKcyzZuFz55vDoXJXywjfg3mye0vIfA87JtFAfNmUrwZ17Ez9kP6W6wrPzpc6VblnAgItFklnvInScgXGKxK1HtY4G3AUS3Ixswcmsh5AdRPM7jlGShhAB19MYhBSHVgStZX8EDBRA+Kw2pLi95ZqNTZY3QOIPmsMgEU9rp8JWZ+kjJ9rwHjVN9XxcqCagPNXFYmMwTw5OtvO82a/EOJQvuZAuqtNtdwHvpHKMujPowF+DBTXpHwhhpiEmDZfRF29Yfjt8KlqiPjKoDBmPedoQ62gS3pa4BRLtfaVdjCCAl4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEENUUBENShmXQitBNmpkVdDmAggIwpJ0LnU7ef+6gynNYQR3thmHveyNyQ3Eu7MynJ9Y7O7i9BHDTN19KEi1L1Iim1FcLrgt1p9X9pjZv/5kXCdf2x8qAu7HSgiONEdLWionV0wriD8eFrbVJn3GfBCdC7aN5L0wT7xFsm4MD1yB1CHUgXQR+srRO77+iuDTnm4gfVah+oo+PS/9vqw7LF4jmps8L8DelXYTjBuoM3GnY7tJbTiUPV5/rLhpq+hRIvR8zxytvjaE+kOk8lt0qM185YrXWGUCjnrgSs+xKQvPuGTNIBN6bXATptA0u4okGxOE8glTBuuL3y3nnsI1rLuoJFNVNCGVj92DaohnLoJrJ44jmsv2QVEOXR8fd5Hg2CsV5/pmZPciHaEFEN31fmiLvpaJe7wG0vq1kri0Dk31ghISNJsRTgYO+yW/xI1jmSHiGttAMhlRUcQqNDN3Bdsn32vHE0vHphlRHfDFuqX54iP9jSnQMAsHS8O7gNovslu2TLKxtcjQOpha1iDqFGdg4QyqF2jmNnR9rHhCbF44uaTadefzMWE0Gya/UoRv3j4EWrsWwXd28tTOXGF/yxZEXfUo3y3F6DwIb1ko11M6Z3FE8Ya8BQp09FCAmYT/KLFe0KMUU9f84JuxE8dxY2QBlYBzq+oO3wnRAVmPGBTcQ5+8VNlzpSssal6Up5vAX6bNnmeBJUka1QHvdNFBsdY4+mHicAmznHRaE48ipSxmoLovqBzpzM1bVtsd19xs9HT637Kk=]
+ kim:
+ username: kim
+ fullname: Kim Nilsson
+ uid: 1017
+ shell: /bin/bash
+ password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAniMvqpW3QESL5lVRrM0TBGv1Y+KxUdCAVdkmvAz1BOoLtBrH9ce1bGu8Vc26IYKjeUdocD8i18uLuAqumosEQPjtMROSqiYQps2lUFs5oZSZ+l6FlS6QNrppQiPrv4F0MEbr/mkdPsNI+FR1FvNnV+UjUnOt0byFj3JNQa0v6qpSGmMaAOwBh8athJwFggok2gjku/IxCeruSsgYw9VQOywY4u6GZcTLXhQ9ndJqV6G/Sau2IizEVAfMI7DW1YauVdV/SjsT7eYRjZ93V++Cg+iDdWvCUYAx0c1Q768xTkc8JTEq9Unca4Ox6F2xej+9PtC9RJwTl44gLGbhzU2i9DCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQhJhROlF+O8YDQSGhy7RRI4Bwj2x7TI9bE4mF9fsHJSStiMGciLyBvsJU+wTVpb0xYwlDJjHb/UdL91h385KmIHX/W7L5EdhUiZIiEe/tZ3zny1/Ain+FmlblXELLjJWq+SkG4eWrwXHlfknF+7VAeSfHbaw1MkCDBDmONebJhdtq2g==]
+ ssh_keys:
+ - name: default
+ type: ssh-rsa
+ key: ENC[PKCS7,MIIDrQYJKoZIhvcNAQcDoIIDnjCCA5oCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAARaQNN0Ob5c52Plwu964s7oaYVstGId7NGWbSbq7ztxOGsueozE5jUx779xrZ+Cwgqg8ciEsdQMc+3YwE8pJqsVwIUfNkmVLNzdXFcelfUG2AaHTCC54BdlHDid1N+yZA9iA1384s6S3/1b+utqwrOo80GK5RSM9n6vKx+RZc9gDw0hXgbIfGf3VUzB5I8jtGQy8ogqd0pBIJEjaEO3YmbfoKQ3ZhhoaQWs+EXdXX9QEp9azxtDQ2u7B8Uq++8PmURIkwJ/o1194IhBvxTYXOEMzxsFodsNGgnlkBHq3FNzV2TRi8CjllM1rORIXe9IqAZTUtD3VAP34BN6qqlndJDCCAm4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEIgmS7F3nZn/xQYI3ZPw/3KAggJANEs8cZnNr91lLtVs9/IkpDumtgBP8zWo/ftMDXI6ABwVsoqkkmSv8Brdkj/RFl9Ifmeb/kivucwkq/FB27IcgRLLbb281Bi/UjHl0JG8A127Rnu1duNwTPFohxrm+0g0GyNCxZOOHVpkpcpaOPxO3+sA+J4eV+/97V9na0n0kPJ1MbH72gGi5snQFZgIqHVbHSrHLGVtjZutfzvulLTMYR7upPkAyIWiLgMr2zlOlpP4+OS1HFLKrGs/bv6j7E02z8CfXRp8eUOWI/CNV4KrB1sJDCZoV4RUCaXbv3lLAaqLNyqaEx012p6jkwMsEKwk9ILavfT9Qt3mc5RDooN5KFMzca6GQS7wARgUcyAs6hqAg2Xi4bBdDVd7QOmKExUpXTjZfuEi6y3chmJCSZ3TBzZkjMNg+/xwUwl9hKj9+UJHvlKz3bvfCy6JlBrkoCVNN0ax2cHiP7btJ6LoSQKqLnj4d3Z+GNMN2ROVPVUSRUY3WPdONiJhJ0yi5eOmAPoqWL/9ncVoWWmGpMwQEd9cCydhxd5mhtLlZxN1UjCLlSCjVRv2lvW7xciaoufgoeBSSL4CHzuHHP9jNv48T0q3YwGEr7sZIHh5cud5dUYtZb3yzzqMPoY0jM/bBiX9teDGNQHbWW1Sj2CuFBEYHr6KQVtxsGehcRYV7lg5/OPB0Q61LKpUzmLw2Joi8AWYVCRqBa9ZNuUeongm999UtgVxyCfk9GCuDsOM6OPDbrdFvyUJ3CAavNSwpDOv7lt1NsGx]
profiles::nrpe_agent::allowed_hosts:
- 172.16.2.18
@@ -211,46 +201,46 @@ profiles::nrpe_agent::allowed_hosts:
profiles::icinga2_agent::pki_api_user: client-pki-ticket
profiles::icinga2_agent::pki_api_password: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAjrore6zK7GJXbP9FZ6ORUWvpt7FS2fXHiwB+
- ocTcmP7F8SnyCjYZ/a6S7eXPJVffZ6pZazozfUmW6HXOVFcSrZZdccEcZbFt
- ZnQb9tp63BCHHGwqI/oj0jVdInaTXE1i4yQTjev/twzblmHIrEndfZnZzyAd
- 61cnYuv8og5p5pccGYYoXBcPcguB9KtspfYL/eEwD4xNvqF/QlkAEXKZ5o39
- p9j24ao57Iwzy4o/dgI+MOr9NIMEtmXoIb3Ake3J7CaN26IuP22MTivFWf5p
- 1vlMA69snYOifTKIw76eNACYCz+KA87dWDNEsR2OtCCbQ2EA1nrAXTdlYWdE
- RmIpGTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAAs0An2QOnxac51GTU
- gCG3gDAX0FOzW/oWi8c1PDIFb+0B4cTQRi9gP2fzugKu0bp0FBB7akZV6Zx0
- T5GP0WQAzU0=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAjrore6zK7GJXbP9FZ6ORUWvpt7FS2fXHiwB+
+ ocTcmP7F8SnyCjYZ/a6S7eXPJVffZ6pZazozfUmW6HXOVFcSrZZdccEcZbFt
+ ZnQb9tp63BCHHGwqI/oj0jVdInaTXE1i4yQTjev/twzblmHIrEndfZnZzyAd
+ 61cnYuv8og5p5pccGYYoXBcPcguB9KtspfYL/eEwD4xNvqF/QlkAEXKZ5o39
+ p9j24ao57Iwzy4o/dgI+MOr9NIMEtmXoIb3Ake3J7CaN26IuP22MTivFWf5p
+ 1vlMA69snYOifTKIw76eNACYCz+KA87dWDNEsR2OtCCbQ2EA1nrAXTdlYWdE
+ RmIpGTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAAs0An2QOnxac51GTU
+ gCG3gDAX0FOzW/oWi8c1PDIFb+0B4cTQRi9gP2fzugKu0bp0FBB7akZV6Zx0
+ T5GP0WQAzU0=]
profiles::icinga2_agent::master_host: monitor.infra.cacert.org
profiles::icinga2_agent::master_certificate: |
- -----BEGIN CERTIFICATE-----
- MIIE+jCCAuKgAwIBAgIUakjWIH5VKmS7yZycSG7EzfIYWkswDQYJKoZIhvcNAQEL
- BQAwFDESMBAGA1UEAwwJSWNpbmdhIENBMB4XDTE5MDcyMTE0MDYwMFoXDTM0MDcx
- NzE0MDYwMFowIzEhMB8GA1UEAwwYbW9uaXRvci5pbmZyYS5jYWNlcnQub3JnMIIC
- IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArjQIqs6zXncatT2luZImFAkx
- XwUnApePQvxJ98cAyirNR6Ugh95syo9BP9PJvIojjxtuPK5FzZmLi3c5UO3ly72Q
- Yxho/yZ/qLllmluhreiMAcofDdwyo9X9kAfexjeztopdY2flBT7LpQ7txuOgK91p
- WmI2uH5Htjwtbumh4E2UO9NkenFpNpUVg58mBNZpnNDApYacj2zz1v2WBFgaM1/3
- UABD+HicNd/aS1ji6eMOglgq5arYrfKZxpe2GgVZ50xfvWrIfg/C7HvU+GyghS7f
- XgpyzjLQoR9gS4aAPIvb45hG4p2u3Fx14PR3IynYtaZV3KSh5RNKBkQSlu9hmVRS
- y8aR5DqneDmTVX944lvlr1+x8+Xy37DZH9+6Bq0mBrnnlEc5y7ybcreuUm1Vx30l
- /iZfnt8uwC1SyB2J3ZbtXK9vIPHG097rLl0l+Rw8eaObaWl8rn4PVjdAUaFI+q2B
- hep8b4gfyF393Ih54OTYCI5QyEbBPP7syTCSgrWDUUnLv/ar2AvXTfzzydqmcKsz
- Yliok3iZfjf61TETTpBjqkKHTpS+mE55L2DSS0R1X0JTbjwmkvANYQ80emKk49Xa
- k7IqYJYT8+h2wDYambcTR+rhBV7c6QBS+phCPqO+7miYdyDeZCvPtQcO3lxMEnVv
- y2nh6+8BvEveNfdTNOUCAwEAAaM1MDMwDAYDVR0TAQH/BAIwADAjBgNVHREEHDAa
- ghhtb25pdG9yLmluZnJhLmNhY2VydC5vcmcwDQYJKoZIhvcNAQELBQADggIBADGz
- W4rXl1xK5qNHRWVy6wqH8/2OkZCg1O8X1b3mEnYYXyXRB8L6OKDUDfNZaldACegT
- aEmEzBL27+/7wW6SymWoL74ni9WOZPqJ3GsWtHDUWSsolvQWHmYFnIGTOm+8PsVw
- L3X2ftPg1krXhTWevK4rZdLNh4KM4Gr6nFHxiuxiOV22xqLSaFh/rVd0TNlpgCIZ
- oWOsKYrqx4Hudq4blDI0w0NLySgOVEgl1EJA/vED1DzOFmbmuvujODUhjm5sVvuN
- x9Zm4G0KuZX7LgKc6VeGnAyAUzgrD/uhZvc3oAzmfUUC3dx7tWB7WUuI9ji9bL8v
- 94oXsQ7Ig329RdSsE3AoH6w54cVgCEo3WZ7j7z+ejPPLI9DbvFFwM/JFEO+A1cPw
- EEUG8bSHHo8Twe5tgTwr0t1Sch3D5Ur7qv0nBAjwphEVoIGiu5yudmFbscPgTz+i
- /NPtJ1zZ2NCjLabeXmaSq8Zxy4dCJ0YJ6fuFz2SKd92RDO4okhDbRgnW1RT1+eAT
- 2dNvOd3V878PS7BM3OAzZTfVnVD+/DTRyUHAz07iSB/1KNfEfn3qDSTapx9PL4aJ
- X74w5WZ7FlNdQHRFvvjNI849fVb2MoLxeIwd7W5flv6gpLlMX49PMp62ZtfupbRJ
- 5AtYgSC6FbF3WwkRKTz2/KZi5j0oCHqxl31HY1Hx
- -----END CERTIFICATE-----
+ -----BEGIN CERTIFICATE-----
+ MIIE+jCCAuKgAwIBAgIUakjWIH5VKmS7yZycSG7EzfIYWkswDQYJKoZIhvcNAQEL
+ BQAwFDESMBAGA1UEAwwJSWNpbmdhIENBMB4XDTE5MDcyMTE0MDYwMFoXDTM0MDcx
+ NzE0MDYwMFowIzEhMB8GA1UEAwwYbW9uaXRvci5pbmZyYS5jYWNlcnQub3JnMIIC
+ IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArjQIqs6zXncatT2luZImFAkx
+ XwUnApePQvxJ98cAyirNR6Ugh95syo9BP9PJvIojjxtuPK5FzZmLi3c5UO3ly72Q
+ Yxho/yZ/qLllmluhreiMAcofDdwyo9X9kAfexjeztopdY2flBT7LpQ7txuOgK91p
+ WmI2uH5Htjwtbumh4E2UO9NkenFpNpUVg58mBNZpnNDApYacj2zz1v2WBFgaM1/3
+ UABD+HicNd/aS1ji6eMOglgq5arYrfKZxpe2GgVZ50xfvWrIfg/C7HvU+GyghS7f
+ XgpyzjLQoR9gS4aAPIvb45hG4p2u3Fx14PR3IynYtaZV3KSh5RNKBkQSlu9hmVRS
+ y8aR5DqneDmTVX944lvlr1+x8+Xy37DZH9+6Bq0mBrnnlEc5y7ybcreuUm1Vx30l
+ /iZfnt8uwC1SyB2J3ZbtXK9vIPHG097rLl0l+Rw8eaObaWl8rn4PVjdAUaFI+q2B
+ hep8b4gfyF393Ih54OTYCI5QyEbBPP7syTCSgrWDUUnLv/ar2AvXTfzzydqmcKsz
+ Yliok3iZfjf61TETTpBjqkKHTpS+mE55L2DSS0R1X0JTbjwmkvANYQ80emKk49Xa
+ k7IqYJYT8+h2wDYambcTR+rhBV7c6QBS+phCPqO+7miYdyDeZCvPtQcO3lxMEnVv
+ y2nh6+8BvEveNfdTNOUCAwEAAaM1MDMwDAYDVR0TAQH/BAIwADAjBgNVHREEHDAa
+ ghhtb25pdG9yLmluZnJhLmNhY2VydC5vcmcwDQYJKoZIhvcNAQELBQADggIBADGz
+ W4rXl1xK5qNHRWVy6wqH8/2OkZCg1O8X1b3mEnYYXyXRB8L6OKDUDfNZaldACegT
+ aEmEzBL27+/7wW6SymWoL74ni9WOZPqJ3GsWtHDUWSsolvQWHmYFnIGTOm+8PsVw
+ L3X2ftPg1krXhTWevK4rZdLNh4KM4Gr6nFHxiuxiOV22xqLSaFh/rVd0TNlpgCIZ
+ oWOsKYrqx4Hudq4blDI0w0NLySgOVEgl1EJA/vED1DzOFmbmuvujODUhjm5sVvuN
+ x9Zm4G0KuZX7LgKc6VeGnAyAUzgrD/uhZvc3oAzmfUUC3dx7tWB7WUuI9ji9bL8v
+ 94oXsQ7Ig329RdSsE3AoH6w54cVgCEo3WZ7j7z+ejPPLI9DbvFFwM/JFEO+A1cPw
+ EEUG8bSHHo8Twe5tgTwr0t1Sch3D5Ur7qv0nBAjwphEVoIGiu5yudmFbscPgTz+i
+ /NPtJ1zZ2NCjLabeXmaSq8Zxy4dCJ0YJ6fuFz2SKd92RDO4okhDbRgnW1RT1+eAT
+ 2dNvOd3V878PS7BM3OAzZTfVnVD+/DTRyUHAz07iSB/1KNfEfn3qDSTapx9PL4aJ
+ X74w5WZ7FlNdQHRFvvjNI849fVb2MoLxeIwd7W5flv6gpLlMX49PMp62ZtfupbRJ
+ 5AtYgSC6FbF3WwkRKTz2/KZi5j0oCHqxl31HY1Hx
+ -----END CERTIFICATE-----
profiles::lxc_host::dns_forward_servers:
- 10.0.0.1
diff --git a/hieradata/nodes/authserver.yaml b/hieradata/nodes/authserver.yaml
new file mode 100644
index 0000000..3cba665
--- /dev/null
+++ b/hieradata/nodes/authserver.yaml
@@ -0,0 +1,16 @@
+---
+classes:
+ - roles::authserver
+profiles::base::admins:
+ - jandd
+profiles::icinga2_agent::pki_ticket: >
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBAD
+ AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAMuwyVWL3VEdgAS5HvM+RltOUGC
+ hPe27Eahu1zUxp7f48aJ/VOsmgHm8F1YftyC1AndzrJ8T84Lm6Ur/NZ2RkoV
+ ZUhEGf6r2eYb51NejOwCaZOvVODXfl0dqhUloU3Ro1PtH8uAsaYdouYdpnqD
+ bIjDpornfsT4T7djqYOfchUbXM7A3u7pPRpukpUHFiPeAb/nRHvKH/xJvWXG
+ 7BzehEJNGERQ5DERTJ83Y4yjZ3V4mtTbMk5GpZ3SgHtui5XigCSJoeyhcX5o
+ Z/zBH1fRe7iO0f1QCIR1gZEB4T54KXGFy4WXEUuulBO8h0BdkM2aGQ+Cgw0X
+ L0YPzwDKzt4kSl4DBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDIBlhjSM
+ DvwLO0SRosvFN9gDD+lGsBsFLvo8ll60Nl5FxYEW160kr+PTvxBCu/2R435b
+ IRkWxuqR7qkTpqnVizUao=]
diff --git a/hieradata/nodes/blog.yaml b/hieradata/nodes/blog.yaml
index 3c2c09d..5cf35cd 100644
--- a/hieradata/nodes/blog.yaml
+++ b/hieradata/nodes/blog.yaml
@@ -6,24 +6,24 @@ profiles::base::admins:
- jandd
- law
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAQsBoiVwx9vmrYDxh7YuvesnlK8zu9EZ51RIV
- RbGlw6iUQa+93uIv4v8dsdBTuRzaMs9TDm+zYtg8rjv+yvBxXNLTvPGywQLk
- QmnN285KQZxLYjEMYIhskEmqYiCRa3yizJsHPHdnDfo+ddkeOBA6ggfeV+q6
- nTKO4E3xhqzhf9nM1dH7wmEtQGwUf1w19DCuXZJF6Umy6RqqR+TWJEyqLzdv
- /PLmK3uOzfEwqTbiD1kr83suFyksAeePQdgIzHRz+sCOdr866YpSHSUdJZgc
- ytNY054jmupwdqTfg/jYYtNWWToHbnyUBQuVMPVlNB3o2uDecSRkcRaQbyih
- 1PvtizBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAVe9rr+qrIzyMWNoyH
- rzk3gDAzQ3tgLcEabWZfImVtWIACq224h2PaVx/1YkZAVUH7YRbcvL81JJfJ
- wfhG6SBWM8U=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAQsBoiVwx9vmrYDxh7YuvesnlK8zu9EZ51RIV
+ RbGlw6iUQa+93uIv4v8dsdBTuRzaMs9TDm+zYtg8rjv+yvBxXNLTvPGywQLk
+ QmnN285KQZxLYjEMYIhskEmqYiCRa3yizJsHPHdnDfo+ddkeOBA6ggfeV+q6
+ nTKO4E3xhqzhf9nM1dH7wmEtQGwUf1w19DCuXZJF6Umy6RqqR+TWJEyqLzdv
+ /PLmK3uOzfEwqTbiD1kr83suFyksAeePQdgIzHRz+sCOdr866YpSHSUdJZgc
+ ytNY054jmupwdqTfg/jYYtNWWToHbnyUBQuVMPVlNB3o2uDecSRkcRaQbyih
+ 1PvtizBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAVe9rr+qrIzyMWNoyH
+ rzk3gDAzQ3tgLcEabWZfImVtWIACq224h2PaVx/1YkZAVUH7YRbcvL81JJfJ
+ wfhG6SBWM8U=]
profiles::x509cert_common::certificates:
'blog.cacert.org':
certificate: |
-----BEGIN CERTIFICATE-----
- MIIGTTCCBDWgAwIBAgIDFH0TMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv
+ MIIGTTCCBDWgAwIBAgIDFR2uMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv
b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ
Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y
- dEBjYWNlcnQub3JnMB4XDTIwMDIyMTA3MzAzN1oXDTIyMDIyMDA3MzAzN1owXDEL
+ dEBjYWNlcnQub3JnMB4XDTIyMDEyMDE2MjExOVoXDTI0MDEyMDE2MjExOVowXDEL
MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD
VQQKEwtDQWNlcnQgSW5jLjEYMBYGA1UEAxMPYmxvZy5jYWNlcnQub3JnMIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAybu0J8V7aA8xGU2dxSIS9KK2QeRW
@@ -43,17 +43,17 @@ profiles::x509cert_common::certificates:
Y3NwLmNhY2VydC5vcmcvMDEGA1UdHwQqMCgwJqAkoCKGIGh0dHA6Ly9jcmwuY2Fj
ZXJ0Lm9yZy9yZXZva2UuY3JsMDkGA1UdEQQyMDCCD2Jsb2cuY2FjZXJ0Lm9yZ6Ad
BggrBgEFBQcIBaARDA9ibG9nLmNhY2VydC5vcmcwDQYJKoZIhvcNAQENBQADggIB
- ACH3VhQTP6Dgu9lSADKi/7o3opMx4UhrkPOeQ2xiV0CSic33PwhsWCR2x7uQ9EMx
- MYX4JjHR0xZ+n9ir58C+Unko0xcx9GwdZYCjD2xEoDOAq8xxG5oAxApiFkMdQ2tx
- RxuOfAQxzyJCVLKRJH199ALMok+qeliwjS6MrWGmDbgAC2MDd2i8UC0sJfFlkWaM
- 3HH+nibKa7ONu1c78LOKC3jD+Z2hSwXT4ikJJmrBeG5/VK0zGdfvk4EleWP4M8Qu
- RluGHOL2UNPzd/0jc/IHnNxGPDZ3B3Te+JO6MMP4gWgj354D/INOX9hFZ0GEffpu
- YEutlDSSxouNx4qoL1Fzw+7lq4EEDe43rM46qj6LZ/K4dKHRiXFRefccU5U8uwMa
- QvLOeodWNZun754vcYovcCb25ZKVJik+iPjC3YcZ9ocx0sX1RW55E/9Fn78hnz0C
- Uta42c6OjB5qsXzoYcEHxUG0kY/qaRs8x7awdfkwO4yvFmI4Sma3dAHbxSAVq5fb
- WRrol+KyM7qeRaoOC3yurpkLK26WUfQ4n34Sw8lH9fD22yKpRjg5sJbzemSziKH5
- StiOXCmeXKLQnMBebhl8RZm8PJQa5HyPkD/6oCnxg5Iwj7ciiByJNThtKW2UuthL
- WrMLUiJmHCX5Tx1H3wLVv5bZgHHrOj/qc8FzeDbkweTZ
+ AE4P1Dfnj0Ew7YgtSP6bK/eaUwRm4wExBYRqx4N9jvxamnZe6f8o0xtscDvKxbyu
+ PIGxCbz1XbT9ZHu36DU2qfWJBIYXYSq/qwZG2BNFrcOfF6TL2hsZf1eyKyyszT42
+ 5ieOOGiEaz4fBMml13wMklrc3lawjSXSebxDH/1joUqLD2RymcSWRVNMkUsBhjki
+ 4fE9l4z68QnBZAVnXyOCw2KMqOuWGqu4cguMfzcVc+cyaYPHEx7BHNPmvp+mSHsC
+ achVOYnYoCjepq+MngABZt9O84hxIfCYmejOSNU1Am3M62j1bZ0HgCjXlYcE/Bk2
+ 5Ks2dHYgVxMM1NXyGyHk9O2vvP5JzwBj5/VUqUY5AbtghAceWinZsCslsupvHJLA
+ BqHJlTPn0Gj/q73GtNsKdRL1J7lN/7MppPPt9ELG9lAi/8sFYPFBlhmsoANEJRWP
+ rLhpUqTf8ZfmSQjkJyoEK4BCJ7Gjj57+oN/lqgfjfmIH0YCGX0JK6SrKs+UI/U69
+ +UQKekryHDXWLgsBQ6l8WqiGmBFRgPwN8C8yQUK0kMOY9hXSOkziZE9/LUV5eW19
+ LM1h/Ih69JrnpVVYrffI2hJPEjnrpJpnaSx5p1frZ+OglPBQpdddhu73QLuROR9e
+ BEhw24lUpSJnQq9T4BAkt6Yf8pGoWD6tpubemNKiBegr
-----END CERTIFICATE-----
private_key: >
ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw
diff --git a/hieradata/nodes/bugs.yaml b/hieradata/nodes/bugs.yaml
index 8208c2c..b5205af 100644
--- a/hieradata/nodes/bugs.yaml
+++ b/hieradata/nodes/bugs.yaml
@@ -6,24 +6,24 @@ profiles::base::admins:
- jandd
- law
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAcX6SwwACEzRwZbnDX9rUu2l1xWF3jJVi6Fon
- ZtUAkQs4w4GMdom+Ze2WsXpq623WD60csytV0PF6BvLPoBMec6f2kj2ZsbBz
- SzJ2/1QfpkG0qh+DS7MXN1wSBrJd2ERk99V792GAFHzq8juCbI+LdFJlv1/8
- PAehHgIqPTYRpkVdMX3QXbR6ulukgaKQ3rV3LUD9WeP3BHhGSPBOy/E278KH
- q5hXFeFgfBMiImPIdKeQn3aAwTVgAUArnhRR3dQLnL2pT+8qu9fca1Hhla/e
- Sn0m7FBbO344esxXgIzU4OAQOtcy28hdlBBDSW9bDW+IfTxIoxSHNNbM+X9l
- uOSdpDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBNp7E65UObjdMpvSNL
- cL0JgDDj8oGEHS/6EmlFUeFwv7h+2wC8/DEq6JwSysRtnP/tM2/KZ/e1rVeu
- K0oC5LKZf1I=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAcX6SwwACEzRwZbnDX9rUu2l1xWF3jJVi6Fon
+ ZtUAkQs4w4GMdom+Ze2WsXpq623WD60csytV0PF6BvLPoBMec6f2kj2ZsbBz
+ SzJ2/1QfpkG0qh+DS7MXN1wSBrJd2ERk99V792GAFHzq8juCbI+LdFJlv1/8
+ PAehHgIqPTYRpkVdMX3QXbR6ulukgaKQ3rV3LUD9WeP3BHhGSPBOy/E278KH
+ q5hXFeFgfBMiImPIdKeQn3aAwTVgAUArnhRR3dQLnL2pT+8qu9fca1Hhla/e
+ Sn0m7FBbO344esxXgIzU4OAQOtcy28hdlBBDSW9bDW+IfTxIoxSHNNbM+X9l
+ uOSdpDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBNp7E65UObjdMpvSNL
+ cL0JgDDj8oGEHS/6EmlFUeFwv7h+2wC8/DEq6JwSysRtnP/tM2/KZ/e1rVeu
+ K0oC5LKZf1I=]
profiles::x509cert_common::certificates:
'bugs.cacert.org':
certificate: |
-----BEGIN CERTIFICATE-----
- MIIGMDCCBBigAwIBAgIDAt/AMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
+ MIIGMDCCBBigAwIBAgIDAvYkMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
- BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjAwMjA4MTA0MTQzWhcNMjIwMjA3
- MTA0MTQzWjBcMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
+ BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwMTA4MTIxMDQ2WhcNMjQwMTA4
+ MTIxMDQ2WjBcMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRgwFgYDVQQDEw9idWdzLmNhY2Vy
dC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDDc9DOUpZ7asXY
t9/8gpd2XtKT8VCvkkQ5FjbS7Fd82wPSG6rx8T29Fn56tYISAwAtMLx6NuyD+8Fr
@@ -42,18 +42,18 @@ profiles::x509cert_common::certificates:
MAGGF2h0dHA6Ly9vY3NwLmNhY2VydC5vcmcvMDgGA1UdHwQxMC8wLaAroCmGJ2h0
dHA6Ly9jcmwuY2FjZXJ0Lm9yZy9jbGFzczMtcmV2b2tlLmNybDA5BgNVHREEMjAw
gg9idWdzLmNhY2VydC5vcmegHQYIKwYBBQUHCAWgEQwPYnVncy5jYWNlcnQub3Jn
- MA0GCSqGSIb3DQEBDQUAA4ICAQBe54I1n11m6h5AupUOgmoVrMp6EgdU+fYGPdKT
- 8cxee+YJstHsYhnnCQWqQESeOAKFvbqC6eHOKuezuDd8RyiTOuvlgEJUV49GXo36
- P0iQB0ZTXi/JXPZ0eUNKGaulBhf3ndGjQ6x0O75VNSUeDFBYSkM7LcOlQd9pAnok
- ndXMw/lbhMxyPVqvAxEzVvldy7oeb4Hbrl+WNi0ZB0huy4CRGXatUJpBYKkKTOIt
- vmielSTvIHUc32cokeogk0IedVMMl4OF6PaRDxBya/8MGZoqdTDH66HAZDuTaea/
- NXnN3isaISLvatFIa5PMrij0AuJ4fLx4778D2oCclCa1h2/LIaC+M9xMNQD6rLQZ
- dxi3UV5v3C0mVmCZ4UtzJwnpkqr4AWFqrVUJO9xoYw2WZqKOj98wFGyLuJPC47WJ
- 5DM1gVIgTF5YDPkp8hVmizX56y9GBAQKR8u4arfFoVbnDfjCOIPiH4/LuYZZJQqy
- jfeETr/jWqzWt3VKzKhVUltF46K9zYwb6akrzYaa4Z7cdfzWiSdg6+yEXhxy3Tc5
- wkHifXAB8T1uF9HUw/iSOUSgG3rYswvqMfIlS+I/76K3HSgA+uxPZpSmXuPBTxuB
- STOD82uG3TwnHIsoOBoZNWCJOGlCzCleWxvxZzbcq8VYgRfKqu0E3d9Wrxeusy1K
- k6HQ1w==
+ MA0GCSqGSIb3DQEBDQUAA4ICAQAD6ku1xQo7kXxhRROEqjWluK3SSLrDtyRSGSj9
+ CPtk3HYPDNAVWEFT81j/NwF1zxiVdzj6O/iVieyhTxpkOf1fvCf+2lATau6g4/th
+ SuqFYlYVO+EOiuzKOgOWt/QeyY7C+wThICqsgt3v9iGBsZEVP4QdHmYQL9d8on4e
+ p2SyGFLM9oTGmIMEQ4sSsWCpwEOCDUJr/s7htIJqjWksDI2cLNHPjVTBc8O1Crzg
+ meJDGbPhlSlSTqZws37RivBPwrj4Gh6YDxShNU/1mrF3XqN5XJwzMUVKcaqMsDFZ
+ G1Ooz4g5kgJ+P0ooxBsAW9z6Y56ckcWw4JqJeuI86fDG0zZMRI3xSwbyUVmtapTg
+ qfd10foUUPC2TP29r6kD5KGuQsRfA5x7UPT1qfJ0nKan6r7zpXVzLOtlAeCybV/N
+ ifdPYs+Uokuezf8feWxLCYWZ6aaEBngnYV2rTiBJLjv0e4TFbhCky68fWEPwiWNP
+ BT3grUTJTWzTJk6KtgWme8G0GxZs51TUFVJce7ww6I2FMOimaHp7QfN/ZoLBf4Tx
+ 1EWbfHSmgUDdpgjop/FQUxEv7+CAeBAbRORfa3xZPjAGj8dWp6n8BNEYy3hWH2s5
+ Xe4UVpC/1po6Ud/YRuTqB9i475jzJ3Mobi8J9F9MPmHU8DBK2AqukxFv83aazdQ7
+ dND9cQ==
-----END CERTIFICATE-----
private_key: >
ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw
diff --git a/hieradata/nodes/code.yaml b/hieradata/nodes/code.yaml
new file mode 100644
index 0000000..8cd41e4
--- /dev/null
+++ b/hieradata/nodes/code.yaml
@@ -0,0 +1,152 @@
+---
+classes:
+ - roles::code
+profiles::base::admins:
+ - jandd
+profiles::icinga2_agent::pki_ticket: >
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAoMdZhzR3jM//UzdXm+QgMu6B5vTRbXq9uEgB
+ JG4UzGaARRdOVSWDr0YIJeRwA92CQRygUAcbA8kw+XJxUD7UM2q9tQnRkkzp
+ 9ad+s40TPFrEtgwepWW/rE+ikzxKlic2MMcvreQcvhuQAYnqQa7/KPjXf5GW
+ W4gknLbfn09mF/dlVM4vDEyAbEAdDpf/8UnbFJLE/EG/dKDbbb+8l/6C2On+
+ BGXrME6GUDn2gigCD3+35zL0+VxNXx6A5hagCbLu7sIifQHNn4mP+ObMGj0Q
+ 3wx8BH4IxS02tqpmQDB9EQNrUeb3y6vj8086ePRn/NTmPC0jNP+I02KLjXsV
+ MUwAcTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD631O2gRFwtbgb07le
+ VlHOgDC6DqTry9yMR/tY73SZ/vNpwQbNNpb1QgSgNY/Xput/Rby+NuJTXkzQ
+ AafGS1+vajg=]
+profiles::gitea::database_password: >
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEABIkX+98o3ENPVjgdKapXDgK+YIkG8LrCB1JZ
+ zB4dAFLE3Q/DHl6v3pZ2VLU/F2urpk1kgclgz5wyKJkWSJp3LtRpFzc5emlY
+ 4bnTc4JLODQV20IWRvnc7U4fcAjnYfqflc+cmRooptZYEvR0sz3Zejj3zA7h
+ irH5XJvrPinJvKRD8LaSaH1kDSX+gGRXbm6JLH/tsu0ZsmVjJFGfTGmcvjhn
+ nCU+vAwv6iv5JxbOX75V085OlnZEJJbZK7EuUck9qFSU6RSB7Ui5480i5Kq3
+ lbuDK19nak+VemMXorhg+f+MIYnb2Wmf+EOvuMuuiQHaJBBdPGeOlZA0UO5I
+ 1+iZNTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAppQlAjbnsuArVa3CI
+ BqXcgDDiZCLodsKzhP1PKv2vmDdl0HrnWRz41QxrjHE2gJKX4oAFU4wpi3lE
+ DK06TozeLsg=]
+profiles::x509cert_common::certificates:
+ 'code.cacert.org':
+ certificate: |
+ -----BEGIN CERTIFICATE-----
+ MIIGMDCCBBigAwIBAgIDAvfgMA0GCSqGSIb3DQEBCwUAMFQxFDASBgNVBAoTC0NB
+ Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
+ BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwMzIyMTEzNDMwWhcNMjQwMzIx
+ MTEzNDMwWjBcMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
+ eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRgwFgYDVQQDEw9jb2RlLmNhY2Vy
+ dC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC3J8nPttIYCGEK
+ rZdpSOqdP3PD5tgowOrhlbJP/fEnfhbAUj2ENQj2nN2SU2aUpzPxkUUwXGip5L9a
+ yr/pVeqsjCvEfjM9KE/IHbV7o3jweVdEeoi3Y594UJSBdDFgMmIykQkZ6XJ4j7ya
+ d4PnUIIGaEsA9X3OESLzx9qDObgGNrMoM46IVLCSwte9x3F2bXONJm4Tpk8Fpp9q
+ ymWD7En56l0phoJ8IKp62bNEN0KKDEuV/meNCX6zAJrUGu/jT2EHRoFXYa7X9uxX
+ FbSUhtyWrDGbj/Q+yis2hUtWcFBc716fvwSBJK+VtG7+xNQVrTFFw64Lj/5p/WD7
+ U/unpd5QIJ3yvob9s6tr/x/O0MNl3Y9BLYwg1aR2WxZ4KIPLMoPm0JRbTlcbKo+Q
+ S+POjMpkPgkqU2k0u848bnrj3ujXeYbRZAG1kdWuignnp3ii079Ta+F84Hbj4AnR
+ 8EVlRjVfRzmJN3/sk3yY4DxTdFCt4j/Gun8DaALfktpV0wiiwIr2n4ZHqswsN5DR
+ wyPxPv1ZP1xcKwd7et6WqTpIeMuq2DcFWRGaCq2h2sV7Xnz9jzj7btmskuQdp+An
+ HeZmViYwTilONWX3NW7xT3axx7Jc7tjtgxoICIZyDXfaZw6hUMMlKtwGzQILXxor
+ RdQrtp3VkEqWoqAlrX4mYTnN+F4PZwIDAQABo4IBATCB/jAMBgNVHRMBAf8EAjAA
+ MA4GA1UdDwEB/wQEAwIDqDA0BgNVHSUELTArBggrBgEFBQcDAgYIKwYBBQUHAwEG
+ CWCGSAGG+EIEAQYKKwYBBAGCNwoDAzAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUH
+ MAGGF2h0dHA6Ly9vY3NwLmNhY2VydC5vcmcvMDgGA1UdHwQxMC8wLaAroCmGJ2h0
+ dHA6Ly9jcmwuY2FjZXJ0Lm9yZy9jbGFzczMtcmV2b2tlLmNybDA5BgNVHREEMjAw
+ gg9jb2RlLmNhY2VydC5vcmegHQYIKwYBBQUHCAWgEQwPY29kZS5jYWNlcnQub3Jn
+ MA0GCSqGSIb3DQEBCwUAA4ICAQCJBuHyGssecw0ntKzmmblzXqj31YXwib2+owQG
+ IUT7b+eN4TRkmEVW1Qmbzp0qve+INkSSaYFT33ifUXdE0aiDScARdQOtsNjYA8MV
+ /RU8CsudqHla1JuFxVVdV2dlNHlfc1xjG7/mdgqrxPmD0y+7NyNAw2U4Nw5JrhMy
+ FgMXqXxjjFP8XH8x4jf4KYfDoPzh23gqb5rBbSiGt1sfJbZoPAeZbSoI5DMuYKOh
+ sQ4cSthpYKnNdjSyyfAKVea6pbL9j5Qahike9dtEttdgLtL/ycaYLTdNKLcT8ZIu
+ 5vWxmxykq0xqrAEdTiaKHnnMoHXA6QOVgitHFtw4hKYY276wvZEp2C6n+eRKGLec
+ cut66Xp+cNCP2REMyTNhr0DEHf1gzq+y3U6HJYDDyAvQFgMAbUac3wU8o0css3cp
+ 08NvBIUhjQkhpve46OXCestqpzNFh2bUa21IaqTAS53nXdrIcImFgE974VyCtlmY
+ 1pnh+XfhpzVSgfGJGgdXvzBTIYqqBF94a2LIy7lT2dIAtb7oe9xDdvYouhLY8TVZ
+ VDS9llG5Vj2/spw7fII6FEZdEkQr1yoOt9m7dUmMsd7rhCPLRCi3+Wb89gRKv90y
+ 5qrlHawces5DF+hCmJQxYR4FAIuOgSaVzDfB7nRXFQNu1ixaEmcdMBeB6iTWBRd3
+ wDjMrQ==
+ -----END CERTIFICATE-----
+ private_key: >
+ ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBAD
+ AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAVt5JPSW9lsfW5mY7aWo5NBPjhW
+ lnXZhJbt+e+E1QAZ7IgrtyVWpVKSexjzT2IASXMGLcLqCUYe2j6JJn5WAa/4
+ 36zlybw13f7TFaDX4clHhsIEJie88YRCWu2AFi5sitTnF3O4YyT0gAJdwz6Q
+ eKIngi1wW645F4kKztDN0MEfGtq94KwbTCZbRScvbUFgqfJthFngaPYyYWXx
+ G6oquLz/qnoYq5eOvA+pywYdURtpXs+bo8t76AjSbrECTFfA07w8Ku0DveH/
+ SIimhXacCzAhROe7Yk6pNTjlAfe0RY3T6rncyOe1Wnvfsl6qK/KFCGV3JyDd
+ ggkh/nZGbCXjgBRDCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEN4wK0
+ +QfeExMtnUH+DV5sSAggzQM9f4dPaI195jLPitPZJL7no/k6gGdUic1JsjtN
+ +LwJ3UgoUx4K3lXMa1Kl2pxgJZRaOTSKRXh6WS964Jb5OhfIGo4dWvU7pyqD
+ nlhVMaMWbsTwGG5SmDvYt4WOb739p4fUDdIU+sioZX2XYHJ9hUvXzzuw9rDG
+ f6E41mdXL2uTDMcqGU2xXF39CJUg6IVIlDq4PyiEQWevqXRq/6TugO71BEq8
+ CMtiLXHMht1doiJkfaEuPaY834gYDbkiiqehPMyMgnI/VFa8IPKJxovf/lam
+ xjpql3mBqpEEqHG+PkyEMphjuSF08SvQ10hIyrFWvTPCU/c2TaGOSAjHI1gS
+ kSi7gh7x8uPTMvj1Of9PnZ7yvGgvrXXXvLCLQYP61yatc+ZEigNMu2amVNzj
+ uwXfN/yrnkJ4xnVHoB4VUB2lLL2A+EuGc/AJZukAPceEkqhGNffezG9UZ8co
+ GvLBZOEM/nl8vxGflA/1KFmgUfRrBZcy4NAdOBFn1fWGE7WvGOAZdVVaDXms
+ EzlerWw+a/M+s6evk79h0VzyTK3ZsL2HjvQOi45w2ioxaL55pomcJSMvKAIy
+ YIPE2ZCdsByE1ByOzvVROsVHIi7Nqr26vS5l86wRjE+63WVM3iGrRSMJ4/lu
+ kTs+yYVb2q3TL1kV9635BGAclfAJtp8yY+KwdsGBs3Kx1kyB6ATdmaUKelmm
+ Tb0xJVB9Hy4BaaVSNDa14x/H3pJ7l0Fe/1qkpLiIPBvVkrcb3EZON71kD0wv
+ xpyaRTpqK8D5UTuRAdwcBPPMdQ9eOonRjOqr33MABKQPHLGuzBSVO9W4JjLf
+ vJz85o//TsaqrOfb1GGlU/lFeHOI9M/7Y05EW5rYI9hsM7A7XwMNnV/9KvvU
+ XYPLCqhhhy9d/dMeJcENKWoHigsn1o+K5k34/ZnxY738Wur0w07DhYB9Ioop
+ aBfhiEnccWN6w6Cc6iDvAZnX94+k7TtHM+gTUEY2E46PJHSevPCj/BjUDSnl
+ vsSGKRE0PHKfIPxE+LZNrV1m9S3crAbsHbH13nGV15RUuzDY49y12mqJxHMu
+ SytAMRNkBaKvqn9IDRfrOMjAGfb5dpJmJ7sdsiENH0Vt7oOzs6NnRXlktO+n
+ 960t6J9ujzO3DovhBQQtlxBu4tIJAQkbIgD94bEWh5UBfrwwkX7wX3xe0Ybg
+ QTudEADVLGh2xP7qH8prvoPTv9G8slcNDUPRVwMljqwqY4bZA+5hXPPFUBUj
+ LE/NZJ9i0MsVwznS0oy3ULWkKguOgFvjsA1DWK9mNS2e+5exGwGiEqnClE2A
+ +X2DROlwI8Ts1gHTrb1gur6zCnpc5P6C5gFJssxVYnwqu1eQ9oNkac3lLMUB
+ uDon8dqv0vVkkMQm5Q+JWTaWNM8XjIxIc1V4hVUfcOuVGbHLg+PFSaFqhaK3
+ N9tXn57rA7gghoiSFwXGomkx6eztr1SfbsMHUC4Ikpq8zMhrGpFVM54/6vM1
+ o5aUoUBcCHOz2J31Pj1R3dCGezpt+h19eMgpp+hsZn0chlswBbKcV0KKmY8v
+ X6cEkqAOki2IaARnlJzR4hoQnaQMNMxdnoRCiwp6tDbi00QZgosGs4px65SQ
+ JgMrUG9arbp4LbukS5XasUF79SQLhyOJ2dYgXyLOlxSgsUr5Xle6zlNCNfE7
+ q6hNnWUhffHKKeK6LTWv778lsMmA1f+vqk0V/jFdzMHk2hxUxHSHk43BmA4h
+ s1vW7CkV01eSEx70j/RYv+7mCyq3UDxxq8RDCiPh7B6EW7imDCRNIFcplmCk
+ MJUAVMtHDJu80ayuE+1RHxdowIT6FsA+3d8Wncy46tAI6Xk9V6sZwt/sXkE/
+ G4LQx2yVuxTdE1pqeOAOpRiEHERvuyM/6b6pfT6ZRksQC3/T7qwOjw50jg63
+ TMC3n5FOu1SqDSWuhmFqBuUOOpD3y9V3RtfpDRQRjbTKhfmjZrcvA+WdtVdD
+ o5c7053pRZvysz3vALrr7RUU4UTFpCamYTL16YmFN3mWCHMgYljmhg2dlK4J
+ jFEwVDq35Fax3MZawUuruL26eaMsv6KYrVL1T9wEJaJGfLMR+IjsrPdHPC7V
+ oIj6t5VLYxoILVfRicqilf0Je0OGRADXu2Hi8MyGKd+7XyTHcJKOCOsGj8+m
+ uKC5NyA62SM7XP/+2GyTH+35hiClYxX7bF1BjEIatGmR6g96niUyLdoO0djx
+ GFWX2E6WNOHxuKGoxoIX0SPwsY4lUzvxrITvVfGmXTDN6nKXuvh9z2GnPjXa
+ QZ4YMPrgaER3FbULstZBNmbNYkKbLG1LmyKbHlfgnPCLG0KG46K7zasRG0me
+ L2kZabj5zMlu4y2nsCTZRcdun1KSWTpy+aVLXCCrapfz9gxAgaC060ebJO12
+ MiANT8Zv61DmvltD75mNArBre13tkyO5zkXmFj+QjpcQc0weMdHXzxvaM/NQ
+ YA4tu4pJoEVgH2QJMPiQAIoayIwpvYStndx6B4U+SGt68/ZOU/2PijXX7AG4
+ pmpH6iPUpwHpJoNlvnfZ+fi/MrqwWTjidHvHlFf7BWROvFOlldXOnxVR1m9l
+ hO3Ff2llqDAz3eKmiTEmADtX5UJVLNP78idbEgiizSQITU/RILfEa13aFe7g
+ EuwhVmDht/tSQedPS1hJTMv6ew2l4X1G/Rs77bw/3EzmdSN56LG07s2/xWxq
+ Aryz7Hiww689t5VMmzUmnEY77kocemifGaHCZxhjOOu5iGxC836aM4pQMuix
+ c1CNxSgJNSBPIMRO8JXIHWZduqVLK8arwY2EmU3w7Gnj6SThROsfX2qtLe2+
+ UkE0s2o/jtYBLHiIjZ/euXLB/OswNEes9NAzkvmyGgJInHcA48Ga6GgA/ofR
+ IVbsw1BNSmBWIvH0A07T2/CrOasDWRVFiY00CfwRqUXSo+dfpmKuOqBuDV8Z
+ Z5IqQP2LXZtq8QxhTIpNUM7ELJw5sbGYeakQpWtDAv3r5/CB2Hm25LWluOUP
+ pBrY37LDdGiK7XUZNXRhH+H0VuG4JyZa/41xd2R5bM1XK0ut18lV07/U9f7A
+ VL8YtkYLH0CufKVyBbQW5YyHml4RI+994rAIMiaKJXjTDPL6mYOGJosj+C9b
+ 4oUa6QG+AVKoaGSggQ9YLjNbJaOmOt936rWSxSmV11kL4Wrev7J2EZEc2HUJ
+ tjCSoHwCYJKw3wbEXmo4adG29bUGSN34JhzoTfGh8rq8S4Hnbcbl2CLlWsR8
+ S7luE7F8M9UkcGTsjCFF4Caqtszn+IrGRb92VEqOyj1AzdCrHbUO7W10uIJW
+ VC0eyQfc6rcF2R3n4NxOc7+jhJJAzJksF8KHKBADKUs4g2VVnNqgnSVl9GeD
+ Gc1GxXtysG1XM+Y0DH8qN18AELXOpwqumZDUR/in7ib5tVTLVPqRN+ByAsPd
+ dLe7L5wDdXNOhCvIpQhBthllLDxV/SjajKr80+eK6ykmeCUiZqLP65Z60pAe
+ sZUzqcZzNfgVcRr/C2+eVRZqf9gZAHfrJQahoKaQVDSvFz6WUK1IrN5Pt9dJ
+ FdMqMuU6O7I1bwA+XD1kgAdPQn4jkxwSUnjzAzzA1RXGiQGLvLYvA/uKgnfH
+ GGgfP15mov9ucEH09P3pTmyrn11plHthzZLiwqQ5L3LzFu77wJKYDj+REhp8
+ nf69xFuGPm8ygJb1MJbfA7wPZl0WT84il8UgfGYI/9DIXc2rz+oFmdFbqnNe
+ QmE+vX1hNEvBxpg6HUMQ8jBVIHFY3RqveJOyf9nSYSzL32pFpDvEaeZaaO2z
+ As0XjDMYXzU1Qpw1t063PIExt+6h3yKa9ayaekGZ8rsjJNLgfGaGvaU7T9J0
+ HrYPUCApeTZF/OiH5fwfTVSeQssp0mO2MpHIR7QBy2/gUP+LucRUsIt8b+SW
+ FZg2AgpwREXPc3vd/2/AMA4sZEFmhxdBEUhS3ZARv7H9MVH7iZe9I9IJr0Xc
+ WGMxOxNwoX8Ba73yoCJFFBkTBEu50IL5bbhaLCnsrllwtBYve2vJ2KbS1sdl
+ uDf9wCqMnv/R3g4IULTER7Jt77s0lMEt+mB6ec6TDAYgAFzkeaWhzs9z5Ecj
+ ai5imWWjTDBI7+bjIUuSIHUTHIngi3oWcQCp4zpx60kC/ev7AE4GPH2hgcLk
+ oovWw7TKlfaDlJjoIlHedRSL4MuF78GuQ/qQ0Gmrxo+xb7jj782FzNP3OOMg
+ kAsoMDx8vmZMzD5pISHfumeDDuFSACLHyyOy6E8G95jiP3Wa76uJrZUF5XXi
+ vSbcrDZHaxO1nOqP+fCN64gEOnk/16j+gNywwGFKtlwM9KOPTBVQb5nWAf5y
+ cGeFfLJZoUVp9Rs5ZTGXRIGwe4oZ9MUSOhTKbpsCO23Xa7TbVlLwBbrKapEa
+ YDZFrzFWykjyk+4w==]
+ cacerts:
+ - class3_2021
+ - class1_X0F
diff --git a/hieradata/nodes/community.yaml b/hieradata/nodes/community.yaml
index ad992f9..1f18b4c 100644
--- a/hieradata/nodes/community.yaml
+++ b/hieradata/nodes/community.yaml
@@ -7,37 +7,37 @@ profiles::base::admins:
- jselzer
- dirk
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEARHUYarivf3GhHB+uKLA9AD0uCJJqBJjzt3+N
- wreJZ79ehkkb1LIU720ipwRPTtP+a6Gjx1rfQJO8YwB1ZwDeB7aYc+1ZHcVF
- kAHOu5WkonpGCDMHfTJu3NUAa1O9qla8W4cdyLh/n7wJS3hqFJrDa0SxdlLN
- xvsqxNtrEjWa9ADiC+Tbt6IWGkLKZrs/T0C3zPMUc3lTXSyWDDFPPaAUj1Sk
- 9OhOw00j+3BcYSIb0J8h92dNohLS5saGXMf+mwqt2FZWDyJ8YbzJCItmhhMH
- S/Bmsc4dsT5VPgFew/5FOrR5/8whEu9gUFcP8FbLGEXtClUylWhAf6aK6cxM
- 2Yt+/jBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBv/L7t0DBN3lDygcWV
- AAa/gDAEkxZMiQL9ZuZ6KaLVzv3FNr+ACIvytNoi9JxLTX/PTpygEmRb35Fq
- xS+ioIVEWOE=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEARHUYarivf3GhHB+uKLA9AD0uCJJqBJjzt3+N
+ wreJZ79ehkkb1LIU720ipwRPTtP+a6Gjx1rfQJO8YwB1ZwDeB7aYc+1ZHcVF
+ kAHOu5WkonpGCDMHfTJu3NUAa1O9qla8W4cdyLh/n7wJS3hqFJrDa0SxdlLN
+ xvsqxNtrEjWa9ADiC+Tbt6IWGkLKZrs/T0C3zPMUc3lTXSyWDDFPPaAUj1Sk
+ 9OhOw00j+3BcYSIb0J8h92dNohLS5saGXMf+mwqt2FZWDyJ8YbzJCItmhhMH
+ S/Bmsc4dsT5VPgFew/5FOrR5/8whEu9gUFcP8FbLGEXtClUylWhAf6aK6cxM
+ 2Yt+/jBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBv/L7t0DBN3lDygcWV
+ AAa/gDAEkxZMiQL9ZuZ6KaLVzv3FNr+ACIvytNoi9JxLTX/PTpygEmRb35Fq
+ xS+ioIVEWOE=]
profiles::roundcube::des_key: >
- ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAqwu823+svisLj+8LxOGHbb05s1tIFsraXWH/
- SDnuK8//+6q37kjoAvySC9uCbaRpB9dWfU9E46BUVAYg703LC/JMEeS5UfXK
- v/44BFSGlzXjbQkM0tdfNY2DCk3AWcPAds+6SfReS3vBqXt1l3Sas5hSm17t
- 1zkELEsacMQ/+5a7MNWSUVfJbA51rdQUmrP88Pu+CfzlqduupNJVvgzI6xUz
- C29+DJ866sevd90ByCtRgLzCkGVe5GFYjXi3VOHUF3yRmsmoHtP+bTsxmN42
- +oU91+xXa0LzSp/dCt9LYMpUi1WXl4k8AXU6AqZMo7uYJvHH0p79ugYP4Xkr
- fAE/ADBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAnr12/n/QLzDyVRxaW
- DaGygCDPJqWrEVXRR79E5Uu+jqPezAEMdYrzSCJDYFiS2cRgUQ==]
+ ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAqwu823+svisLj+8LxOGHbb05s1tIFsraXWH/
+ SDnuK8//+6q37kjoAvySC9uCbaRpB9dWfU9E46BUVAYg703LC/JMEeS5UfXK
+ v/44BFSGlzXjbQkM0tdfNY2DCk3AWcPAds+6SfReS3vBqXt1l3Sas5hSm17t
+ 1zkELEsacMQ/+5a7MNWSUVfJbA51rdQUmrP88Pu+CfzlqduupNJVvgzI6xUz
+ C29+DJ866sevd90ByCtRgLzCkGVe5GFYjXi3VOHUF3yRmsmoHtP+bTsxmN42
+ +oU91+xXa0LzSp/dCt9LYMpUi1WXl4k8AXU6AqZMo7uYJvHH0p79ugYP4Xkr
+ fAE/ADBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAnr12/n/QLzDyVRxaW
+ DaGygCDPJqWrEVXRR79E5Uu+jqPezAEMdYrzSCJDYFiS2cRgUQ==]
profiles::roundcube::master_password: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAQym6DCbBEdEaW6q4f4fKNhVt9iCdn8butbqV
- I3F5Br2b+68R/llQfA0MCBIKPWaF2vwUaUaJYow6uQ9KE96FLASVPCia0Tq7
- eKkvZOJ6AXCFhU2fj7IWdzmFGBHlU5j39OhRuk5k/vwn9dtn2korYhUfkhdd
- 93htnI7ts3uu13fsDqg8fKG8GGuRiesvOfcLgmR6N13S+INMnmm1yogzt/H8
- dP9Gmzh06H8LPLo09xkv7/VhqyyjGHFuqnpzEpEIiaI6yfpP2o0XxFVtIJ3d
- kieIXuWP6Cn30EhfTtJ4+MuS/r/jjLTjvuuy+FH4J3Jw6ruTQpWGkszHCKKZ
- qukXDDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBA45dXYksd5BAhgFD7
- 5NP+gDDvF8Cgnhpi/DhvI0fzwYJaLwelYhplqcWXJhml/58/yhYllUZVE/Cz
- smDHq+RA9UI=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAQym6DCbBEdEaW6q4f4fKNhVt9iCdn8butbqV
+ I3F5Br2b+68R/llQfA0MCBIKPWaF2vwUaUaJYow6uQ9KE96FLASVPCia0Tq7
+ eKkvZOJ6AXCFhU2fj7IWdzmFGBHlU5j39OhRuk5k/vwn9dtn2korYhUfkhdd
+ 93htnI7ts3uu13fsDqg8fKG8GGuRiesvOfcLgmR6N13S+INMnmm1yogzt/H8
+ dP9Gmzh06H8LPLo09xkv7/VhqyyjGHFuqnpzEpEIiaI6yfpP2o0XxFVtIJ3d
+ kieIXuWP6Cn30EhfTtJ4+MuS/r/jjLTjvuuy+FH4J3Jw6ruTQpWGkszHCKKZ
+ qukXDDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBA45dXYksd5BAhgFD7
+ 5NP+gDDvF8Cgnhpi/DhvI0fzwYJaLwelYhplqcWXJhml/58/yhYllUZVE/Cz
+ smDHq+RA9UI=]
profiles::cacert_selfservice::admin_emails:
- jselzer@cacert.org
- jandd@cacert.org
@@ -45,187 +45,187 @@ profiles::cacert_selfservice::admin_emails:
profiles::cacert_selfservice::api_endpoint_url: https://email.infra.cacert.org:9443/
profiles::cacert_selfservice::api_client_id: cac3ad11-fa50-43f6-8ded-15f598b6ca2a
profiles::cacert_selfservice::api_private_key: >
- ENC[PKCS7,MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAwZixb5ZkBTfIjHnZjyg+bDOCsJZ46ATcle1j
- imfj5hph1wBK4ZpjuzLew1IPTJ+iY4redgwNGi0TgHcOmT9l2i2jnjITDKJt
- 7vfgLFKZJ8+whdEpejd8GVBXBgNe4vIt2YMMRnOGl7d9dS7+e4sm0lK56hSd
- fbHuu7h0gbSK+ZPbJvyPPI+r90j/qRq8SXrnJ8nT49NswHuj5PmMBdYMslSO
- PpnAoq+YyukeQ+HagWr3khcSZx+GYY14kBpBNiDZpG03NKzjZkT6fYugqHE0
- B9HC22XSKrwQJwIIbSpVRJ3UF2pcx0aWjMQfuvdteJyD9XkmeNa6uiQGl05G
- KJuqhDCCAR0GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEOsT67vXcPF/Pbqc
- j6x76aOAgfBjd1srdGK6PJUs5Inkop441ce2v3jij/1oo9fRswSTgAMGHSGg
- 4zqbuZH2eR9hUXd/Mn8DmrAF4O285K7J6ei+9Eqkyf4xoIGV0VT9OiXDbJ6K
- mUdm0gPYWdjYnN6FEIo2sLxBf6NDyRXFnjALnY6hfS8ePD4vRLHld3gDErdA
- QwVQDewb+L5H3mrTNnM/2ex9M1ekRXK3z0lfn4q1H7UUZLS6Y5vmH4Tl7kTk
- QeVCvUatI5fSzNaAi+N15nMo2X/ojgTn/CS9zklA5du1XgI1xzqsHyb7zirv
- Bq5sNCy9CM2at4UMKVqsU7FpdIIxjFw=]
+ ENC[PKCS7,MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAwZixb5ZkBTfIjHnZjyg+bDOCsJZ46ATcle1j
+ imfj5hph1wBK4ZpjuzLew1IPTJ+iY4redgwNGi0TgHcOmT9l2i2jnjITDKJt
+ 7vfgLFKZJ8+whdEpejd8GVBXBgNe4vIt2YMMRnOGl7d9dS7+e4sm0lK56hSd
+ fbHuu7h0gbSK+ZPbJvyPPI+r90j/qRq8SXrnJ8nT49NswHuj5PmMBdYMslSO
+ PpnAoq+YyukeQ+HagWr3khcSZx+GYY14kBpBNiDZpG03NKzjZkT6fYugqHE0
+ B9HC22XSKrwQJwIIbSpVRJ3UF2pcx0aWjMQfuvdteJyD9XkmeNa6uiQGl05G
+ KJuqhDCCAR0GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEOsT67vXcPF/Pbqc
+ j6x76aOAgfBjd1srdGK6PJUs5Inkop441ce2v3jij/1oo9fRswSTgAMGHSGg
+ 4zqbuZH2eR9hUXd/Mn8DmrAF4O285K7J6ei+9Eqkyf4xoIGV0VT9OiXDbJ6K
+ mUdm0gPYWdjYnN6FEIo2sLxBf6NDyRXFnjALnY6hfS8ePD4vRLHld3gDErdA
+ QwVQDewb+L5H3mrTNnM/2ex9M1ekRXK3z0lfn4q1H7UUZLS6Y5vmH4Tl7kTk
+ QeVCvUatI5fSzNaAi+N15nMo2X/ojgTn/CS9zklA5du1XgI1xzqsHyb7zirv
+ Bq5sNCy9CM2at4UMKVqsU7FpdIIxjFw=]
profiles::cacert_selfservice::base_url: https://selfservice.cacert.org/
profiles::cacert_selfservice::cookie_secret: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEANEuaG5H4qNkySuid+UUP7aurU5shEpoV+Aei
- ChIT8OzQA9v6NpOaz9UvorSrebLI7MZ3N9WOT54tEppjdesooX270wq+xi/k
- IEzP/3IU72GQCfpDyanTRO5mDSkWMUTySbE2b2lIelDTM/r6V70EZTLcLxvb
- 96HtiZ3keAfVlXPpM8B8FKbVHBhnPkMOgy2gs0lqc9FXBAlAUdCirgH9X/Y9
- HC3SjiZrKUDdWHRS5p0a/b1e1GNGEn9RyFaJaS4tAvTgBbM5nJtWgw/jniRq
- qABbA6dB6kMvyMNVTmcGCT3TvgqD0CnmjwH1KeiS26SGfB6EMlSzT0s1Lf4V
- jvBrrDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAxi4Yrk00u8lUnFF9C
- jzdVgDCAXKS3fskZkAIHmTnoK3bWVEdvaeiA65LyuzOTArxhinWKqdD9cgBc
- 5D6njEaLuT4=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEANEuaG5H4qNkySuid+UUP7aurU5shEpoV+Aei
+ ChIT8OzQA9v6NpOaz9UvorSrebLI7MZ3N9WOT54tEppjdesooX270wq+xi/k
+ IEzP/3IU72GQCfpDyanTRO5mDSkWMUTySbE2b2lIelDTM/r6V70EZTLcLxvb
+ 96HtiZ3keAfVlXPpM8B8FKbVHBhnPkMOgy2gs0lqc9FXBAlAUdCirgH9X/Y9
+ HC3SjiZrKUDdWHRS5p0a/b1e1GNGEn9RyFaJaS4tAvTgBbM5nJtWgw/jniRq
+ qABbA6dB6kMvyMNVTmcGCT3TvgqD0CnmjwH1KeiS26SGfB6EMlSzT0s1Lf4V
+ jvBrrDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAxi4Yrk00u8lUnFF9C
+ jzdVgDCAXKS3fskZkAIHmTnoK3bWVEdvaeiA65LyuzOTArxhinWKqdD9cgBc
+ 5D6njEaLuT4=]
profiles::cacert_selfservice::csrf_key: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAb3LeVK/doYxs7FwFIbvp21i6M27fmSXtIK3E
- p36brmcQCjnbCeLpHkE2FroYZJQmtNY9EGGUzkQsyoBDicK3j3w754LGMDgn
- s3PL+hDk16X45yBFgcnTS/C3jFbm3SklFsNfpLGEEbCjwlTyL9txnQfU6zw8
- +xHOrpSiSRM5hAA5/i2vEgErZlh9kVqKoXNJdj2X2oIjW8vw37rlPO6w4iIy
- 3fTHtCFsfKqaa7QmsBuXrK6IDKMVsTPr+daav/8YwacVuptnzr+pFww/u3pb
- +B/ES8qGRen7ibaZcoxBmxmUNtPSpuqsyHBnyVVJQO3c9ZQzLq+wRJYkKK+k
- j+0DMTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCbhyOCOabOgrKCo5Jw
- s5cUgDCvQ0SCr1BLrJWi21P+kE3B5QZN/q/3cTEVB3j4emy+j3DhHjJX096J
- HE5b/Ql5GqE=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAb3LeVK/doYxs7FwFIbvp21i6M27fmSXtIK3E
+ p36brmcQCjnbCeLpHkE2FroYZJQmtNY9EGGUzkQsyoBDicK3j3w754LGMDgn
+ s3PL+hDk16X45yBFgcnTS/C3jFbm3SklFsNfpLGEEbCjwlTyL9txnQfU6zw8
+ +xHOrpSiSRM5hAA5/i2vEgErZlh9kVqKoXNJdj2X2oIjW8vw37rlPO6w4iIy
+ 3fTHtCFsfKqaa7QmsBuXrK6IDKMVsTPr+daav/8YwacVuptnzr+pFww/u3pb
+ +B/ES8qGRen7ibaZcoxBmxmUNtPSpuqsyHBnyVVJQO3c9ZQzLq+wRJYkKK+k
+ j+0DMTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCbhyOCOabOgrKCo5Jw
+ s5cUgDCvQ0SCr1BLrJWi21P+kE3B5QZN/q/3cTEVB3j4emy+j3DhHjJX096J
+ HE5b/Ql5GqE=]
profiles::cacert_selfservice::https_address: :8443
profiles::cacert_selfservice::server_certificate: |
- -----BEGIN CERTIFICATE-----
- MIIGRjCCBC6gAwIBAgIDAvE1MA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
- Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
- BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjEwNzE2MjIyMTM2WhcNMjMwNzE2
- MjIyMTM2WjBjMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
- eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMR8wHQYDVQQDExZzZWxmc2Vydmlj
- ZS5jYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsz/5
- vDt+ZOwPvfQJiaZgN2VwIDF079gf5rVi0Isw7maNj1lcN3oNjyF2UneOkx9b5yw7
- kHytifd/Hz5Exg7DJDrSc7eW1tmXGZWWtK2PX3G0gG3uWfqfxMSmB6gHRvj+YcSb
- AXzlzcO+SQQ7GV2nZI1ZpfJ1jLuBjK8Hchr7zp9IWw/dWJtROBuyIOTiLHiVKehe
- vHOnvDF9MPqoPJFoi+PoZCU8MwCqKLTc/d/RfsvIG1BwnoyiDzieeDsCPfssJciz
- Kb3MC0V+zw0LxWS3RPZMsR/rTz3sEIUyy/NdADdA4rY/LAXI1dVxNsJgaU6jGfO6
- aub21X6s4cHRsed07xBYHe5LJCV0ExAx23V0ihWM4R9mEFAyLrfuoO6oodiuopGE
- jybeYEq0qLFjMpNZX5bnJ7X53Z9kb0kV2Ft+0jYFUmGvp27JnWN+dAcJ0T08+Uqs
- zaiNS0fj4Wgd8WZYIkmVM+MzCGmKcjOvCgQFa+wZvvgRG69nsxl+Zr2e+8WUJoQi
- Tvsp9z1YwidmN2U22HmX7xukvDVLWi0R7reSyjld3Wo9Qn/UCTkyYHpjPUdPhYQV
- avOaturVpISXcANZi9XkMXO9k/osEywH2oeqy95bXT7w14Hla8Lg4Y5tISiKny9g
- sZNeqx35v1CkDxofG/uHKI9EvVdJKyeHU9RXlXkCAwEAAaOCARAwggEMMAwGA1Ud
- EwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMDQGA1UdJQQtMCsGCCsGAQUFBwMCBggr
- BgEFBQcDAQYJYIZIAYb4QgQBBgorBgEEAYI3CgMDMDMGCCsGAQUFBwEBBCcwJTAj
- BggrBgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9yZy8wOAYDVR0fBDEwLzAt
- oCugKYYnaHR0cDovL2NybC5jYWNlcnQub3JnL2NsYXNzMy1yZXZva2UuY3JsMEcG
- A1UdEQRAMD6CFnNlbGZzZXJ2aWNlLmNhY2VydC5vcmegJAYIKwYBBQUHCAWgGAwW
- c2VsZnNlcnZpY2UuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAfyuR8eIs
- vsC7wjW1fXTNwgeniAoiYvrWpDHQLmHX9cbkfQ+UkL5L9N9uJGdFa77GSPQ54wl0
- Cc+oGQcdO84h0hJAPZaiAgCBgE79h6ZLFLxdsbArjTTbNE8LDCRG8To+0Q9Gfvuh
- RtsLh3R9mSCKXug9iJs4nV+3BeJI/wVWdkBY3gKdM4hgdLf6zW6lg0yLBRSi6b+k
- ECuX8Pwjp/oxkNtptDettBXVNW/11j8AFDqOs+TlITbgmz1Gb2NE42C6Fl+cW4ZC
- ksiLr1c57tUDpAvKmtU6f4n7cCbfXX3gZYMCrVLAkEdwi3LGbyKoa1Rfh4pIWUsY
- gXmfEr7oFWI5jWSfOjbxvuJEaADOR30fLHqTWSe1egcgheDn/XcW8ktFhOoZYcpI
- y2kLxhTW3K/cxy172xfm3k11/bTNWo1eyDLYNI+604KkFALowLtc+VG71CGhgCsv
- sHNowDK5arfWb66qt4lgwqNVO3l4zCyulYRAS24twwVq1xOKTGEeJDexG+PidEa0
- 8rHGA0c9nmddvTXabRMCgMy4H5tXvyZm5L4WYNNLuBi2h0Zgjdsvx4ikfHH6KI09
- n4qkQ6vCStSbSiZ96ezAVN2Nb0tlFaSGJUGHhZnpvdeSgHI97r4X/52AXQj0SZO8
- vOh92Z6rXG+f9faejmypByLAl0dIaDG1VPQ=
- -----END CERTIFICATE-----
+ -----BEGIN CERTIFICATE-----
+ MIIGRjCCBC6gAwIBAgIDAvE1MA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
+ Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
+ BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjEwNzE2MjIyMTM2WhcNMjMwNzE2
+ MjIyMTM2WjBjMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
+ eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMR8wHQYDVQQDExZzZWxmc2Vydmlj
+ ZS5jYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsz/5
+ vDt+ZOwPvfQJiaZgN2VwIDF079gf5rVi0Isw7maNj1lcN3oNjyF2UneOkx9b5yw7
+ kHytifd/Hz5Exg7DJDrSc7eW1tmXGZWWtK2PX3G0gG3uWfqfxMSmB6gHRvj+YcSb
+ AXzlzcO+SQQ7GV2nZI1ZpfJ1jLuBjK8Hchr7zp9IWw/dWJtROBuyIOTiLHiVKehe
+ vHOnvDF9MPqoPJFoi+PoZCU8MwCqKLTc/d/RfsvIG1BwnoyiDzieeDsCPfssJciz
+ Kb3MC0V+zw0LxWS3RPZMsR/rTz3sEIUyy/NdADdA4rY/LAXI1dVxNsJgaU6jGfO6
+ aub21X6s4cHRsed07xBYHe5LJCV0ExAx23V0ihWM4R9mEFAyLrfuoO6oodiuopGE
+ jybeYEq0qLFjMpNZX5bnJ7X53Z9kb0kV2Ft+0jYFUmGvp27JnWN+dAcJ0T08+Uqs
+ zaiNS0fj4Wgd8WZYIkmVM+MzCGmKcjOvCgQFa+wZvvgRG69nsxl+Zr2e+8WUJoQi
+ Tvsp9z1YwidmN2U22HmX7xukvDVLWi0R7reSyjld3Wo9Qn/UCTkyYHpjPUdPhYQV
+ avOaturVpISXcANZi9XkMXO9k/osEywH2oeqy95bXT7w14Hla8Lg4Y5tISiKny9g
+ sZNeqx35v1CkDxofG/uHKI9EvVdJKyeHU9RXlXkCAwEAAaOCARAwggEMMAwGA1Ud
+ EwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMDQGA1UdJQQtMCsGCCsGAQUFBwMCBggr
+ BgEFBQcDAQYJYIZIAYb4QgQBBgorBgEEAYI3CgMDMDMGCCsGAQUFBwEBBCcwJTAj
+ BggrBgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9yZy8wOAYDVR0fBDEwLzAt
+ oCugKYYnaHR0cDovL2NybC5jYWNlcnQub3JnL2NsYXNzMy1yZXZva2UuY3JsMEcG
+ A1UdEQRAMD6CFnNlbGZzZXJ2aWNlLmNhY2VydC5vcmegJAYIKwYBBQUHCAWgGAwW
+ c2VsZnNlcnZpY2UuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAfyuR8eIs
+ vsC7wjW1fXTNwgeniAoiYvrWpDHQLmHX9cbkfQ+UkL5L9N9uJGdFa77GSPQ54wl0
+ Cc+oGQcdO84h0hJAPZaiAgCBgE79h6ZLFLxdsbArjTTbNE8LDCRG8To+0Q9Gfvuh
+ RtsLh3R9mSCKXug9iJs4nV+3BeJI/wVWdkBY3gKdM4hgdLf6zW6lg0yLBRSi6b+k
+ ECuX8Pwjp/oxkNtptDettBXVNW/11j8AFDqOs+TlITbgmz1Gb2NE42C6Fl+cW4ZC
+ ksiLr1c57tUDpAvKmtU6f4n7cCbfXX3gZYMCrVLAkEdwi3LGbyKoa1Rfh4pIWUsY
+ gXmfEr7oFWI5jWSfOjbxvuJEaADOR30fLHqTWSe1egcgheDn/XcW8ktFhOoZYcpI
+ y2kLxhTW3K/cxy172xfm3k11/bTNWo1eyDLYNI+604KkFALowLtc+VG71CGhgCsv
+ sHNowDK5arfWb66qt4lgwqNVO3l4zCyulYRAS24twwVq1xOKTGEeJDexG+PidEa0
+ 8rHGA0c9nmddvTXabRMCgMy4H5tXvyZm5L4WYNNLuBi2h0Zgjdsvx4ikfHH6KI09
+ n4qkQ6vCStSbSiZ96ezAVN2Nb0tlFaSGJUGHhZnpvdeSgHI97r4X/52AXQj0SZO8
+ vOh92Z6rXG+f9faejmypByLAl0dIaDG1VPQ=
+ -----END CERTIFICATE-----
profiles::cacert_selfservice::server_private_key: >
- ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAt3on6CqHyfkSR12NDKy27ln9CNYSig4vnazz
- 1SU89n50FroloNyQNkryp9owAQhmlkdI8+XQxMfP+ujXNahj2mjQQPJullm/
- i0/8Yr11b9e6CQ/S940Re6203Z+wJDOtOiiv7lckWeBojfvbh0jxU21wvgRM
- WQy8qpyfReAeopxxjv7ibWR3/WdJIReIWgQnCtJv7Is5a+QqpYXbDb6G3AK0
- sHFyY2ZYmWOROwCV7cIRr51Ta7NLIC2y0U+TDc5FLzCR0sauA8jtvSc58pT5
- DFHBTsYdqlnlH0bsxqAffYuZdZfCB2gZhRFyshxprJt6Pp5DEsHlzmBgVu3d
- 8Pg0uzCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEJUGBdM86l45Q2aM
- CTGHxoaAggzQkBGmiEON8uEXus4pljSwufuQuH7+XLQxlE91NTaXiJaDh3q2
- iIfH+2/Z33GfOCsDrOkxtaHKrxAGatxvOQUKtfl8kCAkSNK2qrlRhfqyeJiR
- 8twoLYe/p7ijufLZBxR05KrwfJC5baWqA4f1psy2c4kStgTe6w4T7iJMhAHH
- mQM7FfbZgKncmsPAdEAxGj0r0sf0iLCOkAQsoZQ52J5oKUE8/q1ywjMYnnEy
- a15JyQpODCjUI9pTpuGwUr90bnFAh9/WWblEQROwSdjCM/tRnMYlB5LW7pGE
- WfXIZ/pxax7KDd9x3LG6gtDLyKpOCPSrotkO5NmjPKbJBu1PWeKT2tRWRUXR
- Ss5D1nvCipJUgijwAsXpiojCHBOgo9zjXe7PKoqT+H3sGJ0Fj8tO8L+tEs63
- lVbYA2cIX4x8f8HGzIQoQu0bqPX+ZNO1kDxjR5gxYLfmWjXaoQtfaEB29mIr
- KdpxjQ22cKw40CTE+Pd78g599aUHV0SNVnN7nW82vyZVl5nEiIQ0a8nO/A7Q
- o1DnaSUykNENGxKQ7xShtV2Z9win2BkqBblkO86oIQuG8ExYvxnyEW1udL3o
- D2vNrG7toLRAl9mTcP+YJbIgNX3pZIu6kY5WZA5cUEsKjG8Io9O2q8EExzUS
- w55bpzDNWD7hd91m13vx3lIqlaWuOUvNVfT3WPPNYAhSOByWi/1c/wkE0sF9
- PKp3yi8pkK/uh50mfR6ZLTg3gDVJNobqWUeq8zay/4Wo5uzPGwgTa28gQSyT
- IXeAdmSXz9HQBKcvunEkwefgHSIvFHPDxQo+0kodVWNjqyYxCwiuCpaWsXbH
- IO7FL/+afYA3nCSk7Ijpo4Q/cKi0rtGBedvbxbLwwXlGhBDmimc6OLSHfaNQ
- +0sVk8BxFqxBDhEW9A0t4XyPJ3SVv8SC66ldLYHW71Uajyysp9lhOLFwWFfO
- sXwTMvXDF7q1x47d5s3UM8W34djobVBHjlrF8TNHLvI7DwrIktzRvJ60Qmch
- OIspFZHNdmMAD2EK/LVwcSVfP+bkBeez3pX53y8lDPqaJtEGwygRPhAYyKyg
- V0lwZoqcmJihxTLJPreolkIBbiWRh6TVafFAykxPJAdQDgQimS2o4FZtRkZt
- 3A4vwK5zWhzDTezBzzTZAC9NuJA6VYWhiRrQ8NKrOhbz8D2lgPnuhJu71/vE
- lfkAPCyQTIY8YYxDhL1XgnWsCCHleIAMHHpC+kGZ/vnu2nLIji2KR/ii1Fr1
- JbXh9E9i2GhHp0eucxYBwS50sVwAFdouM5pDi8kfIzT2Dzmd6mArUBBawjgt
- cHCc0yeL9YgXRNxo2tBf73biJRBsC/+rtguaxnacb6JCszUbfAwXO44AR9YV
- vuCg4WKp1zQrWRtN9E2fj9QXHyKcXEgKvaoUOmREipeS2DTdwG56PtDfRG/N
- UPdrZnCDhZTY5Yvqo106bfAj0SY/ULGTXe3paBwaOcLTKOGTkXUVpK2dcUdw
- k2TuiexKcRPlTjDMX/BH4HYeTeBR+UjZdOKGc2oQ4wsL4IsPhqcfK0GKVBCf
- eGJ+mGIbGCT2HcWb2igeXL+BRD6ykimO4DfspgfDgIUDB7FZFJuUoaDRjQ/I
- J4hWG6fLn9PNKFZ2BhQ1mv2eJy3yNiQXLtpkCarS2mRmipGVgrCHgO5S/TdL
- B9Otn9dHKY6cuXXhenH1vqXBsLCnPFeX/6ewhJ+MTWryE5cIhLbEZHq9RtbW
- zxJXe0eadPJXWLd6OBPqr0V9M/XGpI5q9k7tHpVvBn467RbQrAk7zkYQcOOL
- J1ZYDmzjELd662qLNLR36YIC0/lX6aw/6T1cOqgnoh7GUDpt/z8b9K99LXXx
- +FRO5KXSORj++DA3MdJoB4XeSkKPXp5xqoVP36/657ynj/dvNLhHS2QvcKvM
- Nnr3icyk0jAlWip/sE+mRYJJ7mz3yB/sNx6QZ1vtWIiEypNK+fGPmi8NbchY
- XPS99rbAmL0Kk66Xrjd63PqqWVw981YC3r6COxYQJR1v2l6WolAgcDdOU36f
- EY41ltzSdSBtmCa/0Y2OAYkk/J5KxpMjYxoW080b7WNWNpaud4tPb1kiS4OA
- 5NKSZpmyJwOogDsVrYyQrvybU7x+eybyGh7zU9JOhI81yt93O7kpeRjEbcTb
- hRwUA9JN0JAAxxJVBuM29/SY9pBwprkgVFPME0m1Jfti9m7mf6rfxCOgMTLS
- zpPRyLUjRYLx95W6AlUpCi9CTZhlSXZB6rtJGRfm8vz44nZXbtaE/qhAA7h/
- bf0OL9GVmROHm2w9nxeFtVGKBcmgDGECFgeBZfT+ImrAdSmed4GO0BqjzooJ
- EZuet7nnm40kz+wyZrJAzUyyXUjkVj01r6yLlX1dogul8aeGWe44iXaswiXv
- ZFfOh3ewMa93kdjJQI1WTc3LmpNUoMJD4QwPOIs6H8Vsyzu9DKefmvEWBBa1
- CxX+F32/XPvn3qX+Qi0eJE1rvRnynyTUNzQSOZtTB+YUAtmqUglLeN7E3cSC
- wlJ46co2TkyaRZqrY28cax90GhOgkmOZK8MZQ4kPDWA1tddS3QP5L558sWeZ
- K5aMEIYTwCazPsVcy7v6MNOM06Yhnce1BOhioDS8vPI8pf84HDC99MSZSvYr
- qvDmr/gOVY+BrYfk0E9y7l4eVSpD7uDEDhaPS6lTZrj5JclihoGGKWUPmg7q
- XXEH3rwF9NqloFBDNDIcYTnIOpdo+vDKF04oA4Q3K35dh67kwVjW/3DqdC5R
- k/AcB+8+nCjWCxjYCxF9EJpenSmYhS8Seeuly4w57qpT23bwDk39whqBvnz3
- o/tWFCLhC9EuQ95S5h7cKxTLatgfD6/U8zuA8kkFA2Aq9JB2kZthU1HWglr5
- 7OhcmTa3j4zEF/946VjmjneVxdsbbT2WAf4+hf7CuByI0xEeGmboJQ6sAvoo
- 1ASdTIzZbfnbI0KjBuNK7OkI0XtmUr+hz3bWGrrXXOeEXPLd8WCJf9QzWjnS
- kLta5LzCHU5D54w20W5OxKmIW8al8QweYPKgV/PrOFwYLy57+2NJuDfu7646
- uszXtkOdfvAHp98KR/cGdaBMTGqO54CFfTBm9GlZ0wnkiJw2KxoNiJlsBoXB
- ahHGJzBU2QMGmWCLlk9cJXHJsj0FwhxCeGionq5IeJ4aUHTACFTnRn0mLJIE
- 0rNAd6ZuprpGb8ZhMOD2Evyfhfi6QH8k7lQkvZFnAKBkCwm9VvNMtNnBK1Jw
- SZPc1RJ/zuh/q/K5ROLz+w2hAXB8uzAvxxq/rUr9q8OHtrNspQL1hCiTYIpM
- 39ty9yOFY+vGSNTgkwNEVeMU511nngQFRF/kyNAXNFGYLdR+LyOWDzH8QcP0
- PSH4aqYeRR8ID2Rm4dwOBw7r97wQmH3s8YRXQ/7fryTx/5d6mAnuFW6y3v33
- VSU+SSaC8u+D1QWPg5opS0I0/om8cF53+hlp5KMZVRQB2Orl4TqXaYAG9MQt
- f58DDo3aIKBGpw4cV34XVq0N71oxxsileK9Lwi+MdwYLSkgy/dfZHlV7hRCT
- BcFA+WD4GvCEVriLey6E5u7RSxKg3X2TeuLGM8q18HpAzaJtfWIu31bzBJrr
- 0/Wzm/MQXlwHNzWJdH0igetK9PJz5QZ+kkU7TaP+crYm4KrA/7/d+fEdLIIB
- zZQ6LDXJeQjW2gLSirKezuFbpHY1uhJibi1gASxqT1e2WuJTvliUSoc5aEiu
- yivOYX+nyg7+EpUl1WDsOqAbSchqsM1oQ5oCdkehWAN00szO+/Kn3SaIZLda
- v9pUtuxYSOTVNZECXq1nR4/0tMO9qFdlaBk8PzWIkeNkrCblZ8tS9yTpoSYe
- omUKIN0npvEqB6Vfdk0ZpxVxqErnsr8gGiCPmGebtklFFvGDdWI1gfnIrKeP
- Llirqqf3mIv8107hv8ozayWsHD1PhEiRKmputKU+5bb3PJb61MiFNaIdflgR
- OJYhZ6bhtVm/ofUQAUY2AATURZbkSYPHYidgXd45QoVOA0Oc5pxmA3f/tJ+f
- avp32Ix/y5MmzpPwUESjv7WPnvlU+WADzXuyTJXCOED6Y5LMp//U0lNr+AXQ
- rlc8d6na/DTTyIDFd42W+Yvy7wl0JofyIUSsPGRx/srzzeJAq0k31GmmMPXN
- TGb/HtFj+BaUDPn+5G/2KdCsCbFqKk2MiuBZ7GYVxJMH83zFAhxQy8APOgke
- b24elx5vnfEENvbFrlWHp48KJzHGiBwvabw2TGSsIZj0TCIIS179F7T/ecyy
- meSzL66S0bE3fMQW7PHJBEJfd1rF7Lzc1zyYOuEEKxKuZTAv0oNJa7boRFWN
- b7xfkInLzKPfTfNlY9txwOqlGWYfZxa4d6fBKbVxdspf8WnTIrXgWshjWYcV
- /r8P6g==]
+ ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAt3on6CqHyfkSR12NDKy27ln9CNYSig4vnazz
+ 1SU89n50FroloNyQNkryp9owAQhmlkdI8+XQxMfP+ujXNahj2mjQQPJullm/
+ i0/8Yr11b9e6CQ/S940Re6203Z+wJDOtOiiv7lckWeBojfvbh0jxU21wvgRM
+ WQy8qpyfReAeopxxjv7ibWR3/WdJIReIWgQnCtJv7Is5a+QqpYXbDb6G3AK0
+ sHFyY2ZYmWOROwCV7cIRr51Ta7NLIC2y0U+TDc5FLzCR0sauA8jtvSc58pT5
+ DFHBTsYdqlnlH0bsxqAffYuZdZfCB2gZhRFyshxprJt6Pp5DEsHlzmBgVu3d
+ 8Pg0uzCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEJUGBdM86l45Q2aM
+ CTGHxoaAggzQkBGmiEON8uEXus4pljSwufuQuH7+XLQxlE91NTaXiJaDh3q2
+ iIfH+2/Z33GfOCsDrOkxtaHKrxAGatxvOQUKtfl8kCAkSNK2qrlRhfqyeJiR
+ 8twoLYe/p7ijufLZBxR05KrwfJC5baWqA4f1psy2c4kStgTe6w4T7iJMhAHH
+ mQM7FfbZgKncmsPAdEAxGj0r0sf0iLCOkAQsoZQ52J5oKUE8/q1ywjMYnnEy
+ a15JyQpODCjUI9pTpuGwUr90bnFAh9/WWblEQROwSdjCM/tRnMYlB5LW7pGE
+ WfXIZ/pxax7KDd9x3LG6gtDLyKpOCPSrotkO5NmjPKbJBu1PWeKT2tRWRUXR
+ Ss5D1nvCipJUgijwAsXpiojCHBOgo9zjXe7PKoqT+H3sGJ0Fj8tO8L+tEs63
+ lVbYA2cIX4x8f8HGzIQoQu0bqPX+ZNO1kDxjR5gxYLfmWjXaoQtfaEB29mIr
+ KdpxjQ22cKw40CTE+Pd78g599aUHV0SNVnN7nW82vyZVl5nEiIQ0a8nO/A7Q
+ o1DnaSUykNENGxKQ7xShtV2Z9win2BkqBblkO86oIQuG8ExYvxnyEW1udL3o
+ D2vNrG7toLRAl9mTcP+YJbIgNX3pZIu6kY5WZA5cUEsKjG8Io9O2q8EExzUS
+ w55bpzDNWD7hd91m13vx3lIqlaWuOUvNVfT3WPPNYAhSOByWi/1c/wkE0sF9
+ PKp3yi8pkK/uh50mfR6ZLTg3gDVJNobqWUeq8zay/4Wo5uzPGwgTa28gQSyT
+ IXeAdmSXz9HQBKcvunEkwefgHSIvFHPDxQo+0kodVWNjqyYxCwiuCpaWsXbH
+ IO7FL/+afYA3nCSk7Ijpo4Q/cKi0rtGBedvbxbLwwXlGhBDmimc6OLSHfaNQ
+ +0sVk8BxFqxBDhEW9A0t4XyPJ3SVv8SC66ldLYHW71Uajyysp9lhOLFwWFfO
+ sXwTMvXDF7q1x47d5s3UM8W34djobVBHjlrF8TNHLvI7DwrIktzRvJ60Qmch
+ OIspFZHNdmMAD2EK/LVwcSVfP+bkBeez3pX53y8lDPqaJtEGwygRPhAYyKyg
+ V0lwZoqcmJihxTLJPreolkIBbiWRh6TVafFAykxPJAdQDgQimS2o4FZtRkZt
+ 3A4vwK5zWhzDTezBzzTZAC9NuJA6VYWhiRrQ8NKrOhbz8D2lgPnuhJu71/vE
+ lfkAPCyQTIY8YYxDhL1XgnWsCCHleIAMHHpC+kGZ/vnu2nLIji2KR/ii1Fr1
+ JbXh9E9i2GhHp0eucxYBwS50sVwAFdouM5pDi8kfIzT2Dzmd6mArUBBawjgt
+ cHCc0yeL9YgXRNxo2tBf73biJRBsC/+rtguaxnacb6JCszUbfAwXO44AR9YV
+ vuCg4WKp1zQrWRtN9E2fj9QXHyKcXEgKvaoUOmREipeS2DTdwG56PtDfRG/N
+ UPdrZnCDhZTY5Yvqo106bfAj0SY/ULGTXe3paBwaOcLTKOGTkXUVpK2dcUdw
+ k2TuiexKcRPlTjDMX/BH4HYeTeBR+UjZdOKGc2oQ4wsL4IsPhqcfK0GKVBCf
+ eGJ+mGIbGCT2HcWb2igeXL+BRD6ykimO4DfspgfDgIUDB7FZFJuUoaDRjQ/I
+ J4hWG6fLn9PNKFZ2BhQ1mv2eJy3yNiQXLtpkCarS2mRmipGVgrCHgO5S/TdL
+ B9Otn9dHKY6cuXXhenH1vqXBsLCnPFeX/6ewhJ+MTWryE5cIhLbEZHq9RtbW
+ zxJXe0eadPJXWLd6OBPqr0V9M/XGpI5q9k7tHpVvBn467RbQrAk7zkYQcOOL
+ J1ZYDmzjELd662qLNLR36YIC0/lX6aw/6T1cOqgnoh7GUDpt/z8b9K99LXXx
+ +FRO5KXSORj++DA3MdJoB4XeSkKPXp5xqoVP36/657ynj/dvNLhHS2QvcKvM
+ Nnr3icyk0jAlWip/sE+mRYJJ7mz3yB/sNx6QZ1vtWIiEypNK+fGPmi8NbchY
+ XPS99rbAmL0Kk66Xrjd63PqqWVw981YC3r6COxYQJR1v2l6WolAgcDdOU36f
+ EY41ltzSdSBtmCa/0Y2OAYkk/J5KxpMjYxoW080b7WNWNpaud4tPb1kiS4OA
+ 5NKSZpmyJwOogDsVrYyQrvybU7x+eybyGh7zU9JOhI81yt93O7kpeRjEbcTb
+ hRwUA9JN0JAAxxJVBuM29/SY9pBwprkgVFPME0m1Jfti9m7mf6rfxCOgMTLS
+ zpPRyLUjRYLx95W6AlUpCi9CTZhlSXZB6rtJGRfm8vz44nZXbtaE/qhAA7h/
+ bf0OL9GVmROHm2w9nxeFtVGKBcmgDGECFgeBZfT+ImrAdSmed4GO0BqjzooJ
+ EZuet7nnm40kz+wyZrJAzUyyXUjkVj01r6yLlX1dogul8aeGWe44iXaswiXv
+ ZFfOh3ewMa93kdjJQI1WTc3LmpNUoMJD4QwPOIs6H8Vsyzu9DKefmvEWBBa1
+ CxX+F32/XPvn3qX+Qi0eJE1rvRnynyTUNzQSOZtTB+YUAtmqUglLeN7E3cSC
+ wlJ46co2TkyaRZqrY28cax90GhOgkmOZK8MZQ4kPDWA1tddS3QP5L558sWeZ
+ K5aMEIYTwCazPsVcy7v6MNOM06Yhnce1BOhioDS8vPI8pf84HDC99MSZSvYr
+ qvDmr/gOVY+BrYfk0E9y7l4eVSpD7uDEDhaPS6lTZrj5JclihoGGKWUPmg7q
+ XXEH3rwF9NqloFBDNDIcYTnIOpdo+vDKF04oA4Q3K35dh67kwVjW/3DqdC5R
+ k/AcB+8+nCjWCxjYCxF9EJpenSmYhS8Seeuly4w57qpT23bwDk39whqBvnz3
+ o/tWFCLhC9EuQ95S5h7cKxTLatgfD6/U8zuA8kkFA2Aq9JB2kZthU1HWglr5
+ 7OhcmTa3j4zEF/946VjmjneVxdsbbT2WAf4+hf7CuByI0xEeGmboJQ6sAvoo
+ 1ASdTIzZbfnbI0KjBuNK7OkI0XtmUr+hz3bWGrrXXOeEXPLd8WCJf9QzWjnS
+ kLta5LzCHU5D54w20W5OxKmIW8al8QweYPKgV/PrOFwYLy57+2NJuDfu7646
+ uszXtkOdfvAHp98KR/cGdaBMTGqO54CFfTBm9GlZ0wnkiJw2KxoNiJlsBoXB
+ ahHGJzBU2QMGmWCLlk9cJXHJsj0FwhxCeGionq5IeJ4aUHTACFTnRn0mLJIE
+ 0rNAd6ZuprpGb8ZhMOD2Evyfhfi6QH8k7lQkvZFnAKBkCwm9VvNMtNnBK1Jw
+ SZPc1RJ/zuh/q/K5ROLz+w2hAXB8uzAvxxq/rUr9q8OHtrNspQL1hCiTYIpM
+ 39ty9yOFY+vGSNTgkwNEVeMU511nngQFRF/kyNAXNFGYLdR+LyOWDzH8QcP0
+ PSH4aqYeRR8ID2Rm4dwOBw7r97wQmH3s8YRXQ/7fryTx/5d6mAnuFW6y3v33
+ VSU+SSaC8u+D1QWPg5opS0I0/om8cF53+hlp5KMZVRQB2Orl4TqXaYAG9MQt
+ f58DDo3aIKBGpw4cV34XVq0N71oxxsileK9Lwi+MdwYLSkgy/dfZHlV7hRCT
+ BcFA+WD4GvCEVriLey6E5u7RSxKg3X2TeuLGM8q18HpAzaJtfWIu31bzBJrr
+ 0/Wzm/MQXlwHNzWJdH0igetK9PJz5QZ+kkU7TaP+crYm4KrA/7/d+fEdLIIB
+ zZQ6LDXJeQjW2gLSirKezuFbpHY1uhJibi1gASxqT1e2WuJTvliUSoc5aEiu
+ yivOYX+nyg7+EpUl1WDsOqAbSchqsM1oQ5oCdkehWAN00szO+/Kn3SaIZLda
+ v9pUtuxYSOTVNZECXq1nR4/0tMO9qFdlaBk8PzWIkeNkrCblZ8tS9yTpoSYe
+ omUKIN0npvEqB6Vfdk0ZpxVxqErnsr8gGiCPmGebtklFFvGDdWI1gfnIrKeP
+ Llirqqf3mIv8107hv8ozayWsHD1PhEiRKmputKU+5bb3PJb61MiFNaIdflgR
+ OJYhZ6bhtVm/ofUQAUY2AATURZbkSYPHYidgXd45QoVOA0Oc5pxmA3f/tJ+f
+ avp32Ix/y5MmzpPwUESjv7WPnvlU+WADzXuyTJXCOED6Y5LMp//U0lNr+AXQ
+ rlc8d6na/DTTyIDFd42W+Yvy7wl0JofyIUSsPGRx/srzzeJAq0k31GmmMPXN
+ TGb/HtFj+BaUDPn+5G/2KdCsCbFqKk2MiuBZ7GYVxJMH83zFAhxQy8APOgke
+ b24elx5vnfEENvbFrlWHp48KJzHGiBwvabw2TGSsIZj0TCIIS179F7T/ecyy
+ meSzL66S0bE3fMQW7PHJBEJfd1rF7Lzc1zyYOuEEKxKuZTAv0oNJa7boRFWN
+ b7xfkInLzKPfTfNlY9txwOqlGWYfZxa4d6fBKbVxdspf8WnTIrXgWshjWYcV
+ /r8P6g==]
profiles::cacert_selfservice::jwt_private_key: >
- ENC[PKCS7,MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAqkP3W1VRWy1uh8R6lGuqFXDVf+B0HhrFHmvn
- FtxQWRVlQZzudoQnWJsLR/J41qk7bX/eOmv8S5nKIwRIvovwb7tI+T9TaJ33
- hXUMZ9TBTjkz3OD6Pv/dsp/2zvGFHICEwIcUaJD2tBAqFPM1JhlJqXAwRNCK
- d2r8787fglChU/EpMhA45FvXvkCDxBE9W+L+aMzMlV6DcnQPCqKZwADQuBDS
- qw41j/hvmPzjconmV8aknXBdTaKUqKuspmn3tLIQGMRHUnKxq80AV5kdqlTy
- 1PwhN6FdFqBfosJuemV6eM6B0wupa4NK5iYvuRN/htQXJOjw562KUPDE1oe3
- PXqK0DCCAR0GCSqGSIb3DQEHATAdBglghkgBZQMEASoEECj13+wuFOeVRqiX
- d/s4ZZSAgfAx98UDQlEtcfX+5fCgw2ofqTD1K1KBzpGemGD9UbK0AI+sFhpY
- SyeuzhXS+s/XP9MYtlHgZiVgt7B95+EnCoGNGWfY5gWFzSvu63zikEGTT9tf
- 6iPS/A4sYu+HFPuE/ryHrCBJi0e1yaf2pa5IctFhpeWF++Dw3pmYC3c3sZb6
- ieCxxZ4r+NiPvS3xnAE+q3P7z5R3OTVYZkmLCupzBtnqi8Ne/TdvmUBWDtw4
- 2v8bs97vfnguWiynjekfeZgjO28SWiJYwLFuQUtV+kvYl9baPpORFTfuI3Rs
- dCF8snPWlLs3m+PXsz2HoiGe0s2tBKM=]
+ ENC[PKCS7,MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAqkP3W1VRWy1uh8R6lGuqFXDVf+B0HhrFHmvn
+ FtxQWRVlQZzudoQnWJsLR/J41qk7bX/eOmv8S5nKIwRIvovwb7tI+T9TaJ33
+ hXUMZ9TBTjkz3OD6Pv/dsp/2zvGFHICEwIcUaJD2tBAqFPM1JhlJqXAwRNCK
+ d2r8787fglChU/EpMhA45FvXvkCDxBE9W+L+aMzMlV6DcnQPCqKZwADQuBDS
+ qw41j/hvmPzjconmV8aknXBdTaKUqKuspmn3tLIQGMRHUnKxq80AV5kdqlTy
+ 1PwhN6FdFqBfosJuemV6eM6B0wupa4NK5iYvuRN/htQXJOjw562KUPDE1oe3
+ PXqK0DCCAR0GCSqGSIb3DQEHATAdBglghkgBZQMEASoEECj13+wuFOeVRqiX
+ d/s4ZZSAgfAx98UDQlEtcfX+5fCgw2ofqTD1K1KBzpGemGD9UbK0AI+sFhpY
+ SyeuzhXS+s/XP9MYtlHgZiVgt7B95+EnCoGNGWfY5gWFzSvu63zikEGTT9tf
+ 6iPS/A4sYu+HFPuE/ryHrCBJi0e1yaf2pa5IctFhpeWF++Dw3pmYC3c3sZb6
+ ieCxxZ4r+NiPvS3xnAE+q3P7z5R3OTVYZkmLCupzBtnqi8Ne/TdvmUBWDtw4
+ 2v8bs97vfnguWiynjekfeZgjO28SWiJYwLFuQUtV+kvYl9baPpORFTfuI3Rs
+ dCF8snPWlLs3m+PXsz2HoiGe0s2tBKM=]
profiles::x509cert_common::certificates:
'webmail.cacert.org':
certificate: |
-----BEGIN CERTIFICATE-----
- MIIGdDCCBFygAwIBAgIDAuN8MA0GCSqGSIb3DQEBCwUAMFQxFDASBgNVBAoTC0NB
+ MIIGdDCCBFygAwIBAgIDAvroMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
- BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjAwNjA2MTExMDQxWhcNMjIwNjA2
- MTExMDQxWjBfMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
+ BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwNzE2MDkwODM1WhcNMjQwNzE1
+ MDkwODM1WjBfMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRswGQYDVQQDExJ3ZWJtYWlsLmNh
Y2VydC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCspKMHnd/Y
xvVqB7B/3bXfg7nReRR6WsP0xFzharKLkymoh3cMoFZU6gW/AyLPq2wicjJPtEUi
@@ -245,18 +245,18 @@ profiles::x509cert_common::certificates:
hidodHRwOi8vY3JsLmNhY2VydC5vcmcvY2xhc3MzLXJldm9rZS5jcmwweQYDVR0R
BHIwcIISd2VibWFpbC5jYWNlcnQub3JnoCAGCCsGAQUFBwgFoBQMEndlYm1haWwu
Y2FjZXJ0Lm9yZ4IUY29tbXVuaXR5LmNhY2VydC5vcmegIgYIKwYBBQUHCAWgFgwU
- Y29tbXVuaXR5LmNhY2VydC5vcmcwDQYJKoZIhvcNAQELBQADggIBAAStZDsACPPf
- /4NhO2O8ANSAOH6hIHFaxEbB4+aEY7an7rB/84Dis6O8xfh/K9Z+M9uob/jIfhEd
- 2bJdufSDbp3OkrhQj9/Acz2o0xettiFgJAh0SNf8/dH9U1cqRPCK3dNna6z8vOJJ
- XJJlyzTVli3N4AZOycmD3XNpC3INiEFOFRwfJLR7I4Nlv8YylmSc+BpnYlYQOWii
- TXfNWcmojuW/JHJT0xmMz0gpJOCbvjrd0MHVj8ygEP2u9a7kHMAE7o1Wc/P2KsqA
- +l1011KpjVNhO4Lln54ziWQ2F2x/R1dHNk5WrV9Y4J06drx1/UDR7QyLQ99II4YV
- qC+C/DYkwOzvBrWOWpoOov3PmrDEpsbVoWvIDyb0+G7xgm6nGSexaGbVxmXj07/o
- 7cW81GwohK29n6MXtVFcILAOHl5xyRH4f0PqRYx9WAu+pxpH8E423dnMpTNurkYS
- e5yNfo4tL+Fl91RcanwcVA0lFff07GsfFQn1ksgIMFvEVsVaK8OYHiOIgfr1eLUW
- DsCt63P8dEQf38vKlWD2XO7yD1jgjBOsFFbb/Eq8fGx8KiCGknNPZ2y2F4rhHew5
- od2HHMh61oL7n90kHdheFiPPwf8MtDb89yhPLPEKSLmVYB0NjhygOERwgZvix6Rm
- 49YgOhuoXJwGGiBI222zx/q/k6eI0wpB
+ Y29tbXVuaXR5LmNhY2VydC5vcmcwDQYJKoZIhvcNAQENBQADggIBAJI4h/417PFk
+ Ds/Q2v0regpEiIaXggnFLs3L3x58RP6uE4tAMTBiGrxbpytXxlIPLWdvBtxiJbQu
+ JycMKZ/ZvUUfHABKmVPpLMc1110CkDH4wnTH1/wdu/g35YrY91lI3ukVfhH+FCru
+ kL4vfS6CTYPf3rlJOf63FD/XdIJ3YtF1KVNwAoSoKrhU5+UJul+uY+30ghhsnrx/
+ gXuyoDr+/Qakz8WqYjVMe+gWqIVhabq/1UzIbNBb2Upc7o+9uoIw32sxQJPz8mxs
+ RlQdUd4XJLis/ZJIxGE7Ii8Fpyy7RxsSl7XDXlda9HNquf7gJP2bWaLje5RKBzzK
+ 2YM6goGKcbTvdhsBeRJRvmixeXcqEVqXUUtBvuDMsp1geDZag0PitvriedjB5zXd
+ DHg4F0mh6gV2MsMjhCzKvMY6nx8nf1GVZeQX0Me4c4W4gSUnXLmmUarmi0vg1OJ+
+ 61FLwxtCPyZAxlwnpMSCaT0KD8jzLz9fArv5dN2O0EqRHFzYQpVEAlHvfECA6FtR
+ ZcTGUPxat8auCOf5lVjHflCFdaGx5o483TqrATzQFfOZWzxtTrZ6H8BH6kRB0XSg
+ IeRxyzEqfD/IW+cJtKZplAJEzlv48BZImumLLQY+ROFryONYbLP3kIBsBsYelqNi
+ UtWEx9lSBrDbaHQNDUuH6yJmHZWYjgTg
-----END CERTIFICATE-----
private_key: >
ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw
diff --git a/hieradata/nodes/email.yaml b/hieradata/nodes/email.yaml
index f4f76cb..265a6de 100644
--- a/hieradata/nodes/email.yaml
+++ b/hieradata/nodes/email.yaml
@@ -6,16 +6,16 @@ profiles::base::admins:
- law
- jselzer
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEADx2myUcKr6RUVuWzwacoj5CCXO8klQz3wvjy
- kTIzTiJ5orDP4DKEBff039aBlocks3IWpvdXdv4qLdpHt4jrRpnUi7P7/w/A
- uYx+5+3euAF/EHOIDZ6BKnvW5K1BbGcVug0OVxYfqmHKcPu6ChQyYnvEnSmx
- Tt/n7MNcczAONzibh/o+IiEdpBkSeI6SOuOOa6au0KeA/vXNQyBgz1wD7JDr
- HqKpMYpmAqVfXqQTzjgNVTU7Xh1Cvj85d/oNrfhVJGy62LW09CRUALeATlF3
- dyyXly8q/Zjm+DeYom9futjUFWhQUTft58YOE+LSIYbvC4RsPdmMU+AaMdGM
- aVBhmjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDmO1bK1F+o/ClrvyHP
- qDUegDB5FE/kCJHikejLTd9x65fkNuaUMs9uTYaTUydsk/yPsD/fZWpRU3hM
- nUgJAjygFfc=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEADx2myUcKr6RUVuWzwacoj5CCXO8klQz3wvjy
+ kTIzTiJ5orDP4DKEBff039aBlocks3IWpvdXdv4qLdpHt4jrRpnUi7P7/w/A
+ uYx+5+3euAF/EHOIDZ6BKnvW5K1BbGcVug0OVxYfqmHKcPu6ChQyYnvEnSmx
+ Tt/n7MNcczAONzibh/o+IiEdpBkSeI6SOuOOa6au0KeA/vXNQyBgz1wD7JDr
+ HqKpMYpmAqVfXqQTzjgNVTU7Xh1Cvj85d/oNrfhVJGy62LW09CRUALeATlF3
+ dyyXly8q/Zjm+DeYom9futjUFWhQUTft58YOE+LSIYbvC4RsPdmMU+AaMdGM
+ aVBhmjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDmO1bK1F+o/ClrvyHP
+ qDUegDB5FE/kCJHikejLTd9x65fkNuaUMs9uTYaTUydsk/yPsD/fZWpRU3hM
+ nUgJAjygFfc=]
profiles::cacert_selfservice_api::client_identities:
- id: cac3ad11-fa50-43f6-8ded-15f598b6ca2a
key: |
@@ -24,147 +24,147 @@ profiles::cacert_selfservice_api::client_identities:
0J/6SxMU+jix4InG1tFL6yiikQqZMY9Gu4yYgF/WhiLrgjPbaGvlln0/FA==
-----END PUBLIC KEY-----
profiles::cacert_selfservice_api::db_password: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAjOBz2QKZTSY8lyV3SWjjatpm4CdVHPr4kfmx
- UwfclDNRZr2w2vZgFLOlImfwJCpGa0xJsEHtS+IEkIV8Mh7jfCmQ6bVWDGtt
- q1mYRdFHtUX4P2/Yw0sSXuMa7IGKeV7xYL3KNxZljjNieNP//DoCKF1MNE0V
- ik2xO6IRTd8vT2VAVOxSgarn9hs5aL7PpxmvTH0rp+Q5pgjUm4cHFjbW3ur5
- q2XWwfydXPfnBsG17xHlrFJowMZM9fRyq7FuYsm+zIYkm1+AgzFEr6ogA4Fc
- pTVghKACVzFMpd9v7u9FRvqbrUR+Q1GdckbwkvAJlkCkPLKah1LHoZW4jHlj
- OWG1xTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDMdsp1Zc87SdO2yp+w
- R9V1gDAZYPSwQJ/GbXBPy614dS5z++Q/8Go0Eve3bX+atTkYa4q3E5qrscAb
- CtCL1kfU66I=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAjOBz2QKZTSY8lyV3SWjjatpm4CdVHPr4kfmx
+ UwfclDNRZr2w2vZgFLOlImfwJCpGa0xJsEHtS+IEkIV8Mh7jfCmQ6bVWDGtt
+ q1mYRdFHtUX4P2/Yw0sSXuMa7IGKeV7xYL3KNxZljjNieNP//DoCKF1MNE0V
+ ik2xO6IRTd8vT2VAVOxSgarn9hs5aL7PpxmvTH0rp+Q5pgjUm4cHFjbW3ur5
+ q2XWwfydXPfnBsG17xHlrFJowMZM9fRyq7FuYsm+zIYkm1+AgzFEr6ogA4Fc
+ pTVghKACVzFMpd9v7u9FRvqbrUR+Q1GdckbwkvAJlkCkPLKah1LHoZW4jHlj
+ OWG1xTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDMdsp1Zc87SdO2yp+w
+ R9V1gDAZYPSwQJ/GbXBPy614dS5z++Q/8Go0Eve3bX+atTkYa4q3E5qrscAb
+ CtCL1kfU66I=]
profiles::cacert_selfservice_api::db_username: >
- ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAOj5c9aTiQd+MKVJmAoSMp+9/9YtdFmRtCyyA
- 6BMb3YqvQT8D70VI3Ttq6AaF0S3xttJvwHdDUgYv4pEJ9V7dnQUZb/mGi7ZN
- NM/R7VPN7sT/yS/z45TvGyz/VjSQuisCzj/cCg6ikXg2//BXj2h68BebiQz+
- 2NqJWrucTCjvK48eEu8QDKzigUyjGOpwkVD89RB2dHacSPbHqA5yTP1YLQdY
- JiG8S/IAqMjVKzuQiPnqrfmLBqiFHoARF68UML1rS46Tt5bV4DcVriIjZiUN
- Nt9bzOpBkyFkqAYFzXbYyQ3JeR4Mfb9i2wP+tIw5Hd2GaeoWBEJAdaqzsOb0
- 5NJX+DA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCl0t3nd/FDwqktfYoZ
- ReaagBBkwO8Mi7X2JTPI4jX5lDrS]
+ ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAOj5c9aTiQd+MKVJmAoSMp+9/9YtdFmRtCyyA
+ 6BMb3YqvQT8D70VI3Ttq6AaF0S3xttJvwHdDUgYv4pEJ9V7dnQUZb/mGi7ZN
+ NM/R7VPN7sT/yS/z45TvGyz/VjSQuisCzj/cCg6ikXg2//BXj2h68BebiQz+
+ 2NqJWrucTCjvK48eEu8QDKzigUyjGOpwkVD89RB2dHacSPbHqA5yTP1YLQdY
+ JiG8S/IAqMjVKzuQiPnqrfmLBqiFHoARF68UML1rS46Tt5bV4DcVriIjZiUN
+ Nt9bzOpBkyFkqAYFzXbYyQ3JeR4Mfb9i2wP+tIw5Hd2GaeoWBEJAdaqzsOb0
+ 5NJX+DA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCl0t3nd/FDwqktfYoZ
+ ReaagBBkwO8Mi7X2JTPI4jX5lDrS]
profiles::cacert_selfservice_api::mail_host: email.cacert.org
profiles::cacert_selfservice_api::server_certificate: |
- -----BEGIN CERTIFICATE-----
- MIIGRjCCBC6gAwIBAgIDAvE0MA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
- Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
- BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjEwNzE2MjIyMTMzWhcNMjMwNzE2
- MjIyMTMzWjBjMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
- eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMR8wHQYDVQQDExZlbWFpbC5pbmZy
- YS5jYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzyu4
- maECP9uBDeaqV9WDkEHj4YM67yMhenpdvabPV9b7bWXX0EeBmXiEd+8sHKR3cJqn
- i2RAnthNJdNYHf0cgJjyhDGAVU5RL1uZMaEbtTIX7jWPbXMp1OX2I8pDtgB5QLAm
- Q5sKmXhgH+DCVhxaud5B/CCI6eGfMjxH4fi5+iqSWsopa8Eh6If6pgh1WcFiXu+U
- QUa+2oSOwzG+AS16g1guNq+dqQKpGDx+qT4gg/QWrt5/bEhTlZOMUUPi9MoIV5lU
- Lqdgkn6Df6DPisT7S7iYrEM3HBLsxxoCT934UP/TN7yaOjgXYLVO59YzltOCAPiK
- nqheDAgHTFOqEQjxzY49fr4xHzf7eS4AaZzkM5x65lL7gmCXBKhOgGf5o1uiy90/
- nP1A16QWJZbjFZs/ExwSOqDUMqp2rfxkjE8UCHy2WQeBsOYUrWeDqUMoAlPRDbnM
- EYYY+cbddFiorBsT8Pps/qJzp6jYnFK38N+jRY8VkaDfN4L2LIkNv6lpiCt/7QNi
- 7+LzFfzaSNkThaF4Gp0feTbzLvuMhMuZevC1MynrYyvCCoSgRPl8WuFvY+Unb4Cy
- gjTpf6GIyNmnDFkVrGNX6VEXIJrJA7OmlWN4aKlyeNKpUhKkjAAh+GA72PpD6Hmq
- SxFNPKQrVzzToXebo4y48axz6lklSlK8uTgrBh8CAwEAAaOCARAwggEMMAwGA1Ud
- EwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMDQGA1UdJQQtMCsGCCsGAQUFBwMCBggr
- BgEFBQcDAQYJYIZIAYb4QgQBBgorBgEEAYI3CgMDMDMGCCsGAQUFBwEBBCcwJTAj
- BggrBgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9yZy8wOAYDVR0fBDEwLzAt
- oCugKYYnaHR0cDovL2NybC5jYWNlcnQub3JnL2NsYXNzMy1yZXZva2UuY3JsMEcG
- A1UdEQRAMD6CFmVtYWlsLmluZnJhLmNhY2VydC5vcmegJAYIKwYBBQUHCAWgGAwW
- ZW1haWwuaW5mcmEuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAXcqBRwu1
- JoeInJvvFBXJK1mn+vqX/jF7FEybBEI4qt8zO38nsqDu/+AWtMsrCcC1SjgZu/wL
- b0hjZAbfyK52oyzigv+LUxRI47BTcriKbNVR1tRvPuU013gAyxoXMwiVeDcMXDaT
- hy2BfKoewuXSNE+gtCEA2EIu2ecb50+Vj24VhiwyVbrpshc6QOLVwNOL4nkT+bqq
- T151LZYPWAL3PjsApVCo9OVgp3+UMcpUHKYD371cFVF/T2+Gx9tqEsnw9EDsI3r3
- UNSDcCuRICviEEugLRRbjq5NKQ1Exl2jMte4y32FYOU9MeS42slYuTczf0Jk1OZT
- WrtUQCgK5XWAk6zdOyg5IZb7uIFhEkq+A5rlFevi/OMOloMnNNZnCuBcLJWhIKme
- WvzBwBSL8AErsw1ErzzIaAMUnRYMINVmIpjY4Kvo0S9/OPp+R+yt6AmgR7i5Tx+q
- ubDBqCtZF//8nRJMsaW0IhhlBZjl8p1WUqyTz4bzX+M7lyRMuP7N4VlrLh/2bCDc
- vvpjHjlsqDcTiTNdMuJMgh747Y/kB7g1G2GzQtb+PCPbpUpgXHZedVR1NF566vXx
- y6ICDSC0zCLzuLDl9mH1Jf/4uXFa+frb0FMMuHr5/tGPd8LeTVY/N9nwOrra5fPN
- op/Jwgf6Qp3PDtdu51Eky3oAk4e/eqNkJLs=
- -----END CERTIFICATE-----
+ -----BEGIN CERTIFICATE-----
+ MIIGRjCCBC6gAwIBAgIDAvE0MA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
+ Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
+ BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjEwNzE2MjIyMTMzWhcNMjMwNzE2
+ MjIyMTMzWjBjMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
+ eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMR8wHQYDVQQDExZlbWFpbC5pbmZy
+ YS5jYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzyu4
+ maECP9uBDeaqV9WDkEHj4YM67yMhenpdvabPV9b7bWXX0EeBmXiEd+8sHKR3cJqn
+ i2RAnthNJdNYHf0cgJjyhDGAVU5RL1uZMaEbtTIX7jWPbXMp1OX2I8pDtgB5QLAm
+ Q5sKmXhgH+DCVhxaud5B/CCI6eGfMjxH4fi5+iqSWsopa8Eh6If6pgh1WcFiXu+U
+ QUa+2oSOwzG+AS16g1guNq+dqQKpGDx+qT4gg/QWrt5/bEhTlZOMUUPi9MoIV5lU
+ Lqdgkn6Df6DPisT7S7iYrEM3HBLsxxoCT934UP/TN7yaOjgXYLVO59YzltOCAPiK
+ nqheDAgHTFOqEQjxzY49fr4xHzf7eS4AaZzkM5x65lL7gmCXBKhOgGf5o1uiy90/
+ nP1A16QWJZbjFZs/ExwSOqDUMqp2rfxkjE8UCHy2WQeBsOYUrWeDqUMoAlPRDbnM
+ EYYY+cbddFiorBsT8Pps/qJzp6jYnFK38N+jRY8VkaDfN4L2LIkNv6lpiCt/7QNi
+ 7+LzFfzaSNkThaF4Gp0feTbzLvuMhMuZevC1MynrYyvCCoSgRPl8WuFvY+Unb4Cy
+ gjTpf6GIyNmnDFkVrGNX6VEXIJrJA7OmlWN4aKlyeNKpUhKkjAAh+GA72PpD6Hmq
+ SxFNPKQrVzzToXebo4y48axz6lklSlK8uTgrBh8CAwEAAaOCARAwggEMMAwGA1Ud
+ EwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMDQGA1UdJQQtMCsGCCsGAQUFBwMCBggr
+ BgEFBQcDAQYJYIZIAYb4QgQBBgorBgEEAYI3CgMDMDMGCCsGAQUFBwEBBCcwJTAj
+ BggrBgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9yZy8wOAYDVR0fBDEwLzAt
+ oCugKYYnaHR0cDovL2NybC5jYWNlcnQub3JnL2NsYXNzMy1yZXZva2UuY3JsMEcG
+ A1UdEQRAMD6CFmVtYWlsLmluZnJhLmNhY2VydC5vcmegJAYIKwYBBQUHCAWgGAwW
+ ZW1haWwuaW5mcmEuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAXcqBRwu1
+ JoeInJvvFBXJK1mn+vqX/jF7FEybBEI4qt8zO38nsqDu/+AWtMsrCcC1SjgZu/wL
+ b0hjZAbfyK52oyzigv+LUxRI47BTcriKbNVR1tRvPuU013gAyxoXMwiVeDcMXDaT
+ hy2BfKoewuXSNE+gtCEA2EIu2ecb50+Vj24VhiwyVbrpshc6QOLVwNOL4nkT+bqq
+ T151LZYPWAL3PjsApVCo9OVgp3+UMcpUHKYD371cFVF/T2+Gx9tqEsnw9EDsI3r3
+ UNSDcCuRICviEEugLRRbjq5NKQ1Exl2jMte4y32FYOU9MeS42slYuTczf0Jk1OZT
+ WrtUQCgK5XWAk6zdOyg5IZb7uIFhEkq+A5rlFevi/OMOloMnNNZnCuBcLJWhIKme
+ WvzBwBSL8AErsw1ErzzIaAMUnRYMINVmIpjY4Kvo0S9/OPp+R+yt6AmgR7i5Tx+q
+ ubDBqCtZF//8nRJMsaW0IhhlBZjl8p1WUqyTz4bzX+M7lyRMuP7N4VlrLh/2bCDc
+ vvpjHjlsqDcTiTNdMuJMgh747Y/kB7g1G2GzQtb+PCPbpUpgXHZedVR1NF566vXx
+ y6ICDSC0zCLzuLDl9mH1Jf/4uXFa+frb0FMMuHr5/tGPd8LeTVY/N9nwOrra5fPN
+ op/Jwgf6Qp3PDtdu51Eky3oAk4e/eqNkJLs=
+ -----END CERTIFICATE-----
profiles::cacert_selfservice_api::server_private_key: >
- ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAo+kOuakLJWl4gVaTboTX9JodKuNNtKTTFQk2
- bDFa3brAitjmvnoNsX27+Qi+JCQJ9fuqCI1pkdiWDP6iXB5XORFLXRCUBLCA
- 5ZNf2me3u8SYgxOH1yVo7AgDw8J6bYqQwcecTm0y0DkmZgEQBryZJVHe6CPD
- 7WqBwJreoYI6z/AMoeG9GAsa4CjziRvBTfbymXYtjO3prssRaCQ0rXHiD6JU
- 5a90YZm1U2/VwqwjWpTgYFD05hIHCtyD5PNlB8xd+S9sFRsRkRAFIUXkGIfI
- 6fjXHe7Jd5bTxMaKIaZmhuxqf4XEqf2qu0mMd9134XzhHJud5EmnH4HGjuIq
- NRvCtDCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEAWjoyge8WbAplaP
- 30tTCheAggzQ1xj7c23DNmkfATMVVBXlMO29wiov/MncD8zumAY+Jp0g+2Y0
- z7sN6TJdcFMWgEf1+6TPtZnIfWJ04TmpnYEaZd74J+xbUqKEakp56A2CdKdP
- wf8oiWX5FD2zvU7irXuU6G9k7eCn9K71gNXDrlEw+roKIZskPo1jVhGNRg/U
- Hv4WaticAlEv/txJJKCyQOSz4H8msmV13jKa7yLruM96Pm+AzxEk4NaV/DEB
- FS2dvDIQYOXaQZfKMNKSgutnaKeUuyw0VeCMY4y5iRkHGIGJ91iy6KmSa2cS
- R53o9CMpFcN9LUhMAvNdB8ZIv5qFapndIqjZXa+wSS1ixKoOa/1uXpPcGnDs
- drx0N7NeN8J4/TqlkAFm2Ga2ehjxVGCrN37jH6Z3cr9qFF/1x40ujuSaCI9/
- eC3gZNwowQOzqfINkZdXW/MLmAFeKm+2Bznh/syO2cb8n0TK0hncrf6sqA+k
- JTCYvwqoTDHiWWkXJ7u5uGTdbIxl1H9LPgJpRqNK7G7BItV0Do20CG+uKEVx
- gMlA743kdPjXZ4GbPPtSVbS5iEhfHo0IGVb8mQvNeye32NfT1QsgkNT9NNFK
- U2aFiROwYJGYoJ5zcth9HXMLInjfOggdvZM0DLKz65p8Hob5F3sNhZrSyFEm
- MEFYS8fsoNVdfmkBZ8JA8nHYOAaUMqmhhFDIn4g3Mnb7kGur+t97C1MzsqOI
- lqz8Vdhm3gqL/UKZp2NoPIyH1cTUACtpOXz8nJY25QJdEyhzgkX7UnGCRRuz
- Ev8dPZFRxNwuNO2N7ziDijePK9/VT9iK3CKb4gH8l/Zx51x62mUSGXEnNj6b
- Wwnde/o3acqGUF6qvyzeBHelDoSEC336zzCRyut0bGJD3P5zgmNYJ9WUQfph
- n2FdLv1Ddy9m0o1W+k0AUjKg+/Tfs/0Cw7Ma5EaykRvhP57HyteVCCwJIbhf
- Tf+8A3hw7lGwtUcTaclLs9o6JOhMzepWsigr/M1p3Ec/yjhORMCph7uD24UV
- cz2sd9BZhPUHi/NpBUt+KlxyRkwZzFfX8yKGzzp9kgO0EOcjKNq2tFfTY6xn
- /7Wu6tCp2DPFV/SZUcvF5SYuh2RSNBotj/BcGnY5/V8FACHxHLI2WCKCBHPZ
- 5SMx2JXxzg975HO5v6RK8gKiF//znG5u1U3JuS6NhGq90/EbAhhvF+LoCb6E
- dyWy1jWWOvrWAOa6nGxP+55wdQUGpgey2bADp9lhPKcAMyJz/VOt16tpmyOJ
- 565ykWISRIk3zb9pffTnlJGqC/zEDN2IBydQ5cl7b1wK5pZWLBnL4De/14T0
- 5TWcZOYXd+xBdZtBi83owAWYFts3MD1RCz40FZJRkbj7QPalkDDFR32XQQW3
- oPuxpNPwwUGfv/m/w2sIVeTSD4r6iEnYQreJ9xGHU7shErFjSWbYVeB/6wL+
- Ty4PCPz9JaqDQgECTy7gNBNyw6n3ucVrmIhnEbN6tk3c8ehgWspeDgI9LNfx
- hk0fUJLUBEnm/TINGolSdAsQSe/fZcOfq5L26SvSzJFlurFmmkaM5nF9kk06
- cvLqBdHOIEo1uHZYnlU+qETdsFcWo5ZrA8EN0j5s0XxK+yZuVgah3uPZ47XQ
- VrYJhaXTfSz0ybjiQRcteuivs/+wii6cfAoM9KZJoRSfNFgBpDvbIIHaWxci
- DIFhw1GzPnpB71eeGkjm2XPSf7u23iXTvTUYYVbsaU/z0DjUFz21Y+oKH4zy
- oUw0u9qa02Kvhk2YbI3xVDiMTkdd1coNW2wsW0nup8e0iU5epBAC9GV9IE3y
- BEhjsV0ojuh4sItlFOdL9/vWqu0rbYZo6ObTXkWUKb+rbVHpj+bX4QyofOoX
- BTndKhhtc1k4hVetbiSEG+MnOWSBZQN7CRHJT4/i4s7N21IvHBR2aowR7xNy
- FayoipaGffhmJ8IFlevIJytCfc0/2vlRZ3h0pib6K8UaVqNMqkdlMGpSmYfH
- M+SzqDTQhP52Rrsw7TVI8luE+j3G56XkLIzIsFeCN0ImV+LkwZ4xC8kurWs6
- HqioS5xeiZJupMs/YKek37sUuy/1ODL2t30JbHaPLRffvlb6H3eJoQ6qFVI2
- YzjwLWGWotrMduOONpnabSk/466dDgMmew7wANuTqPuD37uf34tqNVrAcmLi
- +Nh2Cl6fve/ESlptDMDDN6ThpXXIH0+OAOYBQlqFu5VTfJth4/g8k6LJBDRK
- I4ulySlVeENgQKTXvzcUpOo27xfdm4X9O4xU6CqOvtvirSuYzIodrEY821/F
- ZCBteES9JcHiBlwB3ku6BUJuIfUqWajafVHyc2iHdTylO3PfoogATomG44gX
- zOWsY0hM4WMV7bv50cGBVVZT9xzFoWdKBg9zn6dflMS4DapdrRaCiZ24YnRA
- RElTOthV4a4nX6dlbPHXnb2kVSvQD3sIMKGwI51nnESoU9hKXnaKnkMNkmVg
- sUDri3G52aJ3Plqy62x62DMQoHEkNriolK5nX+kNw/Yg/wNje6rQ4SvEkjCf
- 8VNsC/flbh6T/dP2C4uXoC+AwxCGx5l97WQWwrJ8Xwiuj1f0a0O7dv55ZbJw
- AkwQRf6NHkWorekw+84wY6IOAQ3nK/vFj2A/Th6iszdNxu3i4MrxmTw/YWw4
- eDgqV4nKAq2wz1q8xH5p8kjwcY46w088kHJoHllyheLhRlvaLsfIWKdHeHEa
- aImSDrcOE/jjqjR7e8VOiP8Vjyc1NaxWQvHrFQW/X+MfcWvQdJ2p/oEwCQDE
- mUZPJcddWqI9AamHlA/CsKJ56jqwqz4bGJMlqMqfAbdV8xDlWr9tbDnWectn
- a8LwX4FXe0iMCpR4umBDtlFo23N8g6FRt9WZyBTBSoZlZ2Xp/UFO8TqEG3Ol
- gVH3i9R7Set6o36kdhIUKSvsXt8vvO91HmNUmk24nhzQRwxrkL40RxrZh67O
- RqwBWVTSW3xBaSz1RnVAmN6FxRL+qLWt5O4RYK4I9YgxZW+PQzVdyVzpUZGm
- Q/GP9TcZN3723AhFy2tbRfEr/eHhlaSEB6ZuFMGkQ7ROn5RNdbwqex6B/wg8
- x+y1RFOkEILgPtyJR/z5allWhaLbjuj5Czq9DqICp/Oy+HTAd17ETtTpbI7L
- HtASYiwnv+tmxJQ2WBiqz6cZ78M6W+Zz3UN2uSr6Gquq/Jq+Y+BhjPbV+6Cv
- pttMCZj60nRC+vCsJnl/SAZiiZe+y3VfFJnktwWiinjgaUSIF/IXZmUdN8Vz
- MTFPWzMrx/Hhgng8M+sGRwuqNbtYe+Ug4hmGVNNbnE55SN2+6eoZz3Y3WIFC
- ovXxxhpBvf5IVEVvYHnTSEFI5F/XNZBKktMjqQf8DAFP89EfzRz98Gg0MEif
- RIoVNidxZREmoQ9DaEyIH/1CAopLVgcu8zS1jU8MPWY/B37vgTvkiY0YobyS
- aDlus2SMdULymGfg//L99rq0R6a9NhH7UxuXqeUWznHwGijnyybUfDAsfIwp
- LXoxmpT9ufn1pvOE9TYsPJxyJcv7QZq2EVR3nL/4l2O2NxUzJWtykXrKbBia
- oBFSDXhotMd0w6uh4eS13BWb6HqHjReD7w+6exPQ5uZIf1RBxAmSke2+tAg3
- hCHf8i2uRwA6DnBNgm0ORmuI+RTh9tCM0nRcDpusLwPbFk3UHgvE0W7bxb3h
- WchznGDUCgqKH9KWbC4RPFI7zCDjE0I1k1Fpc9T0qfGyjIA5Hc7KVWsl42v+
- NVsFdzN3RZRfv67NQxhl8RoniXF1sWin5XcUN+tNbB7cvCPj8sj4bU8rrQao
- +c1R01exRvMHA13ry3haQj3rKX8T+e6QgqAlOfdnst+UpE2DBtaDJwReQBjf
- 3wePiQ2CN+tvdK89qzdIr6CLnuzSFNP+ZLpJhiP1fKV85Dnoqe1TSqFCSAR1
- RVBsC17ZXkM6px76IcrOqjgLJmwxfAa5VyylkXsOon6UJ3l1EDDGk2KrKyOT
- iHugNXTY6azUF+G3ASWs4lBlEHn6FDYuXOCd18zGKnUYU0Ql/f0SdCTwg2Vl
- 8GErdo0GMqcz2FUBvlRy1Ydt1nM+AOHb2GbciaD876/VTebUlPGiCOhtYNop
- qnH/BCrm60ulv8l9y69E/9gclWuzJxNJEAChxPpbzV+sSgbPK+BDEey18aGo
- YqD+7VGmz1yPxOdgUANFgJeWIksafJFRTrNZWeDYJa9Iu1ZMLk31+O6gJ68Y
- lZjHjGommjPd+hKL+TG72k2XDqPNDfE7JQMoDwa/rKQeSzvf/j4rep6N75pQ
- huAu6YafNhB8IBwK4oljoITzHVxzpCAP/Pis44IKOkbj4/HWQmJH/IQXmMEl
- /02OqZvJJOgkpUGYrsJud+ZAATIhpZwb8JfQMw6mes/6aPdGCZjMJaHPgFjU
- h6Q0uA==]
+ ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAo+kOuakLJWl4gVaTboTX9JodKuNNtKTTFQk2
+ bDFa3brAitjmvnoNsX27+Qi+JCQJ9fuqCI1pkdiWDP6iXB5XORFLXRCUBLCA
+ 5ZNf2me3u8SYgxOH1yVo7AgDw8J6bYqQwcecTm0y0DkmZgEQBryZJVHe6CPD
+ 7WqBwJreoYI6z/AMoeG9GAsa4CjziRvBTfbymXYtjO3prssRaCQ0rXHiD6JU
+ 5a90YZm1U2/VwqwjWpTgYFD05hIHCtyD5PNlB8xd+S9sFRsRkRAFIUXkGIfI
+ 6fjXHe7Jd5bTxMaKIaZmhuxqf4XEqf2qu0mMd9134XzhHJud5EmnH4HGjuIq
+ NRvCtDCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEAWjoyge8WbAplaP
+ 30tTCheAggzQ1xj7c23DNmkfATMVVBXlMO29wiov/MncD8zumAY+Jp0g+2Y0
+ z7sN6TJdcFMWgEf1+6TPtZnIfWJ04TmpnYEaZd74J+xbUqKEakp56A2CdKdP
+ wf8oiWX5FD2zvU7irXuU6G9k7eCn9K71gNXDrlEw+roKIZskPo1jVhGNRg/U
+ Hv4WaticAlEv/txJJKCyQOSz4H8msmV13jKa7yLruM96Pm+AzxEk4NaV/DEB
+ FS2dvDIQYOXaQZfKMNKSgutnaKeUuyw0VeCMY4y5iRkHGIGJ91iy6KmSa2cS
+ R53o9CMpFcN9LUhMAvNdB8ZIv5qFapndIqjZXa+wSS1ixKoOa/1uXpPcGnDs
+ drx0N7NeN8J4/TqlkAFm2Ga2ehjxVGCrN37jH6Z3cr9qFF/1x40ujuSaCI9/
+ eC3gZNwowQOzqfINkZdXW/MLmAFeKm+2Bznh/syO2cb8n0TK0hncrf6sqA+k
+ JTCYvwqoTDHiWWkXJ7u5uGTdbIxl1H9LPgJpRqNK7G7BItV0Do20CG+uKEVx
+ gMlA743kdPjXZ4GbPPtSVbS5iEhfHo0IGVb8mQvNeye32NfT1QsgkNT9NNFK
+ U2aFiROwYJGYoJ5zcth9HXMLInjfOggdvZM0DLKz65p8Hob5F3sNhZrSyFEm
+ MEFYS8fsoNVdfmkBZ8JA8nHYOAaUMqmhhFDIn4g3Mnb7kGur+t97C1MzsqOI
+ lqz8Vdhm3gqL/UKZp2NoPIyH1cTUACtpOXz8nJY25QJdEyhzgkX7UnGCRRuz
+ Ev8dPZFRxNwuNO2N7ziDijePK9/VT9iK3CKb4gH8l/Zx51x62mUSGXEnNj6b
+ Wwnde/o3acqGUF6qvyzeBHelDoSEC336zzCRyut0bGJD3P5zgmNYJ9WUQfph
+ n2FdLv1Ddy9m0o1W+k0AUjKg+/Tfs/0Cw7Ma5EaykRvhP57HyteVCCwJIbhf
+ Tf+8A3hw7lGwtUcTaclLs9o6JOhMzepWsigr/M1p3Ec/yjhORMCph7uD24UV
+ cz2sd9BZhPUHi/NpBUt+KlxyRkwZzFfX8yKGzzp9kgO0EOcjKNq2tFfTY6xn
+ /7Wu6tCp2DPFV/SZUcvF5SYuh2RSNBotj/BcGnY5/V8FACHxHLI2WCKCBHPZ
+ 5SMx2JXxzg975HO5v6RK8gKiF//znG5u1U3JuS6NhGq90/EbAhhvF+LoCb6E
+ dyWy1jWWOvrWAOa6nGxP+55wdQUGpgey2bADp9lhPKcAMyJz/VOt16tpmyOJ
+ 565ykWISRIk3zb9pffTnlJGqC/zEDN2IBydQ5cl7b1wK5pZWLBnL4De/14T0
+ 5TWcZOYXd+xBdZtBi83owAWYFts3MD1RCz40FZJRkbj7QPalkDDFR32XQQW3
+ oPuxpNPwwUGfv/m/w2sIVeTSD4r6iEnYQreJ9xGHU7shErFjSWbYVeB/6wL+
+ Ty4PCPz9JaqDQgECTy7gNBNyw6n3ucVrmIhnEbN6tk3c8ehgWspeDgI9LNfx
+ hk0fUJLUBEnm/TINGolSdAsQSe/fZcOfq5L26SvSzJFlurFmmkaM5nF9kk06
+ cvLqBdHOIEo1uHZYnlU+qETdsFcWo5ZrA8EN0j5s0XxK+yZuVgah3uPZ47XQ
+ VrYJhaXTfSz0ybjiQRcteuivs/+wii6cfAoM9KZJoRSfNFgBpDvbIIHaWxci
+ DIFhw1GzPnpB71eeGkjm2XPSf7u23iXTvTUYYVbsaU/z0DjUFz21Y+oKH4zy
+ oUw0u9qa02Kvhk2YbI3xVDiMTkdd1coNW2wsW0nup8e0iU5epBAC9GV9IE3y
+ BEhjsV0ojuh4sItlFOdL9/vWqu0rbYZo6ObTXkWUKb+rbVHpj+bX4QyofOoX
+ BTndKhhtc1k4hVetbiSEG+MnOWSBZQN7CRHJT4/i4s7N21IvHBR2aowR7xNy
+ FayoipaGffhmJ8IFlevIJytCfc0/2vlRZ3h0pib6K8UaVqNMqkdlMGpSmYfH
+ M+SzqDTQhP52Rrsw7TVI8luE+j3G56XkLIzIsFeCN0ImV+LkwZ4xC8kurWs6
+ HqioS5xeiZJupMs/YKek37sUuy/1ODL2t30JbHaPLRffvlb6H3eJoQ6qFVI2
+ YzjwLWGWotrMduOONpnabSk/466dDgMmew7wANuTqPuD37uf34tqNVrAcmLi
+ +Nh2Cl6fve/ESlptDMDDN6ThpXXIH0+OAOYBQlqFu5VTfJth4/g8k6LJBDRK
+ I4ulySlVeENgQKTXvzcUpOo27xfdm4X9O4xU6CqOvtvirSuYzIodrEY821/F
+ ZCBteES9JcHiBlwB3ku6BUJuIfUqWajafVHyc2iHdTylO3PfoogATomG44gX
+ zOWsY0hM4WMV7bv50cGBVVZT9xzFoWdKBg9zn6dflMS4DapdrRaCiZ24YnRA
+ RElTOthV4a4nX6dlbPHXnb2kVSvQD3sIMKGwI51nnESoU9hKXnaKnkMNkmVg
+ sUDri3G52aJ3Plqy62x62DMQoHEkNriolK5nX+kNw/Yg/wNje6rQ4SvEkjCf
+ 8VNsC/flbh6T/dP2C4uXoC+AwxCGx5l97WQWwrJ8Xwiuj1f0a0O7dv55ZbJw
+ AkwQRf6NHkWorekw+84wY6IOAQ3nK/vFj2A/Th6iszdNxu3i4MrxmTw/YWw4
+ eDgqV4nKAq2wz1q8xH5p8kjwcY46w088kHJoHllyheLhRlvaLsfIWKdHeHEa
+ aImSDrcOE/jjqjR7e8VOiP8Vjyc1NaxWQvHrFQW/X+MfcWvQdJ2p/oEwCQDE
+ mUZPJcddWqI9AamHlA/CsKJ56jqwqz4bGJMlqMqfAbdV8xDlWr9tbDnWectn
+ a8LwX4FXe0iMCpR4umBDtlFo23N8g6FRt9WZyBTBSoZlZ2Xp/UFO8TqEG3Ol
+ gVH3i9R7Set6o36kdhIUKSvsXt8vvO91HmNUmk24nhzQRwxrkL40RxrZh67O
+ RqwBWVTSW3xBaSz1RnVAmN6FxRL+qLWt5O4RYK4I9YgxZW+PQzVdyVzpUZGm
+ Q/GP9TcZN3723AhFy2tbRfEr/eHhlaSEB6ZuFMGkQ7ROn5RNdbwqex6B/wg8
+ x+y1RFOkEILgPtyJR/z5allWhaLbjuj5Czq9DqICp/Oy+HTAd17ETtTpbI7L
+ HtASYiwnv+tmxJQ2WBiqz6cZ78M6W+Zz3UN2uSr6Gquq/Jq+Y+BhjPbV+6Cv
+ pttMCZj60nRC+vCsJnl/SAZiiZe+y3VfFJnktwWiinjgaUSIF/IXZmUdN8Vz
+ MTFPWzMrx/Hhgng8M+sGRwuqNbtYe+Ug4hmGVNNbnE55SN2+6eoZz3Y3WIFC
+ ovXxxhpBvf5IVEVvYHnTSEFI5F/XNZBKktMjqQf8DAFP89EfzRz98Gg0MEif
+ RIoVNidxZREmoQ9DaEyIH/1CAopLVgcu8zS1jU8MPWY/B37vgTvkiY0YobyS
+ aDlus2SMdULymGfg//L99rq0R6a9NhH7UxuXqeUWznHwGijnyybUfDAsfIwp
+ LXoxmpT9ufn1pvOE9TYsPJxyJcv7QZq2EVR3nL/4l2O2NxUzJWtykXrKbBia
+ oBFSDXhotMd0w6uh4eS13BWb6HqHjReD7w+6exPQ5uZIf1RBxAmSke2+tAg3
+ hCHf8i2uRwA6DnBNgm0ORmuI+RTh9tCM0nRcDpusLwPbFk3UHgvE0W7bxb3h
+ WchznGDUCgqKH9KWbC4RPFI7zCDjE0I1k1Fpc9T0qfGyjIA5Hc7KVWsl42v+
+ NVsFdzN3RZRfv67NQxhl8RoniXF1sWin5XcUN+tNbB7cvCPj8sj4bU8rrQao
+ +c1R01exRvMHA13ry3haQj3rKX8T+e6QgqAlOfdnst+UpE2DBtaDJwReQBjf
+ 3wePiQ2CN+tvdK89qzdIr6CLnuzSFNP+ZLpJhiP1fKV85Dnoqe1TSqFCSAR1
+ RVBsC17ZXkM6px76IcrOqjgLJmwxfAa5VyylkXsOon6UJ3l1EDDGk2KrKyOT
+ iHugNXTY6azUF+G3ASWs4lBlEHn6FDYuXOCd18zGKnUYU0Ql/f0SdCTwg2Vl
+ 8GErdo0GMqcz2FUBvlRy1Ydt1nM+AOHb2GbciaD876/VTebUlPGiCOhtYNop
+ qnH/BCrm60ulv8l9y69E/9gclWuzJxNJEAChxPpbzV+sSgbPK+BDEey18aGo
+ YqD+7VGmz1yPxOdgUANFgJeWIksafJFRTrNZWeDYJa9Iu1ZMLk31+O6gJ68Y
+ lZjHjGommjPd+hKL+TG72k2XDqPNDfE7JQMoDwa/rKQeSzvf/j4rep6N75pQ
+ huAu6YafNhB8IBwK4oljoITzHVxzpCAP/Pis44IKOkbj4/HWQmJH/IQXmMEl
+ /02OqZvJJOgkpUGYrsJud+ZAATIhpZwb8JfQMw6mes/6aPdGCZjMJaHPgFjU
+ h6Q0uA==]
profiles::nginx_revproxy::virtual_hosts:
'community.cacert.org':
target: http://10.0.0.116/
@@ -191,10 +191,10 @@ profiles::x509cert_common::certificates:
'community.cacert.org':
certificate: |
-----BEGIN CERTIFICATE-----
- MIIHnjCCBYagAwIBAgIDFHywMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv
+ MIIHnjCCBYagAwIBAgIDFR11MA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv
b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ
Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y
- dEBjYWNlcnQub3JnMB4XDTIwMDIxOTExMzk1M1oXDTIyMDIxODExMzk1M1owYTEL
+ dEBjYWNlcnQub3JnMB4XDTIyMDExODE3NDk1NFoXDTI0MDExODE3NDk1NFowYTEL
MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD
VQQKEwtDQWNlcnQgSW5jLjEdMBsGA1UEAxMUY29tbXVuaXR5LmNhY2VydC5vcmcw
ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKY4Bz8s5f0AK56dGIl8y1
@@ -221,17 +221,17 @@ profiles::x509cert_common::certificates:
cmeCF25vY2VydC5lbWFpbC5jYWNlcnQub3JnoCUGCCsGAQUFBwgFoBkMF25vY2Vy
dC5lbWFpbC5jYWNlcnQub3JnghVjZXJ0LmVtYWlsLmNhY2VydC5vcmegIwYIKwYB
BQUHCAWgFwwVY2VydC5lbWFpbC5jYWNlcnQub3JnMA0GCSqGSIb3DQEBDQUAA4IC
- AQAZO0nwoA6/kYbl/xpKvBCS0HVJcGhKWDG/P9RhJnimeW9637o+8LcJFqDcriF6
- cNPi7A0RSO99uHIuw5aXgEbp25b0i6xMqw4QhzkKXK0DNZtF5LWJ6PGQPlLSCSuV
- hnRJXEzGVRuN+8o+tXquTBwhMwIyUIW/7iO9Xw5blSJ41+yezXQ6Gh/sw0o4ptuc
- 4D9yGqABhPTl3jq6ifGJUPdAf5l4kOebHBlNbeiTKLGZrohgU6wC+Xk0r0JCb0UH
- K6O7989i+lAnYEuQLJ3ULr8yDMLayrFHJN5jzXlcdoCiPwF/zlkYNBq1hVj8uZGW
- o1DMbXlVbT1sSmqRoAcp1uuUc5zCpSXImVKwM1x6mfEMsffjqItI/3+z0yg17pn0
- Dprun2HT+k/jwNJUH3YVcqgshkiBLSKyBXy5pn9G5wPdbpZRcXmV5fwhk63N9XV5
- Q7AiVxSEIBtka9IEWVAYE4djdavGBKZGGu5zB4T1aeBcOmr5V1NcDqwcOiufIVUg
- uDAZu7SJmF/VgqifaLsPnbHy+yxaEAWbtxFq/OfbyM0HO9oS4Mdnv5tjOFEyR3QV
- TW0DaOGtQ+OTBuFUn+W/bri9/t9nBy04v/8HdkPdtepnAIclk3wUtQ7RT2ABD6PM
- F7xpy8QfaHyI4bGakoiWh00gbgVtGF91TBb/eieHVbxThw==
+ AQAzIeYUQoGrWmhJ+2fEC7isV4k323BhD8XBVb9aIiZK47eZ5WDzSw+cYLSwPsCM
+ U6zhYTdoo77bo1YlSHeHMeJGZKk7F8A7DLOlKbAPSkDepT4UE9fJL/4ynMZo8HiN
+ PxOP4unrBSVKSB7ethwFUu9Qi9Aek0jLZqX9rw/EVJDCWrHirfG8DzCmbH21LF2f
+ BMNd9DhUIqcduCAFFezeyXAruyJ78SQB3YMCstxYnv9UsunkxovpndOpJ/N1aRCh
+ yOGK48ehgV808xi4TwFgmg+paDeVm0eQLrUZcvYn01eniI71uBzTDBukoXDYGXox
+ U6GeXzM1FAOvEz9UDkDVGOflFuf6tLAT5HlYQnReWNfj9HBy4i/7xNCyN2F2pIl5
+ lCT/nz9Bx654hkiIVzNmG09hMQJMMl+9mB5luKZQ2RCFAYPj1nn7MYBOHu1PNvWE
+ OgoxFq5t8r0ulez9JuAfk4vSHM6DAWUKjo1VOiBjcnhcZP5Obpuo9/37ltum6Bvv
+ mJe5RysBYOY0wQw1anzIySthQlOnwBNq6qXgW0oUZmrK/xpEneWM4bu9BUjwSRyh
+ ArPNSJ8jxBzU9hINcVjMS7hcOjMz6EY8EOWKdy2dDhX6OmAF7eEyOQNp4RrKWuB6
+ GDDsM9HCOl8iw6wK0K6CUkKSDdNsMQc6sOwjCujhMbj4Og==
-----END CERTIFICATE-----
private_key: >
ENC[PKCS7,MIIOHQYJKoZIhvcNAQcDoIIODjCCDgoCAQAxggEhMIIBHQIBADAFMAACAQEw
@@ -318,3 +318,126 @@ profiles::x509cert_common::certificates:
cacerts:
- class3_2021
- class1_X0F
+ 'email.cacert.org':
+ certificate: |
+ -----BEGIN CERTIFICATE-----
+ MIIGUDCCBDigAwIBAgIDFR13MA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv
+ b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ
+ Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y
+ dEBjYWNlcnQub3JnMB4XDTIyMDExODE4MTA0MloXDTI0MDExODE4MTA0MlowXTEL
+ MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD
+ VQQKEwtDQWNlcnQgSW5jLjEZMBcGA1UEAxMQZW1haWwuY2FjZXJ0Lm9yZzCCAiIw
+ DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKHqur13jSwFYyZZK3BM3ltrK7WN
+ k5+H8iRUTx3d1dmHK2XP4zzpksruItkHQLiD45CTPWTf/Uh/0xOl3B5PHRk9WYMw
+ kA52pye3lp+a9EVEuqpt0lM5x8aWMCEedL85TpJ8ZpP7oNd9BaIOoDSyKOTAr/Hh
+ 0aYUWN2Q7HaaCn69k5E0z1vxk5MbrrgHl2YksdfuQAet0LmUD7E+nz4AEvNIuIRF
+ wLRDQx061Ju0mvn9IQsfMtOKfnWwmo86jMna7jOD/TpnqSn+jgCKP6fjhZ5Hvmj4
+ C1OoGKWWYpNje5QEygDHECwnnHa0oqIQg0qhzfaWyjtRw8jnSVLC/RlfIzd5xo7o
+ Wy6nqV7TPelATrZ+sQ57P9SAkCZJZciPXES049SMP3JugC7+1ZY4EQbpu/cfcRWY
+ 5wCHZoD3oScMIshq/VI6wEMRo37RShH1yg8KUIEPFYlWY32ZBz0oPs/Uxo82MUkc
+ LDB+MZP+wyMNHcaHBPb2+41zqy22X3zCwCSSFUy+MOx91Mc1jfTf+Xz3QwZKcuAJ
+ uKngLusBPX0lYZKs0kxJNUY9TgZM6nD6YLak9rz9TPf+mYtBmNPNayYQiQNfvCFQ
+ x8SZ21ggS63JcExNLseWyH3dzgbHrL+R/4x6sWgVU5Oh1dRqB0t6fvGZmeLE85Q4
+ EZJMBpY5EfB5yjOlAgMBAAGjgfwwgfkwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8E
+ BAMCA6gwNAYDVR0lBC0wKwYIKwYBBQUHAwIGCCsGAQUFBwMBBglghkgBhvhCBAEG
+ CisGAQQBgjcKAwMwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8v
+ b2NzcC5jYWNlcnQub3JnLzAxBgNVHR8EKjAoMCagJKAihiBodHRwOi8vY3JsLmNh
+ Y2VydC5vcmcvcmV2b2tlLmNybDA7BgNVHREENDAyghBlbWFpbC5jYWNlcnQub3Jn
+ oB4GCCsGAQUFBwgFoBIMEGVtYWlsLmNhY2VydC5vcmcwDQYJKoZIhvcNAQENBQAD
+ ggIBAHlNGGzlrAf/tX4tW1gkq++7VmencPdJEDobSDoNetN+JDFJsGfRZSwHE2km
+ nNOGgDU1SYaRpNFMuVBD+dTMKM/lXPz0c+M0Yv6Lx4IYfms7UpVQCP14MclqdF/a
+ 1i7iqnT+rb7gxhWnVrgqYkjXdzg9htx5KcquBnBqwbrDXastWLEnKSwY2nCrTvrI
+ kMxN62d8t0Agt0HbOTD36ApOASkExkTZDNjWfFKJmd8YQG9K01BTfHeDQDUuEnq/
+ M7MDMtn6m3MyAmKQCFnC0mVAu5zA7wU8G7Xm7jNfyvAIN1U1yhCM69sydW/iZMFk
+ oiObVH+Z4H0n1YROVdA9Cajb24VfjKpkcoXXY/ho3YAK5Ck1n5brPz23RLwy88+E
+ AmvC79rRlR7QQHklORsc4K2LiHN+j0Y6B4bopo49ozJbMn8jGvTnnUKETQR9fxGe
+ wOLsrKOefXnNISwc7GawlP3jMJ5EHrTklwUvh/uV5JZPYUALRki0scB1S8Gvd6Qc
+ S7Er22/kYh7WB9tigh0rgkJQOnNeoMsJrRvxTNxnEMFGPZnVwteObvOwP2F78nbY
+ t0aq2ZMVRk/QXIITLN0LC7hwzFGRg9PmNKN9ZgiWQ+FZh3T8p59InjkGlAJuMEvl
+ IxgazK4rmjN2sF+rqQrrj20ZxNBTYM5wzCBHFHvA0gfCl0Tp
+ -----END CERTIFICATE-----
+ private_key: >
+ ENC[PKCS7,MIIOHQYJKoZIhvcNAQcDoIIODjCCDgoCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAIdrc0xGPRESoiSWtVNXy47GpoYQXEjJNoQzH
+ FsORe9WRW0v+dDNpxJdWbrpIwNGyzqUurQx57M1obEthX82naqGtiDt8zdc5
+ k1TToDWkRmOHZzW/dnkNBs2dOPKRvUV4t/CoGm3yaOCnRmYLfTKsJvf/uIu2
+ kXFU4u2lqFgfi5lV7Mr21XdfWWaPWpJcz+T9+HO0OPwTQjKBPcvuB2eGXWhr
+ swNgK6xyg6h5FX4mKp2oSpmZmfRGX5ihpiaoAWESR1tm8Xg7Sde7zPiZ786O
+ sgsvaPJE8CNnNgVHFBMP4+R9tmOWn5Pd6qw+kIFhNZTpczkebh0mIwfrj6i/
+ wLNcfjCCDN4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEGG1Xsv4iiWirIOJ
+ oI+hDiGAggywG6kYEkDdXAAFRSWNTLl0Vp9G4pGn6oMQYXwyp4DlmVFCcz7O
+ kf2X2iGT+wWax7F0w/kzLVSTN0W4yRwQzsOjIiO8tGcZurZ0lVpR+DDBVaYh
+ 7nTffgwqMKFO+GC19+Fd+UEB8/6oZ17KfJCcX1jry04ZjjFcQp70O9OT5snz
+ 2tT9t2UVL9lx647Hri87wqj8+ZdQaFFZGdgqEuWiaXwo7THykleblHUhODv8
+ D6ATK0lKE9t7nlFIalYu+/CAl/r3c/rnBEJ6HqdwkNkkTJvqaUP1yM2B+Iop
+ oDYjyoCA/oYJ/IyKZNg8DDflIGiA3UZEfrXMpdZcmRQ7GS0dU6XgpjXQZA/f
+ /UimJQxiQ6nA2Y4Mm33R0NtYc4ExQ3Uge+P98MH6+9AM5HlnhkUcDc6wLHDM
+ PSUS8FqCupQKiX3JeTaDOlTdq/WYC33dUWehJdkvLT+vfN0wmpI2mPn3uJ0m
+ m7HecZJBXqprzj30lSMWH/XyJ9C0brUPCvTk2dybykYoSLANgeF+ZN2Jkg2F
+ kTRKkP8rQLpyAB/a1lbhVzFuSWpv8KqtqHTXU69gwY5KtuKstMFHDu3I6JsT
+ Cpz4fNgf3SpplTj64Le6cs7z5xVLu4f3Z+NHIiSp6QGk9t3TvwbuSVTRzXIF
+ 9PDenLtYeVdq+fI6lCVIFZYZczlbmsFJQpb5PLdy7wt43sSmtbqE1AGvKfAW
+ LoOmPrlSHvPOH1th+db6kS16wICFzsh8HMxREMWyxOyZ5gwcf1NAdvFK6jWT
+ A8OKPW07pCdOjTIXbvf7jjuZQyR3PQ4+D8qCz0T+1W69bgCcyg+45kBvmrGO
+ o8vi3sAUMwWCCFJNEy9XTkfzUIP6H1bqt6nXeBVoyOkSmHhzz+wh5dobRQnQ
+ qgSSvU2qQgTPd0FW1Bvya78W/hue9YifqIOf65Hv5T3Qo3WBtgIynDub8zfW
+ CW3ZJZc0gU7A8lR2fChSVovV3ErTUXRD/peOQmA8sZRp1hz18Ibmmh5n6YcJ
+ 8aoANdy8/2IWDItXW3P5zyMHFcxpQG3HP+oxv5HgWKLFM2KTwcw3aR/BpM+9
+ +GHzrmvPrZ3/CkuuRnKxbj0LGyAZfUpEjEXp8zno78sKQQbpx3fu0UNNqNvw
+ teCBqW2pGA/OFaT0qBDbNlFYG//t6f4Ea5OiFZqSPQ9Vu0ybY1Ir5fw9TLdg
+ IrXSUziKefQf3po/jObZhJDJUEvRPP/hogfR8FSR9h52HqARMSsY5d6bKyon
+ OrcZmFLf3EGBsRb0YMCu3VLDlQzgaFPx1SRqASjtkuwJFEXWuMtkWrZyF7rl
+ zrSmhIVqdOtHFxbRC61r5atuEwfUKkhqdWdQ6DaILz5UPFQIPOtbaQpeWcN0
+ HazWSqcO+5RZ8L9d411lyqk9KgIoHjAAYZwx0iiU3Bt0xJmIu2tyJpzw35Zj
+ a8GPo4xHXwwNVfxmUq01v9qEImJz5URfTkG6MNkqO53weobXCLUTiaPIL4D9
+ wssH8qhQjUh2DySNlzgqxTo1Fh1J1yYvrFVHMSvWGCLeMpdyQZ1WBZP3wg6s
+ LPyNBZFfv/ITqHBQGB8QuzjJSBJA0TaJU4j41YIz7XSYJguXAOCY7gHcj8I/
+ a0ojUVtCL3olF0X1BsMchyijq1f0ceVoKp4pGUhOJgWCwTudrvKAEEPjkV8R
+ 5QLcl67HyXCndVyUTSp3BK0NGdGgpGjlctOtKpPh43mXv3tSgZLiTpujFia4
+ erpKy+E6S4aMjBabE/ih3pQHwVcFJlq/iNlBC7SJLoZkSArA3NPbcXwVTaLe
+ m8AbYWbw7iuICyx+W6qTj2nuBa9WZUKWu7nwaP/dWAY4l2WD5atwBadZ2NOT
+ bK47Jm6FfZXUX6h8/dH0y0GJwhTCEbrUzMisI7weCG5knXFdbQZLupGMeuGu
+ ivKbk9hWpaVEUFGzR2odKgMj38+B/0y19Lg4T7kuXoZPp/TonSD2y9XnwAXq
+ CgGRWlgBlFcp+NnxDef50k5+Y/8HL279E/kgslg65MAg40PQn/o68+BbBBkE
+ RbG9ccuwopMRusy0dHI4Cr6RFYUHDRC+x4w+enaZCjyVh0v2atbSZd6A7h9r
+ SwNuumjJ2yZWZ63wEL4m+U6+JxZgUIn5CdjKskLcDZQN/KIvHlvHKdFnyvWL
+ xLwfC+jLI9QPLbxtqDkprm57pXhncK1Vw0P7LpHpSz70DExP6FSX6N4uMOnL
+ N4g595W63Yrnsn8/yjUdMNI9rz2gRhhZou/54ALSm0o06XzX1P7s6fYDGXdT
+ rPq8PY3qiHGTQKJKoM6IJvJlCDDcQeAiz+/zw7OGQkjAK71HsnrLc5p1qPeC
+ oVMRMpTYomodTCkcS0xhfnVGOGDGVUb55MCwDzqZTBLhgCiY56V+Sn+R2S/+
+ q+C4foMOY6QP3iue6oECinfaVEk547s9Thb5Fzi5WbaDGFCPD+nmajqhSUAc
+ vvMKiCD7L0ajQtji6j9X8kYBkU154tH3CEbL7wIi7vQRxZe6O2z0+RvwVweS
+ Z6YkwnAo/9iElzkg1MXymiLNbpIM3y4ZBF/J7sW+oZLDAjN1xwOgK7CGNX6O
+ 3jQ7tDClahh81P9vcdKwuVcZb+25tZsqay6l119V9l0IzrINLHcNSANVVNpF
+ RGlf1233npKGFB8A3vnjIWO6viFsSUTHdSjDUjRxdAkeUJejkbmAgQKBIhHX
+ eyWr+36cfidBGYBbCtILXgtYvHshRaH3i6MKsrNMIJGh21NMF58xATkaHZ7h
+ m1upZN/cSoua3ydNP08zzWWQfM94q7vsS4PGCMHz4lOYcDgwp7HMN8FhsBql
+ 76PT2TVF9dIY16i9HKg1i7zKqHJ+h96Hq+toNzxcXUwDsz8os7lDINMPVjsy
+ W861MpMAFPW3E18dQrR3H5hnRSVZp9S7bW3cdOsyXyaAagyc4Y1rtKtx6MVd
+ N+9nGSMmEVaWf2dsGv7P616kusG4nrPfdJA01ZLmGa4tCDntaHfmABPF96PT
+ LhWF3J3wbgskubUYyHMsXChvKAUtnhNJpuvbXjg27B35Vz3gDSGeOY3h2w8u
+ Dv8uVT6/jfmHXwk9l1sA1ikCHUzmo59Mwyba1NIIBzIHsm+9wRJXwq9NNCQz
+ 8CTAZrmkJCGV6n27cWDoE55xBVEym7Vw7xOOk+m3sSrcq7oRc/ZSBV9kTBlj
+ j9x1y7Gq4rmOV0OfGJdk4uzdc18zMwEfX9z7R1pw8pmMr1rWgGC9nh6Dtlvo
+ qzqtVCvdjJybBswm+EGjJVkq2Ru3Q+g3oGd5zgcS37elfVGfWmjU6jkvz5Q9
+ h5cL4f2H8lqNNEhMYE1IU/Vs6jEExE+Z1kS6KEzC0WLEofrmNNfdHj0iGV3r
+ OEsH1jPJChiti9oxVky3lAvuTFuq5GpKCzRygREU0Wogmhm/uezctaOBJ8UM
+ YonZOq/HXs9A/SXM21eTIWXtTAjuLPQ7WGhMXuim8ddR/FJAr5K0C+iFPhXF
+ zar5H3py17yFnbtlfhv1KfW/m2dbBeaI/LeIwkr6j/S3kpOYbOQcEhhw8Gsz
+ TglLCj71UqVJXLH6b20ZxBgyV9oaJECBxYb1eV44kfUswn3+gVtvGddxc3QC
+ gGUD30MEWVJf6U12D9qXQfAs/IViVFXp/P47t922/LOeSwGIi6J01zUpy9d0
+ BE4vsQKfCOMnDBJlCNYuOeZXlU+WrQOrBmRqyJasZwkpbv61lUROCE1v65xO
+ lErv/Nozs2NiTJII4WkSPOO2Al25c+aDNmB8rXA+PTlnZqDAY6keO426YZ+x
+ to8xct4UBbXPLi3a1yNJdiirdHZZYATX7cB/kqSqVile4x5QfxoJ3T/2Vv/G
+ LukpxsKI8R56TzHZS76MjO9N8yK2xtfnnVfyiVNRe4AXIUmLm/g/b9WHy9n1
+ HZE+DDWaus4QuRvvmxLiVPZW6U3wheLDpDDfkMaQ59ZEyqg4JoX2ARC10uJt
+ fi0rMhBFuGrETTs/cg9hJgjqm6lnOwT8/zyB0hZlwpv6wGmFlmdvq3a8wIcF
+ WnVujSYWorlRzAitxeEeyUfjuYxuuff5bWRMFPVgVdeRuDEJuxUeRvqkl55x
+ AEdH3oMYejHiZei6X2wa8/j6kisJp8GR82NB7Ecvj7a/St5DfBZ+7U7CYxNm
+ mq1POIPHV0z9QJ869ilGw2FMxdMTb4eweS/sM6dmi+mHfe2e03/8jk9HP+c7
+ 0MLsR2pHQ1WkuwcImnp6kLSZoMcx0CA0FGDyDSUahUX++6i9yDsyfkbWnBFa
+ 8WjOYmzkDuUkNw6yYM4OonEdvxVhRwS7AG0meFhyOYonSBKi33XQSpz33+Yc
+ ZhxQZEhD+t1U0Qqkf3Lvc/Q=]
+ cacerts:
+ - class3_2021
+ - class1_X0F
diff --git a/hieradata/nodes/emailout.yaml b/hieradata/nodes/emailout.yaml
index 385b83c..053ae32 100644
--- a/hieradata/nodes/emailout.yaml
+++ b/hieradata/nodes/emailout.yaml
@@ -6,13 +6,138 @@ profiles::base::admins:
- law
- jselzer
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAZIzEQy+6GH01XZC/CDjTYDy/cMYuu5gD+M8p
- j7Y+QHXLPCJ721S/+PyWcQy8eqlPDMiz5Mnu4TdCfodys4VgnCTUj3vh7DKM
- F3cI0xkoEB7tBEXAnCQqPYaYa+KO/fj+kvdswghrnVaiSOiVA6rTGAS0q8/d
- bxXRplqykmKpIapqKcc5vWy1Tzw/MgEGa0jJsKeAQYK4XW7/RzmV46OODTfI
- kF/A0mGIPHF6wKf6gPwcWNXIt7uUtKIzFn9UYLA6kRnO3PMTNZJtmopj0dYZ
- d3Q8+Fnn1j5euYNtt87YN4NcBYBmoNW61GcK+22sks60DrdiILipuhdvcm1H
- x8gwbDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBZLIN+Jx5fPCvJaclk
- h87LgDDL8p9rEfdTEtFIy1rREoqV9TIRLiByXGaiTjo/vWU8sojsGZ1OCJKd
- RStsSa5Pjok=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAZIzEQy+6GH01XZC/CDjTYDy/cMYuu5gD+M8p
+ j7Y+QHXLPCJ721S/+PyWcQy8eqlPDMiz5Mnu4TdCfodys4VgnCTUj3vh7DKM
+ F3cI0xkoEB7tBEXAnCQqPYaYa+KO/fj+kvdswghrnVaiSOiVA6rTGAS0q8/d
+ bxXRplqykmKpIapqKcc5vWy1Tzw/MgEGa0jJsKeAQYK4XW7/RzmV46OODTfI
+ kF/A0mGIPHF6wKf6gPwcWNXIt7uUtKIzFn9UYLA6kRnO3PMTNZJtmopj0dYZ
+ d3Q8+Fnn1j5euYNtt87YN4NcBYBmoNW61GcK+22sks60DrdiILipuhdvcm1H
+ x8gwbDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBZLIN+Jx5fPCvJaclk
+ h87LgDDL8p9rEfdTEtFIy1rREoqV9TIRLiByXGaiTjo/vWU8sojsGZ1OCJKd
+ RStsSa5Pjok=]
+profiles::x509cert_common::certificates:
+ 'emailout.cacert.org':
+ certificate: |
+ -----BEGIN CERTIFICATE-----
+ MIIGPTCCBCWgAwIBAgIDAvaOMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
+ Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
+ BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwMTE4MTgzMDEzWhcNMjQwMTE4
+ MTgzMDEzWjBgMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
+ eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRwwGgYDVQQDExNlbWFpbG91dC5j
+ YWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAm3eL8pUC
+ xyFWXrqHMbL6mLTv0bYVJX5AMqLybKtUxvW8+Qk4By+RR4QKyA6v2Yxq2hFTLxJp
+ tWJcs5DwOJ6JyJTFwTUuPQ+FbPtJjDEx+nh5nO63S7tLYy8U6/yA//SzFOTVUlPF
+ sXg6H0Rzx8PzoS8KhBOEUYVDwgv0vEKEzCt29YxeuSEm4lXk/kjqTXAi3S1ZrIHK
+ KwMzZwndjP15VO484MBK4V3MtHj6iLflNuQ6zU/b/nkhyOtNJTA4dqRfI2zP0ctN
+ XuMJwK6lMl3SUkFzuMShWR2pxw+0wD7YOedr2H6R0fkE9Lwpdtf00jJI3b4D2Cg+
+ Wa2kE2Vpz11toFWnxS2EaHKcukA6IT5Td5gZWTA28aFyoXi4X3hHV+3iHNM38O3g
+ M1l66bmloxIZqVnQjVp08Jf7CAvSyIhGXROiizz4ResIp8Latpmg+/5HY+7RsRps
+ 4TztKffkuwosN33okn1b+vfW/YNSI6R8d/vPP/dWy20PYWKmXgDXBX3BO4ITZ7nM
+ 4rvyZjzsIjDGqAd6NVieJypQ6fDn/hm2llStmHnXeJiS/mVvbqAzzdE4g0QQ8uSj
+ 8Ytqkc0zxoomIrA7aGh1V4xsOk/64zveunNeZFsBN7CkcppUeaZ61oG/TVBOjQRu
+ YtNxHaQkSUWw7ERVSeLxlJwnKDnw04EfMYcCAwEAAaOCAQowggEGMAwGA1UdEwEB
+ /wQCMAAwDgYDVR0PAQH/BAQDAgOoMDQGA1UdJQQtMCsGCCsGAQUFBwMCBggrBgEF
+ BQcDAQYJYIZIAYb4QgQBBgorBgEEAYI3CgMDMDMGCCsGAQUFBwEBBCcwJTAjBggr
+ BgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9yZy8wOAYDVR0fBDEwLzAtoCug
+ KYYnaHR0cDovL2NybC5jYWNlcnQub3JnL2NsYXNzMy1yZXZva2UuY3JsMEEGA1Ud
+ EQQ6MDiCE2VtYWlsb3V0LmNhY2VydC5vcmegIQYIKwYBBQUHCAWgFQwTZW1haWxv
+ dXQuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAJ36PW+MgEttbjBa3EIlu
+ KceB6MHywr4YkeYXlL0WHl73duk7ltGdvOttbZ362BSkfI8ZDb7qZ9/kyE6mLHrS
+ HiFHIkHpHJscnisOZQbNmxxov5Ahx9pH2puBMLddiZoZz2QR5lZ/dIwp1KwhIOcY
+ kKMSNsIC7y0U/nmOeIn4W5FGwgx3/DV24Ixb+qe/rJExCs+hLsi98UOyDVdHBvOz
+ zSa8s+UEds8XdYRsYPpXb2PoZ4D1FP/Y6mfnfj8uKacmxbc/kRBWKDXC07qprOsb
+ 1VyanN1LMgFUWTg+Bv7/km9Ij+dMBkwc1yyBKsWfqYOI2tt4i2eP5eD4vKdeYOZ2
+ MECVaa6e6ApRd/h+biND208jo2t7QQpbU3rJ6VMyUWxdgmRyAZGVqg4khoGMisiP
+ DfrQEf5waHrfHOOrY36wvxtseugvCcReNsBUJ1bEZoYkfMNRy4mB73KGIFRR61yi
+ pP/T9w+/W3ynMLFH8fGEmb4kwiUosuOUNbQXS7vc1aCXRurDJ8ElJI1/sHhCOMhh
+ hNZ7BJAYhsMZpEWg4GpfyGSt8Gf1+ZWHxYMxZvYwhlWWuG5810nwlJ1nQvF1DON0
+ nULuB/Vc40Sv42+cbyLKW7tUDs+vOxAw4JARaWUj3GwgsjnjNAheHSvsX4dw/Ixx
+ bqrjezizBfXP9iJKZkPO4KM=
+ -----END CERTIFICATE-----
+ private_key: >
+ ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAkPDQS/JhwRl8pBHE/uHqgKGfmri48JFv8DQQ
+ vzRLsqLIR0Y3uQ03UbF45RL9/4xudIZtk0gWEPaX1gAjIPnYLnJXjCcEeiU9
+ IR7TDrqqcIHpwwUqNn0nAiz3aA5ZFgXHaDTkIa4rCdhVEWTTNXu1+0v5giQO
+ pCn1AMV+ivCITLtDLndk4q1mTQlnbk9Jsqbyi1QRQYVgxxXEWJ5L7PpUCUyd
+ Hs/BTPIn8CaAnxrmhGX121hB56txEXa+PJMVm2NS6Su3bkT0YkiPFR536FBI
+ QZq8tp3V/pHARxF5s/QIBBoqqlrzETlWAua96uqt5ST5mLgMetoNu7pUnZzK
+ Z38RKDCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEG8jOnMmbK6h12lT
+ 38D9n+mAggzQvlBC+sKIRNN9IP8Jw1dlQgVNqDsmwVNGRs+UTeINuqWBowem
+ YH4LFYCEZi+BLO9zFeVaQX01kk8J6G1az5O3hqbaGCmMTkl2VcaL+isBVwrK
+ lW2QmdIjD1YDgvdQTOeSBtqnS1O4Ywle2/wWn7WCExpDSYwRd6AYZ63ewKjS
+ dgH8XrVVdVaQ1jmw3oz9KGxsWkFNXguGKbtjy3Hiu4cyQ63yhH3oT0koFx7A
+ hfUMvizDzP54uUv7oNIKZyHJv61EkYvTj4QtM7gjUE7UYvICelCbBcm77HEH
+ Vg6O35zoMqAre/cWjMT/A6z9JJY7Yi4rJMjvjyrd7WLr4MAbdhfyF/KDaktQ
+ iLRPz0M3Gp/IYreZgyVX4bVInpoC0cH324ey8hhpWzyVSx8O01feDGS0M4Yf
+ CxGho9BhyhCAtKhepfYdt8CxZfIM73PugL1MrFNKkVTD9zyOcBNvryfLkSJK
+ DVtb/Ie37twcGENfilQRjvbwcQD3WSygnkwnBa4/ikKqnQLccNRFinxJDg3h
+ RpjBnDfGrFcsDfxmt8ioqFnawO5VIPTfxzpWfP6eDDGWJRm9V6lBo6rY/9Ll
+ yfPCnomc/6GmAezjBGBfvcIs/5LaE7ELmPZI77W0UU96YI94hOvdV5gxKFp6
+ kznP+aOSTKIOQx0gLGTUkYvjYakMGWgA5hRGE9TaFCx8AMGCH7tPT9JHqMN4
+ xCT0EPn7fg4NsJIbhuW4MjhTsde6Hm4QKH1QFHFZ1QN1pSCZv3coqflY2gdR
+ 47rBv6gKQgFyoOhu56bUsM6XUIexG/TMqaXE5lgP08bON0CeX9L2OVAB6coX
+ uIBAWt75rBFwqu/kMf5JEYksAboC9RJNVY3g60Q5VBwEajtv2ph4u058MIc8
+ GGUQ9ZSKMjdO6U2RliUrHeKbNN4PggwihKqYP5xneQGyBlh4yvWPpGjfiXiw
+ TvTnFcaEYWKJpi+sxHALItY6GbRK0eVoV+q6MaJklQNjFkwtfv3vQyFGiNuI
+ /8HY7Y+QqjMPrp4WstvEIhS6/B7Vme+0AGxvlFefPl8Dl/oCkQeyuHAPgLsm
+ T6XdxhB/9pW0fLPmXhmK1UNGKYgZ1IgHj1iE6iXGuTxQLIBBkAQCAD+kz1O4
+ /dsCHpvz+m4AAwYaRRFuvmlHuDYAI/SSxut5vc0YZFLW3ZykUDPKR0C304ly
+ kusSNISHm5cEYsIwyBiHPCzIBOZfb77kKVeh30yxv5HwLbIiWcCLltIxwfbs
+ dh4e3Q+YtcB3getVmtA7scfmplVCdRhZm+fAZGsN7Bd/3Sg9hNsac8AcNYoq
+ zK4msU1pIGylkdQo9bvMY70JAriFBwNYxGqgOnS93somN42016IIikIF/594
+ 9QJo9CA/BQieYc/tC/T2SWcAG9gkpAGgTwwKOSPSJZ0h+lmwOt8kubqltLg8
+ NF1rhmIN3uO7l+u/V3N1Sc9jYfWkhz4f+AkBQIa/H3iI3rsEJOq/SVErY2Lv
+ IweMNhKJjSGFNy6pmtJoBH2pRYI23Psv0PZEN18XphW7JfM2Gdg3QIOgtvuJ
+ psO80urPEHnjBVneKE74h43o/bmqGw8X3cM9lk3T+9vzoWmDhiqxox1C2wBU
+ gZ27QvceheQK/TvyJPLz4l9vfVd7cBU4QeDcLT6WqALiJnHkexbMf3gDMO+r
+ VrzGrdG51Q+mWC18spcyPPSDRn1A7kXRbFdKo/CsvN0/4h3ZkhqDc88oXVMM
+ AFJIcRCzsstwPdaKuBWLVydyfsDRCWd6wRnS5Q6DakR80n6gUFlt3jkD4+3Q
+ ARsefl/OxEog8MGol28ryWfcjFgUwu1+W22dOcb87Iflpm9KNLRvyaBJHmRX
+ ZqJrv9Krf/dVg5gltYYNbOcxVuBj3TZGPJwSmarJSwik0tXXm2UFGFTIn5VS
+ +wjcx+haxjQh266b6T3tMFjhFbVXEEjBnpJsK0U/h3d25Kafdh3qtlKbgkBi
+ Sb69aKRSArbSxFrNBXXIG2pJPE0zXZ0OdzC8hm4XlBO/OP4DSVEW1zAgVoLP
+ bmGoEuSTM05EVfUwQKUVI1WSoj+yyky73najG0vV4MNcPymcKzkUew8daHYH
+ jZt+0Gen/ukbttsjBY0Ar8izqqpA+1Tk3+TgLtzms2jo8xv81lovdM/9KPAB
+ wVi4pxMV7HIXmpjiJ8ggRqc9WsFLCJ90rcc4+qbo8459GV7nHs2BzsR6cXFc
+ SaFIh4X6pHkkAUrVpFKBzE+LRJ9A5LLx9VqjVr7QjEZm2PQNhDFXdsIpl/4Y
+ wWOaWUZiax5dal0Qpuu4qNq6LzMlGKjkG/hvv3/1jAUvHnzB4U5zcfB/w+4C
+ lBswCysLXY3Gltuzlw3uDiTAnPdl6KjMALqWOOpWQ8vYyNH5wXpRbBEH3zfb
+ 8rXO7pk9LPR58HSG6ZpyHrNC/LhIDsDy4a/rnuGVhDzKuLtCR+ID8zsUTZDG
+ v9lCzbnF3Im03uxIzMqpo27tpyPcprcUD5oI/nFJxJc/AXkSlqS3D03FDuFR
+ 5MoQvClr7PxXJr56kMZDQ4OcDA/szkgPe6GokIikmksJqPXQTnfrOja3UUT0
+ f1jTZe6xWKvBapwFzNxsby7ovJP2y1jIc8Hj6AVJ23kvmGjxdmsmd9h3Rvfc
+ sFXr9tXVl1ejdK+do+7LEs/WUCxRn+3ks8HFW354dh4MLLES2CvBgVMxqeIj
+ nhjU7Xa2s6rs/1KA58D8V0PrTVGKFOl/fRiD3ZLULPBIWqCTuh2BoeuyswlS
+ vq9R7auI6Fn5Pd1lHnNVgriIDYvonG473idNVICoE6FgXRUHEzvtAISnedjQ
+ uMY9MNOtWWiFkCfWGEPFp+u7mS6A5c7IuPB9pXTHwSxX0EXcBtb5GxFsQQtU
+ QizoJL6wuLHtE9Ng1S1XAYYkOEsnCzJhTx1uyaD5cddACX2J84XoOpX2ixs4
+ EZCqLn61unt7djoQ6EBtF/pl+vbxXlwHxcPcKwOsDmFqBSFjmrp3z62Oawx5
+ CJ3iQMxEOCoolhB+TtQfsoDAPMQKNdLIvcoNL2xL0O4WZ2C5ovOGNvXHmJQP
+ JsXSek+xbMSYCIT3gKkqKsKnphCqoUxTVS8UXdid3wtwWR0NbH2uspdQa04t
+ BVb197y489G9U+Subj9i2PmpL/tTWQLderlhfeFoUk894YQ82BUMgzg6t2mr
+ MmOStxqw0qGC7Jp08skgQpjWcHoH35omHWsBULtWZSy/qcxLaO+NLFduUDY9
+ 9kgyAzZ1lCH88nF6IMOD6PupZcsV4uV4umPOD56ldWMxTw7FPV1KjUoxA7Zo
+ DLaO8T3HL6vAE/OdMsaF2NqdoT63fmkgHcF9BYyH5Q7fIfPcXejyVdJALnJ6
+ JnG/LX+iFfc6pLg+oSnF7w9ltZyYbRRqCmZJX5vLtTtoSiaR/ZjCBpxAVmQR
+ 9VpcTexq/b5UgGYAeZz+E2jzemLCwxxpFlIdflztLtbC2vqTbI4N6YGHVryg
+ QKLEVQXDCN299DtxpfUyjaJoIVoN77x5X1A/JpzP/bhWnwPpYYqSqGFdGVpT
+ SNCDVWKWPJ5x3ocoj8egUXoBbfbyGOUvARfubEwqXFJRJ89wjPDWSR/4RUjP
+ KBi4STCC231P2yCU3TC4AFk+ZbI9uSr+kKevCpNAldL2ffIb1ymzSGT6JTUC
+ VEQHlRe/j2Zkc6uMbTCpB6YhslQAPHip1Vv+u+5PN6mndbIOtFAXTRwIHSeP
+ kmTI4lcPvqy03IjIqHAML0VUk5AuhpsikHg3IruejIwBUDBvJS60i6+fkqoa
+ Ac04QbRNV5pkEn6oFEmkMFZpVprON0XNYN3qYsUlE6lGhnf4245aE67WN69N
+ XwS9dC/LAXXUBuavdLjaqcC4uIdhK+K2oHQH+rjMHOWDUpB4nt6PJKm9MeTR
+ KEgp4kxpiCbtiFjwuX4NFArtvpWaYU0F5181gBTdnGQPA6SSswDXui8LP1I5
+ hw33S4CG1ZDuVncYAamnxzAKywup2p3H0pIzd64LSWmGrri+dS6Cd8k2u3tw
+ 12GBMY6cATaIw57aoVruFArQGSM6qAc7EzM0W+Fqw4wpcH3rfqPp1KMp7kdi
+ SCHJRl2QPSKQf9j/WVQsW2KtgkkDtR7J3+TGNRmuqZcwyiTL81cSlwzz7+l3
+ M3XmZiT/8Ozgz6ema+6jh8RuH1Sfdso55ZtDDLOzRhGRcTNQCKTMGCsT7udk
+ hRJhswB0xFKcIdBny6wKUIU/ntdf3Vd3oHSiovtSS28swTL89Dn4wAfE/JZs
+ NQH/+lvFMvxYkyfA0ReyLqKPqUADTZ3dAfIX+6BwtIiwVSkdbuYJ+J/x8Bw8
+ YNYOQPEZkJB4c4z9gdFPI+s8h/1BOCyiwX0/h7AOJl5f1Wm+IqmX6reFExaU
+ T4W+bg==]
+ cacerts:
+ - class3_2021
+ - class1_X0F
diff --git a/hieradata/nodes/extmon.yaml b/hieradata/nodes/extmon.yaml
index c25626e..dd79b75 100644
--- a/hieradata/nodes/extmon.yaml
+++ b/hieradata/nodes/extmon.yaml
@@ -5,118 +5,117 @@ profiles::base::admins:
- jandd
profiles::base::is_external: true
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAKkrkXNGDfVW85jlLRp7t1KsHr7fzVZUOiKgI
- nXxfq7bf6YceZhwDM4h02X4ch+amxI/q3jvrrjgUAGLY0D5zonWNbA7T8zps
- fogr5FhzJzS47iQbHDyTmU55xOCjfujvdoUtiBLpeh1IZ8DR5fOgMqpt9Y4M
- LnSVsh5cnWdWlYq1/sdG7hm70QzTYZMVy3noNSfVPeGJRx0iTDpyvEhfV8+P
- NxAzNKpcmIf2UGUq7MxaAyjcayfpDwYXvH48o72vzvreY3KbCkBe8eBtmmGr
- beIWk3uF1/HGex0nMJLGKV57NdSrKz8I7moYp5pGhr70W2SoQFW9EHH6RSNm
- IdVtKzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAZdHtu1JgImxyR3tiB
- 9Iz7gDAdG7RekYIvLTmxoQxapU0ATmqM8lsDrFs1fy8LRz4T921fD8FqiC7x
- EEWxfzNn0ZI=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAKkrkXNGDfVW85jlLRp7t1KsHr7fzVZUOiKgI
+ nXxfq7bf6YceZhwDM4h02X4ch+amxI/q3jvrrjgUAGLY0D5zonWNbA7T8zps
+ fogr5FhzJzS47iQbHDyTmU55xOCjfujvdoUtiBLpeh1IZ8DR5fOgMqpt9Y4M
+ LnSVsh5cnWdWlYq1/sdG7hm70QzTYZMVy3noNSfVPeGJRx0iTDpyvEhfV8+P
+ NxAzNKpcmIf2UGUq7MxaAyjcayfpDwYXvH48o72vzvreY3KbCkBe8eBtmmGr
+ beIWk3uF1/HGex0nMJLGKV57NdSrKz8I7moYp5pGhr70W2SoQFW9EHH6RSNm
+ IdVtKzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAZdHtu1JgImxyR3tiB
+ 9Iz7gDAdG7RekYIvLTmxoQxapU0ATmqM8lsDrFs1fy8LRz4T921fD8FqiC7x
+ EEWxfzNn0ZI=]
profiles::icinga2_certificates::certificates:
- -
- name: extmon_client
+ - name: extmon_client
key: >
- ENC[PKCS7,MIILLQYJKoZIhvcNAQcDoIILHjCCCxoCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAG1qZ5pPhQAQv9ghCMKaDPplIln6/YnO2/qvH
- 93vQPs5MMxuX43jlio12HyakQ2S9pn7EjQFd+rRKNMwIw84472DgpXrvZq9z
- hmIVar+2Tg15+7cWcPf2jGGmLesCH95o1v4uV667fXrUbOCowMQfG+4zGsnV
- Qo+n9pe3CnvK0HyDNDj1Sd7+mjum6cSUbt9pnXZy7G+Q4XYzu+So1CoKmhdY
- c8pz/o48ALeOjPT5DOIni87b/rOtclldATQtgtksE8CCA5jC/hIk3LaMh9wi
- J15NKxy29U/zoMLsWfYQn1/5aIgHuPeV85lz5Eiglue+rCxikpmfsx+L+ZPM
- G8/zBjCCCe4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEA1+ZW6MTau1jUPA
- FrfiXqSAggnATj/0QSn1fjaYvsQJH9dV3imq+vh7+scp7sFAzzwEKMOABaFm
- hgUPQQjuJ/CD/AYTdarGMqI860D3vDE48RoqFSxW57FB3ZAqANigzZg0k+TY
- X82r1Yq6qdZ6StuiokU97OHFbKd68i7Ibf0nm4XhaZ8JKvti+xKpJxaLY5iL
- KGcCIQbZE7QOmlpIDEUFYdVX9jbV+9NJNo8F7jmSvT7ZI1gU46PapPoRKQun
- +Ka8Fw3BncTx14IoqDJgzfXpdqLLB8sXEcCbUF4uLBcFi76dkw2be93x32RZ
- UoajUlY4q4OFbGrtQSEvQ2uEI5iI6UmPnN6u333ddmH5NvW7Iu+pCc122v4b
- VKR0DBGhsasvKNyxnIk5u7cYV6azG6tKTTsYoNMkiBqgEGuLr6FtZKyaqtri
- HYGq/tiq8AWlMtl9hSEKHePwng5RDiRZu3K1Ux4m93sf7dyw0PrQxv34OlxS
- QMDJeMqmUMyF9iwDCs9h1YWgHlSpUbtpw9CiVJMu6mzxjNBIwnKfhq5L+nCQ
- c4nDXkzvYQN/KA4wUl/+76IPKo2fSLWtkbwOPDCmjojbSIacIORgzl9zuA2t
- j8n7QDPtFxEoC3Hj36XlYQlPITwGb0Gu6DhIOYt5rYo7IjNGglSyK6OfFFOb
- WiSmaJaUCrpCWpgaASOZdLFzo6oav7WDj74yyiV+eLziTqSnn6caBJ6eKrXh
- Fjue4rwqNX4fF8P4iu0NoxJDkiK3DsDRPHpRpJM8LLIKgiROJccWrOX8O0Uk
- xlLyMI97r4vnX9R2pHPSGfsA1OwJHOKPC+dld9edFzuqy/Wt9MAQI6xyYs1V
- kGjHA1DGxDHCMTaOUm3gJ3CZg4FU0A7RuqUjNCXHydCfE4kv069xVgfvfOFt
- Y/dEnON+iJYtWjmAr2nYkDHYfD/l998W0W7D2DuvhzhtYZsR8A9dwWal8vhQ
- e2rh+Rev33DiuC4GfOFXY3BBEsDjcOeRu7SnN43ffkFwnc3cS43oaFwF7Qte
- 6NkwvmXgV6vguDSSLdcUtvjkiog4PlgIRLiEyxhmA37yLNhn58r8KnY4+GX6
- ELGwbWY/Tkx42EGbiidTUD2Mudg8O6lOyThQo7u0p2fxw4v8jhI6HxUmWbXr
- hVlivhznMuFjleU3BFPEO/U2p4CjiwBoLnsJ78f8EOGurS1bA6nAZoFKdzS+
- IkpXNrwlXZY1TiTUpxTjJQOJi6kmiDsM4JlqwghfOmn2HVC0CFMgq1BQMJCq
- E3pzAWBLNydJXlCQKr+jn+ddKjEK6Lbi9ksnltfrru93ieU25+aCNwiPd2EV
- NCC6Z+KPBJykt2CEcuDggK284qBLdzOTZEF5B30tPlRnoJAAC3YfwCTktqp2
- ej71uEjEXrm9iZX6EQmVJojjjIkWeASmmB7rR/wMVsMwG0Pcz2xgtvKQ2pQm
- wXaZcbBQPuyMDuvZQFCmU+3fbs5N38gw2QSqklmH/vKdzFP3h81ZSnnhrE1P
- VlPnsSjgsuoj0DEP7LFQ6AbkMOquwnwidQpYZQlRLP9tX6wzSS9d3pTwcqkK
- KlYMYDXQF1acQM0DC2dEX9NzwqPbeWEbe/8HrRdMc2B2pc1GXJcHmQEkOP8m
- 3FNCU5uqJVzmRVL2aFJfTPhgb7zzOWdzwTHDJ+4PKGFu6ILbYsztkAgLYAOS
- I2tlOYd7D/WJT/n+rO0QWd4I1GbS2kK5IYMMexRgi7DhpvRCh92qJMgPCcoc
- /0kVHE/u/TLxgJ7qcPjUDfYGir3Bhna/3G3LCZDZ8Kw921iosVVTYAnoIa5P
- G7Bm2guZv1o8QerMxTdHxEBmT/pEYpKvl9BrTmTZcMPfxInhfVCAyspCTBI5
- 0zC+QNrppDweVzaFoFyjk1Taf5/1dzUkQstUyhP+uJ8Hq2d7pvBjiVXRnRB0
- juQ3zNtwXxOGE+jBZCNC5xWL/5ooT5yclBRo7typGI/NLIm8EW9Dr60T9elE
- s8dtTDROf5Mitd3ZPyBKe2qc7OvzTey5IbiIFYPIVzt696vrm689uw4Cl8Vy
- 5Jqb3kFNtgfZEZW4wnidxoBGwqMPVRFWbpHNSvPnS9HW2u6y6SGs2nuWZvcu
- lB+J5TNVeAzPw81OELhZZEmAOX/rcL/oMvAudUJlRFYVZY4z+tvFLbDP9Hzi
- Do9ykUApp9ljQ1XQNDyKIISv/jJKEEy16rb7HhdSs8uwtZ6mPD1QaNq8uO5b
- FZY4c7R3EJue5n6mpGJ97Z2QijnEh5NNw9Yt10K6WES3/7JBDjt0OjQCnbaF
- 64garOvcHKzbpLhHhJtQ6vjxAKV1Q+HzVohOJKDZBJDP8f8xDIwXfVjVMlx8
- pjLQ6pjIaYKD8beKyJMd2IHrXb8IUs0AQIKHL6dGH4pgYZ+Wr9VVktCf1GR3
- 2IB4j8b3lJ4AjqTuGWrVAoxH4FkV8J4mJOq34RkE3V0REnurIodjZKL1LW1Y
- CKzgIi6TUlZNFRBn3+/PLPnHOF0SXOgbiQv1ikLReZGkDeBAx5Jieb70ewIz
- eawLyRRtwInmrOV4ajszSfarYRkh8ulN6AwcF8AVJt2cxx2iXcMoEHQBbcVs
- VT+MxTfLRde61Nc6lMWyfsjkvptIyLc7MkErrPYXo/psJGwvjJw70TEHiKLQ
- Y+X/hZ7ESj26bu1oiBGGD+4v6CMo4qa3RnKcvHyMbdgNccFbWQktZ0kjvQGA
- MWoz/8jdz61tA+tlokM3ZEkWclrJEcyQG8N1gYM/ER9pZBuM6PWZZvp4Yfxw
- F5Beu2pgJ1HlKaePwtm3itVPwuIm7K57YEyY76912L+GYiAPpvXt3B7ijCiX
- kpHTUw9U2yq2R2zT1zgVePUA2pa379QmBnH1pwzfOzlU+4zli2qSlBTJAibR
- LW1afjWaarigdwbDkuxVVinB/SM/U/7jQgXnCQIeVmteW2crwvH/rtfYCmja
- ffmJCCsjwDL908TcpJGTFtHxKyGrseMWSqgjlQw1mqmbOU//8DXzNUIn/AJj
- p/h7NmRwDQbDnmoZApNGrd9ZiNzlO/nxCD561qD4FPOmSRAIJhQuFjTfompM
- U3gNYE4cGPlbBHP9O1YHWfbjWNRqgZHYa772yEJ20+4HIa0lcNOCjCqm/NPB
- 7Irj881O9z/hZRWLpHW/MAtesZNe8XDjgXAs5gsYmsYHBlZZ/dP6Pwz0qIO/
- V8FVDMyMLDkJMgAKHr7F+DMzCPOsA56mdPqhHnhTIKIpBTW0R2wPWMomVg7c
- vTtI+ddYRIYMdBMgaWN0z9IRWR1PFlQ6aTVGdxTBJ4gf5k8ITtjdykssa1dS
- 8ObTnGjMEyiHGlJmK6cm/EYXmOOj8p2HPoBQrqSk]
+ ENC[PKCS7,MIILLQYJKoZIhvcNAQcDoIILHjCCCxoCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAG1qZ5pPhQAQv9ghCMKaDPplIln6/YnO2/qvH
+ 93vQPs5MMxuX43jlio12HyakQ2S9pn7EjQFd+rRKNMwIw84472DgpXrvZq9z
+ hmIVar+2Tg15+7cWcPf2jGGmLesCH95o1v4uV667fXrUbOCowMQfG+4zGsnV
+ Qo+n9pe3CnvK0HyDNDj1Sd7+mjum6cSUbt9pnXZy7G+Q4XYzu+So1CoKmhdY
+ c8pz/o48ALeOjPT5DOIni87b/rOtclldATQtgtksE8CCA5jC/hIk3LaMh9wi
+ J15NKxy29U/zoMLsWfYQn1/5aIgHuPeV85lz5Eiglue+rCxikpmfsx+L+ZPM
+ G8/zBjCCCe4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEA1+ZW6MTau1jUPA
+ FrfiXqSAggnATj/0QSn1fjaYvsQJH9dV3imq+vh7+scp7sFAzzwEKMOABaFm
+ hgUPQQjuJ/CD/AYTdarGMqI860D3vDE48RoqFSxW57FB3ZAqANigzZg0k+TY
+ X82r1Yq6qdZ6StuiokU97OHFbKd68i7Ibf0nm4XhaZ8JKvti+xKpJxaLY5iL
+ KGcCIQbZE7QOmlpIDEUFYdVX9jbV+9NJNo8F7jmSvT7ZI1gU46PapPoRKQun
+ +Ka8Fw3BncTx14IoqDJgzfXpdqLLB8sXEcCbUF4uLBcFi76dkw2be93x32RZ
+ UoajUlY4q4OFbGrtQSEvQ2uEI5iI6UmPnN6u333ddmH5NvW7Iu+pCc122v4b
+ VKR0DBGhsasvKNyxnIk5u7cYV6azG6tKTTsYoNMkiBqgEGuLr6FtZKyaqtri
+ HYGq/tiq8AWlMtl9hSEKHePwng5RDiRZu3K1Ux4m93sf7dyw0PrQxv34OlxS
+ QMDJeMqmUMyF9iwDCs9h1YWgHlSpUbtpw9CiVJMu6mzxjNBIwnKfhq5L+nCQ
+ c4nDXkzvYQN/KA4wUl/+76IPKo2fSLWtkbwOPDCmjojbSIacIORgzl9zuA2t
+ j8n7QDPtFxEoC3Hj36XlYQlPITwGb0Gu6DhIOYt5rYo7IjNGglSyK6OfFFOb
+ WiSmaJaUCrpCWpgaASOZdLFzo6oav7WDj74yyiV+eLziTqSnn6caBJ6eKrXh
+ Fjue4rwqNX4fF8P4iu0NoxJDkiK3DsDRPHpRpJM8LLIKgiROJccWrOX8O0Uk
+ xlLyMI97r4vnX9R2pHPSGfsA1OwJHOKPC+dld9edFzuqy/Wt9MAQI6xyYs1V
+ kGjHA1DGxDHCMTaOUm3gJ3CZg4FU0A7RuqUjNCXHydCfE4kv069xVgfvfOFt
+ Y/dEnON+iJYtWjmAr2nYkDHYfD/l998W0W7D2DuvhzhtYZsR8A9dwWal8vhQ
+ e2rh+Rev33DiuC4GfOFXY3BBEsDjcOeRu7SnN43ffkFwnc3cS43oaFwF7Qte
+ 6NkwvmXgV6vguDSSLdcUtvjkiog4PlgIRLiEyxhmA37yLNhn58r8KnY4+GX6
+ ELGwbWY/Tkx42EGbiidTUD2Mudg8O6lOyThQo7u0p2fxw4v8jhI6HxUmWbXr
+ hVlivhznMuFjleU3BFPEO/U2p4CjiwBoLnsJ78f8EOGurS1bA6nAZoFKdzS+
+ IkpXNrwlXZY1TiTUpxTjJQOJi6kmiDsM4JlqwghfOmn2HVC0CFMgq1BQMJCq
+ E3pzAWBLNydJXlCQKr+jn+ddKjEK6Lbi9ksnltfrru93ieU25+aCNwiPd2EV
+ NCC6Z+KPBJykt2CEcuDggK284qBLdzOTZEF5B30tPlRnoJAAC3YfwCTktqp2
+ ej71uEjEXrm9iZX6EQmVJojjjIkWeASmmB7rR/wMVsMwG0Pcz2xgtvKQ2pQm
+ wXaZcbBQPuyMDuvZQFCmU+3fbs5N38gw2QSqklmH/vKdzFP3h81ZSnnhrE1P
+ VlPnsSjgsuoj0DEP7LFQ6AbkMOquwnwidQpYZQlRLP9tX6wzSS9d3pTwcqkK
+ KlYMYDXQF1acQM0DC2dEX9NzwqPbeWEbe/8HrRdMc2B2pc1GXJcHmQEkOP8m
+ 3FNCU5uqJVzmRVL2aFJfTPhgb7zzOWdzwTHDJ+4PKGFu6ILbYsztkAgLYAOS
+ I2tlOYd7D/WJT/n+rO0QWd4I1GbS2kK5IYMMexRgi7DhpvRCh92qJMgPCcoc
+ /0kVHE/u/TLxgJ7qcPjUDfYGir3Bhna/3G3LCZDZ8Kw921iosVVTYAnoIa5P
+ G7Bm2guZv1o8QerMxTdHxEBmT/pEYpKvl9BrTmTZcMPfxInhfVCAyspCTBI5
+ 0zC+QNrppDweVzaFoFyjk1Taf5/1dzUkQstUyhP+uJ8Hq2d7pvBjiVXRnRB0
+ juQ3zNtwXxOGE+jBZCNC5xWL/5ooT5yclBRo7typGI/NLIm8EW9Dr60T9elE
+ s8dtTDROf5Mitd3ZPyBKe2qc7OvzTey5IbiIFYPIVzt696vrm689uw4Cl8Vy
+ 5Jqb3kFNtgfZEZW4wnidxoBGwqMPVRFWbpHNSvPnS9HW2u6y6SGs2nuWZvcu
+ lB+J5TNVeAzPw81OELhZZEmAOX/rcL/oMvAudUJlRFYVZY4z+tvFLbDP9Hzi
+ Do9ykUApp9ljQ1XQNDyKIISv/jJKEEy16rb7HhdSs8uwtZ6mPD1QaNq8uO5b
+ FZY4c7R3EJue5n6mpGJ97Z2QijnEh5NNw9Yt10K6WES3/7JBDjt0OjQCnbaF
+ 64garOvcHKzbpLhHhJtQ6vjxAKV1Q+HzVohOJKDZBJDP8f8xDIwXfVjVMlx8
+ pjLQ6pjIaYKD8beKyJMd2IHrXb8IUs0AQIKHL6dGH4pgYZ+Wr9VVktCf1GR3
+ 2IB4j8b3lJ4AjqTuGWrVAoxH4FkV8J4mJOq34RkE3V0REnurIodjZKL1LW1Y
+ CKzgIi6TUlZNFRBn3+/PLPnHOF0SXOgbiQv1ikLReZGkDeBAx5Jieb70ewIz
+ eawLyRRtwInmrOV4ajszSfarYRkh8ulN6AwcF8AVJt2cxx2iXcMoEHQBbcVs
+ VT+MxTfLRde61Nc6lMWyfsjkvptIyLc7MkErrPYXo/psJGwvjJw70TEHiKLQ
+ Y+X/hZ7ESj26bu1oiBGGD+4v6CMo4qa3RnKcvHyMbdgNccFbWQktZ0kjvQGA
+ MWoz/8jdz61tA+tlokM3ZEkWclrJEcyQG8N1gYM/ER9pZBuM6PWZZvp4Yfxw
+ F5Beu2pgJ1HlKaePwtm3itVPwuIm7K57YEyY76912L+GYiAPpvXt3B7ijCiX
+ kpHTUw9U2yq2R2zT1zgVePUA2pa379QmBnH1pwzfOzlU+4zli2qSlBTJAibR
+ LW1afjWaarigdwbDkuxVVinB/SM/U/7jQgXnCQIeVmteW2crwvH/rtfYCmja
+ ffmJCCsjwDL908TcpJGTFtHxKyGrseMWSqgjlQw1mqmbOU//8DXzNUIn/AJj
+ p/h7NmRwDQbDnmoZApNGrd9ZiNzlO/nxCD561qD4FPOmSRAIJhQuFjTfompM
+ U3gNYE4cGPlbBHP9O1YHWfbjWNRqgZHYa772yEJ20+4HIa0lcNOCjCqm/NPB
+ 7Irj881O9z/hZRWLpHW/MAtesZNe8XDjgXAs5gsYmsYHBlZZ/dP6Pwz0qIO/
+ V8FVDMyMLDkJMgAKHr7F+DMzCPOsA56mdPqhHnhTIKIpBTW0R2wPWMomVg7c
+ vTtI+ddYRIYMdBMgaWN0z9IRWR1PFlQ6aTVGdxTBJ4gf5k8ITtjdykssa1dS
+ 8ObTnGjMEyiHGlJmK6cm/EYXmOOj8p2HPoBQrqSk]
certificate: |
- -----BEGIN CERTIFICATE-----
- MIIGUTCCBDmgAwIBAgIDAvEYMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
- Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
- BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjEwNzE2MTYyNzQ2WhcNMjIwNzE2
- MTYyNzQ2WjCBrjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMG
- U3lkbmV5MRQwEgYDVQQKEwtDQWNlcnQgSW5jLjEcMBoGA1UECxMTSW5mcmFzdHJ1
- Y3R1cmUgVGVhbTEjMCEGA1UEAxMaQ0FjZXJ0IGV4dGVybmFsIG1vbml0b3Jpbmcx
- JzAlBgkqhkiG9w0BCQEWGGV4dG1vbi1jbGllbnRAY2FjZXJ0Lm9yZzCCAaIwDQYJ
- KoZIhvcNAQEBBQADggGPADCCAYoCggGBANIdW3yyGH9LWYseNDIIs+DDHEd3HGOO
- H31JQKng8LdEZynotRISXDhCfI+Ys0yxMy/t6Sj9pphdoJLFpoTXUB23Hx55LYD3
- /DiUnoz9WXj0pqiiVKZFdEh1Uwb/M4LDXD4IalAnFpSz28CCr2/24f47e21y6xz2
- LLEIjFpWreBpk81Yceu1Hh+OAtabzs9R0DRX2hILfmb4QjnUNmmoSjMd4/kCShtU
- xSaKGKQ9TUc8fjmq1E5fmE6lbKkiwpIDNBIJeJCTo5tq3t6ncFt/L6Tv3gsCQUag
- lXq09Ca3jyWp6KzTB2sBu/8RFZaBgCcp8yJig89e07IfTqEJDKLzVqj49SMWtajM
- vv0oArXNQ0C5f8ZUNV0jkszopWqgEhDyso94Yuk5MPVcCPsq9UYVEMEuPFMNVVpV
- qq12MNYrWPySwQzsCAgAuEva8rrwmfrlUA17yhvdxRvp/fJtxq3f/5OA4uCT28kS
- gehoo41dTJtRdpx0BvbWZIIC2mzC4kHGJQIDAQABo4IBTzCCAUswDAYDVR0TAQH/
- BAIwADBWBglghkgBhvhCAQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRl
- IGZvciBGUkVFIGhlYWQgb3ZlciB0byBodHRwOi8vd3d3LkNBY2VydC5vcmcwDgYD
- VR0PAQH/BAQDAgOoMEAGA1UdJQQ5MDcGCCsGAQUFBwMEBggrBgEFBQcDAgYKKwYB
- BAGCNwoDBAYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBMDIGCCsGAQUFBwEBBCYwJDAi
- BggrBgEFBQcwAYYWaHR0cDovL29jc3AuY2FjZXJ0Lm9yZzA4BgNVHR8EMTAvMC2g
- K6AphidodHRwOi8vY3JsLmNhY2VydC5vcmcvY2xhc3MzLXJldm9rZS5jcmwwIwYD
- VR0RBBwwGoEYZXh0bW9uLWNsaWVudEBjYWNlcnQub3JnMA0GCSqGSIb3DQEBDQUA
- A4ICAQCm8BzJDpZtb5NgIsxKXKYKqkmhnEpRWuRlTgrAlK3Fj1NH6XSs+gJt4wNz
- HPMtPvJYgqPvDUgjujCV4ntMt/bta5HKaQ7l8Fol9n7fL2K225o0jA27ajDdNNAU
- CdZVGLkeQIS5EuAZ3jqt59TbKy5ZiF7zLE/h3LbXolykom/7pvmgKYjkIp5sKvKh
- gGndU+roAKejLaFgxCWX02DXC0qj31vgs81YM1i6D4UiUPP0NOoAPYms+9rezk66
- bF+pdZLclSoUPoral+qg/p7mF0+LaAxg5dptonX6mPIkRQPSmFXMWWmiqupyS3aJ
- Tg6pxPLoH5n1DCWRWmBeWbpNRgXhLV/hFdNn76kVZx2+NeOaJ+WkHMfc82cWUsqw
- 0DwHfaFEruLAK97vU8B2lnX7jvOXP5vTzPcp7X01EES9g0dkXsknBDJRPjm3h8A3
- v5A+zi8NuiBHXcEjfh/2XUXNEpai/ZVmjfg6XBlkGi7IRZHdQG6SJ+3FFOBXr7DO
- pjoj8eOUx2i3/Zc0E7eA2cnFpwlTcN9v+7yH/U76VxGpZw0uN5ZV6/QVcxrFsUER
- 5gCzDizhtDcTsX/4/6giuZ9AzaxGfhCTdI+4iq8txuX9bVPizgq36rICHA4NdF39
- IqsKlypGICER+j5yre6te+uuNhimIYbtpaalp9fArfOhxMDjRQ==
- -----END CERTIFICATE-----
+ -----BEGIN CERTIFICATE-----
+ MIIGUTCCBDmgAwIBAgIDAvqKMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
+ Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
+ BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwNjE4MTAxOTE3WhcNMjMwNjE4
+ MTAxOTE3WjCBrjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMG
+ U3lkbmV5MRQwEgYDVQQKEwtDQWNlcnQgSW5jLjEcMBoGA1UECxMTSW5mcmFzdHJ1
+ Y3R1cmUgVGVhbTEjMCEGA1UEAxMaQ0FjZXJ0IGV4dGVybmFsIG1vbml0b3Jpbmcx
+ JzAlBgkqhkiG9w0BCQEWGGV4dG1vbi1jbGllbnRAY2FjZXJ0Lm9yZzCCAaIwDQYJ
+ KoZIhvcNAQEBBQADggGPADCCAYoCggGBANIdW3yyGH9LWYseNDIIs+DDHEd3HGOO
+ H31JQKng8LdEZynotRISXDhCfI+Ys0yxMy/t6Sj9pphdoJLFpoTXUB23Hx55LYD3
+ /DiUnoz9WXj0pqiiVKZFdEh1Uwb/M4LDXD4IalAnFpSz28CCr2/24f47e21y6xz2
+ LLEIjFpWreBpk81Yceu1Hh+OAtabzs9R0DRX2hILfmb4QjnUNmmoSjMd4/kCShtU
+ xSaKGKQ9TUc8fjmq1E5fmE6lbKkiwpIDNBIJeJCTo5tq3t6ncFt/L6Tv3gsCQUag
+ lXq09Ca3jyWp6KzTB2sBu/8RFZaBgCcp8yJig89e07IfTqEJDKLzVqj49SMWtajM
+ vv0oArXNQ0C5f8ZUNV0jkszopWqgEhDyso94Yuk5MPVcCPsq9UYVEMEuPFMNVVpV
+ qq12MNYrWPySwQzsCAgAuEva8rrwmfrlUA17yhvdxRvp/fJtxq3f/5OA4uCT28kS
+ gehoo41dTJtRdpx0BvbWZIIC2mzC4kHGJQIDAQABo4IBTzCCAUswDAYDVR0TAQH/
+ BAIwADBWBglghkgBhvhCAQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRl
+ IGZvciBGUkVFIGhlYWQgb3ZlciB0byBodHRwOi8vd3d3LkNBY2VydC5vcmcwDgYD
+ VR0PAQH/BAQDAgOoMEAGA1UdJQQ5MDcGCCsGAQUFBwMEBggrBgEFBQcDAgYKKwYB
+ BAGCNwoDBAYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBMDIGCCsGAQUFBwEBBCYwJDAi
+ BggrBgEFBQcwAYYWaHR0cDovL29jc3AuY2FjZXJ0Lm9yZzA4BgNVHR8EMTAvMC2g
+ K6AphidodHRwOi8vY3JsLmNhY2VydC5vcmcvY2xhc3MzLXJldm9rZS5jcmwwIwYD
+ VR0RBBwwGoEYZXh0bW9uLWNsaWVudEBjYWNlcnQub3JnMA0GCSqGSIb3DQEBDQUA
+ A4ICAQBkwXx7IEeXNytbGtv6IQlvJz1tkpOz8asBgbtD1byQCO7JRUDblQgzap2y
+ rgeLZc5wnTYP3FKnzquXvxfkgfR7a40WPTSPpvrSXMY8/BUvlNgYVpYBjMxGsVCX
+ gW/vX2A7+vSgJLUkCYJL98ooT+kSmsh8Xs6rB2Jz8yCDC8Niu5jUta47YCviuvuN
+ Z6c8mNqrFV7MfRBBfGodl5a2djFzKYhgrPyaT01qr7Qa42wDOWs1Pl1uD4Z8m08N
+ vv51y694gnWMKAhM42AKAEMiybHJ+1eIV9sOkanBDjeCAM4/ugK5Gm29CnI5rNV8
+ VZMrksS/YiMZPPHrVrqaUHVceV0eqYRi1bmIRvaSBEEJGK4YF52qmBJmuszqBnTW
+ YZ8CkZCPOI74K1wpG1F/sgME1yu9WbxjnB3Ig3CZ/EqJmhf66cgsmnTbpOsabE8v
+ 5eIsyfAKlAcNRNGabDyRTVJsSlD/ISivTnoQsW1ay5bLkyHgmRgc9U4zvNeMBKWz
+ vJ/126fnc4tkzlk0SM+ntph3xKAaqEEZX3pchnxlNWohS+3T3c6lUA0YUsvC4vL7
+ N0VLPi3YcRzrvciSNXZTpTrYnKOWKW6DKp6T9AVaf0DxcAc3UvCQd0QOEhqKnntn
+ kvuUL+mj0ZV1h7F0/NUmtEb/OOt/Yt0LgiIYarfj2tKipgCDuQ==
+ -----END CERTIFICATE-----
diff --git a/hieradata/nodes/git.yaml b/hieradata/nodes/git.yaml
index 4916473..f2a056e 100644
--- a/hieradata/nodes/git.yaml
+++ b/hieradata/nodes/git.yaml
@@ -6,13 +6,141 @@ profiles::base::admins:
- jandd
- law
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAicLOD4qZ/TcPgGkP3umuFlFULVt0+2Kc6cw2
- TtRS/9fBxBNykYPKIKwkCf1pvx4iZMHk+cCzmi2jJUgSual0AYMx5+Ax+tzW
- FQGYv8U2fzC8yCvY0xRMe/pls58rrUxVRN4EcFEa+NWIGiIM84ds5qdCY5SY
- g2hhJql3N1KPeO9TMWKvrQjL6ZKvHgOg71KrP0+TnYBUbZDRPnklNnvVCCj5
- 4i+l+pgI0H4eEO2vysI6xFwC8ntxOqo4rJTAmLypKvshDpHPdgWShnBtcQq1
- 4yxr5ZTY22pXD5k7cVRtPn4WyW8ackk3be4BH0AtUd4vA6Wx+bJ7qLw9kd/G
- yZSmjzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCJyEfssCaSbBwlVn8O
- qWALgDBDQ/V8TsmywwNNLfl37qfDD/xaT7aqWvhsZsvBl1Z9/go4u4gtxKju
- Ga7tgV79rn8=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAicLOD4qZ/TcPgGkP3umuFlFULVt0+2Kc6cw2
+ TtRS/9fBxBNykYPKIKwkCf1pvx4iZMHk+cCzmi2jJUgSual0AYMx5+Ax+tzW
+ FQGYv8U2fzC8yCvY0xRMe/pls58rrUxVRN4EcFEa+NWIGiIM84ds5qdCY5SY
+ g2hhJql3N1KPeO9TMWKvrQjL6ZKvHgOg71KrP0+TnYBUbZDRPnklNnvVCCj5
+ 4i+l+pgI0H4eEO2vysI6xFwC8ntxOqo4rJTAmLypKvshDpHPdgWShnBtcQq1
+ 4yxr5ZTY22pXD5k7cVRtPn4WyW8ackk3be4BH0AtUd4vA6Wx+bJ7qLw9kd/G
+ yZSmjzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCJyEfssCaSbBwlVn8O
+ qWALgDBDQ/V8TsmywwNNLfl37qfDD/xaT7aqWvhsZsvBl1Z9/go4u4gtxKju
+ Ga7tgV79rn8=]
+profiles::x509cert_common::certificates:
+ 'git.cacert.org':
+ certificate: |
+ -----BEGIN CERTIFICATE-----
+ MIIGSjCCBDKgAwIBAgIDFR2vMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv
+ b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ
+ Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y
+ dEBjYWNlcnQub3JnMB4XDTIyMDEyMDE2MjQ0M1oXDTI0MDEyMDE2MjQ0M1owWzEL
+ MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD
+ VQQKEwtDQWNlcnQgSW5jLjEXMBUGA1UEAxMOZ2l0LmNhY2VydC5vcmcwggIiMA0G
+ CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDIIRf8Y6kJmlD75bUHFspFK3vsCxrN
+ Txf1l5FF0kRnpp4XNMwC4p75VZaeVao98jAvvtpdcCDfZUYbVWCxWEWZbC2njK76
+ +hr8C6Y5q7BCGQ5cfJ+w/YMaTXebb1iWcgbGu7KWhHcTg6I498XzEn0fGBgfPTUD
+ xk0PiS0j/8/rp6UWcHS6xxscRQ6wO0fiEKdMNHzZ4A6Dj57M/Mb7js3YJ/8FbIUi
+ 94NF9QlRyI2H4m5N/vLZtknc75doyUq5PZHDkSwHvD3VA2Atd4mq4bJArMrIx3I7
+ 0JwZJbAS6DElgwxDyq/o8dEG/JSg0PCbtGqZEBAXpUYDloSdCy3CDl3MEjwt5Y7s
+ WxqXadGmb/Vn9igKkiK8FAOvBESLlSNZFqPdxXdmmUjlKgnARkA3WkdMTcADwYhd
+ 03Kf1NvTGMVFJWLPZ8OjpYgfQPmxt7EtZTAw3/VDy0MYLzBwB1EoDn2Vh3LbDzSe
+ /HAzG5drxgICA4EuHQOT7vnerogKd5OfmT0zwysxRHXEl2+DiYX6QpNDHp9j4LCO
+ PecYMrhe6KUnB1Oju6pgqTTP3AFUSqb/LNoQ5r8+AWcVeOpf9JUmNJJQircD0FBv
+ GYtiSsGE+puoRm4cy5HynCWo7mqAVNsGAW67RNx6GMorBA/j9LLjARyVwasQmYld
+ i/RwBNObRh4bgwIDAQABo4H4MIH1MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQD
+ AgOoMDQGA1UdJQQtMCsGCCsGAQUFBwMCBggrBgEFBQcDAQYJYIZIAYb4QgQBBgor
+ BgEEAYI3CgMDMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29j
+ c3AuY2FjZXJ0Lm9yZy8wMQYDVR0fBCowKDAmoCSgIoYgaHR0cDovL2NybC5jYWNl
+ cnQub3JnL3Jldm9rZS5jcmwwNwYDVR0RBDAwLoIOZ2l0LmNhY2VydC5vcmegHAYI
+ KwYBBQUHCAWgEAwOZ2l0LmNhY2VydC5vcmcwDQYJKoZIhvcNAQENBQADggIBADl8
+ gHV6Vs0RtwlmdSKwdbgAjsDcjp7l2qylfCniLG19OVoNZNFB8pxO2tCK3cv5xCtH
+ frRh9hMjOJLDAy0R0R9xoofdKdIV/FDN8T6o79r4V1olORNmtaY2iJ0ikV0Urt/k
+ vx4q5rRImAiInhh872wnWXhHMteB/zc6d4j34s8evjLDOh3wEjvrEiWyFGqp5CfM
+ a+euTk3SbIFmAvL0tknNA1S0RD4QntNUrViFdu3wQfnGEkqRVn+noO//wo369l7I
+ 8Yr8Dj8Z4ldykyiHOuYwUq3BqdJZp7NIE0miRAaDh1JVdXAwPo7EV1NyMPBf7GtJ
+ 1OqmTdZ4NMgNns0VWXN8bvIY+Xka7g2vBqYdhPJZusyzh6WHYzfTOthnLIib4dJ2
+ 4g+NKTVuJqYKLu6s2Q9CD3UL4spmP0ZoFRE5BVQJhQys0vJ9+wRyCjJZELGChlfm
+ kOm4cB1SQ8ZVA1P3UrDT5LOrcxnpgBw8D1lQzWKWxo6hStGcgqhyIDn1x3BjQ2AR
+ bTpkzU/496Rz4E6s6qQxAmERAEiTFCiRJC/jzuUGt6tiBeZWROHNpfIJE2W7K3qo
+ S6Gi8C4RDrFaMStDFXnyw8egBmdzjCWhnkjqZXPTzZwa4bai4Th90egbfMLHHZS2
+ KR2/Pxkzb5Mh+FYFNKNfJFzr/u5ZntuLcifbnLbg
+ -----END CERTIFICATE-----
+ private_key: >
+ ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAZd0HoQNTP/7bxszfcQduygnbGmtMdOne8njH
+ I9Wi3Ncw8Te0i9eZAps33SrAf1yKZLJwUbl05FTO433R+JSqH3/N7B4PoJwC
+ xlOWSN7YeNcCR8Viu36ezwJk90MS9mcDnGwXFfiF+EVk1hRCrtDdgJGMhBkU
+ snUHJDQN8Zt7L+e7S3UbTWf0niSN9CIkgqgYNq8n/PubdtozW/l+3JaSuhgW
+ lYrBq5U5QWQocKZtcsHdtRwwEqtx8rcGbor1vQWL8Tp2CoU43I6NxFRQDB4E
+ qtB3fxxaMuJlhq3REC3oTKpoVTSl1mQWw8B7Qdfra5wt9rtktclpcNQYv6E/
+ FFuuUzCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEIYWVHR3lJNhDET9
+ KS3GUt2AggzQhq187NYKQYN3rGF7lQis80jDeeR0GgEsyFZroDtoQ2q6nUS0
+ ZrxH6SJqxMEtQABCs6CKjrRA6pVHa/k+haUTsbQq7r7OlWL8qkk1OSACiAaI
+ 23GqpiAz/8r3UQvDmnF1vZhyFgmp1H8xrWj2qRxq2okeVoDphxqQjxSQ7TfA
+ qGoH3FmyqZ7OPnw2KOEn/OFflgQPuJo+5hS8Uot7GadYmmUV4CvOst6vwSyr
+ BshVStJLSxbilaDPjxqSdPfFz0B/XT4a0tCG0msnCL9zclzbiuTU8MSIA55l
+ S6o3QfX2AeeU4vlV6PLMD5RL2G0n1rPj+MJgNKsuAiE9tjTrc1GS/xYQqKiM
+ WKF4fXORnL8iVLlIKDiYUPBH3Yw6DREDlcRH0hW9Xhq7qUPoZDdr2TQUs/hi
+ kJcEB0hHxOH3D2i7dmilH38bExPruWqDme7T0+KPGIB9mtyJ+f6DyJLEsh+T
+ 1tPk0hKrW0GpBgdz/iQ2q8rM4iHmYLN9irilFaPDKsezY9MlcGWfuyZDepDZ
+ XEg45m6+a6cN7Ec6YAhR3bHbFY6upw+R3KSrOiE0siOnA00SVcFKjwlCLvtP
+ lbbEHnv4mbJ5wyy37GMAa2Rhqg8fwex0Yf6cqkFrPvzodS3EvTZn0WYCZ0sM
+ vHBeF2ZlSVZ/sxrts0qp8A1jQkGm8sX9ER1AONjhuA1czwZf/tZWKl4Kcyki
+ l5ZLhzMKJ48RLdLiGWwIUO+tm8OQgKo0LTAsxzYVMQSXIxeSNIy+DhC1Zzzd
+ gP/tVDCAQV0HRkTpna0TG1WYnQuhW3zrrY+CfmIMUhUJrFNn5vqwmgtX5CN6
+ zswFx+whl/i6XXCGViRLGzIayIbG2v+3eOZMbf0SXiHIPXI7+ozAEcQ4eicQ
+ d7WMhqKJmCnt+0XapzW1nqMCpMLDOL7M75cTvC1pKUXr9LANSqvKjlWScb83
+ 1WzBWGv++1Kk1eJGrarX0TmUsaFYmz11O7S7rcFlt/Ldk/mCkoyNDZvpItqY
+ 5ELqs7aUkrSzzBj6udNpi/sN7lN0FcBOWAIJKjEd9gNEdewTjGbg9hV+OFRv
+ ETh3rh+xD6VNtkvrpCWPoeNwvv+UJr0+uH+dWyWdXdDilMrWvgHzgLn/wb+m
+ N4mmcg8F/TUu+NcqAd+k64m67ZCCtgrH88kgA2YfEnBI3749dw1nNWfJMrij
+ e7v9YgFhtwbVMB9yaYQ1YkMinIESO2jp8m9zSx7aBtWMLSUSgutB450RMH0g
+ TmUZgFFFyjS/fmrCNEDdMZRqNpaQWU0crYUEbl4/uZ/nkPKWGL746MKPUiOS
+ HvBnqeghwIG8YFJz6xkOLPWX2BIfJmojC0JqVAiMnTq0pq5xIF/5CYLzJDCs
+ oQCp070+eDsR1mCIyJ7BWqgMfuIitJFOnhr86pxFlEqhZ1DjJD8BlVgcnkhR
+ 7HNxJP6QBH9XZQjQ/pRZ6fkuPdRqPLHguDe4xf4nyHcbir62y0W2b/iTYlI5
+ hddlkkcssOpd2hbWhSEFbBBmwjHFencHHA6v43B8DGrBeUt5sBQEoEErktVB
+ e3AQ90rXe8sxXPDwM6P2gm05JHh4JTIOKZqi4628KsMcq+lGkljY2Q3zwjRf
+ QbNnpasEBEwMPSURTG+FXhyj0L8xduUHuDDbs1wY1McaOtEkV3IoImC03gAp
+ B3erDHKP7NpzV/bfrzavnMhx9e2fVoDZpM2Gjtf/uytr0uN8DCuIWlbb0keL
+ r23isiRg3joGOjQQmh7TOV9fQYBhI/iTnUasvBrvPL4CA4o1DuBpcLQPJp6e
+ bG0oUNKVGyszfX+P96e6qpVt9ykB7RAzc1bXH9JmzKzhOZ7eY+us+abtc2Dk
+ B+wRS5ftcYrn11rWMg3cRnRfpgrD9Y5s5jpz7EgYV0wkeBtl6L8bUYf27s3h
+ O7otc6ARpQvPfzowdNRKCWfXCvGG1tQogx9yfuUVXxk8mzQMAYQnHnIkavtc
+ uKsoAnVJ5DCYmkGxQjmBnwDzdH3hKaAl2BX7QE81bf6nGijNH9B+jq+qIYJb
+ irCbAEP6+mtr2EgAAY42Q7Oq+2BaXfQBnY1OM1bfA43pXXBybAjyK6++7C/Q
+ oe7DXjuQ2slylMTPaUGeTMog0VNs0v8+cvNoWgqnsj0wfUR1+3YSi7mlhkiH
+ /7RZd/UVRdNSatrj1bNldv+Vuvl/ZvYLGhQOPXjKCRYxx2vDiNnC7sFDDYOV
+ ZH2jgIPwAJW3JD9EH5vF1B8evMlPrXxERXH4F5hyyWPdzTA4K8eQnS+cQuVB
+ XtNs9O3nHG7Y6shSnh2/gyfEYcTkP5fRI6UtnGdDKUMUi9Z0wnBpiSIC9OgU
+ w6ec4oZtS0iAL+0SjjlO/0TEAxJmVyEgqiFK61oLkEj1p0M8eH5Asp99yOlI
+ P/M7tp+g/nx9i43mA1a79+ux3joex41AA+En7Is6K0y+vcfjcxMmCmG/+USs
+ thOAooPKHj7r0dYid/9OFSz5VRtPq/9Wo5CNwUWFPSSuuvmczvxoM3Kt4Dig
+ c2OzKWY8P7Nk5ogzUgmki/66BC/hpzQDIfWMkhGxOvEMipmZW8ciYmBo8yBR
+ 6HsJsb6opH7YrcvOUiS1bycnk6pBpWucM1hqbwaKSOzcC8Kj+GTtsHhY5JFr
+ PjHK8OUUkEcKIkZYa3LaDNDWxY//MnPC9RygNatrOCe1ay6MD0DKTYEA0ZpR
+ ZHq1UXolbXN1qKdhxd7tEl6aWc+dYwIQt/2lzpUfP3s/6k2ScRwD9PizbKFo
+ RRsW4e37p17hqR5iEUSpuUM8UQn8d8U40GlTORjxDGsr7yrYSug2pBwxg8W6
+ JCyGhT2u0Ex8pVzEP5YI9BabSMsTLZo5BfoiZ+XLxcOp7X5LZD+/83n9aYsT
+ jRoBIBC/yFLOnr2WR12dMIg6VxFHEEtEr/4hicpBDxoH6HSzPh6QHrPCPGto
+ jDPq0KaLA0TXFdf9Bb0ZtIhNDdrdW6clhfKJw0wEO52gTLBRRM5pffVMRj6d
+ CTSNKSUm0pPpe+hGcO1j/lJXCsOxAfdcOr9/7v76jWDlxN4w39vJ35g0soDs
+ 5X6F4v69awoLr9zr+bCHenVyB/vl+g95HfV1ZOoEEHaJdi4hqNPG3NIwmrm3
+ MT3+tMywaMQtl/Oj8J7qI6KWIIxn4lF6XDTf3Lnyq+M51puTD+3DOEirAhk2
+ HH9BSuCfRoqEyVURuzFhZKjuO4VkeKQ4OCR1sVYHUcA0kZ7C5xrJn5rpvbYM
+ I/Fwx0UEw8u4b4NhR79sbijyx5r2SARaVb8yZrRZ2FzMxHJBmxuN9+kFLON0
+ a9FGOaQefIvNBqTAkOa6nM5L5lv1LFQ5UM0YddSvN+SjQi8aUeaEqIvHXTgv
+ dAgQAFXgMW2/KDhkMLgWQ58YwGETMrChpOfYHvZMqUVuAN2gVMc1CuojK68L
+ KlO4POMMud4ZwZxovOjbbo8wnUtln34yzGKZnHZR2pyqSVY20baK1dKamsiY
+ LJibYQUQOBB4D+lsEUCcyGIez9AJNupf3M/fmKXmOprEg0sGzcgUKkCpMriu
+ 9ARVqvMPD2gfJGGU7IIXdLi/cHmt83r0dLj8ktGwK9MRPBJFcUXTMY84wiUN
+ rME16FIlZFKLK8it/HfmR3TnP7hrw72256+432doHzZCatKkFHcOdhFWB4Se
+ fl4i2n9JuQhdenEwa38I3nDe9szrrbiFf/o5rJGWm3hQia3nTAuEtZbop2WF
+ N5hpKFsTo7pSmmL0Po/9n6cSNpMzM3VY3WmJ9+vrSOmG1nLju6SXVyPS9/ER
+ AqZ6DjGPdbuu6bslqKaL5XAy905ej5GqDPh3BN1eJGYGce1qrLXJXqFDaL8r
+ RDYoL/7K07FGDqpJtmyLrjDxHxJyEVZqs7YLusXRsVs4bY2+BlP9JpLi9ySJ
+ 2Lidl4gLvvd5hU+mzmf1/rMYdZjBlHeanHBVT/EMWCeF02iyXSLcmHcu/M5X
+ AlpfR7zgAJp3HZXc8pBPogLbm6FS5HTkobBPQLj5WAwMOhC0z5tOM5e1aq4x
+ EMNHjL+FmsQMWj1m3z/ILUvgP9+vidEZbLiNqYuLmRuFGZy3P8sHzXU7MXHN
+ vc/EBDx8uFWqXEBvGgewtl5Iz+EFITyoNIMXYp1QnyvT+xRf1BH4WqAJt3PF
+ HYrtthsZ4WYZCGaMQVLJn+klWsCeaL3pxJ5/BT9CyAm18zfTCv/LEec9ZFDy
+ PxprSYhp8DjPthymK9PNF+pLDCrWXwuVNidWb0PTmRS1u58W84EM4blHq9t1
+ 7kkI5mMwOm1GFLmbnwNg7mJ03fmQaC7YHS/q+DHKUh/qyzc3+6QiuBTrRud8
+ K7pbVQqLY18HwVq48Nm32a8nglw18C6Cxl5wLN9b6jomUxfcRtNklygTTlR8
+ 51Ms5Q==]
+ cacerts:
+ - class3_2021
+ - class1_X0F
+ client_ca_certificates:
+ - class3_2021
+ - class1_X0F
diff --git a/hieradata/nodes/idp.yaml b/hieradata/nodes/idp.yaml
new file mode 100644
index 0000000..8cdc0a2
--- /dev/null
+++ b/hieradata/nodes/idp.yaml
@@ -0,0 +1,16 @@
+---
+classes:
+ - roles::idp
+profiles::base::admins:
+ - jandd
+profiles::icinga2_agent::pki_ticket: >
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBAD
+ AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEASfyW90GZx59x9n47HHlEnkdZ+i
+ niLnTLC+oI8gfFPIH3Tcv15144flW2i0yZGezOrx7u45TB5Etat1xQHikWej
+ AIZnIOJ5EQSNbpz13tGFscC8jdt3r0MzCzdy9S/feyY7hy7Rp5e660ihBJYT
+ eLy+FbR+w3HQ7wBlpXaKB2qXHqBW2dap8iWAVFSqZLm0doZ6NY6vhhFi6JnI
+ gFj6QmUJuE2YyfsJBTl3+u+U8CaIVHwM2NnOXqNys57LUgfCWe3vEKn09tS+
+ 4lCT/2nuMykMjtSHnMG3JwhsrHs9it44sqRF4iviuYOx9hjRjt+oAqe0P8ed
+ kdo3U37c2JsLdLvTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAcAkuhaq
+ iY0ptYro2vaoRbgDC5RScVpxR1ZhQKA2jU9b7RcuV44fADXtPnWDhFt7wwNc
+ kM75ghXXnTtSsfA5gqsLo=]
diff --git a/hieradata/nodes/infra03.yaml b/hieradata/nodes/infra03.yaml
index b66befa..7452172 100644
--- a/hieradata/nodes/infra03.yaml
+++ b/hieradata/nodes/infra03.yaml
@@ -5,3 +5,14 @@ profiles::base::admins:
- jandd
- dirk
profiles::base::is_external: true
+profiles::icinga2_agent::pki_ticket: >
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBAD
+ AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAooC0Ys7yF7XmdU3gzQQ766/GiN
+ GLulXOVHtr4cEbHSx0eiVtqzADHwSyfzyQNQJVD9p86iwLDlHN9zFfe/Hz4m
+ JnxJgbZe6CqfB/O5qfv2HivSfroPN4EQBJWRRy0JLX9KlAbSNq+PGuJrdLa6
+ EdH/kzLs7giCIy/jDEqDsvqeHiLOoq2W3667piDiIUxqbBuiKkxfKxY3q6Ps
+ Z5Qir81jns727Xn+XNPw/20z6KUj9waKHam5lqssHRqWbfdbSr9bdscDknzl
+ chnSMcioKSrFslI9r8r01+fSDQ6mvlONhpMysbjcF2mZlgpDkejspSTLf0lA
+ OKXjOEuOz+tE3a/DBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDsDlK8TG
+ zoLZzcGo+qqbhIgDCmkGuHUCKK6fFdfjBpiPUfQLFKJCXmwcS/8scuPsYQty
+ JK1sacuClUt9YhD2I4UO0=]
diff --git a/hieradata/nodes/ingress03.yaml b/hieradata/nodes/ingress03.yaml
index 770e7e8..5406293 100644
--- a/hieradata/nodes/ingress03.yaml
+++ b/hieradata/nodes/ingress03.yaml
@@ -7,6 +7,9 @@ profiles::sniproxy::forwarded:
- name: nextcloud.cacert.org
ip: "10.0.3.12"
redirect_http: true
+ - name: code.cacert.org
+ ip: "10.0.3.15"
+ redirect_http: true
profiles::icinga2_agent::pki_ticket: >
ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
DQYJKoZIhvcNAQEBBQAEggEAYZ5HjRcuW3yLHDHwy8S2uJw+FceUQoSFrh3G
diff --git a/hieradata/nodes/ircserver.yaml b/hieradata/nodes/ircserver.yaml
index 27910db..3aa88ed 100644
--- a/hieradata/nodes/ircserver.yaml
+++ b/hieradata/nodes/ircserver.yaml
@@ -5,13 +5,143 @@ profiles::base::admins:
- jandd
profiles::base::rootalias: irc-admin@cacert.org
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAHaF5dH8H7SFb1mKY8FWu3TL7MoHn2lk2V/1S
- kjM3nOJ8tSCSVLZLg+cE6dLZPS8rUp/UILBG2BqN1eg41pRdEJHSa/4XmvP0
- j8V2xWsahNnhMX6/NBHkNpiyC2iGTmhj0V+31QN9QOMRDfsStNeBgR/atw5k
- h20bpmlensNUeMOz5McoojMDFrshgPSp4kg1FNofr+6ZXiEGb4Jf4W1617k+
- 0cISAqQ9kfGOrUcvXVIFx+c2trzbnrnZpmVqXOq8xVkgK9LLLVeYPZfnPwxY
- 4SBjevfBjG5cmBgZvENiPTVEDWnv+9dETR68UiG+dBdbVdOuFP/8qJtpppW1
- FZPkIzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC6l3NsMeJypedfMF6O
- i2rIgDDlShiaPIGUL6kAk2yEPiIdPCt8J86QsLY+6OsLV0zn+wRQJGL+WY3C
- FbKij0dpGow=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAHaF5dH8H7SFb1mKY8FWu3TL7MoHn2lk2V/1S
+ kjM3nOJ8tSCSVLZLg+cE6dLZPS8rUp/UILBG2BqN1eg41pRdEJHSa/4XmvP0
+ j8V2xWsahNnhMX6/NBHkNpiyC2iGTmhj0V+31QN9QOMRDfsStNeBgR/atw5k
+ h20bpmlensNUeMOz5McoojMDFrshgPSp4kg1FNofr+6ZXiEGb4Jf4W1617k+
+ 0cISAqQ9kfGOrUcvXVIFx+c2trzbnrnZpmVqXOq8xVkgK9LLLVeYPZfnPwxY
+ 4SBjevfBjG5cmBgZvENiPTVEDWnv+9dETR68UiG+dBdbVdOuFP/8qJtpppW1
+ FZPkIzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC6l3NsMeJypedfMF6O
+ i2rIgDDlShiaPIGUL6kAk2yEPiIdPCt8J86QsLY+6OsLV0zn+wRQJGL+WY3C
+ FbKij0dpGow=]
+profiles::x509cert_common::certificates:
+ 'irc.cacert.org':
+ certificate: |
+ -----BEGIN CERTIFICATE-----
+ MIIGlDCCBHygAwIBAgIDFR2xMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv
+ b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ
+ Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y
+ dEBjYWNlcnQub3JnMB4XDTIyMDEyMDE2NDY0NFoXDTI0MDEyMDE2NDY0NFowaTEL
+ MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD
+ VQQKEwtDQWNlcnQgSW5jLjEMMAoGA1UECxMDSVJDMRcwFQYDVQQDEw5pcmMuY2Fj
+ ZXJ0Lm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMphj1ifH0U+
+ y9Cto8hTEV+aGoT/THQ+d9XkcAciUdARUE3TXQYwbnIyxEmsWbUs03iHgXzPGS8m
+ WLSbMUE0qCGlbQoJskvVaFv4p0ZOagAQImBLMzgLbNrI7BqwRs21ziwqTU3YXjWc
+ FaBssULzDnpekFpqi4//JHIlES2U4qIW3jhsxgwHScmoYeqaF3VIfvAn5kvAYvDy
+ TbIitYOTi3Cj7BFfeeoBZY73UWW9ZVSNQCUZMnGDFDEQBOrADHRXkQKOveAEgMVI
+ OXF89RqOHBQBO8rlZ6bJ4nuPt0nHv7Lvn7kfIZC/OQ26IggMy6ZldUbo0kz3Klls
+ fV1ImP76LkFB/r/DB5+htk8QwbZpcofDmdsbqPPvu/7fK0gVm+ueQtKVBYX9G4gk
+ oWeBbhHlkd1KgKmyrxvzkeCk77wJrU/46Rsi6fr60hWqXVLzr68cyPg+6riEjT4U
+ 1HzoBVGvk0wHtX2TNgYxxSPbibCqyDOqdxdb8GsKiNsg6dbSWFtHfSkw3gkufkFL
+ ++7cgfoqUnqoTuSO5C4JK05C+werng/hhT7101Pg3WLpVUD05Dv09jLPET7SGUVN
+ CBi3Lpfy9FrbYddluqlFot29gZ3cQdoga//EimKQ2hRAeuIbR8eq9nnlfPT+2vOj
+ tu6qnH45oubD4vA6kMSyGoTh2xLmmQ/xAgMBAAGjggEzMIIBLzAMBgNVHRMBAf8E
+ AjAAMA4GA1UdDwEB/wQEAwIDqDA0BgNVHSUELTArBggrBgEFBQcDAgYIKwYBBQUH
+ AwEGCWCGSAGG+EIEAQYKKwYBBAGCNwoDAzAzBggrBgEFBQcBAQQnMCUwIwYIKwYB
+ BQUHMAGGF2h0dHA6Ly9vY3NwLmNhY2VydC5vcmcvMDEGA1UdHwQqMCgwJqAkoCKG
+ IGh0dHA6Ly9jcmwuY2FjZXJ0Lm9yZy9yZXZva2UuY3JsMHEGA1UdEQRqMGiCDmly
+ Yy5jYWNlcnQub3JnoBwGCCsGAQUFBwgFoBAMDmlyYy5jYWNlcnQub3JnghRpcmNz
+ ZXJ2ZXIuY2FjZXJ0Lm9yZ6AiBggrBgEFBQcIBaAWDBRpcmNzZXJ2ZXIuY2FjZXJ0
+ Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEATqSswtoLDceQ3qhpyiov/QgYJjie4NHJ
+ OPAPtLtwkx3YB2YFIa9NElr7MbOD8ZmWOuFwOx9GfvgZqSg97b8qCywaBrUXGopc
+ 1MeSQbWgDDNjb5rmcgaw+3ReIaU7uDBywGfh59hvuyQa4Zy90VfdtSdDypIoSyqh
+ u6lJV2Bd0Eo+5xxGHhuVmGWGwFeKCVN8axETCtK4aeHCvMbJwcdA3veovnIckgMY
+ BLVfizh71iohPK2eAQ8coDbpujtJX4OcSq+/VtmB/wNTWlod2EhtqPivUzPhFbn/
+ /9cPl1nCClGxWtuzsxNfIIusLgy7w4Af0xJAkzQBMgU7AVWZP10omp813qZs2yh+
+ T43Bxr3Yasa+GGXVg1U0mHy4TQ1F9F2hZTCMOj2io2YxG8VpjzWi0EVWcE3ymWBH
+ R0AZdwANfZsyRVqbG8DQZ4DnoULScN963oDZSOADvj8Ul7YP/CWW+wl+rr43yhRx
+ LmETHIlk4KiLDvDyEwmhgtL1oxgMOX6SlbJXxrW2H8OmcFJ0gX5Qfpa147dXAlQv
+ RYSi1g12drO1KqTwmFhlSzYidXjkQE4/owryWJOtJl0rG8ZLa7vPtUu790PRAqCd
+ dYZGGGkcoFfVKGFQfSPA0vAtfNGGLt+TeC/0Qsw+hFXSwc4GpDnubH/MgUGTZUSN
+ Z95uBDgYiC4=
+ -----END CERTIFICATE-----
+ private_key: >
+ ENC[PKCS7,MIIOHQYJKoZIhvcNAQcDoIIODjCCDgoCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAmnEuESfZTm4g2v2cXrOxvZgM56GsEILZyDcz
+ r7D2S4MHA84QhDtbUAnqLRJOA4CTaLXWgd5wMZSc0e6iEfTDVbW4A/xfP2i4
+ BbdohtCOBDjGzVvvzy2rnd4s8ZF5OEDH++s22dlUc7rgvwesEjaHthwSGd2Q
+ 8O02W4ewqElACTsqbBU+tRqPNn0/bg7YK9nvP9iprSlcPjaPXqFdL89rGF4Z
+ mogDf9Ypf8MLA9/Af9UbWtDChFg8FOIQ2BaIsGINV/VTdsVHBnfdV62uTIP0
+ pW4cTP8GnSH/xs/PVPzSzmNvIiYRLPZlyUhYnn+JvGMo7DGAF5itq5jnrpCk
+ /MdROTCCDN4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEEzFSuqoYeSh8jlZ
+ vvuUmp+Aggywppv5yFQklR/CnTUvcza7EiOyExgr8P80pV+xehf+iWGDV7s0
+ 6RoKhZhxzBKF948zSb1S0Z5dBIu3cVSi3ErhbLlfXqEdcXeNoCnhQILy34iU
+ k8AfbAOW/ZaMEenV4gyPIMIlIun8t6hOn94+dG571AHGXw4axrEKdKn2z0JY
+ gv5N14LlZx8ypgoF0SKH3I7KECNI2Vn84UWOPJ5d6gWFtQ80HgEvChK7wtb8
+ 0RYrtpGTcsrTdCJRc1FdeIj2oQEflroIMpjKH31KQZ1j1lgnq/5lnDR6xs3e
+ inbbTFBDK6TaeqnLCaEFPsGAIruCm/tszh/DCCTvqAjOHcpSJSYx/K2VesSh
+ t2X91GCJ5tlZJsbx8WRHH2YJFVftZg8gZ7HrKYa53Xt01+UGYNAIZ9AY3Fju
+ U4StNlhaiUG2VmCvKdnSgDzV0jQPtgj8WiFosiB9FiVNu71xUUAEwQQjJJ9D
+ B64I5cYxwV4jlMxaTiOyZfSlfbUX4mvXS90Xd9uNrZ08sju7FbcnbtOyl8q+
+ oS3n2rtvYszD2WuVFfkNfmrNKTjwfK8AzynqsFL8wiIe3LUJWud/U4JVKgKg
+ zbrTH13kX/PiF0/eb5/KmOp9zEHI2cdoIOiH9JEZjAFTueM4qZoympipL4tQ
+ o5AvjS/cCKjo+8DvqPHWWNOTrDv8xn2am5Ufu5xsqDLE24q3ND9iRPHnv4zR
+ SJvckoKDQzlTx3n5hAS9nAYMImE22tQiLN3tUJnYpPYzOjeBjI4R/pehEBxS
+ N5R5cL0qfHXt9+KDGlxCNu6Q/9o1kr8yYvGwEYuo8Q9G9OIZ3TKY4ls7GlOK
+ rL3RkE7/DfAlrzrCMVFSZ9L+qJa8VvaepLevYOoCK7i4xEMF4bGbGoinfH7Y
+ GaOnpCiyAM+DKMjRpkotD5mvE0RKH8qZW6padYsOt69NYUAIm3vGpDWT1+8m
+ PP0M+3B2p77SODG9soPM1FG+H/gQTmURquUCVvpFgubGZKyFV/0hG2/FUQ0W
+ YD2B0yyMeycMQ6KGh8VTie1NAM4Yw4r53PfuCFtnIgJCs2h7dbBkluIIbmhh
+ 1Qeq60TQIXodqqAlLzeyxpCsUQiwghKRKDQzoEMUNZC3fG5uj0662tBeveSQ
+ rVFA6pUo1juQjkUq7FGvnvSl+woWGz+Pq8pfA0AY9ca775JXN8fKZJ4jVjSk
+ OMRYR+oaLaqVNoY9ez743Npy98eLYB/5Ex3qdoC3t1sqq7TXGJ6nXsV3Q07Q
+ o/sF95hBWmghl1Nz4Za1f+tGTQgYIQcGqoXDPDFOJKouTtftLYpG0qXOZB6m
+ Jd3WoT+zyPrtQF71PEK7BUoTCOcBccHEuBpLV9YqXx2GNulHXpl7UK9hMMP1
+ ed6pN1NW7Eou9tqmZjznyJj3WT8ctRBFbMFNrcN98eeIqaq0AmXBh5kOP437
+ DYkLOGgMV1eMnnxoxklkOw3GPdsHOczvL/Wqe+872p5nnJn90+4p/Rt9CQiS
+ A6iGxlZDD1Y9NXe+g8axenq1ggPV2Ded7+ege83NamJEZIX7U1bO7iqZvtYM
+ mlxSJ1cE/6T73HzVEjrczaLAfSWS7WQ7tNGAKGQPvSRLh+6cYyHlHqfSHrtL
+ XySRK0BjsuIYMIRF3o6J3L7XR06PglxlkAFrTs725NqMj6MjWkYk6uREJe/H
+ MqAMR26hxFkB2oUazpuGT32Jk8tYk3L7SzpyAMuEDMwjmAlb0UJShLlmVlpz
+ 7wXIS9wh5DIHR2rhZU4VqyPYR0HpyCfCMv0AKFQ2IeSytIAOdA3L/NJMlU61
+ HzsDlpxOo5/m7Gu5IJSUjQqDS4H2hYjBNeODCVyOcQmejnyWoD2t5JOir3lI
+ 4nKTzAoBaErzrG295fo8Ezn2rGwEy9oWeBU+4nvHGIbbSimuqulUja7Mf/YT
+ lqPF1PUCNVtKAyW+XI7qE7JKT4NasmTNC49MPRujU8Bj88HMEVzhid1N3z4g
+ HIGTaktqOUa9315bRm57Lz73pPKkOlnrjsIhMkH21UwHS0xq6BHZcrU7gjoY
+ Ech4iqX5aVB6fOhrzOvznYdAofiC3H96DuR+UwY1G8jGIbg1UX3P0RSsagFe
+ +nq6GZNdGp4qToYs4DYtvV+3wu6MSI7UtUGI1Cuxk8KY74KXHyJ4RB9EUQ9L
+ Bok2lr4iCxKFBoCt7FZEBXliGk7hC5lYKx8PUIR1N2E2xLuIIMuUiOFxcMmd
+ MZGik2otaUJLtDUBSGMfETR6mQjREeAtYkfU8B2knFwXwz5OGkR43E5UFEJP
+ fq2XOfEZb5YdUJ8WbeTtpp/CQqqxxc7sghf1wovVORoHYviDdpEl9w0FqxzP
+ s7+QbWKNwtI0GtOEcbu0wuFd+dnQUnhLaeNS3mDcvym4VU9hiXK7TtU06eqC
+ zrTQ200YJ9BDCdZxedU2ANz7J4LspeJvLeJfVl/vaL4IvTjNhioonC8CCLGM
+ H2XqmhQcTDdwA8vCXGRQ165vN0DGA7plSzULsH0nqKAlqJVwuy7DSDlJjFwe
+ QWtj2BL8mY/kYZB/rBV7+JCj3iXbXFpw9gANL85z/ieLrsQsH0kmg98mAv7b
+ +Mws8W+JBxLA/aDouv/gf3XK6hW7DDiPKEHaGbFFMnVqrGzhYgV8BWYvUSZe
+ mETTgczxzHIpXKAsy1yRrg1sahppd6DevmIEc0J+zAckHXVxBHifTz9lzf13
+ Wog1atH6IKluXD9X2gKc1czHKTQDrlyZRyWufFLeiv6RyyrmyHyeSZW+Xh8Z
+ 8H8Wl/BedEGNdWz3Gf3151+1Q/AEjGwbfk6WZeHRetq1SyCEeclr5+NxS3ed
+ 3eS/FU8KYXrxOgUvcFiLhoLlhRGygSBlJyMi3pRUSDIBlgsPJnE4P4oGDV5+
+ IQDL7LT2MQF9BZCkc5EVAue1kOHKNB3j7LXTMEu/KXv8DFfz0mLqyerF0Yu0
+ afOTzYr8rhKWLDl38wQo07fwOkV+J9Errt8Tm904Z+R7I5QDkb8Cqct+D4PK
+ yq7G1VnHS9KVDLQoM8uD+RaHZLpQEPMzxoiWVIH2KeWpzHJBEsxXUZp6RFPn
+ IAlivqWddsldhfDT2T6Vlnm+yK8LFY0Y13Xr+WzuZ5W4WjtoumwoPFoiXUQC
+ OtF5jG1zW8MogIB2uwyMZN6cIFls4mGArf/NPBS376xJH1Ej+hjQ0QyKttTd
+ HUnAIZHMjMWijKCkfGjN6tr1cNQkqbiNQES3WN9XKlIMsbE7A8U65f/m6Ffr
+ n6G7r6a8qGSRymswmxZ9QH7kIrrYJS/iCk0nvypuRqT6pXL/yk1GifyyAjzb
+ mLffOaQDicTrmh0ekxl+D+eNp2gDutsQ022Olt4ZAwFiUrSy8uQsX3tANHEF
+ L9cnAdj1LSSI0FA7Zh8hJPvGVsH7Kt0DU7Zl6MTdk5Cb8FQlYD/qmKxpxGCa
+ 6V2DzxIdAuQ8LedFqXHVz8HYIBbZKSWnOLObJ8VM065348OIPewfnJ9aD9rq
+ S2ffUztanm4Mizgif6mmQyc4DK/lkIDH+IJz8TjlTuq+JT2HstT3BnK3sIud
+ kp/ryGyY0z2FAT9VMNg4hxiWl30Cd80Q+Br/5LbbMrSGmt40VWdCJkNtK+P4
+ DxG+47ep2UlmBmDlIZcrNGuVF0RkOGFfl6GzHo3jRpcG2Y2cS5HZ+uCQcMD4
+ EpwZBxCB5rErwC4Xt/xo76fowdjndcl5BoXRFj7jTo4PRbLigUT6yatlf2GE
+ jUrIYY24wNmamvn/0izmrQ1+ptgWmL+3zULA9HVDQ/LXJCnJhypy7vZcXeBr
+ HLsTtt9nBBdZeTwkOafhDn2bDqdFXpLpFPtKou26ozKptI91mpCfGe4+sV/B
+ lUGt3FV0LK7j4w91S6g3DUpYTt1O00mPn3dh80M/vKH6YU1oJCryPFqwK+0J
+ CsfWyQrPLOvxXQn13y2oDI+mSIz+PbzAFIpvEs0b3xvlI7gpgpGQXpOSZ4BQ
+ UKQtPmkXc5SNB+fKkTFSodK2vhFE6wpxD6g6SyhjCzYl9YLXiDbReBgJZ0bW
+ ij06K4HKi/PU/UWFhZ8UGkGD9ii74LgPtfpjUBahJzmBK/ooD+w/0TAU8S/I
+ 6+5/vWrKvfi2UzsuXTEu92dHWb/zAC1qKHotxipRXFKdxjV9tQrNvzvvS5cL
+ eFakwB5uZp3VVBbkcRMyPePTYRiespf+lug9UmCAqtCsq2Tt/gcdZXu1xz/D
+ oejdnO8uVcZVBDEb6nZoJ3+dhXKQGTrYrYdGwKHximhe9tanx1IG5CivvWFn
+ CymjUxrhQmA5bqlkDLdjTDSG7nGMGN0D661mswmqRD1VJ5SDQtYYr3PCSw5P
+ eQqH8hxnbxk3ckPVXku7Qa8=]
+ cacerts:
+ - class3_2021
+ - class1_X0F
+ client_ca_certificates:
+ - class3_2021
+ - class1_X0F
+ key_group: ssl-cert
diff --git a/hieradata/nodes/issue.yaml b/hieradata/nodes/issue.yaml
index 4fc47bc..3d77d09 100644
--- a/hieradata/nodes/issue.yaml
+++ b/hieradata/nodes/issue.yaml
@@ -7,13 +7,141 @@ profiles::base::admins:
- dirk
- dinoex
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAFvuCLRlXBmas6v2JGcKxy0NVvpc+hv/yNRqS
- SMokUDoNTi6nbZ1UrbGjZMCq+g/TUyW0SABEIuraEDoxzWfBJZXipC70e/Aj
- zg/XURpKxmRK5c/4ouBA/Ecze1jjDx476B4/4LyO/CK4G/2Iu2xdsDth3IV8
- FKV1GaPFAZlRk/hPphw1VNSyuZdYraT4Sbo7hJ6cvwE0w3mHNBgtTpProgoF
- hQQz2Wfr5f/YWaFvlWHVJtJYVssSvrcEZFNYaIvoBNcwow2QPtyBiv8JrUHz
- OESJpYQQ2jyqhliiCsTzn2v4AWUiCIk5Im7RQ/EIiAskrdMk3y7zjb+Ev62V
- aXn5/TBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBACg060g6bh04Y6SdMh
- kIYogDAio9Ev3971h+gUsvNpmeUh4oeSZTA0oQICRZAgGOOHVAiApKhLut3N
- uGBx4XT1fUU=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAFvuCLRlXBmas6v2JGcKxy0NVvpc+hv/yNRqS
+ SMokUDoNTi6nbZ1UrbGjZMCq+g/TUyW0SABEIuraEDoxzWfBJZXipC70e/Aj
+ zg/XURpKxmRK5c/4ouBA/Ecze1jjDx476B4/4LyO/CK4G/2Iu2xdsDth3IV8
+ FKV1GaPFAZlRk/hPphw1VNSyuZdYraT4Sbo7hJ6cvwE0w3mHNBgtTpProgoF
+ hQQz2Wfr5f/YWaFvlWHVJtJYVssSvrcEZFNYaIvoBNcwow2QPtyBiv8JrUHz
+ OESJpYQQ2jyqhliiCsTzn2v4AWUiCIk5Im7RQ/EIiAskrdMk3y7zjb+Ev62V
+ aXn5/TBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBACg060g6bh04Y6SdMh
+ kIYogDAio9Ev3971h+gUsvNpmeUh4oeSZTA0oQICRZAgGOOHVAiApKhLut3N
+ uGBx4XT1fUU=]
+profiles::x509cert_common::certificates:
+ 'issue.cacert.org':
+ certificate: |
+ -----BEGIN CERTIFICATE-----
+ MIIGUDCCBDigAwIBAgIDFR1xMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv
+ b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ
+ Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y
+ dEBjYWNlcnQub3JnMB4XDTIyMDExODE3MjYzM1oXDTI0MDExODE3MjYzM1owXTEL
+ MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD
+ VQQKEwtDQWNlcnQgSW5jLjEZMBcGA1UEAxMQaXNzdWUuY2FjZXJ0Lm9yZzCCAiIw
+ DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALV3HWdHF/lliXLUr8Rwd+0RalSg
+ p77t4PMz1OQZASIyAmR8GWDGO9+ZLGBU9ZzKFUogkGlIr6we1q/XP1bW/gxgS1hJ
+ ZjWR+q6XyBlhzZUbE+Mw9TE57Ro9vKm1LEqLIO5/BLsron15CMgYDv4Vf+vP/lWp
+ Os/lEGDxM9EFyTxdpZK52CxD8ADkISIL6AhZI93rupw0dWtE0xghkwVBNJoFGTzM
+ qjiUyAiGWGaMwE23m6FQRkgLzZanbIGfbB/HqKwrHUjju7otyyLc5Y48UEjTWfKN
+ DPrYWzNZikIdHyx7WuurgPLN6owxOy5s80VjxYaCyb6eu9rqiBu0UDr+7MU8flaZ
+ E93mPm28FARZ5RC6nRS1CdlIIte8RBXS9u4mZthjQqB9lH5YM/gsW/WL0YdoxyHI
+ MHz/a6Hc0/rHIZ9Acu/ixR8O6caV4+Ev4/7Va7qd7IR0BIHqJCimbUx0jMeybAkp
+ FPkVzyU+Y8qrqBt/8zsMOf/L6IwBhvqw2LVteM3hNDpMEEe558D3oDutkekCTDVm
+ eh2epWEckK/VrF/YrRDrWpTViiAzowp4U9F3J1fLVgADdiAmY/cuC6dNDDgg8rVP
+ 8Lmeink0/j3/dhIUAH/UPKKa+ZKthYnPoGmwbtcb5UWAEwHZTSywGFRvq+GHi8+O
+ wDqIbq5jpPWCIAgVAgMBAAGjgfwwgfkwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8E
+ BAMCA6gwNAYDVR0lBC0wKwYIKwYBBQUHAwIGCCsGAQUFBwMBBglghkgBhvhCBAEG
+ CisGAQQBgjcKAwMwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8v
+ b2NzcC5jYWNlcnQub3JnLzAxBgNVHR8EKjAoMCagJKAihiBodHRwOi8vY3JsLmNh
+ Y2VydC5vcmcvcmV2b2tlLmNybDA7BgNVHREENDAyghBpc3N1ZS5jYWNlcnQub3Jn
+ oB4GCCsGAQUFBwgFoBIMEGlzc3VlLmNhY2VydC5vcmcwDQYJKoZIhvcNAQENBQAD
+ ggIBACQHnLMuHJ0YQBr79oJmcqQCgtiPLjSoqlxx+ASb0w+kwrWtodwm3Sylez37
+ eTlO62c3JlUwZQ20oFrzS3A7jygKNO4w9fb68nwzykC8JKvtXNKL7P+MMe8j5tnl
+ pVh8o5cbDD7vhLKdDQNRzVjUv4P2y5vdvfZWgt73eOvfMx2YtFZ7n4hyMMRyfQAK
+ e2oVFU3bbsSx3lvna2vHLr/VLtlP5U2Nf53ba+PQ/PwUfxaHo9wEupugwR0dpkms
+ AFeQPEUQz1hWgMQNUq/5Xd3ACHqRsZiC05sHoN2XwyDeAr7jIdQdxeNC9ElYvesw
+ kaEIHbylhevRi3mB1oj6GMvAYfZZRXv/DPT5x08Wxrir/rKPa9mGTJz/pydQh/ps
+ U4exVUa8BA/L4Mvyr4kW8CIcBho1TXn5ikqh6Is+6RStsfjAeNKWJ4j1SCesUByF
+ QlTTv/RyuEON5p/V+GkVaWTQIJLnh9A8dtxUci37JzXxeBJGy6vDC5HoWhlBRx3P
+ zRK7G5a5vXmZF4ekqu/woubseFwQa4O1X49181We60GmEzEaAcbtdvhHQHYltVcr
+ cPsHQhnIaLfR9oDFp7Xlx99mI1UEs1MT2OaxlDp7Pfq+tKjvI8/8DiGk+JYa0YlZ
+ 4zZDs06JCzk5T6cysLPHq3dxCGKWQVK4jGw7f1rvthu7ECSg
+ -----END CERTIFICATE-----
+ private_key: >
+ ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAAQfxtDkQZzFxzgGXbJLJfjTvOg4WOGjpcaGB
+ MHsM2fZfxWpPFa7MpRBkJmpYB7B6n8fv3X2hwp/l8njhmT2+ajwCcvpdQYlt
+ bjvQ8ep4tszMqwEsCSj6b4XNMKj1veowTkUx2DWbIUS7s6YL6f4HhNmC0F1o
+ JBT/RyvdIEAgN1ugxJTlnS2x30GplWOa+OXzPcna57WzXrzkbcwwby5KDYCm
+ X2xmSRWxBVwzDsJQEldy8BJhJWjxf82D4BNAwl5Re8vIA8WCUlS44v1SOx4P
+ 7nm+GK0JCXol+hJzB05OQDAYsOdh5LzJbpvWXt+RfeqeMMm7+NIjFMBFP37N
+ +4aJATCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEEhCcZqMGFTHxRbK
+ xn2L4oqAggzQaixyrrfcuDCYG3PhAtwbkC5DXfg6Q3p1rSV41KTXsJHVSoY3
+ 33gLU/40GKoPGH1j8epdHmbFRSMQ4y+em7a6tYb95JEupSHmyT77MDrLZxpv
+ PGkqYpnUz/SQTvQr6Z8r/mp5Gno9waNxZnXVHQfDJUUoJdbDWY9lLAKVqQIp
+ cBUYIbAzjNG8MigNPdKatwleugj7KdZRcZJ8JutilCrSbIBYi198j1SVJOe0
+ EE+Ba7xBUwv4vWCfAWOg/bfGqF34M1IW6KxzQ0K4K1r5AzxnOlhLBTk9Q9oF
+ Tdhsr58E5nQ9Khe9291Im5AqBIlh9LkNRI2tQ7ihowzXLJRmbv++y3f1C760
+ pv723TVUk6MJ6lTWShOgUbmCtODv1H9u5bnuTf6z2nT4Pk3cxUcP5+eGsTxt
+ Jz1dP8/vLF8VFLN7XeCRUPlNCVAKcBEmo0D5aaD6l6kD+RDAVe2yp6sVy3fS
+ EEdVpAiytXP+VgdwCRGeafjGkvavl5RT6Q1cWsGEFLzExmc+8fDuOholUHLe
+ +4KLNcLeH9aQiv7vXco8N5Fvk6ExSyLUfFzpAv86GVx/zkqduir3XUK7s2UC
+ cltLrfxesnH4Otc6WE3tvXTyikKWfKU7Wt1jfToDtIxPUmPX8W5pgLp59PGY
+ VSGiBKatzrShD6KKkh+7WebfgFJp4YsctmHyRb3lF5j5c3qhPc+KgejOFcBq
+ 1JfqU1KjCBfPPc0Oo9PrmGMKZTjev8Q2QxcWbvySsi5fV5J61PiiWqPCnf41
+ DzCnA2Gmu47ojPAg1f1iTvmdeOMUfgIlWo7s2Gv/qqIeEBU9KAQQ4V1W3lq+
+ JqBlP3eswDiZjbMRXvlP/CXlmcBazS7ndVj2HvU9PBzVcikQH/MuMSoB5DsI
+ lLk1FBvQlQXM70Qa6q+MflXweiydbeDcB6gzoWo8v9JDWFuHcsycLgK7DmK3
+ EMyWELgWAd4bU+rR2C6trcx+RPqoRbl/nddcttSRXfkUAfGh18XOvv+zm9ha
+ Forn6iUTOrtHqyBM1VIdmZN12pSCERJyNu0zS3ULuhBRkSR8c+fXvmgRfUZQ
+ +guAVJNo0cUH1HgdoDt5RCAMLrkfUVKvP2I8dm2ez/kF/1U6tY4fLZ25YDSl
+ vIScJf7/Bff5ZWJgWwE6YETDJ13+TyiNZUsED83WhX3gmnfh5yht8PZqPWfr
+ zwYjhwFeDjKav/M/MMmTRxYAlySebJlHxzNFuqRjnK997diuAa4jaRURSnji
+ DTVur8w5c1LBcKRkMkp/TRKmb/08a0pG2U77TqY6TAC4yQ3rCRotjIIJACzX
+ ORvJza4Eh4Sw4V0N5fISmLWqeYoPFdS14gFREov3jeIteblUn60iifMCp0Ki
+ IKCisn/wux8Cf9OXTMBLUSJAGrMi+gBN5uFLDB8EuRpTo40ICV4okpDzZ1/N
+ t405veQL/h5hWXEyX6JOIn1Re9L//sxe4+jEHBa7083t+wMrG8i4XYPJ/E3q
+ rJI1I1AYnhudWIP0JmiC2oBeW/3JhdB2FXAdFAohOnmYKNd40KBWXNXTtNri
+ YAekEym0kX1w6kqFPGtaNjMkCci/BD+tPOQj4VU8K7NmlLoFVrtaxsA0aEEc
+ pVm+2m2sZyyT/FNmekwFAFG+Ylv0oCBM6SuXWI2JBgk3FZbZ0ro6pYi7Z8f9
+ Mmnts5C7YDRCboAZ3g1CgpKuYsFDTcRshqhCbiPjSn44lhvxeTh8AfIfiHRB
+ ohOcEkbtLN6Re1XChTi/rGQ2Z+FztYg+dzNl/5I/o7DcPRVrSm0gvwvIRHdG
+ +Ip2c/Q0QU/wea6kphCIoySZLJOeo20A+vu0THn5C8BFi3h/4Fne0o04jnkw
+ /bOnzq2Cp1Rx9M5bjEWxLs70au3BhSKqI6nlRVJKrRubFZVlaGmcRRfxvvHk
+ GZ0czhEI59QaPPlcFhUN7pA0zzvy5CH6CxEDCDVgwvkmyunNMcQtVUKqXC+Q
+ dk9GJlYA2pKMWWLLWBO3hLtLhDlqfY0dPpd18BXagkNnT/uLTqZJR4KUg2VS
+ 8il1xDFz/UHD/op7JkhVoJTo6hngZbXrKKhD/eqkQBX+ulp5TBpX6ak5VtCD
+ fio6WkPCuHGJVfCRB2y8p1ZuoKRZxdBQj9Wlk4x5E4ZULEm8iJcZbBCPHlAz
+ kL+bnIGn8ayrRHS9aFaU5cyn3qpt5tc9ECK5nGAIF1NWEYBayniQnprMsP51
+ zfiYZ+ScYhXX3X/lhKHs8g3HRpPGxdoMnXJ+Yup4OXDX+WM6VJ0WF8xO9/AA
+ 4OsPeMwq+IzUUP0/JW9N0zjUCmtjMMDAdrin/cmRmvVyVIuL2SZX2oIAT8Br
+ 9Acs9dFZD9A2ErpCqx7PJ27LsJ0OLTR6KBLPU1B0vBUrI38T950HOTFTypgx
+ gKjrwQcEFn/jD14nS3M6LBvaZtDHCFGSnuG0cVNuPBtD8Bg8163Udh+KPnmG
+ stHDH/3Fzjgu3RyONOV3pPsxcLIgXDbVrcImMNyuQoxgcqAt76Jb7oH09eFG
+ 0rzxXN6hz9wdNP+A7HkG+67dZQwirsU+vh5fH9f8otNzxysW+fRD75XTg1FN
+ XMEnJBsfQHAQyKGOcebrsCemzigVvJg6DW6bk6FcdhoN0o0B36mKjPv+q+nL
+ +oPnTr+U03uEUieW3d4VYpBS1HWo9pUWAP9dNuA+cynL2jHBeEvtNIIfskIL
+ UTYRTQdCHjVRsDzs5jXEdcW8MEr5//IN4iVBi3O3KherKctRhsaJNMMmRfg1
+ IaKWlYNmoVgYQPFR86mD47GELhJuRXh4jOGcq6wEMhrLFJ3yw/0yxUJa0s6O
+ kBkfDp3Qialh277+JxE/Raj7v3DItsW1Htt48tJU1EI3GnrpBJ1hWaOkx3Gg
+ ytm1/3LBHmlKpXepjaMsdBEKC0E6zSbURd5oTXfI7uMBlUEqCe3GRKzzzAkN
+ vcdpFYI5rAg5m+ZC54Ct+6vlIPsi4JIfrqs4IbyOg5tyP96Pu0Nfb28u0S1u
+ j3PpRmmaBW8WH+r4CJ8K8HKIvTy26WovlxS6avV3iMsUSUbtwAIbUhX937mx
+ 4IitThNFVFoXTso7g3zXi3h3cvGGmN8Qd+eqkVCHjlEVsONwJETBpwhls7Jd
+ BtSe3wWBV351W3tww2JuqLeaobNXBBaL3LJo2hf02aUpLa4EE3aimAlZ3p8q
+ 826/JJB/ovabtOx3D2/7ykK8/TGb1lo33cdKnjuGUwB5lKUAp9spcrhWioU8
+ JhhAjFUtAtomREzdBrW9Ikl5uIw5Cbv3FbSANk3NxNlvmLiRJb8Of2g667HX
+ yry5SavqDsjEucScsS3rVRJcwLr0UR77oLer7kNnk5mvwiK/pdeiunpekZSf
+ DTT9oMZ64VQjAAATxMfGrG6ByIE/imWaKj4yfpZjT61xt8ZI5QGFUd+ddr4r
+ tESatoTkbmdswxNG1UkNK9BF+x5bCrcR7tYCkSuX8j/qZ7KCHg55r976GnyD
+ WhlWfSqN0lCkWqPVGJeyZ4zYOUrbVsUC+736/oHg2VtSpGbIz0iBVQ07CWdv
+ wu3hzUcsBM8hWwQKTiRzFz8+tWkU30SSTghFa5byvuff1kzDKINSykCVrozS
+ VdeEyIO6xF6WnAEOMgNRJJ5BRVtchTX1Iiialu72UBDxr817vB7fXfbteofQ
+ NnjiGdq2x4lfeI2klrhn+QDnEr8/ruPOMvVqyIEYLHNy1wFfiXgLI0+DmQib
+ dPgakW9Jr8bgekkLzqDwGkzaTLT3d7jJxuDNRXJ6KYgn+CYtLmjceauV8y0J
+ o+p1RWUFsf1zFJpMWTAwruqApL7/uWYn1JE83Z4oYKOEWtgaSyN6P9803syv
+ arA1E8vM+jyli/4l64/OFxOASEal6t/bAkwCGLtugbU3V9Lt7aifBOWCxx9U
+ oMphexKlmPfJCCZV87kbUZgyozdFoDGvThvA/swkjXn/Sox8yLX26nLoO/c3
+ Q3G0rhTGkVgF5A464SSm4zyhsU8wcfAHe5tBqV3GCQOeNLpM12+t7v3LPbkR
+ G3lOSlWQUfRRPpTWXNBkyKMpGDwEaFrPs7dVXZaN0BpE+4Z6NA71KqbvoZ15
+ CljTTc1JJ4geNl4x6A7XHkzYplCPb/pTJhF4ldwbmXYQyV0dG49F+cha8fU1
+ /CkX/If+8BgdwsqWBAepKRqJgnTSLwAEkrfoBDDtonkV04/snpwc3xe4ehLN
+ 6Ce1pXo4lQslcZhNQylPkInocSNoErS5SYSMvP78LEH2Her884o97RpfaSeA
+ b3tfbImz0YKvGC4weW2VfSBGuz4Rf5Z5bFkzIKwSmo4zlcMXctezBsBMbqgf
+ bqIn4XDbnd2T58XQUCgeGw4T0/qjxI2d2eYnirQ2LC1P1jXYrLpZc4TMWP66
+ /AlL6A==]
+ cacerts:
+ - class3_2021
+ - class1_X0F
+ client_ca_certificates:
+ - class3_2021
+ - class1_X0F
diff --git a/hieradata/nodes/jenkins.yaml b/hieradata/nodes/jenkins.yaml
index 6aa0109..3e710a0 100644
--- a/hieradata/nodes/jenkins.yaml
+++ b/hieradata/nodes/jenkins.yaml
@@ -5,13 +5,13 @@ profiles::base::admins:
- jandd
- law
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEArbWeNESG9eVk3n74ofPXmFzRTV9pbZT65WaV
- ABMPRuaUgNIEjhMhk5xxEUUC3oaz/SM7rLxCASmjBMcNufBNs9/lQ4oXThb2
- q8HFHqcNhotpD/+IhPHbajrkopWDW4OR1JHcj8rVwG7UBi5MGn1WRcUAdH1i
- t9vqfQSuZbiWaCrAfqwxQlycOwpiCHum6xBTMB4s7ix1ADkkYjrEik9z+03+
- I5zU+kJgksrmwA49BvTIiA/fuVgAT5n0Yx5to6GSh+4Ax3aWn7auaPd9rDz4
- /2Me4Kr7vyST8LdqLnA1mgFXJJTPmXMNMVb6Yp4x4pDxvOh6bQvjjtdUoXDF
- OvwekjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAnSm0NhdNR0zRRTAxa
- CWvDgDDIHqd3Iz4xbCy1MYoSF51kW9MZmW7fhR4yS9nHeO9mcjduLxAjWFsZ
- 59ogTZ0Pz0A=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEArbWeNESG9eVk3n74ofPXmFzRTV9pbZT65WaV
+ ABMPRuaUgNIEjhMhk5xxEUUC3oaz/SM7rLxCASmjBMcNufBNs9/lQ4oXThb2
+ q8HFHqcNhotpD/+IhPHbajrkopWDW4OR1JHcj8rVwG7UBi5MGn1WRcUAdH1i
+ t9vqfQSuZbiWaCrAfqwxQlycOwpiCHum6xBTMB4s7ix1ADkkYjrEik9z+03+
+ I5zU+kJgksrmwA49BvTIiA/fuVgAT5n0Yx5to6GSh+4Ax3aWn7auaPd9rDz4
+ /2Me4Kr7vyST8LdqLnA1mgFXJJTPmXMNMVb6Yp4x4pDxvOh6bQvjjtdUoXDF
+ OvwekjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAnSm0NhdNR0zRRTAxa
+ CWvDgDDIHqd3Iz4xbCy1MYoSF51kW9MZmW7fhR4yS9nHeO9mcjduLxAjWFsZ
+ 59ogTZ0Pz0A=]
diff --git a/hieradata/nodes/mariadb.yaml b/hieradata/nodes/mariadb.yaml
index 7e6388b..a8890fa 100644
--- a/hieradata/nodes/mariadb.yaml
+++ b/hieradata/nodes/mariadb.yaml
@@ -4,13 +4,13 @@ classes:
profiles::base::admins:
- jandd
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAExeqn1absUzqN1sJOyHNtZXPcsU6vj8CZbAU
- BxRes3h2rmqSbPB5pTkz7n3bPhQ3YYJpFkW7gIZ2I7R2O8FxQMwR7n+QL72F
- ULV7FO13kAOKbGm/hkNoCfCW0AmaLO52v7lMPlMgbXqbX3i5wCj3auvz/O4R
- hyGA90K+k3kf1/6oQlVrRf9fSiufVYoiihDeJ110FhRFB4mBxOHFJopz3A/H
- 2POMF3BaLv38t+dYFtkCt7jNW2JCjv15VuplZIh3BYrPCzk0WyUIJ8OUpK4I
- Wr5+eHO5voJC3KSOC6XkLGDIdYxdlsagNDTVjITPv9qMTf8to2sGRP5SYybe
- RHGy0jBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC052YuUZgXpP5SSxLW
- i0VDgDAmv/QiQgdEsqIxzX0VsA4Qn/JSE1QI14hUme9FSJEBRzN8+l9v3nlM
- Sc10J34uuTQ=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAExeqn1absUzqN1sJOyHNtZXPcsU6vj8CZbAU
+ BxRes3h2rmqSbPB5pTkz7n3bPhQ3YYJpFkW7gIZ2I7R2O8FxQMwR7n+QL72F
+ ULV7FO13kAOKbGm/hkNoCfCW0AmaLO52v7lMPlMgbXqbX3i5wCj3auvz/O4R
+ hyGA90K+k3kf1/6oQlVrRf9fSiufVYoiihDeJ110FhRFB4mBxOHFJopz3A/H
+ 2POMF3BaLv38t+dYFtkCt7jNW2JCjv15VuplZIh3BYrPCzk0WyUIJ8OUpK4I
+ Wr5+eHO5voJC3KSOC6XkLGDIdYxdlsagNDTVjITPv9qMTf8to2sGRP5SYybe
+ RHGy0jBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC052YuUZgXpP5SSxLW
+ i0VDgDAmv/QiQgdEsqIxzX0VsA4Qn/JSE1QI14hUme9FSJEBRzN8+l9v3nlM
+ Sc10J34uuTQ=]
diff --git a/hieradata/nodes/monitor.yaml b/hieradata/nodes/monitor.yaml
index deed3b7..2a5515c 100644
--- a/hieradata/nodes/monitor.yaml
+++ b/hieradata/nodes/monitor.yaml
@@ -4,44 +4,59 @@ classes:
profiles::base::admins:
- jandd
- law
-profiles::base::crl_job_enable: true
-profiles::base::crl_job_services:
- - apache2
+profiles::base::crl_job:
+ enable: true
+ hostname: monitor.infra.cacert.org
+ services:
+ - apache2
+ check_url: https://monitor.infra.cacert.org:5665/v1/actions/process-check-result
+ api_user: passive-check-submit
+ api_password: >
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBAD
+ AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAM31x48NC4B2agnpHt0hEzxLLJm
+ ADhYW0Lj3JuBNj+wpK8O4GkAf9L2OlOiNAIgiX5epzbUtvtB8ayQQ2+4yuNn
+ jkgfSDvPaGU+f0mFv0CjynUEDrf2rQzevFyIfnpzN9ZSnGw2/59tpS0LyJ6M
+ Yv3NmB0mdXzPWMrgCMt+G9i/l1s9yVjOw7p7V9prpUqD7hGKG0Fg7EeM7LFJ
+ 1ovxPDDar4ZlhooM6+W3Ov5n0y/3bYaPWv+VhcVmSQvWgJw6ZqP5jhpYTqSC
+ dr8urkIi1wfSSPeiNXhK+SQS/KFZOl9dmhj6QuereRyXX1H7X7fphVltADBq
+ S3mCbxlgEEPPgTbzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDlvyMRCV
+ MAziedXFk/L9XcgDDpzkgF8ybQ+aX31v25dTxzAPEnjuvaGY5njoUEbcpkOo
+ f0mf2So5a6xrylLZCcxrw=]
profiles::icinga2_master::git_pull_ssh_passphrase: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEADAUF/OAtThNdlPwEwrPKAVwl+wTJbirFEWxL
- rJzE1qe+NSncOqD+G6KNOBQRRXfv/sf81+AnTCahM1/kv5TPILrUgXoxW5c0
- IXC6OlDfaIab8kcC45wn2yj/igZnW1Xvix3n268pEfRnNDjUSFwrgbmaLtoV
- ovDLZvQOlWntN8VUuYaDr66XRSEy4AGcmCMUms+6RQqdupWfOCrHtnTtVyyN
- enQUKr0+ndlnzIkXiU4ghOjExFzGJ8BxGyKTMeQ72k2GZlDPUk72sixZ647k
- f7CbzXToutyFqieOdNtkAKDY2T3ij03Wd3JhNWTu1Jbe4G/AQgsxiTwETdqh
- /QgjjDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBKOeRdLS8fFyoc08hO
- BnsVgDBWDpuwBbC31j4g02xKE0tbvazTE8zhkH6iS5mIrL3R5heLvDwquYia
- pUh+MxqObAs=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEADAUF/OAtThNdlPwEwrPKAVwl+wTJbirFEWxL
+ rJzE1qe+NSncOqD+G6KNOBQRRXfv/sf81+AnTCahM1/kv5TPILrUgXoxW5c0
+ IXC6OlDfaIab8kcC45wn2yj/igZnW1Xvix3n268pEfRnNDjUSFwrgbmaLtoV
+ ovDLZvQOlWntN8VUuYaDr66XRSEy4AGcmCMUms+6RQqdupWfOCrHtnTtVyyN
+ enQUKr0+ndlnzIkXiU4ghOjExFzGJ8BxGyKTMeQ72k2GZlDPUk72sixZ647k
+ f7CbzXToutyFqieOdNtkAKDY2T3ij03Wd3JhNWTu1Jbe4G/AQgsxiTwETdqh
+ /QgjjDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBKOeRdLS8fFyoc08hO
+ BnsVgDBWDpuwBbC31j4g02xKE0tbvazTE8zhkH6iS5mIrL3R5heLvDwquYia
+ pUh+MxqObAs=]
profiles::icinga2_master::git_pull_tokens:
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAkVwRv0eW4NTYjfoKx2MVU9WeElhZQIc6CPUnPv4NEM2mUebo5pZg3cvf0fejPw55E33H8QELhMjaBvuOjbgPeA6uCxPMCBADkN6F+V4PRDDgUqtjr1tcA5U05ZEe2oOjOoVI0H2AjLZGevymxypdOCd582vKAApJDox2Hfl2aSuDYLslHYUyIqnECutQR7VgZuv84C/MmDY9J6/xsxesuIKEGRYvgW0DrYqCi4+SBNcFs3k/u2fnP+cXBnCzOp/CvYOwNl9Wkfolj0Ucbh7Afc2ian+ciH2vKODKXck5eUcBx+VrYFXyEJ45Hp/+taYluWClOoq4O6QH+P7yE3Jo2TBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCAlTDcDFyyZASZwDyijejegDA6wDKAij0JTyXb0+jxTATAD+Sxpp/BWbmJSvDuC5MpwziJfJsH1tvoM0JOPYapRkc=]
profiles::icinga2_master::web2_database_password: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAIgd5qF6rnFWYhyo38MRacrz2VcYdoni/m8Zd
- piYiYmGp2GaJZZEZC3svdYxRZz8vmXz1/V9PM8znf8E8z6ClbqF6urExUIf9
- Dl5+60UOyasp2iHngRG9fcKUBtPDqERlS04xD/CQup2XdDYEsaTrIIsnuOSc
- Zut3vB1KSIerscLjLNUvZGanEwf1VGwzFU2rStIRFwgR9pDX/+gr/6T5+Ydd
- rZrsvTClPKEKsJ7fQc/J+3fhphz8QlqYz0Yo2Yn/Ws9qvlr1O29cYTNJ5oj4
- xXB+VAeqCiTy0Bmud9W6FdHz61w5ylWjLRNT0qtW8bu/eFHCj6XTnBu4lorW
- ocPHkTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDV+5TW/J23xVA6MGZo
- zfzCgDBHbsaS9cJaGXgnZSKLOQwUlJmG7WgOL0FCgIEp8vYT8upZFuikokHH
- vGkNL7s7xDw=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAIgd5qF6rnFWYhyo38MRacrz2VcYdoni/m8Zd
+ piYiYmGp2GaJZZEZC3svdYxRZz8vmXz1/V9PM8znf8E8z6ClbqF6urExUIf9
+ Dl5+60UOyasp2iHngRG9fcKUBtPDqERlS04xD/CQup2XdDYEsaTrIIsnuOSc
+ Zut3vB1KSIerscLjLNUvZGanEwf1VGwzFU2rStIRFwgR9pDX/+gr/6T5+Ydd
+ rZrsvTClPKEKsJ7fQc/J+3fhphz8QlqYz0Yo2Yn/Ws9qvlr1O29cYTNJ5oj4
+ xXB+VAeqCiTy0Bmud9W6FdHz61w5ylWjLRNT0qtW8bu/eFHCj6XTnBu4lorW
+ ocPHkTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDV+5TW/J23xVA6MGZo
+ zfzCgDBHbsaS9cJaGXgnZSKLOQwUlJmG7WgOL0FCgIEp8vYT8upZFuikokHH
+ vGkNL7s7xDw=]
profiles::icinga2_master::ido_database_password: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAQVzlV3aXJTf54OReOA96VsrAPutFLx939Qf2
- pkjU4uzfh14wF6hCUBzJM3TsG8+EYFZmHQv7LqCbDQLfYVNs62sDlOBigWh4
- za1YWqewtuasrvqZdUKPD1tIyIGLh2+idv0/XJHpkv7nt/oVRoINZdzO+Afr
- dbx6Dx6aFWpX98HLQdsw/G1X8o+YZwwklASfSXCw/1pGLsPWWYSoYjyD4N9U
- eaOTiPQ2OLLnJtkAlyUMxTeq76iJw67vj0Vu8QqATZAoVU9rA/FnliMiYGrB
- GC/c/ACt9A5HZ6orBlztCqFj8/Z61pyFH2+09jCxODdgebyLt+gRuVP6RZvC
- XcFLlzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBB4LvLBDu+VZkAgtJ4b
- nmt5gDBW4KHCxlUcs8bRo71HIiDcSMBOTahi2hMlzwNC12NZlIR2spYytjH4
- 2/8qhSpCx+U=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAQVzlV3aXJTf54OReOA96VsrAPutFLx939Qf2
+ pkjU4uzfh14wF6hCUBzJM3TsG8+EYFZmHQv7LqCbDQLfYVNs62sDlOBigWh4
+ za1YWqewtuasrvqZdUKPD1tIyIGLh2+idv0/XJHpkv7nt/oVRoINZdzO+Afr
+ dbx6Dx6aFWpX98HLQdsw/G1X8o+YZwwklASfSXCw/1pGLsPWWYSoYjyD4N9U
+ eaOTiPQ2OLLnJtkAlyUMxTeq76iJw67vj0Vu8QqATZAoVU9rA/FnliMiYGrB
+ GC/c/ACt9A5HZ6orBlztCqFj8/Z61pyFH2+09jCxODdgebyLt+gRuVP6RZvC
+ XcFLlzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBB4LvLBDu+VZkAgtJ4b
+ nmt5gDBW4KHCxlUcs8bRo71HIiDcSMBOTahi2hMlzwNC12NZlIR2spYytjH4
+ 2/8qhSpCx+U=]
profiles::icinga2_master::api_users:
root:
target: /etc/icinga2/features-available/api.conf
@@ -60,251 +75,266 @@ profiles::icinga2_master::api_users:
client-pki-ticket:
target: /etc/icinga2/features-available/api.conf
password: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAjrore6zK7GJXbP9FZ6ORUWvpt7FS2fXHiwB+
- ocTcmP7F8SnyCjYZ/a6S7eXPJVffZ6pZazozfUmW6HXOVFcSrZZdccEcZbFt
- ZnQb9tp63BCHHGwqI/oj0jVdInaTXE1i4yQTjev/twzblmHIrEndfZnZzyAd
- 61cnYuv8og5p5pccGYYoXBcPcguB9KtspfYL/eEwD4xNvqF/QlkAEXKZ5o39
- p9j24ao57Iwzy4o/dgI+MOr9NIMEtmXoIb3Ake3J7CaN26IuP22MTivFWf5p
- 1vlMA69snYOifTKIw76eNACYCz+KA87dWDNEsR2OtCCbQ2EA1nrAXTdlYWdE
- RmIpGTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAAs0An2QOnxac51GTU
- gCG3gDAX0FOzW/oWi8c1PDIFb+0B4cTQRi9gP2fzugKu0bp0FBB7akZV6Zx0
- T5GP0WQAzU0=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBAD
+ AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAjrore6zK7GJXbP9FZ6ORUWvpt7
+ FS2fXHiwB+ocTcmP7F8SnyCjYZ/a6S7eXPJVffZ6pZazozfUmW6HXOVFcSrZ
+ ZdccEcZbFtZnQb9tp63BCHHGwqI/oj0jVdInaTXE1i4yQTjev/twzblmHIrE
+ ndfZnZzyAd61cnYuv8og5p5pccGYYoXBcPcguB9KtspfYL/eEwD4xNvqF/Ql
+ kAEXKZ5o39p9j24ao57Iwzy4o/dgI+MOr9NIMEtmXoIb3Ake3J7CaN26IuP2
+ 2MTivFWf5p1vlMA69snYOifTKIw76eNACYCz+KA87dWDNEsR2OtCCbQ2EA1n
+ rAXTdlYWdERmIpGTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAAs0An2Q
+ Onxac51GTUgCG3gDAX0FOzW/oWi8c1PDIFb+0B4cTQRi9gP2fzugKu0bp0FB
+ B7akZV6Zx0T5GP0WQAzU0=]
permissions:
- "actions/generate-ticket"
+ passive-check-submit:
+ target: /etc/icinga2/features-available/api.conf
+ password: >
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBAD
+ AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAM31x48NC4B2agnpHt0hEzxLLJm
+ ADhYW0Lj3JuBNj+wpK8O4GkAf9L2OlOiNAIgiX5epzbUtvtB8ayQQ2+4yuNn
+ jkgfSDvPaGU+f0mFv0CjynUEDrf2rQzevFyIfnpzN9ZSnGw2/59tpS0LyJ6M
+ Yv3NmB0mdXzPWMrgCMt+G9i/l1s9yVjOw7p7V9prpUqD7hGKG0Fg7EeM7LFJ
+ 1ovxPDDar4ZlhooM6+W3Ov5n0y/3bYaPWv+VhcVmSQvWgJw6ZqP5jhpYTqSC
+ dr8urkIi1wfSSPeiNXhK+SQS/KFZOl9dmhj6QuereRyXX1H7X7fphVltADBq
+ S3mCbxlgEEPPgTbzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDlvyMRCV
+ MAziedXFk/L9XcgDDpzkgF8ybQ+aX31v25dTxzAPEnjuvaGY5njoUEbcpkOo
+ f0mf2So5a6xrylLZCcxrw=]
+ permissions:
+ - "actions/process-check-result"
profiles::icinga2_master::pki_ticket_salt: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAq7zw5VVeKvukhSo2g3YK/7fIUC5JbyTrX2XI
- vAoB7RP2eoEXJRcZG71BNJRMXYlfRwZF31GKAx6zCnvSG8LPpl8Z7D8rNFi+
- Xw0ftUPE0A2WjMuX2ZPjwFRpQB5cuR0DRqvHoWzkyiePbhE62vRYxLamTT92
- 1f2FpBM42PIkyD+o9+Bu+1eUXFf4Bvg/srDq+clDQEUJEH9Zk0boUR0aYNzu
- 7O1PW/QSMCvIRXnmhRQr4MoeHQmgK52JxssdISEEBPpjL/oQyJ57XjgDh55c
- 8/gkj+L/p+E/TnE358x5FAm1PNSivH+uohXCxfMu87ukpBJh41tzfI7KBWxY
- wEtKajBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC71KjJDv29zuAaxnyH
- o3uJgDDydzmhZKEQxhkFNW9TNquxCTXdfPZ/zYPb/TqWq3amcnQwoqNltz+5
- QoSf/2LDk4o=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAq7zw5VVeKvukhSo2g3YK/7fIUC5JbyTrX2XI
+ vAoB7RP2eoEXJRcZG71BNJRMXYlfRwZF31GKAx6zCnvSG8LPpl8Z7D8rNFi+
+ Xw0ftUPE0A2WjMuX2ZPjwFRpQB5cuR0DRqvHoWzkyiePbhE62vRYxLamTT92
+ 1f2FpBM42PIkyD+o9+Bu+1eUXFf4Bvg/srDq+clDQEUJEH9Zk0boUR0aYNzu
+ 7O1PW/QSMCvIRXnmhRQr4MoeHQmgK52JxssdISEEBPpjL/oQyJ57XjgDh55c
+ 8/gkj+L/p+E/TnE358x5FAm1PNSivH+uohXCxfMu87ukpBJh41tzfI7KBWxY
+ wEtKajBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC71KjJDv29zuAaxnyH
+ o3uJgDDydzmhZKEQxhkFNW9TNquxCTXdfPZ/zYPb/TqWq3amcnQwoqNltz+5
+ QoSf/2LDk4o=]
profiles::icinga2_master::ca_certificate: |
- -----BEGIN CERTIFICATE-----
- MIIEyjCCArKgAwIBAgIVAMGxGJbZJq/vXMuXAnAC8QvFtvhMMA0GCSqGSIb3DQEB
- CwUAMBQxEjAQBgNVBAMMCUljaW5nYSBDQTAeFw0xOTA3MTkxODIwNDVaFw0zNDA3
- MTUxODIwNDVaMBQxEjAQBgNVBAMMCUljaW5nYSBDQTCCAiIwDQYJKoZIhvcNAQEB
- BQADggIPADCCAgoCggIBAMh+p0jach/6ICsP/o01nku28g0jFB/HSp5n/WZjzykW
- MvgvYc/1lEaiuIeB93AobGB3EACNw2/Xfh1deRGP8UsIOIjeeUibfk0i4SOmFBRb
- 0ZmwUeNVygY7rmhO+fwTPi6bb2+AA50RkDP7jTpwaQFxppziTXUqW8mj0LBSLtNL
- z8dC2YS/JLKSoNyHupQcL+pHVHO5S9QnFWTnhwIbnWSJTG13BOYw/RUz6WcxFDHl
- Xi/lprjcorBUDsH5YBfy+/2WJ0MZFqRnCPQKb5oilR1/k+9XpmFz8W98KCujjpNm
- BEantf7OaaYFIxxoWyrGC1RiMnkSQwa9Pcxgwflca5UC1fW0Jx2zsgDscdWp+Xeo
- lhYtyHa6upgny66SvekjM9mAm6vtlsBplxYZtz6BgqoxXqk0AwAwiU/9nyXGekAp
- FPMmENBLZvANuA6hdaMJQpOoyHBDOT8teoIJOut92ptk5bVE4gxwcWc1uFCP05nr
- gA8iTXnabihXbm2Wb8kk/+34wEru5jpwMh1NEH/TvaqPnly/dBHkmEhJquYyoZFS
- ttKl64XXdy9HGaTaA6b3dQPeZqHbmadRZzcsxjn+zP8Nu8OTZ4HXkAJ2e3nxlRKs
- 2EaZDJK4SoNBvvkYLScLLYH5X1uC2gs6AHiQDiczQYxMqai5pEnrLHO7B/pE+d/1
- AgMBAAGjEzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAGYh
- pqAK55ei8+S+rXt1wQbejAphJ2GtTft8XjlfVbpk7s7wd/Wt0gLAs4dvPPI1U0k9
- N6E5WJrn31QbaXHFDwdxFw1ViLxDmepAp+Kp3pQE5bPNjo5e6iwgOGVB20R20ADo
- foUfk5u6WfGGSJznDkTTdoYdSsHm1d1nsZKt0i2QFnLEIEBOJW4gwY4LiW7ArfYS
- 21Ji9VLgKxF9We4Y0ppY+7rU8r/aNDrYv0Ghe+IA0+k8KoTGuhBXzxfwUUZ+1+yA
- JYSmxFzhPJCdwRX3IBn4uTVMRlugntgpmB7m5RyW18MUlAw52Ppe5EtOke1lxxh0
- G5KYt+pKPnkOVj2LRLvOcAOO47i42q+3P4m2elkPHTrI2JmnTwWNjpkNNc4LeFXs
- 3HE3SoSvXvImabhBfioqThVMAEEjrtkAQSOFg281vaIgUPbwqcVmbOHv/2Cow0xw
- gYrp+hB0hhf5rpYi1SMLTKIQUJT6CKnIgN9KHMwcz6Zq4WcshXQxZZrazXomJJ9k
- WKBpvys1Mfn0Y+phqmCXW7D9Yh1T32pnyOTm8kUonBhIoDEwYN5v175ySw8jjiUD
- Dlkc/kuv3szLVWx63FvOPc6ra9rmmdwmDaVTd9fGlo/NrquCQOGu59hiACPept+I
- y+bP1kZ0Z+5qrmlX0zrcLspzXOyY0VX/YZ3unzyp
- -----END CERTIFICATE-----
+ -----BEGIN CERTIFICATE-----
+ MIIEyjCCArKgAwIBAgIVAMGxGJbZJq/vXMuXAnAC8QvFtvhMMA0GCSqGSIb3DQEB
+ CwUAMBQxEjAQBgNVBAMMCUljaW5nYSBDQTAeFw0xOTA3MTkxODIwNDVaFw0zNDA3
+ MTUxODIwNDVaMBQxEjAQBgNVBAMMCUljaW5nYSBDQTCCAiIwDQYJKoZIhvcNAQEB
+ BQADggIPADCCAgoCggIBAMh+p0jach/6ICsP/o01nku28g0jFB/HSp5n/WZjzykW
+ MvgvYc/1lEaiuIeB93AobGB3EACNw2/Xfh1deRGP8UsIOIjeeUibfk0i4SOmFBRb
+ 0ZmwUeNVygY7rmhO+fwTPi6bb2+AA50RkDP7jTpwaQFxppziTXUqW8mj0LBSLtNL
+ z8dC2YS/JLKSoNyHupQcL+pHVHO5S9QnFWTnhwIbnWSJTG13BOYw/RUz6WcxFDHl
+ Xi/lprjcorBUDsH5YBfy+/2WJ0MZFqRnCPQKb5oilR1/k+9XpmFz8W98KCujjpNm
+ BEantf7OaaYFIxxoWyrGC1RiMnkSQwa9Pcxgwflca5UC1fW0Jx2zsgDscdWp+Xeo
+ lhYtyHa6upgny66SvekjM9mAm6vtlsBplxYZtz6BgqoxXqk0AwAwiU/9nyXGekAp
+ FPMmENBLZvANuA6hdaMJQpOoyHBDOT8teoIJOut92ptk5bVE4gxwcWc1uFCP05nr
+ gA8iTXnabihXbm2Wb8kk/+34wEru5jpwMh1NEH/TvaqPnly/dBHkmEhJquYyoZFS
+ ttKl64XXdy9HGaTaA6b3dQPeZqHbmadRZzcsxjn+zP8Nu8OTZ4HXkAJ2e3nxlRKs
+ 2EaZDJK4SoNBvvkYLScLLYH5X1uC2gs6AHiQDiczQYxMqai5pEnrLHO7B/pE+d/1
+ AgMBAAGjEzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAGYh
+ pqAK55ei8+S+rXt1wQbejAphJ2GtTft8XjlfVbpk7s7wd/Wt0gLAs4dvPPI1U0k9
+ N6E5WJrn31QbaXHFDwdxFw1ViLxDmepAp+Kp3pQE5bPNjo5e6iwgOGVB20R20ADo
+ foUfk5u6WfGGSJznDkTTdoYdSsHm1d1nsZKt0i2QFnLEIEBOJW4gwY4LiW7ArfYS
+ 21Ji9VLgKxF9We4Y0ppY+7rU8r/aNDrYv0Ghe+IA0+k8KoTGuhBXzxfwUUZ+1+yA
+ JYSmxFzhPJCdwRX3IBn4uTVMRlugntgpmB7m5RyW18MUlAw52Ppe5EtOke1lxxh0
+ G5KYt+pKPnkOVj2LRLvOcAOO47i42q+3P4m2elkPHTrI2JmnTwWNjpkNNc4LeFXs
+ 3HE3SoSvXvImabhBfioqThVMAEEjrtkAQSOFg281vaIgUPbwqcVmbOHv/2Cow0xw
+ gYrp+hB0hhf5rpYi1SMLTKIQUJT6CKnIgN9KHMwcz6Zq4WcshXQxZZrazXomJJ9k
+ WKBpvys1Mfn0Y+phqmCXW7D9Yh1T32pnyOTm8kUonBhIoDEwYN5v175ySw8jjiUD
+ Dlkc/kuv3szLVWx63FvOPc6ra9rmmdwmDaVTd9fGlo/NrquCQOGu59hiACPept+I
+ y+bP1kZ0Z+5qrmlX0zrcLspzXOyY0VX/YZ3unzyp
+ -----END CERTIFICATE-----
profiles::icinga2_master::ca_key: >
- ENC[PKCS7,MIIOHQYJKoZIhvcNAQcDoIIODjCCDgoCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAndhxooQI/m9cfD6jfWVHSce7ePzRwpt8F4qy
- j4SrGT4OWsGYVSDoql2l/w0SGKaw68zBCYJhaI48EvztPsJIO1VwCGjhYbpj
- R6gAemOpmYAXMoD+2uei+ZSHwyyNZraXHUwYnJVLKSzAGAkhr7XWv/L4+s9+
- kEOCnEmJ84I40hPKnwuY4VTaMmq3UzI4KvS0pFx5j7c3GnX5XRcP+LcuyrxB
- eE2tC6G+naiGjXL9M/V+vUPT21sfaRuCXRZHnkzP6gOiGiCCTevAyjbPH2fc
- rBXGGg/et2IFZIEIdEMIH0DUIO10D8S1l526ODWxCWwnD8CmfnDxYajHdW3s
- DO0PEjCCDN4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEENJfLNIsVAoEd0lc
- lXN6TiOAggywLP849H4ful3AaaT/IxQF0L5R9ohoTsyVjIOkSX1c7MXTK7tg
- uILL/LlqZWSsY9uE2glTFPXZR83DgArMF335+wNBDwhLVAUdf0b+BE8m7Lpg
- DGMomJNgqFtDjNqvX6i3O6RH0Iz/zjwKDTHuWtBq739VE1d3x3IU7gNq64MN
- oYA83C81YLys73la+ETrruAYUR+qxUNn+DdU0r894wHtSWrRQ4nIN5algsBI
- mJx/k5pmii2k5bWhPAM6FMsJfaUKHRTz5r1ngHry+LcOFzotGmDhFsndqaKv
- FBnP9tC7v3JlMzcMVN5hI4oZXkURsiZMuFK19UClf6+50qh0VIp6u5xG4tcb
- t8zumv1wWySZnRNFgF4eXcvDY8w4G0nyaYreN5JcP/vE6OFXGqu2hqi0/Dl3
- 9Y9775N8YphqZBWZdCPFVEA0eh3aC1zhLeM9wo00koDTjaALs9Vp7CSsA4j3
- G/Y3Mq2muQmiz9vxcgLc+x6ooD2BKIgveZmLr49zEd4kmHThkhZbj4l8ZCBl
- 7GVRuLleV/D/zXEpejPuFd/rd0dHV0qkKdbjEHi4gjr5ZXcU/ZyAs+kyTk1O
- 3OUxMVId487I5F/oUh4MkwqNJp1Fc8mKed/AYmB0bEG7aCvJGcK+G4LynTAZ
- R2/XqVDq3wp3hfaEgwaVANpf+7z4Du+K5uqGlwkrzUov6wSgfNV84ddus/on
- tLSqeeW8NFVnVaUw3mnfs+H/c+MLZvxYhLEELjfzHYsZEr/KwPgULoak60LZ
- bjtsWI1ruI+YJu9F2f+PckOZyfwLEb19vLTJnyBYYZ6gCqWxGsgjDVL6G4V9
- /WcfrjrU0TopfPoPMtPlKRkltxef4xoSchcONQBwKNn6CJKkZSJHZ5WlciiM
- BSdcKJj+fA8h/EXvZ3DVP1ka9PSEN3WU7REon9IWi74iLZOlzDRs0bCW4nhD
- pphj67QfW0fpCbphw4RkYSp7WCe+s+GpRIKyg6KbM4wEVawqoTjWsvDSflcJ
- CX7joJhvjdepWWwWX1yfX5lwFi1vqexGME0XtYVWrKItSKfVAbqRmDNx6GjJ
- fImihwy7fhVsOtvDgo+nIGn779TfMvy6yQAWQ3cbGGg89mCHVumVEfn9nj3k
- 14IMF97GHNTNSUIzCUw88DxjWVDyuqJNtpwNCFdorRpH1d3p3pEHM5GGvIFI
- hkVdDmFgKPUpavEX+MBVP+INGvfQA8NFsTd14vaS3we48dH+BxMsp9omZlnJ
- fZWcBlcsTlAf1mLjMqgkOy46b2+61MXVp/EkU1t+JOiHiVmT+SEloof4W+ti
- xRxFOA9r2+k5iwprEJokojethAR/rZhMeq/U3mPeU4veo0uvdMNzSOeEejXV
- ALcLridts1/tT+ggj7EPUThmxjO/iI5SF/HjFBOAy0vmBjfTCX6y52W3RpBf
- Jk6e261a8fwaD8jEYJy/x7nbvBj1+yUhvHzvPsowQ1lIN6DLugg8aCyNprlB
- r9/P4rj6t/cmFJrorMi9yoyk5oekQlg/OkQBu+vyvVjIvVmHhmZ5yGl26TUt
- wJja48XhSE+S7arDKbZqDZro+/lALluOtdwpW8twwlaYmEBG0IPgm5PWtq6T
- sRMpLGfUnhJrjGST0l9jOswgdngvW4gbcmKuN1HCEi/soj2QIcMEwRHRr4er
- gECzO/TbL+OIt4I24TfQJhstfOd/s5rgGyuuhtd8Z83QCeUoZl3QmyYWzaNK
- 6QKwdLZQAgrOPKnCE9Vp7lC0/NyjYWlFt0Cm48kJtAdv1pbV8I/W6QkoQHmU
- Tx9XBuJPFspXmpZDrVNQvCBvM3Q/zTLDo4bh4EP6BP0US3GwPCH7dIqaqiIT
- wi++3XeHtXhpJC5+D66Qy8WfAxhvCPIpufI8rjVl+DyzOikT7Uy5GCg7uhM7
- 3W/n8HBk2kOMq4EJOp5iq0Aa1zspi32oPTP/4VM3zq2J8TxgaWAWt6vY3K7Z
- DeJesj8YWHLisCyjwjeShrCr7D6nmkmXCzl+m4/NF9Wqgk9RSPIE3RFYAa5A
- 90dCj/mihDT01Dzt6D2TRBrGiXv8GX+Axt1OJDbJLESorqjkKq7+5qIiKA3+
- QSyWL2k/TNdTuXbk4s0ZC6/Zkagxysn2K5skngiKYIil7LuJVs+aQ9ZeEqXP
- G8/kGX3m/Icg1XeKYjdkbnhTS71Jr40rrqXGzD7JmIxF9NvVyKweUOfDomPV
- 7+/Ig3orrNn85oWpz1I0dNDuF3RPa0JLrSoSymRs7iygP13AlQJ4pXSqQ5JA
- X66BD7GASdcMVcJkI5DH1vcLHWgqJLTOoSDl4SQLzcbksdFGDXcbtzppHLeV
- wwfMiuiK3McgXJyAHMiRPMyGuzc1NViDROG8ysa1RaygVMeosNp/BZigCAPK
- DGODa4C8LoQp5ynSPaLkPdCi+7lk/0UrIDgBaXnYHO1L1LA0ecwQsb02K789
- SmsZLX5iFgSPoREJXn/VQpJH+Td0bl2uZa6Rf0W7pmz34HnapiSln28VaTpe
- OA04FC1JbQiV6DoU22iBz+gBlz4C1YtoZ0QrPrrpSr3SlVr6wZj7IrgBaKL+
- I7Bu1gA42UpgQ2Loy86rNtZOHNhruYRfW6k1TZxIHNFLFfs30XfMIfoGp8tg
- +o3cxrN9vvRuLEUthPsosU6F5c7Y+1FOc9kJLzw6JVOOxpqAgHl2es8gJh5B
- ni5q906VAy+UGsc6KF2cj5m0ZaszZxF/TC+mVmJqE1jv74eqdOqNeGE7O+US
- IdCtJrtn4Uew6AXjo5bQsIBGM/I1OAF67ossbsjIJHmT1kKy1Rec7JlkZs7B
- EXVS5h3nROi/3ImCnqdf+HaZw3xsWaHs17JekLbE+7mSuidU1XCvVFxChN1s
- HILG6xuf2oh3f1KsxqgR0OOyiNf5XikgkAn71lCT0DSd1K69uEzCyfsgfRMf
- pmtmLeB/Xn+SQAlCxxgeeDwcc/tao2G015weu3t9fs1LRsFCiF0Q66yVr8kp
- dJ/lfTNkr6oFz0e20D0ZsjOOGIJDZHlA6fz9hiIz4VHMUrt+JHdPMiIwIGaA
- tXGkHU+od8fp7QsQJ+Es1L4wEHO7D18RzZzqoJUShkdDOELTy+kb3cI++o26
- 0pD7FwsN9LtqHi7fh8dzetBOKWpVEkOVoEjYX3RBPZHimUJfTC9prG+SsyI9
- KrJNmBrd4/sWadfHGInht2xaAfcdpOqF7BsXGWeM8zuythAyy5dyg9w31oLL
- hszXRQD/aIxrmXhT0Fp3j53gIHqH9o/kBvMd81OqfnWsgqwMxgH4x7l5+zbA
- LpWBuJNP9rNQYKnWtgmLXAefYPDb0MddluyhuhQrkOZMGN8sJXj/0ZOhb/Hy
- gM1RBr9Qx2YI7YsBZgZ+27nwOH6AXZtzCktMin9C/fxh+e4/YdUMtA3ciOmR
- WH1itD+tA3enNBpLuiL7qs0a51AXBWtjj8nQD+CK4dRMTvP+tUuV06ghgmgs
- VyvfeSd2DU2szu6BR5WTfg0jUxy09zWnK2Hc3eazGrJR3rg/BL8EKv9DTOXT
- US/LJrmzdFH3T7qdtHm9gX1OPYxNIPUOL6i3HxRIQ/iPpAqQpWCZtIzgOXzh
- 9AsKT4INrUBVdYGl+ox6WaPzJ/2ZyWduOTP3PxopBXD5khn+y6Kl96W0CaR1
- A7VEMLHnrx++cYJn3S1Y0S4QLyvgZe27HIoA47Xx6RT2lxb++wxefIs3U+hJ
- 98eBY8MMUWng3t4RoCYMQpMgh0q4VuKkQDJsdE2yW7elRWG3tfAW5AR6P2pu
- jg4pclb3nFEDNWaKTtgYjtLljy6zBKqC2FUASNMeqs+YQC/ZR5v+monKt1Mf
- H5ZIJFAojQ+J9ce6GVC82+wqolVKCnzI0pJAJ5iXhiiNLxZBfO5NdYCEMg6U
- plW4nyl/0UrYI6p8VuMMFMZStf6QMPY+Gyz2/3jDdWH7CEaSrrHba1iz69jg
- F24Ts8m7BQefJhKsBwxbhCJisijfp0Q2Wrwi9p3upzalYQqG6Il/cr0b6NMv
- ZFoFMO0YlM6sEpGrs/mMEgoiSlPXVMciRpV4PWLiZMqRTmnsxnHPKCeMEkwq
- DPOcDtcL1RUiFiohwx345kNwKqeu5VO43A2v6ppFdTaE3N1v2ws8X+/3JEXn
- d1i7bkBQjer0NQEOnVCxrO+uOOOVvmtUkVk8QJi9oCBQMUJJ3gm9HZXwvEYV
- QHfjLm7Vy2L/2vsAqJHmaYwLJbnCO4KbCGzoLFBBE2gz17wYIPIgDbVxjNRu
- W1HABIXMJ8IEQJnN9mDYZWjUsutf8FRFsfAPMoAGX5M5tLVrTUQbXUjtpJ6v
- RA3cuu7epXa+RGV/NdgBV1k=]
+ ENC[PKCS7,MIIOHQYJKoZIhvcNAQcDoIIODjCCDgoCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAndhxooQI/m9cfD6jfWVHSce7ePzRwpt8F4qy
+ j4SrGT4OWsGYVSDoql2l/w0SGKaw68zBCYJhaI48EvztPsJIO1VwCGjhYbpj
+ R6gAemOpmYAXMoD+2uei+ZSHwyyNZraXHUwYnJVLKSzAGAkhr7XWv/L4+s9+
+ kEOCnEmJ84I40hPKnwuY4VTaMmq3UzI4KvS0pFx5j7c3GnX5XRcP+LcuyrxB
+ eE2tC6G+naiGjXL9M/V+vUPT21sfaRuCXRZHnkzP6gOiGiCCTevAyjbPH2fc
+ rBXGGg/et2IFZIEIdEMIH0DUIO10D8S1l526ODWxCWwnD8CmfnDxYajHdW3s
+ DO0PEjCCDN4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEENJfLNIsVAoEd0lc
+ lXN6TiOAggywLP849H4ful3AaaT/IxQF0L5R9ohoTsyVjIOkSX1c7MXTK7tg
+ uILL/LlqZWSsY9uE2glTFPXZR83DgArMF335+wNBDwhLVAUdf0b+BE8m7Lpg
+ DGMomJNgqFtDjNqvX6i3O6RH0Iz/zjwKDTHuWtBq739VE1d3x3IU7gNq64MN
+ oYA83C81YLys73la+ETrruAYUR+qxUNn+DdU0r894wHtSWrRQ4nIN5algsBI
+ mJx/k5pmii2k5bWhPAM6FMsJfaUKHRTz5r1ngHry+LcOFzotGmDhFsndqaKv
+ FBnP9tC7v3JlMzcMVN5hI4oZXkURsiZMuFK19UClf6+50qh0VIp6u5xG4tcb
+ t8zumv1wWySZnRNFgF4eXcvDY8w4G0nyaYreN5JcP/vE6OFXGqu2hqi0/Dl3
+ 9Y9775N8YphqZBWZdCPFVEA0eh3aC1zhLeM9wo00koDTjaALs9Vp7CSsA4j3
+ G/Y3Mq2muQmiz9vxcgLc+x6ooD2BKIgveZmLr49zEd4kmHThkhZbj4l8ZCBl
+ 7GVRuLleV/D/zXEpejPuFd/rd0dHV0qkKdbjEHi4gjr5ZXcU/ZyAs+kyTk1O
+ 3OUxMVId487I5F/oUh4MkwqNJp1Fc8mKed/AYmB0bEG7aCvJGcK+G4LynTAZ
+ R2/XqVDq3wp3hfaEgwaVANpf+7z4Du+K5uqGlwkrzUov6wSgfNV84ddus/on
+ tLSqeeW8NFVnVaUw3mnfs+H/c+MLZvxYhLEELjfzHYsZEr/KwPgULoak60LZ
+ bjtsWI1ruI+YJu9F2f+PckOZyfwLEb19vLTJnyBYYZ6gCqWxGsgjDVL6G4V9
+ /WcfrjrU0TopfPoPMtPlKRkltxef4xoSchcONQBwKNn6CJKkZSJHZ5WlciiM
+ BSdcKJj+fA8h/EXvZ3DVP1ka9PSEN3WU7REon9IWi74iLZOlzDRs0bCW4nhD
+ pphj67QfW0fpCbphw4RkYSp7WCe+s+GpRIKyg6KbM4wEVawqoTjWsvDSflcJ
+ CX7joJhvjdepWWwWX1yfX5lwFi1vqexGME0XtYVWrKItSKfVAbqRmDNx6GjJ
+ fImihwy7fhVsOtvDgo+nIGn779TfMvy6yQAWQ3cbGGg89mCHVumVEfn9nj3k
+ 14IMF97GHNTNSUIzCUw88DxjWVDyuqJNtpwNCFdorRpH1d3p3pEHM5GGvIFI
+ hkVdDmFgKPUpavEX+MBVP+INGvfQA8NFsTd14vaS3we48dH+BxMsp9omZlnJ
+ fZWcBlcsTlAf1mLjMqgkOy46b2+61MXVp/EkU1t+JOiHiVmT+SEloof4W+ti
+ xRxFOA9r2+k5iwprEJokojethAR/rZhMeq/U3mPeU4veo0uvdMNzSOeEejXV
+ ALcLridts1/tT+ggj7EPUThmxjO/iI5SF/HjFBOAy0vmBjfTCX6y52W3RpBf
+ Jk6e261a8fwaD8jEYJy/x7nbvBj1+yUhvHzvPsowQ1lIN6DLugg8aCyNprlB
+ r9/P4rj6t/cmFJrorMi9yoyk5oekQlg/OkQBu+vyvVjIvVmHhmZ5yGl26TUt
+ wJja48XhSE+S7arDKbZqDZro+/lALluOtdwpW8twwlaYmEBG0IPgm5PWtq6T
+ sRMpLGfUnhJrjGST0l9jOswgdngvW4gbcmKuN1HCEi/soj2QIcMEwRHRr4er
+ gECzO/TbL+OIt4I24TfQJhstfOd/s5rgGyuuhtd8Z83QCeUoZl3QmyYWzaNK
+ 6QKwdLZQAgrOPKnCE9Vp7lC0/NyjYWlFt0Cm48kJtAdv1pbV8I/W6QkoQHmU
+ Tx9XBuJPFspXmpZDrVNQvCBvM3Q/zTLDo4bh4EP6BP0US3GwPCH7dIqaqiIT
+ wi++3XeHtXhpJC5+D66Qy8WfAxhvCPIpufI8rjVl+DyzOikT7Uy5GCg7uhM7
+ 3W/n8HBk2kOMq4EJOp5iq0Aa1zspi32oPTP/4VM3zq2J8TxgaWAWt6vY3K7Z
+ DeJesj8YWHLisCyjwjeShrCr7D6nmkmXCzl+m4/NF9Wqgk9RSPIE3RFYAa5A
+ 90dCj/mihDT01Dzt6D2TRBrGiXv8GX+Axt1OJDbJLESorqjkKq7+5qIiKA3+
+ QSyWL2k/TNdTuXbk4s0ZC6/Zkagxysn2K5skngiKYIil7LuJVs+aQ9ZeEqXP
+ G8/kGX3m/Icg1XeKYjdkbnhTS71Jr40rrqXGzD7JmIxF9NvVyKweUOfDomPV
+ 7+/Ig3orrNn85oWpz1I0dNDuF3RPa0JLrSoSymRs7iygP13AlQJ4pXSqQ5JA
+ X66BD7GASdcMVcJkI5DH1vcLHWgqJLTOoSDl4SQLzcbksdFGDXcbtzppHLeV
+ wwfMiuiK3McgXJyAHMiRPMyGuzc1NViDROG8ysa1RaygVMeosNp/BZigCAPK
+ DGODa4C8LoQp5ynSPaLkPdCi+7lk/0UrIDgBaXnYHO1L1LA0ecwQsb02K789
+ SmsZLX5iFgSPoREJXn/VQpJH+Td0bl2uZa6Rf0W7pmz34HnapiSln28VaTpe
+ OA04FC1JbQiV6DoU22iBz+gBlz4C1YtoZ0QrPrrpSr3SlVr6wZj7IrgBaKL+
+ I7Bu1gA42UpgQ2Loy86rNtZOHNhruYRfW6k1TZxIHNFLFfs30XfMIfoGp8tg
+ +o3cxrN9vvRuLEUthPsosU6F5c7Y+1FOc9kJLzw6JVOOxpqAgHl2es8gJh5B
+ ni5q906VAy+UGsc6KF2cj5m0ZaszZxF/TC+mVmJqE1jv74eqdOqNeGE7O+US
+ IdCtJrtn4Uew6AXjo5bQsIBGM/I1OAF67ossbsjIJHmT1kKy1Rec7JlkZs7B
+ EXVS5h3nROi/3ImCnqdf+HaZw3xsWaHs17JekLbE+7mSuidU1XCvVFxChN1s
+ HILG6xuf2oh3f1KsxqgR0OOyiNf5XikgkAn71lCT0DSd1K69uEzCyfsgfRMf
+ pmtmLeB/Xn+SQAlCxxgeeDwcc/tao2G015weu3t9fs1LRsFCiF0Q66yVr8kp
+ dJ/lfTNkr6oFz0e20D0ZsjOOGIJDZHlA6fz9hiIz4VHMUrt+JHdPMiIwIGaA
+ tXGkHU+od8fp7QsQJ+Es1L4wEHO7D18RzZzqoJUShkdDOELTy+kb3cI++o26
+ 0pD7FwsN9LtqHi7fh8dzetBOKWpVEkOVoEjYX3RBPZHimUJfTC9prG+SsyI9
+ KrJNmBrd4/sWadfHGInht2xaAfcdpOqF7BsXGWeM8zuythAyy5dyg9w31oLL
+ hszXRQD/aIxrmXhT0Fp3j53gIHqH9o/kBvMd81OqfnWsgqwMxgH4x7l5+zbA
+ LpWBuJNP9rNQYKnWtgmLXAefYPDb0MddluyhuhQrkOZMGN8sJXj/0ZOhb/Hy
+ gM1RBr9Qx2YI7YsBZgZ+27nwOH6AXZtzCktMin9C/fxh+e4/YdUMtA3ciOmR
+ WH1itD+tA3enNBpLuiL7qs0a51AXBWtjj8nQD+CK4dRMTvP+tUuV06ghgmgs
+ VyvfeSd2DU2szu6BR5WTfg0jUxy09zWnK2Hc3eazGrJR3rg/BL8EKv9DTOXT
+ US/LJrmzdFH3T7qdtHm9gX1OPYxNIPUOL6i3HxRIQ/iPpAqQpWCZtIzgOXzh
+ 9AsKT4INrUBVdYGl+ox6WaPzJ/2ZyWduOTP3PxopBXD5khn+y6Kl96W0CaR1
+ A7VEMLHnrx++cYJn3S1Y0S4QLyvgZe27HIoA47Xx6RT2lxb++wxefIs3U+hJ
+ 98eBY8MMUWng3t4RoCYMQpMgh0q4VuKkQDJsdE2yW7elRWG3tfAW5AR6P2pu
+ jg4pclb3nFEDNWaKTtgYjtLljy6zBKqC2FUASNMeqs+YQC/ZR5v+monKt1Mf
+ H5ZIJFAojQ+J9ce6GVC82+wqolVKCnzI0pJAJ5iXhiiNLxZBfO5NdYCEMg6U
+ plW4nyl/0UrYI6p8VuMMFMZStf6QMPY+Gyz2/3jDdWH7CEaSrrHba1iz69jg
+ F24Ts8m7BQefJhKsBwxbhCJisijfp0Q2Wrwi9p3upzalYQqG6Il/cr0b6NMv
+ ZFoFMO0YlM6sEpGrs/mMEgoiSlPXVMciRpV4PWLiZMqRTmnsxnHPKCeMEkwq
+ DPOcDtcL1RUiFiohwx345kNwKqeu5VO43A2v6ppFdTaE3N1v2ws8X+/3JEXn
+ d1i7bkBQjer0NQEOnVCxrO+uOOOVvmtUkVk8QJi9oCBQMUJJ3gm9HZXwvEYV
+ QHfjLm7Vy2L/2vsAqJHmaYwLJbnCO4KbCGzoLFBBE2gz17wYIPIgDbVxjNRu
+ W1HABIXMJ8IEQJnN9mDYZWjUsutf8FRFsfAPMoAGX5M5tLVrTUQbXUjtpJ6v
+ RA3cuu7epXa+RGV/NdgBV1k=]
profiles::icinga2_master::master_key: >
- ENC[PKCS7,MIIOTQYJKoZIhvcNAQcDoIIOPjCCDjoCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAutSMdSCHNMnSQAidQt5A5eXTNNvVU1BsJxTb
- lXX37CV5XjtRao7+B/hl8/QXXOf5neNCh/Q5yRcr47cyJnb4zFcJrIluWHeF
- OSN4fDPogxIBixupVwWuEmxfDGUd+3QRmL8gEBXHVntzQPRW2AR7bgTldFy4
- d6XpVnFSGLkH2C/RdWeCnKsgumbBITo0mJnNvHB7H7tPHxMMvsIbJvmqu9lC
- OxJPZXIXnY6TlLuuIPiHpzrGsToB4dKrUYlQ9Y9KHHFN2NCRfMUNZkAd7vLR
- ZLzTFq7XK3CaDqmAMWisbI2kBHf7GAkZJky+vxeRRsJ2B2JREw/JmqF5tD+Y
- aVZz9DCCDQ4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEECubd68R7PosC6nC
- SnB2SqCAggzg3aZRHoxfBmvg91xRcWB2UKb2azHGHfHjatP7dcL5EQ3l8JGd
- fwzaUkb92HEtLBV9VqlNEnuZS3MKRxZGJFTtZ/P/Sg+gla5BEHgSX6YnGW41
- s1JulZDqkrSecpnBQ3j+w9apExWv4dHFJJ4jlR+S1GaPh4RaKZisozc0Ln7+
- zTZKKRWl/NCDPIw4+gpPpAWVH2xGpmUAv/kW1BGw1WQJDvr5sZ0+TgYybQbu
- 24PI7u59wvyHiQx/qNmlk11AAw2ysvTG9hbwc0JrfbinV6eE6ibB/tloQNAl
- /eGeNxxwOIKRFMQanWzsCUctdbUJxDoIyMBnFEf8muiLW/t4IND7+D/jK+wb
- UnwKsZJv9uwzgGAAy2RANTDoOjPnxAN1Ikx9TapGd/TnyN1LvwGKw2YbqgBX
- dyUqanIrHgr4SVvCr71Acw8qbUvt6NPMIgEAmF7+JD2J220WxpUu3yqYD9aS
- i0XCmTW03ObUQVqJaW/weO7PzaPcN7hhHt/XnJC/ezXCpQl8+yc3cKyjUJY1
- NI2RHztyp6Oill4FvBAkc1XAyVQGy8bpkAYh63ozQPuv9GlaCeL51/PYa6K9
- AGHXPh7Zf96hpeY0qNyW3W6vu8gvL3ApGUxkI+dimC/wfwQuR5969aCYxNtu
- siRVEUHXpIEZcGqP6dFDHieu3XC3/Dq9EPUvQ2gMO8M/SKAa4t0Ga5u2nvhD
- xKO/UdbnP1SD9sBiL6Tlqp+iw3K+7opCho+2mJ5Z6+finL5I4ih9pNW/BONM
- TN0J9ySDA7fFBMCM0mMlgkvd6/xts63tq8TxNn3SpJxL7RZTp2DDu8aH+gto
- e1nDtg+f4LJwBbCpLNbN6G0Blq5IMoo0jTDuddJTig6/xaY1AcrKIWI8ZqHR
- FAaFRJw0mhpn3R6psrEU464tvKQD5jQtlwUkYSV7M2CX9cGtgO0mw2YtNM/X
- xTrOyymSxO64zQDce2N0m6p4/jPUPna2NLcLhxRvA4x9Esn8TEsyAUOOPv2L
- 5fKQhOAfJmy7WxAR44phUexnsZIL6YculN+wJdkmBjYVrNm9b5XndXecbr09
- knseandJDRPShJkVILCQ/HqlDGMy3Bg4IGup3jGW495o5NHF69ExmGHFu7zi
- NAL2DwEqgJnfOllkwT6WTgGsJp8mXhg/2kY5zAJTb69dWGMGKKR1pHrJSyql
- f3F6gPkop6Om0I795+u0eQPPQJu3/48n+1wvHuHG6gGLQI/2vqTv5f1cSz96
- qCQ/5T/LQzrLwpsIlsrS6TBlboPEUHgw9v62naSVWwwqVZm4BRJQi+O1gqtw
- Fwp+mNSn8RIZD7SVdlpGD0141FSYDXS3KuS3Qm9NCBSxVBrXgW/xKy02vDKb
- 4eAmkxDB80VeTOLoq08bO+8gA6kksXEO6JR6ZEhH9d6DbyvwfgYws82sTi9V
- 4t31pAFyFr2lERrP8dNchwiNbMrSYyY77+ko6MG0V/oAxPlPQyzNzM139JRz
- H2vzIW/wq8+tNRDdvF7M0iK8EdPUj/Q6Q+BBKREp98ArjmjFLEWx8nRLjy48
- O9BzJ9ZGZlKKxPwx3uFptPHMn//syZmVdEfqHdsXO1AWRbqOqj5dB65Dq/m4
- +Bo/kXJAL/thltK7uO/F/yKrh686Dl2l49uQbTpksi7Sa/b+CHmWFmkzKvQH
- eJ2SOdjjRjST83dlc8QMjkF2WqYf450j6rd2KzK32ZoeQbd9z7yM9/6imbs5
- n7Cz6J7UE37EFdCO5YdAmnHEYrkJsF9MhSMYLfHa1t5UxeoYuTWdQLJ0k/G+
- g/bI1UraseYYZjh6ldxU0skCW/aS58nFurFFlqBYdnKaUyH1IQ0EWCG1XMzn
- qpI1rjtVy5LKi5aTFYYerXXmzYgNJo36YqP+7yYr+W4MQhT1px79dFLPTd/G
- dlu1SlDMjkT5e/XS08nGxgIMXgbZP1bRlX8mx0sqkjlfEiQ1bLGavDyrz+aV
- p5SpdGXpTREg+svWtrdCPMSne7AdSUhjlKFOwSDz4TWWojKv81LWys9OmeDI
- dE8urQTOxcTgp1CL7PElWb5Yizl70PvBqBKQW6iXtZzRvislnYmhctcUu2T+
- bwjEt4YIp1SwuklXdm4sskGpRSmGxYmqWEg7gasSVoQLdlLIUYG5EcyinTOe
- wTuaZUnUjiCznLVn0Y2Ti8PF7dH4Dfm4SO8ZAyR8F68CLDsgefoaMfPo3mYg
- Y4R5OywpS1ma90tpliF9IPh7YS66sUJS5GS7KFbeHRRxyLGUQM/fO/SgD48T
- nIEKFDeqbVOHmyvUVQCTc6+1QLnWrh6ywc7WO3Li/MCEheuL7WVd+ANfrjUe
- E1s+GIGg4TFc9CDCkDck/oc94gL7VtOJqgVpIy1XhtF1akaIbSoEJoP4oR0E
- l4YpEEDX+v4CwGAeVfnHsnPCXgF73OTbxsg6604YChK7SXxdKMuBR0ThmEFM
- Ir3aC56wR3Lbbjo4IVAUH9HvhImuJZ9h4mkl5DwCsAa+z7Zf8DYlDiz8ssrz
- LvByHO018A+Ox/7pKekMVIiF8nboNNsDDgqblGkKkLRWOwHB3J/w5zeB/m5P
- +iPSsB7Jp9g4QTUdG+PBoDQ7MI/i2vz7qnttP8KT4mDqd0ivznr9jWnrVL+v
- SrDvH80hoa7sIcHaWjeMXUWTh0b0D/cMi5wSE5fG0kiZU5/cSiA+pVzgBO0A
- 3+QXg+AYO60f233fkuvpJtdc6m4/E9pnKsXSsyGFPzn6/fUYDktzyYycOmnc
- G/8fwwWT8iiUujpOb1vt/uR7GN4Ctph5F1pcR+YaqAi8URQPM0qrHL5EsmJH
- HGhXzdc/M4HisYF0/TIhYDQqim0Uw7z0P1YRhW0TZiLtdwBYowQYfa9VJExX
- HMGm7ljcb2WIrxdWqzAjo2mrae0spGwBsMimfJOQo7t1DPtceBYrQdzONcM5
- EiJcRjb0+vDMCUqfT9G0hJh/5T1YexZg2uCtQTX2spglQYGA/XCVxhQwhY8j
- PKGEwgo8tL13dfuxsRzyZH/VdKfcw4O1tXXIIrrIcrRZ3XIWXXlnd+dDHPwr
- cnqlas2ZEXhgl2JufICUBtt0fUSjwrvaMXpHCo1SZLaAAOXrpZQ5q/dC4Mv1
- KWAyllfGdFMY9152DUlpwieZuFSyN8KFOib3e+ADyfaFBdybrItvbGyftgRU
- xS817bHHlCkOZ+Wm35/GZsTZgPtp2q4MvJXVLNtZp7NL1V7Ya62ww154ZOY/
- RbyKLdzUrb4SezX4Ie9KEZH78dTzTKxKZgtjkW1x466HMv8FSMsSDL87hV9Q
- B8T+zVTRMCs+fYXqi8BXdUBMT6j/CRw57U8Dwg+ECwBlyIFsdwkKCYoUGn5u
- m5575yug7bsA1+qJbEMAH8JbhFWWu6p0Tqdfy+++4y6dGJ6EAfdnXnNdvO5l
- yWl575+iUMgkFQONbcfwkrESuCaZA/kLkVIXkB89LTjPUrfQldYSc+g0Ycdu
- xf0m9IDT5lcF3JFgEjr+cYQx5AR3VmFeHE2rQlZgxaBtAaQ7heGRUCYCcGFq
- 2CAMf0+A9Ps7i8TWA5HtxQHRA+8pLX7XYV+RYSfkravU2CUueTVFyKBrxjL1
- MkVh1TyVgkdxYsGtZfwYmxnSqgbnJM9q6g/IgCwLkFWnSx4ie6b7ViWiC7yI
- 0AFK/xnqAAAKe0Ea35xJIoH7oCq8GClCMlf4Le8xm9/7CI1C1DMQT70pdORw
- U1bAKkFNxm6gSG0qcjFemeiUvUgHJKW0qOYsSLSUF2ff53GpDkzjfoFOITol
- PSIeSUVKF2kFR0rM8ua3wYypD1TDPxXSILfdAGOrvo6FUunB+QrScjbC5ra7
- mpTZcofdgIo5yOdI2AoBoCS5RIB+jDPBoXijqZwHcW2ALPHgiIoaWQXDn+9v
- zYsYcjM/82MaJi/v14FfC1qlbtLcCsaVWWYU7Sev0zAdGQR5W9efLkXHoR+z
- VUL9Itaghxs781cxUUzz39KzxSQxHXvD7BRdDCqLjSO9cXrCmRJAlASC1mvU
- Mbdey/FtflKXb1icJIP9khSdN0lRmMSixg+kCYaC5FPSBPQNj133rQ5UQOrx
- CjYeVJwbQOc/Qs1m1vkJ7FO5ayHX5jhgFSCrbG1modbpaSU4h4yaPGTe2DUz
- kdFTFUSa6MO+OCiw2FNhW5mW71zl5RiF7//zq5TNg4bcA/cwQ9yM7qjMoKMx
- jygQIqVIvSVzvhQ3YuMhuDE1/CyD3bBJOhCPaApS5TCOQmG1gxLLZ7GWC0mE
- qMAiqHBqbsfnUiGmmOJNlq3GLT9zrnwfNjtHd0iNOS9ywKXv/z5huJEe+ody
- kJzAgE2N8q67q07xvVlVjgczpx5Unoqr0T7WMm4qfjMETvzvnXZDWQGblQLz
- 7VhxsSi51i50RV767AFtbk6GAgw=]
+ ENC[PKCS7,MIIOTQYJKoZIhvcNAQcDoIIOPjCCDjoCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAutSMdSCHNMnSQAidQt5A5eXTNNvVU1BsJxTb
+ lXX37CV5XjtRao7+B/hl8/QXXOf5neNCh/Q5yRcr47cyJnb4zFcJrIluWHeF
+ OSN4fDPogxIBixupVwWuEmxfDGUd+3QRmL8gEBXHVntzQPRW2AR7bgTldFy4
+ d6XpVnFSGLkH2C/RdWeCnKsgumbBITo0mJnNvHB7H7tPHxMMvsIbJvmqu9lC
+ OxJPZXIXnY6TlLuuIPiHpzrGsToB4dKrUYlQ9Y9KHHFN2NCRfMUNZkAd7vLR
+ ZLzTFq7XK3CaDqmAMWisbI2kBHf7GAkZJky+vxeRRsJ2B2JREw/JmqF5tD+Y
+ aVZz9DCCDQ4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEECubd68R7PosC6nC
+ SnB2SqCAggzg3aZRHoxfBmvg91xRcWB2UKb2azHGHfHjatP7dcL5EQ3l8JGd
+ fwzaUkb92HEtLBV9VqlNEnuZS3MKRxZGJFTtZ/P/Sg+gla5BEHgSX6YnGW41
+ s1JulZDqkrSecpnBQ3j+w9apExWv4dHFJJ4jlR+S1GaPh4RaKZisozc0Ln7+
+ zTZKKRWl/NCDPIw4+gpPpAWVH2xGpmUAv/kW1BGw1WQJDvr5sZ0+TgYybQbu
+ 24PI7u59wvyHiQx/qNmlk11AAw2ysvTG9hbwc0JrfbinV6eE6ibB/tloQNAl
+ /eGeNxxwOIKRFMQanWzsCUctdbUJxDoIyMBnFEf8muiLW/t4IND7+D/jK+wb
+ UnwKsZJv9uwzgGAAy2RANTDoOjPnxAN1Ikx9TapGd/TnyN1LvwGKw2YbqgBX
+ dyUqanIrHgr4SVvCr71Acw8qbUvt6NPMIgEAmF7+JD2J220WxpUu3yqYD9aS
+ i0XCmTW03ObUQVqJaW/weO7PzaPcN7hhHt/XnJC/ezXCpQl8+yc3cKyjUJY1
+ NI2RHztyp6Oill4FvBAkc1XAyVQGy8bpkAYh63ozQPuv9GlaCeL51/PYa6K9
+ AGHXPh7Zf96hpeY0qNyW3W6vu8gvL3ApGUxkI+dimC/wfwQuR5969aCYxNtu
+ siRVEUHXpIEZcGqP6dFDHieu3XC3/Dq9EPUvQ2gMO8M/SKAa4t0Ga5u2nvhD
+ xKO/UdbnP1SD9sBiL6Tlqp+iw3K+7opCho+2mJ5Z6+finL5I4ih9pNW/BONM
+ TN0J9ySDA7fFBMCM0mMlgkvd6/xts63tq8TxNn3SpJxL7RZTp2DDu8aH+gto
+ e1nDtg+f4LJwBbCpLNbN6G0Blq5IMoo0jTDuddJTig6/xaY1AcrKIWI8ZqHR
+ FAaFRJw0mhpn3R6psrEU464tvKQD5jQtlwUkYSV7M2CX9cGtgO0mw2YtNM/X
+ xTrOyymSxO64zQDce2N0m6p4/jPUPna2NLcLhxRvA4x9Esn8TEsyAUOOPv2L
+ 5fKQhOAfJmy7WxAR44phUexnsZIL6YculN+wJdkmBjYVrNm9b5XndXecbr09
+ knseandJDRPShJkVILCQ/HqlDGMy3Bg4IGup3jGW495o5NHF69ExmGHFu7zi
+ NAL2DwEqgJnfOllkwT6WTgGsJp8mXhg/2kY5zAJTb69dWGMGKKR1pHrJSyql
+ f3F6gPkop6Om0I795+u0eQPPQJu3/48n+1wvHuHG6gGLQI/2vqTv5f1cSz96
+ qCQ/5T/LQzrLwpsIlsrS6TBlboPEUHgw9v62naSVWwwqVZm4BRJQi+O1gqtw
+ Fwp+mNSn8RIZD7SVdlpGD0141FSYDXS3KuS3Qm9NCBSxVBrXgW/xKy02vDKb
+ 4eAmkxDB80VeTOLoq08bO+8gA6kksXEO6JR6ZEhH9d6DbyvwfgYws82sTi9V
+ 4t31pAFyFr2lERrP8dNchwiNbMrSYyY77+ko6MG0V/oAxPlPQyzNzM139JRz
+ H2vzIW/wq8+tNRDdvF7M0iK8EdPUj/Q6Q+BBKREp98ArjmjFLEWx8nRLjy48
+ O9BzJ9ZGZlKKxPwx3uFptPHMn//syZmVdEfqHdsXO1AWRbqOqj5dB65Dq/m4
+ +Bo/kXJAL/thltK7uO/F/yKrh686Dl2l49uQbTpksi7Sa/b+CHmWFmkzKvQH
+ eJ2SOdjjRjST83dlc8QMjkF2WqYf450j6rd2KzK32ZoeQbd9z7yM9/6imbs5
+ n7Cz6J7UE37EFdCO5YdAmnHEYrkJsF9MhSMYLfHa1t5UxeoYuTWdQLJ0k/G+
+ g/bI1UraseYYZjh6ldxU0skCW/aS58nFurFFlqBYdnKaUyH1IQ0EWCG1XMzn
+ qpI1rjtVy5LKi5aTFYYerXXmzYgNJo36YqP+7yYr+W4MQhT1px79dFLPTd/G
+ dlu1SlDMjkT5e/XS08nGxgIMXgbZP1bRlX8mx0sqkjlfEiQ1bLGavDyrz+aV
+ p5SpdGXpTREg+svWtrdCPMSne7AdSUhjlKFOwSDz4TWWojKv81LWys9OmeDI
+ dE8urQTOxcTgp1CL7PElWb5Yizl70PvBqBKQW6iXtZzRvislnYmhctcUu2T+
+ bwjEt4YIp1SwuklXdm4sskGpRSmGxYmqWEg7gasSVoQLdlLIUYG5EcyinTOe
+ wTuaZUnUjiCznLVn0Y2Ti8PF7dH4Dfm4SO8ZAyR8F68CLDsgefoaMfPo3mYg
+ Y4R5OywpS1ma90tpliF9IPh7YS66sUJS5GS7KFbeHRRxyLGUQM/fO/SgD48T
+ nIEKFDeqbVOHmyvUVQCTc6+1QLnWrh6ywc7WO3Li/MCEheuL7WVd+ANfrjUe
+ E1s+GIGg4TFc9CDCkDck/oc94gL7VtOJqgVpIy1XhtF1akaIbSoEJoP4oR0E
+ l4YpEEDX+v4CwGAeVfnHsnPCXgF73OTbxsg6604YChK7SXxdKMuBR0ThmEFM
+ Ir3aC56wR3Lbbjo4IVAUH9HvhImuJZ9h4mkl5DwCsAa+z7Zf8DYlDiz8ssrz
+ LvByHO018A+Ox/7pKekMVIiF8nboNNsDDgqblGkKkLRWOwHB3J/w5zeB/m5P
+ +iPSsB7Jp9g4QTUdG+PBoDQ7MI/i2vz7qnttP8KT4mDqd0ivznr9jWnrVL+v
+ SrDvH80hoa7sIcHaWjeMXUWTh0b0D/cMi5wSE5fG0kiZU5/cSiA+pVzgBO0A
+ 3+QXg+AYO60f233fkuvpJtdc6m4/E9pnKsXSsyGFPzn6/fUYDktzyYycOmnc
+ G/8fwwWT8iiUujpOb1vt/uR7GN4Ctph5F1pcR+YaqAi8URQPM0qrHL5EsmJH
+ HGhXzdc/M4HisYF0/TIhYDQqim0Uw7z0P1YRhW0TZiLtdwBYowQYfa9VJExX
+ HMGm7ljcb2WIrxdWqzAjo2mrae0spGwBsMimfJOQo7t1DPtceBYrQdzONcM5
+ EiJcRjb0+vDMCUqfT9G0hJh/5T1YexZg2uCtQTX2spglQYGA/XCVxhQwhY8j
+ PKGEwgo8tL13dfuxsRzyZH/VdKfcw4O1tXXIIrrIcrRZ3XIWXXlnd+dDHPwr
+ cnqlas2ZEXhgl2JufICUBtt0fUSjwrvaMXpHCo1SZLaAAOXrpZQ5q/dC4Mv1
+ KWAyllfGdFMY9152DUlpwieZuFSyN8KFOib3e+ADyfaFBdybrItvbGyftgRU
+ xS817bHHlCkOZ+Wm35/GZsTZgPtp2q4MvJXVLNtZp7NL1V7Ya62ww154ZOY/
+ RbyKLdzUrb4SezX4Ie9KEZH78dTzTKxKZgtjkW1x466HMv8FSMsSDL87hV9Q
+ B8T+zVTRMCs+fYXqi8BXdUBMT6j/CRw57U8Dwg+ECwBlyIFsdwkKCYoUGn5u
+ m5575yug7bsA1+qJbEMAH8JbhFWWu6p0Tqdfy+++4y6dGJ6EAfdnXnNdvO5l
+ yWl575+iUMgkFQONbcfwkrESuCaZA/kLkVIXkB89LTjPUrfQldYSc+g0Ycdu
+ xf0m9IDT5lcF3JFgEjr+cYQx5AR3VmFeHE2rQlZgxaBtAaQ7heGRUCYCcGFq
+ 2CAMf0+A9Ps7i8TWA5HtxQHRA+8pLX7XYV+RYSfkravU2CUueTVFyKBrxjL1
+ MkVh1TyVgkdxYsGtZfwYmxnSqgbnJM9q6g/IgCwLkFWnSx4ie6b7ViWiC7yI
+ 0AFK/xnqAAAKe0Ea35xJIoH7oCq8GClCMlf4Le8xm9/7CI1C1DMQT70pdORw
+ U1bAKkFNxm6gSG0qcjFemeiUvUgHJKW0qOYsSLSUF2ff53GpDkzjfoFOITol
+ PSIeSUVKF2kFR0rM8ua3wYypD1TDPxXSILfdAGOrvo6FUunB+QrScjbC5ra7
+ mpTZcofdgIo5yOdI2AoBoCS5RIB+jDPBoXijqZwHcW2ALPHgiIoaWQXDn+9v
+ zYsYcjM/82MaJi/v14FfC1qlbtLcCsaVWWYU7Sev0zAdGQR5W9efLkXHoR+z
+ VUL9Itaghxs781cxUUzz39KzxSQxHXvD7BRdDCqLjSO9cXrCmRJAlASC1mvU
+ Mbdey/FtflKXb1icJIP9khSdN0lRmMSixg+kCYaC5FPSBPQNj133rQ5UQOrx
+ CjYeVJwbQOc/Qs1m1vkJ7FO5ayHX5jhgFSCrbG1modbpaSU4h4yaPGTe2DUz
+ kdFTFUSa6MO+OCiw2FNhW5mW71zl5RiF7//zq5TNg4bcA/cwQ9yM7qjMoKMx
+ jygQIqVIvSVzvhQ3YuMhuDE1/CyD3bBJOhCPaApS5TCOQmG1gxLLZ7GWC0mE
+ qMAiqHBqbsfnUiGmmOJNlq3GLT9zrnwfNjtHd0iNOS9ywKXv/z5huJEe+ody
+ kJzAgE2N8q67q07xvVlVjgczpx5Unoqr0T7WMm4qfjMETvzvnXZDWQGblQLz
+ 7VhxsSi51i50RV767AFtbk6GAgw=]
profiles::icinga2_master::master_csr: |
- -----BEGIN CERTIFICATE REQUEST-----
- MIIEnjCCAoYCAQAwIzEhMB8GA1UEAwwYbW9uaXRvci5pbmZyYS5jYWNlcnQub3Jn
- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA7Z9Yf0kd7Jo88QH/xhQN
- YvZrm3rL2nIz+B67HFgQu6Q1o6wqYvn6bccTjdQFhrHcDob9XpoCs18IwDIG9fBh
- NR5kph7XjVzv40vh3tjjzfkvoKzPyEDxJI98DTTkDKK3UfsvTL0PwlS1xrBRW8Ib
- bKmqNNA7p8VJJanzJCv0k7idpLmmyKeRoBF0HFaGynFcoOwjoLib9polUExD8kSR
- femOLwq46BGORX7id49J3DHPQv89dm4N0BPjnWGMd1x3puk+GgptEzFDNEigNmFe
- rojMKqoIhNEi4+bB3tz/aU6Sn0vm4Jm0tnlkrdX7O1nBvTvrwBa6jt94v0n9amvF
- V+LzKde4ukvn8FRoEmJMaiHgSMjlU0KwawhCqC67Rf+L+nwhi4o916BcLzCMkEHb
- CAW04uBZJdj29BwvWkfd7rrydUMZuBJIsKydJ13H9/kWUlsgqXayWpMl7qrJSx7X
- iY0Z909Nmu6+ZphlqesRcOFyZHB4hkBP8tZA9lYHOjSBFI340Fni38cMKrJQiyKA
- ZXUQmE/i3a1J5ZXuKmYjhha4A3MtEvxrXbWP7rokYCqShJO72ThGM6RRwnEmyL4J
- 46eRGHta3apZjOqjHjY9Za+bGbQFjQ12/YanP8DeXh4Y3vxwxu3jkUnOf0VF//qa
- v52iYXn9PnJlQ2GhRtTWoccCAwEAAaA2MDQGCSqGSIb3DQEJDjEnMCUwIwYDVR0R
- BBwwGoIYbW9uaXRvci5pbmZyYS5jYWNlcnQub3JnMA0GCSqGSIb3DQEBCwUAA4IC
- AQCt2+BVjtxBcuXqcHyAHIWjFke7gWAC4LH8hm7Gt5mcg5EKYANC0d7UNPM7k9vU
- bcZwN3sMYxfBLgrMZGpbzIXgRKxufMhTc1HSZzHs5Peq+pTz/F43dfxKOHZNWrW1
- PJoPUQwocK3MfKDjZVVnFT9PD1VwnhumTrGMRx+x/545F0tU2Zam0+vJor2VROzx
- Y7aQ2v1K0Ac4pEigL9Ld1/mou2q5PyLR5DO0zo5/u8+QP6Oqslgy+FJ6OmUZZUua
- 4G/1BVooLzbYIRRG/7kQNMmIIROQBCUP0upB7t9qvKvGs5JZwLLgv/M54yFtzI1z
- bjrYZ1AbC/XutJ81jV9HplLS8XTne3Q2NJ+C3m61VizRp04INtPmKsH1Fj4stU3w
- f0utTMTvcSeOsbIrl/rgeaEhou71sJdclqvSioAQlxdmAUqDPuffZgPnq5eeqNBL
- 9Q1dfJWjNzgKrK5wSpa43wgentHOLDsgylju/L0oDP5L0JWvpXIsB2M/maBTRxUc
- rZqKlRUxYBJ8XPsyzOQTgnJcZ+hmZTXZ7jDtP6qgLEtho+E0ubGtIpXBgeX5HN1U
- yTxDP2rWDE3fKgm17An4i+n+6IU4u0M+3s1dE0wrKpzUC2VbKBPrsGTRPNKCny7W
- UmvCla/Pixt8dYj9NTuBfoh5/m4A/uD/iVVVO54RA9u8Fg==
- -----END CERTIFICATE REQUEST-----
+ -----BEGIN CERTIFICATE REQUEST-----
+ MIIEnjCCAoYCAQAwIzEhMB8GA1UEAwwYbW9uaXRvci5pbmZyYS5jYWNlcnQub3Jn
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA7Z9Yf0kd7Jo88QH/xhQN
+ YvZrm3rL2nIz+B67HFgQu6Q1o6wqYvn6bccTjdQFhrHcDob9XpoCs18IwDIG9fBh
+ NR5kph7XjVzv40vh3tjjzfkvoKzPyEDxJI98DTTkDKK3UfsvTL0PwlS1xrBRW8Ib
+ bKmqNNA7p8VJJanzJCv0k7idpLmmyKeRoBF0HFaGynFcoOwjoLib9polUExD8kSR
+ femOLwq46BGORX7id49J3DHPQv89dm4N0BPjnWGMd1x3puk+GgptEzFDNEigNmFe
+ rojMKqoIhNEi4+bB3tz/aU6Sn0vm4Jm0tnlkrdX7O1nBvTvrwBa6jt94v0n9amvF
+ V+LzKde4ukvn8FRoEmJMaiHgSMjlU0KwawhCqC67Rf+L+nwhi4o916BcLzCMkEHb
+ CAW04uBZJdj29BwvWkfd7rrydUMZuBJIsKydJ13H9/kWUlsgqXayWpMl7qrJSx7X
+ iY0Z909Nmu6+ZphlqesRcOFyZHB4hkBP8tZA9lYHOjSBFI340Fni38cMKrJQiyKA
+ ZXUQmE/i3a1J5ZXuKmYjhha4A3MtEvxrXbWP7rokYCqShJO72ThGM6RRwnEmyL4J
+ 46eRGHta3apZjOqjHjY9Za+bGbQFjQ12/YanP8DeXh4Y3vxwxu3jkUnOf0VF//qa
+ v52iYXn9PnJlQ2GhRtTWoccCAwEAAaA2MDQGCSqGSIb3DQEJDjEnMCUwIwYDVR0R
+ BBwwGoIYbW9uaXRvci5pbmZyYS5jYWNlcnQub3JnMA0GCSqGSIb3DQEBCwUAA4IC
+ AQCt2+BVjtxBcuXqcHyAHIWjFke7gWAC4LH8hm7Gt5mcg5EKYANC0d7UNPM7k9vU
+ bcZwN3sMYxfBLgrMZGpbzIXgRKxufMhTc1HSZzHs5Peq+pTz/F43dfxKOHZNWrW1
+ PJoPUQwocK3MfKDjZVVnFT9PD1VwnhumTrGMRx+x/545F0tU2Zam0+vJor2VROzx
+ Y7aQ2v1K0Ac4pEigL9Ld1/mou2q5PyLR5DO0zo5/u8+QP6Oqslgy+FJ6OmUZZUua
+ 4G/1BVooLzbYIRRG/7kQNMmIIROQBCUP0upB7t9qvKvGs5JZwLLgv/M54yFtzI1z
+ bjrYZ1AbC/XutJ81jV9HplLS8XTne3Q2NJ+C3m61VizRp04INtPmKsH1Fj4stU3w
+ f0utTMTvcSeOsbIrl/rgeaEhou71sJdclqvSioAQlxdmAUqDPuffZgPnq5eeqNBL
+ 9Q1dfJWjNzgKrK5wSpa43wgentHOLDsgylju/L0oDP5L0JWvpXIsB2M/maBTRxUc
+ rZqKlRUxYBJ8XPsyzOQTgnJcZ+hmZTXZ7jDtP6qgLEtho+E0ubGtIpXBgeX5HN1U
+ yTxDP2rWDE3fKgm17An4i+n+6IU4u0M+3s1dE0wrKpzUC2VbKBPrsGTRPNKCny7W
+ UmvCla/Pixt8dYj9NTuBfoh5/m4A/uD/iVVVO54RA9u8Fg==
+ -----END CERTIFICATE REQUEST-----
profiles::icinga2_master::icingaweb_admins:
- icingaadmin
- jandd@cacert.org
@@ -312,79 +342,78 @@ profiles::icinga2_master::icingaweb_admins:
- mario@cacert.org
- dirk@cacert.org
profiles::icinga2_certificates::certificates:
- -
- name: monitor_client
+ - name: monitor_client
key: >
- ENC[PKCS7,MIILLQYJKoZIhvcNAQcDoIILHjCCCxoCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAfMlzYDhHEBOZ0ePImcGVWe8jUv833wi0GsRG
- oGrDtBq1G7bNe8Vjd+cpnuJtkIpvg4UUf6yU3rsMb3JL32rUUP9Jjhp8k/3D
- 8WLadEKRjahlw9kh+/iaz1AGZGiWM4CSpSOKJ24sfFr9djWm8XY0qLakY3q5
- fwz9xjKIwRhyF2bb1Z92fKNDFYO7Wa9lD7zbf7BraUAWpfL26lrpGkrZmqtM
- K4wd2RkVZe66azE0lT93aOIPrXwXWIVZL0u+6YFAQx5D/98qbtbwGEtabTSq
- TTuTikkV6nsq7eblsH3zjkT8olE3cY62VBPq1lKQNTgBWmgBbvebeRzJj8q/
- gpZNdjCCCe4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEPjAQ+687nD2HSP7
- xVzkMIWAggnAQ6dpcwNyBBKLNr4uYDAZerNqErnpRRnnJ62FpE2pR/MokRNO
- M309vB5EpbIBa09cn1PGMyQ7uaaIXydtUwxfeS6307Lfo46swoPyWvHNC+1B
- ngpiohRSJhiOUR8IUc3uwXNZ8YP8mo3bcjH9heq1WDMeAla8FiBtrdog2Rev
- bnD2A3S6ustUVIhdR9TCzIXgG1ExgW7oFUn5Iuppl8K6Wv9LPiCs/hLr20fy
- mg7QJaHHy49rm+L0X5Sf0Jg+gfHEQY5qg2NTqCb88fpYh7t4g8R5HY4QFame
- gFrj11ZeavxKrLakz0k0uB8weLUWWOE2xHj4mdh87obW5J/xwekZkYqOWHmU
- PLEyg9X441EMCBSYWFRz9HEK2Zv9Vg0qxKe++DNikVwDT9ntEYHnh43e7Iwp
- YKwvCtlxxvQGY09acLuC0l4pifpJOsqOcAUjxf3WXoe1cjsjEcL+Z3mMmerh
- 8JyXxJRp5Cu6TTMxcnQb/214/D8qYCKoPUYMddNC1G+XVosNY8QWbNp8nLUL
- DZHsvI0tgk+CV/SPRl68dx7cE1bYioyS4EausMQub4eQykZl5My9qRR5htSl
- C2zw+CP47EhsaA3zodbj6UgdYGBmhZNUOiW3oXWTKV0eSddkWcS/CmY271a9
- 6UIzE2TlRQ4w85GI8aD0W4DbsPyUvG0oay/lFYI6TzG1d6sL0rn/n1vvuUHB
- n1OSyMdzcnUS0V7mt3gmGIKCYfEjG1auMaXlLag/NPPi5lvAkn8t8fY0uRn9
- 3kYpAPCPHFpqP8L/ZwIyHf/ePvRszzbuU23wkmcguIx3+UqGvwOyaMTGiy1K
- 0ML0PUCMHPVrVDjkIHf9Tee/eFbRP9toQEofeesQtSJY6jW5zCCa/EEmmazy
- jyo1hdsSCcTpizMylT4NDGpdfc73ccMwoGcuSdTtlAolBhn0qbBvEMo/GQMZ
- JmvvOlE0BlDUGxbXE4XTrjIS2tJIL6Mrg0nQEJLB8u41i9fDJdPai3dwYlYZ
- oMUT/QX417fPKl88t6NwkfFpW8mgStqeZR0ataza5lzHC61d5C1z+Zxzh/yk
- oCgwmWFcz2kS8woi//0t3DtJB93bFbV0za9FUodcKrEcLowx3mN+g+URe5n0
- w7On4tjl4PGo5ko/15DDcRRlJlzQlUN28n0w3ENYaAgHiNKsksvXxqTL+mRo
- kDhszsQyaatutqtjN7Tj9t5p+gIkjODhz5FmQop+ZirXwNElMX7N3WeFD8Tl
- zLhopOuZ0loqaKWgTEY1hdYUINfkHTNyLIxwyYtJGPAU30q/c5qZ8opmil96
- tk6kpctBVAeNYVBfRNJYkGfNRrK7AiENuLaWGurGt05J00lSKOEQQXQuLqGy
- mPC694aJ26aqjinuWZ21TCLh+e+Oib0sVYWObCjy/cBGtMQAlvTGEt/1zs66
- K+r1C0PJkWcDwDAF0mwnxDxFq1zcPYBG8xH90DrSPMoN0edLFMencGVrqMBI
- agbUlkwePUdEc34zZ1khJbuBU/B0O8IRNY9rFQrU9ICCnKPVFvym85f0y8Ac
- BphEJrS61CDa/L7techS1GTP8joSoZnT/OzzqXRXBe9Pgp9hubcckbGwi20k
- sP4sCoChKe99wR4760z+q4JV91aVR/aKqAB+5R7aKor4ouQSaC203XzpDcOv
- x/t6+l4cPetOvV5dtqPtpv1L+nPoLr9w3JS+ZGLOwmXAAx7Zr/DD8RGd6hM/
- OHfplbHg4XYbbDG51OTj6ajRwDoDgcLQ6VHz4/3HmcaNff2VcY4DFxKSpv+D
- WSoepaN+KB+o1B4YRQ3XyuYhcAL7UlMJzA0CBmezZ2AMLTfGIaxFtwnqDMEc
- kJ+m7BP3cyk/E6CTBFVrQajC7C8Gs5nNqI1sS79pMk07S2dOX/MRFSP0hw8i
- ploMyzV6tCPAF/h9OO510W3iOqSN6nQe61BGlTgMgWKut4VWunpqZyANkIvT
- SIeTR09cpSI5fhWfMdjv07TocakibiWFRZpvpOd0dkVA0FR5BurPxYoUB0od
- FkWPGlgfTVCVuVLfVjEgig2j+YzoZM3Y/GkVu7IVkaxGI8+/uq6Hyordk051
- uDxbNDiuq0mXfL6KTiPJ/3TVPPLUnnFvEdWvgLIg4wnHpXxpkF44dFkKF4/y
- d5Ykxpc6eThoV8aIVMUl5dod68LjclHL0Iv3l7+rTE6qPrTiShONvQbIu8lv
- 5KXBK6GdjTFWz8c9Lr6zR/ABQ+XhQAlCqmwhfp+rEr1qReBEus5U4bL1ObuB
- 1AA0r6AlmjCLH9F9BA3PcNVi5Zm988chcoCjl1GTjeMVcK501l9/KYcSjIzZ
- bfaguVPCiSGG0/imDQ/QiBtDNGKHbdknJlTjBBaGWJkCFu/vpV6uzjfzMXRO
- FXc/E31UdogZfprKRt1c1WHW8ozo8hV6/2D4X+tB1Jn4bELIgSZRhB7d29tm
- jAxd8kAsCDsIK5NX0VXXzenZcut1L10lDVHcr+WOTT5lbGLgZCa508ExdtQk
- /FsgqnzNOrqlCBx2gYU9UcrMxlOf7teEHxJmoFMqe7II2M/ye6eBYdy515GR
- ywU0R8pRUuSs8njm7rYeuzG3rCd1j4RCasjbmLQLkuAVlxPjys+Hxe07jb8b
- N4VyAQsUaFruuwkIUanANJdaOA72IJyPJCZf4HCScQEKG1EkU6oHNDelE0J/
- J9zTdzuUSwfv74pk/2PExloRH42glTAB/FOoIenzrtO7XvsV+HAaqoqJQ1Gr
- 7lvjwU0B8GMijM20YQPOzhc9H34BWya5Y8BAaTbue+puAIjfLQaMPIcy/ilh
- qIrVd1sNXCJtXJ2Smo5O3wGI3Qw29pQn98x20pJUCwXwLtdRWSocSL7qWlAh
- pofd1vZ+5F5iW1XOm9//SIZ3lgHlEsWwnBL1v6mETXPA6UezJGSm2fhI14xx
- EnFI3t1K0+JSkHq45nyxHGfiS1KcHvrblNnGOHWfxKDjdIKADAMI6yP3pWrQ
- 2kmTSMSRcAN9TQxd2sFsLVe7zpFxBagp1SaXzKC/VpmWQu6Y6BNt6EjmZ7+r
- UjpnfOY8H2efR2aNzMEdvtz/mY9pdzLSHIDNSndM+RqccpbcyJKTQXIdjHiZ
- iHpfoZJ6g4VdkaXVRttaNfjuuwuAJuUaxoSdDOeswHIOIeNQ2N8e5OE0U4r7
- xvd/XDaPh2AE1061vN+InhW9lC2QrIxSrHzQoz0uVVq23D1aMyin8UHTTo1e
- h8zTkvycy4d/FiozapuXBuM49p8DgcX0kESTVnL4A99qzFr7PU4CWDQssgkU
- WGs3X/Ut0GKaJXFMwajblcJu80p7HRmaXJWIBmwe]
+ ENC[PKCS7,MIILLQYJKoZIhvcNAQcDoIILHjCCCxoCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAfMlzYDhHEBOZ0ePImcGVWe8jUv833wi0GsRG
+ oGrDtBq1G7bNe8Vjd+cpnuJtkIpvg4UUf6yU3rsMb3JL32rUUP9Jjhp8k/3D
+ 8WLadEKRjahlw9kh+/iaz1AGZGiWM4CSpSOKJ24sfFr9djWm8XY0qLakY3q5
+ fwz9xjKIwRhyF2bb1Z92fKNDFYO7Wa9lD7zbf7BraUAWpfL26lrpGkrZmqtM
+ K4wd2RkVZe66azE0lT93aOIPrXwXWIVZL0u+6YFAQx5D/98qbtbwGEtabTSq
+ TTuTikkV6nsq7eblsH3zjkT8olE3cY62VBPq1lKQNTgBWmgBbvebeRzJj8q/
+ gpZNdjCCCe4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEPjAQ+687nD2HSP7
+ xVzkMIWAggnAQ6dpcwNyBBKLNr4uYDAZerNqErnpRRnnJ62FpE2pR/MokRNO
+ M309vB5EpbIBa09cn1PGMyQ7uaaIXydtUwxfeS6307Lfo46swoPyWvHNC+1B
+ ngpiohRSJhiOUR8IUc3uwXNZ8YP8mo3bcjH9heq1WDMeAla8FiBtrdog2Rev
+ bnD2A3S6ustUVIhdR9TCzIXgG1ExgW7oFUn5Iuppl8K6Wv9LPiCs/hLr20fy
+ mg7QJaHHy49rm+L0X5Sf0Jg+gfHEQY5qg2NTqCb88fpYh7t4g8R5HY4QFame
+ gFrj11ZeavxKrLakz0k0uB8weLUWWOE2xHj4mdh87obW5J/xwekZkYqOWHmU
+ PLEyg9X441EMCBSYWFRz9HEK2Zv9Vg0qxKe++DNikVwDT9ntEYHnh43e7Iwp
+ YKwvCtlxxvQGY09acLuC0l4pifpJOsqOcAUjxf3WXoe1cjsjEcL+Z3mMmerh
+ 8JyXxJRp5Cu6TTMxcnQb/214/D8qYCKoPUYMddNC1G+XVosNY8QWbNp8nLUL
+ DZHsvI0tgk+CV/SPRl68dx7cE1bYioyS4EausMQub4eQykZl5My9qRR5htSl
+ C2zw+CP47EhsaA3zodbj6UgdYGBmhZNUOiW3oXWTKV0eSddkWcS/CmY271a9
+ 6UIzE2TlRQ4w85GI8aD0W4DbsPyUvG0oay/lFYI6TzG1d6sL0rn/n1vvuUHB
+ n1OSyMdzcnUS0V7mt3gmGIKCYfEjG1auMaXlLag/NPPi5lvAkn8t8fY0uRn9
+ 3kYpAPCPHFpqP8L/ZwIyHf/ePvRszzbuU23wkmcguIx3+UqGvwOyaMTGiy1K
+ 0ML0PUCMHPVrVDjkIHf9Tee/eFbRP9toQEofeesQtSJY6jW5zCCa/EEmmazy
+ jyo1hdsSCcTpizMylT4NDGpdfc73ccMwoGcuSdTtlAolBhn0qbBvEMo/GQMZ
+ JmvvOlE0BlDUGxbXE4XTrjIS2tJIL6Mrg0nQEJLB8u41i9fDJdPai3dwYlYZ
+ oMUT/QX417fPKl88t6NwkfFpW8mgStqeZR0ataza5lzHC61d5C1z+Zxzh/yk
+ oCgwmWFcz2kS8woi//0t3DtJB93bFbV0za9FUodcKrEcLowx3mN+g+URe5n0
+ w7On4tjl4PGo5ko/15DDcRRlJlzQlUN28n0w3ENYaAgHiNKsksvXxqTL+mRo
+ kDhszsQyaatutqtjN7Tj9t5p+gIkjODhz5FmQop+ZirXwNElMX7N3WeFD8Tl
+ zLhopOuZ0loqaKWgTEY1hdYUINfkHTNyLIxwyYtJGPAU30q/c5qZ8opmil96
+ tk6kpctBVAeNYVBfRNJYkGfNRrK7AiENuLaWGurGt05J00lSKOEQQXQuLqGy
+ mPC694aJ26aqjinuWZ21TCLh+e+Oib0sVYWObCjy/cBGtMQAlvTGEt/1zs66
+ K+r1C0PJkWcDwDAF0mwnxDxFq1zcPYBG8xH90DrSPMoN0edLFMencGVrqMBI
+ agbUlkwePUdEc34zZ1khJbuBU/B0O8IRNY9rFQrU9ICCnKPVFvym85f0y8Ac
+ BphEJrS61CDa/L7techS1GTP8joSoZnT/OzzqXRXBe9Pgp9hubcckbGwi20k
+ sP4sCoChKe99wR4760z+q4JV91aVR/aKqAB+5R7aKor4ouQSaC203XzpDcOv
+ x/t6+l4cPetOvV5dtqPtpv1L+nPoLr9w3JS+ZGLOwmXAAx7Zr/DD8RGd6hM/
+ OHfplbHg4XYbbDG51OTj6ajRwDoDgcLQ6VHz4/3HmcaNff2VcY4DFxKSpv+D
+ WSoepaN+KB+o1B4YRQ3XyuYhcAL7UlMJzA0CBmezZ2AMLTfGIaxFtwnqDMEc
+ kJ+m7BP3cyk/E6CTBFVrQajC7C8Gs5nNqI1sS79pMk07S2dOX/MRFSP0hw8i
+ ploMyzV6tCPAF/h9OO510W3iOqSN6nQe61BGlTgMgWKut4VWunpqZyANkIvT
+ SIeTR09cpSI5fhWfMdjv07TocakibiWFRZpvpOd0dkVA0FR5BurPxYoUB0od
+ FkWPGlgfTVCVuVLfVjEgig2j+YzoZM3Y/GkVu7IVkaxGI8+/uq6Hyordk051
+ uDxbNDiuq0mXfL6KTiPJ/3TVPPLUnnFvEdWvgLIg4wnHpXxpkF44dFkKF4/y
+ d5Ykxpc6eThoV8aIVMUl5dod68LjclHL0Iv3l7+rTE6qPrTiShONvQbIu8lv
+ 5KXBK6GdjTFWz8c9Lr6zR/ABQ+XhQAlCqmwhfp+rEr1qReBEus5U4bL1ObuB
+ 1AA0r6AlmjCLH9F9BA3PcNVi5Zm988chcoCjl1GTjeMVcK501l9/KYcSjIzZ
+ bfaguVPCiSGG0/imDQ/QiBtDNGKHbdknJlTjBBaGWJkCFu/vpV6uzjfzMXRO
+ FXc/E31UdogZfprKRt1c1WHW8ozo8hV6/2D4X+tB1Jn4bELIgSZRhB7d29tm
+ jAxd8kAsCDsIK5NX0VXXzenZcut1L10lDVHcr+WOTT5lbGLgZCa508ExdtQk
+ /FsgqnzNOrqlCBx2gYU9UcrMxlOf7teEHxJmoFMqe7II2M/ye6eBYdy515GR
+ ywU0R8pRUuSs8njm7rYeuzG3rCd1j4RCasjbmLQLkuAVlxPjys+Hxe07jb8b
+ N4VyAQsUaFruuwkIUanANJdaOA72IJyPJCZf4HCScQEKG1EkU6oHNDelE0J/
+ J9zTdzuUSwfv74pk/2PExloRH42glTAB/FOoIenzrtO7XvsV+HAaqoqJQ1Gr
+ 7lvjwU0B8GMijM20YQPOzhc9H34BWya5Y8BAaTbue+puAIjfLQaMPIcy/ilh
+ qIrVd1sNXCJtXJ2Smo5O3wGI3Qw29pQn98x20pJUCwXwLtdRWSocSL7qWlAh
+ pofd1vZ+5F5iW1XOm9//SIZ3lgHlEsWwnBL1v6mETXPA6UezJGSm2fhI14xx
+ EnFI3t1K0+JSkHq45nyxHGfiS1KcHvrblNnGOHWfxKDjdIKADAMI6yP3pWrQ
+ 2kmTSMSRcAN9TQxd2sFsLVe7zpFxBagp1SaXzKC/VpmWQu6Y6BNt6EjmZ7+r
+ UjpnfOY8H2efR2aNzMEdvtz/mY9pdzLSHIDNSndM+RqccpbcyJKTQXIdjHiZ
+ iHpfoZJ6g4VdkaXVRttaNfjuuwuAJuUaxoSdDOeswHIOIeNQ2N8e5OE0U4r7
+ xvd/XDaPh2AE1061vN+InhW9lC2QrIxSrHzQoz0uVVq23D1aMyin8UHTTo1e
+ h8zTkvycy4d/FiozapuXBuM49p8DgcX0kESTVnL4A99qzFr7PU4CWDQssgkU
+ WGs3X/Ut0GKaJXFMwajblcJu80p7HRmaXJWIBmwe]
certificate: |
-----BEGIN CERTIFICATE-----
- MIIGUzCCBDugAwIBAgIDAvEzMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
+ MIIGUzCCBDugAwIBAgIDAvqLMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
- BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjEwNzE2MjIyMTMwWhcNMjIwNzE2
- MjIyMTMwWjCBrzELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMG
+ BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwNjE4MTAyMTIwWhcNMjMwNjE4
+ MTAyMTIwWjCBrzELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMG
U3lkbmV5MRQwEgYDVQQKEwtDQWNlcnQgSW5jLjEcMBoGA1UECxMTSW5mcmFzdHJ1
Y3R1cmUgVGVhbTEjMCEGA1UEAxMaQ0FjZXJ0IGV4dGVybmFsIG1vbml0b3Jpbmcx
KDAmBgkqhkiG9w0BCQEWGW1vbml0b3ItY2xpZW50QGNhY2VydC5vcmcwggGiMA0G
@@ -404,15 +433,148 @@ profiles::icinga2_certificates::certificates:
IgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLmNhY2VydC5vcmcwOAYDVR0fBDEwLzAt
oCugKYYnaHR0cDovL2NybC5jYWNlcnQub3JnL2NsYXNzMy1yZXZva2UuY3JsMCQG
A1UdEQQdMBuBGW1vbml0b3ItY2xpZW50QGNhY2VydC5vcmcwDQYJKoZIhvcNAQEN
- BQADggIBAHFHlSHLdUIjuFfW2UxuCO3cBb70iU64PGeE1fTOQ1A+z3BO27bzuhH+
- jL9k0p1eTcrfcsJm9Q927WIFKaXHLAsC2E3hOtaaxPSPWzI0Aquv+BSoDd9GrQcH
- VjfAb0mPhgN9VqgdxnAFweNl6F231aq6ryxQIe4G/DDvPMQiAn3x5IUzIHgfO+L4
- xmwqu8V/biKijYclqAnIiVXYJqLMi8OPJ5o98LZudzDdhDd/6U3n8NE7qNUns1Rj
- 2GoDNFtJecGtGTLBShQTxIwfIBNOfHQjlZo0HXOoCzsMGUsT8sAKGJTprsrRdQ8g
- mj5663nnZveb0kTZdkRYZBVKwRkznAZj9ITZLj+eLXQb3Wi5BR4Rev7KdWRcE0P4
- Qdeeb9MvnM3CR5MWG9uEIZNz8TYYAxcNvjYOcEDStvqNrJ164iTierItL8Mmpnii
- 0hKDfCt08IS5S6uOHGRz+qYudB8l5uTCXdhCFqaZs4CMGUM9sylfPnMB91M5oKxB
- 7QNsTmv5qc2L62YolNpMRmQjwy3RNnLIOlcg6kkLRNTrACStYGsLVDntnLRLMrZf
- L4269s/c7qifundMMNipycxPtxtYYLZ6wl2WTVEsE175wtEPJwirK9p7NZWP0Zi+
- ZjFKUtPcj79ZDzJU4hI61SZFkTKXnOmBDj/wb3xntXueXsw9H9un
+ BQADggIBAJwRD14Jv/b0tU28CUBwp35wiez99dIbNRmcKoZ7Fghf50Rg6y+eOVo4
+ og8Tmoez6lLEzQJ1n/4WuMgnbOhhMRguCESKY90vORFC/xdc4lcOQx5rdvvj0RSQ
+ WBC2IE5eeTA3mAiagFdrYK0U/uPd7qlz6XMrPZqB68/7K0dov+afIXeNAwpKNd13
+ QCo56aygf3CiV1OiZ3IUH8YRax93kntV9Hmytx2iYDOqcM2OZB0P9GknHSWi5NGM
+ pCAFdZoLc1O+tn8Mh2AXSjerDVrnKkl0bfNNWyMnosdSEnO6awGlVsL+fDvqVL1x
+ KG9WmHJggWO/0xIrjAUBxPYl+4pJcl6O82PBRwpnVLQ9vY4Qoez7suaXmHt2cmDu
+ DrCtg7/RcgOi2bWY/GYRulSWNFKj3OfV5VDTVVPKqYVzOzHPsKtu1vEuKdxJKSRK
+ b/+KmWGnspEJXCZsoDiK3UcP/2IEX30PCpY/r/otCjXcZEahxg2Pkphrg7k5gJWB
+ C0fSPyoj3VYhJvNCPmCwLk8MDQK8XjJdi+K+5yGBb6wLeEjIwJXZZ+1Srvf4X/YK
+ lxP5NDdVSj02lC+/ydBg5yZF2IDsKkyb5FcH/Ng8reDsZDOj7CzUrvQgjpAqGrWp
+ jbv7XaRehD3SWuYfyc3twGGh2TrWMz24UIyKrco3CA+w3U06/Gip
+ -----END CERTIFICATE-----
+profiles::x509cert_common::certificates:
+ 'monitor.cacert.org':
+ certificate: |
+ -----BEGIN CERTIFICATE-----
+ MIIHHjCCBQagAwIBAgIDFR1tMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv
+ b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ
+ Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y
+ dEBjYWNlcnQub3JnMB4XDTIyMDExODE3MDEwMloXDTI0MDExODE3MDEwMlowXzEL
+ MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD
+ VQQKEwtDQWNlcnQgSW5jLjEbMBkGA1UEAxMSbW9uaXRvci5jYWNlcnQub3JnMIIC
+ IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0JB0R3KBFyoS3PwwNofaFj71
+ 6MBbFwmVhi39gUloh7Br4cQjS70ckrWcHgDz98NPrjRqz3GLfkX8THVdV919eGnG
+ 1hXsyntTbVNbXj+5/1uvNatEJMvajjkSrw446Ut/5hyU1Y2x2ewUtEoaYhszQxig
+ 0nkRTE/n7joxreQa8r5l4O1j0DytzGS2/yKWjhY6w1P4wAJNU+uYQT6YZX97gbXP
+ Ies+BjFo4Ny4/U9CAIgHm2oSWuU5xx++2PEefnfFUpn5+WC+bfZjXSS4JxLLPu6p
+ M+KPUIDNgXvaeI0KINSrX2FYr+BvcAnW5lY7N4Gf0rO+c/BD1KlSfOjYG0MU9tbQ
+ mJTwDhlcr1YL+1hLdf6a7qNfhfWOXjgc/4bPISglpnf8cpbjiTJFSerm/u3z4WxW
+ GQoG2ZReyCvA5i+9VjIDCUImN8z/z4rsu+W4LFJJMbRqdcLmUlLYF60Fcb36XyR0
+ hncGYsI9uVrVwyZXqCG1nUr1jx1js9Y0uTSWL/j3UM9mWzGIXMOIUtaWHLUjPWf6
+ k9U7ufC5MEYd4ZwGRa/O+VaPznAO7r0TeJ+NBhkzwkESaWoaboSWOyI0DLT4n5QF
+ eogTGQDPzpGOyPzaudH1LyT7O1dANvt5AsDcTXmdXLcv8FkrrnMM1uR4Yd9PVaJj
+ d33M38hmfRX7/idUv38CAwEAAaOCAccwggHDMAwGA1UdEwEB/wQCMAAwDgYDVR0P
+ AQH/BAQDAgOoMDQGA1UdJQQtMCsGCCsGAQUFBwMCBggrBgEFBQcDAQYJYIZIAYb4
+ QgQBBgorBgEEAYI3CgMDMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0
+ cDovL29jc3AuY2FjZXJ0Lm9yZy8wMQYDVR0fBCowKDAmoCSgIoYgaHR0cDovL2Ny
+ bC5jYWNlcnQub3JnL3Jldm9rZS5jcmwwggEDBgNVHREEgfswgfiCEm1vbml0b3Iu
+ Y2FjZXJ0Lm9yZ6AgBggrBgEFBQcIBaAUDBJtb25pdG9yLmNhY2VydC5vcmeCGG1v
+ bml0b3IuaW50cmEuY2FjZXJ0Lm9yZ6AmBggrBgEFBQcIBaAaDBhtb25pdG9yLmlu
+ dHJhLmNhY2VydC5vcmeCFCoubW9uaXRvci5jYWNlcnQub3JnoCIGCCsGAQUFBwgF
+ oBYMFCoubW9uaXRvci5jYWNlcnQub3JnghoqLm1vbml0b3IuaW50cmEuY2FjZXJ0
+ Lm9yZ6AoBggrBgEFBQcIBaAcDBoqLm1vbml0b3IuaW50cmEuY2FjZXJ0Lm9yZzAN
+ BgkqhkiG9w0BAQ0FAAOCAgEAX+7KL3AAtj2H0iI3lm81NB6NmnHuRjh8qn5lfTM0
+ 6z1Qmgzj96a67qX1enfQ2iktwzAo7Hxia2iiSd/C8c6fjlbxMi33kBFsSos/2W/6
+ zDtaAGqNQy0HsMYKJFuGThDzCxf6dfs/t8DW51bRMW6v2sbKsUnNWYmqTX+80liJ
+ ykp3ycyJwqWiIP6b4qXIlRhlbo9g8nP0AJBbUeDOj/yYTtjw+v5jtIUZiYZ66dqN
+ 5yq0vC9nxJ4OlVEk9NONXnTUg3Dn6ikSimQr0fp9bcvyWeCa7J53pLnIWNTwgD16
+ 7zCijJr7YAFST6omGuWpTFBeooSzSMb1q91pPdNadP6T/URxspnGOWmPdtj21JBX
+ M/6Y2IBxtyAR8b/TdkQHUvUfYpCv4IsiMMafVmMQDOnP36+fezsZdXtWVyfmBZEa
+ qv3mFtiph9KIO80wvOXEvPf5BdJiBRR2tKoW69GBIWm/ku54hJu95/+KsDsTIyVR
+ 4B1knLCqA5pdsmiNRwXsovjRVww8HZhO/J3I5vBH8NOZqXNHRkQOGbWsHdfDojf4
+ fF/OWnW6zraySUttSSF5JHkv/rNLx73H+1Z7CKOb93UMjWwQhspO2/o4ZW4B+jte
+ eOSSKzJdui+t4nP/4D1dm0DQ0qOMz87KOR0hWDlsK0/ksMhQV2HYLK4BjrB3aTpg
+ Js8=
-----END CERTIFICATE-----
+ private_key: >
+ ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEANjreYMlK5aOFN7s9b5Alt0f70mR9Qdh/Z3M4
+ JYcNrwZu3/q8ep0o2wejXMOeM9JFGfHyjz2bgZL0Pg2RUUjDdKciX39UGMb0
+ m/Xw8F7sR9l1TmI0TMzgMvrn8pySJpAXrdqE6G9jgdId2ekXSyFQulJjLmYL
+ G0//+AmGkxoKzOJPJgS9yBJu10ChShDCp+66jicqeCgSuIWnNuAFOwak8cZJ
+ nclQco4GRmaNWHs9Is62rXiisDG03MpwlDdkd/ToA8GitN0V3Pw4eRZwPuMx
+ QrDFzdUCQxWw7tFjcK0I5Ohhq7Mfz3v+bb+CBMzl26X7Um8lVKeCkPoMC6x0
+ WkwX2zCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEIVfkwGkXozbUOjK
+ L9eK2ZKAggzQ298/cbPaj7D3yNkWomJFCFdGJ6O8vHyj1LPFFv+rdPHEk3IW
+ Do2c6sl/XOz2s6froxtOZYWnv61FkCezE1bmTI4Vj6TO3nALDMXPzFp6UpbQ
+ xfkI/ZHdKwRcruKz80hAxYH39hTQg2LPR4UYhH19Ydup5ULG+2slrOW0gL57
+ hg5+Uk8vkhzi/4GrW3fR8HxhotIcpw2uJUqM1XLPwt57SKf86iJMdShXmMFp
+ Yg1M+WbAcJEjvkAJp6HMuuOmDlcs2ujTy7+qp7/Dq7RDiJH5IDPoF6Hv6vXM
+ 6ZXklcyxN2waC0RRClu6sREKgCS7Nb/MZQCgxYrPnlHtkSkkZjBREOCtiD7U
+ T1LAzHeSJOK2/fvJ5b+XW8FOs6a7UFes12YXZF3MipGeRjtXFni2PRLnb/RY
+ PUVjekf5FoGPVPHer4C4vJ2hqNB7JswDDLp2v6UDofquDnV3eYVB9eNzvcPN
+ sccAn/4Jfc5fpxC0Z7KOvQyfMMMJYDkXTR5XQ0S4F2rTzMKfF7CGnJ/E4+xR
+ 01dyllKhAymWbryXK4tZjI+yvarwVq4Nd3ViIffangilHKTo2wC8w6c/ajSb
+ +Q5LNXhWUxip9t8RXas/prs6d3pX2fwrJ5KWvhtv0orF95uTczb8PktdqkPw
+ uGVA/0aGU71GVJwxTd/iiVtua4d9KYH1YqnVtFOS1OdrY7uDzrU5DLH7NAP9
+ 5RPFaACKzY3Bl6T2Q6YkbMlWokCPPChHbnPWidnViMXXWatIv47lFb7BuRUG
+ DXnYee14xDK5gudhbch7tJ02d6ogVKFGuyKCI5Uatys2clO0lgvE69xVAHF9
+ MyEp/ERTCshc2024CV7RVrMPIjfK1eXJ5kwgn8Y1hkhGob3CqLTM6AgCu5p1
+ iKfJw5/WD92gNacXeFoT95GHQmUxedq70/UnQGc1Y+UBmcVffguFDc8tjz0m
+ 9BlrXTOtjswprN2XYw9hy2FoVNngMgUG+xHvFz/Bl8Kfv0xZ0t6FLX8+vFVs
+ 50FW809QSUuV/YXTbuergSxdYDfpLIr9ZVAP1RpXY4C9bA0ykFxYMLFrhxgK
+ 7EikjBckZWMrhTFyrTJnhkAldDcYdmHWGxiAVzVBhOlBuCo/GhSjmvldgIiA
+ XGHmuNusLnITtkBx1W8IRzjsIs+NfA+NyAoxXgJNcOMnqqQvFUhqfxsYeBYn
+ 6gnltI21Oo8Us9c99in0S+MoNs63Q3R/i3OGEVIhfe5/KiHOzf08HWCkjjBU
+ KPkCJX6FDHTq0CTbOrnVHaeiueolwBjxrBWUfPspbWpeIRTrQ+/EGnJR7bw7
+ RtTZqDGupDwsGQTPyXyBOeDweOFLAYHLp5G6osKwtxZDB/idANrJhWOVP/t5
+ wUGjKIMub+QTCXXXlA2CwuhowUmCcSQPAg5l43x02tfV6kXCAzszCV4Jq5ta
+ FoJSO7R5ZmSBA6DFnlX3hWmpjKg/u7gq8o9Ku7mQ7OZp8mNyR/lxd8RsxX9A
+ pVr7AmfaKzhF9p+Z7jxzwT5vYV7LwjX2n97A8z4yqg9s5IT2TMuRZrDGij6a
+ 9+gzjkXLzv3O2MjeUe305Bi9bRZmCgMbxrBvjkkRPUstDPsI1SdVWjsf3VeE
+ wSGNFiPAibvIawm1Rfs/QouvOSjkewzgLE9H0cwZ7GGYWiudJdnrz/MhXrlf
+ wru09UZLWA0q44jYyDX6N5qpe3r/R+xeaj1TX8QwfzvHr1bSxcEW73AJVWAC
+ OZ7YtSrbkhzsir3+nifyLghsuefkVoIMcd+zI9Npd4yvWkr7Y55M1nJmBh96
+ qGmcjBw/yZrY7TwDr/w/9zcCFHf6BkGsoYGQni8QLjtZkACSwUmrH1xIE28v
+ QFgIb+KNWCMdoaqFdiO0nrQBjKmbXNwU4KOMe466nMNzw+HCpEhKsrhuFZUR
+ PTtVVg3exDSFON/zXHOMlYH/HqU6dxvWpwn/Qbyv2rGzDGkB/CfeyG+mdt5h
+ wwxAEoBQ99grEIoLufaZDgXhTeOTur6BUTQV+UpeF0YZJdIf7kJCMTx9LajJ
+ 1z9FFo/tgzR+Jeu8C+2IKE8hbOYyjvhXwaVfXig6ciPntmjPJMr32pcLC+0K
+ y8994hbRVcRUADh6EhPBWkmATa7Ss4nNeHUw/u6VUfoIOoCHxwSEcImSuW2k
+ Z2aXSfIHYkA29aAIyK5RgUIuyQQdSrxbzny56deXw6R5pkCaZIHrkLS+P4Rm
+ B3D05D5e+zj2Zc/IvLMDvzpTb5nHTZeNxFeKmQFvqVo6DEgQDwyS049uEqB9
+ f/51/kGuCEAqOOmGSvydMfQ3RCuynusXc+IHS/s2QEuadKDYYNLOTe9QfaKy
+ gdzJthYec+9hyUXbRMgOqda2ZuS+KRvOQ9GCcK3bHeGn5jzoRv1Vw3uVVUBa
+ hJ08S7sw0LbbL5IMViUjQczHcpWqFdKPDr7+Iny9PJNCvCvAPu8iyM1t8nA2
+ wieM4uQTgXHZ1ihIqhkuFqtiyBaXvisE4r5SXp83O9jqtgnBMP1/Ap5pVDPr
+ yaQklpVCROPchA+ZwrafOho1MYpgHcwwb2hfvaeEt/n+mUnXAl9rJM8NxX3j
+ ++IS77NGHjmfcWamBxLtnrNs7yq3bH515DyidQPD+ls/L/de9Wp9LFej/2vm
+ T2HxvtXAIIaKzXV4E432IDioQxRDaBqfCqjNYjQU8dibhxvpaMWJjfyQdXLE
+ sI4zRiRgFIbZ0Mjoz0gdk4tShJBedU3yC1sWAbQgIEuGNe6FaOpEGOE29g4b
+ afvkelbGYiwguRlP7S4a5ZTy0ecs9XAjvMCb230I1unmSteHLx8qcflShKd1
+ lF1cwUuYrJiHCN3U3nA7svvyJlQ/PrPtLzw1CgWbyfyPOJHICe1BrqVtMrlK
+ GBB6z/o9TqpdI+33ktVGOmNCRwrECz+bgZBAffegDFSeyBy2xGWi091Zdfar
+ ZqgSdEK6Qp8RWbL4+nqcRa4NGXnpOjxI+zdkDJnkvLyg+LtX58+FuSc6BTZF
+ mu9sDXuF1zzKANuNAKyzNXXtXe9yBNHmmSxQ4/KBM7FHmJHs6d3OVfZVcgLG
+ V5l3CjHlYKcuRbsc0EgPg7wX87r1hjC3HgACpRHVPO427AnJ/hIsYqHTHJVs
+ PpsXjs4Rm3+IGLE67BQx2trAaufPu6TWDmsSpOSI57sDBql+uTwYhfz1w6WT
+ 6ZgLQCwzmw8GI+qhroeS/4Xr2plaSZxg0Y75JZRr/uKRNCNii6dis5x/CLzp
+ p78TB7WrS7DYyc2+3gD/LTrETXLEXLo/11+EMUZOsPxkfWnhI7uSQ4MZ5h4c
+ NnXDqb8FfGFts5gKYgqcO6nZgunjJTz33npS2phcBPIr6r5UsrOyUM9YyV/B
+ nZlrmA546B6eMXMAqnXuHMxvXWGWOT6gro+d6wrPV6ilY1unMlAh8AqE6Grt
+ thXNbGXxVMoCQ+kqnCtQ27f65PeaD4CAWHs4Y2/ezx3ecxP+tRZ3ijRZQDFk
+ qnOwEW+C5JuLYuxWuI6F6FRa+V4U7ze5RchgUb3z7vfX0yeEcS2bcxbx26+h
+ 1DosuauYQSWTO0n/XgSqPdr/AqOLRQBucwt2OCnrB136FCQ89UHnBGe6x27l
+ cp8NkHz7nWFzg9RP38YQnNJGCQP91nuR0EptVEMbr7uuLWZvMzSZMYONMl0d
+ Jwlb/tUCP0Ls1UbjPEuC6OMnh7uvTqDQOIDBHsTv9hbKxWkGOwt6T4DCiovu
+ LR2J+KNmFb+xQ4BGGKHv5apUfEPSjADgq8c07JbmuPpp2YFVUdWV0ZafFYIa
+ I1ThptVZu+oPVlOLzLLTs6ZUBZak5MNCRRd4s4canWfDxBqKSwkZV2AmPYql
+ dUpk0q4SDh/pzVJo1gCCls6/Tm9ImBOAZhZnFBzzO9wwQuzyg+HVF0M1iCwM
+ mTwxEYottQviftjcFaJzV9BGxxYfpAMZ68gnJHegSMEWF59w+P9zZbSrfMlW
+ zIuI1zbUuQO5yJXV8QvNA/YhQ3z43raBlCXy4WFT/X/5yfVgzAJO4o0SfNiv
+ yQ0UQMJzXREeQUs07JExCuvXkHU9C/EY3dILgb2xj40KV3IpbpuJQNP7DUcG
+ MlXzLjHX4WNZ/C8ly1Fr0JnbOU1UmJYHwdIP+U6B1QOe5qGmYNTavuk8sust
+ UpFiyyix6HWoURpO4At4s29z2I/kvfuet+/lvcf9F2sApJqqW+0C3YW7JDcc
+ 304/iqtbkGuG5InDQ0E507q3PO7uo6ZN5CpmrnAzVuScbRxdAhi1y5jJKe0i
+ XVw4lQXe5XdLLBE2+ECrWBWAMocWiEk+V66BxHs51rcRhtUDBfUs26XG+DwI
+ aI3egT4Dlxc72DxXm8tCnRZaNodzeCVnN+uZP3dYgDDscO1HRaWT7DQTD/Ud
+ l0ckFQ==]
+ cacerts:
+ - class3_2021
+ - class1_X0F
+ client_ca_certificates:
+ - class3_2021
+ - class1_X0F
diff --git a/hieradata/nodes/motion.yaml b/hieradata/nodes/motion.yaml
index c719313..d774543 100644
--- a/hieradata/nodes/motion.yaml
+++ b/hieradata/nodes/motion.yaml
@@ -4,38 +4,38 @@ classes:
profiles::base::admins:
- jandd
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAS9KablO0ZUn6gFXJYLMgWRb9gGWoR5SsVvow
- 2bFqpyHFUsgtlb5hm+E6XvZxrD56FI9twxSSuTdHhW+hUf1WQr34Ik/M1kFJ
- XYFKUn4WDoejCwxGYbqbptyJhPMsJh7Qgx0d7SQhrordLoI7SQ8kEbTT5yo+
- oEBPYXoTunQrkB7pSgfThRwLZPZ+xsbDPimp66imBWgXoSFBI2OO9dLVshGJ
- +M//INVZG6dOF9tPjxeKz5tTiKdZ7Qkh8/lzQrSA6PHW3MDCtxwjejCQlZjp
- 8S5bFy/Ajp7amCL5b7k/bXGX6UPHMqWgLKu0+vH5IPPe4i8Y5sU6nzOhY1mH
- pINd2zBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBFDA0rqy9ELGvgfhPS
- 826ogDClIoHwcGV6JFe+nACOgye8JBdCkvUJmlEdPUawmLrjto1ZtVHHsCks
- XJx1XYBR3vY=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAS9KablO0ZUn6gFXJYLMgWRb9gGWoR5SsVvow
+ 2bFqpyHFUsgtlb5hm+E6XvZxrD56FI9twxSSuTdHhW+hUf1WQr34Ik/M1kFJ
+ XYFKUn4WDoejCwxGYbqbptyJhPMsJh7Qgx0d7SQhrordLoI7SQ8kEbTT5yo+
+ oEBPYXoTunQrkB7pSgfThRwLZPZ+xsbDPimp66imBWgXoSFBI2OO9dLVshGJ
+ +M//INVZG6dOF9tPjxeKz5tTiKdZ7Qkh8/lzQrSA6PHW3MDCtxwjejCQlZjp
+ 8S5bFy/Ajp7amCL5b7k/bXGX6UPHMqWgLKu0+vH5IPPe4i8Y5sU6nzOhY1mH
+ pINd2zBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBFDA0rqy9ELGvgfhPS
+ 826ogDClIoHwcGV6JFe+nACOgye8JBdCkvUJmlEdPUawmLrjto1ZtVHHsCks
+ XJx1XYBR3vY=]
profiles::cacert_boardvoting::cookie_secret: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAH+GZS+H+iQKPzWUCsOXE/Lc8V5qIYleMqHZH
- 93LcnFX0m9gY6CEEDkSzlcnrtyPUsMGubmb6lIJ1zvFLxhf1HNCkJzzDxj6G
- X6cbP32QDDO7q/Gs961nuVCW2t7JysiZ+WHXTOzb5u3kHDXkdugOpxkZC19k
- Z/K7u1RFn2kxiLziWWyla6t8oCjyIfR43XeckSpHskRKS29baVKLRSz9qlFX
- saQy/KpnxNpPmIASpYOmNO8NcU7Fzfo1QfnNkjFpwxh4SbVI4CvhVWX1WdU6
- koP5e3qETucQa4eTgCS8ZwNN8IWkPMgKr+bWjYSdAI6M9pjZ2hkOfxstQ0tu
- HRjC/zBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBkBZdsVnxBj8ejMMe+
- lY7ygDA6eB64BpOOfiTQ2gdnHagIv9JeFwW9wGaD6wc+HZKfu5UKEFlkpkMg
- M9wxxAhBUlc=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAH+GZS+H+iQKPzWUCsOXE/Lc8V5qIYleMqHZH
+ 93LcnFX0m9gY6CEEDkSzlcnrtyPUsMGubmb6lIJ1zvFLxhf1HNCkJzzDxj6G
+ X6cbP32QDDO7q/Gs961nuVCW2t7JysiZ+WHXTOzb5u3kHDXkdugOpxkZC19k
+ Z/K7u1RFn2kxiLziWWyla6t8oCjyIfR43XeckSpHskRKS29baVKLRSz9qlFX
+ saQy/KpnxNpPmIASpYOmNO8NcU7Fzfo1QfnNkjFpwxh4SbVI4CvhVWX1WdU6
+ koP5e3qETucQa4eTgCS8ZwNN8IWkPMgKr+bWjYSdAI6M9pjZ2hkOfxstQ0tu
+ HRjC/zBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBkBZdsVnxBj8ejMMe+
+ lY7ygDA6eB64BpOOfiTQ2gdnHagIv9JeFwW9wGaD6wc+HZKfu5UKEFlkpkMg
+ M9wxxAhBUlc=]
profiles::cacert_boardvoting::csrf_key: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAIrQdj2r/LUGR929i202pTLTvG6vplBCOkZ3f
- /29l5wR1aajD0Kz8Jfs14PAO0a5IEksQwf875uJPKjOCWZS+WlJgrpqGHXt1
- OU89MN0ZmhsNtejQq355WmG2sY5z7PO/xfUcEAYuOcZO5a89Mitf18v+dRqy
- UEpXHsvlUI/5wCz2KNqL7BCkd/50Z+TE4OGPM4bZzvio48tUZhBMLHDUU3hr
- PQsOhih8y1qoDdFUvypp9SIqF5VWX+I9v1qhcnYpPGc2nQLEpSs9Wp3xMJhm
- owKy6zxmO2/0GUVMX6NQaIk6XLthHVgW7au3wPC5WV0pVxBgXQxDQFuWSN7W
- BUkT9DBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCYfwhgtuCfhI8cy/Lr
- /jX1gDDj1Mft02q1naNtqZy5rVQSTdbsiaN2LbufDSFaSyOKWkRcGEBXvtzx
- g9VtuODC3gU=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAIrQdj2r/LUGR929i202pTLTvG6vplBCOkZ3f
+ /29l5wR1aajD0Kz8Jfs14PAO0a5IEksQwf875uJPKjOCWZS+WlJgrpqGHXt1
+ OU89MN0ZmhsNtejQq355WmG2sY5z7PO/xfUcEAYuOcZO5a89Mitf18v+dRqy
+ UEpXHsvlUI/5wCz2KNqL7BCkd/50Z+TE4OGPM4bZzvio48tUZhBMLHDUU3hr
+ PQsOhih8y1qoDdFUvypp9SIqF5VWX+I9v1qhcnYpPGc2nQLEpSs9Wp3xMJhm
+ owKy6zxmO2/0GUVMX6NQaIk6XLthHVgW7au3wPC5WV0pVxBgXQxDQFuWSN7W
+ BUkT9DBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCYfwhgtuCfhI8cy/Lr
+ /jX1gDDj1Mft02q1naNtqZy5rVQSTdbsiaN2LbufDSFaSyOKWkRcGEBXvtzx
+ g9VtuODC3gU=]
profiles::x509cert_common::certificates:
'motion.cacert.org':
certificate: |
diff --git a/hieradata/nodes/nextcloud.yaml b/hieradata/nodes/nextcloud.yaml
index 10c5698..8241399 100644
--- a/hieradata/nodes/nextcloud.yaml
+++ b/hieradata/nodes/nextcloud.yaml
@@ -5,13 +5,13 @@ profiles::base::admins:
- jandd
- sat
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAf/+tramMebPzMWd/i/zMwITL4i0ZYjw56aoo
- Dy0XUs0W70Im3urRUQuZuwnTofhlgommsgaYdcpZbyNT0SZezMQN8IE9davi
- Yje6meB24OnsEHrdG72ZaKil/jZwSrI9IZiQcI2iQ9jQLE2of64ZJSQAQV/o
- WuE6hqHRrdNeX/mZfxNP5POqZCtKItLOP7D4rtYIOJXg1cH1auR2QG/ScSgI
- RGbDb1hxvYtzBC9mrpVMVKJANtqoWVCJtBCzy1s54U8bPnO40J8jBL6zhzQG
- BtFGXFZmI9824b2R+4v4MG/1Bwom+QPD1a3W+h+g4QIJg6QI0j9+9Wwe28fN
- ZKBdCjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCyGoJBFH0OR6RkKgsM
- grOdgDD+phhOfhpxDR186OX0h79GOz5cVdVFBoV/OiKCUjYuKfjFzFuCGw1x
- UkfGGUOJXho=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAf/+tramMebPzMWd/i/zMwITL4i0ZYjw56aoo
+ Dy0XUs0W70Im3urRUQuZuwnTofhlgommsgaYdcpZbyNT0SZezMQN8IE9davi
+ Yje6meB24OnsEHrdG72ZaKil/jZwSrI9IZiQcI2iQ9jQLE2of64ZJSQAQV/o
+ WuE6hqHRrdNeX/mZfxNP5POqZCtKItLOP7D4rtYIOJXg1cH1auR2QG/ScSgI
+ RGbDb1hxvYtzBC9mrpVMVKJANtqoWVCJtBCzy1s54U8bPnO40J8jBL6zhzQG
+ BtFGXFZmI9824b2R+4v4MG/1Bwom+QPD1a3W+h+g4QIJg6QI0j9+9Wwe28fN
+ ZKBdCjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCyGoJBFH0OR6RkKgsM
+ grOdgDD+phhOfhpxDR186OX0h79GOz5cVdVFBoV/OiKCUjYuKfjFzFuCGw1x
+ UkfGGUOJXho=]
diff --git a/hieradata/nodes/oidcdemo.yaml b/hieradata/nodes/oidcdemo.yaml
new file mode 100644
index 0000000..960e2ac
--- /dev/null
+++ b/hieradata/nodes/oidcdemo.yaml
@@ -0,0 +1,16 @@
+---
+classes:
+ - roles::oidcdemo
+profiles::base::admins:
+ - jandd
+profiles::icinga2_agent::pki_ticket: >
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBAD
+ AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAsaCrgydZz+DockvQHLqUCZ/ooT
+ lvjFmkQlLMwdwvd9tB8mK3wdkjptosytyW+6hqZ9Ue79nPs8CVGiKmwJcZ2d
+ 7ikW5asmLLvciTavqfAR3x+nDnG9xdP1zJz9RYZmKIg/FSUneReipNVx5rpS
+ S/kxveqyflMFb+x9jhQbqw1IYlqTIvOsiZ35AbRjskC/QT9errGHGXNPHrRV
+ BzytsS2OD3hrhiCdAPHinDmwjjiHFBWLt73rjffKoN4XTXdJlNuaSQhnyiUK
+ ygCC/8WCm54LENOVXiA+AZpPE6XE15EF1UrbqNNfyOiXSAL+nNg2I80MY6mJ
+ /AEWRzAKFxnN2YxzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDJjb+eyK
+ G+s2jJHm4htAsngDAlQ+yjC0OIIwWzIbG878fNkZj941AhOCscz2Kxe+Hn9D
+ pt3TNqyXIPXZnu69loaNc=]
diff --git a/hieradata/nodes/pgsql.yaml b/hieradata/nodes/pgsql.yaml
index c0eba3c..cfa6ced 100644
--- a/hieradata/nodes/pgsql.yaml
+++ b/hieradata/nodes/pgsql.yaml
@@ -4,13 +4,13 @@ classes:
profiles::base::admins:
- jandd
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAXb21L9FKfx91iFN/59W2NWuqbDHNZpx8pvGx
- 55uP3PdxPy1dWiv11mxkPt0hQNNAGdPbCRrWWjyIp0MccEWDgKEtMGz6yI0q
- InvLHpOihv3siGbIbOgWH5wNkQ+ab8syeVG/GKLcU9kJTHOLP47wyqYGSw2m
- r4bluOe3WqMbbFmvqrT3lxuyNNPaXR7jrcvyIGLH24no6VNooBoa6+yoZY6f
- VPKJeHfvflikXBn3UuGWPTTaoqoj180ZNfm0nI+p1kRHU+i1MwjQLzNihODV
- PA3WIC6Dciu3JMhm4IsgeN/sUEbM4iVkr/8U88aqulgYnPqhIpKKGVtn2zXJ
- HVJFyTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDBon/BhIcdE1/J67sF
- euz8gDA6h1hNPUkDjIxqD1njBbKSkD1HWtOndHeVQBrYA/8xv10laBcQoprd
- pryxipVIgkc=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAXb21L9FKfx91iFN/59W2NWuqbDHNZpx8pvGx
+ 55uP3PdxPy1dWiv11mxkPt0hQNNAGdPbCRrWWjyIp0MccEWDgKEtMGz6yI0q
+ InvLHpOihv3siGbIbOgWH5wNkQ+ab8syeVG/GKLcU9kJTHOLP47wyqYGSw2m
+ r4bluOe3WqMbbFmvqrT3lxuyNNPaXR7jrcvyIGLH24no6VNooBoa6+yoZY6f
+ VPKJeHfvflikXBn3UuGWPTTaoqoj180ZNfm0nI+p1kRHU+i1MwjQLzNihODV
+ PA3WIC6Dciu3JMhm4IsgeN/sUEbM4iVkr/8U88aqulgYnPqhIpKKGVtn2zXJ
+ HVJFyTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDBon/BhIcdE1/J67sF
+ euz8gDA6h1hNPUkDjIxqD1njBbKSkD1HWtOndHeVQBrYA/8xv10laBcQoprd
+ pryxipVIgkc=]
diff --git a/hieradata/nodes/proxyin.yaml b/hieradata/nodes/proxyin.yaml
index cd93e55..4454f7d 100644
--- a/hieradata/nodes/proxyin.yaml
+++ b/hieradata/nodes/proxyin.yaml
@@ -33,7 +33,7 @@ profiles::sniproxy::forwarded:
ip: "10.0.0.149"
- name: motion.cacert.org
ip: "10.0.0.117"
- port: 8443
+ port: 443
redirect_http: true
- name: nocert.svn.cacert.org
ip: "10.0.0.20"
@@ -66,13 +66,13 @@ profiles::sniproxy::forwarded:
- name: www.test3.cacert.org
ip: "10.0.0.149"
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAVh+d4e8x8Tub+RMVEeyllfUZz2VGaqIL0mW7
- ut0O6rBk61BKV08M6FlxZs8n/fE8WrYi+xGHKYaHdLpOZZ4BTxCWubhuRN5Z
- RG7hQ25+dWuzKCu3OmICzDbLRYeIVCe3b+H79OgTKRMTcq3bdZz5e8uC24QB
- D2ZJaLAZnqptmpuUNTUk+fObr7hbQRMcNCJh9F9gxiuzbHMbK81GTZiPRIja
- zEgkOa1/YPW+z/wCN8/eq28j9EHmWdFa1VH65J90EZHDCOP+6rio+cyNMO62
- Sy68oyvneM/jpCyMP6Gy6yfJV010gsgjuqXVpgaCY/vG6Hj8QgXak47cZwIs
- j6XoNDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCTWSRL9jrFqf3OQfAJ
- ovhwgDBsBmXU7Yn2QlrQEQRNcDMbVxvawLN5AO+hYWPXyCUX8+9vyiWXwBCY
- noKDG2x54fE=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAVh+d4e8x8Tub+RMVEeyllfUZz2VGaqIL0mW7
+ ut0O6rBk61BKV08M6FlxZs8n/fE8WrYi+xGHKYaHdLpOZZ4BTxCWubhuRN5Z
+ RG7hQ25+dWuzKCu3OmICzDbLRYeIVCe3b+H79OgTKRMTcq3bdZz5e8uC24QB
+ D2ZJaLAZnqptmpuUNTUk+fObr7hbQRMcNCJh9F9gxiuzbHMbK81GTZiPRIja
+ zEgkOa1/YPW+z/wCN8/eq28j9EHmWdFa1VH65J90EZHDCOP+6rio+cyNMO62
+ Sy68oyvneM/jpCyMP6Gy6yfJV010gsgjuqXVpgaCY/vG6Hj8QgXak47cZwIs
+ j6XoNDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCTWSRL9jrFqf3OQfAJ
+ ovhwgDBsBmXU7Yn2QlrQEQRNcDMbVxvawLN5AO+hYWPXyCUX8+9vyiWXwBCY
+ noKDG2x54fE=]
diff --git a/hieradata/nodes/proxyout.yaml b/hieradata/nodes/proxyout.yaml
index cac5293..04a4849 100644
--- a/hieradata/nodes/proxyout.yaml
+++ b/hieradata/nodes/proxyout.yaml
@@ -7,28 +7,30 @@ profiles::base::admins:
profiles::squid::acls:
- "blog src 10.0.0.13"
- "blog src 172.16.2.13"
+ - "code src 10.0.3.15"
- "jenkins src 10.0.0.115"
- "jenkins src 172.16.2.115"
- "puppet src 10.0.0.200"
- "puppet src 172.16.2.10"
- - "sun1 src 172.16.3.11"
+ - "test src 10.0.0.248"
- "test src 172.16.2.248"
+ - "test2 src 10.0.0.249"
+ - "testmgr src 10.0.0.148"
- "testmgr src 172.16.2.10"
- "wiki src 10.0.0.12"
- "wiki src 172.16.2.12"
- "cacert dstdomain .cacert.org"
- - "debjenkins dstdomain archives.jenkins-ci.org"
+ - "debjenkins dstdomain .jenkins-ci.org"
+ - "debjenkins dstdomain .jenkins.io"
- "debjenkins dstdomain ftp-chi.osuosl.org"
- "debjenkins dstdomain ftp-nyc.osuosl.org"
+ - "debjenkins dstdomain ftp.belnet.be"
+ - "debjenkins dstdomain ftp.halifax.rwth-aachen.de"
- "debjenkins dstdomain ftp.yz.yamagata-u.ac.jp"
- - "debjenkins dstdomain get.jenkins.io"
- "debjenkins dstdomain mirror.esuni.jp"
- "debjenkins dstdomain mirror.gruenehoelle.nl"
- - "debjenkins dstdomain mirrors.jenkins.io"
- "debjenkins dstdomain mirrors.seville-jam.es"
- "debjenkins dstdomain mirrors.tuna.tsinghua.edu.cn"
- - "debjenkins dstdomain pkg.jenkins-ci.org"
- - "debjenkins dstdomain pkg.jenkins.io"
- "debjenkins dstdomain prodjenkinsreleases.blob.core.windows.net"
- "debmariadb dstdomain mirror2.hs-esslingen.de"
- "debmirror dstdomain .debian.org"
@@ -36,7 +38,11 @@ profiles::squid::acls:
- "debpgsql dstdomain apt.postgresql.org"
- "debpuppet dstdomain apt.puppet.com"
- "debpuppet dstdomain apt.puppetlabs.com"
+ - "gitea dstdomain .gitea.io"
- "github dstdomain github.com"
+ - "github dstdomain raw.githubusercontent.com"
+ - "puppetforge dstdomain forgeapi-cdn.puppet.com"
+ - "puppetforge dstdomain forgeapi.puppet.com"
- "puppetforge dstdomain forgeapi.puppetlabs.com"
- "pypi dstdomain .pythonhosted.org"
- "pypi dstdomain pypi.org"
@@ -48,13 +54,14 @@ profiles::squid::http_access:
- "allow localnet debmirror"
- "allow localnet debpuppet"
- "allow blog wordpress"
+ - "allow code gitea"
- "allow jenkins debjenkins"
- "allow jenkins github"
- "allow jenkins pypi"
- "allow puppet puppetforge"
- "allow puppet rubygems"
- - "allow sun1 debmirror"
- "allow test github"
+ - "allow test2 github"
- "allow testmgr github"
- "allow wiki debnginx"
profiles::icinga2_agent::pki_ticket: >
diff --git a/hieradata/nodes/puppet.yaml b/hieradata/nodes/puppet.yaml
index e8b6047..983ba9a 100644
--- a/hieradata/nodes/puppet.yaml
+++ b/hieradata/nodes/puppet.yaml
@@ -10,26 +10,26 @@ profiles::puppet_server::git_pull_directories:
master: /etc/puppetlabs/code/environments/production
training: /etc/puppetlabs/code/environments/training
profiles::puppet_server::git_pull_ssh_passphrase: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAhbUQYK6aL9A43CJJoXTpgpEvKny739PCf4pQ
- pn4hkzJPV+j8+9AOIMPF9Jl4ZWJP1nClEia7/or5/ACeDzs1mIDejf7OXW2o
- nBV2QQs34VgFTNyD+szaouftcPJK25/2/EwGzn7XCnefd7xiEd1xxtogDHTp
- VDxcZMuA1/OJ7PYSkYkzRPzwHKUuqqOl2uUPZquOpQgJEYC7lkDePNd8zFvp
- XmXjaL27EhXyn3tvAjytHOhSU24F0xspK0+Xuv46AIQLztMFO5MItefUQrXF
- xSUdHR1h558pJf45YRxT9nmiDLdFUt8hLl0aUep7+kkG+7pSytQJT8GTSTFb
- 0MlwuDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDX/ycL+PdDfsZ4QGIz
- 72sBgDCNDoJmkzzjSfLIvN/Q2D0p2XBtKWrc7NkmVzZrzVZ6cLJCBornuJ72
- fOJnmPqpFng=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAhbUQYK6aL9A43CJJoXTpgpEvKny739PCf4pQ
+ pn4hkzJPV+j8+9AOIMPF9Jl4ZWJP1nClEia7/or5/ACeDzs1mIDejf7OXW2o
+ nBV2QQs34VgFTNyD+szaouftcPJK25/2/EwGzn7XCnefd7xiEd1xxtogDHTp
+ VDxcZMuA1/OJ7PYSkYkzRPzwHKUuqqOl2uUPZquOpQgJEYC7lkDePNd8zFvp
+ XmXjaL27EhXyn3tvAjytHOhSU24F0xspK0+Xuv46AIQLztMFO5MItefUQrXF
+ xSUdHR1h558pJf45YRxT9nmiDLdFUt8hLl0aUep7+kkG+7pSytQJT8GTSTFb
+ 0MlwuDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDX/ycL+PdDfsZ4QGIz
+ 72sBgDCNDoJmkzzjSfLIvN/Q2D0p2XBtKWrc7NkmVzZrzVZ6cLJCBornuJ72
+ fOJnmPqpFng=]
profiles::puppet_server::git_pull_token: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAWLS320bvmv2NSEtEFn5dFD5goJ2g3T2JDT8EylyZ5WDMdlW3w8kx4cQSju1TvjrUIRimkYMKIi9Ej2cXUEMZZoWXpdTbxBreBY5NNlzz0UWmzuwgx6qVy3Czlvhbqq2vb97W1/e30sKcaXe4Mly9UWy+pslH3KHEs4vwipZ+MaIlY76HOPVUmQBtNwaaIiY2KtBTfVGXGUp5VXYGQZsUL2K6DucT+xP3duYjK5iCPfk+w/iYz1bv3m2uT5GvsahZhCBGJNu81ZZ9MY4+WZfKwqfEN2fQz1X6mqBvpaXqE3w573SZo6K7ofhiK8q6+4QlNJ6qlLrsuetlgu8+aHYhcDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDoG8fxzhnn0Xp4Bk+Yg4RsgDDTTKABVrszTg2gZ1bZPm0ysvpoG6tSE0FVmexQjR814RSl81f7coXap/pnWwAhpPo=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAWLS320bvmv2NSEtEFn5dFD5goJ2g3T2JDT8EylyZ5WDMdlW3w8kx4cQSju1TvjrUIRimkYMKIi9Ej2cXUEMZZoWXpdTbxBreBY5NNlzz0UWmzuwgx6qVy3Czlvhbqq2vb97W1/e30sKcaXe4Mly9UWy+pslH3KHEs4vwipZ+MaIlY76HOPVUmQBtNwaaIiY2KtBTfVGXGUp5VXYGQZsUL2K6DucT+xP3duYjK5iCPfk+w/iYz1bv3m2uT5GvsahZhCBGJNu81ZZ9MY4+WZfKwqfEN2fQz1X6mqBvpaXqE3w573SZo6K7ofhiK8q6+4QlNJ6qlLrsuetlgu8+aHYhcDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDoG8fxzhnn0Xp4Bk+Yg4RsgDDTTKABVrszTg2gZ1bZPm0ysvpoG6tSE0FVmexQjR814RSl81f7coXap/pnWwAhpPo=]
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAdehEizEK2eAr85FD4XwS8dzDiIqKV2vanCjn
- yJtnyX3IZ66tJkqtUUUMW5cWDY6I5eMmmmMOdqfXi+ZJ43aXmGNw9T6p05P6
- mVIUG4opuW6Udug1eo9t0QTgtFKquuTJD+bqmvEtXvQ9JR2mKOH24OPi6kp9
- jXbj6Gf9TNbGo9LXFEMuf4PaugOiIyW3rqBqpCX6MI3Fbt5BCkPFgRSl+yxG
- 2fAdNzOz5aDVLptT5fGHCvUPUpTuVGGAToqs4JOVGob1EFfwGniWqYoyzxWq
- 1g8bJ6OJ9w3oXYDm24lqmQB7U7enzrHEnP4wRRiuzXZasoeEjQumLdOmVgZd
- sBBGGjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCixanHeFcVKKQc02XF
- oewVgDB5dfRWbXLWJUcemnGSTPZWFh7Tb7zKl4X9ihJgMsM9NDb2syw4rAfU
- DFxe1xKUOAo=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAdehEizEK2eAr85FD4XwS8dzDiIqKV2vanCjn
+ yJtnyX3IZ66tJkqtUUUMW5cWDY6I5eMmmmMOdqfXi+ZJ43aXmGNw9T6p05P6
+ mVIUG4opuW6Udug1eo9t0QTgtFKquuTJD+bqmvEtXvQ9JR2mKOH24OPi6kp9
+ jXbj6Gf9TNbGo9LXFEMuf4PaugOiIyW3rqBqpCX6MI3Fbt5BCkPFgRSl+yxG
+ 2fAdNzOz5aDVLptT5fGHCvUPUpTuVGGAToqs4JOVGob1EFfwGniWqYoyzxWq
+ 1g8bJ6OJ9w3oXYDm24lqmQB7U7enzrHEnP4wRRiuzXZasoeEjQumLdOmVgZd
+ sBBGGjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCixanHeFcVKKQc02XF
+ oewVgDB5dfRWbXLWJUcemnGSTPZWFh7Tb7zKl4X9ihJgMsM9NDb2syw4rAfU
+ DFxe1xKUOAo=]
diff --git a/hieradata/nodes/svn.yaml b/hieradata/nodes/svn.yaml
index 152e0b7..e644a10 100644
--- a/hieradata/nodes/svn.yaml
+++ b/hieradata/nodes/svn.yaml
@@ -4,28 +4,43 @@ classes:
profiles::base::admins:
- jandd
- law
-profiles::base::crl_job_enable: true
-profiles::base::crl_job_services:
- - apache2
+profiles::base::crl_job:
+ enable: true
+ hostname: svn.infra.cacert.org
+ services:
+ - apache2
+ check_url: https://monitor.infra.cacert.org:5665/v1/actions/process-check-result
+ api_user: passive-check-submit
+ api_password: >
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBAD
+ AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAM31x48NC4B2agnpHt0hEzxLLJm
+ ADhYW0Lj3JuBNj+wpK8O4GkAf9L2OlOiNAIgiX5epzbUtvtB8ayQQ2+4yuNn
+ jkgfSDvPaGU+f0mFv0CjynUEDrf2rQzevFyIfnpzN9ZSnGw2/59tpS0LyJ6M
+ Yv3NmB0mdXzPWMrgCMt+G9i/l1s9yVjOw7p7V9prpUqD7hGKG0Fg7EeM7LFJ
+ 1ovxPDDar4ZlhooM6+W3Ov5n0y/3bYaPWv+VhcVmSQvWgJw6ZqP5jhpYTqSC
+ dr8urkIi1wfSSPeiNXhK+SQS/KFZOl9dmhj6QuereRyXX1H7X7fphVltADBq
+ S3mCbxlgEEPPgTbzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDlvyMRCV
+ MAziedXFk/L9XcgDDpzkgF8ybQ+aX31v25dTxzAPEnjuvaGY5njoUEbcpkOo
+ f0mf2So5a6xrylLZCcxrw=]
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAec3jnFxK1YLgov72NUbFza8tlZSAzXnWG/rD
- QEyCaVt9mo9rT1USxkv0MRPmdKjiPx6c+3SXZu4ah1Mgln9TgwOSLy4jKuWX
- NmPo8quPag82wX/WMu4ri1npaLc2Isg8qMCe1N94uYeuN9gGhBclee9iRxpz
- wFhEs7JACkTW1ECDD5VMX/0tZMEvebjbrnEIOy3yqI/JwHSwqERl+y8LzrhH
- w/tn7oeidTBFFe5gnbRaco5LVLFcbeBNe7qmQUtnMFcZ9JAgOxBlCoa1EsLB
- LhJI6+2BqEKe8rH1qbbb2t6OMgmVzc401v48FX5+8zyK0J5QBCTul8HmCQDe
- 5hUJmTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCYhjTXRy19pOxdmsBM
- o9/cgDCuafR60F9NCrba/VThRNOJoJrfk3vwMsBVC+jJcxSqyq6jWidrqvlS
- 3bfPMwDXEkk=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAec3jnFxK1YLgov72NUbFza8tlZSAzXnWG/rD
+ QEyCaVt9mo9rT1USxkv0MRPmdKjiPx6c+3SXZu4ah1Mgln9TgwOSLy4jKuWX
+ NmPo8quPag82wX/WMu4ri1npaLc2Isg8qMCe1N94uYeuN9gGhBclee9iRxpz
+ wFhEs7JACkTW1ECDD5VMX/0tZMEvebjbrnEIOy3yqI/JwHSwqERl+y8LzrhH
+ w/tn7oeidTBFFe5gnbRaco5LVLFcbeBNe7qmQUtnMFcZ9JAgOxBlCoa1EsLB
+ LhJI6+2BqEKe8rH1qbbb2t6OMgmVzc401v48FX5+8zyK0J5QBCTul8HmCQDe
+ 5hUJmTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCYhjTXRy19pOxdmsBM
+ o9/cgDCuafR60F9NCrba/VThRNOJoJrfk3vwMsBVC+jJcxSqyq6jWidrqvlS
+ 3bfPMwDXEkk=]
profiles::x509cert_common::certificates:
'svn.cacert.org':
certificate: |
-----BEGIN CERTIFICATE-----
- MIIGpTCCBI2gAwIBAgIDAuAzMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
+ MIIGpTCCBI2gAwIBAgIDAvaWMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
- BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjAwMjIxMDgxNjQ0WhcNMjIwMjIw
- MDgxNjQ0WjBbMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
+ BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwMTIwMTYxOTU2WhcNMjQwMTIw
+ MTYxOTU2WjBbMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRcwFQYDVQQDEw5zdm4uY2FjZXJ0
Lm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJ41/UcmDSkW5+k+
JVwsbRc9XXd1ldtJVboyo3y2SG4DvjuqZbtImfPcH0f85ih9GOadMOfPDb8EvPEE
@@ -46,18 +61,18 @@ profiles::x509cert_common::certificates:
MIGigg5zdm4uY2FjZXJ0Lm9yZ6AcBggrBgEFBQcIBaAQDA5zdm4uY2FjZXJ0Lm9y
Z4ITY2VydC5zdm4uY2FjZXJ0Lm9yZ6AhBggrBgEFBQcIBaAVDBNjZXJ0LnN2bi5j
YWNlcnQub3JnghVub2NlcnQuc3ZuLmNhY2VydC5vcmegIwYIKwYBBQUHCAWgFwwV
- bm9jZXJ0LnN2bi5jYWNlcnQub3JnMA0GCSqGSIb3DQEBDQUAA4ICAQCp8PbfpxoN
- Daf/PDIbN6XWigyjQrb1j1MmVwjyFWT3D/u1zr7Ie6FG7o5DSLimFzJNy8SIG/Qe
- VAX3xY7bLFzXuSYp/wlHAGeHmS7z5YJvQr+eXfo46wU8Yqjpd8egU3z49aEQxSM4
- oLr8yr5oJawvUhhKDSTQouK/ueJORRqFmFNKQX7fGnQC55XWwk3xJg7E95P40aGg
- g5vQTEv6va/e8ZwHlx368DqZFjjVeh1LQzGEby/jbXvYqwv+CVtWiwO9N8lF3CqS
- n/64QBEhmt+krBjf/rAHAPILrsCD/DW6+AZSo3UocPDlrWOho/Nx9fGAiiDqhJc1
- ViTl0WLDyMGUFEH27QhllZfe3nJkMWFaBPbmDdWBF03GkRpyxLcPQHv4+96bneSV
- jgS4+O++CpHJ2Eq6zmlzZvdiZ6eFkvPjSQ87+6dmO8hQClDmjRYcfe58fM++9GdF
- 1zt4jG08VP/oMHaKPWwOnKjalOIyk8l8jK//GgkY9ZL/GhEekQc57Vq1MrR1e6pj
- RGEel/jkVUimFv21rkS8qWmqf4ewYIv8U4EPS1zi0M1nhA06ZOu4la2EwRbQCqex
- YPpb39Ag+YRkSDWPf74huu9EqUupjG3ozG65/qlhMEmzLORcMFIfe9qxTxBB+ow5
- MmkGKM7jh2pACdPtFDXSIJWGOxsvCsR9nw==
+ bm9jZXJ0LnN2bi5jYWNlcnQub3JnMA0GCSqGSIb3DQEBDQUAA4ICAQCdursP8tsn
+ gXBv15kTKhLyCH+E7ts2OSoa/NQychs5TP/bi3gtXunfLTlormMFcQRlnGH7cYyP
+ nlVxCHPPVGr8wVQWZSNMOQbDyaWjesFCNHvvnArjnZeNTMTfhg9UTcu2XemPgnmY
+ yqykLMnLwxCW0CqZeumFaD3BlElqs3D1SYbRUBiILqu1LgXQAY5NOFuCS/Hkf+da
+ PJX42OYGyYCOM7vG0AlJ3iW4vdvqxn5Utc4RFIptn5PLkQThmP+eW43gDWJlVvLv
+ xjyqv9VKLkaj5/OEzLAxqEnPOZRTEBRX0WQluMzLiPn+Ia+EdEkTeOghEJD3GISg
+ otNhQ4cihHnMCzWMtNlCJqyBGnwtIhmvNbQ8HGx5Now1eYmPBXyvT/syEZvHuMDw
+ /87v1dqZ38T3HAGO4OuVGw7t0ky4NjfKOkoxNWhuqO/sF73RvbtQyXTK4kaVta+y
+ pIgqaYMyWhh0uCgPei1hU3xahFdbnC7613Xtexs/5yE92deK6oXxGeehI4Vv41ht
+ p7jV5klv2dnmupqxhUqO1RT9ez/4TZ+mnjwtH4i4vH8W8dcxeNh0mlgXMEOmjo+E
+ 1GqajJd5f2Wis4EDJMpj1r0qo/NCcudt8HXdIN2edzmR2pbblztY3GPNns3MrXDQ
+ dWvtNF1azrJkTIblrxXbNf1BPkEABU/KTg==
-----END CERTIFICATE-----
private_key: >
ENC[PKCS7,MIIOHQYJKoZIhvcNAQcDoIIODjCCDgoCAQAxggEhMIIBHQIBADAFMAACAQEw
diff --git a/hieradata/nodes/test3.yaml b/hieradata/nodes/test3.yaml
index 40f9bb6..d553fa8 100644
--- a/hieradata/nodes/test3.yaml
+++ b/hieradata/nodes/test3.yaml
@@ -12,13 +12,13 @@ profiles::base::admins:
- wytze
profiles::base::crl_job_enable: false
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAMKjN59WDnskWcAtQqEliDyQZCqXlz4vLZ4p0
- nDx3yRY0XLObpodx1h9Em3XhETsm85Quh0MujnPrttb6XMh+BKNurc5kLLs6
- QWVNzRyNqm9d+1DLsKjWOnYzwvu1t35v5ZKmsnsmF/3Ek5qmWGlkoiaNajKJ
- 29z1WldM/ZBpXAOv98iPE7iF8hrqpvUOyaJ5mo5aAlLHDT1XW0GQiBPjrMYj
- sR+c7K/3HiuqA4sMsjAhQANI7CFNyvP3sgLE+sp+0PWzCXN6+4jDdUCTI4mp
- 4RL43bMkSBKgLsMxErQW6yenEYpx/gAGWTN16TaC2L3eOlmDs6yMlabLbSg3
- KNPHHDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBfXQRynNrVC5Fg/jv9
- oA/IgDD97FWwTY4zMQXU8krGLmlxJYiL6mCpdSzhfEtWYxj34Ch1Ce0J/HKa
- CW2y+asnB/I=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAMKjN59WDnskWcAtQqEliDyQZCqXlz4vLZ4p0
+ nDx3yRY0XLObpodx1h9Em3XhETsm85Quh0MujnPrttb6XMh+BKNurc5kLLs6
+ QWVNzRyNqm9d+1DLsKjWOnYzwvu1t35v5ZKmsnsmF/3Ek5qmWGlkoiaNajKJ
+ 29z1WldM/ZBpXAOv98iPE7iF8hrqpvUOyaJ5mo5aAlLHDT1XW0GQiBPjrMYj
+ sR+c7K/3HiuqA4sMsjAhQANI7CFNyvP3sgLE+sp+0PWzCXN6+4jDdUCTI4mp
+ 4RL43bMkSBKgLsMxErQW6yenEYpx/gAGWTN16TaC2L3eOlmDs6yMlabLbSg3
+ KNPHHDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBfXQRynNrVC5Fg/jv9
+ oA/IgDD97FWwTY4zMQXU8krGLmlxJYiL6mCpdSzhfEtWYxj34Ch1Ce0J/HKa
+ CW2y+asnB/I=]
diff --git a/hieradata/nodes/translations.yaml b/hieradata/nodes/translations.yaml
index dec4ae9..10c21ee 100644
--- a/hieradata/nodes/translations.yaml
+++ b/hieradata/nodes/translations.yaml
@@ -5,13 +5,143 @@ profiles::base::admins:
- jandd
- law
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAfQt55rAfM/F5sHxwF2piA0Uz+VK3wfxDfGrq
- B86bLEMxo0L6JCKAJZCbB3g030KCDwHkijGTLdWhFXmmPrtxWxLP0/gSQr2c
- zdINvFYImjree241KUkXIJXxn6pdjGLSbikgJgs9rwIvgGJLxjQZQ7SMhQg2
- Qrwg5ST8tkEqyADYeBMRrvRs53XnD3fs2RKW0hQcfejV5UTVyruVaEtCBsla
- eheWrISyIKWpTF3URj87C7VX1oO4S8eLlI79uD+hBJ1FMQydxEdg44KCfn7C
- 0SPnekHB1DsccEaVMNrabA0NuUaIuO3OacgUGIGY6wIeAQ8XU4fp/80TWg5H
- NWPIWzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAIIDfJz8DZ+wTiUrSQ
- f5zZgDBxARneBbiwCCFM/g2AmmEVOHwFjUATjdCXpURzhVEL+mrFjtakN16r
- 6tihfcnNiqE=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAfQt55rAfM/F5sHxwF2piA0Uz+VK3wfxDfGrq
+ B86bLEMxo0L6JCKAJZCbB3g030KCDwHkijGTLdWhFXmmPrtxWxLP0/gSQr2c
+ zdINvFYImjree241KUkXIJXxn6pdjGLSbikgJgs9rwIvgGJLxjQZQ7SMhQg2
+ Qrwg5ST8tkEqyADYeBMRrvRs53XnD3fs2RKW0hQcfejV5UTVyruVaEtCBsla
+ eheWrISyIKWpTF3URj87C7VX1oO4S8eLlI79uD+hBJ1FMQydxEdg44KCfn7C
+ 0SPnekHB1DsccEaVMNrabA0NuUaIuO3OacgUGIGY6wIeAQ8XU4fp/80TWg5H
+ NWPIWzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAIIDfJz8DZ+wTiUrSQ
+ f5zZgDBxARneBbiwCCFM/g2AmmEVOHwFjUATjdCXpURzhVEL+mrFjtakN16r
+ 6tihfcnNiqE=]
+profiles::x509cert_common::certificates:
+ 'translations.cacert.org':
+ certificate: |
+ -----BEGIN CERTIFICATE-----
+ MIIGlzCCBH+gAwIBAgIDFR20MA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv
+ b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ
+ Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y
+ dEBjYWNlcnQub3JnMB4XDTIyMDEyMDE3MTcxOVoXDTI0MDEyMDE3MTcxOVowZDEL
+ MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD
+ VQQKEwtDQWNlcnQgSW5jLjEgMB4GA1UEAxMXdHJhbnNsYXRpb25zLmNhY2VydC5v
+ cmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDQLVTsH5bhb4paZBjW
+ JI2/t05yY6N9h3KnM6+KOtd4yp2a5BGO1NmJDzBT9s6+a/SPQe+Xj1/KBIgahOl1
+ 3cIcFoqermTd55hKZ+9CXXt4gn1scXpLTPDK43h6KUd66LkGjao4nWe4vqr1BmYX
+ fGWVBT1QAxrgMgtr/zHPdEY3BvSQVIN1P+OpXNMLwgTJ8AaBa28sLWzd2CPJG7Z6
+ 0Yi/rlaEkCTldkQW7lLpsyymXZXRbt39xk0+sbcjEMOyz+zBPn+xU/x6bHgx7G3R
+ 1+w73zHRJrftNnqZt8D+7nCW8HhRPz9W8qDQufEiEfmggtcdAqBvxl6pD6lDNGoy
+ jlQ2tsd60y5KmOM1nZjNpeFksdJlAnlD/vwLiJHs1+1Y0STcwMMHyromY5JmqWAC
+ M7j1JzFELI2gaKjczqzeuBjDfb+hzyTlMnW1ol8KKFk2QKssxNTVHLrCvAUz9HUz
+ 6QAk2iRaZWDmp3Ki2tZJwWjHEZ/Z1MEiTrR/zfJEIjX3/9wg2R3dMcVbPrnPz0YL
+ lOsCOhcSpgEGm0vworplRW9desHSGzSo/BH5Z9iOz3vr3gOYc6cfM+6okIvooIUD
+ 5k4lp3kOiIHZT7INN+ifVXQ7X/wQgQZnmh12eoFEbO0FfzDfDyYRJ6rkrGtY72jq
+ tGbEe/0fdBXT68SJmwrOAzA6WQIDAQABo4IBOzCCATcwDAYDVR0TAQH/BAIwADAO
+ BgNVHQ8BAf8EBAMCA6gwNAYDVR0lBC0wKwYIKwYBBQUHAwIGCCsGAQUFBwMBBglg
+ hkgBhvhCBAEGCisGAQQBgjcKAwMwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAB
+ hhdodHRwOi8vb2NzcC5jYWNlcnQub3JnLzAxBgNVHR8EKjAoMCagJKAihiBodHRw
+ Oi8vY3JsLmNhY2VydC5vcmcvcmV2b2tlLmNybDB5BgNVHREEcjBwghd0cmFuc2xh
+ dGlvbnMuY2FjZXJ0Lm9yZ6AlBggrBgEFBQcIBaAZDBd0cmFuc2xhdGlvbnMuY2Fj
+ ZXJ0Lm9yZ4IPbDEwbi5jYWNlcnQub3JnoB0GCCsGAQUFBwgFoBEMD2wxMG4uY2Fj
+ ZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAIFGJf5ZesTA5UbfghQ6RVnbHA0s7
+ Kk+BEVOT8HTvUEGGiYWm6rQXAO4lHqkVt6kNwpLRgKoS/X49p5oY1DRR8dMJO41Z
+ is2uZrlHA80x6TYwvpb1R0MaEhk7jvpZscc8IlXpN453cp/d2EK2SOc3SjJJ5K6W
+ eZkxKhXe8DCLMpLdp/Y/PmWs9r42l7Egg4xZMzeBk7vPjXg9YEBWSJu7uqEO9E4r
+ p4IYsSD8FT2IRMtAkycSl1rlNK2iu3133WKSFz2eBf8K0tGBGM1p76DGHgcyRU2a
+ 8VEGwdMvc4rN+ma6j8/IH178i6onBkiFtoE8KjKz/WrxBMZQaAkvcM0wNVow3DQr
+ DXFnqDUUyLscVAWSlScfHotl/xnh71zkAawLjr/eEKlO34++l3UMw9Hz++f+2Twb
+ DZW+ovVg6zTQV/FREvlqLo+GbmJreY1tbMlIY2yNfoIIrmLD1i5h7fEN2QEU8GJZ
+ D/ZCXPIk2OBARnmZvBw1m9zqnGLgSOjQzofJLxrOYbGJEsSYuz+CyiDaoyZGutIL
+ Tfb4tPBUyNwDXTKGlCo6lnKT9XadGkcVRP9tpKhubMBeJj1MLkYXf02eqnaTbIQD
+ IGqBZwLyPiVB11tvivdm4ITEvBz1hxWMGihq/rUH3+Q9qggQNrd17QgCpx0UPG8E
+ lXFcjN0aUi8RKW0=
+ -----END CERTIFICATE-----
+ private_key: >
+ ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAS8NdfqhFaOE8DIdyn2yLz454Xh3DQ6Mh/s3h
+ N/mhRm2igz1S1ZDIOhRSiG/GkGDjJiRm+r1yTqdVk2mvqJJDVSquta4STjeu
+ 8DFz5qUF6528mwE/gsqbX3tP7HAXHNro83/3g27ymaqXGpm+p4A0JMiDl8Db
+ nRR1nOpALWoFJtdGIO1Z4DI++tIoQ3fHSxlxx9/vlRsu7Upil/5TT5U+Dnp+
+ kxu7oMPJaZONkAVAck7owZs9EOTpS8wg8d0zzFIEEOtd4ZpirDqaeDlhwzsA
+ sLTZpRfZwbH7NDP5MsSuRfJsJOgbOM5PvuUhUpqYow3jOyAAVcW2bILC4woc
+ uZ0LXzCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEF5KRUmRrutgGvwQ
+ vSva1lGAggzQFxQtKYWClicQXTxlxBx7SdNMQPzTQlgr9l6/DnTYh+C2iECB
+ iacq/OVET8PzIiiXeH+fHTbTBpUVcbHSLkS/5gWP9M0UrXqW6DkuUWKTt5yL
+ BSdNkDpsaVTgM7XfUG8fvvlPKh5YwKHkBrZSA/mb6mWVV+Ng8kGjy3mdw0qL
+ H2/d3TYVL0AkKKwPSpkU0VTSeOCf/4kmV8K9/XvRzz4Kf1tTrGSHXoqFsGDo
+ v7M4e87twixMJIMBbLcyTwoxXJvVTzeRNIgShB8a9ayoP/iunGPA18SxH7KV
+ mU3pmsIxv/IbR9sL7XRes1Rso539IHzM7lRbcqm6jMThX1FGs25ih170BpVN
+ aLUOE6/ik+O0Rg53AmcWG5cmzNW+Lv9cEjxMV2c/4g6m3uFvP+mEEUogL9xc
+ hCaSErZfNFSBWzTC6x7bpKd+0sm6Acz5Fo/3WTt2lPbe9yx348BZ1V0bUsjp
+ IdpQ84j49sA1xvCe6l4wd9IJNILN7zOQJSqK9c0g5q6jH/zscPWrcrq72IHP
+ EN+83tGiPIO5Zb5LVUA0oHI3LLO5RjwpM1vI8p18wX5q6Ay7AtWKkI/hqCei
+ LokbLQnK/rOAwz8iH23jFGluI03ekbP0y4zb3Nz3M1hUvesR23HR0S8vaQA4
+ 48B6KJABEOsVeXQ6hygK/IOfWgLQYm8dbwqDtfIRGm+HWSBYSh9iXVUoPI2A
+ +8V57UaBTTVFcTts4nyX8gJOgAd6awuu+v6YOBQdiPnhKP/JGYY91SjPP/4k
+ C2RIb/AzQtXsft3v5FtEx5fM3iwSUeFcJ3GdivbdysNXRLV/4STxq86HTy+M
+ hHtnF3uhidO8Osbh8NrA5sHUtRYvJ8ymWmIWFDKx6+qeBK9MOstd7Gg4nRGe
+ ++VCP7ziXl9urr9UmO/gHOEK7c5G0OzrAZCzprCkEh8qyu/PiBPcA/D367rH
+ E+LtyIZYDL/q33j8jpE2J+wYWKzldkevZDfQV8w+QhS//eUgzdqxgesBMy+H
+ NM920u4fjP1KK/fBec92ZdgXz5TLsY+ZY5KjQqDZ8gBfl0HIWujHTreQz1sC
+ JSfKMgH7R1JZBJq91gB2vmnHx3szakHdHWzFEwXmM5zY+W69fbcQqemoW7bL
+ 86xSOtnqbKahVabynZfyPsasNYYf+aglBdJy/dpvY8yspvSolHVoNMnNR8Hq
+ cJqw3KYQgj3mOVb2r0kgOSWKYrOARrbjNeuDBGcEPWZIwSqQ/v9KT370o8jI
+ MYfxi1JEYKkgV0ytR28YyMkWGam8Me3Pa6VxLmt+8jzv3IRqbNgeG3tlUrxm
+ Hijvdf1qZfIHKRZRtOjHMPfDRVBs6xmRmaY6JuI3q4bhbZJfD6wjh0xKPHZM
+ rh7tvWS+uCuhZQlpImXZIoY3kfvpbG3u8plwU3eJmpePzgSXqYBuu7Ju2Xza
+ 22oWDFAtwODzsrbfgXspZHjySc64+XgkPM5UWgzb3QDSx/fXlu2PA3y1LzN8
+ kgv27GJBScQgqPL+u60Asvsmlg0WxG6E4FsEzl2PVpe13BzepPSD/p8SH8Up
+ D3NArWp7GPPbrktGRdEoL2p4Z4Cu2Rl09ATx7NyKPBLJu+tSWAv5GnFMsWSs
+ ldpvYNxMryUVh/saJigQzeG7ls33J8itH0uAcP8zFaN5W51aUqbpu73ASmjo
+ JWrORyxbsfD2StZv3KiRsNVw2P6wcai6ez88/bNJaaqQoUZEFSKtFT+kFr6g
+ scZahCMAG86xe2vUuGqp4xiwbAsMQ2ldDM5hRf+EbuY/OyXgD9FYy0vAEyNG
+ lms1nbRfTtHvGHYnLB/7wIgJeqn/m/2A372iF4nNvayE274IVZldnfCrF+xa
+ 4Ga/XKarmnBeAFpQqdFc5F3CIoy70zy1VRFmCXEFrE4k1yARjEpIiVM48ZiJ
+ k+RGae4i+09hxN8ynKWoCXoej1Dpe3RBUdQiBXVKnOF3oPTSXJGvZ2QHGbuq
+ 4t2JG0waDu7z8qOeXieduJ9AVImXKbNl4c/pUfYWu1Dyqc8efq+YCynsrpL8
+ 0FkFXYUOyeA0n5T0742QRZe74sx+kh5YGJIeqDkeMgF4Kx/b04RHrXdmO4Fj
+ r6PEYKbb71CM7qrJL1s5eNHuOfN+SI/iiZ4r5inE6eVrpEf95bab1WwVGbRg
+ 5S88ibPYe9iHfz9KeeEFL0SLvw348WxLrKFk2iF3VwcmtXs2YPAE3un31dI2
+ nxpNlAxGT0XIj/61mNjuxtKiKV3YF45q70oYXUW98+Lwz4yLlW9lJC1zQXF/
+ DnujyHuUqtTtWVc9djLyHCOHglwFCjQgWBw/cXlZWJzmMZ7bGRCT7EV+AwE9
+ aHzX9xDnpRL/V9VQTw8rFSkEfqHUdwRXoV5Ek4ZAwu9BQgaU+rDgwZv0tB/K
+ 2lbYHVkyP4M9ZCr0mjxSYyLMjp0oiA/OliT14zewt+/1x1hVrduUevVuoPE9
+ 8sgW2VJIxO3m2/DFpLQIiKxLSCX3Bq3KGeT68T+s2YP484XKbJEzAM06CV8X
+ uVgNdkECx5UzKXZe3VTOoLZ0SONQpjZjgDB3H15w7u+KGZydqBslKA+5LSlD
+ 9yBdukPfWqPnPBC9LGfzaGX0ybvUs9x2Thy+ide/i/hkGveyv60mjU56+xq+
+ PXiy/vbZCnuwy50E7QT/3ecjemPXLo0nLmwMn66dYsEbyp0I6y4JEBhUGfRp
+ zl0QWD53NKC5qP/qtbI/Pa6Zr0uDP4ON5ioRkFay1eMpdZRY2Ww924637/OK
+ 6nrRtZFtn8Brtye62N7ml1PgpjWkbxS44vL1ESTF4LjzCsVaKmSmxvIVyXuS
+ uxo9jAGolzArzjCmtDAV0Law8Haiz9b3QCgCr5ocS33/VGb/OiiZvB4ODQDj
+ EuFytCM47uN0XJm1B8gr+zHsumBEntlJSW5e8X7lCnIgQHf2CY9PERIJxuED
+ qEEBk0sFDbFgdA8sqkLBERkJ49ko2gny7q5eePCdNJi1fwJbVe7EIHAbZsZE
+ kAOKKhV6hnnkbYVLBaqZOhxztMDDgdAMD2z1y6p10+RYMK42xTqgEvg5uTmM
+ PGCDgZwmlW0N6vaVJrxPU8UbWLiHH56jn/SjVk5rPCaWkveqroYB1/xF3REA
+ dKSUaPRq+nlcHtvGTz3eRiqwMGaJn91V+oaENPl3AEQKuSrUmWtih1v4spQK
+ J7uKPSnlnu+ghlqfDfFA67biFQL16E+y0uWnjflPazuSknfRWaeruR+7jQOr
+ nFeabd++klfOefXvABFg+4POKYzxzpHWAc27jwic+pu2o9t9ILAArHL71W53
+ qx7TbQkjWOQ0l1IlxMgmGhlso/4D/kcU1nWY5hTJjt/SVrbZfwsAntvHsLIm
+ ectVA0fxTE9dFhx+lLDaQlsgZar44dJ0HemTJmphZBenywG1oO4Gbw0D3ciM
+ 6TOmMznninEjVbndpb10+bXOCRDsm9McYuzVB/5t+V0r9XCsEAioCpwE4Lhm
+ qoKJCVKrv7GLWA0rcjrKaCXCxiVqMqDALe0mCuM9x/kV8L/PqARgAhldrY0L
+ lOGvl6wEijBYmVt3YiI4WVB58ar7rqyRkScSDMRIumZ5tAMSNb8RAaYrL9XZ
+ MYjcIg1JJO78IDrfzCy9epd3GCVntgz6YMle3jpsg2tvp++/jyBouPowBPup
+ 7PDdp1fras71sGtHkmgD7EguPKLU+K+D0rEUr1wwg1Lp3dbYpRSk5D4bgolR
+ LMyWyGAmm8ZpYzkwlsHFryOjxw3vEp8/BvVjMKk9nDsO/0c2eW/pOCNEH/i0
+ Zzm1mF/WAleuifUQE/fhrameLgYnpJhFLhEgjiCSkUKbzXJzODSX95Yyntuc
+ AbU+IqMeNbnNUcFuH7hketYY/qpHUI+AfwFntj+PDvmisesypRnwV9tUxQ9A
+ RyC0Ji++v2LQ9mQmUSg9m0XzW1neV7EL5Ud1fbZebg/xlvLgugewFoF4hwT0
+ moNEnR4+UWP33gGzpf/dudrdiKKDhE0QIKwHR8hGP2DVaxs0ZByIioQuiJp1
+ JltyWN9AjBZM95gCtnDPAoNG5MPkE6YSAoZd3ML7cvIO8icZ8arNsteSVWZ+
+ rNRkuqtUo2z/6cLocmfuy0UeFDQfcUO2eJy12L6m0aLifTgRL/yTczr2NHv4
+ eIpJPx7Or6ths2RESIjVZ3CFI1aimCy1ib4WDGB43KQUUhbvrkwVgFEkynFy
+ ErV+Ds866A0otNVTzSKLngO9CXlktCQxuvsexAg5V27VLWgj1hr2qOm/4ooZ
+ NCA6Ih7dA6SwfdjC/hR1eOt9fJeZn9qepsjQOsJnDEkPDF4KrIq2hRn7zTg4
+ D+u44yGXKu8yHRlmdHFMxKbsrVLj8ETiBjG6tT6DPth52m1cgj7cxwWUrr1N
+ OyPnXw==]
+ cacerts:
+ - class3_2021
+ - class1_X0F
+ client_ca_certificates:
+ - class3_2021
+ - class1_X0F
diff --git a/hieradata/nodes/web.yaml b/hieradata/nodes/web.yaml
index 36ca38d..d406b37 100644
--- a/hieradata/nodes/web.yaml
+++ b/hieradata/nodes/web.yaml
@@ -5,16 +5,16 @@ profiles::base::admins:
- jandd
- law
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAMqkR/DWeLFAWqlr3jgDHss1geIoCQ3uyvLYN
- 8ZIGs2H9GBOt5hLtauxpG5U8oWwg/G4blCEFHAHt7XUrGHW57hLc18uA5pz0
- rxRoKvrHVWBevsjvGK4lvmI3lfhY4EShqFT80O9u0Pn2XxyM0vmlDhpHuNb7
- dqCp2d9hHnvM+/5rqIlYqMPfWQbmO1bYnE+x1pbHiZg+qzeT0klYJUbL+fUz
- ZiDuJi0yDbqsX1pAB4NdQVD864IjvENg7TNxBY2Cqoa3XjnayBANOT5HdXKw
- yjf8+UvfpbXEc5QohyBMQDfzxZ8MgAbjRWd4+AmIIy+tbrdqQMMyhZ9ILAlM
- HJyrfzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDB9xfyP2Mjapd/vzRW
- ek3UgDBo03zKwbxJ6uooqQ/68zHDKAj0gh2Kpe8tGdbnKm1dOHIpru/5zjob
- 2gNuQB6szY0=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAMqkR/DWeLFAWqlr3jgDHss1geIoCQ3uyvLYN
+ 8ZIGs2H9GBOt5hLtauxpG5U8oWwg/G4blCEFHAHt7XUrGHW57hLc18uA5pz0
+ rxRoKvrHVWBevsjvGK4lvmI3lfhY4EShqFT80O9u0Pn2XxyM0vmlDhpHuNb7
+ dqCp2d9hHnvM+/5rqIlYqMPfWQbmO1bYnE+x1pbHiZg+qzeT0klYJUbL+fUz
+ ZiDuJi0yDbqsX1pAB4NdQVD864IjvENg7TNxBY2Cqoa3XjnayBANOT5HdXKw
+ yjf8+UvfpbXEc5QohyBMQDfzxZ8MgAbjRWd4+AmIIy+tbrdqQMMyhZ9ILAlM
+ HJyrfzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDB9xfyP2Mjapd/vzRW
+ ek3UgDBo03zKwbxJ6uooqQ/68zHDKAj0gh2Kpe8tGdbnKm1dOHIpru/5zjob
+ 2gNuQB6szY0=]
profiles::web_proxy::ssl_certificates:
'web.cacert.org':
key: >
@@ -102,10 +102,10 @@ profiles::web_proxy::ssl_certificates:
yI336g==]
certificate: |
-----BEGIN CERTIFICATE-----
- MIIGLDCCBBSgAwIBAgIDAt7SMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
+ MIIGLDCCBBSgAwIBAgIDAvXJMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
- BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjAwMTIzMjAwNjQ3WhcNMjIwMTIy
- MjAwNjQ3WjBbMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
+ BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjExMjI0MTA0MTE5WhcNMjMxMjI0
+ MTA0MTE5WjBbMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRcwFQYDVQQDEw53ZWIuY2FjZXJ0
Lm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANPTMXkQ6HPQfIBj
oMdQNDYIjn+prNkj3ERoYxO9P+rrC1NBl60XHay3ed0oi73HI+CKWJ0e+0bKdgH9
@@ -124,17 +124,17 @@ profiles::web_proxy::ssl_certificates:
hhdodHRwOi8vb2NzcC5jYWNlcnQub3JnLzA4BgNVHR8EMTAvMC2gK6AphidodHRw
Oi8vY3JsLmNhY2VydC5vcmcvY2xhc3MzLXJldm9rZS5jcmwwNwYDVR0RBDAwLoIO
d2ViLmNhY2VydC5vcmegHAYIKwYBBQUHCAWgEAwOd2ViLmNhY2VydC5vcmcwDQYJ
- KoZIhvcNAQENBQADggIBAE+sKagTkNNQkUniq5igSX41g3c8Z8uzR3CEC6/B84Tk
- dIFu3uknS8CVYFw+eUj33LOed4r1WX8SLx5PUxH2GRfIOeKcAS87wwC8U9Ek0C6+
- QXqLnVur3UeNZNjzAD5trBwWNmm+9ZCwGJLDFqC5rvH6dKA7Ipq5WenGmByRmVOT
- gJW9l/jZyKVsiOyRi+6q3KFRpCM19NsB8P0JAcwxirfDipODn74AV7cf+DFGr2bq
- tQ4luTzn2pkOUFE97H3EuPv5GFzAD9LFrqB7oodusC0jTGbIKTT3ai2UF4Ndp5rB
- aywEiQG27AU7hbsJCv3OsZaKTPSODvpy/lNjhFOaSdKIUuOpegPGYE926bBEOYmd
- TtSZGhsa7o0vRs6VkdSR78jmsVff0ST7qwGKTM85P6SkJs1xzeVWy+hHCTDEkmp7
- 07k6zKgXfbsqLdDeKUwlvyN1kS4Os73VRMLHr+AzF1mRGzT3QCWMinEF1L62ydzP
- qllZ1Bnp72Wzxq0qq8lz6ctXNOS04cvWUw476kel54x0oaVO1ZzxevJ5UvR67d/c
- j/k/87NUyUL5LviFsJrQZCTXqu8ev6m5wLTMFxGBLxOKUuw3S7t5jBmhF1iIpWeI
- rvabfx+0n1L9RqNgbTdqvWOf0nKUQCRjCWnEvh084LvdMuPUf0SrM5hibZn5uiLA
+ KoZIhvcNAQENBQADggIBAD8GaQRcIIDtwwwxjlBDWBv5p6R669wfzuTqSSnAhFs7
+ bGajS4Loge0x1csQNRao469OidvsJVZqM3/C1Yz4pfAIVHx1cOXHrryr/e/CWS8q
+ leSxM0+edkz9qju6yAxvOEHJdhQsiO5/kaw5adwJflfs9BJDPkuae+Z3s6qKZjdZ
+ OQMlYrFTySVzbl++Uo+aZWT3OHX5VrkppgK5IHM623DUnCUg/0uXBxz4O4l+dPEA
+ LGCJ+8nj9OOz+bDwxCDsQ4McxXsP/4O7GjIPGQmw1GnL+LO+pII5hKTIZAkq75OW
+ XlkhAkWYlpurK5ZUyCyo206yNcOaYzpv18mL9eBme1UJywYOs61HBr+W5KuQq8XL
+ B9pAMe30xgyz+NLrdFGE+V886O+wb5/XII+voLtX2PZD/L8H9WzWqf39TBtL3pfU
+ X7m8Ya4d4psvserKl+ZoQV2+fBgGehKyxdUfYy7+DYgG1Oh3IY6gu24WFN8s90oy
+ kmu5HCPc0lw5jP5ryHe26q5YDNYUjf6Y5p0RMHTvCi1BehT1QAREc3/DAqiHs5qY
+ Itb2RoVrqPOVuHdpvOyuTMMmfiurqPACv3mU+Kdjay29GDpTPbpmxtSfQLcWqfUp
+ paF6GBpvZvQk2PVf7ig/FSA81UCoH/gIJ3iaZR7sJ+iXZ+jS2dw8D+csLLLvRoD/
-----END CERTIFICATE-----
'codedocs.cacert.org':
key: >
@@ -222,10 +222,10 @@ profiles::web_proxy::ssl_certificates:
jkpGlA==]
certificate: |
-----BEGIN CERTIFICATE-----
- MIIGPTCCBCWgAwIBAgIDAudeMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
+ MIIGPTCCBCWgAwIBAgIDAvtcMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
- BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjAxMDAyMTUzODQyWhcNMjIxMDAy
- MTUzODQyWjBgMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
+ BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwOTAxMTU1NzAyWhcNMjQwODMx
+ MTU1NzAyWjBgMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRwwGgYDVQQDExNjb2RlZG9jcy5j
YWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9y+uLMOT
WB8okSFW9A7/62mogifOBHZ9hlpgAozeyeREhWjZ7oGNot3F6GNjQAA5Xh2TaD4a
@@ -244,18 +244,18 @@ profiles::web_proxy::ssl_certificates:
BgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9yZy8wOAYDVR0fBDEwLzAtoCug
KYYnaHR0cDovL2NybC5jYWNlcnQub3JnL2NsYXNzMy1yZXZva2UuY3JsMEEGA1Ud
EQQ6MDiCE2NvZGVkb2NzLmNhY2VydC5vcmegIQYIKwYBBQUHCAWgFQwTY29kZWRv
- Y3MuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAM2Y0mjhkyhZKLz4imIOv
- /fb6ybSchNLDk/nyrETTTARLqo8Q5+VHnKFNi+7Gx8H+TeVTRxXGRkMTmDC3EXPW
- yB4JECcjdMv7/ZYbkrIgpy4IKnzn+3xSfll9WXU0ubOMnFS1d+A8vIaOeYcuGOEW
- QpaSCKTFDy/R7KypxspirI5TtlLu0iOr8MuwwzXNOXIjf9HhW7dCSIRCz//3CsTQ
- qULnlr+JvoY5fznvAoopF+4ipwJ3AQFOeXol8VHQbwMgkxN0eNd3THnORmOWVKrQ
- 5XaYDDWpDRVTbuLAS3OpZmPEMRWlQgPHpb0kBFUlmmoCedgEdvgEHqY1896omVJ/
- 1OahCzbSutHirglsHqQPTKxTWB9flDiR6JuGZOyyw1I3FJJXZ/KNMqUL3PCanc6M
- jLtYov3BYGDr9rummjnsGj3GqqaJeqk09DcfJ72HR5CQ2w5JXMSA2OnBWyDw0wJG
- +89vupFzPeXo18ICVdY6yzL7mTO9HxDlmXoL5IfH9TniL9U1ijCgyIecMrykHMDF
- KXdYwApYZ86wbHLr0c/fW4R66yhLCYRpaBji87qDp5qzDn1KdglBVESa3WRBNu6E
- J99sOFDEQXU1iS141lMrIHHCVsQUSYYPF03X4+EgcyhI6uLU9a6rIYG+idHIeod8
- KxlE15huNRuCqBg5d4M/mfM=
+ Y3MuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEATAlcw6eN/Cm003SYIF+n
+ h1LYKOTh2Ll5Id/KoBO/hmzQvpxnAixPAWoo5/Qj50qBLKw9dVn693p6E0eFnjfH
+ H7DB5Kp0adPgAK1KeZoyCQtnMStwEcrdXoTk+RXelZ2p4uFTDuxu/3Ucb9VWa4of
+ sTLmPTOThh46/RL3agWB0XNaQuPIs3E+1aEraSDKiIR+45ySDhFflANWZTur/Elg
+ SeoVynXdOjwf0sMv2uL08YD/xm0OTXnxVXEiJJNXgS7Emiay784t+7qiTH9jNex6
+ CvGpHh7T8FS1bkCe5lX/Sxqf4U51QUxt6jXu1qkK0tBiqnsLQuJoEJHPdDrLkTFc
+ Cja3eeILRvqVPqGY8oL5HYr+LgXeRN4+NhE8L8Q4fvRx8pkNoPxGRy9npoFboNZI
+ Z7BULpwtIobHYHtowlyKpiNbgwe4iK44VrVmPDNQaCha0D2P/4TZtZNgajcvybtv
+ Caw2MaAPg/jsch7QLD54cCFD3RjoYMLD0kTphSUAmD1doCaPp3M9ZnXDcuGjYGDC
+ wMMwmJ9IkLGmsC75ytRBBZH5SItV3S8sa63DwhaRCJSKEC5yIUto82Mfa0MujxUt
+ J1E08Kg/VX0ca7l3aAFORBXSvle7XmFDzfq87sgbF9ZvzEmk6uMtc3ydpTGxvW+I
+ uBDpBqkvq+//lKzww7J7NAk=
-----END CERTIFICATE-----
'funding.cacert.org':
key: >
@@ -342,10 +342,10 @@ profiles::web_proxy::ssl_certificates:
A2A5aApGS+1a855WLr6+dCY=]
certificate: |
-----BEGIN CERTIFICATE-----
- MIIGOjCCBCKgAwIBAgIDAur2MA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
+ MIIGOjCCBCKgAwIBAgIDAvyMMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
- BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjEwMTE3MTg1MzUxWhcNMjMwMTE3
- MTg1MzUxWjBfMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
+ BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIxMjE4MDkzNTIyWhcNMjQxMjE3
+ MDkzNTIyWjBfMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRswGQYDVQQDExJmdW5kaW5nLmNh
Y2VydC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCkwXDBlJ9D
rpGz26rK4N058I21MBfnZbsEqtEBpwvhnYH9IYhwTjd7i9vFNxlBabNBaPJ2Ro5S
@@ -364,18 +364,18 @@ profiles::web_proxy::ssl_certificates:
AQUFBzABhhdodHRwOi8vb2NzcC5jYWNlcnQub3JnLzA4BgNVHR8EMTAvMC2gK6Ap
hidodHRwOi8vY3JsLmNhY2VydC5vcmcvY2xhc3MzLXJldm9rZS5jcmwwPwYDVR0R
BDgwNoISZnVuZGluZy5jYWNlcnQub3JnoCAGCCsGAQUFBwgFoBQMEmZ1bmRpbmcu
- Y2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAoGWNT0vTQAadm6bmaB4O8nMG
- mR3NlwQLKNd9SY0HbUehFby1JE0nJshG5x1Ew/bfWgk5svfMGIwlOumsFi5S8zRi
- doKpdGWxihyzNO1SyGP5OnQ7e0cNOcZP6SxoXy7/uN71rK9HoGYyWY1E4MnZYt7J
- WKFVPC3eLD9DMFOOf5mH96vdjkjA9HRWxS9to0EuCUxTBBPQOsOK7JTF0we6yj2/
- 0GBL4eB+Jksr1rva/efsR6FM499Aoa4TKhIRLHy+kHZyWbT8tfrBBOKICfiCvubw
- /JwxYvunPHDAC1eV4RTYw9CjGCgKjWKK6wTV2Jky1R1332CrDSGpBMfmPqhCpbiM
- XGhF5llV9Ef0r5io1OuQfFsDijTnM3oCYZ+y4/+NT0/FpPDeobekN4+qnWN967Y4
- dI4Eljvn126hmHybOBbbC9Bkh1sxonsfRx8M2u/MHxk5ToELH6bHhGIyhZO7LABl
- MR/kOBQl+Uv7YUPILopSDBllwkzj3NbLcRWmOLBJBdjNVJ7VEkJzlQVbOX3rdIBv
- m0xJYrJeIXhDqYfGAUq8Z2SQJHJhYFT9EG8ntOf1ttvXNNw/cLmHX68GnCkq8IrW
- BZm85tchOLBPpUfWk4kQdvE6bpe4jqE7+UCFxnmUhaj2634QSrD0oYs1KS9kclNE
- Q4HPiz3fZ3Rjl3mZEHM=
+ Y2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAqAVlhiPJVgncLv5A8Owqyciv
+ 4zxpGmegSBLFFFiK81WCDPiSTuFakB3a7djCRtajUsckrj2/NR9KdRIlKNDpNcUN
+ Szl2JGJ22k/B7LJkv8q+KNrAixXg96k2K08+TgITQtAKaUNzhoB+6Ygr8TZUSaCe
+ nlZ3tUWcq/lkSwmZkj1EARbQLX9Q6GFWs4ctJUzbIsDA1Fe5A97jaWLXix4ZLwNX
+ Sfpt7iXj0daHvyjjc0fp2C3WrFr7q9af0LDtcjKx9CaYetc1nUVbk6gkUEp7vsi2
+ /jnOKQdKs/hMglfDcYhHhR9aH0lfUsBYIPUn19RHOMsVkSbDjO1756h1SbChd0e7
+ mgzMPn8F+40ZQri36gA829SDF3i3A9lZVUnW8gCEN7ltAIjqH5gPGKBh3eWgb0YS
+ AtybEngCPy9O5Ocya1aKHXcPQ5vF2D8D3BMoEzFBZvi76YxDzGG2uP1rkp/CHEgp
+ UuHw9iM/kIiKSSgjUZzCZ5zLWFgjkp55ZAx02snf1iB3qTUBcao8B4HOQIMz/+Ki
+ SttrUUBLSwdjs73rClvbT7GExu9qkuXpXzEgMeq7duSUUYNU85RUGhmS/W8MgdJs
+ C7d16zxDMiz0v8PzynlkimRqcamk4Rz1Rry11zPMIc3+KC6dbsD46BwSwR6ZrjJE
+ 3r9/r1dJt1CfyognCnU=
-----END CERTIFICATE-----
'infradocs.cacert.org':
key: >
@@ -462,10 +462,10 @@ profiles::web_proxy::ssl_certificates:
r0uw88KU3o5ZlaI/v253U7U=]
certificate: |
-----BEGIN CERTIFICATE-----
- MIIGQDCCBCigAwIBAgIDAuECMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
+ MIIGQDCCBCigAwIBAgIDAvhoMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
- BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjAwNTA0MTgzNzMwWhcNMjIwNTA0
- MTgzNzMwWjBhMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
+ BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwNDA4MTUxNjQ1WhcNMjQwNDA3
+ MTUxNjQ1WjBhMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMR0wGwYDVQQDExRpbmZyYWRvY3Mu
Y2FjZXJ0Lm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALatAkUX
xHht+nUz7pf5sHiaJvMMXYleo3Y4oyXSLNLNPaMobwja3PB71bw3RBs7S4MqwGk+
@@ -484,18 +484,18 @@ profiles::web_proxy::ssl_certificates:
KwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmNhY2VydC5vcmcvMDgGA1UdHwQxMC8wLaAr
oCmGJ2h0dHA6Ly9jcmwuY2FjZXJ0Lm9yZy9jbGFzczMtcmV2b2tlLmNybDBDBgNV
HREEPDA6ghRpbmZyYWRvY3MuY2FjZXJ0Lm9yZ6AiBggrBgEFBQcIBaAWDBRpbmZy
- YWRvY3MuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAQ3nmpjn8kEnRx2aA
- 0T0ku4kv/udCloH01l5dWbadgtgqmd60P0QipMgV4pWWw1RIvO4YVRIXRjuD+mIR
- n/4siUD1jXHGaoip0RxUKQpZi5a3Yoi6SNJB5B51AIpLjNHk4zgJ+j6ehV5Gekld
- 0diALdEkbsJLvImaTcra2PoT5P7FJxJ7wPNcJBodRbu9YGEE1pRJMr6zP8QGBJWi
- YVcqx2hCLQ7RJgYnm06yoBwLGeGUVsWE2h0+xvFhXXW7E5YHbhXpc06/LOlFe8FE
- 14UP4q3hG3gGKGZ/75m7HvFgfgZMyT0SLpLUcT3gXkqFMT5x3gqXE5ZyD8xZFP0d
- jMvJT8eG1LjSVPWVnbgHvarIRpP8Jln0+pNhOHepHUkcozHRHlU18uEytjZNGVlP
- pmQXAL3UxtrQZWf1itcjsjbWydPHw7b0I4EX6QAqI+SsNfPWj/8H7Y6HcqGJn31D
- dZu3bIgln5sqKeErTlns2tGjfSYGzbP+S/xZ54JDPWeXK8KHS40C3fSce4cB+ejy
- 9X5KFRmJLFwQVsq6esaTPsjOb897hGIpnTGIwzehSY/SCNGqiPZ3holVA+KBaOWU
- NpOk8+F3igAmAKRqJPPq5ak1wBIGHQDxyeo/cS5oT0PzkQ2v+Vlgxjq9q4i+38ph
- mZbp9BQ72buP/q5+4cwYTMeUf4w=
+ YWRvY3MuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAcc6RUOeEju8IZZLG
+ TAfbgumltzvQMY7Giuv/08iSy3HKv9FfklUsb65TjsEJpa+M0ZkjnF4yh4/Yi0ko
+ IuqA/EWQaka5rZylz1LzC/y7GtMgRLekaRincH3jL2k6nAX9wUpEhoaLhCssghUp
+ FtQP7OgcRAAjFEebjpntreeXhlYxkMwm8Y1Vcuy9dbV+fxPJPtb8c5KmG1qJRrwy
+ 41mw/+Jw0gYoG5rQKt8MzSg2qiKxg/wVzrV0ZG0dQZ2kkK0e/Sce3xrOPQ4J/2XM
+ 0KoOEIOyX2KioDP7V1L3fIRvH7lnNc2AnokaqnBoZqa2AtOcfl5h37nxtS3vANHj
+ l/dsK+E8k9Fwq1Gwi4FZqFvCqYo5/39F3lFTneLgju2CtBZ9r0OSCDOIA4vhmCxN
+ tuQXcU1rLSul85ySwcLSLfh7TZenUlii/zHDVzK0GrpgStTtIS8jAyPCtXxQOAtT
+ jxOab2ajwqMzq2yphd29wslMCKS/UAvMFbWMZ58iOiT1uBlDbcCHpLNjsvPgqvlW
+ DJHlVKrgIzRMuyl1tdFgof4CpLd4HzAvCK6orTCfKT2GogzGUjorYKSXSbcA1uIw
+ fOnrG2tIfUlHduc78jGmUau0UdmHVKLbjJdjg5UWF/95BHLthBIBbfHOxtIx/Bom
+ l1N/ZhMDslXw7x24Aq1vzAAq0+I=
-----END CERTIFICATE-----
'jenkins.cacert.org':
key: >
@@ -582,10 +582,10 @@ profiles::web_proxy::ssl_certificates:
k3Q2KZ3iwk7XwJUn4fugGT4=]
certificate: |
-----BEGIN CERTIFICATE-----
- MIIGOjCCBCKgAwIBAgIDAur1MA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
+ MIIGOjCCBCKgAwIBAgIDAvyLMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
- BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjEwMTE3MTg1MjQ4WhcNMjMwMTE3
- MTg1MjQ4WjBfMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
+ BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIxMjE4MDkzMzM5WhcNMjQxMjE3
+ MDkzMzM5WjBfMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT
eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRswGQYDVQQDExJqZW5raW5zLmNh
Y2VydC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDGc+q3g2qd
DkC1m4F++PQqBSBL+LFO4kUCt8SZyjnex9JSWn1hdwnQjtbuGUsTcOpTltIRP0nv
@@ -604,18 +604,18 @@ profiles::web_proxy::ssl_certificates:
AQUFBzABhhdodHRwOi8vb2NzcC5jYWNlcnQub3JnLzA4BgNVHR8EMTAvMC2gK6Ap
hidodHRwOi8vY3JsLmNhY2VydC5vcmcvY2xhc3MzLXJldm9rZS5jcmwwPwYDVR0R
BDgwNoISamVua2lucy5jYWNlcnQub3JnoCAGCCsGAQUFBwgFoBQMEmplbmtpbnMu
- Y2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAcbTcP6g4s2o3u1x84jOjZr/h
- FhRsumJZZj16HyEjL8Hjdqk28c+JcQmdGnFyJntWTNl3nHWuu31/Ryd2z3cCN8cY
- cv6+5AufZoXVU3advyAmamYPSoQPU71WPXxC4DDcvUFxHNJEmUKwg6Jarc4brFnl
- s2unD4K7/11vWd8lQaeEcngwgC6A9VovD5DFTjrt0/EY6B/av67rRG5iNJ9tGh68
- JGMag+9f+b32M6vX3kb2qT+q3jAQ7pU6j21OYXzRiMyK0KV07tbbcna7ZL9E1ytx
- bvzS2PNz9Mx6aCnjarHjMPZQa3FBrOpfNUhVQeeOpcWhEEyGnlTOkU8Lkz9o+kbx
- ZgaMT9VhepsNAjqrOKq26ZtSU6c3PmxBQrxsx3vY54EFzfF49rzAOacY+sFESRXQ
- aKdj2t4BVUxGEgKU4CArw/ycI+A5oxgfBBv2ZyaVmKtwdWTeDHe1Gx2iEYvMlKue
- sUtjxfBgV0n1Izx5q1xFd5BIkPdCZTULD5SZZgbbXxheBvbf+Ej3ggioZpgv9Sze
- nGbk98hvjhQtc8Tpy98AOcmoErW7al2Bpha4Jg58pkdC0vtjbdNkwVKZLl5Xl/VM
- OaQBQoC3kKIZF5QGxVpcFWi/QhPSCTfs6HjXff8fKp/B2rosYNrt+iI4KpUebBJI
- YlO47SosrYq7Ys75fHA=
+ Y2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAnGdMdov65VIshJAkD4ZOHgKT
+ clwNJCK108xXFggBe4t4p9VcDk1mGdjhwvaMbGJAH6NiU0HJki3P/Uc1Li+YhBVT
+ 1yWOT7zfaz8SGhR1EouF0zFTMFofl6kOq39kgC94DBW7pO2BGY/k+3hre/1wh9No
+ nfAYGGN3jHHMgjH3cM2oM5X1OI7TNzP6uczZMBwcnNgeALtCA84jf4gRLCPKrouP
+ CkjnEp0ykPF1e1vLYP/YT2R13ZeASSXfR3MRr0jgKF70j1kVPe1V1HZqVBBbIiHe
+ u4yV4knna8/BQjI8FHP2LcvJ8wcjtJnmxAQhireDkv8GP2w+X23sir0TPze4p7th
+ XAH2b0vOIHJpfJMlujMyTInGyUV1l9keP6t3777dKsKJjV+eNYbDFxVZvHPSLLFW
+ fZTXXexAmQcZzPRJuvYeMyg0c22KqG5pmnxEj466cI9qFjkdSYWOMtcWlakZ7ZB5
+ 9Geo2+zBHJ6/OVkLV3Ur6arDLvxBIMPSpYdB6XrH28fNZoDy7FzVWzHLnlhI8PLZ
+ Ikm452UORbXGQRLnz7qtoGOzbh+gUKidB+go6uHKbj8q45pVJtwLwhoe0jqqUpvH
+ o94tNCdQXDMhCBAKclOgiXO2OcoViJTAObXAG89ZlWBYwe/aPRtMNk8NvRxGF06S
+ RBmRBVmpPTMKenvoCIQ=
-----END CERTIFICATE-----
profiles::web_proxy::apache_vhosts:
'web.cacert.org redirect-http':
@@ -673,8 +673,7 @@ profiles::web_proxy::apache_vhosts:
ssl_chain: "/usr/local/share/ca-certificates/cacert_class3_2021.crt"
ssl_key: "/etc/ssl/private/codedocs.cacert.org.key"
proxy_pass:
- -
- path: /
+ - path: /
url: http://10.0.0.116:80/
proxy_preserve_host: true
'funding.cacert.org redirect-http':
@@ -704,8 +703,7 @@ profiles::web_proxy::apache_vhosts:
ssl_chain: "/usr/local/share/ca-certificates/cacert_class3_2021.crt"
ssl_key: "/etc/ssl/private/funding.cacert.org.key"
proxy_pass:
- -
- path: /
+ - path: /
url: http://10.0.0.116:80/
proxy_preserve_host: true
'infradocs.cacert.org redirect-http':
@@ -732,11 +730,10 @@ profiles::web_proxy::apache_vhosts:
manage_docroot: false
ssl: true
ssl_cert: "/etc/ssl/certs/infradocs.cacert.org.crt"
- ssl_chain: "/usr/share/ca-certificates/CAcert/class3_X0E.crt"
+ ssl_chain: "/usr/local/share/ca-certificates/cacert_class3_2021.crt"
ssl_key: "/etc/ssl/private/infradocs.cacert.org.key"
proxy_pass:
- -
- path: /
+ - path: /
url: http://10.0.0.116:80/
proxy_preserve_host: true
'jenkins.cacert.org redirect-http':
@@ -763,11 +760,10 @@ profiles::web_proxy::apache_vhosts:
manage_docroot: false
ssl: true
ssl_cert: "/etc/ssl/certs/jenkins.cacert.org.crt"
- ssl_chain: "/usr/share/ca-certificates/CAcert/class3_X0E.crt"
+ ssl_chain: "/usr/local/share/ca-certificates/cacert_class3_2021.crt"
ssl_key: "/etc/ssl/private/jenkins.cacert.org.key"
proxy_pass:
- -
- path: /
+ - path: /
url: http://10.0.0.115:8080/
keywords: ['nocanon']
proxy_preserve_host: true
diff --git a/hieradata/nodes/webstatic.yaml b/hieradata/nodes/webstatic.yaml
index 497cab4..cd5f1d8 100644
--- a/hieradata/nodes/webstatic.yaml
+++ b/hieradata/nodes/webstatic.yaml
@@ -6,72 +6,72 @@ profiles::base::admins:
- law
profiles::debarchive::notification_email_address: jandd@cacert.org
profiles::debarchive::release_signing_key: >
- ENC[PKCS7,MIIIzQYJKoZIhvcNAQcDoIIIvjCCCLoCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAtJiS4GluyFbbkmxFKmH+2CWZRD1wotHn8HAc
- 7wXckaUSIaUvHY9aor6lxFgjD8vnE5ROmiBTtCsJ0Rmx0oJMO7XDTTKfauwZ
- sTNIi/xPq4YX3fGAKZQ0HpDZQRsgFuh+6acW3B59KAWZlcJCQqnSO/OUdCNz
- yHSdFF1hMM7fTHYfMXkvp91oOkxkSHhAtiC2AbB82AaSikt7rNv/03rL6Hv7
- 8vzfjo14m0UGMGGo5Yn8N38Yn24WQTJOGhgBeUm1GpLylaqUDNWN8kRVWrqF
- 0/O+FTjtGQjeQVkR73u2Iy9n+cvX3blYZKl1ItRRWgFjf/pP6uV4P7d8IrSG
- 1myvMzCCB44GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEJeo9l7ZAFDCx2IS
- K4F1IoqAggdgIZWj1bAB165e6eZ0MDx60xsurDWPOFqMlVNmVhrM7O5+n/pB
- IGBJ+ylUsi97gaWrIAAyzYqnfbqN8pjwNA55gqw6jx2H8AsRuMUDU76JBUtu
- WvxiMgYOmf4V0tt6i5uLxDIEzkfIf4Mh4sSVoZW/wR2A0n5L4YcbJTHRW9D0
- idNVfV2hKFxqX9QpbwoJk4IlW68hidk9mpKKO81bA6rO+IF0OoYg1vTBu26M
- ZdFChv9Ypm10jR2vqhbbb15btOyi5pa/wcis8GYBEvANnQgUfGS//YHK9ttd
- 1x3JQ6YL87Ye5iXUzOoohHIZ+QHalfyMHPotOy8fsnQyxZd3pkA6utLMItr6
- 3ehPtsT71a17nC30TJFKgopGigccvk24K5kZozZdG2qyy7yycn1JHp53TirK
- kdLDfAbwPnhV2+gUycz+51eGvBE3ZdafV+20Wx6hUd6S+F3zef/aeD9D7u9c
- soIDj1Lun7f7CBE0qgbvlg0vUHFlpGvtTFK2eoJVAid3odefj9x06yoi23RU
- Y8MddhqxvZGtZituqPvfpDqOY3cTu4WJc/VznKcEkOlWU4R4gqw6NWrt1J6l
- 1/PqJCqLlvkebbd9R8jZGuy6PgKCsg4oDRjcKpsxbydO9NJwMgUd6UQI4HeZ
- vbcpbBOwGcXizE+myTjUbS3UbtZAMGWiBPDa+pkNSet4R8MdkcFnaS0vwa8N
- Uot7eqpDUpKvgeJz/Vk0WhUfPkyiaT3idy1i0GDFZD9eV9v3tpyp9xBQMK42
- VZEep2p0mXopUk61xY9tpuZQvw53//Bqq3YXfZghhXlgdeLIcxpp7af5lBAU
- iavhoMs5fZwEsSxfkUXVT4w7A4b02X9FeDdQ1TY3orI1yTLKzmx/FgozztTy
- CYh1/o6K9r1Mo1INWpngy/kLCaZtySppzTzaDBIoCbDWJjWE5FzMlslaBVqk
- PjTemUHuyXsWoRFnik0JW4AMuRYqcsf8KsrI/lDiGgNDR9BxNRrmHplclhvA
- 8zAccSQLH53NKh4ma5WPVmbl++6gB6OSeHlwttQDaNBuujoMADF8MWiJNXjj
- qfqpKHxlEQEqG/CrTJoWJ+EROl5daH6+TVXTXGzUSIsqOir91Jo4Sd4fJYsh
- CpjHy+jyQZiXuYWWOWXV7suBw399Twozm4sKBcefumXMkgiJnSnibGtSV7ia
- Ob84hEoQH+Hg/md6rJYefIZYyCOi8IyEV8n4mUr4/DOD0s+BmPxPOgYCDhc8
- o8IyiUajFCR64gVWou8xnR4OG0ged+1zaU75pq04U5kPARg/WfFWHYWo9Ljq
- v81+VsWSPEb3ILsX3ZCLT/axkSE3VYEAOaRoT1mE8cc4ENjVRzd50y4I2V4A
- rALARll+gSSdE/cXqFI4DrkwkobCATYlYNpvBACASkpQVzJontdmJ5sIjEPE
- LVbAhOHIL4mNNI24zLABOzwS6RGi0sJjfZIjnc7qsb5cxU2PtwkLleHbbcgM
- tVcmX3EFg+rMg9wGYLT+l4K91pjWmBRN8lssEYNoOcrPu5gvvQDBpWHc3Y+b
- Oa5x5bT1IjSKgkCWpducMq3u6zvHQnlS5hDgPTfCZPYmQdM5FVCOcJ0TYoZ8
- +taq1nV2vsX25dtUzxkUcYkRlnXOZx80j53tkJwqFPr2GrN+6I9brL3KYIwp
- itRzGROLovhX6tSsawPI0bLwAG/5c2OoPPbs6jSP0K+JSTxmalLw4TDUKAl+
- QfZNzMEH98lw6HGq7aG9njtggw6G4odBrY1ud0KN7/GlF2kjAUyJVJEMiIfj
- 0Lq968XdYiNDOwpre8mn5xqJCtt0sZjy9zWZ9xoyUYDoIeAOCrdS9VgaOilP
- IG9w/uszbRBWXxiSU76oTgKHAJMFZttWAkBHX5NEcCGksKUbS1Frh76/Kj2G
- kSL6tDJRsAqEPibtrKCWU9DNGNjwOndlLZveSqNWTK4yWVrLozff0qdV+ZBn
- VvKW280MpQNFMwhnuxj+WA9tcwg4ajUWFP/8WhpQMc+5aDuvQSTvWUo5YXgk
- I/5Gcb7Y05CodZ1eJEtyh8r+Z01LmBW1l6a15PeUIBPLs1xg6mqdSenFnB/D
- q2UnFnd/aoeh49VLpEWRhdK9Yl3Jyz+0tHNDnD0uQ/Zlox49KYx3YQv4gpMq
- CcC1tw9Lfcc/UY23yhG3MJ5dRJIeP+FWBTfqeN+lq+dnu7ua/4CKVzjiaeU4
- ygAo2m4Myono4lSpN4VgyUfGzrMpOXOyOa40mgBBgrxDNmAgyIk2obU7h26U
- ZcZKSgk/W97dSORGPYQcLNZBiRCV+hHV3I8IGdGcz+MZugluNH28znhpUnp0
- aTkO/6mPnojAA/5ERXrdBEyTuOR662BfVMAkIVCfVPe5W6P34popQQwNRRjL
- 7qKVOpRKA15H3QDHEsh/SOc59L9tvzCa637rBGJMBfvf8QyrUwOVnVebgFSm
- r9bg7DReCgweHUukIbHzVPy3UE/lyqnAZWeIPJ4+jmTqrATq/EOs9iQQetyR
- VP8xiy7PwA==]
+ ENC[PKCS7,MIIIzQYJKoZIhvcNAQcDoIIIvjCCCLoCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAtJiS4GluyFbbkmxFKmH+2CWZRD1wotHn8HAc
+ 7wXckaUSIaUvHY9aor6lxFgjD8vnE5ROmiBTtCsJ0Rmx0oJMO7XDTTKfauwZ
+ sTNIi/xPq4YX3fGAKZQ0HpDZQRsgFuh+6acW3B59KAWZlcJCQqnSO/OUdCNz
+ yHSdFF1hMM7fTHYfMXkvp91oOkxkSHhAtiC2AbB82AaSikt7rNv/03rL6Hv7
+ 8vzfjo14m0UGMGGo5Yn8N38Yn24WQTJOGhgBeUm1GpLylaqUDNWN8kRVWrqF
+ 0/O+FTjtGQjeQVkR73u2Iy9n+cvX3blYZKl1ItRRWgFjf/pP6uV4P7d8IrSG
+ 1myvMzCCB44GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEJeo9l7ZAFDCx2IS
+ K4F1IoqAggdgIZWj1bAB165e6eZ0MDx60xsurDWPOFqMlVNmVhrM7O5+n/pB
+ IGBJ+ylUsi97gaWrIAAyzYqnfbqN8pjwNA55gqw6jx2H8AsRuMUDU76JBUtu
+ WvxiMgYOmf4V0tt6i5uLxDIEzkfIf4Mh4sSVoZW/wR2A0n5L4YcbJTHRW9D0
+ idNVfV2hKFxqX9QpbwoJk4IlW68hidk9mpKKO81bA6rO+IF0OoYg1vTBu26M
+ ZdFChv9Ypm10jR2vqhbbb15btOyi5pa/wcis8GYBEvANnQgUfGS//YHK9ttd
+ 1x3JQ6YL87Ye5iXUzOoohHIZ+QHalfyMHPotOy8fsnQyxZd3pkA6utLMItr6
+ 3ehPtsT71a17nC30TJFKgopGigccvk24K5kZozZdG2qyy7yycn1JHp53TirK
+ kdLDfAbwPnhV2+gUycz+51eGvBE3ZdafV+20Wx6hUd6S+F3zef/aeD9D7u9c
+ soIDj1Lun7f7CBE0qgbvlg0vUHFlpGvtTFK2eoJVAid3odefj9x06yoi23RU
+ Y8MddhqxvZGtZituqPvfpDqOY3cTu4WJc/VznKcEkOlWU4R4gqw6NWrt1J6l
+ 1/PqJCqLlvkebbd9R8jZGuy6PgKCsg4oDRjcKpsxbydO9NJwMgUd6UQI4HeZ
+ vbcpbBOwGcXizE+myTjUbS3UbtZAMGWiBPDa+pkNSet4R8MdkcFnaS0vwa8N
+ Uot7eqpDUpKvgeJz/Vk0WhUfPkyiaT3idy1i0GDFZD9eV9v3tpyp9xBQMK42
+ VZEep2p0mXopUk61xY9tpuZQvw53//Bqq3YXfZghhXlgdeLIcxpp7af5lBAU
+ iavhoMs5fZwEsSxfkUXVT4w7A4b02X9FeDdQ1TY3orI1yTLKzmx/FgozztTy
+ CYh1/o6K9r1Mo1INWpngy/kLCaZtySppzTzaDBIoCbDWJjWE5FzMlslaBVqk
+ PjTemUHuyXsWoRFnik0JW4AMuRYqcsf8KsrI/lDiGgNDR9BxNRrmHplclhvA
+ 8zAccSQLH53NKh4ma5WPVmbl++6gB6OSeHlwttQDaNBuujoMADF8MWiJNXjj
+ qfqpKHxlEQEqG/CrTJoWJ+EROl5daH6+TVXTXGzUSIsqOir91Jo4Sd4fJYsh
+ CpjHy+jyQZiXuYWWOWXV7suBw399Twozm4sKBcefumXMkgiJnSnibGtSV7ia
+ Ob84hEoQH+Hg/md6rJYefIZYyCOi8IyEV8n4mUr4/DOD0s+BmPxPOgYCDhc8
+ o8IyiUajFCR64gVWou8xnR4OG0ged+1zaU75pq04U5kPARg/WfFWHYWo9Ljq
+ v81+VsWSPEb3ILsX3ZCLT/axkSE3VYEAOaRoT1mE8cc4ENjVRzd50y4I2V4A
+ rALARll+gSSdE/cXqFI4DrkwkobCATYlYNpvBACASkpQVzJontdmJ5sIjEPE
+ LVbAhOHIL4mNNI24zLABOzwS6RGi0sJjfZIjnc7qsb5cxU2PtwkLleHbbcgM
+ tVcmX3EFg+rMg9wGYLT+l4K91pjWmBRN8lssEYNoOcrPu5gvvQDBpWHc3Y+b
+ Oa5x5bT1IjSKgkCWpducMq3u6zvHQnlS5hDgPTfCZPYmQdM5FVCOcJ0TYoZ8
+ +taq1nV2vsX25dtUzxkUcYkRlnXOZx80j53tkJwqFPr2GrN+6I9brL3KYIwp
+ itRzGROLovhX6tSsawPI0bLwAG/5c2OoPPbs6jSP0K+JSTxmalLw4TDUKAl+
+ QfZNzMEH98lw6HGq7aG9njtggw6G4odBrY1ud0KN7/GlF2kjAUyJVJEMiIfj
+ 0Lq968XdYiNDOwpre8mn5xqJCtt0sZjy9zWZ9xoyUYDoIeAOCrdS9VgaOilP
+ IG9w/uszbRBWXxiSU76oTgKHAJMFZttWAkBHX5NEcCGksKUbS1Frh76/Kj2G
+ kSL6tDJRsAqEPibtrKCWU9DNGNjwOndlLZveSqNWTK4yWVrLozff0qdV+ZBn
+ VvKW280MpQNFMwhnuxj+WA9tcwg4ajUWFP/8WhpQMc+5aDuvQSTvWUo5YXgk
+ I/5Gcb7Y05CodZ1eJEtyh8r+Z01LmBW1l6a15PeUIBPLs1xg6mqdSenFnB/D
+ q2UnFnd/aoeh49VLpEWRhdK9Yl3Jyz+0tHNDnD0uQ/Zlox49KYx3YQv4gpMq
+ CcC1tw9Lfcc/UY23yhG3MJ5dRJIeP+FWBTfqeN+lq+dnu7ua/4CKVzjiaeU4
+ ygAo2m4Myono4lSpN4VgyUfGzrMpOXOyOa40mgBBgrxDNmAgyIk2obU7h26U
+ ZcZKSgk/W97dSORGPYQcLNZBiRCV+hHV3I8IGdGcz+MZugluNH28znhpUnp0
+ aTkO/6mPnojAA/5ERXrdBEyTuOR662BfVMAkIVCfVPe5W6P34popQQwNRRjL
+ 7qKVOpRKA15H3QDHEsh/SOc59L9tvzCa637rBGJMBfvf8QyrUwOVnVebgFSm
+ r9bg7DReCgweHUukIbHzVPy3UE/lyqnAZWeIPJ4+jmTqrATq/EOs9iQQetyR
+ VP8xiy7PwA==]
profiles::debarchive::release_signing_keygrip: 223894064EE26851A245DE9208C5C0ABF772F7A7
profiles::debarchive::release_signing_keyid: "CAcert Debian Archive Signing Key 2019"
profiles::debarchive::uploaders:
- jandd
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEApecW/rPl4fMSAHNJSzDl5RX8y0JJSVqPj+S6
- g7vxVMMnAOFR+Ex7BvRCNZ5/HISEuijPxPZlvDpaKYA3V8Z0/aHq8KKzOy56
- wA9JSyIXzHv1hQmwLB2R5J2SZnKiAza9g0tJ9nM3q3YwfkofSUrYzPKHUZfm
- LzjRCVFYDttlP2M9LedAb3+UE2UAkN0tZ2s/LplxnhBpXH89pqcPBzTmAQqe
- bXR2kskXDku/f41+nY8Yv3vEyLGd/uiQR6oer/cPIj7RUI26PTdd+3LlTb0f
- W8sqbf8IAo2EpneRL0Pg1kYYd1IV/0I9K8K+93xTsqR52yQdtgo6sUxsWczB
- zWIAoTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCz2/HN15HQ/xCGQExX
- Ozd9gDCOqJLm9jtlSoCpwDwzowwiCgRj+k1s444lp1RkvgWKCrfO3QkOF3aR
- MY7nsz39ve8=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEApecW/rPl4fMSAHNJSzDl5RX8y0JJSVqPj+S6
+ g7vxVMMnAOFR+Ex7BvRCNZ5/HISEuijPxPZlvDpaKYA3V8Z0/aHq8KKzOy56
+ wA9JSyIXzHv1hQmwLB2R5J2SZnKiAza9g0tJ9nM3q3YwfkofSUrYzPKHUZfm
+ LzjRCVFYDttlP2M9LedAb3+UE2UAkN0tZ2s/LplxnhBpXH89pqcPBzTmAQqe
+ bXR2kskXDku/f41+nY8Yv3vEyLGd/uiQR6oer/cPIj7RUI26PTdd+3LlTb0f
+ W8sqbf8IAo2EpneRL0Pg1kYYd1IV/0I9K8K+93xTsqR52yQdtgo6sUxsWczB
+ zWIAoTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCz2/HN15HQ/xCGQExX
+ Ozd9gDCOqJLm9jtlSoCpwDwzowwiCgRj+k1s444lp1RkvgWKCrfO3QkOF3aR
+ MY7nsz39ve8=]
profiles::static_websites::apache_vhosts:
'webstatic.cacert.org':
port: 80
@@ -94,11 +94,9 @@ profiles::static_websites::apache_vhosts:
docroot: "/var/www/funding.cacert.org"
docroot_owner: "git"
docroot_mode: "0755"
- directoryindex:
- - "index.html"
+ directoryindex: "index.html"
directories:
- -
- path: "/var/www/funding.cacert.org"
+ - path: "/var/www/funding.cacert.org"
options:
- "-Includes"
- "-Indexes"
@@ -124,11 +122,9 @@ profiles::static_websites::apache_vhosts:
docroot_owner: "jenkins-infradocs"
docroot_group: "upload"
docroot_mode: "0755"
- directoryindex:
- - "index.html"
+ directoryindex: "index.html"
directories:
- -
- path: "/var/www/codedocs.cacert.org/html"
+ - path: "/var/www/codedocs.cacert.org/html"
options:
- "-Includes"
- "-Indexes"
@@ -152,11 +148,9 @@ profiles::static_websites::apache_vhosts:
docroot: "/var/www/community.cacert.org"
docroot_owner: "git"
docroot_mode: "0755"
- directoryindex:
- - "index.html"
+ directoryindex: "index.html"
directories:
- -
- path: "/var/www/community.cacert.org"
+ - path: "/var/www/community.cacert.org"
options:
- "-Includes"
- "-Indexes"
@@ -182,11 +176,9 @@ profiles::static_websites::apache_vhosts:
docroot_owner: "jenkins-infradocs"
docroot_group: "upload"
docroot_mode: "0755"
- directoryindex:
- - "index.html"
+ directoryindex: "index.html"
directories:
- -
- path: "/var/www/infradocs.cacert.org/html"
+ - path: "/var/www/infradocs.cacert.org/html"
options:
- "-Includes"
- "-Indexes"
diff --git a/hieradata/nodes/wiki.yaml b/hieradata/nodes/wiki.yaml
index 3dbf3ed..506a5a1 100644
--- a/hieradata/nodes/wiki.yaml
+++ b/hieradata/nodes/wiki.yaml
@@ -6,24 +6,24 @@ profiles::base::admins:
- jandd
- law
profiles::icinga2_agent::pki_ticket: >
- ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
- DQYJKoZIhvcNAQEBBQAEggEAjOSvvtlZs+Gv7OB6ULHAWRs51L65afl3k0KJ
- L3m7c7Oh/N1aFC7ni0EOJym/n3E/WpmM7JsM4SJu5XrBe7sIOLecGeqtpFWb
- VXDYVqEXJ4ciZNHB/R2Mnumha497iC9BVD32ZfK1KU+aha8PCb8t1lRHyekD
- tnMOR7dIaKJf6NMvpBUwQqyJ0ly1c+588eFfJxC2XX0xOp/UWlK98DNBZYLj
- ax2Grcb7lYa9FywseTUBOe3NQsUJrneyTLluKo8ANGqIDunRN2KtA0ai6/gN
- wc9BWBJKrSUFI3iKSvf6ar5N3Hpdk8lHbMeK/XfcLxIXcQUVlu3Y5XhVf/aG
- CENzHTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCxh2btktTQOw/SivS6
- H9/SgDAg/43TaVhYJ48kzhuxpSRinR6RqwAWqQy4RmEOlvLKaxDbG8h5B3ap
- CPwQco1Eyew=]
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAjOSvvtlZs+Gv7OB6ULHAWRs51L65afl3k0KJ
+ L3m7c7Oh/N1aFC7ni0EOJym/n3E/WpmM7JsM4SJu5XrBe7sIOLecGeqtpFWb
+ VXDYVqEXJ4ciZNHB/R2Mnumha497iC9BVD32ZfK1KU+aha8PCb8t1lRHyekD
+ tnMOR7dIaKJf6NMvpBUwQqyJ0ly1c+588eFfJxC2XX0xOp/UWlK98DNBZYLj
+ ax2Grcb7lYa9FywseTUBOe3NQsUJrneyTLluKo8ANGqIDunRN2KtA0ai6/gN
+ wc9BWBJKrSUFI3iKSvf6ar5N3Hpdk8lHbMeK/XfcLxIXcQUVlu3Y5XhVf/aG
+ CENzHTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCxh2btktTQOw/SivS6
+ H9/SgDAg/43TaVhYJ48kzhuxpSRinR6RqwAWqQy4RmEOlvLKaxDbG8h5B3ap
+ CPwQco1Eyew=]
profiles::x509cert_common::certificates:
'wiki.cacert.org':
certificate: |
-----BEGIN CERTIFICATE-----
- MIIGTTCCBDWgAwIBAgIDFHxjMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv
+ MIIGTTCCBDWgAwIBAgIDFR0xMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv
b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ
Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y
- dEBjYWNlcnQub3JnMB4XDTIwMDIxNzIxMTcwNloXDTIyMDIxNjIxMTcwNlowXDEL
+ dEBjYWNlcnQub3JnMB4XDTIyMDExNzE4MTMzOVoXDTI0MDExNzE4MTMzOVowXDEL
MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD
VQQKEwtDQWNlcnQgSW5jLjEYMBYGA1UEAxMPd2lraS5jYWNlcnQub3JnMIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAu9Mxl03cq2qWtrJ6hBr4i5uG4Ipw
@@ -43,17 +43,17 @@ profiles::x509cert_common::certificates:
Y3NwLmNhY2VydC5vcmcvMDEGA1UdHwQqMCgwJqAkoCKGIGh0dHA6Ly9jcmwuY2Fj
ZXJ0Lm9yZy9yZXZva2UuY3JsMDkGA1UdEQQyMDCCD3dpa2kuY2FjZXJ0Lm9yZ6Ad
BggrBgEFBQcIBaARDA93aWtpLmNhY2VydC5vcmcwDQYJKoZIhvcNAQENBQADggIB
- AAn7Tgzi19YM+/tanXCo26/n2bSDFWRAX7ou+FcsmnDseL6YQans3IV7GHRVL3YW
- lRKJeCAAo2F6XPdcUeGddj1oFCYornLhM7knfIfKgf+Com591bYnL1izRdvzBFh0
- Hdw00pMciY884CgyrCpfeQinIT7kzkIfFnz4quUtq5rcehWa2ykRqNScQlxp/Tif
- QgrDkJpmrnVl6tQl1Z2QUkIRF0Pq/A8M2GY/hb8hSRtLUMc3Db2h/pkoRjIShEJM
- YbxYxVcn5fQtqoBtHd2qLA+QMPfFVcau80UFWnYiRMwob+GCiVMegAejxqdb4L4m
- eez5LkC4YxNJp2OMrw6AhnHoFJUBQzEkxCLRUE5TBAKpMAEinVuwG4iOoDqH/u9X
- zQciZToHowMZtu5UStTDRL6MOY79spiq2SURBhmGBhRwZ2GIruAsgzfK+5GtyX8j
- 8MhEgXR/S1/yLnWMM3+WtbbIbIpOeP5tg6GedrAnxxjjLPmLcYa1wddV4KyEZLF8
- EYPf2OpOz+QSYMcr0HXyjwn3/I0+Hmtsk6RhAiEmHwHxhVzS1hyB+Hnf8XiuUJDt
- wxckS4s2/ulJrJYXf22XP6TcfM4KGryw3SVDW4FGF4OB+aUkB5NAYAdBRHG0sGHG
- /UZ+Py6rHk4XfUOiMN8aSpIfV2LLT5W0bgEItPt3LfNu
+ AERxKokL4TF1mWv3yAJoAz5zTfNsLwNV79WLxcgmuUe63hDYnRzH2cSOTA+BTmll
+ k2KkHwNBlMFtMcrOal/PerEAu9SaUfz+1L2Hyklg/tQkIHr0rRSuPRcVhqubsVRk
+ iXa0cawq3+wu3ksyPEpH7tDT28U5VeTLpSN6DFumCjoDFbhyG/oTKRXHC1qYC7th
+ wewQcE2wQw/5cQaH5sIA4acZr7fdoFFfJqdPVxq5/NXLkgkOW3axA5BoMVNrJK4o
+ oRQIRoA8ooppJT6UQfvpnULtU6wkoY+EhZVWifJiYhgGfLgm0lFI18Q08vgIS8vE
+ P0rYPHufkQcCpUIG3nCob9OW35XQOvPrrXRQzFd41vvk2Zr9PpBAuse+URN3/iBI
+ KLLAsdRVqIW6m7DbAV5wQo7JOQz6aXGD7YIbZlNtRPB6fKFrIL7h+UvCPKWT+Vy1
+ 8iZcaTBBwDlvxMQp8s8wH+kKhNVTQJYfz4BWpMeJ+nQFsiKWxcENiKZq6962FqzD
+ xXPG083dBt2bAiounLvYjpUAFKA+SJe+DWoQurwr+p6z5GD3elqjBS+j+mBkh1qF
+ HL3T8ZO3jWz7fDR7OmWngSExn8bk+OovuWbR80+BYtu6zIC88wH6U8FSJNvEOG1q
+ oC7s5tgIZyTxq9/QSFEQ01wNqdJYXK7fqnkvj8KupJ3o
-----END CERTIFICATE-----
private_key: >
ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw
diff --git a/sitemodules/profiles/files/gitea/gitea.service b/sitemodules/profiles/files/gitea/gitea.service
new file mode 100644
index 0000000..7cbab55
--- /dev/null
+++ b/sitemodules/profiles/files/gitea/gitea.service
@@ -0,0 +1,18 @@
+[Unit]
+Description=Gitea (Git with a cup of tea)
+After=syslog.target network.target
+Before=nginx.service
+
+[Service]
+RestartSec=2s
+Type=simple
+User=git
+Group=git
+WorkingDirectory=/var/lib/gitea
+ExecStartPre=+/usr/bin/install --directory --mode=0750 --owner=git --group=www-data /run/gitea
+ExecStart=/usr/local/bin/gitea web -c /etc/gitea/app.ini
+Restart=always
+Environment=USER=git HOME=/var/lib/gitea GITEA_WORK_DIR=/var/lib/gitea
+
+[Install]
+WantedBy=multi-user.target
diff --git a/sitemodules/profiles/files/icinga2_external_commands/check_kernel_status.py b/sitemodules/profiles/files/icinga2_external_commands/check_kernel_status.py
new file mode 100644
index 0000000..9236c9a
--- /dev/null
+++ b/sitemodules/profiles/files/icinga2_external_commands/check_kernel_status.py
@@ -0,0 +1,66 @@
+#!/usr/bin/env python3
+
+from apt import cache
+import argparse
+import nagiosplugin
+import logging
+
+_log = logging.getLogger("nagiosplugin")
+
+
+def get_running_kernel_version() -> str:
+ with open("/proc/version", "r") as proc_version:
+ return proc_version.read().split()[2]
+
+
+def get_installed_kernels() -> list[str]:
+ try:
+ pkg_cache = cache.FilteredCache()
+ pkg_cache.set_filter(cache.InstalledFilter())
+ pkg_cache.open()
+
+ return [
+ v
+ for v in [
+ k.name[len("linux-image-") :]
+ for k in pkg_cache
+ if k.name.startswith("linux-image")
+ ]
+ if "-" in v
+ ]
+ finally:
+ pkg_cache.close()
+
+
+class VersionsContext(nagiosplugin.ScalarContext):
+ def evaluate(self, metric, resource):
+ installed = get_installed_kernels()
+ latest = sorted(installed)[-1]
+ _log.info("current kernel version is %s", metric.value)
+ _log.info("installed kernel versions: %s", ",".join(installed))
+ _log.info("latest kernel version: %s", latest)
+
+ if latest == metric.value:
+ return self.result_cls(nagiosplugin.Ok)
+
+ return self.result_cls(nagiosplugin.Critical)
+
+
+class KernelVersion(nagiosplugin.Resource):
+ def probe(self):
+ current = get_running_kernel_version()
+ return [nagiosplugin.Metric("kernel version", current)]
+
+
+def main():
+ argp = argparse.ArgumentParser()
+ argp.add_argument(
+ "-v", "--verbose", action="count", default=0, help="verbose output"
+ )
+ args = argp.parse_args()
+ check = nagiosplugin.Check(KernelVersion(), VersionsContext("kernel version"))
+ check.main(args.verbose)
+
+
+if __name__ == "__main__":
+ main()
diff --git a/sitemodules/profiles/files/icinga2_external_commands/check_ocsp b/sitemodules/profiles/files/icinga2_external_commands/check_ocsp
index be3f0f0..97885e2 100644
--- a/sitemodules/profiles/files/icinga2_external_commands/check_ocsp
+++ b/sitemodules/profiles/files/icinga2_external_commands/check_ocsp
@@ -93,38 +93,38 @@ case ${CLASS} in
;;
esac
+if [ ! -f "${ISSUER}" ]; then
+ echo "CRITICAL: issuer certificate file ${ISSUER} not found."
+ exit 2
+fi
+
TMP=$(mktemp)
ERR=${TMP}-err
trap 'rm -f ${TMP} ${ERR}' 0 1 2 3 15
-openssl ocsp -issuer "${ISSUER}" -serial "${SERIAL}" -CApath "${CAPATH}" -url "${RESPONDER}" >"${TMP}" 2>&1
-
-awk '
-NR == 1 {
- response = $0
- next
- }
-/This Update:/ {
- next
- }
-/Next Update:/ {
- next
- }
- {
- answer = answer " " $0;
- }
-END {
- if (response != "Response verify OK")
- exitcode = 2
- else
- exitcode = 0
- print response " " answer;
- exit(exitcode)
- }
-' "${TMP}"
-EXITCODE=$?
-rm -f "${TMP}"
-exit ${EXITCODE}
+if ! openssl ocsp -issuer "${ISSUER}" -serial "${SERIAL}" -CApath "${CAPATH}" -url "${RESPONDER}" -resp_text >"${TMP}" 2>&1; then
+ echo "CRITICAL: openssl ocsp command failed"
+ echo
+ echo "captured output:"
+ cat "${TMP}"
+ exit 2
+fi
+
+if grep -q "${SERIAL}: good" "${TMP}"; then
+ echo "OK: OCSP check successful, certificate OK"
+ exit 0
+fi
+
+if grep -q "${SERIAL}: revoked" "${TMP}"; then
+ echo "WARNING: OCSP check successful, certificate revoked"
+ exit 1
+fi
+
+echo "UNKNOWN: unexpected response"
+echo
+echo "captured output:"
+cat "${TMP}"
+exit 3
##Response Verify Failure
##17914:error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error:ocsp_vfy.c:122:Verify error:certificate has expired
diff --git a/sitemodules/profiles/files/icinga2_external_commands/ssl_cert-cacert-command.conf b/sitemodules/profiles/files/icinga2_external_commands/ssl_cert-cacert-command.conf
index 0b47607..f4c6ea0 100644
--- a/sitemodules/profiles/files/icinga2_external_commands/ssl_cert-cacert-command.conf
+++ b/sitemodules/profiles/files/icinga2_external_commands/ssl_cert-cacert-command.conf
@@ -210,8 +210,14 @@ object CheckCommand "ssl_cert_cacert" {
set_if = "$ssl_cert_ignore_sct$"
description = "Do not check for signed certificate timestamps (SCT)"
}
+ "--first-element-only" = {
+ set_if = "$ssl_cert_first_element_only$"
+ description = "Verify just the first cert element, not the whole chain"
+ }
}
vars.ssl_cert_address = "$check_address$"
+ vars.ssl_cert_rootssl_certs = "/etc/ssl/certs/ca-certificates.crt"
+ vars.ssl_cert_first_element_only = true
vars.ssl_cert_port = 443
}
diff --git a/sitemodules/profiles/files/icinga2_master/check_puppetdb_nodes b/sitemodules/profiles/files/icinga2_master/check_puppetdb_nodes
index 727a328..1145e4e 100644
--- a/sitemodules/profiles/files/icinga2_master/check_puppetdb_nodes
+++ b/sitemodules/profiles/files/icinga2_master/check_puppetdb_nodes
@@ -1,253 +1,277 @@
-#!/usr/bin/perl
-
-# Copyright (c) 2014, Evgeni Golov
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without modification,
-# are permitted provided that the following conditions are met:
-#
-# * Redistributions of source code must retain the above copyright notice, this
-# list of conditions and the following disclaimer.
-#
-# * Redistributions in binary form must reproduce the above copyright notice, this
-# list of conditions and the following disclaimer in the documentation and/or
-# other materials provided with the distribution.
-#
-# * Neither the name of the {organization} nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
-# ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
-# ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-use strict;
-use warnings;
-use JSON;
-use LWP;
-use Monitoring::Plugin;
-use Date::Parse;
-
-my $np = Monitoring::Plugin->new(
- usage => "Usage: %s [ -H|--hostname=<hostname>] "
- . "[ -p|--port=<port> ] [-s] [ -w|--warning=<minutes> ] "
- . "[ -c|--critical=<minutes> ] [ -W|--warnfails=<num> ] "
- . "[ -C|--critfails=<num> ] [ -n|--node=<node> ]"
- . "[ -a|--apiversion=<num> ]"
- . "[ -i|--ignore=<list> ]",
- shortname => 'Check last node runs from PuppetDB',
- url => 'https://github.com/evgeni/check_puppetdb_nodes',
- version => '1.0',
- license => 'This plugin is free software, and comes with ABSOLUTELY
-NO WARRANTY. It may be used, redistributed and/or modified under
-the terms of the BSD 3-clause license.',
-);
-
-$np->add_arg(
- spec => 'warning|w=i',
- help => "Exit with WARNING status if nodes did not update for "
- . "more than INTEGER minutes (default: %s)",
- default => 120,
-);
-
-$np->add_arg(
- spec => 'critical|c=i',
- help => "Exit with CRITICAL status if nodes did not update for "
- . "more than INTEGER minutes (default: %s)",
- default => 1440,
-);
-
-$np->add_arg(
- spec => 'warnfails|W=i',
- help => "Exit with WARNING status if nodes had at least INTEGER "
- . "failures in the last run (default: %s)",
- default => 1,
-);
-
-$np->add_arg(
- spec => 'critfails|C=i',
- help => "Exit with CRITICAL status if nodes had at least INTEGER "
- . "failures in the last run (default: %s)",
- default => 1,
-);
-
-$np->add_arg(
- spec => 'hostname|H=s',
- help => 'Hostname of the PuppetDB (default: %s)',
- default => 'localhost',
-);
-
-$np->add_arg(
- spec => 'port|p=i',
- help => 'Port PuppetDB is running on (default: %s)',
- default => 8080,
-);
-
-$np->add_arg(
- spec => 'node|n=s',
- help => 'Node name to check, if not given, all nodes will be checked',
-);
-
-$np->add_arg(
- spec => 'ssl|s',
- help => "Use HTTPS instead of HTTP",
-);
-
-$np->add_arg(
- spec => 'insecure|k',
- help => "Allow connections via HTTPS without checking certificates",
-);
-
-$np->add_arg(
- spec => 'apiversion|a=n',
- help => 'Specify PupppetDB API version (default: %s)',
- default => 3,
-);
-
-$np->add_arg(
- spec => 'ignore|i=s',
- help => 'Node names to ignore (comma-separated list) (default: %s)',
- default => '',
-);
-
-$np->getopts;
-
-my %apiurls = (
- 3 => { 'nodes' => 'v3/nodes', 'event-counts' => 'v3/event-counts' },
- 4 => { 'nodes' => 'pdb/query/v4/nodes', 'event-counts' => 'pdb/query/v4/event-counts', 'logs' => 'pdb/query/v4/reports/{hash}/logs' },
-);
-if ( !exists $apiurls{$np->opts->apiversion} ) {
- $np->nagios_exit( 'UNKNOWN', 'Unsupported PuppetDB API version ' . $np->opts->apiversion );
+#!/usr/bin/env python3
+"""Nagios/Icinga plugin to check puppetdb status of a node."""
+
+import argparse
+import logging
+from datetime import datetime
+from urllib.parse import urljoin
+
+import nagiosplugin
+import requests
+
+_log = logging.getLogger("check_puppetdb_nodes")
+
+api_urls = {
+ 3: {"nodes": "v3/nodes", "event-counts": "v3/event-counts"},
+ 4: {
+ "nodes": "pdb/query/v4/nodes",
+ "event-counts": "pdb/query/v4/event-counts",
+ "logs": "pdb/query/v4/reports/{hash}/logs",
+ },
}
-my @ignore_list = split( ',', $np->opts->ignore );
-my $url = sprintf( 'http%s://%s:%d/',
- defined( $np->opts->ssl ) ? 's' : '',
- $np->opts->hostname, $np->opts->port );
+class BoolContext(nagiosplugin.Context):
+ def evaluate(self, metric, resource):
+ if metric != 0:
+ return self.result_cls(nagiosplugin.Critical, metric)
-my $ua = new LWP::UserAgent;
-$ua->default_header( 'Accept' => 'application/json' );
-if ( defined( $np->opts->insecure ) ) {
- $ua->ssl_opts( verify_hostname => 0 ,SSL_verify_mode => 0x00);
-}
-my %parameters = ();
-if ( defined( $np->opts->node ) ) {
- %parameters = ( 'query' => '["=","certname","' . $np->opts->node . '"]' );
-}
-my $uri = URI->new( $url . $apiurls{$np->opts->apiversion}{'nodes'} );
-$uri->query_form(%parameters);
-my $response = $ua->get($uri);
+class PuppetDBReport(nagiosplugin.Resource):
+ """Domain model: last report for node.
-if ( !$response->is_success ) {
- $np->nagios_exit( 'UNKNOWN',
- $response->code . ": " . $response->status_line );
-}
+ Determines the age of the last puppetdb report for the given node.
+ """
-my $data = decode_json( $response->decoded_content );
+ def __init__(self, api_client, node_name, ignored):
+ self.api_client = api_client
+ self.node_name = node_name
+ self.ignored = ignored or []
-my $now = time();
+ def probe(self):
+ node_info = self.api_client.fetch_node_information(self.node_name)
-if ( defined( $np->opts->node ) and !@$data ) {
- $np->add_message( CRITICAL,
- $np->opts->node . " not found in puppetdb\n" );
-}
+ for node in node_info:
+ if "certname" in node:
+ certname = node["certname"]
+ else:
+ certname = node["name"]
+ deactivated = node["deactivated"]
+ catalog_timestamp = node["catalog_timestamp"]
+ report_hash = node["latest_report_hash"]
+ ts = datetime.strptime(catalog_timestamp, "%Y-%m-%dT%H:%M:%S.%fZ")
+ delta = datetime.utcnow() - ts
-foreach my $node (@$data) {
- my $certname = defined($node->{'certname'}) ? $node->{'certname'} : $node->{'name'} ;
- my $deactivated = $node->{'deactivated'};
- my $catalog_timestamp = $node->{'catalog_timestamp'};
- my $report_hash = $node->{'latest_report_hash'};
- my $ts = str2time($catalog_timestamp);
-
- next if grep { $certname eq $_ } @ignore_list;
-
- if ( !defined $deactivated and ( !length $catalog_timestamp or !length $report_hash )) {
- $np->add_message( CRITICAL,
- "$certname last run UNAVAILABLE\n" );
- }
- if ( !defined $deactivated and length $catalog_timestamp and $report_hash) {
- my $delta = ( $now - $ts );
- if ( $delta > ( $np->opts->critical * 60 ) ) {
- $np->add_message( CRITICAL,
- "$certname did not update since $catalog_timestamp\n" );
- }
- elsif ( $delta > ( $np->opts->warning * 60 ) ) {
- $np->add_message( WARNING,
- "$certname did not update since $catalog_timestamp\n" );
- }
-
- my %apiparameters = (
- 3 => {
- 'query' => '["and",["=","certname","'
- . $certname
- . '"],["=","latest-report?",true]]',
- 'summarize-by' => 'certname',
- 'count-by' => 'resource',
- },
- 4 => {
- 'query' => '["and",["=","certname","'
- . $certname
- . '"],["=","latest_report?",true]]',
- 'summarize_by' => 'certname',
- 'count_by' => 'resource',
- }
- );
- my $uri = URI->new( $url . $apiurls{$np->opts->apiversion}{'event-counts'} );
- $uri->query_form($apiparameters{$np->opts->apiversion});
- $response = $ua->get($uri);
-
- if ( $response->is_success ) {
- my $node_data = decode_json( $response->decoded_content );
-
- my $failures = 0;
- if ( defined( @$node_data[0] )
- and defined( @$node_data[0]->{'failures'} ) )
- {
- $failures = @$node_data[0]->{'failures'};
- }
+ if deactivated:
+ yield nagiosplugin.Metric(f"missing-{certname}", 1, min=0)
+ continue
- if ( $failures >= $np->opts->critfails ) {
- $np->add_message( CRITICAL,
- "$certname had $failures failures in the last run\n" );
- }
- elsif ( $failures >= $np->opts->warnfails ) {
- $np->add_message( WARNING,
- "$certname had $failures failures in the last run\n" );
- }
- elsif ( exists $apiurls{$np->opts->apiversion}{'logs'} ) {
- my $apiurl = $apiurls{$np->opts->apiversion}{'logs'};
- $apiurl =~ s/{hash}/$report_hash/;
- $uri = URI->new( $url . $apiurl );
- $response = $ua->get($uri);
- if ( $response->is_success ) {
- my $logs = decode_json( $response->decoded_content );
- foreach my $log (@$logs) {
- my $tags = $log->{'tags'};
- if ( grep(/^err$/, @$tags) ) {
- $np->add_message( WARNING, "$certname, $log->{'message'}" );
- }
- }
- }
- }
+ if certname in self.ignored:
+ continue
- } else {
- $np->nagios_exit( 'UNKNOWN', 'Unsupported query ' . $response->decoded_content);
- }
+ yield nagiosplugin.Metric(
+ f"last-{certname}", round(delta.total_seconds()), "s", min=0
+ )
- }
-}
+ failures = self.api_client.fetch_failure_report(certname, report_hash)
+ yield nagiosplugin.Metric(f"failed-{certname}", failures, min=0)
+
+
+def comma_separated(string):
+ result = []
+ for part in [item.trim for item in string.split(",")]:
+ if len(part) > 0:
+ result.append(part)
+ return result
-my $code;
-my $message;
-( $code, $message ) = $np->check_messages;
-$np->nagios_exit( $code, $message );
+class PuppetDBClient:
+ def __init__(self, hostname, port, tls, insecure, roots, api_version):
+ scheme = tls and "https" or "http"
+ self.base_url = f"{scheme}://{hostname}:{port}/"
+ self.allow_insecure = insecure
+ self.use_roots = roots
+ self.api_version = api_version
+
+ self.client = requests.Session()
+ self.client.headers = {"Accept": "application/json"}
+ self.node_info = []
+
+ def fetch_node_information(self, node_name):
+ if self.node_info:
+ return self.node_info
+
+ url = urljoin(self.base_url, api_urls[self.api_version]["nodes"])
+ if node_name:
+ r = self.client.get(
+ url, params={"query": f'["=","certname","{node_name}"]'}
+ )
+ else:
+ r = self.client.get(url)
+
+ r.raise_for_status()
+
+ self.node_info = r.json()
+
+ return self.node_info
+
+ def fetch_failure_report(self, cert_name, report_hash):
+ url = urljoin(self.base_url, api_urls[self.api_version]["event-counts"])
+
+ if self.api_version == 3:
+ query_args = {
+ "query": f'["and",["=","certname","{cert_name}"],["=","latest-report?",true]]',
+ "summarize-by": "certname",
+ "count-by": "resource",
+ }
+ else:
+ query_args = {
+ "query": f'["and",["=","certname","{cert_name}"],["=","latest_report?",true]]',
+ "summarize_by": "certname",
+ "count_by": "resource",
+ }
+
+ r = self.client.get(url, params=query_args)
+
+ r.raise_for_status()
+
+ report = r.json()
+
+ failures = 0
+
+ if report and "failures" in report[0]:
+ failures += report[0]["failures"]
+
+ if "logs" in api_urls[self.api_version]:
+ url = urljoin(self.base_url, api_urls[self.api_version]["logs"]).format(
+ hash=report_hash
+ )
+ self.client.get(url)
+
+ r.raise_for_status()
+
+ logs = r.json()
+
+ for log in logs:
+ if "tags" in log and "err" in log["tags"]:
+ failures += 1
+
+ return failures
+
+ def get_cert_names(self, node_name):
+ result = []
+
+ for node in self.fetch_node_information(node_name):
+ if "certname" in node:
+ result.append(node["certname"])
+ else:
+ result.append(node["name"])
+
+ return sorted(result)
+
+
+@nagiosplugin.guarded
+def main():
+ argp = argparse.ArgumentParser(description=__doc__)
+
+ argp.add_argument(
+ "-w",
+ "--warning",
+ type=int,
+ default=120,
+ help="Exit with WARNING status if nodes did not update for more then given minutes",
+ )
+ argp.add_argument(
+ "-c",
+ "--critical",
+ type=int,
+ default=1440,
+ help="Exit with CRITICAL status if nodes did not update for more then given minutes",
+ )
+ argp.add_argument(
+ "-W",
+ "--warnfails",
+ type=int,
+ default=1,
+ help="Exit with WARNING status if nodes had at least the given number of failures in the last run",
+ )
+ argp.add_argument(
+ "-C",
+ "--critfails",
+ type=int,
+ default=1,
+ help="Exit with CRITICAL status if nodes had at least the given number of failures in the last run",
+ )
+ argp.add_argument(
+ "-H",
+ "--hostname",
+ type=str,
+ default="localhost",
+ help="Hostname of the PuppetDB",
+ )
+ argp.add_argument(
+ "-p", "--port", type=int, default=8080, help="Port PuppetDB is running on"
+ )
+ argp.add_argument(
+ "-n",
+ "--node",
+ type=str,
+ help="Node name to check, if not given, all nodes will be checked",
+ )
+ argp.add_argument(
+ "-t",
+ "--tls",
+ action="store_true",
+ help="Use HTTPS instead of HTTP",
+ )
+ argp.add_argument(
+ "-k",
+ "--insecure",
+ action="store_true",
+ help="Allow connections via HTTPS without checking certificates",
+ )
+ argp.add_argument(
+ "-r",
+ "--roots",
+ type=str,
+ help="Use the given root certificate file for certificate validation",
+ )
+ argp.add_argument(
+ "-a",
+ "--apiversion",
+ dest="api_version",
+ type=int,
+ default=4,
+ choices=api_urls.keys(),
+ help="Specify PuppetDB API version",
+ )
+ argp.add_argument(
+ "-i",
+ "--ignore",
+ type=comma_separated,
+ help="Node names to ignore (comma-separated list)",
+ )
+ argp.add_argument(
+ "-v",
+ "--verbose",
+ action="count",
+ default=0,
+ help="increase output verbosity (use up to 3 times)",
+ )
+
+ args = argp.parse_args()
+
+ api_client = PuppetDBClient(
+ args.hostname, args.port, args.tls, args.insecure, args.roots, args.api_version
+ )
+
+ check = nagiosplugin.Check(PuppetDBReport(api_client, args.node, args.ignore))
+
+ for certname in api_client.get_cert_names(args.node):
+ check.add(BoolContext(f"missing-{certname}"))
+ check.add(
+ nagiosplugin.ScalarContext(
+ f"last-{certname}", args.warning * 60, args.critical * 60
+ )
+ )
+ check.add(
+ nagiosplugin.ScalarContext(
+ f"failed-{certname}", f"@{args.warnfails}:", f"@{args.critfails}:"
+ )
+ )
+
+ check.main(verbose=args.verbose)
+
+
+if __name__ == "__main__":
+ main()
diff --git a/sitemodules/profiles/files/icinga2_master/icinga2-git-pull-hook b/sitemodules/profiles/files/icinga2_master/icinga2-git-pull-hook
index a0d3711..c786017 100644
--- a/sitemodules/profiles/files/icinga2_master/icinga2-git-pull-hook
+++ b/sitemodules/profiles/files/icinga2_master/icinga2-git-pull-hook
@@ -88,6 +88,17 @@ class GitHookRequestHandler(BaseHTTPRequestHandler):
self.wfile.write(("%s\r\n" % message).encode("UTF-8"))
def _handle_pull(self):
+ args = [
+ "sshpass",
+ "-e",
+ "-P",
+ "passphrase",
+ "git",
+ "pull",
+ GIT_REPOSITORY,
+ GIT_BRANCH,
+ ]
+ self.log.info("running '%s'", " ".join(args))
try:
git_proc = subprocess.run(
[
@@ -96,15 +107,12 @@ class GitHookRequestHandler(BaseHTTPRequestHandler):
"-P",
"passphrase",
"git",
- "subtree",
"pull",
- "--prefix",
- "icinga2/conf.d",
GIT_REPOSITORY,
GIT_BRANCH,
],
env=ENV_FOR_GIT,
- cwd="/etc",
+ cwd=GIT_DIRECTORY,
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT,
check=True,
diff --git a/sitemodules/profiles/manifests/base.pp b/sitemodules/profiles/manifests/base.pp
index 719fe21..ff3d9e4 100644
--- a/sitemodules/profiles/manifests/base.pp
+++ b/sitemodules/profiles/manifests/base.pp
@@ -14,9 +14,7 @@
#
# @param rootalias alias that gets emails for root
#
-# @param crl_job_enable whether to setup the hourly CRL update job
-#
-# @param crl_job_services which services to reload after the CRL update
+# @param crl_job configure the hourly CRL update job
#
# @param is_external whether the node is outside of CAcert infrastructure
#
@@ -36,15 +34,21 @@
# Copyright
# ---------
#
-# Copyright 2016-2021 Jan Dittberner
+# Copyright 2016-2022 Jan Dittberner
#
class profiles::base (
- Array[String] $admins = [],
- Hash[String, Data] $users = {},
- String $rootalias = "${trusted['certname']}-admin@cacert.org",
- Boolean $crl_job_enable = false,
- Array[String] $crl_job_services = [],
- Boolean $is_external = false,
+ Array[String] $admins = [],
+ Hash[String, Data] $users = {},
+ String $rootalias = "${trusted['certname']}-admin@cacert.org",
+ Hash[String, Data] $crl_job = {
+ 'enable' => false,
+ 'hostname' => $trusted['certname'],
+ 'services' => [],
+ 'check_url' => 'https://monitor.infra.cacert.org:5665/v1/actions/process-check-result',
+ 'api_user' => '',
+ 'api_password' => '',
+ },
+ Boolean $is_external = false,
) {
# ensure admin users for this container
$admins.each |String $username| {
@@ -99,18 +103,37 @@ class profiles::base (
source => 'puppet:///modules/profiles/base/apt_periodic.conf',
}
- package { ['lsb-release', 'distro-info-data', 'sudo']:
+ package { ['lsb-release', 'distro-info-data']:
ensure => present,
}
+ class { 'sudo':
+ config_file_replace => false,
+ }
package { ['zsh', 'tmux', 'less', 'vim-nox']:
ensure => latest,
}
+ if $facts['virtual'] == 'lxc' {
+ file { '/etc/network/interfaces':
+ ensure => file,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ content => "auto lo\niface lo inet loopback\n",
+ }
+ }
+
Package['zsh'] -> User <| |>
- package { ['aptitude', 'apticron']:
- ensure => purged,
+ if !$is_external {
+ package { ['aptitude', 'apticron', 'isc-dhcp-client']:
+ ensure => purged,
+ }
+ } else {
+ package { ['aptitude', 'apticron']:
+ ensure => purged,
+ }
}
file { '/etc/zsh/newuser.zshrc.recommended':
@@ -153,10 +176,21 @@ class profiles::base (
repos => 'main',
release => "${::lsbdistcodename}-updates",
}
- apt::source { "security.debian.org-${::lsbdistcodename}-security":
- location => 'http://security.debian.org/debian-security',
- repos => 'main',
- release => "${::lsbdistcodename}/updates",
+
+ $os_major = Integer($facts['os']['release']['major'])
+
+ if $os_major < 11 {
+ apt::source { "security.debian.org-${::lsbdistcodename}-security":
+ location => 'http://security.debian.org/debian-security',
+ repos => 'main',
+ release => "${::lsbdistcodename}/updates",
+ }
+ } else {
+ apt::source { "security.debian.org-${::lsbdistcodename}-security":
+ location => 'http://security.debian.org/',
+ repos => 'main',
+ release => "${::lsbdistcodename}-security",
+ }
}
apt::source { "ftp.nl.debian.org-${::lsbdistcodename}-backports":
location => 'http://ftp.nl.debian.org/debian',
@@ -197,23 +231,42 @@ class profiles::base (
recipient => $rootalias,
}
- package { ['ca-certificates', 'ca-cacert']:
+ package { 'ca-certificates':
ensure => installed,
}
- file { '/usr/local/share/ca-certificates/cacert_class3_2021.crt':
+ $cacert_class1_file = '/usr/local/share/ca-certificates/cacert_class1_X0F.crt'
+ $cacert_class3_file = '/usr/local/share/ca-certificates/cacert_class3_2021.crt'
+
+ file { $cacert_class1_file:
+ ensure => file,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ source => 'puppet:///modules/profiles/base/cacert_class1_X0F.crt',
+ require => Package['ca-certificates'],
+ }
+
+ file { $cacert_class3_file:
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
source => 'puppet:///modules/profiles/base/cacert_class3_2021.crt',
require => Package['ca-certificates'],
- } ~>
+ }
+
exec { '/usr/sbin/update-ca-certificates':
- require => Package['ca-certificates'],
+ require => Package['ca-certificates'],
+ refreshonly => true,
+ subscribe => [File[$cacert_class1_file], File[$cacert_class3_file]],
}
- if ($crl_job_enable) {
+ if ($crl_job['enable']) {
+ package { 'python3-requests':
+ ensure => installed,
+ }
+
file { '/var/local/ssl':
ensure => directory,
owner => 'root',
@@ -236,12 +289,20 @@ class profiles::base (
mode => '0755',
content => epp(
'profiles/base/update-crls.epp',
- { 'services' => $crl_job_services }),
+ {
+ 'services' => $crl_job['services'],
+ 'check_url' => $crl_job['check_url'],
+ 'api_user' => $crl_job['api_user'],
+ 'api_password' => $crl_job['api_password'],
+ 'hostname' => $crl_job['hostname'],
+ },
+ ),
require => [
Package['ca-certificates'],
- Package['ca-cacert'],
+ Package['python3-requests'],
File['/var/local/ssl/crls'],
- File['/usr/local/share/ca-certificates/cacert_class3_2021.crt']
+ File[$cacert_class1_file],
+ File[$cacert_class3_file]
],
}
} else {
diff --git a/sitemodules/profiles/manifests/gitea.pp b/sitemodules/profiles/manifests/gitea.pp
new file mode 100644
index 0000000..7ae1576
--- /dev/null
+++ b/sitemodules/profiles/manifests/gitea.pp
@@ -0,0 +1,162 @@
+# Class: profiles::gitea
+#
+# This class installs and configures a Gitea server.
+#
+# Parameters
+# ----------
+#
+# @param database_host PostgreSQL database host name
+#
+# @param database_name PostgreSQL database name
+#
+# @param database_password PostgreSQL database password
+#
+# @param database_port PostgreSQL database port
+#
+# @param database_ssl_mode PostgreSQL database connection ssl mode
+#
+# @param database_user PostgreSQL database user name
+#
+# @param gitea_fqdn Gitea host name
+#
+# @param gitea_socket Gitea Unix domain socket path
+#
+# Examples
+# --------
+#
+# @example
+# class roles::myhost {
+# include profiles::gitea
+# }
+#
+# Authors
+# -------
+#
+# Jan Dittberner <jandd@cacert.org>
+#
+# Copyright
+# ---------
+#
+# Copyright 2022 Jan Dittberner
+#
+class profiles::gitea (
+ String $database_password,
+ String $database_host = 'pgsql',
+ Integer $database_port = 5432,
+ String $database_name = 'gitea',
+ String $database_user = 'gitea',
+ String $database_ssl_mode = 'require',
+ String $gitea_fqdn = 'code.cacert.org',
+ String $gitea_socket = '/run/gitea/gitea.sock',
+) {
+ $gitea_version = '1.18.0'
+ $gitea_checksum = 'b45b715d519a97086208c6b42528d291dd1c4dfdf40321dc940030e1cf3de6e6'
+ $gitea_url = "https://dl.gitea.io/gitea/${gitea_version}/gitea-${gitea_version}-linux-amd64"
+ $gitea_service = '/etc/systemd/system/gitea.service'
+
+ include profiles::systemd_reload
+ include profiles::x509cert_common
+
+ package { 'git':
+ ensure => installed,
+ }
+
+ user { 'git':
+ comment => 'Gitea user',
+ home => '/var/lib/gitea',
+ system => true,
+ }
+
+ file { [
+ '/etc/gitea', '/var/lib/gitea', '/var/lib/gitea/data',
+ '/var/lib/gitea/repositories', '/var/lib/gitea/data/lfs', '/var/log/gitea',
+ ]:
+ ensure => directory,
+ owner => 'git',
+ group => 'git',
+ mode => '0750',
+ }
+
+ file { '/var/lib/gitea/.ssh':
+ ensure => directory,
+ owner => 'git',
+ group => 'git',
+ mode => '0700',
+ }
+
+ file { '/usr/local/bin/gitea':
+ ensure => file,
+ source => $gitea_url,
+ checksum => 'sha256',
+ checksum_value => $gitea_checksum,
+ owner => 'root',
+ group => 'git',
+ mode => '0750',
+ }
+
+ file { '/etc/gitea/app.ini':
+ ensure => file,
+ owner => 'git',
+ group => 'git',
+ mode => '0640',
+ content => epp('profiles/gitea/app.ini.epp', {
+ database_host => $database_host,
+ database_port => $database_port,
+ database_ssl_mode => $database_ssl_mode,
+ database_name => $database_name,
+ database_user => $database_user,
+ database_password => $database_password,
+ gitea_fqdn => $gitea_fqdn,
+ gitea_socket => $gitea_socket,
+ gitea_user => 'git',
+ }),
+ }
+
+ file { $gitea_service:
+ ensure => file,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ source => 'puppet:///modules/profiles/gitea/gitea.service',
+ notify => Exec['reload systemd configuration'],
+ }
+
+ service { 'gitea':
+ ensure => running,
+ enable => true,
+ require => [
+ User['git'],
+ ],
+ subscribe => [
+ File[$gitea_service],
+ File['/etc/gitea/app.ini'],
+ ],
+ }
+
+ file { '/etc/nginx':
+ ensure => directory,
+ owner => 'root',
+ group => 'root',
+ mode => '0755',
+ } -> file { '/etc/nginx/nginx.conf':
+ ensure => file,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ content => epp('profiles/gitea/nginx.conf.epp',
+ {
+ hostname => $gitea_fqdn,
+ gitea_socket => $gitea_socket,
+ }
+ ),
+ require => [
+ Concat["/etc/ssl/public/${gitea_fqdn}.chain.pem"],
+ File["/etc/ssl/private/${gitea_fqdn}.key.pem"],
+ ],
+ } -> package { 'nginx-light':
+ ensure => present,
+ } -> service { 'nginx':
+ ensure => running,
+ enable => true,
+ }
+}
diff --git a/sitemodules/profiles/manifests/icinga2_common.pp b/sitemodules/profiles/manifests/icinga2_common.pp
index e0c204a..66c946f 100644
--- a/sitemodules/profiles/manifests/icinga2_common.pp
+++ b/sitemodules/profiles/manifests/icinga2_common.pp
@@ -19,7 +19,7 @@
# Copyright
# ---------
#
-# Copyright 2019-2021 Jan Dittberner
+# Copyright 2019-2022 Jan Dittberner
class profiles::icinga2_common (
) {
include profiles::icinga2_certificates
@@ -47,4 +47,27 @@ class profiles::icinga2_common (
ensure => latest,
}
}
+
+ file { ['/usr/local/lib/nagios', '/usr/local/lib/nagios/plugins']:
+ ensure => directory,
+ owner => 'root',
+ group => 'staff',
+ mode => '0755',
+ }
+
+ if Integer($facts['os']['release']['major']) >= 9 {
+ package { ['python3-nagiosplugin', 'python3-apt' ]:
+ ensure => present,
+ }
+ }
+
+ if $facts['virtual'] in ['physical', 'kvm'] {
+ file { '/usr/local/lib/nagios/plugins/check_kernel_status':
+ ensure => file,
+ owner => 'root',
+ group => 'staff',
+ mode => '0755',
+ source => 'puppet:///modules/profiles/icinga2_external_commands/check_kernel_status.py',
+ }
+ }
}
diff --git a/sitemodules/profiles/manifests/icinga2_master.pp b/sitemodules/profiles/manifests/icinga2_master.pp
index e8f4968..221a3cb 100644
--- a/sitemodules/profiles/manifests/icinga2_master.pp
+++ b/sitemodules/profiles/manifests/icinga2_master.pp
@@ -50,7 +50,7 @@
# Copyright
# ---------
#
-# Copyright 2019-2021 Jan Dittberner
+# Copyright 2019-2022 Jan Dittberner
class profiles::icinga2_master (
String $ido_database_password,
String $web2_database_password,
@@ -69,7 +69,7 @@ class profiles::icinga2_master (
include profiles::systemd_reload
include postgresql::server
- class { '::icinga2':
+ class { 'icinga2':
manage_repo => false,
features => ['mainlog', 'checker', 'notification'],
constants => {
@@ -78,7 +78,7 @@ class profiles::icinga2_master (
},
}
- class { '::icinga2::pki::ca':
+ class { 'icinga2::pki::ca':
ca_cert => $ca_certificate,
ca_key => $ca_key,
}
@@ -88,7 +88,7 @@ class profiles::icinga2_master (
password => postgresql_password('icinga2', $ido_database_password),
}
- class { '::icinga2::feature::idopgsql':
+ class { 'icinga2::feature::idopgsql':
user => 'icinga2',
password => $ido_database_password,
database => 'icinga2',
@@ -96,7 +96,7 @@ class profiles::icinga2_master (
require => Postgresql::Server::Db['icinga2'],
}
- class { '::icinga2::feature::api':
+ class { 'icinga2::feature::api':
pki => 'none',
}
@@ -123,7 +123,7 @@ class profiles::icinga2_master (
),
}
- class { '::icingaweb2':
+ class { 'icingaweb2':
manage_repo => false,
import_schema => true,
db_type => 'pgsql',
@@ -134,7 +134,7 @@ class profiles::icinga2_master (
require => Postgresql::Server::Db['icingaweb2'],
}
- class { '::icingaweb2::module::monitoring':
+ class { 'icingaweb2::module::monitoring':
ido_type => 'pgsql',
ido_host => 'localhost',
ido_port => 5432,
@@ -146,19 +146,19 @@ class profiles::icinga2_master (
transport => 'api',
username => 'root',
password => $api_users['root']['password'],
- }
- }
+ },
+ },
}
icingaweb2::config::authmethod { 'external-authentication':
backend => 'external',
- require => Class['::icingaweb2'],
+ require => Class['icingaweb2'],
}
icingaweb2::config::role { 'admin':
users => join($icingaweb_admins, ','),
permissions => '*',
- require => Class['::icingaweb2'],
+ require => Class['icingaweb2'],
}
package { ['sshpass', 'git']:
@@ -206,14 +206,7 @@ class profiles::icinga2_master (
notify => Exec['reload systemd configuration'],
}
- file { '/usr/local/lib/nagios-plugins':
- ensure => directory,
- owner => 'root',
- group => 'staff',
- mode => '0755'
- }
-
- file { '/usr/local/lib/nagios-plugins/check_puppetdb_nodes':
+ file { '/usr/local/lib/nagios/plugins/check_puppetdb_nodes':
ensure => file,
owner => 'root',
group => 'staff',
@@ -221,6 +214,19 @@ class profiles::icinga2_master (
source => 'puppet:///modules/profiles/icinga2_master/check_puppetdb_nodes',
}
+ package {['rsync', 'python3-cryptography']:
+ ensure => present,
+ }
+
+ file { '/usr/local/lib/nagios/plugins/check_cacert_crl':
+ ensure => file,
+ owner => 'root',
+ group => 'root',
+ mode => '0755',
+ source => 'puppet:///modules/profiles/icinga2_external_commands/cacert_check_crl.py',
+ require => [Package['rsync'], Package['python3-nagiosplugin'], Package['python3-cryptography']],
+ }
+
service { 'icinga2-git-pull-hook':
ensure => running,
enable => true,
@@ -231,7 +237,7 @@ class profiles::icinga2_master (
],
}
- include ::icinga2
+ include icinga2
file { '/etc/icinga2/zones.d/global-templates':
ensure => directory,
@@ -262,12 +268,38 @@ class profiles::icinga2_master (
target => '/etc/icinga2/zones.d/global-templates/ocsp-command.conf',
}
::icinga2::object::checkcommand { 'cacert_crl':
- ensure => present,
- command => [
+ ensure => present,
+ command => [
'/usr/local/lib/nagios/plugins/check_cacert_crl',
],
+ arguments => {
+ '--rsync-url' => {
+ 'value' => '$cacert_crl_rsync_url$',
+ 'description' => 'rsync URL to check',
+ },
+ '--warning-last-age' => {
+ 'value' => '$cacert_crl_warning_last_age$',
+ 'description' => 'warning if last age is more than that many minutes',
+ },
+ '--critical-last-age' => {
+ 'value' => '$cacert_crl_critical_last_age$',
+ 'description' => 'critical if last age is more than that many minutes',
+ },
+ },
+ vars => {
+ 'cacert_crl_rsync_url' => 'rsync://crl.cacert.org/crl/',
+ 'cacert_crl_warning_last_age' => '1500', # 25h
+ 'cacert_crl_critical_last_age' => '2160', # 36h
+ },
target => '/etc/icinga2/zones.d/global-templates/cacert_crl-command.conf',
}
+ ::icinga2::object::checkcommand { 'kernel_status':
+ ensure => present,
+ command => [
+ '/usr/local/lib/nagios/plugins/check_kernel_status',
+ ],
+ target => '/etc/icinga2/zones.d/global-templates/kernel-status-command.conf',
+ }
file { '/etc/icinga2/zones.d/global-templates/ssl_cert-cacert-command.conf':
ensure => file,
diff --git a/sitemodules/profiles/manifests/icinga2_satellite.pp b/sitemodules/profiles/manifests/icinga2_satellite.pp
index 82ff7f7..5c6df6f 100644
--- a/sitemodules/profiles/manifests/icinga2_satellite.pp
+++ b/sitemodules/profiles/manifests/icinga2_satellite.pp
@@ -24,27 +24,28 @@
# Copyright
# ---------
#
-# Copyright 2021 Jan Dittberner
+# Copyright 2021-2022 Jan Dittberner
class profiles::icinga2_satellite {
include 'profiles::icinga2_common'
include 'profiles::icinga2_agent'
- file { ['/usr/local/lib/nagios', '/usr/local/lib/nagios/plugins']:
- ensure => directory,
- owner => 'root',
- group => 'root',
- mode => '0755',
- }
+ $cacert_class1_file = '/usr/local/share/ca-certificates/cacert_class1_X0F.crt'
+ $cacert_class3_file = '/usr/local/share/ca-certificates/cacert_class3_2021.crt'
+
file { '/usr/local/lib/nagios/plugins/check_ocsp':
ensure => file,
owner => 'root',
group => 'root',
mode => '0755',
source => 'puppet:///modules/profiles/icinga2_external_commands/check_ocsp',
- require => Package['ca-cacert'],
+ require => [
+ Package['ca-certificates'],
+ File[$cacert_class1_file],
+ File[$cacert_class3_file]
+ ],
}
- package {['rsync', 'python3-nagiosplugin', 'python3-cryptography']:
+ package {['rsync', 'python3-cryptography']:
ensure => present,
}
diff --git a/sitemodules/profiles/manifests/pootle.pp b/sitemodules/profiles/manifests/pootle.pp
index 7bf6a90..0d724d3 100644
--- a/sitemodules/profiles/manifests/pootle.pp
+++ b/sitemodules/profiles/manifests/pootle.pp
@@ -45,9 +45,6 @@ class profiles::pootle {
gid => 200,
system => true,
}
- class { 'sudo':
- config_file_replace => false,
- }
file { '/usr/local/bin/pootle-update':
ensure => file,
source => 'puppet:///modules/profiles/pootle/pootle-update',
diff --git a/sitemodules/profiles/manifests/wordpress.pp b/sitemodules/profiles/manifests/wordpress.pp
index f38eee7..1047188 100644
--- a/sitemodules/profiles/manifests/wordpress.pp
+++ b/sitemodules/profiles/manifests/wordpress.pp
@@ -33,7 +33,6 @@ class profiles::wordpress (
) {
include profiles::x509cert_common
- $server_cert = "/etc/ssl/public/${external_name}.crt.pem"
$server_key = "/etc/ssl/private/${external_name}.key.pem"
$server_chain = "/etc/ssl/public/${external_name}.chain.pem"
$client_ca_certificates = "/etc/ssl/public/${external_name}_client_cas.pem"
@@ -52,7 +51,6 @@ class profiles::wordpress (
mode => '0644',
content => epp('profiles/wordpress/wordpress-ssl.conf.epp', {
server_name => $external_name,
- server_cert => $server_cert,
server_key => $server_key,
server_chain => $server_chain,
client_ca_certificates => $client_ca_certificates,
@@ -70,7 +68,6 @@ class profiles::wordpress (
ensure => running,
enable => true,
subscribe => [
- File[$server_cert],
File[$server_key],
Concat[$server_chain],
Concat[$client_ca_certificates],
diff --git a/sitemodules/profiles/manifests/x509cert_common.pp b/sitemodules/profiles/manifests/x509cert_common.pp
index 380b505..88edace 100644
--- a/sitemodules/profiles/manifests/x509cert_common.pp
+++ b/sitemodules/profiles/manifests/x509cert_common.pp
@@ -41,6 +41,10 @@
class profiles::x509cert_common (
Hash[String, Data] $certificates,
) {
+ group { 'ssl-cert':
+ ensure => present,
+ system => true,
+ }
file { '/etc/ssl/public':
ensure => directory,
owner => 'root',
@@ -58,7 +62,7 @@ class profiles::x509cert_common (
file { "/etc/ssl/private/${name}.key.pem":
ensure => file,
owner => pick($cert_info['key_owner'], 'root'),
- group => pick($cert_info['key_group'], 'root'),
+ group => pick($cert_info['key_group'], 'ssl-cert'),
mode => pick($cert_info['key_mode'], '0640'),
content => $cert_info['private_key'],
}
diff --git a/sitemodules/profiles/templates/base/update-crls.epp b/sitemodules/profiles/templates/base/update-crls.epp
index eefdfe2..def45ab 100755
--- a/sitemodules/profiles/templates/base/update-crls.epp
+++ b/sitemodules/profiles/templates/base/update-crls.epp
@@ -1,30 +1,148 @@
-<%- | Array[String] $services | -%>
-#!/bin/sh
+<%- |
+ Array[String] $services,
+ String $check_url,
+ String $api_user,
+ String $api_password,
+ String $hostname,
+| -%>
+#!/usr/bin/env python3
# THIS FILE IS MANAGED BY PUPPET, MANUAL CHANGES WILL BE OVERWRITTEN AT THE
# NEXT PUPPET RUN.
-set -e
+import glob
+import subprocess
+import sys
+from datetime import datetime
+from os import path
-CRL_PATH='/var/local/ssl/crls/'
-CA_CERT='/etc/ssl/certs/ca-certificates.crt'
-RSYNC_LOCATION='crl.cacert.org::crl'
+import requests
-rsync -aqz "$RSYNC_LOCATION" "$CRL_PATH"
+CRL_PATH = "/var/local/ssl/crls/"
+CA_CERT = "/etc/ssl/certs/ca-certificates.crt"
+RSYNC_LOCATION = "crl2.intra.cacert.org::crl"
+ICINGA_CA = "/var/lib/icinga2/certs/ca.crt"
-for crl in "$CRL_PATH"*.crl
-do
- if openssl crl -noout -inform DER -in "$crl" -CAfile "$CA_CERT" 2>/dev/null
- then
- openssl crl -inform DER -in "$crl" -out "$crl".pem
- else
- echo "Error: Could not validate the CRL at $crl" >&2
- fi
-done
-c_rehash "$CRL_PATH" 2>/dev/null >&2
-<% $services.each |$service| { -%>
-service <%= $service %> reload > /dev/null
-<% } %>
+def json_timestamp(ts):
+ return int(ts.timestamp())
-exit 0
+
+def report_result(success, output, start):
+ data = {
+ "type": "Service",
+ "filter": 'host.name=="<%= $hostname %>" && service.name=="crl-sync"',
+ "exit_status": 0 if success else 2,
+ "plugin_output": "OK" if success else f"CRITICAL CRL sync failed\n{output}",
+ "check_source": "<%= $hostname %>",
+ "execution_start": json_timestamp(start),
+ "execution_end": json_timestamp(datetime.utcnow()),
+ "ttl": 3720,
+ }
+
+ r = requests.post(
+ "<%= $check_url %>",
+ auth=("<%= $api_user %>", "<%= $api_password %>"),
+ headers={"Accept": "application/json"},
+ json=data,
+ verify=ICINGA_CA,
+ )
+
+ if not r.ok:
+ print("could not submit passive check")
+ print(r.status_code, r.reason)
+ print(r.text)
+ sys.exit(1)
+
+
+def run_command(args, timeout=10):
+ try:
+ res = subprocess.run(args, capture_output=True, timeout=timeout, text=True)
+ except subprocess.TimeoutExpired:
+ return False, "timeout of {} expired running '{}'".format(
+ timeout, " ".join(args)
+ )
+
+ return res.returncode == 0, res.stderr
+
+
+def verify_crl(crl, ca_certificates=CA_CERT):
+ return run_command(
+ [
+ "openssl",
+ "crl",
+ "-noout",
+ "-inform",
+ "DER",
+ "-in",
+ crl,
+ "-CAfile",
+ ca_certificates,
+ ],
+ )
+
+
+def convert_to_pem(crl):
+ return run_command(
+ ["openssl", "crl", "-inform", "DER", "-in", crl, "-out", f"{crl}.pem"]
+ )
+
+
+def rehash_crls(crl_path=CRL_PATH):
+ return run_command(["c_rehash", crl_path])
+
+
+def run_rsync(rsync_source, dest_path):
+ return run_command(["rsync", "-aqz", rsync_source, dest_path], 60)
+
+
+def restart_service(service):
+ return run_command(["systemctl", "restart", f"{service}.service"], 30)
+
+
+def main():
+ start = datetime.utcnow()
+
+ ok, output = run_rsync(RSYNC_LOCATION, CRL_PATH)
+ if not ok:
+ report_result(False, f"rsync run failed:\n{output}", start)
+ return
+
+ error_output = []
+
+ for crl in glob.glob(path.join(CRL_PATH, "*.crl")):
+ ok, output = verify_crl(crl)
+ if not ok:
+ error_output.append(f"crl validation for {crl} failed:\n{output}")
+ continue
+
+ ok, output = convert_to_pem(crl)
+ if not ok:
+ error_output.append(f"pem conversion for {crl} failed:\n{output}")
+
+ if error_output:
+ report_result(False, "\n\n".join(error_output), start)
+ return
+
+ ok, output = rehash_crls(CRL_PATH)
+ if not ok:
+ report_result(False, f"c_rehash for {CRL_PATH} failed:\n{output}", start)
+ return
+
+ services = [<% if $services { %>"<%= $services.join(", ") %>"<% } %>]
+
+ for service in services:
+ ok, output = restart_service(service)
+ if not ok:
+ error_output.append(f"service restart failed for {service}:\n{output}")
+ continue
+
+ if error_output:
+ report_result(False, "\n\n".join(error_output), start)
+ return
+
+ report_result(True, "", start)
+
+
+if __name__ == "__main__":
+ main()
diff --git a/sitemodules/profiles/templates/cacert_boardvoting/config.yaml.epp b/sitemodules/profiles/templates/cacert_boardvoting/config.yaml.epp
index 1e3309d..29eb2c9 100644
--- a/sitemodules/profiles/templates/cacert_boardvoting/config.yaml.epp
+++ b/sitemodules/profiles/templates/cacert_boardvoting/config.yaml.epp
@@ -18,7 +18,8 @@ database_file: /srv/cacert-boardvoting/data/database.sqlite
client_ca_certificates: <%= $client_ca_certs %>
server_certificate: <%= $server_cert %>
server_key: <%= $server_key %>
-https_address: ":8443"
+http_address: ":80"
+https_address: ":443"
cookie_secret: <%= $cookie_secret %>
csrf_key: <%= $csrf_key %>
base_url: <%= $base_url %>
diff --git a/sitemodules/profiles/templates/gitea/app.ini.epp b/sitemodules/profiles/templates/gitea/app.ini.epp
new file mode 100644
index 0000000..a1854f2
--- /dev/null
+++ b/sitemodules/profiles/templates/gitea/app.ini.epp
@@ -0,0 +1,101 @@
+<%- | String $gitea_fqdn,
+ String $gitea_user,
+ String $gitea_socket,
+ String $database_host,
+ String $database_name,
+ String $database_password,
+ String $database_user,
+ String $database_ssl_mode,
+ Integer $database_port,
+| -%>
+# THIS FILE IS MANAGED BY PUPPET, MANUAL CHANGES WILL BE OVERWRITTEN BY THE
+# NEXT PUPPET RUN
+APP_NAME = <%= $gitea_fqdn %> :: CAcert code hosting
+RUN_USER = <%= $gitea_user %>
+RUN_MODE = prod
+
+[repository]
+ROOT = /var/lib/gitea/repositories
+MAX_CREATION_LIMIT = 0
+
+[database]
+DB_TYPE = postgres
+HOST = <%= $database_host %>:<%= $database_port %>
+NAME = <%= $database_name %>
+USER = <%= $database_user %>
+PASSWD = <%= $database_password %>
+SSL_MODE = <%= $database_ssl_mode %>
+LOG_SQL = false
+
+[security]
+INSTALL_LOCK = true
+SECRET_KEY = <%= seeded_rand_string(20, 'gitea::secret_key', 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789') %>
+INTERNAL_TOKEN_URI = file:/etc/gitea/internal_token
+
+[server]
+DOMAIN = <%= $gitea_fqdn %>
+PROTOCOL = http+unix
+HTTP_ADDR = <%= $gitea_socket %>
+ROOT_URL = https://<%= $gitea_fqdn %>/
+DISABLE_SSH = true
+LFS_START_SERVER = true
+LFS_CONTENT_PATH = /var/lib/gitea/data/lfs
+LFS_JWT_SECRET = <%= seeded_rand_string(43, 'gitea::lfs_jwt_secret', 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789') %>
+OFFLINE_MODE = false
+LANDING_PAGE = explore
+
+[mailer]
+ENABLED = true
+FROM = git@<%= $gitea_fqdn %>
+MAILER_TYPE = sendmail
+
+[service]
+REGISTER_EMAIL_CONFIRM = true
+ENABLE_NOTIFY_MAIL = true
+DISABLE_REGISTRATION = true
+ENABLE_CAPTCHA = false
+REQUIRE_SIGNIN_VIEW = false
+DEFAULT_KEEP_EMAIL_PRIVATE = false
+DEFAULT_ALLOW_CREATE_ORGANIZATION = false
+DEFAULT_ENABLE_TIMETRACKING = true
+NO_REPLY_ADDRESS = noreply.<%= $gitea_fqdn %>
+SHOW_REGISTRATION_BUTTON = false
+
+[picture]
+DISABLE_GRAVATAR = true
+ENABLE_FEDERATED_AVATAR = false
+
+[oauth2]
+ENABLE = false
+
+[federation]
+ENABLE = false
+
+[openid]
+ENABLE_OPENID_SIGNIN = false
+ENABLE_OPENID_SIGNUP = false
+
+[session]
+PROVIDER = file
+COOKIE_SECURE = true
+DOMAIN = <%= $gitea_fqdn %>
+SAME_SITE = strict
+
+[migrations]
+ALLOW_LOCALNETWORKS = true
+
+[webhook]
+ALLOWED_HOST_LIST = external,private
+
+[log]
+MODE = file,console
+ENABLE_ACCESS_LOG = true
+ACCESS = file
+ROUTER = file
+ROOT_PATH = /var/log/gitea/
+
+[log.file]
+LEVEL = Info
+
+[log.console]
+LEVEL = Warn
diff --git a/sitemodules/profiles/templates/gitea/nginx.conf.epp b/sitemodules/profiles/templates/gitea/nginx.conf.epp
new file mode 100644
index 0000000..bfc084e
--- /dev/null
+++ b/sitemodules/profiles/templates/gitea/nginx.conf.epp
@@ -0,0 +1,82 @@
+<%- | String $hostname,
+ String $gitea_socket,
+| -%>
+# THIS FILE IS MANAGED BY PUPPET, MANUAL CHANGES WILL BE OVERWRITTEN BY THE
+# NEXT PUPPET RUN
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+events {
+ worker_connections 768;
+ # multi_accept on;
+}
+
+http {
+
+ ##
+ # Basic Settings
+ ##
+
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ keepalive_timeout 65;
+ types_hash_max_size 2048;
+ server_tokens off;
+
+ server_names_hash_bucket_size 64;
+ # server_name_in_redirect off;
+
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ ssl_protocols TLSv1.2 TLSv1.3;
+ ssl_prefer_server_ciphers on;
+
+ access_log /var/log/nginx/access.log;
+ error_log /var/log/nginx/error.log;
+
+ gzip on;
+
+ # gzip_vary on;
+ # gzip_proxied any;
+ # gzip_comp_level 6;
+ # gzip_buffers 16 8k;
+ # gzip_http_version 1.1;
+ # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+ include /etc/nginx/conf.d/*.conf;
+
+ upstream gitea {
+ server unix:<%= $gitea_socket %>;
+ }
+
+ server {
+ listen 80;
+ listen [::]:80;
+
+ listen 443 ssl;
+ listen [::]:443 ssl;
+
+ if ($https != "on") {
+ return 301 https://$host$uri;
+ }
+
+ ssl_certificate /etc/ssl/public/<%= $hostname %>.chain.pem;
+ ssl_certificate_key /etc/ssl/private/<%= $hostname %>.key.pem;
+
+ server_name <%= $hostname %>;
+
+ location / {
+ client_max_body_size 128M;
+
+ proxy_pass http://gitea;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ }
+ }
+}
diff --git a/sitemodules/profiles/templates/squid/squid.conf.epp b/sitemodules/profiles/templates/squid/squid.conf.epp
index a064368..d071279 100644
--- a/sitemodules/profiles/templates/squid/squid.conf.epp
+++ b/sitemodules/profiles/templates/squid/squid.conf.epp
@@ -12,4 +12,5 @@ acl <%= $acl -%>
http_access <%= $access_rule -%>
<% } %>
-maximum_object_size 50 MB
+maximum_object_size 500 MB
+cache_dir aufs /var/spool/squid 20000 16 256
diff --git a/sitemodules/profiles/templates/wordpress/wordpress-ssl.conf.epp b/sitemodules/profiles/templates/wordpress/wordpress-ssl.conf.epp
index 7eeb31e..66eaa30 100644
--- a/sitemodules/profiles/templates/wordpress/wordpress-ssl.conf.epp
+++ b/sitemodules/profiles/templates/wordpress/wordpress-ssl.conf.epp
@@ -1,5 +1,4 @@
<%- | String $server_name,
- String $server_cert,
String $server_key,
String $server_chain,
String $client_ca_certificates,
@@ -10,9 +9,8 @@
ServerName <%= $server_name %>
SSLEngine on
- SSLCertificateFile <%= $server_cert %>
+ SSLCertificateFile <%= $server_chain %>
SSLCertificateKeyFile <%= $server_key %>
- SSLCertificateChainFile <%= $server_chain %>
SSLCACertificateFile <%= $client_ca_certificates %>
SSLProtocol ALL -SSLv2 -SSLv3 -TLSv1.1 -TLSv1
diff --git a/sitemodules/roles/manifests/authserver.pp b/sitemodules/roles/manifests/authserver.pp
new file mode 100644
index 0000000..792bc71
--- /dev/null
+++ b/sitemodules/roles/manifests/authserver.pp
@@ -0,0 +1,29 @@
+# Class: roles::authserver
+# ========================
+#
+# This class defines the authserver role for a Hydra OAuth2/OpenID connect API
+# server used for authentication/authorization.
+# You should assign this class using hiera or via an ENC.
+#
+# Examples
+# --------
+#
+# @example
+# class { 'roles::authserver': }
+#
+# Authors
+# -------
+#
+# Jan Dittberner <jandd@cacert.org>
+#
+# Copyright
+# ---------
+#
+# Copyright 2022 Jan Dittberner
+#
+class roles::authserver {
+ include profiles::base
+ include profiles::rsyslog
+ include profiles::icinga2_agent
+}
+
diff --git a/sitemodules/roles/manifests/code.pp b/sitemodules/roles/manifests/code.pp
new file mode 100644
index 0000000..f88761a
--- /dev/null
+++ b/sitemodules/roles/manifests/code.pp
@@ -0,0 +1,28 @@
+# Class: roles::code
+# ==================
+#
+# This class defines the code role for a Gitea server used for code hosting.
+# You should assign this class using hiera or via an ENC.
+#
+# Examples
+# --------
+#
+# @example
+# class { 'roles::code': }
+#
+# Authors
+# -------
+#
+# Jan Dittberner <jandd@cacert.org>
+#
+# Copyright
+# ---------
+#
+# Copyright 2022 Jan Dittberner
+#
+class roles::code {
+ include profiles::base
+ include profiles::rsyslog
+ include profiles::icinga2_agent
+ include profiles::gitea
+}
diff --git a/sitemodules/roles/manifests/emailout.pp b/sitemodules/roles/manifests/emailout.pp
index d6bd462..72901d4 100644
--- a/sitemodules/roles/manifests/emailout.pp
+++ b/sitemodules/roles/manifests/emailout.pp
@@ -18,11 +18,12 @@
# Copyright
# ---------
#
-# Copyright 2018-2019 Jan Dittberner
+# Copyright 2018-2022 Jan Dittberner
#
class roles::emailout {
include profiles::base
include profiles::rsyslog
include profiles::purge_nrpe_agent
include profiles::icinga2_agent
+ include profiles::x509cert_common
}
diff --git a/sitemodules/roles/manifests/git.pp b/sitemodules/roles/manifests/git.pp
index 55d81b9..ef2393d 100644
--- a/sitemodules/roles/manifests/git.pp
+++ b/sitemodules/roles/manifests/git.pp
@@ -18,11 +18,12 @@
# Copyright
# ---------
#
-# Copyright 2020 Jan Dittberner
+# Copyright 2020-2022 Jan Dittberner
#
class roles::git {
include profiles::base
include profiles::rsyslog
include profiles::purge_nrpe_agent
include profiles::icinga2_agent
+ include profiles::x509cert_common
}
diff --git a/sitemodules/roles/manifests/idp.pp b/sitemodules/roles/manifests/idp.pp
new file mode 100644
index 0000000..2878931
--- /dev/null
+++ b/sitemodules/roles/manifests/idp.pp
@@ -0,0 +1,29 @@
+# Class: roles::idp
+# ========================
+#
+# This class defines the idp role for an OAuth2/OpenID identity provider
+# used for authentication/authorization.
+# You should assign this class using hiera or via an ENC.
+#
+# Examples
+# --------
+#
+# @example
+# class { 'roles::idp': }
+#
+# Authors
+# -------
+#
+# Jan Dittberner <jandd@cacert.org>
+#
+# Copyright
+# ---------
+#
+# Copyright 2022 Jan Dittberner
+#
+class roles::idp {
+ include profiles::base
+ include profiles::rsyslog
+ include profiles::icinga2_agent
+}
+
diff --git a/sitemodules/roles/manifests/infra03.pp b/sitemodules/roles/manifests/infra03.pp
index f1f6fe7..6ceb0d6 100644
--- a/sitemodules/roles/manifests/infra03.pp
+++ b/sitemodules/roles/manifests/infra03.pp
@@ -18,10 +18,10 @@
# Copyright
# ---------
#
-# Copyright 2021 Jan Dittberner
+# Copyright 2021-2022 Jan Dittberner
#
class roles::infra03 {
include profiles::base
include profiles::lxc_host
- #include profiles::icinga2_satellite
+ include profiles::icinga2_agent
}
diff --git a/sitemodules/roles/manifests/ircserver.pp b/sitemodules/roles/manifests/ircserver.pp
index f1ba1a9..c1f627c 100644
--- a/sitemodules/roles/manifests/ircserver.pp
+++ b/sitemodules/roles/manifests/ircserver.pp
@@ -17,11 +17,12 @@
# Copyright
# ---------
#
-# Copyright 2018-2019 Jan Dittberner
+# Copyright 2018-2022 Jan Dittberner
#
class roles::ircserver {
include profiles::base
include profiles::rsyslog
include profiles::purge_nrpe_agent
include profiles::icinga2_agent
+ include profiles::x509cert_common
}
diff --git a/sitemodules/roles/manifests/issue.pp b/sitemodules/roles/manifests/issue.pp
index eb3b86b..5a6a14d 100644
--- a/sitemodules/roles/manifests/issue.pp
+++ b/sitemodules/roles/manifests/issue.pp
@@ -18,11 +18,12 @@
# Copyright
# ---------
#
-# Copyright 2018-2019 Jan Dittberner
+# Copyright 2018-2022 Jan Dittberner
#
class roles::issue {
include profiles::base
include profiles::rsyslog
include profiles::purge_nrpe_agent
include profiles::icinga2_agent
+ include profiles::x509cert_common
}
diff --git a/sitemodules/roles/manifests/monitor.pp b/sitemodules/roles/manifests/monitor.pp
index 32f8c96..eea702c 100644
--- a/sitemodules/roles/manifests/monitor.pp
+++ b/sitemodules/roles/manifests/monitor.pp
@@ -18,11 +18,12 @@
# Copyright
# ---------
#
-# Copyright 2018-2019 Jan Dittberner
+# Copyright 2018-2022 Jan Dittberner
#
class roles::monitor {
include profiles::base
include profiles::rsyslog
include profiles::purge_nrpe_agent
include profiles::icinga2_master
+ include profiles::x509cert_common
}
diff --git a/sitemodules/roles/manifests/oidcdemo.pp b/sitemodules/roles/manifests/oidcdemo.pp
new file mode 100644
index 0000000..496c5a6
--- /dev/null
+++ b/sitemodules/roles/manifests/oidcdemo.pp
@@ -0,0 +1,28 @@
+# Class: roles::oidcdemo
+# ========================
+#
+# This class defines the oidcdemo role for an OAuth2/OpenID demo application.
+# You should assign this class using hiera or via an ENC.
+#
+# Examples
+# --------
+#
+# @example
+# class { 'roles::oidcdemo': }
+#
+# Authors
+# -------
+#
+# Jan Dittberner <jandd@cacert.org>
+#
+# Copyright
+# ---------
+#
+# Copyright 2023 Jan Dittberner
+#
+class roles::oidcdemo {
+ include profiles::base
+ include profiles::rsyslog
+ include profiles::icinga2_agent
+}
+
diff --git a/sitemodules/roles/manifests/pgsql.pp b/sitemodules/roles/manifests/pgsql.pp
index 7b953d0..6e07288 100644
--- a/sitemodules/roles/manifests/pgsql.pp
+++ b/sitemodules/roles/manifests/pgsql.pp
@@ -8,7 +8,7 @@
# --------
#
# @example
-# class { 'roles::mariadb': }
+# class { 'roles::pgsql': }
#
# Authors
# -------
diff --git a/sitemodules/roles/manifests/traininginstance.pp b/sitemodules/roles/manifests/traininginstance.pp
new file mode 100644
index 0000000..9cacf78
--- /dev/null
+++ b/sitemodules/roles/manifests/traininginstance.pp
@@ -0,0 +1,26 @@
+# Class: roles::traininginstance
+# ==============================
+#
+# This class defines the traininginstance role for servers providing training
+# environments for CAcert sytem administration volunteers. You should assign
+# this class using hiera or via an ENC.
+#
+# Examples
+# --------
+#
+# @example
+# class { 'roles::traininginstance': }
+#
+# Authors
+# -------
+#
+# Jan Dittberner <jandd@cacert.org>
+#
+# Copyright
+# ---------
+#
+# Copyright 2020 Jan Dittberner
+#
+class roles::traininginstance {
+ include profiles::base
+}
diff --git a/sitemodules/roles/manifests/translations.pp b/sitemodules/roles/manifests/translations.pp
index 006dd6f..e8d2998 100644
--- a/sitemodules/roles/manifests/translations.pp
+++ b/sitemodules/roles/manifests/translations.pp
@@ -18,7 +18,7 @@
# Copyright
# ---------
#
-# Copyright 2018-2019 Jan Dittberner
+# Copyright 2018-2022 Jan Dittberner
#
class roles::translations {
include profiles::base
@@ -26,4 +26,5 @@ class roles::translations {
include profiles::purge_nrpe_agent
include profiles::icinga2_agent
include profiles::pootle
+ include profiles::x509cert_common
}