diff options
66 files changed, 3725 insertions, 1721 deletions
@@ -6,7 +6,6 @@ mod 'puppetlabs/concat', :latest mod 'puppetlabs/mailalias_core', :latest mod 'puppetlabs/postgresql', :latest mod 'puppetlabs/stdlib', :latest -mod 'puppetlabs/translate', :latest mod 'saz/sudo', :latest mod 'stm/debconf', :latest mod 'puppet/archive', :latest diff --git a/README.md b/README.md new file mode 100644 index 0000000..c7b0512 --- /dev/null +++ b/README.md @@ -0,0 +1,20 @@ +# CAcert Puppet + +This repository contains Puppet code (manifests, templates, files, configuration data) to configure the +[CAcert infrastructure systems](https://infradocs.cacert.org). + +The private key used to decrypt the Hiera data in [the hierdata subdirectory](hieradata) is stored on the +[Puppet server](https://infradocs.cacert.org/systems/puppet.html) in +`/etc/puppetlabs/code/environments/production/keys` + +All future infrastructure changes should be made via this repository. + +## Why Puppet? + +We use [Puppet](https://puppet.com/docs/puppet/6/puppet_index.html) with +[Hiera](https://puppet.com/docs/puppet/6/hiera.html) in combination with +[PuppetDB](https://puppet.com/docs/puppet/6/puppetdb_overview.html) to have a proper audit trail for changes to our +infrastructure systems. + +Alternatives like Ansible might be easier to learn, but do not provide the desired audit trail without more custom +tooling. diff --git a/hieradata/common.yaml b/hieradata/common.yaml index e18ffc8..10d1188 100644 --- a/hieradata/common.yaml +++ b/hieradata/common.yaml @@ -12,16 +12,13 @@ profiles::base::users: shell: /bin/zsh password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAYmmeAt8w5DMzcB2T84r/s2mikksh1kxVFEG5Nk0o/jOh0BSdtKnEZLYV1SRa2Gvgu6ACqLAqYD+4c9neAnYcQrYL5y9rXC+l61bid3L83wM2XkBJYt534ZlU8XqjEB7R7wyQu+uVXA6PAqy9YccAJmAkDiIHy07yVoG8biG71IoCX7f40Otw28iXLU/N7xoX5ngGrWZaVDkQulwGxFAjD9KDwho9/pPXFEfqdeuJSuL3t3O3PEumvuva+qiZHO8Mb4Ngg8wDgHNFHXLjxohBGQ4e2RgrrcGWwFa+nSFRSukOecFv+WNzBbnNon7hiZ3QiFZoH9ooWIbfghWfZiWAezCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQSYlfah+RAoUKmvuQGB79E4BwJDg6EL2YyQ1GWFxz2EYj9cjaVD4AhLUJqsgex5YozliQZCPcflv3VoegHTp2jJ742HbrRDZmE7ZNlsj7BswpOVtE1SO4Xqh4OJTmvLy4V2G2sac/usorrB5LwS+n55Fp/PTBHe3VD0R0Ywv24K6bYg==] ssh_keys: - - - name: default + - name: default type: ssh-rsa key: ENC[PKCS7,MIIEPQYJKoZIhvcNAQcDoIIELjCCBCoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAV95FOtVeyG8OAzQHmi+oWO+iCkqdkiNgMbCqYujvCpXhqQl42GloghrfP0nvU4c7HiY4wA1HEd3M3Yj5t3//S7mAauhLrxGkS1P3oeN+Q9nFC76F3sbWVoO2reI0h58o6a4r2vU/r+Vely3F67y+3T38X69Amw41/SG+cf5GOJoYzMPbFzNBh7nZlS0U/gx5tXCitrUdWqvmaLYLorDEII9JfNMqXFsAthkxy9G/VI8pSZU8LGfCmvb0eBkuiFZ1wNwkvVLItAHTojtR9RfjN7uRplJf71ulsPDOLk028hoe0wx3Iz6GDSm37adNXYXrwEG+cc/7e8S4Rq4wUL8OajCCAv4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEJocSNI7Xxh05qLbKDQowdKAggLQwdxzSyWRWLImjlVg9RXwVN/ukICpMGMnpreY72m4pGGH0UXZ7yCKfN+SaM5Zt+WbDLFBHSiFu+X3vq0hSK8osK8VLxUV/GeuKu1fsOs6q6Sx7aZE+0b4FEXqAtQVg4aCACeuVAdcKnAiwXUpEjGbekIWAnWeDElDiipRhf0VQhQ3VGngzHq/GTZ9XeNpv+Imk2oNVA+W50yRZ4dTX0kXv8NVMzBNskjirPzRbDltfm5lDGAncOkMTt/5WlW0YFD33nEueMmWQ53hpuD4HmRroNiPElXw+aM2ttf3FIdltAx1aBe+Ao1CdUZf4cq/GDjlbPGbUTkXI9CM8Y6WAI82mQvsbrfC4p7a8OcwNrTZj17TqJR/KQzmSUvYZqkc7tEWSt5MqB8MzmnYiBBpH2tk4uk/RzdeioXkjTudYIFGb1kps0B2qlK4aVBIuRGjE/E7GaZY1EydmC9tfMaPN2mNCmGe4ZC6Igg/XWC2ElxY52ANldJZKUvK0nT1g9SeWkmRzFl8rOhXb9o1I04fXsvwCSy1n5aHz+hUHheUJm9r+evI7EOQwpYis19CUTaQG1yrIDCgmDAjRWrkEl4hs0jEYt4EzxqymDmJC3xU26WAk+iZ914l6nmwzdqDgcfapstigFYaTu7bGNgtDBxBVA1bocf4Ibf741r5EzeAaVEbN6WSFkgX/ma/DTn0ou04sei1KC7Gb2VwC76DCGmtnj2qxPbhE42zhUhoL7RCXwEKvBfJJF6CP4O/hacdcm5Vm1BpkATOSQu+7GJOWG0s5bf4ukdSXfi90sX2SL4AQzC7CWJpQihLUf14OdDtJJ1kCL6Oa5C/pWvynFbAK7/18hCexdmvCiXv5xIu9zldpN5x4s63xr2ZuIA/cFcGIo/xXCNWybdluqfgjLZKD3csF/4pMw5+lTRVXS+tatSaAP19pbz/dBH/CtRvJX/Zs43hxbjW] - - - name: edgepolster + - name: edgepolster type: ssh-rsa key: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAuTm982b9l+AXsDMkM/XlAc2o5oiAxSHN/rEObWnGL+9SkJj22Ln8otYymPZ/LfePrAKT5X0Bl+sek1Z3/KIsIulnKibHYwb3Nd3zwa1YyrxyFcLAg993Fb8aO3/lTZ6QMkuowKRB2bNheYOl6kwgnfEHMEi06V7owHoPriOTQpH1sKrcIdJX0sefFhttC6LMDxZKEWJuRcGTGSSZx0g0Q9bKIxElKScAuK3+ptm50m688yOgvlG5EZeR9fKGlDXRK2D451mg74GvE1NwOcO8fdXOPXFKeQzsN2duKFvPbJl8BWswaQfyhqzqJmUU17wz10Va6v8R93fEnjyUJRdB7TCCAa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEIRyL9YjKiYbINKg++yNxOeAggGAII9L0zWfvwFG9PntQVWnWhgAkHzJj5iWli4DrKlRIxI63jXyEbCEgNKl7sl5BT5nGb89KPHbCG7HD/HoVRSHe1hBMRB77CmN8xXIwT0ZKGszPAjOSOEwySOPgbASHJaiY7hMJTBXp3uIQEJ4iXhv0cZBeP40XBFsHpjVEkrgF1qoFYNn7HgJ0E6M/yRNjvD/1WCwj/hvZhcdIkyHVXiicB03I4Vuk5PwTEJ6O0WQgMcEePdYfRoVNneewed1E1ytqRHcL+qalfyG7VfhseNwDyngIhaF8JlMtXMfMWa1uZsj58v2Hx48b61jKn39a6CLJNl+KmmErLcja4i8LmJzM+e2sPJJu5MGfNddlCC3elwOmtHUL9ZI1mXFiInQfBRfV1WWjyP5556XakKXWL4KYPQdXUNXZCsHgmzlaulyCyYMx7grXo+dz4DXriZZ1BHrOYnEbyzZE44m2uoaCpB8X7cGCAtAEWPU7vbAEEA0EtpvgssAiRI9cKZTfxTZ9Ass] - - - name: nitrokey + - name: nitrokey type: ssh-rsa key: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEALYPplgEn31LlGszLFeelN4mNW2BKR+Zcv47+gd91c8spyLDvYU8lBTTyR2BiuffOaXC2JYs+xIBpqMYMLjtMgApZXfcRW5eMTn97B70YETEYkHYr+TWFVm8RW+GikXOTGjfjwZZdm4LjwPWZylkPFfX78tF8nIlIhJkwUjMpYi5LAQNc2YZ1Ukzi2s6QmbHh29EVMRCZRvzi1DgsT8iT6xh9Kltq4QPIwlGhSsWKcd5FWOvKjCYZgHae4dr6zH7qXKcvizloWas/TJnvXSb0lXyQFRSoKH95T5ne2EaxCEo1MC6LH1qFYJifxzOSWTLDL2xrQqwHZuzEJc2sDTHBijCCAa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEN18IzZTOjM0ewz52zDBzG2AggGAm0iSN3BDJ7qqob6PGpnepaKGUcTjUjINOc+3oe3lPkH6sd9mPIupn6e9vG9tla5oXHM9Mrku6Zayjh9xD+xxmFToJCKYeR0CHe5b5H/ab6n066H0YRTpJ3U757Pts55KQgpzbAttJRx/7zOLIBiLcaKdSFDF8+HshBy25KrSRTrlR1QGKn+fV/iB9POU1cbt05vRh126ByNc54n8J/P6MRiZqLeGnMrBCGekZDYdnMJOafBCiMQp2ZijFYutXi8h/3Gms3TKGKUsfJ6yQ3tYjcXB0d1vgxp3ZJzOUPJYSaIF3Wq3rwAmgmAivxrqimyZdIIP+HMOnOWQ6TN0Tu43lmoBF8hKzDIQeJ4n6YEyZ2ILDJsNspUItLR3D+Zxc+qOE5egqAicgcbBZwYDGc+VDlc83eCW7pcVh6dn1MFrog7GFUVSWNNgAHV0PaKRkZZ9H7KEfuwT8rs8yviOh0pZMnfmgVSq6LsgZRGQtTs8JBgXcA7YdPvoy4T+kSbWtA7O] law: @@ -31,8 +28,7 @@ profiles::base::users: shell: /bin/bash password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAc0aZpU2bfVCFwNTbfZfg4VVDqHLB5DNMQjWxwP1FJ/SKUOuApFhOH20nRtZf+KQUo3XnltTqF4Hq+Wt1XclvhzS9UijufQZCGrbWFIJNNEAZ6SVoFKWWRuwmHL34LI0xjidmIFLjM5YeNd3d5+pEU1YQjeS09N58SPySSkDFzUXCgjFMTKzP8nYvTsJ1jpIrXfg7g/gvVJZGXLIQAoDmU2pe1/grPyst5Bc15Rpb2GRKSpl2Cg3qIqv9WQPwNjxHrGKaSpMN/HEaNAUC4cYceUUN3S6/jkPfCtoqBXDyVXHoY7FB7gXpNZiO4ByMF1Uh45zRweH/3nq+69Pk0r4AeDCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQ+Avp4L2ueR0dPafRqPGGjIBwW5o3/Zq8DiK4XVzZx/wf4chUu1g3dvJYh/Fn42wv85eBNQrmPFqvj78HybmdStAduY91+dyOPPyux4V0dnco0xr+Ceeym7km9WnWyJgPgC/POjPUQcyUuO58/PyDmVqv+P8RH2rDMSJCSzSRMBFVXg==] ssh_keys: - - - name: default + - name: default type: ssh-rsa key: ENC[PKCS7,MIIEPQYJKoZIhvcNAQcDoIIELjCCBCoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAOcx25z6/EUDI/qpF32wUolP5gwVdI4l7xWOo0h/TR4wbAWWDbgvreCtQL7wYRaV2wAcEUgOOB0mtnYFhAnVkg+VIcK6cKhL1SZ7Gx7bS6nr3LVHL/YND+mN713RhzyR0ZI3sx546r8s9+wvQ3W04VYFYnCL6FC61L63ZmKPrO6wMBQvkw0L5cN1PE3Zp516oKl8gAyFIeaMUg2sSUYZyW/pyZBDcaw2tNIgaN3rAciurPaEFgoFyfaC8uq9wwV54vUGwcmzdazYwgyrTvO/1r0L31D7gHnhuR2tbwKPq/FDRc9kLY7ZXh8+07SZAeqa60lkyh7lTluaqbvHfdgJPKjCCAv4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEDCIwaGL3eIoaFYEQU5El2GAggLQub+d1pdd8dpz2ShtVSEKxv4xq1yuPpzQkwn6FdojSjiyiRM+kR9HqwA1ia87lanw031kuAdww8EMyzbAnw22mN/YBuh9UqRIWk5H3QZxSZZV58OjH+5+ibJu3VQXizWS6YVp16ahIv4XiJ1a3tOeNiHzJydt8NvkHqqU6ffEmYLRrdZFY6sNsUTeGqRmudPw5YEwVKhXkYg74UFHv7uOgKObnZr2FdfsJwlUzhmpFLApdhGoRgbYFNJGCcPxZma9Nr6fy12T2kt8ZhoysBnLFHEz4hDzIxgXHQ6RT/A21m/bIdD1RnzPJvEEyCstLZWGK2Dbqr+Q4QQX+CFLsEDyr9llH2pyEgp6WG0tBPYSu1WUOdjgh3ZhXAQxVG1Hpm7s8c9CvjksOS98pSaeilGXOVdMyQD6KO39x0yQoV3jVFYeTCwMiXbr7tsnxxhwV1Ljbc4stHFzKZAX3Ymeez8yEa5lI61rA6lUXuYxFBey9wivz+69pOmdGjD+JtXPmS6GRGEbWaVQzfisHunhEXva1BCW0grB+4efcaF44o1cPr3vanaHmwERDRE6EW919adWQ6lodqh88KTctrg7ZprcMVcPyukJ0LGV2zLwhXFw6fWO762VVs1QhC43ccZLcQLl3U+lSLmP27oL6EqPyGgv0CXVGfxhvVuN9vhNwRalKoDZGjO5K1HHb0YA+KryDdUuVqw4uJlOlUwJcFeLuhaXn6ECA+NBJt0leP2yWr6ipwoWtd3iinboU0o09vOb5Hbvplj0iwvEKr7cYHh4yuMmLreewGfqh7NN15H6w7cmVVA/+Ah6WJjM2SXb+adPLmdtITQU88talFi1FwznIr2yRJROF635f/iTNDIOcXHSPgBgJQ5573ix/EsNofeHmcFTRIzMnFkQNPAu1E+8fpUecUz2yPIGcl0PNpa/p0IYESRNC0L+8Lzvx0qKtDMW9J7K] dirk: @@ -42,12 +38,10 @@ profiles::base::users: shell: /bin/bash password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAC8aCZiuxL8u4I9eTeiehsKXIDgGrudCvDaafiGMVCZiXPVdwwQf/3K+l3aozAuM5ZH61gIA3kwig+A5xUoNGCNxdlt5p+JmtmKm7yewTGaLIXH0QwNt9+DwmfeeBWNNbbxKY7jcAYQiL7YzQhE1Ug+2YpJWJnkw78MQdpfKuFaJH53hjDNpvaQVOVpyDS58ayR+QAxYYj7XdzJ6U7jrmRniRTO0jXnCRKQN9lPnp9i0StYnNpQRMG8lFjrCF7kzI0RSJkwEa5yAOxMzY4Km7iGxMJdSWH8TwIwvPfZWyNaZAl3FCzz+nNOnAXmDcElg/ZeNBN7QuDF554NGV4z2S7jCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQHLMrrfoN545YYM1a7EDWboBwZaGY/+Y9EV2mCsTyeX9MXXzuwx/5JC1B7fI7M/HAlOVV5c7dmhB6HKEiTvw6gLiZsb6oi1fQ1JZLolvPf6+cxZCWzx3c+xb1sPw8CAMxXPsTYuKoZ0wLuKsERudlVa5TBqvQPqf7TKFIod83x0feFA==] ssh_keys: - - - name: default + - name: default type: ssh-ed25519 key: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAsoFkNFm0h/EjewGZf4XGU/nSbP/m272G/QAukhpSDhROiYrRRnd41E/A9QlWcMNVQSmAhZldgOOuYbKv2+9b8TYeD41OR0UeIRpxBm5uJ4cUbgyXgmOs7y+huCA1crjVuU7noWUO4f2AHDGk/ENHL43myQLHCk/oqJsFzfIfQHI0/kGCSIxc8vwSOjIsjelKRAkZRCTR76FWX5VrOIp6dGZBy6sJjff6+qVIy1WQ532VwArvN9r5Y3IiydI4oHwhnsO/nDDE5wFDxkwS6iDk6YKuAGvSvgfifEX+S9OKU289WrosAFhQllUOA6+11hnYWPv6SwQwLyOE5SIf7T/h2jB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAXYCaqIkeAtzRiRdlfZwiIgFB/3umOXRan6Fe7E/C99Wb1KWughyGhjkWkEu1/I93jNKg9Y4TuRhmvyRZtG9D7ZZm3G7h/4Y3dyFjNOgqmxzQhiuPQYm3tPqQk/OE+LVFQtQ==] - - - name: rsa4096 + - name: rsa4096 type: ssh-rsa key: ENC[PKCS7,MIIEPQYJKoZIhvcNAQcDoIIELjCCBCoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAVVW+UX1MlJfQAu0EytjbPohPycgvDmzDMuxeTMnYxPVdVUPRIiT8zcWVBrym9ar+n01b3x/eAy8mjQF8n94xJDSvpWI/hLVDQJtDW+MrsMCnoAhcnVlb1E8cCH5b4Lflnk+JklcVxYFIxSurlqHrbKdWXAFw6DfniMsr64LyaYuRHun47RY/qfed9sLzwnqJQiZ8oGPbekTEJVbNDzvfopnCHzAdH+cYCI6y5IawTxZFQr8VAtaxvklbKOqaC4KtH2tOp/wYB+6IBYzQaqO+L2eM3+9p2flPtEERZ9Eq0Y9lDWRjkHXFKdOgXPjqRnqlKEcQ4cro+iX1dWUlAkV5ETCCAv4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEGRQx04BZuJ6kRvYwv1IRAiAggLQH24aFiONst/QRk2UM0nQDTEDwpT1I/n3e2Y4nHbT/HFDaiIT2176Lk8sG2WCNUkVGYcSrfiKGthM846Wp9C4xijQSxDtthcicDHOP0knv8hc1Cf1Z9tqLHBApJyj2yeGtaq6UoJMJSVXfTYCZczPxifJ/RHY9hHsWSBTclVLfhkCYrJo3GfFXnXFgWx7T052fldZ0cU7ywQ1NF7eB8c9CQyBSqZb1kDGfEESmOFGcRlf375llToRMkqcAQzlDxcedvDYfWLBCYg+5ztIlUY5OzpWFWvIkKLPeE1YwYzW+9THYRmIQcZ3j975/cwk2af+0hCRsm3dnXKrf/ocfMXr5hI3SAupsneSTt5mLdd7CJQwt5XEeKtPlT13hx5LIy7xbrnladTUIvRT84MA/FLwXEcxNzuaCcHeqs06vrLl5LM6N+DIwRkM1yXciHL2giTwvYqnTjeNv4yO2p7IF8Ilb3PjVvQbjHiEr8UGJJEKoMRJo7mWZKoZ13JSg7ICvG03QaFbvrFks3clGJFBlfJu2ihvuC0y3sixF3OV147ae7sb0OAvyMz4sagQjS5CTrq6kiQwL6m8VRXLYgANxEgABGc/aG73b1RcgDHiea3uRzqsN5oKr/P0HNFziX/WwD5YnfenyZhjHL69O22YwDo+UuJkh3XHLNkPBfT9/hNfza96JrV/n7vlloJMEphfH8BplUo4Na+FmUH6cn9vtucKkfTOQxzuBN++39a0xQ5pIaBDDyZbxnQ/3YpXv0IoQp0OgQs8kWsUsi2ejeVHdDxy7h9CaDpuvie9zETKIUMHXqFQt4HDfIUbsy6ksLyKCYPxSMAEUQyWH3YXQTCRqph817kphAP+sxSoWF07j38MwDohJjdBrWTGnwLwQb3mBD/eSq1m7hKj26cxaxMc7Z7QyH7k6uT0eYh605cdOOt5PrPctiDtoRnwyRDO+g18Acbn] wytze: @@ -57,8 +51,7 @@ profiles::base::users: shell: /bin/bash password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAA6BtmpFWXj1Aaqe88NF3b2KAGN5DiEBFj0AMDGyth+YvncerjVYo0nMoG8fBN5LEYHzNuL+5EbnFPuM42U3Mu8gOeZSBbjbd6XKaQYbbS8ILlrZjtaKO+WFTtFHh3O1GyO9HxWb/te/uXGmsEsoLwLiQBcaC7nB2vwhA6XKUIitQBxC3Sg2hxH4wUgXoHR7ZH5iVlmCbc9vvCJZWWxNjhKBTOrRrp+q86eBwMJLE3ekuczMkcIDDZ4EkfbAHYqaaI1wdV1gnRCLX2AW88O3GILtY4V8GboXlZUtymgl5HdKoF7lFPLykRE2tmuRmpaHmLtINeVxPfhSHiQ68aDb0UTCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQmkyLO0dsomgfjdHN/rRwEIBwUZdFHCA/v/9uvbvlZwKjrgXNjZnz+qiNqpsFHXqL4hyCiwBc1REgkDYC9o9vApqiMuoz1YbVFj7v8sFPdbqvxE9WubRqZfGOBn4h61s3xns4VY9+qasGMqoOjTIvVzYM2fYKiBmyP+hKZoimn0ZudA==] ssh_keys: - - - name: default + - name: default type: ecdsa-sha2-nistp521 key: ENC[PKCS7,MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAmyFeJSSsLDzOgKZuwRzHiG55YK9x5Z7XDjHLMOiUo+BrGx/zAtocezLv+pTcJ4HrbjE2phfLxmbpm6cjQhgN4/P7brZBWW74+mD01aaKGi79/6ipIMdA3pkiHe3cqY5vcHpPs/PQG/7FCwFr0Wygn30ibX9Z8jl4n7sS9yAcLXxZRND33ssu7Z4/wXb+RY+a5bYPzJiYVH3DteAvVKOhCRCfY28080uPOgIIv801kDliLc4qpSTEi1R3yIjj107xFZJWR+SpljYN2DfMx/97alRqrJf5hgF1WJzqjecR9dgrM/gQ+IovzukFmAwee0U9uVT8yPTxMbg3PQ/niXhLDDCCAR0GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEMl0Ee04qo/XGRy10VJ6b5SAgfB7JwuIqPF8VbFX9ooMAzE0xvPvxP65GldaikFH2IwKthyNAx1wRPc+0Oyi9pYan1aevwRC+UGuRONArdG1w/SPKSRF+oktNZHSUg572dxYP8JqzFrKKGkRRPlEApzUpL0w0STC9Odykh+d2c3KBUkqc5bHGMyGeJS19nnWGEx3q80Yeen6nr9XuCBACWT1PRDzekWs/hMKcgksCbijS7TDNBjyUvQDU6TaMyMb0rfzesMkcNB3ZchgFT0kCL09trjpbrfz9oCw5yvGkan1gkF6mzcpaUIhjZ6EyhYeywVGU8c/cDFi2FphiWKVnHSC95c=] mendel: @@ -68,8 +61,7 @@ profiles::base::users: shell: /bin/bash password: ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEACWHkaPgSf9C6TkccvR6cVQQH/mrevLhraJ1A575kPe/BG9YmsOj+OpJgm1JQlsHYhFb+7JTuljOLZ8CC2DvYN0zaVuGExAXFUPVl1nr7zn3nifeuFpDR9wgF/eC1g4SkCDaHw1eoapimIZK9RsgEgmrLH4PjB5Au4c3T6o5OfWkg9d6N0z/nofTZsjUg6706g86BR0phR+M1QST36DM4g57IhRxYz6lN1xD2QRHrSIRihaQM5pgQGTrEHWRsQLrbwiuhJImM17wZxuK2JW4xHygRCZ1JA860wDLsgmGFLM0u6f5/CR5E7gn42tvReXcNHKXP3iqwDJSDZJh1n5hDvTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD7FqrizPCAMRBsMsgZ8EH2gDDav/JGDUh1DYOI2bcxioooadi3gUUc9eRT2W93Rbmvs2W0fA+DLnelcexbcCJDtuk=] ssh_keys: - - - name: default + - name: default type: ssh-dss key: ENC[PKCS7,MIIDvQYJKoZIhvcNAQcDoIIDrjCCA6oCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAYih6hjOdjjcQhlkmIWtgM+Sjddns15KEwT7OH89VycJpfTcGItodJjLjQbM7mxSq7SH2vrlWmzx0LqixdTtJ4gwyqB2i3LanV3eD/NK4ZveIEb41S2Ju5lJc/TqHsiv2oSAAKu12GDTdZhwMQxwTLv2LK8VhqP1rxpYtYU7+wA4t4DU2oTALrbn1bRCsfSrnEXUM6uVnZhTc58NoUm+0/EsB2jmmsykxtM4WnL4Mt77vi+3YgivvkV+MfadC32Zail98yKYZxdALW+tX1dFJO8pWO3z7RyHTl6D2tb0RLYsxgyKhu6NGi3hhVPq28VNc8JaxVBGTAcTAXg4NiGB5ujCCAn4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEELQChp0jVXAqgVgiNpBs0CGAggJQ/ct6GNxT8y8BMXkJ+39ueheXsPDB4UQe96zIYrPCGgY+a7H+c6LGUKLWrJoQYNkLF7rOd5xFrFyUmFxVx7YcqggWtggTrt75ZeJyJFsy/qy4xStxmRca80+pt5fLZce5E3WH1YjIUhgnoLJas7pCIMoCDvHbq2vQS4V9bvCCsx9bjACItBnCCMcaA5PmYUtAXP7frhj+1WpWvpV7yfZOx5Y8t0TsUfEjaUA54zD1wWYg2zB2Szk4h8Jm19ffQGWNrI1R2eXJuE5oHXP8WsSwkMvWneCavzXW1AgswhwGgnIl40I0MCSpU0mhV6b6cQJMJ7Ptudad2nCTtgkBRIKKm0H6BvUMRpxiJ1j9wX5SQGYCPrON+1E6wQmPUqwIVfPWfJTBNcDbbxWCQWUTSZVFne12ewQjmx62tQj+o1fzWBypWoqcn/zOXgSwRUSWwVK+fD+m/3ohVQ2cj+ltbFM126EfLpA2Cl9m0DW9UZ9LMf3jvR1KEq6ayiHJloDiFq2C2lXvfOUGt3+bHsVoeF9DwEm6uhhdLvYripvBmwrlwkvxj6/h+XzGvRaIbdlzFtLMv1TVMdklruC1NS2GkStoE5/8JLud9lj+Glin5bDuTgrSMm8NnOHGsqIP7VbIHgjMGr6uNDEW+jzDJSWGygtrQ7gR+rLuVakbpOak6W5klFfh+Wlnh66sOzw/pJPQiWd81WYtIICQ3UffqwmpKLvrJCV6/lunmFYImMaCcxSVlwhuKTINGeSCCz93wEqiAimsP8nhXOM4IcdpsV6T/6hhqA==] neo: @@ -79,8 +71,7 @@ profiles::base::users: shell: /bin/bash password: ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAU2KJTKlyeQ98TrPOizmFg5Mxtf7WvlPduLZzz754AlEdYmU29z3kpw0s6MxoehQUoSSvUHcr3Ai/Q17W5vxpkwvuj5Ehg7sQVR7oOr1EJTtbGCl9Wh1p/LYRrmg8MecFiA6A/1SQrcB/0cX0/d8sfvBbdv35PUyqvk1kxCaJbXmIUOLKjlD/h4m27me1+frranta8yJrpDs9GYmmwnyMwpuOywsTK4OIdQ75++LOrrLM+QOWc7j1NaD7AmPL/RQ8Uxp4rxu9OsOSq+y61rFtw1bcp/8HboAvfPAnK8qeEAfraX32bhYxuDCe+FPoHSTAUQvuRaaQbOqG559fmM8TazBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCdx0ze9zXer8YY/J5HfXKWgDDaGIiYF/XXe1eIEeN1/TdZ0iYk2wKNJyqko/S+SGLrPeRmrBOgL4NrR1Wtn8VpxxI=] ssh_keys: - - - name: default + - name: default type: ssh-rsa key: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAPQoYDBMDHX8/HmEJevV8tzPxcoh+tjLewjyd9/GTtBowiAdUeFvSC3s9jPYO916Cx26BJojcWzG0P5CWrpJBNh6HX89qAFyOclYoahtTRaPtZ5bsuXLcepFkqZFr/zy9RgWX0THhKG8IguYISzpEv0yCSVKZ0OnBQhjGlxaipvTyI39X6LIH6IFsnxbhMzeDKCyAf9J0scgJG7yKcNgH7It/9caV6bgG0Iqp/jP4bMt/zIFq3tAp4+Nsv2btjdIAoFO7mECfjCxbOzQy3vZgJlsycG4STvImUXZnqLo+664ZgLNj1So+yWZ876+4dg9mutvp7gPrqEHAqq3lzY0cdDCCAa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEM/y3wfO6pGSfFgGv6GS1K6AggGAjI/D2TIcm7Lx4ogSjKLLeII2j9gniOoHGK3e0d0dfWupIB/8x8VHJQVaaHOMlOhSpvq1DUu0bsyVwcid+6MVB5uAGrS9CuEkTnyf55zTiRfYdz2e3gf3bz28Uo92Mknoy9eIBi3harp4llY8WuxMjyi30k2Czi6/98RbE/wBamZeghoXl3T5hibvoKDzR691ZsKVWZDUVayU6cDaeu2r/xn5qYd/xo/LuIdhy4mkxyppDf9bgmVhw/QiK2Lsjn7I5LBjOM8ouRPuur2+T+6mgKhvX3yq0Z//TOee7FHaQj6eP+pSoIAWe3DxtYMermIs0A6wreuL1Rmju+hSYXupryFPN0LWxG2+9+XmrjwhxDXZTokCfqUJJEBb7JIM8IMvIKl9jICHPVMZsFzJqIWla4oGCqmloZhB1p/LXYjUYPpWYn7qFOUcxl8QFuMxV64J41qk5rUN8qpNRdfv1cAWUGNO+owZ8phKxo2oEzSNZTdut6CFAq08yByQ6UQ7PLN6] ted: @@ -90,8 +81,7 @@ profiles::base::users: shell: /bin/bash password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAv4pM3eYdyqCpT1Fcwttaut18uxHcBFY12HqlwhPQjyDLwTxxGL4axMSpwUd8iYu4yLJE8lxWfV8sHdA+TxTj1lTqGeo6qn6J1+H8rUrPXpXPL8/tWbDFWu3zUy8iTXIHwS66OY7j7AskiU0wAxOnp+cIr/LDt97bnZZ7yje0TJ6gImHdYkoizZy2uA7+5LZWFSReIZkbc7/Ros/A2wFnSnux4qkYpeuXvtj4whK8ZEK4qHsemlguhV2rcoE0ivqp3gVgQTGtnGhrrnVm/e+Ff8EQWGChKwFDrM6jXZFabfh3BXkt6TD+zYSPGnc4ttolj5ccvFV7jge26ry9VaeiszCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQeXKtyksA7JksRwr7pbuVCYBwJO3u4YbZ39ATrXOngMeoCUu031QEZQjwWceakitb9cX52FBDnS30AwWks9Mge6YZObS5NT3Ma9cVnRJB0G5z8iBlZDXTaw1LfdJuCu71SWt1njAfaiJzXEqKvTcpGEqNuRxO02xfFlxo+PSC1L1mNw==] ssh_keys: - - - name: default + - name: default type: ssh-rsa key: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEArxabkcQw/Xm8GVd7L3bmGKJb9aZzeIHqFw/rkUpJ8JYTVVjwwer6JFA/FtBoo2jVj5BENxmqZhJtlQFTazerrHGu/u+bGgKg7TZiYtr6682Lk+4xaFhF5ncnFGa1I9rFDSp/35DW0oVz9ejfpECx7jQMnEUatQVvlOkoAzgBh72L9427mb7mAtvrMMN3hfOJ1l5iEVbmxV4TYkRspubDiMLBV6ZPSOvShtNjL9+YFokqh2ynfeRhZ9jVXaTDAlphs4AueenpbXb9AeKepZlk6wmfQauiDZMHKqdqUGKwpbPix73v6wTcSbB1BdH9RujjGYpZ/lQL8ZSqRv4RG/Yc5jCCAa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEBGNAeh9+PKsMljJ5ZbpsXqAggGAuosqZ5Rolcf64ym4aMWZIlICAdHoVHZYky6bC4/euZMmQcnrFbjt+12lBZBYbOfm7VzXgnvSv+fOu9B9zVuV+GiPoocaUReKb5xs5npPG+EpyICmo20LK9HQgddYVWbQY83+vrc5lhDLWHQPo3tm9QjPk+voIb9lZxmyIvNrwe5uyj6rVazr4PQ+LLIUS9xLmFZfka8uGwZUjaXqcHMazq/AeVdytTqaR72fDcPp2t20/nrGMFzhNpQdQasH5DNaTLQhFZAczeoslBywaxAEVIByQTMZFqJdYzqikp4gZk61tXEsJAhQWk5kapW56NxmtekutcgyWyBiMtPQqa13ACoywtHzlc1whdcOp5ByaKlzQmiAZt19l2lqLxhfAtxb5PHsSXz+DbSxblOl3+OsrwN1cOOtkKLIegZibN6HWM6JqeE0Uga2On9d7YEO8peKU2WX7LmUTNKJ1KC9rDOZiUXyA4CDC5V2cpjmQH2JSAHFJmNMSn3xZRbxDrz5LkiS] gukk: @@ -101,8 +91,7 @@ profiles::base::users: shell: /bin/bash password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAC6SlsNj2tVo7putSVv0hWfks5Ysq1PyDkUefBgqU+hoBY+yw9vaLYGX4Qy+EdXokVtwdfMF5YyKY5K0wPkesd6hmFgONOd0vDv3PSuklsYjqVWuxujxBya4eu7OYacpP0nebj7glrnsgL1NyfFfsKj7Qyc33edPa/dvbhqFh3xDhWPYKwOORBaOJkwiOjtVsYdgAxLrv1PKAP2u07FerL7GZS8n9QOhtkjWQDXtjTD8+j9IPuX71HiqqKgIVF95T4tbsnVpZe3b3mGMAhS2c697KFEbHJOUNWA0kJDqRfax2a7DkXmZOo81uX2CadgqRUQlvN/jaYqsKlQ6P4LOCNjCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQALYIJOAshKsMxVRqQz18/oBw8yFt06YKCma9WnX/hTsw/eVKS3mDA+k19DXxCKqqes3tFXypKdFrEn6s5kUY+GUaauM0h9OLsMSPLXUb7sD+iKcPV53Xpchg5KnvSZ636bwhbg1WPORViuvS2QBPDvIavFy+AcLgnPWjwrUVtT1gww==] ssh_keys: - - - name: default + - name: default type: ssh-rsa key: ENC[PKCS7,MIIG7QYJKoZIhvcNAQcDoIIG3jCCBtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEALeHaGXeNNupyPtX0YtBqRHQsTM/VDEfPU42V9bhuscEL+U1YzLw+sW2OUsnI2N13R4LI2H78xlnMX/W05xPk+9sSRmyCxwDux5fFrI7GmbAEdfGKybp8Yxv3+ARMnSNI80uCkQ4wmCvo7A+/E72Yh5zookjoRI0ncUq/60knKn+MyLFCztOlpJMc5bJq2pnEDo1aAwZqofUBXrNqd4Lwk/kndbnbqCoKC6JMwefxNc+ea6Q4HA7tLM9EI0cywIahFjeTfdMBD3V/tITy9GWGFfSJrIRsbUgYBq4frVYbtElysR8Zp0sIj++iOLdchbVAC7Rdt59hh030qW1wGGHJxTCCBa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEOo+v7HRbKKfOZ2JwORhE6OAggWA7suAKXPpwBgNkQLTH4D+6+JMshzWW9TEJfvVm+Uluo8jHui5T/p4hh8uUQIDL27leBpju0Tp0l7ScAYIRDgeoqqwrm9bg5FjELG4wS6llP0fdzsHm7rd1r+zpc/yd1ObzlPX2/tcDOcrIePChR252QtuX3IQTIgAFNSD051ZZn4enb7tG2P8EFbNrVKjDFFpBoAUabtc1o1gnoLN1qMGcYw8rCzFQQi7s1WyirPSdm0/0WOedRLfovXwQRlon1k224IBqCGb1vHyT6I9bm1t2XVkfx/yB9JT7YVA1XA71ZA6bpDv3LXU3OBW9tn+R/bpyA6r5fALa6oAcWC28FmR5+fnf7dPYaQqG5p/L+LAJ6MjnDSWu6d658yHYugNP/IIRqC/zupaZ+ml4KFLkz6qL77RPdPjEHdU6HfL3xcEiaizxGCMopdITBtccRENtUntvNwUDZL+bgvLus0RTAuPGoypdSSMWMn/kYZ7qbBw+D9aTGN7UcDA8qAZG6FDivCDSp4TjTnQzmPD/qF4K72liCJRzsq4bHASifgam0BD75Obd4Ytzm4Xkt/CVB/VZQBzMvMEmelpQYb3f7ASVkMcFP2WQ/2ersPykBeLh3gOB0COhUxBj+b75ts7Xan7/F0Cu0mh1xH4tSZbl0WiTfCkJjZCqP9fd/hkuw3hs2Gi/Jjsv7ZU1YvGuUowBRUrBZ1ov+vIFwPQqHFeEMPu+TLJg2qM+avRn8GmGckECXAR1CM2Vb60GHzFpnJCPRN0zfgwF1WkDsHnXfqRHqaSUySfNOre651PDKiTrRc6qFMawcu5bx7Xv7C7vYK69/+kw/PDodyE1vd/L7XjnfMAEpLiGwGU0T9LK4SzZsrGKnZsTKc6qUKROVG6tqAg0rd9OPrEn5ePtd9m+lWe4lH5APeKl2ZGS66HUy7LVDXSjGUTUeBZSEuu4hrCdrgIce9SN9KPqhdoJG845i9ds9hYZI6cnhgkk0wRLe0qhpWKaL5k88AO0jBHSYyYyl2iZ2pq/rfzO0c0e28bNtKXif6gw2v8+tsturd4gC2O8kX7pN1mDF5F3ae5OfP7VWTV5rZaaNPI1FfcBKIbNZll8nfuu9hmdKvMOFCi0iReY8vQveXH6vuc2UPpxu7ryt/YCn1FPkgTm0TTYu8zn3svC78Sj5EffjiOrwQze48RmYZlyScTBa5e4AfsT8n6tkugvQvUDAcFA8Q6sonfOIEKwRIo31r8/0ujOPq3uD4gw/JyuL3jtUiPGJelIWWbJgEA2LHjuFiCY46wVYLQbmALAiI7b2bIDp4jP06WPuOpCXZx73eEInbTs2oMFrgWEDc1sJydcgdUi9uDQ+tHvNoOID1lMLtrIiPVrbWHkkPzkLeSo3cDZGuc50wrKUbns3HBi9cw/dE4zH5tTj2p6fKvv4sBLcve1xAikRBh/FbMqGQ1OfWOx8Zahxv2rJpIIugUhWRn6d0yyes+NEa5wQJ7Eei4gzIVL5rUcTyt3dCdYdqjvJAP3Ecd5YjeUgS2zJwJLS0aBscXYFyh7NmTKKajCOfTBwnFZdOjggcxZldu7Wi0037VgQ/3aG5ItmZmhY7KmUVc4oUnsW61G3TBpEAd3PkmWmt3nqn6EWlsqTpKuJ/C/sQ5fYE4/unjrtwvfEqfO6gdqrMnfLunkci58r9SvimHt5qXrJBFgQ+3PRU7BNnEJAgwIvdTQtjTunbfjmpdQ0X6tW9hhuVj/KE/dbSz/7XpZOqRR98tBMdtkm/6sIDjV090xwICjMR43Gc6ow2yld2BApMqvZxlaHWujW7EJkbWt+4GyOH4mjz8jxctjP3aKGf3RNJgds41ibQ0z75j/zEGn+8eQdROM2610+Ra2KJInxUJ4g==] jselzer: @@ -112,8 +101,7 @@ profiles::base::users: shell: /bin/bash password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAPPRy8mgzFyevRBWlDPkbj5H2e8gRQymcr9sjb1iih1+GL/a2EgppsVw4AFLr8oeLymsrNdOTVprPWMa6PXx91sKOvmHUfJ10IqpzFgqb8ZbtSUSxdr2aNWUz4zvRuo9MGKEZ/puniUv+hy3bmYYn7RVzX4TVDZLOIvjfbSiTLr/BgWAC6ksNYhvK+JfEyRl3pQJvPA+Y3int0RZ4AGIAATr6rwOumEO/3j9R2qNNakga+dbCxJE0hEKm1Hb5o+vQiAZsrRBwtbh5vYceGP+JsUtuyIU9mUjOCmKzSFTh0SeedHwEUXHBBcAJ7pjtc9KJTDKxYLisGkOrSyxc3XotkTCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQs5eQYV3U6FA9nSNBDObAq4BwpuEpMQlLLROR/wycfeQVsVTvo/eRZC9lbuw3Hax2a3bDt1Cy0uSipKzhrJaomeEIwwEi6NZHXA4hJcINRl4lE3YNs0Pvd99i3MmY5LPdA546cyi/tlr7zfA2GWV5hzxX0lzJM9mbJ/3pljzWcXP+Ew==] ssh_keys: - - - name: default + - name: default type: ssh-rsa key: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEATqNWmia/zJzSs8lOUE7i+k/IunDDW7Uq5mRrvUshtp1hmkDCF/ZjB92oKOKTnp3ufG7BXqLsjPEFj+d1lqP477q2vO4EDUt/k6fGj+gWoaLAXdUJJwQ8QB7JLyUzc1qF0h2rPJrIZX7rI2xFuq52QGHCsPXX1iiz6gxxzvkDaZPWhuLmIXFzznsEYDixYngSuDSBqZQl2u6rN9VlRFxaMcVtMGWS2uZeUJaUV2rDPBbLgPCOjEx5T8Cw6t0aB95Mmfhno71sXMAhrV/OpeSuBHvxYz+oitp2I6/+M3CPWeys2F9EO/swNf247R5rnDxm2ssXURCdnC2CyT/E6p0WOzCCAa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEELFCkD35HEdhC4+e131T/zWAggGAq7JO6RPPBYsXNrrdfJxXkbcXllJ1nqRroEUl02bXnovmBKpiAN+77kS+Q8nObKjc7BHWdeVULXMNvKXU863z8fWIVHuAN3P4DEBed+Ap4P5o6yXxa8LM/OokUrgseDblIUy7y+z+umMB0KyhJNGGGhTvEsC+V4o/XrBTJfreI9BL0u1g5JTIUPxHihnvGz0SXa/HTuHZqXY4OSBTGZuiZZMnTDr++6Waut1GOX9uSw+f/mThiEpqC3jlgVTXP7S95UVppdJtgFyQ0rAtTw27d5TQDwcWl8yxTsc/x7CAperEiO//oHH0LSo41LGFiWrjz7pgAYJjqmfebO4MZKPE44yUjC2PKly07EL9CwHphNcgsUJ/RBJWtDCfY5y4hCClT8d9FFBHYnZwTL2VcD6VHlGUYQAyZ4R1+Eth9ur+s2DI4JE9kT9Uqyzl+OaujYDRCEbmzqhSrOgTPZL1v6LzUt33SaqKx0wYtwY4C71H4jyl3hB6GxbHipHVhPErswqC] markus: @@ -123,8 +111,7 @@ profiles::base::users: shell: /bin/bash password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAf1D2y9Jud0jUMfzexWvbbA6m/pqKrLe50i3QKLlacrQwLjtj/Ioe/9hvzSQJLfr2BrZ+C5eFvB2u7YdGOT8nYasEpPcBP7wrZm+VRE2VaR85ATmcHsrYex8P5o7abifc3nVfRXlHoSfAD5epwzKYCgj6T8G5aBZV+EL5PiykQsNVuaCBat/RzXBOX/mxSbiVQDTF9QezOFE3CqdWWoYzSh9r0t6bPq2EFG3iQw/nefvLHdVrEUdnJHPfHp7grdYWLr9x1RDxPwueUb7oGHbxxQ8jYes6EyVaWlGB7PXg6CPhMC3jU+s2MfAdU+eELBtRxTE0PStvZqjU9vG+EKFkYDCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQ6NCtegYWJCLh6BJXW0JZ/IBwuJgJdjSmBjVnZpG3v6/d/f/cLE65/P9e/NcESg7LEwKgJ5m1/2ZCrepC/UfITf5Z+M6c9AAVczRD79gXhF/aIsFHgwlFIfTN6maTM3mRzQH8q2hjx8GGqc3MbKv3Ei70+eaG2YubCWwOP5Ao34eVQg==] ssh_keys: - - - name: default + - name: default type: ssh-rsa key: ENC[PKCS7,MIIEPQYJKoZIhvcNAQcDoIIELjCCBCoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAZ+YZwaql+65y+E3AdhUYJdWcYZFho9zrfTSkDEoDOYXsta9MZPPF5XIHrth7pvZtu4ykMsM0ouddGOMwU8dFKaaV/bXfcz+wCEH3kk2VpailtOaRSqB32hqqBatBQ+9vwkyqAD9L5v5IwUMrbOODhgSuvcqaN+8kQxpiTbRSCXhN+S2PeuoKu3CqgCFo+KWEIiXqayNKHI2P7BoxUz01Hq6xLs6OLJC5/yTcT1uEVGluzH9oIu98XSTfbjL/SNNwRClkKM3/Hz55+Jt+MiNct1uzjw9LwoJ3jakAOk4ROSq5mn5crwwqipJQlS3hC2ghZCB4GY/8D/rkKDfojopgejCCAv4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEHsVnXD4xZNXGZ7rGKQNpUmAggLQET9BG9FSaDOxlhlryKx+jgoWP72ouHYvm3sEsbehGnXYy5oTgdbP6BD/WafFZKDSLzn0g9mHYbnLG1VFxmxV92NjPXTiiPKYmLE/nIQJNERXBtRbGGQVFjYMRUvp8n64oHsjRY5xwZAzePCITPhwtHupVfFSoB1gLJ++svzap3BrIIckMcvL8uLBDuv8AU1jmIlYzWugireYxeZLVDzbroK7X0KoQzlT41ool9Rf/t/JkIkgij8M5iZJqLIflgpgzpIBMFw5LLmV7AMdGNStk4KdMvcL/oCSk1Z2wMtqROKukaJR8p8Sn2cXH/3pwzz9wBiQMTnq9ICfm/EIHYJcuf4J1hjT9cCYQCjjQJV7FIHVemT/RuHnFiSDeyM0/riaNxZpA32kRdxN80oDOvxL5sqnewYRMoTD53gC0JLW3TjcYPAYBvXQ+EZdDQkt3sH7s8TF53uQeeSBNr3XS3A8wVb9nVfBVdP2NQFfIzFRndJoKiF4M2JRK+99i2h9WGASY6/KVhGBvjrjFJfXHO7WvpSNV/2oljkJf/n6XRgJqNAMFcrzIeARUG7pWVn2yx05TnsB4hfn9ZCBX2fdMcWOLedHa+AwgYgYkE1db/1uh3cc5F3FLH+zs1lv/2ziN7FY0anpTNLrFtnk74iLRi+TzNGRqACT5M/QpVmSm3f/G8HDNP+m8MvJPvClyhxRxW6UrJQ+4tk0rSp1W/VQY9OUEvCqZTarG6AJCNusuI38VeGgcQUMJhR/1KSSQlbdzsYSj7CiJt0L60ZtdEnb8YvW1g0zdw9PDjLYw6YzBeUq7e+gSSYvFnVzWggb6JwgnCgmsEXP8Tj7yj4cYBHLR1jo27m0LIbLl8KewWDTu3rKv8vQy60v4c8tIc3UOQBaL2YB9ybJqLZojcNrX624ukHf5y7uYj4j2ZAqkOwlNEsiWxic4iOV6HkKJna7vfZvEpRt] bpschuck: @@ -134,8 +121,7 @@ profiles::base::users: shell: /bin/bash password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAa/0HvwkmraQVMB7rIaJUEH9uh2SCb+gUGFvVhUfdc8BQ2h82CXBc3TwAKJBav6UwzVHrGQuXjOmL/J17miIB8SDV7RYe7xMJbYoaeWUMCXO6jwUnYc4dRzNTc543LlUAmehXNJsnollbLh82GUIAGhsBJjxG18+OeZHFXlq29WR1OC0hRC5I4Jo6wKG06OidchIMtdLxUhzC5qr4YNLSXavC6mA1VjxEZhiXB5PiMoxgZOnQG215G1rVzIgXSKNVQJULk4hf54dtPrI9v1mSu8Ejoa3OIMLBmiFvRCQkWBtG3nKBqP1AtzEQGJq9q6HKigVjq/R6yGIHzdgAnngYMzCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQ6XcRs1Gj9INpvO3crD7vzYBwfPDeuNLyFcYQbJDi33amxTJTQtYg54mnFmjyjmWUdZycMrxUhF1qfOI1PHcBj18TTpBWl5dgp4j0/X4k3dxPajGuWsJSdAAXzqUA3fnugA52maUsTc2s6VaCW/fltaG07+1mCKcgIfIEFDR8wEM8Cg==] ssh_keys: - - - name: default + - name: default type: ssh-ed25519 key: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAsW4Nf4FQVcQAcctcyrK63zN03nEuPt3duCquRcPdsklVrrSyJW84niPuLtXRANnfduAvMuyFbUdPywudjX5Efu2JsDC4olJgZB8LCufJGnY782tzCzV/VXaYPbv45C2OMpLSHCYeWkLxKgyjfLwlcKfOXH7PrWVL48Ap0cTfP/abhjw3RB+6KnTYWPaWAWsHqdmYhGX3KqdSPp5cCUpAKDGcXarXiLT/LEJhHHUbPjQQErqWSov0PSymyX4lH8JVQxncnz0wMQvgPqtrpWxj6V81+1+JjCOJrXzNqDQy3AseiPEdPuvm6iJJG1o+kjY6cWsJEP1HbunUup80n55nyDB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDh8P2WxKpOZRP+/k12L0iNgFBteIoPMwyDEcs8WiJhB5AeU1Yf5jeISbF+vWgdDn42wmn/EmqET7MPbBSk/OGltguaIhGEOL2/a6ubwV0ZJxu45i42zX+ug/AGJmrcPMcmCg==] davevdm: @@ -145,8 +131,7 @@ profiles::base::users: shell: /bin/bash password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAuJ3dAsmnRsdaTLxV0/1FyyKC8oFKBBABTvOjZp8qvnfkrz3okP51+mPx+PWNSZPLws+mFBqcWwELvDVt9yTr5MiaOcg1qx9jhtNpPyNyl1d6CUa9wS5cRBJaBNxT9x41U17ps+1NkoEOybyJtIyMVe8hlaL9UGnsnOSJAw8SxVI0b3QMv1f1VZwY122DQgu933L93U/ERSF0torPUFoF6CVQmGK+4Pe5jTcpD1b0Hr0k+wFUTSBlK9bajmWN5jFmniVFYNH5+OZbYdBC2XL4MsCtGJSOfm6S7myOXjn06V2FR1VSwA1wxyk8g837onE37l0vXA1dFQw0KoJcUfIBlDCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQK6wXmHPq98j6dQbRyYxqYIBwhDPj8ysITuKy1S2nmgklaU1l5HtvTWwpqP9Ujhnj0mxXpKoed2hdIuwzbZqKz/x5qy648YLQoiHMWaVdpJPz0RNWllAlfRMYQyz0jJ8H0+oWZ/xjoRheANDwuv+UVMblCpLizTUWcrOpapoTaZwxbQ==] ssh_keys: - - - name: default + - name: default type: ssh-rsa key: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAPrHIrmBWXttl3t9oLitBjV93SSqsSqPljuPFzquuDEetz6e/nIhZJgAFTunLVIE4txxjBVFZwrBk7QcYZ/kT8+Tdvbg5mntQyM3Tre0vS5YVcLnxESBSVSQaA/wpbRSRcVx61wZLZHRztLLJdBoDms0LCJdSaWv8fJUn+jZ89a5quozNgizd1L8VUROWafha29h7QFv+6ekJ4/x5gapmqHYG+QmfJzOxRzLdQF/Ads6KkQmVjK1UpTQR2QGWbv5nD6ch32qlKpG9fiIrvzAb17pKLdVjb1o2clwmZwjzH96ORHIGTYc2eUTUJaKmF2CcyhTQXD0VgeA5ks2xtsg/WzCCAa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEAaUBOFKINd++8UjAgwgx4aAggGA7yCLM24lzjTg+mPjAdiHtwIN7aswL9g+L/ZUk90A/Ifp0OKPxJsmAAFunKTGNnTWGJ3JsRIwwB/w4IJvS0GOxrbIEeVbtg5WhsXMe30lGjyaIJpTN9hzB0v33GU+4vIssdhUgN0FX3LENq9UCLlWn2wGnubu12jvdbZd2+9wo+NHHvZkOByEAjAoEQy16xo0UarEv1+YDnYv3iUjCSnsnjj2LSfVqpRQnhHluvcw8oMJi0io2XGeRi51Qoe+MVUGYPzx2xPMBEY2xMlU2hxCaSWGRo3GZWQPuKNWNFft6n8I9gziXwy8VTQfX0cFTNHfwqj/FSEX/iwa6xQNcdYD3jpKM7N1H27lu9+0XhnQy/i61Qh+b4fkc5oht52LJjlTZMeIpgOMpf1jOXUqMVhMi54lNcHd48MF3aCmnb0Wif5fXhRdh1c4PUcn4u3yXQMdnc/XhLBGws4SN4SgZHYaeU2kx5UwsHJ8g3rjvDXf7bxqQvm3N17YuwJgk7WAdA53] dinoex: @@ -156,8 +141,7 @@ profiles::base::users: shell: /bin/bash password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAbtFryYP7TOjfBp47lzKEc5awCVu/YS5peYCo01oS9H+U4xmto6vvxqo77IR/1Z4vnFgubSRCMY2BsSwq8t/wOdUv/uvnXPtG2JbyISfQVLXuwMuM0u8gNcDyAo+5HjVRYqIn+a7WaBLFcK0IO1uYcuKWaUz9McNxv/p5oLpZjA5TSqdyGIa9gUu9PrLw36hO5h1cEbLGeJh5Rv8bILRtv6f+b+X5bIOPhhbTm9WGpj4+6uHW8kHNsbM6sLFdLiEMxCD4RWHGGLqRUELeCe43qidaqDl4SSAbhoj5dZ0aBTPUzVeVss29I739OYF65YA7GRyT9KQvYe3EYYM32Q3+6TCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQZ6KbScQmmPOguvNQNXMzEoBwiX/iswt0IoLmEVF2UJBn7QS9Z4XdvZLDUrhv7HeGGAssqkZsoGXNyllnv+3J/PxkNR4Jji/jjJC+rCuKzLTiVCB7tvo+a0EqWjVYi/qyEzb7kj+Abd3ZvQbaxF/FtaYQW+gfVutXHK22r9ELbiNUAQ==] ssh_keys: - - - name: default + - name: default type: ssh-ed25519 key: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAEv9/oME1zVsCZgAOQL/q2CO+IjDZCkMFx97XEzbmlIT3xgY6s/mQ0bb3IGbUxmABZCno771ocv37CHQwbSVjFJjvuQ3j1gpSoN/QeU2HeQXMl48tJ0Y4ouDU5SFQhN7rbh+M6/BTeoKPqX7XXXzt2++cXCa4TH3Qqhuv0Ooi0KAcKamFqr7cNwmt1POT+MSxHWNrhyKmtT5SFxQg3NGyZx+oZnZIuA0z0DUCs1WmxRe3oYwfqYcUAVQsi73gYAmzjbbufIRs33/q9h0SGdQAGYlaT1OQigBMZAAT0z66u0hM6qhChcYb0LkLpSiYuMpuz+VtTPhFlt8/VUYRW1kaKTB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCIZUNksq3f53Y/UvSBuhlpgFBFamhUw8Ni/Reg8mf86XJ2ueweLS7HlGgFm0BYJz7yoBiXzaBm2r7AP3PJnkDgA94tWYiQFi5oygi7UDAqdFLnEM6qQsygZ5e/dWxF3PloBQ==] edkapite: @@ -167,8 +151,7 @@ profiles::base::users: shell: /bin/bash password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAeW7DqxspLoev9Ny/GY92DO7hVf/Eur6QGRIwnOe+nu7JPdlPbkHF7iy+4m6hXgMgkxOgRZt2KE4pKVvgV6H4Tb89/X1L4oXGv5lzv748Ik8wX7OtL78rlNX2HvDNJrgi4Ho03d+W8VilIqoycMo5yvCcM9KP6K/FPitiQ8MePNBwBlaPAaW+j9obDojV5Yopxkpi2XDevs4VyZB1GEggVBJRxZ9SGSCGbAmmPEaK7RyXEcDabfmkBDa/VUtYrk0LgSKFL8jl59P6OQty8IikEcuYSLDInPo8ACEsGni7rSNXdTTocfJ4lhfBHijEJbHzLQZQZOTfxsJoIr2A/jzkIDCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQSZUC6K+kUPgJCa8A7WH3G4Bw8luHM2y0AVUzwmE7JZfKCv0ZRdLWnkSgvX2RN6ToLTX2gncuQuhVEmok4fsmahodp1mfqeVbext8bggmu1eSLxA8XBwh72v1rVL7ttLaQGDl3VawkDgbh6gX7AzABjyMGP+uLAbeKoJ1IsEo9WIhbg==] ssh_keys: - - - name: default + - name: default type: ssh-rsa key: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAQf9k9VeRXTmGLg649fal0pSLRU+pwgEYdDkvu6euH93cJDiQ8V+HQkDwnJCV0Uw06hoKXwLMHaOWkQy06BTQXSb5eYVK/i26ADrrpN4cZeeonGPS4IkYlMZuj0RkfFKYMXD69AR/on0hxWJp/B3+ro42k8sCDqvzBuxhp9saiilVRkKAs4Ai8fp7OLcKDVrGTtH84oILLGrNmFd5ESUYOpniMwsZkFRsNz+BYA9zekSOekoanPqJzDOGCFMrtWNYcqkueJzVy26p52QD/hVzv/qciH4+UQfwJ8CS0FoEq2tesByo6QcB0u3I65vNrYsFPKrDNCRewptU0VsQzDbYyzCCAa4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEN/muZQElLjvkI4ZNeyLtoSAggGApgpPf8nTDvwEZyDWzkbDyJXwwt6Pcpx/RK2Js9wrtKaKcr5MXadcjvw/mLMShOaZM2IX8iuv4VLhWMlQZZVLQKUBVUerJD/dAsaKOX3k6VSvvNF6m/aZq92r2AOVcnf/NNi1eCUCubTP/a8G2GNwsJbeQkDqc/TEgRnlw3KX0O35csy995ZS44fOpWseBnVhVe7NymaPyhCYam3+/M3r//Bo9enmckWWz/NcOk578HfAR3P6G9pXlJZcqextmlUMFrauxKNg+cEhsxDvpJRiDNQzeKoHBJRlrJTXfkCxCVsX8wFHUHJT5usryp1xNcAamD41JAsPFeSu9nwfXvsmOzMNTFtkApUR0mb0rD03LTgJOsvG9OBC147OVsYCeuFXWiLgI/KvkemSM+dgdPX2je+5e+aOMPTtELsb40gg/k/h2jaW27ElnUkFt6kZVTgA95qTopwrMDvYvbEkIHQwMFKgBRmuB0/MCBt2CvPVfcvNlICAQuCFvRrLf7NR0HWR] mish: @@ -178,8 +161,7 @@ profiles::base::users: shell: /bin/bash password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAJgGCZlQI5dx9qCtmJMA2E1Gm3c7lEEA9PYGJGSCCKzZ7lXwXc5JXGG8VZXgw8H6Jl/4pmk5W5h2/ZvG3XUq3cjIn97ctfk7oonzT4q1byEvpsRZZc+OMJF7dv/tdZm3okzUU9ETUygcOvu4eurl2N79EhHmKzQagwt1UWSByKn0GO438qA0+nep3bjIDzw4sRvdcJ8rKWJj7ua/fuvP91HLStcriHMbKg707KWRXVc6N9DbtyNKpY5d7bQJGvH3uhyO6O91a7csJSHdFSPRVAY4cUB6Kxbsu04c5i+v8NVHNXugYT+VchLggeqB8lC8/N62Nbl16HylzmhUjsDm+YTCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQd6NYPL0JlSJjJhhyhY0Q/IBwFH94+5wLrw6hW2C8s2vj75y5cQ3WAvJ/axC346/yAQkTywCb09eeI+tHAQ8kKsk8FFOBFcM0y8hKMyAQz9+ecc97P1SR8bDgw2mm0QzlUG1J+yUDMCmlsSQv+wsWMk7Q5AP7IpGpz7NuwJVHenw64A==] ssh_keys: - - - name: default + - name: default type: ssh-ed25519 key: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAX8bFst3ZPRVLttBBl1rD1rrjeyC0pHFYd6RbezfauA3LhecNGyxlpGS1ivcl3+HPfPgSqnkFkOnVZaRE8+TmWtBCPPB4zpVFVVJm2tpsj0vH0fmUBasjkW5NPk9krf8I0l8n/zs32W41XURmwvlEsB+VNZ3ttRsEpVNflEzIGGzSRTq/iI2KYV1jjKsV6ns/KBB3b/GPZr0lJ23xojfJtEyCJReLsSbljeZY2a3kuqD1vFiWpD7B5fNY4JSXPaMxkhUkWCX1RUsjJm/dSnMLOZK5GOIoDkYipt4XCst49QWNl+/r6vkBngM6sbQES9dkY3/r+KR0Wt03DUA5U5xmezB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDrw85SmW6AK2vuGp1TP21kgFCYO/l/FrI5fZizRwZyp9U2uNvDVcG0/JDKoZKflY+AtDtw3mjEk1LngRX8QdrpO11MGImz6qhxTAgRY58rG6kXzZIHYok9mrPcsLY3a5mB+w==] sat: @@ -189,8 +171,7 @@ profiles::base::users: shell: /bin/bash password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAGhOLy4zMuhXCvUP3ibsDzxs+rS59y54T59J8BqenqIFD3vcJRYHUKFOxTdy1Fl0LtfU57cebftorAJUQYMIS/obM3c7PUXWlPa5Tc0wwBl50plYvWnr6s5qCTa4n6gshNoTwPcNPFKSya68bWfhRbVrl80oyh6+bfAkZFKIoDf+b14abrFyGYnE9i7JG65fuDrsQGSxqZusHW0Cm/pxUwne43qL4mPWcCVN1DuY456WR+ZDEum38yA94rkOPtrvoWTSRQDoPfA9YLh508P8p6SPa/ZbTbdkRQfvQI1bMU1K4qTICQUlf+5x+k1O807ZzmhEEUP4A9CKDAACm+HCQkzCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQlApm2cR5rrH4MzEZyR8gnYBwPVJs6/bkdDVU9sF34s8G66wfQeUdJvDo9AwPXV+pOdT8Mxbas1bVuZVk5dJATt+yVhQjgP7AsVwVZ/oIVKxC1B6AStxChsYLEfp2C7jxqCWOh09o34bainKshdaQLddArsrf8b8rv673FeGMC0dQgg==] ssh_keys: - - - name: default + - name: default type: ssh-ed25519 key: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAI9U2/fk4XrZBFpofjrQ5O3oiYOb/74VI5HQQxL9SgjGUQKHr5+b+A2fv//89EviXo/mI0EsR55PZyamkjavJVWt0b+AMwlSu1B7LWPdCu+5dxBt0LzF03pybubQZkdFsu/9/yD4sEIbd8N85/VqNXv4Nt6P+bhle0pbp6jl6bgcvn5ppIhGB0+SKKQqzHuz+xOD5OV6+S63uxkcvGPujhycRd6qzVjTisTp2ZT7YXZd24HJpOSrapYXhlY+5oV/pYysJPimlxchkLmLDQmsOZeloIf66yMtlzpiG1Rure5ZfRAzjSDt+NocPzWqNXMVCveV8A418OOcuBljq6fdmTDB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBASCLj5gcdCKa17ub6WyYoTgFDYwFpMIQHKgxUQY6TmHFobx++54j1s6CRQ+IKu/2e+bhXw+5OUoq4RZ/qtJQdeMsOQjk415kpVckrDMagJCyXZzmZgZULB5ZfNcTH5d0zfTA==] waclav: @@ -200,10 +181,19 @@ profiles::base::users: shell: /bin/bash password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEADzZ9Q1Naa7TQMVc2VNfb356HQmyjOiHgcrK8MueSvrNqNACG4NgwFbVzeJthUeVwPjy4Hk7w+06ifK7jiq4N7hOBTOO0zdbxzA23EQ85Q7qZrts0gYp+r1CJvMv9meMoOAIvyLizoTkSU5aO9lTPu1TAl/A6LW0c5Ya45cbNCYXqcW6fRjiYJj7/S4Co8lHeWOaHy/tUzpDc9Quyxd5vdWRWgKx/8ZILyATtk+bdkxwVVyW46nxMmE9O/RNXEOGrdIAled6GwcixoDVzwrq+pM4/DTijCBPVMIZUyR3tL2H4Fr9p2tW1LrzEo3zudZP1C4vZqoIVqu/G1dczp0JuuzCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQR5ZCSfFnxZGBQZtqzRjxCIBwyU8pPLvPgJ5tffhx9G13TdfBHe7W7MqOjJ2xjXj+Aa2Dr613SsLxh8X5ivyzuwX8wrm/nmuBD/uDnfPW+cOS0kUnW3MTgsENQCBFKTL+vw4+FiP612whGf9uD5oUPxRWT39Msxh+Bb7J++ZfIyAfNg==] ssh_keys: - - - name: default + - name: default type: ssh-rsa key: ENC[PKCS7,MIIDnQYJKoZIhvcNAQcDoIIDjjCCA4oCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAistES1GTDLBO7nex3K/G8qWA3VOFRibcSp5uRCyBrudPZk4EKcyzZuFz55vDoXJXywjfg3mye0vIfA87JtFAfNmUrwZ17Ez9kP6W6wrPzpc6VblnAgItFklnvInScgXGKxK1HtY4G3AUS3Ixswcmsh5AdRPM7jlGShhAB19MYhBSHVgStZX8EDBRA+Kw2pLi95ZqNTZY3QOIPmsMgEU9rp8JWZ+kjJ9rwHjVN9XxcqCagPNXFYmMwTw5OtvO82a/EOJQvuZAuqtNtdwHvpHKMujPowF+DBTXpHwhhpiEmDZfRF29Yfjt8KlqiPjKoDBmPedoQ62gS3pa4BRLtfaVdjCCAl4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEENUUBENShmXQitBNmpkVdDmAggIwpJ0LnU7ef+6gynNYQR3thmHveyNyQ3Eu7MynJ9Y7O7i9BHDTN19KEi1L1Iim1FcLrgt1p9X9pjZv/5kXCdf2x8qAu7HSgiONEdLWionV0wriD8eFrbVJn3GfBCdC7aN5L0wT7xFsm4MD1yB1CHUgXQR+srRO77+iuDTnm4gfVah+oo+PS/9vqw7LF4jmps8L8DelXYTjBuoM3GnY7tJbTiUPV5/rLhpq+hRIvR8zxytvjaE+kOk8lt0qM185YrXWGUCjnrgSs+xKQvPuGTNIBN6bXATptA0u4okGxOE8glTBuuL3y3nnsI1rLuoJFNVNCGVj92DaohnLoJrJ44jmsv2QVEOXR8fd5Hg2CsV5/pmZPciHaEFEN31fmiLvpaJe7wG0vq1kri0Dk31ghISNJsRTgYO+yW/xI1jmSHiGttAMhlRUcQqNDN3Bdsn32vHE0vHphlRHfDFuqX54iP9jSnQMAsHS8O7gNovslu2TLKxtcjQOpha1iDqFGdg4QyqF2jmNnR9rHhCbF44uaTadefzMWE0Gya/UoRv3j4EWrsWwXd28tTOXGF/yxZEXfUo3y3F6DwIb1ko11M6Z3FE8Ya8BQp09FCAmYT/KLFe0KMUU9f84JuxE8dxY2QBlYBzq+oO3wnRAVmPGBTcQ5+8VNlzpSssal6Up5vAX6bNnmeBJUka1QHvdNFBsdY4+mHicAmznHRaE48ipSxmoLovqBzpzM1bVtsd19xs9HT637Kk=] + kim: + username: kim + fullname: Kim Nilsson + uid: 1017 + shell: /bin/bash + password: ENC[PKCS7,MIIB2gYJKoZIhvcNAQcDoIIByzCCAccCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAniMvqpW3QESL5lVRrM0TBGv1Y+KxUdCAVdkmvAz1BOoLtBrH9ce1bGu8Vc26IYKjeUdocD8i18uLuAqumosEQPjtMROSqiYQps2lUFs5oZSZ+l6FlS6QNrppQiPrv4F0MEbr/mkdPsNI+FR1FvNnV+UjUnOt0byFj3JNQa0v6qpSGmMaAOwBh8athJwFggok2gjku/IxCeruSsgYw9VQOywY4u6GZcTLXhQ9ndJqV6G/Sau2IizEVAfMI7DW1YauVdV/SjsT7eYRjZ93V++Cg+iDdWvCUYAx0c1Q768xTkc8JTEq9Unca4Ox6F2xej+9PtC9RJwTl44gLGbhzU2i9DCBnAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQhJhROlF+O8YDQSGhy7RRI4Bwj2x7TI9bE4mF9fsHJSStiMGciLyBvsJU+wTVpb0xYwlDJjHb/UdL91h385KmIHX/W7L5EdhUiZIiEe/tZ3zny1/Ain+FmlblXELLjJWq+SkG4eWrwXHlfknF+7VAeSfHbaw1MkCDBDmONebJhdtq2g==] + ssh_keys: + - name: default + type: ssh-rsa + key: ENC[PKCS7,MIIDrQYJKoZIhvcNAQcDoIIDnjCCA5oCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAARaQNN0Ob5c52Plwu964s7oaYVstGId7NGWbSbq7ztxOGsueozE5jUx779xrZ+Cwgqg8ciEsdQMc+3YwE8pJqsVwIUfNkmVLNzdXFcelfUG2AaHTCC54BdlHDid1N+yZA9iA1384s6S3/1b+utqwrOo80GK5RSM9n6vKx+RZc9gDw0hXgbIfGf3VUzB5I8jtGQy8ogqd0pBIJEjaEO3YmbfoKQ3ZhhoaQWs+EXdXX9QEp9azxtDQ2u7B8Uq++8PmURIkwJ/o1194IhBvxTYXOEMzxsFodsNGgnlkBHq3FNzV2TRi8CjllM1rORIXe9IqAZTUtD3VAP34BN6qqlndJDCCAm4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEIgmS7F3nZn/xQYI3ZPw/3KAggJANEs8cZnNr91lLtVs9/IkpDumtgBP8zWo/ftMDXI6ABwVsoqkkmSv8Brdkj/RFl9Ifmeb/kivucwkq/FB27IcgRLLbb281Bi/UjHl0JG8A127Rnu1duNwTPFohxrm+0g0GyNCxZOOHVpkpcpaOPxO3+sA+J4eV+/97V9na0n0kPJ1MbH72gGi5snQFZgIqHVbHSrHLGVtjZutfzvulLTMYR7upPkAyIWiLgMr2zlOlpP4+OS1HFLKrGs/bv6j7E02z8CfXRp8eUOWI/CNV4KrB1sJDCZoV4RUCaXbv3lLAaqLNyqaEx012p6jkwMsEKwk9ILavfT9Qt3mc5RDooN5KFMzca6GQS7wARgUcyAs6hqAg2Xi4bBdDVd7QOmKExUpXTjZfuEi6y3chmJCSZ3TBzZkjMNg+/xwUwl9hKj9+UJHvlKz3bvfCy6JlBrkoCVNN0ax2cHiP7btJ6LoSQKqLnj4d3Z+GNMN2ROVPVUSRUY3WPdONiJhJ0yi5eOmAPoqWL/9ncVoWWmGpMwQEd9cCydhxd5mhtLlZxN1UjCLlSCjVRv2lvW7xciaoufgoeBSSL4CHzuHHP9jNv48T0q3YwGEr7sZIHh5cud5dUYtZb3yzzqMPoY0jM/bBiX9teDGNQHbWW1Sj2CuFBEYHr6KQVtxsGehcRYV7lg5/OPB0Q61LKpUzmLw2Joi8AWYVCRqBa9ZNuUeongm999UtgVxyCfk9GCuDsOM6OPDbrdFvyUJ3CAavNSwpDOv7lt1NsGx] profiles::nrpe_agent::allowed_hosts: - 172.16.2.18 @@ -211,46 +201,46 @@ profiles::nrpe_agent::allowed_hosts: profiles::icinga2_agent::pki_api_user: client-pki-ticket profiles::icinga2_agent::pki_api_password: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAjrore6zK7GJXbP9FZ6ORUWvpt7FS2fXHiwB+ - ocTcmP7F8SnyCjYZ/a6S7eXPJVffZ6pZazozfUmW6HXOVFcSrZZdccEcZbFt - ZnQb9tp63BCHHGwqI/oj0jVdInaTXE1i4yQTjev/twzblmHIrEndfZnZzyAd - 61cnYuv8og5p5pccGYYoXBcPcguB9KtspfYL/eEwD4xNvqF/QlkAEXKZ5o39 - p9j24ao57Iwzy4o/dgI+MOr9NIMEtmXoIb3Ake3J7CaN26IuP22MTivFWf5p - 1vlMA69snYOifTKIw76eNACYCz+KA87dWDNEsR2OtCCbQ2EA1nrAXTdlYWdE - RmIpGTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAAs0An2QOnxac51GTU - gCG3gDAX0FOzW/oWi8c1PDIFb+0B4cTQRi9gP2fzugKu0bp0FBB7akZV6Zx0 - T5GP0WQAzU0=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAjrore6zK7GJXbP9FZ6ORUWvpt7FS2fXHiwB+ + ocTcmP7F8SnyCjYZ/a6S7eXPJVffZ6pZazozfUmW6HXOVFcSrZZdccEcZbFt + ZnQb9tp63BCHHGwqI/oj0jVdInaTXE1i4yQTjev/twzblmHIrEndfZnZzyAd + 61cnYuv8og5p5pccGYYoXBcPcguB9KtspfYL/eEwD4xNvqF/QlkAEXKZ5o39 + p9j24ao57Iwzy4o/dgI+MOr9NIMEtmXoIb3Ake3J7CaN26IuP22MTivFWf5p + 1vlMA69snYOifTKIw76eNACYCz+KA87dWDNEsR2OtCCbQ2EA1nrAXTdlYWdE + RmIpGTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAAs0An2QOnxac51GTU + gCG3gDAX0FOzW/oWi8c1PDIFb+0B4cTQRi9gP2fzugKu0bp0FBB7akZV6Zx0 + T5GP0WQAzU0=] profiles::icinga2_agent::master_host: monitor.infra.cacert.org profiles::icinga2_agent::master_certificate: | - -----BEGIN CERTIFICATE----- - MIIE+jCCAuKgAwIBAgIUakjWIH5VKmS7yZycSG7EzfIYWkswDQYJKoZIhvcNAQEL - BQAwFDESMBAGA1UEAwwJSWNpbmdhIENBMB4XDTE5MDcyMTE0MDYwMFoXDTM0MDcx - NzE0MDYwMFowIzEhMB8GA1UEAwwYbW9uaXRvci5pbmZyYS5jYWNlcnQub3JnMIIC - IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArjQIqs6zXncatT2luZImFAkx - XwUnApePQvxJ98cAyirNR6Ugh95syo9BP9PJvIojjxtuPK5FzZmLi3c5UO3ly72Q - Yxho/yZ/qLllmluhreiMAcofDdwyo9X9kAfexjeztopdY2flBT7LpQ7txuOgK91p - WmI2uH5Htjwtbumh4E2UO9NkenFpNpUVg58mBNZpnNDApYacj2zz1v2WBFgaM1/3 - UABD+HicNd/aS1ji6eMOglgq5arYrfKZxpe2GgVZ50xfvWrIfg/C7HvU+GyghS7f - XgpyzjLQoR9gS4aAPIvb45hG4p2u3Fx14PR3IynYtaZV3KSh5RNKBkQSlu9hmVRS - y8aR5DqneDmTVX944lvlr1+x8+Xy37DZH9+6Bq0mBrnnlEc5y7ybcreuUm1Vx30l - /iZfnt8uwC1SyB2J3ZbtXK9vIPHG097rLl0l+Rw8eaObaWl8rn4PVjdAUaFI+q2B - hep8b4gfyF393Ih54OTYCI5QyEbBPP7syTCSgrWDUUnLv/ar2AvXTfzzydqmcKsz - Yliok3iZfjf61TETTpBjqkKHTpS+mE55L2DSS0R1X0JTbjwmkvANYQ80emKk49Xa - k7IqYJYT8+h2wDYambcTR+rhBV7c6QBS+phCPqO+7miYdyDeZCvPtQcO3lxMEnVv - y2nh6+8BvEveNfdTNOUCAwEAAaM1MDMwDAYDVR0TAQH/BAIwADAjBgNVHREEHDAa - ghhtb25pdG9yLmluZnJhLmNhY2VydC5vcmcwDQYJKoZIhvcNAQELBQADggIBADGz - W4rXl1xK5qNHRWVy6wqH8/2OkZCg1O8X1b3mEnYYXyXRB8L6OKDUDfNZaldACegT - aEmEzBL27+/7wW6SymWoL74ni9WOZPqJ3GsWtHDUWSsolvQWHmYFnIGTOm+8PsVw - L3X2ftPg1krXhTWevK4rZdLNh4KM4Gr6nFHxiuxiOV22xqLSaFh/rVd0TNlpgCIZ - oWOsKYrqx4Hudq4blDI0w0NLySgOVEgl1EJA/vED1DzOFmbmuvujODUhjm5sVvuN - x9Zm4G0KuZX7LgKc6VeGnAyAUzgrD/uhZvc3oAzmfUUC3dx7tWB7WUuI9ji9bL8v - 94oXsQ7Ig329RdSsE3AoH6w54cVgCEo3WZ7j7z+ejPPLI9DbvFFwM/JFEO+A1cPw - EEUG8bSHHo8Twe5tgTwr0t1Sch3D5Ur7qv0nBAjwphEVoIGiu5yudmFbscPgTz+i - /NPtJ1zZ2NCjLabeXmaSq8Zxy4dCJ0YJ6fuFz2SKd92RDO4okhDbRgnW1RT1+eAT - 2dNvOd3V878PS7BM3OAzZTfVnVD+/DTRyUHAz07iSB/1KNfEfn3qDSTapx9PL4aJ - X74w5WZ7FlNdQHRFvvjNI849fVb2MoLxeIwd7W5flv6gpLlMX49PMp62ZtfupbRJ - 5AtYgSC6FbF3WwkRKTz2/KZi5j0oCHqxl31HY1Hx - -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIE+jCCAuKgAwIBAgIUakjWIH5VKmS7yZycSG7EzfIYWkswDQYJKoZIhvcNAQEL + BQAwFDESMBAGA1UEAwwJSWNpbmdhIENBMB4XDTE5MDcyMTE0MDYwMFoXDTM0MDcx + NzE0MDYwMFowIzEhMB8GA1UEAwwYbW9uaXRvci5pbmZyYS5jYWNlcnQub3JnMIIC + IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArjQIqs6zXncatT2luZImFAkx + XwUnApePQvxJ98cAyirNR6Ugh95syo9BP9PJvIojjxtuPK5FzZmLi3c5UO3ly72Q + Yxho/yZ/qLllmluhreiMAcofDdwyo9X9kAfexjeztopdY2flBT7LpQ7txuOgK91p + WmI2uH5Htjwtbumh4E2UO9NkenFpNpUVg58mBNZpnNDApYacj2zz1v2WBFgaM1/3 + UABD+HicNd/aS1ji6eMOglgq5arYrfKZxpe2GgVZ50xfvWrIfg/C7HvU+GyghS7f + XgpyzjLQoR9gS4aAPIvb45hG4p2u3Fx14PR3IynYtaZV3KSh5RNKBkQSlu9hmVRS + y8aR5DqneDmTVX944lvlr1+x8+Xy37DZH9+6Bq0mBrnnlEc5y7ybcreuUm1Vx30l + /iZfnt8uwC1SyB2J3ZbtXK9vIPHG097rLl0l+Rw8eaObaWl8rn4PVjdAUaFI+q2B + hep8b4gfyF393Ih54OTYCI5QyEbBPP7syTCSgrWDUUnLv/ar2AvXTfzzydqmcKsz + Yliok3iZfjf61TETTpBjqkKHTpS+mE55L2DSS0R1X0JTbjwmkvANYQ80emKk49Xa + k7IqYJYT8+h2wDYambcTR+rhBV7c6QBS+phCPqO+7miYdyDeZCvPtQcO3lxMEnVv + y2nh6+8BvEveNfdTNOUCAwEAAaM1MDMwDAYDVR0TAQH/BAIwADAjBgNVHREEHDAa + ghhtb25pdG9yLmluZnJhLmNhY2VydC5vcmcwDQYJKoZIhvcNAQELBQADggIBADGz + W4rXl1xK5qNHRWVy6wqH8/2OkZCg1O8X1b3mEnYYXyXRB8L6OKDUDfNZaldACegT + aEmEzBL27+/7wW6SymWoL74ni9WOZPqJ3GsWtHDUWSsolvQWHmYFnIGTOm+8PsVw + L3X2ftPg1krXhTWevK4rZdLNh4KM4Gr6nFHxiuxiOV22xqLSaFh/rVd0TNlpgCIZ + oWOsKYrqx4Hudq4blDI0w0NLySgOVEgl1EJA/vED1DzOFmbmuvujODUhjm5sVvuN + x9Zm4G0KuZX7LgKc6VeGnAyAUzgrD/uhZvc3oAzmfUUC3dx7tWB7WUuI9ji9bL8v + 94oXsQ7Ig329RdSsE3AoH6w54cVgCEo3WZ7j7z+ejPPLI9DbvFFwM/JFEO+A1cPw + EEUG8bSHHo8Twe5tgTwr0t1Sch3D5Ur7qv0nBAjwphEVoIGiu5yudmFbscPgTz+i + /NPtJ1zZ2NCjLabeXmaSq8Zxy4dCJ0YJ6fuFz2SKd92RDO4okhDbRgnW1RT1+eAT + 2dNvOd3V878PS7BM3OAzZTfVnVD+/DTRyUHAz07iSB/1KNfEfn3qDSTapx9PL4aJ + X74w5WZ7FlNdQHRFvvjNI849fVb2MoLxeIwd7W5flv6gpLlMX49PMp62ZtfupbRJ + 5AtYgSC6FbF3WwkRKTz2/KZi5j0oCHqxl31HY1Hx + -----END CERTIFICATE----- profiles::lxc_host::dns_forward_servers: - 10.0.0.1 diff --git a/hieradata/nodes/authserver.yaml b/hieradata/nodes/authserver.yaml new file mode 100644 index 0000000..3cba665 --- /dev/null +++ b/hieradata/nodes/authserver.yaml @@ -0,0 +1,16 @@ +--- +classes: + - roles::authserver +profiles::base::admins: + - jandd +profiles::icinga2_agent::pki_ticket: > + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBAD + AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAMuwyVWL3VEdgAS5HvM+RltOUGC + hPe27Eahu1zUxp7f48aJ/VOsmgHm8F1YftyC1AndzrJ8T84Lm6Ur/NZ2RkoV + ZUhEGf6r2eYb51NejOwCaZOvVODXfl0dqhUloU3Ro1PtH8uAsaYdouYdpnqD + bIjDpornfsT4T7djqYOfchUbXM7A3u7pPRpukpUHFiPeAb/nRHvKH/xJvWXG + 7BzehEJNGERQ5DERTJ83Y4yjZ3V4mtTbMk5GpZ3SgHtui5XigCSJoeyhcX5o + Z/zBH1fRe7iO0f1QCIR1gZEB4T54KXGFy4WXEUuulBO8h0BdkM2aGQ+Cgw0X + L0YPzwDKzt4kSl4DBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDIBlhjSM + DvwLO0SRosvFN9gDD+lGsBsFLvo8ll60Nl5FxYEW160kr+PTvxBCu/2R435b + IRkWxuqR7qkTpqnVizUao=] diff --git a/hieradata/nodes/blog.yaml b/hieradata/nodes/blog.yaml index 3c2c09d..5cf35cd 100644 --- a/hieradata/nodes/blog.yaml +++ b/hieradata/nodes/blog.yaml @@ -6,24 +6,24 @@ profiles::base::admins: - jandd - law profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAQsBoiVwx9vmrYDxh7YuvesnlK8zu9EZ51RIV - RbGlw6iUQa+93uIv4v8dsdBTuRzaMs9TDm+zYtg8rjv+yvBxXNLTvPGywQLk - QmnN285KQZxLYjEMYIhskEmqYiCRa3yizJsHPHdnDfo+ddkeOBA6ggfeV+q6 - nTKO4E3xhqzhf9nM1dH7wmEtQGwUf1w19DCuXZJF6Umy6RqqR+TWJEyqLzdv - /PLmK3uOzfEwqTbiD1kr83suFyksAeePQdgIzHRz+sCOdr866YpSHSUdJZgc - ytNY054jmupwdqTfg/jYYtNWWToHbnyUBQuVMPVlNB3o2uDecSRkcRaQbyih - 1PvtizBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAVe9rr+qrIzyMWNoyH - rzk3gDAzQ3tgLcEabWZfImVtWIACq224h2PaVx/1YkZAVUH7YRbcvL81JJfJ - wfhG6SBWM8U=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAQsBoiVwx9vmrYDxh7YuvesnlK8zu9EZ51RIV + RbGlw6iUQa+93uIv4v8dsdBTuRzaMs9TDm+zYtg8rjv+yvBxXNLTvPGywQLk + QmnN285KQZxLYjEMYIhskEmqYiCRa3yizJsHPHdnDfo+ddkeOBA6ggfeV+q6 + nTKO4E3xhqzhf9nM1dH7wmEtQGwUf1w19DCuXZJF6Umy6RqqR+TWJEyqLzdv + /PLmK3uOzfEwqTbiD1kr83suFyksAeePQdgIzHRz+sCOdr866YpSHSUdJZgc + ytNY054jmupwdqTfg/jYYtNWWToHbnyUBQuVMPVlNB3o2uDecSRkcRaQbyih + 1PvtizBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAVe9rr+qrIzyMWNoyH + rzk3gDAzQ3tgLcEabWZfImVtWIACq224h2PaVx/1YkZAVUH7YRbcvL81JJfJ + wfhG6SBWM8U=] profiles::x509cert_common::certificates: 'blog.cacert.org': certificate: | -----BEGIN CERTIFICATE----- - MIIGTTCCBDWgAwIBAgIDFH0TMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv + MIIGTTCCBDWgAwIBAgIDFR2uMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y - dEBjYWNlcnQub3JnMB4XDTIwMDIyMTA3MzAzN1oXDTIyMDIyMDA3MzAzN1owXDEL + dEBjYWNlcnQub3JnMB4XDTIyMDEyMDE2MjExOVoXDTI0MDEyMDE2MjExOVowXDEL MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD VQQKEwtDQWNlcnQgSW5jLjEYMBYGA1UEAxMPYmxvZy5jYWNlcnQub3JnMIICIjAN BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAybu0J8V7aA8xGU2dxSIS9KK2QeRW @@ -43,17 +43,17 @@ profiles::x509cert_common::certificates: Y3NwLmNhY2VydC5vcmcvMDEGA1UdHwQqMCgwJqAkoCKGIGh0dHA6Ly9jcmwuY2Fj ZXJ0Lm9yZy9yZXZva2UuY3JsMDkGA1UdEQQyMDCCD2Jsb2cuY2FjZXJ0Lm9yZ6Ad BggrBgEFBQcIBaARDA9ibG9nLmNhY2VydC5vcmcwDQYJKoZIhvcNAQENBQADggIB - ACH3VhQTP6Dgu9lSADKi/7o3opMx4UhrkPOeQ2xiV0CSic33PwhsWCR2x7uQ9EMx - MYX4JjHR0xZ+n9ir58C+Unko0xcx9GwdZYCjD2xEoDOAq8xxG5oAxApiFkMdQ2tx - RxuOfAQxzyJCVLKRJH199ALMok+qeliwjS6MrWGmDbgAC2MDd2i8UC0sJfFlkWaM - 3HH+nibKa7ONu1c78LOKC3jD+Z2hSwXT4ikJJmrBeG5/VK0zGdfvk4EleWP4M8Qu - RluGHOL2UNPzd/0jc/IHnNxGPDZ3B3Te+JO6MMP4gWgj354D/INOX9hFZ0GEffpu - YEutlDSSxouNx4qoL1Fzw+7lq4EEDe43rM46qj6LZ/K4dKHRiXFRefccU5U8uwMa - QvLOeodWNZun754vcYovcCb25ZKVJik+iPjC3YcZ9ocx0sX1RW55E/9Fn78hnz0C - Uta42c6OjB5qsXzoYcEHxUG0kY/qaRs8x7awdfkwO4yvFmI4Sma3dAHbxSAVq5fb - WRrol+KyM7qeRaoOC3yurpkLK26WUfQ4n34Sw8lH9fD22yKpRjg5sJbzemSziKH5 - StiOXCmeXKLQnMBebhl8RZm8PJQa5HyPkD/6oCnxg5Iwj7ciiByJNThtKW2UuthL - WrMLUiJmHCX5Tx1H3wLVv5bZgHHrOj/qc8FzeDbkweTZ + AE4P1Dfnj0Ew7YgtSP6bK/eaUwRm4wExBYRqx4N9jvxamnZe6f8o0xtscDvKxbyu + PIGxCbz1XbT9ZHu36DU2qfWJBIYXYSq/qwZG2BNFrcOfF6TL2hsZf1eyKyyszT42 + 5ieOOGiEaz4fBMml13wMklrc3lawjSXSebxDH/1joUqLD2RymcSWRVNMkUsBhjki + 4fE9l4z68QnBZAVnXyOCw2KMqOuWGqu4cguMfzcVc+cyaYPHEx7BHNPmvp+mSHsC + achVOYnYoCjepq+MngABZt9O84hxIfCYmejOSNU1Am3M62j1bZ0HgCjXlYcE/Bk2 + 5Ks2dHYgVxMM1NXyGyHk9O2vvP5JzwBj5/VUqUY5AbtghAceWinZsCslsupvHJLA + BqHJlTPn0Gj/q73GtNsKdRL1J7lN/7MppPPt9ELG9lAi/8sFYPFBlhmsoANEJRWP + rLhpUqTf8ZfmSQjkJyoEK4BCJ7Gjj57+oN/lqgfjfmIH0YCGX0JK6SrKs+UI/U69 + +UQKekryHDXWLgsBQ6l8WqiGmBFRgPwN8C8yQUK0kMOY9hXSOkziZE9/LUV5eW19 + LM1h/Ih69JrnpVVYrffI2hJPEjnrpJpnaSx5p1frZ+OglPBQpdddhu73QLuROR9e + BEhw24lUpSJnQq9T4BAkt6Yf8pGoWD6tpubemNKiBegr -----END CERTIFICATE----- private_key: > ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw diff --git a/hieradata/nodes/bugs.yaml b/hieradata/nodes/bugs.yaml index 8208c2c..b5205af 100644 --- a/hieradata/nodes/bugs.yaml +++ b/hieradata/nodes/bugs.yaml @@ -6,24 +6,24 @@ profiles::base::admins: - jandd - law profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAcX6SwwACEzRwZbnDX9rUu2l1xWF3jJVi6Fon - ZtUAkQs4w4GMdom+Ze2WsXpq623WD60csytV0PF6BvLPoBMec6f2kj2ZsbBz - SzJ2/1QfpkG0qh+DS7MXN1wSBrJd2ERk99V792GAFHzq8juCbI+LdFJlv1/8 - PAehHgIqPTYRpkVdMX3QXbR6ulukgaKQ3rV3LUD9WeP3BHhGSPBOy/E278KH - q5hXFeFgfBMiImPIdKeQn3aAwTVgAUArnhRR3dQLnL2pT+8qu9fca1Hhla/e - Sn0m7FBbO344esxXgIzU4OAQOtcy28hdlBBDSW9bDW+IfTxIoxSHNNbM+X9l - uOSdpDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBNp7E65UObjdMpvSNL - cL0JgDDj8oGEHS/6EmlFUeFwv7h+2wC8/DEq6JwSysRtnP/tM2/KZ/e1rVeu - K0oC5LKZf1I=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAcX6SwwACEzRwZbnDX9rUu2l1xWF3jJVi6Fon + ZtUAkQs4w4GMdom+Ze2WsXpq623WD60csytV0PF6BvLPoBMec6f2kj2ZsbBz + SzJ2/1QfpkG0qh+DS7MXN1wSBrJd2ERk99V792GAFHzq8juCbI+LdFJlv1/8 + PAehHgIqPTYRpkVdMX3QXbR6ulukgaKQ3rV3LUD9WeP3BHhGSPBOy/E278KH + q5hXFeFgfBMiImPIdKeQn3aAwTVgAUArnhRR3dQLnL2pT+8qu9fca1Hhla/e + Sn0m7FBbO344esxXgIzU4OAQOtcy28hdlBBDSW9bDW+IfTxIoxSHNNbM+X9l + uOSdpDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBNp7E65UObjdMpvSNL + cL0JgDDj8oGEHS/6EmlFUeFwv7h+2wC8/DEq6JwSysRtnP/tM2/KZ/e1rVeu + K0oC5LKZf1I=] profiles::x509cert_common::certificates: 'bugs.cacert.org': certificate: | -----BEGIN CERTIFICATE----- - MIIGMDCCBBigAwIBAgIDAt/AMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB + MIIGMDCCBBigAwIBAgIDAvYkMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV - BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjAwMjA4MTA0MTQzWhcNMjIwMjA3 - MTA0MTQzWjBcMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT + BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwMTA4MTIxMDQ2WhcNMjQwMTA4 + MTIxMDQ2WjBcMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRgwFgYDVQQDEw9idWdzLmNhY2Vy dC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDDc9DOUpZ7asXY t9/8gpd2XtKT8VCvkkQ5FjbS7Fd82wPSG6rx8T29Fn56tYISAwAtMLx6NuyD+8Fr @@ -42,18 +42,18 @@ profiles::x509cert_common::certificates: MAGGF2h0dHA6Ly9vY3NwLmNhY2VydC5vcmcvMDgGA1UdHwQxMC8wLaAroCmGJ2h0 dHA6Ly9jcmwuY2FjZXJ0Lm9yZy9jbGFzczMtcmV2b2tlLmNybDA5BgNVHREEMjAw gg9idWdzLmNhY2VydC5vcmegHQYIKwYBBQUHCAWgEQwPYnVncy5jYWNlcnQub3Jn - MA0GCSqGSIb3DQEBDQUAA4ICAQBe54I1n11m6h5AupUOgmoVrMp6EgdU+fYGPdKT - 8cxee+YJstHsYhnnCQWqQESeOAKFvbqC6eHOKuezuDd8RyiTOuvlgEJUV49GXo36 - P0iQB0ZTXi/JXPZ0eUNKGaulBhf3ndGjQ6x0O75VNSUeDFBYSkM7LcOlQd9pAnok - ndXMw/lbhMxyPVqvAxEzVvldy7oeb4Hbrl+WNi0ZB0huy4CRGXatUJpBYKkKTOIt - vmielSTvIHUc32cokeogk0IedVMMl4OF6PaRDxBya/8MGZoqdTDH66HAZDuTaea/ - NXnN3isaISLvatFIa5PMrij0AuJ4fLx4778D2oCclCa1h2/LIaC+M9xMNQD6rLQZ - dxi3UV5v3C0mVmCZ4UtzJwnpkqr4AWFqrVUJO9xoYw2WZqKOj98wFGyLuJPC47WJ - 5DM1gVIgTF5YDPkp8hVmizX56y9GBAQKR8u4arfFoVbnDfjCOIPiH4/LuYZZJQqy - jfeETr/jWqzWt3VKzKhVUltF46K9zYwb6akrzYaa4Z7cdfzWiSdg6+yEXhxy3Tc5 - wkHifXAB8T1uF9HUw/iSOUSgG3rYswvqMfIlS+I/76K3HSgA+uxPZpSmXuPBTxuB - STOD82uG3TwnHIsoOBoZNWCJOGlCzCleWxvxZzbcq8VYgRfKqu0E3d9Wrxeusy1K - k6HQ1w== + MA0GCSqGSIb3DQEBDQUAA4ICAQAD6ku1xQo7kXxhRROEqjWluK3SSLrDtyRSGSj9 + CPtk3HYPDNAVWEFT81j/NwF1zxiVdzj6O/iVieyhTxpkOf1fvCf+2lATau6g4/th + SuqFYlYVO+EOiuzKOgOWt/QeyY7C+wThICqsgt3v9iGBsZEVP4QdHmYQL9d8on4e + p2SyGFLM9oTGmIMEQ4sSsWCpwEOCDUJr/s7htIJqjWksDI2cLNHPjVTBc8O1Crzg + meJDGbPhlSlSTqZws37RivBPwrj4Gh6YDxShNU/1mrF3XqN5XJwzMUVKcaqMsDFZ + G1Ooz4g5kgJ+P0ooxBsAW9z6Y56ckcWw4JqJeuI86fDG0zZMRI3xSwbyUVmtapTg + qfd10foUUPC2TP29r6kD5KGuQsRfA5x7UPT1qfJ0nKan6r7zpXVzLOtlAeCybV/N + ifdPYs+Uokuezf8feWxLCYWZ6aaEBngnYV2rTiBJLjv0e4TFbhCky68fWEPwiWNP + BT3grUTJTWzTJk6KtgWme8G0GxZs51TUFVJce7ww6I2FMOimaHp7QfN/ZoLBf4Tx + 1EWbfHSmgUDdpgjop/FQUxEv7+CAeBAbRORfa3xZPjAGj8dWp6n8BNEYy3hWH2s5 + Xe4UVpC/1po6Ud/YRuTqB9i475jzJ3Mobi8J9F9MPmHU8DBK2AqukxFv83aazdQ7 + dND9cQ== -----END CERTIFICATE----- private_key: > ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw diff --git a/hieradata/nodes/code.yaml b/hieradata/nodes/code.yaml new file mode 100644 index 0000000..8cd41e4 --- /dev/null +++ b/hieradata/nodes/code.yaml @@ -0,0 +1,152 @@ +--- +classes: + - roles::code +profiles::base::admins: + - jandd +profiles::icinga2_agent::pki_ticket: > + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAoMdZhzR3jM//UzdXm+QgMu6B5vTRbXq9uEgB + JG4UzGaARRdOVSWDr0YIJeRwA92CQRygUAcbA8kw+XJxUD7UM2q9tQnRkkzp + 9ad+s40TPFrEtgwepWW/rE+ikzxKlic2MMcvreQcvhuQAYnqQa7/KPjXf5GW + W4gknLbfn09mF/dlVM4vDEyAbEAdDpf/8UnbFJLE/EG/dKDbbb+8l/6C2On+ + BGXrME6GUDn2gigCD3+35zL0+VxNXx6A5hagCbLu7sIifQHNn4mP+ObMGj0Q + 3wx8BH4IxS02tqpmQDB9EQNrUeb3y6vj8086ePRn/NTmPC0jNP+I02KLjXsV + MUwAcTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD631O2gRFwtbgb07le + VlHOgDC6DqTry9yMR/tY73SZ/vNpwQbNNpb1QgSgNY/Xput/Rby+NuJTXkzQ + AafGS1+vajg=] +profiles::gitea::database_password: > + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEABIkX+98o3ENPVjgdKapXDgK+YIkG8LrCB1JZ + zB4dAFLE3Q/DHl6v3pZ2VLU/F2urpk1kgclgz5wyKJkWSJp3LtRpFzc5emlY + 4bnTc4JLODQV20IWRvnc7U4fcAjnYfqflc+cmRooptZYEvR0sz3Zejj3zA7h + irH5XJvrPinJvKRD8LaSaH1kDSX+gGRXbm6JLH/tsu0ZsmVjJFGfTGmcvjhn + nCU+vAwv6iv5JxbOX75V085OlnZEJJbZK7EuUck9qFSU6RSB7Ui5480i5Kq3 + lbuDK19nak+VemMXorhg+f+MIYnb2Wmf+EOvuMuuiQHaJBBdPGeOlZA0UO5I + 1+iZNTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAppQlAjbnsuArVa3CI + BqXcgDDiZCLodsKzhP1PKv2vmDdl0HrnWRz41QxrjHE2gJKX4oAFU4wpi3lE + DK06TozeLsg=] +profiles::x509cert_common::certificates: + 'code.cacert.org': + certificate: | + -----BEGIN CERTIFICATE----- + MIIGMDCCBBigAwIBAgIDAvfgMA0GCSqGSIb3DQEBCwUAMFQxFDASBgNVBAoTC0NB + Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV + BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwMzIyMTEzNDMwWhcNMjQwMzIx + MTEzNDMwWjBcMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT + eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRgwFgYDVQQDEw9jb2RlLmNhY2Vy + dC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC3J8nPttIYCGEK + rZdpSOqdP3PD5tgowOrhlbJP/fEnfhbAUj2ENQj2nN2SU2aUpzPxkUUwXGip5L9a + yr/pVeqsjCvEfjM9KE/IHbV7o3jweVdEeoi3Y594UJSBdDFgMmIykQkZ6XJ4j7ya + d4PnUIIGaEsA9X3OESLzx9qDObgGNrMoM46IVLCSwte9x3F2bXONJm4Tpk8Fpp9q + ymWD7En56l0phoJ8IKp62bNEN0KKDEuV/meNCX6zAJrUGu/jT2EHRoFXYa7X9uxX + FbSUhtyWrDGbj/Q+yis2hUtWcFBc716fvwSBJK+VtG7+xNQVrTFFw64Lj/5p/WD7 + U/unpd5QIJ3yvob9s6tr/x/O0MNl3Y9BLYwg1aR2WxZ4KIPLMoPm0JRbTlcbKo+Q + S+POjMpkPgkqU2k0u848bnrj3ujXeYbRZAG1kdWuignnp3ii079Ta+F84Hbj4AnR + 8EVlRjVfRzmJN3/sk3yY4DxTdFCt4j/Gun8DaALfktpV0wiiwIr2n4ZHqswsN5DR + wyPxPv1ZP1xcKwd7et6WqTpIeMuq2DcFWRGaCq2h2sV7Xnz9jzj7btmskuQdp+An + HeZmViYwTilONWX3NW7xT3axx7Jc7tjtgxoICIZyDXfaZw6hUMMlKtwGzQILXxor + RdQrtp3VkEqWoqAlrX4mYTnN+F4PZwIDAQABo4IBATCB/jAMBgNVHRMBAf8EAjAA + MA4GA1UdDwEB/wQEAwIDqDA0BgNVHSUELTArBggrBgEFBQcDAgYIKwYBBQUHAwEG + CWCGSAGG+EIEAQYKKwYBBAGCNwoDAzAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUH + MAGGF2h0dHA6Ly9vY3NwLmNhY2VydC5vcmcvMDgGA1UdHwQxMC8wLaAroCmGJ2h0 + dHA6Ly9jcmwuY2FjZXJ0Lm9yZy9jbGFzczMtcmV2b2tlLmNybDA5BgNVHREEMjAw + gg9jb2RlLmNhY2VydC5vcmegHQYIKwYBBQUHCAWgEQwPY29kZS5jYWNlcnQub3Jn + MA0GCSqGSIb3DQEBCwUAA4ICAQCJBuHyGssecw0ntKzmmblzXqj31YXwib2+owQG + IUT7b+eN4TRkmEVW1Qmbzp0qve+INkSSaYFT33ifUXdE0aiDScARdQOtsNjYA8MV + /RU8CsudqHla1JuFxVVdV2dlNHlfc1xjG7/mdgqrxPmD0y+7NyNAw2U4Nw5JrhMy + FgMXqXxjjFP8XH8x4jf4KYfDoPzh23gqb5rBbSiGt1sfJbZoPAeZbSoI5DMuYKOh + sQ4cSthpYKnNdjSyyfAKVea6pbL9j5Qahike9dtEttdgLtL/ycaYLTdNKLcT8ZIu + 5vWxmxykq0xqrAEdTiaKHnnMoHXA6QOVgitHFtw4hKYY276wvZEp2C6n+eRKGLec + cut66Xp+cNCP2REMyTNhr0DEHf1gzq+y3U6HJYDDyAvQFgMAbUac3wU8o0css3cp + 08NvBIUhjQkhpve46OXCestqpzNFh2bUa21IaqTAS53nXdrIcImFgE974VyCtlmY + 1pnh+XfhpzVSgfGJGgdXvzBTIYqqBF94a2LIy7lT2dIAtb7oe9xDdvYouhLY8TVZ + VDS9llG5Vj2/spw7fII6FEZdEkQr1yoOt9m7dUmMsd7rhCPLRCi3+Wb89gRKv90y + 5qrlHawces5DF+hCmJQxYR4FAIuOgSaVzDfB7nRXFQNu1ixaEmcdMBeB6iTWBRd3 + wDjMrQ== + -----END CERTIFICATE----- + private_key: > + ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBAD + AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAVt5JPSW9lsfW5mY7aWo5NBPjhW + lnXZhJbt+e+E1QAZ7IgrtyVWpVKSexjzT2IASXMGLcLqCUYe2j6JJn5WAa/4 + 36zlybw13f7TFaDX4clHhsIEJie88YRCWu2AFi5sitTnF3O4YyT0gAJdwz6Q + eKIngi1wW645F4kKztDN0MEfGtq94KwbTCZbRScvbUFgqfJthFngaPYyYWXx + G6oquLz/qnoYq5eOvA+pywYdURtpXs+bo8t76AjSbrECTFfA07w8Ku0DveH/ + SIimhXacCzAhROe7Yk6pNTjlAfe0RY3T6rncyOe1Wnvfsl6qK/KFCGV3JyDd + ggkh/nZGbCXjgBRDCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEN4wK0 + +QfeExMtnUH+DV5sSAggzQM9f4dPaI195jLPitPZJL7no/k6gGdUic1JsjtN + +LwJ3UgoUx4K3lXMa1Kl2pxgJZRaOTSKRXh6WS964Jb5OhfIGo4dWvU7pyqD + nlhVMaMWbsTwGG5SmDvYt4WOb739p4fUDdIU+sioZX2XYHJ9hUvXzzuw9rDG + f6E41mdXL2uTDMcqGU2xXF39CJUg6IVIlDq4PyiEQWevqXRq/6TugO71BEq8 + CMtiLXHMht1doiJkfaEuPaY834gYDbkiiqehPMyMgnI/VFa8IPKJxovf/lam + xjpql3mBqpEEqHG+PkyEMphjuSF08SvQ10hIyrFWvTPCU/c2TaGOSAjHI1gS + kSi7gh7x8uPTMvj1Of9PnZ7yvGgvrXXXvLCLQYP61yatc+ZEigNMu2amVNzj + uwXfN/yrnkJ4xnVHoB4VUB2lLL2A+EuGc/AJZukAPceEkqhGNffezG9UZ8co + GvLBZOEM/nl8vxGflA/1KFmgUfRrBZcy4NAdOBFn1fWGE7WvGOAZdVVaDXms + EzlerWw+a/M+s6evk79h0VzyTK3ZsL2HjvQOi45w2ioxaL55pomcJSMvKAIy + YIPE2ZCdsByE1ByOzvVROsVHIi7Nqr26vS5l86wRjE+63WVM3iGrRSMJ4/lu + kTs+yYVb2q3TL1kV9635BGAclfAJtp8yY+KwdsGBs3Kx1kyB6ATdmaUKelmm + Tb0xJVB9Hy4BaaVSNDa14x/H3pJ7l0Fe/1qkpLiIPBvVkrcb3EZON71kD0wv + xpyaRTpqK8D5UTuRAdwcBPPMdQ9eOonRjOqr33MABKQPHLGuzBSVO9W4JjLf + vJz85o//TsaqrOfb1GGlU/lFeHOI9M/7Y05EW5rYI9hsM7A7XwMNnV/9KvvU + XYPLCqhhhy9d/dMeJcENKWoHigsn1o+K5k34/ZnxY738Wur0w07DhYB9Ioop + aBfhiEnccWN6w6Cc6iDvAZnX94+k7TtHM+gTUEY2E46PJHSevPCj/BjUDSnl + vsSGKRE0PHKfIPxE+LZNrV1m9S3crAbsHbH13nGV15RUuzDY49y12mqJxHMu + SytAMRNkBaKvqn9IDRfrOMjAGfb5dpJmJ7sdsiENH0Vt7oOzs6NnRXlktO+n + 960t6J9ujzO3DovhBQQtlxBu4tIJAQkbIgD94bEWh5UBfrwwkX7wX3xe0Ybg + QTudEADVLGh2xP7qH8prvoPTv9G8slcNDUPRVwMljqwqY4bZA+5hXPPFUBUj + LE/NZJ9i0MsVwznS0oy3ULWkKguOgFvjsA1DWK9mNS2e+5exGwGiEqnClE2A + +X2DROlwI8Ts1gHTrb1gur6zCnpc5P6C5gFJssxVYnwqu1eQ9oNkac3lLMUB + uDon8dqv0vVkkMQm5Q+JWTaWNM8XjIxIc1V4hVUfcOuVGbHLg+PFSaFqhaK3 + N9tXn57rA7gghoiSFwXGomkx6eztr1SfbsMHUC4Ikpq8zMhrGpFVM54/6vM1 + o5aUoUBcCHOz2J31Pj1R3dCGezpt+h19eMgpp+hsZn0chlswBbKcV0KKmY8v + X6cEkqAOki2IaARnlJzR4hoQnaQMNMxdnoRCiwp6tDbi00QZgosGs4px65SQ + JgMrUG9arbp4LbukS5XasUF79SQLhyOJ2dYgXyLOlxSgsUr5Xle6zlNCNfE7 + q6hNnWUhffHKKeK6LTWv778lsMmA1f+vqk0V/jFdzMHk2hxUxHSHk43BmA4h + s1vW7CkV01eSEx70j/RYv+7mCyq3UDxxq8RDCiPh7B6EW7imDCRNIFcplmCk + MJUAVMtHDJu80ayuE+1RHxdowIT6FsA+3d8Wncy46tAI6Xk9V6sZwt/sXkE/ + G4LQx2yVuxTdE1pqeOAOpRiEHERvuyM/6b6pfT6ZRksQC3/T7qwOjw50jg63 + TMC3n5FOu1SqDSWuhmFqBuUOOpD3y9V3RtfpDRQRjbTKhfmjZrcvA+WdtVdD + o5c7053pRZvysz3vALrr7RUU4UTFpCamYTL16YmFN3mWCHMgYljmhg2dlK4J + jFEwVDq35Fax3MZawUuruL26eaMsv6KYrVL1T9wEJaJGfLMR+IjsrPdHPC7V + oIj6t5VLYxoILVfRicqilf0Je0OGRADXu2Hi8MyGKd+7XyTHcJKOCOsGj8+m + uKC5NyA62SM7XP/+2GyTH+35hiClYxX7bF1BjEIatGmR6g96niUyLdoO0djx + GFWX2E6WNOHxuKGoxoIX0SPwsY4lUzvxrITvVfGmXTDN6nKXuvh9z2GnPjXa + QZ4YMPrgaER3FbULstZBNmbNYkKbLG1LmyKbHlfgnPCLG0KG46K7zasRG0me + L2kZabj5zMlu4y2nsCTZRcdun1KSWTpy+aVLXCCrapfz9gxAgaC060ebJO12 + MiANT8Zv61DmvltD75mNArBre13tkyO5zkXmFj+QjpcQc0weMdHXzxvaM/NQ + YA4tu4pJoEVgH2QJMPiQAIoayIwpvYStndx6B4U+SGt68/ZOU/2PijXX7AG4 + pmpH6iPUpwHpJoNlvnfZ+fi/MrqwWTjidHvHlFf7BWROvFOlldXOnxVR1m9l + hO3Ff2llqDAz3eKmiTEmADtX5UJVLNP78idbEgiizSQITU/RILfEa13aFe7g + EuwhVmDht/tSQedPS1hJTMv6ew2l4X1G/Rs77bw/3EzmdSN56LG07s2/xWxq + Aryz7Hiww689t5VMmzUmnEY77kocemifGaHCZxhjOOu5iGxC836aM4pQMuix + c1CNxSgJNSBPIMRO8JXIHWZduqVLK8arwY2EmU3w7Gnj6SThROsfX2qtLe2+ + UkE0s2o/jtYBLHiIjZ/euXLB/OswNEes9NAzkvmyGgJInHcA48Ga6GgA/ofR + IVbsw1BNSmBWIvH0A07T2/CrOasDWRVFiY00CfwRqUXSo+dfpmKuOqBuDV8Z + Z5IqQP2LXZtq8QxhTIpNUM7ELJw5sbGYeakQpWtDAv3r5/CB2Hm25LWluOUP + pBrY37LDdGiK7XUZNXRhH+H0VuG4JyZa/41xd2R5bM1XK0ut18lV07/U9f7A + VL8YtkYLH0CufKVyBbQW5YyHml4RI+994rAIMiaKJXjTDPL6mYOGJosj+C9b + 4oUa6QG+AVKoaGSggQ9YLjNbJaOmOt936rWSxSmV11kL4Wrev7J2EZEc2HUJ + tjCSoHwCYJKw3wbEXmo4adG29bUGSN34JhzoTfGh8rq8S4Hnbcbl2CLlWsR8 + S7luE7F8M9UkcGTsjCFF4Caqtszn+IrGRb92VEqOyj1AzdCrHbUO7W10uIJW + VC0eyQfc6rcF2R3n4NxOc7+jhJJAzJksF8KHKBADKUs4g2VVnNqgnSVl9GeD + Gc1GxXtysG1XM+Y0DH8qN18AELXOpwqumZDUR/in7ib5tVTLVPqRN+ByAsPd + dLe7L5wDdXNOhCvIpQhBthllLDxV/SjajKr80+eK6ykmeCUiZqLP65Z60pAe + sZUzqcZzNfgVcRr/C2+eVRZqf9gZAHfrJQahoKaQVDSvFz6WUK1IrN5Pt9dJ + FdMqMuU6O7I1bwA+XD1kgAdPQn4jkxwSUnjzAzzA1RXGiQGLvLYvA/uKgnfH + GGgfP15mov9ucEH09P3pTmyrn11plHthzZLiwqQ5L3LzFu77wJKYDj+REhp8 + nf69xFuGPm8ygJb1MJbfA7wPZl0WT84il8UgfGYI/9DIXc2rz+oFmdFbqnNe + QmE+vX1hNEvBxpg6HUMQ8jBVIHFY3RqveJOyf9nSYSzL32pFpDvEaeZaaO2z + As0XjDMYXzU1Qpw1t063PIExt+6h3yKa9ayaekGZ8rsjJNLgfGaGvaU7T9J0 + HrYPUCApeTZF/OiH5fwfTVSeQssp0mO2MpHIR7QBy2/gUP+LucRUsIt8b+SW + FZg2AgpwREXPc3vd/2/AMA4sZEFmhxdBEUhS3ZARv7H9MVH7iZe9I9IJr0Xc + WGMxOxNwoX8Ba73yoCJFFBkTBEu50IL5bbhaLCnsrllwtBYve2vJ2KbS1sdl + uDf9wCqMnv/R3g4IULTER7Jt77s0lMEt+mB6ec6TDAYgAFzkeaWhzs9z5Ecj + ai5imWWjTDBI7+bjIUuSIHUTHIngi3oWcQCp4zpx60kC/ev7AE4GPH2hgcLk + oovWw7TKlfaDlJjoIlHedRSL4MuF78GuQ/qQ0Gmrxo+xb7jj782FzNP3OOMg + kAsoMDx8vmZMzD5pISHfumeDDuFSACLHyyOy6E8G95jiP3Wa76uJrZUF5XXi + vSbcrDZHaxO1nOqP+fCN64gEOnk/16j+gNywwGFKtlwM9KOPTBVQb5nWAf5y + cGeFfLJZoUVp9Rs5ZTGXRIGwe4oZ9MUSOhTKbpsCO23Xa7TbVlLwBbrKapEa + YDZFrzFWykjyk+4w==] + cacerts: + - class3_2021 + - class1_X0F diff --git a/hieradata/nodes/community.yaml b/hieradata/nodes/community.yaml index ad992f9..1f18b4c 100644 --- a/hieradata/nodes/community.yaml +++ b/hieradata/nodes/community.yaml @@ -7,37 +7,37 @@ profiles::base::admins: - jselzer - dirk profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEARHUYarivf3GhHB+uKLA9AD0uCJJqBJjzt3+N - wreJZ79ehkkb1LIU720ipwRPTtP+a6Gjx1rfQJO8YwB1ZwDeB7aYc+1ZHcVF - kAHOu5WkonpGCDMHfTJu3NUAa1O9qla8W4cdyLh/n7wJS3hqFJrDa0SxdlLN - xvsqxNtrEjWa9ADiC+Tbt6IWGkLKZrs/T0C3zPMUc3lTXSyWDDFPPaAUj1Sk - 9OhOw00j+3BcYSIb0J8h92dNohLS5saGXMf+mwqt2FZWDyJ8YbzJCItmhhMH - S/Bmsc4dsT5VPgFew/5FOrR5/8whEu9gUFcP8FbLGEXtClUylWhAf6aK6cxM - 2Yt+/jBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBv/L7t0DBN3lDygcWV - AAa/gDAEkxZMiQL9ZuZ6KaLVzv3FNr+ACIvytNoi9JxLTX/PTpygEmRb35Fq - xS+ioIVEWOE=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEARHUYarivf3GhHB+uKLA9AD0uCJJqBJjzt3+N + wreJZ79ehkkb1LIU720ipwRPTtP+a6Gjx1rfQJO8YwB1ZwDeB7aYc+1ZHcVF + kAHOu5WkonpGCDMHfTJu3NUAa1O9qla8W4cdyLh/n7wJS3hqFJrDa0SxdlLN + xvsqxNtrEjWa9ADiC+Tbt6IWGkLKZrs/T0C3zPMUc3lTXSyWDDFPPaAUj1Sk + 9OhOw00j+3BcYSIb0J8h92dNohLS5saGXMf+mwqt2FZWDyJ8YbzJCItmhhMH + S/Bmsc4dsT5VPgFew/5FOrR5/8whEu9gUFcP8FbLGEXtClUylWhAf6aK6cxM + 2Yt+/jBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBv/L7t0DBN3lDygcWV + AAa/gDAEkxZMiQL9ZuZ6KaLVzv3FNr+ACIvytNoi9JxLTX/PTpygEmRb35Fq + xS+ioIVEWOE=] profiles::roundcube::des_key: > - ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAqwu823+svisLj+8LxOGHbb05s1tIFsraXWH/ - SDnuK8//+6q37kjoAvySC9uCbaRpB9dWfU9E46BUVAYg703LC/JMEeS5UfXK - v/44BFSGlzXjbQkM0tdfNY2DCk3AWcPAds+6SfReS3vBqXt1l3Sas5hSm17t - 1zkELEsacMQ/+5a7MNWSUVfJbA51rdQUmrP88Pu+CfzlqduupNJVvgzI6xUz - C29+DJ866sevd90ByCtRgLzCkGVe5GFYjXi3VOHUF3yRmsmoHtP+bTsxmN42 - +oU91+xXa0LzSp/dCt9LYMpUi1WXl4k8AXU6AqZMo7uYJvHH0p79ugYP4Xkr - fAE/ADBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAnr12/n/QLzDyVRxaW - DaGygCDPJqWrEVXRR79E5Uu+jqPezAEMdYrzSCJDYFiS2cRgUQ==] + ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAqwu823+svisLj+8LxOGHbb05s1tIFsraXWH/ + SDnuK8//+6q37kjoAvySC9uCbaRpB9dWfU9E46BUVAYg703LC/JMEeS5UfXK + v/44BFSGlzXjbQkM0tdfNY2DCk3AWcPAds+6SfReS3vBqXt1l3Sas5hSm17t + 1zkELEsacMQ/+5a7MNWSUVfJbA51rdQUmrP88Pu+CfzlqduupNJVvgzI6xUz + C29+DJ866sevd90ByCtRgLzCkGVe5GFYjXi3VOHUF3yRmsmoHtP+bTsxmN42 + +oU91+xXa0LzSp/dCt9LYMpUi1WXl4k8AXU6AqZMo7uYJvHH0p79ugYP4Xkr + fAE/ADBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAnr12/n/QLzDyVRxaW + DaGygCDPJqWrEVXRR79E5Uu+jqPezAEMdYrzSCJDYFiS2cRgUQ==] profiles::roundcube::master_password: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAQym6DCbBEdEaW6q4f4fKNhVt9iCdn8butbqV - I3F5Br2b+68R/llQfA0MCBIKPWaF2vwUaUaJYow6uQ9KE96FLASVPCia0Tq7 - eKkvZOJ6AXCFhU2fj7IWdzmFGBHlU5j39OhRuk5k/vwn9dtn2korYhUfkhdd - 93htnI7ts3uu13fsDqg8fKG8GGuRiesvOfcLgmR6N13S+INMnmm1yogzt/H8 - dP9Gmzh06H8LPLo09xkv7/VhqyyjGHFuqnpzEpEIiaI6yfpP2o0XxFVtIJ3d - kieIXuWP6Cn30EhfTtJ4+MuS/r/jjLTjvuuy+FH4J3Jw6ruTQpWGkszHCKKZ - qukXDDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBA45dXYksd5BAhgFD7 - 5NP+gDDvF8Cgnhpi/DhvI0fzwYJaLwelYhplqcWXJhml/58/yhYllUZVE/Cz - smDHq+RA9UI=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAQym6DCbBEdEaW6q4f4fKNhVt9iCdn8butbqV + I3F5Br2b+68R/llQfA0MCBIKPWaF2vwUaUaJYow6uQ9KE96FLASVPCia0Tq7 + eKkvZOJ6AXCFhU2fj7IWdzmFGBHlU5j39OhRuk5k/vwn9dtn2korYhUfkhdd + 93htnI7ts3uu13fsDqg8fKG8GGuRiesvOfcLgmR6N13S+INMnmm1yogzt/H8 + dP9Gmzh06H8LPLo09xkv7/VhqyyjGHFuqnpzEpEIiaI6yfpP2o0XxFVtIJ3d + kieIXuWP6Cn30EhfTtJ4+MuS/r/jjLTjvuuy+FH4J3Jw6ruTQpWGkszHCKKZ + qukXDDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBA45dXYksd5BAhgFD7 + 5NP+gDDvF8Cgnhpi/DhvI0fzwYJaLwelYhplqcWXJhml/58/yhYllUZVE/Cz + smDHq+RA9UI=] profiles::cacert_selfservice::admin_emails: - jselzer@cacert.org - jandd@cacert.org @@ -45,187 +45,187 @@ profiles::cacert_selfservice::admin_emails: profiles::cacert_selfservice::api_endpoint_url: https://email.infra.cacert.org:9443/ profiles::cacert_selfservice::api_client_id: cac3ad11-fa50-43f6-8ded-15f598b6ca2a profiles::cacert_selfservice::api_private_key: > - ENC[PKCS7,MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAwZixb5ZkBTfIjHnZjyg+bDOCsJZ46ATcle1j - imfj5hph1wBK4ZpjuzLew1IPTJ+iY4redgwNGi0TgHcOmT9l2i2jnjITDKJt - 7vfgLFKZJ8+whdEpejd8GVBXBgNe4vIt2YMMRnOGl7d9dS7+e4sm0lK56hSd - fbHuu7h0gbSK+ZPbJvyPPI+r90j/qRq8SXrnJ8nT49NswHuj5PmMBdYMslSO - PpnAoq+YyukeQ+HagWr3khcSZx+GYY14kBpBNiDZpG03NKzjZkT6fYugqHE0 - B9HC22XSKrwQJwIIbSpVRJ3UF2pcx0aWjMQfuvdteJyD9XkmeNa6uiQGl05G - KJuqhDCCAR0GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEOsT67vXcPF/Pbqc - j6x76aOAgfBjd1srdGK6PJUs5Inkop441ce2v3jij/1oo9fRswSTgAMGHSGg - 4zqbuZH2eR9hUXd/Mn8DmrAF4O285K7J6ei+9Eqkyf4xoIGV0VT9OiXDbJ6K - mUdm0gPYWdjYnN6FEIo2sLxBf6NDyRXFnjALnY6hfS8ePD4vRLHld3gDErdA - QwVQDewb+L5H3mrTNnM/2ex9M1ekRXK3z0lfn4q1H7UUZLS6Y5vmH4Tl7kTk - QeVCvUatI5fSzNaAi+N15nMo2X/ojgTn/CS9zklA5du1XgI1xzqsHyb7zirv - Bq5sNCy9CM2at4UMKVqsU7FpdIIxjFw=] + ENC[PKCS7,MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAwZixb5ZkBTfIjHnZjyg+bDOCsJZ46ATcle1j + imfj5hph1wBK4ZpjuzLew1IPTJ+iY4redgwNGi0TgHcOmT9l2i2jnjITDKJt + 7vfgLFKZJ8+whdEpejd8GVBXBgNe4vIt2YMMRnOGl7d9dS7+e4sm0lK56hSd + fbHuu7h0gbSK+ZPbJvyPPI+r90j/qRq8SXrnJ8nT49NswHuj5PmMBdYMslSO + PpnAoq+YyukeQ+HagWr3khcSZx+GYY14kBpBNiDZpG03NKzjZkT6fYugqHE0 + B9HC22XSKrwQJwIIbSpVRJ3UF2pcx0aWjMQfuvdteJyD9XkmeNa6uiQGl05G + KJuqhDCCAR0GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEOsT67vXcPF/Pbqc + j6x76aOAgfBjd1srdGK6PJUs5Inkop441ce2v3jij/1oo9fRswSTgAMGHSGg + 4zqbuZH2eR9hUXd/Mn8DmrAF4O285K7J6ei+9Eqkyf4xoIGV0VT9OiXDbJ6K + mUdm0gPYWdjYnN6FEIo2sLxBf6NDyRXFnjALnY6hfS8ePD4vRLHld3gDErdA + QwVQDewb+L5H3mrTNnM/2ex9M1ekRXK3z0lfn4q1H7UUZLS6Y5vmH4Tl7kTk + QeVCvUatI5fSzNaAi+N15nMo2X/ojgTn/CS9zklA5du1XgI1xzqsHyb7zirv + Bq5sNCy9CM2at4UMKVqsU7FpdIIxjFw=] profiles::cacert_selfservice::base_url: https://selfservice.cacert.org/ profiles::cacert_selfservice::cookie_secret: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEANEuaG5H4qNkySuid+UUP7aurU5shEpoV+Aei - ChIT8OzQA9v6NpOaz9UvorSrebLI7MZ3N9WOT54tEppjdesooX270wq+xi/k - IEzP/3IU72GQCfpDyanTRO5mDSkWMUTySbE2b2lIelDTM/r6V70EZTLcLxvb - 96HtiZ3keAfVlXPpM8B8FKbVHBhnPkMOgy2gs0lqc9FXBAlAUdCirgH9X/Y9 - HC3SjiZrKUDdWHRS5p0a/b1e1GNGEn9RyFaJaS4tAvTgBbM5nJtWgw/jniRq - qABbA6dB6kMvyMNVTmcGCT3TvgqD0CnmjwH1KeiS26SGfB6EMlSzT0s1Lf4V - jvBrrDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAxi4Yrk00u8lUnFF9C - jzdVgDCAXKS3fskZkAIHmTnoK3bWVEdvaeiA65LyuzOTArxhinWKqdD9cgBc - 5D6njEaLuT4=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEANEuaG5H4qNkySuid+UUP7aurU5shEpoV+Aei + ChIT8OzQA9v6NpOaz9UvorSrebLI7MZ3N9WOT54tEppjdesooX270wq+xi/k + IEzP/3IU72GQCfpDyanTRO5mDSkWMUTySbE2b2lIelDTM/r6V70EZTLcLxvb + 96HtiZ3keAfVlXPpM8B8FKbVHBhnPkMOgy2gs0lqc9FXBAlAUdCirgH9X/Y9 + HC3SjiZrKUDdWHRS5p0a/b1e1GNGEn9RyFaJaS4tAvTgBbM5nJtWgw/jniRq + qABbA6dB6kMvyMNVTmcGCT3TvgqD0CnmjwH1KeiS26SGfB6EMlSzT0s1Lf4V + jvBrrDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAxi4Yrk00u8lUnFF9C + jzdVgDCAXKS3fskZkAIHmTnoK3bWVEdvaeiA65LyuzOTArxhinWKqdD9cgBc + 5D6njEaLuT4=] profiles::cacert_selfservice::csrf_key: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAb3LeVK/doYxs7FwFIbvp21i6M27fmSXtIK3E - p36brmcQCjnbCeLpHkE2FroYZJQmtNY9EGGUzkQsyoBDicK3j3w754LGMDgn - s3PL+hDk16X45yBFgcnTS/C3jFbm3SklFsNfpLGEEbCjwlTyL9txnQfU6zw8 - +xHOrpSiSRM5hAA5/i2vEgErZlh9kVqKoXNJdj2X2oIjW8vw37rlPO6w4iIy - 3fTHtCFsfKqaa7QmsBuXrK6IDKMVsTPr+daav/8YwacVuptnzr+pFww/u3pb - +B/ES8qGRen7ibaZcoxBmxmUNtPSpuqsyHBnyVVJQO3c9ZQzLq+wRJYkKK+k - j+0DMTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCbhyOCOabOgrKCo5Jw - s5cUgDCvQ0SCr1BLrJWi21P+kE3B5QZN/q/3cTEVB3j4emy+j3DhHjJX096J - HE5b/Ql5GqE=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAb3LeVK/doYxs7FwFIbvp21i6M27fmSXtIK3E + p36brmcQCjnbCeLpHkE2FroYZJQmtNY9EGGUzkQsyoBDicK3j3w754LGMDgn + s3PL+hDk16X45yBFgcnTS/C3jFbm3SklFsNfpLGEEbCjwlTyL9txnQfU6zw8 + +xHOrpSiSRM5hAA5/i2vEgErZlh9kVqKoXNJdj2X2oIjW8vw37rlPO6w4iIy + 3fTHtCFsfKqaa7QmsBuXrK6IDKMVsTPr+daav/8YwacVuptnzr+pFww/u3pb + +B/ES8qGRen7ibaZcoxBmxmUNtPSpuqsyHBnyVVJQO3c9ZQzLq+wRJYkKK+k + j+0DMTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCbhyOCOabOgrKCo5Jw + s5cUgDCvQ0SCr1BLrJWi21P+kE3B5QZN/q/3cTEVB3j4emy+j3DhHjJX096J + HE5b/Ql5GqE=] profiles::cacert_selfservice::https_address: :8443 profiles::cacert_selfservice::server_certificate: | - -----BEGIN CERTIFICATE----- - MIIGRjCCBC6gAwIBAgIDAvE1MA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB - Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV - BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjEwNzE2MjIyMTM2WhcNMjMwNzE2 - MjIyMTM2WjBjMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT - eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMR8wHQYDVQQDExZzZWxmc2Vydmlj - ZS5jYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsz/5 - vDt+ZOwPvfQJiaZgN2VwIDF079gf5rVi0Isw7maNj1lcN3oNjyF2UneOkx9b5yw7 - kHytifd/Hz5Exg7DJDrSc7eW1tmXGZWWtK2PX3G0gG3uWfqfxMSmB6gHRvj+YcSb - AXzlzcO+SQQ7GV2nZI1ZpfJ1jLuBjK8Hchr7zp9IWw/dWJtROBuyIOTiLHiVKehe - vHOnvDF9MPqoPJFoi+PoZCU8MwCqKLTc/d/RfsvIG1BwnoyiDzieeDsCPfssJciz - Kb3MC0V+zw0LxWS3RPZMsR/rTz3sEIUyy/NdADdA4rY/LAXI1dVxNsJgaU6jGfO6 - aub21X6s4cHRsed07xBYHe5LJCV0ExAx23V0ihWM4R9mEFAyLrfuoO6oodiuopGE - jybeYEq0qLFjMpNZX5bnJ7X53Z9kb0kV2Ft+0jYFUmGvp27JnWN+dAcJ0T08+Uqs - zaiNS0fj4Wgd8WZYIkmVM+MzCGmKcjOvCgQFa+wZvvgRG69nsxl+Zr2e+8WUJoQi - Tvsp9z1YwidmN2U22HmX7xukvDVLWi0R7reSyjld3Wo9Qn/UCTkyYHpjPUdPhYQV - avOaturVpISXcANZi9XkMXO9k/osEywH2oeqy95bXT7w14Hla8Lg4Y5tISiKny9g - sZNeqx35v1CkDxofG/uHKI9EvVdJKyeHU9RXlXkCAwEAAaOCARAwggEMMAwGA1Ud - EwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMDQGA1UdJQQtMCsGCCsGAQUFBwMCBggr - BgEFBQcDAQYJYIZIAYb4QgQBBgorBgEEAYI3CgMDMDMGCCsGAQUFBwEBBCcwJTAj - BggrBgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9yZy8wOAYDVR0fBDEwLzAt - oCugKYYnaHR0cDovL2NybC5jYWNlcnQub3JnL2NsYXNzMy1yZXZva2UuY3JsMEcG - A1UdEQRAMD6CFnNlbGZzZXJ2aWNlLmNhY2VydC5vcmegJAYIKwYBBQUHCAWgGAwW - c2VsZnNlcnZpY2UuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAfyuR8eIs - vsC7wjW1fXTNwgeniAoiYvrWpDHQLmHX9cbkfQ+UkL5L9N9uJGdFa77GSPQ54wl0 - Cc+oGQcdO84h0hJAPZaiAgCBgE79h6ZLFLxdsbArjTTbNE8LDCRG8To+0Q9Gfvuh - RtsLh3R9mSCKXug9iJs4nV+3BeJI/wVWdkBY3gKdM4hgdLf6zW6lg0yLBRSi6b+k - ECuX8Pwjp/oxkNtptDettBXVNW/11j8AFDqOs+TlITbgmz1Gb2NE42C6Fl+cW4ZC - ksiLr1c57tUDpAvKmtU6f4n7cCbfXX3gZYMCrVLAkEdwi3LGbyKoa1Rfh4pIWUsY - gXmfEr7oFWI5jWSfOjbxvuJEaADOR30fLHqTWSe1egcgheDn/XcW8ktFhOoZYcpI - y2kLxhTW3K/cxy172xfm3k11/bTNWo1eyDLYNI+604KkFALowLtc+VG71CGhgCsv - sHNowDK5arfWb66qt4lgwqNVO3l4zCyulYRAS24twwVq1xOKTGEeJDexG+PidEa0 - 8rHGA0c9nmddvTXabRMCgMy4H5tXvyZm5L4WYNNLuBi2h0Zgjdsvx4ikfHH6KI09 - n4qkQ6vCStSbSiZ96ezAVN2Nb0tlFaSGJUGHhZnpvdeSgHI97r4X/52AXQj0SZO8 - vOh92Z6rXG+f9faejmypByLAl0dIaDG1VPQ= - -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIGRjCCBC6gAwIBAgIDAvE1MA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB + Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV + BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjEwNzE2MjIyMTM2WhcNMjMwNzE2 + MjIyMTM2WjBjMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT + eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMR8wHQYDVQQDExZzZWxmc2Vydmlj + ZS5jYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsz/5 + vDt+ZOwPvfQJiaZgN2VwIDF079gf5rVi0Isw7maNj1lcN3oNjyF2UneOkx9b5yw7 + kHytifd/Hz5Exg7DJDrSc7eW1tmXGZWWtK2PX3G0gG3uWfqfxMSmB6gHRvj+YcSb + AXzlzcO+SQQ7GV2nZI1ZpfJ1jLuBjK8Hchr7zp9IWw/dWJtROBuyIOTiLHiVKehe + vHOnvDF9MPqoPJFoi+PoZCU8MwCqKLTc/d/RfsvIG1BwnoyiDzieeDsCPfssJciz + Kb3MC0V+zw0LxWS3RPZMsR/rTz3sEIUyy/NdADdA4rY/LAXI1dVxNsJgaU6jGfO6 + aub21X6s4cHRsed07xBYHe5LJCV0ExAx23V0ihWM4R9mEFAyLrfuoO6oodiuopGE + jybeYEq0qLFjMpNZX5bnJ7X53Z9kb0kV2Ft+0jYFUmGvp27JnWN+dAcJ0T08+Uqs + zaiNS0fj4Wgd8WZYIkmVM+MzCGmKcjOvCgQFa+wZvvgRG69nsxl+Zr2e+8WUJoQi + Tvsp9z1YwidmN2U22HmX7xukvDVLWi0R7reSyjld3Wo9Qn/UCTkyYHpjPUdPhYQV + avOaturVpISXcANZi9XkMXO9k/osEywH2oeqy95bXT7w14Hla8Lg4Y5tISiKny9g + sZNeqx35v1CkDxofG/uHKI9EvVdJKyeHU9RXlXkCAwEAAaOCARAwggEMMAwGA1Ud + EwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMDQGA1UdJQQtMCsGCCsGAQUFBwMCBggr + BgEFBQcDAQYJYIZIAYb4QgQBBgorBgEEAYI3CgMDMDMGCCsGAQUFBwEBBCcwJTAj + BggrBgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9yZy8wOAYDVR0fBDEwLzAt + oCugKYYnaHR0cDovL2NybC5jYWNlcnQub3JnL2NsYXNzMy1yZXZva2UuY3JsMEcG + A1UdEQRAMD6CFnNlbGZzZXJ2aWNlLmNhY2VydC5vcmegJAYIKwYBBQUHCAWgGAwW + c2VsZnNlcnZpY2UuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAfyuR8eIs + vsC7wjW1fXTNwgeniAoiYvrWpDHQLmHX9cbkfQ+UkL5L9N9uJGdFa77GSPQ54wl0 + Cc+oGQcdO84h0hJAPZaiAgCBgE79h6ZLFLxdsbArjTTbNE8LDCRG8To+0Q9Gfvuh + RtsLh3R9mSCKXug9iJs4nV+3BeJI/wVWdkBY3gKdM4hgdLf6zW6lg0yLBRSi6b+k + ECuX8Pwjp/oxkNtptDettBXVNW/11j8AFDqOs+TlITbgmz1Gb2NE42C6Fl+cW4ZC + ksiLr1c57tUDpAvKmtU6f4n7cCbfXX3gZYMCrVLAkEdwi3LGbyKoa1Rfh4pIWUsY + gXmfEr7oFWI5jWSfOjbxvuJEaADOR30fLHqTWSe1egcgheDn/XcW8ktFhOoZYcpI + y2kLxhTW3K/cxy172xfm3k11/bTNWo1eyDLYNI+604KkFALowLtc+VG71CGhgCsv + sHNowDK5arfWb66qt4lgwqNVO3l4zCyulYRAS24twwVq1xOKTGEeJDexG+PidEa0 + 8rHGA0c9nmddvTXabRMCgMy4H5tXvyZm5L4WYNNLuBi2h0Zgjdsvx4ikfHH6KI09 + n4qkQ6vCStSbSiZ96ezAVN2Nb0tlFaSGJUGHhZnpvdeSgHI97r4X/52AXQj0SZO8 + vOh92Z6rXG+f9faejmypByLAl0dIaDG1VPQ= + -----END CERTIFICATE----- profiles::cacert_selfservice::server_private_key: > - ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAt3on6CqHyfkSR12NDKy27ln9CNYSig4vnazz - 1SU89n50FroloNyQNkryp9owAQhmlkdI8+XQxMfP+ujXNahj2mjQQPJullm/ - i0/8Yr11b9e6CQ/S940Re6203Z+wJDOtOiiv7lckWeBojfvbh0jxU21wvgRM - WQy8qpyfReAeopxxjv7ibWR3/WdJIReIWgQnCtJv7Is5a+QqpYXbDb6G3AK0 - sHFyY2ZYmWOROwCV7cIRr51Ta7NLIC2y0U+TDc5FLzCR0sauA8jtvSc58pT5 - DFHBTsYdqlnlH0bsxqAffYuZdZfCB2gZhRFyshxprJt6Pp5DEsHlzmBgVu3d - 8Pg0uzCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEJUGBdM86l45Q2aM - CTGHxoaAggzQkBGmiEON8uEXus4pljSwufuQuH7+XLQxlE91NTaXiJaDh3q2 - iIfH+2/Z33GfOCsDrOkxtaHKrxAGatxvOQUKtfl8kCAkSNK2qrlRhfqyeJiR - 8twoLYe/p7ijufLZBxR05KrwfJC5baWqA4f1psy2c4kStgTe6w4T7iJMhAHH - mQM7FfbZgKncmsPAdEAxGj0r0sf0iLCOkAQsoZQ52J5oKUE8/q1ywjMYnnEy - a15JyQpODCjUI9pTpuGwUr90bnFAh9/WWblEQROwSdjCM/tRnMYlB5LW7pGE - WfXIZ/pxax7KDd9x3LG6gtDLyKpOCPSrotkO5NmjPKbJBu1PWeKT2tRWRUXR - Ss5D1nvCipJUgijwAsXpiojCHBOgo9zjXe7PKoqT+H3sGJ0Fj8tO8L+tEs63 - lVbYA2cIX4x8f8HGzIQoQu0bqPX+ZNO1kDxjR5gxYLfmWjXaoQtfaEB29mIr - KdpxjQ22cKw40CTE+Pd78g599aUHV0SNVnN7nW82vyZVl5nEiIQ0a8nO/A7Q - o1DnaSUykNENGxKQ7xShtV2Z9win2BkqBblkO86oIQuG8ExYvxnyEW1udL3o - D2vNrG7toLRAl9mTcP+YJbIgNX3pZIu6kY5WZA5cUEsKjG8Io9O2q8EExzUS - w55bpzDNWD7hd91m13vx3lIqlaWuOUvNVfT3WPPNYAhSOByWi/1c/wkE0sF9 - PKp3yi8pkK/uh50mfR6ZLTg3gDVJNobqWUeq8zay/4Wo5uzPGwgTa28gQSyT - IXeAdmSXz9HQBKcvunEkwefgHSIvFHPDxQo+0kodVWNjqyYxCwiuCpaWsXbH - IO7FL/+afYA3nCSk7Ijpo4Q/cKi0rtGBedvbxbLwwXlGhBDmimc6OLSHfaNQ - +0sVk8BxFqxBDhEW9A0t4XyPJ3SVv8SC66ldLYHW71Uajyysp9lhOLFwWFfO - sXwTMvXDF7q1x47d5s3UM8W34djobVBHjlrF8TNHLvI7DwrIktzRvJ60Qmch - OIspFZHNdmMAD2EK/LVwcSVfP+bkBeez3pX53y8lDPqaJtEGwygRPhAYyKyg - V0lwZoqcmJihxTLJPreolkIBbiWRh6TVafFAykxPJAdQDgQimS2o4FZtRkZt - 3A4vwK5zWhzDTezBzzTZAC9NuJA6VYWhiRrQ8NKrOhbz8D2lgPnuhJu71/vE - lfkAPCyQTIY8YYxDhL1XgnWsCCHleIAMHHpC+kGZ/vnu2nLIji2KR/ii1Fr1 - JbXh9E9i2GhHp0eucxYBwS50sVwAFdouM5pDi8kfIzT2Dzmd6mArUBBawjgt - cHCc0yeL9YgXRNxo2tBf73biJRBsC/+rtguaxnacb6JCszUbfAwXO44AR9YV - vuCg4WKp1zQrWRtN9E2fj9QXHyKcXEgKvaoUOmREipeS2DTdwG56PtDfRG/N - UPdrZnCDhZTY5Yvqo106bfAj0SY/ULGTXe3paBwaOcLTKOGTkXUVpK2dcUdw - k2TuiexKcRPlTjDMX/BH4HYeTeBR+UjZdOKGc2oQ4wsL4IsPhqcfK0GKVBCf - eGJ+mGIbGCT2HcWb2igeXL+BRD6ykimO4DfspgfDgIUDB7FZFJuUoaDRjQ/I - J4hWG6fLn9PNKFZ2BhQ1mv2eJy3yNiQXLtpkCarS2mRmipGVgrCHgO5S/TdL - B9Otn9dHKY6cuXXhenH1vqXBsLCnPFeX/6ewhJ+MTWryE5cIhLbEZHq9RtbW - zxJXe0eadPJXWLd6OBPqr0V9M/XGpI5q9k7tHpVvBn467RbQrAk7zkYQcOOL - J1ZYDmzjELd662qLNLR36YIC0/lX6aw/6T1cOqgnoh7GUDpt/z8b9K99LXXx - +FRO5KXSORj++DA3MdJoB4XeSkKPXp5xqoVP36/657ynj/dvNLhHS2QvcKvM - Nnr3icyk0jAlWip/sE+mRYJJ7mz3yB/sNx6QZ1vtWIiEypNK+fGPmi8NbchY - XPS99rbAmL0Kk66Xrjd63PqqWVw981YC3r6COxYQJR1v2l6WolAgcDdOU36f - EY41ltzSdSBtmCa/0Y2OAYkk/J5KxpMjYxoW080b7WNWNpaud4tPb1kiS4OA - 5NKSZpmyJwOogDsVrYyQrvybU7x+eybyGh7zU9JOhI81yt93O7kpeRjEbcTb - hRwUA9JN0JAAxxJVBuM29/SY9pBwprkgVFPME0m1Jfti9m7mf6rfxCOgMTLS - zpPRyLUjRYLx95W6AlUpCi9CTZhlSXZB6rtJGRfm8vz44nZXbtaE/qhAA7h/ - bf0OL9GVmROHm2w9nxeFtVGKBcmgDGECFgeBZfT+ImrAdSmed4GO0BqjzooJ - EZuet7nnm40kz+wyZrJAzUyyXUjkVj01r6yLlX1dogul8aeGWe44iXaswiXv - ZFfOh3ewMa93kdjJQI1WTc3LmpNUoMJD4QwPOIs6H8Vsyzu9DKefmvEWBBa1 - CxX+F32/XPvn3qX+Qi0eJE1rvRnynyTUNzQSOZtTB+YUAtmqUglLeN7E3cSC - wlJ46co2TkyaRZqrY28cax90GhOgkmOZK8MZQ4kPDWA1tddS3QP5L558sWeZ - K5aMEIYTwCazPsVcy7v6MNOM06Yhnce1BOhioDS8vPI8pf84HDC99MSZSvYr - qvDmr/gOVY+BrYfk0E9y7l4eVSpD7uDEDhaPS6lTZrj5JclihoGGKWUPmg7q - XXEH3rwF9NqloFBDNDIcYTnIOpdo+vDKF04oA4Q3K35dh67kwVjW/3DqdC5R - k/AcB+8+nCjWCxjYCxF9EJpenSmYhS8Seeuly4w57qpT23bwDk39whqBvnz3 - o/tWFCLhC9EuQ95S5h7cKxTLatgfD6/U8zuA8kkFA2Aq9JB2kZthU1HWglr5 - 7OhcmTa3j4zEF/946VjmjneVxdsbbT2WAf4+hf7CuByI0xEeGmboJQ6sAvoo - 1ASdTIzZbfnbI0KjBuNK7OkI0XtmUr+hz3bWGrrXXOeEXPLd8WCJf9QzWjnS - kLta5LzCHU5D54w20W5OxKmIW8al8QweYPKgV/PrOFwYLy57+2NJuDfu7646 - uszXtkOdfvAHp98KR/cGdaBMTGqO54CFfTBm9GlZ0wnkiJw2KxoNiJlsBoXB - ahHGJzBU2QMGmWCLlk9cJXHJsj0FwhxCeGionq5IeJ4aUHTACFTnRn0mLJIE - 0rNAd6ZuprpGb8ZhMOD2Evyfhfi6QH8k7lQkvZFnAKBkCwm9VvNMtNnBK1Jw - SZPc1RJ/zuh/q/K5ROLz+w2hAXB8uzAvxxq/rUr9q8OHtrNspQL1hCiTYIpM - 39ty9yOFY+vGSNTgkwNEVeMU511nngQFRF/kyNAXNFGYLdR+LyOWDzH8QcP0 - PSH4aqYeRR8ID2Rm4dwOBw7r97wQmH3s8YRXQ/7fryTx/5d6mAnuFW6y3v33 - VSU+SSaC8u+D1QWPg5opS0I0/om8cF53+hlp5KMZVRQB2Orl4TqXaYAG9MQt - f58DDo3aIKBGpw4cV34XVq0N71oxxsileK9Lwi+MdwYLSkgy/dfZHlV7hRCT - BcFA+WD4GvCEVriLey6E5u7RSxKg3X2TeuLGM8q18HpAzaJtfWIu31bzBJrr - 0/Wzm/MQXlwHNzWJdH0igetK9PJz5QZ+kkU7TaP+crYm4KrA/7/d+fEdLIIB - zZQ6LDXJeQjW2gLSirKezuFbpHY1uhJibi1gASxqT1e2WuJTvliUSoc5aEiu - yivOYX+nyg7+EpUl1WDsOqAbSchqsM1oQ5oCdkehWAN00szO+/Kn3SaIZLda - v9pUtuxYSOTVNZECXq1nR4/0tMO9qFdlaBk8PzWIkeNkrCblZ8tS9yTpoSYe - omUKIN0npvEqB6Vfdk0ZpxVxqErnsr8gGiCPmGebtklFFvGDdWI1gfnIrKeP - Llirqqf3mIv8107hv8ozayWsHD1PhEiRKmputKU+5bb3PJb61MiFNaIdflgR - OJYhZ6bhtVm/ofUQAUY2AATURZbkSYPHYidgXd45QoVOA0Oc5pxmA3f/tJ+f - avp32Ix/y5MmzpPwUESjv7WPnvlU+WADzXuyTJXCOED6Y5LMp//U0lNr+AXQ - rlc8d6na/DTTyIDFd42W+Yvy7wl0JofyIUSsPGRx/srzzeJAq0k31GmmMPXN - TGb/HtFj+BaUDPn+5G/2KdCsCbFqKk2MiuBZ7GYVxJMH83zFAhxQy8APOgke - b24elx5vnfEENvbFrlWHp48KJzHGiBwvabw2TGSsIZj0TCIIS179F7T/ecyy - meSzL66S0bE3fMQW7PHJBEJfd1rF7Lzc1zyYOuEEKxKuZTAv0oNJa7boRFWN - b7xfkInLzKPfTfNlY9txwOqlGWYfZxa4d6fBKbVxdspf8WnTIrXgWshjWYcV - /r8P6g==] + ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAt3on6CqHyfkSR12NDKy27ln9CNYSig4vnazz + 1SU89n50FroloNyQNkryp9owAQhmlkdI8+XQxMfP+ujXNahj2mjQQPJullm/ + i0/8Yr11b9e6CQ/S940Re6203Z+wJDOtOiiv7lckWeBojfvbh0jxU21wvgRM + WQy8qpyfReAeopxxjv7ibWR3/WdJIReIWgQnCtJv7Is5a+QqpYXbDb6G3AK0 + sHFyY2ZYmWOROwCV7cIRr51Ta7NLIC2y0U+TDc5FLzCR0sauA8jtvSc58pT5 + DFHBTsYdqlnlH0bsxqAffYuZdZfCB2gZhRFyshxprJt6Pp5DEsHlzmBgVu3d + 8Pg0uzCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEJUGBdM86l45Q2aM + CTGHxoaAggzQkBGmiEON8uEXus4pljSwufuQuH7+XLQxlE91NTaXiJaDh3q2 + iIfH+2/Z33GfOCsDrOkxtaHKrxAGatxvOQUKtfl8kCAkSNK2qrlRhfqyeJiR + 8twoLYe/p7ijufLZBxR05KrwfJC5baWqA4f1psy2c4kStgTe6w4T7iJMhAHH + mQM7FfbZgKncmsPAdEAxGj0r0sf0iLCOkAQsoZQ52J5oKUE8/q1ywjMYnnEy + a15JyQpODCjUI9pTpuGwUr90bnFAh9/WWblEQROwSdjCM/tRnMYlB5LW7pGE + WfXIZ/pxax7KDd9x3LG6gtDLyKpOCPSrotkO5NmjPKbJBu1PWeKT2tRWRUXR + Ss5D1nvCipJUgijwAsXpiojCHBOgo9zjXe7PKoqT+H3sGJ0Fj8tO8L+tEs63 + lVbYA2cIX4x8f8HGzIQoQu0bqPX+ZNO1kDxjR5gxYLfmWjXaoQtfaEB29mIr + KdpxjQ22cKw40CTE+Pd78g599aUHV0SNVnN7nW82vyZVl5nEiIQ0a8nO/A7Q + o1DnaSUykNENGxKQ7xShtV2Z9win2BkqBblkO86oIQuG8ExYvxnyEW1udL3o + D2vNrG7toLRAl9mTcP+YJbIgNX3pZIu6kY5WZA5cUEsKjG8Io9O2q8EExzUS + w55bpzDNWD7hd91m13vx3lIqlaWuOUvNVfT3WPPNYAhSOByWi/1c/wkE0sF9 + PKp3yi8pkK/uh50mfR6ZLTg3gDVJNobqWUeq8zay/4Wo5uzPGwgTa28gQSyT + IXeAdmSXz9HQBKcvunEkwefgHSIvFHPDxQo+0kodVWNjqyYxCwiuCpaWsXbH + IO7FL/+afYA3nCSk7Ijpo4Q/cKi0rtGBedvbxbLwwXlGhBDmimc6OLSHfaNQ + +0sVk8BxFqxBDhEW9A0t4XyPJ3SVv8SC66ldLYHW71Uajyysp9lhOLFwWFfO + sXwTMvXDF7q1x47d5s3UM8W34djobVBHjlrF8TNHLvI7DwrIktzRvJ60Qmch + OIspFZHNdmMAD2EK/LVwcSVfP+bkBeez3pX53y8lDPqaJtEGwygRPhAYyKyg + V0lwZoqcmJihxTLJPreolkIBbiWRh6TVafFAykxPJAdQDgQimS2o4FZtRkZt + 3A4vwK5zWhzDTezBzzTZAC9NuJA6VYWhiRrQ8NKrOhbz8D2lgPnuhJu71/vE + lfkAPCyQTIY8YYxDhL1XgnWsCCHleIAMHHpC+kGZ/vnu2nLIji2KR/ii1Fr1 + JbXh9E9i2GhHp0eucxYBwS50sVwAFdouM5pDi8kfIzT2Dzmd6mArUBBawjgt + cHCc0yeL9YgXRNxo2tBf73biJRBsC/+rtguaxnacb6JCszUbfAwXO44AR9YV + vuCg4WKp1zQrWRtN9E2fj9QXHyKcXEgKvaoUOmREipeS2DTdwG56PtDfRG/N + UPdrZnCDhZTY5Yvqo106bfAj0SY/ULGTXe3paBwaOcLTKOGTkXUVpK2dcUdw + k2TuiexKcRPlTjDMX/BH4HYeTeBR+UjZdOKGc2oQ4wsL4IsPhqcfK0GKVBCf + eGJ+mGIbGCT2HcWb2igeXL+BRD6ykimO4DfspgfDgIUDB7FZFJuUoaDRjQ/I + J4hWG6fLn9PNKFZ2BhQ1mv2eJy3yNiQXLtpkCarS2mRmipGVgrCHgO5S/TdL + B9Otn9dHKY6cuXXhenH1vqXBsLCnPFeX/6ewhJ+MTWryE5cIhLbEZHq9RtbW + zxJXe0eadPJXWLd6OBPqr0V9M/XGpI5q9k7tHpVvBn467RbQrAk7zkYQcOOL + J1ZYDmzjELd662qLNLR36YIC0/lX6aw/6T1cOqgnoh7GUDpt/z8b9K99LXXx + +FRO5KXSORj++DA3MdJoB4XeSkKPXp5xqoVP36/657ynj/dvNLhHS2QvcKvM + Nnr3icyk0jAlWip/sE+mRYJJ7mz3yB/sNx6QZ1vtWIiEypNK+fGPmi8NbchY + XPS99rbAmL0Kk66Xrjd63PqqWVw981YC3r6COxYQJR1v2l6WolAgcDdOU36f + EY41ltzSdSBtmCa/0Y2OAYkk/J5KxpMjYxoW080b7WNWNpaud4tPb1kiS4OA + 5NKSZpmyJwOogDsVrYyQrvybU7x+eybyGh7zU9JOhI81yt93O7kpeRjEbcTb + hRwUA9JN0JAAxxJVBuM29/SY9pBwprkgVFPME0m1Jfti9m7mf6rfxCOgMTLS + zpPRyLUjRYLx95W6AlUpCi9CTZhlSXZB6rtJGRfm8vz44nZXbtaE/qhAA7h/ + bf0OL9GVmROHm2w9nxeFtVGKBcmgDGECFgeBZfT+ImrAdSmed4GO0BqjzooJ + EZuet7nnm40kz+wyZrJAzUyyXUjkVj01r6yLlX1dogul8aeGWe44iXaswiXv + ZFfOh3ewMa93kdjJQI1WTc3LmpNUoMJD4QwPOIs6H8Vsyzu9DKefmvEWBBa1 + CxX+F32/XPvn3qX+Qi0eJE1rvRnynyTUNzQSOZtTB+YUAtmqUglLeN7E3cSC + wlJ46co2TkyaRZqrY28cax90GhOgkmOZK8MZQ4kPDWA1tddS3QP5L558sWeZ + K5aMEIYTwCazPsVcy7v6MNOM06Yhnce1BOhioDS8vPI8pf84HDC99MSZSvYr + qvDmr/gOVY+BrYfk0E9y7l4eVSpD7uDEDhaPS6lTZrj5JclihoGGKWUPmg7q + XXEH3rwF9NqloFBDNDIcYTnIOpdo+vDKF04oA4Q3K35dh67kwVjW/3DqdC5R + k/AcB+8+nCjWCxjYCxF9EJpenSmYhS8Seeuly4w57qpT23bwDk39whqBvnz3 + o/tWFCLhC9EuQ95S5h7cKxTLatgfD6/U8zuA8kkFA2Aq9JB2kZthU1HWglr5 + 7OhcmTa3j4zEF/946VjmjneVxdsbbT2WAf4+hf7CuByI0xEeGmboJQ6sAvoo + 1ASdTIzZbfnbI0KjBuNK7OkI0XtmUr+hz3bWGrrXXOeEXPLd8WCJf9QzWjnS + kLta5LzCHU5D54w20W5OxKmIW8al8QweYPKgV/PrOFwYLy57+2NJuDfu7646 + uszXtkOdfvAHp98KR/cGdaBMTGqO54CFfTBm9GlZ0wnkiJw2KxoNiJlsBoXB + ahHGJzBU2QMGmWCLlk9cJXHJsj0FwhxCeGionq5IeJ4aUHTACFTnRn0mLJIE + 0rNAd6ZuprpGb8ZhMOD2Evyfhfi6QH8k7lQkvZFnAKBkCwm9VvNMtNnBK1Jw + SZPc1RJ/zuh/q/K5ROLz+w2hAXB8uzAvxxq/rUr9q8OHtrNspQL1hCiTYIpM + 39ty9yOFY+vGSNTgkwNEVeMU511nngQFRF/kyNAXNFGYLdR+LyOWDzH8QcP0 + PSH4aqYeRR8ID2Rm4dwOBw7r97wQmH3s8YRXQ/7fryTx/5d6mAnuFW6y3v33 + VSU+SSaC8u+D1QWPg5opS0I0/om8cF53+hlp5KMZVRQB2Orl4TqXaYAG9MQt + f58DDo3aIKBGpw4cV34XVq0N71oxxsileK9Lwi+MdwYLSkgy/dfZHlV7hRCT + BcFA+WD4GvCEVriLey6E5u7RSxKg3X2TeuLGM8q18HpAzaJtfWIu31bzBJrr + 0/Wzm/MQXlwHNzWJdH0igetK9PJz5QZ+kkU7TaP+crYm4KrA/7/d+fEdLIIB + zZQ6LDXJeQjW2gLSirKezuFbpHY1uhJibi1gASxqT1e2WuJTvliUSoc5aEiu + yivOYX+nyg7+EpUl1WDsOqAbSchqsM1oQ5oCdkehWAN00szO+/Kn3SaIZLda + v9pUtuxYSOTVNZECXq1nR4/0tMO9qFdlaBk8PzWIkeNkrCblZ8tS9yTpoSYe + omUKIN0npvEqB6Vfdk0ZpxVxqErnsr8gGiCPmGebtklFFvGDdWI1gfnIrKeP + Llirqqf3mIv8107hv8ozayWsHD1PhEiRKmputKU+5bb3PJb61MiFNaIdflgR + OJYhZ6bhtVm/ofUQAUY2AATURZbkSYPHYidgXd45QoVOA0Oc5pxmA3f/tJ+f + avp32Ix/y5MmzpPwUESjv7WPnvlU+WADzXuyTJXCOED6Y5LMp//U0lNr+AXQ + rlc8d6na/DTTyIDFd42W+Yvy7wl0JofyIUSsPGRx/srzzeJAq0k31GmmMPXN + TGb/HtFj+BaUDPn+5G/2KdCsCbFqKk2MiuBZ7GYVxJMH83zFAhxQy8APOgke + b24elx5vnfEENvbFrlWHp48KJzHGiBwvabw2TGSsIZj0TCIIS179F7T/ecyy + meSzL66S0bE3fMQW7PHJBEJfd1rF7Lzc1zyYOuEEKxKuZTAv0oNJa7boRFWN + b7xfkInLzKPfTfNlY9txwOqlGWYfZxa4d6fBKbVxdspf8WnTIrXgWshjWYcV + /r8P6g==] profiles::cacert_selfservice::jwt_private_key: > - ENC[PKCS7,MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAqkP3W1VRWy1uh8R6lGuqFXDVf+B0HhrFHmvn - FtxQWRVlQZzudoQnWJsLR/J41qk7bX/eOmv8S5nKIwRIvovwb7tI+T9TaJ33 - hXUMZ9TBTjkz3OD6Pv/dsp/2zvGFHICEwIcUaJD2tBAqFPM1JhlJqXAwRNCK - d2r8787fglChU/EpMhA45FvXvkCDxBE9W+L+aMzMlV6DcnQPCqKZwADQuBDS - qw41j/hvmPzjconmV8aknXBdTaKUqKuspmn3tLIQGMRHUnKxq80AV5kdqlTy - 1PwhN6FdFqBfosJuemV6eM6B0wupa4NK5iYvuRN/htQXJOjw562KUPDE1oe3 - PXqK0DCCAR0GCSqGSIb3DQEHATAdBglghkgBZQMEASoEECj13+wuFOeVRqiX - d/s4ZZSAgfAx98UDQlEtcfX+5fCgw2ofqTD1K1KBzpGemGD9UbK0AI+sFhpY - SyeuzhXS+s/XP9MYtlHgZiVgt7B95+EnCoGNGWfY5gWFzSvu63zikEGTT9tf - 6iPS/A4sYu+HFPuE/ryHrCBJi0e1yaf2pa5IctFhpeWF++Dw3pmYC3c3sZb6 - ieCxxZ4r+NiPvS3xnAE+q3P7z5R3OTVYZkmLCupzBtnqi8Ne/TdvmUBWDtw4 - 2v8bs97vfnguWiynjekfeZgjO28SWiJYwLFuQUtV+kvYl9baPpORFTfuI3Rs - dCF8snPWlLs3m+PXsz2HoiGe0s2tBKM=] + ENC[PKCS7,MIICXAYJKoZIhvcNAQcDoIICTTCCAkkCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAqkP3W1VRWy1uh8R6lGuqFXDVf+B0HhrFHmvn + FtxQWRVlQZzudoQnWJsLR/J41qk7bX/eOmv8S5nKIwRIvovwb7tI+T9TaJ33 + hXUMZ9TBTjkz3OD6Pv/dsp/2zvGFHICEwIcUaJD2tBAqFPM1JhlJqXAwRNCK + d2r8787fglChU/EpMhA45FvXvkCDxBE9W+L+aMzMlV6DcnQPCqKZwADQuBDS + qw41j/hvmPzjconmV8aknXBdTaKUqKuspmn3tLIQGMRHUnKxq80AV5kdqlTy + 1PwhN6FdFqBfosJuemV6eM6B0wupa4NK5iYvuRN/htQXJOjw562KUPDE1oe3 + PXqK0DCCAR0GCSqGSIb3DQEHATAdBglghkgBZQMEASoEECj13+wuFOeVRqiX + d/s4ZZSAgfAx98UDQlEtcfX+5fCgw2ofqTD1K1KBzpGemGD9UbK0AI+sFhpY + SyeuzhXS+s/XP9MYtlHgZiVgt7B95+EnCoGNGWfY5gWFzSvu63zikEGTT9tf + 6iPS/A4sYu+HFPuE/ryHrCBJi0e1yaf2pa5IctFhpeWF++Dw3pmYC3c3sZb6 + ieCxxZ4r+NiPvS3xnAE+q3P7z5R3OTVYZkmLCupzBtnqi8Ne/TdvmUBWDtw4 + 2v8bs97vfnguWiynjekfeZgjO28SWiJYwLFuQUtV+kvYl9baPpORFTfuI3Rs + dCF8snPWlLs3m+PXsz2HoiGe0s2tBKM=] profiles::x509cert_common::certificates: 'webmail.cacert.org': certificate: | -----BEGIN CERTIFICATE----- - MIIGdDCCBFygAwIBAgIDAuN8MA0GCSqGSIb3DQEBCwUAMFQxFDASBgNVBAoTC0NB + MIIGdDCCBFygAwIBAgIDAvroMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV - BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjAwNjA2MTExMDQxWhcNMjIwNjA2 - MTExMDQxWjBfMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT + BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwNzE2MDkwODM1WhcNMjQwNzE1 + MDkwODM1WjBfMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRswGQYDVQQDExJ3ZWJtYWlsLmNh Y2VydC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCspKMHnd/Y xvVqB7B/3bXfg7nReRR6WsP0xFzharKLkymoh3cMoFZU6gW/AyLPq2wicjJPtEUi @@ -245,18 +245,18 @@ profiles::x509cert_common::certificates: hidodHRwOi8vY3JsLmNhY2VydC5vcmcvY2xhc3MzLXJldm9rZS5jcmwweQYDVR0R BHIwcIISd2VibWFpbC5jYWNlcnQub3JnoCAGCCsGAQUFBwgFoBQMEndlYm1haWwu Y2FjZXJ0Lm9yZ4IUY29tbXVuaXR5LmNhY2VydC5vcmegIgYIKwYBBQUHCAWgFgwU - Y29tbXVuaXR5LmNhY2VydC5vcmcwDQYJKoZIhvcNAQELBQADggIBAAStZDsACPPf - /4NhO2O8ANSAOH6hIHFaxEbB4+aEY7an7rB/84Dis6O8xfh/K9Z+M9uob/jIfhEd - 2bJdufSDbp3OkrhQj9/Acz2o0xettiFgJAh0SNf8/dH9U1cqRPCK3dNna6z8vOJJ - XJJlyzTVli3N4AZOycmD3XNpC3INiEFOFRwfJLR7I4Nlv8YylmSc+BpnYlYQOWii - TXfNWcmojuW/JHJT0xmMz0gpJOCbvjrd0MHVj8ygEP2u9a7kHMAE7o1Wc/P2KsqA - +l1011KpjVNhO4Lln54ziWQ2F2x/R1dHNk5WrV9Y4J06drx1/UDR7QyLQ99II4YV - qC+C/DYkwOzvBrWOWpoOov3PmrDEpsbVoWvIDyb0+G7xgm6nGSexaGbVxmXj07/o - 7cW81GwohK29n6MXtVFcILAOHl5xyRH4f0PqRYx9WAu+pxpH8E423dnMpTNurkYS - e5yNfo4tL+Fl91RcanwcVA0lFff07GsfFQn1ksgIMFvEVsVaK8OYHiOIgfr1eLUW - DsCt63P8dEQf38vKlWD2XO7yD1jgjBOsFFbb/Eq8fGx8KiCGknNPZ2y2F4rhHew5 - od2HHMh61oL7n90kHdheFiPPwf8MtDb89yhPLPEKSLmVYB0NjhygOERwgZvix6Rm - 49YgOhuoXJwGGiBI222zx/q/k6eI0wpB + Y29tbXVuaXR5LmNhY2VydC5vcmcwDQYJKoZIhvcNAQENBQADggIBAJI4h/417PFk + Ds/Q2v0regpEiIaXggnFLs3L3x58RP6uE4tAMTBiGrxbpytXxlIPLWdvBtxiJbQu + JycMKZ/ZvUUfHABKmVPpLMc1110CkDH4wnTH1/wdu/g35YrY91lI3ukVfhH+FCru + kL4vfS6CTYPf3rlJOf63FD/XdIJ3YtF1KVNwAoSoKrhU5+UJul+uY+30ghhsnrx/ + gXuyoDr+/Qakz8WqYjVMe+gWqIVhabq/1UzIbNBb2Upc7o+9uoIw32sxQJPz8mxs + RlQdUd4XJLis/ZJIxGE7Ii8Fpyy7RxsSl7XDXlda9HNquf7gJP2bWaLje5RKBzzK + 2YM6goGKcbTvdhsBeRJRvmixeXcqEVqXUUtBvuDMsp1geDZag0PitvriedjB5zXd + DHg4F0mh6gV2MsMjhCzKvMY6nx8nf1GVZeQX0Me4c4W4gSUnXLmmUarmi0vg1OJ+ + 61FLwxtCPyZAxlwnpMSCaT0KD8jzLz9fArv5dN2O0EqRHFzYQpVEAlHvfECA6FtR + ZcTGUPxat8auCOf5lVjHflCFdaGx5o483TqrATzQFfOZWzxtTrZ6H8BH6kRB0XSg + IeRxyzEqfD/IW+cJtKZplAJEzlv48BZImumLLQY+ROFryONYbLP3kIBsBsYelqNi + UtWEx9lSBrDbaHQNDUuH6yJmHZWYjgTg -----END CERTIFICATE----- private_key: > ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw diff --git a/hieradata/nodes/email.yaml b/hieradata/nodes/email.yaml index f4f76cb..265a6de 100644 --- a/hieradata/nodes/email.yaml +++ b/hieradata/nodes/email.yaml @@ -6,16 +6,16 @@ profiles::base::admins: - law - jselzer profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEADx2myUcKr6RUVuWzwacoj5CCXO8klQz3wvjy - kTIzTiJ5orDP4DKEBff039aBlocks3IWpvdXdv4qLdpHt4jrRpnUi7P7/w/A - uYx+5+3euAF/EHOIDZ6BKnvW5K1BbGcVug0OVxYfqmHKcPu6ChQyYnvEnSmx - Tt/n7MNcczAONzibh/o+IiEdpBkSeI6SOuOOa6au0KeA/vXNQyBgz1wD7JDr - HqKpMYpmAqVfXqQTzjgNVTU7Xh1Cvj85d/oNrfhVJGy62LW09CRUALeATlF3 - dyyXly8q/Zjm+DeYom9futjUFWhQUTft58YOE+LSIYbvC4RsPdmMU+AaMdGM - aVBhmjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDmO1bK1F+o/ClrvyHP - qDUegDB5FE/kCJHikejLTd9x65fkNuaUMs9uTYaTUydsk/yPsD/fZWpRU3hM - nUgJAjygFfc=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEADx2myUcKr6RUVuWzwacoj5CCXO8klQz3wvjy + kTIzTiJ5orDP4DKEBff039aBlocks3IWpvdXdv4qLdpHt4jrRpnUi7P7/w/A + uYx+5+3euAF/EHOIDZ6BKnvW5K1BbGcVug0OVxYfqmHKcPu6ChQyYnvEnSmx + Tt/n7MNcczAONzibh/o+IiEdpBkSeI6SOuOOa6au0KeA/vXNQyBgz1wD7JDr + HqKpMYpmAqVfXqQTzjgNVTU7Xh1Cvj85d/oNrfhVJGy62LW09CRUALeATlF3 + dyyXly8q/Zjm+DeYom9futjUFWhQUTft58YOE+LSIYbvC4RsPdmMU+AaMdGM + aVBhmjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDmO1bK1F+o/ClrvyHP + qDUegDB5FE/kCJHikejLTd9x65fkNuaUMs9uTYaTUydsk/yPsD/fZWpRU3hM + nUgJAjygFfc=] profiles::cacert_selfservice_api::client_identities: - id: cac3ad11-fa50-43f6-8ded-15f598b6ca2a key: | @@ -24,147 +24,147 @@ profiles::cacert_selfservice_api::client_identities: 0J/6SxMU+jix4InG1tFL6yiikQqZMY9Gu4yYgF/WhiLrgjPbaGvlln0/FA== -----END PUBLIC KEY----- profiles::cacert_selfservice_api::db_password: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAjOBz2QKZTSY8lyV3SWjjatpm4CdVHPr4kfmx - UwfclDNRZr2w2vZgFLOlImfwJCpGa0xJsEHtS+IEkIV8Mh7jfCmQ6bVWDGtt - q1mYRdFHtUX4P2/Yw0sSXuMa7IGKeV7xYL3KNxZljjNieNP//DoCKF1MNE0V - ik2xO6IRTd8vT2VAVOxSgarn9hs5aL7PpxmvTH0rp+Q5pgjUm4cHFjbW3ur5 - q2XWwfydXPfnBsG17xHlrFJowMZM9fRyq7FuYsm+zIYkm1+AgzFEr6ogA4Fc - pTVghKACVzFMpd9v7u9FRvqbrUR+Q1GdckbwkvAJlkCkPLKah1LHoZW4jHlj - OWG1xTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDMdsp1Zc87SdO2yp+w - R9V1gDAZYPSwQJ/GbXBPy614dS5z++Q/8Go0Eve3bX+atTkYa4q3E5qrscAb - CtCL1kfU66I=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAjOBz2QKZTSY8lyV3SWjjatpm4CdVHPr4kfmx + UwfclDNRZr2w2vZgFLOlImfwJCpGa0xJsEHtS+IEkIV8Mh7jfCmQ6bVWDGtt + q1mYRdFHtUX4P2/Yw0sSXuMa7IGKeV7xYL3KNxZljjNieNP//DoCKF1MNE0V + ik2xO6IRTd8vT2VAVOxSgarn9hs5aL7PpxmvTH0rp+Q5pgjUm4cHFjbW3ur5 + q2XWwfydXPfnBsG17xHlrFJowMZM9fRyq7FuYsm+zIYkm1+AgzFEr6ogA4Fc + pTVghKACVzFMpd9v7u9FRvqbrUR+Q1GdckbwkvAJlkCkPLKah1LHoZW4jHlj + OWG1xTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDMdsp1Zc87SdO2yp+w + R9V1gDAZYPSwQJ/GbXBPy614dS5z++Q/8Go0Eve3bX+atTkYa4q3E5qrscAb + CtCL1kfU66I=] profiles::cacert_selfservice_api::db_username: > - ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAOj5c9aTiQd+MKVJmAoSMp+9/9YtdFmRtCyyA - 6BMb3YqvQT8D70VI3Ttq6AaF0S3xttJvwHdDUgYv4pEJ9V7dnQUZb/mGi7ZN - NM/R7VPN7sT/yS/z45TvGyz/VjSQuisCzj/cCg6ikXg2//BXj2h68BebiQz+ - 2NqJWrucTCjvK48eEu8QDKzigUyjGOpwkVD89RB2dHacSPbHqA5yTP1YLQdY - JiG8S/IAqMjVKzuQiPnqrfmLBqiFHoARF68UML1rS46Tt5bV4DcVriIjZiUN - Nt9bzOpBkyFkqAYFzXbYyQ3JeR4Mfb9i2wP+tIw5Hd2GaeoWBEJAdaqzsOb0 - 5NJX+DA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCl0t3nd/FDwqktfYoZ - ReaagBBkwO8Mi7X2JTPI4jX5lDrS] + ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAOj5c9aTiQd+MKVJmAoSMp+9/9YtdFmRtCyyA + 6BMb3YqvQT8D70VI3Ttq6AaF0S3xttJvwHdDUgYv4pEJ9V7dnQUZb/mGi7ZN + NM/R7VPN7sT/yS/z45TvGyz/VjSQuisCzj/cCg6ikXg2//BXj2h68BebiQz+ + 2NqJWrucTCjvK48eEu8QDKzigUyjGOpwkVD89RB2dHacSPbHqA5yTP1YLQdY + JiG8S/IAqMjVKzuQiPnqrfmLBqiFHoARF68UML1rS46Tt5bV4DcVriIjZiUN + Nt9bzOpBkyFkqAYFzXbYyQ3JeR4Mfb9i2wP+tIw5Hd2GaeoWBEJAdaqzsOb0 + 5NJX+DA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCl0t3nd/FDwqktfYoZ + ReaagBBkwO8Mi7X2JTPI4jX5lDrS] profiles::cacert_selfservice_api::mail_host: email.cacert.org profiles::cacert_selfservice_api::server_certificate: | - -----BEGIN CERTIFICATE----- - MIIGRjCCBC6gAwIBAgIDAvE0MA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB - Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV - BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjEwNzE2MjIyMTMzWhcNMjMwNzE2 - MjIyMTMzWjBjMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT - eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMR8wHQYDVQQDExZlbWFpbC5pbmZy - YS5jYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzyu4 - maECP9uBDeaqV9WDkEHj4YM67yMhenpdvabPV9b7bWXX0EeBmXiEd+8sHKR3cJqn - i2RAnthNJdNYHf0cgJjyhDGAVU5RL1uZMaEbtTIX7jWPbXMp1OX2I8pDtgB5QLAm - Q5sKmXhgH+DCVhxaud5B/CCI6eGfMjxH4fi5+iqSWsopa8Eh6If6pgh1WcFiXu+U - QUa+2oSOwzG+AS16g1guNq+dqQKpGDx+qT4gg/QWrt5/bEhTlZOMUUPi9MoIV5lU - Lqdgkn6Df6DPisT7S7iYrEM3HBLsxxoCT934UP/TN7yaOjgXYLVO59YzltOCAPiK - nqheDAgHTFOqEQjxzY49fr4xHzf7eS4AaZzkM5x65lL7gmCXBKhOgGf5o1uiy90/ - nP1A16QWJZbjFZs/ExwSOqDUMqp2rfxkjE8UCHy2WQeBsOYUrWeDqUMoAlPRDbnM - EYYY+cbddFiorBsT8Pps/qJzp6jYnFK38N+jRY8VkaDfN4L2LIkNv6lpiCt/7QNi - 7+LzFfzaSNkThaF4Gp0feTbzLvuMhMuZevC1MynrYyvCCoSgRPl8WuFvY+Unb4Cy - gjTpf6GIyNmnDFkVrGNX6VEXIJrJA7OmlWN4aKlyeNKpUhKkjAAh+GA72PpD6Hmq - SxFNPKQrVzzToXebo4y48axz6lklSlK8uTgrBh8CAwEAAaOCARAwggEMMAwGA1Ud - EwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMDQGA1UdJQQtMCsGCCsGAQUFBwMCBggr - BgEFBQcDAQYJYIZIAYb4QgQBBgorBgEEAYI3CgMDMDMGCCsGAQUFBwEBBCcwJTAj - BggrBgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9yZy8wOAYDVR0fBDEwLzAt - oCugKYYnaHR0cDovL2NybC5jYWNlcnQub3JnL2NsYXNzMy1yZXZva2UuY3JsMEcG - A1UdEQRAMD6CFmVtYWlsLmluZnJhLmNhY2VydC5vcmegJAYIKwYBBQUHCAWgGAwW - ZW1haWwuaW5mcmEuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAXcqBRwu1 - JoeInJvvFBXJK1mn+vqX/jF7FEybBEI4qt8zO38nsqDu/+AWtMsrCcC1SjgZu/wL - b0hjZAbfyK52oyzigv+LUxRI47BTcriKbNVR1tRvPuU013gAyxoXMwiVeDcMXDaT - hy2BfKoewuXSNE+gtCEA2EIu2ecb50+Vj24VhiwyVbrpshc6QOLVwNOL4nkT+bqq - T151LZYPWAL3PjsApVCo9OVgp3+UMcpUHKYD371cFVF/T2+Gx9tqEsnw9EDsI3r3 - UNSDcCuRICviEEugLRRbjq5NKQ1Exl2jMte4y32FYOU9MeS42slYuTczf0Jk1OZT - WrtUQCgK5XWAk6zdOyg5IZb7uIFhEkq+A5rlFevi/OMOloMnNNZnCuBcLJWhIKme - WvzBwBSL8AErsw1ErzzIaAMUnRYMINVmIpjY4Kvo0S9/OPp+R+yt6AmgR7i5Tx+q - ubDBqCtZF//8nRJMsaW0IhhlBZjl8p1WUqyTz4bzX+M7lyRMuP7N4VlrLh/2bCDc - vvpjHjlsqDcTiTNdMuJMgh747Y/kB7g1G2GzQtb+PCPbpUpgXHZedVR1NF566vXx - y6ICDSC0zCLzuLDl9mH1Jf/4uXFa+frb0FMMuHr5/tGPd8LeTVY/N9nwOrra5fPN - op/Jwgf6Qp3PDtdu51Eky3oAk4e/eqNkJLs= - -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIGRjCCBC6gAwIBAgIDAvE0MA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB + Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV + BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjEwNzE2MjIyMTMzWhcNMjMwNzE2 + MjIyMTMzWjBjMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT + eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMR8wHQYDVQQDExZlbWFpbC5pbmZy + YS5jYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzyu4 + maECP9uBDeaqV9WDkEHj4YM67yMhenpdvabPV9b7bWXX0EeBmXiEd+8sHKR3cJqn + i2RAnthNJdNYHf0cgJjyhDGAVU5RL1uZMaEbtTIX7jWPbXMp1OX2I8pDtgB5QLAm + Q5sKmXhgH+DCVhxaud5B/CCI6eGfMjxH4fi5+iqSWsopa8Eh6If6pgh1WcFiXu+U + QUa+2oSOwzG+AS16g1guNq+dqQKpGDx+qT4gg/QWrt5/bEhTlZOMUUPi9MoIV5lU + Lqdgkn6Df6DPisT7S7iYrEM3HBLsxxoCT934UP/TN7yaOjgXYLVO59YzltOCAPiK + nqheDAgHTFOqEQjxzY49fr4xHzf7eS4AaZzkM5x65lL7gmCXBKhOgGf5o1uiy90/ + nP1A16QWJZbjFZs/ExwSOqDUMqp2rfxkjE8UCHy2WQeBsOYUrWeDqUMoAlPRDbnM + EYYY+cbddFiorBsT8Pps/qJzp6jYnFK38N+jRY8VkaDfN4L2LIkNv6lpiCt/7QNi + 7+LzFfzaSNkThaF4Gp0feTbzLvuMhMuZevC1MynrYyvCCoSgRPl8WuFvY+Unb4Cy + gjTpf6GIyNmnDFkVrGNX6VEXIJrJA7OmlWN4aKlyeNKpUhKkjAAh+GA72PpD6Hmq + SxFNPKQrVzzToXebo4y48axz6lklSlK8uTgrBh8CAwEAAaOCARAwggEMMAwGA1Ud + EwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMDQGA1UdJQQtMCsGCCsGAQUFBwMCBggr + BgEFBQcDAQYJYIZIAYb4QgQBBgorBgEEAYI3CgMDMDMGCCsGAQUFBwEBBCcwJTAj + BggrBgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9yZy8wOAYDVR0fBDEwLzAt + oCugKYYnaHR0cDovL2NybC5jYWNlcnQub3JnL2NsYXNzMy1yZXZva2UuY3JsMEcG + A1UdEQRAMD6CFmVtYWlsLmluZnJhLmNhY2VydC5vcmegJAYIKwYBBQUHCAWgGAwW + ZW1haWwuaW5mcmEuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAXcqBRwu1 + JoeInJvvFBXJK1mn+vqX/jF7FEybBEI4qt8zO38nsqDu/+AWtMsrCcC1SjgZu/wL + b0hjZAbfyK52oyzigv+LUxRI47BTcriKbNVR1tRvPuU013gAyxoXMwiVeDcMXDaT + hy2BfKoewuXSNE+gtCEA2EIu2ecb50+Vj24VhiwyVbrpshc6QOLVwNOL4nkT+bqq + T151LZYPWAL3PjsApVCo9OVgp3+UMcpUHKYD371cFVF/T2+Gx9tqEsnw9EDsI3r3 + UNSDcCuRICviEEugLRRbjq5NKQ1Exl2jMte4y32FYOU9MeS42slYuTczf0Jk1OZT + WrtUQCgK5XWAk6zdOyg5IZb7uIFhEkq+A5rlFevi/OMOloMnNNZnCuBcLJWhIKme + WvzBwBSL8AErsw1ErzzIaAMUnRYMINVmIpjY4Kvo0S9/OPp+R+yt6AmgR7i5Tx+q + ubDBqCtZF//8nRJMsaW0IhhlBZjl8p1WUqyTz4bzX+M7lyRMuP7N4VlrLh/2bCDc + vvpjHjlsqDcTiTNdMuJMgh747Y/kB7g1G2GzQtb+PCPbpUpgXHZedVR1NF566vXx + y6ICDSC0zCLzuLDl9mH1Jf/4uXFa+frb0FMMuHr5/tGPd8LeTVY/N9nwOrra5fPN + op/Jwgf6Qp3PDtdu51Eky3oAk4e/eqNkJLs= + -----END CERTIFICATE----- profiles::cacert_selfservice_api::server_private_key: > - ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAo+kOuakLJWl4gVaTboTX9JodKuNNtKTTFQk2 - bDFa3brAitjmvnoNsX27+Qi+JCQJ9fuqCI1pkdiWDP6iXB5XORFLXRCUBLCA - 5ZNf2me3u8SYgxOH1yVo7AgDw8J6bYqQwcecTm0y0DkmZgEQBryZJVHe6CPD - 7WqBwJreoYI6z/AMoeG9GAsa4CjziRvBTfbymXYtjO3prssRaCQ0rXHiD6JU - 5a90YZm1U2/VwqwjWpTgYFD05hIHCtyD5PNlB8xd+S9sFRsRkRAFIUXkGIfI - 6fjXHe7Jd5bTxMaKIaZmhuxqf4XEqf2qu0mMd9134XzhHJud5EmnH4HGjuIq - NRvCtDCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEAWjoyge8WbAplaP - 30tTCheAggzQ1xj7c23DNmkfATMVVBXlMO29wiov/MncD8zumAY+Jp0g+2Y0 - z7sN6TJdcFMWgEf1+6TPtZnIfWJ04TmpnYEaZd74J+xbUqKEakp56A2CdKdP - wf8oiWX5FD2zvU7irXuU6G9k7eCn9K71gNXDrlEw+roKIZskPo1jVhGNRg/U - Hv4WaticAlEv/txJJKCyQOSz4H8msmV13jKa7yLruM96Pm+AzxEk4NaV/DEB - FS2dvDIQYOXaQZfKMNKSgutnaKeUuyw0VeCMY4y5iRkHGIGJ91iy6KmSa2cS - R53o9CMpFcN9LUhMAvNdB8ZIv5qFapndIqjZXa+wSS1ixKoOa/1uXpPcGnDs - drx0N7NeN8J4/TqlkAFm2Ga2ehjxVGCrN37jH6Z3cr9qFF/1x40ujuSaCI9/ - eC3gZNwowQOzqfINkZdXW/MLmAFeKm+2Bznh/syO2cb8n0TK0hncrf6sqA+k - JTCYvwqoTDHiWWkXJ7u5uGTdbIxl1H9LPgJpRqNK7G7BItV0Do20CG+uKEVx - gMlA743kdPjXZ4GbPPtSVbS5iEhfHo0IGVb8mQvNeye32NfT1QsgkNT9NNFK - U2aFiROwYJGYoJ5zcth9HXMLInjfOggdvZM0DLKz65p8Hob5F3sNhZrSyFEm - MEFYS8fsoNVdfmkBZ8JA8nHYOAaUMqmhhFDIn4g3Mnb7kGur+t97C1MzsqOI - lqz8Vdhm3gqL/UKZp2NoPIyH1cTUACtpOXz8nJY25QJdEyhzgkX7UnGCRRuz - Ev8dPZFRxNwuNO2N7ziDijePK9/VT9iK3CKb4gH8l/Zx51x62mUSGXEnNj6b - Wwnde/o3acqGUF6qvyzeBHelDoSEC336zzCRyut0bGJD3P5zgmNYJ9WUQfph - n2FdLv1Ddy9m0o1W+k0AUjKg+/Tfs/0Cw7Ma5EaykRvhP57HyteVCCwJIbhf - Tf+8A3hw7lGwtUcTaclLs9o6JOhMzepWsigr/M1p3Ec/yjhORMCph7uD24UV - cz2sd9BZhPUHi/NpBUt+KlxyRkwZzFfX8yKGzzp9kgO0EOcjKNq2tFfTY6xn - /7Wu6tCp2DPFV/SZUcvF5SYuh2RSNBotj/BcGnY5/V8FACHxHLI2WCKCBHPZ - 5SMx2JXxzg975HO5v6RK8gKiF//znG5u1U3JuS6NhGq90/EbAhhvF+LoCb6E - dyWy1jWWOvrWAOa6nGxP+55wdQUGpgey2bADp9lhPKcAMyJz/VOt16tpmyOJ - 565ykWISRIk3zb9pffTnlJGqC/zEDN2IBydQ5cl7b1wK5pZWLBnL4De/14T0 - 5TWcZOYXd+xBdZtBi83owAWYFts3MD1RCz40FZJRkbj7QPalkDDFR32XQQW3 - oPuxpNPwwUGfv/m/w2sIVeTSD4r6iEnYQreJ9xGHU7shErFjSWbYVeB/6wL+ - Ty4PCPz9JaqDQgECTy7gNBNyw6n3ucVrmIhnEbN6tk3c8ehgWspeDgI9LNfx - hk0fUJLUBEnm/TINGolSdAsQSe/fZcOfq5L26SvSzJFlurFmmkaM5nF9kk06 - cvLqBdHOIEo1uHZYnlU+qETdsFcWo5ZrA8EN0j5s0XxK+yZuVgah3uPZ47XQ - VrYJhaXTfSz0ybjiQRcteuivs/+wii6cfAoM9KZJoRSfNFgBpDvbIIHaWxci - DIFhw1GzPnpB71eeGkjm2XPSf7u23iXTvTUYYVbsaU/z0DjUFz21Y+oKH4zy - oUw0u9qa02Kvhk2YbI3xVDiMTkdd1coNW2wsW0nup8e0iU5epBAC9GV9IE3y - BEhjsV0ojuh4sItlFOdL9/vWqu0rbYZo6ObTXkWUKb+rbVHpj+bX4QyofOoX - BTndKhhtc1k4hVetbiSEG+MnOWSBZQN7CRHJT4/i4s7N21IvHBR2aowR7xNy - FayoipaGffhmJ8IFlevIJytCfc0/2vlRZ3h0pib6K8UaVqNMqkdlMGpSmYfH - M+SzqDTQhP52Rrsw7TVI8luE+j3G56XkLIzIsFeCN0ImV+LkwZ4xC8kurWs6 - HqioS5xeiZJupMs/YKek37sUuy/1ODL2t30JbHaPLRffvlb6H3eJoQ6qFVI2 - YzjwLWGWotrMduOONpnabSk/466dDgMmew7wANuTqPuD37uf34tqNVrAcmLi - +Nh2Cl6fve/ESlptDMDDN6ThpXXIH0+OAOYBQlqFu5VTfJth4/g8k6LJBDRK - I4ulySlVeENgQKTXvzcUpOo27xfdm4X9O4xU6CqOvtvirSuYzIodrEY821/F - ZCBteES9JcHiBlwB3ku6BUJuIfUqWajafVHyc2iHdTylO3PfoogATomG44gX - zOWsY0hM4WMV7bv50cGBVVZT9xzFoWdKBg9zn6dflMS4DapdrRaCiZ24YnRA - RElTOthV4a4nX6dlbPHXnb2kVSvQD3sIMKGwI51nnESoU9hKXnaKnkMNkmVg - sUDri3G52aJ3Plqy62x62DMQoHEkNriolK5nX+kNw/Yg/wNje6rQ4SvEkjCf - 8VNsC/flbh6T/dP2C4uXoC+AwxCGx5l97WQWwrJ8Xwiuj1f0a0O7dv55ZbJw - AkwQRf6NHkWorekw+84wY6IOAQ3nK/vFj2A/Th6iszdNxu3i4MrxmTw/YWw4 - eDgqV4nKAq2wz1q8xH5p8kjwcY46w088kHJoHllyheLhRlvaLsfIWKdHeHEa - aImSDrcOE/jjqjR7e8VOiP8Vjyc1NaxWQvHrFQW/X+MfcWvQdJ2p/oEwCQDE - mUZPJcddWqI9AamHlA/CsKJ56jqwqz4bGJMlqMqfAbdV8xDlWr9tbDnWectn - a8LwX4FXe0iMCpR4umBDtlFo23N8g6FRt9WZyBTBSoZlZ2Xp/UFO8TqEG3Ol - gVH3i9R7Set6o36kdhIUKSvsXt8vvO91HmNUmk24nhzQRwxrkL40RxrZh67O - RqwBWVTSW3xBaSz1RnVAmN6FxRL+qLWt5O4RYK4I9YgxZW+PQzVdyVzpUZGm - Q/GP9TcZN3723AhFy2tbRfEr/eHhlaSEB6ZuFMGkQ7ROn5RNdbwqex6B/wg8 - x+y1RFOkEILgPtyJR/z5allWhaLbjuj5Czq9DqICp/Oy+HTAd17ETtTpbI7L - HtASYiwnv+tmxJQ2WBiqz6cZ78M6W+Zz3UN2uSr6Gquq/Jq+Y+BhjPbV+6Cv - pttMCZj60nRC+vCsJnl/SAZiiZe+y3VfFJnktwWiinjgaUSIF/IXZmUdN8Vz - MTFPWzMrx/Hhgng8M+sGRwuqNbtYe+Ug4hmGVNNbnE55SN2+6eoZz3Y3WIFC - ovXxxhpBvf5IVEVvYHnTSEFI5F/XNZBKktMjqQf8DAFP89EfzRz98Gg0MEif - RIoVNidxZREmoQ9DaEyIH/1CAopLVgcu8zS1jU8MPWY/B37vgTvkiY0YobyS - aDlus2SMdULymGfg//L99rq0R6a9NhH7UxuXqeUWznHwGijnyybUfDAsfIwp - LXoxmpT9ufn1pvOE9TYsPJxyJcv7QZq2EVR3nL/4l2O2NxUzJWtykXrKbBia - oBFSDXhotMd0w6uh4eS13BWb6HqHjReD7w+6exPQ5uZIf1RBxAmSke2+tAg3 - hCHf8i2uRwA6DnBNgm0ORmuI+RTh9tCM0nRcDpusLwPbFk3UHgvE0W7bxb3h - WchznGDUCgqKH9KWbC4RPFI7zCDjE0I1k1Fpc9T0qfGyjIA5Hc7KVWsl42v+ - NVsFdzN3RZRfv67NQxhl8RoniXF1sWin5XcUN+tNbB7cvCPj8sj4bU8rrQao - +c1R01exRvMHA13ry3haQj3rKX8T+e6QgqAlOfdnst+UpE2DBtaDJwReQBjf - 3wePiQ2CN+tvdK89qzdIr6CLnuzSFNP+ZLpJhiP1fKV85Dnoqe1TSqFCSAR1 - RVBsC17ZXkM6px76IcrOqjgLJmwxfAa5VyylkXsOon6UJ3l1EDDGk2KrKyOT - iHugNXTY6azUF+G3ASWs4lBlEHn6FDYuXOCd18zGKnUYU0Ql/f0SdCTwg2Vl - 8GErdo0GMqcz2FUBvlRy1Ydt1nM+AOHb2GbciaD876/VTebUlPGiCOhtYNop - qnH/BCrm60ulv8l9y69E/9gclWuzJxNJEAChxPpbzV+sSgbPK+BDEey18aGo - YqD+7VGmz1yPxOdgUANFgJeWIksafJFRTrNZWeDYJa9Iu1ZMLk31+O6gJ68Y - lZjHjGommjPd+hKL+TG72k2XDqPNDfE7JQMoDwa/rKQeSzvf/j4rep6N75pQ - huAu6YafNhB8IBwK4oljoITzHVxzpCAP/Pis44IKOkbj4/HWQmJH/IQXmMEl - /02OqZvJJOgkpUGYrsJud+ZAATIhpZwb8JfQMw6mes/6aPdGCZjMJaHPgFjU - h6Q0uA==] + ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAo+kOuakLJWl4gVaTboTX9JodKuNNtKTTFQk2 + bDFa3brAitjmvnoNsX27+Qi+JCQJ9fuqCI1pkdiWDP6iXB5XORFLXRCUBLCA + 5ZNf2me3u8SYgxOH1yVo7AgDw8J6bYqQwcecTm0y0DkmZgEQBryZJVHe6CPD + 7WqBwJreoYI6z/AMoeG9GAsa4CjziRvBTfbymXYtjO3prssRaCQ0rXHiD6JU + 5a90YZm1U2/VwqwjWpTgYFD05hIHCtyD5PNlB8xd+S9sFRsRkRAFIUXkGIfI + 6fjXHe7Jd5bTxMaKIaZmhuxqf4XEqf2qu0mMd9134XzhHJud5EmnH4HGjuIq + NRvCtDCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEAWjoyge8WbAplaP + 30tTCheAggzQ1xj7c23DNmkfATMVVBXlMO29wiov/MncD8zumAY+Jp0g+2Y0 + z7sN6TJdcFMWgEf1+6TPtZnIfWJ04TmpnYEaZd74J+xbUqKEakp56A2CdKdP + wf8oiWX5FD2zvU7irXuU6G9k7eCn9K71gNXDrlEw+roKIZskPo1jVhGNRg/U + Hv4WaticAlEv/txJJKCyQOSz4H8msmV13jKa7yLruM96Pm+AzxEk4NaV/DEB + FS2dvDIQYOXaQZfKMNKSgutnaKeUuyw0VeCMY4y5iRkHGIGJ91iy6KmSa2cS + R53o9CMpFcN9LUhMAvNdB8ZIv5qFapndIqjZXa+wSS1ixKoOa/1uXpPcGnDs + drx0N7NeN8J4/TqlkAFm2Ga2ehjxVGCrN37jH6Z3cr9qFF/1x40ujuSaCI9/ + eC3gZNwowQOzqfINkZdXW/MLmAFeKm+2Bznh/syO2cb8n0TK0hncrf6sqA+k + JTCYvwqoTDHiWWkXJ7u5uGTdbIxl1H9LPgJpRqNK7G7BItV0Do20CG+uKEVx + gMlA743kdPjXZ4GbPPtSVbS5iEhfHo0IGVb8mQvNeye32NfT1QsgkNT9NNFK + U2aFiROwYJGYoJ5zcth9HXMLInjfOggdvZM0DLKz65p8Hob5F3sNhZrSyFEm + MEFYS8fsoNVdfmkBZ8JA8nHYOAaUMqmhhFDIn4g3Mnb7kGur+t97C1MzsqOI + lqz8Vdhm3gqL/UKZp2NoPIyH1cTUACtpOXz8nJY25QJdEyhzgkX7UnGCRRuz + Ev8dPZFRxNwuNO2N7ziDijePK9/VT9iK3CKb4gH8l/Zx51x62mUSGXEnNj6b + Wwnde/o3acqGUF6qvyzeBHelDoSEC336zzCRyut0bGJD3P5zgmNYJ9WUQfph + n2FdLv1Ddy9m0o1W+k0AUjKg+/Tfs/0Cw7Ma5EaykRvhP57HyteVCCwJIbhf + Tf+8A3hw7lGwtUcTaclLs9o6JOhMzepWsigr/M1p3Ec/yjhORMCph7uD24UV + cz2sd9BZhPUHi/NpBUt+KlxyRkwZzFfX8yKGzzp9kgO0EOcjKNq2tFfTY6xn + /7Wu6tCp2DPFV/SZUcvF5SYuh2RSNBotj/BcGnY5/V8FACHxHLI2WCKCBHPZ + 5SMx2JXxzg975HO5v6RK8gKiF//znG5u1U3JuS6NhGq90/EbAhhvF+LoCb6E + dyWy1jWWOvrWAOa6nGxP+55wdQUGpgey2bADp9lhPKcAMyJz/VOt16tpmyOJ + 565ykWISRIk3zb9pffTnlJGqC/zEDN2IBydQ5cl7b1wK5pZWLBnL4De/14T0 + 5TWcZOYXd+xBdZtBi83owAWYFts3MD1RCz40FZJRkbj7QPalkDDFR32XQQW3 + oPuxpNPwwUGfv/m/w2sIVeTSD4r6iEnYQreJ9xGHU7shErFjSWbYVeB/6wL+ + Ty4PCPz9JaqDQgECTy7gNBNyw6n3ucVrmIhnEbN6tk3c8ehgWspeDgI9LNfx + hk0fUJLUBEnm/TINGolSdAsQSe/fZcOfq5L26SvSzJFlurFmmkaM5nF9kk06 + cvLqBdHOIEo1uHZYnlU+qETdsFcWo5ZrA8EN0j5s0XxK+yZuVgah3uPZ47XQ + VrYJhaXTfSz0ybjiQRcteuivs/+wii6cfAoM9KZJoRSfNFgBpDvbIIHaWxci + DIFhw1GzPnpB71eeGkjm2XPSf7u23iXTvTUYYVbsaU/z0DjUFz21Y+oKH4zy + oUw0u9qa02Kvhk2YbI3xVDiMTkdd1coNW2wsW0nup8e0iU5epBAC9GV9IE3y + BEhjsV0ojuh4sItlFOdL9/vWqu0rbYZo6ObTXkWUKb+rbVHpj+bX4QyofOoX + BTndKhhtc1k4hVetbiSEG+MnOWSBZQN7CRHJT4/i4s7N21IvHBR2aowR7xNy + FayoipaGffhmJ8IFlevIJytCfc0/2vlRZ3h0pib6K8UaVqNMqkdlMGpSmYfH + M+SzqDTQhP52Rrsw7TVI8luE+j3G56XkLIzIsFeCN0ImV+LkwZ4xC8kurWs6 + HqioS5xeiZJupMs/YKek37sUuy/1ODL2t30JbHaPLRffvlb6H3eJoQ6qFVI2 + YzjwLWGWotrMduOONpnabSk/466dDgMmew7wANuTqPuD37uf34tqNVrAcmLi + +Nh2Cl6fve/ESlptDMDDN6ThpXXIH0+OAOYBQlqFu5VTfJth4/g8k6LJBDRK + I4ulySlVeENgQKTXvzcUpOo27xfdm4X9O4xU6CqOvtvirSuYzIodrEY821/F + ZCBteES9JcHiBlwB3ku6BUJuIfUqWajafVHyc2iHdTylO3PfoogATomG44gX + zOWsY0hM4WMV7bv50cGBVVZT9xzFoWdKBg9zn6dflMS4DapdrRaCiZ24YnRA + RElTOthV4a4nX6dlbPHXnb2kVSvQD3sIMKGwI51nnESoU9hKXnaKnkMNkmVg + sUDri3G52aJ3Plqy62x62DMQoHEkNriolK5nX+kNw/Yg/wNje6rQ4SvEkjCf + 8VNsC/flbh6T/dP2C4uXoC+AwxCGx5l97WQWwrJ8Xwiuj1f0a0O7dv55ZbJw + AkwQRf6NHkWorekw+84wY6IOAQ3nK/vFj2A/Th6iszdNxu3i4MrxmTw/YWw4 + eDgqV4nKAq2wz1q8xH5p8kjwcY46w088kHJoHllyheLhRlvaLsfIWKdHeHEa + aImSDrcOE/jjqjR7e8VOiP8Vjyc1NaxWQvHrFQW/X+MfcWvQdJ2p/oEwCQDE + mUZPJcddWqI9AamHlA/CsKJ56jqwqz4bGJMlqMqfAbdV8xDlWr9tbDnWectn + a8LwX4FXe0iMCpR4umBDtlFo23N8g6FRt9WZyBTBSoZlZ2Xp/UFO8TqEG3Ol + gVH3i9R7Set6o36kdhIUKSvsXt8vvO91HmNUmk24nhzQRwxrkL40RxrZh67O + RqwBWVTSW3xBaSz1RnVAmN6FxRL+qLWt5O4RYK4I9YgxZW+PQzVdyVzpUZGm + Q/GP9TcZN3723AhFy2tbRfEr/eHhlaSEB6ZuFMGkQ7ROn5RNdbwqex6B/wg8 + x+y1RFOkEILgPtyJR/z5allWhaLbjuj5Czq9DqICp/Oy+HTAd17ETtTpbI7L + HtASYiwnv+tmxJQ2WBiqz6cZ78M6W+Zz3UN2uSr6Gquq/Jq+Y+BhjPbV+6Cv + pttMCZj60nRC+vCsJnl/SAZiiZe+y3VfFJnktwWiinjgaUSIF/IXZmUdN8Vz + MTFPWzMrx/Hhgng8M+sGRwuqNbtYe+Ug4hmGVNNbnE55SN2+6eoZz3Y3WIFC + ovXxxhpBvf5IVEVvYHnTSEFI5F/XNZBKktMjqQf8DAFP89EfzRz98Gg0MEif + RIoVNidxZREmoQ9DaEyIH/1CAopLVgcu8zS1jU8MPWY/B37vgTvkiY0YobyS + aDlus2SMdULymGfg//L99rq0R6a9NhH7UxuXqeUWznHwGijnyybUfDAsfIwp + LXoxmpT9ufn1pvOE9TYsPJxyJcv7QZq2EVR3nL/4l2O2NxUzJWtykXrKbBia + oBFSDXhotMd0w6uh4eS13BWb6HqHjReD7w+6exPQ5uZIf1RBxAmSke2+tAg3 + hCHf8i2uRwA6DnBNgm0ORmuI+RTh9tCM0nRcDpusLwPbFk3UHgvE0W7bxb3h + WchznGDUCgqKH9KWbC4RPFI7zCDjE0I1k1Fpc9T0qfGyjIA5Hc7KVWsl42v+ + NVsFdzN3RZRfv67NQxhl8RoniXF1sWin5XcUN+tNbB7cvCPj8sj4bU8rrQao + +c1R01exRvMHA13ry3haQj3rKX8T+e6QgqAlOfdnst+UpE2DBtaDJwReQBjf + 3wePiQ2CN+tvdK89qzdIr6CLnuzSFNP+ZLpJhiP1fKV85Dnoqe1TSqFCSAR1 + RVBsC17ZXkM6px76IcrOqjgLJmwxfAa5VyylkXsOon6UJ3l1EDDGk2KrKyOT + iHugNXTY6azUF+G3ASWs4lBlEHn6FDYuXOCd18zGKnUYU0Ql/f0SdCTwg2Vl + 8GErdo0GMqcz2FUBvlRy1Ydt1nM+AOHb2GbciaD876/VTebUlPGiCOhtYNop + qnH/BCrm60ulv8l9y69E/9gclWuzJxNJEAChxPpbzV+sSgbPK+BDEey18aGo + YqD+7VGmz1yPxOdgUANFgJeWIksafJFRTrNZWeDYJa9Iu1ZMLk31+O6gJ68Y + lZjHjGommjPd+hKL+TG72k2XDqPNDfE7JQMoDwa/rKQeSzvf/j4rep6N75pQ + huAu6YafNhB8IBwK4oljoITzHVxzpCAP/Pis44IKOkbj4/HWQmJH/IQXmMEl + /02OqZvJJOgkpUGYrsJud+ZAATIhpZwb8JfQMw6mes/6aPdGCZjMJaHPgFjU + h6Q0uA==] profiles::nginx_revproxy::virtual_hosts: 'community.cacert.org': target: http://10.0.0.116/ @@ -191,10 +191,10 @@ profiles::x509cert_common::certificates: 'community.cacert.org': certificate: | -----BEGIN CERTIFICATE----- - MIIHnjCCBYagAwIBAgIDFHywMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv + MIIHnjCCBYagAwIBAgIDFR11MA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y - dEBjYWNlcnQub3JnMB4XDTIwMDIxOTExMzk1M1oXDTIyMDIxODExMzk1M1owYTEL + dEBjYWNlcnQub3JnMB4XDTIyMDExODE3NDk1NFoXDTI0MDExODE3NDk1NFowYTEL MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD VQQKEwtDQWNlcnQgSW5jLjEdMBsGA1UEAxMUY29tbXVuaXR5LmNhY2VydC5vcmcw ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKY4Bz8s5f0AK56dGIl8y1 @@ -221,17 +221,17 @@ profiles::x509cert_common::certificates: cmeCF25vY2VydC5lbWFpbC5jYWNlcnQub3JnoCUGCCsGAQUFBwgFoBkMF25vY2Vy dC5lbWFpbC5jYWNlcnQub3JnghVjZXJ0LmVtYWlsLmNhY2VydC5vcmegIwYIKwYB BQUHCAWgFwwVY2VydC5lbWFpbC5jYWNlcnQub3JnMA0GCSqGSIb3DQEBDQUAA4IC - AQAZO0nwoA6/kYbl/xpKvBCS0HVJcGhKWDG/P9RhJnimeW9637o+8LcJFqDcriF6 - cNPi7A0RSO99uHIuw5aXgEbp25b0i6xMqw4QhzkKXK0DNZtF5LWJ6PGQPlLSCSuV - hnRJXEzGVRuN+8o+tXquTBwhMwIyUIW/7iO9Xw5blSJ41+yezXQ6Gh/sw0o4ptuc - 4D9yGqABhPTl3jq6ifGJUPdAf5l4kOebHBlNbeiTKLGZrohgU6wC+Xk0r0JCb0UH - K6O7989i+lAnYEuQLJ3ULr8yDMLayrFHJN5jzXlcdoCiPwF/zlkYNBq1hVj8uZGW - o1DMbXlVbT1sSmqRoAcp1uuUc5zCpSXImVKwM1x6mfEMsffjqItI/3+z0yg17pn0 - Dprun2HT+k/jwNJUH3YVcqgshkiBLSKyBXy5pn9G5wPdbpZRcXmV5fwhk63N9XV5 - Q7AiVxSEIBtka9IEWVAYE4djdavGBKZGGu5zB4T1aeBcOmr5V1NcDqwcOiufIVUg - uDAZu7SJmF/VgqifaLsPnbHy+yxaEAWbtxFq/OfbyM0HO9oS4Mdnv5tjOFEyR3QV - TW0DaOGtQ+OTBuFUn+W/bri9/t9nBy04v/8HdkPdtepnAIclk3wUtQ7RT2ABD6PM - F7xpy8QfaHyI4bGakoiWh00gbgVtGF91TBb/eieHVbxThw== + AQAzIeYUQoGrWmhJ+2fEC7isV4k323BhD8XBVb9aIiZK47eZ5WDzSw+cYLSwPsCM + U6zhYTdoo77bo1YlSHeHMeJGZKk7F8A7DLOlKbAPSkDepT4UE9fJL/4ynMZo8HiN + PxOP4unrBSVKSB7ethwFUu9Qi9Aek0jLZqX9rw/EVJDCWrHirfG8DzCmbH21LF2f + BMNd9DhUIqcduCAFFezeyXAruyJ78SQB3YMCstxYnv9UsunkxovpndOpJ/N1aRCh + yOGK48ehgV808xi4TwFgmg+paDeVm0eQLrUZcvYn01eniI71uBzTDBukoXDYGXox + U6GeXzM1FAOvEz9UDkDVGOflFuf6tLAT5HlYQnReWNfj9HBy4i/7xNCyN2F2pIl5 + lCT/nz9Bx654hkiIVzNmG09hMQJMMl+9mB5luKZQ2RCFAYPj1nn7MYBOHu1PNvWE + OgoxFq5t8r0ulez9JuAfk4vSHM6DAWUKjo1VOiBjcnhcZP5Obpuo9/37ltum6Bvv + mJe5RysBYOY0wQw1anzIySthQlOnwBNq6qXgW0oUZmrK/xpEneWM4bu9BUjwSRyh + ArPNSJ8jxBzU9hINcVjMS7hcOjMz6EY8EOWKdy2dDhX6OmAF7eEyOQNp4RrKWuB6 + GDDsM9HCOl8iw6wK0K6CUkKSDdNsMQc6sOwjCujhMbj4Og== -----END CERTIFICATE----- private_key: > ENC[PKCS7,MIIOHQYJKoZIhvcNAQcDoIIODjCCDgoCAQAxggEhMIIBHQIBADAFMAACAQEw @@ -318,3 +318,126 @@ profiles::x509cert_common::certificates: cacerts: - class3_2021 - class1_X0F + 'email.cacert.org': + certificate: | + -----BEGIN CERTIFICATE----- + MIIGUDCCBDigAwIBAgIDFR13MA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv + b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ + Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y + dEBjYWNlcnQub3JnMB4XDTIyMDExODE4MTA0MloXDTI0MDExODE4MTA0MlowXTEL + MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD + VQQKEwtDQWNlcnQgSW5jLjEZMBcGA1UEAxMQZW1haWwuY2FjZXJ0Lm9yZzCCAiIw + DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKHqur13jSwFYyZZK3BM3ltrK7WN + k5+H8iRUTx3d1dmHK2XP4zzpksruItkHQLiD45CTPWTf/Uh/0xOl3B5PHRk9WYMw + kA52pye3lp+a9EVEuqpt0lM5x8aWMCEedL85TpJ8ZpP7oNd9BaIOoDSyKOTAr/Hh + 0aYUWN2Q7HaaCn69k5E0z1vxk5MbrrgHl2YksdfuQAet0LmUD7E+nz4AEvNIuIRF + wLRDQx061Ju0mvn9IQsfMtOKfnWwmo86jMna7jOD/TpnqSn+jgCKP6fjhZ5Hvmj4 + C1OoGKWWYpNje5QEygDHECwnnHa0oqIQg0qhzfaWyjtRw8jnSVLC/RlfIzd5xo7o + Wy6nqV7TPelATrZ+sQ57P9SAkCZJZciPXES049SMP3JugC7+1ZY4EQbpu/cfcRWY + 5wCHZoD3oScMIshq/VI6wEMRo37RShH1yg8KUIEPFYlWY32ZBz0oPs/Uxo82MUkc + LDB+MZP+wyMNHcaHBPb2+41zqy22X3zCwCSSFUy+MOx91Mc1jfTf+Xz3QwZKcuAJ + uKngLusBPX0lYZKs0kxJNUY9TgZM6nD6YLak9rz9TPf+mYtBmNPNayYQiQNfvCFQ + x8SZ21ggS63JcExNLseWyH3dzgbHrL+R/4x6sWgVU5Oh1dRqB0t6fvGZmeLE85Q4 + EZJMBpY5EfB5yjOlAgMBAAGjgfwwgfkwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8E + BAMCA6gwNAYDVR0lBC0wKwYIKwYBBQUHAwIGCCsGAQUFBwMBBglghkgBhvhCBAEG + CisGAQQBgjcKAwMwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8v + b2NzcC5jYWNlcnQub3JnLzAxBgNVHR8EKjAoMCagJKAihiBodHRwOi8vY3JsLmNh + Y2VydC5vcmcvcmV2b2tlLmNybDA7BgNVHREENDAyghBlbWFpbC5jYWNlcnQub3Jn + oB4GCCsGAQUFBwgFoBIMEGVtYWlsLmNhY2VydC5vcmcwDQYJKoZIhvcNAQENBQAD + ggIBAHlNGGzlrAf/tX4tW1gkq++7VmencPdJEDobSDoNetN+JDFJsGfRZSwHE2km + nNOGgDU1SYaRpNFMuVBD+dTMKM/lXPz0c+M0Yv6Lx4IYfms7UpVQCP14MclqdF/a + 1i7iqnT+rb7gxhWnVrgqYkjXdzg9htx5KcquBnBqwbrDXastWLEnKSwY2nCrTvrI + kMxN62d8t0Agt0HbOTD36ApOASkExkTZDNjWfFKJmd8YQG9K01BTfHeDQDUuEnq/ + M7MDMtn6m3MyAmKQCFnC0mVAu5zA7wU8G7Xm7jNfyvAIN1U1yhCM69sydW/iZMFk + oiObVH+Z4H0n1YROVdA9Cajb24VfjKpkcoXXY/ho3YAK5Ck1n5brPz23RLwy88+E + AmvC79rRlR7QQHklORsc4K2LiHN+j0Y6B4bopo49ozJbMn8jGvTnnUKETQR9fxGe + wOLsrKOefXnNISwc7GawlP3jMJ5EHrTklwUvh/uV5JZPYUALRki0scB1S8Gvd6Qc + S7Er22/kYh7WB9tigh0rgkJQOnNeoMsJrRvxTNxnEMFGPZnVwteObvOwP2F78nbY + t0aq2ZMVRk/QXIITLN0LC7hwzFGRg9PmNKN9ZgiWQ+FZh3T8p59InjkGlAJuMEvl + IxgazK4rmjN2sF+rqQrrj20ZxNBTYM5wzCBHFHvA0gfCl0Tp + -----END CERTIFICATE----- + private_key: > + ENC[PKCS7,MIIOHQYJKoZIhvcNAQcDoIIODjCCDgoCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAIdrc0xGPRESoiSWtVNXy47GpoYQXEjJNoQzH + FsORe9WRW0v+dDNpxJdWbrpIwNGyzqUurQx57M1obEthX82naqGtiDt8zdc5 + k1TToDWkRmOHZzW/dnkNBs2dOPKRvUV4t/CoGm3yaOCnRmYLfTKsJvf/uIu2 + kXFU4u2lqFgfi5lV7Mr21XdfWWaPWpJcz+T9+HO0OPwTQjKBPcvuB2eGXWhr + swNgK6xyg6h5FX4mKp2oSpmZmfRGX5ihpiaoAWESR1tm8Xg7Sde7zPiZ786O + sgsvaPJE8CNnNgVHFBMP4+R9tmOWn5Pd6qw+kIFhNZTpczkebh0mIwfrj6i/ + wLNcfjCCDN4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEGG1Xsv4iiWirIOJ + oI+hDiGAggywG6kYEkDdXAAFRSWNTLl0Vp9G4pGn6oMQYXwyp4DlmVFCcz7O + kf2X2iGT+wWax7F0w/kzLVSTN0W4yRwQzsOjIiO8tGcZurZ0lVpR+DDBVaYh + 7nTffgwqMKFO+GC19+Fd+UEB8/6oZ17KfJCcX1jry04ZjjFcQp70O9OT5snz + 2tT9t2UVL9lx647Hri87wqj8+ZdQaFFZGdgqEuWiaXwo7THykleblHUhODv8 + D6ATK0lKE9t7nlFIalYu+/CAl/r3c/rnBEJ6HqdwkNkkTJvqaUP1yM2B+Iop + oDYjyoCA/oYJ/IyKZNg8DDflIGiA3UZEfrXMpdZcmRQ7GS0dU6XgpjXQZA/f + /UimJQxiQ6nA2Y4Mm33R0NtYc4ExQ3Uge+P98MH6+9AM5HlnhkUcDc6wLHDM + PSUS8FqCupQKiX3JeTaDOlTdq/WYC33dUWehJdkvLT+vfN0wmpI2mPn3uJ0m + m7HecZJBXqprzj30lSMWH/XyJ9C0brUPCvTk2dybykYoSLANgeF+ZN2Jkg2F + kTRKkP8rQLpyAB/a1lbhVzFuSWpv8KqtqHTXU69gwY5KtuKstMFHDu3I6JsT + Cpz4fNgf3SpplTj64Le6cs7z5xVLu4f3Z+NHIiSp6QGk9t3TvwbuSVTRzXIF + 9PDenLtYeVdq+fI6lCVIFZYZczlbmsFJQpb5PLdy7wt43sSmtbqE1AGvKfAW + LoOmPrlSHvPOH1th+db6kS16wICFzsh8HMxREMWyxOyZ5gwcf1NAdvFK6jWT + A8OKPW07pCdOjTIXbvf7jjuZQyR3PQ4+D8qCz0T+1W69bgCcyg+45kBvmrGO + o8vi3sAUMwWCCFJNEy9XTkfzUIP6H1bqt6nXeBVoyOkSmHhzz+wh5dobRQnQ + qgSSvU2qQgTPd0FW1Bvya78W/hue9YifqIOf65Hv5T3Qo3WBtgIynDub8zfW + CW3ZJZc0gU7A8lR2fChSVovV3ErTUXRD/peOQmA8sZRp1hz18Ibmmh5n6YcJ + 8aoANdy8/2IWDItXW3P5zyMHFcxpQG3HP+oxv5HgWKLFM2KTwcw3aR/BpM+9 + +GHzrmvPrZ3/CkuuRnKxbj0LGyAZfUpEjEXp8zno78sKQQbpx3fu0UNNqNvw + teCBqW2pGA/OFaT0qBDbNlFYG//t6f4Ea5OiFZqSPQ9Vu0ybY1Ir5fw9TLdg + IrXSUziKefQf3po/jObZhJDJUEvRPP/hogfR8FSR9h52HqARMSsY5d6bKyon + OrcZmFLf3EGBsRb0YMCu3VLDlQzgaFPx1SRqASjtkuwJFEXWuMtkWrZyF7rl + zrSmhIVqdOtHFxbRC61r5atuEwfUKkhqdWdQ6DaILz5UPFQIPOtbaQpeWcN0 + HazWSqcO+5RZ8L9d411lyqk9KgIoHjAAYZwx0iiU3Bt0xJmIu2tyJpzw35Zj + a8GPo4xHXwwNVfxmUq01v9qEImJz5URfTkG6MNkqO53weobXCLUTiaPIL4D9 + wssH8qhQjUh2DySNlzgqxTo1Fh1J1yYvrFVHMSvWGCLeMpdyQZ1WBZP3wg6s + LPyNBZFfv/ITqHBQGB8QuzjJSBJA0TaJU4j41YIz7XSYJguXAOCY7gHcj8I/ + a0ojUVtCL3olF0X1BsMchyijq1f0ceVoKp4pGUhOJgWCwTudrvKAEEPjkV8R + 5QLcl67HyXCndVyUTSp3BK0NGdGgpGjlctOtKpPh43mXv3tSgZLiTpujFia4 + erpKy+E6S4aMjBabE/ih3pQHwVcFJlq/iNlBC7SJLoZkSArA3NPbcXwVTaLe + m8AbYWbw7iuICyx+W6qTj2nuBa9WZUKWu7nwaP/dWAY4l2WD5atwBadZ2NOT + bK47Jm6FfZXUX6h8/dH0y0GJwhTCEbrUzMisI7weCG5knXFdbQZLupGMeuGu + ivKbk9hWpaVEUFGzR2odKgMj38+B/0y19Lg4T7kuXoZPp/TonSD2y9XnwAXq + CgGRWlgBlFcp+NnxDef50k5+Y/8HL279E/kgslg65MAg40PQn/o68+BbBBkE + RbG9ccuwopMRusy0dHI4Cr6RFYUHDRC+x4w+enaZCjyVh0v2atbSZd6A7h9r + SwNuumjJ2yZWZ63wEL4m+U6+JxZgUIn5CdjKskLcDZQN/KIvHlvHKdFnyvWL + xLwfC+jLI9QPLbxtqDkprm57pXhncK1Vw0P7LpHpSz70DExP6FSX6N4uMOnL + N4g595W63Yrnsn8/yjUdMNI9rz2gRhhZou/54ALSm0o06XzX1P7s6fYDGXdT + rPq8PY3qiHGTQKJKoM6IJvJlCDDcQeAiz+/zw7OGQkjAK71HsnrLc5p1qPeC + oVMRMpTYomodTCkcS0xhfnVGOGDGVUb55MCwDzqZTBLhgCiY56V+Sn+R2S/+ + q+C4foMOY6QP3iue6oECinfaVEk547s9Thb5Fzi5WbaDGFCPD+nmajqhSUAc + vvMKiCD7L0ajQtji6j9X8kYBkU154tH3CEbL7wIi7vQRxZe6O2z0+RvwVweS + Z6YkwnAo/9iElzkg1MXymiLNbpIM3y4ZBF/J7sW+oZLDAjN1xwOgK7CGNX6O + 3jQ7tDClahh81P9vcdKwuVcZb+25tZsqay6l119V9l0IzrINLHcNSANVVNpF + RGlf1233npKGFB8A3vnjIWO6viFsSUTHdSjDUjRxdAkeUJejkbmAgQKBIhHX + eyWr+36cfidBGYBbCtILXgtYvHshRaH3i6MKsrNMIJGh21NMF58xATkaHZ7h + m1upZN/cSoua3ydNP08zzWWQfM94q7vsS4PGCMHz4lOYcDgwp7HMN8FhsBql + 76PT2TVF9dIY16i9HKg1i7zKqHJ+h96Hq+toNzxcXUwDsz8os7lDINMPVjsy + W861MpMAFPW3E18dQrR3H5hnRSVZp9S7bW3cdOsyXyaAagyc4Y1rtKtx6MVd + N+9nGSMmEVaWf2dsGv7P616kusG4nrPfdJA01ZLmGa4tCDntaHfmABPF96PT + LhWF3J3wbgskubUYyHMsXChvKAUtnhNJpuvbXjg27B35Vz3gDSGeOY3h2w8u + Dv8uVT6/jfmHXwk9l1sA1ikCHUzmo59Mwyba1NIIBzIHsm+9wRJXwq9NNCQz + 8CTAZrmkJCGV6n27cWDoE55xBVEym7Vw7xOOk+m3sSrcq7oRc/ZSBV9kTBlj + j9x1y7Gq4rmOV0OfGJdk4uzdc18zMwEfX9z7R1pw8pmMr1rWgGC9nh6Dtlvo + qzqtVCvdjJybBswm+EGjJVkq2Ru3Q+g3oGd5zgcS37elfVGfWmjU6jkvz5Q9 + h5cL4f2H8lqNNEhMYE1IU/Vs6jEExE+Z1kS6KEzC0WLEofrmNNfdHj0iGV3r + OEsH1jPJChiti9oxVky3lAvuTFuq5GpKCzRygREU0Wogmhm/uezctaOBJ8UM + YonZOq/HXs9A/SXM21eTIWXtTAjuLPQ7WGhMXuim8ddR/FJAr5K0C+iFPhXF + zar5H3py17yFnbtlfhv1KfW/m2dbBeaI/LeIwkr6j/S3kpOYbOQcEhhw8Gsz + TglLCj71UqVJXLH6b20ZxBgyV9oaJECBxYb1eV44kfUswn3+gVtvGddxc3QC + gGUD30MEWVJf6U12D9qXQfAs/IViVFXp/P47t922/LOeSwGIi6J01zUpy9d0 + BE4vsQKfCOMnDBJlCNYuOeZXlU+WrQOrBmRqyJasZwkpbv61lUROCE1v65xO + lErv/Nozs2NiTJII4WkSPOO2Al25c+aDNmB8rXA+PTlnZqDAY6keO426YZ+x + to8xct4UBbXPLi3a1yNJdiirdHZZYATX7cB/kqSqVile4x5QfxoJ3T/2Vv/G + LukpxsKI8R56TzHZS76MjO9N8yK2xtfnnVfyiVNRe4AXIUmLm/g/b9WHy9n1 + HZE+DDWaus4QuRvvmxLiVPZW6U3wheLDpDDfkMaQ59ZEyqg4JoX2ARC10uJt + fi0rMhBFuGrETTs/cg9hJgjqm6lnOwT8/zyB0hZlwpv6wGmFlmdvq3a8wIcF + WnVujSYWorlRzAitxeEeyUfjuYxuuff5bWRMFPVgVdeRuDEJuxUeRvqkl55x + AEdH3oMYejHiZei6X2wa8/j6kisJp8GR82NB7Ecvj7a/St5DfBZ+7U7CYxNm + mq1POIPHV0z9QJ869ilGw2FMxdMTb4eweS/sM6dmi+mHfe2e03/8jk9HP+c7 + 0MLsR2pHQ1WkuwcImnp6kLSZoMcx0CA0FGDyDSUahUX++6i9yDsyfkbWnBFa + 8WjOYmzkDuUkNw6yYM4OonEdvxVhRwS7AG0meFhyOYonSBKi33XQSpz33+Yc + ZhxQZEhD+t1U0Qqkf3Lvc/Q=] + cacerts: + - class3_2021 + - class1_X0F diff --git a/hieradata/nodes/emailout.yaml b/hieradata/nodes/emailout.yaml index 385b83c..053ae32 100644 --- a/hieradata/nodes/emailout.yaml +++ b/hieradata/nodes/emailout.yaml @@ -6,13 +6,138 @@ profiles::base::admins: - law - jselzer profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAZIzEQy+6GH01XZC/CDjTYDy/cMYuu5gD+M8p - j7Y+QHXLPCJ721S/+PyWcQy8eqlPDMiz5Mnu4TdCfodys4VgnCTUj3vh7DKM - F3cI0xkoEB7tBEXAnCQqPYaYa+KO/fj+kvdswghrnVaiSOiVA6rTGAS0q8/d - bxXRplqykmKpIapqKcc5vWy1Tzw/MgEGa0jJsKeAQYK4XW7/RzmV46OODTfI - kF/A0mGIPHF6wKf6gPwcWNXIt7uUtKIzFn9UYLA6kRnO3PMTNZJtmopj0dYZ - d3Q8+Fnn1j5euYNtt87YN4NcBYBmoNW61GcK+22sks60DrdiILipuhdvcm1H - x8gwbDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBZLIN+Jx5fPCvJaclk - h87LgDDL8p9rEfdTEtFIy1rREoqV9TIRLiByXGaiTjo/vWU8sojsGZ1OCJKd - RStsSa5Pjok=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAZIzEQy+6GH01XZC/CDjTYDy/cMYuu5gD+M8p + j7Y+QHXLPCJ721S/+PyWcQy8eqlPDMiz5Mnu4TdCfodys4VgnCTUj3vh7DKM + F3cI0xkoEB7tBEXAnCQqPYaYa+KO/fj+kvdswghrnVaiSOiVA6rTGAS0q8/d + bxXRplqykmKpIapqKcc5vWy1Tzw/MgEGa0jJsKeAQYK4XW7/RzmV46OODTfI + kF/A0mGIPHF6wKf6gPwcWNXIt7uUtKIzFn9UYLA6kRnO3PMTNZJtmopj0dYZ + d3Q8+Fnn1j5euYNtt87YN4NcBYBmoNW61GcK+22sks60DrdiILipuhdvcm1H + x8gwbDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBZLIN+Jx5fPCvJaclk + h87LgDDL8p9rEfdTEtFIy1rREoqV9TIRLiByXGaiTjo/vWU8sojsGZ1OCJKd + RStsSa5Pjok=] +profiles::x509cert_common::certificates: + 'emailout.cacert.org': + certificate: | + -----BEGIN CERTIFICATE----- + MIIGPTCCBCWgAwIBAgIDAvaOMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB + Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV + BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwMTE4MTgzMDEzWhcNMjQwMTE4 + MTgzMDEzWjBgMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT + eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRwwGgYDVQQDExNlbWFpbG91dC5j + YWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAm3eL8pUC + xyFWXrqHMbL6mLTv0bYVJX5AMqLybKtUxvW8+Qk4By+RR4QKyA6v2Yxq2hFTLxJp + tWJcs5DwOJ6JyJTFwTUuPQ+FbPtJjDEx+nh5nO63S7tLYy8U6/yA//SzFOTVUlPF + sXg6H0Rzx8PzoS8KhBOEUYVDwgv0vEKEzCt29YxeuSEm4lXk/kjqTXAi3S1ZrIHK + KwMzZwndjP15VO484MBK4V3MtHj6iLflNuQ6zU/b/nkhyOtNJTA4dqRfI2zP0ctN + XuMJwK6lMl3SUkFzuMShWR2pxw+0wD7YOedr2H6R0fkE9Lwpdtf00jJI3b4D2Cg+ + Wa2kE2Vpz11toFWnxS2EaHKcukA6IT5Td5gZWTA28aFyoXi4X3hHV+3iHNM38O3g + M1l66bmloxIZqVnQjVp08Jf7CAvSyIhGXROiizz4ResIp8Latpmg+/5HY+7RsRps + 4TztKffkuwosN33okn1b+vfW/YNSI6R8d/vPP/dWy20PYWKmXgDXBX3BO4ITZ7nM + 4rvyZjzsIjDGqAd6NVieJypQ6fDn/hm2llStmHnXeJiS/mVvbqAzzdE4g0QQ8uSj + 8Ytqkc0zxoomIrA7aGh1V4xsOk/64zveunNeZFsBN7CkcppUeaZ61oG/TVBOjQRu + YtNxHaQkSUWw7ERVSeLxlJwnKDnw04EfMYcCAwEAAaOCAQowggEGMAwGA1UdEwEB + /wQCMAAwDgYDVR0PAQH/BAQDAgOoMDQGA1UdJQQtMCsGCCsGAQUFBwMCBggrBgEF + BQcDAQYJYIZIAYb4QgQBBgorBgEEAYI3CgMDMDMGCCsGAQUFBwEBBCcwJTAjBggr + BgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9yZy8wOAYDVR0fBDEwLzAtoCug + KYYnaHR0cDovL2NybC5jYWNlcnQub3JnL2NsYXNzMy1yZXZva2UuY3JsMEEGA1Ud + EQQ6MDiCE2VtYWlsb3V0LmNhY2VydC5vcmegIQYIKwYBBQUHCAWgFQwTZW1haWxv + dXQuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAJ36PW+MgEttbjBa3EIlu + KceB6MHywr4YkeYXlL0WHl73duk7ltGdvOttbZ362BSkfI8ZDb7qZ9/kyE6mLHrS + HiFHIkHpHJscnisOZQbNmxxov5Ahx9pH2puBMLddiZoZz2QR5lZ/dIwp1KwhIOcY + kKMSNsIC7y0U/nmOeIn4W5FGwgx3/DV24Ixb+qe/rJExCs+hLsi98UOyDVdHBvOz + zSa8s+UEds8XdYRsYPpXb2PoZ4D1FP/Y6mfnfj8uKacmxbc/kRBWKDXC07qprOsb + 1VyanN1LMgFUWTg+Bv7/km9Ij+dMBkwc1yyBKsWfqYOI2tt4i2eP5eD4vKdeYOZ2 + MECVaa6e6ApRd/h+biND208jo2t7QQpbU3rJ6VMyUWxdgmRyAZGVqg4khoGMisiP + DfrQEf5waHrfHOOrY36wvxtseugvCcReNsBUJ1bEZoYkfMNRy4mB73KGIFRR61yi + pP/T9w+/W3ynMLFH8fGEmb4kwiUosuOUNbQXS7vc1aCXRurDJ8ElJI1/sHhCOMhh + hNZ7BJAYhsMZpEWg4GpfyGSt8Gf1+ZWHxYMxZvYwhlWWuG5810nwlJ1nQvF1DON0 + nULuB/Vc40Sv42+cbyLKW7tUDs+vOxAw4JARaWUj3GwgsjnjNAheHSvsX4dw/Ixx + bqrjezizBfXP9iJKZkPO4KM= + -----END CERTIFICATE----- + private_key: > + ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAkPDQS/JhwRl8pBHE/uHqgKGfmri48JFv8DQQ + vzRLsqLIR0Y3uQ03UbF45RL9/4xudIZtk0gWEPaX1gAjIPnYLnJXjCcEeiU9 + IR7TDrqqcIHpwwUqNn0nAiz3aA5ZFgXHaDTkIa4rCdhVEWTTNXu1+0v5giQO + pCn1AMV+ivCITLtDLndk4q1mTQlnbk9Jsqbyi1QRQYVgxxXEWJ5L7PpUCUyd + Hs/BTPIn8CaAnxrmhGX121hB56txEXa+PJMVm2NS6Su3bkT0YkiPFR536FBI + QZq8tp3V/pHARxF5s/QIBBoqqlrzETlWAua96uqt5ST5mLgMetoNu7pUnZzK + Z38RKDCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEG8jOnMmbK6h12lT + 38D9n+mAggzQvlBC+sKIRNN9IP8Jw1dlQgVNqDsmwVNGRs+UTeINuqWBowem + YH4LFYCEZi+BLO9zFeVaQX01kk8J6G1az5O3hqbaGCmMTkl2VcaL+isBVwrK + lW2QmdIjD1YDgvdQTOeSBtqnS1O4Ywle2/wWn7WCExpDSYwRd6AYZ63ewKjS + dgH8XrVVdVaQ1jmw3oz9KGxsWkFNXguGKbtjy3Hiu4cyQ63yhH3oT0koFx7A + hfUMvizDzP54uUv7oNIKZyHJv61EkYvTj4QtM7gjUE7UYvICelCbBcm77HEH + Vg6O35zoMqAre/cWjMT/A6z9JJY7Yi4rJMjvjyrd7WLr4MAbdhfyF/KDaktQ + iLRPz0M3Gp/IYreZgyVX4bVInpoC0cH324ey8hhpWzyVSx8O01feDGS0M4Yf + CxGho9BhyhCAtKhepfYdt8CxZfIM73PugL1MrFNKkVTD9zyOcBNvryfLkSJK + DVtb/Ie37twcGENfilQRjvbwcQD3WSygnkwnBa4/ikKqnQLccNRFinxJDg3h + RpjBnDfGrFcsDfxmt8ioqFnawO5VIPTfxzpWfP6eDDGWJRm9V6lBo6rY/9Ll + yfPCnomc/6GmAezjBGBfvcIs/5LaE7ELmPZI77W0UU96YI94hOvdV5gxKFp6 + kznP+aOSTKIOQx0gLGTUkYvjYakMGWgA5hRGE9TaFCx8AMGCH7tPT9JHqMN4 + xCT0EPn7fg4NsJIbhuW4MjhTsde6Hm4QKH1QFHFZ1QN1pSCZv3coqflY2gdR + 47rBv6gKQgFyoOhu56bUsM6XUIexG/TMqaXE5lgP08bON0CeX9L2OVAB6coX + uIBAWt75rBFwqu/kMf5JEYksAboC9RJNVY3g60Q5VBwEajtv2ph4u058MIc8 + GGUQ9ZSKMjdO6U2RliUrHeKbNN4PggwihKqYP5xneQGyBlh4yvWPpGjfiXiw + TvTnFcaEYWKJpi+sxHALItY6GbRK0eVoV+q6MaJklQNjFkwtfv3vQyFGiNuI + /8HY7Y+QqjMPrp4WstvEIhS6/B7Vme+0AGxvlFefPl8Dl/oCkQeyuHAPgLsm + T6XdxhB/9pW0fLPmXhmK1UNGKYgZ1IgHj1iE6iXGuTxQLIBBkAQCAD+kz1O4 + /dsCHpvz+m4AAwYaRRFuvmlHuDYAI/SSxut5vc0YZFLW3ZykUDPKR0C304ly + kusSNISHm5cEYsIwyBiHPCzIBOZfb77kKVeh30yxv5HwLbIiWcCLltIxwfbs + dh4e3Q+YtcB3getVmtA7scfmplVCdRhZm+fAZGsN7Bd/3Sg9hNsac8AcNYoq + zK4msU1pIGylkdQo9bvMY70JAriFBwNYxGqgOnS93somN42016IIikIF/594 + 9QJo9CA/BQieYc/tC/T2SWcAG9gkpAGgTwwKOSPSJZ0h+lmwOt8kubqltLg8 + NF1rhmIN3uO7l+u/V3N1Sc9jYfWkhz4f+AkBQIa/H3iI3rsEJOq/SVErY2Lv + IweMNhKJjSGFNy6pmtJoBH2pRYI23Psv0PZEN18XphW7JfM2Gdg3QIOgtvuJ + psO80urPEHnjBVneKE74h43o/bmqGw8X3cM9lk3T+9vzoWmDhiqxox1C2wBU + gZ27QvceheQK/TvyJPLz4l9vfVd7cBU4QeDcLT6WqALiJnHkexbMf3gDMO+r + VrzGrdG51Q+mWC18spcyPPSDRn1A7kXRbFdKo/CsvN0/4h3ZkhqDc88oXVMM + AFJIcRCzsstwPdaKuBWLVydyfsDRCWd6wRnS5Q6DakR80n6gUFlt3jkD4+3Q + ARsefl/OxEog8MGol28ryWfcjFgUwu1+W22dOcb87Iflpm9KNLRvyaBJHmRX + ZqJrv9Krf/dVg5gltYYNbOcxVuBj3TZGPJwSmarJSwik0tXXm2UFGFTIn5VS + +wjcx+haxjQh266b6T3tMFjhFbVXEEjBnpJsK0U/h3d25Kafdh3qtlKbgkBi + Sb69aKRSArbSxFrNBXXIG2pJPE0zXZ0OdzC8hm4XlBO/OP4DSVEW1zAgVoLP + bmGoEuSTM05EVfUwQKUVI1WSoj+yyky73najG0vV4MNcPymcKzkUew8daHYH + jZt+0Gen/ukbttsjBY0Ar8izqqpA+1Tk3+TgLtzms2jo8xv81lovdM/9KPAB + wVi4pxMV7HIXmpjiJ8ggRqc9WsFLCJ90rcc4+qbo8459GV7nHs2BzsR6cXFc + SaFIh4X6pHkkAUrVpFKBzE+LRJ9A5LLx9VqjVr7QjEZm2PQNhDFXdsIpl/4Y + wWOaWUZiax5dal0Qpuu4qNq6LzMlGKjkG/hvv3/1jAUvHnzB4U5zcfB/w+4C + lBswCysLXY3Gltuzlw3uDiTAnPdl6KjMALqWOOpWQ8vYyNH5wXpRbBEH3zfb + 8rXO7pk9LPR58HSG6ZpyHrNC/LhIDsDy4a/rnuGVhDzKuLtCR+ID8zsUTZDG + v9lCzbnF3Im03uxIzMqpo27tpyPcprcUD5oI/nFJxJc/AXkSlqS3D03FDuFR + 5MoQvClr7PxXJr56kMZDQ4OcDA/szkgPe6GokIikmksJqPXQTnfrOja3UUT0 + f1jTZe6xWKvBapwFzNxsby7ovJP2y1jIc8Hj6AVJ23kvmGjxdmsmd9h3Rvfc + sFXr9tXVl1ejdK+do+7LEs/WUCxRn+3ks8HFW354dh4MLLES2CvBgVMxqeIj + nhjU7Xa2s6rs/1KA58D8V0PrTVGKFOl/fRiD3ZLULPBIWqCTuh2BoeuyswlS + vq9R7auI6Fn5Pd1lHnNVgriIDYvonG473idNVICoE6FgXRUHEzvtAISnedjQ + uMY9MNOtWWiFkCfWGEPFp+u7mS6A5c7IuPB9pXTHwSxX0EXcBtb5GxFsQQtU + QizoJL6wuLHtE9Ng1S1XAYYkOEsnCzJhTx1uyaD5cddACX2J84XoOpX2ixs4 + EZCqLn61unt7djoQ6EBtF/pl+vbxXlwHxcPcKwOsDmFqBSFjmrp3z62Oawx5 + CJ3iQMxEOCoolhB+TtQfsoDAPMQKNdLIvcoNL2xL0O4WZ2C5ovOGNvXHmJQP + JsXSek+xbMSYCIT3gKkqKsKnphCqoUxTVS8UXdid3wtwWR0NbH2uspdQa04t + BVb197y489G9U+Subj9i2PmpL/tTWQLderlhfeFoUk894YQ82BUMgzg6t2mr + MmOStxqw0qGC7Jp08skgQpjWcHoH35omHWsBULtWZSy/qcxLaO+NLFduUDY9 + 9kgyAzZ1lCH88nF6IMOD6PupZcsV4uV4umPOD56ldWMxTw7FPV1KjUoxA7Zo + DLaO8T3HL6vAE/OdMsaF2NqdoT63fmkgHcF9BYyH5Q7fIfPcXejyVdJALnJ6 + JnG/LX+iFfc6pLg+oSnF7w9ltZyYbRRqCmZJX5vLtTtoSiaR/ZjCBpxAVmQR + 9VpcTexq/b5UgGYAeZz+E2jzemLCwxxpFlIdflztLtbC2vqTbI4N6YGHVryg + QKLEVQXDCN299DtxpfUyjaJoIVoN77x5X1A/JpzP/bhWnwPpYYqSqGFdGVpT + SNCDVWKWPJ5x3ocoj8egUXoBbfbyGOUvARfubEwqXFJRJ89wjPDWSR/4RUjP + KBi4STCC231P2yCU3TC4AFk+ZbI9uSr+kKevCpNAldL2ffIb1ymzSGT6JTUC + VEQHlRe/j2Zkc6uMbTCpB6YhslQAPHip1Vv+u+5PN6mndbIOtFAXTRwIHSeP + kmTI4lcPvqy03IjIqHAML0VUk5AuhpsikHg3IruejIwBUDBvJS60i6+fkqoa + Ac04QbRNV5pkEn6oFEmkMFZpVprON0XNYN3qYsUlE6lGhnf4245aE67WN69N + XwS9dC/LAXXUBuavdLjaqcC4uIdhK+K2oHQH+rjMHOWDUpB4nt6PJKm9MeTR + KEgp4kxpiCbtiFjwuX4NFArtvpWaYU0F5181gBTdnGQPA6SSswDXui8LP1I5 + hw33S4CG1ZDuVncYAamnxzAKywup2p3H0pIzd64LSWmGrri+dS6Cd8k2u3tw + 12GBMY6cATaIw57aoVruFArQGSM6qAc7EzM0W+Fqw4wpcH3rfqPp1KMp7kdi + SCHJRl2QPSKQf9j/WVQsW2KtgkkDtR7J3+TGNRmuqZcwyiTL81cSlwzz7+l3 + M3XmZiT/8Ozgz6ema+6jh8RuH1Sfdso55ZtDDLOzRhGRcTNQCKTMGCsT7udk + hRJhswB0xFKcIdBny6wKUIU/ntdf3Vd3oHSiovtSS28swTL89Dn4wAfE/JZs + NQH/+lvFMvxYkyfA0ReyLqKPqUADTZ3dAfIX+6BwtIiwVSkdbuYJ+J/x8Bw8 + YNYOQPEZkJB4c4z9gdFPI+s8h/1BOCyiwX0/h7AOJl5f1Wm+IqmX6reFExaU + T4W+bg==] + cacerts: + - class3_2021 + - class1_X0F diff --git a/hieradata/nodes/extmon.yaml b/hieradata/nodes/extmon.yaml index c25626e..dd79b75 100644 --- a/hieradata/nodes/extmon.yaml +++ b/hieradata/nodes/extmon.yaml @@ -5,118 +5,117 @@ profiles::base::admins: - jandd profiles::base::is_external: true profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAKkrkXNGDfVW85jlLRp7t1KsHr7fzVZUOiKgI - nXxfq7bf6YceZhwDM4h02X4ch+amxI/q3jvrrjgUAGLY0D5zonWNbA7T8zps - fogr5FhzJzS47iQbHDyTmU55xOCjfujvdoUtiBLpeh1IZ8DR5fOgMqpt9Y4M - LnSVsh5cnWdWlYq1/sdG7hm70QzTYZMVy3noNSfVPeGJRx0iTDpyvEhfV8+P - NxAzNKpcmIf2UGUq7MxaAyjcayfpDwYXvH48o72vzvreY3KbCkBe8eBtmmGr - beIWk3uF1/HGex0nMJLGKV57NdSrKz8I7moYp5pGhr70W2SoQFW9EHH6RSNm - IdVtKzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAZdHtu1JgImxyR3tiB - 9Iz7gDAdG7RekYIvLTmxoQxapU0ATmqM8lsDrFs1fy8LRz4T921fD8FqiC7x - EEWxfzNn0ZI=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAKkrkXNGDfVW85jlLRp7t1KsHr7fzVZUOiKgI + nXxfq7bf6YceZhwDM4h02X4ch+amxI/q3jvrrjgUAGLY0D5zonWNbA7T8zps + fogr5FhzJzS47iQbHDyTmU55xOCjfujvdoUtiBLpeh1IZ8DR5fOgMqpt9Y4M + LnSVsh5cnWdWlYq1/sdG7hm70QzTYZMVy3noNSfVPeGJRx0iTDpyvEhfV8+P + NxAzNKpcmIf2UGUq7MxaAyjcayfpDwYXvH48o72vzvreY3KbCkBe8eBtmmGr + beIWk3uF1/HGex0nMJLGKV57NdSrKz8I7moYp5pGhr70W2SoQFW9EHH6RSNm + IdVtKzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAZdHtu1JgImxyR3tiB + 9Iz7gDAdG7RekYIvLTmxoQxapU0ATmqM8lsDrFs1fy8LRz4T921fD8FqiC7x + EEWxfzNn0ZI=] profiles::icinga2_certificates::certificates: - - - name: extmon_client + - name: extmon_client key: > - ENC[PKCS7,MIILLQYJKoZIhvcNAQcDoIILHjCCCxoCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAG1qZ5pPhQAQv9ghCMKaDPplIln6/YnO2/qvH - 93vQPs5MMxuX43jlio12HyakQ2S9pn7EjQFd+rRKNMwIw84472DgpXrvZq9z - hmIVar+2Tg15+7cWcPf2jGGmLesCH95o1v4uV667fXrUbOCowMQfG+4zGsnV - Qo+n9pe3CnvK0HyDNDj1Sd7+mjum6cSUbt9pnXZy7G+Q4XYzu+So1CoKmhdY - c8pz/o48ALeOjPT5DOIni87b/rOtclldATQtgtksE8CCA5jC/hIk3LaMh9wi - J15NKxy29U/zoMLsWfYQn1/5aIgHuPeV85lz5Eiglue+rCxikpmfsx+L+ZPM - G8/zBjCCCe4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEA1+ZW6MTau1jUPA - FrfiXqSAggnATj/0QSn1fjaYvsQJH9dV3imq+vh7+scp7sFAzzwEKMOABaFm - hgUPQQjuJ/CD/AYTdarGMqI860D3vDE48RoqFSxW57FB3ZAqANigzZg0k+TY - X82r1Yq6qdZ6StuiokU97OHFbKd68i7Ibf0nm4XhaZ8JKvti+xKpJxaLY5iL - KGcCIQbZE7QOmlpIDEUFYdVX9jbV+9NJNo8F7jmSvT7ZI1gU46PapPoRKQun - +Ka8Fw3BncTx14IoqDJgzfXpdqLLB8sXEcCbUF4uLBcFi76dkw2be93x32RZ - UoajUlY4q4OFbGrtQSEvQ2uEI5iI6UmPnN6u333ddmH5NvW7Iu+pCc122v4b - VKR0DBGhsasvKNyxnIk5u7cYV6azG6tKTTsYoNMkiBqgEGuLr6FtZKyaqtri - HYGq/tiq8AWlMtl9hSEKHePwng5RDiRZu3K1Ux4m93sf7dyw0PrQxv34OlxS - QMDJeMqmUMyF9iwDCs9h1YWgHlSpUbtpw9CiVJMu6mzxjNBIwnKfhq5L+nCQ - c4nDXkzvYQN/KA4wUl/+76IPKo2fSLWtkbwOPDCmjojbSIacIORgzl9zuA2t - j8n7QDPtFxEoC3Hj36XlYQlPITwGb0Gu6DhIOYt5rYo7IjNGglSyK6OfFFOb - WiSmaJaUCrpCWpgaASOZdLFzo6oav7WDj74yyiV+eLziTqSnn6caBJ6eKrXh - Fjue4rwqNX4fF8P4iu0NoxJDkiK3DsDRPHpRpJM8LLIKgiROJccWrOX8O0Uk - xlLyMI97r4vnX9R2pHPSGfsA1OwJHOKPC+dld9edFzuqy/Wt9MAQI6xyYs1V - kGjHA1DGxDHCMTaOUm3gJ3CZg4FU0A7RuqUjNCXHydCfE4kv069xVgfvfOFt - Y/dEnON+iJYtWjmAr2nYkDHYfD/l998W0W7D2DuvhzhtYZsR8A9dwWal8vhQ - e2rh+Rev33DiuC4GfOFXY3BBEsDjcOeRu7SnN43ffkFwnc3cS43oaFwF7Qte - 6NkwvmXgV6vguDSSLdcUtvjkiog4PlgIRLiEyxhmA37yLNhn58r8KnY4+GX6 - ELGwbWY/Tkx42EGbiidTUD2Mudg8O6lOyThQo7u0p2fxw4v8jhI6HxUmWbXr - hVlivhznMuFjleU3BFPEO/U2p4CjiwBoLnsJ78f8EOGurS1bA6nAZoFKdzS+ - IkpXNrwlXZY1TiTUpxTjJQOJi6kmiDsM4JlqwghfOmn2HVC0CFMgq1BQMJCq - E3pzAWBLNydJXlCQKr+jn+ddKjEK6Lbi9ksnltfrru93ieU25+aCNwiPd2EV - NCC6Z+KPBJykt2CEcuDggK284qBLdzOTZEF5B30tPlRnoJAAC3YfwCTktqp2 - ej71uEjEXrm9iZX6EQmVJojjjIkWeASmmB7rR/wMVsMwG0Pcz2xgtvKQ2pQm - wXaZcbBQPuyMDuvZQFCmU+3fbs5N38gw2QSqklmH/vKdzFP3h81ZSnnhrE1P - VlPnsSjgsuoj0DEP7LFQ6AbkMOquwnwidQpYZQlRLP9tX6wzSS9d3pTwcqkK - KlYMYDXQF1acQM0DC2dEX9NzwqPbeWEbe/8HrRdMc2B2pc1GXJcHmQEkOP8m - 3FNCU5uqJVzmRVL2aFJfTPhgb7zzOWdzwTHDJ+4PKGFu6ILbYsztkAgLYAOS - I2tlOYd7D/WJT/n+rO0QWd4I1GbS2kK5IYMMexRgi7DhpvRCh92qJMgPCcoc - /0kVHE/u/TLxgJ7qcPjUDfYGir3Bhna/3G3LCZDZ8Kw921iosVVTYAnoIa5P - G7Bm2guZv1o8QerMxTdHxEBmT/pEYpKvl9BrTmTZcMPfxInhfVCAyspCTBI5 - 0zC+QNrppDweVzaFoFyjk1Taf5/1dzUkQstUyhP+uJ8Hq2d7pvBjiVXRnRB0 - juQ3zNtwXxOGE+jBZCNC5xWL/5ooT5yclBRo7typGI/NLIm8EW9Dr60T9elE - s8dtTDROf5Mitd3ZPyBKe2qc7OvzTey5IbiIFYPIVzt696vrm689uw4Cl8Vy - 5Jqb3kFNtgfZEZW4wnidxoBGwqMPVRFWbpHNSvPnS9HW2u6y6SGs2nuWZvcu - lB+J5TNVeAzPw81OELhZZEmAOX/rcL/oMvAudUJlRFYVZY4z+tvFLbDP9Hzi - Do9ykUApp9ljQ1XQNDyKIISv/jJKEEy16rb7HhdSs8uwtZ6mPD1QaNq8uO5b - FZY4c7R3EJue5n6mpGJ97Z2QijnEh5NNw9Yt10K6WES3/7JBDjt0OjQCnbaF - 64garOvcHKzbpLhHhJtQ6vjxAKV1Q+HzVohOJKDZBJDP8f8xDIwXfVjVMlx8 - pjLQ6pjIaYKD8beKyJMd2IHrXb8IUs0AQIKHL6dGH4pgYZ+Wr9VVktCf1GR3 - 2IB4j8b3lJ4AjqTuGWrVAoxH4FkV8J4mJOq34RkE3V0REnurIodjZKL1LW1Y - CKzgIi6TUlZNFRBn3+/PLPnHOF0SXOgbiQv1ikLReZGkDeBAx5Jieb70ewIz - eawLyRRtwInmrOV4ajszSfarYRkh8ulN6AwcF8AVJt2cxx2iXcMoEHQBbcVs - VT+MxTfLRde61Nc6lMWyfsjkvptIyLc7MkErrPYXo/psJGwvjJw70TEHiKLQ - Y+X/hZ7ESj26bu1oiBGGD+4v6CMo4qa3RnKcvHyMbdgNccFbWQktZ0kjvQGA - MWoz/8jdz61tA+tlokM3ZEkWclrJEcyQG8N1gYM/ER9pZBuM6PWZZvp4Yfxw - F5Beu2pgJ1HlKaePwtm3itVPwuIm7K57YEyY76912L+GYiAPpvXt3B7ijCiX - kpHTUw9U2yq2R2zT1zgVePUA2pa379QmBnH1pwzfOzlU+4zli2qSlBTJAibR - LW1afjWaarigdwbDkuxVVinB/SM/U/7jQgXnCQIeVmteW2crwvH/rtfYCmja - ffmJCCsjwDL908TcpJGTFtHxKyGrseMWSqgjlQw1mqmbOU//8DXzNUIn/AJj - p/h7NmRwDQbDnmoZApNGrd9ZiNzlO/nxCD561qD4FPOmSRAIJhQuFjTfompM - U3gNYE4cGPlbBHP9O1YHWfbjWNRqgZHYa772yEJ20+4HIa0lcNOCjCqm/NPB - 7Irj881O9z/hZRWLpHW/MAtesZNe8XDjgXAs5gsYmsYHBlZZ/dP6Pwz0qIO/ - V8FVDMyMLDkJMgAKHr7F+DMzCPOsA56mdPqhHnhTIKIpBTW0R2wPWMomVg7c - vTtI+ddYRIYMdBMgaWN0z9IRWR1PFlQ6aTVGdxTBJ4gf5k8ITtjdykssa1dS - 8ObTnGjMEyiHGlJmK6cm/EYXmOOj8p2HPoBQrqSk] + ENC[PKCS7,MIILLQYJKoZIhvcNAQcDoIILHjCCCxoCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAG1qZ5pPhQAQv9ghCMKaDPplIln6/YnO2/qvH + 93vQPs5MMxuX43jlio12HyakQ2S9pn7EjQFd+rRKNMwIw84472DgpXrvZq9z + hmIVar+2Tg15+7cWcPf2jGGmLesCH95o1v4uV667fXrUbOCowMQfG+4zGsnV + Qo+n9pe3CnvK0HyDNDj1Sd7+mjum6cSUbt9pnXZy7G+Q4XYzu+So1CoKmhdY + c8pz/o48ALeOjPT5DOIni87b/rOtclldATQtgtksE8CCA5jC/hIk3LaMh9wi + J15NKxy29U/zoMLsWfYQn1/5aIgHuPeV85lz5Eiglue+rCxikpmfsx+L+ZPM + G8/zBjCCCe4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEA1+ZW6MTau1jUPA + FrfiXqSAggnATj/0QSn1fjaYvsQJH9dV3imq+vh7+scp7sFAzzwEKMOABaFm + hgUPQQjuJ/CD/AYTdarGMqI860D3vDE48RoqFSxW57FB3ZAqANigzZg0k+TY + X82r1Yq6qdZ6StuiokU97OHFbKd68i7Ibf0nm4XhaZ8JKvti+xKpJxaLY5iL + KGcCIQbZE7QOmlpIDEUFYdVX9jbV+9NJNo8F7jmSvT7ZI1gU46PapPoRKQun + +Ka8Fw3BncTx14IoqDJgzfXpdqLLB8sXEcCbUF4uLBcFi76dkw2be93x32RZ + UoajUlY4q4OFbGrtQSEvQ2uEI5iI6UmPnN6u333ddmH5NvW7Iu+pCc122v4b + VKR0DBGhsasvKNyxnIk5u7cYV6azG6tKTTsYoNMkiBqgEGuLr6FtZKyaqtri + HYGq/tiq8AWlMtl9hSEKHePwng5RDiRZu3K1Ux4m93sf7dyw0PrQxv34OlxS + QMDJeMqmUMyF9iwDCs9h1YWgHlSpUbtpw9CiVJMu6mzxjNBIwnKfhq5L+nCQ + c4nDXkzvYQN/KA4wUl/+76IPKo2fSLWtkbwOPDCmjojbSIacIORgzl9zuA2t + j8n7QDPtFxEoC3Hj36XlYQlPITwGb0Gu6DhIOYt5rYo7IjNGglSyK6OfFFOb + WiSmaJaUCrpCWpgaASOZdLFzo6oav7WDj74yyiV+eLziTqSnn6caBJ6eKrXh + Fjue4rwqNX4fF8P4iu0NoxJDkiK3DsDRPHpRpJM8LLIKgiROJccWrOX8O0Uk + xlLyMI97r4vnX9R2pHPSGfsA1OwJHOKPC+dld9edFzuqy/Wt9MAQI6xyYs1V + kGjHA1DGxDHCMTaOUm3gJ3CZg4FU0A7RuqUjNCXHydCfE4kv069xVgfvfOFt + Y/dEnON+iJYtWjmAr2nYkDHYfD/l998W0W7D2DuvhzhtYZsR8A9dwWal8vhQ + e2rh+Rev33DiuC4GfOFXY3BBEsDjcOeRu7SnN43ffkFwnc3cS43oaFwF7Qte + 6NkwvmXgV6vguDSSLdcUtvjkiog4PlgIRLiEyxhmA37yLNhn58r8KnY4+GX6 + ELGwbWY/Tkx42EGbiidTUD2Mudg8O6lOyThQo7u0p2fxw4v8jhI6HxUmWbXr + hVlivhznMuFjleU3BFPEO/U2p4CjiwBoLnsJ78f8EOGurS1bA6nAZoFKdzS+ + IkpXNrwlXZY1TiTUpxTjJQOJi6kmiDsM4JlqwghfOmn2HVC0CFMgq1BQMJCq + E3pzAWBLNydJXlCQKr+jn+ddKjEK6Lbi9ksnltfrru93ieU25+aCNwiPd2EV + NCC6Z+KPBJykt2CEcuDggK284qBLdzOTZEF5B30tPlRnoJAAC3YfwCTktqp2 + ej71uEjEXrm9iZX6EQmVJojjjIkWeASmmB7rR/wMVsMwG0Pcz2xgtvKQ2pQm + wXaZcbBQPuyMDuvZQFCmU+3fbs5N38gw2QSqklmH/vKdzFP3h81ZSnnhrE1P + VlPnsSjgsuoj0DEP7LFQ6AbkMOquwnwidQpYZQlRLP9tX6wzSS9d3pTwcqkK + KlYMYDXQF1acQM0DC2dEX9NzwqPbeWEbe/8HrRdMc2B2pc1GXJcHmQEkOP8m + 3FNCU5uqJVzmRVL2aFJfTPhgb7zzOWdzwTHDJ+4PKGFu6ILbYsztkAgLYAOS + I2tlOYd7D/WJT/n+rO0QWd4I1GbS2kK5IYMMexRgi7DhpvRCh92qJMgPCcoc + /0kVHE/u/TLxgJ7qcPjUDfYGir3Bhna/3G3LCZDZ8Kw921iosVVTYAnoIa5P + G7Bm2guZv1o8QerMxTdHxEBmT/pEYpKvl9BrTmTZcMPfxInhfVCAyspCTBI5 + 0zC+QNrppDweVzaFoFyjk1Taf5/1dzUkQstUyhP+uJ8Hq2d7pvBjiVXRnRB0 + juQ3zNtwXxOGE+jBZCNC5xWL/5ooT5yclBRo7typGI/NLIm8EW9Dr60T9elE + s8dtTDROf5Mitd3ZPyBKe2qc7OvzTey5IbiIFYPIVzt696vrm689uw4Cl8Vy + 5Jqb3kFNtgfZEZW4wnidxoBGwqMPVRFWbpHNSvPnS9HW2u6y6SGs2nuWZvcu + lB+J5TNVeAzPw81OELhZZEmAOX/rcL/oMvAudUJlRFYVZY4z+tvFLbDP9Hzi + Do9ykUApp9ljQ1XQNDyKIISv/jJKEEy16rb7HhdSs8uwtZ6mPD1QaNq8uO5b + FZY4c7R3EJue5n6mpGJ97Z2QijnEh5NNw9Yt10K6WES3/7JBDjt0OjQCnbaF + 64garOvcHKzbpLhHhJtQ6vjxAKV1Q+HzVohOJKDZBJDP8f8xDIwXfVjVMlx8 + pjLQ6pjIaYKD8beKyJMd2IHrXb8IUs0AQIKHL6dGH4pgYZ+Wr9VVktCf1GR3 + 2IB4j8b3lJ4AjqTuGWrVAoxH4FkV8J4mJOq34RkE3V0REnurIodjZKL1LW1Y + CKzgIi6TUlZNFRBn3+/PLPnHOF0SXOgbiQv1ikLReZGkDeBAx5Jieb70ewIz + eawLyRRtwInmrOV4ajszSfarYRkh8ulN6AwcF8AVJt2cxx2iXcMoEHQBbcVs + VT+MxTfLRde61Nc6lMWyfsjkvptIyLc7MkErrPYXo/psJGwvjJw70TEHiKLQ + Y+X/hZ7ESj26bu1oiBGGD+4v6CMo4qa3RnKcvHyMbdgNccFbWQktZ0kjvQGA + MWoz/8jdz61tA+tlokM3ZEkWclrJEcyQG8N1gYM/ER9pZBuM6PWZZvp4Yfxw + F5Beu2pgJ1HlKaePwtm3itVPwuIm7K57YEyY76912L+GYiAPpvXt3B7ijCiX + kpHTUw9U2yq2R2zT1zgVePUA2pa379QmBnH1pwzfOzlU+4zli2qSlBTJAibR + LW1afjWaarigdwbDkuxVVinB/SM/U/7jQgXnCQIeVmteW2crwvH/rtfYCmja + ffmJCCsjwDL908TcpJGTFtHxKyGrseMWSqgjlQw1mqmbOU//8DXzNUIn/AJj + p/h7NmRwDQbDnmoZApNGrd9ZiNzlO/nxCD561qD4FPOmSRAIJhQuFjTfompM + U3gNYE4cGPlbBHP9O1YHWfbjWNRqgZHYa772yEJ20+4HIa0lcNOCjCqm/NPB + 7Irj881O9z/hZRWLpHW/MAtesZNe8XDjgXAs5gsYmsYHBlZZ/dP6Pwz0qIO/ + V8FVDMyMLDkJMgAKHr7F+DMzCPOsA56mdPqhHnhTIKIpBTW0R2wPWMomVg7c + vTtI+ddYRIYMdBMgaWN0z9IRWR1PFlQ6aTVGdxTBJ4gf5k8ITtjdykssa1dS + 8ObTnGjMEyiHGlJmK6cm/EYXmOOj8p2HPoBQrqSk] certificate: | - -----BEGIN CERTIFICATE----- - MIIGUTCCBDmgAwIBAgIDAvEYMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB - Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV - BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjEwNzE2MTYyNzQ2WhcNMjIwNzE2 - MTYyNzQ2WjCBrjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMG - U3lkbmV5MRQwEgYDVQQKEwtDQWNlcnQgSW5jLjEcMBoGA1UECxMTSW5mcmFzdHJ1 - Y3R1cmUgVGVhbTEjMCEGA1UEAxMaQ0FjZXJ0IGV4dGVybmFsIG1vbml0b3Jpbmcx - JzAlBgkqhkiG9w0BCQEWGGV4dG1vbi1jbGllbnRAY2FjZXJ0Lm9yZzCCAaIwDQYJ - KoZIhvcNAQEBBQADggGPADCCAYoCggGBANIdW3yyGH9LWYseNDIIs+DDHEd3HGOO - H31JQKng8LdEZynotRISXDhCfI+Ys0yxMy/t6Sj9pphdoJLFpoTXUB23Hx55LYD3 - /DiUnoz9WXj0pqiiVKZFdEh1Uwb/M4LDXD4IalAnFpSz28CCr2/24f47e21y6xz2 - LLEIjFpWreBpk81Yceu1Hh+OAtabzs9R0DRX2hILfmb4QjnUNmmoSjMd4/kCShtU - xSaKGKQ9TUc8fjmq1E5fmE6lbKkiwpIDNBIJeJCTo5tq3t6ncFt/L6Tv3gsCQUag - lXq09Ca3jyWp6KzTB2sBu/8RFZaBgCcp8yJig89e07IfTqEJDKLzVqj49SMWtajM - vv0oArXNQ0C5f8ZUNV0jkszopWqgEhDyso94Yuk5MPVcCPsq9UYVEMEuPFMNVVpV - qq12MNYrWPySwQzsCAgAuEva8rrwmfrlUA17yhvdxRvp/fJtxq3f/5OA4uCT28kS - gehoo41dTJtRdpx0BvbWZIIC2mzC4kHGJQIDAQABo4IBTzCCAUswDAYDVR0TAQH/ - BAIwADBWBglghkgBhvhCAQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRl - IGZvciBGUkVFIGhlYWQgb3ZlciB0byBodHRwOi8vd3d3LkNBY2VydC5vcmcwDgYD - VR0PAQH/BAQDAgOoMEAGA1UdJQQ5MDcGCCsGAQUFBwMEBggrBgEFBQcDAgYKKwYB - BAGCNwoDBAYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBMDIGCCsGAQUFBwEBBCYwJDAi - BggrBgEFBQcwAYYWaHR0cDovL29jc3AuY2FjZXJ0Lm9yZzA4BgNVHR8EMTAvMC2g - K6AphidodHRwOi8vY3JsLmNhY2VydC5vcmcvY2xhc3MzLXJldm9rZS5jcmwwIwYD - VR0RBBwwGoEYZXh0bW9uLWNsaWVudEBjYWNlcnQub3JnMA0GCSqGSIb3DQEBDQUA - A4ICAQCm8BzJDpZtb5NgIsxKXKYKqkmhnEpRWuRlTgrAlK3Fj1NH6XSs+gJt4wNz - HPMtPvJYgqPvDUgjujCV4ntMt/bta5HKaQ7l8Fol9n7fL2K225o0jA27ajDdNNAU - CdZVGLkeQIS5EuAZ3jqt59TbKy5ZiF7zLE/h3LbXolykom/7pvmgKYjkIp5sKvKh - gGndU+roAKejLaFgxCWX02DXC0qj31vgs81YM1i6D4UiUPP0NOoAPYms+9rezk66 - bF+pdZLclSoUPoral+qg/p7mF0+LaAxg5dptonX6mPIkRQPSmFXMWWmiqupyS3aJ - Tg6pxPLoH5n1DCWRWmBeWbpNRgXhLV/hFdNn76kVZx2+NeOaJ+WkHMfc82cWUsqw - 0DwHfaFEruLAK97vU8B2lnX7jvOXP5vTzPcp7X01EES9g0dkXsknBDJRPjm3h8A3 - v5A+zi8NuiBHXcEjfh/2XUXNEpai/ZVmjfg6XBlkGi7IRZHdQG6SJ+3FFOBXr7DO - pjoj8eOUx2i3/Zc0E7eA2cnFpwlTcN9v+7yH/U76VxGpZw0uN5ZV6/QVcxrFsUER - 5gCzDizhtDcTsX/4/6giuZ9AzaxGfhCTdI+4iq8txuX9bVPizgq36rICHA4NdF39 - IqsKlypGICER+j5yre6te+uuNhimIYbtpaalp9fArfOhxMDjRQ== - -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIGUTCCBDmgAwIBAgIDAvqKMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB + Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV + BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwNjE4MTAxOTE3WhcNMjMwNjE4 + MTAxOTE3WjCBrjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMG + U3lkbmV5MRQwEgYDVQQKEwtDQWNlcnQgSW5jLjEcMBoGA1UECxMTSW5mcmFzdHJ1 + Y3R1cmUgVGVhbTEjMCEGA1UEAxMaQ0FjZXJ0IGV4dGVybmFsIG1vbml0b3Jpbmcx + JzAlBgkqhkiG9w0BCQEWGGV4dG1vbi1jbGllbnRAY2FjZXJ0Lm9yZzCCAaIwDQYJ + KoZIhvcNAQEBBQADggGPADCCAYoCggGBANIdW3yyGH9LWYseNDIIs+DDHEd3HGOO + H31JQKng8LdEZynotRISXDhCfI+Ys0yxMy/t6Sj9pphdoJLFpoTXUB23Hx55LYD3 + /DiUnoz9WXj0pqiiVKZFdEh1Uwb/M4LDXD4IalAnFpSz28CCr2/24f47e21y6xz2 + LLEIjFpWreBpk81Yceu1Hh+OAtabzs9R0DRX2hILfmb4QjnUNmmoSjMd4/kCShtU + xSaKGKQ9TUc8fjmq1E5fmE6lbKkiwpIDNBIJeJCTo5tq3t6ncFt/L6Tv3gsCQUag + lXq09Ca3jyWp6KzTB2sBu/8RFZaBgCcp8yJig89e07IfTqEJDKLzVqj49SMWtajM + vv0oArXNQ0C5f8ZUNV0jkszopWqgEhDyso94Yuk5MPVcCPsq9UYVEMEuPFMNVVpV + qq12MNYrWPySwQzsCAgAuEva8rrwmfrlUA17yhvdxRvp/fJtxq3f/5OA4uCT28kS + gehoo41dTJtRdpx0BvbWZIIC2mzC4kHGJQIDAQABo4IBTzCCAUswDAYDVR0TAQH/ + BAIwADBWBglghkgBhvhCAQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRl + IGZvciBGUkVFIGhlYWQgb3ZlciB0byBodHRwOi8vd3d3LkNBY2VydC5vcmcwDgYD + VR0PAQH/BAQDAgOoMEAGA1UdJQQ5MDcGCCsGAQUFBwMEBggrBgEFBQcDAgYKKwYB + BAGCNwoDBAYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBMDIGCCsGAQUFBwEBBCYwJDAi + BggrBgEFBQcwAYYWaHR0cDovL29jc3AuY2FjZXJ0Lm9yZzA4BgNVHR8EMTAvMC2g + K6AphidodHRwOi8vY3JsLmNhY2VydC5vcmcvY2xhc3MzLXJldm9rZS5jcmwwIwYD + VR0RBBwwGoEYZXh0bW9uLWNsaWVudEBjYWNlcnQub3JnMA0GCSqGSIb3DQEBDQUA + A4ICAQBkwXx7IEeXNytbGtv6IQlvJz1tkpOz8asBgbtD1byQCO7JRUDblQgzap2y + rgeLZc5wnTYP3FKnzquXvxfkgfR7a40WPTSPpvrSXMY8/BUvlNgYVpYBjMxGsVCX + gW/vX2A7+vSgJLUkCYJL98ooT+kSmsh8Xs6rB2Jz8yCDC8Niu5jUta47YCviuvuN + Z6c8mNqrFV7MfRBBfGodl5a2djFzKYhgrPyaT01qr7Qa42wDOWs1Pl1uD4Z8m08N + vv51y694gnWMKAhM42AKAEMiybHJ+1eIV9sOkanBDjeCAM4/ugK5Gm29CnI5rNV8 + VZMrksS/YiMZPPHrVrqaUHVceV0eqYRi1bmIRvaSBEEJGK4YF52qmBJmuszqBnTW + YZ8CkZCPOI74K1wpG1F/sgME1yu9WbxjnB3Ig3CZ/EqJmhf66cgsmnTbpOsabE8v + 5eIsyfAKlAcNRNGabDyRTVJsSlD/ISivTnoQsW1ay5bLkyHgmRgc9U4zvNeMBKWz + vJ/126fnc4tkzlk0SM+ntph3xKAaqEEZX3pchnxlNWohS+3T3c6lUA0YUsvC4vL7 + N0VLPi3YcRzrvciSNXZTpTrYnKOWKW6DKp6T9AVaf0DxcAc3UvCQd0QOEhqKnntn + kvuUL+mj0ZV1h7F0/NUmtEb/OOt/Yt0LgiIYarfj2tKipgCDuQ== + -----END CERTIFICATE----- diff --git a/hieradata/nodes/git.yaml b/hieradata/nodes/git.yaml index 4916473..f2a056e 100644 --- a/hieradata/nodes/git.yaml +++ b/hieradata/nodes/git.yaml @@ -6,13 +6,141 @@ profiles::base::admins: - jandd - law profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAicLOD4qZ/TcPgGkP3umuFlFULVt0+2Kc6cw2 - TtRS/9fBxBNykYPKIKwkCf1pvx4iZMHk+cCzmi2jJUgSual0AYMx5+Ax+tzW - FQGYv8U2fzC8yCvY0xRMe/pls58rrUxVRN4EcFEa+NWIGiIM84ds5qdCY5SY - g2hhJql3N1KPeO9TMWKvrQjL6ZKvHgOg71KrP0+TnYBUbZDRPnklNnvVCCj5 - 4i+l+pgI0H4eEO2vysI6xFwC8ntxOqo4rJTAmLypKvshDpHPdgWShnBtcQq1 - 4yxr5ZTY22pXD5k7cVRtPn4WyW8ackk3be4BH0AtUd4vA6Wx+bJ7qLw9kd/G - yZSmjzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCJyEfssCaSbBwlVn8O - qWALgDBDQ/V8TsmywwNNLfl37qfDD/xaT7aqWvhsZsvBl1Z9/go4u4gtxKju - Ga7tgV79rn8=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAicLOD4qZ/TcPgGkP3umuFlFULVt0+2Kc6cw2 + TtRS/9fBxBNykYPKIKwkCf1pvx4iZMHk+cCzmi2jJUgSual0AYMx5+Ax+tzW + FQGYv8U2fzC8yCvY0xRMe/pls58rrUxVRN4EcFEa+NWIGiIM84ds5qdCY5SY + g2hhJql3N1KPeO9TMWKvrQjL6ZKvHgOg71KrP0+TnYBUbZDRPnklNnvVCCj5 + 4i+l+pgI0H4eEO2vysI6xFwC8ntxOqo4rJTAmLypKvshDpHPdgWShnBtcQq1 + 4yxr5ZTY22pXD5k7cVRtPn4WyW8ackk3be4BH0AtUd4vA6Wx+bJ7qLw9kd/G + yZSmjzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCJyEfssCaSbBwlVn8O + qWALgDBDQ/V8TsmywwNNLfl37qfDD/xaT7aqWvhsZsvBl1Z9/go4u4gtxKju + Ga7tgV79rn8=] +profiles::x509cert_common::certificates: + 'git.cacert.org': + certificate: | + -----BEGIN CERTIFICATE----- + MIIGSjCCBDKgAwIBAgIDFR2vMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv + b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ + Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y + dEBjYWNlcnQub3JnMB4XDTIyMDEyMDE2MjQ0M1oXDTI0MDEyMDE2MjQ0M1owWzEL + MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD + VQQKEwtDQWNlcnQgSW5jLjEXMBUGA1UEAxMOZ2l0LmNhY2VydC5vcmcwggIiMA0G + CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDIIRf8Y6kJmlD75bUHFspFK3vsCxrN + Txf1l5FF0kRnpp4XNMwC4p75VZaeVao98jAvvtpdcCDfZUYbVWCxWEWZbC2njK76 + +hr8C6Y5q7BCGQ5cfJ+w/YMaTXebb1iWcgbGu7KWhHcTg6I498XzEn0fGBgfPTUD + xk0PiS0j/8/rp6UWcHS6xxscRQ6wO0fiEKdMNHzZ4A6Dj57M/Mb7js3YJ/8FbIUi + 94NF9QlRyI2H4m5N/vLZtknc75doyUq5PZHDkSwHvD3VA2Atd4mq4bJArMrIx3I7 + 0JwZJbAS6DElgwxDyq/o8dEG/JSg0PCbtGqZEBAXpUYDloSdCy3CDl3MEjwt5Y7s + WxqXadGmb/Vn9igKkiK8FAOvBESLlSNZFqPdxXdmmUjlKgnARkA3WkdMTcADwYhd + 03Kf1NvTGMVFJWLPZ8OjpYgfQPmxt7EtZTAw3/VDy0MYLzBwB1EoDn2Vh3LbDzSe + /HAzG5drxgICA4EuHQOT7vnerogKd5OfmT0zwysxRHXEl2+DiYX6QpNDHp9j4LCO + PecYMrhe6KUnB1Oju6pgqTTP3AFUSqb/LNoQ5r8+AWcVeOpf9JUmNJJQircD0FBv + GYtiSsGE+puoRm4cy5HynCWo7mqAVNsGAW67RNx6GMorBA/j9LLjARyVwasQmYld + i/RwBNObRh4bgwIDAQABo4H4MIH1MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQD + AgOoMDQGA1UdJQQtMCsGCCsGAQUFBwMCBggrBgEFBQcDAQYJYIZIAYb4QgQBBgor + BgEEAYI3CgMDMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29j + c3AuY2FjZXJ0Lm9yZy8wMQYDVR0fBCowKDAmoCSgIoYgaHR0cDovL2NybC5jYWNl + cnQub3JnL3Jldm9rZS5jcmwwNwYDVR0RBDAwLoIOZ2l0LmNhY2VydC5vcmegHAYI + KwYBBQUHCAWgEAwOZ2l0LmNhY2VydC5vcmcwDQYJKoZIhvcNAQENBQADggIBADl8 + gHV6Vs0RtwlmdSKwdbgAjsDcjp7l2qylfCniLG19OVoNZNFB8pxO2tCK3cv5xCtH + frRh9hMjOJLDAy0R0R9xoofdKdIV/FDN8T6o79r4V1olORNmtaY2iJ0ikV0Urt/k + vx4q5rRImAiInhh872wnWXhHMteB/zc6d4j34s8evjLDOh3wEjvrEiWyFGqp5CfM + a+euTk3SbIFmAvL0tknNA1S0RD4QntNUrViFdu3wQfnGEkqRVn+noO//wo369l7I + 8Yr8Dj8Z4ldykyiHOuYwUq3BqdJZp7NIE0miRAaDh1JVdXAwPo7EV1NyMPBf7GtJ + 1OqmTdZ4NMgNns0VWXN8bvIY+Xka7g2vBqYdhPJZusyzh6WHYzfTOthnLIib4dJ2 + 4g+NKTVuJqYKLu6s2Q9CD3UL4spmP0ZoFRE5BVQJhQys0vJ9+wRyCjJZELGChlfm + kOm4cB1SQ8ZVA1P3UrDT5LOrcxnpgBw8D1lQzWKWxo6hStGcgqhyIDn1x3BjQ2AR + bTpkzU/496Rz4E6s6qQxAmERAEiTFCiRJC/jzuUGt6tiBeZWROHNpfIJE2W7K3qo + S6Gi8C4RDrFaMStDFXnyw8egBmdzjCWhnkjqZXPTzZwa4bai4Th90egbfMLHHZS2 + KR2/Pxkzb5Mh+FYFNKNfJFzr/u5ZntuLcifbnLbg + -----END CERTIFICATE----- + private_key: > + ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAZd0HoQNTP/7bxszfcQduygnbGmtMdOne8njH + I9Wi3Ncw8Te0i9eZAps33SrAf1yKZLJwUbl05FTO433R+JSqH3/N7B4PoJwC + xlOWSN7YeNcCR8Viu36ezwJk90MS9mcDnGwXFfiF+EVk1hRCrtDdgJGMhBkU + snUHJDQN8Zt7L+e7S3UbTWf0niSN9CIkgqgYNq8n/PubdtozW/l+3JaSuhgW + lYrBq5U5QWQocKZtcsHdtRwwEqtx8rcGbor1vQWL8Tp2CoU43I6NxFRQDB4E + qtB3fxxaMuJlhq3REC3oTKpoVTSl1mQWw8B7Qdfra5wt9rtktclpcNQYv6E/ + FFuuUzCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEIYWVHR3lJNhDET9 + KS3GUt2AggzQhq187NYKQYN3rGF7lQis80jDeeR0GgEsyFZroDtoQ2q6nUS0 + ZrxH6SJqxMEtQABCs6CKjrRA6pVHa/k+haUTsbQq7r7OlWL8qkk1OSACiAaI + 23GqpiAz/8r3UQvDmnF1vZhyFgmp1H8xrWj2qRxq2okeVoDphxqQjxSQ7TfA + qGoH3FmyqZ7OPnw2KOEn/OFflgQPuJo+5hS8Uot7GadYmmUV4CvOst6vwSyr + BshVStJLSxbilaDPjxqSdPfFz0B/XT4a0tCG0msnCL9zclzbiuTU8MSIA55l + S6o3QfX2AeeU4vlV6PLMD5RL2G0n1rPj+MJgNKsuAiE9tjTrc1GS/xYQqKiM + WKF4fXORnL8iVLlIKDiYUPBH3Yw6DREDlcRH0hW9Xhq7qUPoZDdr2TQUs/hi + kJcEB0hHxOH3D2i7dmilH38bExPruWqDme7T0+KPGIB9mtyJ+f6DyJLEsh+T + 1tPk0hKrW0GpBgdz/iQ2q8rM4iHmYLN9irilFaPDKsezY9MlcGWfuyZDepDZ + XEg45m6+a6cN7Ec6YAhR3bHbFY6upw+R3KSrOiE0siOnA00SVcFKjwlCLvtP + lbbEHnv4mbJ5wyy37GMAa2Rhqg8fwex0Yf6cqkFrPvzodS3EvTZn0WYCZ0sM + vHBeF2ZlSVZ/sxrts0qp8A1jQkGm8sX9ER1AONjhuA1czwZf/tZWKl4Kcyki + l5ZLhzMKJ48RLdLiGWwIUO+tm8OQgKo0LTAsxzYVMQSXIxeSNIy+DhC1Zzzd + gP/tVDCAQV0HRkTpna0TG1WYnQuhW3zrrY+CfmIMUhUJrFNn5vqwmgtX5CN6 + zswFx+whl/i6XXCGViRLGzIayIbG2v+3eOZMbf0SXiHIPXI7+ozAEcQ4eicQ + d7WMhqKJmCnt+0XapzW1nqMCpMLDOL7M75cTvC1pKUXr9LANSqvKjlWScb83 + 1WzBWGv++1Kk1eJGrarX0TmUsaFYmz11O7S7rcFlt/Ldk/mCkoyNDZvpItqY + 5ELqs7aUkrSzzBj6udNpi/sN7lN0FcBOWAIJKjEd9gNEdewTjGbg9hV+OFRv + ETh3rh+xD6VNtkvrpCWPoeNwvv+UJr0+uH+dWyWdXdDilMrWvgHzgLn/wb+m + N4mmcg8F/TUu+NcqAd+k64m67ZCCtgrH88kgA2YfEnBI3749dw1nNWfJMrij + e7v9YgFhtwbVMB9yaYQ1YkMinIESO2jp8m9zSx7aBtWMLSUSgutB450RMH0g + TmUZgFFFyjS/fmrCNEDdMZRqNpaQWU0crYUEbl4/uZ/nkPKWGL746MKPUiOS + HvBnqeghwIG8YFJz6xkOLPWX2BIfJmojC0JqVAiMnTq0pq5xIF/5CYLzJDCs + oQCp070+eDsR1mCIyJ7BWqgMfuIitJFOnhr86pxFlEqhZ1DjJD8BlVgcnkhR + 7HNxJP6QBH9XZQjQ/pRZ6fkuPdRqPLHguDe4xf4nyHcbir62y0W2b/iTYlI5 + hddlkkcssOpd2hbWhSEFbBBmwjHFencHHA6v43B8DGrBeUt5sBQEoEErktVB + e3AQ90rXe8sxXPDwM6P2gm05JHh4JTIOKZqi4628KsMcq+lGkljY2Q3zwjRf + QbNnpasEBEwMPSURTG+FXhyj0L8xduUHuDDbs1wY1McaOtEkV3IoImC03gAp + B3erDHKP7NpzV/bfrzavnMhx9e2fVoDZpM2Gjtf/uytr0uN8DCuIWlbb0keL + r23isiRg3joGOjQQmh7TOV9fQYBhI/iTnUasvBrvPL4CA4o1DuBpcLQPJp6e + bG0oUNKVGyszfX+P96e6qpVt9ykB7RAzc1bXH9JmzKzhOZ7eY+us+abtc2Dk + B+wRS5ftcYrn11rWMg3cRnRfpgrD9Y5s5jpz7EgYV0wkeBtl6L8bUYf27s3h + O7otc6ARpQvPfzowdNRKCWfXCvGG1tQogx9yfuUVXxk8mzQMAYQnHnIkavtc + uKsoAnVJ5DCYmkGxQjmBnwDzdH3hKaAl2BX7QE81bf6nGijNH9B+jq+qIYJb + irCbAEP6+mtr2EgAAY42Q7Oq+2BaXfQBnY1OM1bfA43pXXBybAjyK6++7C/Q + oe7DXjuQ2slylMTPaUGeTMog0VNs0v8+cvNoWgqnsj0wfUR1+3YSi7mlhkiH + /7RZd/UVRdNSatrj1bNldv+Vuvl/ZvYLGhQOPXjKCRYxx2vDiNnC7sFDDYOV + ZH2jgIPwAJW3JD9EH5vF1B8evMlPrXxERXH4F5hyyWPdzTA4K8eQnS+cQuVB + XtNs9O3nHG7Y6shSnh2/gyfEYcTkP5fRI6UtnGdDKUMUi9Z0wnBpiSIC9OgU + w6ec4oZtS0iAL+0SjjlO/0TEAxJmVyEgqiFK61oLkEj1p0M8eH5Asp99yOlI + P/M7tp+g/nx9i43mA1a79+ux3joex41AA+En7Is6K0y+vcfjcxMmCmG/+USs + thOAooPKHj7r0dYid/9OFSz5VRtPq/9Wo5CNwUWFPSSuuvmczvxoM3Kt4Dig + c2OzKWY8P7Nk5ogzUgmki/66BC/hpzQDIfWMkhGxOvEMipmZW8ciYmBo8yBR + 6HsJsb6opH7YrcvOUiS1bycnk6pBpWucM1hqbwaKSOzcC8Kj+GTtsHhY5JFr + PjHK8OUUkEcKIkZYa3LaDNDWxY//MnPC9RygNatrOCe1ay6MD0DKTYEA0ZpR + ZHq1UXolbXN1qKdhxd7tEl6aWc+dYwIQt/2lzpUfP3s/6k2ScRwD9PizbKFo + RRsW4e37p17hqR5iEUSpuUM8UQn8d8U40GlTORjxDGsr7yrYSug2pBwxg8W6 + JCyGhT2u0Ex8pVzEP5YI9BabSMsTLZo5BfoiZ+XLxcOp7X5LZD+/83n9aYsT + jRoBIBC/yFLOnr2WR12dMIg6VxFHEEtEr/4hicpBDxoH6HSzPh6QHrPCPGto + jDPq0KaLA0TXFdf9Bb0ZtIhNDdrdW6clhfKJw0wEO52gTLBRRM5pffVMRj6d + CTSNKSUm0pPpe+hGcO1j/lJXCsOxAfdcOr9/7v76jWDlxN4w39vJ35g0soDs + 5X6F4v69awoLr9zr+bCHenVyB/vl+g95HfV1ZOoEEHaJdi4hqNPG3NIwmrm3 + MT3+tMywaMQtl/Oj8J7qI6KWIIxn4lF6XDTf3Lnyq+M51puTD+3DOEirAhk2 + HH9BSuCfRoqEyVURuzFhZKjuO4VkeKQ4OCR1sVYHUcA0kZ7C5xrJn5rpvbYM + I/Fwx0UEw8u4b4NhR79sbijyx5r2SARaVb8yZrRZ2FzMxHJBmxuN9+kFLON0 + a9FGOaQefIvNBqTAkOa6nM5L5lv1LFQ5UM0YddSvN+SjQi8aUeaEqIvHXTgv + dAgQAFXgMW2/KDhkMLgWQ58YwGETMrChpOfYHvZMqUVuAN2gVMc1CuojK68L + KlO4POMMud4ZwZxovOjbbo8wnUtln34yzGKZnHZR2pyqSVY20baK1dKamsiY + LJibYQUQOBB4D+lsEUCcyGIez9AJNupf3M/fmKXmOprEg0sGzcgUKkCpMriu + 9ARVqvMPD2gfJGGU7IIXdLi/cHmt83r0dLj8ktGwK9MRPBJFcUXTMY84wiUN + rME16FIlZFKLK8it/HfmR3TnP7hrw72256+432doHzZCatKkFHcOdhFWB4Se + fl4i2n9JuQhdenEwa38I3nDe9szrrbiFf/o5rJGWm3hQia3nTAuEtZbop2WF + N5hpKFsTo7pSmmL0Po/9n6cSNpMzM3VY3WmJ9+vrSOmG1nLju6SXVyPS9/ER + AqZ6DjGPdbuu6bslqKaL5XAy905ej5GqDPh3BN1eJGYGce1qrLXJXqFDaL8r + RDYoL/7K07FGDqpJtmyLrjDxHxJyEVZqs7YLusXRsVs4bY2+BlP9JpLi9ySJ + 2Lidl4gLvvd5hU+mzmf1/rMYdZjBlHeanHBVT/EMWCeF02iyXSLcmHcu/M5X + AlpfR7zgAJp3HZXc8pBPogLbm6FS5HTkobBPQLj5WAwMOhC0z5tOM5e1aq4x + EMNHjL+FmsQMWj1m3z/ILUvgP9+vidEZbLiNqYuLmRuFGZy3P8sHzXU7MXHN + vc/EBDx8uFWqXEBvGgewtl5Iz+EFITyoNIMXYp1QnyvT+xRf1BH4WqAJt3PF + HYrtthsZ4WYZCGaMQVLJn+klWsCeaL3pxJ5/BT9CyAm18zfTCv/LEec9ZFDy + PxprSYhp8DjPthymK9PNF+pLDCrWXwuVNidWb0PTmRS1u58W84EM4blHq9t1 + 7kkI5mMwOm1GFLmbnwNg7mJ03fmQaC7YHS/q+DHKUh/qyzc3+6QiuBTrRud8 + K7pbVQqLY18HwVq48Nm32a8nglw18C6Cxl5wLN9b6jomUxfcRtNklygTTlR8 + 51Ms5Q==] + cacerts: + - class3_2021 + - class1_X0F + client_ca_certificates: + - class3_2021 + - class1_X0F diff --git a/hieradata/nodes/idp.yaml b/hieradata/nodes/idp.yaml new file mode 100644 index 0000000..8cdc0a2 --- /dev/null +++ b/hieradata/nodes/idp.yaml @@ -0,0 +1,16 @@ +--- +classes: + - roles::idp +profiles::base::admins: + - jandd +profiles::icinga2_agent::pki_ticket: > + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBAD + AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEASfyW90GZx59x9n47HHlEnkdZ+i + niLnTLC+oI8gfFPIH3Tcv15144flW2i0yZGezOrx7u45TB5Etat1xQHikWej + AIZnIOJ5EQSNbpz13tGFscC8jdt3r0MzCzdy9S/feyY7hy7Rp5e660ihBJYT + eLy+FbR+w3HQ7wBlpXaKB2qXHqBW2dap8iWAVFSqZLm0doZ6NY6vhhFi6JnI + gFj6QmUJuE2YyfsJBTl3+u+U8CaIVHwM2NnOXqNys57LUgfCWe3vEKn09tS+ + 4lCT/2nuMykMjtSHnMG3JwhsrHs9it44sqRF4iviuYOx9hjRjt+oAqe0P8ed + kdo3U37c2JsLdLvTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAcAkuhaq + iY0ptYro2vaoRbgDC5RScVpxR1ZhQKA2jU9b7RcuV44fADXtPnWDhFt7wwNc + kM75ghXXnTtSsfA5gqsLo=] diff --git a/hieradata/nodes/infra03.yaml b/hieradata/nodes/infra03.yaml index b66befa..7452172 100644 --- a/hieradata/nodes/infra03.yaml +++ b/hieradata/nodes/infra03.yaml @@ -5,3 +5,14 @@ profiles::base::admins: - jandd - dirk profiles::base::is_external: true +profiles::icinga2_agent::pki_ticket: > + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBAD + AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAooC0Ys7yF7XmdU3gzQQ766/GiN + GLulXOVHtr4cEbHSx0eiVtqzADHwSyfzyQNQJVD9p86iwLDlHN9zFfe/Hz4m + JnxJgbZe6CqfB/O5qfv2HivSfroPN4EQBJWRRy0JLX9KlAbSNq+PGuJrdLa6 + EdH/kzLs7giCIy/jDEqDsvqeHiLOoq2W3667piDiIUxqbBuiKkxfKxY3q6Ps + Z5Qir81jns727Xn+XNPw/20z6KUj9waKHam5lqssHRqWbfdbSr9bdscDknzl + chnSMcioKSrFslI9r8r01+fSDQ6mvlONhpMysbjcF2mZlgpDkejspSTLf0lA + OKXjOEuOz+tE3a/DBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDsDlK8TG + zoLZzcGo+qqbhIgDCmkGuHUCKK6fFdfjBpiPUfQLFKJCXmwcS/8scuPsYQty + JK1sacuClUt9YhD2I4UO0=] diff --git a/hieradata/nodes/ingress03.yaml b/hieradata/nodes/ingress03.yaml index 770e7e8..5406293 100644 --- a/hieradata/nodes/ingress03.yaml +++ b/hieradata/nodes/ingress03.yaml @@ -7,6 +7,9 @@ profiles::sniproxy::forwarded: - name: nextcloud.cacert.org ip: "10.0.3.12" redirect_http: true + - name: code.cacert.org + ip: "10.0.3.15" + redirect_http: true profiles::icinga2_agent::pki_ticket: > ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw DQYJKoZIhvcNAQEBBQAEggEAYZ5HjRcuW3yLHDHwy8S2uJw+FceUQoSFrh3G diff --git a/hieradata/nodes/ircserver.yaml b/hieradata/nodes/ircserver.yaml index 27910db..3aa88ed 100644 --- a/hieradata/nodes/ircserver.yaml +++ b/hieradata/nodes/ircserver.yaml @@ -5,13 +5,143 @@ profiles::base::admins: - jandd profiles::base::rootalias: irc-admin@cacert.org profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAHaF5dH8H7SFb1mKY8FWu3TL7MoHn2lk2V/1S - kjM3nOJ8tSCSVLZLg+cE6dLZPS8rUp/UILBG2BqN1eg41pRdEJHSa/4XmvP0 - j8V2xWsahNnhMX6/NBHkNpiyC2iGTmhj0V+31QN9QOMRDfsStNeBgR/atw5k - h20bpmlensNUeMOz5McoojMDFrshgPSp4kg1FNofr+6ZXiEGb4Jf4W1617k+ - 0cISAqQ9kfGOrUcvXVIFx+c2trzbnrnZpmVqXOq8xVkgK9LLLVeYPZfnPwxY - 4SBjevfBjG5cmBgZvENiPTVEDWnv+9dETR68UiG+dBdbVdOuFP/8qJtpppW1 - FZPkIzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC6l3NsMeJypedfMF6O - i2rIgDDlShiaPIGUL6kAk2yEPiIdPCt8J86QsLY+6OsLV0zn+wRQJGL+WY3C - FbKij0dpGow=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAHaF5dH8H7SFb1mKY8FWu3TL7MoHn2lk2V/1S + kjM3nOJ8tSCSVLZLg+cE6dLZPS8rUp/UILBG2BqN1eg41pRdEJHSa/4XmvP0 + j8V2xWsahNnhMX6/NBHkNpiyC2iGTmhj0V+31QN9QOMRDfsStNeBgR/atw5k + h20bpmlensNUeMOz5McoojMDFrshgPSp4kg1FNofr+6ZXiEGb4Jf4W1617k+ + 0cISAqQ9kfGOrUcvXVIFx+c2trzbnrnZpmVqXOq8xVkgK9LLLVeYPZfnPwxY + 4SBjevfBjG5cmBgZvENiPTVEDWnv+9dETR68UiG+dBdbVdOuFP/8qJtpppW1 + FZPkIzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC6l3NsMeJypedfMF6O + i2rIgDDlShiaPIGUL6kAk2yEPiIdPCt8J86QsLY+6OsLV0zn+wRQJGL+WY3C + FbKij0dpGow=] +profiles::x509cert_common::certificates: + 'irc.cacert.org': + certificate: | + -----BEGIN CERTIFICATE----- + MIIGlDCCBHygAwIBAgIDFR2xMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv + b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ + Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y + dEBjYWNlcnQub3JnMB4XDTIyMDEyMDE2NDY0NFoXDTI0MDEyMDE2NDY0NFowaTEL + MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD + VQQKEwtDQWNlcnQgSW5jLjEMMAoGA1UECxMDSVJDMRcwFQYDVQQDEw5pcmMuY2Fj + ZXJ0Lm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMphj1ifH0U+ + y9Cto8hTEV+aGoT/THQ+d9XkcAciUdARUE3TXQYwbnIyxEmsWbUs03iHgXzPGS8m + WLSbMUE0qCGlbQoJskvVaFv4p0ZOagAQImBLMzgLbNrI7BqwRs21ziwqTU3YXjWc + FaBssULzDnpekFpqi4//JHIlES2U4qIW3jhsxgwHScmoYeqaF3VIfvAn5kvAYvDy + TbIitYOTi3Cj7BFfeeoBZY73UWW9ZVSNQCUZMnGDFDEQBOrADHRXkQKOveAEgMVI + OXF89RqOHBQBO8rlZ6bJ4nuPt0nHv7Lvn7kfIZC/OQ26IggMy6ZldUbo0kz3Klls + fV1ImP76LkFB/r/DB5+htk8QwbZpcofDmdsbqPPvu/7fK0gVm+ueQtKVBYX9G4gk + oWeBbhHlkd1KgKmyrxvzkeCk77wJrU/46Rsi6fr60hWqXVLzr68cyPg+6riEjT4U + 1HzoBVGvk0wHtX2TNgYxxSPbibCqyDOqdxdb8GsKiNsg6dbSWFtHfSkw3gkufkFL + ++7cgfoqUnqoTuSO5C4JK05C+werng/hhT7101Pg3WLpVUD05Dv09jLPET7SGUVN + CBi3Lpfy9FrbYddluqlFot29gZ3cQdoga//EimKQ2hRAeuIbR8eq9nnlfPT+2vOj + tu6qnH45oubD4vA6kMSyGoTh2xLmmQ/xAgMBAAGjggEzMIIBLzAMBgNVHRMBAf8E + AjAAMA4GA1UdDwEB/wQEAwIDqDA0BgNVHSUELTArBggrBgEFBQcDAgYIKwYBBQUH + AwEGCWCGSAGG+EIEAQYKKwYBBAGCNwoDAzAzBggrBgEFBQcBAQQnMCUwIwYIKwYB + BQUHMAGGF2h0dHA6Ly9vY3NwLmNhY2VydC5vcmcvMDEGA1UdHwQqMCgwJqAkoCKG + IGh0dHA6Ly9jcmwuY2FjZXJ0Lm9yZy9yZXZva2UuY3JsMHEGA1UdEQRqMGiCDmly + Yy5jYWNlcnQub3JnoBwGCCsGAQUFBwgFoBAMDmlyYy5jYWNlcnQub3JnghRpcmNz + ZXJ2ZXIuY2FjZXJ0Lm9yZ6AiBggrBgEFBQcIBaAWDBRpcmNzZXJ2ZXIuY2FjZXJ0 + Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEATqSswtoLDceQ3qhpyiov/QgYJjie4NHJ + OPAPtLtwkx3YB2YFIa9NElr7MbOD8ZmWOuFwOx9GfvgZqSg97b8qCywaBrUXGopc + 1MeSQbWgDDNjb5rmcgaw+3ReIaU7uDBywGfh59hvuyQa4Zy90VfdtSdDypIoSyqh + u6lJV2Bd0Eo+5xxGHhuVmGWGwFeKCVN8axETCtK4aeHCvMbJwcdA3veovnIckgMY + BLVfizh71iohPK2eAQ8coDbpujtJX4OcSq+/VtmB/wNTWlod2EhtqPivUzPhFbn/ + /9cPl1nCClGxWtuzsxNfIIusLgy7w4Af0xJAkzQBMgU7AVWZP10omp813qZs2yh+ + T43Bxr3Yasa+GGXVg1U0mHy4TQ1F9F2hZTCMOj2io2YxG8VpjzWi0EVWcE3ymWBH + R0AZdwANfZsyRVqbG8DQZ4DnoULScN963oDZSOADvj8Ul7YP/CWW+wl+rr43yhRx + LmETHIlk4KiLDvDyEwmhgtL1oxgMOX6SlbJXxrW2H8OmcFJ0gX5Qfpa147dXAlQv + RYSi1g12drO1KqTwmFhlSzYidXjkQE4/owryWJOtJl0rG8ZLa7vPtUu790PRAqCd + dYZGGGkcoFfVKGFQfSPA0vAtfNGGLt+TeC/0Qsw+hFXSwc4GpDnubH/MgUGTZUSN + Z95uBDgYiC4= + -----END CERTIFICATE----- + private_key: > + ENC[PKCS7,MIIOHQYJKoZIhvcNAQcDoIIODjCCDgoCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAmnEuESfZTm4g2v2cXrOxvZgM56GsEILZyDcz + r7D2S4MHA84QhDtbUAnqLRJOA4CTaLXWgd5wMZSc0e6iEfTDVbW4A/xfP2i4 + BbdohtCOBDjGzVvvzy2rnd4s8ZF5OEDH++s22dlUc7rgvwesEjaHthwSGd2Q + 8O02W4ewqElACTsqbBU+tRqPNn0/bg7YK9nvP9iprSlcPjaPXqFdL89rGF4Z + mogDf9Ypf8MLA9/Af9UbWtDChFg8FOIQ2BaIsGINV/VTdsVHBnfdV62uTIP0 + pW4cTP8GnSH/xs/PVPzSzmNvIiYRLPZlyUhYnn+JvGMo7DGAF5itq5jnrpCk + /MdROTCCDN4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEEzFSuqoYeSh8jlZ + vvuUmp+Aggywppv5yFQklR/CnTUvcza7EiOyExgr8P80pV+xehf+iWGDV7s0 + 6RoKhZhxzBKF948zSb1S0Z5dBIu3cVSi3ErhbLlfXqEdcXeNoCnhQILy34iU + k8AfbAOW/ZaMEenV4gyPIMIlIun8t6hOn94+dG571AHGXw4axrEKdKn2z0JY + gv5N14LlZx8ypgoF0SKH3I7KECNI2Vn84UWOPJ5d6gWFtQ80HgEvChK7wtb8 + 0RYrtpGTcsrTdCJRc1FdeIj2oQEflroIMpjKH31KQZ1j1lgnq/5lnDR6xs3e + inbbTFBDK6TaeqnLCaEFPsGAIruCm/tszh/DCCTvqAjOHcpSJSYx/K2VesSh + t2X91GCJ5tlZJsbx8WRHH2YJFVftZg8gZ7HrKYa53Xt01+UGYNAIZ9AY3Fju + U4StNlhaiUG2VmCvKdnSgDzV0jQPtgj8WiFosiB9FiVNu71xUUAEwQQjJJ9D + B64I5cYxwV4jlMxaTiOyZfSlfbUX4mvXS90Xd9uNrZ08sju7FbcnbtOyl8q+ + oS3n2rtvYszD2WuVFfkNfmrNKTjwfK8AzynqsFL8wiIe3LUJWud/U4JVKgKg + zbrTH13kX/PiF0/eb5/KmOp9zEHI2cdoIOiH9JEZjAFTueM4qZoympipL4tQ + o5AvjS/cCKjo+8DvqPHWWNOTrDv8xn2am5Ufu5xsqDLE24q3ND9iRPHnv4zR + SJvckoKDQzlTx3n5hAS9nAYMImE22tQiLN3tUJnYpPYzOjeBjI4R/pehEBxS + N5R5cL0qfHXt9+KDGlxCNu6Q/9o1kr8yYvGwEYuo8Q9G9OIZ3TKY4ls7GlOK + rL3RkE7/DfAlrzrCMVFSZ9L+qJa8VvaepLevYOoCK7i4xEMF4bGbGoinfH7Y + GaOnpCiyAM+DKMjRpkotD5mvE0RKH8qZW6padYsOt69NYUAIm3vGpDWT1+8m + PP0M+3B2p77SODG9soPM1FG+H/gQTmURquUCVvpFgubGZKyFV/0hG2/FUQ0W + YD2B0yyMeycMQ6KGh8VTie1NAM4Yw4r53PfuCFtnIgJCs2h7dbBkluIIbmhh + 1Qeq60TQIXodqqAlLzeyxpCsUQiwghKRKDQzoEMUNZC3fG5uj0662tBeveSQ + rVFA6pUo1juQjkUq7FGvnvSl+woWGz+Pq8pfA0AY9ca775JXN8fKZJ4jVjSk + OMRYR+oaLaqVNoY9ez743Npy98eLYB/5Ex3qdoC3t1sqq7TXGJ6nXsV3Q07Q + o/sF95hBWmghl1Nz4Za1f+tGTQgYIQcGqoXDPDFOJKouTtftLYpG0qXOZB6m + Jd3WoT+zyPrtQF71PEK7BUoTCOcBccHEuBpLV9YqXx2GNulHXpl7UK9hMMP1 + ed6pN1NW7Eou9tqmZjznyJj3WT8ctRBFbMFNrcN98eeIqaq0AmXBh5kOP437 + DYkLOGgMV1eMnnxoxklkOw3GPdsHOczvL/Wqe+872p5nnJn90+4p/Rt9CQiS + A6iGxlZDD1Y9NXe+g8axenq1ggPV2Ded7+ege83NamJEZIX7U1bO7iqZvtYM + mlxSJ1cE/6T73HzVEjrczaLAfSWS7WQ7tNGAKGQPvSRLh+6cYyHlHqfSHrtL + XySRK0BjsuIYMIRF3o6J3L7XR06PglxlkAFrTs725NqMj6MjWkYk6uREJe/H + MqAMR26hxFkB2oUazpuGT32Jk8tYk3L7SzpyAMuEDMwjmAlb0UJShLlmVlpz + 7wXIS9wh5DIHR2rhZU4VqyPYR0HpyCfCMv0AKFQ2IeSytIAOdA3L/NJMlU61 + HzsDlpxOo5/m7Gu5IJSUjQqDS4H2hYjBNeODCVyOcQmejnyWoD2t5JOir3lI + 4nKTzAoBaErzrG295fo8Ezn2rGwEy9oWeBU+4nvHGIbbSimuqulUja7Mf/YT + lqPF1PUCNVtKAyW+XI7qE7JKT4NasmTNC49MPRujU8Bj88HMEVzhid1N3z4g + HIGTaktqOUa9315bRm57Lz73pPKkOlnrjsIhMkH21UwHS0xq6BHZcrU7gjoY + Ech4iqX5aVB6fOhrzOvznYdAofiC3H96DuR+UwY1G8jGIbg1UX3P0RSsagFe + +nq6GZNdGp4qToYs4DYtvV+3wu6MSI7UtUGI1Cuxk8KY74KXHyJ4RB9EUQ9L + Bok2lr4iCxKFBoCt7FZEBXliGk7hC5lYKx8PUIR1N2E2xLuIIMuUiOFxcMmd + MZGik2otaUJLtDUBSGMfETR6mQjREeAtYkfU8B2knFwXwz5OGkR43E5UFEJP + fq2XOfEZb5YdUJ8WbeTtpp/CQqqxxc7sghf1wovVORoHYviDdpEl9w0FqxzP + s7+QbWKNwtI0GtOEcbu0wuFd+dnQUnhLaeNS3mDcvym4VU9hiXK7TtU06eqC + zrTQ200YJ9BDCdZxedU2ANz7J4LspeJvLeJfVl/vaL4IvTjNhioonC8CCLGM + H2XqmhQcTDdwA8vCXGRQ165vN0DGA7plSzULsH0nqKAlqJVwuy7DSDlJjFwe + QWtj2BL8mY/kYZB/rBV7+JCj3iXbXFpw9gANL85z/ieLrsQsH0kmg98mAv7b + +Mws8W+JBxLA/aDouv/gf3XK6hW7DDiPKEHaGbFFMnVqrGzhYgV8BWYvUSZe + mETTgczxzHIpXKAsy1yRrg1sahppd6DevmIEc0J+zAckHXVxBHifTz9lzf13 + Wog1atH6IKluXD9X2gKc1czHKTQDrlyZRyWufFLeiv6RyyrmyHyeSZW+Xh8Z + 8H8Wl/BedEGNdWz3Gf3151+1Q/AEjGwbfk6WZeHRetq1SyCEeclr5+NxS3ed + 3eS/FU8KYXrxOgUvcFiLhoLlhRGygSBlJyMi3pRUSDIBlgsPJnE4P4oGDV5+ + IQDL7LT2MQF9BZCkc5EVAue1kOHKNB3j7LXTMEu/KXv8DFfz0mLqyerF0Yu0 + afOTzYr8rhKWLDl38wQo07fwOkV+J9Errt8Tm904Z+R7I5QDkb8Cqct+D4PK + yq7G1VnHS9KVDLQoM8uD+RaHZLpQEPMzxoiWVIH2KeWpzHJBEsxXUZp6RFPn + IAlivqWddsldhfDT2T6Vlnm+yK8LFY0Y13Xr+WzuZ5W4WjtoumwoPFoiXUQC + OtF5jG1zW8MogIB2uwyMZN6cIFls4mGArf/NPBS376xJH1Ej+hjQ0QyKttTd + HUnAIZHMjMWijKCkfGjN6tr1cNQkqbiNQES3WN9XKlIMsbE7A8U65f/m6Ffr + n6G7r6a8qGSRymswmxZ9QH7kIrrYJS/iCk0nvypuRqT6pXL/yk1GifyyAjzb + mLffOaQDicTrmh0ekxl+D+eNp2gDutsQ022Olt4ZAwFiUrSy8uQsX3tANHEF + L9cnAdj1LSSI0FA7Zh8hJPvGVsH7Kt0DU7Zl6MTdk5Cb8FQlYD/qmKxpxGCa + 6V2DzxIdAuQ8LedFqXHVz8HYIBbZKSWnOLObJ8VM065348OIPewfnJ9aD9rq + S2ffUztanm4Mizgif6mmQyc4DK/lkIDH+IJz8TjlTuq+JT2HstT3BnK3sIud + kp/ryGyY0z2FAT9VMNg4hxiWl30Cd80Q+Br/5LbbMrSGmt40VWdCJkNtK+P4 + DxG+47ep2UlmBmDlIZcrNGuVF0RkOGFfl6GzHo3jRpcG2Y2cS5HZ+uCQcMD4 + EpwZBxCB5rErwC4Xt/xo76fowdjndcl5BoXRFj7jTo4PRbLigUT6yatlf2GE + jUrIYY24wNmamvn/0izmrQ1+ptgWmL+3zULA9HVDQ/LXJCnJhypy7vZcXeBr + HLsTtt9nBBdZeTwkOafhDn2bDqdFXpLpFPtKou26ozKptI91mpCfGe4+sV/B + lUGt3FV0LK7j4w91S6g3DUpYTt1O00mPn3dh80M/vKH6YU1oJCryPFqwK+0J + CsfWyQrPLOvxXQn13y2oDI+mSIz+PbzAFIpvEs0b3xvlI7gpgpGQXpOSZ4BQ + UKQtPmkXc5SNB+fKkTFSodK2vhFE6wpxD6g6SyhjCzYl9YLXiDbReBgJZ0bW + ij06K4HKi/PU/UWFhZ8UGkGD9ii74LgPtfpjUBahJzmBK/ooD+w/0TAU8S/I + 6+5/vWrKvfi2UzsuXTEu92dHWb/zAC1qKHotxipRXFKdxjV9tQrNvzvvS5cL + eFakwB5uZp3VVBbkcRMyPePTYRiespf+lug9UmCAqtCsq2Tt/gcdZXu1xz/D + oejdnO8uVcZVBDEb6nZoJ3+dhXKQGTrYrYdGwKHximhe9tanx1IG5CivvWFn + CymjUxrhQmA5bqlkDLdjTDSG7nGMGN0D661mswmqRD1VJ5SDQtYYr3PCSw5P + eQqH8hxnbxk3ckPVXku7Qa8=] + cacerts: + - class3_2021 + - class1_X0F + client_ca_certificates: + - class3_2021 + - class1_X0F + key_group: ssl-cert diff --git a/hieradata/nodes/issue.yaml b/hieradata/nodes/issue.yaml index 4fc47bc..3d77d09 100644 --- a/hieradata/nodes/issue.yaml +++ b/hieradata/nodes/issue.yaml @@ -7,13 +7,141 @@ profiles::base::admins: - dirk - dinoex profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAFvuCLRlXBmas6v2JGcKxy0NVvpc+hv/yNRqS - SMokUDoNTi6nbZ1UrbGjZMCq+g/TUyW0SABEIuraEDoxzWfBJZXipC70e/Aj - zg/XURpKxmRK5c/4ouBA/Ecze1jjDx476B4/4LyO/CK4G/2Iu2xdsDth3IV8 - FKV1GaPFAZlRk/hPphw1VNSyuZdYraT4Sbo7hJ6cvwE0w3mHNBgtTpProgoF - hQQz2Wfr5f/YWaFvlWHVJtJYVssSvrcEZFNYaIvoBNcwow2QPtyBiv8JrUHz - OESJpYQQ2jyqhliiCsTzn2v4AWUiCIk5Im7RQ/EIiAskrdMk3y7zjb+Ev62V - aXn5/TBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBACg060g6bh04Y6SdMh - kIYogDAio9Ev3971h+gUsvNpmeUh4oeSZTA0oQICRZAgGOOHVAiApKhLut3N - uGBx4XT1fUU=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAFvuCLRlXBmas6v2JGcKxy0NVvpc+hv/yNRqS + SMokUDoNTi6nbZ1UrbGjZMCq+g/TUyW0SABEIuraEDoxzWfBJZXipC70e/Aj + zg/XURpKxmRK5c/4ouBA/Ecze1jjDx476B4/4LyO/CK4G/2Iu2xdsDth3IV8 + FKV1GaPFAZlRk/hPphw1VNSyuZdYraT4Sbo7hJ6cvwE0w3mHNBgtTpProgoF + hQQz2Wfr5f/YWaFvlWHVJtJYVssSvrcEZFNYaIvoBNcwow2QPtyBiv8JrUHz + OESJpYQQ2jyqhliiCsTzn2v4AWUiCIk5Im7RQ/EIiAskrdMk3y7zjb+Ev62V + aXn5/TBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBACg060g6bh04Y6SdMh + kIYogDAio9Ev3971h+gUsvNpmeUh4oeSZTA0oQICRZAgGOOHVAiApKhLut3N + uGBx4XT1fUU=] +profiles::x509cert_common::certificates: + 'issue.cacert.org': + certificate: | + -----BEGIN CERTIFICATE----- + MIIGUDCCBDigAwIBAgIDFR1xMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv + b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ + Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y + dEBjYWNlcnQub3JnMB4XDTIyMDExODE3MjYzM1oXDTI0MDExODE3MjYzM1owXTEL + MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD + VQQKEwtDQWNlcnQgSW5jLjEZMBcGA1UEAxMQaXNzdWUuY2FjZXJ0Lm9yZzCCAiIw + DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALV3HWdHF/lliXLUr8Rwd+0RalSg + p77t4PMz1OQZASIyAmR8GWDGO9+ZLGBU9ZzKFUogkGlIr6we1q/XP1bW/gxgS1hJ + ZjWR+q6XyBlhzZUbE+Mw9TE57Ro9vKm1LEqLIO5/BLsron15CMgYDv4Vf+vP/lWp + Os/lEGDxM9EFyTxdpZK52CxD8ADkISIL6AhZI93rupw0dWtE0xghkwVBNJoFGTzM + qjiUyAiGWGaMwE23m6FQRkgLzZanbIGfbB/HqKwrHUjju7otyyLc5Y48UEjTWfKN + DPrYWzNZikIdHyx7WuurgPLN6owxOy5s80VjxYaCyb6eu9rqiBu0UDr+7MU8flaZ + E93mPm28FARZ5RC6nRS1CdlIIte8RBXS9u4mZthjQqB9lH5YM/gsW/WL0YdoxyHI + MHz/a6Hc0/rHIZ9Acu/ixR8O6caV4+Ev4/7Va7qd7IR0BIHqJCimbUx0jMeybAkp + FPkVzyU+Y8qrqBt/8zsMOf/L6IwBhvqw2LVteM3hNDpMEEe558D3oDutkekCTDVm + eh2epWEckK/VrF/YrRDrWpTViiAzowp4U9F3J1fLVgADdiAmY/cuC6dNDDgg8rVP + 8Lmeink0/j3/dhIUAH/UPKKa+ZKthYnPoGmwbtcb5UWAEwHZTSywGFRvq+GHi8+O + wDqIbq5jpPWCIAgVAgMBAAGjgfwwgfkwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8E + BAMCA6gwNAYDVR0lBC0wKwYIKwYBBQUHAwIGCCsGAQUFBwMBBglghkgBhvhCBAEG + CisGAQQBgjcKAwMwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8v + b2NzcC5jYWNlcnQub3JnLzAxBgNVHR8EKjAoMCagJKAihiBodHRwOi8vY3JsLmNh + Y2VydC5vcmcvcmV2b2tlLmNybDA7BgNVHREENDAyghBpc3N1ZS5jYWNlcnQub3Jn + oB4GCCsGAQUFBwgFoBIMEGlzc3VlLmNhY2VydC5vcmcwDQYJKoZIhvcNAQENBQAD + ggIBACQHnLMuHJ0YQBr79oJmcqQCgtiPLjSoqlxx+ASb0w+kwrWtodwm3Sylez37 + eTlO62c3JlUwZQ20oFrzS3A7jygKNO4w9fb68nwzykC8JKvtXNKL7P+MMe8j5tnl + pVh8o5cbDD7vhLKdDQNRzVjUv4P2y5vdvfZWgt73eOvfMx2YtFZ7n4hyMMRyfQAK + e2oVFU3bbsSx3lvna2vHLr/VLtlP5U2Nf53ba+PQ/PwUfxaHo9wEupugwR0dpkms + AFeQPEUQz1hWgMQNUq/5Xd3ACHqRsZiC05sHoN2XwyDeAr7jIdQdxeNC9ElYvesw + kaEIHbylhevRi3mB1oj6GMvAYfZZRXv/DPT5x08Wxrir/rKPa9mGTJz/pydQh/ps + U4exVUa8BA/L4Mvyr4kW8CIcBho1TXn5ikqh6Is+6RStsfjAeNKWJ4j1SCesUByF + QlTTv/RyuEON5p/V+GkVaWTQIJLnh9A8dtxUci37JzXxeBJGy6vDC5HoWhlBRx3P + zRK7G5a5vXmZF4ekqu/woubseFwQa4O1X49181We60GmEzEaAcbtdvhHQHYltVcr + cPsHQhnIaLfR9oDFp7Xlx99mI1UEs1MT2OaxlDp7Pfq+tKjvI8/8DiGk+JYa0YlZ + 4zZDs06JCzk5T6cysLPHq3dxCGKWQVK4jGw7f1rvthu7ECSg + -----END CERTIFICATE----- + private_key: > + ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAAQfxtDkQZzFxzgGXbJLJfjTvOg4WOGjpcaGB + MHsM2fZfxWpPFa7MpRBkJmpYB7B6n8fv3X2hwp/l8njhmT2+ajwCcvpdQYlt + bjvQ8ep4tszMqwEsCSj6b4XNMKj1veowTkUx2DWbIUS7s6YL6f4HhNmC0F1o + JBT/RyvdIEAgN1ugxJTlnS2x30GplWOa+OXzPcna57WzXrzkbcwwby5KDYCm + X2xmSRWxBVwzDsJQEldy8BJhJWjxf82D4BNAwl5Re8vIA8WCUlS44v1SOx4P + 7nm+GK0JCXol+hJzB05OQDAYsOdh5LzJbpvWXt+RfeqeMMm7+NIjFMBFP37N + +4aJATCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEEhCcZqMGFTHxRbK + xn2L4oqAggzQaixyrrfcuDCYG3PhAtwbkC5DXfg6Q3p1rSV41KTXsJHVSoY3 + 33gLU/40GKoPGH1j8epdHmbFRSMQ4y+em7a6tYb95JEupSHmyT77MDrLZxpv + PGkqYpnUz/SQTvQr6Z8r/mp5Gno9waNxZnXVHQfDJUUoJdbDWY9lLAKVqQIp + cBUYIbAzjNG8MigNPdKatwleugj7KdZRcZJ8JutilCrSbIBYi198j1SVJOe0 + EE+Ba7xBUwv4vWCfAWOg/bfGqF34M1IW6KxzQ0K4K1r5AzxnOlhLBTk9Q9oF + Tdhsr58E5nQ9Khe9291Im5AqBIlh9LkNRI2tQ7ihowzXLJRmbv++y3f1C760 + pv723TVUk6MJ6lTWShOgUbmCtODv1H9u5bnuTf6z2nT4Pk3cxUcP5+eGsTxt + Jz1dP8/vLF8VFLN7XeCRUPlNCVAKcBEmo0D5aaD6l6kD+RDAVe2yp6sVy3fS + EEdVpAiytXP+VgdwCRGeafjGkvavl5RT6Q1cWsGEFLzExmc+8fDuOholUHLe + +4KLNcLeH9aQiv7vXco8N5Fvk6ExSyLUfFzpAv86GVx/zkqduir3XUK7s2UC + cltLrfxesnH4Otc6WE3tvXTyikKWfKU7Wt1jfToDtIxPUmPX8W5pgLp59PGY + VSGiBKatzrShD6KKkh+7WebfgFJp4YsctmHyRb3lF5j5c3qhPc+KgejOFcBq + 1JfqU1KjCBfPPc0Oo9PrmGMKZTjev8Q2QxcWbvySsi5fV5J61PiiWqPCnf41 + DzCnA2Gmu47ojPAg1f1iTvmdeOMUfgIlWo7s2Gv/qqIeEBU9KAQQ4V1W3lq+ + JqBlP3eswDiZjbMRXvlP/CXlmcBazS7ndVj2HvU9PBzVcikQH/MuMSoB5DsI + lLk1FBvQlQXM70Qa6q+MflXweiydbeDcB6gzoWo8v9JDWFuHcsycLgK7DmK3 + EMyWELgWAd4bU+rR2C6trcx+RPqoRbl/nddcttSRXfkUAfGh18XOvv+zm9ha + Forn6iUTOrtHqyBM1VIdmZN12pSCERJyNu0zS3ULuhBRkSR8c+fXvmgRfUZQ + +guAVJNo0cUH1HgdoDt5RCAMLrkfUVKvP2I8dm2ez/kF/1U6tY4fLZ25YDSl + vIScJf7/Bff5ZWJgWwE6YETDJ13+TyiNZUsED83WhX3gmnfh5yht8PZqPWfr + zwYjhwFeDjKav/M/MMmTRxYAlySebJlHxzNFuqRjnK997diuAa4jaRURSnji + DTVur8w5c1LBcKRkMkp/TRKmb/08a0pG2U77TqY6TAC4yQ3rCRotjIIJACzX + ORvJza4Eh4Sw4V0N5fISmLWqeYoPFdS14gFREov3jeIteblUn60iifMCp0Ki + IKCisn/wux8Cf9OXTMBLUSJAGrMi+gBN5uFLDB8EuRpTo40ICV4okpDzZ1/N + t405veQL/h5hWXEyX6JOIn1Re9L//sxe4+jEHBa7083t+wMrG8i4XYPJ/E3q + rJI1I1AYnhudWIP0JmiC2oBeW/3JhdB2FXAdFAohOnmYKNd40KBWXNXTtNri + YAekEym0kX1w6kqFPGtaNjMkCci/BD+tPOQj4VU8K7NmlLoFVrtaxsA0aEEc + pVm+2m2sZyyT/FNmekwFAFG+Ylv0oCBM6SuXWI2JBgk3FZbZ0ro6pYi7Z8f9 + Mmnts5C7YDRCboAZ3g1CgpKuYsFDTcRshqhCbiPjSn44lhvxeTh8AfIfiHRB + ohOcEkbtLN6Re1XChTi/rGQ2Z+FztYg+dzNl/5I/o7DcPRVrSm0gvwvIRHdG + +Ip2c/Q0QU/wea6kphCIoySZLJOeo20A+vu0THn5C8BFi3h/4Fne0o04jnkw + /bOnzq2Cp1Rx9M5bjEWxLs70au3BhSKqI6nlRVJKrRubFZVlaGmcRRfxvvHk + GZ0czhEI59QaPPlcFhUN7pA0zzvy5CH6CxEDCDVgwvkmyunNMcQtVUKqXC+Q + dk9GJlYA2pKMWWLLWBO3hLtLhDlqfY0dPpd18BXagkNnT/uLTqZJR4KUg2VS + 8il1xDFz/UHD/op7JkhVoJTo6hngZbXrKKhD/eqkQBX+ulp5TBpX6ak5VtCD + fio6WkPCuHGJVfCRB2y8p1ZuoKRZxdBQj9Wlk4x5E4ZULEm8iJcZbBCPHlAz + kL+bnIGn8ayrRHS9aFaU5cyn3qpt5tc9ECK5nGAIF1NWEYBayniQnprMsP51 + zfiYZ+ScYhXX3X/lhKHs8g3HRpPGxdoMnXJ+Yup4OXDX+WM6VJ0WF8xO9/AA + 4OsPeMwq+IzUUP0/JW9N0zjUCmtjMMDAdrin/cmRmvVyVIuL2SZX2oIAT8Br + 9Acs9dFZD9A2ErpCqx7PJ27LsJ0OLTR6KBLPU1B0vBUrI38T950HOTFTypgx + gKjrwQcEFn/jD14nS3M6LBvaZtDHCFGSnuG0cVNuPBtD8Bg8163Udh+KPnmG + stHDH/3Fzjgu3RyONOV3pPsxcLIgXDbVrcImMNyuQoxgcqAt76Jb7oH09eFG + 0rzxXN6hz9wdNP+A7HkG+67dZQwirsU+vh5fH9f8otNzxysW+fRD75XTg1FN + XMEnJBsfQHAQyKGOcebrsCemzigVvJg6DW6bk6FcdhoN0o0B36mKjPv+q+nL + +oPnTr+U03uEUieW3d4VYpBS1HWo9pUWAP9dNuA+cynL2jHBeEvtNIIfskIL + UTYRTQdCHjVRsDzs5jXEdcW8MEr5//IN4iVBi3O3KherKctRhsaJNMMmRfg1 + IaKWlYNmoVgYQPFR86mD47GELhJuRXh4jOGcq6wEMhrLFJ3yw/0yxUJa0s6O + kBkfDp3Qialh277+JxE/Raj7v3DItsW1Htt48tJU1EI3GnrpBJ1hWaOkx3Gg + ytm1/3LBHmlKpXepjaMsdBEKC0E6zSbURd5oTXfI7uMBlUEqCe3GRKzzzAkN + vcdpFYI5rAg5m+ZC54Ct+6vlIPsi4JIfrqs4IbyOg5tyP96Pu0Nfb28u0S1u + j3PpRmmaBW8WH+r4CJ8K8HKIvTy26WovlxS6avV3iMsUSUbtwAIbUhX937mx + 4IitThNFVFoXTso7g3zXi3h3cvGGmN8Qd+eqkVCHjlEVsONwJETBpwhls7Jd + BtSe3wWBV351W3tww2JuqLeaobNXBBaL3LJo2hf02aUpLa4EE3aimAlZ3p8q + 826/JJB/ovabtOx3D2/7ykK8/TGb1lo33cdKnjuGUwB5lKUAp9spcrhWioU8 + JhhAjFUtAtomREzdBrW9Ikl5uIw5Cbv3FbSANk3NxNlvmLiRJb8Of2g667HX + yry5SavqDsjEucScsS3rVRJcwLr0UR77oLer7kNnk5mvwiK/pdeiunpekZSf + DTT9oMZ64VQjAAATxMfGrG6ByIE/imWaKj4yfpZjT61xt8ZI5QGFUd+ddr4r + tESatoTkbmdswxNG1UkNK9BF+x5bCrcR7tYCkSuX8j/qZ7KCHg55r976GnyD + WhlWfSqN0lCkWqPVGJeyZ4zYOUrbVsUC+736/oHg2VtSpGbIz0iBVQ07CWdv + wu3hzUcsBM8hWwQKTiRzFz8+tWkU30SSTghFa5byvuff1kzDKINSykCVrozS + VdeEyIO6xF6WnAEOMgNRJJ5BRVtchTX1Iiialu72UBDxr817vB7fXfbteofQ + NnjiGdq2x4lfeI2klrhn+QDnEr8/ruPOMvVqyIEYLHNy1wFfiXgLI0+DmQib + dPgakW9Jr8bgekkLzqDwGkzaTLT3d7jJxuDNRXJ6KYgn+CYtLmjceauV8y0J + o+p1RWUFsf1zFJpMWTAwruqApL7/uWYn1JE83Z4oYKOEWtgaSyN6P9803syv + arA1E8vM+jyli/4l64/OFxOASEal6t/bAkwCGLtugbU3V9Lt7aifBOWCxx9U + oMphexKlmPfJCCZV87kbUZgyozdFoDGvThvA/swkjXn/Sox8yLX26nLoO/c3 + Q3G0rhTGkVgF5A464SSm4zyhsU8wcfAHe5tBqV3GCQOeNLpM12+t7v3LPbkR + G3lOSlWQUfRRPpTWXNBkyKMpGDwEaFrPs7dVXZaN0BpE+4Z6NA71KqbvoZ15 + CljTTc1JJ4geNl4x6A7XHkzYplCPb/pTJhF4ldwbmXYQyV0dG49F+cha8fU1 + /CkX/If+8BgdwsqWBAepKRqJgnTSLwAEkrfoBDDtonkV04/snpwc3xe4ehLN + 6Ce1pXo4lQslcZhNQylPkInocSNoErS5SYSMvP78LEH2Her884o97RpfaSeA + b3tfbImz0YKvGC4weW2VfSBGuz4Rf5Z5bFkzIKwSmo4zlcMXctezBsBMbqgf + bqIn4XDbnd2T58XQUCgeGw4T0/qjxI2d2eYnirQ2LC1P1jXYrLpZc4TMWP66 + /AlL6A==] + cacerts: + - class3_2021 + - class1_X0F + client_ca_certificates: + - class3_2021 + - class1_X0F diff --git a/hieradata/nodes/jenkins.yaml b/hieradata/nodes/jenkins.yaml index 6aa0109..3e710a0 100644 --- a/hieradata/nodes/jenkins.yaml +++ b/hieradata/nodes/jenkins.yaml @@ -5,13 +5,13 @@ profiles::base::admins: - jandd - law profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEArbWeNESG9eVk3n74ofPXmFzRTV9pbZT65WaV - ABMPRuaUgNIEjhMhk5xxEUUC3oaz/SM7rLxCASmjBMcNufBNs9/lQ4oXThb2 - q8HFHqcNhotpD/+IhPHbajrkopWDW4OR1JHcj8rVwG7UBi5MGn1WRcUAdH1i - t9vqfQSuZbiWaCrAfqwxQlycOwpiCHum6xBTMB4s7ix1ADkkYjrEik9z+03+ - I5zU+kJgksrmwA49BvTIiA/fuVgAT5n0Yx5to6GSh+4Ax3aWn7auaPd9rDz4 - /2Me4Kr7vyST8LdqLnA1mgFXJJTPmXMNMVb6Yp4x4pDxvOh6bQvjjtdUoXDF - OvwekjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAnSm0NhdNR0zRRTAxa - CWvDgDDIHqd3Iz4xbCy1MYoSF51kW9MZmW7fhR4yS9nHeO9mcjduLxAjWFsZ - 59ogTZ0Pz0A=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEArbWeNESG9eVk3n74ofPXmFzRTV9pbZT65WaV + ABMPRuaUgNIEjhMhk5xxEUUC3oaz/SM7rLxCASmjBMcNufBNs9/lQ4oXThb2 + q8HFHqcNhotpD/+IhPHbajrkopWDW4OR1JHcj8rVwG7UBi5MGn1WRcUAdH1i + t9vqfQSuZbiWaCrAfqwxQlycOwpiCHum6xBTMB4s7ix1ADkkYjrEik9z+03+ + I5zU+kJgksrmwA49BvTIiA/fuVgAT5n0Yx5to6GSh+4Ax3aWn7auaPd9rDz4 + /2Me4Kr7vyST8LdqLnA1mgFXJJTPmXMNMVb6Yp4x4pDxvOh6bQvjjtdUoXDF + OvwekjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAnSm0NhdNR0zRRTAxa + CWvDgDDIHqd3Iz4xbCy1MYoSF51kW9MZmW7fhR4yS9nHeO9mcjduLxAjWFsZ + 59ogTZ0Pz0A=] diff --git a/hieradata/nodes/mariadb.yaml b/hieradata/nodes/mariadb.yaml index 7e6388b..a8890fa 100644 --- a/hieradata/nodes/mariadb.yaml +++ b/hieradata/nodes/mariadb.yaml @@ -4,13 +4,13 @@ classes: profiles::base::admins: - jandd profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAExeqn1absUzqN1sJOyHNtZXPcsU6vj8CZbAU - BxRes3h2rmqSbPB5pTkz7n3bPhQ3YYJpFkW7gIZ2I7R2O8FxQMwR7n+QL72F - ULV7FO13kAOKbGm/hkNoCfCW0AmaLO52v7lMPlMgbXqbX3i5wCj3auvz/O4R - hyGA90K+k3kf1/6oQlVrRf9fSiufVYoiihDeJ110FhRFB4mBxOHFJopz3A/H - 2POMF3BaLv38t+dYFtkCt7jNW2JCjv15VuplZIh3BYrPCzk0WyUIJ8OUpK4I - Wr5+eHO5voJC3KSOC6XkLGDIdYxdlsagNDTVjITPv9qMTf8to2sGRP5SYybe - RHGy0jBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC052YuUZgXpP5SSxLW - i0VDgDAmv/QiQgdEsqIxzX0VsA4Qn/JSE1QI14hUme9FSJEBRzN8+l9v3nlM - Sc10J34uuTQ=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAExeqn1absUzqN1sJOyHNtZXPcsU6vj8CZbAU + BxRes3h2rmqSbPB5pTkz7n3bPhQ3YYJpFkW7gIZ2I7R2O8FxQMwR7n+QL72F + ULV7FO13kAOKbGm/hkNoCfCW0AmaLO52v7lMPlMgbXqbX3i5wCj3auvz/O4R + hyGA90K+k3kf1/6oQlVrRf9fSiufVYoiihDeJ110FhRFB4mBxOHFJopz3A/H + 2POMF3BaLv38t+dYFtkCt7jNW2JCjv15VuplZIh3BYrPCzk0WyUIJ8OUpK4I + Wr5+eHO5voJC3KSOC6XkLGDIdYxdlsagNDTVjITPv9qMTf8to2sGRP5SYybe + RHGy0jBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC052YuUZgXpP5SSxLW + i0VDgDAmv/QiQgdEsqIxzX0VsA4Qn/JSE1QI14hUme9FSJEBRzN8+l9v3nlM + Sc10J34uuTQ=] diff --git a/hieradata/nodes/monitor.yaml b/hieradata/nodes/monitor.yaml index deed3b7..2a5515c 100644 --- a/hieradata/nodes/monitor.yaml +++ b/hieradata/nodes/monitor.yaml @@ -4,44 +4,59 @@ classes: profiles::base::admins: - jandd - law -profiles::base::crl_job_enable: true -profiles::base::crl_job_services: - - apache2 +profiles::base::crl_job: + enable: true + hostname: monitor.infra.cacert.org + services: + - apache2 + check_url: https://monitor.infra.cacert.org:5665/v1/actions/process-check-result + api_user: passive-check-submit + api_password: > + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBAD + AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAM31x48NC4B2agnpHt0hEzxLLJm + ADhYW0Lj3JuBNj+wpK8O4GkAf9L2OlOiNAIgiX5epzbUtvtB8ayQQ2+4yuNn + jkgfSDvPaGU+f0mFv0CjynUEDrf2rQzevFyIfnpzN9ZSnGw2/59tpS0LyJ6M + Yv3NmB0mdXzPWMrgCMt+G9i/l1s9yVjOw7p7V9prpUqD7hGKG0Fg7EeM7LFJ + 1ovxPDDar4ZlhooM6+W3Ov5n0y/3bYaPWv+VhcVmSQvWgJw6ZqP5jhpYTqSC + dr8urkIi1wfSSPeiNXhK+SQS/KFZOl9dmhj6QuereRyXX1H7X7fphVltADBq + S3mCbxlgEEPPgTbzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDlvyMRCV + MAziedXFk/L9XcgDDpzkgF8ybQ+aX31v25dTxzAPEnjuvaGY5njoUEbcpkOo + f0mf2So5a6xrylLZCcxrw=] profiles::icinga2_master::git_pull_ssh_passphrase: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEADAUF/OAtThNdlPwEwrPKAVwl+wTJbirFEWxL - rJzE1qe+NSncOqD+G6KNOBQRRXfv/sf81+AnTCahM1/kv5TPILrUgXoxW5c0 - IXC6OlDfaIab8kcC45wn2yj/igZnW1Xvix3n268pEfRnNDjUSFwrgbmaLtoV - ovDLZvQOlWntN8VUuYaDr66XRSEy4AGcmCMUms+6RQqdupWfOCrHtnTtVyyN - enQUKr0+ndlnzIkXiU4ghOjExFzGJ8BxGyKTMeQ72k2GZlDPUk72sixZ647k - f7CbzXToutyFqieOdNtkAKDY2T3ij03Wd3JhNWTu1Jbe4G/AQgsxiTwETdqh - /QgjjDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBKOeRdLS8fFyoc08hO - BnsVgDBWDpuwBbC31j4g02xKE0tbvazTE8zhkH6iS5mIrL3R5heLvDwquYia - pUh+MxqObAs=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEADAUF/OAtThNdlPwEwrPKAVwl+wTJbirFEWxL + rJzE1qe+NSncOqD+G6KNOBQRRXfv/sf81+AnTCahM1/kv5TPILrUgXoxW5c0 + IXC6OlDfaIab8kcC45wn2yj/igZnW1Xvix3n268pEfRnNDjUSFwrgbmaLtoV + ovDLZvQOlWntN8VUuYaDr66XRSEy4AGcmCMUms+6RQqdupWfOCrHtnTtVyyN + enQUKr0+ndlnzIkXiU4ghOjExFzGJ8BxGyKTMeQ72k2GZlDPUk72sixZ647k + f7CbzXToutyFqieOdNtkAKDY2T3ij03Wd3JhNWTu1Jbe4G/AQgsxiTwETdqh + /QgjjDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBKOeRdLS8fFyoc08hO + BnsVgDBWDpuwBbC31j4g02xKE0tbvazTE8zhkH6iS5mIrL3R5heLvDwquYia + pUh+MxqObAs=] profiles::icinga2_master::git_pull_tokens: - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAkVwRv0eW4NTYjfoKx2MVU9WeElhZQIc6CPUnPv4NEM2mUebo5pZg3cvf0fejPw55E33H8QELhMjaBvuOjbgPeA6uCxPMCBADkN6F+V4PRDDgUqtjr1tcA5U05ZEe2oOjOoVI0H2AjLZGevymxypdOCd582vKAApJDox2Hfl2aSuDYLslHYUyIqnECutQR7VgZuv84C/MmDY9J6/xsxesuIKEGRYvgW0DrYqCi4+SBNcFs3k/u2fnP+cXBnCzOp/CvYOwNl9Wkfolj0Ucbh7Afc2ian+ciH2vKODKXck5eUcBx+VrYFXyEJ45Hp/+taYluWClOoq4O6QH+P7yE3Jo2TBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCAlTDcDFyyZASZwDyijejegDA6wDKAij0JTyXb0+jxTATAD+Sxpp/BWbmJSvDuC5MpwziJfJsH1tvoM0JOPYapRkc=] profiles::icinga2_master::web2_database_password: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAIgd5qF6rnFWYhyo38MRacrz2VcYdoni/m8Zd - piYiYmGp2GaJZZEZC3svdYxRZz8vmXz1/V9PM8znf8E8z6ClbqF6urExUIf9 - Dl5+60UOyasp2iHngRG9fcKUBtPDqERlS04xD/CQup2XdDYEsaTrIIsnuOSc - Zut3vB1KSIerscLjLNUvZGanEwf1VGwzFU2rStIRFwgR9pDX/+gr/6T5+Ydd - rZrsvTClPKEKsJ7fQc/J+3fhphz8QlqYz0Yo2Yn/Ws9qvlr1O29cYTNJ5oj4 - xXB+VAeqCiTy0Bmud9W6FdHz61w5ylWjLRNT0qtW8bu/eFHCj6XTnBu4lorW - ocPHkTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDV+5TW/J23xVA6MGZo - zfzCgDBHbsaS9cJaGXgnZSKLOQwUlJmG7WgOL0FCgIEp8vYT8upZFuikokHH - vGkNL7s7xDw=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAIgd5qF6rnFWYhyo38MRacrz2VcYdoni/m8Zd + piYiYmGp2GaJZZEZC3svdYxRZz8vmXz1/V9PM8znf8E8z6ClbqF6urExUIf9 + Dl5+60UOyasp2iHngRG9fcKUBtPDqERlS04xD/CQup2XdDYEsaTrIIsnuOSc + Zut3vB1KSIerscLjLNUvZGanEwf1VGwzFU2rStIRFwgR9pDX/+gr/6T5+Ydd + rZrsvTClPKEKsJ7fQc/J+3fhphz8QlqYz0Yo2Yn/Ws9qvlr1O29cYTNJ5oj4 + xXB+VAeqCiTy0Bmud9W6FdHz61w5ylWjLRNT0qtW8bu/eFHCj6XTnBu4lorW + ocPHkTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDV+5TW/J23xVA6MGZo + zfzCgDBHbsaS9cJaGXgnZSKLOQwUlJmG7WgOL0FCgIEp8vYT8upZFuikokHH + vGkNL7s7xDw=] profiles::icinga2_master::ido_database_password: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAQVzlV3aXJTf54OReOA96VsrAPutFLx939Qf2 - pkjU4uzfh14wF6hCUBzJM3TsG8+EYFZmHQv7LqCbDQLfYVNs62sDlOBigWh4 - za1YWqewtuasrvqZdUKPD1tIyIGLh2+idv0/XJHpkv7nt/oVRoINZdzO+Afr - dbx6Dx6aFWpX98HLQdsw/G1X8o+YZwwklASfSXCw/1pGLsPWWYSoYjyD4N9U - eaOTiPQ2OLLnJtkAlyUMxTeq76iJw67vj0Vu8QqATZAoVU9rA/FnliMiYGrB - GC/c/ACt9A5HZ6orBlztCqFj8/Z61pyFH2+09jCxODdgebyLt+gRuVP6RZvC - XcFLlzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBB4LvLBDu+VZkAgtJ4b - nmt5gDBW4KHCxlUcs8bRo71HIiDcSMBOTahi2hMlzwNC12NZlIR2spYytjH4 - 2/8qhSpCx+U=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAQVzlV3aXJTf54OReOA96VsrAPutFLx939Qf2 + pkjU4uzfh14wF6hCUBzJM3TsG8+EYFZmHQv7LqCbDQLfYVNs62sDlOBigWh4 + za1YWqewtuasrvqZdUKPD1tIyIGLh2+idv0/XJHpkv7nt/oVRoINZdzO+Afr + dbx6Dx6aFWpX98HLQdsw/G1X8o+YZwwklASfSXCw/1pGLsPWWYSoYjyD4N9U + eaOTiPQ2OLLnJtkAlyUMxTeq76iJw67vj0Vu8QqATZAoVU9rA/FnliMiYGrB + GC/c/ACt9A5HZ6orBlztCqFj8/Z61pyFH2+09jCxODdgebyLt+gRuVP6RZvC + XcFLlzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBB4LvLBDu+VZkAgtJ4b + nmt5gDBW4KHCxlUcs8bRo71HIiDcSMBOTahi2hMlzwNC12NZlIR2spYytjH4 + 2/8qhSpCx+U=] profiles::icinga2_master::api_users: root: target: /etc/icinga2/features-available/api.conf @@ -60,251 +75,266 @@ profiles::icinga2_master::api_users: client-pki-ticket: target: /etc/icinga2/features-available/api.conf password: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAjrore6zK7GJXbP9FZ6ORUWvpt7FS2fXHiwB+ - ocTcmP7F8SnyCjYZ/a6S7eXPJVffZ6pZazozfUmW6HXOVFcSrZZdccEcZbFt - ZnQb9tp63BCHHGwqI/oj0jVdInaTXE1i4yQTjev/twzblmHIrEndfZnZzyAd - 61cnYuv8og5p5pccGYYoXBcPcguB9KtspfYL/eEwD4xNvqF/QlkAEXKZ5o39 - p9j24ao57Iwzy4o/dgI+MOr9NIMEtmXoIb3Ake3J7CaN26IuP22MTivFWf5p - 1vlMA69snYOifTKIw76eNACYCz+KA87dWDNEsR2OtCCbQ2EA1nrAXTdlYWdE - RmIpGTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAAs0An2QOnxac51GTU - gCG3gDAX0FOzW/oWi8c1PDIFb+0B4cTQRi9gP2fzugKu0bp0FBB7akZV6Zx0 - T5GP0WQAzU0=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBAD + AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAjrore6zK7GJXbP9FZ6ORUWvpt7 + FS2fXHiwB+ocTcmP7F8SnyCjYZ/a6S7eXPJVffZ6pZazozfUmW6HXOVFcSrZ + ZdccEcZbFtZnQb9tp63BCHHGwqI/oj0jVdInaTXE1i4yQTjev/twzblmHIrE + ndfZnZzyAd61cnYuv8og5p5pccGYYoXBcPcguB9KtspfYL/eEwD4xNvqF/Ql + kAEXKZ5o39p9j24ao57Iwzy4o/dgI+MOr9NIMEtmXoIb3Ake3J7CaN26IuP2 + 2MTivFWf5p1vlMA69snYOifTKIw76eNACYCz+KA87dWDNEsR2OtCCbQ2EA1n + rAXTdlYWdERmIpGTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAAs0An2Q + Onxac51GTUgCG3gDAX0FOzW/oWi8c1PDIFb+0B4cTQRi9gP2fzugKu0bp0FB + B7akZV6Zx0T5GP0WQAzU0=] permissions: - "actions/generate-ticket" + passive-check-submit: + target: /etc/icinga2/features-available/api.conf + password: > + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBAD + AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAM31x48NC4B2agnpHt0hEzxLLJm + ADhYW0Lj3JuBNj+wpK8O4GkAf9L2OlOiNAIgiX5epzbUtvtB8ayQQ2+4yuNn + jkgfSDvPaGU+f0mFv0CjynUEDrf2rQzevFyIfnpzN9ZSnGw2/59tpS0LyJ6M + Yv3NmB0mdXzPWMrgCMt+G9i/l1s9yVjOw7p7V9prpUqD7hGKG0Fg7EeM7LFJ + 1ovxPDDar4ZlhooM6+W3Ov5n0y/3bYaPWv+VhcVmSQvWgJw6ZqP5jhpYTqSC + dr8urkIi1wfSSPeiNXhK+SQS/KFZOl9dmhj6QuereRyXX1H7X7fphVltADBq + S3mCbxlgEEPPgTbzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDlvyMRCV + MAziedXFk/L9XcgDDpzkgF8ybQ+aX31v25dTxzAPEnjuvaGY5njoUEbcpkOo + f0mf2So5a6xrylLZCcxrw=] + permissions: + - "actions/process-check-result" profiles::icinga2_master::pki_ticket_salt: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAq7zw5VVeKvukhSo2g3YK/7fIUC5JbyTrX2XI - vAoB7RP2eoEXJRcZG71BNJRMXYlfRwZF31GKAx6zCnvSG8LPpl8Z7D8rNFi+ - Xw0ftUPE0A2WjMuX2ZPjwFRpQB5cuR0DRqvHoWzkyiePbhE62vRYxLamTT92 - 1f2FpBM42PIkyD+o9+Bu+1eUXFf4Bvg/srDq+clDQEUJEH9Zk0boUR0aYNzu - 7O1PW/QSMCvIRXnmhRQr4MoeHQmgK52JxssdISEEBPpjL/oQyJ57XjgDh55c - 8/gkj+L/p+E/TnE358x5FAm1PNSivH+uohXCxfMu87ukpBJh41tzfI7KBWxY - wEtKajBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC71KjJDv29zuAaxnyH - o3uJgDDydzmhZKEQxhkFNW9TNquxCTXdfPZ/zYPb/TqWq3amcnQwoqNltz+5 - QoSf/2LDk4o=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAq7zw5VVeKvukhSo2g3YK/7fIUC5JbyTrX2XI + vAoB7RP2eoEXJRcZG71BNJRMXYlfRwZF31GKAx6zCnvSG8LPpl8Z7D8rNFi+ + Xw0ftUPE0A2WjMuX2ZPjwFRpQB5cuR0DRqvHoWzkyiePbhE62vRYxLamTT92 + 1f2FpBM42PIkyD+o9+Bu+1eUXFf4Bvg/srDq+clDQEUJEH9Zk0boUR0aYNzu + 7O1PW/QSMCvIRXnmhRQr4MoeHQmgK52JxssdISEEBPpjL/oQyJ57XjgDh55c + 8/gkj+L/p+E/TnE358x5FAm1PNSivH+uohXCxfMu87ukpBJh41tzfI7KBWxY + wEtKajBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC71KjJDv29zuAaxnyH + o3uJgDDydzmhZKEQxhkFNW9TNquxCTXdfPZ/zYPb/TqWq3amcnQwoqNltz+5 + QoSf/2LDk4o=] profiles::icinga2_master::ca_certificate: | - -----BEGIN CERTIFICATE----- - MIIEyjCCArKgAwIBAgIVAMGxGJbZJq/vXMuXAnAC8QvFtvhMMA0GCSqGSIb3DQEB - CwUAMBQxEjAQBgNVBAMMCUljaW5nYSBDQTAeFw0xOTA3MTkxODIwNDVaFw0zNDA3 - MTUxODIwNDVaMBQxEjAQBgNVBAMMCUljaW5nYSBDQTCCAiIwDQYJKoZIhvcNAQEB - BQADggIPADCCAgoCggIBAMh+p0jach/6ICsP/o01nku28g0jFB/HSp5n/WZjzykW - MvgvYc/1lEaiuIeB93AobGB3EACNw2/Xfh1deRGP8UsIOIjeeUibfk0i4SOmFBRb - 0ZmwUeNVygY7rmhO+fwTPi6bb2+AA50RkDP7jTpwaQFxppziTXUqW8mj0LBSLtNL - z8dC2YS/JLKSoNyHupQcL+pHVHO5S9QnFWTnhwIbnWSJTG13BOYw/RUz6WcxFDHl - Xi/lprjcorBUDsH5YBfy+/2WJ0MZFqRnCPQKb5oilR1/k+9XpmFz8W98KCujjpNm - BEantf7OaaYFIxxoWyrGC1RiMnkSQwa9Pcxgwflca5UC1fW0Jx2zsgDscdWp+Xeo - lhYtyHa6upgny66SvekjM9mAm6vtlsBplxYZtz6BgqoxXqk0AwAwiU/9nyXGekAp - FPMmENBLZvANuA6hdaMJQpOoyHBDOT8teoIJOut92ptk5bVE4gxwcWc1uFCP05nr - gA8iTXnabihXbm2Wb8kk/+34wEru5jpwMh1NEH/TvaqPnly/dBHkmEhJquYyoZFS - ttKl64XXdy9HGaTaA6b3dQPeZqHbmadRZzcsxjn+zP8Nu8OTZ4HXkAJ2e3nxlRKs - 2EaZDJK4SoNBvvkYLScLLYH5X1uC2gs6AHiQDiczQYxMqai5pEnrLHO7B/pE+d/1 - AgMBAAGjEzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAGYh - pqAK55ei8+S+rXt1wQbejAphJ2GtTft8XjlfVbpk7s7wd/Wt0gLAs4dvPPI1U0k9 - N6E5WJrn31QbaXHFDwdxFw1ViLxDmepAp+Kp3pQE5bPNjo5e6iwgOGVB20R20ADo - foUfk5u6WfGGSJznDkTTdoYdSsHm1d1nsZKt0i2QFnLEIEBOJW4gwY4LiW7ArfYS - 21Ji9VLgKxF9We4Y0ppY+7rU8r/aNDrYv0Ghe+IA0+k8KoTGuhBXzxfwUUZ+1+yA - JYSmxFzhPJCdwRX3IBn4uTVMRlugntgpmB7m5RyW18MUlAw52Ppe5EtOke1lxxh0 - G5KYt+pKPnkOVj2LRLvOcAOO47i42q+3P4m2elkPHTrI2JmnTwWNjpkNNc4LeFXs - 3HE3SoSvXvImabhBfioqThVMAEEjrtkAQSOFg281vaIgUPbwqcVmbOHv/2Cow0xw - gYrp+hB0hhf5rpYi1SMLTKIQUJT6CKnIgN9KHMwcz6Zq4WcshXQxZZrazXomJJ9k - WKBpvys1Mfn0Y+phqmCXW7D9Yh1T32pnyOTm8kUonBhIoDEwYN5v175ySw8jjiUD - Dlkc/kuv3szLVWx63FvOPc6ra9rmmdwmDaVTd9fGlo/NrquCQOGu59hiACPept+I - y+bP1kZ0Z+5qrmlX0zrcLspzXOyY0VX/YZ3unzyp - -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIEyjCCArKgAwIBAgIVAMGxGJbZJq/vXMuXAnAC8QvFtvhMMA0GCSqGSIb3DQEB + CwUAMBQxEjAQBgNVBAMMCUljaW5nYSBDQTAeFw0xOTA3MTkxODIwNDVaFw0zNDA3 + MTUxODIwNDVaMBQxEjAQBgNVBAMMCUljaW5nYSBDQTCCAiIwDQYJKoZIhvcNAQEB + BQADggIPADCCAgoCggIBAMh+p0jach/6ICsP/o01nku28g0jFB/HSp5n/WZjzykW + MvgvYc/1lEaiuIeB93AobGB3EACNw2/Xfh1deRGP8UsIOIjeeUibfk0i4SOmFBRb + 0ZmwUeNVygY7rmhO+fwTPi6bb2+AA50RkDP7jTpwaQFxppziTXUqW8mj0LBSLtNL + z8dC2YS/JLKSoNyHupQcL+pHVHO5S9QnFWTnhwIbnWSJTG13BOYw/RUz6WcxFDHl + Xi/lprjcorBUDsH5YBfy+/2WJ0MZFqRnCPQKb5oilR1/k+9XpmFz8W98KCujjpNm + BEantf7OaaYFIxxoWyrGC1RiMnkSQwa9Pcxgwflca5UC1fW0Jx2zsgDscdWp+Xeo + lhYtyHa6upgny66SvekjM9mAm6vtlsBplxYZtz6BgqoxXqk0AwAwiU/9nyXGekAp + FPMmENBLZvANuA6hdaMJQpOoyHBDOT8teoIJOut92ptk5bVE4gxwcWc1uFCP05nr + gA8iTXnabihXbm2Wb8kk/+34wEru5jpwMh1NEH/TvaqPnly/dBHkmEhJquYyoZFS + ttKl64XXdy9HGaTaA6b3dQPeZqHbmadRZzcsxjn+zP8Nu8OTZ4HXkAJ2e3nxlRKs + 2EaZDJK4SoNBvvkYLScLLYH5X1uC2gs6AHiQDiczQYxMqai5pEnrLHO7B/pE+d/1 + AgMBAAGjEzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAGYh + pqAK55ei8+S+rXt1wQbejAphJ2GtTft8XjlfVbpk7s7wd/Wt0gLAs4dvPPI1U0k9 + N6E5WJrn31QbaXHFDwdxFw1ViLxDmepAp+Kp3pQE5bPNjo5e6iwgOGVB20R20ADo + foUfk5u6WfGGSJznDkTTdoYdSsHm1d1nsZKt0i2QFnLEIEBOJW4gwY4LiW7ArfYS + 21Ji9VLgKxF9We4Y0ppY+7rU8r/aNDrYv0Ghe+IA0+k8KoTGuhBXzxfwUUZ+1+yA + JYSmxFzhPJCdwRX3IBn4uTVMRlugntgpmB7m5RyW18MUlAw52Ppe5EtOke1lxxh0 + G5KYt+pKPnkOVj2LRLvOcAOO47i42q+3P4m2elkPHTrI2JmnTwWNjpkNNc4LeFXs + 3HE3SoSvXvImabhBfioqThVMAEEjrtkAQSOFg281vaIgUPbwqcVmbOHv/2Cow0xw + gYrp+hB0hhf5rpYi1SMLTKIQUJT6CKnIgN9KHMwcz6Zq4WcshXQxZZrazXomJJ9k + WKBpvys1Mfn0Y+phqmCXW7D9Yh1T32pnyOTm8kUonBhIoDEwYN5v175ySw8jjiUD + Dlkc/kuv3szLVWx63FvOPc6ra9rmmdwmDaVTd9fGlo/NrquCQOGu59hiACPept+I + y+bP1kZ0Z+5qrmlX0zrcLspzXOyY0VX/YZ3unzyp + -----END CERTIFICATE----- profiles::icinga2_master::ca_key: > - ENC[PKCS7,MIIOHQYJKoZIhvcNAQcDoIIODjCCDgoCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAndhxooQI/m9cfD6jfWVHSce7ePzRwpt8F4qy - j4SrGT4OWsGYVSDoql2l/w0SGKaw68zBCYJhaI48EvztPsJIO1VwCGjhYbpj - R6gAemOpmYAXMoD+2uei+ZSHwyyNZraXHUwYnJVLKSzAGAkhr7XWv/L4+s9+ - kEOCnEmJ84I40hPKnwuY4VTaMmq3UzI4KvS0pFx5j7c3GnX5XRcP+LcuyrxB - eE2tC6G+naiGjXL9M/V+vUPT21sfaRuCXRZHnkzP6gOiGiCCTevAyjbPH2fc - rBXGGg/et2IFZIEIdEMIH0DUIO10D8S1l526ODWxCWwnD8CmfnDxYajHdW3s - DO0PEjCCDN4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEENJfLNIsVAoEd0lc - lXN6TiOAggywLP849H4ful3AaaT/IxQF0L5R9ohoTsyVjIOkSX1c7MXTK7tg - uILL/LlqZWSsY9uE2glTFPXZR83DgArMF335+wNBDwhLVAUdf0b+BE8m7Lpg - DGMomJNgqFtDjNqvX6i3O6RH0Iz/zjwKDTHuWtBq739VE1d3x3IU7gNq64MN - oYA83C81YLys73la+ETrruAYUR+qxUNn+DdU0r894wHtSWrRQ4nIN5algsBI - mJx/k5pmii2k5bWhPAM6FMsJfaUKHRTz5r1ngHry+LcOFzotGmDhFsndqaKv - FBnP9tC7v3JlMzcMVN5hI4oZXkURsiZMuFK19UClf6+50qh0VIp6u5xG4tcb - t8zumv1wWySZnRNFgF4eXcvDY8w4G0nyaYreN5JcP/vE6OFXGqu2hqi0/Dl3 - 9Y9775N8YphqZBWZdCPFVEA0eh3aC1zhLeM9wo00koDTjaALs9Vp7CSsA4j3 - G/Y3Mq2muQmiz9vxcgLc+x6ooD2BKIgveZmLr49zEd4kmHThkhZbj4l8ZCBl - 7GVRuLleV/D/zXEpejPuFd/rd0dHV0qkKdbjEHi4gjr5ZXcU/ZyAs+kyTk1O - 3OUxMVId487I5F/oUh4MkwqNJp1Fc8mKed/AYmB0bEG7aCvJGcK+G4LynTAZ - R2/XqVDq3wp3hfaEgwaVANpf+7z4Du+K5uqGlwkrzUov6wSgfNV84ddus/on - tLSqeeW8NFVnVaUw3mnfs+H/c+MLZvxYhLEELjfzHYsZEr/KwPgULoak60LZ - bjtsWI1ruI+YJu9F2f+PckOZyfwLEb19vLTJnyBYYZ6gCqWxGsgjDVL6G4V9 - /WcfrjrU0TopfPoPMtPlKRkltxef4xoSchcONQBwKNn6CJKkZSJHZ5WlciiM - BSdcKJj+fA8h/EXvZ3DVP1ka9PSEN3WU7REon9IWi74iLZOlzDRs0bCW4nhD - pphj67QfW0fpCbphw4RkYSp7WCe+s+GpRIKyg6KbM4wEVawqoTjWsvDSflcJ - CX7joJhvjdepWWwWX1yfX5lwFi1vqexGME0XtYVWrKItSKfVAbqRmDNx6GjJ - fImihwy7fhVsOtvDgo+nIGn779TfMvy6yQAWQ3cbGGg89mCHVumVEfn9nj3k - 14IMF97GHNTNSUIzCUw88DxjWVDyuqJNtpwNCFdorRpH1d3p3pEHM5GGvIFI - hkVdDmFgKPUpavEX+MBVP+INGvfQA8NFsTd14vaS3we48dH+BxMsp9omZlnJ - fZWcBlcsTlAf1mLjMqgkOy46b2+61MXVp/EkU1t+JOiHiVmT+SEloof4W+ti - xRxFOA9r2+k5iwprEJokojethAR/rZhMeq/U3mPeU4veo0uvdMNzSOeEejXV - ALcLridts1/tT+ggj7EPUThmxjO/iI5SF/HjFBOAy0vmBjfTCX6y52W3RpBf - Jk6e261a8fwaD8jEYJy/x7nbvBj1+yUhvHzvPsowQ1lIN6DLugg8aCyNprlB - r9/P4rj6t/cmFJrorMi9yoyk5oekQlg/OkQBu+vyvVjIvVmHhmZ5yGl26TUt - wJja48XhSE+S7arDKbZqDZro+/lALluOtdwpW8twwlaYmEBG0IPgm5PWtq6T - sRMpLGfUnhJrjGST0l9jOswgdngvW4gbcmKuN1HCEi/soj2QIcMEwRHRr4er - gECzO/TbL+OIt4I24TfQJhstfOd/s5rgGyuuhtd8Z83QCeUoZl3QmyYWzaNK - 6QKwdLZQAgrOPKnCE9Vp7lC0/NyjYWlFt0Cm48kJtAdv1pbV8I/W6QkoQHmU - Tx9XBuJPFspXmpZDrVNQvCBvM3Q/zTLDo4bh4EP6BP0US3GwPCH7dIqaqiIT - wi++3XeHtXhpJC5+D66Qy8WfAxhvCPIpufI8rjVl+DyzOikT7Uy5GCg7uhM7 - 3W/n8HBk2kOMq4EJOp5iq0Aa1zspi32oPTP/4VM3zq2J8TxgaWAWt6vY3K7Z - DeJesj8YWHLisCyjwjeShrCr7D6nmkmXCzl+m4/NF9Wqgk9RSPIE3RFYAa5A - 90dCj/mihDT01Dzt6D2TRBrGiXv8GX+Axt1OJDbJLESorqjkKq7+5qIiKA3+ - QSyWL2k/TNdTuXbk4s0ZC6/Zkagxysn2K5skngiKYIil7LuJVs+aQ9ZeEqXP - G8/kGX3m/Icg1XeKYjdkbnhTS71Jr40rrqXGzD7JmIxF9NvVyKweUOfDomPV - 7+/Ig3orrNn85oWpz1I0dNDuF3RPa0JLrSoSymRs7iygP13AlQJ4pXSqQ5JA - X66BD7GASdcMVcJkI5DH1vcLHWgqJLTOoSDl4SQLzcbksdFGDXcbtzppHLeV - wwfMiuiK3McgXJyAHMiRPMyGuzc1NViDROG8ysa1RaygVMeosNp/BZigCAPK - DGODa4C8LoQp5ynSPaLkPdCi+7lk/0UrIDgBaXnYHO1L1LA0ecwQsb02K789 - SmsZLX5iFgSPoREJXn/VQpJH+Td0bl2uZa6Rf0W7pmz34HnapiSln28VaTpe - OA04FC1JbQiV6DoU22iBz+gBlz4C1YtoZ0QrPrrpSr3SlVr6wZj7IrgBaKL+ - I7Bu1gA42UpgQ2Loy86rNtZOHNhruYRfW6k1TZxIHNFLFfs30XfMIfoGp8tg - +o3cxrN9vvRuLEUthPsosU6F5c7Y+1FOc9kJLzw6JVOOxpqAgHl2es8gJh5B - ni5q906VAy+UGsc6KF2cj5m0ZaszZxF/TC+mVmJqE1jv74eqdOqNeGE7O+US - IdCtJrtn4Uew6AXjo5bQsIBGM/I1OAF67ossbsjIJHmT1kKy1Rec7JlkZs7B - EXVS5h3nROi/3ImCnqdf+HaZw3xsWaHs17JekLbE+7mSuidU1XCvVFxChN1s - HILG6xuf2oh3f1KsxqgR0OOyiNf5XikgkAn71lCT0DSd1K69uEzCyfsgfRMf - pmtmLeB/Xn+SQAlCxxgeeDwcc/tao2G015weu3t9fs1LRsFCiF0Q66yVr8kp - dJ/lfTNkr6oFz0e20D0ZsjOOGIJDZHlA6fz9hiIz4VHMUrt+JHdPMiIwIGaA - tXGkHU+od8fp7QsQJ+Es1L4wEHO7D18RzZzqoJUShkdDOELTy+kb3cI++o26 - 0pD7FwsN9LtqHi7fh8dzetBOKWpVEkOVoEjYX3RBPZHimUJfTC9prG+SsyI9 - KrJNmBrd4/sWadfHGInht2xaAfcdpOqF7BsXGWeM8zuythAyy5dyg9w31oLL - hszXRQD/aIxrmXhT0Fp3j53gIHqH9o/kBvMd81OqfnWsgqwMxgH4x7l5+zbA - LpWBuJNP9rNQYKnWtgmLXAefYPDb0MddluyhuhQrkOZMGN8sJXj/0ZOhb/Hy - gM1RBr9Qx2YI7YsBZgZ+27nwOH6AXZtzCktMin9C/fxh+e4/YdUMtA3ciOmR - WH1itD+tA3enNBpLuiL7qs0a51AXBWtjj8nQD+CK4dRMTvP+tUuV06ghgmgs - VyvfeSd2DU2szu6BR5WTfg0jUxy09zWnK2Hc3eazGrJR3rg/BL8EKv9DTOXT - US/LJrmzdFH3T7qdtHm9gX1OPYxNIPUOL6i3HxRIQ/iPpAqQpWCZtIzgOXzh - 9AsKT4INrUBVdYGl+ox6WaPzJ/2ZyWduOTP3PxopBXD5khn+y6Kl96W0CaR1 - A7VEMLHnrx++cYJn3S1Y0S4QLyvgZe27HIoA47Xx6RT2lxb++wxefIs3U+hJ - 98eBY8MMUWng3t4RoCYMQpMgh0q4VuKkQDJsdE2yW7elRWG3tfAW5AR6P2pu - jg4pclb3nFEDNWaKTtgYjtLljy6zBKqC2FUASNMeqs+YQC/ZR5v+monKt1Mf - H5ZIJFAojQ+J9ce6GVC82+wqolVKCnzI0pJAJ5iXhiiNLxZBfO5NdYCEMg6U - plW4nyl/0UrYI6p8VuMMFMZStf6QMPY+Gyz2/3jDdWH7CEaSrrHba1iz69jg - F24Ts8m7BQefJhKsBwxbhCJisijfp0Q2Wrwi9p3upzalYQqG6Il/cr0b6NMv - ZFoFMO0YlM6sEpGrs/mMEgoiSlPXVMciRpV4PWLiZMqRTmnsxnHPKCeMEkwq - DPOcDtcL1RUiFiohwx345kNwKqeu5VO43A2v6ppFdTaE3N1v2ws8X+/3JEXn - d1i7bkBQjer0NQEOnVCxrO+uOOOVvmtUkVk8QJi9oCBQMUJJ3gm9HZXwvEYV - QHfjLm7Vy2L/2vsAqJHmaYwLJbnCO4KbCGzoLFBBE2gz17wYIPIgDbVxjNRu - W1HABIXMJ8IEQJnN9mDYZWjUsutf8FRFsfAPMoAGX5M5tLVrTUQbXUjtpJ6v - RA3cuu7epXa+RGV/NdgBV1k=] + ENC[PKCS7,MIIOHQYJKoZIhvcNAQcDoIIODjCCDgoCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAndhxooQI/m9cfD6jfWVHSce7ePzRwpt8F4qy + j4SrGT4OWsGYVSDoql2l/w0SGKaw68zBCYJhaI48EvztPsJIO1VwCGjhYbpj + R6gAemOpmYAXMoD+2uei+ZSHwyyNZraXHUwYnJVLKSzAGAkhr7XWv/L4+s9+ + kEOCnEmJ84I40hPKnwuY4VTaMmq3UzI4KvS0pFx5j7c3GnX5XRcP+LcuyrxB + eE2tC6G+naiGjXL9M/V+vUPT21sfaRuCXRZHnkzP6gOiGiCCTevAyjbPH2fc + rBXGGg/et2IFZIEIdEMIH0DUIO10D8S1l526ODWxCWwnD8CmfnDxYajHdW3s + DO0PEjCCDN4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEENJfLNIsVAoEd0lc + lXN6TiOAggywLP849H4ful3AaaT/IxQF0L5R9ohoTsyVjIOkSX1c7MXTK7tg + uILL/LlqZWSsY9uE2glTFPXZR83DgArMF335+wNBDwhLVAUdf0b+BE8m7Lpg + DGMomJNgqFtDjNqvX6i3O6RH0Iz/zjwKDTHuWtBq739VE1d3x3IU7gNq64MN + oYA83C81YLys73la+ETrruAYUR+qxUNn+DdU0r894wHtSWrRQ4nIN5algsBI + mJx/k5pmii2k5bWhPAM6FMsJfaUKHRTz5r1ngHry+LcOFzotGmDhFsndqaKv + FBnP9tC7v3JlMzcMVN5hI4oZXkURsiZMuFK19UClf6+50qh0VIp6u5xG4tcb + t8zumv1wWySZnRNFgF4eXcvDY8w4G0nyaYreN5JcP/vE6OFXGqu2hqi0/Dl3 + 9Y9775N8YphqZBWZdCPFVEA0eh3aC1zhLeM9wo00koDTjaALs9Vp7CSsA4j3 + G/Y3Mq2muQmiz9vxcgLc+x6ooD2BKIgveZmLr49zEd4kmHThkhZbj4l8ZCBl + 7GVRuLleV/D/zXEpejPuFd/rd0dHV0qkKdbjEHi4gjr5ZXcU/ZyAs+kyTk1O + 3OUxMVId487I5F/oUh4MkwqNJp1Fc8mKed/AYmB0bEG7aCvJGcK+G4LynTAZ + R2/XqVDq3wp3hfaEgwaVANpf+7z4Du+K5uqGlwkrzUov6wSgfNV84ddus/on + tLSqeeW8NFVnVaUw3mnfs+H/c+MLZvxYhLEELjfzHYsZEr/KwPgULoak60LZ + bjtsWI1ruI+YJu9F2f+PckOZyfwLEb19vLTJnyBYYZ6gCqWxGsgjDVL6G4V9 + /WcfrjrU0TopfPoPMtPlKRkltxef4xoSchcONQBwKNn6CJKkZSJHZ5WlciiM + BSdcKJj+fA8h/EXvZ3DVP1ka9PSEN3WU7REon9IWi74iLZOlzDRs0bCW4nhD + pphj67QfW0fpCbphw4RkYSp7WCe+s+GpRIKyg6KbM4wEVawqoTjWsvDSflcJ + CX7joJhvjdepWWwWX1yfX5lwFi1vqexGME0XtYVWrKItSKfVAbqRmDNx6GjJ + fImihwy7fhVsOtvDgo+nIGn779TfMvy6yQAWQ3cbGGg89mCHVumVEfn9nj3k + 14IMF97GHNTNSUIzCUw88DxjWVDyuqJNtpwNCFdorRpH1d3p3pEHM5GGvIFI + hkVdDmFgKPUpavEX+MBVP+INGvfQA8NFsTd14vaS3we48dH+BxMsp9omZlnJ + fZWcBlcsTlAf1mLjMqgkOy46b2+61MXVp/EkU1t+JOiHiVmT+SEloof4W+ti + xRxFOA9r2+k5iwprEJokojethAR/rZhMeq/U3mPeU4veo0uvdMNzSOeEejXV + ALcLridts1/tT+ggj7EPUThmxjO/iI5SF/HjFBOAy0vmBjfTCX6y52W3RpBf + Jk6e261a8fwaD8jEYJy/x7nbvBj1+yUhvHzvPsowQ1lIN6DLugg8aCyNprlB + r9/P4rj6t/cmFJrorMi9yoyk5oekQlg/OkQBu+vyvVjIvVmHhmZ5yGl26TUt + wJja48XhSE+S7arDKbZqDZro+/lALluOtdwpW8twwlaYmEBG0IPgm5PWtq6T + sRMpLGfUnhJrjGST0l9jOswgdngvW4gbcmKuN1HCEi/soj2QIcMEwRHRr4er + gECzO/TbL+OIt4I24TfQJhstfOd/s5rgGyuuhtd8Z83QCeUoZl3QmyYWzaNK + 6QKwdLZQAgrOPKnCE9Vp7lC0/NyjYWlFt0Cm48kJtAdv1pbV8I/W6QkoQHmU + Tx9XBuJPFspXmpZDrVNQvCBvM3Q/zTLDo4bh4EP6BP0US3GwPCH7dIqaqiIT + wi++3XeHtXhpJC5+D66Qy8WfAxhvCPIpufI8rjVl+DyzOikT7Uy5GCg7uhM7 + 3W/n8HBk2kOMq4EJOp5iq0Aa1zspi32oPTP/4VM3zq2J8TxgaWAWt6vY3K7Z + DeJesj8YWHLisCyjwjeShrCr7D6nmkmXCzl+m4/NF9Wqgk9RSPIE3RFYAa5A + 90dCj/mihDT01Dzt6D2TRBrGiXv8GX+Axt1OJDbJLESorqjkKq7+5qIiKA3+ + QSyWL2k/TNdTuXbk4s0ZC6/Zkagxysn2K5skngiKYIil7LuJVs+aQ9ZeEqXP + G8/kGX3m/Icg1XeKYjdkbnhTS71Jr40rrqXGzD7JmIxF9NvVyKweUOfDomPV + 7+/Ig3orrNn85oWpz1I0dNDuF3RPa0JLrSoSymRs7iygP13AlQJ4pXSqQ5JA + X66BD7GASdcMVcJkI5DH1vcLHWgqJLTOoSDl4SQLzcbksdFGDXcbtzppHLeV + wwfMiuiK3McgXJyAHMiRPMyGuzc1NViDROG8ysa1RaygVMeosNp/BZigCAPK + DGODa4C8LoQp5ynSPaLkPdCi+7lk/0UrIDgBaXnYHO1L1LA0ecwQsb02K789 + SmsZLX5iFgSPoREJXn/VQpJH+Td0bl2uZa6Rf0W7pmz34HnapiSln28VaTpe + OA04FC1JbQiV6DoU22iBz+gBlz4C1YtoZ0QrPrrpSr3SlVr6wZj7IrgBaKL+ + I7Bu1gA42UpgQ2Loy86rNtZOHNhruYRfW6k1TZxIHNFLFfs30XfMIfoGp8tg + +o3cxrN9vvRuLEUthPsosU6F5c7Y+1FOc9kJLzw6JVOOxpqAgHl2es8gJh5B + ni5q906VAy+UGsc6KF2cj5m0ZaszZxF/TC+mVmJqE1jv74eqdOqNeGE7O+US + IdCtJrtn4Uew6AXjo5bQsIBGM/I1OAF67ossbsjIJHmT1kKy1Rec7JlkZs7B + EXVS5h3nROi/3ImCnqdf+HaZw3xsWaHs17JekLbE+7mSuidU1XCvVFxChN1s + HILG6xuf2oh3f1KsxqgR0OOyiNf5XikgkAn71lCT0DSd1K69uEzCyfsgfRMf + pmtmLeB/Xn+SQAlCxxgeeDwcc/tao2G015weu3t9fs1LRsFCiF0Q66yVr8kp + dJ/lfTNkr6oFz0e20D0ZsjOOGIJDZHlA6fz9hiIz4VHMUrt+JHdPMiIwIGaA + tXGkHU+od8fp7QsQJ+Es1L4wEHO7D18RzZzqoJUShkdDOELTy+kb3cI++o26 + 0pD7FwsN9LtqHi7fh8dzetBOKWpVEkOVoEjYX3RBPZHimUJfTC9prG+SsyI9 + KrJNmBrd4/sWadfHGInht2xaAfcdpOqF7BsXGWeM8zuythAyy5dyg9w31oLL + hszXRQD/aIxrmXhT0Fp3j53gIHqH9o/kBvMd81OqfnWsgqwMxgH4x7l5+zbA + LpWBuJNP9rNQYKnWtgmLXAefYPDb0MddluyhuhQrkOZMGN8sJXj/0ZOhb/Hy + gM1RBr9Qx2YI7YsBZgZ+27nwOH6AXZtzCktMin9C/fxh+e4/YdUMtA3ciOmR + WH1itD+tA3enNBpLuiL7qs0a51AXBWtjj8nQD+CK4dRMTvP+tUuV06ghgmgs + VyvfeSd2DU2szu6BR5WTfg0jUxy09zWnK2Hc3eazGrJR3rg/BL8EKv9DTOXT + US/LJrmzdFH3T7qdtHm9gX1OPYxNIPUOL6i3HxRIQ/iPpAqQpWCZtIzgOXzh + 9AsKT4INrUBVdYGl+ox6WaPzJ/2ZyWduOTP3PxopBXD5khn+y6Kl96W0CaR1 + A7VEMLHnrx++cYJn3S1Y0S4QLyvgZe27HIoA47Xx6RT2lxb++wxefIs3U+hJ + 98eBY8MMUWng3t4RoCYMQpMgh0q4VuKkQDJsdE2yW7elRWG3tfAW5AR6P2pu + jg4pclb3nFEDNWaKTtgYjtLljy6zBKqC2FUASNMeqs+YQC/ZR5v+monKt1Mf + H5ZIJFAojQ+J9ce6GVC82+wqolVKCnzI0pJAJ5iXhiiNLxZBfO5NdYCEMg6U + plW4nyl/0UrYI6p8VuMMFMZStf6QMPY+Gyz2/3jDdWH7CEaSrrHba1iz69jg + F24Ts8m7BQefJhKsBwxbhCJisijfp0Q2Wrwi9p3upzalYQqG6Il/cr0b6NMv + ZFoFMO0YlM6sEpGrs/mMEgoiSlPXVMciRpV4PWLiZMqRTmnsxnHPKCeMEkwq + DPOcDtcL1RUiFiohwx345kNwKqeu5VO43A2v6ppFdTaE3N1v2ws8X+/3JEXn + d1i7bkBQjer0NQEOnVCxrO+uOOOVvmtUkVk8QJi9oCBQMUJJ3gm9HZXwvEYV + QHfjLm7Vy2L/2vsAqJHmaYwLJbnCO4KbCGzoLFBBE2gz17wYIPIgDbVxjNRu + W1HABIXMJ8IEQJnN9mDYZWjUsutf8FRFsfAPMoAGX5M5tLVrTUQbXUjtpJ6v + RA3cuu7epXa+RGV/NdgBV1k=] profiles::icinga2_master::master_key: > - ENC[PKCS7,MIIOTQYJKoZIhvcNAQcDoIIOPjCCDjoCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAutSMdSCHNMnSQAidQt5A5eXTNNvVU1BsJxTb - lXX37CV5XjtRao7+B/hl8/QXXOf5neNCh/Q5yRcr47cyJnb4zFcJrIluWHeF - OSN4fDPogxIBixupVwWuEmxfDGUd+3QRmL8gEBXHVntzQPRW2AR7bgTldFy4 - d6XpVnFSGLkH2C/RdWeCnKsgumbBITo0mJnNvHB7H7tPHxMMvsIbJvmqu9lC - OxJPZXIXnY6TlLuuIPiHpzrGsToB4dKrUYlQ9Y9KHHFN2NCRfMUNZkAd7vLR - ZLzTFq7XK3CaDqmAMWisbI2kBHf7GAkZJky+vxeRRsJ2B2JREw/JmqF5tD+Y - aVZz9DCCDQ4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEECubd68R7PosC6nC - SnB2SqCAggzg3aZRHoxfBmvg91xRcWB2UKb2azHGHfHjatP7dcL5EQ3l8JGd - fwzaUkb92HEtLBV9VqlNEnuZS3MKRxZGJFTtZ/P/Sg+gla5BEHgSX6YnGW41 - s1JulZDqkrSecpnBQ3j+w9apExWv4dHFJJ4jlR+S1GaPh4RaKZisozc0Ln7+ - zTZKKRWl/NCDPIw4+gpPpAWVH2xGpmUAv/kW1BGw1WQJDvr5sZ0+TgYybQbu - 24PI7u59wvyHiQx/qNmlk11AAw2ysvTG9hbwc0JrfbinV6eE6ibB/tloQNAl - /eGeNxxwOIKRFMQanWzsCUctdbUJxDoIyMBnFEf8muiLW/t4IND7+D/jK+wb - UnwKsZJv9uwzgGAAy2RANTDoOjPnxAN1Ikx9TapGd/TnyN1LvwGKw2YbqgBX - dyUqanIrHgr4SVvCr71Acw8qbUvt6NPMIgEAmF7+JD2J220WxpUu3yqYD9aS - i0XCmTW03ObUQVqJaW/weO7PzaPcN7hhHt/XnJC/ezXCpQl8+yc3cKyjUJY1 - NI2RHztyp6Oill4FvBAkc1XAyVQGy8bpkAYh63ozQPuv9GlaCeL51/PYa6K9 - AGHXPh7Zf96hpeY0qNyW3W6vu8gvL3ApGUxkI+dimC/wfwQuR5969aCYxNtu - siRVEUHXpIEZcGqP6dFDHieu3XC3/Dq9EPUvQ2gMO8M/SKAa4t0Ga5u2nvhD - xKO/UdbnP1SD9sBiL6Tlqp+iw3K+7opCho+2mJ5Z6+finL5I4ih9pNW/BONM - TN0J9ySDA7fFBMCM0mMlgkvd6/xts63tq8TxNn3SpJxL7RZTp2DDu8aH+gto - e1nDtg+f4LJwBbCpLNbN6G0Blq5IMoo0jTDuddJTig6/xaY1AcrKIWI8ZqHR - FAaFRJw0mhpn3R6psrEU464tvKQD5jQtlwUkYSV7M2CX9cGtgO0mw2YtNM/X - xTrOyymSxO64zQDce2N0m6p4/jPUPna2NLcLhxRvA4x9Esn8TEsyAUOOPv2L - 5fKQhOAfJmy7WxAR44phUexnsZIL6YculN+wJdkmBjYVrNm9b5XndXecbr09 - knseandJDRPShJkVILCQ/HqlDGMy3Bg4IGup3jGW495o5NHF69ExmGHFu7zi - NAL2DwEqgJnfOllkwT6WTgGsJp8mXhg/2kY5zAJTb69dWGMGKKR1pHrJSyql - f3F6gPkop6Om0I795+u0eQPPQJu3/48n+1wvHuHG6gGLQI/2vqTv5f1cSz96 - qCQ/5T/LQzrLwpsIlsrS6TBlboPEUHgw9v62naSVWwwqVZm4BRJQi+O1gqtw - Fwp+mNSn8RIZD7SVdlpGD0141FSYDXS3KuS3Qm9NCBSxVBrXgW/xKy02vDKb - 4eAmkxDB80VeTOLoq08bO+8gA6kksXEO6JR6ZEhH9d6DbyvwfgYws82sTi9V - 4t31pAFyFr2lERrP8dNchwiNbMrSYyY77+ko6MG0V/oAxPlPQyzNzM139JRz - H2vzIW/wq8+tNRDdvF7M0iK8EdPUj/Q6Q+BBKREp98ArjmjFLEWx8nRLjy48 - O9BzJ9ZGZlKKxPwx3uFptPHMn//syZmVdEfqHdsXO1AWRbqOqj5dB65Dq/m4 - +Bo/kXJAL/thltK7uO/F/yKrh686Dl2l49uQbTpksi7Sa/b+CHmWFmkzKvQH - eJ2SOdjjRjST83dlc8QMjkF2WqYf450j6rd2KzK32ZoeQbd9z7yM9/6imbs5 - n7Cz6J7UE37EFdCO5YdAmnHEYrkJsF9MhSMYLfHa1t5UxeoYuTWdQLJ0k/G+ - g/bI1UraseYYZjh6ldxU0skCW/aS58nFurFFlqBYdnKaUyH1IQ0EWCG1XMzn - qpI1rjtVy5LKi5aTFYYerXXmzYgNJo36YqP+7yYr+W4MQhT1px79dFLPTd/G - dlu1SlDMjkT5e/XS08nGxgIMXgbZP1bRlX8mx0sqkjlfEiQ1bLGavDyrz+aV - p5SpdGXpTREg+svWtrdCPMSne7AdSUhjlKFOwSDz4TWWojKv81LWys9OmeDI - dE8urQTOxcTgp1CL7PElWb5Yizl70PvBqBKQW6iXtZzRvislnYmhctcUu2T+ - bwjEt4YIp1SwuklXdm4sskGpRSmGxYmqWEg7gasSVoQLdlLIUYG5EcyinTOe - wTuaZUnUjiCznLVn0Y2Ti8PF7dH4Dfm4SO8ZAyR8F68CLDsgefoaMfPo3mYg - Y4R5OywpS1ma90tpliF9IPh7YS66sUJS5GS7KFbeHRRxyLGUQM/fO/SgD48T - nIEKFDeqbVOHmyvUVQCTc6+1QLnWrh6ywc7WO3Li/MCEheuL7WVd+ANfrjUe - E1s+GIGg4TFc9CDCkDck/oc94gL7VtOJqgVpIy1XhtF1akaIbSoEJoP4oR0E - l4YpEEDX+v4CwGAeVfnHsnPCXgF73OTbxsg6604YChK7SXxdKMuBR0ThmEFM - Ir3aC56wR3Lbbjo4IVAUH9HvhImuJZ9h4mkl5DwCsAa+z7Zf8DYlDiz8ssrz - LvByHO018A+Ox/7pKekMVIiF8nboNNsDDgqblGkKkLRWOwHB3J/w5zeB/m5P - +iPSsB7Jp9g4QTUdG+PBoDQ7MI/i2vz7qnttP8KT4mDqd0ivznr9jWnrVL+v - SrDvH80hoa7sIcHaWjeMXUWTh0b0D/cMi5wSE5fG0kiZU5/cSiA+pVzgBO0A - 3+QXg+AYO60f233fkuvpJtdc6m4/E9pnKsXSsyGFPzn6/fUYDktzyYycOmnc - G/8fwwWT8iiUujpOb1vt/uR7GN4Ctph5F1pcR+YaqAi8URQPM0qrHL5EsmJH - HGhXzdc/M4HisYF0/TIhYDQqim0Uw7z0P1YRhW0TZiLtdwBYowQYfa9VJExX - HMGm7ljcb2WIrxdWqzAjo2mrae0spGwBsMimfJOQo7t1DPtceBYrQdzONcM5 - EiJcRjb0+vDMCUqfT9G0hJh/5T1YexZg2uCtQTX2spglQYGA/XCVxhQwhY8j - PKGEwgo8tL13dfuxsRzyZH/VdKfcw4O1tXXIIrrIcrRZ3XIWXXlnd+dDHPwr - cnqlas2ZEXhgl2JufICUBtt0fUSjwrvaMXpHCo1SZLaAAOXrpZQ5q/dC4Mv1 - KWAyllfGdFMY9152DUlpwieZuFSyN8KFOib3e+ADyfaFBdybrItvbGyftgRU - xS817bHHlCkOZ+Wm35/GZsTZgPtp2q4MvJXVLNtZp7NL1V7Ya62ww154ZOY/ - RbyKLdzUrb4SezX4Ie9KEZH78dTzTKxKZgtjkW1x466HMv8FSMsSDL87hV9Q - B8T+zVTRMCs+fYXqi8BXdUBMT6j/CRw57U8Dwg+ECwBlyIFsdwkKCYoUGn5u - m5575yug7bsA1+qJbEMAH8JbhFWWu6p0Tqdfy+++4y6dGJ6EAfdnXnNdvO5l - yWl575+iUMgkFQONbcfwkrESuCaZA/kLkVIXkB89LTjPUrfQldYSc+g0Ycdu - xf0m9IDT5lcF3JFgEjr+cYQx5AR3VmFeHE2rQlZgxaBtAaQ7heGRUCYCcGFq - 2CAMf0+A9Ps7i8TWA5HtxQHRA+8pLX7XYV+RYSfkravU2CUueTVFyKBrxjL1 - MkVh1TyVgkdxYsGtZfwYmxnSqgbnJM9q6g/IgCwLkFWnSx4ie6b7ViWiC7yI - 0AFK/xnqAAAKe0Ea35xJIoH7oCq8GClCMlf4Le8xm9/7CI1C1DMQT70pdORw - U1bAKkFNxm6gSG0qcjFemeiUvUgHJKW0qOYsSLSUF2ff53GpDkzjfoFOITol - PSIeSUVKF2kFR0rM8ua3wYypD1TDPxXSILfdAGOrvo6FUunB+QrScjbC5ra7 - mpTZcofdgIo5yOdI2AoBoCS5RIB+jDPBoXijqZwHcW2ALPHgiIoaWQXDn+9v - zYsYcjM/82MaJi/v14FfC1qlbtLcCsaVWWYU7Sev0zAdGQR5W9efLkXHoR+z - VUL9Itaghxs781cxUUzz39KzxSQxHXvD7BRdDCqLjSO9cXrCmRJAlASC1mvU - Mbdey/FtflKXb1icJIP9khSdN0lRmMSixg+kCYaC5FPSBPQNj133rQ5UQOrx - CjYeVJwbQOc/Qs1m1vkJ7FO5ayHX5jhgFSCrbG1modbpaSU4h4yaPGTe2DUz - kdFTFUSa6MO+OCiw2FNhW5mW71zl5RiF7//zq5TNg4bcA/cwQ9yM7qjMoKMx - jygQIqVIvSVzvhQ3YuMhuDE1/CyD3bBJOhCPaApS5TCOQmG1gxLLZ7GWC0mE - qMAiqHBqbsfnUiGmmOJNlq3GLT9zrnwfNjtHd0iNOS9ywKXv/z5huJEe+ody - kJzAgE2N8q67q07xvVlVjgczpx5Unoqr0T7WMm4qfjMETvzvnXZDWQGblQLz - 7VhxsSi51i50RV767AFtbk6GAgw=] + ENC[PKCS7,MIIOTQYJKoZIhvcNAQcDoIIOPjCCDjoCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAutSMdSCHNMnSQAidQt5A5eXTNNvVU1BsJxTb + lXX37CV5XjtRao7+B/hl8/QXXOf5neNCh/Q5yRcr47cyJnb4zFcJrIluWHeF + OSN4fDPogxIBixupVwWuEmxfDGUd+3QRmL8gEBXHVntzQPRW2AR7bgTldFy4 + d6XpVnFSGLkH2C/RdWeCnKsgumbBITo0mJnNvHB7H7tPHxMMvsIbJvmqu9lC + OxJPZXIXnY6TlLuuIPiHpzrGsToB4dKrUYlQ9Y9KHHFN2NCRfMUNZkAd7vLR + ZLzTFq7XK3CaDqmAMWisbI2kBHf7GAkZJky+vxeRRsJ2B2JREw/JmqF5tD+Y + aVZz9DCCDQ4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEECubd68R7PosC6nC + SnB2SqCAggzg3aZRHoxfBmvg91xRcWB2UKb2azHGHfHjatP7dcL5EQ3l8JGd + fwzaUkb92HEtLBV9VqlNEnuZS3MKRxZGJFTtZ/P/Sg+gla5BEHgSX6YnGW41 + s1JulZDqkrSecpnBQ3j+w9apExWv4dHFJJ4jlR+S1GaPh4RaKZisozc0Ln7+ + zTZKKRWl/NCDPIw4+gpPpAWVH2xGpmUAv/kW1BGw1WQJDvr5sZ0+TgYybQbu + 24PI7u59wvyHiQx/qNmlk11AAw2ysvTG9hbwc0JrfbinV6eE6ibB/tloQNAl + /eGeNxxwOIKRFMQanWzsCUctdbUJxDoIyMBnFEf8muiLW/t4IND7+D/jK+wb + UnwKsZJv9uwzgGAAy2RANTDoOjPnxAN1Ikx9TapGd/TnyN1LvwGKw2YbqgBX + dyUqanIrHgr4SVvCr71Acw8qbUvt6NPMIgEAmF7+JD2J220WxpUu3yqYD9aS + i0XCmTW03ObUQVqJaW/weO7PzaPcN7hhHt/XnJC/ezXCpQl8+yc3cKyjUJY1 + NI2RHztyp6Oill4FvBAkc1XAyVQGy8bpkAYh63ozQPuv9GlaCeL51/PYa6K9 + AGHXPh7Zf96hpeY0qNyW3W6vu8gvL3ApGUxkI+dimC/wfwQuR5969aCYxNtu + siRVEUHXpIEZcGqP6dFDHieu3XC3/Dq9EPUvQ2gMO8M/SKAa4t0Ga5u2nvhD + xKO/UdbnP1SD9sBiL6Tlqp+iw3K+7opCho+2mJ5Z6+finL5I4ih9pNW/BONM + TN0J9ySDA7fFBMCM0mMlgkvd6/xts63tq8TxNn3SpJxL7RZTp2DDu8aH+gto + e1nDtg+f4LJwBbCpLNbN6G0Blq5IMoo0jTDuddJTig6/xaY1AcrKIWI8ZqHR + FAaFRJw0mhpn3R6psrEU464tvKQD5jQtlwUkYSV7M2CX9cGtgO0mw2YtNM/X + xTrOyymSxO64zQDce2N0m6p4/jPUPna2NLcLhxRvA4x9Esn8TEsyAUOOPv2L + 5fKQhOAfJmy7WxAR44phUexnsZIL6YculN+wJdkmBjYVrNm9b5XndXecbr09 + knseandJDRPShJkVILCQ/HqlDGMy3Bg4IGup3jGW495o5NHF69ExmGHFu7zi + NAL2DwEqgJnfOllkwT6WTgGsJp8mXhg/2kY5zAJTb69dWGMGKKR1pHrJSyql + f3F6gPkop6Om0I795+u0eQPPQJu3/48n+1wvHuHG6gGLQI/2vqTv5f1cSz96 + qCQ/5T/LQzrLwpsIlsrS6TBlboPEUHgw9v62naSVWwwqVZm4BRJQi+O1gqtw + Fwp+mNSn8RIZD7SVdlpGD0141FSYDXS3KuS3Qm9NCBSxVBrXgW/xKy02vDKb + 4eAmkxDB80VeTOLoq08bO+8gA6kksXEO6JR6ZEhH9d6DbyvwfgYws82sTi9V + 4t31pAFyFr2lERrP8dNchwiNbMrSYyY77+ko6MG0V/oAxPlPQyzNzM139JRz + H2vzIW/wq8+tNRDdvF7M0iK8EdPUj/Q6Q+BBKREp98ArjmjFLEWx8nRLjy48 + O9BzJ9ZGZlKKxPwx3uFptPHMn//syZmVdEfqHdsXO1AWRbqOqj5dB65Dq/m4 + +Bo/kXJAL/thltK7uO/F/yKrh686Dl2l49uQbTpksi7Sa/b+CHmWFmkzKvQH + eJ2SOdjjRjST83dlc8QMjkF2WqYf450j6rd2KzK32ZoeQbd9z7yM9/6imbs5 + n7Cz6J7UE37EFdCO5YdAmnHEYrkJsF9MhSMYLfHa1t5UxeoYuTWdQLJ0k/G+ + g/bI1UraseYYZjh6ldxU0skCW/aS58nFurFFlqBYdnKaUyH1IQ0EWCG1XMzn + qpI1rjtVy5LKi5aTFYYerXXmzYgNJo36YqP+7yYr+W4MQhT1px79dFLPTd/G + dlu1SlDMjkT5e/XS08nGxgIMXgbZP1bRlX8mx0sqkjlfEiQ1bLGavDyrz+aV + p5SpdGXpTREg+svWtrdCPMSne7AdSUhjlKFOwSDz4TWWojKv81LWys9OmeDI + dE8urQTOxcTgp1CL7PElWb5Yizl70PvBqBKQW6iXtZzRvislnYmhctcUu2T+ + bwjEt4YIp1SwuklXdm4sskGpRSmGxYmqWEg7gasSVoQLdlLIUYG5EcyinTOe + wTuaZUnUjiCznLVn0Y2Ti8PF7dH4Dfm4SO8ZAyR8F68CLDsgefoaMfPo3mYg + Y4R5OywpS1ma90tpliF9IPh7YS66sUJS5GS7KFbeHRRxyLGUQM/fO/SgD48T + nIEKFDeqbVOHmyvUVQCTc6+1QLnWrh6ywc7WO3Li/MCEheuL7WVd+ANfrjUe + E1s+GIGg4TFc9CDCkDck/oc94gL7VtOJqgVpIy1XhtF1akaIbSoEJoP4oR0E + l4YpEEDX+v4CwGAeVfnHsnPCXgF73OTbxsg6604YChK7SXxdKMuBR0ThmEFM + Ir3aC56wR3Lbbjo4IVAUH9HvhImuJZ9h4mkl5DwCsAa+z7Zf8DYlDiz8ssrz + LvByHO018A+Ox/7pKekMVIiF8nboNNsDDgqblGkKkLRWOwHB3J/w5zeB/m5P + +iPSsB7Jp9g4QTUdG+PBoDQ7MI/i2vz7qnttP8KT4mDqd0ivznr9jWnrVL+v + SrDvH80hoa7sIcHaWjeMXUWTh0b0D/cMi5wSE5fG0kiZU5/cSiA+pVzgBO0A + 3+QXg+AYO60f233fkuvpJtdc6m4/E9pnKsXSsyGFPzn6/fUYDktzyYycOmnc + G/8fwwWT8iiUujpOb1vt/uR7GN4Ctph5F1pcR+YaqAi8URQPM0qrHL5EsmJH + HGhXzdc/M4HisYF0/TIhYDQqim0Uw7z0P1YRhW0TZiLtdwBYowQYfa9VJExX + HMGm7ljcb2WIrxdWqzAjo2mrae0spGwBsMimfJOQo7t1DPtceBYrQdzONcM5 + EiJcRjb0+vDMCUqfT9G0hJh/5T1YexZg2uCtQTX2spglQYGA/XCVxhQwhY8j + PKGEwgo8tL13dfuxsRzyZH/VdKfcw4O1tXXIIrrIcrRZ3XIWXXlnd+dDHPwr + cnqlas2ZEXhgl2JufICUBtt0fUSjwrvaMXpHCo1SZLaAAOXrpZQ5q/dC4Mv1 + KWAyllfGdFMY9152DUlpwieZuFSyN8KFOib3e+ADyfaFBdybrItvbGyftgRU + xS817bHHlCkOZ+Wm35/GZsTZgPtp2q4MvJXVLNtZp7NL1V7Ya62ww154ZOY/ + RbyKLdzUrb4SezX4Ie9KEZH78dTzTKxKZgtjkW1x466HMv8FSMsSDL87hV9Q + B8T+zVTRMCs+fYXqi8BXdUBMT6j/CRw57U8Dwg+ECwBlyIFsdwkKCYoUGn5u + m5575yug7bsA1+qJbEMAH8JbhFWWu6p0Tqdfy+++4y6dGJ6EAfdnXnNdvO5l + yWl575+iUMgkFQONbcfwkrESuCaZA/kLkVIXkB89LTjPUrfQldYSc+g0Ycdu + xf0m9IDT5lcF3JFgEjr+cYQx5AR3VmFeHE2rQlZgxaBtAaQ7heGRUCYCcGFq + 2CAMf0+A9Ps7i8TWA5HtxQHRA+8pLX7XYV+RYSfkravU2CUueTVFyKBrxjL1 + MkVh1TyVgkdxYsGtZfwYmxnSqgbnJM9q6g/IgCwLkFWnSx4ie6b7ViWiC7yI + 0AFK/xnqAAAKe0Ea35xJIoH7oCq8GClCMlf4Le8xm9/7CI1C1DMQT70pdORw + U1bAKkFNxm6gSG0qcjFemeiUvUgHJKW0qOYsSLSUF2ff53GpDkzjfoFOITol + PSIeSUVKF2kFR0rM8ua3wYypD1TDPxXSILfdAGOrvo6FUunB+QrScjbC5ra7 + mpTZcofdgIo5yOdI2AoBoCS5RIB+jDPBoXijqZwHcW2ALPHgiIoaWQXDn+9v + zYsYcjM/82MaJi/v14FfC1qlbtLcCsaVWWYU7Sev0zAdGQR5W9efLkXHoR+z + VUL9Itaghxs781cxUUzz39KzxSQxHXvD7BRdDCqLjSO9cXrCmRJAlASC1mvU + Mbdey/FtflKXb1icJIP9khSdN0lRmMSixg+kCYaC5FPSBPQNj133rQ5UQOrx + CjYeVJwbQOc/Qs1m1vkJ7FO5ayHX5jhgFSCrbG1modbpaSU4h4yaPGTe2DUz + kdFTFUSa6MO+OCiw2FNhW5mW71zl5RiF7//zq5TNg4bcA/cwQ9yM7qjMoKMx + jygQIqVIvSVzvhQ3YuMhuDE1/CyD3bBJOhCPaApS5TCOQmG1gxLLZ7GWC0mE + qMAiqHBqbsfnUiGmmOJNlq3GLT9zrnwfNjtHd0iNOS9ywKXv/z5huJEe+ody + kJzAgE2N8q67q07xvVlVjgczpx5Unoqr0T7WMm4qfjMETvzvnXZDWQGblQLz + 7VhxsSi51i50RV767AFtbk6GAgw=] profiles::icinga2_master::master_csr: | - -----BEGIN CERTIFICATE REQUEST----- - MIIEnjCCAoYCAQAwIzEhMB8GA1UEAwwYbW9uaXRvci5pbmZyYS5jYWNlcnQub3Jn - MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA7Z9Yf0kd7Jo88QH/xhQN - YvZrm3rL2nIz+B67HFgQu6Q1o6wqYvn6bccTjdQFhrHcDob9XpoCs18IwDIG9fBh - NR5kph7XjVzv40vh3tjjzfkvoKzPyEDxJI98DTTkDKK3UfsvTL0PwlS1xrBRW8Ib - bKmqNNA7p8VJJanzJCv0k7idpLmmyKeRoBF0HFaGynFcoOwjoLib9polUExD8kSR - femOLwq46BGORX7id49J3DHPQv89dm4N0BPjnWGMd1x3puk+GgptEzFDNEigNmFe - rojMKqoIhNEi4+bB3tz/aU6Sn0vm4Jm0tnlkrdX7O1nBvTvrwBa6jt94v0n9amvF - V+LzKde4ukvn8FRoEmJMaiHgSMjlU0KwawhCqC67Rf+L+nwhi4o916BcLzCMkEHb - CAW04uBZJdj29BwvWkfd7rrydUMZuBJIsKydJ13H9/kWUlsgqXayWpMl7qrJSx7X - iY0Z909Nmu6+ZphlqesRcOFyZHB4hkBP8tZA9lYHOjSBFI340Fni38cMKrJQiyKA - ZXUQmE/i3a1J5ZXuKmYjhha4A3MtEvxrXbWP7rokYCqShJO72ThGM6RRwnEmyL4J - 46eRGHta3apZjOqjHjY9Za+bGbQFjQ12/YanP8DeXh4Y3vxwxu3jkUnOf0VF//qa - v52iYXn9PnJlQ2GhRtTWoccCAwEAAaA2MDQGCSqGSIb3DQEJDjEnMCUwIwYDVR0R - BBwwGoIYbW9uaXRvci5pbmZyYS5jYWNlcnQub3JnMA0GCSqGSIb3DQEBCwUAA4IC - AQCt2+BVjtxBcuXqcHyAHIWjFke7gWAC4LH8hm7Gt5mcg5EKYANC0d7UNPM7k9vU - bcZwN3sMYxfBLgrMZGpbzIXgRKxufMhTc1HSZzHs5Peq+pTz/F43dfxKOHZNWrW1 - PJoPUQwocK3MfKDjZVVnFT9PD1VwnhumTrGMRx+x/545F0tU2Zam0+vJor2VROzx - Y7aQ2v1K0Ac4pEigL9Ld1/mou2q5PyLR5DO0zo5/u8+QP6Oqslgy+FJ6OmUZZUua - 4G/1BVooLzbYIRRG/7kQNMmIIROQBCUP0upB7t9qvKvGs5JZwLLgv/M54yFtzI1z - bjrYZ1AbC/XutJ81jV9HplLS8XTne3Q2NJ+C3m61VizRp04INtPmKsH1Fj4stU3w - f0utTMTvcSeOsbIrl/rgeaEhou71sJdclqvSioAQlxdmAUqDPuffZgPnq5eeqNBL - 9Q1dfJWjNzgKrK5wSpa43wgentHOLDsgylju/L0oDP5L0JWvpXIsB2M/maBTRxUc - rZqKlRUxYBJ8XPsyzOQTgnJcZ+hmZTXZ7jDtP6qgLEtho+E0ubGtIpXBgeX5HN1U - yTxDP2rWDE3fKgm17An4i+n+6IU4u0M+3s1dE0wrKpzUC2VbKBPrsGTRPNKCny7W - UmvCla/Pixt8dYj9NTuBfoh5/m4A/uD/iVVVO54RA9u8Fg== - -----END CERTIFICATE REQUEST----- + -----BEGIN CERTIFICATE REQUEST----- + MIIEnjCCAoYCAQAwIzEhMB8GA1UEAwwYbW9uaXRvci5pbmZyYS5jYWNlcnQub3Jn + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA7Z9Yf0kd7Jo88QH/xhQN + YvZrm3rL2nIz+B67HFgQu6Q1o6wqYvn6bccTjdQFhrHcDob9XpoCs18IwDIG9fBh + NR5kph7XjVzv40vh3tjjzfkvoKzPyEDxJI98DTTkDKK3UfsvTL0PwlS1xrBRW8Ib + bKmqNNA7p8VJJanzJCv0k7idpLmmyKeRoBF0HFaGynFcoOwjoLib9polUExD8kSR + femOLwq46BGORX7id49J3DHPQv89dm4N0BPjnWGMd1x3puk+GgptEzFDNEigNmFe + rojMKqoIhNEi4+bB3tz/aU6Sn0vm4Jm0tnlkrdX7O1nBvTvrwBa6jt94v0n9amvF + V+LzKde4ukvn8FRoEmJMaiHgSMjlU0KwawhCqC67Rf+L+nwhi4o916BcLzCMkEHb + CAW04uBZJdj29BwvWkfd7rrydUMZuBJIsKydJ13H9/kWUlsgqXayWpMl7qrJSx7X + iY0Z909Nmu6+ZphlqesRcOFyZHB4hkBP8tZA9lYHOjSBFI340Fni38cMKrJQiyKA + ZXUQmE/i3a1J5ZXuKmYjhha4A3MtEvxrXbWP7rokYCqShJO72ThGM6RRwnEmyL4J + 46eRGHta3apZjOqjHjY9Za+bGbQFjQ12/YanP8DeXh4Y3vxwxu3jkUnOf0VF//qa + v52iYXn9PnJlQ2GhRtTWoccCAwEAAaA2MDQGCSqGSIb3DQEJDjEnMCUwIwYDVR0R + BBwwGoIYbW9uaXRvci5pbmZyYS5jYWNlcnQub3JnMA0GCSqGSIb3DQEBCwUAA4IC + AQCt2+BVjtxBcuXqcHyAHIWjFke7gWAC4LH8hm7Gt5mcg5EKYANC0d7UNPM7k9vU + bcZwN3sMYxfBLgrMZGpbzIXgRKxufMhTc1HSZzHs5Peq+pTz/F43dfxKOHZNWrW1 + PJoPUQwocK3MfKDjZVVnFT9PD1VwnhumTrGMRx+x/545F0tU2Zam0+vJor2VROzx + Y7aQ2v1K0Ac4pEigL9Ld1/mou2q5PyLR5DO0zo5/u8+QP6Oqslgy+FJ6OmUZZUua + 4G/1BVooLzbYIRRG/7kQNMmIIROQBCUP0upB7t9qvKvGs5JZwLLgv/M54yFtzI1z + bjrYZ1AbC/XutJ81jV9HplLS8XTne3Q2NJ+C3m61VizRp04INtPmKsH1Fj4stU3w + f0utTMTvcSeOsbIrl/rgeaEhou71sJdclqvSioAQlxdmAUqDPuffZgPnq5eeqNBL + 9Q1dfJWjNzgKrK5wSpa43wgentHOLDsgylju/L0oDP5L0JWvpXIsB2M/maBTRxUc + rZqKlRUxYBJ8XPsyzOQTgnJcZ+hmZTXZ7jDtP6qgLEtho+E0ubGtIpXBgeX5HN1U + yTxDP2rWDE3fKgm17An4i+n+6IU4u0M+3s1dE0wrKpzUC2VbKBPrsGTRPNKCny7W + UmvCla/Pixt8dYj9NTuBfoh5/m4A/uD/iVVVO54RA9u8Fg== + -----END CERTIFICATE REQUEST----- profiles::icinga2_master::icingaweb_admins: - icingaadmin - jandd@cacert.org @@ -312,79 +342,78 @@ profiles::icinga2_master::icingaweb_admins: - mario@cacert.org - dirk@cacert.org profiles::icinga2_certificates::certificates: - - - name: monitor_client + - name: monitor_client key: > - ENC[PKCS7,MIILLQYJKoZIhvcNAQcDoIILHjCCCxoCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAfMlzYDhHEBOZ0ePImcGVWe8jUv833wi0GsRG - oGrDtBq1G7bNe8Vjd+cpnuJtkIpvg4UUf6yU3rsMb3JL32rUUP9Jjhp8k/3D - 8WLadEKRjahlw9kh+/iaz1AGZGiWM4CSpSOKJ24sfFr9djWm8XY0qLakY3q5 - fwz9xjKIwRhyF2bb1Z92fKNDFYO7Wa9lD7zbf7BraUAWpfL26lrpGkrZmqtM - K4wd2RkVZe66azE0lT93aOIPrXwXWIVZL0u+6YFAQx5D/98qbtbwGEtabTSq - TTuTikkV6nsq7eblsH3zjkT8olE3cY62VBPq1lKQNTgBWmgBbvebeRzJj8q/ - gpZNdjCCCe4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEPjAQ+687nD2HSP7 - xVzkMIWAggnAQ6dpcwNyBBKLNr4uYDAZerNqErnpRRnnJ62FpE2pR/MokRNO - M309vB5EpbIBa09cn1PGMyQ7uaaIXydtUwxfeS6307Lfo46swoPyWvHNC+1B - ngpiohRSJhiOUR8IUc3uwXNZ8YP8mo3bcjH9heq1WDMeAla8FiBtrdog2Rev - bnD2A3S6ustUVIhdR9TCzIXgG1ExgW7oFUn5Iuppl8K6Wv9LPiCs/hLr20fy - mg7QJaHHy49rm+L0X5Sf0Jg+gfHEQY5qg2NTqCb88fpYh7t4g8R5HY4QFame - gFrj11ZeavxKrLakz0k0uB8weLUWWOE2xHj4mdh87obW5J/xwekZkYqOWHmU - PLEyg9X441EMCBSYWFRz9HEK2Zv9Vg0qxKe++DNikVwDT9ntEYHnh43e7Iwp - YKwvCtlxxvQGY09acLuC0l4pifpJOsqOcAUjxf3WXoe1cjsjEcL+Z3mMmerh - 8JyXxJRp5Cu6TTMxcnQb/214/D8qYCKoPUYMddNC1G+XVosNY8QWbNp8nLUL - DZHsvI0tgk+CV/SPRl68dx7cE1bYioyS4EausMQub4eQykZl5My9qRR5htSl - C2zw+CP47EhsaA3zodbj6UgdYGBmhZNUOiW3oXWTKV0eSddkWcS/CmY271a9 - 6UIzE2TlRQ4w85GI8aD0W4DbsPyUvG0oay/lFYI6TzG1d6sL0rn/n1vvuUHB - n1OSyMdzcnUS0V7mt3gmGIKCYfEjG1auMaXlLag/NPPi5lvAkn8t8fY0uRn9 - 3kYpAPCPHFpqP8L/ZwIyHf/ePvRszzbuU23wkmcguIx3+UqGvwOyaMTGiy1K - 0ML0PUCMHPVrVDjkIHf9Tee/eFbRP9toQEofeesQtSJY6jW5zCCa/EEmmazy - jyo1hdsSCcTpizMylT4NDGpdfc73ccMwoGcuSdTtlAolBhn0qbBvEMo/GQMZ - JmvvOlE0BlDUGxbXE4XTrjIS2tJIL6Mrg0nQEJLB8u41i9fDJdPai3dwYlYZ - oMUT/QX417fPKl88t6NwkfFpW8mgStqeZR0ataza5lzHC61d5C1z+Zxzh/yk - oCgwmWFcz2kS8woi//0t3DtJB93bFbV0za9FUodcKrEcLowx3mN+g+URe5n0 - w7On4tjl4PGo5ko/15DDcRRlJlzQlUN28n0w3ENYaAgHiNKsksvXxqTL+mRo - kDhszsQyaatutqtjN7Tj9t5p+gIkjODhz5FmQop+ZirXwNElMX7N3WeFD8Tl - zLhopOuZ0loqaKWgTEY1hdYUINfkHTNyLIxwyYtJGPAU30q/c5qZ8opmil96 - tk6kpctBVAeNYVBfRNJYkGfNRrK7AiENuLaWGurGt05J00lSKOEQQXQuLqGy - mPC694aJ26aqjinuWZ21TCLh+e+Oib0sVYWObCjy/cBGtMQAlvTGEt/1zs66 - K+r1C0PJkWcDwDAF0mwnxDxFq1zcPYBG8xH90DrSPMoN0edLFMencGVrqMBI - agbUlkwePUdEc34zZ1khJbuBU/B0O8IRNY9rFQrU9ICCnKPVFvym85f0y8Ac - BphEJrS61CDa/L7techS1GTP8joSoZnT/OzzqXRXBe9Pgp9hubcckbGwi20k - sP4sCoChKe99wR4760z+q4JV91aVR/aKqAB+5R7aKor4ouQSaC203XzpDcOv - x/t6+l4cPetOvV5dtqPtpv1L+nPoLr9w3JS+ZGLOwmXAAx7Zr/DD8RGd6hM/ - OHfplbHg4XYbbDG51OTj6ajRwDoDgcLQ6VHz4/3HmcaNff2VcY4DFxKSpv+D - WSoepaN+KB+o1B4YRQ3XyuYhcAL7UlMJzA0CBmezZ2AMLTfGIaxFtwnqDMEc - kJ+m7BP3cyk/E6CTBFVrQajC7C8Gs5nNqI1sS79pMk07S2dOX/MRFSP0hw8i - ploMyzV6tCPAF/h9OO510W3iOqSN6nQe61BGlTgMgWKut4VWunpqZyANkIvT - SIeTR09cpSI5fhWfMdjv07TocakibiWFRZpvpOd0dkVA0FR5BurPxYoUB0od - FkWPGlgfTVCVuVLfVjEgig2j+YzoZM3Y/GkVu7IVkaxGI8+/uq6Hyordk051 - uDxbNDiuq0mXfL6KTiPJ/3TVPPLUnnFvEdWvgLIg4wnHpXxpkF44dFkKF4/y - d5Ykxpc6eThoV8aIVMUl5dod68LjclHL0Iv3l7+rTE6qPrTiShONvQbIu8lv - 5KXBK6GdjTFWz8c9Lr6zR/ABQ+XhQAlCqmwhfp+rEr1qReBEus5U4bL1ObuB - 1AA0r6AlmjCLH9F9BA3PcNVi5Zm988chcoCjl1GTjeMVcK501l9/KYcSjIzZ - bfaguVPCiSGG0/imDQ/QiBtDNGKHbdknJlTjBBaGWJkCFu/vpV6uzjfzMXRO - FXc/E31UdogZfprKRt1c1WHW8ozo8hV6/2D4X+tB1Jn4bELIgSZRhB7d29tm - jAxd8kAsCDsIK5NX0VXXzenZcut1L10lDVHcr+WOTT5lbGLgZCa508ExdtQk - /FsgqnzNOrqlCBx2gYU9UcrMxlOf7teEHxJmoFMqe7II2M/ye6eBYdy515GR - ywU0R8pRUuSs8njm7rYeuzG3rCd1j4RCasjbmLQLkuAVlxPjys+Hxe07jb8b - N4VyAQsUaFruuwkIUanANJdaOA72IJyPJCZf4HCScQEKG1EkU6oHNDelE0J/ - J9zTdzuUSwfv74pk/2PExloRH42glTAB/FOoIenzrtO7XvsV+HAaqoqJQ1Gr - 7lvjwU0B8GMijM20YQPOzhc9H34BWya5Y8BAaTbue+puAIjfLQaMPIcy/ilh - qIrVd1sNXCJtXJ2Smo5O3wGI3Qw29pQn98x20pJUCwXwLtdRWSocSL7qWlAh - pofd1vZ+5F5iW1XOm9//SIZ3lgHlEsWwnBL1v6mETXPA6UezJGSm2fhI14xx - EnFI3t1K0+JSkHq45nyxHGfiS1KcHvrblNnGOHWfxKDjdIKADAMI6yP3pWrQ - 2kmTSMSRcAN9TQxd2sFsLVe7zpFxBagp1SaXzKC/VpmWQu6Y6BNt6EjmZ7+r - UjpnfOY8H2efR2aNzMEdvtz/mY9pdzLSHIDNSndM+RqccpbcyJKTQXIdjHiZ - iHpfoZJ6g4VdkaXVRttaNfjuuwuAJuUaxoSdDOeswHIOIeNQ2N8e5OE0U4r7 - xvd/XDaPh2AE1061vN+InhW9lC2QrIxSrHzQoz0uVVq23D1aMyin8UHTTo1e - h8zTkvycy4d/FiozapuXBuM49p8DgcX0kESTVnL4A99qzFr7PU4CWDQssgkU - WGs3X/Ut0GKaJXFMwajblcJu80p7HRmaXJWIBmwe] + ENC[PKCS7,MIILLQYJKoZIhvcNAQcDoIILHjCCCxoCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAfMlzYDhHEBOZ0ePImcGVWe8jUv833wi0GsRG + oGrDtBq1G7bNe8Vjd+cpnuJtkIpvg4UUf6yU3rsMb3JL32rUUP9Jjhp8k/3D + 8WLadEKRjahlw9kh+/iaz1AGZGiWM4CSpSOKJ24sfFr9djWm8XY0qLakY3q5 + fwz9xjKIwRhyF2bb1Z92fKNDFYO7Wa9lD7zbf7BraUAWpfL26lrpGkrZmqtM + K4wd2RkVZe66azE0lT93aOIPrXwXWIVZL0u+6YFAQx5D/98qbtbwGEtabTSq + TTuTikkV6nsq7eblsH3zjkT8olE3cY62VBPq1lKQNTgBWmgBbvebeRzJj8q/ + gpZNdjCCCe4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEPjAQ+687nD2HSP7 + xVzkMIWAggnAQ6dpcwNyBBKLNr4uYDAZerNqErnpRRnnJ62FpE2pR/MokRNO + M309vB5EpbIBa09cn1PGMyQ7uaaIXydtUwxfeS6307Lfo46swoPyWvHNC+1B + ngpiohRSJhiOUR8IUc3uwXNZ8YP8mo3bcjH9heq1WDMeAla8FiBtrdog2Rev + bnD2A3S6ustUVIhdR9TCzIXgG1ExgW7oFUn5Iuppl8K6Wv9LPiCs/hLr20fy + mg7QJaHHy49rm+L0X5Sf0Jg+gfHEQY5qg2NTqCb88fpYh7t4g8R5HY4QFame + gFrj11ZeavxKrLakz0k0uB8weLUWWOE2xHj4mdh87obW5J/xwekZkYqOWHmU + PLEyg9X441EMCBSYWFRz9HEK2Zv9Vg0qxKe++DNikVwDT9ntEYHnh43e7Iwp + YKwvCtlxxvQGY09acLuC0l4pifpJOsqOcAUjxf3WXoe1cjsjEcL+Z3mMmerh + 8JyXxJRp5Cu6TTMxcnQb/214/D8qYCKoPUYMddNC1G+XVosNY8QWbNp8nLUL + DZHsvI0tgk+CV/SPRl68dx7cE1bYioyS4EausMQub4eQykZl5My9qRR5htSl + C2zw+CP47EhsaA3zodbj6UgdYGBmhZNUOiW3oXWTKV0eSddkWcS/CmY271a9 + 6UIzE2TlRQ4w85GI8aD0W4DbsPyUvG0oay/lFYI6TzG1d6sL0rn/n1vvuUHB + n1OSyMdzcnUS0V7mt3gmGIKCYfEjG1auMaXlLag/NPPi5lvAkn8t8fY0uRn9 + 3kYpAPCPHFpqP8L/ZwIyHf/ePvRszzbuU23wkmcguIx3+UqGvwOyaMTGiy1K + 0ML0PUCMHPVrVDjkIHf9Tee/eFbRP9toQEofeesQtSJY6jW5zCCa/EEmmazy + jyo1hdsSCcTpizMylT4NDGpdfc73ccMwoGcuSdTtlAolBhn0qbBvEMo/GQMZ + JmvvOlE0BlDUGxbXE4XTrjIS2tJIL6Mrg0nQEJLB8u41i9fDJdPai3dwYlYZ + oMUT/QX417fPKl88t6NwkfFpW8mgStqeZR0ataza5lzHC61d5C1z+Zxzh/yk + oCgwmWFcz2kS8woi//0t3DtJB93bFbV0za9FUodcKrEcLowx3mN+g+URe5n0 + w7On4tjl4PGo5ko/15DDcRRlJlzQlUN28n0w3ENYaAgHiNKsksvXxqTL+mRo + kDhszsQyaatutqtjN7Tj9t5p+gIkjODhz5FmQop+ZirXwNElMX7N3WeFD8Tl + zLhopOuZ0loqaKWgTEY1hdYUINfkHTNyLIxwyYtJGPAU30q/c5qZ8opmil96 + tk6kpctBVAeNYVBfRNJYkGfNRrK7AiENuLaWGurGt05J00lSKOEQQXQuLqGy + mPC694aJ26aqjinuWZ21TCLh+e+Oib0sVYWObCjy/cBGtMQAlvTGEt/1zs66 + K+r1C0PJkWcDwDAF0mwnxDxFq1zcPYBG8xH90DrSPMoN0edLFMencGVrqMBI + agbUlkwePUdEc34zZ1khJbuBU/B0O8IRNY9rFQrU9ICCnKPVFvym85f0y8Ac + BphEJrS61CDa/L7techS1GTP8joSoZnT/OzzqXRXBe9Pgp9hubcckbGwi20k + sP4sCoChKe99wR4760z+q4JV91aVR/aKqAB+5R7aKor4ouQSaC203XzpDcOv + x/t6+l4cPetOvV5dtqPtpv1L+nPoLr9w3JS+ZGLOwmXAAx7Zr/DD8RGd6hM/ + OHfplbHg4XYbbDG51OTj6ajRwDoDgcLQ6VHz4/3HmcaNff2VcY4DFxKSpv+D + WSoepaN+KB+o1B4YRQ3XyuYhcAL7UlMJzA0CBmezZ2AMLTfGIaxFtwnqDMEc + kJ+m7BP3cyk/E6CTBFVrQajC7C8Gs5nNqI1sS79pMk07S2dOX/MRFSP0hw8i + ploMyzV6tCPAF/h9OO510W3iOqSN6nQe61BGlTgMgWKut4VWunpqZyANkIvT + SIeTR09cpSI5fhWfMdjv07TocakibiWFRZpvpOd0dkVA0FR5BurPxYoUB0od + FkWPGlgfTVCVuVLfVjEgig2j+YzoZM3Y/GkVu7IVkaxGI8+/uq6Hyordk051 + uDxbNDiuq0mXfL6KTiPJ/3TVPPLUnnFvEdWvgLIg4wnHpXxpkF44dFkKF4/y + d5Ykxpc6eThoV8aIVMUl5dod68LjclHL0Iv3l7+rTE6qPrTiShONvQbIu8lv + 5KXBK6GdjTFWz8c9Lr6zR/ABQ+XhQAlCqmwhfp+rEr1qReBEus5U4bL1ObuB + 1AA0r6AlmjCLH9F9BA3PcNVi5Zm988chcoCjl1GTjeMVcK501l9/KYcSjIzZ + bfaguVPCiSGG0/imDQ/QiBtDNGKHbdknJlTjBBaGWJkCFu/vpV6uzjfzMXRO + FXc/E31UdogZfprKRt1c1WHW8ozo8hV6/2D4X+tB1Jn4bELIgSZRhB7d29tm + jAxd8kAsCDsIK5NX0VXXzenZcut1L10lDVHcr+WOTT5lbGLgZCa508ExdtQk + /FsgqnzNOrqlCBx2gYU9UcrMxlOf7teEHxJmoFMqe7II2M/ye6eBYdy515GR + ywU0R8pRUuSs8njm7rYeuzG3rCd1j4RCasjbmLQLkuAVlxPjys+Hxe07jb8b + N4VyAQsUaFruuwkIUanANJdaOA72IJyPJCZf4HCScQEKG1EkU6oHNDelE0J/ + J9zTdzuUSwfv74pk/2PExloRH42glTAB/FOoIenzrtO7XvsV+HAaqoqJQ1Gr + 7lvjwU0B8GMijM20YQPOzhc9H34BWya5Y8BAaTbue+puAIjfLQaMPIcy/ilh + qIrVd1sNXCJtXJ2Smo5O3wGI3Qw29pQn98x20pJUCwXwLtdRWSocSL7qWlAh + pofd1vZ+5F5iW1XOm9//SIZ3lgHlEsWwnBL1v6mETXPA6UezJGSm2fhI14xx + EnFI3t1K0+JSkHq45nyxHGfiS1KcHvrblNnGOHWfxKDjdIKADAMI6yP3pWrQ + 2kmTSMSRcAN9TQxd2sFsLVe7zpFxBagp1SaXzKC/VpmWQu6Y6BNt6EjmZ7+r + UjpnfOY8H2efR2aNzMEdvtz/mY9pdzLSHIDNSndM+RqccpbcyJKTQXIdjHiZ + iHpfoZJ6g4VdkaXVRttaNfjuuwuAJuUaxoSdDOeswHIOIeNQ2N8e5OE0U4r7 + xvd/XDaPh2AE1061vN+InhW9lC2QrIxSrHzQoz0uVVq23D1aMyin8UHTTo1e + h8zTkvycy4d/FiozapuXBuM49p8DgcX0kESTVnL4A99qzFr7PU4CWDQssgkU + WGs3X/Ut0GKaJXFMwajblcJu80p7HRmaXJWIBmwe] certificate: | -----BEGIN CERTIFICATE----- - MIIGUzCCBDugAwIBAgIDAvEzMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB + MIIGUzCCBDugAwIBAgIDAvqLMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV - BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjEwNzE2MjIyMTMwWhcNMjIwNzE2 - MjIyMTMwWjCBrzELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMG + BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwNjE4MTAyMTIwWhcNMjMwNjE4 + MTAyMTIwWjCBrzELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMG U3lkbmV5MRQwEgYDVQQKEwtDQWNlcnQgSW5jLjEcMBoGA1UECxMTSW5mcmFzdHJ1 Y3R1cmUgVGVhbTEjMCEGA1UEAxMaQ0FjZXJ0IGV4dGVybmFsIG1vbml0b3Jpbmcx KDAmBgkqhkiG9w0BCQEWGW1vbml0b3ItY2xpZW50QGNhY2VydC5vcmcwggGiMA0G @@ -404,15 +433,148 @@ profiles::icinga2_certificates::certificates: IgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLmNhY2VydC5vcmcwOAYDVR0fBDEwLzAt oCugKYYnaHR0cDovL2NybC5jYWNlcnQub3JnL2NsYXNzMy1yZXZva2UuY3JsMCQG A1UdEQQdMBuBGW1vbml0b3ItY2xpZW50QGNhY2VydC5vcmcwDQYJKoZIhvcNAQEN - BQADggIBAHFHlSHLdUIjuFfW2UxuCO3cBb70iU64PGeE1fTOQ1A+z3BO27bzuhH+ - jL9k0p1eTcrfcsJm9Q927WIFKaXHLAsC2E3hOtaaxPSPWzI0Aquv+BSoDd9GrQcH - VjfAb0mPhgN9VqgdxnAFweNl6F231aq6ryxQIe4G/DDvPMQiAn3x5IUzIHgfO+L4 - xmwqu8V/biKijYclqAnIiVXYJqLMi8OPJ5o98LZudzDdhDd/6U3n8NE7qNUns1Rj - 2GoDNFtJecGtGTLBShQTxIwfIBNOfHQjlZo0HXOoCzsMGUsT8sAKGJTprsrRdQ8g - mj5663nnZveb0kTZdkRYZBVKwRkznAZj9ITZLj+eLXQb3Wi5BR4Rev7KdWRcE0P4 - Qdeeb9MvnM3CR5MWG9uEIZNz8TYYAxcNvjYOcEDStvqNrJ164iTierItL8Mmpnii - 0hKDfCt08IS5S6uOHGRz+qYudB8l5uTCXdhCFqaZs4CMGUM9sylfPnMB91M5oKxB - 7QNsTmv5qc2L62YolNpMRmQjwy3RNnLIOlcg6kkLRNTrACStYGsLVDntnLRLMrZf - L4269s/c7qifundMMNipycxPtxtYYLZ6wl2WTVEsE175wtEPJwirK9p7NZWP0Zi+ - ZjFKUtPcj79ZDzJU4hI61SZFkTKXnOmBDj/wb3xntXueXsw9H9un + BQADggIBAJwRD14Jv/b0tU28CUBwp35wiez99dIbNRmcKoZ7Fghf50Rg6y+eOVo4 + og8Tmoez6lLEzQJ1n/4WuMgnbOhhMRguCESKY90vORFC/xdc4lcOQx5rdvvj0RSQ + WBC2IE5eeTA3mAiagFdrYK0U/uPd7qlz6XMrPZqB68/7K0dov+afIXeNAwpKNd13 + QCo56aygf3CiV1OiZ3IUH8YRax93kntV9Hmytx2iYDOqcM2OZB0P9GknHSWi5NGM + pCAFdZoLc1O+tn8Mh2AXSjerDVrnKkl0bfNNWyMnosdSEnO6awGlVsL+fDvqVL1x + KG9WmHJggWO/0xIrjAUBxPYl+4pJcl6O82PBRwpnVLQ9vY4Qoez7suaXmHt2cmDu + DrCtg7/RcgOi2bWY/GYRulSWNFKj3OfV5VDTVVPKqYVzOzHPsKtu1vEuKdxJKSRK + b/+KmWGnspEJXCZsoDiK3UcP/2IEX30PCpY/r/otCjXcZEahxg2Pkphrg7k5gJWB + C0fSPyoj3VYhJvNCPmCwLk8MDQK8XjJdi+K+5yGBb6wLeEjIwJXZZ+1Srvf4X/YK + lxP5NDdVSj02lC+/ydBg5yZF2IDsKkyb5FcH/Ng8reDsZDOj7CzUrvQgjpAqGrWp + jbv7XaRehD3SWuYfyc3twGGh2TrWMz24UIyKrco3CA+w3U06/Gip + -----END CERTIFICATE----- +profiles::x509cert_common::certificates: + 'monitor.cacert.org': + certificate: | + -----BEGIN CERTIFICATE----- + MIIHHjCCBQagAwIBAgIDFR1tMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv + b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ + Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y + dEBjYWNlcnQub3JnMB4XDTIyMDExODE3MDEwMloXDTI0MDExODE3MDEwMlowXzEL + MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD + VQQKEwtDQWNlcnQgSW5jLjEbMBkGA1UEAxMSbW9uaXRvci5jYWNlcnQub3JnMIIC + IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0JB0R3KBFyoS3PwwNofaFj71 + 6MBbFwmVhi39gUloh7Br4cQjS70ckrWcHgDz98NPrjRqz3GLfkX8THVdV919eGnG + 1hXsyntTbVNbXj+5/1uvNatEJMvajjkSrw446Ut/5hyU1Y2x2ewUtEoaYhszQxig + 0nkRTE/n7joxreQa8r5l4O1j0DytzGS2/yKWjhY6w1P4wAJNU+uYQT6YZX97gbXP + Ies+BjFo4Ny4/U9CAIgHm2oSWuU5xx++2PEefnfFUpn5+WC+bfZjXSS4JxLLPu6p + M+KPUIDNgXvaeI0KINSrX2FYr+BvcAnW5lY7N4Gf0rO+c/BD1KlSfOjYG0MU9tbQ + mJTwDhlcr1YL+1hLdf6a7qNfhfWOXjgc/4bPISglpnf8cpbjiTJFSerm/u3z4WxW + GQoG2ZReyCvA5i+9VjIDCUImN8z/z4rsu+W4LFJJMbRqdcLmUlLYF60Fcb36XyR0 + hncGYsI9uVrVwyZXqCG1nUr1jx1js9Y0uTSWL/j3UM9mWzGIXMOIUtaWHLUjPWf6 + k9U7ufC5MEYd4ZwGRa/O+VaPznAO7r0TeJ+NBhkzwkESaWoaboSWOyI0DLT4n5QF + eogTGQDPzpGOyPzaudH1LyT7O1dANvt5AsDcTXmdXLcv8FkrrnMM1uR4Yd9PVaJj + d33M38hmfRX7/idUv38CAwEAAaOCAccwggHDMAwGA1UdEwEB/wQCMAAwDgYDVR0P + AQH/BAQDAgOoMDQGA1UdJQQtMCsGCCsGAQUFBwMCBggrBgEFBQcDAQYJYIZIAYb4 + QgQBBgorBgEEAYI3CgMDMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0 + cDovL29jc3AuY2FjZXJ0Lm9yZy8wMQYDVR0fBCowKDAmoCSgIoYgaHR0cDovL2Ny + bC5jYWNlcnQub3JnL3Jldm9rZS5jcmwwggEDBgNVHREEgfswgfiCEm1vbml0b3Iu + Y2FjZXJ0Lm9yZ6AgBggrBgEFBQcIBaAUDBJtb25pdG9yLmNhY2VydC5vcmeCGG1v + bml0b3IuaW50cmEuY2FjZXJ0Lm9yZ6AmBggrBgEFBQcIBaAaDBhtb25pdG9yLmlu + dHJhLmNhY2VydC5vcmeCFCoubW9uaXRvci5jYWNlcnQub3JnoCIGCCsGAQUFBwgF + oBYMFCoubW9uaXRvci5jYWNlcnQub3JnghoqLm1vbml0b3IuaW50cmEuY2FjZXJ0 + Lm9yZ6AoBggrBgEFBQcIBaAcDBoqLm1vbml0b3IuaW50cmEuY2FjZXJ0Lm9yZzAN + BgkqhkiG9w0BAQ0FAAOCAgEAX+7KL3AAtj2H0iI3lm81NB6NmnHuRjh8qn5lfTM0 + 6z1Qmgzj96a67qX1enfQ2iktwzAo7Hxia2iiSd/C8c6fjlbxMi33kBFsSos/2W/6 + zDtaAGqNQy0HsMYKJFuGThDzCxf6dfs/t8DW51bRMW6v2sbKsUnNWYmqTX+80liJ + ykp3ycyJwqWiIP6b4qXIlRhlbo9g8nP0AJBbUeDOj/yYTtjw+v5jtIUZiYZ66dqN + 5yq0vC9nxJ4OlVEk9NONXnTUg3Dn6ikSimQr0fp9bcvyWeCa7J53pLnIWNTwgD16 + 7zCijJr7YAFST6omGuWpTFBeooSzSMb1q91pPdNadP6T/URxspnGOWmPdtj21JBX + M/6Y2IBxtyAR8b/TdkQHUvUfYpCv4IsiMMafVmMQDOnP36+fezsZdXtWVyfmBZEa + qv3mFtiph9KIO80wvOXEvPf5BdJiBRR2tKoW69GBIWm/ku54hJu95/+KsDsTIyVR + 4B1knLCqA5pdsmiNRwXsovjRVww8HZhO/J3I5vBH8NOZqXNHRkQOGbWsHdfDojf4 + fF/OWnW6zraySUttSSF5JHkv/rNLx73H+1Z7CKOb93UMjWwQhspO2/o4ZW4B+jte + eOSSKzJdui+t4nP/4D1dm0DQ0qOMz87KOR0hWDlsK0/ksMhQV2HYLK4BjrB3aTpg + Js8= -----END CERTIFICATE----- + private_key: > + ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEANjreYMlK5aOFN7s9b5Alt0f70mR9Qdh/Z3M4 + JYcNrwZu3/q8ep0o2wejXMOeM9JFGfHyjz2bgZL0Pg2RUUjDdKciX39UGMb0 + m/Xw8F7sR9l1TmI0TMzgMvrn8pySJpAXrdqE6G9jgdId2ekXSyFQulJjLmYL + G0//+AmGkxoKzOJPJgS9yBJu10ChShDCp+66jicqeCgSuIWnNuAFOwak8cZJ + nclQco4GRmaNWHs9Is62rXiisDG03MpwlDdkd/ToA8GitN0V3Pw4eRZwPuMx + QrDFzdUCQxWw7tFjcK0I5Ohhq7Mfz3v+bb+CBMzl26X7Um8lVKeCkPoMC6x0 + WkwX2zCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEIVfkwGkXozbUOjK + L9eK2ZKAggzQ298/cbPaj7D3yNkWomJFCFdGJ6O8vHyj1LPFFv+rdPHEk3IW + Do2c6sl/XOz2s6froxtOZYWnv61FkCezE1bmTI4Vj6TO3nALDMXPzFp6UpbQ + xfkI/ZHdKwRcruKz80hAxYH39hTQg2LPR4UYhH19Ydup5ULG+2slrOW0gL57 + hg5+Uk8vkhzi/4GrW3fR8HxhotIcpw2uJUqM1XLPwt57SKf86iJMdShXmMFp + Yg1M+WbAcJEjvkAJp6HMuuOmDlcs2ujTy7+qp7/Dq7RDiJH5IDPoF6Hv6vXM + 6ZXklcyxN2waC0RRClu6sREKgCS7Nb/MZQCgxYrPnlHtkSkkZjBREOCtiD7U + T1LAzHeSJOK2/fvJ5b+XW8FOs6a7UFes12YXZF3MipGeRjtXFni2PRLnb/RY + PUVjekf5FoGPVPHer4C4vJ2hqNB7JswDDLp2v6UDofquDnV3eYVB9eNzvcPN + sccAn/4Jfc5fpxC0Z7KOvQyfMMMJYDkXTR5XQ0S4F2rTzMKfF7CGnJ/E4+xR + 01dyllKhAymWbryXK4tZjI+yvarwVq4Nd3ViIffangilHKTo2wC8w6c/ajSb + +Q5LNXhWUxip9t8RXas/prs6d3pX2fwrJ5KWvhtv0orF95uTczb8PktdqkPw + uGVA/0aGU71GVJwxTd/iiVtua4d9KYH1YqnVtFOS1OdrY7uDzrU5DLH7NAP9 + 5RPFaACKzY3Bl6T2Q6YkbMlWokCPPChHbnPWidnViMXXWatIv47lFb7BuRUG + DXnYee14xDK5gudhbch7tJ02d6ogVKFGuyKCI5Uatys2clO0lgvE69xVAHF9 + MyEp/ERTCshc2024CV7RVrMPIjfK1eXJ5kwgn8Y1hkhGob3CqLTM6AgCu5p1 + iKfJw5/WD92gNacXeFoT95GHQmUxedq70/UnQGc1Y+UBmcVffguFDc8tjz0m + 9BlrXTOtjswprN2XYw9hy2FoVNngMgUG+xHvFz/Bl8Kfv0xZ0t6FLX8+vFVs + 50FW809QSUuV/YXTbuergSxdYDfpLIr9ZVAP1RpXY4C9bA0ykFxYMLFrhxgK + 7EikjBckZWMrhTFyrTJnhkAldDcYdmHWGxiAVzVBhOlBuCo/GhSjmvldgIiA + XGHmuNusLnITtkBx1W8IRzjsIs+NfA+NyAoxXgJNcOMnqqQvFUhqfxsYeBYn + 6gnltI21Oo8Us9c99in0S+MoNs63Q3R/i3OGEVIhfe5/KiHOzf08HWCkjjBU + KPkCJX6FDHTq0CTbOrnVHaeiueolwBjxrBWUfPspbWpeIRTrQ+/EGnJR7bw7 + RtTZqDGupDwsGQTPyXyBOeDweOFLAYHLp5G6osKwtxZDB/idANrJhWOVP/t5 + wUGjKIMub+QTCXXXlA2CwuhowUmCcSQPAg5l43x02tfV6kXCAzszCV4Jq5ta + FoJSO7R5ZmSBA6DFnlX3hWmpjKg/u7gq8o9Ku7mQ7OZp8mNyR/lxd8RsxX9A + pVr7AmfaKzhF9p+Z7jxzwT5vYV7LwjX2n97A8z4yqg9s5IT2TMuRZrDGij6a + 9+gzjkXLzv3O2MjeUe305Bi9bRZmCgMbxrBvjkkRPUstDPsI1SdVWjsf3VeE + wSGNFiPAibvIawm1Rfs/QouvOSjkewzgLE9H0cwZ7GGYWiudJdnrz/MhXrlf + wru09UZLWA0q44jYyDX6N5qpe3r/R+xeaj1TX8QwfzvHr1bSxcEW73AJVWAC + OZ7YtSrbkhzsir3+nifyLghsuefkVoIMcd+zI9Npd4yvWkr7Y55M1nJmBh96 + qGmcjBw/yZrY7TwDr/w/9zcCFHf6BkGsoYGQni8QLjtZkACSwUmrH1xIE28v + QFgIb+KNWCMdoaqFdiO0nrQBjKmbXNwU4KOMe466nMNzw+HCpEhKsrhuFZUR + PTtVVg3exDSFON/zXHOMlYH/HqU6dxvWpwn/Qbyv2rGzDGkB/CfeyG+mdt5h + wwxAEoBQ99grEIoLufaZDgXhTeOTur6BUTQV+UpeF0YZJdIf7kJCMTx9LajJ + 1z9FFo/tgzR+Jeu8C+2IKE8hbOYyjvhXwaVfXig6ciPntmjPJMr32pcLC+0K + y8994hbRVcRUADh6EhPBWkmATa7Ss4nNeHUw/u6VUfoIOoCHxwSEcImSuW2k + Z2aXSfIHYkA29aAIyK5RgUIuyQQdSrxbzny56deXw6R5pkCaZIHrkLS+P4Rm + B3D05D5e+zj2Zc/IvLMDvzpTb5nHTZeNxFeKmQFvqVo6DEgQDwyS049uEqB9 + f/51/kGuCEAqOOmGSvydMfQ3RCuynusXc+IHS/s2QEuadKDYYNLOTe9QfaKy + gdzJthYec+9hyUXbRMgOqda2ZuS+KRvOQ9GCcK3bHeGn5jzoRv1Vw3uVVUBa + hJ08S7sw0LbbL5IMViUjQczHcpWqFdKPDr7+Iny9PJNCvCvAPu8iyM1t8nA2 + wieM4uQTgXHZ1ihIqhkuFqtiyBaXvisE4r5SXp83O9jqtgnBMP1/Ap5pVDPr + yaQklpVCROPchA+ZwrafOho1MYpgHcwwb2hfvaeEt/n+mUnXAl9rJM8NxX3j + ++IS77NGHjmfcWamBxLtnrNs7yq3bH515DyidQPD+ls/L/de9Wp9LFej/2vm + T2HxvtXAIIaKzXV4E432IDioQxRDaBqfCqjNYjQU8dibhxvpaMWJjfyQdXLE + sI4zRiRgFIbZ0Mjoz0gdk4tShJBedU3yC1sWAbQgIEuGNe6FaOpEGOE29g4b + afvkelbGYiwguRlP7S4a5ZTy0ecs9XAjvMCb230I1unmSteHLx8qcflShKd1 + lF1cwUuYrJiHCN3U3nA7svvyJlQ/PrPtLzw1CgWbyfyPOJHICe1BrqVtMrlK + GBB6z/o9TqpdI+33ktVGOmNCRwrECz+bgZBAffegDFSeyBy2xGWi091Zdfar + ZqgSdEK6Qp8RWbL4+nqcRa4NGXnpOjxI+zdkDJnkvLyg+LtX58+FuSc6BTZF + mu9sDXuF1zzKANuNAKyzNXXtXe9yBNHmmSxQ4/KBM7FHmJHs6d3OVfZVcgLG + V5l3CjHlYKcuRbsc0EgPg7wX87r1hjC3HgACpRHVPO427AnJ/hIsYqHTHJVs + PpsXjs4Rm3+IGLE67BQx2trAaufPu6TWDmsSpOSI57sDBql+uTwYhfz1w6WT + 6ZgLQCwzmw8GI+qhroeS/4Xr2plaSZxg0Y75JZRr/uKRNCNii6dis5x/CLzp + p78TB7WrS7DYyc2+3gD/LTrETXLEXLo/11+EMUZOsPxkfWnhI7uSQ4MZ5h4c + NnXDqb8FfGFts5gKYgqcO6nZgunjJTz33npS2phcBPIr6r5UsrOyUM9YyV/B + nZlrmA546B6eMXMAqnXuHMxvXWGWOT6gro+d6wrPV6ilY1unMlAh8AqE6Grt + thXNbGXxVMoCQ+kqnCtQ27f65PeaD4CAWHs4Y2/ezx3ecxP+tRZ3ijRZQDFk + qnOwEW+C5JuLYuxWuI6F6FRa+V4U7ze5RchgUb3z7vfX0yeEcS2bcxbx26+h + 1DosuauYQSWTO0n/XgSqPdr/AqOLRQBucwt2OCnrB136FCQ89UHnBGe6x27l + cp8NkHz7nWFzg9RP38YQnNJGCQP91nuR0EptVEMbr7uuLWZvMzSZMYONMl0d + Jwlb/tUCP0Ls1UbjPEuC6OMnh7uvTqDQOIDBHsTv9hbKxWkGOwt6T4DCiovu + LR2J+KNmFb+xQ4BGGKHv5apUfEPSjADgq8c07JbmuPpp2YFVUdWV0ZafFYIa + I1ThptVZu+oPVlOLzLLTs6ZUBZak5MNCRRd4s4canWfDxBqKSwkZV2AmPYql + dUpk0q4SDh/pzVJo1gCCls6/Tm9ImBOAZhZnFBzzO9wwQuzyg+HVF0M1iCwM + mTwxEYottQviftjcFaJzV9BGxxYfpAMZ68gnJHegSMEWF59w+P9zZbSrfMlW + zIuI1zbUuQO5yJXV8QvNA/YhQ3z43raBlCXy4WFT/X/5yfVgzAJO4o0SfNiv + yQ0UQMJzXREeQUs07JExCuvXkHU9C/EY3dILgb2xj40KV3IpbpuJQNP7DUcG + MlXzLjHX4WNZ/C8ly1Fr0JnbOU1UmJYHwdIP+U6B1QOe5qGmYNTavuk8sust + UpFiyyix6HWoURpO4At4s29z2I/kvfuet+/lvcf9F2sApJqqW+0C3YW7JDcc + 304/iqtbkGuG5InDQ0E507q3PO7uo6ZN5CpmrnAzVuScbRxdAhi1y5jJKe0i + XVw4lQXe5XdLLBE2+ECrWBWAMocWiEk+V66BxHs51rcRhtUDBfUs26XG+DwI + aI3egT4Dlxc72DxXm8tCnRZaNodzeCVnN+uZP3dYgDDscO1HRaWT7DQTD/Ud + l0ckFQ==] + cacerts: + - class3_2021 + - class1_X0F + client_ca_certificates: + - class3_2021 + - class1_X0F diff --git a/hieradata/nodes/motion.yaml b/hieradata/nodes/motion.yaml index c719313..d774543 100644 --- a/hieradata/nodes/motion.yaml +++ b/hieradata/nodes/motion.yaml @@ -4,38 +4,38 @@ classes: profiles::base::admins: - jandd profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAS9KablO0ZUn6gFXJYLMgWRb9gGWoR5SsVvow - 2bFqpyHFUsgtlb5hm+E6XvZxrD56FI9twxSSuTdHhW+hUf1WQr34Ik/M1kFJ - XYFKUn4WDoejCwxGYbqbptyJhPMsJh7Qgx0d7SQhrordLoI7SQ8kEbTT5yo+ - oEBPYXoTunQrkB7pSgfThRwLZPZ+xsbDPimp66imBWgXoSFBI2OO9dLVshGJ - +M//INVZG6dOF9tPjxeKz5tTiKdZ7Qkh8/lzQrSA6PHW3MDCtxwjejCQlZjp - 8S5bFy/Ajp7amCL5b7k/bXGX6UPHMqWgLKu0+vH5IPPe4i8Y5sU6nzOhY1mH - pINd2zBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBFDA0rqy9ELGvgfhPS - 826ogDClIoHwcGV6JFe+nACOgye8JBdCkvUJmlEdPUawmLrjto1ZtVHHsCks - XJx1XYBR3vY=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAS9KablO0ZUn6gFXJYLMgWRb9gGWoR5SsVvow + 2bFqpyHFUsgtlb5hm+E6XvZxrD56FI9twxSSuTdHhW+hUf1WQr34Ik/M1kFJ + XYFKUn4WDoejCwxGYbqbptyJhPMsJh7Qgx0d7SQhrordLoI7SQ8kEbTT5yo+ + oEBPYXoTunQrkB7pSgfThRwLZPZ+xsbDPimp66imBWgXoSFBI2OO9dLVshGJ + +M//INVZG6dOF9tPjxeKz5tTiKdZ7Qkh8/lzQrSA6PHW3MDCtxwjejCQlZjp + 8S5bFy/Ajp7amCL5b7k/bXGX6UPHMqWgLKu0+vH5IPPe4i8Y5sU6nzOhY1mH + pINd2zBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBFDA0rqy9ELGvgfhPS + 826ogDClIoHwcGV6JFe+nACOgye8JBdCkvUJmlEdPUawmLrjto1ZtVHHsCks + XJx1XYBR3vY=] profiles::cacert_boardvoting::cookie_secret: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAH+GZS+H+iQKPzWUCsOXE/Lc8V5qIYleMqHZH - 93LcnFX0m9gY6CEEDkSzlcnrtyPUsMGubmb6lIJ1zvFLxhf1HNCkJzzDxj6G - X6cbP32QDDO7q/Gs961nuVCW2t7JysiZ+WHXTOzb5u3kHDXkdugOpxkZC19k - Z/K7u1RFn2kxiLziWWyla6t8oCjyIfR43XeckSpHskRKS29baVKLRSz9qlFX - saQy/KpnxNpPmIASpYOmNO8NcU7Fzfo1QfnNkjFpwxh4SbVI4CvhVWX1WdU6 - koP5e3qETucQa4eTgCS8ZwNN8IWkPMgKr+bWjYSdAI6M9pjZ2hkOfxstQ0tu - HRjC/zBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBkBZdsVnxBj8ejMMe+ - lY7ygDA6eB64BpOOfiTQ2gdnHagIv9JeFwW9wGaD6wc+HZKfu5UKEFlkpkMg - M9wxxAhBUlc=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAH+GZS+H+iQKPzWUCsOXE/Lc8V5qIYleMqHZH + 93LcnFX0m9gY6CEEDkSzlcnrtyPUsMGubmb6lIJ1zvFLxhf1HNCkJzzDxj6G + X6cbP32QDDO7q/Gs961nuVCW2t7JysiZ+WHXTOzb5u3kHDXkdugOpxkZC19k + Z/K7u1RFn2kxiLziWWyla6t8oCjyIfR43XeckSpHskRKS29baVKLRSz9qlFX + saQy/KpnxNpPmIASpYOmNO8NcU7Fzfo1QfnNkjFpwxh4SbVI4CvhVWX1WdU6 + koP5e3qETucQa4eTgCS8ZwNN8IWkPMgKr+bWjYSdAI6M9pjZ2hkOfxstQ0tu + HRjC/zBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBkBZdsVnxBj8ejMMe+ + lY7ygDA6eB64BpOOfiTQ2gdnHagIv9JeFwW9wGaD6wc+HZKfu5UKEFlkpkMg + M9wxxAhBUlc=] profiles::cacert_boardvoting::csrf_key: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAIrQdj2r/LUGR929i202pTLTvG6vplBCOkZ3f - /29l5wR1aajD0Kz8Jfs14PAO0a5IEksQwf875uJPKjOCWZS+WlJgrpqGHXt1 - OU89MN0ZmhsNtejQq355WmG2sY5z7PO/xfUcEAYuOcZO5a89Mitf18v+dRqy - UEpXHsvlUI/5wCz2KNqL7BCkd/50Z+TE4OGPM4bZzvio48tUZhBMLHDUU3hr - PQsOhih8y1qoDdFUvypp9SIqF5VWX+I9v1qhcnYpPGc2nQLEpSs9Wp3xMJhm - owKy6zxmO2/0GUVMX6NQaIk6XLthHVgW7au3wPC5WV0pVxBgXQxDQFuWSN7W - BUkT9DBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCYfwhgtuCfhI8cy/Lr - /jX1gDDj1Mft02q1naNtqZy5rVQSTdbsiaN2LbufDSFaSyOKWkRcGEBXvtzx - g9VtuODC3gU=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAIrQdj2r/LUGR929i202pTLTvG6vplBCOkZ3f + /29l5wR1aajD0Kz8Jfs14PAO0a5IEksQwf875uJPKjOCWZS+WlJgrpqGHXt1 + OU89MN0ZmhsNtejQq355WmG2sY5z7PO/xfUcEAYuOcZO5a89Mitf18v+dRqy + UEpXHsvlUI/5wCz2KNqL7BCkd/50Z+TE4OGPM4bZzvio48tUZhBMLHDUU3hr + PQsOhih8y1qoDdFUvypp9SIqF5VWX+I9v1qhcnYpPGc2nQLEpSs9Wp3xMJhm + owKy6zxmO2/0GUVMX6NQaIk6XLthHVgW7au3wPC5WV0pVxBgXQxDQFuWSN7W + BUkT9DBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCYfwhgtuCfhI8cy/Lr + /jX1gDDj1Mft02q1naNtqZy5rVQSTdbsiaN2LbufDSFaSyOKWkRcGEBXvtzx + g9VtuODC3gU=] profiles::x509cert_common::certificates: 'motion.cacert.org': certificate: | diff --git a/hieradata/nodes/nextcloud.yaml b/hieradata/nodes/nextcloud.yaml index 10c5698..8241399 100644 --- a/hieradata/nodes/nextcloud.yaml +++ b/hieradata/nodes/nextcloud.yaml @@ -5,13 +5,13 @@ profiles::base::admins: - jandd - sat profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAf/+tramMebPzMWd/i/zMwITL4i0ZYjw56aoo - Dy0XUs0W70Im3urRUQuZuwnTofhlgommsgaYdcpZbyNT0SZezMQN8IE9davi - Yje6meB24OnsEHrdG72ZaKil/jZwSrI9IZiQcI2iQ9jQLE2of64ZJSQAQV/o - WuE6hqHRrdNeX/mZfxNP5POqZCtKItLOP7D4rtYIOJXg1cH1auR2QG/ScSgI - RGbDb1hxvYtzBC9mrpVMVKJANtqoWVCJtBCzy1s54U8bPnO40J8jBL6zhzQG - BtFGXFZmI9824b2R+4v4MG/1Bwom+QPD1a3W+h+g4QIJg6QI0j9+9Wwe28fN - ZKBdCjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCyGoJBFH0OR6RkKgsM - grOdgDD+phhOfhpxDR186OX0h79GOz5cVdVFBoV/OiKCUjYuKfjFzFuCGw1x - UkfGGUOJXho=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAf/+tramMebPzMWd/i/zMwITL4i0ZYjw56aoo + Dy0XUs0W70Im3urRUQuZuwnTofhlgommsgaYdcpZbyNT0SZezMQN8IE9davi + Yje6meB24OnsEHrdG72ZaKil/jZwSrI9IZiQcI2iQ9jQLE2of64ZJSQAQV/o + WuE6hqHRrdNeX/mZfxNP5POqZCtKItLOP7D4rtYIOJXg1cH1auR2QG/ScSgI + RGbDb1hxvYtzBC9mrpVMVKJANtqoWVCJtBCzy1s54U8bPnO40J8jBL6zhzQG + BtFGXFZmI9824b2R+4v4MG/1Bwom+QPD1a3W+h+g4QIJg6QI0j9+9Wwe28fN + ZKBdCjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCyGoJBFH0OR6RkKgsM + grOdgDD+phhOfhpxDR186OX0h79GOz5cVdVFBoV/OiKCUjYuKfjFzFuCGw1x + UkfGGUOJXho=] diff --git a/hieradata/nodes/oidcdemo.yaml b/hieradata/nodes/oidcdemo.yaml new file mode 100644 index 0000000..960e2ac --- /dev/null +++ b/hieradata/nodes/oidcdemo.yaml @@ -0,0 +1,16 @@ +--- +classes: + - roles::oidcdemo +profiles::base::admins: + - jandd +profiles::icinga2_agent::pki_ticket: > + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBAD + AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAsaCrgydZz+DockvQHLqUCZ/ooT + lvjFmkQlLMwdwvd9tB8mK3wdkjptosytyW+6hqZ9Ue79nPs8CVGiKmwJcZ2d + 7ikW5asmLLvciTavqfAR3x+nDnG9xdP1zJz9RYZmKIg/FSUneReipNVx5rpS + S/kxveqyflMFb+x9jhQbqw1IYlqTIvOsiZ35AbRjskC/QT9errGHGXNPHrRV + BzytsS2OD3hrhiCdAPHinDmwjjiHFBWLt73rjffKoN4XTXdJlNuaSQhnyiUK + ygCC/8WCm54LENOVXiA+AZpPE6XE15EF1UrbqNNfyOiXSAL+nNg2I80MY6mJ + /AEWRzAKFxnN2YxzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDJjb+eyK + G+s2jJHm4htAsngDAlQ+yjC0OIIwWzIbG878fNkZj941AhOCscz2Kxe+Hn9D + pt3TNqyXIPXZnu69loaNc=] diff --git a/hieradata/nodes/pgsql.yaml b/hieradata/nodes/pgsql.yaml index c0eba3c..cfa6ced 100644 --- a/hieradata/nodes/pgsql.yaml +++ b/hieradata/nodes/pgsql.yaml @@ -4,13 +4,13 @@ classes: profiles::base::admins: - jandd profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAXb21L9FKfx91iFN/59W2NWuqbDHNZpx8pvGx - 55uP3PdxPy1dWiv11mxkPt0hQNNAGdPbCRrWWjyIp0MccEWDgKEtMGz6yI0q - InvLHpOihv3siGbIbOgWH5wNkQ+ab8syeVG/GKLcU9kJTHOLP47wyqYGSw2m - r4bluOe3WqMbbFmvqrT3lxuyNNPaXR7jrcvyIGLH24no6VNooBoa6+yoZY6f - VPKJeHfvflikXBn3UuGWPTTaoqoj180ZNfm0nI+p1kRHU+i1MwjQLzNihODV - PA3WIC6Dciu3JMhm4IsgeN/sUEbM4iVkr/8U88aqulgYnPqhIpKKGVtn2zXJ - HVJFyTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDBon/BhIcdE1/J67sF - euz8gDA6h1hNPUkDjIxqD1njBbKSkD1HWtOndHeVQBrYA/8xv10laBcQoprd - pryxipVIgkc=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAXb21L9FKfx91iFN/59W2NWuqbDHNZpx8pvGx + 55uP3PdxPy1dWiv11mxkPt0hQNNAGdPbCRrWWjyIp0MccEWDgKEtMGz6yI0q + InvLHpOihv3siGbIbOgWH5wNkQ+ab8syeVG/GKLcU9kJTHOLP47wyqYGSw2m + r4bluOe3WqMbbFmvqrT3lxuyNNPaXR7jrcvyIGLH24no6VNooBoa6+yoZY6f + VPKJeHfvflikXBn3UuGWPTTaoqoj180ZNfm0nI+p1kRHU+i1MwjQLzNihODV + PA3WIC6Dciu3JMhm4IsgeN/sUEbM4iVkr/8U88aqulgYnPqhIpKKGVtn2zXJ + HVJFyTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDBon/BhIcdE1/J67sF + euz8gDA6h1hNPUkDjIxqD1njBbKSkD1HWtOndHeVQBrYA/8xv10laBcQoprd + pryxipVIgkc=] diff --git a/hieradata/nodes/proxyin.yaml b/hieradata/nodes/proxyin.yaml index cd93e55..4454f7d 100644 --- a/hieradata/nodes/proxyin.yaml +++ b/hieradata/nodes/proxyin.yaml @@ -33,7 +33,7 @@ profiles::sniproxy::forwarded: ip: "10.0.0.149" - name: motion.cacert.org ip: "10.0.0.117" - port: 8443 + port: 443 redirect_http: true - name: nocert.svn.cacert.org ip: "10.0.0.20" @@ -66,13 +66,13 @@ profiles::sniproxy::forwarded: - name: www.test3.cacert.org ip: "10.0.0.149" profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAVh+d4e8x8Tub+RMVEeyllfUZz2VGaqIL0mW7 - ut0O6rBk61BKV08M6FlxZs8n/fE8WrYi+xGHKYaHdLpOZZ4BTxCWubhuRN5Z - RG7hQ25+dWuzKCu3OmICzDbLRYeIVCe3b+H79OgTKRMTcq3bdZz5e8uC24QB - D2ZJaLAZnqptmpuUNTUk+fObr7hbQRMcNCJh9F9gxiuzbHMbK81GTZiPRIja - zEgkOa1/YPW+z/wCN8/eq28j9EHmWdFa1VH65J90EZHDCOP+6rio+cyNMO62 - Sy68oyvneM/jpCyMP6Gy6yfJV010gsgjuqXVpgaCY/vG6Hj8QgXak47cZwIs - j6XoNDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCTWSRL9jrFqf3OQfAJ - ovhwgDBsBmXU7Yn2QlrQEQRNcDMbVxvawLN5AO+hYWPXyCUX8+9vyiWXwBCY - noKDG2x54fE=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAVh+d4e8x8Tub+RMVEeyllfUZz2VGaqIL0mW7 + ut0O6rBk61BKV08M6FlxZs8n/fE8WrYi+xGHKYaHdLpOZZ4BTxCWubhuRN5Z + RG7hQ25+dWuzKCu3OmICzDbLRYeIVCe3b+H79OgTKRMTcq3bdZz5e8uC24QB + D2ZJaLAZnqptmpuUNTUk+fObr7hbQRMcNCJh9F9gxiuzbHMbK81GTZiPRIja + zEgkOa1/YPW+z/wCN8/eq28j9EHmWdFa1VH65J90EZHDCOP+6rio+cyNMO62 + Sy68oyvneM/jpCyMP6Gy6yfJV010gsgjuqXVpgaCY/vG6Hj8QgXak47cZwIs + j6XoNDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCTWSRL9jrFqf3OQfAJ + ovhwgDBsBmXU7Yn2QlrQEQRNcDMbVxvawLN5AO+hYWPXyCUX8+9vyiWXwBCY + noKDG2x54fE=] diff --git a/hieradata/nodes/proxyout.yaml b/hieradata/nodes/proxyout.yaml index cac5293..04a4849 100644 --- a/hieradata/nodes/proxyout.yaml +++ b/hieradata/nodes/proxyout.yaml @@ -7,28 +7,30 @@ profiles::base::admins: profiles::squid::acls: - "blog src 10.0.0.13" - "blog src 172.16.2.13" + - "code src 10.0.3.15" - "jenkins src 10.0.0.115" - "jenkins src 172.16.2.115" - "puppet src 10.0.0.200" - "puppet src 172.16.2.10" - - "sun1 src 172.16.3.11" + - "test src 10.0.0.248" - "test src 172.16.2.248" + - "test2 src 10.0.0.249" + - "testmgr src 10.0.0.148" - "testmgr src 172.16.2.10" - "wiki src 10.0.0.12" - "wiki src 172.16.2.12" - "cacert dstdomain .cacert.org" - - "debjenkins dstdomain archives.jenkins-ci.org" + - "debjenkins dstdomain .jenkins-ci.org" + - "debjenkins dstdomain .jenkins.io" - "debjenkins dstdomain ftp-chi.osuosl.org" - "debjenkins dstdomain ftp-nyc.osuosl.org" + - "debjenkins dstdomain ftp.belnet.be" + - "debjenkins dstdomain ftp.halifax.rwth-aachen.de" - "debjenkins dstdomain ftp.yz.yamagata-u.ac.jp" - - "debjenkins dstdomain get.jenkins.io" - "debjenkins dstdomain mirror.esuni.jp" - "debjenkins dstdomain mirror.gruenehoelle.nl" - - "debjenkins dstdomain mirrors.jenkins.io" - "debjenkins dstdomain mirrors.seville-jam.es" - "debjenkins dstdomain mirrors.tuna.tsinghua.edu.cn" - - "debjenkins dstdomain pkg.jenkins-ci.org" - - "debjenkins dstdomain pkg.jenkins.io" - "debjenkins dstdomain prodjenkinsreleases.blob.core.windows.net" - "debmariadb dstdomain mirror2.hs-esslingen.de" - "debmirror dstdomain .debian.org" @@ -36,7 +38,11 @@ profiles::squid::acls: - "debpgsql dstdomain apt.postgresql.org" - "debpuppet dstdomain apt.puppet.com" - "debpuppet dstdomain apt.puppetlabs.com" + - "gitea dstdomain .gitea.io" - "github dstdomain github.com" + - "github dstdomain raw.githubusercontent.com" + - "puppetforge dstdomain forgeapi-cdn.puppet.com" + - "puppetforge dstdomain forgeapi.puppet.com" - "puppetforge dstdomain forgeapi.puppetlabs.com" - "pypi dstdomain .pythonhosted.org" - "pypi dstdomain pypi.org" @@ -48,13 +54,14 @@ profiles::squid::http_access: - "allow localnet debmirror" - "allow localnet debpuppet" - "allow blog wordpress" + - "allow code gitea" - "allow jenkins debjenkins" - "allow jenkins github" - "allow jenkins pypi" - "allow puppet puppetforge" - "allow puppet rubygems" - - "allow sun1 debmirror" - "allow test github" + - "allow test2 github" - "allow testmgr github" - "allow wiki debnginx" profiles::icinga2_agent::pki_ticket: > diff --git a/hieradata/nodes/puppet.yaml b/hieradata/nodes/puppet.yaml index e8b6047..983ba9a 100644 --- a/hieradata/nodes/puppet.yaml +++ b/hieradata/nodes/puppet.yaml @@ -10,26 +10,26 @@ profiles::puppet_server::git_pull_directories: master: /etc/puppetlabs/code/environments/production training: /etc/puppetlabs/code/environments/training profiles::puppet_server::git_pull_ssh_passphrase: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAhbUQYK6aL9A43CJJoXTpgpEvKny739PCf4pQ - pn4hkzJPV+j8+9AOIMPF9Jl4ZWJP1nClEia7/or5/ACeDzs1mIDejf7OXW2o - nBV2QQs34VgFTNyD+szaouftcPJK25/2/EwGzn7XCnefd7xiEd1xxtogDHTp - VDxcZMuA1/OJ7PYSkYkzRPzwHKUuqqOl2uUPZquOpQgJEYC7lkDePNd8zFvp - XmXjaL27EhXyn3tvAjytHOhSU24F0xspK0+Xuv46AIQLztMFO5MItefUQrXF - xSUdHR1h558pJf45YRxT9nmiDLdFUt8hLl0aUep7+kkG+7pSytQJT8GTSTFb - 0MlwuDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDX/ycL+PdDfsZ4QGIz - 72sBgDCNDoJmkzzjSfLIvN/Q2D0p2XBtKWrc7NkmVzZrzVZ6cLJCBornuJ72 - fOJnmPqpFng=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAhbUQYK6aL9A43CJJoXTpgpEvKny739PCf4pQ + pn4hkzJPV+j8+9AOIMPF9Jl4ZWJP1nClEia7/or5/ACeDzs1mIDejf7OXW2o + nBV2QQs34VgFTNyD+szaouftcPJK25/2/EwGzn7XCnefd7xiEd1xxtogDHTp + VDxcZMuA1/OJ7PYSkYkzRPzwHKUuqqOl2uUPZquOpQgJEYC7lkDePNd8zFvp + XmXjaL27EhXyn3tvAjytHOhSU24F0xspK0+Xuv46AIQLztMFO5MItefUQrXF + xSUdHR1h558pJf45YRxT9nmiDLdFUt8hLl0aUep7+kkG+7pSytQJT8GTSTFb + 0MlwuDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDX/ycL+PdDfsZ4QGIz + 72sBgDCNDoJmkzzjSfLIvN/Q2D0p2XBtKWrc7NkmVzZrzVZ6cLJCBornuJ72 + fOJnmPqpFng=] profiles::puppet_server::git_pull_token: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAWLS320bvmv2NSEtEFn5dFD5goJ2g3T2JDT8EylyZ5WDMdlW3w8kx4cQSju1TvjrUIRimkYMKIi9Ej2cXUEMZZoWXpdTbxBreBY5NNlzz0UWmzuwgx6qVy3Czlvhbqq2vb97W1/e30sKcaXe4Mly9UWy+pslH3KHEs4vwipZ+MaIlY76HOPVUmQBtNwaaIiY2KtBTfVGXGUp5VXYGQZsUL2K6DucT+xP3duYjK5iCPfk+w/iYz1bv3m2uT5GvsahZhCBGJNu81ZZ9MY4+WZfKwqfEN2fQz1X6mqBvpaXqE3w573SZo6K7ofhiK8q6+4QlNJ6qlLrsuetlgu8+aHYhcDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDoG8fxzhnn0Xp4Bk+Yg4RsgDDTTKABVrszTg2gZ1bZPm0ysvpoG6tSE0FVmexQjR814RSl81f7coXap/pnWwAhpPo=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAWLS320bvmv2NSEtEFn5dFD5goJ2g3T2JDT8EylyZ5WDMdlW3w8kx4cQSju1TvjrUIRimkYMKIi9Ej2cXUEMZZoWXpdTbxBreBY5NNlzz0UWmzuwgx6qVy3Czlvhbqq2vb97W1/e30sKcaXe4Mly9UWy+pslH3KHEs4vwipZ+MaIlY76HOPVUmQBtNwaaIiY2KtBTfVGXGUp5VXYGQZsUL2K6DucT+xP3duYjK5iCPfk+w/iYz1bv3m2uT5GvsahZhCBGJNu81ZZ9MY4+WZfKwqfEN2fQz1X6mqBvpaXqE3w573SZo6K7ofhiK8q6+4QlNJ6qlLrsuetlgu8+aHYhcDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDoG8fxzhnn0Xp4Bk+Yg4RsgDDTTKABVrszTg2gZ1bZPm0ysvpoG6tSE0FVmexQjR814RSl81f7coXap/pnWwAhpPo=] profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAdehEizEK2eAr85FD4XwS8dzDiIqKV2vanCjn - yJtnyX3IZ66tJkqtUUUMW5cWDY6I5eMmmmMOdqfXi+ZJ43aXmGNw9T6p05P6 - mVIUG4opuW6Udug1eo9t0QTgtFKquuTJD+bqmvEtXvQ9JR2mKOH24OPi6kp9 - jXbj6Gf9TNbGo9LXFEMuf4PaugOiIyW3rqBqpCX6MI3Fbt5BCkPFgRSl+yxG - 2fAdNzOz5aDVLptT5fGHCvUPUpTuVGGAToqs4JOVGob1EFfwGniWqYoyzxWq - 1g8bJ6OJ9w3oXYDm24lqmQB7U7enzrHEnP4wRRiuzXZasoeEjQumLdOmVgZd - sBBGGjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCixanHeFcVKKQc02XF - oewVgDB5dfRWbXLWJUcemnGSTPZWFh7Tb7zKl4X9ihJgMsM9NDb2syw4rAfU - DFxe1xKUOAo=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAdehEizEK2eAr85FD4XwS8dzDiIqKV2vanCjn + yJtnyX3IZ66tJkqtUUUMW5cWDY6I5eMmmmMOdqfXi+ZJ43aXmGNw9T6p05P6 + mVIUG4opuW6Udug1eo9t0QTgtFKquuTJD+bqmvEtXvQ9JR2mKOH24OPi6kp9 + jXbj6Gf9TNbGo9LXFEMuf4PaugOiIyW3rqBqpCX6MI3Fbt5BCkPFgRSl+yxG + 2fAdNzOz5aDVLptT5fGHCvUPUpTuVGGAToqs4JOVGob1EFfwGniWqYoyzxWq + 1g8bJ6OJ9w3oXYDm24lqmQB7U7enzrHEnP4wRRiuzXZasoeEjQumLdOmVgZd + sBBGGjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCixanHeFcVKKQc02XF + oewVgDB5dfRWbXLWJUcemnGSTPZWFh7Tb7zKl4X9ihJgMsM9NDb2syw4rAfU + DFxe1xKUOAo=] diff --git a/hieradata/nodes/svn.yaml b/hieradata/nodes/svn.yaml index 152e0b7..e644a10 100644 --- a/hieradata/nodes/svn.yaml +++ b/hieradata/nodes/svn.yaml @@ -4,28 +4,43 @@ classes: profiles::base::admins: - jandd - law -profiles::base::crl_job_enable: true -profiles::base::crl_job_services: - - apache2 +profiles::base::crl_job: + enable: true + hostname: svn.infra.cacert.org + services: + - apache2 + check_url: https://monitor.infra.cacert.org:5665/v1/actions/process-check-result + api_user: passive-check-submit + api_password: > + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBAD + AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAM31x48NC4B2agnpHt0hEzxLLJm + ADhYW0Lj3JuBNj+wpK8O4GkAf9L2OlOiNAIgiX5epzbUtvtB8ayQQ2+4yuNn + jkgfSDvPaGU+f0mFv0CjynUEDrf2rQzevFyIfnpzN9ZSnGw2/59tpS0LyJ6M + Yv3NmB0mdXzPWMrgCMt+G9i/l1s9yVjOw7p7V9prpUqD7hGKG0Fg7EeM7LFJ + 1ovxPDDar4ZlhooM6+W3Ov5n0y/3bYaPWv+VhcVmSQvWgJw6ZqP5jhpYTqSC + dr8urkIi1wfSSPeiNXhK+SQS/KFZOl9dmhj6QuereRyXX1H7X7fphVltADBq + S3mCbxlgEEPPgTbzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDlvyMRCV + MAziedXFk/L9XcgDDpzkgF8ybQ+aX31v25dTxzAPEnjuvaGY5njoUEbcpkOo + f0mf2So5a6xrylLZCcxrw=] profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAec3jnFxK1YLgov72NUbFza8tlZSAzXnWG/rD - QEyCaVt9mo9rT1USxkv0MRPmdKjiPx6c+3SXZu4ah1Mgln9TgwOSLy4jKuWX - NmPo8quPag82wX/WMu4ri1npaLc2Isg8qMCe1N94uYeuN9gGhBclee9iRxpz - wFhEs7JACkTW1ECDD5VMX/0tZMEvebjbrnEIOy3yqI/JwHSwqERl+y8LzrhH - w/tn7oeidTBFFe5gnbRaco5LVLFcbeBNe7qmQUtnMFcZ9JAgOxBlCoa1EsLB - LhJI6+2BqEKe8rH1qbbb2t6OMgmVzc401v48FX5+8zyK0J5QBCTul8HmCQDe - 5hUJmTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCYhjTXRy19pOxdmsBM - o9/cgDCuafR60F9NCrba/VThRNOJoJrfk3vwMsBVC+jJcxSqyq6jWidrqvlS - 3bfPMwDXEkk=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAec3jnFxK1YLgov72NUbFza8tlZSAzXnWG/rD + QEyCaVt9mo9rT1USxkv0MRPmdKjiPx6c+3SXZu4ah1Mgln9TgwOSLy4jKuWX + NmPo8quPag82wX/WMu4ri1npaLc2Isg8qMCe1N94uYeuN9gGhBclee9iRxpz + wFhEs7JACkTW1ECDD5VMX/0tZMEvebjbrnEIOy3yqI/JwHSwqERl+y8LzrhH + w/tn7oeidTBFFe5gnbRaco5LVLFcbeBNe7qmQUtnMFcZ9JAgOxBlCoa1EsLB + LhJI6+2BqEKe8rH1qbbb2t6OMgmVzc401v48FX5+8zyK0J5QBCTul8HmCQDe + 5hUJmTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCYhjTXRy19pOxdmsBM + o9/cgDCuafR60F9NCrba/VThRNOJoJrfk3vwMsBVC+jJcxSqyq6jWidrqvlS + 3bfPMwDXEkk=] profiles::x509cert_common::certificates: 'svn.cacert.org': certificate: | -----BEGIN CERTIFICATE----- - MIIGpTCCBI2gAwIBAgIDAuAzMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB + MIIGpTCCBI2gAwIBAgIDAvaWMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV - BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjAwMjIxMDgxNjQ0WhcNMjIwMjIw - MDgxNjQ0WjBbMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT + BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwMTIwMTYxOTU2WhcNMjQwMTIw + MTYxOTU2WjBbMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRcwFQYDVQQDEw5zdm4uY2FjZXJ0 Lm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJ41/UcmDSkW5+k+ JVwsbRc9XXd1ldtJVboyo3y2SG4DvjuqZbtImfPcH0f85ih9GOadMOfPDb8EvPEE @@ -46,18 +61,18 @@ profiles::x509cert_common::certificates: MIGigg5zdm4uY2FjZXJ0Lm9yZ6AcBggrBgEFBQcIBaAQDA5zdm4uY2FjZXJ0Lm9y Z4ITY2VydC5zdm4uY2FjZXJ0Lm9yZ6AhBggrBgEFBQcIBaAVDBNjZXJ0LnN2bi5j YWNlcnQub3JnghVub2NlcnQuc3ZuLmNhY2VydC5vcmegIwYIKwYBBQUHCAWgFwwV - bm9jZXJ0LnN2bi5jYWNlcnQub3JnMA0GCSqGSIb3DQEBDQUAA4ICAQCp8PbfpxoN - Daf/PDIbN6XWigyjQrb1j1MmVwjyFWT3D/u1zr7Ie6FG7o5DSLimFzJNy8SIG/Qe - VAX3xY7bLFzXuSYp/wlHAGeHmS7z5YJvQr+eXfo46wU8Yqjpd8egU3z49aEQxSM4 - oLr8yr5oJawvUhhKDSTQouK/ueJORRqFmFNKQX7fGnQC55XWwk3xJg7E95P40aGg - g5vQTEv6va/e8ZwHlx368DqZFjjVeh1LQzGEby/jbXvYqwv+CVtWiwO9N8lF3CqS - n/64QBEhmt+krBjf/rAHAPILrsCD/DW6+AZSo3UocPDlrWOho/Nx9fGAiiDqhJc1 - ViTl0WLDyMGUFEH27QhllZfe3nJkMWFaBPbmDdWBF03GkRpyxLcPQHv4+96bneSV - jgS4+O++CpHJ2Eq6zmlzZvdiZ6eFkvPjSQ87+6dmO8hQClDmjRYcfe58fM++9GdF - 1zt4jG08VP/oMHaKPWwOnKjalOIyk8l8jK//GgkY9ZL/GhEekQc57Vq1MrR1e6pj - RGEel/jkVUimFv21rkS8qWmqf4ewYIv8U4EPS1zi0M1nhA06ZOu4la2EwRbQCqex - YPpb39Ag+YRkSDWPf74huu9EqUupjG3ozG65/qlhMEmzLORcMFIfe9qxTxBB+ow5 - MmkGKM7jh2pACdPtFDXSIJWGOxsvCsR9nw== + bm9jZXJ0LnN2bi5jYWNlcnQub3JnMA0GCSqGSIb3DQEBDQUAA4ICAQCdursP8tsn + gXBv15kTKhLyCH+E7ts2OSoa/NQychs5TP/bi3gtXunfLTlormMFcQRlnGH7cYyP + nlVxCHPPVGr8wVQWZSNMOQbDyaWjesFCNHvvnArjnZeNTMTfhg9UTcu2XemPgnmY + yqykLMnLwxCW0CqZeumFaD3BlElqs3D1SYbRUBiILqu1LgXQAY5NOFuCS/Hkf+da + PJX42OYGyYCOM7vG0AlJ3iW4vdvqxn5Utc4RFIptn5PLkQThmP+eW43gDWJlVvLv + xjyqv9VKLkaj5/OEzLAxqEnPOZRTEBRX0WQluMzLiPn+Ia+EdEkTeOghEJD3GISg + otNhQ4cihHnMCzWMtNlCJqyBGnwtIhmvNbQ8HGx5Now1eYmPBXyvT/syEZvHuMDw + /87v1dqZ38T3HAGO4OuVGw7t0ky4NjfKOkoxNWhuqO/sF73RvbtQyXTK4kaVta+y + pIgqaYMyWhh0uCgPei1hU3xahFdbnC7613Xtexs/5yE92deK6oXxGeehI4Vv41ht + p7jV5klv2dnmupqxhUqO1RT9ez/4TZ+mnjwtH4i4vH8W8dcxeNh0mlgXMEOmjo+E + 1GqajJd5f2Wis4EDJMpj1r0qo/NCcudt8HXdIN2edzmR2pbblztY3GPNns3MrXDQ + dWvtNF1azrJkTIblrxXbNf1BPkEABU/KTg== -----END CERTIFICATE----- private_key: > ENC[PKCS7,MIIOHQYJKoZIhvcNAQcDoIIODjCCDgoCAQAxggEhMIIBHQIBADAFMAACAQEw diff --git a/hieradata/nodes/test3.yaml b/hieradata/nodes/test3.yaml index 40f9bb6..d553fa8 100644 --- a/hieradata/nodes/test3.yaml +++ b/hieradata/nodes/test3.yaml @@ -12,13 +12,13 @@ profiles::base::admins: - wytze profiles::base::crl_job_enable: false profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAMKjN59WDnskWcAtQqEliDyQZCqXlz4vLZ4p0 - nDx3yRY0XLObpodx1h9Em3XhETsm85Quh0MujnPrttb6XMh+BKNurc5kLLs6 - QWVNzRyNqm9d+1DLsKjWOnYzwvu1t35v5ZKmsnsmF/3Ek5qmWGlkoiaNajKJ - 29z1WldM/ZBpXAOv98iPE7iF8hrqpvUOyaJ5mo5aAlLHDT1XW0GQiBPjrMYj - sR+c7K/3HiuqA4sMsjAhQANI7CFNyvP3sgLE+sp+0PWzCXN6+4jDdUCTI4mp - 4RL43bMkSBKgLsMxErQW6yenEYpx/gAGWTN16TaC2L3eOlmDs6yMlabLbSg3 - KNPHHDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBfXQRynNrVC5Fg/jv9 - oA/IgDD97FWwTY4zMQXU8krGLmlxJYiL6mCpdSzhfEtWYxj34Ch1Ce0J/HKa - CW2y+asnB/I=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAMKjN59WDnskWcAtQqEliDyQZCqXlz4vLZ4p0 + nDx3yRY0XLObpodx1h9Em3XhETsm85Quh0MujnPrttb6XMh+BKNurc5kLLs6 + QWVNzRyNqm9d+1DLsKjWOnYzwvu1t35v5ZKmsnsmF/3Ek5qmWGlkoiaNajKJ + 29z1WldM/ZBpXAOv98iPE7iF8hrqpvUOyaJ5mo5aAlLHDT1XW0GQiBPjrMYj + sR+c7K/3HiuqA4sMsjAhQANI7CFNyvP3sgLE+sp+0PWzCXN6+4jDdUCTI4mp + 4RL43bMkSBKgLsMxErQW6yenEYpx/gAGWTN16TaC2L3eOlmDs6yMlabLbSg3 + KNPHHDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBfXQRynNrVC5Fg/jv9 + oA/IgDD97FWwTY4zMQXU8krGLmlxJYiL6mCpdSzhfEtWYxj34Ch1Ce0J/HKa + CW2y+asnB/I=] diff --git a/hieradata/nodes/translations.yaml b/hieradata/nodes/translations.yaml index dec4ae9..10c21ee 100644 --- a/hieradata/nodes/translations.yaml +++ b/hieradata/nodes/translations.yaml @@ -5,13 +5,143 @@ profiles::base::admins: - jandd - law profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAfQt55rAfM/F5sHxwF2piA0Uz+VK3wfxDfGrq - B86bLEMxo0L6JCKAJZCbB3g030KCDwHkijGTLdWhFXmmPrtxWxLP0/gSQr2c - zdINvFYImjree241KUkXIJXxn6pdjGLSbikgJgs9rwIvgGJLxjQZQ7SMhQg2 - Qrwg5ST8tkEqyADYeBMRrvRs53XnD3fs2RKW0hQcfejV5UTVyruVaEtCBsla - eheWrISyIKWpTF3URj87C7VX1oO4S8eLlI79uD+hBJ1FMQydxEdg44KCfn7C - 0SPnekHB1DsccEaVMNrabA0NuUaIuO3OacgUGIGY6wIeAQ8XU4fp/80TWg5H - NWPIWzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAIIDfJz8DZ+wTiUrSQ - f5zZgDBxARneBbiwCCFM/g2AmmEVOHwFjUATjdCXpURzhVEL+mrFjtakN16r - 6tihfcnNiqE=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAfQt55rAfM/F5sHxwF2piA0Uz+VK3wfxDfGrq + B86bLEMxo0L6JCKAJZCbB3g030KCDwHkijGTLdWhFXmmPrtxWxLP0/gSQr2c + zdINvFYImjree241KUkXIJXxn6pdjGLSbikgJgs9rwIvgGJLxjQZQ7SMhQg2 + Qrwg5ST8tkEqyADYeBMRrvRs53XnD3fs2RKW0hQcfejV5UTVyruVaEtCBsla + eheWrISyIKWpTF3URj87C7VX1oO4S8eLlI79uD+hBJ1FMQydxEdg44KCfn7C + 0SPnekHB1DsccEaVMNrabA0NuUaIuO3OacgUGIGY6wIeAQ8XU4fp/80TWg5H + NWPIWzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAIIDfJz8DZ+wTiUrSQ + f5zZgDBxARneBbiwCCFM/g2AmmEVOHwFjUATjdCXpURzhVEL+mrFjtakN16r + 6tihfcnNiqE=] +profiles::x509cert_common::certificates: + 'translations.cacert.org': + certificate: | + -----BEGIN CERTIFICATE----- + MIIGlzCCBH+gAwIBAgIDFR20MA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv + b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ + Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y + dEBjYWNlcnQub3JnMB4XDTIyMDEyMDE3MTcxOVoXDTI0MDEyMDE3MTcxOVowZDEL + MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD + VQQKEwtDQWNlcnQgSW5jLjEgMB4GA1UEAxMXdHJhbnNsYXRpb25zLmNhY2VydC5v + cmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDQLVTsH5bhb4paZBjW + JI2/t05yY6N9h3KnM6+KOtd4yp2a5BGO1NmJDzBT9s6+a/SPQe+Xj1/KBIgahOl1 + 3cIcFoqermTd55hKZ+9CXXt4gn1scXpLTPDK43h6KUd66LkGjao4nWe4vqr1BmYX + fGWVBT1QAxrgMgtr/zHPdEY3BvSQVIN1P+OpXNMLwgTJ8AaBa28sLWzd2CPJG7Z6 + 0Yi/rlaEkCTldkQW7lLpsyymXZXRbt39xk0+sbcjEMOyz+zBPn+xU/x6bHgx7G3R + 1+w73zHRJrftNnqZt8D+7nCW8HhRPz9W8qDQufEiEfmggtcdAqBvxl6pD6lDNGoy + jlQ2tsd60y5KmOM1nZjNpeFksdJlAnlD/vwLiJHs1+1Y0STcwMMHyromY5JmqWAC + M7j1JzFELI2gaKjczqzeuBjDfb+hzyTlMnW1ol8KKFk2QKssxNTVHLrCvAUz9HUz + 6QAk2iRaZWDmp3Ki2tZJwWjHEZ/Z1MEiTrR/zfJEIjX3/9wg2R3dMcVbPrnPz0YL + lOsCOhcSpgEGm0vworplRW9desHSGzSo/BH5Z9iOz3vr3gOYc6cfM+6okIvooIUD + 5k4lp3kOiIHZT7INN+ifVXQ7X/wQgQZnmh12eoFEbO0FfzDfDyYRJ6rkrGtY72jq + tGbEe/0fdBXT68SJmwrOAzA6WQIDAQABo4IBOzCCATcwDAYDVR0TAQH/BAIwADAO + BgNVHQ8BAf8EBAMCA6gwNAYDVR0lBC0wKwYIKwYBBQUHAwIGCCsGAQUFBwMBBglg + hkgBhvhCBAEGCisGAQQBgjcKAwMwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAB + hhdodHRwOi8vb2NzcC5jYWNlcnQub3JnLzAxBgNVHR8EKjAoMCagJKAihiBodHRw + Oi8vY3JsLmNhY2VydC5vcmcvcmV2b2tlLmNybDB5BgNVHREEcjBwghd0cmFuc2xh + dGlvbnMuY2FjZXJ0Lm9yZ6AlBggrBgEFBQcIBaAZDBd0cmFuc2xhdGlvbnMuY2Fj + ZXJ0Lm9yZ4IPbDEwbi5jYWNlcnQub3JnoB0GCCsGAQUFBwgFoBEMD2wxMG4uY2Fj + ZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAIFGJf5ZesTA5UbfghQ6RVnbHA0s7 + Kk+BEVOT8HTvUEGGiYWm6rQXAO4lHqkVt6kNwpLRgKoS/X49p5oY1DRR8dMJO41Z + is2uZrlHA80x6TYwvpb1R0MaEhk7jvpZscc8IlXpN453cp/d2EK2SOc3SjJJ5K6W + eZkxKhXe8DCLMpLdp/Y/PmWs9r42l7Egg4xZMzeBk7vPjXg9YEBWSJu7uqEO9E4r + p4IYsSD8FT2IRMtAkycSl1rlNK2iu3133WKSFz2eBf8K0tGBGM1p76DGHgcyRU2a + 8VEGwdMvc4rN+ma6j8/IH178i6onBkiFtoE8KjKz/WrxBMZQaAkvcM0wNVow3DQr + DXFnqDUUyLscVAWSlScfHotl/xnh71zkAawLjr/eEKlO34++l3UMw9Hz++f+2Twb + DZW+ovVg6zTQV/FREvlqLo+GbmJreY1tbMlIY2yNfoIIrmLD1i5h7fEN2QEU8GJZ + D/ZCXPIk2OBARnmZvBw1m9zqnGLgSOjQzofJLxrOYbGJEsSYuz+CyiDaoyZGutIL + Tfb4tPBUyNwDXTKGlCo6lnKT9XadGkcVRP9tpKhubMBeJj1MLkYXf02eqnaTbIQD + IGqBZwLyPiVB11tvivdm4ITEvBz1hxWMGihq/rUH3+Q9qggQNrd17QgCpx0UPG8E + lXFcjN0aUi8RKW0= + -----END CERTIFICATE----- + private_key: > + ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAS8NdfqhFaOE8DIdyn2yLz454Xh3DQ6Mh/s3h + N/mhRm2igz1S1ZDIOhRSiG/GkGDjJiRm+r1yTqdVk2mvqJJDVSquta4STjeu + 8DFz5qUF6528mwE/gsqbX3tP7HAXHNro83/3g27ymaqXGpm+p4A0JMiDl8Db + nRR1nOpALWoFJtdGIO1Z4DI++tIoQ3fHSxlxx9/vlRsu7Upil/5TT5U+Dnp+ + kxu7oMPJaZONkAVAck7owZs9EOTpS8wg8d0zzFIEEOtd4ZpirDqaeDlhwzsA + sLTZpRfZwbH7NDP5MsSuRfJsJOgbOM5PvuUhUpqYow3jOyAAVcW2bILC4woc + uZ0LXzCCDP4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEF5KRUmRrutgGvwQ + vSva1lGAggzQFxQtKYWClicQXTxlxBx7SdNMQPzTQlgr9l6/DnTYh+C2iECB + iacq/OVET8PzIiiXeH+fHTbTBpUVcbHSLkS/5gWP9M0UrXqW6DkuUWKTt5yL + BSdNkDpsaVTgM7XfUG8fvvlPKh5YwKHkBrZSA/mb6mWVV+Ng8kGjy3mdw0qL + H2/d3TYVL0AkKKwPSpkU0VTSeOCf/4kmV8K9/XvRzz4Kf1tTrGSHXoqFsGDo + v7M4e87twixMJIMBbLcyTwoxXJvVTzeRNIgShB8a9ayoP/iunGPA18SxH7KV + mU3pmsIxv/IbR9sL7XRes1Rso539IHzM7lRbcqm6jMThX1FGs25ih170BpVN + aLUOE6/ik+O0Rg53AmcWG5cmzNW+Lv9cEjxMV2c/4g6m3uFvP+mEEUogL9xc + hCaSErZfNFSBWzTC6x7bpKd+0sm6Acz5Fo/3WTt2lPbe9yx348BZ1V0bUsjp + IdpQ84j49sA1xvCe6l4wd9IJNILN7zOQJSqK9c0g5q6jH/zscPWrcrq72IHP + EN+83tGiPIO5Zb5LVUA0oHI3LLO5RjwpM1vI8p18wX5q6Ay7AtWKkI/hqCei + LokbLQnK/rOAwz8iH23jFGluI03ekbP0y4zb3Nz3M1hUvesR23HR0S8vaQA4 + 48B6KJABEOsVeXQ6hygK/IOfWgLQYm8dbwqDtfIRGm+HWSBYSh9iXVUoPI2A + +8V57UaBTTVFcTts4nyX8gJOgAd6awuu+v6YOBQdiPnhKP/JGYY91SjPP/4k + C2RIb/AzQtXsft3v5FtEx5fM3iwSUeFcJ3GdivbdysNXRLV/4STxq86HTy+M + hHtnF3uhidO8Osbh8NrA5sHUtRYvJ8ymWmIWFDKx6+qeBK9MOstd7Gg4nRGe + ++VCP7ziXl9urr9UmO/gHOEK7c5G0OzrAZCzprCkEh8qyu/PiBPcA/D367rH + E+LtyIZYDL/q33j8jpE2J+wYWKzldkevZDfQV8w+QhS//eUgzdqxgesBMy+H + NM920u4fjP1KK/fBec92ZdgXz5TLsY+ZY5KjQqDZ8gBfl0HIWujHTreQz1sC + JSfKMgH7R1JZBJq91gB2vmnHx3szakHdHWzFEwXmM5zY+W69fbcQqemoW7bL + 86xSOtnqbKahVabynZfyPsasNYYf+aglBdJy/dpvY8yspvSolHVoNMnNR8Hq + cJqw3KYQgj3mOVb2r0kgOSWKYrOARrbjNeuDBGcEPWZIwSqQ/v9KT370o8jI + MYfxi1JEYKkgV0ytR28YyMkWGam8Me3Pa6VxLmt+8jzv3IRqbNgeG3tlUrxm + Hijvdf1qZfIHKRZRtOjHMPfDRVBs6xmRmaY6JuI3q4bhbZJfD6wjh0xKPHZM + rh7tvWS+uCuhZQlpImXZIoY3kfvpbG3u8plwU3eJmpePzgSXqYBuu7Ju2Xza + 22oWDFAtwODzsrbfgXspZHjySc64+XgkPM5UWgzb3QDSx/fXlu2PA3y1LzN8 + kgv27GJBScQgqPL+u60Asvsmlg0WxG6E4FsEzl2PVpe13BzepPSD/p8SH8Up + D3NArWp7GPPbrktGRdEoL2p4Z4Cu2Rl09ATx7NyKPBLJu+tSWAv5GnFMsWSs + ldpvYNxMryUVh/saJigQzeG7ls33J8itH0uAcP8zFaN5W51aUqbpu73ASmjo + JWrORyxbsfD2StZv3KiRsNVw2P6wcai6ez88/bNJaaqQoUZEFSKtFT+kFr6g + scZahCMAG86xe2vUuGqp4xiwbAsMQ2ldDM5hRf+EbuY/OyXgD9FYy0vAEyNG + lms1nbRfTtHvGHYnLB/7wIgJeqn/m/2A372iF4nNvayE274IVZldnfCrF+xa + 4Ga/XKarmnBeAFpQqdFc5F3CIoy70zy1VRFmCXEFrE4k1yARjEpIiVM48ZiJ + k+RGae4i+09hxN8ynKWoCXoej1Dpe3RBUdQiBXVKnOF3oPTSXJGvZ2QHGbuq + 4t2JG0waDu7z8qOeXieduJ9AVImXKbNl4c/pUfYWu1Dyqc8efq+YCynsrpL8 + 0FkFXYUOyeA0n5T0742QRZe74sx+kh5YGJIeqDkeMgF4Kx/b04RHrXdmO4Fj + r6PEYKbb71CM7qrJL1s5eNHuOfN+SI/iiZ4r5inE6eVrpEf95bab1WwVGbRg + 5S88ibPYe9iHfz9KeeEFL0SLvw348WxLrKFk2iF3VwcmtXs2YPAE3un31dI2 + nxpNlAxGT0XIj/61mNjuxtKiKV3YF45q70oYXUW98+Lwz4yLlW9lJC1zQXF/ + DnujyHuUqtTtWVc9djLyHCOHglwFCjQgWBw/cXlZWJzmMZ7bGRCT7EV+AwE9 + aHzX9xDnpRL/V9VQTw8rFSkEfqHUdwRXoV5Ek4ZAwu9BQgaU+rDgwZv0tB/K + 2lbYHVkyP4M9ZCr0mjxSYyLMjp0oiA/OliT14zewt+/1x1hVrduUevVuoPE9 + 8sgW2VJIxO3m2/DFpLQIiKxLSCX3Bq3KGeT68T+s2YP484XKbJEzAM06CV8X + uVgNdkECx5UzKXZe3VTOoLZ0SONQpjZjgDB3H15w7u+KGZydqBslKA+5LSlD + 9yBdukPfWqPnPBC9LGfzaGX0ybvUs9x2Thy+ide/i/hkGveyv60mjU56+xq+ + PXiy/vbZCnuwy50E7QT/3ecjemPXLo0nLmwMn66dYsEbyp0I6y4JEBhUGfRp + zl0QWD53NKC5qP/qtbI/Pa6Zr0uDP4ON5ioRkFay1eMpdZRY2Ww924637/OK + 6nrRtZFtn8Brtye62N7ml1PgpjWkbxS44vL1ESTF4LjzCsVaKmSmxvIVyXuS + uxo9jAGolzArzjCmtDAV0Law8Haiz9b3QCgCr5ocS33/VGb/OiiZvB4ODQDj + EuFytCM47uN0XJm1B8gr+zHsumBEntlJSW5e8X7lCnIgQHf2CY9PERIJxuED + qEEBk0sFDbFgdA8sqkLBERkJ49ko2gny7q5eePCdNJi1fwJbVe7EIHAbZsZE + kAOKKhV6hnnkbYVLBaqZOhxztMDDgdAMD2z1y6p10+RYMK42xTqgEvg5uTmM + PGCDgZwmlW0N6vaVJrxPU8UbWLiHH56jn/SjVk5rPCaWkveqroYB1/xF3REA + dKSUaPRq+nlcHtvGTz3eRiqwMGaJn91V+oaENPl3AEQKuSrUmWtih1v4spQK + J7uKPSnlnu+ghlqfDfFA67biFQL16E+y0uWnjflPazuSknfRWaeruR+7jQOr + nFeabd++klfOefXvABFg+4POKYzxzpHWAc27jwic+pu2o9t9ILAArHL71W53 + qx7TbQkjWOQ0l1IlxMgmGhlso/4D/kcU1nWY5hTJjt/SVrbZfwsAntvHsLIm + ectVA0fxTE9dFhx+lLDaQlsgZar44dJ0HemTJmphZBenywG1oO4Gbw0D3ciM + 6TOmMznninEjVbndpb10+bXOCRDsm9McYuzVB/5t+V0r9XCsEAioCpwE4Lhm + qoKJCVKrv7GLWA0rcjrKaCXCxiVqMqDALe0mCuM9x/kV8L/PqARgAhldrY0L + lOGvl6wEijBYmVt3YiI4WVB58ar7rqyRkScSDMRIumZ5tAMSNb8RAaYrL9XZ + MYjcIg1JJO78IDrfzCy9epd3GCVntgz6YMle3jpsg2tvp++/jyBouPowBPup + 7PDdp1fras71sGtHkmgD7EguPKLU+K+D0rEUr1wwg1Lp3dbYpRSk5D4bgolR + LMyWyGAmm8ZpYzkwlsHFryOjxw3vEp8/BvVjMKk9nDsO/0c2eW/pOCNEH/i0 + Zzm1mF/WAleuifUQE/fhrameLgYnpJhFLhEgjiCSkUKbzXJzODSX95Yyntuc + AbU+IqMeNbnNUcFuH7hketYY/qpHUI+AfwFntj+PDvmisesypRnwV9tUxQ9A + RyC0Ji++v2LQ9mQmUSg9m0XzW1neV7EL5Ud1fbZebg/xlvLgugewFoF4hwT0 + moNEnR4+UWP33gGzpf/dudrdiKKDhE0QIKwHR8hGP2DVaxs0ZByIioQuiJp1 + JltyWN9AjBZM95gCtnDPAoNG5MPkE6YSAoZd3ML7cvIO8icZ8arNsteSVWZ+ + rNRkuqtUo2z/6cLocmfuy0UeFDQfcUO2eJy12L6m0aLifTgRL/yTczr2NHv4 + eIpJPx7Or6ths2RESIjVZ3CFI1aimCy1ib4WDGB43KQUUhbvrkwVgFEkynFy + ErV+Ds866A0otNVTzSKLngO9CXlktCQxuvsexAg5V27VLWgj1hr2qOm/4ooZ + NCA6Ih7dA6SwfdjC/hR1eOt9fJeZn9qepsjQOsJnDEkPDF4KrIq2hRn7zTg4 + D+u44yGXKu8yHRlmdHFMxKbsrVLj8ETiBjG6tT6DPth52m1cgj7cxwWUrr1N + OyPnXw==] + cacerts: + - class3_2021 + - class1_X0F + client_ca_certificates: + - class3_2021 + - class1_X0F diff --git a/hieradata/nodes/web.yaml b/hieradata/nodes/web.yaml index 36ca38d..d406b37 100644 --- a/hieradata/nodes/web.yaml +++ b/hieradata/nodes/web.yaml @@ -5,16 +5,16 @@ profiles::base::admins: - jandd - law profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAMqkR/DWeLFAWqlr3jgDHss1geIoCQ3uyvLYN - 8ZIGs2H9GBOt5hLtauxpG5U8oWwg/G4blCEFHAHt7XUrGHW57hLc18uA5pz0 - rxRoKvrHVWBevsjvGK4lvmI3lfhY4EShqFT80O9u0Pn2XxyM0vmlDhpHuNb7 - dqCp2d9hHnvM+/5rqIlYqMPfWQbmO1bYnE+x1pbHiZg+qzeT0klYJUbL+fUz - ZiDuJi0yDbqsX1pAB4NdQVD864IjvENg7TNxBY2Cqoa3XjnayBANOT5HdXKw - yjf8+UvfpbXEc5QohyBMQDfzxZ8MgAbjRWd4+AmIIy+tbrdqQMMyhZ9ILAlM - HJyrfzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDB9xfyP2Mjapd/vzRW - ek3UgDBo03zKwbxJ6uooqQ/68zHDKAj0gh2Kpe8tGdbnKm1dOHIpru/5zjob - 2gNuQB6szY0=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAMqkR/DWeLFAWqlr3jgDHss1geIoCQ3uyvLYN + 8ZIGs2H9GBOt5hLtauxpG5U8oWwg/G4blCEFHAHt7XUrGHW57hLc18uA5pz0 + rxRoKvrHVWBevsjvGK4lvmI3lfhY4EShqFT80O9u0Pn2XxyM0vmlDhpHuNb7 + dqCp2d9hHnvM+/5rqIlYqMPfWQbmO1bYnE+x1pbHiZg+qzeT0klYJUbL+fUz + ZiDuJi0yDbqsX1pAB4NdQVD864IjvENg7TNxBY2Cqoa3XjnayBANOT5HdXKw + yjf8+UvfpbXEc5QohyBMQDfzxZ8MgAbjRWd4+AmIIy+tbrdqQMMyhZ9ILAlM + HJyrfzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDB9xfyP2Mjapd/vzRW + ek3UgDBo03zKwbxJ6uooqQ/68zHDKAj0gh2Kpe8tGdbnKm1dOHIpru/5zjob + 2gNuQB6szY0=] profiles::web_proxy::ssl_certificates: 'web.cacert.org': key: > @@ -102,10 +102,10 @@ profiles::web_proxy::ssl_certificates: yI336g==] certificate: | -----BEGIN CERTIFICATE----- - MIIGLDCCBBSgAwIBAgIDAt7SMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB + MIIGLDCCBBSgAwIBAgIDAvXJMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV - BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjAwMTIzMjAwNjQ3WhcNMjIwMTIy - MjAwNjQ3WjBbMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT + BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjExMjI0MTA0MTE5WhcNMjMxMjI0 + MTA0MTE5WjBbMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRcwFQYDVQQDEw53ZWIuY2FjZXJ0 Lm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANPTMXkQ6HPQfIBj oMdQNDYIjn+prNkj3ERoYxO9P+rrC1NBl60XHay3ed0oi73HI+CKWJ0e+0bKdgH9 @@ -124,17 +124,17 @@ profiles::web_proxy::ssl_certificates: hhdodHRwOi8vb2NzcC5jYWNlcnQub3JnLzA4BgNVHR8EMTAvMC2gK6AphidodHRw Oi8vY3JsLmNhY2VydC5vcmcvY2xhc3MzLXJldm9rZS5jcmwwNwYDVR0RBDAwLoIO d2ViLmNhY2VydC5vcmegHAYIKwYBBQUHCAWgEAwOd2ViLmNhY2VydC5vcmcwDQYJ - KoZIhvcNAQENBQADggIBAE+sKagTkNNQkUniq5igSX41g3c8Z8uzR3CEC6/B84Tk - dIFu3uknS8CVYFw+eUj33LOed4r1WX8SLx5PUxH2GRfIOeKcAS87wwC8U9Ek0C6+ - QXqLnVur3UeNZNjzAD5trBwWNmm+9ZCwGJLDFqC5rvH6dKA7Ipq5WenGmByRmVOT - gJW9l/jZyKVsiOyRi+6q3KFRpCM19NsB8P0JAcwxirfDipODn74AV7cf+DFGr2bq - tQ4luTzn2pkOUFE97H3EuPv5GFzAD9LFrqB7oodusC0jTGbIKTT3ai2UF4Ndp5rB - aywEiQG27AU7hbsJCv3OsZaKTPSODvpy/lNjhFOaSdKIUuOpegPGYE926bBEOYmd - TtSZGhsa7o0vRs6VkdSR78jmsVff0ST7qwGKTM85P6SkJs1xzeVWy+hHCTDEkmp7 - 07k6zKgXfbsqLdDeKUwlvyN1kS4Os73VRMLHr+AzF1mRGzT3QCWMinEF1L62ydzP - qllZ1Bnp72Wzxq0qq8lz6ctXNOS04cvWUw476kel54x0oaVO1ZzxevJ5UvR67d/c - j/k/87NUyUL5LviFsJrQZCTXqu8ev6m5wLTMFxGBLxOKUuw3S7t5jBmhF1iIpWeI - rvabfx+0n1L9RqNgbTdqvWOf0nKUQCRjCWnEvh084LvdMuPUf0SrM5hibZn5uiLA + KoZIhvcNAQENBQADggIBAD8GaQRcIIDtwwwxjlBDWBv5p6R669wfzuTqSSnAhFs7 + bGajS4Loge0x1csQNRao469OidvsJVZqM3/C1Yz4pfAIVHx1cOXHrryr/e/CWS8q + leSxM0+edkz9qju6yAxvOEHJdhQsiO5/kaw5adwJflfs9BJDPkuae+Z3s6qKZjdZ + OQMlYrFTySVzbl++Uo+aZWT3OHX5VrkppgK5IHM623DUnCUg/0uXBxz4O4l+dPEA + LGCJ+8nj9OOz+bDwxCDsQ4McxXsP/4O7GjIPGQmw1GnL+LO+pII5hKTIZAkq75OW + XlkhAkWYlpurK5ZUyCyo206yNcOaYzpv18mL9eBme1UJywYOs61HBr+W5KuQq8XL + B9pAMe30xgyz+NLrdFGE+V886O+wb5/XII+voLtX2PZD/L8H9WzWqf39TBtL3pfU + X7m8Ya4d4psvserKl+ZoQV2+fBgGehKyxdUfYy7+DYgG1Oh3IY6gu24WFN8s90oy + kmu5HCPc0lw5jP5ryHe26q5YDNYUjf6Y5p0RMHTvCi1BehT1QAREc3/DAqiHs5qY + Itb2RoVrqPOVuHdpvOyuTMMmfiurqPACv3mU+Kdjay29GDpTPbpmxtSfQLcWqfUp + paF6GBpvZvQk2PVf7ig/FSA81UCoH/gIJ3iaZR7sJ+iXZ+jS2dw8D+csLLLvRoD/ -----END CERTIFICATE----- 'codedocs.cacert.org': key: > @@ -222,10 +222,10 @@ profiles::web_proxy::ssl_certificates: jkpGlA==] certificate: | -----BEGIN CERTIFICATE----- - MIIGPTCCBCWgAwIBAgIDAudeMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB + MIIGPTCCBCWgAwIBAgIDAvtcMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV - BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjAxMDAyMTUzODQyWhcNMjIxMDAy - MTUzODQyWjBgMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT + BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwOTAxMTU1NzAyWhcNMjQwODMx + MTU1NzAyWjBgMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRwwGgYDVQQDExNjb2RlZG9jcy5j YWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9y+uLMOT WB8okSFW9A7/62mogifOBHZ9hlpgAozeyeREhWjZ7oGNot3F6GNjQAA5Xh2TaD4a @@ -244,18 +244,18 @@ profiles::web_proxy::ssl_certificates: BgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9yZy8wOAYDVR0fBDEwLzAtoCug KYYnaHR0cDovL2NybC5jYWNlcnQub3JnL2NsYXNzMy1yZXZva2UuY3JsMEEGA1Ud EQQ6MDiCE2NvZGVkb2NzLmNhY2VydC5vcmegIQYIKwYBBQUHCAWgFQwTY29kZWRv - Y3MuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAM2Y0mjhkyhZKLz4imIOv - /fb6ybSchNLDk/nyrETTTARLqo8Q5+VHnKFNi+7Gx8H+TeVTRxXGRkMTmDC3EXPW - yB4JECcjdMv7/ZYbkrIgpy4IKnzn+3xSfll9WXU0ubOMnFS1d+A8vIaOeYcuGOEW - QpaSCKTFDy/R7KypxspirI5TtlLu0iOr8MuwwzXNOXIjf9HhW7dCSIRCz//3CsTQ - qULnlr+JvoY5fznvAoopF+4ipwJ3AQFOeXol8VHQbwMgkxN0eNd3THnORmOWVKrQ - 5XaYDDWpDRVTbuLAS3OpZmPEMRWlQgPHpb0kBFUlmmoCedgEdvgEHqY1896omVJ/ - 1OahCzbSutHirglsHqQPTKxTWB9flDiR6JuGZOyyw1I3FJJXZ/KNMqUL3PCanc6M - jLtYov3BYGDr9rummjnsGj3GqqaJeqk09DcfJ72HR5CQ2w5JXMSA2OnBWyDw0wJG - +89vupFzPeXo18ICVdY6yzL7mTO9HxDlmXoL5IfH9TniL9U1ijCgyIecMrykHMDF - KXdYwApYZ86wbHLr0c/fW4R66yhLCYRpaBji87qDp5qzDn1KdglBVESa3WRBNu6E - J99sOFDEQXU1iS141lMrIHHCVsQUSYYPF03X4+EgcyhI6uLU9a6rIYG+idHIeod8 - KxlE15huNRuCqBg5d4M/mfM= + Y3MuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEATAlcw6eN/Cm003SYIF+n + h1LYKOTh2Ll5Id/KoBO/hmzQvpxnAixPAWoo5/Qj50qBLKw9dVn693p6E0eFnjfH + H7DB5Kp0adPgAK1KeZoyCQtnMStwEcrdXoTk+RXelZ2p4uFTDuxu/3Ucb9VWa4of + sTLmPTOThh46/RL3agWB0XNaQuPIs3E+1aEraSDKiIR+45ySDhFflANWZTur/Elg + SeoVynXdOjwf0sMv2uL08YD/xm0OTXnxVXEiJJNXgS7Emiay784t+7qiTH9jNex6 + CvGpHh7T8FS1bkCe5lX/Sxqf4U51QUxt6jXu1qkK0tBiqnsLQuJoEJHPdDrLkTFc + Cja3eeILRvqVPqGY8oL5HYr+LgXeRN4+NhE8L8Q4fvRx8pkNoPxGRy9npoFboNZI + Z7BULpwtIobHYHtowlyKpiNbgwe4iK44VrVmPDNQaCha0D2P/4TZtZNgajcvybtv + Caw2MaAPg/jsch7QLD54cCFD3RjoYMLD0kTphSUAmD1doCaPp3M9ZnXDcuGjYGDC + wMMwmJ9IkLGmsC75ytRBBZH5SItV3S8sa63DwhaRCJSKEC5yIUto82Mfa0MujxUt + J1E08Kg/VX0ca7l3aAFORBXSvle7XmFDzfq87sgbF9ZvzEmk6uMtc3ydpTGxvW+I + uBDpBqkvq+//lKzww7J7NAk= -----END CERTIFICATE----- 'funding.cacert.org': key: > @@ -342,10 +342,10 @@ profiles::web_proxy::ssl_certificates: A2A5aApGS+1a855WLr6+dCY=] certificate: | -----BEGIN CERTIFICATE----- - MIIGOjCCBCKgAwIBAgIDAur2MA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB + MIIGOjCCBCKgAwIBAgIDAvyMMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV - BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjEwMTE3MTg1MzUxWhcNMjMwMTE3 - MTg1MzUxWjBfMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT + BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIxMjE4MDkzNTIyWhcNMjQxMjE3 + MDkzNTIyWjBfMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRswGQYDVQQDExJmdW5kaW5nLmNh Y2VydC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCkwXDBlJ9D rpGz26rK4N058I21MBfnZbsEqtEBpwvhnYH9IYhwTjd7i9vFNxlBabNBaPJ2Ro5S @@ -364,18 +364,18 @@ profiles::web_proxy::ssl_certificates: AQUFBzABhhdodHRwOi8vb2NzcC5jYWNlcnQub3JnLzA4BgNVHR8EMTAvMC2gK6Ap hidodHRwOi8vY3JsLmNhY2VydC5vcmcvY2xhc3MzLXJldm9rZS5jcmwwPwYDVR0R BDgwNoISZnVuZGluZy5jYWNlcnQub3JnoCAGCCsGAQUFBwgFoBQMEmZ1bmRpbmcu - Y2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAoGWNT0vTQAadm6bmaB4O8nMG - mR3NlwQLKNd9SY0HbUehFby1JE0nJshG5x1Ew/bfWgk5svfMGIwlOumsFi5S8zRi - doKpdGWxihyzNO1SyGP5OnQ7e0cNOcZP6SxoXy7/uN71rK9HoGYyWY1E4MnZYt7J - WKFVPC3eLD9DMFOOf5mH96vdjkjA9HRWxS9to0EuCUxTBBPQOsOK7JTF0we6yj2/ - 0GBL4eB+Jksr1rva/efsR6FM499Aoa4TKhIRLHy+kHZyWbT8tfrBBOKICfiCvubw - /JwxYvunPHDAC1eV4RTYw9CjGCgKjWKK6wTV2Jky1R1332CrDSGpBMfmPqhCpbiM - XGhF5llV9Ef0r5io1OuQfFsDijTnM3oCYZ+y4/+NT0/FpPDeobekN4+qnWN967Y4 - dI4Eljvn126hmHybOBbbC9Bkh1sxonsfRx8M2u/MHxk5ToELH6bHhGIyhZO7LABl - MR/kOBQl+Uv7YUPILopSDBllwkzj3NbLcRWmOLBJBdjNVJ7VEkJzlQVbOX3rdIBv - m0xJYrJeIXhDqYfGAUq8Z2SQJHJhYFT9EG8ntOf1ttvXNNw/cLmHX68GnCkq8IrW - BZm85tchOLBPpUfWk4kQdvE6bpe4jqE7+UCFxnmUhaj2634QSrD0oYs1KS9kclNE - Q4HPiz3fZ3Rjl3mZEHM= + Y2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAqAVlhiPJVgncLv5A8Owqyciv + 4zxpGmegSBLFFFiK81WCDPiSTuFakB3a7djCRtajUsckrj2/NR9KdRIlKNDpNcUN + Szl2JGJ22k/B7LJkv8q+KNrAixXg96k2K08+TgITQtAKaUNzhoB+6Ygr8TZUSaCe + nlZ3tUWcq/lkSwmZkj1EARbQLX9Q6GFWs4ctJUzbIsDA1Fe5A97jaWLXix4ZLwNX + Sfpt7iXj0daHvyjjc0fp2C3WrFr7q9af0LDtcjKx9CaYetc1nUVbk6gkUEp7vsi2 + /jnOKQdKs/hMglfDcYhHhR9aH0lfUsBYIPUn19RHOMsVkSbDjO1756h1SbChd0e7 + mgzMPn8F+40ZQri36gA829SDF3i3A9lZVUnW8gCEN7ltAIjqH5gPGKBh3eWgb0YS + AtybEngCPy9O5Ocya1aKHXcPQ5vF2D8D3BMoEzFBZvi76YxDzGG2uP1rkp/CHEgp + UuHw9iM/kIiKSSgjUZzCZ5zLWFgjkp55ZAx02snf1iB3qTUBcao8B4HOQIMz/+Ki + SttrUUBLSwdjs73rClvbT7GExu9qkuXpXzEgMeq7duSUUYNU85RUGhmS/W8MgdJs + C7d16zxDMiz0v8PzynlkimRqcamk4Rz1Rry11zPMIc3+KC6dbsD46BwSwR6ZrjJE + 3r9/r1dJt1CfyognCnU= -----END CERTIFICATE----- 'infradocs.cacert.org': key: > @@ -462,10 +462,10 @@ profiles::web_proxy::ssl_certificates: r0uw88KU3o5ZlaI/v253U7U=] certificate: | -----BEGIN CERTIFICATE----- - MIIGQDCCBCigAwIBAgIDAuECMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB + MIIGQDCCBCigAwIBAgIDAvhoMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV - BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjAwNTA0MTgzNzMwWhcNMjIwNTA0 - MTgzNzMwWjBhMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT + BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIwNDA4MTUxNjQ1WhcNMjQwNDA3 + MTUxNjQ1WjBhMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMR0wGwYDVQQDExRpbmZyYWRvY3Mu Y2FjZXJ0Lm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALatAkUX xHht+nUz7pf5sHiaJvMMXYleo3Y4oyXSLNLNPaMobwja3PB71bw3RBs7S4MqwGk+ @@ -484,18 +484,18 @@ profiles::web_proxy::ssl_certificates: KwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmNhY2VydC5vcmcvMDgGA1UdHwQxMC8wLaAr oCmGJ2h0dHA6Ly9jcmwuY2FjZXJ0Lm9yZy9jbGFzczMtcmV2b2tlLmNybDBDBgNV HREEPDA6ghRpbmZyYWRvY3MuY2FjZXJ0Lm9yZ6AiBggrBgEFBQcIBaAWDBRpbmZy - YWRvY3MuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAQ3nmpjn8kEnRx2aA - 0T0ku4kv/udCloH01l5dWbadgtgqmd60P0QipMgV4pWWw1RIvO4YVRIXRjuD+mIR - n/4siUD1jXHGaoip0RxUKQpZi5a3Yoi6SNJB5B51AIpLjNHk4zgJ+j6ehV5Gekld - 0diALdEkbsJLvImaTcra2PoT5P7FJxJ7wPNcJBodRbu9YGEE1pRJMr6zP8QGBJWi - YVcqx2hCLQ7RJgYnm06yoBwLGeGUVsWE2h0+xvFhXXW7E5YHbhXpc06/LOlFe8FE - 14UP4q3hG3gGKGZ/75m7HvFgfgZMyT0SLpLUcT3gXkqFMT5x3gqXE5ZyD8xZFP0d - jMvJT8eG1LjSVPWVnbgHvarIRpP8Jln0+pNhOHepHUkcozHRHlU18uEytjZNGVlP - pmQXAL3UxtrQZWf1itcjsjbWydPHw7b0I4EX6QAqI+SsNfPWj/8H7Y6HcqGJn31D - dZu3bIgln5sqKeErTlns2tGjfSYGzbP+S/xZ54JDPWeXK8KHS40C3fSce4cB+ejy - 9X5KFRmJLFwQVsq6esaTPsjOb897hGIpnTGIwzehSY/SCNGqiPZ3holVA+KBaOWU - NpOk8+F3igAmAKRqJPPq5ak1wBIGHQDxyeo/cS5oT0PzkQ2v+Vlgxjq9q4i+38ph - mZbp9BQ72buP/q5+4cwYTMeUf4w= + YWRvY3MuY2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAcc6RUOeEju8IZZLG + TAfbgumltzvQMY7Giuv/08iSy3HKv9FfklUsb65TjsEJpa+M0ZkjnF4yh4/Yi0ko + IuqA/EWQaka5rZylz1LzC/y7GtMgRLekaRincH3jL2k6nAX9wUpEhoaLhCssghUp + FtQP7OgcRAAjFEebjpntreeXhlYxkMwm8Y1Vcuy9dbV+fxPJPtb8c5KmG1qJRrwy + 41mw/+Jw0gYoG5rQKt8MzSg2qiKxg/wVzrV0ZG0dQZ2kkK0e/Sce3xrOPQ4J/2XM + 0KoOEIOyX2KioDP7V1L3fIRvH7lnNc2AnokaqnBoZqa2AtOcfl5h37nxtS3vANHj + l/dsK+E8k9Fwq1Gwi4FZqFvCqYo5/39F3lFTneLgju2CtBZ9r0OSCDOIA4vhmCxN + tuQXcU1rLSul85ySwcLSLfh7TZenUlii/zHDVzK0GrpgStTtIS8jAyPCtXxQOAtT + jxOab2ajwqMzq2yphd29wslMCKS/UAvMFbWMZ58iOiT1uBlDbcCHpLNjsvPgqvlW + DJHlVKrgIzRMuyl1tdFgof4CpLd4HzAvCK6orTCfKT2GogzGUjorYKSXSbcA1uIw + fOnrG2tIfUlHduc78jGmUau0UdmHVKLbjJdjg5UWF/95BHLthBIBbfHOxtIx/Bom + l1N/ZhMDslXw7x24Aq1vzAAq0+I= -----END CERTIFICATE----- 'jenkins.cacert.org': key: > @@ -582,10 +582,10 @@ profiles::web_proxy::ssl_certificates: k3Q2KZ3iwk7XwJUn4fugGT4=] certificate: | -----BEGIN CERTIFICATE----- - MIIGOjCCBCKgAwIBAgIDAur1MA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB + MIIGOjCCBCKgAwIBAgIDAvyLMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV - BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjEwMTE3MTg1MjQ4WhcNMjMwMTE3 - MTg1MjQ4WjBfMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT + BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMjIxMjE4MDkzMzM5WhcNMjQxMjE3 + MDkzMzM5WjBfMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMRswGQYDVQQDExJqZW5raW5zLmNh Y2VydC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDGc+q3g2qd DkC1m4F++PQqBSBL+LFO4kUCt8SZyjnex9JSWn1hdwnQjtbuGUsTcOpTltIRP0nv @@ -604,18 +604,18 @@ profiles::web_proxy::ssl_certificates: AQUFBzABhhdodHRwOi8vb2NzcC5jYWNlcnQub3JnLzA4BgNVHR8EMTAvMC2gK6Ap hidodHRwOi8vY3JsLmNhY2VydC5vcmcvY2xhc3MzLXJldm9rZS5jcmwwPwYDVR0R BDgwNoISamVua2lucy5jYWNlcnQub3JnoCAGCCsGAQUFBwgFoBQMEmplbmtpbnMu - Y2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAcbTcP6g4s2o3u1x84jOjZr/h - FhRsumJZZj16HyEjL8Hjdqk28c+JcQmdGnFyJntWTNl3nHWuu31/Ryd2z3cCN8cY - cv6+5AufZoXVU3advyAmamYPSoQPU71WPXxC4DDcvUFxHNJEmUKwg6Jarc4brFnl - s2unD4K7/11vWd8lQaeEcngwgC6A9VovD5DFTjrt0/EY6B/av67rRG5iNJ9tGh68 - JGMag+9f+b32M6vX3kb2qT+q3jAQ7pU6j21OYXzRiMyK0KV07tbbcna7ZL9E1ytx - bvzS2PNz9Mx6aCnjarHjMPZQa3FBrOpfNUhVQeeOpcWhEEyGnlTOkU8Lkz9o+kbx - ZgaMT9VhepsNAjqrOKq26ZtSU6c3PmxBQrxsx3vY54EFzfF49rzAOacY+sFESRXQ - aKdj2t4BVUxGEgKU4CArw/ycI+A5oxgfBBv2ZyaVmKtwdWTeDHe1Gx2iEYvMlKue - sUtjxfBgV0n1Izx5q1xFd5BIkPdCZTULD5SZZgbbXxheBvbf+Ej3ggioZpgv9Sze - nGbk98hvjhQtc8Tpy98AOcmoErW7al2Bpha4Jg58pkdC0vtjbdNkwVKZLl5Xl/VM - OaQBQoC3kKIZF5QGxVpcFWi/QhPSCTfs6HjXff8fKp/B2rosYNrt+iI4KpUebBJI - YlO47SosrYq7Ys75fHA= + Y2FjZXJ0Lm9yZzANBgkqhkiG9w0BAQ0FAAOCAgEAnGdMdov65VIshJAkD4ZOHgKT + clwNJCK108xXFggBe4t4p9VcDk1mGdjhwvaMbGJAH6NiU0HJki3P/Uc1Li+YhBVT + 1yWOT7zfaz8SGhR1EouF0zFTMFofl6kOq39kgC94DBW7pO2BGY/k+3hre/1wh9No + nfAYGGN3jHHMgjH3cM2oM5X1OI7TNzP6uczZMBwcnNgeALtCA84jf4gRLCPKrouP + CkjnEp0ykPF1e1vLYP/YT2R13ZeASSXfR3MRr0jgKF70j1kVPe1V1HZqVBBbIiHe + u4yV4knna8/BQjI8FHP2LcvJ8wcjtJnmxAQhireDkv8GP2w+X23sir0TPze4p7th + XAH2b0vOIHJpfJMlujMyTInGyUV1l9keP6t3777dKsKJjV+eNYbDFxVZvHPSLLFW + fZTXXexAmQcZzPRJuvYeMyg0c22KqG5pmnxEj466cI9qFjkdSYWOMtcWlakZ7ZB5 + 9Geo2+zBHJ6/OVkLV3Ur6arDLvxBIMPSpYdB6XrH28fNZoDy7FzVWzHLnlhI8PLZ + Ikm452UORbXGQRLnz7qtoGOzbh+gUKidB+go6uHKbj8q45pVJtwLwhoe0jqqUpvH + o94tNCdQXDMhCBAKclOgiXO2OcoViJTAObXAG89ZlWBYwe/aPRtMNk8NvRxGF06S + RBmRBVmpPTMKenvoCIQ= -----END CERTIFICATE----- profiles::web_proxy::apache_vhosts: 'web.cacert.org redirect-http': @@ -673,8 +673,7 @@ profiles::web_proxy::apache_vhosts: ssl_chain: "/usr/local/share/ca-certificates/cacert_class3_2021.crt" ssl_key: "/etc/ssl/private/codedocs.cacert.org.key" proxy_pass: - - - path: / + - path: / url: http://10.0.0.116:80/ proxy_preserve_host: true 'funding.cacert.org redirect-http': @@ -704,8 +703,7 @@ profiles::web_proxy::apache_vhosts: ssl_chain: "/usr/local/share/ca-certificates/cacert_class3_2021.crt" ssl_key: "/etc/ssl/private/funding.cacert.org.key" proxy_pass: - - - path: / + - path: / url: http://10.0.0.116:80/ proxy_preserve_host: true 'infradocs.cacert.org redirect-http': @@ -732,11 +730,10 @@ profiles::web_proxy::apache_vhosts: manage_docroot: false ssl: true ssl_cert: "/etc/ssl/certs/infradocs.cacert.org.crt" - ssl_chain: "/usr/share/ca-certificates/CAcert/class3_X0E.crt" + ssl_chain: "/usr/local/share/ca-certificates/cacert_class3_2021.crt" ssl_key: "/etc/ssl/private/infradocs.cacert.org.key" proxy_pass: - - - path: / + - path: / url: http://10.0.0.116:80/ proxy_preserve_host: true 'jenkins.cacert.org redirect-http': @@ -763,11 +760,10 @@ profiles::web_proxy::apache_vhosts: manage_docroot: false ssl: true ssl_cert: "/etc/ssl/certs/jenkins.cacert.org.crt" - ssl_chain: "/usr/share/ca-certificates/CAcert/class3_X0E.crt" + ssl_chain: "/usr/local/share/ca-certificates/cacert_class3_2021.crt" ssl_key: "/etc/ssl/private/jenkins.cacert.org.key" proxy_pass: - - - path: / + - path: / url: http://10.0.0.115:8080/ keywords: ['nocanon'] proxy_preserve_host: true diff --git a/hieradata/nodes/webstatic.yaml b/hieradata/nodes/webstatic.yaml index 497cab4..cd5f1d8 100644 --- a/hieradata/nodes/webstatic.yaml +++ b/hieradata/nodes/webstatic.yaml @@ -6,72 +6,72 @@ profiles::base::admins: - law profiles::debarchive::notification_email_address: jandd@cacert.org profiles::debarchive::release_signing_key: > - ENC[PKCS7,MIIIzQYJKoZIhvcNAQcDoIIIvjCCCLoCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAtJiS4GluyFbbkmxFKmH+2CWZRD1wotHn8HAc - 7wXckaUSIaUvHY9aor6lxFgjD8vnE5ROmiBTtCsJ0Rmx0oJMO7XDTTKfauwZ - sTNIi/xPq4YX3fGAKZQ0HpDZQRsgFuh+6acW3B59KAWZlcJCQqnSO/OUdCNz - yHSdFF1hMM7fTHYfMXkvp91oOkxkSHhAtiC2AbB82AaSikt7rNv/03rL6Hv7 - 8vzfjo14m0UGMGGo5Yn8N38Yn24WQTJOGhgBeUm1GpLylaqUDNWN8kRVWrqF - 0/O+FTjtGQjeQVkR73u2Iy9n+cvX3blYZKl1ItRRWgFjf/pP6uV4P7d8IrSG - 1myvMzCCB44GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEJeo9l7ZAFDCx2IS - K4F1IoqAggdgIZWj1bAB165e6eZ0MDx60xsurDWPOFqMlVNmVhrM7O5+n/pB - IGBJ+ylUsi97gaWrIAAyzYqnfbqN8pjwNA55gqw6jx2H8AsRuMUDU76JBUtu - WvxiMgYOmf4V0tt6i5uLxDIEzkfIf4Mh4sSVoZW/wR2A0n5L4YcbJTHRW9D0 - idNVfV2hKFxqX9QpbwoJk4IlW68hidk9mpKKO81bA6rO+IF0OoYg1vTBu26M - ZdFChv9Ypm10jR2vqhbbb15btOyi5pa/wcis8GYBEvANnQgUfGS//YHK9ttd - 1x3JQ6YL87Ye5iXUzOoohHIZ+QHalfyMHPotOy8fsnQyxZd3pkA6utLMItr6 - 3ehPtsT71a17nC30TJFKgopGigccvk24K5kZozZdG2qyy7yycn1JHp53TirK - kdLDfAbwPnhV2+gUycz+51eGvBE3ZdafV+20Wx6hUd6S+F3zef/aeD9D7u9c - soIDj1Lun7f7CBE0qgbvlg0vUHFlpGvtTFK2eoJVAid3odefj9x06yoi23RU - Y8MddhqxvZGtZituqPvfpDqOY3cTu4WJc/VznKcEkOlWU4R4gqw6NWrt1J6l - 1/PqJCqLlvkebbd9R8jZGuy6PgKCsg4oDRjcKpsxbydO9NJwMgUd6UQI4HeZ - vbcpbBOwGcXizE+myTjUbS3UbtZAMGWiBPDa+pkNSet4R8MdkcFnaS0vwa8N - Uot7eqpDUpKvgeJz/Vk0WhUfPkyiaT3idy1i0GDFZD9eV9v3tpyp9xBQMK42 - VZEep2p0mXopUk61xY9tpuZQvw53//Bqq3YXfZghhXlgdeLIcxpp7af5lBAU - iavhoMs5fZwEsSxfkUXVT4w7A4b02X9FeDdQ1TY3orI1yTLKzmx/FgozztTy - CYh1/o6K9r1Mo1INWpngy/kLCaZtySppzTzaDBIoCbDWJjWE5FzMlslaBVqk - PjTemUHuyXsWoRFnik0JW4AMuRYqcsf8KsrI/lDiGgNDR9BxNRrmHplclhvA - 8zAccSQLH53NKh4ma5WPVmbl++6gB6OSeHlwttQDaNBuujoMADF8MWiJNXjj - qfqpKHxlEQEqG/CrTJoWJ+EROl5daH6+TVXTXGzUSIsqOir91Jo4Sd4fJYsh - CpjHy+jyQZiXuYWWOWXV7suBw399Twozm4sKBcefumXMkgiJnSnibGtSV7ia - Ob84hEoQH+Hg/md6rJYefIZYyCOi8IyEV8n4mUr4/DOD0s+BmPxPOgYCDhc8 - o8IyiUajFCR64gVWou8xnR4OG0ged+1zaU75pq04U5kPARg/WfFWHYWo9Ljq - v81+VsWSPEb3ILsX3ZCLT/axkSE3VYEAOaRoT1mE8cc4ENjVRzd50y4I2V4A - rALARll+gSSdE/cXqFI4DrkwkobCATYlYNpvBACASkpQVzJontdmJ5sIjEPE - LVbAhOHIL4mNNI24zLABOzwS6RGi0sJjfZIjnc7qsb5cxU2PtwkLleHbbcgM - tVcmX3EFg+rMg9wGYLT+l4K91pjWmBRN8lssEYNoOcrPu5gvvQDBpWHc3Y+b - Oa5x5bT1IjSKgkCWpducMq3u6zvHQnlS5hDgPTfCZPYmQdM5FVCOcJ0TYoZ8 - +taq1nV2vsX25dtUzxkUcYkRlnXOZx80j53tkJwqFPr2GrN+6I9brL3KYIwp - itRzGROLovhX6tSsawPI0bLwAG/5c2OoPPbs6jSP0K+JSTxmalLw4TDUKAl+ - QfZNzMEH98lw6HGq7aG9njtggw6G4odBrY1ud0KN7/GlF2kjAUyJVJEMiIfj - 0Lq968XdYiNDOwpre8mn5xqJCtt0sZjy9zWZ9xoyUYDoIeAOCrdS9VgaOilP - IG9w/uszbRBWXxiSU76oTgKHAJMFZttWAkBHX5NEcCGksKUbS1Frh76/Kj2G - kSL6tDJRsAqEPibtrKCWU9DNGNjwOndlLZveSqNWTK4yWVrLozff0qdV+ZBn - VvKW280MpQNFMwhnuxj+WA9tcwg4ajUWFP/8WhpQMc+5aDuvQSTvWUo5YXgk - I/5Gcb7Y05CodZ1eJEtyh8r+Z01LmBW1l6a15PeUIBPLs1xg6mqdSenFnB/D - q2UnFnd/aoeh49VLpEWRhdK9Yl3Jyz+0tHNDnD0uQ/Zlox49KYx3YQv4gpMq - CcC1tw9Lfcc/UY23yhG3MJ5dRJIeP+FWBTfqeN+lq+dnu7ua/4CKVzjiaeU4 - ygAo2m4Myono4lSpN4VgyUfGzrMpOXOyOa40mgBBgrxDNmAgyIk2obU7h26U - ZcZKSgk/W97dSORGPYQcLNZBiRCV+hHV3I8IGdGcz+MZugluNH28znhpUnp0 - aTkO/6mPnojAA/5ERXrdBEyTuOR662BfVMAkIVCfVPe5W6P34popQQwNRRjL - 7qKVOpRKA15H3QDHEsh/SOc59L9tvzCa637rBGJMBfvf8QyrUwOVnVebgFSm - r9bg7DReCgweHUukIbHzVPy3UE/lyqnAZWeIPJ4+jmTqrATq/EOs9iQQetyR - VP8xiy7PwA==] + ENC[PKCS7,MIIIzQYJKoZIhvcNAQcDoIIIvjCCCLoCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAtJiS4GluyFbbkmxFKmH+2CWZRD1wotHn8HAc + 7wXckaUSIaUvHY9aor6lxFgjD8vnE5ROmiBTtCsJ0Rmx0oJMO7XDTTKfauwZ + sTNIi/xPq4YX3fGAKZQ0HpDZQRsgFuh+6acW3B59KAWZlcJCQqnSO/OUdCNz + yHSdFF1hMM7fTHYfMXkvp91oOkxkSHhAtiC2AbB82AaSikt7rNv/03rL6Hv7 + 8vzfjo14m0UGMGGo5Yn8N38Yn24WQTJOGhgBeUm1GpLylaqUDNWN8kRVWrqF + 0/O+FTjtGQjeQVkR73u2Iy9n+cvX3blYZKl1ItRRWgFjf/pP6uV4P7d8IrSG + 1myvMzCCB44GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEJeo9l7ZAFDCx2IS + K4F1IoqAggdgIZWj1bAB165e6eZ0MDx60xsurDWPOFqMlVNmVhrM7O5+n/pB + IGBJ+ylUsi97gaWrIAAyzYqnfbqN8pjwNA55gqw6jx2H8AsRuMUDU76JBUtu + WvxiMgYOmf4V0tt6i5uLxDIEzkfIf4Mh4sSVoZW/wR2A0n5L4YcbJTHRW9D0 + idNVfV2hKFxqX9QpbwoJk4IlW68hidk9mpKKO81bA6rO+IF0OoYg1vTBu26M + ZdFChv9Ypm10jR2vqhbbb15btOyi5pa/wcis8GYBEvANnQgUfGS//YHK9ttd + 1x3JQ6YL87Ye5iXUzOoohHIZ+QHalfyMHPotOy8fsnQyxZd3pkA6utLMItr6 + 3ehPtsT71a17nC30TJFKgopGigccvk24K5kZozZdG2qyy7yycn1JHp53TirK + kdLDfAbwPnhV2+gUycz+51eGvBE3ZdafV+20Wx6hUd6S+F3zef/aeD9D7u9c + soIDj1Lun7f7CBE0qgbvlg0vUHFlpGvtTFK2eoJVAid3odefj9x06yoi23RU + Y8MddhqxvZGtZituqPvfpDqOY3cTu4WJc/VznKcEkOlWU4R4gqw6NWrt1J6l + 1/PqJCqLlvkebbd9R8jZGuy6PgKCsg4oDRjcKpsxbydO9NJwMgUd6UQI4HeZ + vbcpbBOwGcXizE+myTjUbS3UbtZAMGWiBPDa+pkNSet4R8MdkcFnaS0vwa8N + Uot7eqpDUpKvgeJz/Vk0WhUfPkyiaT3idy1i0GDFZD9eV9v3tpyp9xBQMK42 + VZEep2p0mXopUk61xY9tpuZQvw53//Bqq3YXfZghhXlgdeLIcxpp7af5lBAU + iavhoMs5fZwEsSxfkUXVT4w7A4b02X9FeDdQ1TY3orI1yTLKzmx/FgozztTy + CYh1/o6K9r1Mo1INWpngy/kLCaZtySppzTzaDBIoCbDWJjWE5FzMlslaBVqk + PjTemUHuyXsWoRFnik0JW4AMuRYqcsf8KsrI/lDiGgNDR9BxNRrmHplclhvA + 8zAccSQLH53NKh4ma5WPVmbl++6gB6OSeHlwttQDaNBuujoMADF8MWiJNXjj + qfqpKHxlEQEqG/CrTJoWJ+EROl5daH6+TVXTXGzUSIsqOir91Jo4Sd4fJYsh + CpjHy+jyQZiXuYWWOWXV7suBw399Twozm4sKBcefumXMkgiJnSnibGtSV7ia + Ob84hEoQH+Hg/md6rJYefIZYyCOi8IyEV8n4mUr4/DOD0s+BmPxPOgYCDhc8 + o8IyiUajFCR64gVWou8xnR4OG0ged+1zaU75pq04U5kPARg/WfFWHYWo9Ljq + v81+VsWSPEb3ILsX3ZCLT/axkSE3VYEAOaRoT1mE8cc4ENjVRzd50y4I2V4A + rALARll+gSSdE/cXqFI4DrkwkobCATYlYNpvBACASkpQVzJontdmJ5sIjEPE + LVbAhOHIL4mNNI24zLABOzwS6RGi0sJjfZIjnc7qsb5cxU2PtwkLleHbbcgM + tVcmX3EFg+rMg9wGYLT+l4K91pjWmBRN8lssEYNoOcrPu5gvvQDBpWHc3Y+b + Oa5x5bT1IjSKgkCWpducMq3u6zvHQnlS5hDgPTfCZPYmQdM5FVCOcJ0TYoZ8 + +taq1nV2vsX25dtUzxkUcYkRlnXOZx80j53tkJwqFPr2GrN+6I9brL3KYIwp + itRzGROLovhX6tSsawPI0bLwAG/5c2OoPPbs6jSP0K+JSTxmalLw4TDUKAl+ + QfZNzMEH98lw6HGq7aG9njtggw6G4odBrY1ud0KN7/GlF2kjAUyJVJEMiIfj + 0Lq968XdYiNDOwpre8mn5xqJCtt0sZjy9zWZ9xoyUYDoIeAOCrdS9VgaOilP + IG9w/uszbRBWXxiSU76oTgKHAJMFZttWAkBHX5NEcCGksKUbS1Frh76/Kj2G + kSL6tDJRsAqEPibtrKCWU9DNGNjwOndlLZveSqNWTK4yWVrLozff0qdV+ZBn + VvKW280MpQNFMwhnuxj+WA9tcwg4ajUWFP/8WhpQMc+5aDuvQSTvWUo5YXgk + I/5Gcb7Y05CodZ1eJEtyh8r+Z01LmBW1l6a15PeUIBPLs1xg6mqdSenFnB/D + q2UnFnd/aoeh49VLpEWRhdK9Yl3Jyz+0tHNDnD0uQ/Zlox49KYx3YQv4gpMq + CcC1tw9Lfcc/UY23yhG3MJ5dRJIeP+FWBTfqeN+lq+dnu7ua/4CKVzjiaeU4 + ygAo2m4Myono4lSpN4VgyUfGzrMpOXOyOa40mgBBgrxDNmAgyIk2obU7h26U + ZcZKSgk/W97dSORGPYQcLNZBiRCV+hHV3I8IGdGcz+MZugluNH28znhpUnp0 + aTkO/6mPnojAA/5ERXrdBEyTuOR662BfVMAkIVCfVPe5W6P34popQQwNRRjL + 7qKVOpRKA15H3QDHEsh/SOc59L9tvzCa637rBGJMBfvf8QyrUwOVnVebgFSm + r9bg7DReCgweHUukIbHzVPy3UE/lyqnAZWeIPJ4+jmTqrATq/EOs9iQQetyR + VP8xiy7PwA==] profiles::debarchive::release_signing_keygrip: 223894064EE26851A245DE9208C5C0ABF772F7A7 profiles::debarchive::release_signing_keyid: "CAcert Debian Archive Signing Key 2019" profiles::debarchive::uploaders: - jandd profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEApecW/rPl4fMSAHNJSzDl5RX8y0JJSVqPj+S6 - g7vxVMMnAOFR+Ex7BvRCNZ5/HISEuijPxPZlvDpaKYA3V8Z0/aHq8KKzOy56 - wA9JSyIXzHv1hQmwLB2R5J2SZnKiAza9g0tJ9nM3q3YwfkofSUrYzPKHUZfm - LzjRCVFYDttlP2M9LedAb3+UE2UAkN0tZ2s/LplxnhBpXH89pqcPBzTmAQqe - bXR2kskXDku/f41+nY8Yv3vEyLGd/uiQR6oer/cPIj7RUI26PTdd+3LlTb0f - W8sqbf8IAo2EpneRL0Pg1kYYd1IV/0I9K8K+93xTsqR52yQdtgo6sUxsWczB - zWIAoTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCz2/HN15HQ/xCGQExX - Ozd9gDCOqJLm9jtlSoCpwDwzowwiCgRj+k1s444lp1RkvgWKCrfO3QkOF3aR - MY7nsz39ve8=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEApecW/rPl4fMSAHNJSzDl5RX8y0JJSVqPj+S6 + g7vxVMMnAOFR+Ex7BvRCNZ5/HISEuijPxPZlvDpaKYA3V8Z0/aHq8KKzOy56 + wA9JSyIXzHv1hQmwLB2R5J2SZnKiAza9g0tJ9nM3q3YwfkofSUrYzPKHUZfm + LzjRCVFYDttlP2M9LedAb3+UE2UAkN0tZ2s/LplxnhBpXH89pqcPBzTmAQqe + bXR2kskXDku/f41+nY8Yv3vEyLGd/uiQR6oer/cPIj7RUI26PTdd+3LlTb0f + W8sqbf8IAo2EpneRL0Pg1kYYd1IV/0I9K8K+93xTsqR52yQdtgo6sUxsWczB + zWIAoTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCz2/HN15HQ/xCGQExX + Ozd9gDCOqJLm9jtlSoCpwDwzowwiCgRj+k1s444lp1RkvgWKCrfO3QkOF3aR + MY7nsz39ve8=] profiles::static_websites::apache_vhosts: 'webstatic.cacert.org': port: 80 @@ -94,11 +94,9 @@ profiles::static_websites::apache_vhosts: docroot: "/var/www/funding.cacert.org" docroot_owner: "git" docroot_mode: "0755" - directoryindex: - - "index.html" + directoryindex: "index.html" directories: - - - path: "/var/www/funding.cacert.org" + - path: "/var/www/funding.cacert.org" options: - "-Includes" - "-Indexes" @@ -124,11 +122,9 @@ profiles::static_websites::apache_vhosts: docroot_owner: "jenkins-infradocs" docroot_group: "upload" docroot_mode: "0755" - directoryindex: - - "index.html" + directoryindex: "index.html" directories: - - - path: "/var/www/codedocs.cacert.org/html" + - path: "/var/www/codedocs.cacert.org/html" options: - "-Includes" - "-Indexes" @@ -152,11 +148,9 @@ profiles::static_websites::apache_vhosts: docroot: "/var/www/community.cacert.org" docroot_owner: "git" docroot_mode: "0755" - directoryindex: - - "index.html" + directoryindex: "index.html" directories: - - - path: "/var/www/community.cacert.org" + - path: "/var/www/community.cacert.org" options: - "-Includes" - "-Indexes" @@ -182,11 +176,9 @@ profiles::static_websites::apache_vhosts: docroot_owner: "jenkins-infradocs" docroot_group: "upload" docroot_mode: "0755" - directoryindex: - - "index.html" + directoryindex: "index.html" directories: - - - path: "/var/www/infradocs.cacert.org/html" + - path: "/var/www/infradocs.cacert.org/html" options: - "-Includes" - "-Indexes" diff --git a/hieradata/nodes/wiki.yaml b/hieradata/nodes/wiki.yaml index 3dbf3ed..506a5a1 100644 --- a/hieradata/nodes/wiki.yaml +++ b/hieradata/nodes/wiki.yaml @@ -6,24 +6,24 @@ profiles::base::admins: - jandd - law profiles::icinga2_agent::pki_ticket: > - ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw - DQYJKoZIhvcNAQEBBQAEggEAjOSvvtlZs+Gv7OB6ULHAWRs51L65afl3k0KJ - L3m7c7Oh/N1aFC7ni0EOJym/n3E/WpmM7JsM4SJu5XrBe7sIOLecGeqtpFWb - VXDYVqEXJ4ciZNHB/R2Mnumha497iC9BVD32ZfK1KU+aha8PCb8t1lRHyekD - tnMOR7dIaKJf6NMvpBUwQqyJ0ly1c+588eFfJxC2XX0xOp/UWlK98DNBZYLj - ax2Grcb7lYa9FywseTUBOe3NQsUJrneyTLluKo8ANGqIDunRN2KtA0ai6/gN - wc9BWBJKrSUFI3iKSvf6ar5N3Hpdk8lHbMeK/XfcLxIXcQUVlu3Y5XhVf/aG - CENzHTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCxh2btktTQOw/SivS6 - H9/SgDAg/43TaVhYJ48kzhuxpSRinR6RqwAWqQy4RmEOlvLKaxDbG8h5B3ap - CPwQco1Eyew=] + ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAjOSvvtlZs+Gv7OB6ULHAWRs51L65afl3k0KJ + L3m7c7Oh/N1aFC7ni0EOJym/n3E/WpmM7JsM4SJu5XrBe7sIOLecGeqtpFWb + VXDYVqEXJ4ciZNHB/R2Mnumha497iC9BVD32ZfK1KU+aha8PCb8t1lRHyekD + tnMOR7dIaKJf6NMvpBUwQqyJ0ly1c+588eFfJxC2XX0xOp/UWlK98DNBZYLj + ax2Grcb7lYa9FywseTUBOe3NQsUJrneyTLluKo8ANGqIDunRN2KtA0ai6/gN + wc9BWBJKrSUFI3iKSvf6ar5N3Hpdk8lHbMeK/XfcLxIXcQUVlu3Y5XhVf/aG + CENzHTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCxh2btktTQOw/SivS6 + H9/SgDAg/43TaVhYJ48kzhuxpSRinR6RqwAWqQy4RmEOlvLKaxDbG8h5B3ap + CPwQco1Eyew=] profiles::x509cert_common::certificates: 'wiki.cacert.org': certificate: | -----BEGIN CERTIFICATE----- - MIIGTTCCBDWgAwIBAgIDFHxjMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv + MIIGTTCCBDWgAwIBAgIDFR0xMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y - dEBjYWNlcnQub3JnMB4XDTIwMDIxNzIxMTcwNloXDTIyMDIxNjIxMTcwNlowXDEL + dEBjYWNlcnQub3JnMB4XDTIyMDExNzE4MTMzOVoXDTI0MDExNzE4MTMzOVowXDEL MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD VQQKEwtDQWNlcnQgSW5jLjEYMBYGA1UEAxMPd2lraS5jYWNlcnQub3JnMIICIjAN BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAu9Mxl03cq2qWtrJ6hBr4i5uG4Ipw @@ -43,17 +43,17 @@ profiles::x509cert_common::certificates: Y3NwLmNhY2VydC5vcmcvMDEGA1UdHwQqMCgwJqAkoCKGIGh0dHA6Ly9jcmwuY2Fj ZXJ0Lm9yZy9yZXZva2UuY3JsMDkGA1UdEQQyMDCCD3dpa2kuY2FjZXJ0Lm9yZ6Ad BggrBgEFBQcIBaARDA93aWtpLmNhY2VydC5vcmcwDQYJKoZIhvcNAQENBQADggIB - AAn7Tgzi19YM+/tanXCo26/n2bSDFWRAX7ou+FcsmnDseL6YQans3IV7GHRVL3YW - lRKJeCAAo2F6XPdcUeGddj1oFCYornLhM7knfIfKgf+Com591bYnL1izRdvzBFh0 - Hdw00pMciY884CgyrCpfeQinIT7kzkIfFnz4quUtq5rcehWa2ykRqNScQlxp/Tif - QgrDkJpmrnVl6tQl1Z2QUkIRF0Pq/A8M2GY/hb8hSRtLUMc3Db2h/pkoRjIShEJM - YbxYxVcn5fQtqoBtHd2qLA+QMPfFVcau80UFWnYiRMwob+GCiVMegAejxqdb4L4m - eez5LkC4YxNJp2OMrw6AhnHoFJUBQzEkxCLRUE5TBAKpMAEinVuwG4iOoDqH/u9X - zQciZToHowMZtu5UStTDRL6MOY79spiq2SURBhmGBhRwZ2GIruAsgzfK+5GtyX8j - 8MhEgXR/S1/yLnWMM3+WtbbIbIpOeP5tg6GedrAnxxjjLPmLcYa1wddV4KyEZLF8 - EYPf2OpOz+QSYMcr0HXyjwn3/I0+Hmtsk6RhAiEmHwHxhVzS1hyB+Hnf8XiuUJDt - wxckS4s2/ulJrJYXf22XP6TcfM4KGryw3SVDW4FGF4OB+aUkB5NAYAdBRHG0sGHG - /UZ+Py6rHk4XfUOiMN8aSpIfV2LLT5W0bgEItPt3LfNu + AERxKokL4TF1mWv3yAJoAz5zTfNsLwNV79WLxcgmuUe63hDYnRzH2cSOTA+BTmll + k2KkHwNBlMFtMcrOal/PerEAu9SaUfz+1L2Hyklg/tQkIHr0rRSuPRcVhqubsVRk + iXa0cawq3+wu3ksyPEpH7tDT28U5VeTLpSN6DFumCjoDFbhyG/oTKRXHC1qYC7th + wewQcE2wQw/5cQaH5sIA4acZr7fdoFFfJqdPVxq5/NXLkgkOW3axA5BoMVNrJK4o + oRQIRoA8ooppJT6UQfvpnULtU6wkoY+EhZVWifJiYhgGfLgm0lFI18Q08vgIS8vE + P0rYPHufkQcCpUIG3nCob9OW35XQOvPrrXRQzFd41vvk2Zr9PpBAuse+URN3/iBI + KLLAsdRVqIW6m7DbAV5wQo7JOQz6aXGD7YIbZlNtRPB6fKFrIL7h+UvCPKWT+Vy1 + 8iZcaTBBwDlvxMQp8s8wH+kKhNVTQJYfz4BWpMeJ+nQFsiKWxcENiKZq6962FqzD + xXPG083dBt2bAiounLvYjpUAFKA+SJe+DWoQurwr+p6z5GD3elqjBS+j+mBkh1qF + HL3T8ZO3jWz7fDR7OmWngSExn8bk+OovuWbR80+BYtu6zIC88wH6U8FSJNvEOG1q + oC7s5tgIZyTxq9/QSFEQ01wNqdJYXK7fqnkvj8KupJ3o -----END CERTIFICATE----- private_key: > ENC[PKCS7,MIIOPQYJKoZIhvcNAQcDoIIOLjCCDioCAQAxggEhMIIBHQIBADAFMAACAQEw diff --git a/sitemodules/profiles/files/gitea/gitea.service b/sitemodules/profiles/files/gitea/gitea.service new file mode 100644 index 0000000..7cbab55 --- /dev/null +++ b/sitemodules/profiles/files/gitea/gitea.service @@ -0,0 +1,18 @@ +[Unit] +Description=Gitea (Git with a cup of tea) +After=syslog.target network.target +Before=nginx.service + +[Service] +RestartSec=2s +Type=simple +User=git +Group=git +WorkingDirectory=/var/lib/gitea +ExecStartPre=+/usr/bin/install --directory --mode=0750 --owner=git --group=www-data /run/gitea +ExecStart=/usr/local/bin/gitea web -c /etc/gitea/app.ini +Restart=always +Environment=USER=git HOME=/var/lib/gitea GITEA_WORK_DIR=/var/lib/gitea + +[Install] +WantedBy=multi-user.target diff --git a/sitemodules/profiles/files/icinga2_external_commands/check_kernel_status.py b/sitemodules/profiles/files/icinga2_external_commands/check_kernel_status.py new file mode 100644 index 0000000..9236c9a --- /dev/null +++ b/sitemodules/profiles/files/icinga2_external_commands/check_kernel_status.py @@ -0,0 +1,66 @@ +#!/usr/bin/env python3 + +from apt import cache +import argparse +import nagiosplugin +import logging + +_log = logging.getLogger("nagiosplugin") + + +def get_running_kernel_version() -> str: + with open("/proc/version", "r") as proc_version: + return proc_version.read().split()[2] + + +def get_installed_kernels() -> list[str]: + try: + pkg_cache = cache.FilteredCache() + pkg_cache.set_filter(cache.InstalledFilter()) + pkg_cache.open() + + return [ + v + for v in [ + k.name[len("linux-image-") :] + for k in pkg_cache + if k.name.startswith("linux-image") + ] + if "-" in v + ] + finally: + pkg_cache.close() + + +class VersionsContext(nagiosplugin.ScalarContext): + def evaluate(self, metric, resource): + installed = get_installed_kernels() + latest = sorted(installed)[-1] + _log.info("current kernel version is %s", metric.value) + _log.info("installed kernel versions: %s", ",".join(installed)) + _log.info("latest kernel version: %s", latest) + + if latest == metric.value: + return self.result_cls(nagiosplugin.Ok) + + return self.result_cls(nagiosplugin.Critical) + + +class KernelVersion(nagiosplugin.Resource): + def probe(self): + current = get_running_kernel_version() + return [nagiosplugin.Metric("kernel version", current)] + + +def main(): + argp = argparse.ArgumentParser() + argp.add_argument( + "-v", "--verbose", action="count", default=0, help="verbose output" + ) + args = argp.parse_args() + check = nagiosplugin.Check(KernelVersion(), VersionsContext("kernel version")) + check.main(args.verbose) + + +if __name__ == "__main__": + main() diff --git a/sitemodules/profiles/files/icinga2_external_commands/check_ocsp b/sitemodules/profiles/files/icinga2_external_commands/check_ocsp index be3f0f0..97885e2 100644 --- a/sitemodules/profiles/files/icinga2_external_commands/check_ocsp +++ b/sitemodules/profiles/files/icinga2_external_commands/check_ocsp @@ -93,38 +93,38 @@ case ${CLASS} in ;; esac +if [ ! -f "${ISSUER}" ]; then + echo "CRITICAL: issuer certificate file ${ISSUER} not found." + exit 2 +fi + TMP=$(mktemp) ERR=${TMP}-err trap 'rm -f ${TMP} ${ERR}' 0 1 2 3 15 -openssl ocsp -issuer "${ISSUER}" -serial "${SERIAL}" -CApath "${CAPATH}" -url "${RESPONDER}" >"${TMP}" 2>&1 - -awk ' -NR == 1 { - response = $0 - next - } -/This Update:/ { - next - } -/Next Update:/ { - next - } - { - answer = answer " " $0; - } -END { - if (response != "Response verify OK") - exitcode = 2 - else - exitcode = 0 - print response " " answer; - exit(exitcode) - } -' "${TMP}" -EXITCODE=$? -rm -f "${TMP}" -exit ${EXITCODE} +if ! openssl ocsp -issuer "${ISSUER}" -serial "${SERIAL}" -CApath "${CAPATH}" -url "${RESPONDER}" -resp_text >"${TMP}" 2>&1; then + echo "CRITICAL: openssl ocsp command failed" + echo + echo "captured output:" + cat "${TMP}" + exit 2 +fi + +if grep -q "${SERIAL}: good" "${TMP}"; then + echo "OK: OCSP check successful, certificate OK" + exit 0 +fi + +if grep -q "${SERIAL}: revoked" "${TMP}"; then + echo "WARNING: OCSP check successful, certificate revoked" + exit 1 +fi + +echo "UNKNOWN: unexpected response" +echo +echo "captured output:" +cat "${TMP}" +exit 3 ##Response Verify Failure ##17914:error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error:ocsp_vfy.c:122:Verify error:certificate has expired diff --git a/sitemodules/profiles/files/icinga2_external_commands/ssl_cert-cacert-command.conf b/sitemodules/profiles/files/icinga2_external_commands/ssl_cert-cacert-command.conf index 0b47607..f4c6ea0 100644 --- a/sitemodules/profiles/files/icinga2_external_commands/ssl_cert-cacert-command.conf +++ b/sitemodules/profiles/files/icinga2_external_commands/ssl_cert-cacert-command.conf @@ -210,8 +210,14 @@ object CheckCommand "ssl_cert_cacert" { set_if = "$ssl_cert_ignore_sct$" description = "Do not check for signed certificate timestamps (SCT)" } + "--first-element-only" = { + set_if = "$ssl_cert_first_element_only$" + description = "Verify just the first cert element, not the whole chain" + } } vars.ssl_cert_address = "$check_address$" + vars.ssl_cert_rootssl_certs = "/etc/ssl/certs/ca-certificates.crt" + vars.ssl_cert_first_element_only = true vars.ssl_cert_port = 443 } diff --git a/sitemodules/profiles/files/icinga2_master/check_puppetdb_nodes b/sitemodules/profiles/files/icinga2_master/check_puppetdb_nodes index 727a328..1145e4e 100644 --- a/sitemodules/profiles/files/icinga2_master/check_puppetdb_nodes +++ b/sitemodules/profiles/files/icinga2_master/check_puppetdb_nodes @@ -1,253 +1,277 @@ -#!/usr/bin/perl - -# Copyright (c) 2014, Evgeni Golov -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without modification, -# are permitted provided that the following conditions are met: -# -# * Redistributions of source code must retain the above copyright notice, this -# list of conditions and the following disclaimer. -# -# * Redistributions in binary form must reproduce the above copyright notice, this -# list of conditions and the following disclaimer in the documentation and/or -# other materials provided with the distribution. -# -# * Neither the name of the {organization} nor the names of its -# contributors may be used to endorse or promote products derived from -# this software without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR -# ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON -# ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -use strict; -use warnings; -use JSON; -use LWP; -use Monitoring::Plugin; -use Date::Parse; - -my $np = Monitoring::Plugin->new( - usage => "Usage: %s [ -H|--hostname=<hostname>] " - . "[ -p|--port=<port> ] [-s] [ -w|--warning=<minutes> ] " - . "[ -c|--critical=<minutes> ] [ -W|--warnfails=<num> ] " - . "[ -C|--critfails=<num> ] [ -n|--node=<node> ]" - . "[ -a|--apiversion=<num> ]" - . "[ -i|--ignore=<list> ]", - shortname => 'Check last node runs from PuppetDB', - url => 'https://github.com/evgeni/check_puppetdb_nodes', - version => '1.0', - license => 'This plugin is free software, and comes with ABSOLUTELY -NO WARRANTY. It may be used, redistributed and/or modified under -the terms of the BSD 3-clause license.', -); - -$np->add_arg( - spec => 'warning|w=i', - help => "Exit with WARNING status if nodes did not update for " - . "more than INTEGER minutes (default: %s)", - default => 120, -); - -$np->add_arg( - spec => 'critical|c=i', - help => "Exit with CRITICAL status if nodes did not update for " - . "more than INTEGER minutes (default: %s)", - default => 1440, -); - -$np->add_arg( - spec => 'warnfails|W=i', - help => "Exit with WARNING status if nodes had at least INTEGER " - . "failures in the last run (default: %s)", - default => 1, -); - -$np->add_arg( - spec => 'critfails|C=i', - help => "Exit with CRITICAL status if nodes had at least INTEGER " - . "failures in the last run (default: %s)", - default => 1, -); - -$np->add_arg( - spec => 'hostname|H=s', - help => 'Hostname of the PuppetDB (default: %s)', - default => 'localhost', -); - -$np->add_arg( - spec => 'port|p=i', - help => 'Port PuppetDB is running on (default: %s)', - default => 8080, -); - -$np->add_arg( - spec => 'node|n=s', - help => 'Node name to check, if not given, all nodes will be checked', -); - -$np->add_arg( - spec => 'ssl|s', - help => "Use HTTPS instead of HTTP", -); - -$np->add_arg( - spec => 'insecure|k', - help => "Allow connections via HTTPS without checking certificates", -); - -$np->add_arg( - spec => 'apiversion|a=n', - help => 'Specify PupppetDB API version (default: %s)', - default => 3, -); - -$np->add_arg( - spec => 'ignore|i=s', - help => 'Node names to ignore (comma-separated list) (default: %s)', - default => '', -); - -$np->getopts; - -my %apiurls = ( - 3 => { 'nodes' => 'v3/nodes', 'event-counts' => 'v3/event-counts' }, - 4 => { 'nodes' => 'pdb/query/v4/nodes', 'event-counts' => 'pdb/query/v4/event-counts', 'logs' => 'pdb/query/v4/reports/{hash}/logs' }, -); -if ( !exists $apiurls{$np->opts->apiversion} ) { - $np->nagios_exit( 'UNKNOWN', 'Unsupported PuppetDB API version ' . $np->opts->apiversion ); +#!/usr/bin/env python3 +"""Nagios/Icinga plugin to check puppetdb status of a node.""" + +import argparse +import logging +from datetime import datetime +from urllib.parse import urljoin + +import nagiosplugin +import requests + +_log = logging.getLogger("check_puppetdb_nodes") + +api_urls = { + 3: {"nodes": "v3/nodes", "event-counts": "v3/event-counts"}, + 4: { + "nodes": "pdb/query/v4/nodes", + "event-counts": "pdb/query/v4/event-counts", + "logs": "pdb/query/v4/reports/{hash}/logs", + }, } -my @ignore_list = split( ',', $np->opts->ignore ); -my $url = sprintf( 'http%s://%s:%d/', - defined( $np->opts->ssl ) ? 's' : '', - $np->opts->hostname, $np->opts->port ); +class BoolContext(nagiosplugin.Context): + def evaluate(self, metric, resource): + if metric != 0: + return self.result_cls(nagiosplugin.Critical, metric) -my $ua = new LWP::UserAgent; -$ua->default_header( 'Accept' => 'application/json' ); -if ( defined( $np->opts->insecure ) ) { - $ua->ssl_opts( verify_hostname => 0 ,SSL_verify_mode => 0x00); -} -my %parameters = (); -if ( defined( $np->opts->node ) ) { - %parameters = ( 'query' => '["=","certname","' . $np->opts->node . '"]' ); -} -my $uri = URI->new( $url . $apiurls{$np->opts->apiversion}{'nodes'} ); -$uri->query_form(%parameters); -my $response = $ua->get($uri); +class PuppetDBReport(nagiosplugin.Resource): + """Domain model: last report for node. -if ( !$response->is_success ) { - $np->nagios_exit( 'UNKNOWN', - $response->code . ": " . $response->status_line ); -} + Determines the age of the last puppetdb report for the given node. + """ -my $data = decode_json( $response->decoded_content ); + def __init__(self, api_client, node_name, ignored): + self.api_client = api_client + self.node_name = node_name + self.ignored = ignored or [] -my $now = time(); + def probe(self): + node_info = self.api_client.fetch_node_information(self.node_name) -if ( defined( $np->opts->node ) and !@$data ) { - $np->add_message( CRITICAL, - $np->opts->node . " not found in puppetdb\n" ); -} + for node in node_info: + if "certname" in node: + certname = node["certname"] + else: + certname = node["name"] + deactivated = node["deactivated"] + catalog_timestamp = node["catalog_timestamp"] + report_hash = node["latest_report_hash"] + ts = datetime.strptime(catalog_timestamp, "%Y-%m-%dT%H:%M:%S.%fZ") + delta = datetime.utcnow() - ts -foreach my $node (@$data) { - my $certname = defined($node->{'certname'}) ? $node->{'certname'} : $node->{'name'} ; - my $deactivated = $node->{'deactivated'}; - my $catalog_timestamp = $node->{'catalog_timestamp'}; - my $report_hash = $node->{'latest_report_hash'}; - my $ts = str2time($catalog_timestamp); - - next if grep { $certname eq $_ } @ignore_list; - - if ( !defined $deactivated and ( !length $catalog_timestamp or !length $report_hash )) { - $np->add_message( CRITICAL, - "$certname last run UNAVAILABLE\n" ); - } - if ( !defined $deactivated and length $catalog_timestamp and $report_hash) { - my $delta = ( $now - $ts ); - if ( $delta > ( $np->opts->critical * 60 ) ) { - $np->add_message( CRITICAL, - "$certname did not update since $catalog_timestamp\n" ); - } - elsif ( $delta > ( $np->opts->warning * 60 ) ) { - $np->add_message( WARNING, - "$certname did not update since $catalog_timestamp\n" ); - } - - my %apiparameters = ( - 3 => { - 'query' => '["and",["=","certname","' - . $certname - . '"],["=","latest-report?",true]]', - 'summarize-by' => 'certname', - 'count-by' => 'resource', - }, - 4 => { - 'query' => '["and",["=","certname","' - . $certname - . '"],["=","latest_report?",true]]', - 'summarize_by' => 'certname', - 'count_by' => 'resource', - } - ); - my $uri = URI->new( $url . $apiurls{$np->opts->apiversion}{'event-counts'} ); - $uri->query_form($apiparameters{$np->opts->apiversion}); - $response = $ua->get($uri); - - if ( $response->is_success ) { - my $node_data = decode_json( $response->decoded_content ); - - my $failures = 0; - if ( defined( @$node_data[0] ) - and defined( @$node_data[0]->{'failures'} ) ) - { - $failures = @$node_data[0]->{'failures'}; - } + if deactivated: + yield nagiosplugin.Metric(f"missing-{certname}", 1, min=0) + continue - if ( $failures >= $np->opts->critfails ) { - $np->add_message( CRITICAL, - "$certname had $failures failures in the last run\n" ); - } - elsif ( $failures >= $np->opts->warnfails ) { - $np->add_message( WARNING, - "$certname had $failures failures in the last run\n" ); - } - elsif ( exists $apiurls{$np->opts->apiversion}{'logs'} ) { - my $apiurl = $apiurls{$np->opts->apiversion}{'logs'}; - $apiurl =~ s/{hash}/$report_hash/; - $uri = URI->new( $url . $apiurl ); - $response = $ua->get($uri); - if ( $response->is_success ) { - my $logs = decode_json( $response->decoded_content ); - foreach my $log (@$logs) { - my $tags = $log->{'tags'}; - if ( grep(/^err$/, @$tags) ) { - $np->add_message( WARNING, "$certname, $log->{'message'}" ); - } - } - } - } + if certname in self.ignored: + continue - } else { - $np->nagios_exit( 'UNKNOWN', 'Unsupported query ' . $response->decoded_content); - } + yield nagiosplugin.Metric( + f"last-{certname}", round(delta.total_seconds()), "s", min=0 + ) - } -} + failures = self.api_client.fetch_failure_report(certname, report_hash) + yield nagiosplugin.Metric(f"failed-{certname}", failures, min=0) + + +def comma_separated(string): + result = [] + for part in [item.trim for item in string.split(",")]: + if len(part) > 0: + result.append(part) + return result -my $code; -my $message; -( $code, $message ) = $np->check_messages; -$np->nagios_exit( $code, $message ); +class PuppetDBClient: + def __init__(self, hostname, port, tls, insecure, roots, api_version): + scheme = tls and "https" or "http" + self.base_url = f"{scheme}://{hostname}:{port}/" + self.allow_insecure = insecure + self.use_roots = roots + self.api_version = api_version + + self.client = requests.Session() + self.client.headers = {"Accept": "application/json"} + self.node_info = [] + + def fetch_node_information(self, node_name): + if self.node_info: + return self.node_info + + url = urljoin(self.base_url, api_urls[self.api_version]["nodes"]) + if node_name: + r = self.client.get( + url, params={"query": f'["=","certname","{node_name}"]'} + ) + else: + r = self.client.get(url) + + r.raise_for_status() + + self.node_info = r.json() + + return self.node_info + + def fetch_failure_report(self, cert_name, report_hash): + url = urljoin(self.base_url, api_urls[self.api_version]["event-counts"]) + + if self.api_version == 3: + query_args = { + "query": f'["and",["=","certname","{cert_name}"],["=","latest-report?",true]]', + "summarize-by": "certname", + "count-by": "resource", + } + else: + query_args = { + "query": f'["and",["=","certname","{cert_name}"],["=","latest_report?",true]]', + "summarize_by": "certname", + "count_by": "resource", + } + + r = self.client.get(url, params=query_args) + + r.raise_for_status() + + report = r.json() + + failures = 0 + + if report and "failures" in report[0]: + failures += report[0]["failures"] + + if "logs" in api_urls[self.api_version]: + url = urljoin(self.base_url, api_urls[self.api_version]["logs"]).format( + hash=report_hash + ) + self.client.get(url) + + r.raise_for_status() + + logs = r.json() + + for log in logs: + if "tags" in log and "err" in log["tags"]: + failures += 1 + + return failures + + def get_cert_names(self, node_name): + result = [] + + for node in self.fetch_node_information(node_name): + if "certname" in node: + result.append(node["certname"]) + else: + result.append(node["name"]) + + return sorted(result) + + +@nagiosplugin.guarded +def main(): + argp = argparse.ArgumentParser(description=__doc__) + + argp.add_argument( + "-w", + "--warning", + type=int, + default=120, + help="Exit with WARNING status if nodes did not update for more then given minutes", + ) + argp.add_argument( + "-c", + "--critical", + type=int, + default=1440, + help="Exit with CRITICAL status if nodes did not update for more then given minutes", + ) + argp.add_argument( + "-W", + "--warnfails", + type=int, + default=1, + help="Exit with WARNING status if nodes had at least the given number of failures in the last run", + ) + argp.add_argument( + "-C", + "--critfails", + type=int, + default=1, + help="Exit with CRITICAL status if nodes had at least the given number of failures in the last run", + ) + argp.add_argument( + "-H", + "--hostname", + type=str, + default="localhost", + help="Hostname of the PuppetDB", + ) + argp.add_argument( + "-p", "--port", type=int, default=8080, help="Port PuppetDB is running on" + ) + argp.add_argument( + "-n", + "--node", + type=str, + help="Node name to check, if not given, all nodes will be checked", + ) + argp.add_argument( + "-t", + "--tls", + action="store_true", + help="Use HTTPS instead of HTTP", + ) + argp.add_argument( + "-k", + "--insecure", + action="store_true", + help="Allow connections via HTTPS without checking certificates", + ) + argp.add_argument( + "-r", + "--roots", + type=str, + help="Use the given root certificate file for certificate validation", + ) + argp.add_argument( + "-a", + "--apiversion", + dest="api_version", + type=int, + default=4, + choices=api_urls.keys(), + help="Specify PuppetDB API version", + ) + argp.add_argument( + "-i", + "--ignore", + type=comma_separated, + help="Node names to ignore (comma-separated list)", + ) + argp.add_argument( + "-v", + "--verbose", + action="count", + default=0, + help="increase output verbosity (use up to 3 times)", + ) + + args = argp.parse_args() + + api_client = PuppetDBClient( + args.hostname, args.port, args.tls, args.insecure, args.roots, args.api_version + ) + + check = nagiosplugin.Check(PuppetDBReport(api_client, args.node, args.ignore)) + + for certname in api_client.get_cert_names(args.node): + check.add(BoolContext(f"missing-{certname}")) + check.add( + nagiosplugin.ScalarContext( + f"last-{certname}", args.warning * 60, args.critical * 60 + ) + ) + check.add( + nagiosplugin.ScalarContext( + f"failed-{certname}", f"@{args.warnfails}:", f"@{args.critfails}:" + ) + ) + + check.main(verbose=args.verbose) + + +if __name__ == "__main__": + main() diff --git a/sitemodules/profiles/files/icinga2_master/icinga2-git-pull-hook b/sitemodules/profiles/files/icinga2_master/icinga2-git-pull-hook index a0d3711..c786017 100644 --- a/sitemodules/profiles/files/icinga2_master/icinga2-git-pull-hook +++ b/sitemodules/profiles/files/icinga2_master/icinga2-git-pull-hook @@ -88,6 +88,17 @@ class GitHookRequestHandler(BaseHTTPRequestHandler): self.wfile.write(("%s\r\n" % message).encode("UTF-8")) def _handle_pull(self): + args = [ + "sshpass", + "-e", + "-P", + "passphrase", + "git", + "pull", + GIT_REPOSITORY, + GIT_BRANCH, + ] + self.log.info("running '%s'", " ".join(args)) try: git_proc = subprocess.run( [ @@ -96,15 +107,12 @@ class GitHookRequestHandler(BaseHTTPRequestHandler): "-P", "passphrase", "git", - "subtree", "pull", - "--prefix", - "icinga2/conf.d", GIT_REPOSITORY, GIT_BRANCH, ], env=ENV_FOR_GIT, - cwd="/etc", + cwd=GIT_DIRECTORY, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, check=True, diff --git a/sitemodules/profiles/manifests/base.pp b/sitemodules/profiles/manifests/base.pp index 719fe21..ff3d9e4 100644 --- a/sitemodules/profiles/manifests/base.pp +++ b/sitemodules/profiles/manifests/base.pp @@ -14,9 +14,7 @@ # # @param rootalias alias that gets emails for root # -# @param crl_job_enable whether to setup the hourly CRL update job -# -# @param crl_job_services which services to reload after the CRL update +# @param crl_job configure the hourly CRL update job # # @param is_external whether the node is outside of CAcert infrastructure # @@ -36,15 +34,21 @@ # Copyright # --------- # -# Copyright 2016-2021 Jan Dittberner +# Copyright 2016-2022 Jan Dittberner # class profiles::base ( - Array[String] $admins = [], - Hash[String, Data] $users = {}, - String $rootalias = "${trusted['certname']}-admin@cacert.org", - Boolean $crl_job_enable = false, - Array[String] $crl_job_services = [], - Boolean $is_external = false, + Array[String] $admins = [], + Hash[String, Data] $users = {}, + String $rootalias = "${trusted['certname']}-admin@cacert.org", + Hash[String, Data] $crl_job = { + 'enable' => false, + 'hostname' => $trusted['certname'], + 'services' => [], + 'check_url' => 'https://monitor.infra.cacert.org:5665/v1/actions/process-check-result', + 'api_user' => '', + 'api_password' => '', + }, + Boolean $is_external = false, ) { # ensure admin users for this container $admins.each |String $username| { @@ -99,18 +103,37 @@ class profiles::base ( source => 'puppet:///modules/profiles/base/apt_periodic.conf', } - package { ['lsb-release', 'distro-info-data', 'sudo']: + package { ['lsb-release', 'distro-info-data']: ensure => present, } + class { 'sudo': + config_file_replace => false, + } package { ['zsh', 'tmux', 'less', 'vim-nox']: ensure => latest, } + if $facts['virtual'] == 'lxc' { + file { '/etc/network/interfaces': + ensure => file, + owner => 'root', + group => 'root', + mode => '0644', + content => "auto lo\niface lo inet loopback\n", + } + } + Package['zsh'] -> User <| |> - package { ['aptitude', 'apticron']: - ensure => purged, + if !$is_external { + package { ['aptitude', 'apticron', 'isc-dhcp-client']: + ensure => purged, + } + } else { + package { ['aptitude', 'apticron']: + ensure => purged, + } } file { '/etc/zsh/newuser.zshrc.recommended': @@ -153,10 +176,21 @@ class profiles::base ( repos => 'main', release => "${::lsbdistcodename}-updates", } - apt::source { "security.debian.org-${::lsbdistcodename}-security": - location => 'http://security.debian.org/debian-security', - repos => 'main', - release => "${::lsbdistcodename}/updates", + + $os_major = Integer($facts['os']['release']['major']) + + if $os_major < 11 { + apt::source { "security.debian.org-${::lsbdistcodename}-security": + location => 'http://security.debian.org/debian-security', + repos => 'main', + release => "${::lsbdistcodename}/updates", + } + } else { + apt::source { "security.debian.org-${::lsbdistcodename}-security": + location => 'http://security.debian.org/', + repos => 'main', + release => "${::lsbdistcodename}-security", + } } apt::source { "ftp.nl.debian.org-${::lsbdistcodename}-backports": location => 'http://ftp.nl.debian.org/debian', @@ -197,23 +231,42 @@ class profiles::base ( recipient => $rootalias, } - package { ['ca-certificates', 'ca-cacert']: + package { 'ca-certificates': ensure => installed, } - file { '/usr/local/share/ca-certificates/cacert_class3_2021.crt': + $cacert_class1_file = '/usr/local/share/ca-certificates/cacert_class1_X0F.crt' + $cacert_class3_file = '/usr/local/share/ca-certificates/cacert_class3_2021.crt' + + file { $cacert_class1_file: + ensure => file, + owner => 'root', + group => 'root', + mode => '0644', + source => 'puppet:///modules/profiles/base/cacert_class1_X0F.crt', + require => Package['ca-certificates'], + } + + file { $cacert_class3_file: ensure => file, owner => 'root', group => 'root', mode => '0644', source => 'puppet:///modules/profiles/base/cacert_class3_2021.crt', require => Package['ca-certificates'], - } ~> + } + exec { '/usr/sbin/update-ca-certificates': - require => Package['ca-certificates'], + require => Package['ca-certificates'], + refreshonly => true, + subscribe => [File[$cacert_class1_file], File[$cacert_class3_file]], } - if ($crl_job_enable) { + if ($crl_job['enable']) { + package { 'python3-requests': + ensure => installed, + } + file { '/var/local/ssl': ensure => directory, owner => 'root', @@ -236,12 +289,20 @@ class profiles::base ( mode => '0755', content => epp( 'profiles/base/update-crls.epp', - { 'services' => $crl_job_services }), + { + 'services' => $crl_job['services'], + 'check_url' => $crl_job['check_url'], + 'api_user' => $crl_job['api_user'], + 'api_password' => $crl_job['api_password'], + 'hostname' => $crl_job['hostname'], + }, + ), require => [ Package['ca-certificates'], - Package['ca-cacert'], + Package['python3-requests'], File['/var/local/ssl/crls'], - File['/usr/local/share/ca-certificates/cacert_class3_2021.crt'] + File[$cacert_class1_file], + File[$cacert_class3_file] ], } } else { diff --git a/sitemodules/profiles/manifests/gitea.pp b/sitemodules/profiles/manifests/gitea.pp new file mode 100644 index 0000000..7ae1576 --- /dev/null +++ b/sitemodules/profiles/manifests/gitea.pp @@ -0,0 +1,162 @@ +# Class: profiles::gitea +# +# This class installs and configures a Gitea server. +# +# Parameters +# ---------- +# +# @param database_host PostgreSQL database host name +# +# @param database_name PostgreSQL database name +# +# @param database_password PostgreSQL database password +# +# @param database_port PostgreSQL database port +# +# @param database_ssl_mode PostgreSQL database connection ssl mode +# +# @param database_user PostgreSQL database user name +# +# @param gitea_fqdn Gitea host name +# +# @param gitea_socket Gitea Unix domain socket path +# +# Examples +# -------- +# +# @example +# class roles::myhost { +# include profiles::gitea +# } +# +# Authors +# ------- +# +# Jan Dittberner <jandd@cacert.org> +# +# Copyright +# --------- +# +# Copyright 2022 Jan Dittberner +# +class profiles::gitea ( + String $database_password, + String $database_host = 'pgsql', + Integer $database_port = 5432, + String $database_name = 'gitea', + String $database_user = 'gitea', + String $database_ssl_mode = 'require', + String $gitea_fqdn = 'code.cacert.org', + String $gitea_socket = '/run/gitea/gitea.sock', +) { + $gitea_version = '1.18.0' + $gitea_checksum = 'b45b715d519a97086208c6b42528d291dd1c4dfdf40321dc940030e1cf3de6e6' + $gitea_url = "https://dl.gitea.io/gitea/${gitea_version}/gitea-${gitea_version}-linux-amd64" + $gitea_service = '/etc/systemd/system/gitea.service' + + include profiles::systemd_reload + include profiles::x509cert_common + + package { 'git': + ensure => installed, + } + + user { 'git': + comment => 'Gitea user', + home => '/var/lib/gitea', + system => true, + } + + file { [ + '/etc/gitea', '/var/lib/gitea', '/var/lib/gitea/data', + '/var/lib/gitea/repositories', '/var/lib/gitea/data/lfs', '/var/log/gitea', + ]: + ensure => directory, + owner => 'git', + group => 'git', + mode => '0750', + } + + file { '/var/lib/gitea/.ssh': + ensure => directory, + owner => 'git', + group => 'git', + mode => '0700', + } + + file { '/usr/local/bin/gitea': + ensure => file, + source => $gitea_url, + checksum => 'sha256', + checksum_value => $gitea_checksum, + owner => 'root', + group => 'git', + mode => '0750', + } + + file { '/etc/gitea/app.ini': + ensure => file, + owner => 'git', + group => 'git', + mode => '0640', + content => epp('profiles/gitea/app.ini.epp', { + database_host => $database_host, + database_port => $database_port, + database_ssl_mode => $database_ssl_mode, + database_name => $database_name, + database_user => $database_user, + database_password => $database_password, + gitea_fqdn => $gitea_fqdn, + gitea_socket => $gitea_socket, + gitea_user => 'git', + }), + } + + file { $gitea_service: + ensure => file, + owner => 'root', + group => 'root', + mode => '0644', + source => 'puppet:///modules/profiles/gitea/gitea.service', + notify => Exec['reload systemd configuration'], + } + + service { 'gitea': + ensure => running, + enable => true, + require => [ + User['git'], + ], + subscribe => [ + File[$gitea_service], + File['/etc/gitea/app.ini'], + ], + } + + file { '/etc/nginx': + ensure => directory, + owner => 'root', + group => 'root', + mode => '0755', + } -> file { '/etc/nginx/nginx.conf': + ensure => file, + owner => 'root', + group => 'root', + mode => '0644', + content => epp('profiles/gitea/nginx.conf.epp', + { + hostname => $gitea_fqdn, + gitea_socket => $gitea_socket, + } + ), + require => [ + Concat["/etc/ssl/public/${gitea_fqdn}.chain.pem"], + File["/etc/ssl/private/${gitea_fqdn}.key.pem"], + ], + } -> package { 'nginx-light': + ensure => present, + } -> service { 'nginx': + ensure => running, + enable => true, + } +} diff --git a/sitemodules/profiles/manifests/icinga2_common.pp b/sitemodules/profiles/manifests/icinga2_common.pp index e0c204a..66c946f 100644 --- a/sitemodules/profiles/manifests/icinga2_common.pp +++ b/sitemodules/profiles/manifests/icinga2_common.pp @@ -19,7 +19,7 @@ # Copyright # --------- # -# Copyright 2019-2021 Jan Dittberner +# Copyright 2019-2022 Jan Dittberner class profiles::icinga2_common ( ) { include profiles::icinga2_certificates @@ -47,4 +47,27 @@ class profiles::icinga2_common ( ensure => latest, } } + + file { ['/usr/local/lib/nagios', '/usr/local/lib/nagios/plugins']: + ensure => directory, + owner => 'root', + group => 'staff', + mode => '0755', + } + + if Integer($facts['os']['release']['major']) >= 9 { + package { ['python3-nagiosplugin', 'python3-apt' ]: + ensure => present, + } + } + + if $facts['virtual'] in ['physical', 'kvm'] { + file { '/usr/local/lib/nagios/plugins/check_kernel_status': + ensure => file, + owner => 'root', + group => 'staff', + mode => '0755', + source => 'puppet:///modules/profiles/icinga2_external_commands/check_kernel_status.py', + } + } } diff --git a/sitemodules/profiles/manifests/icinga2_master.pp b/sitemodules/profiles/manifests/icinga2_master.pp index e8f4968..221a3cb 100644 --- a/sitemodules/profiles/manifests/icinga2_master.pp +++ b/sitemodules/profiles/manifests/icinga2_master.pp @@ -50,7 +50,7 @@ # Copyright # --------- # -# Copyright 2019-2021 Jan Dittberner +# Copyright 2019-2022 Jan Dittberner class profiles::icinga2_master ( String $ido_database_password, String $web2_database_password, @@ -69,7 +69,7 @@ class profiles::icinga2_master ( include profiles::systemd_reload include postgresql::server - class { '::icinga2': + class { 'icinga2': manage_repo => false, features => ['mainlog', 'checker', 'notification'], constants => { @@ -78,7 +78,7 @@ class profiles::icinga2_master ( }, } - class { '::icinga2::pki::ca': + class { 'icinga2::pki::ca': ca_cert => $ca_certificate, ca_key => $ca_key, } @@ -88,7 +88,7 @@ class profiles::icinga2_master ( password => postgresql_password('icinga2', $ido_database_password), } - class { '::icinga2::feature::idopgsql': + class { 'icinga2::feature::idopgsql': user => 'icinga2', password => $ido_database_password, database => 'icinga2', @@ -96,7 +96,7 @@ class profiles::icinga2_master ( require => Postgresql::Server::Db['icinga2'], } - class { '::icinga2::feature::api': + class { 'icinga2::feature::api': pki => 'none', } @@ -123,7 +123,7 @@ class profiles::icinga2_master ( ), } - class { '::icingaweb2': + class { 'icingaweb2': manage_repo => false, import_schema => true, db_type => 'pgsql', @@ -134,7 +134,7 @@ class profiles::icinga2_master ( require => Postgresql::Server::Db['icingaweb2'], } - class { '::icingaweb2::module::monitoring': + class { 'icingaweb2::module::monitoring': ido_type => 'pgsql', ido_host => 'localhost', ido_port => 5432, @@ -146,19 +146,19 @@ class profiles::icinga2_master ( transport => 'api', username => 'root', password => $api_users['root']['password'], - } - } + }, + }, } icingaweb2::config::authmethod { 'external-authentication': backend => 'external', - require => Class['::icingaweb2'], + require => Class['icingaweb2'], } icingaweb2::config::role { 'admin': users => join($icingaweb_admins, ','), permissions => '*', - require => Class['::icingaweb2'], + require => Class['icingaweb2'], } package { ['sshpass', 'git']: @@ -206,14 +206,7 @@ class profiles::icinga2_master ( notify => Exec['reload systemd configuration'], } - file { '/usr/local/lib/nagios-plugins': - ensure => directory, - owner => 'root', - group => 'staff', - mode => '0755' - } - - file { '/usr/local/lib/nagios-plugins/check_puppetdb_nodes': + file { '/usr/local/lib/nagios/plugins/check_puppetdb_nodes': ensure => file, owner => 'root', group => 'staff', @@ -221,6 +214,19 @@ class profiles::icinga2_master ( source => 'puppet:///modules/profiles/icinga2_master/check_puppetdb_nodes', } + package {['rsync', 'python3-cryptography']: + ensure => present, + } + + file { '/usr/local/lib/nagios/plugins/check_cacert_crl': + ensure => file, + owner => 'root', + group => 'root', + mode => '0755', + source => 'puppet:///modules/profiles/icinga2_external_commands/cacert_check_crl.py', + require => [Package['rsync'], Package['python3-nagiosplugin'], Package['python3-cryptography']], + } + service { 'icinga2-git-pull-hook': ensure => running, enable => true, @@ -231,7 +237,7 @@ class profiles::icinga2_master ( ], } - include ::icinga2 + include icinga2 file { '/etc/icinga2/zones.d/global-templates': ensure => directory, @@ -262,12 +268,38 @@ class profiles::icinga2_master ( target => '/etc/icinga2/zones.d/global-templates/ocsp-command.conf', } ::icinga2::object::checkcommand { 'cacert_crl': - ensure => present, - command => [ + ensure => present, + command => [ '/usr/local/lib/nagios/plugins/check_cacert_crl', ], + arguments => { + '--rsync-url' => { + 'value' => '$cacert_crl_rsync_url$', + 'description' => 'rsync URL to check', + }, + '--warning-last-age' => { + 'value' => '$cacert_crl_warning_last_age$', + 'description' => 'warning if last age is more than that many minutes', + }, + '--critical-last-age' => { + 'value' => '$cacert_crl_critical_last_age$', + 'description' => 'critical if last age is more than that many minutes', + }, + }, + vars => { + 'cacert_crl_rsync_url' => 'rsync://crl.cacert.org/crl/', + 'cacert_crl_warning_last_age' => '1500', # 25h + 'cacert_crl_critical_last_age' => '2160', # 36h + }, target => '/etc/icinga2/zones.d/global-templates/cacert_crl-command.conf', } + ::icinga2::object::checkcommand { 'kernel_status': + ensure => present, + command => [ + '/usr/local/lib/nagios/plugins/check_kernel_status', + ], + target => '/etc/icinga2/zones.d/global-templates/kernel-status-command.conf', + } file { '/etc/icinga2/zones.d/global-templates/ssl_cert-cacert-command.conf': ensure => file, diff --git a/sitemodules/profiles/manifests/icinga2_satellite.pp b/sitemodules/profiles/manifests/icinga2_satellite.pp index 82ff7f7..5c6df6f 100644 --- a/sitemodules/profiles/manifests/icinga2_satellite.pp +++ b/sitemodules/profiles/manifests/icinga2_satellite.pp @@ -24,27 +24,28 @@ # Copyright # --------- # -# Copyright 2021 Jan Dittberner +# Copyright 2021-2022 Jan Dittberner class profiles::icinga2_satellite { include 'profiles::icinga2_common' include 'profiles::icinga2_agent' - file { ['/usr/local/lib/nagios', '/usr/local/lib/nagios/plugins']: - ensure => directory, - owner => 'root', - group => 'root', - mode => '0755', - } + $cacert_class1_file = '/usr/local/share/ca-certificates/cacert_class1_X0F.crt' + $cacert_class3_file = '/usr/local/share/ca-certificates/cacert_class3_2021.crt' + file { '/usr/local/lib/nagios/plugins/check_ocsp': ensure => file, owner => 'root', group => 'root', mode => '0755', source => 'puppet:///modules/profiles/icinga2_external_commands/check_ocsp', - require => Package['ca-cacert'], + require => [ + Package['ca-certificates'], + File[$cacert_class1_file], + File[$cacert_class3_file] + ], } - package {['rsync', 'python3-nagiosplugin', 'python3-cryptography']: + package {['rsync', 'python3-cryptography']: ensure => present, } diff --git a/sitemodules/profiles/manifests/pootle.pp b/sitemodules/profiles/manifests/pootle.pp index 7bf6a90..0d724d3 100644 --- a/sitemodules/profiles/manifests/pootle.pp +++ b/sitemodules/profiles/manifests/pootle.pp @@ -45,9 +45,6 @@ class profiles::pootle { gid => 200, system => true, } - class { 'sudo': - config_file_replace => false, - } file { '/usr/local/bin/pootle-update': ensure => file, source => 'puppet:///modules/profiles/pootle/pootle-update', diff --git a/sitemodules/profiles/manifests/wordpress.pp b/sitemodules/profiles/manifests/wordpress.pp index f38eee7..1047188 100644 --- a/sitemodules/profiles/manifests/wordpress.pp +++ b/sitemodules/profiles/manifests/wordpress.pp @@ -33,7 +33,6 @@ class profiles::wordpress ( ) { include profiles::x509cert_common - $server_cert = "/etc/ssl/public/${external_name}.crt.pem" $server_key = "/etc/ssl/private/${external_name}.key.pem" $server_chain = "/etc/ssl/public/${external_name}.chain.pem" $client_ca_certificates = "/etc/ssl/public/${external_name}_client_cas.pem" @@ -52,7 +51,6 @@ class profiles::wordpress ( mode => '0644', content => epp('profiles/wordpress/wordpress-ssl.conf.epp', { server_name => $external_name, - server_cert => $server_cert, server_key => $server_key, server_chain => $server_chain, client_ca_certificates => $client_ca_certificates, @@ -70,7 +68,6 @@ class profiles::wordpress ( ensure => running, enable => true, subscribe => [ - File[$server_cert], File[$server_key], Concat[$server_chain], Concat[$client_ca_certificates], diff --git a/sitemodules/profiles/manifests/x509cert_common.pp b/sitemodules/profiles/manifests/x509cert_common.pp index 380b505..88edace 100644 --- a/sitemodules/profiles/manifests/x509cert_common.pp +++ b/sitemodules/profiles/manifests/x509cert_common.pp @@ -41,6 +41,10 @@ class profiles::x509cert_common ( Hash[String, Data] $certificates, ) { + group { 'ssl-cert': + ensure => present, + system => true, + } file { '/etc/ssl/public': ensure => directory, owner => 'root', @@ -58,7 +62,7 @@ class profiles::x509cert_common ( file { "/etc/ssl/private/${name}.key.pem": ensure => file, owner => pick($cert_info['key_owner'], 'root'), - group => pick($cert_info['key_group'], 'root'), + group => pick($cert_info['key_group'], 'ssl-cert'), mode => pick($cert_info['key_mode'], '0640'), content => $cert_info['private_key'], } diff --git a/sitemodules/profiles/templates/base/update-crls.epp b/sitemodules/profiles/templates/base/update-crls.epp index eefdfe2..def45ab 100755 --- a/sitemodules/profiles/templates/base/update-crls.epp +++ b/sitemodules/profiles/templates/base/update-crls.epp @@ -1,30 +1,148 @@ -<%- | Array[String] $services | -%> -#!/bin/sh +<%- | + Array[String] $services, + String $check_url, + String $api_user, + String $api_password, + String $hostname, +| -%> +#!/usr/bin/env python3 # THIS FILE IS MANAGED BY PUPPET, MANUAL CHANGES WILL BE OVERWRITTEN AT THE # NEXT PUPPET RUN. -set -e +import glob +import subprocess +import sys +from datetime import datetime +from os import path -CRL_PATH='/var/local/ssl/crls/' -CA_CERT='/etc/ssl/certs/ca-certificates.crt' -RSYNC_LOCATION='crl.cacert.org::crl' +import requests -rsync -aqz "$RSYNC_LOCATION" "$CRL_PATH" +CRL_PATH = "/var/local/ssl/crls/" +CA_CERT = "/etc/ssl/certs/ca-certificates.crt" +RSYNC_LOCATION = "crl2.intra.cacert.org::crl" +ICINGA_CA = "/var/lib/icinga2/certs/ca.crt" -for crl in "$CRL_PATH"*.crl -do - if openssl crl -noout -inform DER -in "$crl" -CAfile "$CA_CERT" 2>/dev/null - then - openssl crl -inform DER -in "$crl" -out "$crl".pem - else - echo "Error: Could not validate the CRL at $crl" >&2 - fi -done -c_rehash "$CRL_PATH" 2>/dev/null >&2 -<% $services.each |$service| { -%> -service <%= $service %> reload > /dev/null -<% } %> +def json_timestamp(ts): + return int(ts.timestamp()) -exit 0 + +def report_result(success, output, start): + data = { + "type": "Service", + "filter": 'host.name=="<%= $hostname %>" && service.name=="crl-sync"', + "exit_status": 0 if success else 2, + "plugin_output": "OK" if success else f"CRITICAL CRL sync failed\n{output}", + "check_source": "<%= $hostname %>", + "execution_start": json_timestamp(start), + "execution_end": json_timestamp(datetime.utcnow()), + "ttl": 3720, + } + + r = requests.post( + "<%= $check_url %>", + auth=("<%= $api_user %>", "<%= $api_password %>"), + headers={"Accept": "application/json"}, + json=data, + verify=ICINGA_CA, + ) + + if not r.ok: + print("could not submit passive check") + print(r.status_code, r.reason) + print(r.text) + sys.exit(1) + + +def run_command(args, timeout=10): + try: + res = subprocess.run(args, capture_output=True, timeout=timeout, text=True) + except subprocess.TimeoutExpired: + return False, "timeout of {} expired running '{}'".format( + timeout, " ".join(args) + ) + + return res.returncode == 0, res.stderr + + +def verify_crl(crl, ca_certificates=CA_CERT): + return run_command( + [ + "openssl", + "crl", + "-noout", + "-inform", + "DER", + "-in", + crl, + "-CAfile", + ca_certificates, + ], + ) + + +def convert_to_pem(crl): + return run_command( + ["openssl", "crl", "-inform", "DER", "-in", crl, "-out", f"{crl}.pem"] + ) + + +def rehash_crls(crl_path=CRL_PATH): + return run_command(["c_rehash", crl_path]) + + +def run_rsync(rsync_source, dest_path): + return run_command(["rsync", "-aqz", rsync_source, dest_path], 60) + + +def restart_service(service): + return run_command(["systemctl", "restart", f"{service}.service"], 30) + + +def main(): + start = datetime.utcnow() + + ok, output = run_rsync(RSYNC_LOCATION, CRL_PATH) + if not ok: + report_result(False, f"rsync run failed:\n{output}", start) + return + + error_output = [] + + for crl in glob.glob(path.join(CRL_PATH, "*.crl")): + ok, output = verify_crl(crl) + if not ok: + error_output.append(f"crl validation for {crl} failed:\n{output}") + continue + + ok, output = convert_to_pem(crl) + if not ok: + error_output.append(f"pem conversion for {crl} failed:\n{output}") + + if error_output: + report_result(False, "\n\n".join(error_output), start) + return + + ok, output = rehash_crls(CRL_PATH) + if not ok: + report_result(False, f"c_rehash for {CRL_PATH} failed:\n{output}", start) + return + + services = [<% if $services { %>"<%= $services.join(", ") %>"<% } %>] + + for service in services: + ok, output = restart_service(service) + if not ok: + error_output.append(f"service restart failed for {service}:\n{output}") + continue + + if error_output: + report_result(False, "\n\n".join(error_output), start) + return + + report_result(True, "", start) + + +if __name__ == "__main__": + main() diff --git a/sitemodules/profiles/templates/cacert_boardvoting/config.yaml.epp b/sitemodules/profiles/templates/cacert_boardvoting/config.yaml.epp index 1e3309d..29eb2c9 100644 --- a/sitemodules/profiles/templates/cacert_boardvoting/config.yaml.epp +++ b/sitemodules/profiles/templates/cacert_boardvoting/config.yaml.epp @@ -18,7 +18,8 @@ database_file: /srv/cacert-boardvoting/data/database.sqlite client_ca_certificates: <%= $client_ca_certs %> server_certificate: <%= $server_cert %> server_key: <%= $server_key %> -https_address: ":8443" +http_address: ":80" +https_address: ":443" cookie_secret: <%= $cookie_secret %> csrf_key: <%= $csrf_key %> base_url: <%= $base_url %> diff --git a/sitemodules/profiles/templates/gitea/app.ini.epp b/sitemodules/profiles/templates/gitea/app.ini.epp new file mode 100644 index 0000000..a1854f2 --- /dev/null +++ b/sitemodules/profiles/templates/gitea/app.ini.epp @@ -0,0 +1,101 @@ +<%- | String $gitea_fqdn, + String $gitea_user, + String $gitea_socket, + String $database_host, + String $database_name, + String $database_password, + String $database_user, + String $database_ssl_mode, + Integer $database_port, +| -%> +# THIS FILE IS MANAGED BY PUPPET, MANUAL CHANGES WILL BE OVERWRITTEN BY THE +# NEXT PUPPET RUN +APP_NAME = <%= $gitea_fqdn %> :: CAcert code hosting +RUN_USER = <%= $gitea_user %> +RUN_MODE = prod + +[repository] +ROOT = /var/lib/gitea/repositories +MAX_CREATION_LIMIT = 0 + +[database] +DB_TYPE = postgres +HOST = <%= $database_host %>:<%= $database_port %> +NAME = <%= $database_name %> +USER = <%= $database_user %> +PASSWD = <%= $database_password %> +SSL_MODE = <%= $database_ssl_mode %> +LOG_SQL = false + +[security] +INSTALL_LOCK = true +SECRET_KEY = <%= seeded_rand_string(20, 'gitea::secret_key', 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789') %> +INTERNAL_TOKEN_URI = file:/etc/gitea/internal_token + +[server] +DOMAIN = <%= $gitea_fqdn %> +PROTOCOL = http+unix +HTTP_ADDR = <%= $gitea_socket %> +ROOT_URL = https://<%= $gitea_fqdn %>/ +DISABLE_SSH = true +LFS_START_SERVER = true +LFS_CONTENT_PATH = /var/lib/gitea/data/lfs +LFS_JWT_SECRET = <%= seeded_rand_string(43, 'gitea::lfs_jwt_secret', 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789') %> +OFFLINE_MODE = false +LANDING_PAGE = explore + +[mailer] +ENABLED = true +FROM = git@<%= $gitea_fqdn %> +MAILER_TYPE = sendmail + +[service] +REGISTER_EMAIL_CONFIRM = true +ENABLE_NOTIFY_MAIL = true +DISABLE_REGISTRATION = true +ENABLE_CAPTCHA = false +REQUIRE_SIGNIN_VIEW = false +DEFAULT_KEEP_EMAIL_PRIVATE = false +DEFAULT_ALLOW_CREATE_ORGANIZATION = false +DEFAULT_ENABLE_TIMETRACKING = true +NO_REPLY_ADDRESS = noreply.<%= $gitea_fqdn %> +SHOW_REGISTRATION_BUTTON = false + +[picture] +DISABLE_GRAVATAR = true +ENABLE_FEDERATED_AVATAR = false + +[oauth2] +ENABLE = false + +[federation] +ENABLE = false + +[openid] +ENABLE_OPENID_SIGNIN = false +ENABLE_OPENID_SIGNUP = false + +[session] +PROVIDER = file +COOKIE_SECURE = true +DOMAIN = <%= $gitea_fqdn %> +SAME_SITE = strict + +[migrations] +ALLOW_LOCALNETWORKS = true + +[webhook] +ALLOWED_HOST_LIST = external,private + +[log] +MODE = file,console +ENABLE_ACCESS_LOG = true +ACCESS = file +ROUTER = file +ROOT_PATH = /var/log/gitea/ + +[log.file] +LEVEL = Info + +[log.console] +LEVEL = Warn diff --git a/sitemodules/profiles/templates/gitea/nginx.conf.epp b/sitemodules/profiles/templates/gitea/nginx.conf.epp new file mode 100644 index 0000000..bfc084e --- /dev/null +++ b/sitemodules/profiles/templates/gitea/nginx.conf.epp @@ -0,0 +1,82 @@ +<%- | String $hostname, + String $gitea_socket, +| -%> +# THIS FILE IS MANAGED BY PUPPET, MANUAL CHANGES WILL BE OVERWRITTEN BY THE +# NEXT PUPPET RUN +user www-data; +worker_processes auto; +pid /run/nginx.pid; +include /etc/nginx/modules-enabled/*.conf; + +events { + worker_connections 768; + # multi_accept on; +} + +http { + + ## + # Basic Settings + ## + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + server_tokens off; + + server_names_hash_bucket_size 64; + # server_name_in_redirect off; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + + gzip on; + + # gzip_vary on; + # gzip_proxied any; + # gzip_comp_level 6; + # gzip_buffers 16 8k; + # gzip_http_version 1.1; + # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; + + include /etc/nginx/conf.d/*.conf; + + upstream gitea { + server unix:<%= $gitea_socket %>; + } + + server { + listen 80; + listen [::]:80; + + listen 443 ssl; + listen [::]:443 ssl; + + if ($https != "on") { + return 301 https://$host$uri; + } + + ssl_certificate /etc/ssl/public/<%= $hostname %>.chain.pem; + ssl_certificate_key /etc/ssl/private/<%= $hostname %>.key.pem; + + server_name <%= $hostname %>; + + location / { + client_max_body_size 128M; + + proxy_pass http://gitea; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + } +} diff --git a/sitemodules/profiles/templates/squid/squid.conf.epp b/sitemodules/profiles/templates/squid/squid.conf.epp index a064368..d071279 100644 --- a/sitemodules/profiles/templates/squid/squid.conf.epp +++ b/sitemodules/profiles/templates/squid/squid.conf.epp @@ -12,4 +12,5 @@ acl <%= $acl -%> http_access <%= $access_rule -%> <% } %> -maximum_object_size 50 MB +maximum_object_size 500 MB +cache_dir aufs /var/spool/squid 20000 16 256 diff --git a/sitemodules/profiles/templates/wordpress/wordpress-ssl.conf.epp b/sitemodules/profiles/templates/wordpress/wordpress-ssl.conf.epp index 7eeb31e..66eaa30 100644 --- a/sitemodules/profiles/templates/wordpress/wordpress-ssl.conf.epp +++ b/sitemodules/profiles/templates/wordpress/wordpress-ssl.conf.epp @@ -1,5 +1,4 @@ <%- | String $server_name, - String $server_cert, String $server_key, String $server_chain, String $client_ca_certificates, @@ -10,9 +9,8 @@ ServerName <%= $server_name %> SSLEngine on - SSLCertificateFile <%= $server_cert %> + SSLCertificateFile <%= $server_chain %> SSLCertificateKeyFile <%= $server_key %> - SSLCertificateChainFile <%= $server_chain %> SSLCACertificateFile <%= $client_ca_certificates %> SSLProtocol ALL -SSLv2 -SSLv3 -TLSv1.1 -TLSv1 diff --git a/sitemodules/roles/manifests/authserver.pp b/sitemodules/roles/manifests/authserver.pp new file mode 100644 index 0000000..792bc71 --- /dev/null +++ b/sitemodules/roles/manifests/authserver.pp @@ -0,0 +1,29 @@ +# Class: roles::authserver +# ======================== +# +# This class defines the authserver role for a Hydra OAuth2/OpenID connect API +# server used for authentication/authorization. +# You should assign this class using hiera or via an ENC. +# +# Examples +# -------- +# +# @example +# class { 'roles::authserver': } +# +# Authors +# ------- +# +# Jan Dittberner <jandd@cacert.org> +# +# Copyright +# --------- +# +# Copyright 2022 Jan Dittberner +# +class roles::authserver { + include profiles::base + include profiles::rsyslog + include profiles::icinga2_agent +} + diff --git a/sitemodules/roles/manifests/code.pp b/sitemodules/roles/manifests/code.pp new file mode 100644 index 0000000..f88761a --- /dev/null +++ b/sitemodules/roles/manifests/code.pp @@ -0,0 +1,28 @@ +# Class: roles::code +# ================== +# +# This class defines the code role for a Gitea server used for code hosting. +# You should assign this class using hiera or via an ENC. +# +# Examples +# -------- +# +# @example +# class { 'roles::code': } +# +# Authors +# ------- +# +# Jan Dittberner <jandd@cacert.org> +# +# Copyright +# --------- +# +# Copyright 2022 Jan Dittberner +# +class roles::code { + include profiles::base + include profiles::rsyslog + include profiles::icinga2_agent + include profiles::gitea +} diff --git a/sitemodules/roles/manifests/emailout.pp b/sitemodules/roles/manifests/emailout.pp index d6bd462..72901d4 100644 --- a/sitemodules/roles/manifests/emailout.pp +++ b/sitemodules/roles/manifests/emailout.pp @@ -18,11 +18,12 @@ # Copyright # --------- # -# Copyright 2018-2019 Jan Dittberner +# Copyright 2018-2022 Jan Dittberner # class roles::emailout { include profiles::base include profiles::rsyslog include profiles::purge_nrpe_agent include profiles::icinga2_agent + include profiles::x509cert_common } diff --git a/sitemodules/roles/manifests/git.pp b/sitemodules/roles/manifests/git.pp index 55d81b9..ef2393d 100644 --- a/sitemodules/roles/manifests/git.pp +++ b/sitemodules/roles/manifests/git.pp @@ -18,11 +18,12 @@ # Copyright # --------- # -# Copyright 2020 Jan Dittberner +# Copyright 2020-2022 Jan Dittberner # class roles::git { include profiles::base include profiles::rsyslog include profiles::purge_nrpe_agent include profiles::icinga2_agent + include profiles::x509cert_common } diff --git a/sitemodules/roles/manifests/idp.pp b/sitemodules/roles/manifests/idp.pp new file mode 100644 index 0000000..2878931 --- /dev/null +++ b/sitemodules/roles/manifests/idp.pp @@ -0,0 +1,29 @@ +# Class: roles::idp +# ======================== +# +# This class defines the idp role for an OAuth2/OpenID identity provider +# used for authentication/authorization. +# You should assign this class using hiera or via an ENC. +# +# Examples +# -------- +# +# @example +# class { 'roles::idp': } +# +# Authors +# ------- +# +# Jan Dittberner <jandd@cacert.org> +# +# Copyright +# --------- +# +# Copyright 2022 Jan Dittberner +# +class roles::idp { + include profiles::base + include profiles::rsyslog + include profiles::icinga2_agent +} + diff --git a/sitemodules/roles/manifests/infra03.pp b/sitemodules/roles/manifests/infra03.pp index f1f6fe7..6ceb0d6 100644 --- a/sitemodules/roles/manifests/infra03.pp +++ b/sitemodules/roles/manifests/infra03.pp @@ -18,10 +18,10 @@ # Copyright # --------- # -# Copyright 2021 Jan Dittberner +# Copyright 2021-2022 Jan Dittberner # class roles::infra03 { include profiles::base include profiles::lxc_host - #include profiles::icinga2_satellite + include profiles::icinga2_agent } diff --git a/sitemodules/roles/manifests/ircserver.pp b/sitemodules/roles/manifests/ircserver.pp index f1ba1a9..c1f627c 100644 --- a/sitemodules/roles/manifests/ircserver.pp +++ b/sitemodules/roles/manifests/ircserver.pp @@ -17,11 +17,12 @@ # Copyright # --------- # -# Copyright 2018-2019 Jan Dittberner +# Copyright 2018-2022 Jan Dittberner # class roles::ircserver { include profiles::base include profiles::rsyslog include profiles::purge_nrpe_agent include profiles::icinga2_agent + include profiles::x509cert_common } diff --git a/sitemodules/roles/manifests/issue.pp b/sitemodules/roles/manifests/issue.pp index eb3b86b..5a6a14d 100644 --- a/sitemodules/roles/manifests/issue.pp +++ b/sitemodules/roles/manifests/issue.pp @@ -18,11 +18,12 @@ # Copyright # --------- # -# Copyright 2018-2019 Jan Dittberner +# Copyright 2018-2022 Jan Dittberner # class roles::issue { include profiles::base include profiles::rsyslog include profiles::purge_nrpe_agent include profiles::icinga2_agent + include profiles::x509cert_common } diff --git a/sitemodules/roles/manifests/monitor.pp b/sitemodules/roles/manifests/monitor.pp index 32f8c96..eea702c 100644 --- a/sitemodules/roles/manifests/monitor.pp +++ b/sitemodules/roles/manifests/monitor.pp @@ -18,11 +18,12 @@ # Copyright # --------- # -# Copyright 2018-2019 Jan Dittberner +# Copyright 2018-2022 Jan Dittberner # class roles::monitor { include profiles::base include profiles::rsyslog include profiles::purge_nrpe_agent include profiles::icinga2_master + include profiles::x509cert_common } diff --git a/sitemodules/roles/manifests/oidcdemo.pp b/sitemodules/roles/manifests/oidcdemo.pp new file mode 100644 index 0000000..496c5a6 --- /dev/null +++ b/sitemodules/roles/manifests/oidcdemo.pp @@ -0,0 +1,28 @@ +# Class: roles::oidcdemo +# ======================== +# +# This class defines the oidcdemo role for an OAuth2/OpenID demo application. +# You should assign this class using hiera or via an ENC. +# +# Examples +# -------- +# +# @example +# class { 'roles::oidcdemo': } +# +# Authors +# ------- +# +# Jan Dittberner <jandd@cacert.org> +# +# Copyright +# --------- +# +# Copyright 2023 Jan Dittberner +# +class roles::oidcdemo { + include profiles::base + include profiles::rsyslog + include profiles::icinga2_agent +} + diff --git a/sitemodules/roles/manifests/pgsql.pp b/sitemodules/roles/manifests/pgsql.pp index 7b953d0..6e07288 100644 --- a/sitemodules/roles/manifests/pgsql.pp +++ b/sitemodules/roles/manifests/pgsql.pp @@ -8,7 +8,7 @@ # -------- # # @example -# class { 'roles::mariadb': } +# class { 'roles::pgsql': } # # Authors # ------- diff --git a/sitemodules/roles/manifests/traininginstance.pp b/sitemodules/roles/manifests/traininginstance.pp new file mode 100644 index 0000000..9cacf78 --- /dev/null +++ b/sitemodules/roles/manifests/traininginstance.pp @@ -0,0 +1,26 @@ +# Class: roles::traininginstance +# ============================== +# +# This class defines the traininginstance role for servers providing training +# environments for CAcert sytem administration volunteers. You should assign +# this class using hiera or via an ENC. +# +# Examples +# -------- +# +# @example +# class { 'roles::traininginstance': } +# +# Authors +# ------- +# +# Jan Dittberner <jandd@cacert.org> +# +# Copyright +# --------- +# +# Copyright 2020 Jan Dittberner +# +class roles::traininginstance { + include profiles::base +} diff --git a/sitemodules/roles/manifests/translations.pp b/sitemodules/roles/manifests/translations.pp index 006dd6f..e8d2998 100644 --- a/sitemodules/roles/manifests/translations.pp +++ b/sitemodules/roles/manifests/translations.pp @@ -18,7 +18,7 @@ # Copyright # --------- # -# Copyright 2018-2019 Jan Dittberner +# Copyright 2018-2022 Jan Dittberner # class roles::translations { include profiles::base @@ -26,4 +26,5 @@ class roles::translations { include profiles::purge_nrpe_agent include profiles::icinga2_agent include profiles::pootle + include profiles::x509cert_common } |