devsnack/control-repo
1
0
Fork 0
Code Releases Activity

updated hiera data selinux and ssh

Browse Source
This commit is contained in:
christopher.lawrence 2020-02-05 10:50:51 +00:00
parent 095f3ac488
commit 097d1e6884
6 changed files with 15 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
data/common.yaml
View File

@ -6,3 +6,4 @@ profile::base::resolv::nameservers:
- '8.8.8.8'
- '127.0.0.1'
profile::base::resolv::domainname: home
profile::base::selinux::mode: permissive

2
data/environments/test.yaml Normal file
View File

@ -0,0 +1,2 @@
---
profile::base::ssh::permit_root_login: 'yes'

2
data/nodes/puppet.home.yaml
View File

@ -1,4 +1,4 @@
---
profile::puppetserver::authority: true
profile::puppetserver::authority::jwt_secret: "'koHc5pzVSVpJhijthem3zT8WXN8='"
#profile::puppetserver::authority::jwt_secret: "koHc5pzVSVpJhijthem3zT8WXN8="
profile::puppetserver::authority::validity: 7200

2
data/secrets/node/puppet.home.eyaml Normal file
View File

@ -0,0 +1,2 @@
---
profile::puppetserver::authority::jwt_secret: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAnLKlgSOslWvpo+tVP2Fd/ITPkWLc7GM2cXd3bI8tB2PqsnEDOfWYFh8Pp58nzOZTPomTVxtQ0ptud6A+VhGbQ55P5ha9GzW9Pra5q0pQEsoGjJQhLKVsbLlivYN5j+W0pfR3hAr6NgKVBX0qwESOAKKIrYth34qH7Fsrk19VDKLOUJPSbVCajwwbUdj3s0j+8k3CCkey8+FmzTDeqjNGDDMmSxcWAySfX0LfZI3GGgJDfHgo3HDia3MiN0PLfNIOpeIFWRgWnzNrzHbt3RnEV7HIp1R+W2lyr/OWCGgBPco6t7oddqk9n3i35/0pxTsKmZEjasZyNvf51/PNwKK2VjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAaFxUesvj7c9N47ru3WWyugCDAjwhS8BqA1n37yWGIGNCrdfQDUDr/dBMZTbmaoLAKLg==]

3
hiera.yaml
View File

@ -18,5 +18,6 @@ hierarchy:
data_hash: yaml_data
paths:
- "nodes/%{trusted.certname}.yaml"
- "role/%{trusted.extensions.pp_role}.yaml"
- "roles/%{trusted.extensions.pp_role}.yaml"
- "environments/%{trusted.extensions.pp_environment}.yaml"
- "common.yaml"

14
site-modules/profile/manifests/puppetserver/authority.pp
View File

@ -15,15 +15,15 @@ class profile::puppetserver::authority (
notify => Service['pe-puppetserver'],
}
class { ::autosign:
ensure => "$ensure",
class { '::autosign':
ensure => $ensure,
config => {
'general' => {
'loglevel' => "$loglevel",
general => {
loglevel => $loglevel,
},
'jwt_token' => {
'secret' => "$jwt_secret",
'validity' => "$validity",
jwt_token => {
secret => $jwt_secret,
validity => $validity,
}
},
}