updated hiera data selinux and ssh

2020-02-05 10:50:51 +00:00 · 2020-02-05 10:50:51 +00:00 · 097d1e6884
commit 097d1e6884
parent 095f3ac488
6 changed files with 15 additions and 9 deletions
--- a/data/common.yaml
+++ b/data/common.yaml
@ -6,3 +6,4 @@ profile::base::resolv::nameservers:
  - '8.8.8.8'
  - '127.0.0.1'
 profile::base::resolv::domainname: home
 profile::base::selinux::mode: permissive
--- a/data/environments/test.yaml
+++ b/data/environments/test.yaml
@ -0,0 +1,2 @@
 ---
 profile::base::ssh::permit_root_login: 'yes'
--- a/data/nodes/puppet.home.yaml
+++ b/data/nodes/puppet.home.yaml
@ -1,4 +1,4 @@
 ---
 profile::puppetserver::authority: true
-profile::puppetserver::authority::jwt_secret: "'koHc5pzVSVpJhijthem3zT8WXN8='"
+#profile::puppetserver::authority::jwt_secret: "koHc5pzVSVpJhijthem3zT8WXN8="
 profile::puppetserver::authority::validity: 7200
--- a/data/secrets/node/puppet.home.eyaml
+++ b/data/secrets/node/puppet.home.eyaml
@ -0,0 +1,2 @@
 ---
 profile::puppetserver::authority::jwt_secret: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAnLKlgSOslWvpo+tVP2Fd/ITPkWLc7GM2cXd3bI8tB2PqsnEDOfWYFh8Pp58nzOZTPomTVxtQ0ptud6A+VhGbQ55P5ha9GzW9Pra5q0pQEsoGjJQhLKVsbLlivYN5j+W0pfR3hAr6NgKVBX0qwESOAKKIrYth34qH7Fsrk19VDKLOUJPSbVCajwwbUdj3s0j+8k3CCkey8+FmzTDeqjNGDDMmSxcWAySfX0LfZI3GGgJDfHgo3HDia3MiN0PLfNIOpeIFWRgWnzNrzHbt3RnEV7HIp1R+W2lyr/OWCGgBPco6t7oddqk9n3i35/0pxTsKmZEjasZyNvf51/PNwKK2VjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAaFxUesvj7c9N47ru3WWyugCDAjwhS8BqA1n37yWGIGNCrdfQDUDr/dBMZTbmaoLAKLg==]
--- a/hiera.yaml
+++ b/hiera.yaml
@ -18,5 +18,6 @@ hierarchy:
    data_hash: yaml_data
    paths:
      - "nodes/%{trusted.certname}.yaml"
-      - "role/%{trusted.extensions.pp_role}.yaml"
+      - "roles/%{trusted.extensions.pp_role}.yaml"
      - "environments/%{trusted.extensions.pp_environment}.yaml"
      - "common.yaml"
--- a/site-modules/profile/manifests/puppetserver/authority.pp
+++ b/site-modules/profile/manifests/puppetserver/authority.pp
@ -15,15 +15,15 @@ class profile::puppetserver::authority (
    notify  => Service['pe-puppetserver'],
  }
-  class { ::autosign:
+  class { '::autosign':
-    ensure => "$ensure",
+    ensure => $ensure,
    config => {
-      'general' => {
+      general => {
-        'loglevel' => "$loglevel",
+        loglevel => $loglevel,
      },
-      'jwt_token' => {
+      jwt_token => {
-        'secret'   => "$jwt_secret",
+        secret   => $jwt_secret,
-        'validity' => "$validity",
+        validity => $validity,
      }
    },
  }
		`@ -0,0 +1,2 @@`
							`---`
							`profile::base::ssh::permit_root_login: 'yes'`
		`@ -0,0 +1,2 @@`
							`---`
							profile::puppetserver::authority::jwt_secret: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAnLKlgSOslWvpo+tVP2Fd/ITPkWLc7GM2cXd3bI8tB2PqsnEDOfWYFh8Pp58nzOZTPomTVxtQ0ptud6A+VhGbQ55P5ha9GzW9Pra5q0pQEsoGjJQhLKVsbLlivYN5j+W0pfR3hAr6NgKVBX0qwESOAKKIrYth34qH7Fsrk19VDKLOUJPSbVCajwwbUdj3s0j+8k3CCkey8+FmzTDeqjNGDDMmSxcWAySfX0LfZI3GGgJDfHgo3HDia3MiN0PLfNIOpeIFWRgWnzNrzHbt3RnEV7HIp1R+W2lyr/OWCGgBPco6t7oddqk9n3i35/0pxTsKmZEjasZyNvf51/PNwKK2VjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAaFxUesvj7c9N47ru3WWyugCDAjwhS8BqA1n37yWGIGNCrdfQDUDr/dBMZTbmaoLAKLg==]