- virtual: migrate to kvm-manager, purge util-vserver.
- switch from syslog-ng to rsyslog with anonimization.
- nodo: journald: volatile logs only.
-- puppet: key deployment.
- sshd:
- https://stribika.github.io/2015/01/04/secure-secure-shell.html
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774711#60
+++ /dev/null
----
-#
-# Puppet Bootstrap Configuration Parameters.
-#
-# This file is responsible to set custom values to your new puppet repository
-# to reflect the custom configuration for your infrastructure.
-#
-# This configuration is useful mostly after you cloned the puppet-boostrap module
-# and want to configure it to boostrap a whole puppetmaster infrastructure.
-#
-
-# The base domain for your infrastructure.
-bootstrap::base_domain: 'vagrantup.com'
-
-#
-# Root password.
-#
-# Use "mkpasswd -m sha-512" to generate root and first user's passwords.
-bootstrap::root::password: ''
-
-#
-# First user account
-#
-# Do not include "ssh-rsa " into the sshkey definition.
-bootstrap::first_user: ''
-bootstrap::first_user::password: ''
-bootstrap::first_user::sshkey: ''
-bootstrap::first_user::email: ''
-
-#
-# First nodes
-#
-
-# Hostname of the first server
-bootstrap:first_hostname: ''
-
-# Create manifests and config for the first nodes?
-bootstrap::first_nodes: false
-
-# MySQL password
-mysql::server::rootpw: ''
-
-# Puppet master db password
-nodo::role::master::db_password: ''
#
# General
#
-nodo::subsystem::apt::include_src: false
-nodo::subsystem::apt::use_next_release: false
-nodo::subsystem::monitor::use_nagios: false
-nodo::subsystem::monitor::address: "%{::fqdn}"
+nodo::subsystem::apt::include_src : false
+nodo::subsystem::apt::use_next_release : false
+nodo::subsystem::monitor::use_nagios : false
+nodo::subsystem::monitor::address : "%{::fqdn}"
#
# Firewall
#
-firewall::ssl_ratelimit: "s:ssl:200/min:20"
-firewall::local_net: false
-firewall::local::manage_host: true
-firewall::local::manage_iface: false
+firewall::ssl_ratelimit : "s:ssl:200/min:20"
+firewall::local_net : false
+firewall::local::manage_host : true
+firewall::local::manage_iface : false
#
# Mail
#
-mail::sympa::subdomain: "listas"
-mail::sympa::lang: "pt_BR"
+mail::sympa::subdomain : "listas"
+mail::sympa::lang : "pt_BR"
#
# Monitoring
#
# Timezone and ntp
#
-ntp::zone: "Brazil/East"
-ntp::pool: "south-america.pool.ntp.org"
-ntp::servers:
+ntp::zone : "Brazil/East"
+ntp::pool : "south-america.pool.ntp.org"
+ntp::servers :
- 'a.ntp.br'
- 'b.ntp.br'
- 'c.ntp.br'
- 'virtual/%{::virtual}'
- 'location/%{::nodo::location}'
- 'domain/%{::domain}'
- - bootstrap
- common
#
# Backup
#
-nodo::subsystem::backup::localhost: false
-nodo::subsystem::backup::encryptkey: 'none'
-nodo::subsystem::backup::password: 'hacked'
+nodo::subsystem::backup::localhost : false
+nodo::subsystem::backup::encryptkey : 'none'
+nodo::subsystem::backup::password : 'hacked'
projects / puppet-bootstrap.git / commitdiff