diff options
author | Leif Johansson <leifj@sunet.se> | 2014-09-30 10:49:34 +0200 |
---|---|---|
committer | Leif Johansson <leifj@sunet.se> | 2014-09-30 10:49:34 +0200 |
commit | a5bf8cc321386b14ccd69b9a0e4ac4ff35f05c37 (patch) | |
tree | 30e5d2dea0500b54e5edaac708f22a54cc451fdf /global/overlay/etc | |
parent | 1da4f2938d7e331341dbf624ef1fd3e106298e7c (diff) |
mailsetup and registry webserver rulessunet-ops-2014-09-30-v08
Diffstat (limited to 'global/overlay/etc')
-rw-r--r-- | global/overlay/etc/puppet/cosmos-rules.yaml | 7 | ||||
-rw-r--r-- | global/overlay/etc/puppet/manifests/cosmos-site.pp | 34 |
2 files changed, 17 insertions, 24 deletions
diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml index 36476b1..a102cf1 100644 --- a/global/overlay/etc/puppet/cosmos-rules.yaml +++ b/global/overlay/etc/puppet/cosmos-rules.yaml @@ -1,12 +1,13 @@ -# Don't enable class sunet for all hosts until tested. -#'\.sunet\.se$': -# sunet: '^cdr\d+\.sunet\.se$': sunet-cdr: sunet: '\.swamid\.se$': sunet: swamidops: + mailclient: + domain: sunet.se +registry.swamid.se: + webserver: md-master.reep.refeds.org: sunet: swamidops: diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index ae8012f..c9e5d19 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -21,27 +21,20 @@ node default { } -# example config for the nameserver class which is matched in cosmos-rules.yaml - -#class nameserver { -# package {'bind9': -# ensure => latest -# } -# service {'bind9': -# ensure => running -# } -# ufw::allow { "allow-dns-udp": -# ip => 'any', -# port => 53, -# proto => "udp" -# } -# ufw::allow { "allow-dns-tcp": -# ip => 'any', -# port => 53, -# proto => "tcp" -# } -#} +class webserver { + ufw::allow { "allow-http": + ip => 'any', + port => 80 + } + ufw::allow { "allow-https": + ip => 'any', + port => 443 + } +} +class mailclient ($domain) { + mnt::preseed::preseed_package {"postfix": ensure => present, domain => $domain} +} node 'sto-tug-kvm1.swamid.se' { @@ -124,7 +117,6 @@ node 'md-master.reep.refeds.org' { } node 'registry.swamid.se' { - #include cosmos::httpsproxy class {'pyff': load => ['/opt/peer/vf_repo'], validUntil => 'P10D', |