# This manifest is managed using cosmos Exec { path => "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", } include sunet class nunoc { include sunet::tools include sunet::motd include sunet::ntp include ufw include apt include apparmor } node default { } class dockerhost { class { 'sunet::dockerhost': docker_version => "17.05.0~ce-0~ubuntu-${::lsbdistcodename}", } } class mailclient ($domain) { sunet::preseed_package {"postfix": ensure => present, options => {domain => $domain}} } class entropyclient { include sunet::simple_entropy sunet::ucrandom {'random.nordu.net': } sunet::nagios::nrpe_check_process { 'haveged': } } class ctops { class { 'sunet::server': unattended_upgrades => true, } ssh_authorized_key {'linus': ensure => present, name => 'linus@sunet.se', key => 'AAAAC3NzaC1lZDI1NTE5AAAAID4bv1RXziZSjHkKY5kDbxboNUGkHEpBivdX8fdvl7Zt', type => 'ssh-ed25519', user => 'root' } } class nrpe { require apt class {'sunet::nagios': } if ($::operatingsystem == 'Ubuntu' and $::operatingsystemrelease == '12.04') { class {'apt::backports': } } package {'nagios-plugins-contrib': ensure => latest} package {'nagios-plugins-extra': ensure => latest} sunet::nagios::nrpe_command {'check_memory': command_line => '/usr/lib/nagios/plugins/check_memory -w 10% -c 5%' } sunet::nagios::nrpe_command {'check_mem': command_line => '/usr/lib/nagios/plugins/check_memory -w 10% -c 5%' } sunet::nagios::nrpe_command {'check_boot_15_5': command_line => '/usr/lib/nagios/plugins/check_disk -w 15% -c 5% -p /boot' } sunet::nagios::nrpe_command {'check_entropy': command_line => '/usr/lib/nagios/plugins/check_entropy' } sunet::nagios::nrpe_command {'check_ntp_time': command_line => '/usr/lib/nagios/plugins/check_ntp_time -H localhost' } sunet::nagios::nrpe_command {'check_scriptherder': command_line => '/usr/local/bin/scriptherder --mode check' } sunet::nagios::nrpe_command {'check_apt': command_line => '/usr/lib/nagios/plugins/check_apt' } } node 'f1.ct.nordu.net' { sunet::cloudimage { 'frontend-1.urd.appendto.org': description => 'catlfish frontend node', image_url => 'https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img', dhcp => false, repo => 'https://git.nordu.net/ct-ops.git', tagpattern => 'ct-ops', cpus => '16', memory => '16384', mac => '52:54:00:01:00:01', ip => '130.242.125.96', netmask => '255.255.255.192', gateway => '130.242.125.65', resolver => ['130.242.80.14','130.242.80.99'], ssh_keys => ['ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID4bv1RXziZSjHkKY5kDbxboNUGkHEpBivdX8fdvl7Zt linus@sunet.se'], } } node 'm1.ct.nordu.net' { sunet::cloudimage { 'frontend-2.urd.appendto.org': description => 'catlfish frontend node', image_url => 'https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img', dhcp => false, repo => 'https://git.nordu.net/ct-ops.git', tagpattern => 'ct-ops', cpus => '16', memory => '16384', mac => '52:54:00:02:00:01', ip => '130.242.125.137', netmask => '255.255.255.192', gateway => '130.242.125.129', resolver => ['130.242.80.14','130.242.80.99'], ssh_keys => ['ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID4bv1RXziZSjHkKY5kDbxboNUGkHEpBivdX8fdvl7Zt linus@sunet.se'], } sunet::cloudimage { 'sign-2.urd.appendto.org': description => 'catlfish signing node', image_url => 'https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img', dhcp => false, repo => 'https://git.nordu.net/ct-ops.git', tagpattern => 'ct-ops', cpus => '2', memory => '4096', mac => '52:54:00:02:00:02', ip => '193.10.80.178', bridge => 'br1', netmask => '255.255.255.248', gateway => '193.10.80.177', resolver => ['130.242.80.14','130.242.80.99'], ssh_keys => ['ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID4bv1RXziZSjHkKY5kDbxboNUGkHEpBivdX8fdvl7Zt linus@sunet.se'], } } node 'm0.ct.nordu.net' { sunet::cloudimage { 'merge-1.urd.appendto.org': description => 'catlfish merge node', image_url => 'https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img', dhcp => false, repo => 'https://git.nordu.net/ct-ops.git', tagpattern => 'ct-ops', cpus => '8', memory => '16384', mac => '52:54:00:03:00:01', ip => '130.242.125.95', netmask => '255.255.255.192', gateway => '130.242.125.65', resolver => ['130.242.80.14','130.242.80.99'], ssh_keys => ['ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID4bv1RXziZSjHkKY5kDbxboNUGkHEpBivdX8fdvl7Zt linus@sunet.se'], } sunet::cloudimage { 'sign-1.urd.appendto.org': description => 'catlfish signing node', image_url => 'https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img', dhcp => false, repo => 'https://git.nordu.net/ct-ops.git', tagpattern => 'ct-ops', cpus => '2', memory => '4096', mac => '52:54:00:03:00:02', ip => '193.10.80.146', bridge => 'br1', netmask => '255.255.255.248', gateway => '193.10.80.145', resolver => ['130.242.80.14','130.242.80.99'], ssh_keys => ['ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID4bv1RXziZSjHkKY5kDbxboNUGkHEpBivdX8fdvl7Zt linus@sunet.se'], } } node 'NOTYET_frontend-1.urd.appendto.org' { catlfish::frontend { 'frontend-1': logname => 'urd.appendto.org' } catlfish::storage { 'storage-1': logname => 'urd.appendto.org' } } node 'NOTYET_frontend-2.urd.appendto.org' { catlfish::frontend { 'frontend-2': logname => 'urd.appendto.org' } catlfish::storage { 'storage-2': logname => 'urd.appendto.org' } } node 'NOTYET_merge-1.urd.appendto.org' { catlfish::merge { 'merge-1': logname => 'urd.appendto.org' } } node 'NOTYET_sign-1.urd.appendto.org' { catlfish::signing {'signing-1': logname => 'urd.appendto.org' } } node 'NOTYET_sign-2.urd.appendto.org' { catlfish::signing {'signing-2': logname => 'urd.appendto.org' } }