# This manifest is managed using cosmos Exec { path => "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", } class nunoc { include sunet::tools include sunet::motd include sunet::ntp include ufw include apt include apparmor } node default { } class dockerhost { class { 'sunet::dockerhost': } } class mailclient ($domain) { cosmos::preseed::preseed_package {"postfix": ensure => present, domain => $domain} } class ctops { class { 'sunet::server': unattended_upgrades => true, } ssh_authorized_key {'linus': ensure => present, name => 'linus@sunet.se', key => 'AAAAC3NzaC1lZDI1NTE5AAAAID4bv1RXziZSjHkKY5kDbxboNUGkHEpBivdX8fdvl7Zt', type => 'ssh-ed25519', user => 'root' } } class nrpe { require apt class {'sunet::nagios': } if ($::operatingsystem == 'Ubuntu' and $::operatingsystemrelease == '12.04') { class {'apt::backports': } } package {'nagios-plugins-contrib': ensure => latest} package {'nagios-plugins-extra': ensure => latest} sunet::nagios::nrpe_command {'check_memory': command_line => '/usr/lib/nagios/plugins/check_memory -w 10% -c 5%' } sunet::nagios::nrpe_command {'check_mem': command_line => '/usr/lib/nagios/plugins/check_memory -w 10% -c 5%' } sunet::nagios::nrpe_command {'check_boot_15_5': command_line => '/usr/lib/nagios/plugins/check_disk -w 15% -c 5% -p /boot' } sunet::nagios::nrpe_command {'check_entropy': command_line => '/usr/lib/nagios/plugins/check_entropy' } sunet::nagios::nrpe_command {'check_ntp_time': command_line => '/usr/lib/nagios/plugins/check_ntp_time -H localhost' } sunet::nagios::nrpe_command {'check_scriptherder': command_line => '/usr/local/bin/scriptherder --mode check' } sunet::nagios::nrpe_command {'check_apt': command_line => '/usr/lib/nagios/plugins/check_apt' } } node 'f1.ct.nordu.net' { sunet::cloudimage { 'frontend-1.urd.appendto.org': dhcp => false, repo => 'https://git.nordu.net/ct-ops.git', tagpattern => 'ct-ops', cpus => '16', memory => '16384', ip => '130.242.125.96', netmask => '255.255.255.192', gateway => '130.242.125.65', resolver => ['130.242.80.14','130.242.80.99'], ssh_keys => ['ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID4bv1RXziZSjHkKY5kDbxboNUGkHEpBivdX8fdvl7Zt linus@sunet.se'], } } node 'm1.ct.nordu.net' { sunet::cloudimage { 'frontend-2.urd.appendto.org': dhcp => false, repo => 'https://git.nordu.net/ct-ops.git', tagpattern => 'ct-ops', cpus => '16', memory => '16384', ip => '130.242.125.137', netmask => '255.255.255.192', gateway => '130.242.125.129', resolver => ['130.242.80.14','130.242.80.99'], ssh_keys => ['ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID4bv1RXziZSjHkKY5kDbxboNUGkHEpBivdX8fdvl7Zt linus@sunet.se'], } sunet::cloudimage { 'sign-2.urd.appendto.org': dhcp => false, repo => 'https://git.nordu.net/ct-ops.git', tagpattern => 'ct-ops', cpus => '2', memory => '4096', ip => '193.10.80.178', bridge => 'br1', netmask => '255.255.255.248', gateway => '193.10.80.177', resolver => ['130.242.80.14','130.242.80.99'], ssh_keys => ['ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID4bv1RXziZSjHkKY5kDbxboNUGkHEpBivdX8fdvl7Zt linus@sunet.se'], } } node 'm0.ct.nordu.net' { sunet::cloudimage { 'merge-1.urd.appendto.org': image_url => 'https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img', dhcp => false, repo => 'https://git.nordu.net/ct-ops.git', tagpattern => 'ct-ops', cpus => '8', memory => '16384', ip => '130.242.125.95', netmask => '255.255.255.192', gateway => '130.242.125.65', resolver => ['130.242.80.14','130.242.80.99'], ssh_keys => ['ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID4bv1RXziZSjHkKY5kDbxboNUGkHEpBivdX8fdvl7Zt linus@sunet.se'], } sunet::cloudimage { 'sign-1.urd.appendto.org': dhcp => false, repo => 'https://git.nordu.net/ct-ops.git', tagpattern => 'ct-ops', cpus => '2', memory => '4096', ip => '193.10.80.146', bridge => 'br1', netmask => '255.255.255.248', gateway => '193.10.80.145', resolver => ['130.242.80.14','130.242.80.99'], ssh_keys => ['ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID4bv1RXziZSjHkKY5kDbxboNUGkHEpBivdX8fdvl7Zt linus@sunet.se'], } } node 'NOTYET_frontend-1.urd.appendto.org' { catlfish::frontend { 'frontend-1': logname => 'urd.appendto.org' } catlfish::storage { 'storage-1': logname => 'urd.appendto.org' } } node 'NOTYET_frontend-2.urd.appendto.org' { catlfish::frontend { 'frontend-2': logname => 'urd.appendto.org' } catlfish::storage { 'storage-2': logname => 'urd.appendto.org' } } node 'NOTYET_merge-1.urd.appendto.org' { catlfish::merge { 'merge-1': logname => 'urd.appendto.org' } } node 'NOTYET_sign-1.urd.appendto.org' { catlfish::signing {'signing-1': logname => 'urd.appendto.org' } } node 'NOTYET_sign-2.urd.appendto.org' { catlfish::signing {'signing-2': logname => 'urd.appendto.org' } }