# This manifest is managed using cosmos

Exec {
  path => "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
}

# include some of this stuff for additional features

#include cosmos::tools
#include cosmos::motd
#include cosmos::ntp
#include cosmos::rngtools
#include cosmos::preseed
include ufw
include apt
include cosmos

# you need a default node

node default {

}

# edit and uncomment to manage ssh root keys in a simple way

#class { 'cosmos::access':
#   keys => [
#      "ssh-rsa ..."
#   ]
#}

# example config for the nameserver class which is matched in cosmos-rules.yaml

#class nameserver {
#   package {'bind9':
#      ensure => latest
#   }
#   service {'bind9':
#      ensure => running
#   }
#   ufw::allow { "allow-dns-udp":
#      ip   => 'any',
#      port => 53,
#      proto => "udp"
#   }
#   ufw::allow { "allow-dns-tcp":
#      ip   => 'any',
#      port => 53,
#      proto => "tcp"
#   }
#}


ufw::allow {"allow-ssh-tcp":
   ip => 'any',
   port => 22,
   proto => 'tcp'
}

node 'sto-tug-kvm1.swamid.se' {
   class { 'dhcp':
      dnsdomain    => [ 'eduid.se','sunet.se' ],
      nameservers  => ['130.242.80.14','130.242.80.99'],
      ntpservers   => ['pool.ntp.org'],
      interfaces   => ['eth0'],
      #pxeserver    => '130.242.125.5',
      #pxefilename  => 'pxelinux.0'
   }
   dhcp::pool {'install':
      network => '130.242.125.0',
      mask => '255.255.255.192',
      gateway => '130.242.125.1',
      range => ''
   }

   dhcp::pool {'eduid-tug-IdP':
      network => '130.242.130.0',
      mask => '255.255.255.248',
      gateway => '130.242.130.1',
      range => ''
   }

   dhcp::pool {'eduid-tug-auth':
      network => '130.242.130.8',
      mask => '255.255.255.248',
      gateway => '130.242.130.9',
      range => ''
   }

   dhcp::pool {'eduid-tug-other':
      network => '130.242.130.16',
      mask => '255.255.255.240',
      gateway => '130.242.130.17',
      range => ''
   }

   dhcp::host {
     'kvmidp-tug-2': mac => "24:b6:fd:fe:fa:51", ip => "130.242.130.4";
   }

   dhcp::host {
     'idp-tug-2a': mac => "52:54:00:01:00:01", ip => "130.242.130.5";
   }

   dhcp::host {
     'idp-tug-2b': mac => "52:54:00:01:00:02", ip => "130.242.130.6";
   }

   dhcp::host {
     'auth-tug-2': mac => "f0:4d:a2:73:4e:9b", ip => "130.242.130.12";
   }

   dhcp::host {
     'kvm-tug-2': mac => "f0:4d:a2:73:4f:82", ip => "130.242.130.20";
   }

   dhcp::host {
     'db-tug-2': mac => "24:b6:fd:fe:fa:f0", ip => "130.242.130.21";
   }
}