# This manifest is managed using cosmos Exec { path => "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", } # include some of this stuff for additional features #include cosmos::tools #include cosmos::motd #include cosmos::ntp #include cosmos::rngtools #include cosmos::preseed include ufw include apt include cosmos # you need a default node node default { } # edit and uncomment to manage ssh root keys in a simple way #class { 'cosmos::access': # keys => [ # "ssh-rsa ..." # ] #} # example config for the nameserver class which is matched in cosmos-rules.yaml #class nameserver { # package {'bind9': # ensure => latest # } # service {'bind9': # ensure => running # } # ufw::allow { "allow-dns-udp": # ip => 'any', # port => 53, # proto => "udp" # } # ufw::allow { "allow-dns-tcp": # ip => 'any', # port => 53, # proto => "tcp" # } #} ufw::allow {"allow-ssh-tcp": ip => 'any', port => 22, proto => 'tcp' } node 'sto-tug-kvm1.swamid.se' { class { 'dhcp': dnsdomain => [ 'eduid.se','sunet.se' ], nameservers => ['130.242.80.14','130.242.80.99'], ntpservers => ['pool.ntp.org'], interfaces => ['eth0'], #pxeserver => '130.242.125.5', #pxefilename => 'pxelinux.0' } class { 'sunet-dhcp-hosts': } } class sunet-dhcp-hosts { dhcp::pool {'sunet-servernet-tug-130.242.125.64/26': network => '130.242.125.64', mask => '255.255.255.192', gateway => '130.242.125.65', range => '' } dhcp::pool {'sunet-servernet-fre-130.242.125.128/26': network => '130.242.125.128', mask => '255.255.255.192', gateway => '130.242.125.129', range => '' } dhcp::pool {'install': network => '130.242.125.0', mask => '255.255.255.192', gateway => '130.242.125.1', range => '' } dhcp::pool {'eduid-tug-IdP': network => '130.242.130.0', mask => '255.255.255.248', gateway => '130.242.130.1', range => '' } dhcp::pool {'eduid-tug-auth': network => '130.242.130.8', mask => '255.255.255.248', gateway => '130.242.130.9', range => '' } dhcp::pool {'eduid-tug-other': network => '130.242.130.16', mask => '255.255.255.240', gateway => '130.242.130.17', range => '' } dhcp::pool {'eduid-fre-IdP': network => '130.242.130.64', mask => '255.255.255.248', gateway => '130.242.130.65', range => '' } dhcp::pool {'eduid-fre-auth': network => '130.242.130.72', mask => '255.255.255.248', gateway => '130.242.130.73', range => '' } dhcp::pool {'eduid-fre-other': network => '130.242.130.80', mask => '255.255.255.240', gateway => '130.242.130.81', range => '' } dhcp::pool {'eduid-lla-other': network => '130.242.130.144', mask => '255.255.255.240', gateway => '130.242.130.145', range => '' } # eduID TUG hosts dhcp::host { 'kvmidp-tug-2_eth0': mac => "24:b6:fd:fe:fa:51", ip => "130.242.130.4", hostname => 'kvmidp-tug-2'; } dhcp::host { 'kvmidp-tug-2_eth1': mac => "24:b6:fd:fe:fa:52", ip => "130.242.130.4", hostname => 'kvmidp-tug-2'; } dhcp::host { 'idp-tug-2a': mac => "52:54:00:01:00:01", ip => "130.242.130.5"; } dhcp::host { 'idp-tug-2b': mac => "52:54:00:01:00:02", ip => "130.242.130.6"; } dhcp::host { 'auth-tug-2_eth0': mac => "f0:4d:a2:73:4e:9b", ip => "130.242.130.12", hostname => 'auth-tug-2'; } dhcp::host { 'auth-tug-2_eth1': mac => "f0:4d:a2:73:4e:9c", ip => "130.242.130.12", hostname => 'auth-tug-2'; } dhcp::host { 'kvm-tug-2_eth0': mac => "f0:4d:a2:73:4f:82", ip => "130.242.130.20", hostname => 'kvm-tug-2'; } dhcp::host { 'kvm-tug-2_eth1': mac => "f0:4d:a2:73:4f:83", ip => "130.242.130.20", hostname => 'kvm-tug-2'; } dhcp::host { 'db-tug-2_eth0': mac => "24:b6:fd:fe:fa:f0", ip => "130.242.130.21", hostname => 'db-tug-2'; } dhcp::host { 'db-tug-2_eth1': mac => "24:b6:fd:fe:fa:f1", ip => "130.242.130.21", hostname => 'db-tug-2'; } dhcp::host { 'mq-tug-2': mac => "52:54:00:03:00:22", ip => "130.242.130.22"; } dhcp::host { 'worker-tug-2': mac => "52:54:00:03:00:23", ip => "130.242.130.23"; } dhcp::host { 'signup-tug-2': mac => "52:54:00:03:00:24", ip => "130.242.130.24"; } dhcp::host { 'helpdesk-tug-2': mac => "52:54:00:03:00:25", ip => "130.242.130.25"; } dhcp::host { 'www-tug-2': mac => "52:54:00:03:00:26", ip => "130.242.130.26"; } dhcp::host { 'dashboard-tug-2_eth0': mac => "f0:4d:a2:73:4f:0d", ip => "130.242.130.30", hostname => 'dashboard-tug-2'; } dhcp::host { 'dashboard-tug-2_eth1': mac => "f0:4d:a2:73:4f:0e", ip => "130.242.130.30", hostname => 'dashboard-tug-2'; } # eduID FRE hosts dhcp::host { 'kvmidp-fre-3_eth0': mac => "18:03:73:41:f3:e8", ip => "130.242.130.68", hostname => 'kvmidp-fre-3'; } dhcp::host { 'kvmidp-fre-3_eth1': mac => "18:03:73:41:f3:e9", ip => "130.242.130.68", hostname => 'kvmidp-fre-3'; } dhcp::host { 'idp-fre-3a': mac => "52:54:00:04:00:01", ip => "130.242.130.69"; } dhcp::host { 'idp-fre-3b': mac => "52:54:00:04:00:02", ip => "130.242.130.70"; } dhcp::host { 'auth-fre-3_eth0': mac => "18:03:73:0f:41:3c", ip => "130.242.130.76", hostname => 'auth-fre-3'; } dhcp::host { 'auth-fre-3_eth1': mac => "18:03:73:0f:41:3d", ip => "130.242.130.76", hostname => 'auth-fre-3'; } dhcp::host { 'kvm-fre-3_eth0': mac => "f0:4d:a2:73:4b:e3", ip => "130.242.130.84", hostname => 'kvm-fre-3'; } dhcp::host { 'kvm-fre-3_eth1': mac => "f0:4d:a2:73:4b:e4", ip => "130.242.130.84", hostname => 'kvm-fre-3'; } dhcp::host { 'www-fre-3': mac => "52:54:00:06:00:01", ip => "130.242.130.86"; } dhcp::host { 'dashboard-fre-3': mac => "52:54:00:06:00:57", ip => "130.242.130.87"; } dhcp::host { 'signup-fre-3': mac => "52:54:00:06:00:58", ip => "130.242.130.88"; } dhcp::host { 'worker-fre-3': mac => "52:54:00:06:00:59", ip => "130.242.130.89"; } dhcp::host { 'mq-fre-3': mac => "52:54:00:06:00:5a", ip => "130.242.130.90"; } dhcp::host { 'db-fre-3_eth0': mac => "f0:4d:a2:73:4f:19", ip => "130.242.130.85", hostname => 'db-fre-3'; } dhcp::host { 'db-fre-3_eth1': mac => "f0:4d:a2:73:4f:1a", ip => "130.242.130.85", hostname => 'db-fre-3'; } dhcp::host { 'kvmapp-fre-3_eth0': mac => "78:45:c4:f7:90:ec", ip => "130.242.130.94", hostname => 'kvmapp-fre-3'; } dhcp::host { 'kvmapp-fre-3_eth1': mac => "78:45:c4:f7:90:ed", ip => "130.242.130.94", hostname => 'kvmapp-fre-3'; } # eduID LLA hosts dhcp::host { 'db-lla-2_eth0': mac => "f0:4d:a2:73:4e:08", ip => "130.242.130.148", hostname => 'db-lla-2'; } dhcp::host { 'db-lla-2_eth1': mac => "f0:4d:a2:73:4e:09", ip => "130.242.130.148", hostname => 'db-lla-2'; } # eduID Development subnets dhcp::pool {'eduid-tug-dev': network => '194.68.13.128', mask => '255.255.255.224', gateway => '194.68.13.129', range => '', options => 'domain-name-servers 109.105.111.31, 109.105.110.31', } dhcp::pool {'eduid-fre-dev': network => '194.68.13.160', mask => '255.255.255.224', gateway => '194.68.13.161', range => '', options => 'domain-name-servers 109.105.111.31, 109.105.110.31', } # eduID TUG development hosts dhcp::host { 'idp-tug-1': mac => "52:54:00:a0:00:92", ip => "194.68.13.146" } dhcp::host { 'testvm-tug-1': mac => "52:54:00:11:22:33", ip => "194.68.13.136" } dhcp::host { 'userdb-tug-1': mac => "52:54:00:93:22:29", ip => "194.68.13.132" } dhcp::host { 'userdb-tug-2': mac => "52:54:00:17:13:ff", ip => "194.68.13.133" } # eduID FRE development hosts dhcp::host { 'idp-fre-1': mac => "52:54:00:a1:00:b2", ip => "194.68.13.178" } dhcp::host { 'dash-fre-1': mac => "52:54:00:a2:00:a7", ip => "194.68.13.167" } dhcp::host { 'userdb-fre-1': mac => "52:54:00:17:13:f6", ip => "194.68.13.164" } } class sunet { # Until we have proper Puppet managing of SSH #ufw::allow { 'allow-ssh-sunet': # port => '22', # proto => 'tcp' #} package { 'emacs23-nox': ensure => 'installed' } sunet::server { 'sunet_server': } } class sunet-cdr { class { 'dhcp': dnsdomain => [ 'eduid.se','sunet.se' ], nameservers => ['130.242.80.14','130.242.80.99'], ntpservers => ['pool.ntp.org'], interfaces => ['bond0'], #pxeserver => '130.242.125.5', #pxefilename => 'pxelinux.0' } class { 'sunet-dhcp-hosts': } }