# This manifest is managed using cosmos Exec { path => "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", } # include some of this stuff for additional features #include cosmos::tools #include cosmos::motd #include cosmos::ntp #include cosmos::rngtools #include cosmos::preseed include ufw include apt include cosmos # you need a default node node default { } # edit and uncomment to manage ssh root keys in a simple way #class { 'cosmos::access': # keys => [ # "ssh-rsa ..." # ] #} # example config for the nameserver class which is matched in cosmos-rules.yaml #class nameserver { # package {'bind9': # ensure => latest # } # service {'bind9': # ensure => running # } # ufw::allow { "allow-dns-udp": # ip => 'any', # port => 53, # proto => "udp" # } # ufw::allow { "allow-dns-tcp": # ip => 'any', # port => 53, # proto => "tcp" # } #} ufw::allow {"allow-ssh-tcp": ip => 'any', port => 22, proto => 'tcp' } node 'sto-tug-kvm1.swamid.se' { class { 'dhcp': dnsdomain => [ 'eduid.se','sunet.se' ], nameservers => ['130.242.80.14','130.242.80.99'], ntpservers => ['pool.ntp.org'], interfaces => ['eth0'], #pxeserver => '130.242.125.5', #pxefilename => 'pxelinux.0' } class { 'sunet-dhcp-hosts': } } class sunet-dhcp-hosts { dhcp::pool {'sunet-servernet-tug-130.242.125.64/26': network => '130.242.125.64', mask => '255.255.255.192', gateway => '130.242.125.65', range => '' } dhcp::pool {'sunet-servernet-fre-130.242.125.128/26': network => '130.242.125.128', mask => '255.255.255.192', gateway => '130.242.125.129', range => '' } dhcp::pool {'install': network => '130.242.125.0', mask => '255.255.255.192', gateway => '130.242.125.1', range => '' } dhcp::pool {'eduid-tug-IdP': network => '130.242.130.0', mask => '255.255.255.248', gateway => '130.242.130.1', range => '' } dhcp::pool {'eduid-tug-auth': network => '130.242.130.8', mask => '255.255.255.248', gateway => '130.242.130.9', range => '' } dhcp::pool {'eduid-tug-other': network => '130.242.130.16', mask => '255.255.255.240', gateway => '130.242.130.17', range => '' } dhcp::pool {'eduid-fre-IdP': network => '130.242.130.64', mask => '255.255.255.248', gateway => '130.242.130.65', range => '' } dhcp::pool {'eduid-fre-auth': network => '130.242.130.72', mask => '255.255.255.248', gateway => '130.242.130.73', range => '' } dhcp::pool {'eduid-fre-other': network => '130.242.130.80', mask => '255.255.255.240', gateway => '130.242.130.81', range => '' } dhcp::pool {'eduid-lla-other': network => '130.242.130.144', mask => '255.255.255.240', gateway => '130.242.130.145', range => '' } # eduID TUG hosts dhcp::host { 'kvmidp-tug-2_eth0': mac => "24:b6:fd:fe:fa:51", ip => "130.242.130.4", hostname => 'kvmidp-tug-2'; } dhcp::host { 'kvmidp-tug-2_eth1': mac => "24:b6:fd:fe:fa:52", ip => "130.242.130.4", hostname => 'kvmidp-tug-2'; } dhcp::host { 'idp-tug-2a': mac => "52:54:00:01:00:01", ip => "130.242.130.5"; } dhcp::host { 'idp-tug-2b': mac => "52:54:00:01:00:02", ip => "130.242.130.6"; } dhcp::host { 'auth-tug-2_eth0': mac => "f0:4d:a2:73:4e:9b", ip => "130.242.130.12", hostname => 'auth-tug-2'; } dhcp::host { 'auth-tug-2_eth1': mac => "f0:4d:a2:73:4e:9c", ip => "130.242.130.12", hostname => 'auth-tug-2'; } dhcp::host { 'kvm-tug-2_eth0': mac => "f0:4d:a2:73:4f:82", ip => "130.242.130.20", hostname => 'kvm-tug-2'; } dhcp::host { 'kvm-tug-2_eth1': mac => "f0:4d:a2:73:4f:83", ip => "130.242.130.20", hostname => 'kvm-tug-2'; } dhcp::host { 'db-tug-2_eth0': mac => "24:b6:fd:fe:fa:f0", ip => "130.242.130.21", hostname => 'db-tug-2'; } dhcp::host { 'db-tug-2_eth1': mac => "24:b6:fd:fe:fa:f1", ip => "130.242.130.21", hostname => 'db-tug-2'; } dhcp::host { 'mq-tug-2': mac => "52:54:00:03:00:22", ip => "130.242.130.22"; } dhcp::host { 'worker-tug-2': mac => "52:54:00:03:00:23", ip => "130.242.130.23"; } dhcp::host { 'signup-tug-2': mac => "52:54:00:03:00:24", ip => "130.242.130.24"; } dhcp::host { 'helpdesk-tug-2': mac => "52:54:00:03:00:25", ip => "130.242.130.25"; } dhcp::host { 'www-tug-2': mac => "52:54:00:03:00:26", ip => "130.242.130.26"; } dhcp::host { 'dashboard-tug-2_eth0': mac => "f0:4d:a2:73:4f:0d", ip => "130.242.130.30", hostname => 'dashboard-tug-2'; } dhcp::host { 'dashboard-tug-2_eth1': mac => "f0:4d:a2:73:4f:0e", ip => "130.242.130.30", hostname => 'dashboard-tug-2'; } # eduID FRE hosts dhcp::host { 'kvmidp-fre-2_eth0': mac => "18:03:73:41:f3:e8", ip => "130.242.130.68", hostname => 'kvmidp-fre-2'; } dhcp::host { 'kvmidp-fre-2_eth1': mac => "18:03:73:41:f3:e9", ip => "130.242.130.68", hostname => 'kvmidp-fre-2'; } dhcp::host { 'idp-fre-2a': mac => "52:54:00:04:00:01", ip => "130.242.130.69"; } dhcp::host { 'idp-fre-2b': mac => "52:54:00:04:00:02", ip => "130.242.130.70"; } dhcp::host { 'auth-fre-2_eth0': mac => "18:03:73:0f:41:3c", ip => "130.242.130.76", hostname => 'auth-fre-2'; } dhcp::host { 'auth-fre-2_eth1': mac => "18:03:73:0f:41:3d", ip => "130.242.130.76", hostname => 'auth-fre-2'; } dhcp::host { 'kvm-fre-2_eth0': mac => "f0:4d:a2:73:4b:e3", ip => "130.242.130.84", hostname => 'kvm-fre-2'; } dhcp::host { 'kvm-fre-2_eth1': mac => "f0:4d:a2:73:4b:e4", ip => "130.242.130.84", hostname => 'kvm-fre-2'; } dhcp::host { 'www-fre-2': mac => "52:54:00:06:00:01", ip => "130.242.130.86"; } dhcp::host { 'db-fre-2_eth0': mac => "f0:4d:a2:73:4f:19", ip => "130.242.130.85", hostname => 'db-fre-2'; } dhcp::host { 'db-fre-2_eth1': mac => "f0:4d:a2:73:4f:1a", ip => "130.242.130.85", hostname => 'db-fre-2'; } # eduID LLA hosts dhcp::host { 'db-lla-2_eth0': mac => "f0:4d:a2:73:4e:08", ip => "130.242.130.148", hostname => 'db-lla-2'; } dhcp::host { 'db-lla-2_eth1': mac => "f0:4d:a2:73:4e:09", ip => "130.242.130.148", hostname => 'db-lla-2'; } # eduID Development subnets dhcp::pool {'eduid-tug-dev': network => '194.68.13.128', mask => '255.255.255.224', gateway => '194.68.13.129', range => '' } dhcp::pool {'eduid-fre-dev': network => '194.68.13.160', mask => '255.255.255.224', gateway => '194.68.13.161', range => '' } # eduID TUG development hosts dhcp::host { 'testvm-tug-1': mac => "52:54:00:11:22:33", ip => "194.68.13.136" } } class sunet { # Until we have proper Puppet managing of SSH #ufw::allow { 'allow-ssh-sunet': # port => '22', # proto => 'tcp' #} package { 'emacs23-nox': ensure => 'installed' } sunet::server { 'sunet_server': } } class sunet-cdr { class { 'dhcp': dnsdomain => [ 'eduid.se','sunet.se' ], nameservers => ['130.242.80.14','130.242.80.99'], ntpservers => ['pool.ntp.org'], interfaces => ['bond0'], #pxeserver => '130.242.125.5', #pxefilename => 'pxelinux.0' } class { 'sunet-dhcp-hosts': } }