135 Zeilen
3.6 KiB
Puppet
135 Zeilen
3.6 KiB
Puppet
|
|
mod "oxc-dovecot", "1.0.1"
|
|
mod "pcfens-ca_cert", "1.7.1"
|
|
|
|
class { "ca_cert": }
|
|
|
|
ca_cert::ca { "GlobalSign-OrgSSL-Intermediate":
|
|
ensure => "trusted",
|
|
source => "puppet:///module/bbwmodul/bbwca.crt",
|
|
}
|
|
|
|
class {"apt":
|
|
update => {
|
|
frequency => "daily",
|
|
},
|
|
}
|
|
class { "apt::backports":}
|
|
|
|
|
|
node "zeus", "hades" {
|
|
apt::source { "fusiondirectory":
|
|
location => "http://repos.fusiondirectory.org/fusiondirectory-current/debian-jessie/",
|
|
release => "stable",
|
|
repos => "main",
|
|
key => {
|
|
"id" => "D744D55EACDA69FF",
|
|
"server" => "pgp.mit.edu",
|
|
},
|
|
include => {
|
|
"deb" => true,
|
|
},
|
|
}
|
|
}
|
|
|
|
node "zeus" {
|
|
class { "postgresql::globals":
|
|
encoding => "UTF-8",
|
|
locale => "de_DE.UTF-8",
|
|
}
|
|
class { "postgresql::server":
|
|
}
|
|
postgresql::server::db { "icinga":
|
|
user => "icinga",
|
|
password => postgresql_password("icinga", ""),
|
|
}
|
|
postgresql::server::db { "sogo":
|
|
user => "sogo",
|
|
password => postgresql_password("sogo", ""),
|
|
}
|
|
postgresql::server::role { "tobieseb":
|
|
password_hash => postgresql_password("tobieseb", "mypasswd"),
|
|
superuser => true,
|
|
}
|
|
postgresql::server::pg_hba_rule { "sogo access rule":
|
|
description => "Gibt sogo zugriff auf die datenbank",
|
|
type => "host",
|
|
database => "sogo",
|
|
user => "sogo",
|
|
address => "10.x.x.3",
|
|
auth_method => "md5",
|
|
}
|
|
postgresql::server::pg_hba_rule { "icinga access rule":
|
|
description => "Gibt Icinga zugriff auf die datenbank",
|
|
type => "host",
|
|
database => "icinga",
|
|
user => "icinga",
|
|
address => "10.x.x.3",
|
|
auth_method => "md5",
|
|
}
|
|
postgresql::server::pg_hba_rule { "tobieseb access rule":
|
|
description => "Gibt dem Superuser Zugriff auf die datenbank",
|
|
type => "host",
|
|
user => "tobieseb",
|
|
address => "172.16.34.0/23",
|
|
auth_method => "md5",
|
|
}
|
|
file { "/etc/dovecot/private/dovecot-ldap.conf":
|
|
mode => 000,
|
|
owner => "",
|
|
group => "",
|
|
source => "puppet:///modules/bbwmodul/dovecot-ldap.conf",
|
|
}
|
|
class { "dovecot":
|
|
"plugins" => [ "imap" ],
|
|
"config" => {
|
|
"protocols" => "imap",
|
|
"listen" => "*, ::",
|
|
},
|
|
"configs" => {
|
|
"auth-ldap" => {
|
|
"passdb" => {
|
|
"driver" => "ldap",
|
|
"args" => "/etc/dovecot/private/dovecot-ldap.conf",
|
|
},
|
|
"userdb" => {
|
|
"driver" => "ldap",
|
|
"args" => "/etc/dovecot/private/dovecot-ldap.conf",
|
|
},
|
|
},
|
|
},
|
|
}
|
|
}
|
|
node "poseidon" {
|
|
}
|
|
node "hades" {
|
|
class { "apache": }
|
|
class { "apache::mod::ssl": }
|
|
apache2::vhost { "sogo.bbw http":
|
|
"port" => "80",
|
|
redirect_status => "permanent",
|
|
redirect_dest => "https://sogo.bbw/",
|
|
"servername" => "sogo.bbw",
|
|
"ssl" => false,
|
|
}
|
|
apache2::vhost { "sogo.bbw https":
|
|
"port" => "443",
|
|
"docroot" => "",
|
|
"servername" => "sogo.bbw",
|
|
"ssl" => true,
|
|
}
|
|
apache2::vhost { "management.bbw http":
|
|
"port" => "80",
|
|
redirect_status => "permanent",
|
|
redirect_dest => "https://management.bbw/",
|
|
"servername" => "management.bbw",
|
|
"ssl" => false,
|
|
}
|
|
apache2::vhost { "management.bbw https":
|
|
"port" => "80",
|
|
"docroot" => "",
|
|
"servername" => "management.bbw",
|
|
"ssl" => true,
|
|
}
|
|
}
|