From 0b753edce1296910a72e24655263c93c53a5ff97 Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Tue, 25 Feb 2025 19:09:19 +0100 Subject: [PATCH] moved sthb-lb-1.sunet.se here --- global/overlay/etc/puppet/cosmos-rules.yaml | 6 +++ sthb-lb-1.sunet.se/README | 4 ++ .../overlay/etc/hiera/data/local.eyaml | 37 +++++++++++++++++ .../etc/netplan/00-installer-config.yaml | 41 +++++++++++++++++++ .../etc/ssl/sthb-lb-1.sunet.se_infra.pem | 35 ++++++++++++++++ 5 files changed, 123 insertions(+) create mode 100644 sthb-lb-1.sunet.se/README create mode 100644 sthb-lb-1.sunet.se/overlay/etc/hiera/data/local.eyaml create mode 100644 sthb-lb-1.sunet.se/overlay/etc/netplan/00-installer-config.yaml create mode 100644 sthb-lb-1.sunet.se/overlay/etc/ssl/sthb-lb-1.sunet.se_infra.pem diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml index 195991d..21cbc04 100644 --- a/global/overlay/etc/puppet/cosmos-rules.yaml +++ b/global/overlay/etc/puppet/cosmos-rules.yaml @@ -127,6 +127,12 @@ tug-lb-1.sunet.se: interface: 'enp67s0f0np0' sunet::fleetlock_client: +sthb-lb-1.sunet.se: + sunet::dockerhost2: + sunet::lb::load_balancer: + interface: 'enp67s0f0np0' + sunet::fleetlock_client: + nifrontend-sto1-prod-1.sunet.se: autoupdate: sunet::dockerhost2: diff --git a/sthb-lb-1.sunet.se/README b/sthb-lb-1.sunet.se/README new file mode 100644 index 0000000..9a73bce --- /dev/null +++ b/sthb-lb-1.sunet.se/README @@ -0,0 +1,4 @@ + +The system documentation is in the docs directory of the multiverse repository. + +- type make upgrade to run ubuntu/debian upgrade on all boxes diff --git a/sthb-lb-1.sunet.se/overlay/etc/hiera/data/local.eyaml b/sthb-lb-1.sunet.se/overlay/etc/hiera/data/local.eyaml new file mode 100644 index 0000000..99cb5d6 --- /dev/null +++ b/sthb-lb-1.sunet.se/overlay/etc/hiera/data/local.eyaml @@ -0,0 +1,37 @@ +--- +acme_c_ssh_key: > + ENC[PKCS7,MIIEWgYJKoZIhvcNAQcDoIIESzCCBEcCAQAxggJ+MIICegIBAD + BiMEoxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRV + lBTUwxGzAZBgNVBAMMEnN0aGItbGItMS5zdW5ldC5zZQIUF/sgkea26jV7tk + o0SqSG1K5uf8UwDQYJKoZIhvcNAQEBBQAEggIAo/GeihVzF5FDmZrmmSQ3DO + 1P9fD+ZRJ7Qqwg61Sp2EgFgzWrxO5al9tNVW2y1OkcvCoHf7Ig+hHCZxS8KF + b5StCgiyPLdmt9tNiO7NmsNAIeArj2gDNmtSwT9e079tZC1000dxqBKE1KnU + k099W7IEw1R05uNi9Yeg/agoPiIi1j4cjnc94+/LSBVdc9zRIVx1ToO6rTEn + oMvMlPiEMn9Jh1N3G7QMEqZ85CXgkeE7xW5DwmoRfee6Ho09vb7dukbVDTIz + vCwq4/EuEvZeof69XD9NmVjbc0PROrLeL+4QJOMBgyORlqRPZa0htmQO8yHp + CDg/xB//i6hPtXQfmT0rHC+buU1sb8n9cRPWAVgxd0cL/n5LQ6a72BscQRQ4 + Z9eJD4uIz9pJNl7ZdmQxjmB42CdtbJsr3NY9Y69I6kRxwgdGqeNL9oP7ci79 + mFX4QRdwT6hhSf3Ue+3rEF/h0MUaegY+jrsR7NmO6OG5n4mMxsn0JD1RcrOl + uoervhm38vPFNQgDDYMea8MBGf1aPRRIxfcP+JYVUMiXSB/Rj7F35NEkgLwY + HjtmPYF6TX6cMPcM5u0xvbZiTPvbWcvekGMN3QIrxUg6ABWw02siWlcWA5QR + nzVuc4MtCnaiOnnOZccHvDPKWnanlZ9FSCzdlr7ffoKzFO3TVS3yib4WImAs + YwggG+BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBA7a+Wi977pwOpHOFQ3+J + otgIIBkCqx9Pe1P0r5Em3i4G+MuTHqbV3l/RcLTPD9ib/BYzqIanWPmckcyJ + WU1+R8kOn0NgjWdm3KIg6Nxv+9QoSkjOv7jBXtkm/xWmCXknBV42PlCgqXK8 + XZcAydxGzYmV0Mgwo8XmX1Ge/vMJn4wn+Miex2HOqaa83bdbxQ+9AmU5qG5v + Oj3GOx2wC4Mc8DrMP7yPLawZamvX3PnZhOlB7kVrbAAclB7f2yDDHxv1nOHy + YE4B69O40ECt3SM0dQbVWHSRGq8dTvLrudLqfBex74MULPrnL85lxNrzFeHm + dDMCyVzLCf8sHVnHPqlVkin7RXT5vG0GutEBYj6RWlmmm1KtXPKfjYaK5VRz + Nz+rfhfyWwHKoWHmruGoqIVyJDa0aGlxi6NZVAF925jFdVDCPs2muhhmCYGa + k3gG0JUmJstXxRm6JHTasIeCdeFQIrK6n+cegPTJcAxjTmmVvrqda+PN6fMj + TLiUIfPVOQmZZm90CQThQz6vdthV3plIuR+A/l1IZ8TNj3mTOXWPjHgRDhw+ + E=] + +fleetlock_config: + sunet-frontends: + server: https://fl-prod.knubbis.sunet.se + password: ENC[PKCS7,MIIC5gYJKoZIhvcNAQcDoIIC1zCCAtMCAQAxggJ+MIICegIBADBiMEoxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRVlBTUwxGzAZBgNVBAMMEnN0aGItbGItMS5zdW5ldC5zZQIUF/sgkea26jV7tko0SqSG1K5uf8UwDQYJKoZIhvcNAQEBBQAEggIAvrmmSwK2MFMasm/RrQYi0aQXywD8SLBnVSvC75ZGYSOmgy6p3HVWAV9Kn7nIuoaW6lxsiAAbynLsD1oGj3UKF2j/BAwlOQA/iyget236pzrxGzYv2XPX5rrneu6x0w9HgiJnOW2hxIzmWFuvLVt+pel1EZpDReUNlIqmGGIFqBLsuLjZDhdi74pur6lKuMugHfpUXcJXe6kigbVXafaanUp+oNTZ1lXjwLvIlvzvQwHepvvPITLc9w/FSPeC+X58Si2cqfD2ZT7PTVfXJxGBvd0rXYJ4vIWZjYV4HhDUGEB86wsxiE1gE9xG7s0/PpiG+h1ya/28DpjNwdS6uV3SpBGiYSkktpxwLSC+LvTDFtGg5vs2kcaICMQ3ba9r8+NQeGcv2ow+emiO+UYJJeu+cqIoSa5GKhEwSYcL20h7a9CIhtaOwazTaW0tTF5PmABk79xJO69oSZaQbcnP0D81cHiLpDNhs002406RssRK0g0is5HoUR7YnvubzoyBo0bqBmjwPSO8UILleiZaJCmPbffQ31/hChy81y7+ZErsbJExTVYe1eey2PPlxZo8k/V8Btel8fbjCsCVSNyZTMpq3F3Adnl2qKowXiYEIsep0qYchY0i/2ijHDEsrukOGtEOFa4j/M8GWSOHlhq4SfKAhqXuo/65g7X2g3qSC0OD2xAwTAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQZ2rCIZWGiu/pirUycnepIYAgBlHM8TTh05RRbxJ0oEjvKuy3HHPYgKmiSgLZAop+/tA=] +cosmos_fleetlock_config: + fleetlock_group: sunet-frontends + fleetlock_healthcheck_timeout: 300 + fleetlock_lock_timeout: 300 diff --git a/sthb-lb-1.sunet.se/overlay/etc/netplan/00-installer-config.yaml b/sthb-lb-1.sunet.se/overlay/etc/netplan/00-installer-config.yaml new file mode 100644 index 0000000..3783d2c --- /dev/null +++ b/sthb-lb-1.sunet.se/overlay/etc/netplan/00-installer-config.yaml @@ -0,0 +1,41 @@ +# This file is manged by puppet. +network: + version: 2 + ethernets: + enp67s0f0np0: + addresses: [] + dhcp4: false + dhcp6: false + accept-ra: no + enp67s0f1np1: + addresses: [] + dhcp4: false + dhcp6: false + accept-ra: no + switchports: + match: {name: "bond0"} + bonds: + bond0: + addresses: + - 130.242.126.197/31 + - 2001:6b0:8:b::2/64 + routes: + - to: default + via: 130.242.126.196 + - to: default + via: 2001:6b0:8:b::1 + on-link: true + nameservers: + addresses: + - 89.32.32.32 + interfaces: + - enp67s0f0np0 + - enp67s0f1np1 + dhcp4: false + dhcp6: false + accept-ra: no + parameters: + mode: active-backup + mii-monitor-interval: 1 + gratuitious-arp: 5 + primary-reselect-policy: failure diff --git a/sthb-lb-1.sunet.se/overlay/etc/ssl/sthb-lb-1.sunet.se_infra.pem b/sthb-lb-1.sunet.se/overlay/etc/ssl/sthb-lb-1.sunet.se_infra.pem new file mode 100644 index 0000000..574b883 --- /dev/null +++ b/sthb-lb-1.sunet.se/overlay/etc/ssl/sthb-lb-1.sunet.se_infra.pem @@ -0,0 +1,35 @@ +-----BEGIN CERTIFICATE----- +MIIGLDCCBBSgAwIBAgIISt0dT2RBm6cwDQYJKoZIhvcNAQELBQAwPzEgMB4GA1UE +AxMXU1VORVQgSW5mcmFzdHJ1Y3R1cmUgQ0ExDjAMBgNVBAoTBVNVTkVUMQswCQYD +VQQGEwJTRTAeFw0yNDA3MDUxMzIwMDRaFw0yNTA3MDUxMzIwMDRaMDoxCzAJBgNV +BAYTAlNFMQ4wDAYDVQQKEwVTVU5FVDEbMBkGA1UEAxMSc3RoYi1sYi0xLnN1bmV0 +LnNlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9UV4vto1fEvBgCaj +/tHJ6/JxTwPlbtbjNeNih4te3fSbhIeoTLAdzuofPkPJ3SDcOYn6fcUfPIm1/8JW +7dKXTrARN+7BkMKN1us5iXMkEbICEj59+2/DBhrX3PtjxJU6hXiFK6OW8iJiC9bv +9rPXq+7tXuSpKIsAiMwWj8/A+vS/YXpFFlZy19OCbHDWIhXF4X5OpJeyJ3kSXwPe +lF4j6mTDqvynO4fYESBIJFH594jDHRLiJqBEbfIOWIrY/1xRtGsEkYjSa3N0X0AZ +ppox5qtiqW8v5hQbD6+D+zNrDEMYPg++kxufOH94QqgKMYbtpEL51lRp3WHusIlO +CCaXx9mwwtl9yJrAnHJ9Hi0RN/y0Zt5G3OCt+uHaf0F4tkhR/slqGuaajZmYlNB0 +KQatpzM/FzOouXBaKaPMWMO5gNYzcRuM4FW85Rpi6yovJgW4kVyk9sQvrpiKrH01 +jdViBl2nWiGBKeY+B53vXLbdEK9iMa4+BYBULU5BrsFTYNoXR/0nST9s99XgJTb0 +OBhFd8n1Hh3tiB8I0EW37Zw5pc8XnxxeSLjcrbk9TD02wqu40AS5BBXV/jg0DoIY +AklxwXzebofZlRuYBCESKN2Wx5JK31kXb1nIKQU3qpjq1t/rSJCmyN2VZfMHKQWi +exriKq93j53S1LVVsjsClyx42D0CAwEAAaOCAS8wggErMB0GA1UdDgQWBBTWQIzu +MKKJ+1UiwnAiiR3CAXeAhzAfBgNVHSMEGDAWgBTnLJ5RGrAdAR3mQrQnGjWTcMBt +1zA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAKGH2h0dHA6Ly9jYS5zdW5ldC5z +ZS9pbmZyYS9jYS5jcnQwMQYDVR0fBCowKDAmoCSgIoYgaHR0cDovL2NhLnN1bmV0 +LnNlL2luZnJhL2NybC5wZW0wIwYDVR0SBBwwGoYYaHR0cDovL2NhLnN1bmV0LnNl +L2luZnJhMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUF +BwMBBggrBgEFBQcDAjAdBgNVHREEFjAUghJzdGhiLWxiLTEuc3VuZXQuc2UwDQYJ +KoZIhvcNAQELBQADggIBAB9F03ownOEyCm6/cvmHSVUuO3sVp7QV9dQzJ6GPg9aF +QNJhAoRscAlfivqtZmUEUfhKak+p364nJxn//Ghiq+BV5UY95SUXXTvqn2JjpkiU +AQt/W9v0vJ8RG+ZyT7cScJXdrMAVaWUbG9jPKdoaen47YzH2s8ijCThv9ktVZ/v4 +cyatEXUMQHoMCs+5WU6LMR1ibwELK6IwacC3H5nZzbY9LPHx42s1dl45Xaahe8FQ +r/aAygw1ffIwr6dhcd8VqFLbUdhofyMSWUPBxB424IKPYaDKdHJVuoNGkE+7KruX ++WLQX4aGB7WAZJPIYQeJHOjjLODMlIF1eABdNQquAb1nQExcS3GGE8wWHxL2p0o8 +1CLa+vzsLLupONxiaOrqGM8k13+G5gvg7Ve4uNn9c7/LZ/STL4biqyo6IClnNOUr +mjeuohsiY3/1ezn434tLaFEXFtAx0Gx4EgSXgzEfqFfklELtgA8acn8sDXw2PyZG +uWZaClom+52fkoTZI19bq7SVcqS0v8VC7OmJpJ5bVkMmxumQRaTeib4wQTSopt3C +mcr+OVZ8o/R5GZ7jNEvgV3dgFOaysXvyF/Q2yUNmOnXrDZSnm4OT/jIEu23KnXFW +Ycux3yQyuXe2WCM9FReNKnWJ9xeAcT7jPwahxdNIV7o5+AcpVzrh5tPI0eiInykW +-----END CERTIFICATE-----