diff --git a/global/overlay/etc/hiera/data/common.yaml b/global/overlay/etc/hiera/data/common.yaml new file mode 100644 index 0000000..6c74c9c --- /dev/null +++ b/global/overlay/etc/hiera/data/common.yaml @@ -0,0 +1,30 @@ +sunet_ssh_keys: + + 'bjorklund+29642588': + name : 'bjorklund+29642588@sunet.se' + key : "AAAAB3NzaC1yc2EAAAADAQABAAACAQDmaBCATc2HlIqkKW6kXN6qLBArPsuszk93\ + pCz5VGgtErPYYOx2jYdcwNiApTCOd7BkHaFjJpvaNjnaKIc+L01bQvkp7vZPTqfhXdxjROuy\ + di1OtNn60LTyROmlgcLVlOEjlMENSYR7CRUsgF7ZoBolKOFRPRXLisZ7Ni0wyDBHuLSObpEg\ + L5X8idosGAmx3taqMaj+3+XKvvRMUfhllySE/ZDidVmLKN7003mk7XKqAy4o1Z1ojIjkVFol\ + IeOSshHTuSrpBVtqBDD4ljcayZabxz3B76aaSUE6L/VM2zsyJUmr9AyyD/HmTVrvnXMyzub5\ + vhlCdnDJ6Eqfe27ZagSMK4w+p98qJqlEYGuE9QqEr768g7sDyyFD8Tfu7Dlr9VQrnoUJ4QAb\ + OrScb/XxABHqQrU/TXxTzzuxk25OvgjbftwWZhVMwpCN39DnKCjk7Ut0jBBElaUgorFFVOAb\ + f5DKXHxvWsitJ/WydYA6q+CFQRwp8AhxpUGM+G4LrgT8v0rw5rbqUP3VNF1cqF+CEc7Cfz2b\ + 7V3A2Z2yC5EPcQOOT3YnEVINVMpBTG5TjPWQOEZHGPdK8ve9NkwuU1fcYH09cxAq1esvjm91\ + Wq7iJPJVhD9YES9rMeZVR0ulFwdYbUXoWwK6bbWa3CdAAzhW3HrYrhWj9WAoJuQ5iz4Ql8X7\ + nw==" + +soc_ssh_keys: + 'root': + - 'bjorklund+29642588' + +mgmt_addresses: + - 130.242.125.68 # hoppjerka.sunet.se + - 2001:6b0:8:4::68 # hoppjerka.sunet.se + - 130.242.121.73 # joppherka.sunet.se + - 2001:6b0:7:6::73 # joppherka.sunet.se + +nrpe_clients: + - 127.0.0.1 + - 127.0.1.1 + - 89.45.237.85 diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml index cffd808..16d45fb 100644 --- a/global/overlay/etc/puppet/cosmos-rules.yaml +++ b/global/overlay/etc/puppet/cosmos-rules.yaml @@ -1,3 +1,4 @@ # Note that the matching is done with re.match() -'^ns[0-9]?.mnt.se$': - nameserver: +'.*\.cert\.sunet\.se$': + sunet::server: + ssh_allow_from_anywhere: false diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 1549a00..5771e7e 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -49,3 +49,9 @@ node default { # proto => "tcp" # } #} + +class soc { + sunet::ssh_keys {'soc': + config => safe_hiera('soc_ssh_keys', {}) + } +}