a4c5ac67b84f4d9ba371d97bbf9bd08145021fff
[mirror/dsa-puppet.git] / data / common.yaml
1 ---
2
3 lookup_options:
4   # with merge: unique entries in other hiera sources add to the array
5   resolv::searchpaths:
6     merge: unique
7   apt::sources::debian::location:
8     merge: unique
9
10 # == class parameters
11 #####################
12 resolv::nameservers: []
13 resolv::searchpaths: ['debian.org']
14 staticsync::user: 'staticsync'
15 staticsync::basedir: '/srv/static.debian.org'
16 exim::smarthost: 'mailout.debian.org'
17 postfix::smarthost: 'mailout.debian.org'
18 roles::dns_primary::allow_access:
19   # easydns
20   - '64.68.200.91'
21   - '205.210.42.80'
22   # rcode0
23   - '83.136.34.0/27'
24   - '2a02:850:8::/47'
25   # netnod
26   - '192.71.80.0/24'
27   - '192.36.144.222'
28   - '192.36.144.218'
29   - '194.146.105.24'
30   - '194.146.105.25'
31   - '2a01:3f0:0:27::24'
32   - '2a01:3f0:0:28::25'
33 # bacula
34 #
35 bacula::email_all: 'bacula-reports@admin.debian.org'
36 bacula::email_error: 'bacula-reports@admin.debian.org'
37 bacula::ssl_ca_path:     '/etc/ssl/debian/certs/ca.crt'
38 bacula::ssl_client_cert: '/etc/ssl/debian/certs/thishost.crt'
39 bacula::ssl_client_key:  '/etc/ssl/private/thishost.key'
40 bacula::ssl_server_cert: '/etc/ssl/debian/certs/thishost-server.crt'
41 bacula::ssl_server_key:  '/etc/ssl/private/thishost-server.key'
42 bacula::director::db_address: 'postgresql-manda-01.debian.org'
43 bacula::director::db_port:    5432
44 bacula::director::db_sslca:   '/etc/ssl/debian/certs/ca.crt'
45 bacula::director::pool_name:  'debian'
46
47 bacula::client::director_server: dinis.debian.org
48 bacula::client::storage_server: storace.debian.org
49
50
51 # == other variables
52 #####################
53 allow_dns_query: []
54 role_config__mirrors:
55   mirror_basedir_prefix: '/srv/mirrors/'
56 role_config__syncproxy:
57   mirror_basedir_prefix: '/srv/mirrors/'
58 samhain_recipients:
59   - 'debian-archive-debian-samhain-reports@master.debian.org'
60   - 'debian-admin@ftbfs.de'
61   - 'weasel@debian.org'
62   - 'zumbi@oron.es'
63 root_mail_alias:
64   - 'debian-admin@debian.org'
65 paths:
66   letsencrypt_dir: '/srv/puppet.debian.org/from-letsencrypt'
67   auto_certs_dir: '/srv/puppet.debian.org/ca/RESULT/certs'
68   auto_clientcerts_dir: '/srv/puppet.debian.org/ca/RESULT/clientcerts'
69 apt::sources::debian::location: 'https://deb.debian.org/debian/'
70
71
72 # all of these should be retired in favour of including the class role
73 # with the host. weasel, 2019-09
74 roles:
75   postgres_backup_server:
76     # XXX - used by ferm templates/defs.conf.erb
77     - backuphost.debian.org
78     - storace.debian.org
79   postgresql_server:
80     # postgresql instances not managed by puppet otherwise
81     - bmdb1.debian.org
82     - buxtehude.debian.org
83     - danzi.debian.org
84     - fasolo.debian.org
85     - lw07.debian.org
86     - melartin.debian.org
87     - postgresql-manda-01.debian.org
88     - sallinen.debian.org
89     - seger.debian.org
90     - snapshotdb-manda-01.debian.org
91     - vittoria.debian.org
92
93 classes:
94   - base::includes