defaults.yaml
No OneTemporary
Actions

Size

22 KB

Subscribers

None

defaults.yaml
View Options

	---
	ntp::servers:
	- sesi-ntp1.inria.fr
	- sesi-ntp2.inria.fr

	smtp::relayhost: '[smtp.inria.fr]'
	smtp::mydestination:
	- "%{::fqdn}"
	smtp::mynetworks:
	- 127.0.0.0/8
	- "[::ffff:127.0.0.0]/104"
	- "[::1]/128"
	smtp::relay_destinations: {}
	smtp::virtual_aliases: {}
	smtp::mail_aliases:
	root:
	- olasd
	- zack
	zack:
	- zack@upsilon.cc
	ardumont:
	- antoine.romain.dumont@gmail.com
	olasd:
	- nicolas+swhinfra@dandrimont.eu
	swhworker:
	- zack
	- olasd
	- ardumont
	swhstorage:
	- root
	postgres:
	- root

	locales::default_locale: C.UTF-8
	locales::installed_locales:
	- C.UTF-8 UTF-8
	- en_US.UTF-8 UTF-8
	- fr_FR.UTF-8 UTF-8
	- it_IT.UTF-8 UTF-8

	packages:
	- etckeeper
	- htop
	- molly-guard
	- moreutils
	- ncdu
	- vim
	- zsh

	users:
	root:
	uid: 0
	full_name:
	shell: /bin/bash
	groups: []
	authorized_keys:
	root@louvre:
	type: ssh-rsa
	key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDMLEWHlUQldlvZs5rg0y42lRNAfOhD+6pmO8a73DzpJWHTqvAlfteLpU78IPjSacB4dO5ish1E/1RX/HC+Bt8p2v4RBqbCnVLx2w+Hx4ahWu6qbeTVmTz+U++1SQrHnL08fSlhT0OekCw0lRZM2sQq21FZi6+vul97Ecikag4Xaw6Qfumylu94pM3t05uzTUlKk1+6VMCjhT8dlSe8VS8OirVQpE/OqYtTMAWtQaMXGHPCsqDdYRAKzkJ8GjH7ydZmX5VCRyqS0RvPKAlcJfLCs5HBtv0u5rbeGtiHhuzhj/j3YgS/6NJOC2mUfcetcDOMPLnhkKpnF0vUAzTsJ7aR
	zack:
	uid: 1000
	full_name: Stefano Zacchiroli
	shell: /usr/bin/zsh
	groups:
	- swhdev
	- swhstorage
	- swhdeploy
	- sudo
	authorized_keys:
	zack@aquarium:
	type: ssh-rsa
	key: AAAAB3NzaC1yc2EAAAABIwAAAgEAwHDrj8B6DeStBwz0sLeH+gbmnyqDqS2s+slGpkSdXaKMjQRS50YWU0oOSYkZcg1RoL7G85XE7t9JhHiumHC649k0lsdcS4h8nQBVsYKfpLkJy4bm0ru2mTkwrK4j165yZ3n5ygYPwi+IGfgYIz0bmN3LNrFM60H7VGYe7UouvFpvA+wIqURU7rX3K+ZNdWVkO4CAGoHs3mS/M88HfsADvS3jotRuoC43FTbcSaIw0/riaTyBTcy/N2Q7Muag6dGSwwuFRsp3uBX4jLre0+bf/jrqLWECY2KAlottfKePsOtQe8vy7Hj7xURwf8AJQ3lVTG1vPC4df8c7c09aTlyUH1sHN5gO7ZO3QU9wpQQFsp5jfoSSZzRGSw8HjsJaTKvl6Kte6VvtBKsUOTjxxuvfdRQXiPsmP+eLgtNDWnIo84mdhnlbeTOS85E5CfLHEh6dSbV2P1Gv/ZSFfkCGghmAbSQa01lRAXmFM+JHtEe+sUdbnZ2aQuM4OLuq8trXBs4lA8rvzxReot/zohFLX1Ys+dRKT2G64RzfYIOUaFGG2ZYSA5lT6jvSM2OGXpzlavJjz+Q9BydnCRVVRu2aCRWj0farOvJR4rRGdF7fj1XYJWNwoCzAaJAaiuC7Zl+zwbeZfDmImVR5/OZE0mfDPGcgiGdQiR7YvMYolytpXjtS0zc=
	olasd:
	uid: 1001
	full_name: Nicolas Dandrimont
	shell: /bin/bash
	groups:
	- swhdev
	- swhstorage
	- swhdeploy
	- sudo
	authorized_keys:
	nicolasd@darboux:
	type: ssh-rsa
	key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDZ1TCpfzrvxLhEMhxjbxqPDCwY0nazIr1cyIbhGD2bUdAbZqVMdNtr7MeDnlLIKrIPJWuvltauvLNkYU0iLc1jMntdBCBM3hgXjmTyDtc8XvXseeBp5tDqccYNR/cnDUuweNcL5tfeu5kzaAg3DFi5Dsncs5hQK5KQ8CPKWcacPjEk4ir9gdFrtKG1rZmg/wi7YbfxrJYWzb171hdV13gSgyXdsG5UAFsNyxsKSztulcLKxvbmDgYbzytr38FK2udRk7WuqPbtEAW1zV4yrBXBSB/uw8EAMi+wwvLTwyUcEl4u0CTlhREljUx8LhYrsQUCrBcmoPAmlnLCD5Q9XrGH
	ardumont:
	uid: 1003
	full_name: Antoine R. Dumont
	shell: /bin/bash
	groups:
	- swhdev
	- swhstorage
	- swhdeploy
	- sudo
	authorized_keys:
	eniotna.t@gmail.com:
	type: ssh-rsa
	key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDZarzgHrzUYspvrgSI6fszrALo92BDys7QOkJgUfZa9t9m4g7dUANNtwBiqIbqijAQPmB1zKgG6QTZC5rJkRy6KqXCW/+Qeedw/FWIbuI7jOD5WxnglbEQgvPkkB8kf1xIF7icRfWcQmK2je/3sFd9yS4/+jftNMPPXkBCxYm74onMenyllA1akA8FLyujLu6MNA1D8iLLXvz6pBDTT4GZ5/bm3vSE6Go8Xbuyu4SCtYZSHaHC2lXZ6Hhi6dbli4d3OwkUWz+YhFGaEra5Fx45Iig4UCL6kXPkvL/oSc9KGerpT//Xj9qz1K7p/IrBS8+eA4X69bHYYV0UZKDADZSn
	ardumont@louvre:
	type: ssh-rsa
	key: AAAAB3NzaC1yc2EAAAADAQABAAABAQC0Xj8nwGWTb6VGFNIrlhVTLX6VFTlvpirjdgOTOz8riRxBTS9ra35g3cz8zfDl0iVyE455GXzxlm33w/uu3DX0jQOIzkcoEBRw+T33EK89lo6tCCd9xQrteWCTNR1ZBFloHSnYk2m7kw9kyrisziyAdULsCrXmMd3BH1oJyEpISA+sv/dtVpIOWdEQmkbLmdHl2uEdjBLjqb3BtAp2oJZMmppE5YjAx0Aa1+7uSnURf7NnwMx+0wTDMdfqn8z4wqI8eQny+B+bqLH9kY++52FfMVALuErGh5+75/vtd2xzRQamjKsBlTGjFFbMRagZiVNLDX2wtdudhNmnQDIKA+rH
	swhworker:
	uid: 1004
	full_name: SWH Worker Acccount
	shell: /bin/bash
	groups:
	- swhdeploy
	swhstorage:
	uid: 1005
	full_name: SWH Storage Account
	shell: /bin/bash
	groups:
	- swhdeploy
	- swhstorage
	swhwebapp:
	uid: 1006
	full_name: SWH Web App Account
	shell: /bin/bash
	groups: []
	swhbackup:
	uid: 1007
	full_name: SWH Backup Account
	shell: /bin/bash
	groups: []

	groups:
	swhdev:
	gid: 1002
	swhstorage:
	gid: 1005
	swhdeploy:
	gid: 1006
	swhbackup:
	gid: 1007
	swhwebapp:
	gid: 1008
	sudo:
	gid: 27 # assigned from base-files

	munin::node::allow:
	- 192.168.100.29

	munin::node::plugins::enable:
	- apt
	- postfix_mailvolume
	- postfix_mailqueue

	munin::node::plugins::disable:
	- apt_all
	- exim_mailstats
	- exim_mailqueue

	munin::master::hostname: munin.internal.softwareheritage.org

	munin::plugins::rabbitmq::messages_warn: 18000000
	munin::plugins::rabbitmq::messages_crit: 20000000
	munin::plugins::rabbitmq::queue_memory_warn: 1073741824 # 1GB
	munin::plugins::rabbitmq::queue_memory_crit: 2147483648 # 2GB

	puppet::master::hostname: pergamon.internal.softwareheritage.org

	strict_transport_security::max_age: 15768000

	# Those variables get picked up by 'include ::php::fpm::daemon'
	php::fpm::daemon::log_owner: www-data
	php::fpm::daemon::log_group: adm
	php::fpm::daemon::log_dir_mode: '0750'

	# Those variables get picked up by 'include ::apache'
	apache::server_tokens: 'Prod'
	apache::server_signature: 'Off'
	apache::trace_enable: 'Off'

	# Those variables need to be set manually in the SSL vhosts.
	apache::ssl_protocol: all -SSLv2 -SSLv3
	apache::ssl_honorcipherorder: 'On'
	apache::ssl_cipher: EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
	apache::hsts_header: "add Strict-Transport-Security \"max-age=%{hiera('strict_transport_security::max_age')}\""

	ssl:
	star_softwareheritage_org:
	certificate: \|
	-----BEGIN CERTIFICATE-----
	MIIGlTCCBX2gAwIBAgIQDjmSRHUEXcLOQA5yynS0ljANBgkqhkiG9w0BAQsFADBk
	MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJ
	QW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wg
	Q0EgMzAeFw0xNTEwMTUwMDAwMDBaFw0xODEwMTkxMjAwMDBaMIG/MQswCQYDVQQG
	EwJGUjERMA8GA1UECBMIWXZlbGluZXMxFTATBgNVBAcTDFJvY3F1ZW5jb3VydDFJ
	MEcGA1UEChNASW5zdGl0dXQgTmF0aW9uYWwgZGUgUmVjaGVyY2hlIGVuIEluZm9y
	bWF0aXF1ZSBldCBlbiBBdXRvbWF0aXF1ZTEaMBgGA1UECxMRU29mdHdhcmUgSGVy
	aXRhZ2UxHzAdBgNVBAMMFiouc29mdHdhcmVoZXJpdGFnZS5vcmcwggIiMA0GCSqG
	SIb3DQEBAQUAA4ICDwAwggIKAoICAQDkJbBlHS8qDspHFiif9yqNrSalWNcAoxUr
	JRAW9NGhj98PTu3nVnmcLSkGLhXGNUkoU3xQ7p9fSQmHLgun4Suw4/DzRhwIyrXz
	pb1WjoMbaSqMenROexSb7C7YnwX19BH8d8A3Hut+VKzYLMG9/aevS7gd6+cLOT7P
	GTL6P5hL2XZfHlK/P8NNtWkefXrZJ/7TeD3Tx2wuzaercglsmfOQ2RJamLOr9oRR
	3++hxAQrrq0o3k0t8d7OWMNAFsrxzJJRpfoEWM9GYNzDbmsoOAKUwgZtgDs/seV+
	zByuzE3EC3Br1kNOc9bnNGn1p5Vybk1Pnu/MpkYaxG35oTN6r4i9whH1EJA6Ag8b
	cPOO9rR66emmyVc7PyGJl3zo6ajfzJ8WLrElLeofqcxIi10pr7jLEoIxWUmTHTRa
	2yi9juR9gWnMl930yTuNMF2YPlZFwGJq0UY2Bqpey25UdLUIYraqzn6I6Jpc52fq
	CUgmA390pyADqe8EhgOC6+BhTn0fFLnoOr0+p2kXLUHpCCG7ZmPg/mIkb4aX589o
	rRYbkhKx2yvpAYtwmcPdmOTkXry+j+ifXGbdmT6/uYeWmzYEuDFSI/cPm9OlSBgv
	TGop9uMOvrlHSzsLFlmZd05SweCjs/30EpRiIzdPD0bgA6QUk8s/Y6tstyR2aY4r
	gjDGFuPgfwIDAQABo4IB5TCCAeEwHwYDVR0jBBgwFoAUZ/2IIBQnmMcJ0iUZu+lR
	EWN1UGIwHQYDVR0OBBYEFF/v9armSIX9Cc27QHF7arptmN5MMDcGA1UdEQQwMC6C
	Fiouc29mdHdhcmVoZXJpdGFnZS5vcmeCFHNvZnR3YXJlaGVyaXRhZ2Uub3JnMA4G
	A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYD
	VR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL1RFUkVOQVNT
	TENBMy5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9URVJFTkFT
	U0xDQTMuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEW
	HGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMG4GCCsGAQUF
	BwEBBGIwYDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMDgG
	CCsGAQUFBzAChixodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vVEVSRU5BU1NM
	Q0EzLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCYCI6aos3H
	z+uchhCCaxQNyxcjwQPdlNkQtdpJPxDEX6cOBPp3zFIhakQJHMbKrJBd4UEDTrzF
	zcJWNmZpFVs7nmSIYP5Asb74gQ83OoGL4IZBZNl6l7id99SmldeVl/Ptbfdkt8cw
	gV/8SgwLXSIxB/aStyo0eytdxri+BqZwKjJejaKfhzxCe50gLJaS+zyjTvlhljA1
	vDYmBramvEzGbt5ONEEAnPAYhKsSdZGo71ARbrit/nuLVUmY8zvoGblTNZHHRgT/
	JPsYp3CjKIVTX9v5tQjaTVt6oPaL9yQhBJaj1dbMrYmVyyaLyrY8i/O/Gdbfcesl
	wOHPLsGhuYNF
	-----END CERTIFICATE-----
	ca_bundle: \|
	-----BEGIN CERTIFICATE-----
	MIIE+zCCA+OgAwIBAgIQCHC8xa8/25Wakctq7u/kZTANBgkqhkiG9w0BAQsFADBl
	MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
	d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
	b3QgQ0EwHhcNMTQxMTE4MTIwMDAwWhcNMjQxMTE4MTIwMDAwWjBkMQswCQYDVQQG
	EwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFt
	MQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzCCASIw
	DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMV2Dw/ZQyk7bG3RR63eEL8jwnio
	Snc18SNb4EweQefCMQC9iDdFdd25AhCAHo/tZCMERaegOTuBTc9jP8JJ/yKeiLDS
	lrlcinQfkioq8hLIt2hUtVhBgUBoBhpPhSn7tU08D08/QJYbzqjMXjX/ZJj1dd10
	VAWgNhEEEiRVY++Udy538RV27tOkWUUhn6i+0SftCuirOMo/h9Ha8Y+5Cx9E5+Ct
	85XCFk3shKM6ktTPxn3mvcsaQE+zVLHzj28NHuO+SaNW5Ae8jafOHbBbV1bRxBz8
	mGXRzUYvkZS/RYVJ+G1ShxwCVgEnFqtyLvRx5GG1IKD6JmlqCvGrn223zyUCAwEA
	AaOCAaYwggGiMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMHkG
	CCsGAQUFBwEBBG0wazAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQu
	Y29tMEMGCCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGln
	aUNlcnRBc3N1cmVkSURSb290Q0EuY3J0MIGBBgNVHR8EejB4MDqgOKA2hjRodHRw
	Oi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290Q0EuY3Js
	MDqgOKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVk
	SURSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxo
	dHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBRn/YggFCeYxwnS
	JRm76VERY3VQYjAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzANBgkq
	hkiG9w0BAQsFAAOCAQEAqSg1esR71tonHqyYzyc2TxEydHTmQN0dzfJodzWvs4xd
	xgS/FfQjZ4u5b5cE60adws3J0aSugS7JurHogNAcyTnBVnZZbJx946nw09E02DxJ
	WYsamM6/xvLYMDX/6W9doK867mZTrqqMaci+mqege9iCSzMTyAfzd9fzZM2eY/lC
	J1OuEDOJcjcV8b73HjWizsMt8tey5gvHacDlH198aZt+ziYaM0TDuncFO7pdP0GJ
	+hY77gRuW6xWS++McPJKe1e9GW6LNgdUJi2GCZQfXzer8CM/jyxflp5HcahE3qm5
	hS+1NGClXwmgmkMd1L8tRNaN2v11y18WoA5hwnA9Ng==
	-----END CERTIFICATE-----
	star_internal_softwareheritage_org:
	certificate: \|
	-----BEGIN CERTIFICATE-----
	MIIGsDCCBZigAwIBAgIQD1wiwe+Cg9VcwL5QrB+UqzANBgkqhkiG9w0BAQsFADBk
	MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJ
	QW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wg
	Q0EgMzAeFw0xNTEwMTUwMDAwMDBaFw0xODEwMTkxMjAwMDBaMIHIMQswCQYDVQQG
	EwJGUjERMA8GA1UECBMIWXZlbGluZXMxFTATBgNVBAcTDFJvY3F1ZW5jb3VydDFJ
	MEcGA1UEChNASW5zdGl0dXQgTmF0aW9uYWwgZGUgUmVjaGVyY2hlIGVuIEluZm9y
	bWF0aXF1ZSBldCBlbiBBdXRvbWF0aXF1ZTEaMBgGA1UECxMRU29mdHdhcmUgSGVy
	aXRhZ2UxKDAmBgNVBAMMHyouaW50ZXJuYWwuc29mdHdhcmVoZXJpdGFnZS5vcmcw
	ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDxz6BsVNPDk1fSAltRCwiU
	0iZtd+10WKJL+tgPmv/s3+WgIqj5+hQ/iZsAc7Y45yQo4yU+PsDq+BIFR2yt5rtk
	B0Xz4sNHAo585IEvWvf3wAULf6GQ17o2XRxN5IZfNgLfRy6jQjeIbiFmO5M2g6To
	Fl+MMAuK0+u9u6az41eBl1etTe7QjGaL+B45kfLyLeBB4rhusEQSPRTrGrdrgdEt
	di9jedDjbMkV2B197D7CZHqKRR3B+yuRwgd/t/OqIBpN0M//kPE6AJzpLN2B4Z6L
	HGSeyprQleFkS3d7hAlZal/9di8C+38bAGmTW8dQLGwFeYTHN6hBuMYm0y4Yk32W
	423rPZuguA3j2sIxOuIExKmlMDzuGociy3npfjTvWCi/6ESo0hkImnrWKUZ0eyFH
	h52DsPC6ePhou4qh+KdwObxJmYgS69YhHgrsfZokbbWy/hj6N6dAFmTYJQ9hcrpr
	x2CHHAmbd7J8gTInMDHlUMJ1vcL11coRpmfevMiaK4szZwzRfI+xsevVeHRusxpC
	ErrtW+T+9rSfFVIROjXirD4uok8R3UTMpwNOhPQtKTHN/8v9Cvp5BzY0XNnRiVFc
	lL/4YezG+YO6r4GieWEJyLyB7R/JRJbSuCJLzzqZek4twESiV7mtKe2P1clUF1z+
	O1+pLFUaRSSgpGxypDgIXQIDAQABo4IB9zCCAfMwHwYDVR0jBBgwFoAUZ/2IIBQn
	mMcJ0iUZu+lREWN1UGIwHQYDVR0OBBYEFEZAY+NxWfpgt+qo+0pdRQ5uTsPeMEkG
	A1UdEQRCMECCHyouaW50ZXJuYWwuc29mdHdhcmVoZXJpdGFnZS5vcmeCHWludGVy
	bmFsLnNvZnR3YXJlaGVyaXRhZ2Uub3JnMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
	FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDov
	L2NybDMuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwL6AtoCuGKWh0dHA6
	Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3JsMEwGA1UdIARFMEMw
	NwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0
	LmNvbS9DUFMwCAYGZ4EMAQICMG4GCCsGAQUFBwEBBGIwYDAkBggrBgEFBQcwAYYY
	aHR0cDovL29jc3AuZGlnaWNlcnQuY29tMDgGCCsGAQUFBzAChixodHRwOi8vY2Fj
	ZXJ0cy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNydDAMBgNVHRMBAf8EAjAA
	MA0GCSqGSIb3DQEBCwUAA4IBAQBt7fVm/+sNa5VkhdxfiSSAqrqrjrNPI2izU3Bs
	fNrN+o7buLGTmA83WJaJsX74kdegqsmT5J3qBO/RDNpvIJqeGBQdDO2L4tRCHxSZ
	mJ0o7GKFfWY01hF6J6jSHzOehpL/UQ37U1Kh3l7GLBkOhPubV9wkG5jMLlrYNCAd
	gY59W84hH9QCV+oO44F4Q3bdwTcXrZuQ3tpyqqgukmrCm0TcK7pOa5FWZ4r6ZIWe
	RNpor8OyVqmMj8U2NX2478LsyE4Ut6NrtdOQHnVVFgPlsuiQgTUfqgL5XCMQw4vz
	5vNH/vho0zTFoJjB68mos1xazWNYqC+QmKXcsFWeodct9l3F
	-----END CERTIFICATE-----
	ca_bundle: \|
	-----BEGIN CERTIFICATE-----
	MIIE+zCCA+OgAwIBAgIQCHC8xa8/25Wakctq7u/kZTANBgkqhkiG9w0BAQsFADBl
	MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
	d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
	b3QgQ0EwHhcNMTQxMTE4MTIwMDAwWhcNMjQxMTE4MTIwMDAwWjBkMQswCQYDVQQG
	EwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFt
	MQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzCCASIw
	DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMV2Dw/ZQyk7bG3RR63eEL8jwnio
	Snc18SNb4EweQefCMQC9iDdFdd25AhCAHo/tZCMERaegOTuBTc9jP8JJ/yKeiLDS
	lrlcinQfkioq8hLIt2hUtVhBgUBoBhpPhSn7tU08D08/QJYbzqjMXjX/ZJj1dd10
	VAWgNhEEEiRVY++Udy538RV27tOkWUUhn6i+0SftCuirOMo/h9Ha8Y+5Cx9E5+Ct
	85XCFk3shKM6ktTPxn3mvcsaQE+zVLHzj28NHuO+SaNW5Ae8jafOHbBbV1bRxBz8
	mGXRzUYvkZS/RYVJ+G1ShxwCVgEnFqtyLvRx5GG1IKD6JmlqCvGrn223zyUCAwEA
	AaOCAaYwggGiMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMHkG
	CCsGAQUFBwEBBG0wazAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQu
	Y29tMEMGCCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGln
	aUNlcnRBc3N1cmVkSURSb290Q0EuY3J0MIGBBgNVHR8EejB4MDqgOKA2hjRodHRw
	Oi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290Q0EuY3Js
	MDqgOKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVk
	SURSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxo
	dHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBRn/YggFCeYxwnS
	JRm76VERY3VQYjAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzANBgkq
	hkiG9w0BAQsFAAOCAQEAqSg1esR71tonHqyYzyc2TxEydHTmQN0dzfJodzWvs4xd
	xgS/FfQjZ4u5b5cE60adws3J0aSugS7JurHogNAcyTnBVnZZbJx946nw09E02DxJ
	WYsamM6/xvLYMDX/6W9doK867mZTrqqMaci+mqege9iCSzMTyAfzd9fzZM2eY/lC
	J1OuEDOJcjcV8b73HjWizsMt8tey5gvHacDlH198aZt+ziYaM0TDuncFO7pdP0GJ
	+hY77gRuW6xWS++McPJKe1e9GW6LNgdUJi2GCZQfXzer8CM/jyxflp5HcahE3qm5
	hS+1NGClXwmgmkMd1L8tRNaN2v11y18WoA5hwnA9Ng==
	-----END CERTIFICATE-----

	bind::update_key: local-update

	bind::zones:
	internal.softwareheritage.org:
	domain: internal.softwareheritage.org
	100.168.192.in-addr.arpa:
	domain: 100.168.192.in-addr.arpa
	101.168.192.in-addr.arpa:
	domain: 101.168.192.in-addr.arpa

	bind::zones::default_data:
	zone_type: master
	dynamic: true
	masters: ''
	transfer_source: ''
	allow_updates: []
	update_policies: ''
	allow_transfers: ''
	dnssec: false
	key_directory: ''
	ns_notify: true
	also_notify: ''
	allow_notify: ''
	forwarders: ''
	forward: ''
	source: ''

	bind::resource_records:
	internal/NS:
	type: NS
	record: internal.softwareheritage.org
	data: pergamon.internal.softwareheritage.org.
	100/NS:
	type: NS
	record: 101.168.192.in-addr.arpa
	data: pergamon.internal.softwareheritage.org.
	101/NS:
	type: NS
	record: 101.168.192.in-addr.arpa
	data: pergamon.internal.softwareheritage.org.
	db/CNAME:
	type: CNAME
	record: db.internal.softwareheritage.org
	data: prado.internal.softwareheritage.org.
	debian/CNAME:
	type: CNAME
	record: debian.internal.softwareheritage.org
	data: pergamon.internal.softwareheritage.org.
	backup/CNAME:
	type: CNAME
	record: backup.internal.softwareheritage.org
	data: banco.internal.softwareheritage.org.
	# VPN hosts
	zack/A:
	record: zack.internal.softwareheritage.org
	data: 192.168.101.6
	olasd/A:
	record: olasd.internal.softwareheritage.org
	data: 192.168.101.10
	ardumont/A:
	record: ardumont.internal.softwareheritage.org
	data: 192.168.101.14
	rdicosmo/A:
	record: rdicosmo.internal.softwareheritage.org
	data: 192.168.101.38
	awork01/A:
	record: awork01.internal.softwareheritage.org
	data: 192.168.101.18
	awork02/A:
	record: awork02.internal.softwareheritage.org
	data: 192.168.101.22
	awork03/A:
	record: awork03.internal.softwareheritage.org
	data: 192.168.101.26
	awork04/A:
	record: awork04.internal.softwareheritage.org
	data: 192.168.101.30
	awork05/A:
	record: awork05.internal.softwareheritage.org
	data: 192.168.101.34
	banco/A:
	record: banco.internal.softwareheritage.org
	data: 192.168.101.46

	bind::resource_records::default_data:
	type: A

	bind::forwarders:
	- 193.51.196.130
	- 193.51.196.131

	bind::clients:
	- 192.168.100.0/24
	- 192.168.101.0/24
	- 127.0.0.0/8
	- '::1/128'

	bind::autogenerate:
	'192.168.100.0/24': internal.softwareheritage.org

	dar::backup::storage: /srv/backups
	dar::backup::num_backups: 1
	dar::backup::base: /
	dar::backup::select: [] # empty list = full backup
	dar::backup::exclude:
	- dev
	- proc
	- run
	- srv/backups
	- srv/remote-backups
	- srv/softwareheritage/objects
	- srv/softwareheritage/postgres
	- srv/storage
	- sys
	- tmp
	- var/cache
	- var/run
	- var/tmp
	dar::backup::options:
	- -zbzip2

	dar::cron::hour: 0
	dar::cron::minute: fqdn_rand
	dar::cron::month: '*'
	dar::cron::monthday: '*'
	dar::cron::weekday: '*'

	dar_server::backup::storage: /srv/remote-backups
	dar_server::cron::hour: '0-4'
	dar_server::cron::minute: '*/10'
	dar_server::cron::month: '*'
	dar_server::cron::monthday: '*'
	dar_server::cron::weekday: '*'

	phabricator::basepath: /srv/phabricator
	phabricator::user: phabricator
	phabricator::vcs_user: git

	phabricator::mysql::database_prefix: phabricator
	phabricator::mysql::username: phabricator

	phabricator::mysql::conf::max_allowed_packet: 33554432
	phabricator::mysql::conf::sql_mode: STRICT_ALL_TABLES
	phabricator::mysql::conf::ft_stopword_file: "%{hiera('phabricator::basepath')}/phabricator/resources/sql/stopwords.txt"
	phabricator::mysql::conf::ft_min_word_len: 3
	phabricator::mysql::conf::ft_boolean_syntax: "' \|-><()~*:\"\"&^'"
	phabricator::mysql::conf::innodb_buffer_pool_size: 800M

	phabricator::php::fpm_listen: 127.0.0.1:9001
	phabricator::php::max_file_size: 128M
	phabricator::php::opcache_validate_timestamps: 0

	phabricator::vhost::name: forge.softwareheritage.org
	phabricator::vhost::docroot: "%{hiera('phabricator::basepath')}/phabricator/webroot"
	phabricator::vhost::ssl_protocol: "%{hiera('apache::ssl_protocol')}"
	phabricator::vhost::ssl_honorcipherorder: "%{hiera('apache::ssl_honorcipherorder')}"
	phabricator::vhost::ssl_cipher: "%{hiera('apache::ssl_cipher')}"
	phabricator::vhost::hsts_header: "%{hiera('apache::hsts_header')}"

	mediawiki::mysql::dbname: mediawiki
	mediawiki::mysql::username: mediawiki

	mediawiki::php::fpm_listen: 127.0.0.1:9002

	mediawiki::vhost::name: intranet.softwareheritage.org
	mediawiki::vhost::docroot: /var/lib/mediawiki
	mediawiki::vhost::ssl_protocol: "%{hiera('apache::ssl_protocol')}"
	mediawiki::vhost::ssl_honorcipherorder: "%{hiera('apache::ssl_honorcipherorder')}"
	mediawiki::vhost::ssl_cipher: "%{hiera('apache::ssl_cipher')}"
	mediawiki::vhost::hsts_header: "%{hiera('apache::hsts_header')}"

	ssh::port: 22

	swh::base_directory: /srv/softwareheritage
	swh::conf_directory: /etc/softwareheritage
	swh::log_directory: /var/log/softwareheritage

	swh::debian_mirror::hostname: debian.internal.softwareheritage.org
	swh::debian_mirror::basepath: "%{hiera('swh::base_directory')}/repository"
	swh::debian_mirror::location: "http://%{hiera('swh::debian_mirror::hostname')}/"

	swh::deploy::directory: "%{hiera('swh::conf_directory')}/deploy"
	swh::deploy::group: swhdeploy
	swh::deploy::public_key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDWrJX/uUss/EYZaTp2EIsZgg3ZSH8JcNZV5gBdNZ7EHcQcqxYUCqmwv9Ss3xT8n9kIrH6iz/vquqf84XR+keoZK3bsp50tMOY8LJWpcl/JK2XD6ovoJrHPu+iAroLkE59RdTa1Vz+jF67Q2UuG9f0nKwL4rnkeWTyuK/zAbyHyYKFQntkkwMr5/YTU8sjl/4aNF/2Ww8hitdi2GORlCjav2bB0wyPBA2e8sMt8Hp9O4TIWg/RD6vPX+ZvuFaB/Lw/Hv21622QGTHoZiO92/8/W9/t24il6SU4z96ZGfXqdUZkpPYKBGwyIkZkS4dN6jb4CcRlyXTObphyu3dAlABRt swhworker@worker01'

	swh::deploy::storage::conf_directory: "%{hiera('swh::conf_directory')}/storage"
	swh::deploy::storage::conf_file: "%{hiera('swh::deploy::storage::conf_directory')}/storage.ini"
	swh::deploy::storage::user: swhstorage
	swh::deploy::storage::group: swhstorage
	swh::deploy::storage::db::host: db
	swh::deploy::storage::db::user: swhstorage
	swh::deploy::storage::db::dbname: softwareheritage
	swh::deploy::storage::directory: "%{hiera('swh::base_directory')}/objects"
	swh::deploy::storage::uwsgi::listen: 127.0.0.1:5002
	swh::deploy::storage::uwsgi::workers: 4
	swh::deploy::storage::uwsgi::max_requests: 32
	swh::deploy::storage::uwsgi::max_requests_delta: 4
	swh::deploy::storage::uwsgi::reload_mercy: 3600
	swh::deploy::storage::uwsgi::http_workers: 1
	swh::deploy::storage::uwsgi::http_keepalive: 1
	swh::deploy::storage::uwsgi::http_timeout: 100000

	swh::deploy::webapp::conf_directory: "%{hiera('swh::conf_directory')}/webapp"
	swh::deploy::webapp::conf_file: "%{hiera('swh::deploy::webapp::conf_directory')}/webapp.ini"
	swh::deploy::webapp::user: swhwebapp
	swh::deploy::webapp::group: swhwebapp
	swh::deploy::webapp::conf::storage_class: remote_storage
	swh::deploy::webapp::conf::storage_args: http://127.0.0.1:5002/
	swh::deploy::webapp::conf::log_dir: "%{hiera('swh::log_directory')}/webapp"
	swh::deploy::webapp::uwsgi::listen: 127.0.0.1:5003
	swh::deploy::webapp::uwsgi::protocol: uwsgi
	swh::deploy::webapp::uwsgi::workers: 4
	swh::deploy::webapp::uwsgi::max_requests: 32
	swh::deploy::webapp::uwsgi::max_requests_delta: 4
	swh::deploy::webapp::uwsgi::reload_mercy: 3600
	swh::deploy::webapp::vhost::name: archive.softwareheritage.org
	swh::deploy::webapp::vhost::aliases:
	- base.softwareheritage.org
	swh::deploy::webapp::vhost::docroot: "/var/www/%{hiera('swh::deploy::webapp::vhost::name')}"
	swh::deploy::webapp::vhost::ssl_protocol: "%{hiera('apache::ssl_protocol')}"
	swh::deploy::webapp::vhost::ssl_honorcipherorder: "%{hiera('apache::ssl_honorcipherorder')}"
	swh::deploy::webapp::vhost::ssl_cipher: "%{hiera('apache::ssl_cipher')}"
	swh::deploy::webapp::vhost::hsts_header: "%{hiera('apache::hsts_header')}"

File Metadata

Mime Type: text/plain
Expires: Fri, Jul 4, 1:55 PM (3 d, 22 h ago)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 3412588

defaults.yamlNo OneTemporaryActions

defaults.yamlView Options

File Metadata

Event Timeline

defaults.yaml
No OneTemporary
Actions

defaults.yaml
View Options