diff --git a/Vagrantfile b/Vagrantfile index 658a92f..b9048e6 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -1,651 +1,680 @@ Vagrant.require_version ">= 2.2.0" ENV["LC_ALL"] = "en_US.UTF-8" # Default configuration for all defines node below environment = "staging" environment_path = "/tmp/puppet/environments" manifest_file = "site.pp" manifests_path = "swh-site/manifests" puppet_options = "--fileserverconfig=/etc/puppet/fileserver.conf --verbose" # --debug --trace for more puppet_staging_facts = { "vagrant_testing" => "1", "testing" => "vagrant", "deployment" => "staging", "subnet" => "vagrant" } puppet_production_facts = { "vagrant_testing" => "1", "testing" => "vagrant", "deployment" => "production", "subnet" => "vagrant" } # used to define the local vm template path puppet_env_path = ENV["SWH_PUPPET_ENVIRONMENT_HOME"] # Images/local configuration (libvirt) $local_debian10_box = "debian10-20201012-1352" $local_debian10_box_url = "file://#{puppet_env_path}/packer/builds/swh-debian-10.6-amd64-20201012-1352.qcow2" # Images/remote configuration $global_debian10_box = "debian10-20201012-1352" $global_debian10_box_url = "https://annex.softwareheritage.org/public/isos/libvirt/debian/swh-debian-10.6-amd64-20201012-1352.qcow2" unless Vagrant.has_plugin?("libvirt") $stderr.puts <<-MSG vagrant-libvirt plugin is required for this. To install: `$ sudo apt install vagrant-libvirt MSG exit 1 end Vagrant.configure("2") do |global_config| ################ ## STAGING ################ global_config.vm.define :"staging-webapp" do |config| # config.ssh.insert_key = false config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.box_check_update = false config.vm.hostname = "webapp.internal.staging.swh.network" config.vm.network :private_network, ip: "10.168.130.30", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 512 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_staging_facts puppet.synced_folder_type = 'nfs' end end global_config.vm.define :"staging-rp0" do |config| # config.ssh.insert_key = false config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.box_check_update = false config.vm.hostname = "rp0.internal.staging.swh.network" config.vm.network :private_network, ip: "10.168.130.20", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 512 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_staging_facts puppet.synced_folder_type = 'nfs' end end global_config.vm.define :"staging-db1" do |config| # config.ssh.insert_key = false config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.box_check_update = false config.vm.hostname = "db1.internal.staging.swh.network" config.vm.network :private_network, ip: "10.168.130.11", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 512 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_staging_facts puppet.synced_folder_type = 'nfs' end end global_config.vm.define :"staging-storage1" do |config| # config.ssh.insert_key = false config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.box_check_update = false config.vm.hostname = "storage1.internal.staging.swh.network" config.vm.network :private_network, ip: "10.168.130.41", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 1024 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_staging_facts puppet.synced_folder_type = 'nfs' end end global_config.vm.define :"staging-objstorage0" do |config| # config.ssh.insert_key = false config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.box_check_update = false config.vm.hostname = "objstorage0.internal.staging.swh.network" config.vm.network :private_network, ip: "10.168.130.110", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 512 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_staging_facts puppet.synced_folder_type = 'nfs' end end global_config.vm.define :"staging-deposit" do |config| config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.box_check_update = false config.vm.hostname = "deposit.internal.staging.swh.network" config.vm.network :private_network, ip: "10.168.130.31", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 512 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_staging_facts puppet.synced_folder_type = 'nfs' end end global_config.vm.define :"staging-worker0" do |config| config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.hostname = "worker0.internal.staging.swh.network" config.vm.network :private_network, ip: "10.168.130.100", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 4096 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_staging_facts puppet.synced_folder_type = 'nfs' end end global_config.vm.define :"staging-scheduler0" do |config| config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.hostname = "scheduler0.internal.staging.swh.network" config.vm.network :private_network, ip: "10.168.130.50", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 1024 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_staging_facts puppet.synced_folder_type = 'nfs' end end global_config.vm.define :"staging-journal0" do |config| config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.hostname = "journal0.internal.staging.swh.network" config.vm.network :private_network, ip: "10.168.130.70", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 1024 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_staging_facts puppet.synced_folder_type = 'nfs' end end global_config.vm.define :"staging-esnode0" do |config| # config.ssh.insert_key = false config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.box_check_update = false config.vm.hostname = "search-esnode0.internal.staging.swh.network" config.vm.network :private_network, ip: "10.168.130.80", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 1024 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_staging_facts puppet.synced_folder_type = 'nfs' end end global_config.vm.define :"staging-search0" do |config| # config.ssh.insert_key = false config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.box_check_update = false config.vm.hostname = "search0.internal.staging.swh.network" config.vm.network :private_network, ip: "10.168.130.90", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 1024 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_staging_facts puppet.synced_folder_type = 'nfs' end end global_config.vm.define :"staging-clearly-defined" do |config| # config.ssh.insert_key = false config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.box_check_update = false config.vm.hostname = "clearly-defined.internal.staging.swh.network" config.vm.network :private_network, ip: "10.168.130.200", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 1024 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_staging_facts puppet.synced_folder_type = 'nfs' end end ################ # ADMIN ################ global_config.vm.define :"bojimans" do |config| # config.ssh.insert_key = false config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.box_check_update = false config.vm.hostname = "bojimans.internal.softwareheritage.org" config.vm.network :private_network, ip: "10.168.100.199", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 512 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_staging_facts puppet.synced_folder_type = 'nfs' end end global_config.vm.define :"pergamon" do |config| # config.ssh.insert_key = false config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.box_check_update = false config.vm.hostname = "pergamon.internal.softwareheritage.org" config.vm.network :private_network, ip: "10.168.100.29", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 512 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "production" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_staging_facts puppet.synced_folder_type = 'nfs' end end ################ ## PRODUCTION ################ global_config.vm.define :"prod-worker01" do |config| config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.hostname = "worker01.softwareheritage.org" config.vm.network :private_network, ip: "10.168.100.21", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 4096 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_production_facts puppet.synced_folder_type = 'nfs' end end global_config.vm.define :"esnode1" do |config| config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.box_check_update = false config.vm.hostname = "esnode1.internal.softwareheritage.org" config.vm.network :private_network, ip: "10.168.100.61", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 1024 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_production_facts puppet.synced_folder_type = 'nfs' end end global_config.vm.define :"esnode2" do |config| config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.box_check_update = false config.vm.hostname = "esnode2.internal.softwareheritage.org" config.vm.network :private_network, ip: "10.168.100.62", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 1024 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_production_facts puppet.synced_folder_type = 'nfs' end end global_config.vm.define :"esnode3" do |config| config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.box_check_update = false config.vm.hostname = "esnode3.internal.softwareheritage.org" config.vm.network :private_network, ip: "10.168.100.63", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 1024 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_production_facts puppet.synced_folder_type = 'nfs' end end global_config.vm.define :"prod-bardo" do |config| config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.hostname = "bardo.internal.admin.swh.network" config.vm.network :private_network, ip: "10.168.50.10", netmask: "255.255.255.0" config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 4096 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_production_facts puppet.synced_folder_type = 'nfs' end end + global_config.vm.define :"prod-webapp1" do |config| + config.vm.box = $global_debian10_box + config.vm.box_url = $global_debian10_box_url + config.vm.hostname = "webapp1.internal.softwareheritage.org" + config.vm.network :private_network, ip: "10.168.100.71", netmask: "255.255.255.0" + + config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' + # ssl certificates share + config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' + + config.vm.provider :libvirt do |provider| + provider.memory = 4096 + provider.cpus = 2 + # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 + provider.driver = 'kvm' + end + + config.vm.provision "puppet" do |puppet| + puppet.environment_path = "#{environment_path}" + puppet.environment = "#{environment}" + puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" + puppet.manifest_file = "#{manifest_file}" + puppet.manifests_path = "#{manifests_path}" + puppet.options = "#{puppet_options}" + puppet.facter = puppet_production_facts + puppet.synced_folder_type = 'nfs' + end + end + ################ ## MISC ################ global_config.vm.define :test do |config| config.ssh.insert_key = false config.vm.box = $global_debian10_box config.vm.box_url = $global_debian10_box_url config.vm.box_check_update = false config.vm.hostname = "test.softwareheritage.org" config.vm.network :private_network, ip: "10.168.100.30", netmask: "255.255.255.0" config.vm.network :private_network, ip: "10.168.101.30", netmask: "255.255.255.0" config.vm.network "forwarded_port", guest: 10030, host: 22 config.vm.synced_folder "/tmp/puppet/", "/tmp/puppet", type: 'nfs' # ssl certificates share config.vm.synced_folder "vagrant/le_certs", "/etc/puppet/le_certs", type: 'nfs' config.vm.provider :libvirt do |provider| provider.memory = 512 provider.cpus = 2 # local test run: https://github.com/vagrant-libvirt/vagrant-libvirt/issues/45 provider.driver = 'kvm' end config.vm.provision "puppet" do |puppet| puppet.environment_path = "#{environment_path}" puppet.environment = "#{environment}" puppet.hiera_config_path = "#{puppet.environment_path}/#{puppet.environment}/hiera.yaml" puppet.manifest_file = "#{manifest_file}" puppet.manifests_path = "#{manifests_path}" puppet.options = "#{puppet_options}" puppet.facter = puppet_staging_facts puppet.synced_folder_type = 'nfs' end end end diff --git a/vagrant/le_certs/archive_webapp1/cert.pem b/vagrant/le_certs/archive_webapp1/cert.pem new file mode 100644 index 0000000..435bbb0 --- /dev/null +++ b/vagrant/le_certs/archive_webapp1/cert.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDezCCAmOgAwIBAgIUaiARm2I/34tUYG+qH2fm44l8NTUwDQYJKoZIhvcNAQEL +BQAwTTELMAkGA1UEBhMCRlIxDjAMBgNVBAgMBVBhcmlzMS4wLAYDVQQDDCV3ZWJh +cHAxLmludGVybmFsLnNvZnR3YXJlaGVyaXRhZ2Uub3JnMB4XDTIwMTIyMzEwMDI1 +OFoXDTIzMDkxODEwMDI1OFowTTELMAkGA1UEBhMCRlIxDjAMBgNVBAgMBVBhcmlz +MS4wLAYDVQQDDCV3ZWJhcHAxLmludGVybmFsLnNvZnR3YXJlaGVyaXRhZ2Uub3Jn +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyacYmoWtx8lruC2mIkc +f7edi/JWlenwdcGTcRjNxjWhggjlYWHALmNvhLXHmnllMWsuGF03yIJgfJxHapkh +iwoY6OCNZurdpG6GYv9cMjPkyiNhSPmJT7pqb7h/L+jGtwGoJBnoWmLNsBDITZNj +DBNxYbD+C9OkTs9ssbHSBCiEtTWhD5ivfyEZQGtEXV8hSFQD72Ey+JDc7W/gJtsV +YvyD2LjoW9GQUUDFYrcuq1vPFd6ycmQSMioRtgGbwYP/PQ26+CkDMKmSrD4IIkoL +DYyesn1JNjo6bAY/QVpiUZobeGhzBKYpQfar13cEn/H4nWpcpL313nGexW5QmoBK +6wIDAQABo1MwUTAdBgNVHQ4EFgQUr5IcLR9ROKPQrjcCOj21YOy5etUwHwYDVR0j +BBgwFoAUr5IcLR9ROKPQrjcCOj21YOy5etUwDwYDVR0TAQH/BAUwAwEB/zANBgkq +hkiG9w0BAQsFAAOCAQEAYYup9FJO0nxelHIDlf5i+BCTxyLfnQUuz5j8OvMa80dw +06WHrYiaN/qGbBMlewWIpHdCi/Z9JHa8eJm3cog8gFZJ93u6U8LzHq+XSDpk7Sh7 +AeAz5MQvXn9oFX7CxnizCk478MFTBeLAYdOu0aqzAeeZsS3N1cwq8GhdrqG/esX6 +C979nht0R1Nhj0EiTgSxMhQLll0V0sMixlOZMvisW2xP3pCHgimuzOgP8BjJ8kFm +72SSFoDU0hTgputeuLYLz3ILVmBRDdhbJHvMGlLukG4anXTddcX+qUni/7EcE0cL +lTp7ReaZo0nmwWMfcvKabryroFiJkvjYQGWrizP5fA== +-----END CERTIFICATE----- diff --git a/vagrant/le_certs/archive_webapp1/chain.pem b/vagrant/le_certs/archive_webapp1/chain.pem new file mode 100644 index 0000000..435bbb0 --- /dev/null +++ b/vagrant/le_certs/archive_webapp1/chain.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDezCCAmOgAwIBAgIUaiARm2I/34tUYG+qH2fm44l8NTUwDQYJKoZIhvcNAQEL +BQAwTTELMAkGA1UEBhMCRlIxDjAMBgNVBAgMBVBhcmlzMS4wLAYDVQQDDCV3ZWJh +cHAxLmludGVybmFsLnNvZnR3YXJlaGVyaXRhZ2Uub3JnMB4XDTIwMTIyMzEwMDI1 +OFoXDTIzMDkxODEwMDI1OFowTTELMAkGA1UEBhMCRlIxDjAMBgNVBAgMBVBhcmlz +MS4wLAYDVQQDDCV3ZWJhcHAxLmludGVybmFsLnNvZnR3YXJlaGVyaXRhZ2Uub3Jn +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyacYmoWtx8lruC2mIkc +f7edi/JWlenwdcGTcRjNxjWhggjlYWHALmNvhLXHmnllMWsuGF03yIJgfJxHapkh +iwoY6OCNZurdpG6GYv9cMjPkyiNhSPmJT7pqb7h/L+jGtwGoJBnoWmLNsBDITZNj +DBNxYbD+C9OkTs9ssbHSBCiEtTWhD5ivfyEZQGtEXV8hSFQD72Ey+JDc7W/gJtsV +YvyD2LjoW9GQUUDFYrcuq1vPFd6ycmQSMioRtgGbwYP/PQ26+CkDMKmSrD4IIkoL +DYyesn1JNjo6bAY/QVpiUZobeGhzBKYpQfar13cEn/H4nWpcpL313nGexW5QmoBK +6wIDAQABo1MwUTAdBgNVHQ4EFgQUr5IcLR9ROKPQrjcCOj21YOy5etUwHwYDVR0j +BBgwFoAUr5IcLR9ROKPQrjcCOj21YOy5etUwDwYDVR0TAQH/BAUwAwEB/zANBgkq +hkiG9w0BAQsFAAOCAQEAYYup9FJO0nxelHIDlf5i+BCTxyLfnQUuz5j8OvMa80dw +06WHrYiaN/qGbBMlewWIpHdCi/Z9JHa8eJm3cog8gFZJ93u6U8LzHq+XSDpk7Sh7 +AeAz5MQvXn9oFX7CxnizCk478MFTBeLAYdOu0aqzAeeZsS3N1cwq8GhdrqG/esX6 +C979nht0R1Nhj0EiTgSxMhQLll0V0sMixlOZMvisW2xP3pCHgimuzOgP8BjJ8kFm +72SSFoDU0hTgputeuLYLz3ILVmBRDdhbJHvMGlLukG4anXTddcX+qUni/7EcE0cL +lTp7ReaZo0nmwWMfcvKabryroFiJkvjYQGWrizP5fA== +-----END CERTIFICATE----- diff --git a/vagrant/le_certs/archive_webapp1/fullchain.pem b/vagrant/le_certs/archive_webapp1/fullchain.pem new file mode 100644 index 0000000..435bbb0 --- /dev/null +++ b/vagrant/le_certs/archive_webapp1/fullchain.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDezCCAmOgAwIBAgIUaiARm2I/34tUYG+qH2fm44l8NTUwDQYJKoZIhvcNAQEL +BQAwTTELMAkGA1UEBhMCRlIxDjAMBgNVBAgMBVBhcmlzMS4wLAYDVQQDDCV3ZWJh +cHAxLmludGVybmFsLnNvZnR3YXJlaGVyaXRhZ2Uub3JnMB4XDTIwMTIyMzEwMDI1 +OFoXDTIzMDkxODEwMDI1OFowTTELMAkGA1UEBhMCRlIxDjAMBgNVBAgMBVBhcmlz +MS4wLAYDVQQDDCV3ZWJhcHAxLmludGVybmFsLnNvZnR3YXJlaGVyaXRhZ2Uub3Jn +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyacYmoWtx8lruC2mIkc +f7edi/JWlenwdcGTcRjNxjWhggjlYWHALmNvhLXHmnllMWsuGF03yIJgfJxHapkh +iwoY6OCNZurdpG6GYv9cMjPkyiNhSPmJT7pqb7h/L+jGtwGoJBnoWmLNsBDITZNj +DBNxYbD+C9OkTs9ssbHSBCiEtTWhD5ivfyEZQGtEXV8hSFQD72Ey+JDc7W/gJtsV +YvyD2LjoW9GQUUDFYrcuq1vPFd6ycmQSMioRtgGbwYP/PQ26+CkDMKmSrD4IIkoL +DYyesn1JNjo6bAY/QVpiUZobeGhzBKYpQfar13cEn/H4nWpcpL313nGexW5QmoBK +6wIDAQABo1MwUTAdBgNVHQ4EFgQUr5IcLR9ROKPQrjcCOj21YOy5etUwHwYDVR0j +BBgwFoAUr5IcLR9ROKPQrjcCOj21YOy5etUwDwYDVR0TAQH/BAUwAwEB/zANBgkq +hkiG9w0BAQsFAAOCAQEAYYup9FJO0nxelHIDlf5i+BCTxyLfnQUuz5j8OvMa80dw +06WHrYiaN/qGbBMlewWIpHdCi/Z9JHa8eJm3cog8gFZJ93u6U8LzHq+XSDpk7Sh7 +AeAz5MQvXn9oFX7CxnizCk478MFTBeLAYdOu0aqzAeeZsS3N1cwq8GhdrqG/esX6 +C979nht0R1Nhj0EiTgSxMhQLll0V0sMixlOZMvisW2xP3pCHgimuzOgP8BjJ8kFm +72SSFoDU0hTgputeuLYLz3ILVmBRDdhbJHvMGlLukG4anXTddcX+qUni/7EcE0cL +lTp7ReaZo0nmwWMfcvKabryroFiJkvjYQGWrizP5fA== +-----END CERTIFICATE----- diff --git a/vagrant/le_certs/archive_webapp1/privkey.pem b/vagrant/le_certs/archive_webapp1/privkey.pem new file mode 100644 index 0000000..18af698 --- /dev/null +++ b/vagrant/le_certs/archive_webapp1/privkey.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDDJpxiaha3HyWu +4LaYiRx/t52L8laV6fB1wZNxGM3GNaGCCOVhYcAuY2+EtceaeWUxay4YXTfIgmB8 +nEdqmSGLChjo4I1m6t2kboZi/1wyM+TKI2FI+YlPumpvuH8v6Ma3AagkGehaYs2w +EMhNk2MME3FhsP4L06ROz2yxsdIEKIS1NaEPmK9/IRlAa0RdXyFIVAPvYTL4kNzt +b+Am2xVi/IPYuOhb0ZBRQMVity6rW88V3rJyZBIyKhG2AZvBg/89Dbr4KQMwqZKs +PggiSgsNjJ6yfUk2OjpsBj9BWmJRmht4aHMEpilB9qvXdwSf8fidalykvfXecZ7F +blCagErrAgMBAAECggEBAJmx7BJ6WT+J8WTEqCqEOgTAeP1CND1HjNFBTr0Q+udz +T6sZFIbYtMIUID1V6UlY+ICuWBRqPkfVnuYlMv3acpeNsUafq931dfBN99s6IMON +KVCmArW1ihZXzAIHPWxfGToCvQkJunyNOk/DN+4Y+TYGjhKRkdOAsPQ82u8sDCqm +2mSt4RDpdRZ/vXopqK9OdVmIrD631Z3cq4CRm9xsEX98noqapCQSSSaX4vcTOd3W +LQsS8qLROtMviKcEfUcqRTWP/6FR/47GZcXSnLa9KiEfKDtozDIRK5eREstcFdrH +4/HQB6NYEuXMkkXswpvJ2h+haWQAJJAEIi9fMXtMZukCgYEA6APxriWePMhFZYe8 +5V3JMZlpYF+QGDpJgvaKIORQeBQMsKlouQyLjLVuKP6FVoHLw+SHEI5JieAumQcf +vulCl+GnD22QUwhk4x5dyZbSGGPYSlPEaZHP1KHyeAOAPqfSw50If/WWe2rXWpXX +5QUf9NeZS6s78JUKj1Nge75jzp8CgYEA11MVHBxxEQ+f5FZ8gtAxsMXx3c7Grqkt +pd97UAqPgVedqm3V5bPlURdcdfVF17NmdNcVfW2Bb2o/sv9p8DCOmJ+gg+fznJtd +mJqny0/jGFdQ1tbz1nACMaX3dL+DAmxc3hrzGrxA/j6G32gav632gSEVj579Kil7 +mlKEi4RO/DUCgYEAr64M2ihx4ORkZ7SYO7UAGyZmvCqgGThJYXj8rlsy8zl7QmmE +elodcLYQa8oNfKtbd0EbZFXZKSUvI4BZcV1+pzKeJPh5R+YbPj5IFdS10PIJXH6B +Qs695+uYhXdhLBA3bxcA0KNNBranyleb2jY/NE3sLXfDMzAnhs9DR2+qc1ECgYAW +fHqr4Nx955/O/KksEAngaAuGGl3tR4WY2OnLxg6Od1PjxGyd/FdqTII/X0nX6Mg+ +U2fPHWxy8imMy9eIWcnKboEYxVRPenofwabcOI+Crzul8/Sq5C+Wd7qL2qQX0LEy +EKZqmFZBNs5m7jw84DHp8kaKJRRTHtnll9B3sW1+MQKBgQC8TyjZxUtYaFSZXpSH +dSClxDuElIOOBCWOzRXS/IP2TkYif/vs/LtZqs6LYE9J4g2Q+KlbxGCLl1CLXT2S +HAu+X399eiSm77ikHs3aKzDspW3YfW3YIVn1706I5qRcJKGARiao3sV7e/n728FR +y2JjOjUIhab86aWB10YEEQtfDA== +-----END PRIVATE KEY-----