Mercurial > repos > other > Puppet
annotate manifests/nodes.pp @ 449:4a6ad700cded
Update config for real Raspberry Pi host
* Add node config
* Change Amavis setup because of Ubuntu differences
* Change secondary IP address setup because Ubuntu still uses
older networking approach
* Make Postfix config more flexible
author | IBBoard <dev@ibboard.co.uk> |
---|---|
date | Wed, 26 Jul 2023 15:30:19 +0100 |
parents | 9268fe05d0ab |
children | 65290cb0cec2 |
rev | line source |
---|---|
449
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
1 node 'ibbpi.hostedpi.com' { |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
2 class { 'ibboardvpsnode': |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
3 primary_ip => '2a00:1098:0008:0157::1', |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
4 gateway_ip => '2a00:1098:0008:0157::2', |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
5 proxy_4to6_ip_prefix => '2a00:1098:0008:0157::01d4', # ::old4 for IPv4! |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
6 proxy_upstream => ['2a00:1098::82:1000:3b:1:1', '2a00:1098::80:1000:3b:1:1'], |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
7 nat64_ranges => ['64:ff9b::/96'], |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
8 mailserver => 'mail.ibboard.co.uk', |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
9 imapserver => 'imap.ibboard.co.uk', |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
10 mailrelays => ['mx.mythic-beasts.com'], |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
11 firewall_cmd => 'iptables', |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
12 } |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
13 firewall { '090 Allow SSH (IPv4-to-IPv6)': |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
14 dport => 22, |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
15 source => '2a00:1098:0:82:1000:0:5d5d:826a', |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
16 proto => 'tcp', |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
17 action => 'accept', |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
18 } |
4a6ad700cded
Update config for real Raspberry Pi host
IBBoard <dev@ibboard.co.uk>
parents:
445
diff
changeset
|
19 } |
390
df5ad1612af7
Adapt configs to support Ubuntu
IBBoard <dev@ibboard.co.uk>
parents:
355
diff
changeset
|
20 node 'vpsarm.home' { |
355 | 21 class { 'ibboardvpsnode': |
390
df5ad1612af7
Adapt configs to support Ubuntu
IBBoard <dev@ibboard.co.uk>
parents:
355
diff
changeset
|
22 primary_ip => '2a00:23c8:a480:3701:5054:ff:fe42:65f9', |
355 | 23 mailserver => 'mail.ibboard.co.uk', |
24 imapserver => 'imap.ibboard.co.uk', | |
25 firewall_cmd => 'iptables', | |
26 } | |
27 } | |
445 | 28 node 'vps-arm-2204.test.ibboard.co.uk' { |
442 | 29 class { 'ibboardvpsnode': |
30 primary_ip => 'fd21:d7cd:fe52:0:5054:ff:fee4:9b6e', | |
31 mailserver => 'mail.ibboard.co.uk', | |
32 imapserver => 'imap.ibboard.co.uk', | |
33 firewall_cmd => 'iptables', | |
34 } | |
35 } | |
445 | 36 node 'vps-2204.test.ibboard.co.uk' { |
37 class { 'ibboardvpsnode': | |
38 primary_ip => 'fd21:d7cd:fe52:0:5054:ff:fec7:76c3', | |
39 mailserver => 'mail.ibboard.co.uk', | |
40 imapserver => 'imap.ibboard.co.uk', | |
41 firewall_cmd => 'iptables', | |
42 } | |
43 } | |
247 | 44 node 'ibbvps.vs.mythic-beasts.com' { |
45 class { 'ibboardvpsnode': | |
46 primary_ip => '2a00:1098:82:52::1', | |
284
9431aec4d998
Switch to using IPv6 prefix and IP per site
IBBoard <dev@ibboard.co.uk>
parents:
283
diff
changeset
|
47 proxy_4to6_ip_prefix => '2a00:1098:82:52::01d4', # ::old4 for IPv4! |
285
c0e989d32b5c
Go back to IPv6, not hostnames, for up-stream
IBBoard <dev@ibboard.co.uk>
parents:
284
diff
changeset
|
48 proxy_upstream => ['2a00:1098::82:1000:3b:1:1', '2a00:1098::80:1000:3b:1:1'], |
428 | 49 nat64_ranges => ['64:ff9b::/96'], |
247 | 50 mailserver => 'mail.ibboard.co.uk', |
51 imapserver => 'imap.ibboard.co.uk', | |
326 | 52 mailrelays => ['mx.mythic-beasts.com'], |
247 | 53 firewall_cmd => 'iptables', |
54 } | |
251
7307c3d59ce7
Enable console over admin shell via serial
IBBoard <dev@ibboard.co.uk>
parents:
247
diff
changeset
|
55 # If the console fails to start, you may need to run "restorecon /etc/systemd/system/getty.target.wants/*" |
7307c3d59ce7
Enable console over admin shell via serial
IBBoard <dev@ibboard.co.uk>
parents:
247
diff
changeset
|
56 # to reset the SELinux context of the file |
7307c3d59ce7
Enable console over admin shell via serial
IBBoard <dev@ibboard.co.uk>
parents:
247
diff
changeset
|
57 service { 'serial-getty@ttyS0': |
7307c3d59ce7
Enable console over admin shell via serial
IBBoard <dev@ibboard.co.uk>
parents:
247
diff
changeset
|
58 ensure => 'running', |
7307c3d59ce7
Enable console over admin shell via serial
IBBoard <dev@ibboard.co.uk>
parents:
247
diff
changeset
|
59 enable => 'true', |
7307c3d59ce7
Enable console over admin shell via serial
IBBoard <dev@ibboard.co.uk>
parents:
247
diff
changeset
|
60 } |
279 | 61 firewall { '090 Allow SSH (IPv4-to-IPv6)': |
62 dport => 22, | |
285
c0e989d32b5c
Go back to IPv6, not hostnames, for up-stream
IBBoard <dev@ibboard.co.uk>
parents:
284
diff
changeset
|
63 source => '2a00:1098:0:82:1000:0:5d5d:826a', |
279 | 64 proto => 'tcp', |
65 action => 'accept', | |
66 } | |
247 | 67 } |