other/Puppet: manifests/nodes.pp annotate

annotate manifests/nodes.pp @ 279:e36b7f4f85f2

Start to support IPv6 servers * Assumed only one or the other, not dual stack * Removed old VPS setup * Removed "secondary IP", added IPv4-to-6 forwarding * Updated firewall rules * Moved HTTP firewall rules to website module so it can do the right thing based on IP address families

author	IBBoard <dev@ibboard.co.uk>
date	Sat, 15 Feb 2020 13:52:30 +0000
parents	7307c3d59ce7
children	8f33f0bddd39

rev	line source
29 41df236f3fb0 Add trial node config for new site (IPs for test VM) IBBoard <dev@ibboard.co.uk> parents: 0 diff changeset	1 node 'clouduk.ibboard.co.uk' {
41df236f3fb0 Add trial node config for new site (IPs for test VM) IBBoard <dev@ibboard.co.uk> parents: 0 diff changeset	2 class { 'ibboardvpsnode':
70 c91296a71160 Update IP address of clouduk - test VM should use a different name! IBBoard <dev@ibboard.co.uk> parents: 56 diff changeset	3 primary_ip => '213.229.111.243',
29 41df236f3fb0 Add trial node config for new site (IPs for test VM) IBBoard <dev@ibboard.co.uk> parents: 0 diff changeset	4 mailserver => 'mail.ibboard.co.uk',
41df236f3fb0 Add trial node config for new site (IPs for test VM) IBBoard <dev@ibboard.co.uk> parents: 0 diff changeset	5 imapserver => 'imap.ibboard.co.uk',
35 1bb941522ebf Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables) IBBoard <dev@ibboard.co.uk> parents: 29 diff changeset	6 firewall_cmd => 'iptables',
29 41df236f3fb0 Add trial node config for new site (IPs for test VM) IBBoard <dev@ibboard.co.uk> parents: 0 diff changeset	7 }
41df236f3fb0 Add trial node config for new site (IPs for test VM) IBBoard <dev@ibboard.co.uk> parents: 0 diff changeset	8 }
109 019968cfda31 Add dev machine entry with correct IPs IBBoard <dev@ibboard.co.uk> parents: 70 diff changeset	9
019968cfda31 Add dev machine entry with correct IPs IBBoard <dev@ibboard.co.uk> parents: 70 diff changeset	10 node 'cloudtest.ibboard.co.uk' {
019968cfda31 Add dev machine entry with correct IPs IBBoard <dev@ibboard.co.uk> parents: 70 diff changeset	11 class { 'ibboardvpsnode':
151 1ad747713519 Update test machine IPs to match new DHCP pool IBBoard <dev@ibboard.co.uk> parents: 114 diff changeset	12 primary_ip => '192.168.1.78',
109 019968cfda31 Add dev machine entry with correct IPs IBBoard <dev@ibboard.co.uk> parents: 70 diff changeset	13 mailserver => 'mail.ibboard.co.uk',
019968cfda31 Add dev machine entry with correct IPs IBBoard <dev@ibboard.co.uk> parents: 70 diff changeset	14 imapserver => 'imap.ibboard.co.uk',
019968cfda31 Add dev machine entry with correct IPs IBBoard <dev@ibboard.co.uk> parents: 70 diff changeset	15 firewall_cmd => 'iptables',
019968cfda31 Add dev machine entry with correct IPs IBBoard <dev@ibboard.co.uk> parents: 70 diff changeset	16 }
019968cfda31 Add dev machine entry with correct IPs IBBoard <dev@ibboard.co.uk> parents: 70 diff changeset	17 }
247 308f69ca988c Add config for new server IBBoard <dev@ibboard.co.uk> parents: 151 diff changeset	18 node 'ibbvps.vs.mythic-beasts.com' {
308f69ca988c Add config for new server IBBoard <dev@ibboard.co.uk> parents: 151 diff changeset	19 class { 'ibboardvpsnode':
308f69ca988c Add config for new server IBBoard <dev@ibboard.co.uk> parents: 151 diff changeset	20 primary_ip => '2a00:1098:82:52::1',
279 e36b7f4f85f2 Start to support IPv6 servers IBBoard <dev@ibboard.co.uk> parents: 251 diff changeset	21 proxy_6to4_ip => '2a00:1098:82:52::01:d4', # ::old4 for IPv4!
e36b7f4f85f2 Start to support IPv6 servers IBBoard <dev@ibboard.co.uk> parents: 251 diff changeset	22 proxy_upstream => ['2a00:1098::80:1000:3b:1:1', '2a00:1098::82:1000:3b:1:1' ],
247 308f69ca988c Add config for new server IBBoard <dev@ibboard.co.uk> parents: 151 diff changeset	23 mailserver => 'mail.ibboard.co.uk',
308f69ca988c Add config for new server IBBoard <dev@ibboard.co.uk> parents: 151 diff changeset	24 imapserver => 'imap.ibboard.co.uk',
308f69ca988c Add config for new server IBBoard <dev@ibboard.co.uk> parents: 151 diff changeset	25 firewall_cmd => 'iptables',
308f69ca988c Add config for new server IBBoard <dev@ibboard.co.uk> parents: 151 diff changeset	26 }
251 7307c3d59ce7 Enable console over admin shell via serial IBBoard <dev@ibboard.co.uk> parents: 247 diff changeset	27 # If the console fails to start, you may need to run "restorecon /etc/systemd/system/getty.target.wants/*"
7307c3d59ce7 Enable console over admin shell via serial IBBoard <dev@ibboard.co.uk> parents: 247 diff changeset	28 # to reset the SELinux context of the file
7307c3d59ce7 Enable console over admin shell via serial IBBoard <dev@ibboard.co.uk> parents: 247 diff changeset	29 service { 'serial-getty@ttyS0':
7307c3d59ce7 Enable console over admin shell via serial IBBoard <dev@ibboard.co.uk> parents: 247 diff changeset	30 ensure => 'running',
7307c3d59ce7 Enable console over admin shell via serial IBBoard <dev@ibboard.co.uk> parents: 247 diff changeset	31 enable => 'true',
7307c3d59ce7 Enable console over admin shell via serial IBBoard <dev@ibboard.co.uk> parents: 247 diff changeset	32 }
279 e36b7f4f85f2 Start to support IPv6 servers IBBoard <dev@ibboard.co.uk> parents: 251 diff changeset	33 firewall { '090 Allow SSH (IPv4-to-IPv6)':
e36b7f4f85f2 Start to support IPv6 servers IBBoard <dev@ibboard.co.uk> parents: 251 diff changeset	34 dport => 22,
e36b7f4f85f2 Start to support IPv6 servers IBBoard <dev@ibboard.co.uk> parents: 251 diff changeset	35 source => '2a00:1098:0:82:1000:0:5d5d:826a',
e36b7f4f85f2 Start to support IPv6 servers IBBoard <dev@ibboard.co.uk> parents: 251 diff changeset	36 proto => 'tcp',
e36b7f4f85f2 Start to support IPv6 servers IBBoard <dev@ibboard.co.uk> parents: 251 diff changeset	37 action => 'accept',
e36b7f4f85f2 Start to support IPv6 servers IBBoard <dev@ibboard.co.uk> parents: 251 diff changeset	38 }
247 308f69ca988c Add config for new server IBBoard <dev@ibboard.co.uk> parents: 151 diff changeset	39 }

Mercurial > repos > other > Puppet

annotate manifests/nodes.pp @ 279:e36b7f4f85f2