Mercurial > repos > other > Puppet

view manifests/nodes.pp @ 326:63e0b5149cfb

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add fallback relays to Postfix This allows us to reliably send to IPv4 servers via Mythic-Beasts' mailserver rather than getting random IPs from the NAT64 servers. The firewall rules should ensure Postfix doesn't try to send email out via NAT64 and falls back to the relay. IPv6 will still go directly.
author IBBoard <dev@ibboard.co.uk>
date Sat, 07 Mar 2020 14:29:34 +0000
parents 49e66019faf7
children 60b13e6d83c5
line wrap: on
line source

node 'clouduk.ibboard.co.uk' {
	class { 'ibboardvpsnode':
		primary_ip => '213.229.111.243',
		mailserver => 'mail.ibboard.co.uk',
		imapserver => 'imap.ibboard.co.uk',
		firewall_cmd => 'iptables',
	}
}

node 'cloudtest.ibboard.co.uk' {
	class { 'ibboardvpsnode':
		primary_ip => '192.168.1.78',
		mailserver => 'mail.ibboard.co.uk',
		imapserver => 'imap.ibboard.co.uk',
		firewall_cmd => 'iptables',
	}
}
node 'ibbvps.vs.mythic-beasts.com' {
	class { 'ibboardvpsnode':
		primary_ip => '2a00:1098:82:52::1',
		proxy_4to6_ip_prefix => '2a00:1098:82:52::01d4', # ::old4 for IPv4!
		proxy_upstream => ['2a00:1098::82:1000:3b:1:1', '2a00:1098::80:1000:3b:1:1'],
		nat64_ranges => ['2a00:1098:0:80:1000:3a::/96', '2a00:1098:0:82:1000:3a::/96'],
		mailserver => 'mail.ibboard.co.uk',
		imapserver => 'imap.ibboard.co.uk',
		mailrelays => ['mx.mythic-beasts.com'],
		firewall_cmd => 'iptables',
	}
	# If the console fails to start, you may need to run "restorecon /etc/systemd/system/getty.target.wants/*"
	# to reset the SELinux context of the file
	service { 'serial-getty@ttyS0':
		ensure => 'running',
		enable => 'true',
	}
	firewall { '090 Allow SSH (IPv4-to-IPv6)':
		dport => 22,
		source => '2a00:1098:0:82:1000:0:5d5d:826a',
		proto => 'tcp',
		action => 'accept',
	}
}