--- /dev/null
+---
+site::role: base_for_old_systems
+site::additional_classes:
+ - java
+ - accounts
+ - site::profile::cron
+
+java::package: java-1.8.0-oraclejdk
+puppetconf::server: puppetmaster01.pixelpark.com
+
+ntp::servers:
+ - '0.centos.pool.ntp.org'
+ - '1.centos.pool.ntp.org'
+ - '2.centos.pool.ntp.org'
+
+apache::mpm_module: worker
+apache::mod::mime::mime_types_additional:
+ 'AddHandler':
+ 'type-map': 'var'
+ 'AddType':
+ 'text/html': '.shtml'
+ 'AddOutputFilter':
+ 'INCLUDES': '.shtml'
+ 'AddEncoding':
+ 'gzip': '.svgz'
+
+accounts::users:
+ sirona:
+ apply: false
+
+aem::maven::mirrors:
+ - {id: pixelpark-nexus, url: 'https://nexus.pixelpark.com/content/groups/public/', mirrorof: '*'}
+
+sudo::configs:
+ aem:
+ priority: "05"
+ content: |
+ Cmnd_Alias START_PUBLISH = /usr/bin/systemctl start publish
+ Cmnd_Alias START_AUTHOR = /usr/bin/systemctl start author
+ Cmnd_Alias START_PUPPET = /usr/bin/systemctl start puppet
+ Cmnd_Alias STOP_PUBLISH = /usr/bin/systemctl stop publish
+ Cmnd_Alias STOP_AUTHOR = /usr/bin/systemctl stop author
+ Cmnd_Alias STOP_PUPPET = /usr/bin/systemctl stop puppet
+ Cmnd_Alias BACKUP = /usr/local/sbin/zfs_rotation.sh*
+ aem ALL=(ALL) NOPASSWD:START_PUBLISH, START_AUTHOR, START_PUPPET, STOP_PUBLISH, STOP_AUTHOR, STOP_PUPPET, BACKUP
+
+#
+# Author
+#
+site::profile::aem::author::license_download_id: ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAHiAyTkjYu7u4DveVGZYC9TKUmFWwAVcll4SFMZ604E38Xm+5rNa8TVAcW9lnnA3qqtbEn6+zwdm/aaSZqq9f/jdtbEcHH2syGq7WcdWtmR7bKVsOWz2J0JiGWyKlCKkAHP4kSWYJ2dQUMaah9rF/4qMaND36Z5fiBoTu/+hfNW0or+eqTHB25E0apIfir1x4MyKwlrdryvYqVlAVczAha1HxIbfNAEhPu4ij0dS3Y7aULAlXyULSBsSM8RmfXrGzrkphAH1lgt6ubk2B7rPchu5CKDl63YVYjz6u7nd2wNcj8a31Gwc8r3bsLbOHVaPKsgeQ8/SiA6kNHZu3oFQ9YzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBt6tSmxQnKOlaK+zrP3CKcgDAiKA5trIvwC+HOEXL5LN6XpIFTNN4TLWccnKJoHneUCJzdw3vK19RN23XEwlb+aCk=]
+site::profile::aem::author::license_product_version: '6.1.0.20150507'
+site::profile::aem::author::license_customer_name: 'Day Training'
+site::profile::aem::author::license_product_name: 'Adobe Experience Manager'
+
+site::profile::aem::author::jvm_opts: '-d64 -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=9010 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false'
+
+#aem::author::install_packages:
+site::profile::aem::author::instance_name: author
+site::profile::aem::author::install_mode: 'quickstart'
+site::profile::aem::author::install_options:
+ download_type: maven
+ download_uri: com.adobe.aem:aem-quickstart:6.1:jar
+
+# Compaction & Backup for Author
+site::profile::aem::author::oak_version: '1.2.7'
+site::profile::aem::author::backup_command: '/usr/bin/sudo -n /usr/local/sbin/zfs_rotation.sh datapool 2592000'
+site::profile::aem::author::compaction_timeout: 21600 # 6h Timeout
+site::profile::aem::author::mail_to:
+ - gerstenberg@pixelpark.com
+
+#
+# Publisher
+#
+site::profile::aem::publish::license_download_id: ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAYdR+YqNXHmBT02M0v6XzyqGqI6C1tSrttKzOhka9kVde3KpVTIFCZjP7qg7SEvSPYesgcTAEPNJBGfFOAwZ3OsMLO/ikdGbZ2+nTIyB+CV8mGb98djBCkKjp69Qf6Vc6hl25djj7oj5sgoV7TqHMovrxxzkiqcleUCsz66h+uOP7WLBNnevRez7kqbfanwmeNoV2n/g1ZEX/oVxfthBMruE2cwLs45tSBeNx7244MYOv2tUyjMgm4odjwFH8ADWMvS//cGrWlblTQrFaG5c/6WCsBqj/mB9LmP3s6oykQd/At4Rxn04/9HjYjHLeymBkoEDs6Pe0Cmtpze3WdXdQWjBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBocffLcP/NHPsJFRPpyIttgDCTdpMMU3E+vHV0mgruxSOC8j/oSk0cMtfDeDhL1v1kmTy6+RhxKGkoshUCJ5Ymq9o=]
+site::profile::aem::publish::license_product_version: '6.1.0.20150507'
+site::profile::aem::publish::license_customer_name: 'Day Training'
+site::profile::aem::publish::license_product_name: 'Adobe Experience Manager'
+
+site::profile::aem::publish::jvm_opts: '-d64 -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=9010 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false'
+
+site::profile::aem::publish::install_mode: 'quickstart'
+site::profile::aem::publish::instance_name: publish
+site::profile::aem::publish::install_options:
+ download_type: maven
+ download_uri: com.adobe.aem:aem-quickstart:6.1:jar
+
+# Compaction & Backup for Publisher
+site::profile::aem::publish::oak_version: '1.2.7'
+site::profile::aem::publish::backup_command: '/usr/bin/sudo -n /usr/local/sbin/zfs_rotation.sh datapool 2592000'
+site::profile::aem::publish::compaction_timeout: 21600 # 6h Timeout
+site::profile::aem::publish::mail_to:
+ - gerstenberg@pixelpark.com
+#
+# dispatcher
+#
+aem::dispatcher::download_type_options:
+ groupid: com.adobe.aem
+ artifactid: dispatcher-apache2.4
+ version: 4.2.0
+ packaging: so
+ repos: https://nexus.pixelpark.com/content/groups/public/
--- /dev/null
+---
+# Für Livegang
+# accounts::users:
+# florian.schade:
+# apply: true
+
+# admin:admin
+site::profile::aem::author::admin_pass: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAhLotW9eI7KayDl6fnd3Y+izen08BFIaZ+kLjVPUQX9gPg3lKbO0uacisAIFa/eaClmvIdRXe2TYOnb0zE1WM0s9AZj32U9vcEozn9QxCxerOEulPpqKX8zXWh6QoBSGBCO8fGPVR68YMZ3eZvOs2usOX8Fkw3K2agZhhC/+xciu/m9PjE9J06UmGhkIQMI13R0vWTTcNe9PYfKMCVB+z8zkguKazGeLwlsbCsAI437c1nf6No1oxz5capZwpVqSUWh3S+3GLn9XVPF6VmcdnD1Z+kJlcAPKsiAtcnKAsmesNvcfvN1a0nAFgqT2oiPW3CLf0b9hh1Jw6sgLaEnvR9jA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCJ/ObPWEXizDMYs7f9Wwf5gBAKMfZr21dNIIILlxmAIlUg]
+site::profile::aem::publish::admin_pass: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEANqQw0Jgj0dg7+OcMz6kFFFfzfoDtLE3RCvEO3T5tJ6tGgmcjWGjyO7v0ukrrwLoBCPly4g00GUc6GyLnhbS5An5elXUckm7blBt1r5QqZDaJG6Dc2OQCcqyUntZM0vfgtygWkBDrn8PWkkBv2lifnQcwHD8q+UjmuU/tr7wEAxKW53LpVP7wnKE4co/HFD2LvQMzxsWCx+oo+Up3DtnRxj0peSX+T/e/NG8b0DyJx9CLwyfb6CMCEl2m9JcjPaesdS0VkCgVoxe9waqgYiLxmq0s766xTg9XMFJuvEuUtYhLs3ywwtAVxo4V/jt9t+/AOU3fHR17M/oUM9/555KLHDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC12Pc8m6n48inuoUNLzhlogBBZmDF6cVzqgKAEfjeh0gG2]
+
+aem::packages:
+ service_pack_1:
+ groupid: 'com.adobe.aem'
+ artifactid: 'aem61-service-pack-1'
+ version: '1.0'
+ acs_aem_commons:
+ groupid: 'com.adobe.acs'
+ artifactid: 'acs-aem-commons-content'
+ version: '2.6.4'
+ cq-6.1.0-hotfix-9130:
+ groupid: 'com.adobe.aem'
+ artifactid: 'cq-6.1.0-hotfix-9130'
+ version: '1.0'
+ cq-6.1.0-hotfix-9381:
+ groupid: 'com.adobe.aem'
+ artifactid: 'cq-6.1.0-hotfix-9381'
+ version: '1.1'
+
+site::profile::aem::publish::jvm_heap_min: 4096M
+site::profile::aem::publish::jvm_heap_max: 6144M
+
+site::profile::aem::author::jvm_heap_min: 6144M
+site::profile::aem::author::jvm_heap_max: 8192M
+
+# www:yIRN57qmO28y
+site::profile::apache::htdigest:
+ server:
+ www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAiBukxV7jmUZA/lYsE7pL0KpuGQ2ViHubHZehBUwtxa9zOgyrB/Tlr2Z79THHZsjSXGOzQSK1di57m8Hn15fUVXacrjvLeYsnA2bg+EgQb/ZzbdSQBTuWyKwDZ3bkXPnX6OwhRuSsYvN/pNjc/sgfNdT/j/staZEshMAQVCgJ/WekVAALaWK50yYWL5+JUNfYdRiluKOU39IkBGp5dPQhNWDFPezSiRbr7yDnSL6pAYxyj1pqTXmlGnzzqvA3tk83q6nVgM7nEsNzaHcrlRBVPTezfwyjpPahCTnAYGquMyMQ2wWmqxYapKPDrpyPdN/u+VzaO0wv/oocRwXBAUAGcTA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDY01oPkVnWlNvTokIhrHaigBC3RE6PdNfrlMoAnEA5Kk4F]
+
+# Apache Publisher
+site::profile::aem::publish::pp_vhosts:
+ bmw:
+ serveraliases:
+ - www-bmwi-de.pixelpark.net
+ docroot: '/var/www/html/cache'
+ ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
+ ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem'
+ ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
+ docroot_owner: apache
+ directories:
+ - docroot:
+ provider: directory
+ path: '/var/www/html/cache'
+ sethandler: dispatcher-handler
+ options:
+ - FollowSymLinks
+ - location1:
+ provider: location
+ path: '/'
+ auth_type: Digest
+ auth_name: brand
+ auth_digest_provider: file
+ auth_digest_algorithm: MD5
+ auth_user_file: '/etc/httpd/htdigest'
+ auth_require: 'valid-user'
+ require:
+ - local
+
+# Apache Author
+site::profile::aem::author::enable_apache: true
+site::profile::aem::author::pp_vhosts:
+ bmw-author:
+ docroot: '/var/www'
+ servername: red-bmw-de.pixelpark.net
+ ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
+ ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem'
+ ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
+ allow_encoded_slashes: 'on'
+ rewrites_non_ssl:
+ - https:
+ comment: 'all to https'
+ rewrite_rule:
+ - '^(.*)$ https://red-bmw-de.pixelpark.net$1 [L,R=302]'
+ proxy_preserve_host: true
+ proxy_pass:
+ - { path: /, url: 'http://localhost:4502/' }
+ request_headers_ssl:
+ - 'set X-Forwarded-Proto "https" env=HTTPS'
+ directories:
+ - docroot:
+ provider: directory
+ path: '/var/www/'
+
+aem::dispatcher::publish_farm:
+ website:
+ clientheaders:
+ - '*'
+ renders:
+ - { hostname: "127.0.0.1", port: '4503' }
+ filter:
+ - { type: 'deny', glob: '*' }
+ - { type: 'allow', url: '/' }
+ - { type: 'allow', url: '*.html' }
+ - { type: 'allow', url: '*.css' } # enable css
+ - { type: 'allow', url: '*.gif' } # enable gifs
+ - { type: 'allow', url: '*.ico' } # enable icos
+ - { type: 'allow', url: '*.js' } # enable javascript
+ - { type: 'allow', url: '*.png' } # enable png
+ - { type: 'allow', url: '*.swf' } # enable flash
+ - { type: 'allow', url: '*.jpg' } # enable jpg
+ - { type: 'allow', url: '*.jpeg' } # enable jpeg
+ - { type: 'allow', url: '*.svg' } # enable svg
+ - { type: 'allow', url: '*.ttf' } # enable ttf
+ - { type: 'allow', url: '*.woff' } # enable woff
+ - { type: 'allow', url: '*.woff2' } # enable woff2
+ - { type: 'allow', url: '*.eot' } # enable eot
+ - { type: 'allow', url: '*.pdf' } # enable pdf
+ - { type: 'allow', url: '*.wmv' } # enable wmv
+ - { type: 'allow', url: '*.psd' } # enable psd (Adobe Photoshop Dokument)
+ - { type: 'allow', url: '*.tif' } # enable tif
+ - { type: 'allow', url: '*.indd' } # enable indd (Adobe Indesign Dokument)
+ # Enable features
+ - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
+ - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+ # Security Rules
+ - { type: 'deny', url: '/etc/' }
+ - { type: 'deny', url: '/libs/' }
+ - { type: 'allow', url: '/etc/designs/*' }
+ - { type: 'allow', url: '/etc/clientlibs/*' }
+ - { type: 'allow', url: '/etc/segmentation.segment.js' }
+ - { type: 'allow', url: '/libs/cq/personalization/components/clickstreamcloud/content/config.json' }
+ - { type: 'allow', url: '/libs/wcm/stats/tracker.js' }
+ - { type: 'allow', url: '/libs/cq/personalization/*' } # (JS, CSS and JSON)
+ - { type: 'allow', url: '/libs/cq/security/userinfo.json' } # (CQ user information)
+ - { type: 'allow', url: '/libs/granite/security/currentuser.json' } # (data must not be cached)
+ - { type: 'allow', url: '/libs/cq/i18n/*' } # (Internalization)
+ # CSRF
+ - { type: 'allow', url: '/libs/granite/csrf/token.json' }
+ # Deny content grabbing
+ - { type: 'deny', url: '*.infinity.json' }
+ - { type: 'deny', url: '*.tidy.json' }
+ - { type: 'deny', url: '*.sysview.xml' }
+ - { type: 'deny', url: '*.docview.json' }
+ - { type: 'deny', url: '*.docview.xml' }
+ - { type: 'deny', url: '*.*[0-9].json' }
+ # Deny query
+ - { type: 'deny', url: '*.query.json' }
+ cache_docroot: '/var/www/html/cache'
+ cache_rules:
+ - { type: 'allow', glob: '*' }
+ cache_invalidate:
+ - { type: 'deny', glob: '*' }
+ - { type: 'allow', glob: '*.html' }
+ - { type: 'allow', glob: '/etc/segmentation.segment.js' }
+ - { type: 'allow', glob: '*/analytics.sitecatalyst.js' }
+ cache_allowedClients:
+ - { type: 'deny', glob: '*' }
+ - { type: 'allow', glob: '127.0.0.1' }
+ cache_headers:
+ - 'X-Content-Type-Options'
+ - 'X-Frame-Options'
+ - 'X-XSS-Protection'
+ - 'Last-Modified'
+ - 'Expires'
+ - 'Content-Type'
+ - 'Access-Control-Allow-Origin'
projects / pixelpark / hiera.git / commitdiff