OPS-347

diff --git a/customer/pixelpark/stage-www-publicispixelpark-de.pixelpark.com.yaml b/customer/pixelpark/stage-www-publicispixelpark-de.pixelpark.com.yaml
index 3b0442d3c925d4f4820fbb228ffd4a4ad755de38..4cf69c4a9104c8adac457f6685a5e7940dfdd021 100644 (file)
--- a/customer/pixelpark/stage-www-publicispixelpark-de.pixelpark.com.yaml
+++ b/customer/pixelpark/stage-www-publicispixelpark-de.pixelpark.com.yaml
@@ -1,2 +1,113 @@
 ---
 infra::role: base
+infra::additional_classes:
+  - infra::profile::typo3
+  - infra::profile::mysql_server
+  - infra::profile::postfix
+
+# user
+accounts::users:
+  jenkins:
+    apply: true
+  stephan.vits:
+    apply: true
+    sudo: true
+  tim.schroeder:
+    apply: true
+    sudo: true
+  sebastian.bayer:
+    apply: true
+    sudo: true
+  christian.beyer:
+    apply: true
+    sudo: true
+
+sudo::configs:
+  jenkins_deploy:
+    priority: "06"
+    content: |
+      jenkins ALL=(apache) NOPASSWD: ALL
+
+# Postfix Config
+postfix::myorigin: 'pixelpark.com'
+
+# php version
+repo::remi_php72: true
+
+# php packages
+php::extensions:
+  gd: {}
+  opcache: {}
+  mysqlnd: {}
+  soap: {}
+  mbstring: {}
+  zip: {}
+  xml: {}
+  pecl-imagick: {}
+  mysqlnd: {}
+
+# php settings
+php::settings:
+  Date/date.timezone: Europe/Berlin
+
+# mysql
+mysql::server::package_name: MariaDB-server
+mysql::client::package_name: MariaDB-client
+infra::additional_files:
+  mariadb_repo:
+    path: '/etc/yum.repos.d/mariadb.repo'
+    owner: 'root'
+    group: 'root'
+    mode: '0644'
+    content: |
+      [mariadb]
+      name=MariaDB Yum Repo
+      baseurl=http://repo.pixelpark.com/Linux/yum/mariadb/10.3/rhel74-amd64/
+      enabled=1
+      gpgcheck=1
+      gpgkey=http://repo.pixelpark.com/Linux/yum/mariadb/RPM-GPG-KEY-MariaDB
+
+mysql::server::root_password: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAC4bViiyUxEHF5v7lvih3jn7Q7M+Y4EYEd8Uxk4W3cy4fTexuTJ4oucgu5AKFwEsWa5UBQN/v6N37QAJ5z+R8b1UnPe9mDm4f8txagiWhNwE7oFktnTL+fz1zzs9ZtTVbSjafeP/E1Tqka1FELQSAARg81dCCDOzq+ZF+v2soJixMM2ZgsAhgMkNI3kYOMd/YjIrLS+zutaOxz0H+ynX9DTHlde75u6dO9Bsb1zF+28qTBN+1dyK8jwgpFy+QV0BfZWQJiYPSRNbywaYe0/N5dnvLVXpnwtzJpy/oZMDOKAwkncXUkE9BrUD3SV3g+AmSrtCs5HD6gEx/vpJ8l0OxDzA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCcHpTXwkpswOLte9K5y6G+gBCDe/6RPu81TLyiRaQitFkh]
+
+mysql::server::remove_default_accounts: true
+mysql::server::backup::backupuser: backup
+mysql::server::backup::backuppassword: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAscVEKPUgGhwAg6oByrKzDFHfmBICYOMHmvQ6XAHM1SGqsMYvOUFoEW7qAQ6GhWDF8KlppCAy/4Lz/EEYKI+TdSw05r/3yfZITHgNsIiCbYkAoF2E8C2ppzC9xwcv3S5Gq8yEff12met+e6nIlX74ts0kOdWmkHH2CHZKprVxFjAu/N1X8CXyNSJi+apXvgTNsURzcUNVaTLu8fyfaXVlqcnuiZpeqC8Z3/Re3aIKfummtwphE+WUvWw+kAELNAGrlzQpO0cwyWGFN0/0BxpCG7Ui2J+CLAWZ4aBr3Yq33wWvxmQ8nPCOaTfvJLAwdpnStvtjNXynwr1/pJYHMDZy0jA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBA6JJihOwd7423NICIlXdHFgBBbqX3qphQUN1GZyHN+A9nE]
+
+mysql::server::backup::backupdir: /var/lib/backup/mysql
+
+# basic auth apache - check
+infra::profile::apache::htdigest:
+  server:
+    www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAlS/646tEdSWnLSSdn81Jry/JmyDmliS+0d+rSLbjZpw1akq3jiGPHCpQuu7EyQZspG7cryF/oPqbPWeTGgl36Ok5CwSTwpkquDe/oLHC/loEWnkWN0bQEh3HAtxIAlod38Zv49DHr7qNVjCLQNdWhuMqIR+/JUHLVVW3dnF40Q4aCZTOXioCYN+kcM7W7aD+R3nBAop4I7yQnthmNvOutZ9ELlYLWDBTjvwp56iFxsU1/0kYOa/HfWzQtaZdKzt2STSHDeK/hlLM8U1DfheR962wBEr2INCvyI5TacVeHXC7sq+dFDzbVktKKExESDLLquxK9fjvtf0KoqJIz1qtYzA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDSESkQEluy/XMDi5ERc+hUgBADPT/PpjDTf1I0M1xuQ3vE]
+
+infra::profile::typo3::projects_composer_monolith:
+  pubpix:
+    db_pass: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAr9wc44Gq+GZofZrMWUhBcsIhIMVEccWkHwmd2Ltkh/oKwVZ3sir6Mo7Uv+PhTCOv0MQBfMS/EwwegwUBsG18jtmsntoQq0+tNMGvEkKLhqwJmjtjpu+5S2MuEp4XHoVzDlTyFkoWzqNHzk7kULOrpovfeMpX4NkNYnHB4yuklRKdifj/ajd56TB3LzK5i34ThXf5Ot0MB33529XJ39remPXxA/t3DR3MG/E7kN3l/fKh23HLr/WhXvywVupyVdG0S4PDZGVQ3i5BEiPCjwV8gkf/eV2vF4HrDFvB/4Vd80ruM8pLaDZqpxcJiPKZJcHx+0i6JpQ5a1haNh6/Vev0sjA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCysHIzopI0rdjzlkX4ksPigBCmuT3FBnSCpbNOfbdmY9V2]
+    db_user: pubpix
+    db_name: pubpix
+    servername: stage-www-publicispixelpark-de.pixelpark.com
+    # Change Cert
+    cert_servername: 'wildcard.pixelpark.net'
+    cert_customer: 'pixelpark'
+    ssl_cert: /etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem
+    ssl_chain: /etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem
+    ssl_key: /etc/pki/tls/private/wildcard.pixelpark.net-key.pem
+    directories:
+      - provider: location
+        path: '/'
+        auth_type: Digest
+        auth_name: server
+        auth_digest_provider: file
+        auth_digest_algorithm: MD5
+        auth_user_file: '/etc/httpd/htdigest'
+        auth_require: 'valid-user'
+        require:
+          - local
+    rewrites:
+      - comment: 'http to https'
+        rewrite_cond:
+          - '%%{ich-trickse}{HTTPS} !=on'
+        rewrite_rule:
+          - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]'
+    php_admin_value:
+      max_input_vars: '1500'