From: sascha.strassheim Date: Tue, 22 May 2018 12:01:23 +0000 (+0200) Subject: rename fbb-passngr to fbb-api X-Git-Tag: v0.1.0~968 X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=4f2bf7184c73dc2d70373151cce4f50ad5b0be47;p=pixelpark%2Fhiera.git rename fbb-passngr to fbb-api --- diff --git a/customer/fbb-api/common.yaml b/customer/fbb-api/common.yaml new file mode 100644 index 00000000..4118325e --- /dev/null +++ b/customer/fbb-api/common.yaml @@ -0,0 +1,13 @@ +--- +infra::role: base +infra::additional_classes: + - infra::profile::postfix + - infra::profile::cron + +postfix::myorigin: "pixelpark.net" +infra::profile::postfix::virtual_aliases_source: 'maps/virtual-nullclient-webmaster' +infra::profile::postfix::cert_servername: 'wildcard.pixelpark.net' + +logstash::install_plugins: false + + diff --git a/customer/fbb-api/dev-api-fbb.pixelpark.net b/customer/fbb-api/dev-api-fbb.pixelpark.net new file mode 100644 index 00000000..4c8b19ee --- /dev/null +++ b/customer/fbb-api/dev-api-fbb.pixelpark.net @@ -0,0 +1,45 @@ +--- +infra::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAD45UnyOCrkMuhpmN6YSYW9daRLr1TCVjVtG+GH4tWHAL3iMXMrNpHaDYvn2Cb9rYXzPPDjGVCVQm7gRi4cmIrBdtID/YzUlOncI9fDNg2SFNLVPs86Md9C4CC7f7N+LjUV24VliWW6d61QJbWGx6aTPof/7WKIlVaHzOzB5P8fkeWInHw6j6VK/zZURHwf+b4Om/g3/d3A5X0OQZVKiTuT/4x3Oz1/+6ZZnnVZ818UQbvD+INeze15ZUo0CFmzTN40A3HIIqdAE9AZo+e8zjHBvEwDsR5Lfabl1yTKFlAIsO7MzPn4vbbLxDYzGuNMMN9+Nv3HwjwkV7RkXHHJ+ImDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBINtZ2isNBjy+ZiYnz+UgvgBDXuoRhvkKpGgcwk6/2RSBf] + +infra::profile::apache::pp_vhosts: + dev-api: + docroot: /var/www/api + servername: dev-api-fbb.pixelpark.net + cert_servername: 'wildcard.pixelpark.net' + cert_customer: 'pixelpark' + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' + docroot_owner: apache + docroot_group: apache + docroot_mode: '2775' + directories: + - directory_root: + provider: directory + path: '/var/www/api' + addhandlers: + - { handler: "proxy:unix:/var/run/php5-fpm-api.sock|fcgi://./" , extensions: '.php' } + options: + - FollowSymLinks + - MultiViews + allow_override: + - All + directoryindex: index.php index.html + - location1: + provider: location + path: '/' + auth_type: Digest + auth_name: server + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' + rewrites: + - alias: + comment: 'Alles auf https umleiten' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' diff --git a/customer/fbb-api/development.yaml b/customer/fbb-api/development.yaml new file mode 100644 index 00000000..377524e1 --- /dev/null +++ b/customer/fbb-api/development.yaml @@ -0,0 +1,70 @@ +--- +accounts::users: + markus.baumann: + apply: true + sudo: true + thomas.bussmeyer: + apply: true + sudo: true + harry.teuber: + apply: true + sudo: true + christian.schoenherr: + apply: true + sudo: true + santiago.nuneznegrillo: + apply: true + sudo: true + jenkins: + apply: true + sudo: false + +sudo::configs: + jenkins_rights: + priority: "06" + content: | + jenkins ALL=(apache) NOPASSWD: ALL + +infra::additional_classes: + - infra::profile::apache_php + - redis + +repo::remi_php72: true + +php::extensions: + gd: {} + opcache: {} + soap: {} + mbstring: {} + zip: {} + xml: {} + json: {} + pdo: {} + redis: {} + mysql: {} + +php::settings: + PHP/memory_limit: 320M + PHP/post_max_size: 20M + PHP/register_globals: 'Off' + PHP/include_path: '.:/opt/app/ZendFramework/library:/opt/app/web' + PHP/max_execution_time: 30 + PHP/max_input_time: 60 + PHP/output_buffering: 65536 + PHP/upload_max_filesize: 4M + PHP/max_file_uploads: 50 + PHP/short_open_tag: 'On' + PHP/expose_php: 'Off' + +infra::profile::apache_php::fpm_pool: + api: + listen_owner: apache + listen_group: apache + pm_max_children: 20 + +redis::bind: 0.0.0.0 +redis::manage_repo: true +redis::timeout: 30 +redis::maxmemory: 1gb + +apache::mod::ssl::ssl_cipher: 'EECDH+AES:EDH+AES:!SHA1:!aNULL@STRENGTH' diff --git a/customer/fbb-api/prd-api01-fbb.pixelpark.net b/customer/fbb-api/prd-api01-fbb.pixelpark.net new file mode 100644 index 00000000..fb23e1f4 --- /dev/null +++ b/customer/fbb-api/prd-api01-fbb.pixelpark.net @@ -0,0 +1,45 @@ +--- +infra::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAEhHNp9O1ZwXrvSI+ztK8hRVUmB5WSN3wD3Eq5KonQFDhNMPwTXKLGsKZAj6zntROnyzmzoij3beddff2KHi7qFgXkyaa6N/T/l0vBfVwfwKVO0lFEeETwrW49EBF0PKNmgWRDtVIRF50t4K8/e+Fx6q96xHULeWtflz4oats8vm5K5QE0HG1o4VnTNe8JMFF/h6GBbhAq36limSCzW5L2ahfgx3XZGIA0nP+PpuPUEtz3RvG4glfoO+4EHsBvWaRmz9iCMnax/dD3wviJL9ByNYew+crvc1wjF0uKS1pjg1zCsC5MR4JUbuATe3c5Iuun4Xdq2sMFsU4LNlWvGMOEDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBArNUcgz84mMRYddUDDjpKagBAbUFmU+qdqlDedjVBzTreB] + +infra::profile::apache::pp_vhosts: + prd-api: + docroot: /var/www/api + servername: prd-api01-fbb.pixelpark.net + cert_servername: 'wildcard.pixelpark.net' + cert_customer: 'pixelpark' + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' + docroot_owner: apache + docroot_group: apache + docroot_mode: '2775' + directories: + - directory_root: + provider: directory + path: '/var/www/api' + addhandlers: + - { handler: "proxy:unix:/var/run/php5-fpm-api.sock|fcgi://./" , extensions: '.php' } + options: + - FollowSymLinks + - MultiViews + allow_override: + - All + directoryindex: index.php index.html + - location1: + provider: location + path: '/' + auth_type: Digest + auth_name: server + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' + rewrites: + - alias: + comment: 'Alles auf https umleiten' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' diff --git a/customer/fbb-api/prd-api02-fbb.pixelpark.net b/customer/fbb-api/prd-api02-fbb.pixelpark.net new file mode 100644 index 00000000..155babd7 --- /dev/null +++ b/customer/fbb-api/prd-api02-fbb.pixelpark.net @@ -0,0 +1,45 @@ +--- +infra::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAQrgsaiDoD3HEZf+LtYpa5HXTfV+5o21cAzv65Jdu3c09B+i5NdB6RE083SC0lmXS8d4hnNqLu98fp7QClRf58r54U965yrIYaJi7MiIZD9LtVxcJoN65aAIsdQyTxm7wKTGLIpQIg3nHkkCu2eQrq0iDwjdayBM/ZuVYrwx75OqwicJAisa6vSmj4uS7AXqXSdXL8zBMVtU9k4ppfNCNjCTgGwYbiDS69oad2VkibEvkV3v9JP1+b6DpaiZQ87Xs+qxKyL4aI+hd3pCtRxofF4HpKHf5ky4hhXX7/ZabHnqLm29RIc0NlGNxEK7T1l/oflb5NbFsYWDzP0AfdmJfFzA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDwVO4+8Lfjy/pXvsoEV6yHgBDLvStwubq8PI9++0wc4Unx] + +infra::profile::apache::pp_vhosts: + prd-api: + docroot: /var/www/api + servername: prd-api02-fbb.pixelpark.net + cert_servername: 'wildcard.pixelpark.net' + cert_customer: 'pixelpark' + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' + docroot_owner: apache + docroot_group: apache + docroot_mode: '2775' + directories: + - directory_root: + provider: directory + path: '/var/www/api' + addhandlers: + - { handler: "proxy:unix:/var/run/php5-fpm-api.sock|fcgi://./" , extensions: '.php' } + options: + - FollowSymLinks + - MultiViews + allow_override: + - All + directoryindex: index.php index.html + - location1: + provider: location + path: '/' + auth_type: Digest + auth_name: server + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' + rewrites: + - alias: + comment: 'Alles auf https umleiten' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' diff --git a/customer/fbb-api/production.yaml b/customer/fbb-api/production.yaml new file mode 100644 index 00000000..efbf9727 --- /dev/null +++ b/customer/fbb-api/production.yaml @@ -0,0 +1,49 @@ +--- +accounts::users: + jenkins: + apply: true + sudo: false + +sudo::configs: + jenkins_rights: + priority: "06" + content: | + jenkins ALL=(apache) NOPASSWD: ALL + +infra::additional_classes: + - infra::profile::apache_php + +repo::remi_php72: true + +php::extensions: + gd: {} + opcache: {} + soap: {} + mbstring: {} + zip: {} + xml: {} + json: {} + pdo: {} + redis: {} + mysql: {} + +php::settings: + PHP/memory_limit: 320M + PHP/post_max_size: 20M + PHP/register_globals: 'Off' + PHP/include_path: '.:/opt/app/ZendFramework/library:/opt/app/web' + PHP/max_execution_time: 30 + PHP/max_input_time: 60 + PHP/output_buffering: 65536 + PHP/upload_max_filesize: 4M + PHP/max_file_uploads: 50 + PHP/short_open_tag: 'On' + PHP/expose_php: 'Off' + +infra::profile::apache_php::fpm_pool: + api: + listen_owner: apache + listen_group: apache + pm_max_children: 20 + +apache::mod::ssl::ssl_cipher: 'EECDH+AES:EDH+AES:!SHA1:!aNULL@STRENGTH' diff --git a/customer/fbb-api/test.yaml b/customer/fbb-api/test.yaml new file mode 100644 index 00000000..9690c373 --- /dev/null +++ b/customer/fbb-api/test.yaml @@ -0,0 +1,69 @@ +accounts::users: + markus.baumann: + apply: true + sudo: true + thomas.bussmeyer: + apply: true + sudo: true + harry.teuber: + apply: true + sudo: true + christian.schoenherr: + apply: true + sudo: true + santiago.nuneznegrillo: + apply: true + sudo: true + jenkins: + apply: true + sudo: false + +sudo::configs: + jenkins_rights: + priority: "06" + content: | + jenkins ALL=(apache) NOPASSWD: ALL + +infra::additional_classes: + - infra::profile::apache_php + - redis + +repo::remi_php72: true + +php::extensions: + gd: {} + opcache: {} + soap: {} + mbstring: {} + zip: {} + xml: {} + json: {} + pdo: {} + redis: {} + mysql: {} + +php::settings: + PHP/memory_limit: 320M + PHP/post_max_size: 20M + PHP/register_globals: 'Off' + PHP/include_path: '.:/opt/app/ZendFramework/library:/opt/app/web' + PHP/max_execution_time: 30 + PHP/max_input_time: 60 + PHP/output_buffering: 65536 + PHP/upload_max_filesize: 4M + PHP/max_file_uploads: 50 + PHP/short_open_tag: 'On' + PHP/expose_php: 'Off' + +infra::profile::apache_php::fpm_pool: + api: + listen_owner: apache + listen_group: apache + pm_max_children: 20 + +redis::bind: 0.0.0.0 +redis::manage_repo: true +redis::timeout: 30 +redis::maxmemory: 1gb + +apache::mod::ssl::ssl_cipher: 'EECDH+AES:EDH+AES:!SHA1:!aNULL@STRENGTH' diff --git a/customer/fbb-api/tst-api01-fbb.pixelpark.net b/customer/fbb-api/tst-api01-fbb.pixelpark.net new file mode 100644 index 00000000..dc3ec87a --- /dev/null +++ b/customer/fbb-api/tst-api01-fbb.pixelpark.net @@ -0,0 +1,45 @@ +--- +infra::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAi7B5vSvLZSBDcOlVym8Mn0yOKPvW6EG9cNIihJTLNYTTuT4zNIKrrYqfacgpjwqsWuu18dNfneh8wZRaf9/QccZ+HIYTV7a/0tKJLcGhE+5Ltm1OJ+CBrB/mVoz1YVWS6OTQoK0gsTMLYlH5psvdpuWVkwudV1b56WCa/TL5iJqy3V+A5hbQjlQVcG2A6HHz1vyPh6gxAg6we6bc43Nmxw8cPDG+Am5H+i97b+/BVagd2pTNJu1341p7WhXcnKiRzKfHUj2YoxB2hxm1Jr9gyZoJOJP0h4o5oP1D9hUkdUiwu8TF0KPY6K7FjWN/EXX3EYqAOjm8CXJCjqmch0ajDTA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAbSXchRvjLyzx3FxAqhXSVgBDnaVLim4RWrpZgLQJhA0ea] + +infra::profile::apache::pp_vhosts: + tst-api: + docroot: /var/www/api + servername: tst-api01-fbb.pixelpark.net + cert_servername: 'wildcard.pixelpark.net' + cert_customer: 'pixelpark' + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' + docroot_owner: apache + docroot_group: apache + docroot_mode: '2775' + directories: + - directory_root: + provider: directory + path: '/var/www/api' + addhandlers: + - { handler: "proxy:unix:/var/run/php5-fpm-api.sock|fcgi://./" , extensions: '.php' } + options: + - FollowSymLinks + - MultiViews + allow_override: + - All + directoryindex: index.php index.html + - location1: + provider: location + path: '/' + auth_type: Digest + auth_name: server + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' + rewrites: + - alias: + comment: 'Alles auf https umleiten' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' diff --git a/customer/fbb-api/tst-api02-fbb.pixelpark.net b/customer/fbb-api/tst-api02-fbb.pixelpark.net new file mode 100644 index 00000000..015a43f1 --- /dev/null +++ b/customer/fbb-api/tst-api02-fbb.pixelpark.net @@ -0,0 +1,45 @@ +--- +infra::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEApLwtQtA38osTY/7lUdvIQofSDJzSVVGCiE7m3++ZB+AnZPB0ygy4fKWig+ESSVD1fny4BFnl2WK1/E5BbFxOYkOFYNIQwEeXBTfukf4EFx8CJ4EfRGoWi2G8u/hDVS2mG6VCV7G71yg5JbDpo5riR/tLlJV6pEbgPITIRQE8DJ+a6gYy1Zs+QiWHoZpmh7ZrXR8XQMEoYOMtGig1EIHEb8t1vT5QQQiCT0JqwLzG9gdwHNf8+W42A1xNfPcZlHX5aFhUwDo+AQkn1Z5/C8Z2t44f/Sbd79D8T6UdIv+Ji98i47V1zFlbSe9DntU6yBa+pIPG+MHVPGuqoGBDOSxJFTA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBYFlJNLjZNOjB+ZJfS6OLTgBBfrWwrqWzTXq2m+8Up6oj1] + +infra::profile::apache::pp_vhosts: + tst-api: + docroot: /var/www/api + servername: tst-api02-fbb.pixelpark.net + cert_servername: 'wildcard.pixelpark.net' + cert_customer: 'pixelpark' + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' + docroot_owner: apache + docroot_group: apache + docroot_mode: '2775' + directories: + - directory_root: + provider: directory + path: '/var/www/api' + addhandlers: + - { handler: "proxy:unix:/var/run/php5-fpm-api.sock|fcgi://./" , extensions: '.php' } + options: + - FollowSymLinks + - MultiViews + allow_override: + - All + directoryindex: index.php index.html + - location1: + provider: location + path: '/' + auth_type: Digest + auth_name: server + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' + rewrites: + - alias: + comment: 'Alles auf https umleiten' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' diff --git a/customer/fbb-passngr/common.yaml b/customer/fbb-passngr/common.yaml deleted file mode 100644 index 4118325e..00000000 --- a/customer/fbb-passngr/common.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -infra::role: base -infra::additional_classes: - - infra::profile::postfix - - infra::profile::cron - -postfix::myorigin: "pixelpark.net" -infra::profile::postfix::virtual_aliases_source: 'maps/virtual-nullclient-webmaster' -infra::profile::postfix::cert_servername: 'wildcard.pixelpark.net' - -logstash::install_plugins: false - - diff --git a/customer/fbb-passngr/dev-api-fbb.pixelpark.net b/customer/fbb-passngr/dev-api-fbb.pixelpark.net deleted file mode 100644 index 4c8b19ee..00000000 --- a/customer/fbb-passngr/dev-api-fbb.pixelpark.net +++ /dev/null @@ -1,45 +0,0 @@ ---- -infra::profile::apache::htdigest: - server: - www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAD45UnyOCrkMuhpmN6YSYW9daRLr1TCVjVtG+GH4tWHAL3iMXMrNpHaDYvn2Cb9rYXzPPDjGVCVQm7gRi4cmIrBdtID/YzUlOncI9fDNg2SFNLVPs86Md9C4CC7f7N+LjUV24VliWW6d61QJbWGx6aTPof/7WKIlVaHzOzB5P8fkeWInHw6j6VK/zZURHwf+b4Om/g3/d3A5X0OQZVKiTuT/4x3Oz1/+6ZZnnVZ818UQbvD+INeze15ZUo0CFmzTN40A3HIIqdAE9AZo+e8zjHBvEwDsR5Lfabl1yTKFlAIsO7MzPn4vbbLxDYzGuNMMN9+Nv3HwjwkV7RkXHHJ+ImDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBINtZ2isNBjy+ZiYnz+UgvgBDXuoRhvkKpGgcwk6/2RSBf] - -infra::profile::apache::pp_vhosts: - dev-api: - docroot: /var/www/api - servername: dev-api-fbb.pixelpark.net - cert_servername: 'wildcard.pixelpark.net' - cert_customer: 'pixelpark' - ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' - docroot_owner: apache - docroot_group: apache - docroot_mode: '2775' - directories: - - directory_root: - provider: directory - path: '/var/www/api' - addhandlers: - - { handler: "proxy:unix:/var/run/php5-fpm-api.sock|fcgi://./" , extensions: '.php' } - options: - - FollowSymLinks - - MultiViews - allow_override: - - All - directoryindex: index.php index.html - - location1: - provider: location - path: '/' - auth_type: Digest - auth_name: server - auth_digest_provider: file - auth_digest_algorithm: MD5 - auth_user_file: '/etc/httpd/htdigest' - auth_require: 'valid-user' - rewrites: - - alias: - comment: 'Alles auf https umleiten' - rewrite_cond: - - '%%{ich-trickse}{HTTPS} !=on' - rewrite_rule: - - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' diff --git a/customer/fbb-passngr/development.yaml b/customer/fbb-passngr/development.yaml deleted file mode 100644 index 377524e1..00000000 --- a/customer/fbb-passngr/development.yaml +++ /dev/null @@ -1,70 +0,0 @@ ---- -accounts::users: - markus.baumann: - apply: true - sudo: true - thomas.bussmeyer: - apply: true - sudo: true - harry.teuber: - apply: true - sudo: true - christian.schoenherr: - apply: true - sudo: true - santiago.nuneznegrillo: - apply: true - sudo: true - jenkins: - apply: true - sudo: false - -sudo::configs: - jenkins_rights: - priority: "06" - content: | - jenkins ALL=(apache) NOPASSWD: ALL - -infra::additional_classes: - - infra::profile::apache_php - - redis - -repo::remi_php72: true - -php::extensions: - gd: {} - opcache: {} - soap: {} - mbstring: {} - zip: {} - xml: {} - json: {} - pdo: {} - redis: {} - mysql: {} - -php::settings: - PHP/memory_limit: 320M - PHP/post_max_size: 20M - PHP/register_globals: 'Off' - PHP/include_path: '.:/opt/app/ZendFramework/library:/opt/app/web' - PHP/max_execution_time: 30 - PHP/max_input_time: 60 - PHP/output_buffering: 65536 - PHP/upload_max_filesize: 4M - PHP/max_file_uploads: 50 - PHP/short_open_tag: 'On' - PHP/expose_php: 'Off' - -infra::profile::apache_php::fpm_pool: - api: - listen_owner: apache - listen_group: apache - pm_max_children: 20 - -redis::bind: 0.0.0.0 -redis::manage_repo: true -redis::timeout: 30 -redis::maxmemory: 1gb - -apache::mod::ssl::ssl_cipher: 'EECDH+AES:EDH+AES:!SHA1:!aNULL@STRENGTH' diff --git a/customer/fbb-passngr/prd-api01-fbb.pixelpark.net b/customer/fbb-passngr/prd-api01-fbb.pixelpark.net deleted file mode 100644 index fb23e1f4..00000000 --- a/customer/fbb-passngr/prd-api01-fbb.pixelpark.net +++ /dev/null @@ -1,45 +0,0 @@ ---- -infra::profile::apache::htdigest: - server: - www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAEhHNp9O1ZwXrvSI+ztK8hRVUmB5WSN3wD3Eq5KonQFDhNMPwTXKLGsKZAj6zntROnyzmzoij3beddff2KHi7qFgXkyaa6N/T/l0vBfVwfwKVO0lFEeETwrW49EBF0PKNmgWRDtVIRF50t4K8/e+Fx6q96xHULeWtflz4oats8vm5K5QE0HG1o4VnTNe8JMFF/h6GBbhAq36limSCzW5L2ahfgx3XZGIA0nP+PpuPUEtz3RvG4glfoO+4EHsBvWaRmz9iCMnax/dD3wviJL9ByNYew+crvc1wjF0uKS1pjg1zCsC5MR4JUbuATe3c5Iuun4Xdq2sMFsU4LNlWvGMOEDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBArNUcgz84mMRYddUDDjpKagBAbUFmU+qdqlDedjVBzTreB] - -infra::profile::apache::pp_vhosts: - prd-api: - docroot: /var/www/api - servername: prd-api01-fbb.pixelpark.net - cert_servername: 'wildcard.pixelpark.net' - cert_customer: 'pixelpark' - ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' - docroot_owner: apache - docroot_group: apache - docroot_mode: '2775' - directories: - - directory_root: - provider: directory - path: '/var/www/api' - addhandlers: - - { handler: "proxy:unix:/var/run/php5-fpm-api.sock|fcgi://./" , extensions: '.php' } - options: - - FollowSymLinks - - MultiViews - allow_override: - - All - directoryindex: index.php index.html - - location1: - provider: location - path: '/' - auth_type: Digest - auth_name: server - auth_digest_provider: file - auth_digest_algorithm: MD5 - auth_user_file: '/etc/httpd/htdigest' - auth_require: 'valid-user' - rewrites: - - alias: - comment: 'Alles auf https umleiten' - rewrite_cond: - - '%%{ich-trickse}{HTTPS} !=on' - rewrite_rule: - - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' diff --git a/customer/fbb-passngr/prd-api02-fbb.pixelpark.net b/customer/fbb-passngr/prd-api02-fbb.pixelpark.net deleted file mode 100644 index 155babd7..00000000 --- a/customer/fbb-passngr/prd-api02-fbb.pixelpark.net +++ /dev/null @@ -1,45 +0,0 @@ ---- -infra::profile::apache::htdigest: - server: - www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAQrgsaiDoD3HEZf+LtYpa5HXTfV+5o21cAzv65Jdu3c09B+i5NdB6RE083SC0lmXS8d4hnNqLu98fp7QClRf58r54U965yrIYaJi7MiIZD9LtVxcJoN65aAIsdQyTxm7wKTGLIpQIg3nHkkCu2eQrq0iDwjdayBM/ZuVYrwx75OqwicJAisa6vSmj4uS7AXqXSdXL8zBMVtU9k4ppfNCNjCTgGwYbiDS69oad2VkibEvkV3v9JP1+b6DpaiZQ87Xs+qxKyL4aI+hd3pCtRxofF4HpKHf5ky4hhXX7/ZabHnqLm29RIc0NlGNxEK7T1l/oflb5NbFsYWDzP0AfdmJfFzA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDwVO4+8Lfjy/pXvsoEV6yHgBDLvStwubq8PI9++0wc4Unx] - -infra::profile::apache::pp_vhosts: - prd-api: - docroot: /var/www/api - servername: prd-api02-fbb.pixelpark.net - cert_servername: 'wildcard.pixelpark.net' - cert_customer: 'pixelpark' - ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' - docroot_owner: apache - docroot_group: apache - docroot_mode: '2775' - directories: - - directory_root: - provider: directory - path: '/var/www/api' - addhandlers: - - { handler: "proxy:unix:/var/run/php5-fpm-api.sock|fcgi://./" , extensions: '.php' } - options: - - FollowSymLinks - - MultiViews - allow_override: - - All - directoryindex: index.php index.html - - location1: - provider: location - path: '/' - auth_type: Digest - auth_name: server - auth_digest_provider: file - auth_digest_algorithm: MD5 - auth_user_file: '/etc/httpd/htdigest' - auth_require: 'valid-user' - rewrites: - - alias: - comment: 'Alles auf https umleiten' - rewrite_cond: - - '%%{ich-trickse}{HTTPS} !=on' - rewrite_rule: - - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' diff --git a/customer/fbb-passngr/production.yaml b/customer/fbb-passngr/production.yaml deleted file mode 100644 index efbf9727..00000000 --- a/customer/fbb-passngr/production.yaml +++ /dev/null @@ -1,49 +0,0 @@ ---- -accounts::users: - jenkins: - apply: true - sudo: false - -sudo::configs: - jenkins_rights: - priority: "06" - content: | - jenkins ALL=(apache) NOPASSWD: ALL - -infra::additional_classes: - - infra::profile::apache_php - -repo::remi_php72: true - -php::extensions: - gd: {} - opcache: {} - soap: {} - mbstring: {} - zip: {} - xml: {} - json: {} - pdo: {} - redis: {} - mysql: {} - -php::settings: - PHP/memory_limit: 320M - PHP/post_max_size: 20M - PHP/register_globals: 'Off' - PHP/include_path: '.:/opt/app/ZendFramework/library:/opt/app/web' - PHP/max_execution_time: 30 - PHP/max_input_time: 60 - PHP/output_buffering: 65536 - PHP/upload_max_filesize: 4M - PHP/max_file_uploads: 50 - PHP/short_open_tag: 'On' - PHP/expose_php: 'Off' - -infra::profile::apache_php::fpm_pool: - api: - listen_owner: apache - listen_group: apache - pm_max_children: 20 - -apache::mod::ssl::ssl_cipher: 'EECDH+AES:EDH+AES:!SHA1:!aNULL@STRENGTH' diff --git a/customer/fbb-passngr/test.yaml b/customer/fbb-passngr/test.yaml deleted file mode 100644 index 9690c373..00000000 --- a/customer/fbb-passngr/test.yaml +++ /dev/null @@ -1,69 +0,0 @@ -accounts::users: - markus.baumann: - apply: true - sudo: true - thomas.bussmeyer: - apply: true - sudo: true - harry.teuber: - apply: true - sudo: true - christian.schoenherr: - apply: true - sudo: true - santiago.nuneznegrillo: - apply: true - sudo: true - jenkins: - apply: true - sudo: false - -sudo::configs: - jenkins_rights: - priority: "06" - content: | - jenkins ALL=(apache) NOPASSWD: ALL - -infra::additional_classes: - - infra::profile::apache_php - - redis - -repo::remi_php72: true - -php::extensions: - gd: {} - opcache: {} - soap: {} - mbstring: {} - zip: {} - xml: {} - json: {} - pdo: {} - redis: {} - mysql: {} - -php::settings: - PHP/memory_limit: 320M - PHP/post_max_size: 20M - PHP/register_globals: 'Off' - PHP/include_path: '.:/opt/app/ZendFramework/library:/opt/app/web' - PHP/max_execution_time: 30 - PHP/max_input_time: 60 - PHP/output_buffering: 65536 - PHP/upload_max_filesize: 4M - PHP/max_file_uploads: 50 - PHP/short_open_tag: 'On' - PHP/expose_php: 'Off' - -infra::profile::apache_php::fpm_pool: - api: - listen_owner: apache - listen_group: apache - pm_max_children: 20 - -redis::bind: 0.0.0.0 -redis::manage_repo: true -redis::timeout: 30 -redis::maxmemory: 1gb - -apache::mod::ssl::ssl_cipher: 'EECDH+AES:EDH+AES:!SHA1:!aNULL@STRENGTH' diff --git a/customer/fbb-passngr/tst-api01-fbb.pixelpark.net b/customer/fbb-passngr/tst-api01-fbb.pixelpark.net deleted file mode 100644 index dc3ec87a..00000000 --- a/customer/fbb-passngr/tst-api01-fbb.pixelpark.net +++ /dev/null @@ -1,45 +0,0 @@ ---- -infra::profile::apache::htdigest: - server: - www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAi7B5vSvLZSBDcOlVym8Mn0yOKPvW6EG9cNIihJTLNYTTuT4zNIKrrYqfacgpjwqsWuu18dNfneh8wZRaf9/QccZ+HIYTV7a/0tKJLcGhE+5Ltm1OJ+CBrB/mVoz1YVWS6OTQoK0gsTMLYlH5psvdpuWVkwudV1b56WCa/TL5iJqy3V+A5hbQjlQVcG2A6HHz1vyPh6gxAg6we6bc43Nmxw8cPDG+Am5H+i97b+/BVagd2pTNJu1341p7WhXcnKiRzKfHUj2YoxB2hxm1Jr9gyZoJOJP0h4o5oP1D9hUkdUiwu8TF0KPY6K7FjWN/EXX3EYqAOjm8CXJCjqmch0ajDTA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAbSXchRvjLyzx3FxAqhXSVgBDnaVLim4RWrpZgLQJhA0ea] - -infra::profile::apache::pp_vhosts: - tst-api: - docroot: /var/www/api - servername: tst-api01-fbb.pixelpark.net - cert_servername: 'wildcard.pixelpark.net' - cert_customer: 'pixelpark' - ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' - docroot_owner: apache - docroot_group: apache - docroot_mode: '2775' - directories: - - directory_root: - provider: directory - path: '/var/www/api' - addhandlers: - - { handler: "proxy:unix:/var/run/php5-fpm-api.sock|fcgi://./" , extensions: '.php' } - options: - - FollowSymLinks - - MultiViews - allow_override: - - All - directoryindex: index.php index.html - - location1: - provider: location - path: '/' - auth_type: Digest - auth_name: server - auth_digest_provider: file - auth_digest_algorithm: MD5 - auth_user_file: '/etc/httpd/htdigest' - auth_require: 'valid-user' - rewrites: - - alias: - comment: 'Alles auf https umleiten' - rewrite_cond: - - '%%{ich-trickse}{HTTPS} !=on' - rewrite_rule: - - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' diff --git a/customer/fbb-passngr/tst-api02-fbb.pixelpark.net b/customer/fbb-passngr/tst-api02-fbb.pixelpark.net deleted file mode 100644 index 015a43f1..00000000 --- a/customer/fbb-passngr/tst-api02-fbb.pixelpark.net +++ /dev/null @@ -1,45 +0,0 @@ ---- -infra::profile::apache::htdigest: - server: - www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEApLwtQtA38osTY/7lUdvIQofSDJzSVVGCiE7m3++ZB+AnZPB0ygy4fKWig+ESSVD1fny4BFnl2WK1/E5BbFxOYkOFYNIQwEeXBTfukf4EFx8CJ4EfRGoWi2G8u/hDVS2mG6VCV7G71yg5JbDpo5riR/tLlJV6pEbgPITIRQE8DJ+a6gYy1Zs+QiWHoZpmh7ZrXR8XQMEoYOMtGig1EIHEb8t1vT5QQQiCT0JqwLzG9gdwHNf8+W42A1xNfPcZlHX5aFhUwDo+AQkn1Z5/C8Z2t44f/Sbd79D8T6UdIv+Ji98i47V1zFlbSe9DntU6yBa+pIPG+MHVPGuqoGBDOSxJFTA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBYFlJNLjZNOjB+ZJfS6OLTgBBfrWwrqWzTXq2m+8Up6oj1] - -infra::profile::apache::pp_vhosts: - tst-api: - docroot: /var/www/api - servername: tst-api02-fbb.pixelpark.net - cert_servername: 'wildcard.pixelpark.net' - cert_customer: 'pixelpark' - ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' - docroot_owner: apache - docroot_group: apache - docroot_mode: '2775' - directories: - - directory_root: - provider: directory - path: '/var/www/api' - addhandlers: - - { handler: "proxy:unix:/var/run/php5-fpm-api.sock|fcgi://./" , extensions: '.php' } - options: - - FollowSymLinks - - MultiViews - allow_override: - - All - directoryindex: index.php index.html - - location1: - provider: location - path: '/' - auth_type: Digest - auth_name: server - auth_digest_provider: file - auth_digest_algorithm: MD5 - auth_user_file: '/etc/httpd/htdigest' - auth_require: 'valid-user' - rewrites: - - alias: - comment: 'Alles auf https umleiten' - rewrite_cond: - - '%%{ich-trickse}{HTTPS} !=on' - rewrite_rule: - - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]'