From 72cdf5ce4e1a9e17594be58d4fe5c0197943f966 Mon Sep 17 00:00:00 2001 From: "sascha.strassheim" Date: Tue, 20 Feb 2018 10:06:42 +0100 Subject: [PATCH] OPS-347 --- ...ww-publicispixelpark-de.pixelpark.com.yaml | 3 - ...ww-publicispixelpark-de.pixelpark.com.yaml | 105 ++++++++++++++++++ 2 files changed, 105 insertions(+), 3 deletions(-) diff --git a/customer/pixelpark/stage-www-publicispixelpark-de.pixelpark.com.yaml b/customer/pixelpark/stage-www-publicispixelpark-de.pixelpark.com.yaml index 411e561a..5aa9be2f 100644 --- a/customer/pixelpark/stage-www-publicispixelpark-de.pixelpark.com.yaml +++ b/customer/pixelpark/stage-www-publicispixelpark-de.pixelpark.com.yaml @@ -9,9 +9,6 @@ infra::additional_classes: accounts::users: jenkins: apply: true - stephan.vits: - apply: true - sudo: true tim.schroeder: apply: true sudo: true diff --git a/customer/pixelpark/www-publicispixelpark-de.pixelpark.com.yaml b/customer/pixelpark/www-publicispixelpark-de.pixelpark.com.yaml index 3b0442d3..00a74b96 100644 --- a/customer/pixelpark/www-publicispixelpark-de.pixelpark.com.yaml +++ b/customer/pixelpark/www-publicispixelpark-de.pixelpark.com.yaml @@ -1,2 +1,107 @@ --- infra::role: base +infra::additional_classes: + - infra::profile::typo3 + - infra::profile::mysql_server + - infra::profile::postfix + +# user +accounts::users: + jenkins: + apply: true + tim.schroeder: + apply: true + sudo: true + sebastian.bayer: + apply: true + sudo: true + christian.beyer: + apply: true + sudo: true + +sudo::configs: + jenkins_deploy: + priority: "06" + content: | + jenkins ALL=(apache) NOPASSWD: ALL + +# Postfix Config +postfix::myorigin: 'pixelpark.com' + +# php packages +repo::remi_php71: true + +php::extensions: + gd: {} + opcache: {} + mysqlnd: {} + soap: {} + mbstring: {} + zip: {} + xml: {} + +# php settings +php::settings: + Date/date.timezone: Europe/Berlin + +# mysql +mysql::server::package_name: MariaDB-server +mysql::client::package_name: MariaDB-client +infra::additional_files: + mariadb_repo: + path: '/etc/yum.repos.d/mariadb.repo' + owner: 'root' + group: 'root' + mode: '0644' + content: | + [mariadb] + name=MariaDB Yum Repo + baseurl=http://repo.pixelpark.com/Linux/yum/mariadb/10.3/centos/7/x86_64/ + enabled=1 + gpgcheck=1 + gpgkey=http://repo.pixelpark.com/Linux/yum/mariadb/RPM-GPG-KEY-MariaDB + +mysql::server::root_password: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAuQFyumJA5pJPxSP8gfl7LyZW9LjEQw/Ew7df0FBKjdeDNRoj/zkag0RryD9uYRHFgvcc90nObKV+oxgC7OV2sBvbC+95o4TLYqUZY8y/7suvCB2a/qaKfTWdkAgdxfOrLwauFDJsqiC521BfV+v8wxSML77cdHVW7FLu08QQa0MsS/61QICBgFgyS/+li3Q4Uj57oaZH2xqfm0z3k0LT8XQ0sEcMicr+K0DZJiWvpaExzG/N26/5+KpgTWxcqhrpiYA/Cidm/pxnwVA0oMywGzRqbRakSahx9R/ACh1htCK0R3ZBUO0bB0//yD1EXMGELMnudvcRu7lMDq0eyaKXczA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCXppXAXpw/pQmnwfonbxs8gBBjs297AU9Ul6sjDLsuds7G] + +mysql::server::remove_default_accounts: true +mysql::server::backup::backupuser: backup +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAJJdmb4em9e+/Bx0GCEnUzcKQoopbk4LvDz+K01ijeSHXnjp37s8Ui1+9S6nm7yBtOzA9a3v43S5TosM9X9ZvEirfky1tMHDiWHFh9bT6BPfqM1gN2BPrmFTeGv68joc/cCJj1vOn7Erdl2oykJuyU+bx4Kp2sxlC3MYi5u3xzpnI0cHf7eUFqdLHXFOnXdSU5/eTQNGQLgGPnos+AIAy8m6sD8qKfykmHDDl7OKEEjEselIQuXgyZJc/X3SQKTpp18yxpOnsDpcrBOjrrqZ//gues3eGhIPho+DfXR0RQDrM2bwFwvtjb1M6tDFKUTVs5B9CHkE0ulsHUNvCx+hb/DA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDITV8FVT+nzTXFLlmT24WagBC3ut1JRHBAGEZQg2bm8KMA] + +mysql::server::backup::backupdir: /var/lib/backup/mysql + +# basic auth apache - check +infra::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAIwjP+xxARjhr/F2nJ5mixV3TBy0UDfoa9/hp3ucoP4WBiEPGSkWlFs0h3khJfXegQs9LzhmWG1bfLA5kps3S+vcB7dREZlka9KZYu+JQwtctfk/zYjfwOHqWhRTShRUDMp3YDiFdJg2Y9jehF7aO+wY0VTbaocgSndwkEs5XXea/LeW/kGhoLCkqTyzGbdT9BI1M+O2sVhzj4WFI1jqSI9+1sZQEZtKylE7xU3HFhwt/JY0Gt1qGzPljGHfS4z0by5WfgSPc5kiHGWMfrcX5VbXmomIgzSA0WDM9kuTo4ImUuEcVcgmsJUV6EybyL9yTiyXNZlWYHdKjQ48Y4U2EdjA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCjHp+P8BWHHQl7sTl1ExE9gBBsl5+MzuYH3NUR5Q00g0pn] + +infra::profile::typo3::projects_composer_monolith: + pubpix: + db_pass: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEANSfTwzvt4Ocr5L/xPgbzJg/mRf4ilWmDlGDE43kLfCJVA6ljCCLBrqP2bMso4ZA20NzyO8Ly8nSBkvdVa8hhN4PDrl4/STaEhcESGxtwI9do6wPiFpOsNJDC1igBRQATDGFARcEOcat5rOrcZr3HDsvuOcaRtOwJOtISnQNQIwhdjoIhZmgIcvF1ReojClOX/qPVEdppzjH5516xZNcUqPnn7qY5+eXItFNZKsKK6PsTPFb+lbByNAtWooDzaFF+NvoW2yLD4z9RQgGX/5GFZkr7jhX2uHbwyOG5VSMVET6P2vFhmsXZ23/4DyUSoIyfKOqE6suRFRF2+8oozitpOjA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCi739S05PP9wbiH8JXxdhUgBAd+EFjE9JmGDIlIJEfijVO] + db_user: pubpix + db_name: pubpix + servername: www-publicispixelpark-de.pixelpark.com + # Change Cert + cert_servername: 'wildcard.pixelpark.net' + cert_customer: 'pixelpark' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.com-key.pem' + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem' + directories: + - provider: location + path: '/' + auth_type: Digest + auth_name: server + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' + require: + - local + rewrites: + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + php_admin_value: + max_input_vars: '1500' -- 2.39.5