From 79416888e4ecd45d33de2003c1f499e4c36b8190 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Mon, 27 Feb 2017 18:01:32 +0100 Subject: [PATCH] Sammel-Commit fuer alle Aenderungen seit dem 20.01.2017 --- common.yaml | 116 +- customer/1und1/git-1und1.novalocal.yaml | 23 - customer/1und1/production.yaml | 51 - customer/bmas-g20/common.yaml | 36 + .../dev-www-g20-bmas.pixelpark.net.yaml | 55 + .../bmas-g20/www-g20-bmas.pixelpark.net.yaml | 46 + customer/bmas-typo3/production.yaml | 2 +- customer/bmbf/web01-bmbf.pixelpark.net.yaml | 2 +- customer/bmbf/web02-bmbf.pixelpark.net.yaml | 17 +- customer/bmwi/db01-bmwi-de.pixelpark.net.yaml | 2 +- customer/bmwi/db02-bmwi-de.pixelpark.net.yaml | 2 +- .../bmwi/dev-db-bmwi-de.pixelpark.net.yaml | 2 +- .../bmwi/test-db01-bmwi-de.pixelpark.net.yaml | 2 +- .../bmwi/test-db02-bmwi-de.pixelpark.net.yaml | 2 +- customer/buschjaeger/common.yaml | 4 + .../db01-buschjaeger-de.pixelpark.net.yaml | 17 - .../db02-buschjaeger-de.pixelpark.net.yaml | 17 - customer/buschjaeger/production.yaml | 73 +- ...test-web-buschjaeger-de.pixelpark.net.yaml | 89 +- .../web01-buschjaeger-de.pixelpark.net.yaml | 50 +- .../web02-buschjaeger-de.pixelpark.net.yaml | 50 +- .../www-tmp-emperra-com.pixelpark.net.yaml | 2 +- ...ptive-berlin-airport-de.pixelpark.net.yaml | 60 + ...ptive-berlin-airport-de.pixelpark.net.yaml | 41 + ...ptive-berlin-airport-de.pixelpark.net.yaml | 41 + customer/fbb-orat/common.yaml | 10 +- ...-orat-berlin-airport-de.pixelpark.net.yaml | 61 +- customer/fbb-orat/production.yaml | 118 ++ customer/fbb-orat/test.yaml | 69 +- ...-orat-berlin-airport-de.pixelpark.net.yaml | 5 - ...-orat-berlin-airport-de.pixelpark.net.yaml | 5 - ...-orat-berlin-airport-de.pixelpark.net.yaml | 10 +- ...-orat-berlin-airport-de.pixelpark.net.yaml | 10 +- customer/fbb-web/production.yaml | 12 +- ...rvice-berlin-airport-de.pixelpark.net.yaml | 61 +- ...rvice-berlin-airport-de.pixelpark.net.yaml | 119 ++ customer/fbb-werbung/common.yaml | 3 + ...rbung-berlin-airport-de.pixelpark.net.yaml | 39 + ...bung-berlin-airport-de.pixelpark.net.yaml} | 0 ...bung-berlin-airport-de.pixelpark.net.yaml} | 0 ...bung-berlin-airport-de.pixelpark.net.yaml} | 0 ...bung-berlin-airport-de.pixelpark.net.yaml} | 0 customer/fbb/production.yaml | 4 +- customer/fbb/test.yaml | 12 +- customer/joml/production.yaml | 2 +- .../benchmark-koerber.pixelpark.net.yaml | 60 + .../dev-lekker-01-hy01.pixelpark.net.yaml | 54 - .../dev-lekker-02-hy01.pixelpark.net.yaml | 54 - customer/mbvd-cdb/common.yaml | 46 + ...eb-club-der-besten2-com.pixelpark.net.yaml | 42 + ...eb-club-der-besten2-com.pixelpark.net.yaml | 47 + ...start-mercedes-benz-com.pixelpark.net.yaml | 9 - customer/mbvd-growup/common.yaml | 48 + ...ge-web-cc-growup-dialog.pixelpark.net.yaml | 33 + .../web-cc-growup-dialog.pixelpark.net.yaml | 33 + .../dev-web-ngcc-daimler.pixelpark.net.yaml | 4 +- .../dev-odt-daimler-com.pixelpark.net.yaml | 1 - ...int-cms-odt-daimler-com.pixelpark.net.yaml | 87 +- customer/mbvd-rallye/common.yaml | 29 + ...rallye-mercedes-benz-de.pixelpark.net.yaml | 54 + ...rallye-mercedes-benz-de.pixelpark.net.yaml | 68 + ...-shes-mercedes-event-de.pixelpark.net.yaml | 19 +- .../mbvd-transporter-training/common.yaml | 2 +- ...-top10-mercedes-benz-de.pixelpark.net.yaml | 2 +- ...-top10-mercedes-benz-de.pixelpark.net.yaml | 2 +- .../mdb01-mhk-kueche-de.pixelpark.net.yaml | 14 + .../mdb02-mhk-kueche-de.pixelpark.net.yaml | 14 + .../mdb03-mhk-kueche-de.pixelpark.net.yaml | 14 + .../mhk/mls-mhk-kueche-de.pixelpark.net.yaml | 27 + .../mhk/red-mhk-kueche-de.pixelpark.net.yaml | 66 +- .../rls01-mhk-kueche-de.pixelpark.net.yaml | 26 + .../rls02-mhk-kueche-de.pixelpark.net.yaml | 26 + ...age-mdb01-mhk-kueche-de.pixelpark.net.yaml | 14 + ...age-mdb02-mhk-kueche-de.pixelpark.net.yaml | 14 + ...age-mdb03-mhk-kueche-de.pixelpark.net.yaml | 14 + ...stage-mls-mhk-kueche-de.pixelpark.net.yaml | 30 + ...stage-red-mhk-kueche-de.pixelpark.net.yaml | 146 ++ ...age-www01-mhk-kueche-de.pixelpark.net.yaml | 79 + ...age-www02-mhk-kueche-de.pixelpark.net.yaml | 79 + ...age-www03-mhk-kueche-de.pixelpark.net.yaml | 79 + .../www01-mhk-kueche-de.pixelpark.net.yaml | 137 ++ .../www02-mhk-kueche-de.pixelpark.net.yaml | 128 ++ .../www03-mhk-kueche-de.pixelpark.net.yaml | 128 ++ .../dev-web01-pfizer-de.pixelpark.net.yaml | 32 +- .../dev-web02-pfizer-de.pixelpark.net.yaml | 2 +- .../test-web01-pfizer-de.pixelpark.net.yaml | 28 +- .../pfizer/web01-pfizer-de.pixelpark.net.yaml | 333 +++- .../pfizer/web02-pfizer-de.pixelpark.net.yaml | 8 +- customer/pixelpark-mail/common.yaml | 288 ++++ .../pixelpark-mail/mail01.pixelpark.com.yaml | 3 + .../pixelpark-mail/mail02.pixelpark.com.yaml | 3 + .../pixelpark-pmp/jira02.pixelpark.com.yaml | 2 + customer/pixelpark/bauhaus.pixelpark.com.yaml | 19 +- .../pixelpark/chat-db01.pixelpark.com.yaml | 26 + customer/pixelpark/chat01.pixelpark.com.yaml | 49 +- .../dev-monitoring-client.pixelpark.com.yaml | 10 + customer/pixelpark/eriu.pixelpark.net.yaml | 4 + .../pixelpark/extranet01.pixelpark.net.yaml | 60 + .../pixelpark/fs-training.pixelpark.com.yaml | 13 + customer/pixelpark/mail01.pixelpark.com.yaml | 4 - customer/pixelpark/mail02.pixelpark.com.yaml | 13 - .../pixelpark/messageq01.pixelpark.com.yaml | 23 +- ...penvmware-tools-current.pixelpark.net.yaml | 2 + .../openvmware-tools.pixelpark.net.yaml | 2 + .../pixelpark/psql-pp01.pixelpark.net.yaml | 6 + .../pixelpark/psql-pp02.pixelpark.net.yaml | 8 +- .../test-extranet01.pixelpark.com.yaml | 9 +- .../test-psql-pp01.pixelpark.net.yaml | 6 + .../pixelpark/vmware-tools.pixelpark.net.yaml | 2 + .../web-client-survey.pixelpark.com.yaml | 4 - customer/pixeltest/sol4711.pixelpark.com.yaml | 9 + customer/prometheus/common.yaml | 9 +- .../data.prometheus.pixelpark.net.yaml | 2 + .../master01.prometheus.pixelpark.net.yaml | 6 +- .../slave001.prometheus.pixelpark.net.yaml | 7 - .../slave002.prometheus.pixelpark.net.yaml | 7 - .../slave003.prometheus.pixelpark.net.yaml | 7 - .../slave004.prometheus.pixelpark.net.yaml | 7 - .../slave005.prometheus.pixelpark.net.yaml | 7 - .../slave006.prometheus.pixelpark.net.yaml | 7 - .../slave007.prometheus.pixelpark.net.yaml | 7 - .../slave008.prometheus.pixelpark.net.yaml | 7 - .../slave009.prometheus.pixelpark.net.yaml | 8 - .../slave010.prometheus.pixelpark.net.yaml | 7 - .../slave011.prometheus.pixelpark.net.yaml | 7 - .../slave012.prometheus.pixelpark.net.yaml | 7 - .../dev01-author-sirona.pixelpark.net.yaml | 3 +- .../dev01-publish-sirona.pixelpark.net.yaml | 3 +- customer/sirona-aem/development.yaml | 4 +- .../int01-author-sirona.pixelpark.net.yaml | 4 +- .../int01-publish-sirona.pixelpark.net.yaml | 4 +- .../int02-publish-sirona.pixelpark.net.yaml | 4 +- .../prod01-author-sirona.pixelpark.net.yaml | 4 +- .../prod01-publish-sirona.pixelpark.net.yaml | 4 +- .../prod02-publish-sirona.pixelpark.net.yaml | 4 +- customer/sirona-aem/production.yaml | 1488 ++++++++++++++--- customer/sirona-aem/test.yaml | 30 +- customer/sirona-neo4j/common.yaml | 17 + .../dev01-neo4j-sirona.pixelpark.net.yaml | 5 + customer/sirona-neo4j/development.yaml | 25 + .../int01-neo4j-sirona.pixelpark.net.yaml | 4 + .../prod01-neo4j-sirona.pixelpark.net.yaml | 4 + customer/sirona-url-shorter/common.yaml | 2 +- ...xy-giro-sucht-hero-temp.pixelpark.net.yaml | 2 + modules/apache.yaml | 3 +- 145 files changed, 4764 insertions(+), 991 deletions(-) delete mode 100644 customer/1und1/git-1und1.novalocal.yaml delete mode 100644 customer/1und1/production.yaml create mode 100644 customer/bmas-g20/common.yaml create mode 100644 customer/bmas-g20/dev-www-g20-bmas.pixelpark.net.yaml create mode 100644 customer/bmas-g20/www-g20-bmas.pixelpark.net.yaml create mode 100644 customer/fbb-captive/test-web-captive-berlin-airport-de.pixelpark.net.yaml create mode 100644 customer/fbb-captive/web01-captive-berlin-airport-de.pixelpark.net.yaml create mode 100644 customer/fbb-captive/web02-captive-berlin-airport-de.pixelpark.net.yaml create mode 100644 customer/fbb-orat/production.yaml create mode 100644 customer/fbb-werbung/common.yaml create mode 100644 customer/fbb-werbung/dev-red-werbung-berlin-airport-de.pixelpark.net.yaml rename customer/{fbb-orat/data-orat-berlin-airport-de.pixelpark.net.yaml => fbb-werbung/red-werbung-berlin-airport-de.pixelpark.net.yaml} (100%) rename customer/{fbb-orat/test-data-orat-berlin-airport-de.pixelpark.net.yaml => fbb-werbung/test-red-werbung-berlin-airport-de.pixelpark.net.yaml} (100%) rename customer/{mhk/rls-mhk-kueche-de.pixelpark.net.yaml => fbb-werbung/test-werbung-berlin-airport-de.pixelpark.net.yaml} (100%) rename customer/{mhk/stage-mdb1-mhk-kueche-de.pixelpark.net.yaml => fbb-werbung/werbung-berlin-airport-de.pixelpark.net.yaml} (100%) create mode 100644 customer/koerber/benchmark-koerber.pixelpark.net.yaml delete mode 100644 customer/lekkerland/dev-lekker-01-hy01.pixelpark.net.yaml delete mode 100644 customer/lekkerland/dev-lekker-02-hy01.pixelpark.net.yaml create mode 100644 customer/mbvd-cdb/common.yaml create mode 100644 customer/mbvd-cdb/stage-web-club-der-besten2-com.pixelpark.net.yaml create mode 100644 customer/mbvd-cdb/web-club-der-besten2-com.pixelpark.net.yaml create mode 100644 customer/mbvd-growup/common.yaml create mode 100644 customer/mbvd-growup/stage-web-cc-growup-dialog.pixelpark.net.yaml create mode 100644 customer/mbvd-growup/web-cc-growup-dialog.pixelpark.net.yaml create mode 100644 customer/mbvd-rallye/common.yaml create mode 100644 customer/mbvd-rallye/stage-www-v-klasse-rallye-mercedes-benz-de.pixelpark.net.yaml create mode 100644 customer/mbvd-rallye/www-v-klasse-rallye-mercedes-benz-de.pixelpark.net.yaml create mode 100644 customer/mhk/rls01-mhk-kueche-de.pixelpark.net.yaml create mode 100644 customer/mhk/rls02-mhk-kueche-de.pixelpark.net.yaml create mode 100644 customer/pixelpark-mail/common.yaml create mode 100644 customer/pixelpark-mail/mail01.pixelpark.com.yaml create mode 100644 customer/pixelpark-mail/mail02.pixelpark.com.yaml create mode 100644 customer/pixelpark-pmp/jira02.pixelpark.com.yaml create mode 100644 customer/pixelpark/chat-db01.pixelpark.com.yaml create mode 100644 customer/pixelpark/dev-monitoring-client.pixelpark.com.yaml create mode 100644 customer/pixelpark/eriu.pixelpark.net.yaml create mode 100644 customer/pixelpark/fs-training.pixelpark.com.yaml delete mode 100644 customer/pixelpark/mail02.pixelpark.com.yaml create mode 100644 customer/pixelpark/openvmware-tools-current.pixelpark.net.yaml create mode 100644 customer/pixelpark/openvmware-tools.pixelpark.net.yaml mode change 100755 => 100644 customer/pixelpark/psql-pp02.pixelpark.net.yaml create mode 100644 customer/pixelpark/vmware-tools.pixelpark.net.yaml create mode 100644 customer/prometheus/data.prometheus.pixelpark.net.yaml create mode 100644 customer/sirona-neo4j/common.yaml create mode 100644 customer/sirona-neo4j/dev01-neo4j-sirona.pixelpark.net.yaml create mode 100644 customer/sirona-neo4j/development.yaml create mode 100644 customer/sirona-neo4j/int01-neo4j-sirona.pixelpark.net.yaml create mode 100644 customer/sirona-neo4j/prod01-neo4j-sirona.pixelpark.net.yaml create mode 100644 customer/spk-gsh/proxy-giro-sucht-hero-temp.pixelpark.net.yaml diff --git a/common.yaml b/common.yaml index e21a2a2f..89d38740 100644 --- a/common.yaml +++ b/common.yaml @@ -101,8 +101,11 @@ accounts::users: uid: 66780 key: "AAAAB3NzaC1yc2EAAAADAQABAAACAQCi6bbUMv2eeQtfC4BMd2uAy6q/6o8VECO6vYPPU0A5iA9dH3CI5qOzKGqrl+I2drwWuS8fwu45hMEVo1Ef6OGJn2HyezRzskcMGp5NK+6n5Jq+s10IdTnw/jT0ZIMsxpgIHRPAQJ63NIEsQySjA+DK1u263BL3ZaWhMUYfVSXmY5JXIbAtyRIzBPo1hJ3AlcWtbTOJsPvuyX18XG7917QMMdpByiw8DMpcIUMZtl3Uj2veszHz5c1yKoGIKNs3cmXNCeVjmxOfO7bmyhEAwMqpZqdQIYP4JMcsN+2V7SFB14UIoyKxDU15z134yzr9gyBm3sf2GeWiCR3J05AImBCvirzFq+bcSjBexKwR4lMSrEYsZv9CSGMaprgGfbk/T/l9VYcbZZe/aNnYB0QtzWm3F5cOYk+nHbI3xQLeHBrOLEdtA9elHODSnHM/jhjrOnEJFQwuWj2qKwBEVUwAo4s/Cge4V4pOwBSvGRr8I0znwV7ZOa4RYsO/WoZuzn8OdPDG988ylODcYjk0V3L06XjT7SMVhtirpIRhDsNeaSAIh4GJDW5Py/iRlfHU2vFlCNmvOBD8OTz30NdcspyuIQ7XubXcMgDFzVNE/qhLbUsP9+e4Mz4jMIicLRfCWt9TsIV6p2sf3mbiIjLjKKlpI2CCj6FDycXUsH/XrmhLkciw9w==" comment: "Andre-Schmelzer" + apply: true + shell: "bash" + sudo: true frank.brehm: - uid: 66781 + uid: 66804 key: "AAAAB3NzaC1yc2EAAAADAQABAAACAQC5YO7Jw/FiRE/9tHmDn0YKuQHxXxXRR0Ah3FrwcMU9rgYLxy6e8MY19UDpvDNil2J5QIr+nBcTZ3tfvK0j0kU/xRUWPzgbjYc2Mrk7c45BiPrHimCNKswstvFHTuJQqEk6bnM1Z3tYybgIXtNZ+ENXBe4cm85KNDiJ/ujOV3oNsb5rASmdsom43j+yEBZTWeoREox6yLirBxdYXIyLt0cyaNzMJheyIRM3/M1zfQmFcEF4tjESKsDdzE704VsEu3uJ/AxMb+/eQX5KKdUdm0HQ1Fafk6KLIio4qJe1lUAh9ca+k/gE/toFbS1gbfqRfPXl+nxg0MP/Tg1RNaDXiwX3Du4M48rmgXilvfmyxlaXXvFP+XBAElW4iDLKvjRzPhNfeyVKFol1RT1fbzkYOp744NlBoyW5pa6WBmXf7XeXpfOOEGQAicljFxazkpEDqRWCHheUnI3g8u3chQDmrGxMIvmGE1r2VTfMM5dkQAHUe13YecffIJUqfkWLwB8zkVpRMDr0Fs2RH15GEqs19cUdRuYcf2223o2IclVndpjWkOpqhDcXg1Ha8l/VnQoaZqJVESjUWxzXzoKdOiWMPdKm6HkjcnaqyQjBv3cx2E82gPnIqhSLJcsRqGwMo6jgDKEsiJR3E+rDsjOEUWevIUrEdld15kpiEMHviFvB7itl8w==" comment: "Frank-Brehm" apply: true @@ -198,7 +201,7 @@ accounts::users: comment: "Erik-Wendt" dirk-peter.krause: uid: 24029 - key: "AAAAB3NzaC1yc2EAAAABJQAAAQEA465HzsSMtgK39LFt80NfDfbCZ8YDgufsm6iHrBJBYB1Fqep8TDsMEozbpbbS1s/QGjeiENMqL85jpokxRnts8WQoyFHWo7L1TgstO6xCBrIRAmyj8x/3JbbBsEmi2G9h+hKNILnBDvLVV5WgO0YeH9fSD6qJExzHYESE/OYu7q9w0jhMsFaPadShL4t021ktOehkvAS42uoOxagLEFpZUfbPeYoFrBPr7Q1bIJCtFVTVq1PMCQmSfTxdP1i47Uo3TDDBdttHWblIyroexb5DPohepJ5vRH/VxbD0Q6UwDf+5RM4brW+lNLrs2eU7FZYokyrXwIhgcKfV9GtcqRmCRQ==" + key: "AAAAB3NzaC1yc2EAAAABIwAAAQEAprNoaApHD1/VK8Uli7ngENhVn6Kplvps+1n0BJbzoGdQISTvbqUMS0ir1+yE68JC4ikI7DaeyL+H2MR/0LG8dO6YPWauzQuirF9y01VcRj3Uwh1ldsetuqKgVi1GlEM0veJGsyGwRjQLwBCiKdj/3s9QI7yZiYd3Wk0gk+8C8N5gqrXw8bDf0miqjz0XtHf3dz/xoqGA7RjlPu/0TxKQJrb/fcnimlWOzQAXeigB6gfZUXQQq3e395LpznuvnWn22r5cCeg5GhUt9iEyBEnwc/71IOao2YGN3jDZFnM7tgBlJxx1p53QRXIDd6E/3t1DsMv/G0QfTSED6FFJ7mOI6Q==" comment: "Dirk-Peter-Krause" bastian.gutschke: uid: 25401 @@ -287,6 +290,10 @@ accounts::users: key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQDEMviCUJoFf36NTYrLeEsa9lAQXMKCa3l21aP3nCwjK25F8eMjAmD5viu8VxEa7rfz1ZMGiSsPQUrcevOGJoVEbR4Mu3IBbfNVMBqXuiXaU0aAdLsmBy+qZLtp4RUnKO6FxPwDuNAzt8CvyRJAQJMDAYlAQjGTaSvOo9hA8Byd78PrkKLiB9cxiHO7RIz9E9nSTo77o6U6iG5DK2TE3HzNMoOuzZyixj1Y1HjrH/I6lT5wkDg1Qe1TDCoSRUMHM+fs4sJzhS/1fHmWyyHRK9jKfy+1YhBTyR13gbldSS5sU7LibGxIfzq2UxhZTvY7Pj0gJrDuwu36daTHnG6dPtEP" comment: "Sebastian Küpers" shell: "bash" + gerrit.gruben: + uid: 66800 + key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQChOP32/DCf3fcx+yo5Usx6WpooN4wTMTVgstbZ56kA2vrYdszqsSq8TpjA2PXv2JD1TBOX/HCqKq0EONzMyEGbRfggNPWAeZET7NMXFZI2vRjNo6PQGYJwaFf5vLX7SWzazHDc8NC+NmDcahl0b68XZ5eEqCCaky6xGREJkgpkyzvq0BwRLwbZwq68HvApB2vutKE2WiKZnDa0hSoO8FU9pJOrNqKXcczyBUeVaiglfvlbW/bvHHfS09Q8NXEKeyREMJxiP9j8yLMGE83dWzN9j+LKv77sppjFKQh3QU2LLs/IknudWW/+GOrXwHvlb05yK4Bfz0rkaLIgZo6rRmvT" + comment: "Gerrit-Gruben" christian.schoenherr: uid: 24478 key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQD29xUmGfK0PMWL8cIbsD0o1NB4p0Ib2W3TZ6CKKUWDjBgXbQlSv+QOoKk069kj2qyCwm6ha1iMWJEjThzTDdN7Gajp+UwYQg3u3jEvaabRH54oRFIOPQNbEpdth7gokeT1G4OTthB0sk25sBbmnGOrqbc6eSr+aTzxRs29apc/I+WRgJFLoHdp2+XS8HQ05pV1Y33hPYSmB744CdfPdRYOA+vU9CPCHQi88Ed+Di4CwJ5h7DsKzT3EW5YAZbzNHJJZ7u1296JiS4Hj2VEe+ztdDWGMttiap5/e5aHhRyrwCFEwJRwQGJoLNG4hR9yywDjp9gkORpqpC8VlzZHm3dlz" @@ -302,7 +309,7 @@ accounts::users: comment: "Markus-Hettlich-HH" sebastian.schwarz: uid: 24766 - key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQDU3IV3s2sbClNg3SeaGLVhdxQVDuO022HzUZ9bChhYB0pi98cL+/fSkwWQ5vA7f6kQq+myxkm+/GGzbCKc5xWGgRLxtUuk0/lkoe0tzaQZvvkyFaQFISi0GWk1Sci7dXt8Pt+y2Hg08I7a82JbSfnVBlLEP/ZbHzoELfE142K+k4LGNpdjvVmIs1IK5QCS304oIpN8IE2yReG2x7XkKpShGR4//Id8tjzyOFJRbEGdJqT+mZjo1M/Q+79sCs/BLQn2mUDTZAS8H6kbW4fdFlVolBv/SVSn58PUahOHprPKY+TWy53TDG5LpFaDYYF8IoT8JRjvGyXRe+bHmHt+lcE3" + key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQCq4m7AM7qnsVz7MrNId8Jr7xor+Q9Z9dxGZxYAl8yGT6REsYUI1BuZj3GtSwcLdzSbo42fFoQ/9RuusEHQFoyFhUfgf6JZEAGPYNhjd9McCf18eGPyfBywt/Rflws+bc5/oaIoKSozkFU88Y2HQwZZ/zSUJCntt5xK89u63dI1gv+XD2doRj7E6Fub8dXpP/+7zpNoWzPAPuqMrtmV0mkke2Y2V17LlUEysGR0MClpRc/l0ioMLHLbevw2qdYA323wEchphkzOHgCtXs1CEJrylhGELWRmdJVAstlFpU2KAnIOtxFkYxl8jJ1ubEtsj7qLHA3GtKP+g/AbFaKH8Eod" comment: "Sebastian-Felix-Schwarz" lothar.schickhoff: uid: 11028 @@ -384,6 +391,15 @@ accounts::users: uid: 66813 key: "AAAAB3NzaC1yc2EAAAADAQABAAACAQDOBwlsmytMjiCv6fNNvztUBXhlCXtkaeGV35znTBIS+XdPxIyMK7OjQAJQ7dLwpHInpyZ/PFFFKYKTX/nIl5z4hG8fJmbhnk86Od7tP12AjfYaJNr246W+GKrYDS+AykStIRxQvqu2bEshPLEHj8c9v4ZYxz9ZlY0PZSO0UpNQgb89L20BPZ0g6yX9v/AdiTciaRQ+OuJBg5kMWfhdtrEX2TNye9lXRuwuL/NGe4NsLJ/9xluP0LcUJQXsTj5M6DOEgwhDcOfBqO0QqC6pfGfBbeLoXH1rRdYyVP5hUd+Z3kM+2gjwq3iovIAP42UosyaVN/Os1qz1D57tHHv1Dln5QrkpX8HfY0Kwo+UhJDG/f6ir3JMM96pdMhbkC37HgdoVzUirLDUvZ8kRMGxz70b+14ONzqRgocT1vys9eds+SrJj0PC8gvYWnOC5flfrShUAuxVdgD0Lm/m5PN9aARhpCPY1y/s+gTKAXPucQIwfkWkg/Sk4NSn1KNZkFzZduhgNOkc0b+jcYXTu82IZWnw66Ko6G3eiirQUJS3AXwOXsmFf3+lHpwLp9UZ9xwA4HBhh2sfnjdFXRjA03UoZVuazhVHKLDtJs4NrU1cWJUn0hD5c4yUBJUPv1nU2FSOzLBu4UVxnlKYl7njOnCsgTBjHPwmy4eybKKYHVP3Y4H0VeQ==" comment: "Kerstin-Sieren" + martin.dilg: + uid: 25121 + key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQDGFuI6Z5Kp4a2wvaAw+FhZwhszJDELxd/0+YTYUUycWQe5z/eD6qjwAmpQPCwCbauWroKtSnaTYgmlzlmXtWU1qtHveRZZe7BcYguji0T/5whZlbontcj1h4CDrIBRWTGFapA94qAghqdwZopo53TfgkXloC8jN3LVfMbXUAAh/YqPbS+0YmgcJOHKVx/xJ8lM/Un5uJQ+NpO7n0Atra14m4a+gK5SDnlyapE67JYcUNfEXtO/s4/x6kEIuOietX5H66h7MDFIr7j6Uwnt0yI7d++nq8FMCh9yiC4eNF0D2MyUeQqMiCnEwwt81SHrQXibmENjoFY0KuvPbRcpi8q7" + comment: "Martin Dilg" + felix.rauch: + uid: 25496 + key: "AAAAB3NzaC1yc2EAAAABIwAAAQEAwDKAMcuehNV4MFKO0J5dFRF5flQNaUDLxlGIYj40D67dTQR6ZeDsFT212Yk6T8EhIvbTxo4HQC0roouwtWwb2dHD9exsTCAc6HotFcTsPHDkyJKi7yWIdyqaIf/BWi3yXhiIZvci0qXj/ultCeApDmaj554xiB25+RcntklCMwsvPKfaUGuYdfvF2/y9wtz1uDzv8YnjGSlzDu5k6winNhdPU1HK/2d8YK8w/Uf0eOObcPV2yzvAqS+hWGxMvvuEUCzonTeFwCpK/+FUOxcV2Lpvx8NlKKWrFjYnxqLY4YAv4ckRvPCpHMAa7gqNgALcalz6mIJQukuTWYh2ScgR+Q==" + comment: "Felix Rauch" + # Bielefeld carsten.hensiek: uid: 24825 @@ -405,6 +421,14 @@ accounts::users: uid: 25056 key: "AAAAB3NzaC1yc2EAAAABJQAAAQEA0EatLKAR18p4/w8DLNaMbLWpgXsZ3cQFnDvNCobtfMD4asN6lk4qtWwLU3WLp0YY1pWwLjTSa9Cl7rZVGAdKFBKURRAMwg+SmzXjwNd9jka3y/GCHTIB59qoR97XOmdRMCGb1SrP9jAzFOfnkp56xB0metVlG9Hi8wQASU8Vr/pzkQmo8/vqY6pF5lvkjpxvPyHanO9+cIbRRif9Bwt8zzXPbL6ZUM99FpY8ImfrNpkYPL/hEQl8TXQUy6JeIAJ1RUfVaMU8MxYFxPlXzPIfCPpFFiUPFln6PTf6qJrQYkkpUcWLNdwjpVlkAWEOHB7dKS60tXOslK3007FE0v4jkw==" comment: "Christian-Epp" + peter.grzeschik: + uid: 24686 + key: "AAAAB3NzaC1yc2EAAAABJQAAAQEAtnOSZDtc+iOjKc9I7fxuAgoMuPXY9D3kPMvTpg76jDliOItv21kSMlg22Dd+QlaziwK4ZbI3rdJhHZFQxPoUtso6mW91IqIRbJMPSdVWAOecc/UyU7yFGaS+TtSua8TgxoR59X0ukimb6EwG+SOYogIqeIG8Y8Juq805gbe+z4Ku6OhnmJUw6Db7nRnP3/ybXq1Zgia8KzwwM2c4LUq0Rx+lbH/OQHdCMCXcIc4gQe2BuGsgNiyjCMFXNDiw+X6XUpiOx0fpvBGn8nZW+qa3CcscCKDo9de7Sk5QROPbqqNYqEpRORLWJsWtNGhfelp0C29gYVJfLY72CJmBQKa26Q==" + comment: "Peter-Grzeschik" + klaus.hippe: + uid: 25057 + key: "AAAAB3NzaC1yc2EAAAABJQAAAQB21E06FIIg6eCPa3TfjrNX5xF9NrYfd2V9mhvWDjuKOzRpmuy8tt70CPcx46HxTDFgoBiwNWG8eszw90lhiR/bB5BMrowbvKXsznpiuOVk0T4bF4gwjp0tO2DnOyzWratM7C1ergfWfUWINqrrNZnX46nFco+iazEb+gdTi57Igzi2FM8gmkY+YjhOh1TqFDcn1wDKhSZa7gMgdFamTFo2sE8i1pYL/Wwf/OYsaT/vgPkEFifgC6M3QkAGXUuws0IJcXdyTqxsx2cbfKzfNuhBufGXXI6tCJKHxgNdbP58FlsbQ73f7Ac7bjQDFZLerDOEK/wQ/dRbI8WSG2Niw7yH" + comment: "Klaus-Hippe" # Hamburg sten.friedrich: uid: 30008 @@ -442,6 +466,10 @@ accounts::users: uid: 24259 key: "AAAAB3NzaC1yc2EAAAABJQAAAgBixYSX39LPUhdSC6fKG75iu/GI18xA7UFUrUNhubSNwb0MTc8PcHpwKmLIB1NivsX9R0JOy+MLZkhVQ1HgTYKDUeP0q3NHPPOdDrJiscsLtjS2piU4SIR7Lz+Geq3cDswMbQlcJf43oS61MYB0AhKOYy/Xj02ZPRMvzRmU+Dd//i3BTEqfJD67jua5MDnwVPTgm3liuF5IW6nOhx7Y/1Ex+hpdk3PEMslUkM9j0aVTL+Phzc4hnY7wQrvmW4G4PTkvttWrR2NG8q9A2gOn3JOkrZ1fz97Bx5takN9Zdw0Qu2dRke50uqdhNgtGG7BkdCgORpNRiVekQGqQyNJfyE9UG9+G6PpQr6VTlJhHo62IJuJ4GXwsuMDNRMDbl7N8F5AIQorfUms7hVJiD/WjEHW8uwPbgZk0ApkfGjGN0jBZPVb35XqkcnudpqHx3vXML7t0bDFHzpxy5kHao1Ggui8Jeua/+o8hJYmLW8wEnpvRTfkYwgT9FKhUY27BLYYtjD78POAiz+KW3PljaM46Tob92kYIZ6ziR/Ki1bxDzP9xDp15JnbhwpxcBDyTIb2FkNcGHpRP9mMG4+Asl8yo4ppGXDS/2PKcT5yu4ueuQJwn6oB9D6nvgmN+S3Fo7kIw6dKuDtAaf/X/1wX9CfHcWCfNGDlUBqm5GtEtwU3DbNBcxQ==" comment: "Gunnar Hofmann" + sidney.jansen: + uid: 30017 + key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQDEr3bnmo47iQIMvpdFN6khFPBTItqapoy1L+Cj9XHXkkuOesuGNDw56AEomzgpRn+3GqXNENWgTd4nwUGCCbQLc4H2Uk3XXOk5oDZYpCOFSJ3T6uS6s7+kEky+68ocWjcI5oV+0g9dSDt5fpS13LDxnPNfmBYwJzfOjrtXddITVehjQf9Utft2M057VJ9cQNEjpAMehIsbqhWR2yuDUraVpc/wSOBjr52A88gfloO4U3JMKPsTu/vnTvJyG45UalhTScavB+6Y662uesi4XSjmv+ZUUnMToSh4jJU0Wh5QqVxz0Mqhj6w5SOqNSk5p97JJn14RvsbxiiEv0ZDvFVBn" + comment: "Dirk Sidney Jansen" # PP-NT georg.stach: uid: 26001 @@ -579,10 +607,6 @@ accounts::users: uid: 60185 key: "AAAAB3NzaC1yc2EAAAABJQAAAIB700X8d5u+/Cw/Sm9pW0rrbsL3cEMzJ2/UjiW4fKJrmWTwjsP82D8pQ3aXDLj830RxCjMqce899D+MtTEJVXYP39GoX4rw9zL1bmVd/AncysxH5FeZeVZq5kBFoRDUzsOT2dspibsNIJU5F1I3y7cBRgA8UN8N9oC4MNLW0HVx+w==" comment: "Robert Tulke Berlin Airport" - jonas.willingstorfer: - uid: 60190 - key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQC7ABapvicawSk3DeDuiNM2/LQgk40BibXDMN4NPe1zzsOsmWVj42ldGakpkvqqL75Nb6HQHAZwckYgzEYdrKA2erpg6hiKIsFAMFp4sIWhuAk7HeuE683pdoSWKygpV114J6w8i2fTOL9TVjLICFNUC7YQwLYow4HljKEgVsg1orTgjO5iTSSuRNcHAOVLPmsoqm48uRz09RjJZltFA2N4VmCA2scycfoKzzL+fUyoCNyb0c8oF6MW8veUIAbQAkF8eVcvA6PVKBBT0A7gLxi/ESeOu+j7AS3omXMP5PUh2epQd7s8BDvGCeBPJXesEl/ovoUKFWUHyKU96kAeG99d" - comment: "jonas.willingstorfer shanghai berlin" christian.reich: uid: 60191 key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQC+5MO0SyUs1T8HYHQMcji+fWyuh3z/HcpDdzVYV6QbKhTi8FpaIKkYCgN7DV7Wfgdpvy46ju/5bQcyk9g/elDgFOiEwirTgDUqW7xhM38Ior4DCd6o9mQ8UXphcG2KaQnUY3JOtDND6dndb1zARR0rA6QxppvDoRciv/Ag+3r3Z0c7FsPd6xXUPNg3pBbprYZD2rT645v+LVAnhWLvwp6YzWlGZbvKJYC3IYCd7SENd5FD0IbUdgC9v7PjSGtXHR517qBFRaEychPKlo+e+Y3KlXPrDXoMC+ERRvxGasgcpYMRD8N3wxcQGRW55n34qhlAJ0eVZCv3baeCoh1dY/qF" @@ -596,6 +620,16 @@ accounts::users: uid: 62056 key: "AAAAB3NzaC1yc2EAAAABIwAAAQEA2PyOhKbEDuU4S0E6k7jaJ+O85UGav6qZlmR8+C5OdtxzPYufImD/Xz9DYppH3m4PCjqKN7kmWAkVy0pZgZdN7bFpvqDUwvZOsUbm4r7C2X6RQHctzcU1d8wojc1LN5Dj43M0GJ/9y7Gs4YMtUZgx5A31kaa7DsA9gH96BNsFO6D6Uiu+qBgu8vESIiBAz1ZWwMdn3ztdKapMptwL6B4mzrt9z1DsdhKSft9paec2m6KFb0kPh0iUhpfBxOV9ye3C1AwrgcqRfyYEIFenCidGTHQXsKlYoABD6hgYV4RBbsrhXeSYF64QnqIMlAmLVf71n9VE3VEdIUwiNBWP4hmpSw==" comment: "Mike Milarc - Interface Systems" + shell: "bash" +# shanghai + jonas.willingstorfer: + uid: 60190 + key: "AAAAB3NzaC1yc2EAAAADAQABAAACAQCt8tqyuH1pzI08akxsw4jaQowLOx4n6A7rLoz0fzLuZpj0M/PcWYkVdeXJlqImeswWDy53LJwFAgw4ztw3P0aS/ZCbGWnzJ3s8z4gKS50SzQSXx/FAcGXFjgSSMH1xQl4ksu04daRmzvf3V8kJR9batYaHJKAhQm4mrmEJgbP9dlkX0/sZboR2goySdydjogJNPy7LE8ROtiRk9tDTYH/Xj1PbM3Eku2CBt0YvAVcHbUHXL1me3rwLxfVEGKNH8jPbCOBb1TAycisl/5pn/qxwyxwBA+jrnDnvbio3O0GazSGxSltCoPSJ2Le1Tiar29n97aX00aa3xgi+JBAD34K1pRKBW2za2hPsYwlNT2uzJ2h5uC4pzwhdjZVtWdPHfSWHeiv3sjIMwpfjBVCg1Oydn2QeHQGNVNpSAAfD6UavECVaRk2owrUCpo8rEdSVLqay1pPCgxmMm/hKyOiJIDwz6lrwNF1q9hocT/Ut3J7T0BhBt9a0OaaGkyPIaLySGUOBMUKQzne5f799bna3WWzRzmrBq8126RJqIDiguUMCxIw5jAY/mHn/uvVWQ9a+aXweJ0EsCV7Kk/doZUwB7+CMP6CcjUPBrq1dWtDXQZzLRevU2OBRWGS8k5cb8xxYwPUxd1NFe1Wc1HdwbTrKlo2WEug6GYeVBJ4cK5mKNd8xAw==" + comment: "jonas.willingstorfer shanghai berlin" + alexander.bloedorn: + uid: 60193 + key: "AAAAB3NzaC1yc2EAAAADAQABAAACAQDgx22Xm+BjXdriLNaOYldEM2ivfu1yGKzi19WLJa/lYFQcJqT+iuiiQHxdFoRf+X48rq3gwGQkNvKd1RhIi9Gw9I0OvsGirZGfhnpGacxctQ128n7XVc1H9x21dqirp0ThSSt0DFKlouEgU8gtJv/s5dEc2GsROXSsp2ABXeJOzmxEok6efFdNGGWGSV/q+Kqw5oe5PrWeRzmfHKlyKFRuo2zakWMrfb8cRPZspC5bbyIw9zpq169IsxMOViDe4Ctbz1eUqMOhehMwN6b7yTgtYOcyE+Hu6j5cFAS2XAL4hHzfQMzNilzuquDQtAtCKTAfndJXoOzFmczzVzWbkVagraWbLrNs5FM9lNude/hP+dpbaOpZmYBDVNcNt2eQnWIavtfOFMUdTeTuOd5DbWlPsgOXj6vZuWLIZhcRuFd3k4XAlMBJU28pSZrk5opqtAVpIA2CFpr8JUky2CebT/XSTg7Ic2iHCU8KK73why7u9U56+c2eqajP70bKkfn7hMQMCrT8Q2RPZniuC60OzN6lTU1nmjdAzJ4SqFPxA2ebKXV8ACrHo+DYpikMcpWhWB5JlnIaGyPYeSmy83b420C+fpEpoL/kz1ufQ87lrdSOHNcYOLb0PTrcNCYSRbe8TU9iM+NrtsQJdyaC3GePyQhLiDZ/m9nrMCKJVcAGR7vJlw==" + comment: "alexander.bloedorn shanghai berlin" # emperra ries: uid: 60220 @@ -728,74 +762,6 @@ accounts::users: # ausgeschiedene Mitarbeiter nils.wagner: apply: false - samuel.stein: - apply: false - hendrik.jander: - apply: false - david.hanke: - apply: false - gregor.heink: - apply: false - sirko.krauskopf: - apply: false - rene.beiler: - apply: false - steffen.rick: - apply: false - martin.lechky: - apply: false - alexander.dall: - apply: false - felix.klemm: - apply: false - frank.beier: - apply: false - rouven.volk: - apply: false - axel.apitz: - apply: false - dirk.bartilla: - apply: false - markus.herzog: - apply: false - hakan.cosar: - apply: false - sebastian.kachel: - apply: false - ivo.haenisch: - apply: false - manja.junker: - apply: false - philip.hornig: - apply: false - florian.heckel: - apply: false - christian.koop: - apply: false - philipp.rixner: - apply: false - daniela.grebe: - apply: false - johannes.scheerer: - apply: false - margret.herholz: - apply: false - markus.blume: - apply: false - tamas.roszler: - apply: false - konrad.tadesse: - apply: false - sven.buchholz: - apply: false - steve.rosiak: - apply: false - tim.jungebluth: - apply: false - kim.kunc: - apply: false - boris.hamm: - apply: false # Service-User # auf design-berlin.pixelpark.net sftp1: diff --git a/customer/1und1/git-1und1.novalocal.yaml b/customer/1und1/git-1und1.novalocal.yaml deleted file mode 100644 index b25351f7..00000000 --- a/customer/1und1/git-1und1.novalocal.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -site::role: base -site::additional_classes: - - postgresql::server - -# Diese Datei sollte umbenannt werden, sobald die domains in der Cloud funktionieren -xymon::procs: - postgres: - color: red - text: Postgres Datenbank fuer Applikation - mincount: 1 - unicorn_rails: - color: red - text: GitLab Application - mincount: 1 - redis-server: - color: red - text: Redis Server - mincount: 1 - nginx: - color: red - text: Webserver Nginx - mincount: 1 diff --git a/customer/1und1/production.yaml b/customer/1und1/production.yaml deleted file mode 100644 index a5d79f6d..00000000 --- a/customer/1und1/production.yaml +++ /dev/null @@ -1,51 +0,0 @@ ---- -gitlab::git_user: git -gitlab::git_home: '/home/git' -gitlab::git_email: git@someserver.net -gitlab::git_comment: GitLab -gitlab::gitlab_sources: https://github.com/gitlabhq/gitlabhq.git -gitlab::gitlab_branch: '7-7-stable' -gitlab::gitlabshell_sources: https://github.com/gitlabhq/gitlab-shell.git -gitlab::gitlabshell_branch: 'v2.4.2' -gitlab::proxy_name: '1und1.pixelpark.net' -gitlab::gitlab_dbtype: pgsql -gitlab::gitlab_dbname: gitlabhq_production -gitlab::gitlab_dbuser: git -gitlab::gitlab_dbpwd: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEASYmIOjlAsRVJxZkBZ6fHrwwEHN8SkU+UrPWVru3+TQUomRnE0Hh1cidmjZBPf9nMQJuVAXcaayEA0EsVMnPOofax+FsSaJFmcgupZVFA2BUCoH/sSnT71zSwdWGGMEbIB0H62xruLy63NApY+GgZNITrdYnk/3yAx/BQPNYQBMJrV46u5sz6/ad914sV4DTlkzkv7TYmiQW451t51/YtK6q4eX7PY8zK9YRUji4HpP75irsev+4QY9xg8BnNAkrfhXK5/Bw23K7g2ZRqp/jBtJDktfcEGAiMx7CEMMm3pnjxTaAOX75rGhgprKOZcxGX1I/cxxuufjnF5ENTwcGJ+zBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBZb6ORXpO5Li/28q6/07vJgCD0/PfYFJkxF5bOjtAE4oFCXtapJgf3eqhE6ADwNKVQZw==] -gitlab::gitlab_dbhost: localhost -gitlab::gitlab_dbport: '5432' -gitlab::gitlab_domain: '1und1.pixelpark.net' -gitlab::gitlab_domain_alias: false -gitlab::gitlab_backup: false # really? -gitlab::gitlab_backup_path: 'tmp/backups' # (relative to $git_home) -gitlab::gitlab_backup_keep_time: 0 -#gitlab::gitlab_backup_time: fqdn_rand(5)+1 -gitlab::gitlab_backup_postscript: false -gitlab::gitlab_relative_url_root: /gitlab -gitlab::gitlab_ssl: true -gitlab::gitlab_ssl_cert: '/etc/ssl/certs/wildcard.pixelpark.net-cert.pem' -gitlab::gitlab_ssl_key: '/etc/ssl/private/wildcard.pixelpark.net-key.pem' -gitlab::gitlab_ssl_self_signed: false -gitlab::gitlab_projects: '10' -gitlab::gitlab_username_change: true -gitlab::gitlab_unicorn_listen: 127.0.0.1 -gitlab::gitlab_unicorn_port: '8080' -gitlab::gitlab_unicorn_worker: '2' -gitlab::gitlab_bundler_flags: '--deployment' -gitlab::gitlab_ruby_version: '2.0.0' -#gitlab::exec_path: '${git_home}/.rbenv/shims:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' -gitlab::gitlab_bundler_jobs: '1' -gitlab::gitlab_ensure_postfix: true -gitlab::gitlab_ensure_curl: true -gitlab::ldap_enabled: true -gitlab::ldap_host: 'ldap.pixelpark.com' -gitlab::ldap_base: 'o=Pixelpark,o=isp' -gitlab::ldap_uid: 'uid' -gitlab::ldap_user_filter: '(|(isMemberOf=cn=1&1 Internet AG,ou=CRM-Groups,ou=Confluence,ou=Applications,o=Pixelpark,o=isp)(l=Pixelpark Berlin))' -gitlab::ldap_port: '636' -gitlab::ldap_method: ssl -gitlab::ldap_bind_dn: 'uid=wwwadm,ou=wwwserver,ou=applications,o=pixelpark,o=isp' -gitlab::ldap_bind_password: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEANfCQLepMGRH5jg56LAdVTCw++QJg6OOokkSOi6qgiVG2oWtJp0RQsta7y9KlF9eaU+yD6dsqAIYbwt9buYKW0oA7NmijWrQc1lvK57I7VD7ZguNFZrK2aRL85sN1JheZYaSNV5rwsqWVMPum1X5ztXN8di7QBurnoyBAStTamAUiP72AYTJNxHqF2EqQO2Xepznnuy0AGYQiInfZVEsihg4YUaQSIjZnyPaoGcT9nLgmNltIDtfkVApLNmpnB7Or54d32K/VgbNQSVYjeet9E9KDneQx1oic4MNTc1e8SjVptZZrOXXTqBpzxOLQK3jWkFUrdv8ZwgPBih/3s8fWdTA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDCN6AoVnXDCpqO+RVDDkGFgBDtbjIi9KFuj6WlIe8PHMXk] -gitlab::ssh_port: '22' -gitlab::google_analytics_id: '' -gitlab::webserver_service_name: nginx diff --git a/customer/bmas-g20/common.yaml b/customer/bmas-g20/common.yaml new file mode 100644 index 00000000..25943578 --- /dev/null +++ b/customer/bmas-g20/common.yaml @@ -0,0 +1,36 @@ +--- +site::role: base +site::additional_classes: + - site::profile::apache_php + - site::profile::mysql_server + +accounts::users: + lothar.schickhoff: + apply: true + sudo: true + martin.dilg: + apply: true + heiko.hardt: + apply: true + sudo: true + matthias.schmidt: + apply: true + uwe.zillessen: + apply: true + jens.vollmer: + apply: true + kerstin.sieren: + apply: true + sudo: true + felix.rauch: + apply: true + sudo: true + +apache::mpm_module: event +apache::default_vhost: false +repo::remi_php70: true + +php::extensions: + xml: {} + mcrypt: {} + mysqlnd: {} \ No newline at end of file diff --git a/customer/bmas-g20/dev-www-g20-bmas.pixelpark.net.yaml b/customer/bmas-g20/dev-www-g20-bmas.pixelpark.net.yaml new file mode 100644 index 00000000..72286650 --- /dev/null +++ b/customer/bmas-g20/dev-www-g20-bmas.pixelpark.net.yaml @@ -0,0 +1,55 @@ +--- +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEANzjFZW5Dq4YmsboJMvcQR/JB3orJ4T09BHHRuXRXiqe/UZmw4Curr8Uiqj92hFGGM//bgvjbIUFWbGal4Ij9q35+bAnYuCrlXxLxeJKNdlz50OH/epNmclJnSTld5HDyTkBfYtRvoagQBgPABh83xsEoMu+cFEpRPQo7iuEU/kDa/JOzLMh0PRtbvtkwWM84T9+HH9q2dBmriv1Y0UhCS25NA3+Ql/tbgeErNfm1O5gdvLJI2MgL+1MAKdSCmaK9oGZD9l/M5HoVCX7TP20TNM8RPrMIpw8mvWTNNNVtnE9Z0w33u0/uz1T4BVQd6C54+yR+ZEwf46nEJWXFhpqpNzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBABsdyJqSqDqDZg1KuOWMqXgCCwy0FvFxhDjctdW4TU4IKiaHs8QImTRaPwK21syZom9A==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAq3ySF7P22I/JfnatpAFl1TZ0rllCqwTP3aBnfyAvfdAWjRgnSWq5EQtDqRiHX+mDq/BQ8kA8qHxrZDb0en7ABBne7DhNJV80yaFCyd4iGOpvE8WpS+HfSHuD7Cp8oMKEw4IMfevWaAotWCkennIhu3zpFPWGafxf/PgnHOZlYsppqyoLNiH6PVnfzlZ/Tig3pCJ02z690GUnFAKgfHbk+k/VbaWQMHme8ljWvyVxzeaN16UhDsMTXZbb/uZu9VMMpB52VnpJldvH/jjXW4PXlV96a+ZYQhcuX7f0fpJWiMjow2WyYecK/8lnpVulN6K09Rii9zx8g1wI46oafvJCxzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC4Sgecx0NU6TbN9jZFzvULgCApX4T2u8xF5v/k45+QjD4Als1t7OWsg3/sCZ9Oc1pTvw==] +site::profile::mysql_server::databases: + g20: + user: g20 + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAUSANBzL07SBUpnrTB528mVIcx9sBuoNfp2WhhPRPFG2HIhOos1sGQEBvI8yCuVVzvg0SIgderoGMPLdFtKNEB7t0lTI0q5/YW5ahR4dpUT7UtMFS0R5O23UeEXqow1dE7T6OkXbQBWexi4hygR2gtnWx7FoMf2+vErEF2YMyP5SHzKTS4tWn85UDPATIlodTqAvHbSgvJ9AxPAsN0lmeytjhjmjq9dxUXRBncGdRH7JpuA2YIJFRUEXGuEEDgJA0tFVpmZMIw7aLbh/aIEv/vNgo+TWL2sjfQZpcYveGL6wY/suLLmR8aQDDltPqAlaffk4og83/rHoiHE7kDJvKsDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBA3a3/VIFGT47PdSZwhdgYOgCDXmpyEw4PZO6uizGI60e9SApmA26mA4LPjepvrVm6Bxw==] + g20update: + user: g20update + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAUSANBzL07SBUpnrTB528mVIcx9sBuoNfp2WhhPRPFG2HIhOos1sGQEBvI8yCuVVzvg0SIgderoGMPLdFtKNEB7t0lTI0q5/YW5ahR4dpUT7UtMFS0R5O23UeEXqow1dE7T6OkXbQBWexi4hygR2gtnWx7FoMf2+vErEF2YMyP5SHzKTS4tWn85UDPATIlodTqAvHbSgvJ9AxPAsN0lmeytjhjmjq9dxUXRBncGdRH7JpuA2YIJFRUEXGuEEDgJA0tFVpmZMIw7aLbh/aIEv/vNgo+TWL2sjfQZpcYveGL6wY/suLLmR8aQDDltPqAlaffk4og83/rHoiHE7kDJvKsDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBA3a3/VIFGT47PdSZwhdgYOgCDXmpyEw4PZO6uizGI60e9SApmA26mA4LPjepvrVm6Bxw==] + +php::fpm::pools: + www: + ensure: absent + +site::profile::apache_php::fpm_pool: + g20: + listen_owner: apache + listen_group: apache + +site::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAO2gsG/lq/BuNQpiz7LS1qnUmtDZys6PJ0MR3vcMnWjWg3EpchYxBhMgrhsMI2e0UJ51tCdHvIQEr59rAXamH5IouuF0N+nat6ZcT7nWHrQS2Uks8RMDH5HCON5X/WqOtUIFA1JUyya1LTE1c/PYTusnzFEJ2nSb4y9dEXaxcO/n6b0KGB/as5O4LEFDFp3b3OvHH4Ml81dLl9qPW2SuPQ6cDsJoRM6VDbejtYbjsmBKPXmtejb6T8kKK9UhWNo18TUc5yZiA8FvwKT1HQ12Deg/T/VdYuUInkrCTHl2JxWnzjRfRyR1choCErY9cAqq6gsAvJAyZ+jvrIQLRjey9jTA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBK7+bkDKd5mfmeZuwN0IcHgBDcB3TtbuOkKVk2++FboeXf] + +site::profile::apache::pp_vhosts: + g20: + docroot: /var/www/g20 + servername: dev-www-g20-bmas.pixelpark.net + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' + docroot_owner: apache + docroot_group: pixel + docroot_mode: '2775' + directories: + - directory_root: + provider: directory + path: '/var/www/g20' + addhandlers: + - { handler: "proxy:unix:/var/run/php5-fpm-g20.sock|fcgi://./" , extensions: '.php' } + options: + - FollowSymLinks + - MultiViews + allow_override: + - All + directoryindex: index.php index.html + - location1: + provider: location + path: '/' + auth_type: Digest + auth_name: server + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' \ No newline at end of file diff --git a/customer/bmas-g20/www-g20-bmas.pixelpark.net.yaml b/customer/bmas-g20/www-g20-bmas.pixelpark.net.yaml new file mode 100644 index 00000000..49272b79 --- /dev/null +++ b/customer/bmas-g20/www-g20-bmas.pixelpark.net.yaml @@ -0,0 +1,46 @@ +--- +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEArtkaXJ6KPfk3Fq7DURIGuVXAoijATcqJ/HdXXEA4uNDBxEaMBPgILbiDNehIIqiIvz/a6/IjgK+3Ik723z7U50JGMSs80q0Zu08CtkGVXlHAjX2BR5uP4diwtHUJzRB06bpuWk9tWzV9VCJrGEzwnG57ZevvIlojAWZ3hzFcdK2YmLhITukh1ZE9Xwd+W5oriuBEiRSiv0P5aC3Eqn7d/1qAj7LpryIDfVt6stRgu3NwmFXOFruE3pxP+Y8eiuGhZZbtOcddP67ZwHlYJ0S6Z52gN3ccOh1tuD5kmhSXBmALBo1CjasTVf1P6nEsjhJ0AgJPo53BExnIdSitffb7CzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDFxml6n10vPM+Chw9IARNXgCA/5mln1C5F841sQuAR3Um+YM4JiFPRuttdu/3OujA96w==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEALc4hdVSZj7U1pM1h76xj5dP8ZxQ/bctMMd/4emao1DtpaGoSGEi2hbwXZAOXXWQzdUUyX6jo1Mewjhnh/5SJa6B/srOlISKdgHDWUfvMVMvGayt9pyolWywaviKxpf/zs5N+xGV6oshL19MwukiboNv48q2nEAC3KYdGjIZp0MCAi8dK8xu5+1a3LF+EuxtjVftwcZwNdVZuswmb22cW8M7nGby3UA8yBNYWE3YQnwXuWVt0vRgkMQbjRnKntLbD24N1FqQmX2Z59Jum7ghINd3pnMCGmOZl4PQRRPANUTaqU7X0okxGQP3WV7JItCmhcxsE4V8ZxaLd6Z1BT2ITOzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDYqVkutZ0uW8YFQlSXNt2VgCAi2WStthfJOAZ4C26I4KUUsz4k3C4aIThkQ7rxn1jlsA==] +site::profile::mysql_server::databases: + g20: + user: g20 + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAxF3gPw8f3Zc1PhgrhgZB/e5kj/dAQt3sZoW0tfGL6doIv9aTwcxIQ6F0hGHBDtxZs8mz/oV0ex0yzOjsvLc1F5VA+ZOZOHSOR8ZIyTYypQr/8ve5dYNpdzLJZAKYy/7nRO2MvUbx3YnUG4UO8XMcD0HxfTHiVH6zkkDFUaldLeVk4GRgygieVaOi+61KiXrioE38/VhFpzKD0LJsVVwRhE3kAV49+lpGX+M5/BteHpLYH3QVfuvGh1m9eARpdt6uJmYv8FkO4LyLNDdhJOF7k069pWVjbDm6RUUbdMpunEI9i3CwI+jmeFP/9Q6SSr6vEt8sqFzEUzazy+7kQG0DRzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAn+ksaKYKShXnRHa4ijoW4gCDgaEYxdQt7GHCIjQOZmi8sYcyXPMlahwinkqqY7WxWvg==] + +php::fpm::pools: + www: + ensure: absent + +site::profile::apache_php::fpm_pool: + g20: + listen_owner: apache + listen_group: apache + +site::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAwtKqzRR1chSJwiTMczzMYem0gYsbdlS8IdQbXqOuNWR23kwLKVTWFuvOTIG1VW07NWfo6QFejDA3XavtOUOxULXmLfa50/TIdSMrts9oH629hS5rMP/jkgy4Togc5NhAYtmEYjIybm55G9kT6HKe+5WZFoJEeWuZfawsagt98raxuqkgIlp9kDINognPIjVAjaljGrJL+UQaBy81xrVSpSDEABkP1Sf9hRy9szihClJZ0zJuwZjjZ20mCoiIFXeahL4oGQDAjo9sC4V+Q5wQavQYqId2ZxNfXV34SuUa94Ae+AJNGLCBXMYouMc+fjoieIf0+UzNC1aJUpc+rx9VlzA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAUJutRkMMEN+MlX/aACnzAgBBSC6x7g0ACXc4AIXtOGiHq] + +site::profile::apache::pp_vhosts: + g20: + docroot: /var/www/g20 + servername: www-g20-bmas.pixelpark.net + serveraliases: + - www.g20ewg.org + - g20ewg.org + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' + docroot_owner: apache + docroot_group: pixel + docroot_mode: '2775' + directories: + - directory_root: + provider: directory + path: '/var/www/g20' + addhandlers: + - { handler: "proxy:unix:/var/run/php5-fpm-g20.sock|fcgi://./" , extensions: '.php' } + options: + - FollowSymLinks + - MultiViews + allow_override: + - All + directoryindex: index.php index.html diff --git a/customer/bmas-typo3/production.yaml b/customer/bmas-typo3/production.yaml index 909b9626..6ce06122 100644 --- a/customer/bmas-typo3/production.yaml +++ b/customer/bmas-typo3/production.yaml @@ -369,7 +369,7 @@ site::profile::typo3::projects: php_admin_value: memory_limit: 256M fisnetzwerk: - version: '7.6.11' + version: '7.6.15' site_path: '/srv/www/fisnetzwerk' db_pass: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAAUVR952b60obtZy0fbRDRopP9DVlBvaSftoZyUO3I+4adwWkN0F6VbZYP0tURpHrwehwUJaaJijTqwxBfAv/dximwn7iY9OXg/oFxPMOQbItOXSf5zbkGDrBZmveLMjro7K6F5Jvaywew1H+bHjt3uqLQPF/HgED17RfCeQBRqZ32WJP+mXixe4+2XDgoxl6UDal1d2Y23f8FivQ88o/mRJcFTpmGiTHXCnE9abBrt+FTEo29Iv5bSZqDBUZg9rhONQ1zHrdZLgNOZQOZV2Jk6p/K3bS8fjanzOSSORJuwChArChQjshXvoLQMljyce1gvETjhOlT68kUJR+IvZeWDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCK4YgKp+ylIsQSqae+/+IKgCAnm0wYQOIDKFPJScnsIlv+WKyTHwCsOOFCOhOIzymZiQ==] db_user: fisnetzwerk diff --git a/customer/bmbf/web01-bmbf.pixelpark.net.yaml b/customer/bmbf/web01-bmbf.pixelpark.net.yaml index 9a54adf5..e2ec0a1b 100644 --- a/customer/bmbf/web01-bmbf.pixelpark.net.yaml +++ b/customer/bmbf/web01-bmbf.pixelpark.net.yaml @@ -82,7 +82,7 @@ site::profile::typo3::projects: # php_admin_value: # always_populate_raw_post_data: -1 stadtklang: - version: '6.2.27' + version: '6.2.30' db_pass: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEASKiPD6fAj/kftFPD5z/yg2NH+j0yq/dPx5JZ3ZP0XLU81RMCfh3wzk38Tnor3FLyYV9O8FeRsHBq8Z7tBazpncfPAZc2uM9e7w2I5TF4RbjmTrpCBx8MVT+FV/rHZeNiLDVxm7RwO6yAgta68XxKFsRnugCNcWzcMWEszPvwSGHois8EqfOKrCDr90RUJCsOcZ4jIceiGWOaCqx9Y8HpD0pnaQFDpjbtMEUzoqeAwNinlWoiTZnOTQMgksaEqR4wwBZFlrvf7IGzfXWVma0s+WWCrFN7hQ+gTPJ+oQ9o2jdpI+f3c+hfINvOUxbJ7E8lkjFmlJQ8yxKbxxT6TIu7XjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDqARGIww8lS1LTIN5OeJCRgCAQqHaLF5wHCYJEDq4CbLbxsStMo14+S9LSEAq2ikEV5A==] site_path: '/srv/www/stadtklang' ip: 217.66.55.4 diff --git a/customer/bmbf/web02-bmbf.pixelpark.net.yaml b/customer/bmbf/web02-bmbf.pixelpark.net.yaml index 01c0a429..2ba12479 100644 --- a/customer/bmbf/web02-bmbf.pixelpark.net.yaml +++ b/customer/bmbf/web02-bmbf.pixelpark.net.yaml @@ -48,7 +48,7 @@ site::profile::mysql_server::databases: site::profile::typo3::projects: wissenschaftsjahr: - version: '7.6.11' # dummy value + version: '7.6.15' # dummy value db_pass: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAmL6L4Gjwh2CJn7VR3nggYsGrUWGfCc5wyqDENDoN0hpZY3/Z5KYXwqxmgYzYrJQDcz4y7MtqsVaJa43RQNxFvMHm/u0MBq5Lj3gFXiCwERl4iGS2cjC9p64kCB9DygN4SshQb1LssGO08vKi9o3PLPIbu3x2L/f3ntBlh3C7Z1sGnXJTRt1vDPmnennadDpPXPBr1YXO+PjDHPM2aYmK1ObNUSJuj+aSVoO+39/MbKItu1PWGxun8t4LYOJeVX9UO0dRaKe+Jb5Y2n1Pi9ehM4CFh2GGntRhpxKLzSRpVB+7pbw0t4+L9opWlYWYuGegEV30QXgHIjwqGjL4LPL/kjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCGcbqulPE0TFeB6SkB8sOegCCz5uvjwlpS1tq7H1lDffHfCR2OAw8M0xmWWHwJQpSJ6w==] # dummy value manage_typo3_project: false # on-top vhost for all wissenschaftsjahr vhosts servername: www.wissenschaftsjahr.de @@ -56,6 +56,10 @@ site::profile::typo3::projects: - wissenschaftsjahr.de - www-wissenschaftsjahr-de.pixelpark.net - web02-bmbf.pixelpark.net + - schwimmstaffel.de + - www.schwimmstaffel.de + - elbschwimmstaffel.de + - www.elbschwimmstaffel.de fallbackresource: '/2016-17/service/seite-nicht-gefunden.html' ssl_cert: '/etc/pki/tls/certs/www.wissenschaftsjahr.de-cert.pem' ssl_key: '/etc/pki/tls/private/www.wissenschaftsjahr.de-key.pem' @@ -82,8 +86,13 @@ site::profile::typo3::projects: provider: location path: '/2016-17/typo3/contrib/' rewrites_no_ssl: - - https: - comment: 'all to https' + - comment: 'Weiterleitung elb + schwimmstaffel' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?schwimmstaffel\.de$ [OR]' + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?elbschwimmstaffel\.de$' + rewrite_rule: + - '^(.*)$ https://www.wissenschaftsjahr.de/2016-17/elbschwimmstaffel [L,R=301]' + - comment: 'all to https' #rewrite_cond: # - '%%{ich-trickse}{HTTP_HOST} ^www\.wissenschaftsjahr\.de$ [OR]' # - '%%{ich-trickse}{HTTP_HOST} ^wissenschaftsjahr\.de$' @@ -108,7 +117,7 @@ site::profile::typo3::projects: post_max_size: '50M' upload_max_filesize: '50M' wissenschaftsjahr-2016-17: - version: '7.6.11' + version: '7.6.15' site_path: '/var/www/wissenschaftsjahr/2016-17' db_pass: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAmL6L4Gjwh2CJn7VR3nggYsGrUWGfCc5wyqDENDoN0hpZY3/Z5KYXwqxmgYzYrJQDcz4y7MtqsVaJa43RQNxFvMHm/u0MBq5Lj3gFXiCwERl4iGS2cjC9p64kCB9DygN4SshQb1LssGO08vKi9o3PLPIbu3x2L/f3ntBlh3C7Z1sGnXJTRt1vDPmnennadDpPXPBr1YXO+PjDHPM2aYmK1ObNUSJuj+aSVoO+39/MbKItu1PWGxun8t4LYOJeVX9UO0dRaKe+Jb5Y2n1Pi9ehM4CFh2GGntRhpxKLzSRpVB+7pbw0t4+L9opWlYWYuGegEV30QXgHIjwqGjL4LPL/kjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCGcbqulPE0TFeB6SkB8sOegCCz5uvjwlpS1tq7H1lDffHfCR2OAw8M0xmWWHwJQpSJ6w==] db_user: wissenschaft diff --git a/customer/bmwi/db01-bmwi-de.pixelpark.net.yaml b/customer/bmwi/db01-bmwi-de.pixelpark.net.yaml index 8284ac29..5bd131cd 100644 --- a/customer/bmwi/db01-bmwi-de.pixelpark.net.yaml +++ b/customer/bmwi/db01-bmwi-de.pixelpark.net.yaml @@ -5,4 +5,4 @@ site::additional_classes: accounts::users: mike.milarc: apply: true - sudo: false + sudo: true diff --git a/customer/bmwi/db02-bmwi-de.pixelpark.net.yaml b/customer/bmwi/db02-bmwi-de.pixelpark.net.yaml index 8284ac29..5bd131cd 100644 --- a/customer/bmwi/db02-bmwi-de.pixelpark.net.yaml +++ b/customer/bmwi/db02-bmwi-de.pixelpark.net.yaml @@ -5,4 +5,4 @@ site::additional_classes: accounts::users: mike.milarc: apply: true - sudo: false + sudo: true diff --git a/customer/bmwi/dev-db-bmwi-de.pixelpark.net.yaml b/customer/bmwi/dev-db-bmwi-de.pixelpark.net.yaml index 8284ac29..5bd131cd 100644 --- a/customer/bmwi/dev-db-bmwi-de.pixelpark.net.yaml +++ b/customer/bmwi/dev-db-bmwi-de.pixelpark.net.yaml @@ -5,4 +5,4 @@ site::additional_classes: accounts::users: mike.milarc: apply: true - sudo: false + sudo: true diff --git a/customer/bmwi/test-db01-bmwi-de.pixelpark.net.yaml b/customer/bmwi/test-db01-bmwi-de.pixelpark.net.yaml index 8284ac29..5bd131cd 100644 --- a/customer/bmwi/test-db01-bmwi-de.pixelpark.net.yaml +++ b/customer/bmwi/test-db01-bmwi-de.pixelpark.net.yaml @@ -5,4 +5,4 @@ site::additional_classes: accounts::users: mike.milarc: apply: true - sudo: false + sudo: true diff --git a/customer/bmwi/test-db02-bmwi-de.pixelpark.net.yaml b/customer/bmwi/test-db02-bmwi-de.pixelpark.net.yaml index 8284ac29..5bd131cd 100644 --- a/customer/bmwi/test-db02-bmwi-de.pixelpark.net.yaml +++ b/customer/bmwi/test-db02-bmwi-de.pixelpark.net.yaml @@ -5,4 +5,4 @@ site::additional_classes: accounts::users: mike.milarc: apply: true - sudo: false + sudo: true diff --git a/customer/buschjaeger/common.yaml b/customer/buschjaeger/common.yaml index 608c5fc9..28c2d301 100644 --- a/customer/buschjaeger/common.yaml +++ b/customer/buschjaeger/common.yaml @@ -14,3 +14,7 @@ mysql::server::override_options: php::extensions: xml: {} pecl-zip: {} + +php::fpm::pools: + www: + ensure: absent \ No newline at end of file diff --git a/customer/buschjaeger/db01-buschjaeger-de.pixelpark.net.yaml b/customer/buschjaeger/db01-buschjaeger-de.pixelpark.net.yaml index 5bad746d..b7587f0f 100644 --- a/customer/buschjaeger/db01-buschjaeger-de.pixelpark.net.yaml +++ b/customer/buschjaeger/db01-buschjaeger-de.pixelpark.net.yaml @@ -19,20 +19,3 @@ mysql::server::override_options: binlog-format: 'MIXED' binlog-ignore-db: 'performance_schema, information_schema' -mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEACd5u+1KHOzai6B5uwpIGFWk9NFZ8FTT9ILsGNdvApgBMK01KqyHyiDtUE4l66Ilysv2bS4qfNz3Z51yruGpYYlWYiVf0owpOR2B/9C09Iu4lP6b8iLF5boGk3CaGkouzId3MhmKMffE3tLuk+l9/ULcjic38SHzYlreXZZwKzOHLvGdc1mBq8jPZIpceciYQRKjN7cu2MA2cSNvgb/uz+KeLGu0YTW9+1yAMJt97aRZCr0oE1HS9diZ5a6Y+7HeiomNVbd4oAwDwCkvCK/liliGrPZ/Et3QFZQXLGZk7PwgA1J2FtT1C6YFdQ6ZBgoNTCYB79gBVNTngLgX8jkD5XDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAnHucEuDYuiqiYu4ppE1kqgCCXaEvdI9nJRNdpWAnmBLXU3C0KJVL0b9X29dWZeOe4SA==] -mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAVftnzrzbLqTbApQSSj11vdznd0Xgj7A+UH6kSeYngCCEjo1hiOT+bOfqsGq3y21kOaQLsX6nr3nu4ACxNMPul+gA3avpMoG1QYS4Mi6JU/LeOtLG0a5vGX0e2JMuJMHY8ZkgxvMFj++pH7jUO+46VuzVy/hLtgsPxRl1VnUd3ECNwdtz1a8E6n5Vv8/wy2fqbouADvQCkdgDY/nkY85ITL32z+7RZ7GbukiQLAHbhKuJjAY7EtTXg9+iQMozHF6+aBzCKadxrfWT5IZoQBWV6u3eC6vTIAXYF4ACpsjJqDRR3oJnqgxAZaEUafczscdBCPp39Kc/ZY7u/Zgvo3uq1jBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDVl1eUjLzlGbDubGUmAvtXgCCYqfHtx/tkQC6vGCX0akRuG+ZuW3x/XrO5ixvPPYuGYQ==] -mysql::server::users: - 'replication@%': - password_hash: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEALHX81G3QHTzLO+wbfyH8MdAmaeeAp4VjNHzn3dOaY+VxD0DrMHSrH+UoCP/wAQ6mJ8zurJxsz3Uzwu5ZK1jidpcYZEAcL8lSaEUIfnzsEctKgStHtl9/gFSKLcg6vecEuISF6uvVXtgDPUvqcXppeUWhTGnpeV/ZUGgVWIA8p5X633BwGElAHIXChT7rNFL4LLG0uGi1nmE8vN76/zvcU7j+2Z2J1o/I3OoK5TMJmdQE3Xvv4LX6Z9gnrd/LfgrWeNEpAQgKWoJ0lqlxunSHRTiHqnPWrrpqegRoCFfwwRVUs27lRhpvl5mWiP5gEDTPrVkNAwnv8OBCOS/+AiIAzzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCGPO4tJk43Jxw8o7OVQHObgCBlE8oHrC6DimFOhlS21fFVryPa+7pKGOT8xREjz2qxjw==] -mysql::server::grants: - 'replication@%/*.*': - options: 'GRANT' - privileges: 'REPLICATION SLAVE' - table: '*.*' - user: 'replication@%' - -site::profile::mysql_server::databases: - buschjaeger: - user: buschjaeger - password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAg3b/hcogcZWEXmAR+t2/jsP8GIqbN7pQGnKtV9pmajGjt4OI/+RiUbw6mLZ2ZbdO+w7laW04rUozwyXGQwn10nfbym0m+IDAjVuAnQP5Sl3tU2Kdje+bcc5IAU36CoidkoAvMAI5Z9GHWtW/S8nr1tNeabzLotsJM4VOGpIF/s+aIJ+OSVHMuYcsW0PH0lSF+Gm0ErZZJ16YenU1Sazd625nABlKwOdZbtxfloB2ilQkoqhT/xWQrmqDNpuNqepQojJ5ncyYiVr3AM313LyCsbwvrt/YGCHXBo6MQvKfj7BrZsMiTUg9KeCd3nAtoVs8QfmymOQbdPRFFF7d6xfIXTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBfcrjMmfsDXo4qdURIb30BgCCIyMbnpf3K2Qg8Fgp+kWcsqJpK6SP0tOxXK4yG/YTd5Q==] - host: '93.188.107.%' diff --git a/customer/buschjaeger/db02-buschjaeger-de.pixelpark.net.yaml b/customer/buschjaeger/db02-buschjaeger-de.pixelpark.net.yaml index 289d45b0..e09df46d 100644 --- a/customer/buschjaeger/db02-buschjaeger-de.pixelpark.net.yaml +++ b/customer/buschjaeger/db02-buschjaeger-de.pixelpark.net.yaml @@ -19,20 +19,3 @@ mysql::server::override_options: binlog-format: 'MIXED' binlog-ignore-db: 'performance_schema, information_schema' -mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEACd5u+1KHOzai6B5uwpIGFWk9NFZ8FTT9ILsGNdvApgBMK01KqyHyiDtUE4l66Ilysv2bS4qfNz3Z51yruGpYYlWYiVf0owpOR2B/9C09Iu4lP6b8iLF5boGk3CaGkouzId3MhmKMffE3tLuk+l9/ULcjic38SHzYlreXZZwKzOHLvGdc1mBq8jPZIpceciYQRKjN7cu2MA2cSNvgb/uz+KeLGu0YTW9+1yAMJt97aRZCr0oE1HS9diZ5a6Y+7HeiomNVbd4oAwDwCkvCK/liliGrPZ/Et3QFZQXLGZk7PwgA1J2FtT1C6YFdQ6ZBgoNTCYB79gBVNTngLgX8jkD5XDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAnHucEuDYuiqiYu4ppE1kqgCCXaEvdI9nJRNdpWAnmBLXU3C0KJVL0b9X29dWZeOe4SA==] -mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAVftnzrzbLqTbApQSSj11vdznd0Xgj7A+UH6kSeYngCCEjo1hiOT+bOfqsGq3y21kOaQLsX6nr3nu4ACxNMPul+gA3avpMoG1QYS4Mi6JU/LeOtLG0a5vGX0e2JMuJMHY8ZkgxvMFj++pH7jUO+46VuzVy/hLtgsPxRl1VnUd3ECNwdtz1a8E6n5Vv8/wy2fqbouADvQCkdgDY/nkY85ITL32z+7RZ7GbukiQLAHbhKuJjAY7EtTXg9+iQMozHF6+aBzCKadxrfWT5IZoQBWV6u3eC6vTIAXYF4ACpsjJqDRR3oJnqgxAZaEUafczscdBCPp39Kc/ZY7u/Zgvo3uq1jBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDVl1eUjLzlGbDubGUmAvtXgCCYqfHtx/tkQC6vGCX0akRuG+ZuW3x/XrO5ixvPPYuGYQ==] -mysql::server::users: - 'replication@%': - password_hash: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEALHX81G3QHTzLO+wbfyH8MdAmaeeAp4VjNHzn3dOaY+VxD0DrMHSrH+UoCP/wAQ6mJ8zurJxsz3Uzwu5ZK1jidpcYZEAcL8lSaEUIfnzsEctKgStHtl9/gFSKLcg6vecEuISF6uvVXtgDPUvqcXppeUWhTGnpeV/ZUGgVWIA8p5X633BwGElAHIXChT7rNFL4LLG0uGi1nmE8vN76/zvcU7j+2Z2J1o/I3OoK5TMJmdQE3Xvv4LX6Z9gnrd/LfgrWeNEpAQgKWoJ0lqlxunSHRTiHqnPWrrpqegRoCFfwwRVUs27lRhpvl5mWiP5gEDTPrVkNAwnv8OBCOS/+AiIAzzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCGPO4tJk43Jxw8o7OVQHObgCBlE8oHrC6DimFOhlS21fFVryPa+7pKGOT8xREjz2qxjw==] -mysql::server::grants: - 'replication@%/*.*': - options: 'GRANT' - privileges: 'REPLICATION SLAVE' - table: '*.*' - user: 'replication@%' - -site::profile::mysql_server::databases: - buschjaeger: - user: buschjaeger - password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAg3b/hcogcZWEXmAR+t2/jsP8GIqbN7pQGnKtV9pmajGjt4OI/+RiUbw6mLZ2ZbdO+w7laW04rUozwyXGQwn10nfbym0m+IDAjVuAnQP5Sl3tU2Kdje+bcc5IAU36CoidkoAvMAI5Z9GHWtW/S8nr1tNeabzLotsJM4VOGpIF/s+aIJ+OSVHMuYcsW0PH0lSF+Gm0ErZZJ16YenU1Sazd625nABlKwOdZbtxfloB2ilQkoqhT/xWQrmqDNpuNqepQojJ5ncyYiVr3AM313LyCsbwvrt/YGCHXBo6MQvKfj7BrZsMiTUg9KeCd3nAtoVs8QfmymOQbdPRFFF7d6xfIXTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBfcrjMmfsDXo4qdURIb30BgCCIyMbnpf3K2Qg8Fgp+kWcsqJpK6SP0tOxXK4yG/YTd5Q==] - host: '93.188.107.%' diff --git a/customer/buschjaeger/production.yaml b/customer/buschjaeger/production.yaml index 30038eb2..1581473a 100644 --- a/customer/buschjaeger/production.yaml +++ b/customer/buschjaeger/production.yaml @@ -1,6 +1,5 @@ --- - zookeeper::repo: 'cloudera' zookeeper::cdhver: '5' zookeeper::initialize_datastore: true @@ -23,6 +22,76 @@ solr::cores: austrian: {} dutch: {} english: {} - french: {} polish: {} russian: {} + + +apache::default_vhost: false + +site::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAA99fMDcku0YVZ6iGjWLJ0SyNookLa5DcQM4qy4ccId+UgOS/7fRcjQa3+TEPH26cBnH6yU3nqSPEoB94NtG7oGUP/UYJ0gFDBoLDvixGKItd4NkTYU2Ac94JjFRF+FNxXTvT9R2oPoJPsNsKM+lHY7d6oPD2FWCEyt3vjFxV8Vi4no5jDzTttiwtB/RMrCHjKoxjVHHh+f12fFvCgFS1tDTxWeckNESvD06K8kHjTgRuVP/SrkdKeMIcW09MJuLRlQjPDfGfOR0fncUwL4M4DtDZUs1ZQMszf1A+WpHst8EWGRAMVfZlW7LmczxdZLDlE4g4uRWLospi0YBFzdtYPDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBA302qMqHx/UHmKRsDlv0uogBDBDvhIN/87hDeBt4DaAw4u] + +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEACd5u+1KHOzai6B5uwpIGFWk9NFZ8FTT9ILsGNdvApgBMK01KqyHyiDtUE4l66Ilysv2bS4qfNz3Z51yruGpYYlWYiVf0owpOR2B/9C09Iu4lP6b8iLF5boGk3CaGkouzId3MhmKMffE3tLuk+l9/ULcjic38SHzYlreXZZwKzOHLvGdc1mBq8jPZIpceciYQRKjN7cu2MA2cSNvgb/uz+KeLGu0YTW9+1yAMJt97aRZCr0oE1HS9diZ5a6Y+7HeiomNVbd4oAwDwCkvCK/liliGrPZ/Et3QFZQXLGZk7PwgA1J2FtT1C6YFdQ6ZBgoNTCYB79gBVNTngLgX8jkD5XDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAnHucEuDYuiqiYu4ppE1kqgCCXaEvdI9nJRNdpWAnmBLXU3C0KJVL0b9X29dWZeOe4SA==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAVftnzrzbLqTbApQSSj11vdznd0Xgj7A+UH6kSeYngCCEjo1hiOT+bOfqsGq3y21kOaQLsX6nr3nu4ACxNMPul+gA3avpMoG1QYS4Mi6JU/LeOtLG0a5vGX0e2JMuJMHY8ZkgxvMFj++pH7jUO+46VuzVy/hLtgsPxRl1VnUd3ECNwdtz1a8E6n5Vv8/wy2fqbouADvQCkdgDY/nkY85ITL32z+7RZ7GbukiQLAHbhKuJjAY7EtTXg9+iQMozHF6+aBzCKadxrfWT5IZoQBWV6u3eC6vTIAXYF4ACpsjJqDRR3oJnqgxAZaEUafczscdBCPp39Kc/ZY7u/Zgvo3uq1jBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDVl1eUjLzlGbDubGUmAvtXgCCYqfHtx/tkQC6vGCX0akRuG+ZuW3x/XrO5ixvPPYuGYQ==] +mysql::server::users: + 'replication@%': + password_hash: ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEASyqFwgVGR0luvSUOqQgjmlLSTvZlDDi73es7y8BTpljayPdWqVF9nysaSxrghUGJyIk7PBjRjFVgfFN4/JiDUa0KEpS8x8ZlljptHNTq/EfW7w9rAo63X6baLfNyxHDqt+/0DqkOG/Bb1TbBt92ImFBVhn+QbKE8CuoSfxp29kB7qJ5VeVPbbhgPZyo1pJiSKJCYdZFLeWp69Y682ZUDAk7IOcopQpxgrpmfxfhxugChCVX/Nb4NYJRhfXE/0EY4eP367Uw6OFJzgvCGrE0xs2VR+h5TwqE0wNgKkgUQ4gkzU3xfbV6pqWldgRLw7Xa7KvAPrKnQOtSQ6RvQWAbu9jBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCGI1gSUuBFJ9g9Riz8hvyigDBaF7426Aft+LnfW4zI82IpHB/wQx/Q86wtD+sGs4qXgC0gpAlTXwBbO7wPCXZf3g4=] +mysql::server::grants: + 'replication@%/*.*': + options: 'GRANT' + privileges: 'REPLICATION SLAVE' + table: '*.*' + user: 'replication@%' + +site::profile::mysql_server::databases: + buschjaeger: + user: buschjaeger + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEANXY+CqjsZhYlwL8a7tG4QghAFhWEfa3nFyjv9nUW3pC5R+GkfZY4v9Cic0cFx6OAuXYXxHVhNAqjJ5a+fnk4CQShW0W4J3Tj2eULc6gN2qvnlyQffYpU6Q3riOgfxvM11yi7U8Z5F8B7rWwmsgLC18c/NIq2WH9Wzl/AL6VPESDKxB6hTYe+QVqVunaxL5tAf6f79A6ixAcxwtW3Aduh8PsjIR/yD+/8l3YrEY5n551YBSnWMblvzAhDylF//tGx1X1+O3aUOn27NPC2j6W6Jf+Kv1o/ncevzlGmycRPb024UTseNfrNVxeI1sFQFyly6k292y8LEJiT8Q6gJwD1wjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDeGfUxqEwhFpI7qcJ5t6EcgCD6+Y34GhyBcZUS3ngLYlYiM8SF2daJWsV1FKxO2eVhZw==] + host: '93.188.107.%' + + +site::profile::typo3::projects: + buschjaeger: + version: '7.6.15' + site_path: '/var/www/html/buschjaeger' + db_pass: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAg3b/hcogcZWEXmAR+t2/jsP8GIqbN7pQGnKtV9pmajGjt4OI/+RiUbw6mLZ2ZbdO+w7laW04rUozwyXGQwn10nfbym0m+IDAjVuAnQP5Sl3tU2Kdje+bcc5IAU36CoidkoAvMAI5Z9GHWtW/S8nr1tNeabzLotsJM4VOGpIF/s+aIJ+OSVHMuYcsW0PH0lSF+Gm0ErZZJ16YenU1Sazd625nABlKwOdZbtxfloB2ilQkoqhT/xWQrmqDNpuNqepQojJ5ncyYiVr3AM313LyCsbwvrt/YGCHXBo6MQvKfj7BrZsMiTUg9KeCd3nAtoVs8QfmymOQbdPRFFF7d6xfIXTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBfcrjMmfsDXo4qdURIb30BgCCIyMbnpf3K2Qg8Fgp+kWcsqJpK6SP0tOxXK4yG/YTd5Q==] + db_user: buschjaeger + db_name: buschjaeger + mode: '0775' + servername: www-busch-jaeger-de.pixelpark.net + serveraliases: + - www.busch-jaeger.de + - busch-jaeger.de + - www.busch-jaeger.com + - busch-jaeger.com + # Pixelpark Aliase + - web01-buschjaeger-de.pixelpark.net + - web02-buschjaeger-de.pixelpark.net + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + directories: + - directory1: + provider: directory + path: '/var/www/html/buschjaeger.de/' + options: + - FollowSymLinks + - MultiViews + allow_override: + - All + - location1: + provider: location + path: '/' + auth_type: Digest + auth_name: server + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' + require: + - local + php_admin_value: + post_max_size: 500M + max_input_vars: 1500 + memory_limit: 256M \ No newline at end of file diff --git a/customer/buschjaeger/test-web-buschjaeger-de.pixelpark.net.yaml b/customer/buschjaeger/test-web-buschjaeger-de.pixelpark.net.yaml index a3d8ea0e..6f702e4c 100644 --- a/customer/buschjaeger/test-web-buschjaeger-de.pixelpark.net.yaml +++ b/customer/buschjaeger/test-web-buschjaeger-de.pixelpark.net.yaml @@ -3,23 +3,20 @@ site::role: base site::additional_classes: - site::profile::typo3 - site::profile::mysql_server - - apache::mod::headers + - solr accounts::users: jenkins: apply: true group: apache - service.typo3: - apply: true - group: apache heiko.hardt: apply: true + felix.rauch: + apply: true + groups: apache apache::default_vhost: false -php::dev: true -php::pear: true - repo::remi_php70: true mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEASNstNQOCo8uMJelKhHYYb2+K93HY8AFHpBrjsgE3i8L7hxLi2+HkIb2mnQCyCXuJ+DnKxJbUeHbLLExSVK8SVm740uq8cSIqzDAykWpML0fR7/7BLvlcmtwbZ3CjE1o3nKRnSYr0203VYAipWJnrbsSUTbOzXLalmx27u1a1zMv84uCH77f+RWDbR60glqC32nCDvgZ7MsD1MPIS8NW7u8/tKmrr9+4hPhyDLD0rcAnwDCGjENmxtodmPJb+fmNelgpFP4IgPK5MMQquJbskZ5Q7zMyW71vWI55XgtEyIhfb91rpKr9Q6K1h8ljQ7N1LTUfBFAg4w7M+WcJHlIEZ4zBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBf37OGlSaT5AYfsVlybM/GgCCXP8RbLaqs5fXJo0lRFtVawkBqZ6XD+gj8008bkmwPHw==] @@ -36,7 +33,7 @@ site::profile::apache::htdigest: site::profile::typo3::projects: buschjaeger: version: '7.6.15' - site_path: '/var/www/html/buschjaeger.de' + site_path: '/var/www/html/buschjaeger' db_pass: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAqAPfjkpxjcB5OcaggCEMoZHgfmgXMVfpG0ND7UBSK8O0nYKGS7Z7CP1SrrRXxU3HmSiwhm0t8BE7j1E4wtkeacvv8rxDN85FE84RtDO08ZYNH48SZ/FUpXbLtAAyuP+wF2ZGBHtjGGYHYDP0XJpACTVgExkN8vyNa8N7Y5OPZwfohbDZQZEo2kY0NXeNnGEPKVgzDQevtlbScWk2ut8xDf0hL0aqa/K+iDqC1OufylB1VLoDEWWKKU8baxwZTVf4f4GfbkF96tqt+RTMfh08Zxlq7UOK1bZNvkKs/ThxsxffmtMhkcBnB8x7L+Ft2+ylK7SBwql+CuwJmE6Xiq0hFDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCiYj0KHXpkMN7Rn5o+9LC8gBBoSH581Kj/zsC951SN/uis] db_user: buschjaeger db_name: buschjaeger @@ -64,10 +61,80 @@ site::profile::typo3::projects: auth_require: 'valid-user' require: - local - user: service.typo3 - mode: '2775' + user: apache + mode: '0775' php_admin_value: post_max_size: 500M max_input_vars: 1500 memory_limit: 256M - always_populate_raw_post_data: -1 + +solr::version: 6.3.0 +solr::cores: + german: + currency_src_file: /var/solr-typo3/typo3cores/german/conf/currency.xml + protwords_src_file: /var/solr-typo3/typo3cores/german/conf/protwords.txt + schema_src_file: /var/solr-typo3/typo3cores/german/conf/schema.xml + solrconfig_src_file: /var/solr-typo3/typo3cores/german/conf/solrconfig.xml + synonyms_src_file: /var/solr-typo3/typo3cores/german/conf/synonyms.txt + other_files: + - /var/solr-typo3/typo3cores/german/conf/elevate.xml + - /var/solr-typo3/typo3cores/german/conf/general_schema_fields.xml + - /var/solr-typo3/typo3cores/german/conf/general_schema_types.xml + - /var/solr-typo3/typo3cores/german/conf/german-common-nouns.txt + - /var/solr-typo3/typo3cores/german/conf/_schema_analysis_stopwords_german.json + austrian: + currency_src_file: /var/solr-typo3/typo3cores/austrian/conf/currency.xml + protwords_src_file: /var/solr-typo3/typo3cores/austrian/conf/protwords.txt + schema_src_file: /var/solr-typo3/typo3cores/austrian/conf/schema.xml + solrconfig_src_file: /var/solr-typo3/typo3cores/austrian/conf/solrconfig.xml + synonyms_src_file: /var/solr-typo3/typo3cores/austrian/conf/synonyms.txt + other_files: + - /var/solr-typo3/typo3cores/austrian/conf/elevate.xml + - /var/solr-typo3/typo3cores/austrian/conf/general_schema_fields.xml + - /var/solr-typo3/typo3cores/austrian/conf/general_schema_types.xml + - /var/solr-typo3/typo3cores/austrian/conf/austrian-common-nouns.txt + - /var/solr-typo3/typo3cores/austrian/conf/_schema_analysis_stopwords_austrian.json + dutch: + currency_src_file: /var/solr-typo3/typo3cores/dutch/conf/currency.xml + protwords_src_file: /var/solr-typo3/typo3cores/dutch/conf/protwords.txt + schema_src_file: /var/solr-typo3/typo3cores/dutch/conf/schema.xml + solrconfig_src_file: /var/solr-typo3/typo3cores/dutch/conf/solrconfig.xml + synonyms_src_file: /var/solr-typo3/typo3cores/dutch/conf/synonyms.txt + other_files: + - /var/solr-typo3/typo3cores/dutch/conf/elevate.xml + - /var/solr-typo3/typo3cores/dutch/conf/general_schema_fields.xml + - /var/solr-typo3/typo3cores/dutch/conf/general_schema_types.xml + - /var/solr-typo3/typo3cores/dutch/conf/_schema_analysis_stopwords_dutch.json + english: + currency_src_file: /var/solr-typo3/typo3cores/english/conf/currency.xml + protwords_src_file: /var/solr-typo3/typo3cores/english/conf/protwords.txt + schema_src_file: /var/solr-typo3/typo3cores/english/conf/schema.xml + solrconfig_src_file: /var/solr-typo3/typo3cores/english/conf/solrconfig.xml + synonyms_src_file: /var/solr-typo3/typo3cores/english/conf/synonyms.txt + other_files: + - /var/solr-typo3/typo3cores/english/conf/elevate.xml + - /var/solr-typo3/typo3cores/english/conf/general_schema_fields.xml + - /var/solr-typo3/typo3cores/english/conf/general_schema_types.xml + - /var/solr-typo3/typo3cores/english/conf/_schema_analysis_stopwords_english.json + polish: + currency_src_file: /var/solr-typo3/typo3cores/polish/conf/currency.xml + protwords_src_file: /var/solr-typo3/typo3cores/polish/conf/protwords.txt + schema_src_file: /var/solr-typo3/typo3cores/polish/conf/schema.xml + solrconfig_src_file: /var/solr-typo3/typo3cores/polish/conf/solrconfig.xml + synonyms_src_file: /var/solr-typo3/typo3cores/polish/conf/synonyms.txt + other_files: + - /var/solr-typo3/typo3cores/polish/conf/elevate.xml + - /var/solr-typo3/typo3cores/polish/conf/general_schema_fields.xml + - /var/solr-typo3/typo3cores/polish/conf/general_schema_types.xml + - /var/solr-typo3/typo3cores/polish/conf/_schema_analysis_stopwords_polish.json + russian: + currency_src_file: /var/solr-typo3/typo3cores/russian/conf/currency.xml + protwords_src_file: /var/solr-typo3/typo3cores/russian/conf/protwords.txt + schema_src_file: /var/solr-typo3/typo3cores/russian/conf/schema.xml + solrconfig_src_file: /var/solr-typo3/typo3cores/russian/conf/solrconfig.xml + synonyms_src_file: /var/solr-typo3/typo3cores/russian/conf/synonyms.txt + other_files: + - /var/solr-typo3/typo3cores/russian/conf/elevate.xml + - /var/solr-typo3/typo3cores/russian/conf/general_schema_fields.xml + - /var/solr-typo3/typo3cores/russian/conf/general_schema_types.xml + - /var/solr-typo3/typo3cores/russian/conf/_schema_analysis_stopwords_russian.json diff --git a/customer/buschjaeger/web01-buschjaeger-de.pixelpark.net.yaml b/customer/buschjaeger/web01-buschjaeger-de.pixelpark.net.yaml index 946e3135..50f16eaa 100644 --- a/customer/buschjaeger/web01-buschjaeger-de.pixelpark.net.yaml +++ b/customer/buschjaeger/web01-buschjaeger-de.pixelpark.net.yaml @@ -9,6 +9,9 @@ site::additional_classes: zookeeper::id: '1' solr::host: search01-buschjaeger-de.pixelpark.net +# Enable only on webserver vms +repo::remi_php70: true + accounts::users: jenkins: apply: true @@ -19,53 +22,6 @@ accounts::users: heiko.hardt: apply: true -apache::default_vhost: false - -repo::remi_php70: true - -site::profile::apache::htdigest: - server: - www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAA99fMDcku0YVZ6iGjWLJ0SyNookLa5DcQM4qy4ccId+UgOS/7fRcjQa3+TEPH26cBnH6yU3nqSPEoB94NtG7oGUP/UYJ0gFDBoLDvixGKItd4NkTYU2Ac94JjFRF+FNxXTvT9R2oPoJPsNsKM+lHY7d6oPD2FWCEyt3vjFxV8Vi4no5jDzTttiwtB/RMrCHjKoxjVHHh+f12fFvCgFS1tDTxWeckNESvD06K8kHjTgRuVP/SrkdKeMIcW09MJuLRlQjPDfGfOR0fncUwL4M4DtDZUs1ZQMszf1A+WpHst8EWGRAMVfZlW7LmczxdZLDlE4g4uRWLospi0YBFzdtYPDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBA302qMqHx/UHmKRsDlv0uogBDBDvhIN/87hDeBt4DaAw4u] - -site::profile::typo3::projects: - buschjaeger: - version: '7.6.15' - site_path: '/var/www/html/buschjaeger.de' - db_pass: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAg3b/hcogcZWEXmAR+t2/jsP8GIqbN7pQGnKtV9pmajGjt4OI/+RiUbw6mLZ2ZbdO+w7laW04rUozwyXGQwn10nfbym0m+IDAjVuAnQP5Sl3tU2Kdje+bcc5IAU36CoidkoAvMAI5Z9GHWtW/S8nr1tNeabzLotsJM4VOGpIF/s+aIJ+OSVHMuYcsW0PH0lSF+Gm0ErZZJ16YenU1Sazd625nABlKwOdZbtxfloB2ilQkoqhT/xWQrmqDNpuNqepQojJ5ncyYiVr3AM313LyCsbwvrt/YGCHXBo6MQvKfj7BrZsMiTUg9KeCd3nAtoVs8QfmymOQbdPRFFF7d6xfIXTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBfcrjMmfsDXo4qdURIb30BgCCIyMbnpf3K2Qg8Fgp+kWcsqJpK6SP0tOxXK4yG/YTd5Q==] - db_user: buschjaeger - db_name: buschjaeger - servername: web01-buschjaeger-de.pixelpark.net - ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' - ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - directories: - - directory1: - provider: directory - path: '/var/www/html/buschjaeger.de/' - options: - - FollowSymLinks - - MultiViews - allow_override: - - All - - location1: - provider: location - path: '/' - auth_type: Digest - auth_name: server - auth_digest_provider: file - auth_digest_algorithm: MD5 - auth_user_file: '/etc/httpd/htdigest' - auth_require: 'valid-user' - require: - - local - user: service.typo3 - mode: '2775' - php_admin_value: - post_max_size: 500M - max_input_vars: 1500 - memory_limit: 256M - always_populate_raw_post_data: -1 - ### SFTP Accounts ### #site::profile::apache::pp_vhosts: # update.busch-jaeger.de: diff --git a/customer/buschjaeger/web02-buschjaeger-de.pixelpark.net.yaml b/customer/buschjaeger/web02-buschjaeger-de.pixelpark.net.yaml index 9bcd4f86..b7848f08 100644 --- a/customer/buschjaeger/web02-buschjaeger-de.pixelpark.net.yaml +++ b/customer/buschjaeger/web02-buschjaeger-de.pixelpark.net.yaml @@ -9,6 +9,9 @@ site::additional_classes: zookeeper::id: '2' solr::host: search02-buschjaeger-de.pixelpark.net +# Enable only on webserver vms +repo::remi_php70: true + accounts::users: jenkins: apply: true @@ -19,53 +22,6 @@ accounts::users: heiko.hardt: apply: true -apache::default_vhost: false - -repo::remi_php70: true - -site::profile::apache::htdigest: - server: - www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAA99fMDcku0YVZ6iGjWLJ0SyNookLa5DcQM4qy4ccId+UgOS/7fRcjQa3+TEPH26cBnH6yU3nqSPEoB94NtG7oGUP/UYJ0gFDBoLDvixGKItd4NkTYU2Ac94JjFRF+FNxXTvT9R2oPoJPsNsKM+lHY7d6oPD2FWCEyt3vjFxV8Vi4no5jDzTttiwtB/RMrCHjKoxjVHHh+f12fFvCgFS1tDTxWeckNESvD06K8kHjTgRuVP/SrkdKeMIcW09MJuLRlQjPDfGfOR0fncUwL4M4DtDZUs1ZQMszf1A+WpHst8EWGRAMVfZlW7LmczxdZLDlE4g4uRWLospi0YBFzdtYPDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBA302qMqHx/UHmKRsDlv0uogBDBDvhIN/87hDeBt4DaAw4u] - -site::profile::typo3::projects: - buschjaeger: - version: '7.6.15' - site_path: '/var/www/html/buschjaeger.de' - db_pass: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAg3b/hcogcZWEXmAR+t2/jsP8GIqbN7pQGnKtV9pmajGjt4OI/+RiUbw6mLZ2ZbdO+w7laW04rUozwyXGQwn10nfbym0m+IDAjVuAnQP5Sl3tU2Kdje+bcc5IAU36CoidkoAvMAI5Z9GHWtW/S8nr1tNeabzLotsJM4VOGpIF/s+aIJ+OSVHMuYcsW0PH0lSF+Gm0ErZZJ16YenU1Sazd625nABlKwOdZbtxfloB2ilQkoqhT/xWQrmqDNpuNqepQojJ5ncyYiVr3AM313LyCsbwvrt/YGCHXBo6MQvKfj7BrZsMiTUg9KeCd3nAtoVs8QfmymOQbdPRFFF7d6xfIXTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBfcrjMmfsDXo4qdURIb30BgCCIyMbnpf3K2Qg8Fgp+kWcsqJpK6SP0tOxXK4yG/YTd5Q==] - db_user: buschjaeger - db_name: buschjaeger - servername: web02-buschjaeger-de.pixelpark.net - ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' - ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - directories: - - directory1: - provider: directory - path: '/var/www/html/buschjaeger.de/' - options: - - FollowSymLinks - - MultiViews - allow_override: - - All - - location1: - provider: location - path: '/' - auth_type: Digest - auth_name: server - auth_digest_provider: file - auth_digest_algorithm: MD5 - auth_user_file: '/etc/httpd/htdigest' - auth_require: 'valid-user' - require: - - local - user: service.typo3 - mode: '2775' - php_admin_value: - post_max_size: 500M - max_input_vars: 1500 - memory_limit: 256M - always_populate_raw_post_data: -1 - ### SFTP Accounts ### #site::profile::apache::pp_vhosts: # update.busch-jaeger.de: diff --git a/customer/emperra/www-tmp-emperra-com.pixelpark.net.yaml b/customer/emperra/www-tmp-emperra-com.pixelpark.net.yaml index da32d52f..ce2591ff 100644 --- a/customer/emperra/www-tmp-emperra-com.pixelpark.net.yaml +++ b/customer/emperra/www-tmp-emperra-com.pixelpark.net.yaml @@ -38,4 +38,4 @@ site::profile::wordpress::projects: php::extensions: - mysql: {} + mysqlnd: {} diff --git a/customer/fbb-captive/test-web-captive-berlin-airport-de.pixelpark.net.yaml b/customer/fbb-captive/test-web-captive-berlin-airport-de.pixelpark.net.yaml new file mode 100644 index 00000000..40c53760 --- /dev/null +++ b/customer/fbb-captive/test-web-captive-berlin-airport-de.pixelpark.net.yaml @@ -0,0 +1,60 @@ +--- +site::role: base +site::additional_classes: + - site::profile::apache + +accounts::users: + markus.baumann: + apply: true + sudo: true + thomas.bussmeyer: + apply: true + sudo: true + peter.kreinz: + apply: true + sudo: true + harry.teuber: + apply: true + sudo: true + christian.schoenherr: + apply: true + sudo: true + dennis.klein: + apply: true + sudo: true + jenkins: + apply: true + sudo: false + +sudo::configs: + jenkins_rights: + priority: "06" + content: | + jenkins ALL=(apache) NOPASSWD: ALL + +site::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAoS405UErGdABrTEbiT9RTT6BBAQvgrVCww76IwoVWmerISWrLe7vkX+fG9wuaeLPBGaCE1AF+TpAopn5y+7cab0JwYEpkfBTfyBff5psqymb0+OYK/rt7si6yjncdCX/YG0iHAd/I/veNQk2ZQls1FBl3Re2pFISTQUalHf812pn8vRkmuTiXIr5oxH6CbXYKyikKhVxfO0BDzOt6tGvNm6SGPSZakvsGdhwzrxY+hbMY9sGbK4Rg2LdF259F/zLKxTf+mGHX+tWKDdNnhC/6Q/mfgleObJYDgocJE6GoEM0UDAQJGDXhW3W/Zw9nilWqrng1muTEy8mLYhzdoLjNTA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCVOpScmtiJKkyJ7GK25Vd7gBCaTLPmlL54qrAKp2tUdu2S] + +site::profile::apache::pp_vhosts: + www: + docroot: '/var/www/captive' + servername: tstcaptive.berlin-airport.de + serveraliases: + - test-web-captive-berlin-airport-de.pixelpark.net + ssl_cert: '/etc/pki/tls/certs/wildcard.berlin-airport.de-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.berlin-airport.de-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.berlin-airport.de-cert.pem' + docroot_owner: apache + docroot_group: apache + docroot_mode: '0775' + directories: + - location1: + provider: location + path: '/' + auth_type: Digest + auth_name: server + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' \ No newline at end of file diff --git a/customer/fbb-captive/web01-captive-berlin-airport-de.pixelpark.net.yaml b/customer/fbb-captive/web01-captive-berlin-airport-de.pixelpark.net.yaml new file mode 100644 index 00000000..e0d3dd19 --- /dev/null +++ b/customer/fbb-captive/web01-captive-berlin-airport-de.pixelpark.net.yaml @@ -0,0 +1,41 @@ +--- +site::role: base +site::additional_classes: + - site::profile::apache + +accounts::users: + jenkins: + apply: true + sudo: false + +sudo::configs: + jenkins_rights: + priority: "06" + content: | + jenkins ALL=(apache) NOPASSWD: ALL + +site::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAtWl7/86zeNqLlwrzd83QW50Fy2tMnsfWqib3TTEQy0uN0DCsHv2izUfdDXYs3nwfgFG9IitpCdsAiMzDVbIJtXthnazJiikJYs2sh7OTJIN4pRkWckGsuLwWI2DMW3gTvhArrXuonY/xM7DOTFKoAVcFnyQ5NAqRirOx2dS8jOgKnVCny8uTNL1UrnNh3sSip2ZIaOO7aIxKeZ2nYiUiz4RQDIbWmdF/4big3m0UmiMnvvsQ8aUavpSt3vG9/vjdQnBhEV57spmqsvJLasm2fu+6/1dAbP7tASA2XPdtNC+ymOTqnCK8dR6I3wk3+yxUP7gPY85LyoOkpp/UiChrlTA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAJaFEaZSd+y28aSMJhmn/KgBDyEJ2HyF9CB3TK5XdM/Nh7] + +site::profile::apache::pp_vhosts: + www: + docroot: '/var/www/captive' + servername: captive.berlin-airport.de + serveraliases: + - web01-captive-berlin-airport-de.pixelpark.net + - captive-berlin-airport-de.pixelpark.net + ssl: false + docroot_owner: apache + docroot_group: apache + docroot_mode: '0775' + directories: + - location1: + provider: location + path: '/' + auth_type: Digest + auth_name: server + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' \ No newline at end of file diff --git a/customer/fbb-captive/web02-captive-berlin-airport-de.pixelpark.net.yaml b/customer/fbb-captive/web02-captive-berlin-airport-de.pixelpark.net.yaml new file mode 100644 index 00000000..2a99ea13 --- /dev/null +++ b/customer/fbb-captive/web02-captive-berlin-airport-de.pixelpark.net.yaml @@ -0,0 +1,41 @@ +--- +site::role: base +site::additional_classes: + - site::profile::apache + +accounts::users: + jenkins: + apply: true + sudo: false + +sudo::configs: + jenkins_rights: + priority: "06" + content: | + jenkins ALL=(apache) NOPASSWD: ALL + +site::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAtWl7/86zeNqLlwrzd83QW50Fy2tMnsfWqib3TTEQy0uN0DCsHv2izUfdDXYs3nwfgFG9IitpCdsAiMzDVbIJtXthnazJiikJYs2sh7OTJIN4pRkWckGsuLwWI2DMW3gTvhArrXuonY/xM7DOTFKoAVcFnyQ5NAqRirOx2dS8jOgKnVCny8uTNL1UrnNh3sSip2ZIaOO7aIxKeZ2nYiUiz4RQDIbWmdF/4big3m0UmiMnvvsQ8aUavpSt3vG9/vjdQnBhEV57spmqsvJLasm2fu+6/1dAbP7tASA2XPdtNC+ymOTqnCK8dR6I3wk3+yxUP7gPY85LyoOkpp/UiChrlTA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAJaFEaZSd+y28aSMJhmn/KgBDyEJ2HyF9CB3TK5XdM/Nh7] + +site::profile::apache::pp_vhosts: + www: + docroot: '/var/www/captive' + servername: captive.berlin-airport.de + serveraliases: + - web02-captive-berlin-airport-de.pixelpark.net + - captive-berlin-airport-de.pixelpark.net + ssl: false + docroot_owner: apache + docroot_group: apache + docroot_mode: '0775' + directories: + - location1: + provider: location + path: '/' + auth_type: Digest + auth_name: server + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' \ No newline at end of file diff --git a/customer/fbb-orat/common.yaml b/customer/fbb-orat/common.yaml index eb6d5a02..56ddb849 100644 --- a/customer/fbb-orat/common.yaml +++ b/customer/fbb-orat/common.yaml @@ -1,5 +1,4 @@ --- -site::role: base apache::default_vhost: false @@ -21,3 +20,12 @@ php::extensions: mysqlnd: {} # soap: {} # mbstring: {} + +auth_key: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAq1UTWjXS+8NsszHSQAtaW2CmsydiKyfhXT1tHVpnT1QI+jOa2d4P/COz8aOXoDqcRbA381YvaRFLAiQsHesUTkqgjWBSh91Jmo0xy6s+EAB243bfDZbwhdoaS6xzws0qOe+xQuEGfq3b3j3+OwXftUope0qS5Nh2/Xh1cHK42V0rROIBWN7lyoAkuP2TzZ9/UDXmUwQadbh6lVyR5fDksUYEf+aYpGxex3fMcRbM5sfJtyJtYyYlyH/SNWi7bRYc8QWJkmcVcL5tr08CAxnIbz0WeS57FnhR30ZTcXxqAxV0KtAViCXQzxgWzATDu+GZv0wgOb4TJuhTZEmhV2piGzB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDsF0OpiI+HwRE3flhNCOhNgFDAihMMmZduIH9m2n6FCFOLlf3v2KR5/bKNSusTUGDk57F9a7CxRlYWwptrWG9VbEBifIwwylx5TXb2nR78IWYN+wQnvmRlfsx1hlUQdHJ7Eg==] +secure_auth_key: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEANebNdFWfqjpboPG3gCutXaIvcskrih7jYbkp+A3kHyTA/52zqlVWN+apyEK/yo6faowsfIQtuKf43Iwb3oIV9QOS1arkDmvc3cShou3VJoWZYE1npVUrEjVB+ROVpcTC6dsFbgmC0Hl4cjLfNLRRGW8kFkld50SlG6pQIioIrjl5Qtjm82a5ZZzaWRo9TODBmZT6m63V3haA/W8GIuAFjn/mQpTlqFhhpEBLl1pGcOX7aQsbPxv0oKuF6tj1JQQRd/RjH4xSO+6iOrFu3C466d9Xr4JArUZRKA6K1qRhIawfOp4oI+TrxRlt51+qGtIUEsVbg9UGc8sv0yZPDtnflDB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBI/IDVjIKFpJq0Coy9nzFwgFDC3TX2NpEJ6+nKtzy+kD/ohUB+OElKrLPQKAc7QzQGMRKMCo9iySSc04mFCdGH5Ca+P3TflMRFumDO/PGu4hz1cFF6knmNTdlRNRjU/Q9jJQ==] +logged_in_key: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEATK1HQxJtk9V27Sb4Vi+dtyXha9xoUCEqgups1Xo9s3T+mxvbM9JLa7cdsaWmJbCOrcEeMRghUyAYmS57zzZqvP72kfhI2OoyLaodp+HqrFhRRZnNZ94GisxmOnVucWhP1CQukyU0jEaHH8VQ1Z35ONT8M62Fyipt4BppDagg6cfpvmcBz6TA08syOl6tXJfrzVxlH2Awv8b0iAvohpYnmg9OZmdVZodde2Du1WZvStmPl01AfM2o6Yw25JHyV0fI7F6+Y7+MdIsJHSnY888Y/AwQs6PBe8y9NPppnb+GV3E2IHFzsSVquh2cp/8wNpRVkaTfR3aQrgAeOkwVCf9HgzB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAqbB+N6MTt3DRmJ84J1fdFgFAHS+Lg6wwvRsu8nQ7/e2tVhEKDKJDLc4SJs+y2Uo4uc5KxgrnYZQJBrhVLLuXBvhzbTSV7ZkbDC1kszPZqzwmhA2gz3jJgBX3ITVPqF97QqA==] +nonce_key: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAYCs1EPgo8HQr6/GpTcZ3p8MKao+1BiDr0b+4ugTPflVkjDCxI5eVoHMtIsZUGWvMSFrkYwGbYOh9J6+QBMloTOzmG+JWQMOfQFFi4J8U657YE/s2J7Qp3CAYLWa5hSAYd1om0+i8kdM7WbOozTIpXvJZDI97V6IXWSMA1kKe2dm3bQ7hrcXM3gKTZjonAot9UJ2vZ+2ytu4HgHGZluhE1PC3O8Nmnnjdp3SIoCPymepJIakYC5q5Sh/UNm/l90jOsjbr+o3CGi108rjgO5ucAlYL4LW2EiLgy9KZRx032LpmQkTCphY/4Pi53v72zIOmNfktKvQ9+GXvJ8Lv2USplzB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBB1lg9wNySUPdt8OmWH/dYNgFAjwqLBtu32KkrdbM9DqBbVIZ2KrCRC/jYPsIHsdmDjb2hSmGey2zxz9Yzz0DbfKE8sXP/aqoEYQecnysmXHizz5IYsRstsJSjdfNyQVCqnZA==] +auth_salt: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAor4rxpGEwiD1bduhl9eQyHxCWq69Qp/UuIpgE4QGeXopbNeWqdx9tR2i2M31aimflC+ohZPlRWG5KkKrE5lx+MzWy29CXYsIRXxdjzA8uiIfrNnx9Bil243dSN3gmkaANusqh0sLdidT2Chkvd8n4e5GG55Xu1JQ4XnuKdaE9xyzkXYcZf+2VK6cFUR/kG6RmYNGzmRMUV5htUxKxAd5iT5W2+GdzdxkWWCmiELTP8XOjai0XtJGTvgQ4FS/7t50ZufKD7gBsL2hsk6wzPLf2rUtB6gN2QAYTVg/kj8M+E10NGSd7/nTAysLweAVrDfsbqHizN+wQfa0zX8RoXk5QzB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC034yhuGpziMJFlu0ea0SUgFBg9CwLUjF40NkPw0qTdNif7+wma/E04aKsKGhMbijdQVu8NeK4LH3VKzhdnkNqZCAPJmnBNFk90H6PPzHAcImCP1fUXPz2zHfUOl1IlVBHoQ==] +secure_auth_salt: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAXH/sQJDi0BERmOQOEhsubYQK5CjrdEfxXALuAsO9YP+CFcWyNrmIWlcC7ULFShwUHBMJ9AZl5Bs46B3T18Pqot60pESXc8HFo4flmLpFKUGZM1PkHjAAn1j5vQKjJTxy1oWjjSsVSLJAMlfiYim5sNBHZrcGd84nHjYN2iXMTK9O0axu4RiSetnvPXYJhNOLpnvldxc88s+IcVQUNVVfx5aewRns0Dn0jsbrMuluqeoDpGddfkmRuYZkdgkcT8W9LZfGQT0noLyu2a2wHJRxNn0Bn6DpbiZp1ERtxyfFlOL2HFMJuLcWSSkeoKMX/UIGvdSYFcbma2dkAS7IYI+rBjB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC0MKlrLluzo7KaQttfUKljgFCzXsFBXts05y9arUQok23iE7jpt9CFckigacbuf/bOh8ibUnLhol/zuNYWyMTNJfMtkf5j9wiyHgjvN2+Mjh3roDdbk9ZqSNIMsKhS5hPU7A==] +logged_in_salt: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAEkxZ7bIFliUbyAE29+n09ATQeGXsyL7wI4pz8HswEl1JCoiJCcQh1htAXXZ87YXpDgomN7FZFqDI0B/wPFlaYg9fYjL58m3oT8h9nWpPJ0p84jIoeMjGQs7CpGFr8fJZ6/6dZcWln4tDg8kjGIr+3Fdq5UP/Gu8eGhCI5qnWLxWv9uoWQw2udcv0pjHzWnwaSy3TRpjbdELkEIJ2CgKylInIj9YLAUChtiB0V5LW5JeSs6nCUMk1QRf7cRSf+Dpl7Z42wGvB/ox9vYi7WqQOpqCNiZmjzOele+XODPyYj+3As1buGM66Xpb/0oTpbhmNezAEdy91AFIGOYf5YR+DkjB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDD9Nxua4gJTY9pwwAbz5PggFCS6oM5zy2OD4YuBXGf27h5ySU+rGqgfs5fclW38ceAXyg4CqE+fyWGV7LVP5hReNqfK5woBIgUfQEVaa2MQo0Xe/uBnFT7/kEyYzuAi/FxYg==] +nonce_salt: ENC[PKCS7,MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAjoFFDNQ+MGJGJr7QHEzz9W1Nf0rPJkej7LwyseDqMia78KmhG5Ne/2JxU2oKRaTE/29po+KgXZuCyvZMwBLLKk8ACtLGFdGWNfCd5FbUZQlPtCejD6bjFeRAhY32OS0QRWxtHjophN5zJ3xpwGHGzBV3ldfq4jyIx/a3B+/WbB9FtKnTSNaHGCetllpvAl3YaRmyHvP4FjJ1oqCE7f4GZYGAG5+L5qwXA6o8zztG41Oex8hF/WBOm+3Z7xJpdXaaKPKOqFtF2u+/xOTsPdfxi/T6OJAauJkYfmyOY7iQOxrcCRc/rt2eUH1FglWkEQICgvD2dr6FyMYDxrEcM9FECzB8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD/dTYqiT9GyGjuFOUAce6WgFAQpGXfpaLjTZzO5S/GpC5a8P9JCtvOz4srmP7s+bmNoxxxqSB6xYxLxlA0krLOh/7S3wDy9g69upsO5mtZMQ/RqDa2x8f5Pvkdy8GvkWjY1Q==] diff --git a/customer/fbb-orat/dev01-orat-berlin-airport-de.pixelpark.net.yaml b/customer/fbb-orat/dev01-orat-berlin-airport-de.pixelpark.net.yaml index 26262641..029f35ef 100644 --- a/customer/fbb-orat/dev01-orat-berlin-airport-de.pixelpark.net.yaml +++ b/customer/fbb-orat/dev01-orat-berlin-airport-de.pixelpark.net.yaml @@ -1,8 +1,8 @@ --- -site::role: base site::additional_classes: - site::profile::wordpress - site::profile::mysql_server + - accounts accounts::users: thomas.bussmeyer: @@ -30,13 +30,6 @@ sudo::configs: content: | jenkins ALL=(apache) NOPASSWD: ALL -mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAfMbyvHaOKa2I8Vhlu/k1ZsuYFkP2p29VbDYFcQNBI/gFQ+fvntbktfKxZvjayruY2xZ6PDoqivLpaS7/EGLxBTeGi/Zt4Dn+msVjPQo23sp9Jv5fxHzHqvcLluMf/RgHR3ifvqsFm/IK+t2LcL21ORGYRqXG7l2LarrfZcrdd6P/lVfMyftxpwH4TCPKDUgf5M7+/J8fUO5OdKZVjzgAXiaz87yyJq4p1mHu9tZmBPw6ailYKUiV+oZaJ+cqS/ARD/Tou39EycTeqfIIXQWG7NpYxJn7PjuSfPewVreyD+08YIlhaznEXkD+4Us4mg52Asa2Nyc0XxoWhJe0GtVcADBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBACIXP1dGI+1jnC1JA6p3VugCAFHpDF3FV3/EaySmolH81jsH+RkV0+c6ijIw1Pw/4VxQ==] -mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAwPFkY6MBbkTUeYGsY4e4lvn3nXO+BHOXgN7DK0YsTrS0jMSmpbLhPl3g+KxhKlGI9Nu7Nd43aZaCaoTs+ZGxgp8b7H2JJqCSCNluEr0L/15lFyiW3J0WIgcQc9WFVrf1YTX4cs8SLLjY3w2/VdfV9Ox4P22uQwO+BWq3td60putVmS2nr3VzC4j7TWwmMYXioeIfrctH5ibGn6bOzUk+AfWLC+VbaL8bSR1/ZYC4veCMB1f6wamfgrBS+PQTYhp9wrq+JrtBkEpavArClLfa25ka2FY8FVKcfxBkUhmbEtxPtBm56EFMabvO61Mo2Z2mwLNtbR9EBXsCQWXjxgmbVjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAW06WG2rf0URSHRu6789hvgCB9tyYKOx1z8dovwB2sQgbwtpE25kK3R6+fUFysELRrEg==] -site::profile::mysql_server::databases: - orat: - user: orat - password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEADiLKvSP0MiiMXYH74V5O5Fc5cHX1M/s4sgMVyMCf3B5BnvKR3LCi5aSzszEWWYdMwbreAapje+uJSa8mNeIfro0HoeP6q55UR0Atc64aXbeHPYXSgNRg7eJId0Zl00A0RQfmmGFDHPNBtJtJv4kOYW8B/9YJdC+brhOyKffqG9txEfX8BIRh7iYR2gmkSCM3d0Yk46oADvfQfq5scAGrTIAK7LWSYecylzRfUXTa128tLryRKMa1z/0b2mrp6xcHc9DhnMmCTo7fF6AtIwP4j5tjSJY7C5RJeAZogtJjsyB+aEQH9op4HE31DJoZ/FxjrqbC/rDsCbNjjL/PJs0qhjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBZgB6ucfNorpUm4K7p5RyngCANZRgflljTHPm9sYrXkoH+SH64O31YdWVXHaeo1iOEcA==] - site::profile::wordpress::projects: orat: docroot: '/var/www/orat' @@ -53,3 +46,55 @@ site::profile::wordpress::projects: - '%%{ich-trickse}{HTTPS} !=on' rewrite_rule: - ^(.*)$ https://%%{ich-trickse}{HTTP_HOST}$1 [R=301,L] + +#orat db user password +db_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAf1uHte9Li7dFlFGS/DIWd4eBvrzTZCziWALTIv3mMq5x6Ym7vdmp8QIJNN9v/gPPnlRv9wav0iKxOo/rFfe/fv+qKgc1VXdc39wFPHO1cTvSBp/ra/5qoTfuoJsjgo97C5vrRzLqY6X4W4fjHwWdUQeKVaB0BrbexOgII0FzYPdCFKCpkbP8TKs6Yd16IUxhLC8aKW/b8VEn1TWHZ1Ulr/+6WPEdoSa5HzuWT6J9C9cKvSoqA9ZmaNmQYB4kcBjvu9g52scIaxG8AKWS5dcSK5yOiusCCeMGShxfx2qAMGHgI4ICPxvR9xes9mBiLsZdqH7ei9n+15fkBFxJvOdDkjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAR7PgSN/JuTkP2O9o9psoVgCCIhd/wB7KKeWAq7yDnqEmlMer1QdCZElj01jUz6HrOtQ==] + +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAfMbyvHaOKa2I8Vhlu/k1ZsuYFkP2p29VbDYFcQNBI/gFQ+fvntbktfKxZvjayruY2xZ6PDoqivLpaS7/EGLxBTeGi/Zt4Dn+msVjPQo23sp9Jv5fxHzHqvcLluMf/RgHR3ifvqsFm/IK+t2LcL21ORGYRqXG7l2LarrfZcrdd6P/lVfMyftxpwH4TCPKDUgf5M7+/J8fUO5OdKZVjzgAXiaz87yyJq4p1mHu9tZmBPw6ailYKUiV+oZaJ+cqS/ARD/Tou39EycTeqfIIXQWG7NpYxJn7PjuSfPewVreyD+08YIlhaznEXkD+4Us4mg52Asa2Nyc0XxoWhJe0GtVcADBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBACIXP1dGI+1jnC1JA6p3VugCAFHpDF3FV3/EaySmolH81jsH+RkV0+c6ijIw1Pw/4VxQ==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAwPFkY6MBbkTUeYGsY4e4lvn3nXO+BHOXgN7DK0YsTrS0jMSmpbLhPl3g+KxhKlGI9Nu7Nd43aZaCaoTs+ZGxgp8b7H2JJqCSCNluEr0L/15lFyiW3J0WIgcQc9WFVrf1YTX4cs8SLLjY3w2/VdfV9Ox4P22uQwO+BWq3td60putVmS2nr3VzC4j7TWwmMYXioeIfrctH5ibGn6bOzUk+AfWLC+VbaL8bSR1/ZYC4veCMB1f6wamfgrBS+PQTYhp9wrq+JrtBkEpavArClLfa25ka2FY8FVKcfxBkUhmbEtxPtBm56EFMabvO61Mo2Z2mwLNtbR9EBXsCQWXjxgmbVjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAW06WG2rf0URSHRu6789hvgCB9tyYKOx1z8dovwB2sQgbwtpE25kK3R6+fUFysELRrEg==] +site::profile::mysql_server::databases: + orat: + user: orat + password: "%{hiera('db_password')}" + +site::additional_files: + 'config': + owner: apache + group: apache + mode: '0640' + ensure: 'file' + path: '/var/www/orat/wp-config-local.php' + content: | + diff --git a/customer/fbb-orat/production.yaml b/customer/fbb-orat/production.yaml new file mode 100644 index 00000000..d07d035f --- /dev/null +++ b/customer/fbb-orat/production.yaml @@ -0,0 +1,118 @@ +--- +site::role: base +site::additional_classes: + - site::profile::wordpress + - site::profile::mysql_server + - apache::mod::remoteip + +accounts::users: + harry.teuber: + apply: true + sudo: false + jenkins: + apply: true + sudo: false + +sudo::configs: + jenkins_rights: + priority: "06" + content: | + jenkins ALL=(apache) NOPASSWD: ALL + +apache::mod::remoteip::proxy_ips: + - '192.168.165.252' + - '192.168.165.253' + +site::profile::wordpress::projects: + orat: + docroot: '/var/www/orat' + servername: www-orat-berlin-airport-de.pixelpark.net + serveraliases: + - ber.berlin-airport.de + ssl: false + access_log_format: remote_combined + setenv: + - WORDPRESS_CONTEXT Production + setenvif_non_ssl: + - 'HTTPS on HTTPS=on' + headers: + - 'always unset "X-Powered-By"' + - 'set X-Content-Type-Options: nosniff' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Frame-Options: sameorigin' + directories: + - provider: location + path: '/wp-admin/' + require: + - ip 194.174.73.33 + - ip 194.174.73.80 + - ip 194.174.76.21 + - ip 194.174.75.14 + - ip 217.66.49 + - ip 217.66.50 + - ip 217.66.51 + - ip 217.66.56 +# wird im LB gesetzt +# headers_ssl: +# - 'always set Strict-Transport-Security "max-age=31556926" + +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAD/FBzYWrgxHgSoU9h1Ty9Z9RA2orYVIfpCqoQNuiK/WQWfRYmkghCkp3P44PxMUr3Y47dO49O/J0ZO3qXwXaEl5NNRhjnLtUAse3X4OuNcZuf+iRE/s5zcib2dBHeobRGHPLuk2LzaMvb3eTtgReYj4yFCa6ScMOQpcm7O08b1NMm4fpsAOZzbBBj3CLiVQVKnhicozUlzN9q8UwSSG9Cp/BR5COKrNT6X5Cn2PuSrNfP6vmg0k9BkmfsyczOMFnPq6Voc0LtfuLcmJbRtGMvBb9yLTjzPsuaDC8RMn9xosD2srF4ZPoJIpDMsTbjgYVpkA67iLWgsYR+FmwCRhFqzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBpmmYwWmZycGp8GiwqzXuFgCApqvMK/NoXebgZezoDnnyRDq30MR0rGGBZg96rQ0FWGg==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEANKPJGla2n/pCoabtw6AOjGFghFN5w/gC8C3mtap2nWpMhjy688KmGISIjyO6B350/rJRS3U0NS1aEllhwLmxjHClm3TTm2J5XzhokypeHuiA7Efpqqu5lFWhuHPLNaelMI8OC33ifacXojweOTeylIB3CtSdTu5AxGvwWg4KAkto9nVmJ+cSKaZRcHk0MbY08pTEzhyDMBNqm1WJDvz/CXZ+FolF0mzj5u+n/W1ugRnVcxv1YJl7Ahb9Hmu5kdXBOimPGtkqyHXPnTBFnbkJc586mbVG8G/zX3QqqVEhz5DGmAp7+K7L0FNg8b/w1Gu3BpzpkkGblaq4tBlpuUYjTzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCbg97PfGMAwuKr7RHSEUsvgCCaoa6LA3gfPywAPGUetEWg/criS1z3u2GMUBR1oP6p3g==] +mysql::server::users: + 'replication@%': + password_hash: ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAqlvsh+XlldzYQ2/kXVZKe4ag67x/dfVualKocy40wtF8HW3XC26y7460itFJ7DNLqwT+Fb4flLJfzcDIqeVt/lflMxsMbFeJMj6EyFf7XDL5gRGgaTgDUqtbGkux5UKbJ8rsuQAzDLYUE/jxFOhtNy9R25n+BI1BFa8SpzI6KAOYyWmdcXChpVvpe5+d54bfyW0uknYt+hArC9EEx7e7R1J4scq/fgpdzDL8MNHDp6BIfZW0wJZsnml8Bm54LPfdKWlNx0wd3ciGMrhGER7fYi9xwfngjaIYeliw5aLVKAplOx1rWJg8JbbtE3c2PFF4xzgGHQ5pIj0+3bGQ1HiWXTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBZjrX9UyMdvfQTZp+5IZchgDCNADhTjVSVMtAQmuiyQqCtl4yAMITCDm+A3dnGIrLwBOjbTpTxjq+RPGoMKum15Hs=] +mysql::server::grants: + 'replication@%/*.*': + options: 'GRANT' + privileges: 'REPLICATION SLAVE' + table: '*.*' + user: 'replication@%' + +db_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAEFm7AsxKJilokvKc/g4mQ58NYk1rfFZW5qEXHNpayh+HtPwMCo7ENdHJl6dRDe7MhOo24wVVE3W7VNYAEFjInb9SvsxXldQG2bgYTmuAKmv90+Lr/W1cfwJyGCc/Y4muk0B5CBa5M+1pk8QS8WKf/ztonhBj4h5Zv/aY5fIPFg186NBlmlq1mNJCQHxUu1Yq0a6arVs7s7zlWRn9i2HmyoweT1KpnjBzQNXdd1WGu6AGWSUy+ViD/KueBN9ivdndIZug/E4H9VaBtmUMM6DQmcckzgs7vCp6cVWy3kaURWxqYyZDl6099ww5zFjBIiaMYE321RNowuJ6626SWc3RiDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAdR3bds3LdvUWfxAa7zmWHgCA4kmk6eIvlUjNUGp6qKu0TsR7SYB5Pvwq1UgY/Wp01Qg==] + +site::profile::mysql_server::databases: + orat: + user: orat + password: "%{hiera('db_password')}" + +site::additional_files: + 'config': + owner: apache + group: apache + mode: '0640' + ensure: 'file' + path: '/var/www/orat/wp-config-local.php' + content: | + diff --git a/customer/fbb-orat/test.yaml b/customer/fbb-orat/test.yaml index 0ffa98d0..2b0260d0 100644 --- a/customer/fbb-orat/test.yaml +++ b/customer/fbb-orat/test.yaml @@ -1,4 +1,9 @@ --- +site::role: base +site::additional_classes: + - site::profile::wordpress + - site::profile::mysql_server + - apache::mod::remoteip accounts::users: thomas.bussmeyer: @@ -26,11 +31,16 @@ sudo::configs: content: | jenkins ALL=(apache) NOPASSWD: ALL +apache::mod::remoteip::proxy_ips: + - '192.168.166.252' + - '192.168.166.253' + site::profile::wordpress::projects: orat: docroot: '/var/www/orat' servername: test-orat-berlin-airport-de.pixelpark.net ssl: false + access_log_format: remote_combined setenv: - WORDPRESS_CONTEXT Testing setenvif_non_ssl: @@ -40,6 +50,18 @@ site::profile::wordpress::projects: - 'set X-Content-Type-Options: nosniff' - 'set X-XSS-Protection: "1; mode=block"' - 'set X-Frame-Options: sameorigin' + directories: + - provider: location + path: '/wp-admin/' + require: + - ip 194.174.73.33 + - ip 194.174.73.80 + - ip 194.174.76.21 + - ip 194.174.75.14 + - ip 217.66.49 + - ip 217.66.50 + - ip 217.66.51 + - ip 217.66.56 # wird im LB gesetzt # headers_ssl: # - 'always set Strict-Transport-Security "max-age=31556926" @@ -56,7 +78,52 @@ mysql::server::grants: table: '*.*' user: 'replication@%' +#orat db user password +db_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAiNc0z209cNXv77gwKWFrMF/eee4tpvKZ+tOdWWJu4SAxX4EX6pmXbcO7hu6ens7qWQTRtPppVrfziaLICNksr40qnQSa7d2dUgW0IS4w7t2TzV+ZEgDAgrCXZ6sd2ZNq/V1Cp0m/nX98JmB4cUL40XAkNhZ35jjMHBHU2LJ63C98AU9XEIkR1+EpS0SBcH2v9LCe5zpnKdg1plXKipvHZEiu2PuU+SVjyn84qFwEIDPEKxo7PpQWGeef5OnjtBtxUxXP6xYB2saBnJ/8ZAc9NItU2EKjgexeE1MDlDEK1wriwFd65VoE1j0vw/6il7ZdVtulD7uv6o4FVtBNENebTjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAHBCL/u8tycgCXm2Ek9JDXgCDjpqGL+UscVeGmTz+L+sWNh0xy5BPWeWXThvZDGZRKiw==] + site::profile::mysql_server::databases: orat: user: orat - password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAIUwF4aBgqXmK7z7D4QtKLh8h2JoRi+o9MKo7Aipi1g4HdywCFewEOODFZA4VQgtgY0/UAkqUyTtHFC4NJRqbB8PvKQ5QKef5tUdMOoELmWR3DZZ7s7dP5jZcOU/rO0zw80z+O3NMpGjOMwV1KCJemjyumEk/7jg7l5yWiUimENnO/RG4CDEIn5CQ3DeG77LnyCuyzmSF19nzbkIw74JnWB1itl+4xiEF0OOFOXMsINAk62v39B+l6WqIqQn18ubndoxMbIbOKnN6q73QKFodaootlkC3i4P8TyKfONNhJEFHD0DHAdSRN8bwszKCcPqURRlLLRAvXHCVmiY0bL/IHDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDmyoKoZEj39pAzZ6n842p3gCBXTiIn4j31twflzZS2rXia0wJsXSM2SnvokqZ700BTSQ==] + password: "%{hiera('db_password')}" + +site::additional_files: + 'config': + owner: apache + group: apache + mode: '0640' + ensure: 'file' + path: '/var/www/orat/wp-config-local.php' + content: | + diff --git a/customer/fbb-orat/test01-orat-berlin-airport-de.pixelpark.net.yaml b/customer/fbb-orat/test01-orat-berlin-airport-de.pixelpark.net.yaml index 699af578..cbcff85a 100644 --- a/customer/fbb-orat/test01-orat-berlin-airport-de.pixelpark.net.yaml +++ b/customer/fbb-orat/test01-orat-berlin-airport-de.pixelpark.net.yaml @@ -1,9 +1,4 @@ --- -site::role: base -site::additional_classes: - - site::profile::wordpress - - site::profile::mysql_server - mysql::server::override_options: 'mysqld': server-id: '1' diff --git a/customer/fbb-orat/test02-orat-berlin-airport-de.pixelpark.net.yaml b/customer/fbb-orat/test02-orat-berlin-airport-de.pixelpark.net.yaml index b68e4bac..acfcd914 100644 --- a/customer/fbb-orat/test02-orat-berlin-airport-de.pixelpark.net.yaml +++ b/customer/fbb-orat/test02-orat-berlin-airport-de.pixelpark.net.yaml @@ -1,9 +1,4 @@ --- -site::role: base -site::additional_classes: - - site::profile::wordpress - - site::profile::mysql_server - mysql::server::override_options: 'mysqld': server-id: '2' diff --git a/customer/fbb-orat/www01-orat-berlin-airport-de.pixelpark.net.yaml b/customer/fbb-orat/www01-orat-berlin-airport-de.pixelpark.net.yaml index 4c3c2b5e..2de2e3b0 100644 --- a/customer/fbb-orat/www01-orat-berlin-airport-de.pixelpark.net.yaml +++ b/customer/fbb-orat/www01-orat-berlin-airport-de.pixelpark.net.yaml @@ -1,2 +1,10 @@ --- -site::role: base +mysql::server::override_options: + 'mysqld': + server-id: '1' + auto_increment_offset: '1' + bind-address: '192.168.165.10' + auto_increment_increment: '2' + log-bin: 'binlog' + binlog-format: 'MIXED' + binlog-ignore-db: 'performance_schema, information_schema' diff --git a/customer/fbb-orat/www02-orat-berlin-airport-de.pixelpark.net.yaml b/customer/fbb-orat/www02-orat-berlin-airport-de.pixelpark.net.yaml index 4c3c2b5e..0229b5b1 100644 --- a/customer/fbb-orat/www02-orat-berlin-airport-de.pixelpark.net.yaml +++ b/customer/fbb-orat/www02-orat-berlin-airport-de.pixelpark.net.yaml @@ -1,2 +1,10 @@ --- -site::role: base +mysql::server::override_options: + 'mysqld': + server-id: '2' + auto_increment_offset: '2' + bind-address: '192.168.165.11' + auto_increment_increment: '2' + log-bin: 'binlog' + binlog-format: 'MIXED' + binlog-ignore-db: 'performance_schema, information_schema' diff --git a/customer/fbb-web/production.yaml b/customer/fbb-web/production.yaml index 57c26e51..a74d0697 100644 --- a/customer/fbb-web/production.yaml +++ b/customer/fbb-web/production.yaml @@ -28,7 +28,7 @@ accounts::users: steffen.wiegand: apply: true sudo: false -# https://jira.pixelpark.com/jira/browse/PPPUPPET-239 +# https://jira.pixelpark.com/jira/browse/PPPUPPET-239 # service.darksite: # uid: 60186 # apply: true @@ -56,6 +56,12 @@ php::fpm::pools: user: nginx group: nginx +sudo::configs: + deploy.vogel: + priority: "06" + content: | + deploy.vogel ALL=(nginx) NOPASSWD: ALL + php::extensions: gd: {} xml: {} @@ -86,11 +92,11 @@ site::profile::nginx_php_fpm_server::upstream: site::profile::nginx_php_fpm_server::vhosts: berhub-berlin-airport-de: www_root: '/srv/www/berhub-berlin-airport-de' - index_files: + index_files: - 'index.php' - 'index.html' - 'index.htm' - server_name: + server_name: - 'www-berhub-berlin-airport-de.pixelpark.net' - 'www01-berhub-berlin-airport-de.pixelpark.net' - 'www02-berhub-berlin-airport-de.pixelpark.net' diff --git a/customer/fbb-webservice/test-webservice-berlin-airport-de.pixelpark.net.yaml b/customer/fbb-webservice/test-webservice-berlin-airport-de.pixelpark.net.yaml index fc3be129..02a204f8 100644 --- a/customer/fbb-webservice/test-webservice-berlin-airport-de.pixelpark.net.yaml +++ b/customer/fbb-webservice/test-webservice-berlin-airport-de.pixelpark.net.yaml @@ -7,6 +7,7 @@ php::extensions: gd: {} mysqlnd: {} pecl-ssh2: {} + xml: {} accounts::users: harry.teuber: @@ -67,7 +68,7 @@ site::profile::apache_php::fpm_pool: webservice: listen_owner: apache listen_group: apache - + pm_max_children: 10 unitb: listen_owner: apache listen_group: apache @@ -92,9 +93,13 @@ php::settings: # define_syslog_variables: Off PHP/include_path: '.:/opt/app/ZendFramework/library:/opt/app/web' +site::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAuhfYLZrcdMdGV61KKhTxKjG4XxK3xua1rPvWPFVLWDqwYCwQABWMUnwmqq7rw+9PBapgbiZzhNUPsh6AX5PCbx9pav9b6SWgCnt8pseBMYoFXw3eh95MolTwaa2nV14GQ/7vChV/xqsVfuFHHgM+wNiyy4jlPJ3dk5agDzkrTtle7wFiG52OJkVylCEx/K1G6SfybFiZEuRCToHSM9z6JUcpTPUhu/TjiuyLyQ2mBInSVmbWG5pH//L9ZNAc0UKXBgeWzLO3W0m88XA80hHDwA95SSUj+//ZKOgA0MBol+7bL9HCCECoY2MAk38eX+ac5nqUBGVNxXt8FPi6jBwnKTA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDcFY5OTVqjbaHKT24xh0EBgBADaxMVlFXTNFGJVCxht4/n] site::profile::apache::pp_vhosts: webservice: + port: 80 servername: test-webservice-berlin-airport-de.pixelpark.net serveraliases: - tstws.berlin-airport.de @@ -108,8 +113,45 @@ site::profile::apache::pp_vhosts: setenvif_non_ssl: - 'HTTPS on HTTPS=on' directories: - - directory_docroot: - provider: 'directory' + - provider: 'directory' + path: "/www/htdocs/tstws.berlin-airport.de" + addhandlers: + - { handler: "proxy:unix:/var/run/php5-fpm-webservice.sock|fcgi://./" , extensions: '.php' } + options: + - FollowSymLinks + allow_override: + - All + - provider: 'location' + path: '/webservices_conf' + require: 'all denied' + - provider: 'locationmatch' + path: '/webservices/(config.ini|certificates)' + require: 'all denied' + - provider: location + path: '/webservices/push' + auth_type: Digest + auth_name: 'server' + auth_digest_provider: file + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' + + webservice_ssl: + port: 81 + servername: test-webservice-berlin-airport-de.pixelpark.net + serveraliases: + - tstws.berlin-airport.de + docroot: /www/htdocs/tstws.berlin-airport.de/docs/ + ssl: false + docroot_owner: apache + docroot_group: apache + custom_fragment: 'UseCanonicalPhysicalPort On' + setenv: + - AIRLINE_DATA /www/data/fiona/app/online/docs/_airlines/index.php + - POI_CMS_EXPORT_FILE /www/data/fiona/app/online/docs/poiExport/index.php + setenvif_non_ssl: + - 'HTTPS on HTTPS=on' + directories: + - provider: 'directory' path: "/www/htdocs/tstws.berlin-airport.de" addhandlers: - { handler: "proxy:unix:/var/run/php5-fpm-webservice.sock|fcgi://./" , extensions: '.php' } @@ -117,6 +159,19 @@ site::profile::apache::pp_vhosts: - FollowSymLinks allow_override: - All + - provider: 'location' + path: '/webservices_conf' + require: 'all denied' + - provider: 'locationmatch' + path: '/webservices/(config.ini|certificates)' + require: 'all denied' + - provider: location + path: '/webservices/push' + auth_type: Digest + auth_name: 'server' + auth_digest_provider: file + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' unitb: servername: unitb-test-webservice-berlin-airport-de.pixelpark.net diff --git a/customer/fbb-webservice/webservice-berlin-airport-de.pixelpark.net.yaml b/customer/fbb-webservice/webservice-berlin-airport-de.pixelpark.net.yaml index 4c3c2b5e..b26fff4e 100644 --- a/customer/fbb-webservice/webservice-berlin-airport-de.pixelpark.net.yaml +++ b/customer/fbb-webservice/webservice-berlin-airport-de.pixelpark.net.yaml @@ -1,2 +1,121 @@ --- site::role: base +site::additional_classes: + - site::profile::apache_php + +php::extensions: + gd: {} + mysqlnd: {} + pecl-ssh2: {} + xml: {} + +sudo::configs: + jenkins_rights: + priority: "06" + content: | + jenkins ALL=(apache) NOPASSWD: ALL + +apache::default_vhost: false + +repo::remi_php: true + +php::fpm::pools: + www: + ensure: absent + +site::profile::apache_php::fpm_pool: + webservice: + listen_owner: apache + listen_group: apache + pm_max_children: 10 + +php::settings: + PHP/serialize_precision: 100 + PHP/memory_limit: 256M + PHP/post_max_size: 20M + PHP/register_globals: Off + PHP/upload_max_filesize: 4M + PHP/max_file_uploads: 50 + PHP/include_path: '.:/opt/app/ZendFramework/library:/opt/app/web' + +site::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAQkzCNaKrUkNv5Jeq7Ebr53aJX3KDt5n9kI7yy050w71v1LrpdAkkESTZeuKLLjswjcMC5ICL5wMSwn+7aj6Gcn259EECdsVZydD/VMsSHEVN3aLUrByNuM4+mFpK0Jthi0hi8zqcej5e3mdQPiT6gcfai29htoPHS23zruLnNIkmJ62tpcWaGrYp+eXVVm522jbmL/+oewNv/6YFUrYBPXdomznkC/ReGB1YG/fbz3Vt5UaWFbZ19+8YxHHMlT5nyvkGNsWhVKKeSDgacDLJ9Gr0zw/iFs1lLojEGt9HarRYWtSGt5PbhhYLxtt75OLU+BA0q/gZTbGiHvguQ2rwqjA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCIaKd8NKWcQ5fw1bElllIogBDy3gDC0xHpz9Zxv4+6nRST] + +site::profile::apache::pp_vhosts: + webservice: + port: 80 + servername: webservice-berlin-airport-de.pixelpark.net + serveraliases: + - ws.berlin-airport.de + docroot: /www/htdocs/ws.berlin-airport.de/docs/ + ssl: false + docroot_owner: apache + docroot_group: apache + setenv: + - AIRLINE_DATA /www/data/fiona/app/online/docs/_airlines/index.php + - POI_CMS_EXPORT_FILE /www/data/fiona/app/online/docs/poiExport/index.php + setenvif_non_ssl: + - 'HTTPS on HTTPS=on' + directories: + - directory_docroot: + provider: 'directory' + path: "/www/htdocs/ws.berlin-airport.de" + addhandlers: + - { handler: "proxy:unix:/var/run/php5-fpm-webservice.sock|fcgi://./" , extensions: '.php' } + options: + - FollowSymLinks + allow_override: + - All + - provider: 'location' + path: '/webservices_conf' + require: 'all denied' + - provider: 'locationmatch' + path: '/webservices/(config.ini|certificates)' + require: 'all denied' + - provider: location + path: '/webservices/push' + auth_type: Digest + auth_name: 'server' + auth_digest_provider: file + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' + + webservice_ssl: + port: 81 + servername: webservice-berlin-airport-de.pixelpark.net + serveraliases: + - ws.berlin-airport.de + docroot: /www/htdocs/ws.berlin-airport.de/docs/ + ssl: false + docroot_owner: apache + docroot_group: apache + custom_fragment: 'UseCanonicalPhysicalPort On' + setenv: + - AIRLINE_DATA /www/data/fiona/app/online/docs/_airlines/index.php + - POI_CMS_EXPORT_FILE /www/data/fiona/app/online/docs/poiExport/index.php + setenvif_non_ssl: + - 'HTTPS on HTTPS=on' + directories: + - directory_docroot: + provider: 'directory' + path: "/www/htdocs/ws.berlin-airport.de" + addhandlers: + - { handler: "proxy:unix:/var/run/php5-fpm-webservice.sock|fcgi://./" , extensions: '.php' } + options: + - FollowSymLinks + allow_override: + - All + - provider: 'location' + path: '/webservices_conf' + require: 'all denied' + - provider: 'locationmatch' + path: '/webservices/(config.ini|certificates)' + require: 'all denied' + - provider: location + path: '/webservices/push' + auth_type: Digest + auth_name: 'server' + auth_digest_provider: file + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' diff --git a/customer/fbb-werbung/common.yaml b/customer/fbb-werbung/common.yaml new file mode 100644 index 00000000..f65768ed --- /dev/null +++ b/customer/fbb-werbung/common.yaml @@ -0,0 +1,3 @@ +--- + +java::package: java-1.8.0-oraclejdk \ No newline at end of file diff --git a/customer/fbb-werbung/dev-red-werbung-berlin-airport-de.pixelpark.net.yaml b/customer/fbb-werbung/dev-red-werbung-berlin-airport-de.pixelpark.net.yaml new file mode 100644 index 00000000..54e95c8e --- /dev/null +++ b/customer/fbb-werbung/dev-red-werbung-berlin-airport-de.pixelpark.net.yaml @@ -0,0 +1,39 @@ +--- +site::role: base +site::additional_classes: + - site::profile::pg_server + - java + - site::profile::apache + +site::profile::pg_server::pgpw: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAHW+F1Q3vJWv/aCsBzVz1kV3wx06Us25l2WnIKOtED7zbePanPsnKhi+QFRnRQDSjUnPag+NQ7C6h7vq+lnx5THMuFmoN1fiqu7cpGR0uvryo6PcTeYdOEvnvfmqPrpaISBKyZeEegSug3KcTv4+08tzpBYUoL2YZJy9Q4GpFw3WquTgymxweDAvMwB6yqZ3hvec4bsC+RD+vKsSLtdgJCV+h345qVEiQPbFhwzT3tw3+whsHgkyCDOBs6yKpNWGbb/2u7EP/bqZ39ko4xleCCkUld47A8c8TWHIongLKN5iFrgDX2nRpxCOaZe00I63hcEGOOUlHzPhro5Kk70oDXjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBKIzQrX3Lcve6Vm7WCaXvegCCw7pC5cThiyprSbBtEwQVMsj5twqZRFMru6z7Rh9kshQ==] +site::profile::pg_server::version: '9.6' +site::profile::pg_server::dbs: + magnolia: + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAByHW/z4adYcpXHd9rakjkF8rHoG/WErgLan8EovhtTv3iEL33slh4DdHNlWZOX0e/UKEiNl8NKWiYDE4uHsZXbj5lB1Thx8+NSVIY6LnUVv3jia63Qd6nwvBxLh+vOCvSXmRo3U/YGtDJtZRwMIPO0LhkoljzU0bx7c9PrGOm5VStoYzDJ8KH7HTrrc/MuqLc+x2AQ6Zu9NOZ25JAn/hj0qq3Ibx795vJ9TsUc23Ukkc6bZ83IMDZlHwJffO+frPA605tw30PK1mcz3QziRVN15AQp9fPKEh0RaE9SWvMxjQmMyU+9AlRVhyK7kPsFlBYTCHMW44C6T4OwaK78/ItTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD68JdmrlBVrRAOCZ7C1uh4gCBnUvlkA4wSfhwc8lpdZyolJseyA7GmiH7nUuIPvp6NiA==] + network: 93.188.107.111/32 + + +site::profile::apache::pp_vhosts: + werbung: + docroot: /var/www/werbung + servername: dev-red-werbung-berlin-airport-de.pixelpark.net + serveraliases: + - dev-red-werbung-berlin-airport-de + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + proxy_dest: 'http://dev-red-werbung-berlin-airport-de.pixelpark.net:8080' + no_proxy_uris: + - /server-status +# - /itsmanager +# - /manager + - /error +# - /pictures +# - /css +# - /images + rewrites: + - comment: 'Alles auf https umleiten.' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - ^(.*)$ https://%%{ich-trickse}{HTTP_HOST}$1 [R=301,L] diff --git a/customer/fbb-orat/data-orat-berlin-airport-de.pixelpark.net.yaml b/customer/fbb-werbung/red-werbung-berlin-airport-de.pixelpark.net.yaml similarity index 100% rename from customer/fbb-orat/data-orat-berlin-airport-de.pixelpark.net.yaml rename to customer/fbb-werbung/red-werbung-berlin-airport-de.pixelpark.net.yaml diff --git a/customer/fbb-orat/test-data-orat-berlin-airport-de.pixelpark.net.yaml b/customer/fbb-werbung/test-red-werbung-berlin-airport-de.pixelpark.net.yaml similarity index 100% rename from customer/fbb-orat/test-data-orat-berlin-airport-de.pixelpark.net.yaml rename to customer/fbb-werbung/test-red-werbung-berlin-airport-de.pixelpark.net.yaml diff --git a/customer/mhk/rls-mhk-kueche-de.pixelpark.net.yaml b/customer/fbb-werbung/test-werbung-berlin-airport-de.pixelpark.net.yaml similarity index 100% rename from customer/mhk/rls-mhk-kueche-de.pixelpark.net.yaml rename to customer/fbb-werbung/test-werbung-berlin-airport-de.pixelpark.net.yaml diff --git a/customer/mhk/stage-mdb1-mhk-kueche-de.pixelpark.net.yaml b/customer/fbb-werbung/werbung-berlin-airport-de.pixelpark.net.yaml similarity index 100% rename from customer/mhk/stage-mdb1-mhk-kueche-de.pixelpark.net.yaml rename to customer/fbb-werbung/werbung-berlin-airport-de.pixelpark.net.yaml diff --git a/customer/fbb/production.yaml b/customer/fbb/production.yaml index 0aee7b1f..58b02792 100644 --- a/customer/fbb/production.yaml +++ b/customer/fbb/production.yaml @@ -13,7 +13,7 @@ accounts::users: groups: - "cityscope" - "web" - samir.djulanjic: + samir.djulancic: apply: true sudo: false group: "users" @@ -73,7 +73,7 @@ unitb_mobile_website::packages: pixelpark_fbb_datenpool: version: '1-46' pixelpark_fbb_hosting: - version: '1-147' + version: '1-150' pixelpark_fbb_mobilewebsite: version: '1-38' unitb_mobile_website::application_env: production diff --git a/customer/fbb/test.yaml b/customer/fbb/test.yaml index 8355d5d2..2f54f8b7 100644 --- a/customer/fbb/test.yaml +++ b/customer/fbb/test.yaml @@ -16,7 +16,7 @@ accounts::users: groups: - "cityscope" - "web" - samir.djulanjic: + samir.djulancic: apply: true sudo: false group: "users" @@ -77,10 +77,6 @@ accounts::users: apply: true sudo: false group: "users" - felix.maier: - apply: true - sudo: false - group: "users" airport_web_app::params::packagename: "pixelpark_fbb" airport_web_app::params::inifile: "/www/apps/fbb/config.ini" @@ -100,8 +96,8 @@ airport_web_app::params::config_params: - push.flyamo = false - dev.pxp = false - passbook.log_location = /www/htdocs/tstws.berlin-airport.de/logs - - passbook.store_location = /www/htdocs/tstws.berlin-airport.de/docs/app/passes - - passbook.email_to = andre.staats@publicispixelpark.de + - passbook.store_location = /www/htdocs/tstws.berlin-airport.de/docs/app/passes + - passbook.email_to = andre.staats@publicispixelpark.de - special.json_path = /www/htdocs/tstws.berlin-airport.de/docs/app/pushSpecial - special.json_file = 10_pushSpecial.json unitb_mobile_website::packages: @@ -110,7 +106,7 @@ unitb_mobile_website::packages: pixelpark_fbb_hosting: version: 'latest' pixelpark_fbb_mobilewebsite: - version: 'latest' + version: 'latest' unitb_mobile_website::application_env: testing unitb_mobile_website::provider: zypper unitb_mobile_website::docroot: '/www/htdocs/tstwsmobile.berlin-airport.de/docs' diff --git a/customer/joml/production.yaml b/customer/joml/production.yaml index b93c3176..141fd4c7 100644 --- a/customer/joml/production.yaml +++ b/customer/joml/production.yaml @@ -26,7 +26,7 @@ php::extensions: site::profile::typo3::projects: thejobofmylife: - version: '6.2.27' + version: '6.2.30' site_path: '/srv/www/thejobofmylife' db_pass: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAjkX3DcL0OKI2UbB7NDSW+EUsdTrCNB+/dvs+WobV4M/FLX5LF1DzZ0gwxhMr3n7Ar5Ja3oPt1e1sLv3x/nmNKsiTaxszaM7rDckgf4e1FCmCe9kUi0ZpSHWCV0hzrRpwlUltbTNoZ1KBR19dG07eb0/BmrhBzg4IFZWiYI2Y+PsxCsD2E03b20QTKHfCS/YXVTU5w4M4rgyaQSv5mdRK+sU5LZgvwzDS/sx1SBbsvj094GCkQi4ouh/RzfymT3Qe2gzcso74U8/kCp+cHM97RULWgMoTXNZS5bIUQPK75I0MK5WD+APUcp5dq4KVWq1FRW0HODpDYNrhjBdkuOsbWzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAFBYHaLHG9BLKrG/Pjy7LsgCBkMJX2HbLHzchcB0T7f5ywCvj5zvN9KVQd8LaSqcWtYw==] db_user: thejobofmylife diff --git a/customer/koerber/benchmark-koerber.pixelpark.net.yaml b/customer/koerber/benchmark-koerber.pixelpark.net.yaml new file mode 100644 index 00000000..375b5fe2 --- /dev/null +++ b/customer/koerber/benchmark-koerber.pixelpark.net.yaml @@ -0,0 +1,60 @@ +--- +site::role: base + +accounts::users: + sebastian.schwarz: + apply: true + group: apache + +repo::remi_php70: true +apache::default_vhost: false + +php::fpm::pools: + www: + ensure: absent + +site::additional_classes: + - site::profile::mysql_server + - site::profile::wordpress + +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEACFCAF9nJSKcyvt07objR8a63rNAoPWXjY20v1U03bEBlphrAvhjLOtkRdqpw+m+7l25Dl3vW9Zf2RPh2aYMAePQsorCfFhd/+b+dLmNLjp1OyNqpkbqa8fFMw9bfBwSRilFYYs16eVRHbRPdGFuVap6KE6i9zkyfEuvZ8jsEz7SvkhJbHRhmdc0tfZlTHaADwA/+2Ca9knT1AAypoVj1BMSclzRmTa8tX8fC5hZWqCoOl/PjwLdU5nqYXhmMDN8DldpqkmbhB+a1hxpU+9Cz9PRwgfkM62qME+GWovFvvNJKSUBjJwXKhlQabZMbSBfe1MEaTmGpvwmYnQ0EJdi8mjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBGkKJkjexxORZFJ6W1A7NygCAYRroVHhd5WDo2Kf1mESY3okHoTMlVX9hUqm9ESVfMaw==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAmomFUOfULQ6AqyhBC83fdztnDMp8Ozgs/IYyR+R5NzilZ9oQgw7IoFG8S605lGNu0txip70yYG00j5elrm2XpO53SfVN8ZzVeM+1jug7VNDL3reL0wHkUeI7TiGv7gSTG13WcluALOkxAAdopNH2jRWgpCEOc6k64JmPCygG7He+myYLW/4RzFx7X1xOPfswq1axf6Fenvo1UIp76zRUABvNNUSalACy/qnw/Q2kTJRBOjox8MpjB58yt46TwafWI9bFtVnA7LnIyIGZQj2/25upFwWgUQ8ipFgDcjvCy5dQVTPFDvYFCYolzGZS5j2BZNXskkRtdxKFyOVc3dJz+zBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAkHHiavkDauIvN1nR6ObL4gCBvK9gKQhDNItqKyMjwBofB82NyYrKE9Al59uPkvHO+Pw==] +site::profile::mysql_server::databases: + koerber: + user: koerber + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAadEgoKseYezoyT0MJcFlNtqi0dj74DvNLFBGVjXXH8XsWtsnVJ5TpBrZ1Rulqp4LdFXbd5IZSGC/6JugFkvgqyvzcQ6BE9aBPNJi6g6EbmO4QXsS2+nqmcc27DbwdHk/F9ypaKwCHOgTdGxqfuYm2LQUhTb5T9tUviW4GtaYX64heDkNbFG55IRkbiUtxJfqxzU/NtwWnh7XNz09t1rVGlrpHOwfFCR0qm3sQ0pSn8SWR2MU2mQJ/vm8xENC6tYDBnVIRX762VKrogm/bVseoJ16HHsRNuSwNxnfQPn/OZA/DEHyocb9Afu1/sdS7J58GG7WDGuBHG5BfADTmrvFlDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAUi37Tpqv6+dRJxWN7y+cDgCBpVXNxnRTjiILB9L4GvzFgvhyVmqCmHqfDbwbRxP9mVw==] + +site::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAMSngUaOEquuquBM64JyXehogg5Kkg1ntJcjPN7HdxtZvSoVrLpjknzc9LewuJhAoP7qU0f5vq5xCQdggPuhYOnQOoPStGNk9YMKibcJIapsIjlFjtIPzNgCECE4ziW6U6A+nwsWbQjAGDieF2QkgHmddoAWH3pB8SfFPkmlyhWSKt5OvlZqD/uEMSo+fO8s1QLClG8Uo3WEBQHQ49TwX64LDWulUa+xgfX8PBVQaMGZ9Ao6Kbg/0vk9CbfNAst8Hl90/+XGMx5FsWyM5FsRTj7Wqq8T8q27QcKj00X49im+KaGX83TqCabEJNj40OKxcOJ1PrEW4HhDzZJyUqRCRIDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBqTL1kOL7lOrL0G0HH2Z1ygBAEwLrKbLGIIvovUEBXf6w/] + server2: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEADpkxvrNgwVbz/oTqGcuhHknkX57MJBnKPM/YPuxXMVuKEiOLdB0PWLMu5i5aYymQEKJOuLIEcX7rePHvxbRzSaKCvrDVMcI0R9Q2c5ILHlG9FTmohBQQrzg074h+1iwOGaYNf80RVJWidORSy1SBEZJQBVenxA0VbMNSkbda4O2zYNGDhzGLR9QlqcxDACBkvEpdUV3JGzHdzfXHY0sCNPJA453peD2hqIWI3f2M+zkoJyrH2qppu34y2HcWnuOHoOefNFLBU8Gij8ZciKTdqyIaSs+yzyAW1/TiAQQWjyn3yuPWdLzHFw1vFqwkTeygkR7cfFauU41lZQZKsXWp8TA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC4Ia5YBmqiwNPIe1qNzPZvgBAsRpgGwmEXkDSWRu3fROnX] + +site::profile::wordpress::projects: + koerber: + docroot: '/var/www/koerber' + servername: benchmark-koerber.pixelpark.net + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + directories: + - provider: location + path: '/' + auth_type: Digest + auth_name: server + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' + require: + - local + - provider: location + path: '/wp-admin' + auth_type: Digest + auth_name: server2 + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' + require: + - local diff --git a/customer/lekkerland/dev-lekker-01-hy01.pixelpark.net.yaml b/customer/lekkerland/dev-lekker-01-hy01.pixelpark.net.yaml deleted file mode 100644 index 7de21ad0..00000000 --- a/customer/lekkerland/dev-lekker-01-hy01.pixelpark.net.yaml +++ /dev/null @@ -1,54 +0,0 @@ ---- -site::role: base -site::additional_classes: - - site::profile::apache - -accounts::users: - detlef.gaisser: - apply: true - sudo: true - group: apache - gunnar.hofmann: - apply: true - sudo: true - group: apache - tarik.lahmoumi: - apply: true - sudo: true - group: apache - -apache::default_vhost: false - - -site::profile::apache::htdigest: - lekkerland: - www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEABQYX2lo83Ao4KLwCX8qhK8KWHe8iXj2cq3sh/vmM5dLAnXA02eXZKZjgzU4+VbQuSdtHuwReSGbOTvKCJTEo5L49T6I0oeLh3wVfbZlj4l8uY5MsMkLVdvo3yI8cXT4C6RK5sDiGqiWc2s+3SfO4k7sqPj/VUPoeRO4EgDI+Gl2SmR3lhQCPEUtWLntOXycCJokA1XibYmbhdHrHbgYW7o5Adm/1ue7XXBNfT7GOZRHNFRhd15kdH8BZxnz9PS3D5ebkqI3dB78/INDS/jsjfL8l52QRYeGH2lYNx5LiHcfgjSEAwHSJhn9GWN9qijQNo9CklIeIr9Muql7G+lN91jA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBADqkBw16My3cMm6iM13Z5sgBCTThj7RMJXmVcT3frqgfOW] -site::profile::apache::pp_vhosts: - lekkerland: - docroot: /var/www/lekkerland - servername: dev-lekker-01-hy01.pixelpark.net - ssl: true - ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' - ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - docroot_owner: apache - docroot_group: root - docroot_mode: '0755' - directories: - - directory_root: - provider: directory - path: '/var/www/lekkerland' - options: - - FollowSymLinks - - MultiViews - allow_override: - - All - - location_root: - provider: location - path: '/' - auth_type: Digest - auth_name: lekkerland - auth_digest_provider: file - auth_digest_algorithm: MD5 - auth_user_file: '/etc/httpd/htdigest' - auth_require: 'valid-user' \ No newline at end of file diff --git a/customer/lekkerland/dev-lekker-02-hy01.pixelpark.net.yaml b/customer/lekkerland/dev-lekker-02-hy01.pixelpark.net.yaml deleted file mode 100644 index a96b0e17..00000000 --- a/customer/lekkerland/dev-lekker-02-hy01.pixelpark.net.yaml +++ /dev/null @@ -1,54 +0,0 @@ ---- -site::role: base -site::additional_classes: - - site::profile::apache - -accounts::users: - detlef.gaisser: - apply: true - sudo: true - group: apache - gunnar.hofmann: - apply: true - sudo: true - group: apache - tarik.lahmoumi: - apply: true - sudo: true - group: apache - -apache::default_vhost: false - - -site::profile::apache::htdigest: - lekkerland: - www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAIlfBZHZ1hn75vUjJswWe/YIpXH3BJ5bjWOweWqnaBM44LGjx39GQM0vJ60NIye1LXVy+0byUHkoiAfd9Fj1/HYqYUOdGGEhfAzmyFYUm3e9o8PE+oAIfWCxTymr6+kOTNMmniJyphG+VzViC9ndM+gSgPyO8XtC7Gmlbq5jHLOH7cDcMnHUsxBQNbAiemafWW1yV1qJ562979FsaqiHqzXjWXNBox8XNsPy3Xi7scWLRSXMtasrm/h2fqYYi/CsiXOY0zK2gBujKxUqVx8ZgSLhjTbeVXD7Gf1aYl30PaLqJF6qEH8V4yrtTACIqGtVEVfI7VIX0VaE9qNrm12mdRDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAIy5BCTi0hrtfOeanLvKxOgBBfZ2pkIJ5Wah8OdJCd0A5U] -site::profile::apache::pp_vhosts: - lekkerland: - docroot: /var/www/lekkerland - servername: dev-lekker-02-hy01.pixelpark.net - ssl: true - ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' - ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - docroot_owner: apache - docroot_group: root - docroot_mode: '0755' - directories: - - directory_root: - provider: directory - path: '/var/www/lekkerland' - options: - - FollowSymLinks - - MultiViews - allow_override: - - All - - location_root: - provider: location - path: '/' - auth_type: Digest - auth_name: lekkerland - auth_digest_provider: file - auth_digest_algorithm: MD5 - auth_user_file: '/etc/httpd/htdigest' - auth_require: 'valid-user' \ No newline at end of file diff --git a/customer/mbvd-cdb/common.yaml b/customer/mbvd-cdb/common.yaml new file mode 100644 index 00000000..332e3da1 --- /dev/null +++ b/customer/mbvd-cdb/common.yaml @@ -0,0 +1,46 @@ +--- +site::role: base +site::additional_classes: + - site::profile::ruby_passenger + - site::profile::mysql_server + - git + +site::additional_packages: + ImageMagick: {} + +accounts::users: + jenkins: + apply: true + group: "apache" + deploy.hamburg: + uid: 60201 + shell: "bash" + apply: true + sudo: true + sudo_cmds: + - CHOWNCDB + keys: + sten.friedrich: + key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQDdaOjZvSaf/wtaS5F8bu4+gIUXha2DiRBZo2pLx79N5fUkBK1mha8IHfQ40iRJwQzr1cKRswEi3Qo8pGYOzNoPs9ugw+r07eMrwLGoNGIFTCv0SaukmtwM+9S1z7hxyy21TztQCAcmgKN4l8jvMKFKb/3Qm+UkroHAf5B+VhlGL/IZXnuSXlTHgKcnS2HtbXlzWRkWHgyjwxT6UmSO31Eyg1SRJ9mFdxwjZo5lyzbBP/gqAQqzxoZX7U4Ty2loO6hqNusf25Byn2qK3x+dQGZ9g/t1luW2oTFavWwY0PR/djyL1ndlgZ69jCAY3YYvHRvoD91gJjHA582hVg4IkCHx" + sandra.streimelweger: + key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQCx1a+GIaWp4/O1puvX9gYt5EMZcqNLyoxSU5sYNrIpuUYZ4mit2eVtsTbuE+gymXZ570v09sTI667p7I/cyoZ8HHsZ9x8yjDEDidKuRD7Sq+aqIdCcH3HLBZdEES8FvqyrcQNLbe4nPdqSrWievoR8VH6/wy7nhVb0A/UGID2XkZLVFJjlAfU22CxuererrCBASJo31ZkW/ScE1Lii2nBvs7PxL9+hyDnyP7fsVV/2fcy85c2reP3YO2jOTeVGnATPUNaL9KbonhxHr+SEWSvsE4tUlumxcqLa8wd/YQqrm0sO0GdqPEIfiUmhj24AltIxwmv/KnC8HODr7SQMyEsH" + christian.melsa: + key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQC75zCFdjIkjdRV+1FuD9nO9a9UNAl0mnsMXLdHjC4U56+FUMPEcCIfn9AuV392fP/o0XXW5kevz7eyjuUitGLRCSsArxJ6G2wacm5KGf37k3Qmigts3CKG7t7kk1496z0Fq6UNfHQaQGCdhtAyt/eT0kthcU+x0p+pXAN6A+jId6EcEjtkp+CwaiqwU6sEYazJqDNmSeo2eYxN+ZN0xtLnopFYV4LCn378v+btdBFj3KY+qhYyOVqady6ZuVHqnKya03Xug+K80uaBlehTHD0dGbjFVLEKGsJqOyJZSgkZATfgcfUCQkWy+hy4wfC165k2FQx0A1+7BrNiPt7fQ6cH" + tim.schroeder: + key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQDIOt8MfbBxLSVZMrvWY3Yq24VMPbvx7I65Sdh8zqX2+QyJWv9vl9A6JMeXZbl20lXEmo0+q2HxxS/ZLq4v6ZyCdNCVIidTsYMo+w08+/QscWLwAv/rCMCdUOJnwpCAzr1DFMYJxRAEvy4AKppvsoYZ3KZkzKnmXbrN1267T+uKCyLhB/n+6rFVNc2Yso0OsUivg/Hcb2SWy9SUCpN85kubuQvLh4g8WmRGTB8CQtwYTA269KETZ86/gEErf8y2Sc9MwYEe91JW9hhnSVUKBDkEfxdU3Ctn3K5JHB49jq67spx1I0HDlB+M+u5TcIaU5gsPpgagY5NCIKGWgCmzANlZ" + jenkins: + key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQCcA9sDPUizm9LRPYsSQSkkXRlGfhkZcCeQ8XDTbvHLjLlQdJznx3ezpxtmIgKLzMb3Hd3YNB+CAjD//iIDgJkwxNU2qGjm4vJT0WjQ2dwbPyVgN+Ik1nBhqWC2gD5UnDIVULYP5WUkgPPP1if64Q5fnfD9aTkUNOYJ4u9Th7As97e48S+/Z8vqw9EDcr3ZC+OzU7ezU65SHH4mpC1MvLW4EG0DU+omYDuMBusRA9SPx9uAebmoVVqZ23YmK5h9gh8Nc/Av5r6yfYKtkFt6CliGc7qZj56ONfHnP79CgVIlJ5NIHU2s27tTJmoDOHOkJZ11TuQp4HbuMAUAWHi6Aie7" + comment: "Deployuser Hamburg" + group: cdb + groups: apache + +sudo::configs: + cmd_alias: + priority: "05" + content: | + Cmnd_Alias CHOWNCDB = /bin/chown -R cdb\:cdb /var/www/cdb + becomeApache: + priority: "06" + content: | + deploy.hamburg ALL=(apache) NOPASSWD: ALL + deploy.hamburg ALL=(cdb) NOPASSWD: ALL diff --git a/customer/mbvd-cdb/stage-web-club-der-besten2-com.pixelpark.net.yaml b/customer/mbvd-cdb/stage-web-club-der-besten2-com.pixelpark.net.yaml new file mode 100644 index 00000000..f5132697 --- /dev/null +++ b/customer/mbvd-cdb/stage-web-club-der-besten2-com.pixelpark.net.yaml @@ -0,0 +1,42 @@ +--- +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAsCOAjsCbr17oQtw8KccSAL2DMFdsvyFv6VK8VqgBH/7rH0j8jXNZMhlkYMu04lfgmXu3MdAPFgWzQatqZaTdJWMFHJp0n4hoYeGnzSj6ssvuVb369YMV32KsMPxVs0zDjIqcFiGr/BY5b00klI7mD9P9Y11rAccoMUZXkCxJxjBKMPjrtQoc8acV5FF4r/HUW31m+HDi5VUBfdeIr1OzKlgYHWgV0IiRDAq+kKIoYr2p7iNTRl39AqM47SS5naV0GFiCzgseOokcL/e8+S+6AxcrNMzni2iFmYxD2CQOMrmws3l2HnFkirFMWESmb+CPQ3PiuoSF0mfEeP2WpazPIjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC4cBcJrBxt419zeucfkjVcgCB8Mz+9B6CNE6t7rS8BX9IKD/H5nfi5Z7/qmUdRtBqifg==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAMwUzXOD7HR7lUcAxd4zH8QHOQ8iLPDflwAkMeygOOxKR3natqsiqndsTQFJNP8D49WkvqRzq257CmTVDZe4z0dNfE3XP2LU+zuDdiAO4z9zNB7RYKg+E9rqQlcooFWIZNqeazJQNMZNW/rS0bY/s3MBcXWBSafJklp3jN4lFiIibaI9/t/cmhZAZOzlPKOMN5ALU2bShWHg4acseLtLmwSyME96P9uxSaT7+yMQKHXQzjtFojF9Yw0n0Eb01jeF3kAynff7XlL78RYg21sRjHSRmvJsMRB3kGxomIseQOc+3jycT2/DSBwDmtfULjvhyUUWfJDapiuRgD3iQGdqqyDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBJsYgP/Ima87o0PyhREVCwgCAJ+ZvlmN911ZEJt692N5DTEcTAH+wShIXvcES9K17fYQ==] +site::profile::mysql_server::databases: + cdb: + user: cdb + password: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAF0WztKk0oUICLT0mVQ0HyaKtQduOZ9302r6JDqrQUBFaU2V/GJ+9/rzFjbFNj0PIsO42OpwYbgb1Q5u8v4m/cwe3aJapjH+ai8dvR+Ro52eD8Yknud5HMReu+Q9qJ4n4hZCKf8R7LzAT1KcLBSLs8NBr5LpxTK0EATAtgMnqleGL6heJP83IAZ9aTYvT+TZoFRd7ryWs2Z2maf/3Z89l1AIYfBVJv92ikkCIBuxlkQAfwCGDKOFLW/9vahynGgszoUEkm6rKa8EpxekhzNSU9bgusbX67JTU5M/ssV7/Ha0fb1Emjp8CdoylRYA3QR3jLk7roPUsjB0Pe/6R/xtAHjA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCVNeLg8hFj3EDYtt8Ec2uygBCSwYQr1U8lhhESwDmXiwnd] + +site::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAAOO6VciSgihZ9tvDVZdybyNXg9TasqqP4X4NaDdLY7J/fl4UH3OlpX5hM5L60tuLHRO9m7qf0RwFti2dpc+53V/YwIqlchNJxZENSrXJM2IBrbTnkBxaSqMxUj8LX8NfLxcdl411rU8OuGOZjFj+GyWEKA6Cs0BczSO0gBpwpz/SNNayrjEdgMKr3C1dfbRzTihhsurY6HILrh6h9onzyLKpjWByETBJGYg2VPGBGIFDApAz8LMLvpz9a232WT0R83y8I+v1t3E5XjJOz2msvbroL+tGKLUmWsA4IhokydtEEmxySqqZHdpuCPGqC2qcVoeUljfcL7YitR95ZglNOzA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBB3qA2fZeP0gtzMh8SKhgUsgBCpu/4Rwl/hU6p2MOwMN3/y] + +site::profile::ruby_passenger::projects: + cdb: + servername: stage-web-club-der-besten2-com.pixelpark.net + serveraliases: + - stage-club-der-besten2-com.pixelpark.net + # es werden LB und WAF verwendet - SSL Certs liegen im Loadbalancer + ssl: false + passenger_user: cdb + passenger_app_env: stage + approot: /var/www/cdb + approot_owner: apache + ruby_version: 'ruby-2.2.5' + directories: + - directory_root: + provider: directory + path: '/var/www/cdb/public' + options: + - FollowSymLinks + - MultiViews + allow_override: + - All + - location1: + provider: location + path: '/' + auth_type: Digest + auth_name: server + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' diff --git a/customer/mbvd-cdb/web-club-der-besten2-com.pixelpark.net.yaml b/customer/mbvd-cdb/web-club-der-besten2-com.pixelpark.net.yaml new file mode 100644 index 00000000..c224801e --- /dev/null +++ b/customer/mbvd-cdb/web-club-der-besten2-com.pixelpark.net.yaml @@ -0,0 +1,47 @@ +--- +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAeIwCvmEM2wTeLwus1NALuziWdvLOocGZoEpGLcBYgia2G1Ije0Q4mEe5wZye48P2BNt6D+v/v/2pWmUAs1r3K+GgQjMIvsDDW4HGYhVZ/FZrwoBD+IulLlhOIsI2IaODomeUzw12WecrebFV64flSeZTASyCLj6pIw32SXfOiAthcXv5lqKp8TimJNIixAyP74yLytjtL7KtAIwWBJw4/JGGbU4zN3QfhTIB7aA/h9XTgi6kn35LdmWIb8smkIpXp79HyeecO3mKyfGRMXr4YGaCnMSrQkJy78kjODGdkyT4TJy3wR+K2NcJ0CpYuHTz0d7Ajd46zN4b92DYb+zUnTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBNW86kNa0OnUkQrOtmIXfOgCAFcETgU7V5vY3RUEyQtaysVAJUDhIuEVWXdhQf+EiwwA==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAgmwCLQ5Afx4nfFbs0iRvzyIbzurkY6Bce+GHyWFlc+KlnyJc1pJrva1Mbw3mhXmAhxjlXLsnQ+jM9OMlP6A3qmqVe8jPWRDIye+BpEsqUWriSE+QfQHKBEb+859yE+NkSve8JHTf+i6OBy4e2vtvJRpH6I7775mMxsP5mFKYpN8UI978V02b2/cdmNaEx0AcdDfeivIvzVZ7prjJwFcrZToNewFZC+pRpg27EayZ1NYY6L1PWqpA/CFYVlIkNkVOunhmBVNO+BhTPChr6XPitqxrEwCx1eQLQmoFRNM6/kEw1Xwj0+YOu0mXnBIb6LRBbfzFRnxHffCsD8al6bnHhTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBApJGL8G5MURU2R/FYJBlfkgCAREV5cYUSrU1YA5FWlYNySlOTLs95X7wyqWKirHS2kUw==] +site::profile::mysql_server::databases: + cdb: + user: cdb + password: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAqrGbHKRrxrhTgWM4zTD5uSlLoZJw1NaP0aBbY4gGTdQ89cz3Dt/bNNDhIv4e9YENkIM/6H6951/yQ53EnFsg9qgYX3UeO9EuEnrDsr/+BIqIzr57n5crbjYLgTJoV84pE8/LHUR8qcK9tqYMnZycMHdhTUx+Sz/ZHP3Ti7rbQ5JIvCnBdx8dJT28i+h8bVCpiLgk+5/p8EBMoPOUD7w87rbHVxthWetUiAatCpyIpXNeMid2/mowGBSCuOMb8jXubPrTrnB+5+rUWr9ZHphAJwAQ2mr5WdmIRjwHq24ulmv5OtVfly+Zn6oFXWV+p5WaKfiLz8RA7jAWpxPhe5ZacDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAigb3i1PIp59nM+oZEoDDmgBBdmbj7SsTBIYL7u7bejW/x] + +site::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEArsW3TMDVS78CNVoJPh/byBZ4EziAqdqVcDEdectqAZTT48sGVqRYxrqHEauIzQI6WlFFF5voynpfQQTEZ8qgr3wquEzYhKZ1aJFqRBFzm0ZWQL9j2hJLU+5R9zYTjml6KsrroWhTBis19mQRBie5CxYAG+b/pnMTeAnXVqz6izR1VAeYI+l2WXGVOFLoVXJgmJcvRcXRRh24ML8gmUa85XJ8C5GPrSjaaSFYwGb3zFsCwMVzDYdTVF2iabOZcVRGg9nZQfsZAjB7S9X6UTVIS3zTRw6tFPumGX99EHn7AC3aBchvK6/+CMMCWgNLOOVrSvQnD1wxjP9IbYQeSFoNTjA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCEqReCO5MIH+WGvfEyeVJwgBBzqkKX9Fj2wzboJ8PkMGGO] + +site::profile::ruby_passenger::projects: + cdb: + servername: www.club-der-besten.com + serveraliases: + - club-der-besten.com + - club-der-besten2-com.pixelpark.net + - web-club-der-besten2-com.pixelpark.net + # es werden LB und WAF verwendet - SSL Certs liegen im Loadbalancer + ssl: false + passenger_user: cdb + passenger_app_env: live + approot: /var/www/cdb + approot_owner: apache + ruby_version: 'ruby-2.2.5' + directories: + - directory_root: + provider: directory + path: '/var/www/cdb/public' + options: + - FollowSymLinks + - MultiViews + allow_override: + - All + - location1: + provider: location + path: '/' + auth_type: Digest + auth_name: server + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' + - certcenter: + provider: location + path: '/c3hg7s4d.htm' diff --git a/customer/mbvd-faststart/faststart-mercedes-benz-com.pixelpark.net.yaml b/customer/mbvd-faststart/faststart-mercedes-benz-com.pixelpark.net.yaml index 56a5bc3b..6efccc5a 100644 --- a/customer/mbvd-faststart/faststart-mercedes-benz-com.pixelpark.net.yaml +++ b/customer/mbvd-faststart/faststart-mercedes-benz-com.pixelpark.net.yaml @@ -32,12 +32,3 @@ site::profile::ruby_passenger::projects: - MultiViews allow_override: - All - - location1: - provider: location - path: '/' - auth_type: Digest - auth_name: server - auth_digest_provider: file - auth_digest_algorithm: MD5 - auth_user_file: '/etc/httpd/htdigest' - auth_require: 'valid-user' diff --git a/customer/mbvd-growup/common.yaml b/customer/mbvd-growup/common.yaml new file mode 100644 index 00000000..b5beea7b --- /dev/null +++ b/customer/mbvd-growup/common.yaml @@ -0,0 +1,48 @@ +--- +site::role: base +site::additional_classes: + - site::profile::ruby_passenger + - site::profile::mysql_server + - git + +site::additional_packages: + ImageMagick: {} + +accounts::users: + jenkins: + apply: true + group: "apache" + deploy.hamburg: + uid: 60201 + shell: "bash" + apply: true + sudo: true + sudo_cmds: + - CHOWNGROWUP + keys: + sten.friedrich: + key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQDdaOjZvSaf/wtaS5F8bu4+gIUXha2DiRBZo2pLx79N5fUkBK1mha8IHfQ40iRJwQzr1cKRswEi3Qo8pGYOzNoPs9ugw+r07eMrwLGoNGIFTCv0SaukmtwM+9S1z7hxyy21TztQCAcmgKN4l8jvMKFKb/3Qm+UkroHAf5B+VhlGL/IZXnuSXlTHgKcnS2HtbXlzWRkWHgyjwxT6UmSO31Eyg1SRJ9mFdxwjZo5lyzbBP/gqAQqzxoZX7U4Ty2loO6hqNusf25Byn2qK3x+dQGZ9g/t1luW2oTFavWwY0PR/djyL1ndlgZ69jCAY3YYvHRvoD91gJjHA582hVg4IkCHx" + sandra.streimelweger: + key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQCx1a+GIaWp4/O1puvX9gYt5EMZcqNLyoxSU5sYNrIpuUYZ4mit2eVtsTbuE+gymXZ570v09sTI667p7I/cyoZ8HHsZ9x8yjDEDidKuRD7Sq+aqIdCcH3HLBZdEES8FvqyrcQNLbe4nPdqSrWievoR8VH6/wy7nhVb0A/UGID2XkZLVFJjlAfU22CxuererrCBASJo31ZkW/ScE1Lii2nBvs7PxL9+hyDnyP7fsVV/2fcy85c2reP3YO2jOTeVGnATPUNaL9KbonhxHr+SEWSvsE4tUlumxcqLa8wd/YQqrm0sO0GdqPEIfiUmhj24AltIxwmv/KnC8HODr7SQMyEsH" + christian.melsa: + key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQC75zCFdjIkjdRV+1FuD9nO9a9UNAl0mnsMXLdHjC4U56+FUMPEcCIfn9AuV392fP/o0XXW5kevz7eyjuUitGLRCSsArxJ6G2wacm5KGf37k3Qmigts3CKG7t7kk1496z0Fq6UNfHQaQGCdhtAyt/eT0kthcU+x0p+pXAN6A+jId6EcEjtkp+CwaiqwU6sEYazJqDNmSeo2eYxN+ZN0xtLnopFYV4LCn378v+btdBFj3KY+qhYyOVqady6ZuVHqnKya03Xug+K80uaBlehTHD0dGbjFVLEKGsJqOyJZSgkZATfgcfUCQkWy+hy4wfC165k2FQx0A1+7BrNiPt7fQ6cH" + tim.schroeder: + key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQDIOt8MfbBxLSVZMrvWY3Yq24VMPbvx7I65Sdh8zqX2+QyJWv9vl9A6JMeXZbl20lXEmo0+q2HxxS/ZLq4v6ZyCdNCVIidTsYMo+w08+/QscWLwAv/rCMCdUOJnwpCAzr1DFMYJxRAEvy4AKppvsoYZ3KZkzKnmXbrN1267T+uKCyLhB/n+6rFVNc2Yso0OsUivg/Hcb2SWy9SUCpN85kubuQvLh4g8WmRGTB8CQtwYTA269KETZ86/gEErf8y2Sc9MwYEe91JW9hhnSVUKBDkEfxdU3Ctn3K5JHB49jq67spx1I0HDlB+M+u5TcIaU5gsPpgagY5NCIKGWgCmzANlZ" + sidney.jansen: + key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQDEr3bnmo47iQIMvpdFN6khFPBTItqapoy1L+Cj9XHXkkuOesuGNDw56AEomzgpRn+3GqXNENWgTd4nwUGCCbQLc4H2Uk3XXOk5oDZYpCOFSJ3T6uS6s7+kEky+68ocWjcI5oV+0g9dSDt5fpS13LDxnPNfmBYwJzfOjrtXddITVehjQf9Utft2M057VJ9cQNEjpAMehIsbqhWR2yuDUraVpc/wSOBjr52A88gfloO4U3JMKPsTu/vnTvJyG45UalhTScavB+6Y662uesi4XSjmv+ZUUnMToSh4jJU0Wh5QqVxz0Mqhj6w5SOqNSk5p97JJn14RvsbxiiEv0ZDvFVBn" + jenkins: + key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQCcA9sDPUizm9LRPYsSQSkkXRlGfhkZcCeQ8XDTbvHLjLlQdJznx3ezpxtmIgKLzMb3Hd3YNB+CAjD//iIDgJkwxNU2qGjm4vJT0WjQ2dwbPyVgN+Ik1nBhqWC2gD5UnDIVULYP5WUkgPPP1if64Q5fnfD9aTkUNOYJ4u9Th7As97e48S+/Z8vqw9EDcr3ZC+OzU7ezU65SHH4mpC1MvLW4EG0DU+omYDuMBusRA9SPx9uAebmoVVqZ23YmK5h9gh8Nc/Av5r6yfYKtkFt6CliGc7qZj56ONfHnP79CgVIlJ5NIHU2s27tTJmoDOHOkJZ11TuQp4HbuMAUAWHi6Aie7" + comment: "Deployuser Hamburg" + group: growup + groups: apache + +sudo::configs: + cmd_alias: + priority: "05" + content: | + Cmnd_Alias CHOWNGROWUP = /bin/chown -R growup\:growup /var/www/growup + becomeApache: + priority: "06" + content: | + deploy.hamburg ALL=(apache) NOPASSWD: ALL + deploy.hamburg ALL=(growup) NOPASSWD: ALL diff --git a/customer/mbvd-growup/stage-web-cc-growup-dialog.pixelpark.net.yaml b/customer/mbvd-growup/stage-web-cc-growup-dialog.pixelpark.net.yaml new file mode 100644 index 00000000..4583ad5e --- /dev/null +++ b/customer/mbvd-growup/stage-web-cc-growup-dialog.pixelpark.net.yaml @@ -0,0 +1,33 @@ +--- +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAedQu0HCr55T0xPGe/akPJmM025+sPRXhat4Ucj7T7oPFtRyJQ8/KKZOPMAdW3C3nWBUoG+q2VeJsM4WMmvdHYpg9DAXzyWL62yn37V5rIQJg12/O+ajPcsXA6B1a6ycrZf3cg9LU1viJGIBEDCqigx4eIucJis5MeD+sIBZRdipt+Y8fik27eomfBglTLDYei4xo6v6W/sTju67ZwSkbtpVBHsx4iBqUSmXmzNAMKqJjcFYieiOOrCprqxeQd2y0NRkfGwK0jgJWeITKaznPt+AWlBvjU2MsLSE52OCGq6R2kjB8++B/teYinsYX33FC3JZYAUjs5hGUC59OP39yQzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBB/uOXJjOmI+T51CYW8i0QagCBYi4kc9vLrixOHc2BEyuiCbE1u6TGkQ+lKN3w/F+ETpg==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAZf7dtSqh/ssKhidLVmUQtithFW7oQky6asoku31+0LP7BEKMrwHDoLQwyZRZpTtjqXAphoLJkMl+HAkdHPygDqkQdJx4LRC5EinZ6pdgxiTb5YRypZc1KmlZaTdSfOjMRQiYZWv3epMnmVi9TvUQb2jNzLBL9I/j3JyLYE/fNclbMT0p30NJJsTTyGLeZoXvxpmosTdWa838XBkv8vF86XIFaFfL8nSx9A/bKpqZjyQxHbIEf2Fkw+qzEfRdW1iLj9OnFgl+VM3FKux8HEAZZuKbD3FvpyquifgMDq1CVcBmMHhJo0hySKBZhTBJdXNfwqoOrmNweAD4z6nM/rLqijBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAklMPVU4wtEmg/QEnGIOA2gCDHJ47uoNDwa0ie8Q3NPwxwLftkMSdOaTTFe0rseFMrLQ==] +site::profile::mysql_server::databases: + growup: + user: growup + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAeVLzFA7rW5rapcEU21naW6bUZ/wodoZpxKvNsO3y9A4FYUFZ39rGQb1MYb5nkMDbx1i5vsRihE7cUhjoID3ZsAQaa1sOH/T1LXz9jH5unxPzXkW4DHMMWX4SaBg7iHSUk/j++xbaytfJA1TZQA6c6jlXva+bb0/pXuM4h/xt/M8T8qL5m38ORvRm8+f4yyLA9/+nx6KItFTaJmEx99vWjd/Q8x8rIZAuXI4JcUyLtmVxTX8mJpR7ZvAFJA+20EZODZWGV1vWO+mw/lnTNBGyKE5mX+mfxGaPSZ7pbBB/Z7zrYdKSHDv1SiqO89f20C5ztTGnP5g2ZSoiozf5cGiZAzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDI5ucTyHcfwYq3ZM1snZBlgCDrFrMHrBkDXRx+N5h/+5E1rtNrodGUiFnlRG1mcXVCxg==] + +site::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEATlR3LD2UPTkktjgX2ssYu8xzUb06eJTAtMTSoBVYp1EBkdQEXnZLya6LO8Ql+h1/3Fo/i2z5XFTf5Tqjq9VxS044OtfBMz3vJP4vXe8nmFQvmix9xTTOp3AQsMVRVqBMqNHYQUe4dpA7ZazVDRYhvY19PJ2iGp76trlpZcFBCMvogze00NUCDBm9MXlMvUvpZjnoL+818ZO4PI/uySL0pwVrwhhsRNWXkk/tpfJ6E4uzVc1XUDGEsgcR1n/lOCD/TcvvswVvHSDT4KgCqsQ4a6jWeEjw4Ng0GfYVZUB0dR25F7/XfPLUB4EjN8QSV95RtpmOjUgEXOJJwuvl/I0k/TA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAhxtvUjg3wo1X9Sa1lT3zVgBBOh3+rblAHCJPP+nrIT8ac] + +site::profile::ruby_passenger::projects: + growup: + servername: stage-web-cc-growup-dialog.pixelpark.net + serveraliases: + - specials.mercedes-benz.de + # es werden LB und WAF verwendet - SSL Certs liegen im Loadbalancer + ssl: false + passenger_user: growup + passenger_app_env: stage + approot: /var/www/growup + approot_owner: apache + ruby_version: 'ruby-2.2.5' + directories: + - directory_root: + provider: directory + path: '/var/www/growup/public' + options: + - FollowSymLinks + - MultiViews + allow_override: + - All diff --git a/customer/mbvd-growup/web-cc-growup-dialog.pixelpark.net.yaml b/customer/mbvd-growup/web-cc-growup-dialog.pixelpark.net.yaml new file mode 100644 index 00000000..0d0f787f --- /dev/null +++ b/customer/mbvd-growup/web-cc-growup-dialog.pixelpark.net.yaml @@ -0,0 +1,33 @@ +--- +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEANGa4ioc2r+6fvJJHLX3Ed7Nn07Bqziqbs1+H6fwzx+bkqhG/1u8SlXzsUcA8rXXe5SwDpCp4iMd5qAkTCo5ZqFtE7ag6ijtk0xLflnJw/FmwPW+NMyyAe44xA5S+6CxlJ76UFNF9kNk74kGUHR0b4xx2vdYWF1TZX/A4UZfQNO7Q/caSMmzx53WMHoCTz5FBEyB5kwsye4KNCg1yZH5S1klJvWjcU3nEIZC1ThBLOS9jCpYe92q9/DEzXd5Sd5IvKqK7+Wq+EYQLVG7rgzbOe1bVDCswufQwfFmoHmi1Lz3sTrKaXugbM8E/nSTSQsIFMGwOahw4/XkD6QCSH06xvDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDjKd0O1G7DnVfctgxMvm4BgCAMu1WUsfyqBe9hZFnLRGhx76GJapF+bEJ7s/l13of9Fg==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEADEv9eTZ5MmfnSm2MRE+JTFed2zwZkbNzS2EHS5vlGK35+x7gD7sr40kuRRzp8wVEtgaQ6abkn+LX11x3utlJUj6iPU+3zfuKwfhpzYd4UzYVH3eJWW2BeBXablJVF0l7l+NT686JMpj9rId8kP68X+xk1hTmy8tPfWRm6cKXhgvmeHzZAn7sLZwIvaA0iumUogfRjl/ocO7I7MK0sgJIbPhn78p4y2ZdXnbYFrz1L17Rk2+ziJ0IwogPmBEbyN78c+udFWiDpiY3/4D9YHJOyeqJgUsMmNhspezVe1CTiZviVsCqE2aFZK0f4MQZHWN5Vb1UExPu1vdSR4AqA94LTDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDL1aJTRIQyGqHqZqrPYAIAgCAf3chWsX2ag1Gwda7ZGq538Yv7vTok1qwn4lAwDzOgRQ==] +site::profile::mysql_server::databases: + growup: + user: growup + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAHrvZI9JmuJXLm3QlbOdPLnMcyyNyE91mAzGJH/4yeS+w0DPeGl+eWvEWM9hDvr3/T/hkSaiECtMMBa7Tk1hMfv6COEPPP+CO+b5fdtGI+KEudo3uUUwEmCGqFay6NGIPdO0QEoJ61sLwisAUdbl4r6Str37QiRx7gM5pUEod2U6/aBAdsc0MZ7Pu697abnFIAcuVBXoGFP8vk6J2QUFGugvM8RTFaNkn/U3BwEwAGaJjImwf3CSX1IQK3A0EXwAvuYZTNv6wWs5SpvleFF7vHE30ES0xP2Y+tGBx9xO4PH5ROEYXBb1JS0JX54LEf2X0OndhKExPp2RdeUapn2AXKTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAMzCPB+Tj/VTfImWCqAuWjgCDSin6ind37oHL4AagKxPkwx8drs6jGNodHAtWUHVfQTw==] + +site::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAGG80NR2P3hwBeQMhzoqYvquVb04AEWBG7mEeq9gh5pTgsrYVv9tba2/lci6f7sGeiFxeAt1ii9UtmpFuiDXc/HWdegQVeQy24wamxbIf4I0TvDkzJTRpVuZRCMnhj1OkUNmtpeN3c96DfZDiH/69Rh7eo/D6Kf/iHjanTah7AYFC2V0g3/+zed3ubo7xhEoJ4g+PuCMaJp/tNQXQICEz4dRgVm3JrkEvyVXAZUFJP9PZDLuQ2shFV1d2A53Z8tB3yxxcnvBIG9hxzSP/XI9sqYtzsuRhA8Gvq9kbEuKS5KKL+pyc4qKEfh5bGrs2HQREL649MVdACNbH6HYJetnQczA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBRONCavCFy8OqF6grxH2wsgBA9IUuAe9AB2Sc088M8qbWs] + +site::profile::ruby_passenger::projects: + growup: + servername: web-cc-growup-dialog.pixelpark.net + serveraliases: + - specials.mercedes-benz.de + # es werden LB und WAF verwendet - SSL Certs liegen im Loadbalancer + ssl: false + passenger_user: growup + passenger_app_env: live + approot: /var/www/growup + approot_owner: apache + ruby_version: 'ruby-2.2.5' + directories: + - directory_root: + provider: directory + path: '/var/www/growup/public' + options: + - FollowSymLinks + - MultiViews + allow_override: + - All diff --git a/customer/mbvd-ngcc/dev-web-ngcc-daimler.pixelpark.net.yaml b/customer/mbvd-ngcc/dev-web-ngcc-daimler.pixelpark.net.yaml index 390458ed..baa67856 100644 --- a/customer/mbvd-ngcc/dev-web-ngcc-daimler.pixelpark.net.yaml +++ b/customer/mbvd-ngcc/dev-web-ngcc-daimler.pixelpark.net.yaml @@ -38,8 +38,8 @@ site::profile::apache::pp_vhosts: redirect_dest_non_ssl: 'https://dev-web01-ngcc-daimler.pixelpark.net/' headers: - 'always unset "X-Powered-By"' - - "set Content-Security-Policy: \"default-src 'self'; font-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.youtube.com https://s.ytimg.com https://connect.facebook.net; frame-ancestors 'self'; media-src 'self' data:; img-src 'self' https://*.facebook.com https://*.cdninstagram.com https://*.ytimg.com https://*.twimg.com https://mb.anythingabout.net; child-src https://*.youtube.com https://*.facebook.com\"" - - "set X-Content-Security-Policy: \"default-src 'self'; font-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.youtube.com https://s.ytimg.com https://connect.facebook.net; frame-ancestors 'self'; media-src 'self' data:; img-src 'self' https://*.facebook.com https://*.cdninstagram.com https://*.ytimg.com https://*.twimg.com https://mb.anythingabout.net; child-src https://*.youtube.com https://*.facebook.com\"" + - "set Content-Security-Policy: \"default-src 'self'; font-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.youtube.com https://s.ytimg.com https://connect.facebook.net; frame-ancestors 'self'; media-src 'self' data:; img-src 'self' https://*.facebook.com https://*.cdninstagram.com https://*.ytimg.com https://*.twimg.com https://mb.anythingabout.net; child-src https://*.youtube.com https://*.facebook.com; frame-src https://*.youtube.com https://*.facebook.com\"" + - "set X-Content-Security-Policy: \"default-src 'self'; font-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.youtube.com https://s.ytimg.com https://connect.facebook.net; frame-ancestors 'self'; media-src 'self' data:; img-src 'self' https://*.facebook.com https://*.cdninstagram.com https://*.ytimg.com https://*.twimg.com https://mb.anythingabout.net; child-src https://*.youtube.com https://*.facebook.com; frame-src https://*.youtube.com https://*.facebook.com\"" headers_ssl: - 'always set Strict-Transport-Security "max-age=31556926"' custom_fragment: | diff --git a/customer/mbvd-odt/dev-odt-daimler-com.pixelpark.net.yaml b/customer/mbvd-odt/dev-odt-daimler-com.pixelpark.net.yaml index 04379ed8..55b38dcc 100644 --- a/customer/mbvd-odt/dev-odt-daimler-com.pixelpark.net.yaml +++ b/customer/mbvd-odt/dev-odt-daimler-com.pixelpark.net.yaml @@ -12,7 +12,6 @@ sudo::configs: %pixel ALL=(openemm) NOPASSWD: ALL site::profile::pg_server::version: '9.6' -postgresql::server::contrib::package_ensure: true postgresql::server::locale: 'de_DE.UTF-8' postgresql::server::ipv4acls: - 'host openemm openemm 217.66.51.0/24 md5' diff --git a/customer/mbvd-odt/int-cms-odt-daimler-com.pixelpark.net.yaml b/customer/mbvd-odt/int-cms-odt-daimler-com.pixelpark.net.yaml index e3621e7e..6c181d11 100644 --- a/customer/mbvd-odt/int-cms-odt-daimler-com.pixelpark.net.yaml +++ b/customer/mbvd-odt/int-cms-odt-daimler-com.pixelpark.net.yaml @@ -1,43 +1,66 @@ --- +accounts::users: + christian.heggemann: + apply: true + sudo: true + dirk-peter.krause: + apply: true + sudo: true + site::role: base site::additional_classes: - site::profile::apache - apache::mod::proxy_ajp +apache::mod:proxy: + proxy_via: 'Off' site::profile::apache::pp_vhosts: -# int-cms: -# docroot: '/var/lib/tomcat/catalina/odt-cms/webapps/ROOT' -# docroot_owner: tomcat -# docroot_group: tomcat -# servername: int-cms-odt-daimler-com.pixelpark.net -# ssl: true -# ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' -# ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' -# ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' -# rewrites_non_ssl: -# - https: -# comment: 'all to https' -# rewrite_rule: -# - '^(.*)$ https://int-cms-odt-daimler-com.pixelpark.net$1 [L,R=301]' -# rewrites: -# - 404handler: -# comment: 'missing export to opencms' -# rewrite_cond: -# - '%%{ich-trickse}{REQUEST_URI} ^/export/(.*) [NC]' -# - '%%{ich-trickse}{DOCUMENT_ROOT}%%{REQUEST_FILENAME} !-f' -# rewrite_rule: -# - '^(.*)$ http://localhost:8080/opencms/handle404?exporturi=%%{ich-trickse}{REQUEST_URI}&%%{ich-trickse}{QUERY_STRING} [P]' -# proxy_preserve_host: true -# proxy_pass: -# - { path: /opencms, url: '!' } -# - { path: /resources, url: '!' } -# - { path: /export, url: '!' } -# - { path: /skins, url: '!' } -# - { path: /genImages, url: '!' } -# - { path: /genImagesTemp, url: '!' } -# - { path: /fonts, url: '!' } -# - { path: /, url: 'http://localhost:8080/opencms/' } + int-cms: + docroot: '/var/lib/tomcat/catalina/odt-cms/webapps/ROOT' + docroot_owner: tomcat + docroot_group: tomcat + servername: int-cms-odt-daimler-com.pixelpark.net + ssl: true + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + rewrites: + - opencms_to_slash: + comment: '/opencms to /' + rewrite_rule: + - '^/opencms/(.*)$ /$1 [R,L]' + rewrites_non_ssl: + - https: + comment: 'all to https' + rewrite_rule: + - '^(.*)$ https://int-cms-odt-daimler-com.pixelpark.net$1 [L,R=301]' + - proxy_non_https: + rewrite_cond: + - '%%{ich-trickse}{REQUEST_URI} !^/(opencms|resources|export|skins|genImages|genImagesTemp|fonts)' + rewrite_rule: + - '^(.*)$ http://localhost:8080/opencms$1 [P,L]' + - 404handler_non_https: + comment: 'missing export to opencms' + rewrite_cond: + - '%%{ich-trickse}{REQUEST_URI} ^/export/(.*) [NC]' + - '%%{ich-trickse}{DOCUMENT_ROOT}%%{ich-trickse}{REQUEST_FILENAME} !-f' + rewrite_rule: + - '^(.*)$ http://localhost:8080/opencms/handle404?exporturi=%%{ich-trickse}{REQUEST_URI}&%%{ich-trickse}{QUERY_STRING} [P]' + rewrites_ssl: + - proxy_https: + rewrite_cond: + - '%%{ich-trickse}{REQUEST_URI} !^/(opencms|resources|export|skins|genImages|genImagesTemp|fonts)' + rewrite_rule: + - '^(.*)$ http://localhost:8081/opencms$1 [P,L]' + - 404handle_https: + comment: 'missing export to opencms' + rewrite_cond: + - '%%{ich-trickse}{REQUEST_URI} ^/export/(.*) [NC]' + - '%%{ich-trickse}{DOCUMENT_ROOT}%%{ich-trickse}{REQUEST_FILENAME} !-f' + rewrite_rule: + - '^(.*)$ http://localhost:8081/opencms/handle404?exporturi=%%{ich-trickse}{REQUEST_URI}&%%{ich-trickse}{QUERY_STRING} [P]' + proxy_preserve_host: true int-kampagnen: servername: int-kampagnen-mercedes-benz-de.pixelpark.net docroot: /var/www/html diff --git a/customer/mbvd-rallye/common.yaml b/customer/mbvd-rallye/common.yaml new file mode 100644 index 00000000..a2ca5a70 --- /dev/null +++ b/customer/mbvd-rallye/common.yaml @@ -0,0 +1,29 @@ +--- +site::role: base +site::additional_classes: + - site::profile::apache_php + - site::profile::mysql_server + +apache::mpm_module: event +apache::default_vhost: false +repo::remi_php70: true + +php::extensions: + xml: {} + mcrypt: {} + mysqlnd: {} + intl: {} + opcache: {} + +php::settings: + PHP/short_open_tag: 'Off' + +accounts::users: + jonas.willingstorfer: + apply: true + groups: apache + sudo: true + alexander.bloedorn: + apply: true + groups: apache + sudo: true \ No newline at end of file diff --git a/customer/mbvd-rallye/stage-www-v-klasse-rallye-mercedes-benz-de.pixelpark.net.yaml b/customer/mbvd-rallye/stage-www-v-klasse-rallye-mercedes-benz-de.pixelpark.net.yaml new file mode 100644 index 00000000..6b8722d1 --- /dev/null +++ b/customer/mbvd-rallye/stage-www-v-klasse-rallye-mercedes-benz-de.pixelpark.net.yaml @@ -0,0 +1,54 @@ +--- +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAOl4qn6kID+//OXWiMUM5mcYrwP3TNlFuYAr2308+zDqnfC+rDyWkzK+cEDIngY1Yxt1clWR4c4Mk2rGhZoCjbEv21mhBa0P71CKMG9u7oxp4WQtN9V3Q6n5w3ey0JQLQVSmYQEWlSVjeVROwvBQgW28cvzlJMpTZ2UmWndfmuz8MhT78D7xkIfS6P/uBzcmdzIpoMyYHjP2yV0WNeAjql431H7gvIXNMNfZB4mXUujwDEHrg4tsCVSbIMCc0MvrHKXo1zU5/qPyn6KhiOfun5l2dcA0k8tCE6Kv4RBBWKBcSX/bhE9t1RbDO7xj1cKvr3tVR/sj3aIn13tmLqQlSeTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBPsURtXnRVE0I/umgTCRW/gCCbaGOS0iJRRXZK5Y5WTRhi59Ug2bZdTwm+ToTatatZUA==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAW0f9gfloWIQ+nDEO23HZvf+MyXuaIxD0t6LHIu600eJZdbRsqi5ZV5AkHdKgu/3Y1LLZ3YR4IVhzA9USVKplpGyyMnB4a68Or0oo+COAWtmkaahxYr7dgjtgigEwmIzRKsyheNSGsx9++mH0QsizKRbKF3lJA6GbjMYQ8uGvvunVew2vIfhAr5X6uAGEAaiVbvFJG4bPy0eYZz1GWzyYHpbvg45/H61+YrAsGuwg5AZl3jhtc8DjOrl1wbG7O1r/6y/9Oc6eTex2ZwAKIGRzo3/hqS9cCT4KzXlIEORlpY9l76ls1udXuh5SNsdEO9BUASMIWevEHZ73UvyZ/kMzijBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBM3QPImXWYjyB0n8NBrbw3gCCAEK73UsfvnJq65kWb8b0lP1c7ovcPMherJFgXr2796g==] +site::profile::mysql_server::databases: + mbvan: + user: mbvan + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAtEFQrvynJi2EfVo+2mO+NBKQ81F2l+qoHJ1RxGkC6MBrDkIVT7aWb66VFcPQ2sGTRVInl4va6SR24ckxiPKRo0WWe+no2anjVgPSRFKCGLiZ8FRRowKc+BJ4vJ9Vb4OoUR6PtlEhM+IEOkbyRsIlkqEjF7Dd0c6UgZDRPJpnYlE2R3QX/2ownmcOFWXfZTytHf4OP2xCQO9nXr3ueIcaP9lp8p7usQMWJBW7apYIXtRDh6craLr4LRIW4Uq2ALbOTE+Q3gqBEKxX8VHkgXUkQiHAFFSTo33UJLkK47YHbrXeJCbE0EuT7JlewmnN9a0IuWrsfMr1F7JWEx8oyrgE/jBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAX77o5DsgsGhZVTMbZPTsJgCCU5rT7F4Xy1SCimXGHAtddsIXumJ5xT8rtGlbiFNJMnA==] + +php::fpm::pools: + www: + ensure: absent + +site::profile::apache_php::fpm_pool: + mbvan: + listen_owner: apache + listen_group: apache + +site::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAdXopyTzWdYUFXWbPSxVliPPPdHLAHNAL5jR/yrJfxRJKel34r3cUhhZOywnr3CP/dN3y4a0waB5EaOSnCqsxEfCDTOLxFlJ+Fmd1Tv/QcJ7gzq499623/cTkBFqhRk7TV6ccU+gVb1gTD6FYQL5L7nBsMXn2Q4/kL9gz+estAZL5Yq26EM8FkVRlrQi0eUF9BefYTxWZE6p0Cd17sRJADMfdTm2he6Fyz+V/RyivEeyEScPlLH1zxZaAdtlEe7LwBSH5XoJtyBPY/gF8h2WjDz5x0p31HGMzBwtAeq2KZOC4VjqIrMsiUqBBPmtaXziA8Yr2KXy/LciTTePL0hE5BTA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAGt5CeNGSkOAm1k5ffM8z7gBAD+O+4BamFKG1TX9g2E8cI] + +site::profile::apache::pp_vhosts: + mbvan: + docroot: /var/www/mbvan/web + servername: stage-v-klasse-rallye.mercedes-benz.de # WAF Domain + serveraliases: + - stage-www-v-klasse-rallye-mercedes-benz-de.pixelpark.net # Realserver Domain + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' + docroot_owner: apache + docroot_group: apache + docroot_mode: '2775' + directories: + - directory_root: + provider: directory + path: '/var/www/mbvan/web' + addhandlers: + - { handler: "proxy:unix:/var/run/php5-fpm-mbvan.sock|fcgi://./" , extensions: '.php' } + options: + - FollowSymLinks + - MultiViews + allow_override: + - All + directoryindex: index.php index.html + - location1: + provider: location + path: '/' + auth_type: Digest + auth_name: server + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' diff --git a/customer/mbvd-rallye/www-v-klasse-rallye-mercedes-benz-de.pixelpark.net.yaml b/customer/mbvd-rallye/www-v-klasse-rallye-mercedes-benz-de.pixelpark.net.yaml new file mode 100644 index 00000000..e38a08e1 --- /dev/null +++ b/customer/mbvd-rallye/www-v-klasse-rallye-mercedes-benz-de.pixelpark.net.yaml @@ -0,0 +1,68 @@ +--- +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAZ72ijU7Sp3rSQOKDGZWfNwwGcqDLztFCCTR0ipylFHDNjbvick7DHCcqt3kLC1l+oITI8TTlIwzZsUpGrRBZnvIDTFhsGrw4/fhIsS2XPOzGJj3ZqldWYwmTVYPZcXHS/ORnnrNa9BhfJtuAKnSoXRXTKv2XwdioEDDmC8ZFElyh+3Ya61lNYeAvKX9KbWp7snCGUG1jDniiSZAw6Ao1SDzoZcDjjei76FSmcqkcWA1sZ4uZDokzegI308FiHZmEmdH6Jr8eo6piFf5HwoKCsxvR+VY4P7jYOt3RGvSKLZC21hOpLzDsgppWORhZnabl9TwuVcq8m641xmm0oh7DDjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDOJoMboVqoasYHmA3e+Gx1gCC1JmdmR6YaY7PyR0Z2YfA4g53d6KY4arUCWq2hlSH10A==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAWvPTOiJlPEHIR81yaEb/FRms91Kr8wMIauBOYzfCDkKAIxNIbmr8sqFeV4BbtuaQe79vncrXn38yguVk6tugRcub5L2dDDE/EvsJncz6teJRAuyAyEwMDSjhnnXPgK8AVGanBT6pMl8osk4NUXZijuEm83oFML0GDuKfgBIybAUcbne7uZ/lceS41VgH30UM0XpvrJR2aJ6LgOot3z2NMV7PUKpQiNNYAJ5+MSRT99a/WFOuJG13FUXgKRJNiBLvSP3/GRvm6wA2aJBOpbOi1IytpIJNk8lwBOMPmmLRXxcHUcwXAfR1LgEB4Kvol7baQbWGICYriNKGNHUN7fClrjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCz4Ey9bmaRw6IK8HS/Kk44gCAIF8j9NbPWgusIroWE6vnDmjY2j/hpZ9EmqFCOy5lg1A==] +site::profile::mysql_server::databases: + mbvan: + user: mbvan + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAKGGv1ThsE690YSoJLHK8PJMg/jILTatT2UJsXcWQ/yeoPCXi/6YwLHkWzKs8TczFfBOcr5wO+Hl4TWnRT5t47E/+6Lv/3NgID5gua/dq1gGHmRyg4qZllPewFoj/EbAM6spWkMi3yuaFhj0wjyviJFzvKM6+BCu6veRvZrWD0GKB2xmXuZtBV4oNZ8tsBUzAeF4fDEBcE6LJq6zNPWFxh341j2dKzUd96Fl6eVJckf80e0yzu0RraL2dIFSEppKVrAdahnmnGEbCKp95lFQqUtwsWLf3yYuIdlV8pAkyWG9yy4qJYBJVM3vmv1/1uJ93E5vs5SO8+3pcgdLLOdisjDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBJg1mwgYmFac2coBvnWTpCgCBfMT6UrGzQPl2R3Zgj21WfNumUyff+m7Y5YLl08PHgLg==] + +php::fpm::pools: + www: + ensure: absent + +site::profile::apache_php::fpm_pool: + mbvan: + listen_owner: apache + listen_group: apache + +site::profile::apache::htdigest: + server: + www: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAEbdBgz89hccAefAUPrjn2p0Bccx2bw0afv1pzfraVFomn5Rb5ujq99IR3XsolxJQ/PLy3qKI7gQw4QMdAxqpVcSJV0wSdYpTsRTVFEYWUW57RJqYu87XyXbiPOz7ZmN3fUlTb7BMwKoQ+d/gPZMq+HBCIhXrK2FUHfPvyoq5U21wWcgWrqBUf0T4E6N8+GRFx+cMxJRur1YPSvoF4Uo/36i13LULbfc7oiDnsnZ553opjwtI++Z5WX13UGcSaagkwAjKACIZ3ynjHQ+42sfkfZTVAKgpw3y265SLtV0YkU/BIjDoajWpCC+KRxG28yfC+pSWHB/NSete/R9QcLcaNzA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCjikUjudaVH0I3cJkGDkbBgBD3kCW7unkvGn2qZ5XlgGv9] + +site::profile::apache::pp_vhosts: + mbvan: + docroot: /var/www/mbvan/web + servername: v-klasse-rallye.mercedes-benz.de # WAF Domain + serveraliases: + - www.v-klasse-rallye.mercedes-benz.de # SAN Host + - www-v-klasse-rallye-mercedes-benz-de.pixelpark.net # Realserver Domain + ssl: false + docroot_owner: apache + docroot_group: apache + docroot_mode: '2775' + directories: + - directory_root: + provider: directory + path: '/var/www/mbvan/web' + addhandlers: + - { handler: "proxy:unix:/var/run/php5-fpm-mbvan.sock|fcgi://./" , extensions: '.php' } + options: + - FollowSymLinks + - MultiViews + allow_override: + - All + directoryindex: index.php index.html +# - location1: +# provider: location +# path: '/' +# auth_type: Digest +# auth_name: server +# auth_digest_provider: file +# auth_digest_algorithm: MD5 +# auth_user_file: '/etc/httpd/htdigest' +# auth_require: 'valid-user' + rewrites: + - alias: + comment: 'Weiterleitung auf echte URL' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} !^v-klasse-rallye\.mercedes-benz\.de$ [NC]' + rewrite_rule: + - '^(.*)$ https://v-klasse-rallye.mercedes-benz.de$1 [L,R=301]' + - alias1: + comment: 'Weiterleitung auf https' + rewrite_cond: + - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]' + rewrite_rule: + - '^(.*)$ https://v-klasse-rallye.mercedes-benz.de$1 [L,R=301]' + setenvif_ssl: + - 'HTTPS on HTTPS=on' diff --git a/customer/mbvd-shes/web-shes-mercedes-event-de.pixelpark.net.yaml b/customer/mbvd-shes/web-shes-mercedes-event-de.pixelpark.net.yaml index d6d7bb63..ab2d2bbc 100644 --- a/customer/mbvd-shes/web-shes-mercedes-event-de.pixelpark.net.yaml +++ b/customer/mbvd-shes/web-shes-mercedes-event-de.pixelpark.net.yaml @@ -14,8 +14,7 @@ site::profile::ruby_passenger::projects: shes: servername: shes-mercedes-event-de.pixelpark.net # WAF Domain serveraliases: - - shes-mercedes-event.de # Kundendomain - - www.shes-mercedes-event.de + - event.shesmercedes.de # Kundendomain - web-shes-mercedes-event-de.pixelpark.net # Realserver Domain ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' @@ -35,12 +34,10 @@ site::profile::ruby_passenger::projects: allow_override: - All directoryindex: index.php index.html - - location1: - provider: location - path: '/' - auth_type: Digest - auth_name: server - auth_digest_provider: file - auth_digest_algorithm: MD5 - auth_user_file: '/etc/httpd/htdigest' - auth_require: 'valid-user' +# rewrites: +# - http_to_https: +# comment: 'Alles auf https umleiten' +# rewrite_cond: +# - '%%{ich-trickse}{HTTPS} !=on' +# rewrite_rule: +# - ^(.*)$ https://event.shesmercedes.de$1 [R=301,L] diff --git a/customer/mbvd-transporter-training/common.yaml b/customer/mbvd-transporter-training/common.yaml index 842a90f8..e422f54c 100644 --- a/customer/mbvd-transporter-training/common.yaml +++ b/customer/mbvd-transporter-training/common.yaml @@ -17,7 +17,7 @@ accounts::users: andreas.pinto-koehler: apply: true group: "apache" - cristof.hoefler: + christof.hoefler: apply: true group: "apache" thomas.bussmeyer: diff --git a/customer/mbvd-trapo/int-www01-trapo-top10-mercedes-benz-de.pixelpark.net.yaml b/customer/mbvd-trapo/int-www01-trapo-top10-mercedes-benz-de.pixelpark.net.yaml index 7f5b7ea7..ce1e6a78 100644 --- a/customer/mbvd-trapo/int-www01-trapo-top10-mercedes-benz-de.pixelpark.net.yaml +++ b/customer/mbvd-trapo/int-www01-trapo-top10-mercedes-benz-de.pixelpark.net.yaml @@ -38,7 +38,7 @@ site::profile::mysql_server::databases: site::profile::drupal::projects: trapo: - site_path: '/var/www/trapo-top10/web' + site_path: '/var/www/trapo-top10/drupal/web' servername: int-www01-trapo-top10-mercedes-benz-de.pixelpark.net serveraliases: ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' diff --git a/customer/mbvd-trapo/int-www02-trapo-top10-mercedes-benz-de.pixelpark.net.yaml b/customer/mbvd-trapo/int-www02-trapo-top10-mercedes-benz-de.pixelpark.net.yaml index 6fc8e2b1..1dfda0c7 100644 --- a/customer/mbvd-trapo/int-www02-trapo-top10-mercedes-benz-de.pixelpark.net.yaml +++ b/customer/mbvd-trapo/int-www02-trapo-top10-mercedes-benz-de.pixelpark.net.yaml @@ -38,7 +38,7 @@ site::profile::mysql_server::databases: site::profile::drupal::projects: trapo: - site_path: '/var/www/trapo-top10/web' + site_path: '/var/www/trapo-top10/drupal/web' servername: int-www02-trapo-top10-mercedes-benz-de.pixelpark.net serveraliases: ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' diff --git a/customer/mhk/mdb01-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/mdb01-mhk-kueche-de.pixelpark.net.yaml index 4c3c2b5e..573c0485 100644 --- a/customer/mhk/mdb01-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/mdb01-mhk-kueche-de.pixelpark.net.yaml @@ -1,2 +1,16 @@ --- site::role: base +site::additional_classes: + - site::profile::mongodb_server + - mongodb::globals +#### Just Doin' no auth at the moment +mongodb::globals::manage_package_repo: true +mongodb::globals::version: 3.0.6-1.el7 +mongodb::globals::bind_ip: 0.0.0.0 +mongodb::globals::repo_location: 'https://repo.pixelpark.com/Linux/yum/mongodb/7/RPMS/' +mongodb::server::auth: false +mongodb::server::replset: "rsblueprint" +mongodb::server::replset_members: + - "mdb01-mhk-kueche-de.pixelpark.net:27017" + - "mdb02-mhk-kueche-de.pixelpark.net:27017" + - "mdb03-mhk-kueche-de.pixelpark.net:27017" diff --git a/customer/mhk/mdb02-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/mdb02-mhk-kueche-de.pixelpark.net.yaml index 4c3c2b5e..573c0485 100644 --- a/customer/mhk/mdb02-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/mdb02-mhk-kueche-de.pixelpark.net.yaml @@ -1,2 +1,16 @@ --- site::role: base +site::additional_classes: + - site::profile::mongodb_server + - mongodb::globals +#### Just Doin' no auth at the moment +mongodb::globals::manage_package_repo: true +mongodb::globals::version: 3.0.6-1.el7 +mongodb::globals::bind_ip: 0.0.0.0 +mongodb::globals::repo_location: 'https://repo.pixelpark.com/Linux/yum/mongodb/7/RPMS/' +mongodb::server::auth: false +mongodb::server::replset: "rsblueprint" +mongodb::server::replset_members: + - "mdb01-mhk-kueche-de.pixelpark.net:27017" + - "mdb02-mhk-kueche-de.pixelpark.net:27017" + - "mdb03-mhk-kueche-de.pixelpark.net:27017" diff --git a/customer/mhk/mdb03-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/mdb03-mhk-kueche-de.pixelpark.net.yaml index 4c3c2b5e..573c0485 100644 --- a/customer/mhk/mdb03-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/mdb03-mhk-kueche-de.pixelpark.net.yaml @@ -1,2 +1,16 @@ --- site::role: base +site::additional_classes: + - site::profile::mongodb_server + - mongodb::globals +#### Just Doin' no auth at the moment +mongodb::globals::manage_package_repo: true +mongodb::globals::version: 3.0.6-1.el7 +mongodb::globals::bind_ip: 0.0.0.0 +mongodb::globals::repo_location: 'https://repo.pixelpark.com/Linux/yum/mongodb/7/RPMS/' +mongodb::server::auth: false +mongodb::server::replset: "rsblueprint" +mongodb::server::replset_members: + - "mdb01-mhk-kueche-de.pixelpark.net:27017" + - "mdb02-mhk-kueche-de.pixelpark.net:27017" + - "mdb03-mhk-kueche-de.pixelpark.net:27017" diff --git a/customer/mhk/mls-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/mls-mhk-kueche-de.pixelpark.net.yaml index 4c3c2b5e..e3021171 100644 --- a/customer/mhk/mls-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/mls-mhk-kueche-de.pixelpark.net.yaml @@ -1,2 +1,29 @@ --- site::role: base +site::additional_classes: + - site::profile::mysql_server + + +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEABHsNYivPBhK5xNbulfDhg/iJ42tcQwv89k11rLK8jCbDQCxBQaWn+nOupvn4FjVPnVcJpIqaYdIlO/2ZremVnGL1jnMl1g3Xz7UC6s1wnE47sS2hg0rlC35Ag0ymxYqAR0gsaLoZvzVb7JJuM644+mKD8ANu1ecyGI5ReaWfXqqIjWSqcnjM22EI0Za6r4qfBW9tPVs3ORtOE6JJBO4t10P+zZ3N8kS7b+NOfc4Pog5dWPIDitHs/NgEaJ8aKKt8nDHZVvjFKy12I6wxRDl9zMtF7Mauah2vqI8fQB9TO/wUy4ORWs0eQ/NpP3AVCQNM9PMnizDmcZgs6i/v97BNiDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDxg5OL57YQ5jVAQeFXKs94gCAKDEmJIFvUuSlpydc9uRFsWSCv3lM31WNUz7u5vbRBlw==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAol3rzkLxQddArQoIchF+s3VlhVJYSzW99NKb2WX0p2xxX8OMOg5XS7fa0ebYxWtgGw08zgjRqVhuuUKtqS3BZv0vSJ28HkmAb1Ba0WUKJRt2N6FvGO/hfAKddCNfAe0eKf/Cfic/BW0q0ooCksXEk+3/o4UO1VSTqFDd1W/9R1KmvbWu8xe9/KwVrLIOL7HQh26ZCgVCFS5EKK2f7LHph1M6mzpCqte4RTa/IyqoLmOi+AnyuZt/wEKMWCjllFiKwOThBJ2V18EB0NT2aqM97n6efCDpVlhOEZtE+A/RpnXJtu7OPKfCu4sDtsosL4qzejyLjMnB+wbU5SsRDqR5qTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDjWMCw0ba+BHgRWZ9Y534FgCDj16OKDa8hLvQixlC5mUnkHT9Jh6rVfl9jc4RrKKWFkA==] +mysql::server::backup::backupdir: '/var/backup/mysql' +site::profile::mysql_server::databases: + cm7master: + user: cm7master + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAFMUgVd0/sGqsoYliEol2A9Xdj3fqAtVX5aBEbnpT+ljpQvUN66hqnT1iNTpj/C3yf1no2dLSAJvgrhF4sJbzX660gCNHPF1DWBr1FhTRqHPNsJuaqRREELjR869dx9bdw9YrOVm8NHcx9CcfreXrTMDxZ4KQlsDUEOTGOe0iGPXuymf0aXqXQScwtQaaL3rARI8KEU4luEIrcGi5lEbKrmsgJDWvp2sUkBzeMaerfzSjxmzrxqI6AzWaN9He6duMucsElQWlKh1pUbFHEOAfTeBB6txvjkEjnkgSfTESv9g4DCIIhadvagnkQDivAYWXAN8ITf1DzkY3NMuBf1Bw7DBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDz/TeEUvyWvSFMeybdaeKmgCACTrZ9B6Qrtn4heFBi59aGMH/2djaUfafUDrwBvhF/pA==] + cm7caefeeder: + user: cm7caefeeder + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAt4pyQG9AVoMBwXUev4NDUGPoDSrqeY3KE+f2EVUJlBzGc+i7F8oyXCAuYCKB25KKEtrFnpCzOlpFqw+RIaeEk13gjZwg66+A65C2xTMsd22dPS+KnWNFM0twNTjwBitR20cP17mGMKbMjy3yM3Jvfurs7UIj+XsQ0Sb/rA5ytltPxl+rLzS1rLTMNDvAbidewtikcTYpJz0AK3HmX5/UJprHsR5/bHRX/qrksN7sIvDVJZDsNlDvrnlHjo6lYj4n86nkoD1gr8uacHgTY72LX1BYqfeMYofqXM2qFZ65ERxuLPMGt1bpB7N8sHSiz/VJ9MbqkAD8yqJqjJ2MgwZpmTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBL2EtjA97gGWbOKW0ET7m5gCCN+d41WoLUgm1THsyN2aD8lggBfvzHMBq57VMxXeHEoQ==] + +mysql::server::override_options: + mysqld: + innodb_buffer_pool_size: 1G + innodb_buffer_pool_instances: 1 + thread_pool_size: 8 + innodb_log_buffer_size: 16M + query_cache_type: 0 + default-storage-engine: INNODB + innodb_file_per_table: 1 + table_open_cache: 512 + innodb_log_file_size: 256M + performance_schema: ON diff --git a/customer/mhk/red-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/red-mhk-kueche-de.pixelpark.net.yaml index 03507928..21a7f7ff 100644 --- a/customer/mhk/red-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/red-mhk-kueche-de.pixelpark.net.yaml @@ -14,13 +14,14 @@ site::profile::mysql_server::databases: cm7management: user: cm7management password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAbVIhrs8XXGKlIBzMiQFwMcbpF3qmPypkoM5wWIhQy/3FjloQ8GqPAMsuNphrjHCq+gykGrG7AQHa76H8/FzQEhWBHjR7mvCliROdNz4QFzxBLLlKD7W1LZmfCrZG01GonjAaPeW1QPqF8OFfXNYatCS9qtJWmPpDYfTwWjJmbCXS7p2TB5Oy5cRdfds/ZPw+/fuEofPa/zL7Ee5tnnUrmN733ZIfFmIBR0u9pZirINeY23heyRdqmZlI4puG8o806GRNtr+PHm56GYvTWgoWDs5wkc7yvBGWC+rncaajoxz4IAsk2heS9zn9uIntsr7aeL8Si0W7AHw32OgNkHC7JTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCbSGWk54OL3lNCrgzL5aVUgCCG2at0RtLZvQmu3U1x+E7XACW3cYMbviExJ9FRZ5i66Q==] - cm7master: - user: cm7master - password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAFMUgVd0/sGqsoYliEol2A9Xdj3fqAtVX5aBEbnpT+ljpQvUN66hqnT1iNTpj/C3yf1no2dLSAJvgrhF4sJbzX660gCNHPF1DWBr1FhTRqHPNsJuaqRREELjR869dx9bdw9YrOVm8NHcx9CcfreXrTMDxZ4KQlsDUEOTGOe0iGPXuymf0aXqXQScwtQaaL3rARI8KEU4luEIrcGi5lEbKrmsgJDWvp2sUkBzeMaerfzSjxmzrxqI6AzWaN9He6duMucsElQWlKh1pUbFHEOAfTeBB6txvjkEjnkgSfTESv9g4DCIIhadvagnkQDivAYWXAN8ITf1DzkY3NMuBf1Bw7DBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDz/TeEUvyWvSFMeybdaeKmgCACTrZ9B6Qrtn4heFBi59aGMH/2djaUfafUDrwBvhF/pA==] cm7mcaefeeder: user: cm7mcaefeeder password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAa3yvtQcuZcPaxuUnYQ7d4G+/bxcoEO3AugNqfjtK3xbsibWdEQ60agC+rEhp2SKdn7fzOqkz8nAJZXykBy8ZXoMxpXmfUilfmk3tVu7OUNUYIwY0a3tpjzGfjP3I8gpInupiHR51olwizg8QnId+H1BGW3f4qppoHmhJrj0XHiM+kzmRYS8r5yoEGpgjIa2t7zcjl6+oeWKuOHi9vyzxNvxr/qZtvFuTS+0x9pmCcSgarEO2OjNymEkqeIDr2iHXnJ7JIC0BpeXtwx4qf+bGF2eFSQq3uQQtytWik++xc/Ufurqna5SltWtq0pyTNdDFSyAQRmziEwzGbpjOr2t+UTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDGF+ZBzJCKYFMvZqicov33gCAVWCReOFa1UU3QnxV7Qm9Wpipm5HhWVb4TC19bdrD0xA==] +site::profile::apache::htdigest: + mhk-preview: + preview: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAMrbm5btU56ow2DidcQBiAQ68SFjX7F9GFn7f6Vt/OVSY6MTttrZgVTHhmhLsvXvkbkhAZF9uOHyIH9MyOo7V2ixa/WvaAcNRVoSM3jgOESD92xwOfVk9Pe4Q6ofvMV2ZQZIGaU6lejbwnYb36664wG4Oqsn+Vhf8m30hPDV3rlkr6hAHekLMb5kaUO1IB0YdG38Qp3Fg5EBtFGPxXdKUdFXpcVQXsym4pvGIxtMmdXWeFbT35V6RFZ0oo58fGqYOzH1ZXAhXnEr8wtAccmnXyCQE6k+h63gbmRyRmKaSiP1LmyvFw1O6CH/Tyy6fSHaTrYnTXyPBADp3pkFxXM4ycTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBbGqOFOeS5FjZ4nyn/flBogCDC7m3jQ1TGN1fReXQjtB6GPQtMp9YGpBk9bUru+1GZDw==] + mysql::server::override_options: mysqld: innodb_buffer_pool_size: 1G @@ -32,6 +33,7 @@ mysql::server::override_options: innodb_file_per_table: 1 table_open_cache: 512 innodb_log_file_size: 256M + performance_schema: ON #### Just Doin' no auth at the moment @@ -41,6 +43,8 @@ mongodb::globals::bind_ip: 0.0.0.0 mongodb::globals::repo_location: 'https://repo.pixelpark.com/Linux/yum/mongodb/7/RPMS/' mongodb::server::auth: false +apache::default_vhost: false + apache::mod::deflate::types: - 'text/css' - 'application/x-javascript application/javascript application/ecmascript' @@ -52,6 +56,8 @@ site::profile::apache::pp_vhosts: docroot: '/var/www' servername: red-mhk-kueche-de.pixelpark.net ssl: true + ip: 77.74.235.5 + add_listen: true ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' @@ -67,6 +73,8 @@ site::profile::apache::pp_vhosts: docroot: '/var/www' servername: studio-red-mhk-kueche-de.pixelpark.net ssl: true + ip: 77.74.235.5 + add_listen: false ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' @@ -88,9 +96,21 @@ site::profile::apache::pp_vhosts: docroot: '/var/www' servername: preview-red-mhk-kueche-de.pixelpark.net ssl: true + ip: 77.74.235.10 + add_listen: true ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + directories: + - location1: + provider: location + path: '/' + auth_type: Digest + auth_name: mhk-preview + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' rewrites_non_ssl: - https: comment: 'all to https' @@ -102,7 +122,7 @@ site::profile::apache::pp_vhosts: rewrite_rule: - '^/login/(.*) /blueprint/servlet/login/$1 [PT,L]' - '^/action/(.*) /blueprint/servlet/action/$1 [PT,L]' - - '^/([0-9]+)/(.*) /blueprint/servlet/action/kueche-de/$1/action/$2 [PT,L]' + - '^/([0-9]+)/(.*) /blueprint/servlet/action/de-DE/$1/action/$2 [PT,L]' - '^/blob/(.*) /blueprint/servlet/blob/$1 [PT,L]' - '^/resources/(.*) /blueprint/servlet/resources/$1 [PT,L]' - '^/image/(.*) /blueprint/servlet/image/$1 [PT,L]' @@ -114,15 +134,15 @@ site::profile::apache::pp_vhosts: - '^/elastic/social/(.*) /blueprint/servlet/elastic/social/$1 [PT,L]' - '^/elastic/image(.*) /blueprint/servlet/elastic/image$1 [PT,L]' - '^/connect/(.*) /blueprint/servlet/connect/$1 [PT,L]' - - '^/kueche-de(/)?$ / [R,L]' - - '^/blueprint/kueche-de$ /blueprint/servlet/page/kueche-de [PT,L]' + - '^/de-DE(/)?$ / [R,L]' + - '^/blueprint/de-DE$ /blueprint/servlet/page/de-DE [PT,L]' - '^/blueprint/servlet/sitemap-generation$ - [F,PT,L]' - '^/sitemap_index.xml /opt/coremedia/www/sitemap-org/Sites/Reframed/sitemap_index.xml [L]' - '^/sitemap(.*).xml.gz /opt/coremedia/www/sitemap-org/Sites/Reframed/sitemap$1.xml.gz [L]' - - '^/robots.txt /blueprint/servlet/robots/kueche-de [PT,L]' + - '^/robots.txt /blueprint/servlet/robots/de-DE [PT,L]' - '^/blueprint/(.*) /blueprint/$1 [PT,L]' - - '^/$ /blueprint/servlet/page/kueche-de [PT,L]' - - '^/(.*) /blueprint/servlet/page/kueche-de/$1 [PT,L]' + - '^/$ /blueprint/servlet/page/de-DE [PT,L]' + - '^/(.*) /blueprint/servlet/page/de-DE/$1 [PT,L]' proxy_preserve_host: true @@ -132,9 +152,37 @@ site::profile::apache::pp_vhosts: docroot: '/var/www' servername: preview-media-red-mhk-kueche-de.pixelpark.net ssl: true + ip: 77.74.235.5 + add_listen: false ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' proxy_preserve_host: true proxy_pass: - { path: /blueprint, url: 'ajp://localhost:40009/blueprint' } + +logstash::generic_resource: + catalina: + resource: file + order: 10 # Input + parameters: + path: '/var/log/coremedia/cm7-studio-tomcat.out' + type: delivery-tomcat + tags: + - 'studio' + - 'tomcat' + - "%{customer}" + webapp: + resource: file + order: 10 # Input + parameters: + path: '/var/log/coremedia/cm7-studio-tomcat/blueprint.log' + type: webapp + tags: + - 'preview' + - 'blueprint' + - "%{customer}" + codec: + type: multiline + what: previous + pattern: '^20%%{ich-trickse}{YEAR}-%%{ich-trickse}{MONTHNUM}-%%{ich-trickse}{MONTHDAY} %%{ich-trickse}{HOUR}:?%%{ich-trickse}{MINUTE}(?::?%%{ich-trickse}{SECOND})' diff --git a/customer/mhk/rls01-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/rls01-mhk-kueche-de.pixelpark.net.yaml new file mode 100644 index 00000000..4fbf63c2 --- /dev/null +++ b/customer/mhk/rls01-mhk-kueche-de.pixelpark.net.yaml @@ -0,0 +1,26 @@ +--- +site::role: base +site::additional_classes: + - site::profile::mysql_server + + +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAH/Mg90Udx83uiRJWrHqzFnI+E5zzKXEj2lFrRqMXjoaMjYqit+T+QgNmI5/RYac+lQUYb4Q6beSBI4XBRAFTNNeXGpYEJE0DaQWg8VHLOOxV4eFzsexioJwAfPF1Prz5r27x1QM+4xGIyJqe6pQUV0tataC//uHcbs3eu1R0cgXYYUhFwzMm19H2Qni7YKqP2JhcfzlConnlazQwdkQddL0DE7+l7+ACLyVGek8E5mtAx3QfiOTslfUmG5k5rttVpTigUggzOuYCs4UumNTmYe4U038IlcrNRSvH3tGP3ADSjfARlxL6+mrwqSFWRrcLDj+GyLecnyTHjFj8ajuS3zBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDnr9SJbjVg8b7kEveU53RlgCCO1Fce6lpykgTHVhm8ihsi0qUHxyz/v7MF8v73hN+nJg==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAIGfN7lvvnNDnQcMjXDjBs2CH0H6KHDRNqxWu/kv7/tHffIImJLPmNugGHQPqegV+cT0QpVxr6pEK440+n8ozk8xWk0YHj0jyiy923YKpQ7X1hVhS3ePBX+F3dHV60yWetlwM+wYsSzfrB0kUH76r+qUlpBGXtAoRhMbGSupS1twCqlbb64kEDBLpDrsnG/zUfdMOm5K6Wo7Pioo8oltC+SKEwkwi8rINTUOUldtVQfeGs7Yj19bpsV5uNVTEn4mfmMeTInRgEuwQeuufpsZxXAUPK//iR75QMkg8fz8ldNLS7YqPmAbYsDA7Ke0WrxyR2NS+NJANyrPynEUGWF9S7DBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDNs3WJ5O8EZ6COienYnnyRgCAYrk82iCquDZBSUOaar7PIDdfsPTvyYTT3Yyh+lZglLA==] +mysql::server::backup::backupdir: '/var/backup/mysql' +site::profile::mysql_server::databases: + cm7slave: + user: cm7slave + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAZY1jmoCKfIQRrJm/4Pqv4CSPTQUWR3JGewYQQxTdgc2CAoA/V3a+ThrVd4tsEkPiSdsNCSzN30jQP9Zftee6p1N/wFiULWHa+yB2mMkovgvKcBzwNVXt2qADT5cvOOxdmWqd3s7uPCB8iGCDDqZDope+9gr8v01r59vxHgq248v8+USfmOohTliWSAnqHmcUxzEstQT6pvbC3uvU7qtSnJ4+ymKJKcBPAZQFklpJz276bFpKelzZzPtmjEDhVjIXzx+U/nZajKPhw+IJLkEe7p9xfRhR86bzXpyQMGLB20sbt6bN0T/ZRYM9db9pgjetML5C+6m1B7CzHNL8G6MBQTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBApX862aL+TfkfaPjM/ejergCCFxlfydzdrojzTfj85EklN7/Nq01sDaW8NrXQw9a2HUQ==] + +mysql::server::override_options: + mysqld: + innodb_buffer_pool_size: 1G + innodb_buffer_pool_instances: 1 + thread_pool_size: 8 + innodb_log_buffer_size: 16M + query_cache_type: 0 + default-storage-engine: INNODB + innodb_file_per_table: 1 + table_open_cache: 512 + innodb_log_file_size: 256M + performance_schema: ON diff --git a/customer/mhk/rls02-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/rls02-mhk-kueche-de.pixelpark.net.yaml new file mode 100644 index 00000000..c6d3c62f --- /dev/null +++ b/customer/mhk/rls02-mhk-kueche-de.pixelpark.net.yaml @@ -0,0 +1,26 @@ +--- +site::role: base +site::additional_classes: + - site::profile::mysql_server + + +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAJXyyedHb8ELoHp5Rg9o9emJAzhP8aYWazKkbHPV+olRIRyUEDOT8/2b2pUUQaNNKtje1OYRga6VfFbDKdS5fzCQRYhK34wLW/m5yxNFOpbiau77Y5CcIDUy0mogtqJdkWYrjql22mLRke93P8atABjSm+v2+h9h8gPUsFstHAxkQd2Q7jRlRdhEolN6ARCHkaGldT+0/qTtbbm0nT/pVmTN3o/P2734JSmm919j1RxDm44RS9wwwPMMD6hMXTUKKxrOIE9ZKZ4uMX3rwiUCRm5i4i9/BxS+OS4RReREATYpL0C68pi/9/9kwzvh6nFba3uz2QxbDCo8Yj8hS8HmDJTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD0ZR9BxIjIDvDxYDuETuv8gCCishLbcP6Q0gcLsK+YiA9fbR2icCMFULGSsC+PzR23Gw==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAsyp8BD3X6fhQCBtshTfK3sldBr+oYEG0yT5XTXIvaERfKrHxPHuPbzQQMMXvJZXcPGyJeofMhqRPQX1bRcxroDQT97+XPpEOUpi0wjn122bep1LbwqJehD89iYoXQAxp1Atpxe8W4hQUzJBhbrbZ2RXRCEgxT/Ph/vCfRiUTyFxq/Xd9eZqOkiasFjfGEIkdJaShQiVEPi7cgU3WVOO8pCxgPSMaSVjDyX7FrugYlCSoyEv0GQUCCMVcBzMQ7Lmf5vUZcg0r1QJLvVal357FLYOZY3dapQJlrY5GIbPQPLB4P/S1QOxIP/vTcHsIjTg0k23paCD1x3NlVoqqW+IIVjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBACa+8WCNM4TlcGNgniWhsKgCAqa7XjziRxHS0mkZj/0Tisq0Xau+h9Cn4fBpWdQV0KNg==] +mysql::server::backup::backupdir: '/var/backup/mysql' +site::profile::mysql_server::databases: + cm7slave: + user: cm7slave + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAZY1jmoCKfIQRrJm/4Pqv4CSPTQUWR3JGewYQQxTdgc2CAoA/V3a+ThrVd4tsEkPiSdsNCSzN30jQP9Zftee6p1N/wFiULWHa+yB2mMkovgvKcBzwNVXt2qADT5cvOOxdmWqd3s7uPCB8iGCDDqZDope+9gr8v01r59vxHgq248v8+USfmOohTliWSAnqHmcUxzEstQT6pvbC3uvU7qtSnJ4+ymKJKcBPAZQFklpJz276bFpKelzZzPtmjEDhVjIXzx+U/nZajKPhw+IJLkEe7p9xfRhR86bzXpyQMGLB20sbt6bN0T/ZRYM9db9pgjetML5C+6m1B7CzHNL8G6MBQTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBApX862aL+TfkfaPjM/ejergCCFxlfydzdrojzTfj85EklN7/Nq01sDaW8NrXQw9a2HUQ==] + +mysql::server::override_options: + mysqld: + innodb_buffer_pool_size: 1G + innodb_buffer_pool_instances: 1 + thread_pool_size: 8 + innodb_log_buffer_size: 16M + query_cache_type: 0 + default-storage-engine: INNODB + innodb_file_per_table: 1 + table_open_cache: 512 + innodb_log_file_size: 256M + performance_schema: ON diff --git a/customer/mhk/stage-mdb01-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/stage-mdb01-mhk-kueche-de.pixelpark.net.yaml index 4c3c2b5e..442e59f0 100644 --- a/customer/mhk/stage-mdb01-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/stage-mdb01-mhk-kueche-de.pixelpark.net.yaml @@ -1,2 +1,16 @@ --- site::role: base +site::additional_classes: + - site::profile::mongodb_server + - mongodb::globals +#### Just Doin' no auth at the moment +mongodb::globals::manage_package_repo: true +mongodb::globals::version: 3.4.2-1.el7 +mongodb::globals::bind_ip: 0.0.0.0 +mongodb::globals::repo_location: 'https://repo.pixelpark.com/Linux/yum/mongodb/7/mongodb-org-3.4/' +mongodb::server::auth: false +mongodb::server::replset: "rsblueprint" +mongodb::server::replset_members: + - "stage-mdb01-mhk-kueche-de.pixelpark.net:27017" + - "stage-mdb02-mhk-kueche-de.pixelpark.net:27017" + - "stage-mdb03-mhk-kueche-de.pixelpark.net:27017" diff --git a/customer/mhk/stage-mdb02-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/stage-mdb02-mhk-kueche-de.pixelpark.net.yaml index 4c3c2b5e..442e59f0 100644 --- a/customer/mhk/stage-mdb02-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/stage-mdb02-mhk-kueche-de.pixelpark.net.yaml @@ -1,2 +1,16 @@ --- site::role: base +site::additional_classes: + - site::profile::mongodb_server + - mongodb::globals +#### Just Doin' no auth at the moment +mongodb::globals::manage_package_repo: true +mongodb::globals::version: 3.4.2-1.el7 +mongodb::globals::bind_ip: 0.0.0.0 +mongodb::globals::repo_location: 'https://repo.pixelpark.com/Linux/yum/mongodb/7/mongodb-org-3.4/' +mongodb::server::auth: false +mongodb::server::replset: "rsblueprint" +mongodb::server::replset_members: + - "stage-mdb01-mhk-kueche-de.pixelpark.net:27017" + - "stage-mdb02-mhk-kueche-de.pixelpark.net:27017" + - "stage-mdb03-mhk-kueche-de.pixelpark.net:27017" diff --git a/customer/mhk/stage-mdb03-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/stage-mdb03-mhk-kueche-de.pixelpark.net.yaml index 4c3c2b5e..442e59f0 100644 --- a/customer/mhk/stage-mdb03-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/stage-mdb03-mhk-kueche-de.pixelpark.net.yaml @@ -1,2 +1,16 @@ --- site::role: base +site::additional_classes: + - site::profile::mongodb_server + - mongodb::globals +#### Just Doin' no auth at the moment +mongodb::globals::manage_package_repo: true +mongodb::globals::version: 3.4.2-1.el7 +mongodb::globals::bind_ip: 0.0.0.0 +mongodb::globals::repo_location: 'https://repo.pixelpark.com/Linux/yum/mongodb/7/mongodb-org-3.4/' +mongodb::server::auth: false +mongodb::server::replset: "rsblueprint" +mongodb::server::replset_members: + - "stage-mdb01-mhk-kueche-de.pixelpark.net:27017" + - "stage-mdb02-mhk-kueche-de.pixelpark.net:27017" + - "stage-mdb03-mhk-kueche-de.pixelpark.net:27017" diff --git a/customer/mhk/stage-mls-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/stage-mls-mhk-kueche-de.pixelpark.net.yaml index 4c3c2b5e..59693c44 100644 --- a/customer/mhk/stage-mls-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/stage-mls-mhk-kueche-de.pixelpark.net.yaml @@ -1,2 +1,32 @@ --- site::role: base +site::additional_classes: + - site::profile::mysql_server + + +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEARP3VWpIcdEK3+fgiiIKhCHewHdJivRdr4hwpkJL3qt6IU6kUUEj78STfI76WSBUhM0Nsg8qpjZQ3sP8OCVido8hvStpG3nLiGbz+kE6cuheeokIsymVuOhZVX+HUcLlP4PfZGFy68BYCnZho1tcM1shsav9G3f61ARuTSWfYCgKOeTHBfR/r4LtV1OPHfE9WNX/lXFky0j4Et2rvoZ4uXz8zp4q5UDQnJJmTAlVQkOP52Z2ImTTj+YfReLH9M1cai57vsZV9WV4lVO2A9Ir6sxMvGYwyug6SVk7XFeIZek4lmGDA9XrHs9N+pI/L6ptIGcYfNcEugXbIKuf4pdsqYzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBfcAqmV6JpnRENU9E/y4stgCCdIXt1IBnjqJNF4gc3lW6/RYLH6YrX8JXfAg4QhbZS6g==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEANTWTUAu9QD/FnaXWv+LcbobHS6umG/FGUJq0q86IX5uF5bHngP0NK88LgX7lRkUcmiovB9CdZuOlLjzSHsNzkqCLuuSyLB56qax5aqzKRQA8VlLz42cSmaAYF5Mayj/40OIm6hOXhwDPu68zV3HfWJMR+LbIsuijzp9l9z2UENKRsvPvFTZUNyqpwbRm7alcZIWga17JMrWq5pJIkZPFv4daJqU6tzvStA/1z6z4IBEqgTl8cU7tMs1+sszNErvw8S2763QxMuG1G30P/ftjvYvyHGlnMZR3cuzJ9aXYvT+laGzIEQJL8s/kyU+kG6d4sSwn8ntzm3B/2I1xoDDemTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBb33l0dbn+s4KBJc5pmX+wgCAK9Y1fgI2nFSw5/Xvfd7gZ/DLRDTBvwjPawnXfd4KdJg==] +mysql::server::backup::backupdir: '/var/backup/mysql' +site::profile::mysql_server::databases: + cm7master: + user: cm7master + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAbc0XJG+iHERNmOE6HkdPmFKxxxDYl9u5i9TZb+WK5VmyBGR4nitN0CiaH4tzaKqmmkvt6BbjIk2AtbHh0njCsgEwNPlVtCwiKCSmhxhW0FVcNVQLZcdEfK5Ku5gHfHXHeOMlX/zG9qrSvytJUIWSxZ4U3o/8P0rekW53IkwQ3W8oH/34RVqIoksz5awhVF/wHK/zNpO9gLr3tJowE8A5qMm92ZiidcDjgib+4+nEmglVJ9RxJHyRAkBU8tcxMXOGyJZC5DY7tPCHdRT8apFEa2ELtvRQpgO6ECpC5MZs84JHihMgjvv7O3BBrrGleryBxlntUPabZvKYUyYNf5LbsjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAVn7P3FaU0vWXnKHHFmHcfgCAHY8UTYdtAlzg1BZ3BE7EC5khjtc7Zgf87Go4QZVSzcg==] + cm7slave: + user: cm7slave + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAwThJ8H3CW7Dtug4ihUZQARxhWVQPSfeE/Cx/7xMaWkmt0lm8HhZSJGV5+3UvmNu+2DbMQ9pgGbvOmI7BZ7l3ohKFB3ltPNr9FjKdrK8dlF9J06HDNxXSYMPyWtDZrUp+1zIryjGKrEb9QRF6KVVebMZ6FAfLe9C/OJ5FzDzp1lqbaZXeskEIbKiMqeqOSTAOOASjf4iglHBHGMKndnNFRc5+q7AfUTW0+/drkwYQ8ytp5XjTlDuKIiP3Zs4BezMQ+TQZzEqc8qI/kQKqL6+VquzlV0W0PVZG2jtke84fkbRrnonWPxYJP1aWk759hq2uOmOsueps/cdUU1ljuep5ejBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDwJj9SnV7xWExSU1VC4HK5gCCinsCWhNI7+c1LIeDrqzPT+tHkSmR0/DyGfyIhsjPifw==] + cm7caefeeder: + user: cm7caefeeder + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAsgd5PpVBIG4Vu2yLlcH9JS7gVTkcDG7zdbNuCfoSlho9S9dV7mdKXoMT9x0D/n/07vGV5nTttTVNwLs843z9OMDub5nO242IywG8m+M6d3TQured2r7lweu+a+jAszxGtZca+qL2wpVTGWNtKhpl2gq8UyROH9IF78W8elaUAulyQHnWd55NRCZGCC37uPbrQNmpMYArgcxk88OyiBIwWDfENFuHgLmqLW/jHHbdk98nDSThBfB6tikru9sp8l0cL3MvKCUGJqdvkhypMsncFmQXuVQiXSjXfy0+Sdzq1+zpDZR5G2XtWB+71238WwSQr+mv49y4GgbkNI34W8VAkzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBLZUhH/nK85QntpV+JOSl1gCDCJj+oudDqAKL4xtwTeam32CU9NvZeomjqqK94PVIXJQ==] + +mysql::server::override_options: + mysqld: + innodb_buffer_pool_size: 1G + innodb_buffer_pool_instances: 1 + thread_pool_size: 8 + innodb_log_buffer_size: 16M + query_cache_type: 0 + default-storage-engine: INNODB + innodb_file_per_table: 1 + table_open_cache: 512 + innodb_log_file_size: 256M + performance_schema: ON diff --git a/customer/mhk/stage-red-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/stage-red-mhk-kueche-de.pixelpark.net.yaml index 4c3c2b5e..099906e6 100644 --- a/customer/mhk/stage-red-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/stage-red-mhk-kueche-de.pixelpark.net.yaml @@ -1,2 +1,148 @@ --- site::role: base +site::additional_classes: + - site::profile::mysql_server + - site::profile::apache + - apache::mod::proxy_ajp + - site::profile::mongodb_server + - mongodb::globals + +mysql::server::root_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAPvRUxF6+6iEFM+OWQgHsioCG+vTdm3vWsj4PSnpn6FdlgZCazMIv8uVpWUy0m9B4dE87hNUDANcbkVNDmfWHKVkhqbLGfewbQvx20pkUeyMi27GgpQbLAeIFKpeCn3+E5/X2caJFV/inR5PgkieTtbSkxPFklCP5AnVxFlisidHVl+22pTAqZAIdNgw9qCnOFTyGcT1X0eOBDho24gMxm8bkT1INxvNMCHisQch98OxE2SqdnY3KrWKmSYgKeoCgxaQ/U+0SDF0h7+6y1RGU0r26bWXLpdOlQbOE/fHlW5Z6SPVUkyXAj6+KM4akosUjN8Zwwnp8MG9/GslGbKn4lTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAYY//abLHvPVmXVG7WsjHngCCNVoimvVhTjlXYiUYmoOW5SR1htjGBiWRd+Y2389uMNw==] +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAsK2YOMdeflOYo1k3aMNpM/zTkDbVRBU94y9++RpI5MDPFotP5YAYYsdnffzjX4aC7Fhf1v3xyWcn/0IiszpivFwSJu//kbpJRHwarL67BQpQkNOAR6uPQEAuTK5g90RsoHzBvmOH85zpFZucHJ2zwKC7BpAMsNFsxr+N/GmgQZOrEVuk4QuSt2Bk6Axgp8MzXnVGb85DaEGw/mFy72qv3TIJc7hZt6ODk4MWTsK5BjW94grRkv9u+ZIXBFmO3HbovRfowfLIAcNwMnTfdjeGuNWOmduN2vz3u/Fr97TjjAFnbsUGQk+ssGBreG9xmpvvUyQ5A+kE7ZS6g33s4bcwTTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD5bm5J970Khw1HaV8jue4YgCD0uombMjNMdtbRhZZeLew/jCMBPfRPvgLqbtDfHU2t0A==] +mysql::server::backup::backupdir: '/var/backup/mysql' +site::profile::mysql_server::databases: + cm7management: + user: cm7management + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEABuB4690bbeVP5n4Hbf7M23RdgIE7ef0MMv/GzpFbCfGsKRf6tClkB6nrtmmHaybtfUQipZoAmqkmsGMNBDLVqFMO8kt37n5EMEbJWcfFsdtnK+dt/en3pyfeRzXOQ4t65Q1fqg4j99M7j2d/gw/6eG/LL5IJzoPrrm5ElAWg+iGmNZTxDf7VyYUwhCcbqr7/fHknGebr9mwIlBCoG9QkdcPN0m3P4f97ULGH7HVFTUz8G+DYW/2/FL+LwfEXfY6qJmvT3593EkRfSmX9FsbkK1LlNOTb/6h78zObUCAq2sfmm//NmcezcrHLTgWg6KEA7jKWKrRtBB56IXbVutItaDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAMyFjd2WvYJJwSnfjKRcrcgCCTOkkE3E13Z4WEOZHxo+Z6UvJfTGKgDdM11Cf+/Gg4VA==] + cm7mcaefeeder: + user: cm7mcaefeeder + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAlRseUij6PR/j/oma/6dcUt6p5wViCrGbo4V/qcT6vuhjYKGhm1VZz6A6RbT/9yvd43NheNoIuiBSk3p/wOP1pDFWmAUSVhdiSYsswKxwUK/69cWUN1LwlBLa3F+k5wGd8gqQKBz/BCYDMDI17S/ilPtpgr3Q/XdEP1a1gufyj/l0H8eThAHU1PwSGgW0bkz4hSvk1v8GykSAX5T/PWP1NtH+BrWsjRYsmwDgF8OJbmOAIOBb5KoNAaclfgLNCr4xGCI3q7IN7DgTuXxMnx5mBQHuf2IcLPQ5gBSZ9s0Ogw+nC4UVprQVDDKK/qqF2lP5OoULyM3iqXJUrXYH22Pq7zBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCA5wnye1D2JTHjeEVZoenzgCBmDIhod2wrjBs9/DhkVlrUpb2xTagpQEn1+0geAUssTg==] + + +mysql::server::override_options: + mysqld: + innodb_buffer_pool_size: 1G + innodb_buffer_pool_instances: 1 + thread_pool_size: 8 + innodb_log_buffer_size: 16M + query_cache_type: 0 + default-storage-engine: INNODB + innodb_file_per_table: 1 + table_open_cache: 512 + innodb_log_file_size: 256M + performance_schema: ON + + +#### Just Doin' no auth at the moment +mongodb::globals::manage_package_repo: true +mongodb::globals::version: 3.0.6-1.el7 +mongodb::globals::bind_ip: 0.0.0.0 +mongodb::globals::repo_location: 'https://repo.pixelpark.com/Linux/yum/mongodb/7/RPMS/' +mongodb::server::auth: false +apache::default_vhost: false + +apache::mod::deflate::types: + - 'text/css' + - 'application/x-javascript application/javascript application/ecmascript' + - 'application/rss+xml' + - 'image/svg+xml' # new + +site::profile::apache::pp_vhosts: + red: + docroot: '/var/www' + servername: stage-red-mhk-kueche-de.pixelpark.net + ssl: true + ip: 77.74.235.36 + add_listen: true + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + rewrites_non_ssl: + - https: + comment: 'all to https' + rewrite_rule: + - '^(.*)$ https://stage-red-mhk-kueche-de.pixelpark.net$1 [L,R=301]' + proxy_preserve_host: true + proxy_pass: + - { path: /editor-webstart, url: 'ajp://localhost:40009/editor-webstart' } + studio-red: + docroot: '/var/www' + servername: stage-studio-red-mhk-kueche-de.pixelpark.net + ssl: true + ip: 77.74.235.36 + add_listen: false + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + rewrites_non_ssl: + - https: + comment: 'all to https' + rewrite_rule: + - '^(.*)$ https://stage-studio-red-mhk-kueche-de.pixelpark.net$1 [L,R=301]' + proxy_preserve_host: true + proxy_pass: + - { path: /studio, url: 'ajp://localhost:40009/studio' } + - { path: /blueprint, url: 'ajp://localhost:40009/blueprint' } + rewrites: + - studio: + comment: "redir slash to studio" + rewrite_rule: + - '^(/)?$ https://stage-studio-red-mhk-kueche-de.pixelpark.net/studio/ [R=301,L]' + preview-red: + docroot: '/var/www' + servername: stage-preview-red-mhk-kueche-de.pixelpark.net + ssl: true + ip: 77.74.235.44 + add_listen: true + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + rewrites_non_ssl: + - https: + comment: 'all to https' + rewrite_rule: + - '^(.*)$ https://stage-preview-red-mhk-kueche-de.pixelpark.net$1 [L,R=301]' + rewrites: + - index: + comment: 'Coremedia Rewrites' + rewrite_rule: + - '^/login/(.*) /blueprint/servlet/login/$1 [PT,L]' + - '^/action/(.*) /blueprint/servlet/action/$1 [PT,L]' + - '^/([0-9]+)/(.*) /blueprint/servlet/action/de-DE/$1/action/$2 [PT,L]' + - '^/blob/(.*) /blueprint/servlet/blob/$1 [PT,L]' + - '^/resources/(.*) /blueprint/servlet/resources/$1 [PT,L]' + - '^/image/(.*) /blueprint/servlet/image/$1 [PT,L]' + - '^/page/(.*) /blueprint/servlet/page/$1 [PT,L]' + - '^/service/(.*) /blueprint/servlet/service/$1 [PT,L]' + - '^/webflow/(.*) /blueprint/servlet/webflow/$1 [PT,L]' + - '^/signin/(.*) /blueprint/servlet/signin/$1 [PT,L]' + - '^/userdetails/(.*) /blueprint/servlet/userdetails/$1 [PT,L]' + - '^/elastic/social/(.*) /blueprint/servlet/elastic/social/$1 [PT,L]' + - '^/elastic/image(.*) /blueprint/servlet/elastic/image$1 [PT,L]' + - '^/connect/(.*) /blueprint/servlet/connect/$1 [PT,L]' + - '^/de-DE(/)?$ / [R,L]' + - '^/blueprint/de-DE$ /blueprint/servlet/page/de-DE [PT,L]' + - '^/blueprint/servlet/sitemap-generation$ - [F,PT,L]' + - '^/sitemap_index.xml /opt/coremedia/www/sitemap-org/Sites/Reframed/sitemap_index.xml [L]' + - '^/sitemap(.*).xml.gz /opt/coremedia/www/sitemap-org/Sites/Reframed/sitemap$1.xml.gz [L]' + - '^/robots.txt /blueprint/servlet/robots/de-DE [PT,L]' + - '^/blueprint/(.*) /blueprint/$1 [PT,L]' + - '^/$ /blueprint/servlet/page/de-DE [PT,L]' + - '^/(.*) /blueprint/servlet/page/de-DE/$1 [PT,L]' + + + proxy_preserve_host: true + proxy_pass: + - { path: /blueprint, url: 'ajp://localhost:40009/blueprint' } + media-preview-red: + docroot: '/var/www' + servername: stage-preview-media-red-mhk-kueche-de.pixelpark.net + ssl: true + ip: 77.74.235.36 + add_listen: false + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + proxy_preserve_host: true + proxy_pass: + - { path: /blueprint, url: 'ajp://localhost:40009/blueprint' } diff --git a/customer/mhk/stage-www01-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/stage-www01-mhk-kueche-de.pixelpark.net.yaml index 4c3c2b5e..c476f92c 100644 --- a/customer/mhk/stage-www01-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/stage-www01-mhk-kueche-de.pixelpark.net.yaml @@ -1,2 +1,81 @@ --- site::role: base +site::additional_classes: + - site::profile::apache + - apache::mod::proxy_ajp + - apache::mod::headers + +site::profile::apache::pp_vhosts: + www: + docroot: '/var/www/mhk' + servername: stage-www-kueche-de.pixelpark.net + serveraliases: + - stage-www01-mhk-kueche-de.pixelpark.net + ssl: false + rewrites: + - to_ssl: + comment: 'all to https' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^stage-www-kueche-de.pixelpark.net$ [NC]' + - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]' + rewrite_rule: + - '^(.*)$ https://%%{ich-trickse}{SERVER_NAME}$1 [R=301,L]' + - index: + comment: 'Coremedia Rewrites' + rewrite_rule: + - '^/login/(.*) /blueprint/servlet/login/$1 [PT,L]' + - '^/action/(.*) /blueprint/servlet/action/$1 [PT,L]' + - '^/([0-9]+)/(.*) /blueprint/servlet/action/de-DE/$1/action/$2 [PT,L]' + - '^/blob/(.*) /blueprint/servlet/blob/$1 [PT,L]' + - '^/resources/(.*) /blueprint/servlet/resources/$1 [PT,L]' + - '^/image/(.*) /blueprint/servlet/image/$1 [PT,L]' + - '^/page/(.*) /blueprint/servlet/page/$1 [PT,L]' + - '^/service/(.*) /blueprint/servlet/service/$1 [PT,L]' + - '^/webflow/(.*) /blueprint/servlet/webflow/$1 [PT,L]' + - '^/signin/(.*) /blueprint/servlet/signin/$1 [PT,L]' + - '^/userdetails/(.*) /blueprint/servlet/userdetails/$1 [PT,L]' + - '^/elastic/social/(.*) /blueprint/servlet/elastic/social/$1 [PT,L]' + - '^/elastic/image(.*) /blueprint/servlet/elastic/image$1 [PT,L]' + - '^/connect/(.*) /blueprint/servlet/connect/$1 [PT,L]' + - '^/mhk/(.*) /blueprint/servlet/mhk/$1 [PT,L]' + - '^/de-DE(/)?$ / [R,L]' + - '^/blueprint/de-DE$ /blueprint/servlet/page/de-DE [PT,L]' + - '^/blueprint/servlet/sitemap-generation$ - [F,PT,L]' + - '^/sitemap_index.xml /var/www/mhk/sitemap/Sites/MHK/sitemap_index.xml [L]' + - '^/sitemap(.*).xml.gz /var/www/mhk/sitemap/Sites/MHK/sitemap$1.xml.gz [L]' + - '^/server-status - [L]' + - '^/robots.txt /blueprint/servlet/robots/de-DE [PT,L]' + - '^/blueprint/(.*) /blueprint/$1 [PT,L]' + - '^/de-DE/(.*)$ //blueprint/servlet/page/de-DE/$1 [PT,L]' + - '^/$ /blueprint/servlet/page/de-DE [PT,L]' + - '^/errors/(.*)$ /var/www/mhk/errors/$1 [L]' + - '^/assets/(.*)$ /var/www/mhk/errors/assets/$1 [L]' + - '^/(.*) /blueprint/servlet/page/de-DE/$1 [PT,L]' + proxy_preserve_host: true + proxy_pass: + - path: '/blueprint' + url: 'ajp://localhost:49009/blueprint' + reverse_cookies: + - path: '/blueprint' + url: '/' + setenvif: + - 'HTTPS on HTTPS=on' + access_log_format: lb_combined + error_documents: + - { error_code: 500 , document: "/errors/500.html" } + - { error_code: 501 , document: "/errors/500.html" } + - { error_code: 502 , document: "/errors/500.html" } + - { error_code: 503 , document: "/errors/500.html" } + - { error_code: 504 , document: "/errors/500.html" } + - { error_code: 505 , document: "/errors/500.html" } + - { error_code: 506 , document: "/errors/500.html" } + - { error_code: 507 , document: "/errors/500.html" } + - { error_code: 508 , document: "/errors/500.html" } + - { error_code: 510 , document: "/errors/500.html" } + - { error_code: 511 , document: "/errors/500.html" } + aliases: + - { alias: /errors/ , path: /var/www/mhk/errors/ } + headers: + - 'set X-Frame-Options: sameorigin' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Content-Type-Options: nosniff' diff --git a/customer/mhk/stage-www02-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/stage-www02-mhk-kueche-de.pixelpark.net.yaml index 4c3c2b5e..427c9693 100644 --- a/customer/mhk/stage-www02-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/stage-www02-mhk-kueche-de.pixelpark.net.yaml @@ -1,2 +1,81 @@ --- site::role: base +site::additional_classes: + - site::profile::apache + - apache::mod::proxy_ajp + - apache::mod::headers + +site::profile::apache::pp_vhosts: + www: + docroot: '/var/www/mhk' + servername: stage-www-kueche-de.pixelpark.net + serveraliases: + - stage-www02-mhk-kueche-de.pixelpark.net + ssl: false + rewrites: + - to_ssl: + comment: 'all to https' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^stage-www-kueche-de.pixelpark.net$ [NC]' + - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]' + rewrite_rule: + - '^(.*)$ https://%%{ich-trickse}{SERVER_NAME}$1 [R=301,L]' + - index: + comment: 'Coremedia Rewrites' + rewrite_rule: + - '^/login/(.*) /blueprint/servlet/login/$1 [PT,L]' + - '^/action/(.*) /blueprint/servlet/action/$1 [PT,L]' + - '^/([0-9]+)/(.*) /blueprint/servlet/action/de-DE/$1/action/$2 [PT,L]' + - '^/blob/(.*) /blueprint/servlet/blob/$1 [PT,L]' + - '^/resources/(.*) /blueprint/servlet/resources/$1 [PT,L]' + - '^/image/(.*) /blueprint/servlet/image/$1 [PT,L]' + - '^/page/(.*) /blueprint/servlet/page/$1 [PT,L]' + - '^/service/(.*) /blueprint/servlet/service/$1 [PT,L]' + - '^/webflow/(.*) /blueprint/servlet/webflow/$1 [PT,L]' + - '^/signin/(.*) /blueprint/servlet/signin/$1 [PT,L]' + - '^/userdetails/(.*) /blueprint/servlet/userdetails/$1 [PT,L]' + - '^/elastic/social/(.*) /blueprint/servlet/elastic/social/$1 [PT,L]' + - '^/elastic/image(.*) /blueprint/servlet/elastic/image$1 [PT,L]' + - '^/connect/(.*) /blueprint/servlet/connect/$1 [PT,L]' + - '^/mhk/(.*) /blueprint/servlet/mhk/$1 [PT,L]' + - '^/de-DE(/)?$ / [R,L]' + - '^/blueprint/de-DE$ /blueprint/servlet/page/de-DE [PT,L]' + - '^/blueprint/servlet/sitemap-generation$ - [F,PT,L]' + - '^/sitemap_index.xml /var/www/mhk/sitemap/Sites/MHK/sitemap_index.xml [L]' + - '^/sitemap(.*).xml.gz /var/www/mhk/sitemap/Sites/MHK/sitemap$1.xml.gz [L]' + - '^/server-status - [L]' + - '^/robots.txt /blueprint/servlet/robots/de-DE [PT,L]' + - '^/blueprint/(.*) /blueprint/$1 [PT,L]' + - '^/de-DE/(.*)$ //blueprint/servlet/page/de-DE/$1 [PT,L]' + - '^/$ /blueprint/servlet/page/de-DE [PT,L]' + - '^/errors/(.*)$ /var/www/mhk/errors/$1 [L]' + - '^/assets/(.*)$ /var/www/mhk/errors/assets/$1 [L]' + - '^/(.*) /blueprint/servlet/page/de-DE/$1 [PT,L]' + proxy_preserve_host: true + proxy_pass: + - path: '/blueprint' + url: 'ajp://localhost:49009/blueprint' + reverse_cookies: + - path: '/blueprint' + url: '/' + setenvif: + - 'HTTPS on HTTPS=on' + access_log_format: lb_combined + error_documents: + - { error_code: 500 , document: "/errors/500.html" } + - { error_code: 501 , document: "/errors/500.html" } + - { error_code: 502 , document: "/errors/500.html" } + - { error_code: 503 , document: "/errors/500.html" } + - { error_code: 504 , document: "/errors/500.html" } + - { error_code: 505 , document: "/errors/500.html" } + - { error_code: 506 , document: "/errors/500.html" } + - { error_code: 507 , document: "/errors/500.html" } + - { error_code: 508 , document: "/errors/500.html" } + - { error_code: 510 , document: "/errors/500.html" } + - { error_code: 511 , document: "/errors/500.html" } + aliases: + - { alias: /errors/ , path: /var/www/mhk/errors/ } + headers: + - 'set X-Frame-Options: sameorigin' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Content-Type-Options: nosniff' diff --git a/customer/mhk/stage-www03-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/stage-www03-mhk-kueche-de.pixelpark.net.yaml index 4c3c2b5e..a47829e8 100644 --- a/customer/mhk/stage-www03-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/stage-www03-mhk-kueche-de.pixelpark.net.yaml @@ -1,2 +1,81 @@ --- site::role: base +site::additional_classes: + - site::profile::apache + - apache::mod::proxy_ajp + - apache::mod::headers + +site::profile::apache::pp_vhosts: + www: + docroot: '/var/www/mhk' + servername: stage-www-kueche-de.pixelpark.net + serveraliases: + - stage-www03-mhk-kueche-de.pixelpark.net + ssl: false + rewrites: + - to_ssl: + comment: 'all to https' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^stage-www-kueche-de.pixelpark.net$ [NC]' + - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]' + rewrite_rule: + - '^(.*)$ https://%%{ich-trickse}{SERVER_NAME}$1 [R=301,L]' + - index: + comment: 'Coremedia Rewrites' + rewrite_rule: + - '^/login/(.*) /blueprint/servlet/login/$1 [PT,L]' + - '^/action/(.*) /blueprint/servlet/action/$1 [PT,L]' + - '^/([0-9]+)/(.*) /blueprint/servlet/action/de-DE/$1/action/$2 [PT,L]' + - '^/blob/(.*) /blueprint/servlet/blob/$1 [PT,L]' + - '^/resources/(.*) /blueprint/servlet/resources/$1 [PT,L]' + - '^/image/(.*) /blueprint/servlet/image/$1 [PT,L]' + - '^/page/(.*) /blueprint/servlet/page/$1 [PT,L]' + - '^/service/(.*) /blueprint/servlet/service/$1 [PT,L]' + - '^/webflow/(.*) /blueprint/servlet/webflow/$1 [PT,L]' + - '^/signin/(.*) /blueprint/servlet/signin/$1 [PT,L]' + - '^/userdetails/(.*) /blueprint/servlet/userdetails/$1 [PT,L]' + - '^/elastic/social/(.*) /blueprint/servlet/elastic/social/$1 [PT,L]' + - '^/elastic/image(.*) /blueprint/servlet/elastic/image$1 [PT,L]' + - '^/connect/(.*) /blueprint/servlet/connect/$1 [PT,L]' + - '^/mhk/(.*) /blueprint/servlet/mhk/$1 [PT,L]' + - '^/de-DE(/)?$ / [R,L]' + - '^/blueprint/de-DE$ /blueprint/servlet/page/de-DE [PT,L]' + - '^/blueprint/servlet/sitemap-generation$ - [F,PT,L]' + - '^/sitemap_index.xml /var/www/mhk/sitemap/Sites/MHK/sitemap_index.xml [L]' + - '^/sitemap(.*).xml.gz /var/www/mhk/sitemap/Sites/MHK/sitemap$1.xml.gz [L]' + - '^/server-status - [L]' + - '^/robots.txt /blueprint/servlet/robots/de-DE [PT,L]' + - '^/blueprint/(.*) /blueprint/$1 [PT,L]' + - '^/de-DE/(.*)$ //blueprint/servlet/page/de-DE/$1 [PT,L]' + - '^/$ /blueprint/servlet/page/de-DE [PT,L]' + - '^/errors/(.*)$ /var/www/mhk/errors/$1 [L]' + - '^/assets/(.*)$ /var/www/mhk/errors/assets/$1 [L]' + - '^/(.*) /blueprint/servlet/page/de-DE/$1 [PT,L]' + proxy_preserve_host: true + proxy_pass: + - path: '/blueprint' + url: 'ajp://localhost:49009/blueprint' + reverse_cookies: + - path: '/blueprint' + url: '/' + setenvif: + - 'HTTPS on HTTPS=on' + access_log_format: lb_combined + error_documents: + - { error_code: 500 , document: "/errors/500.html" } + - { error_code: 501 , document: "/errors/500.html" } + - { error_code: 502 , document: "/errors/500.html" } + - { error_code: 503 , document: "/errors/500.html" } + - { error_code: 504 , document: "/errors/500.html" } + - { error_code: 505 , document: "/errors/500.html" } + - { error_code: 506 , document: "/errors/500.html" } + - { error_code: 507 , document: "/errors/500.html" } + - { error_code: 508 , document: "/errors/500.html" } + - { error_code: 510 , document: "/errors/500.html" } + - { error_code: 511 , document: "/errors/500.html" } + aliases: + - { alias: /errors/ , path: /var/www/mhk/errors/ } + headers: + - 'set X-Frame-Options: sameorigin' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Content-Type-Options: nosniff' diff --git a/customer/mhk/www01-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/www01-mhk-kueche-de.pixelpark.net.yaml index 4c3c2b5e..1e9b8c71 100644 --- a/customer/mhk/www01-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/www01-mhk-kueche-de.pixelpark.net.yaml @@ -1,2 +1,139 @@ --- site::role: base +site::additional_classes: + - site::profile::apache + - apache::mod::proxy_ajp + - apache::mod::headers + - apache::mod::remoteip + +site::profile::apache::htdigest: + mhk-delivery: + delivery: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAFIp9rovuVT8KovQAFKS95zitRKpL1tZzGAEKCSRjnp5n5c1ZboY/9exlKzIgx+U9ZRbv0K+XsdCJK+m140b7Ku/EW9S+tfe3Y60YJER2p1yvlreSPH1sXE+tP8PR+C9dGpAUqMJ/f7cDyLVgHRaloWed2UqTgCwZbDQWa+csU3PFddvIwtt82/1u3+a6jqU8o7mLco5Wc+bsjZipKtTulJbNtzwdyGdukpeCSNf6FFUEzbrjhDKG3uS48pMzwPonY+GAA3SCL8Ig/qAJKhbvN6gzvZb3UY7TbSEgguBG/93TKW60W2C5jWYBIZQbttCqpKXvMq3TmKWozGhGZfBXyDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAw81Iz36qd+UJYWPLSa/itgCDU/H6EiJvNLDaOVo9VNWPHoQXBlq0HvXYcLcJ7gZogog==] + +apache::mod::remoteip::proxy_ips: + - '77.74.235.124' + - '77.74.235.125' + +site::profile::apache::pp_vhosts: + baustellenseite: + docroot: '/var/www/mhk/kueche.de' + servername: kueche.de + serveraliases: + - www.kueche.de + ssl: false + setenvif: + - 'HTTPS on HTTPS=on' + access_log_format: remote_combined + rewrites: + - nonwww: + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} !^kueche.de$ [NC]' + rewrite_rule: + - '^(.*)$ http://kueche.de [R=301,L]' + www: + docroot: '/var/www/mhk' + servername: www-kueche-de.pixelpark.net + serveraliases: + - www01-mhk-kueche-de.pixelpark.net + ssl: false + directories: + # - location1: + # provider: location + # path: '/' + # auth_type: Digest + # auth_name: mhk-delivery + # auth_digest_provider: file + # auth_digest_algorithm: MD5 + # auth_user_file: '/etc/httpd/htdigest' + # auth_require: 'valid-user' + - location1: + provider: location + path: '/' + auth_type: Basic + auth_name: mhk-delivery + auth_basic_provider: file + auth_user_file: '/var/lib/httpd/htpasswd' + auth_require: 'valid-user' + rewrites: + - to_ssl: + comment: 'all to https' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^www-kueche-de.pixelpark.net$ [NC]' + - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]' + rewrite_rule: + - '^(.*)$ https://%%{ich-trickse}{SERVER_NAME}$1 [R=301,L]' + - index: + comment: 'Coremedia Rewrites' + rewrite_rule: + - '^/login/(.*) /blueprint/servlet/login/$1 [PT,L]' + - '^/action/(.*) /blueprint/servlet/action/$1 [PT,L]' + - '^/([0-9]+)/(.*) /blueprint/servlet/action/de-DE/$1/action/$2 [PT,L]' + - '^/blob/(.*) /blueprint/servlet/blob/$1 [PT,L]' + - '^/resources/(.*) /blueprint/servlet/resources/$1 [PT,L]' + - '^/image/(.*) /blueprint/servlet/image/$1 [PT,L]' + - '^/page/(.*) /blueprint/servlet/page/$1 [PT,L]' + - '^/service/(.*) /blueprint/servlet/service/$1 [PT,L]' + - '^/webflow/(.*) /blueprint/servlet/webflow/$1 [PT,L]' + - '^/signin/(.*) /blueprint/servlet/signin/$1 [PT,L]' + - '^/userdetails/(.*) /blueprint/servlet/userdetails/$1 [PT,L]' + - '^/elastic/social/(.*) /blueprint/servlet/elastic/social/$1 [PT,L]' + - '^/elastic/image(.*) /blueprint/servlet/elastic/image$1 [PT,L]' + - '^/connect/(.*) /blueprint/servlet/connect/$1 [PT,L]' + - '^/mhk/(.*) /blueprint/servlet/mhk/$1 [PT,L]' + - '^/de-DE(/)?$ / [R,L]' + - '^/blueprint/de-DE$ /blueprint/servlet/page/de-DE [PT,L]' + - '^/blueprint/servlet/sitemap-generation$ - [F,PT,L]' + - '^/sitemap_index.xml /var/www/mhk/sitemap/Sites/MHK/sitemap_index.xml [L]' + - '^/sitemap(.*).xml.gz /var/www/mhk/sitemap/Sites/MHK/sitemap$1.xml.gz [L]' + - '^/server-status - [L]' + - '^/robots.txt /blueprint/servlet/robots/de-DE [PT,L]' + - '^/blueprint/(.*) /blueprint/$1 [PT,L]' + - '^/de-DE/(.*)$ //blueprint/servlet/page/de-DE/$1 [PT,L]' + - '^/$ /blueprint/servlet/page/de-DE [PT,L]' + - '^/errors/(.*)$ /var/www/mhk/errors/$1 [L]' + - '^/assets/(.*)$ /var/www/mhk/errors/assets/$1 [L]' + - '^/(.*) /blueprint/servlet/page/de-DE/$1 [PT,L]' + proxy_preserve_host: true + proxy_pass: + - path: '/blueprint' + url: 'ajp://localhost:49009/blueprint' + reverse_cookies: + - path: '/blueprint' + url: '/' + setenvif: + - 'HTTPS on HTTPS=on' + error_documents: + - { error_code: 500 , document: "/errors/500.html" } + - { error_code: 501 , document: "/errors/500.html" } + - { error_code: 502 , document: "/errors/500.html" } + - { error_code: 503 , document: "/errors/500.html" } + - { error_code: 504 , document: "/errors/500.html" } + - { error_code: 505 , document: "/errors/500.html" } + - { error_code: 506 , document: "/errors/500.html" } + - { error_code: 507 , document: "/errors/500.html" } + - { error_code: 508 , document: "/errors/500.html" } + - { error_code: 510 , document: "/errors/500.html" } + - { error_code: 511 , document: "/errors/500.html" } + aliases: + - { alias: /errors/ , path: /var/www/mhk/errors/ } + headers: + - 'set X-Frame-Options: sameorigin' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Content-Type-Options: nosniff' + access_log_format: remote_combined + +logstash::generic_resource: + webapp: + resource: file + order: 10 # Input + parameters: + path: '/var/log/coremedia/cm7-delivery-tomcat/blueprint.log' + type: webapp + tags: + - 'blueprint' + - "%{customer}" + codec: + type: multiline + what: previous + pattern: "^%%{ich-trickse}{TIMESTAMP_ISO8601}" + negate: true diff --git a/customer/mhk/www02-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/www02-mhk-kueche-de.pixelpark.net.yaml index 4c3c2b5e..79330432 100644 --- a/customer/mhk/www02-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/www02-mhk-kueche-de.pixelpark.net.yaml @@ -1,2 +1,130 @@ --- site::role: base +site::additional_classes: + - site::profile::apache + - apache::mod::proxy_ajp + - apache::mod::headers + - apache::mod::remoteip + +site::profile::apache::htdigest: + mhk-delivery: + delivery: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAFIp9rovuVT8KovQAFKS95zitRKpL1tZzGAEKCSRjnp5n5c1ZboY/9exlKzIgx+U9ZRbv0K+XsdCJK+m140b7Ku/EW9S+tfe3Y60YJER2p1yvlreSPH1sXE+tP8PR+C9dGpAUqMJ/f7cDyLVgHRaloWed2UqTgCwZbDQWa+csU3PFddvIwtt82/1u3+a6jqU8o7mLco5Wc+bsjZipKtTulJbNtzwdyGdukpeCSNf6FFUEzbrjhDKG3uS48pMzwPonY+GAA3SCL8Ig/qAJKhbvN6gzvZb3UY7TbSEgguBG/93TKW60W2C5jWYBIZQbttCqpKXvMq3TmKWozGhGZfBXyDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAw81Iz36qd+UJYWPLSa/itgCDU/H6EiJvNLDaOVo9VNWPHoQXBlq0HvXYcLcJ7gZogog==] + +apache::mod::remoteip::proxy_ips: + - '77.74.235.124' + - '77.74.235.125' + +site::profile::apache::pp_vhosts: + baustellenseite: + docroot: '/var/www/mhk/kueche.de' + servername: kueche.de + serveraliases: + - www.kueche.de + ssl: false + setenvif: + - 'HTTPS on HTTPS=on' + access_log_format: remote_combined + rewrites: + - nonwww: + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} !^kueche.de$ [NC]' + rewrite_rule: + - '^(.*)$ http://kueche.de [R=301,L]' + www: + docroot: '/var/www/mhk' + servername: www-kueche-de.pixelpark.net + serveraliases: + - www02-mhk-kueche-de.pixelpark.net + ssl: false + directories: + - location1: + provider: location + path: '/' + auth_type: Basic + auth_name: mhk-delivery + auth_basic_provider: file + auth_user_file: '/var/lib/httpd/htpasswd' + auth_require: 'valid-user' + rewrites: + - to_ssl: + comment: 'all to https' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^www-kueche-de.pixelpark.net$ [NC]' + - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]' + rewrite_rule: + - '^(.*)$ https://%%{ich-trickse}{SERVER_NAME}$1 [R=301,L]' + - index: + comment: 'Coremedia Rewrites' + rewrite_rule: + - '^/login/(.*) /blueprint/servlet/login/$1 [PT,L]' + - '^/action/(.*) /blueprint/servlet/action/$1 [PT,L]' + - '^/([0-9]+)/(.*) /blueprint/servlet/action/de-DE/$1/action/$2 [PT,L]' + - '^/blob/(.*) /blueprint/servlet/blob/$1 [PT,L]' + - '^/resources/(.*) /blueprint/servlet/resources/$1 [PT,L]' + - '^/image/(.*) /blueprint/servlet/image/$1 [PT,L]' + - '^/page/(.*) /blueprint/servlet/page/$1 [PT,L]' + - '^/service/(.*) /blueprint/servlet/service/$1 [PT,L]' + - '^/webflow/(.*) /blueprint/servlet/webflow/$1 [PT,L]' + - '^/signin/(.*) /blueprint/servlet/signin/$1 [PT,L]' + - '^/userdetails/(.*) /blueprint/servlet/userdetails/$1 [PT,L]' + - '^/elastic/social/(.*) /blueprint/servlet/elastic/social/$1 [PT,L]' + - '^/elastic/image(.*) /blueprint/servlet/elastic/image$1 [PT,L]' + - '^/connect/(.*) /blueprint/servlet/connect/$1 [PT,L]' + - '^/mhk/(.*) /blueprint/servlet/mhk/$1 [PT,L]' + - '^/de-DE(/)?$ / [R,L]' + - '^/blueprint/de-DE$ /blueprint/servlet/page/de-DE [PT,L]' + - '^/blueprint/servlet/sitemap-generation$ - [F,PT,L]' + - '^/sitemap_index.xml /var/www/mhk/sitemap/Sites/MHK/sitemap_index.xml [L]' + - '^/sitemap(.*).xml.gz /var/www/mhk/sitemap/Sites/MHK/sitemap$1.xml.gz [L]' + - '^/server-status - [L]' + - '^/robots.txt /blueprint/servlet/robots/de-DE [PT,L]' + - '^/blueprint/(.*) /blueprint/$1 [PT,L]' + - '^/de-DE/(.*)$ //blueprint/servlet/page/de-DE/$1 [PT,L]' + - '^/$ /blueprint/servlet/page/de-DE [PT,L]' + - '^/errors/(.*)$ /var/www/mhk/errors/$1 [L]' + - '^/assets/(.*)$ /var/www/mhk/errors/assets/$1 [L]' + - '^/(.*) /blueprint/servlet/page/de-DE/$1 [PT,L]' + proxy_preserve_host: true + proxy_pass: + - path: '/blueprint' + url: 'ajp://localhost:49009/blueprint' + reverse_cookies: + - path: '/blueprint' + url: '/' + setenvif: + - 'HTTPS on HTTPS=on' + error_documents: + - { error_code: 500 , document: "/errors/500.html" } + - { error_code: 501 , document: "/errors/500.html" } + - { error_code: 502 , document: "/errors/500.html" } + - { error_code: 503 , document: "/errors/500.html" } + - { error_code: 504 , document: "/errors/500.html" } + - { error_code: 505 , document: "/errors/500.html" } + - { error_code: 506 , document: "/errors/500.html" } + - { error_code: 507 , document: "/errors/500.html" } + - { error_code: 508 , document: "/errors/500.html" } + - { error_code: 510 , document: "/errors/500.html" } + - { error_code: 511 , document: "/errors/500.html" } + aliases: + - { alias: /errors/ , path: /var/www/mhk/errors/ } + headers: + - 'set X-Frame-Options: sameorigin' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Content-Type-Options: nosniff' + access_log_format: remote_combined + +logstash::generic_resource: + webapp: + resource: file + order: 10 # Input + parameters: + path: '/var/log/coremedia/cm7-delivery-tomcat/blueprint.log' + type: webapp + tags: + - 'blueprint' + - "%{customer}" + codec: + type: multiline + what: previous + pattern: "^%%{ich-trickse}{TIMESTAMP_ISO8601}" + negate: true diff --git a/customer/mhk/www03-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/www03-mhk-kueche-de.pixelpark.net.yaml index 4c3c2b5e..fbeb6060 100644 --- a/customer/mhk/www03-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/www03-mhk-kueche-de.pixelpark.net.yaml @@ -1,2 +1,130 @@ --- site::role: base +site::additional_classes: + - site::profile::apache + - apache::mod::proxy_ajp + - apache::mod::headers + - apache::mod::remoteip + +site::profile::apache::htdigest: + mhk-delivery: + delivery: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAFIp9rovuVT8KovQAFKS95zitRKpL1tZzGAEKCSRjnp5n5c1ZboY/9exlKzIgx+U9ZRbv0K+XsdCJK+m140b7Ku/EW9S+tfe3Y60YJER2p1yvlreSPH1sXE+tP8PR+C9dGpAUqMJ/f7cDyLVgHRaloWed2UqTgCwZbDQWa+csU3PFddvIwtt82/1u3+a6jqU8o7mLco5Wc+bsjZipKtTulJbNtzwdyGdukpeCSNf6FFUEzbrjhDKG3uS48pMzwPonY+GAA3SCL8Ig/qAJKhbvN6gzvZb3UY7TbSEgguBG/93TKW60W2C5jWYBIZQbttCqpKXvMq3TmKWozGhGZfBXyDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAw81Iz36qd+UJYWPLSa/itgCDU/H6EiJvNLDaOVo9VNWPHoQXBlq0HvXYcLcJ7gZogog==] + +apache::mod::remoteip::proxy_ips: + - '77.74.235.124' + - '77.74.235.125' + +site::profile::apache::pp_vhosts: + baustellenseite: + docroot: '/var/www/mhk/kueche.de' + servername: kueche.de + serveraliases: + - www.kueche.de + ssl: false + setenvif: + - 'HTTPS on HTTPS=on' + rewrites: + - nonwww: + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} !^kueche.de$ [NC]' + rewrite_rule: + - '^(.*)$ http://kueche.de [R=301,L]' + access_log_format: remote_combined + www: + docroot: '/var/www/mhk' + servername: www-kueche-de.pixelpark.net + serveraliases: + - www03-mhk-kueche-de.pixelpark.net + ssl: false + directories: + - location1: + provider: location + path: '/' + auth_type: Basic + auth_name: mhk-delivery + auth_basic_provider: file + auth_user_file: '/var/lib/httpd/htpasswd' + auth_require: 'valid-user' + rewrites: + - to_ssl: + comment: 'all to https' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^www-kueche-de.pixelpark.net$ [NC]' + - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]' + rewrite_rule: + - '^(.*)$ https://%%{ich-trickse}{SERVER_NAME}$1 [R=301,L]' + - index: + comment: 'Coremedia Rewrites' + rewrite_rule: + - '^/login/(.*) /blueprint/servlet/login/$1 [PT,L]' + - '^/action/(.*) /blueprint/servlet/action/$1 [PT,L]' + - '^/([0-9]+)/(.*) /blueprint/servlet/action/de-DE/$1/action/$2 [PT,L]' + - '^/blob/(.*) /blueprint/servlet/blob/$1 [PT,L]' + - '^/resources/(.*) /blueprint/servlet/resources/$1 [PT,L]' + - '^/image/(.*) /blueprint/servlet/image/$1 [PT,L]' + - '^/page/(.*) /blueprint/servlet/page/$1 [PT,L]' + - '^/service/(.*) /blueprint/servlet/service/$1 [PT,L]' + - '^/webflow/(.*) /blueprint/servlet/webflow/$1 [PT,L]' + - '^/signin/(.*) /blueprint/servlet/signin/$1 [PT,L]' + - '^/userdetails/(.*) /blueprint/servlet/userdetails/$1 [PT,L]' + - '^/elastic/social/(.*) /blueprint/servlet/elastic/social/$1 [PT,L]' + - '^/elastic/image(.*) /blueprint/servlet/elastic/image$1 [PT,L]' + - '^/connect/(.*) /blueprint/servlet/connect/$1 [PT,L]' + - '^/mhk/(.*) /blueprint/servlet/mhk/$1 [PT,L]' + - '^/de-DE(/)?$ / [R,L]' + - '^/blueprint/de-DE$ /blueprint/servlet/page/de-DE [PT,L]' + - '^/blueprint/servlet/sitemap-generation$ - [F,PT,L]' + - '^/sitemap_index.xml /var/www/mhk/sitemap/Sites/MHK/sitemap_index.xml [L]' + - '^/sitemap(.*).xml.gz /var/www/mhk/sitemap/Sites/MHK/sitemap$1.xml.gz [L]' + - '^/server-status - [L]' + - '^/robots.txt /blueprint/servlet/robots/de-DE [PT,L]' + - '^/blueprint/(.*) /blueprint/$1 [PT,L]' + - '^/de-DE/(.*)$ //blueprint/servlet/page/de-DE/$1 [PT,L]' + - '^/$ /blueprint/servlet/page/de-DE [PT,L]' + - '^/errors/(.*)$ /var/www/mhk/errors/$1 [L]' + - '^/assets/(.*)$ /var/www/mhk/errors/assets/$1 [L]' + - '^/(.*) /blueprint/servlet/page/de-DE/$1 [PT,L]' + proxy_preserve_host: true + proxy_pass: + - path: '/blueprint' + url: 'ajp://localhost:49009/blueprint' + reverse_cookies: + - path: '/blueprint' + url: '/' + setenvif: + - 'HTTPS on HTTPS=on' + error_documents: + - { error_code: 500 , document: "/errors/500.html" } + - { error_code: 501 , document: "/errors/500.html" } + - { error_code: 502 , document: "/errors/500.html" } + - { error_code: 503 , document: "/errors/500.html" } + - { error_code: 504 , document: "/errors/500.html" } + - { error_code: 505 , document: "/errors/500.html" } + - { error_code: 506 , document: "/errors/500.html" } + - { error_code: 507 , document: "/errors/500.html" } + - { error_code: 508 , document: "/errors/500.html" } + - { error_code: 510 , document: "/errors/500.html" } + - { error_code: 511 , document: "/errors/500.html" } + aliases: + - { alias: /errors/ , path: /var/www/mhk/errors/ } + headers: + - 'set X-Frame-Options: sameorigin' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Content-Type-Options: nosniff' + access_log_format: remote_combined + +logstash::generic_resource: + webapp: + resource: file + order: 10 # Input + parameters: + path: '/var/log/coremedia/cm7-delivery-tomcat/blueprint.log' + type: webapp + tags: + - 'blueprint' + - "%{customer}" + codec: + type: multiline + what: previous + pattern: "^%%{ich-trickse}{TIMESTAMP_ISO8601}" + negate: true diff --git a/customer/pfizer/dev-web01-pfizer-de.pixelpark.net.yaml b/customer/pfizer/dev-web01-pfizer-de.pixelpark.net.yaml index 9aea5119..eadb12f4 100644 --- a/customer/pfizer/dev-web01-pfizer-de.pixelpark.net.yaml +++ b/customer/pfizer/dev-web01-pfizer-de.pixelpark.net.yaml @@ -65,7 +65,7 @@ site::profile::drupal::projects: directories: - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -119,7 +119,7 @@ site::profile::typo3::projects: directories: - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -550,7 +550,7 @@ site::profile::apache::vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -578,7 +578,7 @@ site::profile::apache::vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -606,7 +606,7 @@ site::profile::apache::vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -634,7 +634,7 @@ site::profile::apache::vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -665,7 +665,7 @@ site::profile::apache::vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -702,7 +702,7 @@ site::profile::apache::vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -731,7 +731,7 @@ site::profile::apache::vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -782,7 +782,7 @@ site::profile::apache::vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -825,7 +825,7 @@ site::profile::apache::vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -865,7 +865,7 @@ site::profile::apache::vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -902,7 +902,7 @@ site::profile::apache::vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -942,7 +942,7 @@ site::profile::apache::vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -976,7 +976,7 @@ site::profile::apache::vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -1007,7 +1007,7 @@ site::profile::apache::vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file diff --git a/customer/pfizer/dev-web02-pfizer-de.pixelpark.net.yaml b/customer/pfizer/dev-web02-pfizer-de.pixelpark.net.yaml index fe6902b0..c3b29718 100644 --- a/customer/pfizer/dev-web02-pfizer-de.pixelpark.net.yaml +++ b/customer/pfizer/dev-web02-pfizer-de.pixelpark.net.yaml @@ -70,7 +70,7 @@ site::profile::typo3::projects: directories: - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: dev-redaktion-pfizer-de auth_digest_provider: file diff --git a/customer/pfizer/test-web01-pfizer-de.pixelpark.net.yaml b/customer/pfizer/test-web01-pfizer-de.pixelpark.net.yaml index da018a1a..a70ed1af 100644 --- a/customer/pfizer/test-web01-pfizer-de.pixelpark.net.yaml +++ b/customer/pfizer/test-web01-pfizer-de.pixelpark.net.yaml @@ -66,7 +66,7 @@ site::profile::drupal::projects: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -123,7 +123,7 @@ site::profile::typo3::projects: directories: - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -564,7 +564,7 @@ site::profile::apache::pp_vhosts: - None - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -598,7 +598,7 @@ site::profile::apache::pp_vhosts: - None - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -631,7 +631,7 @@ site::profile::apache::pp_vhosts: - None - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -665,7 +665,7 @@ site::profile::apache::pp_vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -706,7 +706,7 @@ site::profile::apache::pp_vhosts: - None - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -741,7 +741,7 @@ site::profile::apache::pp_vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -790,7 +790,7 @@ site::profile::apache::pp_vhosts: directoryindex: rheuma.html - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -833,7 +833,7 @@ site::profile::apache::pp_vhosts: directoryindex: psoriasis.html - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -872,7 +872,7 @@ site::profile::apache::pp_vhosts: - None - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -904,7 +904,7 @@ site::profile::apache::pp_vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -936,7 +936,7 @@ site::profile::apache::pp_vhosts: - All - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file @@ -965,7 +965,7 @@ site::profile::apache::pp_vhosts: - None - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: pixelrealm auth_digest_provider: file diff --git a/customer/pfizer/web01-pfizer-de.pixelpark.net.yaml b/customer/pfizer/web01-pfizer-de.pixelpark.net.yaml index c4de6823..4ac2c3fb 100644 --- a/customer/pfizer/web01-pfizer-de.pixelpark.net.yaml +++ b/customer/pfizer/web01-pfizer-de.pixelpark.net.yaml @@ -846,55 +846,49 @@ site::profile::typo3::projects: - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' - '%%{ich-trickse}{REQUEST_URI} ^/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/produkt-liste/detailansicht/accupro.htm' rewrite_rule: - - ^(.*)$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/accuproR.htm [R=301,L] + - ^(.*)$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/accuproR/ [R=301,L] - pfizer_rw54: comment: 'https://jira.pixelpark.com/jira/browse/PFIZ-2427' rewrite_cond: - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' - '%%{ich-trickse}{REQUEST_URI} ^/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/produkt-liste/detailansicht/celebrex.htm' rewrite_rule: - - ^(.*)$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/celebrexR.htm [R=301,L] - - pfizer_rw55: - comment: 'https://jira.pixelpark.com/jira/browse/PFIZ-2427' - rewrite_cond: - - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' - - '%%{ich-trickse}{REQUEST_URI} ^/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/produkt-liste/detailansicht/climopax-climopax-mono-climopax-cyclo.htm' - rewrite_rule: - - ^(.*)$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/climopaxR-climopaxR-mono-climopaxR-cyclo.htm [R=301,L] + - ^(.*)$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/celebrexR/ [R=301,L] + - pfizer_rw56: comment: 'https://jira.pixelpark.com/jira/browse/PFIZ-2427' rewrite_cond: - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' - '%%{ich-trickse}{REQUEST_URI} ^/medikamente-produkte/pfizer-produkte/produkt-liste/detailansicht/fragminR-p-p-forte.htm' rewrite_rule: - - ^(.*)$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/fragminR-p-p-forte-1.htm [R=301,L] + - ^(.*)$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/fragminR-p-p-forte/ [R=301,L] - pfizer_rw57: comment: 'https://jira.pixelpark.com/jira/browse/PFIZ-2427' rewrite_cond: - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' - '%%{ich-trickse}{REQUEST_URI} ^/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/produkt-liste/detailansicht/fragminR-p-p-forte.htm' rewrite_rule: - - ^(.*)$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/fragminR-p-p-forte-1.htm [R=301,L] + - ^(.*)$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/fragminR-p-p-forte/ [R=301,L] - pfizer_rw58: comment: 'https://jira.pixelpark.com/jira/browse/PFIZ-2427' rewrite_cond: - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' - '%%{ich-trickse}{REQUEST_URI} ^/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/produkt-liste/detailansicht/rapamune-loesung.htm' rewrite_rule: - - ^(.*)$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/rapamuneR-loesung.htm [R=301,L] + - ^(.*)$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/rapamuneR-loesung/ [R=301,L] - pfizer_rw59: comment: 'https://jira.pixelpark.com/jira/browse/PFIZ-2427' rewrite_cond: - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' - '%%{ich-trickse}{REQUEST_URI} ^/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/produkt-liste/detailansicht/tygacil.htm' rewrite_rule: - - ^(.*)$ hhttps://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/tygacilR.htm [R=301,L] + - ^(.*)$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/tygacilR/ [R=301,L] - pfizer_rw60: comment: 'https://jira.pixelpark.com/jira/browse/PFIZ-2427' rewrite_cond: - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' rewrite_rule: - - '^/produkte/ https://www.pfizer.de/medikamente-produkte.htm [R=301,L]' + - '^/produkte/ https://www.pfizer.de/medikamente-produkte/ [R=301,L]' - PFIZ-3871_1: comment: 'https://jira.pixelpark.com/jira/browse/PFIZ-3871' rewrite_cond: @@ -926,7 +920,318 @@ site::profile::typo3::projects: - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' rewrite_rule: - '^(.*)\.htm$ $1/ [R=301,L]' + - PFIZ-4586: + comment: https://jira.pixelpark.com/jira/browse/PFIZ-4586 + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^(.*)/index(\.htm(l?))?(/?)$ $1/ [R=301,L]' # Seo Project Ende +# Seo Projekt Medikameten Rewrites Start + - PFIZ-4401_rw1: + comment: 'SEO Pfizer Produktseiten Rezeptpflichtig Remove R' + rewrite_cond: + # Schnelle Abbruchbedingung + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + - '%%{ich-trickse}{REQUEST_URI} ^/medikamente-produkte/pfizer-produkte/detailansicht/' + # Explizit + - '%%{ich-trickse}{REQUEST_URI} aromasin [OR]' + - '%%{ich-trickse}{REQUEST_URI} fsme-immun-025-ml-junior [OR]' + - '%%{ich-trickse}{REQUEST_URI} fsme-immun-erwachsene [OR]' + - '%%{ich-trickse}{REQUEST_URI} tafil [OR]' + - '%%{ich-trickse}{REQUEST_URI} ziprasidon-pfizer [OR]' + - '%%{ich-trickse}{REQUEST_URI} zoledronsaeure-hospira' + rewrite_rule: + - '^(.*)/([a-z-0-9]+)R?([a-z-0-9]*)/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/$2$3/ [R=301,L]' + - PFIZ-4401_rw2: + comment: 'SEO Pfizer Produktseiten Rezeptpflichtig keep R' + rewrite_cond: + # Schnelle Abbruchbedingung + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + - '%%{ich-trickse}{REQUEST_URI} ^/medikamente-produkte/pfizer-produkte/detailansicht/' + # Explizit + - '%%{ich-trickse}{REQUEST_URI} celebrexR [OR]' + - '%%{ich-trickse}{REQUEST_URI} champixR [OR]' + - '%%{ich-trickse}{REQUEST_URI} depo-clinovirR [OR]' + - '%%{ich-trickse}{REQUEST_URI} fragminR-10-ml-multidose [OR]' + - '%%{ich-trickse}{REQUEST_URI} fragminR-4-ml-multidose [OR]' + - '%%{ich-trickse}{REQUEST_URI} fragminR-7500-ie10000-ie-12500-ie15000-ie18000-ie-fertigspritze [OR]' + - '%%{ich-trickse}{REQUEST_URI} fragminR-fragminR-d-ampulle [OR]' + - '%%{ich-trickse}{REQUEST_URI} inflectraR [OR]' + - '%%{ich-trickse}{REQUEST_URI} lantarelR-tabletten [OR]' + - '%%{ich-trickse}{REQUEST_URI} lonoloxR [OR]' + - '%%{ich-trickse}{REQUEST_URI} lyricaR-hartkapseln [OR]' + - '%%{ich-trickse}{REQUEST_URI} lyricaR-loesung [OR]' + - '%%{ich-trickse}{REQUEST_URI} nimenrixR [OR]' + - '%%{ich-trickse}{REQUEST_URI} nivestimR [OR]' + - '%%{ich-trickse}{REQUEST_URI} planumR [OR]' + - '%%{ich-trickse}{REQUEST_URI} prevenar13R [OR]' + - '%%{ich-trickse}{REQUEST_URI} refacto-afR [OR]' + - '%%{ich-trickse}{REQUEST_URI} sayanaR [OR]' + - '%%{ich-trickse}{REQUEST_URI} sobelinR-granulat [OR]' + - '%%{ich-trickse}{REQUEST_URI} sobelinR-hartkapseln [OR]' + - '%%{ich-trickse}{REQUEST_URI} sobelinR-solubile [OR]' + - '%%{ich-trickse}{REQUEST_URI} sobelinR-vaginalcreme [OR]' + - '%%{ich-trickse}{REQUEST_URI} sortisR [OR]' + - '%%{ich-trickse}{REQUEST_URI} tavorR [OR]' + - '%%{ich-trickse}{REQUEST_URI} td-immunR [OR]' + - '%%{ich-trickse}{REQUEST_URI} tdap-immunR [OR]' + - '%%{ich-trickse}{REQUEST_URI} unacidR-pd-oral [OR]' + - '%%{ich-trickse}{REQUEST_URI} valoronR-n [OR]' + - '%%{ich-trickse}{REQUEST_URI} viagraR [OR]' + - '%%{ich-trickse}{REQUEST_URI} vyndaqelR [OR]' + - '%%{ich-trickse}{REQUEST_URI} xalkoriR [OR]' + - '%%{ich-trickse}{REQUEST_URI} zavedosR [OR]' + - '%%{ich-trickse}{REQUEST_URI} zeldoxR [OR]' + - '%%{ich-trickse}{REQUEST_URI} zithromaxR [OR]' + - '%%{ich-trickse}{REQUEST_URI} zoloftR [OR]' +# Change Start + - '%%{ich-trickse}{REQUEST_URI} accuproR [OR]' + - '%%{ich-trickse}{REQUEST_URI} accuzideR [OR]' + - '%%{ich-trickse}{REQUEST_URI} arthotecR-forte [OR]' + - '%%{ich-trickse}{REQUEST_URI} beloc-zokR-comp [OR]' + - '%%{ich-trickse}{REQUEST_URI} benefixR [OR]' + - '%%{ich-trickse}{REQUEST_URI} bosulifR [OR]' + - '%%{ich-trickse}{REQUEST_URI} cabaserilR [OR]' + - '%%{ich-trickse}{REQUEST_URI} camptoR [OR]' + - '%%{ich-trickse}{REQUEST_URI} combactamR [OR]' + - '%%{ich-trickse}{REQUEST_URI} conceplanR-m [OR]' + - '%%{ich-trickse}{REQUEST_URI} cyklokapronR [OR]' + - '%%{ich-trickse}{REQUEST_URI} daunoblastinR [OR]' + - '%%{ich-trickse}{REQUEST_URI} diblocinR-pp [OR]' + - '%%{ich-trickse}{REQUEST_URI} dostinexR [OR]' + - '%%{ich-trickse}{REQUEST_URI} dynastatR [OR]' + - '%%{ich-trickse}{REQUEST_URI} ecaltaR [OR]' + - '%%{ich-trickse}{REQUEST_URI} edronaxR [OR]' + - '%%{ich-trickse}{REQUEST_URI} elcritR [OR]' + - '%%{ich-trickse}{REQUEST_URI} eliquisR [OR]' + - '%%{ich-trickse}{REQUEST_URI} estringR [OR]' + - '%%{ich-trickse}{REQUEST_URI} exemestan-pfizerR [OR]' + - '%%{ich-trickse}{REQUEST_URI} femigoaR [OR]' + - '%%{ich-trickse}{REQUEST_URI} fungataR [OR]' + - '%%{ich-trickse}{REQUEST_URI} gabapentin-pfizerR [OR]' + - '%%{ich-trickse}{REQUEST_URI} gelonidaR [OR]' + - '%%{ich-trickse}{REQUEST_URI} genotropinR [OR]' + - '%%{ich-trickse}{REQUEST_URI} gevilonR [OR]' + - '%%{ich-trickse}{REQUEST_URI} halcionR [OR]' + - '%%{ich-trickse}{REQUEST_URI} humatinR [OR]' + - '%%{ich-trickse}{REQUEST_URI} hydrocortisonR [OR]' + - '%%{ich-trickse}{REQUEST_URI} inlytaR [OR]' + - '%%{ich-trickse}{REQUEST_URI} inspraR [OR]' + - '%%{ich-trickse}{REQUEST_URI} ketanestR-s [OR]' + - '%%{ich-trickse}{REQUEST_URI} leiosR [OR]' + - '%%{ich-trickse}{REQUEST_URI} minprogR [OR]' + - '%%{ich-trickse}{REQUEST_URI} mono-mackR [OR]' + - '%%{ich-trickse}{REQUEST_URI} mycobutinR [OR]' + - '%%{ich-trickse}{REQUEST_URI} neisvac-cR [OR]' + - '%%{ich-trickse}{REQUEST_URI} neurontinR [OR]' + - '%%{ich-trickse}{REQUEST_URI} norvascR [OR]' + - '%%{ich-trickse}{REQUEST_URI} petinutinR [OR]' + - '%%{ich-trickse}{REQUEST_URI} rapamuneR-loesung [OR]' + - '%%{ich-trickse}{REQUEST_URI} rapamuneR-tabletten [OR]' + - '%%{ich-trickse}{REQUEST_URI} relpaxR [OR]' + - '%%{ich-trickse}{REQUEST_URI} revatioR-filmtabletten [OR]' + - '%%{ich-trickse}{REQUEST_URI} revatioR-injektionsloesung [OR]' + - '%%{ich-trickse}{REQUEST_URI} revatioR-pulver-zur-herstellung-einer-suspension [OR]' + - '%%{ich-trickse}{REQUEST_URI} selectolR [OR]' + - '%%{ich-trickse}{REQUEST_URI} somavertR [OR]' + - '%%{ich-trickse}{REQUEST_URI} sutentR [OR]' + - '%%{ich-trickse}{REQUEST_URI} synarelaR [OR]' + - '%%{ich-trickse}{REQUEST_URI} synphasecR [OR]' + - '%%{ich-trickse}{REQUEST_URI} tavuR [OR]' + - '%%{ich-trickse}{REQUEST_URI} tolterodin-pfizerR [OR]' + - '%%{ich-trickse}{REQUEST_URI} toriselR [OR]' + - '%%{ich-trickse}{REQUEST_URI} toviazR [OR]' + - '%%{ich-trickse}{REQUEST_URI} trevilorR [OR]' + - '%%{ich-trickse}{REQUEST_URI} trigoaR [OR]' + - '%%{ich-trickse}{REQUEST_URI} tygacilR [OR]' + - '%%{ich-trickse}{REQUEST_URI} ultreonR [OR]' + - '%%{ich-trickse}{REQUEST_URI} xalacomR [OR]' + - '%%{ich-trickse}{REQUEST_URI} xalatanR [OR]' + - '%%{ich-trickse}{REQUEST_URI} zyvoxidR-filmtabletten [OR]' + - '%%{ich-trickse}{REQUEST_URI} zyvoxidR-granulat [OR]' + - '%%{ich-trickse}{REQUEST_URI} zyvoxidR-infusionsloesung' +# Change Stop + rewrite_rule: + - '^(.*)/([a-zA-Z-0-9]+)/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/$2/ [R=301,L]' + - PFIZ-4401_rw4: + comment: 'SEO Pfizer Produktseiten Rezeptfreie keep R' + rewrite_cond: + # Schnelle Abbruchbedingung + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + - '%%{ich-trickse}{REQUEST_URI} ^/medikamente-produkte/pfizer-produkte/detailansicht/' + # Explizit + - '%%{ich-trickse}{REQUEST_URI} caltrateR-calcium-d [OR]' + - '%%{ich-trickse}{REQUEST_URI} centrumR-fuer-ihn [OR]' + - '%%{ich-trickse}{REQUEST_URI} centrumR-fuer-sie [OR]' + - '%%{ich-trickse}{REQUEST_URI} centrumR-generation-50-fuer-ihn [OR]' + - '%%{ich-trickse}{REQUEST_URI} centrumR [OR]' + - '%%{ich-trickse}{REQUEST_URI} nexium-controlR [OR]' + - '%%{ich-trickse}{REQUEST_URI} spaltR-grippal [OR]' + - '%%{ich-trickse}{REQUEST_URI} thermacareR-waermeauflagen-bei-regelschmerzen [OR]' + - '%%{ich-trickse}{REQUEST_URI} vitasprintR-kapseln [OR]' +# Change Start + - '%%{ich-trickse}{REQUEST_URI} baldriparanR-stark-fuer-die-nacht [OR]' + - '%%{ich-trickse}{REQUEST_URI} baldriparanR-zur-beruhigung [OR]' + - '%%{ich-trickse}{REQUEST_URI} centrumR/?$ [OR]' + - '%%{ich-trickse}{REQUEST_URI} centrumR-frisch-fruchtig [OR]' + - '%%{ich-trickse}{REQUEST_URI} centrumR-generation-50 [OR]' + - '%%{ich-trickse}{REQUEST_URI} doppel-spaltR-compact [OR]' + - '%%{ich-trickse}{REQUEST_URI} imedeenR [OR]' + - '%%{ich-trickse}{REQUEST_URI} sab-simplexR-kautabletten [OR]' + - '%%{ich-trickse}{REQUEST_URI} sab-simplexR-suspension [OR]' + - '%%{ich-trickse}{REQUEST_URI} sab-simplexR-weichkapseln [OR]' + - '%%{ich-trickse}{REQUEST_URI} spaltR-forte [OR]' + - '%%{ich-trickse}{REQUEST_URI} spaltR-kopfschmerz [OR]' + - '%%{ich-trickse}{REQUEST_URI} spaltR-migraene [OR]' + - '%%{ich-trickse}{REQUEST_URI} spaltR-mobil [OR]' + - '%%{ich-trickse}{REQUEST_URI} spaltR-plus-coffein-n [OR]' + - '%%{ich-trickse}{REQUEST_URI} spaltR-schmerztabletten [OR]' + - '%%{ich-trickse}{REQUEST_URI} thermacareR-schmerzgel [OR]' + - '%%{ich-trickse}{REQUEST_URI} thermacareR-waermeauflagen [OR]' + - '%%{ich-trickse}{REQUEST_URI} vitasprintR-b12-trinkflaeschchen' +# Change Stop + rewrite_rule: + - '^(.*)/([a-zA-Z-0-9]+)/?$ https://www.pfizer.de/medikamente-produkte/rezeptfreie-medikamente-und-produkte/pfizer-produkte/detailansicht/$2/ [R=301,L]' + - PFIZ-4401_rw5: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/azulfidineR/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/azulfidine-azulfidine-ra/ [R=301,L]' + - PFIZ-4401_rw6: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/cardularR/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/cardularR-pp/ [R=301,L]' + - PFIZ-4401_rw7: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/caverjectR/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/caverjectR-caverjectR-impuls/ [R=301,L]' + - PFIZ-4401_rw8: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/demetrinR/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/demetrin-mono-demetrin/ [R=301,L]' + - PFIZ-4401_rw9: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/detrusitolR-detrusitolR-retard/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/detrusitol-detrusitol-retard/ [R=301,L]' + - PFIZ-4401_rw10: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/diflucanR-1/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/diflucanR/ [R=301,L]' + - PFIZ-4401_rw11: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/dilzemR/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/dilzem-retard-uno/ [R=301,L]' + - PFIZ-4401_rw12: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/enbrelR-10mg-fuer-kinder-und-jugendliche/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/enbrelR-10-mg-fuer-kinder-und-jugendliche/ [R=301,L]' + - PFIZ-4401_rw12_b: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/enbrelR-2550mg-fertigspritze/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/enbrelR-2550-mg-fertigspritze/ [R=301,L]' + - PFIZ-4401_rw13: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/enbrelR-25mg/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/enbrelR-25-mg/ [R=301,L]' + - PFIZ-4401_rw14: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/enbrelR-50mg-injektionsloesung-im-fertigpen-myclicR/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/enbrelR-50-mg-injektionsloesung-im-fertigpen-myclicR/ [R=301,L]' + - PFIZ-4401_rw15: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/farmorubicinR/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/farmorubicin-cs/ [R=301,L]' + - PFIZ-4401_rw16: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/fragminR-p-p-forte/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/fragminR-p-p-forte-1/ [R=301,L]' + - PFIZ-4401_rw17: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/lantarelR-fertigspritze/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/lantarel-fsR/ [R=301,L]' + - PFIZ-4401_rw18: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/leucovorinR/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/leucovorin-loesung-zur-injektioninfusion/ [R=301,L]' + - PFIZ-4401_rw19: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/methotrexat-lederleR-1/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/methotrexat-lederleR/ [R=301,L]' + - PFIZ-4401_rw20: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/minprostinR-1/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/minprostinR/ [R=301,L]' + - PFIZ-4401_rw21: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/prepidilR/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/prepidil-gel/ [R=301,L]' + - PFIZ-4401_rw22: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/sildenafil-pfizerR/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/sildenafilR-pfizer/ [R=301,L]' + - PFIZ-4401_rw23: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/unacidR-pulver-zur-herstellung-einer-injektions-oder-infusionsloesung/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/unacidR/ [R=301,L]' + - PFIZ-4401_rw24: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/vfendR-filmtabletten/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/vfendR-200mg-filmtabletten/ [R=301,L]' + - PFIZ-4401_rw25: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/vfendR-pulver-zur-herstellung-einer-infusionsloesung/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/vfendR-200mg-pulver-zur-herstellung-einer-infusionsloesung/ [R=301,L]' + - PFIZ-4401_rw26: + comment: 'SEO Pfizer Produktseiten' + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(www\.)?pfizer\.de$' + rewrite_rule: + - '^/medikamente-produkte/pfizer-produkte/detailansicht/vfendR-pulver-zur-herstellung-einer-suspension/?$ https://www.pfizer.de/medikamente-produkte/rezeptpflichtige-medikamente/pfizer-produkte/detailansicht/vfendR/ [R=301,L]' +# Seo Projekt Medikameten Rewrites Ende - alias_rauchfrei: comment: 'https://jira.pixelpark.com/jira/browse/PFIZ-4558' rewrite_cond: diff --git a/customer/pfizer/web02-pfizer-de.pixelpark.net.yaml b/customer/pfizer/web02-pfizer-de.pixelpark.net.yaml index 43c8d4e5..461c5dc3 100644 --- a/customer/pfizer/web02-pfizer-de.pixelpark.net.yaml +++ b/customer/pfizer/web02-pfizer-de.pixelpark.net.yaml @@ -84,7 +84,7 @@ site::profile::typo3::projects: directories: - location_root: provider: locationmatch - path: '^/!(server-status|server-info)' + path: '^/(?!(server-status|server-info))' auth_type: Digest auth_name: redaktion-pfizer-de auth_digest_provider: file @@ -481,6 +481,12 @@ site::profile::typo3::projects: - '%%{ich-trickse}{HTTP_HOST} ^(redaktion-pfizer-de.pixelpark.net)$' rewrite_rule: - '^(.*)\.htm$ $1/ [R=301,L]' + - PFIZ-4586: + comment: https://jira.pixelpark.com/jira/browse/PFIZ-4586 + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} ^(redaktion-pfizer-de.pixelpark.net)$' + rewrite_rule: + - '^(.*)/index(\.htm(l?))?(/?)$ $1/ [R=301,L]' # Seo Projekt Ende # Seo Projekt Medikameten Rewrites Start - PFIZ-4401_rw1: diff --git a/customer/pixelpark-mail/common.yaml b/customer/pixelpark-mail/common.yaml new file mode 100644 index 00000000..8529886d --- /dev/null +++ b/customer/pixelpark-mail/common.yaml @@ -0,0 +1,288 @@ +--- +site::additional_classes: + - site::profile::sasl + - site::profile::postfix + +# Necessary, because the host has a local caching only DNS resolver +puppetconf::server: puppetmaster01.pixelpark.com + +##################################################### +# SASL configuration +sasl::authd::mechanism: 'ldap' +sasl::authd::bind: 'ldap' +sasl::authd::ldap_search_base: 'o=isp' +sasl::authd::ldap_servers: + - 'ldap://intra-ldap.pixelpark.com' +#sasl::authd::ldap_start_tls: false +sasl::authd::bind_dn: 'cn=admin' +sasl::authd::ldap_password: > + ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAkGouEnyjTBA40/lpw1BEHsDx2b2I3L2HHnm9 + U9gHYhz1BrPTsyCklW8CC3BiE0W9NRS0Rod+cm6M+7OMzciXbgQMFO6Ko98V + tzoTyL8yeWr4ZXNpov/gVD+WTfcKo2A0w+egenTdErN4dclnwzAoSR9QOHNT + LUxHa6sTT191+79mjw0CnG1BwDKBnZRyO+fzgACFn0dUIasz7danBbZMPn/n + wOuOrXXq/PVNPW9GSeKkbimYCAn7KDwTvJNTJCR7dh29+aq0xoSSsGrN+L+f + OZrj3dG58D8lspbxNb4iFMswtOcihByp6n5fRmvnEFXw/Dn507UCTxURoLpp + EPXIdDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD/aCWYpB6KwUIcLp1T + EKskgBArkfXhMZNEUfrTvFILs4Ig] +sasl::authd::ldap_version: '3' +sasl::authd::ldap_filter: '(&(objectclass=inetlocalmailrecipient)(|(uid=%u)(mail=%u)))' + +site::profile::sasl::enable_authd: true +site::profile::sasl::application: + smtpd: + mech_list: + - PLAIN + - LOGIN + pwcheck_method: 'saslauthd' + + +##################################################### +# Postfix configuration: + +# Global configurations +site::profile::postfix::aliases_file: '/etc/postfix/maps/aliases' +site::profile::postfix::aliases_source: 'puppet:///postfix_dir/maps/aliases' + +ldap_server: 'ldap.pixelpark.com' +ldap_port: '389' +ldap_timeout: '5' +ldap_search_base: 'o=isp' +ldap_bind_dn: 'uid=Solaris_NSS,ou=Unix NSS,ou=Applications,o=pixelpark,o=isp' +ldap_bind_pw: > + ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAiDDL0RGJsOj7Nz9hIkqiDi5/EcFW/GBCzjGP + P2QLHG79sX4peUhlw6nNk9Krtzh9G283pvg0ldJ9EOaC+6r6CMxe0V0K0AQ+ + pcFbn/W1Vi/rrjvjeweZGpIqBaYatMzNI4KlJmKTgUeq26E48RIXkyagd+gm + d4QHk1+KsrTBytvbdIKcpWgnfUJx8Q10QiYIQHyRHyXRRtUEgNERMiKZsxRt + zGyo1O0XXsYJ23+qnqawrV25whwFgDv9A16eXqFm/3bVP0JBgWKN+u5f+3Fc + cN+gbU7zWDyfgjkoll7VXt1ciTmtl3zvqP/WPInPqab5vcR+MSDD+J7XYqp/ + P1KyqTA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBBQH0PgyfGgShdRw3s + SPGwgBBpfrJXgOfQa21UINdzHMjR] + +postfix::alias_maps: "hash:/etc/postfix/maps/aliases ldap:/etc/postfix/ldap/alias.cf" +postfix::inet_interfaces: 'all' +postfix::manage_mailx: false +postfix::mastercf_source: 'puppet:///postfix_dir/master.cf' +postfix::myorigin: 'pixelpark.com' + +# Main.cf config entries +site::profile::postfix::configs: + address_verify_map: + ensure: 'absent' + alias_database: + value: 'hash:/etc/postfix/maps/aliases' + append_dot_mydomain: + value: 'no' + biff: + value: 'no' + broken_sasl_auth_clients: + value: 'yes' + command_directory: + ensure: 'absent' + daemon_directory: + ensure: 'absent' + data_directory: + ensure: 'absent' + debug_peer_level: + ensure: 'absent' + debugger_command: + ensure: 'absent' + hash_queue_depth: + value: '3' + html_directory: + ensure: 'absent' + inet_protocols: + value: 'all' + lmtp_tls_loglevel: + value: '1' + mail_owner: + ensure: 'absent' + mailbox_size_limit: + value: '0' + manpage_directory: + ensure: 'absent' + masquerade_domains: + value: 'hash:/etc/postfix/maps/masquerade_domains' + maximal_queue_lifetime: + value: '10d' + message_size_limit: + value: '358400000' + mydestination: + value: '$myhostname, localhost.$mydomain, localhost' + mydomain: + value: 'pixelpark.com' + myhostname: + value: "%{::fqdn}" + mynetworks: + value: 'cidr:/etc/postfix/maps/my-networks' + queue_directory: + ensure: 'absent' + readme_directory: + value: '/usr/share/doc/postfix' + recipient_canonical_maps: + value: 'hash:/etc/postfix/maps/canonical-recipients ldap:/etc/postfix/ldap/mailroutingaddress.cf' + recipient_delimiter: + value: '+' + relay_domains: + value: 'hash:/etc/postfix/maps/relay_domains' + relayhost: + ensure: 'blank' + sample_directory: + ensure: 'absent' + sender_dependent_default_transport_maps: + ensure: 'absent' + sender_dependent_relayhost_maps: + ensure: 'absent' + setgid_group: + ensure: 'absent' + smtp_generic_maps: + ensure: 'absent' + smtp_sasl_auth_enable: + ensure: 'absent' + smtp_tls_cert_file: + value: '/etc/postfix/ssl/wildcard.pixelpark.com-cert.pem' + smtp_tls_enforce_peername: + value: 'no' + smtp_tls_key_file: + value: '$smtp_tls_cert_file' + smtp_tls_loglevel: + value: '1' + smtp_tls_note_starttls_offer: + ensure: 'absent' + smtp_tls_per_site: + value: 'hash:/etc/postfix/maps/smtp-tls-peers' + smtp_tls_policy_maps: + ensure: 'absent' + smtp_tls_session_cache_database: + value: 'btree:${data_directory}/smtp_scache' + smtp_use_tls: + value: 'yes' + smtpd_banner: + value: '$myhostname ESMTP $mail_name $mail_version' + smtpd_client_restrictions: + ensure: 'absent' + smtpd_recipient_restrictions: + ensure: 'absent' + smtpd_relay_restrictions: + value: "check_client_access hash:/etc/postfix/maps/access_client, check_recipient_access hash:/etc/postfix/maps/access_recipient, check_sender_access hash:/etc/postfix/maps/access_sender, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_invalid_helo_hostname, permit_mynetworks, permit_tls_clientcerts, reject_unauth_destination, reject_unauth_destination, reject_unverified_recipient, permit" + smtpd_sasl_auth_enable: + value: 'yes' + smtpd_sasl_authenticated_header: + value: 'yes' + smtpd_sasl_local_domain: + ensure: 'absent' + smtpd_sender_restrictions: + ensure: 'absent' + smtpd_tls_CAfile: + ensure: 'absent' + smtpd_tls_auth_only: + ensure: 'absent' + smtpd_tls_cert_file: + value: '$smtp_tls_cert_file' + smtpd_tls_key_file: + value: '$smtp_tls_cert_file' + smtpd_tls_loglevel: + value: '1' + smtpd_tls_received_header: + value: 'yes' + smtpd_tls_session_cache_database: + value: 'btree:${data_directory}/smtpd_scache' + smtpd_tls_session_cache_timeout: + ensure: 'absent' + tls_random_prng_update_period: + ensure: 'absent' + tls_random_source: + ensure: 'absent' + smtpd_use_tls: + value: 'yes' + transport_maps: + value: 'hash:/etc/postfix/maps/transport ldap:/etc/postfix/ldap/mailhost.cf' + unknown_local_recipient_reject_code: + ensure: 'absent' + unverified_recipient_reject_code: + value: '550' + virtual_alias_maps: + value: 'pcre:/etc/postfix/maps/virtual-regex hash:/etc/postfix/maps/virtual-aliases' + +# All postfix hash databases +site::profile::postfix::hashes: + '/etc/postfix/maps/access_client': + ensure: 'present' + source: 'puppet:///postfix_dir/maps/access_client' + '/etc/postfix/maps/access_recipient': + ensure: 'present' + source: 'puppet:///postfix_dir/maps/access_recipient' + '/etc/postfix/maps/access_sender': + ensure: 'present' + source: 'puppet:///postfix_dir/maps/access_sender' + '/etc/postfix/maps/masquerade_domains': + ensure: 'present' + source: 'puppet:///postfix_dir/maps/masquerade_domains' + '/etc/postfix/maps/relay_domains': + ensure: 'present' + source: 'puppet:///postfix_dir/maps/relay_domains' + '/etc/postfix/maps/smtp-tls-peers': + ensure: 'present' + source: 'puppet:///postfix_dir/maps/smtp-tls-peers' + '/etc/postfix/maps/transport': + ensure: 'present' + source: 'puppet:///postfix_dir/maps/transport' + '/etc/postfix/maps/canonical-recipients': + ensure: 'present' + source: 'puppet:///postfix_dir/maps/canonical-recipients' + '/etc/postfix/maps/virtual-aliases': + ensure: 'present' + source: 'puppet:///postfix_dir/maps/virtual-aliases' + +# All other postfix configuration files +site::profile::postfix::conffiles: + my-networks: + ensure: 'present' + path: '/etc/postfix/maps/my-networks' + source: 'puppet:///postfix_dir/maps/my-networks' + virtual-regex: + ensure: 'present' + path: '/etc/postfix/maps/virtual-regex' + source: 'puppet:///postfix_dir/maps/virtual-regex' + ldap-alias: + ensure: 'present' + path: '/etc/postfix/ldap/alias.cf' + options: + server_host: "%{hiera('ldap_server')}" + server_port: "%{hiera('ldap_port')}" + timeout: "%{hiera('ldap_timeout')}" + search_base: "%{hiera('ldap_search_base')}" + query_filter: '(mailAlternateAddress=%u@pixelpark.com)' + result_attribute: 'mail' + bind: 'yes' + bind_dn: "%{hiera('ldap_bind_dn')}" + bind_pw: "%{hiera('ldap_bind_pw')}" + ldap-mailhost: + ensure: 'present' + path: '/etc/postfix/ldap/mailhost.cf' + options: + server_host: "%{hiera('ldap_server')}" + server_port: "%{hiera('ldap_port')}" + timeout: "%{hiera('ldap_timeout')}" + search_base: "%{hiera('ldap_search_base')}" + query_filter: '(&(objectclass=inetLocalMailRecipient)(|(mail=%s)(mailAlternateAddress=%s)(mailEquivalentAddress=%s))(|(inetMailGroupStatus=active)(mailUserStatus=active)(mailUserStatus=hold)))' + result_attribute: 'mailhost' + result_format: 'smtp:[%s]' + bind: 'yes' + bind_dn: "%{hiera('ldap_bind_dn')}" + bind_pw: "%{hiera('ldap_bind_pw')}" + ldap-mailroutingaddress: + ensure: 'present' + path: '/etc/postfix/ldap/mailroutingaddress.cf' + options: + server_host: "%{hiera('ldap_server')}" + server_port: "%{hiera('ldap_port')}" + timeout: "%{hiera('ldap_timeout')}" + search_base: "%{hiera('ldap_search_base')}" + query_filter: '(&(objectclass=inetLocalMailRecipient)(|(mail=%s)(mailAlternateAddress=%s)(mailEquivalentAddress=%s))(|(inetMailGroupStatus=active)(mailUserStatus=active)(mailUserStatus=hold)))' + result_attribute: 'mailroutingaddress' + bind: 'yes' + bind_dn: "%{hiera('ldap_bind_dn')}" + bind_pw: "%{hiera('ldap_bind_pw')}" + diff --git a/customer/pixelpark-mail/mail01.pixelpark.com.yaml b/customer/pixelpark-mail/mail01.pixelpark.com.yaml new file mode 100644 index 00000000..c1c14da0 --- /dev/null +++ b/customer/pixelpark-mail/mail01.pixelpark.com.yaml @@ -0,0 +1,3 @@ +--- +site::role: base + diff --git a/customer/pixelpark-mail/mail02.pixelpark.com.yaml b/customer/pixelpark-mail/mail02.pixelpark.com.yaml new file mode 100644 index 00000000..c1c14da0 --- /dev/null +++ b/customer/pixelpark-mail/mail02.pixelpark.com.yaml @@ -0,0 +1,3 @@ +--- +site::role: base + diff --git a/customer/pixelpark-pmp/jira02.pixelpark.com.yaml b/customer/pixelpark-pmp/jira02.pixelpark.com.yaml new file mode 100644 index 00000000..4c3c2b5e --- /dev/null +++ b/customer/pixelpark-pmp/jira02.pixelpark.com.yaml @@ -0,0 +1,2 @@ +--- +site::role: base diff --git a/customer/pixelpark/bauhaus.pixelpark.com.yaml b/customer/pixelpark/bauhaus.pixelpark.com.yaml index ae19b3d8..74db6ed9 100644 --- a/customer/pixelpark/bauhaus.pixelpark.com.yaml +++ b/customer/pixelpark/bauhaus.pixelpark.com.yaml @@ -19,21 +19,10 @@ accounts::users: dominic.radtke: apply: true sudo: true - ivan.prikhodko: - apply: true - sudo: true m_scholze: apply: true sudo: true -mysql::server::override_options: - mysqld: - bind-address: '0.0.0.0' -site::profile::mysql_server::databases: - sonar: - user: sonar - password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAmxiuE4IcXIShbBhD+1prhPkbrz3m2AEEFxOiUsGpOvjdDZ9C3Dp4ijEUcsoPEBB5ylLsIcVVWrcH7+5r6wvxBwtARRaq6Qd/eAFAbqRGkXv4W7jcAi+s4wMOAr5hjiDPPaavAv/ltMgRfyEvnkiUUOVD7uCB9MWwO07OQmZMSpz5BYsQfYZWsv767cMWWO/jChqR/3JE/h0uQci0eXQty1DZ3ciXTYIeB3SkglzbAueRx5kTnkQAk5+Iq8tKRb5P0TM8aLz4DAmyiDRZ50X0sdB6rafNsueO/sVNFDuyE4zNXNRczbFGAudu32GKuDQ2SSG6JJAVbUS0hLhg13uikDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBA9mYErV5hqc0067EBdMIASgCCMUUdgXYQ5HR+soH3A1aLZiphrVXyRUV9OK7vs+lhNSQ==] - php::phpunit: true php::dev: true @@ -82,8 +71,6 @@ site::profile::infrastructure::nexus::version: 2.14.0 # # Sonarqube # - -site::profile::infrastructure::sonarqube::sonar_db_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAmxiuE4IcXIShbBhD+1prhPkbrz3m2AEEFxOiUsGpOvjdDZ9C3Dp4ijEUcsoPEBB5ylLsIcVVWrcH7+5r6wvxBwtARRaq6Qd/eAFAbqRGkXv4W7jcAi+s4wMOAr5hjiDPPaavAv/ltMgRfyEvnkiUUOVD7uCB9MWwO07OQmZMSpz5BYsQfYZWsv767cMWWO/jChqR/3JE/h0uQci0eXQty1DZ3ciXTYIeB3SkglzbAueRx5kTnkQAk5+Iq8tKRb5P0TM8aLz4DAmyiDRZ50X0sdB6rafNsueO/sVNFDuyE4zNXNRczbFGAudu32GKuDQ2SSG6JJAVbUS0hLhg13uikDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBA9mYErV5hqc0067EBdMIASgCCMUUdgXYQ5HR+soH3A1aLZiphrVXyRUV9OK7vs+lhNSQ==] sonarqube::download_url: 'https://sonarsource.bintray.com/Distribution/sonarqube/' site::profile::infrastructure::sonarqube::version: 5.6.3 @@ -92,8 +79,8 @@ site::profile::infrastructure::sonarqube::ldap: - admin - jenkins url: 'ldaps://EMED2ADC02.global.publicisgroupe.net:636' - bind_dn: 'CN=QID-EMEA-DE-AP-006,OU=DE,OU=Service Accounts,OU=EMEA,DC=global,DC=publicisgroupe,DC=net' - bind_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAjR/GG1cZIgbCD0HZeeyFKTqsnN97hbv2nuBY2JaQMV7rqODRJ5+A20LAacFh0bNWlATNmZPj/s+48Rncr440V7cgoAoPwlEncNrIfdUx1GrmKPLFbPXewHAZM7/ACcL5ZPC19hYPnR/H3Vre6oyULNue/K89CTg3rM95gvPFGbTdzKB5fCvtw2ohCgyuexcpA6PsjA3hItrlIBH+NKqJ7D34jYRG2v8xipb+xc1viEmKjfVMY71XbnKWw0wYGyUhTBwM8xh03iaa81APtzKao3j/hwADZ2qWSdNjsWuGmyaV69rUwoBrFVvIB+MK0zckH6ldpR4jQGvTyt0AWQM9GzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDfrs1HL3fT4QyLCC/o4yEEgCBQNj1XZMz5E2mDYclfWaXmzX1WvugaTRKxA7gtOcjGeA==] + bind_dn: 'CN=QID-EMEA-DE-AP-007,OU=DE,OU=Service Accounts,OU=EMEA,DC=global,DC=publicisgroupe,DC=net' + bind_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAAbEoXsFmZyEeqw8me8vjOldXEsL2FjcgXpoOy3QWqgpUSMYGmpl+f2l42Lv5A9qw5lOrNGvUfp/mXmzTD/r3ODWYOPCeNpUi/ul6cH2yMEmUUGWSG04XmgcQZXCaLmEQad+5b5e68GR94Dw/K2Xf4PCT37nNlTGAfx0tZCPY7cVZif8+LlQi9L+yJ2ovaE7F+PD6pAILs9kKOvDsCZpHm/fnbyy+0i3PYhRXXZBfXjCSWTdfBtV6KlxIEdyMIakXbbj0sQEvVQXeH+D2MAaXCTdry3+xD59OlnhwKnR+wp5NeQwFM3KBOSHU5sLYwulJf2b0RZnpsABw/QuNSLSFjjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBB4SiITihz2lFk+c6Y8wnCugCBlM6GOw9ia79JgTciUGBkk4pC+jUQMLs6TSVVAnC/3Vw==] user_base_dn: 'OU=Users,OU=EMEA,DC=global,DC=publicisgroupe,DC=net' user_request: 'sAMAccountName={login}' user_real_name_attribute: displayName @@ -102,7 +89,7 @@ site::profile::infrastructure::sonarqube::ldap: site::profile::infrastructure::sonarqube::jdbc: url: 'jdbc:postgresql://psql-pp02.pixelpark.net/sonar' username: sonar - password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEALJNNhKSPALSQVrwaMtg19SayNLgSPTBd6nSem1NTRCbOQ1+cwSIwkHk8HEg8eZT+rsKy02a8wiZdAbqTCntNjC0q+R6KPz4PVPXEhaMwlXHa7GBPhagECy6ni65aYG/1PFdzIrX9DeAdUNPVl6irM21qXsodF0lmlJUA/X2toqoW9AomVK+/o5+4Bqf2n5NIkNSm4rrmPBmz9qpYDQaX1x5oEEHoBC+U3fpOIxHdDGNbtIA4Jj51zEpj+wnkySIUeg0Ec7O677GEd5yT937UWgF5KBISVBQGf6XHX+VK6goYbEgnkDzG8NCkreo2J6nW9xoGcyiqah5ZdfXBOnv39zBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBZ602IZY9LspbWdLTaE+/kgCBBCjLtSFkEDKTdgEVB8LGG3sUPvA2lg5KZvKl+TNvmDg==] + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAp+9rnytCDtvva/oOgepGgyEO7grAntw0VfLTev338YdzmKEXWgu8/f1zPskk/BdUqdBoT4q69g8hLD/lgqFOGUhHRDCInXKHB05YHz/6zwGgYSaEwHoDj/FqOy6uqHuEQXS9ImRh53FtYho+jhXaWo0ID6+EFAycOBLXWtES1+4lPxfS+FTiSv0penNWiACfOc2qEbBx1RIr64MOUtdva1O+TuNMfxvCW2j/4kATqcj6s+WDG5sqBaM4XH579GXr5EtLLk+5BMkPBzswC/mF/qGVMG/rf2YqvAn7L6d51a6ODlg3sTlhUU8P2+jbTOKVSNqq9on/8Hpaa9c7PbPBBTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCDzJLxehok1ciZOwOGiqudgCCyi/pk5qcLZJ+ZGnFdMIt/VTY8VJbVg/8qKoZZJ9mTYQ==] site::profile::infrastructure::sonarqube::nginx_vhosts: diff --git a/customer/pixelpark/chat-db01.pixelpark.com.yaml b/customer/pixelpark/chat-db01.pixelpark.com.yaml new file mode 100644 index 00000000..db12a661 --- /dev/null +++ b/customer/pixelpark/chat-db01.pixelpark.com.yaml @@ -0,0 +1,26 @@ +--- +site::role: base +site::additional_classes: + - site::profile::mongodb_server + +site::profile::mongodb_server::backup::replicaonslave: 'no' # Wir sind eine Standalone Instance +mongodb::globals::version: '2.6.12-4.el7' +mongodb::server::master: true # Wir sind eine Standalone Instance +mongodb::server::bind_ip: '0.0.0.0' +mongodb::server::ssl: true +mongodb::server::ssl_key: '/etc/ssl/wildcard.pixelpark.com-key.pem' +mongodb::server::auth: true +mongodb::server::create_admin: true +mongodb::server::store_creds: true +mongodb::server::admin_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAuqFkinPuJdolvOMOi+oH9Oc9o7s/UZfE+GV1OzfBu9S6YWXFRmKIxePuTzBtZ8CK6vYuAwLa4LGNgurWH0I32ZHzBlpurxr5LvrtakzZpFNR+vGXqy3bFbOLN875gF1pd3MhPQqLF8QzENVsTmZS+LMcd3nScElSHxh5Kvh8gUkWiF+S2fTPvxuyzbLIaQ6O86UC2icZF5NvgY8BzzkPxW73s0RJMYn/8bppfGRLPm3Fq9jsnwtnhLWBFZmaaldo1KxEebwzpKfAuuhvekTax6jqDFYqqJJ9/AKimBlMtgWiqfdeoSI/R6H7wCH7R6UNJJInkc1FxeDzaifwW15QIDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBvZb9OgGhelW0ISjE3sw4KgCCvOTAbNn0fl+DvsgII/yXSZEczVwFF7K5S+zQh5urnmw==] + +site::profile::mongodb_server::databases: + rocketchat: + user: rocketchat + password: "%{hiera('rocket_password')}" + roles: + - dbOwner +site::profile::mongodb_server::backup::db_username: 'backup' +site::profile::mongodb_server::backup::db_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAXT58nwkAa/RCgvWlrAnpYtmyo8BAb3zaaSVGPy8tJbH8ah/uZENC5Rn7ffjrHRgROMR5G45Bx8Kl2IdUuL6bzVZouYTHVT8XnVg/qGT02JrNBUKatm+M5uq/Ag58zVg8j+37rhm9w0rJ64hJGMobksCFysLUxnKnVRvISD9VPRDeyu/A6L053b0VSiZnadRYTpG1n4wwFWjzDPahBQyyOQ5vbnvBLfBFBO8ry5XsUQCswzb7UZumMxpNsHxKyE6JytqDHRFDvIxAFmhhVVMvEn4pvkLaDrvEvIXnjh6q6Ytauarx3byX7ikBGsmkDWwdfRSrUJCTfrZkB189ijw7rzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCgD9E3wxrlhMiPjXJattskgCA0UXFyrpqUBV/2d2ThSeWcX1/GmXWujME///bh7llFQg==] + +rocket_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAc+MotDbT3tEy7dKnbY9JHQfYVxnHCdKI2l9XuuT81eEXBce98XzayrQlI/syZK3YJLM8vMbwlP4RoKbltKogFSlyo7RBvcFjvnVtY3TidVToxQVb4pevoTmkFNjfRepbbTuQXCWTR9DtuvzTDN21Qy7QCkbGLDZ7692KCI6rg5fqzwKYXckg2TZXpCA8LDQjOIxTgbYehHPwL3Hgunl2tYr5RWIljD2S7rr8T9wo2hvkidgH+Nawjh6Vm044W/jfbFTlxzMM++zNh3WhIggcayASMnUz2+96xUNKbntQH6o6e8Kepp5ov+9U+XWV67QpYzDt0eiJ7kN9j/f20yvQmTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBB4NUdTgbxirg25xY9VB+jMgCA2fxdarOz6j9/VBwynHcf57mrQFwjzXcwIVMkBsGrJfQ==] diff --git a/customer/pixelpark/chat01.pixelpark.com.yaml b/customer/pixelpark/chat01.pixelpark.com.yaml index e01eb6a1..3e676dcf 100644 --- a/customer/pixelpark/chat01.pixelpark.com.yaml +++ b/customer/pixelpark/chat01.pixelpark.com.yaml @@ -2,28 +2,10 @@ site::role: base site::additional_classes: - nginx - - site::profile::mongodb_server - nodejs nodejs::repo_url_suffix: '4.x' nodejs::manage_package_repo: true -site::profile::mongodb_server::backup::replicaonslave: 'no' # Wir sind eine Standalone Instance -mongodb::server::master: true # Wir sind eine Standalone Instance -mongodb::server::auth: true -mongodb::server::create_admin: true -mongodb::server::store_creds: true -mongodb::server::admin_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAuqFkinPuJdolvOMOi+oH9Oc9o7s/UZfE+GV1OzfBu9S6YWXFRmKIxePuTzBtZ8CK6vYuAwLa4LGNgurWH0I32ZHzBlpurxr5LvrtakzZpFNR+vGXqy3bFbOLN875gF1pd3MhPQqLF8QzENVsTmZS+LMcd3nScElSHxh5Kvh8gUkWiF+S2fTPvxuyzbLIaQ6O86UC2icZF5NvgY8BzzkPxW73s0RJMYn/8bppfGRLPm3Fq9jsnwtnhLWBFZmaaldo1KxEebwzpKfAuuhvekTax6jqDFYqqJJ9/AKimBlMtgWiqfdeoSI/R6H7wCH7R6UNJJInkc1FxeDzaifwW15QIDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBvZb9OgGhelW0ISjE3sw4KgCCvOTAbNn0fl+DvsgII/yXSZEczVwFF7K5S+zQh5urnmw==] - -site::profile::mongodb_server::databases: - rocketchat: - user: rocketchat - password: "%{hiera('rocket_password')}" - roles: - - dbOwner -site::profile::mongodb_server::backup::db_username: 'backup' -site::profile::mongodb_server::backup::db_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAXT58nwkAa/RCgvWlrAnpYtmyo8BAb3zaaSVGPy8tJbH8ah/uZENC5Rn7ffjrHRgROMR5G45Bx8Kl2IdUuL6bzVZouYTHVT8XnVg/qGT02JrNBUKatm+M5uq/Ag58zVg8j+37rhm9w0rJ64hJGMobksCFysLUxnKnVRvISD9VPRDeyu/A6L053b0VSiZnadRYTpG1n4wwFWjzDPahBQyyOQ5vbnvBLfBFBO8ry5XsUQCswzb7UZumMxpNsHxKyE6JytqDHRFDvIxAFmhhVVMvEn4pvkLaDrvEvIXnjh6q6Ytauarx3byX7ikBGsmkDWwdfRSrUJCTfrZkB189ijw7rzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCgD9E3wxrlhMiPjXJattskgCA0UXFyrpqUBV/2d2ThSeWcX1/GmXWujME///bh7llFQg==] - -rocket_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAc+MotDbT3tEy7dKnbY9JHQfYVxnHCdKI2l9XuuT81eEXBce98XzayrQlI/syZK3YJLM8vMbwlP4RoKbltKogFSlyo7RBvcFjvnVtY3TidVToxQVb4pevoTmkFNjfRepbbTuQXCWTR9DtuvzTDN21Qy7QCkbGLDZ7692KCI6rg5fqzwKYXckg2TZXpCA8LDQjOIxTgbYehHPwL3Hgunl2tYr5RWIljD2S7rr8T9wo2hvkidgH+Nawjh6Vm044W/jfbFTlxzMM++zNh3WhIggcayASMnUz2+96xUNKbntQH6o6e8Kepp5ov+9U+XWV67QpYzDt0eiJ7kN9j/f20yvQmTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBB4NUdTgbxirg25xY9VB+jMgCA2fxdarOz6j9/VBwynHcf57mrQFwjzXcwIVMkBsGrJfQ==] nginx::config::proxy_hide_header: - X-Powered-By nginx::config::http_tcp_nopush: 'on' @@ -65,32 +47,5 @@ nginx::nginx_upstreams: rocket_chat: members: - 127.0.0.1:3000 -# - 127.0.0.1:3001 -# - 127.0.0.1:3002 - -# Wird derzeit aufgrund fehlender einfacher Unterstuetzung fuer Websocket nicht verwendet -site::profile::apache::pp_vhosts: - rocket: - docroot: '/opt/Rocket.Chat/bundle/public' - servername: chat.pixelpark.com - ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem' - ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.com-key.pem' - ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem' - redirect_dest_non_ssl: 'https://chat-rocket.pixelpark.com/' -# headers: -# - 'set X-Content-Type-Options: nosniff' -# headers_ssl: -# - 'always set Strict-Transport-Security "max-age=31556926"' - custom_fragment: | - PassengerStickySessions on - PassengerAppType node - PassengerNodejs /usr/bin/node - PassengerStartupFile main.js - PassengerForceMaxConcurrentRequestsPerProcess 0 - passenger_app_root: /opt/Rocket.Chat/bundle - passenger_app_env: production - setenv: - - MONGO_URL mongodb://rocketchat:%{hiera('rocket_password')}@localhost:27017/rocketchat - - ROOT_URL https://chat-rocket.pixelpark.com/ - docroot_owner: rocketchat - docroot_group: rocketchat \ No newline at end of file + - 127.0.0.1:3001 + - 127.0.0.1:3002 diff --git a/customer/pixelpark/dev-monitoring-client.pixelpark.com.yaml b/customer/pixelpark/dev-monitoring-client.pixelpark.com.yaml new file mode 100644 index 00000000..79f1b4d2 --- /dev/null +++ b/customer/pixelpark/dev-monitoring-client.pixelpark.com.yaml @@ -0,0 +1,10 @@ +--- +site::role: base +site::additional_classes: + - site::profile::icinga2::client + +icinga2::manage_repo: true +icinga2::features: + - 'checker' + - 'mainlog' + - 'api' diff --git a/customer/pixelpark/eriu.pixelpark.net.yaml b/customer/pixelpark/eriu.pixelpark.net.yaml new file mode 100644 index 00000000..20061910 --- /dev/null +++ b/customer/pixelpark/eriu.pixelpark.net.yaml @@ -0,0 +1,4 @@ +--- +site::role: base +site::additional_classes: + - accounts diff --git a/customer/pixelpark/extranet01.pixelpark.net.yaml b/customer/pixelpark/extranet01.pixelpark.net.yaml index 4c3c2b5e..d1d2b285 100644 --- a/customer/pixelpark/extranet01.pixelpark.net.yaml +++ b/customer/pixelpark/extranet01.pixelpark.net.yaml @@ -1,2 +1,62 @@ --- +accounts::users: + gregor.naeckel: + apply: true + sudo: true +# custom-admins + site::role: base +site::additional_classes: + - site::profile::apache + +site::profile::apache::pp_vhosts: + extranet: + docroot: /var/www/extranet + servername: extranet.pixelpark.com # wenn fertig umgezogen + serveraliases: + - extranet01.pixelpark.net # DNS Eintrag + - extranet01.pixelpark.com # CNAME von extranet01.pixelpark.net + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem' +# proxy_dest: 'http://localhost:8090' +# no_proxy_uris: +# - /server-status +# - /server-info + proxy_pass: + - { path: /server-status, url: '!' } + - { path: /server-info, url: '!' } + - { path: /confluence/, url: 'http://localhost:8090/confluence/' } + setenvif: + - 'Remote_Addr ^(217\.66\.49\.|217\.66\.50\.|217\.66\.51\.|217\.66\.56\.|213\.61\.241\.|81\.173\.202\.|194\.8\.221\.2|10\.200\.|62\.214\.114\.) ppnetze=true' + rewrites: + - comment: 'Rewrite from / to /confluence' + rewrite_rule: + - ^(/?)$ /confluence/ [R=301,L] + - comment: 'switch to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - ^(.*)$ https://%%{ich-trickse}{HTTP_HOST}$1 [R=301,L] + - comment: 'browse people' + rewrite_cond: + - '%%{ich-trickse}{ENV:ppnetze} !=true' + rewrite_rule: + - '^/confluence/browsepeople\.action$ - [F,L]' + - comment: 'display' + rewrite_cond: + - '%%{ich-trickse}{ENV:ppnetze} !=true' + rewrite_rule: + - '^/confluence/display/~(.*)$ - [F,L]' + - comment: 'rest mentions network' + rewrite_cond: + - '%%{ich-trickse}{ENV:ppnetze} !=true' + rewrite_rule: + - '^/confluence/rest/mentions/1/network.json$ - [F,L]' + - comment: 'search user' + rewrite_cond: + - '%%{ich-trickse}{ENV:ppnetze} !=true' + rewrite_cond: + - '%%{ich-trickse}{QUERY_STRING} search=user' + rewrite_rule: + - '^/confluence/rest/prototype/1/search.json$ - [F,L]' diff --git a/customer/pixelpark/fs-training.pixelpark.com.yaml b/customer/pixelpark/fs-training.pixelpark.com.yaml new file mode 100644 index 00000000..f9cc1f16 --- /dev/null +++ b/customer/pixelpark/fs-training.pixelpark.com.yaml @@ -0,0 +1,13 @@ +--- +site::role: base + +accounts::users: + carsten.hensiek: + apply: true + sudo: true + sebastian.niederkrome: + apply: true + sudo: true + klaus.hippe: + apply: true + sudo: true \ No newline at end of file diff --git a/customer/pixelpark/mail01.pixelpark.com.yaml b/customer/pixelpark/mail01.pixelpark.com.yaml index 2b7c71a9..4c3c2b5e 100644 --- a/customer/pixelpark/mail01.pixelpark.com.yaml +++ b/customer/pixelpark/mail01.pixelpark.com.yaml @@ -1,6 +1,2 @@ --- site::role: base -accounts::users: - frank.brehm: - apply: true - sudo: true diff --git a/customer/pixelpark/mail02.pixelpark.com.yaml b/customer/pixelpark/mail02.pixelpark.com.yaml deleted file mode 100644 index f9616d38..00000000 --- a/customer/pixelpark/mail02.pixelpark.com.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -site::role: base - -site::additional_classes: - - site::profile::sasl - -# Necessary, because the host has a local caching only DNS resolver -puppetconf::server: puppetmaster01.pixelpark.com - -accounts::users: - frank.brehm: - apply: true - sudo: true diff --git a/customer/pixelpark/messageq01.pixelpark.com.yaml b/customer/pixelpark/messageq01.pixelpark.com.yaml index 27ebf882..f652a242 100644 --- a/customer/pixelpark/messageq01.pixelpark.com.yaml +++ b/customer/pixelpark/messageq01.pixelpark.com.yaml @@ -1,6 +1,7 @@ --- site::role: base site::additional_classes: + - site::profile::apache - site::profile::mcollective::common - site::profile::mcollective::middleware - rabbitmq @@ -13,6 +14,7 @@ rabbitmq::stomp_ensure: true rabbitmq::config_stomp: true rabbitmq::stomp_port: 61613 rabbitmq::ssl_stomp_port: 61614 +rabbitmq::management_ssl: false rabbitmq::config_variables: reverse_dns_lookups: true rabbitmq::ssl_versions: ['tlsv1.2', 'tlsv1.1', 'tlsv1'] @@ -24,6 +26,23 @@ rabbitmq::ssl_cert: "%{puppet_vardir}/ssl/certs/%{fqdn}.pem" rabbitmq::ssl_key: "%{puppet_vardir}/ssl/private_keys/%{fqdn}.pem" rabbitmq::ssl_cacert: "%{puppet_vardir}/ssl/certs/ca.pem" -site::profile::mcollective::middleware::middleware_admin_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAIVIShAj3HEDPLmiKYpzk8fK38DMsCsYYD2qAt45VhVfoeXiqc8XfW0A9dU8Sfz+auspbkgmPYupv5AM5Nhrawo2QfzuPFBp1JkGzpfRU9MP1JrzI92GEiFjVUGtz9tuzr+Sbne9ouWXi7XwwRpAaj678rm98NfUGboyBHeXPFMRSBerhuFofZW4ZjIf5hl7dT8lzRjKI9I4y3fVDDV5bVfTAXBEpniS4mU+FsUxFdxIBCTFmyW9nSIih+QeYM76bZQnBgTrlIq1T32a79UDeTrPyo245C7cWQOlhQ1DIRBv0QadOKRhapVSN28NnQFzLmRoS/4iEMnJn9V70ES2OOTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCCtrW75zleAgwnLR7JxF8PgCD8GXsRvgTH2IuFhtyr+E+4OWxhVXwzt0vqWv5j4uBxIA==] +site::profile::mcollective::middleware::middleware_admin_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAQhq14SLl4sOEMuIQrr/C4hQcUytStmX7J4VNkkquOHG7TiApBIXJANVvizwffDTW0o8hdcP+wXwD+6ZWD6hNpGBPSsoJqzUIyhlYs+mWPsmhymRgIVsAGYaNeynT1jfR4vBNH+mli8c1N4V7WVY4Z6QfSOr0OV+/Q2Iyg3KdkjJ8GChQIZGV4hjPKJmMBkH2oOWucbb8zxnIw8A/U18RIwf7EPTqoY+XCgYe5UG2kpy6OsWqAq7c6+r80vqc8IQGVvPqzMmd/wNNsbhWTsQO7KTArLJp3B4sAJzQa3hel+id3eMp0VlXQkTlgSD7JqtpB0YTb/IhwgAzXZ5PIn/4xDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDUIUJX1Et6IZ2I6qDpyHrvgCDjjA10thdhvKI5cnynMm15+Rlp+0u42FAJdRzTYmab3Q==] # Password für MCollective Channel -site::profile::mcollective::middleware::middleware_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAbiONpIROd+0gOLwd9g3YrG8rbKs9IE3XRVvbkolYM06y8ViFEawJZHrg8BhguIuxEPQAqXPNWdbrCiPrTI50tItmtlPIWfkoI32fcOH6Ztxio/iQceYbm77K5eRqkB6S+MBPB9NDu5g6JWscy5B6UKQwezZ+KOsS61BzvoCGEEi9DTj/0Z0QPA3lVil+m3YVMMJyqaS97l2Vho2gXbQMZRiI5zXzYvJQRk90gDenAkeqmNU6w68qcyNCUZPEuPn9S+4TjZRCEWIRld1dNHnfyAdg90G/pXT/HhS1JSixblgn2Hokn4b2zMtQPwDiBjDRUOWUfCgMRIjvLAn/8IbcUjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCqEp+afH5LF7D0Z3g5PSs2gCBh4LwHt9Q9UFCF0OM6yikhfmSZhs6SusoIUKgAQxxvOA==] \ No newline at end of file +site::profile::mcollective::middleware::middleware_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAbiONpIROd+0gOLwd9g3YrG8rbKs9IE3XRVvbkolYM06y8ViFEawJZHrg8BhguIuxEPQAqXPNWdbrCiPrTI50tItmtlPIWfkoI32fcOH6Ztxio/iQceYbm77K5eRqkB6S+MBPB9NDu5g6JWscy5B6UKQwezZ+KOsS61BzvoCGEEi9DTj/0Z0QPA3lVil+m3YVMMJyqaS97l2Vho2gXbQMZRiI5zXzYvJQRk90gDenAkeqmNU6w68qcyNCUZPEuPn9S+4TjZRCEWIRld1dNHnfyAdg90G/pXT/HhS1JSixblgn2Hokn4b2zMtQPwDiBjDRUOWUfCgMRIjvLAn/8IbcUjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCqEp+afH5LF7D0Z3g5PSs2gCBh4LwHt9Q9UFCF0OM6yikhfmSZhs6SusoIUKgAQxxvOA==] + + +site::profile::apache::pp_vhosts: + messageq: + servername: messageq01.pixelpark.com + serveraliases: + - messageq.pixelpark.com + docroot: /var/www/html/ + redirect_dest_non_ssl: https://messageq.pixelpark.com + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.com-key.pem' + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem' + proxy_dest: http://messageq.pixelpark.com:15672 + rewrites_non_ssl: + - comment: 'HTTPS Rewrite' + rewrite_rule: + - '^(.*)$ https://messageq.pixelpark.com$1 [L,R=301]' \ No newline at end of file diff --git a/customer/pixelpark/openvmware-tools-current.pixelpark.net.yaml b/customer/pixelpark/openvmware-tools-current.pixelpark.net.yaml new file mode 100644 index 00000000..4c3c2b5e --- /dev/null +++ b/customer/pixelpark/openvmware-tools-current.pixelpark.net.yaml @@ -0,0 +1,2 @@ +--- +site::role: base diff --git a/customer/pixelpark/openvmware-tools.pixelpark.net.yaml b/customer/pixelpark/openvmware-tools.pixelpark.net.yaml new file mode 100644 index 00000000..4c3c2b5e --- /dev/null +++ b/customer/pixelpark/openvmware-tools.pixelpark.net.yaml @@ -0,0 +1,2 @@ +--- +site::role: base diff --git a/customer/pixelpark/psql-pp01.pixelpark.net.yaml b/customer/pixelpark/psql-pp01.pixelpark.net.yaml index 09bb19bc..359ea68f 100644 --- a/customer/pixelpark/psql-pp01.pixelpark.net.yaml +++ b/customer/pixelpark/psql-pp01.pixelpark.net.yaml @@ -1,4 +1,10 @@ --- +accounts::users: + gregor.naeckel: + apply: true + sudo: true +# custom-admins + site::role: base #site::additional_classes: # - site::profile::postgresql_server diff --git a/customer/pixelpark/psql-pp02.pixelpark.net.yaml b/customer/pixelpark/psql-pp02.pixelpark.net.yaml old mode 100755 new mode 100644 index 8bbb052e..757a3c0a --- a/customer/pixelpark/psql-pp02.pixelpark.net.yaml +++ b/customer/pixelpark/psql-pp02.pixelpark.net.yaml @@ -14,18 +14,18 @@ site::profile::pg_server::configs: site::profile::pg_server::dbs: sonar: - password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEALJNNhKSPALSQVrwaMtg19SayNLgSPTBd6nSem1NTRCbOQ1+cwSIwkHk8HEg8eZT+rsKy02a8wiZdAbqTCntNjC0q+R6KPz4PVPXEhaMwlXHa7GBPhagECy6ni65aYG/1PFdzIrX9DeAdUNPVl6irM21qXsodF0lmlJUA/X2toqoW9AomVK+/o5+4Bqf2n5NIkNSm4rrmPBmz9qpYDQaX1x5oEEHoBC+U3fpOIxHdDGNbtIA4Jj51zEpj+wnkySIUeg0Ec7O677GEd5yT937UWgF5KBISVBQGf6XHX+VK6goYbEgnkDzG8NCkreo2J6nW9xoGcyiqah5ZdfXBOnv39zBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBZ602IZY9LspbWdLTaE+/kgCBBCjLtSFkEDKTdgEVB8LGG3sUPvA2lg5KZvKl+TNvmDg==] + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAp+9rnytCDtvva/oOgepGgyEO7grAntw0VfLTev338YdzmKEXWgu8/f1zPskk/BdUqdBoT4q69g8hLD/lgqFOGUhHRDCInXKHB05YHz/6zwGgYSaEwHoDj/FqOy6uqHuEQXS9ImRh53FtYho+jhXaWo0ID6+EFAycOBLXWtES1+4lPxfS+FTiSv0penNWiACfOc2qEbBx1RIr64MOUtdva1O+TuNMfxvCW2j/4kATqcj6s+WDG5sqBaM4XH579GXr5EtLLk+5BMkPBzswC/mF/qGVMG/rf2YqvAn7L6d51a6ODlg3sTlhUU8P2+jbTOKVSNqq9on/8Hpaa9c7PbPBBTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCDzJLxehok1ciZOwOGiqudgCCyi/pk5qcLZJ+ZGnFdMIt/VTY8VJbVg/8qKoZZJ9mTYQ==] network: 217.66.55.64/28 gitlab: - password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAKpFPDpO0WPXo7PYnedgM70o9P6HvMIxI9YxIPSfGN0P7JSF0CotqkR51B/ao3KRkBAt43vNZMcDmvCblTP/idOVxIarZk0/rI7ApoTQ+qC8xoGRawLMlCBfdvRcNcq+bqmkbB7EGRFA1haCniEg3rBjq3CAlF4RH8LbTID2Jda0DTlzl05eNqM2ePwcttMVW27aM9WxLMhjtSfl97r8f4b3E9h2H6ooipYvZHJ35CKdZom3M2d/N+pjcCaiZnGiv3cKeuqUl7i+7C7G3qJdO692mqhxGxg0TwQComYzpWUfhkX2P+R2R12w/0Lks++2cnxqsG/crCvWopPDf7N0L7TBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBH28TJbt78pEujz0nke4CrgCCbBJ9KilPSW/prfvqwbtqvk64GShToRjvWp/gkfmcDdQ==] + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAnIHIHe36zyMV2T0jEZjmxJ0HC7fNc+LGFfElL6HCMc5tDK0m8paIgvOlb6Z9m5hMfg5MNWPhNZmJa856cn3Hf9VpZmZaWaklee0OpExuiRDuEkc5mexhRkcEPyr7iwUnxSbf5HEhZ/0lue0Dc40AyCtR4WRxe1ms5XwHFK5DG1zHrZxHTefH+3e+r0mH9/Zdy/jhMBUI9sW3aeNLDktbktJxXPrQeR6BSURIg7WG/WFnKtHSMEivIKhhO0oTwjK2s4peWLWl31ZROM+ZjwQA+OGxwdh5/6SzpyuU67hvhQ5c5sERNBXD50CqlVo26DJUdcDdkAizz2pUX09Cel5opzBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD40z3q5g7u/aGZVCNTR7ZLgCBbwQDsEGcZnkzJC6czcIdQd2WCu8ySg3bEG5EWtVKXKQ==] network: 217.66.53.247/32 extensions: 'pg_trgm': {} foreman: - password: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAoN1AkQwgNiyt/veRRPUzRTpVQGdF2Xp8MI8zzWJoLId1PyCpShyHQlIWdeBnZnulfFUNr+OgfAgvhOr8E5zgweJnA3gUTHNbcwvhArzNk9G5voZSSX0qsKBDIkk30u+uassR7amHVOTC0XPLFieRiLqLCZb/hL3Vb0v8HeSb1tuIaN172Qbdee+bPzX8wOnmAc1HZTTftKJmcSvDC3XQyl88kvLmmxvVda+X6nzSDksm73xTXRpkGw1QoQhVmA5wB7guS0WpAMzmOb+M5dVlnpykMa4T2G/ZT05OXJh2O9v/KHo3g5Bm+dmScHegY79wWPlQ7n0sZYJwxeO2MWuq8DA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDDinqiM5t7zUq4O9XQOAJpgBAsDnEH1PE11FjxwPPH5Nqz] + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAs0WbVwkP2rHvZyGgH/JkvbrdPXmCI02NV1B3lgRnIjIDsK+SkSC2xOPN7p5hMLAp/7z+NhuUrfwE5GA1Sp8qIaGG+yLSJjBU9y1EyvVgmW4MdoFwUTACBVB9oTD1zqM4barWC/lEYIPlslrvF1bwwR31VKz1g24ii3hIVShxPqObq1R91pw/xbsNXc+8JR8Pd2+Usc9a8DeoPf0+hD5OaaurbYy/6bCIzeDiUby1JS6bE+lOjmAAYsuAyD8h1bGzIou5NXAh/V8ZjBk+Isn0RzctfMJwygWCZb5AJx4mLnxetJaJ4OLUeGpT8bnzvkhbjYljmMcDFedzQalL7CEMaDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCoMP6GcibSUEoJRqrJho9SgCBT6MgfMHXXdIx5GU0U3ZmPO5pwlGUTWxBp3ocjomvAKQ==] network: 93.188.104.40/32 puppetdb: - password: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAgeazLm9O0BsUPc3sOFPEZbjAVZBLGX+ha9p/emA/0V2bRot9QVpURgyAbNMr7vZlCiCvX/O+3cY3MPSjk7/9YipWUlqIXxhNA9JX7MHkZ8Jw8SbrQBkE4UoDgIAmhHP9qMhhVZ0xUyu7754bsl+og/ve90ToDIo0bQBBgzOrMxV/KcGmHNHhb8PAx4HSWK+nilPgi1gHCkQDGZNZU77xpx7aREhKau+yGni6y4mfvVR3cEJH1qKsBp+yWfbGVbXKneSXMoqUU9pOiD3plhOrDtFgPuYzLU8f5StXBHSJimEgAv3WwYXYJ3Cjo/GZQqMJqa2E90iXl5Ac8+H0rZwKlDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBA+jxAdZrTkhVCcpHs+7FZVgBD4aB0md1HdKpdK7FzDSJf5] + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAteEOsW3t4S7E6ColNiIyL4mBxMOCfgkeSGSEELQgyz0xT6fUGO4zvtwGDt58fK+F5JkjofHxal4w+nh25PiDA34gQcaE1aXMdFY5DZ46VxbLe1W93BWCAon8acMupUo2w5yJOLyJHcphtf+x2lH0rsjEV6w7KfJrKa55yfnboJNIITmXaALv9wzO1ZkL7BXVzpX1n+hGkmQ8/J/Wkl4c1cwj9E5QDDbzlYrYpBe3Rv9RwGKnHXoNW11PHiLJvIE6QYXShT700xOVuaoOjUZGpJNE4my282Txb9mxEnCx1FV6055+rpnpWTt7GiJRHNsyE+iKb2vW2liPfdQcJ5GWwjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBPosnOguYbqFsqvsVY35BPgCDZfKajlxQV/wWqROnP5ilrtO6X9BzZWG1e9Wz6/Srz/Q==] network: 93.188.104.37/32 extensions: 'puppetdb_pg_trgm': diff --git a/customer/pixelpark/test-extranet01.pixelpark.com.yaml b/customer/pixelpark/test-extranet01.pixelpark.com.yaml index 94c40db2..792427d4 100644 --- a/customer/pixelpark/test-extranet01.pixelpark.com.yaml +++ b/customer/pixelpark/test-extranet01.pixelpark.com.yaml @@ -1,6 +1,11 @@ --- -site::role: base accounts::users: + gregor.naeckel: + apply: true + sudo: true carsten.hensiek: apply: true - sudo: true \ No newline at end of file + sudo: true +# custom-admins + +site::role: base \ No newline at end of file diff --git a/customer/pixelpark/test-psql-pp01.pixelpark.net.yaml b/customer/pixelpark/test-psql-pp01.pixelpark.net.yaml index 31c695b2..ff1ad428 100644 --- a/customer/pixelpark/test-psql-pp01.pixelpark.net.yaml +++ b/customer/pixelpark/test-psql-pp01.pixelpark.net.yaml @@ -1,4 +1,10 @@ --- +accounts::users: + gregor.naeckel: + apply: true + sudo: true +# custom-admins + site::role: base #site::additional_classes: # - site::profile::postgresql_server diff --git a/customer/pixelpark/vmware-tools.pixelpark.net.yaml b/customer/pixelpark/vmware-tools.pixelpark.net.yaml new file mode 100644 index 00000000..4c3c2b5e --- /dev/null +++ b/customer/pixelpark/vmware-tools.pixelpark.net.yaml @@ -0,0 +1,2 @@ +--- +site::role: base diff --git a/customer/pixelpark/web-client-survey.pixelpark.com.yaml b/customer/pixelpark/web-client-survey.pixelpark.com.yaml index d10af80b..281ad277 100644 --- a/customer/pixelpark/web-client-survey.pixelpark.com.yaml +++ b/customer/pixelpark/web-client-survey.pixelpark.com.yaml @@ -10,10 +10,6 @@ accounts::users: daniel.pritzkau: apply: true sudo: true - sudo_cmds: - - RESTARTNODE - - JOURNALCTL - - JOURNAL sudo::configs: cmd_alias: diff --git a/customer/pixeltest/sol4711.pixelpark.com.yaml b/customer/pixeltest/sol4711.pixelpark.com.yaml index 4c3c2b5e..aadcc9df 100644 --- a/customer/pixeltest/sol4711.pixelpark.com.yaml +++ b/customer/pixeltest/sol4711.pixelpark.com.yaml @@ -1,2 +1,11 @@ --- site::role: base + +accounts::users: + frank.brehm: + uid: 66781 + key: "AAAAB3NzaC1yc2EAAAADAQABAAACAQC5YO7Jw/FiRE/9tHmDn0YKuQHxXxXRR0Ah3FrwcMU9rgYLxy6e8MY19UDpvDNil2J5QIr+nBcTZ3tfvK0j0kU/xRUWPzgbjYc2Mrk7c45BiPrHimCNKswstvFHTuJQqEk6bnM1Z3tYybgIXtNZ+ENXBe4cm85KNDiJ/ujOV3oNsb5rASmdsom43j+yEBZTWeoREox6yLirBxdYXIyLt0cyaNzMJheyIRM3/M1zfQmFcEF4tjESKsDdzE704VsEu3uJ/AxMb+/eQX5KKdUdm0HQ1Fafk6KLIio4qJe1lUAh9ca+k/gE/toFbS1gbfqRfPXl+nxg0MP/Tg1RNaDXiwX3Du4M48rmgXilvfmyxlaXXvFP+XBAElW4iDLKvjRzPhNfeyVKFol1RT1fbzkYOp744NlBoyW5pa6WBmXf7XeXpfOOEGQAicljFxazkpEDqRWCHheUnI3g8u3chQDmrGxMIvmGE1r2VTfMM5dkQAHUe13YecffIJUqfkWLwB8zkVpRMDr0Fs2RH15GEqs19cUdRuYcf2223o2IclVndpjWkOpqhDcXg1Ha8l/VnQoaZqJVESjUWxzXzoKdOiWMPdKm6HkjcnaqyQjBv3cx2E82gPnIqhSLJcsRqGwMo6jgDKEsiJR3E+rDsjOEUWevIUrEdld15kpiEMHviFvB7itl8w==" + comment: "Frank-Brehm" + apply: true + shell: "bash" + sudo: true diff --git a/customer/prometheus/common.yaml b/customer/prometheus/common.yaml index 75f83d27..9b212a42 100644 --- a/customer/prometheus/common.yaml +++ b/customer/prometheus/common.yaml @@ -1,2 +1,9 @@ --- -repo::redhat::oel7::ol7_UEKR4_enable: '1' \ No newline at end of file +repo::redhat::oel7::ol7_UEKR4_enable: '1' +accounts::users: + gerrit.gruben: + apply: true + groups: 'docker' + sebastian.kuepers: + apply: true + sudo: true diff --git a/customer/prometheus/data.prometheus.pixelpark.net.yaml b/customer/prometheus/data.prometheus.pixelpark.net.yaml new file mode 100644 index 00000000..4c3c2b5e --- /dev/null +++ b/customer/prometheus/data.prometheus.pixelpark.net.yaml @@ -0,0 +1,2 @@ +--- +site::role: base diff --git a/customer/prometheus/master01.prometheus.pixelpark.net.yaml b/customer/prometheus/master01.prometheus.pixelpark.net.yaml index a7418696..5a37579d 100644 --- a/customer/prometheus/master01.prometheus.pixelpark.net.yaml +++ b/customer/prometheus/master01.prometheus.pixelpark.net.yaml @@ -3,6 +3,7 @@ site::role: base site::additional_classes: - logstash + - accounts logstash::filter: - journald @@ -34,8 +35,3 @@ logstash::generic_resource: type: marathon tags: - 'talos' - -accounts::users: - sebastian.kuepers: - apply: true - sudo: true diff --git a/customer/prometheus/slave001.prometheus.pixelpark.net.yaml b/customer/prometheus/slave001.prometheus.pixelpark.net.yaml index d31f653f..d99921ae 100644 --- a/customer/prometheus/slave001.prometheus.pixelpark.net.yaml +++ b/customer/prometheus/slave001.prometheus.pixelpark.net.yaml @@ -2,8 +2,6 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - -site::additional_classes: - logstash logstash::filter: @@ -27,11 +25,6 @@ logstash::generic_resource: tags: - 'talos' -accounts::users: - sebastian.kuepers: - apply: true - sudo: true - xymon::disks: '/srv': warnlevel: 99 diff --git a/customer/prometheus/slave002.prometheus.pixelpark.net.yaml b/customer/prometheus/slave002.prometheus.pixelpark.net.yaml index d31f653f..d99921ae 100644 --- a/customer/prometheus/slave002.prometheus.pixelpark.net.yaml +++ b/customer/prometheus/slave002.prometheus.pixelpark.net.yaml @@ -2,8 +2,6 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - -site::additional_classes: - logstash logstash::filter: @@ -27,11 +25,6 @@ logstash::generic_resource: tags: - 'talos' -accounts::users: - sebastian.kuepers: - apply: true - sudo: true - xymon::disks: '/srv': warnlevel: 99 diff --git a/customer/prometheus/slave003.prometheus.pixelpark.net.yaml b/customer/prometheus/slave003.prometheus.pixelpark.net.yaml index d31f653f..d99921ae 100644 --- a/customer/prometheus/slave003.prometheus.pixelpark.net.yaml +++ b/customer/prometheus/slave003.prometheus.pixelpark.net.yaml @@ -2,8 +2,6 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - -site::additional_classes: - logstash logstash::filter: @@ -27,11 +25,6 @@ logstash::generic_resource: tags: - 'talos' -accounts::users: - sebastian.kuepers: - apply: true - sudo: true - xymon::disks: '/srv': warnlevel: 99 diff --git a/customer/prometheus/slave004.prometheus.pixelpark.net.yaml b/customer/prometheus/slave004.prometheus.pixelpark.net.yaml index d31f653f..d99921ae 100644 --- a/customer/prometheus/slave004.prometheus.pixelpark.net.yaml +++ b/customer/prometheus/slave004.prometheus.pixelpark.net.yaml @@ -2,8 +2,6 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - -site::additional_classes: - logstash logstash::filter: @@ -27,11 +25,6 @@ logstash::generic_resource: tags: - 'talos' -accounts::users: - sebastian.kuepers: - apply: true - sudo: true - xymon::disks: '/srv': warnlevel: 99 diff --git a/customer/prometheus/slave005.prometheus.pixelpark.net.yaml b/customer/prometheus/slave005.prometheus.pixelpark.net.yaml index ced43bc8..fcb5fc04 100644 --- a/customer/prometheus/slave005.prometheus.pixelpark.net.yaml +++ b/customer/prometheus/slave005.prometheus.pixelpark.net.yaml @@ -2,8 +2,6 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - -site::additional_classes: - logstash logstash::filter: @@ -26,8 +24,3 @@ logstash::generic_resource: type: docker tags: - 'talos' - -accounts::users: - sebastian.kuepers: - apply: true - sudo: true diff --git a/customer/prometheus/slave006.prometheus.pixelpark.net.yaml b/customer/prometheus/slave006.prometheus.pixelpark.net.yaml index ced43bc8..fcb5fc04 100644 --- a/customer/prometheus/slave006.prometheus.pixelpark.net.yaml +++ b/customer/prometheus/slave006.prometheus.pixelpark.net.yaml @@ -2,8 +2,6 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - -site::additional_classes: - logstash logstash::filter: @@ -26,8 +24,3 @@ logstash::generic_resource: type: docker tags: - 'talos' - -accounts::users: - sebastian.kuepers: - apply: true - sudo: true diff --git a/customer/prometheus/slave007.prometheus.pixelpark.net.yaml b/customer/prometheus/slave007.prometheus.pixelpark.net.yaml index ced43bc8..fcb5fc04 100644 --- a/customer/prometheus/slave007.prometheus.pixelpark.net.yaml +++ b/customer/prometheus/slave007.prometheus.pixelpark.net.yaml @@ -2,8 +2,6 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - -site::additional_classes: - logstash logstash::filter: @@ -26,8 +24,3 @@ logstash::generic_resource: type: docker tags: - 'talos' - -accounts::users: - sebastian.kuepers: - apply: true - sudo: true diff --git a/customer/prometheus/slave008.prometheus.pixelpark.net.yaml b/customer/prometheus/slave008.prometheus.pixelpark.net.yaml index ced43bc8..fcb5fc04 100644 --- a/customer/prometheus/slave008.prometheus.pixelpark.net.yaml +++ b/customer/prometheus/slave008.prometheus.pixelpark.net.yaml @@ -2,8 +2,6 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - -site::additional_classes: - logstash logstash::filter: @@ -26,8 +24,3 @@ logstash::generic_resource: type: docker tags: - 'talos' - -accounts::users: - sebastian.kuepers: - apply: true - sudo: true diff --git a/customer/prometheus/slave009.prometheus.pixelpark.net.yaml b/customer/prometheus/slave009.prometheus.pixelpark.net.yaml index 238d565d..da009e74 100644 --- a/customer/prometheus/slave009.prometheus.pixelpark.net.yaml +++ b/customer/prometheus/slave009.prometheus.pixelpark.net.yaml @@ -2,8 +2,6 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - -site::additional_classes: - logstash logstash::filter: @@ -26,9 +24,3 @@ logstash::generic_resource: type: docker tags: - 'talos' - -accounts::users: - sebastian.kuepers: - apply: true - sudo: true - diff --git a/customer/prometheus/slave010.prometheus.pixelpark.net.yaml b/customer/prometheus/slave010.prometheus.pixelpark.net.yaml index dffef4f4..da009e74 100644 --- a/customer/prometheus/slave010.prometheus.pixelpark.net.yaml +++ b/customer/prometheus/slave010.prometheus.pixelpark.net.yaml @@ -2,8 +2,6 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - -site::additional_classes: - logstash logstash::filter: @@ -26,8 +24,3 @@ logstash::generic_resource: type: docker tags: - 'talos' - -accounts::users: - sebastian.kuepers: - apply: true - sudo: true diff --git a/customer/prometheus/slave011.prometheus.pixelpark.net.yaml b/customer/prometheus/slave011.prometheus.pixelpark.net.yaml index ced43bc8..fcb5fc04 100644 --- a/customer/prometheus/slave011.prometheus.pixelpark.net.yaml +++ b/customer/prometheus/slave011.prometheus.pixelpark.net.yaml @@ -2,8 +2,6 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - -site::additional_classes: - logstash logstash::filter: @@ -26,8 +24,3 @@ logstash::generic_resource: type: docker tags: - 'talos' - -accounts::users: - sebastian.kuepers: - apply: true - sudo: true diff --git a/customer/prometheus/slave012.prometheus.pixelpark.net.yaml b/customer/prometheus/slave012.prometheus.pixelpark.net.yaml index ced43bc8..fcb5fc04 100644 --- a/customer/prometheus/slave012.prometheus.pixelpark.net.yaml +++ b/customer/prometheus/slave012.prometheus.pixelpark.net.yaml @@ -2,8 +2,6 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - -site::additional_classes: - logstash logstash::filter: @@ -26,8 +24,3 @@ logstash::generic_resource: type: docker tags: - 'talos' - -accounts::users: - sebastian.kuepers: - apply: true - sudo: true diff --git a/customer/sirona-aem/dev01-author-sirona.pixelpark.net.yaml b/customer/sirona-aem/dev01-author-sirona.pixelpark.net.yaml index 4b9d4efd..1543ee43 100644 --- a/customer/sirona-aem/dev01-author-sirona.pixelpark.net.yaml +++ b/customer/sirona-aem/dev01-author-sirona.pixelpark.net.yaml @@ -2,7 +2,8 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - - repo::redhat::zfs +# Disable because of extra 7.3 download path +# - repo::redhat::zfs - site::profile::aem::author site::profile::cron::cronjobs: diff --git a/customer/sirona-aem/dev01-publish-sirona.pixelpark.net.yaml b/customer/sirona-aem/dev01-publish-sirona.pixelpark.net.yaml index 5e21c8b9..55c183ea 100644 --- a/customer/sirona-aem/dev01-publish-sirona.pixelpark.net.yaml +++ b/customer/sirona-aem/dev01-publish-sirona.pixelpark.net.yaml @@ -2,7 +2,8 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - - repo::redhat::zfs +# Disable because of extra 7.3 download path +# - repo::redhat::zfs - site::profile::aem::publish - apache::mod::include diff --git a/customer/sirona-aem/development.yaml b/customer/sirona-aem/development.yaml index 4befbfbb..fde9d4b3 100644 --- a/customer/sirona-aem/development.yaml +++ b/customer/sirona-aem/development.yaml @@ -107,11 +107,11 @@ aem::maven::servers: - sirona-releases: id: sirona-releases username: sirona - password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAWN6ky/ULCS114gcIPtMqRrSV+IHIhmCZORvhuwUDT0Kh2VQpD0g0qMjWLR85YVrKFx9e0dziSN8EgS0Ew1biJrSW1Q0U0hXBFAumWUHtKconumqTbEP09WziB4EctyUcjxb07Wd3t1TNXpFmjd8MO0uULcj+4PL3db71HX3vOmOnOSA/6t/z0kivJWGsoPZirH0pc/+op0TuVTbDYKwBYlOn0kLM3f0+eBj1AkeH4ZAS2u2byLY3yJC/qMsIJ8zwhyoUhh+0vJNLtGq6k2J0dyJdmnYxEfy1dMQ6OA1oSOJHQQhfh2nOONOXI/3pNvn0HBY+QwBgHvElvED2dBGaTDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBYKqaAMGI3oxuUPd4gF+JTgCA+d4GjLHa1ECpg4DayklrAdOwXWxWHhKN+rKdXFfTK2A==] + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAbTW1ZWhJ6XWqPPdsU4vXYYLQk8zEOh0y/a/g5SJ8bFH8ygZrbTNHeEaVTKLguF8Qai5diDKzL3pUiQUlRlbb6m69rf+g4hlNUM1n5PA6dfNnqUaMfpRH0X8VvhE6/Pgz/9zOep92UlVO9Aj78IZddWOjWd1Rj0KJ/RFoLBPfkXL7sgFv2pfoFMQIQ+5Yelaq+hy4vNbIKeJx1poHA9JEEl7O18bzYTO/TFzlvjbM4MphRvbM39c3F7IVV6A4PfZEYIFamHoijrWSuA9QoHCB6m5p/SgGisiKshpaQvBhAsmMmWXvHlFy0xifkt3ZllBPdSdtZuLnBHIpOAhNZcMZOTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBMwmGTKpQIcXGnUejWqwRFgCCDSr38JPWvgcVYUXTLTBOTx+GXPyygaUwFjHLOtIJnrQ==] - sirona-snapshots: id: sirona-snapshots username: sirona - password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAWN6ky/ULCS114gcIPtMqRrSV+IHIhmCZORvhuwUDT0Kh2VQpD0g0qMjWLR85YVrKFx9e0dziSN8EgS0Ew1biJrSW1Q0U0hXBFAumWUHtKconumqTbEP09WziB4EctyUcjxb07Wd3t1TNXpFmjd8MO0uULcj+4PL3db71HX3vOmOnOSA/6t/z0kivJWGsoPZirH0pc/+op0TuVTbDYKwBYlOn0kLM3f0+eBj1AkeH4ZAS2u2byLY3yJC/qMsIJ8zwhyoUhh+0vJNLtGq6k2J0dyJdmnYxEfy1dMQ6OA1oSOJHQQhfh2nOONOXI/3pNvn0HBY+QwBgHvElvED2dBGaTDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBYKqaAMGI3oxuUPd4gF+JTgCA+d4GjLHa1ECpg4DayklrAdOwXWxWHhKN+rKdXFfTK2A==] + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAbTW1ZWhJ6XWqPPdsU4vXYYLQk8zEOh0y/a/g5SJ8bFH8ygZrbTNHeEaVTKLguF8Qai5diDKzL3pUiQUlRlbb6m69rf+g4hlNUM1n5PA6dfNnqUaMfpRH0X8VvhE6/Pgz/9zOep92UlVO9Aj78IZddWOjWd1Rj0KJ/RFoLBPfkXL7sgFv2pfoFMQIQ+5Yelaq+hy4vNbIKeJx1poHA9JEEl7O18bzYTO/TFzlvjbM4MphRvbM39c3F7IVV6A4PfZEYIFamHoijrWSuA9QoHCB6m5p/SgGisiKshpaQvBhAsmMmWXvHlFy0xifkt3ZllBPdSdtZuLnBHIpOAhNZcMZOTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBMwmGTKpQIcXGnUejWqwRFgCCDSr38JPWvgcVYUXTLTBOTx+GXPyygaUwFjHLOtIJnrQ==] aem::packages: diff --git a/customer/sirona-aem/int01-author-sirona.pixelpark.net.yaml b/customer/sirona-aem/int01-author-sirona.pixelpark.net.yaml index 4b9d4efd..bac09f0a 100644 --- a/customer/sirona-aem/int01-author-sirona.pixelpark.net.yaml +++ b/customer/sirona-aem/int01-author-sirona.pixelpark.net.yaml @@ -2,8 +2,10 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - - repo::redhat::zfs +# Disable because of extra 7.3 download path +# - repo::redhat::zfs - site::profile::aem::author + - apache::mod::include site::profile::cron::cronjobs: zfs_rotation: diff --git a/customer/sirona-aem/int01-publish-sirona.pixelpark.net.yaml b/customer/sirona-aem/int01-publish-sirona.pixelpark.net.yaml index a2cea6bc..55c183ea 100644 --- a/customer/sirona-aem/int01-publish-sirona.pixelpark.net.yaml +++ b/customer/sirona-aem/int01-publish-sirona.pixelpark.net.yaml @@ -2,8 +2,10 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - - repo::redhat::zfs +# Disable because of extra 7.3 download path +# - repo::redhat::zfs - site::profile::aem::publish + - apache::mod::include site::profile::cron::cronjobs: zfs_rotation: diff --git a/customer/sirona-aem/int02-publish-sirona.pixelpark.net.yaml b/customer/sirona-aem/int02-publish-sirona.pixelpark.net.yaml index a2cea6bc..55c183ea 100644 --- a/customer/sirona-aem/int02-publish-sirona.pixelpark.net.yaml +++ b/customer/sirona-aem/int02-publish-sirona.pixelpark.net.yaml @@ -2,8 +2,10 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - - repo::redhat::zfs +# Disable because of extra 7.3 download path +# - repo::redhat::zfs - site::profile::aem::publish + - apache::mod::include site::profile::cron::cronjobs: zfs_rotation: diff --git a/customer/sirona-aem/prod01-author-sirona.pixelpark.net.yaml b/customer/sirona-aem/prod01-author-sirona.pixelpark.net.yaml index 4b9d4efd..bac09f0a 100644 --- a/customer/sirona-aem/prod01-author-sirona.pixelpark.net.yaml +++ b/customer/sirona-aem/prod01-author-sirona.pixelpark.net.yaml @@ -2,8 +2,10 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - - repo::redhat::zfs +# Disable because of extra 7.3 download path +# - repo::redhat::zfs - site::profile::aem::author + - apache::mod::include site::profile::cron::cronjobs: zfs_rotation: diff --git a/customer/sirona-aem/prod01-publish-sirona.pixelpark.net.yaml b/customer/sirona-aem/prod01-publish-sirona.pixelpark.net.yaml index a2cea6bc..55c183ea 100644 --- a/customer/sirona-aem/prod01-publish-sirona.pixelpark.net.yaml +++ b/customer/sirona-aem/prod01-publish-sirona.pixelpark.net.yaml @@ -2,8 +2,10 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - - repo::redhat::zfs +# Disable because of extra 7.3 download path +# - repo::redhat::zfs - site::profile::aem::publish + - apache::mod::include site::profile::cron::cronjobs: zfs_rotation: diff --git a/customer/sirona-aem/prod02-publish-sirona.pixelpark.net.yaml b/customer/sirona-aem/prod02-publish-sirona.pixelpark.net.yaml index a2cea6bc..55c183ea 100644 --- a/customer/sirona-aem/prod02-publish-sirona.pixelpark.net.yaml +++ b/customer/sirona-aem/prod02-publish-sirona.pixelpark.net.yaml @@ -2,8 +2,10 @@ site::role: base_for_old_systems # because we don't need xymon site::additional_classes: - accounts - - repo::redhat::zfs +# Disable because of extra 7.3 download path +# - repo::redhat::zfs - site::profile::aem::publish + - apache::mod::include site::profile::cron::cronjobs: zfs_rotation: diff --git a/customer/sirona-aem/production.yaml b/customer/sirona-aem/production.yaml index 917ad7cf..ba09cd17 100644 --- a/customer/sirona-aem/production.yaml +++ b/customer/sirona-aem/production.yaml @@ -44,7 +44,7 @@ aem::maven::servers: - sirona-releases: id: sirona-releases username: sirona - password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAWN6ky/ULCS114gcIPtMqRrSV+IHIhmCZORvhuwUDT0Kh2VQpD0g0qMjWLR85YVrKFx9e0dziSN8EgS0Ew1biJrSW1Q0U0hXBFAumWUHtKconumqTbEP09WziB4EctyUcjxb07Wd3t1TNXpFmjd8MO0uULcj+4PL3db71HX3vOmOnOSA/6t/z0kivJWGsoPZirH0pc/+op0TuVTbDYKwBYlOn0kLM3f0+eBj1AkeH4ZAS2u2byLY3yJC/qMsIJ8zwhyoUhh+0vJNLtGq6k2J0dyJdmnYxEfy1dMQ6OA1oSOJHQQhfh2nOONOXI/3pNvn0HBY+QwBgHvElvED2dBGaTDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBYKqaAMGI3oxuUPd4gF+JTgCA+d4GjLHa1ECpg4DayklrAdOwXWxWHhKN+rKdXFfTK2A==] + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAbTW1ZWhJ6XWqPPdsU4vXYYLQk8zEOh0y/a/g5SJ8bFH8ygZrbTNHeEaVTKLguF8Qai5diDKzL3pUiQUlRlbb6m69rf+g4hlNUM1n5PA6dfNnqUaMfpRH0X8VvhE6/Pgz/9zOep92UlVO9Aj78IZddWOjWd1Rj0KJ/RFoLBPfkXL7sgFv2pfoFMQIQ+5Yelaq+hy4vNbIKeJx1poHA9JEEl7O18bzYTO/TFzlvjbM4MphRvbM39c3F7IVV6A4PfZEYIFamHoijrWSuA9QoHCB6m5p/SgGisiKshpaQvBhAsmMmWXvHlFy0xifkt3ZllBPdSdtZuLnBHIpOAhNZcMZOTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBMwmGTKpQIcXGnUejWqwRFgCCDSr38JPWvgcVYUXTLTBOTx+GXPyygaUwFjHLOtIJnrQ==] #aem::author::install_packages: site::profile::aem::author::instance_name: author @@ -138,26 +138,26 @@ aem::packages: sirona_frontend: groupid: "com.sirona.website" artifactid: "sirona-frontend" - version: "0.24" + version: "0.28.3" sirona_config: groupid: "com.sirona.website" artifactid: "sirona-config" - version: "0.24" + version: "0.28.3" sirona_components: groupid: "com.sirona.website" artifactid: "sirona-components" - version: "0.24" + version: "0.28.3" dependencies: - "acs_aem_commons" - "sirona_frontend" sirona_permissions: groupid: "com.sirona.website" artifactid: "sirona-permissions" - version: "0.24" + version: "0.28.3" sirona_initialcontent: groupid: "com.sirona.website" artifactid: "sirona-initialcontent" - version: "0.24" + version: "0.28.3" site::profile::aem::publish::jvm_heap_min: 6144M site::profile::aem::publish::jvm_heap_max: 8192M @@ -215,9 +215,38 @@ aem::domain_mappings: ids.dentsplysirona.com: aem_path: '/content/ids-2017' create_sling_mapping: true + www.plug-and-ray.com: + aem_path: '/content/plug-and-ray' + create_sling_mapping: true + corporate.dentsplysirona.com: + aem_path: '/content/corporate' + create_sling_mapping: true + career.dentsplysirona.com: + aem_path: '/content/career' + create_sling_mapping: true + news.dentsplysirona.com: + aem_path: '/content/newsroom' + create_sling_mapping: true + www1.dentsplysirona.com: + aem_path: '/content/flagship-site' + create_sling_mapping: true assets.dentsplysirona.com: aem_path: '/content/dam' create_sling_mapping: true +# temporaer till Staging environement + stagingcorporate.dentsplysirona.com: + aem_path: '/content/corporate' + create_sling_mapping: true + stagingcareer.dentsplysirona.com: + aem_path: '/content/career' + create_sling_mapping: true + stagingnews.dentsplysirona.com: + aem_path: '/content/newsroom' + create_sling_mapping: true + stagingwww1.dentsplysirona.com: + aem_path: '/content/flagship-site' + create_sling_mapping: true + site::profile::apache::htdigest: server: @@ -229,6 +258,10 @@ site::profile::apache::htdigest: spotlight: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAZLfIn0b5rEkCNeowLscQBdSHYjYyzHJi9xPD9eOxO0l7j5U2mmsVVuYoFdbHg2/fXEYA2bTObEYDQRr2LMnq1OfSnytXJ6N8DMW/LdsV0+8NQoCyc3IPeKdgcJv6EOMhapljYEQ6qRk7azV2g5P1Ig+tCTYRfq7Q6a91BSMu8cnGsQG4RCGnJVNefkRO/TmS5xF3+cMAIz7NOhjKZvjj5u1KVY+q9TTwf3EaIfYX6a0hoDJ8o16eatleFBzDgYXuaq2gz4QVkT9CTnQxHbZeTqht/WP4zGqaFKh5Yu5nzej85t4cElB2EyB4ojbBg65ygkvROWOt33QFA1hMsz0RVjA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDuSA576bOTHCA6lIUERBWQgBCfLsMfFMFOHqD7W/gYs42v] preview: dspreview: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAP3Kn6IWfr9Tcr/pN4vjX/H5B0+1QxBZyGtXUnvWp7l+soMYafzIoldj5Xgl0PWkWy55IbZO7/AxMPED1UyxsDd6KRtmEqVEd8+n/CDWiajGUX5yHiYycBGMagd0om0oz/JW/uvpuKCVAZr8zVjXlEl6sEliu7wtCKWAwoYHlXNeWXTEox1Os2lJguXdXbdVx1UQfuz55DrviTNJI9rkLheQB9+rdpjDPNxqppMZy5sT4B18C/NyEDvIGMGQrtxZgLKkBqMus9s86cRauc4sWmQ2qcUkxQydUy6R/2BC1zuvGswkWzy7/gPKnvLboEmoQlphhvMpLYP6Cj6XyyiBoXjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBOvB3NQPrOTLhuP9ucs1QogCDc79ONp+ruVUPF0UkT1fN5z2Gga6llZsKE8ORasbk43A==] + madeingermany: + sirona: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEALEX3sBhuGYJ61cxVc7gTuZBU6vg13mHCS8y6nrU6LIy8mnTiOHDF2uUBx79dEjtkmhVSPEq8ZxTifctLJDDEZZ9GpLVT/qoWpUmCC04gYWH/bbZiuAhEO+uNBthvSGIjfAqES5JKoSKN5ol+dQrnNZP27ZxeV+wNWhY1vg1qnap4o/5DFus/gUaVwn3zwDxtn5FWtUMVrVjwmKc/P/qg7XHXrU9d9EoYNxtsiGKXW1sYZTshjD8n9grAKmZ0u82EfOb1zDBp2pAb8IGo+xZm41OmxXse9tGohBcXD7Oq+yVwP83uMYdgnn1VBw4p2pEkpqNvmvMrJJ9BYXSwGil9FjA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBzERKwsL0pmwhBiT85DmBbgBB6CCAnx5BFENq264BlDfEL] + idsdentsplysirona: + sirona: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAoKgv7PxnEEvHarHzl4+sEDPEPU7rCPEwGwkCiXTBv8dGi4a3aHw2qd9vhhs+07sq0Z7UKoD/mjNkjw03YiuxSXUo8qaJUS6TXMx9tXiZDeuqNt96GmsvTVGJoRO1UaVi0/xwQC6bbhz6inyId+evq0nu9wfrbHY/6/HK3tNxCE7BpvkaqBeLDcB2fOlt2LqYtIYF0Vxzn5mK1MG4dDCruqsqUUBCXJig67yV7euVuOBQJWNfc6q3Qbn3EYf+0uI2qt75S0kqU5qUXYkAb476jG2yI4VO6b3xVYTSTQ7T03fstw6RsKc2VKAA8CnDfdi71bT1/8vSuIw6oQOLu926vjA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBpKbTk2QaXut21gaT78GRWgBDg/TLvXIFT2zpGoV1Dkkxu] # Apache Publisher site::profile::aem::publish::pp_vhosts: @@ -249,30 +282,41 @@ site::profile::aem::publish::pp_vhosts: - 'Accept-Language ^es language=es-es' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } error_documents: - { error_code: 404 , document: "/en-us/error-pages/404.html" } - { error_code: 500 , document: "/en-us/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot: + - provider: directory path: '/var/www/html/cache/content/clinic_solutions' sethandler: dispatcher-handler options: - FollowSymLinks - - es-es: - provider: locationmatch + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes + - provider: locationmatch path: '^/es-es/' error_documents: - { error_code: 404 , document: "/es-es/error-pages/404.html" } - { error_code: 500 , document: "/es-es/error-pages/500.html" } rewrites: - - language_rewrite: - comment: 'lanugage Rewrite use Env Vars' + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.sirona.clinic/%%{ich-trickse}{ENV:language}.html [R=301,L]' # Sirona Clinic Migration Start - - regel_1: - comment: 'Auto Generated Rewrite' + - comment: 'Auto Generated Rewrite' rewrite_rule: - '^/en/home$ %%{ich-trickse}{REQUEST_SCHEME}://www.sirona.clinic/en-us.html [R=301,L]' - '^/en/consulting$ %%{ich-trickse}{REQUEST_SCHEME}://www.sirona.clinic/en-us/consulting.html [R=301,L]' @@ -320,23 +364,35 @@ site::profile::aem::publish::pp_vhosts: - 'Accept-Language ^.*$ language=de-de' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } error_documents: - { error_code: 404 , document: "/de-de/error-pages/404.html" } - { error_code: 500 , document: "/de-de/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot: + - provider: directory path: '/var/www/html/cache/content/M1' sethandler: dispatcher-handler options: - FollowSymLinks + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes rewrites: - - language_rewrite: - comment: 'lanugage Rewrite use Env Vars' + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.danke-m1-hallo-zukunft.de/%%{ich-trickse}{ENV:language}.html [R=301,L]' - - regel_1: - comment: 'Auto Generated Rewrite' + - comment: 'Auto Generated Rewrite' rewrite_rule: - '^/de/home$ %%{ich-trickse}{REQUEST_SCHEME}://www.danke-m1-hallo-zukunft.de/de-de.html [R=301,L]' - '^/de/bedienkonzept$ %%{ich-trickse}{REQUEST_SCHEME}://www.danke-m1-hallo-zukunft.de/de-de.html [R=301,L]' @@ -349,25 +405,35 @@ site::profile::aem::publish::pp_vhosts: serveraliases: - brand.dentsplysirona.com docroot: '/var/www/html/cache/content/brand-control-center' - ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' - ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' - ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' + ssl_cert: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.dentsplysirona.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' docroot_owner: apache setenvif: - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' setenvifnocase: - - 'Accept-Language ^.*$ language=en-us' + - 'Accept-Language ^.*$ language=en' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } + error_documents: + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot: + - provider: directory path: '/var/www/html/cache/content/brand-control-center' sethandler: dispatcher-handler options: - FollowSymLinks - - location1: - provider: location + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes + # htaccess + - provider: location path: '/' auth_type: Digest auth_name: brand @@ -378,17 +444,80 @@ site::profile::aem::publish::pp_vhosts: require: - local rewrites: - - language_rewrite: - comment: 'lanugage Rewrite use Env Vars' + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://brand.dentsplysirona.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' + - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/%%{ich-trickse}{ENV:language}.html [R=301,L]' + - comment: 'Reodering site' + rewrite_rule: + - '^/en-us.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en.html [R=301,L]' + - '^/en-us/basics.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/basics.html [R=301,L]' + - '^/en-us/basics/colors.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/basics/colors.html [R=301,L]' + - '^/en-us/basics/icons.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/basics/icons.html [R=301,L]' + - '^/en-us/basics/icons/basic-icons.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/basics/icons/basic-icons.html [R=301,L]' + - '^/en-us/basics/icons/social-icons.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/basics/icons/social-icons.html [R=301,L]' + - '^/en-us/basics/icons/file-icons.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/basics/icons/file-icons.html [R=301,L]' + - '^/en-us/basics/images.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/basics/images.html [R=301,L]' + - '^/en-us/basics/typography.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/basics/typography.html [R=301,L]' + - '^/en-us/basics/typography/headlines.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/basics/typography/headlines.html [R=301,L]' + - '^/en-us/basics/typography/copytext.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/basics/typography/copytext.html [R=301,L]' + - '^/en-us/basics/logos.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/basics/logos.html [R=301,L]' + - '^/en-us/basics/fav-icon.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/basics/fav-icon.html [R=301,L]' + - '^/en-us/interaction-elements.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/interaction-elements.html [R=301,L]' + - '^/en-us/interaction-elements/buttons.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/interaction-elements/buttons.html [R=301,L]' + - '^/en-us/interaction-elements/arrows.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/interaction-elements/arrows.html [R=301,L]' + - '^/en-us/interaction-elements/text-links.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/interaction-elements/text-links.html [R=301,L]' + - '^/en-us/interaction-elements/breadcrumbs.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/interaction-elements/breadcrumbs.html [R=301,L]' + - '^/en-us/interaction-elements/scrolling.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/interaction-elements/scrolling.html [R=301,L]' + - '^/en-us/digital-communication.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/digital-communication.html [R=301,L]' + - '^/en-us/digital-communication/domains-vanity-urls.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/digital-communication/domains-vanity-urls.html [R=301,L]' + - '^/en-us/digital-communication/email-signature.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/digital-communication/email-signature.html [R=301,L]' + - '^/en-us/digital-communication/json-api.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/digital-communication/json-api.html [R=301,L]' + - '^/en-us/digital-communication/trademarks.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide/digital-communication/trademarks.html [R=301,L]' + - '^/en-us/faq.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/digital-guide.html [R=301,L]' + - '^/en-us/aem-component-guide.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide.html [R=301,L]' + - '^/en-us/aem-component-guide/headline.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/text-components/headline.html [R=301,L]' + - '^/en-us/aem-component-guide/text.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/text-components/text.html [R=301,L]' + - '^/en-us/aem-component-guide/text-image.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/text-components/text-image.html [R=301,L]' + - '^/en-us/aem-component-guide/text-video.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/text-components/text-video.html [R=301,L]' + - '^/en-us/aem-component-guide/table.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/text-components/table.html [R=301,L]' + - '^/en-us/aem-component-guide/image.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/image-components/image.html [R=301,L]' + - '^/en-us/aem-component-guide/image-gallery.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/image-components/image-gallery.html [R=301,L]' + - '^/en-us/aem-component-guide/image-comparison.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/image-components/image-comparison.html [R=301,L]' + - '^/en-us/aem-component-guide/video.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/video-components/video.html [R=301,L]' + - '^/en-us/aem-component-guide/download-list.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/download-components/download-list.html [R=301,L]' + - '^/en-us/aem-component-guide/stickout.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/download-components/stickout.html [R=301,L]' + - '^/en-us/aem-component-guide/asset-library.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/download-components/asset-library.html [R=301,L]' + - '^/en-us/aem-component-guide/quote.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/quote-components/quote.html [R=301,L]' + - '^/en-us/aem-component-guide/quote-block.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/quote-components/quote-block.html [R=301,L]' + - '^/en-us/aem-component-guide/quote-banner.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/quote-components/quote-banner.html [R=301,L]' + - '^/en-us/aem-component-guide/fact.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/feature-components/fact.html [R=301,L]' + - '^/en-us/aem-component-guide/bullet-list.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/feature-components/bullet-list.html [R=301,L]' + - '^/en-us/aem-component-guide/benefit-list.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/feature-components/benefit-list.html [R=301,L]' + - '^/en-us/aem-component-guide/hero.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/hero-components/hero.html [R=301,L]' + - '^/en-us/aem-component-guide/reference.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/system-components/reference.html [R=301,L]' + - '^/en-us/aem-component-guide/accordion.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/other-components/accordion.html [R=301,L]' + - '^/en-us/aem-component-guide/issuu.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/other-components/issuu.html [R=301,L]' + - '^/en-us/aem-component-guide/process.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/other-components/process.html [R=301,L]' + - '^/en-us/aem-component-guide/product-highlight.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/product-components/product-highlight.html [R=301,L]' + - '^/en-us/aem-component-guide/callout.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/call-to-action-components/callout.html [R=301,L]' + - '^/en-us/aem-component-guide/hotline.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/call-to-action-components/hotline.html [R=301,L]' + - '^/en-us/aem-component-guide/teaser.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/teaser-components/teaser.html [R=301,L]' + - '^/en-us/aem-component-guide/teaser-mini.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/teaser-components/teaser-mini.html [R=301,L]' + - '^/en-us/aem-component-guide/tile-rectangular.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/teaser-components/tile-rectangular.html [R=301,L]' + - '^/en-us/aem-component-guide/tile-square.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/teaser-components/tile-square.html [R=301,L]' + - '^/en-us/aem-component-guide/teaser-blocklist.html %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/en/website-management/aem-component-guide/teaser-components/teaser-blocklist.html [R=301,L]' hub: serveraliases: - hub.dentsplysirona.com docroot: '/var/www/html/cache/content/marketing-hub' - ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' - ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' - ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' + ssl_cert: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.dentsplysirona.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' docroot_owner: apache setenvif: - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' @@ -396,16 +525,30 @@ site::profile::aem::publish::pp_vhosts: - 'Accept-Language ^.*$ language=en-us' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } + error_documents: + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot: + - provider: directory path: '/var/www/html/cache/content/marketing-hub' sethandler: dispatcher-handler options: - FollowSymLinks + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes rewrites: - - language_rewrite: - comment: 'lanugage Rewrite use Env Vars' + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://hub.dentsplysirona.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' # Sirona LEDviewPlus.com @@ -414,6 +557,7 @@ site::profile::aem::publish::pp_vhosts: - www.ledviewplus.com - ledviewplus.com docroot: '/var/www/html/cache/content/ledview' + ssl: false ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' @@ -428,43 +572,47 @@ site::profile::aem::publish::pp_vhosts: - 'Accept-Language ^de language=de-de' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } error_documents: - { error_code: 404 , document: "/en-us/error-pages/404.html" } - { error_code: 500 , document: "/en-us/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot: + - provider: directory path: '/var/www/html/cache/content/ledview' sethandler: dispatcher-handler options: - FollowSymLinks - - fr-fr: - provider: locationmatch + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes + - provider: locationmatch path: '^/fr-fr/' error_documents: - { error_code: 404 , document: "/fr-fr/error-pages/404.html" } - { error_code: 500 , document: "/fr-fr/error-pages/500.html" } - - es-es: - provider: locationmatch + - provider: locationmatch path: '^/es-es/' error_documents: - { error_code: 404 , document: "/es-es/error-pages/404.html" } - { error_code: 500 , document: "/es-es/error-pages/500.html" } - - it-it: - provider: locationmatch + - provider: locationmatch path: '^/it-it/' error_documents: - { error_code: 404 , document: "/it-it/error-pages/404.html" } - { error_code: 500 , document: "/it-it/error-pages/500.html" } - - de-de: - provider: locationmatch + - provider: locationmatch path: '^/de-de/' error_documents: - { error_code: 404 , document: "/de-de/error-pages/404.html" } - { error_code: 500 , document: "/de-de/error-pages/500.html" } rewrites: - - language_rewrite: - comment: 'lanugage Rewrite use Env Vars' + - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.ledviewplus.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' # Sirona IntegoAmbidextrous.com @@ -473,6 +621,7 @@ site::profile::aem::publish::pp_vhosts: - www.integoambidextrous.com - integoambidextrous.com docroot: '/var/www/html/cache/content/intego-turn' + ssl: false ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' @@ -486,37 +635,42 @@ site::profile::aem::publish::pp_vhosts: - 'Accept-Language ^fr language=fr-fr' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } error_documents: - { error_code: 404 , document: "/en-us/error-pages/404.html" } - { error_code: 500 , document: "/en-us/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot: + - provider: directory path: '/var/www/html/cache/content/intego-turn' sethandler: dispatcher-handler options: - FollowSymLinks - - fr-fr: - provider: locationmatch + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes + - provider: locationmatch path: '^/fr-fr/' error_documents: - { error_code: 404 , document: "/fr-fr/error-pages/404.html" } - { error_code: 500 , document: "/fr-fr/error-pages/500.html" } - - es-es: - provider: locationmatch + - provider: locationmatch path: '^/es-es/' error_documents: - { error_code: 404 , document: "/es-es/error-pages/404.html" } - { error_code: 500 , document: "/es-es/error-pages/500.html" } - - it-it: - provider: locationmatch + - provider: locationmatch path: '^/it-it/' error_documents: - { error_code: 404 , document: "/it-it/error-pages/404.html" } - { error_code: 500 , document: "/it-it/error-pages/500.html" } rewrites: - - language_rewrite: - comment: 'lanugage Rewrite use Env Vars' + - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.integoambidextrous.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' # Sirona spotlight.dentsplysirona.com @@ -524,9 +678,9 @@ site::profile::aem::publish::pp_vhosts: serveraliases: - spotlight.dentsplysirona.com docroot: '/var/www/html/cache/content/dentsply-sirona-spotlight' - ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' - ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' - ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' + ssl_cert: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.dentsplysirona.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' docroot_owner: apache setenvif: - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' @@ -536,31 +690,42 @@ site::profile::aem::publish::pp_vhosts: - 'Accept-Language ^zh language=zh-cn' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } error_documents: - { error_code: 404 , document: "/en-us/error-pages/404.html" } - { error_code: 500 , document: "/en-us/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot: + - provider: directory path: '/var/www/html/cache/content/dentsply-sirona-spotlight' sethandler: dispatcher-handler options: - FollowSymLinks - - zh-cn: - provider: locationmatch + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes + - provider: locationmatch path: '^/zh-cn/' error_documents: - { error_code: 404 , document: "/zh-cn/error-pages/404.html" } - { error_code: 500 , document: "/zh-cn/error-pages/500.html" } - - de-de: - provider: locationmatch + - provider: locationmatch path: '^/de-de/' error_documents: - { error_code: 404 , document: "/de-de/error-pages/404.html" } - { error_code: 500 , document: "/de-de/error-pages/500.html" } rewrites: - - language_rewrite: - comment: 'lanugage Rewrite use Env Vars' + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://spotlight.dentsplysirona.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' # Sirona instruments-made-in-germany.com @@ -569,6 +734,7 @@ site::profile::aem::publish::pp_vhosts: - www.instruments-made-in-germany.com - instruments-made-in-germany.com docroot: '/var/www/html/cache/content/madeingermany' + ssl: false ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' @@ -576,22 +742,30 @@ site::profile::aem::publish::pp_vhosts: setenvif: - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' setenvifnocase: - - 'Accept-Language ^.*$ language=de-de' + - 'Accept-Language ^.*$ language=en-us' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } error_documents: - - { error_code: 404 , document: "/de-de/error-pages/404.html" } - - { error_code: 500 , document: "/de-de/error-pages/500.html" } + - { error_code: 404 , document: "/en-us/error-pages/404.html" } + - { error_code: 500 , document: "/en-us/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot: + - provider: directory path: '/var/www/html/cache/content/madeingermany' sethandler: dispatcher-handler options: - FollowSymLinks + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes rewrites: - - language_rewrite: - comment: 'lanugage Rewrite use Env Vars' + - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.instruments-made-in-germany.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' # Sirona my.cerec.com @@ -599,6 +773,7 @@ site::profile::aem::publish::pp_vhosts: serveraliases: - my.cerec.com docroot: '/var/www/html/cache/content/my-cerec' + ssl: false ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' @@ -609,23 +784,30 @@ site::profile::aem::publish::pp_vhosts: - 'Accept-Language ^.*$ language=de-de' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } error_documents: - { error_code: 404 , document: "/de-de/error-pages/404.html" } - { error_code: 500 , document: "/de-de/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot: + - provider: directory path: '/var/www/html/cache/content/my-cerec' sethandler: dispatcher-handler options: - FollowSymLinks + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes rewrites: - - language_rewrite: - comment: 'lanugage Rewrite use Env Vars' + - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://my.cerec.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' - - regel_1: - comment: 'https://jira.pixelpark.com/jira/browse/SIRONAMAIN-359' + - comment: 'https://jira.pixelpark.com/jira/browse/SIRONAMAIN-359' rewrite_rule: - '^/Patientenmarketing$ http://my.cerec.com/de-de/service/patientenmarketing.html [R=301,L]' # Sirona info.my-inlab.com @@ -633,6 +815,7 @@ site::profile::aem::publish::pp_vhosts: serveraliases: - info.my-inlab.com docroot: '/var/www/html/cache/content/myinlab' + ssl: false ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' @@ -647,43 +830,47 @@ site::profile::aem::publish::pp_vhosts: - 'Accept-Language ^de language=de-de' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } error_documents: - { error_code: 404 , document: "/en-us/error-pages/404.html" } - { error_code: 500 , document: "/en-us/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot: + - provider: directory path: '/var/www/html/cache/content/myinlab' sethandler: dispatcher-handler options: - FollowSymLinks - - fr-fr: - provider: locationmatch + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes + - provider: locationmatch path: '^/fr-fr/' error_documents: - { error_code: 404 , document: "/fr-fr/error-pages/404.html" } - { error_code: 500 , document: "/fr-fr/error-pages/500.html" } - - es-es: - provider: locationmatch + - provider: locationmatch path: '^/es-es/' error_documents: - { error_code: 404 , document: "/es-es/error-pages/404.html" } - { error_code: 500 , document: "/es-es/error-pages/500.html" } - - it-it: - provider: locationmatch + - provider: locationmatch path: '^/it-it/' error_documents: - { error_code: 404 , document: "/it-it/error-pages/404.html" } - { error_code: 500 , document: "/it-it/error-pages/500.html" } - - de-de: - provider: locationmatch + - provider: locationmatch path: '^/de-de/' error_documents: - { error_code: 404 , document: "/de-de/error-pages/404.html" } - { error_code: 500 , document: "/de-de/error-pages/500.html" } rewrites: - - language_rewrite: - comment: 'lanugage Rewrite use Env Vars' + - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://info.my-inlab.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' # Sirona www.profiledentalimplants.com @@ -692,6 +879,7 @@ site::profile::aem::publish::pp_vhosts: - www.profiledentalimplants.com - profiledentalimplants.com docroot: '/var/www/html/cache/content/profiles' + ssl: false ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' @@ -702,16 +890,25 @@ site::profile::aem::publish::pp_vhosts: - 'Accept-Language ^.*$ language=en-us' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } + error_documents: + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot: + - provider: directory path: '/var/www/html/cache/content/profiles' sethandler: dispatcher-handler options: - FollowSymLinks + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes rewrites: - - language_rewrite: - comment: 'lanugage Rewrite use Env Vars' + - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.profiledentalimplants.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' # Sirona www.jointheev.com - kein AEM VHost @@ -719,12 +916,12 @@ site::profile::aem::publish::pp_vhosts: serveraliases: - www.jointheev.com - jointheev.com + ssl: false ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' rewrites: - - language_rewrite: - comment: 'lanugage Rewrite' + - comment: 'lanugage Rewrite' rewrite_rule: - '^/de-de http://www.jointheev.de/ [R=301,L]' - '^/sv-se http://www.jointheev.se/ [R=301,L]' @@ -749,23 +946,35 @@ site::profile::aem::publish::pp_vhosts: - 'Accept-Language ^.*$ language=de-de' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } error_documents: - { error_code: 404 , document: "/de-de/error-pages/404.html" } - { error_code: 500 , document: "/de-de/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot: + - provider: directory path: '/var/www/html/cache/content/exzellenzgruender' sethandler: dispatcher-handler options: - FollowSymLinks + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes rewrites: - - language_rewrite: - comment: 'lanugage Rewrite use Env Vars' + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.exzellenzgruender.de/%%{ich-trickse}{ENV:language}.html [R=301,L]' - - regel_1: - comment: 'Migration' + - comment: 'Migration' rewrite_rule: - '^/de/vorteile$ %%{ich-trickse}{REQUEST_SCHEME}://www.exzellenzgruender.de/de-de/vorteile.html [R=301,L]' - '^/de/information$ %%{ich-trickse}{REQUEST_SCHEME}://www.exzellenzgruender.de/de-de/information.html [R=301,L]' @@ -787,23 +996,35 @@ site::profile::aem::publish::pp_vhosts: - 'Accept-Language ^.*$ language=de-de' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } error_documents: - { error_code: 404 , document: "/de-de/error-pages/404.html" } - { error_code: 500 , document: "/de-de/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot: + - provider: directory path: '/var/www/html/cache/content/see-more-with-sirona' sethandler: dispatcher-handler options: - FollowSymLinks + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes rewrites: - - language_rewrite: - comment: 'lanugage Rewrite use Env Vars' + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.see-more-with-sirona.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' - - rewrite_from_old: - comment: 'SIRONAMAIN-406' + - comment: 'SIRONAMAIN-406' rewrite_rule: - '^/de/3d$ %%{ich-trickse}{REQUEST_SCHEME}://www.see-more-with-sirona.com/de-de/3d-roentgen.html [R=301,L]' - '^/de/3d/mars$ %%{ich-trickse}{REQUEST_SCHEME}://www.see-more-with-sirona.com/de-de/3d-roentgen/mars.html [R=301,L]' @@ -839,23 +1060,36 @@ site::profile::aem::publish::pp_vhosts: - 'Accept-Language ^de language=de-de' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } error_documents: - { error_code: 404 , document: "/en-us/error-pages/404.html" } - { error_code: 500 , document: "/en-us/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot: + - provider: directory path: '/var/www/html/cache/content/cerec' sethandler: dispatcher-handler options: - FollowSymLinks - - de-de: - provider: locationmatch + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes + - provider: locationmatch path: '^/de-de/' error_documents: - { error_code: 404 , document: "/de-de/error-pages/404.html" } - { error_code: 500 , document: "/de-de/error-pages/500.html" } rewrites: + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' - language_rewrite: comment: 'lanugage Rewrite use Env Vars' rewrite_rule: @@ -865,9 +1099,9 @@ site::profile::aem::publish::pp_vhosts: serveraliases: - lp.dentsplysirona.com docroot: '/var/www/html/cache/content/landingpages' - ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' - ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' - ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' + ssl_cert: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.dentsplysirona.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' docroot_owner: apache setenvif: - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' @@ -876,34 +1110,37 @@ site::profile::aem::publish::pp_vhosts: - 'Accept-Language ^de language=de-de' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } error_documents: - { error_code: 404 , document: "/en-us/error-pages/404.html" } - { error_code: 500 , document: "/en-us/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot: + - provider: directory path: '/var/www/html/cache/content/landingpages' sethandler: dispatcher-handler options: - FollowSymLinks - - de-de: - provider: locationmatch + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes + - provider: locationmatch path: '^/de-de/' error_documents: - { error_code: 404 , document: "/de-de/error-pages/404.html" } - { error_code: 500 , document: "/de-de/error-pages/500.html" } - - treuevorteil: - provider: locationmatch - path: '^/de-de/treuevorteil' - auth_type: Digest - auth_name: preview - auth_digest_provider: file - auth_digest_algorithm: MD5 - auth_user_file: '/etc/httpd/htdigest' - auth_require: 'valid-user' rewrites: - - language_rewrite: - comment: 'lanugage Rewrite use Env Vars' + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://lp.dentsplysirona.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' # Sirona ids.dentsplysirona.com @@ -911,10 +1148,319 @@ site::profile::aem::publish::pp_vhosts: serveraliases: - ids.dentsplysirona.com docroot: '/var/www/html/cache/content/ids-2017' + ssl_cert: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.dentsplysirona.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + docroot_owner: apache + setenvif: + - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' + setenvifnocase: + - 'Accept-Language ^.*$ language=en-us' + - 'Accept-Language ^de language=de-de' + headers: + - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } + error_documents: + - { error_code: 404 , document: "/en-us/error-pages/404.html" } + - { error_code: 500 , document: "/en-us/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } + directories: + # docroot: + - provider: directory + path: '/var/www/html/cache/content/ids-2017' + sethandler: dispatcher-handler + options: + - FollowSymLinks + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes + - provider: locationmatch + path: '^/de-de/' + error_documents: + - { error_code: 404 , document: "/de-de/error-pages/404.html" } + - { error_code: 500 , document: "/de-de/error-pages/500.html" } + rewrites: + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'lanugage Rewrite use Env Vars' + rewrite_rule: + - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://ids.dentsplysirona.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' +# Sirona www.plug-and-ray.com + plug-and-ray: + serveraliases: + - plug-and-ray.com + - www.plug-and-ray.com + docroot: '/var/www/html/cache/content/plug-and-ray' + ssl: false ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' docroot_owner: apache + setenvif: + - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' + setenvifnocase: + - 'Accept-Language ^.*$ language=de-de' + headers: + - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } + error_documents: + - { error_code: 404 , document: "/de-de/error-pages/404.html" } + - { error_code: 500 , document: "/de-de/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } + directories: + # docroot: + - provider: directory + path: '/var/www/html/cache/content/plug-and-ray' + sethandler: dispatcher-handler + options: + - FollowSymLinks + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes + rewrites: + - comment: 'lanugage Rewrite use Env Vars' + rewrite_rule: + - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.plug-and-ray.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' +# Sirona corporate.dentsplysirona.com + corporate-dentsplysirona: + serveraliases: + - corporate.dentsplysirona.com + - stagingcorporate.dentsplysirona.com + docroot: '/var/www/html/cache/content/corporate' + ssl_cert: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.dentsplysirona.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + docroot_owner: apache + setenvif: + - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' + setenvifnocase: + - 'Accept-Language ^.*$ language=en' +# - 'Accept-Language ^de language=de' +# - 'Accept-Language ^es language=es' +# - 'Accept-Language ^fr language=fr' + headers: + - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } + error_documents: + - { error_code: 404 , document: "/en/error-pages/404.html" } + - { error_code: 500 , document: "/en/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } + directories: + # docroot: + - provider: directory + path: '/var/www/html/cache/content/corporate' + sethandler: dispatcher-handler + options: + - FollowSymLinks + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes + # htaccess + - provider: location + path: '/' + auth_type: Digest + auth_name: preview + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' + require: + - local + - provider: locationmatch + path: '^/de/' + error_documents: + - { error_code: 404 , document: "/de/error-pages/404.html" } + - { error_code: 500 , document: "/de/error-pages/500.html" } + - provider: locationmatch + path: '^/fr/' + error_documents: + - { error_code: 404 , document: "/fr/error-pages/404.html" } + - { error_code: 500 , document: "/fr/error-pages/500.html" } + - provider: locationmatch + path: '^/es/' + error_documents: + - { error_code: 404 , document: "/es/error-pages/404.html" } + - { error_code: 500 , document: "/es/error-pages/500.html" } + rewrites: + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'lanugage Rewrite use Env Vars' + rewrite_rule: + - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/%%{ich-trickse}{ENV:language}.html [R=301,L]' +# Sirona career.dentsplysirona.com + career-dentsplysirona: + serveraliases: + - career.dentsplysirona.com + - stagingcareer.dentsplysirona.com + docroot: '/var/www/html/cache/content/career' + ssl_cert: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.dentsplysirona.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + docroot_owner: apache + setenvif: + - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' + setenvifnocase: + - 'Accept-Language ^.*$ language=en' +# - 'Accept-Language ^de language=de' +# - 'Accept-Language ^es language=es' +# - 'Accept-Language ^fr language=fr' + headers: + - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } + error_documents: + - { error_code: 404 , document: "/en/error-pages/404.html" } + - { error_code: 500 , document: "/en/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } + directories: + # docroot: + - provider: directory + path: '/var/www/html/cache/content/career' + sethandler: dispatcher-handler + options: + - FollowSymLinks + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes + # htaccess + - provider: location + path: '/' + auth_type: Digest + auth_name: preview + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' + require: + - local + - provider: locationmatch + path: '^/de/' + error_documents: + - { error_code: 404 , document: "/de/error-pages/404.html" } + - { error_code: 500 , document: "/de/error-pages/500.html" } + - provider: locationmatch + path: '^/fr/' + error_documents: + - { error_code: 404 , document: "/fr/error-pages/404.html" } + - { error_code: 500 , document: "/fr/error-pages/500.html" } + - provider: locationmatch + path: '^/es/' + error_documents: + - { error_code: 404 , document: "/es/error-pages/404.html" } + - { error_code: 500 , document: "/es/error-pages/500.html" } + rewrites: + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'lanugage Rewrite use Env Vars' + rewrite_rule: + - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/%%{ich-trickse}{ENV:language}.html [R=301,L]' +# Sirona news.dentsplysirona.com + news-dentsplysirona: + serveraliases: + - news.dentsplysirona.com + - stagingnews.dentsplysirona.com + docroot: '/var/www/html/cache/content/newsroom' + ssl_cert: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.dentsplysirona.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + docroot_owner: apache + setenvif: + - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' + setenvifnocase: + - 'Accept-Language ^.*$ language=en' +# - 'Accept-Language ^de language=de' +# - 'Accept-Language ^es language=es' +# - 'Accept-Language ^fr language=fr' + headers: + - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } + error_documents: + - { error_code: 404 , document: "/en/error-pages/404.html" } + - { error_code: 500 , document: "/en/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } + directories: + # docroot: + - provider: directory + path: '/var/www/html/cache/content/newsroom' + sethandler: dispatcher-handler + options: + - FollowSymLinks + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes + # htaccess + - provider: location + path: '/' + auth_type: Digest + auth_name: preview + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' + require: + - local + - provider: locationmatch + path: '^/de/' + error_documents: + - { error_code: 404 , document: "/de/error-pages/404.html" } + - { error_code: 500 , document: "/de/error-pages/500.html" } + - provider: locationmatch + path: '^/fr/' + error_documents: + - { error_code: 404 , document: "/fr/error-pages/404.html" } + - { error_code: 500 , document: "/fr/error-pages/500.html" } + - provider: locationmatch + path: '^/es/' + error_documents: + - { error_code: 404 , document: "/es/error-pages/404.html" } + - { error_code: 500 , document: "/es/error-pages/500.html" } + rewrites: + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'lanugage Rewrite use Env Vars' + rewrite_rule: + - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/%%{ich-trickse}{ENV:language}.html [R=301,L]' +# Sirona www1.dentsplysirona.com + flagship-dentsplysirona: + serveraliases: + - www1.dentsplysirona.com + - stagingwww1.dentsplysirona.com + docroot: '/var/www/html/cache/content/flagship-site' + ssl_cert: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.dentsplysirona.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + docroot_owner: apache setenvif: - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' setenvifnocase: @@ -922,41 +1468,80 @@ site::profile::aem::publish::pp_vhosts: - 'Accept-Language ^de language=de-de' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } error_documents: - { error_code: 404 , document: "/en-us/error-pages/404.html" } - { error_code: 500 , document: "/en-us/error-pages/500.html" } + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory - path: '/var/www/html/cache/content/ids-2017' + # docroot: + - provider: directory + path: '/var/www/html/cache/content/flagship-site' sethandler: dispatcher-handler options: - FollowSymLinks - - de-de: - provider: locationmatch + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes + - provider: locationmatch path: '^/de-de/' error_documents: - { error_code: 404 , document: "/de-de/error-pages/404.html" } - { error_code: 500 , document: "/de-de/error-pages/500.html" } + # htaccess + - provider: location + path: '/' + auth_type: Digest + auth_name: preview + auth_digest_provider: file + auth_digest_algorithm: MD5 + auth_user_file: '/etc/httpd/htdigest' + auth_require: 'valid-user' + require: + - local rewrites: - - language_rewrite: - comment: 'lanugage Rewrite use Env Vars' + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' rewrite_rule: - - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://ids.dentsplysirona.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'lanugage Rewrite use Env Vars' + rewrite_rule: + - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/%%{ich-trickse}{ENV:language}.html [R=301,L]' assets: servername: assets.dentsplysirona.com docroot: '/var/www/html/cache/content/dam' - ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' - ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' - ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' + ssl_cert: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.dentsplysirona.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' docroot_owner: apache + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } + error_documents: + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot + - provider: directory path: '/var/www/html/cache/content/dam' sethandler: dispatcher-handler options: - FollowSymLinks + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes + rewrites: + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' # Apache Author site::profile::aem::author::enable_apache: true @@ -982,32 +1567,376 @@ site::profile::aem::author::pp_vhosts: - 'set X-Forwarded-Proto "https"' - 'set X-Forwarded-Ssl on' - 'set X-Forwarded-Port 443' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } + error_documents: + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - - docroot: - provider: directory + # docroot + - provider: directory path: '/var/www/' -# - location1: -# provider: location -# path: '/' -# auth_type: Digest -# auth_name: server -# auth_digest_provider: file -# auth_digest_algorithm: MD5 -# auth_user_file: '/etc/httpd/htdigest' -# auth_require: 'valid-user' + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes + sirona-author-linkshare: + docroot: '/var/www' + servername: linkshare.dentsplysirona.com + ssl_cert: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.dentsplysirona.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.dentsplysirona.com-cert.pem' + allow_encoded_slashes: 'on' + rewrites: + - comment: 'linkshare to author' + rewrite_rule: + - '^/sh/(.*)$ https://linkshare.dentsplysirona.com/linkshare.html?sh=$1 [L,R=301]' + proxy_preserve_host: true + proxy_pass: + - { path: /, url: 'http://localhost:4502/' } + request_headers_ssl: + - 'set X-Forwarded-Proto "https"' + - 'set X-Forwarded-Ssl on' + - 'set X-Forwarded-Port 443' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } + error_documents: + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } + directories: + # docroot + - provider: directory + path: '/var/www/' + # error_documents + - provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes # Use Alias function if updated to Puppet 4 aem::dispatcher::publish_farm: ## Flusher z_invalidation_only: virtualhosts: - - 'invalidation_only' + - 'invalidation_only' + renders: + - { hostname: "127.0.0.1", port: '4503' } + filter: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '*/content*' } + cache_docroot: '/var/www/html/cache' + cache_rules: + - { type: 'allow', glob: '*' } + cache_invalidate: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '*.html' } + - { type: 'allow', glob: '/etc/segmentation.segment.js' } + - { type: 'allow', glob: '*/analytics.sitecatalyst.js' } + cache_allowed_clients: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '127.0.0.1' } + cache_statfileslevel: 3 + sirona: + virtualhosts: + - 'www.sirona.clinic' + - 'sirona.clinic' + clientheaders: + - '*' + renders: + - { hostname: "127.0.0.1", port: '4503' } + filter: + - { type: 'deny', glob: '*' } + - { type: 'allow', url: '/' } + - { type: 'allow', url: '*.html' } + - { type: 'allow', url: '*.css' } # enable css + - { type: 'allow', url: '*.gif' } # enable gifs + - { type: 'allow', url: '*.ico' } # enable icos + - { type: 'allow', url: '*.js' } # enable javascript + - { type: 'allow', url: '*.png' } # enable png + - { type: 'allow', url: '*.swf' } # enable flash + - { type: 'allow', url: '*.jpg' } # enable jpg + - { type: 'allow', url: '*.jpeg' } # enable jpeg + - { type: 'allow', url: '*.svg' } # enable svg + - { type: 'allow', url: '*.ttf' } # enable ttf + - { type: 'allow', url: '*.woff' } # enable woff + - { type: 'allow', url: '*.woff2' } # enable woff2 + - { type: 'allow', url: '*.eot' } # enable eot + - { type: 'allow', url: '*.pdf' } # enable pdf + - { type: 'allow', url: '*.wmv' } # enable wmv + - { type: 'allow', url: '*.psd' } # enable psd (Adobe Photoshop Dokument) + - { type: 'allow', url: '*.tif' } # enable tif + - { type: 'allow', url: '*.zip' } # enable zip + - { type: 'allow', url: '*.exe' } # enable exe + - { type: 'allow', url: '*.msi' } # enable msi + - { type: 'allow', url: '*.indd' } # enable indd (Adobe Indesign Dokument) + # Enable features + - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization + - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API + - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API + - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms + # Security Rules + - { type: 'deny', url: '/etc/' } + - { type: 'deny', url: '/libs/' } + - { type: 'allow', url: '/etc/designs/*' } + - { type: 'allow', url: '/etc/clientlibs/*' } + - { type: 'allow', url: '/etc/segmentation.segment.js' } + - { type: 'allow', url: '/libs/cq/personalization/components/clickstreamcloud/content/config.json' } + - { type: 'allow', url: '/libs/wcm/stats/tracker.js' } + - { type: 'allow', url: '/libs/cq/personalization/*' } # (JS, CSS and JSON) + - { type: 'allow', url: '/libs/cq/security/userinfo.json' } # (CQ user information) + - { type: 'allow', url: '/libs/granite/security/currentuser.json' } # (data must not be cached) + - { type: 'allow', url: '/libs/cq/i18n/*' } # (Internalization) + # CSRF + - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token + # Deny content grabbing + - { type: 'deny', url: '*.infinity.json' } + - { type: 'deny', url: '*.tidy.json' } + - { type: 'deny', url: '*.sysview.xml' } + - { type: 'deny', url: '*.docview.json' } + - { type: 'deny', url: '*.docview.xml' } + - { type: 'deny', url: '*.*[0-9].json' } + # Deny query + - { type: 'deny', url: '*.query.json' } + cache_docroot: '/var/www/html/cache/content/clinic_solutions' + cache_rules: + - { type: 'allow', glob: '*' } + cache_invalidate: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '*.html' } + - { type: 'allow', glob: '/etc/segmentation.segment.js' } + - { type: 'allow', glob: '*/analytics.sitecatalyst.js' } + cache_allowed_clients: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '127.0.0.1' } + cache_headers: + - 'X-Content-Type-Options' + - 'X-Frame-Options' + - 'X-XSS-Protection' + - 'Last-Modified' + - 'Expires' + - 'Content-Type' + - 'Access-Control-Allow-Origin' + danke-m1: + virtualhosts: + - 'www.danke-m1-hallo-zukunft.de' + - 'danke-m1-hallo-zukunft.de' + clientheaders: + - '*' + renders: + - { hostname: "127.0.0.1", port: '4503' } + filter: + - { type: 'deny', glob: '*' } + - { type: 'allow', url: '/' } + - { type: 'allow', url: '*.html' } + - { type: 'allow', url: '*.css' } # enable css + - { type: 'allow', url: '*.gif' } # enable gifs + - { type: 'allow', url: '*.ico' } # enable icos + - { type: 'allow', url: '*.js' } # enable javascript + - { type: 'allow', url: '*.png' } # enable png + - { type: 'allow', url: '*.swf' } # enable flash + - { type: 'allow', url: '*.jpg' } # enable jpg + - { type: 'allow', url: '*.jpeg' } # enable jpeg + - { type: 'allow', url: '*.svg' } # enable svg + - { type: 'allow', url: '*.ttf' } # enable ttf + - { type: 'allow', url: '*.woff' } # enable woff + - { type: 'allow', url: '*.woff2' } # enable woff2 + - { type: 'allow', url: '*.eot' } # enable eot + - { type: 'allow', url: '*.pdf' } # enable pdf + - { type: 'allow', url: '*.wmv' } # enable wmv + - { type: 'allow', url: '*.psd' } # enable psd (Adobe Photoshop Dokument) + - { type: 'allow', url: '*.tif' } # enable tif + - { type: 'allow', url: '*.zip' } # enable zip + - { type: 'allow', url: '*.exe' } # enable exe + - { type: 'allow', url: '*.msi' } # enable msi + - { type: 'allow', url: '*.indd' } # enable indd (Adobe Indesign Dokument) + # Enable features + - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization + - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API + - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API + - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms + # Security Rules + - { type: 'deny', url: '/etc/' } + - { type: 'deny', url: '/libs/' } + - { type: 'allow', url: '/etc/designs/*' } + - { type: 'allow', url: '/etc/clientlibs/*' } + - { type: 'allow', url: '/etc/segmentation.segment.js' } + - { type: 'allow', url: '/libs/cq/personalization/components/clickstreamcloud/content/config.json' } + - { type: 'allow', url: '/libs/wcm/stats/tracker.js' } + - { type: 'allow', url: '/libs/cq/personalization/*' } # (JS, CSS and JSON) + - { type: 'allow', url: '/libs/cq/security/userinfo.json' } # (CQ user information) + - { type: 'allow', url: '/libs/granite/security/currentuser.json' } # (data must not be cached) + - { type: 'allow', url: '/libs/cq/i18n/*' } # (Internalization) + # CSRF + - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token + # Deny content grabbing + - { type: 'deny', url: '*.infinity.json' } + - { type: 'deny', url: '*.tidy.json' } + - { type: 'deny', url: '*.sysview.xml' } + - { type: 'deny', url: '*.docview.json' } + - { type: 'deny', url: '*.docview.xml' } + - { type: 'deny', url: '*.*[0-9].json' } + # Deny query + - { type: 'deny', url: '*.query.json' } + cache_docroot: '/var/www/html/cache/content/M1' + cache_rules: + - { type: 'allow', glob: '*' } + cache_invalidate: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '*.html' } + - { type: 'allow', glob: '/etc/segmentation.segment.js' } + - { type: 'allow', glob: '*/analytics.sitecatalyst.js' } + cache_allowed_clients: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '127.0.0.1' } + cache_headers: + - 'X-Content-Type-Options' + - 'X-Frame-Options' + - 'X-XSS-Protection' + - 'Last-Modified' + - 'Expires' + - 'Content-Type' + - 'Access-Control-Allow-Origin' + brand: + virtualhosts: + - 'brand.dentsplysirona.com' + clientheaders: + - '*' + renders: + - { hostname: "127.0.0.1", port: '4503' } + filter: + - { type: 'deny', glob: '*' } + - { type: 'allow', url: '/' } + - { type: 'allow', url: '*.html' } + - { type: 'allow', url: '*.css' } # enable css + - { type: 'allow', url: '*.gif' } # enable gifs + - { type: 'allow', url: '*.ico' } # enable icos + - { type: 'allow', url: '*.js' } # enable javascript + - { type: 'allow', url: '*.png' } # enable png + - { type: 'allow', url: '*.swf' } # enable flash + - { type: 'allow', url: '*.jpg' } # enable jpg + - { type: 'allow', url: '*.jpeg' } # enable jpeg + - { type: 'allow', url: '*.svg' } # enable svg + - { type: 'allow', url: '*.ttf' } # enable ttf + - { type: 'allow', url: '*.woff' } # enable woff + - { type: 'allow', url: '*.woff2' } # enable woff2 + - { type: 'allow', url: '*.eot' } # enable eot + - { type: 'allow', url: '*.pdf' } # enable pdf + - { type: 'allow', url: '*.wmv' } # enable wmv + - { type: 'allow', url: '*.psd' } # enable psd (Adobe Photoshop Dokument) + - { type: 'allow', url: '*.tif' } # enable tif + - { type: 'allow', url: '*.zip' } # enable zip + - { type: 'allow', url: '*.exe' } # enable exe + - { type: 'allow', url: '*.msi' } # enable msi + - { type: 'allow', url: '*.indd' } # enable indd (Adobe Indesign Dokument) + # Enable features + - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization + - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API + - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API + - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms + # Security Rules + - { type: 'deny', url: '/etc/' } + - { type: 'deny', url: '/libs/' } + - { type: 'allow', url: '/etc/designs/*' } + - { type: 'allow', url: '/etc/clientlibs/*' } + - { type: 'allow', url: '/etc/segmentation.segment.js' } + - { type: 'allow', url: '/libs/cq/personalization/components/clickstreamcloud/content/config.json' } + - { type: 'allow', url: '/libs/wcm/stats/tracker.js' } + - { type: 'allow', url: '/libs/cq/personalization/*' } # (JS, CSS and JSON) + - { type: 'allow', url: '/libs/cq/security/userinfo.json' } # (CQ user information) + - { type: 'allow', url: '/libs/granite/security/currentuser.json' } # (data must not be cached) + - { type: 'allow', url: '/libs/cq/i18n/*' } # (Internalization) + # CSRF + - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token + # Deny content grabbing + - { type: 'deny', url: '*.infinity.json' } + - { type: 'deny', url: '*.tidy.json' } + - { type: 'deny', url: '*.sysview.xml' } + - { type: 'deny', url: '*.docview.json' } + - { type: 'deny', url: '*.docview.xml' } + - { type: 'deny', url: '*.*[0-9].json' } + # Deny query + - { type: 'deny', url: '*.query.json' } + cache_docroot: '/var/www/html/cache/content/brand-control-center' + cache_rules: + - { type: 'allow', glob: '*' } + cache_invalidate: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '*.html' } + - { type: 'allow', glob: '/etc/segmentation.segment.js' } + - { type: 'allow', glob: '*/analytics.sitecatalyst.js' } + cache_allowed_clients: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '127.0.0.1' } + cache_headers: + - 'X-Content-Type-Options' + - 'X-Frame-Options' + - 'X-XSS-Protection' + - 'Last-Modified' + - 'Expires' + - 'Content-Type' + - 'Access-Control-Allow-Origin' + hub: + virtualhosts: + - 'hub.dentsplysirona.com' + clientheaders: + - '*' renders: - { hostname: "127.0.0.1", port: '4503' } filter: - { type: 'deny', glob: '*' } - - { type: 'allow', glob: '*/content*' } - cache_docroot: '/var/www/html/cache' + - { type: 'allow', url: '/' } + - { type: 'allow', url: '*.html' } + - { type: 'allow', url: '*.css' } # enable css + - { type: 'allow', url: '*.gif' } # enable gifs + - { type: 'allow', url: '*.ico' } # enable icos + - { type: 'allow', url: '*.js' } # enable javascript + - { type: 'allow', url: '*.png' } # enable png + - { type: 'allow', url: '*.swf' } # enable flash + - { type: 'allow', url: '*.jpg' } # enable jpg + - { type: 'allow', url: '*.jpeg' } # enable jpeg + - { type: 'allow', url: '*.svg' } # enable svg + - { type: 'allow', url: '*.ttf' } # enable ttf + - { type: 'allow', url: '*.woff' } # enable woff + - { type: 'allow', url: '*.woff2' } # enable woff2 + - { type: 'allow', url: '*.eot' } # enable eot + - { type: 'allow', url: '*.pdf' } # enable pdf + - { type: 'allow', url: '*.wmv' } # enable wmv + - { type: 'allow', url: '*.psd' } # enable psd (Adobe Photoshop Dokument) + - { type: 'allow', url: '*.tif' } # enable tif + - { type: 'allow', url: '*.zip' } # enable zip + - { type: 'allow', url: '*.exe' } # enable exe + - { type: 'allow', url: '*.msi' } # enable msi + - { type: 'allow', url: '*.indd' } # enable indd (Adobe Indesign Dokument) + # Enable features + - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization + - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API + - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API + - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms + # Security Rules + - { type: 'deny', url: '/etc/' } + - { type: 'deny', url: '/libs/' } + - { type: 'allow', url: '/etc/designs/*' } + - { type: 'allow', url: '/etc/clientlibs/*' } + - { type: 'allow', url: '/etc/segmentation.segment.js' } + - { type: 'allow', url: '/libs/cq/personalization/components/clickstreamcloud/content/config.json' } + - { type: 'allow', url: '/libs/wcm/stats/tracker.js' } + - { type: 'allow', url: '/libs/cq/personalization/*' } # (JS, CSS and JSON) + - { type: 'allow', url: '/libs/cq/security/userinfo.json' } # (CQ user information) + - { type: 'allow', url: '/libs/granite/security/currentuser.json' } # (data must not be cached) + - { type: 'allow', url: '/libs/cq/i18n/*' } # (Internalization) + # CSRF + - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token + # Deny content grabbing + - { type: 'deny', url: '*.infinity.json' } + - { type: 'deny', url: '*.tidy.json' } + - { type: 'deny', url: '*.sysview.xml' } + - { type: 'deny', url: '*.docview.json' } + - { type: 'deny', url: '*.docview.xml' } + - { type: 'deny', url: '*.*[0-9].json' } + # Deny query + - { type: 'deny', url: '*.query.json' } + cache_docroot: '/var/www/html/cache/content/marketing-hub' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -1018,11 +1947,18 @@ aem::dispatcher::publish_farm: cache_allowed_clients: - { type: 'deny', glob: '*' } - { type: 'allow', glob: '127.0.0.1' } - cache_statfileslevel: 3 - sirona: + cache_headers: + - 'X-Content-Type-Options' + - 'X-Frame-Options' + - 'X-XSS-Protection' + - 'Last-Modified' + - 'Expires' + - 'Content-Type' + - 'Access-Control-Allow-Origin' + ledviewplus: virtualhosts: - - 'www.sirona.clinic' - - 'sirona.clinic' + - 'www.ledviewplus.com' + - 'ledviewplus.com' clientheaders: - '*' renders: @@ -1080,7 +2016,7 @@ aem::dispatcher::publish_farm: - { type: 'deny', url: '*.*[0-9].json' } # Deny query - { type: 'deny', url: '*.query.json' } - cache_docroot: '/var/www/html/cache/content/clinic_solutions' + cache_docroot: '/var/www/html/cache/content/ledview' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -1099,10 +2035,10 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' - danke-m1: + integoambidextrous: virtualhosts: - - 'www.danke-m1-hallo-zukunft.de' - - 'danke-m1-hallo-zukunft.de' + - 'www.integoambidextrous.com' + - 'integoambidextrous.com' clientheaders: - '*' renders: @@ -1160,7 +2096,7 @@ aem::dispatcher::publish_farm: - { type: 'deny', url: '*.*[0-9].json' } # Deny query - { type: 'deny', url: '*.query.json' } - cache_docroot: '/var/www/html/cache/content/M1' + cache_docroot: '/var/www/html/cache/content/intego-turn' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -1179,9 +2115,9 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' - brand: + spotlight: virtualhosts: - - 'brand.dentsplysirona.com' + - 'spotlight.dentsplysirona.com' clientheaders: - '*' renders: @@ -1239,7 +2175,7 @@ aem::dispatcher::publish_farm: - { type: 'deny', url: '*.*[0-9].json' } # Deny query - { type: 'deny', url: '*.query.json' } - cache_docroot: '/var/www/html/cache/content/brand-control-center' + cache_docroot: '/var/www/html/cache/content/dentsply-sirona-spotlight' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -1258,9 +2194,10 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' - hub: + instruments-made-in-germany: virtualhosts: - - 'hub.dentsplysirona.com' + - 'www.instruments-made-in-germany.com' + - 'instruments-made-in-germany.com' clientheaders: - '*' renders: @@ -1318,7 +2255,7 @@ aem::dispatcher::publish_farm: - { type: 'deny', url: '*.*[0-9].json' } # Deny query - { type: 'deny', url: '*.query.json' } - cache_docroot: '/var/www/html/cache/content/marketing-hub' + cache_docroot: '/var/www/html/cache/content/madeingermany' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -1337,10 +2274,9 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' - ledviewplus: + my-cerec-com: virtualhosts: - - 'www.ledviewplus.com' - - 'ledviewplus.com' + - 'my.cerec.com' clientheaders: - '*' renders: @@ -1398,7 +2334,7 @@ aem::dispatcher::publish_farm: - { type: 'deny', url: '*.*[0-9].json' } # Deny query - { type: 'deny', url: '*.query.json' } - cache_docroot: '/var/www/html/cache/content/ledview' + cache_docroot: '/var/www/html/cache/content/my-cerec' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -1417,10 +2353,9 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' - integoambidextrous: + info-my-inlab-com: virtualhosts: - - 'www.integoambidextrous.com' - - 'integoambidextrous.com' + - 'info.my-inlab.com' clientheaders: - '*' renders: @@ -1478,7 +2413,7 @@ aem::dispatcher::publish_farm: - { type: 'deny', url: '*.*[0-9].json' } # Deny query - { type: 'deny', url: '*.query.json' } - cache_docroot: '/var/www/html/cache/content/intego-turn' + cache_docroot: '/var/www/html/cache/content/myinlab' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -1497,9 +2432,10 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' - spotlight: + profiledentalimplants-com: virtualhosts: - - 'spotlight.dentsplysirona.com' + - 'www.profiledentalimplants.com' + - 'profiledentalimplants.com' clientheaders: - '*' renders: @@ -1557,7 +2493,7 @@ aem::dispatcher::publish_farm: - { type: 'deny', url: '*.*[0-9].json' } # Deny query - { type: 'deny', url: '*.query.json' } - cache_docroot: '/var/www/html/cache/content/dentsply-sirona-spotlight' + cache_docroot: '/var/www/html/cache/content/profiles' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -1576,10 +2512,10 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' - instruments-made-in-germany: + exzellenzgruender-de: virtualhosts: - - 'www.instruments-made-in-germany.com' - - 'instruments-made-in-germany.com' + - 'www.exzellenzgruender.de' + - 'exzellenzgruender.de' clientheaders: - '*' renders: @@ -1637,7 +2573,7 @@ aem::dispatcher::publish_farm: - { type: 'deny', url: '*.*[0-9].json' } # Deny query - { type: 'deny', url: '*.query.json' } - cache_docroot: '/var/www/html/cache/content/madeingermany' + cache_docroot: '/var/www/html/cache/content/exzellenzgruender' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -1656,9 +2592,10 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' - my-cerec-com: + see-more-with-sirona: virtualhosts: - - 'my.cerec.com' + - 'www.see-more-with-sirona.com' + - 'see-more-with-sirona.com' clientheaders: - '*' renders: @@ -1716,7 +2653,7 @@ aem::dispatcher::publish_farm: - { type: 'deny', url: '*.*[0-9].json' } # Deny query - { type: 'deny', url: '*.query.json' } - cache_docroot: '/var/www/html/cache/content/my-cerec' + cache_docroot: '/var/www/html/cache/content/see-more-with-sirona' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -1735,9 +2672,10 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' - info-my-inlab-com: + cerec-com: virtualhosts: - - 'info.my-inlab.com' + - 'www.cerec.com' + - 'cerec.com' clientheaders: - '*' renders: @@ -1795,7 +2733,7 @@ aem::dispatcher::publish_farm: - { type: 'deny', url: '*.*[0-9].json' } # Deny query - { type: 'deny', url: '*.query.json' } - cache_docroot: '/var/www/html/cache/content/myinlab' + cache_docroot: '/var/www/html/cache/content/cerec' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -1814,10 +2752,9 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' - profiledentalimplants-com: + landingpages: virtualhosts: - - 'www.profiledentalimplants.com' - - 'profiledentalimplants.com' + - 'lp.dentsplysirona.com' clientheaders: - '*' renders: @@ -1875,7 +2812,7 @@ aem::dispatcher::publish_farm: - { type: 'deny', url: '*.*[0-9].json' } # Deny query - { type: 'deny', url: '*.query.json' } - cache_docroot: '/var/www/html/cache/content/profiles' + cache_docroot: '/var/www/html/cache/content/landingpages' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -1894,10 +2831,9 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' - exzellenzgruender-de: + ids-2017: virtualhosts: - - 'www.exzellenzgruender.de' - - 'exzellenzgruender.de' + - 'ids.dentsplysirona.com' clientheaders: - '*' renders: @@ -1955,7 +2891,7 @@ aem::dispatcher::publish_farm: - { type: 'deny', url: '*.*[0-9].json' } # Deny query - { type: 'deny', url: '*.query.json' } - cache_docroot: '/var/www/html/cache/content/exzellenzgruender' + cache_docroot: '/var/www/html/cache/content/ids-2017' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -1974,10 +2910,10 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' - see-more-with-sirona: + plug-and-ray: virtualhosts: - - 'www.see-more-with-sirona.com' - - 'see-more-with-sirona.com' + - 'plug-and-ray.com' + - 'www.plug-and-ray.com' clientheaders: - '*' renders: @@ -2035,7 +2971,7 @@ aem::dispatcher::publish_farm: - { type: 'deny', url: '*.*[0-9].json' } # Deny query - { type: 'deny', url: '*.query.json' } - cache_docroot: '/var/www/html/cache/content/see-more-with-sirona' + cache_docroot: '/var/www/html/cache/content/plug-and-ray' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -2054,10 +2990,10 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' - cerec-com: + corporate-dentsplysirona: virtualhosts: - - 'www.cerec.com' - - 'cerec.com' + - 'corporate.dentsplysirona.com' + - 'stagingcorporate.dentsplysirona.com' clientheaders: - '*' renders: @@ -2115,7 +3051,7 @@ aem::dispatcher::publish_farm: - { type: 'deny', url: '*.*[0-9].json' } # Deny query - { type: 'deny', url: '*.query.json' } - cache_docroot: '/var/www/html/cache/content/cerec' + cache_docroot: '/var/www/html/cache/content/corporate' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -2134,9 +3070,10 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' - landingpages: + career-dentsplysirona: virtualhosts: - - 'lp.dentsplysirona.com' + - 'career.dentsplysirona.com' + - 'stagingcareer.dentsplysirona.com' clientheaders: - '*' renders: @@ -2194,7 +3131,7 @@ aem::dispatcher::publish_farm: - { type: 'deny', url: '*.*[0-9].json' } # Deny query - { type: 'deny', url: '*.query.json' } - cache_docroot: '/var/www/html/cache/content/landingpages' + cache_docroot: '/var/www/html/cache/content/career' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -2213,9 +3150,10 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' - ids-2017: + news-dentsplysirona: virtualhosts: - - 'ids.dentsplysirona.com' + - 'news.dentsplysirona.com' + - 'stagingnews.dentsplysirona.com' clientheaders: - '*' renders: @@ -2273,7 +3211,7 @@ aem::dispatcher::publish_farm: - { type: 'deny', url: '*.*[0-9].json' } # Deny query - { type: 'deny', url: '*.query.json' } - cache_docroot: '/var/www/html/cache/content/ids-2017' + cache_docroot: '/var/www/html/cache/content/newsroom' cache_rules: - { type: 'allow', glob: '*' } cache_invalidate: @@ -2292,9 +3230,10 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' - assets: + flagship-dentsplysirona: virtualhosts: - - 'assets.dentsplysirona.com' + - 'www1.dentsplysirona.com' + - 'stagingwww1.dentsplysirona.com' clientheaders: - '*' renders: @@ -2319,11 +3258,6 @@ aem::dispatcher::publish_farm: - { type: 'allow', url: '*.pdf' } # enable pdf - { type: 'allow', url: '*.wmv' } # enable wmv - { type: 'allow', url: '*.psd' } # enable psd (Adobe Photoshop Dokument) - - { type: 'allow', url: '*.pptx' } # enable pptx (Power Point) - - { type: 'allow', url: '*.doc' } # enable doc (Word) - - { type: 'allow', url: '*.docx' } # enable docx (Word) - - { type: 'allow', url: '*.mp3' } # enable mp3 - - { type: 'allow', url: '*.mp4' } # enable mp4 - { type: 'allow', url: '*.tif' } # enable tif - { type: 'allow', url: '*.zip' } # enable zip - { type: 'allow', url: '*.exe' } # enable exe @@ -2332,6 +3266,104 @@ aem::dispatcher::publish_farm: # Enable features - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API + - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API + - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms + # Security Rules + - { type: 'deny', url: '/etc/' } + - { type: 'deny', url: '/libs/' } + - { type: 'allow', url: '/etc/designs/*' } + - { type: 'allow', url: '/etc/clientlibs/*' } + - { type: 'allow', url: '/etc/segmentation.segment.js' } + - { type: 'allow', url: '/libs/cq/personalization/components/clickstreamcloud/content/config.json' } + - { type: 'allow', url: '/libs/wcm/stats/tracker.js' } + - { type: 'allow', url: '/libs/cq/personalization/*' } # (JS, CSS and JSON) + - { type: 'allow', url: '/libs/cq/security/userinfo.json' } # (CQ user information) + - { type: 'allow', url: '/libs/granite/security/currentuser.json' } # (data must not be cached) + - { type: 'allow', url: '/libs/cq/i18n/*' } # (Internalization) + # CSRF + - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token + # Deny content grabbing + - { type: 'deny', url: '*.infinity.json' } + - { type: 'deny', url: '*.tidy.json' } + - { type: 'deny', url: '*.sysview.xml' } + - { type: 'deny', url: '*.docview.json' } + - { type: 'deny', url: '*.docview.xml' } + - { type: 'deny', url: '*.*[0-9].json' } + # Deny query + - { type: 'deny', url: '*.query.json' } + cache_docroot: '/var/www/html/cache/content/flagship-site' + cache_rules: + - { type: 'allow', glob: '*' } + cache_invalidate: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '*.html' } + - { type: 'allow', glob: '/etc/segmentation.segment.js' } + - { type: 'allow', glob: '*/analytics.sitecatalyst.js' } + cache_allowed_clients: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '127.0.0.1' } + cache_headers: + - 'X-Content-Type-Options' + - 'X-Frame-Options' + - 'X-XSS-Protection' + - 'Last-Modified' + - 'Expires' + - 'Content-Type' + - 'Access-Control-Allow-Origin' + assets: + virtualhosts: + - 'assets.dentsplysirona.com' + clientheaders: + - '*' + renders: + - { hostname: "127.0.0.1", port: '4503' } + filter: + - { type: 'deny', glob: '*' } + - { type: 'allow', url: '/' } + - { type: 'allow', url: '*.ai' } # enable ai + - { type: 'allow', url: '*.avi' } # enable avi + - { type: 'allow', url: '*.css' } # enable css + - { type: 'allow', url: '*.doc' } # enable doc (Word) + - { type: 'allow', url: '*.docx' } # enable docx (Word) + - { type: 'allow', url: '*.eot' } # enable eot + - { type: 'allow', url: '*.eps' } # enable eps + - { type: 'allow', url: '*.exe' } # enable exe + - { type: 'allow', url: '*.gif' } # enable gifs + - { type: 'allow', url: '*.html' } # enable html + - { type: 'allow', url: '*.ico' } # enable icos + - { type: 'allow', url: '*.indd' } # enable indd (Adobe Indesign Dokument) + - { type: 'allow', url: '*.iso' } # enable iso + - { type: 'allow', url: '*.jpeg' } # enable jpeg + - { type: 'allow', url: '*.jpg' } # enable jpg + - { type: 'allow', url: '*.js' } # enable javascript + - { type: 'allow', url: '*.mov' } # enable mov + - { type: 'allow', url: '*.mp3' } # enable mp3 + - { type: 'allow', url: '*.mp4' } # enable mp4 + - { type: 'allow', url: '*.msi' } # enable msi + - { type: 'allow', url: '*.pdf' } # enable pdf + - { type: 'allow', url: '*.png' } # enable png + - { type: 'allow', url: '*.ppt' } # enable ppt (Power Point) + - { type: 'allow', url: '*.pptx' } # enable pptx (Power Point) + - { type: 'allow', url: '*.psd' } # enable psd (Adobe Photoshop Dokument) + - { type: 'allow', url: '*.rar' } # enable rar + - { type: 'allow', url: '*.raw' } # enable raw + - { type: 'allow', url: '*.stl' } # enable stl + - { type: 'allow', url: '*.svg' } # enable svg + - { type: 'allow', url: '*.swf' } # enable flash + - { type: 'allow', url: '*.tif' } # enable tif + - { type: 'allow', url: '*.ttf' } # enable ttf + - { type: 'allow', url: '*.txt' } # enable txt + - { type: 'allow', url: '*.wav' } # enable wav + - { type: 'allow', url: '*.wmv' } # enable wmv + - { type: 'allow', url: '*.wmv' } # enable wmv + - { type: 'allow', url: '*.woff' } # enable woff + - { type: 'allow', url: '*.woff2' } # enable woff2 + - { type: 'allow', url: '*.xls' } # enable xls + - { type: 'allow', url: '*.xlsx' } # enable xlsx + - { type: 'allow', url: '*.zip' } # enable zip + # Enable features + - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization + - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API - { type: 'allow', url: '/api.json' } # Unique fuer Assets Domain - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms diff --git a/customer/sirona-aem/test.yaml b/customer/sirona-aem/test.yaml index 0a73bef6..2df049f6 100644 --- a/customer/sirona-aem/test.yaml +++ b/customer/sirona-aem/test.yaml @@ -3,18 +3,16 @@ accounts::users: dominic.radtke: apply: true sudo: true - annika.wenzel: - apply: true - sudo: true florian.schade: apply: true sudo: true katleen.thiele: apply: true - sudo: true victor.saar: apply: true sudo: true + jochen.bieler: + apply: true deploy.vogel: apply: true @@ -107,11 +105,11 @@ aem::maven::servers: - sirona-releases: id: sirona-releases username: sirona - password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAWN6ky/ULCS114gcIPtMqRrSV+IHIhmCZORvhuwUDT0Kh2VQpD0g0qMjWLR85YVrKFx9e0dziSN8EgS0Ew1biJrSW1Q0U0hXBFAumWUHtKconumqTbEP09WziB4EctyUcjxb07Wd3t1TNXpFmjd8MO0uULcj+4PL3db71HX3vOmOnOSA/6t/z0kivJWGsoPZirH0pc/+op0TuVTbDYKwBYlOn0kLM3f0+eBj1AkeH4ZAS2u2byLY3yJC/qMsIJ8zwhyoUhh+0vJNLtGq6k2J0dyJdmnYxEfy1dMQ6OA1oSOJHQQhfh2nOONOXI/3pNvn0HBY+QwBgHvElvED2dBGaTDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBYKqaAMGI3oxuUPd4gF+JTgCA+d4GjLHa1ECpg4DayklrAdOwXWxWHhKN+rKdXFfTK2A==] + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAbTW1ZWhJ6XWqPPdsU4vXYYLQk8zEOh0y/a/g5SJ8bFH8ygZrbTNHeEaVTKLguF8Qai5diDKzL3pUiQUlRlbb6m69rf+g4hlNUM1n5PA6dfNnqUaMfpRH0X8VvhE6/Pgz/9zOep92UlVO9Aj78IZddWOjWd1Rj0KJ/RFoLBPfkXL7sgFv2pfoFMQIQ+5Yelaq+hy4vNbIKeJx1poHA9JEEl7O18bzYTO/TFzlvjbM4MphRvbM39c3F7IVV6A4PfZEYIFamHoijrWSuA9QoHCB6m5p/SgGisiKshpaQvBhAsmMmWXvHlFy0xifkt3ZllBPdSdtZuLnBHIpOAhNZcMZOTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBMwmGTKpQIcXGnUejWqwRFgCCDSr38JPWvgcVYUXTLTBOTx+GXPyygaUwFjHLOtIJnrQ==] - sirona-snapshots: id: sirona-snapshots username: sirona - password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAWN6ky/ULCS114gcIPtMqRrSV+IHIhmCZORvhuwUDT0Kh2VQpD0g0qMjWLR85YVrKFx9e0dziSN8EgS0Ew1biJrSW1Q0U0hXBFAumWUHtKconumqTbEP09WziB4EctyUcjxb07Wd3t1TNXpFmjd8MO0uULcj+4PL3db71HX3vOmOnOSA/6t/z0kivJWGsoPZirH0pc/+op0TuVTbDYKwBYlOn0kLM3f0+eBj1AkeH4ZAS2u2byLY3yJC/qMsIJ8zwhyoUhh+0vJNLtGq6k2J0dyJdmnYxEfy1dMQ6OA1oSOJHQQhfh2nOONOXI/3pNvn0HBY+QwBgHvElvED2dBGaTDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBYKqaAMGI3oxuUPd4gF+JTgCA+d4GjLHa1ECpg4DayklrAdOwXWxWHhKN+rKdXFfTK2A==] + password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAbTW1ZWhJ6XWqPPdsU4vXYYLQk8zEOh0y/a/g5SJ8bFH8ygZrbTNHeEaVTKLguF8Qai5diDKzL3pUiQUlRlbb6m69rf+g4hlNUM1n5PA6dfNnqUaMfpRH0X8VvhE6/Pgz/9zOep92UlVO9Aj78IZddWOjWd1Rj0KJ/RFoLBPfkXL7sgFv2pfoFMQIQ+5Yelaq+hy4vNbIKeJx1poHA9JEEl7O18bzYTO/TFzlvjbM4MphRvbM39c3F7IVV6A4PfZEYIFamHoijrWSuA9QoHCB6m5p/SgGisiKshpaQvBhAsmMmWXvHlFy0xifkt3ZllBPdSdtZuLnBHIpOAhNZcMZOTBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBMwmGTKpQIcXGnUejWqwRFgCCDSr38JPWvgcVYUXTLTBOTx+GXPyygaUwFjHLOtIJnrQ==] aem::packages: cq-6.2.0-hotfix-10870: @@ -217,6 +215,11 @@ site::profile::aem::publish::pp_vhosts: - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' headers: - 'add Access-Control-Allow-Origin %%{ich-trickse}{AccessControlAllowOrigin}e env=AccessControlAllowOrigin' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } + error_documents: + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - docroot: provider: directory @@ -224,6 +227,11 @@ site::profile::aem::publish::pp_vhosts: sethandler: dispatcher-handler options: - FollowSymLinks + - error_documents: + provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes - location1: provider: location path: '/' @@ -256,10 +264,20 @@ site::profile::aem::author::pp_vhosts: - { path: /, url: 'http://localhost:4502/' } request_headers_ssl: - 'set X-Forwarded-Proto "https" env=HTTPS' + aliases: + - { alias: /error_custom/ , path: /var/www/html/error_custom/ } + error_documents: + - { error_code: 502 , document: "/error_custom/error.shtml" } + - { error_code: 503 , document: "/error_custom/error.shtml" } directories: - docroot: provider: directory path: '/var/www/' + - error_documents: + provider: directory + path: /var/www/html/error_custom/ + options: + - +Includes # - location1: # provider: location # path: '/' diff --git a/customer/sirona-neo4j/common.yaml b/customer/sirona-neo4j/common.yaml new file mode 100644 index 00000000..a8a0a579 --- /dev/null +++ b/customer/sirona-neo4j/common.yaml @@ -0,0 +1,17 @@ +--- + +java::package: java-1.8.0-oraclejdk +puppetconf::server: puppetmaster01.pixelpark.com + +ntp::servers: + - '0.centos.pool.ntp.org' + - '1.centos.pool.ntp.org' + - '2.centos.pool.ntp.org' +neo4j::install_method: archive +neo4j::version: 3.1.1 +neo4j::dbms_mode: 'SINGLE' +neo4j::install_prefix: /opt +neo4j::data_prefix: /var/lib/neo4j +neo4j::service_provider: systemd +neo4j::dbms_directories_data: '/var/lib/neo4j/data' +neo4j::dbms_directories_logs: '/var/log/neo4j' \ No newline at end of file diff --git a/customer/sirona-neo4j/dev01-neo4j-sirona.pixelpark.net.yaml b/customer/sirona-neo4j/dev01-neo4j-sirona.pixelpark.net.yaml new file mode 100644 index 00000000..86c0dfd7 --- /dev/null +++ b/customer/sirona-neo4j/dev01-neo4j-sirona.pixelpark.net.yaml @@ -0,0 +1,5 @@ +--- +site::role: base +site::additional_classes: + - neo4j +neo4j::dbms_connector_bolt_accept_non_local_connections: true \ No newline at end of file diff --git a/customer/sirona-neo4j/development.yaml b/customer/sirona-neo4j/development.yaml new file mode 100644 index 00000000..2c34cf58 --- /dev/null +++ b/customer/sirona-neo4j/development.yaml @@ -0,0 +1,25 @@ +--- +accounts::users: + dominic.radtke: + apply: true + sudo: true + annika.wenzel: + apply: true + sudo: true + florian.schade: + apply: true + sudo: true + katleen.thiele: + apply: true + sudo: true + jochen.bieler: + apply: true + sudo: true + victor.saar: + apply: true + sudo: true + deploy.vogel: + apply: true + andre.schmelzer: + apply: true + sudo: true diff --git a/customer/sirona-neo4j/int01-neo4j-sirona.pixelpark.net.yaml b/customer/sirona-neo4j/int01-neo4j-sirona.pixelpark.net.yaml new file mode 100644 index 00000000..b57d7c1a --- /dev/null +++ b/customer/sirona-neo4j/int01-neo4j-sirona.pixelpark.net.yaml @@ -0,0 +1,4 @@ +--- +site::role: base +site::additional_classes: + - neo4j \ No newline at end of file diff --git a/customer/sirona-neo4j/prod01-neo4j-sirona.pixelpark.net.yaml b/customer/sirona-neo4j/prod01-neo4j-sirona.pixelpark.net.yaml new file mode 100644 index 00000000..b57d7c1a --- /dev/null +++ b/customer/sirona-neo4j/prod01-neo4j-sirona.pixelpark.net.yaml @@ -0,0 +1,4 @@ +--- +site::role: base +site::additional_classes: + - neo4j \ No newline at end of file diff --git a/customer/sirona-url-shorter/common.yaml b/customer/sirona-url-shorter/common.yaml index 12f84291..76db8a20 100644 --- a/customer/sirona-url-shorter/common.yaml +++ b/customer/sirona-url-shorter/common.yaml @@ -1,7 +1,7 @@ --- accounts::users: sirona: - apply: true + apply: false repo::remi_php70: true puppetconf::server: puppetmaster01.pixelpark.com diff --git a/customer/spk-gsh/proxy-giro-sucht-hero-temp.pixelpark.net.yaml b/customer/spk-gsh/proxy-giro-sucht-hero-temp.pixelpark.net.yaml new file mode 100644 index 00000000..4c3c2b5e --- /dev/null +++ b/customer/spk-gsh/proxy-giro-sucht-hero-temp.pixelpark.net.yaml @@ -0,0 +1,2 @@ +--- +site::role: base diff --git a/modules/apache.yaml b/modules/apache.yaml index 1314ca62..48916554 100644 --- a/modules/apache.yaml +++ b/modules/apache.yaml @@ -33,6 +33,7 @@ apache::log_formats: urchin: '%h %v %u %t \"%r\" %>s %b \"%%{ich-trickse}{Referer}i\" \"%%{ich-trickse}{User-Agent}i\" \"%%{ich-trickse}{Cookie}i\"' urchinpp: '%%{ich-trickse}{Client-IP}i %v %u %t \"%r\" %>s %b \"%%{ich-trickse}{Referer}i\" \"%%{ich-trickse}{User-Agent}i\" \"%%{ich-trickse}{Cookie}i\"' urchinpp_xf4: '%%{ich-trickse}{X-Forwarded-For}i %v %u %t \"%r\" %>s %b \"%%{ich-trickse}{Referer}i\" \"%%{ich-trickse}{User-Agent}i\" \"%%{ich-trickse}{Cookie}i\"' + remote_combined: '%a %l %u %t \"%r\" %>s %b \"%%{ich-trickse}{Referer}i\" \"%%{ich-trickse}{User-Agent}i\"' apache::mod::expires::expires_by_type: - { application/javascript: "access plus 1 day" } @@ -61,4 +62,4 @@ apache::mod::mime::mime_types_additional: 'gzip': '.svgz' # new # the repo is managed by site module -apache::mod::passenger::manage_repo: false \ No newline at end of file +apache::mod::passenger::manage_repo: false -- 2.39.5