From a356535faed2f75ee4aef70ec857a521c33e6988 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Tue, 15 Aug 2017 15:06:11 +0200 Subject: [PATCH] Copied remaining data from files in modules/ into modules.yaml --- modules.yaml | 138 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 138 insertions(+) diff --git a/modules.yaml b/modules.yaml index c27d37e7..3653cfcf 100644 --- a/modules.yaml +++ b/modules.yaml @@ -1,9 +1,95 @@ --- +################### +# Apache stuff - hug, ich habe gesprochen +apache::mpm_module: worker +apache::mod::status::allow_from: + - '127.0.0.1' + - '::1' + # Admin net + - '217.66.51.0/24' + # Fortigate NAT net + - '10.99.1.0/24' + +apache::mod::info::allow_from: + - '127.0.0.1' + - '::1' + # Admin net + - '217.66.51.0/24' + # Fortigate NAT net + - '10.99.1.0/24' + +apache::server_signature: 'Off' +apache::server_tokens: 'Prod' +apache::trace_enable: 'Off' +apache::default_mods: false +apache::keepalive: 'On' +apache::keepalive_timeout: 3 +apache::file_e_tag: 'None' +apache::mod::ssl::ssl_cipher: 'AES256+EECDH:AES256+EDH:AES128+EECDH:AES128+EDH' + +apache::mod::alias::icons_options: 'MultiViews' + +apache::mod::deflate::types: + - 'text/html text/plain text/xml' + - 'text/css' + - 'application/x-javascript application/javascript application/ecmascript' + - 'application/rss+xml' + - 'application/json' + - 'image/svg+xml' # new + +apache::log_formats: + lb_combined: '%%{ich-trickse}{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%%{ich-trickse}{Referer}i\" \"%%{ich-trickse}{User-Agent}i\"' + urchin: '%h %v %u %t \"%r\" %>s %b \"%%{ich-trickse}{Referer}i\" \"%%{ich-trickse}{User-Agent}i\" \"%%{ich-trickse}{Cookie}i\"' + urchinpp: '%%{ich-trickse}{Client-IP}i %v %u %t \"%r\" %>s %b \"%%{ich-trickse}{Referer}i\" \"%%{ich-trickse}{User-Agent}i\" \"%%{ich-trickse}{Cookie}i\"' + urchinpp_xf4: '%%{ich-trickse}{X-Forwarded-For}i %v %u %t \"%r\" %>s %b \"%%{ich-trickse}{Referer}i\" \"%%{ich-trickse}{User-Agent}i\" \"%%{ich-trickse}{Cookie}i\"' + remote_combined: '%a %l %u %t \"%r\" %>s %b \"%%{ich-trickse}{Referer}i\" \"%%{ich-trickse}{User-Agent}i\"' + +apache::mod::expires::expires_by_type: + - { application/javascript: "access plus 1 day" } + - { application/x-javascript: "access plus 1 day" } + - { text/css: "access plus 1 day" } + - { image/jpeg: "access plus 1 day" } + - { image/png: "access plus 1 day" } + - { image/bmp: "access plus 1 day" } + - { image/gif: "access plus 1 day" } + - { image/vnd.microsoft.icon: "access plus 1 day" } + - { application/font-woff: "access plus 1 month" } + - { application/vnd.ms-fontobject: "access plus 1 month" } + - { image/svg+xml: "access plus 1 day" } + - { application/font-sfnt: "access plus 1 month" } + - { application/vnd.oasis.opendocument.formula-template: "access plus 1 day" } + - { application/font-woff2: "access plus 1 month" } + +apache::mod::mime::mime_types_additional: + 'AddHandler': + 'type-map': 'var' + 'AddType': + 'text/html': '.shtml' + 'application/font-woff2': '.woff2' # new + 'AddOutputFilter': + 'INCLUDES': '.shtml' + 'AddEncoding': # new + 'gzip': '.svgz' # new + +# the repo is managed by site module +apache::mod::passenger::manage_repo: false + +################### # Epel epel::epel_baseurl: "https://repo.pixelpark.com/Linux/yum/epel/%{operatingsystemmajrelease}/$basearch" epel::epel_mirrorlist: absent +################### +# Galera +galera::repo::epel_needed: false +galera::repo::yum_mariadb_baseurl: "http://repo.pixelpark.com/Linux/yum/mariadb/10.0/centos/%{operatingsystemmajrelease}/%{architecture}/" +galera::repo::yum_mariadb_gpgkey: "http://repo.pixelpark.com/Linux/yum/mariadb/RPM-GPG-KEY-MariaDB" +# At the Moment this is a free Port, we can set it in /etc/services. With a non free Port i have problems +galera::status_port: 9220 +galera::status::port: 9220 + +################### # Icinga 2 icinga2::manage_repo: true icinga2::feature::api::accept_config: true @@ -22,6 +108,7 @@ icinga2::feature::api::zones: 'endpoints': - 'dev-monitoring.pixelpark.com' +################### # Mcollective mcollective::connector: rabbitmq @@ -53,12 +140,42 @@ infra::profile::mcollective::common::server_settings: # plugin.puppet.signal_daemon: # value: false +################### +# MySQL und MariaDB +mysql::server::remove_default_accounts: true +mysql::server::backup::backupuser: backup +mysql::server::backup::backuppassword: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAp0L8xZAUtkyTLd/sptQP3QbzlR6T9GzTCIGonIBXYu7SlGh305KKCt8yUDtd2Wp0uJe/JMAfpJ091wEWV82hgpQarwGCWSIpG+JfewvnMnWlu1VCe5kPhisBZHM0iAzuJblsjDpVhpHxhXujKDlY7O7IsUpE/zNjN/tT+IhKXeQNaoM4pRgtzd21YDDTz6+Tz4rMH4nxdqK2BS1tu13GgqAh2siZzmgNRUQe9ZnUHLVRB6plYSDSMngF3CjdVWIs9r2JgVSdbVUJX/xRWhn0+qtTGsKz9loT2PflbtuLGINyts4WNXhZbTVI8K3I7UlQjBHP0ampUI1Kl8JqMBDdHDBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBClJspHN3EpItpDsGEju9gbgCA2k6Xo8WRJKk1cjU8cru/Tihi+FCGEnT4eI7F1+GstuA==] +mysql::server::backup::backupdir: /srv/backup/mysql +mysql::server::backup::backuprotate: 3 +mysql::server::backup::maxallowedpacket: '512M' +mysql::server::backup::file_per_database: true +mysql::server::backup::time: + - 21 + - 30 + +################### +# Nginx +nginx::config::server_tokens: 'off' + +################### # NTP ntp::servers: - time01.pixelpark.com - time02.pixelpark.com - time03.pixelpark.com +################### +# PHP +php::settings: + Date/date.timezone: Europe/Berlin + PHP/expose_php: 'Off' + +php::manage_repos: false +php::dev: false +php::composer: false +php::pear: false + +################### # Repositories repo::redhat::oel7::ol7latest_baseurl: 'https://repo.pixelpark.com/Linux/yum/OracleLinux/OL7/latest/$basearch/' repo::redhat::oel7::ol7_u0_base_baseurl: 'https://repo.pixelpark.com/Linux/yum/OracleLinux/OL7/0/base/$basearch/' @@ -90,3 +207,24 @@ repo::redhat::centos::extra_baseurl: 'https://repo.pixelpark.com/Linux/yum/cento repo::redhat::passenger::baseurl: 'https://repo.pixelpark.com/Linux/yum/phusionpassenger/el/$releasever/$basearch' +################### +# Ruby +ruby::gemrc::gem_command: + gem: + - 'no-ri' + - 'no-rdoc' + +################### +# RVM +rvm::key_server: 'hkp://keys.gnupg.net:80' + +################### +# Zabbix +zabbix::agent::server: 217.66.51.48 +zabbix::agent::hostname: "%{fqdn}" +zabbix::agent::serveractive: 217.66.51.48 + +# Fix some versions +zabbix::repo::zabbix_version: 2.4 +zabbix::agent::zabbix_version: 2.4 + -- 2.39.5