From ca3e09761a779f5021fb09d4f705a157486e57a4 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Fri, 16 Jun 2017 15:08:51 +0200 Subject: [PATCH] Service accounts for fbb-www --- customer/fbb-www/common.yaml | 92 +++++++++++++++++++++++++++----- customer/fbb-www/production.yaml | 48 +++++++++++++++++ customer/fbb-www/test.yaml | 51 ++++++++++++++++++ 3 files changed, 177 insertions(+), 14 deletions(-) diff --git a/customer/fbb-www/common.yaml b/customer/fbb-www/common.yaml index 10476e7f..7243de66 100644 --- a/customer/fbb-www/common.yaml +++ b/customer/fbb-www/common.yaml @@ -1,18 +1,66 @@ --- -##################################################### -# Postfix configuration: - -# Global configurations -postfix::alias_maps: "hash:/etc/aliases" -postfix::inet_interfaces: 'all' -postfix::manage_mailx: false -postfix::mastercf_source: 'puppet:///postfix_dir/master-nullclient.cf' -postfix::myorigin: "pixelpark.net" - -# Default values for PP Postfix module -infra::profile::postfix::myorigin: "%{hiera('postfix::myorigin')}" -infra::profile::postfix::transport_maps_source: 'maps/transport-fbb' -infra::profile::postfix::virtual_aliases_source: 'maps/virtual-nullclient-fbb' +accounts::users: + web: + apply: true + sudo: false + uid: 60300 + comment: 'Fiona Export' + group: 'fbb' + shell: 'bash' + keys: + nps55@sxflnx03: + key: "AAAAB3NzaC1kc3MAAACBAM55wAuW+mCV7btnCwF8xaacZOPNUkuqzVKkTtfWppqNKaoMGHqBIIvMxRlgSOVGnSX7lg8gRE3K3VRbordT4kMD4y4xhBSyzeSktYX1Wo5krBEAI+qf0R52Sxfx30EUraxgt0uZTjw1aaSLjP9/MiZUCM7UhadRGFJhVUF0GrYLAAAAFQDe18tTX3nwZs6Q2Zn3lqbQ5q6ZLwAAAIEAqNNKt7ZwbaVNEtFiJc4xoXnB1y0M1RcPUps45bMMEz6vNsB1jzEskQoXcEcYwaL4RDj7m6TEzuPrRBnHllQQPspbKxAkzdsRDtb85R+y7ZBg8ygjPy+waGt6sCU2od1SMav5CC9UXH4PAi+b88CaFVvnqARoRM6CcRmLXPMEWBgAAACBAM44mldGOTCFZfzFsefh3QAA/gYwOlhNMJOES5fpSetD0st3OgNkChd5vVYcrnOei7YJKZBy6863WJVWzk4/IPSRuJPGTfl9bJLzVaQPkHHLUlKaaVIhIXoBMgpfbY2SqOjNVEyvTfI0iCqnf4q8ADPDcz93spurKQl7GaV6+Q6r" + type: "ssh-dss" + Darksite_Admin_Tool: + key: "AAAAB3NzaC1kc3MAAACBANtL0m4qOL4mU1h014HAo3Au97ahDgSfWtQFHz6/XMB5TLaOIssPiN7K28/CadZIdj1yC62uxW6MnmgsAfo15c3+GW2p3XJxjWm8a+jefDejUFBUA4mVg0/EvAF0mDVB9t1BtLvGDUWTca3r3N1TPBULDcEpimsaQqeMapMwQ4kxAAAAFQDxShJd9+FfgaG5KemaYSBQiPzvdwAAAIBDnZYxz9CxKXvl0fEmoVWa7aMoQdWtaNtu59kT+zsuEa68asE14gAeR9dl4ctqQuXBsy8/fyK/9heZDROFi6AV5R7AeLc/eXOT7m5T0CQNDoBoyK63p/S38BQ8YR8Q6RfO9E2D5XbWjDvI8YG44VnuTNO2wKt+n34qRblhuAh6gQAAAIAJ/tbzg+xynMx5jqigcp3+oFKSGYJZidlw7t6q5LOgQLhSkEB+Xo9YH6y7JlsWVlYUTeYVGDH+EGs7/Q2XD80LSB7mbQRNRiFeyQ7+kxMa/fcHgS0Kj7MTEC/qPvuOxRmyMnuoJafl/KCdPuiS8VcsuOTjgC39QMLUMsBDwKgd/g==" + type: "ssh-dss" + darksite_xfer: + key: "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLQgXatMS7km7uYWyrXHxQxwwoK9jEoYEAAEp0xIGtuIe6IFy0Xn7Adi6SxhThvySaKGKfQnvJBL3LBMSqRbjEc=" + type: "ecdsa-sha2-nistp256" + flugdat: + apply: true + sudo: false + uid: 60301 + comment: "Flugdaten Import" + group: 'fbb' + shell: 'bash' + keys: + sxf110_install: + key: "AAAAB3NzaC1kc3MAAACBAPr94iKqYsRMUlxhq3TGkjC3wVk64kPw3CD7+0787u1K/s5hUqB43lf6CsKgT9+X766qYyJ33Eu2dq0wlesL3anHKeVzdZRgVdPmCYoggf0L1KdmkUjzZunnVol0P6EelCKmnaY3QBoZpD2tGKx9SMVjm1FzB+PZs8GGEGP1v/+DAAAAFQCZMvxEf4BRfevcMnr4g4IinXwHHwAAAIBbq0cSupbp0rdT7If8+YFfMkPQsPW4rjqS7i6pfRpsuRyDB70QpCV1w46HJh0pBqW/kxNVos9fKLNGJGLNdXxlxEQe3xvrBPxfwXK+Qqp7uNlGEpIGAufBsFHxi+SHqAFGjz4tzG4Nco5Vtc3uyoq0gdElBh/cjAQRZ/j0yK+kTgAAAIEA5oEizu5/DWy8hKOb6x56ZAtzafYwcwry0UkTyRLUOTT5I3SGiddgFhnZpEFpsRBYnQjeZ461sElMlxzHAqrRb0lRdSCIhLguLWBkJzK2V1k5TjVtH96WFPzoTPD8SYFCc+SlfjwL46Y0JCSZSp8nn9GvSo7Is7KppIijkVzig+o=" + type: "ssh-dss" + fids@sxffis: + key: "AAAAB3NzaC1yc2EAAAABIwAAAQEA2NL0M5djqWepHW7jrUxk6BbweNbjk8U2mJuPv1pghvZqp7MSBjrv+96Fzo0dI0gX8NdNe8c+WsI1kgsGf7uz2UrhoYiypmADLcULtNMQEPmuX3cmsR0m88Q2cH6lwZ4R2ydhX7+lMdn3uha2+qdwSfRBOHyPSxZF52YIEE9cNAn4ZNLaO6UGV5QIGktHQ13UdDIGUodanX/XOUKXPFNkFOQN7/X7CptKEK374gSGFppYw+7vmvg7KNTblWQLZvJAiPOZBQV93kJnx9XCvxCJSonZ50UH337x32LF5CnzGp4tbkj4IachiaEEjySzLIv8zlOaSEsDxlU0aKEW3l0ERw==" + type: "ssh-dss" + presse.upload: + apply: true + sudo: false + uid: 60302 + comment: "Presse Uploads" + group: 'fbb' + shell: 'bash' + key: "AAAAB3NzaC1yc2EAAAABJQAAAgEA1JtW/uakIVdZJ2GbwaxlpASVrv64bJM557pByFZyrb9ROlDNl7leoP9ViY3g8f10yspNewG0f3TMxy6wpKj89C9STmOoPFYchqmlqQUaypQBMvggMe/XN4N0IZc98XGvLZ2s2o55rSbjLuHTfoV2aDoPGzhyFa7av08YtmQIc4Dq8Wd84WE7bGBjbfwYE+O7y876l4Q3rFL5x+ceQ1kr0Zpqk1dF8T/sY+QoAWQP48hMjp5zC2wZ7T0jdI3aslxqC7Gnc+9mefWGW7Y/DHlkDUrGzf5mO9kMpOE+nhrEumNWmSLOLN8YE5hnPRdy4PVjjUCJsC9sW2VBXLamj6IT+2T4JpChLG/m07ki84SWfYNS6o3opKFmugKMtxJtQxiWgdTRyTpVokX7G3x4k3WTG6FAkJyMIC10eYGeuEell8LabyHfGS1DehVFkZtDgqfgYPp3p+mr2NlmqgHWdBmAvTcbpjEdA02xpYjM/qNVPsRA3JHBuj3S6r7nL7zr03zfBgt9VF4+y8lJMwIPAtV1osQdTzkJLBIcOfKL3j2edozQCOhoY1T/IhaS83iHl3r4ZlxViI/Eo0QTliqgfN4PtVMTlgyjHdqqTI+JXccJqhfZs+gmynWJrek4pmlOUjaL3y9is6bdlgW8qU44gvaUPJyxVA3/vofkqoQkxI3/E00=" + db.export: + apply: true + sudo: false + uid: 60303 + group: 'fbb' + shell: 'bash' + comment: "DB Export für FBB CMS" + unitb.cron: + apply: true + sudo: false + uid: 60304 + group: 'fbb' + shell: 'bash' + comment: "Executing cronjobs" + key: "AAAAB3NzaC1yc2EAAAADAQABAAACAQDc+eX3X3afsOj4B/W0Pcc4ZMc79IlxgqHlEq8pgwoubWv4vGVnm2hLzUtOZy8sIE74QJJY2vA6NqlGeFC+72O0pOZ8hAF3SGgui+jNg0cp6kCE7Y5uUJlw/IO7AKaxC816s+62qv0JsF6aZtKjqJ7eIrulCF7TShhKLU3vDSMI2pMpb2bGKs9tyV7RrQcZOY/NcLNln3ld/iNky3+mlFHt3XAX0DHYVxhNILSMoARahwJdgOC7rjXgORB3LkfW7gSXu/eBMtP5PYKpROsX+f4zFxq8Y+gHYJwFMXb/yiGGWLql4ni1165qsiyOBvZfscsAA03rHbDMuN4ZO+Z+yCPZnrsAGvc2+CkR++VRK4LjJLoEm4idLZr2yvWbye9vLYl7IsVE7FknMGHkene3b3fBYybGWgJGJQgl7GcSdqsoEZnX3qcM00aG22nVbiPn/97ACh7WsciTWJTxo0zqXUnd2nuyPk5pB0P4RqYq+ToYRvXprCoAlB0RyOcrv4wbWltIuw2D1Ul7uzNo2qIZCA6+dd90rYCHU4RoF50DQS/JRu1hBpsr9TniyBTfljf8iqQzmCJy0Yi32xsT3Gu2pnnI6vmFZuv0BbhztOF/+K4rNlegQmsF0oQVKpsL3fiVOtRjeX6TBhlSFnwu1hAgk7HFHZSeEbPbkZav1UFTz7ySaQ==" + fiona: + apply: true + sudo: false + uid: 60305 + group: 'fiona' + shell: 'nologin' + comment: "Fiona search user" ##################################################### # Externe User: @@ -38,3 +86,19 @@ infra::profile::postfix::virtual_aliases_source: 'maps/virtual-nullclient-fbb' # christian.steinke # dirk.bodeutsch # thomas.riedel + +##################################################### +# Postfix configuration: + +# Global configurations +postfix::alias_maps: "hash:/etc/aliases" +postfix::inet_interfaces: 'all' +postfix::manage_mailx: false +postfix::mastercf_source: 'puppet:///postfix_dir/master-nullclient.cf' +postfix::myorigin: "pixelpark.net" + +# Default values for PP Postfix module +infra::profile::postfix::myorigin: "%{hiera('postfix::myorigin')}" +infra::profile::postfix::transport_maps_source: 'maps/transport-fbb' +infra::profile::postfix::virtual_aliases_source: 'maps/virtual-nullclient-fbb' + diff --git a/customer/fbb-www/production.yaml b/customer/fbb-www/production.yaml index 9a64ad9f..77364e48 100644 --- a/customer/fbb-www/production.yaml +++ b/customer/fbb-www/production.yaml @@ -7,46 +7,94 @@ accounts::users: frank.grunwald: apply: true sudo: false + group: 'fbb' + groups: + - 'apache' beate.hauss: apply: true sudo: false + group: 'fbb' + groups: + - 'apache' samir.djulancic: apply: true sudo: false + group: 'fbb' + groups: + - 'apache' christian.hentke: apply: true sudo: false + group: 'fbb' + groups: + - 'apache' christian.steinke: apply: true sudo: false + group: 'fbb' + groups: + - 'apache' dirk.bodeutsch: apply: true sudo: false + group: 'fbb' + groups: + - 'apache' thoren.mcdole: apply: true sudo: false + group: 'fbb' + groups: + - 'apache' thomas.riedel: apply: true sudo: false + group: 'fbb' + groups: + - 'apache' #UnitB florian.dorrer: apply: true sudo: false + group: 'unitb' + groups: + - 'apache' + - 'fiona' felix.maier: apply: true sudo: false + group: 'unitb' + groups: + - 'apache' + - 'fiona' holger.voigt: apply: true sudo: false + group: 'unitb' + groups: + - 'apache' + - 'fiona' cassio.ludewigs: apply: true sudo: false + group: 'unitb' + groups: + - 'apache' + - 'fiona' mateusz.trebus: apply: true sudo: false + group: 'unitb' + groups: + - 'apache' + - 'fiona' kristina.matzat: apply: true sudo: false + group: 'unitb' + groups: + - 'apache' + - 'fiona' repo::remi_php71: true diff --git a/customer/fbb-www/test.yaml b/customer/fbb-www/test.yaml index 6fbed772..67e6aafa 100644 --- a/customer/fbb-www/test.yaml +++ b/customer/fbb-www/test.yaml @@ -7,6 +7,9 @@ accounts::users: christian.schoenherr: apply: true sudo: false + groups: + - 'fbb' + - 'apache' jenkins: apply: true sudo: false @@ -14,46 +17,94 @@ accounts::users: frank.grunwald: apply: true sudo: false + group: 'fbb' + groups: + - 'apache' beate.hauss: apply: true sudo: false + group: 'fbb' + groups: + - 'apache' samir.djulancic: apply: true sudo: false + group: 'fbb' + groups: + - 'apache' christian.hentke: apply: true sudo: false + group: 'fbb' + groups: + - 'apache' christian.steinke: apply: true sudo: false + group: 'fbb' + groups: + - 'apache' dirk.bodeutsch: apply: true sudo: false + group: 'fbb' + groups: + - 'apache' thoren.mcdole: apply: true sudo: false + group: 'fbb' + groups: + - 'apache' thomas.riedel: apply: true sudo: false + group: 'fbb' + groups: + - 'apache' #UnitB florian.dorrer: apply: true sudo: false + group: 'unitb' + groups: + - 'apache' + - 'fiona' felix.maier: apply: true sudo: false + group: 'unitb' + groups: + - 'apache' + - 'fiona' holger.voigt: apply: true sudo: false + group: 'unitb' + groups: + - 'apache' + - 'fiona' cassio.ludewigs: apply: true sudo: false + group: 'unitb' + groups: + - 'apache' + - 'fiona' mateusz.trebus: apply: true sudo: false + group: 'unitb' + groups: + - 'apache' + - 'fiona' kristina.matzat: apply: true sudo: false + group: 'unitb' + groups: + - 'apache' + - 'fiona' sudo::configs: jenkins_rights: -- 2.39.5