From c453fd651993f06c24dcd87e773f669f37ebd05a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= Date: Tue, 4 Jan 2022 02:27:00 +0100 Subject: Remaining stuff on gandalf. --- manifests/site.pp | 136 +++--------------------------------------------------- 1 file changed, 6 insertions(+), 130 deletions(-) (limited to 'manifests/site.pp') diff --git a/manifests/site.pp b/manifests/site.pp index 92c907b..be6831a 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -1,151 +1,27 @@ node 'gandalf.adrift.space' { - include ::rss_filter - include ::networking - - nspawn::machine { 'busting': - os => 'debian', - enable => true, - os_opts => { - os_version => 'buster', - } - } - - # busting 10.0.0.42/23 - nspawn::machine { 'yoursql': - os => 'arch', - enable => true, - } - - class { '::dns': - forwarders => [ - '8.8.8.8', - '8.8.4.4', - ], - dnssec_enable => 'no', - dnssec_validation => 'no', - # allow_query_cache => [ 'localnets', ], - allow_recursion => [ 'localnets', ], - empty_zones_enable => 'no', - acls => { - slaves => [ '83.250.160.195', ], - }, - config_check => false, - manage_service => false, - } - - $rev_zone = dns::reverse_dns($facts['networking']['network6'])[32,-1] - - dns::zone { - default: - manage_file => false, - manage_file_name => true, ; - 'hugo': ; - 'hornquist.se': - update_policy => { - 'hornquist.se' => { - action => 'grant', - matchtype => 'zonesub', - rr => 'ANY', - } - }, - ; - 'adrift.space': - update_policy => { - 'hornquist.se' => { - action => 'grant', - matchtype => 'zonesub', - rr => 'ANY', - }, - 'hornquist.se' => { - action => 'grant', - matchtype => 'name', - tname => 'dyntest.adrift.space', - rr => 'TXT', - }, - }, - allow_transfer => [ slaves, ], ; - 'sub.adrift.space': ; - '0.0.10.in-addr.arpa': - reverse => true, ; - '1.0.10.in-addr.arpa': - reverse => true, - zonetype => 'forward', - forward => 'only', - forwarders => [ '10.0.0.1', ], ; - $rev_zone: - reverse => true, - ; - } - - $key = lookup('nsupdate::secrets."hornquist.se"') - dns::key { 'hornquist.se': - algorithm => $key['algorithm'], - secret => $key['secret'], - } - - dns::logging::channel { 'xfer-log': - log_type => 'file', - file_path => '/var/log/named/log', - print_category => 'yes', - print_severity => 'yes', - severity => 'info', - file_size => '500K', - file_versions => 5, - } - - dns::logging::channel { 'default_syslog': - log_type => 'syslog', - syslog_facility => 'local2', - severity => 'info', - } - - dns::logging::category { [ - 'xfer-in', - 'xfer-out', - 'notify', - ]: - channels => [ 'xfer-log', ], - } - - - # TODO restart named - - - profiles::remarkable { 'any name': - addr => '3', - } + include ::dns + include ::profiles::dns_zones include ::profiles::common include ::profiles::client + include ::networking include ::losetup - include ::profiles::xmonad - include ::profiles::workstation + include ::profiles::workstation + include ::profiles::xmonad include ::profiles::dolphin include ::profiles::imagemagick - systemd_mount { '/usr/net': - what => 'elrond:/files', - where => '/usr/net', - wantedBy => 'remote-fs.target', - automount => true, - } - include ::profiles::syncthing include ::profiles::gandalf_web include ::profiles::transmission include ::shiori - profiles::webdav_server { '/dav': - file_path => '/var/www/webdav', - nginx_server => 'gandalf', - users => lookup('profiles::webdav_server::users'), - } - + include ::profiles::webdav } node 'hornquist.se' { -- cgit v1.2.3