Commit 86b167d3 authored by Johan Bloemberg's avatar Johan Bloemberg

Switch to basisbeveiliging.nl as main domain

parent 714962e0
Pipeline #43139626 passed with stage
in 1 minute and 5 seconds
# provide application independent OS layer base settings
class base {
class base (
Hash[String,Hash] $files = {}
){
$osinfo = $::os['distro']['description']
notice("fqdn=${::fqdn}, env=${::env}, os=${osinfo}")
......@@ -25,4 +27,6 @@ class base {
# use hiera configuration (hiera.yaml) to get a list of classes to include
# https://puppet.com/docs/puppet/5.2/hiera_use_function.html#examples
lookup('classes', {merge => unique}).include
create_resources(file, $files)
}
......@@ -55,6 +55,25 @@ apps::failmap::admin::client_ca: &failmap_ca |
vzu4wrBBWT2CeLQYqDCNbsMCX4dgRdfRKWzrxS9t9+OA59uJ
-----END CERTIFICATE-----
# Set frontend hostname for this server
apps::failmap::hostname: basisbeveiliging.nl
sites::vhost_webroot:
faalkaart.nl: {}
admin.faalkaart.nl: {}
base::files:
/var/www/faalkaart.nl/html/index.html:
require: File[/var/www/faalkaart.nl/html/]
content: |
<head><meta http-equiv="refresh" content="0;URL='https://%{lookup('apps::failmap::hostname')}/'" /></head>
You are being redirected to <a href="https://%{lookup('apps::failmap::hostname')}/">https://%{lookup('apps::failmap::hostname')}/</a>
/var/www/admin.faalkaart.nl/html/index.html:
require: File[/var/www/admin.faalkaart.nl/html/]
content: |
<head><meta http-equiv="refresh" content="0;URL='https://admin.%{lookup('apps::failmap::hostname')}/'" /></head>
You are being redirected to <a href="https://admin.%{lookup('apps::failmap::hostname')}/">https://admin.%{lookup('apps::failmap::hostname')}/</a>
# CA for validating access to monitoring frontends (Grafana)
apps::failmap::monitoring::server::client_ca: *failmap_ca
......@@ -92,4 +111,4 @@ accounts::users:
# We prefer not having secrets that need to be deployed to the server and still have to think
# of a good way to make this work for non-http TLS ports like Redis (one such solution might be
# delagating letsencrypt dns-01 TXT records and running a DNS daemon on the server).
apps::failmap::broker::tls_combined_path: /etc/letsencrypt.sh/certs/faalkaart.nl/combined.pem
apps::failmap::broker::tls_combined_path: "/etc/letsencrypt.sh/certs/%{lookup('apps::failmap::hostname')}/combined.pem"
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment