summaryrefslogtreecommitdiffstats
path: root/hieradata/vagrant.yaml.sample
blob: 14f8f05269d5a38115f0868f90b65cb0560b0398 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
---
# we have a shared ip on the default interface
sshd::shared_ip: true

# default options for all vagrant boxes
ibox::root_password: "%{lookup('trocla_hierarchy::sha512crypt::root_password')}"
# show how you can expire the root password
trocla_options::root_password:
  sha512crypt:
    profiles:
      - rootpw
    expires: 5184000

# setup all the iuid stuff
iuid::config::categories:
  gitolite: 10000
  webhosting: 20000
  sftp_backup: 110000

# database servers
#ibox::types: ['dbserver']
#ib_postgres::server::admin_users:
#  'test2': {}
#ib_postgres::server::default_databases:
#  'test': {}
#ib_mysql::server::admin_users:
#  'user1': {}
#ib_mysql::server::default_databases:
#  'testdb1': {}
#  'testdb2': {}


# mailaccessproxy
#ibox::types: ['mailaccessproxy']
#ib_dovecot::proxy::sql_config:
#  dbhost: dbserver
#  dbname: maildb
#  dbuser: dovecot
#  dbpwd: supersecret
#  query: "SELECT NULL AS password, storagehost AS host, alias||'@'||domain AS destuser, 'Y' AS nologin, 'Y' AS nodelay, 'Y' AS proxy, 'Y' as nopassword FROM email_users WHERE alias = lower('%n') AND domain = lower('%d') AND deleted_at IS NULL AND ismailbox=1"

# mailstorage
#ibox::types: ['mailstorage']
#ib_dovecot::storage::sql_config:
#  dbhost: dbhost
#  dbname: maildb
#  dbloginuser: dovecot_update
#  dbloginpwd: supersecret1
#  dbexpireuser: dovecot_expire
#  dbexpirepwd:  supersecret2


# a webhosting type with mysql
# to illustrate we also install a bunch of hostings
#ibox::types: ['webhosting','dbserver']
# we don't need postgres here
#ibox::types::dbserver::is_postgres_server: false
# let's get some space for the webhostings
#ib_disks::datavgs::www::size_data: 12G
# let's make sure our hostings can login
# over ssh but only using sftp and are chrooted
#sshd::sftp_subsystem: 'internal-sftp'
#sshd::allowed_groups: 'root sftponly'
#sshd::use_pam: 'yes'
#sshd::hardened: '+sha1'
#sshd::tail_additional_options: |
#  Match Group root
#         PasswordAuthentication no
#  
#  Match Group sftponly
#         PasswordAuthentication yes
#         ChrootDirectory %h
#         ForceCommand internal-sftp
#         AllowTcpForwarding no
# the databases we need
#ib_mysql::server::default_databases:
#  'wp_test': {}
#  'wiki_test': {}
#  'smf_test': {}
# set the suhosin key to a random key from trocla
php::suhosin_cryptkey: "%{lookup('trocla_lookup::plain::php_suhosin_cryptkey')}"
trocla_options::php_suhosin_cryptkey:
  plain:
    length: 32
#ib_webhosting::hostings::php:
##  'php.ibox-one.local':
##    git_repo: 'https://github.com/sektioneins/pcc'
##  'php54.ibox-one.local':
##    git_repo: 'https://github.com/sektioneins/pcc'
##    php_installation: "scl54"
##  'php55.ibox-one.local':
##    git_repo: 'https://github.com/sektioneins/pcc'
##    php_installation: "scl55"
#  'php56.ibox-one.local':
#    git_repo: 'https://github.com/sektioneins/pcc'
#    php_installation: "scl56"
# setup a wordpress hosting fully automatic
# mind the database above
#ib_webhosting::hostings::wordpress:
#  'wp.ibox-one.local':
#    blog_options:
#      dbname: 'wp_test'
#      adminemail: 'admin@ibox.local'
# setup a mediawiki fully automatic
# mind again the database above
#ib_webhosting::hostings::mediawiki:
#  'mw.ibox-one.local':
#    db_name: 'wiki_test'
#    contact: 'admin@ibox.local'
#    sitename: 'mw'
#    db_server: '127.0.0.1'
# install a smf hosting, ready to be clicked
# through the webinstaller
#ib_webhosting::hostings::simplemachine:
#  'smf.ibox-one.local': {}
# setup all diffrent kind of php hostings, either using
# the system php installation or scl installations

# webservices
#ibox::types: ['webservices',]
#ib_apache::services::webhtpasswd::htpasswd_name: 'ht.ibox-one.local'
# get a coquelicot up and running
#ib_apache::services::coquelicot::instances:
#  'dl.ibox-one.local': {}

# install dbserver and php(My|Pg)Admin for it
#ibox::types: ['webservices','dbserver']
#ib_apache::services::myadmin::myadmin_host: 'my.ibox-one.local'
#ib_apache::services::myadmin::pgadmin_host: 'pg.ibox-one.local'

#ibox::types: ['onion_service']
#ib_tor::onion::services:
#  "%{hostname}":
#    '22': {}
#  "http_%{hostname}":
#    '80': {}