diff --git a/data_bags/credentials/liquor-cabinet.json b/data_bags/credentials/liquor-cabinet.json new file mode 100644 index 0000000..81dc301 --- /dev/null +++ b/data_bags/credentials/liquor-cabinet.json @@ -0,0 +1,17 @@ +{ + "id": "liquor-cabinet", + "s3_access_key": { + "encrypted_data": "TKYUWVboQZUKvw4bqrKsL28dH2DGR5iDBQclAwm5I7GqkxFfkG2d91qLv+BA\n", + "iv": "B8YYzXeFGxMG34WI\n", + "auth_tag": "HOIfcpJOFYIVvf5o8lk4mg==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "s3_secret_key": { + "encrypted_data": "GRqGJkGJ/f0zQVtO0r9TcXBqlpnfC5PiwTZK8QmsqEhzQI6U67NAf62QqTgl\nGVI1h8G5ITgC3l0xVhcvH6m2bcs9fjNzFIqnhoZhzGwEt51A5Zk=\n", + "iv": "UAlmoUWLedpd79xa\n", + "auth_tag": "2F/EJhY5/59dtFFwkd106A==\n", + "version": 3, + "cipher": "aes-256-gcm" + } +} \ No newline at end of file diff --git a/environments/production.json b/environments/production.json index ca1912e..145ec3c 100644 --- a/environments/production.json +++ b/environments/production.json @@ -77,6 +77,12 @@ "mastodon.w7nooprauv6yrnhzh2ajpcnj3doinked2aaztlwfyt6u6pva2qdxqhid.onion" ] }, + "liquor-cabinet": { + "ufw_source_allowed": "10.1.1.0/24", + "s3_endpoint": "http://localhost:3900", + "s3_region": "garage", + "s3_bucket": "rs-kosmos" + }, "mediawiki": { "url": "https://wiki.kosmos.org" }, diff --git a/nodes/lq-1.json b/nodes/lq-1.json index c969a94..e3b0a26 100644 --- a/nodes/lq-1.json +++ b/nodes/lq-1.json @@ -1,5 +1,6 @@ { "name": "lq-1", + "chef_environment": "production", "normal": { "knife_zero": { "host": "10.1.1.87" @@ -8,17 +9,24 @@ "automatic": { "fqdn": "lq-1", "os": "linux", - "os_version": "5.4.0-1090-kvm", + "os_version": "5.4.0-1104-kvm", "hostname": "lq-1", "ipaddress": "192.168.122.158", "roles": [ "base", - "kvm_guest" + "kvm_guest", + "garage_gateway", + "liquor_cabinet" ], "recipes": [ "kosmos-base", "kosmos-base::default", "kosmos_kvm::guest", + "kosmos_garage", + "kosmos_garage::default", + "kosmos_garage::firewall_rpc", + "liquor_cabinet", + "liquor_cabinet::default", "apt::default", "timezone_iii::default", "timezone_iii::debian", @@ -32,7 +40,8 @@ "postfix::_common", "postfix::_attributes", "postfix::sasl_auth", - "hostname::default" + "hostname::default", + "firewall::default" ], "platform": "ubuntu", "platform_version": "20.04", @@ -51,6 +60,8 @@ }, "run_list": [ "role[base]", - "role[kvm_guest]" + "role[kvm_guest]", + "role[garage_gateway]", + "role[liquor_cabinet]" ] } \ No newline at end of file diff --git a/nodes/lq-2.json b/nodes/lq-2.json index 8174bc6..65a82d5 100644 --- a/nodes/lq-2.json +++ b/nodes/lq-2.json @@ -1,5 +1,6 @@ { "name": "lq-2", + "chef_environment": "production", "normal": { "knife_zero": { "host": "10.1.1.188" @@ -8,17 +9,24 @@ "automatic": { "fqdn": "lq-2", "os": "linux", - "os_version": "5.4.0-1090-kvm", + "os_version": "5.4.0-1104-kvm", "hostname": "lq-2", "ipaddress": "192.168.122.47", "roles": [ "base", - "kvm_guest" + "kvm_guest", + "garage_gateway", + "liquor_cabinet" ], "recipes": [ "kosmos-base", "kosmos-base::default", "kosmos_kvm::guest", + "kosmos_garage", + "kosmos_garage::default", + "kosmos_garage::firewall_rpc", + "liquor_cabinet", + "liquor_cabinet::default", "apt::default", "timezone_iii::default", "timezone_iii::debian", @@ -32,7 +40,8 @@ "postfix::_common", "postfix::_attributes", "postfix::sasl_auth", - "hostname::default" + "hostname::default", + "firewall::default" ], "platform": "ubuntu", "platform_version": "20.04", @@ -51,6 +60,8 @@ }, "run_list": [ "role[base]", - "role[kvm_guest]" + "role[kvm_guest]", + "role[garage_gateway]", + "role[liquor_cabinet]" ] } \ No newline at end of file diff --git a/roles/liquor_cabinet.rb b/roles/liquor_cabinet.rb new file mode 100644 index 0000000..2651a6a --- /dev/null +++ b/roles/liquor_cabinet.rb @@ -0,0 +1,5 @@ +name "liquor_cabinet" + +run_list %w( + liquor_cabinet::default +)