Blame - aptly/server/single.yml - salt-models/reclass-system

blob: 8b719749d3b35f46ff4aabad03b46090ace21dfe [file] [log] [blame]

Ales Komarek	3f76e68	2016-12-05 11:53:00 +0100	[diff] [blame]	1	classes:
				2	- service.aptly.server.single
				3	- system.nginx.server.single
				4	- service.iptables.server
				5	parameters:
				6	_param:
Ales Komarek	3f76e68	2016-12-05 11:53:00 +0100	[diff] [blame]	7	nginx_aptly_server_host: ${linux:network:fqdn}
Filip Pytloun	ca51c85	2017-03-13 18:05:52 +0100	[diff] [blame]	8	aptly_server_secure: true
Ales Komarek	3f76e68	2016-12-05 11:53:00 +0100	[diff] [blame]	9	iptables:
				10	service:
				11	enabled: true
				12	chain:
				13	INPUT:
				14	rules:
				15	# Only local network can access WebDav and aptly API
				16	- destination_port: 8088
				17	protocol: tcp
				18	source_network: 10.0.107.0/24
				19	jump: ACCEPT
				20	- destination_port: 8088
				21	protocol: tcp
				22	source_network: 185.22.96.0/22
				23	jump: ACCEPT
				24	- destination_port: 8088
				25	protocol: tcp
				26	source_network: 10.0.174.0/23
				27	jump: ACCEPT
				28	- destination_port: 8088
				29	protocol: tcp
				30	source_network: 10.0.175.0/23
				31	jump: ACCEPT
				32	- destination_port: 8088
				33	protocol: tcp
				34	jump: DROP
				35	- destination_port: 8081
				36	protocol: tcp
				37	source_network: 10.0.107.0/24
				38	jump: ACCEPT
				39	- destination_port: 8081
				40	protocol: tcp
				41	source_network: 10.0.174.0/23
				42	jump: ACCEPT
				43	- destination_port: 8081
				44	protocol: tcp
				45	source_network: 10.0.175.0/23
				46	jump: ACCEPT
				47	- destination_port: 8081
				48	protocol: tcp
				49	jump: DROP
				50	nginx:
				51	server:
				52	site:
				53	aptly_server:
				54	enabled: true
				55	type: aptly
				56	name: server
				57	host:
				58	name: ${_param:nginx_aptly_server_host}
				59	aptly_api:
				60	enabled: true
				61	check: false
				62	type: nginx_proxy
				63	name: aptly_api
				64	proxy:
				65	host: 127.0.0.1
				66	port: 8080
				67	protocol: http
				68	size: 1G
				69	host:
				70	name: ${_param:nginx_aptly_server_host}
				71	port: 8081
				72	aptly:
				73	server:
				74	enabled: true
Filip Pytloun	ca51c85	2017-03-13 18:05:52 +0100	[diff] [blame]	75	secure: ${_param:aptly_server_secure}
Petr Michalec	0e558dd	2017-01-18 20:06:52 +0100	[diff] [blame]	76	gpg:
				77	keypair_id: ${_param:aptly_gpg_keypair_id}
				78	public_key: ${_param:aptly_gpg_public_key}
				79	private_key: ${_param:aptly_gpg_private_key}