Page MenuHomePhabricator
Paste P9941

(An Untitled Masterwork)
ActivePublic
Actions

Authored by akosiaris on Dec 18 2019, 3:32 PM.
Tags
None
Referenced Files
F31480762: raw.txt
Dec 18 2019, 3:32 PM
Subscribers
None
$ ssh -t puppetmaster2001.codfw.wmnet sudo puppet-merge
Fetching new commits from :https://gerrit.wikimedia.org/r/labs/private
diff --git a/README b/README
index ecbc977..1fdc8eb 100644
--- a/README
+++ b/README
@@ -10,3 +10,4 @@ It consists of:
- Certs that are self-signed and therefore certify nothing
- A few keys and passwords that are 'real' in the sense that labs
instances need them to communicate with upstream services
+
diff --git a/hieradata/role/eqiad/wmcs/ceph/mon.yaml b/hieradata/role/eqiad/wmcs/ceph/mon.yaml
index a8e05d8..2e93668 100644
--- a/hieradata/role/eqiad/wmcs/ceph/mon.yaml
+++ b/hieradata/role/eqiad/wmcs/ceph/mon.yaml
@@ -1,2 +1,2 @@
-profile::ceph::admin_secret: 'NOTAREALKEYaaaaaaaaaaaaaaaaaaaaaaaaaaa=='
-profile::ceph::mon::secret: 'NOTAREALKEYbbbbbbbbbbbbbbbbbbbbbbbbbbb=='
+profile::ceph::admin_keydata: 'NOTAREALKEYaaaaaaaaaaaaaaaaaaaaaaaaaaa=='
+profile::ceph::mon::keydata: 'NOTAREALKEYbbbbbbbbbbbbbbbbbbbbbbbbbbb=='
diff --git a/hieradata/role/eqiad/wmcs/ceph/osd.yaml b/hieradata/role/eqiad/wmcs/ceph/osd.yaml
index a8e05d8..2e93668 100644
--- a/hieradata/role/eqiad/wmcs/ceph/osd.yaml
+++ b/hieradata/role/eqiad/wmcs/ceph/osd.yaml
@@ -1,2 +1,2 @@
-profile::ceph::admin_secret: 'NOTAREALKEYaaaaaaaaaaaaaaaaaaaaaaaaaaa=='
-profile::ceph::mon::secret: 'NOTAREALKEYbbbbbbbbbbbbbbbbbbbbbbbbbbb=='
+profile::ceph::admin_keydata: 'NOTAREALKEYaaaaaaaaaaaaaaaaaaaaaaaaaaa=='
+profile::ceph::mon::keydata: 'NOTAREALKEYbbbbbbbbbbbbbbbbbbbbbbbbbbb=='
diff --git a/modules/secret/secrets/kerberos/keytabs/an-airflow1001.eqiad.wmnet/airflow/airflow.keytab b/modules/secret/secrets/kerberos/keytabs/an-airflow1001.eqiad.wmnet/airflow/airflow.keytab
new file mode 100644
index 0000000..e69de29
diff --git a/modules/secret/secrets/kerberos/keytabs/analytics1028.eqiad.wmnet/analytics/analytics.keytab b/modules/secret/secrets/kerberos/keytabs/analytics1028.eqiad.wmnet/analytics/analytics.keytab
new file mode 100644
index 0000000..e69de29
diff --git a/modules/secret/secrets/kerberos/keytabs/notebook1003.eqiad.wmnet/analytics-privatedata/analytics-privatedata.keytab b/modules/secret/secrets/kerberos/keytabs/notebook1003.eqiad.wmnet/analytics-privatedata/analytics-privatedata.keytab
new file mode 100644
index 0000000..e69de29
diff --git a/modules/secret/secrets/kerberos/keytabs/notebook1004.eqiad.wmnet/analytics-privatedata/analytics-privatedata.keytab b/modules/secret/secrets/kerberos/keytabs/notebook1004.eqiad.wmnet/analytics-privatedata/analytics-privatedata.keytab
new file mode 100644
index 0000000..e69de29
diff --git a/modules/secret/secrets/kerberos/keytabs/stat1004.eqiad.wmnet/analytics-privatedata/analytics-privatedata.keytab b/modules/secret/secrets/kerberos/keytabs/stat1004.eqiad.wmnet/analytics-privatedata/analytics-privatedata.keytab
new file mode 100644
index 0000000..e69de29
diff --git a/modules/secret/secrets/kerberos/keytabs/stat1005.eqiad.wmnet/analytics-privatedata/analytics-privatedata.keytab b/modules/secret/secrets/kerberos/keytabs/stat1005.eqiad.wmnet/analytics-privatedata/analytics-privatedata.keytab
new file mode 100644
index 0000000..e69de29
diff --git a/modules/secret/secrets/kerberos/keytabs/stat1007.eqiad.wmnet/analytics-privatedata/analytics-privatedata.keytab b/modules/secret/secrets/kerberos/keytabs/stat1007.eqiad.wmnet/analytics-privatedata/analytics-privatedata.keytab
new file mode 100644
index 0000000..e69de29
diff --git a/modules/secret/secrets/ssl/_etcd-server-ssl._tcp.k8s3-staging.eqiad.wmnet.key b/modules/secret/secrets/ssl/_etcd-server-ssl._tcp.k8s3-staging.eqiad.wmnet.key
new file mode 100644
index 0000000..e69de29
diff --git a/modules/secret/secrets/ssl/_etcd-server-ssl._tcp.k8s3.codfw.wmnet.key b/modules/secret/secrets/ssl/_etcd-server-ssl._tcp.k8s3.codfw.wmnet.key
new file mode 100644
index 0000000..e69de29
diff --git a/modules/secret/secrets/ssl/_etcd-server-ssl._tcp.k8s3.eqiad.wmnet.key b/modules/secret/secrets/ssl/_etcd-server-ssl._tcp.k8s3.eqiad.wmnet.key
new file mode 100644
index 0000000..e69de29
diff --git a/modules/secret/secrets/ssl/ganeti01.svc.ulsfo.wmnet.key b/modules/secret/secrets/ssl/ganeti01.svc.ulsfo.wmnet.key
new file mode 100644
index 0000000..7fa2f68
--- /dev/null
+++ b/modules/secret/secrets/ssl/ganeti01.svc.ulsfo.wmnet.key
@@ -0,0 +1,3 @@
+--- DUMMY SECRET KEY ---
+DUMMYDUMMYDUMMY
+--- END DUMMY SECRET KEY ---
Luca Toscano: Add fake kerberos keytabs for stat/notebook hosts (2b58f38)
herron: add dummy ulsfo ganeti RAPI key to pacify PCC (e3dbfc3)
Gerrit Code Review: Merge "test commit" (e0ab610)
John Bond: test commit (2238f75)
Alexandros Kosiaris: Add _etcd-server-ssl._tcp.k8s3 keys (6385572)
Jason Hedden: update ceph keydata key names (27c8161)
Luca Toscano: Add fake analytics user keytab to analytics1028 (edf5ea4)
Luca Toscano: Add fake keytab for an-airflow1001 (781b353)
WARNING: Revision range includes commits from multiple committers!
Merge these changes? (multiple/no)? no
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL