README.md - Issue 4810150141493248: Issue 122 - Puppet ENC via Hiera

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Unified Diff: README.md

Issue 4810150141493248: Issue 122 - Puppet ENC via Hiera (Closed)

Patch Set: 112 - Puppet ENC via Hiera Created Oct. 8, 2014, 3:02 a.m.

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: README.md

===================================================================

--- a/README.md

+++ b/README.md

@@ -6,17 +6,46 @@

Our Puppet manifests are only tested with Ubuntu 12.04 right now.

-Private files

--------------

+Host specific setup

+-------------------

-Some parts of our infrastructure are, obviously, confidential. We have

-htpasswd files, SSH keys and SSL certificates that we need to be

-careful with.

+Some infrastructure parts are specific to the environment (such as e.g.

+*development*, *test* and *production*), whilst others are confidential.

Wladimir Palant 2014/11/17 16:43:36 Explicitly mention passwords as example of "confid

mathias 2014/11/27 00:30:18 Done.

+In order to allow for specific configuration, the repository requires a

+set of manual operations during the initial setup:

-That's why _modules/private_ is missing, and needs to be placed there

-manually. We provide stub versions of all those files in

-_modules/private-stub_, so just linking or copying that to

-_modules/private_ will make everything work locally.

+### `modules/private`

+The `private` module is destined to store confidential information such as

+[RSA](http://en.wikipedia.org/wiki/RSA_%28cryptosystem%29) keys, `htpasswd`

+files and so on. The repository provides a `private-stub` module containing

+defaults suitable for development and testing purpose. One can create a

+symbolic link to start using the resource:

+ # UNIX-oid

+ user@host:~/infrastructure$ ln -s private-stub modules/private

+ # Windows

+ C:\infrastructure\> MKLINK /D modules\private private-stub

+When creating a custom version, one may inspect the `modules/private-stub`

+directory to determine which resources have to be provided.

+### `hiera/environment`

+[Hiera](https://docs.puppetlabs.com/hiera/1/) configuration files specific

+to the current environment are expected to be found in `hiera/environment`.

+Default resources for development (and testing) purpose are provided within

+`hiera/development`:

+ # UNIX-oid

+ user@host:~/infrastructure$ ln -s development hiera/environment

+ # Windows

+ C:\infrastructure\> MKLINK /D hiera\environment development

+Note that custom versions are recommended to be tracked together with the

+custom `private` module, if any.

Development environment

-----------------------

« no previous file with comments | « .hgignore ('k') | Vagrantfile » ('j') | Vagrantfile » ('J')