23 files changed, 475 insertions, 219 deletions

diff --git a/manifests/common.pp b/manifests/common.pp
deleted file mode 100644
index 8f839c79..00000000
--- a/manifests/common.pp
+++ /dev/null
@@ -1,98 +0,0 @@
-# to not repeat the setting everywhere 
-Exec { path => "/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/local/sbin/" }
-
-
-class base_packages {
-    # packages installed everywhere 
-    # asked by misc : screen, vim-enhanced, htop, lsof, tcpdump, less
-    # asked by nanar : rsync
-    $package_list = ['screen', 'vim-enhanced', 'htop', 'lsof', 'tcpdump', 'rsync', 'less']
-
-    package { $package_list:
-        ensure => installed;
-    }
-}
-
-class default_ssh_root_key {
-    ssh_authorized_key { "ssh key misc":
-        type => "ssh-rsa",
-        key => "AAAAB3NzaC1yc2EAAAABIwAAAgEA4fpjTvcL09Yzv7iV40TPjiXGHOOS5MldSh5ezSk7AMLVjAAloiidl8O3xwlxwUnjUx5zv1+RlbV76sdiSD32lBht72OZPg0UqQIB8nHeVJBdJ8YpnQ3LynNPPYJ65dvdr0uE2KRlN/1emi2N+O+f2apwc1YiL8nySEK/zLvCKO5xj16bIVuGFilDdp75X/t3C/PDsZU+CUyWL5Ly3T2+ljGc+nEAK9P0PNnvl9bRK9dqu457xjca8nXwWVI1fd6Jnt1jISFdQXy6/+9326Z6aAxvWKCrCvmdg+tAUN3fEj0WXZEPZQ1Ot0tBxKYl+xhV1Jv/ILLbInT0JZkSEKNBnJn4G7O4v+syoMqA7myHre73oGn/ocRWGJskIM33aXrJkZkJ4LkF1GLJPFI4y7bzj024sPAVvBwDrV7inwsOy0DSQ5tCbfX25TTXbK+WMXzz0pBbSi6mPgjtzlSYsLZrTa7ARYhggDG2miuOAFrup8vP7/aH2yZ+hZuF70FsMh4lf/eXDGwfypyfYrjfVSkFfY0ZU294ouTBn3HtHmgFu82vOMvLNtI9UyERluCBpLBXOT8xgM97aWFeUJEKrVxkGIiNwVNylMEYp8r16njv810NdTLA3jZu9CLueVvME6GLsGve5idtGmaYuGYNRnSRx3PQuJZl1Nj7uQHsgAaWdiM=",
-        user => "root"
-    }
-
-    ssh_authorized_key { "ssh key dams":
-        type => "ssh-dss",
-	    key => "AAAAB3NzaC1kc3MAAACBAM+23oU9t9ghBUX2uG3hCeUwVpGoPIdnV3a8eiHf7HgUS0JqyZ/uv4LbVHyFRInt7qV4ZcChmzk6NmLfG3QnfR/3NdPJX4WxPz78BuoaI6t+fA2SdHLEY+Yz3kvI04gHuIUQ+X8e2j5wledg4r4qfkJZPCRhX1pmZFoimsCU99PJAAAAFQCOYJBWQIbV6bwtxIhj1SBR7zgA+wAAAIAA32DgUWrQUMZnXqNzo+AL/xbprE3UxEj8O2nICepTVVJboVPVek37VlKnjChl6mjya3+FkhHqfOW1UUi/L/W6C5sNsn/Ep/TxGjOLAOgG5RaXHS5RQ/Ttfs4EyPllbRmkRwCGkgx15wDo5kKuLbHCw8pLJKrxzBO4Sf6i3n4KswAAAIEAzR/EkWv6sVB6ehEO1G6L21VQQLQ7zHoJQeemuSVD6Yq8z4zcNhdrdMWZfQSiZe554G1l3lQdDmF+5kJ+1BFxXJGnZXb5/hdEBfiYeeZEQO3FvyPpnyWC73UxFksJNzFTGM8IExZ9aV4/JqdisZWMa7CRIDijeq2nQgytNcDCqRs=",
-        user => "root"
-    }
-
-    ssh_authorized_key { "ssh key blino":
-        type => "ssh-dss",
-	    key => "AAAAB3NzaC1kc3MAAAEBAIuMeFTbzLwcxlKfqSUDmrh2lFVOZyjotQsUm4EGZIh8killmHCBmB8uYvh3ncwvcC8ZwfRU9O8jX6asKJckFIZ37cdHaTQR7fh5ozG4ab652dPND2yKCg1LCwf2x0/Ef1VtyF7jpTG/L9ZaGpeXQ8rykoH4rRnfSdYF0xT7ua9F/J/9ss5FtzQYbQLFMzV3SlXRWp5lzbF4lCyoTyijc8cDrTKeDTu/D5cTpqYxfKUQguGGx0hqUjE3br8r4MPOECqpxAk3gkDr+9mIGftKz07T9aMnHVNNI+hDnjACbbZcG4hZnP99wKmWQ4Pqq7Bten6Z/Hi10E5RiYFyIK8hrR0AAAAVALwhZE/KgdoAM7OV5zxOfOvKrLwJAAABADRU1t5V2XhG07IKgu4PGp9Zgu3v9UkqqPU7F+C8mp2wUw7yTgKaIety8ijShv0qQkF+3YNGj9UnNYeSDWJ62mhMfP6QNQd3RAcbEggPYDjIexoLus44fPGOHtyzvwgSHAGkhBAG9U6GrxTOCUE4ZcZ82r2AdXGzngqnxgvihs9X/thTZu6MuPATueTL6yKShPsFRamgkWmqjJTKP4ggCPHK3FqCiLkrMNbwZ7WECEuodBGou6yCTTGkUXIxGv3/FU96u9FMhqtswClZEElxu+Gajw8gNF8kLnGUSlbubHocfhIAraxfc6s31T+b3Kq6a2JeLhODdgERFM2z/yMbsMMAAAEACqUvqpak3+am+Xz1KOOgTnprpjs8y9cbBU+BzkyhISGNINVSv9fEVEuOIwxW8EZ1gHLORYwAx9onk3WXUKX48DHlMHLwgpahQJnMsuUsJn2QknTiGuML+9MzNrE4ZEoipTEL11UayVcCFYGEB1X0IghX+XmLTGhji6DUBUmepzWN3FXvYMJH50sFLjCok9JszJCgzh8jILp37n8HXgG/FPG5soGG095lHand41s9qdeq4pGchKGDOEia9KAPL6Px5o48dQxxJkMoI8gljFcwVphc0QMmQSqN1paZgnzzwkGp4smuWNxZ+kWdJOceyrlULOsgi9LEkItHZyZtDzufmg==",
-        user => "root"
-    }
-
-    ssh_authorized_key { "ssh key nanar": 
-	    type => "ssh-dss",	
-	    key => "AAAAB3NzaC1kc3MAAACBAMLWdzwlo5b9yr1IR5XbbYpESJQpTiZH4gTzVaUIdtbU6S2R41Enn/xZSLgbWcCX79WEcQlfKDS3BcrjWybpwCQD+i1yIA4wmYaQ3KwYBaIsTe5UtPF41hs8Jb8MhTPe9z9hNi5E1R6QQ2wPu3vDAi4zTZ4415ctr6xtW+IDYNOLAAAAFQC9ku78wdBEZKurZj5hJmhU0GSOjwAAAIAeGorkIHQ0Q8iAzKmFQA5PcuuD6X7vaflerTM3srnJOdfMa/Ac7oLV+n5oWj0BhuV09w8dB678rRxl/yVLOgHR9absSicKDkYMZlLU7K1oNFwM4taCdZZ1iyEpJVzzUOVCo8LqK6OZJhbFI0zbarq4YM/1Sr+MIiGv5FK7SCpheAAAAIEAwP95amGY7BgPzyDDFeOkeBPJQA/l7w0dEfG8A+2xui679mGJibhlXiUWqE0NqeDkD17Oc+eOV/ou5DA62tMDSus119JjqYhDEOs0l5dvA6aTzObZDhiUDQbNoS9AIPxgsqdc2vBRxonHUm/7maV8jvWVSy1429CNhnyWKuTe2qU=",
-	    user => "root"
-    }
-
-    ssh_authorized_key { "ssh key dmorgan": 
-	    type => "ssh-dss",
-	    key => "AAAAB3NzaC1kc3MAAACBAOsCjs1EionxMBkyCOXqhDlGUvT/ZORSjqrEhZrro2oPdnMvj3A7IHf1R8+CVVrJlnOHFEwfdC3SB5LYhmUi/XaBq1eqUiVFQLFURrYlrWFh1xSqGUFvvUfMFXOZCn4f9eJYDVaRtWBL7IZCijwZS6bbE0FLW0f6pPzhHtMkSRW/AAAAFQCyg7km5gCZ6W4iRKqr87Wy+LajMwAAAIBZ3+oM/hQ9MS2QkMa8wZk9taEO9PJQHXO3IHyo3wMUj7DYnwgyHQIIeTgPwrE+z0TkM3K3pQlf8xQmsQo7T2kQHCLFZnueEoNB+y+LySLtLDoptYlkqJ9Db0kJti+W8EFc8I+s87HuVdkXpqid222zmRfzYufjbosb8abtGUODXAAAAIBWlhkUEZsbQXkimAnfelHb7EYFnwUgHPSzrzB4xhybma9ofOfM3alZubx9acv94OrAnlvSTfgETKyT0Q+JYvtxZr9srcueSogFq8D8tQoCFJIqpEvjTxjSlg1Fws0zHBH7uO7Kp8zhnuTalhQC1XorFPJD3z40fe62fO6a02EUCQ==",
-	    user => "root"
-    }
-
-    ssh_authorized_key { "ssh key coling": 
-	    type => "ssh-rsa",    
-	    key => "AAAAB3NzaC1yc2EAAAABIwAAAIEAr04pPIWNWxihA2UxlN+I6jubWofbRMlIhvqsADJjEWSr5YBDpEpWEsdtCjBrzbrrYfpGWwpeSL1mbKhmO8+pxygyzWBVcNHEcyp8DzfwT0b2tGiCox+owkyjtyOoogTu8tLvPSvMOhDgfP4WCcMuBZwRVhMR1NKJyk73T9W8qtM=",
-	    user => "root"
-    }
-
-    ssh_authorized_key { "ssh key severine":
-        type => "ssh-rsa",
-        key => "AAAAB3NzaC1yc2EAAAABIwAAAgEAt9VHEteitx7bR2bg6KPfqkxgnTl/2QsqAZipqvI2axdi+gDDov+JIQP2q7HE7ZgUhlXKqHz6O0Bs894vTYtuT9hu6DaeFwuMELmH+M80CoCbJROvuQMjW7AeSXuE4llk464ubZmhyPzVHMUeKymtJxiMu5AxIV7KGoVO+dSgEMqJ66IeXLwho5uVJ/HELizY4LDm2yzbr4/gXAkYEI151PlKDMR/4FVPsGGp/vFZqIq68C4bSGeFv4e3OE9mBJQQukN1zdm0q0ssb50dEk0QU1ZWoChTip+b8FpuouQbXME8KDaNlCN9CHZwD8IfavY+urZBq5ofluihUewqzjNKPoUA6dj3MzyFZ5vQEYSwwDrSrKLXr92NrDb8QbSCLb7IqsbmXFhOa0JY4BGmqRz2r+ifinK4maZs73q1f15yj/dqBZfCCiKJsbs5GUBN2mqp2kijdpz5gpVTbBIZ3Smio0gF++VjZqVpc3e86/jJ4RwFh6I8fdalQxTIlBTkTk7TkHt0UN+7bSeV7MhpTx2FkKl2hqLCNs50c0KHomFtTrhwRi2czv/cJc+LLPPnjMFPSFv4kP8JTgSTxndPkDb6xMXIwcnk3JsPE45N6PM3zC9FoU2sY8x9U9ZZf1xtI08A+N68xGvSTxxjXJTnWU2ySCcYL3wStAewsLAJxE3O7ys=",
-        user => "root"
-    }
-
-    ssh_authorized_key { "ssh key boklm":
-        type => "ssh-dss",
-        key => "AAAAB3NzaC1kc3MAAACBAIGfoferrHXi7m8Hw3wY3HzIvWzlBKRu4aUpOjFgFTw+aPiS842F8B2bqjzUyLVAv13zHB5QjVeAB0YQ1TvMQbew+7CRAgAVWrY/ckMJxSdNk6eKnxlnLA295xBnyc+jdMhdTKisywtlkLP6Au+2eA/sDKELO8tiIQzSUithppU/AAAAFQCP/IlvpJjhxQwgA4UW1Mg7W3MPVwAAAIAc8BA7W9qDaA8/sQiOu6sSueEVnf7QmJzTJuT0ZJ9HDSB39+fQrwjPZqxiTpAfSboBTC0KiuG9ncCZyh6fAmn2i9WSZ6HYkoLBjHU3nu3u18qlT8LqwajUjgp15jgUKWB8OxvO1dPNaLEsvP1BKPTfDoPNPeUeQmb3WaX9S+pVGwAAAIA63gRktdobLeeuRFAfPdQQ7Imi1GwrfKa2QUgowksDxwgBBo796HN41+yF0W2AOZ2lx25KQRF0Wgc5Abm/TV8u3WbzosYbZgUBiGDqyVhIPU/xF+yPEHPYx3G3nwjEZAaxxf+LaeZkY1Yp15O6NAZAzdyV00iG/tO/ciWBPCMeJA==",
-        user => "root"
-    }
-
-    ssh_authorized_key { "ssh key buchan":
-        type => "ssh-dss",
-        key => "AAAAB3NzaC1kc3MAAACBALpYDQtkZcfXdOILynCGa7IAbW4+etmzpIMjw6BfvZOfLT6UPfDwajhDBMBNSbgigxkxxEdsa0/UMIE3Yrpr8YivhbL79sFw2N/FeWCs3Vk8JXNjBGA6itAIz9nwfh6qCDUj2t8LTdOQdYrSFOO7x2dFgeCwi21V27Ga2vqsvkUnAAAAFQD708pfON6Itq/5S+4kkNdNNDKWCwAAAIEAkRQeugul6KmOC0C2EmgVJvKK1qImlwHir08W1LTESnujmRIWLRst8sDoKjJpNevFuHGybPQ3palvM9qTQ84k3NMsJYJZSjSexsKydHJbD4ErKk8W6k+Xo7GAtH4nUcNskbnLHUpfvzm0jWs2yeHS0TCrljuTQwX1UsvGKJanzEoAAACBAIurf3TAfN2FKKIpKt5vyNv2ENBVcxAHN36VH8JP4uDUERg/T0OyLrIxW8px9naI6AQ1o+fPLquJ3Byn9A1RZsvWAQJI/J0oUit1KQM5FKBtXNBuFhIMSLPwbtp5pZ+m0DAFo6IcY1pl1TimGa20ajrToUhDh1NpE2ZK//8fw2i7",
-        user => "root"
-    }
-
-    ssh_authorized_key { "ssh key tmb":
-        type => "ssh-dss",
-        key => "AAAAB3NzaC1kc3MAAACBAMFaCUsen6ZYH8hsjGK0tlaguduw4YT2KD3TaDEK24ltKzvQ+NDiPRms1zPhTpRL0p0U5QVdIMxm/asAtuiMLMxdmU+Crry6s110mKKY2930ZEk6N4YJ4DbqSiYe2JBmpJVIEJ6Betgn7yZRR2mRM7j134PddAl8BGG+RUvzib7JAAAAFQDzu/G2R+6oe3vjIbbFpOTyR3PAbwAAAIEAmqXAGybY9CVgGChSztPEdvaZ1xOVGJtmxmlWvitWGpu8m5JBf57VhzdpT4Fsf4fiVZ7NWiwPm1DzqNX7xCH7IPLPK0jQSd937xG9Un584CguNB76aEQXv0Yl5VjOrC3DggIEfZ1KLV7GcpOukw0RerxKz99rYAThp6+qzBIrv38AAACBAKhXi7uNlajescWFjiCZ3fpnxdyGAgtKzvlz60mGKwwNyaQCVmPSmYeBI2tg1qk+0I5K6LZUxWkdhuE1UfvAbIrEdwyD8p53dPg1J9DpdQ1KqApeKqLxO02KJtfomuy3cRQXmdfOTovYN7zAu1NCp51uUNTzhIpDHx0MZ6bsWSFv",
-        user => "root"
-    }
-}
-
-class urpmi_update {
-    cron { urpmi_update:
-        user => root,
-        hour => '*/4',
-        minute => 0,
-        command => "urpmi.update -a",
-    }
-}
-
-class default_mageia_server {
-    include timezone
-
-    include openssh
-    include default_ssh_root_key
-    include base_packages
-    include ntp
-    include postfix::simple_relay
-    include urpmi_update
-    include puppet::client
-}
-
diff --git a/manifests/defaults.pp b/manifests/defaults.pp
new file mode 100644
index 00000000..85f3f31c
--- /dev/null
+++ b/manifests/defaults.pp
@@ -0,0 +1,35 @@
+# to not repeat the settings everywhere
+Exec {
+    path => '/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/local/sbin/',
+}
+
+Package {
+    ensure => present,
+}
+
+File {
+    ensure => present,
+    owner  => 'root',
+    group  => 'root',
+    # on directory, this will be 755
+    # see http://docs.puppetlabs.com/references/2.7.0/type.html#file
+    mode   => '0644',
+}
+
+Group {
+    ensure => present,
+}
+
+User {
+    ensure     => present,
+    managehome => true,
+    shell      => '/bin/bash',
+}
+
+Service {
+    ensure => running,
+}
+
+Service {
+    provider => systemd,
+}
diff --git a/manifests/extlookup.pp b/manifests/extlookup.pp
index 77dc7809..0837818b 100644
--- a/manifests/extlookup.pp
+++ b/manifests/extlookup.pp
@@ -1,4 +1,4 @@
-# see http://www.devco.net/archives/2009/08/31/complex_data_and_puppet.php
-$extlookup_datadir = "/etc/puppet/extdata"
-$extlookup_precedence = ["%{fqdn}", "common"]
+# see https://www.devco.net/archives/2009/08/31/complex_data_and_puppet.php
+$extlookup_datadir = '/etc/puppet/extdata'
+$extlookup_precedence = ['%{fqdn}', 'common']
 
diff --git a/manifests/nodes.pp b/manifests/nodes.pp
index 1a2ac33b..61a76ee8 100644
--- a/manifests/nodes.pp
+++ b/manifests/nodes.pp
@@ -1,117 +1,7 @@
-# svn, big important server
-node valstar {
-# Location: IELO datacenter (marseille)
-#
-# TODO:
-# - GIT server
-# - setup urli build scheduler
-# - setup youri
-# - setup restricted shell access to allow "mdvsys submit" to work
-# - setup maintainers database (with web interface)
-# - mirroring (Nanar)
-#
-    include default_mageia_server
-    timezone::timezone { "Europe/Paris": }
-    include rsyncd
-    include mirror
-    include openldap::master 
-    include subversion::client
-    include subversion::server
-    include puppet::master
-    include buildsystem::mainnode
-
-    subversion::snapshot { "/etc/puppet":
-        source => "svn://svn.mageia.org/adm/puppet/"
-    }
-}
-
-# web apps
-node alamut {
-# Location: IELO datacenter (marseille)
-#
-# TODO:
-# - Review board
-# - nagios
-# - api
-# - mail server
-# - mailing list server
-# - wiki
-# - pastebin
-# - LDAP slave
-# 
-    include default_mageia_server
-    include bind::bind_master
-    include postgresql
-    bind::zone_master { "mageia.org": }
-    bind::zone_master { "mageia.fr": } 
-    timezone::timezone { "Europe/Paris": }
-
-    include catdap
-    include mga-mirrors
-    include epoll
-    include transifex
-    include bugzilla
-}
-
-# buildnode
-node jonund {
-# Location: IELO datacenter (marseille)
-#
-    include default_mageia_server
-    include buildsystem::buildnode
-    timezone::timezone { "Europe/Paris": }
-    include shorewall
-    include shorewall::default_firewall
-    include testvm
-}
-
-node ecosse {
-# Location: IELO datacenter (marseille)
-#
-    include default_mageia_server
-    include buildsystem::buildnode
-    timezone::timezone { "Europe/Paris": }
+# that's not for a real node called default, but
+# config applied to every node
+node default {
+    include common::default_mageia_server
 }
 
-
-# backup server
-node fiona {
-# Location: IELO datacenter (marseille)
-#
-# TODO:
-# - buy the server
-# - install the server in datacenter
-# - install a backup system
-    include default_mageia_server
-} 
-
-# gandi-vm
-node krampouezh {
-# Location: gandi VM
-#
-# TODO:
-# - secondary MX
-# - LDAP slave (for external traffic maybe)
-#
-    include default_mageia_server
-    include bind::bind_master
-    bind::zone_master { "mageia.org": }
-    bind::zone_master { "mageia.fr": } 
-    timezone::timezone { "Europe/Paris": }
-# Other services running on this server :
-# - meetbot
-}
-
-node champagne {
-# Location: gandi VM
-#
-# TODO:
-# - setup mageia.org web site
-# - setup blog
-#
-    include default_mageia_server
-    timezone::timezone { "Europe/Paris": }
-    include blog
-}
-
-
+import 'nodes/*.pp'
diff --git a/manifests/nodes/armlet1.pp b/manifests/nodes/armlet1.pp
new file mode 100644
index 00000000..0d731f08
--- /dev/null
+++ b/manifests/nodes/armlet1.pp
@@ -0,0 +1,7 @@
+node armlet1 {
+# Location: Scaleway (Iliad/Online datacenter)
+#
+    include common::default_mageia_server
+    include mga_buildsystem::buildnode
+    timezone::timezone { 'Europe/Paris': }
+}
diff --git a/manifests/nodes/armlet2.pp b/manifests/nodes/armlet2.pp
new file mode 100644
index 00000000..7566249f
--- /dev/null
+++ b/manifests/nodes/armlet2.pp
@@ -0,0 +1,7 @@
+node armlet2 {
+# Location: Scaleway (Iliad/Online datacenter)
+#
+    include common::default_mageia_server
+    include mga_buildsystem::buildnode
+    timezone::timezone { 'Europe/Paris': }
+}
diff --git a/manifests/nodes/duvel.pp b/manifests/nodes/duvel.pp
new file mode 100644
index 00000000..772e43dc
--- /dev/null
+++ b/manifests/nodes/duvel.pp
@@ -0,0 +1,56 @@
+node duvel {
+# Location: IELO datacenter (marseille)
+#
+# TODO:
+# - GIT server
+# - setup maintainers database (with web interface)
+#
+    include common::default_mageia_server
+    timezone::timezone { 'Europe/Paris': }
+    include main_mirror
+    include openldap::master
+    include git::client
+    include subversion::client
+    include subversion::server
+    include puppet::master
+    #include reports::ii
+
+    include sshkeys::keymaster
+    include mga_buildsystem::mainnode
+    include softwarekey
+    include mgasoft
+    include spec-tree-reports
+
+    include access_classes::committers
+    include restrictshell::allow_git
+    include restrictshell::allow_svn
+    include restrictshell::allow_pkgsubmit
+    include restrictshell::allow_maintdb
+    include restrictshell::allow_upload_bin
+    include openssh::ssh_keys_from_ldap
+
+    include repositories::subversion
+
+    # include irkerd
+
+    include websites::svn
+    include websites::git
+
+    class { 'mga-advisories':
+        vhost => "advisories.${::domain}",
+    }
+
+    git::snapshot { '/etc/puppet':
+        source => "git://git.${::domain}/infrastructure/puppet/"
+    }
+
+    mirror_cleaner::orphans {  'cauldron':
+        base => '/distrib/bootstrap/distrib/',
+    }
+
+    class { 'mgagit':
+        ldap_server => "ldap.${::domain}",
+        binddn      => 'cn=mgagit-valstar,ou=System Accounts,dc=mageia,dc=org',
+        bindpw      => extlookup('mgagit_ldap','x'),
+    }
+}
diff --git a/manifests/nodes/ec2aa1.pp b/manifests/nodes/ec2aa1.pp
new file mode 100644
index 00000000..f000db8a
--- /dev/null
+++ b/manifests/nodes/ec2aa1.pp
@@ -0,0 +1,7 @@
+node ec2aa1 {
+# Location: Amazon (eu-central-1a)
+#
+    include common::default_mageia_server
+    include mga_buildsystem::buildnode
+    timezone::timezone { 'Europe/Paris': }
+}
diff --git a/manifests/nodes/ec2aa2.pp b/manifests/nodes/ec2aa2.pp
new file mode 100644
index 00000000..a4e1e27f
--- /dev/null
+++ b/manifests/nodes/ec2aa2.pp
@@ -0,0 +1,7 @@
+node ec2aa2 {
+# Location: Amazon (eu-central-1b)
+#
+    include common::default_mageia_server
+    include mga_buildsystem::buildnode
+    timezone::timezone { 'Europe/Paris': }
+}
diff --git a/manifests/nodes/ec2aa3.pp b/manifests/nodes/ec2aa3.pp
new file mode 100644
index 00000000..763675d7
--- /dev/null
+++ b/manifests/nodes/ec2aa3.pp
@@ -0,0 +1,7 @@
+node ec2aa3 {
+# Location: Amazon (eu-central-1b)
+#
+    include common::default_mageia_server
+    include mga_buildsystem::buildnode
+    timezone::timezone { 'Europe/Paris': }
+}
diff --git a/manifests/nodes/ec2x1.pp b/manifests/nodes/ec2x1.pp
new file mode 100644
index 00000000..4a0f5a0f
--- /dev/null
+++ b/manifests/nodes/ec2x1.pp
@@ -0,0 +1,7 @@
+node ec2x1 {
+# Location: Amazon (eu-central-1b)
+#
+    include common::default_mageia_server
+    include mga_buildsystem::buildnode
+    timezone::timezone { 'Europe/Paris': }
+}
diff --git a/manifests/nodes/ec2x2.pp b/manifests/nodes/ec2x2.pp
new file mode 100644
index 00000000..bf25cf8e
--- /dev/null
+++ b/manifests/nodes/ec2x2.pp
@@ -0,0 +1,7 @@
+node ec2x2 {
+# Location: Amazon (eu-central-1a)
+#
+    include common::default_mageia_server
+    include mga_buildsystem::buildnode
+    timezone::timezone { 'Europe/Paris': }
+}
diff --git a/manifests/nodes/ecosse.pp b/manifests/nodes/ecosse.pp
new file mode 100644
index 00000000..c7fa95e5
--- /dev/null
+++ b/manifests/nodes/ecosse.pp
@@ -0,0 +1,7 @@
+node ecosse {
+# Location: IELO datacenter (marseille)
+#
+    include common::default_mageia_server
+    include mga_buildsystem::buildnode
+    timezone::timezone { 'Europe/Paris': }
+}
diff --git a/manifests/nodes/fiona.pp b/manifests/nodes/fiona.pp
new file mode 100644
index 00000000..2093001a
--- /dev/null
+++ b/manifests/nodes/fiona.pp
@@ -0,0 +1,10 @@
+# backup server
+node fiona {
+# Location: IELO datacenter (marseille)
+#
+# TODO:
+# - install a backup system
+    include common::default_mageia_server
+    timezone::timezone { 'Europe/Paris': }
+#    include backups::server
+}
diff --git a/manifests/nodes/friteuse.pp b/manifests/nodes/friteuse.pp
new file mode 100644
index 00000000..b096021e
--- /dev/null
+++ b/manifests/nodes/friteuse.pp
@@ -0,0 +1,7 @@
+node friteuse {
+# Location: VM hosted on sucuk
+#
+    include common::default_mageia_server
+    timezone::timezone { 'Europe/Paris': }
+    include forums
+}
diff --git a/manifests/nodes/ncaa1.pp b/manifests/nodes/ncaa1.pp
new file mode 100644
index 00000000..b512939a
--- /dev/null
+++ b/manifests/nodes/ncaa1.pp
@@ -0,0 +1,7 @@
+node ncaa1 {
+# Location: Netcup, Vienna
+#
+    include common::default_mageia_server
+    include mga_buildsystem::buildnode
+    timezone::timezone { 'Europe/Paris': }
+}
diff --git a/manifests/nodes/neru.pp b/manifests/nodes/neru.pp
new file mode 100644
index 00000000..66958059
--- /dev/null
+++ b/manifests/nodes/neru.pp
@@ -0,0 +1,45 @@
+node neru {
+# Location: Scaleway Paris
+#
+    include common::default_mageia_server_no_smtp
+    timezone::timezone { 'Europe/Paris': }
+    include postfix::server::secondary
+    include blog::base
+    include blog::db_backup
+    include blog::files_bots
+    include blog::files_backup
+    include mysql::server
+    include dns::server
+
+    include planet
+    include websites::archives
+    include websites::static
+    include websites::hugs
+    include websites::releases
+    include websites::www
+    include websites::doc
+    include websites::start
+    include websites::meetbot
+    include dashboard
+    include access_classes::web
+    include openssh::ssh_keys_from_ldap
+
+    # temporary redirects for madb (2024-11) until it gets hosted on Mageia infra
+    apache::vhost_redirect { "madb.${::domain}":
+        url => "https://madb.mageialinux-online.org/",
+    }
+    apache::vhost_redirect { "ssl_madb.${::domain}":
+        use_ssl => true,
+        vhost => "madb.${::domain}",
+        url => "https://madb.mageialinux-online.org/",
+    }
+
+    openldap::slave_instance { '1':
+        rid => 1,
+    }
+
+    # http server for meetbot logs
+    include apache::base
+}
+# Other services running on this server :
+# - meetbot
diff --git a/manifests/nodes/ociaa1.pp b/manifests/nodes/ociaa1.pp
new file mode 100644
index 00000000..ce476665
--- /dev/null
+++ b/manifests/nodes/ociaa1.pp
@@ -0,0 +1,7 @@
+node ociaa1 {
+# Location: ?
+#
+    include common::default_mageia_server
+    include mga_buildsystem::buildnode
+    timezone::timezone { 'Europe/Paris': }
+}
diff --git a/manifests/nodes/pktaa1.pp b/manifests/nodes/pktaa1.pp
new file mode 100644
index 00000000..31f649c4
--- /dev/null
+++ b/manifests/nodes/pktaa1.pp
@@ -0,0 +1,7 @@
+node pktaa1 {
+# Location: Equinix Metal / SV - SJC1
+#
+    include common::default_mageia_server
+    include mga_buildsystem::buildnode
+    timezone::timezone { 'Europe/Paris': }
+}
diff --git a/manifests/nodes/rabbit.pp b/manifests/nodes/rabbit.pp
new file mode 100644
index 00000000..2436219b
--- /dev/null
+++ b/manifests/nodes/rabbit.pp
@@ -0,0 +1,32 @@
+node rabbit {
+# Location: IELO datacenter (marseille)
+#
+# - used to create isos ( and live, and so on )
+#
+    include common::default_mageia_server
+    timezone::timezone { 'Europe/Paris': }
+    include bcd::base
+    #include bcd::web
+    include bcd::rsync
+    include mga_buildsystem::buildnode
+    include draklive
+    include git::svn
+    include access_classes::iso_makers
+    include openssh::ssh_keys_from_ldap
+    # include mirror::mageia
+    include releasekey
+
+    youri-check::config {'config_cauldron':
+        version => 'cauldron',
+    }
+    youri-check::check {'check_cauldron':
+        version => 'cauldron',
+        hour    => '1-23/2',
+        minute  => 30
+    }
+
+    # for testing iso quickly
+    # include libvirtd::kvm
+    # libvirtd::group_access { 'mga-iso_makers': }
+
+}
diff --git a/manifests/nodes/sucuk.pp b/manifests/nodes/sucuk.pp
new file mode 100644
index 00000000..e56fd113
--- /dev/null
+++ b/manifests/nodes/sucuk.pp
@@ -0,0 +1,131 @@
+# server for various task
+node sucuk {
+# Location: IELO datacenter (marseille)
+    include common::default_mageia_server_no_smtp
+    timezone::timezone { 'Europe/Paris': }
+
+    include openssh::ssh_keys_from_ldap
+    include access_classes::admin
+
+    include postgresql::server
+    postgresql::tagged { 'default': }
+
+    class {'epoll::var':
+        db_password => extlookup('epoll_pgsql','x'),
+        password => extlookup('epoll_password','x'),
+    }
+    
+    #include epoll
+    #include epoll::create_db
+
+    include sympa::server
+    include postfix::server::primary
+    include lists
+
+    include catdap
+    include mga-mirrors
+
+    include wikis
+    include websites::perl
+    include websites::www
+    include websites::nav
+
+    include bugzilla
+
+    # gitweb
+    include repositories::git_mirror
+    include cgit
+    include gitmirror
+
+    include repositories::svn_mirror
+    include viewvc
+
+#    include mirrorbrain
+
+    include dns::server
+
+    include xymon::server
+    apache::vhost_simple { "xymon.${::domain}":
+        location => '/usr/share/xymon/www',
+    }
+
+    class { 'mgapeople':
+        ldap_server => "ldap.${::domain}",
+        binddn      => 'cn=mgapeople-alamut,ou=System Accounts,dc=mageia,dc=org',
+        bindpw      => extlookup('mgapeople_ldap','x'),
+        vhost       => "people.${::domain}",
+        vhostdir    => "/var/www/vhosts/people.${::domain}",
+        maintdburl  => "https://pkgsubmit.${::domain}/data/maintdb.txt",
+    }
+
+    class { 'mga-treasurer':
+        vhost    => "treasurer.${::domain}",
+        vhostdir => "/var/www/vhosts/treasurer.${::domain}",
+    }
+
+    youri-check::report_www { 'check': }
+
+    youri-check::createdb_user {'config_cauldron':
+        version => 'cauldron',
+    }
+
+    youri-check::config {'config_cauldron':
+        version => 'cauldron',
+    }
+    youri-check::report { 'report_cauldron':
+        version => 'cauldron',
+        hour    => '*/2',
+        minute  => '0'
+    }
+
+    youri-check::createdb_user {'config_9':
+        version => '9',
+    }
+
+    youri-check::config {'config_9':
+        version => '9',
+    }
+
+    youri-check::report {'report_9':
+        version => '9',
+        hour    => '*/4',
+        minute  => '56'
+    }
+
+    include tld_redirections
+
+    # temporary, just the time the vm is running there
+    host { 'friteuse':
+        ensure       => 'present',
+        ip           => '192.168.122.131',
+        host_aliases => [ "friteuse.${::domain}", "forums.${::domain}" ],
+    }
+
+    # to create all phpbb database on sucuk
+    phpbb::databases { $fqdn: }
+
+    apache::vhost::redirect_ssl { "forums.${::domain}": }
+    apache::vhost_redirect { "forum.${::domain}":
+        url => "https://forums.${::domain}/",
+    }
+    apache::vhost_redirect { "ssl_forum.${::domain}":
+        url     => "https://forums.${::domain}/",
+        vhost   => "forum.${::domain}",
+        use_ssl => true,
+    }
+
+    # forums is running in a VM on the machine so https: isn't necessary
+    apache::vhost::reverse_proxy { "ssl_forums.${::domain}":
+        url     => "http://forums.${::domain}/",
+        vhost   => "forums.${::domain}",
+        use_ssl => true,
+        content => '
+        RewriteEngine On
+        RewriteCond %{QUERY_STRING} mode=register
+        RewriteRule .*ucp.php - [forbidden]
+        ',
+    }
+
+    include libvirtd::kvm
+
+}
diff --git a/manifests/nodes_ip.pp b/manifests/nodes_ip.pp
new file mode 100644
index 00000000..38553b61
--- /dev/null
+++ b/manifests/nodes_ip.pp
@@ -0,0 +1,70 @@
+# Nodes IP addresses
+
+$nodes_ipaddr = {
+  neru => {
+    ipv4 => '163.172.148.228',
+    ipv6 => '2001:bc8:710:175f:dc00:ff:fe2d:c0ff',
+  },
+  ecosse => {
+    ipv4 => '212.85.158.148',
+    ipv6 => '2a02:2178:2:7::4',
+  },
+  fiona => {
+    ipv4 => '212.85.158.150',
+    ipv6 => '2a02:2178:2:7::6',
+  },
+  sucuk => {
+    ipv4 => '212.85.158.151',
+    ipv6 => '2a02:2178:2:7::7',
+  },
+  rabbit => {
+    ipv4 => '212.85.158.152',
+    ipv6 => '2a02:2178:2:7::8',
+  },
+  duvel => {
+    ipv4 => '212.85.158.153',
+    ipv6 => '2a02:2178:2:7::9',
+  },
+  armlet1 => {
+    ipv4 => '163.172.148.228',
+  },
+  armlet2 => {
+    ipv4 => '163.172.148.228',
+  },
+  friteuse => {
+    ipv4 => '192.168.122.131',
+  },
+  ec2aa1 => {
+    ipv6 => '2a05:d014:e9:2c02:98ca:ec83:c601:371a',
+  },
+  ec2aa2 => {
+    ipv6 => '2a05:d014:e9:2c03:b7e1:fda8:eab9:6692',
+  },
+  ec2aa3 => {
+    ipv6 => '2a05:d014:e9:2c03:17a8:1204:6df6:662c',
+  },
+  ec2aaauto => {
+    ipv6 => '2a05:d014:e9:2c03:c80d:e2d9:658d:4c28',
+  },
+  ec2x1 => {
+    ipv6 => '2a05:d014:e9:2c03:ce2e:f80a:bc2b:da0d',
+  },
+  ec2x2 => {
+    ipv6 => '2a05:d014:e9:2c02:42e4:6e93:ed55:7b2a',
+  },
+  pktaa1 => {
+    ipv4 => '147.75.69.246',
+  },
+  ociaa1 => {
+    ipv6 => '2603:c026:c101:f00::1:1',
+  },
+  ociaa2 => {
+    ipv6 => '2603:c026:c101:f00::1:2',
+  },
+  ncaa1 => {
+    ipv4 => '89.58.19.166',
+    ipv6 => '2a0a:4cc0:0:61c::1',
+  }
+}
+
+# vim: sw=2
diff --git a/manifests/site.pp b/manifests/site.pp
index 247f04cf..376c4213 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -1,3 +1,4 @@
-import "extlookup"
-import "common"
-import "nodes"
+import 'extlookup'
+import 'defaults'
+import 'nodes_ip'
+import 'nodes'