--- HIERA_SAFETY_CHECK: true # We are going to terminate SSL using ELBs nginx_enable_ssl: false stackname: "%{::aws_stackname}" app_domain: "%{::aws_stackname}.govuk.internal" app_domain_internal: '%{::aws_stackname}.govuk-internal.digital' deploy_jenkins_domain: "deploy.%{::aws_stackname}.%{::aws_environment}.govuk.digital" backup::mysql::alert_hostname: 'alert' node_class: &node_class account: apps: - account-api asset_master: apps: - asset_env_sync backend: apps: - asset-manager - cache-clearing-service - canary-backend - collections-publisher - contacts - content-data-admin - content-data-api - content-publisher - content-tagger - hmrc-manuals-api - imminence - link-checker-api - local-links-manager - manuals-publisher - maslow - publisher - release - search-admin - service-manual-publisher - short-url-manager - sidekiq-monitoring - signon - specialist-publisher - support - support-api - support_api_csv_env_sync - transition - travel-advice-publisher bouncer: apps: - bouncer cache: apps: - router content_store: apps: - content-store calculators_frontend: apps: - finder-frontend - licencefinder - smartanswers ckan: apps: - ckan draft_cache: apps: - authenticating-proxy - router - router-api draft_content_store: apps: - content-store draft_frontend: apps: - collections - email-alert-frontend - frontend - government-frontend - smartanswers - static email_alert_api: apps: - email-alert-api - email-alert-service frontend: apps: - canary-frontend - collections - email-alert-frontend - feedback - frontend - government-frontend - info-frontend - static locations_api: apps: - locations-api publishing_api: apps: - publishing-api router_backend: apps: - router-api search: apps: - search-api whitehall_backend: apps: - whitehall whitehall_frontend: apps: - whitehall govuk::node::s_base::node_apps: <<: *node_class govuk::node::s_graphite::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_graphite::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_java::repo::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" # Licensify is a special case because it is not a regular govuk app # so we only define a Jenkins deploy node app job for it. govuk_jenkins::deploy_all_apps::apps_on_nodes: <<: *node_class licensing_frontend: apps: - licensify licensing_backend: apps: - licensify-admin - licensify-feed # If the repository name is the same as the application name # we don't need to explicitly declare the repository, but we # need to add an empty hash deployable_applications: &deployable_applications ckan: repository: 'ckanext-datagovuk' govuk-puppet: {} licensify: {} licensify-admin: repository: 'licensify' licensify-feed: repository: 'licensify' sidekiq-monitoring: {} apt_mirror_hostname: 'apt.publishing.service.gov.uk' apt_mirror_gpg_key_fingerprint: '3803E444EB0235822AA36A66EC5FE1A937E3ACBB' apt::apt_update_frequency: 'daily' apt::purge_preferences_d: true apt::purge_sources_list: true apt::purge_sources_list_d: true apt::purge: preferences.d: true sources.list: true sources.list.d: true apt::sources: ubuntu: location: 'http://gb.archive.ubuntu.com/ubuntu/' release: '%{::lsbdistcodename}' repos: 'main restricted universe multiverse' ubuntu-updates: location: 'http://gb.archive.ubuntu.com/ubuntu/' release: '%{::lsbdistcodename}-updates' repos: 'main restricted universe multiverse' ubuntu-backports: location: 'http://gb.archive.ubuntu.com/ubuntu/' release: '%{::lsbdistcodename}-backports' repos: 'main restricted universe multiverse' ubuntu-security: location: 'http://gb.archive.ubuntu.com/ubuntu/' release: '%{::lsbdistcodename}-security' repos: 'main restricted universe multiverse' backup::repo::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" backup::repo::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" base::packages::gems: ruby-shadow: ensure: 2.5.0 base::packages::packages: - 'ack-grep' - 'bzip2' - 'daemontools' - 'dnsutils' - 'dstat' - 'gettext' - 'htop' - 'iftop' - 'iotop' - 'iptraf' - 'less' - 'libc6-dev' - 'libcurl4-openssl-dev' - 'libreadline-dev' - 'libreadline5' - 'libsqlite3-dev' - 'libxml2-dev' - 'libxslt1-dev' - 'liblzma-dev' - 'linux-image-4.4.0-231-generic' - 'logtail' - 'mailutils' - 'man-db' - 'manpages' - 'ncdu' - 'pv' - 'strace' - 'tar' - 'tcpdump' - 'tmux' - 'tree' - 'update-notifier-common' - 'unzip' - 'vim-nox' - 'xz-utils' - 'zip' collectd::plugin::tcp::metrics: - 'ListenOverflows' - 'ListenDrops' - 'TCPLoss' - 'TCPTimeouts' - 'TCPFastRetrans' - 'TCPLostRetransmit' - 'TCPForwardRetrans' - 'TCPSlowStartRetrans' - 'CurrEstab' - 'TCPAbortOnMemory' - 'TCPBacklogDrop' - 'AttemptFails' - 'EstabResets' - 'InErrs' - 'ActiveOpens' - 'PassiveOpens' collectd::package::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" collectd::package::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" collectd::plugin::docker::repo: "https://github.com/alphagov/docker-collectd-plugin.git" collectd::plugin::docker::commit: "e3e520e665d56a3d0b1d3bb697c0504d4494012d" duplicity::packages::version: '0.7.11-0ubuntu0ppa1263~ubuntu14.04.1' filebeat::prospectors: apt-history: paths: - '/var/log/apt/history.log' tags: - 'history' fields: application: 'apt' multiline: pattern: '^$' negate: true match: 'after' timeout: 30 apt-term: paths: - '/var/log/apt/term.log' tags: - 'term' fields: application: 'apt' dpkg: paths: - '/var/log/dpkg.log' fields: application: 'dpkg' syslog: paths: - '/var/log/syslog' - '/var/log/auth.log' fields: application: 'syslog' unattended-upgrades: paths: - '/var/log/unattended-upgrades/unattended-upgrades.log' tags: - 'unattended' fields: application: 'apt' unattended-upgrades-shutdown: paths: - '/var/log/unattended-upgrades/unattended-upgrades-shutdown.log' tags: - 'unattended' fields: application: 'apt' gdal::repo::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" gdal::repo::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk::apps::publisher::port: 3000 govuk::apps::imminence::port: 3002 govuk::apps::frontend::port: 3005 govuk::apps::smartanswers::port: 3010 govuk::apps::static::port: 3013 govuk::apps::licencefinder::port: 3014 govuk::apps::signon::port: 3016 govuk::apps::whitehall::port: 3020 govuk::apps::feedback::port: 3028 govuk::apps::support::port: 3031 govuk::apps::travel_advice_publisher::port: 3035 govuk::apps::release::port: 3036 govuk::apps::asset_manager::port: 3037 # asset-manager sidekiq monitoring uses 3038 govuk::apps::transition::port: 3044 govuk::apps::bouncer::port: 3049 govuk::apps::contacts::port: 3051 govuk::apps::maslow::port: 3053 govuk::apps::router::port: 3054 govuk::apps::router::api_port: 3055 govuk::apps::router_api::port: 3056 govuk::apps::finder_frontend::port: 3062 govuk::apps::specialist_publisher::port: 3064 govuk::apps::content_store::port: 3068 govuk::apps::collections::port: 3070 govuk::apps::hmrc_manuals_api::port: 3071 govuk::apps::search_admin::port: 3073 govuk::apps::support_api::port: 3075 govuk::apps::short_url_manager::port: 3076 govuk::apps::collections_publisher::port: 3078 # publisher sidekiq monitoring uses 3079 # signon sidekiq monitoring uses 3080 # whitehall sidekiq monitoring uses 3081 govuk::apps::info_frontend::port: 3085 # transition sidekiq monitoring uses 3086 govuk::apps::email_alert_api::port: 3088 # email-alert-api sidekiq monitoring uses 3089 govuk::apps::government_frontend::port: 3090 govuk::apps::publishing_api::port: 3093 govuk::apps::email_alert_frontend::port: 3099 govuk::apps::backdrop_read::port: 3101 govuk::apps::backdrop_write::port: 3102 govuk::apps::authenticating_proxy::port: 3107 govuk::apps::service_manual_publisher::port: 3111 # publishing-api sidekiq monitoring uses 3114 govuk::apps::content_tagger::port: 3116 # imminence sidekiq monitoring uses 3120 govuk::apps::local_links_manager::port: 3121 govuk::apps::service_manual_frontend::port: 3122 # content-tagger sidekiq monitoring uses 3125 # travel-advice-publisher sidekiq monitoring uses 3203 govuk::apps::manuals_publisher::port: 3205 govuk::apps::link_checker_api::port: 3208 # link-checker-api sidekiq monitoring uses 3209 # specialist-publisher sidekiq monitoring uses 3210 # manuals-publisher sidekiq monitoring uses 3214 # support-api sidekiq monitoring uses 3215 # collections-publisher sidekiq monitoring uses 3216 govuk::apps::ckan::port: 3220 govuk::apps::ckan::pycsw_port: 3221 govuk::apps::content_publisher::port: 3221 govuk::apps::content_data_admin::port: 3230 govuk::apps::search_api::port: 3233 # search-api sidekiq monitoring uses 3234 govuk::apps::content_data_api::port: 3235 # content-publisher sidekiq monitoring uses 3236 # content-data-api sidekiq monitoring uses 3239 # content-data-admin sidekiq monitoring uses 3240 # search-admin sidekiq monitoring uses 3241 # sidekiq monitoring uses 3242 govuk::apps::account_api::port: 3243 # account-api sidekiq monitoring uses 3244 govuk::apps::locations_api::port: 3245 # locations-api sidekiq monitoring uses 3246 govuk::apps::asset_manager::jwt_auth_secret: "%{hiera('jwt_auth_secret')}" govuk::apps::asset_manager::mongodb_nodes: - 'mongo-1' - 'mongo-2' - 'mongo-3' govuk::apps::asset_manager::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::asset_manager::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::asset_manager::unicorn_worker_processes: "16" govuk::apps::authenticating_proxy::db_hostname: "authenticating-proxy-postgres" govuk::apps::authenticating_proxy::db_password: "%{hiera('govuk::apps::authenticating_proxy::db::password')}" govuk::apps::authenticating_proxy::db::backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::apps::authenticating_proxy::db::allow_auth_from_lb: true govuk::apps::authenticating_proxy::db::lb_ip_range: "%{hiera('environment_ip_prefix')}.0.0/16" govuk::apps::authenticating_proxy::jwt_auth_secret: "%{hiera('jwt_auth_secret')}" govuk::apps::bouncer::db_hostname: "transition-postgresql-standby" govuk::apps::bouncer::postgresql_role::rds: true govuk::apps::bouncer::unicorn_worker_processes: "8" govuk::apps::cache_clearing_service::enabled: false govuk::apps::cache_clearing_service::rabbitmq::enabled: false govuk::apps::cache_clearing_service::rabbitmq_url: "" govuk::apps::cache_clearing_service::rabbitmq_hosts: [rabbitmq] govuk::apps::cache_clearing_service::rabbitmq::queue_size_critical_threshold: 100000 govuk::apps::cache_clearing_service::rabbitmq::queue_size_warning_threshold: 80000 govuk::apps::ckan::db_hostname: "ckan-postgres" govuk::apps::ckan::db::backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::apps::ckan::db::allow_auth_from_lb: true govuk::apps::ckan::db::lb_ip_range: "%{hiera('environment_ip_prefix')}.0.0/16" govuk::apps::ckan::db::rds: true govuk::apps::ckan::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::ckan::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::ckan::ckan_site_url: "http://ckan.dev.gov.uk" govuk::apps::ckan::gunicorn_worker_processes: "8" govuk::apps::ckan::s3_aws_access_key_id: "%{hiera('s3_aws_access_key_id')}" govuk::apps::ckan::s3_aws_secret_access_key: "%{hiera('s3_aws_secret_access_key')}" govuk::apps::collections::unicorn_worker_processes: 8 govuk::apps::collections_publisher::db_hostname: "collections-publisher-mysql" govuk::apps::collections_publisher::jwt_auth_secret: "%{hiera('jwt_auth_secret')}" govuk::apps::collections_publisher::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::collections_publisher::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::contacts::db_hostname: "contacts-admin-mysql" govuk::apps::contacts::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::contacts::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::content_data_admin::db_hostname: "content-data-admin-postgres" govuk::apps::content_data_admin::db::backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::apps::content_data_admin::db::allow_auth_from_lb: true govuk::apps::content_data_admin::db::lb_ip_range: "%{hiera('environment_ip_prefix')}.0.0/16" govuk::apps::content_data_admin::db::rds: true govuk::apps::content_data_admin::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::content_data_admin::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::content_data_api::rabbitmq_user: "content_data_api" govuk::apps::content_data_api::rabbitmq_password: "%{hiera('govuk::apps::content_data_api::rabbitmq::amqp_pass')}" govuk::apps::content_data_api::db_hostname: "content-data-api-postgresql-primary" govuk::apps::content_data_api::db::lb_ip_range: "%{hiera('environment_ip_prefix')}.0.0/16" govuk::apps::content_data_api::rabbitmq_hosts: - rabbitmq govuk::apps::content_data_api::rabbitmq_url: "" govuk::apps::content_data_api::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::content_data_api::redis_port: "%{hiera('sidekiq_port')}" # Temporarily match up the Content Data API and Content Performance # Manager database name and user, to make it easier to sync the # Content Performance Manager database over govuk::apps::content_data_api::db_name: "content_performance_manager_production" govuk::apps::content_data_api::db_username: "content_performance_manager" govuk::apps::content_publisher::db_hostname: "content-publisher-postgres" govuk::apps::content_publisher::backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::apps::content_publisher::db::allow_auth_from_lb: true govuk::apps::content_publisher::db::lb_ip_range: "%{hiera('environment_ip_prefix')}.0.0/16" govuk::apps::content_publisher::db::rds: true govuk::apps::content_publisher::jwt_auth_secret: "%{hiera('jwt_auth_secret')}" govuk::apps::content_publisher::aws_region: "eu-west-1" govuk::apps::content_publisher::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::content_publisher::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::content_store::unicorn_worker_processes: "15" govuk::apps::content_tagger::db_hostname: "content-tagger-postgres" govuk::apps::content_tagger::db::backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::apps::content_tagger::db::allow_auth_from_lb: true govuk::apps::content_tagger::db::lb_ip_range: "%{hiera('environment_ip_prefix')}.0.0/16" govuk::apps::content_tagger::enable_procfile_worker: false govuk::apps::content_tagger::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::content_tagger::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::email_alert_api::enabled: true govuk::apps::email_alert_api::db::backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::apps::email_alert_api::db::allow_auth_from_lb: true govuk::apps::email_alert_api::db::lb_ip_range: "%{hiera('environment_ip_prefix')}.0.0/16" govuk::apps::email_alert_api::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::email_alert_api::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::email_alert_api::db_hostname: "email-alert-api-postgres" govuk::apps::email_alert_api::db_password: "%{hiera('govuk::apps::email_alert_api::db::password')}" govuk::apps::email_alert_api::unicorn_worker_processes: '10' govuk::apps::email_alert_api::govuk_personalisation_feedback_uri: "%{hiera('govuk::apps::static::govuk_personalisation_feedback_uri')}" govuk::apps::email_alert_frontend::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::email_alert_frontend::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::email_alert_service::amazonmq_monitoring::queue_size_critical_threshold: 25 govuk::apps::email_alert_service::amazonmq_monitoring::queue_size_warning_threshold: 5 govuk::apps::email_alert_service::enabled: true govuk::apps::email_alert_service::rabbitmq_url: "" govuk::apps::email_alert_service::rabbitmq_hosts: - rabbitmq govuk::apps::email_alert_service::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::email_alert_service::rabbitmq::queue_size_critical_threshold: 25 govuk::apps::email_alert_service::rabbitmq::queue_size_warning_threshold: 5 govuk::apps::email_alert_service::enable_unpublishing_queue_consumer: true govuk::apps::email_alert_service::enable_subscriber_list_update_queue_consumers: true govuk::apps::feedback::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::feedback::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::finder_frontend::enabled: true govuk::apps::finder_frontend::unicorn_worker_processes: "6" govuk::apps::frontend::elections_api_url: "https://api.electoralcommission.org.uk/api/v1" govuk::apps::frontend::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::frontend::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::frontend::unicorn_worker_processes: "4" govuk::apps::government_frontend::unicorn_worker_processes: "8" govuk::apps::imminence::db_hostname: "imminence-postgres" govuk::apps::imminence::db_password: "%{hiera('govuk::apps::imminence::db::password')}" govuk::apps::imminence::db::backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::apps::imminence::db::allow_auth_from_lb: true govuk::apps::imminence::db::lb_ip_range: "%{hiera('environment_ip_prefix')}.0.0/16" govuk::apps::link_checker_api::db_hostname: "link-checker-api-postgres" govuk::apps::link_checker_api::db::backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::apps::link_checker_api::db::allow_auth_from_lb: true govuk::apps::link_checker_api::db::lb_ip_range: "%{hiera('environment_ip_prefix')}.0.0/16" govuk::apps::link_checker_api::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::link_checker_api::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::locations_api::enabled: true govuk::apps::locations_api::db::backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::apps::locations_api::db::allow_auth_from_lb: true govuk::apps::locations_api::db::lb_ip_range: "%{hiera('environment_ip_prefix')}.0.0/16" govuk::apps::locations_api::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::locations_api::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::locations_api::db_hostname: "locations-api-postgres" govuk::apps::locations_api::db_password: "%{hiera('govuk::apps::locations_api::db::password')}" govuk::apps::locations_api::unicorn_worker_processes: '16' govuk::apps::manuals_publisher::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::manuals_publisher::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::publisher::alert_hostname: 'alert' govuk::apps::publisher::jwt_auth_secret: "%{hiera('jwt_auth_secret')}" govuk::apps::publisher::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::publisher::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::short_url_manager::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::short_url_manager::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::support_api::zendesk_client_username: 'zd-api-govt@digital.cabinet-office.gov.uk/token' govuk::apps::whitehall::admin_db_hostname: 'whitehall-mysql' govuk::apps::whitehall::admin_key_space_limit: '262144' govuk::apps::whitehall::admin_db_name: whitehall_production govuk::apps::whitehall::admin_db_password: "%{hiera('govuk::apps::whitehall::db::mysql_whitehall_admin')}" govuk::apps::whitehall::admin_db_username: whitehall govuk::apps::whitehall::db_hostname: 'whitehall-mysql' govuk::apps::whitehall::db_name: whitehall_production govuk::apps::whitehall::db_password: "%{hiera('govuk::apps::whitehall::db::mysql_whitehall')}" govuk::apps::whitehall::db_username: whitehall_fe govuk::apps::whitehall::jwt_auth_secret: "%{hiera('jwt_auth_secret')}" govuk::apps::whitehall::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::whitehall::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::whitehall::db::whitehall_fe_password: "%{hiera('mysql_whitehall_frontend')}" govuk::apps::imminence::mongodb_nodes: - 'mongo-1' - 'mongo-2' - 'mongo-3' govuk::apps::imminence::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::imminence::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::imminence::unicorn_worker_processes: "8" govuk::apps::info_frontend::enabled: true govuk::apps::local_links_manager::db_hostname: "local-links-manager-postgres" govuk::apps::local_links_manager::db::backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::apps::local_links_manager::db::allow_auth_from_lb: true govuk::apps::local_links_manager::db::lb_ip_range: "%{hiera('environment_ip_prefix')}.0.0/16" govuk::apps::local_links_manager::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::local_links_manager::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::local_links_manager::unicorn_worker_processes: "4" govuk::apps::search_api::rabbitmq_hosts: - rabbitmq govuk::apps::licencefinder::mongodb_nodes: - 'mongo-1' - 'mongo-2' - 'mongo-3' govuk::apps::publishing_api::unicorn_worker_processes: "8" govuk::apps::publishing_api::content_store: "https://content-store.%{hiera('app_domain')}" govuk::apps::publishing_api::db_hostname: "publishing-api-postgres" govuk::apps::publishing_api::draft_content_store: "https://draft-content-store.%{hiera('app_domain')}" govuk::apps::publishing_api::rabbitmq_url: "" # Separate variables for self-hosted RabbitMQ govuk::apps::publishing_api::rabbitmq_hosts: - rabbitmq govuk::apps::publishing_api::rabbitmq_password: "%{hiera('govuk::apps::publishing_api::rabbitmq::amqp_pass')}" govuk::apps::publishing_api::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::publishing_api::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::publishing_api::db::backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::apps::publishing_api::db::allow_auth_from_lb: true govuk::apps::publishing_api::db::lb_ip_range: "%{hiera('environment_ip_prefix')}.0.0/16" govuk::apps::release::db_hostname: "release-mysql" govuk::apps::release::db_username: "release" govuk::apps::release::db_password: "%{hiera('govuk::apps::release::db::mysql_release')}" govuk::apps::release::github_username: "govuk-ci" govuk::apps::search_api::enable_bulk_reindex_listener: false govuk::apps::search_api::enable_publishing_listener: false govuk::apps::search_api::enable_govuk_index_listener: false govuk::apps::search_api::rabbitmq_url: "" govuk::apps::search_api::rabbitmq::enable_bulk_reindex_listener: true govuk::apps::search_api::rabbitmq::enable_govuk_index_listener: true govuk::apps::search_api::rabbitmq::enable_publishing_listener: true govuk::apps::search_api::rabbitmq_user: 'search-api' govuk::apps::search_api::redis_host: 'backend-redis' govuk::apps::search_api::redis_port: '6379' govuk::apps::search_api::unicorn_worker_processes: "9" govuk::apps::search_admin::db_name: 'search_admin_production' govuk::apps::search_admin::db_hostname: 'search-admin-mysql' govuk::apps::search_admin::db_password: "%{hiera('govuk::apps::search_admin::db::mysql_search_admin')}" govuk::apps::search_admin::db_username: 'search_admin' govuk::apps::search_admin::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::search_admin::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::service_manual_publisher::http_username: "%{hiera('http_username')}" govuk::apps::service_manual_publisher::http_password: "%{hiera('http_password')}" govuk::apps::service_manual_publisher::db_hostname: "service-manual-publisher-postgres" govuk::apps::service_manual_publisher::db::backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::apps::service_manual_publisher::db::allow_auth_from_lb: true govuk::apps::service_manual_publisher::db::lb_ip_range: "%{hiera('environment_ip_prefix')}.0.0/16" govuk::apps::sidekiq_monitoring::account_api_redis_host: "%{hiera('govuk::apps::account_api::redis_host')}" govuk::apps::sidekiq_monitoring::account_api_redis_port: "%{hiera('govuk::apps::account_api::redis_port')}" govuk::apps::sidekiq_monitoring::asset_manager_redis_host: "%{hiera('govuk::apps::asset_manager::redis_host')}" govuk::apps::sidekiq_monitoring::asset_manager_redis_port: "%{hiera('govuk::apps::asset_manager::redis_port')}" govuk::apps::sidekiq_monitoring::collections_publisher_redis_host: "%{hiera('govuk::apps::collections_publisher::redis_host')}" govuk::apps::sidekiq_monitoring::collections_publisher_redis_port: "%{hiera('govuk::apps::collections_publisher::redis_port')}" govuk::apps::sidekiq_monitoring::content_data_admin_redis_host: "%{hiera('govuk::apps::content_data_admin::redis_host')}" govuk::apps::sidekiq_monitoring::content_data_admin_redis_port: "%{hiera('govuk::apps::content_data_admin::redis_port')}" govuk::apps::sidekiq_monitoring::content_data_api_redis_host: "%{hiera('govuk::apps::content_data_api::redis_host')}" govuk::apps::sidekiq_monitoring::content_data_api_redis_port: "%{hiera('govuk::apps::content_data_api::redis_port')}" govuk::apps::sidekiq_monitoring::content_publisher_redis_host: "%{hiera('govuk::apps::content_publisher::redis_host')}" govuk::apps::sidekiq_monitoring::content_publisher_redis_port: "%{hiera('govuk::apps::content_publisher::redis_port')}" govuk::apps::sidekiq_monitoring::content_tagger_redis_host: "%{hiera('govuk::apps::content_tagger::redis_host')}" govuk::apps::sidekiq_monitoring::content_tagger_redis_port: "%{hiera('govuk::apps::content_tagger::redis_port')}" govuk::apps::sidekiq_monitoring::email_alert_api_redis_host: "%{hiera('govuk::apps::email_alert_api::redis_host')}" govuk::apps::sidekiq_monitoring::email_alert_api_redis_port: "%{hiera('govuk::apps::email_alert_api::redis_port')}" govuk::apps::sidekiq_monitoring::imminence_redis_host: "%{hiera('govuk::apps::imminence::redis_host')}" govuk::apps::sidekiq_monitoring::imminence_redis_port: "%{hiera('govuk::apps::imminence::redis_port')}" govuk::apps::sidekiq_monitoring::link_checker_api_redis_host: "%{hiera('govuk::apps::link_checker_api::redis_host')}" govuk::apps::sidekiq_monitoring::link_checker_api_redis_port: "%{hiera('govuk::apps::link_checker_api::redis_port')}" govuk::apps::sidekiq_monitoring::locations_api_redis_host: "%{hiera('govuk::apps::locations_api::redis_host')}" govuk::apps::sidekiq_monitoring::locations_api_redis_port: "%{hiera('govuk::apps::locations_api::redis_port')}" govuk::apps::sidekiq_monitoring::manuals_publisher_redis_host: "%{hiera('govuk::apps::manuals_publisher::redis_host')}" govuk::apps::sidekiq_monitoring::manuals_publisher_redis_port: "%{hiera('govuk::apps::manuals_publisher::redis_port')}" govuk::apps::sidekiq_monitoring::publisher_redis_host: "%{hiera('govuk::apps::publisher::redis_host')}" govuk::apps::sidekiq_monitoring::publisher_redis_port: "%{hiera('govuk::apps::publisher::redis_port')}" govuk::apps::sidekiq_monitoring::publishing_api_redis_host: "%{hiera('govuk::apps::publishing_api::redis_host')}" govuk::apps::sidekiq_monitoring::publishing_api_redis_port: "%{hiera('govuk::apps::publishing_api::redis_port')}" govuk::apps::sidekiq_monitoring::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::sidekiq_monitoring::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::sidekiq_monitoring::search_admin_redis_host: "%{hiera('govuk::apps::search_admin::redis_host')}" govuk::apps::sidekiq_monitoring::search_admin_redis_port: "%{hiera('govuk::apps::search_admin::redis_port')}" govuk::apps::sidekiq_monitoring::search_api_redis_host: "%{hiera('govuk::apps::search_api::redis_host')}" govuk::apps::sidekiq_monitoring::search_api_redis_port: "%{hiera('govuk::apps::search_api::redis_port')}" govuk::apps::sidekiq_monitoring::signon_redis_host: "%{hiera('govuk::apps::signon::redis_host')}" govuk::apps::sidekiq_monitoring::signon_redis_port: "%{hiera('govuk::apps::signon::redis_port')}" govuk::apps::sidekiq_monitoring::specialist_publisher_redis_host: "%{hiera('govuk::apps::specialist_publisher::redis_host')}" govuk::apps::sidekiq_monitoring::specialist_publisher_redis_port: "%{hiera('govuk::apps::specialist_publisher::redis_port')}" govuk::apps::sidekiq_monitoring::support_api_redis_host: "%{hiera('govuk::apps::support_api::redis_host')}" govuk::apps::sidekiq_monitoring::support_api_redis_port: "%{hiera('govuk::apps::support_api::redis_port')}" govuk::apps::sidekiq_monitoring::transition_redis_host: "%{hiera('govuk::apps::transition::redis_host')}" govuk::apps::sidekiq_monitoring::transition_redis_port: "%{hiera('govuk::apps::transition::redis_port')}" govuk::apps::sidekiq_monitoring::travel_advice_publisher_redis_host: "%{hiera('govuk::apps::travel_advice_publisher::redis_host')}" govuk::apps::sidekiq_monitoring::travel_advice_publisher_redis_port: "%{hiera('govuk::apps::travel_advice_publisher::redis_port')}" govuk::apps::sidekiq_monitoring::whitehall_redis_host: "%{hiera('govuk::apps::whitehall::redis_host')}" govuk::apps::sidekiq_monitoring::whitehall_redis_port: "%{hiera('govuk::apps::whitehall::redis_port')}" govuk::apps::signon::db_hostname: 'signon-mysql' govuk::apps::signon::db_name: 'signon_production' govuk::apps::signon::db_password: "%{hiera('govuk::apps::signon::db::mysql_signonotron')}" govuk::apps::signon::db_username: 'signon' govuk::apps::signon::redis_url: "redis://backend-redis:6379/0" govuk::apps::signon::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::signon::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::signon::unicorn_worker_processes: "4" govuk::apps::specialist_publisher::enabled: true govuk::apps::specialist_publisher::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::specialist_publisher::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::smartanswers::unicorn_worker_processes: "4" govuk::apps::smartanswers::zendesk_client_username: 'zd-api-govt@digital.cabinet-office.gov.uk/token' govuk::apps::smokey::smokey_signon_email: "%{hiera('smokey_signon_email')}" govuk::apps::smokey::smokey_signon_password: "%{hiera('smokey_signon_password')}" govuk::apps::smokey::smokey_bearer_token: "%{hiera('smokey_bearer_token')}" govuk::apps::smokey::rate_limit_token: "%{hiera('smokey_rate_limit_token')}" govuk::apps::static::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::static::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::static::unicorn_worker_processes: "8" govuk::apps::support::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::support::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::support::zendesk_anonymous_ticket_email: 'zd-api-public@digital.cabinet-office.gov.uk' govuk::apps::support::zendesk_client_username: 'zd-api-govt@digital.cabinet-office.gov.uk/token' govuk::apps::support_api::db_name: 'support_contacts_production' govuk::apps::support_api::db_hostname: "support-api-postgres" govuk::apps::support_api::db_password: "%{hiera('govuk::apps::support_api::db::password')}" govuk::apps::support_api::db_username: 'support_contacts' govuk::apps::support_api::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::support_api::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::support_api::db::backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::apps::support_api::db::allow_auth_from_lb: true govuk::apps::support_api::db::lb_ip_range: "%{hiera('environment_ip_prefix')}.0.0/16" govuk::apps::transition::db_password: "%{hiera('govuk::apps::transition::postgresql_db::password')}" govuk::apps::transition::db_hostname: "transition-postgresql-primary" govuk::apps::transition::postgresql_db::backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::apps::transition::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::transition::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::travel_advice_publisher::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::travel_advice_publisher::redis_port: "%{hiera('sidekiq_port')}" govuk::apps::account_api::db_hostname: "account-api-postgres" govuk::apps::account_api::db::backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::apps::account_api::db::allow_auth_from_lb: true govuk::apps::account_api::db::lb_ip_range: "%{hiera('environment_ip_prefix')}.0.0/16" govuk::apps::account_api::enable_procfile_worker: false govuk::apps::account_api::redis_host: "%{hiera('sidekiq_host')}" govuk::apps::account_api::redis_port: "%{hiera('sidekiq_port')}" govuk_awscli::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_awscli::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_awscloudwatch::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_awscloudwatch::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk::apps::authenticating_proxy::db::rds: true govuk::apps::content_data_api::db::rds: true govuk::apps::content_tagger::db::rds: true govuk::apps::email_alert_api::db::rds: true govuk::apps::imminence::db::rds: true govuk::apps::link_checker_api::db::rds: true govuk::apps::local_links_manager::db::rds: true govuk::apps::locations_api::db::rds: true govuk::apps::publishing_api::db::rds: true govuk::apps::service_manual_publisher::db::rds: true govuk::apps::support_api::db::rds: true govuk::apps::account_api::db::rds: true govuk::apps::transition::postgresql_db::rds: true govuk_beat::repo::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_ci::agent::gcloud::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_ci::agent::gcloud::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk::deploy::config::app_domain: "%{hiera('app_domain')}" govuk::deploy::config::asset_root: "https://assets.%{hiera('app_domain')}" govuk::deploy::config::website_root: "https://www.%{hiera('app_domain')}" govuk::deploy::setup::gemstash_server: 'http://gemstash' govuk::deploy::sync::jenkins_domain: "deploy.%{hiera('app_domain_internal')}" govuk::deploy::sync::auth_token: "%{hiera('govuk_jenkins::deploy_all_apps::auth_token')}" govuk_gor::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_gor::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_htpasswd::http_username: "%{hiera('http_username')}" govuk_jenkins::packages::gcloud::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_jenkins::packages::gcloud::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_jenkins::packages::terraform::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_jenkins::packages::terraform::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_jenkins::packages::sops::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_jenkins::packages::sops::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_jenkins::jobs::deploy_app::graphite_host: "graphite.%{hiera('app_domain_internal')}" govuk_jenkins::jobs::deploy_app::graphite_port: '443' govuk_jenkins::deploy_all_apps::deploy_environment: "%{hiera('govuk_jenkins::job_builder::environment')}" govuk::node::s_api_redis::allowed_api_ip_range: "%{hiera('environment_ip_prefix')}.4.0/24" govuk::node::s_api_redis::allowed_backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::node::s_apt::apt_service: 'apt' govuk::node::s_apt::gemstash_service: 'gemstash' govuk::node::s_apt::private_gpg_key_fingerprint: "%{hiera('apt_mirror_gpg_key_fingerprint')}" govuk::node::s_asset_base::alert_hostname: 'alert' govuk::node::s_asset_base::firewall_allow_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24" govuk::node::s_base::log_remote: false govuk::node::s_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_db_admin::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk::node::s_account_api_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_authenticating_proxy_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_ckan_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_content_data_admin_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_content_data_api_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_content_publisher_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_content_tagger_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_email_alert_api_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_imminence_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_link_checker_api_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_local_links_manager_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_locations_api_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_publishing_api_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_service_manual_publisher_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_support_api_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_gatling::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_gatling::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk::node::s_gatling::repo: 'git@github.com:alphagov/govuk-load-testing.git' govuk::node::s_gatling::ssh_public_key: "%{hiera('govuk_jenkins::ssh_key::public_key')}" govuk::node::s_gatling::ssh_private_key: "%{hiera('govuk_jenkins::ssh_key::private_key')}" govuk::node::s_licensing_backend::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_licensing_backend::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk::node::s_licensing_frontend::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk::node::s_licensing_frontend::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk::node::s_mysql_master::aws_access_key_id: "%{hiera('govuk::node::s_mysql_backup::aws_access_key_id')}" govuk::node::s_mysql_master::aws_secret_access_key: "%{hiera('govuk::node::s_mysql_backup::aws_secret_access_key')}" govuk::node::s_mysql_master::encryption_key: "%{hiera('govuk::node::s_mysql_backup::encryption_key')}" govuk::node::s_transition_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_bundler::config::service: 'http://gemstash' govuk_postgresql::mirror::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_postgresql::mirror::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_prometheus_node_exporter::repo::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_prometheus_node_exporter::repo::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_prometheus::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_prometheus::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_ppa::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_ppa::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_python::govuk_python_version: '2.7.14' govuk_sshkeys::deployment_keys: github.com: key: 'AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk=' github.digital.cabinet-office.gov.uk: key: 'AAAAB3NzaC1yc2EAAAADAQABAAABAQC5y+7bm9YIMJXYbSdk2pVzl/w110eFrLIvirT4HKYATp7pxV454T2YoWIvIbtKF7GKz1SwX79uKePmwFKBQ8LIYlmFBbcYf8j3Jl9Px4vcmDPkWjZlfg/aqZUJI3WqwVCNelYM+RTlgtDsME8hIK2FbyPIjotF1WRsE1JgsMLfpzK/rVACGbktfQdmgY+56Ze9WA/rfCCKvrCtdavFR1rNxwkjm+GMImlcgmYTIT8BCEM2pkK0dIEJwKJWBVyyRBcTwHZDgvfVM/EyEfe+gIsgiQTORa1JaScHntH7Q7CBagpXvQHr/tSngGvbSBM1vMRLdtrw8BF5//AmNLOW3glZ' govuk_cdnlogs::use_tls: '0' govuk_cdnlogs::service_port_map: govuk: 6514 assets: 6515 bouncer: 6516 govuk_ci::master::pipeline_jobs: <<: *deployable_applications govuk-jenkinslib: {} licensify: branches_to_exclude: - 'release*' - 'deployed-to-integration' - 'licensify-deployed-to-integration' - 'licensify-admin-deployed-to-integration' - 'licensify-feed-deployed-to-integration' - 'deployed-to-staging' - 'licensify-deployed-to-staging' - 'licensify-admin-deployed-to-staging' - 'licensify-feed-deployed-to-staging' - 'deployed-to-production' - 'licensify-deployed-to-production' - 'licensify-admin-deployed-to-production' - 'licensify-feed-deployed-to-production' - 'integration' - 'staging' - 'production' govuk_ci::master::ci_agents: ci-agent-1: agent_hostname: ci-agent-1.blue.%{hiera('app_domain_internal')} labels: 'mongodb-2.4 ci-agent-1 elasticsearch-6.7 terraform postgresql-9.6' ci-agent-2: agent_hostname: ci-agent-2.blue.%{hiera('app_domain_internal')} labels: 'mongodb-2.4 ci-agent-2 elasticsearch-6.7 terraform postgresql-9.6' ci-agent-3: agent_hostname: ci-agent-3.blue.%{hiera('app_domain_internal')} labels: 'mongodb-2.4 ci-agent-3 elasticsearch-6.7 terraform postgresql-9.6' ci-agent-4: agent_hostname: ci-agent-4.blue.%{hiera('app_domain_internal')} labels: 'mongodb-3.2 ci-agent-4 elasticsearch-6.7 terraform postgresql-9.6' ci-agent-5: agent_hostname: ci-agent-5.blue.%{hiera('app_domain_internal')} exclusive: true executors: 1 labels: 'licensify' govuk_ci::master::credentials_id: 'jenkins-ssh-slave' govuk_ci::agent::master_ssh_key: "%{hiera('govuk_jenkins::ssh_key::public_key')}" govuk_docker::version: "18.06.1~ce~3-0~ubuntu" govuk_docker::repo::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_docker::repo::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_jenkins::package::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_jenkins::package::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_jenkins::config::github_api_uri: "https://api.github.com" govuk_jenkins::config::github_web_uri: "https://github.com" govuk_jenkins::jobs::deploy_app::app_domain: "%{hiera('app_domain')}" govuk_jenkins::jobs::passive_checks::alert_hostname: 'alert' govuk_jenkins::jobs::deploy_app::applications: *deployable_applications govuk_jenkins::jobs::deploy_app_downstream::applications: account-api: {} asset-manager: {} authenticating-proxy: {} bouncer: {} cache-clearing-service: healthcheck_urls: [] # done implicitly as part of app restart script collections: {} collections-publisher: {} contacts: healthcheck_urls: - "https://contacts-admin.%{hiera('app_domain_internal')}/healthcheck/ready" repository: "contacts-admin" content-data-admin: healthcheck_urls: - "https://content-data.%{hiera('app_domain_internal')}/healthcheck/ready" content-data-api: {} content-publisher: {} content-store: {} content-tagger: {} email-alert-api: {} email-alert-frontend: {} email-alert-service: healthcheck_urls: [] # done implicitly as part of app restart script https://github.com/alphagov/email-alert-service/pull/470 feedback: {} finder-frontend: {} frontend: {} government-frontend: {} hmrc-manuals-api: {} imminence: {} info-frontend: {} link-checker-api: {} local-links-manager: {} locations-api: {} manuals-publisher: {} maslow: {} publisher: {} publishing-api: {} release: {} short-url-manager: {} service-manual-publisher: {} sidekiq-monitoring: {} signon: {} smartanswers: repository: 'smart-answers' specialist-publisher: {} support: {} support-api: {} transition: {} travel-advice-publisher: {} whitehall: healthcheck_urls: - "https://whitehall-admin.%{hiera('app_domain_internal')}/healthcheck/ready" - "https://whitehall-frontend.%{hiera('app_domain_internal')}/healthcheck/ready" govuk_jenkins::jobs::deploy_lambda_app::lambda_apps: - 'email_alert_notifications' govuk_postgresql::server::configure_env_sync_user: true govuk_rabbitmq::repo::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_rabbitmq::repo::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_rbenv::all::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_rbenv::all::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_solr6::repo::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_solr6::repo::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_python::apt_source::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_python::apt_source::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_python3::apt_source::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_python3::apt_source::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_python37::apt_source::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_python37::apt_source::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_sudo::sudo_conf: deploy_docker_image: content: 'deploy ALL=NOPASSWD:/usr/bin/docker image *' deploy_init_ctl: content: 'deploy ALL=NOPASSWD:/sbin/initctl' deploy_service_docker: content: 'deploy ALL=NOPASSWD:/etc/init.d/docker-*' deploy_service_memcached: content: 'deploy ALL=NOPASSWD:/etc/init.d/memcached' deploy_service_nginx: content: 'deploy ALL=NOPASSWD:/etc/init.d/nginx' deploy_service_varnish: content: 'deploy ALL=NOPASSWD:/etc/init.d/varnish' deploy_varnishadm: content: 'deploy ALL=NOPASSWD:/usr/bin/varnishadm' deploy_govuk_supervised_initctl: content: 'deploy ALL=NOPASSWD:/usr/local/bin/govuk_supervised_initctl' icinga_init_ctl: content: 'nagios ALL=NOPASSWD:/sbin/initctl reload *' icinga_initctl_restart: content: 'nagios ALL=NOPASSWD:/sbin/initctl restart *' ubuntu: content: 'ubuntu ALL=(ALL) NOPASSWD:ALL' govuk_unattended_reboot::alert_hostname: 'alert' govuk_unattended_reboot::enabled: true govuk_unattended_reboot::mongodb::enabled: true govuk_unattended_reboot::monitoring_basic_auth: username: "%{hiera('http_username')}" password: "%{hiera('http_password')}" grafana::repo::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" grafana::repo::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" grafana::dashboards::app_domain: "%{hiera('app_domain')}" grafana::dashboards::machine_suffix_metrics: '' grafana::dashboards::application_dashboards: account-api: show_postgres_stats: true show_sidekiq_graphs: true has_workers: true asset-manager: show_sidekiq_graphs: true has_workers: true authenticating-proxy: {} cache-clearing-service: {} ckan: docs_name: 'ckanext-datagovuk' # No data in kibana show_controller_errors: false show_postgres_stats: true show_slow_requests: false collections: instance_prefix: 'frontend' show_memcached: true collections-publisher: show_mysql_stats: true show_sidekiq_graphs: true has_workers: true contacts: show_mysql_stats: true docs_name: 'contacts-admin' content-data-admin: show_postgres_stats: true show_sidekiq_graphs: true has_workers: true content-data-api: show_postgres_stats: true show_sidekiq_graphs: true has_workers: true content-publisher: show_postgres_stats: true show_sidekiq_graphs: true has_workers: true content-store: dependent_app_5xx_errors: - collections - contacts - email-alert-frontend - finder-frontend - frontend - government-frontend - info-frontend - publishing-api - smartanswers - whitehall-frontend content-tagger: show_postgres_stats: true show_sidekiq_graphs: true has_workers: true email-alert-api: show_postgres_stats: true show_sidekiq_graphs: true has_workers: true email-alert-frontend: {} email-alert-service: {} feedback: {} finder-frontend: rows: - - content_store_request_time - registry_request_time - search_api_request_time show_memcached: true instance_prefix: 'calculators_frontend' frontend: instance_prefix: 'frontend' show_memcached: true government-frontend: {} hmrc-manuals-api: {} imminence: dependent_app_5xx_errors: - frontend show_sidekiq_graphs: true has_workers: true info-frontend: {} licencefinder: docs_name: 'licence-finder' licensify: {} licensify-admin: {} licensify-feed: {} link-checker-api: show_postgres_stats: true show_sidekiq_graphs: true has_workers: true local-links-manager: dependent_app_5xx_errors: - frontend - imminence instance_prefix: 'backend' show_memcached: true show_postgres_stats: true locations-api: dependent_app_5xx_errors: - frontend - imminence manuals-publisher: show_sidekiq_graphs: true has_workers: true maslow: {} publisher: show_sidekiq_graphs: true has_workers: true publishing-api: show_postgres_stats: true show_sidekiq_graphs: true has_workers: true instance_prefix: 'publishing_api' show_memcached: true release: show_mysql_stats: true router: {} router-api: {} search-api: # search-api is a sinatra app rows: - - reranker_latency_vs_request_count - - reranker_errors - - search_latency_vs_request_count - completion_latency_vs_request_count - spelling_latency_vs_request_count show_controller_errors: false show_response_times: true show_sidekiq_graphs: true show_slow_requests: false has_workers: true dependent_app_5xx_errors: - collections - finder-frontend - whitehall-frontend search-admin: show_mysql_stats: true service-manual-publisher: {} short-url-manager: {} sidekiq-monitoring: {} signon: show_mysql_stats: true show_sidekiq_graphs: true has_workers: true smartanswers: docs_name: 'smart-answers' specialist-publisher: show_sidekiq_graphs: true has_workers: true static: dependent_app_5xx_errors: - collections - contacts - email-alert-frontend - finder-frontend - frontend - government-frontend - smartanswers - whitehall-frontend support: show_sidekiq_graphs: true has_workers: true support-api: show_postgres_stats: true show_sidekiq_graphs: true has_workers: true transition: show_postgres_stats: true show_sidekiq_graphs: true has_workers: true travel-advice-publisher: show_sidekiq_graphs: true has_workers: true whitehall: show_mysql_stats: true show_sidekiq_graphs: true has_workers: true error_threshold: 50 warning_threshold: 25 grub2::recordfail_timeout: 5 icinga::client::config::allowed_hosts: "10.0.0.0/8" icinga::config::http_username: "%{hiera('http_username')}" icinga::config::http_password: "%{hiera('http_password')}" icinga::config::graphite_hostname: "graphite.%{hiera('app_domain_internal')}" limits::entries: 'default_core': ensure: 'present' user: '*' limit_type: 'core' both: 0 'default_nproc': ensure: 'present' user: '*' limit_type: 'nproc' hard: 256 'default_nofile': ensure: 'present' user: '*' limit_type: 'nofile' hard: 2048 mongodb::backup::alert_hostname: 'alert' mongodb::repository::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" mongodb::repository::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" mongodb::server::version: '2.6.12' monitoring::checks::amazonmq::enabled: false monitoring::checks::amazonmq::consuming_apps: [] monitoring::checks::aws_origin_domain: 'dev.govuk.digital' monitoring::checks::http_username: "%{hiera('http_username')}" monitoring::checks::http_password: "%{hiera('http_password')}" monitoring::client::alert_hostname: 'alert' monitoring::client::graphite_hostname: 'graphite' monitoring::contacts::slack_icinga_status_cgi_url: "https://alert.%{::aws_environment}.govuk.digital/cgi-bin/icinga/status.cgi" monitoring::contacts::slack_icinga_extinfo_cgi_url: "https://alert.%{::aws_environment}.govuk.digital/cgi-bin/icinga/status.cgi" monitoring::checks::cache::servers: - 'backend-redis-001' - 'backend-redis-002' monitoring::checks::rds::servers: # NOTE: content-data-api-postgresql-primary is overridden in # modules/monitoring/manifests/checks/rds.pp. If it is removed from this # list, the override will also need to be removed. - 'content-data-api-postgresql-primary' - 'transition-postgresql-primary' - 'transition-postgresql-standby' monitoring::gcloud::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" monitoring::gcloud::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" # FIXME: this has been added to avoid a bug until we move to v3 of the module mysql::client::package_ensure: 'present' nginx::package::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" nginx::package::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" nginx::package::nginx_version: "1.14.0-1~trusty" nodejs::repo::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" nodejs::repo::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" nodejs::version: '12.22.1-1nodesource1' ntp::server_list: - 'ntp.ubuntu.com' - 'time.euro.apple.com' - '0.uk.pool.ntp.org' - '1.uk.pool.ntp.org' - '2.uk.pool.ntp.org' postgresql::lib::devel::link_pg_config: false postgresql::globals::version: '9.3' puppet::puppetserver::puppetdb_version: '2.0.0-1puppetlabs1' puppet::puppetdb::database_password: '' puppet::monitoring::alert_hostname: 'alert' puppet::repository::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" puppet::repository::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" rabbitmq::delete_guest_user: true rabbitmq::config_stomp: true # Always use our mirror because they only provide the latest package. rcs::fsckfix: 'YES' rcs::tmptime: '7' router::assets_origin::whitehall_uploaded_assets_routes: - '/government/placeholder' - '~ ^/government/uploads/system/uploads/attachment_data/file/[0-9]+/.*/preview$' - '~ ^/assets/whitehall/' router::assets_origin::asset_manager_uploaded_assets_routes: - '/government/uploads/' - '/media/' router::assets_origin::vhost_aliases: - "assets.%{hiera('app_domain')}" router::assets_origin::website_root: "%{hiera('govuk::deploy::config::website_root')}" router::nginx::check_requests_warning: '@10' router::nginx::check_requests_critical: '@8' router::nginx::robotstxt: | User-agent: * Disallow: /*/print$ # Don't allow indexing of user needs pages Disallow: /info/* Sitemap: https://www.gov.uk/sitemap.xml # https://ahrefs.com/robot/ crawls the site frequently User-agent: AhrefsBot Crawl-delay: 10 # https://www.deepcrawl.com/bot/ makes lots of requests. Ideally # we'd slow it down rather than blocking it but it doesn't mention # whether or not it supports crawl-delay. User-agent: deepcrawl Disallow: / # Complaints of 429 'Too many requests' seem to be coming from SharePoint servers # (https://social.msdn.microsoft.com/Forums/en-US/3ea268ed-58a6-4166-ab40-d3f4fc55fef4) # The robot doesn't recognise its User-Agent string, see the MS support article: # https://support.microsoft.com/en-us/help/3019711/the-sharepoint-server-crawler-ignores-directives-in-robots-txt User-agent: MS Search 6.0 Robot Disallow: / # Google's crawler was sending requests for each variation of query param for the sectors page of licence-finder # resulting in millions of requests a day. User-agent: Googlebot Disallow: /licence-finder/* sidekiq_host: 'backend-redis' sidekiq_port: '6379' ssh::config::allow_users_enable: true statsd::repo::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" statsd::repo::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" govuk_unattended_reboot::repo::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" govuk_unattended_reboot::repo::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}" unattended_reboot::cron_env_vars: - 'MAILTO=""' unattended_reboot::cron_hour: '0-5' unattended_reboot::etcd_endpoints: - "http://etcd.%{hiera('app_domain_internal')}:2379" unattended_upgrades::blacklist: - 'mysql-server.*' unattended_upgrades::mail_to: 'machine.email@digital.cabinet-office.gov.uk' unattended_upgrades::origins: - "%{::lsbdistid} stable" - "%{::lsbdistid} %{::lsbdistcodename}-security" unicornherder::version: '0.2.1' yarn::repo::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}" yarn::repo::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}"