diff --git a/Makefile b/Makefile
index 860df25..b59d825 100644
--- a/Makefile
+++ b/Makefile
@@ -36,6 +36,9 @@ check-all:
fi \
done
+lint:
+ @rake lint
+
rdoc: $(MANIFESTS)
mkdir .$$$$ ; \
puppetdoc --mode rdoc --outputdir rdoc --modulepath . --manifestdir .$$$$ ; \
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..e39558b
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,4 @@
+
+require 'puppet-lint/tasks/puppet-lint'
+PuppetLint.configuration.send('disable_double_quoted_strings')
+
diff --git a/abusehelper/manifests/init.pp b/abusehelper/manifests/init.pp
index c290af9..8a6a04f 100644
--- a/abusehelper/manifests/init.pp
+++ b/abusehelper/manifests/init.pp
@@ -42,7 +42,7 @@ class abusehelper {
file { "/usr/local/src/abusehelper.tar.gz":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
@@ -60,7 +60,7 @@ class abusehelper {
}
file { "/usr/local/src/idiokit.tar.gz":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
@@ -84,9 +84,9 @@ class abusehelper {
realize(User["abusehel"], Group["abusehel"])
if $abusehelper_datadir {
- file { "${abusehelper_datadir}":
+ file { $abusehelper_datadir:
ensure => directory,
- mode => 0750,
+ mode => "0750",
owner => "root",
group => "abusehel",
require => User["abusehel"],
@@ -94,13 +94,13 @@ class abusehelper {
file { "/var/lib/ah2":
ensure => link,
- target => "${abusehelper_datadir}",
- require => File["${abusehelper_datadir}"],
+ target => $abusehelper_datadir,
+ require => File[$abusehelper_datadir],
}
} else {
file { "/var/lib/ah2":
ensure => directory,
- mode => 0750,
+ mode => "0750",
owner => "root",
group => "abusehel",
require => User["abusehel"],
diff --git a/alpine/manifests/init.pp b/alpine/manifests/init.pp
index ddcc827..5177083 100644
--- a/alpine/manifests/init.pp
+++ b/alpine/manifests/init.pp
@@ -9,22 +9,22 @@ class alpine {
$mail_server = "mail.${domain}"
}
if ! $mail_domain {
- $mail_domain = "${domain}"
+ $mail_domain = $domain
}
-
+
file { "/usr/bin/pine":
ensure => link,
target => "/usr/bin/alpine",
require => Package["alpine"],
}
-
+
file { "/etc/pine.conf.fixed":
ensure => present,
content => template("alpine/pine.conf.fixed.erb"),
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
require => Package["alpine"],
}
-
+
}
diff --git a/amanda/manifests/init.pp b/amanda/manifests/init.pp
index 0485491..8e4875e 100644
--- a/amanda/manifests/init.pp
+++ b/amanda/manifests/init.pp
@@ -2,16 +2,16 @@ class amanda::common {
file { "/var/lib/amanda/.ssh":
ensure => directory,
- mode => 0700,
- owner => amandabackup,
- group => disk,
+ mode => "0700",
+ owner => "amandabackup",
+ group => "disk",
}
file { "/var/lib/amanda/.ssh/authorized_keys":
ensure => present,
- mode => 0600,
- owner => amandabackup,
- group => disk,
+ mode => "0600",
+ owner => "amandabackup",
+ group => "disk",
require => File["/var/lib/amanda/.ssh"],
}
@@ -45,9 +45,9 @@ class amanda::client inherits amanda::common {
file { "/etc/amanda/amanda-client.conf":
ensure => present,
- mode => 0644,
- owner => amandabackup,
- group => disk,
+ mode => "0644",
+ owner => "amandabackup",
+ group => "disk",
content => template("amanda/amanda-client.conf.erb"),
require => Package["amanda-enterprise-backup-client"],
}
@@ -55,7 +55,7 @@ class amanda::client inherits amanda::common {
if $amanda_clientkey {
@@ssh_authorized_key { "amrecover@${homename}":
ensure => present,
- key => "${amanda_clientkey}",
+ key => $amanda_clientkey,
type => "ssh-rsa",
user => "amandabackup",
tag => "amandaclient",
@@ -75,7 +75,7 @@ class amanda::server inherits amanda::common {
if $amanda_serverkey {
@@ssh_authorized_key { "amdump@${homename}":
ensure => present,
- key => "${amanda_serverkey}",
+ key => $amanda_serverkey,
type => "ssh-rsa",
user => "amandabackup",
tag => "amandaserver",
diff --git a/apache/manifests/debian.pp b/apache/manifests/debian.pp
index 02b40a3..8fcccc4 100644
--- a/apache/manifests/debian.pp
+++ b/apache/manifests/debian.pp
@@ -14,7 +14,7 @@ class apache::debian::common {
"/etc/apache2/conf.d",
"/etc/apache2/sites-enabled", ]:
ensure => directory,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
require => Package["httpd"],
@@ -31,7 +31,7 @@ class apache::debian::common {
file { "/etc/apache2/envvars":
ensure => present,
content => template("apache/apache2.envvars.erb"),
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
before => File["/etc/apache2/apache2.conf"],
@@ -42,7 +42,7 @@ class apache::debian::common {
file { "/etc/apache2/httpd.conf":
ensure => present,
content => template("apache/apache2.httpd.conf.erb"),
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
before => File["/etc/apache2/apache2.conf"],
@@ -53,7 +53,7 @@ class apache::debian::common {
file { "/etc/apache2/ports.conf":
ensure => present,
content => "# HTTP server disabled\n",
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
before => File["/etc/apache2/apache2.conf"],
@@ -64,7 +64,7 @@ class apache::debian::common {
file { "/etc/apache2/apache2.conf":
ensure => present,
content => template("apache/apache2.conf.erb"),
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Service["apache2"],
@@ -104,47 +104,47 @@ define apache::debian::site($aliases, $root, $redirect) {
file { "/srv/www/http/${site_fqdn}":
ensure => link,
target => $root,
- before => File["${site_conf}"],
+ before => File[$site_conf],
}
} else {
file { "/srv/www/http/${site_fqdn}":
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
- before => File["${site_conf}"],
+ before => File[$site_conf],
}
}
file { "/srv/www/log/http/${site_fqdn}":
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
- before => File["${site_conf}"],
+ before => File[$site_conf],
}
}
}
- file { "${site_conf}":
+ file { $site_conf:
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Service["apache2"],
}
if $redirect {
- File["${site_conf}"] {
+ File[$site_conf] {
content => "\n ServerName ${site_fqdn}\n Redirect permanent / ${redirect}\n\n",
}
} else {
- File["${site_conf}"] {
+ File[$site_conf] {
content => template("apache/site.http.conf.erb"),
}
- file { "${site_confdir}":
+ file { $site_confdir:
ensure => directory,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
purge => true,
@@ -152,7 +152,7 @@ define apache::debian::site($aliases, $root, $redirect) {
recurse => true,
source => [ "puppet:///files/apache/sites/${site_fqdn}",
"puppet:///modules/custom/empty", ],
- before => File["${site_conf}"],
+ before => File[$site_conf],
notify => Service["apache2"],
}
}
@@ -168,7 +168,7 @@ class apache::debian::sslserver inherits apache::debian::common {
"/srv/www/log/https",
"/srv/www/log/https/${homename}", ]:
ensure => directory,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
require => Package["httpd"],
@@ -196,7 +196,7 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
} else {
file { "/srv/www/https/${site_fqdn}":
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
before => Service["apache2"],
@@ -205,7 +205,7 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
file { "/srv/www/log/https/${site_fqdn}":
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
before => Service["apache2"],
@@ -221,7 +221,7 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
file { "/etc/ssl/certs/${site_fqdn}.crt":
ensure => present,
source => $real_ssl_cert,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Service["apache2"],
@@ -236,7 +236,7 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
file { "/etc/ssl/private/${site_fqdn}.key":
ensure => present,
source => $real_ssl_key,
- mode => 0600,
+ mode => "0600",
owner => root,
group => root,
notify => Service["apache2"],
@@ -246,7 +246,7 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
file { "/etc/ssl/certs/${site_fqdn}.chain.crt":
ensure => present,
source => $ssl_chain,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Service["apache2"],
@@ -256,10 +256,10 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
$site_conf = "/etc/apache2/sites-enabled/${site_fqdn}-ssl.conf"
$site_confdir = "/etc/apache2/sites-enabled/${site_fqdn}-ssl.d"
- file { "${site_conf}":
+ file { $site_conf:
ensure => present,
content => template("apache/site.https.conf.erb"),
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Service["apache2"],
@@ -267,9 +267,9 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
File["/etc/ssl/private/${site_fqdn}.key"], ],
}
- file { "${site_confdir}":
+ file { $site_confdir:
ensure => directory,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
purge => true,
@@ -277,7 +277,7 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
recurse => true,
source => [ "puppet:///files/apache/sslsites/${site_fqdn}",
"puppet:///modules/custom/empty", ],
- before => File["${site_conf}"],
+ before => File[$site_conf],
notify => Service["apache2"],
}
@@ -288,7 +288,7 @@ define apache::debian::configfile($source, $content, $http, $https) {
file { "/etc/apache2/conf.d/${name}":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Service["apache2"],
@@ -334,7 +334,7 @@ define apache::debian::a2enmod($source="", $content="") {
if $source or $content {
file { "/etc/apache2/mods-available/${name}.conf":
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Service["apache2"],
diff --git a/apache/manifests/init.pp b/apache/manifests/init.pp
index bd96f5b..234f1dc 100644
--- a/apache/manifests/init.pp
+++ b/apache/manifests/init.pp
@@ -21,9 +21,9 @@ class apache::common {
}
if $apache_datadir {
- file { "${apache_datadir}":
+ file { $apache_datadir:
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => "root",
group => "root",
seltype => "httpd_sys_content_t",
@@ -31,13 +31,13 @@ class apache::common {
file { "/srv/www":
ensure => link,
- target => "${apache_datadir}",
- require => File["${apache_datadir}"],
+ target => $apache_datadir,
+ require => File[$apache_datadir],
}
} else {
file { "/srv/www":
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
}
@@ -45,7 +45,7 @@ class apache::common {
file { "/srv/www/log":
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
require => File["/srv/www"],
@@ -55,7 +55,7 @@ class apache::common {
if $apache_datadir {
selinux::manage_fcontext { "${apache_datadir}(/.*)?":
type => "httpd_sys_content_t",
- before => File["${apache_datadir}"],
+ before => File[$apache_datadir],
}
}
}
@@ -70,11 +70,11 @@ class apache::common {
}
file { "/usr/local/sbin/www-logrotate.sh":
- ensure => present,
- source => "puppet:///modules/apache/www-logrotate.sh",
- mode => 0755,
- owner => root,
- group => root,
+ ensure => present,
+ source => "puppet:///modules/apache/www-logrotate.sh",
+ mode => "0755",
+ owner => root,
+ group => root,
seluser => "system_u",
selrole => "object_r",
seltype => "httpd_rotatelogs_exec_t",
@@ -155,14 +155,14 @@ define apache::site($aliases="", $root="", $redirect="") {
case $operatingsystem {
debian,ubuntu: {
- apache::debian::site { "${name}":
+ apache::debian::site { $name:
aliases => $aliases,
root => $root,
redirect => $redirect,
}
}
centos,fedora: {
- apache::redhat::site { "${name}":
+ apache::redhat::site { $name:
aliases => $aliases,
root => $root,
redirect => $redirect,
@@ -175,8 +175,8 @@ define apache::site($aliases="", $root="", $redirect="") {
if !$redirect {
$site_fqdn = $name ? {
- "default" => "${homename}",
- default => "${name}",
+ "default" => $homename,
+ default => $name,
}
apache::webalizer::site { "http/${site_fqdn}":
site_proto => "http",
@@ -268,7 +268,7 @@ define apache::sslsite($ipaddr="_default_", $root="", $ssl_cert="", $ssl_key="",
case $operatingsystem {
debian,ubuntu: {
$apache_ssldir = "/etc/ssl"
- apache::debian::sslsite { "${name}":
+ apache::debian::sslsite { $name:
ipaddr => $ipaddr,
root => $root,
ssl_cert => $ssl_cert,
@@ -279,7 +279,7 @@ define apache::sslsite($ipaddr="_default_", $root="", $ssl_cert="", $ssl_key="",
}
centos,fedora: {
$apache_ssldir = "/etc/pki/tls"
- apache::redhat::sslsite { "${name}":
+ apache::redhat::sslsite { $name:
ipaddr => $ipaddr,
root => $root,
ssl_cert => $ssl_cert,
@@ -294,8 +294,8 @@ define apache::sslsite($ipaddr="_default_", $root="", $ssl_cert="", $ssl_key="",
}
$site_fqdn = $name ? {
- "default" => "${homename}",
- default => "${name}",
+ "default" => $homename,
+ default => $name,
}
apache::webalizer::site { "https/${site_fqdn}":
site_proto => "https",
@@ -335,17 +335,17 @@ define apache::configfile($source="", $content="", $http=true, $https=true) {
case $operatingsystem {
debian,ubuntu: {
- apache::debian::configfile { "${name}":
- source => "${source}",
- content => "${content}",
+ apache::debian::configfile { $name:
+ source => $source,
+ content => $content,
http => $http,
https => $https,
}
}
centos,fedora: {
- apache::redhat::configfile { "${name}":
- source => "${source}",
- content => "${content}",
+ apache::redhat::configfile { $name:
+ source => $source,
+ content => $content,
http => $http,
https => $https,
}
@@ -418,7 +418,7 @@ class apache::mod::fcgid {
ubuntu => "libapache2-mod-fcgid",
default => "mod_fcgid",
},
- ensure => installed,
+ ensure => installed,
require => Package["httpd"],
}
@@ -485,7 +485,7 @@ class apache::mod::perl {
ubuntu => "libapache2-mod-perl2",
default => "mod_perl",
},
- ensure => installed,
+ ensure => installed,
require => Package["httpd"],
}
@@ -518,7 +518,7 @@ class apache::mod::php {
ubuntu => "libapache2-mod-php5",
default => "php",
},
- ensure => installed,
+ ensure => installed,
require => Package["httpd"],
}
@@ -608,7 +608,7 @@ class apache::mod::python {
ubuntu => "libapache2-mod-python",
default => "mod_python",
},
- ensure => installed,
+ ensure => installed,
require => Package["httpd"],
}
@@ -697,7 +697,7 @@ class apache::webalizer {
"/srv/www/webalizer/html/https",
"/srv/www/webalizer/html", ]:
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => $operatingsystem ? {
debian => root,
ubuntu => root,
@@ -711,7 +711,7 @@ class apache::webalizer {
"/etc/webalizer/http",
"/etc/webalizer/https", ]:
ensure => directory,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
}
@@ -741,7 +741,7 @@ class apache::webalizer {
file { "/usr/local/sbin/www-webalizer.sh":
ensure => present,
source => "puppet:///modules/apache/www-webalizer.sh",
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
require => Package["webalizer"],
@@ -770,7 +770,7 @@ define apache::webalizer::site($site_proto, $site_fqdn) {
@file { "/etc/webalizer/${name}.conf":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
content => template("apache/webalizer.conf.erb"),
@@ -781,7 +781,7 @@ define apache::webalizer::site($site_proto, $site_fqdn) {
@file { [ "/srv/www/webalizer/history/${name}",
"/srv/www/webalizer/html/${name}", ]:
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => $operatingsystem ? {
debian => root,
ubuntu => root,
diff --git a/apache/manifests/redhat.pp b/apache/manifests/redhat.pp
index d476e62..1b72443 100644
--- a/apache/manifests/redhat.pp
+++ b/apache/manifests/redhat.pp
@@ -7,7 +7,7 @@ class apache::redhat::server {
"/srv/www/log/http",
"/srv/www/log/http/${homename}", ]:
ensure => directory,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
require => Package["httpd"],
@@ -24,7 +24,7 @@ class apache::redhat::server {
file { "/etc/httpd/conf/httpd.conf":
ensure => present,
content => template("apache/httpd.conf.erb"),
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
require => Package["httpd"],
@@ -57,47 +57,47 @@ define apache::redhat::site($aliases, $root, $redirect) {
file { "/srv/www/http/${site_fqdn}":
ensure => link,
target => $root,
- before => File["${site_conf}"],
+ before => File[$site_conf],
}
} else {
file { "/srv/www/http/${site_fqdn}":
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
- before => File["${site_conf}"],
+ before => File[$site_conf],
}
}
file { "/srv/www/log/http/${site_fqdn}":
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
- before => File["${site_conf}"],
+ before => File[$site_conf],
}
}
}
- file { "${site_conf}":
+ file { $site_conf:
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Service["httpd"],
}
if $redirect {
- File["${site_conf}"] {
+ File[$site_conf] {
content => "\n ServerName ${site_fqdn}\n Redirect permanent / ${redirect}\n\n",
}
} else {
- File["${site_conf}"] {
+ File[$site_conf] {
content => template("apache/site.http.conf.erb"),
}
- file { "${site_confdir}":
+ file { $site_confdir:
ensure => directory,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
purge => true,
@@ -105,7 +105,7 @@ define apache::redhat::site($aliases, $root, $redirect) {
recurse => true,
source => [ "puppet:///files/apache/sites/${site_fqdn}",
"puppet:///modules/custom/empty", ],
- before => File["${site_conf}"],
+ before => File[$site_conf],
notify => Service["httpd"],
}
}
@@ -126,7 +126,7 @@ class apache::redhat::sslserver {
"/srv/www/log/https",
"/srv/www/log/https/${homename}", ]:
ensure => directory,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
require => Package["httpd"],
@@ -142,7 +142,7 @@ class apache::redhat::sslserver {
file { "/etc/httpd/conf/httpsd.conf":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
content => template("apache/httpsd.conf.erb"),
@@ -153,7 +153,7 @@ class apache::redhat::sslserver {
file { "/etc/init.d/httpsd":
ensure => present,
source => "puppet:///modules/apache/httpsd",
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
}
@@ -197,7 +197,7 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
} else {
file { "/srv/www/https/${site_fqdn}":
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
before => Service["httpsd"],
@@ -206,7 +206,7 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
file { "/srv/www/log/https/${site_fqdn}":
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
before => Service["httpsd"],
@@ -222,7 +222,7 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
file { "/etc/pki/tls/certs/${site_fqdn}.crt":
ensure => present,
source => $real_ssl_cert,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Service["httpsd"],
@@ -237,7 +237,7 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
file { "/etc/pki/tls/private/${site_fqdn}.key":
ensure => present,
source => $real_ssl_key,
- mode => 0600,
+ mode => "0600",
owner => root,
group => root,
notify => Service["httpsd"],
@@ -247,7 +247,7 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
file { "/etc/pki/tls/certs/${site_fqdn}.chain.crt":
ensure => present,
source => $ssl_chain,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Service["httpsd"],
@@ -257,10 +257,10 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
$site_conf = "/etc/httpd/site.https.d/${site_fqdn}.conf"
$site_confdir = "/etc/httpd/site.https.d/${site_fqdn}.d"
- file { "${site_conf}":
+ file { $site_conf:
ensure => present,
content => template("apache/site.https.conf.erb"),
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Service["httpsd"],
@@ -268,9 +268,9 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
File["/etc/pki/tls/private/${site_fqdn}.key"], ],
}
- file { "${site_confdir}":
+ file { $site_confdir:
ensure => directory,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
purge => true,
@@ -278,7 +278,7 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
recurse => true,
source => [ "puppet:///files/apache/sslsites/${site_fqdn}",
"puppet:///modules/custom/empty", ],
- before => File["${site_conf}"],
+ before => File[$site_conf],
notify => Service["httpsd"],
}
@@ -289,11 +289,11 @@ define apache::redhat::configfile($source, $content, $http, $https) {
if defined(Service["httpd"]) {
file { "/etc/httpd/conf.http.d/${name}":
- ensure => $http ? {
+ ensure => $http ? {
true => present,
default => absent,
},
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Service["httpd"],
@@ -322,11 +322,11 @@ define apache::redhat::configfile($source, $content, $http, $https) {
if defined(Service["httpsd"]) {
file { "/etc/httpd/conf.https.d/${name}":
- ensure => $https ? {
+ ensure => $https ? {
true => present,
default => absent,
},
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Service["httpsd"],
diff --git a/apcupsd/manifests/init.pp b/apcupsd/manifests/init.pp
index e6bfaee..b32c56b 100644
--- a/apcupsd/manifests/init.pp
+++ b/apcupsd/manifests/init.pp
@@ -4,18 +4,18 @@
class apcupsd {
package { "apcupsd":
- ensure => installed,
+ ensure => installed,
}
service { "apcupsd":
- ensure => running,
- enable => true,
- require => Package["apcupsd"],
+ ensure => running,
+ enable => true,
+ require => Package["apcupsd"],
}
file { "/etc/apcupsd/apcupsd.conf":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
require => Package["apcupsd"],
diff --git a/apt/manifests/init.pp b/apt/manifests/init.pp
index 6b2e4f7..644d8ba 100644
--- a/apt/manifests/init.pp
+++ b/apt/manifests/init.pp
@@ -2,7 +2,7 @@ class apt {
file { "/var/cache/apt/local-archives":
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
}
@@ -16,6 +16,63 @@ class apt {
}
+# Install common packages for using PPA's.
+#
+class apt::ppa::helper {
+
+ package { "python-software-properties":
+ ensure => installed,
+ }
+
+}
+
+
+# Add PPA archive to system.
+#
+# === Parameters
+#
+# $name:
+# PPA name. Needs to be in format "ppa:user/ppa-name".
+#
+# $ensure:
+# Ensure archive is absent or present. Defaults to present.
+#
+# === Sample usage
+#
+# apt::ppa { "ppa:igraph/ppa": }
+#
+define apt::ppa($ensure = "present") {
+
+ tag("bootstrap")
+
+ include apt
+ include apt::ppa::helper
+ $fname = regsubst($name, "^ppa:([^\/]+)\/(.+)", "\\1-\\2-${lsbdistcodename}.list")
+
+ case $ensure {
+ "present": {
+ exec { "add-apt-repository ${name}":
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ user => "root",
+ creates => "/etc/apt/sources.list.d/${fname}",
+ require => Package["python-software-properties"],
+ notify => Exec["apt-get-update"],
+ }
+ }
+ "absent": {
+ file { "/etc/apt/sources.list.d/${fname}":
+ ensure => absent,
+ notify => Exec["apt-get-update"],
+ }
+ }
+ default: {
+ fail("test")
+ }
+ }
+
+}
+
+
# Configure /etc/apt/sources.list
#
# === Global variables
@@ -40,7 +97,7 @@ class apt::sources {
file { "/etc/apt/sources.list":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
content => template("apt/sources.list.erb"),
@@ -68,7 +125,7 @@ class apt::cacher {
ensure => present,
source => [ "puppet:///files/apt/apt-cacher.conf",
"puppet:///modules/apt/apt-cacher.conf", ],
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Service["apt-cacher"],
@@ -121,7 +178,7 @@ class apt::mirror {
default => "/etc/apt/miror.list",
},
content => template("apt/mirror.list.erb"),
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
require => Package["apt-mirror"],
@@ -160,13 +217,13 @@ define apt::package($ensure, $source) {
default => absent,
},
source => $source,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
require => File["/var/cache/apt/local-archives"],
}
- package { "${name}":
+ package { $name:
ensure => $ensure,
source => "/var/cache/apt/local-archives/${filename}",
provider => dpkg,
@@ -248,7 +305,7 @@ define apt::repo($ensure, $source, $dist="", $components="main",
file { "/etc/apt/sources.list.d/${name}.list":
ensure => $ensure,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
content => $content,
@@ -281,7 +338,7 @@ define apt::repo($ensure, $source, $dist="", $components="main",
$origin = regsubst($source, "^([^:]+://)([^/]+)/.*$", "\\2")
file { "/etc/apt/preferences.d/${name}.pref":
ensure => $ensure,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
content => $label ? {
diff --git a/arduino/manifests/init.pp b/arduino/manifests/init.pp
index e8c41c3..dad2a33 100644
--- a/arduino/manifests/init.pp
+++ b/arduino/manifests/init.pp
@@ -34,7 +34,7 @@ class arduino {
file { "/usr/local/src/arduino.tgz":
ensure => present,
source => "puppet:///files/packages/${arduino_package}",
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
}
diff --git a/autofs/manifests/init.pp b/autofs/manifests/init.pp
index 7fd8fbc..0af45c0 100644
--- a/autofs/manifests/init.pp
+++ b/autofs/manifests/init.pp
@@ -2,26 +2,26 @@
class autofs {
package { "autofs":
- ensure => installed,
+ ensure => installed,
}
service { "autofs":
- ensure => running,
- enable => true,
- hasstatus => true,
- require => Package["autofs"],
+ ensure => running,
+ enable => true,
+ hasstatus => true,
+ require => Package["autofs"],
}
file { "/etc/auto.master":
- ensure => present,
- source => [ "puppet:///files/autofs/auto.master.${fqdn}",
- "puppet:///files/autofs/auto.master",
- "puppet:///modules/autofs/auto.master", ],
- mode => 0644,
- owner => root,
- group => root,
- require => Package["autofs"],
- notify => Service["autofs"],
+ ensure => present,
+ source => [ "puppet:///files/autofs/auto.master.${fqdn}",
+ "puppet:///files/autofs/auto.master",
+ "puppet:///modules/autofs/auto.master", ],
+ mode => "0644",
+ owner => "root",
+ group => "root",
+ require => Package["autofs"],
+ notify => Service["autofs"],
}
}
diff --git a/avahi/manifests/init.pp b/avahi/manifests/init.pp
index 4bc6400..1951dbe 100644
--- a/avahi/manifests/init.pp
+++ b/avahi/manifests/init.pp
@@ -33,7 +33,7 @@ class avahi::daemon {
force => true,
recurse => true,
source => "puppet:///modules/custom/empty",
- mode => 0755,
+ mode => "0755",
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
@@ -41,7 +41,7 @@ class avahi::daemon {
},
require => Package["avahi"],
}
-
+
}
@@ -84,7 +84,7 @@ class avahi::disabled {
define avahi::service($port = "AUTO", $description = "%h", $ensure = "present", $txt = []) {
$filename = regsubst($name, '^_([^.]+)\._.*', '\1.service')
-
+
if $port == "AUTO" {
$realport = avahi_service_port($name)
} else {
@@ -94,7 +94,7 @@ define avahi::service($port = "AUTO", $description = "%h", $ensure = "present",
file { "/etc/avahi/services/${filename}":
ensure => $ensure,
content => template("avahi/service.erb"),
- mode => 0644,
+ mode => "0644",
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
diff --git a/backuppc/manifests/init.pp b/backuppc/manifests/init.pp
index e8a3f47..e92d756 100644
--- a/backuppc/manifests/init.pp
+++ b/backuppc/manifests/init.pp
@@ -17,17 +17,17 @@
define backuppc::manualclient($ensure = "present", $operatingsystem = "default") {
@@file { "/etc/BackupPC/pc/${name}.pl":
- ensure => "${ensure}",
- source => [ "puppet:///files/backuppc/${name}.pl",
- "puppet:///files/backuppc/${operatingsystem}.pl",
- "puppet:///files/backuppc/default.pl",
- "puppet:///modules/backuppc/default.pl", ],
- mode => 0640,
- owner => root,
- group => backuppc,
- tag => "backuppc",
- require => File["/etc/BackupPC/pc"],
- notify => Exec["generate-backuppc-hosts"],
+ ensure => $ensure,
+ source => [ "puppet:///files/backuppc/${name}.pl",
+ "puppet:///files/backuppc/${operatingsystem}.pl",
+ "puppet:///files/backuppc/default.pl",
+ "puppet:///modules/backuppc/default.pl", ],
+ mode => "0640",
+ owner => root,
+ group => backuppc,
+ tag => "backuppc",
+ require => File["/etc/BackupPC/pc"],
+ notify => Exec["generate-backuppc-hosts"],
}
}
@@ -36,9 +36,9 @@ define backuppc::manualclient($ensure = "present", $operatingsystem = "default")
#
class backuppc::client {
- backuppc::manualclient { "${homename}":
- ensure => present,
- operatingsystem => "${operatingsystem}",
+ backuppc::manualclient { $homename:
+ ensure => present,
+ operatingsystem => $operatingsystem,
}
include rsync
@@ -57,25 +57,25 @@ class backuppc::server {
realize(User["backuppc"], Group["backuppc"])
package { "BackupPC":
- ensure => installed,
+ ensure => installed,
require => [ User["backuppc"],
Group["backuppc"], ],
}
if $backuppc_datadir {
- file { "${backuppc_datadir}":
+ file { $backuppc_datadir:
ensure => directory,
- mode => 0750,
+ mode => "0750",
owner => "backuppc",
group => "root",
require => Package["BackupPC"],
}
file { "/var/lib/BackupPC":
- ensure => "${backuppc_datadir}",
+ ensure => $backuppc_datadir,
force => true,
backup => ".orig",
- require => File["${backuppc_datadir}"],
+ require => File[$backuppc_datadir],
before => File["/var/lib/BackupPC/.ssh"],
}
}
@@ -88,7 +88,7 @@ class backuppc::server {
file { "/usr/share/BackupPC/sbin/.htaccess":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
source => [ "puppet:///files/backuppc/htaccess",
@@ -98,7 +98,7 @@ class backuppc::server {
file { "/usr/share/BackupPC/sbin/BackupPC_Admin":
ensure => present,
- mode => 4750,
+ mode => "4750",
owner => "backuppc",
group => $apache::sslserver::group,
require => Package["BackupPC"],
@@ -114,7 +114,7 @@ class backuppc::server {
file { "/etc/BackupPC/apache.users":
ensure => present,
- mode => 0640,
+ mode => "0640",
owner => "root",
group => $apache::sslserver::group,
seltype => $operatingsystem ? {
@@ -128,11 +128,11 @@ class backuppc::server {
}
file { "/etc/BackupPC/config.pl":
- ensure => present,
- source => "puppet:///files/backuppc/config.pl",
- mode => 0440,
- owner => "backuppc",
- group => "backuppc",
+ ensure => present,
+ source => "puppet:///files/backuppc/config.pl",
+ mode => "0440",
+ owner => "backuppc",
+ group => "backuppc",
seltype => $operatingsystem ? {
"centos" => $operatingsystemrelease ? {
/^5/ => "httpd_sys_script_rw_t",
@@ -140,17 +140,17 @@ class backuppc::server {
},
default => "httpd_sys_rw_content_t",
},
- require => Package["BackupPC"],
- notify => Service["backuppc"],
+ require => Package["BackupPC"],
+ notify => Service["backuppc"],
}
file { "/etc/BackupPC/hosts.in":
- ensure => present,
- source => [ "puppet:///files/backuppc/hosts.in",
- "puppet:///modules/backuppc/hosts.in", ],
- mode => 0644,
- owner => "root",
- group => "backuppc",
+ ensure => present,
+ source => [ "puppet:///files/backuppc/hosts.in",
+ "puppet:///modules/backuppc/hosts.in", ],
+ mode => "0644",
+ owner => "root",
+ group => "backuppc",
seltype => $operatingsystem ? {
"centos" => $operatingsystemrelease ? {
/^5/ => "httpd_sys_script_rw_t",
@@ -158,18 +158,18 @@ class backuppc::server {
},
default => "httpd_sys_rw_content_t",
},
- require => Package["BackupPC"],
- notify => Exec["generate-backuppc-hosts"],
+ require => Package["BackupPC"],
+ notify => Exec["generate-backuppc-hosts"],
}
file { "/etc/BackupPC/pc":
- ensure => directory,
- purge => true,
- force => true,
- recurse => true,
- mode => 0640,
- owner => "root",
- group => "backuppc",
+ ensure => directory,
+ purge => true,
+ force => true,
+ recurse => true,
+ mode => "0640",
+ owner => "root",
+ group => "backuppc",
seltype => $operatingsystem ? {
"centos" => $operatingsystemrelease ? {
/^5/ => "httpd_sys_script_rw_t",
@@ -177,17 +177,17 @@ class backuppc::server {
},
default => "httpd_sys_rw_content_t",
},
- source => "puppet:///modules/custom/empty",
- require => Package["BackupPC"],
- notify => Exec["generate-backuppc-hosts"],
+ source => "puppet:///modules/custom/empty",
+ require => Package["BackupPC"],
+ notify => Exec["generate-backuppc-hosts"],
}
exec { "generate-backuppc-hosts":
- command => "/bin/sh -c '(cat /etc/BackupPC/hosts.in ; find /etc/BackupPC/pc -name \\*.pl -exec basename {} .pl \\; | sed -e \"s/\$/ 0 adm/\") > /etc/BackupPC/hosts'",
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- refreshonly => true,
- require => File["/etc/BackupPC/hosts.in"],
- notify => Service["backuppc"],
+ command => "/bin/sh -c '(cat /etc/BackupPC/hosts.in ; find /etc/BackupPC/pc -name \\*.pl -exec basename {} .pl \\; | sed -e \"s/\$/ 0 adm/\") > /etc/BackupPC/hosts'",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ refreshonly => true,
+ require => File["/etc/BackupPC/hosts.in"],
+ notify => Service["backuppc"],
}
File <<| tag == "backuppc" |>> {
@@ -201,21 +201,21 @@ class backuppc::server {
}
service { "backuppc":
- ensure => running,
- enable => true,
- require => Package["BackupPC"],
+ ensure => running,
+ enable => true,
+ require => Package["BackupPC"],
}
file { "/var/lib/BackupPC/.ssh":
ensure => directory,
- mode => 0750,
+ mode => "0750",
owner => "root",
group => "backuppc",
}
file { "/var/lib/BackupPC/.ssh/id_rsa":
ensure => present,
source => "/etc/ssh/ssh_host_rsa_key",
- mode => 0640,
+ mode => "0640",
owner => "root",
group => "backuppc",
require => File["/var/lib/BackupPC/.ssh"],
@@ -224,7 +224,7 @@ class backuppc::server {
file { "/var/lib/BackupPC/.ssh/id_rsa.pub":
ensure => present,
source => "/etc/ssh/ssh_host_rsa_key.pub",
- mode => 0640,
+ mode => "0640",
owner => "root",
group => "backuppc",
require => File["/var/lib/BackupPC/.ssh"],
diff --git a/clarified/manifests/init.pp b/clarified/manifests/init.pp
index 8fbb8d9..edaf916 100644
--- a/clarified/manifests/init.pp
+++ b/clarified/manifests/init.pp
@@ -14,12 +14,19 @@ class clarified::analyzer {
file { "/usr/local/src/clarified-analyzer-linux-i686.sh":
ensure => present,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
source => "puppet:///files/packages/${clarified_analyzer_package}",
before => Exec["/usr/local/src/clarified-analyzer-linux-i686.sh"],
}
+ exec { "rm -f /usr/local/clarified-analyzer":
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ onlyif => "test -h /usr/local/clarified-analyzer",
+ subscribe => File["/usr/local/src/clarified-analyzer-linux-i686.sh"],
+ before => Exec["/usr/local/src/clarified-analyzer-linux-i686.sh"],
+ refreshonly => true,
+ }
exec { "/usr/local/src/clarified-analyzer-linux-i686.sh":
creates => "/usr/local/clarified-analyzer",
}
@@ -42,22 +49,22 @@ class clarified::recorder {
}
if $recorder_datadir {
- file { "${recorder_datadir}":
+ file { $recorder_datadir:
ensure => directory,
- mode => 0700,
+ mode => "0700",
owner => root,
group => root,
}
file { "/var/lib/recorder":
ensure => link,
- target => "${recorder_datadir}",
- require => File["${recorder_datadir}"],
+ target => $recorder_datadir,
+ require => File[$recorder_datadir],
}
} else {
file { "/var/lib/recorder":
ensure => directory,
- mode => 0700,
+ mode => "0700",
owner => root,
group => root,
}
@@ -67,7 +74,7 @@ class clarified::recorder {
"/etc/clarified/probe.d",
"/etc/clarified/remote.d", ]:
ensure => directory,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
before => Exec["/usr/local/src/clarified-recorder-linux-i686.sh"],
@@ -82,12 +89,20 @@ class clarified::recorder {
file { "/usr/local/src/clarified-recorder-linux-i686.sh":
ensure => present,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
source => "puppet:///files/packages/${clarified_recorder_package}",
before => Exec["/usr/local/src/clarified-recorder-linux-i686.sh"],
}
+ exec { "rm -f /usr/local/probe":
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ onlyif => "test -h /usr/local/probe",
+ subscribe => File["/usr/local/src/clarified-recorder-linux-i686.sh"],
+ before => Exec["/usr/local/src/clarified-recorder-linux-i686.sh"],
+ notify => Service["clarified-probe"],
+ refreshonly => true,
+ }
exec { "/usr/local/src/clarified-recorder-linux-i686.sh":
creates => "/usr/local/probe",
}
@@ -103,7 +118,7 @@ class clarified::recorder {
file { "/etc/init.d/clarified-probe":
ensure => present,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
source => "/usr/local/probe/probe-init.sh",
@@ -171,7 +186,7 @@ define clarified::probe($interface="", $snaplen="65535", $keeptime="100GB",
true => present,
false => absent,
},
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
content => template("clarified/probe.erb"),
@@ -184,7 +199,7 @@ define clarified::probe($interface="", $snaplen="65535", $keeptime="100GB",
true => present,
false => absent,
},
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
content => template("clarified/remote.erb"),
@@ -194,7 +209,7 @@ define clarified::probe($interface="", $snaplen="65535", $keeptime="100GB",
file { "/var/lib/recorder/${name}":
ensure => directory,
- mode => 0700,
+ mode => "0700",
owner => root,
group => root,
require => File["/var/lib/recorder"],
diff --git a/cups/manifests/init.pp b/cups/manifests/init.pp
index c2b1dc3..07efd87 100644
--- a/cups/manifests/init.pp
+++ b/cups/manifests/init.pp
@@ -4,23 +4,23 @@
class cups::client {
package { "cups":
- ensure => installed,
+ ensure => installed,
}
file { "/etc/cups/client.conf":
- ensure => present,
- content => template("cups/client.conf.erb"),
- mode => 0644,
- owner => root,
- group => $operatingsystem ? {
- openbsd => wheel,
- default => lp,
- },
- require => Package["cups"],
+ ensure => present,
+ content => template("cups/client.conf.erb"),
+ mode => "0644",
+ owner => root,
+ group => $operatingsystem ? {
+ openbsd => wheel,
+ default => lp,
+ },
+ require => Package["cups"],
}
case $operatingsystem {
- openbsd: {
+ openbsd: {
exec { "cups-enable":
command => $operatingsystemrelease ? {
/4\.[1-8]/ => "echo y | cups-enable",
@@ -30,8 +30,8 @@ class cups::client {
user => "root",
creates => "/usr/bin/lpr.pre-cups",
require => Package["cups"],
- }
- }
+ }
+ }
}
}
@@ -41,7 +41,7 @@ class cups::client {
class cups::server inherits cups::client {
package { [ "ghostscript", "system-config-printer" ]:
- ensure => installed,
+ ensure => installed,
}
file { "/etc/cups/cupsd.conf":
@@ -49,7 +49,7 @@ class cups::server inherits cups::client {
source => [ "puppet:///files/cups/cupsd.conf.${fqdn}",
"puppet:///files/cups/cupsd.conf",
"puppet:///modules/cups/cupsd.conf", ],
- mode => 0640,
+ mode => "0640",
owner => root,
group => lp,
require => Package["cups"],
@@ -57,21 +57,21 @@ class cups::server inherits cups::client {
}
service { "cups":
- ensure => running,
- enable => true,
- require => Package["cups"],
+ ensure => running,
+ enable => true,
+ require => Package["cups"],
}
file { "/etc/cups/ppd":
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => root,
group => lp,
require => Package["cups"],
}
-
+
File["/etc/cups/client.conf"] {
- content => "ServerName 127.0.0.1\n",
+ content => "ServerName 127.0.0.1\n",
}
}
@@ -136,7 +136,7 @@ define cups::printer($uri, $ensure = present) {
ensure => $ensure,
source => [ "puppet:///files/cups/${name}.ppd",
"puppet:///modules/cups/postscript.ppd" ],
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
require => $ensure ? {
@@ -157,12 +157,12 @@ class cups::lpd {
include inetd::server
package { "cups-lpd":
- ensure => installed,
+ ensure => installed,
}
inetd::service { "cups-lpd":
- ensure => present,
- require => Package["cups-lpd"],
+ ensure => present,
+ require => Package["cups-lpd"],
}
}
@@ -175,26 +175,26 @@ class cups::samba {
include samba::server
file { [ "/etc/samba/drivers",
- "/usr/share/cups/drivers",
- "/usr/share/cups/drivers/x64", ]:
- ensure => directory,
- mode => 0755,
- owner => root,
- group => root,
- require => [ Package["samba"],
- Package["cups"], ],
+ "/usr/share/cups/drivers",
+ "/usr/share/cups/drivers/x64", ]:
+ ensure => directory,
+ mode => "0755",
+ owner => root,
+ group => root,
+ require => [ Package["samba"],
+ Package["cups"], ],
}
define driverfile() {
- file { "/usr/share/cups/drivers/${name}":
- ensure => present,
- source => "puppet:///modules/cups/drivers/${name}",
- mode => 0644,
- owner => root,
- group => root,
- require => [ File["/usr/share/cups/drivers"],
- File["/usr/share/cups/drivers/x64"], ],
- }
+ file { "/usr/share/cups/drivers/${name}":
+ ensure => present,
+ source => "puppet:///modules/cups/drivers/${name}",
+ mode => "0644",
+ owner => root,
+ group => root,
+ require => [ File["/usr/share/cups/drivers"],
+ File["/usr/share/cups/drivers/x64"], ],
+ }
}
driverfile { "cups6.inf": }
@@ -218,11 +218,11 @@ class cups::samba {
driverfile { "x64/pscript5.dll": }
file { "/etc/cron.hourly/update-printer-inf.sh":
- ensure => present,
- source => "puppet:///modules/cups/update-printer-inf.sh",
- mode => 0755,
- owner => root,
- group => root,
+ ensure => present,
+ source => "puppet:///modules/cups/update-printer-inf.sh",
+ mode => "0755",
+ owner => root,
+ group => root,
}
}
@@ -233,24 +233,24 @@ class cups::samba {
class cups::snmp {
package { "net-snmp-utils":
- ensure => installed,
+ ensure => installed,
}
file { "/etc/cron.hourly/printer-details.py":
- ensure => present,
- source => "puppet:///modules/cups/printer-details.py",
- mode => 0755,
- owner => root,
- group => root,
- require => Package["net-snmp-utils"],
+ ensure => present,
+ source => "puppet:///modules/cups/printer-details.py",
+ mode => "0755",
+ owner => root,
+ group => root,
+ require => Package["net-snmp-utils"],
}
exec { "create-details-dir":
- command => "umask 022 ; mkdir /usr/share/doc/cups-`rpm -q --queryformat='%{VERSION}' cups`/details",
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- user => root,
- unless => "test -d /usr/share/doc/cups-`rpm -q --queryformat='%{VERSION}' cups`/details",
- require => Package["cups"],
+ command => "umask 022 ; mkdir /usr/share/doc/cups-`rpm -q --queryformat='%{VERSION}' cups`/details",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ user => root,
+ unless => "test -d /usr/share/doc/cups-`rpm -q --queryformat='%{VERSION}' cups`/details",
+ require => Package["cups"],
}
}
diff --git a/custom/manifests/init.pp b/custom/manifests/init.pp
index 9bd6ab7..3124de1 100644
--- a/custom/manifests/init.pp
+++ b/custom/manifests/init.pp
@@ -3,7 +3,7 @@ class custom {
file { "/srv":
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => root,
group => $operatingsystem ? {
OpenBSD => wheel,
@@ -50,11 +50,11 @@ define custom::file($ensure, $group="NONE", $mode="NONE", $owner="NONE", $seltyp
$test = regsubst($source, '^([^:]+)://.+$', '\1')
if "${test}" == "${source}" {
$method = "file"
- $path = "${source}"
+ $path = $source
} else {
- $method = "${test}"
+ $method = $test
}
-
+
case $method {
"ftp","http","https": {
$fetch_cmd = "wget -q -O '${name}' '${source}'"
@@ -75,33 +75,33 @@ define custom::file($ensure, $group="NONE", $mode="NONE", $owner="NONE", $seltyp
cwd => regsubst($name, '(.*)/[^/]+$', '\1'),
command => $fetch_cmd,
unless => $diff_cmd,
- before => File["${name}"],
+ before => File[$name],
}
}
}
- file { "${name}":
- ensure => "${ensure}",
- source => "${method}" ? {
- "file" => "${path}",
- "puppet" => "${source}",
- default => undef,
+ file { $name:
+ ensure => $ensure,
+ source => $method ? {
+ "file" => $path,
+ "puppet" => $source,
+ default => undef,
},
- mode => "${mode}" ? {
- "NONE" => undef,
- default => "${mode}",
- },
- owner => "${owner}" ? {
+ mode => $mode ? {
"NONE" => undef,
- default => "${owner}",
+ default => $mode,
},
- group => "${group}" ? {
+ owner => $owner ? {
"NONE" => undef,
- default => "${group}",
+ default => $owner,
},
- seltype => "${seltype}" ? {
+ group => $group ? {
"NONE" => undef,
- default => "${seltype}",
+ default => $group,
+ },
+ seltype => $seltype ? {
+ "NONE" => undef,
+ default => $seltype,
},
}
@@ -132,7 +132,7 @@ class custom::rootpassword {
default: {
user { "root":
ensure => present,
- password => "${root_password}",
+ password => $root_password,
}
}
}
diff --git a/daap/manifests/init.pp b/daap/manifests/init.pp
index 8146d14..d9b1df6 100644
--- a/daap/manifests/init.pp
+++ b/daap/manifests/init.pp
@@ -19,7 +19,7 @@ class daap::server {
file { "/etc/mt-daapd.conf":
ensure => present,
source => "puppet:///files/daap/mt-daapd.conf",
- mode => 0640,
+ mode => "0640",
owner => root,
group => mt-daapd,
require => Package["mt-daapd"],
diff --git a/dhcp/manifests/init.pp b/dhcp/manifests/init.pp
index 1422827..a517541 100644
--- a/dhcp/manifests/init.pp
+++ b/dhcp/manifests/init.pp
@@ -2,42 +2,42 @@
class dhcp::server::common {
package { "dhcp":
- name => $operatingsystem ? {
+ name => $operatingsystem ? {
Debian => "dhcp3-server",
- OpenBSD => "isc-dhcp-server",
+ OpenBSD => "isc-dhcp-server",
Ubuntu => "dhcp3-server",
- default => "dhcp",
- },
- ensure => installed,
+ default => "dhcp",
+ },
+ ensure => installed,
}
file { "dhcpd.leases":
- name => $operatingsystem ? {
+ name => $operatingsystem ? {
Debian => "/var/lib/dhcp3/dhcpd.leases",
- OpenBSD => "/var/db/dhcpd.leases",
+ OpenBSD => "/var/db/dhcpd.leases",
Ubuntu => "/var/lib/dhcp3/dhcpd.leases",
- default => "/var/lib/dhcpd/dhcpd.leases",
- },
- ensure => present,
- owner => $operatingsystem ? {
+ default => "/var/lib/dhcpd/dhcpd.leases",
+ },
+ ensure => present,
+ owner => $operatingsystem ? {
debian => dhcpd,
ubuntu => dhcpd,
default => root,
},
- group => $operatingsystem ? {
+ group => $operatingsystem ? {
Debian => dhcpd,
- OpenBSD => wheel,
+ OpenBSD => wheel,
Ubuntu => dhcpd,
- default => root,
- },
- require => Package["dhcp"],
- before => Service["dhcpd"],
+ default => root,
+ },
+ require => Package["dhcp"],
+ before => Service["dhcpd"],
}
if $operatingsystem == "OpenBSD" and $operatingsystemrelease !~ /4\.[1-8]/ {
file { "/etc/rc.d/isc_dhcpd":
ensure => present,
- mode => 0555,
+ mode => "0555",
owner => "root",
group => "bin",
source => "puppet:///modules/dhcp/isc_dhcpd.rc",
@@ -55,8 +55,8 @@ class dhcp::server::common {
Ubuntu => "dhcp3-server",
default => "dhcpd",
},
- ensure => running,
- enable => true,
+ ensure => running,
+ enable => true,
binary => $operatingsystem ? {
OpenBSD => "/usr/local/sbin/dhcpd",
default => undef,
@@ -65,7 +65,7 @@ class dhcp::server::common {
OpenBSD => "/usr/local/sbin/dhcpd -q",
default => undef,
},
- require => Package["dhcp"],
+ require => Package["dhcp"],
}
}
@@ -82,7 +82,7 @@ class dhcp::server inherits dhcp::server::common {
ensure => present,
source => [ "puppet:///files/dhcp/dhcpd.conf.${fqdn}",
"puppet:///files/dhcp/dhcpd.conf", ],
- mode => 0644,
+ mode => "0644",
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
@@ -90,7 +90,7 @@ class dhcp::server inherits dhcp::server::common {
},
notify => Service["dhcpd"],
}
-
+
}
@@ -99,36 +99,68 @@ class dhcp::server::ldap inherits dhcp::server::common {
include ldap::client::python
file { "/usr/local/sbin/dhcpdump.py":
- ensure => present,
- source => "puppet:///modules/dhcp/dhcpdump.py",
- mode => 0755,
- owner => root,
- group => $operatingsystem ? {
- OpenBSD => wheel,
- default => root,
- },
+ ensure => present,
+ source => "puppet:///modules/dhcp/dhcpdump.py",
+ mode => "0755",
+ owner => root,
+ group => $operatingsystem ? {
+ OpenBSD => wheel,
+ default => root,
+ },
}
file { "/etc/dhcpd.conf.in":
- ensure => present,
- source => [ "puppet:///files/dhcp/dhcpd.conf.in.${hostname}",
- "puppet:///files/dhcp/dhcpd.conf.in", ],
- mode => 0644,
- owner => root,
- group => $operatingsystem ? {
- OpenBSD => wheel,
- default => root,
- },
- require => Package["dhcp"],
+ ensure => present,
+ source => [ "puppet:///files/dhcp/dhcpd.conf.in.${hostname}",
+ "puppet:///files/dhcp/dhcpd.conf.in", ],
+ mode => "0644",
+ owner => root,
+ group => $operatingsystem ? {
+ OpenBSD => wheel,
+ default => root,
+ },
+ require => Package["dhcp"],
}
exec { "generate-dhcp-conf":
- path => "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin",
- command => "dhcpdump.py /etc/dhcpd.conf.in* > /etc/dhcpd.conf",
- unless => "dhcpdump.py /etc/dhcpd.conf.in* | diff /etc/dhcpd.conf -",
- require => [ File["/etc/dhcpd.conf.in"],
- File["/usr/local/sbin/dhcpdump.py"], ],
- notify => Service["dhcpd"],
+ path => "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin",
+ command => "dhcpdump.py /etc/dhcpd.conf.in* > /etc/dhcpd.conf",
+ unless => "dhcpdump.py /etc/dhcpd.conf.in* | diff /etc/dhcpd.conf -",
+ require => [ File["/etc/dhcpd.conf.in"],
+ File["/usr/local/sbin/dhcpdump.py"], ],
+ notify => Service["dhcpd"],
}
}
+
+# Configure DHCP relay
+#
+# === Parameters
+#
+# $name:
+# Relay name (can be anything).
+# $interface:
+# IP address for interface to listen.
+# $server_addr:
+# Address for DHCP server to relay requests.
+#
+# === Sample usage
+#
+# dhcp::relay { "relay0": interface => "em2", server_addr => "10.20.110.11" }
+#
+
+define dhcp::relay ($interface, $server_addr) {
+ service { $name:
+ name => $name,
+ ensure => running,
+ provider => "base",
+ hasrestart => false,
+ hasstatus => false,
+ pattern => "/usr/sbin/dhcrelay -i ${interface} ${server_addr}",
+ start => $operatingsystem ? {
+ OpenBSD => "/usr/sbin/dhcrelay -i ${interface} ${server_addr}",
+ default => undef,
+ }
+ }
+}
+
diff --git a/dns/files/dnsdump.py b/dns/files/dnsdump.py
new file mode 100755
index 0000000..a7e3c13
--- /dev/null
+++ b/dns/files/dnsdump.py
@@ -0,0 +1,94 @@
+#!/usr/bin/env python
+
+import re
+import sys
+import time
+import os
+import glob
+from subprocess import Popen, PIPE
+
+# Example templates:
+#
+# --(A#(&(objectClass=ipHost)(cn=ap*.panoulu.local)(!(cn=*.*.panoulu.local)))--
+# --(PTR#(&(objectClass=ipHost)(cn=ap*.panoulu.local)(ipHostNumber=10.40.*.*)(!(cn=*.*.panoulu.local)))--
+# --(serial)--
+
+def main():
+ if len(sys.argv) != 4:
+ print >>sys.stderr, 'Usage: %s --test/--notest ' % sys.argv[0]
+ sys.exit(1)
+
+
+ for template in glob.glob(os.path.join(sys.argv[2], '*.in')):
+ infile = open(template, 'r')
+ input = infile.readlines()
+ input_string = ""
+ output = ""
+ for line in input:
+ input_string += line
+ m = re.match('([ \t]*)--(.+)--[ \t]*$', line)
+ if m is not None:
+ indent = m.group(1)
+ if (m.group(2) == "(serial)"):
+ serial = time.localtime(time.time())
+ output += '\t\t\t%s\t; serial\n' % (time.strftime("%Y%m%d%H"))
+ else:
+ for entry in ldapsearch(m.group(2)):
+ output += '%s%s\n' % (indent, entry)
+ else:
+ output += line
+ if sys.argv[1] == "--test":
+ o = open(os.path.join(sys.argv[3], os.path.basename(template[:-3])), 'r')
+ str = ""
+ for line in o.readlines():
+ str += line
+ o.close()
+ for a, b in zip(str.splitlines(), output.splitlines()):
+ if a != b:
+ if not "serial" in a:
+ print a,b
+ sys.exit(1)
+ else:
+ outfile = open(os.path.join(sys.argv[3], os.path.basename(template[:-3])), 'w')
+ outfile.write(output)
+ outfile.close()
+ infile.close()
+
+
+def ldapsearch(f):
+ filter_list = f.split("#")
+ type = filter_list[0][1:]
+ filter = filter_list[1]
+ p = Popen(['ldapsearch', '-x', '-z', '0', '-LLL', filter, 'cn', 'macAddress', 'ipHostNumber'],
+ bufsize=1024, stdout=PIPE, close_fds=True)
+ ret = []
+ cur = {}
+ for l in p.stdout.readlines():
+ l = l.strip()
+ if l == '':
+ try:
+ if (type == "A"):
+ ret.append('%s.\tA\t%s' % (
+ cur["cn"], cur["ipHostNumber"]))
+ elif type == "PTR":
+ ip_list = cur["ipHostNumber"].split(".")
+ ret.append('%s.%s.%s.%s.in-addr.arpa.\tPTR\t%s.' % (
+ ip_list[-1], ip_list[-2], ip_list[-3], ip_list[-4], cur["cn"]))
+ else:
+ raise "missing record type"
+ except KeyError:
+ print >>sys.stderr, "skipping: %s" % repr(cur)
+ cur = {}
+ continue
+ l = l.split()
+ if l[0] in ('cn:', 'macAddress:', 'ipHostNumber:'):
+ cur[l[0][0:-1]] = l[1]
+ return ret
+
+
+if __name__ == '__main__':
+ try:
+ main()
+ except KeyboardInterrupt:
+ sys.exit()
+
diff --git a/dns/files/named.conf.local b/dns/files/named.conf.local
new file mode 100644
index 0000000..cc1b8a2
--- /dev/null
+++ b/dns/files/named.conf.local
@@ -0,0 +1,2 @@
+acl trusted { localhost; localnets; };
+acl nameservers { localhost; };
diff --git a/dns/files/named.conf.options b/dns/files/named.conf.options
new file mode 100644
index 0000000..b683553
--- /dev/null
+++ b/dns/files/named.conf.options
@@ -0,0 +1,9 @@
+
+options {
+ listen-on { any; };
+ listen-on-v6 { none; };
+
+ allow-query { any; };
+ allow-recursion { trusted; };
+ allow-transfer { nameservers; };
+};
diff --git a/dns/manifests/init.pp b/dns/manifests/init.pp
index e6cba45..ee3ec43 100644
--- a/dns/manifests/init.pp
+++ b/dns/manifests/init.pp
@@ -6,37 +6,52 @@ class dns::server {
package { "bind":
name => $operatingsystem ? {
"ubuntu" => "bind9",
+ "centos" => $operatingsystemrelease ? {
+ /^5\..*/ => [ "bind-chroot", "caching-nameserver", ],
+ default => "bind-chroot",
+ },
default => "bind-chroot",
}
}
}
+ # first set per os paths
case $operatingsystem {
"fedora": {
- $chroot = ""
$confdir = "/etc/named"
}
"centos": {
case $operatingsystemrelease {
/^5\..*/: {
$chroot = "/var/named/chroot"
- $confdir = "/etc"
}
default: {
- $chroot = ""
$confdir = "/etc/named"
}
}
}
"ubuntu": {
- $chroot = ""
$confdir = "/etc/bind"
+ $config = "${confdir}/named.conf"
+ $rndckey = "${confdir}/rndc.key"
}
- default: {
+ "openbsd": {
$chroot = "/var/named"
- $confdir = "/etc"
}
}
+ # if some var is not set use default value
+ if !$confdir {
+ $confdir = "/etc"
+ }
+ if !$config {
+ $config = "/etc/named.conf"
+ }
+ if !$rndckey {
+ $rndckey = "/etc/rndc.key"
+ }
+ if !$chroot {
+ $chroot = ""
+ }
case $operatingsystem {
"ubuntu": {
@@ -47,9 +62,9 @@ class dns::server {
}
}
- file { "${chroot}${confdir}/rndc.key":
+ file { "${chroot}${rndckey}":
ensure => present,
- mode => 0640,
+ mode => "0640",
owner => "root",
group => $group,
require => $operatingsystem ? {
@@ -63,12 +78,13 @@ class dns::server {
default => "rndc-confgen -r /dev/urandom -a -t ${chroot}",
},
path => "/bin:/usr/bin:/sbin:/usr/sbin",
- unless => "test -s ${chroot}${confdir}/rndc.key",
- require => File["${chroot}${confdir}/rndc.key"],
+ unless => "test -s ${chroot}${rndckey}",
+ require => File["${chroot}${rndckey}"],
}
if "${chroot}" != "" {
file { "/etc/rndc.key":
- ensure => "${chroot}${confdir}/rndc.key",
+ ensure => link,
+ target => "${chroot}${rndckey}",
owner => "root",
group => $group,
require => Exec["rndc-confgen"],
@@ -94,54 +110,108 @@ class dns::server {
require => Exec["rndc-confgen"],
}
- case $operatingsystem {
- "ubuntu": {
- $ipaddr = $dns_listener_ipaddr
- file { "${chroot}${confdir}/named.conf.local":
- ensure => present,
- content => template("dns/named.conf.local.erb"),
- mode => 0640,
- owner => "root",
- group => $group,
- require => Package["bind"],
- notify => Service["named"],
- }
- file { "${chroot}${confdir}/named.conf.options":
- ensure => present,
- content => template("dns/named.conf.options.erb"),
- mode => 0640,
- owner => "root",
- group => $group,
- require => Package["bind"],
- notify => Service["named"],
- }
- }
- default: {
- file { "named.conf":
- path => $operatingsystem ? {
- "centos" => $operatingsystemrelease ? {
- /^5\..*/ => "${chroot}${confdir}/named.conf",
- default => "/etc/named.conf",
- },
- "fedora" => "/etc/named.conf",
- default => "${chroot}${confdir}/named.conf",
- },
- ensure => present,
- source => [ "puppet:///files/dns/named.conf.${fqdn}",
- "puppet:///files/dns/named.conf", ],
- mode => 0640,
- owner => "root",
- group => $group,
- require => $operatingsystem ? {
- openbsd => undef,
- default => Package["bind"],
- },
- notify => Service["named"],
- }
- }
+ file { "named.conf":
+ ensure => present,
+ path => "${chroot}${config}",
+ mode => "0640",
+ owner => "root",
+ group => $group,
+ require => $operatingsystem ? {
+ "openbsd" => undef,
+ default => Package["bind"],
+ },
+ notify => Exec["generate-named-conf"],
+ }
+ file { "/usr/local/sbin/generate-named-conf.sh":
+ ensure => present,
+ content => template("dns/generate-named-conf.sh.erb"),
+ mode => "0755",
+ owner => "root",
+ group => $operatingsystem ? {
+ "openbsd" => "wheel",
+ default => "root",
+ },
+ notify => Exec["generate-named-conf"],
+ }
+ exec { "generate-named-conf":
+ command => "/usr/local/sbin/generate-named-conf.sh > ${chroot}${config}",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ user => "root",
+ refreshonly => true,
+ require => File["/usr/local/sbin/generate-named-conf.sh"],
+ notify => Service["named"],
+ }
+
+ file { "${chroot}${confdir}/named.conf.options":
+ ensure => present,
+ source => [ "puppet:///files/dns/named.conf.options.${fqdn}",
+ "puppet:///files/dns/named.conf.options",
+ "puppet:///modules/dns/named.conf.options", ],
+ mode => "0640",
+ owner => "root",
+ group => $group,
+ require => $operatingsystem ? {
+ "openbsd" => undef,
+ default => Package["bind"],
+ },
+ notify => Service["named"],
+ }
+
+ file { "${chroot}${confdir}/named.conf.local":
+ ensure => present,
+ source => [ "puppet:///files/dns/named.conf.local.${fqdn}",
+ "puppet:///files/dns/named.conf.local",
+ "puppet:///modules/dns/named.conf.local", ],
+ mode => "0640",
+ owner => "root",
+ group => $group,
+ require => $operatingsystem ? {
+ "openbsd" => undef,
+ default => Package["bind"],
+ },
+ notify => Service["named"],
}
}
+# Generate named config from LDAP
+#
+# Usage:
+#
+# Put templates you want to generate to master.in directory.
+# See dnsdump.py for example template tags.
+
+class dns::server::ldap inherits dns::server {
+
+ include ldap::client::python
+
+ file { "/usr/local/sbin/dnsdump.py":
+ ensure => present,
+ source => "puppet:///modules/dns/dnsdump.py",
+ mode => 0755,
+ owner => root,
+ group => $operatingsystem ? {
+ OpenBSD => wheel,
+ default => root,
+ },
+ }
+
+ file { "/var/named/master.in":
+ ensure => directory,
+ source => "puppet:///files/dns/master.in",
+ recurse => true,
+ mode => 0755,
+ owner => root,
+ purge => true,
+ }
+
+ exec { "generate-dns-conf":
+ path => "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin",
+ command => "dnsdump.py --notest /var/named/master.in /var/named/master",
+ require => File["/usr/local/sbin/dnsdump.py"],
+ unless => "dnsdump.py --test /var/named/master.in /var/named/master",
+ notify => Service["named"]
+ }
+}
# Configure DNS zone.
#
@@ -152,13 +222,16 @@ class dns::server {
# $role:
# The role {master, slave} of this host.
# $master:
-# IP address and FQDN or hostname of the DNS master for this zone.
+# IP address of DNS master for this zone if role is slave.
+# IP address and FQDN of DNS master for this zone if running as
+# master and using autogenerated zone.
# $slaves:
# IP addresess and host names of the DNS slaves for this zone.
+# Required only when using autogenrated zones.
# $source:
# Source file to use for zone. Defaults to auto.
#
-define dns::zone($role = "master", $master = [], $slaves = [], $source = "AUTO") {
+define dns::zone($role = "master", $master = "", $slaves = [], $source = "AUTO") {
$zone = $name
case $role {
@@ -176,6 +249,9 @@ define dns::zone($role = "master", $master = [], $slaves = [], $source = "AUTO")
}
}
"slave": {
+ if $master == "" {
+ fail("No master defined for dns::zone '${name}'")
+ }
case $operatingsystem {
"openbsd": {
$zonedir = "/slave"
@@ -197,35 +273,35 @@ define dns::zone($role = "master", $master = [], $slaves = [], $source = "AUTO")
file { "${dns::server::chroot}${dns::server::confdir}/zone.${zonefile}":
ensure => present,
content => template("dns/zone.$role.erb"),
- mode => 0640,
+ mode => "0640",
owner => "root",
group => $dns::server::group,
require => $operatingsystem ? {
"openbsd" => undef,
default => Package["bind"],
},
- notify => Service["named"],
+ notify => Exec["generate-named-conf"],
}
- if $role == "master" {
+ if $role == "master" and $zone != "." {
if $source != "AUTO" {
file { "${dns::server::chroot}${zonedir}/db.${zonefile}":
ensure => present,
source => $source,
- mode => 0640,
+ mode => "0640",
owner => "root",
group => $dns::server::group,
require => $operatingsystem ? {
"openbsd" => undef,
default => Package["bind"],
},
- notify => Service["named"],
+ notify => Exec["generate-named-conf"],
}
} else {
file { "${dns::server::chroot}${zonedir}/db.${zonefile}":
ensure => present,
content => template("dns/db.erb"),
- mode => 0640,
+ mode => "0640",
owner => "root",
group => $dns::server::group,
require => $operatingsystem ? {
@@ -238,7 +314,7 @@ define dns::zone($role = "master", $master = [], $slaves = [], $source = "AUTO")
ensure => present,
source => [ "puppet:///files/dns/db.${zonefile}-dynamic.${homename}",
"puppet:///modules/dns/empty", ],
- mode => 0640,
+ mode => "0640",
owner => "root",
group => $dns::server::group,
require => $operatingsystem ? {
@@ -251,7 +327,7 @@ define dns::zone($role = "master", $master = [], $slaves = [], $source = "AUTO")
ensure => present,
source => [ "puppet:///files/dns/db.${zonefile}-static.${homename}",
"puppet:///modules/dns/empty", ],
- mode => 0640,
+ mode => "0640",
owner => "root",
group => $dns::server::group,
require => $operatingsystem ? {
@@ -291,7 +367,7 @@ class dns::nsupdate {
file { "/usr/local/sbin/nsupdate.sh":
ensure => present,
content => template("dns/nsupdate.sh.erb"),
- mode => 0700,
+ mode => "0700",
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
@@ -305,5 +381,5 @@ class dns::nsupdate {
minute => "*/5",
require => File["/usr/local/sbin/nsupdate.sh"],
}
-
+
}
diff --git a/dns/templates/generate-named-conf.sh.erb b/dns/templates/generate-named-conf.sh.erb
new file mode 100644
index 0000000..53daf33
--- /dev/null
+++ b/dns/templates/generate-named-conf.sh.erb
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+chroot="<%= chroot %>"
+confdir="<%= confdir %>"
+operatingsystem="<%= operatingsystem %>"
+
+cat <
- <%= network %>;
-<% end -%>
- localhost;
-};
-
-<% dns_zones.each do |zone| -%>
- <% if zone.match(/\//) %>
- include "/etc/bind/zone.<%= zone.sub(/\//, '-') %>";
- <% else %>
- include "/etc/bind/zone.<%= zone %>";
- <% end -%>
-<% end -%>
-
-// Consider adding the 1918 zones here, if they are not used in your
-// organization
-//include "/etc/bind/zones.rfc1918";
-
diff --git a/dns/templates/named.conf.options.erb b/dns/templates/named.conf.options.erb
deleted file mode 100644
index adbc1ba..0000000
--- a/dns/templates/named.conf.options.erb
+++ /dev/null
@@ -1,30 +0,0 @@
-options {
- listen-on { any; };
- listen-on-v6 { none; };
- allow-transfer { xfer; };
- allow-recursion {
- trusted;
- };
- # recursion yes;
- directory "/var/cache/bind";
- // If there is a firewall between you and nameservers you want
- // to talk to, you might need to uncomment the query-source
- // directive below. Previous versions of BIND always asked
- // questions using port 53, but BIND 8.1 and later use an unprivileged
- // port by default.
-
- // query-source address * port 53;
-
- // If your ISP provided one or more IP addresses for stable
- // nameservers, you probably want to use them as forwarders.
- // Uncomment the following block, and insert the addresses replacing
- // the all-0's placeholder.
-
- // forwarders {
- // 0.0.0.0;
- // };
-
- auth-nxdomain no; # conform to RFC1035
- version ""; // remove this to allow version queries
-};
-
diff --git a/dns/templates/zone.master.erb b/dns/templates/zone.master.erb
index 942b498..a85ded6 100644
--- a/dns/templates/zone.master.erb
+++ b/dns/templates/zone.master.erb
@@ -1,14 +1,20 @@
zone "<%= zone %>" {
type master;
- <% if zone.match(/\//) %>
+<% if zone.match(/\//) -%>
file "<%= zonedir %>/db.<%= zone.sub(/\//, '-') %>";
- <% else %>
+<% else -%>
file "<%= zonedir %>/db.<%= zone %>";
- <% end -%>
+<% end -%>
allow-transfer {
- <% slaves.each_pair do |k, v| -%>
+<% if slaves != [] -%>
+<% slaves.each_pair do |k, v| -%>
<%= v['ip'] %>;
- <% end -%>
+<% end -%>
+<% else -%>
+ nameservers;
+<% end -%>
+ };
+ allow-update {
+ none;
};
- allow-update { none; };
};
diff --git a/dns/templates/zone.slave.erb b/dns/templates/zone.slave.erb
index 87e34e5..f8a3c2f 100644
--- a/dns/templates/zone.slave.erb
+++ b/dns/templates/zone.slave.erb
@@ -1,12 +1,10 @@
zone "<%= zone %>" {
type slave;
- <% if zone.match(/\//) %>
+<% if zone.match(/\//) %>
file "<%= zonedir %>/db.<%= zone.sub(/\//, '-') %>";
- <% else %>
+<% else -%>
file "<%= zonedir %>/db.<%= zone %>";
- <% end -%>
- <% master.each_pair do |k, v| -%>
- masters { <%= v['ip'] %>; };
- <% end -%>
+<% end -%>
+ masters { <%= master %>; };
allow-transfer { none; };
};
diff --git a/dovecot/manifests/init.pp b/dovecot/manifests/init.pp
index deb1efd..ddfe4b1 100644
--- a/dovecot/manifests/init.pp
+++ b/dovecot/manifests/init.pp
@@ -46,9 +46,9 @@ class dovecot::server inherits dovecot::common {
file { "$dovecot_ssl_dir/private/dovecot.csr":
ensure => present,
source => $dovecot_ssl_csr,
- mode => 0640,
- owner => root,
- group => root,
+ mode => "0640",
+ owner => "root",
+ group => "root",
notify => Service["dovecot"],
}
}
@@ -57,9 +57,9 @@ class dovecot::server inherits dovecot::common {
file { "$dovecot_ssl_dir/certs/dovecot.ca.crt":
ensure => present,
source => $dovecot_ssl_ca,
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
notify => Service["dovecot"],
}
}
@@ -68,9 +68,9 @@ class dovecot::server inherits dovecot::common {
file { "$dovecot_ssl_dir/certs/dovecot.crt":
ensure => present,
source => $dovecot_ssl_cert,
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
notify => Service["dovecot"],
}
} else {
@@ -81,9 +81,9 @@ class dovecot::server inherits dovecot::common {
file { "$dovecot_ssl_dir/private/dovecot.key":
ensure => present,
source => $dovecot_ssl_key,
- mode => 0600,
- owner => root,
- group => root,
+ mode => "0600",
+ owner => "root",
+ group => "root",
notify => Service["dovecot"],
}
} else {
@@ -93,10 +93,10 @@ class dovecot::server inherits dovecot::common {
file { "/etc/dovecot.conf":
ensure => present,
content => template("dovecot/dovecot.conf.erb"),
- mode => 0644,
- owner => root,
- group => root,
- notify => Service["dovecot"],
+ mode => "0644",
+ owner => "root",
+ group => "root",
+ notify => Service["dovecot"],
}
}
diff --git a/ejabberd/manifests/init.pp b/ejabberd/manifests/init.pp
index f82d7b0..b5a5112 100644
--- a/ejabberd/manifests/init.pp
+++ b/ejabberd/manifests/init.pp
@@ -26,7 +26,7 @@ class ejabberd {
realize(User["ejabberd"], Group["ejabberd"])
if !$ejabberd_hosts {
- $ejabberd_hosts = [ "${homename}" ]
+ $ejabberd_hosts = [ $homename ]
}
if !$ejabberd_admin {
$ejabberd_admin = []
@@ -55,26 +55,26 @@ class ejabberd {
file { "${cert_prefix}/private/ejabberd.key":
ensure => present,
source => $ejabberd_ssl_key,
- mode => 0600,
- owner => root,
- group => root,
+ mode => "0600",
+ owner => "root",
+ group => "root",
notify => Exec["generate-ejabberd-pem"],
}
file { "${cert_prefix}/certs/ejabberd.crt":
ensure => present,
source => $ejabberd_ssl_cert,
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
notify => Exec["generate-ejabberd-pem"],
}
if $ejabberd_ssl_chain {
file { "${cert_prefix}/certs/ejabberd.chain.crt":
ensure => present,
source => $ejabberd_ssl_chain,
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
notify => Exec["generate-ejabberd-pem"],
}
$cert_files = "private/ejabberd.key certs/ejabberd.crt certs/ejabberd.chain.crt"
@@ -94,7 +94,7 @@ class ejabberd {
file { "/etc/ejabberd/ejabberd.pem":
ensure => present,
- mode => 0640,
+ mode => "0640",
owner => "root",
group => "ejabberd",
require => Package["ejabberd"],
@@ -102,7 +102,7 @@ class ejabberd {
file { "/etc/ejabberd/ejabberd.cfg":
ensure => present,
- mode => 0640,
+ mode => "0640",
owner => "root",
group => "ejabberd",
content => template("ejabberd/ejabberd.cfg.erb"),
@@ -121,14 +121,14 @@ class ejabberd {
if $ejabberd_webhosts {
file { "/var/www/jabber":
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => "root",
group => "root",
}
file { "/var/www/jabber/.htaccess":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
source => "puppet:///modules/ejabberd/htaccess",
@@ -181,7 +181,7 @@ class ejabberd::collab inherits ejabberd {
}
file { "/usr/local/src/${ejabberd_package}":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
source => "puppet:///files/packages/${ejabberd_package}",
@@ -213,19 +213,19 @@ class ejabberd::backup {
$ejabberd_backup_datadir = "/srv/ejabberd-backup"
}
- file { "${ejabberd_backup_datadir}":
+ file { $ejabberd_backup_datadir:
ensure => directory,
- mode => 0700,
- owner => root,
- group => root,
+ mode => "0700",
+ owner => "root",
+ group => "root",
}
file { "/usr/local/sbin/ejabberd-backup":
ensure => present,
content => template("ejabberd/ejabberd-backup.erb"),
- mode => 0755,
- owner => root,
- group => root,
+ mode => "0755",
+ owner => "root",
+ group => "root",
}
cron { "ejabberd-backup":
@@ -234,7 +234,7 @@ class ejabberd::backup {
user => "root",
minute => 15,
hour => 21,
- require => File[ "${ejabberd_backup_datadir}",
+ require => File[ $ejabberd_backup_datadir,
"/usr/local/sbin/ejabberd-backup" ],
}
diff --git a/firewall/manifests/init.pp b/firewall/manifests/init.pp
index 773f39b..4b4f5f3 100644
--- a/firewall/manifests/init.pp
+++ b/firewall/manifests/init.pp
@@ -91,9 +91,9 @@ class firewall::common::iptables {
default => "/etc/sysconfig/iptables",
},
ensure => present,
- mode => 0600,
- owner => root,
- group => root,
+ mode => "0600",
+ owner => "root",
+ group => "root",
require => Package["iptables"],
notify => Service["iptables"],
}
@@ -103,9 +103,9 @@ class firewall::common::iptables {
$ip6states = versioncmp($kernelversion, "2.6.20")
file { "/etc/sysconfig/ip6tables":
ensure => present,
- mode => 0600,
- owner => root,
- group => root,
+ mode => "0600",
+ owner => "root",
+ group => "root",
require => Package["iptables"],
notify => Service["ip6tables"],
}
@@ -177,9 +177,9 @@ class firewall::common::pf {
file { "/etc/pf.conf":
ensure => present,
- mode => 0600,
- owner => root,
- group => wheel,
+ mode => "0600",
+ owner => "root",
+ group => "wheel",
notify => Exec["pfctl -f /etc/pf.conf"],
}
diff --git a/func/manifests/init.pp b/func/manifests/init.pp
index 8bc822f..c809e5c 100644
--- a/func/manifests/init.pp
+++ b/func/manifests/init.pp
@@ -9,41 +9,41 @@ class func::minion {
ensure => present,
source => [ "puppet:///files/func/minion.conf",
"puppet:///modules/func/minion.conf", ],
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
require => Package["func"],
notify => Service["funcd"],
}
-
+
file { "/etc/pki/certmaster/${hostname}.pem":
ensure => present,
source => "${puppet_ssldir}/private_keys/${fqdn}.pem",
- mode => 0600,
- owner => root,
- group => root,
+ mode => "0600",
+ owner => "root",
+ group => "root",
require => Package["func"],
notify => Service["funcd"],
}
file { "/etc/pki/certmaster/${hostname}.cert":
ensure => present,
source => "${puppet_ssldir}/certs/${fqdn}.pem",
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
require => Package["func"],
notify => Service["funcd"],
}
file { "/etc/pki/certmaster/ca.cert":
ensure => present,
source => "${puppet_ssldir}/certs/ca.pem",
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
require => Package["func"],
notify => Service["funcd"],
}
-
+
service { "funcd":
ensure => running,
enable => true,
@@ -56,9 +56,9 @@ class func::server inherits func::minion {
file { "/etc/pki/certmaster/ca":
ensure => directory,
- mode => 0750,
- owner => root,
- group => sysadm,
+ mode => "0750",
+ owner => "root",
+ group => "sysadm",
}
exec { "umask 077; openssl rsa -in ${puppet_ssldir}/ca/ca_key.pem -out /etc/pki/certmaster/ca/certmaster.key -passin file:${puppet_ssldir}/ca/private/ca.pass":
path => "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin",
@@ -68,17 +68,17 @@ class func::server inherits func::minion {
file { "/etc/pki/certmaster/ca/certmaster.crt":
ensure => present,
source => "${puppet_ssldir}/ca/ca_crt.pem",
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
require => File["/etc/pki/certmaster/ca"],
}
file { "/var/lib/certmaster/certmaster":
ensure => directory,
- mode => 0755,
- owner => root,
- group => root,
+ mode => "0755",
+ owner => "root",
+ group => "root",
}
file { "/var/lib/certmaster/certmaster/certs":
ensure => link,
@@ -89,10 +89,10 @@ class func::server inherits func::minion {
ensure => present,
source => [ "puppet:///files/func/certmaster.conf",
"puppet:///modules/func/certmaster.conf", ],
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
require => Package["func"],
}
-
+
}
diff --git a/git/manifests/init.pp b/git/manifests/init.pp
index 46763c8..13b6910 100644
--- a/git/manifests/init.pp
+++ b/git/manifests/init.pp
@@ -8,7 +8,7 @@ class git::client {
"ubuntu" => "git-core",
default => "git",
},
- ensure => installed,
+ ensure => installed,
}
}
@@ -26,23 +26,23 @@ class git::server {
include git::client
if $git_datadir {
- file { "${git_datadir}":
+ file { $git_datadir:
ensure => directory,
- mode => 0755,
- owner => root,
- group => root,
+ mode => "0755",
+ owner => "root",
+ group => "root",
}
file { "/srv/git":
ensure => link,
- target => "${git_datadir}",
- require => File["${git_datadir}"],
+ target => $git_datadir,
+ require => File[$git_datadir],
}
} else {
file { "/srv/git":
ensure => directory,
- mode => 0755,
- owner => root,
- group => root,
+ mode => "0755",
+ owner => "root",
+ group => "root",
seltype => "httpd_sys_content_t",
}
}
@@ -55,7 +55,7 @@ class git::server {
if $git_datadir {
selinux::manage_fcontext { "${git_datadir}(/.*)?":
type => "httpd_sys_content_t",
- before => File["${git_datadir}"],
+ before => File[$git_datadir],
}
}
}
@@ -108,9 +108,9 @@ class git::gitweb inherits git::server {
source => [ "puppet:///files/git/gitweb_config.perl.${fqdn}",
"puppet:///files/git/gitweb_config.perl",
"puppet:///modules/git/gitweb_config.perl", ],
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
require => Package["gitweb"],
}
diff --git a/hastymail/manifests/init.pp b/hastymail/manifests/init.pp
index c4044ab..2ae8b10 100644
--- a/hastymail/manifests/init.pp
+++ b/hastymail/manifests/init.pp
@@ -12,7 +12,7 @@ class hastymail {
file { "/usr/local/src/hastymail.tar.gz":
ensure => present,
source => "puppet:///files/packages/$hastymail_package",
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
links => follow,
@@ -26,17 +26,17 @@ class hastymail {
file { "/etc/hastymail2":
ensure => directory,
- mode => 0750,
+ mode => "0750",
owner => "root",
- group => "${apache::sslserver::group}",
+ group => $apache::sslserver::group,
}
file { "/etc/hastymail2/hastymail2.conf":
ensure => present,
source => [ "puppet:///private/hastymail2.conf",
"puppet:///files/mail/hastymail2.conf", ],
- mode => 0640,
+ mode => "0640",
owner => "root",
- group => "${apache::sslserver::group}",
+ group => $apache::sslserver::group,
require => File["/etc/hastymail2"],
}
exec { "rm /etc/hastymail2/hastymail2.rc && php /usr/local/share/hastymail/install_scripts/install_config.php /etc/hastymail2/hastymail2.conf /etc/hastymail2/hastymail2.rc":
@@ -48,9 +48,9 @@ class hastymail {
}
file { "/etc/hastymail2/hastymail2.rc":
ensure => present,
- mode => 0640,
- owner => "root",
- group => "${apache::sslserver::group}",
+ mode => "0640",
+ owner => "root",
+ group => $apache::sslserver::group,
}
}
diff --git a/ifstated/manifests/init.pp b/ifstated/manifests/init.pp
index 7a9416a..14dcc5f 100644
--- a/ifstated/manifests/init.pp
+++ b/ifstated/manifests/init.pp
@@ -8,9 +8,9 @@ class ifstated {
source => [ "puppet:///private/ifstated.conf",
"puppet:///files/firewall/ifstated.conf.${fqdn}",
"puppet:///files/firewall/ifstated.conf", ],
- mode => 0644,
- owner => root,
- group => wheel,
+ mode => "0644",
+ owner => "root",
+ group => "wheel",
notify => Service["ifstated"],
}
diff --git a/inetd/manifests/init.pp b/inetd/manifests/init.pp
index 56d89c7..575b0c1 100644
--- a/inetd/manifests/init.pp
+++ b/inetd/manifests/init.pp
@@ -6,15 +6,15 @@
class inetd::server {
case $operatingsystem {
- centos,fedora,ubuntu,debian: {
- include inetd::server::xinetd
- }
- openbsd: {
- include inetd::server::inetd
- }
- default: {
- fail("Inetd module not supported in ${operatingsystem}")
- }
+ centos,fedora,ubuntu,debian: {
+ include inetd::server::xinetd
+ }
+ openbsd: {
+ include inetd::server::inetd
+ }
+ default: {
+ fail("Inetd module not supported in ${operatingsystem}")
+ }
}
}
@@ -29,13 +29,13 @@ class inetd::server {
class inetd::server::xinetd {
package { "xinetd":
- ensure => installed,
+ ensure => installed,
}
service { "xinetd":
- ensure => running,
- enable => true,
- require => Package["xinetd"],
+ ensure => running,
+ enable => true,
+ require => Package["xinetd"],
}
}
@@ -75,15 +75,15 @@ class inetd::server::inetd {
define inetd::service($ensure = present) {
case $operatingsystem {
- centos,fedora,ubuntu,debian: {
- service { "${name}":
- enable => $ensure ? {
- present => true,
- absent => false,
- },
- notify => Service["xinetd"],
- }
- }
+ centos,fedora,ubuntu,debian: {
+ service { $name:
+ enable => $ensure ? {
+ present => true,
+ absent => false,
+ },
+ notify => Service["xinetd"],
+ }
+ }
openbsd: {
exec { "enable-inetd-${name}":
command => $ensure ? {
@@ -98,9 +98,9 @@ define inetd::service($ensure = present) {
notify => Service["inetd"],
}
}
- default: {
- fail("Inetd module not supported in ${operatingsystem}")
- }
+ default: {
+ fail("Inetd module not supported in ${operatingsystem}")
+ }
}
}
diff --git a/irc/manifests/init.pp b/irc/manifests/init.pp
index 952b686..a72e920 100644
--- a/irc/manifests/init.pp
+++ b/irc/manifests/init.pp
@@ -8,9 +8,9 @@ class irc::server {
file { "/var/lib/ratbox":
ensure => directory,
- owner => irc,
- group => irc,
- mode => 0700,
+ owner => "irc",
+ group => "irc",
+ mode => "0700",
require => Package["ircd-ratbox"],
}
@@ -27,9 +27,9 @@ class irc::services inherits irc::server {
file { "/var/lib/ratbox-services":
ensure => directory,
- owner => irc,
- group => irc,
- mode => 0700,
+ owner => "irc",
+ group => "irc",
+ mode => "0700",
require => Package["ircd-ratbox", "ratbox-services-sqlite"],
}
@@ -46,17 +46,17 @@ define irc::network($desc, $servername, $serverdesc,
file { "/var/lib/ratbox/${name}":
ensure => directory,
- owner => irc,
- group => irc,
- mode => 0700,
+ owner => "irc",
+ group => "irc",
+ mode => "0700",
require => File["/var/lib/ratbox"],
}
file { "/var/lib/ratbox/${name}/ircd.conf":
ensure => present,
- mode => 0600,
- owner => irc,
- group => irc,
+ mode => "0600",
+ owner => "irc",
+ group => "irc",
content => $services ? {
true => template("irc/ircd-ratbox.conf.erb", "irc/ircd-ratbox-services.conf.erb"),
false => template("irc/ircd-ratbox.conf.erb"),
@@ -67,15 +67,15 @@ define irc::network($desc, $servername, $serverdesc,
}
ssl::certificate { "/var/lib/ratbox/${name}/ircd.pem":
- cn => "${servername}",
- mode => 0600,
+ cn => $servername,
+ mode => "0600",
owner => "irc",
group => "irc",
require => File["/var/lib/ratbox/${name}"],
}
ssl::dhparam { "/var/lib/ratbox/${name}/dh.pem":
- mode => 0600,
+ mode => "0600",
owner => "irc",
group => "irc",
require => File["/var/lib/ratbox/${name}"],
@@ -83,7 +83,7 @@ define irc::network($desc, $servername, $serverdesc,
file { "/etc/init.d/ircd-${name}":
ensure => present,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
content => template("irc/ircd-ratbox.init.erb"),
@@ -125,9 +125,9 @@ define irc::network($desc, $servername, $serverdesc,
"/var/lib/ratbox-services/${name}/var/run",
"/var/lib/ratbox-services/${name}/var/run/ratbox-services", ]:
ensure => directory,
- owner => irc,
- group => irc,
- mode => 0600,
+ owner => "irc",
+ group => "irc",
+ mode => "0600",
before => Service["ratbox-services-${name}"],
require => File["/var/lib/ratbox-services"],
}
@@ -139,9 +139,9 @@ define irc::network($desc, $servername, $serverdesc,
file { "/var/lib/ratbox-services/${name}/etc/ratbox-services/ratbox-services.conf":
ensure => present,
- mode => 0600,
- owner => irc,
- group => irc,
+ mode => "0600",
+ owner => "irc",
+ group => "irc",
content => template("irc/ratbox-services.conf.erb"),
before => Service["ratbox-services-${name}"],
notify => Service["ratbox-services-${name}"],
@@ -150,9 +150,9 @@ define irc::network($desc, $servername, $serverdesc,
file { "/var/lib/ratbox-services/${name}/etc/ratbox-services/ratbox-services.db":
ensure => present,
- mode => 0600,
- owner => irc,
- group => irc,
+ mode => "0600",
+ owner => "irc",
+ group => "irc",
source => "/etc/ratbox-services/ratbox-services.db",
replace => false,
before => Service["ratbox-services-${name}"],
@@ -161,9 +161,9 @@ define irc::network($desc, $servername, $serverdesc,
file { "/etc/init.d/ratbox-services-${name}":
ensure => present,
- mode => 0755,
- owner => root,
- group => root,
+ mode => "0755",
+ owner => "root",
+ group => "root",
content => template("irc/ratbox-services.init.erb"),
before => Service["ratbox-services-${name}"],
notify => Exec["enable-ratbox-services-${name}"],
diff --git a/iscsi/manifests/init.pp b/iscsi/manifests/init.pp
index 26f021a..8e78887 100644
--- a/iscsi/manifests/init.pp
+++ b/iscsi/manifests/init.pp
@@ -4,39 +4,39 @@
class iscsi::server {
package { "scsi-target-utils":
- ensure => installed,
+ ensure => installed,
}
service { "tgtd":
- ensure => running,
- enable => true,
- require => Package["scsi-target-utils"],
+ ensure => running,
+ enable => true,
+ require => Package["scsi-target-utils"],
}
file { "/etc/tgt/targets.conf":
- ensure => present,
- source => [ "puppet:///files/iscsi/targets.conf.${fqdn}",
- "puppet:///files/iscsi/targets.conf",
- "puppet:///modules/iscsi/targets.conf", ],
- mode => 0600,
- owner => root,
- group => root,
- require => Package["scsi-target-utils"],
+ ensure => present,
+ source => [ "puppet:///files/iscsi/targets.conf.${fqdn}",
+ "puppet:///files/iscsi/targets.conf",
+ "puppet:///modules/iscsi/targets.conf", ],
+ mode => "0600",
+ owner => root,
+ group => root,
+ require => Package["scsi-target-utils"],
}
file { "/etc/tgt/target.d":
- ensure => directory,
- mode => 0700,
- owner => root,
- group => root,
- require => Package["scsi-target-utils"],
+ ensure => directory,
+ mode => "0700",
+ owner => root,
+ group => root,
+ require => Package["scsi-target-utils"],
}
exec { "iscsi-refresh":
- command => "tgt-admin -e",
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- onlyif => "tgt-admin -e -p | egrep '^tgtadm '",
- require => Service["tgtd"],
+ command => "tgt-admin -e",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ onlyif => "tgt-admin -e -p | egrep '^tgtadm '",
+ require => Service["tgtd"],
}
}
@@ -74,24 +74,24 @@ define iscsi::target($tid, $initiator = "ALL", $ensure = "present") {
$iqn = sprintf("iqn.2005-08.tgt:%s%s", $hostname, regsubst($name, "/", ".", "G"))
case $ensure {
- "present": {
- file { "/etc/tgt/target.d/${tid}.conf":
- ensure => present,
- content => template("iscsi/tid.conf.erb"),
- mode => 0600,
- owner => root,
- group => root,
- require => File["/etc/tgt/target.d"],
- before => Exec["iscsi-refresh"],
- }
-
- }
- "absent": {
- file { "/etc/tgt/target.d/${tid}.conf":
- ensure => absent,
- before => Exec["iscsi-refresh"],
- }
- }
+ "present": {
+ file { "/etc/tgt/target.d/${tid}.conf":
+ ensure => present,
+ content => template("iscsi/tid.conf.erb"),
+ mode => "0600",
+ owner => root,
+ group => root,
+ require => File["/etc/tgt/target.d"],
+ before => Exec["iscsi-refresh"],
+ }
+
+ }
+ "absent": {
+ file { "/etc/tgt/target.d/${tid}.conf":
+ ensure => absent,
+ before => Exec["iscsi-refresh"],
+ }
+ }
}
}
@@ -102,13 +102,13 @@ define iscsi::target($tid, $initiator = "ALL", $ensure = "present") {
class iscsi::initiator {
package { "iscsi-initiator-utils":
- ensure => installed,
+ ensure => installed,
}
service { "iscsid":
- ensure => running,
- enable => true,
- require => Package["iscsi-initiator-utils"],
+ ensure => running,
+ enable => true,
+ require => Package["iscsi-initiator-utils"],
}
}
@@ -133,10 +133,10 @@ define iscsi::connect($portal) {
include iscsi::initiator
exec { "iscsi-connect-${name}":
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- command => "iscsiadm --mode discovery --type sendtargets --portal ${portal} && iscsiadm --mode node --targetname ${name} --portal ${portal} --login && sleep 5",
- unless => "iscsiadm --mode session | egrep '${portal}:[0-9]*,[0-9]* ${name}'\$",
- require => Service["iscsid"],
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ command => "iscsiadm --mode discovery --type sendtargets --portal ${portal} && iscsiadm --mode node --targetname ${name} --portal ${portal} --login && sleep 5",
+ unless => "iscsiadm --mode session | egrep '${portal}:[0-9]*,[0-9]* ${name}'\$",
+ require => Service["iscsid"],
}
}
diff --git a/kerberos/manifests/init.pp b/kerberos/manifests/init.pp
index c040ba3..8ccfdd1 100644
--- a/kerberos/manifests/init.pp
+++ b/kerberos/manifests/init.pp
@@ -19,26 +19,26 @@
class kerberos::client {
case $operatingsystem {
- centos,fedora: {
- package { "krb5-workstation":
- ensure => installed,
- }
- }
+ centos,fedora: {
+ package { "krb5-workstation":
+ ensure => installed,
+ }
+ }
}
file { "krb5.conf":
- path => $operatingsystem ? {
- openbsd => "/etc/kerberosV/krb5.conf",
- default => "/etc/krb5.conf",
- },
- ensure => present,
- content => template("kerberos/krb5.conf.erb"),
- mode => 0644,
- owner => root,
- group => $operatingsystem ? {
- openbsd => wheel,
- default => root,
- },
+ path => $operatingsystem ? {
+ openbsd => "/etc/kerberosV/krb5.conf",
+ default => "/etc/krb5.conf",
+ },
+ ensure => present,
+ content => template("kerberos/krb5.conf.erb"),
+ mode => "0644",
+ owner => "root",
+ group => $operatingsystem ? {
+ openbsd => "wheel",
+ default => "root",
+ },
}
}
@@ -99,13 +99,13 @@ class kerberos::auth {
class kerberos::server inherits kerberos::client {
package { "krb5-server":
- ensure => installed,
+ ensure => installed,
}
if $kerberos_datadir {
file { $kerberos_datadir:
ensure => directory,
- mode => 0600,
+ mode => "0600",
owner => "root",
group => "root",
}
@@ -119,7 +119,7 @@ class kerberos::server inherits kerberos::client {
} else {
file { "/srv/kerberos":
ensure => directory,
- mode => 0600,
+ mode => "0600",
owner => "root",
group => "root",
}
@@ -128,7 +128,7 @@ class kerberos::server inherits kerberos::client {
file { "/var/kerberos/krb5kdc/kdc.conf":
ensure => present,
content => template("kerberos/kdc.conf.erb"),
- mode => 0600,
+ mode => "0600",
owner => "root",
group => "root",
require => [ Package["krb5-server"],
@@ -160,15 +160,15 @@ class kerberos::server inherits kerberos::client {
# $name:
# Keytab file path.
# $principals:
-# List of principals to be added into keytab
+# List of principals to be added into keytab
# $ensure:
-# Set to present to create keytab and absent to remove it
+# Set to present to create keytab and absent to remove it
# $owner:
-# Owner for keytab file
+# Owner for keytab file
# $group:
-# Group for keytab file
+# Group for keytab file
# $mode:
-# Permissions for keytab file
+# Permissions for keytab file
#
# === Sample usage
#
@@ -180,23 +180,23 @@ class kerberos::server inherits kerberos::client {
define kerberos::keytab($principals = [], $ensure = present, $owner = "root", $group = "", $mode = "0600") {
case $group {
- "": {
- case $operatingsystem {
- openbsd: { $real_group = "wheel" }
- default: { $real_group = "root" }
- }
- }
- default: {
- $real_group = $group
- }
+ "": {
+ case $operatingsystem {
+ openbsd: { $real_group = "wheel" }
+ default: { $real_group = "root" }
+ }
+ }
+ default: {
+ $real_group = $group
+ }
}
- file { "${name}":
- ensure => $ensure,
- content => template("kerberos/keytab.erb"),
- mode => "${mode}",
- owner => "${owner}",
- group => "${real_group}",
+ file { $name:
+ ensure => $ensure,
+ content => template("kerberos/keytab.erb"),
+ mode => $mode,
+ owner => $owner,
+ group => $real_group,
}
}
diff --git a/ldap/manifests/init.pp b/ldap/manifests/init.pp
index 411a9e0..5011652 100644
--- a/ldap/manifests/init.pp
+++ b/ldap/manifests/init.pp
@@ -90,7 +90,22 @@ class ldap::auth inherits ldap::client {
require => Package["nscd"],
}
}
- Ubuntu: {
+ Fedora: {
+ package { [ "sssd", "pam_ldap", ]:
+ ensure => installed,
+ }
+ exec { "authconfig --enableldap --enableldapauth --ldapserver='${ldap_uri}' --ldapbasedn='${ldap_basedn}' --enablesssd --update":
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ unless => 'cat /etc/sysconfig/authconfig | egrep "^USELDAPAUTH=yes$|^USELDAP=yes$" | wc -l | egrep "^2$"',
+ before => Service["sssd"],
+ require => Package["sssd"],
+ }
+ service { "sssd":
+ ensure => running,
+ enable => true,
+ }
+ }
+ Ubuntu: {
package { "ldap-auth-client":
ensure => installed,
}
@@ -111,23 +126,23 @@ class ldap::auth inherits ldap::client {
"set base ${ldap_basedn}",
"set nss_paged_results yes",
"set pam_password exop",
- "rm rootbinddn",
+ "rm rootbinddn",
"set ssl on", ],
onlyif => [ "get uri != '${ldap_uri}'",
"get base != ${ldap_basedn}",
"get nss_paged_results != yes",
"get pam_password != exop",
- "get rootbinddn == 'cn=manager,dc=example,dc=net'",
+ "get rootbinddn == 'cn=manager,dc=example,dc=net'",
"get ssl != on", ],
}
}
- Debian: {
+ Debian: {
package {[ "libnss-ldap",
- "libpam-ldap" ]:
+ "libpam-ldap" ]:
ensure => installed,
}
## Debian lacks some lenses. nss-ldap-conf and pam_ldap-conf needs corresponding files
-## to /usr/share/augeas/lenses/dist/spacevars.aug. More info at:
+## to /usr/share/augeas/lenses/dist/spacevars.aug. More info at:
## https://github.com/jwm/augeas/commit/8f768f45779048cbd95b5b7d71682b808d41bfd3
## There isn't lens for nsswitch.conf either. nss-ldap-conf and pam_ldap-conf are tested, nsswitch isn't.
# augeas { "nss-ldap-conf":
@@ -144,7 +159,7 @@ class ldap::auth inherits ldap::client {
# "get pam_password != exop",
# "get rootbinddn == 'cn=manager,dc=example,dc=net'",
# "get ssl != on", ],
-# require => Package["libnss-ldap"],
+# require => Package["libnss-ldap"],
# }
# augeas { "pam_ldap-conf":
# context => "/files/etc/pam_ldap.conf",
@@ -160,7 +175,7 @@ class ldap::auth inherits ldap::client {
# "get pam_password != exop",
# "get rootbinddn == 'cn=manager,dc=example,dc=net'",
# "get ssl != on", ],
-# require => Package["libpam-ldap"],
+# require => Package["libpam-ldap"],
# }
# augeas { "nsswitch-conf":
# context => "/files/etc/nsswitch.conf",
@@ -170,7 +185,7 @@ class ldap::auth inherits ldap::client {
# onlyif => [ "get passwd: != 'files ldap'",
# "get group: != 'files ldap'",
# "get shadow: != 'files ldap'", ],
-# require => [ Augeas["pam_ldap-conf"],
+# require => [ Augeas["pam_ldap-conf"],
# Augeas["nss-ldap-conf"], ],
# }
}
@@ -184,7 +199,7 @@ class ldap::auth inherits ldap::client {
file { "/etc/login.conf":
ensure => present,
content => template("ldap/login.conf.erb"),
- mode => 0644,
+ mode => "0644",
owner => root,
group => wheel,
require => [ File["/etc/openldap/ldap.conf"],
@@ -215,7 +230,7 @@ class ldap::client {
"debian" => "ldap-utils",
"ubuntu" => "ldap-utils",
"openbsd" => "openldap-client",
- default => "openldap-clients",
+ default => "openldap-clients",
},
ensure => $operatingsystem ? {
darwin => absent,
@@ -227,16 +242,16 @@ class ldap::client {
ensure => present,
content => template("ldap/ldap.conf.erb"),
path => $operatingsystem ? {
- "debian" => "/etc/ldap/ldap.conf",
- "ubuntu" => "/etc/ldap/ldap.conf",
- default => "/etc/openldap/ldap.conf",
+ "debian" => "/etc/ldap/ldap.conf",
+ "ubuntu" => "/etc/ldap/ldap.conf",
+ default => "/etc/openldap/ldap.conf",
},
- mode => 0644,
+ mode => "0644",
owner => root,
group => $operatingsystem ? {
"darwin" => wheel,
"openbsd" => wheel,
- default => root,
+ default => root,
},
require => Package["openldap-client"],
}
@@ -273,8 +288,8 @@ class ldap::client::ruby {
}
package { "ruby-ldap":
- name => $pkgname,
ensure => installed,
+ name => $pkgname,
}
}
@@ -346,14 +361,14 @@ class ldap::server {
}
package { "openldap-server":
- name => $package_name,
ensure => installed,
+ name => $package_name,
}
file { "${ssl::certs}/slapd.crt":
ensure => present,
source => $ldap_server_cert,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
@@ -365,7 +380,7 @@ class ldap::server {
file { "${ssl::private}/slapd.key":
ensure => present,
source => $ldap_server_key,
- mode => 0640,
+ mode => "0640",
owner => "root",
group => $group,
require => Package["openldap-server"],
@@ -373,10 +388,10 @@ class ldap::server {
}
file { "slapd.conf":
- path => "${config}/slapd.conf",
ensure => present,
+ path => "${config}/slapd.conf",
content => template("ldap/slapd.conf.erb"),
- mode => 0640,
+ mode => "0640",
owner => "root",
group => $group,
notify => Service["slapd"],
@@ -385,7 +400,7 @@ class ldap::server {
file { "${config}/slapd.conf.d":
ensure => directory,
source => "puppet:///modules/custom/empty",
- mode => 0750,
+ mode => "0750",
owner => "root",
group => $group,
purge => true,
@@ -398,7 +413,7 @@ class ldap::server {
file { "/etc/sysconfig/ldap":
ensure => present,
source => "puppet:///modules/ldap/ldap.sysconfig",
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
notify => Service["slapd"],
@@ -418,22 +433,22 @@ class ldap::server {
}
if $ldap_datadir {
- file { "${ldap_datadir}":
+ file { $ldap_datadir:
ensure => directory,
- mode => 0700,
+ mode => "0700",
owner => $user,
group => $group,
require => Package["openldap-server"],
}
file { "/srv/ldap":
ensure => link,
- target => "${ldap_datadir}",
- require => File["${ldap_datadir}"],
- }
- } else {
+ target => $ldap_datadir,
+ require => File[$ldap_datadir],
+ }
+ } else {
file { "/srv/ldap":
ensure => directory,
- mode => 0700,
+ mode => "0700",
owner => $user,
group => $group,
require => Package["openldap-server"],
@@ -443,7 +458,7 @@ class ldap::server {
file { "${config}/schema":
ensure => directory,
source => "puppet:///modules/custom/empty",
- mode => 0755,
+ mode => "0755",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
@@ -456,7 +471,7 @@ class ldap::server {
}
file { "${config}/slapd.conf.d/schema.conf":
ensure => present,
- mode => 0640,
+ mode => "0640",
owner => "root",
group => $group,
require => Exec["generate-slapd-schema-config"],
@@ -473,7 +488,7 @@ class ldap::server {
file { "${config}/slapd.conf.d/database.conf":
ensure => present,
- mode => 0640,
+ mode => "0640",
owner => "root",
group => $group,
require => Exec["generate-slapd-database-config"],
@@ -509,7 +524,7 @@ define ldap::server::database($aclsource = "") {
file { "${ldap::server::config}/slapd.conf.d/db.${name}.conf":
ensure => present,
content => template("ldap/slapd-database.conf.erb"),
- mode => 0640,
+ mode => "0640",
owner => "root",
group => $ldap::server::group,
notify => Exec["generate-slapd-database-config"],
@@ -525,7 +540,7 @@ define ldap::server::database($aclsource = "") {
"" => template("ldap/slapd-acl.conf.erb"),
default => undef,
},
- mode => 0640,
+ mode => "0640",
owner => "root",
group => $ldap::server::group,
notify => Service["slapd"],
@@ -536,7 +551,7 @@ define ldap::server::database($aclsource = "") {
source => [ "puppet:///files/ldap/slapd-index.conf.${name}",
"puppet:///files/ldap/slapd-index.conf",
"puppet:///modules/ldap/slapd-index.conf", ],
- mode => 0640,
+ mode => "0640",
owner => "root",
group => $ldap::server::group,
notify => Service["slapd"],
@@ -544,7 +559,7 @@ define ldap::server::database($aclsource = "") {
file { "/srv/ldap/${name}":
ensure => directory,
- mode => 0700,
+ mode => "0700",
owner => $ldap::server::user,
group => $ldap::server::group,
require => File["/srv/ldap"],
@@ -555,7 +570,7 @@ define ldap::server::database($aclsource = "") {
source => [ "puppet:///files/ldap/DB_CONFIG.${name}",
"puppet:///files/ldap/DB_CONFIG",
"puppet:///modules/ldap/DB_CONFIG", ],
- mode => 0644,
+ mode => "0644",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
@@ -587,11 +602,11 @@ define ldap::server::schema($idx = 50) {
include ldap::server
file { "${name}.schema":
- path => "${ldap::server::config}/schema/${idx}-${name}.schema",
ensure => present,
+ path => "${ldap::server::config}/schema/${idx}-${name}.schema",
source => [ "puppet:///files/ldap/${name}.schema",
"puppet:///modules/ldap/${name}.schema", ],
- mode => 0644,
+ mode => "0644",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
diff --git a/libvirt/manifests/init.pp b/libvirt/manifests/init.pp
index 681a653..88abc0e 100644
--- a/libvirt/manifests/init.pp
+++ b/libvirt/manifests/init.pp
@@ -41,7 +41,7 @@ class libvirt::kvm inherits libvirt::client {
file { "/etc/libvirt/libvirtd.conf":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
content => template("libvirt/libvirtd.conf.erb"),
diff --git a/lynx/manifests/init.pp b/lynx/manifests/init.pp
index 3286c39..3f7d5a2 100644
--- a/lynx/manifests/init.pp
+++ b/lynx/manifests/init.pp
@@ -5,7 +5,7 @@
#
# $www_default_url:
# Default starting URL.
-#
+#
class lynx {
if ! $www_default_url {
diff --git a/mercurial/manifests/init.pp b/mercurial/manifests/init.pp
index 61c5cbc..d5919e0 100644
--- a/mercurial/manifests/init.pp
+++ b/mercurial/manifests/init.pp
@@ -24,13 +24,13 @@ define mercurial::clone($source, $ensure="tip") {
exec { "hg-clone-${name}":
path => "/bin:/usr/bin:/sbin:/usr/sbin",
command => "hg -y clone -r ${ensure} ${source} ${name}",
- creates => "${name}",
+ creates => $name,
require => Package["mercurial"],
}
exec { "hg-pull-${name}":
path => "/bin:/usr/bin:/sbin:/usr/sbin",
- cwd => "${name}",
+ cwd => $name,
command => "hg -y pull -u -r ${ensure}",
onlyif => $ensure ? {
"tip" => "hg -y in",
diff --git a/minecraft/manifests/init.pp b/minecraft/manifests/init.pp
index d118c5c..757a1e6 100644
--- a/minecraft/manifests/init.pp
+++ b/minecraft/manifests/init.pp
@@ -6,7 +6,7 @@ class minecraft {
file { "/usr/local/lib/minecraft.jar":
ensure => present,
source => "puppet:///files/packages/minecraft.jar",
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
}
@@ -14,7 +14,7 @@ class minecraft {
file { "/usr/local/bin/minecraft":
ensure => present,
source => "puppet:///modules/minecraft/minecraft",
- mode => 0755,
+ mode => "0755",
owner => "root",
group => "root",
require => File["/usr/local/lib/minecraft.jar"],
diff --git a/munin/manifests/init.pp b/munin/manifests/init.pp
index f4b02a9..9de5885 100644
--- a/munin/manifests/init.pp
+++ b/munin/manifests/init.pp
@@ -2,61 +2,61 @@
# Install and configure munin node.
#
class munin::node {
-
+
package { "munin-node":
- ensure => installed,
+ ensure => installed,
}
-
+
service { "munin-node":
- name => $operatingsystem ? {
+ name => $operatingsystem ? {
OpenBSD => $operatingsystemrelease ? {
/4\.[1-8]/ => "munin-node",
default => "munin_node",
},
default => "munin-node",
},
- ensure => running,
- enable => true,
- require => Package["munin-node"],
- start => $operatingsystem ? {
- OpenBSD => $operatingsystemrelease ? {
+ ensure => running,
+ enable => true,
+ require => Package["munin-node"],
+ start => $operatingsystem ? {
+ OpenBSD => $operatingsystemrelease ? {
/4\.[1-8]/ => "/usr/bin/install -d -o _munin /var/run/munin; /usr/local/sbin/munin-node",
default => undef,
},
- default => undef,
- },
- stop => $operatingsystem ? {
- OpenBSD => "/usr/bin/pkill -f /usr/local/sbin/munin-node",
- default => undef,
- },
+ default => undef,
+ },
+ stop => $operatingsystem ? {
+ OpenBSD => "/usr/bin/pkill -f /usr/local/sbin/munin-node",
+ default => undef,
+ },
}
file { "/etc/munin/munin-node.conf":
- ensure => present,
- content => template("munin/munin-node.conf.erb"),
- owner => root,
- group => $operatingsystem ? {
- OpenBSD => wheel,
- default => root,
- },
- mode => 0644,
- require => Package["munin-node"],
- notify => Exec["munin-node-configure"],
+ ensure => present,
+ content => template("munin/munin-node.conf.erb"),
+ owner => "root",
+ group => $operatingsystem ? {
+ OpenBSD => "wheel",
+ default => "root",
+ },
+ mode => "0644",
+ require => Package["munin-node"],
+ notify => Exec["munin-node-configure"],
}
-
+
@@file { "/etc/munin/nodes.d/${homename}.conf":
- content => "[${homename}]\n address ${ipaddress}\n use_node_name yes\n",
- ensure => present,
- tag => "munin",
- notify => Exec["generate-munin-conf"],
+ ensure => present,
+ content => "[${homename}]\n address ${ipaddress}\n use_node_name yes\n",
+ tag => "munin",
+ notify => Exec["generate-munin-conf"],
}
-
+
exec { "munin-node-configure":
- command => "munin-node-configure --shell --remove-also 2>/dev/null | /bin/sh",
- path => "/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin",
- user => root,
- refreshonly => true,
- notify => Service["munin-node"],
+ command => "munin-node-configure --shell --remove-also 2>/dev/null | /bin/sh",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin",
+ user => root,
+ refreshonly => true,
+ notify => Service["munin-node"],
}
}
@@ -82,20 +82,20 @@ class munin::node {
define munin::snmpnode($snmp_community="public", $snmp_version="2") {
file { "/etc/munin/plugin-conf.d/snmp_${name}":
- content => "[snmp_${name}_*]\nenv.community ${snmp_community}\nenv.version ${snmp_version}\n",
ensure => present,
+ content => "[snmp_${name}_*]\nenv.community ${snmp_community}\nenv.version ${snmp_version}\n",
owner => root,
group => $operatingsystem ? {
OpenBSD => wheel,
default => root,
},
- mode => 0600,
+ mode => "0600",
notify => Service["munin-node"],
}
@@file { "/etc/munin/nodes.d/${name}.conf":
- content => "[${name}]\n address ${ipaddress}\n use_node_name no\n",
ensure => present,
+ content => "[${name}]\n address ${ipaddress}\n use_node_name no\n",
tag => "munin",
notify => Exec["generate-munin-conf"],
}
@@ -108,7 +108,7 @@ define munin::snmpnode($snmp_community="public", $snmp_version="2") {
# === Parameters
#
# $name:
-# Plugin name to install.
+# Plugin name to install.
# $config:
# Configuration file name associated with plugin. Defaults to none.
#
@@ -121,71 +121,71 @@ define munin::snmpnode($snmp_community="public", $snmp_version="2") {
define munin::plugin($config = "") {
case $operatingsystem {
- OpenBSD: {
- file { "/usr/local/libexec/munin/plugins/${name}":
- ensure => present,
- source => "puppet:///modules/munin/plugins/${name}",
- owner => root,
- group => wheel,
- mode => 0755,
- require => Package["munin-node"],
- }
+ OpenBSD: {
+ file { "/usr/local/libexec/munin/plugins/${name}":
+ ensure => present,
+ source => "puppet:///modules/munin/plugins/${name}",
+ owner => "root",
+ group => "wheel",
+ mode => "0755",
+ require => Package["munin-node"],
+ }
+ }
+ default: {
+ file { "/usr/share/munin/plugins/${name}":
+ ensure => present,
+ source => "puppet:///modules/munin/plugins/${name}",
+ owner => "root",
+ group => "root",
+ mode => "0755",
+ require => Package["munin-node"],
+ }
}
- default: {
- file { "/usr/share/munin/plugins/${name}":
- ensure => present,
- source => "puppet:///modules/munin/plugins/${name}",
- owner => root,
- group => root,
- mode => 0755,
- require => Package["munin-node"],
- }
- }
}
if ($config) {
- file { "/etc/munin/plugin-conf.d/${config}":
- ensure => present,
- source => [ "puppet:///files/munin/plugin-conf/${config}.${fqdn}",
- "puppet:///files/munin/plugin-conf/${config}",
- "puppet:///modules/munin/plugin-conf/${config}", ],
- owner => root,
- group => $operatingsystem ? {
- OpenBSD => wheel,
- default => root,
- },
- mode => 0644,
- notify => Service["munin-node"],
- require => $operatingsystem ? {
- OpenBSD => File["/usr/local/libexec/munin/plugins/${name}"],
- default => File["/usr/share/munin/plugins/${name}"],
+ file { "/etc/munin/plugin-conf.d/${config}":
+ ensure => present,
+ source => [ "puppet:///files/munin/plugin-conf/${config}.${fqdn}",
+ "puppet:///files/munin/plugin-conf/${config}",
+ "puppet:///modules/munin/plugin-conf/${config}", ],
+ owner => "root",
+ group => $operatingsystem ? {
+ OpenBSD => wheel,
+ default => root,
},
- }
+ mode => "0644",
+ notify => Service["munin-node"],
+ require => $operatingsystem ? {
+ OpenBSD => File["/usr/local/libexec/munin/plugins/${name}"],
+ default => File["/usr/share/munin/plugins/${name}"],
+ },
+ }
}
case $operatingsystem {
- OpenBSD: {
- exec { "munin-enable-${name}":
- command => "ln -s /usr/local/libexec/munin/plugins/${name} /etc/munin/plugins/${name}",
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- user => root,
- onlyif => [ "test ! -h /etc/munin/plugins/${name}",
- "/usr/local/libexec/munin/plugins/${name} autoconf", ],
- notify => Service["munin-node"],
- require => File["/usr/local/libexec/munin/plugins/${name}"],
- }
- }
- default: {
- exec { "munin-enable-${name}":
- command => "ln -s /usr/share/munin/plugins/${name} /etc/munin/plugins/${name}",
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- user => root,
- onlyif => [ "test ! -h /etc/munin/plugins/${name}",
- "/usr/share/munin/plugins/${name} autoconf", ],
- notify => Service["munin-node"],
- require => File["/usr/share/munin/plugins/${name}"],
- }
- }
+ OpenBSD: {
+ exec { "munin-enable-${name}":
+ command => "ln -s /usr/local/libexec/munin/plugins/${name} /etc/munin/plugins/${name}",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ user => root,
+ onlyif => [ "test ! -h /etc/munin/plugins/${name}",
+ "/usr/local/libexec/munin/plugins/${name} autoconf", ],
+ notify => Service["munin-node"],
+ require => File["/usr/local/libexec/munin/plugins/${name}"],
+ }
+ }
+ default: {
+ exec { "munin-enable-${name}":
+ command => "ln -s /usr/share/munin/plugins/${name} /etc/munin/plugins/${name}",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ user => root,
+ onlyif => [ "test ! -h /etc/munin/plugins/${name}",
+ "/usr/share/munin/plugins/${name} autoconf", ],
+ notify => Service["munin-node"],
+ require => File["/usr/share/munin/plugins/${name}"],
+ }
+ }
}
}
@@ -198,17 +198,17 @@ define munin::plugin($config = "") {
# * Storedconfigs
#
class munin::server {
-
+
package { "munin":
- ensure => installed,
+ ensure => installed,
}
-
+
if $munin_datadir {
- file { "${munin_datadir}":
+ file { $munin_datadir:
ensure => directory,
- mode => 0755,
- owner => munin,
- group => munin,
+ mode => "0755",
+ owner => "munin",
+ group => "munin",
seltype => "munin_var_lib_t",
require => Package["munin"],
}
@@ -220,19 +220,19 @@ class munin::server {
}
file { "/var/lib/munin":
- ensure => "${munin_datadir}",
+ ensure => $munin_datadir,
force => true,
backup => ".orig",
- require => File["${munin_datadir}"],
+ require => File[$munin_datadir],
}
}
if $munin_htmldir {
- file { "${munin_htmldir}":
+ file { $munin_htmldir:
ensure => directory,
- mode => 0755,
- owner => munin,
- group => munin,
+ mode => "0755",
+ owner => "munin",
+ group => "munin",
seltype => "httpd_munin_content_t",
require => Package["munin"],
}
@@ -248,45 +248,45 @@ class munin::server {
}
file { "/var/www/html/munin":
- ensure => "${munin_htmldir}",
+ ensure => $munin_htmldir,
force => true,
backup => ".orig",
seltype => "munin_var_lib_t",
- require => File["${munin_htmldir}"],
+ require => File[$munin_htmldir],
}
}
file { "/etc/munin/nodes.d":
- ensure => directory,
- purge => true,
- force => true,
- recurse => true,
- owner => root,
- group => root,
- mode => 0644,
- source => "puppet:///modules/custom/empty",
- require => Package["munin"],
+ ensure => directory,
+ purge => true,
+ force => true,
+ recurse => true,
+ owner => "root",
+ group => "root",
+ mode => "0644",
+ source => "puppet:///modules/custom/empty",
+ require => Package["munin"],
}
-
+
file { "/etc/munin/munin.conf.in":
- ensure => present,
- source => [ "puppet:///files/munin/munin.conf.in",
- "puppet:///modules/munin/munin.conf.in", ],
- owner => root,
- group => root,
- mode => 0644,
- require => Package["munin"],
- notify => Exec["generate-munin-conf"],
+ ensure => present,
+ source => [ "puppet:///files/munin/munin.conf.in",
+ "puppet:///modules/munin/munin.conf.in", ],
+ owner => "root",
+ group => "root",
+ mode => "0644",
+ require => Package["munin"],
+ notify => Exec["generate-munin-conf"],
}
-
+
exec { "generate-munin-conf":
- command => "cat /etc/munin/munin.conf.in /etc/munin/nodes.d/*.conf > /etc/munin/munin.conf",
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- user => root,
- refreshonly => true,
- require => File["/etc/munin/munin.conf.in"],
+ command => "cat /etc/munin/munin.conf.in /etc/munin/nodes.d/*.conf > /etc/munin/munin.conf",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ user => root,
+ refreshonly => true,
+ require => File["/etc/munin/munin.conf.in"],
}
-
+
File <<| tag == "munin" |>>
-
+
}
diff --git a/mutt/manifests/init.pp b/mutt/manifests/init.pp
index 1912646..6e9cf26 100644
--- a/mutt/manifests/init.pp
+++ b/mutt/manifests/init.pp
@@ -9,9 +9,9 @@ class mutt {
$mail_server = "mail.${domain}"
}
if ! $mail_domain {
- $mail_domain = "${domain}"
+ $mail_domain = $domain
}
-
+
case $operatingsystem {
openbsd: { $muttconfdir = "/etc/mutt/Muttrc" }
default: { $muttconfdir = "/etc" }
@@ -26,16 +26,16 @@ class mutt {
}
file { "Muttrc.local":
- name => "${muttconfdir}/Muttrc.local",
ensure => present,
+ name => "${muttconfdir}/Muttrc.local",
content => template("mutt/Muttrc.local.erb"),
- mode => 0644,
- owner => root,
+ mode => "0644",
+ owner => "root",
group => $operatingsystem ? {
- openbsd => wheel,
- default => root,
+ openbsd => "wheel",
+ default => "root",
},
require => Exec["add-local-mutt-config"],
}
-
+
}
diff --git a/mysql/manifests/init.pp b/mysql/manifests/init.pp
index e7fed1d..b51b373 100644
--- a/mysql/manifests/init.pp
+++ b/mysql/manifests/init.pp
@@ -20,30 +20,30 @@ class mysql::client {
class mysql::server {
package { "mysql-server":
- ensure => installed,
+ ensure => installed,
}
if $mysql_datadir {
- file { "${mysql_datadir}":
+ file { $mysql_datadir:
ensure => directory,
- mode => 0755,
- owner => mysql,
- group => mysql,
+ mode => "0755",
+ owner => "mysql",
+ group => "mysql",
seltype => "mysqld_db_t",
require => Package["mysql-server"],
}
file { "/srv/mysql":
ensure => link,
- target => "${mysql_datadir}",
+ target => $mysql_datadir,
seltype => "mysqld_db_t",
- require => File["${mysql_datadir}"],
+ require => File[$mysql_datadir],
}
} else {
file { "/srv/mysql":
ensure => directory,
- mode => 0755,
- owner => mysql,
- group => mysql,
+ mode => "0755",
+ owner => "mysql",
+ group => "mysql",
seltype => "mysqld_db_t",
require => Package["mysql-server"],
}
@@ -57,7 +57,7 @@ class mysql::server {
if $mysql_datadir {
selinux::manage_fcontext { "${mysql_datadir}(/.*)?":
type => "mysqld_db_t",
- before => File["${mysql_datadir}"],
+ before => File[$mysql_datadir],
}
}
}
@@ -68,37 +68,37 @@ class mysql::server {
"debian" => "mysql",
default => "mysqld",
},
- ensure => running,
- enable => true,
- require => File["/srv/mysql"],
+ ensure => running,
+ enable => true,
+ require => File["/srv/mysql"],
}
file { "/etc/my.cnf":
- ensure => present,
- source => [ "puppet:///files/mysql/my.cnf.${hostname}",
- "puppet:///files/mysql/my.cnf",
- "puppet:///modules/mysql/my.cnf", ],
- mode => 0644,
- owner => root,
- group => root,
- require => Package["mysql-server"],
- notify => Service["mysqld"],
+ ensure => present,
+ source => [ "puppet:///files/mysql/my.cnf.${hostname}",
+ "puppet:///files/mysql/my.cnf",
+ "puppet:///modules/mysql/my.cnf", ],
+ mode => "0644",
+ owner => "root",
+ group => "root",
+ require => Package["mysql-server"],
+ notify => Service["mysqld"],
}
file { "/etc/logrotate.d/mysql":
- ensure => present,
- source => "puppet:///modules/mysql/mysql.logrotate",
- mode => 0644,
- owner => root,
- group => root,
- require => Package["mysql-server"],
+ ensure => present,
+ source => "puppet:///modules/mysql/mysql.logrotate",
+ mode => "0644",
+ owner => "root",
+ group => "root",
+ require => Package["mysql-server"],
}
file { "/var/lib/mysql":
ensure => directory,
- mode => 0700,
- owner => mysql,
- group => mysql,
+ mode => "0700",
+ owner => "mysql",
+ group => "mysql",
require => Package["mysql-server"],
}
@@ -128,17 +128,17 @@ class mysql::server::backup {
file { $mysql_backup_datadir:
ensure => directory,
- mode => 0700,
- owner => root,
- group => root,
+ mode => "0700",
+ owner => "root",
+ group => "root",
}
file { "/etc/cron.daily/mysql-backup":
ensure => present,
content => template("mysql/mysql-backup.cron.erb"),
- mode => 0755,
- owner => root,
- group => root,
+ mode => "0755",
+ owner => "root",
+ group => "root",
require => [ File[$mysql_backup_datadir],
Package["mysql"], ],
}
@@ -156,18 +156,18 @@ class mysql::server::report {
file { "/var/log/mysql-report":
ensure => directory,
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
require => Package["mysql-server"],
}
file { "/etc/cron.daily/mysql-report":
ensure => present,
source => "puppet:///modules/mysql/mysql-report.cron",
- mode => 0755,
- owner => root,
- group => root,
+ mode => "0755",
+ owner => "root",
+ group => "root",
require => File["/var/log/mysql-report"],
}
diff --git a/mythtv/manifests/init.pp b/mythtv/manifests/init.pp
index 34db22c..e3b5d01 100644
--- a/mythtv/manifests/init.pp
+++ b/mythtv/manifests/init.pp
@@ -44,7 +44,7 @@ class mythtv::backend {
file { "/etc/mythtv/mysql.txt":
ensure => present,
content => template("mythtv/mysql.txt.erb"),
- mode => 0640,
+ mode => "0640",
owner => root,
group => mythtv,
notify => Service["mythbackend"],
@@ -54,7 +54,7 @@ class mythtv::backend {
file { "/etc/mythtv/config.xml":
ensure => present,
content => template("mythtv/config.xml.erb"),
- mode => 0640,
+ mode => "0640",
owner => root,
group => mythtv,
notify => Service["mythbackend"],
@@ -64,7 +64,7 @@ class mythtv::backend {
file { "/etc/sysconfig/mythbackend":
ensure => present,
source => "puppet:///modules/mythtv/mythbackend",
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Service["mythbackend"],
@@ -72,7 +72,8 @@ class mythtv::backend {
}
file { "/root/.mythtv":
- ensure => "/etc/mythtv",
+ ensure => link,
+ target => "/etc/mythtv",
force => true,
require => Package["mythtv-backend"],
}
@@ -87,7 +88,7 @@ class mythtv::backend {
file { "/etc/cron.daily/mythorphans":
ensure => present,
source => "puppet:///modules/mythtv/mythorphans",
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
}
@@ -108,7 +109,7 @@ class mythtv::cron inherits mythtv::backend {
file { "/etc/cron.daily/mythfilldatabase":
ensure => present,
source => "puppet:///modules/mythtv/mythfilldatabase",
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
}
@@ -116,7 +117,7 @@ class mythtv::cron inherits mythtv::backend {
file { "/etc/cron.daily/mythoptimize":
ensure => present,
source => "puppet:///modules/mythtv/mythoptimize",
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
}
@@ -158,7 +159,7 @@ class mythtv::mythweb {
file { "/usr/share/mythweb/data":
ensure => directory,
- mode => 0770,
+ mode => "0770",
owner => root,
group => $apache::sslserver::group,
seltype => "httpd_sys_rw_content_t",
diff --git a/netcat/manifests/init.pp b/netcat/manifests/init.pp
new file mode 100644
index 0000000..409f32f
--- /dev/null
+++ b/netcat/manifests/init.pp
@@ -0,0 +1,16 @@
+
+# Install netcat
+#
+class netcat {
+
+ if $operatingsystem != "OpenBSD" {
+ package { "netcat":
+ name => $operatingsystem ? {
+ "ubuntu" => "netcat",
+ default => "nc",
+ },
+ ensure => present,
+ }
+ }
+
+}
diff --git a/network/manifests/init.pp b/network/manifests/init.pp
index 48f3d76..cdce314 100644
--- a/network/manifests/init.pp
+++ b/network/manifests/init.pp
@@ -5,20 +5,20 @@
#
class network::helper::restart {
case $operatingsystem {
- centos,fedora: {
- exec { "restart-network":
- command => "/sbin/service network restart",
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- refreshonly => true,
- }
- }
- openbsd: {
- exec { "restart-network":
- command => "/sbin/route delete default ; /bin/sh /etc/netstart",
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- refreshonly => true,
- }
- }
+ centos,fedora: {
+ exec { "restart-network":
+ command => "/sbin/service network restart",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ refreshonly => true,
+ }
+ }
+ openbsd: {
+ exec { "restart-network":
+ command => "/sbin/route delete default ; /bin/sh /etc/netstart",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ refreshonly => true,
+ }
+ }
debian,ubuntu: {
exec { "restart-network":
cwd => "/etc/network",
@@ -37,7 +37,7 @@ class network::helper::debian {
file { "/etc/network/interfaces.in":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
source => "puppet:///modules/network/interfaces.in",
@@ -45,7 +45,7 @@ class network::helper::debian {
file { "/etc/network/interfaces.d":
ensure => directory,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
purge => true,
@@ -66,7 +66,7 @@ class network::hostname {
file { "/etc/hostname":
ensure => present,
content => "${homename}\n",
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
}
@@ -81,7 +81,7 @@ class network::hostname {
file { "/etc/myname":
ensure => present,
content => "${homename}\n",
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "wheel",
}
@@ -101,12 +101,12 @@ class network::hostname {
# $name:
# Network device name.
# $ipaddr:
-# IP address for interface. Use dhcp for DHCP configuration and none
-# if interface just needs to be brought up. Defaults to none.
+# IP address for interface. Use dhcp for DHCP configuration and none
+# if interface just needs to be brought up. Defaults to none.
# $eaddr:
# Ethernet address. Overrides udev configuration.
# $netmask:
-# Netmask for interface. Required only when $ipaddr is used.
+# Netmask for interface. Required only when $ipaddr is used.
# $ip6addr:
# IPv6 address for interface. Use auto for autoconfigured address.
# Defaults to none.
@@ -115,7 +115,7 @@ class network::hostname {
# $bridge:
# Array of interfaces to add to bridge.
# $options:
-# Custom options for interface (used only on OpenBSD).
+# Custom options for interface (used only on OpenBSD).
# $postcmd:
# Custom commands to be executed after interface is up (used only on
# OpenBSD).
@@ -135,14 +135,14 @@ define network::interface($ipaddr = "none", $eaddr = "none", $netmask = "none",
# try to determine boot protocol from ip address
case $ipaddr {
- dhcp: { $proto = "dhcp" }
- none: { $proto = "none" }
- default: {
- $proto = "static"
- case $netmask {
- none: { fail("Netmask must be defined with ip address") }
- }
- }
+ dhcp: { $proto = "dhcp" }
+ none: { $proto = "none" }
+ default: {
+ $proto = "static"
+ case $netmask {
+ none: { fail("Netmask must be defined with ip address") }
+ }
+ }
}
case $eaddr {
none: {
@@ -155,45 +155,45 @@ define network::interface($ipaddr = "none", $eaddr = "none", $netmask = "none",
}
case $operatingsystem {
- openbsd: {
- file { "/etc/hostname.${name}":
- ensure => present,
- content => template("network/hostname.if.erb"),
- mode => 0600,
- owner => root,
- group => wheel,
- notify => Exec["restart-network"],
- }
- }
- centos,fedora: {
+ openbsd: {
+ file { "/etc/hostname.${name}":
+ ensure => present,
+ content => template("network/hostname.if.erb"),
+ mode => "0600",
+ owner => root,
+ group => wheel,
+ notify => Exec["restart-network"],
+ }
+ }
+ centos,fedora: {
if $bridge {
network::interface { $bridge:
options => [ "BRIDGE=${name}", "LINKDELAY=10" ],
before => Exec["restart-interface-${name}"],
}
}
- file { "/etc/sysconfig/network-scripts/ifcfg-${name}":
- ensure => present,
- content => template("network/ifcfg-if.erb"),
- mode => 0644,
- owner => root,
- group => root,
- notify => Exec["restart-interface-${name}"],
- }
- exec { "restart-interface-${name}":
- command => "ifdown ${name} ; ifup ${name}",
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- user => root,
- refreshonly => true,
- require => File["/etc/sysconfig/network-scripts/ifcfg-${name}"],
- }
- }
+ file { "/etc/sysconfig/network-scripts/ifcfg-${name}":
+ ensure => present,
+ content => template("network/ifcfg-if.erb"),
+ mode => "0644",
+ owner => root,
+ group => root,
+ notify => Exec["restart-interface-${name}"],
+ }
+ exec { "restart-interface-${name}":
+ command => "ifdown ${name} ; ifup ${name}",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ user => root,
+ refreshonly => true,
+ require => File["/etc/sysconfig/network-scripts/ifcfg-${name}"],
+ }
+ }
debian,ubuntu: {
include network::helper::debian
file { "/etc/network/interfaces.d/${name}-addr.conf":
ensure => present,
content => template("network/interfaces-if.erb"),
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Exec["restart-network"],
@@ -202,16 +202,16 @@ define network::interface($ipaddr = "none", $eaddr = "none", $netmask = "none",
if $eaddr_real {
file { "/etc/udev/rules.d/99-persistent-net-${name}.rules":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
content => "SUBSYSTEM==\"net\", ACTION==\"add\", ATTR{address}==\"${eaddr_real}\", KERNEL==\"eth*\", NAME=\"${name}\"\n",
}
}
}
- default: {
- fail("Network module not supported in ${operatingsystem}")
- }
+ default: {
+ fail("Network module not supported in ${operatingsystem}")
+ }
}
}
@@ -233,17 +233,17 @@ define network::interface($ipaddr = "none", $eaddr = "none", $netmask = "none",
define network::route($gateway = "", $device, $ipv6gateway = "") {
case $name {
- "default": {
- case $operatingsystem {
- centos,fedora: {
- include network::helper::restart
+ "default": {
+ case $operatingsystem {
+ centos,fedora: {
+ include network::helper::restart
if "${gateway}" != "" {
- augeas { "set-default-route":
- context => "/files/etc/sysconfig/network",
- changes => [ "set GATEWAY ${gateway}",
- "set GATEWAYDEV ${device}", ],
- notify => Exec["restart-network"],
- }
+ augeas { "set-default-route":
+ context => "/files/etc/sysconfig/network",
+ changes => [ "set GATEWAY ${gateway}",
+ "set GATEWAYDEV ${device}", ],
+ notify => Exec["restart-network"],
+ }
}
if "${ipv6gateway}" != "" {
augeas { "set-default-ipv6-route":
@@ -252,38 +252,38 @@ define network::route($gateway = "", $device, $ipv6gateway = "") {
notify => Exec["restart-network"],
}
}
- }
- openbsd: {
- include network::helper::restart
- file { "/etc/mygate":
- ensure => present,
- content => template("network/mygate.erb"),
- mode => 644,
- owner => root,
- group => wheel,
- notify => Exec["restart-network"],
- }
- }
+ }
+ openbsd: {
+ include network::helper::restart
+ file { "/etc/mygate":
+ ensure => present,
+ content => template("network/mygate.erb"),
+ mode => "0644",
+ owner => root,
+ group => wheel,
+ notify => Exec["restart-network"],
+ }
+ }
debian,ubuntu: {
include network::helper::restart
include network::helper::debian
file { "/etc/network/interfaces.d/${device}-gate.conf":
ensure => present,
content => template("network/interfaces-gateway.erb"),
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Exec["restart-network"],
require => File["/etc/network/interfaces.d/${device}-addr.conf"],
}
}
- default: {
- fail("Network module not supported in ${operatingsystem}")
- }
- }
- }
- default: {
- if ipv6gateway != "" {
+ default: {
+ fail("Network module not supported in ${operatingsystem}")
+ }
+ }
+ }
+ default: {
+ if $ipv6gateway != "" {
fail("Custom IPv6 routes not supported yet.")
}
case $operatingsystem {
@@ -292,7 +292,7 @@ define network::route($gateway = "", $device, $ipv6gateway = "") {
file { "/etc/sysconfig/network-scripts/route-${device}":
ensure => present,
content => template("network/route-if.erb"),
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
notify => Exec["restart-network"],
@@ -333,29 +333,29 @@ define network::route($gateway = "", $device, $ipv6gateway = "") {
#
define network::carp($password, $ipaddr, $netmask, $options = []) {
case $operatingsystem {
- openbsd: {
- network::interface { "carp${name}":
- ipaddr => "${ipaddr}",
- netmask => "${netmask}",
- options => [ "vhid ${name}", "pass ${password}", $options ],
+ openbsd: {
+ network::interface { "carp${name}":
+ ipaddr => $ipaddr,
+ netmask => $netmask,
+ options => [ "vhid ${name}", "pass ${password}", $options ],
postcmd => [ "/usr/sbin/ndp -i carp${name} -- -accept_rtadv" ],
- }
- }
- centos,fedora: {
- include network::ucarp
- file { "/etc/ucarp/vip-${name}.conf":
- ensure => present,
- content => template("network/vip.conf.erb"),
- mode => 0600,
- owner => root,
- group => root,
- require => Package["ucarp"],
- notify => Service["ucarp"],
- }
- }
- default: {
- fail("Network module not supported in ${operatingsystem}")
- }
+ }
+ }
+ centos,fedora: {
+ include network::ucarp
+ file { "/etc/ucarp/vip-${name}.conf":
+ ensure => present,
+ content => template("network/vip.conf.erb"),
+ mode => "0600",
+ owner => root,
+ group => root,
+ require => Package["ucarp"],
+ notify => Service["ucarp"],
+ }
+ }
+ default: {
+ fail("Network module not supported in ${operatingsystem}")
+ }
}
}
@@ -366,13 +366,13 @@ define network::carp($password, $ipaddr, $netmask, $options = []) {
#
class network::ucarp {
package { "ucarp":
- ensure => installed,
+ ensure => installed,
}
service { "ucarp":
- ensure => running,
- enable => true,
- hasstatus => true,
- require => Package["ucarp"],
+ ensure => running,
+ enable => true,
+ hasstatus => true,
+ require => Package["ucarp"],
}
}
@@ -397,19 +397,19 @@ define network::pppoe($username, $password, $device, $authtype = "pap") {
include network::helper::restart
case $operatingsystem {
- openbsd: {
- file { "/etc/hostname.${name}":
- ensure => present,
- content => template("network/hostname.pppoe.erb"),
- mode => 0600,
- owner => root,
- group => wheel,
- notify => Exec["restart-network"],
- }
- }
- default: {
- fail("Network module not supported in ${operatingsystem}")
- }
+ openbsd: {
+ file { "/etc/hostname.${name}":
+ ensure => present,
+ content => template("network/hostname.pppoe.erb"),
+ mode => "0600",
+ owner => root,
+ group => wheel,
+ notify => Exec["restart-network"],
+ }
+ }
+ default: {
+ fail("Network module not supported in ${operatingsystem}")
+ }
}
}
@@ -438,27 +438,27 @@ define network::pppoe($username, $password, $device, $authtype = "pap") {
#
define network::trunk($devices, $mode = 0, $ipaddr = "none", $netmask = "none") {
case $operatingsystem {
- centos,fedora: {
- file { "/etc/modprobe.d/${name}.conf":
- ensure => present,
- content => "alias ${name} bonding\noptions ${name} miimon=100 mode=${mode}\n",
- mode => 0644,
- owner => root,
- group => root,
- }
- network::interface { $devices:
- options => [ "MASTER=${name}", "SLAVE=yes", ],
- require => File["/etc/modprobe.d/${name}.conf"],
- before => Network::Interface["${name}"],
- }
- network::interface { $name:
- ipaddr => "${ipaddr}",
- netmask => "${netmask}",
- }
- }
- default: {
- fail("Network module not supported in ${operatingsystem}")
- }
+ centos,fedora: {
+ file { "/etc/modprobe.d/${name}.conf":
+ ensure => present,
+ content => "alias ${name} bonding\noptions ${name} miimon=100 mode=${mode}\n",
+ mode => "0644",
+ owner => root,
+ group => root,
+ }
+ network::interface { $devices:
+ options => [ "MASTER=${name}", "SLAVE=yes", ],
+ require => File["/etc/modprobe.d/${name}.conf"],
+ before => Network::Interface[$name],
+ }
+ network::interface { $name:
+ ipaddr => $ipaddr,
+ netmask => $netmask,
+ }
+ }
+ default: {
+ fail("Network module not supported in ${operatingsystem}")
+ }
}
}
@@ -469,12 +469,12 @@ define network::trunk($devices, $mode = 0, $ipaddr = "none", $netmask = "none")
#
class network::helper::vlan {
case $operatingsystem {
- centos,fedora: {
- augeas { "enable-vlan-support":
- context => "/files/etc/sysconfig/network",
- changes => "set VLAN yes",
- }
- }
+ centos,fedora: {
+ augeas { "enable-vlan-support":
+ context => "/files/etc/sysconfig/network",
+ changes => "set VLAN yes",
+ }
+ }
}
}
@@ -505,25 +505,25 @@ class network::helper::vlan {
define network::vlan($device, $ipaddr = "none", $netmask = "none",
$options = []) {
case $operatingsystem {
- openbsd: {
- network::interface { "vlan${name}":
- options => [ "vlandev ${device}" ],
- ipaddr => $ipaddr,
- netmask => $netmask,
- }
- }
- centos,fedora: {
- include network::helper::vlan
- network::interface { "${device}.${name}":
- ipaddr => $ipaddr,
- netmask => $netmask,
+ openbsd: {
+ network::interface { "vlan${name}":
+ options => [ "vlandev ${device}" ],
+ ipaddr => $ipaddr,
+ netmask => $netmask,
+ }
+ }
+ centos,fedora: {
+ include network::helper::vlan
+ network::interface { "${device}.${name}":
+ ipaddr => $ipaddr,
+ netmask => $netmask,
options => $options,
- require => Augeas["enable-vlan-support"],
- }
- }
- default: {
- fail("Network module not supported in ${operatingsystem}")
- }
+ require => Augeas["enable-vlan-support"],
+ }
+ }
+ default: {
+ fail("Network module not supported in ${operatingsystem}")
+ }
}
}
@@ -536,7 +536,7 @@ class network::manager::disable {
ubuntu: {
file { "/etc/init/network-manager.conf":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
source => "puppet:///modules/network/network-manager.disabled.conf",
diff --git a/networker/manifests/init.pp b/networker/manifests/init.pp
index 4d2997e..7d5f323 100644
--- a/networker/manifests/init.pp
+++ b/networker/manifests/init.pp
@@ -6,7 +6,7 @@ class networker::client {
file { [ "/nsr", "/nsr/res" ]:
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
require => Package["lgtoclnt"],
@@ -15,7 +15,7 @@ class networker::client {
file { "/nsr/res/servers":
ensure => present,
content => template("networker/servers.erb"),
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
require => File["/nsr/res"],
diff --git a/nfs/manifests/init.pp b/nfs/manifests/init.pp
index 02680c6..13ae8d6 100644
--- a/nfs/manifests/init.pp
+++ b/nfs/manifests/init.pp
@@ -6,10 +6,14 @@ class nfs::client {
include portmap::server
package { "nfs-utils":
- ensure => installed,
+ ensure => installed,
}
service { "nfslock":
+ name => $operatingsystem ? {
+ "fedora" => "nfs-lock",
+ default => "nfslock",
+ },
ensure => running,
enable => true,
hasstatus => true,
@@ -27,37 +31,41 @@ class nfs::server inherits nfs::client {
include portmap::server
file { "/etc/exports":
- ensure => present,
- source => [ "puppet:///files/nfs/exports.${fqdn}",
- "puppet:///modules/nfs/exports", ],
- mode => 0644,
- owner => root,
- group => root,
- require => Package["nfs-utils"],
- notify => Exec["exportfs"],
+ ensure => present,
+ source => [ "puppet:///files/nfs/exports.${fqdn}",
+ "puppet:///modules/nfs/exports", ],
+ mode => "0644",
+ owner => root,
+ group => root,
+ require => Package["nfs-utils"],
+ notify => Exec["exportfs"],
}
file { "/etc/sysconfig/nfs":
- ensure => present,
- source => "puppet:///modules/nfs/nfs.sysconfig",
- mode => 0644,
- owner => root,
- group => root,
- notify => Service["nfs"],
+ ensure => present,
+ source => "puppet:///modules/nfs/nfs.sysconfig",
+ mode => "0644",
+ owner => root,
+ group => root,
+ notify => Service["nfs"],
}
service { "nfs":
- ensure => running,
- enable => true,
- hasstatus => true,
- require => Package["nfs-utils"],
+ name => $operatingsystem ? {
+ "fedora" => "nfs-server",
+ default => "nfs",
+ },
+ ensure => running,
+ enable => true,
+ hasstatus => true,
+ require => Package["nfs-utils"],
}
exec { "exportfs":
- command => "exportfs -av",
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- refreshonly => true,
- require => Service["nfs"],
+ command => "exportfs -av",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ refreshonly => true,
+ require => Service["nfs"],
}
}
diff --git a/nginx/manifests/init.pp b/nginx/manifests/init.pp
index 6a25bc6..eac0587 100644
--- a/nginx/manifests/init.pp
+++ b/nginx/manifests/init.pp
@@ -18,14 +18,14 @@ class nginx {
}
service { "nginx":
- enable => true,
ensure => running,
+ enable => true,
require => Package["nginx"],
}
file { "/etc/nginx/nginx.conf":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
@@ -38,7 +38,7 @@ class nginx {
file { "/etc/nginx/conf.d":
ensure => directory,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
@@ -81,7 +81,7 @@ define nginx::configfile($source="", $content="") {
file { "/etc/nginx/conf.d/${name}":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
diff --git a/ntpd/manifests/init.pp b/ntpd/manifests/init.pp
index 6550a01..74ac2f0 100644
--- a/ntpd/manifests/init.pp
+++ b/ntpd/manifests/init.pp
@@ -34,6 +34,15 @@ class ntpd {
}
}
+ case $operatingsystem {
+ "centos","fedora": {
+ augeas { "disable-peerntp":
+ context => "/files/etc/sysconfig/network",
+ changes => "set PEERNTP no",
+ }
+ }
+ }
+
}
@@ -47,7 +56,7 @@ class ntpd::chrony {
file { "/etc/chrony.conf":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
content => template("ntpd/chrony.conf.erb"),
@@ -73,7 +82,7 @@ class ntpd::isc-ntpd {
file { "/etc/ntp.conf":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
content => template("ntpd/ntp.conf.erb"),
@@ -100,7 +109,7 @@ class ntpd::openntpd {
file { "/etc/ntpd.conf":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => root,
group => wheel,
content => template("ntpd/openntpd.conf.erb"),
diff --git a/openvpn/manifests/init.pp b/openvpn/manifests/init.pp
index 53cfd4c..c5ce341 100644
--- a/openvpn/manifests/init.pp
+++ b/openvpn/manifests/init.pp
@@ -9,7 +9,7 @@ class openvpn::client {
service { "openvpn":
ensure => running,
enable => true,
- require => [ Package["openvpn"],
+ require => [ Package["openvpn"],
File["/etc/openvpn/openvpn.conf"],
File["/etc/openvpn/ta.key"],
File["/etc/openvpn/ca.crt"], ],
@@ -30,17 +30,17 @@ class openvpn::client {
file { "/etc/openvpn/openvpn.conf":
ensure => present,
- content => template("openvpn/openvpn.conf.erb"),
- mode => 0640,
+ content => template("openvpn/openvpn.conf.erb"),
+ mode => "0640",
owner => "root",
group => "root",
- notify => Service["openvpn"],
+ notify => Service["openvpn"],
require => Package["openvpn"],
}
file { "/etc/openvpn/ta.key":
ensure => present,
source => "puppet:///files/openvpn/ta.key",
- mode => 0640,
+ mode => "0640",
owner => "root",
group => "root",
require => Package["openvpn"],
@@ -48,7 +48,7 @@ class openvpn::client {
file { "/etc/openvpn/ca.crt":
ensure => present,
source => "puppet:///files/openvpn/ca.crt",
- mode => 0640,
+ mode => "0640",
owner => "root",
group => "root",
require => Package["openvpn"],
diff --git a/pam/manifests/init.pp b/pam/manifests/init.pp
index 69e6578..02f839b 100644
--- a/pam/manifests/init.pp
+++ b/pam/manifests/init.pp
@@ -35,7 +35,7 @@ class pam::mkhomedir {
"ubuntu": {
file { "/usr/share/pam-configs/pam_mkhomedir":
source => "puppet:///modules/pam/pam_mkhomedir",
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
require => Package["libpam-runtime"],
diff --git a/procmail/manifests/init.pp b/procmail/manifests/init.pp
index 11f203d..d5228bf 100644
--- a/procmail/manifests/init.pp
+++ b/procmail/manifests/init.pp
@@ -12,7 +12,7 @@ class procmail {
purge => true,
force => true,
recurse => true,
- mode => 0755,
+ mode => "0755",
owner => "root",
group => "root",
source => "puppet:///modules/custom/empty",
@@ -22,7 +22,7 @@ class procmail {
file { "/etc/procmailrc":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
require => Package["procmail"],
@@ -59,7 +59,7 @@ define procmail::rc($source = "AUTO") {
"AUTO" => "puppet:///files/procmail/${name}",
default => $source,
},
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
notify => Exec["generate-procmailrc"],
diff --git a/psacct/manifests/init.pp b/psacct/manifests/init.pp
index 09ec195..ac6a042 100644
--- a/psacct/manifests/init.pp
+++ b/psacct/manifests/init.pp
@@ -31,7 +31,7 @@ class psacct::linux {
}
service { "psacct":
- name => $operatingsystem ? {
+ name => $operatingsystem ? {
ubuntu => "acct",
default => "psacct",
},
@@ -50,9 +50,9 @@ class psacct::openbsd {
file { "/var/account/acct":
ensure => present,
- mode => 0644,
- owner => root,
- group => wheel,
+ mode => "0644",
+ owner => "root",
+ group => "wheel",
notify => Exec["accton"],
}
diff --git a/pulseaudio/manifests/init.pp b/pulseaudio/manifests/init.pp
index c68bd7b..4a63035 100644
--- a/pulseaudio/manifests/init.pp
+++ b/pulseaudio/manifests/init.pp
@@ -21,14 +21,14 @@ class pulseaudio::server inherits pulseaudio::common {
file { "/etc/init.d/pulseaudio":
ensure => present,
source => "puppet:///modules/pulseaudio/pulseaudio.init",
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
}
file { "/etc/sysconfig/pulseaudio":
ensure => present,
source => "puppet:///modules/pulseaudio/pulseaudio.sysconfig.${operatingsystem}",
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
before => File["/etc/init.d/pulseaudio"],
@@ -39,7 +39,7 @@ class pulseaudio::server inherits pulseaudio::common {
ensure => present,
source => [ "puppet:///files/pulseaudio/system.pa.${fqdn}",
"puppet:///files/pulseaudio/system.pa", ],
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
require => Package["pulseaudio"],
diff --git a/puppet/manifests/init.pp b/puppet/manifests/init.pp
index 88b7884..0b057a5 100644
--- a/puppet/manifests/init.pp
+++ b/puppet/manifests/init.pp
@@ -4,7 +4,7 @@
class puppet::client {
tag("bootstrap")
-
+
if ! $puppet_server {
$puppet_server = "puppet"
}
@@ -19,15 +19,15 @@ class puppet::client {
}
case $operatingsystem {
- centos,fedora: {
- package { "ruby-shadow":
- ensure => installed,
- }
- }
+ centos,fedora: {
+ package { "ruby-shadow":
+ ensure => installed,
+ }
+ }
ubuntu,debian: {
package { "libaugeas-ruby":
- name => regsubst($rubyversion, '^([0-9]+\.[0-9]+)\..*', 'libaugeas-ruby\1'),
ensure => installed,
+ name => regsubst($rubyversion, '^([0-9]+\.[0-9]+)\..*', 'libaugeas-ruby\1'),
before => Service["puppet"],
}
}
@@ -36,7 +36,7 @@ class puppet::client {
file { "/etc/rc.d/puppetd":
ensure => present,
source => "puppet:///modules/puppet/puppetd.rc",
- mode => 0755,
+ mode => "0755",
owner => "root",
group => "wheel",
before => Service["puppet"],
@@ -44,12 +44,12 @@ class puppet::client {
}
}
}
-
+
file { "/etc/puppet/puppet.conf":
ensure => present,
content => template("puppet/puppet.conf.erb"),
- mode => 0640,
- owner => root,
+ mode => "0640",
+ owner => "root",
group => $operatingsystem ? {
openbsd => "_puppet",
default => "puppet",
@@ -82,9 +82,9 @@ class puppet::client {
file { "/etc/default/puppet":
ensure => present,
source => "puppet:///modules/puppet/puppet.enabled.default",
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
notify => Service["puppet"],
}
}
@@ -101,11 +101,11 @@ class puppet::client {
file { "/usr/local/sbin/puppet-check":
ensure => present,
source => "puppet:///modules/puppet/puppet-check",
- mode => 0755,
- owner => root,
+ mode => "0755",
+ owner => "root",
group => $operatingsystem ? {
- openbsd => wheel,
- default => root,
+ openbsd => "wheel",
+ default => "root",
},
}
cron { "puppet-check":
@@ -259,10 +259,10 @@ class puppet::server::common inherits puppet::client {
}
if $puppet_datadir {
- file { "${puppet_datadir}":
+ file { $puppet_datadir:
ensure => directory,
- mode => 0755,
- owner => root,
+ mode => "0755",
+ owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
@@ -272,15 +272,15 @@ class puppet::server::common inherits puppet::client {
}
file { "/srv/puppet":
ensure => link,
- target => "${puppet_datadir}",
+ target => $puppet_datadir,
seltype => "var_lib_t",
- require => File["${puppet_datadir}"],
+ require => File[$puppet_datadir],
}
} else {
file { "/srv/puppet":
ensure => directory,
- mode => 0755,
- owner => root,
+ mode => "0755",
+ owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
@@ -299,14 +299,14 @@ class puppet::server::common inherits puppet::client {
selinux::manage_fcontext { "${puppet_datadir}(/.*)?":
type => "var_lib_t",
before => File[$puppet_datadir],
- }
+ }
}
}
if $puppet_storeconfigs != "none" {
file { "/srv/puppet/storeconfigs":
ensure => directory,
- mode => 0750,
+ mode => "0750",
owner => $user,
group => $group,
seltype => "var_lib_t",
@@ -317,7 +317,7 @@ class puppet::server::common inherits puppet::client {
"/srv/puppet/reports",
"/srv/puppet/rrd", ]:
ensure => directory,
- mode => 0750,
+ mode => "0750",
owner => $user,
group => $group,
seltype => "var_lib_t",
@@ -326,8 +326,8 @@ class puppet::server::common inherits puppet::client {
file { [ "/srv/puppet/files",
"/srv/puppet/templates" ]:
ensure => directory,
- mode => 0755,
- owner => root,
+ mode => "0755",
+ owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
@@ -337,8 +337,8 @@ class puppet::server::common inherits puppet::client {
}
file { "/srv/puppet/files/common":
ensure => directory,
- mode => 0755,
- owner => root,
+ mode => "0755",
+ owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
@@ -348,8 +348,8 @@ class puppet::server::common inherits puppet::client {
}
file { "/srv/puppet/files/private":
ensure => directory,
- mode => 0750,
- owner => root,
+ mode => "0750",
+ owner => "root",
group => $group,
seltype => "var_lib_t",
require => File["/srv/puppet/files"],
@@ -364,8 +364,8 @@ class puppet::server::common inherits puppet::client {
source => [ "puppet:///files/puppet/tagmail.conf.${fqdn}",
"puppet:///files/puppet/tagmail.conf",
"puppet:///modules/puppet/tagmail.conf", ],
- mode => 0644,
- owner => root,
+ mode => "0644",
+ owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
@@ -378,8 +378,8 @@ class puppet::server::common inherits puppet::client {
source => [ "puppet:///files/puppet/fileserver.conf.${fqdn}",
"puppet:///files/puppet/fileserver.conf",
"puppet:///modules/puppet/fileserver.conf", ],
- mode => 0644,
- owner => root,
+ mode => "0644",
+ owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
@@ -394,9 +394,9 @@ class puppet::server::common inherits puppet::client {
file { "/etc/cron.daily/puppet-report-cleanup":
ensure => present,
content => template("puppet/puppet-report-cleanup.erb"),
- mode => 0755,
- owner => root,
- group => root,
+ mode => "0755",
+ owner => "root",
+ group => "root",
require => File["/srv/puppet/reports"],
}
}
@@ -405,7 +405,7 @@ class puppet::server::common inherits puppet::client {
file { "/usr/local/sbin/puppet-clean-storeconfigs":
ensure => present,
source => "puppet:///modules/puppet/puppet-clean-storeconfigs",
- mode => 0755,
+ mode => "0755",
owner => "root",
group => $operatingsystem ? {
openbsd => "wheel",
@@ -459,9 +459,9 @@ class puppet::server::mongrel {
file { "/etc/default/puppetmaster":
ensure => present,
content => template("puppet/puppetmaster.default.erb"),
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
notify => Service["puppetmaster"],
}
}
@@ -469,9 +469,9 @@ class puppet::server::mongrel {
file { "/etc/sysconfig/puppetmaster":
ensure => present,
content => template("puppet/puppetmaster.sysconfig.erb"),
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
notify => Service["puppetmaster"],
}
}
@@ -559,9 +559,9 @@ class puppet::opencollab {
file { "/etc/puppet/opencollab.conf":
ensure => present,
- mode => 0600,
- owner => root,
- group => root,
+ mode => "0600",
+ owner => "root",
+ group => "root",
content => "[creds]\nurl = ${puppet_opencollab_url}\nusername = ${puppet_opencollab_user}\npassword = ${puppet_opencollab_pass}\n",
}
diff --git a/rsync/manifests/init.pp b/rsync/manifests/init.pp
index 15a010c..32fc6c1 100644
--- a/rsync/manifests/init.pp
+++ b/rsync/manifests/init.pp
@@ -17,10 +17,10 @@ class rsync::run-rsync {
ensure => present,
source => [ "puppet:///files/run-rsync/${homename}-RunRsyncConfig.pm",
"/etc/run-rsync/RunRsyncConfig.pm", ],
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
}
}
- }
+ }
}
diff --git a/samba/manifests/init.pp b/samba/manifests/init.pp
index 7c4a1e2..2d23b2d 100644
--- a/samba/manifests/init.pp
+++ b/samba/manifests/init.pp
@@ -3,11 +3,7 @@
class samba::server {
package { "samba":
- name => $operatingsystem ? {
- "openbsd" => "samba-3.5.4p3",
- default => "samba",
- },
- ensure => installed,
+ ensure => installed,
}
case $operatingsystem {
@@ -62,30 +58,30 @@ class samba::server {
}
file { "/etc/samba/smb.conf":
- ensure => present,
- source => [ "puppet:///files/samba/smb.conf.${fqdn}",
- "puppet:///files/samba/smb.conf", ],
- mode => 0644,
- owner => root,
- group => $operatingsystem ? {
- openbsd => wheel,
- default => root,
+ ensure => present,
+ source => [ "puppet:///files/samba/smb.conf.${fqdn}",
+ "puppet:///files/samba/smb.conf", ],
+ mode => "0644",
+ owner => "root",
+ group => $operatingsystem ? {
+ openbsd => "wheel",
+ default => "root",
},
- require => Package["samba"],
+ require => Package["samba"],
}
file { "/etc/samba/lmhosts":
- ensure => present,
- source => [ "puppet:///files/samba/lmhosts.${fqdn}",
- "puppet:///files/samba/lmhosts",
- "puppet:///modules/samba/lmhosts", ],
- mode => 0644,
- owner => root,
- group => $operatingsystem ? {
- openbsd => wheel,
- default => root,
+ ensure => present,
+ source => [ "puppet:///files/samba/lmhosts.${fqdn}",
+ "puppet:///files/samba/lmhosts",
+ "puppet:///modules/samba/lmhosts", ],
+ mode => "0644",
+ owner => "root",
+ group => $operatingsystem ? {
+ openbsd => "wheel",
+ default => "root",
},
- require => Package["samba"],
+ require => Package["samba"],
}
}
@@ -100,9 +96,9 @@ class samba::bdc {
file { "/etc/cron.hourly/sync-netlogon.sh":
ensure => present,
source => "puppet:///modules/samba/sync-netlogon.sh",
- mode => 0755,
- owner => root,
- group => root,
+ mode => "0755",
+ owner => "root",
+ group => "root",
}
}
diff --git a/saslauthd/manifests/init.pp b/saslauthd/manifests/init.pp
index 392efbc..d5e60a8 100644
--- a/saslauthd/manifests/init.pp
+++ b/saslauthd/manifests/init.pp
@@ -14,9 +14,9 @@ class saslauthd::server {
file { "/etc/sasldb2":
ensure => present,
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
require => Exec["generate-sasldb2"],
}
exec { "generate-sasldb2":
@@ -25,7 +25,7 @@ class saslauthd::server {
creates => "/etc/sasldb2",
require => Package["cyrus-sasl"],
}
-
+
}
@@ -43,8 +43,9 @@ class saslauthd::server {
define saslauthd::service() {
case $architecture {
- i386: { $libdir = "/usr/lib/sasl2" }
- x86_64: { $libdir = "/usr/lib64/sasl2" }
+ "i386": { $libdir = "/usr/lib/sasl2" }
+ "x86_64": { $libdir = "/usr/lib64/sasl2" }
+ default: { fail("Unknown architecture ${architecture}") }
}
file { "${libdir}/${name}.conf":
@@ -53,9 +54,9 @@ define saslauthd::service() {
"puppet:///files/saslauthd/${name}.conf",
"puppet:///files/saslauthd/service.conf",
"puppet:///modules/saslauthd/service.conf", ],
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
require => Service["saslauthd"],
}
diff --git a/selinux/manifests/init.pp b/selinux/manifests/init.pp
index 21eaee1..aa33a80 100644
--- a/selinux/manifests/init.pp
+++ b/selinux/manifests/init.pp
@@ -12,7 +12,7 @@ class selinux {
if $kernel != "Linux" {
fail("SELinux supported only on Linux systems")
}
-
+
if ! $selinux_type {
$selinux_type = "permissive"
}
@@ -22,17 +22,17 @@ class selinux {
"disabled": {}
default: { fail("Invalid SELinux mode ${selinux_type}") }
}
-
+
package { [ "selinux-policy-targeted", "setroubleshoot" ]:
ensure => installed,
}
-
+
file { "/etc/selinux/config":
ensure => present,
content => template("selinux/config.erb"),
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
require => Package["selinux-policy-targeted"],
notify => Exec["set-selinux-mode"],
}
@@ -62,7 +62,7 @@ class selinux {
unless => "getenforce | egrep -i '${selinux_type}'",
require => File["/etc/selinux/config"],
}
-
+
include selinux::tools
}
diff --git a/sendmail/manifests/init.pp b/sendmail/manifests/init.pp
index f0c2f75..4edba7b 100644
--- a/sendmail/manifests/init.pp
+++ b/sendmail/manifests/init.pp
@@ -8,8 +8,8 @@ class sendmail::common {
if $operatingsystem != "OpenBSD" {
package { "sendmail":
- name => [ "sendmail", "sendmail-cf", ],
ensure => installed,
+ name => [ "sendmail", "sendmail-cf", ],
}
service { "sendmail":
ensure => running,
@@ -25,7 +25,7 @@ class sendmail::common {
content => "DAEMON=no\nQUEUE=1h\n",
owner => "root",
group => "root",
- mode => 0644,
+ mode => "0644",
notify => Service["sendmail"],
}
}
@@ -59,7 +59,7 @@ class sendmail::client inherits sendmail::common {
"openbsd" => "bin",
default => "root",
},
- mode => 0644,
+ mode => "0644",
notify => Exec["make submit.cf"],
require => $operatingsystem ? {
"openbsd" => undef,
@@ -68,8 +68,8 @@ class sendmail::client inherits sendmail::common {
}
exec { "make submit.cf":
- path => "/bin:/usr/bin:/sbin:/usr/sbin:/etc/mail",
- cwd => $operatingsystem ? {
+ path => "/bin:/usr/bin:/sbin:/usr/sbin:/etc/mail",
+ cwd => $operatingsystem ? {
"openbsd" => "/usr/share/sendmail/cf",
default => "/etc/mail",
},
@@ -88,7 +88,7 @@ class sendmail::client inherits sendmail::common {
"ubuntu" => "smmsp",
default => "root",
},
- mode => 0644,
+ mode => "0644",
source => $operatingsystem ? {
"openbsd" => "/usr/share/sendmail/cf/submit.cf",
default => undef,
@@ -133,31 +133,33 @@ class sendmail::server inherits sendmail::common {
}
}
- file { "sendmail.mc": name => $operatingsystem ? {
- "openbsd" => "/usr/share/sendmail/cf/sendmail.mc",
- default => "/etc/mail/sendmail.mc", },
+ file { "sendmail.mc":
+ name => $operatingsystem ? {
+ "openbsd" => "/usr/share/sendmail/cf/sendmail.mc",
+ default => "/etc/mail/sendmail.mc",
+ },
content => template("sendmail/sendmail.mc.erb"),
owner => "root",
group => $group,
- mode => 0644,
+ mode => "0644",
notify => Exec["make sendmail.cf"],
}
- file { "/etc/aliases":
+ file { "/etc/aliases":
ensure => present,
- notify => Exec["newaliases"],
+ notify => Exec["newaliases"],
owner => "root",
group => $group,
- mode => 0644,
- }
+ mode => "0644",
+ }
exec { "make sendmail.cf":
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- cwd => $operatingsystem ? {
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ cwd => $operatingsystem ? {
openbsd => "/usr/share/sendmail/cf",
default => "/etc/mail",
},
- require => $operatingsystem ? {
+ require => $operatingsystem ? {
openbsd => undef,
default => Package["sendmail"],
},
@@ -168,17 +170,17 @@ class sendmail::server inherits sendmail::common {
ensure => present,
owner => "root",
group => $group,
- mode => 0644,
+ mode => "0644",
source => $operatingsystem ? {
openbsd => "/usr/share/sendmail/cf/sendmail.cf",
default => undef,
},
require => Exec["make sendmail.cf"],
- notify => Service["sendmail"],
+ notify => Service["sendmail"],
}
exec { "newaliases":
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
refreshonly => true,
}
}
diff --git a/smolt/manifests/init.pp b/smolt/manifests/init.pp
index 3191a80..5404a83 100644
--- a/smolt/manifests/init.pp
+++ b/smolt/manifests/init.pp
@@ -20,5 +20,5 @@ class smolt::client inherits smolt::package {
hasstatus => true,
require => Package["smolt"],
}
-
+
}
diff --git a/ssh/manifests/init.pp b/ssh/manifests/init.pp
index 69afa1e..8bacbf3 100644
--- a/ssh/manifests/init.pp
+++ b/ssh/manifests/init.pp
@@ -4,7 +4,7 @@ class ssh::known_hosts {
file { "/etc/ssh/ssh_known_hosts":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => root,
group => $operatingsystem ? {
OpenBSD => wheel,
@@ -12,10 +12,10 @@ class ssh::known_hosts {
},
}
- @@sshkey { "${homename}":
+ @@sshkey { $homename:
ensure => present,
type => rsa,
- key => "${sshrsakey}",
+ key => $sshrsakey,
host_aliases => inline_template("<%= homename.split('.')[0] %>"),
require => File["/etc/ssh/ssh_known_hosts"],
}
@@ -32,7 +32,7 @@ class ssh::hostkeys {
file { "/etc/ssh/ssh_host_dsa_key":
ensure => present,
source => "puppet:///private/ssh_host_dsa_key",
- mode => 0600,
+ mode => "0600",
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
@@ -42,7 +42,7 @@ class ssh::hostkeys {
file { "/etc/ssh/ssh_host_dsa_key.pub":
ensure => present,
source => "puppet:///private/ssh_host_dsa_key.pub",
- mode => 0644,
+ mode => "0644",
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
@@ -53,7 +53,7 @@ class ssh::hostkeys {
file { "/etc/ssh/ssh_host_rsa_key":
ensure => present,
source => "puppet:///private/ssh_host_rsa_key",
- mode => 0600,
+ mode => "0600",
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
@@ -63,7 +63,7 @@ class ssh::hostkeys {
file { "/etc/ssh/ssh_host_rsa_key.pub":
ensure => present,
source => "puppet:///private/ssh_host_rsa_key.pub",
- mode => 0644,
+ mode => "0644",
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
@@ -74,7 +74,7 @@ class ssh::hostkeys {
file { "/etc/ssh/ssh_host_key":
ensure => present,
source => "puppet:///private/ssh_host_key",
- mode => 0600,
+ mode => "0600",
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
@@ -84,7 +84,7 @@ class ssh::hostkeys {
file { "/etc/ssh/ssh_host_key.pub":
ensure => present,
source => "puppet:///private/ssh_host_key.pub",
- mode => 0644,
+ mode => "0644",
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
@@ -112,7 +112,7 @@ class ssh::disable {
}
file { "/etc/init/ssh.conf":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
source => "puppet:///modules/ssh/ssh.disabled.conf",
diff --git a/ssl/manifests/init.pp b/ssl/manifests/init.pp
index 0ff0863..7e0fb09 100644
--- a/ssl/manifests/init.pp
+++ b/ssl/manifests/init.pp
@@ -77,10 +77,10 @@ define ssl::certificate($cn, $mode, $owner, $group,
exec { "openssl-req-${name}":
path => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin",
command => "/bin/sh -c 'umask 077 ; openssl req -x509 -nodes -days ${days} -newkey rsa:${keysize} -subj \"${subject_real}\" -keyout ${keyout_real} -out ${name}'",
- creates => [ "${name}", "${keyout_real}" ],
+ creates => [ $name, $keyout_real ],
}
- file { "${name}":
+ file { $name:
ensure => present,
mode => $mode,
owner => $owner,
@@ -89,7 +89,7 @@ define ssl::certificate($cn, $mode, $owner, $group,
}
if $keyout {
- file { "${keyout}":
+ file { $keyout:
ensure => present,
mode => $keymode,
owner => $keyowner,
@@ -117,10 +117,10 @@ define ssl::dhparam($mode, $owner, $group, $keysize="1024") {
exec { "openssl-dhparam-${name}":
path => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin",
command => "/bin/sh -c 'umask 077 ; openssl dhparam -out ${name} ${keysize}'",
- creates => "${name}",
+ creates => $name,
}
- file { "${name}":
+ file { $name:
ensure => present,
mode => $mode,
owner => $owner,
diff --git a/sudo/manifests/init.pp b/sudo/manifests/init.pp
index 350885e..3c3b322 100644
--- a/sudo/manifests/init.pp
+++ b/sudo/manifests/init.pp
@@ -11,7 +11,7 @@ class sudo {
file { "/etc/sudoers.d":
ensure => directory,
- mode => 0440,
+ mode => "0440",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
@@ -25,7 +25,7 @@ class sudo {
file { "/etc/sudoers":
ensure => present,
- mode => 0440,
+ mode => "0440",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
@@ -54,7 +54,7 @@ define sudo::sudoer($where="ALL", $as_whom="ALL", $what="ALL") {
file { "/etc/sudoers.d/${name}":
ensure => present,
- mode => 0440,
+ mode => "0440",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
diff --git a/svn/manifests/init.pp b/svn/manifests/init.pp
index 5497ca6..5ee538c 100644
--- a/svn/manifests/init.pp
+++ b/svn/manifests/init.pp
@@ -8,7 +8,7 @@ class svn::client {
file { "/etc/subversion/servers":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => root,
group => root,
content => template("svn/servers.erb"),
@@ -41,13 +41,13 @@ define svn::checkout($source, $ensure="HEAD") {
exec { "svn-co-${name}":
path => "/bin:/usr/bin:/sbin:/usr/sbin",
command => "svn checkout --non-interactive -r ${ensure} ${source} ${name}",
- creates => "${name}",
+ creates => $name,
require => [ Package["subversion"], File["/etc/subversion/servers"], ],
}
exec { "svn-up-${name}":
path => "/bin:/usr/bin:/sbin:/usr/sbin",
- cwd => "${name}",
+ cwd => $name,
command => "svn update --non-interactive -r ${ensure}",
onlyif => $ensure ? {
"HEAD" => "svn status --non-interactive -q -u 2>&1 | egrep '^[[:space:]]+\\*'",
@@ -92,7 +92,7 @@ define svn::export($source, $ensure="HEAD") {
exec { "svn-export-${name}":
path => "/bin:/usr/bin:/sbin:/usr/sbin",
command => "svn export --non-interactive -r ${ensure} ${source} ${name} && svn info --non-interactive -r ${ensure} ${source} 2>&1 | awk '/^Last Changed Rev:/ { print \$4 }' > ${name}/.svnrevision",
- creates => "${name}",
+ creates => $name,
require => Exec["svn-export-clean-${name}"],
}
diff --git a/sysctl/manifests/init.pp b/sysctl/manifests/init.pp
index f49ffd4..18831fe 100644
--- a/sysctl/manifests/init.pp
+++ b/sysctl/manifests/init.pp
@@ -17,15 +17,15 @@
define sysctl::set($value) {
exec { "sysctl-${name}":
- command => "sysctl -w ${name}='${value}'",
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- unless => "test \"`sysctl -n ${name}`\" = \"${value}\"",
+ command => "sysctl -w ${name}='${value}'",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ unless => "test \"`sysctl -n ${name}`\" = \"${value}\"",
}
exec { "sysctl-${name}-save":
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- command => "echo '${name}=${value}' >> /etc/sysctl.conf",
- unless => "egrep '^${name}=' /etc/sysctl.conf",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ command => "echo '${name}=${value}' >> /etc/sysctl.conf",
+ unless => "egrep '^${name}=' /etc/sysctl.conf",
}
}
diff --git a/syslog/manifests/init.pp b/syslog/manifests/init.pp
index 6f8dbfc..76d75f0 100644
--- a/syslog/manifests/init.pp
+++ b/syslog/manifests/init.pp
@@ -40,7 +40,7 @@ class syslog::common {
"linux": {
file { "/etc/logrotate.d/syslog.all":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
content => template("syslog/logrotate.erb"),
@@ -84,17 +84,25 @@ class syslog::client::syslogd {
if $operatingsystem != "OpenBSD" {
package { "syslogd":
- name => "sysklogd",
ensure => installed,
+ name => "sysklogd",
before => File["/etc/syslog.conf"],
}
}
+ file { "/var/log/all.log":
+ ensure => present,
+ mode => "0640",
+ owner => "root",
+ group => $group,
+ notify => Service["syslogd"],
+ }
+
file { "/etc/syslog.conf":
ensure => present,
content => template("syslog/syslog.conf.$operatingsystem.erb",
"syslog/syslog.conf.client.erb"),
- mode => 0644,
+ mode => "0644",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
@@ -143,7 +151,7 @@ class syslog::client::rsyslog {
content => template("syslog/rsyslog.conf.erb",
"syslog/syslog.conf.$operatingsystem.erb",
"syslog/syslog.conf.client.erb"),
- mode => 0644,
+ mode => "0644",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
@@ -168,7 +176,7 @@ class syslog::client::rsyslog {
if $operatingsystem == "OpenBSD" and $operatingsystemrelease !~ /4\.[1-8]/ {
file { "/etc/rc.d/syslogd":
ensure => present,
- mode => 0555,
+ mode => "0555",
owner => "root",
group => "wheel",
source => "puppet:///modules/syslog/rsyslogd.rc",
@@ -195,7 +203,7 @@ class syslog::common::standalone inherits syslog::common {
if $syslog_datadir {
file { $syslog_datadir:
ensure => directory,
- mode => 2750,
+ mode => "2750",
owner => "root",
group => $group,
seltype => "var_log_t",
@@ -211,7 +219,7 @@ class syslog::common::standalone inherits syslog::common {
} else {
file { "/srv/log":
ensure => directory,
- mode => 2750,
+ mode => "2750",
owner => "root",
group => $group,
seltype => "var_log_t",
@@ -220,7 +228,7 @@ class syslog::common::standalone inherits syslog::common {
file { "/srv/log/archive":
ensure => directory,
- mode => 2750,
+ mode => "2750",
owner => "root",
group => $group,
require => File["/srv/log"],
@@ -248,7 +256,7 @@ class syslog::common::standalone inherits syslog::common {
file { "/usr/local/sbin/logarchiver.sh":
ensure => present,
source => "puppet:///modules/syslog/logarchiver.sh",
- mode => 0755,
+ mode => "0755",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
diff --git a/tftp/manifests/init.pp b/tftp/manifests/init.pp
index d7d89db..a1ee8fc 100644
--- a/tftp/manifests/init.pp
+++ b/tftp/manifests/init.pp
@@ -9,10 +9,10 @@
class tftp::server {
if $tftp_datadir {
- file { "${tftp_datadir}":
+ file { $tftp_datadir:
ensure => directory,
- mode => 0755,
- owner => root,
+ mode => "0755",
+ owner => "root",
group => $operatingsystem ? {
openbsd => "wheel",
default => "root",
@@ -21,14 +21,14 @@ class tftp::server {
}
file { "/srv/tftpboot":
ensure => link,
- target => "${tftp_datadir}",
+ target => $tftp_datadir,
seltype => "tftpdir_t",
- require => File["${tftp_datadir}"],
+ require => File[$tftp_datadir],
}
} else {
file { "/srv/tftpboot":
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
@@ -64,8 +64,8 @@ class tftp::server {
}
if $tftp_datadir {
selinux::manage_fcontext { "${tftp_datadir}(/.*)?":
- type => "tftpdir_t",
- before => File["${tftp_datadir}"],
+ type => "tftpdir_t",
+ before => File[$tftp_datadir],
}
}
}
diff --git a/time/manifests/init.pp b/time/manifests/init.pp
index 10612c7..a54be62 100644
--- a/time/manifests/init.pp
+++ b/time/manifests/init.pp
@@ -5,7 +5,7 @@ class time::server {
include inetd::server
inetd::service { "time-stream":
- ensure => present,
+ ensure => present,
}
}
@@ -17,24 +17,27 @@ class time::server {
class time::zone {
file { "/etc/localtime":
ensure => present,
- mode => 0644,
+ mode => "0644",
source => "/usr/share/zoneinfo/$timezone_set"
}
case $operatingsystem {
centos,redhat: {
file { "/etc/sysconfig/clock":
- ensure => present,
- mode => 0644,
+ ensure => present,
+ mode => "0644",
content => template("time/sysconfig_clock.erb"),
}
}
ubuntu: {
file { "/etc/timezone":
- ensure => present,
- mode => 0644,
+ ensure => present,
+ mode => "0644",
content => "$timezone_set\n",
}
}
+ default: {
+ fail("time::zone not supported on ${operatingsystem}")
+ }
}
}
diff --git a/user/manifests/init.pp b/user/manifests/init.pp
index 156b7c0..82d8288 100644
--- a/user/manifests/init.pp
+++ b/user/manifests/init.pp
@@ -4,14 +4,23 @@ class user::system {
file { "/var/empty":
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => "root",
group => $operatingsystem ? {
- openbsd => "wheel",
- default => "root",
+ "openbsd" => "wheel",
+ default => "root",
},
}
+ if $operatingsystem == "ubuntu" {
+ file { "/sbin/nologin":
+ ensure => link,
+ target => "/usr/sbin/nologin",
+ owner => "root",
+ group => "root",
+ }
+ }
+
User {
require => File["/var/empty"],
}
@@ -230,7 +239,7 @@ class user::system {
#
define user::newuser($uid, $gid, $comment, $home, $shell, $groups=undef, $requiregroups=undef) {
- user { "${name}":
+ user { $name:
ensure => present,
uid => $uid,
gid => $gid,
@@ -257,7 +266,7 @@ define user::newuser($uid, $gid, $comment, $home, $shell, $groups=undef, $requir
command => "/bin/sh -c 'umask 077; mkdir -p ${home} && tar cf - . | tar xf - -C ${home} && chown -R ${uid}:${gid} ${home}'",
cwd => "/etc/skel",
path => "/sbin:/usr/sbin:/bin:/usr/bin",
- creates => "${home}",
+ creates => $home,
refreshonly => true,
}
diff --git a/util/manifests/init.pp b/util/manifests/init.pp
index 11ba8cf..7aa6bfb 100644
--- a/util/manifests/init.pp
+++ b/util/manifests/init.pp
@@ -28,16 +28,16 @@ define util::extract::tar($source, $ensure=present, $strip=0, $preserve=false) {
exec { "tar-rmdir-${name}":
path => "/bin:/usr/bin:/sbin:/usr/sbin",
command => "rm -fr ${name}",
- before => File["${name}"],
- subscribe => File["${source}"],
+ before => File[$name],
+ subscribe => File[$source],
refreshonly => true,
}
}
}
- file { "${name}":
+ file { $name:
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
@@ -65,7 +65,7 @@ define util::extract::tar($source, $ensure=present, $strip=0, $preserve=false) {
exec { "tar-extract-${name}":
path => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin",
command => $command,
- require => File["${name}"],
+ require => File[$name],
unless => "test -n \"$(ls -A ${name})\"",
}
@@ -95,8 +95,8 @@ define util::extract::zip($source, $ensure=present) {
exec { "zip-rmdir-${name}":
path => "/bin:/usr/bin:/sbin:/usr/sbin",
command => "rm -fr ${name}",
- before => File["${name}"],
- subscribe => File["${source}"],
+ before => File[$name],
+ subscribe => File[$source],
refreshonly => true,
}
}
@@ -104,9 +104,9 @@ define util::extract::zip($source, $ensure=present) {
$command = "unzip ${source} -d ${name}"
- file { "${name}":
+ file { $name:
ensure => directory,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
}
@@ -114,7 +114,7 @@ define util::extract::zip($source, $ensure=present) {
exec { "zip-extract-${name}":
path => "/bin:/usr/bin:/sbin:/usr/sbin",
command => $command,
- require => File["${name}"],
+ require => File[$name],
unless => "test -n \"$(ls -A ${name})\"",
}
@@ -158,7 +158,7 @@ define util::patch($source, $strip=0) {
exec { "patch-${name}-${source}":
path => "/bin:/usr/bin:/sbin:/usr/sbin",
- cwd => "${name}",
+ cwd => $name,
command => "patch -N -b -t -p${strip} < ${source}",
onlyif => "patch --dry-run -N -b -t -p${strip} < ${source}",
require => Class["util::patch::package"],
diff --git a/vmware/manifests/guest.pp b/vmware/manifests/guest.pp
index 466fa58..0292ca9 100644
--- a/vmware/manifests/guest.pp
+++ b/vmware/manifests/guest.pp
@@ -4,12 +4,12 @@
class vmware::guest {
case $virtual {
- vmware: {
- case $operatingsystem {
- centos: { include vmware::guest::centos }
- fedora: { include vmware::guest::fedora }
- }
- }
+ vmware: {
+ case $operatingsystem {
+ centos: { include vmware::guest::centos }
+ fedora: { include vmware::guest::fedora }
+ }
+ }
}
}
@@ -46,11 +46,11 @@ class vmware::guest::centos {
class vmware::guest::fedora {
package { "VMwareTools":
- ensure => absent,
+ ensure => absent,
}
package { "open-vm-tools":
- ensure => installed,
- require => Package["VMwareTools"],
+ ensure => installed,
+ require => Package["VMwareTools"],
}
}
diff --git a/vmware/manifests/init.pp b/vmware/manifests/init.pp
index 7b60f63..83fdfdc 100644
--- a/vmware/manifests/init.pp
+++ b/vmware/manifests/init.pp
@@ -15,7 +15,7 @@ define vmware::bundle() {
ensure => present,
source => "puppet:///files/packages/${name}.${architecture}.bundle",
links => follow,
- mode => 0755,
+ mode => "0755",
owner => root,
group => root,
}
diff --git a/vmware/manifests/player.pp b/vmware/manifests/player.pp
index 89e2df4..5e7bc6e 100644
--- a/vmware/manifests/player.pp
+++ b/vmware/manifests/player.pp
@@ -9,5 +9,5 @@
class vmware::player {
vmware::bundle { "VMware-Player": }
-
+
}
diff --git a/vmware/manifests/server.pp b/vmware/manifests/server.pp
index a4c4939..b40928e 100644
--- a/vmware/manifests/server.pp
+++ b/vmware/manifests/server.pp
@@ -2,50 +2,50 @@
class vmware::server {
package { "VMware-server":
- ensure => installed,
+ ensure => installed,
}
service { "vmware":
- ensure => running,
- enable => true,
- hasstatus => true,
- start => "pkill 'vmnet-' ; /sbin/service vmware stop ; rm -f /etc/vmware/not_configured ; /sbin/service vmware start && sleep 5",
- stop => "pkill 'vmnet-' ; /sbin/service vmware stop",
- require => [ Package["VMware-server"],
- Exec["vmware-config.pl"], ],
+ ensure => running,
+ enable => true,
+ hasstatus => true,
+ start => "pkill 'vmnet-' ; /sbin/service vmware stop ; rm -f /etc/vmware/not_configured ; /sbin/service vmware start && sleep 5",
+ stop => "pkill 'vmnet-' ; /sbin/service vmware stop",
+ require => [ Package["VMware-server"],
+ Exec["vmware-config.pl"], ],
}
# seems that vmware init script fails if pid files are missing for vmnet
# processes, so kill them by force first
exec { "vmware-config.pl":
- command => "pkill 'vmnet-' ; perl /usr/bin/vmware-config.pl --default EULA_AGREED=yes && rm -f /etc/vmware/not_configured",
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ command => "pkill 'vmnet-' ; perl /usr/bin/vmware-config.pl --default EULA_AGREED=yes && rm -f /etc/vmware/not_configured",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
environment => [ "PAGER=/bin/cat", ],
- unless => "test ! -f /etc/vmware/not_configured -a -f /lib/modules/$kernelrelease/misc/vmci.ko",
+ unless => "test ! -f /etc/vmware/not_configured -a -f /lib/modules/$kernelrelease/misc/vmci.ko",
require => Package["VMware-server"],
- notify => Service["vmware"],
+ notify => Service["vmware"],
}
if $vmware_serial {
- exec { "vmware-set-serial":
- command => "/usr/lib/vmware/bin/vmware-vmx --new-sn ${vmware_serial}",
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- user => root,
- creates => "/etc/vmware/license.vs.1.0-00",
- require => Package["VMware-server"],
- before => Exec["vmware-config.pl"],
- }
+ exec { "vmware-set-serial":
+ command => "/usr/lib/vmware/bin/vmware-vmx --new-sn ${vmware_serial}",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ user => root,
+ creates => "/etc/vmware/license.vs.1.0-00",
+ require => Package["VMware-server"],
+ before => Exec["vmware-config.pl"],
+ }
}
if $vmware_admin_group {
file { "/etc/vmware/ssl/rui.key":
- ensure => present,
- mode => 0640,
- owner => root,
- group => $vmware_admin_group,
- require => [ Service["vmware"],
+ ensure => present,
+ mode => "0640",
+ owner => root,
+ group => $vmware_admin_group,
+ require => [ Service["vmware"],
Class["puppet::client"], ],
- notify => Exec["restart-vmware-mgmt"],
+ notify => Exec["restart-vmware-mgmt"],
}
exec { "restart-vmware-mgmt":
command => "/etc/init.d/vmware-mgmt restart && sleep 10",
@@ -73,21 +73,21 @@ class vmware::server::scripts {
include socat::package
define vmware::server::scripts::file {
- file { "/usr/local/sbin/${name}":
- ensure => present,
- source => "puppet:///modules/vmware/scripts/${name}",
- mode => 0755,
- owner => root,
- group => root,
- }
+ file { "/usr/local/sbin/${name}":
+ ensure => present,
+ source => "puppet:///modules/vmware/scripts/${name}",
+ mode => "0755",
+ owner => root,
+ group => root,
+ }
}
file { "/usr/local/lib/vmware.sh":
- ensure => present,
- source => "puppet:///modules/vmware/scripts/vmware.sh",
- mode => 0644,
- owner => root,
- group => root,
+ ensure => present,
+ source => "puppet:///modules/vmware/scripts/vmware.sh",
+ mode => "0644",
+ owner => root,
+ group => root,
}
vmware::server::scripts::file { "vmware-console": }
@@ -112,18 +112,18 @@ class vmware::server::vmfs {
include vmware::server
file { "/vmfs":
- ensure => directory,
- mode => 0755,
- owner => root,
- group => root,
- require => Package["VMware-server"],
+ ensure => directory,
+ mode => "0755",
+ owner => root,
+ group => root,
+ require => Package["VMware-server"],
}
file { "/vmfs/volumes":
- ensure => directory,
- mode => 0755,
- owner => root,
- group => root,
- require => File["/vmfs"],
+ ensure => directory,
+ mode => "0755",
+ owner => root,
+ group => root,
+ require => File["/vmfs"],
}
}
@@ -158,61 +158,61 @@ define vmware::server::datastore($device, $type = "auto", $options = "defaults")
if $type == "auto" {
$server = regsubst($device, '^([a-zA-Z0-9\-]+):(/.+)$', '\1')
- if $server == $device {
- $fstype = $type
- if $device == regsubst($device, '^(/dev/).+$', '\1') {
- $mountopts = "bind"
- }
- } else {
- $fstype = "nfs"
- $path = regsubst($device, '^([a-zA-Z0-9\-]+):(/.+)$', '\2')
- }
+ if $server == $device {
+ $fstype = $type
+ if $device == regsubst($device, '^(/dev/).+$', '\1') {
+ $mountopts = "bind"
+ }
+ } else {
+ $fstype = "nfs"
+ $path = regsubst($device, '^([a-zA-Z0-9\-]+):(/.+)$', '\2')
+ }
}
if !$mountopts {
- $mountopts = $options
+ $mountopts = $options
}
file { "/vmfs/volumes/${name}":
- ensure => directory,
- mode => $fstype ? {
- nfs => 0755,
- default => 0775,
+ ensure => directory,
+ mode => $fstype ? {
+ nfs => "0755",
+ default => "0775",
},
- owner => root,
- group => $fstype ? {
+ owner => root,
+ group => $fstype ? {
nfs => "root",
default => $real_vmware_admin_group,
},
- require => File["/vmfs/volumes"],
+ require => File["/vmfs/volumes"],
}
mount { "/vmfs/volumes/${name}":
- ensure => mounted,
- device => "${device}",
- fstype => "${fstype}",
- options => "${mountopts}",
- require => File["/vmfs/volumes/${name}"],
+ ensure => mounted,
+ device => $device,
+ fstype => $fstype,
+ options => $mountopts,
+ require => File["/vmfs/volumes/${name}"],
}
exec { "vmware-create-datastore-${name}":
- command => $fstype ? {
- nfs => "vmware-vim-cmd hostsvc/datastore/nas_create ${name} ${server} ${path} 0",
- default => "vmware-vim-cmd hostsvc/datastore/localds_create ${name} /vmfs/volumes/${name}",
- },
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- user => root,
- unless => "vmware-vim-cmd hostsvc/datastore/summary ${name}",
- require => [ Mount["/vmfs/volumes/${name}"],
- Service["vmware"], ],
- notify => Exec["vmware-refresh-datastore-${name}"],
+ command => $fstype ? {
+ nfs => "vmware-vim-cmd hostsvc/datastore/nas_create ${name} ${server} ${path} 0",
+ default => "vmware-vim-cmd hostsvc/datastore/localds_create ${name} /vmfs/volumes/${name}",
+ },
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ user => root,
+ unless => "vmware-vim-cmd hostsvc/datastore/summary ${name}",
+ require => [ Mount["/vmfs/volumes/${name}"],
+ Service["vmware"], ],
+ notify => Exec["vmware-refresh-datastore-${name}"],
}
exec { "vmware-refresh-datastore-${name}":
- command => "vmware-vim-cmd hostsvc/datastore/refresh ${name}",
- path => "/bin:/usr/bin:/sbin:/usr/sbin",
- user => root,
- refreshonly => true,
+ command => "vmware-vim-cmd hostsvc/datastore/refresh ${name}",
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ user => root,
+ refreshonly => true,
}
}
@@ -229,7 +229,7 @@ define vmware::server::datastore($device, $type = "auto", $options = "defaults")
# $device:
# Physical network device to bridge.
# $ensure:
-# Set to present to enable bridge and absent to disable it.
+# Set to present to enable bridge and absent to disable it.
#
# === Sample usage
#
@@ -243,35 +243,35 @@ define vmware::server::bridge($description, $device, $ensure = "present") {
$vmnet = regsubst($name, '^vmnet([0-9]+)$', '\1')
if $vmnet == $name {
- fail("Invalid vmnet device name.")
+ fail("Invalid vmnet device name.")
}
service { "${name}-bridge":
- ensure => $ensure ? {
- "present" => running,
- "absent" => stopped,
- },
- pattern => "/usr/bin/vmnet-bridge -d .* -n ${vmnet}",
- start => "/usr/bin/vmnet-bridge -d /var/run/vmnet-bridge-${vmnet}.pid -n ${vmnet} -i ${device}",
- stop => "pkill -f '/usr/bin/vmnet-bridge -d .* -n ${vmnet}'",
- provider => base,
- require => Exec["vmware-config.pl"],
+ ensure => $ensure ? {
+ "present" => running,
+ "absent" => stopped,
+ },
+ pattern => "/usr/bin/vmnet-bridge -d .* -n ${vmnet}",
+ start => "/usr/bin/vmnet-bridge -d /var/run/vmnet-bridge-${vmnet}.pid -n ${vmnet} -i ${device}",
+ stop => "pkill -f '/usr/bin/vmnet-bridge -d .* -n ${vmnet}'",
+ provider => base,
+ require => Exec["vmware-config.pl"],
}
vmware_config { "VNET_${vmnet}_NAME":
- ensure => $ensure ? {
- absent => absent,
- present => "${description}",
- },
- require => Exec["vmware-config.pl"],
+ ensure => $ensure ? {
+ absent => absent,
+ present => $description,
+ },
+ require => Exec["vmware-config.pl"],
}
vmware_config { "VNET_${vmnet}_INTERFACE":
- ensure => $ensure ? {
- absent => absent,
- present => "${device}",
- },
- notify => Service["${name}-bridge"],
- require => Exec["vmware-config.pl"],
+ ensure => $ensure ? {
+ absent => absent,
+ present => $device,
+ },
+ notify => Service["${name}-bridge"],
+ require => Exec["vmware-config.pl"],
}
}
diff --git a/vsroom/manifests/init.pp b/vsroom/manifests/init.pp
index df50e47..48d9915 100644
--- a/vsroom/manifests/init.pp
+++ b/vsroom/manifests/init.pp
@@ -25,7 +25,7 @@ class vsroom {
file { "/usr/local/src/vsroom.tar.gz":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
source => "puppet:///files/packages/${vsroom_package}",
@@ -44,22 +44,22 @@ class vsroom {
realize(User["vsroom"], Group["vsroom"])
if $vsroom_datadir {
- file { "${vsroom_datadir}":
+ file { $vsroom_datadir:
ensure => directory,
- mode => 0750,
+ mode => "0750",
owner => "root",
group => "vsroom",
}
file { "/var/lib/vsroom":
ensure => link,
- target => "${vsroom_datadir}",
- require => File["${vsroom_datadir}"],
+ target => $vsroom_datadir,
+ require => File[$vsroom_datadir],
}
} else {
file { "/var/lib/vsroom":
ensure => directory,
- mode => 0750,
+ mode => "0750",
owner => "root",
group => "vsroom",
}
@@ -72,7 +72,7 @@ class vsroom {
file { "${htdocs}/config.json":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
source => [ "puppet:///files/vsroom/config.json.${fqdn}",
diff --git a/wiki/manifests/init.pp b/wiki/manifests/init.pp
index 67d6007..338f2a9 100644
--- a/wiki/manifests/init.pp
+++ b/wiki/manifests/init.pp
@@ -14,17 +14,17 @@ class wiki::moin {
file { "/usr/local/src/moin.tar.gz":
ensure => present,
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
source => "puppet:///files/packages/${moin_package}",
links => follow,
}
file { "/usr/local/src/moin.patch":
ensure => present,
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
source => "puppet:///files/packages/${moin_patch}",
links => follow,
}
@@ -49,7 +49,7 @@ class wiki::moin {
file { "${shared}/htdocs/.htaccess":
ensure => present,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
content => "SetHandler None\n",
@@ -73,7 +73,7 @@ class wiki::graphingwiki::common {
file { "/usr/local/src/graphingwiki.tar.gz":
ensure => directory,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => $operatingsystem ? {
"openbsd" => "wheel",
@@ -149,11 +149,13 @@ class wiki::collab::base {
include graphviz::python
include ldap::client::python
+ include apache::sslserver
include apache::mod::authnz_ldap
include apache::mod::ldap
include apache::mod::rewrite
include apache::mod::wsgi
+ include wiki::moin
include wiki::graphingwiki
include wiki::opencollab
include wiki::collab
@@ -169,24 +171,24 @@ class wiki::collab::base {
}
if $wiki_datadir {
- file { "${wiki_datadir}":
+ file { $wiki_datadir:
ensure => directory,
- mode => 0755,
- owner => root,
- group => root,
+ mode => "0755",
+ owner => "root",
+ group => "root",
}
file { "/srv/wikis":
ensure => link,
- target => "${wiki_datadir}",
- require => File["${wiki_datadir}"],
+ target => $wiki_datadir,
+ require => File[$wiki_datadir],
}
} else {
file { "/srv/wikis":
ensure => directory,
- mode => 0755,
- owner => root,
- group => root,
+ mode => "0755",
+ owner => "root",
+ group => "root",
}
}
@@ -202,29 +204,28 @@ class wiki::collab::base {
"/srv/wikis/collab/wikis",
"/srv/wikis/collab/run", ]:
ensure => directory,
- mode => 2660,
- owner => collab,
- group => collab,
+ mode => "2660",
+ owner => "collab",
+ group => "collab",
require => [ File["/srv/wikis"], User["collab"], Group["collab"],
Python::Setup::Install["/usr/local/src/graphingwiki/collab"],
Python::Setup::Install["/usr/local/src/moin"], ],
}
exec { "collab-copy-underlay":
- user => collab,
- group => collab,
+ user => "root",
path => "/bin:/usr/bin:/sbin:/usr/sbin",
cwd => "${wiki::moin::shared}/underlay",
- command => "cp -R pages /srv/wikis/collab/underlay && chmod -R g=u,o-rwx /srv/wikis/collab/underlay",
+ command => "cp -R pages /srv/wikis/collab/underlay && chmod -R g=u,o-rwx /srv/wikis/collab/underlay && chown -R collab:collab /srv/wikis/collab/underlay",
creates => "/srv/wikis/collab/underlay/pages",
require => File["/srv/wikis/collab/underlay"],
}
file { "/srv/wikis/collab/config/collabfarm.py":
ensure => present,
- mode => 0660,
- owner => collab,
- group => collab,
+ mode => "0660",
+ owner => "collab",
+ group => "collab",
source => [ "puppet:///private/wiki/collabfarm.py",
"puppet:///files/wiki/collabfarm.py",
"/usr/local/src/graphingwiki/collab/config/collabfarm.py", ],
@@ -234,9 +235,9 @@ class wiki::collab::base {
file { "/srv/wikis/collab/config/intermap.txt":
ensure => present,
- mode => 0660,
- owner => collab,
- group => collab,
+ mode => "0660",
+ owner => "collab",
+ group => "collab",
source => "/usr/local/src/graphingwiki/collab/config/intermap.txt",
replace => false,
require => File["/srv/wikis/collab/config"],
@@ -244,9 +245,9 @@ class wiki::collab::base {
file { "/srv/wikis/collab/config/logging.conf":
ensure => present,
- mode => 0660,
- owner => collab,
- group => collab,
+ mode => "0660",
+ owner => "collab",
+ group => "collab",
source => "/usr/local/src/graphingwiki/collab/config/logging.conf",
replace => false,
require => File["/srv/wikis/collab/config"],
@@ -254,9 +255,9 @@ class wiki::collab::base {
file { "/srv/wikis/collab/htdocs/.htaccess":
ensure => present,
- mode => 0660,
- owner => collab,
- group => collab,
+ mode => "0660",
+ owner => "collab",
+ group => "collab",
source => "puppet:///modules/wiki/htaccess",
replace => false,
require => File["/srv/wikis/collab/htdocs"],
@@ -264,9 +265,9 @@ class wiki::collab::base {
file { [ "/etc/local", "/etc/local/collab" ]:
ensure => directory,
- mode => 0755,
- owner => root,
- group => root,
+ mode => "0755",
+ owner => "root",
+ group => "root",
}
if $collab_jabberdomain and !$collab_conferencedomain {
@@ -275,9 +276,9 @@ class wiki::collab::base {
file { "/etc/local/collab/collab.ini":
ensure => present,
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
content => template("wiki/collab.ini.erb"),
require => File["/etc/local/collab"],
}
@@ -291,6 +292,28 @@ class wiki::collab::base {
source => "puppet:///modules/wiki/collab-httpd.conf",
}
+ exec { "collab-create collab collab":
+ path => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin",
+ cwd => "/",
+ user => "collab",
+ group => "collab",
+ creates => "/srv/wikis/collab/wikis/collab",
+ require => [ File["/etc/local/collab/collab.ini"],
+ Class["wiki::collab"],
+ File["/srv/wikis/collab/wikis"],
+ File["/srv/wikis/collab/htdocs/.htaccess"],
+ Exec["collab-copy-underlay"], ],
+ }
+ exec { "collab-account-create -f -r collab":
+ path => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin",
+ cwd => "/",
+ user => "collab",
+ group => "collab",
+ unless => "egrep '^name=collab$' /srv/wikis/collab/user/*",
+ require => Exec["collab-create collab collab"],
+ before => Cron["collab-htaccess"],
+ }
+
cron { "collab-htaccess":
ensure => present,
command => $operatingsystem ? {
diff --git a/yum/manifests/init.pp b/yum/manifests/init.pp
index f15a61d..c73a999 100644
--- a/yum/manifests/init.pp
+++ b/yum/manifests/init.pp
@@ -12,9 +12,9 @@ class yum::updatesd {
source => [ "puppet:///files/yum/yum-updatesd.conf.${fqdn}",
"puppet:///files/yum/yum-updatesd.conf",
"puppet:///modules/yum/yum-updatesd.conf", ],
- mode => 0644,
- owner => root,
- group => root,
+ mode => "0644",
+ owner => "root",
+ group => "root",
notify => Service["yum-updatesd"],
}
@@ -121,7 +121,7 @@ define yum::repo($baseurl="", $mirrorlist="", $descr="", $gpgkey="") {
file { "/etc/pki/rpm-gpg/RPM-GPG-KEY-${name}":
ensure => present,
source => $gpgkey,
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
before => File["/etc/yum.repos.d/${name}.repo"],
@@ -140,7 +140,7 @@ define yum::repo($baseurl="", $mirrorlist="", $descr="", $gpgkey="") {
file { "/etc/yum.repos.d/${name}.repo":
ensure => present,
content => template("yum/yum.repo.erb"),
- mode => 0644,
+ mode => "0644",
owner => "root",
group => "root",
}