From b6646161ded4e3fa033b6aa77d1f6f41ddf449ab Mon Sep 17 00:00:00 2001 From: Ossi Salmi Date: Wed, 14 Mar 2012 15:25:21 +0200 Subject: [PATCH 01/26] Fixed updating analyzer and recorder in clarified module --- clarified/manifests/init.pp | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/clarified/manifests/init.pp b/clarified/manifests/init.pp index 8fbb8d9..fe1c3f2 100644 --- a/clarified/manifests/init.pp +++ b/clarified/manifests/init.pp @@ -20,6 +20,13 @@ class clarified::analyzer { source => "puppet:///files/packages/${clarified_analyzer_package}", before => Exec["/usr/local/src/clarified-analyzer-linux-i686.sh"], } + exec { "rm -f /usr/local/clarified-analyzer": + path => "/bin:/usr/bin:/sbin:/usr/sbin", + onlyif => "test -h /usr/local/clarified-analyzer", + subscribe => File["/usr/local/src/clarified-analyzer-linux-i686.sh"], + before => Exec["/usr/local/src/clarified-analyzer-linux-i686.sh"], + refreshonly => true, + } exec { "/usr/local/src/clarified-analyzer-linux-i686.sh": creates => "/usr/local/clarified-analyzer", } @@ -88,6 +95,14 @@ class clarified::recorder { source => "puppet:///files/packages/${clarified_recorder_package}", before => Exec["/usr/local/src/clarified-recorder-linux-i686.sh"], } + exec { "rm -f /usr/local/probe": + path => "/bin:/usr/bin:/sbin:/usr/sbin", + onlyif => "test -h /usr/local/probe", + subscribe => File["/usr/local/src/clarified-recorder-linux-i686.sh"], + before => Exec["/usr/local/src/clarified-recorder-linux-i686.sh"], + notify => Service["clarified-probe"], + refreshonly => true, + } exec { "/usr/local/src/clarified-recorder-linux-i686.sh": creates => "/usr/local/probe", } From c472f5250a80e6796f8b7ad50b704d0b78b4f59b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Wed, 21 Mar 2012 15:48:56 +0200 Subject: [PATCH 02/26] Cleanup for DNS master zone config file. --- dns/templates/zone.master.erb | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/dns/templates/zone.master.erb b/dns/templates/zone.master.erb index 942b498..c3a1a06 100644 --- a/dns/templates/zone.master.erb +++ b/dns/templates/zone.master.erb @@ -1,14 +1,20 @@ zone "<%= zone %>" { type master; - <% if zone.match(/\//) %> +<% if zone.match(/\//) -%> file "<%= zonedir %>/db.<%= zone.sub(/\//, '-') %>"; - <% else %> +<% else -%> file "<%= zonedir %>/db.<%= zone %>"; - <% end -%> +<% end -%> allow-transfer { - <% slaves.each_pair do |k, v| -%> +<% if slaves != [] -%> +<% slaves.each_pair do |k, v| -%> <%= v['ip'] %>; - <% end -%> +<% end -%> +<% else -%> + none; +<% end -%> + }; + allow-update { + none; }; - allow-update { none; }; }; From 9bd88b5f4eedc3a9181729228f6ba15f41a5f181 Mon Sep 17 00:00:00 2001 From: Ossi Salmi Date: Wed, 21 Mar 2012 16:08:58 +0200 Subject: [PATCH 03/26] Disable PEERDNS in ntpd class on CentOS and Fedora --- ntpd/manifests/init.pp | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/ntpd/manifests/init.pp b/ntpd/manifests/init.pp index 6550a01..950a1f5 100644 --- a/ntpd/manifests/init.pp +++ b/ntpd/manifests/init.pp @@ -34,6 +34,15 @@ class ntpd { } } + case $operatingsystem { + "centos","fedora": { + augeas { "disable-peerntp": + context => "/files/etc/sysconfig/network", + changes => "set PEERNTP no", + } + } + } + } From b8534b568b0c71ec12c09daa73ad945b89591db6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Wed, 21 Mar 2012 17:29:24 +0200 Subject: [PATCH 04/26] Initial version of netcat module. --- netcat/manifests/init.pp | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 netcat/manifests/init.pp diff --git a/netcat/manifests/init.pp b/netcat/manifests/init.pp new file mode 100644 index 0000000..409f32f --- /dev/null +++ b/netcat/manifests/init.pp @@ -0,0 +1,16 @@ + +# Install netcat +# +class netcat { + + if $operatingsystem != "OpenBSD" { + package { "netcat": + name => $operatingsystem ? { + "ubuntu" => "netcat", + default => "nc", + }, + ensure => present, + } + } + +} From 34be570ebc6be506901f43febfbe9f9fab9a79eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Thu, 22 Mar 2012 10:49:37 +0200 Subject: [PATCH 05/26] Fixed dns::server package name for CentOS 5. --- dns/manifests/init.pp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/dns/manifests/init.pp b/dns/manifests/init.pp index e6cba45..9d2c853 100644 --- a/dns/manifests/init.pp +++ b/dns/manifests/init.pp @@ -6,6 +6,10 @@ class dns::server { package { "bind": name => $operatingsystem ? { "ubuntu" => "bind9", + "centos" => $operatingsystemrelease ? { + /^5\..*/ => [ "bind-chroot", "caching-nameserver", ], + default => "bind-chroot", + }, default => "bind-chroot", } } From 4cb660dcaf84be85af5f8623fa2edf62ca1c9d8f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Thu, 22 Mar 2012 11:41:20 +0200 Subject: [PATCH 06/26] Refactored dns::server class. --- dns/files/named.conf.local | 2 + dns/files/named.conf.options | 9 ++ dns/manifests/init.pp | 143 ++++++++++++++--------- dns/templates/generate-named-conf.sh.erb | 58 +++++++++ dns/templates/named.conf.local.erb | 32 ----- dns/templates/named.conf.options.erb | 30 ----- dns/templates/zone.master.erb | 2 +- 7 files changed, 155 insertions(+), 121 deletions(-) create mode 100644 dns/files/named.conf.local create mode 100644 dns/files/named.conf.options create mode 100644 dns/templates/generate-named-conf.sh.erb delete mode 100644 dns/templates/named.conf.local.erb delete mode 100644 dns/templates/named.conf.options.erb diff --git a/dns/files/named.conf.local b/dns/files/named.conf.local new file mode 100644 index 0000000..cc1b8a2 --- /dev/null +++ b/dns/files/named.conf.local @@ -0,0 +1,2 @@ +acl trusted { localhost; localnets; }; +acl nameservers { localhost; }; diff --git a/dns/files/named.conf.options b/dns/files/named.conf.options new file mode 100644 index 0000000..b683553 --- /dev/null +++ b/dns/files/named.conf.options @@ -0,0 +1,9 @@ + +options { + listen-on { any; }; + listen-on-v6 { none; }; + + allow-query { any; }; + allow-recursion { trusted; }; + allow-transfer { nameservers; }; +}; diff --git a/dns/manifests/init.pp b/dns/manifests/init.pp index 9d2c853..21e3910 100644 --- a/dns/manifests/init.pp +++ b/dns/manifests/init.pp @@ -15,32 +15,43 @@ class dns::server { } } + # first set per os paths case $operatingsystem { "fedora": { - $chroot = "" $confdir = "/etc/named" } "centos": { case $operatingsystemrelease { /^5\..*/: { $chroot = "/var/named/chroot" - $confdir = "/etc" } default: { - $chroot = "" $confdir = "/etc/named" } } } "ubuntu": { - $chroot = "" $confdir = "/etc/bind" + $config = "${confdir}/named.conf" + $rndckey = "${confdir}/rndc.key" } - default: { + "openbsd": { $chroot = "/var/named" - $confdir = "/etc" } } + # if some var is not set use default value + if !$confdir { + $confdir = "/etc" + } + if !$config { + $config = "/etc/named.conf" + } + if !$rndckey { + $rndckey = "/etc/rndc.key" + } + if !$chroot { + $chroot = "" + } case $operatingsystem { "ubuntu": { @@ -51,7 +62,7 @@ class dns::server { } } - file { "${chroot}${confdir}/rndc.key": + file { "${chroot}${rndckey}": ensure => present, mode => 0640, owner => "root", @@ -67,12 +78,13 @@ class dns::server { default => "rndc-confgen -r /dev/urandom -a -t ${chroot}", }, path => "/bin:/usr/bin:/sbin:/usr/sbin", - unless => "test -s ${chroot}${confdir}/rndc.key", - require => File["${chroot}${confdir}/rndc.key"], + unless => "test -s ${chroot}${rndckey}", + require => File["${chroot}${rndckey}"], } if "${chroot}" != "" { file { "/etc/rndc.key": - ensure => "${chroot}${confdir}/rndc.key", + ensure => link, + target => "${chroot}${rndckey}", owner => "root", group => $group, require => Exec["rndc-confgen"], @@ -98,51 +110,66 @@ class dns::server { require => Exec["rndc-confgen"], } - case $operatingsystem { - "ubuntu": { - $ipaddr = $dns_listener_ipaddr - file { "${chroot}${confdir}/named.conf.local": - ensure => present, - content => template("dns/named.conf.local.erb"), - mode => 0640, - owner => "root", - group => $group, - require => Package["bind"], - notify => Service["named"], - } - file { "${chroot}${confdir}/named.conf.options": - ensure => present, - content => template("dns/named.conf.options.erb"), - mode => 0640, - owner => "root", - group => $group, - require => Package["bind"], - notify => Service["named"], - } - } - default: { - file { "named.conf": - path => $operatingsystem ? { - "centos" => $operatingsystemrelease ? { - /^5\..*/ => "${chroot}${confdir}/named.conf", - default => "/etc/named.conf", - }, - "fedora" => "/etc/named.conf", - default => "${chroot}${confdir}/named.conf", - }, - ensure => present, - source => [ "puppet:///files/dns/named.conf.${fqdn}", - "puppet:///files/dns/named.conf", ], - mode => 0640, - owner => "root", - group => $group, - require => $operatingsystem ? { - openbsd => undef, - default => Package["bind"], - }, - notify => Service["named"], - } - } + file { "named.conf": + path => "${chroot}${config}", + ensure => present, + mode => 0640, + owner => "root", + group => $group, + require => $operatingsystem ? { + "openbsd" => undef, + default => Package["bind"], + }, + notify => Exec["generate-named-conf"], + } + file { "/usr/local/sbin/generate-named-conf.sh": + ensure => present, + content => template("dns/generate-named-conf.sh.erb"), + mode => 0755, + owner => "root", + group => $operatingsystem ? { + "openbsd" => "wheel", + default => "root", + }, + notify => Exec["generate-named-conf"], + } + exec { "generate-named-conf": + command => "/usr/local/sbin/generate-named-conf.sh > ${chroot}${config}", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + user => "root", + refreshonly => true, + require => File["/usr/local/sbin/generate-named-conf.sh"], + notify => Service["named"], + } + + file { "${chroot}${confdir}/named.conf.options": + ensure => present, + source => [ "puppet:///files/dns/named.conf.options.${fqdn}", + "puppet:///files/dns/named.conf.options", + "puppet:///modules/dns/named.conf.options", ], + mode => 0640, + owner => "root", + group => $group, + require => $operatingsystem ? { + "openbsd" => undef, + default => Package["bind"], + }, + notify => Service["named"], + } + + file { "${chroot}${confdir}/named.conf.local": + ensure => present, + source => [ "puppet:///files/dns/named.conf.local.${fqdn}", + "puppet:///files/dns/named.conf.local", + "puppet:///modules/dns/named.conf.local", ], + mode => 0640, + owner => "root", + group => $group, + require => $operatingsystem ? { + "openbsd" => undef, + default => Package["bind"], + }, + notify => Service["named"], } } @@ -208,10 +235,10 @@ define dns::zone($role = "master", $master = [], $slaves = [], $source = "AUTO") "openbsd" => undef, default => Package["bind"], }, - notify => Service["named"], + notify => Exec["generate-named-conf"], } - if $role == "master" { + if $role == "master" and $zone != "." { if $source != "AUTO" { file { "${dns::server::chroot}${zonedir}/db.${zonefile}": ensure => present, @@ -223,7 +250,7 @@ define dns::zone($role = "master", $master = [], $slaves = [], $source = "AUTO") "openbsd" => undef, default => Package["bind"], }, - notify => Service["named"], + notify => Exec["generate-named-conf"], } } else { file { "${dns::server::chroot}${zonedir}/db.${zonefile}": diff --git a/dns/templates/generate-named-conf.sh.erb b/dns/templates/generate-named-conf.sh.erb new file mode 100644 index 0000000..53daf33 --- /dev/null +++ b/dns/templates/generate-named-conf.sh.erb @@ -0,0 +1,58 @@ +#!/bin/sh + +chroot="<%= chroot %>" +confdir="<%= confdir %>" +operatingsystem="<%= operatingsystem %>" + +cat < - <%= network %>; -<% end -%> - localhost; -}; - -<% dns_zones.each do |zone| -%> - <% if zone.match(/\//) %> - include "/etc/bind/zone.<%= zone.sub(/\//, '-') %>"; - <% else %> - include "/etc/bind/zone.<%= zone %>"; - <% end -%> -<% end -%> - -// Consider adding the 1918 zones here, if they are not used in your -// organization -//include "/etc/bind/zones.rfc1918"; - diff --git a/dns/templates/named.conf.options.erb b/dns/templates/named.conf.options.erb deleted file mode 100644 index adbc1ba..0000000 --- a/dns/templates/named.conf.options.erb +++ /dev/null @@ -1,30 +0,0 @@ -options { - listen-on { any; }; - listen-on-v6 { none; }; - allow-transfer { xfer; }; - allow-recursion { - trusted; - }; - # recursion yes; - directory "/var/cache/bind"; - // If there is a firewall between you and nameservers you want - // to talk to, you might need to uncomment the query-source - // directive below. Previous versions of BIND always asked - // questions using port 53, but BIND 8.1 and later use an unprivileged - // port by default. - - // query-source address * port 53; - - // If your ISP provided one or more IP addresses for stable - // nameservers, you probably want to use them as forwarders. - // Uncomment the following block, and insert the addresses replacing - // the all-0's placeholder. - - // forwarders { - // 0.0.0.0; - // }; - - auth-nxdomain no; # conform to RFC1035 - version ""; // remove this to allow version queries -}; - diff --git a/dns/templates/zone.master.erb b/dns/templates/zone.master.erb index c3a1a06..a85ded6 100644 --- a/dns/templates/zone.master.erb +++ b/dns/templates/zone.master.erb @@ -11,7 +11,7 @@ zone "<%= zone %>" { <%= v['ip'] %>; <% end -%> <% else -%> - none; + nameservers; <% end -%> }; allow-update { From 9ab2bf1bfd4cd5bfdc643ec9579e29af35083547 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Thu, 22 Mar 2012 12:27:10 +0200 Subject: [PATCH 07/26] Changed slave zone handling from dns module. --- dns/manifests/init.pp | 10 ++++++++-- dns/templates/zone.slave.erb | 10 ++++------ 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/dns/manifests/init.pp b/dns/manifests/init.pp index 21e3910..2e613d8 100644 --- a/dns/manifests/init.pp +++ b/dns/manifests/init.pp @@ -183,13 +183,16 @@ class dns::server { # $role: # The role {master, slave} of this host. # $master: -# IP address and FQDN or hostname of the DNS master for this zone. +# IP address of DNS master for this zone if role is slave. +# IP address and FQDN of DNS master for this zone if running as +# master and using autogenerated zone. # $slaves: # IP addresess and host names of the DNS slaves for this zone. +# Required only when using autogenrated zones. # $source: # Source file to use for zone. Defaults to auto. # -define dns::zone($role = "master", $master = [], $slaves = [], $source = "AUTO") { +define dns::zone($role = "master", $master = "", $slaves = [], $source = "AUTO") { $zone = $name case $role { @@ -207,6 +210,9 @@ define dns::zone($role = "master", $master = [], $slaves = [], $source = "AUTO") } } "slave": { + if $master == "" { + fail("No master defined for dns::zone '${name}'") + } case $operatingsystem { "openbsd": { $zonedir = "/slave" diff --git a/dns/templates/zone.slave.erb b/dns/templates/zone.slave.erb index 87e34e5..f8a3c2f 100644 --- a/dns/templates/zone.slave.erb +++ b/dns/templates/zone.slave.erb @@ -1,12 +1,10 @@ zone "<%= zone %>" { type slave; - <% if zone.match(/\//) %> +<% if zone.match(/\//) %> file "<%= zonedir %>/db.<%= zone.sub(/\//, '-') %>"; - <% else %> +<% else -%> file "<%= zonedir %>/db.<%= zone %>"; - <% end -%> - <% master.each_pair do |k, v| -%> - masters { <%= v['ip'] %>; }; - <% end -%> +<% end -%> + masters { <%= master %>; }; allow-transfer { none; }; }; From 9c58553bf528655a7186adcb42400fe79636e528 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Thu, 22 Mar 2012 14:04:44 +0200 Subject: [PATCH 08/26] Removed kludge for OpenBSD samba install. --- samba/manifests/init.pp | 4 ---- 1 file changed, 4 deletions(-) diff --git a/samba/manifests/init.pp b/samba/manifests/init.pp index 7c4a1e2..5aa0e9e 100644 --- a/samba/manifests/init.pp +++ b/samba/manifests/init.pp @@ -3,10 +3,6 @@ class samba::server { package { "samba": - name => $operatingsystem ? { - "openbsd" => "samba-3.5.4p3", - default => "samba", - }, ensure => installed, } From c31e4360f409cb6f8867220d7e2cbfb79ed7b7da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Fri, 23 Mar 2012 08:33:18 +0200 Subject: [PATCH 09/26] Added apt::ppa which installs Ubuntu PPA archives. --- apt/manifests/init.pp | 56 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/apt/manifests/init.pp b/apt/manifests/init.pp index 6b2e4f7..0f01a3b 100644 --- a/apt/manifests/init.pp +++ b/apt/manifests/init.pp @@ -16,6 +16,62 @@ class apt { } +# Install common packages for using PPA's. +# +class apt::ppa::helper { + + package { "python-software-properties": + ensure => installed, + } + +} + + +# Add PPA archive to system. +# +# === Parameters +# +# $name: +# PPA name. Needs to be in format "ppa:user/ppa-name". +# +# $ensure: +# Ensure archive is absent or present. Defaults to present. +# +# === Sample usage +# +# apt::ppa { "ppa:igraph/ppa": } +# +define apt::ppa($ensure = "present") { + + tag("bootstrap") + + include apt::ppa::helper + $fname = gsub($name, "^ppa:([^\/]+)\/(.+)", "\\1-\\2-${lsbdistcodename}.list") + + case $ensure { + "present": { + exec { "add-apt-repository ${name}": + path => "/bin:/usr/bin:/sbin:/usr/sbin", + user => "root", + creates => $fname, + require => Package["python-software-properties"], + notify => Exec["apt-get-update"], + } + } + "absent": { + file { $fname: + ensure => absent, + notify => Exec["apt-get-update"], + } + } + default: { + fail("test") + } + } + +} + + # Configure /etc/apt/sources.list # # === Global variables From d779ddfc402594628935088fd0da9a73458539a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Fri, 23 Mar 2012 09:25:59 +0200 Subject: [PATCH 10/26] Fixed typos from apt::ppa. --- apt/manifests/init.pp | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/apt/manifests/init.pp b/apt/manifests/init.pp index 0f01a3b..69ff71f 100644 --- a/apt/manifests/init.pp +++ b/apt/manifests/init.pp @@ -45,21 +45,22 @@ define apt::ppa($ensure = "present") { tag("bootstrap") + include apt include apt::ppa::helper - $fname = gsub($name, "^ppa:([^\/]+)\/(.+)", "\\1-\\2-${lsbdistcodename}.list") + $fname = regsubst($name, "^ppa:([^\/]+)\/(.+)", "\\1-\\2-${lsbdistcodename}.list") case $ensure { "present": { exec { "add-apt-repository ${name}": path => "/bin:/usr/bin:/sbin:/usr/sbin", user => "root", - creates => $fname, + creates => "/etc/apt/sources.list.d/${fname}", require => Package["python-software-properties"], notify => Exec["apt-get-update"], } } "absent": { - file { $fname: + file { "/etc/apt/sources.list.d/${fname}": ensure => absent, notify => Exec["apt-get-update"], } From b2eb69c98ddf2429be6e690ee7f93e72b8201882 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Fri, 23 Mar 2012 09:26:29 +0200 Subject: [PATCH 11/26] Fixed some depencies from wiki::collab::base. --- wiki/manifests/init.pp | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/wiki/manifests/init.pp b/wiki/manifests/init.pp index 67d6007..03733e4 100644 --- a/wiki/manifests/init.pp +++ b/wiki/manifests/init.pp @@ -149,11 +149,13 @@ class wiki::collab::base { include graphviz::python include ldap::client::python + include apache::sslserver include apache::mod::authnz_ldap include apache::mod::ldap include apache::mod::rewrite include apache::mod::wsgi + include wiki::moin include wiki::graphingwiki include wiki::opencollab include wiki::collab @@ -211,11 +213,10 @@ class wiki::collab::base { } exec { "collab-copy-underlay": - user => collab, - group => collab, + user => "root", path => "/bin:/usr/bin:/sbin:/usr/sbin", cwd => "${wiki::moin::shared}/underlay", - command => "cp -R pages /srv/wikis/collab/underlay && chmod -R g=u,o-rwx /srv/wikis/collab/underlay", + command => "cp -R pages /srv/wikis/collab/underlay && chmod -R g=u,o-rwx /srv/wikis/collab/underlay && chown -R collab:collab /srv/wikis/collab/underlay", creates => "/srv/wikis/collab/underlay/pages", require => File["/srv/wikis/collab/underlay"], } From cfc09068b94e46d1b638f3388c1aab0efa2eafb9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Fri, 23 Mar 2012 12:37:58 +0200 Subject: [PATCH 12/26] Fixed /sbin/nologin shell from Ubuntu. --- user/manifests/init.pp | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/user/manifests/init.pp b/user/manifests/init.pp index 156b7c0..c98c763 100644 --- a/user/manifests/init.pp +++ b/user/manifests/init.pp @@ -7,11 +7,22 @@ class user::system { mode => 0755, owner => "root", group => $operatingsystem ? { - openbsd => "wheel", - default => "root", + "openbsd" => "wheel", + default => "root", }, } + case $operatingsystem { + "ubuntu": { + file { "/sbin/nologin": + ensure => link, + target => "/usr/sbin/nologin", + owner => "root", + group => "root", + } + } + } + User { require => File["/var/empty"], } From 06f2527d92d9444238a51b1b182377d5754c7646 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Fri, 23 Mar 2012 12:39:43 +0200 Subject: [PATCH 13/26] Added base collab and user creation to wiki::collab::base. --- wiki/manifests/init.pp | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/wiki/manifests/init.pp b/wiki/manifests/init.pp index 03733e4..63ee207 100644 --- a/wiki/manifests/init.pp +++ b/wiki/manifests/init.pp @@ -292,6 +292,28 @@ class wiki::collab::base { source => "puppet:///modules/wiki/collab-httpd.conf", } + exec { "collab-create collab collab": + path => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin", + cwd => "/", + user => "collab", + group => "collab", + creates => "/srv/wikis/collab/wikis/collab", + require => [ File["/etc/local/collab/collab.ini"], + Class["wiki::collab"], + File["/srv/wikis/collab/wikis"], + File["/srv/wikis/collab/htdocs/.htaccess"], + Exec["collab-copy-underlay"], ], + } + exec { "collab-account-create -f -r collab": + path => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin", + cwd => "/", + user => "collab", + group => "collab", + unless => "egrep '^name=collab$' /srv/wikis/collab/user/*", + require => Exec["collab-create collab collab"], + before => Cron["collab-htaccess"], + } + cron { "collab-htaccess": ensure => present, command => $operatingsystem ? { From 406f57a2d1a3e1526baed07fe02e9ecf07324e24 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Mon, 26 Mar 2012 20:21:25 +0300 Subject: [PATCH 14/26] Forced all.log file creation in syslog::client. syslogd didn't create it automatically. --- syslog/manifests/init.pp | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/syslog/manifests/init.pp b/syslog/manifests/init.pp index 6f8dbfc..c50cf59 100644 --- a/syslog/manifests/init.pp +++ b/syslog/manifests/init.pp @@ -90,6 +90,14 @@ class syslog::client::syslogd { } } + file { "/var/log/all.log": + ensure => present, + mode => 0640, + owner => "root", + group => $group, + notify => Service["syslogd"], + } + file { "/etc/syslog.conf": ensure => present, content => template("syslog/syslog.conf.$operatingsystem.erb", From 2f83cb7d4a850221f7714904e7829cc27d4826af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Tue, 27 Mar 2012 12:17:24 +0300 Subject: [PATCH 15/26] Added make lint support. --- Makefile | 3 +++ Rakefile | 4 ++++ 2 files changed, 7 insertions(+) create mode 100644 Rakefile diff --git a/Makefile b/Makefile index 860df25..b59d825 100644 --- a/Makefile +++ b/Makefile @@ -36,6 +36,9 @@ check-all: fi \ done +lint: + @rake lint + rdoc: $(MANIFESTS) mkdir .$$$$ ; \ puppetdoc --mode rdoc --outputdir rdoc --modulepath . --manifestdir .$$$$ ; \ diff --git a/Rakefile b/Rakefile new file mode 100644 index 0000000..e39558b --- /dev/null +++ b/Rakefile @@ -0,0 +1,4 @@ + +require 'puppet-lint/tasks/puppet-lint' +PuppetLint.configuration.send('disable_double_quoted_strings') + From 34c36045fa6e459b715d9ada7c00c847ad3b4e5e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Tue, 27 Mar 2012 14:41:39 +0300 Subject: [PATCH 16/26] Fixing puppet-lint errors. --- abusehelper/manifests/init.pp | 6 +- alpine/manifests/init.pp | 8 +- amanda/manifests/init.pp | 4 +- apache/manifests/debian.pp | 22 +-- apache/manifests/init.pp | 54 +++--- apache/manifests/redhat.pp | 26 +-- apcupsd/manifests/init.pp | 8 +- apt/manifests/init.pp | 2 +- autofs/manifests/init.pp | 28 +-- avahi/manifests/init.pp | 4 +- backuppc/manifests/init.pp | 102 +++++----- clarified/manifests/init.pp | 6 +- cups/manifests/init.pp | 112 +++++------ custom/manifests/init.pp | 42 ++--- dhcp/manifests/init.pp | 90 ++++----- dns/manifests/init.pp | 8 +- dovecot/manifests/init.pp | 2 +- ejabberd/manifests/init.pp | 6 +- func/manifests/init.pp | 6 +- git/manifests/init.pp | 10 +- hastymail/manifests/init.pp | 10 +- inetd/manifests/init.pp | 50 ++--- irc/manifests/init.pp | 2 +- iscsi/manifests/init.pp | 94 +++++----- kerberos/manifests/init.pp | 76 ++++---- ldap/manifests/init.pp | 46 ++--- lynx/manifests/init.pp | 2 +- mercurial/manifests/init.pp | 4 +- munin/manifests/init.pp | 262 +++++++++++++------------- mutt/manifests/init.pp | 8 +- mysql/manifests/init.pp | 46 ++--- mythtv/manifests/init.pp | 3 +- network/manifests/init.pp | 338 +++++++++++++++++----------------- nfs/manifests/init.pp | 46 ++--- nginx/manifests/init.pp | 2 +- openvpn/manifests/init.pp | 6 +- psacct/manifests/init.pp | 2 +- puppet/manifests/init.pp | 24 +-- python/manifests/init.pp | 2 +- rsync/manifests/init.pp | 2 +- samba/manifests/init.pp | 32 ++-- saslauthd/manifests/init.pp | 7 +- selinux/manifests/init.pp | 8 +- sendmail/manifests/init.pp | 30 +-- smolt/manifests/init.pp | 2 +- ssh/manifests/init.pp | 4 +- ssl/manifests/init.pp | 10 +- svn/manifests/init.pp | 6 +- sysctl/manifests/init.pp | 12 +- syslog/manifests/init.pp | 2 +- tftp/manifests/init.pp | 10 +- time/manifests/init.pp | 15 +- user/manifests/init.pp | 18 +- util/manifests/init.pp | 18 +- vmware/manifests/guest.pp | 18 +- vmware/manifests/player.pp | 2 +- vmware/manifests/server.pp | 208 ++++++++++----------- vsroom/manifests/init.pp | 6 +- wiki/manifests/init.pp | 6 +- 59 files changed, 995 insertions(+), 990 deletions(-) diff --git a/abusehelper/manifests/init.pp b/abusehelper/manifests/init.pp index c290af9..aaaa585 100644 --- a/abusehelper/manifests/init.pp +++ b/abusehelper/manifests/init.pp @@ -84,7 +84,7 @@ class abusehelper { realize(User["abusehel"], Group["abusehel"]) if $abusehelper_datadir { - file { "${abusehelper_datadir}": + file { $abusehelper_datadir: ensure => directory, mode => 0750, owner => "root", @@ -94,8 +94,8 @@ class abusehelper { file { "/var/lib/ah2": ensure => link, - target => "${abusehelper_datadir}", - require => File["${abusehelper_datadir}"], + target => $abusehelper_datadir, + require => File[$abusehelper_datadir], } } else { file { "/var/lib/ah2": diff --git a/alpine/manifests/init.pp b/alpine/manifests/init.pp index ddcc827..a4fe51c 100644 --- a/alpine/manifests/init.pp +++ b/alpine/manifests/init.pp @@ -9,15 +9,15 @@ class alpine { $mail_server = "mail.${domain}" } if ! $mail_domain { - $mail_domain = "${domain}" + $mail_domain = $domain } - + file { "/usr/bin/pine": ensure => link, target => "/usr/bin/alpine", require => Package["alpine"], } - + file { "/etc/pine.conf.fixed": ensure => present, content => template("alpine/pine.conf.fixed.erb"), @@ -26,5 +26,5 @@ class alpine { group => root, require => Package["alpine"], } - + } diff --git a/amanda/manifests/init.pp b/amanda/manifests/init.pp index 0485491..fb21914 100644 --- a/amanda/manifests/init.pp +++ b/amanda/manifests/init.pp @@ -55,7 +55,7 @@ class amanda::client inherits amanda::common { if $amanda_clientkey { @@ssh_authorized_key { "amrecover@${homename}": ensure => present, - key => "${amanda_clientkey}", + key => $amanda_clientkey, type => "ssh-rsa", user => "amandabackup", tag => "amandaclient", @@ -75,7 +75,7 @@ class amanda::server inherits amanda::common { if $amanda_serverkey { @@ssh_authorized_key { "amdump@${homename}": ensure => present, - key => "${amanda_serverkey}", + key => $amanda_serverkey, type => "ssh-rsa", user => "amandabackup", tag => "amandaserver", diff --git a/apache/manifests/debian.pp b/apache/manifests/debian.pp index 02b40a3..2a57560 100644 --- a/apache/manifests/debian.pp +++ b/apache/manifests/debian.pp @@ -104,7 +104,7 @@ define apache::debian::site($aliases, $root, $redirect) { file { "/srv/www/http/${site_fqdn}": ensure => link, target => $root, - before => File["${site_conf}"], + before => File[$site_conf], } } else { file { "/srv/www/http/${site_fqdn}": @@ -112,7 +112,7 @@ define apache::debian::site($aliases, $root, $redirect) { mode => 0755, owner => root, group => root, - before => File["${site_conf}"], + before => File[$site_conf], } } @@ -121,12 +121,12 @@ define apache::debian::site($aliases, $root, $redirect) { mode => 0755, owner => root, group => root, - before => File["${site_conf}"], + before => File[$site_conf], } } } - file { "${site_conf}": + file { $site_conf: ensure => present, mode => 0644, owner => root, @@ -135,14 +135,14 @@ define apache::debian::site($aliases, $root, $redirect) { } if $redirect { - File["${site_conf}"] { + File[$site_conf] { content => "\n ServerName ${site_fqdn}\n Redirect permanent / ${redirect}\n\n", } } else { - File["${site_conf}"] { + File[$site_conf] { content => template("apache/site.http.conf.erb"), } - file { "${site_confdir}": + file { $site_confdir: ensure => directory, mode => 0644, owner => root, @@ -152,7 +152,7 @@ define apache::debian::site($aliases, $root, $redirect) { recurse => true, source => [ "puppet:///files/apache/sites/${site_fqdn}", "puppet:///modules/custom/empty", ], - before => File["${site_conf}"], + before => File[$site_conf], notify => Service["apache2"], } } @@ -256,7 +256,7 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) $site_conf = "/etc/apache2/sites-enabled/${site_fqdn}-ssl.conf" $site_confdir = "/etc/apache2/sites-enabled/${site_fqdn}-ssl.d" - file { "${site_conf}": + file { $site_conf: ensure => present, content => template("apache/site.https.conf.erb"), mode => 0644, @@ -267,7 +267,7 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) File["/etc/ssl/private/${site_fqdn}.key"], ], } - file { "${site_confdir}": + file { $site_confdir: ensure => directory, mode => 0644, owner => root, @@ -277,7 +277,7 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) recurse => true, source => [ "puppet:///files/apache/sslsites/${site_fqdn}", "puppet:///modules/custom/empty", ], - before => File["${site_conf}"], + before => File[$site_conf], notify => Service["apache2"], } diff --git a/apache/manifests/init.pp b/apache/manifests/init.pp index bd96f5b..e127da4 100644 --- a/apache/manifests/init.pp +++ b/apache/manifests/init.pp @@ -21,7 +21,7 @@ class apache::common { } if $apache_datadir { - file { "${apache_datadir}": + file { $apache_datadir: ensure => directory, mode => 0755, owner => "root", @@ -31,8 +31,8 @@ class apache::common { file { "/srv/www": ensure => link, - target => "${apache_datadir}", - require => File["${apache_datadir}"], + target => $apache_datadir, + require => File[$apache_datadir], } } else { file { "/srv/www": @@ -55,7 +55,7 @@ class apache::common { if $apache_datadir { selinux::manage_fcontext { "${apache_datadir}(/.*)?": type => "httpd_sys_content_t", - before => File["${apache_datadir}"], + before => File[$apache_datadir], } } } @@ -70,11 +70,11 @@ class apache::common { } file { "/usr/local/sbin/www-logrotate.sh": - ensure => present, - source => "puppet:///modules/apache/www-logrotate.sh", - mode => 0755, - owner => root, - group => root, + ensure => present, + source => "puppet:///modules/apache/www-logrotate.sh", + mode => 0755, + owner => root, + group => root, seluser => "system_u", selrole => "object_r", seltype => "httpd_rotatelogs_exec_t", @@ -155,14 +155,14 @@ define apache::site($aliases="", $root="", $redirect="") { case $operatingsystem { debian,ubuntu: { - apache::debian::site { "${name}": + apache::debian::site { $name: aliases => $aliases, root => $root, redirect => $redirect, } } centos,fedora: { - apache::redhat::site { "${name}": + apache::redhat::site { $name: aliases => $aliases, root => $root, redirect => $redirect, @@ -175,8 +175,8 @@ define apache::site($aliases="", $root="", $redirect="") { if !$redirect { $site_fqdn = $name ? { - "default" => "${homename}", - default => "${name}", + "default" => $homename, + default => $name, } apache::webalizer::site { "http/${site_fqdn}": site_proto => "http", @@ -268,7 +268,7 @@ define apache::sslsite($ipaddr="_default_", $root="", $ssl_cert="", $ssl_key="", case $operatingsystem { debian,ubuntu: { $apache_ssldir = "/etc/ssl" - apache::debian::sslsite { "${name}": + apache::debian::sslsite { $name: ipaddr => $ipaddr, root => $root, ssl_cert => $ssl_cert, @@ -279,7 +279,7 @@ define apache::sslsite($ipaddr="_default_", $root="", $ssl_cert="", $ssl_key="", } centos,fedora: { $apache_ssldir = "/etc/pki/tls" - apache::redhat::sslsite { "${name}": + apache::redhat::sslsite { $name: ipaddr => $ipaddr, root => $root, ssl_cert => $ssl_cert, @@ -294,8 +294,8 @@ define apache::sslsite($ipaddr="_default_", $root="", $ssl_cert="", $ssl_key="", } $site_fqdn = $name ? { - "default" => "${homename}", - default => "${name}", + "default" => $homename, + default => $name, } apache::webalizer::site { "https/${site_fqdn}": site_proto => "https", @@ -335,17 +335,17 @@ define apache::configfile($source="", $content="", $http=true, $https=true) { case $operatingsystem { debian,ubuntu: { - apache::debian::configfile { "${name}": - source => "${source}", - content => "${content}", + apache::debian::configfile { $name: + source => $source, + content => $content, http => $http, https => $https, } } centos,fedora: { - apache::redhat::configfile { "${name}": - source => "${source}", - content => "${content}", + apache::redhat::configfile { $name: + source => $source, + content => $content, http => $http, https => $https, } @@ -418,7 +418,7 @@ class apache::mod::fcgid { ubuntu => "libapache2-mod-fcgid", default => "mod_fcgid", }, - ensure => installed, + ensure => installed, require => Package["httpd"], } @@ -485,7 +485,7 @@ class apache::mod::perl { ubuntu => "libapache2-mod-perl2", default => "mod_perl", }, - ensure => installed, + ensure => installed, require => Package["httpd"], } @@ -518,7 +518,7 @@ class apache::mod::php { ubuntu => "libapache2-mod-php5", default => "php", }, - ensure => installed, + ensure => installed, require => Package["httpd"], } @@ -608,7 +608,7 @@ class apache::mod::python { ubuntu => "libapache2-mod-python", default => "mod_python", }, - ensure => installed, + ensure => installed, require => Package["httpd"], } diff --git a/apache/manifests/redhat.pp b/apache/manifests/redhat.pp index d476e62..5621ee3 100644 --- a/apache/manifests/redhat.pp +++ b/apache/manifests/redhat.pp @@ -57,7 +57,7 @@ define apache::redhat::site($aliases, $root, $redirect) { file { "/srv/www/http/${site_fqdn}": ensure => link, target => $root, - before => File["${site_conf}"], + before => File[$site_conf], } } else { file { "/srv/www/http/${site_fqdn}": @@ -65,7 +65,7 @@ define apache::redhat::site($aliases, $root, $redirect) { mode => 0755, owner => root, group => root, - before => File["${site_conf}"], + before => File[$site_conf], } } @@ -74,12 +74,12 @@ define apache::redhat::site($aliases, $root, $redirect) { mode => 0755, owner => root, group => root, - before => File["${site_conf}"], + before => File[$site_conf], } } } - file { "${site_conf}": + file { $site_conf: ensure => present, mode => 0644, owner => root, @@ -88,14 +88,14 @@ define apache::redhat::site($aliases, $root, $redirect) { } if $redirect { - File["${site_conf}"] { + File[$site_conf] { content => "\n ServerName ${site_fqdn}\n Redirect permanent / ${redirect}\n\n", } } else { - File["${site_conf}"] { + File[$site_conf] { content => template("apache/site.http.conf.erb"), } - file { "${site_confdir}": + file { $site_confdir: ensure => directory, mode => 0644, owner => root, @@ -105,7 +105,7 @@ define apache::redhat::site($aliases, $root, $redirect) { recurse => true, source => [ "puppet:///files/apache/sites/${site_fqdn}", "puppet:///modules/custom/empty", ], - before => File["${site_conf}"], + before => File[$site_conf], notify => Service["httpd"], } } @@ -257,7 +257,7 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) $site_conf = "/etc/httpd/site.https.d/${site_fqdn}.conf" $site_confdir = "/etc/httpd/site.https.d/${site_fqdn}.d" - file { "${site_conf}": + file { $site_conf: ensure => present, content => template("apache/site.https.conf.erb"), mode => 0644, @@ -268,7 +268,7 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) File["/etc/pki/tls/private/${site_fqdn}.key"], ], } - file { "${site_confdir}": + file { $site_confdir: ensure => directory, mode => 0644, owner => root, @@ -278,7 +278,7 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) recurse => true, source => [ "puppet:///files/apache/sslsites/${site_fqdn}", "puppet:///modules/custom/empty", ], - before => File["${site_conf}"], + before => File[$site_conf], notify => Service["httpsd"], } @@ -289,7 +289,7 @@ define apache::redhat::configfile($source, $content, $http, $https) { if defined(Service["httpd"]) { file { "/etc/httpd/conf.http.d/${name}": - ensure => $http ? { + ensure => $http ? { true => present, default => absent, }, @@ -322,7 +322,7 @@ define apache::redhat::configfile($source, $content, $http, $https) { if defined(Service["httpsd"]) { file { "/etc/httpd/conf.https.d/${name}": - ensure => $https ? { + ensure => $https ? { true => present, default => absent, }, diff --git a/apcupsd/manifests/init.pp b/apcupsd/manifests/init.pp index e6bfaee..8e94798 100644 --- a/apcupsd/manifests/init.pp +++ b/apcupsd/manifests/init.pp @@ -4,13 +4,13 @@ class apcupsd { package { "apcupsd": - ensure => installed, + ensure => installed, } service { "apcupsd": - ensure => running, - enable => true, - require => Package["apcupsd"], + ensure => running, + enable => true, + require => Package["apcupsd"], } file { "/etc/apcupsd/apcupsd.conf": diff --git a/apt/manifests/init.pp b/apt/manifests/init.pp index 69ff71f..4db2eee 100644 --- a/apt/manifests/init.pp +++ b/apt/manifests/init.pp @@ -223,7 +223,7 @@ define apt::package($ensure, $source) { require => File["/var/cache/apt/local-archives"], } - package { "${name}": + package { $name: ensure => $ensure, source => "/var/cache/apt/local-archives/${filename}", provider => dpkg, diff --git a/autofs/manifests/init.pp b/autofs/manifests/init.pp index 7fd8fbc..07a2d11 100644 --- a/autofs/manifests/init.pp +++ b/autofs/manifests/init.pp @@ -2,26 +2,26 @@ class autofs { package { "autofs": - ensure => installed, + ensure => installed, } service { "autofs": - ensure => running, - enable => true, - hasstatus => true, - require => Package["autofs"], + ensure => running, + enable => true, + hasstatus => true, + require => Package["autofs"], } file { "/etc/auto.master": - ensure => present, - source => [ "puppet:///files/autofs/auto.master.${fqdn}", - "puppet:///files/autofs/auto.master", - "puppet:///modules/autofs/auto.master", ], - mode => 0644, - owner => root, - group => root, - require => Package["autofs"], - notify => Service["autofs"], + ensure => present, + source => [ "puppet:///files/autofs/auto.master.${fqdn}", + "puppet:///files/autofs/auto.master", + "puppet:///modules/autofs/auto.master", ], + mode => 0644, + owner => root, + group => root, + require => Package["autofs"], + notify => Service["autofs"], } } diff --git a/avahi/manifests/init.pp b/avahi/manifests/init.pp index 4bc6400..4bcf48b 100644 --- a/avahi/manifests/init.pp +++ b/avahi/manifests/init.pp @@ -41,7 +41,7 @@ class avahi::daemon { }, require => Package["avahi"], } - + } @@ -84,7 +84,7 @@ class avahi::disabled { define avahi::service($port = "AUTO", $description = "%h", $ensure = "present", $txt = []) { $filename = regsubst($name, '^_([^.]+)\._.*', '\1.service') - + if $port == "AUTO" { $realport = avahi_service_port($name) } else { diff --git a/backuppc/manifests/init.pp b/backuppc/manifests/init.pp index e8a3f47..66822a6 100644 --- a/backuppc/manifests/init.pp +++ b/backuppc/manifests/init.pp @@ -17,17 +17,17 @@ define backuppc::manualclient($ensure = "present", $operatingsystem = "default") { @@file { "/etc/BackupPC/pc/${name}.pl": - ensure => "${ensure}", - source => [ "puppet:///files/backuppc/${name}.pl", - "puppet:///files/backuppc/${operatingsystem}.pl", - "puppet:///files/backuppc/default.pl", - "puppet:///modules/backuppc/default.pl", ], - mode => 0640, - owner => root, - group => backuppc, - tag => "backuppc", - require => File["/etc/BackupPC/pc"], - notify => Exec["generate-backuppc-hosts"], + ensure => $ensure, + source => [ "puppet:///files/backuppc/${name}.pl", + "puppet:///files/backuppc/${operatingsystem}.pl", + "puppet:///files/backuppc/default.pl", + "puppet:///modules/backuppc/default.pl", ], + mode => 0640, + owner => root, + group => backuppc, + tag => "backuppc", + require => File["/etc/BackupPC/pc"], + notify => Exec["generate-backuppc-hosts"], } } @@ -36,9 +36,9 @@ define backuppc::manualclient($ensure = "present", $operatingsystem = "default") # class backuppc::client { - backuppc::manualclient { "${homename}": - ensure => present, - operatingsystem => "${operatingsystem}", + backuppc::manualclient { $homename: + ensure => present, + operatingsystem => $operatingsystem, } include rsync @@ -57,13 +57,13 @@ class backuppc::server { realize(User["backuppc"], Group["backuppc"]) package { "BackupPC": - ensure => installed, + ensure => installed, require => [ User["backuppc"], Group["backuppc"], ], } if $backuppc_datadir { - file { "${backuppc_datadir}": + file { $backuppc_datadir: ensure => directory, mode => 0750, owner => "backuppc", @@ -72,10 +72,10 @@ class backuppc::server { } file { "/var/lib/BackupPC": - ensure => "${backuppc_datadir}", + ensure => $backuppc_datadir, force => true, backup => ".orig", - require => File["${backuppc_datadir}"], + require => File[$backuppc_datadir], before => File["/var/lib/BackupPC/.ssh"], } } @@ -128,11 +128,11 @@ class backuppc::server { } file { "/etc/BackupPC/config.pl": - ensure => present, - source => "puppet:///files/backuppc/config.pl", - mode => 0440, - owner => "backuppc", - group => "backuppc", + ensure => present, + source => "puppet:///files/backuppc/config.pl", + mode => 0440, + owner => "backuppc", + group => "backuppc", seltype => $operatingsystem ? { "centos" => $operatingsystemrelease ? { /^5/ => "httpd_sys_script_rw_t", @@ -140,17 +140,17 @@ class backuppc::server { }, default => "httpd_sys_rw_content_t", }, - require => Package["BackupPC"], - notify => Service["backuppc"], + require => Package["BackupPC"], + notify => Service["backuppc"], } file { "/etc/BackupPC/hosts.in": - ensure => present, - source => [ "puppet:///files/backuppc/hosts.in", - "puppet:///modules/backuppc/hosts.in", ], - mode => 0644, - owner => "root", - group => "backuppc", + ensure => present, + source => [ "puppet:///files/backuppc/hosts.in", + "puppet:///modules/backuppc/hosts.in", ], + mode => 0644, + owner => "root", + group => "backuppc", seltype => $operatingsystem ? { "centos" => $operatingsystemrelease ? { /^5/ => "httpd_sys_script_rw_t", @@ -158,18 +158,18 @@ class backuppc::server { }, default => "httpd_sys_rw_content_t", }, - require => Package["BackupPC"], - notify => Exec["generate-backuppc-hosts"], + require => Package["BackupPC"], + notify => Exec["generate-backuppc-hosts"], } file { "/etc/BackupPC/pc": - ensure => directory, - purge => true, - force => true, - recurse => true, - mode => 0640, - owner => "root", - group => "backuppc", + ensure => directory, + purge => true, + force => true, + recurse => true, + mode => 0640, + owner => "root", + group => "backuppc", seltype => $operatingsystem ? { "centos" => $operatingsystemrelease ? { /^5/ => "httpd_sys_script_rw_t", @@ -177,17 +177,17 @@ class backuppc::server { }, default => "httpd_sys_rw_content_t", }, - source => "puppet:///modules/custom/empty", - require => Package["BackupPC"], - notify => Exec["generate-backuppc-hosts"], + source => "puppet:///modules/custom/empty", + require => Package["BackupPC"], + notify => Exec["generate-backuppc-hosts"], } exec { "generate-backuppc-hosts": - command => "/bin/sh -c '(cat /etc/BackupPC/hosts.in ; find /etc/BackupPC/pc -name \\*.pl -exec basename {} .pl \\; | sed -e \"s/\$/ 0 adm/\") > /etc/BackupPC/hosts'", - path => "/bin:/usr/bin:/sbin:/usr/sbin", - refreshonly => true, - require => File["/etc/BackupPC/hosts.in"], - notify => Service["backuppc"], + command => "/bin/sh -c '(cat /etc/BackupPC/hosts.in ; find /etc/BackupPC/pc -name \\*.pl -exec basename {} .pl \\; | sed -e \"s/\$/ 0 adm/\") > /etc/BackupPC/hosts'", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + refreshonly => true, + require => File["/etc/BackupPC/hosts.in"], + notify => Service["backuppc"], } File <<| tag == "backuppc" |>> { @@ -201,9 +201,9 @@ class backuppc::server { } service { "backuppc": - ensure => running, - enable => true, - require => Package["BackupPC"], + ensure => running, + enable => true, + require => Package["BackupPC"], } file { "/var/lib/BackupPC/.ssh": diff --git a/clarified/manifests/init.pp b/clarified/manifests/init.pp index fe1c3f2..da32e3c 100644 --- a/clarified/manifests/init.pp +++ b/clarified/manifests/init.pp @@ -49,7 +49,7 @@ class clarified::recorder { } if $recorder_datadir { - file { "${recorder_datadir}": + file { $recorder_datadir: ensure => directory, mode => 0700, owner => root, @@ -58,8 +58,8 @@ class clarified::recorder { file { "/var/lib/recorder": ensure => link, - target => "${recorder_datadir}", - require => File["${recorder_datadir}"], + target => $recorder_datadir, + require => File[$recorder_datadir], } } else { file { "/var/lib/recorder": diff --git a/cups/manifests/init.pp b/cups/manifests/init.pp index c2b1dc3..52ab339 100644 --- a/cups/manifests/init.pp +++ b/cups/manifests/init.pp @@ -4,23 +4,23 @@ class cups::client { package { "cups": - ensure => installed, + ensure => installed, } file { "/etc/cups/client.conf": - ensure => present, - content => template("cups/client.conf.erb"), - mode => 0644, - owner => root, - group => $operatingsystem ? { - openbsd => wheel, - default => lp, - }, - require => Package["cups"], + ensure => present, + content => template("cups/client.conf.erb"), + mode => 0644, + owner => root, + group => $operatingsystem ? { + openbsd => wheel, + default => lp, + }, + require => Package["cups"], } case $operatingsystem { - openbsd: { + openbsd: { exec { "cups-enable": command => $operatingsystemrelease ? { /4\.[1-8]/ => "echo y | cups-enable", @@ -30,8 +30,8 @@ class cups::client { user => "root", creates => "/usr/bin/lpr.pre-cups", require => Package["cups"], - } - } + } + } } } @@ -41,7 +41,7 @@ class cups::client { class cups::server inherits cups::client { package { [ "ghostscript", "system-config-printer" ]: - ensure => installed, + ensure => installed, } file { "/etc/cups/cupsd.conf": @@ -57,9 +57,9 @@ class cups::server inherits cups::client { } service { "cups": - ensure => running, - enable => true, - require => Package["cups"], + ensure => running, + enable => true, + require => Package["cups"], } file { "/etc/cups/ppd": @@ -69,9 +69,9 @@ class cups::server inherits cups::client { group => lp, require => Package["cups"], } - + File["/etc/cups/client.conf"] { - content => "ServerName 127.0.0.1\n", + content => "ServerName 127.0.0.1\n", } } @@ -157,12 +157,12 @@ class cups::lpd { include inetd::server package { "cups-lpd": - ensure => installed, + ensure => installed, } inetd::service { "cups-lpd": - ensure => present, - require => Package["cups-lpd"], + ensure => present, + require => Package["cups-lpd"], } } @@ -175,26 +175,26 @@ class cups::samba { include samba::server file { [ "/etc/samba/drivers", - "/usr/share/cups/drivers", - "/usr/share/cups/drivers/x64", ]: - ensure => directory, - mode => 0755, - owner => root, - group => root, - require => [ Package["samba"], - Package["cups"], ], + "/usr/share/cups/drivers", + "/usr/share/cups/drivers/x64", ]: + ensure => directory, + mode => 0755, + owner => root, + group => root, + require => [ Package["samba"], + Package["cups"], ], } define driverfile() { - file { "/usr/share/cups/drivers/${name}": - ensure => present, - source => "puppet:///modules/cups/drivers/${name}", - mode => 0644, - owner => root, - group => root, - require => [ File["/usr/share/cups/drivers"], - File["/usr/share/cups/drivers/x64"], ], - } + file { "/usr/share/cups/drivers/${name}": + ensure => present, + source => "puppet:///modules/cups/drivers/${name}", + mode => 0644, + owner => root, + group => root, + require => [ File["/usr/share/cups/drivers"], + File["/usr/share/cups/drivers/x64"], ], + } } driverfile { "cups6.inf": } @@ -218,11 +218,11 @@ class cups::samba { driverfile { "x64/pscript5.dll": } file { "/etc/cron.hourly/update-printer-inf.sh": - ensure => present, - source => "puppet:///modules/cups/update-printer-inf.sh", - mode => 0755, - owner => root, - group => root, + ensure => present, + source => "puppet:///modules/cups/update-printer-inf.sh", + mode => 0755, + owner => root, + group => root, } } @@ -233,24 +233,24 @@ class cups::samba { class cups::snmp { package { "net-snmp-utils": - ensure => installed, + ensure => installed, } file { "/etc/cron.hourly/printer-details.py": - ensure => present, - source => "puppet:///modules/cups/printer-details.py", - mode => 0755, - owner => root, - group => root, - require => Package["net-snmp-utils"], + ensure => present, + source => "puppet:///modules/cups/printer-details.py", + mode => 0755, + owner => root, + group => root, + require => Package["net-snmp-utils"], } exec { "create-details-dir": - command => "umask 022 ; mkdir /usr/share/doc/cups-`rpm -q --queryformat='%{VERSION}' cups`/details", - path => "/bin:/usr/bin:/sbin:/usr/sbin", - user => root, - unless => "test -d /usr/share/doc/cups-`rpm -q --queryformat='%{VERSION}' cups`/details", - require => Package["cups"], + command => "umask 022 ; mkdir /usr/share/doc/cups-`rpm -q --queryformat='%{VERSION}' cups`/details", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + user => root, + unless => "test -d /usr/share/doc/cups-`rpm -q --queryformat='%{VERSION}' cups`/details", + require => Package["cups"], } } diff --git a/custom/manifests/init.pp b/custom/manifests/init.pp index 9bd6ab7..1c93848 100644 --- a/custom/manifests/init.pp +++ b/custom/manifests/init.pp @@ -50,11 +50,11 @@ define custom::file($ensure, $group="NONE", $mode="NONE", $owner="NONE", $seltyp $test = regsubst($source, '^([^:]+)://.+$', '\1') if "${test}" == "${source}" { $method = "file" - $path = "${source}" + $path = $source } else { - $method = "${test}" + $method = $test } - + case $method { "ftp","http","https": { $fetch_cmd = "wget -q -O '${name}' '${source}'" @@ -75,33 +75,33 @@ define custom::file($ensure, $group="NONE", $mode="NONE", $owner="NONE", $seltyp cwd => regsubst($name, '(.*)/[^/]+$', '\1'), command => $fetch_cmd, unless => $diff_cmd, - before => File["${name}"], + before => File[$name], } } } - file { "${name}": - ensure => "${ensure}", - source => "${method}" ? { - "file" => "${path}", - "puppet" => "${source}", - default => undef, + file { $name: + ensure => $ensure, + source => $method ? { + "file" => $path, + "puppet" => $source, + default => undef, }, - mode => "${mode}" ? { - "NONE" => undef, - default => "${mode}", - }, - owner => "${owner}" ? { + mode => $mode ? { "NONE" => undef, - default => "${owner}", + default => $mode, }, - group => "${group}" ? { + owner => $owner ? { "NONE" => undef, - default => "${group}", + default => $owner, }, - seltype => "${seltype}" ? { + group => $group ? { "NONE" => undef, - default => "${seltype}", + default => $group, + }, + seltype => $seltype ? { + "NONE" => undef, + default => $seltype, }, } @@ -132,7 +132,7 @@ class custom::rootpassword { default: { user { "root": ensure => present, - password => "${root_password}", + password => $root_password, } } } diff --git a/dhcp/manifests/init.pp b/dhcp/manifests/init.pp index 1422827..403c975 100644 --- a/dhcp/manifests/init.pp +++ b/dhcp/manifests/init.pp @@ -2,36 +2,36 @@ class dhcp::server::common { package { "dhcp": - name => $operatingsystem ? { + name => $operatingsystem ? { Debian => "dhcp3-server", - OpenBSD => "isc-dhcp-server", + OpenBSD => "isc-dhcp-server", Ubuntu => "dhcp3-server", - default => "dhcp", - }, - ensure => installed, + default => "dhcp", + }, + ensure => installed, } file { "dhcpd.leases": - name => $operatingsystem ? { + name => $operatingsystem ? { Debian => "/var/lib/dhcp3/dhcpd.leases", - OpenBSD => "/var/db/dhcpd.leases", + OpenBSD => "/var/db/dhcpd.leases", Ubuntu => "/var/lib/dhcp3/dhcpd.leases", - default => "/var/lib/dhcpd/dhcpd.leases", - }, - ensure => present, - owner => $operatingsystem ? { + default => "/var/lib/dhcpd/dhcpd.leases", + }, + ensure => present, + owner => $operatingsystem ? { debian => dhcpd, ubuntu => dhcpd, default => root, }, - group => $operatingsystem ? { + group => $operatingsystem ? { Debian => dhcpd, - OpenBSD => wheel, + OpenBSD => wheel, Ubuntu => dhcpd, - default => root, - }, - require => Package["dhcp"], - before => Service["dhcpd"], + default => root, + }, + require => Package["dhcp"], + before => Service["dhcpd"], } if $operatingsystem == "OpenBSD" and $operatingsystemrelease !~ /4\.[1-8]/ { @@ -55,8 +55,8 @@ class dhcp::server::common { Ubuntu => "dhcp3-server", default => "dhcpd", }, - ensure => running, - enable => true, + ensure => running, + enable => true, binary => $operatingsystem ? { OpenBSD => "/usr/local/sbin/dhcpd", default => undef, @@ -65,7 +65,7 @@ class dhcp::server::common { OpenBSD => "/usr/local/sbin/dhcpd -q", default => undef, }, - require => Package["dhcp"], + require => Package["dhcp"], } } @@ -90,7 +90,7 @@ class dhcp::server inherits dhcp::server::common { }, notify => Service["dhcpd"], } - + } @@ -99,36 +99,36 @@ class dhcp::server::ldap inherits dhcp::server::common { include ldap::client::python file { "/usr/local/sbin/dhcpdump.py": - ensure => present, - source => "puppet:///modules/dhcp/dhcpdump.py", - mode => 0755, - owner => root, - group => $operatingsystem ? { - OpenBSD => wheel, - default => root, - }, + ensure => present, + source => "puppet:///modules/dhcp/dhcpdump.py", + mode => 0755, + owner => root, + group => $operatingsystem ? { + OpenBSD => wheel, + default => root, + }, } file { "/etc/dhcpd.conf.in": - ensure => present, - source => [ "puppet:///files/dhcp/dhcpd.conf.in.${hostname}", - "puppet:///files/dhcp/dhcpd.conf.in", ], - mode => 0644, - owner => root, - group => $operatingsystem ? { - OpenBSD => wheel, - default => root, - }, - require => Package["dhcp"], + ensure => present, + source => [ "puppet:///files/dhcp/dhcpd.conf.in.${hostname}", + "puppet:///files/dhcp/dhcpd.conf.in", ], + mode => 0644, + owner => root, + group => $operatingsystem ? { + OpenBSD => wheel, + default => root, + }, + require => Package["dhcp"], } exec { "generate-dhcp-conf": - path => "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin", - command => "dhcpdump.py /etc/dhcpd.conf.in* > /etc/dhcpd.conf", - unless => "dhcpdump.py /etc/dhcpd.conf.in* | diff /etc/dhcpd.conf -", - require => [ File["/etc/dhcpd.conf.in"], - File["/usr/local/sbin/dhcpdump.py"], ], - notify => Service["dhcpd"], + path => "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin", + command => "dhcpdump.py /etc/dhcpd.conf.in* > /etc/dhcpd.conf", + unless => "dhcpdump.py /etc/dhcpd.conf.in* | diff /etc/dhcpd.conf -", + require => [ File["/etc/dhcpd.conf.in"], + File["/usr/local/sbin/dhcpdump.py"], ], + notify => Service["dhcpd"], } } diff --git a/dns/manifests/init.pp b/dns/manifests/init.pp index 2e613d8..8e81573 100644 --- a/dns/manifests/init.pp +++ b/dns/manifests/init.pp @@ -62,7 +62,7 @@ class dns::server { } } - file { "${chroot}${rndckey}": + file { "${chroot}${rndckey}": ensure => present, mode => 0640, owner => "root", @@ -111,8 +111,8 @@ class dns::server { } file { "named.conf": - path => "${chroot}${config}", ensure => present, + path => "${chroot}${config}", mode => 0640, owner => "root", group => $group, @@ -123,7 +123,7 @@ class dns::server { notify => Exec["generate-named-conf"], } file { "/usr/local/sbin/generate-named-conf.sh": - ensure => present, + ensure => present, content => template("dns/generate-named-conf.sh.erb"), mode => 0755, owner => "root", @@ -342,5 +342,5 @@ class dns::nsupdate { minute => "*/5", require => File["/usr/local/sbin/nsupdate.sh"], } - + } diff --git a/dovecot/manifests/init.pp b/dovecot/manifests/init.pp index deb1efd..3cb4b38 100644 --- a/dovecot/manifests/init.pp +++ b/dovecot/manifests/init.pp @@ -96,7 +96,7 @@ class dovecot::server inherits dovecot::common { mode => 0644, owner => root, group => root, - notify => Service["dovecot"], + notify => Service["dovecot"], } } diff --git a/ejabberd/manifests/init.pp b/ejabberd/manifests/init.pp index f82d7b0..4900ad5 100644 --- a/ejabberd/manifests/init.pp +++ b/ejabberd/manifests/init.pp @@ -26,7 +26,7 @@ class ejabberd { realize(User["ejabberd"], Group["ejabberd"]) if !$ejabberd_hosts { - $ejabberd_hosts = [ "${homename}" ] + $ejabberd_hosts = [ $homename ] } if !$ejabberd_admin { $ejabberd_admin = [] @@ -213,7 +213,7 @@ class ejabberd::backup { $ejabberd_backup_datadir = "/srv/ejabberd-backup" } - file { "${ejabberd_backup_datadir}": + file { $ejabberd_backup_datadir: ensure => directory, mode => 0700, owner => root, @@ -234,7 +234,7 @@ class ejabberd::backup { user => "root", minute => 15, hour => 21, - require => File[ "${ejabberd_backup_datadir}", + require => File[ $ejabberd_backup_datadir, "/usr/local/sbin/ejabberd-backup" ], } diff --git a/func/manifests/init.pp b/func/manifests/init.pp index 8bc822f..28f64f2 100644 --- a/func/manifests/init.pp +++ b/func/manifests/init.pp @@ -15,7 +15,7 @@ class func::minion { require => Package["func"], notify => Service["funcd"], } - + file { "/etc/pki/certmaster/${hostname}.pem": ensure => present, source => "${puppet_ssldir}/private_keys/${fqdn}.pem", @@ -43,7 +43,7 @@ class func::minion { require => Package["func"], notify => Service["funcd"], } - + service { "funcd": ensure => running, enable => true, @@ -94,5 +94,5 @@ class func::server inherits func::minion { group => root, require => Package["func"], } - + } diff --git a/git/manifests/init.pp b/git/manifests/init.pp index 46763c8..6679770 100644 --- a/git/manifests/init.pp +++ b/git/manifests/init.pp @@ -8,7 +8,7 @@ class git::client { "ubuntu" => "git-core", default => "git", }, - ensure => installed, + ensure => installed, } } @@ -26,7 +26,7 @@ class git::server { include git::client if $git_datadir { - file { "${git_datadir}": + file { $git_datadir: ensure => directory, mode => 0755, owner => root, @@ -34,8 +34,8 @@ class git::server { } file { "/srv/git": ensure => link, - target => "${git_datadir}", - require => File["${git_datadir}"], + target => $git_datadir, + require => File[$git_datadir], } } else { file { "/srv/git": @@ -55,7 +55,7 @@ class git::server { if $git_datadir { selinux::manage_fcontext { "${git_datadir}(/.*)?": type => "httpd_sys_content_t", - before => File["${git_datadir}"], + before => File[$git_datadir], } } } diff --git a/hastymail/manifests/init.pp b/hastymail/manifests/init.pp index c4044ab..fb76ea8 100644 --- a/hastymail/manifests/init.pp +++ b/hastymail/manifests/init.pp @@ -28,7 +28,7 @@ class hastymail { ensure => directory, mode => 0750, owner => "root", - group => "${apache::sslserver::group}", + group => $apache::sslserver::group, } file { "/etc/hastymail2/hastymail2.conf": ensure => present, @@ -36,7 +36,7 @@ class hastymail { "puppet:///files/mail/hastymail2.conf", ], mode => 0640, owner => "root", - group => "${apache::sslserver::group}", + group => $apache::sslserver::group, require => File["/etc/hastymail2"], } exec { "rm /etc/hastymail2/hastymail2.rc && php /usr/local/share/hastymail/install_scripts/install_config.php /etc/hastymail2/hastymail2.conf /etc/hastymail2/hastymail2.rc": @@ -48,9 +48,9 @@ class hastymail { } file { "/etc/hastymail2/hastymail2.rc": ensure => present, - mode => 0640, - owner => "root", - group => "${apache::sslserver::group}", + mode => 0640, + owner => "root", + group => $apache::sslserver::group, } } diff --git a/inetd/manifests/init.pp b/inetd/manifests/init.pp index 56d89c7..575b0c1 100644 --- a/inetd/manifests/init.pp +++ b/inetd/manifests/init.pp @@ -6,15 +6,15 @@ class inetd::server { case $operatingsystem { - centos,fedora,ubuntu,debian: { - include inetd::server::xinetd - } - openbsd: { - include inetd::server::inetd - } - default: { - fail("Inetd module not supported in ${operatingsystem}") - } + centos,fedora,ubuntu,debian: { + include inetd::server::xinetd + } + openbsd: { + include inetd::server::inetd + } + default: { + fail("Inetd module not supported in ${operatingsystem}") + } } } @@ -29,13 +29,13 @@ class inetd::server { class inetd::server::xinetd { package { "xinetd": - ensure => installed, + ensure => installed, } service { "xinetd": - ensure => running, - enable => true, - require => Package["xinetd"], + ensure => running, + enable => true, + require => Package["xinetd"], } } @@ -75,15 +75,15 @@ class inetd::server::inetd { define inetd::service($ensure = present) { case $operatingsystem { - centos,fedora,ubuntu,debian: { - service { "${name}": - enable => $ensure ? { - present => true, - absent => false, - }, - notify => Service["xinetd"], - } - } + centos,fedora,ubuntu,debian: { + service { $name: + enable => $ensure ? { + present => true, + absent => false, + }, + notify => Service["xinetd"], + } + } openbsd: { exec { "enable-inetd-${name}": command => $ensure ? { @@ -98,9 +98,9 @@ define inetd::service($ensure = present) { notify => Service["inetd"], } } - default: { - fail("Inetd module not supported in ${operatingsystem}") - } + default: { + fail("Inetd module not supported in ${operatingsystem}") + } } } diff --git a/irc/manifests/init.pp b/irc/manifests/init.pp index 952b686..531be14 100644 --- a/irc/manifests/init.pp +++ b/irc/manifests/init.pp @@ -67,7 +67,7 @@ define irc::network($desc, $servername, $serverdesc, } ssl::certificate { "/var/lib/ratbox/${name}/ircd.pem": - cn => "${servername}", + cn => $servername, mode => 0600, owner => "irc", group => "irc", diff --git a/iscsi/manifests/init.pp b/iscsi/manifests/init.pp index 26f021a..819651b 100644 --- a/iscsi/manifests/init.pp +++ b/iscsi/manifests/init.pp @@ -4,39 +4,39 @@ class iscsi::server { package { "scsi-target-utils": - ensure => installed, + ensure => installed, } service { "tgtd": - ensure => running, - enable => true, - require => Package["scsi-target-utils"], + ensure => running, + enable => true, + require => Package["scsi-target-utils"], } file { "/etc/tgt/targets.conf": - ensure => present, - source => [ "puppet:///files/iscsi/targets.conf.${fqdn}", - "puppet:///files/iscsi/targets.conf", - "puppet:///modules/iscsi/targets.conf", ], - mode => 0600, - owner => root, - group => root, - require => Package["scsi-target-utils"], + ensure => present, + source => [ "puppet:///files/iscsi/targets.conf.${fqdn}", + "puppet:///files/iscsi/targets.conf", + "puppet:///modules/iscsi/targets.conf", ], + mode => 0600, + owner => root, + group => root, + require => Package["scsi-target-utils"], } file { "/etc/tgt/target.d": - ensure => directory, - mode => 0700, - owner => root, - group => root, - require => Package["scsi-target-utils"], + ensure => directory, + mode => 0700, + owner => root, + group => root, + require => Package["scsi-target-utils"], } exec { "iscsi-refresh": - command => "tgt-admin -e", - path => "/bin:/usr/bin:/sbin:/usr/sbin", - onlyif => "tgt-admin -e -p | egrep '^tgtadm '", - require => Service["tgtd"], + command => "tgt-admin -e", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + onlyif => "tgt-admin -e -p | egrep '^tgtadm '", + require => Service["tgtd"], } } @@ -74,24 +74,24 @@ define iscsi::target($tid, $initiator = "ALL", $ensure = "present") { $iqn = sprintf("iqn.2005-08.tgt:%s%s", $hostname, regsubst($name, "/", ".", "G")) case $ensure { - "present": { - file { "/etc/tgt/target.d/${tid}.conf": - ensure => present, - content => template("iscsi/tid.conf.erb"), - mode => 0600, - owner => root, - group => root, - require => File["/etc/tgt/target.d"], - before => Exec["iscsi-refresh"], - } - - } - "absent": { - file { "/etc/tgt/target.d/${tid}.conf": - ensure => absent, - before => Exec["iscsi-refresh"], - } - } + "present": { + file { "/etc/tgt/target.d/${tid}.conf": + ensure => present, + content => template("iscsi/tid.conf.erb"), + mode => 0600, + owner => root, + group => root, + require => File["/etc/tgt/target.d"], + before => Exec["iscsi-refresh"], + } + + } + "absent": { + file { "/etc/tgt/target.d/${tid}.conf": + ensure => absent, + before => Exec["iscsi-refresh"], + } + } } } @@ -102,13 +102,13 @@ define iscsi::target($tid, $initiator = "ALL", $ensure = "present") { class iscsi::initiator { package { "iscsi-initiator-utils": - ensure => installed, + ensure => installed, } service { "iscsid": - ensure => running, - enable => true, - require => Package["iscsi-initiator-utils"], + ensure => running, + enable => true, + require => Package["iscsi-initiator-utils"], } } @@ -133,10 +133,10 @@ define iscsi::connect($portal) { include iscsi::initiator exec { "iscsi-connect-${name}": - path => "/bin:/usr/bin:/sbin:/usr/sbin", - command => "iscsiadm --mode discovery --type sendtargets --portal ${portal} && iscsiadm --mode node --targetname ${name} --portal ${portal} --login && sleep 5", - unless => "iscsiadm --mode session | egrep '${portal}:[0-9]*,[0-9]* ${name}'\$", - require => Service["iscsid"], + path => "/bin:/usr/bin:/sbin:/usr/sbin", + command => "iscsiadm --mode discovery --type sendtargets --portal ${portal} && iscsiadm --mode node --targetname ${name} --portal ${portal} --login && sleep 5", + unless => "iscsiadm --mode session | egrep '${portal}:[0-9]*,[0-9]* ${name}'\$", + require => Service["iscsid"], } } diff --git a/kerberos/manifests/init.pp b/kerberos/manifests/init.pp index c040ba3..91fe76f 100644 --- a/kerberos/manifests/init.pp +++ b/kerberos/manifests/init.pp @@ -19,26 +19,26 @@ class kerberos::client { case $operatingsystem { - centos,fedora: { - package { "krb5-workstation": - ensure => installed, - } - } + centos,fedora: { + package { "krb5-workstation": + ensure => installed, + } + } } file { "krb5.conf": - path => $operatingsystem ? { - openbsd => "/etc/kerberosV/krb5.conf", - default => "/etc/krb5.conf", - }, - ensure => present, - content => template("kerberos/krb5.conf.erb"), - mode => 0644, - owner => root, - group => $operatingsystem ? { - openbsd => wheel, - default => root, - }, + path => $operatingsystem ? { + openbsd => "/etc/kerberosV/krb5.conf", + default => "/etc/krb5.conf", + }, + ensure => present, + content => template("kerberos/krb5.conf.erb"), + mode => 0644, + owner => root, + group => $operatingsystem ? { + openbsd => wheel, + default => root, + }, } } @@ -99,7 +99,7 @@ class kerberos::auth { class kerberos::server inherits kerberos::client { package { "krb5-server": - ensure => installed, + ensure => installed, } if $kerberos_datadir { @@ -160,15 +160,15 @@ class kerberos::server inherits kerberos::client { # $name: # Keytab file path. # $principals: -# List of principals to be added into keytab +# List of principals to be added into keytab # $ensure: -# Set to present to create keytab and absent to remove it +# Set to present to create keytab and absent to remove it # $owner: -# Owner for keytab file +# Owner for keytab file # $group: -# Group for keytab file +# Group for keytab file # $mode: -# Permissions for keytab file +# Permissions for keytab file # # === Sample usage # @@ -180,23 +180,23 @@ class kerberos::server inherits kerberos::client { define kerberos::keytab($principals = [], $ensure = present, $owner = "root", $group = "", $mode = "0600") { case $group { - "": { - case $operatingsystem { - openbsd: { $real_group = "wheel" } - default: { $real_group = "root" } - } - } - default: { - $real_group = $group - } + "": { + case $operatingsystem { + openbsd: { $real_group = "wheel" } + default: { $real_group = "root" } + } + } + default: { + $real_group = $group + } } - file { "${name}": - ensure => $ensure, - content => template("kerberos/keytab.erb"), - mode => "${mode}", - owner => "${owner}", - group => "${real_group}", + file { $name: + ensure => $ensure, + content => template("kerberos/keytab.erb"), + mode => $mode, + owner => $owner, + group => $real_group, } } diff --git a/ldap/manifests/init.pp b/ldap/manifests/init.pp index 411a9e0..74d03a5 100644 --- a/ldap/manifests/init.pp +++ b/ldap/manifests/init.pp @@ -90,7 +90,7 @@ class ldap::auth inherits ldap::client { require => Package["nscd"], } } - Ubuntu: { + Ubuntu: { package { "ldap-auth-client": ensure => installed, } @@ -111,23 +111,23 @@ class ldap::auth inherits ldap::client { "set base ${ldap_basedn}", "set nss_paged_results yes", "set pam_password exop", - "rm rootbinddn", + "rm rootbinddn", "set ssl on", ], onlyif => [ "get uri != '${ldap_uri}'", "get base != ${ldap_basedn}", "get nss_paged_results != yes", "get pam_password != exop", - "get rootbinddn == 'cn=manager,dc=example,dc=net'", + "get rootbinddn == 'cn=manager,dc=example,dc=net'", "get ssl != on", ], } } - Debian: { + Debian: { package {[ "libnss-ldap", - "libpam-ldap" ]: + "libpam-ldap" ]: ensure => installed, } ## Debian lacks some lenses. nss-ldap-conf and pam_ldap-conf needs corresponding files -## to /usr/share/augeas/lenses/dist/spacevars.aug. More info at: +## to /usr/share/augeas/lenses/dist/spacevars.aug. More info at: ## https://github.com/jwm/augeas/commit/8f768f45779048cbd95b5b7d71682b808d41bfd3 ## There isn't lens for nsswitch.conf either. nss-ldap-conf and pam_ldap-conf are tested, nsswitch isn't. # augeas { "nss-ldap-conf": @@ -144,7 +144,7 @@ class ldap::auth inherits ldap::client { # "get pam_password != exop", # "get rootbinddn == 'cn=manager,dc=example,dc=net'", # "get ssl != on", ], -# require => Package["libnss-ldap"], +# require => Package["libnss-ldap"], # } # augeas { "pam_ldap-conf": # context => "/files/etc/pam_ldap.conf", @@ -160,7 +160,7 @@ class ldap::auth inherits ldap::client { # "get pam_password != exop", # "get rootbinddn == 'cn=manager,dc=example,dc=net'", # "get ssl != on", ], -# require => Package["libpam-ldap"], +# require => Package["libpam-ldap"], # } # augeas { "nsswitch-conf": # context => "/files/etc/nsswitch.conf", @@ -170,7 +170,7 @@ class ldap::auth inherits ldap::client { # onlyif => [ "get passwd: != 'files ldap'", # "get group: != 'files ldap'", # "get shadow: != 'files ldap'", ], -# require => [ Augeas["pam_ldap-conf"], +# require => [ Augeas["pam_ldap-conf"], # Augeas["nss-ldap-conf"], ], # } } @@ -215,7 +215,7 @@ class ldap::client { "debian" => "ldap-utils", "ubuntu" => "ldap-utils", "openbsd" => "openldap-client", - default => "openldap-clients", + default => "openldap-clients", }, ensure => $operatingsystem ? { darwin => absent, @@ -227,16 +227,16 @@ class ldap::client { ensure => present, content => template("ldap/ldap.conf.erb"), path => $operatingsystem ? { - "debian" => "/etc/ldap/ldap.conf", - "ubuntu" => "/etc/ldap/ldap.conf", - default => "/etc/openldap/ldap.conf", + "debian" => "/etc/ldap/ldap.conf", + "ubuntu" => "/etc/ldap/ldap.conf", + default => "/etc/openldap/ldap.conf", }, mode => 0644, owner => root, group => $operatingsystem ? { "darwin" => wheel, "openbsd" => wheel, - default => root, + default => root, }, require => Package["openldap-client"], } @@ -273,8 +273,8 @@ class ldap::client::ruby { } package { "ruby-ldap": - name => $pkgname, ensure => installed, + name => $pkgname, } } @@ -346,8 +346,8 @@ class ldap::server { } package { "openldap-server": - name => $package_name, ensure => installed, + name => $package_name, } file { "${ssl::certs}/slapd.crt": @@ -373,8 +373,8 @@ class ldap::server { } file { "slapd.conf": - path => "${config}/slapd.conf", ensure => present, + path => "${config}/slapd.conf", content => template("ldap/slapd.conf.erb"), mode => 0640, owner => "root", @@ -418,7 +418,7 @@ class ldap::server { } if $ldap_datadir { - file { "${ldap_datadir}": + file { $ldap_datadir: ensure => directory, mode => 0700, owner => $user, @@ -427,10 +427,10 @@ class ldap::server { } file { "/srv/ldap": ensure => link, - target => "${ldap_datadir}", - require => File["${ldap_datadir}"], - } - } else { + target => $ldap_datadir, + require => File[$ldap_datadir], + } + } else { file { "/srv/ldap": ensure => directory, mode => 0700, @@ -587,8 +587,8 @@ define ldap::server::schema($idx = 50) { include ldap::server file { "${name}.schema": - path => "${ldap::server::config}/schema/${idx}-${name}.schema", ensure => present, + path => "${ldap::server::config}/schema/${idx}-${name}.schema", source => [ "puppet:///files/ldap/${name}.schema", "puppet:///modules/ldap/${name}.schema", ], mode => 0644, diff --git a/lynx/manifests/init.pp b/lynx/manifests/init.pp index 3286c39..3f7d5a2 100644 --- a/lynx/manifests/init.pp +++ b/lynx/manifests/init.pp @@ -5,7 +5,7 @@ # # $www_default_url: # Default starting URL. -# +# class lynx { if ! $www_default_url { diff --git a/mercurial/manifests/init.pp b/mercurial/manifests/init.pp index 61c5cbc..d5919e0 100644 --- a/mercurial/manifests/init.pp +++ b/mercurial/manifests/init.pp @@ -24,13 +24,13 @@ define mercurial::clone($source, $ensure="tip") { exec { "hg-clone-${name}": path => "/bin:/usr/bin:/sbin:/usr/sbin", command => "hg -y clone -r ${ensure} ${source} ${name}", - creates => "${name}", + creates => $name, require => Package["mercurial"], } exec { "hg-pull-${name}": path => "/bin:/usr/bin:/sbin:/usr/sbin", - cwd => "${name}", + cwd => $name, command => "hg -y pull -u -r ${ensure}", onlyif => $ensure ? { "tip" => "hg -y in", diff --git a/munin/manifests/init.pp b/munin/manifests/init.pp index f4b02a9..84c90b7 100644 --- a/munin/manifests/init.pp +++ b/munin/manifests/init.pp @@ -2,61 +2,61 @@ # Install and configure munin node. # class munin::node { - + package { "munin-node": - ensure => installed, + ensure => installed, } - + service { "munin-node": - name => $operatingsystem ? { + name => $operatingsystem ? { OpenBSD => $operatingsystemrelease ? { /4\.[1-8]/ => "munin-node", default => "munin_node", }, default => "munin-node", }, - ensure => running, - enable => true, - require => Package["munin-node"], - start => $operatingsystem ? { - OpenBSD => $operatingsystemrelease ? { + ensure => running, + enable => true, + require => Package["munin-node"], + start => $operatingsystem ? { + OpenBSD => $operatingsystemrelease ? { /4\.[1-8]/ => "/usr/bin/install -d -o _munin /var/run/munin; /usr/local/sbin/munin-node", default => undef, }, - default => undef, - }, - stop => $operatingsystem ? { - OpenBSD => "/usr/bin/pkill -f /usr/local/sbin/munin-node", - default => undef, - }, + default => undef, + }, + stop => $operatingsystem ? { + OpenBSD => "/usr/bin/pkill -f /usr/local/sbin/munin-node", + default => undef, + }, } file { "/etc/munin/munin-node.conf": - ensure => present, - content => template("munin/munin-node.conf.erb"), - owner => root, - group => $operatingsystem ? { - OpenBSD => wheel, - default => root, - }, - mode => 0644, - require => Package["munin-node"], - notify => Exec["munin-node-configure"], + ensure => present, + content => template("munin/munin-node.conf.erb"), + owner => root, + group => $operatingsystem ? { + OpenBSD => wheel, + default => root, + }, + mode => 0644, + require => Package["munin-node"], + notify => Exec["munin-node-configure"], } - + @@file { "/etc/munin/nodes.d/${homename}.conf": - content => "[${homename}]\n address ${ipaddress}\n use_node_name yes\n", - ensure => present, - tag => "munin", - notify => Exec["generate-munin-conf"], + ensure => present, + content => "[${homename}]\n address ${ipaddress}\n use_node_name yes\n", + tag => "munin", + notify => Exec["generate-munin-conf"], } - + exec { "munin-node-configure": - command => "munin-node-configure --shell --remove-also 2>/dev/null | /bin/sh", - path => "/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin", - user => root, - refreshonly => true, - notify => Service["munin-node"], + command => "munin-node-configure --shell --remove-also 2>/dev/null | /bin/sh", + path => "/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin", + user => root, + refreshonly => true, + notify => Service["munin-node"], } } @@ -82,8 +82,8 @@ class munin::node { define munin::snmpnode($snmp_community="public", $snmp_version="2") { file { "/etc/munin/plugin-conf.d/snmp_${name}": - content => "[snmp_${name}_*]\nenv.community ${snmp_community}\nenv.version ${snmp_version}\n", ensure => present, + content => "[snmp_${name}_*]\nenv.community ${snmp_community}\nenv.version ${snmp_version}\n", owner => root, group => $operatingsystem ? { OpenBSD => wheel, @@ -94,8 +94,8 @@ define munin::snmpnode($snmp_community="public", $snmp_version="2") { } @@file { "/etc/munin/nodes.d/${name}.conf": - content => "[${name}]\n address ${ipaddress}\n use_node_name no\n", ensure => present, + content => "[${name}]\n address ${ipaddress}\n use_node_name no\n", tag => "munin", notify => Exec["generate-munin-conf"], } @@ -108,7 +108,7 @@ define munin::snmpnode($snmp_community="public", $snmp_version="2") { # === Parameters # # $name: -# Plugin name to install. +# Plugin name to install. # $config: # Configuration file name associated with plugin. Defaults to none. # @@ -121,71 +121,71 @@ define munin::snmpnode($snmp_community="public", $snmp_version="2") { define munin::plugin($config = "") { case $operatingsystem { - OpenBSD: { - file { "/usr/local/libexec/munin/plugins/${name}": - ensure => present, - source => "puppet:///modules/munin/plugins/${name}", - owner => root, - group => wheel, - mode => 0755, - require => Package["munin-node"], - } + OpenBSD: { + file { "/usr/local/libexec/munin/plugins/${name}": + ensure => present, + source => "puppet:///modules/munin/plugins/${name}", + owner => root, + group => wheel, + mode => 0755, + require => Package["munin-node"], + } + } + default: { + file { "/usr/share/munin/plugins/${name}": + ensure => present, + source => "puppet:///modules/munin/plugins/${name}", + owner => root, + group => root, + mode => 0755, + require => Package["munin-node"], + } } - default: { - file { "/usr/share/munin/plugins/${name}": - ensure => present, - source => "puppet:///modules/munin/plugins/${name}", - owner => root, - group => root, - mode => 0755, - require => Package["munin-node"], - } - } } if ($config) { - file { "/etc/munin/plugin-conf.d/${config}": - ensure => present, - source => [ "puppet:///files/munin/plugin-conf/${config}.${fqdn}", - "puppet:///files/munin/plugin-conf/${config}", - "puppet:///modules/munin/plugin-conf/${config}", ], - owner => root, - group => $operatingsystem ? { - OpenBSD => wheel, - default => root, - }, - mode => 0644, - notify => Service["munin-node"], - require => $operatingsystem ? { - OpenBSD => File["/usr/local/libexec/munin/plugins/${name}"], - default => File["/usr/share/munin/plugins/${name}"], + file { "/etc/munin/plugin-conf.d/${config}": + ensure => present, + source => [ "puppet:///files/munin/plugin-conf/${config}.${fqdn}", + "puppet:///files/munin/plugin-conf/${config}", + "puppet:///modules/munin/plugin-conf/${config}", ], + owner => root, + group => $operatingsystem ? { + OpenBSD => wheel, + default => root, }, - } + mode => 0644, + notify => Service["munin-node"], + require => $operatingsystem ? { + OpenBSD => File["/usr/local/libexec/munin/plugins/${name}"], + default => File["/usr/share/munin/plugins/${name}"], + }, + } } case $operatingsystem { - OpenBSD: { - exec { "munin-enable-${name}": - command => "ln -s /usr/local/libexec/munin/plugins/${name} /etc/munin/plugins/${name}", - path => "/bin:/usr/bin:/sbin:/usr/sbin", - user => root, - onlyif => [ "test ! -h /etc/munin/plugins/${name}", - "/usr/local/libexec/munin/plugins/${name} autoconf", ], - notify => Service["munin-node"], - require => File["/usr/local/libexec/munin/plugins/${name}"], - } - } - default: { - exec { "munin-enable-${name}": - command => "ln -s /usr/share/munin/plugins/${name} /etc/munin/plugins/${name}", - path => "/bin:/usr/bin:/sbin:/usr/sbin", - user => root, - onlyif => [ "test ! -h /etc/munin/plugins/${name}", - "/usr/share/munin/plugins/${name} autoconf", ], - notify => Service["munin-node"], - require => File["/usr/share/munin/plugins/${name}"], - } - } + OpenBSD: { + exec { "munin-enable-${name}": + command => "ln -s /usr/local/libexec/munin/plugins/${name} /etc/munin/plugins/${name}", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + user => root, + onlyif => [ "test ! -h /etc/munin/plugins/${name}", + "/usr/local/libexec/munin/plugins/${name} autoconf", ], + notify => Service["munin-node"], + require => File["/usr/local/libexec/munin/plugins/${name}"], + } + } + default: { + exec { "munin-enable-${name}": + command => "ln -s /usr/share/munin/plugins/${name} /etc/munin/plugins/${name}", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + user => root, + onlyif => [ "test ! -h /etc/munin/plugins/${name}", + "/usr/share/munin/plugins/${name} autoconf", ], + notify => Service["munin-node"], + require => File["/usr/share/munin/plugins/${name}"], + } + } } } @@ -198,13 +198,13 @@ define munin::plugin($config = "") { # * Storedconfigs # class munin::server { - + package { "munin": - ensure => installed, + ensure => installed, } - + if $munin_datadir { - file { "${munin_datadir}": + file { $munin_datadir: ensure => directory, mode => 0755, owner => munin, @@ -220,15 +220,15 @@ class munin::server { } file { "/var/lib/munin": - ensure => "${munin_datadir}", + ensure => $munin_datadir, force => true, backup => ".orig", - require => File["${munin_datadir}"], + require => File[$munin_datadir], } } if $munin_htmldir { - file { "${munin_htmldir}": + file { $munin_htmldir: ensure => directory, mode => 0755, owner => munin, @@ -248,45 +248,45 @@ class munin::server { } file { "/var/www/html/munin": - ensure => "${munin_htmldir}", + ensure => $munin_htmldir, force => true, backup => ".orig", seltype => "munin_var_lib_t", - require => File["${munin_htmldir}"], + require => File[$munin_htmldir], } } file { "/etc/munin/nodes.d": - ensure => directory, - purge => true, - force => true, - recurse => true, - owner => root, - group => root, - mode => 0644, - source => "puppet:///modules/custom/empty", - require => Package["munin"], + ensure => directory, + purge => true, + force => true, + recurse => true, + owner => root, + group => root, + mode => 0644, + source => "puppet:///modules/custom/empty", + require => Package["munin"], } - + file { "/etc/munin/munin.conf.in": - ensure => present, - source => [ "puppet:///files/munin/munin.conf.in", - "puppet:///modules/munin/munin.conf.in", ], - owner => root, - group => root, - mode => 0644, - require => Package["munin"], - notify => Exec["generate-munin-conf"], + ensure => present, + source => [ "puppet:///files/munin/munin.conf.in", + "puppet:///modules/munin/munin.conf.in", ], + owner => root, + group => root, + mode => 0644, + require => Package["munin"], + notify => Exec["generate-munin-conf"], } - + exec { "generate-munin-conf": - command => "cat /etc/munin/munin.conf.in /etc/munin/nodes.d/*.conf > /etc/munin/munin.conf", - path => "/bin:/usr/bin:/sbin:/usr/sbin", - user => root, - refreshonly => true, - require => File["/etc/munin/munin.conf.in"], + command => "cat /etc/munin/munin.conf.in /etc/munin/nodes.d/*.conf > /etc/munin/munin.conf", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + user => root, + refreshonly => true, + require => File["/etc/munin/munin.conf.in"], } - + File <<| tag == "munin" |>> - + } diff --git a/mutt/manifests/init.pp b/mutt/manifests/init.pp index 1912646..316db88 100644 --- a/mutt/manifests/init.pp +++ b/mutt/manifests/init.pp @@ -9,9 +9,9 @@ class mutt { $mail_server = "mail.${domain}" } if ! $mail_domain { - $mail_domain = "${domain}" + $mail_domain = $domain } - + case $operatingsystem { openbsd: { $muttconfdir = "/etc/mutt/Muttrc" } default: { $muttconfdir = "/etc" } @@ -26,8 +26,8 @@ class mutt { } file { "Muttrc.local": - name => "${muttconfdir}/Muttrc.local", ensure => present, + name => "${muttconfdir}/Muttrc.local", content => template("mutt/Muttrc.local.erb"), mode => 0644, owner => root, @@ -37,5 +37,5 @@ class mutt { }, require => Exec["add-local-mutt-config"], } - + } diff --git a/mysql/manifests/init.pp b/mysql/manifests/init.pp index e7fed1d..3e43424 100644 --- a/mysql/manifests/init.pp +++ b/mysql/manifests/init.pp @@ -20,11 +20,11 @@ class mysql::client { class mysql::server { package { "mysql-server": - ensure => installed, + ensure => installed, } if $mysql_datadir { - file { "${mysql_datadir}": + file { $mysql_datadir: ensure => directory, mode => 0755, owner => mysql, @@ -34,9 +34,9 @@ class mysql::server { } file { "/srv/mysql": ensure => link, - target => "${mysql_datadir}", + target => $mysql_datadir, seltype => "mysqld_db_t", - require => File["${mysql_datadir}"], + require => File[$mysql_datadir], } } else { file { "/srv/mysql": @@ -57,7 +57,7 @@ class mysql::server { if $mysql_datadir { selinux::manage_fcontext { "${mysql_datadir}(/.*)?": type => "mysqld_db_t", - before => File["${mysql_datadir}"], + before => File[$mysql_datadir], } } } @@ -68,30 +68,30 @@ class mysql::server { "debian" => "mysql", default => "mysqld", }, - ensure => running, - enable => true, - require => File["/srv/mysql"], + ensure => running, + enable => true, + require => File["/srv/mysql"], } file { "/etc/my.cnf": - ensure => present, - source => [ "puppet:///files/mysql/my.cnf.${hostname}", - "puppet:///files/mysql/my.cnf", - "puppet:///modules/mysql/my.cnf", ], - mode => 0644, - owner => root, - group => root, - require => Package["mysql-server"], - notify => Service["mysqld"], + ensure => present, + source => [ "puppet:///files/mysql/my.cnf.${hostname}", + "puppet:///files/mysql/my.cnf", + "puppet:///modules/mysql/my.cnf", ], + mode => 0644, + owner => root, + group => root, + require => Package["mysql-server"], + notify => Service["mysqld"], } file { "/etc/logrotate.d/mysql": - ensure => present, - source => "puppet:///modules/mysql/mysql.logrotate", - mode => 0644, - owner => root, - group => root, - require => Package["mysql-server"], + ensure => present, + source => "puppet:///modules/mysql/mysql.logrotate", + mode => 0644, + owner => root, + group => root, + require => Package["mysql-server"], } file { "/var/lib/mysql": diff --git a/mythtv/manifests/init.pp b/mythtv/manifests/init.pp index 34db22c..3d8079f 100644 --- a/mythtv/manifests/init.pp +++ b/mythtv/manifests/init.pp @@ -72,7 +72,8 @@ class mythtv::backend { } file { "/root/.mythtv": - ensure => "/etc/mythtv", + ensure => link, + target => "/etc/mythtv", force => true, require => Package["mythtv-backend"], } diff --git a/network/manifests/init.pp b/network/manifests/init.pp index 48f3d76..d96d7f6 100644 --- a/network/manifests/init.pp +++ b/network/manifests/init.pp @@ -5,20 +5,20 @@ # class network::helper::restart { case $operatingsystem { - centos,fedora: { - exec { "restart-network": - command => "/sbin/service network restart", - path => "/bin:/usr/bin:/sbin:/usr/sbin", - refreshonly => true, - } - } - openbsd: { - exec { "restart-network": - command => "/sbin/route delete default ; /bin/sh /etc/netstart", - path => "/bin:/usr/bin:/sbin:/usr/sbin", - refreshonly => true, - } - } + centos,fedora: { + exec { "restart-network": + command => "/sbin/service network restart", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + refreshonly => true, + } + } + openbsd: { + exec { "restart-network": + command => "/sbin/route delete default ; /bin/sh /etc/netstart", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + refreshonly => true, + } + } debian,ubuntu: { exec { "restart-network": cwd => "/etc/network", @@ -101,12 +101,12 @@ class network::hostname { # $name: # Network device name. # $ipaddr: -# IP address for interface. Use dhcp for DHCP configuration and none -# if interface just needs to be brought up. Defaults to none. +# IP address for interface. Use dhcp for DHCP configuration and none +# if interface just needs to be brought up. Defaults to none. # $eaddr: # Ethernet address. Overrides udev configuration. # $netmask: -# Netmask for interface. Required only when $ipaddr is used. +# Netmask for interface. Required only when $ipaddr is used. # $ip6addr: # IPv6 address for interface. Use auto for autoconfigured address. # Defaults to none. @@ -115,7 +115,7 @@ class network::hostname { # $bridge: # Array of interfaces to add to bridge. # $options: -# Custom options for interface (used only on OpenBSD). +# Custom options for interface (used only on OpenBSD). # $postcmd: # Custom commands to be executed after interface is up (used only on # OpenBSD). @@ -135,14 +135,14 @@ define network::interface($ipaddr = "none", $eaddr = "none", $netmask = "none", # try to determine boot protocol from ip address case $ipaddr { - dhcp: { $proto = "dhcp" } - none: { $proto = "none" } - default: { - $proto = "static" - case $netmask { - none: { fail("Netmask must be defined with ip address") } - } - } + dhcp: { $proto = "dhcp" } + none: { $proto = "none" } + default: { + $proto = "static" + case $netmask { + none: { fail("Netmask must be defined with ip address") } + } + } } case $eaddr { none: { @@ -155,39 +155,39 @@ define network::interface($ipaddr = "none", $eaddr = "none", $netmask = "none", } case $operatingsystem { - openbsd: { - file { "/etc/hostname.${name}": - ensure => present, - content => template("network/hostname.if.erb"), - mode => 0600, - owner => root, - group => wheel, - notify => Exec["restart-network"], - } - } - centos,fedora: { + openbsd: { + file { "/etc/hostname.${name}": + ensure => present, + content => template("network/hostname.if.erb"), + mode => 0600, + owner => root, + group => wheel, + notify => Exec["restart-network"], + } + } + centos,fedora: { if $bridge { network::interface { $bridge: options => [ "BRIDGE=${name}", "LINKDELAY=10" ], before => Exec["restart-interface-${name}"], } } - file { "/etc/sysconfig/network-scripts/ifcfg-${name}": - ensure => present, - content => template("network/ifcfg-if.erb"), - mode => 0644, - owner => root, - group => root, - notify => Exec["restart-interface-${name}"], - } - exec { "restart-interface-${name}": - command => "ifdown ${name} ; ifup ${name}", - path => "/bin:/usr/bin:/sbin:/usr/sbin", - user => root, - refreshonly => true, - require => File["/etc/sysconfig/network-scripts/ifcfg-${name}"], - } - } + file { "/etc/sysconfig/network-scripts/ifcfg-${name}": + ensure => present, + content => template("network/ifcfg-if.erb"), + mode => 0644, + owner => root, + group => root, + notify => Exec["restart-interface-${name}"], + } + exec { "restart-interface-${name}": + command => "ifdown ${name} ; ifup ${name}", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + user => root, + refreshonly => true, + require => File["/etc/sysconfig/network-scripts/ifcfg-${name}"], + } + } debian,ubuntu: { include network::helper::debian file { "/etc/network/interfaces.d/${name}-addr.conf": @@ -209,9 +209,9 @@ define network::interface($ipaddr = "none", $eaddr = "none", $netmask = "none", } } } - default: { - fail("Network module not supported in ${operatingsystem}") - } + default: { + fail("Network module not supported in ${operatingsystem}") + } } } @@ -233,17 +233,17 @@ define network::interface($ipaddr = "none", $eaddr = "none", $netmask = "none", define network::route($gateway = "", $device, $ipv6gateway = "") { case $name { - "default": { - case $operatingsystem { - centos,fedora: { - include network::helper::restart + "default": { + case $operatingsystem { + centos,fedora: { + include network::helper::restart if "${gateway}" != "" { - augeas { "set-default-route": - context => "/files/etc/sysconfig/network", - changes => [ "set GATEWAY ${gateway}", - "set GATEWAYDEV ${device}", ], - notify => Exec["restart-network"], - } + augeas { "set-default-route": + context => "/files/etc/sysconfig/network", + changes => [ "set GATEWAY ${gateway}", + "set GATEWAYDEV ${device}", ], + notify => Exec["restart-network"], + } } if "${ipv6gateway}" != "" { augeas { "set-default-ipv6-route": @@ -252,18 +252,18 @@ define network::route($gateway = "", $device, $ipv6gateway = "") { notify => Exec["restart-network"], } } - } - openbsd: { - include network::helper::restart - file { "/etc/mygate": - ensure => present, - content => template("network/mygate.erb"), - mode => 644, - owner => root, - group => wheel, - notify => Exec["restart-network"], - } - } + } + openbsd: { + include network::helper::restart + file { "/etc/mygate": + ensure => present, + content => template("network/mygate.erb"), + mode => 0644, + owner => root, + group => wheel, + notify => Exec["restart-network"], + } + } debian,ubuntu: { include network::helper::restart include network::helper::debian @@ -277,12 +277,12 @@ define network::route($gateway = "", $device, $ipv6gateway = "") { require => File["/etc/network/interfaces.d/${device}-addr.conf"], } } - default: { - fail("Network module not supported in ${operatingsystem}") - } - } - } - default: { + default: { + fail("Network module not supported in ${operatingsystem}") + } + } + } + default: { if ipv6gateway != "" { fail("Custom IPv6 routes not supported yet.") } @@ -333,29 +333,29 @@ define network::route($gateway = "", $device, $ipv6gateway = "") { # define network::carp($password, $ipaddr, $netmask, $options = []) { case $operatingsystem { - openbsd: { - network::interface { "carp${name}": - ipaddr => "${ipaddr}", - netmask => "${netmask}", - options => [ "vhid ${name}", "pass ${password}", $options ], + openbsd: { + network::interface { "carp${name}": + ipaddr => $ipaddr, + netmask => $netmask, + options => [ "vhid ${name}", "pass ${password}", $options ], postcmd => [ "/usr/sbin/ndp -i carp${name} -- -accept_rtadv" ], - } - } - centos,fedora: { - include network::ucarp - file { "/etc/ucarp/vip-${name}.conf": - ensure => present, - content => template("network/vip.conf.erb"), - mode => 0600, - owner => root, - group => root, - require => Package["ucarp"], - notify => Service["ucarp"], - } - } - default: { - fail("Network module not supported in ${operatingsystem}") - } + } + } + centos,fedora: { + include network::ucarp + file { "/etc/ucarp/vip-${name}.conf": + ensure => present, + content => template("network/vip.conf.erb"), + mode => 0600, + owner => root, + group => root, + require => Package["ucarp"], + notify => Service["ucarp"], + } + } + default: { + fail("Network module not supported in ${operatingsystem}") + } } } @@ -366,13 +366,13 @@ define network::carp($password, $ipaddr, $netmask, $options = []) { # class network::ucarp { package { "ucarp": - ensure => installed, + ensure => installed, } service { "ucarp": - ensure => running, - enable => true, - hasstatus => true, - require => Package["ucarp"], + ensure => running, + enable => true, + hasstatus => true, + require => Package["ucarp"], } } @@ -397,19 +397,19 @@ define network::pppoe($username, $password, $device, $authtype = "pap") { include network::helper::restart case $operatingsystem { - openbsd: { - file { "/etc/hostname.${name}": - ensure => present, - content => template("network/hostname.pppoe.erb"), - mode => 0600, - owner => root, - group => wheel, - notify => Exec["restart-network"], - } - } - default: { - fail("Network module not supported in ${operatingsystem}") - } + openbsd: { + file { "/etc/hostname.${name}": + ensure => present, + content => template("network/hostname.pppoe.erb"), + mode => 0600, + owner => root, + group => wheel, + notify => Exec["restart-network"], + } + } + default: { + fail("Network module not supported in ${operatingsystem}") + } } } @@ -438,27 +438,27 @@ define network::pppoe($username, $password, $device, $authtype = "pap") { # define network::trunk($devices, $mode = 0, $ipaddr = "none", $netmask = "none") { case $operatingsystem { - centos,fedora: { - file { "/etc/modprobe.d/${name}.conf": - ensure => present, - content => "alias ${name} bonding\noptions ${name} miimon=100 mode=${mode}\n", - mode => 0644, - owner => root, - group => root, - } - network::interface { $devices: - options => [ "MASTER=${name}", "SLAVE=yes", ], - require => File["/etc/modprobe.d/${name}.conf"], - before => Network::Interface["${name}"], - } - network::interface { $name: - ipaddr => "${ipaddr}", - netmask => "${netmask}", - } - } - default: { - fail("Network module not supported in ${operatingsystem}") - } + centos,fedora: { + file { "/etc/modprobe.d/${name}.conf": + ensure => present, + content => "alias ${name} bonding\noptions ${name} miimon=100 mode=${mode}\n", + mode => 0644, + owner => root, + group => root, + } + network::interface { $devices: + options => [ "MASTER=${name}", "SLAVE=yes", ], + require => File["/etc/modprobe.d/${name}.conf"], + before => Network::Interface[$name], + } + network::interface { $name: + ipaddr => $ipaddr, + netmask => $netmask, + } + } + default: { + fail("Network module not supported in ${operatingsystem}") + } } } @@ -469,12 +469,12 @@ define network::trunk($devices, $mode = 0, $ipaddr = "none", $netmask = "none") # class network::helper::vlan { case $operatingsystem { - centos,fedora: { - augeas { "enable-vlan-support": - context => "/files/etc/sysconfig/network", - changes => "set VLAN yes", - } - } + centos,fedora: { + augeas { "enable-vlan-support": + context => "/files/etc/sysconfig/network", + changes => "set VLAN yes", + } + } } } @@ -505,25 +505,25 @@ class network::helper::vlan { define network::vlan($device, $ipaddr = "none", $netmask = "none", $options = []) { case $operatingsystem { - openbsd: { - network::interface { "vlan${name}": - options => [ "vlandev ${device}" ], - ipaddr => $ipaddr, - netmask => $netmask, - } - } - centos,fedora: { - include network::helper::vlan - network::interface { "${device}.${name}": - ipaddr => $ipaddr, - netmask => $netmask, + openbsd: { + network::interface { "vlan${name}": + options => [ "vlandev ${device}" ], + ipaddr => $ipaddr, + netmask => $netmask, + } + } + centos,fedora: { + include network::helper::vlan + network::interface { "${device}.${name}": + ipaddr => $ipaddr, + netmask => $netmask, options => $options, - require => Augeas["enable-vlan-support"], - } - } - default: { - fail("Network module not supported in ${operatingsystem}") - } + require => Augeas["enable-vlan-support"], + } + } + default: { + fail("Network module not supported in ${operatingsystem}") + } } } diff --git a/nfs/manifests/init.pp b/nfs/manifests/init.pp index 02680c6..75b8381 100644 --- a/nfs/manifests/init.pp +++ b/nfs/manifests/init.pp @@ -6,7 +6,7 @@ class nfs::client { include portmap::server package { "nfs-utils": - ensure => installed, + ensure => installed, } service { "nfslock": @@ -27,37 +27,37 @@ class nfs::server inherits nfs::client { include portmap::server file { "/etc/exports": - ensure => present, - source => [ "puppet:///files/nfs/exports.${fqdn}", - "puppet:///modules/nfs/exports", ], - mode => 0644, - owner => root, - group => root, - require => Package["nfs-utils"], - notify => Exec["exportfs"], + ensure => present, + source => [ "puppet:///files/nfs/exports.${fqdn}", + "puppet:///modules/nfs/exports", ], + mode => 0644, + owner => root, + group => root, + require => Package["nfs-utils"], + notify => Exec["exportfs"], } file { "/etc/sysconfig/nfs": - ensure => present, - source => "puppet:///modules/nfs/nfs.sysconfig", - mode => 0644, - owner => root, - group => root, - notify => Service["nfs"], + ensure => present, + source => "puppet:///modules/nfs/nfs.sysconfig", + mode => 0644, + owner => root, + group => root, + notify => Service["nfs"], } service { "nfs": - ensure => running, - enable => true, - hasstatus => true, - require => Package["nfs-utils"], + ensure => running, + enable => true, + hasstatus => true, + require => Package["nfs-utils"], } exec { "exportfs": - command => "exportfs -av", - path => "/bin:/usr/bin:/sbin:/usr/sbin", - refreshonly => true, - require => Service["nfs"], + command => "exportfs -av", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + refreshonly => true, + require => Service["nfs"], } } diff --git a/nginx/manifests/init.pp b/nginx/manifests/init.pp index 6a25bc6..0addb42 100644 --- a/nginx/manifests/init.pp +++ b/nginx/manifests/init.pp @@ -18,8 +18,8 @@ class nginx { } service { "nginx": - enable => true, ensure => running, + enable => true, require => Package["nginx"], } diff --git a/openvpn/manifests/init.pp b/openvpn/manifests/init.pp index 53cfd4c..d99a795 100644 --- a/openvpn/manifests/init.pp +++ b/openvpn/manifests/init.pp @@ -9,7 +9,7 @@ class openvpn::client { service { "openvpn": ensure => running, enable => true, - require => [ Package["openvpn"], + require => [ Package["openvpn"], File["/etc/openvpn/openvpn.conf"], File["/etc/openvpn/ta.key"], File["/etc/openvpn/ca.crt"], ], @@ -30,11 +30,11 @@ class openvpn::client { file { "/etc/openvpn/openvpn.conf": ensure => present, - content => template("openvpn/openvpn.conf.erb"), + content => template("openvpn/openvpn.conf.erb"), mode => 0640, owner => "root", group => "root", - notify => Service["openvpn"], + notify => Service["openvpn"], require => Package["openvpn"], } file { "/etc/openvpn/ta.key": diff --git a/psacct/manifests/init.pp b/psacct/manifests/init.pp index 09ec195..c57fbb8 100644 --- a/psacct/manifests/init.pp +++ b/psacct/manifests/init.pp @@ -31,7 +31,7 @@ class psacct::linux { } service { "psacct": - name => $operatingsystem ? { + name => $operatingsystem ? { ubuntu => "acct", default => "psacct", }, diff --git a/puppet/manifests/init.pp b/puppet/manifests/init.pp index 88b7884..20a1d9e 100644 --- a/puppet/manifests/init.pp +++ b/puppet/manifests/init.pp @@ -4,7 +4,7 @@ class puppet::client { tag("bootstrap") - + if ! $puppet_server { $puppet_server = "puppet" } @@ -19,15 +19,15 @@ class puppet::client { } case $operatingsystem { - centos,fedora: { - package { "ruby-shadow": - ensure => installed, - } - } + centos,fedora: { + package { "ruby-shadow": + ensure => installed, + } + } ubuntu,debian: { package { "libaugeas-ruby": - name => regsubst($rubyversion, '^([0-9]+\.[0-9]+)\..*', 'libaugeas-ruby\1'), ensure => installed, + name => regsubst($rubyversion, '^([0-9]+\.[0-9]+)\..*', 'libaugeas-ruby\1'), before => Service["puppet"], } } @@ -44,7 +44,7 @@ class puppet::client { } } } - + file { "/etc/puppet/puppet.conf": ensure => present, content => template("puppet/puppet.conf.erb"), @@ -259,7 +259,7 @@ class puppet::server::common inherits puppet::client { } if $puppet_datadir { - file { "${puppet_datadir}": + file { $puppet_datadir: ensure => directory, mode => 0755, owner => root, @@ -272,9 +272,9 @@ class puppet::server::common inherits puppet::client { } file { "/srv/puppet": ensure => link, - target => "${puppet_datadir}", + target => $puppet_datadir, seltype => "var_lib_t", - require => File["${puppet_datadir}"], + require => File[$puppet_datadir], } } else { file { "/srv/puppet": @@ -299,7 +299,7 @@ class puppet::server::common inherits puppet::client { selinux::manage_fcontext { "${puppet_datadir}(/.*)?": type => "var_lib_t", before => File[$puppet_datadir], - } + } } } diff --git a/python/manifests/init.pp b/python/manifests/init.pp index 09ba3a4..87413cc 100644 --- a/python/manifests/init.pp +++ b/python/manifests/init.pp @@ -15,7 +15,7 @@ define python::setup::install($python="python") { exec { "python-setup-install-${name}": path => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin", - cwd => "${name}", + cwd => $name, command => "${python} setup.py install", creates => "${name}/build", } diff --git a/rsync/manifests/init.pp b/rsync/manifests/init.pp index 15a010c..6d4124b 100644 --- a/rsync/manifests/init.pp +++ b/rsync/manifests/init.pp @@ -22,5 +22,5 @@ class rsync::run-rsync { group => "root", } } - } + } } diff --git a/samba/manifests/init.pp b/samba/manifests/init.pp index 5aa0e9e..2285fe8 100644 --- a/samba/manifests/init.pp +++ b/samba/manifests/init.pp @@ -3,7 +3,7 @@ class samba::server { package { "samba": - ensure => installed, + ensure => installed, } case $operatingsystem { @@ -58,30 +58,30 @@ class samba::server { } file { "/etc/samba/smb.conf": - ensure => present, - source => [ "puppet:///files/samba/smb.conf.${fqdn}", - "puppet:///files/samba/smb.conf", ], - mode => 0644, - owner => root, - group => $operatingsystem ? { + ensure => present, + source => [ "puppet:///files/samba/smb.conf.${fqdn}", + "puppet:///files/samba/smb.conf", ], + mode => 0644, + owner => root, + group => $operatingsystem ? { openbsd => wheel, default => root, }, - require => Package["samba"], + require => Package["samba"], } file { "/etc/samba/lmhosts": - ensure => present, - source => [ "puppet:///files/samba/lmhosts.${fqdn}", - "puppet:///files/samba/lmhosts", - "puppet:///modules/samba/lmhosts", ], - mode => 0644, - owner => root, - group => $operatingsystem ? { + ensure => present, + source => [ "puppet:///files/samba/lmhosts.${fqdn}", + "puppet:///files/samba/lmhosts", + "puppet:///modules/samba/lmhosts", ], + mode => 0644, + owner => root, + group => $operatingsystem ? { openbsd => wheel, default => root, }, - require => Package["samba"], + require => Package["samba"], } } diff --git a/saslauthd/manifests/init.pp b/saslauthd/manifests/init.pp index 392efbc..e42d806 100644 --- a/saslauthd/manifests/init.pp +++ b/saslauthd/manifests/init.pp @@ -25,7 +25,7 @@ class saslauthd::server { creates => "/etc/sasldb2", require => Package["cyrus-sasl"], } - + } @@ -43,8 +43,9 @@ class saslauthd::server { define saslauthd::service() { case $architecture { - i386: { $libdir = "/usr/lib/sasl2" } - x86_64: { $libdir = "/usr/lib64/sasl2" } + "i386": { $libdir = "/usr/lib/sasl2" } + "x86_64": { $libdir = "/usr/lib64/sasl2" } + default: { fail("Unknown architecture ${architecture}") } file { "${libdir}/${name}.conf": diff --git a/selinux/manifests/init.pp b/selinux/manifests/init.pp index 21eaee1..68b275d 100644 --- a/selinux/manifests/init.pp +++ b/selinux/manifests/init.pp @@ -12,7 +12,7 @@ class selinux { if $kernel != "Linux" { fail("SELinux supported only on Linux systems") } - + if ! $selinux_type { $selinux_type = "permissive" } @@ -22,11 +22,11 @@ class selinux { "disabled": {} default: { fail("Invalid SELinux mode ${selinux_type}") } } - + package { [ "selinux-policy-targeted", "setroubleshoot" ]: ensure => installed, } - + file { "/etc/selinux/config": ensure => present, content => template("selinux/config.erb"), @@ -62,7 +62,7 @@ class selinux { unless => "getenforce | egrep -i '${selinux_type}'", require => File["/etc/selinux/config"], } - + include selinux::tools } diff --git a/sendmail/manifests/init.pp b/sendmail/manifests/init.pp index f0c2f75..56a22d9 100644 --- a/sendmail/manifests/init.pp +++ b/sendmail/manifests/init.pp @@ -8,8 +8,8 @@ class sendmail::common { if $operatingsystem != "OpenBSD" { package { "sendmail": - name => [ "sendmail", "sendmail-cf", ], ensure => installed, + name => [ "sendmail", "sendmail-cf", ], } service { "sendmail": ensure => running, @@ -68,8 +68,8 @@ class sendmail::client inherits sendmail::common { } exec { "make submit.cf": - path => "/bin:/usr/bin:/sbin:/usr/sbin:/etc/mail", - cwd => $operatingsystem ? { + path => "/bin:/usr/bin:/sbin:/usr/sbin:/etc/mail", + cwd => $operatingsystem ? { "openbsd" => "/usr/share/sendmail/cf", default => "/etc/mail", }, @@ -133,9 +133,11 @@ class sendmail::server inherits sendmail::common { } } - file { "sendmail.mc": name => $operatingsystem ? { - "openbsd" => "/usr/share/sendmail/cf/sendmail.mc", - default => "/etc/mail/sendmail.mc", }, + file { "sendmail.mc": + name => $operatingsystem ? { + "openbsd" => "/usr/share/sendmail/cf/sendmail.mc", + default => "/etc/mail/sendmail.mc", + }, content => template("sendmail/sendmail.mc.erb"), owner => "root", group => $group, @@ -143,21 +145,21 @@ class sendmail::server inherits sendmail::common { notify => Exec["make sendmail.cf"], } - file { "/etc/aliases": + file { "/etc/aliases": ensure => present, - notify => Exec["newaliases"], + notify => Exec["newaliases"], owner => "root", group => $group, mode => 0644, - } + } exec { "make sendmail.cf": - path => "/bin:/usr/bin:/sbin:/usr/sbin", - cwd => $operatingsystem ? { + path => "/bin:/usr/bin:/sbin:/usr/sbin", + cwd => $operatingsystem ? { openbsd => "/usr/share/sendmail/cf", default => "/etc/mail", }, - require => $operatingsystem ? { + require => $operatingsystem ? { openbsd => undef, default => Package["sendmail"], }, @@ -174,11 +176,11 @@ class sendmail::server inherits sendmail::common { default => undef, }, require => Exec["make sendmail.cf"], - notify => Service["sendmail"], + notify => Service["sendmail"], } exec { "newaliases": - path => "/bin:/usr/bin:/sbin:/usr/sbin", + path => "/bin:/usr/bin:/sbin:/usr/sbin", refreshonly => true, } } diff --git a/smolt/manifests/init.pp b/smolt/manifests/init.pp index 3191a80..5404a83 100644 --- a/smolt/manifests/init.pp +++ b/smolt/manifests/init.pp @@ -20,5 +20,5 @@ class smolt::client inherits smolt::package { hasstatus => true, require => Package["smolt"], } - + } diff --git a/ssh/manifests/init.pp b/ssh/manifests/init.pp index 69afa1e..dd2b5a1 100644 --- a/ssh/manifests/init.pp +++ b/ssh/manifests/init.pp @@ -12,10 +12,10 @@ class ssh::known_hosts { }, } - @@sshkey { "${homename}": + @@sshkey { $homename: ensure => present, type => rsa, - key => "${sshrsakey}", + key => $sshrsakey, host_aliases => inline_template("<%= homename.split('.')[0] %>"), require => File["/etc/ssh/ssh_known_hosts"], } diff --git a/ssl/manifests/init.pp b/ssl/manifests/init.pp index 0ff0863..7e0fb09 100644 --- a/ssl/manifests/init.pp +++ b/ssl/manifests/init.pp @@ -77,10 +77,10 @@ define ssl::certificate($cn, $mode, $owner, $group, exec { "openssl-req-${name}": path => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin", command => "/bin/sh -c 'umask 077 ; openssl req -x509 -nodes -days ${days} -newkey rsa:${keysize} -subj \"${subject_real}\" -keyout ${keyout_real} -out ${name}'", - creates => [ "${name}", "${keyout_real}" ], + creates => [ $name, $keyout_real ], } - file { "${name}": + file { $name: ensure => present, mode => $mode, owner => $owner, @@ -89,7 +89,7 @@ define ssl::certificate($cn, $mode, $owner, $group, } if $keyout { - file { "${keyout}": + file { $keyout: ensure => present, mode => $keymode, owner => $keyowner, @@ -117,10 +117,10 @@ define ssl::dhparam($mode, $owner, $group, $keysize="1024") { exec { "openssl-dhparam-${name}": path => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin", command => "/bin/sh -c 'umask 077 ; openssl dhparam -out ${name} ${keysize}'", - creates => "${name}", + creates => $name, } - file { "${name}": + file { $name: ensure => present, mode => $mode, owner => $owner, diff --git a/svn/manifests/init.pp b/svn/manifests/init.pp index 5497ca6..4b58b16 100644 --- a/svn/manifests/init.pp +++ b/svn/manifests/init.pp @@ -41,13 +41,13 @@ define svn::checkout($source, $ensure="HEAD") { exec { "svn-co-${name}": path => "/bin:/usr/bin:/sbin:/usr/sbin", command => "svn checkout --non-interactive -r ${ensure} ${source} ${name}", - creates => "${name}", + creates => $name, require => [ Package["subversion"], File["/etc/subversion/servers"], ], } exec { "svn-up-${name}": path => "/bin:/usr/bin:/sbin:/usr/sbin", - cwd => "${name}", + cwd => $name, command => "svn update --non-interactive -r ${ensure}", onlyif => $ensure ? { "HEAD" => "svn status --non-interactive -q -u 2>&1 | egrep '^[[:space:]]+\\*'", @@ -92,7 +92,7 @@ define svn::export($source, $ensure="HEAD") { exec { "svn-export-${name}": path => "/bin:/usr/bin:/sbin:/usr/sbin", command => "svn export --non-interactive -r ${ensure} ${source} ${name} && svn info --non-interactive -r ${ensure} ${source} 2>&1 | awk '/^Last Changed Rev:/ { print \$4 }' > ${name}/.svnrevision", - creates => "${name}", + creates => $name, require => Exec["svn-export-clean-${name}"], } diff --git a/sysctl/manifests/init.pp b/sysctl/manifests/init.pp index f49ffd4..18831fe 100644 --- a/sysctl/manifests/init.pp +++ b/sysctl/manifests/init.pp @@ -17,15 +17,15 @@ define sysctl::set($value) { exec { "sysctl-${name}": - command => "sysctl -w ${name}='${value}'", - path => "/bin:/usr/bin:/sbin:/usr/sbin", - unless => "test \"`sysctl -n ${name}`\" = \"${value}\"", + command => "sysctl -w ${name}='${value}'", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + unless => "test \"`sysctl -n ${name}`\" = \"${value}\"", } exec { "sysctl-${name}-save": - path => "/bin:/usr/bin:/sbin:/usr/sbin", - command => "echo '${name}=${value}' >> /etc/sysctl.conf", - unless => "egrep '^${name}=' /etc/sysctl.conf", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + command => "echo '${name}=${value}' >> /etc/sysctl.conf", + unless => "egrep '^${name}=' /etc/sysctl.conf", } } diff --git a/syslog/manifests/init.pp b/syslog/manifests/init.pp index c50cf59..dde2166 100644 --- a/syslog/manifests/init.pp +++ b/syslog/manifests/init.pp @@ -84,8 +84,8 @@ class syslog::client::syslogd { if $operatingsystem != "OpenBSD" { package { "syslogd": - name => "sysklogd", ensure => installed, + name => "sysklogd", before => File["/etc/syslog.conf"], } } diff --git a/tftp/manifests/init.pp b/tftp/manifests/init.pp index d7d89db..9c49f88 100644 --- a/tftp/manifests/init.pp +++ b/tftp/manifests/init.pp @@ -9,7 +9,7 @@ class tftp::server { if $tftp_datadir { - file { "${tftp_datadir}": + file { $tftp_datadir: ensure => directory, mode => 0755, owner => root, @@ -21,9 +21,9 @@ class tftp::server { } file { "/srv/tftpboot": ensure => link, - target => "${tftp_datadir}", + target => $tftp_datadir, seltype => "tftpdir_t", - require => File["${tftp_datadir}"], + require => File[$tftp_datadir], } } else { file { "/srv/tftpboot": @@ -64,8 +64,8 @@ class tftp::server { } if $tftp_datadir { selinux::manage_fcontext { "${tftp_datadir}(/.*)?": - type => "tftpdir_t", - before => File["${tftp_datadir}"], + type => "tftpdir_t", + before => File[$tftp_datadir], } } } diff --git a/time/manifests/init.pp b/time/manifests/init.pp index 10612c7..d69fe9d 100644 --- a/time/manifests/init.pp +++ b/time/manifests/init.pp @@ -5,7 +5,7 @@ class time::server { include inetd::server inetd::service { "time-stream": - ensure => present, + ensure => present, } } @@ -17,24 +17,27 @@ class time::server { class time::zone { file { "/etc/localtime": ensure => present, - mode => 0644, + mode => 0644, source => "/usr/share/zoneinfo/$timezone_set" } case $operatingsystem { centos,redhat: { file { "/etc/sysconfig/clock": - ensure => present, - mode => 0644, + ensure => present, + mode => 0644, content => template("time/sysconfig_clock.erb"), } } ubuntu: { file { "/etc/timezone": - ensure => present, - mode => 0644, + ensure => present, + mode => 0644, content => "$timezone_set\n", } } + default: { + fail("time::zone not supported on ${operatingsystem}") + } } } diff --git a/user/manifests/init.pp b/user/manifests/init.pp index c98c763..2be2db6 100644 --- a/user/manifests/init.pp +++ b/user/manifests/init.pp @@ -12,14 +12,12 @@ class user::system { }, } - case $operatingsystem { - "ubuntu": { - file { "/sbin/nologin": - ensure => link, - target => "/usr/sbin/nologin", - owner => "root", - group => "root", - } + if $operatingsystem == "ubuntu": { + file { "/sbin/nologin": + ensure => link, + target => "/usr/sbin/nologin", + owner => "root", + group => "root", } } @@ -241,7 +239,7 @@ class user::system { # define user::newuser($uid, $gid, $comment, $home, $shell, $groups=undef, $requiregroups=undef) { - user { "${name}": + user { $name: ensure => present, uid => $uid, gid => $gid, @@ -268,7 +266,7 @@ define user::newuser($uid, $gid, $comment, $home, $shell, $groups=undef, $requir command => "/bin/sh -c 'umask 077; mkdir -p ${home} && tar cf - . | tar xf - -C ${home} && chown -R ${uid}:${gid} ${home}'", cwd => "/etc/skel", path => "/sbin:/usr/sbin:/bin:/usr/bin", - creates => "${home}", + creates => $home, refreshonly => true, } diff --git a/util/manifests/init.pp b/util/manifests/init.pp index ebb74f8..20c01ff 100644 --- a/util/manifests/init.pp +++ b/util/manifests/init.pp @@ -28,14 +28,14 @@ define util::extract::tar($source, $ensure=present, $strip=0, $preserve=false) { exec { "tar-rmdir-${name}": path => "/bin:/usr/bin:/sbin:/usr/sbin", command => "rm -fr ${name}", - before => File["${name}"], - subscribe => File["${source}"], + before => File[$name], + subscribe => File[$source], refreshonly => true, } } } - file { "${name}": + file { $name: ensure => directory, mode => 0755, owner => "root", @@ -65,7 +65,7 @@ define util::extract::tar($source, $ensure=present, $strip=0, $preserve=false) { exec { "tar-extract-${name}": path => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin", command => $command, - require => File["${name}"], + require => File[$name], unless => "test -n \"$(ls -A ${name})\"", } @@ -95,8 +95,8 @@ define util::extract::zip($source, $ensure=present) { exec { "zip-rmdir-${name}": path => "/bin:/usr/bin:/sbin:/usr/sbin", command => "rm -fr ${name}", - before => File["${name}"], - subscribe => File["${source}"], + before => File[$name], + subscribe => File[$source], refreshonly => true, } } @@ -104,7 +104,7 @@ define util::extract::zip($source, $ensure=present) { $command = "unzip ${source} -d ${name}" - file { "${name}": + file { $name: ensure => directory, mode => 0755, owner => root, @@ -114,7 +114,7 @@ define util::extract::zip($source, $ensure=present) { exec { "zip-extract-${name}": path => "/bin:/usr/bin:/sbin:/usr/sbin", command => $command, - require => File["${name}"], + require => File[$name], unless => "test -n \"$(ls -A ${name})\"", } @@ -158,7 +158,7 @@ define util::patch($source, $strip=0) { exec { "patch-${name}-${source}": path => "/bin:/usr/bin:/sbin:/usr/sbin", - cwd => "${name}", + cwd => $name, command => "patch -N -b -t -p${strip} < ${source}", onlyif => "patch --dry-run -N -b -t -p${strip} < ${source}", require => Class["util::patch::package"], diff --git a/vmware/manifests/guest.pp b/vmware/manifests/guest.pp index 466fa58..0292ca9 100644 --- a/vmware/manifests/guest.pp +++ b/vmware/manifests/guest.pp @@ -4,12 +4,12 @@ class vmware::guest { case $virtual { - vmware: { - case $operatingsystem { - centos: { include vmware::guest::centos } - fedora: { include vmware::guest::fedora } - } - } + vmware: { + case $operatingsystem { + centos: { include vmware::guest::centos } + fedora: { include vmware::guest::fedora } + } + } } } @@ -46,11 +46,11 @@ class vmware::guest::centos { class vmware::guest::fedora { package { "VMwareTools": - ensure => absent, + ensure => absent, } package { "open-vm-tools": - ensure => installed, - require => Package["VMwareTools"], + ensure => installed, + require => Package["VMwareTools"], } } diff --git a/vmware/manifests/player.pp b/vmware/manifests/player.pp index 89e2df4..5e7bc6e 100644 --- a/vmware/manifests/player.pp +++ b/vmware/manifests/player.pp @@ -9,5 +9,5 @@ class vmware::player { vmware::bundle { "VMware-Player": } - + } diff --git a/vmware/manifests/server.pp b/vmware/manifests/server.pp index a4c4939..a41d7bd 100644 --- a/vmware/manifests/server.pp +++ b/vmware/manifests/server.pp @@ -2,50 +2,50 @@ class vmware::server { package { "VMware-server": - ensure => installed, + ensure => installed, } service { "vmware": - ensure => running, - enable => true, - hasstatus => true, - start => "pkill 'vmnet-' ; /sbin/service vmware stop ; rm -f /etc/vmware/not_configured ; /sbin/service vmware start && sleep 5", - stop => "pkill 'vmnet-' ; /sbin/service vmware stop", - require => [ Package["VMware-server"], - Exec["vmware-config.pl"], ], + ensure => running, + enable => true, + hasstatus => true, + start => "pkill 'vmnet-' ; /sbin/service vmware stop ; rm -f /etc/vmware/not_configured ; /sbin/service vmware start && sleep 5", + stop => "pkill 'vmnet-' ; /sbin/service vmware stop", + require => [ Package["VMware-server"], + Exec["vmware-config.pl"], ], } # seems that vmware init script fails if pid files are missing for vmnet # processes, so kill them by force first exec { "vmware-config.pl": - command => "pkill 'vmnet-' ; perl /usr/bin/vmware-config.pl --default EULA_AGREED=yes && rm -f /etc/vmware/not_configured", - path => "/bin:/usr/bin:/sbin:/usr/sbin", + command => "pkill 'vmnet-' ; perl /usr/bin/vmware-config.pl --default EULA_AGREED=yes && rm -f /etc/vmware/not_configured", + path => "/bin:/usr/bin:/sbin:/usr/sbin", environment => [ "PAGER=/bin/cat", ], - unless => "test ! -f /etc/vmware/not_configured -a -f /lib/modules/$kernelrelease/misc/vmci.ko", + unless => "test ! -f /etc/vmware/not_configured -a -f /lib/modules/$kernelrelease/misc/vmci.ko", require => Package["VMware-server"], - notify => Service["vmware"], + notify => Service["vmware"], } if $vmware_serial { - exec { "vmware-set-serial": - command => "/usr/lib/vmware/bin/vmware-vmx --new-sn ${vmware_serial}", - path => "/bin:/usr/bin:/sbin:/usr/sbin", - user => root, - creates => "/etc/vmware/license.vs.1.0-00", - require => Package["VMware-server"], - before => Exec["vmware-config.pl"], - } + exec { "vmware-set-serial": + command => "/usr/lib/vmware/bin/vmware-vmx --new-sn ${vmware_serial}", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + user => root, + creates => "/etc/vmware/license.vs.1.0-00", + require => Package["VMware-server"], + before => Exec["vmware-config.pl"], + } } if $vmware_admin_group { file { "/etc/vmware/ssl/rui.key": - ensure => present, - mode => 0640, - owner => root, - group => $vmware_admin_group, - require => [ Service["vmware"], + ensure => present, + mode => 0640, + owner => root, + group => $vmware_admin_group, + require => [ Service["vmware"], Class["puppet::client"], ], - notify => Exec["restart-vmware-mgmt"], + notify => Exec["restart-vmware-mgmt"], } exec { "restart-vmware-mgmt": command => "/etc/init.d/vmware-mgmt restart && sleep 10", @@ -73,21 +73,21 @@ class vmware::server::scripts { include socat::package define vmware::server::scripts::file { - file { "/usr/local/sbin/${name}": - ensure => present, - source => "puppet:///modules/vmware/scripts/${name}", - mode => 0755, - owner => root, - group => root, - } + file { "/usr/local/sbin/${name}": + ensure => present, + source => "puppet:///modules/vmware/scripts/${name}", + mode => 0755, + owner => root, + group => root, + } } file { "/usr/local/lib/vmware.sh": - ensure => present, - source => "puppet:///modules/vmware/scripts/vmware.sh", - mode => 0644, - owner => root, - group => root, + ensure => present, + source => "puppet:///modules/vmware/scripts/vmware.sh", + mode => 0644, + owner => root, + group => root, } vmware::server::scripts::file { "vmware-console": } @@ -112,18 +112,18 @@ class vmware::server::vmfs { include vmware::server file { "/vmfs": - ensure => directory, - mode => 0755, - owner => root, - group => root, - require => Package["VMware-server"], + ensure => directory, + mode => 0755, + owner => root, + group => root, + require => Package["VMware-server"], } file { "/vmfs/volumes": - ensure => directory, - mode => 0755, - owner => root, - group => root, - require => File["/vmfs"], + ensure => directory, + mode => 0755, + owner => root, + group => root, + require => File["/vmfs"], } } @@ -158,61 +158,61 @@ define vmware::server::datastore($device, $type = "auto", $options = "defaults") if $type == "auto" { $server = regsubst($device, '^([a-zA-Z0-9\-]+):(/.+)$', '\1') - if $server == $device { - $fstype = $type - if $device == regsubst($device, '^(/dev/).+$', '\1') { - $mountopts = "bind" - } - } else { - $fstype = "nfs" - $path = regsubst($device, '^([a-zA-Z0-9\-]+):(/.+)$', '\2') - } + if $server == $device { + $fstype = $type + if $device == regsubst($device, '^(/dev/).+$', '\1') { + $mountopts = "bind" + } + } else { + $fstype = "nfs" + $path = regsubst($device, '^([a-zA-Z0-9\-]+):(/.+)$', '\2') + } } if !$mountopts { - $mountopts = $options + $mountopts = $options } file { "/vmfs/volumes/${name}": - ensure => directory, - mode => $fstype ? { + ensure => directory, + mode => $fstype ? { nfs => 0755, default => 0775, }, - owner => root, - group => $fstype ? { + owner => root, + group => $fstype ? { nfs => "root", default => $real_vmware_admin_group, }, - require => File["/vmfs/volumes"], + require => File["/vmfs/volumes"], } mount { "/vmfs/volumes/${name}": - ensure => mounted, - device => "${device}", - fstype => "${fstype}", - options => "${mountopts}", - require => File["/vmfs/volumes/${name}"], + ensure => mounted, + device => $device, + fstype => $fstype, + options => $mountopts, + require => File["/vmfs/volumes/${name}"], } exec { "vmware-create-datastore-${name}": - command => $fstype ? { - nfs => "vmware-vim-cmd hostsvc/datastore/nas_create ${name} ${server} ${path} 0", - default => "vmware-vim-cmd hostsvc/datastore/localds_create ${name} /vmfs/volumes/${name}", - }, - path => "/bin:/usr/bin:/sbin:/usr/sbin", - user => root, - unless => "vmware-vim-cmd hostsvc/datastore/summary ${name}", - require => [ Mount["/vmfs/volumes/${name}"], - Service["vmware"], ], - notify => Exec["vmware-refresh-datastore-${name}"], + command => $fstype ? { + nfs => "vmware-vim-cmd hostsvc/datastore/nas_create ${name} ${server} ${path} 0", + default => "vmware-vim-cmd hostsvc/datastore/localds_create ${name} /vmfs/volumes/${name}", + }, + path => "/bin:/usr/bin:/sbin:/usr/sbin", + user => root, + unless => "vmware-vim-cmd hostsvc/datastore/summary ${name}", + require => [ Mount["/vmfs/volumes/${name}"], + Service["vmware"], ], + notify => Exec["vmware-refresh-datastore-${name}"], } exec { "vmware-refresh-datastore-${name}": - command => "vmware-vim-cmd hostsvc/datastore/refresh ${name}", - path => "/bin:/usr/bin:/sbin:/usr/sbin", - user => root, - refreshonly => true, + command => "vmware-vim-cmd hostsvc/datastore/refresh ${name}", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + user => root, + refreshonly => true, } } @@ -229,7 +229,7 @@ define vmware::server::datastore($device, $type = "auto", $options = "defaults") # $device: # Physical network device to bridge. # $ensure: -# Set to present to enable bridge and absent to disable it. +# Set to present to enable bridge and absent to disable it. # # === Sample usage # @@ -243,35 +243,35 @@ define vmware::server::bridge($description, $device, $ensure = "present") { $vmnet = regsubst($name, '^vmnet([0-9]+)$', '\1') if $vmnet == $name { - fail("Invalid vmnet device name.") + fail("Invalid vmnet device name.") } service { "${name}-bridge": - ensure => $ensure ? { - "present" => running, - "absent" => stopped, - }, - pattern => "/usr/bin/vmnet-bridge -d .* -n ${vmnet}", - start => "/usr/bin/vmnet-bridge -d /var/run/vmnet-bridge-${vmnet}.pid -n ${vmnet} -i ${device}", - stop => "pkill -f '/usr/bin/vmnet-bridge -d .* -n ${vmnet}'", - provider => base, - require => Exec["vmware-config.pl"], + ensure => $ensure ? { + "present" => running, + "absent" => stopped, + }, + pattern => "/usr/bin/vmnet-bridge -d .* -n ${vmnet}", + start => "/usr/bin/vmnet-bridge -d /var/run/vmnet-bridge-${vmnet}.pid -n ${vmnet} -i ${device}", + stop => "pkill -f '/usr/bin/vmnet-bridge -d .* -n ${vmnet}'", + provider => base, + require => Exec["vmware-config.pl"], } vmware_config { "VNET_${vmnet}_NAME": - ensure => $ensure ? { - absent => absent, - present => "${description}", - }, - require => Exec["vmware-config.pl"], + ensure => $ensure ? { + absent => absent, + present => $description, + }, + require => Exec["vmware-config.pl"], } vmware_config { "VNET_${vmnet}_INTERFACE": - ensure => $ensure ? { - absent => absent, - present => "${device}", - }, - notify => Service["${name}-bridge"], - require => Exec["vmware-config.pl"], + ensure => $ensure ? { + absent => absent, + present => $device, + }, + notify => Service["${name}-bridge"], + require => Exec["vmware-config.pl"], } } diff --git a/vsroom/manifests/init.pp b/vsroom/manifests/init.pp index df50e47..d6e343c 100644 --- a/vsroom/manifests/init.pp +++ b/vsroom/manifests/init.pp @@ -44,7 +44,7 @@ class vsroom { realize(User["vsroom"], Group["vsroom"]) if $vsroom_datadir { - file { "${vsroom_datadir}": + file { $vsroom_datadir: ensure => directory, mode => 0750, owner => "root", @@ -53,8 +53,8 @@ class vsroom { file { "/var/lib/vsroom": ensure => link, - target => "${vsroom_datadir}", - require => File["${vsroom_datadir}"], + target => $vsroom_datadir, + require => File[$vsroom_datadir], } } else { file { "/var/lib/vsroom": diff --git a/wiki/manifests/init.pp b/wiki/manifests/init.pp index 63ee207..87ca53f 100644 --- a/wiki/manifests/init.pp +++ b/wiki/manifests/init.pp @@ -171,7 +171,7 @@ class wiki::collab::base { } if $wiki_datadir { - file { "${wiki_datadir}": + file { $wiki_datadir: ensure => directory, mode => 0755, owner => root, @@ -180,8 +180,8 @@ class wiki::collab::base { file { "/srv/wikis": ensure => link, - target => "${wiki_datadir}", - require => File["${wiki_datadir}"], + target => $wiki_datadir, + require => File[$wiki_datadir], } } else { file { "/srv/wikis": From 17341ec85c2b4788aee76e05a9af0bb62000e3bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Tue, 27 Mar 2012 15:20:40 +0300 Subject: [PATCH 17/26] Fixed syntax errors. --- saslauthd/manifests/init.pp | 2 +- user/manifests/init.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/saslauthd/manifests/init.pp b/saslauthd/manifests/init.pp index e42d806..10b483a 100644 --- a/saslauthd/manifests/init.pp +++ b/saslauthd/manifests/init.pp @@ -45,7 +45,7 @@ define saslauthd::service() { case $architecture { "i386": { $libdir = "/usr/lib/sasl2" } "x86_64": { $libdir = "/usr/lib64/sasl2" } - default: { fail("Unknown architecture ${architecture}") + default: { fail("Unknown architecture ${architecture}") } } file { "${libdir}/${name}.conf": diff --git a/user/manifests/init.pp b/user/manifests/init.pp index 2be2db6..28270b1 100644 --- a/user/manifests/init.pp +++ b/user/manifests/init.pp @@ -12,7 +12,7 @@ class user::system { }, } - if $operatingsystem == "ubuntu": { + if $operatingsystem == "ubuntu" { file { "/sbin/nologin": ensure => link, target => "/usr/sbin/nologin", From 84edcd61edbd27b1d14f27f4631755215e987f35 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Tue, 27 Mar 2012 16:10:01 +0300 Subject: [PATCH 18/26] Fixed "unquoted file mode" errors given by puppet-lint. --- abusehelper/manifests/init.pp | 8 ++-- alpine/manifests/init.pp | 6 +-- amanda/manifests/init.pp | 18 ++++---- apache/manifests/debian.pp | 38 ++++++++--------- apache/manifests/init.pp | 18 ++++---- apache/manifests/redhat.pp | 36 ++++++++-------- apcupsd/manifests/init.pp | 2 +- apt/manifests/init.pp | 14 +++---- arduino/manifests/init.pp | 2 +- autofs/manifests/init.pp | 6 +-- avahi/manifests/init.pp | 4 +- backuppc/manifests/init.pp | 22 +++++----- clarified/manifests/init.pp | 18 ++++---- cups/manifests/init.pp | 16 +++---- custom/manifests/init.pp | 2 +- daap/manifests/init.pp | 2 +- dhcp/manifests/init.pp | 8 ++-- dns/manifests/init.pp | 22 +++++----- dovecot/manifests/init.pp | 30 +++++++------- ejabberd/manifests/init.pp | 40 +++++++++--------- firewall/manifests/init.pp | 18 ++++---- func/manifests/init.pp | 48 ++++++++++----------- git/manifests/init.pp | 18 ++++---- hastymail/manifests/init.pp | 8 ++-- ifstated/manifests/init.pp | 6 +-- irc/manifests/init.pp | 54 ++++++++++++------------ iscsi/manifests/init.pp | 6 +-- kerberos/manifests/init.pp | 14 +++---- ldap/manifests/init.pp | 36 ++++++++-------- libvirt/manifests/init.pp | 2 +- minecraft/manifests/init.pp | 4 +- munin/manifests/init.pp | 50 +++++++++++----------- mutt/manifests/init.pp | 8 ++-- mysql/manifests/init.pp | 54 ++++++++++++------------ mythtv/manifests/init.pp | 14 +++---- network/manifests/init.pp | 30 +++++++------- networker/manifests/init.pp | 4 +- nfs/manifests/init.pp | 4 +- nginx/manifests/init.pp | 6 +-- ntpd/manifests/init.pp | 6 +-- openvpn/manifests/init.pp | 6 +-- pam/manifests/init.pp | 2 +- procmail/manifests/init.pp | 6 +-- psacct/manifests/init.pp | 6 +-- pulseaudio/manifests/init.pp | 6 +-- puppet/manifests/init.pp | 78 +++++++++++++++++------------------ rsync/manifests/init.pp | 2 +- samba/manifests/init.pp | 22 +++++----- saslauthd/manifests/init.pp | 12 +++--- selinux/manifests/init.pp | 6 +-- sendmail/manifests/init.pp | 12 +++--- ssh/manifests/init.pp | 16 +++---- sudo/manifests/init.pp | 6 +-- svn/manifests/init.pp | 2 +- syslog/manifests/init.pp | 18 ++++---- tftp/manifests/init.pp | 6 +-- time/manifests/init.pp | 6 +-- user/manifests/init.pp | 2 +- util/manifests/init.pp | 4 +- vmware/manifests/init.pp | 2 +- vmware/manifests/server.pp | 14 +++---- vsroom/manifests/init.pp | 8 ++-- wiki/manifests/init.pp | 70 +++++++++++++++---------------- yum/manifests/init.pp | 10 ++--- 64 files changed, 512 insertions(+), 512 deletions(-) diff --git a/abusehelper/manifests/init.pp b/abusehelper/manifests/init.pp index aaaa585..8a6a04f 100644 --- a/abusehelper/manifests/init.pp +++ b/abusehelper/manifests/init.pp @@ -42,7 +42,7 @@ class abusehelper { file { "/usr/local/src/abusehelper.tar.gz": ensure => present, - mode => 0644, + mode => "0644", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", @@ -60,7 +60,7 @@ class abusehelper { } file { "/usr/local/src/idiokit.tar.gz": ensure => present, - mode => 0644, + mode => "0644", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", @@ -86,7 +86,7 @@ class abusehelper { if $abusehelper_datadir { file { $abusehelper_datadir: ensure => directory, - mode => 0750, + mode => "0750", owner => "root", group => "abusehel", require => User["abusehel"], @@ -100,7 +100,7 @@ class abusehelper { } else { file { "/var/lib/ah2": ensure => directory, - mode => 0750, + mode => "0750", owner => "root", group => "abusehel", require => User["abusehel"], diff --git a/alpine/manifests/init.pp b/alpine/manifests/init.pp index a4fe51c..5177083 100644 --- a/alpine/manifests/init.pp +++ b/alpine/manifests/init.pp @@ -21,9 +21,9 @@ class alpine { file { "/etc/pine.conf.fixed": ensure => present, content => template("alpine/pine.conf.fixed.erb"), - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", require => Package["alpine"], } diff --git a/amanda/manifests/init.pp b/amanda/manifests/init.pp index fb21914..8e4875e 100644 --- a/amanda/manifests/init.pp +++ b/amanda/manifests/init.pp @@ -2,16 +2,16 @@ class amanda::common { file { "/var/lib/amanda/.ssh": ensure => directory, - mode => 0700, - owner => amandabackup, - group => disk, + mode => "0700", + owner => "amandabackup", + group => "disk", } file { "/var/lib/amanda/.ssh/authorized_keys": ensure => present, - mode => 0600, - owner => amandabackup, - group => disk, + mode => "0600", + owner => "amandabackup", + group => "disk", require => File["/var/lib/amanda/.ssh"], } @@ -45,9 +45,9 @@ class amanda::client inherits amanda::common { file { "/etc/amanda/amanda-client.conf": ensure => present, - mode => 0644, - owner => amandabackup, - group => disk, + mode => "0644", + owner => "amandabackup", + group => "disk", content => template("amanda/amanda-client.conf.erb"), require => Package["amanda-enterprise-backup-client"], } diff --git a/apache/manifests/debian.pp b/apache/manifests/debian.pp index 2a57560..8fcccc4 100644 --- a/apache/manifests/debian.pp +++ b/apache/manifests/debian.pp @@ -14,7 +14,7 @@ class apache::debian::common { "/etc/apache2/conf.d", "/etc/apache2/sites-enabled", ]: ensure => directory, - mode => 0644, + mode => "0644", owner => root, group => root, require => Package["httpd"], @@ -31,7 +31,7 @@ class apache::debian::common { file { "/etc/apache2/envvars": ensure => present, content => template("apache/apache2.envvars.erb"), - mode => 0644, + mode => "0644", owner => root, group => root, before => File["/etc/apache2/apache2.conf"], @@ -42,7 +42,7 @@ class apache::debian::common { file { "/etc/apache2/httpd.conf": ensure => present, content => template("apache/apache2.httpd.conf.erb"), - mode => 0644, + mode => "0644", owner => root, group => root, before => File["/etc/apache2/apache2.conf"], @@ -53,7 +53,7 @@ class apache::debian::common { file { "/etc/apache2/ports.conf": ensure => present, content => "# HTTP server disabled\n", - mode => 0644, + mode => "0644", owner => root, group => root, before => File["/etc/apache2/apache2.conf"], @@ -64,7 +64,7 @@ class apache::debian::common { file { "/etc/apache2/apache2.conf": ensure => present, content => template("apache/apache2.conf.erb"), - mode => 0644, + mode => "0644", owner => root, group => root, notify => Service["apache2"], @@ -109,7 +109,7 @@ define apache::debian::site($aliases, $root, $redirect) { } else { file { "/srv/www/http/${site_fqdn}": ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => root, before => File[$site_conf], @@ -118,7 +118,7 @@ define apache::debian::site($aliases, $root, $redirect) { file { "/srv/www/log/http/${site_fqdn}": ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => root, before => File[$site_conf], @@ -128,7 +128,7 @@ define apache::debian::site($aliases, $root, $redirect) { file { $site_conf: ensure => present, - mode => 0644, + mode => "0644", owner => root, group => root, notify => Service["apache2"], @@ -144,7 +144,7 @@ define apache::debian::site($aliases, $root, $redirect) { } file { $site_confdir: ensure => directory, - mode => 0644, + mode => "0644", owner => root, group => root, purge => true, @@ -168,7 +168,7 @@ class apache::debian::sslserver inherits apache::debian::common { "/srv/www/log/https", "/srv/www/log/https/${homename}", ]: ensure => directory, - mode => 0644, + mode => "0644", owner => root, group => root, require => Package["httpd"], @@ -196,7 +196,7 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) } else { file { "/srv/www/https/${site_fqdn}": ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => root, before => Service["apache2"], @@ -205,7 +205,7 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) file { "/srv/www/log/https/${site_fqdn}": ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => root, before => Service["apache2"], @@ -221,7 +221,7 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) file { "/etc/ssl/certs/${site_fqdn}.crt": ensure => present, source => $real_ssl_cert, - mode => 0644, + mode => "0644", owner => root, group => root, notify => Service["apache2"], @@ -236,7 +236,7 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) file { "/etc/ssl/private/${site_fqdn}.key": ensure => present, source => $real_ssl_key, - mode => 0600, + mode => "0600", owner => root, group => root, notify => Service["apache2"], @@ -246,7 +246,7 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) file { "/etc/ssl/certs/${site_fqdn}.chain.crt": ensure => present, source => $ssl_chain, - mode => 0644, + mode => "0644", owner => root, group => root, notify => Service["apache2"], @@ -259,7 +259,7 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) file { $site_conf: ensure => present, content => template("apache/site.https.conf.erb"), - mode => 0644, + mode => "0644", owner => root, group => root, notify => Service["apache2"], @@ -269,7 +269,7 @@ define apache::debian::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) file { $site_confdir: ensure => directory, - mode => 0644, + mode => "0644", owner => root, group => root, purge => true, @@ -288,7 +288,7 @@ define apache::debian::configfile($source, $content, $http, $https) { file { "/etc/apache2/conf.d/${name}": ensure => present, - mode => 0644, + mode => "0644", owner => root, group => root, notify => Service["apache2"], @@ -334,7 +334,7 @@ define apache::debian::a2enmod($source="", $content="") { if $source or $content { file { "/etc/apache2/mods-available/${name}.conf": - mode => 0644, + mode => "0644", owner => root, group => root, notify => Service["apache2"], diff --git a/apache/manifests/init.pp b/apache/manifests/init.pp index e127da4..234f1dc 100644 --- a/apache/manifests/init.pp +++ b/apache/manifests/init.pp @@ -23,7 +23,7 @@ class apache::common { if $apache_datadir { file { $apache_datadir: ensure => directory, - mode => 0755, + mode => "0755", owner => "root", group => "root", seltype => "httpd_sys_content_t", @@ -37,7 +37,7 @@ class apache::common { } else { file { "/srv/www": ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => root, } @@ -45,7 +45,7 @@ class apache::common { file { "/srv/www/log": ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => root, require => File["/srv/www"], @@ -72,7 +72,7 @@ class apache::common { file { "/usr/local/sbin/www-logrotate.sh": ensure => present, source => "puppet:///modules/apache/www-logrotate.sh", - mode => 0755, + mode => "0755", owner => root, group => root, seluser => "system_u", @@ -697,7 +697,7 @@ class apache::webalizer { "/srv/www/webalizer/html/https", "/srv/www/webalizer/html", ]: ensure => directory, - mode => 0755, + mode => "0755", owner => $operatingsystem ? { debian => root, ubuntu => root, @@ -711,7 +711,7 @@ class apache::webalizer { "/etc/webalizer/http", "/etc/webalizer/https", ]: ensure => directory, - mode => 0644, + mode => "0644", owner => root, group => root, } @@ -741,7 +741,7 @@ class apache::webalizer { file { "/usr/local/sbin/www-webalizer.sh": ensure => present, source => "puppet:///modules/apache/www-webalizer.sh", - mode => 0755, + mode => "0755", owner => root, group => root, require => Package["webalizer"], @@ -770,7 +770,7 @@ define apache::webalizer::site($site_proto, $site_fqdn) { @file { "/etc/webalizer/${name}.conf": ensure => present, - mode => 0644, + mode => "0644", owner => root, group => root, content => template("apache/webalizer.conf.erb"), @@ -781,7 +781,7 @@ define apache::webalizer::site($site_proto, $site_fqdn) { @file { [ "/srv/www/webalizer/history/${name}", "/srv/www/webalizer/html/${name}", ]: ensure => directory, - mode => 0755, + mode => "0755", owner => $operatingsystem ? { debian => root, ubuntu => root, diff --git a/apache/manifests/redhat.pp b/apache/manifests/redhat.pp index 5621ee3..1b72443 100644 --- a/apache/manifests/redhat.pp +++ b/apache/manifests/redhat.pp @@ -7,7 +7,7 @@ class apache::redhat::server { "/srv/www/log/http", "/srv/www/log/http/${homename}", ]: ensure => directory, - mode => 0644, + mode => "0644", owner => root, group => root, require => Package["httpd"], @@ -24,7 +24,7 @@ class apache::redhat::server { file { "/etc/httpd/conf/httpd.conf": ensure => present, content => template("apache/httpd.conf.erb"), - mode => 0644, + mode => "0644", owner => root, group => root, require => Package["httpd"], @@ -62,7 +62,7 @@ define apache::redhat::site($aliases, $root, $redirect) { } else { file { "/srv/www/http/${site_fqdn}": ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => root, before => File[$site_conf], @@ -71,7 +71,7 @@ define apache::redhat::site($aliases, $root, $redirect) { file { "/srv/www/log/http/${site_fqdn}": ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => root, before => File[$site_conf], @@ -81,7 +81,7 @@ define apache::redhat::site($aliases, $root, $redirect) { file { $site_conf: ensure => present, - mode => 0644, + mode => "0644", owner => root, group => root, notify => Service["httpd"], @@ -97,7 +97,7 @@ define apache::redhat::site($aliases, $root, $redirect) { } file { $site_confdir: ensure => directory, - mode => 0644, + mode => "0644", owner => root, group => root, purge => true, @@ -126,7 +126,7 @@ class apache::redhat::sslserver { "/srv/www/log/https", "/srv/www/log/https/${homename}", ]: ensure => directory, - mode => 0644, + mode => "0644", owner => root, group => root, require => Package["httpd"], @@ -142,7 +142,7 @@ class apache::redhat::sslserver { file { "/etc/httpd/conf/httpsd.conf": ensure => present, - mode => 0644, + mode => "0644", owner => root, group => root, content => template("apache/httpsd.conf.erb"), @@ -153,7 +153,7 @@ class apache::redhat::sslserver { file { "/etc/init.d/httpsd": ensure => present, source => "puppet:///modules/apache/httpsd", - mode => 0755, + mode => "0755", owner => root, group => root, } @@ -197,7 +197,7 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) } else { file { "/srv/www/https/${site_fqdn}": ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => root, before => Service["httpsd"], @@ -206,7 +206,7 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) file { "/srv/www/log/https/${site_fqdn}": ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => root, before => Service["httpsd"], @@ -222,7 +222,7 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) file { "/etc/pki/tls/certs/${site_fqdn}.crt": ensure => present, source => $real_ssl_cert, - mode => 0644, + mode => "0644", owner => root, group => root, notify => Service["httpsd"], @@ -237,7 +237,7 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) file { "/etc/pki/tls/private/${site_fqdn}.key": ensure => present, source => $real_ssl_key, - mode => 0600, + mode => "0600", owner => root, group => root, notify => Service["httpsd"], @@ -247,7 +247,7 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) file { "/etc/pki/tls/certs/${site_fqdn}.chain.crt": ensure => present, source => $ssl_chain, - mode => 0644, + mode => "0644", owner => root, group => root, notify => Service["httpsd"], @@ -260,7 +260,7 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) file { $site_conf: ensure => present, content => template("apache/site.https.conf.erb"), - mode => 0644, + mode => "0644", owner => root, group => root, notify => Service["httpsd"], @@ -270,7 +270,7 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain) file { $site_confdir: ensure => directory, - mode => 0644, + mode => "0644", owner => root, group => root, purge => true, @@ -293,7 +293,7 @@ define apache::redhat::configfile($source, $content, $http, $https) { true => present, default => absent, }, - mode => 0644, + mode => "0644", owner => root, group => root, notify => Service["httpd"], @@ -326,7 +326,7 @@ define apache::redhat::configfile($source, $content, $http, $https) { true => present, default => absent, }, - mode => 0644, + mode => "0644", owner => root, group => root, notify => Service["httpsd"], diff --git a/apcupsd/manifests/init.pp b/apcupsd/manifests/init.pp index 8e94798..b32c56b 100644 --- a/apcupsd/manifests/init.pp +++ b/apcupsd/manifests/init.pp @@ -15,7 +15,7 @@ class apcupsd { file { "/etc/apcupsd/apcupsd.conf": ensure => present, - mode => 0644, + mode => "0644", owner => "root", group => "root", require => Package["apcupsd"], diff --git a/apt/manifests/init.pp b/apt/manifests/init.pp index 4db2eee..644d8ba 100644 --- a/apt/manifests/init.pp +++ b/apt/manifests/init.pp @@ -2,7 +2,7 @@ class apt { file { "/var/cache/apt/local-archives": ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => root, } @@ -97,7 +97,7 @@ class apt::sources { file { "/etc/apt/sources.list": ensure => present, - mode => 0644, + mode => "0644", owner => root, group => root, content => template("apt/sources.list.erb"), @@ -125,7 +125,7 @@ class apt::cacher { ensure => present, source => [ "puppet:///files/apt/apt-cacher.conf", "puppet:///modules/apt/apt-cacher.conf", ], - mode => 0644, + mode => "0644", owner => root, group => root, notify => Service["apt-cacher"], @@ -178,7 +178,7 @@ class apt::mirror { default => "/etc/apt/miror.list", }, content => template("apt/mirror.list.erb"), - mode => 0644, + mode => "0644", owner => root, group => root, require => Package["apt-mirror"], @@ -217,7 +217,7 @@ define apt::package($ensure, $source) { default => absent, }, source => $source, - mode => 0644, + mode => "0644", owner => root, group => root, require => File["/var/cache/apt/local-archives"], @@ -305,7 +305,7 @@ define apt::repo($ensure, $source, $dist="", $components="main", file { "/etc/apt/sources.list.d/${name}.list": ensure => $ensure, - mode => 0644, + mode => "0644", owner => root, group => root, content => $content, @@ -338,7 +338,7 @@ define apt::repo($ensure, $source, $dist="", $components="main", $origin = regsubst($source, "^([^:]+://)([^/]+)/.*$", "\\2") file { "/etc/apt/preferences.d/${name}.pref": ensure => $ensure, - mode => 0644, + mode => "0644", owner => root, group => root, content => $label ? { diff --git a/arduino/manifests/init.pp b/arduino/manifests/init.pp index e8c41c3..dad2a33 100644 --- a/arduino/manifests/init.pp +++ b/arduino/manifests/init.pp @@ -34,7 +34,7 @@ class arduino { file { "/usr/local/src/arduino.tgz": ensure => present, source => "puppet:///files/packages/${arduino_package}", - mode => 0644, + mode => "0644", owner => "root", group => "root", } diff --git a/autofs/manifests/init.pp b/autofs/manifests/init.pp index 07a2d11..0af45c0 100644 --- a/autofs/manifests/init.pp +++ b/autofs/manifests/init.pp @@ -17,9 +17,9 @@ class autofs { source => [ "puppet:///files/autofs/auto.master.${fqdn}", "puppet:///files/autofs/auto.master", "puppet:///modules/autofs/auto.master", ], - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", require => Package["autofs"], notify => Service["autofs"], } diff --git a/avahi/manifests/init.pp b/avahi/manifests/init.pp index 4bcf48b..1951dbe 100644 --- a/avahi/manifests/init.pp +++ b/avahi/manifests/init.pp @@ -33,7 +33,7 @@ class avahi::daemon { force => true, recurse => true, source => "puppet:///modules/custom/empty", - mode => 0755, + mode => "0755", owner => root, group => $operatingsystem ? { openbsd => wheel, @@ -94,7 +94,7 @@ define avahi::service($port = "AUTO", $description = "%h", $ensure = "present", file { "/etc/avahi/services/${filename}": ensure => $ensure, content => template("avahi/service.erb"), - mode => 0644, + mode => "0644", owner => root, group => $operatingsystem ? { openbsd => wheel, diff --git a/backuppc/manifests/init.pp b/backuppc/manifests/init.pp index 66822a6..e92d756 100644 --- a/backuppc/manifests/init.pp +++ b/backuppc/manifests/init.pp @@ -22,7 +22,7 @@ define backuppc::manualclient($ensure = "present", $operatingsystem = "default") "puppet:///files/backuppc/${operatingsystem}.pl", "puppet:///files/backuppc/default.pl", "puppet:///modules/backuppc/default.pl", ], - mode => 0640, + mode => "0640", owner => root, group => backuppc, tag => "backuppc", @@ -65,7 +65,7 @@ class backuppc::server { if $backuppc_datadir { file { $backuppc_datadir: ensure => directory, - mode => 0750, + mode => "0750", owner => "backuppc", group => "root", require => Package["BackupPC"], @@ -88,7 +88,7 @@ class backuppc::server { file { "/usr/share/BackupPC/sbin/.htaccess": ensure => present, - mode => 0644, + mode => "0644", owner => "root", group => "root", source => [ "puppet:///files/backuppc/htaccess", @@ -98,7 +98,7 @@ class backuppc::server { file { "/usr/share/BackupPC/sbin/BackupPC_Admin": ensure => present, - mode => 4750, + mode => "4750", owner => "backuppc", group => $apache::sslserver::group, require => Package["BackupPC"], @@ -114,7 +114,7 @@ class backuppc::server { file { "/etc/BackupPC/apache.users": ensure => present, - mode => 0640, + mode => "0640", owner => "root", group => $apache::sslserver::group, seltype => $operatingsystem ? { @@ -130,7 +130,7 @@ class backuppc::server { file { "/etc/BackupPC/config.pl": ensure => present, source => "puppet:///files/backuppc/config.pl", - mode => 0440, + mode => "0440", owner => "backuppc", group => "backuppc", seltype => $operatingsystem ? { @@ -148,7 +148,7 @@ class backuppc::server { ensure => present, source => [ "puppet:///files/backuppc/hosts.in", "puppet:///modules/backuppc/hosts.in", ], - mode => 0644, + mode => "0644", owner => "root", group => "backuppc", seltype => $operatingsystem ? { @@ -167,7 +167,7 @@ class backuppc::server { purge => true, force => true, recurse => true, - mode => 0640, + mode => "0640", owner => "root", group => "backuppc", seltype => $operatingsystem ? { @@ -208,14 +208,14 @@ class backuppc::server { file { "/var/lib/BackupPC/.ssh": ensure => directory, - mode => 0750, + mode => "0750", owner => "root", group => "backuppc", } file { "/var/lib/BackupPC/.ssh/id_rsa": ensure => present, source => "/etc/ssh/ssh_host_rsa_key", - mode => 0640, + mode => "0640", owner => "root", group => "backuppc", require => File["/var/lib/BackupPC/.ssh"], @@ -224,7 +224,7 @@ class backuppc::server { file { "/var/lib/BackupPC/.ssh/id_rsa.pub": ensure => present, source => "/etc/ssh/ssh_host_rsa_key.pub", - mode => 0640, + mode => "0640", owner => "root", group => "backuppc", require => File["/var/lib/BackupPC/.ssh"], diff --git a/clarified/manifests/init.pp b/clarified/manifests/init.pp index da32e3c..edaf916 100644 --- a/clarified/manifests/init.pp +++ b/clarified/manifests/init.pp @@ -14,7 +14,7 @@ class clarified::analyzer { file { "/usr/local/src/clarified-analyzer-linux-i686.sh": ensure => present, - mode => 0755, + mode => "0755", owner => root, group => root, source => "puppet:///files/packages/${clarified_analyzer_package}", @@ -51,7 +51,7 @@ class clarified::recorder { if $recorder_datadir { file { $recorder_datadir: ensure => directory, - mode => 0700, + mode => "0700", owner => root, group => root, } @@ -64,7 +64,7 @@ class clarified::recorder { } else { file { "/var/lib/recorder": ensure => directory, - mode => 0700, + mode => "0700", owner => root, group => root, } @@ -74,7 +74,7 @@ class clarified::recorder { "/etc/clarified/probe.d", "/etc/clarified/remote.d", ]: ensure => directory, - mode => 0644, + mode => "0644", owner => root, group => root, before => Exec["/usr/local/src/clarified-recorder-linux-i686.sh"], @@ -89,7 +89,7 @@ class clarified::recorder { file { "/usr/local/src/clarified-recorder-linux-i686.sh": ensure => present, - mode => 0755, + mode => "0755", owner => root, group => root, source => "puppet:///files/packages/${clarified_recorder_package}", @@ -118,7 +118,7 @@ class clarified::recorder { file { "/etc/init.d/clarified-probe": ensure => present, - mode => 0755, + mode => "0755", owner => root, group => root, source => "/usr/local/probe/probe-init.sh", @@ -186,7 +186,7 @@ define clarified::probe($interface="", $snaplen="65535", $keeptime="100GB", true => present, false => absent, }, - mode => 0755, + mode => "0755", owner => root, group => root, content => template("clarified/probe.erb"), @@ -199,7 +199,7 @@ define clarified::probe($interface="", $snaplen="65535", $keeptime="100GB", true => present, false => absent, }, - mode => 0755, + mode => "0755", owner => root, group => root, content => template("clarified/remote.erb"), @@ -209,7 +209,7 @@ define clarified::probe($interface="", $snaplen="65535", $keeptime="100GB", file { "/var/lib/recorder/${name}": ensure => directory, - mode => 0700, + mode => "0700", owner => root, group => root, require => File["/var/lib/recorder"], diff --git a/cups/manifests/init.pp b/cups/manifests/init.pp index 52ab339..07efd87 100644 --- a/cups/manifests/init.pp +++ b/cups/manifests/init.pp @@ -10,7 +10,7 @@ class cups::client { file { "/etc/cups/client.conf": ensure => present, content => template("cups/client.conf.erb"), - mode => 0644, + mode => "0644", owner => root, group => $operatingsystem ? { openbsd => wheel, @@ -49,7 +49,7 @@ class cups::server inherits cups::client { source => [ "puppet:///files/cups/cupsd.conf.${fqdn}", "puppet:///files/cups/cupsd.conf", "puppet:///modules/cups/cupsd.conf", ], - mode => 0640, + mode => "0640", owner => root, group => lp, require => Package["cups"], @@ -64,7 +64,7 @@ class cups::server inherits cups::client { file { "/etc/cups/ppd": ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => lp, require => Package["cups"], @@ -136,7 +136,7 @@ define cups::printer($uri, $ensure = present) { ensure => $ensure, source => [ "puppet:///files/cups/${name}.ppd", "puppet:///modules/cups/postscript.ppd" ], - mode => 0644, + mode => "0644", owner => root, group => root, require => $ensure ? { @@ -178,7 +178,7 @@ class cups::samba { "/usr/share/cups/drivers", "/usr/share/cups/drivers/x64", ]: ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => root, require => [ Package["samba"], @@ -189,7 +189,7 @@ class cups::samba { file { "/usr/share/cups/drivers/${name}": ensure => present, source => "puppet:///modules/cups/drivers/${name}", - mode => 0644, + mode => "0644", owner => root, group => root, require => [ File["/usr/share/cups/drivers"], @@ -220,7 +220,7 @@ class cups::samba { file { "/etc/cron.hourly/update-printer-inf.sh": ensure => present, source => "puppet:///modules/cups/update-printer-inf.sh", - mode => 0755, + mode => "0755", owner => root, group => root, } @@ -239,7 +239,7 @@ class cups::snmp { file { "/etc/cron.hourly/printer-details.py": ensure => present, source => "puppet:///modules/cups/printer-details.py", - mode => 0755, + mode => "0755", owner => root, group => root, require => Package["net-snmp-utils"], diff --git a/custom/manifests/init.pp b/custom/manifests/init.pp index 1c93848..3124de1 100644 --- a/custom/manifests/init.pp +++ b/custom/manifests/init.pp @@ -3,7 +3,7 @@ class custom { file { "/srv": ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => $operatingsystem ? { OpenBSD => wheel, diff --git a/daap/manifests/init.pp b/daap/manifests/init.pp index 8146d14..d9b1df6 100644 --- a/daap/manifests/init.pp +++ b/daap/manifests/init.pp @@ -19,7 +19,7 @@ class daap::server { file { "/etc/mt-daapd.conf": ensure => present, source => "puppet:///files/daap/mt-daapd.conf", - mode => 0640, + mode => "0640", owner => root, group => mt-daapd, require => Package["mt-daapd"], diff --git a/dhcp/manifests/init.pp b/dhcp/manifests/init.pp index 403c975..2ab66c5 100644 --- a/dhcp/manifests/init.pp +++ b/dhcp/manifests/init.pp @@ -37,7 +37,7 @@ class dhcp::server::common { if $operatingsystem == "OpenBSD" and $operatingsystemrelease !~ /4\.[1-8]/ { file { "/etc/rc.d/isc_dhcpd": ensure => present, - mode => 0555, + mode => "0555", owner => "root", group => "bin", source => "puppet:///modules/dhcp/isc_dhcpd.rc", @@ -82,7 +82,7 @@ class dhcp::server inherits dhcp::server::common { ensure => present, source => [ "puppet:///files/dhcp/dhcpd.conf.${fqdn}", "puppet:///files/dhcp/dhcpd.conf", ], - mode => 0644, + mode => "0644", owner => root, group => $operatingsystem ? { openbsd => wheel, @@ -101,7 +101,7 @@ class dhcp::server::ldap inherits dhcp::server::common { file { "/usr/local/sbin/dhcpdump.py": ensure => present, source => "puppet:///modules/dhcp/dhcpdump.py", - mode => 0755, + mode => "0755", owner => root, group => $operatingsystem ? { OpenBSD => wheel, @@ -113,7 +113,7 @@ class dhcp::server::ldap inherits dhcp::server::common { ensure => present, source => [ "puppet:///files/dhcp/dhcpd.conf.in.${hostname}", "puppet:///files/dhcp/dhcpd.conf.in", ], - mode => 0644, + mode => "0644", owner => root, group => $operatingsystem ? { OpenBSD => wheel, diff --git a/dns/manifests/init.pp b/dns/manifests/init.pp index 8e81573..fc24b5f 100644 --- a/dns/manifests/init.pp +++ b/dns/manifests/init.pp @@ -64,7 +64,7 @@ class dns::server { file { "${chroot}${rndckey}": ensure => present, - mode => 0640, + mode => "0640", owner => "root", group => $group, require => $operatingsystem ? { @@ -113,7 +113,7 @@ class dns::server { file { "named.conf": ensure => present, path => "${chroot}${config}", - mode => 0640, + mode => "0640", owner => "root", group => $group, require => $operatingsystem ? { @@ -125,7 +125,7 @@ class dns::server { file { "/usr/local/sbin/generate-named-conf.sh": ensure => present, content => template("dns/generate-named-conf.sh.erb"), - mode => 0755, + mode => "0755", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", @@ -147,7 +147,7 @@ class dns::server { source => [ "puppet:///files/dns/named.conf.options.${fqdn}", "puppet:///files/dns/named.conf.options", "puppet:///modules/dns/named.conf.options", ], - mode => 0640, + mode => "0640", owner => "root", group => $group, require => $operatingsystem ? { @@ -162,7 +162,7 @@ class dns::server { source => [ "puppet:///files/dns/named.conf.local.${fqdn}", "puppet:///files/dns/named.conf.local", "puppet:///modules/dns/named.conf.local", ], - mode => 0640, + mode => "0640", owner => "root", group => $group, require => $operatingsystem ? { @@ -234,7 +234,7 @@ define dns::zone($role = "master", $master = "", $slaves = [], $source = "AUTO") file { "${dns::server::chroot}${dns::server::confdir}/zone.${zonefile}": ensure => present, content => template("dns/zone.$role.erb"), - mode => 0640, + mode => "0640", owner => "root", group => $dns::server::group, require => $operatingsystem ? { @@ -249,7 +249,7 @@ define dns::zone($role = "master", $master = "", $slaves = [], $source = "AUTO") file { "${dns::server::chroot}${zonedir}/db.${zonefile}": ensure => present, source => $source, - mode => 0640, + mode => "0640", owner => "root", group => $dns::server::group, require => $operatingsystem ? { @@ -262,7 +262,7 @@ define dns::zone($role = "master", $master = "", $slaves = [], $source = "AUTO") file { "${dns::server::chroot}${zonedir}/db.${zonefile}": ensure => present, content => template("dns/db.erb"), - mode => 0640, + mode => "0640", owner => "root", group => $dns::server::group, require => $operatingsystem ? { @@ -275,7 +275,7 @@ define dns::zone($role = "master", $master = "", $slaves = [], $source = "AUTO") ensure => present, source => [ "puppet:///files/dns/db.${zonefile}-dynamic.${homename}", "puppet:///modules/dns/empty", ], - mode => 0640, + mode => "0640", owner => "root", group => $dns::server::group, require => $operatingsystem ? { @@ -288,7 +288,7 @@ define dns::zone($role = "master", $master = "", $slaves = [], $source = "AUTO") ensure => present, source => [ "puppet:///files/dns/db.${zonefile}-static.${homename}", "puppet:///modules/dns/empty", ], - mode => 0640, + mode => "0640", owner => "root", group => $dns::server::group, require => $operatingsystem ? { @@ -328,7 +328,7 @@ class dns::nsupdate { file { "/usr/local/sbin/nsupdate.sh": ensure => present, content => template("dns/nsupdate.sh.erb"), - mode => 0700, + mode => "0700", owner => root, group => $operatingsystem ? { openbsd => wheel, diff --git a/dovecot/manifests/init.pp b/dovecot/manifests/init.pp index 3cb4b38..ddfe4b1 100644 --- a/dovecot/manifests/init.pp +++ b/dovecot/manifests/init.pp @@ -46,9 +46,9 @@ class dovecot::server inherits dovecot::common { file { "$dovecot_ssl_dir/private/dovecot.csr": ensure => present, source => $dovecot_ssl_csr, - mode => 0640, - owner => root, - group => root, + mode => "0640", + owner => "root", + group => "root", notify => Service["dovecot"], } } @@ -57,9 +57,9 @@ class dovecot::server inherits dovecot::common { file { "$dovecot_ssl_dir/certs/dovecot.ca.crt": ensure => present, source => $dovecot_ssl_ca, - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", notify => Service["dovecot"], } } @@ -68,9 +68,9 @@ class dovecot::server inherits dovecot::common { file { "$dovecot_ssl_dir/certs/dovecot.crt": ensure => present, source => $dovecot_ssl_cert, - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", notify => Service["dovecot"], } } else { @@ -81,9 +81,9 @@ class dovecot::server inherits dovecot::common { file { "$dovecot_ssl_dir/private/dovecot.key": ensure => present, source => $dovecot_ssl_key, - mode => 0600, - owner => root, - group => root, + mode => "0600", + owner => "root", + group => "root", notify => Service["dovecot"], } } else { @@ -93,9 +93,9 @@ class dovecot::server inherits dovecot::common { file { "/etc/dovecot.conf": ensure => present, content => template("dovecot/dovecot.conf.erb"), - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", notify => Service["dovecot"], } diff --git a/ejabberd/manifests/init.pp b/ejabberd/manifests/init.pp index 4900ad5..b5a5112 100644 --- a/ejabberd/manifests/init.pp +++ b/ejabberd/manifests/init.pp @@ -55,26 +55,26 @@ class ejabberd { file { "${cert_prefix}/private/ejabberd.key": ensure => present, source => $ejabberd_ssl_key, - mode => 0600, - owner => root, - group => root, + mode => "0600", + owner => "root", + group => "root", notify => Exec["generate-ejabberd-pem"], } file { "${cert_prefix}/certs/ejabberd.crt": ensure => present, source => $ejabberd_ssl_cert, - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", notify => Exec["generate-ejabberd-pem"], } if $ejabberd_ssl_chain { file { "${cert_prefix}/certs/ejabberd.chain.crt": ensure => present, source => $ejabberd_ssl_chain, - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", notify => Exec["generate-ejabberd-pem"], } $cert_files = "private/ejabberd.key certs/ejabberd.crt certs/ejabberd.chain.crt" @@ -94,7 +94,7 @@ class ejabberd { file { "/etc/ejabberd/ejabberd.pem": ensure => present, - mode => 0640, + mode => "0640", owner => "root", group => "ejabberd", require => Package["ejabberd"], @@ -102,7 +102,7 @@ class ejabberd { file { "/etc/ejabberd/ejabberd.cfg": ensure => present, - mode => 0640, + mode => "0640", owner => "root", group => "ejabberd", content => template("ejabberd/ejabberd.cfg.erb"), @@ -121,14 +121,14 @@ class ejabberd { if $ejabberd_webhosts { file { "/var/www/jabber": ensure => directory, - mode => 0755, + mode => "0755", owner => "root", group => "root", } file { "/var/www/jabber/.htaccess": ensure => present, - mode => 0644, + mode => "0644", owner => "root", group => "root", source => "puppet:///modules/ejabberd/htaccess", @@ -181,7 +181,7 @@ class ejabberd::collab inherits ejabberd { } file { "/usr/local/src/${ejabberd_package}": ensure => present, - mode => 0644, + mode => "0644", owner => "root", group => "root", source => "puppet:///files/packages/${ejabberd_package}", @@ -215,17 +215,17 @@ class ejabberd::backup { file { $ejabberd_backup_datadir: ensure => directory, - mode => 0700, - owner => root, - group => root, + mode => "0700", + owner => "root", + group => "root", } file { "/usr/local/sbin/ejabberd-backup": ensure => present, content => template("ejabberd/ejabberd-backup.erb"), - mode => 0755, - owner => root, - group => root, + mode => "0755", + owner => "root", + group => "root", } cron { "ejabberd-backup": diff --git a/firewall/manifests/init.pp b/firewall/manifests/init.pp index 773f39b..4b4f5f3 100644 --- a/firewall/manifests/init.pp +++ b/firewall/manifests/init.pp @@ -91,9 +91,9 @@ class firewall::common::iptables { default => "/etc/sysconfig/iptables", }, ensure => present, - mode => 0600, - owner => root, - group => root, + mode => "0600", + owner => "root", + group => "root", require => Package["iptables"], notify => Service["iptables"], } @@ -103,9 +103,9 @@ class firewall::common::iptables { $ip6states = versioncmp($kernelversion, "2.6.20") file { "/etc/sysconfig/ip6tables": ensure => present, - mode => 0600, - owner => root, - group => root, + mode => "0600", + owner => "root", + group => "root", require => Package["iptables"], notify => Service["ip6tables"], } @@ -177,9 +177,9 @@ class firewall::common::pf { file { "/etc/pf.conf": ensure => present, - mode => 0600, - owner => root, - group => wheel, + mode => "0600", + owner => "root", + group => "wheel", notify => Exec["pfctl -f /etc/pf.conf"], } diff --git a/func/manifests/init.pp b/func/manifests/init.pp index 28f64f2..c809e5c 100644 --- a/func/manifests/init.pp +++ b/func/manifests/init.pp @@ -9,9 +9,9 @@ class func::minion { ensure => present, source => [ "puppet:///files/func/minion.conf", "puppet:///modules/func/minion.conf", ], - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", require => Package["func"], notify => Service["funcd"], } @@ -19,27 +19,27 @@ class func::minion { file { "/etc/pki/certmaster/${hostname}.pem": ensure => present, source => "${puppet_ssldir}/private_keys/${fqdn}.pem", - mode => 0600, - owner => root, - group => root, + mode => "0600", + owner => "root", + group => "root", require => Package["func"], notify => Service["funcd"], } file { "/etc/pki/certmaster/${hostname}.cert": ensure => present, source => "${puppet_ssldir}/certs/${fqdn}.pem", - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", require => Package["func"], notify => Service["funcd"], } file { "/etc/pki/certmaster/ca.cert": ensure => present, source => "${puppet_ssldir}/certs/ca.pem", - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", require => Package["func"], notify => Service["funcd"], } @@ -56,9 +56,9 @@ class func::server inherits func::minion { file { "/etc/pki/certmaster/ca": ensure => directory, - mode => 0750, - owner => root, - group => sysadm, + mode => "0750", + owner => "root", + group => "sysadm", } exec { "umask 077; openssl rsa -in ${puppet_ssldir}/ca/ca_key.pem -out /etc/pki/certmaster/ca/certmaster.key -passin file:${puppet_ssldir}/ca/private/ca.pass": path => "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin", @@ -68,17 +68,17 @@ class func::server inherits func::minion { file { "/etc/pki/certmaster/ca/certmaster.crt": ensure => present, source => "${puppet_ssldir}/ca/ca_crt.pem", - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", require => File["/etc/pki/certmaster/ca"], } file { "/var/lib/certmaster/certmaster": ensure => directory, - mode => 0755, - owner => root, - group => root, + mode => "0755", + owner => "root", + group => "root", } file { "/var/lib/certmaster/certmaster/certs": ensure => link, @@ -89,9 +89,9 @@ class func::server inherits func::minion { ensure => present, source => [ "puppet:///files/func/certmaster.conf", "puppet:///modules/func/certmaster.conf", ], - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", require => Package["func"], } diff --git a/git/manifests/init.pp b/git/manifests/init.pp index 6679770..13b6910 100644 --- a/git/manifests/init.pp +++ b/git/manifests/init.pp @@ -28,9 +28,9 @@ class git::server { if $git_datadir { file { $git_datadir: ensure => directory, - mode => 0755, - owner => root, - group => root, + mode => "0755", + owner => "root", + group => "root", } file { "/srv/git": ensure => link, @@ -40,9 +40,9 @@ class git::server { } else { file { "/srv/git": ensure => directory, - mode => 0755, - owner => root, - group => root, + mode => "0755", + owner => "root", + group => "root", seltype => "httpd_sys_content_t", } } @@ -108,9 +108,9 @@ class git::gitweb inherits git::server { source => [ "puppet:///files/git/gitweb_config.perl.${fqdn}", "puppet:///files/git/gitweb_config.perl", "puppet:///modules/git/gitweb_config.perl", ], - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", require => Package["gitweb"], } diff --git a/hastymail/manifests/init.pp b/hastymail/manifests/init.pp index fb76ea8..2ae8b10 100644 --- a/hastymail/manifests/init.pp +++ b/hastymail/manifests/init.pp @@ -12,7 +12,7 @@ class hastymail { file { "/usr/local/src/hastymail.tar.gz": ensure => present, source => "puppet:///files/packages/$hastymail_package", - mode => 0644, + mode => "0644", owner => "root", group => "root", links => follow, @@ -26,7 +26,7 @@ class hastymail { file { "/etc/hastymail2": ensure => directory, - mode => 0750, + mode => "0750", owner => "root", group => $apache::sslserver::group, } @@ -34,7 +34,7 @@ class hastymail { ensure => present, source => [ "puppet:///private/hastymail2.conf", "puppet:///files/mail/hastymail2.conf", ], - mode => 0640, + mode => "0640", owner => "root", group => $apache::sslserver::group, require => File["/etc/hastymail2"], @@ -48,7 +48,7 @@ class hastymail { } file { "/etc/hastymail2/hastymail2.rc": ensure => present, - mode => 0640, + mode => "0640", owner => "root", group => $apache::sslserver::group, } diff --git a/ifstated/manifests/init.pp b/ifstated/manifests/init.pp index 7a9416a..14dcc5f 100644 --- a/ifstated/manifests/init.pp +++ b/ifstated/manifests/init.pp @@ -8,9 +8,9 @@ class ifstated { source => [ "puppet:///private/ifstated.conf", "puppet:///files/firewall/ifstated.conf.${fqdn}", "puppet:///files/firewall/ifstated.conf", ], - mode => 0644, - owner => root, - group => wheel, + mode => "0644", + owner => "root", + group => "wheel", notify => Service["ifstated"], } diff --git a/irc/manifests/init.pp b/irc/manifests/init.pp index 531be14..a72e920 100644 --- a/irc/manifests/init.pp +++ b/irc/manifests/init.pp @@ -8,9 +8,9 @@ class irc::server { file { "/var/lib/ratbox": ensure => directory, - owner => irc, - group => irc, - mode => 0700, + owner => "irc", + group => "irc", + mode => "0700", require => Package["ircd-ratbox"], } @@ -27,9 +27,9 @@ class irc::services inherits irc::server { file { "/var/lib/ratbox-services": ensure => directory, - owner => irc, - group => irc, - mode => 0700, + owner => "irc", + group => "irc", + mode => "0700", require => Package["ircd-ratbox", "ratbox-services-sqlite"], } @@ -46,17 +46,17 @@ define irc::network($desc, $servername, $serverdesc, file { "/var/lib/ratbox/${name}": ensure => directory, - owner => irc, - group => irc, - mode => 0700, + owner => "irc", + group => "irc", + mode => "0700", require => File["/var/lib/ratbox"], } file { "/var/lib/ratbox/${name}/ircd.conf": ensure => present, - mode => 0600, - owner => irc, - group => irc, + mode => "0600", + owner => "irc", + group => "irc", content => $services ? { true => template("irc/ircd-ratbox.conf.erb", "irc/ircd-ratbox-services.conf.erb"), false => template("irc/ircd-ratbox.conf.erb"), @@ -68,14 +68,14 @@ define irc::network($desc, $servername, $serverdesc, ssl::certificate { "/var/lib/ratbox/${name}/ircd.pem": cn => $servername, - mode => 0600, + mode => "0600", owner => "irc", group => "irc", require => File["/var/lib/ratbox/${name}"], } ssl::dhparam { "/var/lib/ratbox/${name}/dh.pem": - mode => 0600, + mode => "0600", owner => "irc", group => "irc", require => File["/var/lib/ratbox/${name}"], @@ -83,7 +83,7 @@ define irc::network($desc, $servername, $serverdesc, file { "/etc/init.d/ircd-${name}": ensure => present, - mode => 0755, + mode => "0755", owner => root, group => root, content => template("irc/ircd-ratbox.init.erb"), @@ -125,9 +125,9 @@ define irc::network($desc, $servername, $serverdesc, "/var/lib/ratbox-services/${name}/var/run", "/var/lib/ratbox-services/${name}/var/run/ratbox-services", ]: ensure => directory, - owner => irc, - group => irc, - mode => 0600, + owner => "irc", + group => "irc", + mode => "0600", before => Service["ratbox-services-${name}"], require => File["/var/lib/ratbox-services"], } @@ -139,9 +139,9 @@ define irc::network($desc, $servername, $serverdesc, file { "/var/lib/ratbox-services/${name}/etc/ratbox-services/ratbox-services.conf": ensure => present, - mode => 0600, - owner => irc, - group => irc, + mode => "0600", + owner => "irc", + group => "irc", content => template("irc/ratbox-services.conf.erb"), before => Service["ratbox-services-${name}"], notify => Service["ratbox-services-${name}"], @@ -150,9 +150,9 @@ define irc::network($desc, $servername, $serverdesc, file { "/var/lib/ratbox-services/${name}/etc/ratbox-services/ratbox-services.db": ensure => present, - mode => 0600, - owner => irc, - group => irc, + mode => "0600", + owner => "irc", + group => "irc", source => "/etc/ratbox-services/ratbox-services.db", replace => false, before => Service["ratbox-services-${name}"], @@ -161,9 +161,9 @@ define irc::network($desc, $servername, $serverdesc, file { "/etc/init.d/ratbox-services-${name}": ensure => present, - mode => 0755, - owner => root, - group => root, + mode => "0755", + owner => "root", + group => "root", content => template("irc/ratbox-services.init.erb"), before => Service["ratbox-services-${name}"], notify => Exec["enable-ratbox-services-${name}"], diff --git a/iscsi/manifests/init.pp b/iscsi/manifests/init.pp index 819651b..8e78887 100644 --- a/iscsi/manifests/init.pp +++ b/iscsi/manifests/init.pp @@ -18,7 +18,7 @@ class iscsi::server { source => [ "puppet:///files/iscsi/targets.conf.${fqdn}", "puppet:///files/iscsi/targets.conf", "puppet:///modules/iscsi/targets.conf", ], - mode => 0600, + mode => "0600", owner => root, group => root, require => Package["scsi-target-utils"], @@ -26,7 +26,7 @@ class iscsi::server { file { "/etc/tgt/target.d": ensure => directory, - mode => 0700, + mode => "0700", owner => root, group => root, require => Package["scsi-target-utils"], @@ -78,7 +78,7 @@ define iscsi::target($tid, $initiator = "ALL", $ensure = "present") { file { "/etc/tgt/target.d/${tid}.conf": ensure => present, content => template("iscsi/tid.conf.erb"), - mode => 0600, + mode => "0600", owner => root, group => root, require => File["/etc/tgt/target.d"], diff --git a/kerberos/manifests/init.pp b/kerberos/manifests/init.pp index 91fe76f..8ccfdd1 100644 --- a/kerberos/manifests/init.pp +++ b/kerberos/manifests/init.pp @@ -33,11 +33,11 @@ class kerberos::client { }, ensure => present, content => template("kerberos/krb5.conf.erb"), - mode => 0644, - owner => root, + mode => "0644", + owner => "root", group => $operatingsystem ? { - openbsd => wheel, - default => root, + openbsd => "wheel", + default => "root", }, } @@ -105,7 +105,7 @@ class kerberos::server inherits kerberos::client { if $kerberos_datadir { file { $kerberos_datadir: ensure => directory, - mode => 0600, + mode => "0600", owner => "root", group => "root", } @@ -119,7 +119,7 @@ class kerberos::server inherits kerberos::client { } else { file { "/srv/kerberos": ensure => directory, - mode => 0600, + mode => "0600", owner => "root", group => "root", } @@ -128,7 +128,7 @@ class kerberos::server inherits kerberos::client { file { "/var/kerberos/krb5kdc/kdc.conf": ensure => present, content => template("kerberos/kdc.conf.erb"), - mode => 0600, + mode => "0600", owner => "root", group => "root", require => [ Package["krb5-server"], diff --git a/ldap/manifests/init.pp b/ldap/manifests/init.pp index 74d03a5..96fd654 100644 --- a/ldap/manifests/init.pp +++ b/ldap/manifests/init.pp @@ -184,7 +184,7 @@ class ldap::auth inherits ldap::client { file { "/etc/login.conf": ensure => present, content => template("ldap/login.conf.erb"), - mode => 0644, + mode => "0644", owner => root, group => wheel, require => [ File["/etc/openldap/ldap.conf"], @@ -231,7 +231,7 @@ class ldap::client { "ubuntu" => "/etc/ldap/ldap.conf", default => "/etc/openldap/ldap.conf", }, - mode => 0644, + mode => "0644", owner => root, group => $operatingsystem ? { "darwin" => wheel, @@ -353,7 +353,7 @@ class ldap::server { file { "${ssl::certs}/slapd.crt": ensure => present, source => $ldap_server_cert, - mode => 0644, + mode => "0644", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", @@ -365,7 +365,7 @@ class ldap::server { file { "${ssl::private}/slapd.key": ensure => present, source => $ldap_server_key, - mode => 0640, + mode => "0640", owner => "root", group => $group, require => Package["openldap-server"], @@ -376,7 +376,7 @@ class ldap::server { ensure => present, path => "${config}/slapd.conf", content => template("ldap/slapd.conf.erb"), - mode => 0640, + mode => "0640", owner => "root", group => $group, notify => Service["slapd"], @@ -385,7 +385,7 @@ class ldap::server { file { "${config}/slapd.conf.d": ensure => directory, source => "puppet:///modules/custom/empty", - mode => 0750, + mode => "0750", owner => "root", group => $group, purge => true, @@ -398,7 +398,7 @@ class ldap::server { file { "/etc/sysconfig/ldap": ensure => present, source => "puppet:///modules/ldap/ldap.sysconfig", - mode => 0644, + mode => "0644", owner => "root", group => "root", notify => Service["slapd"], @@ -420,7 +420,7 @@ class ldap::server { if $ldap_datadir { file { $ldap_datadir: ensure => directory, - mode => 0700, + mode => "0700", owner => $user, group => $group, require => Package["openldap-server"], @@ -433,7 +433,7 @@ class ldap::server { } else { file { "/srv/ldap": ensure => directory, - mode => 0700, + mode => "0700", owner => $user, group => $group, require => Package["openldap-server"], @@ -443,7 +443,7 @@ class ldap::server { file { "${config}/schema": ensure => directory, source => "puppet:///modules/custom/empty", - mode => 0755, + mode => "0755", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", @@ -456,7 +456,7 @@ class ldap::server { } file { "${config}/slapd.conf.d/schema.conf": ensure => present, - mode => 0640, + mode => "0640", owner => "root", group => $group, require => Exec["generate-slapd-schema-config"], @@ -473,7 +473,7 @@ class ldap::server { file { "${config}/slapd.conf.d/database.conf": ensure => present, - mode => 0640, + mode => "0640", owner => "root", group => $group, require => Exec["generate-slapd-database-config"], @@ -509,7 +509,7 @@ define ldap::server::database($aclsource = "") { file { "${ldap::server::config}/slapd.conf.d/db.${name}.conf": ensure => present, content => template("ldap/slapd-database.conf.erb"), - mode => 0640, + mode => "0640", owner => "root", group => $ldap::server::group, notify => Exec["generate-slapd-database-config"], @@ -525,7 +525,7 @@ define ldap::server::database($aclsource = "") { "" => template("ldap/slapd-acl.conf.erb"), default => undef, }, - mode => 0640, + mode => "0640", owner => "root", group => $ldap::server::group, notify => Service["slapd"], @@ -536,7 +536,7 @@ define ldap::server::database($aclsource = "") { source => [ "puppet:///files/ldap/slapd-index.conf.${name}", "puppet:///files/ldap/slapd-index.conf", "puppet:///modules/ldap/slapd-index.conf", ], - mode => 0640, + mode => "0640", owner => "root", group => $ldap::server::group, notify => Service["slapd"], @@ -544,7 +544,7 @@ define ldap::server::database($aclsource = "") { file { "/srv/ldap/${name}": ensure => directory, - mode => 0700, + mode => "0700", owner => $ldap::server::user, group => $ldap::server::group, require => File["/srv/ldap"], @@ -555,7 +555,7 @@ define ldap::server::database($aclsource = "") { source => [ "puppet:///files/ldap/DB_CONFIG.${name}", "puppet:///files/ldap/DB_CONFIG", "puppet:///modules/ldap/DB_CONFIG", ], - mode => 0644, + mode => "0644", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", @@ -591,7 +591,7 @@ define ldap::server::schema($idx = 50) { path => "${ldap::server::config}/schema/${idx}-${name}.schema", source => [ "puppet:///files/ldap/${name}.schema", "puppet:///modules/ldap/${name}.schema", ], - mode => 0644, + mode => "0644", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", diff --git a/libvirt/manifests/init.pp b/libvirt/manifests/init.pp index 681a653..88abc0e 100644 --- a/libvirt/manifests/init.pp +++ b/libvirt/manifests/init.pp @@ -41,7 +41,7 @@ class libvirt::kvm inherits libvirt::client { file { "/etc/libvirt/libvirtd.conf": ensure => present, - mode => 0644, + mode => "0644", owner => "root", group => "root", content => template("libvirt/libvirtd.conf.erb"), diff --git a/minecraft/manifests/init.pp b/minecraft/manifests/init.pp index d118c5c..757a1e6 100644 --- a/minecraft/manifests/init.pp +++ b/minecraft/manifests/init.pp @@ -6,7 +6,7 @@ class minecraft { file { "/usr/local/lib/minecraft.jar": ensure => present, source => "puppet:///files/packages/minecraft.jar", - mode => 0644, + mode => "0644", owner => "root", group => "root", } @@ -14,7 +14,7 @@ class minecraft { file { "/usr/local/bin/minecraft": ensure => present, source => "puppet:///modules/minecraft/minecraft", - mode => 0755, + mode => "0755", owner => "root", group => "root", require => File["/usr/local/lib/minecraft.jar"], diff --git a/munin/manifests/init.pp b/munin/manifests/init.pp index 84c90b7..9de5885 100644 --- a/munin/manifests/init.pp +++ b/munin/manifests/init.pp @@ -34,12 +34,12 @@ class munin::node { file { "/etc/munin/munin-node.conf": ensure => present, content => template("munin/munin-node.conf.erb"), - owner => root, + owner => "root", group => $operatingsystem ? { - OpenBSD => wheel, - default => root, + OpenBSD => "wheel", + default => "root", }, - mode => 0644, + mode => "0644", require => Package["munin-node"], notify => Exec["munin-node-configure"], } @@ -89,7 +89,7 @@ define munin::snmpnode($snmp_community="public", $snmp_version="2") { OpenBSD => wheel, default => root, }, - mode => 0600, + mode => "0600", notify => Service["munin-node"], } @@ -125,9 +125,9 @@ define munin::plugin($config = "") { file { "/usr/local/libexec/munin/plugins/${name}": ensure => present, source => "puppet:///modules/munin/plugins/${name}", - owner => root, - group => wheel, - mode => 0755, + owner => "root", + group => "wheel", + mode => "0755", require => Package["munin-node"], } } @@ -135,9 +135,9 @@ define munin::plugin($config = "") { file { "/usr/share/munin/plugins/${name}": ensure => present, source => "puppet:///modules/munin/plugins/${name}", - owner => root, - group => root, - mode => 0755, + owner => "root", + group => "root", + mode => "0755", require => Package["munin-node"], } } @@ -149,12 +149,12 @@ define munin::plugin($config = "") { source => [ "puppet:///files/munin/plugin-conf/${config}.${fqdn}", "puppet:///files/munin/plugin-conf/${config}", "puppet:///modules/munin/plugin-conf/${config}", ], - owner => root, + owner => "root", group => $operatingsystem ? { OpenBSD => wheel, default => root, }, - mode => 0644, + mode => "0644", notify => Service["munin-node"], require => $operatingsystem ? { OpenBSD => File["/usr/local/libexec/munin/plugins/${name}"], @@ -206,9 +206,9 @@ class munin::server { if $munin_datadir { file { $munin_datadir: ensure => directory, - mode => 0755, - owner => munin, - group => munin, + mode => "0755", + owner => "munin", + group => "munin", seltype => "munin_var_lib_t", require => Package["munin"], } @@ -230,9 +230,9 @@ class munin::server { if $munin_htmldir { file { $munin_htmldir: ensure => directory, - mode => 0755, - owner => munin, - group => munin, + mode => "0755", + owner => "munin", + group => "munin", seltype => "httpd_munin_content_t", require => Package["munin"], } @@ -261,9 +261,9 @@ class munin::server { purge => true, force => true, recurse => true, - owner => root, - group => root, - mode => 0644, + owner => "root", + group => "root", + mode => "0644", source => "puppet:///modules/custom/empty", require => Package["munin"], } @@ -272,9 +272,9 @@ class munin::server { ensure => present, source => [ "puppet:///files/munin/munin.conf.in", "puppet:///modules/munin/munin.conf.in", ], - owner => root, - group => root, - mode => 0644, + owner => "root", + group => "root", + mode => "0644", require => Package["munin"], notify => Exec["generate-munin-conf"], } diff --git a/mutt/manifests/init.pp b/mutt/manifests/init.pp index 316db88..6e9cf26 100644 --- a/mutt/manifests/init.pp +++ b/mutt/manifests/init.pp @@ -29,11 +29,11 @@ class mutt { ensure => present, name => "${muttconfdir}/Muttrc.local", content => template("mutt/Muttrc.local.erb"), - mode => 0644, - owner => root, + mode => "0644", + owner => "root", group => $operatingsystem ? { - openbsd => wheel, - default => root, + openbsd => "wheel", + default => "root", }, require => Exec["add-local-mutt-config"], } diff --git a/mysql/manifests/init.pp b/mysql/manifests/init.pp index 3e43424..b51b373 100644 --- a/mysql/manifests/init.pp +++ b/mysql/manifests/init.pp @@ -26,9 +26,9 @@ class mysql::server { if $mysql_datadir { file { $mysql_datadir: ensure => directory, - mode => 0755, - owner => mysql, - group => mysql, + mode => "0755", + owner => "mysql", + group => "mysql", seltype => "mysqld_db_t", require => Package["mysql-server"], } @@ -41,9 +41,9 @@ class mysql::server { } else { file { "/srv/mysql": ensure => directory, - mode => 0755, - owner => mysql, - group => mysql, + mode => "0755", + owner => "mysql", + group => "mysql", seltype => "mysqld_db_t", require => Package["mysql-server"], } @@ -78,9 +78,9 @@ class mysql::server { source => [ "puppet:///files/mysql/my.cnf.${hostname}", "puppet:///files/mysql/my.cnf", "puppet:///modules/mysql/my.cnf", ], - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", require => Package["mysql-server"], notify => Service["mysqld"], } @@ -88,17 +88,17 @@ class mysql::server { file { "/etc/logrotate.d/mysql": ensure => present, source => "puppet:///modules/mysql/mysql.logrotate", - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", require => Package["mysql-server"], } file { "/var/lib/mysql": ensure => directory, - mode => 0700, - owner => mysql, - group => mysql, + mode => "0700", + owner => "mysql", + group => "mysql", require => Package["mysql-server"], } @@ -128,17 +128,17 @@ class mysql::server::backup { file { $mysql_backup_datadir: ensure => directory, - mode => 0700, - owner => root, - group => root, + mode => "0700", + owner => "root", + group => "root", } file { "/etc/cron.daily/mysql-backup": ensure => present, content => template("mysql/mysql-backup.cron.erb"), - mode => 0755, - owner => root, - group => root, + mode => "0755", + owner => "root", + group => "root", require => [ File[$mysql_backup_datadir], Package["mysql"], ], } @@ -156,18 +156,18 @@ class mysql::server::report { file { "/var/log/mysql-report": ensure => directory, - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", require => Package["mysql-server"], } file { "/etc/cron.daily/mysql-report": ensure => present, source => "puppet:///modules/mysql/mysql-report.cron", - mode => 0755, - owner => root, - group => root, + mode => "0755", + owner => "root", + group => "root", require => File["/var/log/mysql-report"], } diff --git a/mythtv/manifests/init.pp b/mythtv/manifests/init.pp index 3d8079f..e3b5d01 100644 --- a/mythtv/manifests/init.pp +++ b/mythtv/manifests/init.pp @@ -44,7 +44,7 @@ class mythtv::backend { file { "/etc/mythtv/mysql.txt": ensure => present, content => template("mythtv/mysql.txt.erb"), - mode => 0640, + mode => "0640", owner => root, group => mythtv, notify => Service["mythbackend"], @@ -54,7 +54,7 @@ class mythtv::backend { file { "/etc/mythtv/config.xml": ensure => present, content => template("mythtv/config.xml.erb"), - mode => 0640, + mode => "0640", owner => root, group => mythtv, notify => Service["mythbackend"], @@ -64,7 +64,7 @@ class mythtv::backend { file { "/etc/sysconfig/mythbackend": ensure => present, source => "puppet:///modules/mythtv/mythbackend", - mode => 0644, + mode => "0644", owner => root, group => root, notify => Service["mythbackend"], @@ -88,7 +88,7 @@ class mythtv::backend { file { "/etc/cron.daily/mythorphans": ensure => present, source => "puppet:///modules/mythtv/mythorphans", - mode => 0755, + mode => "0755", owner => root, group => root, } @@ -109,7 +109,7 @@ class mythtv::cron inherits mythtv::backend { file { "/etc/cron.daily/mythfilldatabase": ensure => present, source => "puppet:///modules/mythtv/mythfilldatabase", - mode => 0755, + mode => "0755", owner => root, group => root, } @@ -117,7 +117,7 @@ class mythtv::cron inherits mythtv::backend { file { "/etc/cron.daily/mythoptimize": ensure => present, source => "puppet:///modules/mythtv/mythoptimize", - mode => 0755, + mode => "0755", owner => root, group => root, } @@ -159,7 +159,7 @@ class mythtv::mythweb { file { "/usr/share/mythweb/data": ensure => directory, - mode => 0770, + mode => "0770", owner => root, group => $apache::sslserver::group, seltype => "httpd_sys_rw_content_t", diff --git a/network/manifests/init.pp b/network/manifests/init.pp index d96d7f6..61fcaf8 100644 --- a/network/manifests/init.pp +++ b/network/manifests/init.pp @@ -37,7 +37,7 @@ class network::helper::debian { file { "/etc/network/interfaces.in": ensure => present, - mode => 0644, + mode => "0644", owner => root, group => root, source => "puppet:///modules/network/interfaces.in", @@ -45,7 +45,7 @@ class network::helper::debian { file { "/etc/network/interfaces.d": ensure => directory, - mode => 0644, + mode => "0644", owner => root, group => root, purge => true, @@ -66,7 +66,7 @@ class network::hostname { file { "/etc/hostname": ensure => present, content => "${homename}\n", - mode => 0644, + mode => "0644", owner => "root", group => "root", } @@ -81,7 +81,7 @@ class network::hostname { file { "/etc/myname": ensure => present, content => "${homename}\n", - mode => 0644, + mode => "0644", owner => "root", group => "wheel", } @@ -159,7 +159,7 @@ define network::interface($ipaddr = "none", $eaddr = "none", $netmask = "none", file { "/etc/hostname.${name}": ensure => present, content => template("network/hostname.if.erb"), - mode => 0600, + mode => "0600", owner => root, group => wheel, notify => Exec["restart-network"], @@ -175,7 +175,7 @@ define network::interface($ipaddr = "none", $eaddr = "none", $netmask = "none", file { "/etc/sysconfig/network-scripts/ifcfg-${name}": ensure => present, content => template("network/ifcfg-if.erb"), - mode => 0644, + mode => "0644", owner => root, group => root, notify => Exec["restart-interface-${name}"], @@ -193,7 +193,7 @@ define network::interface($ipaddr = "none", $eaddr = "none", $netmask = "none", file { "/etc/network/interfaces.d/${name}-addr.conf": ensure => present, content => template("network/interfaces-if.erb"), - mode => 0644, + mode => "0644", owner => root, group => root, notify => Exec["restart-network"], @@ -202,7 +202,7 @@ define network::interface($ipaddr = "none", $eaddr = "none", $netmask = "none", if $eaddr_real { file { "/etc/udev/rules.d/99-persistent-net-${name}.rules": ensure => present, - mode => 0644, + mode => "0644", owner => root, group => root, content => "SUBSYSTEM==\"net\", ACTION==\"add\", ATTR{address}==\"${eaddr_real}\", KERNEL==\"eth*\", NAME=\"${name}\"\n", @@ -258,7 +258,7 @@ define network::route($gateway = "", $device, $ipv6gateway = "") { file { "/etc/mygate": ensure => present, content => template("network/mygate.erb"), - mode => 0644, + mode => "0644", owner => root, group => wheel, notify => Exec["restart-network"], @@ -270,7 +270,7 @@ define network::route($gateway = "", $device, $ipv6gateway = "") { file { "/etc/network/interfaces.d/${device}-gate.conf": ensure => present, content => template("network/interfaces-gateway.erb"), - mode => 0644, + mode => "0644", owner => root, group => root, notify => Exec["restart-network"], @@ -292,7 +292,7 @@ define network::route($gateway = "", $device, $ipv6gateway = "") { file { "/etc/sysconfig/network-scripts/route-${device}": ensure => present, content => template("network/route-if.erb"), - mode => 0644, + mode => "0644", owner => "root", group => "root", notify => Exec["restart-network"], @@ -346,7 +346,7 @@ define network::carp($password, $ipaddr, $netmask, $options = []) { file { "/etc/ucarp/vip-${name}.conf": ensure => present, content => template("network/vip.conf.erb"), - mode => 0600, + mode => "0600", owner => root, group => root, require => Package["ucarp"], @@ -401,7 +401,7 @@ define network::pppoe($username, $password, $device, $authtype = "pap") { file { "/etc/hostname.${name}": ensure => present, content => template("network/hostname.pppoe.erb"), - mode => 0600, + mode => "0600", owner => root, group => wheel, notify => Exec["restart-network"], @@ -442,7 +442,7 @@ define network::trunk($devices, $mode = 0, $ipaddr = "none", $netmask = "none") file { "/etc/modprobe.d/${name}.conf": ensure => present, content => "alias ${name} bonding\noptions ${name} miimon=100 mode=${mode}\n", - mode => 0644, + mode => "0644", owner => root, group => root, } @@ -536,7 +536,7 @@ class network::manager::disable { ubuntu: { file { "/etc/init/network-manager.conf": ensure => present, - mode => 0644, + mode => "0644", owner => root, group => root, source => "puppet:///modules/network/network-manager.disabled.conf", diff --git a/networker/manifests/init.pp b/networker/manifests/init.pp index 4d2997e..7d5f323 100644 --- a/networker/manifests/init.pp +++ b/networker/manifests/init.pp @@ -6,7 +6,7 @@ class networker::client { file { [ "/nsr", "/nsr/res" ]: ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => root, require => Package["lgtoclnt"], @@ -15,7 +15,7 @@ class networker::client { file { "/nsr/res/servers": ensure => present, content => template("networker/servers.erb"), - mode => 0644, + mode => "0644", owner => root, group => root, require => File["/nsr/res"], diff --git a/nfs/manifests/init.pp b/nfs/manifests/init.pp index 75b8381..b33fd25 100644 --- a/nfs/manifests/init.pp +++ b/nfs/manifests/init.pp @@ -30,7 +30,7 @@ class nfs::server inherits nfs::client { ensure => present, source => [ "puppet:///files/nfs/exports.${fqdn}", "puppet:///modules/nfs/exports", ], - mode => 0644, + mode => "0644", owner => root, group => root, require => Package["nfs-utils"], @@ -40,7 +40,7 @@ class nfs::server inherits nfs::client { file { "/etc/sysconfig/nfs": ensure => present, source => "puppet:///modules/nfs/nfs.sysconfig", - mode => 0644, + mode => "0644", owner => root, group => root, notify => Service["nfs"], diff --git a/nginx/manifests/init.pp b/nginx/manifests/init.pp index 0addb42..eac0587 100644 --- a/nginx/manifests/init.pp +++ b/nginx/manifests/init.pp @@ -25,7 +25,7 @@ class nginx { file { "/etc/nginx/nginx.conf": ensure => present, - mode => 0644, + mode => "0644", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", @@ -38,7 +38,7 @@ class nginx { file { "/etc/nginx/conf.d": ensure => directory, - mode => 0644, + mode => "0644", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", @@ -81,7 +81,7 @@ define nginx::configfile($source="", $content="") { file { "/etc/nginx/conf.d/${name}": ensure => present, - mode => 0644, + mode => "0644", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", diff --git a/ntpd/manifests/init.pp b/ntpd/manifests/init.pp index 950a1f5..74ac2f0 100644 --- a/ntpd/manifests/init.pp +++ b/ntpd/manifests/init.pp @@ -56,7 +56,7 @@ class ntpd::chrony { file { "/etc/chrony.conf": ensure => present, - mode => 0644, + mode => "0644", owner => "root", group => "root", content => template("ntpd/chrony.conf.erb"), @@ -82,7 +82,7 @@ class ntpd::isc-ntpd { file { "/etc/ntp.conf": ensure => present, - mode => 0644, + mode => "0644", owner => root, group => root, content => template("ntpd/ntp.conf.erb"), @@ -109,7 +109,7 @@ class ntpd::openntpd { file { "/etc/ntpd.conf": ensure => present, - mode => 0644, + mode => "0644", owner => root, group => wheel, content => template("ntpd/openntpd.conf.erb"), diff --git a/openvpn/manifests/init.pp b/openvpn/manifests/init.pp index d99a795..c5ce341 100644 --- a/openvpn/manifests/init.pp +++ b/openvpn/manifests/init.pp @@ -31,7 +31,7 @@ class openvpn::client { file { "/etc/openvpn/openvpn.conf": ensure => present, content => template("openvpn/openvpn.conf.erb"), - mode => 0640, + mode => "0640", owner => "root", group => "root", notify => Service["openvpn"], @@ -40,7 +40,7 @@ class openvpn::client { file { "/etc/openvpn/ta.key": ensure => present, source => "puppet:///files/openvpn/ta.key", - mode => 0640, + mode => "0640", owner => "root", group => "root", require => Package["openvpn"], @@ -48,7 +48,7 @@ class openvpn::client { file { "/etc/openvpn/ca.crt": ensure => present, source => "puppet:///files/openvpn/ca.crt", - mode => 0640, + mode => "0640", owner => "root", group => "root", require => Package["openvpn"], diff --git a/pam/manifests/init.pp b/pam/manifests/init.pp index 69e6578..02f839b 100644 --- a/pam/manifests/init.pp +++ b/pam/manifests/init.pp @@ -35,7 +35,7 @@ class pam::mkhomedir { "ubuntu": { file { "/usr/share/pam-configs/pam_mkhomedir": source => "puppet:///modules/pam/pam_mkhomedir", - mode => 0644, + mode => "0644", owner => "root", group => "root", require => Package["libpam-runtime"], diff --git a/procmail/manifests/init.pp b/procmail/manifests/init.pp index 11f203d..d5228bf 100644 --- a/procmail/manifests/init.pp +++ b/procmail/manifests/init.pp @@ -12,7 +12,7 @@ class procmail { purge => true, force => true, recurse => true, - mode => 0755, + mode => "0755", owner => "root", group => "root", source => "puppet:///modules/custom/empty", @@ -22,7 +22,7 @@ class procmail { file { "/etc/procmailrc": ensure => present, - mode => 0644, + mode => "0644", owner => "root", group => "root", require => Package["procmail"], @@ -59,7 +59,7 @@ define procmail::rc($source = "AUTO") { "AUTO" => "puppet:///files/procmail/${name}", default => $source, }, - mode => 0644, + mode => "0644", owner => root, group => root, notify => Exec["generate-procmailrc"], diff --git a/psacct/manifests/init.pp b/psacct/manifests/init.pp index c57fbb8..ac6a042 100644 --- a/psacct/manifests/init.pp +++ b/psacct/manifests/init.pp @@ -50,9 +50,9 @@ class psacct::openbsd { file { "/var/account/acct": ensure => present, - mode => 0644, - owner => root, - group => wheel, + mode => "0644", + owner => "root", + group => "wheel", notify => Exec["accton"], } diff --git a/pulseaudio/manifests/init.pp b/pulseaudio/manifests/init.pp index c68bd7b..4a63035 100644 --- a/pulseaudio/manifests/init.pp +++ b/pulseaudio/manifests/init.pp @@ -21,14 +21,14 @@ class pulseaudio::server inherits pulseaudio::common { file { "/etc/init.d/pulseaudio": ensure => present, source => "puppet:///modules/pulseaudio/pulseaudio.init", - mode => 0755, + mode => "0755", owner => root, group => root, } file { "/etc/sysconfig/pulseaudio": ensure => present, source => "puppet:///modules/pulseaudio/pulseaudio.sysconfig.${operatingsystem}", - mode => 0644, + mode => "0644", owner => root, group => root, before => File["/etc/init.d/pulseaudio"], @@ -39,7 +39,7 @@ class pulseaudio::server inherits pulseaudio::common { ensure => present, source => [ "puppet:///files/pulseaudio/system.pa.${fqdn}", "puppet:///files/pulseaudio/system.pa", ], - mode => 0644, + mode => "0644", owner => root, group => root, require => Package["pulseaudio"], diff --git a/puppet/manifests/init.pp b/puppet/manifests/init.pp index 20a1d9e..0b057a5 100644 --- a/puppet/manifests/init.pp +++ b/puppet/manifests/init.pp @@ -36,7 +36,7 @@ class puppet::client { file { "/etc/rc.d/puppetd": ensure => present, source => "puppet:///modules/puppet/puppetd.rc", - mode => 0755, + mode => "0755", owner => "root", group => "wheel", before => Service["puppet"], @@ -48,8 +48,8 @@ class puppet::client { file { "/etc/puppet/puppet.conf": ensure => present, content => template("puppet/puppet.conf.erb"), - mode => 0640, - owner => root, + mode => "0640", + owner => "root", group => $operatingsystem ? { openbsd => "_puppet", default => "puppet", @@ -82,9 +82,9 @@ class puppet::client { file { "/etc/default/puppet": ensure => present, source => "puppet:///modules/puppet/puppet.enabled.default", - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", notify => Service["puppet"], } } @@ -101,11 +101,11 @@ class puppet::client { file { "/usr/local/sbin/puppet-check": ensure => present, source => "puppet:///modules/puppet/puppet-check", - mode => 0755, - owner => root, + mode => "0755", + owner => "root", group => $operatingsystem ? { - openbsd => wheel, - default => root, + openbsd => "wheel", + default => "root", }, } cron { "puppet-check": @@ -261,8 +261,8 @@ class puppet::server::common inherits puppet::client { if $puppet_datadir { file { $puppet_datadir: ensure => directory, - mode => 0755, - owner => root, + mode => "0755", + owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", default => "root", @@ -279,8 +279,8 @@ class puppet::server::common inherits puppet::client { } else { file { "/srv/puppet": ensure => directory, - mode => 0755, - owner => root, + mode => "0755", + owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", default => "root", @@ -306,7 +306,7 @@ class puppet::server::common inherits puppet::client { if $puppet_storeconfigs != "none" { file { "/srv/puppet/storeconfigs": ensure => directory, - mode => 0750, + mode => "0750", owner => $user, group => $group, seltype => "var_lib_t", @@ -317,7 +317,7 @@ class puppet::server::common inherits puppet::client { "/srv/puppet/reports", "/srv/puppet/rrd", ]: ensure => directory, - mode => 0750, + mode => "0750", owner => $user, group => $group, seltype => "var_lib_t", @@ -326,8 +326,8 @@ class puppet::server::common inherits puppet::client { file { [ "/srv/puppet/files", "/srv/puppet/templates" ]: ensure => directory, - mode => 0755, - owner => root, + mode => "0755", + owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", default => "root", @@ -337,8 +337,8 @@ class puppet::server::common inherits puppet::client { } file { "/srv/puppet/files/common": ensure => directory, - mode => 0755, - owner => root, + mode => "0755", + owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", default => "root", @@ -348,8 +348,8 @@ class puppet::server::common inherits puppet::client { } file { "/srv/puppet/files/private": ensure => directory, - mode => 0750, - owner => root, + mode => "0750", + owner => "root", group => $group, seltype => "var_lib_t", require => File["/srv/puppet/files"], @@ -364,8 +364,8 @@ class puppet::server::common inherits puppet::client { source => [ "puppet:///files/puppet/tagmail.conf.${fqdn}", "puppet:///files/puppet/tagmail.conf", "puppet:///modules/puppet/tagmail.conf", ], - mode => 0644, - owner => root, + mode => "0644", + owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", default => "root", @@ -378,8 +378,8 @@ class puppet::server::common inherits puppet::client { source => [ "puppet:///files/puppet/fileserver.conf.${fqdn}", "puppet:///files/puppet/fileserver.conf", "puppet:///modules/puppet/fileserver.conf", ], - mode => 0644, - owner => root, + mode => "0644", + owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", default => "root", @@ -394,9 +394,9 @@ class puppet::server::common inherits puppet::client { file { "/etc/cron.daily/puppet-report-cleanup": ensure => present, content => template("puppet/puppet-report-cleanup.erb"), - mode => 0755, - owner => root, - group => root, + mode => "0755", + owner => "root", + group => "root", require => File["/srv/puppet/reports"], } } @@ -405,7 +405,7 @@ class puppet::server::common inherits puppet::client { file { "/usr/local/sbin/puppet-clean-storeconfigs": ensure => present, source => "puppet:///modules/puppet/puppet-clean-storeconfigs", - mode => 0755, + mode => "0755", owner => "root", group => $operatingsystem ? { openbsd => "wheel", @@ -459,9 +459,9 @@ class puppet::server::mongrel { file { "/etc/default/puppetmaster": ensure => present, content => template("puppet/puppetmaster.default.erb"), - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", notify => Service["puppetmaster"], } } @@ -469,9 +469,9 @@ class puppet::server::mongrel { file { "/etc/sysconfig/puppetmaster": ensure => present, content => template("puppet/puppetmaster.sysconfig.erb"), - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", notify => Service["puppetmaster"], } } @@ -559,9 +559,9 @@ class puppet::opencollab { file { "/etc/puppet/opencollab.conf": ensure => present, - mode => 0600, - owner => root, - group => root, + mode => "0600", + owner => "root", + group => "root", content => "[creds]\nurl = ${puppet_opencollab_url}\nusername = ${puppet_opencollab_user}\npassword = ${puppet_opencollab_pass}\n", } diff --git a/rsync/manifests/init.pp b/rsync/manifests/init.pp index 6d4124b..32fc6c1 100644 --- a/rsync/manifests/init.pp +++ b/rsync/manifests/init.pp @@ -17,7 +17,7 @@ class rsync::run-rsync { ensure => present, source => [ "puppet:///files/run-rsync/${homename}-RunRsyncConfig.pm", "/etc/run-rsync/RunRsyncConfig.pm", ], - mode => 0644, + mode => "0644", owner => "root", group => "root", } diff --git a/samba/manifests/init.pp b/samba/manifests/init.pp index 2285fe8..2d23b2d 100644 --- a/samba/manifests/init.pp +++ b/samba/manifests/init.pp @@ -61,11 +61,11 @@ class samba::server { ensure => present, source => [ "puppet:///files/samba/smb.conf.${fqdn}", "puppet:///files/samba/smb.conf", ], - mode => 0644, - owner => root, + mode => "0644", + owner => "root", group => $operatingsystem ? { - openbsd => wheel, - default => root, + openbsd => "wheel", + default => "root", }, require => Package["samba"], } @@ -75,11 +75,11 @@ class samba::server { source => [ "puppet:///files/samba/lmhosts.${fqdn}", "puppet:///files/samba/lmhosts", "puppet:///modules/samba/lmhosts", ], - mode => 0644, - owner => root, + mode => "0644", + owner => "root", group => $operatingsystem ? { - openbsd => wheel, - default => root, + openbsd => "wheel", + default => "root", }, require => Package["samba"], } @@ -96,9 +96,9 @@ class samba::bdc { file { "/etc/cron.hourly/sync-netlogon.sh": ensure => present, source => "puppet:///modules/samba/sync-netlogon.sh", - mode => 0755, - owner => root, - group => root, + mode => "0755", + owner => "root", + group => "root", } } diff --git a/saslauthd/manifests/init.pp b/saslauthd/manifests/init.pp index 10b483a..d5e60a8 100644 --- a/saslauthd/manifests/init.pp +++ b/saslauthd/manifests/init.pp @@ -14,9 +14,9 @@ class saslauthd::server { file { "/etc/sasldb2": ensure => present, - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", require => Exec["generate-sasldb2"], } exec { "generate-sasldb2": @@ -54,9 +54,9 @@ define saslauthd::service() { "puppet:///files/saslauthd/${name}.conf", "puppet:///files/saslauthd/service.conf", "puppet:///modules/saslauthd/service.conf", ], - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", require => Service["saslauthd"], } diff --git a/selinux/manifests/init.pp b/selinux/manifests/init.pp index 68b275d..aa33a80 100644 --- a/selinux/manifests/init.pp +++ b/selinux/manifests/init.pp @@ -30,9 +30,9 @@ class selinux { file { "/etc/selinux/config": ensure => present, content => template("selinux/config.erb"), - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", require => Package["selinux-policy-targeted"], notify => Exec["set-selinux-mode"], } diff --git a/sendmail/manifests/init.pp b/sendmail/manifests/init.pp index 56a22d9..4edba7b 100644 --- a/sendmail/manifests/init.pp +++ b/sendmail/manifests/init.pp @@ -25,7 +25,7 @@ class sendmail::common { content => "DAEMON=no\nQUEUE=1h\n", owner => "root", group => "root", - mode => 0644, + mode => "0644", notify => Service["sendmail"], } } @@ -59,7 +59,7 @@ class sendmail::client inherits sendmail::common { "openbsd" => "bin", default => "root", }, - mode => 0644, + mode => "0644", notify => Exec["make submit.cf"], require => $operatingsystem ? { "openbsd" => undef, @@ -88,7 +88,7 @@ class sendmail::client inherits sendmail::common { "ubuntu" => "smmsp", default => "root", }, - mode => 0644, + mode => "0644", source => $operatingsystem ? { "openbsd" => "/usr/share/sendmail/cf/submit.cf", default => undef, @@ -141,7 +141,7 @@ class sendmail::server inherits sendmail::common { content => template("sendmail/sendmail.mc.erb"), owner => "root", group => $group, - mode => 0644, + mode => "0644", notify => Exec["make sendmail.cf"], } @@ -150,7 +150,7 @@ class sendmail::server inherits sendmail::common { notify => Exec["newaliases"], owner => "root", group => $group, - mode => 0644, + mode => "0644", } exec { "make sendmail.cf": @@ -170,7 +170,7 @@ class sendmail::server inherits sendmail::common { ensure => present, owner => "root", group => $group, - mode => 0644, + mode => "0644", source => $operatingsystem ? { openbsd => "/usr/share/sendmail/cf/sendmail.cf", default => undef, diff --git a/ssh/manifests/init.pp b/ssh/manifests/init.pp index dd2b5a1..8bacbf3 100644 --- a/ssh/manifests/init.pp +++ b/ssh/manifests/init.pp @@ -4,7 +4,7 @@ class ssh::known_hosts { file { "/etc/ssh/ssh_known_hosts": ensure => present, - mode => 0644, + mode => "0644", owner => root, group => $operatingsystem ? { OpenBSD => wheel, @@ -32,7 +32,7 @@ class ssh::hostkeys { file { "/etc/ssh/ssh_host_dsa_key": ensure => present, source => "puppet:///private/ssh_host_dsa_key", - mode => 0600, + mode => "0600", owner => root, group => $operatingsystem ? { openbsd => wheel, @@ -42,7 +42,7 @@ class ssh::hostkeys { file { "/etc/ssh/ssh_host_dsa_key.pub": ensure => present, source => "puppet:///private/ssh_host_dsa_key.pub", - mode => 0644, + mode => "0644", owner => root, group => $operatingsystem ? { openbsd => wheel, @@ -53,7 +53,7 @@ class ssh::hostkeys { file { "/etc/ssh/ssh_host_rsa_key": ensure => present, source => "puppet:///private/ssh_host_rsa_key", - mode => 0600, + mode => "0600", owner => root, group => $operatingsystem ? { openbsd => wheel, @@ -63,7 +63,7 @@ class ssh::hostkeys { file { "/etc/ssh/ssh_host_rsa_key.pub": ensure => present, source => "puppet:///private/ssh_host_rsa_key.pub", - mode => 0644, + mode => "0644", owner => root, group => $operatingsystem ? { openbsd => wheel, @@ -74,7 +74,7 @@ class ssh::hostkeys { file { "/etc/ssh/ssh_host_key": ensure => present, source => "puppet:///private/ssh_host_key", - mode => 0600, + mode => "0600", owner => root, group => $operatingsystem ? { openbsd => wheel, @@ -84,7 +84,7 @@ class ssh::hostkeys { file { "/etc/ssh/ssh_host_key.pub": ensure => present, source => "puppet:///private/ssh_host_key.pub", - mode => 0644, + mode => "0644", owner => root, group => $operatingsystem ? { openbsd => wheel, @@ -112,7 +112,7 @@ class ssh::disable { } file { "/etc/init/ssh.conf": ensure => present, - mode => 0644, + mode => "0644", owner => root, group => root, source => "puppet:///modules/ssh/ssh.disabled.conf", diff --git a/sudo/manifests/init.pp b/sudo/manifests/init.pp index 350885e..3c3b322 100644 --- a/sudo/manifests/init.pp +++ b/sudo/manifests/init.pp @@ -11,7 +11,7 @@ class sudo { file { "/etc/sudoers.d": ensure => directory, - mode => 0440, + mode => "0440", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", @@ -25,7 +25,7 @@ class sudo { file { "/etc/sudoers": ensure => present, - mode => 0440, + mode => "0440", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", @@ -54,7 +54,7 @@ define sudo::sudoer($where="ALL", $as_whom="ALL", $what="ALL") { file { "/etc/sudoers.d/${name}": ensure => present, - mode => 0440, + mode => "0440", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", diff --git a/svn/manifests/init.pp b/svn/manifests/init.pp index 4b58b16..5ee538c 100644 --- a/svn/manifests/init.pp +++ b/svn/manifests/init.pp @@ -8,7 +8,7 @@ class svn::client { file { "/etc/subversion/servers": ensure => present, - mode => 0644, + mode => "0644", owner => root, group => root, content => template("svn/servers.erb"), diff --git a/syslog/manifests/init.pp b/syslog/manifests/init.pp index dde2166..76d75f0 100644 --- a/syslog/manifests/init.pp +++ b/syslog/manifests/init.pp @@ -40,7 +40,7 @@ class syslog::common { "linux": { file { "/etc/logrotate.d/syslog.all": ensure => present, - mode => 0644, + mode => "0644", owner => "root", group => "root", content => template("syslog/logrotate.erb"), @@ -92,7 +92,7 @@ class syslog::client::syslogd { file { "/var/log/all.log": ensure => present, - mode => 0640, + mode => "0640", owner => "root", group => $group, notify => Service["syslogd"], @@ -102,7 +102,7 @@ class syslog::client::syslogd { ensure => present, content => template("syslog/syslog.conf.$operatingsystem.erb", "syslog/syslog.conf.client.erb"), - mode => 0644, + mode => "0644", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", @@ -151,7 +151,7 @@ class syslog::client::rsyslog { content => template("syslog/rsyslog.conf.erb", "syslog/syslog.conf.$operatingsystem.erb", "syslog/syslog.conf.client.erb"), - mode => 0644, + mode => "0644", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", @@ -176,7 +176,7 @@ class syslog::client::rsyslog { if $operatingsystem == "OpenBSD" and $operatingsystemrelease !~ /4\.[1-8]/ { file { "/etc/rc.d/syslogd": ensure => present, - mode => 0555, + mode => "0555", owner => "root", group => "wheel", source => "puppet:///modules/syslog/rsyslogd.rc", @@ -203,7 +203,7 @@ class syslog::common::standalone inherits syslog::common { if $syslog_datadir { file { $syslog_datadir: ensure => directory, - mode => 2750, + mode => "2750", owner => "root", group => $group, seltype => "var_log_t", @@ -219,7 +219,7 @@ class syslog::common::standalone inherits syslog::common { } else { file { "/srv/log": ensure => directory, - mode => 2750, + mode => "2750", owner => "root", group => $group, seltype => "var_log_t", @@ -228,7 +228,7 @@ class syslog::common::standalone inherits syslog::common { file { "/srv/log/archive": ensure => directory, - mode => 2750, + mode => "2750", owner => "root", group => $group, require => File["/srv/log"], @@ -256,7 +256,7 @@ class syslog::common::standalone inherits syslog::common { file { "/usr/local/sbin/logarchiver.sh": ensure => present, source => "puppet:///modules/syslog/logarchiver.sh", - mode => 0755, + mode => "0755", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", diff --git a/tftp/manifests/init.pp b/tftp/manifests/init.pp index 9c49f88..a1ee8fc 100644 --- a/tftp/manifests/init.pp +++ b/tftp/manifests/init.pp @@ -11,8 +11,8 @@ class tftp::server { if $tftp_datadir { file { $tftp_datadir: ensure => directory, - mode => 0755, - owner => root, + mode => "0755", + owner => "root", group => $operatingsystem ? { openbsd => "wheel", default => "root", @@ -28,7 +28,7 @@ class tftp::server { } else { file { "/srv/tftpboot": ensure => directory, - mode => 0755, + mode => "0755", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", diff --git a/time/manifests/init.pp b/time/manifests/init.pp index d69fe9d..a54be62 100644 --- a/time/manifests/init.pp +++ b/time/manifests/init.pp @@ -17,7 +17,7 @@ class time::server { class time::zone { file { "/etc/localtime": ensure => present, - mode => 0644, + mode => "0644", source => "/usr/share/zoneinfo/$timezone_set" } @@ -25,14 +25,14 @@ class time::zone { centos,redhat: { file { "/etc/sysconfig/clock": ensure => present, - mode => 0644, + mode => "0644", content => template("time/sysconfig_clock.erb"), } } ubuntu: { file { "/etc/timezone": ensure => present, - mode => 0644, + mode => "0644", content => "$timezone_set\n", } } diff --git a/user/manifests/init.pp b/user/manifests/init.pp index 28270b1..82d8288 100644 --- a/user/manifests/init.pp +++ b/user/manifests/init.pp @@ -4,7 +4,7 @@ class user::system { file { "/var/empty": ensure => directory, - mode => 0755, + mode => "0755", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", diff --git a/util/manifests/init.pp b/util/manifests/init.pp index 20c01ff..ac34316 100644 --- a/util/manifests/init.pp +++ b/util/manifests/init.pp @@ -37,7 +37,7 @@ define util::extract::tar($source, $ensure=present, $strip=0, $preserve=false) { file { $name: ensure => directory, - mode => 0755, + mode => "0755", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", @@ -106,7 +106,7 @@ define util::extract::zip($source, $ensure=present) { file { $name: ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => root, } diff --git a/vmware/manifests/init.pp b/vmware/manifests/init.pp index 7b60f63..83fdfdc 100644 --- a/vmware/manifests/init.pp +++ b/vmware/manifests/init.pp @@ -15,7 +15,7 @@ define vmware::bundle() { ensure => present, source => "puppet:///files/packages/${name}.${architecture}.bundle", links => follow, - mode => 0755, + mode => "0755", owner => root, group => root, } diff --git a/vmware/manifests/server.pp b/vmware/manifests/server.pp index a41d7bd..b40928e 100644 --- a/vmware/manifests/server.pp +++ b/vmware/manifests/server.pp @@ -40,7 +40,7 @@ class vmware::server { if $vmware_admin_group { file { "/etc/vmware/ssl/rui.key": ensure => present, - mode => 0640, + mode => "0640", owner => root, group => $vmware_admin_group, require => [ Service["vmware"], @@ -76,7 +76,7 @@ class vmware::server::scripts { file { "/usr/local/sbin/${name}": ensure => present, source => "puppet:///modules/vmware/scripts/${name}", - mode => 0755, + mode => "0755", owner => root, group => root, } @@ -85,7 +85,7 @@ class vmware::server::scripts { file { "/usr/local/lib/vmware.sh": ensure => present, source => "puppet:///modules/vmware/scripts/vmware.sh", - mode => 0644, + mode => "0644", owner => root, group => root, } @@ -113,14 +113,14 @@ class vmware::server::vmfs { file { "/vmfs": ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => root, require => Package["VMware-server"], } file { "/vmfs/volumes": ensure => directory, - mode => 0755, + mode => "0755", owner => root, group => root, require => File["/vmfs"], @@ -176,8 +176,8 @@ define vmware::server::datastore($device, $type = "auto", $options = "defaults") file { "/vmfs/volumes/${name}": ensure => directory, mode => $fstype ? { - nfs => 0755, - default => 0775, + nfs => "0755", + default => "0775", }, owner => root, group => $fstype ? { diff --git a/vsroom/manifests/init.pp b/vsroom/manifests/init.pp index d6e343c..48d9915 100644 --- a/vsroom/manifests/init.pp +++ b/vsroom/manifests/init.pp @@ -25,7 +25,7 @@ class vsroom { file { "/usr/local/src/vsroom.tar.gz": ensure => present, - mode => 0644, + mode => "0644", owner => "root", group => "root", source => "puppet:///files/packages/${vsroom_package}", @@ -46,7 +46,7 @@ class vsroom { if $vsroom_datadir { file { $vsroom_datadir: ensure => directory, - mode => 0750, + mode => "0750", owner => "root", group => "vsroom", } @@ -59,7 +59,7 @@ class vsroom { } else { file { "/var/lib/vsroom": ensure => directory, - mode => 0750, + mode => "0750", owner => "root", group => "vsroom", } @@ -72,7 +72,7 @@ class vsroom { file { "${htdocs}/config.json": ensure => present, - mode => 0644, + mode => "0644", owner => "root", group => "root", source => [ "puppet:///files/vsroom/config.json.${fqdn}", diff --git a/wiki/manifests/init.pp b/wiki/manifests/init.pp index 87ca53f..338f2a9 100644 --- a/wiki/manifests/init.pp +++ b/wiki/manifests/init.pp @@ -14,17 +14,17 @@ class wiki::moin { file { "/usr/local/src/moin.tar.gz": ensure => present, - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", source => "puppet:///files/packages/${moin_package}", links => follow, } file { "/usr/local/src/moin.patch": ensure => present, - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", source => "puppet:///files/packages/${moin_patch}", links => follow, } @@ -49,7 +49,7 @@ class wiki::moin { file { "${shared}/htdocs/.htaccess": ensure => present, - mode => 0644, + mode => "0644", owner => "root", group => "root", content => "SetHandler None\n", @@ -73,7 +73,7 @@ class wiki::graphingwiki::common { file { "/usr/local/src/graphingwiki.tar.gz": ensure => directory, - mode => 0644, + mode => "0644", owner => "root", group => $operatingsystem ? { "openbsd" => "wheel", @@ -173,9 +173,9 @@ class wiki::collab::base { if $wiki_datadir { file { $wiki_datadir: ensure => directory, - mode => 0755, - owner => root, - group => root, + mode => "0755", + owner => "root", + group => "root", } file { "/srv/wikis": @@ -186,9 +186,9 @@ class wiki::collab::base { } else { file { "/srv/wikis": ensure => directory, - mode => 0755, - owner => root, - group => root, + mode => "0755", + owner => "root", + group => "root", } } @@ -204,9 +204,9 @@ class wiki::collab::base { "/srv/wikis/collab/wikis", "/srv/wikis/collab/run", ]: ensure => directory, - mode => 2660, - owner => collab, - group => collab, + mode => "2660", + owner => "collab", + group => "collab", require => [ File["/srv/wikis"], User["collab"], Group["collab"], Python::Setup::Install["/usr/local/src/graphingwiki/collab"], Python::Setup::Install["/usr/local/src/moin"], ], @@ -223,9 +223,9 @@ class wiki::collab::base { file { "/srv/wikis/collab/config/collabfarm.py": ensure => present, - mode => 0660, - owner => collab, - group => collab, + mode => "0660", + owner => "collab", + group => "collab", source => [ "puppet:///private/wiki/collabfarm.py", "puppet:///files/wiki/collabfarm.py", "/usr/local/src/graphingwiki/collab/config/collabfarm.py", ], @@ -235,9 +235,9 @@ class wiki::collab::base { file { "/srv/wikis/collab/config/intermap.txt": ensure => present, - mode => 0660, - owner => collab, - group => collab, + mode => "0660", + owner => "collab", + group => "collab", source => "/usr/local/src/graphingwiki/collab/config/intermap.txt", replace => false, require => File["/srv/wikis/collab/config"], @@ -245,9 +245,9 @@ class wiki::collab::base { file { "/srv/wikis/collab/config/logging.conf": ensure => present, - mode => 0660, - owner => collab, - group => collab, + mode => "0660", + owner => "collab", + group => "collab", source => "/usr/local/src/graphingwiki/collab/config/logging.conf", replace => false, require => File["/srv/wikis/collab/config"], @@ -255,9 +255,9 @@ class wiki::collab::base { file { "/srv/wikis/collab/htdocs/.htaccess": ensure => present, - mode => 0660, - owner => collab, - group => collab, + mode => "0660", + owner => "collab", + group => "collab", source => "puppet:///modules/wiki/htaccess", replace => false, require => File["/srv/wikis/collab/htdocs"], @@ -265,9 +265,9 @@ class wiki::collab::base { file { [ "/etc/local", "/etc/local/collab" ]: ensure => directory, - mode => 0755, - owner => root, - group => root, + mode => "0755", + owner => "root", + group => "root", } if $collab_jabberdomain and !$collab_conferencedomain { @@ -276,9 +276,9 @@ class wiki::collab::base { file { "/etc/local/collab/collab.ini": ensure => present, - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", content => template("wiki/collab.ini.erb"), require => File["/etc/local/collab"], } diff --git a/yum/manifests/init.pp b/yum/manifests/init.pp index f15a61d..c73a999 100644 --- a/yum/manifests/init.pp +++ b/yum/manifests/init.pp @@ -12,9 +12,9 @@ class yum::updatesd { source => [ "puppet:///files/yum/yum-updatesd.conf.${fqdn}", "puppet:///files/yum/yum-updatesd.conf", "puppet:///modules/yum/yum-updatesd.conf", ], - mode => 0644, - owner => root, - group => root, + mode => "0644", + owner => "root", + group => "root", notify => Service["yum-updatesd"], } @@ -121,7 +121,7 @@ define yum::repo($baseurl="", $mirrorlist="", $descr="", $gpgkey="") { file { "/etc/pki/rpm-gpg/RPM-GPG-KEY-${name}": ensure => present, source => $gpgkey, - mode => 0644, + mode => "0644", owner => "root", group => "root", before => File["/etc/yum.repos.d/${name}.repo"], @@ -140,7 +140,7 @@ define yum::repo($baseurl="", $mirrorlist="", $descr="", $gpgkey="") { file { "/etc/yum.repos.d/${name}.repo": ensure => present, content => template("yum/yum.repo.erb"), - mode => 0644, + mode => "0644", owner => "root", group => "root", } From 19049e0273e04c0fbc5011143ce686e8c52be386 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Sat, 31 Mar 2012 14:11:09 +0300 Subject: [PATCH 19/26] Fixed spelling mistake from network::route. --- network/manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/network/manifests/init.pp b/network/manifests/init.pp index 61fcaf8..cdce314 100644 --- a/network/manifests/init.pp +++ b/network/manifests/init.pp @@ -283,7 +283,7 @@ define network::route($gateway = "", $device, $ipv6gateway = "") { } } default: { - if ipv6gateway != "" { + if $ipv6gateway != "" { fail("Custom IPv6 routes not supported yet.") } case $operatingsystem { From bf96567880c45d5db4a29ff5eaa6b04c864caaa9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Sat, 31 Mar 2012 15:00:57 +0300 Subject: [PATCH 20/26] Fixed nfslock service for Fedora. --- nfs/manifests/init.pp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/nfs/manifests/init.pp b/nfs/manifests/init.pp index b33fd25..4c68b2c 100644 --- a/nfs/manifests/init.pp +++ b/nfs/manifests/init.pp @@ -10,6 +10,10 @@ class nfs::client { } service { "nfslock": + name => $operatingsystem ? { + "fedora" => "nfs-lock", + default => "nfslock", + }, ensure => running, enable => true, hasstatus => true, From 209c0b2450060240945f2248d1ae2f53d09ae541 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Sat, 31 Mar 2012 15:03:21 +0300 Subject: [PATCH 21/26] Fixed nfs::server for Fedora. --- nfs/manifests/init.pp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/nfs/manifests/init.pp b/nfs/manifests/init.pp index 4c68b2c..13ae8d6 100644 --- a/nfs/manifests/init.pp +++ b/nfs/manifests/init.pp @@ -51,6 +51,10 @@ class nfs::server inherits nfs::client { } service { "nfs": + name => $operatingsystem ? { + "fedora" => "nfs-server", + default => "nfs", + }, ensure => running, enable => true, hasstatus => true, From f400a5817c60b28980201fcff40c1540147a09de Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Sat, 31 Mar 2012 15:33:14 +0300 Subject: [PATCH 22/26] Initial version of ldap::auth for Fedora. --- ldap/manifests/init.pp | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/ldap/manifests/init.pp b/ldap/manifests/init.pp index 96fd654..f544342 100644 --- a/ldap/manifests/init.pp +++ b/ldap/manifests/init.pp @@ -90,6 +90,21 @@ class ldap::auth inherits ldap::client { require => Package["nscd"], } } + Fedora: { + package { "sssd": + ensure => installed, + } + exec { "authconfig --enableldap --enableldapauth --ldapserver='${ldap_uri}' --ldapbasedn='${ldap_basedn}' --enablesssd --update": + path => "/bin:/usr/bin:/sbin:/usr/sbin", + unless => 'cat /etc/sysconfig/authconfig | egrep "^USELDAPAUTH=yes$|^USELDAP=yes$" | wc -l | egrep "^2$"', + before => Service["sssd"], + require => Package["sssd"], + } + service { "sssd": + ensure => running, + enable => true, + } + } Ubuntu: { package { "ldap-auth-client": ensure => installed, From ec3c4244adf133b1f0aaf401f59d1b4cdfa24a47 Mon Sep 17 00:00:00 2001 From: Paavo Pokkinen Date: Mon, 2 Apr 2012 11:41:56 +0300 Subject: [PATCH 23/26] generate bind configs from LDAP --- dns/files/dnsdump.py | 95 +++++++++++++++++++++++++++++++++++++++++++ dns/manifests/init.pp | 39 ++++++++++++++++++ 2 files changed, 134 insertions(+) create mode 100755 dns/files/dnsdump.py diff --git a/dns/files/dnsdump.py b/dns/files/dnsdump.py new file mode 100755 index 0000000..832daf7 --- /dev/null +++ b/dns/files/dnsdump.py @@ -0,0 +1,95 @@ +#!/usr/bin/env python + +import re +import sys +import time +import os +import glob +import difflib +from subprocess import Popen, PIPE + +# Example templates: +# +# --(A#(&(objectClass=ipHost)(cn=ap*.panoulu.local)(!(cn=*.*.panoulu.local)))-- +# --(PTR#(&(objectClass=ipHost)(cn=ap*.panoulu.local)(ipHostNumber=10.40.*.*)(!(cn=*.*.panoulu.local)))-- +# --(serial)-- + +def main(): + if len(sys.argv) != 4: + print >>sys.stderr, 'Usage: %s --test/--notest ' % sys.argv[0] + sys.exit(1) + + + for template in glob.glob( os.path.join(sys.argv[2], '*.in')): + infile = open(template, 'r') + input = infile.readlines() + input_string = "" + output = "" + for line in input: + input_string += line + m = re.match('([ \t]*)--(.+)--[ \t]*$', line) + if m is not None: + indent = m.group(1) + if (m.group(2) == "(serial)"): + serial = time.localtime(time.time()) + output += '\t\t\t%s\t; serial\n' % (time.strftime("%Y%m%d%H")) + else: + for entry in ldapsearch(m.group(2)): + output += '%s%s\n' % (indent, entry) + else: + output += line + if sys.argv[1] == "--test": + o = open(os.path.join(sys.argv[3], os.path.basename(template[:-3])), 'r') + str = "" + for line in o.readlines(): + str += line + o.close() + for a, b in zip(str.splitlines(), output.splitlines()): + if a != b: + if not "serial" in a: + print a,b + sys.exit(1) + else: + outfile = open(os.path.join(sys.argv[3], os.path.basename(template[:-3])), 'w') + outfile.write(output) + outfile.close() + infile.close() + + +def ldapsearch(f): + filter_list = f.split("#") + type = filter_list[0][1:] + filter = filter_list[1] + p = Popen(['ldapsearch', '-x', '-z', '0', '-LLL', filter, 'cn', 'macAddress', 'ipHostNumber'], + bufsize=1024, stdout=PIPE, close_fds=True) + ret = [] + cur = {} + for l in p.stdout.readlines(): + l = l.strip() + if l == '': + try: + if (type == "A"): + ret.append('%s.\tA\t%s' % ( + cur["cn"], cur["ipHostNumber"])) + elif type == "PTR": + ip_list = cur["ipHostNumber"].split(".") + ret.append('%s.%s.%s.%s.in-addr.arpa.\tPTR\t%s.' % ( + ip_list[-1], ip_list[-2], ip_list[-3], ip_list[-4], cur["cn"])) + else: + raise "missing record type" + except KeyError: + print >>sys.stderr, "skipping: %s" % repr(cur) + cur = {} + continue + l = l.split() + if l[0] in ('cn:', 'macAddress:', 'ipHostNumber:'): + cur[l[0][0:-1]] = l[1] + return ret + + +if __name__ == '__main__': + try: + main() + except KeyboardInterrupt: + sys.exit() + diff --git a/dns/manifests/init.pp b/dns/manifests/init.pp index fc24b5f..ee3ec43 100644 --- a/dns/manifests/init.pp +++ b/dns/manifests/init.pp @@ -173,6 +173,45 @@ class dns::server { } } +# Generate named config from LDAP +# +# Usage: +# +# Put templates you want to generate to master.in directory. +# See dnsdump.py for example template tags. + +class dns::server::ldap inherits dns::server { + + include ldap::client::python + + file { "/usr/local/sbin/dnsdump.py": + ensure => present, + source => "puppet:///modules/dns/dnsdump.py", + mode => 0755, + owner => root, + group => $operatingsystem ? { + OpenBSD => wheel, + default => root, + }, + } + + file { "/var/named/master.in": + ensure => directory, + source => "puppet:///files/dns/master.in", + recurse => true, + mode => 0755, + owner => root, + purge => true, + } + + exec { "generate-dns-conf": + path => "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin", + command => "dnsdump.py --notest /var/named/master.in /var/named/master", + require => File["/usr/local/sbin/dnsdump.py"], + unless => "dnsdump.py --test /var/named/master.in /var/named/master", + notify => Service["named"] + } +} # Configure DNS zone. # From d74f4298a56d4ca0a9eeaa801b472e013016d984 Mon Sep 17 00:00:00 2001 From: Paavo Pokkinen Date: Mon, 2 Apr 2012 11:54:08 +0300 Subject: [PATCH 24/26] DHCP relay support --- dhcp/manifests/init.pp | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/dhcp/manifests/init.pp b/dhcp/manifests/init.pp index 2ab66c5..a517541 100644 --- a/dhcp/manifests/init.pp +++ b/dhcp/manifests/init.pp @@ -132,3 +132,35 @@ class dhcp::server::ldap inherits dhcp::server::common { } } + +# Configure DHCP relay +# +# === Parameters +# +# $name: +# Relay name (can be anything). +# $interface: +# IP address for interface to listen. +# $server_addr: +# Address for DHCP server to relay requests. +# +# === Sample usage +# +# dhcp::relay { "relay0": interface => "em2", server_addr => "10.20.110.11" } +# + +define dhcp::relay ($interface, $server_addr) { + service { $name: + name => $name, + ensure => running, + provider => "base", + hasrestart => false, + hasstatus => false, + pattern => "/usr/sbin/dhcrelay -i ${interface} ${server_addr}", + start => $operatingsystem ? { + OpenBSD => "/usr/sbin/dhcrelay -i ${interface} ${server_addr}", + default => undef, + } + } +} + From 61a3131d2b5b465e79561b66b4ef1167b86c009a Mon Sep 17 00:00:00 2001 From: Paavo Pokkinen Date: Mon, 2 Apr 2012 12:28:27 +0300 Subject: [PATCH 25/26] minor fix to dnsdump.py --- dns/files/dnsdump.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/dns/files/dnsdump.py b/dns/files/dnsdump.py index 832daf7..a7e3c13 100755 --- a/dns/files/dnsdump.py +++ b/dns/files/dnsdump.py @@ -5,7 +5,6 @@ import sys import time import os import glob -import difflib from subprocess import Popen, PIPE # Example templates: @@ -20,7 +19,7 @@ def main(): sys.exit(1) - for template in glob.glob( os.path.join(sys.argv[2], '*.in')): + for template in glob.glob(os.path.join(sys.argv[2], '*.in')): infile = open(template, 'r') input = infile.readlines() input_string = "" From 6602c319e84d7fcd9f47f5fee259396717cc8e6e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Mon, 2 Apr 2012 15:50:47 +0300 Subject: [PATCH 26/26] Added missing pam_ldap package to Fedora in ldap::auth. --- ldap/manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldap/manifests/init.pp b/ldap/manifests/init.pp index f544342..5011652 100644 --- a/ldap/manifests/init.pp +++ b/ldap/manifests/init.pp @@ -91,7 +91,7 @@ class ldap::auth inherits ldap::client { } } Fedora: { - package { "sssd": + package { [ "sssd", "pam_ldap", ]: ensure => installed, } exec { "authconfig --enableldap --enableldapauth --ldapserver='${ldap_uri}' --ldapbasedn='${ldap_basedn}' --enablesssd --update":