tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge tmakinen/puppet

Browse source 
Conflicts:
	dovecot/manifests/init.pp
	libvirt/manifests/init.pp
	munin/manifests/init.pp
	puppet/manifests/init.pp
	tftp/manifests/init.pp
This commit is contained in:
Ossi Salmi 2012-11-16 19:40:31 +02:00
commit 98767cfb2a
45 changed files with 5517 additions and 156 deletions
Download patch file Download diff file Expand all files Collapse all files

42
puppet/manifests/init.pp
View file

@ -194,9 +194,11 @@ class puppet::server {
class puppet::server::common inherits puppet::client {
if $::operatingsystem in ["CentOS","RedHat"] and $::operatingsystemrelease =~ /^[1-5]\..*/ {
$seltype = "var_lib_t"
$seltype_readonly = "var_lib_t"
$seltype_writable = "var_lib_t"
} else {
$seltype = "puppet_var_lib_t"
$seltype_readonly = "puppetmaster_t"
$seltype_writable = "puppet_var_lib_t"
}
case $::operatingsystem {
@ -294,17 +296,25 @@ class puppet::server::common inherits puppet::client {
"openbsd" => "wheel",
default => "root",
},
seltype => $seltype,
seltype => $seltype_readonly,
require => Package["puppetmaster"],
}
selinux::manage_fcontext { "${puppet_datadir}(/.*)?":
type => $seltype,
type => $seltype_readonly,
before => File[$puppet_datadir],
}
selinux::manage_fcontext { [
"${puppet_datadir}/bucket(/.*)?",
"${puppet_datadir}/reports(/.*)?",
"${puppet_datadir}/rrd(/.*)?",
]:
type => $seltype_writable,
before => File["/srv/puppet/reports"],
}
file { "/srv/puppet":
ensure => link,
target => $puppet_datadir,
seltype => $seltype,
seltype => $seltype_readonly,
require => File[$puppet_datadir],
}
} else {
@ -316,14 +326,22 @@ class puppet::server::common inherits puppet::client {
"openbsd" => "wheel",
default => "root",
},
seltype => $seltype,
seltype => $seltype_readonly,
require => Package["puppetmaster"],
}
}
selinux::manage_fcontext { "/srv/puppet(/.*)?":
type => $seltype,
type => $seltype_readonly,
before => File["/srv/puppet"],
}
selinux::manage_fcontext { [
"/srv/puppet/bucket(/.*)?",
"/srv/puppet/reports(/.*)?",
"/srv/puppet/rrd(/.*)?",
]:
type => $seltype_writable,
before => File["/srv/puppet/reports"],
}
if $puppet_storeconfigs != "none" {
file { "/srv/puppet/storeconfigs":
@ -331,7 +349,7 @@ class puppet::server::common inherits puppet::client {
mode => "0750",
owner => $user,
group => $group,
seltype => $seltype,
seltype => $seltype_readonly,
require => File["/srv/puppet"],
}
}
@ -342,7 +360,7 @@ class puppet::server::common inherits puppet::client {
mode => "0750",
owner => $user,
group => $group,
seltype => $seltype,
seltype => $seltype_writable,
require => File["/srv/puppet"],
}
file { [ "/srv/puppet/files",
@ -354,7 +372,7 @@ class puppet::server::common inherits puppet::client {
"openbsd" => "wheel",
default => "root",
},
seltype => $seltype,
seltype => $seltype_readonly,
require => File["/srv/puppet"],
}
file { "/srv/puppet/files/common":
@ -365,7 +383,7 @@ class puppet::server::common inherits puppet::client {
"openbsd" => "wheel",
default => "root",
},
seltype => $seltype,
seltype => $seltype_readonly,
require => File["/srv/puppet/files"],
}
file { "/srv/puppet/files/private":
@ -373,7 +391,7 @@ class puppet::server::common inherits puppet::client {
mode => "0750",
owner => "root",
group => $group,
seltype => $seltype,
seltype => $seltype_readonly,
require => File["/srv/puppet/files"],
}

6
puppet/templates/puppet-httpd.conf.erb
View file

@ -50,12 +50,7 @@ Listen 8140
# Proxy settings
<IfModule mod_rewrite.c>
<LocationMatch ^/production/file_content/.*>
ForceType application/x-raw
</LocationMatch>
RewriteEngine On
RewriteRule ^/production/file_content/files/(.+)$ /srv/puppet/files/common/$1 [L]
RewriteRule ^/production/file_content/modules/([^/]+)/files/(.+)$ /etc/puppet/modules/$1/files/$2 [L]
RewriteRule ^/(.*)$ balancer://puppetmaster%{REQUEST_URI} [P,QSA,L]
</Ifmodule>
<IfModule !mod_rewrite.c>
@ -67,4 +62,3 @@ Listen 8140
SetEnv proxy-nokeepalive 1
</VirtualHost>