From e0176c550fa89315049ee65133e360c12f7b67ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Sun, 5 May 2013 09:57:01 +0300 Subject: [PATCH 01/17] mysql: Fixed backup script errors in MySQL 5.1.69. --- mysql/templates/mysql-backup.cron.erb | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/mysql/templates/mysql-backup.cron.erb b/mysql/templates/mysql-backup.cron.erb index d30ec12..ab43392 100644 --- a/mysql/templates/mysql-backup.cron.erb +++ b/mysql/templates/mysql-backup.cron.erb @@ -5,6 +5,7 @@ MAXAGE="<%= mysql_backup_maxage %>" DATE=`date "+%Y-%m-%d"` HOME="`getent passwd ${USER} | cut -d : -f 6`" +OPTS="" if [ ! -d ${DESTDIR} ]; then echo "ERR: MySQL backup directory [${DESTDIR}] does not exist" 1>&2 @@ -15,6 +16,11 @@ umask 077 tmpwatch -m -f ${MAXAGE} ${DESTDIR} +mysqldump -E > /dev/null 2>&1 +if [ $? -ne 2 ]; then + OPTS="${OPTS} -E" +fi + DESTDIR=${DESTDIR}/${DATE} mkdir -p ${DESTDIR} @@ -24,5 +30,5 @@ for db in `mysql -e 'show databases' -s` ; do continue ;; esac - mysqldump --add-drop-table ${db} | gzip > ${DESTDIR}/${db}.${DATE}.gz + mysqldump --add-drop-table ${OPTS} ${db} | gzip > ${DESTDIR}/${db}.${DATE}.gz done From 87f9e8995ddd9360efc0d2ee5dc78907926232bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Mon, 6 May 2013 08:33:25 +0300 Subject: [PATCH 02/17] nagios: Added missing nagios-plugins-swap package to nagios::target::nrpe class. --- nagios/manifests/target.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/nagios/manifests/target.pp b/nagios/manifests/target.pp index 87e2ec9..b000fec 100644 --- a/nagios/manifests/target.pp +++ b/nagios/manifests/target.pp @@ -100,6 +100,7 @@ class nagios::target::nrpe inherits nagios::target { "nagios-plugins-disk", "nagios-plugins-load", "nagios-plugins-procs", + "nagios-plugins-swap", "nagios-plugins-users", ]: ensure => installed, before => [ File["/etc/nrpe.d"], Service["nrpe"] ], From 999d0e588f5fa201a0fc8731c889593d7a82e2f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Mon, 6 May 2013 09:39:55 +0300 Subject: [PATCH 03/17] nagios: Added support for nagios::target::nrpe to OpenBSD. --- nagios/manifests/init.pp | 7 +++++++ nagios/manifests/target.pp | 41 +++++++++++++++++++++++++++++++++----- 2 files changed, 43 insertions(+), 5 deletions(-) diff --git a/nagios/manifests/init.pp b/nagios/manifests/init.pp index 850c7f3..1288f1e 100644 --- a/nagios/manifests/init.pp +++ b/nagios/manifests/init.pp @@ -33,6 +33,10 @@ class nagios::common { $cgibin = "/usr/lib/cgi-bin/nagios3" $htdocs = "/usr/share/nagios3/htdocs" } + "openbsd": { + # no params set as we don't support server on openbsd yet + $libdir = "/usr/local/libexec/nagios" + } default: { fail("Nagios not supported on ${::operatingsystem}") } @@ -67,6 +71,9 @@ class nagios::server::manual inherits nagios::common { target => "/etc/nagios3/stylesheets", } } + default: { + fail("nagios::server not supported in ${::operatingsystem}") + } } exec { "usermod-nagios-httpsd": diff --git a/nagios/manifests/target.pp b/nagios/manifests/target.pp index b000fec..77cfe97 100644 --- a/nagios/manifests/target.pp +++ b/nagios/manifests/target.pp @@ -115,13 +115,32 @@ class nagios::target::nrpe inherits nagios::target { before => [ File["/etc/nrpe.d"], Service["nrpe"] ], } } + "openbsd": { + $service = "nrpe" + $nrpedir = "/etc/nrpe.d" + package { "nrpe": + ensure => installed, + } + exec { "add-nrpe-include-dir": + command => "echo 'include_dir=${nrpedir}/' >> /etc/nrpe.cfg", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + user => "root", + unless => "egrep '^include_dir=/etc/${nrpedir}/' /etc/nrpe.cfg", + require => Package["nrpe"], + notify => Service[$service], + before => File[$nrpedir], + } + } } file { "/etc/nrpe.d": ensure => directory, mode => "0644", owner => "root", - group => "root", + group => $::operatingsystem ? { + "openbsd" => "wheel", + default => "root", + }, purge => true, force => true, recurse => true, @@ -138,7 +157,10 @@ class nagios::target::nrpe inherits nagios::target { ensure => present, mode => "0644", owner => "root", - group => "root", + group => $::operatingsystem ? { + "openbsd" => "wheel", + default => "root", + }, content => "allowed_hosts=${nagios_allow}\n", require => File["/etc/nrpe.d"], notify => Service["nrpe"], @@ -148,7 +170,10 @@ class nagios::target::nrpe inherits nagios::target { ensure => present, mode => "0644", owner => "root", - group => "root", + group => $::operatingsystem ? { + "openbsd" => "wheel", + default => "root", + }, content => "command[check_disk]=${nagios::common::libdir}/check_disk -w 20% -c 10% -p /\n", require => File["/etc/nrpe.d"], notify => Service["nrpe"], @@ -162,7 +187,10 @@ class nagios::target::nrpe inherits nagios::target { ensure => present, mode => "0644", owner => "root", - group => "root", + group => $::operatingsystem ? { + "openbsd" => "wheel", + default => "root", + }, content => "command[check_load]=${nagios::common::libdir}/check_load -r -w 3,2,1 -c 6,4,2\n", require => File["/etc/nrpe.d"], notify => Service["nrpe"], @@ -176,7 +204,10 @@ class nagios::target::nrpe inherits nagios::target { ensure => present, mode => "0644", owner => "root", - group => "root", + group => $::operatingsystem ? { + "openbsd" => "wheel", + default => "root", + }, content => "command[check_swap]=${nagios::common::libdir}/check_swap -w 75% -c 50%\n", require => File["/etc/nrpe.d"], notify => Service["nrpe"], From 4e078fedd0a13d91bafd8b79235955b18733ed7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Mon, 6 May 2013 11:04:45 +0300 Subject: [PATCH 04/17] nagios: Fixed nrpe.cfg include_dir check from OpenBSD. --- nagios/manifests/target.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nagios/manifests/target.pp b/nagios/manifests/target.pp index 77cfe97..84d8418 100644 --- a/nagios/manifests/target.pp +++ b/nagios/manifests/target.pp @@ -125,7 +125,7 @@ class nagios::target::nrpe inherits nagios::target { command => "echo 'include_dir=${nrpedir}/' >> /etc/nrpe.cfg", path => "/bin:/usr/bin:/sbin:/usr/sbin", user => "root", - unless => "egrep '^include_dir=/etc/${nrpedir}/' /etc/nrpe.cfg", + unless => "egrep '^include_dir=${nrpedir}/' /etc/nrpe.cfg", require => Package["nrpe"], notify => Service[$service], before => File[$nrpedir], From 19df011191caca32dbe344eb5ce58df9a425756d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Mon, 6 May 2013 13:57:56 +0300 Subject: [PATCH 05/17] nagios: Added support for checking SSL enabled IMAP service. --- nagios/manifests/target.pp | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/nagios/manifests/target.pp b/nagios/manifests/target.pp index 84d8418..57bbb09 100644 --- a/nagios/manifests/target.pp +++ b/nagios/manifests/target.pp @@ -70,6 +70,18 @@ class nagios::target::https inherits nagios::target { } +# Configure imaps service target. +# +class nagios::target::imaps inherits nagios::target { + + @@nagios::service { "${::homename}_imaps": + command => "check_imap!--ssl -p 993", + description => "IMAPS", + } + +} + + # Configure smtp service target. # class nagios::target::smtp inherits nagios::target { From 74062b3461b1d404a1611895034eb174433722ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Mon, 6 May 2013 16:03:18 +0300 Subject: [PATCH 06/17] nagios: Moved nrpe services to nagios::target::nrpe::service define. --- nagios/manifests/target.pp | 185 +++++++++++++++++++++++-------------- 1 file changed, 114 insertions(+), 71 deletions(-) diff --git a/nagios/manifests/target.pp b/nagios/manifests/target.pp index 57bbb09..2cd146f 100644 --- a/nagios/manifests/target.pp +++ b/nagios/manifests/target.pp @@ -108,31 +108,14 @@ class nagios::target::nrpe inherits nagios::target { "centos","redhat","fedora": { $service = "nrpe" $nrpedir = "/etc/nrpe.d" - package { [ "nrpe", - "nagios-plugins-disk", - "nagios-plugins-load", - "nagios-plugins-procs", - "nagios-plugins-swap", - "nagios-plugins-users", ]: - ensure => installed, - before => [ File["/etc/nrpe.d"], Service["nrpe"] ], - } } "ubuntu","debian": { $service = "nagios-nrpe-server" $nrpedir = "/etc/nagios/nrpe.d" - package { [ "nagios-nrpe-server", - "nagios-plugins-basic", ]: - ensure => installed, - before => [ File["/etc/nrpe.d"], Service["nrpe"] ], - } } "openbsd": { $service = "nrpe" $nrpedir = "/etc/nrpe.d" - package { "nrpe": - ensure => installed, - } exec { "add-nrpe-include-dir": command => "echo 'include_dir=${nrpedir}/' >> /etc/nrpe.cfg", path => "/bin:/usr/bin:/sbin:/usr/sbin", @@ -145,6 +128,15 @@ class nagios::target::nrpe inherits nagios::target { } } + package { "nrpe": + ensure => installed, + name => $::operatingsystem ? { + "debian" => "nagios-nrpe-server", + "ubuntu" => "nagios-nrpe-server", + default => "nrpe", + } + } + file { "/etc/nrpe.d": ensure => directory, mode => "0644", @@ -178,65 +170,116 @@ class nagios::target::nrpe inherits nagios::target { notify => Service["nrpe"], } - file { "${nrpedir}/check_disk.cfg": - ensure => present, - mode => "0644", - owner => "root", - group => $::operatingsystem ? { - "openbsd" => "wheel", - default => "root", - }, - content => "command[check_disk]=${nagios::common::libdir}/check_disk -w 20% -c 10% -p /\n", - require => File["/etc/nrpe.d"], - notify => Service["nrpe"], - } - @@nagios::service { "${::homename}_disk": - command => "check_nrpe!check_disk", + nagios::target::nrpe::service { "check_disk -w 20% -c 10% -p /": description => "Disk", + package => $::operatingsystem ? { + "openbsd" => undef, + "debian" => "nagios-plugins-basic", + "ubuntu" => "nagios-plugins-basic", + default => "nagios-plugins-disk", + } } - - file { "${nrpedir}/check_load.cfg": - ensure => present, - mode => "0644", - owner => "root", - group => $::operatingsystem ? { - "openbsd" => "wheel", - default => "root", - }, - content => "command[check_load]=${nagios::common::libdir}/check_load -r -w 3,2,1 -c 6,4,2\n", - require => File["/etc/nrpe.d"], - notify => Service["nrpe"], - } - @@nagios::service { "${::homename}_load": - command => "check_nrpe!check_load", + nagios::target::nrpe::service { "check_load -r -w 3,2,1 -c 6,4,2": description => "Load", + package => $::operatingsystem ? { + "openbsd" => undef, + "debian" => "nagios-plugins-basic", + "ubuntu" => "nagios-plugins-basic", + default => "nagios-plugins-load", + } } - - file { "${nrpedir}/check_swap.cfg": - ensure => present, - mode => "0644", - owner => "root", - group => $::operatingsystem ? { - "openbsd" => "wheel", - default => "root", - }, - content => "command[check_swap]=${nagios::common::libdir}/check_swap -w 75% -c 50%\n", - require => File["/etc/nrpe.d"], - notify => Service["nrpe"], - } - @@nagios::service { "${::homename}_swap": - command => "check_nrpe!check_swap", + nagios::target::nrpe::service { "check_swap -w 75% -c 50%": description => "Swap", + package => $::operatingsystem ? { + "openbsd" => undef, + "debian" => "nagios-plugins-basic", + "ubuntu" => "nagios-plugins-basic", + default => "nagios-plugins-swap", + } } -# @@nagios::service { "${::homename}_users": -# command => "check_nrpe!check_users", -# description => "Users", -# } -# -# @@nagios::service { "${::homename}_procs": -# command => "check_nrpe!check_total_procs", -# description => "Processes", -# } - } + + +# Add new nagios nrpe service check +# +# === Parameters +# +# $name: +# Check command. +# $description: +# Service description. Defaults to command name without +# check_ prefix. +# $package: +# Package providing check command. +# $source: +# Source file for check command. +# +# === Example usage +# +# nagios::target::nrpe::service { "check_disk -w 20% -c 10% -p /": +# description => "Disk", +# package => $::operatingsystem ? { +# "openbsd" => undef, +# "debian" => "nagios-plugins-basic", +# "ubuntu" => "nagios-plugins-basic", +# default => "nagios-plugins-disk", +# } +# } +# +define nagios::target::nrpe::service($source=undef, + $description=undef, + $package=undef) { + + include nagios::target::nrpe + + $binary = regsubst($name, '^([^ ]+) .*', '\1') + $service = regsubst($binary, '^check_(.+)', '\1') + + if !$description { + $description = $service + } + + if $source { + file { "${nagios::common::libdir}/${binary}": + ensure => present, + source => $source, + mode => "0755", + owner => "root", + group => $::operatingsystem ? { + "openbsd" => "wheel", + default => "root", + }, + require => Package["nrpe"], + notify => Service["nrpe"], + } + } + + if $package and !defined(Package[$package]) { + package { $package: + ensure => present, + require => Package["nrpe"], + before => Service["nrpe"], + } + } + + file { "${nagios::target::nrpe::nrpedir}/${binary}.cfg": + ensure => present, + mode => "0644", + owner => "root", + group => $::operatingsystem ? { + "openbsd" => "wheel", + default => "root", + }, + content => "command[${binary}]=${nagios::common::libdir}/${name}\n", + require => File["/etc/nrpe.d"], + notify => Service["nrpe"], + } + + @@nagios::service { "${::homename}_${service}": + command => "check_nrpe!${binary}", + description => $description, + } + +} + From ee7fc4dc38217bf7d8fcf77ce083d491777a5b6c Mon Sep 17 00:00:00 2001 From: Ossi Salmi Date: Mon, 6 May 2013 17:08:15 +0300 Subject: [PATCH 07/17] dns: Disable IPv6 in named when host has no IPv6 address --- dns/manifests/init.pp | 35 ++++++++++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) diff --git a/dns/manifests/init.pp b/dns/manifests/init.pp index 3ec2b94..8a84b91 100644 --- a/dns/manifests/init.pp +++ b/dns/manifests/init.pp @@ -78,6 +78,39 @@ class dns::server { } } + if ! $::ipaddress6 { + $options = $::operatingsystem ? { + "debian" => "-u bind -4", + "ubuntu" => "-u bind -4", + default => "-4", + } + } else { + $options = $::operatingsystem ? { + "debian" => "-u bind", + "ubuntu" => "-u bind", + default => "", + } + } + + case $::operatingsystem { + "debian", "ubuntu": { + augeas { "set-named-default": + context => "/files/etc/default/named", + changes => [ "set OPTIONS '${options}'", + notify => Service["named"], + require => Package["bind"], + } + } + "fedora","centos","redhat": { + augeas { "set-named-sysconfig": + context => "/files/etc/sysconfi/named", + changes => [ "set OPTIONS '${options}'", + notify => Service["named"], + require => Package["bind"], + } + } + } + file { "${chroot}${rndckey}": ensure => present, mode => "0640", @@ -130,7 +163,7 @@ class dns::server { default => undef, }, start => $::operatingsystem ? { - "openbsd" => "/usr/sbin/named", + "openbsd" => "/usr/sbin/named ${options}", default => undef, }, } From 20078c82ea88e2c08004cf0d0a34a04c037a2cb6 Mon Sep 17 00:00:00 2001 From: Ossi Salmi Date: Mon, 6 May 2013 17:20:31 +0300 Subject: [PATCH 08/17] dns: Typofix --- dns/manifests/init.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dns/manifests/init.pp b/dns/manifests/init.pp index 8a84b91..6978122 100644 --- a/dns/manifests/init.pp +++ b/dns/manifests/init.pp @@ -96,7 +96,7 @@ class dns::server { "debian", "ubuntu": { augeas { "set-named-default": context => "/files/etc/default/named", - changes => [ "set OPTIONS '${options}'", + changes => "set OPTIONS '${options}'", notify => Service["named"], require => Package["bind"], } @@ -104,7 +104,7 @@ class dns::server { "fedora","centos","redhat": { augeas { "set-named-sysconfig": context => "/files/etc/sysconfi/named", - changes => [ "set OPTIONS '${options}'", + changes => "set OPTIONS '${options}'", notify => Service["named"], require => Package["bind"], } From f9e719d33e88c6fee4f528f924d31f129b7cebd4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Mon, 6 May 2013 23:40:53 +0300 Subject: [PATCH 09/17] nagios: Added parent host support to nagios::target. --- nagios/manifests/init.pp | 5 ++++- nagios/manifests/target.pp | 8 +++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/nagios/manifests/init.pp b/nagios/manifests/init.pp index 1288f1e..e5b61e4 100644 --- a/nagios/manifests/init.pp +++ b/nagios/manifests/init.pp @@ -425,9 +425,11 @@ define nagios::contact::pushover($token, $group=["all"], # Operating system name for hostextinfo. # $osicon: # Operating system icon name for hostextinfo. +# $parent: +# Parent hostname. # define nagios::host($group="NONE", $osname="NONE", $osicon="NONE", - $confdir=$nagios::common::confdir) { + $confdir=$nagios::common::confdir, $parent=undef) { file { "${confdir}/host_${name}.cfg": ensure => present, @@ -501,6 +503,7 @@ define nagios::host($group="NONE", $osname="NONE", $osicon="NONE", Nagios_Host[$name] { contact_groups => "all,${group}", hostgroups => $group, + parents => $parent, } } diff --git a/nagios/manifests/target.pp b/nagios/manifests/target.pp index 2cd146f..612ebc0 100644 --- a/nagios/manifests/target.pp +++ b/nagios/manifests/target.pp @@ -1,11 +1,16 @@ # Configure nagios target. # +# === Parameters +# +# $parent: +# Parent hostname. +# # === Global variables # # $nagios_target_group: # Host and service group name. Defaults to $domain. # -class nagios::target { +class nagios::target($parent=undef) { if $nagios_target_group { $group = $nagios_target_group @@ -24,6 +29,7 @@ class nagios::target { "" => "NONE", default => inline_template("<%= osfamily.downcase %>") }, + parent => $parent, } Nagios::Service { From 945a9f2af32c6ff47dfe4b825d2bb680d7124ab9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Tue, 7 May 2013 10:03:22 +0300 Subject: [PATCH 10/17] apache: Added support for proxy http sites. --- apache/manifests/debian.pp | 32 +++++++++++++++----------- apache/manifests/init.pp | 13 ++++++++++- apache/manifests/redhat.pp | 34 ++++++++++++++++------------ apache/templates/proxy.http.conf.erb | 10 ++++++++ 4 files changed, 61 insertions(+), 28 deletions(-) create mode 100644 apache/templates/proxy.http.conf.erb diff --git a/apache/manifests/debian.pp b/apache/manifests/debian.pp index c05721e..94a7710 100644 --- a/apache/manifests/debian.pp +++ b/apache/manifests/debian.pp @@ -100,19 +100,21 @@ define apache::debian::site($aliases, $root, $redirect) { $site_confdir = "/etc/apache2/sites-enabled/${site_fqdn}.d" if !$redirect { - if $root { - file { "/srv/www/http/${site_fqdn}": - ensure => link, - target => $root, - before => File[$site_conf], - } - } else { - file { "/srv/www/http/${site_fqdn}": - ensure => directory, - mode => "0755", - owner => root, - group => root, - before => File[$site_conf], + if !$proxy { + if $root { + file { "/srv/www/http/${site_fqdn}": + ensure => link, + target => $root, + before => File[$site_conf], + } + } else { + file { "/srv/www/http/${site_fqdn}": + ensure => directory, + mode => "0755", + owner => root, + group => root, + before => File[$site_conf], + } } } @@ -138,6 +140,10 @@ define apache::debian::site($aliases, $root, $redirect) { File[$site_conf] { content => "\n ServerName ${site_fqdn}\n Redirect permanent / ${redirect}\n\n", } + } elsif $proxy { + File[$site_conf] { + content => template("apache/proxy.http.conf.erb"), + } } else { File[$site_conf] { content => template("apache/site.http.conf.erb"), diff --git a/apache/manifests/init.pp b/apache/manifests/init.pp index 6ad497d..7bc9f6a 100644 --- a/apache/manifests/init.pp +++ b/apache/manifests/init.pp @@ -154,6 +154,8 @@ class apache::server inherits apache::common { # Path to document root. Defaults to /srv/www/http/$fqdn # $redirect: # Add redirect to given URL. +# $proxy: +# Proxy site to given URL. # # === Sample usage # @@ -163,8 +165,15 @@ class apache::server inherits apache::common { # apache::site { "www.example.com": # root => "/roles/prteam/public/public_access", # } +# apache::site { "www2.example.com": +# proxy => "http://www.example.com", +# } # -define apache::site($aliases="", $root="", $redirect="") { +define apache::site($aliases="", $root="", $redirect="", $proxy="") { + + if $redirect and $proxy { + fail("cannot define both \$redirect and \$proxy for apache::site (${name})") + } case $::operatingsystem { "debian","ubuntu": { @@ -172,6 +181,7 @@ define apache::site($aliases="", $root="", $redirect="") { aliases => $aliases, root => $root, redirect => $redirect, + proxy => $proxy, } } "centos","redhat","fedora": { @@ -179,6 +189,7 @@ define apache::site($aliases="", $root="", $redirect="") { aliases => $aliases, root => $root, redirect => $redirect, + proxy => $proxy, } } default: { diff --git a/apache/manifests/redhat.pp b/apache/manifests/redhat.pp index 11f89c7..2aefc68 100644 --- a/apache/manifests/redhat.pp +++ b/apache/manifests/redhat.pp @@ -45,7 +45,7 @@ class apache::redhat::server { } -define apache::redhat::site($aliases, $root, $redirect) { +define apache::redhat::site($aliases, $root, $redirect, $proxy) { if $name == "default" { $site_fqdn = $homename @@ -57,19 +57,21 @@ define apache::redhat::site($aliases, $root, $redirect) { $site_confdir = "/etc/httpd/site.http.d/${site_fqdn}.d" if !$redirect { - if $root { - file { "/srv/www/http/${site_fqdn}": - ensure => link, - target => $root, - before => File[$site_conf], - } - } else { - file { "/srv/www/http/${site_fqdn}": - ensure => directory, - mode => "0755", - owner => root, - group => root, - before => File[$site_conf], + if !$proxy { + if $root { + file { "/srv/www/http/${site_fqdn}": + ensure => link, + target => $root, + before => File[$site_conf], + } + } else { + file { "/srv/www/http/${site_fqdn}": + ensure => directory, + mode => "0755", + owner => root, + group => root, + before => File[$site_conf], + } } } @@ -96,6 +98,10 @@ define apache::redhat::site($aliases, $root, $redirect) { File[$site_conf] { content => "\n ServerName ${site_fqdn}\n Redirect permanent / ${redirect}\n\n", } + } elsif $proxy { + File[$site_conf] { + content => template("apache/proxy.http.conf.erb"), + } } else { File[$site_conf] { content => template("apache/site.http.conf.erb"), diff --git a/apache/templates/proxy.http.conf.erb b/apache/templates/proxy.http.conf.erb new file mode 100644 index 0000000..06b4c83 --- /dev/null +++ b/apache/templates/proxy.http.conf.erb @@ -0,0 +1,10 @@ + + ServerName <%= @site_fqdn %> +<% if @aliases != "" -%> + ServerAlias <%= @aliases %> +<% end -%> + ErrorLog /srv/www/log/http/<%= @site_fqdn %>/error_log + CustomLog /srv/www/log/http/<%= @site_fqdn %>/access_log combined + ProxyPass / <%= @proxy %>/ + ProxyPassReverse / <%= @proxy %>/ + From 9769a06eff6b55aa8543fc5db915fe7e962c7418 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Tue, 7 May 2013 12:13:46 +0300 Subject: [PATCH 11/17] Initial version of FlexLM module. Includes only client tools. --- flexlm/Makefile | 23 +++++++++++++++++++++++ flexlm/manifests/init.pp | 36 ++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 flexlm/Makefile create mode 100644 flexlm/manifests/init.pp diff --git a/flexlm/Makefile b/flexlm/Makefile new file mode 100644 index 0000000..1eebe61 --- /dev/null +++ b/flexlm/Makefile @@ -0,0 +1,23 @@ +include $(CURDIR)/../Makefile.inc + +VERSION = 11.11.1.1 +BASEURL = http://www.globes.com/products/utilities/v$(VERSION)/ + +all: manifest download +download: $(PACKAGES)/lmutil-${VERSION}.i386.Linux \ + $(PACKAGES)/lmutil-${VERSION}.x86_64.Linux +manifest: $(MANIFESTS)/flexlm.pp + +$(PACKAGES)/lmutil-$(VERSION).i386.Linux: + @umask 022 ; echo $@; \ + test -f $@ || curl $(BASEURL)/lmutil-i86_lsb-$(VERSION).tar.gz | \ + zcat | tar xf - -O > $@ + +$(PACKAGES)/lmutil-$(VERSION).x86_64.Linux: + @umask 022 ; echo $@; \ + test -f $@ || curl $(BASEURL)/lmutil-x64_lsb-$(VERSION).tar.gz | \ + zcat | tar xf - -O > $@ + +$(MANIFESTS)/flexlm.pp: download + @umask 022 ; echo $@; \ + echo '$$lmutil_package_latest = "$(VERSION)"' > $@ diff --git a/flexlm/manifests/init.pp b/flexlm/manifests/init.pp new file mode 100644 index 0000000..a8b6282 --- /dev/null +++ b/flexlm/manifests/init.pp @@ -0,0 +1,36 @@ + +# Install FlexLM license tools +# +class flexlm::client { + + file { "/usr/local/bin/lmutil": + ensure => present, + source => "puppet:///files/packages/lmutil-${lmutil_package_latest}.${::architecture}.${::kernel}", + mode => "0755", + owner => "root", + group => "root", + } + + file { [ + "/usr/local/bin/lmborrow", + "/usr/local/bin/lmcksum", + "/usr/local/bin/lmdiag", + "/usr/local/bin/lmdown", + "/usr/local/bin/lmhostid", + "/usr/local/bin/lminstall", + "/usr/local/bin/lmnewlog", + "/usr/local/bin/lmpath", + "/usr/local/bin/lmremove", + "/usr/local/bin/lmreread", + "/usr/local/bin/lmstat", + "/usr/local/bin/lmswitch", + "/usr/local/bin/lmver", + ]: + ensure => link, + target => "lmutil", + owner => "root", + group => "root", + require => File["/usr/local/bin/lmutil"], + } + +} From de46a6c4a4eb39196a2f76cb9cedd6e247ac828b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Tue, 7 May 2013 16:52:51 +0300 Subject: [PATCH 12/17] flexlm: Added support for running lmgrd servers. --- flexlm/Makefile | 19 +++++- flexlm/files/lmgrd.init | 82 ++++++++++++++++++++++++ flexlm/manifests/init.pp | 132 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 230 insertions(+), 3 deletions(-) create mode 100644 flexlm/files/lmgrd.init diff --git a/flexlm/Makefile b/flexlm/Makefile index 1eebe61..3ce3d3d 100644 --- a/flexlm/Makefile +++ b/flexlm/Makefile @@ -4,8 +4,10 @@ VERSION = 11.11.1.1 BASEURL = http://www.globes.com/products/utilities/v$(VERSION)/ all: manifest download -download: $(PACKAGES)/lmutil-${VERSION}.i386.Linux \ - $(PACKAGES)/lmutil-${VERSION}.x86_64.Linux +download: $(PACKAGES)/lmutil-$(VERSION).i386.Linux \ + $(PACKAGES)/lmgrd-$(VERSION).i386.Linux \ + $(PACKAGES)/lmutil-$(VERSION).x86_64.Linux \ + $(PACKAGES)/lmgrd-$(VERSION).x86_64.Linux manifest: $(MANIFESTS)/flexlm.pp $(PACKAGES)/lmutil-$(VERSION).i386.Linux: @@ -13,11 +15,22 @@ $(PACKAGES)/lmutil-$(VERSION).i386.Linux: test -f $@ || curl $(BASEURL)/lmutil-i86_lsb-$(VERSION).tar.gz | \ zcat | tar xf - -O > $@ +$(PACKAGES)/lmgrd-$(VERSION).i386.Linux: + @umask 022 ; echo $@; \ + test -f $@ || curl $(BASEURL)/lmgrd-i86_lsb-$(VERSION).tar.gz | \ + zcat | tar xf - -O > $@ + $(PACKAGES)/lmutil-$(VERSION).x86_64.Linux: @umask 022 ; echo $@; \ test -f $@ || curl $(BASEURL)/lmutil-x64_lsb-$(VERSION).tar.gz | \ zcat | tar xf - -O > $@ +$(PACKAGES)/lmgrd-$(VERSION).x86_64.Linux: + @umask 022 ; echo $@; \ + test -f $@ || curl $(BASEURL)/lmgrd-x64_lsb-$(VERSION).tar.gz | \ + zcat | tar xf - -O > $@ + $(MANIFESTS)/flexlm.pp: download @umask 022 ; echo $@; \ - echo '$$lmutil_package_latest = "$(VERSION)"' > $@ + echo '$$lmutil_package_latest = "$(VERSION)"' > $@ ; \ + echo '$$lmgrd_package_latest = "$(VERSION)"' >> $@ diff --git a/flexlm/files/lmgrd.init b/flexlm/files/lmgrd.init new file mode 100644 index 0000000..a177550 --- /dev/null +++ b/flexlm/files/lmgrd.init @@ -0,0 +1,82 @@ +#!/bin/bash +# +# lmgrd Starts lmgrd license daemon. +# +# chkconfig: - 99 01 +# description: Flexnet license manager daemon. + +# Source function library. +. /etc/init.d/functions + +PATH=${PATH}:/usr/local/lib/lmgrd + +# Determine license id +licid=`basename $0 | cut -d '.' -f 2-` +if [ -z ${licid} ]; then + licid=`hostname -s` +fi + +logdir="/var/log/lmgrd/${licid}" +logfile="${logdir}/lmgrd.${licid}.`date '+%Y%m%d-%H%M%S'`.log" +licfile="/etc/lmgrd/license.${licid}" +lockfile="/var/lock/lmgrd.${licid}" + +start() { + touch ${logfile} + chown licensed:root ${logfile} + chmod 640 ${logfile} + echo -n $"Starting lmgrd (${licid}): " + su - licensed -s /bin/sh -c "lmgrd -l ${logfile} -x lmdown -2 -p -c ${licfile}" + RETVAL=$? + if [ ${RETVAL} -eq 0 ]; then + lmstat -c ${licfile} > /dev/null 2>&1 + RETVAL=$? + fi + if [ ${RETVAL} -eq 0 ]; then + echo_success + touch ${lockfile} + else + echo_failure + fi + echo + return ${RETVAL} +} + +stop() { + echo -n $"Shutting down lmgrd (${licid}): " + pkill -u licensed -f "${logdir}/lmgrd.${licid}" + RETVAL=$? + if [ $RETVAL -eq 0 ]; then + echo_success + rm -f $lockfile + else + echo_failure + fi + echo + return ${RETVAL} +} + +case "$1" in + start) + start + ;; + stop) + stop + ;; + status) + lmstat -c ${licfile} + ;; + restart) + stop + start + ;; + reload) + lmreread -c ${licfile} + ;; + *) + echo $"Usage: $0 {start|stop|restart|condrestart|reload|status}" + exit 2 + ;; +esac + +exit $? diff --git a/flexlm/manifests/init.pp b/flexlm/manifests/init.pp index a8b6282..814a19d 100644 --- a/flexlm/manifests/init.pp +++ b/flexlm/manifests/init.pp @@ -34,3 +34,135 @@ class flexlm::client { } } + + +# Install common files from FlexLM license server +# +class flexlm::lmgrd::common { + + require flexlm::client + + include user::system + realize([ User["licensed"], Group["licensed"], ]) + + file { "/usr/local/sbin/lmgrd": + ensure => present, + source => "puppet:///files/packages/lmgrd-${lmgrd_package_latest}.${::architecture}.${::kernel}", + mode => "0755", + owner => "root", + group => "root", + } + + file { [ "/etc/lmgrd", "/usr/local/lib/lmgrd", "/var/log/lmgrd", ]: + ensure => directory, + mode => "0755", + owner => "root", + group => "root", + } + +} + + +# Install new instance of lmgrd +# +# === Parameters +# +# $name: +# Instance name. +# $license: +# Source path for license file. +# $vendors: +# Array containing vendor daemon names to be installed. They are +# installed under /usr/local/lib/lmgrd from: +# puppet:///files/lmgrd/$name +# +# === Sample usage +# +# flexlm::lmgrd { "matlab": +# license => "puppet:///files/lmgrd/license.matlab", +# vendors => [ "lm_matlab", ], +# } +# +define flexlm::lmgrd($license, $vendors=[]) { + + require flexlm::lmgrd::common + + if ! ($::operatingsystem in ["CentOS","RedHat"]) { + fail("flexlm::lmgrd not supported in ${::operatingsystem}") + } + + file { "/etc/lmgrd/license.${name}": + ensure => present, + source => $license, + mode => "0644", + owner => "root", + group => "root", + notify => Service["lmgrd.${name}"], + } + + file { "/var/log/lmgrd/${name}": + ensure => directory, + mode => "0750", + owner => "root", + group => "licensed", + before => Service["lmgrd.${name}"], + } + + flexlm::vendor { $vendors: } + + file { "/etc/init.d/lmgrd.${name}": + ensure => present, + source => "puppet:///modules/flexlm/lmgrd.init", + mode => "0755", + owner => "root", + group => "root", + notify => Exec["chkconfig --add lmgrd.${name}"], + } + exec { "chkconfig --add lmgrd.${name}": + user => "root", + path => "/bin:/usr/bin:/sbin:/usr/sbin", + refreshonly => true, + before => Service["lmgrd.${name}"], + } + service { "lmgrd.${name}": + ensure => running, + enable => true, + hasstatus => true, + } + +} + + +# Install vendor daemon binary +# +# === Parameters: +# +# $name: +# Vendor daemon name. +# $source: +# Source path where daemon is found. Defaults to +# puppet:///files/lmgrd/${name}. +# +# === Sample usage: +# +# flexlm::lmgrd::vendor { "lm_matlab": +# source => "puppet:///files/lmgrd/lm_matlab", +# } +# +define flexlm::lmgrd::vendor($source=undef) { + + if !$source { + $source = "puppet:///files/lmgrd/${name}" + } + + file { "/usr/local/lib/lmgrd/${name}": + ensure => present, + source => $source, + mode => "0755", + owner => "root", + group => "root", + require => File["/usr/local/lib/lmgrd"], + } + +} + From e784e03300e0c055bf64999f1146590df10d3f7a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Tue, 7 May 2013 20:52:04 +0300 Subject: [PATCH 13/17] nagios: Added TCP connect check support. --- nagios/manifests/target.pp | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/nagios/manifests/target.pp b/nagios/manifests/target.pp index 612ebc0..237e0c8 100644 --- a/nagios/manifests/target.pp +++ b/nagios/manifests/target.pp @@ -100,6 +100,42 @@ class nagios::target::smtp inherits nagios::target { } +# Configure tcp connect service target. +# +# === Parameters +# +# $name: +# Short name +# $port: +# Port where to connect +# $description: +# Description of service. Defaults to $name +# +# === Sample usage +# +# nagios::target::tcp { "git": +# port => "9418", +# description => "GIT", +# } +# +define nagios::target::tcp($port, $description=undef) { + + include nagios::target + + if ! $description { + $description = $name + } + + @@nagios::service { "${::homename}_${name}": + command => "check_tcp!${port}", + description => $description, + group => $nagios::target::group, + host => $::homename, + } + +} + + # Configure nagios nrpe target. # class nagios::target::nrpe inherits nagios::target { From 79c74e615207140272724e8ce61792bc20da59f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Tue, 7 May 2013 21:36:43 +0300 Subject: [PATCH 14/17] nagios: Added server start when hostexinfo changes. --- nagios/manifests/init.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/nagios/manifests/init.pp b/nagios/manifests/init.pp index e5b61e4..92cc6ff 100644 --- a/nagios/manifests/init.pp +++ b/nagios/manifests/init.pp @@ -467,7 +467,8 @@ define nagios::host($group="NONE", $osname="NONE", $osicon="NONE", icon_image_alt => $osname, icon_image => "${iconpath}${osicon}.png", statusmap_image => "${iconpath}${osicon}.gd2", - target => "${confdir}/hostextinfo_${name}.cfg" + target => "${confdir}/hostextinfo_${name}.cfg", + notify => Service["nagios"], } } From 0b5f9681fa46270219e3005674bfdb8462bf08dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Tue, 7 May 2013 22:19:50 +0300 Subject: [PATCH 15/17] Added function that checks if given value is array. --- util/lib/puppet/parser/functions/is_array.rb | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 util/lib/puppet/parser/functions/is_array.rb diff --git a/util/lib/puppet/parser/functions/is_array.rb b/util/lib/puppet/parser/functions/is_array.rb new file mode 100644 index 0000000..7892b1d --- /dev/null +++ b/util/lib/puppet/parser/functions/is_array.rb @@ -0,0 +1,8 @@ +module Puppet::Parser::Functions + newfunction(:is_array, :type => :rvalue) do |args| + if args.length != 1 + raise Puppet::ParseError, ("is_array(): wrong number of arguments (#{args.length}; must be 2)") + end + args[0].is_a?(Array) + end +end From 2c9a0c1b629bd8a5481101af539c29cbfeb6e58e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Tue, 7 May 2013 22:20:59 +0300 Subject: [PATCH 16/17] nagios: Added support for defining more than one parent host. --- nagios/manifests/init.pp | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/nagios/manifests/init.pp b/nagios/manifests/init.pp index 92cc6ff..cc53d95 100644 --- a/nagios/manifests/init.pp +++ b/nagios/manifests/init.pp @@ -440,9 +440,13 @@ define nagios::host($group="NONE", $osname="NONE", $osicon="NONE", require => File["/etc/nagios/conf.d"], } nagios_host { $name: - ensure => present, - use => "default", - target => "${confdir}/host_${name}.cfg" + ensure => present, + use => "default", + target => "${confdir}/host_${name}.cfg", + parents => is_array($parent) ? { + true => inline_template('<%= parent.join(",") -%>'), + false => $parent, + }, } if $osicon != "NONE" { @@ -504,7 +508,6 @@ define nagios::host($group="NONE", $osname="NONE", $osicon="NONE", Nagios_Host[$name] { contact_groups => "all,${group}", hostgroups => $group, - parents => $parent, } } From 119bfb8767f850faa6f61c7dfe1047cadd823370 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20M=E4kinen?= Date: Tue, 7 May 2013 22:23:23 +0300 Subject: [PATCH 17/17] nagios: Added nagios service restart when host info is changed. --- nagios/manifests/init.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/nagios/manifests/init.pp b/nagios/manifests/init.pp index cc53d95..2c7788d 100644 --- a/nagios/manifests/init.pp +++ b/nagios/manifests/init.pp @@ -447,6 +447,7 @@ define nagios::host($group="NONE", $osname="NONE", $osicon="NONE", true => inline_template('<%= parent.join(",") -%>'), false => $parent, }, + notify => Service["nagios"], } if $osicon != "NONE" {