tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' into puppet3

Browse source
This commit is contained in:
Ossi Salmi 2013-05-08 00:28:29 +03:00
commit c8c5f097b4
12 changed files with 605 additions and 95 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
apache/manifests/debian.pp
View file

@ -100,6 +100,7 @@ define apache::debian::site($aliases, $root, $redirect) {
$site_confdir = "/etc/apache2/sites-enabled/${site_fqdn}.d"
if !$redirect {
if !$proxy {
if $root {
file { "/srv/www/http/${site_fqdn}":
ensure => link,
@ -115,6 +116,7 @@ define apache::debian::site($aliases, $root, $redirect) {
before => File[$site_conf],
}
}
}
file { "/srv/www/log/http/${site_fqdn}":
ensure => directory,
@ -138,6 +140,10 @@ define apache::debian::site($aliases, $root, $redirect) {
File[$site_conf] {
content => "<VirtualHost *:80>\n ServerName ${site_fqdn}\n Redirect permanent / ${redirect}\n</VirtualHost>\n",
}
} elsif $proxy {
File[$site_conf] {
content => template("apache/proxy.http.conf.erb"),
}
} else {
File[$site_conf] {
content => template("apache/site.http.conf.erb"),

13
apache/manifests/init.pp
View file

@ -154,6 +154,8 @@ class apache::server inherits apache::common {
# Path to document root. Defaults to /srv/www/http/$fqdn
# $redirect:
# Add redirect to given URL.
# $proxy:
# Proxy site to given URL.
#
# === Sample usage
#
@ -163,8 +165,15 @@ class apache::server inherits apache::common {
# apache::site { "www.example.com":
# root => "/roles/prteam/public/public_access",
# }
# apache::site { "www2.example.com":
# proxy => "http://www.example.com",
# }
#
define apache::site($aliases="", $root="", $redirect="") {
define apache::site($aliases="", $root="", $redirect="", $proxy="") {
if $redirect and $proxy {
fail("cannot define both \$redirect and \$proxy for apache::site (${name})")
}
case $::operatingsystem {
"debian","ubuntu": {
@ -172,6 +181,7 @@ define apache::site($aliases="", $root="", $redirect="") {
aliases => $aliases,
root => $root,
redirect => $redirect,
proxy => $proxy,
}
}
"centos","redhat","fedora": {
@ -179,6 +189,7 @@ define apache::site($aliases="", $root="", $redirect="") {
aliases => $aliases,
root => $root,
redirect => $redirect,
proxy => $proxy,
}
}
default: {

8
apache/manifests/redhat.pp
View file

@ -45,7 +45,7 @@ class apache::redhat::server {
}
define apache::redhat::site($aliases, $root, $redirect) {
define apache::redhat::site($aliases, $root, $redirect, $proxy) {
if $name == "default" {
$site_fqdn = $homename
@ -57,6 +57,7 @@ define apache::redhat::site($aliases, $root, $redirect) {
$site_confdir = "/etc/httpd/site.http.d/${site_fqdn}.d"
if !$redirect {
if !$proxy {
if $root {
file { "/srv/www/http/${site_fqdn}":
ensure => link,
@ -72,6 +73,7 @@ define apache::redhat::site($aliases, $root, $redirect) {
before => File[$site_conf],
}
}
}
file { "/srv/www/log/http/${site_fqdn}":
ensure => directory,
@ -96,6 +98,10 @@ define apache::redhat::site($aliases, $root, $redirect) {
File[$site_conf] {
content => "<VirtualHost *:80>\n ServerName ${site_fqdn}\n Redirect permanent / ${redirect}\n</VirtualHost>\n",
}
} elsif $proxy {
File[$site_conf] {
content => template("apache/proxy.http.conf.erb"),
}
} else {
File[$site_conf] {
content => template("apache/site.http.conf.erb"),

10
apache/templates/proxy.http.conf.erb Normal file
View file

@ -0,0 +1,10 @@
<VirtualHost *:80>
ServerName <%= @site_fqdn %>
<% if @aliases != "" -%>
ServerAlias <%= @aliases %>
<% end -%>
ErrorLog /srv/www/log/http/<%= @site_fqdn %>/error_log
CustomLog /srv/www/log/http/<%= @site_fqdn %>/access_log combined
ProxyPass / <%= @proxy %>/
ProxyPassReverse / <%= @proxy %>/
</VirtualHost>

35
dns/manifests/init.pp
View file

@ -78,6 +78,39 @@ class dns::server {
}
}
if ! $::ipaddress6 {
$options = $::operatingsystem ? {
"debian" => "-u bind -4",
"ubuntu" => "-u bind -4",
default => "-4",
}
} else {
$options = $::operatingsystem ? {
"debian" => "-u bind",
"ubuntu" => "-u bind",
default => "",
}
}
case $::operatingsystem {
"debian", "ubuntu": {
augeas { "set-named-default":
context => "/files/etc/default/named",
changes => "set OPTIONS '${options}'",
notify => Service["named"],
require => Package["bind"],
}
}
"fedora","centos","redhat": {
augeas { "set-named-sysconfig":
context => "/files/etc/sysconfi/named",
changes => "set OPTIONS '${options}'",
notify => Service["named"],
require => Package["bind"],
}
}
}
file { "${chroot}${rndckey}":
ensure => present,
mode => "0640",
@ -130,7 +163,7 @@ class dns::server {
default => undef,
},
start => $::operatingsystem ? {
"openbsd" => "/usr/sbin/named",
"openbsd" => "/usr/sbin/named ${options}",
default => undef,
},
}

36
flexlm/Makefile Normal file
View file

@ -0,0 +1,36 @@
include $(CURDIR)/../Makefile.inc
VERSION = 11.11.1.1
BASEURL = http://www.globes.com/products/utilities/v$(VERSION)/
all: manifest download
download: $(PACKAGES)/lmutil-$(VERSION).i386.Linux \
$(PACKAGES)/lmgrd-$(VERSION).i386.Linux \
$(PACKAGES)/lmutil-$(VERSION).x86_64.Linux \
$(PACKAGES)/lmgrd-$(VERSION).x86_64.Linux
manifest: $(MANIFESTS)/flexlm.pp
$(PACKAGES)/lmutil-$(VERSION).i386.Linux:
@umask 022 ; echo $@; \
test -f $@ || curl $(BASEURL)/lmutil-i86_lsb-$(VERSION).tar.gz | \
zcat | tar xf - -O > $@
$(PACKAGES)/lmgrd-$(VERSION).i386.Linux:
@umask 022 ; echo $@; \
test -f $@ || curl $(BASEURL)/lmgrd-i86_lsb-$(VERSION).tar.gz | \
zcat | tar xf - -O > $@
$(PACKAGES)/lmutil-$(VERSION).x86_64.Linux:
@umask 022 ; echo $@; \
test -f $@ || curl $(BASEURL)/lmutil-x64_lsb-$(VERSION).tar.gz | \
zcat | tar xf - -O > $@
$(PACKAGES)/lmgrd-$(VERSION).x86_64.Linux:
@umask 022 ; echo $@; \
test -f $@ || curl $(BASEURL)/lmgrd-x64_lsb-$(VERSION).tar.gz | \
zcat | tar xf - -O > $@
$(MANIFESTS)/flexlm.pp: download
@umask 022 ; echo $@; \
echo '$$lmutil_package_latest = "$(VERSION)"' > $@ ; \
echo '$$lmgrd_package_latest = "$(VERSION)"' >> $@

82
flexlm/files/lmgrd.init Normal file
View file

@ -0,0 +1,82 @@
#!/bin/bash
#
# lmgrd Starts lmgrd license daemon.
#
# chkconfig: - 99 01
# description: Flexnet license manager daemon.
# Source function library.
. /etc/init.d/functions
PATH=${PATH}:/usr/local/lib/lmgrd
# Determine license id
licid=`basename $0 | cut -d '.' -f 2-`
if [ -z ${licid} ]; then
licid=`hostname -s`
fi
logdir="/var/log/lmgrd/${licid}"
logfile="${logdir}/lmgrd.${licid}.`date '+%Y%m%d-%H%M%S'`.log"
licfile="/etc/lmgrd/license.${licid}"
lockfile="/var/lock/lmgrd.${licid}"
start() {
touch ${logfile}
chown licensed:root ${logfile}
chmod 640 ${logfile}
echo -n $"Starting lmgrd (${licid}): "
su - licensed -s /bin/sh -c "lmgrd -l ${logfile} -x lmdown -2 -p -c ${licfile}"
RETVAL=$?
if [ ${RETVAL} -eq 0 ]; then
lmstat -c ${licfile} > /dev/null 2>&1
RETVAL=$?
fi
if [ ${RETVAL} -eq 0 ]; then
echo_success
touch ${lockfile}
else
echo_failure
fi
echo
return ${RETVAL}
}
stop() {
echo -n $"Shutting down lmgrd (${licid}): "
pkill -u licensed -f "${logdir}/lmgrd.${licid}"
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
echo_success
rm -f $lockfile
else
echo_failure
fi
echo
return ${RETVAL}
}
case "$1" in
start)
start
;;
stop)
stop
;;
status)
lmstat -c ${licfile}
;;
restart)
stop
start
;;
reload)
lmreread -c ${licfile}
;;
*)
echo $"Usage: $0 {start|stop|restart|condrestart|reload|status}"
exit 2
;;
esac
exit $?

168
flexlm/manifests/init.pp Normal file
View file

@ -0,0 +1,168 @@
# Install FlexLM license tools
#
class flexlm::client {
file { "/usr/local/bin/lmutil":
ensure => present,
source => "puppet:///files/packages/lmutil-${lmutil_package_latest}.${::architecture}.${::kernel}",
mode => "0755",
owner => "root",
group => "root",
}
file { [
"/usr/local/bin/lmborrow",
"/usr/local/bin/lmcksum",
"/usr/local/bin/lmdiag",
"/usr/local/bin/lmdown",
"/usr/local/bin/lmhostid",
"/usr/local/bin/lminstall",
"/usr/local/bin/lmnewlog",
"/usr/local/bin/lmpath",
"/usr/local/bin/lmremove",
"/usr/local/bin/lmreread",
"/usr/local/bin/lmstat",
"/usr/local/bin/lmswitch",
"/usr/local/bin/lmver",
]:
ensure => link,
target => "lmutil",
owner => "root",
group => "root",
require => File["/usr/local/bin/lmutil"],
}
}
# Install common files from FlexLM license server
#
class flexlm::lmgrd::common {
require flexlm::client
include user::system
realize([ User["licensed"], Group["licensed"], ])
file { "/usr/local/sbin/lmgrd":
ensure => present,
source => "puppet:///files/packages/lmgrd-${lmgrd_package_latest}.${::architecture}.${::kernel}",
mode => "0755",
owner => "root",
group => "root",
}
file { [ "/etc/lmgrd", "/usr/local/lib/lmgrd", "/var/log/lmgrd", ]:
ensure => directory,
mode => "0755",
owner => "root",
group => "root",
}
}
# Install new instance of lmgrd
#
# === Parameters
#
# $name:
# Instance name.
# $license:
# Source path for license file.
# $vendors:
# Array containing vendor daemon names to be installed. They are
# installed under /usr/local/lib/lmgrd from:
# puppet:///files/lmgrd/$name
#
# === Sample usage
#
# flexlm::lmgrd { "matlab":
# license => "puppet:///files/lmgrd/license.matlab",
# vendors => [ "lm_matlab", ],
# }
#
define flexlm::lmgrd($license, $vendors=[]) {
require flexlm::lmgrd::common
if ! ($::operatingsystem in ["CentOS","RedHat"]) {
fail("flexlm::lmgrd not supported in ${::operatingsystem}")
}
file { "/etc/lmgrd/license.${name}":
ensure => present,
source => $license,
mode => "0644",
owner => "root",
group => "root",
notify => Service["lmgrd.${name}"],
}
file { "/var/log/lmgrd/${name}":
ensure => directory,
mode => "0750",
owner => "root",
group => "licensed",
before => Service["lmgrd.${name}"],
}
flexlm::vendor { $vendors: }
file { "/etc/init.d/lmgrd.${name}":
ensure => present,
source => "puppet:///modules/flexlm/lmgrd.init",
mode => "0755",
owner => "root",
group => "root",
notify => Exec["chkconfig --add lmgrd.${name}"],
}
exec { "chkconfig --add lmgrd.${name}":
user => "root",
path => "/bin:/usr/bin:/sbin:/usr/sbin",
refreshonly => true,
before => Service["lmgrd.${name}"],
}
service { "lmgrd.${name}":
ensure => running,
enable => true,
hasstatus => true,
}
}
# Install vendor daemon binary
#
# === Parameters:
#
# $name:
# Vendor daemon name.
# $source:
# Source path where daemon is found. Defaults to
# puppet:///files/lmgrd/${name}.
#
# === Sample usage:
#
# flexlm::lmgrd::vendor { "lm_matlab":
# source => "puppet:///files/lmgrd/lm_matlab",
# }
#
define flexlm::lmgrd::vendor($source=undef) {
if !$source {
$source = "puppet:///files/lmgrd/${name}"
}
file { "/usr/local/lib/lmgrd/${name}":
ensure => present,
source => $source,
mode => "0755",
owner => "root",
group => "root",
require => File["/usr/local/lib/lmgrd"],
}
}

8
mysql/templates/mysql-backup.cron.erb
View file

@ -5,6 +5,7 @@ MAXAGE="<%= @mysql_backup_maxage %>"
DATE=`date "+%Y-%m-%d"`
HOME="`getent passwd ${USER} | cut -d : -f 6`"
OPTS=""
if [ ! -d ${DESTDIR} ]; then
echo "ERR: MySQL backup directory [${DESTDIR}] does not exist" 1>&2
@ -15,6 +16,11 @@ umask 077
tmpwatch -m -f ${MAXAGE} ${DESTDIR}
mysqldump -E > /dev/null 2>&1
if [ $? -ne 2 ]; then
OPTS="${OPTS} -E"
fi
DESTDIR=${DESTDIR}/${DATE}
mkdir -p ${DESTDIR}
@ -24,5 +30,5 @@ for db in `mysql -e 'show databases' -s` ; do
continue
;;
esac
mysqldump --add-drop-table ${db} | gzip > ${DESTDIR}/${db}.${DATE}.gz
mysqldump --add-drop-table ${OPTS} ${db} | gzip > ${DESTDIR}/${db}.${DATE}.gz
done

21
nagios/manifests/init.pp
View file

@ -33,6 +33,10 @@ class nagios::common {
$cgibin = "/usr/lib/cgi-bin/nagios3"
$htdocs = "/usr/share/nagios3/htdocs"
}
"openbsd": {
# no params set as we don't support server on openbsd yet
$libdir = "/usr/local/libexec/nagios"
}
default: {
fail("Nagios not supported on ${::operatingsystem}")
}
@ -67,6 +71,9 @@ class nagios::server::manual inherits nagios::common {
target => "/etc/nagios3/stylesheets",
}
}
default: {
fail("nagios::server not supported in ${::operatingsystem}")
}
}
exec { "usermod-nagios-httpsd":
@ -418,9 +425,11 @@ define nagios::contact::pushover($token, $group=["all"],
# Operating system name for hostextinfo.
# $osicon:
# Operating system icon name for hostextinfo.
# $parent:
# Parent hostname.
#
define nagios::host($group="NONE", $osname="NONE", $osicon="NONE",
$confdir=$nagios::common::confdir) {
$confdir=$nagios::common::confdir, $parent=undef) {
file { "${confdir}/host_${name}.cfg":
ensure => present,
@ -433,7 +442,12 @@ define nagios::host($group="NONE", $osname="NONE", $osicon="NONE",
nagios_host { $name:
ensure => present,
use => "default",
target => "${confdir}/host_${name}.cfg"
target => "${confdir}/host_${name}.cfg",
parents => is_array($parent) ? {
true => inline_template('<%= parent.join(",") -%>'),
false => $parent,
},
notify => Service["nagios"],
}
if $osicon != "NONE" {
@ -458,7 +472,8 @@ define nagios::host($group="NONE", $osname="NONE", $osicon="NONE",
icon_image_alt => $osname,
icon_image => "${iconpath}${osicon}.png",
statusmap_image => "${iconpath}${osicon}.gd2",
target => "${confdir}/hostextinfo_${name}.cfg"
target => "${confdir}/hostextinfo_${name}.cfg",
notify => Service["nagios"],
}
}

245
nagios/manifests/target.pp
View file

@ -1,11 +1,16 @@
# Configure nagios target.
#
# === Parameters
#
# $parent:
# Parent hostname.
#
# === Global variables
#
# $nagios_target_group:
# Host and service group name. Defaults to $domain.
#
class nagios::target {
class nagios::target($parent=undef) {
if $nagios_target_group {
$group = $nagios_target_group
@ -24,6 +29,7 @@ class nagios::target {
"" => "NONE",
default => inline_template("<%= osfamily.downcase %>")
},
parent => $parent,
}
Nagios::Service {
@ -70,6 +76,18 @@ class nagios::target::https inherits nagios::target {
}
# Configure imaps service target.
#
class nagios::target::imaps inherits nagios::target {
@@nagios::service { "${::homename}_imaps":
command => "check_imap!--ssl -p 993",
description => "IMAPS",
}
}
# Configure smtp service target.
#
class nagios::target::smtp inherits nagios::target {
@ -82,6 +100,42 @@ class nagios::target::smtp inherits nagios::target {
}
# Configure tcp connect service target.
#
# === Parameters
#
# $name:
# Short name
# $port:
# Port where to connect
# $description:
# Description of service. Defaults to $name
#
# === Sample usage
#
# nagios::target::tcp { "git":
# port => "9418",
# description => "GIT",
# }
#
define nagios::target::tcp($port, $description=undef) {
include nagios::target
if ! $description {
$description = $name
}
@@nagios::service { "${::homename}_${name}":
command => "check_tcp!${port}",
description => $description,
group => $nagios::target::group,
host => $::homename,
}
}
# Configure nagios nrpe target.
#
class nagios::target::nrpe inherits nagios::target {
@ -96,23 +150,32 @@ class nagios::target::nrpe inherits nagios::target {
"centos","redhat","fedora": {
$service = "nrpe"
$nrpedir = "/etc/nrpe.d"
package { [ "nrpe",
"nagios-plugins-disk",
"nagios-plugins-load",
"nagios-plugins-procs",
"nagios-plugins-users", ]:
ensure => installed,
before => [ File["/etc/nrpe.d"], Service["nrpe"] ],
}
}
"ubuntu","debian": {
$service = "nagios-nrpe-server"
$nrpedir = "/etc/nagios/nrpe.d"
package { [ "nagios-nrpe-server",
"nagios-plugins-basic", ]:
ensure => installed,
before => [ File["/etc/nrpe.d"], Service["nrpe"] ],
}
"openbsd": {
$service = "nrpe"
$nrpedir = "/etc/nrpe.d"
exec { "add-nrpe-include-dir":
command => "echo 'include_dir=${nrpedir}/' >> /etc/nrpe.cfg",
path => "/bin:/usr/bin:/sbin:/usr/sbin",
user => "root",
unless => "egrep '^include_dir=${nrpedir}/' /etc/nrpe.cfg",
require => Package["nrpe"],
notify => Service[$service],
before => File[$nrpedir],
}
}
}
package { "nrpe":
ensure => installed,
name => $::operatingsystem ? {
"debian" => "nagios-nrpe-server",
"ubuntu" => "nagios-nrpe-server",
default => "nrpe",
}
}
@ -120,7 +183,10 @@ class nagios::target::nrpe inherits nagios::target {
ensure => directory,
mode => "0644",
owner => "root",
group => "root",
group => $::operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
purge => true,
force => true,
recurse => true,
@ -137,62 +203,125 @@ class nagios::target::nrpe inherits nagios::target {
ensure => present,
mode => "0644",
owner => "root",
group => "root",
group => $::operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
content => "allowed_hosts=${nagios_allow}\n",
require => File["/etc/nrpe.d"],
notify => Service["nrpe"],
}
file { "${nrpedir}/check_disk.cfg":
ensure => present,
mode => "0644",
owner => "root",
group => "root",
content => "command[check_disk]=${nagios::common::libdir}/check_disk -w 20% -c 10% -p /\n",
require => File["/etc/nrpe.d"],
notify => Service["nrpe"],
}
@@nagios::service { "${::homename}_disk":
command => "check_nrpe!check_disk",
nagios::target::nrpe::service { "check_disk -w 20% -c 10% -p /":
description => "Disk",
package => $::operatingsystem ? {
"openbsd" => undef,
"debian" => "nagios-plugins-basic",
"ubuntu" => "nagios-plugins-basic",
default => "nagios-plugins-disk",
}
file { "${nrpedir}/check_load.cfg":
ensure => present,
mode => "0644",
owner => "root",
group => "root",
content => "command[check_load]=${nagios::common::libdir}/check_load -r -w 3,2,1 -c 6,4,2\n",
require => File["/etc/nrpe.d"],
notify => Service["nrpe"],
}
@@nagios::service { "${::homename}_load":
command => "check_nrpe!check_load",
nagios::target::nrpe::service { "check_load -r -w 3,2,1 -c 6,4,2":
description => "Load",
package => $::operatingsystem ? {
"openbsd" => undef,
"debian" => "nagios-plugins-basic",
"ubuntu" => "nagios-plugins-basic",
default => "nagios-plugins-load",
}
file { "${nrpedir}/check_swap.cfg":
ensure => present,
mode => "0644",
owner => "root",
group => "root",
content => "command[check_swap]=${nagios::common::libdir}/check_swap -w 75% -c 50%\n",
require => File["/etc/nrpe.d"],
notify => Service["nrpe"],
}
@@nagios::service { "${::homename}_swap":
command => "check_nrpe!check_swap",
nagios::target::nrpe::service { "check_swap -w 75% -c 50%":
description => "Swap",
package => $::operatingsystem ? {
"openbsd" => undef,
"debian" => "nagios-plugins-basic",
"ubuntu" => "nagios-plugins-basic",
default => "nagios-plugins-swap",
}
}
# @@nagios::service { "${::homename}_users":
# command => "check_nrpe!check_users",
# description => "Users",
# }
#
# @@nagios::service { "${::homename}_procs":
# command => "check_nrpe!check_total_procs",
# description => "Processes",
# }
}
# Add new nagios nrpe service check
#
# === Parameters
#
# $name:
# Check command.
# $description:
# Service description. Defaults to command name without
# check_ prefix.
# $package:
# Package providing check command.
# $source:
# Source file for check command.
#
# === Example usage
#
# nagios::target::nrpe::service { "check_disk -w 20% -c 10% -p /":
# description => "Disk",
# package => $::operatingsystem ? {
# "openbsd" => undef,
# "debian" => "nagios-plugins-basic",
# "ubuntu" => "nagios-plugins-basic",
# default => "nagios-plugins-disk",
# }
# }
#
define nagios::target::nrpe::service($source=undef,
$description=undef,
$package=undef) {
include nagios::target::nrpe
$binary = regsubst($name, '^([^ ]+) .*', '\1')
$service = regsubst($binary, '^check_(.+)', '\1')
if !$description {
$description = $service
}
if $source {
file { "${nagios::common::libdir}/${binary}":
ensure => present,
source => $source,
mode => "0755",
owner => "root",
group => $::operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
require => Package["nrpe"],
notify => Service["nrpe"],
}
}
if $package and !defined(Package[$package]) {
package { $package:
ensure => present,
require => Package["nrpe"],
before => Service["nrpe"],
}
}
file { "${nagios::target::nrpe::nrpedir}/${binary}.cfg":
ensure => present,
mode => "0644",
owner => "root",
group => $::operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
content => "command[${binary}]=${nagios::common::libdir}/${name}\n",
require => File["/etc/nrpe.d"],
notify => Service["nrpe"],
}
@@nagios::service { "${::homename}_${service}":
command => "check_nrpe!${binary}",
description => $description,
}
}

8
util/lib/puppet/parser/functions/is_array.rb Normal file
View file

@ -0,0 +1,8 @@
module Puppet::Parser::Functions
newfunction(:is_array, :type => :rvalue) do |args|
if args.length != 1
raise Puppet::ParseError, ("is_array(): wrong number of arguments (#{args.length}; must be 2)")
end
args[0].is_a?(Array)
end
end