414 lines
12 KiB
Puppet
414 lines
12 KiB
Puppet
|
|
# Install and configure Puppet client.
|
|
#
|
|
class puppet::client {
|
|
|
|
tag("bootstrap")
|
|
|
|
if ! $puppet_server {
|
|
$puppet_server = "puppet"
|
|
}
|
|
|
|
case $operatingsystem {
|
|
openbsd: { $vardir = "/var/puppet" }
|
|
default: { $vardir = "/var/lib/puppet" }
|
|
}
|
|
|
|
case $operatingsystem {
|
|
centos,fedora: {
|
|
package { "ruby-shadow":
|
|
ensure => installed,
|
|
}
|
|
}
|
|
ubuntu,debian: {
|
|
package { "libaugeas-ruby":
|
|
name => regsubst($rubyversion, '^([0-9]+\.[0-9]+)\..*', 'libaugeas-ruby\1'),
|
|
ensure => installed,
|
|
before => Service["puppet"],
|
|
}
|
|
}
|
|
}
|
|
|
|
file { "/etc/puppet/puppet.conf":
|
|
ensure => present,
|
|
content => template("puppet/puppet.conf.erb"),
|
|
mode => 0640,
|
|
owner => root,
|
|
group => $operatingsystem ? {
|
|
openbsd => "_puppet",
|
|
default => "puppet",
|
|
},
|
|
}
|
|
|
|
case $operatingsystem {
|
|
openbsd: {
|
|
service { "puppet":
|
|
ensure => running,
|
|
enable => true,
|
|
start => $operatingsystemrelease ? {
|
|
/4\.[1-6]/ => "/usr/local/bin/puppetd",
|
|
default => "/usr/local/sbin/puppetd",
|
|
},
|
|
restart => $operatingsystemrelease ? {
|
|
/4\.[1-6]/ => "/usr/bin/pkill -HUP -f /usr/local/bin/puppetd",
|
|
default => "/usr/bin/pkill -HUP -f /usr/local/sbin/puppetd",
|
|
},
|
|
pattern => puppetd,
|
|
subscribe => File["/etc/puppet/puppet.conf"],
|
|
}
|
|
}
|
|
debian,ubuntu: {
|
|
service { "puppet":
|
|
ensure => running,
|
|
enable => true,
|
|
restart => "/usr/bin/pkill -HUP puppetd",
|
|
subscribe => File["/etc/puppet/puppet.conf"],
|
|
}
|
|
file { "/etc/default/puppet":
|
|
ensure => present,
|
|
source => "puppet:///puppet/puppet.enabled.default",
|
|
mode => 0644,
|
|
owner => root,
|
|
group => root,
|
|
notify => Service["puppet"],
|
|
}
|
|
}
|
|
default: {
|
|
service { "puppet":
|
|
ensure => running,
|
|
enable => true,
|
|
restart => "/usr/bin/pkill -HUP puppetd",
|
|
subscribe => File["/etc/puppet/puppet.conf"],
|
|
}
|
|
}
|
|
}
|
|
|
|
file { "/usr/local/sbin/puppet-check":
|
|
ensure => present,
|
|
source => "puppet:///puppet/puppet-check",
|
|
mode => 0755,
|
|
owner => root,
|
|
group => $operatingsystem ? {
|
|
openbsd => wheel,
|
|
default => root,
|
|
},
|
|
}
|
|
cron { "puppet-check":
|
|
ensure => present,
|
|
command => "/usr/local/sbin/puppet-check",
|
|
user => root,
|
|
hour => 5,
|
|
minute => 0,
|
|
require => File["/usr/local/sbin/puppet-check"],
|
|
}
|
|
|
|
}
|
|
|
|
|
|
# Install and configure Puppet client but disable service.
|
|
#
|
|
class puppet::manual inherits puppet::client {
|
|
|
|
Service["puppet"] {
|
|
ensure => undef,
|
|
enable => false,
|
|
}
|
|
|
|
Cron["puppet-check"] {
|
|
ensure => absent,
|
|
}
|
|
|
|
case $operatingsystem {
|
|
debian,ubuntu: {
|
|
File["/etc/default/puppet"] {
|
|
source => "puppet:///puppet/puppet.disabled.default",
|
|
}
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
|
|
# Install and configure Puppet server
|
|
#
|
|
# === Global variables
|
|
#
|
|
# $puppet_listenports:
|
|
# Array containing ports that puppetmaster should listen to. Defaults to
|
|
# [ "18140", "18141", "18142", "18143", ].
|
|
#
|
|
# $puppet_storeconfigs:
|
|
# Store config type to use. Valid values are "thin", "full" and "none".
|
|
# Defaults to "thin".
|
|
#
|
|
# $puppet_report_maxage:
|
|
# Maximum age (in hours) to keep reports. Defaults to 720 hours (30 days).
|
|
#
|
|
class puppet::server inherits puppet::client {
|
|
|
|
if ! $puppet_listenports {
|
|
$puppet_listenports = [ "18140", "18141", "18142", "18143", ]
|
|
}
|
|
|
|
case $puppet_storeconfigs {
|
|
"": { $puppet_storeconfigs = "thin" }
|
|
"thin","full","none": { }
|
|
default: {
|
|
fail("Invalid value ${puppet_storeconfigs} for variable \$puppet_storeconfigs.")
|
|
}
|
|
}
|
|
|
|
package { "puppetmaster":
|
|
name => $operatingsystem ? {
|
|
debian => "puppetmaster",
|
|
ubuntu => "puppetmaster",
|
|
default => "puppet-server",
|
|
},
|
|
ensure => installed,
|
|
notify => $operatingsystem ? {
|
|
debian => Exec["stop-puppetmaster"],
|
|
ubuntu => Exec["stop-puppetmaster"],
|
|
default => undef,
|
|
},
|
|
}
|
|
|
|
exec { "stop-puppetmaster":
|
|
command => "service puppetmaster stop ; true",
|
|
path => "/bin:/usr/bin:/sbin:/usr/sbin",
|
|
refreshonly => true,
|
|
before => File["/etc/puppet/puppet.conf"],
|
|
}
|
|
|
|
include apache::sslserver
|
|
apache::configfile { "puppet.conf":
|
|
content => template("puppet/puppet-httpd.conf.erb"),
|
|
http => false,
|
|
require => Service["puppetmaster"],
|
|
}
|
|
case $operatingsystem {
|
|
debian,ubuntu: {
|
|
include apache::mod::headers
|
|
include apache::mod::proxy
|
|
include apache::mod::proxy_http
|
|
include apache::mod::proxy_balancer
|
|
}
|
|
}
|
|
|
|
include mongrel
|
|
include ldap::client::ruby
|
|
|
|
case $operatingsystem {
|
|
debian,ubuntu: {
|
|
package { [ "rails",
|
|
regsubst($rubyversion, '^([0-9]+\.[0-9]+)\..*', 'libsqlite3-ruby\1'),
|
|
regsubst($rubyversion, '^([0-9]+\.[0-9]+)\..*', 'librrd-ruby\1'), ]:
|
|
ensure => installed,
|
|
}
|
|
}
|
|
default: {
|
|
package { [ "rubygem-rails",
|
|
"rubygem-sqlite3-ruby",
|
|
"ruby-RRDtool", ]:
|
|
ensure => installed,
|
|
}
|
|
}
|
|
}
|
|
|
|
if $puppet_datadir {
|
|
file { "${puppet_datadir}":
|
|
ensure => directory,
|
|
mode => 0755,
|
|
owner => root,
|
|
group => root,
|
|
}
|
|
file { "/srv/puppet":
|
|
ensure => link,
|
|
target => "${puppet_datadir}",
|
|
require => File["${puppet_datadir}"],
|
|
}
|
|
} else {
|
|
file { "/srv/puppet":
|
|
ensure => directory,
|
|
mode => 0755,
|
|
owner => root,
|
|
group => root,
|
|
}
|
|
}
|
|
|
|
if $puppet_storeconfigs != "none" {
|
|
file { "/srv/puppet/storeconfigs":
|
|
ensure => directory,
|
|
mode => 0750,
|
|
owner => puppet,
|
|
group => puppet,
|
|
require => [ File["/srv/puppet"],
|
|
Package["puppetmaster"], ],
|
|
before => Service["puppetmaster"],
|
|
}
|
|
}
|
|
file { [ "/srv/puppet/bucket",
|
|
"/srv/puppet/reports",
|
|
"/srv/puppet/rrd", ]:
|
|
ensure => directory,
|
|
mode => 0750,
|
|
owner => puppet,
|
|
group => puppet,
|
|
require => [ File["/srv/puppet"],
|
|
Package["puppetmaster"], ],
|
|
before => Service["puppetmaster"],
|
|
}
|
|
file { [ "/srv/puppet/files",
|
|
"/srv/puppet/templates" ]:
|
|
ensure => directory,
|
|
mode => 0755,
|
|
owner => root,
|
|
group => root,
|
|
require => File["/srv/puppet"],
|
|
before => Service["puppetmaster"],
|
|
}
|
|
file { "/srv/puppet/files/common":
|
|
ensure => directory,
|
|
mode => 0755,
|
|
owner => root,
|
|
group => root,
|
|
require => File["/srv/puppet/files"],
|
|
before => Service["puppetmaster"],
|
|
}
|
|
file { "/srv/puppet/files/private":
|
|
ensure => directory,
|
|
mode => 0750,
|
|
owner => root,
|
|
group => puppet,
|
|
require => [ File["/srv/puppet/files"],
|
|
Package["puppetmaster"], ],
|
|
before => Service["puppetmaster"],
|
|
}
|
|
|
|
service { "puppetmaster":
|
|
ensure => running,
|
|
enable => true,
|
|
hasstatus => true,
|
|
require => Package["puppetmaster"],
|
|
subscribe => File["/etc/puppet/puppet.conf"],
|
|
}
|
|
|
|
File["/etc/puppet/puppet.conf"] {
|
|
content => template("puppet/puppet.conf.erb", "puppet/puppetmaster.conf.erb"),
|
|
}
|
|
|
|
file { "/etc/puppet/tagmail.conf":
|
|
ensure => present,
|
|
source => [ "puppet:///files/puppet/tagmail.conf.${fqdn}",
|
|
"puppet:///files/puppet/tagmail.conf",
|
|
"puppet:///puppet/tagmail.conf", ],
|
|
mode => 0644,
|
|
owner => root,
|
|
group => root,
|
|
require => Package["puppetmaster"],
|
|
}
|
|
|
|
file { "/etc/puppet/fileserver.conf":
|
|
ensure => present,
|
|
source => [ "puppet:///files/puppet/fileserver.conf.${fqdn}",
|
|
"puppet:///files/puppet/fileserver.conf",
|
|
"puppet:///puppet/fileserver.conf", ],
|
|
mode => 0644,
|
|
owner => root,
|
|
group => root,
|
|
require => Package["puppetmaster"],
|
|
notify => Service["puppetmaster"],
|
|
}
|
|
|
|
case $operatingsystem {
|
|
debian,ubuntu: {
|
|
file { "/etc/default/puppetmaster":
|
|
ensure => present,
|
|
content => template("puppet/puppetmaster.default.erb"),
|
|
mode => 0644,
|
|
owner => root,
|
|
group => root,
|
|
notify => Service["puppetmaster"],
|
|
}
|
|
}
|
|
default: {
|
|
file { "/etc/sysconfig/puppetmaster":
|
|
ensure => present,
|
|
content => template("puppet/puppetmaster.sysconfig.erb"),
|
|
mode => 0644,
|
|
owner => root,
|
|
group => root,
|
|
notify => Service["puppetmaster"],
|
|
}
|
|
}
|
|
}
|
|
|
|
if !$puppet_report_maxage {
|
|
$puppet_report_maxage = "720"
|
|
}
|
|
file { "/etc/cron.daily/puppet-report-cleanup":
|
|
ensure => present,
|
|
content => template("puppet/puppet-report-cleanup.erb"),
|
|
mode => 0755,
|
|
owner => root,
|
|
group => root,
|
|
require => File["/srv/puppet/reports"],
|
|
}
|
|
|
|
}
|
|
|
|
|
|
# Install and configure opencollab-puppet-uploader.
|
|
#
|
|
# === Global variables
|
|
#
|
|
# $puppet_opencollab_url:
|
|
# Wiki URL.
|
|
#
|
|
# $puppet_opencollab_user:
|
|
# Wiki user.
|
|
#
|
|
# $puppet_opencollab_pass:
|
|
# Wiki password.
|
|
#
|
|
class puppet::opencollab {
|
|
|
|
if !$puppet_opencollab_url {
|
|
fail("\$puppet_opencollab_url must be set.")
|
|
}
|
|
if !$puppet_opencollab_user {
|
|
fail("\$puppet_opencollab_user must be set.")
|
|
}
|
|
if !$puppet_opencollab_pass {
|
|
fail("\$puppet_opencollab_pass must be set.")
|
|
}
|
|
|
|
include wiki::opencollab
|
|
|
|
package { "PyYAML":
|
|
name => $operatingsystem ? {
|
|
debian => "python-yaml",
|
|
ubuntu => "python-yaml",
|
|
default => "PyYAML",
|
|
},
|
|
ensure => installed,
|
|
before => Class["wiki::opencollab"],
|
|
}
|
|
|
|
file { "/etc/puppet/opencollab.conf":
|
|
ensure => present,
|
|
mode => 0600,
|
|
owner => root,
|
|
group => root,
|
|
content => "[creds]\nurl = ${puppet_opencollab_url}\nusername = ${puppet_opencollab_user}\npassword = ${puppet_opencollab_pass}\n",
|
|
}
|
|
|
|
cron { "opencollab-puppet-uploader":
|
|
ensure => present,
|
|
command => "/usr/bin/opencollab-puppet-uploader -c /etc/puppet/opencollab.conf /var/lib/puppet/yaml/facts/*.yaml",
|
|
user => root,
|
|
minute => 0,
|
|
hour => 0,
|
|
require => [ Class["wiki::opencollab"], File["/etc/puppet/opencollab.conf"] ],
|
|
}
|
|
|
|
}
|