tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
puppet/puppet/manifests/init.pp
Ossi Salmi bf79f517ba Revert "Support for dns aliases, dynamic creation of zone files (dependent" 
This reverts commit b470ceb9b6.
2012-03-07 15:46:28 +02:00

576 lines
16 KiB
Puppet
Raw Blame History

# Install and configure Puppet client.
#
class puppet::client {
tag("bootstrap")
if ! $puppet_server {
$puppet_server = "puppet"
}
if ! $puppet_keylength {
$puppet_keylength = "2048"
}
case $operatingsystem {
openbsd: { $vardir = "/var/puppet" }
default: { $vardir = "/var/lib/puppet" }
}
case $operatingsystem {
centos,fedora: {
package { "ruby-shadow":
ensure => installed,
}
}
ubuntu,debian: {
package { "libaugeas-ruby":
name => regsubst($rubyversion, '^([0-9]+\.[0-9]+)\..*', 'libaugeas-ruby\1'),
ensure => installed,
before => Service["puppet"],
}
}
}
file { "/etc/puppet/puppet.conf":
ensure => present,
content => template("puppet/puppet.conf.erb"),
mode => 0640,
owner => root,
group => $operatingsystem ? {
openbsd => "_puppet",
default => "puppet",
},
}
case $operatingsystem {
openbsd: {
service { "puppet":
name => $operatingsystemrelease ? {
/4\.[1-8]/ => "puppet",
default => "puppetd",
},
ensure => running,
enable => true,
start => "/usr/local/sbin/puppetd",
stop => "pkill -f /usr/local/sbin/puppetd",
status => "pgrep -f /usr/local/sbin/puppetd",
restart => "pkill -HUP -f /usr/local/sbin/puppetd",
subscribe => File["/etc/puppet/puppet.conf"],
}
}
debian,ubuntu: {
service { "puppet":
ensure => running,
enable => true,
restart => "/usr/bin/pkill -HUP puppetd",
subscribe => File["/etc/puppet/puppet.conf"],
}
file { "/etc/default/puppet":
ensure => present,
source => "puppet:///modules/puppet/puppet.enabled.default",
mode => 0644,
owner => root,
group => root,
notify => Service["puppet"],
}
}
default: {
service { "puppet":
ensure => running,
enable => true,
restart => "/usr/bin/pkill -HUP puppetd",
subscribe => File["/etc/puppet/puppet.conf"],
}
}
}
file { "/usr/local/sbin/puppet-check":
ensure => present,
source => "puppet:///modules/puppet/puppet-check",
mode => 0755,
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
default => root,
},
}
cron { "puppet-check":
ensure => present,
environment => $operatingsystem ? {
openbsd => "PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin",
default => undef,
},
command => "/usr/local/sbin/puppet-check",
user => root,
hour => 5,
minute => fqdn_rand(60),
require => File["/usr/local/sbin/puppet-check"],
}
}
# Install and configure Puppet client but disable service.
#
class puppet::manual inherits puppet::client {
Service["puppet"] {
ensure => undef,
enable => false,
subscribe => undef,
}
Cron["puppet-check"] {
ensure => absent,
}
case $operatingsystem {
debian,ubuntu: {
File["/etc/default/puppet"] {
source => "puppet:///modules/puppet/puppet.disabled.default",
}
}
}
}
class puppet::server {
fail("puppet::server class is deprecated, use puppet::server::mongrel or puppet::server::apache instead")
}
# Common configuration for all puppet server types.
#
# === Global variables
#
# $puppet_storeconfigs:
# Store config type to use. Valid values are "thin", "full" and "none".
# Defaults to "thin".
#
# $puppet_report_maxage:
# Maximum age (in hours) to keep reports. Defaults to 720 hours (30 days).
#
class puppet::server::common inherits puppet::client {
case $operatingsystem {
"openbsd": {
$user = "_puppet"
$group = "_puppet"
}
default: {
$user = "puppet"
$group = "puppet"
}
}
case $puppet_storeconfigs {
"": { $puppet_storeconfigs = "thin" }
"thin","full","none": { }
default: {
fail("Invalid value ${puppet_storeconfigs} for variable \$puppet_storeconfigs.")
}
}
package { "puppetmaster":
name => $operatingsystem ? {
debian => "puppetmaster",
ubuntu => "puppetmaster",
openbsd => "ruby-puppet",
default => "puppet-server",
},
ensure => installed,
notify => $operatingsystem ? {
debian => Exec["stop-puppetmaster"],
ubuntu => Exec["stop-puppetmaster"],
default => undef,
},
before => File["/etc/puppet/puppet.conf"],
}
case $operatingsystem {
"debian","ubuntu": {
exec { "stop-puppetmaster":
command => "pkill -u puppet ; true",
path => "/bin:/usr/bin:/sbin:/usr/sbin",
refreshonly => true,
before => File["/etc/default/puppetmaster"],
}
}
}
if $puppet_storeconfigs != "none" {
case $operatingsystem {
"centos": {
if $operatingsystemrelease =~ /^[1-5]/ {
package { [ "rubygem-rails",
"rubygem-sqlite3-ruby", ]:
ensure => installed,
}
}
}
"debian","ubuntu": {
package { [ "rails",
regsubst($rubyversion, '^([0-9]+\.[0-9]+)\..*', 'libsqlite3-ruby\1'), ]:
ensure => installed,
}
}
"openbsd": {
package { [ "ruby-rails",
"ruby-sqlite3", ]:
ensure => installed,
}
}
default: {
package { [ "rubygem-rails",
"rubygem-sqlite3-ruby", ]:
ensure => installed,
}
}
}
}
package { "ruby-rrd":
name => $operatingsystem ? {
centos => $operatingsystemrelease ? {
/^[1-5]/ => "ruby-RRDtool",
default => "rrdtool-ruby",
},
debian => regsubst($rubyversion, '^([0-9]+\.[0-9]+)\..*', 'librrd-ruby\1'),
ubuntu => regsubst($rubyversion, '^([0-9]+\.[0-9]+)\..*', 'librrd-ruby\1'),
openbsd => "ruby-rrd",
default => "ruby-RRDtool",
},
ensure => installed,
}
if $puppet_datadir {
file { "${puppet_datadir}":
ensure => directory,
mode => 0755,
owner => root,
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
seltype => "var_lib_t",
require => Package["puppetmaster"],
}
file { "/srv/puppet":
ensure => link,
target => "${puppet_datadir}",
seltype => "var_lib_t",
require => File["${puppet_datadir}"],
}
} else {
file { "/srv/puppet":
ensure => directory,
mode => 0755,
owner => root,
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
seltype => "var_lib_t",
require => Package["puppetmaster"],
}
}
if "${selinux}" == "true" {
selinux::manage_fcontext { "/srv/puppet(/.*)?":
type => "var_lib_t",
before => File["/srv/puppet"]
}
if $puppet_datadir {
selinux::manage_fcontext { "${puppet_datadir}(/.*)?":
type => "var_lib_t",
before => File[$puppet_datadir],
}
}
}
if $puppet_storeconfigs != "none" {
file { "/srv/puppet/storeconfigs":
ensure => directory,
mode => 0750,
owner => $user,
group => $group,
seltype => "var_lib_t",
require => File["/srv/puppet"],
}
}
file { [ "/srv/puppet/bucket",
"/srv/puppet/reports",
"/srv/puppet/rrd", ]:
ensure => directory,
mode => 0750,
owner => $user,
group => $group,
seltype => "var_lib_t",
require => File["/srv/puppet"],
}
file { [ "/srv/puppet/files",
"/srv/puppet/templates" ]:
ensure => directory,
mode => 0755,
owner => root,
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
seltype => "var_lib_t",
require => File["/srv/puppet"],
}
file { "/srv/puppet/files/common":
ensure => directory,
mode => 0755,
owner => root,
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
seltype => "var_lib_t",
require => File["/srv/puppet/files"],
}
file { "/srv/puppet/files/private":
ensure => directory,
mode => 0750,
owner => root,
group => $group,
seltype => "var_lib_t",
require => File["/srv/puppet/files"],
}
File["/etc/puppet/puppet.conf"] {
content => template("puppet/puppet.conf.erb", "puppet/puppetmaster.conf.erb"),
}
file { "/etc/puppet/tagmail.conf":
ensure => present,
source => [ "puppet:///files/puppet/tagmail.conf.${fqdn}",
"puppet:///files/puppet/tagmail.conf",
"puppet:///modules/puppet/tagmail.conf", ],
mode => 0644,
owner => root,
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
require => Package["puppetmaster"],
}
file { "/etc/puppet/fileserver.conf":
ensure => present,
source => [ "puppet:///files/puppet/fileserver.conf.${fqdn}",
"puppet:///files/puppet/fileserver.conf",
"puppet:///modules/puppet/fileserver.conf", ],
mode => 0644,
owner => root,
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
require => Package["puppetmaster"],
}
if $operatingsystem != "OpenBSD" {
if !$puppet_report_maxage {
$puppet_report_maxage = "720"
}
file { "/etc/cron.daily/puppet-report-cleanup":
ensure => present,
content => template("puppet/puppet-report-cleanup.erb"),
mode => 0755,
owner => root,
group => root,
require => File["/srv/puppet/reports"],
}
}
if $puppet_storeconfigs != "none" {
file { "/usr/local/sbin/puppet-clean-storeconfigs":
ensure => present,
source => "puppet:///modules/puppet/puppet-clean-storeconfigs",
mode => 0755,
owner => "root",
group => $operatingsystem ? {
openbsd => "wheel",
default => "root",
},
}
}
}
# Install and configure Puppet server using mongrel.
#
# === Global variables
#
# $puppet_listenports:
# Array containing ports that puppetmaster should listen to. Defaults to
# [ "18140", "18141", "18142", "18143", ].
#
class puppet::server::mongrel {
require puppet::server::common
if ! $puppet_listenports {
$puppet_listenports = [ "18140", "18141", "18142", "18143", ]
}
include ldap::client::ruby
service { "puppetmaster":
ensure => running,
enable => true,
hasstatus => true,
subscribe => File["/etc/puppet/fileserver.conf",
"/etc/puppet/puppet.conf"],
}
if $operatingsystem == "CentOS" and $operatingsystemrelease !~ /^[1-5]/ {
Service["puppetmaster"] {
require => Package["puppetmaster"]
}
} else {
include ::mongrel
Service["puppetmaster"] {
require => Package["puppetmaster", "mongrel"]
}
}
case $operatingsystem {
debian,ubuntu: {
file { "/etc/default/puppetmaster":
ensure => present,
content => template("puppet/puppetmaster.default.erb"),
mode => 0644,
owner => root,
group => root,
notify => Service["puppetmaster"],
}
}
default: {
file { "/etc/sysconfig/puppetmaster":
ensure => present,
content => template("puppet/puppetmaster.sysconfig.erb"),
mode => 0644,
owner => root,
group => root,
notify => Service["puppetmaster"],
}
}
}
}
# Install and configure Puppet server using apache as proxy server.
#
class puppet::server::apache {
require puppet::server::mongrel
include apache::sslserver
apache::configfile { "puppet.conf":
content => template("puppet/puppet-httpd.conf.erb"),
http => false,
}
case $operatingsystem {
debian,ubuntu: {
include apache::mod::headers
include apache::mod::proxy
include apache::mod::proxy_http
include apache::mod::proxy_balancer
}
}
}
# Install and configure Puppet server using nginx and passenger.
#
class puppet::server::nginx::passenger {
require puppet::server::common
include ::nginx::passenger
nginx::configfile { "puppet.conf":
content => template("puppet/puppet-passenger.conf.erb"),
}
}
# Install and configure opencollab-puppet-uploader.
#
# === Global variables
#
# $puppet_opencollab_url:
# Wiki URL.
#
# $puppet_opencollab_user:
# Wiki user.
#
# $puppet_opencollab_pass:
# Wiki password.
#
# $puppet_opencollab_options:
# Extra options for opencollab-puppet-uploader.
#
class puppet::opencollab {
if !$puppet_opencollab_url {
fail("\$puppet_opencollab_url must be set.")
}
if !$puppet_opencollab_user {
fail("\$puppet_opencollab_user must be set.")
}
if !$puppet_opencollab_pass {
fail("\$puppet_opencollab_pass must be set.")
}
include wiki::opencollab
package { "PyYAML":
name => $operatingsystem ? {
debian => "python-yaml",
ubuntu => "python-yaml",
default => "PyYAML",
},
ensure => installed,
before => Class["wiki::opencollab"],
}
file { "/etc/puppet/opencollab.conf":
ensure => present,
mode => 0600,
owner => root,
group => root,
content => "[creds]\nurl = ${puppet_opencollab_url}\nusername = ${puppet_opencollab_user}\npassword = ${puppet_opencollab_pass}\n",
}
case $operatingsystem {
ubuntu: { $script = "/usr/local/bin/opencollab-puppet-uploader" }
default: { $script = "/usr/bin/opencollab-puppet-uploader" }
}
if $puppet_opencollab_options {
$script_options = "-c /etc/puppet/opencollab.conf ${puppet_opencollab_options}"
} else {
$script_options = "-c /etc/puppet/opencollab.conf"
}
cron { "opencollab-puppet-uploader":
ensure => present,
command => "${script} ${script_options} /var/lib/puppet/yaml/facts/*.yaml",
user => root,
minute => 0,
hour => 0,
require => [ Class["wiki::opencollab"], File["/etc/puppet/opencollab.conf"] ],
}
}
Reference in a new issue View git blame Copy permalink