aboutsummaryrefslogtreecommitdiff
path: root/puppet/manifests
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/manifests')
-rw-r--r--puppet/manifests/bootstrap/configurator.pp208
-rw-r--r--puppet/manifests/bootstrap/host.pp24
-rw-r--r--puppet/manifests/bootstrap/master.pp12
-rw-r--r--puppet/manifests/bootstrap/vagrant.pp49
-rw-r--r--puppet/manifests/classes/users.pp33
-rw-r--r--puppet/manifests/classes/websites.pp42
l---------puppet/manifests/hiera1
-rw-r--r--puppet/manifests/modules.pp6
-rw-r--r--puppet/manifests/nodes.pp5
-rw-r--r--puppet/manifests/nodes/.empty0
-rw-r--r--puppet/manifests/site.pp8
11 files changed, 388 insertions, 0 deletions
diff --git a/puppet/manifests/bootstrap/configurator.pp b/puppet/manifests/bootstrap/configurator.pp
new file mode 100644
index 0000000..d93a0ce
--- /dev/null
+++ b/puppet/manifests/bootstrap/configurator.pp
@@ -0,0 +1,208 @@
+#
+# Puppet Bootstrap Configuration Manifest.
+#
+# This file is responsible to set custom configuration in the bootstrap
+# repository for values set in the hiera configuration.
+#
+# This manifest is useful mostly after you cloned the puppet-boostrap module
+# and want to configure it to boostrap a whole puppetmaster infrastructure.
+#
+
+#
+# Basic variables
+#
+$templates = "$bootstrap_path/templates"
+$base_domain = hiera('bootstrap::base_domain', "${::domain}")
+$first_hostname = hiera('bootstrap::first_hostname', "${::hostname}")
+$first_nodes = hiera('bootstrap::first_nodes', 'absent')
+$db_password = hiera('nodo::role::master::db_password', '')
+$mysql_rootpw = hiera('mysql::server::rootpw', '')
+$root_password = hiera('bootstrap::root::password', '')
+$first_user = hiera('bootstrap::first_user', 'user')
+$first_user_password = hiera('bootstrap::first_user::password', '')
+$first_user_sshkey = hiera('bootstrap::first_user::sshkey', '')
+$first_user_email = hiera('bootstrap::first_user::email', 'user@example.org')
+$resolvconf_nameservers = hiera('nodo::subsystem::resolver::nameservers', '201.6.2.152:201.6.2.32')
+$global_munin_allow = hiera('nodo::munin_node::allow', '192.168.0.[0-9]*')
+
+#
+# Check bootstrap configuration
+#
+
+if ($mysql_rootpw == '') {
+ alert('You must set mysql::server::rootpw at your configuration')
+ fail()
+}
+
+if ($db_password == '') {
+ alert('You must set nodo::role::master::db_password at your configuration')
+ fail()
+}
+
+if ($root_password == '') {
+ alert('You must set bootstrap::root::password at your configuration')
+ fail()
+}
+
+if ($first_user_password == '') {
+ alert('You must set bootstrap::first_user::password at your configuration')
+ fail()
+}
+
+#
+# Puppet configuration
+#
+file { "$bootstrap_path/puppet.conf":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/puppet/puppet.conf.erb"),
+}
+
+# Fileserver configuration
+file { "$bootstrap_path/fileserver.conf":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/puppet/fileserver.conf.erb"),
+}
+
+file { "$bootstrap_path/auth.conf":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/puppet/auth.conf.erb"),
+}
+
+#
+# Basic users
+#
+file { "$bootstrap_path/manifests/classes/users.pp":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/puppet/users.pp.erb"),
+}
+
+#
+# Site files
+#
+
+file { "$bootstrap_path/modules/site_apache/files/htdocs/images/README.html":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/apache/htdocs/images/README.html.erb"),
+}
+
+file { "$bootstrap_path/modules/site_apache/files/htdocs/index.html":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/apache/htdocs/index.html.erb"),
+}
+
+file { "$bootstrap_path/modules/site_apache/files/htdocs/missing.html":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/apache/htdocs/missing.html.erb"),
+}
+
+file { "$bootstrap_path/modules/site_apache/files/vhosts/git":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/apache/vhosts/git.erb"),
+}
+
+file { "$bootstrap_path/modules/site_apache/files/vhosts/lists":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/apache/vhosts/lists.erb"),
+}
+
+file { "$bootstrap_path/modules/site_apache/files/vhosts/mail":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/apache/vhosts/mail.erb"),
+}
+
+file { "$bootstrap_path/modules/site_apache/files/vhosts/nagios":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/apache/vhosts/nagios.erb"),
+}
+
+file { "$bootstrap_path/modules/site_apache/files/vhosts/wiki":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/apache/vhosts/wiki.erb"),
+}
+
+file { "$bootstrap_path/modules/site_mail/files/aliases":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/etc/aliases.erb"),
+}
+
+file { "$bootstrap_path/modules/site_nagios/files/htpasswd.users":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/etc/nagios3/htpasswd.users.erb"),
+}
+
+file { "$bootstrap_path/modules/site_nginx/files/$domain":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/etc/nginx/domain.erb"),
+}
+
+file { "$bootstrap_path/modules/site_postfix/files/tls_policy":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/postfix/tls_policy.erb"),
+}
+
+#
+# Basic nodes
+#
+file { "$bootstrap_path/manifests/nodes.pp":
+ ensure => present,
+ mode => 0644,
+ content => template("$templates/puppet/nodes.pp.erb"),
+}
+
+# First host
+file { "$bootstrap_path/manifests/nodes/$first_hostname.pp":
+ ensure => $first_nodes,
+ mode => 0644,
+ content => template("$templates/puppet/server.pp.erb"),
+}
+
+# Master node
+file { "$bootstrap_path/manifests/nodes/$first_hostname-master.pp":
+ ensure => $first_nodes,
+ mode => 0644,
+ content => template("$templates/puppet/master.pp.erb"),
+}
+
+# Proxy node
+file { "$bootstrap_path/manifests/nodes/$first_hostname-proxy.pp":
+ ensure => $first_nodes,
+ mode => 0644,
+ content => template("$templates/puppet/proxy.pp.erb"),
+}
+
+# Web node
+file { "$bootstrap_path/manifests/nodes/$first_hostname-web.pp":
+ ensure => $first_nodes,
+ mode => 0644,
+ content => template("$templates/puppet/web.pp.erb"),
+}
+
+# Storage node
+file { "$bootstrap_path/manifests/nodes/$first_hostname-storage.pp":
+ ensure => $first_nodes,
+ mode => 0644,
+ content => template("$templates/puppet/storage.pp.erb"),
+}
+
+# Test node
+file { "$bootstrap_path/manifests/nodes/$first_hostname-test.pp":
+ ensure => $first_nodes,
+ mode => 0644,
+ content => template("$templates/puppet/test.pp.erb"),
+}
diff --git a/puppet/manifests/bootstrap/host.pp b/puppet/manifests/bootstrap/host.pp
new file mode 100644
index 0000000..c1aead8
--- /dev/null
+++ b/puppet/manifests/bootstrap/host.pp
@@ -0,0 +1,24 @@
+#
+# This manifest is intended to configure the initial
+# machine wich will host the first puppetmaster
+# virtual machine.
+#
+
+# Import site configuration
+import "../site.pp"
+
+# The server role
+include nodo::role::server
+
+# Creates vserver for administrative node
+nodo::vserver::instance { "$hostname-master":
+ context => '2',
+ puppetmaster => true,
+}
+
+# Create a host entry for this puppet node
+host { "puppet":
+ ensure => present,
+ ip => "192.168.0.2",
+ host_aliases => [ "puppet.$domain", "admin" ],
+}
diff --git a/puppet/manifests/bootstrap/master.pp b/puppet/manifests/bootstrap/master.pp
new file mode 100644
index 0000000..51167f3
--- /dev/null
+++ b/puppet/manifests/bootstrap/master.pp
@@ -0,0 +1,12 @@
+#
+# This manifest is intended to configure the initial
+# puppetmaster node.
+#
+# Once it's running it can setup all the other nodes.
+#
+
+# Import site configuration
+import "../site.pp"
+
+# Include the master node configuration
+include nodo::role::master
diff --git a/puppet/manifests/bootstrap/vagrant.pp b/puppet/manifests/bootstrap/vagrant.pp
new file mode 100644
index 0000000..9206db6
--- /dev/null
+++ b/puppet/manifests/bootstrap/vagrant.pp
@@ -0,0 +1,49 @@
+#
+# This manifest is intended to configure a vagrant
+# virtual machine.
+#
+
+# Import site configuration
+import "../site.pp"
+
+#
+# Stage definitions
+#
+
+stage { 'first':
+ before => Stage['main'],
+}
+
+stage { 'last': }
+Stage['main'] -> Stage['last']
+
+#
+# Class definitions
+#
+
+# Vagrant classes
+include nodo::role::vagrant
+
+class vagrant_config {
+ # Symlink to the mounted module folder
+ file { '/etc/puppet/modules':
+ ensure => '/etc/puppet/modules-0',
+ force => true,
+ }
+
+ # Ensure a custom hiera configuration
+ file { '/etc/puppet/hiera.yaml':
+ owner => root,
+ group => root,
+ mode => 0644,
+ force => true,
+ ensure => '/etc/puppet/hiera/hiera.yaml',
+ }
+}
+
+#
+# Class instantiations
+#
+class { 'vagrant_config':
+ stage => first,
+}
diff --git a/puppet/manifests/classes/users.pp b/puppet/manifests/classes/users.pp
new file mode 100644
index 0000000..7ebc9a8
--- /dev/null
+++ b/puppet/manifests/classes/users.pp
@@ -0,0 +1,33 @@
+class users::virtual inherits user {
+ # define custom users here
+}
+
+class users::backup inherits user {
+ # define third-party hosted backup users here
+}
+
+class users::admin inherits user {
+
+ # Reprepro group needed for web nodes
+ #if !defined(Group["reprepro"]) {
+ # group { "reprepro":
+ # ensure => present,
+ # }
+ #}
+
+ # root user and password (default 'vagrant' passphrase)
+ user::manage { "root":
+ tag => "admin",
+ homedir => '/root',
+ password => '$5$aosRByu9U0$Cc7l2vpjV4sRLlao2JmG0lxOnD2crNLU7gZfn2eayu.',
+ }
+
+ # first user config (default 'vagrant' passphrase and pubkey)
+ user::manage { "vagrant":
+ tag => "admin",
+ groups => [ "sudo", ],
+ password => '$5$NCuDu81a$iHr7tZiGX0tKooq6N0bEwE7QDhRqfI9/yyD7WU1GiFB',
+ sshkey => [ "AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ==" ],
+ }
+
+}
diff --git a/puppet/manifests/classes/websites.pp b/puppet/manifests/classes/websites.pp
new file mode 100644
index 0000000..35f27c6
--- /dev/null
+++ b/puppet/manifests/classes/websites.pp
@@ -0,0 +1,42 @@
+class websites::admin inherits websites::hosting::admin {
+ # An administrative Trac instance
+ #apache::site { "admin":
+ # docroot => "${apache::sites_folder}/admin/trac/htdocs",
+ # use => [ "Trac admin" ],
+ # redirect_match => "trac",
+ # mpm => false,
+ # tag => 'all',
+ #}
+
+ apache::site { "munin":
+ docroot => '/var/www/munin',
+ owner => "munin",
+ group => "munin",
+ mpm => false,
+ tag => 'all',
+ }
+
+ apache::site { "nagios":
+ source => true,
+ docroot => '/usr/share/nagios3/htdocs',
+ mpm => false,
+ tag => 'all',
+ }
+}
+
+class websites inherits websites::hosting {
+ # Website definitions: always use tagged resources
+
+ #apache::site { "site":
+ # source => true,
+ # ticket => '001',
+ # docroot => '/var/www/site',
+ # tag => 'all',
+ #}
+
+ #database::instance { "site":
+ # password => 'xxx',
+ # tag => 'all',
+ #}
+
+}
diff --git a/puppet/manifests/hiera b/puppet/manifests/hiera
new file mode 120000
index 0000000..ba8aae1
--- /dev/null
+++ b/puppet/manifests/hiera
@@ -0,0 +1 @@
+../hiera \ No newline at end of file
diff --git a/puppet/manifests/modules.pp b/puppet/manifests/modules.pp
new file mode 100644
index 0000000..3df3fe3
--- /dev/null
+++ b/puppet/manifests/modules.pp
@@ -0,0 +1,6 @@
+#
+# Module definitions.
+#
+
+# Nodo automatically import all modules we need.
+import "nodo"
diff --git a/puppet/manifests/nodes.pp b/puppet/manifests/nodes.pp
new file mode 100644
index 0000000..b90f04e
--- /dev/null
+++ b/puppet/manifests/nodes.pp
@@ -0,0 +1,5 @@
+#
+# Node definitions.
+#
+
+#import "nodes/example.pp"
diff --git a/puppet/manifests/nodes/.empty b/puppet/manifests/nodes/.empty
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/puppet/manifests/nodes/.empty
diff --git a/puppet/manifests/site.pp b/puppet/manifests/site.pp
new file mode 100644
index 0000000..6f3e5aa
--- /dev/null
+++ b/puppet/manifests/site.pp
@@ -0,0 +1,8 @@
+#
+# Puppet site configuration.
+#
+
+import "classes/users.pp"
+import "classes/websites.pp"
+import "modules.pp"
+import "nodes.pp"