diff options
Diffstat (limited to 'puppet/manifests')
| -rw-r--r-- | puppet/manifests/bootstrap/configurator.pp | 208 | ||||
| -rw-r--r-- | puppet/manifests/bootstrap/debian.pp | 10 | ||||
| -rw-r--r-- | puppet/manifests/bootstrap/host.pp | 23 | ||||
| -rw-r--r-- | puppet/manifests/bootstrap/master.pp | 11 | ||||
| -rw-r--r-- | puppet/manifests/bootstrap/vagrant.pp | 38 | ||||
| -rw-r--r-- | puppet/manifests/classes/users.pp | 33 | ||||
| l--------- | puppet/manifests/hiera | 1 | ||||
| -rw-r--r-- | puppet/manifests/nodes/.empty | 0 | ||||
| -rw-r--r-- | puppet/manifests/nodes/default.pp | 3 |
9 files changed, 327 insertions, 0 deletions
diff --git a/puppet/manifests/bootstrap/configurator.pp b/puppet/manifests/bootstrap/configurator.pp new file mode 100644 index 0000000..edcbe92 --- /dev/null +++ b/puppet/manifests/bootstrap/configurator.pp @@ -0,0 +1,208 @@ +# +# Puppet Bootstrap Configuration Manifest. +# +# This file is responsible to set custom configuration in the bootstrap +# repository for values set in the hiera configuration. +# +# This manifest is useful mostly after you cloned the puppet-boostrap module +# and want to configure it to boostrap a whole puppetmaster infrastructure. +# + +# +# Basic variables +# +$templates = "$bootstrap_path/templates" +$base_domain = hiera('bootstrap::base_domain', "${::domain}") +$first_hostname = hiera('bootstrap::first_hostname', "${::hostname}") +$first_nodes = hiera('bootstrap::first_nodes', 'absent') +$db_password = hiera('nodo::role::master::db_password', '') +$mysql_rootpw = hiera('mysql::server::rootpw', '') +$root_password = hiera('bootstrap::root::password', '') +$first_user = hiera('bootstrap::first_user', 'user') +$first_user_password = hiera('bootstrap::first_user::password', '') +$first_user_sshkey = hiera('bootstrap::first_user::sshkey', '') +$first_user_email = hiera('bootstrap::first_user::email', 'user@example.org') +$resolvconf_nameservers = hiera('nodo::subsystem::resolver::nameservers', '201.6.2.152:201.6.2.32') +$global_munin_allow = hiera('nodo::munin_node::allow', '192.168.0.[0-9]*') + +# +# Check bootstrap configuration +# + +if ($mysql_rootpw == '') { + alert('You must set mysql::server::rootpw at your configuration') + fail() +} + +if ($db_password == '') { + alert('You must set nodo::role::master::db_password at your configuration') + fail() +} + +if ($root_password == '') { + alert('You must set bootstrap::root::password at your configuration') + fail() +} + +if ($first_user_password == '') { + alert('You must set bootstrap::first_user::password at your configuration') + fail() +} + +# +# Puppet configuration +# +file { "$bootstrap_path/puppet.conf": + ensure => present, + mode => 0644, + content => template("$templates/puppet/puppet.conf.erb"), +} + +# Fileserver configuration +file { "$bootstrap_path/fileserver.conf": + ensure => present, + mode => 0644, + content => template("$templates/puppet/fileserver.conf.erb"), +} + +file { "$bootstrap_path/auth.conf": + ensure => present, + mode => 0644, + content => template("$templates/puppet/auth.conf.erb"), +} + +# +# Basic users +# +file { "$bootstrap_path/modules/site_users/manifests/init.pp": + ensure => present, + mode => 0644, + content => template("$templates/puppet/users.pp.erb"), +} + +# +# Site files +# + +file { "$bootstrap_path/modules/site_apache/files/htdocs/images/README.html": + ensure => present, + mode => 0644, + content => template("$templates/apache/htdocs/images/README.html.erb"), +} + +file { "$bootstrap_path/modules/site_apache/files/htdocs/index.html": + ensure => present, + mode => 0644, + content => template("$templates/apache/htdocs/index.html.erb"), +} + +file { "$bootstrap_path/modules/site_apache/files/htdocs/missing.html": + ensure => present, + mode => 0644, + content => template("$templates/apache/htdocs/missing.html.erb"), +} + +file { "$bootstrap_path/modules/site_apache/files/vhosts/git": + ensure => present, + mode => 0644, + content => template("$templates/apache/vhosts/git.erb"), +} + +file { "$bootstrap_path/modules/site_apache/files/vhosts/lists": + ensure => present, + mode => 0644, + content => template("$templates/apache/vhosts/lists.erb"), +} + +file { "$bootstrap_path/modules/site_apache/files/vhosts/mail": + ensure => present, + mode => 0644, + content => template("$templates/apache/vhosts/mail.erb"), +} + +file { "$bootstrap_path/modules/site_apache/files/vhosts/nagios": + ensure => present, + mode => 0644, + content => template("$templates/apache/vhosts/nagios.erb"), +} + +file { "$bootstrap_path/modules/site_apache/files/vhosts/wiki": + ensure => present, + mode => 0644, + content => template("$templates/apache/vhosts/wiki.erb"), +} + +file { "$bootstrap_path/modules/site_mail/files/aliases": + ensure => present, + mode => 0644, + content => template("$templates/etc/aliases.erb"), +} + +file { "$bootstrap_path/modules/site_nagios/files/htpasswd.users": + ensure => present, + mode => 0644, + content => template("$templates/etc/nagios3/htpasswd.users.erb"), +} + +file { "$bootstrap_path/modules/site_nginx/files/$domain": + ensure => present, + mode => 0644, + content => template("$templates/etc/nginx/domain.erb"), +} + +file { "$bootstrap_path/modules/site_postfix/files/tls_policy": + ensure => present, + mode => 0644, + content => template("$templates/postfix/tls_policy.erb"), +} + +# +# Basic nodes +# +file { "$bootstrap_path/manifests/nodes.pp": + ensure => present, + mode => 0644, + content => template("$templates/puppet/nodes.pp.erb"), +} + +# First host +file { "$bootstrap_path/manifests/nodes/$first_hostname.pp": + ensure => $first_nodes, + mode => 0644, + content => template("$templates/puppet/server.pp.erb"), +} + +# Master node +file { "$bootstrap_path/manifests/nodes/$first_hostname-master.pp": + ensure => $first_nodes, + mode => 0644, + content => template("$templates/puppet/master.pp.erb"), +} + +# Proxy node +file { "$bootstrap_path/manifests/nodes/$first_hostname-proxy.pp": + ensure => $first_nodes, + mode => 0644, + content => template("$templates/puppet/proxy.pp.erb"), +} + +# Web node +file { "$bootstrap_path/manifests/nodes/$first_hostname-web.pp": + ensure => $first_nodes, + mode => 0644, + content => template("$templates/puppet/web.pp.erb"), +} + +# Storage node +file { "$bootstrap_path/manifests/nodes/$first_hostname-storage.pp": + ensure => $first_nodes, + mode => 0644, + content => template("$templates/puppet/storage.pp.erb"), +} + +# Test node +file { "$bootstrap_path/manifests/nodes/$first_hostname-test.pp": + ensure => $first_nodes, + mode => 0644, + content => template("$templates/puppet/test.pp.erb"), +} diff --git a/puppet/manifests/bootstrap/debian.pp b/puppet/manifests/bootstrap/debian.pp new file mode 100644 index 0000000..3038324 --- /dev/null +++ b/puppet/manifests/bootstrap/debian.pp @@ -0,0 +1,10 @@ +# +# This manifest is intended to configure a vagrant +# virtual machine for debian development. +# + +# Import vagrant configuration +import "vagrant.pp" + +# Debian utilities +include nodo::utils::development::debian diff --git a/puppet/manifests/bootstrap/host.pp b/puppet/manifests/bootstrap/host.pp new file mode 100644 index 0000000..5f9c23a --- /dev/null +++ b/puppet/manifests/bootstrap/host.pp @@ -0,0 +1,23 @@ +# +# This manifest is intended to configure the initial +# machine wich will host the first puppetmaster +# virtual machine. +# + +# The server role +class { 'nodo: + role => 'server', +} + +# Creates vserver for administrative node +nodo::vserver::instance { "$hostname-master": + context => '2', + puppetmaster => true, +} + +# Create a host entry for this puppet node +host { "puppet": + ensure => present, + ip => "192.168.0.2", + host_aliases => [ "puppet.$domain", "admin" ], +} diff --git a/puppet/manifests/bootstrap/master.pp b/puppet/manifests/bootstrap/master.pp new file mode 100644 index 0000000..5934d3e --- /dev/null +++ b/puppet/manifests/bootstrap/master.pp @@ -0,0 +1,11 @@ +# +# This manifest is intended to configure the initial +# puppetmaster node. +# +# Once it's running it can setup all the other nodes. +# + +# Include the master node configuration +class { 'nodo': + role => 'master', +} diff --git a/puppet/manifests/bootstrap/vagrant.pp b/puppet/manifests/bootstrap/vagrant.pp new file mode 100644 index 0000000..47305dc --- /dev/null +++ b/puppet/manifests/bootstrap/vagrant.pp @@ -0,0 +1,38 @@ +# +# This manifest is intended to configure a vagrant +# virtual machine. +# + +# +# Class definitions +# + +# Vagrant classes +class { 'nodo': + role => 'vagrant', +} + +# +# LAMP example +# +#include database +# +#class { 'apache': +# default_folder => '/vagrant', +# default_user => 'vagrant', +# default_group => 'vagrant', +#} +# +# If you want to manage another website +#apache::site { "myapp": +# docroot => "/vagrant/", +# server_alias => 'myapp vagrant localhost', +# use => [ "Site myapp" ], +# tag => 'all', +# owner => vagrant, +# group => vagrant, +# mpm_user => vagrant, +# mpm_group => vagrant, +# password => '$5$NZfZqcdyZ3Xt$.kfZejriEJP3fc6RU0gBGEzMPQ/c3XiowVImB6VDrtD', +# shell => '/bin/bash', +#} diff --git a/puppet/manifests/classes/users.pp b/puppet/manifests/classes/users.pp new file mode 100644 index 0000000..7ebc9a8 --- /dev/null +++ b/puppet/manifests/classes/users.pp @@ -0,0 +1,33 @@ +class users::virtual inherits user { + # define custom users here +} + +class users::backup inherits user { + # define third-party hosted backup users here +} + +class users::admin inherits user { + + # Reprepro group needed for web nodes + #if !defined(Group["reprepro"]) { + # group { "reprepro": + # ensure => present, + # } + #} + + # root user and password (default 'vagrant' passphrase) + user::manage { "root": + tag => "admin", + homedir => '/root', + password => '$5$aosRByu9U0$Cc7l2vpjV4sRLlao2JmG0lxOnD2crNLU7gZfn2eayu.', + } + + # first user config (default 'vagrant' passphrase and pubkey) + user::manage { "vagrant": + tag => "admin", + groups => [ "sudo", ], + password => '$5$NCuDu81a$iHr7tZiGX0tKooq6N0bEwE7QDhRqfI9/yyD7WU1GiFB', + sshkey => [ "AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ==" ], + } + +} diff --git a/puppet/manifests/hiera b/puppet/manifests/hiera new file mode 120000 index 0000000..ba8aae1 --- /dev/null +++ b/puppet/manifests/hiera @@ -0,0 +1 @@ +../hiera
\ No newline at end of file diff --git a/puppet/manifests/nodes/.empty b/puppet/manifests/nodes/.empty new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/puppet/manifests/nodes/.empty diff --git a/puppet/manifests/nodes/default.pp b/puppet/manifests/nodes/default.pp new file mode 100644 index 0000000..5ebbf90 --- /dev/null +++ b/puppet/manifests/nodes/default.pp @@ -0,0 +1,3 @@ +node default { + include nodo +} |