diff options
| author | drebs <drebs@riseup.net> | 2011-03-19 12:27:05 -0300 |
|---|---|---|
| committer | drebs <drebs@riseup.net> | 2011-03-19 12:27:05 -0300 |
| commit | 13203a28257422df18f5d96ad4897e27d32cbdd4 (patch) | |
| tree | 52111300798d6fda5be9f8f59caa4ed5ca506599 /manifests/classes | |
| parent | 606dabe0b582b21d6ccdf1d749442b3fc11a3024 (diff) | |
| download | puppet-bootstrap-13203a28257422df18f5d96ad4897e27d32cbdd4.tar.gz puppet-bootstrap-13203a28257422df18f5d96ad4897e27d32cbdd4.tar.bz2 | |
grouping classes in one dir
Diffstat (limited to 'manifests/classes')
| -rw-r--r-- | manifests/classes/admin_node.pp | 12 | ||||
| -rw-r--r-- | manifests/classes/default_conf.pp | 293 | ||||
| -rw-r--r-- | manifests/classes/firewall.pp | 13 | ||||
| -rw-r--r-- | manifests/classes/puppet_bootstrap.pp | 35 | ||||
| -rw-r--r-- | manifests/classes/puppetmasterd.pp | 21 | ||||
| -rw-r--r-- | manifests/classes/users.pp | 30 |
6 files changed, 404 insertions, 0 deletions
diff --git a/manifests/classes/admin_node.pp b/manifests/classes/admin_node.pp new file mode 100644 index 0000000..22b08fd --- /dev/null +++ b/manifests/classes/admin_node.pp @@ -0,0 +1,12 @@ +class admin_node { + nodo::vserver::instance { "$hostname-master": + context => '2', + puppetmaster => true, + } + + host { "puppet": + ensure => present, + ip => "192.168.0.2", + host_aliases => [ "puppet.$domain", "admin" ], + } +} diff --git a/manifests/classes/default_conf.pp b/manifests/classes/default_conf.pp new file mode 100644 index 0000000..d1ef7c5 --- /dev/null +++ b/manifests/classes/default_conf.pp @@ -0,0 +1,293 @@ +class default_conf { + + $templates_dir = "$puppet_bootstrap_tmpdir/templates" + $default_puppet_conf_dir = "$puppet_dir/default-conf" + + # reference to admin vserver + host { "$hostname": + ensure => present, + ip => "127.0.0.1", + host_aliases => [ "$hostname.$domain", "puppet.$domain", "puppet", "admin" ], + } + + + # directories + file { ["$puppet_dir", "$default_puppet_conf_dir"]: + ensure => directory, + owner => "puppet", + group => "puppet", + mode => 0755, + require => Package["puppet"], + } + + file { [ "$default_puppet_conf_dir/files", + "$default_puppet_conf_dir/manifests", + "$default_puppet_conf_dir/modules", + "$default_puppet_conf_dir/manifests/classes", + "$default_puppet_conf_dir/manifests/nodes" ]: + ensure => directory, + owner => "puppet", + group => "puppet", + mode => 0755, + require => File["$default_puppet_conf_dir"], + } + + + + # files in $default_puppet_conf_dir + file { "$default_puppet_conf_dir/puppet.conf": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => Package["puppet"], + content => template("$templates_dir/puppet/puppet.conf.erb"), + } + + file { "$default_puppet_conf_dir/fileserver.conf": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => Package["puppet"], + content => template("$templates_dir/puppet/fileserver.conf.erb"), + } + + file { "$default_puppet_conf_dir/auth.conf": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => Package["puppet"], + content => template("$templates_dir/puppet/auth.conf.erb"), + } + + # files in $default_puppet_conf_dir/manifests + file { "$default_puppet_conf_dir/manifests/site.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests"] ], + content => template("$templates_dir/puppet/site.pp.erb"), + } + + file { "$default_puppet_conf_dir/manifests/modules.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests"] ], + content => template("$templates_dir/puppet/modules.pp.erb"), + } + + file { "$default_puppet_conf_dir/manifests/nodes.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests"] ], + content => template("$templates_dir/puppet/nodes.pp.erb"), + } + + # files in $default_puppet_conf_dir/manifests/classes + file { "$default_puppet_conf_dir/manifests/classes/websites.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/classes"] ], + content => template("$templates_dir/puppet/websites.pp.erb"), + } + + file { "$default_puppet_conf_dir/manifests/classes/users.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/classes"] ], + content => template("$templates_dir/puppet/users.pp.erb"), + } + + # files in $default_puppet_conf_dir/manifests/nodes + file { "$default_puppet_conf_dir/manifests/nodes/$hostname-server.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], + content => template("$templates_dir/puppet/server.pp.erb"), + } + + file { "$default_puppet_conf_dir/manifests/nodes/$hostname-master.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], + content => template("$templates_dir/puppet/master.pp.erb"), + } + + file { "$default_puppet_conf_dir/manifests/nodes/$hostname-proxy.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], + content => template("$templates_dir/puppet/proxy.pp.erb"), + } + + file { "$default_puppet_conf_dir/manifests/nodes/$hostname-web.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], + content => template("$templates_dir/puppet/web.pp.erb"), + } + + file { "$default_puppet_conf_dir/manifests/nodes/$hostname-storage.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], + content => template("$templates_dir/puppet/storage.pp.erb"), + } + + file { "$default_puppet_conf_dir/manifests/nodes/$hostname-test.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], + content => template("$templates_dir/puppet/test.pp.erb"), + } + + + # files in $default_puppet_conf_dir/files + file { [ "$default_puppet_conf_dir/files/etc", + "$default_puppet_conf_dir/files/etc/nginx", + "$default_puppet_conf_dir/files/etc/nagios3", + "$default_puppet_conf_dir/files/postfix", + "$default_puppet_conf_dir/files/apache", + "$default_puppet_conf_dir/files/apache/vhosts", + "$default_puppet_conf_dir/files/apache/htdocs", + "$default_puppet_conf_dir/files/apache/htdocs/images", + "$default_puppet_conf_dir/files/keys", + "$default_puppet_conf_dir/files/keys/ssl", + "$default_puppet_conf_dir/files/shorewall" ]: + ensure => directory, + owner => "puppet", + group => "puppet", + mode => 0755, + } + + file { "$default_puppet_conf_dir/files/apache/htdocs/images/README.html": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/htdocs/images"] ], + content => template("$templates_dir/apache/htdocs/images/README.html.erb"), + } + + file { "$default_puppet_conf_dir/files/apache/htdocs/index.html": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/htdocs"] ], + content => template("$templates_dir/apache/htdocs/index.html.erb"), + } + + file { "$default_puppet_conf_dir/files/apache/htdocs/missing.html": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/htdocs"] ], + content => template("$templates_dir/apache/htdocs/missing.html.erb"), + } + + file { "$default_puppet_conf_dir/files/apache/vhosts/git": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ], + content => template("$templates_dir/apache/vhosts/git.erb"), + } + + file { "$default_puppet_conf_dir/files/apache/vhosts/lists": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ], + content => template("$templates_dir/apache/vhosts/lists.erb"), + } + + file { "$default_puppet_conf_dir/files/apache/vhosts/mail": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ], + content => template("$templates_dir/apache/vhosts/mail.erb"), + } + + file { "$default_puppet_conf_dir/files/apache/vhosts/nagios": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ], + content => template("$templates_dir/apache/vhosts/nagios.erb"), + } + + file { "$default_puppet_conf_dir/files/apache/vhosts/wiki": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ], + content => template("$templates_dir/apache/vhosts/wiki.erb"), + } + + file { "$default_puppet_conf_dir/files/etc/aliases": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/etc"] ], + content => template("$templates_dir/etc/aliases.erb"), + } + + file { "$default_puppet_conf_dir/files/etc/nagios3/htpasswd.users": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/etc/nagios3"] ], + content => template("$templates_dir/etc/nagios3/htpasswd.users.erb"), + } + + file { "$default_puppet_conf_dir/files/etc/nginx/$domain": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/etc/nginx"] ], + content => template("$templates_dir/etc/nginx/domain.erb"), + } + + file { "$default_puppet_conf_dir/files/postfix/tls_policy": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/postfix"] ], + content => template("$templates_dir/postfix/tls_policy.erb"), + } +} diff --git a/manifests/classes/firewall.pp b/manifests/classes/firewall.pp new file mode 100644 index 0000000..750fdc6 --- /dev/null +++ b/manifests/classes/firewall.pp @@ -0,0 +1,13 @@ +class firewall { + include shorewall + + shorewall::rule { "ssh-02": + action => 'DNAT', + source => 'net', + destination => "vm:192.168.0.$context:22", + proto => 'tcp', + destinationport => "22$id", + ratelimit => '-', + order => "202", + } +} diff --git a/manifests/classes/puppet_bootstrap.pp b/manifests/classes/puppet_bootstrap.pp new file mode 100644 index 0000000..d0517f7 --- /dev/null +++ b/manifests/classes/puppet_bootstrap.pp @@ -0,0 +1,35 @@ +class puppet_bootstrap { + + $templates_dir = "$puppet_bootstrap_tmpdir/templates" + + # puppet-bootstrap script + file { "/usr/local/sbin/puppet-bootstrap": + owner => "root", + group => "root", + mode => 0755, + ensure => present, + content => template("$templates_dir/bin/puppet-bootstrap"), + } + + package { "lynx": ensure => installed } + + define puppet_modules($puppet_dir) { + + # directory to download modules + file { "$puppet_dir/modules": + ensure => directory, + owner => "puppet", + group => "puppet", + mode => 0755, + } + + # execute the bootstrap script to download puppet modules + exec { "/usr/local/sbin/puppet-bootstrap add-submodules $puppet_dir": + user => root, + require => [ File["/usr/local/sbin/puppet-bootstrap"], File["$puppet_dir/modules"] ], + timeout => 600, + } + + } + +} diff --git a/manifests/classes/puppetmasterd.pp b/manifests/classes/puppetmasterd.pp new file mode 100644 index 0000000..5aaebb7 --- /dev/null +++ b/manifests/classes/puppetmasterd.pp @@ -0,0 +1,21 @@ +class puppetmasterd { + + package { "puppetmaster": ensure => installed, } + + # updates the puppet configuration dir with git repositories + # every 5 minutes. + cron { puppet-conf: + command => "git --git-dir=/etc/puppet/.git/ pull /var/git/repositories/puppet.git master && \ + git --git-dir=/etc/puppet/.git/ --work-tree=/etc/puppet/ checkout -f", + user => root, + hour => '*', + minute => '*/5', + ensure => present, + } + + # runs the service + service { "puppetmasterd": + ensure => stopped, + depends => Package["puppetmaster"], + } +} diff --git a/manifests/classes/users.pp b/manifests/classes/users.pp new file mode 100644 index 0000000..a7aba1b --- /dev/null +++ b/manifests/classes/users.pp @@ -0,0 +1,30 @@ +class users::virtual inherits user { + # define custom users here +} + +class users::backup inherits user { + # define third-party hosted backup users here +} + +class users::email inherits user { + # define third-party hosted email tunnels here +} + +class users::admin inherits user { + + # root user and password + user::manage { "root": + tag => "admin", + homedir => '/root', + password => '$root_pass', + } + + # first user config + user::manage { "$first_user": + tag => "admin", + groups => [ "sudo", ], + password => '$first_user_password', + sshkey => [ "$first_user_sshkey" ], + } + +} |