aboutsummaryrefslogtreecommitdiff
path: root/manifests/classes
diff options
context:
space:
mode:
authordrebs <drebs@riseup.net>2011-03-19 12:27:05 -0300
committerdrebs <drebs@riseup.net>2011-03-19 12:27:05 -0300
commit13203a28257422df18f5d96ad4897e27d32cbdd4 (patch)
tree52111300798d6fda5be9f8f59caa4ed5ca506599 /manifests/classes
parent606dabe0b582b21d6ccdf1d749442b3fc11a3024 (diff)
downloadpuppet-bootstrap-13203a28257422df18f5d96ad4897e27d32cbdd4.tar.gz
puppet-bootstrap-13203a28257422df18f5d96ad4897e27d32cbdd4.tar.bz2
grouping classes in one dir
Diffstat (limited to 'manifests/classes')
-rw-r--r--manifests/classes/admin_node.pp12
-rw-r--r--manifests/classes/default_conf.pp293
-rw-r--r--manifests/classes/firewall.pp13
-rw-r--r--manifests/classes/puppet_bootstrap.pp35
-rw-r--r--manifests/classes/puppetmasterd.pp21
-rw-r--r--manifests/classes/users.pp30
6 files changed, 404 insertions, 0 deletions
diff --git a/manifests/classes/admin_node.pp b/manifests/classes/admin_node.pp
new file mode 100644
index 0000000..22b08fd
--- /dev/null
+++ b/manifests/classes/admin_node.pp
@@ -0,0 +1,12 @@
+class admin_node {
+ nodo::vserver::instance { "$hostname-master":
+ context => '2',
+ puppetmaster => true,
+ }
+
+ host { "puppet":
+ ensure => present,
+ ip => "192.168.0.2",
+ host_aliases => [ "puppet.$domain", "admin" ],
+ }
+}
diff --git a/manifests/classes/default_conf.pp b/manifests/classes/default_conf.pp
new file mode 100644
index 0000000..d1ef7c5
--- /dev/null
+++ b/manifests/classes/default_conf.pp
@@ -0,0 +1,293 @@
+class default_conf {
+
+ $templates_dir = "$puppet_bootstrap_tmpdir/templates"
+ $default_puppet_conf_dir = "$puppet_dir/default-conf"
+
+ # reference to admin vserver
+ host { "$hostname":
+ ensure => present,
+ ip => "127.0.0.1",
+ host_aliases => [ "$hostname.$domain", "puppet.$domain", "puppet", "admin" ],
+ }
+
+
+ # directories
+ file { ["$puppet_dir", "$default_puppet_conf_dir"]:
+ ensure => directory,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0755,
+ require => Package["puppet"],
+ }
+
+ file { [ "$default_puppet_conf_dir/files",
+ "$default_puppet_conf_dir/manifests",
+ "$default_puppet_conf_dir/modules",
+ "$default_puppet_conf_dir/manifests/classes",
+ "$default_puppet_conf_dir/manifests/nodes" ]:
+ ensure => directory,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0755,
+ require => File["$default_puppet_conf_dir"],
+ }
+
+
+
+ # files in $default_puppet_conf_dir
+ file { "$default_puppet_conf_dir/puppet.conf":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => Package["puppet"],
+ content => template("$templates_dir/puppet/puppet.conf.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/fileserver.conf":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => Package["puppet"],
+ content => template("$templates_dir/puppet/fileserver.conf.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/auth.conf":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => Package["puppet"],
+ content => template("$templates_dir/puppet/auth.conf.erb"),
+ }
+
+ # files in $default_puppet_conf_dir/manifests
+ file { "$default_puppet_conf_dir/manifests/site.pp":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests"] ],
+ content => template("$templates_dir/puppet/site.pp.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/manifests/modules.pp":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests"] ],
+ content => template("$templates_dir/puppet/modules.pp.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/manifests/nodes.pp":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests"] ],
+ content => template("$templates_dir/puppet/nodes.pp.erb"),
+ }
+
+ # files in $default_puppet_conf_dir/manifests/classes
+ file { "$default_puppet_conf_dir/manifests/classes/websites.pp":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/classes"] ],
+ content => template("$templates_dir/puppet/websites.pp.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/manifests/classes/users.pp":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/classes"] ],
+ content => template("$templates_dir/puppet/users.pp.erb"),
+ }
+
+ # files in $default_puppet_conf_dir/manifests/nodes
+ file { "$default_puppet_conf_dir/manifests/nodes/$hostname-server.pp":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ],
+ content => template("$templates_dir/puppet/server.pp.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/manifests/nodes/$hostname-master.pp":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ],
+ content => template("$templates_dir/puppet/master.pp.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/manifests/nodes/$hostname-proxy.pp":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ],
+ content => template("$templates_dir/puppet/proxy.pp.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/manifests/nodes/$hostname-web.pp":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ],
+ content => template("$templates_dir/puppet/web.pp.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/manifests/nodes/$hostname-storage.pp":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ],
+ content => template("$templates_dir/puppet/storage.pp.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/manifests/nodes/$hostname-test.pp":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ],
+ content => template("$templates_dir/puppet/test.pp.erb"),
+ }
+
+
+ # files in $default_puppet_conf_dir/files
+ file { [ "$default_puppet_conf_dir/files/etc",
+ "$default_puppet_conf_dir/files/etc/nginx",
+ "$default_puppet_conf_dir/files/etc/nagios3",
+ "$default_puppet_conf_dir/files/postfix",
+ "$default_puppet_conf_dir/files/apache",
+ "$default_puppet_conf_dir/files/apache/vhosts",
+ "$default_puppet_conf_dir/files/apache/htdocs",
+ "$default_puppet_conf_dir/files/apache/htdocs/images",
+ "$default_puppet_conf_dir/files/keys",
+ "$default_puppet_conf_dir/files/keys/ssl",
+ "$default_puppet_conf_dir/files/shorewall" ]:
+ ensure => directory,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0755,
+ }
+
+ file { "$default_puppet_conf_dir/files/apache/htdocs/images/README.html":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/htdocs/images"] ],
+ content => template("$templates_dir/apache/htdocs/images/README.html.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/files/apache/htdocs/index.html":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/htdocs"] ],
+ content => template("$templates_dir/apache/htdocs/index.html.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/files/apache/htdocs/missing.html":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/htdocs"] ],
+ content => template("$templates_dir/apache/htdocs/missing.html.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/files/apache/vhosts/git":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ],
+ content => template("$templates_dir/apache/vhosts/git.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/files/apache/vhosts/lists":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ],
+ content => template("$templates_dir/apache/vhosts/lists.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/files/apache/vhosts/mail":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ],
+ content => template("$templates_dir/apache/vhosts/mail.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/files/apache/vhosts/nagios":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ],
+ content => template("$templates_dir/apache/vhosts/nagios.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/files/apache/vhosts/wiki":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ],
+ content => template("$templates_dir/apache/vhosts/wiki.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/files/etc/aliases":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/files/etc"] ],
+ content => template("$templates_dir/etc/aliases.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/files/etc/nagios3/htpasswd.users":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/files/etc/nagios3"] ],
+ content => template("$templates_dir/etc/nagios3/htpasswd.users.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/files/etc/nginx/$domain":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/files/etc/nginx"] ],
+ content => template("$templates_dir/etc/nginx/domain.erb"),
+ }
+
+ file { "$default_puppet_conf_dir/files/postfix/tls_policy":
+ ensure => present,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0644,
+ require => [ Package["puppet"], File["$default_puppet_conf_dir/files/postfix"] ],
+ content => template("$templates_dir/postfix/tls_policy.erb"),
+ }
+}
diff --git a/manifests/classes/firewall.pp b/manifests/classes/firewall.pp
new file mode 100644
index 0000000..750fdc6
--- /dev/null
+++ b/manifests/classes/firewall.pp
@@ -0,0 +1,13 @@
+class firewall {
+ include shorewall
+
+ shorewall::rule { "ssh-02":
+ action => 'DNAT',
+ source => 'net',
+ destination => "vm:192.168.0.$context:22",
+ proto => 'tcp',
+ destinationport => "22$id",
+ ratelimit => '-',
+ order => "202",
+ }
+}
diff --git a/manifests/classes/puppet_bootstrap.pp b/manifests/classes/puppet_bootstrap.pp
new file mode 100644
index 0000000..d0517f7
--- /dev/null
+++ b/manifests/classes/puppet_bootstrap.pp
@@ -0,0 +1,35 @@
+class puppet_bootstrap {
+
+ $templates_dir = "$puppet_bootstrap_tmpdir/templates"
+
+ # puppet-bootstrap script
+ file { "/usr/local/sbin/puppet-bootstrap":
+ owner => "root",
+ group => "root",
+ mode => 0755,
+ ensure => present,
+ content => template("$templates_dir/bin/puppet-bootstrap"),
+ }
+
+ package { "lynx": ensure => installed }
+
+ define puppet_modules($puppet_dir) {
+
+ # directory to download modules
+ file { "$puppet_dir/modules":
+ ensure => directory,
+ owner => "puppet",
+ group => "puppet",
+ mode => 0755,
+ }
+
+ # execute the bootstrap script to download puppet modules
+ exec { "/usr/local/sbin/puppet-bootstrap add-submodules $puppet_dir":
+ user => root,
+ require => [ File["/usr/local/sbin/puppet-bootstrap"], File["$puppet_dir/modules"] ],
+ timeout => 600,
+ }
+
+ }
+
+}
diff --git a/manifests/classes/puppetmasterd.pp b/manifests/classes/puppetmasterd.pp
new file mode 100644
index 0000000..5aaebb7
--- /dev/null
+++ b/manifests/classes/puppetmasterd.pp
@@ -0,0 +1,21 @@
+class puppetmasterd {
+
+ package { "puppetmaster": ensure => installed, }
+
+ # updates the puppet configuration dir with git repositories
+ # every 5 minutes.
+ cron { puppet-conf:
+ command => "git --git-dir=/etc/puppet/.git/ pull /var/git/repositories/puppet.git master && \
+ git --git-dir=/etc/puppet/.git/ --work-tree=/etc/puppet/ checkout -f",
+ user => root,
+ hour => '*',
+ minute => '*/5',
+ ensure => present,
+ }
+
+ # runs the service
+ service { "puppetmasterd":
+ ensure => stopped,
+ depends => Package["puppetmaster"],
+ }
+}
diff --git a/manifests/classes/users.pp b/manifests/classes/users.pp
new file mode 100644
index 0000000..a7aba1b
--- /dev/null
+++ b/manifests/classes/users.pp
@@ -0,0 +1,30 @@
+class users::virtual inherits user {
+ # define custom users here
+}
+
+class users::backup inherits user {
+ # define third-party hosted backup users here
+}
+
+class users::email inherits user {
+ # define third-party hosted email tunnels here
+}
+
+class users::admin inherits user {
+
+ # root user and password
+ user::manage { "root":
+ tag => "admin",
+ homedir => '/root',
+ password => '$root_pass',
+ }
+
+ # first user config
+ user::manage { "$first_user":
+ tag => "admin",
+ groups => [ "sudo", ],
+ password => '$first_user_password',
+ sshkey => [ "$first_user_sshkey" ],
+ }
+
+}